Caut exploit vulnerability pentru urmatorul script de upload

Forumul Softpedia > Professional Zone > Webmaster Corner > Web Scripts Forum

dayryad
17th March 2008, 11:50


1.Se dau trei fisiere php: epaper_login ; epaper ; epaper_mod
Oare este vulnerabil la remote code execution? dry.gif

Nu imi povestiti ca daca uploadezi un fisier .txt care sa contina script php pe care dupa aceea sa il executi.... ; nu la asta m-am referit ...
Incercati fie sa uploadati un fisier .txt dar ca ii schimbati numele sub care va fi salvat pe webserver numai din cmd browser ; fie sa incarcati/executati un script remote ...

Chiar doresc parerea voastra....

epaper_login.php:



echo '<htm>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body>

<center>

<form name="f1" action="epaper.php" method="post">

<table boder=1 bgcolor="#acacac">
<tr>
<td align=\'center\'>
<font color="#ffffff" size="5"><B>Login</B></font>
<hr>
</td>
</tr>
<tr>
<td>
<font color="#000000" size="3">account:</font><input name="vuser" type="text" value="" size';
echo '=20><br>
</td>
</tr>
<tr>
<td>
<font color="#000000" size="3">pwd:</font><input name="vpwd" type="password" value="" size=20><br>
</td>
</tr>
<tr>
<td align=\'center\'>
<input type="submit" name="submit" value="Login">
<input type="reset" value="Reset">
</td>
</tr>
</table>
</form>

</center>


</body>
</htm>';
?>


epaper.php:


session_start ();
$epaper_path = '/var/www/admin/epaper/';
$STR_USER = 'Admin';
$STR_PWD = '123';
$vuser = (isset ($_POST['vuser']) ? $_POST['vuser'] : $_GET['vuser']);
$vpwd = (isset ($_POST['vpwd']) ? $_POST['vpwd'] : $_GET['vpwd']);
if (((isset ($vuser) AND $vuser == $STR_USER) AND (isset ($vpwd) AND $vpwd == $STR_PWD)))
{
$_SESSION['is_ePaperAdmin'] = 'YES';
}

if (((!isset ($_SESSION['is_ePaperAdmin']) OR $_SESSION['is_ePaperAdmin'] == 'N') OR $_SESSION['is_ePaperAdmin'] == ''))
{
print '<script>location=\'epaper_login.php\'</script>';
exit ();
}

$fn_email_list = 'email_list.txt';
$fn_email_content = 'email_content.txt';
$isHasList = false;
$isHasContent = false;
$fd = opendir ($epaper_path);
while ($file_name = readdir ($fd))
{
if ($file_name == $fn_email_list)
{
$isHasList = true;
}

if ($file_name == $fn_email_content)
{
$isHasContent = true;
continue;
}
}

$exist_files = '';
if ($isHasList)
{
$exist_files .= 'Email_List_File:<a href=\'' . $fn_email_list . '\' target=\'_blank\'>[' . $fn_email_list . ']</a><br>';
}

if ($isHasContent)
{
$exist_files .= 'Email_Content_File:<a href=\'' . $fn_email_content . '\' target=\'_blank\'>[' . $fn_email_content . ']</a>';
}

if ($exist_files == '')
{
$exist_files = '<font color=\'red\'>No files in the server, please upload the files first</font>';
}

echo '
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
';
echo '<s';
echo 'cript language=\'JavaScript\'>
<!--
function sendEmailDo(){
if (confirm(\'Are you sure??\')){
return (true);
}
return (false);
}
//-->
</script>
</head>
<body>
<center>

<form name="frm3" method="post" action="epaper_mod.php" onSubmit="return sendEmailDo()">
<input type="hidden" name="vMod" value="XSEND">
<font color=\'blue\'><b>Send ePaper with List</b></font><br>
Subject:<input type="text" na';
echo 'me="xsubject" value="ePaper" >
<input type="submit" name="submit" value="Send ePaper to ALL"><br>
';
echo $exist_files;
echo '<br>
</form>
<hr>
<font color=\'red\'>Note: you can upload a file only in the same time!!</font><br>

<form name="frm" method="post" action="epaper_mod.php" enctype="multipart/form-data">
<input type="hidden" name="vMod" value="UPFILES" >
Upload Email List<input type=\'file\' name=\'upfile\'>&nbsp;&nbsp;
<input type="submit" name="submit" value="Upload">&nbsp;&nbsp;
<input type="reset" name="reset" value';
echo '="reset">
</form>
<br>
<form name="frm2" method="post" action="epaper_mod.php" enctype="multipart/form-data">
<input name="vMod" value="UPFILES_HTML" >
Upload Email Content<input type=\'file\' name=\'upfile_html\'>&nbsp;&nbsp;
<input type="submit" name="submit" value="Upload">&nbsp;&nbsp;
<input type="reset" name="reset" value="reset">
</form>
<hr>
<form name="frm4" method="post" action';
echo '="epaper_mod.php" onSubmit="return sendEmailDo()">
<input type="hidden" name="vMod" value="XSEND_ONE">
Send ePaper To One<br>
Name<input type="text" name="xname" value="" >
Email<input type="text" name="xemail" value="" >
Subject<input type="text" name="xsubject" value="ePaper" >
<input type="submit" name="submit" value="Send Email">
</form>

<hr>
log files of send to all:<br>
';
$fd = opendir ($epaper_path);
while ($file_name = readdir ($fd))
{
$pos = strpos ($file_name, '_send_email_log.txt');
if ($pos === false)
{
continue;
}
else
{
echo '<a href=\'' . $file_name . '\' target=\'_balnk\'>[' . $file_name . ']<a><br>';
continue;
}
}

echo '</center>
</body>
';
?>



epaper_mod.php:



function saveuploadonefile ($vFileName, $vDir, $saveFileName)
{
$vFName = '';
if ((isset ($_FILES[$vFileName]['tmp_name']) AND $_FILES[$vFileName]['tmp_name'] != ''))
{
$vFName = $saveFileName;
copy ($_FILES[$vFileName]['tmp_name'], $vDir . $vFName);
}

return $vFName;
}

function readonefile ($vfile_name)
{
$handle = fopen ($vfile_name, 'r');
$contents = fread ($handle, filesize ($vfile_name));
fclose ($handle);
return $contents;
}

function writetologfile ($vDir, $str)
{
$vFN = $vDir . date ('Ymd') . date ('His') . '_send_email_log.txt';
if (!$handle = fopen ($vFN, 'a+'))
{
echo '' . 'Cannot open file (' . $vFN . ')';
exit ();
}

if (!fwrite ($handle, $str))
{
echo '' . 'Cannot write to file (' . $vFN . ')';
exit ();
}

fclose ($handle);
}

session_start ();
$epaper_path = '/var/www/admin/epaper/';
$send_from = 'admin<admin@yoursite.com>';
if (((!isset ($_SESSION['is_ePaperAdmin']) OR $_SESSION['is_ePaperAdmin'] == 'N') OR $_SESSION['is_ePaperAdmin'] == ''))
{
print '<script>location=\'epaper_login.php\'</script>';
exit ();
}

echo '<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
';
$fn_email_list = 'email_list.txt';
$fn_email_content = 'email_content.txt';
$cus_name = '[CUS_NAME]';
$vMod = (isset ($_POST['vMod']) ? $_POST['vMod'] : $_GET['vMod']);
if ((isset ($vMod) AND $vMod == 'UPFILES'))
{
$rs = saveuploadonefile ('upfile', $epaper_path, $fn_email_list);
if ($rs != '')
{
$rs = 'success';
}
else
{
$rs = 'fail';
}

print '<script>java script:alert(\'upload ' . $fn_email_list . ' ' . $rs . '\');window.navigate(\'epaper.php\');</script>';
return null;
}

if ((isset ($vMod) AND $vMod == 'UPFILES_HTML'))
{
$rs = saveuploadonefile ('upfile_html', $epaper_path, $fn_email_content);
if ($rs != '')
{
$rs = 'success';
}
else
{
$rs = 'fail';
}

print '<script>java script:alert(\'upload ' . $fn_email_content . ' ' . $rs . '\');window.navigate(\'epaper.php\');</script>';
return null;
}

if ((isset ($vMod) AND $vMod == 'XSEND'))
{
$isHasList = false;
$isHasContent = false;
$fd = opendir ($epaper_path);
while ($file_name = readdir ($fd))
{
if ($file_name == $fn_email_list)
{
$isHasList = true;
}

if ($file_name == $fn_email_content)
{
$isHasContent = true;
continue;
}
}

if (!$isHasList)
{
print '<script>java script:alert(\'No email list\');window.navigate(\'epaper.php\');</script>';
return null;
}

if (!$isHasContent)
{
print '<script>java script:alert(\'No email content\');window.navigate(\'epaper.php\');</script>';
return null;
}

$strEmailList = readonefile ($epaper_path . $fn_email_list);
$strEmailContent = readonefile ($epaper_path . $fn_email_content);
$aryNames = array ();
$aryEmails = array ();
$idx = 0;
$aryTmp = explode ('
', $strEmailList);
$i = 0;
while ($i < count ($aryTmp))
{
$tt = trim ($aryTmp[$i], '
');
if ($tt != '')
{
$aryTT = explode (',', $tt);
$aryNames[$idx] = $aryTT[0];
$aryEmails[$idx] = $aryTT[1];
++$idx;
}

++$i;
}

$xsubject = (isset ($_POST['xsubject']) ? $_POST['xsubject'] : $_GET['xsubject']);
$rs_send = '';
$i = 0;
while ($i < count ($aryNames))
{
$to = $aryEmails[$i];
$subject = $xsubject;
$message = str_replace ($cus_name, $aryNames[$i], $strEmailContent);
$headers = 'MIME-Version: 1.0
';
$headers .= 'Content-type: text/html; charset=iso-8859-1
';
$headers .= 'To: ' . $aryNames[$i] . ' <' . $aryEmails[$i] . '>
';
$headers .= 'From: ' . $send_from . '
';
$rs = mail ($to, $subject, $message, $headers);
$rs_send .= $aryNames[$i] . ',' . $aryEmails[$i] . '=send_' . ($rs ? 'OK' : 'NO') . '
';
$j = 0;
while ($j < 100000)
{
++$j;
}

++$i;
}

writetologfile ($epaper_path, $rs_send);
print '<script>java script:alert(\'send finish\');window.navigate(\'epaper.php\');</script>';
return null;
}

if ((isset ($vMod) AND $vMod == 'XSEND_ONE'))
{
$isHasContent = false;
$fd = opendir ($epaper_path);
while ($file_name = readdir ($fd))
{
if ($file_name == $fn_email_content)
{
$isHasContent = true;
continue;
}
}

if (!$isHasContent)
{
print '<script>java script:alert(\'No email content\');window.navigate(\'epaper.php\');</script>';
return null;
}

$strEmailContent = readonefile ($epaper_path . $fn_email_content);
$xname = (isset ($_POST['xname']) ? $_POST['xname'] : $_GET['xname']);
$xemail = (isset ($_POST['xemail']) ? $_POST['xemail'] : $_GET['xemail']);
$xsubject = (isset ($_POST['xsubject']) ? $_POST['xsubject'] : $_GET['xsubject']);
$to = $xemail;
$subject = $xsubject;
$message = str_replace ($cus_name, $xname, $strEmailContent);
$headers = 'MIME-Version: 1.0
';
$headers .= 'Content-type: text/html; charset=iso-8859-1
';
$headers .= 'To: ' . $xname . ' <' . $xemail . '>
';
$headers .= 'From: ' . $send_from . '
';
echo 'TO=[' . $to . ']<br>';
echo 'subject=[' . $subject . ']<br>';
echo 'message=[' . $message . ']<br>';
$rs = mail ($to, $subject, $message, $headers);
print '<script>java script:alert(\'send finish=' . ($rs ? 'OK' : 'NO') . '\');window.navigate(\'epaper.php\');</script>';
return null;
}

echo '
';
?>
razvansmek
24th March 2008, 22:08
aloo .. hackingu .. in alta parte tata smile.gif
 
BabyMaker
24th March 2008, 23:25
QUOTE (dayryad @ Mar 17 2008, 11:50) *
1.Se dau trei fisiere php: epaper_login ; epaper ; epaper_mod
Oare este vulnerabil la remote code execution? dry.gif

Nu imi povestiti ca daca uploadezi un fisier .txt care sa contina script php pe care dupa aceea sa il executi.... ; nu la asta m-am referit ...
Incercati fie sa uploadati un fisier .txt dar ca ii schimbati numele sub care va fi salvat pe webserver numai din cmd browser ; fie sa incarcati/executati un script remote ...

Chiar doresc parerea voastra....

epaper_login.php:



echo '<htm>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body>

<center>

<form name="f1" action="epaper.php" method="post">

<table boder=1 bgcolor="#acacac">
<tr>
<td align=\'center\'>
<font color="#ffffff" size="5"><B>Login</B></font>
<hr>
</td>
</tr>
<tr>
<td>
<font color="#000000" size="3">account:</font><input name="vuser" type="text" value="" size';
echo '=20><br>
</td>
</tr>
<tr>
<td>
<font color="#000000" size="3">pwd:</font><input name="vpwd" type="password" value="" size=20><br>
</td>
</tr>
<tr>
<td align=\'center\'>
<input type="submit" name="submit" value="Login">
<input type="reset" value="Reset">
</td>
</tr>
</table>
</form>

</center>


</body>
</htm>';
?>


epaper.php:


session_start ();
$epaper_path = '/var/www/admin/epaper/';
$STR_USER = 'Admin';
$STR_PWD = '123';
$vuser = (isset ($_POST['vuser']) ? $_POST['vuser'] : $_GET['vuser']);
$vpwd = (isset ($_POST['vpwd']) ? $_POST['vpwd'] : $_GET['vpwd']);
if (((isset ($vuser) AND $vuser == $STR_USER) AND (isset ($vpwd) AND $vpwd == $STR_PWD)))
{
$_SESSION['is_ePaperAdmin'] = 'YES';
}

if (((!isset ($_SESSION['is_ePaperAdmin']) OR $_SESSION['is_ePaperAdmin'] == 'N') OR $_SESSION['is_ePaperAdmin'] == ''))
{
print '<script>location=\'epaper_login.php\'</script>';
exit ();
}

$fn_email_list = 'email_list.txt';
$fn_email_content = 'email_content.txt';
$isHasList = false;
$isHasContent = false;
$fd = opendir ($epaper_path);
while ($file_name = readdir ($fd))
{
if ($file_name == $fn_email_list)
{
$isHasList = true;
}

if ($file_name == $fn_email_content)
{
$isHasContent = true;
continue;
}
}

$exist_files = '';
if ($isHasList)
{
$exist_files .= 'Email_List_File:<a href=\'' . $fn_email_list . '\' target=\'_blank\'>[' . $fn_email_list . ']</a><br>';
}

if ($isHasContent)
{
$exist_files .= 'Email_Content_File:<a href=\'' . $fn_email_content . '\' target=\'_blank\'>[' . $fn_email_content . ']</a>';
}

if ($exist_files == '')
{
$exist_files = '<font color=\'red\'>No files in the server, please upload the files first</font>';
}

echo '
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
';
echo '<s';
echo 'cript language=\'JavaScript\'>
<!--
function sendEmailDo(){
if (confirm(\'Are you sure??\')){
return (true);
}
return (false);
}
//-->
</script>
</head>
<body>
<center>

<form name="frm3" method="post" action="epaper_mod.php" onSubmit="return sendEmailDo()">
<input type="hidden" name="vMod" value="XSEND">
<font color=\'blue\'><b>Send ePaper with List</b></font><br>
Subject:<input type="text" na';
echo 'me="xsubject" value="ePaper" >
<input type="submit" name="submit" value="Send ePaper to ALL"><br>
';
echo $exist_files;
echo '<br>
</form>
<hr>
<font color=\'red\'>Note: you can upload a file only in the same time!!</font><br>

<form name="frm" method="post" action="epaper_mod.php" enctype="multipart/form-data">
<input type="hidden" name="vMod" value="UPFILES" >
Upload Email List<input type=\'file\' name=\'upfile\'>&nbsp;&nbsp;
<input type="submit" name="submit" value="Upload">&nbsp;&nbsp;
<input type="reset" name="reset" value';
echo '="reset">
</form>
<br>
<form name="frm2" method="post" action="epaper_mod.php" enctype="multipart/form-data">
<input name="vMod" value="UPFILES_HTML" >
Upload Email Content<input type=\'file\' name=\'upfile_html\'>&nbsp;&nbsp;
<input type="submit" name="submit" value="Upload">&nbsp;&nbsp;
<input type="reset" name="reset" value="reset">
</form>
<hr>
<form name="frm4" method="post" action';
echo '="epaper_mod.php" onSubmit="return sendEmailDo()">
<input type="hidden" name="vMod" value="XSEND_ONE">
Send ePaper To One<br>
Name<input type="text" name="xname" value="" >
Email<input type="text" name="xemail" value="" >
Subject<input type="text" name="xsubject" value="ePaper" >
<input type="submit" name="submit" value="Send Email">
</form>

<hr>
log files of send to all:<br>
';
$fd = opendir ($epaper_path);
while ($file_name = readdir ($fd))
{
$pos = strpos ($file_name, '_send_email_log.txt');
if ($pos === false)
{
continue;
}
else
{
echo '<a href=\'' . $file_name . '\' target=\'_balnk\'>[' . $file_name . ']<a><br>';
continue;
}
}

echo '</center>
</body>
';
?>



epaper_mod.php:



function saveuploadonefile ($vFileName, $vDir, $saveFileName)
{
$vFName = '';
if ((isset ($_FILES[$vFileName]['tmp_name']) AND $_FILES[$vFileName]['tmp_name'] != ''))
{
$vFName = $saveFileName;
copy ($_FILES[$vFileName]['tmp_name'], $vDir . $vFName);
}

return $vFName;
}

function readonefile ($vfile_name)
{
$handle = fopen ($vfile_name, 'r');
$contents = fread ($handle, filesize ($vfile_name));
fclose ($handle);
return $contents;
}

function writetologfile ($vDir, $str)
{
$vFN = $vDir . date ('Ymd') . date ('His') . '_send_email_log.txt';
if (!$handle = fopen ($vFN, 'a+'))
{
echo '' . 'Cannot open file (' . $vFN . ')';
exit ();
}

if (!fwrite ($handle, $str))
{
echo '' . 'Cannot write to file (' . $vFN . ')';
exit ();
}

fclose ($handle);
}

session_start ();
$epaper_path = '/var/www/admin/epaper/';
$send_from = 'admin<admin@yoursite.com>';
if (((!isset ($_SESSION['is_ePaperAdmin']) OR $_SESSION['is_ePaperAdmin'] == 'N') OR $_SESSION['is_ePaperAdmin'] == ''))
{
print '<script>location=\'epaper_login.php\'</script>';
exit ();
}

echo '<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
';
$fn_email_list = 'email_list.txt';
$fn_email_content = 'email_content.txt';
$cus_name = '[CUS_NAME]';
$vMod = (isset ($_POST['vMod']) ? $_POST['vMod'] : $_GET['vMod']);
if ((isset ($vMod) AND $vMod == 'UPFILES'))
{
$rs = saveuploadonefile ('upfile', $epaper_path, $fn_email_list);
if ($rs != '')
{
$rs = 'success';
}
else
{
$rs = 'fail';
}

print '<script>java script:alert(\'upload ' . $fn_email_list . ' ' . $rs . '\');window.navigate(\'epaper.php\');</script>';
return null;
}

if ((isset ($vMod) AND $vMod == 'UPFILES_HTML'))
{
$rs = saveuploadonefile ('upfile_html', $epaper_path, $fn_email_content);
if ($rs != '')
{
$rs = 'success';
}
else
{
$rs = 'fail';
}

print '<script>java script:alert(\'upload ' . $fn_email_content . ' ' . $rs . '\');window.navigate(\'epaper.php\');</script>';
return null;
}

if ((isset ($vMod) AND $vMod == 'XSEND'))
{
$isHasList = false;
$isHasContent = false;
$fd = opendir ($epaper_path);
while ($file_name = readdir ($fd))
{
if ($file_name == $fn_email_list)
{
$isHasList = true;
}

if ($file_name == $fn_email_content)
{
$isHasContent = true;
continue;
}
}

if (!$isHasList)
{
print '<script>java script:alert(\'No email list\');window.navigate(\'epaper.php\');</script>';
return null;
}

if (!$isHasContent)
{
print '<script>java script:alert(\'No email content\');window.navigate(\'epaper.php\');</script>';
return null;
}

$strEmailList = readonefile ($epaper_path . $fn_email_list);
$strEmailContent = readonefile ($epaper_path . $fn_email_content);
$aryNames = array ();
$aryEmails = array ();
$idx = 0;
$aryTmp = explode ('
', $strEmailList);
$i = 0;
while ($i < count ($aryTmp))
{
$tt = trim ($aryTmp[$i], '
');
if ($tt != '')
{
$aryTT = explode (',', $tt);
$aryNames[$idx] = $aryTT[0];
$aryEmails[$idx] = $aryTT[1];
++$idx;
}

++$i;
}

$xsubject = (isset ($_POST['xsubject']) ? $_POST['xsubject'] : $_GET['xsubject']);
$rs_send = '';
$i = 0;
while ($i < count ($aryNames))
{
$to = $aryEmails[$i];
$subject = $xsubject;
$message = str_replace ($cus_name, $aryNames[$i], $strEmailContent);
$headers = 'MIME-Version: 1.0
';
$headers .= 'Content-type: text/html; charset=iso-8859-1
';
$headers .= 'To: ' . $aryNames[$i] . ' <' . $aryEmails[$i] . '>
';
$headers .= 'From: ' . $send_from . '
';
$rs = mail ($to, $subject, $message, $headers);
$rs_send .= $aryNames[$i] . ',' . $aryEmails[$i] . '=send_' . ($rs ? 'OK' : 'NO') . '
';
$j = 0;
while ($j < 100000)
{
++$j;
}

++$i;
}

writetologfile ($epaper_path, $rs_send);
print '<script>java script:alert(\'send finish\');window.navigate(\'epaper.php\');</script>';
return null;
}

if ((isset ($vMod) AND $vMod == 'XSEND_ONE'))
{
$isHasContent = false;
$fd = opendir ($epaper_path);
while ($file_name = readdir ($fd))
{
if ($file_name == $fn_email_content)
{
$isHasContent = true;
continue;
}
}

if (!$isHasContent)
{
print '<script>java script:alert(\'No email content\');window.navigate(\'epaper.php\');</script>';
return null;
}

$strEmailContent = readonefile ($epaper_path . $fn_email_content);
$xname = (isset ($_POST['xname']) ? $_POST['xname'] : $_GET['xname']);
$xemail = (isset ($_POST['xemail']) ? $_POST['xemail'] : $_GET['xemail']);
$xsubject = (isset ($_POST['xsubject']) ? $_POST['xsubject'] : $_GET['xsubject']);
$to = $xemail;
$subject = $xsubject;
$message = str_replace ($cus_name, $xname, $strEmailContent);
$headers = 'MIME-Version: 1.0
';
$headers .= 'Content-type: text/html; charset=iso-8859-1
';
$headers .= 'To: ' . $xname . ' <' . $xemail . '>
';
$headers .= 'From: ' . $send_from . '
';
echo 'TO=[' . $to . ']<br>';
echo 'subject=[' . $subject . ']<br>';
echo 'message=[' . $message . ']<br>';
$rs = mail ($to, $subject, $message, $headers);
print '<script>java script:alert(\'send finish=' . ($rs ? 'OK' : 'NO') . '\');window.navigate(\'epaper.php\');</script>';
return null;
}

echo '
';
?>



laugh.gif w00t.gif Stii ca ai warn pentru asta nu?laugh.gif w00t.gif

PS: eu zic ca ar trebui pus la sticky postul ,plus tutoriale foarte explicite de la cei mai destionici oameni ai linuxului , despre reverse shell exploit-uri si alte lucruri minunate pentru care se merita sa inveti linuxul. yes.gif deadtongue.gif
lord_ice
25th March 2008, 12:42
Un thread facut pentru lauda sau ce? Ma rog, eu te-as bana permanent pentru ideile astea marete...
Reclama
A minute ago
In curand... autoevolution.ro

Teste, stiri, ghiduri, jurnale, forum si multe altele!
Aceasta este o versiune simplificatã a paginii originale. Pentru a vizita versiunea originala click aici.